From kaushalshriyan@gmail.com  Thu Jan  2 18:42:42 2014
Return-Path: <kaushalshriyan@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 001CC1AC4AB for <oauth@ietfa.amsl.com>; Thu,  2 Jan 2014 18:42:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.1
X-Spam-Level: 
X-Spam-Status: No, score=-0.1 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zuScBy1vA5eR for <oauth@ietfa.amsl.com>; Thu,  2 Jan 2014 18:42:40 -0800 (PST)
Received: from mail-bk0-x230.google.com (mail-bk0-x230.google.com [IPv6:2a00:1450:4008:c01::230]) by ietfa.amsl.com (Postfix) with ESMTP id 66F661AC403 for <oauth@ietf.org>; Thu,  2 Jan 2014 18:42:40 -0800 (PST)
Received: by mail-bk0-f48.google.com with SMTP id r7so4775043bkg.35 for <oauth@ietf.org>; Thu, 02 Jan 2014 18:42:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=LvoBWBSYB/EBNW8LevLL5Mm57a+1GADQKVNtzLsdyo0=; b=fYbZ0TrQO/iXeiMbA5WeFPt8+vMjM4IkxaPwoKSXQ1XeSnSQkB40Dp2/IG0dVFdSF4 6la+jvNIq/CdMIew++CLljOvdqYof7wQ9LWARDZSIUUB3HZnJv5VQXRfWfR7v5aUG5Ok 2AwMswFSBUuZHfPxLfyziteQodDCjMpHmpBJj3ShSXMMl/oytD1iEnS55FhpF4ZahLuW YVtEowQU6iJorOl/aIMQkddvooS8oir+ppU/uxdbJrfErrRtq7V1O1xQUUpWPmnecqo2 zUeH7NqR9QYanJlICSnq8TLv4utW15T1NA51vRGUm8clmnYRmSQWOCr5wd3lsH7WZHrb SFPg==
X-Received: by 10.205.43.200 with SMTP id ud8mr74734bkb.39.1388716952731; Thu, 02 Jan 2014 18:42:32 -0800 (PST)
MIME-Version: 1.0
Received: by 10.204.169.75 with HTTP; Thu, 2 Jan 2014 18:42:12 -0800 (PST)
From: Kaushal Shriyan <kaushalshriyan@gmail.com>
Date: Thu, 2 Jan 2014 19:42:12 -0700
Message-ID: <CAD7Ssm9p6di9rYeEdOvH2eEWayL81fPSS=d24tcMeukhP8kfVw@mail.gmail.com>
To: oauth@ietf.org
Content-Type: multipart/alternative; boundary=bcaec52bef6da9718c04ef07dc58
Subject: [OAUTH-WG] Books or Tutorials to know about OAuth
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jan 2014 02:42:42 -0000

--bcaec52bef6da9718c04ef07dc58
Content-Type: text/plain; charset=ISO-8859-1

Hi,

Are there tutorials or books to learn about OAuth Specifications?

Regards,

Kaushal

--bcaec52bef6da9718c04ef07dc58
Content-Type: text/html; charset=ISO-8859-1

<div dir="ltr">Hi,<div><br></div><div>Are there tutorials or books to learn about OAuth Specifications?</div><div><br></div><div>Regards,</div><div><br></div><div>Kaushal</div></div>

--bcaec52bef6da9718c04ef07dc58--

From bcampbell@pingidentity.com  Fri Jan  3 08:11:36 2014
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C87E71ADF0F for <oauth@ietfa.amsl.com>; Fri,  3 Jan 2014 08:11:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.577
X-Spam-Level: 
X-Spam-Status: No, score=-3.577 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZHt7W7UIxLgS for <oauth@ietfa.amsl.com>; Fri,  3 Jan 2014 08:11:34 -0800 (PST)
Received: from na3sys009aog135.obsmtp.com (na3sys009aog135.obsmtp.com [74.125.149.84]) by ietfa.amsl.com (Postfix) with ESMTP id 5D0491ADEB7 for <oauth@ietf.org>; Fri,  3 Jan 2014 08:11:34 -0800 (PST)
Received: from mail-ig0-f181.google.com ([209.85.213.181]) (using TLSv1) by na3sys009aob135.postini.com ([74.125.148.12]) with SMTP ID DSNKUsbhL5IhQyFklg8kHLUKVAIRWFVmCpzN@postini.com; Fri, 03 Jan 2014 08:11:27 PST
Received: by mail-ig0-f181.google.com with SMTP id k19so1402910igc.2 for <oauth@ietf.org>; Fri, 03 Jan 2014 08:11:26 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=1h6eqzv7uVd70rRCQom1HXVBtJ0Qkp8di/RIvh+l6eA=; b=ARpd9p9yKhKwsJde87VolH0mGoWkNLaNCMXB0xWh2ClFohqymQGf3Gd444zc/6UOxx HdCw6cyQy2S5GZehEC0rB1JkVqJXQRaE5j7ub3hxNw6OSqUZxjpDai7ygbxZts+F5va1 DCojqqPCVHIOv45ivW+z5j0PhBu3R7trdT9RZiVvgynsa1SIw+G2ts+2qcnpltBEQ5/p aYCe6jgu7NLj4+CAAFgux0B1r7gzJm3TztuhIebpkIlDny17sizUp+sHQu5lBOFkHlFo +7MycRr0zE9yheGd/mrYcFJgDOg2kbtb7R1csKu5AdiWXjTg1qpC/Hv6MCZb67s01eJL jAqg==
X-Gm-Message-State: ALoCoQkFTRxVrAaXR/vuuq/smz3dNledo6d56FU3SHS+7InhyLxhw+DWcMd5qQ15Aewazh7uBSHVXwSRj6ijAJtRPFsyry7Buyx/c9Ru+Phff4FE2ZI6NDxU9C17jt79yraBF9L4cmkz4O75gbPQb8g6sQ6PIWXKuw==
X-Received: by 10.50.79.138 with SMTP id j10mr3831489igx.2.1388765486730; Fri, 03 Jan 2014 08:11:26 -0800 (PST)
X-Received: by 10.50.79.138 with SMTP id j10mr3831478igx.2.1388765486603; Fri, 03 Jan 2014 08:11:26 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.245.233 with HTTP; Fri, 3 Jan 2014 08:10:56 -0800 (PST)
In-Reply-To: <CAD7Ssm9p6di9rYeEdOvH2eEWayL81fPSS=d24tcMeukhP8kfVw@mail.gmail.com>
References: <CAD7Ssm9p6di9rYeEdOvH2eEWayL81fPSS=d24tcMeukhP8kfVw@mail.gmail.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 3 Jan 2014 09:10:56 -0700
Message-ID: <CA+k3eCRJX5_ibmESK5v2j9GsFiSF-fOqt-C3vot2QwMP=KmUyQ@mail.gmail.com>
To: Kaushal Shriyan <kaushalshriyan@gmail.com>
Content-Type: multipart/alternative; boundary=089e0122ab74817ce704ef132913
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Books or Tutorials to know about OAuth
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jan 2014 16:11:37 -0000

--089e0122ab74817ce704ef132913
Content-Type: text/plain; charset=ISO-8859-1

It's a little dated now but I posted the slides from an talk on OAuth I
gave a while back that might be helpful:
http://www.slideshare.net/briandavidcampbell/oauth-101-secure-apis-2012-cloud-identity-summit-2012


On Thu, Jan 2, 2014 at 7:42 PM, Kaushal Shriyan <kaushalshriyan@gmail.com>wrote:

> Hi,
>
> Are there tutorials or books to learn about OAuth Specifications?
>
> Regards,
>
> Kaushal
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>

--089e0122ab74817ce704ef132913
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">It&#39;s a little dated now but I posted the slides from a=
n talk on OAuth I gave a while back that might be helpful:=A0 <a href=3D"ht=
tp://www.slideshare.net/briandavidcampbell/oauth-101-secure-apis-2012-cloud=
-identity-summit-2012">http://www.slideshare.net/briandavidcampbell/oauth-1=
01-secure-apis-2012-cloud-identity-summit-2012</a><br>

</div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Thu,=
 Jan 2, 2014 at 7:42 PM, Kaushal Shriyan <span dir=3D"ltr">&lt;<a href=3D"m=
ailto:kaushalshriyan@gmail.com" target=3D"_blank">kaushalshriyan@gmail.com<=
/a>&gt;</span> wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr">Hi,<div><br></div><div>Are =
there tutorials or books to learn about OAuth Specifications?</div><div><br=
>
</div>
<div>Regards,</div><div><br></div><div>Kaushal</div></div>
<br>_______________________________________________<br>
OAuth mailing list<br>
<a href=3D"mailto:OAuth@ietf.org">OAuth@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/oauth" target=3D"_blank">h=
ttps://www.ietf.org/mailman/listinfo/oauth</a><br>
<br></blockquote></div><br></div>

--089e0122ab74817ce704ef132913--

From derek@ihtfp.com  Tue Jan  7 10:34:07 2014
Return-Path: <derek@ihtfp.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E53F1ADF98 for <oauth@ietfa.amsl.com>; Tue,  7 Jan 2014 10:34:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level: 
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_20=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VvNqKc0NO8PN for <oauth@ietfa.amsl.com>; Tue,  7 Jan 2014 10:34:05 -0800 (PST)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) by ietfa.amsl.com (Postfix) with ESMTP id 24CB61ADEB1 for <oauth@ietf.org>; Tue,  7 Jan 2014 10:34:05 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 258CFE2472 for <oauth@ietf.org>; Tue,  7 Jan 2014 13:33:55 -0500 (EST)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 29708-10 for <oauth@ietf.org>; Tue,  7 Jan 2014 13:33:54 -0500 (EST)
Received: from mocana.ihtfp.org (unknown [IPv6:fe80::224:d7ff:fee7:8924]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 07C8CE246B for <oauth@ietf.org>; Tue,  7 Jan 2014 13:33:54 -0500 (EST)
Received: (from warlord@localhost) by mocana.ihtfp.org (8.14.7/8.14.7/Submit) id s07IXrtR005687; Tue, 7 Jan 2014 13:33:53 -0500
From: Derek Atkins <derek@ihtfp.com>
To: oauth@ietf.org
Date: Tue, 07 Jan 2014 13:33:52 -0500
Message-ID: <sjmbnzn1w1b.fsf@mocana.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Subject: [OAUTH-WG] Request for Agenda Items for IETF-89
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jan 2014 18:34:07 -0000

Happy new year everyone.  I hope you all had a great holiday break, but
now it's time to get down and dirty and get the OAUTH documents out the
door.  IETF-89 in London is coming sooner than you think.  I'd like to
ask each of you for agenda items to bring up at the meeting.  In
particular:

Document Authors/Editors:  Please work up a status report for your
documents, and come up with a list of open issues that you think need
discussion time.  Please include a time estimate.

Proposed documents:  If you have proposed work, please let me know how
much time you'll need.

Other issues:  If you have other issues that require dedicated time,
please let me know too!

Thanks,

-derek, OAuth co-chair
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

From torsten@lodderstedt.net  Wed Jan  8 10:51:54 2014
Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6FDD1AE0E9 for <oauth@ietfa.amsl.com>; Wed,  8 Jan 2014 10:51:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level: 
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pcWKULlVYTVH for <oauth@ietfa.amsl.com>; Wed,  8 Jan 2014 10:51:52 -0800 (PST)
Received: from smtprelay02.ispgateway.de (smtprelay02.ispgateway.de [80.67.31.25]) by ietfa.amsl.com (Postfix) with ESMTP id C56B81AE0AF for <oauth@ietf.org>; Wed,  8 Jan 2014 10:51:51 -0800 (PST)
Received: from [79.253.53.253] (helo=[192.168.71.64]) by smtprelay02.ispgateway.de with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.68) (envelope-from <torsten@lodderstedt.net>) id 1W0yE9-0002N5-73; Wed, 08 Jan 2014 19:51:41 +0100
Message-ID: <52CD9E3E.40106@lodderstedt.net>
Date: Wed, 08 Jan 2014 19:51:42 +0100
From: Torsten Lodderstedt <torsten@lodderstedt.net>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Brian Campbell <bcampbell@pingidentity.com>, oauth <oauth@ietf.org>
References: <CA+k3eCTfa6iVEc9NUkRHppWovpGCSR0HjknX2vNmTw105NztfA@mail.gmail.com>
In-Reply-To: <CA+k3eCTfa6iVEc9NUkRHppWovpGCSR0HjknX2vNmTw105NztfA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------020409070300080808000702"
X-Df-Sender: dG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQ=
Subject: Re: [OAUTH-WG] Question on RFC 7009 OAuth 2.0 Token Revocation
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2014 18:51:55 -0000

This is a multi-part message in MIME format.
--------------020409070300080808000702
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Hi Brian,

this particular sentence is intended to specify the structure of the 
revocation URL only. It refers to this text in RFC 6749:

"The endpoint URI MAY include an "application/x-www-form-urlencoded"
    formatted (per Appendix B) query component ([RFC3986] Section 3.4), 
which MUST be retained when adding additional query parameters.  The 
endpoint URI MUST NOT include a fragment component.",

which is equivalent for authz and token endpoint.

I see your point, it seems to confuse (at least) a bit. In 
retrospective, it would have been a better idea to copy the text.

The reference in section 2.1 is wrong, it should point to RFC 6749 
(http://tools.ietf.org/html/rfc6749#section-2.3).

regards,
Torsten.

Am 13.12.2013 00:42, schrieb Brian Campbell:
> The second paragraph of section 2 of RFC 7009 [1] says that the 
> revocation endpoint must conform to the rules in section 3.1 of RFC 
> 6749 (The OAuth 2.0 Authorization Framework) [2] but that section is 
> about the *Authorization Endpoint*, which doesn't make much sense to 
> me. The resource owner is involved with the authorization endpoint but 
> not with the revocation endpoint. The authorization endpoint MUST 
> accept GET and MAY accept POST while the revocation endpoint always 
> accepts POST except for the JSONP support which is just a MAY for GET. 
> There's also talk elsewhere in RFC 7009 about client authentication, 
> which only happens at the token endpoint, not the authorization 
> endpoint (note that the link in in 2.1 of RFC 7009 [3] that should go 
> to 2.3 of RFC6749 actually links back to itself).
>
> Is the reference a mistake in RFC 7009? If not, could someone explain 
> what the intent was there or what it really means?
>
> Thanks for any clarification!
>
> [1] http://tools.ietf.org/html/rfc7009#section-2
> [2] http://tools.ietf.org/html/rfc6749#section-3.1
> [3] http://tools.ietf.org/html/rfc7009#section-2.1
>
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth


--------------020409070300080808000702
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    Hi Brian,<br>
    <br>
    this particular sentence is intended to specify the structure of the
    revocation URL only. It refers to this text in RFC 6749: <br>
    <br>
    "The endpoint URI MAY include an "application/x-www-form-urlencoded"<br>
    &nbsp;&nbsp; formatted (per Appendix B) query component ([RFC3986] Section
    3.4), which MUST be retained when adding additional query
    parameters.&nbsp; The endpoint URI MUST NOT include a fragment
    component.", <br>
    <br>
    which is equivalent for authz and token endpoint. <br>
    <br>
    I see your point, it seems to confuse (at least) a bit. In
    retrospective, it would have been a better idea to copy the text.<br>
    <br>
    The reference in section 2.1 is wrong, it should point to RFC 6749
    (<a class="moz-txt-link-freetext" href="http://tools.ietf.org/html/rfc6749#section-2.3">http://tools.ietf.org/html/rfc6749#section-2.3</a>).<br>
    <br>
    regards,<br>
    Torsten.<br>
    <br>
    Am 13.12.2013 00:42, schrieb Brian Campbell:<br>
    <blockquote
cite="mid:CA+k3eCTfa6iVEc9NUkRHppWovpGCSR0HjknX2vNmTw105NztfA@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div>
          <div>The second paragraph of section 2 of RFC 7009 [1] says
            that the revocation endpoint must conform to the rules in
            section 3.1 of RFC 6749 (The OAuth 2.0 Authorization
            Framework) [2] but that section is about the *Authorization
            Endpoint*, which doesn't make much sense to me. The resource
            owner is involved with the authorization endpoint but not
            with the revocation endpoint. The authorization endpoint
            MUST accept GET and MAY accept POST while the revocation
            endpoint always accepts POST except for the JSONP support
            which is just a MAY for GET. There's also talk elsewhere in
            RFC 7009 about client authentication, which only happens at
            the token endpoint, not the authorization endpoint (note
            that the link in in 2.1 of RFC 7009 [3] that should go to
            2.3 of RFC6749 actually links back to itself).<br>
          </div>
          <div>
            <br>
          </div>
          Is the reference a mistake in RFC 7009? If not, could someone
          explain what the intent was there or what it really means?<br>
          <br>
        </div>
        <div>Thanks for any clarification!<br>
        </div>
        <div><br>
          <div>[1] <a moz-do-not-send="true"
              href="http://tools.ietf.org/html/rfc7009#section-2"
              target="_blank">http://tools.ietf.org/html/rfc7009#section-2</a><br>
            [2] <a moz-do-not-send="true"
              href="http://tools.ietf.org/html/rfc6749#section-3.1"
              target="_blank">http://tools.ietf.org/html/rfc6749#section-3.1</a><br>
            [3] <a moz-do-not-send="true"
              href="http://tools.ietf.org/html/rfc7009#section-2.1">http://tools.ietf.org/html/rfc7009#section-2.1</a><br>
            <br>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
OAuth mailing list
<a class="moz-txt-link-abbreviated" href="mailto:OAuth@ietf.org">OAuth@ietf.org</a>
<a class="moz-txt-link-freetext" href="https://www.ietf.org/mailman/listinfo/oauth">https://www.ietf.org/mailman/listinfo/oauth</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>

--------------020409070300080808000702--

From internet-drafts@ietf.org  Wed Jan 15 08:30:27 2014
Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DD9B1AE450; Wed, 15 Jan 2014 08:30:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cF55XjEnlw8U; Wed, 15 Jan 2014 08:30:25 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BD5641AE451; Wed, 15 Jan 2014 08:30:24 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.90.p2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140115163024.12994.61362.idtracker@ietfa.amsl.com>
Date: Wed, 15 Jan 2014 08:30:24 -0800
Cc: oauth@ietf.org
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-http-mac-05.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jan 2014 16:30:27 -0000

A New Internet-Draft is available from the on-line Internet-Drafts director=
ies.
 This draft is a work item of the Web Authorization Protocol Working Group =
of the IETF.

        Title           : OAuth 2.0 Message Authentication Code (MAC) Tokens
        Authors         : Justin Richer
                          William Mills
                          Hannes Tschofenig
                          Phil Hunt
	Filename        : draft-ietf-oauth-v2-http-mac-05.txt
	Pages           : 37
	Date            : 2014-01-15

Abstract:
   This specification describes how to use MAC Tokens in HTTP requests
   to access OAuth 2.0 protected resources.  An OAuth client willing to
   access a protected resource needs to demonstrate possession of a
   cryptographic key by using it with a keyed message digest function to
   the request.

   The document also defines a key distribution protocol for obtaining a
   fresh session key.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-v2-http-mac/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-oauth-v2-http-mac-05


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/


From hannes.tschofenig@gmx.net  Thu Jan 16 16:54:12 2014
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB6E41AC4A3 for <oauth@ietfa.amsl.com>; Thu, 16 Jan 2014 16:54:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.438
X-Spam-Level: 
X-Spam-Status: No, score=-2.438 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QXBcQOwy-65i for <oauth@ietfa.amsl.com>; Thu, 16 Jan 2014 16:54:10 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) by ietfa.amsl.com (Postfix) with ESMTP id 52AEF1AC441 for <oauth@ietf.org>; Thu, 16 Jan 2014 16:54:10 -0800 (PST)
Received: from [192.168.10.195] ([2.101.189.123]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MC7em-1WCj7V0wkK-008qj8 for <oauth@ietf.org>; Fri, 17 Jan 2014 01:53:57 +0100
Message-ID: <52D87F23.2080508@gmx.net>
Date: Fri, 17 Jan 2014 00:53:55 +0000
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: oauth@ietf.org
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Provags-ID: V03:K0:RfqveD3mTtfcLbRJkFLFV+fJZLn7IFRlTK+mhvvX0ZkUKi5wH8W 6T3EUpH3736msVZUGr2pwsx90RZh63rUKXSJLeZb1u/DE+1c206FkkxBnhixfmswimXMpIE UWMHNPGbT1HAm57IZMQmeFZp/aP3b7MoKcQ/dowpbgt7NvFmnBfb6i7nU4ZrNn1F1PNB+n9 qHMx35lv7GJp+8/FEGeKA==
Subject: [OAUTH-WG] Status Conference Call
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2014 00:54:12 -0000

Hi all,

I thought it would be useful to have a conference call to talk with the
document authors/editors about the current document status.
I am happy to have others participate in the call, if they are interested.

For those interested in participating please indicate your availability
here:
http://moreganize.com/b3D1LpFfcMk

Please provide your input ASAP.

Ciao
Hannes


From ceojamendo@gmail.com  Sat Jan 18 14:23:06 2014
Return-Path: <ceojamendo@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 116291ADFD7 for <oauth@ietfa.amsl.com>; Sat, 18 Jan 2014 14:23:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.398
X-Spam-Level: 
X-Spam-Status: No, score=-1.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_44=0.6, SPF_PASS=-0.001, TVD_SPACE_RATIO=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pTe27X-ALbec for <oauth@ietfa.amsl.com>; Sat, 18 Jan 2014 14:23:05 -0800 (PST)
Received: from mail-ob0-x230.google.com (mail-ob0-x230.google.com [IPv6:2607:f8b0:4003:c01::230]) by ietfa.amsl.com (Postfix) with ESMTP id 1EC021AD7C2 for <oauth@ietf.org>; Sat, 18 Jan 2014 14:23:05 -0800 (PST)
Received: by mail-ob0-f176.google.com with SMTP id gq1so3808485obb.35 for <oauth@ietf.org>; Sat, 18 Jan 2014 14:22:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=khcW6osanpWQyrbfwTLL1r8N/1cA5alIQt1GE1ctGow=; b=FAIP2674q7Acl2Ys1q8pMBShTBkffJgKKtQIDk1RN8kGdnJjXJJlQyp/6jaeu0oeYR xQvl46a5TCJOM4nKrBszGlrafaJzfqw4nSjj1Jc2lTDbkkpm7rHUS+YhdU+tuAaT/AAq 7wVkYcl4Fufqqzn9r36XWMDHyjco77w5UhwJHpVHNMs9SMGUakc2s5pxtQOAMZFba9nO DzsyUa7zTDk2uiIN0aZ1yzu2i7uucSC0nRZjGs8ogWW3COn+LlGR5ATiM99rzCAKc3wM tAy9iX0+OZzvGuNxWGwnkSDj531NnCi2BAb0KQiFD7rhatC7lHKw+ESO2roA0qVY4gJa 1jmw==
MIME-Version: 1.0
X-Received: by 10.60.137.201 with SMTP id qk9mr8237488oeb.41.1390083771957; Sat, 18 Jan 2014 14:22:51 -0800 (PST)
Received: by 10.182.84.225 with HTTP; Sat, 18 Jan 2014 14:22:51 -0800 (PST)
Received: by 10.182.84.225 with HTTP; Sat, 18 Jan 2014 14:22:51 -0800 (PST)
Date: Sat, 18 Jan 2014 14:22:51 -0800
Message-ID: <CAO4y0cN8wxC04xd3_SUOJwtxs48KUqvTeugbs0juuHivbv9ZPw@mail.gmail.com>
From: Sarah Johansen <ceojamendo@gmail.com>
To: oauth@ietf.org
Content-Type: multipart/alternative; boundary=047d7b33cdfc6f891504f046196c
Subject: [OAUTH-WG] (no subject)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Jan 2014 22:23:06 -0000

--047d7b33cdfc6f891504f046196c
Content-Type: text/plain; charset=UTF-8

Where. what,when

Sarah-E-Johansen

--047d7b33cdfc6f891504f046196c
Content-Type: text/html; charset=UTF-8

<p dir="ltr">Where. what,when<br></p>
<p dir="ltr">Sarah-E-Johansen</p>

--047d7b33cdfc6f891504f046196c--

From hannes.tschofenig@gmx.net  Mon Jan 20 13:19:40 2014
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8FCF1A0225 for <oauth@ietfa.amsl.com>; Mon, 20 Jan 2014 13:19:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.536
X-Spam-Level: 
X-Spam-Status: No, score=-0.536 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KPAQ34rkF_R6 for <oauth@ietfa.amsl.com>; Mon, 20 Jan 2014 13:19:38 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) by ietfa.amsl.com (Postfix) with ESMTP id 3563C1A01C5 for <oauth@ietf.org>; Mon, 20 Jan 2014 13:19:37 -0800 (PST)
Received: from [192.168.10.200] ([2.101.189.123]) by mail.gmx.com (mrgmx003) with ESMTPSA (Nemesis) id 0LhOvA-1VaRHT19pw-00mbuC for <oauth@ietf.org>; Mon, 20 Jan 2014 22:19:36 +0100
Message-ID: <52DD92E4.8040600@gmx.net>
Date: Mon, 20 Jan 2014 21:19:32 +0000
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: oauth@ietf.org
X-Enigmail-Version: 1.5.2
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="jC1OmjDbhLcDqhndSXc2q8ov4nLlbVaPt"
X-Provags-ID: V03:K0:WPd+UHGs+28Ar0d6CtqRY0j7KUFeQH4U1Cv62e4gqkLLke/tfWp X6jc+qbGetcT4bG3agjM8XtCItZD1ydtj5NrWfW6hpAyX/kXA0nIhDBeANDW00jL3JbljDT uTvu43Cp8thivCEw7Fv1jpZDC82NXBgIn0dl2UxerdOWF7OwkTbLNcPadw5U4wHlawbDpme +ReMcpvcaBHdC+CNCwx5g==
Subject: [OAUTH-WG] Status Conference Call -- Tue 28, 4pm UTC
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jan 2014 21:19:40 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--jC1OmjDbhLcDqhndSXc2q8ov4nLlbVaPt
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi all,

based on your feedback we have a short status conference call on Tue 28,
4pm UTC. Time at other locations:

http://www.timeanddate.com/worldclock/meetingdetails.html?year=3D2014&mon=
th=3D1&day=3D28&hour=3D16&min=3D0&sec=3D0&p1=3D136&p2=3D179&p3=3D137

Conference call will be distributed in time.

Ciao
Hannes



--jC1OmjDbhLcDqhndSXc2q8ov4nLlbVaPt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCgAGBQJS3ZLkAAoJEGhJURNOOiAtw8kIAKdlUVhBWPDM5DR+6ffOIyRk
pJWzxsHDmCzM7yHjk5bejaESblrss8QZbCd1CkErLlHp/Jmag38W8ej1JU0tokRZ
KpjbkHonhGyWewHIjvfMAJw16BvTbqZTzHz1U8aNwnmQJrlRxe19kgURvneNdfm3
ukNwKfcWEUMGFodVqlHa/5Fwih3cm/2nNlNuciLverEdGI0WvMwGOYkBB0f8xrK0
pD7MpjRLHH49TM3cacKHkEbZl+K5skzcxnsjReikNE+suUlpYiQDC/ni7B5cYQLV
mQviNEFw87x6C6lTYPRHfS5Ep4IwRtgikZej3pTxEPluhhBd6wuQFmJkoaNFIBw=
=RvPd
-----END PGP SIGNATURE-----

--jC1OmjDbhLcDqhndSXc2q8ov4nLlbVaPt--

From internet-drafts@ietf.org  Mon Jan 20 22:34:02 2014
Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 983371A0020; Mon, 20 Jan 2014 22:34:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HCWnDHHahFMh; Mon, 20 Jan 2014 22:34:01 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id EF5CA1A029F; Mon, 20 Jan 2014 22:33:59 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.90.p2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140121063359.20463.53561.idtracker@ietfa.amsl.com>
Date: Mon, 20 Jan 2014 22:33:59 -0800
Cc: oauth@ietf.org
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-json-web-token-15.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2014 06:34:02 -0000

A New Internet-Draft is available from the on-line Internet-Drafts director=
ies.
 This draft is a work item of the Web Authorization Protocol Working Group =
of the IETF.

        Title           : JSON Web Token (JWT)
        Authors         : Michael B. Jones
                          John Bradley
                          Nat Sakimura
	Filename        : draft-ietf-oauth-json-web-token-15.txt
	Pages           : 29
	Date            : 2014-01-20

Abstract:
   JSON Web Token (JWT) is a compact URL-safe means of representing
   claims to be transferred between two parties.  The claims in a JWT
   are encoded as a JavaScript Object Notation (JSON) object that is
   used as the payload of a JSON Web Signature (JWS) structure or as the
   plaintext of a JSON Web Encryption (JWE) structure, enabling the
   claims to be digitally signed or MACed and/or encrypted.

   The suggested pronunciation of JWT is the same as the English word
   "jot".


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-json-web-token/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-15

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-oauth-json-web-token-15


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/


From Michael.Jones@microsoft.com  Mon Jan 20 23:18:39 2014
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B3521A0053; Mon, 20 Jan 2014 23:18:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.641
X-Spam-Level: 
X-Spam-Status: No, score=-1.641 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D-v1tpeBTKmq; Mon, 20 Jan 2014 23:18:36 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1blp0185.outbound.protection.outlook.com [207.46.163.185]) by ietfa.amsl.com (Postfix) with ESMTP id EFA7C1A005E; Mon, 20 Jan 2014 23:18:35 -0800 (PST)
Received: from BL2PR03CA016.namprd03.prod.outlook.com (10.141.66.24) by BL2PR03MB099.namprd03.prod.outlook.com (10.255.230.22) with Microsoft SMTP Server (TLS) id 15.0.847.13; Tue, 21 Jan 2014 07:18:34 +0000
Received: from BL2FFO11FD051.protection.gbl (2a01:111:f400:7c09::107) by BL2PR03CA016.outlook.office365.com (2a01:111:e400:c1b::24) with Microsoft SMTP Server (TLS) id 15.0.847.13 via Frontend Transport; Tue, 21 Jan 2014 07:18:34 +0000
Received: from mail.microsoft.com (131.107.125.37) by BL2FFO11FD051.mail.protection.outlook.com (10.173.161.213) with Microsoft SMTP Server (TLS) id 15.0.847.12 via Frontend Transport; Tue, 21 Jan 2014 07:18:34 +0000
Received: from TK5EX14MBXC286.redmond.corp.microsoft.com ([169.254.1.67]) by TK5EX14HUBC104.redmond.corp.microsoft.com ([157.54.80.25]) with mapi id 14.03.0174.002; Tue, 21 Jan 2014 07:18:08 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: JOSE -20 drafts intended for Working Group Last Call
Thread-Index: Ac8WeO1IXqqRdYRLSV67VQhbEGuKOg==
Date: Tue, 21 Jan 2014 07:18:08 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739437CDBA9E9@TK5EX14MBXC286.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [157.54.51.32]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739437CDBA9E9TK5EX14MBXC286r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009001)(199002)(189002)(47736001)(56816005)(6806004)(85806002)(15202345003)(76796001)(79102001)(512954002)(74502001)(74662001)(81542001)(81816001)(15975445006)(55846006)(46102001)(56776001)(31966008)(44976005)(85852003)(49866001)(76786001)(47976001)(50986001)(93516002)(85306002)(19300405004)(86362001)(74706001)(77096001)(33656001)(47446002)(2656002)(65816001)(87266001)(93136001)(83072002)(76176001)(74876001)(80976001)(80022001)(66066001)(74366001)(54356001)(20776003)(83322001)(63696002)(54316002)(59766001)(76482001)(81686001)(19580395003)(53806001)(84326002)(90146001)(16297215004)(69226001)(81342001)(71186001)(77982001)(92726001)(92566001)(51856001)(16236675002)(87936001)(4396001)(6606295002); DIR:OUT; SFP:1101; SCL:1; SRVR:BL2PR03MB099; H:mail.microsoft.com; CLIP:131.107.125.37; FPR:; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en; 
X-O365ENT-EOP-Header: Message processed by -  O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0098BA6C6C
X-OriginatorOrg: microsoft.com
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: [OAUTH-WG] JOSE -20 drafts intended for Working Group Last Call
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2014 07:18:39 -0000

--_000_4E1F6AAD24975D4BA5B16804296739437CDBA9E9TK5EX14MBXC286r_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

JSON Object Signing and Encryption (JOSE) -20 drafts have been published th=
at incorporate the changes agreed to on last week's JOSE working group call=
. Hopefully this brings us to the point of Working Group Last Call.

The only normative changes were to change the name of the "use_details" JWK=
 member to "key_ops" and to clarify that "use" is meant for public key use =
cases, "key_ops" is meant for use cases in which public, private, or symmet=
ric keys may be present, and that "use" and "key_ops" should not be used to=
gether.

The drafts, including JSON Web Token (JWT), now also reference draft-ietf-j=
son-rfc4627bis, rather than RFC 4627.

The drafts are available at:

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-20

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-20

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-key-20

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-20

*        http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-15

HTML formatted versions are also available at:

*        http://self-issued.info/docs/draft-ietf-jose-json-web-signature-20=
.html

*        http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-2=
0.html

*        http://self-issued.info/docs/draft-ietf-jose-json-web-key-20.html

*        http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-2=
0.html

*        http://self-issued.info/docs/draft-ietf-oauth-json-web-token-15.ht=
ml

This notification has also been posted at http://self-issued.info/?p=3D1168=
 and on Twitter as @selfissued.

                                                            -- Mike


--_000_4E1F6AAD24975D4BA5B16804296739437CDBA9E9TK5EX14MBXC286r_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:1098254242;
	mso-list-type:hybrid;
	mso-list-template-ids:-264357738 67698689 67698691 67698693 67698689 67698=
691 67698693 67698689 67698691 67698693;}
@list l0:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1
	{mso-list-id:1292976506;
	mso-list-type:hybrid;
	mso-list-template-ids:714098162 67698689 67698691 67698693 67698689 676986=
91 67698693 67698689 67698691 67698693;}
@list l1:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal">JSON Object Signing and Encryption (JOSE) -20 drafts=
 have been published that incorporate the changes agreed to on last week&#8=
217;s JOSE working group call. Hopefully this brings us to the point of Wor=
king Group Last Call.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">The only normative changes were to change the name o=
f the &#8220;<span style=3D"font-family:&quot;Courier New&quot;">use_detail=
s</span>&#8221; JWK member to &#8220;<span style=3D"font-family:&quot;Couri=
er New&quot;">key_ops</span>&#8221; and to clarify that &#8220;<span style=
=3D"font-family:&quot;Courier New&quot;">use</span>&#8221;
 is meant for public key use cases, &#8220;<span style=3D"font-family:&quot=
;Courier New&quot;">key_ops</span>&#8221; is meant for use cases in which p=
ublic, private, or symmetric keys may be present, and that &#8220;<span sty=
le=3D"font-family:&quot;Courier New&quot;">use</span>&#8221; and &#8220;<sp=
an style=3D"font-family:&quot;Courier New&quot;">key_ops</span>&#8221;
 should not be used together.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">The drafts, including JSON Web Token (JWT), now also=
 reference draft-ietf-json-rfc4627bis, rather than RFC 4627.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">The drafts are available at:<o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
ietf-jose-json-web-signature-20">http://tools.ietf.org/html/draft-ietf-jose=
-json-web-signature-20</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
ietf-jose-json-web-encryption-20">http://tools.ietf.org/html/draft-ietf-jos=
e-json-web-encryption-20</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
ietf-jose-json-web-key-20">http://tools.ietf.org/html/draft-ietf-jose-json-=
web-key-20</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
ietf-jose-json-web-algorithms-20">http://tools.ietf.org/html/draft-ietf-jos=
e-json-web-algorithms-20</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
ietf-oauth-json-web-token-15">http://tools.ietf.org/html/draft-ietf-oauth-j=
son-web-token-15</a><o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">HTML formatted versions are also available at:<o:p><=
/o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://self-issued.info/docs/draf=
t-ietf-jose-json-web-signature-20.html">http://self-issued.info/docs/draft-=
ietf-jose-json-web-signature-20.html</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://self-issued.info/docs/draf=
t-ietf-jose-json-web-encryption-20.html">http://self-issued.info/docs/draft=
-ietf-jose-json-web-encryption-20.html</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://self-issued.info/docs/draf=
t-ietf-jose-json-web-key-20.html">http://self-issued.info/docs/draft-ietf-j=
ose-json-web-key-20.html</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://self-issued.info/docs/draf=
t-ietf-jose-json-web-algorithms-20.html">http://self-issued.info/docs/draft=
-ietf-jose-json-web-algorithms-20.html</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://self-issued.info/docs/draf=
t-ietf-oauth-json-web-token-15.html">http://self-issued.info/docs/draft-iet=
f-oauth-json-web-token-15.html</a><o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">This notification has also been posted at <a href=3D=
"http://self-issued.info/?p=3D1168">
http://self-issued.info/?p=3D1168</a> and on Twitter as @selfissued.<o:p></=
o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; --=
 Mike<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</body>
</html>

--_000_4E1F6AAD24975D4BA5B16804296739437CDBA9E9TK5EX14MBXC286r_--

From odonoghue@isoc.org  Wed Jan 22 21:46:09 2014
Return-Path: <odonoghue@isoc.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 506D51A016D; Wed, 22 Jan 2014 21:46:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vU0CQi9MSa0P; Wed, 22 Jan 2014 21:46:07 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1blp0189.outbound.protection.outlook.com [207.46.163.189]) by ietfa.amsl.com (Postfix) with ESMTP id 31C391A003E; Wed, 22 Jan 2014 21:46:07 -0800 (PST)
Received: from kodonog-mac.local (74.214.48.55) by DM2PR06MB591.namprd06.prod.outlook.com (10.141.176.154) with Microsoft SMTP Server (TLS) id 15.0.851.15; Thu, 23 Jan 2014 05:46:05 +0000
Message-ID: <52E0AC98.9090609@isoc.org>
Date: Thu, 23 Jan 2014 00:46:00 -0500
From: Karen O'Donoghue <odonoghue@isoc.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: <oauth@ietf.org>, <saag@ietf.org>, <apps-discuss@ietf.org>, <json@ietf.org>
References: <52E0AB85.1070409@isoc.org>
In-Reply-To: <52E0AB85.1070409@isoc.org>
X-Forwarded-Message-Id: <52E0AB85.1070409@isoc.org>
Content-Type: multipart/alternative; boundary="------------080507020009020703000405"
X-Originating-IP: [74.214.48.55]
X-ClientProxiedBy: BLUPR03CA028.namprd03.prod.outlook.com (10.141.30.21) To DM2PR06MB591.namprd06.prod.outlook.com (10.141.176.154)
X-Forefront-PRVS: 0100732B76
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019001)(2473001)(199002)(189002)(13464003)(41574002)(56816005)(74366001)(49866001)(59896001)(80316001)(76482001)(77982001)(19580405001)(74706001)(54316002)(85306002)(19580395003)(64126003)(77096001)(56776001)(46102001)(87976001)(47976001)(80976001)(94316002)(50986001)(80022001)(4396001)(47736001)(512934002)(76786001)(92726001)(15202345003)(15975445006)(92566001)(85852003)(93136001)(81542001)(79102001)(74876001)(83072002)(63696002)(33656001)(47446002)(76796001)(69226001)(31966008)(65806001)(54356001)(65956001)(2201001)(81342001)(83506001)(81686001)(42186004)(59766001)(51856001)(84326002)(90146001)(83322001)(66066001)(53806001)(93516002)(74502001)(81816001)(74662001)(71186001)(86362001)(16236675002)(36756003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR06MB591; H:kodonog-mac.local; CLIP:74.214.48.55; FPR:; RD:InfoNoRecords; A:1; MX:1; LANG:en; 
X-OriginatorOrg: isoc.org
Subject: [OAUTH-WG] Fwd: WGLC for JWA, JWE, JWK, and JWS
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jan 2014 05:46:09 -0000

--------------080507020009020703000405
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
Content-Transfer-Encoding: 7bit


The JOSE WG has started WGLCs on the documents below. We would like to
encourage this group to review the specifications as well. You are 
welcome to
either use the issue tracker 
(http://tools.ietf.org/wg/jose/trac/report/1) or
send email to the working group. Thanks!


-------- Original Message --------
Subject: 	WGLC for JWA, JWE, JWK, and JWS
Date: 	Thu, 23 Jan 2014 00:41:25 -0500
From: 	Karen O'Donoghue <odonoghue@isoc.org>
To: 	jose@ietf.org <jose@ietf.org>



Folks,

This message initiates three week WGLCs for the four JOSE WG specifications
referenced below:

https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-algorithms/
https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-encryption/
https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-key/
https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-signature/

Please review and comment on the documents and put any issues in the
JOSE WG issue tracker. The WGLC will end on 13 February 2014.

Regards,
JOSE WG co-chairs




--------------080507020009020703000405
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <br>
    The JOSE WG has started WGLCs on the documents below. We would like
    to
    <br>
    encourage this group to review the specifications as well. You are
    welcome to
    <br>
    either use the issue tracker (<a class="moz-txt-link-freetext"
      href="http://tools.ietf.org/wg/jose/trac/report/1">http://tools.ietf.org/wg/jose/trac/report/1</a>)
    or
    <br>
    send email to the working group. Thanks!<br>
    <div class="moz-forward-container"><br>
      <br>
      -------- Original Message --------
      <table class="moz-email-headers-table" border="0" cellpadding="0"
        cellspacing="0">
        <tbody>
          <tr>
            <th align="RIGHT" valign="BASELINE" nowrap="nowrap">Subject:
            </th>
            <td>WGLC for JWA, JWE, JWK, and JWS</td>
          </tr>
          <tr>
            <th align="RIGHT" valign="BASELINE" nowrap="nowrap">Date: </th>
            <td>Thu, 23 Jan 2014 00:41:25 -0500</td>
          </tr>
          <tr>
            <th align="RIGHT" valign="BASELINE" nowrap="nowrap">From: </th>
            <td>Karen O'Donoghue <a class="moz-txt-link-rfc2396E" href="mailto:odonoghue@isoc.org">&lt;odonoghue@isoc.org&gt;</a></td>
          </tr>
          <tr>
            <th align="RIGHT" valign="BASELINE" nowrap="nowrap">To: </th>
            <td><a class="moz-txt-link-abbreviated" href="mailto:jose@ietf.org">jose@ietf.org</a> <a class="moz-txt-link-rfc2396E" href="mailto:jose@ietf.org">&lt;jose@ietf.org&gt;</a></td>
          </tr>
        </tbody>
      </table>
      <br>
      <br>
      <pre>Folks,

This message initiates three week WGLCs for the four JOSE WG specifications
referenced below:

<a class="moz-txt-link-freetext" href="https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-algorithms/">https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-algorithms/</a>
<a class="moz-txt-link-freetext" href="https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-encryption/">https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-encryption/</a>
<a class="moz-txt-link-freetext" href="https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-key/">https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-key/</a>
<a class="moz-txt-link-freetext" href="https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-signature/">https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-signature/</a>

Please review and comment on the documents and put any issues in the
JOSE WG issue tracker. The WGLC will end on 13 February 2014.

Regards,
JOSE WG co-chairs

</pre>
      <br>
    </div>
    <br>
  </body>
</html>

--------------080507020009020703000405--

From bcampbell@pingidentity.com  Fri Jan 24 13:38:19 2014
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FAC91A013C for <oauth@ietfa.amsl.com>; Fri, 24 Jan 2014 13:38:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.912
X-Spam-Level: 
X-Spam-Status: No, score=-2.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SUDPgBPnIe3K for <oauth@ietfa.amsl.com>; Fri, 24 Jan 2014 13:38:16 -0800 (PST)
Received: from na3sys009aog104.obsmtp.com (na3sys009aog104.obsmtp.com [74.125.149.73]) by ietfa.amsl.com (Postfix) with ESMTP id 3FE7A1A012F for <oauth@ietf.org>; Fri, 24 Jan 2014 13:38:16 -0800 (PST)
Received: from mail-ig0-f176.google.com ([209.85.213.176]) (using TLSv1) by na3sys009aob104.postini.com ([74.125.148.12]) with SMTP ID DSNKUuLdR4RmksycomLrkn6Ojh9/4fkRij1G@postini.com; Fri, 24 Jan 2014 13:38:15 PST
Received: by mail-ig0-f176.google.com with SMTP id j1so3685082iga.3 for <oauth@ietf.org>; Fri, 24 Jan 2014 13:38:14 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=OE4AVC+0xbQVRtUZkxmFV0ikozSEkweWoMmHb+1L5TI=; b=GwE0EP3AYVYKfoXZgPppfquCZn3F1lBU4jXIkGdAd0Mw89xQ2SWAJWCpUdKp/uEG/s OCB52qWLAQGAHvcqcayIN9Njb9yK3Cf1Q37x25d3DN+7NOV4EEw0M/O9zZDjcjtht2JC Q3l3muhtt07ep4x2mFJWYvTxkTJ/E6MRDX2RkMUOykiwoVy2/RriXItGqzssqz0Bxz+u kZvTYPvtFRq8u6D29bALIuN2k8485QQEGBg7YtVRFVgUKHYNvEl7mdzm+A5cutyn9UFC zI58UL++setMrcFulAEkiNb/wyXBu+vnrNiKP7WR93slfLh6S/iS136Aq2vkkmbhcWQ8 dyAg==
X-Gm-Message-State: ALoCoQl9oddQrAw0xMA6/UtEU8mDZpEuIm4wbxzkU4oszuGI3pc8vXebEQUsqkOJMCHSTii1Wu4XIYC229vLZoL4R84bp1Jsx4A8JG47jNyXi3TNXIbCVGflGOCo/eEdEZdLwTdAgm+5E3sYffSzPs6wlgrhhRftQw==
X-Received: by 10.43.161.2 with SMTP id me2mr12813885icc.20.1390599494761; Fri, 24 Jan 2014 13:38:14 -0800 (PST)
X-Received: by 10.43.161.2 with SMTP id me2mr12813881icc.20.1390599494677; Fri, 24 Jan 2014 13:38:14 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.57.101 with HTTP; Fri, 24 Jan 2014 13:37:44 -0800 (PST)
In-Reply-To: <52CD9E3E.40106@lodderstedt.net>
References: <CA+k3eCTfa6iVEc9NUkRHppWovpGCSR0HjknX2vNmTw105NztfA@mail.gmail.com> <52CD9E3E.40106@lodderstedt.net>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 24 Jan 2014 14:37:44 -0700
Message-ID: <CA+k3eCTkQTrR=eo9emTpdLARQGuvMrYpBnPn+hg-Tw-4xsimLQ@mail.gmail.com>
To: Torsten Lodderstedt <torsten@lodderstedt.net>
Content-Type: multipart/alternative; boundary=001a11c2fa92e7cb7304f0be2c02
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Question on RFC 7009 OAuth 2.0 Token Revocation
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jan 2014 21:38:19 -0000

--001a11c2fa92e7cb7304f0be2c02
Content-Type: text/plain; charset=ISO-8859-1

Thanks Torsten,

The intent there definitely makes sense. Thanks for clarifying. And I had
sort of guessed that retaining the query component was what that reference
was trying to do. But a flat reading of the text doesn't convey that, I
don't think. I'd guess the answer is "no" but does this kind of thing
warrant errata consideration?




On Wed, Jan 8, 2014 at 11:51 AM, Torsten Lodderstedt <
torsten@lodderstedt.net> wrote:

>  Hi Brian,
>
> this particular sentence is intended to specify the structure of the
> revocation URL only. It refers to this text in RFC 6749:
>
> "The endpoint URI MAY include an "application/x-www-form-urlencoded"
>    formatted (per Appendix B) query component ([RFC3986] Section 3.4),
> which MUST be retained when adding additional query parameters.  The
> endpoint URI MUST NOT include a fragment component.",
>
> which is equivalent for authz and token endpoint.
>
> I see your point, it seems to confuse (at least) a bit. In retrospective,
> it would have been a better idea to copy the text.
>
> The reference in section 2.1 is wrong, it should point to RFC 6749 (
> http://tools.ietf.org/html/rfc6749#section-2.3).
>
> regards,
> Torsten.
>
> Am 13.12.2013 00:42, schrieb Brian Campbell:
>
>  The second paragraph of section 2 of RFC 7009 [1] says that the
> revocation endpoint must conform to the rules in section 3.1 of RFC 6749
> (The OAuth 2.0 Authorization Framework) [2] but that section is about the
> *Authorization Endpoint*, which doesn't make much sense to me. The resource
> owner is involved with the authorization endpoint but not with the
> revocation endpoint. The authorization endpoint MUST accept GET and MAY
> accept POST while the revocation endpoint always accepts POST except for
> the JSONP support which is just a MAY for GET. There's also talk elsewhere
> in RFC 7009 about client authentication, which only happens at the token
> endpoint, not the authorization endpoint (note that the link in in 2.1 of
> RFC 7009 [3] that should go to 2.3 of RFC6749 actually links back to
> itself).
>
>  Is the reference a mistake in RFC 7009? If not, could someone explain
> what the intent was there or what it really means?
>
>  Thanks for any clarification!
>
> [1] http://tools.ietf.org/html/rfc7009#section-2
> [2] http://tools.ietf.org/html/rfc6749#section-3.1
> [3] http://tools.ietf.org/html/rfc7009#section-2.1
>
>
>
> _______________________________________________
> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oauth
>
>
>

--001a11c2fa92e7cb7304f0be2c02
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>Thanks Torsten,<br><br></div>The intent there definit=
ely makes sense. Thanks for clarifying. And I had sort of guessed that reta=
ining the query component was what that reference was trying to do. But a f=
lat reading of the text doesn&#39;t convey that, I don&#39;t think. I&#39;d=
 guess the answer is &quot;no&quot; but does this kind of thing warrant err=
ata consideration? <br>

<br><br></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote"=
>On Wed, Jan 8, 2014 at 11:51 AM, Torsten Lodderstedt <span dir=3D"ltr">&lt=
;<a href=3D"mailto:torsten@lodderstedt.net" target=3D"_blank">torsten@lodde=
rstedt.net</a>&gt;</span> wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
 =20
   =20
 =20
  <div text=3D"#000000" bgcolor=3D"#FFFFFF">
    Hi Brian,<br>
    <br>
    this particular sentence is intended to specify the structure of the
    revocation URL only. It refers to this text in RFC 6749: <br>
    <br>
    &quot;The endpoint URI MAY include an &quot;application/x-www-form-urle=
ncoded&quot;<br>
    =A0=A0 formatted (per Appendix B) query component ([RFC3986] Section
    3.4), which MUST be retained when adding additional query
    parameters.=A0 The endpoint URI MUST NOT include a fragment
    component.&quot;, <br>
    <br>
    which is equivalent for authz and token endpoint. <br>
    <br>
    I see your point, it seems to confuse (at least) a bit. In
    retrospective, it would have been a better idea to copy the text.<br>
    <br>
    The reference in section 2.1 is wrong, it should point to RFC 6749
    (<a href=3D"http://tools.ietf.org/html/rfc6749#section-2.3" target=3D"_=
blank">http://tools.ietf.org/html/rfc6749#section-2.3</a>).<br>
    <br>
    regards,<br>
    Torsten.<br>
    <br>
    Am 13.12.2013 00:42, schrieb Brian Campbell:<br>
    <blockquote type=3D"cite"><div><div class=3D"h5">
      <div dir=3D"ltr">
        <div>
          <div>The second paragraph of section 2 of RFC 7009 [1] says
            that the revocation endpoint must conform to the rules in
            section 3.1 of RFC 6749 (The OAuth 2.0 Authorization
            Framework) [2] but that section is about the *Authorization
            Endpoint*, which doesn&#39;t make much sense to me. The resourc=
e
            owner is involved with the authorization endpoint but not
            with the revocation endpoint. The authorization endpoint
            MUST accept GET and MAY accept POST while the revocation
            endpoint always accepts POST except for the JSONP support
            which is just a MAY for GET. There&#39;s also talk elsewhere in
            RFC 7009 about client authentication, which only happens at
            the token endpoint, not the authorization endpoint (note
            that the link in in 2.1 of RFC 7009 [3] that should go to
            2.3 of RFC6749 actually links back to itself).<br>
          </div>
          <div>
            <br>
          </div>
          Is the reference a mistake in RFC 7009? If not, could someone
          explain what the intent was there or what it really means?<br>
          <br>
        </div>
        <div>Thanks for any clarification!<br>
        </div>
        <div><br>
          <div>[1] <a href=3D"http://tools.ietf.org/html/rfc7009#section-2"=
 target=3D"_blank">http://tools.ietf.org/html/rfc7009#section-2</a><br>
            [2] <a href=3D"http://tools.ietf.org/html/rfc6749#section-3.1" =
target=3D"_blank">http://tools.ietf.org/html/rfc6749#section-3.1</a><br>
            [3] <a href=3D"http://tools.ietf.org/html/rfc7009#section-2.1" =
target=3D"_blank">http://tools.ietf.org/html/rfc7009#section-2.1</a><br>
            <br>
          </div>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      </div></div><pre>_______________________________________________
OAuth mailing list
<a href=3D"mailto:OAuth@ietf.org" target=3D"_blank">OAuth@ietf.org</a>
<a href=3D"https://www.ietf.org/mailman/listinfo/oauth" target=3D"_blank">h=
ttps://www.ietf.org/mailman/listinfo/oauth</a>
</pre>
    </blockquote>
    <br>
  </div>

</blockquote></div><br></div>

--001a11c2fa92e7cb7304f0be2c02--

From torsten@lodderstedt.net  Sat Jan 25 02:20:38 2014
Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28BDD1A021A for <oauth@ietfa.amsl.com>; Sat, 25 Jan 2014 02:20:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level: 
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Poa4HoIAT-91 for <oauth@ietfa.amsl.com>; Sat, 25 Jan 2014 02:20:35 -0800 (PST)
Received: from smtprelay04.ispgateway.de (smtprelay04.ispgateway.de [80.67.31.42]) by ietfa.amsl.com (Postfix) with ESMTP id C21D91A01D7 for <oauth@ietf.org>; Sat, 25 Jan 2014 02:20:34 -0800 (PST)
Received: from [79.253.46.148] (helo=[192.168.71.82]) by smtprelay04.ispgateway.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.68) (envelope-from <torsten@lodderstedt.net>) id 1W70Lm-0007yu-JH; Sat, 25 Jan 2014 11:20:30 +0100
References: <CA+k3eCTfa6iVEc9NUkRHppWovpGCSR0HjknX2vNmTw105NztfA@mail.gmail.com> <52CD9E3E.40106@lodderstedt.net> <CA+k3eCTkQTrR=eo9emTpdLARQGuvMrYpBnPn+hg-Tw-4xsimLQ@mail.gmail.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <CA+k3eCTkQTrR=eo9emTpdLARQGuvMrYpBnPn+hg-Tw-4xsimLQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary=Apple-Mail-C75B64D0-F431-458A-A480-7FC96C7D4736
Content-Transfer-Encoding: 7bit
Message-Id: <E1C92F9D-8780-471C-ACAB-4BAC315AF7E0@lodderstedt.net>
X-Mailer: iPad Mail (11B554a)
From: Torsten Lodderstedt <torsten@lodderstedt.net>
Date: Sat, 25 Jan 2014 11:20:29 +0100
To: Brian Campbell <bcampbell@pingidentity.com>
X-Df-Sender: dG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQ=
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Question on RFC 7009 OAuth 2.0 Token Revocation
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jan 2014 10:20:38 -0000

--Apple-Mail-C75B64D0-F431-458A-A480-7FC96C7D4736
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: quoted-printable

Hi Brian,

> Am 24.01.2014 um 22:37 schrieb Brian Campbell <bcampbell@pingidentity.com>=
:
>=20
> Thanks Torsten,
>=20
> The intent there definitely makes sense. Thanks for clarifying. And I had s=
ort of guessed that retaining the query component was what that reference wa=
s trying to do. But a flat reading of the text doesn't convey that, I don't t=
hink. I'd guess the answer is "no" but does this kind of thing warrant errat=
a consideration?=20

I don't know. I suggest we discuss this in London.

best regards,
Torsten.

>=20
>=20
>=20
>=20
>> On Wed, Jan 8, 2014 at 11:51 AM, Torsten Lodderstedt <torsten@lodderstedt=
.net> wrote:
>> Hi Brian,
>>=20
>> this particular sentence is intended to specify the structure of the revo=
cation URL only. It refers to this text in RFC 6749:=20
>>=20
>> "The endpoint URI MAY include an "application/x-www-form-urlencoded"
>>    formatted (per Appendix B) query component ([RFC3986] Section 3.4), wh=
ich MUST be retained when adding additional query parameters.  The endpoint U=
RI MUST NOT include a fragment component.",=20
>>=20
>> which is equivalent for authz and token endpoint.=20
>>=20
>> I see your point, it seems to confuse (at least) a bit. In retrospective,=
 it would have been a better idea to copy the text.
>>=20
>> The reference in section 2.1 is wrong, it should point to RFC 6749 (http:=
//tools.ietf.org/html/rfc6749#section-2.3).
>>=20
>> regards,
>> Torsten.
>>=20
>> Am 13.12.2013 00:42, schrieb Brian Campbell:
>>> The second paragraph of section 2 of RFC 7009 [1] says that the revocati=
on endpoint must conform to the rules in section 3.1 of RFC 6749 (The OAuth 2=
.0 Authorization Framework) [2] but that section is about the *Authorization=
 Endpoint*, which doesn't make much sense to me. The resource owner is invol=
ved with the authorization endpoint but not with the revocation endpoint. Th=
e authorization endpoint MUST accept GET and MAY accept POST while the revoc=
ation endpoint always accepts POST except for the JSONP support which is jus=
t a MAY for GET. There's also talk elsewhere in RFC 7009 about client authen=
tication, which only happens at the token endpoint, not the authorization en=
dpoint (note that the link in in 2.1 of RFC 7009 [3] that should go to 2.3 o=
f RFC6749 actually links back to itself).
>>>=20
>>> Is the reference a mistake in RFC 7009? If not, could someone explain wh=
at the intent was there or what it really means?
>>>=20
>>> Thanks for any clarification!
>>>=20
>>> [1] http://tools.ietf.org/html/rfc7009#section-2
>>> [2] http://tools.ietf.org/html/rfc6749#section-3.1
>>> [3] http://tools.ietf.org/html/rfc7009#section-2.1
>>>=20
>>>=20
>>>=20
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>>=20
>=20

--Apple-Mail-C75B64D0-F431-458A-A480-7FC96C7D4736
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: 7bit

<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>Hi Brian,</div><div><br>Am 24.01.2014 um 22:37 schrieb Brian Campbell &lt;<a href="mailto:bcampbell@pingidentity.com">bcampbell@pingidentity.com</a>&gt;:<br><br></div><blockquote type="cite"><div><div dir="ltr"><div>Thanks Torsten,<br><br></div>The intent there definitely makes sense. Thanks for clarifying. And I had sort of guessed that retaining the query component was what that reference was trying to do. But a flat reading of the text doesn't convey that, I don't think. I'd guess the answer is "no" but does this kind of thing warrant errata consideration? <br></div></div></blockquote><div><br></div>I don't know. I suggest we discuss this in London.<div><br></div><div>best regards,</div><div>Torsten.<br><div><br><blockquote type="cite"><div><div dir="ltr">

<br><br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Jan 8, 2014 at 11:51 AM, Torsten Lodderstedt <span dir="ltr">&lt;<a href="mailto:torsten@lodderstedt.net" target="_blank">torsten@lodderstedt.net</a>&gt;</span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    Hi Brian,<br>
    <br>
    this particular sentence is intended to specify the structure of the
    revocation URL only. It refers to this text in RFC 6749: <br>
    <br>
    "The endpoint URI MAY include an "application/x-www-form-urlencoded"<br>
    &nbsp;&nbsp; formatted (per Appendix B) query component ([RFC3986] Section
    3.4), which MUST be retained when adding additional query
    parameters.&nbsp; The endpoint URI MUST NOT include a fragment
    component.", <br>
    <br>
    which is equivalent for authz and token endpoint. <br>
    <br>
    I see your point, it seems to confuse (at least) a bit. In
    retrospective, it would have been a better idea to copy the text.<br>
    <br>
    The reference in section 2.1 is wrong, it should point to RFC 6749
    (<a href="http://tools.ietf.org/html/rfc6749#section-2.3" target="_blank">http://tools.ietf.org/html/rfc6749#section-2.3</a>).<br>
    <br>
    regards,<br>
    Torsten.<br>
    <br>
    Am 13.12.2013 00:42, schrieb Brian Campbell:<br>
    <blockquote type="cite"><div><div class="h5">
      <div dir="ltr">
        <div>
          <div>The second paragraph of section 2 of RFC 7009 [1] says
            that the revocation endpoint must conform to the rules in
            section 3.1 of RFC 6749 (The OAuth 2.0 Authorization
            Framework) [2] but that section is about the *Authorization
            Endpoint*, which doesn't make much sense to me. The resource
            owner is involved with the authorization endpoint but not
            with the revocation endpoint. The authorization endpoint
            MUST accept GET and MAY accept POST while the revocation
            endpoint always accepts POST except for the JSONP support
            which is just a MAY for GET. There's also talk elsewhere in
            RFC 7009 about client authentication, which only happens at
            the token endpoint, not the authorization endpoint (note
            that the link in in 2.1 of RFC 7009 [3] that should go to
            2.3 of RFC6749 actually links back to itself).<br>
          </div>
          <div>
            <br>
          </div>
          Is the reference a mistake in RFC 7009? If not, could someone
          explain what the intent was there or what it really means?<br>
          <br>
        </div>
        <div>Thanks for any clarification!<br>
        </div>
        <div><br>
          <div>[1] <a href="http://tools.ietf.org/html/rfc7009#section-2" target="_blank">http://tools.ietf.org/html/rfc7009#section-2</a><br>
            [2] <a href="http://tools.ietf.org/html/rfc6749#section-3.1" target="_blank">http://tools.ietf.org/html/rfc6749#section-3.1</a><br>
            [3] <a href="http://tools.ietf.org/html/rfc7009#section-2.1" target="_blank">http://tools.ietf.org/html/rfc7009#section-2.1</a><br>
            <br>
          </div>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      </div></div><pre>_______________________________________________
OAuth mailing list
<a href="mailto:OAuth@ietf.org" target="_blank">OAuth@ietf.org</a>
<a href="https://www.ietf.org/mailman/listinfo/oauth" target="_blank">https://www.ietf.org/mailman/listinfo/oauth</a>
</pre>
    </blockquote>
    <br>
  </div>

</blockquote></div><br></div>
</div></blockquote></div></div></body></html>
--Apple-Mail-C75B64D0-F431-458A-A480-7FC96C7D4736--

From Hannes.Tschofenig@gmx.net  Mon Jan 27 12:12:42 2014
Return-Path: <Hannes.Tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7A291A02B7 for <oauth@ietfa.amsl.com>; Mon, 27 Jan 2014 12:12:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.177
X-Spam-Level: **
X-Spam-Status: No, score=2.177 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, MIME_HTML_ONLY=0.723, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UBhtScsQ7dcI for <oauth@ietfa.amsl.com>; Mon, 27 Jan 2014 12:12:40 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) by ietfa.amsl.com (Postfix) with ESMTP id 7A1D31A0389 for <oauth@ietf.org>; Mon, 27 Jan 2014 12:12:40 -0800 (PST)
Received: from 3capp-gmx-bs08.server.lan ([172.19.170.59]) by mrigmx.server.lan (mrigmx002) with ESMTP (Nemesis) id 0LhhsN-1VUMia2RHt-00mtgt for <oauth@ietf.org>; Mon, 27 Jan 2014 21:12:37 +0100
Received: from [217.140.96.21] by 3capp-gmx-bs08.server.lan with HTTP; Mon Jan 27 21:12:37 CET 2014
MIME-Version: 1.0
Message-ID: <trinity-5109dc86-67ba-4bf2-b52f-bef301c34b30-1390853557473@3capp-gmx-bs08>
From: "Hannes Tschofenig" <Hannes.Tschofenig@gmx.net>
To: oauth@ietf.org
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Jan 2014 21:12:37 +0100 (CET)
Importance: normal
Sensitivity: Normal
X-Priority: 3
X-Provags-ID: V03:K0:W0/KyRLKpTaWimEVQP3UK3tKDlJBiJR1mfy/pPHtjf1 Jont/KcS1AM70aE3NX6yIwzB0zTDs3JyeeNfogclwTIe3jzjtZ dT40PAs9ucZ0LKM+etRs23huIP16vblr5aSiLSOohwDwiEO9Mw GEi3GS/Cc4llX3RmRwQSEtkxT1/8Tm67mA1NzzKZ6TaH+eTHcL v+L/Dw859zi1/IixO9eAV9QHtdSnG7LzsZHVhd+XKom7lbl4r1 ToawyDfKSn6KDJzsD1gWp8wLa/A853v68QxF/lly7BHegivupC 1x8Sis=
Subject: [OAUTH-WG] Conference Bridge for Call Tomorrow
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jan 2014 20:12:43 -0000

<html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div>As a reminder for the meeting tomorrow (see earlier announcement at&nbsp;http://www.ietf.org/mail-archive/web/oauth/current/msg12360.html) below is the conference bridge/Webex info.&nbsp;<span style="font-family: Verdana, sans-serif, Arial, &#39;Trebuchet MS&#39;; font-size: 13px; line-height: 1.6em;">&nbsp;</span></div>

<div>&nbsp;</div>

<div><span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">-------------------------------------------------------&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
&nbsp;</div>

<div><span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Meeting information&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
&nbsp;</div>

<div><span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Topic: OAuth&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Date: Tuesday, January 28, 2014&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Time: 11:00 am, Eastern Standard Time (New York, GMT-05:00)&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Meeting Number: 640 200 258&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Meeting Password: secure&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">-------------------------------------------------------&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">To start or join the online meeting&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">-------------------------------------------------------&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Go to&nbsp;</span><a href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fj.php%3FED%3D261969107%26UID%3D492124657%26PW%3DNOTgwYTU4NzY5%26RT%3DMiMxMQ%253D%253D" style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;" target="_blank">https://ietf.webex.com/ietf/j.php?ED=261969107&amp;UID=492124657&amp;PW=NOTgwYTU4NzY5&amp;RT=MiMxMQ%3D%3D</a><span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">-------------------------------------------------------&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Audio conference information&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">-------------------------------------------------------&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Call-in toll number (US/Canada): 1-650-479-3208&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">Access code:640 200 258&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">-------------------------------------------------------&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">For assistance&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">-------------------------------------------------------&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">1. Go to&nbsp;</span><a href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fmc" style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;" target="_blank">https://ietf.webex.com/ietf/mc</a><span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">2. On the left navigation bar, click &quot;Support&quot;.&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">To update this meeting to your calendar program (for example Microsoft Outlook), click this link:&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<a href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fj.php%3FED%3D261969107%26UID%3D492124657%26ICS%3DMIU%26LD%3D1%26RD%3D2%26ST%3D1%26SHA2%3DAAAAAuTV9t%2FsV3WFcDOadVZVl%2FFLwEvmWseu6wZm45DiI6Wb" style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;" target="_blank">https://ietf.webex.com/ietf/j.php?ED=261969107&amp;UID=492124657&amp;ICS=MIU&amp;LD=1&amp;RD=2&amp;ST=1&amp;SHA2=AAAAAuTV9t/sV3WFcDOadVZVl/FLwEvmWseu6wZm45DiI6Wb</a><span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">&nbsp;</span><br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<br style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;"/>
<span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">To check whether you have the appropriate players installed for UCF (Universal Communications Format) rich media files, go to&nbsp;</span><a href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fsystemdiagnosis.php" style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;" target="_blank">https://ietf.webex.com/ietf/systemdiagnosis.php</a><span style="font-family: Tahoma, Arial, sans-serif, Helvetica, Geneva; font-size: small; line-height: normal;">.&nbsp;</span></div></div></body></html>

From internet-drafts@ietf.org  Tue Jan 28 01:33:15 2014
Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EAA81A02B7; Tue, 28 Jan 2014 01:33:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S-IvndctW3_o; Tue, 28 Jan 2014 01:33:13 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C80141A01BC; Tue, 28 Jan 2014 01:33:11 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.90.p2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140128093311.13944.70746.idtracker@ietfa.amsl.com>
Date: Tue, 28 Jan 2014 01:33:11 -0800
Cc: oauth@ietf.org
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-15.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 09:33:15 -0000

A New Internet-Draft is available from the on-line Internet-Drafts director=
ies.
 This draft is a work item of the Web Authorization Protocol Working Group =
of the IETF.

        Title           : OAuth 2.0 Dynamic Client Registration Core Protoc=
ol
        Authors         : Justin Richer
                          Michael B. Jones
                          John Bradley
                          Maciej Machulak
	Filename        : draft-ietf-oauth-dyn-reg-15.txt
	Pages           : 30
	Date            : 2014-01-28

Abstract:
   This specification defines mechanisms used to dynamically register
   OAuth 2.0 clients at authorization servers.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-dyn-reg/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-15

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-oauth-dyn-reg-15


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/


From Michael.Jones@microsoft.com  Tue Jan 28 02:14:01 2014
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 634F21A023A for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 02:14:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8wTlw67FZitm for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 02:13:59 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1blp0189.outbound.protection.outlook.com [207.46.163.189]) by ietfa.amsl.com (Postfix) with ESMTP id E693B1A01ED for <oauth@ietf.org>; Tue, 28 Jan 2014 02:13:58 -0800 (PST)
Received: from DM2PR03CA007.namprd03.prod.outlook.com (10.141.52.155) by BLUPR03MB151.namprd03.prod.outlook.com (10.255.212.25) with Microsoft SMTP Server (TLS) id 15.0.859.15; Tue, 28 Jan 2014 10:13:54 +0000
Received: from BN1BFFO11FD035.protection.gbl (2a01:111:f400:7c10::1:195) by DM2PR03CA007.outlook.office365.com (2a01:111:e400:2414::27) with Microsoft SMTP Server (TLS) id 15.0.859.15 via Frontend Transport; Tue, 28 Jan 2014 10:13:54 +0000
Received: from mail.microsoft.com (131.107.125.37) by BN1BFFO11FD035.mail.protection.outlook.com (10.58.144.98) with Microsoft SMTP Server (TLS) id 15.0.856.14 via Frontend Transport; Tue, 28 Jan 2014 10:13:53 +0000
Received: from TK5EX14MBXC288.redmond.corp.microsoft.com ([169.254.3.129]) by TK5EX14HUBC106.redmond.corp.microsoft.com ([157.54.80.61]) with mapi id 14.03.0174.002; Tue, 28 Jan 2014 10:13:17 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Refactored OAuth Dynamic Client Registration Specs
Thread-Index: Ac8cEYoyNPJ4Z7PMTzysfZ8oqcBcxQ==
Date: Tue, 28 Jan 2014 10:13:16 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739438A6BD38E@TK5EX14MBXC288.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [157.54.51.32]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739438A6BD38ETK5EX14MBXC288r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009001)(199002)(189002)(46102001)(51856001)(53806001)(81816001)(84326002)(76176001)(85306002)(76482001)(92726001)(87266001)(87936001)(85852003)(2656002)(93136001)(83072002)(16236675002)(92566001)(90146001)(56816005)(81686001)(54356001)(86362001)(54316002)(77096001)(56776001)(93516002)(76786001)(76796001)(80976001)(74876001)(83322001)(19580395003)(47446002)(74706001)(74662001)(31966008)(44976005)(512954002)(59766001)(77982001)(55846006)(66066001)(80022001)(65816001)(63696002)(20776003)(33656001)(6806004)(69226001)(19300405004)(79102001)(81542001)(94316002)(71186001)(74366001)(74502001)(4396001)(47976001)(15202345003)(16297215004)(49866001)(15975445006)(47736001)(50986001)(81342001)(6606295002); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR03MB151; H:mail.microsoft.com; CLIP:131.107.125.37; FPR:; InfoDomainNonexistentA:1; MX:1; LANG:en; 
X-O365ENT-EOP-Header: Message processed by -  O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0105DAA385
X-OriginatorOrg: microsoft.com
Subject: [OAUTH-WG] Refactored OAuth Dynamic Client Registration Specs
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 10:14:01 -0000

--_000_4E1F6AAD24975D4BA5B16804296739438A6BD38ETK5EX14MBXC288r_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I've posted an updated set of OAuth Dynamic Client Registration specificati=
ons that refactors the previous single specification into three specs:

*        OAuth 2.0 Dynamic Client Registration Core Protocol

*        OAuth 2.0 Dynamic Client Registration Metadata

*        OAuth 2.0 Dynamic Client Registration Management Protocol
This refactoring was the result of discussions at IETF 88 in Vancouver, BC<=
http://www.ietf.org/meeting/88/>.  These refactored specifications are comp=
atible with the previous single specification.

The Core specification contains only the definitions needed to perform dyna=
mic registrations.  It contains a completely rewritten Use Cases appendix, =
intended to clarify the different ways that dynamic registration can be per=
formed.  It also adds the Software Statement abstraction invented by Phil H=
unt - enabling assertions to be made and used about the client software bei=
ng registered.

The Metadata specification defines useful client metadata values that are n=
onetheless not essential to the core, such as "client_name", "logo_uri", an=
d "software_id".  These were previously defined in the single dynamic regis=
tration spec.

The Management specification defines the client management operations Read,=
 Update, and Delete, and addresses client secret rotation.  These were prev=
iously defined in the single dynamic registration spec.

The drafts are available at:

*        http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-15

*        http://tools.ietf.org/html/draft-jones-oauth-dyn-reg-metadata-00

*        http://tools.ietf.org/html/draft-jones-oauth-dyn-reg-management-00

HTML formatted versions are also available at:

*        https://self-issued.info/docs/draft-ietf-oauth-dyn-reg-15.html

*        https://self-issued.info/docs/draft-jones-oauth-dyn-reg-metadata-0=
0.html

*        https://self-issued.info/docs/draft-jones-oauth-dyn-reg-management=
-00.html

These versions build upon prior restructuring work done by both Justin Rich=
er and Phil Hunt.

                                                            -- Mike

P.S.  This announcement was also posted at http://self-issued.info/?p=3D117=
1 and on Twitter as @selfissued.



--_000_4E1F6AAD24975D4BA5B16804296739438A6BD38ETK5EX14MBXC288r_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:588808155;
	mso-list-type:hybrid;
	mso-list-template-ids:-2031461058 67698689 67698691 67698693 67698689 6769=
8691 67698693 67698689 67698691 67698693;}
@list l0:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l0:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l0:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1
	{mso-list-id:1516076215;
	mso-list-type:hybrid;
	mso-list-template-ids:-1484849634 67698689 67698691 67698693 67698689 6769=
8691 67698693 67698689 67698691 67698693;}
@list l1:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l1:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l1:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l1:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l2
	{mso-list-id:1730768809;
	mso-list-type:hybrid;
	mso-list-template-ids:-974890194 67698689 67698691 67698693 67698689 67698=
691 67698693 67698689 67698691 67698693;}
@list l2:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l2:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l2:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l2:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l2:level5
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l2:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
@list l2:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Symbol;}
@list l2:level8
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:"Courier New";}
@list l2:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;
	font-family:Wingdings;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal">I&#8217;ve posted an updated set of OAuth Dynamic Cl=
ient Registration specifications that refactors the previous single specifi=
cation into three specs:<o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]>OAuth 2.0 Dynamic Client Registration Core P=
rotocol<o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><span lang=3D"EN">OAuth 2.0 Dynamic Client R=
egistration Metadata</span><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l1 level=
1 lfo1"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]>OAuth 2.0 Dynamic Client Registration Manage=
ment Protocol<o:p></o:p></p>
<p class=3D"MsoNormal">This refactoring was the result of discussions at <a=
 href=3D"http://www.ietf.org/meeting/88/">
IETF 88 in Vancouver, BC</a>.&nbsp; These refactored specifications are com=
patible with the previous single specification.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">The Core specification contains only the definitions=
 needed to perform dynamic registrations.&nbsp; It contains a completely re=
written Use Cases appendix, intended to clarify the different ways that dyn=
amic registration can be performed.&nbsp; It
 also adds the Software Statement abstraction invented by Phil Hunt &#8211;=
 enabling assertions to be made and used about the client software being re=
gistered.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">The Metadata specification defines useful client met=
adata values that are nonetheless not essential to the core, such as &#8220=
;<span style=3D"font-family:&quot;Courier New&quot;">client_name</span>&#82=
21;, &#8220;<span style=3D"font-family:&quot;Courier New&quot;">logo_uri</s=
pan>&#8221;,
 and &#8220;<span style=3D"font-family:&quot;Courier New&quot;">software_id=
</span>&#8221;.&nbsp; These were previously defined in the single dynamic r=
egistration spec.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">The Management specification defines the client mana=
gement operations Read, Update, and Delete, and addresses client secret rot=
ation.&nbsp; These were previously defined in the single dynamic registrati=
on spec.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">The drafts are available at:<o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
ietf-oauth-dyn-reg-15">http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-=
15</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
jones-oauth-dyn-reg-metadata-00">http://tools.ietf.org/html/draft-jones-oau=
th-dyn-reg-metadata-00</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo2"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"http://tools.ietf.org/html/draft-=
jones-oauth-dyn-reg-management-00">http://tools.ietf.org/html/draft-jones-o=
auth-dyn-reg-management-00</a><o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">HTML formatted versions are also available at:<o:p><=
/o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l2 level=
1 lfo3"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"https://self-issued.info/docs/dra=
ft-ietf-oauth-dyn-reg-15.html">https://self-issued.info/docs/draft-ietf-oau=
th-dyn-reg-15.html</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l2 level=
1 lfo3"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"https://self-issued.info/docs/dra=
ft-jones-oauth-dyn-reg-metadata-00.html">https://self-issued.info/docs/draf=
t-jones-oauth-dyn-reg-metadata-00.html</a><o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l2 level=
1 lfo3"><![if !supportLists]><span style=3D"font-family:Symbol"><span style=
=3D"mso-list:Ignore">&middot;<span style=3D"font:7.0pt &quot;Times New Roma=
n&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><![endif]><a href=3D"https://self-issued.info/docs/dra=
ft-jones-oauth-dyn-reg-management-00.html">https://self-issued.info/docs/dr=
aft-jones-oauth-dyn-reg-management-00.html</a><o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">These versions build upon prior restructuring work d=
one by both Justin Richer and Phil Hunt.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; -- Mike<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">P.S.&nbsp; This announcement was also posted at <a h=
ref=3D"http://self-issued.info/?p=3D1171">
http://self-issued.info/?p=3D1171</a> and on Twitter as @selfissued.<o:p></=
o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</body>
</html>

--_000_4E1F6AAD24975D4BA5B16804296739438A6BD38ETK5EX14MBXC288r_--

From Hannes.Tschofenig@gmx.net  Tue Jan 28 05:55:56 2014
Return-Path: <Hannes.Tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A00591A03F6 for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 05:55:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.435
X-Spam-Level: 
X-Spam-Status: No, score=-2.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gvVW4KqWM6tv for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 05:55:55 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) by ietfa.amsl.com (Postfix) with ESMTP id C453C1A022A for <oauth@ietf.org>; Tue, 28 Jan 2014 05:55:54 -0800 (PST)
Received: from 3capp-gmx-bs39.server.lan ([172.19.170.91]) by mrigmx.server.lan (mrigmx002) with ESMTP (Nemesis) id 0M2amx-1VFtze23Nt-00sLlJ for <oauth@ietf.org>; Tue, 28 Jan 2014 14:55:51 +0100
Received: from [217.140.96.21] by 3capp-gmx-bs39.server.lan with HTTP; Tue Jan 28 14:55:51 CET 2014
MIME-Version: 1.0
Message-ID: <trinity-a873a806-87fe-4222-a3ad-8d7ea2289497-1390917351362@3capp-gmx-bs39>
From: "Hannes Tschofenig" <Hannes.Tschofenig@gmx.net>
To: oauth@ietf.org
Content-Type: text/plain; charset=UTF-8
Date: Tue, 28 Jan 2014 14:55:51 +0100 (CET)
Importance: normal
Sensitivity: Normal
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
X-Provags-ID: V03:K0:KVqu5oz31RZd1IoFw04Ma9MmFyXo2IiMTgzjTcMTuq2 mAKupLsnFwmmw5GPLqdTtYvVl3VMBw75bzPEKUaN0nX5JCf1uq NyszvAis6ghgxdSBeyABrcdMMHIZBPX7l3ind7HxKxZIH7DHDT C1K9Y1TWNAGMbDZxSkKdFpGuNXvJjiWdDsA1UsruqlXm3UJLDt 0c5ORb4S7QJ50u0uKfBkkv1iYfK47I6mHFoKihawXDZ7/CVuzn VW985ednxC+QmZSMTE1uNOVCMhgBwkiXMQUZZxgGCQfMhlTTz4 2nzeIk=
Subject: [OAUTH-WG] Conference Call Agenda
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 13:55:56 -0000

Hi all,=C2=A0
=C2=A0
For our call today I would like to discuss the following topics:

=C2=A0* Assertions=C2=A0
The documents have been updated in December: =C2=A0
https://ietf.org/doc/draft-ietf-oauth-assertions/
https://ietf.org/doc/draft-ietf-oauth-saml2-bearer/
=C2=A0
=C2=A0* Dynamic Registration
=C2=A0
Mike had submitted an update, which can be found here: https://ietf.org/do=
c/draft-ietf-oauth-dyn-reg/
=C2=A0
=C2=A0* JWT and JWT Bearer Profile specs (in relationship to the ongoing W=
GLC in JOSE)
Mike updated the JWT document recently (see https://ietf.org/doc/draft-iet=
f-oauth-json-web-token/).=C2=A0

=C2=A0* MAC Token
=C2=A0
I refreshed the spec recently but it requires more work to get completed.=
=C2=A0
=C2=A0
=C2=A0* HOTK Draft
=C2=A0
In context of the security design team work early last year we decided to =
develop two different security solutions, namely the MAC token and the HOTK=
 solution. We ran out of steam a bit last year but there was renewed intere=
st in the HOTK work at the last IETF meeting. We need to figure out how to =
work on an update.=C2=A0
=C2=A0
We only have an hour for the call and so we will not be able to discuss th=
e details but it would be good to assign some actions so that we get our do=
cuments updated in time for the deadline, other documents forwarded to the =
IESG, and open issues identified.=C2=A0

Ciao
Hannes

From Adam.Lewis@motorolasolutions.com  Tue Jan 28 07:36:11 2014
Return-Path: <Adam.Lewis@motorolasolutions.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7428B1A0424 for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 07:36:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.348
X-Spam-Level: 
X-Spam-Status: No, score=-1.348 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_BASE64_BLANKS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNRESOLVED_TEMPLATE=1.252] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nZgEeeKKGcZn for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 07:36:09 -0800 (PST)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe002.messaging.microsoft.com [213.199.154.205]) by ietfa.amsl.com (Postfix) with ESMTP id 91F5D1A03B6 for <oauth@ietf.org>; Tue, 28 Jan 2014 07:36:08 -0800 (PST)
Received: from mail17-am1-R.bigfish.com (10.3.201.226) by AM1EHSOBE012.bigfish.com (10.3.207.134) with Microsoft SMTP Server id 14.1.225.22; Tue, 28 Jan 2014 15:36:05 +0000
Received: from mail17-am1 (localhost [127.0.0.1])	by mail17-am1-R.bigfish.com (Postfix) with ESMTP id 2DCB43401EE	for <oauth@ietf.org>; Tue, 28 Jan 2014 15:36:05 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:129.188.136.17; KIP:(null); UIP:(null); IPV:NLI; H:il06msg01.mot-solutions.com; RD:none; EFVD:NLI
X-SpamScore: -22
X-BigFish: VPS-22(zbebIz9371Ic89bh542I14ffIzz1f42h2148h208ch1ee6h1de0h1fdah2073h2146h1202h1e76h2189h1d1ah1d2ah21bch1fc6hzz1de098h1033IL8275dh1de097h186068hz2fh109h2a8h683h839h93fhd24hf0ah1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1b2fh224fh1fb3h1d07h1d0ch1d2eh1d3fh1de9h1dfeh1dffh1fe8h1ff5h2216h22d0h2336h2461h2487h24d7h9a9j1155h)
Received-SPF: pass (mail17-am1: domain of motorolasolutions.com designates 129.188.136.17 as permitted sender) client-ip=129.188.136.17; envelope-from=Adam.Lewis@motorolasolutions.com; helo=il06msg01.mot-solutions.com ; olutions.com ; 
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.85; KIP:(null); UIP:(null); (null); H:BL2PRD0410HT003.namprd04.prod.outlook.com; R:internal; EFV:INT
Received: from mail17-am1 (localhost.localdomain [127.0.0.1]) by mail17-am1 (MessageSwitch) id 1390923363115708_27391; Tue, 28 Jan 2014 15:36:03 +0000 (UTC)
Received: from AM1EHSMHS009.bigfish.com (unknown [10.3.201.236])	by mail17-am1.bigfish.com (Postfix) with ESMTP id 08F42600E9	for <oauth@ietf.org>; Tue, 28 Jan 2014 15:36:03 +0000 (UTC)
Received: from il06msg01.mot-solutions.com (129.188.136.17) by AM1EHSMHS009.bigfish.com (10.3.207.109) with Microsoft SMTP Server (TLS) id 14.16.227.3; Tue, 28 Jan 2014 15:36:01 +0000
Received: from il06msg01.mot-solutions.com (il06vts03.mot.com [129.188.137.143])	by il06msg01.mot-solutions.com (8.14.3/8.14.3) with ESMTP id s0SFZxKx021271	for <oauth@ietf.org>; Tue, 28 Jan 2014 09:35:59 -0600 (CST)
Received: from co1outboundpool.messaging.microsoft.com (co1ehsobe004.messaging.microsoft.com [216.32.180.187])	by il06msg01.mot-solutions.com (8.14.3/8.14.3) with ESMTP id s0SFZxxh021266 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL)	for <oauth@ietf.org>; Tue, 28 Jan 2014 09:35:59 -0600 (CST)
Received: from mail38-co1-R.bigfish.com (10.243.78.235) by CO1EHSOBE032.bigfish.com (10.243.66.97) with Microsoft SMTP Server id 14.1.225.22; Tue, 28 Jan 2014 15:35:58 +0000
Received: from mail38-co1 (localhost [127.0.0.1])	by mail38-co1-R.bigfish.com (Postfix) with ESMTP id 7906EB801DD	for <oauth@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Tue, 28 Jan 2014 15:35:58 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009001)(6009001)(13464003)(53754006)(377454003)(30513003)(199002)(189002)(87936001)(54316002)(93516002)(81342001)(69226001)(76482001)(86362001)(15975445006)(94316002)(54356001)(93136001)(46102001)(74706001)(50986001)(47736001)(49866001)(87266001)(47976001)(81542001)(2656002)(4396001)(51856001)(81816001)(81686001)(65816001)(80022001)(85306002)(19580395003)(74316001)(76796001)(76786001)(31966008)(76576001)(47446002)(74662001)(74502001)(59766001)(63696002)(19580405001)(83322001)(79102001)(66066001)(77982001)(74366001)(80976001)(74876001)(56776001)(53806001)(83072002)(92566001)(90146001)(33646001)(85852003)(56816005)(24736002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR04MB734; H:DM2PR04MB735.namprd04.prod.outlook.com; CLIP:150.130.28.202; FPR:; InfoNoRecordsA:1; MX:1; LANG:en; 
Received: from mail38-co1 (localhost.localdomain [127.0.0.1]) by mail38-co1 (MessageSwitch) id 1390923356387636_23950; Tue, 28 Jan 2014 15:35:56 +0000 (UTC)
Received: from CO1EHSMHS005.bigfish.com (unknown [10.243.78.254])	by mail38-co1.bigfish.com (Postfix) with ESMTP id 5214146004A;	Tue, 28 Jan 2014 15:35:56 +0000 (UTC)
Received: from BL2PRD0410HT003.namprd04.prod.outlook.com (157.56.240.85) by CO1EHSMHS005.bigfish.com (10.243.66.15) with Microsoft SMTP Server (TLS) id 14.16.227.3; Tue, 28 Jan 2014 15:35:54 +0000
Received: from DM2PR04MB734.namprd04.prod.outlook.com (10.141.177.16) by BL2PRD0410HT003.namprd04.prod.outlook.com (10.255.99.38) with Microsoft SMTP Server (TLS) id 14.16.395.1; Tue, 28 Jan 2014 15:35:50 +0000
Received: from DM2PR04MB735.namprd04.prod.outlook.com (10.141.177.17) by DM2PR04MB734.namprd04.prod.outlook.com (10.141.177.16) with Microsoft SMTP Server (TLS) id 15.0.859.15; Tue, 28 Jan 2014 15:35:48 +0000
Received: from DM2PR04MB735.namprd04.prod.outlook.com ([10.141.177.17]) by DM2PR04MB735.namprd04.prod.outlook.com ([10.141.177.17]) with mapi id 15.00.0859.020; Tue, 28 Jan 2014 15:35:48 +0000
From: Lewis Adam-CAL022 <Adam.Lewis@motorolasolutions.com>
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Conference Call Agenda
Thread-Index: AQHPHDDJSmWubVyQA0q0gO7N9o0mQZqaRCDw
Date: Tue, 28 Jan 2014 15:35:47 +0000
Message-ID: <29c55c1db4be4629804f4db5e35f6ed6@DM2PR04MB735.namprd04.prod.outlook.com>
References: <trinity-a873a806-87fe-4222-a3ad-8d7ea2289497-1390917351362@3capp-gmx-bs39>
In-Reply-To: <trinity-a873a806-87fe-4222-a3ad-8d7ea2289497-1390917351362@3capp-gmx-bs39>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [150.130.28.202]
x-forefront-prvs: 0105DAA385
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%1294$Dn%IETF.ORG$RO%2$TLS%3$FQDN%msgate.mot-solutions.com$TlsDn%
X-FOPE-CONNECTOR: Id%1294$Dn%GMX.NET$RO%2$TLS%3$FQDN%msgate.mot-solutions.com$TlsDn%
X-CFilter-Loop: Reflected
X-OriginatorOrg: motorolasolutions.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Subject: Re: [OAUTH-WG] Conference Call Agenda
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 15:36:11 -0000

SGkgSGFubmVzLCB5b3UgKG9yIG90aGVycyBvbiB0aGUgbGlzdCkgbWlnaHQgYmUgaW50ZXJlc3Rl
ZCB0byBrbm93IHRoYXQgd2UgcHJvdG90eXBlZCB0aGUgZHJhZnQgdmVyc2lvbiBvZiBIT1RLLCBm
b3Igd2hhdCBpdCdzIHdvcnRoLg0KDQphZGFtDQoNCi0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0t
DQpGcm9tOiBPQXV0aCBbbWFpbHRvOm9hdXRoLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBP
ZiBIYW5uZXMgVHNjaG9mZW5pZw0KU2VudDogVHVlc2RheSwgSmFudWFyeSAyOCwgMjAxNCA3OjU2
IEFNDQpUbzogb2F1dGhAaWV0Zi5vcmcNClN1YmplY3Q6IFtPQVVUSC1XR10gQ29uZmVyZW5jZSBD
YWxsIEFnZW5kYQ0KDQpIaSBhbGwswqANCsKgDQpGb3Igb3VyIGNhbGwgdG9kYXkgSSB3b3VsZCBs
aWtlIHRvIGRpc2N1c3MgdGhlIGZvbGxvd2luZyB0b3BpY3M6DQoNCsKgKiBBc3NlcnRpb25zwqAN
ClRoZSBkb2N1bWVudHMgaGF2ZSBiZWVuIHVwZGF0ZWQgaW4gRGVjZW1iZXI6IMKgDQpodHRwczov
L2lldGYub3JnL2RvYy9kcmFmdC1pZXRmLW9hdXRoLWFzc2VydGlvbnMvDQpodHRwczovL2lldGYu
b3JnL2RvYy9kcmFmdC1pZXRmLW9hdXRoLXNhbWwyLWJlYXJlci8NCsKgDQrCoCogRHluYW1pYyBS
ZWdpc3RyYXRpb24NCsKgDQpNaWtlIGhhZCBzdWJtaXR0ZWQgYW4gdXBkYXRlLCB3aGljaCBjYW4g
YmUgZm91bmQgaGVyZTogaHR0cHM6Ly9pZXRmLm9yZy9kb2MvZHJhZnQtaWV0Zi1vYXV0aC1keW4t
cmVnLw0KwqANCsKgKiBKV1QgYW5kIEpXVCBCZWFyZXIgUHJvZmlsZSBzcGVjcyAoaW4gcmVsYXRp
b25zaGlwIHRvIHRoZSBvbmdvaW5nIFdHTEMgaW4gSk9TRSkNCk1pa2UgdXBkYXRlZCB0aGUgSldU
IGRvY3VtZW50IHJlY2VudGx5IChzZWUgaHR0cHM6Ly9pZXRmLm9yZy9kb2MvZHJhZnQtaWV0Zi1v
YXV0aC1qc29uLXdlYi10b2tlbi8pLsKgDQoNCsKgKiBNQUMgVG9rZW4NCsKgDQpJIHJlZnJlc2hl
ZCB0aGUgc3BlYyByZWNlbnRseSBidXQgaXQgcmVxdWlyZXMgbW9yZSB3b3JrIHRvIGdldCBjb21w
bGV0ZWQuwqANCsKgDQrCoCogSE9USyBEcmFmdA0KwqANCkluIGNvbnRleHQgb2YgdGhlIHNlY3Vy
aXR5IGRlc2lnbiB0ZWFtIHdvcmsgZWFybHkgbGFzdCB5ZWFyIHdlIGRlY2lkZWQgdG8gZGV2ZWxv
cCB0d28gZGlmZmVyZW50IHNlY3VyaXR5IHNvbHV0aW9ucywgbmFtZWx5IHRoZSBNQUMgdG9rZW4g
YW5kIHRoZSBIT1RLIHNvbHV0aW9uLiBXZSByYW4gb3V0IG9mIHN0ZWFtIGEgYml0IGxhc3QgeWVh
ciBidXQgdGhlcmUgd2FzIHJlbmV3ZWQgaW50ZXJlc3QgaW4gdGhlIEhPVEsgd29yayBhdCB0aGUg
bGFzdCBJRVRGIG1lZXRpbmcuIFdlIG5lZWQgdG8gZmlndXJlIG91dCBob3cgdG8gd29yayBvbiBh
biB1cGRhdGUuwqANCsKgDQpXZSBvbmx5IGhhdmUgYW4gaG91ciBmb3IgdGhlIGNhbGwgYW5kIHNv
IHdlIHdpbGwgbm90IGJlIGFibGUgdG8gZGlzY3VzcyB0aGUgZGV0YWlscyBidXQgaXQgd291bGQg
YmUgZ29vZCB0byBhc3NpZ24gc29tZSBhY3Rpb25zIHNvIHRoYXQgd2UgZ2V0IG91ciBkb2N1bWVu
dHMgdXBkYXRlZCBpbiB0aW1lIGZvciB0aGUgZGVhZGxpbmUsIG90aGVyIGRvY3VtZW50cyBmb3J3
YXJkZWQgdG8gdGhlIElFU0csIGFuZCBvcGVuIGlzc3VlcyBpZGVudGlmaWVkLsKgDQoNCkNpYW8N
Ckhhbm5lcw0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18N
Ck9BdXRoIG1haWxpbmcgbGlzdA0KT0F1dGhAaWV0Zi5vcmcNCmh0dHBzOi8vd3d3LmlldGYub3Jn
L21haWxtYW4vbGlzdGluZm8vb2F1dGgNCg==



From gffletch@aol.com  Tue Jan 28 08:08:34 2014
Return-Path: <gffletch@aol.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B02471A02F2 for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 08:08:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.159
X-Spam-Level: *
X-Spam-Status: No, score=1.159 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_3=0.148, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LzhAhl8A4fm7 for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 08:08:33 -0800 (PST)
Received: from omr-d05.mx.aol.com (omr-d05.mx.aol.com [205.188.109.202]) by ietfa.amsl.com (Postfix) with ESMTP id BB2D71A0440 for <oauth@ietf.org>; Tue, 28 Jan 2014 08:08:32 -0800 (PST)
Received: from mtaout-mab01.mx.aol.com (mtaout-mab01.mx.aol.com [172.26.249.81]) by omr-d05.mx.aol.com (Outbound Mail Relay) with ESMTP id 0EDB070000085 for <oauth@ietf.org>; Tue, 28 Jan 2014 11:08:30 -0500 (EST)
Received: from [10.181.176.102] (unknown [10.181.176.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaout-mab01.mx.aol.com (MUA/Third Party Client Interface) with ESMTPSA id A735138000098 for <oauth@ietf.org>; Tue, 28 Jan 2014 11:08:29 -0500 (EST)
Message-ID: <52E7D5FD.1080700@aol.com>
Date: Tue, 28 Jan 2014 11:08:29 -0500
From: George Fletcher <gffletch@aol.com>
Organization: AOL LLC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: "oauth@ietf.org" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="------------050403080602010001030107"
x-aol-global-disposition: G
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com; s=20121107; t=1390925310; bh=ccxCwEgdXr/A1yo4p8ndLO87q0+o5kGHjLHz37GU9wQ=; h=From:To:Subject:Message-ID:Date:MIME-Version:Content-Type; b=YVoblnnLE2ikDXuq15U96MeQ+sQPXQRZFn6IF6ZudpTjmx04ljIanzAVZroPq8KLu 4d+NWdM9aqiHB89P1xy7ZrFsbeYTBNusJYtiCx4x8f9ZacPoTiikbyKO7ZT0Sc5c07 LA5mgmrgFOSFZtoknVyG2C2UKmqrsqec596549sc=
x-aol-sid: 3039ac1af95152e7d5fd71ee
X-AOL-IP: 10.181.176.102
Subject: [OAUTH-WG] Resource Owner Password Credential error response question
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 16:08:34 -0000

This is a multi-part message in MIME format.
--------------050403080602010001030107
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

I have a situation where some "trusted" clients would like to use the 
ROPC flow. However, there are a number of external circumstances that 
can block the request even though the user's credentials are actually 
valid. Basically, from a back-end perspective we want to force the user 
through a web flow. I looked through the list of error responses and 
none seem to fit. 'invalid_grant' is the closest but that wouldn't give 
the client any indication that the user might be able to successfully 
complete the authorization flow if the client sends the user through a 
web flow instead of the ROPC flow.

Now I know one answer... which is... to just always use the web flow :)

Has any one else run into this? Do I register a new error response via 
Section 11.4? In looking at the template it doesn't appear possible to 
add error responses to an existing flow.

Does that mean I'd need to create an extension grant that is basically 
the same as the ROPC but because it's an extension now can have 
additional error responses?

Best practice guidance greatly appreciated! :)

Thanks,
George


-- 
George Fletcher <http://connect.me/gffletch>

--------------050403080602010001030107
Content-Type: multipart/related;
 boundary="------------030904000401080006030102"


--------------030904000401080006030102
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <font face="Helvetica, Arial, sans-serif">I have a situation where
      some "trusted" clients would like to use the ROPC flow. However,
      there are a number of external circumstances that can block the
      request even though the user's credentials are actually valid.
      Basically, from a back-end perspective we want to force the user
      through a web flow. I looked through the list of error responses
      and none seem to fit. 'invalid_grant' is the closest but that
      wouldn't give the client any indication that the user might be
      able to successfully complete the authorization flow if the client
      sends the user through a web flow instead of the ROPC flow. <br>
      <br>
      Now I know one answer... which is... to just always use the web
      flow :)<br>
      <br>
      Has any one else run into this? Do I register a new error response
      via Section 11.4? In looking at the template it doesn't appear
      possible to add error responses to an existing flow.<br>
      <br>
      Does that mean I'd need to create an extension grant that is
      basically the same as the ROPC but because it's an extension now
      can have additional error responses?<br>
      <br>
      Best practice guidance greatly appreciated! :)<br>
      <br>
      Thanks,<br>
      George<br>
      <br>
      <br>
    </font>
    <div class="moz-signature">-- <br>
      <a href="http://connect.me/gffletch" title="View full card on
        Connect.Me"><img src="cid:part1.07090100.04070702@aol.com"
          alt="George Fletcher" height="113" width="359"></a></div>
  </body>
</html>

--------------030904000401080006030102
Content-Type: image/png
Content-Transfer-Encoding: base64
Content-ID: <part1.07090100.04070702@aol.com>

iVBORw0KGgoAAAANSUhEUgAAAWcAAABxEAYAAABZ0L78AAAABmJLR0TIyMjIyMhnRJJpAAAA
CXBIWXMAAABIAAAASABGyWs+AACAAElEQVR42uzddYAUV77w/W9VtY67wuDu7hrcJWiQ4BAC
IZDgGjQQLCTBA8E9gaDB3TXI4DPDDDOMW09r1Xn/uJedfXZv7mY37M19nrc//wzdXfWrc6rq
NL86deq0dOXKlStXrgiBm5ubm5ubm5ubm9tv0r39R61atWrVqvVnF8fNzc3Nzc3Nzc3tf5er
V69evXoV5D+7IG5ubm5ubm5ubm7/N3Anzm5ubm5ubm5ubm6/gztxdnNzc3Nzc3Nzc/sd3Imz
m5ubm5ubm5ub2+/gTpzd3Nzc3Nzc3NzcfgfdHw1gtdrtNtt/vpABBzqSQQplt9QIxBgpTPID
7WdnSUcYEG0pbt0AoqylW1pFsNV+kxznBfq1Af5+x8CYF3Q9cga4OpmPmC+B8hkXjcdB+o4M
doK6RC6hfwXS4byfMr8EZydrevZQMJ4Pvh71A4ixtlhLMjg+en7o7iwQq+VGys/Afde36hDQ
XuWszFwG6iFptNIJtDz1kbkwWD/MWuCMhbzhOWWzDkJe8dzInGGQl2zrr2aDxduRYbsMlhfW
gjkbwT7IPtnaC/TPvTf42UAa7x3ilw6WxMzTWVmQ+20WqT3B1VlaK1cCUZ3OuuqgzfD8PqAg
2A7m5eUdA8XfVNR8H7ImZnhkfAMeZ0LuRmSBlqBs8ooBs5dnlPcuECaeGSuDfoVxi3wQ1Nmu
htovUGtwnQ8qNIFaUuUS4S9AK+Na7LoP0gbRjkgQ/lKwuAxSU8wEgcjDhQsA6f84kAr/MSXh
fSRkIIDP+Rx0c6WlyiB4dT3pUdpGOLTxbMcrG0AY9S9co6H35PdmNW4KzonyUikStL1iFp7g
+8LzG2MBkJdJ/vI+0F039TCfgJPTTyUfagSZBaw2tT08TUxecnkZeL0JnpXbG+yPEj2UX+FR
9OuyL9aBdF3X3rYFspulThPXIHtQ7lifz8H7tu5Lwz0IXu6fXOgGlNxdJKfsBrB2t4/XLYa0
8OTAvFCIahL6rRgG1s/UHMskKHzEIy+yJvj1LzQzcjrkNbM+S/sC/Pw9OgUegMtNo2f+vBus
36rdUpvCwIiWg6bPBccPcnflIyi/teRHoVvgycznK3IqwqExl08unwXZPlbLjR7g1UEe5esH
KQ+SK/t4w4L7k6JWzvizm7mbm5ubm5vbu/DuepxlBBqQJZnwA+qiiYsgLROvhQrSCHFb9gVs
+m3iEjgfpS1NagHGAJ8CXhdB89c+0qoD7+lKm78C/UVZ9ToHmp+IVr8GYRHTnYGg3JAiRF3g
gtcr/y5gmO2dEPghaJNcHzouASdFfa06CNm1294UnD7JfrH7QP0o78OMTqCOcDa3fQpiQVZy
zkRwDM86kn4TpEvKc3UWiETdDbkHKGsM9wzDwNDQlKVfCJ5Ozxvmw2A+Zl7tUR0MH+nG6+NA
8XSlOz4GvVMozhFgWmu6rC8FyvtSmBwE8mbXKVcAaJWdVWzFQemifmyvD/okJriCwNRb31Wb
CMY0D5vXBpBGOerZu4P3MM+j5kkgflYrOJtD0OqQbgFnwXO5z5EwE+i89Dr9HXgyIjo35ihY
pliq2jSQP1DGiV9BGyh9IYWAtIDdhIFIkgKxACD+JmX+DyoggOJSKAKk2tSTNoKzjYhzPYcC
s8K9/RpAf0uH7s0OQcODlVLKrYegH4MIMMLlITf192bCo+Ev2tyvDtkFMwZZ/ICb8mK5Cxg6
M1ZaAeYm3q8jRoMSppSx6yDkjd9XVgvYlGyh94TqfUvtaN8a/HKlxGKnIOto2oHAdPAd5lEj
sCIU6RDYvdhqcOY4iheXIPtCTh7P4EHRl8pdPRRZFF7Pqy0UdURYyleEW5MeHs4cBW/sGVsz
p4PugDTyVX3w2inXdH4Lr2slH3r2Pdyu8KD2j7NA+9bSxr8IhIV7NO68HXQtjH11g8HrjHm0
LgqSncnfZsbAr58+9z1+FbKaZ/V9fBJcbXLSc3Mh/V7i6MwikDfaFuM6+Wc3bzc3Nzc3N7d3
6Q/3OP+FEwkBUhFhk4JAXOapWApafememA1yFf0y5TyouywJ1irANXm9YQ7I8wwddPNBmaAM
U6+AuCf3EbVBGyT318qCFCZW6caA8NeEUw/SGOciy1CQyugneQwGdbb4zGUFrXxCo8c1QUuy
33FuB+lXeaFuHRjOeQ7znwLOQ5bzlhSQzroKK/Hg8nf2dY4H16f2RvaZoEYoLUR9MCzSt9J7
gGG7l9m7PshRthGO6YBiv2trC14LpdbSaZAuyFbJCOp810R7GdA/lq8QAI4d8hhtAJjHeJjN
0cC4nAKWn0Ctok3RpoNYZjPn9AZpsxakfA1O1WLK/hw8ixkGeq4EFOyuj0E7Zd2cPhswyNf0
UWAdmiu/qQn6pR6HgwPANzmgmP8syLqXYctYAi/Hxs3MCILKJ8q2DPUFV4xrsAbQX/6YBYAm
0qQlgIQsYvmPJPn/TKAlDIAmYrkG4rFUnh9BeiBWKBbQctXG2hywPqW2FgclbIVHFzRDYve0
w8nloFbPCnuKd4WwXgFpoclg09RDrnOQ+Uv2fcdX8HB0WpHnP0D6l7YfX5WBO9diIx90gtRv
LImp3qA+yFmQkwY+ofridzJAn+q32bkOmiwr0qliTXBV0ArLiXDuk3vnnppA3q77PqQKSGVJ
NiZA421VyjX9CarML+xd7TVk34s8lngJGs6uI3XvBQ++iH7z7DU8afLQsvMVvAi0b3BchswY
feCLoeA9H9U0A2qUKH+xcQ3w/zQy1T8W/NsE+nt3hvSlb4ZlfQapa7OMYgU8X/Pko6RqIBpp
R80TwVYvK7PgXHAlqj45iZBZhluvPgWg4Z/dyN3c3Nzc3NzejXeXOMv8RzLmRzYm4KDUjBeg
aylG0hNcwdoNpwGUleKcuAnK7WIVS+SC+pVY6LwDymlnr6wPQHymH2DyBfmFliq6gKgjt9X1
Bam/nMAc0OJzJ2cooF3O65jcCXT79VU8csEWp8aKkaD1TRme0BxcudaFtkxgirRCuQlyP+U9
TgAFDWO974HuoXRcXw6893l9ohQFRzvHPqk7OItoI9TO4FqsFscbDOvELmMauPpqg8Rt0OwE
S5PBq7hXNV0fsGdbV2Z/B/IN525XKniWVn6WX4B8z3zNGAlyYTVDKgXSGnstZ2Ow7nO2tBUD
tkp9lJZgn5Srt9wFfYpezTkM3PU4H1QBjN1dvXOGgvOEPY7nkOXK+SCtO3hWDRyQNhv0ZcO0
0kfAe77vZr+f4OHyJwkJraH0iqI7g0qBbrbOS3QAdZL4WDaCXE/yFL+AuCfyUAAFCe3/OIIC
JyDwpQgwXdQXcSA3kxUGQW5s7iRbLbg6+XaV210hsWzm2fj7kFs397XWCaq+qfRRqUlg6unR
KCgUYpYm9n7RG9ZbD/2waz/oqusO5e0A12T9N6l9odivgX0KJsODuS8e+CwBx35XEWsceN9M
qnm/MkQE+7cpMxMyT9hbpPlAkXEBXzf6Fl6NfFP78FT4YF1zV4ve4JNq32YYC+WiyngWXQ3R
JRPSnvjAq6SEA7EZYLljW2/pBS+tb4oeuwquDWKBchL8y1tTEy+D2GrdGD4bytQrW7DCSggK
DBrpcw48f9Fp1ieQtDHhRqoOkrZnrog7CXFyYsTzuRAUG3aFXyFr1Yuw9DXAIb1dOgJZZTJP
G7uAfM+ns+cEoCZj/uxG7ubm5ubm5vZuvNvEWQbxDJd4DVJ5IkkFYWOaHALyx/SSFoCo6tXT
vAukKxzVTwR5kGyVHCA/MbSNCAQpAL0uG8QcfNkFkkscF/tBG5cXn7IYeK4L8vYD+YrHlYAv
QfXP7vZqGEgWqYZaDxQ1oEL4DNB+SLTEZIHWzNVEnQTKfU9rSCxw26R63AKRnvedOh5EBXWm
vAQMVilOiwYpQsvRkkDKtRd2WcBVQB7m/BqURkpFOQN0R7Q8ZQpIMeKpmAdCUmboRwBnqSNa
gzlDdNbagJpIN7k0yL3NT0z3QV6gfKfzAlzWMFEXrO1c7dQZoKVIm5WZYEu0BNsWgOEMrqy1
oGzUfcZLMD83PDN3hfSCGWssRUH3PTHaRsi2Sl2MkeATGPwsSoLcYda2rqvwSh8vp8+DEm1K
DAiuDGqq/Rc1FMRzaRH+gA34r35gXQI0QEWTioC0j9liNYhjWk+xHswnTEuMJmgRXO9p7XVw
tPnFn++OhD1HLqzZeRCOcX/Z2e5Q62bxEWW2gq65pPpaoeBI3yJhJ6Hc3qJ1Kn8NKcXz5sZd
hddyWvAvtSG4of8rZ1FwXJIaW5eDf13zKPNHoHjn3M9KhejTb4a5+oDF01r27B0o93WBQuH3
IX5/+tUHaTDoTLuP+obAmpPb9D+FQGov27rHA6FubKnSnUfD089epj14CLmVxEHPYxA52Kuf
7irY3suu5vkKyngWP179F6iyopCp1Bow/2DUeebBm+VJtTJeQEyppP239sKhmzcn7jsEIY98
dc7y0Oh0saCW0yAi2f/zuhYw/mIqI9WErFf+PSyr4U2lvPPxtf8NLbYqVakKR+cdnXd0Huzy
3+W/yx+eNnna5GkTUFeqK9WVUOzLYl8W+xI6HOxwsMNB6JLaJbVLKig1lZpKzX9Dudz+W9Wr
V69evfo/v96kFpNaTGoBXed1ndd13t/HOXHixIkTJ8DPz8/Pz++Pl/P5rue7nu/Kf124cOHC
hQu/+/Pm310PNzc3t3+Xd5c4CwQyYJRCSAURL55InwLHmSc+B6mvclGuCUyQJvkEg3Zd7ZK7
FZRcqZ5SBxgl1TeNBPFSpEozgObSOdaAuCdt0S6AFGY47lkD+FjZYSoB2lXH7OwfgflasPgY
5EK+ItATZEu4pzkN5NV6l3wW2Gya4bkOpAvyVnNpcH2ZOduyBMQgu5e9MUgDjLFKIkiq/bgr
BJRf7FZ1C9jDHQWd3qA67TccnwCL1W2iIugmSaUVM0izdROkXiD1NeV59QGRKjpoL8HVSA11
ZYF5tXpCzgPXHX0RZREoi3SX1YcgH5OaSnrQKuR1s/cB9aljH3vB+Jku1zwB1GhnVftIyNmZ
MyKtGZhVr8F+jcB3ga/TcyfkTsvulPEFUDI1NGY02KcZqxq9wRDjWzByOzxbExeZth6Knim6
PzgMpB+kG6IacE1EyxWA8kgiDvBAhx9gw4EVEGiYQIqQ9GggDot7CKAg/eWHoFTTfSTmgHOv
s4DjVwgc5CupVaCJV6XGURvA8olh5fOToKujnYgeBVLTrJTKGVBtQPldtSrDD2G/tPjxOoR+
EjrAVANqjSz7cf0h0GZ2+bMF5sGTolkTXyfD3g+PXf6+OhjGKbeTS4C1qRroOwPuJD7xDHgI
fj0Nab6rIdrzhXT1AKzosX2LwQFBPQyd5Clg7Z8ZE7gH1NKKSDsNEa8D1hY7CbmDLBeijoJF
tjS82AJMHTxkqR7cKvykxZUN8LRerCG6JMgtzZkeZki49eZO4kYIT/N8HvgIKqQGHG52A3yL
BVWJ7wf+zgIdSi8FrZmudPJLyGuvrrX4gT5E7H+0HVLLpyYkXQKgxLtssAtPLzy98DTsem/X
e7vey39f79K79C7+klg/8njk8cgDHnV/1P1Rd7jZ7Gazm81gwfAFwxcMB25xi1vv+NvE7XcL
mRYyLWQaKCOUEcqI317OY4zHGI8x/3Pl6rGwx8IeC/Nf/yWhxQ+/P2tnubm5uf0v8u4SZ/iP
nky9EHgBGbzgDhCDRawGKhAmmUGEaunaGNAWu7zzRoE0QT5stoA0w3iIr0BaIpapC0GkEywC
QRjkKrqqIFW39s7OBZdMyzwjKHM8Rvn2A6mN3xXf3qC7KXeT+4PY4pqhbQdpb7GqYeVAKqMr
rSsC9FQ3uiyg1JBJqAf2Y845qe+DMzyrf040uFItR1yBYK1uvWnrC3krrN/mxYHLz5UuckBa
Ie3StQRluXxeXgTGBobKxgEgyhn6SAPBPt6Z4twA0jF1vqsuqBW1kkoISHW0TqIhyA7psasJ
uIY6RigSePqYbEY7uHbYt9n3gnbUVdj5K8i7dbP0i8AWa1uvHge7XoTklAbTKZ8M3WswltP/
qpsEirdTse8A+5CMCQnPweu674KAnWA9Y61pKgvZc3Mu2dLBJ8s7wXAX1L3qLPEKaIyDeiCK
iuna9yDlSVulGOCUtFzKBZFJuLgPaNylBHCBZq4RoJ0TscppkC+y1lgM0jq/yciygG9JeY7D
AOr7UqPMHEgPy1SpBKo+a+SDDDicc/3Mk4tgemWSU+uB4bE+PawwZJTMmW+eCGfbJB+0pkPS
srQv7+yBlBxn+1QzqB1zZwovMD3SaqbXAe2SbXDSbRB3g3uFVIKKqZEDay8Ax2nrXtdmyOoi
u5wdofDRiEF1h8OTwCf7EzZBWGjgcv/3IHlgzqL0sZBSwxKW2goM3fKOO6ZBjXZlezQ1gf1p
TmKgF7yJzmod3QOmNOppGugLurb6ieaP4ZUzpVV2RYg2xBw/fhZ+uXRl4vYr0Gxu9a7vDwef
b+wnQ57CifrXp9+qDTlLtFee64F9fPUumtaZM2fOnDkDuz7b9dmuz8BY11jXWBdmJMxImJEA
73333nfvfQfSBemCdAHOZp3NOpsF00KnhU4LzU+AzlvPW89boQENaPA/8x3j9l/Y1mhbo22N
wO+132u/1392adzc3Nzcfq93OY+z9J+3+i1SIcBDKi+6A2YeSHNBiqOMMgDUUMf0tLrAMIsp
+yOQBRm6E6D1o5UcDtJZMYyvAA/pkHIMKGrrnf0IiNdZzc9BWe3p7d8JpPq6ycY+IB3jPUUF
rYCW67wG6nP5jeMhyFu0c2wBNjrmOMaDqIa/83twhtjj8qJBqikeqlNAV1B3z9AMbNdze1ly
IKt+WnbmIrBrljEODcRDNVvcA914OUOpCB4+hl/NKeD5kWGIRwnQt5J6yQmgXRG3WQj0V7bo
fwFdiCHMVBRoJ30oLwTXHFem833Qf6y/IP8CxiZGk9IMvMabEz0fgP4XpYghAMRqdaHaCPQH
lDWyH2g7XHa7HuxeFo9UG8hO+bbLDNohqYl2DGybs3tlHIH0e/ElHu4DNdux3boPcmdbHjle
grRVypJagbZcXFQvg+5HJUHZAmaDYbRHTVDmyybj18A2ESR5gFRBLJB+Bs7QjjxgkAiVPwWW
SsOkAZBVLedgRjyYL5pr4gM5hfUi2QiZwxym9EsQk/76WMIycM2XJ+X1hYy5zhJJF6DQZr+h
BfeDa2peZV8JHn4Q++vNYDj64lbrzZ9C3PSUnc+LwHvlSmxs8hEYIiWzb2eQfjVM1xqDKdO3
pd4I3jUZW/0YuM5RLSsRcqY4pz49BzHfJLZKjoTG1Spbwq5BqYt+xYJl0B1V3r8zFSJDA64Z
ToJxnN0zcBS0K1U3s6UHjPUeXGTIMgh8HbLeazW8N7lW4aoHQXJ4rRVj4XC/KycObYWfTp9s
/u0meFw0zvRqDRSdF1oj8Bg83f0k5uxZSLIlfXOnCdS8W3JymdZQ+ETA1rjn765x7dixY8eO
Hfmvhw8fPnz4cGixt8XeFnvzb6XLI+QR8gho8rTJ0yZPYcKuCbsm7ILWIa1DWodA7tncs7ln
/z5+woGEAwkHYNy2cdvGbYMGjxo8avAIGng08GjgAZ83/bzp500hsX1i+8T2/0UB/7On+21P
eKdOnTp16gS1a9euXbs2dPyi4xcdv4Cd43eO3zk+f/m3MjMzMzMz82/hv/37qMGjBo8aQLeM
bhndMmDzw80PNz/8++1u2bJly5Yt+fujeUDzgOYBcLrE6RKnS/x93Lfbe2f1/1/in62Hek29
pl777aEkzZo1a9asGdw33DfcN/z9ft8/ff/0/dOhW9FuRbsVzT/ezV82f9n8JSw6tejUolNg
K2srayv72+W+Ld+Wb8t/H2fg1YFXB16Fl81fNn/Z/I/X9w+fb25ubv+/9+56nN+Okc0GQkCq
j53dwDB6is6gdpFayYtBhmcsBfVu8otnr0CLMWeFdAPZ0zRXKg9aAypTFhggbkkDQKqu7+QJ
SJ6Gg1JPkJ5oX2gxgF0LUHeDeE8+rSsEeGgXpX4gdaCa8ghIkqtKmcAIMUo3BPhEdWrDQdru
1T9gD+gH+2WG2kF8KPqr28B/fHDbkF1gnpHWKrMgaEesK62dQE6SJpMJlHQk2PaDrq1cXFkH
Nk9XlPCC3HH2Ds4mwC1nNZc/uLZqYx3R4HSoV9XqwDOxTT0JSgWm8j5IXyqbDE3AcIA22irA
Yg4mAlw9HRf1RYE+NDJlgqOK83vHAtAWiNGOCuC641hmDQHtB+dVly9Ip3QlDWXB2M2c6XMe
bE8zSiX3A8ur9BIJHpD1TXZCRF8oXKRA88CRoNxhkv4LiLub6Re/A/I657WJfw5+1zyu+i6A
oKneFYv/BK7uHHCFgFReJMjFACGNpB9I9bVgloOhpkln8IeolWGJxb3A8q04Lj6EpJvRv8QN
geDCfquthcHQxLNfigbZQekTbX5wecmTQSm7wTjUWCvrOXiWVNp6vgbzeW2K/isIam06V/UD
EB8r8yQ9BPzs0SvgK/DYr2QWPAbqLVe2cQVUXVK1bJknoERIWwpfhPMDL5a5OAk6e1VPatEd
yrWsfqz0T/DS8upS9jBIzYurKHzB71zoL5ETwSfU49gTBxiGm4Z6qvDD4z3OQ2fg/pbYOleP
QGZy1kK/HbCh3aHMXYXA38+/s3dvKJEV1cZ3JGjDc2tpDjA38zgY9gJ0h/Q37OnwS9S1Vieq
gDnJT/ZdBuZaug3+jf54sxJDxBAxBO7+cPeHuz8AFalIxfzE8B9pH9E+on0EtD/c/nD7w3//
ed7SvKV5S2HYyWEnh52EpKSkpKQkqDe63uh6o8FR3lHeUR5OZ5/OPp2dPwRkR+6O3B254OXl
5eXlBbv37N6zew8s7L6w+8LuoF+mX6ZfBlW1qlpVLT8xWjRg0YBFA0DeI++R90A3utHtvyn/
+F3jd43fBYnNE5snNgc2sYlN+Z//nPhz4s+JsGzZsmXLluVfQBSNLRpbNBZmHJhxYMYBYClL
Wfrvq/8/68MPP/zwww9/e+xw6dKlS5cuDXO7zO0yt8s/jvev1mNr8a3FtxaHQl0KdSnUBWL3
xe6L3Zcft0CBAgUKFABDI0Mjw1+dzz/+9ONPP/6UXz7DDMMMwwyoplZTq6nwotaLWi9qwc6o
nVE7oyDneM7xnOPwBV/wxX9R/qlTp06dOhUiiCCC/AvAeyPvjbw3Er5wfOH4wgEb2MCGd3Dc
/tXzzc3Nze3d9ThrgARSAVzkgviOQrQFUZNF0g6QPyDEdQXkDfJ+821wLMorkjcJxE3V5AwA
uaf0TKoGYjuJHAEipWpiKkgn5JfKUxDPRBXxE2jvaeu1n4FFpEq5IFm4QTpQT66rKwJSMelr
QwRoCdogSQOpgiiphYISIEUax4Ayy3+dZxugrIe/+iHIVX3qGexg1kJOmyLBvNC8wbUSvEcH
9lVSwPjE6yutBNgaOUdbhkLGxIyKKcfA8iJr4ptuoL4SRZyFQFvFdnUEOJfbhzq/BNcX6h3R
HxyDhEkqD2KmXFzuBsptebXuazB/ZdxpaAd+X3i19xwHvud80nzGg6mlsYbZGwwjfIoE/Aja
Om2V9AbkPaI0saBbKz/AA8RKVw+HDtQq9u9zcoHPlU9MDSDz10T900GQti+tfnpNeJn8am3S
Mjg+5dcP1reELWeO9V++FZZ/v+PY99fgh5Mnp+ysBHEDk8ckJYP+oNiq+w7UXNFfmglaGy2Z
4mBqoLumqwDng+9mXe8Lt6vF93rSFpjmylB+As8QZbTfajB7exYzfgaGIvpwxQppUzM2p54E
ZY8yzXAUPCfrGxfoCnlTLdM8h0N4pkkquA38d/hM0ceC8Stz59yz0HZ5zfHV+4Eawq2821Du
aPG+fh3gVMMLITePw9Hj1z66cAbqzai4qed1OD/wbpE3n8G62RsPHxkHMf6xE6PHgzHY2MjL
G9Ry8rf27VBtWalRradAanrM4lwVLufebnuhGTRMq5pb7AgEjA50lVgK5v7GvY45YKlk7ZUx
CJ5Pfzk6YQpEW1O7PQ6Gizcf3dp7Bq6MjHHtWwD2SFFaPQfOAdYiGTcgZnGSXvnljzcry1LL
UstScFZ0VnRWzH8/KCgoKCjo75dfYlliWWLJf5jsb/9+880333zzTf7yR1KOpBxJyU883n//
/ffffx+W91veb3k/WHlt5bWV1/Lff7vcoS8OfXHorzKgzY82P9r8KP/12yEk31X6rtJ3lWB6
6PTQ6aH5n29rvK3xtsb/uP71P6n/Sf1P4EDbA20PtIWux7oe63os//NNDzc93PRXPYJvE7Dt
3tu9t3vDUDFUDBW/Hf9d1f+fFR8fHx8fn5+o/u3ft9v5vf7VehxdcHTB0QWwd/LeyXsn/33c
jRs3bty4EUouLrm45OK/2u/1N9XfVD//9az2s9rPag/fDvx24LcD8+8A6O/p7+nvwbG5x+Ye
mws2m832lx/M+itvH4Lc/WL3i90v4OtyX5f7ulz+5w/rP6z/8K+29+86bv/ofHNzc3N7t2Oc
ZcCFIl4AQWRgAxT2kwHipXZcXQ5impju6AiGOT4zQgaBMlNpK1cAsUT0FZ+BlCyly1WBQeK+
sIF4IR6L7sAN3pPPgRyk2AgE5rNRDAZs4rlWGYhEKINBKiYaiJbAI/lDdSxoXagg7wJpJT3F
SKBhZskEDfK0Fz0fPAJHXsbmrAZgafCqXerHoLXWhXt6g/alKcPzIuR9kNNWXQHiojbGUAhk
g66HMR6cw9XqjldApnTT5gXOs4Qo9UA666f36gepl3KkvFzICc/OTBsMtrk5K7NPgPcXpoEe
Y0GqKi+RS4HJX1muex/k7rqzShPQy+ovrmlg66l36IuAayffiFtg3Oya42gF1FbKEQmioCtO
7gz2e47HeePB9Kl+kTEKlFgt3bgXckdlnszZDjtXHXp56RTcv55+Y11t8DhjqFnsV1B6qgui
WsPt3g8qXP0c8sbacu3fwoSDPQbPKgaGdvIYpSsoLXQ9tY3wsHRC8tM5oBtnLJWeALJL887c
DffnxWy+fRtSrtg8UxZDaCudt3802CbmTs47CcbvvO4Z14Bfjsc+5yzwqKMe0m8H+0XdYdvn
YDoTYpcGgGGOaaIaD0melmMJVSE73pXyOg5qehVXW+8Hz826nz0uQp2OFbo9OAY3uvx62Hob
qk2sWcjQEBz9mFwqCPy8TQeSfaHEovIla2XAgZcnX2x+D3SfE5kaD1kfGZ41NYKzp/VX8QYK
Xw5tULQ6xHonnMrrDecTn5S+5QG+QeZzxmlgv2EtkjIdtMPqLMM08O3pddTSCFzlM2a4PoG0
FU6jaTo4r+imaicgs7P9UkZ5yC2UV8HYCoDMP9KkzA/ND80PQVorrZXW5vdAZ3TL6JbRDYJ/
DP4x+Mf85VOjUqNSoyC2SGyR2CJ/Hy+1XWq71Hb5rx/88OCHBz8A4YQTDnv27NmzZ0/+39/y
dj1rojXRmgivH71+9PqvEufGYxuPbTwWaEUrWkGjrY22Ntqa//mrkFchr0J+O5F6a+T3I78f
+f3f9+y+Xe9vb+E3m9BsQrMJwGY2szm/x30Zy1j239TjX60/C1nIQv5p73oWif+perwdcvH2
+L1Vx1DHUOevhnIEtghsEdgCLjsuOy47/nHcur/W/bXur0A72tEOincv3r14dyCAAALyh5S8
q/q2nNxycsv/4kLht843Nzc3t7fe5XR0AhnESymMBJBmiu+kHiAKSe3FdtAiaCrHgzRbK5GX
CPLIgAeR/qD2FC3Vg6Abzk6WgDhLFk7gMCniCUh7mCClgvhQMgodiAgayoFAcTFQmwfSGqrz
GIhmmTgEVJFXsAREadvCnN3ALX2cZxGQVWWI3Bdyij4PfFoWknWne132Betmh0msANtqw0/m
seD6Rd5kbQwGVfG2FATTEc9P/X1BrqsfLc0HyU/SaTGgOKVmuqvgWqd+b/gWTEV8vjN/AxkF
rQmZvUBXJndo1gAIW2K8Zb4A1oquj0UBkH5QiuiughYjgomHvEEWz9xqYOue1TBrKuSMyvky
9TlYl3hs9W4H9vdd3V0xIAY7dbk9weOCMcI3BkSUqKAOBN08vJgJxtH2p3mA0lpe7vQHXVFb
v9y5EFjEp0hwbdCNfv2kfDMgTeuW8hWEfRBsdI0H5y3jZ68+gZfbH9ezFYRvNm9e+ENzGHSq
y74u5SCpVeKj7DVwMywx9E4EnFz/0mv+U/DZIVYEFIGMh6lN7UNBaaQ8kBdCfLA0UGkNplRd
LXMnKH2u1Ffma5DZOOVn509gvBw8PScaytQVhVRveP1+Yt3Xi8CYKP2sDwTvYV7mAi/BoVpv
KPeh2fIGmY33gt8Mr0D/IvD6Tvrm4JdQalGBdrq98Fr/6qJlJLx3oU5K4W3wOOJxP/kSVBpb
c17pLyBvrf2rDxrAje7RE15NA/8qQdd85sEzLXrOjQhotbPZun5fw5GG1wfeD4VGlYuV1tvg
yez4Uo/6g8c08zjvQ6Ac0qU9kSG4g367pTEkd9OV8r4J2jAx2TMUpDXqrdz9ILuU5eyAwHam
naIucP6PNau3t/LLXCxzscxFeMhDHgIHZx2cdXAWDGAAA/5q+Xlp89LmpcE85jEPOHjw4MGD
B2HmzJkzZ878+/i2S7ZLtktAV7rSFQImBUwKmATej70fez/+7XKZVptWm1b//npIt6Rb0n81
i8fbsc6XuMSlv//4txIYbaW2Ulv5X7w/RBuiDfmr/TdcGa4MB3zwwefPq/+/2/9UPUQ1UU1U
Ax7xiL+6UNLpdDrdH/jf5O3QjL94O+tLM5rR7H+uvu6E2c3N7R95l9PRSQjAX6QRAPyETDRw
T0RK7UAK4CutBMgtzZUCvwexXy6SewpYKiryM6DXZhAOPGESR0CMxk9IQEvC5GUgfa/N146C
OCuM2lCgozJW7gsiUbSVEkBawlltCIiPlYLGlyAm5CVk3gStf27v2AYg/eA9zDsG8p7dfHQ7
GMQe78o+/cCRrO7WH4K8c2mtsvJAskt9c5uB42uhWPZApi6zZso+0K2Sv5cmgu6xctvgCZK/
vEg3GzzmeMf4bQNlVl5LPxlMq3IjswdC4HpzSeNwcIXoWui3ghIkd1KOAn2dk5w9wTBcjpLm
QOBRw13fUuCK8Dxn7A155xzf+/8CaWtsZfW3Iflb5zxrJNhKpPbPOQ7aty67vQGYkqRrpitg
WCddFLvB455cXqkAxvecLnskqMsf9rkxGLztpaeXPAs+28OnOj+E5EVZ8+ye4Dib1Sc3AnKa
JeqLXYOyPQrWbz4YQtd7ly+wBQ6uPrn2ZGdIuSF9ZV0PLxMSp1+eDwF3fIYYV0DhLwMaelsg
xqW9lqLAYXFp7IISBF+oegYur4pectkH4l+mP8xbCGGL9fX9voKQkRFrzZ+CcbHcsP63wOfK
uqS6ED8+q+bTplDIz+Nk5GSoMCvMWPsSxG9+XTvhOtydlPl1XHV4+Uli3ZQNUGhKkfCgrlDy
h4Jng26Cfwl/2W8r+FcL2JD3MYhWcjddMhTuWmZT4f6Q+rHlUzkJOr5q07riPDg64WAh5SkY
k0yzrCOgvn/1QSXWgcc1ZbvzRyhbsfSV4G5gl+yXDIFwSlxtGTMP7KvkNubeoP/K2Ed6Croy
jnE5gyE0xqdxgASvomyVEm5C4RU+F3z/Y2hCy3fRvHqc7HGyx0mYwQxmAGuqr6m+pjr47/Lf
5b8L2k1vN73d9PwE5LLzsvOyE5YdWHZg2YHfjlu4S+EuhbsAEhISdC7YuWDngjCi64iuI7rm
L/dk3JNxT8ZBTExMTEwMFJpfaH6h+WDube5t7g3hieGJ4Yn5D2GdWXJmyZklf+lw5sziM4vP
LAba0IY2ENkhskNkBzBNN003TQdbpi3Tlvn794fHZo/NHpshOD44PjgeUqJSolKi4FSPUz1O
9YD2ie0T2yfCkaNHjh45CnSnO93fff3/t/h31ePtHQ52s5vdYH5gfmB+AGERYRFhEflDIN7O
+tKqVatWrVrl3/no2Kljp46d8uOd6nmq56me/3vr6+bm5vaPvNuhGgASKhLglELQA/uERGGQ
bazXtQExVBrp0QCU7YalymoQT4SXOhvUvuSoD0B6Kq3SdoJcW+xRPgW2i3QpC0RpZadWB+RP
RE3XHNAWqb1lG8jN5M8kPWgXxQTdBlCma+uc58HZUDRX/SDX90atq5+BqCvmO0+DMiViTLAX
ZBeKvZNWHlKuJ+dmXAW1n+uF/RfInZB6MmUKvPgk5UD2G8g+pFtt6ATKIWNjz0IQ9FL+yBgL
BYLMxTx6gK68WcqeBfJZXcKr9uCb5TdBDgLbeDHMtQ6kRvoJ3nXAUMm42msf2J9ovegGaiu5
kXErGDoZzxingnxZb9CbQArVmRzfgCHe57GhPJgaS58FToDEbPVrSzfQqtmljEXgec1QXaSB
uZaoItUA8xt5qdoPlI/l+fpdINW6Xyz6EgQc9ivrHAo+H0Q9jr8EsfGJD19/CjnzjfXTv4AK
Rcoc7lQHfKda/Ys/hF+9E4Y++gaSszI73hgPBt9gNWk/yGelzxz7wb+O9wlvP3A8tm6RXoLv
YMMu3zTISXUsEA4IyjKfMRSD8BGe+yJVSHoaayi4FgzVglZZt0DWgoTzz36CqCHBgUHR0KtX
s5e9WsGxZzcWby8GMZOyVz69CEmX7WUyl8KDAdmxVzdBTk72N8b9EFDF57u8GnD241OT4/tC
1qYqe1xp0Mm3efdwPQRtDHzoPRPODry86VEMtHzcVKrgAy/nvOj0pgukLkq/kj0FdOUMYdou
8OvhX9YnDTxOBS5VPCH9eVKG1R9u2m9MvNcEXq7PavdMgP8o/angj8FyxLn1uQJeR3TJtkng
aCzmKjLk7nV0zawC3gW0jsHvQ84VZZCIACq/m2bV9qe2P7X9Ca7+fPXnqz/D4Y6HOx7uCHPm
zJkzZw4s8FjgscADZA/ZQ/YAxwrHCseK/IfM/tIT+zc9hR0OdTjU4RBsObnl5JaT8L3+e/33
enjq+dTzqWd+T+Lbaey4yU1uwoZaG2ptqAX0pje9oV/ZfmX7lYUvi31Z7MtiMCtyVuSsSDhw
98DdA3fzHw58q5+tn62f7Z/bB/+H/+yR7Lqu67qu62DVqlWrVq2COZ3ndJ7TGbaV3FZyW0l4
GfAy4OV/8xDlu6r/n+1d1ePtNIf2S/ZL9kswe87sObPnwNj4sfFj46HArQK3CtyCvuP7ju87
HhYlLUpalJR/R+NA+IHwA+HwouyLsi/K5sd5O8b+bfw/vb6veY17GkA3N7d/wbtNnP9jOjon
JsCEp4gBYJ+WCOyUhlMbKC/qahoITylaSgFRVlqnywWaS+GiF0j7xRIuAfvkWHkKqD9lD3k6
GewdXh644wny+AD/Ih+CPsv0zKCC665VZ/sAdN+HlS/dETRZfzXwNOg6Ul+pAo6IN0vzGkP6
k7RhcacBV8Hnod9B/IH4pOTuYF9vv64dAjFWnHAFge076wpM4FPFs4bfdCjcvkiNYqkQGOt3
NTIVPDsav/IxgRSry6YFOG9oZ/POgdXbeipTALctoTmRkLM9/WQSYNT79DJGgzHedExuC7rH
uuJyC5DuyBN1m0A6TlGpJUgtxRmpGuj6qlvVk0CUdjVvDHjGeA6Up4BngE+Kjye4zuee4iYY
xoswx3ugX6xG246D+Zn9sPoI9FM9OgScABRlUcYR0K497592C1ILOgvITUGfZGjr2QOU5ZaW
rq0Q38+07mIFIDjgat5a8NhtqVpiO3g19f3UKwKKNzadaHgGmvpUv119PryqkNfk8VbYWuFU
yY1bwM/DyxF8EWyVU3ZK6+FeU7vT6yvwLKDdqjkK6rSql/o4BZILJJ3M6gW5A3PGunLgxZ4c
/aWToDZ3nDRGQP1tZV426Q/hXyfYCzQAH6NPfNAHkGZKtiYMAq9LZSdEekB209zhsSXB1N90
y/IUXIvtsWl7Ycd3+2uc+BAKGAoWDPeGEu0i/AovBtdi+0/qKCivlp0fMQZelIk59uY8eC7z
/tJQAoyFzC29w0G/wdVedIcsIcU5GoDhiV/xsqOhjVxqXIPNkNM1s358ZYiblqJav4UYOXtN
rjfIngzSTwWTPbe0/QeQfL0G5GSD2YNsU9g7bFv/mSjOGjJryKwhUCW2SmyVWNgzac+kPZPg
RfMXzV80B6PJaDKaoOXelntb7oUxA8cMHDMQxkaPjR4b/fdhw8LCwsLCYPWq1atWr4Ll5ZaX
W14Ornx35bsr34F0U7op3YSqlatWrloZRkgjpBESlM4rnVc6Lz9OtyLdinQrAupn6mfqZ7At
blvctji4eejmoZuH8rfT53mf532eQ9ejXY92PUr+mJJ/0YCKAyoOqAi5fXL75PbJnx4t6WbS
zaSbMMVziucUT5jVYVaHWR3+ffX/s72regxlKEOBdZvXbV63Ga5cuXLlyhXIu5d3L+8esJjF
LIYeJ3qc6HEC5JfyS/klbN+xfcf2HXBz9c3VN1eDX1W/qn5Vod+MfjP6zYARw0cMHzEcaEEL
Wvz59f3b6Qjd3Nzcfi/pP74YhahVq1atWrX++QBWq91us/GXWTXwAFzAXSxIIJbhIZ0D+SKb
pPeBLsxyhYP2jbrFng5SrNxMbglSYdnT2AO4rfkrDUBbrzsomoG6IuX+3dOQN+Ls0MOvQCTo
wn17gaFMeFxIJoji2Y9SF4A80Hedd0MwTqvauosXKA2kj3QdICv23LSrLSClT9zQ2K/hmV+8
7mkyZM3PiNMKguNHdb2WBIpNDbQ9AcMm2WBoCGFNArYEzIXwkVELI2cCO5XPdHmg/SSPkkaB
qyW5jnCgij3Q+TnIXfRN9D3B72jU1ULFIOHos7Mx34B0VZ4qDwFxR54qWoGtov22bRmIKJdF
XQ5SR9FNrg0YNZM2A9TN9p+tP4I2X/2K52B/Ks/AAm9i8j7PGgjWO1mL0maDb6jhmVQKzBPs
XdkOpjFaWUMx0Nt8H/kKECT2ygkBk1X9Wh0CJ0aXbfIqA6K/kXc/rAw+A+wVvD6HzP3iVKYG
GR+pe9WzUGSKV2Kt81DKM1SpeBLksfrJeb+AtaY9Xb8ZAtqbPhQ94caPL8JurISoBO9xNRZB
WvqbUa9ugf6Jp7NAEUjekeV9rxAUKRza1NUPDDPllwGzgXvilCsW0jZnvE4fDaOr9R/9TSHQ
r5WbeCZCrNfrtY9Wwslad3vuWQT6c44txnRQyzvWmXrCi7g3tdIFhBcL9NaugpRh+sLLDL4f
6NYXuwTat7Y2Sm+o2aJyodqDIcjL/2PPnhB+pcADv+Zw3Hr22uPvIbNfatm4W9DAv/6ZCl+C
3c9RWD4Oip9unfQ1lNlffG7BzrAv7+juy61gV8SpwrtPQuj6ID/7cEifl1kj7yGE19JfsZwE
aYx2QUggIiJ90rKg4JXI3t6lYKLSe/2Jb//sZv7/nrc96qurra62ulr++28fDixzvsz5Mufh
1rBbw24Ng6E3h94cejN/KMvFCxcvXLwA+g36DfoNf3Zt3Nzc3Nz+t7t69erVq1ffZY+zgkAA
mZIHMkj1xU0kkGZzk42gdcIhvEG+zza5E4gRWrirKyjlpHEeWaBtF82UisBglqhPQeqm+Yqp
INV0nOYWsNJrUKEfQOzPTs5cBdYtMR8njgJtmqN97iqQ+qd0ykwDXVpB8+tLIH1e8FWZ8+BZ
sNr+0kvBdiQtOOkTCPrAZ35kPXCOMGiWfaC1tglnCvit9Kxe8EcwP1CS1CAwGUUZ4YK85daX
2RNB56kfa4wB/VbVpq4E70yllygNpo+C4oNfgOlAwctFvgWlhP8kj/ogKmRutVyC7A+sx/J+
BWsl+2abA3TfSbt1Z0EtIH0isoDWkl0aD/JCubViAdFOG6mbAOKQNFj9EgxLlCylFQTMNo33
yYDcDfbx2X1BF+5cn2MCda2tv0MBrYZ5qc+nIHBE5ywExeQ93bABkHNfic9BG5NV3rMe+E/w
q+MZD1Uyy30cFQ0x0559VaIZJA1JKxXoC4qH2lDaAEm7bF2yeoEpxssmhQL75alF18HzzITe
1ptQqIV8t25v0Orn7NCdB/GNKypoL6gXbKeykyAs179F5U5gDcjJzOoIjrpSIHmgHqRP7nbI
+875ic0Cp5JuTDk3CcxPzUdDF8D1957s+qk2VPy80MoIBxjDrQP9ouBmz3tJWV2h0eFKoslz
SGmSU/lZQcg8bF11twh43fI+HzQGSlYrE1inOZTILbks7Cd4ee35g4QuYBqWedf4FeTeTzgb
ewdK3Sy/NjIDnPNtU2QzFPgu8k6QHe5Wv6M8qwj6g65ewhNMj5XCqQfB6wvP/QkvQX/UXFGZ
CAWvO046bGDb5bkTBxgH6hKcA8A5QrlingMJcxyXHc+BGX92U/9/k2GDYYNhA1wbfG3wtcH5
P1yxecTmEZtHQGhEaEToX43BffsQYrPxzcY3Gw/6NH2aPu3ProWbm5ub2/9t/niPc57dbnMC
GhouQMOAAlIEaTiB6sRyA8Q4fKkMkhOrbAftmjba3h5EnDRdfwaU+VICRUAqxgptAoiSIkgy
gBjp2JDzLVjb3Hh86jFYbz7p+OgNuOpYS+SNAUMl337BMhimlhxW/jtwzbJ/lbUUfKbUeNii
Fsil5J6GPLA/iev14g3kjr0z/VZzuHIk3Zi3E95oqYXSi0LBZK9v/FuAbr+juz0HTKOkN0on
MF4wldBXAWM0Ca4hEBxV4EXUAAiIqbGm+kWQ5XA16CFILn0frTbYnt9c9WAH5J6LuZj4BaQV
zh2SewCsyfbHjvKgLWK6lguON45bjrsgakjrRDRQQfTWagBfupK0JaCFOZ9pniCG6IKUG8AE
Y2ljKlgvWE9nz4PMnUm+CVMgJ+dOvXsyBD4KGhNyGDxbBB4JWwhaju++kENgPaU1NC6HRz97
uuztwbLQ8NDVDgxLxX21B2gvrKtkM2Qfsn+r+oGlTeZP2gBwFXBNz90KaoY12rkbbBOdq23v
gS5P71K+Ae1XZ0N7L3BdUh/JYWCooY81DgcqK52EPxiPmMZ4HwbPh4beck/QfWBaKOaBo4x4
ZPIG1abrrIWAEqZbJKdC4FbfM85z4OX0O+y5GCqtKzXrvXGgvHalaAXgcfTT/k+vQ2BaQKi5
CSS0Trjz+AU0KNAopNYv4Hpl/TR4HwTvCa1vfgTesZ7dfMpAXrp9MMXh9fUYJes6aCetrrjz
UD6z2pxKmfD4XvTSVx0hxvd1jVgjpHya7PO8CMTvTzsQ/wkoFp+cdA08TaZ52QdBHpPR19UP
7Fs8AlwDIKCG/zj/2ZC20NU3ZzJYJ8h95JqQG5a5MDMJ1p+csOVS+p/dzP/flT4/fX76fFh6
fun5pefhUvlL5S+Vh+xe2b2ye+XPd928WfNmzZvBiJojao6oCebN5s3mzX926d3c3Nzc/m/x
tsf5jyfODnue7QVIJaVwqQyIh+KNiAcSSZFqACrppIPUhSBRFKjG18pxEJvEcFdFYLI8XXoM
0iARKSaCaxmLdQdBfk//Qn8H1GnRb04cgJe7tk3aGgXpv+R+bNoK5oeen/mMBv/eXlEGK5hF
wC/SWvB4VP1sQw8we5XrUqsoyJHEK7dA/cZmyr4PrpU3k29/D8+0p+Nv94W8qVqm+AW8f5AW
hNwB9QLLDangPdV7r28x8IgyFvToD+Zqni89YsHsrJpYYhzwQ7DDtyCIPbbytqug+84yP2sO
5AU9OhGng9R9MZWToiHHy/qxtQo4e0jtNAWEhRFiITieOFY41oNjiMto/QrkaQSLEsAF7TI/
ApFalFIJtP1SX0UD0gyvlC2gVhODSAbbZdv7lhGQNeTNk7wdkHk3s5vtOSg7Qr8OmAxiukl4
/gCZTsdea29If+3KzugBabnJIqM0WHSZk7PWgi3GUjfrCdhPODa6MkC/lbvyRdDLupaGzSBf
1A/Qa2AKMeoMMSBtke1KXVAc+uL66SA3lfvLVUGeJI8TZ0FMF6XlSNDeUzOpAM7PtK+0QqDV
pYXqDeK+tlM4QB4nT9J3A2WysYQpBowlTI+lumD4xMcYvAH0zXw9/KPB70XArYAo0BUxlzYu
BeeLlPiX7SGzjvWjJ6FQzCNSp78D6k7HfY/a0HhWo4IDGoF5nK6bsx04H8g6MQnk1o4i3scg
r+KbSo+bQt4r6VO5ObBPuyHtBtUkuhi7wKMyLzpctoHYavV8thuye+eOld8HfT/TZtdwsBY2
34ldAIxxfCEtA6vZWUf5HEy/+LXURcOrR+n1MopCWqPknlyFA45lrS/U/rObu5ubm5ubm9sf
8e6GauRJAdI0ENXECnEEJE+pOAagl7jHp0AaY+kKoryUIxSQ6gmLqAuEKaulQcBxbZC0FkSi
KKx9C/L3ygvpAOhmZq+JbQSPDm3X7bgB1z9+sUP0gCJPKtSrYoIySQ2GVL0EzoDYjU8uge6i
50b5Gui7hmdEbgY5XD/fayZoTtct+1JQPjZU95wHeSPsFv00KHIzrFlUK7Ae1kbnpkHintdW
Rw2Qg82HzBvAsEWfpvQCQzHfdua5wCBDFzkRXLVyfsq6DPovfXYanwLmjNOZOZC7+3Hcy7KQ
NytxRa4Gzl7qOZEIwlPyYRpox9RR4hpol2imhYN0TK4itwG5hStA+wzUUBHqKA1SmHREPgpy
D3mCnAJyd5GiVgH02hdMAUcB3Szfo5A32vMXrweQNzRqo7M0pNX0LZs3BnLr5CxK3woZ38eP
iz4IGTsTXyYZIPdZbitbCMix8l1tB3gleo3xDofAW363/WeDKcf7vNchMO71CDUtA91KU0H9
DtAp8kb5O9DWiVhug7gmrGIfSAVpI6aArrQ0UzoI0iXlpHQPMEqz9DNAiZAXEwnyHbFcagZa
mNZbuQ9aa/GZqzWoY+1FNDvk7rVnWe+BrblVVqtA3s03QUmtQQxLu5zcGnIKv6nu5wTTx151
/ELA+yNjFUcq+K/0mOXfAu52enbGLqCuGmWRwuHZD/eWXooDi0Pu7fE1FPg6dItnFNTZWut0
42Jw0+/JxOh1YD1ltGoboViREnlB34FxozzRywK6NDWpXF/wK+e7oXpt8Dgf0DVwLpwuc/XG
1rWgpmTNTuwKgbc8ZksjwaOQHFP1K7i36c3Rq0UhsFnIZ6bWoG4R5exvZ6+I/bObu5ubm5ub
m9u78McT50FiPZuB+tJ9yQJE05wWwCN6iI+AHzgnrwNRkKXKQJDqaXEuHVBGdFUqAAukbH4C
LYsmlAb9D/qCunjI/fK+x/VYSGt+PyelChR6UiW3XhKUG9eyQ6X54LsltKBvI3DW9H9ZfCWI
HdrzvGHgapvTO7sRGK+EbZO8QHpPVJWzQWvumG8/B6Ky058UyDnueBy0H2zbsq85q4OzV1an
+G9B228b6VoAltLql9JHYAhWGsl7wPhhWUeUF0i+7HBdBlefmIuvrOA4m3wqYz5oO7PNrvfB
VUe+IV8D13jnEa0iiAzXMb4G6XNMYjjoGsv75W7g/EpL1doDqyRV7gLM0O6zAkQtUVJrCqK3
us31OfBQP85zBmQ3kuZ7fATJOc7ymgXShLV59seQtuT17vjykHz4Vfe4A5Au3sxM7ADaJfUH
VyfwvOq/JWAxRHkWL1bYBR5mP8XrNui/M5xRjoLrlOtzzQqOXravrDrIS8v6PqsjiLEZo8Q1
kHeJqZIRtB10FHuAMXKs5AO6Asoi3S4wpCg+SlFQSis5igY6s+IrbwKtlLxfXgxyOyWZO6DL
1W2TjGCooVuk2whsMZfR+4BnptdQr1zQSigZcnVwZrq+FjXAnmlt4KoKeZdzP8gtDbZqqQez
W0HqImWe4SSY13htNadByTHlGtcNB+NLvwDvI1DheIlD4XUhODbsZEgPMO0y3TIMAmM3wzAx
AyoHNlvZwBtMs83NdYeBQFZSD5T+hMs7wdDRwxjQGGxvRCv1A/CtZv7eOB3KZ5Xu0mcsPPN7
mf0iDPLaOvSvToBXWKDOux4Ufs879ulCyC7umZd1E8IiCjTwKg+402Y3Nzc3N7f/Z7yDHmc+
V1OBD8QReQswi+JSImCXVtEDtL1ijKoD3Ure6JqA4400lVYgdRDnRBDIXZU+8ljQtXJNltcA
d/8jrKt2SkZqbSjas17HWp9B1IjhJT8KBem5V0WDHfLKvGz4sByoYbbemXtAfiHHuAqCaUfh
nRUmgtbVtdbmB2zW35amg9by1a7MKeBqZN+vuiDzx5xZOR0h69Cb6an7wLXDGmDrBsF9fKv4
T4OgnQEtvMJA+UEpQASox18vSUsDMbVITMhKUHYYbTof4DyFdSdBFJEKuKJAacIkyQjKUW0e
vUEySi+lySAdE52JAFFVi3U1BOWiNEsYQFkjTZF/BK2cdEX5CMRWwy6Pu2AfoP/CS4HUz9WR
Sm14syJvu8UHkuonxL08B6mrnrx5dBxSb6U8TD4FSlvjJGMe+H8TUSz8S/BcFdw2qDXIifpo
zODsbLlpC4Ts5ynP0iLB0d0xRKsASgO5sj4LTJ+ZbYY34BHgudNrGHhM96zpuRGMn3sopqZg
6GlcYcwE3S79Qv0Z0MlKVX0iSJ8oh/AGUVOoIg+kEcKgdQPtijpC+xW0r7UTLgW0xa7rjv4g
VjiquIaCVshlUB8CeufPjv6gS3V9IFnBgPyZ7gV43/UyG2aBa7f3r8YkcLZy2rR4yP3EEuZs
BpZdeTvyxsGzny99cLoy2PMijoZfg5Ku0OH1G0O4ruCUwJmgbRQBTidoN1wfmp3g1cuzNich
t3+urzUE5Avyx/IVyFyX3tvyKZgGmoaZHBC5ImCudy6oF1yDtUVQ+f0KX5VaA7pfTasLlYGr
/e6FPz8GtixlsWMylA0pub3EVrh1KDrrwHrIPer4+vHXwP+iX5dzc3Nzc3Nz+2P+cOKs66b/
0PQhqCWcRZwtgOHSbBoAC1knzQM5hU/kHeBo4WrlMIIjJmXBmw/BEGZMNjlB3hgQEPAruLY4
vB1VQH6uU6XaYFhdulbJCRDcM8qu5oD6mZfdqw8wKfte4htQrHI351egPrauzO4GSljJ5bVv
gnzQNM13NFBXLaROBBGslrN3hry+L+smFQXb19mf2QqAq7UtWZsM3JDO+uWA65RUTpXhdVzC
4aRYcAXYEy1GCCsaWbLQMJCTXb2dy0BfngliD4gKkcnB74M+MmSR93kQ22zxtmmAX84d+zYQ
Q/QTxXXQPVYvsQRcTR2H1IEgZOkRDUAMZAk1QHdYN9fYFWx240rvXZC1zHDCPB5SNNtlRxIk
vf+6S8xESKr0YO09b0j2feWImwzcMdX2CIXANkW9i00Bc7nAUn7NwVHaWdo5BnLGJT9KGwxq
DVsVNQVM75mHGq6B77eBvn7rwW9DSKOga+A3KuAn/77gO8V7qldfMC/1LGLqCrrp+pe690A5
JJVQxoHYxGCxHLR+YiDLQP5ABElJIAZwgFbAKNFZbAb1mjpF+wDYSyfRHDijHREWcG3Sbmp7
wPWeukttCpqndks9AiLROcJ5HZztrYPzgkHtbC9hvQ+uTeoJx0RwpaqLxRQwdNE9lKqCabHv
dmMf8KnsI0wS5H1vL+AaBm8Gpg1OCYRNw7a0/LEv+F8K+ChoJ4QsDO4QVAaqxlYaWOoXKF+2
3P7CCyHrk7R90gNwDJIeuG7AmzuJp9OWgWGWIUj/C1T0rO5frCBIW3Sfy+1AsWo3nWuh1JJi
voajcO/Frx0cH8PTV/cO3osCn3MVp5c7Bg3Uclv7HoUzj698vq8sAO//2Y3czc3Nzc3N7d34
w4nzuQaXRl0ZDXUqVH9QvS7IN6TtIhHEKpGs3QFOSiPkVJArSj8q5cFjVUBy8A1IrprYLSUV
fAubltmvgOGyoYz0BWjrVE+2gqFLaFqx0aBey+6dsw5EDYfO/iNIC6U46TCQLXcxxoN+eLGm
Nb4C/fIgEXkLOGm/nfcriLE6T/0LoH/e51o2KLfss4QGcpry1LgHPHd4Jhtug5end6PAJuDM
Fp8X3AQWj6Rl8eUgfv2zS/e2g3VnelpqPQj7MSqo8Bsw3rZ2yI0CZUNaWLoBdJE+bXwfgtbH
+dR1B+SWcmXpPTC8L5rIUWBfqAltN+hqKQeVheBqpNXT+oNaD4NuO7gS/I77DYM0pzNSkyB+
VsrQpG8hcc0T/b3x8Or6o5CHa8C6xjVDKwS+G6NKFmgDxj2Bn/v8BE4v5xZ1LqQ2jZ/zeirI
T9UbhENwg6AGgUUhNL3M6QIuCG0UuSp0Lvhu8vf09QWPM+bxpkwwlNWvUjxBb5AuSkGgSEJH
VxDX1WaiMlifuGao60F7os3WmoL0Qn4sG0C74YpTJ4BrkGbVhoNWQRwULUBpKlpSAKShUmOp
HCiP5FWiDyhVEVIKKJdZq9QECTlHBnTl9cIQB45JphXmI+Dqq9Z0hYDY4LI4rGCv65hqGwSu
CtbS1lrgGGpf7BwGynhV0rLAEGKqIt8Gj89NuX7vg/W+tYujNKT3zyqZ3gFSimf7ZlSAnBm5
1ozFkH49pcqbHGh4p+GVhrfA8KPvM79CENQ1aJdfFrhqqSPVWaArqHcoDlBbuhJELLgUV0n5
J0gjxZj7HeSOzLySeA6yHElTn38Hl57l7ontA6XGlYwsY4e6W8r1arrlz27ebm5ubm5ubu/S
H06cc9pkRNlrg260ki2VBFdztZLmB3Iv6RMOgvgch5gFUje5gXQdlKaekkckmAICJ/pOBGdX
xx1nLHg28x7nlwOul+o4dS2IdeZbQUNAl2UK9zeBq0T2m7SWoP/SVNZ8HZSa4UPLLADpBQ2U
5QCOT/KqgJipDFDiQJSXauMLorX2TBsHYp88T1QCgvlM+wTkUdInro7gNVwubz0Fzk+0COc+
MO70T9QVBVe0JTziO3ijT8yI6QDOE9aU6FoQ/EX40cDJ4NXM717EJ6AVtPaxfwRijtReeQjO
La5vnFdBrNRWCgtI96SR4gjIA5zdHL+A1Eg3V18U7GU8RweFQGyo/bEtFmK/i/nkSX+Iy779
9NZ+SGrxmrhpoMT79/JtBr6fRZaLiAWlruglrYOMUq9LJTtAN1qzK4sg8pvIeeEVoVB8yaNF
PoPgbQWSw1eBbyHfHK9TYLqmP2zYA2xindIE1NaqqsaBPFdrIDRwTWQUtcA+Q92oFgBtrAjB
ADSV/OX1YLDodHIB0A2RepEHWqD0lTYKXOddG5SuYButPlBLgzOLGeIYuLqqX6kDwNlZM4oz
oGyTv5SiQO+UjkjbQS2jPeUw2CU1xfUDiPLUYCRIEWKnVBWUy7rNpu9A9JU+NppB+VD/1CMR
9HmuS/bPQb/SWs/6AFwJ9gz7fdDVVx8524C+o7m0kgWGmabjPh6Qsy0vxT4UXrdJ3JscCbZx
9inO7kCMsZGpC/gv8frSqxzkZGXuzO0O1vqWMbk/gj3RUd/hCXlDbP6OdMiLs27LqwyvU94c
yGgHljWWDimHwXes7xxlOlhL2sPVlvDrB4+q3v8GUvalNnldBBrQkPp/oH29/QGP3Nzc3Nxc
aLi14daGW/9+ucyimUUzi8LPHX7u8HMH6GPpY+ljgbU11tZYWwOGDh06dOjQd/8FsmbNmjVr
1vzr8f/o+m5ubm5ubv+T/nDifPPHF9q9ZxCV8Kh15GqoWrriqJKTILeUbZLdB5TGbBazgA0k
iCPgmuu0OG+BXyef5d57gL3ijPQlOLKdTVxfgDRKUjgFUgvlglIJRCDLdU9Bt9UnyWQEfGkq
6UE7ovZTLSB/SFlHc2Co1Ef/IWgPxXz1HMiHidZeg9iRVyitDdi3Z2SmxIA9znouIx1o5nKl
tYfHa16VeZ4AaXWSeiZ0gAJzQr4IqQ3+2/znRqqQ5WV+5VkSMvxc/aSH4Or8unHGEvAeahmS
YwX/ykG+4afAuNtcy9cMWm21hLYGpGARKllBeubooo0AeZHO5tsSLCd9W3o/hCdzsxunR8LL
rPvHH6yFF5/c2n09D3JSbM8t5cAjNnJrwTwwdPQb4HkDrFuyruU8B61Ebm37egi3RTSM+BaK
9S5XrngCFCxYKK7gGPA+5TvU5wTILZWj8gSQvpAmsgdEpHpWewaik9bfVRjEHr6gLbhqiL1i
BIhyxDEHpNeyXj4DorvmrY0A7UdtkGYEVwV+5groDklxzAd9XaWs1ArEATHadQhEWcdZ8R44
Q9Wx6iVwZYlfXUVAPNdukQDSU3USB4EhhEvdQMQJCW8QY0S2qAjijWgmCoHIE+PFNRDbtSla
X5Dm4qQ/uK6LN5IPiP7KCmMEyOU9KhqSQB9heGYfDfJ9xy+2XqDTOzbba4IS4Njp+Ar0+8wd
Dd6Q90g3Ul8HMqzZ3+c44VDTI7oz1UA3U3/OvAH0Z5TryijIG5d9LvMNZMxLv51aHNTaUoLz
Lmg+WgVXCriuibW6pWC4ZtgrVQVXiObhGQB+Ov8yXiaQdtJCrQ/JV9LXZ00AalOelf96+yq+
qPii4ovgx6k/Tv1xKtSvXL9y/cog35HvyHfyl3v7k9tFFxRdUHQBSCbJJJlg0LVB1wZd+/d9
gQyqPKjyoMp/3vr/buKGuCFuwJ7me5rvaQ7dMrpldMv4HSuuZjWr4d69e/fu3YPo6Ojo6Ghw
VnJWclaC4Njg2OBYaPy48ePGj8Fw33DfcB9sZW1lbWXhxMITC08shJwzOWdyzoDuI91Huo+g
YXTD6IbRENomtE1oG9ig36DfoP/tYrgGuQa5BsGQVUNWDVn128sdL3K8yPEikHky82TmSehW
tFvRbkX/+f31txdC7gsjNze3/9f84cT55ebUvk8vwNlCd2oEWKDM+6V2RQ4EXa4cJy8GsV60
k0oCXYihMeAgGheo5zSjpgepobSI4SA9kr9iPLCXHCkA+JpymICKooO2GsQSaYmyEnCJ+eqn
oLvPCVEJxGEs8lMQD0RHpzfoF+qPe3YCpymt18v+kDPwUvEzc0EtktwvuQuIW+rZvCrw4r0H
Xz8vA7dmPtr02g+k7fZGUjT4ijJjvYuA/qVyNvkDUKfg5V0ODE4/JfwX0F3XFZMuQtZu1/H0
tuDYmBmQYgF/T+dG6xAwnzJsMN8DqYwaaBgFurPeVYMXQnIDr9SARfBwcuKb1zp4fu2GdL0v
PPG8f/RmGjgKKk6DDny+KjSvUC7I6bpgaSBkf/16Vdod8FU8apqbQqlCdSKrXILC50tPLJoI
QcsDzgfuBf1E/Qf6XiAdZA21QCxWJa0yiHQtEScIqxgszCCrrOdrUKayUNJA/VLaxqdAa+1r
7VsQ34ogLQL0NWkj9QVxVCrHdJDLa/fFIBBXxAp2gThMX60bsEMUEGtAqSEXFelgmiIFK3lg
/0I9KmqCS8YoZNCWaovFXFDPqJ9rT0CrQGFhAOqI/ZoGoo2YLvUD0mjPbpB+Fu0YA6Kp2CFa
g/gemQBQF4jaoiDQTqRKyaC1lQcYvEAKMh5UZoO+olJRXxHEYen9vInABGd9108gDZXuUgeU
O8pe03TIumApJH8K9rvqeOcN8A7yPeYdDYb5nqpHJbAfklTle8gqk3472Qw8le/L1UHsEVPU
ALB2tR1wDYbkb1Iv5I4C40XDIOUVeHXyaWpeDNprsV/9EfiDSauPj4+Pjw/4jfcb7zceXjV+
1fhVYyhEIQr91XJvE+cGpxqcanAKaEMb2sD6O+vvrL8DQ2sOrTm0Zn4iU/tu7bu178JT36e+
T32h5eSWk1tOhpMLTy48uRCsZa1lrWWhSHqR9CLpcFd3V3dX9/cJ0G/FrzSw0sBKA+Fl85fN
XzbPvwCoXr169erV/379pgFNA5oGwK1bt27dugViiBgihoC6Ul2proSy58ueL3seKq+svLLy
H7gQ+b2e73q+6/kueLz18dbHWyHjy4wvM778/es/Gfdk3JNxkOCf4J/gD10mdpnYZSIotZRa
Si24aLtou2iDq1WvVr1aFRrQgAbATemmdFOCyFmRsyJnQZXrVa5XuQ5xQXFBcUFwbvC5wecG
Q7c23dp0awMDnAOcA5x/v/24uLi4uDhIaJvQNqHtPy7vy0kvJ72cBEPSh6QPSQeKUpR/IXF2
c3Nz+3+d/EcDFBls1oWOg1ci7lriZPjp8sET556D6ajBZv4StFqiOcuBCBJ4BNKX0hJpCaDi
wglioJjC9yB9LY5LNUGCCAaCOCWKifdBmiRtVqJB3ixOar2Bu5RkFWilpEW610ATbY/LE7Q9
kh+jQS1laZo4HxwHE0c+mAHWBjF+0UdB+8wVkbEbyNY624+DaZNXOdM6qDe4TuPKHlAnuqmr
oQ8YVwXnRlaB1Ha2DZ4/g+TyWui/Ezxfmr08JoJO9frcawt4VvWuHLkCxCqlQUAAZK3IKmrx
gcyPLBdyfgT7I4/PfapCymvvDv7X4dGF1w3jDBC94XzFs48hetftJTfCwNHTeMzjKJjDI4+H
vg+uWg6HXQXr+2+aZtyHol9FmUL2Q5OaLebXawOVz9e8U2k9RN2KGB5ZFrxeGiYbraC01M5r
a0F3TJTQWoBpqdxbXgP6ahSTvwVdDfGFVB2kWNGSb4Cf1XlqMOje186rkaDEskB7DMb3la7y
J6CX2SfCQJrp2ue6A47NzgGubmAd6vzelQ5545yKug60sWIVhcD4SG8Xn4PuoHTYNRjkzlpj
7SQoU7VzrkugBAlZlADddbk3uaBclnuIXJAuSkFSOZCuSWNEHZDDeE90BN0HcoI0AAzbZJ38
BPRNpRipGhh7S+ukDmAYJPUgGAzzpRuiIyihUk9pBCgXdVnGy2CQPJ55rwLzfnNrjzfgMVve
JpUF8xbpG7Uf+Hp41dJXA++PdLnKVsiunBqV+hDsVezZ1pMQejdscuhDiDwXUaPYWpDviaum
PiB/xjrhCbr+yizlKthGOQZqnSGjQ9Y0y31Q76ht1O4gO8QCZ+S7a6glsktkl8iG5zuf73y+
M//9rFNZp7JOgXOAc4BzAIS+Cn0V+ur3x+3SpUuXLl3yE7liGcUyimVAz549e/bsCb5PfZ/6
Pv3ny/s28euQ2CGxQyLc/f7u93e//+3l74+6P+r+KKi2utrqaquhR1aPrB5Z0OlNpzed3sD1
IdeHXB/yz5fDZrPZbDZwXnFecV75/et5P/Z+7P0YypcvX758+X9+uw+3PNzycAvUkGpINSTQ
jdSN1I0EqbpUXaoONWvWrFmzJpS9UPZC2Qv5673t8S2SViStyF/9JHjk4cjDkYchq3hW8azi
v71ddZA6SB0Ed+7cuXPnDlRfW31t9bW/vfzp7NPZp7PzXx+MOBhxMCJ/v504ceLEiROwNXpr
9NZo2NFkR5MdTeBksZPFThbLX+73HoffG2/fvn379u2D1KjUqNSo/DgHDhw4cOAAnDt37ty5
c/nvv71QOV3idInTJcDhcDgcDjh69OjRo0dhu/d27+3ecLjj4Y6HO/52ud9e+N0beW/kvZGw
d/LeyXsnw4sJLya8mAC7X+x+sfsF7PTd6bvTN7/8jxs9bvS40T9/nri5uf3f5w8nzrJBXusx
CBrvqbq90V1oYq4XV70DWJ2Op/Z2ICfIp6XjINWUylIFxBwxX8wFnvGUJ8Bcaao0E0Rb8bl2
EkQpNUH7FPiB4YwC3mAWPiBuUV3qD6ik0QzYTq64CVqq1EZSQN7u2pbqA2lhh46u+QVyrN9/
uekBmL4vuDW8FhhGlmtRahCYfaWeVsB/vfGAYRlI1Uwn/ZuDc4/3ZY82YH3i2TS4CmhK4MmC
H4O5oc9c/8Oga6Tz9IwH9TLfKRtALitXlI1gfuTTL+BrcEV7lA2dDNaOpqKhtSAzLaBveAL8
eiRhb0JZuG84t/1cFDwxP+r82AS2ct7XPQaBsURgdf9t4OySE2krBWKH9aT9LlSsXiW5HFDz
eKNVteOhhKnc5JKnIXyZXxffKBAz7SPy1oG9hmN43mFQLkkVOQjmZvpEw0ZgstZAXQ/KF1jU
RNCb5ADxKeitklHbDfpd0jSxFbTyrr2unqBOdn6vBoDlF1thxxqwBNjMzh8gr4UzWlsF6nMx
VS0DagH1imsz2GNcZbXaYF/mjFeLgKhFW00COZ1RYjYouejEEzDkyielENC3kX+RvgXZIB5I
n4BSXasj1QNlN5q2HIwXaSsegddU3ShpEXj004+XloHuG2W++BX0s6SdxIDuGQmiDiiNOMRn
oMuUGpEISkepBl4gX+ICmaD7VpotnwOlgSHD8CHIi8wfeqwC4wd6i/45mO1imut7MD8xhykG
8MgyjdAfBFtRazPLTAD5lHYRQj4usCpkEUS0jJpfYh+YFsmbPSaCrpkSLJ8HpbzuqHwd8sx5
Z9TCYDtmPeZIBGm9VklzvLuGWuzLYl8W+xJehb4KfRUKrm9d37q+hZfNXjZ72QyKdS/WvVh3
YBjDGPaP45UtW7Zs2bL5idzr8Nfhr8OhZMmSJUuW/Kvt9ijWo1iPf768ET9H/BzxM3hEe0R7
RINaWa2sVv7t5TsW6FigYwEwPzA/MD+AB/Ue1HtQLz9hfjtk4vdK6ZzSOaUzbPXc6rnVE7Z5
bfPa5gV5eXl5eXn/eP2QaSHTQqZB1NyouVFz//n6Z3TL6JbRDRJmJsxMmAlbtmzZsmULrP9o
/UfrP8pPII0fGz82fpy/XtuwtmFtw8Dvhd8LvxegaZqmafmJW3BccFxw3G9v9+HDhw8fPoRi
mcUyi2WCvra+tv6/+eXKJj5NfJr45L9uH9E+on0EXOh7oe+FvuD5qeennp9C79zeub1zoWdW
z6yeWeDd2Luxd2O4WO5iuYvl/vH++GfjFZxdcHbB2fC6/ev2r9uDek29pl7LP35vOr7p+KZj
fvzEg4kHEw9CwTcF3xR8Azdu3Lhx4wZERERERERAr5xeOb1yoFDXQl0LdYUrA64MuDLgH5f7
7YXl2SVnl5xdAi33ttzbcm/+hV27n9v93O5niNkbszdm7z9/nri5uf3f5w8nzo6bhmcJFnjm
GTvzeFvwLunVx6sKyNfEZG0vSHZxUawA0VtcwQbkEscL4CHPeAbyd9JVaSQ46jteOXuCfbez
jLMByJpcVX4NYrdYJsKAbLJFPEhV8CMTqCCekwDyZxpOGfIyr5U4GwhSw4zsvOogjSjbprIL
fD5779feWyHY0vbIoPfBd0irqK6lILhPtd6VcyA0LWCN9/tg/JxNyhBQPzad8VBB2am7booF
ZZ/ulVmA/ZrmZQ0Htbfjc/U82NvZJ1qKga2rpWXmXvAqFTgiuCa4vApfLCPDA8Prr17Xhui1
5/efewDPuz9uEN0b7Iu99xufgOmJTzW/XuDskhuSFwleT5XJcjOoNbr2q2p2qPpLvSVVfoKC
vQr2KFAR9hsO1zz8Etakbfl100r4YdTO7TtWwGqvDdM2rIbTv148eu4jeH06+Vz8ejAcNfnI
DUE2607pJoHrhnZWzAROykt1fUB+YxirHwH6D0wt9FvA44Thff1QMAxlnHQJpIfCW50FpsFy
rrgKhvfkudJe4BNxXZQAtZFayDUOrLtcK5yDwfqNbb6rMshDRAOpPPhkmV8pN8G0QK+TCoFe
L01SK4KhhDRF/Ro8ainfUxDMy+QPpV9Bv1WOogeoe9Sn6m5wfOvUXDfBeVRN0jqDayLZWn9w
zaOtFgtOVQx1ZYLrhjZS7QEui7pE7AJXW9FW+wkc7UVDkQyuZDGSEiC/0nnqe4Bhm+krDw8w
PTWeN20Fj68JFuXAlGpaK3UA7xBTgjIFck5nvJf2GCzjLSdyGoDf0ZAxPoegaKFCNwr7gKmq
/ry3FQzRxmkeWaDNkIeZKkLu5rzhoiG4Brv2mae/u4Zq/MH4g/EHCE8ITwhPgNjg2ODY4Pwh
GsVPFj9Z/OTvj/e2B/Qt7bp2XbsO8lp5rfxXPZTSUGmo9C+MTf3bMdj/yNuewafPnj57+iy/
x7fqkKpDqv4LPc1vh1a8Hephv2S/ZL8EuYtzF+cu/sOH4x9yuVwulwssZy1nLWeha+GuhbsW
hr7n+p7rew4CYwJjAmPgVIlTJU6V+O04b3tmT/c63et0L6hYsWLFihX/fjltpbZSW5k/lrr0
2dJnS5/918v/6qdXP736CaoMrjK4yuD8CyxucYtbUPlq5auVr0Lcj3E/xv347uO9TYDfJs4p
R1KOpBzJv5Mhj5BHyCPAesF6wXoBEmclzkqcBQUKFChQoADETIqZFDMJSvcu3bt07/xylLGU
sZSxQHzb+Lbx/80Qlr+9sIyYFTErYlb+cXjbo//2od2WLVq2aNni33hCubm5/a/xh8c4V2hT
cEediWAQ8sMsP3hdMskjqSWUqFB8a5G7kF0jt1POKNCf0D/SjwI+ZwtVgf4EUQ+4LK5yA7I8
MiOyD0LA9EDPAAto3UVZLQqkbVKENArIEFdFXRD3GMN2kHbJq2RPcL2XVS5FAWvD2PCEm+BM
TA+03obgy/1XDtwN+vPBPSLugnOkPc1uBePWQsfKLQPxoX22/Qb4d6s+yy8dPKZc2vq0GcTV
jrmYsgpsY4iSa4OrmiPAfgoMBwzewgLyG+dzNQqkg+pJ+zKQKgkhbQHbKa9Dnh/Ai1fJj5In
w2P7lc8vnYJnKY9XPfwCsrt6LDdeB99kr4ZeX4Ocam1ivws+No82pmkQ8aj48YKDIPTL4qcL
fAuGu/qdxmFw9+H9Yw96wv1m0bnP68GrhNizr+2gjFS26l+BLUt96fgS7umj33+RDYe/OV7n
lB9U21PZUmEclGpc/FHRPFA+0hU2NISkQUl5SfUhyCvo56CloHtPPNN3AfMsvap6QUiZ0Dkh
ncHzoXm6fw1wfGy/4vgCnHtdYa5D4JzpytW6AI3klspsUCaIetJAkAN0n+oskJ6ce9hSBrKa
ZOtTToNvN++P/L4Gw27jclMqcF8x8R24PnNVdm0C5xzXBbaA2k0MFBtB+0R8RQqo/cVMvIED
PNW+Be0zgbgMWMngV+BTxojWINcRH/IV4CmOiWYgivJQXACpvFBFeVCHiidiLwiXOC+iQZ4i
v5JOgVTYWNI0FAzrtUxOgddgeyvrcRAphuJsBoqIIKUsZN9Li0nZCJ7N/Qe7BPgvCejgVwZC
j4vz0kZIPpF07c0JcKQKYUmGzIDsovYqoMXpP/L8+d032BK9SvQq0Qtur7299vba/J64gAUB
CwIW/OtxI9pHtI9oD0/nP53/dD6UoQxlgGe7nu16tgs4xznO/evx/5GkpKSkpCToOaLniJ4j
wJxqTjWnQnx8fHx8PHCYwxzmLw/d/aOe9bcXElaj1Wg1grGusa6xLoScDTkb8gcSyt/L9MD0
wPQAqp+sfrL6STDUN9Q31Afuc5/7UMVRxVHFAZtHbR61eVT+eo4VjhWOFWAYZRhlGAV98vrk
9cmD12Gvw16HwalTp06dOgVF3i/yfpG/miE8bkrclLgpEDYjbEbYDFDGKGOUMf96+cVqsVqs
BrmP3Efu818s8J/7/y93AipSkYrvLl5IfEh8SDykPUl7kvYEXoe8DnkdAmGlwkqFlQLliHJE
OZI/dMm4w7jDuANMKaYUUwpYblluWW7Bxhsbb2y8AaxhDWsABQUFpAvSBekC0Ic+/Bfl+dsL
y5aBLQNbBkLaJ2mfpH0Cbw69OfTmENyOux13Ow44ylGOQmta0/rffna5ubn9mf5w4pxQP2Xm
8xPQwqNeVHsFLty5+vxqCNi8XD3ttaBIbAE1qg4owXIf5QDQTVQV20F7xRZtNGjl1WzXPqCJ
6Kd9B9JHorI8BuSlLJangnOPa5fzNsiF5GSlJUgRUhSDAKdkwAy8si21jAbR3XrdXhI8zlSq
UDMP9B7h5YrXAu2V7de8HiAFKHeNZ0B8jEX+Gly+acGWDmAsG96/aC3w71RncpmfwLkp50tb
IGRE5ixxDQaaGr/SpYPWXPVxtAEmOItmHQNKqe3VOLAfi+heeAK8PJDzyl4KnhW+EnnpFDyP
uN/9dg6kD9OX0a8Cj1amHF8TuL519nGUBvmQfEt6Aco2n5/1X8PL6a+XxHSG+DPJnyZkg+2A
rayrByTsT/ol5RbYylrLO6qBLl7upDQANVU0dwSCaOPKFLfAFSb04gFk7smJsn8PP/907PCZ
AXDJcjXrRh2Qn8vf6qyQ+3Peh3kXQK4nfSKVBnNBU6C5Doif2SW1BZ+2vpc9ykCP1x2929UA
fx/fwQGDwNBNX8PoA/pNhp2GupA9MmdRbgo4ZjlXONPhTZPUbkkhcK3ajfp3RkLa6vTRaf4Q
fDa0VMArMGWbipt/Ac9c0zazL1RWKtas6AKv7kZf78ug3ta+0FqB1oZebANtrJillQRtsCaz
HcQd0VJUAuljaaR0BrRR2qdacxC+qDwEzVNEiPqgHRMf8j5IMdQWzUEapm1iKGiDRKBIBrU2
NcVO0N5jncgF2WJcaLgC+hr0VDeBR21rddtHID4zTJYLgLmW1lDpB1YpKzl9Lsh5xnn6YhDR
qRCh5aDM0cLPIz8An9mGu+alYH7fo5zeFzx0oasjFgLQ+I/MqvG3oqKioqKi4Gyvs73O9oKK
8yvOrzgfqEpVqv7rcevXr1+/fn046XXS66QX/Lrr112/7oKiRYsWLVr0r3qihzKUf8PsCDVu
17hd4zYcqHeg3oF6YJpumm6ant/DHhweHB4cDlfaXWl3pR3Upjb/zQiEv/RIVqISlf76g9KU
pvS7L39Or5xeOb3Ae7v3du/tULhw4cKFC8ODTQ82PdgEletUrlO5Tn4P/iP9I/0jff7sGG/t
CdwTuCcQmh9tfrT5UQhuFdwquBWYfjH9Yvrlt7f/lzsPKcVTiqf88foU7FSwU8FOcLfW3Vp3
a+WP1X7rTpU7Ve5UgaheUb2ier37eLIsy7IMwVOCpwRPgUeFHhV6VAg6Hux4sONB0M3TzdPN
g0v9L/W/1B9K5pTMKZmTH8+niU8TnybQdGfTnU135u/Ht7OUxHvEe8R7/P79sbv57ua7m0Pb
pW2Xtl0KZW1lbWVtULBXwV4Fe8HemL0xe2OAy1zm8h/f/25ubv97/eHEuWyFEq2rT4O8OY4n
OVfAe6zHr+aPIWVXwoGUT6GAR4iPfwJkf2A9JnWG29Pv7726BILq+saEFYXo6q/qXewKEf7+
5Qu3gMiLuWdL6aBQfPE9hTuAcZ0+wzQOxEMpT4sFp6Q+cc0C/UuRIQ4Ao2ULXmD4psDcUA28
jPXmN+0IrlZyAA9AVnkofgZKck8LBjoY85Q00DXyf88f0DL0ZTyGgTmg1L1SI8GvVMLczEzQ
2p6/etMJ1ljtJ6keuB7mvkkLAMsnOS+cAeBaV+Rg2TeQ8qXnVJ8yEDftrv76cXhZ+u6CWxZI
faFNYgDojns985oPBovSnW2QPS2ncu5IyGikXrENhoTxme3eFALXKIePtgEcldTy2s+gxBum
GiygFlF7qRbQBju7uGwgL5fvYQFti+trV0dQW4vzymsgF0V9Bq5+znlqBphrmBp6bQdLLWuo
1hzUUU5b3igwDTLuNa0HV5bWT/WHbN+cllYdqFmudlIqJJdLM2U3hjVjNmXu6gg+431Ke16A
CgdKxZf6ENSV2gatLjx8Ee31+DzoBuotcmOw1rS9bzsPVvK8HKcAsygtDwWtq9JSPg2OM46n
GftBPHQNcnwMhpLGNH0nKOYo9KroBPB76Hs/YA6IOeojbQhId5HERdB/rXTTtQDXbXWZcwpo
HdU3FAIWC5coB8LOWbEcaCGyCQRpPN5iAGhfiOnyOhBttQz1G5CuUpFaoIWqrdQFIDdQLnAP
1AXSOZEN9NcrBj/Q99IGafvAHGsb7qwEfGEIkW+Dtk801K0B6+OMcmkLQU723ucxAGpMa7Cy
6iCo/rpGjSq3gQtSOaqCFiVKcv/dN1ilplJTqQkf1vyw5oc1//HyfzsLxm9NC5ZWOK1wWmFo
FdsqtlUsmD4xfWL6JP9WeLQp2hRt+tfj/973y2eVzyqf9e7327/b3pZ7W+5tCR/yIR8CtXS1
dLV0cKHohaIXiuaPsWYb29gGIa1DWoe0hqY9m/Zs2jM/TqOtjbY22gpnKpypcKYCuE64TrhO
gHJbua3chkYbGm1otOGvNvyfPfCvX79+/fo11K1bt27dun+8Pg08Gng08IDzJ8+fPH8Stqdu
T92emv/527HWDTY32NxgM9CMZjR79/EKJhdMLpgMKXNT5qbMBa9SXqW8SoEuQZegSwDLUstS
y9L85QgjjDBo3Lhx48aN4dwH5z4490H+0BndXd1d3V2ou7ju4rqL+c0e579VeVDlQZUHwYHw
A+EHwkEaL42XxoPUWeosdYaGNxvebHjz336aubm5/S8gXbly5cqVK0LUqlWrVq1a/3ogLcg1
WL0BaWnpG5Ivg8dg8zO//XDvh0cvTo+BWFesI703FNMV3172BCR1y+n8/Fd4sOBF0bPBEJ7q
ubFgGLwqmjg54Ri0iq1/uF9J8A71am+6A35Gnxf+hcH/atCMkJegLhEtxQxQ16Re+PUxqOlq
jq46GCaG7yo3HeTb9heqBGq0Mk0dC0KWystLQOenfiM9BrWvsa1cFHQn5O3KHbB6Pdpw+zZk
FT0QeCQe3oxMapb1DeRUti/LewaOmLwJhkjQJRWqUNoKakaVPWUD4Pmhx/PvzoG7YccK7B0F
T68lD8m0QF4jD7PvBfA94hng+SXYe1g3WqtBapHM6WkdwNLFEWB9CLr2+mz9A1DtWqo4C7q2
upuGdqDNkOtqqUA7VS/qgWOGfY5zOohjoqHWG6QIqQ7+oIVpJ0VpEN4imH0gssVJTQb5idxV
agzyY3m/3AHkS/JAqQZIU6VlUh9gk2SmDzjGOV6rFcFwUt9WOQCqJF5rd0EaK1oozUBySV/w
C0ihUkGtP7i8SdayQZci23UNwTBYf1meDuo89ZRoBvIj6bhSELStrkhxHujMXKED/SlTnm4X
iN7aNvVzKDwrqkqBExC6PzQkeDsUGBJ2PLwUhL8J2ROWAU6rc4T2MWTZst7L2AeBawIXBN4D
ySBl6nuDXEn+WJsN6j11i+sGCL1oq58Eri1qHacPSB9IydISUA7K52QbOJs4pmplQKmkK61V
hf+PvbeO09paF7avleTR8WEGGdy9uLu0uLtrgUKLtECRFpeWlmKFYsUp7u5Q3N2LMzAww7g8
kmR9f7xnvtm/vU/fbgp7d7/nzPXPzJOsrNzrluTOnZXE1dm7UF4E2VtYxS7QFlLJ7AV84q2p
dwV9tLuU+yqkLPZoxnBwLTZiyAcJPd3jvV3BotsHO4ZArgW5cmc/CVUfl1FKfA9FOhdZkH82
qFE+Ta3XwNHfmtXx/0AieCzxWOKxRLCvsK+wr4AysowsI+Hy4suLLy+GuO/ivov7DurWrVu3
bt1339//NLZu3bp161Zo3rx58+bN/2pp0kknnXTSed+cPXv27NmzoPbu3bt3797jxqU+VPG2
bDt2bPyMsuCyesunbAVRWznpcxce8mzovdtwIeDWb+fWQ+gP/mbeWKi9qsaIatnglXzZ9Pkg
eN7wRf3HheHN/Nh5KSEQNTipZGQf0B6KPdHh8Pz+ywWR68D8MOVNyseQc06OB7lygLcQYzQn
qAPMga45YM1hTwx6DOYptaKvAsJXterfgWKqeZ0zgafic1YC5cRB3QDv3LsjzpWCuOYn9x25
A3HF13+6ew9ED/1t1+sA8LiYG1wDlAbO5tmHgrVs1q8K7IPAdpUKlXgMr5WY+Ke/wvVPDul7
GsOjlKc5XnwBsf21r32eQsAsH9N+GeRkvZK+C2IOJfSJrQoJF5M/T6wDTFBviwGgBSoPxAOw
DbRu1IaC6CBu6qdBuSZ3mMvB28bb3lBBL2Lc0huCnCFHyaVgnDDu6h8Du1FNAaK90p4DIBV5
06wA7JNHiADzunnKzAemLh0yJxhTpJAfgR5rrNd7gawon5m/geWoVkhUBllNHJG3QF6TtYUL
5DKjmdETTKu5ygwG00lJOgF7zVbmWTCkmdVcDWac3CbXgAyRk9gHZmZzvFkPzIrymPkMzLNm
uH4YZFbxqRoGr9tHzkw4C9Ftor98swM8DbwdUx6AcVYP9oZD6InQp5lyQkSHV4siHGBdbNts
GwiWMEtjewA8W/GszWMDlFVqVXEZknKnlPeshUvnrm6+Mg2i8kRdiKoKWiHrKm0Z+ET5FLJ3
gNfZoqJiK8G5zy+VvNIIoua9qROxATL+lrFNUEHQbqo3HdFAhLJHeQlqLgqafcEYbi7RhwDh
6l3lZ0ip6BrluQbGZX2A8StELY2flxAFnvwpNd3PwfdLwy7ugn+PjAHBo/7qcP9jQs+Engk9
k/a+5lNzTs05NQfMbeY2cxtUi60WWy0WbLlsuWy5/mpp//MoVKhQoUL/gikg6aSTTjrp/GcQ
Hh4eHh7+HqZqnPv5vP9xAY/X5Wx4rTjYhhgJJcZAUHvfVkHR8HqC69nNKxC82qMEtYEnh57M
enQU4ua6HyYYcH7m40PPqkHWaNvtIAvk2xLSpMQteKW+rpS0EGzh9oFxu+Fm4ddtzvlD4a/y
nSpSCQIHZPXkOQGuedr3fvPA9JWfKOtAnSpKG6chOe8NZXcPsCzL0C/PdtDK+z8JugOuUy9r
/OYC963HJSMCQBzTQnwjwSd/DU+dCuDvzZiSdTvYJwR3CuoCMatP7rpWAMxRQaMC7sJLxcwR
vQwe7D1X51QUPB/0JOBJPEQNxVDPgjPUechuAsvFT0KHpJaJFRIeQGKm5IDEZ6B8bp2uzAH7
PPtuSw+Qo41w+Ro8nYwpbl9gEPt5A3Q0e4uPQD4wC+l1QBksPmQmGH3l/5mbO1vLppQGMdJ4
aH4GtsG2/OInMBNlDTUakuOTEnUTlGR1OgbIydRT7oE5xLhvXgDxOReV+6CsFEv4Cby53HFm
JBh3KEVh4CB39M/BW9k8JeuDFsvPSivgK1bJomB6WS+rgphhnhYXQfwgXhEEIpqsZmGQz2V+
qoEsSn/OglJSbyR6g+ZvCTSmg3lWVpVzIDFDEvpZiFj1qtSrleC0O5ZaOwC9HpxQN4J9oLOh
swU8/PZxtidXwaN5+pglwXXdtSDhS0jcmFgjpD28ehJzMkaB6O8TpseuBNbGD9YWwqPC4XOe
2qDk8Q9E/p0QfvTZtOR9EOkXkyemJoh60Wv1oaA0UyfK06A2VL60+YH21LJXXoec7kyvs2wB
szOzjZyghYth2miw19SOi3yQoMfNiJ0CypfO4472cDHhTuuHr+DJiqdFX0yEjykan+9PRda/
F5/qPtV9qkNzmtMc/uaf/yIb2fgTF9bppJNOOumk8z+Jd06cXZ1slT0KPP46qsvrCAjuGND3
9AB4MObp3RQdip8LeVg7BA54LjRdlwc8DYwj5gbIQXb/PLUhc4B2JANQr3GZfo07Q811td11
D8CTU0/KPPQH9yn3neSB4CI2m1ELvL30g+4vQb8ux3p0UJ5YHvmVB0oYO/QvQGQXo93VwBP8
G/emwZuktbN2JENInQ7ZeuQE++w8uco4wLYzd2VnIqjXrZXVycBppbj2BLwDogu8iIbELBc6
nh0DWjXrxgQJxoEsd8J6wOP7l+df2Q3PSt8ofS0XvM6ZMst9AOR0h7/vK7A1tf6i/gjJJZOb
Jj6HN7UTfon9FTwX9bzGCRDTxRG1NnjCXZk9X4DewrvGKALehWYBuRTkbhknVoLMIE0mgPTI
FLMviBTRjkAQ0WoHORZEW5aK1WDrYPtM9QNRw8xFHZCKGWTkB+ts5wPlEugt3SuNsmBm1R8b
4aCFa3lEWZCrZXfjAvCxuCO+AuNDGS1vg75Yr2guBjmAQbQDMUgN1jKDWUWOkwKUfXK5mABy
k5guvwBZxRxrVgJmcYjPQcSI7OIVYIiNYjroC814sxOo0QxWy4NZz9PAewBUzVKEQaDGaa20
nRAzIC5jUj+4VOHqnFs3INf8HHcS7CD7yhvWlvCmQ/TT6JxgqWAZpx4F/3x+X/vlAs9O7x4J
JCQmFY6PgyRvYvfEk2BMlt+wGlxH3QEJ+eBE3TP1E2aCmCGrq2NBHqWQWgiUMsoPSkZ40PvR
7fBbQC0xQaaAOYGbxo/wOsurKhFZIK/I1jBTK/D/3O+LTFtBFFRLaRUBXb9jdoQE/8hc0Z8D
B8RR9RB423veeFPfMjD4rw7zdNJJJ5100knnffDuifM68ysCIWnUmyBXHFiMmBT7FbA19JkX
WAFe+Il617xg+SBTT70hpNiNjW8+h8SVryyB4fBJXMsM/UeDbzPrTp9OICYxx5wGeXvnaVbI
DVGP46e8cMKlWwkxu3+BgE3eieW6QKaCanHrh+CO8WzWE0As0+y2r8Hoy1LDCeos/15+yRC4
ssonFfeB/VjxujXCQZQzrd4KIDubR/VbYG7wFmEkeD58Vf72WIhruGPkNj/wdIw9rmcGvwXl
t9RoAC8dSWPi4+Gp9+KQ0+MgYmP0rZiKkFxUvFBagv8vjiI+mUEG6C+MupBwPjFDwmJwXzXO
mANBruS5uAvCad42N4CsL2JoC6afnE974CdZkqwgW8p7sh+IyuzjFojqtMIF8kt5ROrAYnME
vmDeZLacBu4H+iA9EbRnooTiB6K7+AA78L2eUa8MpsV4KDeDvGEW5yaIAOWpkh9kH3lGrgc6
U0oJA+M3mcVsAaynnHwBamvRWxEgokQPuR7MFtKHdmCUM+KM04CkkNwE6mQli/opmN/ItuZE
kBvkFjkBxI+iocgIloOiHZdB62dpyKdAAUx+Av0bszR3wF3KnWiMB/nI7CdrgcgrNigV4d7+
3yo/jwDdZfQ3MoM6QmusngMlQcmvHINoS+yiuG6QzRI2O7QZxJSPexObHfR2ZgbZDjyn3Ae8
MaCkqMXVZuDJ4BnkvgC0ML8S00C5r1xSt4DmqwllKyjjRUVWg7iuZldNkI1khNgMr7e/WZt0
CxzfW5e8yQXW4ZbBzstgO2+LCsgK0qplUnqBO969PaUFpFSJHx63FYzdzjBrJWAj7+EdB+mk
k0466aSTzn8C75w4x3/9pkHyGMh80dKyaHHoE9gkcmgHsD4MWuitAQeWXCm4ZiZ4Ozs7uK6D
z2F7YFJT2ND81NCZ46BLEWfRz5+Ca0/yZnEazvTYEXPIAs67PgtCNNBrKDuNSZBvUPDFvNfg
+by4lRFFILRQwKznV8HXEdQmUziYjc3hxmJQNoj+tlNgmRC2JM+noPzgVz8oCRiuFJUC5G3P
YW8tkGWVA9pRwKWtlm/Am/wk6c5i8Mx6PSX2JKijssQXrAKexOArfm64O+DXY4fXw/Olj3Y+
GAivK+i5zAKgzXZM8WsD6ld8LE9C3M2klPiDkHjZVdo1GCztbKZ6EPRrejHjMChWJV5cANmO
NWYMeDd5txlfA/uZIp6BGq3VUT8Fs6BRSB8J+kS9lB4Eik3pqwQCS+QwMRvMe2Yecz14D8uv
5G7wSLkCAxSHkklcBn7hqvgVzLXmA3M7iFEygygO3hjPSP040FKUEnuA8uK4bAVGjFxlZgV1
sBqr7AYuimGyApiNjU+MMiDryM4oYC41VhnZQc2qdde2g1wvj5oClCpiMjtBy6bVUe+BHCoz
yU6g7hO3+AHUz7VZfA16e+NLOQBYLXPhC0ZTo5YRCcomTVP2A1WZbW4Hva95UWqgRGjzlGyg
B0mvuQeYqp+SNUEP1V+Zq+Fx2yc+r98AD5TN8gWIZcpHZiaw3rbeUD8E732vx10QjMNGN3Mh
qAfVJtpSkEEywATEBqOdMhDMJWIotUHtTorcAeZo+bH2BcjH5kupQsSPUcNjK4B/qF8ZnyWQ
+Yvg9jY7KFm5Yf0M1A4is/gCvElJyxN/AK2j9Y7v+L86vNNJJ5100kknnffJOyfOhQZn+qrS
Dugv2zYfngl8/IMKOr6BqP6vTr3JA4k5IvP43YI7XZ/cflgAXr167fPiIShrrPky5ISdlrNF
DvYD52T1F5/BEPu9d8zTDPCyvqfFb6ch6ZfE0OSJEJ+YeObVGvCL82z2mQzZ+2StnrkhBFXI
ZGRLBvf2lI6eHsBrethdoA4LOZxbA+qkzHizF5RzxlEjE+gllGGiJCj75SMuAeXNoi4vaAMD
4nxiQVUzzfbtARluVf6+dBt44+PKnmSBZ+cvHbjQASL6xHtdWSHlM7FM8wdbWXOc8RSSzyef
TtQhNiV5bPwy8DQzRxndQe2tx0od5Aq5lp/AW9QbYXYD70jDZSSBMoMgdSmQxGPqgbHbu8w4
DOZrM0bfDtpY5az6GYgwZaiYCt5yeke9KIhNVBXFQTwzn0s7yH4iTvQFI7McIYeCGMNAeQ9k
WXriAnlZtKU1qMNFIALMXOZuuQTkI2UlT/k/7x/dAGK70lycBbFDTCY3yGv6ExkB1JGtqQma
R9uoBYNYr1hFIaAKU+VtEBVEAREA5sdmMbMpiDl8KJeDMZ46rADvUZcmO4JZTF6VOcC6Uluh
5AbzV3OE2ABkkw0pC3K5GEcdkE/lPBkM9JV5zAsgbshNFAOZ2Rwoj4LZjUvMAO8Cc59RG9RV
2sdaCEjM3mZnMD+U+40GIOeaOeR9kN/KVjIXyBNytT4LlL5iqjkPGK920a6ApaSlrAJQk4IU
BL2S/trTFWwrrFvV7JBy1v2dGAThH7zuGtkafB7YP/Bxg6/pjA5eB55YMV4Eg1nAG+k+B+aJ
lKPKbaAlrf7qIE8nnXTSSSeddN4P75w455LZ62X9Cc72vpp4vDEcvXfedigHPB8Z8214ADjW
ZKgcMxn8OwZucrSAGOXFcM8s8O3iHGoPhIRsrunPq0PCRvNMApC9hV/fgOvg/01ActkE8N2b
MdmRFYSDV9IG5caWWNPkEtyz3M55/jfI+azg5LwlgZ6W/bZWQC29sGsaaLEBmTL/DHKqbSFr
QJrGer0GiHLirpIAykM5zGgKsog0HU/BVjZPt2J1IcPCjCF5DfAZmnlPvulwbdKqnxePgZfh
j796sh9ixhhF+AiMHSKFH8C9ImVk0gjQg5VR1AB3kreRsQjMjWY0o0A+MT83l4FZ3ww1V4Mx
QXaQW8AobWYy24D4SCkvbwJLGEdhMPvKQuZrkFuYKzqCGcdrmQlEIVmONUAoOagH0pcyMhuQ
R0xhI4ieFJaVQCaY/WUscFCM5wUo3WUKkcAt0V1kAvk1BZRvwGyFVU8BOdH8nBpAYQaK1WCc
1IPkBVB/VIuLIFBfWKop90FulR1FJDBQDpX9gN00ZhLIPKZd7gKaKhnkajAvGZXMxyCzGsdF
FxAZtW5KLFhLW0OFDfjWelp5AkoNfa/8AoxpfGfmAjnZfKOtBk7Ti+lAVXKYGcBoZT6SvwCq
PKSFgNiGRWQDs5csrQ8EOQoPs4ESZqyRA8RXwqrlAn2B/py2oBQRASIPiLJ8bH4EIofMZn4M
5ggeiHtgTDNLGy1BFNd1GQqmat4VXcD4QR8oS4OnuuiOBZR1Wi0lM7yJjfZLGQyva/qFvIkB
5xR7lHMHWF+I2c7jkPyZWGrmAs/+lAPugP8KktvvHqh37969e/fuv+OQkE466aSTTjr/cylY
sGDBggX//PbvnDgfzX5z3c7l8PRy9KK4geAsaO2h/QT6E+Ow2RVEWOwCqwEZQzO8CigPrq8z
2l/UhMydPTkLl4SXYQmTI9qDzwNriPUkPFz3+gNjKfjNi6sQoYGlmzZPd4Bmc4rknuDZ96CP
XAd3Vlx3bm0LGcdmTdAbQYXLNS70/xqSi6ZYU4aBalOLOh0gGjnHZukBPJfhsgYoNQihP5hH
hUVkARlOtOkPYr12IlMg2LtmemodBPFdno199AFcaXMs9/Gy8OablAyeWEhezTwxDZx7bIHO
ANCzi40iAJJKuq6n+IJ3ob7IXAGivUhSToMSqWbX+oHZXp/i2QfKRbOlGQtKpFpCyQVmY/Oh
PAFkpzLDQSjCI+4Cs+RUuRGwUYzPQJqymDwN4jtRSfkKZC/ZVTYHrY5lvFYTjAXmAPNDMGeZ
9c3poFYWGUUoKLeVO0orMGepQJAAAIAASURBVF+YQfI5mE0ozRawJFh62gqBXsHIqmcH0zAm
mS2B9tLOCDCl2Vq+BmCSmRmUeKWSuheUr9Sr6kkw8hidjO6gFhYFxCaQWc0UoxzIdfIlFwFT
rSIuAN8IC/1AJlOGGJDzPUVNwCxmVDf3gIwWbdXlwE2OyGUgz8mPZH+gNK3lcpA3jGL4g/hZ
ZNGLgeitKMoFoKK8q6wH86B53qwFZBNR/AhiJLWMnUA3GWtuAu8HzDY/ALFfLlMzA4cobJ4C
sUftZswGOVgbpS0Bo6TRV2wAtYGiSV8wl8kQJQHoIvLxGCwrREWlDnhL6GMNG0SvixmUWBpC
OwbZEy3g28eJ9QkIqz6NbKCf0isIN9CF5/8JgZ5OOumkk0466bw7yrt24Frr2RvphuK2nDaz
OZSsW7JtQhPI8muOMuJXiIhMue4ZBnf7/zYiIiP4NHPd0/xAnvXv/eYc5GlYqGC+8hAZkVxG
dgSzCDeSv4WoxYkX722AV7cT2j35HKJLJW99cRYuX7va62gx8BkQUjpfYzjDler7KkHClohP
Hw4ExWqbaOkPxtcyo/4CzIPUs1cE6tJTZAcq0kAeBspQj89BqWCuEGPArMJ9cwYwi2neYHgU
e2blmSgIb/bY75kVooZ5lsjPQPva9tBZBwJ2+3zoOwbUZcrPyh0wA6TGY7DG23LYxoJSV7mk
PgRzibnFmAvKemWDsgS0UK2gVgSUAUpH5TCIrFh4CuKu2Cu+BOUjpZvyJYgcahHVAZaslmLW
iyCfyouyOlhKWEpoucB+0n7KfhWs3S1NrB6w1bBdtCeA46y9j2MkKCuV7Vp/UKurdbTOoN3Q
dPUJiN0iN2VA2a98oq4Bh8U21x4Gzg32u7biYJ9tvW3NBdYX6nDLGVDGS5T2wA4jvzkbRB3z
B7kELJnVLepYkCY1uABGlJzDHTC/5SvWgXxkhponQSRSlRpg1Nczy1xgtnaHySgwDxujlWsg
q8qzNARRW9iVysBC9vMJUJQF4jWIH8VoNQFEuPAVO4D5LGQl0JYu8gaISuIDYYAcbxaWLcG0
mkWV1qCoisXaAyzJ2mbnaZAVzb3KHTBe66XZA0xkkzoSmGWupjIY6/TyZjgYQo83LcBh+Uw2
AaOA96j+GIyfvZnMnaDfN4brvSGqz5uZiaUg5nFceGIToLW0uweA9oXSjT1g1DIz62X/6vBO
J5100kknnXTeJ+9ccXYMs1+wj4H4Le6pCY0hLJmPnF3BZ7x8qX8EWcKDGtnjIfSqNtB/AeRo
lcGqPIHfNsavfrUIsn9qL1/mMyg6r+Tq7FHwpMyzu1cfQeLpeNNnFGhYplvygHrX0jkhCJTj
7k22mRB0wF8JWAERj2ILJ9eDPTX215gTAu1Wdbw2LS8kPZGHtUagtBLRciDIbOKBnAtkJFrp
AuwW7WRrMMvTTvYFZb/SRosGb4PYa3Fl4IZ6vteZIhA1JCk0aQkkeeUw5Qdw9na09AkFZY98
aZwC71j3KXcewCHGiS2gXBbdFAFKnFLDDAd9nuemfhOUseKm4gLRXCujVgV6yA7iRxBriTO+
BGnnsGwC1Ka7OA7m59JCOJhOs6xsDsqPynL1Z1AV1anWAyGFqZwCQzVcxhBQuqs7lJ9AbBVH
lTOgDrEY2q9gHjRLm6dBH2fU1W+DNksdpy4EY6mZZF4GJskC7APLeLWqEg/iqRKvVAGlgdJF
qQrGDb2D9AAVmCSTgN/EcqaAmCIGiaugzbK1Un3BeOZ64LkE5iE9s54FlIqKj1IeSDC/E9Fg
lhQ5RCUQs2QpDoAso/ZSn4KWWd2gOUAmyXgzN5CHFSITaDeUUdqHQFeBzAvMEMPVUSBm8xV1
QNiUgbIziOe8Ek9A9FbnizxgvWgr4ecPciV2UQXU+XRU6gJeOT/xInhneEakPABzhtFAMYHh
5tfmc1C2yWvsBmyiv2wGZqC5Vp8C6jq1o5YA4pTMrxQDx1HHEPtSUNZpTWx3IGFyUgHjLHgW
eZsbgaA2U/3FXpAR0u5dDLT9q0M8nXTSSSeddNJ5X7xzxfl198hMKZvBGmSbau8FwSIkMndL
cNmVqLhLYOlKUTkG9LXWJSmnISLS/W1Mbkjul5w3ZTdcK/Ny3YG7cK/G89HXakN89Ju6shxY
ohxj7ffA6Qg+47sE2KifV8+B7GT0Mu7BowL3rc+CIaF0zFW1F7w4ZFx8FA/3Vj4csmgxOG/b
b1jrg/kN9QwXsJQr6mHgingoTSCjXMaPwHKzrbkJrHMstbRkeD38TpWbV+Fppwc9H3wCb6I8
J3R/kEFimkUDW4DtjdoMXOs9lT3XILmmrnm2gZlbXjOt4FnhKec9CcYUY79uB+2U5Yl1AXiX
6pWM9SClcdZcArbmlhLKY1COa101G6iaWlO7AJaxliaW+mArbPnMEgRc5aqsDhSnpOwADORT
6oHYLXaxFmQtmcO4D65fUkYkvwFvd2+gpyd4i+kvjL6gG0YeYxuoYWoxNQWUG+KCMg2Uz8Rt
roBUmGjeBHFZGafkAr6Sq+UgIIkSfAVisZLCFZA7RCa+AG2Ztk07CfoE8wdzC6hN5DJRA2zD
rKVsk0Ftrt231gQ1RHOqP4IsK4uIWiAt5gRzGZjhTCE3qD8xSFVAe6o0t/iBWEMx5RswY0wr
TcHYbTwzA8Dbz9tF3wyW5WKPVhgsixUfyyWw7rF+7nwM5rdmE1kEzOL6DnMveAam3E6cAZ5P
kh8klIPkWkn14oeB8YF3iV4JfOr4qYEpkOVO1sgCBSFobfCynBfB1smnX4Z14AwMbJTxYwjZ
Fzol5wwI/C6kU/a84OgXMC6kH/hVDRqQpRlkPJppQZgNLN84VgYWAW9XfbNaGizfi2XGQtA6
iaraV391eL89w2oPqz2sNrQ91PZQ20Npy6flnZZ3Wt6/Wrr/PZQtW7Zs2be4Y/H37f8qe/2r
9ht3OO5w3GH4cv2X679cD9VuV7td7TZUGVhlYJWBMPDmwJsDb8KLsS/GvhgL8mP5sfwYZs6c
OXPmTKjlX8u/lj9UXl55eeXlMGDJgCUDlsDz58+fP3+HyVTvaqd/Nb9nj/8Uf/kjLpe7XO5y
ORg8ePDgwYPT/v49qZ+6Tx3X7/3938pf7afvGo//rB/8u3jninP2sxnbWW9AloXZdvgFQ/iP
0fdiLsNTz5O9KYdBaa7OcH0FnkdKyZSv4U2H2AP+48AnSOnoqAcpP8pmiY3BXVffaGSH5ERv
CXsfsN+PzxsXCsoA/+PeeDA6arPVceBJMf3MmaCcF10SH4PyodYkaRQ86/ama2h2WPLBzikb
50D7huX8HNmhRL9q53tMgMR1rkMJuUA7RUurBjKDLEkLEC1EgFoF5Cjjjvsh/FbmYrmL5yCq
S4wZ2x4S4j0vOQmWEvbrjgWghoqbSidIPp1SJ/kzcHeWs80gIIcSqdUCy0TLIE0Hc4rRWJkC
tFJ6iJVgnWUdpa0Fc5X5i7kfzCNynhgI2gltvVoW5Cg5GX9QximjlfEgZ8rvjVXAKZ4yEcRp
cUz0B3O5uV6uAbWn2lWJBGs5rZ5tHqhzlMXaYDCHyLV0Am+cPsrYB2qImlfpDIqHaLEW9MbG
KsMHtE+1R1pdUBJUxZoXtMmqUzHASDEeGfEgGgi7qAGcxpADwDpYK6eNAFmBm3wHSjlRTRQC
asut+IB6WUxR24M2Ql1iNgYjyKhi9AA5jM3mFSAKp/wGtBNajNoYxCDxmMVg9jcKSivISHOH
PAaiKhPEBiBOjFB+A/WS8kQtDZ5T3hKe+WA5om7XAsBbxX3a9RK8R4zDxlnQbmhXtF9Aranm
E75gljNb6j8Di8QTzQtKXa2A9gSM/OYq+RL8rvjV9vWCmifoTYZ8IK/qK4zDYKlpVbS94PS1
5dTigHnmEf0EcIHO3ppg+VaZRBKoi8RMNRdYi9oX2CuCVkW5oZQApYMYprQBdZfyWEwBoNtf
F95vz5H4I/FH4uHcvXP3zt0D6lCHOrA+aH3Q+iAYznCG/9VCpvMPnOp2qtupv/G0v8pe/6r9
pp5wD7049OLQC+jevXv37t0hi28W3yy+MLXb1G5Tu8Ho06NPjz4NPb09vT29sKr6quqrqsOg
M4PODDoD6ifqJ+on8EPSD0k/JMG3i79d/O1imHNqzqk5p95d7/9p/J49/lP85ffQP9A/0D+A
KYlTEqckwlPPU89TDxjnjHPGubR23h7eHt4eED42fGz4WBhUeVDlQZUh8EHgg8AHf/Uo/nP4
q/30xKwTs07Mevt4/Gf94N/NO1ec9TuWJNcCuNvk4avHVrgy7c6SOzsgU7VsVX0LQMpFmfz6
BUReiC7pqADKfRFk2waRy5O6mBcgZkBcXv8d4G1qtM2wH2x9gj6LewDJlby9EpfCm/1PsyYp
EHfy9QT3eDDHGrfkYnD5pExRq8DrxNhOcc0homN06fBxcDdf+MvYT2H5xUPNJsdBuO1O78OT
wJ7N3savLpjZzQJ6VxBrxD7ZCpSH2pfKEnA9iNwaURAe37956uYbiGmTMscdDYl1jCksAGsV
x/e2PuD5ylvAuAwpP3kWpmQCvTKlSQRjsbnbGApCETdoCuZJs4kJiC6s5T5o+7V+2gqw9Nc+
1iSYr81K8jfQP9Ib6TvByGwEG41B1pR1ZX8wF5i/mGtBLjEHmTtBfipr8zOIPMIjWgAL6cY6
4CuumUnAQrFOVgSWMF0fDCKMXYYGPJQvOQqiizJXyQzqUvWB2hKUxepMdSNYFmibtBkgf5a7
qARskktESVAMJinXQLgoJXYBo2QKx0AWNMfK26AuV1org4ANKMp9MCabS4y1IDqKgYoCorvo
oV4HPISLamBZatmr1QclixKtdAPrdes16wmQz3AasSBuUUE2AxlsfmucAz1Ij9evglxjPpMN
wLvRGOItBUmL3dP0eaAvNcbgD+prda02HtAQ4iPwNvW213eBd5Z3vnEcZCVpN9aD3kM/6L0H
yb8mt4jfABE1X1560gqiF0QNDJ8DyR0TmkW+ADPBWyxxGyRlTWoVdxri68fniOsASc6k+8lf
gOtzd5j3MSQUTOqTEgQJrsSqCaMg7kpij8R48J4zmnp2gq21OtO8+f4C9UD0gegD0WmV4BY5
WuRokQOaTWg2odkE2DZm25htY9Lax8bGxsbGwogRI0aMGAENtzXc1nBbWvuRH438aORHae3G
hI8JHxOetn2/8v3K9yv/j8v7XOxzsc9F6Ny5c+fOneF2tdvVbldLW9+7d+/evXvDpEmTJk2a
lLZ8x4sdL3a8gK8bft3w64awd+/evXv3QuvWrVu3bp02nsaNGzdu3BiWXlt6bem1f9RDaiVk
5a2Vt1begg4JHRI6JEBiYmJiYmJaJaJJWJOwJmFplYzUcf4R71uuqBxROaJyQH+1v9pfTauM
pa6/ueLmipsrfl+eKW+mvJnyBpruarqr6S6YV2JeiXkl/rFdauXm9+z1tvp5W7l/b7//LK2m
tJrSasrvV7oiIiIiIiIgdEvoltAt0Pdi34t9L6Ztl+VFlhdZXsCtQbcG3RoE9ir2KvYqafHS
pXOXzl06p8VBKrqu67r+z8v5e3pP1V/qHZu6devWrVs3Ld5+OvfTuZ/+5kT/Z/01VT+z3bPd
s91p/c+fP3/+/Pn/vD3+yF8m7p64e+Ju2Llz586dO9PWpyYsDZ41eNbgGbzZ/2b/m/3vz86p
rK65uubqmpArV65cuXJBtmzZsmXL9o/t/v8KZRnKUCbNT8ssKLOgzAJotK3Rtkbb0vT7trzt
cfTv7ZSaAKZu16VIlyJdisDzjM8zPs/4r/eDd/XT92XXPxuP/6wf/Lt558TZW8QI958A3qho
u2UA+GQwPQGtIOM1J5l+hMKZQreEPAJHRh9LbD9IeKz0e9UAtJXWMtHTgMeJQ6I0cJfReyU0
BWLF98kuMGb7lo+7Cr5b7R7HK/DJpNaxDgFK61tdO8G216+XayR4RntKWd5AeMPw28oFcH2Z
MsdVBbTaAU1CDsDiSlseDZ0JCbPD+946A9pw22c+T8EM1ft6jwEntcFKAETXe1TsYTl49uSF
//PDEBObEuKtCMZrpYJ6Giwp1vOWvuBK9PR2v4Lk8d7i7qYgygiXmAYyt3HdfAmGotfVi4DZ
hNbmXpDFjS/MR0CsWc/8FJTB4jehgGgsvxKrwMxrOsycwHHOyfZg3jSvGxVBDBE9BKBGqiki
AhSDGrQE+drIa1QH45we4zkJ+htztdkMZDbplTmAITI3K8BR16bZo8C61dLOEgzW7BZpDQFr
a0tRay0QBc03shzwoSzKAlD7qAPUliAeKd+LRaBEK+WVUaD2UIKV3cAv+PMbmAPMh6Y/0ISs
9ALzmtwuFwMbxXUOA7FiClVBQ3NZ84DWUytns4Otvs3mkwKO7xyRflXB4Xb08b8BjrrOHX51
wfaVtZBzB/jX8D0cVAj8mvo/Cm4Cxngjg/EEzGvcYR/4LQ+YEjwTtLa2svZ9IIvxkE3g9dU7
6JnAOGsUNN1gRppVZRVwBSXfSuoO3q89gSlW0Nu5cyZ/DK5tCb/FdoRXjojJL27C488eLb5v
h0ffPev/5AKEt4xcEDsN4ru6t3gLQ9wK91niIXxgTJ+UihB5NKWFNwRiWiTF66cgKjium/sA
pJz0tDL2gfIQi1n//QXqhGwTsk3IBj90+KHDDx1gy9MtT7c8hQV9FvRZ0AeOdTrW6VintPZT
90/dP3U/hD4NfRr6FHa+2Pli5wvY+mzrs63PIGxc2LiwcfBt22/bftsWJmSdkHVC1rTtF5ZZ
WGZhmd9fXslayVrJChcWXFhwYQF45njmeOZAVFRUVFQUXF1ydcnVJWnbXep3qd+lflD5euXr
la/Dmntr7q25Bx+X/rj0x6XTxrPs2rJry67BT+d/Ov/T+T/Wy+pVq1etXpV2wkg9cKcm6jVW
11hdYzXM+HXGrzN+/eP+3rdc3+b7Nt+3+dKmFmzdunXr1q3w6dJPl366FKYXnF5w+v/lbSm1
ataqWasmLKmwpMKSCrBy1cpVK1f9X/zkd+z1tvp5W7l/b7/vi9QT+p7se7LvyQ6WpZallqVp
CXzErohdEbugaLei3Yp2g3KXy10udxmGBwwPGB4AB6cdnHZwGvTw9vD28EL219lfZ38N45uM
bzK+ybvLl3qBExgYGBgYmHYBtiV0S+iWUEjokNAhoUNa+3f113KinCgnYPHlxZcXX4blVZZX
WV7l7e3xe+3q169fv3592J97f+79udPWnzlz5syZM1CoU6FOhTpBho8yfJTho/dn59QLpNU1
VtdYXQOG1RpWa1it32//eNPjTY83gdJP6af0g0aNGzVu1DjtQrNxWOOwxmFwbcC1AdcGvL08
b3sc/XtC6oXUC6kHu5vtbra7GdReW3tt7bUw7ci0I9OO/Ov94O95Wz99X7xtPL6tH/y7eefE
2T7R2827F4IX+a/zaQohDv+9lu6g5DfXGBUgbqWR5DgMWhPzvqwHgaO0fRmygm2RbaVxEVwX
lOwR28BTyrs9Ng48CUnZ/TJAzov+/bIkgL2ifKA3BMtvifPVKHBcMPLYSoNlsmODfAIZXmWZ
aC0BISEZyunDIMwdPMenMCSfjbIoVghv5ZqachpW313f9su+QGySjK0BYr5lqLM5aDtlFZpD
xPlnje4VgjcFY5onuiD2tb7DPAVqRovQ+oEYL8orsyApb8rLhI7gXq4neKaBGG40NX8BdGqJ
lcAv5mBRHtQhfK58BPIq0/SLYGQzv9UjwWhneI1NwEJGUQ7MxmYnuQYUm5KgBIPypfiQlWDp
rX0qqoH8gUNKSVDzaOctfUHcVEaoGcC4b+ZgKpCJWHkIRBtRX6kKDBET1Ylg1Jbz6Q5yhjkF
Oxib9a+8G0F5LbaJHaD2V79SywCdaMA9EN1FW9EF1BWqW70BdBX+7AHlJ7WS2hd4rMQKC4g5
4i5NQVnPORaBqquzOQ3aOmWPcgPEHVlGDAatpfVH7Qpkmpq1fq7hkOVWlub5neA3IeBpSC4I
XBuSmLEuhLoz/5qzKoRmCyuawx8Cr2YsmSk3ZGqSJTT3KLBfc44PSoJMP2aZlbcdKEs1h/oV
GPv12e6JoI/wRugmmF8bp/RvwfzG2OU9CHK1cdi8AuZ6piqlQOQhzhwCepLhrzcAZ0n/e4GH
wDrKNsDRAowGspJRA5IeJOyLuwqez1wrk8uAOc383lgNlr2W/bbx4GjurBk0D+xLbUUDsoD5
kWjteAJJI/Vjto2QuM6TmWkgA5TP1EHvL1BTD5BjdozZMWYHLFu2bNmyZWkHmOnfT/9++vdp
7U91P9X9VHfodabXmV5nQPlE+UT5BMQisUgsgu5zus/pPgdOdjvZ7eSfuIWXmgBfXHhx4cWF
aZW+cko5pZwC2lXtqnYVoqdGT42eCpeVy8plBSpWrFixYkVYUnFJxSUVIXhD8IbgDbBu+Lrh
64bDvPPzzs87D+ZP5k/mT7+//zat27Ru0zptXKlTTJrtarar2a60di0jW0a2jISz887OOzvv
j8f1vuVKTTT+Xq4qy6osq7IM5vWY12Nej9/vL/WEGhISEhISknZr+m15W/28q9x/xN9XqJ5s
frL5yeZ/HPc/VLBKU5rSsL3R9kbbG0HfhX0X9l0IeQ7kOZDnAExpMaXFlBb/uL+ck3NOzjkZ
qjmrOas54VnGZxmfZYRFlxddXnT5z48jldRb4akVek3TNE1L84PUC7E/a4+/p2zfsn3L9k2r
wP9Zv/g9Uiu2D798+OXDLyH+u/jv4r+DXeN3jd81Hpq+bPqy6cv3b+fpHad3nN4RenTv0b1H
d8j4dcavM379+/0HbwzeGLwxrZK7aeOmjZs2wooqK6qsqAJv9r3Z92YfTNwzcc/EPX/Cru94
HG2SpUmWJln+xr5RLaNaRsGlvpf6Xur77/eDt/XT92XXv+eP4vFt/eDfzTvPcbaN064oZSDx
mNvf0hLMAM3f6gbXTP2lkQSa3bYraQzIPfppORNEWfOuay44c2NhLEQMMH6zfwy2QdqhlEVg
G6/8aF0ICZvjhuMP5hl386RdYExWWjuzgN+IsHK2GEi4nVjGpxK8OuJ6mdQPAp7YV6sbIKA+
Z32Og/162NC4SHC1ju/uFwkXOoePf7Ecinbc33pJeahWqF6jPltBfKZ6xXAIz3FvypNMEONK
SXZVA/cNfYueBxwlfb90FAXzkhwoh4FrqCvG9QB4wlZxGoxycrIxBegtxynPwNwuL8kFIIaz
gRXAQexyM8id5grZBngtGsq1IPYrHrEMtL5aA+1zMOeZs2QQqFJroX0C5ldmkrkXRH/hFMVA
XaWuV1qCecY8I48DY+R+CoAygv3qt6BkE4riBe2S9kbUAf2NPkp/BqKQml9NACVZlBUzQJmq
HBCvgZfCqd4APhf9eQWq0MpoOUB5aAjjPLBJviQE5CElq3wCooLsp/YHUUQEiFOgHKMsuUDO
I1Q0BfFYeC0u8P054H7AZbCf85H+O0DPpp817kHcp3HrX10B1hlRSRXA/WNSuagpICxqVvsL
kCfN63pH0H/QC3omgzpADYsdD36TfffaB4C7VUr/FDskVIj/PKYfmBc9Jb0zwSimh7qHgfyQ
CmZ7kOPFFGUFcEWMUm6DOMIrWR70AOMTEQS2jc6YABNs853f+4+E5PbJRFpAv2IEeGtA0BN/
V8ZoCPwmqEeWEBBfq7n5GERRDfst0CpZyjpKgUyWxagHWpJWXLsJWj5zZspHoN/19Ey+Ano7
Q2EIsPltI+q/54eCPxT8oSDcfXD3wd0HcG3ItSHXhsCSE0tOLDkBDGYwg2E2s5kNyNKytCwN
2l5tr7b3H/sTF8VFcRHMZ+Yz8xnQiU50+uflKX66+Onip+Hernu77u2CC8UuFLtQDErtKLWj
1A6wnreet56Hfa32tdrXCvxW+q30WwlBt4JuBd2Czyp/VvmzyhC6N3Rv6N60ymrVqlWrVq0K
29nO9v/L/u237Lfst9J+R+aMzBmZE2rtrrW71m6gLGUpC1ixYgUxVUwVU/94XKm3TN+XXMZP
xk/GT2C2MluZ/803JFMvfHKRi1z/TX+pldV35W31865y/xGzi80uNrsYeDt6O3o7wme2z2yf
2eBlk5dNXjaBjRs3bty4Ma29+5T7lPsUfBX4VeBXgXDk1ZFXR16l3foddHPQzUE3wTbcNtw2
HM71OtfrXK+0inSP4j2K9ygOn/t87vO5DxzYcmDLgS2wM3Zn7M5YGM1oRr+DfsUlcUlcAhrR
iEb/zfr/ijeCCSb43f31ffnF75GaSNWeWXtm7Zmwvf329tvbw5UlV5ZcWQITvp7w9YR/IpF5
WzunTgU60uNIjyM9YHrZ6WWn/zeJV2q76U+mP5n+BBrPaTyn8RwIjQ6NDo2GUEIJBYKfBT8L
fgbPP3n+yfNP3l4P7/s4qixSFimL0vr9d/vB2/rp+7Lr28ZjKv+sH6zxW+O3xu/t7ftneeeK
c4wz4UOjK5hj1Qye7uD9RO9IPLzcFjks5TvQf0gSanYIqqyeCvkNMmUI+C3RCWq4cU4showH
fRsGTIaMjTJ8LmaBpbaldlR/CA0NPmgpAs5ufhltfcF3tK0B2yBqXtKpmDOgZ/T3xC2F0MHZ
pqZIyPBBwGJnYVC22UcyHRLzxXVhErheuf29n4LnqONuSmtYG3Cu67rusLfYjqDFS8Bd7eXq
R37woskTx/MwiOvoCfDmh+RdxjfmOFCbWLpYfgRvDz2Pdz+4RnpSPMNAFmGIOhtYTWelApg2
OdscDrIPsbIfSF95Xj4Ao7YZKdcDE5TnSisQR9TtyucgF1KML0BpxXxRC8RP8jUPQc+vn9PP
gTlE+slHIK/IX+VxMFYb08yFgJNkJJgXzKPmXpC9ZW+zJ6gT1TnKUFBaKe1EPVBHqeOVuaD8
IhaKbqC+UsPV7aDsVfYqU0H5QUwS+cFS2jLQ8i1oLZVtaj7QiqrTtCjQnFp1rTZoSVqMpSRY
K1tv2vaBZbOWz+oPcqqIEGFgzWbzs2rgU9f/qd9VsA6077XnBNnQnGpOh8S8b5ZEXAR6eWcl
lQPlrsim5QMmyZvKM1Cvc97TH5SKcr4xDiz3lN5KIbB2t7xRVfCZ6W8PugDBtUOuZFwOOTPl
HlLwNWRqkX1jPiB7sbz3PgiEHJfyzStdEcKm5v60xJeQ9Xae2SVmQ5Yfc8wtfASyl80bX6oM
5NbyLyi9GtQ61tyBFcH3dvDgjG7IX+GDwdVOQlDmMP/C98CxKPhNSBL4BPn3CSoM4kOtpaUw
GE9ZwxegLtNWqLtABiS1jjwIibmiv3/+PaR0ThqcshuMSsZC6fP+ArXtd22/a/tdWiW0TUyb
mDYx8OWDLx98+QCu/nz156s/p7VPndO2fODygcsHpj3VnPp36bKly5YuS0sI/1lSt0+tVBRO
KpxUOAk21dtUb1M9KGWWMkuZaRWrFVVXVF1RFSpdr3S90vW0fq5cuXLlyhUYcHXA1QFX06YE
pFYe/n/+q8L4R2Qdn3V81vFplaYLFy5cuHAhrTI5csTIESNH/HE/71uu1IrL389BPy/Py/MS
vs78deavM78/P/k9e72tft5V7tT9/q69mmZtmrVp2txF61LrUuvfJACpy1P/pt7STq3QpV64
pfrf/lz7c+3PlXarO3XK0NwSc0vMLQE/9vyx548908Yf2SKyRWQLyB+fPz5//LvrOfXtHqlT
SlLnaqbeoVgoFoqF4m/G/5789W394G3bpU7ZmGfMM+YZUPt+7fu174N2TbumXfvj/t7Wzmvv
r72/9n5a4pX6N8uOLDuy7EjbLvUOW+pDje0LtC/QvgBseLjh4YaHafKm2rlSxUoVK1V8e729
63F0x8sdL3f8TWV+c+jm0M2hUPpC6QulL/z7/eBt/fR92fVt4/Ft/eDfzTtXnO23M4XHlAOx
wlvHkwm817y6vTck7nIPi7NA0CfycehCKNA68/wswyD0pm+LjN/B7QhLjxdB8Cr+fkczI9jP
KqUCOoKYIJKT68CrZUkvjGGgnY0tb90MwZ2Dh2lnwVMuePWbkRAe+diRcgIytHDU9Z8GSRX9
q3gVICGht++P4DfA3yNnga1TiLBPAI8z4vvXwyH2jLfyq5lwosK9jw4XBGNbUpRlMoSvja/s
WgFJL90O7wUwLSKnuRa0GtqH2lfg+lnP42kC3hJGbe83oM+grJgLYpix0OwNsoHYyBaQK+VE
4sGcZ440QkFZoeQUO8FsYfY2doM+Uv9anwPaAG2BZTSIYeKKqArGemO+PgPIp5jiMBj5PHvN
C8A1JHVB6SMmizYgCogY0QiowEQGg3FMNjUygHlHrpEbQT6mlPgJzLXyQ2JBXSM+l7eBVUxk
JAjEJfEaZD1ZnzdgHNfn6itB+UIbp50G5YZyRLiBiWQTJ0F+JJ/K1SAmCUUtDDzUQpUVoAlL
EWsSWObanjtag7wn5lu/BeWuGKtVANeEpByJrcH8gE2ebSBLq2WtSSCiFLd1PmgbxWPPJNCs
qlUNB7W17aBzKYgclsdWCT7f+OwK7AtqfW2HrTboUg4xE8DsQR/xJVhf+yzwHwjiMv5KQ1D7
aq2tVqAdOdkG8leC5TpQwshq2kBTLHetQ8E1LCUp4TJYC6h2vR8EdPX/NdvPYI5nilEAlKfq
MrU4yJGyHIfB+NQUsjqI9mK97AH+0nem9SroF10D9XPgeq6FWc+C40nIorAeYAlzzPatBmKc
GKJMBoa9n0DtdrLbyW4noXep3qV6lwIlUolUIkFdoa5QV8BXC79a+NXCtPajMozKMCoDTBk9
ZfSU0dDsTrM7ze6krS+yvcj2ItvTHm75IwofL3y88HHodK7TuU7n4Bd+4Reg8o3KNyrfgNs+
t31u+0CW8CzhWcLBEeuIdcRCZI7IHJE50qZ2UJKSlEx7+CX1YcLUp+BLm6XN0mba/mYumLlg
5oL/v6D+u4wbN27cuHEw8ZuJ30z8BlxbXFtcW8Cx0rHSsRK+yPpF1i+y/vE437dcoz4c9eGo
D9MSzbVha8PWhoFzsHOwczCMyTwm85h/QeL89/YaV2lcpXGV/nn9/Fm5f89P/ohNozaN2jQK
GMUoRv3j+jNzz8w9MxeoRS1qwfVK1ytdrwTXuc71/6a/1ArXnZl3Zt6ZmXbi9fTx9PH0gQpG
BaOCASNzjsw5Mue76zv14bFJ+iR9kg4NMjbI2CBjmr5a72i9o/UOoCtd6fr+/PVt/eD37PF7
7YocL3K8yHGwV7ZXtlf+56do/Fk752yZs2XOlv+43DrFOsU6Je132Piw8WHjoXeB3gV6F4AX
r168evEKZhyfcXzGcbD8aPnR8mOaHYZOGzpt6LS3l/ddj6MPP3z44cMP0x6mDM4VnCs4F3xz
/5v739yH6N7RvaN7/+v9IJW39dP3ZdfUC7B/Nh6zVclWJdt/M1f79/zg3434P3PZpKxQoUKF
ChXevoMeH4y5X3wPlA7Mt7N8PXBF6Rc8v8K5M3een7oCAeucA31GQ+Yy/hWyvQTzlbLH0g3e
PH/1UcQFuLPgUYm4BhA6I/NJyy0ocSNT+5zn4EmzN73dXvBvQQ2zP0S21CbEDwUfW/AQvSUo
N4wKcgG8WBlX2l0LgnqLg9nmg/k0cVzyMcg0NcvoDLHgf9O6M+UOxJZMcrjc4N2i7Y+dBrmv
BZes2AcKPA521XXAtsuL+yxeCldKPy3x+BqkfCo7WhdD2Jls43LHQGJ00oa4TfBs6ov6T/aA
kV/k0x6Cedywya6AQh55HUQ7brIUzFBpmoVB7pVnZXcQuURz0Q7Mk+Z+cwcoOdXBSiVQ1ogr
6gKQd4wv5EvAIfrKF2B+wjdiEpjHzJvGWVC+w0VjoJxcK5qDqKxcECNAuJW76GApqGFvCOKR
WEIfUL5SIuQNUPoo+9XNoISrW2wTQTuhPVD7gxai3bF1BjmZ3OZ6kDdkinSB/bj9ivMxWDVb
RmcbUJ8rRdVSoGRUB1vPgiXR+rktCygx2gu1Cxj7RDe2gVJWPLIcBm6boeZdcEe4qifNAnYy
wfgEHH3sXe2vwFxpnPW0BP0r14iU70GrqG23DgZRzrLD+hWIH9SV1jkg57NS7QamYYaZq0Ce
EiGaAuKZskzZA+Yu85A+H1xLU54mdADFl90yHmRt/JXO4I0wG6slIWV8Qs6Yi+Du701J+RSC
ewdXCvkMfH/wTQz5Gtxz3D4pRUE/a75MHg+Wpco2dS9Y8jqGB9cBd7S7rWcVBH7hQFsAyn5+
9I6B2JoJnsTvQF1vfer3FNR8SiOiQTnAVT0v5CibMc7mC4vtSy4vOvbvD+x00kknnT9LagXy
snpZvazC9x2+7/B9h3//LfH/V0m9Y5NaQU7nfwZnz549e/bse6g4v5oRm0f1wpkfH4TdPgNy
l+dJwigIGeDzndMPFN3vhHIWol5b70VugYsJZyPfXATfCo5T4iTYWskKahvIMIegDONBze+b
0xwPea44VctleH726ZPoONC3WicnZYO4/slzvTVAy2Me9wkF5xBVWuaCJ587Qa4E59bAweIw
JOYVy162gFd+sbf0wmDbaevrWwz8hps5fKdAuREFdld/DoYS29I2GWKyxx9LGAuuL4yyRh1Q
NmmVxIcgdqpn5WlwW9wfeZuAUUlfKi0gI7VipgC5zBxvNgUZIrPJqyArMFhmBvOsPCqjQb0p
5qoWIBuHaA4yn3xEFNDT7CUOgDFGbjIEUBOXBLgjG4gZIM+LYGygDFSO0hqUUPGZehx4Im+L
GJB+8pS5FGgpSosKYHwgc5jZwNHbdskZDOoUraeqgnWs/VOf38D/p4CXIb+BOCA+ky5Qhot+
FgVMq9HVsxJM07hingDbb3arfQFo+W1D7UtBPhEdLM1ATVZHqAIsZ9Qt2kegx5lFPJVBuI26
no9AVpaGUR2Uapqv6gGfM36jfRLBHOhda4wCos1Onq4gBM8YCrbbvq0CvaBl1pppIaD20n6x
PwHzhPGzHAbijGgib4PZkqNyIugN9PZGdTBv6OdTCoO5yl0k+TBY60kf4yZ4HhpBxIL7a+8C
PSfEKtE/xxSGpBnJR2KygDaAJvIr0BVXj6RfwayS5b7ZCewlHAXtXtAPegy5BURZZaucB96N
SVnixoCcKnuqQ+HNHnfVJBeYy8yCegsQPa0XrHvAmsWY5NoExhj9N/kKAnP4TvctDVo/nOpt
YNlfHerppJNOOm/Hrgm7JuyakPZ+3SlzpsyZMoffL/Gnk87/It45cc7xKtMy5VOI6+46FdEb
AvarK511IENHzcexAmIsydkSG4B7lHZM/xyKmQWCfA1ILmcslv1Bi1c32SeD7XXCTctoMMun
uLx1IdAMvOr7DdhTXK2NSeDjJ6ZnHQXudfbPXr8E91VjVspJYJ+3gaMliAUMiokAV3m9q3Yd
tC1KcU2BoCEhbYNPgOu285prMJhfxQxyXIGQrwOsuULg11unuhw9BJ5TzGMP6B30781xYNlk
LSbaAgtEGwLBO8UYqAeDNdBh+swEyw1nkF8s6BHeofIOcBmHCAD7BIfdeQFsw2zX7cXBLGD8
pvcB72FdesNAuauOV/uCkPRWfgFjrtFB/wSUq8qHMhksd6yRflXBtIqHZllgtYwQG0D7yVLX
thJ4I/NyGIxgb5j7GKiDRRmjBGhLLV5rAdAitYrWPKB+qVktGrBEEcqXYMlnGetsAuavSGMf
aIOUXdonIDrTS3YEtbw6Tw0C4xPzgp4D+JpHSh8Q48R6rgBbZQ35HGQz2UevBlpbrsn9oDqs
PR1lwIiVbZSnIGarTdVzoH/ireHtAfJHYqgE1s8sQ23FwHHI3t56Edx39J9kAzCXmgm6BeQg
8zsjFJTfRCvcIKK5b/iD8QFJSg8wHhi9zA7AWVlN5gbfUz7Bzhcgf9K3m99BxPlIe+RIiHa8
GfiqC3hauaslPgTzhHHAbAopF73ZzOdgLuGQ4gdRFyJbRYwAnznOgQE5wdbBkcH3N4g7k/BN
dC6wf+j0WkuBeKZOsK8Hb4L7qLsW2MaofpZOYDmi/6qcheQYb9akeeDM41skYDnEzUnokugD
vpfUQMuUtw6ndNJJJ52/nCYvm7xs8hKa0IT38La+/3Vsfbr16danf7UU6fyrePf3OO9PyODK
Cjm7BK/NDPgWsBV2PoHEUmq8HgzqAv03NQoyhGt5fGpCcM6cV4zPwF7BnlmpDyFNsoaFHYco
1RIeWxhe5X1VyHoM8t73L14iBDKqmQoELoUMLr+7bhMydLAlZeoFytd8bG0APGCN3AHeNylt
5AmwjbH8pPUBZ25bQ3UGuHfZq75eANHNIu882g8fFM79oNQWEGMUPxrAsyIRFx/0B++X5nXD
AeYtszo/g/hCaaDEgZnHzC16gRKldVZfQmD5kJOhOyA0d+ZluX0ha5fc9wv4Q9ihnGXy6RDU
KeOzbPXBxxXkl2kZ+M7N8FmWB+Cvht7L3gQCj2Uqm8sB/npo9RyfQkDzDD+GLQffwMB6oU7w
6xy0L/Nm8AsJbJPpGPhfDroRWhYcFf1uBj0Hx+d+HYLPgF/+oGEZD4FzVMAPmfKDdaHPraDN
oIY5mvvXBlHS2tEnJ1j320v67gf1iDXeMQestW13fVaCOtbqcvgBDW0/OX8Fc51SU50NSgX1
sLU3KC3V5xYL2D61PLWtBvtze6RjPxitzTNmGIiJWgXtRxBV1APKHtAiLGHqdhCRIkIJAvs0
+2XnOPBp4ZPZNwHsTh9LwMcge4qslp2gDDR6mc9BeyIiiQZ2mR+4VPCEuwvENQJX5pQ+iXMh
qXrcwthB4OqY0i7JF5RnyjJlNigrtN3WUWDMN6d4qkBoh8ArjqWQOX9IgaCaoHyqLLNpYH9i
7+zoCJnv5/TNaYWMV7Kfyz4aAhsFVgjcCf4+/kV8K4Llue2RlgEC6weWDn4BIaUCe2SqDVZD
uW4eAS2/dkEpCeYVxSNiwZgpBujDwNbXWkdbDoxnNE1A/0r0ZgN4h7CD/8WfeE0nnXTS+d9K
ttfZXmd7/VdLkc6/ineuOFs+078LHANm6+gjlqbwup17acpa0EKCXCklISEP+43dYByO+N59
CILKORdosWDbqv6i+ELsGHnyUSI4MgT0dh6EpOOuKfFr4NziG+cvANoX1glqH3Ds96/Nx+Aa
lxCnNwG9DJX4GXyifF8qNcFS13XKGQLeDslPPMngzhzUVmsIlonJ/r4fQohFmys7QMGC2bJW
bARyUMpwJQW0PeYRURXcjfQ+Rk7wFpHP5afgaKaO4gXIAqySpYE8nNXGgnbOusz/EzCqmOu9
r8G7KHlw8jWQbWRjeR2UH7VB1r6gnrU+8M0K6hK1uGMJKAPUlm4d5ED9utEYRFkaGa1BNFVz
URksiepyHyfINfIXb0kwK5g1zWKg1BcWbRGYKRQz6gETRR3lKNiT7B/7WUDY5DrzDBiSL/AB
vhNFzTGgffB/3rqhThETZUfgFU63AaI1K9WVIG4RJVuA1sJsrv8Cpu6JT5wJNFG+sD4CJZ8a
q30KxiQ9DC+YbWhEb2Ci7C8bA3XlPpEBjKtGQyMjGBX1BymDwGigb2cYeG57X7omQ/KsuJjo
jGC7aZ9h6wT27vb+jqPgowVsDekFwl9M0yaD0sfs6B4J5jC5U+QB85IcwMdgm6hmVI5CcgV3
VW9fiLHGbU5IAlx+zR1TwHJL/UWdD77n/Y4FXoeAfSE/ZL4MqsP5KtMgUJ5omWgE6ge2IZby
oM4xRkpA1hGl5WRQZmu+lijAUPs7hoI3KGVx0hZwnU1ulmCDoEl+zfy2gppfLWrtDslj3N8n
rwWjHRHqXtAL6gbfgJpXrWwXoC61zqQwUETbrvUDoPNfHeTppJNOOumkk8774Z0T55eXon9O
mAePxqiHotuCusmvKJ+BvWtyPd9OYDpd3eQRSNzisaTEgelyvbZ3hEzjHY9zOiHq28SYO9cg
b1VbN3teSM6gVdOyQexYdz6jMxiJCd2TD4Nfsey9PBPA0dj+i/sWJB27OsG1A7xVrEU1HTKt
9nsT1B+cLahvXwcZOqhrnccg8ZmnX0RzqLG1tLvePci9K8OQghvgsf328zuZwf2pvGIqYGQS
I4zCYKxgpX4bZG1zqLYfZF45VNQDXMJfzQvKh5bFjiogeyo5tZtgK+mY7XcPvGu9eTxTQatv
zaRVA6WSeKo1ALO4XjmlLhBIhNEI+NpMFKNBua22Fu2AcDFL6wXaCWsDR18w1ssYdoI1r3WS
RQF5R4837oL82WjDE9A82kqxAjw/6+eTI8CcLZ/ZhoA2jaHyZ5BtjMEplcFb3rzm7QOecfp4
V3YQ9ZXjci7YB9m2+PYB13R3WPJIoLOSm3qgfUt7WzSQV8vizQPCx+hGd1B1NYs2DIzBhtvb
HsyP9Q+890EtwUzzNrh6JBdLbAJxa+OqvjkE7p7uaa5CYCzTq7tygzWrpYM2HNzT3DdEKUgK
iRuujAD3bffYlB5gehTDNhlobPb39oKUBonxiavA74X/Cb/FYHviR/BBsC233bWVBkuwJbfF
BP2wrGiUAUd+R3/7l6DVd3TzfQT6D/IoOSDkfpba1hngXpy82/sZeGt4I10bQYQLt7cUuNul
1EqsCuZ4TohToGxUjiW0AXe1lDoJNcGvbNDwAAs4B/hO8T0DSfnjmyTeBnHUSNDXgrZaWAkE
98duG/XA83HKubj7YHrUjKSA30C1kE+WPxlU6aSTTjrppJPOfyTv/jq6rs7miQ3BlmIv5Pgc
UmL1PuY+CKhvq+dTAvLuy1XfWRjuZXl2M/oNuE4l/6g+gsSWrpCIe2Ddbt+ghEHsocRgbRPo
jVNmG7ch6YFSLCUbOPKrRf1OgLj1bHOyHeI7przyauC9re/1PQ5uu1HSlRFyJAXu8DyErN3K
VwzaCMolR9OYD6FoH71JuSdQtmHBUe0agLO0b7HQSLCflPq9cFBbX+4hnoK+Qh8sXoO6z8wh
boDRTozyTAUzmyxu9gPaytVGDpDLzW3mPbB8aymgNQHPp2Zfozio9e3j7TGgbNXqWz4CMc+c
J3eC6KRn8caCfsLoYl4HU5GT9Iug3pAZLf3BcsL6i7UAeDd4+xsTgPVin9If9OOelvpCUNqS
WVkNxsfeF3GLwVMspYCnE6id1DfOiSDKWfMrB8Es5410fwlynJHHWxOMO1w3l4GSQ6aYfmC9
ZVlnHQcuS4pfkh/oYXqV5IOg9dTWWULBs9a4Ir8Dz3b3Lm9esC7QFNtYUC4pJdQzYCzSr7gP
gr2Q5Zq6F1wxiQPip0Fip4Sm0ePAnK8vNh6C3tPTJ/k3UN1KjPYbmIXJIy6B3lM/aNhBNJVD
vNkgefrrBi81sGVyrvF5Aso+BgsvGOHeFG8cRDV+8yZlJzjbekcZQaDNslSzB4IyUtmhLQNb
J9t4qx2M/mKJNgziy7snGiPADJK/4QHvHH28NzNoM63btGcg9hpfKxXB87X3V/0eeAZ4hnrG
grt+SrmEQ6Bm1nbbhoDqVTLKxqB/7pGewfBy9au7rwMhKSheiW0B1gJqeZkXbGvt9317gKWe
NtrHCe4KKXdSvgXtqdrFBig7zXPu8kBT4D28JzaddNJJJ5100vnreefE2Tirr7CUgNAbjmJ2
E17EJrT2bgZNkXZHC0hp7e1jHoSUb2J+sgjwv+yfxz8JHvYJz/jsKXhbpSSqXcHPx2+u3hGk
aj5WR4B4aHSMnQPmdnWsegCiv30xWakEmT4L+tm+FHxrZl9hlgflQcIAZy/wa2sNT9TAm+dJ
CXMCdKjXuNKkjyHfzzkr15wGngA9H9+Amlvpb2QAcTx6ot9zYNebY968YO1vKWd9CMYK9ZF8
Ccp1o6vWBcQ+BouTYD4wR3kPQsqhhPNRVUAP8lRxBILSR4lSo8DcpD23NwTziTbO9hPICUY1
WRBsi+x17KXAGqROtX4DKflcreNPgWzCUPzAe93YYxwDVVh6azlATDfHe3qDWdvTzn0dcKjt
1JHgSk48l3AbzMbGff0RWCPtRWQseLyJD19XBts8e3X7C/Cd4t81qDeoh5USllWgjzIeGDbw
1PWsdRUC9aklVpkBogxXjYOgzNOW2O6Bt7l0pFwDrS7NlQ4Q2zh6X0QyWOqq8co5MDOb9/Rr
kLKQldICZnVzqpEX1G/UBNUP6MIZpQuIruIndNCLmCONU6D66+fFF+Ctq8838oHZzNzhnQpm
pPlYDAEznJViJFCSBmIVWK9bdls/A+Mhx2UEeIfIK0hQB4mGyjSQyRJZCWS43CXngKepO8Y7
B8w2SoThAeto61nbI9ADPTXNeHAv0cvGTgcRoW/2VgClrNpDPAZtunBrWUCbFtAseDw4AwPd
mQ4DD83P5UqQI/RpelUwC3l+NiaBY7ZzPSYIDxW9o4EOyq/WJKCJWC62gF9uv4fB34P3oPue
UQriu76xvxoGxP7VIZ5OOumkk0466bwv3vnhQK2B/YY8AvH1jXGRfUBf5TnlPg8xlaIzp3SH
6567wxJzQ1JD23YawJtHnvovpkBYlqDNMgwyF8lwR1kCSa+dU5LvAntZITuD0l0NsDyG4K6W
Q97JYGuuFjDHwuNqiYGxNyBhTFKw7gB3J2a4S0Hxp5mG1X4GA4q3nrH2JuSekCNv7eWQ/Mj1
0OsLnmzeD+N+hucPn1e/uhSimt/KGj4UMibbvnOWA5umzlBtoAxWTvIQ5APR2jgHYo2yU5kN
UjMjeAJyl9FCnwPacHWN9Sk4d/ldzBQOvl8Hfh1aBhyqT7JPPbBecHoso8F2z/aBWhIE0pl4
Gxy/BBwOLA2+9/yrBrcE52VHdVsusAVp8/SyoA5ByF8hfkTcR2+OQ2LZ+B3R1UD5WX2hxYPe
UJ/tdUBKufgKrxxg7tYbeB+CHC/CVX8wWssAcyXoI/WergtgTmOdvA/2cvYLjiqg5bDUse4D
7ZjlgOMUyBvKL5Y3IL8UsRYJnl6uap6xoNf1DvSUhcSsCQ+jLoLrZUqG+EyQ3MA1NbEGyKdC
N1eBuUbek+tBNBGbpQ9wnBZiN5i+RktjDZiTjGCvDozTu3qGgTHAO0K3gfnSXO5tAd6D3hnu
ziCDzLbiDrjLeCd76oF1iP2yb3/QtilfWjcAL6SX7KBu1+ppXcF7Tu+l/wCecM/alNFgDjBi
9Ltgluc7KoHlV9tIRwSoJ63f+JUC9tnPW56CvYyzgG9tcC4MfJbhGfhU988fmhVsvSzxtoJg
GW95ZesFbl9PfuNX0D5VmqrtwLnR+cjeCnzy+rUMioKAGsHWkK7gExVQzT8eLG3tTW3HQTsg
W3gLg7rKVtnynj5+8p/MtLzT8k7L+4/LU99j+u8i9UteM2fOnDlzJtTyr+Vfyz/ty1+pHzZ5
/vz58+fP/2qt/b/DqlWrVq1alfYBg9QvQA68OfDmwJsQlSMqR1SOf588/2q/+j1//p/Ovzte
/11sebrl6ZanMOXNlDdT3vzj+v80/07n/w3eOXF22Wyj4veAwy/wnM9TsDz2KSVbQ2KkUT7G
hKjPon94sw6yLbQkBpyD2IrxhZR14JvTti9LTvDJYf9OuQAFcoY88Y2GgFifFGUh5Orj1y/T
NNAStMLq12C5LJdbF4E20esOKARR517dTWwMH0wPsRb8Atre6XF3yhlwTg/RsuYD94+umMTZ
IHLKSL00xF17GfyqN6hdvPcCroKyOiHMmA+ZY7Po/htBaSLum5VBfaI+sr0EOcRo420JIkxW
1z8C+yDbE+ss8JkRNDO0C/g3ytQ9649gm+u/0C8jqAm2J7bTYOnqcDnXgd/5IHvoMvD00Ocl
vYREZ9z5V1tBPe+dl9gFPAHJ9eLmg3twcu646pBcMvHr+IOARW4wz4Gv7lctaCSoN9W5rAfl
tnWZ2hCs251uhz/Yv3Ts8a8PviuCYjKGgU9eH1/fEyB76W5jI8gCor/aHbStWpK6D8zaZk9v
HUgamjQi/ktIWeiWyaUget6rAc/LwYuzzwveew4pU1xPoveD+wNXuZQFoO/y7jVqgrnROGoW
A1bLJWwCT0lPrGcyeMt4Fc9lMKxGST0PKP2VUKUxiCrCInqD2Y7y4leghRKrzAQCxWaxGrQp
6gDrBlAPi1HCCd7y3srJH4BySM2mWsG2x5bb5xpoqJW1miCKCUUkgzJPa6wdBjXFvtJeGqyP
rN3toaD2VFsqo0HW0/frjUCcknHeO2AZZ0tWTXDsd5bIOAjMpsostR0o7a3z7OFgzWgJsk8B
Y6PnoucBuL5O3BJ3Eagh53hfABUY5eoKbourcfxiSN6TfDe+FbiPuy4k1AL3xaRJSS/B7Ofd
kRILth7Ory0fQMjYkFeZvvurw/tfT+onb/9qTsw6MevErLQTYc8zPc/0PAOfLvl0yadL4Oy8
s/POzoNv237b9tu2f7W0//kcPXr06NGjaRciNT6v8XmNz2HomqFrhq6BU91OdTvVDaYXml5o
eqG/Wtr3x3+KP6fz5zjc7nC7w+3SLoCmHph6YOoBuLjg4oKLC9La/W/173TeD++cOPuY7n4Z
J0Gg6WvNeRvCyvmfDGsEte/mXF22ENTfVuNR+TMQPCzooUiBMt/kO5itC8h9Wl3DA74Pfb4J
vg9P8yXOTGoOcblTfCzNwSgrhqfkBmWTWGtPhozLAgtmrgvZbqp+MdWg4eVC20sOhp5+fa/O
rg+uINnRrArGVc/DlAGgzdZi7MchZXxS8fgAcPSyL1bOQkz0s/wvioPtJ6vdGgWFB5WOLCPA
1lP7UXwAWjGx1VIVZHMzgo5gRIpG6vegmNqv9hWgbFUeijsgXxjZPb+B4eOxJ3cF41dXvYTX
oB91tU6sBZ6syc0TG4E0jMyWZeCc52MGrwB3luR+SXchJWPymzgDjO/0D+QZUFoq9a1lwH3D
+CrlK9Ae2lZqz8CZN9ASkgC28z5P/SaB3/3guEwPwJEU9EumRWDZbnvj0EFP0hX9YzCHGheM
xSBM86H5DTDBKGlUAo/Htc41Aqz9bTUttUC7rG23xIPf2OBtIf0grFY2R+HR4DfE57dMX4D5
oz4ypQEYHxibvPPBPdAT5L4OHtVzxt0cjK36Iv04mF4p9TLgHa539U4E3dc8aABGd2rJZ2Ck
6Is9s8B8YVz0rAY1SdktZoByVd1taQVabmus7yrwC85QOeMrCDJDPsmWEazN7LP8CoJYaJ/h
/BzULNYwWxxwwfhOfArWznxgHQEyu4hSN4KciFPND+oj7ZjlGMhS8rC4C8pJI5/+GmRx7xCv
BlQy6hm/grpZKalkAOLUz+x5QJ1ivWFTwb7OedxnLIR+nHF25spg7+/4JiAMfHsHHMhUCQJW
B1zOFApKlNbYeQfEVTW3ZS5Yr9pO+7QBc4020pEHLEXsG5zV31+gxsbGxsbGpn0yteG2htsa
boNmE5pNaDYh7ZOvqe327t27d+9eaN26devWraFFjhY5WuSAxo0bN27cGJZeW3pt6bV/3M/v
VZ7+fvmY8DHhY8LTfve52Odin4v/uF1qpafprqa7mu6CeSXmlZhX4u3H32pKqymtpvy+fPYq
9ir2KtD2UNtDbQ9Bl85dOnfpnKanVHRd13X9z9vhn9XP3y+f3nF6x+kdoUlYk7AmYfDd4e8O
f3c4zW6p782dXXR20dlF07b/s3Z8V33ubra72e5mab8/Kf9J+U/KQ4X+FfpX6A/7puybsm9K
2ieJ31Wfc07NOTXnVJq9uhTpUqRLEXie8XnG5xn/cbs/8qu3jZff8+e37SciIiIiIgJ6eHt4
e3ihefPmzZs3T7PrH/nJylsrb628BR0SOiR0SHj3OH7fek1MTExMTITBgwcPHjw4zZ9T7+ik
6uGfHd/78tdUTntPe0974dXEVxNfTUz7AuJf5d/p/M/knRPngFwBB5y5IDEy8UTESvBcTroT
1Rb0C+D9EcYM6pa0tjx83KbxrgHrIDSjn39KMuTrk7VelmGQZb72qd9pyNzI2dK6HDLkyNjZ
OAkvDU+Q9RY8/TDxbtQkUPK5y9zrBw3Ucpb2NaFLx77KnKKgtAgo6S9AlPR+oxYD0U4NUm+A
flOOMk6C9Dc/9jyBpP7eRa4fILbny9cRIyHn9yVPVnsNPgtCc+YYA44EyxotE9jzar6WQDC6
yO3mPFAc+BgfgTpB9BfHwf0oub7rDbjzu/bpz0DOM6/jAl26g93rQdr06t6ZYOzVv/XcAC27
WG/0A/ZaqzhiQLtj9/e1gANndX8H8KH1jHIQrNsdVR3HwDfUPyG4FDgu+OwKnAi2sfYffCPA
Ei7rizyg30n5zT0HxCitgsUL6l5rPUdVsOBrCw4G6y++BYNOgPhU3Wr5EjyzzVVqC7A0d8YH
lATrr87DGYaB0+rfP+wk+B7yK5CxEPh2DCoTWgKc7YLGZpoHWQfmmVjqSwhNzDo/TzgE78g0
Ioc/BG/NdCLHz+DbPigqcw2wFLYl+QaCkmip5zMb/OoF7M9UAYIWZKic7Ro4+vguz6SB38Pg
fNl/gZB22UYXWQYheXK0K74RgkXm4LzfQUi2TCPzPQZ7a5+TGSeBqKOUVYuDpY56THwMyhzp
NH4FY49RObkUpDxJ6RT7CXi/TOkePweYqdd0dQYjxNM+OQyUbDLQrAVGTX2dkh3M7AR7FoDZ
Upa3KOCp6MlmRIF3jeenpF5g9PN4UiaCUlAWMuuCWMAd5gK3hSnbg6e4e6enMejbvVH6KpA5
TI85GxQf5Sv5I+gF3BuNDaBa8REXwZnTYpER7y9Qp+6fun/qfgh9Gvo09CnsfLHzxc4XsPXZ
1mdbn0HYuLBxYePSKqpr7q25t+YefFz649Ifl067Zbns2rJry67BT+d/Ov/T+T8vz4SsE7JO
yJr2e2GZhWUWlvnHdrVq1qpZqyYsqbCkwpIKsHLVylUrV70/vaRS7nK5y+Uuw/CA4QHDA+Dg
tIPTDk5LS2Cyv87+OvtrGN9kfJPxf8EXHeoMrzO8zvC0RGfd8HXD1w2HdtPaTWs3DZb0X9J/
SX9Ys3bN2jVr07b7V9vx93j2/NnzZ38zpaV79+7du3dPSwTbt2/fvn17uO287bztfPf9hdQL
qRdSLy2hqb229traa2HakWlHph35x/Z/5FdvGy+/589v28+0uGlx0+Lgo0cfPfroEWzdunXr
1q2QfU/2Pdn3/PP6WL1q9arVq97d/u9br/Pnz58/f35aArvjxY4XO15AjdU1VtdYDTN+nfHr
jF//+fG9b0ZvHr159Oa0C9Xf49/t3+n8z+KdHw4Ua4IPRC0Fe2XL9qC2kLwhdofnOdheMN/h
A7sm7Bwx8yiYm109E0ZC/ieZr9eaBtYk91LPcHikGyduTIKiN+1fVQuD5G+EJ6YyHAk7XyM6
NxSsFDI613Douqpruy9zQZaz+deUtYGnn/db78+gd/Vs1xeD8lB9LU+CkpNMajToa71hrkAQ
w8xIwwu+K+3rgqtDvjtlf65WGPz3ZnUGlYCkdpEz3ZMgQ+PAfX4VQasX9WNyf5D13WvdbpCP
zDWUBeW6NkwdDGJ2yiHXYUj5JKFO9HzweK09ncfBUlx7yVxwmSnTXWtBa6hdtVwFNUpekbnA
HCPdRj0QO0WI2AL6S72u51ewWC1XbQ4wvnCtTVgN+rdJscYQELr6RFsL1kH2nr4/gRiq3rYU
BTXB9oOyDPS7+hJ3f6CScd2YBsyXvxl5QIQrmbSlYNyVb9SxoORTThmjQHzAUw6C8VDfLa6A
EmLtJLMCe5TT6lQwZ+t5jLug3bH2t34PPtkt6zNNB2dLMzI0CZSeFj+1DeD1zE25Ct5ZnldJ
nwHnjEnyE1A9WnfRH+Q88YtSFiyTlbFiJUiP/Mm4BEYdqYjSAEJXK4L055nSCfQGZjuKgtFS
d7p7gq2Q9YVSDLhhdLeYYOQzXO5yYL+hhWkSjM+th+wNQdmDnwnYP7I0EHPAuGhek3VBl3qo
GQVmcRFlhIAyUVlrGQVqWa2gIwhUU9zWroEWoNTW40Ev7H3lGQJiHV+o4aCVUXNY+oP7I/dV
oxO4oj13DBWUNkpDy2wwVLOg3AZMkS5xHUQV1Wv/HsQVS3WzF/h41Sb6RrAb1q5qzH8FSbt3
D9RT3U91P9UddmTekXlHZlB+UX5Rfklb371D9w7dO0Cjbo26NeoGR/IfyX8kP1zqe6nvpb6w
LnZd7LpYuHv+7vm758FsZDYyGwG96EWvf90BJvUEawmxhFhCwFvfW99bH7jABS78/napFaYn
m59sfrL59/tN5cKFCxcu/E1/OSfnnJxzMlTbWW1ntZ3wS8ZfMv6SERZdXnR50WUYzWhG/+uG
/Q+UmFtibom5IBaJRWLRf7N8i9gitoC3rLest2yafpZUXFJxScV3t+Pb6jN3dO7o3NFAMMEE
w6AVg1YMWgE59ubYm2MvdPqh0w+dfoDJOSfnnJwTtrGNbfx5mmRpkqXJ37y+sWVUy6iWUfDz
mJ/H/DwGOMEJTvyjvL/nV28bL7/H2/YjS8lSshRMyDYh24RswD3ucQ/qbaq3qd4mmMxkJv9f
9NCmdZvWbVqDcku5pdyCJeeWnFty7s/b/33r9Uj8kfgj8bD24tqLay8CnelMZ2gZ2TKyZSQs
mbdk3pJ5QFOa0vSPx/e+/PXv4/+P0EvoJfQS/Nv8O53/Wbxz4vyb9bdWHg2yRfu3NdqDfYry
pTkXTq97XujSKTjW+lGHo9sh/9Xg5WFjoPDYfDeLbIPXPfB/uQou17577vVcyObI0kFPAhxJ
vi4vfFC0wCf5JkD7rO2WD2oAQZYsQaXjwb0laVLyATASLW/kGVDaiivaZyC/MVcaDUAppOWi
NxhtXQnJ94Ap2kvrRVD2K6t99oNxyTXz1Vzwfp/yhW08hNwJ88vZFbInZJ+bbTxcMB//ELUH
lNMeQ2kBZiezr5kIWl1LWdu3IPZ6c3gXgZrBPsHSGCxNlK4iGvhCLjMAsYPCylPQNMt0+0ZQ
5zjaOd+AqKV38gpQRppDTRuIn116cnXw5nY/dc0GUzPbe5eC16avcGmgxaudlFWgvzLDzYtg
qeJo5VMYlFLqDa0XyKJmd9kZ9NtCkwVAVjJKeBeBvbxtphICjgn2DvbhICOlKroDVulvDgBX
f+/slKOgF3c1Em1AqWOtZB8GyjlxR90M2lraMxmsl22RMhzEduaZoRDbIuHDpGzAS+O1XAHa
ZS3KehCUMGtj9T4Yn7smpVwFudPc5i4GyXPEQw6Aashzejaw7FL3a4VAXJNTzKygvqSi0QaU
+7KCUQzUAPUzxy1wJmsj1FogpmqPjYMgGxKrdoaAD/yLBkaDK7tenutghBpbzYdgzWhfr80B
OV/mN74CbyvPQlLAHeVd7v4eHHbbWK0piBPCVO6Dvs+71egL2nG1ptgCagFbT7sdxCOZV74B
0UUpK16DT6IspPwGQRN8DvsNB9cG/YVxEPTypkv5EmQB/YksA+p1dbK5ALQMtsO20uB/zHJW
HQlWaQsWFQH45H0EqiwtS8vSoO3V9mp7/3G9uCguiotgPjOfmc9gsDnYHGxC6N7QvaF70ypJ
VatWrVq1KmxnO9v/if165njmeOb8ebktSy1LLUvffrvZxWYXm10MvB29Hb0d4TPbZ7bPbPCy
ycsmL5vAxo0bN27cmNb+XK9zvc71gpsrbq64uQJ6FO9RvEdx+Nznc5/PfeDAlgNbDmyBnbE7
Y3fGvr/E+Z/Vz98nzH+0PJXUW+Lvase31WfqLftHfR/1fdQXKlWsVLFSRbDfst+y34KgT4M+
DfoUXrd43eJ1i/egyL9DWaQsUhal+f3f80d+9bbxQic60end+0mdGqAeVA+qB/+m3SVxSVz6
43Gn6jeV92X/96XXyJyROSNzQq3dtXbX2g2UpSxlAStWrCCmiqli6j8/vt/jbf31bQnaELQh
aMNf59/p/L/NOyfOng1x31nyQ8oBrWG8DtavxdTAkmAfajQ13oD/dz6Lco2ANwWUI0YAXC//
6MHNRMiSO+RG4Azwr5HpE9/68HqpJ/RWIlRdUKhs/dbQseCHiYNjwBrmXzRPBHjXpbxKvg/K
TdUhCoMWJn9R+4DsJbPrNcDczQvjBCi3mSkugWe592BKBDhn+0eEPIbIIS8yvLwNlrmWloYf
WDs7I+0TQPFYGjkqQ9iKHJWy7gTnEeuLW0cg4bqnnW0AGOPkIpEAztfWfLZykHA0rnDcXCDG
Nc1VASxDAr53JIE7wJ1VzwO2lvZAZyNgjPiQzOCeFVf29QOw1bf/4nsIxGaRTfsatBmWufaX
IAarP2tPwIYtyD4SuC92ifIgVhmfGtnA+F6v6B4Pan4lWI0AT3ZPLT0n2JZpVbX6oH5rtdpM
kB/J79TVQEHjtd4YEgbFalEvgGrGAXdfcB/SK8sbYH/ue8k/HrSntu99W4KlrkXTtoBWQr1r
vQksMdfpgSAWy82e70H7lQyW1uA4ppU1C4Otif2CuAbOu86nailQ42W4NzfIwdZTqgmemu5N
Rm5IcRp5pB/YRznv+eWHlAvedsSBdw3fK0fBfUHfovuAraWaX+0A6n31Z8uHIBcoE+VWcKQ4
DtqbgvhJ1lerg15KhnnrQcBhR1ZLVtAaqp2tmUBfZfZgJIgHoqJigJxlSREfg/eRvoxgsPxo
maElglnDrCR/AWW846LlOHg7ete7SoLaTButqiCqy2UyB5jNzBVGCIjMyhtVgpKbHVph8MlO
jDRAVGC02RysC/hG+QU8wfpi8y64r5vfGWFge6Lck9+Cc6Q1u7XCfwXJh+8eqKlvh1g+cPnA
5QOhv9pf7a+mrV+6bOmypcug6vaq26tuh5OzT84+ORu2Xt16detVyHA7w+0Mt+HMmTNnzpz5
m45LU5rSwCUucQks1yzXLNcgKioqKioK7ve93/d+X2A5y1n++/KlvtXijxLBf5asTbM2zfo3
FSvrFOsU65S037ly5cqVK1fa71tRt6JuRcHcEnNLzC0BSd2Tuid1B/8q/lX8q0CkO9Id6YYi
s4rMKjLrz8v1Z/XzZ7ly5cqVK1fe3o7vqs/qJ6qfqH4irbuZXWd2ndkVAucHzg+cD5E5InNE
5oDq1urW6tZ3H+eOlzte7ngJHehAB2Bz6ObQzaFQ+kLpC6XfopKYytvGy9+T6s9v20/SgqQF
SQtgj98evz1+0JKWtAT2tdrXal8rYBKTmPTvs//71mvW8VnHZx0Pk1tMbjG5RVo8vRj7YuyL
sXBmxJkRZ0YA+9jHvj/vD2/rr29L9dvVb1e//e/z73T+Z/HOibPzrn+ekFmQtbt/oVyFoFTF
TB/lrgtBlwIOeP3grPnblsdJcHFUZOtbZ0DflKmWcwMEG55RngAoss4z1xEPdbc2Gj3rCBQL
yt+zcgC4Fouxzn4ghopvrP1ARooFej1AkRtJBvmBKMswEB3kUKUrqCHKNLUk6HGyuZIEjta2
Wb4dIe7Rq+Oxz+G3i1ezn46FQoNKz67wGtQM2jPbSpD7QNyDrDuzN8y2EnyC7Mvsx0HJktLf
NROYahxQ4sESYclgmwPWBPtGx3owilhGqB+DXp4IcQl8rL5z/ceBvtsb7qkPxmB9gLcAOLI5
wwPWgHeoHskPoFTTXqjdQa1giaQXKJ+a08U8EAWU3couMOKMq3pl8OxzV0p5AOoT5ba2E+RF
GSA3AbFaa8Uf5G4xUX4M3nWeiOTGwA0lWjkLxiz3BU8HkGXlb6IWCNUa6jsanC+dgy3+wEq+
NXKAudgzzlgMnmumx3gE3iaKj/saGKf0V8YtkFf1KnIGmGH0MZ+AJdJiagZYe1JAtIDEEQkT
kh6DUdIIZwpYPlMPyOagm9wyDfB9GjA54BW4wr2DlWiQCYqhj4RMeQIXBNwGP4+tp1IALFu0
VUpREKGimFIDvBc9M/WPQR1BRuUjEKvV84qEpAqeNfpAsIxQHptrQBmkllWngVFMdjAvg/c3
zwT3EKAcW9QC4B3jOaXrYGbxfupuArYJtplaCxB28wkbQXlJM7kEjPV6W/0x2ApYv9ECQG0t
RljGgl7dmGceAPmtmGH2BvFYdjY0UK+ot7WFII+q65QgcO1M2u2qDsY9xV+2BuOE9kLcBG2g
NVbdC8x7P4Ga+pDKlNFTRk8ZDc3uNLvT7E7a+iLbi2wvsj3tYaU9JfeU3FMSevfu3bv3/9fe
e8ZJVWx929cOnbsn5yEMWXKQZCBJFslJBBQkiwKCogIKKBlUEAEJCgiKIBJEyRkl55zjMDA5
de4d3g8+844PHu6jB87tee67ry/1q9q1a629d1fPf1avqt0Xwq6FXQu7BjW0GloNDcrvK7+v
/D6YOX/m/JnzYRjDGAb0LN+zfM/y0Gdun7l95kKDEQ1GNBjxcL8Kxul+uPvh7ofhW77lWx4/
P4z6YdQPo4BRjGLUH48XbCd1cebFmRdnFkak/P39/f39oY5aR62jwnvF3yv+XvF/3Y+/en8e
lYJFV3/1OT7q/exWtlvZbmUho0dGj4we8GP8j/E/xoPvV9+vvl8Lt/sbNWbUmFFjgO/5nu//
9eu83vR60+tNoeWdlnda3oGIpIikiCSYcmXKlSlX/vp4f3W+FPDg53lu5NzIuX9hHOfTzqed
Txfm2n7b6dtO33aCJk2aNGnSBKTaUm2p9n/f83/c93XcuHHjxo2Dj6Z8NOWjKeBd613rXQuW
ZZZllmUwInFE4ojEvz7uP+OffV7/Kv/dn+8g/7MQfvvPVdfr1KlTp06dvz7As0n9RxfrC3W/
L36y5jZ4Z2/3G6+lwenEK6+fmQtLyv/cdfkAEC/Y3zY1gXs/pS9IToOXG9Z6usFG6JjXusyH
v4Dv20A382wQ19gOmzaB4SvbDXssCIO1wboPVK/+o/MtELcLb1smgv6CsFSOBvE4Lypbgb1a
inQNyDEWl29Cbqf0gbejIGtz6rHM7qC+qbyUWRwSR5ZqWsUB1tWWJlEbQdpkGiv1hWvVD7yx
wwkf+T6qPncKXH7jfkradDAeMJUMOQFhCxN6FqsIzubZP91/BXxz1Fl6SzAYbKdCeoDgULcE
fgQmaFZ/MRA+Y4y4EsQWUnXDXNAOixlyDlh7hreKuwPqPs8z7r6QNza7WOpB0KPVUoFNYDgt
L5OLgeEXU4gtGbRdPC2eA1XxpeceA22BoZL1FMhDxLVSCdANWnP9K5AOy3MMg4AveEc4CppJ
T9D2gPy1cblFA/EHPU65BL4y7qJ51SCQ6+/vnQjyPGmHuRcIT0jlBTsI1cRR2h2QN0r5thCQ
XzZuMJYCPVqrFhgHwkxtrHYbvO/5RnsXgpaql1WtoFzzn/A3BPtVax/TXjBhuxQKKKfVRlIm
WL627DKaIGyoNdLQA4SFgXh/AzB+Z7givQOGF6VmQnUwFzNcFRuB1EN0Eg7+qoEn9H7gTveu
8uSDfFI3q++DUkwN80ngDw9sD9QBw0X5qMECajdtEM2BLsI6doA+QnUwGjguvskh4GndoTwB
tmF2KcIN2knhObkKSDXkKyYdvL28Y9xxoG1UNgWqgfErY1nJD0JXcY9YFxS/MFaYD9rPSiOx
HxCqWQOzwHjLVFn6AqJWWu/aZ0Fo/Yg3zKPgzXfeP/r+ub97mgcJ8p9JQa7qX81R/U+lIAe4
erXq1apXg7DrYdfDrkPW5KzJWZMLd5Mo2LXh38X/tPsaJMh/AocOHTp06NBjiDiTKoSFn4Tz
Na8NOF4dZj73zfXpLcFTUzljPw/5Mw1eXQRxd+7I1MbwyszoZnX2Qbsq1X/4oCPkns1JdfUG
b2hap8t7IPHA07bGPcA/QF2tLAJxvJ6k5IKoCQuNvUHIFRsIg0EYrmfpC0CrJ0yRFwGTma2s
BJNVaGh4EnwTpCueDMjtemTXxuPgGrJ53qk3IHbq2Cbj7oJ+t/Le6Kugf8JT4k6IvVasdNIK
KFopfEt4Q7j2fGYn50HwGQKi9yPQSuqKEAvyPeM1iwncJ3Kfy+oKhpWWJywKSMnSeWkxqJ1p
LfQEQzt5jfEeqJ9oI6SngNnq6kAyBLa77mcuAv9c7w5/LbCcNL9iSQIhlXsmA2in9B5aS9DD
+UBbDv45gae8VUD4EEVaC8J60g0/gjIvcDZwC0jWu/tfBHmImK+vAv+hwHklDMR+4kjxOIiH
xV/1myD2M0YZHRCyIPRMmAI8pT0bSAS2SNfMg8A3wVPL1wf8Kb5Brk6gxegJrtPgXuFJzfke
LOWt42xu8K1VqqqDQL2oTVRng3Wm7bJxJEhtrHFGBxgvG8ZKVpA/kT0sAeNa6X39O+A2n6nn
wNnD31B8B6TnhYA0GFzf+UsTCoZ94m7ugNDaFxmwgPG44axhNfiL+74LfA+Blv5P1Kkgvaep
yjCQjkqnxASwTbeeDykB8kLxebEv+Hp6j3s7gWuTZ7F3NigdxMGSBP6d7qKqBcxdDN8aXgbp
Q18/X2MIVFI/9gwA1cdATyUQZ8ljTMtBkdUkYSA47c5Qd1swnTX+YO4D6g/+mf4ksA6wtJf3
gBYmLDNPBPUXdb+4AuQL1kPCCRC88mp5zt89zYMECfLfyT7PPs8+D5yxnLGcsUD/Cv0r9K8A
K+quqLuiLlSPqR5TPebR7QQJEuTv45GFs+UbU3XXixCS7XshCkhefs8d+BaitsUN1saD6ZyW
mnkaOjqjv659DNpsaX1krBdu7fYOTtPAejn9a/fPEFms0oIni4K2QFvKaRCS9HF6X1BD9AXZ
HUGyi4fC3MAGLgoXQb+m3xbnAqHqj/5OIKVZl9qeg9uVbxw5UAXuDpnw8bjVYOrx64+p3UEr
4dsn3QbxU2+i2gJkBb9cDe6I+9ruyALbnKjJji+gnFjFW6oj7J9568XUA+BP8NX0vQSBZ31F
lQ/B0Ns8NHw/CPtzlmW9AnpZv9GfAvrPxl8tW4E+egnpPVCWK+v010DZoES4LgA+MV/IBP+6
7B2poSD1NkwzWMC00fJTeHXwvOo97VkGlkvWVtZDoJZW+2pnwVSNz6T6IG2Slss/A2+IV9kL
2kb1A3U9aGmqy7AfhFLcVCuD9LLwvpILfs2fro0CoYt2M/AxRD0fEmNLBO9Fz7ee7yBfzLVm
bQQ6qU/7h4Oexg/SGrA0tq0PvQNCGWmr2BN0XVnmXQq+1r717v4gNTM0MD4Pjkr2LpbTIJTS
3HJvUPdpryglQWlGBXUO+M77rubdBf0jbb32HchXDeOtbUG4IfxkegkYz1nBD9afrZsNgHJd
myoOAmroTZgJ3gjfM/5vQTsh7BP6gmGP8aa1Afia+Tp5B4Fni/uY5y5kPe9sl1MNTBMMNuky
GC7JowxDIHufs6V/JIRvd3xkdYFjo32/2BjUtmJXw3uQvcO51vM9mFxCWCACAhM0i/Au6IeF
ePkKyBul0dIXYDps6i3PAP/33r7eayAahQiOgP9LxRdYD4pbjVSOgL2B8X05CsxXzENCHSCd
EufLzwEwBvXvnuZBgvxnsu72utvrbv/dXjw+Bi4YuGDgAhhZa2StkbWggbWBtYEVKr5S8ZWK
r8CEjRM2Ttj47/fjf9p9DRLkP4lHFs5PdglrWKQf5NwQJ4fEQNgMW0vHFgitZOoYWA/dK3aJ
eGsgVKpUsm+32aBtis6P2glhT5zzHtwOtozotPIOMD0XtjDiHvjCAz8G+oH0vHbe3wrEyfpU
eSGIczluOghqX32O/gkIlbH424Gxo+k983pwRzvVtHpwavanVz9OgrILD3bK8IOt+hM7y2gQ
9pWhbkgMWKuXH1R6HyiegKDkgzWzaKOia8F6zNba5IQi1qhbUZkQ1tB+ImwHOI+44vO2gauF
8wd3MoTlRjeK7wnGEuaZ1lXgb6RWVEPAPMo8yBoJ+l5hqz4L1Bf81/w2sBwwlDe8AMor8tu2
cmB+wpoeiAGKqHX988F3yXfcUx2MXQ3PyZ9AoH+gldIYhB7ScrkZGN6XhqnpoEhsUL4FcYru
FPaCoaocZ/GBHi+1144CPfRWnvYgRAjt5UlgmGWaYXwdjOMM54xZ4O3jvJe9AVLle6+lVAGx
t+F54zqQ7YbKphgw2U3TjFtBHiGvN3YF/2jvUfdgEFOlE8afQHIZ75miwNBC7i1GgDyTK8pF
MHQ1vyXdBDroR0wa+MYrA/xjgVNarNQVaCde0F8H/3Lvfv9iED/T6+RdhugWYRFmGcSbqoOB
YJgqe0x7wLDBiHUAePr5uwasEGipVgjcAbmOMkIUwdBaqK1PA2mrMZ54UHxqP3El6J9o3weS
QRglJhqbQvgrUf2jG4N/gG+y2gv04/5u6h1QRXGzVBPMS01HTGXBOs882xIP+l59qVgLTFsM
i6StYKgpVJJSQb2sXPEnQuC4nE1pEG6ZfrW8Ah6rb79SFKwmw0lehJiN4U8YB0F4s7Ce4WVB
DQT6KbWA3X/3FA8S5D+XImlF0oqk/d1ePD5i3o95P+Z9WMISlvyjDnWow7+QEvlX+Z92X4ME
+U/ikYVzCHJi7GLwjgxtnp8GRW4WrxPoBB3mPXlncC7EzyiVWTMK3PuEseJtEMt4lrrOQOiZ
0l2rTgZuiHMNWyEg+WK988GwS9xoqgOB8vllbu4F8XkriS1AT+EjqR8Isznkfxd4U4yT74P3
S7fbdRv2F1/61tcLwNor56MoCRIWvGtopUN23wtTz5QF9Et17kaAtl/5wPUZSActC81FILRy
4rESNjBfMlQQt4Ec5ehmeQ/MvS2N7S4w3LXMdeSCy+3qkbkGbFXCi8QNA+NL5skhgyGn4/1j
N2oC72jPC/XAfMi23P4LaGXUHf6PQRMZJySBZKGysB0Us7qI6xB4S7uvlgU9Rh2ohAB3KaWX
AszCV9JNkNfrW4Vs0Brp+wOfg+AVhms+kGbKuyzpYFlqPCa+DN4X3KJ7JYjDqK9sBXG1PMhW
G9QXxMHSAlA1/3j3r+AfHbD73oXoz4p2KFUHTJuk94zzQZI56veBVF/zKF+B0tC/xLUapEHG
1mo4BNJ9H6kbwTfPM9pnBLWp+JEYCiFVHFi/BP08C1gN7lT3K95UUKtrdbwlwPaM6QfpDoSl
OV4PKQmKR3vTdxvkAXo9Qw2QjgsZQgCsN00L9fngfc63XPRA+uzcrb7uYGlgXKq9C+YOop0z
4LX4073nQI/Wdwk9wbzKEG18G8gSz4ojQL+uVjZ+AJmH07unzQWKyCbjNFCeEdpKT0JYmiPK
9AGEe21lIneDJ+A3eg9C7nF3vHoLxCrCXM8SkJ8Uvwv5FTxDPMd8zcDU1zJAvgZKOWGJeBqy
DmQEcnZD2PaQCNt9MG8QN2s+KHGyuBBmAvtaxzpHHLhiXdW8dwDo+HdP8iBBggQJEiTI4+GR
hfPdRs5+xjYQnhnfR20JvpT0D26+CJ4Xcg5ljoX840IJTycwrZZqW3qDcpXP9E9AytdbMAOY
oNbzTwZxqdjdOBxUXdmfVQP0weoP+lcgfGp6OywO9BcxKNOA8dpF7QSYphrLmtfCoQ4Hlx7O
hmOvneyeuQN6ZvSa+/LzEDLzueyaJkhf0efjYc3BpTiLZHaAnPwNFZa/Dg7zs/defAVMF0ts
j1sHOXWzG7mKwJ1yub0s8RD7TdyN6EWQ3iqvnncyuLvkW2/tBPerLp+rFtgHOXqE3gHrZNNN
20zQMwIdXD1BDQns0u+DIcpkdDwJulcIFeeCvpY4fQ6oTytF/VfA0MM4Tj4OBqd1cMQQ0JO0
j8UU4Jo2T7kEmj+w2rUDAkN8pzyXQf7JUFMcCb4s7zX3INDH++IFG/g3Ud70A1hftx4OLQr2
HrbS4jugBTz7nZXBkmo/q20A13RFNrcF11RvN/c5MFSRZ3s2gB4aiPHEgjRY6qo9CXaHeai5
DTBNyrRshNwLwj5fNXCI8mLTBPCPCAzgA/B63V29V8E1OH9P+i6I3BEZa/0BzI0NmeIHkBmT
t845H3LLZM/L90HYJ6Fv2iNBFYX3xAagriVafAUMlrztSldQm/kb518H05PW24aRkFs99wP1
Dvg7Bkb5agKzxY7sB/mEvNzwLijn8sfkDQN5hqGiYR7wibZU7w7Gp60rLfvBV8Uf6U0A09sk
BTqC+HLguBYKcnO9lm8ehPQzrpAzQLpq6WAcCAGDcszwAWh1hOfVqmDw29aI2yCwRO2t1wNv
SyXeUxHMKcYUcRB4u+XH5PwKpVcnHbVL8ER6pVHFvoe8qOy24jHQ7wuvh3j+7ukdJEiQIEGC
BHmcPLJwrnS1ctNiZyB57Nkz7pbQ+IenPT1WQPxHNc11lwHDTGWsOmjVlC2cAOE74UtxI7BN
yDLMAd2gZvpfAmGyWEbMBP0dpyErDwyj9ebWI8BM8SuxNfiPO0vkVwBhnDBXLQJai0A/NsLt
y3fGyQOhkeGlZvXTIKrtU6UqpICrxv1JKa+CIOTszNsPYSeLnCwRD6b8Ei9WOgqZT87qsqQ9
xEujO/S/DjmVnNbAy2D8yhoVMw3KTC65u2QY3Gx5PyqvMuTOyE2wTwT30bxA+pdg+dphK14J
LLVDRoQLYBjA7bxmELLC0VGWwfmz57DbD47yttshFYAawn6pCMi7w6uFfwr+O0K08XNQtylf
+iLBWylnd8ZQ0KvpfZSXgXjxiiSAtFMaLzQCcasQJYaCOMYsmgaDuYLtun0dhBY1WixpYH3L
ssZcBPz5zrecE0Gd59/qmQ8ZT+Yf0+LAWdc/R9sC+hEpTqwGjrOhn5mrgLxbfF+7AYYdUlG9
E7CT2n4TuMrmL1Q6gtpSX6FfAU0VDMZtoHXVVG0XmJrJ28V0KGEsXTLhPsgt9TPaSLjaJUXP
7wYShqFyHPjPaq20suC/pL9Dfwh/KfTXsDDI2pDTwF0cMjy5R/OzwXLWPF77EpRLznZKPdBt
GPUYkI8Zx8mzQM8iDROoP6oz1PFg3Gc6bAoFbaYmKPXB0Ns00RgPSnvVoj0DgTTtB/1nsL5s
zTbdhcBO9ZgwCTIOZ7XI2AP20fa3HRfBeNQw2PgBSFFyX/NF8Ijunq47gKI7lFmgbtJvC+sA
1V3BlQyBMMkv3gNzFf+V3GVQyVLcFBWAyPuWpY5kyBmZOsB/FULbR9sd2fDf+nq6IEGCBAkS
JMi/lUffVWOU95nb16D6pRITyhaFSjSJfrECaIo1UmwH/laZHbPrg/i1eYMpCkSFD5RkUOcK
AxQbGGuZc+wvgbpcfEYfCmrr3JXu0hCord+z9wHLC/Eh+gbI75C3wVcEQrWwi2EzwdPY/6O/
LjxzouF7ZcwQ3yFRDW8CPiXPkNYVVDW3c04TMCa4dHJBbB5TyjwbDJ+Eh8Q8D1y3jQ8rD/6T
ufdzy0HUxNjpcS9CzFb7J2ppkJJjBlsiwX405LiwDozVwsbEpILzUnqRmx3AU8zTOn4jmM2W
1eHLQLS7XvM6IKyccZd5AdjGCj8oDUC2qumpIgjnhHNSNdDe8kzNfx/Ur9XtkgXExdokqSX4
7glz1JagHNOq69NB/8q/yhcNcjNLS9svINTUkhQ36G7lGdd2UIt4NkibQYwXJhq3A0eEUt75
oBfVsly/glDXsMM2DtS16g/+gRCqWurJxcB6znrd1h6s5w1L9XpgfV2eGhIB6sjAEN/zEDjt
n6D+DPZaIYeEJRDhMM01vAZ5Pfz9xOngf87T0L8KkkrELDZJoMQpC6XLkLveVdJ7CIpExbxt
DQP3y+7JgTKQVVzrLXQB9bYvzdMDlJXOvIzrUPQra3+1ATjX23aH7IF0Y96XgU6gJStVnH3A
UcMiGpeDoZahrDEB2E8KI0D7UY8WSkFA0WL1ExD4QMkUD4AwUzgongXbYUsbuRREDwwdYpHB
rJkT7emgrAskC0NA17niA/RBqlvzgD/Lu8ubBMJ+w2YlBfJHOqPyhoDg1d3aO+Cro/2sKiDU
VBsqC8Fz2t9T/QxKXo8/YRoNYaMTnymRCAHd00ksA8bXbH0sz4KtRcQPIRf+7ukdJEiQIEGC
BHmciI86gHRTb5AnwtNnm2sdFOCKbZ7hS8gLTe1zpw3snfBjjxXh4Np550zyGnAPz8zOfhuU
8vmx+S9Beq2T+4+sAPVp9xfOVMitlPOqCqhPWc6GfgfKEf8uxQrKffWqJQ+EpfJ1QYLQLXbJ
uB3iMmJbhrwOvnquMq73QTzlmBOTAXoJ5yFtDYgTMitn/gziN4bhVi9I80L6hB4B4TnbOVsl
0HdJew2RIOT6P3G2hVLm4hnFdkPYvYivtTrg2GZVffkQagntFBMKkmzMNQ8F99SsqSmjQY2V
qpgmgOeQMMT2Hpyfl/xx9mjIG+qL0GqD6afQvYnXwW6yzY9oC9kd84d7Ad9Xrhn5eyG7ZVZ6
Sitwv+2+nbsE1NP+wa5TYH7fFJAagrWosRXtwVTVZLUMAvWyflwcD8rFwEuuCpB9KbdM8nXI
d7oWOodAxt2ceHUgpLTL7JJXHiIXhUTZpoClrOl9w17QT2tPei6CcEJ/WXSAY4FFM78OITsd
Q8MmgCHa/KRlCIjRUg3HesgplTdbXAXOXrlW32RQTvkXug6Ar4fnbd974HvJv9IZAdYtUram
QOwnIc9a5oHyg7pWDwPnFN9b7kngDlfbaIfBphtf1SuClsZzkh3E0Wq4GgGGckJbcR5EvRZq
CM8GeZZpvbUdWFOsn1i3gfQsw+XhoC8SniYApldFVR4CppKG16R5IHSUEgkDf27guvol+K/7
vtEqg1bOj08C01A5nvVgaim+b/gMjEulN+SSILQQphqvgeta3mv+ZuDK8jRxbgNfDs11P0ih
xo3GKiC2sZSyfANhN0P62XdCyaMl04qWBK2nnBG6AdIm5G3yzoC4VxK7RbrBdEbrKxb9u6d3
kCBBggQJEuRx8sgR52Iua8sGr0FC/RJqLSPkmTJXpibA5UrHax6eCxnXo5eLg+Gn6XvPrX0a
knJNycUWQ7053cI6C8Buw1iDHWjk2pcdDoEtOevTN4DJ+cSySlUhu11q4uE9ILXSn7GcB8Ne
0zvVZoC/UWCTogD91Cv6ZJBPCjmGL0CoKvSXLoJyLGVR+i1Q+kg/WVLBHB9ZJsYOQvm4UwkG
MH4dlhrSBoSrWlW9NhiSbc+YmkH2fFvdC5MgY3Zu3WOb4Ylfnrge0RruH8jv7R8Ejmeivi6W
B1ml7y6/Wh+8W5zd858D8ws2c5gLhPn+fPdbkNvNV1b/AbQhaU7XRgj5wtheUyHi/Zjh0VtB
n6eFaBXAPNHZMH8sRK4InRNWG/QTGMQ3wPW5/6bnPuQfdbf2fwoeg6e0tyYIqVJ/cyvQ7tBf
EEGspbdRB4JL8H6TbwShDVVZCPE9I+c6xkFoqOk1oQG4hnoXadtAeE/sKewGy3ZjO+k6+EoG
Wul9IedEdl5Wf/CXVC4yBzyfKvHO70C/o73pmw72z4wzlA4QuOjzBYqDZ4Z/FgMhrl7Y8OgT
cLNvxvLMNyC7p2ue9iQEvtaLi1+AZbppdKAy2FONr8tlgGHqNuUjYISxi1QF8ld4KzIGchu4
53jtYFwmRUo/Qty3YdXN40FMFndK9UCZYu5kMoGxsn+3vxVoB4UNvAniECVZKAl6tlJNHw8m
l0mkOPhae6f4JoG0TJgopkBO97yAaysEqqgT9LoQiNFWKd+BYYPpqNUK3jO+NNcxCH0l9HD4
QlAuK37tc1DG6JsUQFyrTzf8DMWiw06JR6HS1TKGpK5g+dBQxjYMpB7yZntziEiKyAxX4Pjy
X3tfagrVeHo7+//uaR4kSJAgQYIEeRw8csT5yQmN53Z8HfwetbOyCKQTBpNFBkZEzJc3QU57
9zd5tSFjjDzZVQZCwhIX6pUg0Cjj42vpYHw3snzkSGCG51jmEIh6IbaY4wZIdcyTjEMhslJ0
jScuQNSquOdK9QXlpPKDPhSEKDbqtUD8Xj/HatCvCl6+BG0n6Bmgf6aWFUKAdbZGjk2g23xL
tFfBMMBgMWwCyZy0IGwxsFGfLK4Dv+i+654FZbYXiYv6DPKn6Sl6KLgnZs3I+AKKhUZsFyuB
YZNjclRzMNdwRIRdB9/47CZpFUBI0D4yTgHzAtt8WwvwXPF1Fn6CvNF6W9kBOR4h2jwNPJ8r
Y4U+oG3V2ktjwbDdvN3mAe1NbYSaBq5TrpuubiCdVTP9OyHhxfBoeygUS465Ev4+GAPaIp8G
UkA9GkgHRzXzAtvXYN5oXGpoC5aZhsPSLjDfkw8busONlmnZmUfBb9MHql+BrbN1sqMUuMe5
WnrD4O6rGYmZSyGnguts3ifgfsFbPXsKeGa6o9LrgPJdoI8zH1w3PY21MJCipZPaQij2TPQ3
UWlwLvzGy+kRkNwkO8TbF7J7uAZ75oIwV1fU9RBqkuqLqyFmrq2+2A6EtcaGUinIsjhrSvng
/ybwg/oeREeGtbSsA9si8wGDBQjor2kbIP1slpRXH7Kn577rsoG3psfq+Qy82/J9+d+Be5Or
RW4nkF5klvcjUA3eDPEU6Nl6e7kNZJ91LvK1gswxzmKeVpB2Lad+Ti5kj3SOdi+D7MO5zXM6
gPGM0cMcMJYVNwu7IGSF7WnjpxC2yB5u2wKGgCGHaZC4r3hK1HaIvxXXPS4CQteawm33oOjl
0hfKzIdAbfdQzQTXvMfNFxv+3dM7SJAgQYIECfI4eeSIs+NEVFhCTdDe0JeSAKJujDCchPTX
c37IfgFc2h3LfRvUHFb+TrWbUOnrqksbjQLluGmufBek+toh3QJqLW+e6wfggNCJ5sBKdbmr
NGj383/2PA9iuYjWCXdBmhxYpVwH7RdxFVuBkuIr6OCfpTbzvQqmEf5+/lugtlGOSV+CnmvK
tw8DYYO7nzwBuA/SdjCuTqwVWwH4XkkOfAb+1hkN7haFvH6OzmlZUK55DeOTdeHskXMHFvig
btsqX5V/Geyd9EUxy+HXFd4NRXtDzuG7gy6WBs+wvNdTV4ClTfirEYdBGhR4yzcLtERlgDYW
tDHGy9FVIO9J/Rn1e1De9TVwtQDDdfU7bT+4XvIccpcBWyfrIsdxCJkrNJYOgfVjQzvDzyDt
YK52AJIOxc+IHASuoz5BWQKeSfnLcppBkUmxx6IjwFnBG6rWArGO/LFsgSLP2z8vdgtEg45X
Bc9U92XnMnDe96TmbgHvUc8yjxfMW00nTKHATGGv6ROwX7SuD7GBZaAcKrwJljlSNeVLMI0z
fmo1wtUpd685p4NrgZbj6w+WXYa3TdchelNIBdMiSBmfOvReGEQvcPS2vgj25ra2odXgXODO
+PvPgelDU5R9GDheMEw3lwPZoCS4BoDWRUsT90CyKXeE0hz0ZHWd/yZoVXnB2BlyGqlDAimg
id5OyirQnlcuuLaAc4r8rZ4Bol2orveA8EB0zbh3ITBBqU8WyOHiffU8ONIsn4qnQM/VB+qJ
YFwv79KegpDbZgtFQN0TuOXrAebt9j3hJtBX+rfoHSHsp9iS9miIulB6X7m14MnWdFMfiE6P
LxnTDMKNCWujU+BI/JpBv9rgxtr7r94JATr9PRM7JycnJycHlixZsmTJksL2Xr169erVC8LC
wsLCwv4e34IECRIkSJD/V3lk4axfFhL1RaDaXHXyR0OWcn/6lRgoMUW1WSpBuQlV5Wf7QmKR
qpuefha0H2KaJZYF8Yb/hi8BxKt6iLAQnO/fanVqMFjTY71VyoPudA/MfwP4yN0/uzZwL+Lb
hKqgXxIb6ZmgPyPcQwZpn54mrAS9FkmBk+D92Bfu6g2BmtdXJG8FbaHWl+6Q01e2570EjlN3
Vl6cBt5Nx3ocqwqWJ5/YWeIcmCtX00ofBP2+t3bIBHjyrSKfWTzgG9Zk4+1rULF8hfdbR0Lz
WXUHemtB6qmpT37XCU596R4W5wH3p5lX7p4AuaEl3fEWmCabj4X9Ar47+T9nbwL3xJwj2R+D
wWeyG1uBUFyYJ/QA92E9Sf4ULM8ZXWHlwfuNuoS9kNNCWiI2B19kYBs9IXqj4wWbACaTubzt
A8hv48x134VAhHmiqSmELrQ+bT0Jsc+Ed5DTwNvEN1kfA07y8nOvgNRLuKl/CNJse0nDGLBd
N7cO/QS8o32NLP2BDsqngaogRht04zXI7uzepnwPgYV+QZgE7JSHi5Xg7Cc3E9PSIXBFjtNm
gcNo2mgqA8xS6mSUg7vt00eL3cH+pOVrkwdIE9M8AmSYsn4yfwlhv4ZNiR4KccbwFOsIyJVz
auTdB7/LX15/CTJG5d5xfga+teoJ9TJErQj5xdwYTKLpA/0NsL0ZGCAehAyNo/I+kOMkNfwS
RO8NOW6KBVNZebGaBf5W/rriDvA8xza1HEjdjIJBB2mzdtRSHfTKesPAj6Bu0DrrMyF/qbuy
6gDpVdNu4yLI6+rc5x0BjhPmTYaVkLA24VjMdhDKiwesS0FtrVaTL4L9SOzWuEsQGONa7HoH
DvoOuI+Z4GT1m01u6H/fxG7YsGHDhg0LBXQBBUL65MmTJ0+e/Pv8CxIkSJD/KTidLpfPB9On
L1r0669w+fLNm9nZ/z57ZcsmJYWHw9tv9+37zDNgt9tsJtPv/fH5AgGYMmX37gsX4PLlrCyv
99/pT0SE2QzvvtuwYfnyYLebTAZD4XGvV9M0DfbsyczMy4PcXEVRlH+fP6GhsizL0KBBZGRI
CJjNoig+cn5FIY++q8Y21wbXGvDmuy/lLAZbrbBVsUOhaJNWRetUBG0y5/TDECirvK2mgj7P
q3pvAX3FML01qMbAWy4jmMPDX42sBXLNogvLVwRpur1eSCPQt9kiw8eApql24R3Qewjf0xKE
uZwXYkCrQFe+B9NaweGYDmo9my18PYRvrl0toTacOnK3kdcPx2vHfH7pEnQdLWXdCof7m8rr
dz+GhKsl3ikWDra3Tb3iXwWpjHl22Ccgobf2fwRN32jiH1UR9M/0bPqA8F7CEd6GjjWbxV1s
BzcHrml9+hvIiXAdzCkPzg+yGt3LhDAxtmzRD8BUxhYZshg8PfKPZ++CwExPM+0QCK3FfewA
4VfDLNEO4q3ABMvXoITKVYwfg3ubua8cD9JK32eeHuDLU1/mG8hf6Gqb+zGYT6mOvOcge0jG
nfs/AvPMX4f3B2YGWikbQBwhL1KngHmlZZVpPQjD6CCfAD0/EOo9DSE9TXekuqAZJYetJSjp
YoY5HtxR7jFKNXB18Bg8zwCrtEHePiA+LxyxboGw3IhbdgO4nsjbnuMAz333V7kbId4UbYh6
FzJzM6pd6QEhncIWJ1WD0C8do2Pfgey7vq7+c+DPyXlLPQsZb3uzUmaAeavlK9PXkHUi/1fv
bfC098b6kqBIVvyciDNg2G+oaZ0NvKR29EZD+InQZ82NQB3vb57XH1JjXOGuzpCpCd/IA0D/
mDTtY9B6UoomYPrW4DImgnpQeE4/AoGftY+1ueAbH5it/QLKk8rrnu4gVdI+E2qCPoRWHhEc
a6xJ8kkoUbGYs4wGEf2iLkbWAsPH/le0dAj/KdoZvRNMt8UlYigcOLh29bFl8Mvpi87Ln0Ba
vGLQrvz7vhgexu7du3fv3g2nTp06deoU3Lhx48aNG4XHS5QoUaJEicJ+BQI7SJAgQYL8a0yZ
Mn/+nj2QmZmXFwhAmTKlSkVFgSAIgiA8Pju6ruu6DmlpGRlOZ6HdCROGD2/WrLDfhAnbtp09
Cx6PpgkCPP10sWIREb/58ziv+zdv4MaNzEyns9DulCkvvFC9emG/HTsyMnJywGqVJEmCatVC
Q+12eLzegP5/glV373o8Pl+h3VatYmIiIh6fnUcWzu5yzuLZT4HxgnGBeQ5IuSETwveBx+lt
4ykGQjHttpAK6gp5K+NAeEJsoY8GKY4Qw0bQt6nvuF8C4/PFv694DoxHbNsd10CtzU9cB2IY
JBYFg0nv6X8KAs8KPjYCB/XGYi7oXuGwfgdoTR01DMSb/j2GYmAt3/CNWm9A/tmspC3ZkFMm
eZe/A+Q1ZZd7N6jTSh0pWhV+bXv53N4MaLY35GS5l8AblnbUfBTuf3LbkqmAsa5hSdZwyO6S
svj+CchedH/AlRQ41ffWi8lRYP3A0SjkF3C/wFfl2oN36M0DxzZB/sjsvemtIeRWZETMJjDW
t5j9dSDg9BXPfRmkfmJ7YSjYHc2LYwAAO+JJREFUe1ojQloB0w0W4zAwPicnixMhNFdcoJ0D
QwnjbcchuHsjb4IeC76Oru98L0HWKX2AIQ+UesacKB2KzA0pafwYMsdlLXYPB2kBt/QcyHO5
f9Yt4Cul1veZQS4hLxHSwVteK6U9B3ILMST3Tbin5Zxz7QFJNNZwVARjLYPP2BBMkwyVHC+C
9Tg3vPvAd9/zRVYqqCeZplvBNMS8TQsB5bj6nlYFijwXW6nsVAivFxFrOwOeF10X5LmQl5J9
0dMBXD20cf5O4KhhP2c5Dt7GgWStDHh7qlvpALFvxCyMOg3WudbWliJw13FvfLYbAoMC/T3H
gKP6rMAKyDF41/pdIHwhv2JtCIHF2m3qgnm2Zb7xGzAekLOl46CM1sLFjqAYA/e9xcA2wzBc
WA2WL2WHXBrkH6UV4Vcgd6P/dKAT2CcbN4vtoNzQovViU6FY/2JTi90Hw0rhrvQmxEZEDg2/
BlHhkV9GdYFLb/6adPl7WNdmU6ndoZB811fWlQtyR3Gb/a3/M0m2Pt4vh/+KatWqVatWrbA+
c+bMmTNn/vN+QYIECRLkX+PcuStXsrIgPj4xMSwMbt68dy8v799nz263WAyGQrsPcuZMSkpu
LpQuHRcXFgYHDty+nZHx7/MnLs5mM5sL7T5IerrfryhQsqTdbjDAhQsej+ff+IKw8HBJkmVI
T/9NQD9uHlk4p7xx1Xj9FfBZU+9kTYBqNzqv7ZgB/ghf2cAroJ+UzXwH0lntBEdBaC4MEBaA
niCe4h3QL+rnfI1ALClGyZ+D9rNwR04Ermp9Ak1AeElYJLghMEl4XZwC4kXtrtgAiBVOKjoI
w/T94hHQQnDIVuAr4atAGVDLu19WvoYyIxLeqPIp3FK9nr0fQUa4fCB/JySatKuO9pDygvqt
/Dlk1bzf695u+NTx9vVPl8JNU5oh8AFEjjFNzpsJ+kFltnMkZMa4FnleBc8X9vXFq0N896I/
JSUAc0OeD90M6XejcosdAu+B9E7JseA9Y3zOvAccIaFvh9wG4RZf6ElgzhYXBCQICxh09Sro
76lXnU4I7Wx8WSwF5l1SWCAKrrZKfjnnJPjaa3nWeqDup5/kAr0jNbVhIP8kdNbPQmpqboh/
N9gaO8qb24A8SK5q6Q/eGp5Mz/sQmin3ViUQA7wiXAdjWbmL7TSYw8zh5hgwzrNv8WSAUISW
3ABxm5AsPAFqUe3DwPdgWyanS9fA/LKxVNR08D7t65hbFYS2tDAeBl9O4AllDvi2O5/Nz4FA
U9NaqxtcRveM3ImgLxDeVj6C4t7wXkINMLqESGk8ZJs9C7R7ENMldIclH0JPmtK1E5CTlL84
vwe4Ve1z3Q3EkW74FLRsetMUzBdtla05YHnF8LThKKhN9SNqV1Bj1G1CZ1D76EfEGyCvlfRA
bTD1NdeX/RC+PnSWowN4l3uT5Mvg/thXy1cJbEcMdmkiFN8cezb0PMQaiy0v/iboRYWPLQGw
HxS7Gk9B0gelLIktwRXIvumeBptf+HnDvhtwp0vurRt1wFKcT7xxoMzSEaKAZ/99Xw7/iILc
5cWLFy9evBh69+7du3fvwuMF7cEc5yBBggR5PCiKpqkq5Ob+lrLx6OMFAl4veL0u1+9T7ez2
sLC4uEI7BXYfxO/3+wMBuH07J8fpLGxPTT116sCBwnpsbNWqTz316P4W2Cmw+8frUVVdh4wM
RflHx3fs2LLl6FHYt+/AgRs3oF69p54qUQIaN27evGbNv+5PgZ0Cu4+bR876yParjTLGQ0aA
tnltQP5OUKTrIHTVd2nRQAlWcQyEicIqYQuQru8VDoPwsbBMqA7+IldDfjGBsjM7L2c3iDfk
ZDkAWqTQTXwT9K14hDIg3BY+pwcwSqiqXQM6MESoCLpIJb0aCGOF5kIxEJcTzTTwKcK7+joo
Or70Fw0vQtPEWtM7tgT7s+Zy8TXh8uYM+XwZMJstJ0OzYV/ywacPlIebFy3mO2+D32qt6dkB
9hZlvyh9CqpVe+H953OgVKNqZeoOgqGl+9fq0gXqOSroMR9B7PusypsL1gUxTYusANkf9lNk
e/DszXkutRS4e7qbe98HY2N79ZD2oGXqonwMPD09Mz2TwPikfCeQD168n7p/hPPxN16//x0k
W9K/y7gF3mzPKFcpkO4ZLcafweyzvmrrApwSvFJfkM4ZPMa9oPTXMgy7Ia+fq4rXCqbF5heM
iyDMElLb+jVEVQypHtIMzMfFCOUQMCjgc/aGkDvmszwN8V9FfBqWDDE3bH57XUj82NbdsRSM
gtjMngP+LcpMfxjkf5v7bH4ipBy6/0XyFFAdaq/ADMgPUcK8L8P1o5mTTi4CuZ5wyzsT2KVf
yj0N7l/9y/yl4N6RzBuZVjB8LkX6d4L9CWsJ6S1IMWYUd84D5yTPbf8O8FX0VvN+D57Zvs0B
Jyj3WSUsAKkUn+kyGGOMO+WxYC9vjzY1B1s580rbByDXMGaKIgQ66XvFTMj8OC9LuwNX5tzs
lZ4AGRuzkzKvgLJD+d7zE0R/HfWidRnE7yn+TMJ1EL+Th5hagneHv7L2ITgaxj0f2xnyxjnT
hFdhy73NR45EweFfrnx1oROk783bk9YBnHWzOt1vDf4Rnmn3f3j8E/bPUrAI8M+2Pyo1a9as
WbPmPy+77Oiyo8uOv+++PG46Tuo4qeOkwut72H0p6PefwgrHCscKx59/bgXl5RGXR1we8Xd7
X8ikzEmZkzJhfv/5/ef3/+vn53fL75bfDZ4yPmV8ylh4nXda3ml5p+XffXX/uZ+fIP83qqoo
qgqqqqqa9q+XPp/X63bDpElDhjRuDOvXz5s3YEBh+cfzfrP7IH6/z+f3g98fCChKYbl//8cf
v/12Yfng8Ucvf7P7IIGApgFo2m8y9sHywIFTpzIzwWyOjExMLKw/rP+fLQvsPm4eOeIs1ylt
jZkG5ozwleGzQN/Bk4wBvTHdeA2EnVqsPwHUb/Xb+lsgtBXfMqwG8TmhtJQI4kGhu2E5SDvt
MTFLQX1X/4F4ED08qZQHoSnPSWbQD+hjaAh6A4z0AqIRhOYgdBGe0t8A2uq19dOgZ7Ba7AHi
T6JmOQDKQblYYBYU1YrqDW6BuFpGugyZmeKoy7fgujM17fqPcDH9+hlPbSi3snHKMy/A2U9+
7HSiP4QNLN7BkQLlo8ssrbQZXjzW7UavimDdaitmeh52dd5Z+rti0HhPzO38MRBy4niuthHO
VvS/UeoOZH2kHVYmgm9RRpGUBWDsLU0vWhbkEfYnw6PA94l/Rt5HkOPLW5E3A9xlAzOEjpB9
0HtXzwLTMcOnhiZg+FZYF6gAYg/lqFuAQJjXJSeDeYrlJ9PzEJjmf8VnhZxDeS9lnwNbEcsc
yxhQntEsljPgvOQtIn0ExlJyceNJ8Bv1OdoRUM4Hhnoug22SYZZtG3ja5a8OTAH/V77WWdfA
9aFy87IRUk+l7c9YAdLPcmMugWGZMNUyGrzrvaLUGfRVUrQ5DPhSrJIfAJff3znrJIi1mG7/
BfLK5Q/Li4az92+870qCkgfjR0WpEHPGut+RCCnPpT2Vvx+8XcnyjwVLLUbJa8BcRk4lG8K+
Ca1sXgTCN8I80zFQ9ooXpaUg7zWsl94HNS5wV/wZcsPz38nOBGoSJbUB62DrMWtFiJkb0l5v
AWquv6dpFRjam7sYn4AiU8LXhu2FiJvFpLgFIG+y1HFcA7WmdzAjIfqreEvkeZBVW+8wHQ68
9Msvl6rD3sSjrU+9COkN2BD4CbQvjDOjZPA+Tbe7n4LQXmoqVQTu/Tum7cMpyFnes2fPnj17
/ni8IOeuQYMGDRo0KMx1flxENotsFtkMXn/99ddff/2Pxx2XHZcdl/9778nfydgfx/449kew
2+12u/3v9qaQunXr1q1bF8YuHbt07NLC9vFtxrcZ3+bhzzHum7hv4r75u70vZE3zNc3XNIfi
HYp3KN4BBjCAAX/h/O3bt2/fvh0CVQJVAlUK27d03NJxS0foS1/6/t0XGeQ/HkUpELIFku1f
Y8qUN99s2hRKlSpWLCrqj8cfHL/A7oP4/R5PIAB+v9X6Xy3C8/t/S6FQFI/H5Spsl2WLxWYD
XVdVRYFAwOXKz/+t3WoFUTQYfr8Y8UG7DxII/LY4UFUL85B/jyxbLA7HH+sP6/9nKbD7uHlk
4ZxlvZuQ3AvihodvLfMRCJ+q8XoWMJjXsQA+PVe6AOI68TlhNhDgUykGtM+1FlofkFoUHV52
MYgHrIOj94IQoQ727QVtvX5DPg2MFEezGASLvl4fBnoKoZhBKIGLmkBN/WPBAPoVSug24J5u
1H8AvTnntL4gdZDrSAmgPKN+rvwC0n3DFOtOeGJ3bKkG3SEiV/855CREBUocNm+H1acXZ22O
g1LtKp6OcEH13GqHTA0hOeRu7LlKkFAv7Zi2HSLftJe2d4Ay1cJWWN4Eoa3WIuEFSFkop1z6
FO4l2DeEPgd6LcLKfg/Opfe+OSdDnj3z52QfhE+LXJS4HvSZ1pkOL+RUCXTTqoM60utIOwmG
FvJQ8TuIWRtRPOpFMHQgRR0LqfuzGtypAKE1QitEPAtaUd9J6SCERoXoYTPBvsNyW9oBzl/c
v7iHg7+l90j+HhAuGzoZY4F0vafvPrhyPHc808Ay2vSSvA/UYcoErwvcd7z5riLgzQu0yPSA
tsm4w9cD5PWGVvap4B7mfjrnWRBzzXOkNmBdbN7DSZAbCO/pp0FEH2N7CuLCo6OrHIH8Sa7n
c65CkTuRjWOvg/SVuCy9LyRsDo0KmQhZ5TKXeFbC3a8yyfkZSr0S/6R9EwRihfxALRAnmGdY
JoAyhy58AvZ4piheMC0TT+kXweAU28lVIXNXXtOMbyA6wR5vmAJxF6Pei/kJzO+Yv5aPQcoz
md3d5eHm2NTm94ZC2ZdKLytyDhybirwbXRIMC41dbCfB0z7/WqAXRNWLSYrZCyHLYuZENYQb
75xrddcHh984kXGyGty/qFfVj4A6Qv4s6how3R+dchCMc63T5ZtgamtJin/x8U/Yf0ZBRLlA
QI8fP378+PGFx8eOHTt27FhISkpKSkp6/PYLBGLrhNYJrRP+QYcEEkgAbZ42T5sHX9b5ss6X
dWDdunXr1q2DjIyMjIwMiIqKioqKgnbt2rVr1w76HOpzqM8hEAeJg8RBhZG4AsH0w6gfRv0w
qjAyd2vNrTW31sDRo0ePHj1aaL7gvLi4uLi4OLAssyyzLANnOWc5ZzkYfnH4xeEXoWlE04im
EaBUUaooVWBa7rTcabmwsejGohuLQunSpUuXLg2e9p72nvbAGtaw5o+XW5BjXjStaFrRNGi0
pNGSRksenx/VtepadQ1ut7jd4nYLuPvj3R/v/vjH636QEttKbCuxDUpQghK/ax/PeMb/V8/x
bd7m7UL/i00sNrHYRKjzZZ0v63wJWZ2yOmV1gh3TdkzbMe3PP59rq66turYKppaaWmpqKTh7
9uzZs2cLzZZ7qdxL5V6CoeeGnht6Dmbvn71/9u9eLFQw3rC0YWnD0h6e2/8gG9M2pm1Mg3Kf
lvu03KdgXGJcYlzyO+Fco2+NvjWA4xzn+KN/jj7zfeb7zAeb0jelb0oHp9PpdDqhxhc1vqjx
BYwfN37c+HEQdTvqdtTtQnu+/b79vv3QdVrXaV2nQd6MvBl5M2DI2SFnh5yFljEtY1rGPL55
9bDnOrXL1C5Tuzz+743/11GU3wSmojyaUCtd+v8WzO3bDx++evU/t/sgfr/PVxAJ/n1EunLl
gQMnTCisR0RUqFCrFsTFeb2/z4G+cSM7OzMTDAa3OycHatYsU6ZoUbh48c6dGzcgL89qjYoC
o9HhCA//o90HCQR+E/wP+7dCls1ms/mP7VOnTpmyYcPDr79OnZo1ixSB+vUbN/79YsQH7T5u
HjlVw5DvDw3chvCqpqUhIyGQRGXhDdDrCx8Kz4KwTFxh2AA8JXilTGCFsBsT0FOZ5R4H2tDc
FmljgArabfE00Jp3hGUgNBb76W5Appk+GxDJIhowCGYkIJV8boH+PB30ZBCqCVV1B/Adzyvf
gi5oQ/wS6L2ZbuwB0jwhVGoOam/lnOckhCc5rOWvQvkqJce2mg7e2/L3hsZgFsu0tvWFHo4X
J7RpBo4mnpER/cF/9/7Q3P3gFM4dSk2GkLmG22E7ofjSyEBcV9AHyv2kIhA6rOgKU1+IHG6r
nGeHyNH2L6VkMA+M21luGxj3G8ZbVoC7QZbjrgRqe88FnxNCpoc8G9oUHC1jThe5ALG1oq7H
pEJsXFRM9ASI9IaGRutQum/R8NJnIeIn25mQvRC1z9HTUBFMO/Th7k9Baux9O2sTJKVEDpD3
QGg3QxllKths0ufejWBYQ3lnIli/MpYyNwRvf489kATZ32aqaZ+DZ797h08DzFqC4xswxWlH
K2sQdtLUt2QIWBsZblr6AndVu3khOPaY9hbPh+xmrkD6MPC/qE+jKGQ1Su3mUsDwtv5qSBNw
r/Qm5zeGUqkxR4vPA9sHclr4XnA18832HoXY5RGJ1htg321aZNoB8eUi2oXHQWKDsKLWz8Hb
PP9swA6ODRZVHAXGFvonShJkVL7/6u2+4P/Rvzl1AOQmepZldIIrK9PKn+oBFxPuhCcvhdwD
eWfdxaHCsQpniyRAiU6lhRLfgemAqVeoAq5i7p3a92A95qgU1hTCiHkvKhfuXb/1bVYpOPrk
sexTt+FGyfx97sPgra97xL7gGevZkPs6OD933k1LBEOW5V7UMnBP0Teav3h8E7Vg+7hx48aN
Gzfu4f0KhPPD+hUI6Zs3b968efPh4xSc/1e3rSsQMA/7qX9T0U1FNxWFZReWXVh2ofAn9rK7
y+4uuxum507PnZ5bWC84/s3wb4Z/M/zx3c/Uj1I/Sv0IOk3uNLnTZMjZkbMjZwdM3zV91/Rd
hf2WPrv02aXPwproNdFroqHZjWY3mt0o/Gk/7aO0j9I+erid3J25O3N3Qn7Z/LL5Zf91P5Yt
X7Z82fJCP5qPaj6q+SgoO6PsjLIzCgXzfzfJycnJycmFwv3Zoc8OfXboXx9n8tbJWydvheMD
jg84PgAmbJywccJGmNp5auepnSE5Njk2ObYwIj5xwsQJE38nAOI3xG+I3wDvNXuv2XvN/rm9
+wn3E+4nwIlaJ2qdqFUocJuGNw1vGg43mt5oeqMpXL169erVqw8f588+v68MXxm+MsC3jm8d
3zqgkaORo5EDJhWfVHxScbh48eLFixdhVqVZlWZVeriddh+1+6jdR//F5+QxzavH9Vz/t/Cv
pmrk5WVl3btXWD7Ig8f/bKpGIODz+Xy/CeffIs+/lWfOfPHFmDGFZUH7ypWjRvXpU1j26lW3
bpkysHnzhAmvvQazZg0c2LkzbNkyceLrr0Pt2rGxFssfxy+w+yB+/2+5xqr62z4cD5aSZDKZ
zX8sbbbExNKlH16ePHn1qs/38HEL7D5uHlk4GxeZM4xPQHif0AMRMaC9qU9Q3CDkCyFCKpCG
SW8IbNcrC8tA+ED8VJoAwie+6bmzQL2UVycvBMQvhHnmvaD2EzL0VSDU1r9mJlBJHylEgO6m
BAIgIQDoeWTgBWEOc4QGoH+DJMwFPUud5pFA7OS54ukF9HL7vOsAE7O1FBCqC1XIArGe9BZT
4f7KrOrp90Dcfe2pq+kw1tJt1dA3ocqxCvVbX4Vq9eq82KodtMp6qWmnfmAYV+HjxHD4aeXO
VjtWw/Z2e7NObwLjqcAcLQ8qNnaEhzeAeIee4HkPSvlN0blPQvmnYy4b20JIUlzfMgJIey37
HN3Btznr1bQz4B/mvOjqDcZk2RJaFvTnTabIM5C2IW+AVgXuVsmd7msEmducZdS2kLo986Bb
hPQvswe5voR7LTK25HwL5uPmapIThNv+NG0YyF2YrA6FqGzrK0JliP7O+oW5BjjOyTa1DFjP
mN4wxoM/Rnmd+uAdqt7ITYVcMbDnRCSkvZZT89wZyNoR6HlpODhr+b52x4J0hx0GGdytAyGe
+UC41N9wD9w9fcacipC/PbA/eSGk98s5dnMGZHyY87XnHmSsdRrT3gPDC2HXHX0hRHBkR20B
RzvT19ghzBBy2FgBhJeVqaZxkH8hP8HzLBhPSGcUD/CUaKcdqN1Fu20taLPNTX2DQGhv65+T
DLmXAsXTO8Pl+vdCr8VBeqTnzL2LUGRkqc5hM6DY4WKtS/cBQRHirf3BXSy/eCAdLLGOQSGv
QejqmDsxlSH9s+TQvH1wJvbI16cEuPli7sHcMFDrGoYbTgGdNZ/QBVgtNBFqg/RCeGrROFA2
yKHxAghZ4nDhT/wB/7MU7MdcIHwLIkYP7tP8zyhIzXgw17lgnIJxC+z81fELBMzq1atXr179
x7LehXoX6l2A7VO3T90+tfC8MWPGjBkzBup/U/+b+t/A6DWj14z+XQT3wf6PSpG2RdoWaVsY
wSuIHGZNzpqcNbmw357ue7rv6V5YH7ps6LKhy2DA0QFHBxyF8Ovh18Ov//v9eDClZoh5iHmI
GV5f/Pri1xdDyNshb4e8/fjuz58l9LnQ50Kfg9m+2b7ZPmh9r/W91v9CelLBdRcwfcb0GdNn
wLbsbdnbsmGIaYhpiAmWmZeZl5khLiUuJS6lsL9xsXGxcTHEPh/7fOzz/9ze5kmbJ23+Xc5w
kyZNmjRpAo3fafxO43cK27d02tJpy3/xEqM/+/z2/bLvl32/FNYLUmAaXWl0pdEVWHRi0YlF
J6BHjx49evT4o53E8YnjE8dDt/xu+d3yC+3kTc+bnje9sN/jmleP67n+b+HBVI0/W+7YsWTJ
G28Ulg/y4PEHz394qsZv+zgXRJwfjDwX9vvH7e3aPf109ergcFgs/ygS3L17vXpVq/5x/AK7
D1IYcf6t/mBZEHH+q+ULLzRqVLHiw8f9d0WcHzlVo/jsyN7FvgDDTfNRqwO0FXq2Vg6EeG7o
t0G36l2FzSAmMEVpAIwQ5lm/A99TOTPzroP/uEcKPQxGg6GH1APEzurlwFJgrR4mbwSWiz11
Lwif6nPJB32/foFfQegndGEZqJF6Gy0BpK5aSeEq+Abkv+0TQEjxOL13QdDlsqYFILUyrdPW
gPCsLMotQF+kHVFHgWGDd6UnFhqGPulrXx3Cr9tulUoAX7g/2zsA7N2ihxUfAQ6j0KBEQ4jy
JrmVnyDCE/Fm2BOwp8+eYds/glWplw5kVoSYaZ56+gUodSFsoq0tGOPF3d4oKNI1TFSbwNon
tErkwTGboU6pgaDtzup7Zx0EPspbn74XeFvtqfcES7WQxuEHQFskrxNmg/85f3dtC7jv541M
z4FApC8kvx3Yq5tbSoMhspdNNW8C+1nDAWtZ8HyqN9bDIKpu+GLDZIgYEJYYlgtpX2V871kK
tsHy5641YNooZ0r7IK1YlpC6AxLejewb1w3Sd/iGRg+F9C999a8MAHuktb5jNOjjpffMKqSv
cWu31oGwOC9WPgEhxy3fxRYF6Sfrj+4NYKvgaB06D8Ruyg8Rn4HxV/GOMRm0qSS5foJb9e9O
yCgLvle96c7VULRxzGJ7Sbi5N62K/hK4E5RV6f2hSE54S7kPBOYoX5gPgbuF57lAOGTfd/fX
ZkBkGfu3Rc6B69XAQEqBLdq0wDgKSnSM2VbuBBS5XfSTkocg7PXw4fFLwN8qMFlqCO5a/gq+
UAg9Ft4hIhYcl6MrRnSE7KfStziXws3Tp2LPr4c7juw3UweANs0YGToUmKe+IrwFWlfW+86C
WMHUOMwEwlTtSCACtKd9FbIPgHQ/oLtigJKPZ6I+mFqxfv369evXF0aE/+x+zAW5zQ9SME7B
uA+z+88oEDBJo5JGJY36Lzp68PC77YiEY8Ix4RjQjGY0A+G4cFz43U/jWj+tn9bvj8M82K4e
Vg+rh/+5n+JAcaA48Hf1heJCceEf++n99H56P8CKFevv/CzgGMc4BnSmM53//H36q34Eqgaq
BqoW1qWB0kBpIAh2wS7YQRoljZJG/XN7j5uQFSErQlaAOEocJf4D+3/2+XyY+GHih4nQ7ot2
X7T7Ag6/cPiFwy/AoT6H+hzqAxsTNyZuTIRlU5dNXTYVVrGKVf+KwzWoQQ3YOH3j9I2/E5wF
/zA+SEHKxuAag2sM/gcpG3/2+RWkUPyh3/9JfflnSLWl2lLtf27nQf7VefXPnmuQ/5vCVI1/
LGQfp53fj/+wVI1AwOv9/eLAh/Gw48uXHzp0+TIsW3bkyI0b8MEHLVtWrQqdO9esWbo01K5d
rlxS0m/nHzv2R7t/tPN/R5wf5GGpGuPHd+pUvPjD/b9zJy8vPx/c7n887n9sxNl81FVPbgKG
qnSXigLoc7kNXBcqCVdB9MmvybdBRZisrwWGCYf0I6C+750hXQRfM6lm7CwQB0kLUYAy2lkW
gD5UeI8bwHl9hR4JejoeIoA9ODkPele9DvPB0F86KH8HhqbGGcYqIB1yJMbUheT1vgnGonBp
ceYofR7kTPcVE4aA9KPYmjagbFR2+XdCSJH44mV/gFB7dFLRjuD9QfG674PwmdiOgaC8pWZ6
l0LgmcAS73DQTnrfVOdBQu+4CtUPQ7s1taWnK0L9zypXiMiDsCEl6hjqgrLGOMD3MZSwRO+M
iIFyUWWfCTkB1XRraE4NeGKkUdJaQJgSHVJ8GUiENS7WEtRGvhs5dcEVn3MkZQJwSavBFAg9
EfpL5CiIHZPoS8qFxLtFXy8xBEJ9tkoRpUC4bpghl4fQ/dELIgLgMFmmmL6G1L1p7XKuwpnt
F8umfQS5m70h/uVg621vEZEN9vk2ydYWqvZM2lp8MZTpERFXLAoMdtr4voRi+VGHSvwM5QeF
Zdd7B4pesjcs+jXYrloslnpQOqHE+cotIMIW1ivyOERMCDXFTQR5iiRFlANPV/WYRwFluG7P
3QMm0Tzd3A3C19pfJAwSPo7bGLIPVBGXtRpEvRn1s+NbePJM2TIJZyE03PZxaD+QJguRcguw
hVqSLT3B6rb1MlpBbGZqaz4MsbfD4pPmQ5muxTPKylD+QIVnajYFe3LI94m/QG4312Q9H3KG
eE3KfbDWicyJrAmm8ZGzI/MgV7/bN7cK3Dp77KUTJyD1QFaf64dBjTBXtaSC/ooUbTwPmqKv
0luBUEL4nCLAfXW7tx4oNt86531QKqnPuq6DYuU5Zffjm6gFArZ48eLFf/9FUvAH/8FXa/9Z
Cs57UDgU2Pl35UI3Xtl4ZeOVhfWPNn206aNNsK/8vvL7ysOECRMm/D4Xr2mTpk2aNimsF+Tg
pm5M3Zi6EVY1XtV4VWO4O/bu2LtjH5+fzwx5ZsgzQwrrM1+e+fLMl2GBsEBYIEB25+zO2f+C
YP6r1D5R+0TtE4X1zw58duCzAzD3yNwjc4/89/nxZ/mrz+dN25u2N22FOc7Vj1Q/Uv0IDKo9
qPag2mB90/qm9c0/RliFhcJCYWFhrnBBisHDuBJ6JfRKKFx/5/o7198pHP/BX0YKIsIpY1PG
poyFs1+f/frs1//6/Xhm6TNLn/ndIsxP9n2y75N9sLPrzq47u8Krc1+d++pcWHF5xeUVj7B4
9lHnVZB/jcLUib8WcW7SZODAb78tLB/kweN/HOcfC/VA4Ldt4R7c9eJBHta+e/eVK6mphccX
Lz5w4MqVh59fUBbY/WO/gsWB/zilQpZ/S814sNy79/r1lBQ4f97l8nj+WObn/7Zf88NTNf5D
Fwfafo0cG7cI9A5SHcMlEJczlvdBSfHvDvQC3xOeVe4qYHolFPtnYCwmjNbPwNk513Iz+0Bo
w6TuSa3BOJoZ2jDwfii0FReA8DM/6z7Q3+G4lgziDKG7dBiEKmwUVoN+llqUAedrzryca7B6
xpqzGyzg+1w1R2yHatuealN/G+hFDHfZBVIPOU0+C2K0tk0pAVo/8YShF/AytYTPIfCU/4Z+
FkS/1JrtwHq9K5kgrOAtcTIwV0xSXwaKaINlKwR6kCa+BeLKxHeqloDKh8UP7OuhxOumBadn
QVap8NSckSBeyDvqsYH4SeK7T3ig0phKewMXIHF1WppzKpxKyvIp6+DMXPGy/R24U97cJOkO
aDfzdqaNAl+nzKap/UErav8ydCvY3wv5MkQB08+WpqZEED+xf2U/A1pA6eRvCmnbc6KFfuAq
5jmv5oJrhv6iYSeIMXJJ9QYwVPtSj4I7r6WdzvACm9TXDKEQ1jy0uOUMKC9KZ3z7odS2kD7F
XwA5wTAvoijknXF5PItBnyFs9b0L5i3awLCdQGutMQPANEluL34Fxku0ikgDQ19b35yL4Pne
I2VdhExjbme+AHWsf2LyeShTKia2fABCx0v74l8B27qwGfhAqeQ65ZTg/ohk1TUa0no5U10W
ML9sVk2nQWwq7FSPgCPNPNnWA0LLRdQLmQf2sQ5D2Aowf2ifaakIvnxfSWE3OD9wDvILIL1r
escUDpFq7OKYJWDubN5pGAX5E2/3Sv0U0tfc7HfVBHlNcrVbpcGD0RD+GahDGWN8HfQp2hz1
t8/fIPUC6Hf0Q3ol0EYQq1cGIoQsdR2IdqKNbwPP0lKv9n8mSfvHN2ELco8L9mfOzc3Nzc0t
rBeUD4ss/7NdNx608+/iZc/Lnpc94Nf9ul+HdSPWjVg3AkZkjMgYkQHRt6JvRd+CgcUGFhtY
DHoEegR6/O4LebhtuG24DWaaZ5pnmuG7kd+N/G4kRN+Ovh19G9JII+0x+Nm7Su8qvavA/Rfu
v3D/BdgyccvELROh2O5iu4vthsjJkZMjJ0Pm1sytmf/GF9301/vr/XW4N/LeyHsjYUPKhpQN
KVApolJEpYjCFIUCofp381efT4GAnb5i+orpK2CEbYRthA3UQ+oh9VDhYswRxUcUH/G7fxw7
pHdI75AOP3b7sduP3QoXDT5sEVvBokrOc57z0OqDVh+0+uCPqSIFi+0+53M+B7ZM2jJpyySo
9G2lbyt9y1+mb9++ffv2BedM50znTNi8e/Puzbth462Ntzbegtr+2v7a/sLFj/8qjzqvgvxr
qOpvr5B+mJD918f9r8crsPsggYDf7/eDJP22a8bDKNhV40EuXLh79/cvVnmw/rDzC+z+0Z/f
Ir8PS5yw2ex2iwV8PkX5fY/t2w8eTE4GTQsEUlP/eN4TTyQlmc1QrdqTT/6jAE+B3ceNcPDg
wYMHD+p6nTp16tSp89cHcONqkF0TuGw4ae8KQhYfalVAq+f/wn8IfDHubh4f2IzhcyMWgXpZ
f8vXB85P2Rp5vAeUjKwzuvp1sL4aftwwCNTzaqaeBBxVnfo2YJu+Qn0VhJ6GJw3l4HrS3eRz
y6H45phapeuC0kdpp8fBnoy9ziPVwfmry6JGAq0c3xftDiUzS/mK/ALl78WvMySDtYu1KPtB
La+2EO+B1EEYx0lQyqubvXtA9Avd5aMgvCZVEmeB/rbWXtoHrBE/0QKgP4cgJIC4XxeVd8Ff
w1khrwMYUwxt1IWgvuCanPEGaPMzXs78DiRX5PSwzuC9k7nxvgP0yelT098AaZesswK8qdId
TxpkJV3fmZMOq6/tKXG/BRwflv2TlA7+Jd5xWbPBn+lukT0ZhGrySMtlCHszpE7EJnC8HbrB
vBFMDsNr+j1goNrdL4O3omu991vwZfu3Bz4DZZl+URsG/lj/VW86+Aa6LDkHwOy0rLMOhojs
yDfC3gLvHfcYb1fwFHNnOX+GzKpZOamNQZ0ubHTeBq298LKlKDg7+7dnp0NInmOFWAX8ae5t
woeQW9+d6+oJ5dLixxX9DOQLYpSlMtwMz7h59ygY6srbLb0gak2YGtseIveYz5tKg7ZHH6V0
gbuD7gzzbgPNaxzEOnBMCJWsAphfkb+x3oSY3PgNNgUimkcWj8oEwyDztZBzoH2g7Da8Ca5U
Z3klH7yZ6obAcLAoYefCjkHosvA5YfdArKj9bNgBzqj7Ofc7g++b7AF3UsHjUz7PnQzZftfb
gQOQt00fFdYV9NLiPPMxCExghvQc+O4r7/MaBHoFugdaQ+CAstJ3GpQZgU7ec8BC9Z5nKkiV
9CW+nnAsdd+nG049/olbIGwLdg8oEND/KqGhoaGhoTBs2LBhw4b9+4VzkL9GwS8DKa1TWqe0
hjbxbeLbxBfmNr+056U9L+0prG9su7HtxrZ/t9dBgvzvoHLl55+fNg2qVKlZs3z5f32cb775
8MPWrQvr3bt/8MF/tavE6dNHj164AGfObNw4cmRhe3R0585TpoDJVKxYfHxhe3Lyxx+/8kph
vUiRESOWLn14+4P8s34+3+3b9+5Bevr337/7bmH74MFHj964AZUqJSRYrX8cNy3t/n2DAU6c
uHfvr/zj4ffn52dlQevW9euHhv7x+NmzKSluN8yZU7NmiRJ/ftyHcejQoUOHDj2GiLOmen70
9gfDt8amliOgtdE+1juCXNb4raE6yEtMijkR1BB9uPY9sMSz3j8BHJ879tt2gfELy3xDbxA3
S3VFE4hPCBeFZ0Fry4vqDyBFyxmG1yE1L3t2Sj5cf+P6gkNboHibuC5xTSDzC3dt9yBwOk0T
TC9BsZVlFlYsCv4i7rdww60Z9192DYYEd3hf+02wHrGXNWSDXksbzFDguN5cPw/iRGGh6Adh
idhJ/gL0ovoX2hTQ+vODNwuoqK5Th4O0WDxhGQn6EXGQ8R7Isx3rIqNA86vtAqGgdzBMU1eC
stBS1dkc5LaWO7Hvgzkssr55NtAzJrF0X2Cyo03MZLDck8xyNEQsrj7LewTeOF3jvXPfwa/L
9lw48ROsm7O/jPoV3HvNdDo0CZRDeZ3S90H2gczK998Hb557o2UxhG8LuxlRH8JOh5a128DS
IvKWJR/0Z/Ql6gDQNyhe/2rwV/GNM20H1zBLPcNpMJ2XY6VBkHkx+0vv9+B9VtkdeBfk88bx
gWOQs8TbJ3sIWNuY91gmgj3Sss52D0yHLe18LUFeYxinbQHXnbwQ90wIKxYxMywJ8mv7jb4j
kLMiv2NObxAOSyPETWD8wjDB8DJcHnOz4bUcsL1mPWRoB6FbwhoZ/RA1qtjFIushclpIZHhT
CL8d5nN0AtMMkzNUB0M523b7OAgYAiukYeAan/uT70nIX+e7GHgeJLM1xzAWwo/FXI2VwLLD
eshhAuWVvIvefZCRfef2raGQseZulQvrIRCvN86bB9on+jvC+5Cf5K6qfQPO7qqcVwMC2VoR
bSn4q6nf6SNA2aZ30J8Adb/SV90M/uqBNwORoI/XtqpTQT+p9g08A2og0MT3/qNP1IdRIGwL
hG6BgC4QWLdu3bp169bDzy9IxShYJFgwTvCNgv+ZFGw7t+ubXd/s+gb60Y9+ANOZzvTC7dre
zHwz883Mv9vbIEH+d6Fpv0WG8/OzsvLzwWSyWv/RPsd/Fb//H+cM+3xut89XaPdBAoHf3pyn
63l5TieI4j9e5PdXUzge1k/TPB6vFxTlH78Z0Of7zc/sbLdbUSA01GKRf6c+S5WKivJ4ftsf
OiQELlzIzBQE+K/j5fD00yVKxMf/Fsl2uwvbc3M9HkUptPu4eWThrEx25es/gaFe2DdiHKhL
/RvVmuCbpc8PLANjQ1MTYkBuLTc0JILnUOArXzMQzwtLtDlgWGbubHgH7o+5f/vmOlC2K7/6
vwcT0ld6T3ActQ0NPwj5T+V0y/OB/VXztYgxYCptXm8fCFHh9s3mCHCudhY5o8GVFSntcr+E
xAqRM6LSwLbD8pJaH1K+TdvrLwPFGoUXMZ0Ctangowgoo5WSgcMgTBLbio2AoiwUwkDYzn15
Jeg20Z09DoTa1BCrApGKU30WlLtOV85TYGhsb1qkNaiVhXvqJZCdjutxNcBw1h4WVxm0Z5Uj
zmxQ23gP5lcAYz1zveifQd1hWG17FtTPtZd1CTSr/LL5MNiqlz9W/z14vmz5Pk/3gXITy1Tb
8DUs6PrDV4frwuWtVrnUSfBWdDXLWAWegfnXcmPBvyNt490h4Jqft9k8HkK/dORHRUNIcsgK
00GwXba+Yv4OQt8N+cihQNT5qFpqGvjPeta4ngWDYkvMKweB3UpfsTQoiV5N3wTypyXzi3WE
vD65b3k1MDUxvGGuBtJddU1IKrgN7pr+BWDfb+kvlIL4HyMqRp8GO4ZnEyZD2nRjq5RXIGSX
/YBtIkTtC1kVvRucnYq+7ekDhlnGa+wGR0q41dYPLNfMzrCvwNhQNtsHQ8CvbZeeAn/RgIkY
yMlJ/8L7AgS+VnPYCtqvxi7m9mD5KnSk5V2wVw1fG/E8SMV8B3FBbsObx9M3gKtd1v3k3qCc
VRamfwy2LvYvtfng26JcsSwAb1n/Hn83sIuWJO0QSOsD89xFwfehUkEvDXp9uQL5oNzW+qqh
oD9liuNDUPrqJv1p0I5pmzQRhEuCwegHRVRWyI/wk+ufpUDoFgjpB7eRK9jHtYCCXOZq1apV
q1bt3+9fkMdD1Vervlr1VVjKUpYCDGEIQx511CBBgjwOnniiVKmICLhzJyUlIwPi4hISoqIe
n4AuoEAw37//m50Cuw9SsWLx4hERcPr0rVuZmSCKoaEhIRAWNmjQ/Pl/7P+w9n/WT9c9Ho8H
NC03Ny8PqlQpXjwy8o/nhYYajbL826u5/X5ISPgtgSIszGKRJMjKEkVJguLFQ0Pz8qBu3cRE
mw0kSRDE/2Il3q1bv9nNz9d1WYacHI9HVSElJTfX7y+0+7h55FSNew0uvntjC0Suf2JKsREQ
SPd0UkuAkqnGBkaBqbexpeE46LLi8tkgd+TurodCIG+W/pVcFYpcfq7qM20g25PjuVcffMuV
YcpoMGUbvxGrwdk3Lif8mgK5l9TX8l+GMqWil5fqCglq5JqKuXC60wXn8Tw49/5d/4VLcPHM
3dNSHajyZsWPWr4AdSZUyiw2Gp44FrVBaAlCSUNHsRiIG/Ut+grQp2jN1Nugp4pthDQQuwnF
DY1BSBX36M9Dqin7+qUBkN7FO+tGWYgYFtEupBdonzpd2VMg3GJyVvwAQuc4epWrB752WgX3
BeADQRZlEHaRIvcC8QstIjAMlBn6z1obEHWxquENIFGP1lJB+Eqfp58GNV1vICQAFdknRYHt
C0sVuRGsCp3R55O7sK7tUeONPqAn2KZHXQT3ZG/jQD1Q17tL5P4K+kXPzLxrIMraKf9SsL4n
50kzwLzL3sWeDw6Lw2KdDSEjrC+ZT4N5utlkkMEwQh6lPgfar6RoBvCXVj9WvKCf1Eop3UGb
p50OdIOASXla1cBTzfu6fzQIK+Vk4XmQ5gpxYk2QpgkLhEugLdBaCAKY3Kb3jXtA2yg0134B
UxXxGeNLYMg3/2R9ErRw1gjnQJsUaCimgreyt5lWHpx7vcX8AQiMCmwNZIBaT1okvAVSjPGI
7TgYx1vCjfkQXSakrgUo4osdZLsEdwL338j4GfKVnArpX0B27dSEi50hNz/N458O6jE2BX4F
OU5poyWBaBJXmhoAq41mOQLkD8V1UlHQ3+Ed6R3wT1DL8i7on5CvjwUEGgknQU8QfhFXAB+I
W6T5oMvaKb0WaG8JN8SdoGeI5+Rp8GO3n0d+v+3xT9wgQYIECfKfQVZWTo7TCb17v/PO11/D
+fNXrqQ9jkUWD6FChTJlYmJg8eKpU19+GSIiwsJ+/2bS9PTcXKcTXnhh9OiFC+HkyStX/tE+
0Y+LatXKlImPh59+mjixXz+Ijg4N/b0/2dm/xY4/+ODMmeRkSEv7LfL87yImxmqVZfjww8qV
ixSB8PDHI6AfW6qGPM7xnXEtBKbn1M13g/5K9rc5u0AY70pxWUEfXXZeqZaglnb3cS8HZ/HN
5359G8LML77dLh+EfZYE4TgkTDS+UnQAZA9yV8mzw4mM49qBGWApazSGvgSefbY1+i2I2mEt
Gd8QDO8Yy4XXhR1pu8Lv9IZ7I4Qf7nYGd4S0LnADth7bdf77C+Dr5Kfr11AqsfH64vXA4jKd
pyeo+7XXRQ8Ip8S7whwQRwp7pI6g5fKhPwHkBdQznwF37TxfVn+4vPpKz+OlQDmsTzfMB32h
abjmg+hTEZHJF6Hi9iKf+5IgOtnaOHEXYBEHGzygfyOiNQQmCZvFEBCgpbEVCB/q1dUKoK+j
BxuA7cJSYSKI4cJtioE2k05KAAKaUkQ7CEJFf26+DuKGjCbXAXmcNld9H+Q+5q72DaC9EFYi
8hIov4RUjbgKai+/4Pwe/P19m/M7gBIdGKPVhMCGrGlZFyHHmfWM3B5M9Y0fiu+A2WLaYWkP
pkqG4abSIIab5kkbQLohyfJBkOoayll3gnGP3ERsDwZzyF4CgMxzWgoIXiaIS0AI0SV9A2hN
9VuUBWWonqr1AbWcEskiyG+ulOEV8K3N6eONBW/vwBRFhIAYKKFcAPUoezkL8hpTsnkeGJda
V9imgrGDuYH1IMSNsi83LoUancvNjFoDNb6r+XLlGRD3WdLlUlNg87tbZ31dElLfyJt0szRU
b1DT17YNrN605t7PQ0Df7HnVUBKaflelVv10uBJ3tkNGWTj27bFy5yvAnUVZEVljwPe8Mljp
ApaxpmXmXiAfM7xq6AdaRbWI/i6otbQvlROgfy0MEL8FsbneXQwF7bJ+VzOAdlzfp44Cuv37
vhyCBAkSJMjfT4FwXb9+/vzXXvu7vSkUrocOff75m2/+3d4UCtfZs//xIr7/13hk4WyZr0z2
t4LA8pt599YDkb4WniqgPeMt4n8RjLuFNiXXAKGuWa6fgS3+64ElYPokJjKkGhiWM03eCJlv
uddmCHB8/fHh+2ZBwkzjtri3wJVsbu4Kh7A0YYQjEWI3xZUo3gtOnbr2ZZoI4umQwYkLQF+U
uSYlFIoWKT+8SltIqXG9z5W5cGHBVe+1DDiyJal9RAI816XiTHsvCKwKLPNNAnmbKcLyLKiH
tfXeFBBOCXNMRYG+ehkhHAwfWCaadkFMiQpaGSD58CnPlWFQarcUEbcS7JdckZa2cC118+5V
cWCfWzqtWhsQ1gkdpSTQb7Nebg+GEUW3l+kK8jvR2SWeBn273pB5wAqhJ9mgL9TPo4OQzCiO
glhTjxZKgaGhnqB+AMLX2mK1K7i+cj6ZeR/kV5XdntIgdjLvdmwAOcayPyIajHmWC5GXQKxh
mWP7EUw/h7rDBdCmOPtnxYIXJVabC4H39XtaDmiH9OKaDs7mnrWe4yC+7PLnXwZFUnfpF4Hm
upszIKwSzoiTwLiQJ4TzoO8U+9AH9FeFRYILhIYsFhJAn89P4mrQJwkLCQGtv/6ssg/0MOE9
sQzorwlF5bsgrJW2yy1AOmk4ZjgI8smQBmG3wDLNMs32M5gdxjXmgxCXaXVrO6FG0+K1LXao
1qp2larPQNzusnINCZRFwjlzNARO6jPZCQ3fre/uMg6cRZyBRu9CRK+E10p/DtGW7gvL7gH7
QkeZMjKEXgrrXfw9qJBZc9rdfpC0tXrXc0Phe/fyWxtug/+9/JxzHkjumPp1dkVQe4rTJCcY
HWbNehQMidISw3yQzdJC8RmgG06xM+ir1HjtDGgDleP6ZwCUo9HfPc2DBAkSJEiQII+DRxbO
0gb5iHQadLejvu1HEDbFpMWOAqEDF4RMoJLsl5uAb/mduOs3QO4S9Wr4GJDfj4mI/RY8IYH7
+dUhb3Re8r1BUH1r5bp1F0J0//Dp8TY4kH6+8YbREB5t6x4zCfR28nXDm3Bu4PHqO3aBcaa1
bfHFUHym7cvy0VBrW9mrT9ngQoPIniUB4Xn1S+1pqJpR1hMpgG+069n090B4y9M4qyVoq2TV
VhzE5db+Nh/ojQx5xh9AumTeKEZDysAT8tVKkHI2970L7cC2IP5DUxZEpEY1TpoJ5d+v7Gs5
BDzmitXu+kFPzqp1rwj4FtzrfOMH0JNc7+VUBVUKL+9YC4ZnI+Kj84AnhGGh1YCz9FPmgf48
5xgNnCKZlaC1FH7kQ/B94u+gNwNfvn8DTtAGyHcNncF7O7DIvQwweA+7t4OQl7sq8xcw5Zuy
79vA2tI+JswPxbYUS4xKgfbRfes3qwL30+/dzn4Jbq+4Fn83H273zxjs6gmZn7lLBKZC/kn/
QqEOuHP0c8pJEFqrkfpICISqaPHgPqGma92BJ4Rx+nrQo4U9zAPW8iGZIMaIQ8WnQIwyfGD4
AYQNUqThG5DXGVobG4A0Q86QJ4I8wuAxvg+GJPEteTkwns48C4Zo1RpIB21aRsP71eG54s93
KNUcnn62De1Lgvc9sXXUTfDND4z1RoN+WPzC1wzEWOmy2BmkF81htkUQNUquYMkHfQxVzYsh
sVjRvU3GQcCkTFW2gj/Tf9l/HIzv23abW0DgvDo4rC08/Wr1dlV8ED8nLKPYq5B80L1Nfwm2
n9vy6V4XpMzJfOPuLvCYDWfl9WARlK9Mx8G00lTTuAHEQ+I+8SjIEYYn5d+2zwnGnIMECRIk
SJD/ITxyjnOQIEGCBAkSJEiQIP+TKchxfuQ3BwYJEiRIkCBBggQJ8r+BoHAOEiRIkCBBggQJ
EuRPEBTOQYIECRIkSJAgQYL8CYLCOUiQIEGCBAkSJEiQP0FQOAcJEiRIkCBBggQJ8if4/7ej
K1gtGCRIkCBBggQJEiRIkD/y/wGwT9Vk/cnVFwAAAABJRU5ErkJggg==
--------------030904000401080006030102--

--------------050403080602010001030107--

From wmills_92105@yahoo.com  Tue Jan 28 08:27:20 2014
Return-Path: <wmills_92105@yahoo.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5B851A0437 for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 08:27:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.834
X-Spam-Level: **
X-Spam-Status: No, score=2.834 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, MIME_HTML_MOSTLY=0.428, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gMA1FxBW7S6T for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 08:27:18 -0800 (PST)
Received: from nm24-vm1.bullet.mail.bf1.yahoo.com (nm24-vm1.bullet.mail.bf1.yahoo.com [98.139.213.134]) by ietfa.amsl.com (Postfix) with ESMTP id 54D921A044A for <oauth@ietf.org>; Tue, 28 Jan 2014 08:27:14 -0800 (PST)
Received: from [98.139.215.141] by nm24.bullet.mail.bf1.yahoo.com with NNFMP; 28 Jan 2014 16:27:11 -0000
Received: from [98.139.212.237] by tm12.bullet.mail.bf1.yahoo.com with NNFMP; 28 Jan 2014 16:27:11 -0000
Received: from [127.0.0.1] by omp1046.mail.bf1.yahoo.com with NNFMP; 28 Jan 2014 16:27:11 -0000
X-Yahoo-Newman-Property: ymail-5
X-Yahoo-Newman-Id: 541089.91027.bm@omp1046.mail.bf1.yahoo.com
Received: (qmail 62746 invoked by uid 60001); 28 Jan 2014 16:27:11 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1390926431; bh=o3Oq/GUZfTjlLlf1RBz0MC3CK+m+XVaQp2Fd3/eFiRg=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=B0CEjWq1E6OyoTpfA4uErTCxLxcDPWdpt4QxoHp+m5YOL2vsRfIRfh7iaye8EUexmE636G9KqhkJXEKqN3INm/i1n6OHqY2OmbgfV+cpEWxqMBSGQa1NnZ4GPLpr6hfS6/5FY5z6KKVBu+XreK68itGp9DYcAMYqPhVrbxIAGmU=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=nqOdfEd3mR4vpH6oDZr0/ljdmWluI+/cmUVDF6rfjLqTCSq4RQm9D2twxdpk42SkvdfHP9ApySyyHFjlAl3Cxp+lu/eZwX4F/dU1eOJHmysppfPVrILx6MiybVHKLmV9dT/rOnFAjSzM3S1sVv9MiUVOlnGfAFTKp5Re2nLtC3s=;
X-YMail-OSG: 5HlcqmcVM1n7LAY0yZe7XxYlIm1c5c2SjfPjkvXoNLkWZMv hJ9Rev6uamu2.6x9cxfY37PLK7iUEXpv7f_PLnNx7o8k.IbGkBVs_ZIrkvzv dHRTqiEXfs.c0j60o8YBNrwY8IBb8Th2osFsyRQZSE2cFZ3RneaDuMuj2i2f XBIWEhHJ7PUFE6r5PfuiSFB8SaLpaebwwqfcqCm0UQ9O0rk4_EhwMJJPwlR_ 5KwbQyBZ.xmTk3fH7VQ9t3VehrW0PbuFcms0G_WSId4zvG_BaLWtH0qMHfms uw8sBD7bJXCWgIGBG6wTTnj8gQmEmwJ4TCTvNAJL6m_6c7Aa9vm4IqzMI4nD Z_Len8y1iDQeI71pWM7QCwRnSPbJiZbWVgNuVmWtsMjkTVJWZIQe1a2zoQVQ ITaljlUoH9VRNL6XSASJIh9X1MxduC2D9dL_GTgCS_6wvVqLYwRAzvaIur4t LrwcyyYAaITrk9tnutxOaXUDNXlDG12kGrswoOraIuvkcDm5tsO0HQ2B9.RX YphI.pRy0wpnDZ9DlbkJ6xNse2XE0To5rQ.BUpkhZSUXeAg0DG8AdyCiS77i 0RIkRR1NEa_KuHYtD7lJoBACEiBvN9ypve2niioF_b.qipmGHFFzptnIqhDf ZcUXWrWZb6YRcDcTkYGeLh8IUBokEM.wok7daJpuPEDp.VzKclPCOCwWVapw AepjWd08QzndlFNbuhY03UUW.G3c49GhNtLqQ_36MnqgJVON5V_egajKcP2z 8xkKP4j3q3W8uXx48CpilOH4apQ--
Received: from [70.211.76.86] by web142806.mail.bf1.yahoo.com via HTTP; Tue, 28 Jan 2014 08:27:11 PST
X-Rocket-MIMEInfo: 002.001, U3RpbGwgZ2V0dGluZyBhIDQwMTYgZXJyb3IuIAoKU2VudCBmcm9tIFlhaG9vIE1haWwgb24gQW5kcm9pZAoKATABAQEB
X-Mailer: YahooMailAndroidMobile/3.0.5 YahooMailWebService/0.8.174.629
Message-ID: <1390926431.32248.YahooMailAndroidMobile@web142806.mail.bf1.yahoo.com>
Date: Tue, 28 Jan 2014 08:27:11 -0800 (PST)
From: Bill Mills <wmills_92105@yahoo.com>
To: "oauth@ietf.org" <oauth@ietf.org>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
In-Reply-To: <trinity-5109dc86-67ba-4bf2-b52f-bef301c34b30-1390853557473@3capp-gmx-bs08>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="515012262-54359770-1390926431=:32248"
Subject: Re: [OAUTH-WG] Conference Bridge for Call Tomorrow
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 16:27:21 -0000

--515012262-54359770-1390926431=:32248
Content-Type: text/plain; charset=us-ascii

Still getting a 4016 error. 

Sent from Yahoo Mail on Android


--515012262-54359770-1390926431=:32248
Content-Type: text/html; charset=us-ascii

<table cellspacing="0" cellpadding="0" border="0"><tr><td valign="top"><p dir="ltr">Still getting a 4016 error. </p>
<p dir="ltr"><a href="http://overview.mail.yahoo.com/mobile/?.src=Android">Sent from Yahoo Mail on Android</a></p>
</td></tr></table>            <div id="_origMsg_">
                <div>
                    <br />
                    <div>
                        <div style="font-size:0.9em">
                            <hr size="1">
                            <b>
                                <span style="font-weight:bold">From:</span>
                            </b>
                            Hannes Tschofenig &lt;Hannes.Tschofenig@gmx.net&gt;;                            <br>
                            <b>
                                <span style="font-weight:bold">To:</span>
                            </b>
                             &lt;oauth@ietf.org&gt;;                                                                                                     <br>
                            <b>
                                <span style="font-weight:bold">Subject:</span>
                            </b>
                            [OAUTH-WG] Conference Bridge for Call Tomorrow                            <br>
                            <b>
                                <span style="font-weight:bold">Sent:</span>
                            </b>
                            Mon, Jan 27, 2014 8:12:37 PM                            <br>
                        </div>
                            <br>
                            <table cellspacing="0" cellpadding="0" border="0">
                                <tbody>
                                    <tr>
                                        <td valign="top"><div style="font-family:Verdana;font-size:12.0px;"><div>As a reminder for the meeting tomorrow (see earlier announcement at&nbsp;http://www.ietf.org/mail-archive/web/oauth/current/msg12360.html) below is the conference bridge/Webex info.&nbsp;<span style="font-family:Verdana, sans-serif, Arial,;font-size:13px;line-height:1.6em;">&nbsp;</span></div>

<div>&nbsp;</div>

<div><span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">-------------------------------------------------------&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
&nbsp;</div>

<div><span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Meeting information&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
&nbsp;</div>

<div><span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Topic: OAuth&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Date: Tuesday, January 28, 2014&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Time: 11:00 am, Eastern Standard Time (New York, GMT-05:00)&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Meeting Number: 640 200 258&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Meeting Password: secure&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">-------------------------------------------------------&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">To start or join the online meeting&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">-------------------------------------------------------&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Go to&nbsp;</span><a rel="nofollow" target="_blank" href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fj.php%3FED%3D261969107%26UID%3D492124657%26PW%3DNOTgwYTU4NzY5%26RT%3DMiMxMQ%253D%253D" style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">https://ietf.webex.com/ietf/j.php?ED=261969107&amp;UID=492124657&amp;PW=NOTgwYTU4NzY5&amp;RT=MiMxMQ%3D%3D</a><span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">-------------------------------------------------------&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Audio conference information&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">-------------------------------------------------------&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Call-in toll number (US/Canada): 1-650-479-3208&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">Access code:640 200 258&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">-------------------------------------------------------&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">For assistance&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">-------------------------------------------------------&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">1. Go to&nbsp;</span><a rel="nofollow" target="_blank" href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fmc" style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">https://ietf.webex.com/ietf/mc</a><span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">2. On the left navigation bar, click &quot;Support&quot;.&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">To update this meeting to your calendar program (for example Microsoft Outlook), click this link:&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<a rel="nofollow" target="_blank" href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fj.php%3FED%3D261969107%26UID%3D492124657%26ICS%3DMIU%26LD%3D1%26RD%3D2%26ST%3D1%26SHA2%3DAAAAAuTV9t%2FsV3WFcDOadVZVl%2FFLwEvmWseu6wZm45DiI6Wb" style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">https://ietf.webex.com/ietf/j.php?ED=261969107&amp;UID=492124657&amp;ICS=MIU&amp;LD=1&amp;RD=2&amp;ST=1&amp;SHA2=AAAAAuTV9t/sV3WFcDOadVZVl/FLwEvmWseu6wZm45DiI6Wb</a><span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">&nbsp;</span><br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<br style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;"/>
<span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">To check whether you have the appropriate players installed for UCF (Universal Communications Format) rich media files, go to&nbsp;</span><a rel="nofollow" target="_blank" href="https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fietf.webex.com%2Fietf%2Fsystemdiagnosis.php" style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">https://ietf.webex.com/ietf/systemdiagnosis.php</a><span style="font-family:Tahoma, Arial, sans-serif, Helvetica, Geneva;font-size:small;line-height:normal;">.&nbsp;</span></div></div></td>
                                    </tr>
                                </tbody>
                            </table>
                    </div>
                </div>
            </div>

--515012262-54359770-1390926431=:32248--

From Hannes.Tschofenig@gmx.net  Tue Jan 28 09:22:45 2014
Return-Path: <Hannes.Tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB0551A0243 for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 09:22:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.435
X-Spam-Level: 
X-Spam-Status: No, score=-2.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5FzIC5eH536A for <oauth@ietfa.amsl.com>; Tue, 28 Jan 2014 09:22:42 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) by ietfa.amsl.com (Postfix) with ESMTP id 5E4B31A03B7 for <oauth@ietf.org>; Tue, 28 Jan 2014 09:22:39 -0800 (PST)
Received: from 3capp-gmx-bs39.server.lan ([172.19.170.91]) by mrigmx.server.lan (mrigmx001) with ESMTP (Nemesis) id 0MhgAH-1Vu7SK27DX-00MsyK for <oauth@ietf.org>; Tue, 28 Jan 2014 18:22:35 +0100
Received: from [217.140.96.21] by 3capp-gmx-bs39.server.lan with HTTP; Tue Jan 28 18:22:35 CET 2014
MIME-Version: 1.0
Message-ID: <trinity-8c164a7d-2956-4203-8e22-94c0eed58b80-1390929755380@3capp-gmx-bs39>
From: "Hannes Tschofenig" <Hannes.Tschofenig@gmx.net>
To: oauth@ietf.org
Content-Type: text/plain; charset=UTF-8
Date: Tue, 28 Jan 2014 18:22:35 +0100 (CET)
Importance: normal
Sensitivity: Normal
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
X-Provags-ID: V03:K0:E2w3d5M/6TuxqZ0ToSW1HdlxJWca1ykvSGaH2YTihe5 qyu7S4cBaBirfk8aVUGW3X+LLVKl8JinkbGs+dZbl0tzSDsP/F e/HQkYDenhMXfzoxcVV7p17m/PwvcW2FxGgGYkiZcrwpGmr43z 0fpG2gKawFyqWUfY0jQz/61QzvFP2MMe6hss5j0sGDtf7yHq63 fXsbCYxo4fmR1nfOEad5cgXsP8tyme5pFqzLyTw0CyKBSFbfrx 3mw4UD6Tkampf7OeNE5Og+ucO2yYqFTAFPHKQAV+Bu0dXgyzzR 3ypB18=
Subject: [OAUTH-WG] OAuth Conference Call, 28th January 2014: Meeting Minutes
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 17:22:46 -0000

Here are the notes from the call today.=C2=A0
=C2=A0
Participants:
- Hannes
- Derek
- Brian
- John
- Phil
- Justin
- Mike
- Tony
- Prateek

1) Assertions=C2=A0
AI: Hannes to search for the shepherd write-up. Submit the write-up to Bar=
ry for review.=C2=A0

2) Dynamic Registration
The WG document was split into 3 documents.=C2=A0
AI: Hannes & Derek to talk to Stephen about WG adoption of the two new doc=
uments.=C2=A0
Is it covered by the charter?=20

Decision about doing the WGLC of all three documents concurrently.=C2=A0

3) JWT and JWT Bearer Profile specs=C2=A0
(in relationship to the ongoing WGLC in JOSE)
AI: Wait for JOSE WGLC to complete before moving these documents on to the=
 IESG.=C2=A0

4) MAC Token & HOTK Draft
AI: Hannes to arrange conference call with the draft authors (within the n=
ext 2 weeks).=C2=A0
AI: Hannes to talk to Stephen whether the HOTK document is covered by the =
current charter or not. =C2=A0
AI: Hannes & Derek to arrange f2f meeting at the London IETF meeting.=C2=
=A0
AI: Derek to talk to Lucy about room reservation for the Sunday IETF meeti=
ng.=C2=A0

6) Use Case
Not discussed; status unknown.=C2=A0

From hannes.tschofenig@gmx.net  Thu Jan 30 01:08:34 2014
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DB821A0504 for <oauth@ietfa.amsl.com>; Thu, 30 Jan 2014 01:08:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.095
X-Spam-Level: 
X-Spam-Status: No, score=-1.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_24_48=1.34, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2B3bLwmHyVlp for <oauth@ietfa.amsl.com>; Thu, 30 Jan 2014 01:08:31 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) by ietfa.amsl.com (Postfix) with ESMTP id 59A891A04FD for <oauth@ietf.org>; Thu, 30 Jan 2014 01:08:31 -0800 (PST)
Received: from [192.168.10.205] ([213.162.68.81]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0MXI5V-1VoG6A02E9-00WH9K for <oauth@ietf.org>; Thu, 30 Jan 2014 10:08:27 +0100
Message-ID: <52E87DE4.1070000@gmx.net>
Date: Wed, 29 Jan 2014 04:04:52 +0000
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: oauth@ietf.org
X-Enigmail-Version: 1.5.2
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="m6V4NT39wk5fnLaPB0JnE0TqKhPvwsGJC"
X-Provags-ID: V03:K0:t7OCdMEOWuQnT82sMaru5IGctqW9fPjS3X5PN9jyUEc4Awnpct6 BCIazchZJxbQmn1SX9VTBbekmgZ4Pd7sn70VJedgL7+Fu7/46lmC7L78ht0NhAUMbAq1XdX Sp1IzFlu4dKTqUuJCTISFPoGD2rgImjzpy37R8d/FADO/bPa23rVNBiC61HfQZ9lDTMyotE QKlKq3fN8mq/csO+hpvOg==
Subject: [OAUTH-WG] Dynamic Registration Plan: Your Feedback Needed!
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jan 2014 09:08:34 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--m6V4NT39wk5fnLaPB0JnE0TqKhPvwsGJC
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi all,

as you have seen from the meeting minutes of our recent status chat it
is time to proceed with the dynamic client registration work.

The earlier version of the dynamic client registration document was
split into three parts, namely
  (1) the current working group draft containing only minimal
functionality,
  (2) a document describing meta-data, and
  (3) a document containing management functionality.

This change was made as outcome of the discussions we had more or less
over the last 9 months.

The latter two documents are individual submissions at this point. New
content is not available with the recent changes. So, it is one of those
document management issues.

I had a chat with Stephen about WG adoption of the two individual
submissions as WG items. It was OK for him given that it is a purely
document management action. However, before we turn the documents into
WG items we need your feedback on a number of issues:

1) Do you have concerns with the document split? Do you object or
approve it?
2) Is the separation of the functionality into these three documents
correct? Should the line be drawn differently?
3) Do you have comments on the documents overall?

We would like to receive high-level feedback within a week. We are also
eager to hear from implementers and other projects using the dynamic
client registration work (such as OpenID Connect, UMA, the
BlueButton/GreenButton Initiative, etc.)

For more detailed reviews please wait till we re-do the WGLC (which we
plan to do soon). We have to restart the WGLC due to discussions last
years and the resulting changes to these documents.

Ciao
Hannes & Derek

PS: Derek and I also think that Phil should become co-auhor of these
documents for his contributions.


--m6V4NT39wk5fnLaPB0JnE0TqKhPvwsGJC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCgAGBQJS6H3kAAoJEGhJURNOOiAtvicH/2K23muP9IsmnkeR9QdeX0M1
5Xk7WhAPQde8YYXJT1hIGyLnlouyzFlw1ZT8YnYPHhgz3QMm+5sEO4TYKSwUuEbp
brpWWLfl8Csm60Xv6p34R5eTqHIRSls/6l5jJEzHtwZjU9DkjTFBegz8MzuPQ8aQ
JFA6DS+rxmMjwlZ40NneA+DV+pAFT7xA1pNVCQZbinF2vUT1Gx2z8+0xDqfMz7Xz
dRjWnBKzLf9a+LgZj5ifPbTPVa/o1x4TgJNERG1Lq9tV7feuB7F9D/Hf0ZDPheNI
fKnV4edI/+shTtX+gxEoSbJFaSbta6XenvXy66YWkdtW7SCAjQuYwuLn31jYOPA=
=JGRX
-----END PGP SIGNATURE-----

--m6V4NT39wk5fnLaPB0JnE0TqKhPvwsGJC--

From Michael.Jones@microsoft.com  Thu Jan 30 17:03:46 2014
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E91691A04EE for <oauth@ietfa.amsl.com>; Thu, 30 Jan 2014 17:03:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level: 
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VmP7Xk1kZdsy for <oauth@ietfa.amsl.com>; Thu, 30 Jan 2014 17:03:43 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1lp0149.outbound.protection.outlook.com [207.46.163.149]) by ietfa.amsl.com (Postfix) with ESMTP id 052F71A04F3 for <oauth@ietf.org>; Thu, 30 Jan 2014 17:03:42 -0800 (PST)
Received: from BL2PR03CA017.namprd03.prod.outlook.com (10.141.66.25) by BL2PR03MB242.namprd03.prod.outlook.com (10.255.231.18) with Microsoft SMTP Server (TLS) id 15.0.868.8; Fri, 31 Jan 2014 01:03:38 +0000
Received: from BL2FFO11FD031.protection.gbl (2a01:111:f400:7c09::185) by BL2PR03CA017.outlook.office365.com (2a01:111:e400:c1b::25) with Microsoft SMTP Server (TLS) id 15.0.859.15 via Frontend Transport; Fri, 31 Jan 2014 01:03:38 +0000
Received: from mail.microsoft.com (131.107.125.37) by BL2FFO11FD031.mail.protection.outlook.com (10.173.160.71) with Microsoft SMTP Server (TLS) id 15.0.856.14 via Frontend Transport; Fri, 31 Jan 2014 01:03:38 +0000
Received: from TK5EX14MBXC288.redmond.corp.microsoft.com ([169.254.3.129]) by TK5EX14HUBC101.redmond.corp.microsoft.com ([157.54.7.153]) with mapi id 14.03.0174.002; Fri, 31 Jan 2014 01:03:07 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Dynamic Registration Plan: Your Feedback Needed!
Thread-Index: AQHPHZrqEhtxa32Q2EGvHz/lGJszjpqeAtTQ
Date: Fri, 31 Jan 2014 01:03:07 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739438A6C1D32@TK5EX14MBXC288.redmond.corp.microsoft.com>
References: <52E87DE4.1070000@gmx.net>
In-Reply-To: <52E87DE4.1070000@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [157.54.51.78]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009001)(6009001)(13464003)(199002)(189002)(53754006)(377454003)(59766001)(77982001)(55846006)(15202345003)(74366001)(74706001)(74502001)(74662001)(79102001)(23726002)(87936001)(33656001)(50466002)(6806004)(47446002)(69226001)(81342001)(81542001)(47776003)(20776003)(93136001)(63696002)(80976001)(80022001)(65816001)(66066001)(31966008)(2656002)(87266001)(19580395003)(44976005)(19580405001)(83322001)(4396001)(47736001)(49866001)(81686001)(77096001)(81816001)(76796001)(76786001)(54316002)(56776001)(92726001)(47976001)(54356001)(46406003)(76482001)(15395725003)(46102001)(51856001)(53806001)(94946001)(94316002)(15975445006)(85306002)(85852003)(83072002)(93516002)(86362001)(56816005)(90146001)(74876001)(50986001)(92566001); DIR:OUT; SFP:1101; SCL:1; SRVR:BL2PR03MB242; H:mail.microsoft.com; CLIP:131.107.125.37; FPR:BEBAD2BC.2ED27FAA.30E13D4B.82E0D281.2043D; InfoDomainNonexistentA:1; MX:1; LANG:en; 
X-O365ENT-EOP-Header: Message processed by -  O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0108A997B2
X-OriginatorOrg: microsoft.com
Subject: Re: [OAUTH-WG] Dynamic Registration Plan: Your Feedback Needed!
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 01:03:46 -0000

First, I'll repeat what I said on the call that I agree that Phil should be=
 a co-author.  I'll add him when I create the working group versions of the=
 individual submission documents.  Thanks for your work on software asserti=
ons and client association, Phil!

As an editor, my preference would be to create working group -00 versions o=
f the current individual submission documents first with no technical chang=
es - just putting them under working group control and adding Phil as an au=
thor.  Then we can address any comments received in subsequent -01 versions=
.

Putting on my OpenID hat, I'll say that the current docs are compatible wit=
h OpenID Connect Dynamic Client Registration (http://openid.net/specs/openi=
d-connect-registration-1_0.html), which is expected to be finalized next mo=
nth.  Of course, there are several other profiles of OAuth Dynamic Client R=
egistration and I won't try to speak for them.  That being said, since ther=
e were no technical changes from -14 to -15 - just refactoring - I would ex=
pect that their profiles would not have been broken either.

				-- Mike

-----Original Message-----
From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Hannes Tschofenig
Sent: Tuesday, January 28, 2014 8:05 PM
To: oauth@ietf.org
Subject: [OAUTH-WG] Dynamic Registration Plan: Your Feedback Needed!

Hi all,

as you have seen from the meeting minutes of our recent status chat it is t=
ime to proceed with the dynamic client registration work.

The earlier version of the dynamic client registration document was split i=
nto three parts, namely
  (1) the current working group draft containing only minimal functionality=
,
  (2) a document describing meta-data, and
  (3) a document containing management functionality.

This change was made as outcome of the discussions we had more or less over=
 the last 9 months.

The latter two documents are individual submissions at this point. New cont=
ent is not available with the recent changes. So, it is one of those docume=
nt management issues.

I had a chat with Stephen about WG adoption of the two individual submissio=
ns as WG items. It was OK for him given that it is a purely document manage=
ment action. However, before we turn the documents into WG items we need yo=
ur feedback on a number of issues:

1) Do you have concerns with the document split? Do you object or approve i=
t?
2) Is the separation of the functionality into these three documents correc=
t? Should the line be drawn differently?
3) Do you have comments on the documents overall?

We would like to receive high-level feedback within a week. We are also eag=
er to hear from implementers and other projects using the dynamic client re=
gistration work (such as OpenID Connect, UMA, the BlueButton/GreenButton In=
itiative, etc.)

For more detailed reviews please wait till we re-do the WGLC (which we plan=
 to do soon). We have to restart the WGLC due to discussions last years and=
 the resulting changes to these documents.

Ciao
Hannes & Derek

PS: Derek and I also think that Phil should become co-auhor of these docume=
nts for his contributions.


From eve@xmlgrrl.com  Thu Jan 30 19:33:32 2014
Return-Path: <eve@xmlgrrl.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C5B61A0528 for <oauth@ietfa.amsl.com>; Thu, 30 Jan 2014 19:33:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.9
X-Spam-Level: 
X-Spam-Status: No, score=-0.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_DOMAIN_NOVOWEL=0.5, URI_NOVOWEL=0.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rxie_cT80n1i for <oauth@ietfa.amsl.com>; Thu, 30 Jan 2014 19:33:30 -0800 (PST)
Received: from mail.promanage-inc.com (eliasisrael.com [50.47.36.5]) by ietfa.amsl.com (Postfix) with ESMTP id 079611A0526 for <oauth@ietf.org>; Thu, 30 Jan 2014 19:33:29 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.promanage-inc.com (Postfix) with ESMTP id 38CDD364C147; Thu, 30 Jan 2014 19:33:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at promanage-inc.com
Received: from mail.promanage-inc.com ([127.0.0.1]) by localhost (greendome.promanage-inc.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DpyBrrfI9FEE; Thu, 30 Jan 2014 19:33:23 -0800 (PST)
Received: from [192.168.168.107] (unknown [192.168.168.107]) by mail.promanage-inc.com (Postfix) with ESMTPSA id CAFC1364C11D; Thu, 30 Jan 2014 19:33:21 -0800 (PST)
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
Content-Type: text/plain; charset=iso-8859-1
From: Eve Maler <eve@xmlgrrl.com>
In-Reply-To: <52E87DE4.1070000@gmx.net>
Date: Thu, 30 Jan 2014 19:33:20 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <7C4FBCAA-9B5E-4EFD-A2DD-D68F1F75EA7C@xmlgrrl.com>
References: <52E87DE4.1070000@gmx.net>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
X-Mailer: Apple Mail (2.1827)
Cc: "oauth@ietf.org list" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Dynamic Registration Plan: Your Feedback Needed!
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 03:33:32 -0000

Hi Hannes-- The UMA Core spec currently points directly to the basic =
dynamic client reg doc with MAY statements, and is agnostic as to usage =
of the higher-order functions. (These turn into optional interop feature =
tests.) So I think it's fair to say that the split has no structural =
problems from an UMA perspective.

	Eve

On 28 Jan 2014, at 8:04 PM, Hannes Tschofenig =
<hannes.tschofenig@gmx.net> wrote:

> Hi all,
>=20
> as you have seen from the meeting minutes of our recent status chat it
> is time to proceed with the dynamic client registration work.
>=20
> The earlier version of the dynamic client registration document was
> split into three parts, namely
>  (1) the current working group draft containing only minimal
> functionality,
>  (2) a document describing meta-data, and
>  (3) a document containing management functionality.
>=20
> This change was made as outcome of the discussions we had more or less
> over the last 9 months.
>=20
> The latter two documents are individual submissions at this point. New
> content is not available with the recent changes. So, it is one of =
those
> document management issues.
>=20
> I had a chat with Stephen about WG adoption of the two individual
> submissions as WG items. It was OK for him given that it is a purely
> document management action. However, before we turn the documents into
> WG items we need your feedback on a number of issues:
>=20
> 1) Do you have concerns with the document split? Do you object or
> approve it?
> 2) Is the separation of the functionality into these three documents
> correct? Should the line be drawn differently?
> 3) Do you have comments on the documents overall?
>=20
> We would like to receive high-level feedback within a week. We are =
also
> eager to hear from implementers and other projects using the dynamic
> client registration work (such as OpenID Connect, UMA, the
> BlueButton/GreenButton Initiative, etc.)
>=20
> For more detailed reviews please wait till we re-do the WGLC (which we
> plan to do soon). We have to restart the WGLC due to discussions last
> years and the resulting changes to these documents.
>=20
> Ciao
> Hannes & Derek
>=20
> PS: Derek and I also think that Phil should become co-auhor of these
> documents for his contributions.
>=20
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth


Eve Maler                                  http://www.xmlgrrl.com/blog
+1 425 345 6756                         http://www.twitter.com/xmlgrrl


From bcampbell@pingidentity.com  Fri Jan 31 08:58:51 2014
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E5321A1F7B for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 08:58:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.912
X-Spam-Level: 
X-Spam-Status: No, score=-2.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 47AqdKh1bH_0 for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 08:58:49 -0800 (PST)
Received: from na3sys009aog127.obsmtp.com (na3sys009aog127.obsmtp.com [74.125.149.107]) by ietfa.amsl.com (Postfix) with ESMTP id 699A11A1F65 for <oauth@ietf.org>; Fri, 31 Jan 2014 08:58:47 -0800 (PST)
Received: from mail-ig0-f179.google.com ([209.85.213.179]) (using TLSv1) by na3sys009aob127.postini.com ([74.125.148.12]) with SMTP ID DSNKUuvWQXd8cSt+pHnapVvbtrIjgWETjMr+@postini.com; Fri, 31 Jan 2014 08:58:44 PST
Received: by mail-ig0-f179.google.com with SMTP id c10so9870324igq.0 for <oauth@ietf.org>; Fri, 31 Jan 2014 08:58:32 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc :content-type; bh=xSDmWxFOX5EvkDyGUduv3L3OiOO+HseCvdOOGHqfcGU=; b=BvBjk9QHuygX+ZYCHkDxZkpew5It6+W/jP5p5IxvW5+L2HohW5dIPE2Pk9m0CsS8Wh SJRGFqmz9tYDOx3nKjqW1XeTa+YTDNmYXKM1XFKAXPpaoD2iRt7GRBXAMPLic8U7Omme be1jyJF30XuPWBiSeX8cuyjQubGVu4nQtF92kM4huDZrw/+m1HCSqlUIKEQsHph8lTI6 dsya99iSkzTAeYCCBlyy6JGaZLv+rbDG09EZRm+db2qCpPuMOimA4gv4/g1gW6nbX8Zc Lrl/5p3bFymLhlbm53ebHUMzMZre9+VBa+xcYFfNE2SsCnJBLq9QNj4+r8Z8xWvjECV0 dJ9A==
X-Gm-Message-State: ALoCoQkToT/d9Y3dWhoMmQ2nRj2krF5F8UyqQae8qR5cZdRQMPawU+dCJc8KNTLcVi3GWFldHFubHXTyatw6ONjp848xOhx3ZSuAA4lSOhQ4QQPTtKjvjviD9IZqtsCZ3jNyIag1au9VoCGSjpP4C/rwvybK1Eah7g==
X-Received: by 10.50.194.131 with SMTP id hw3mr20933845igc.4.1391187512171; Fri, 31 Jan 2014 08:58:32 -0800 (PST)
X-Received: by 10.50.194.131 with SMTP id hw3mr20933834igc.4.1391187512089; Fri, 31 Jan 2014 08:58:32 -0800 (PST)
MIME-Version: 1.0
Received: by 10.50.65.4 with HTTP; Fri, 31 Jan 2014 08:58:01 -0800 (PST)
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 31 Jan 2014 09:58:01 -0700
Message-ID: <CA+k3eCSNX43gFYUA8jGgFZ4Ri6nWQ=+R6Ru2j+v04r_2pZdQhA@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary=14dae9340f7979886204f1471580
Subject: [OAUTH-WG] Another question on RFC 7009
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 16:58:51 -0000

--14dae9340f7979886204f1471580
Content-Type: text/plain; charset=ISO-8859-1

Greetings WG,

In section 2.1 of RFC 7009, it says:

   "The authorization server first validates the client credentials (in
   case of a confidential client) and then verifies whether the token
   was issued to the client making the revocation request.  If this
   validation fails, the request is refused and the client is informed
   of the error by the authorization server as described below."

The only error described below is "unsupported_token_type" which doesn't
seem appropriate here. The errors in
http://tools.ietf.org/html/rfc6749#section-5.2 are referenced too and,
while "invalid_client" seems right for failed client authentication, what's
the intended way that the "request is refused and the client is informed of
the error" when the the token was not issued to the client making the
revocation request? None of the defined error codes seem to fit.

Furthermore, wouldn't it be better to go ahead and just revoke a token in
the case it's presented by the wrong client? I seem to recall some
discussion around this when 7009 was just a baby
draft-ietf-oauth-revocation and, while I don't recall the outcome, I was
surprised to look at the RFC again and see the text that is there.

These questions came to me by way of a developer working on implementing
the RFC. I didn't have good answers, beyond the prognostication herein, so
I thought I'd take the questions to the WG list and the document authors.

Thanks for any clarification,
Brian

--14dae9340f7979886204f1471580
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div><div><div><div><div>Greetings WG,<br><br>In section 2=
.1 of RFC 7009, it says:<br><br>=A0=A0 &quot;The authorization server first=
 validates the client credentials (in<br>=A0=A0 case of a confidential clie=
nt) and then verifies whether the token<br>

=A0=A0 was issued to the client making the revocation request.=A0 If this<b=
r>=A0=A0 validation fails, the request is refused and the client is informe=
d<br>=A0=A0 of the error by the authorization server as described below.&qu=
ot;<br><br>

</div>The only error described below is &quot;unsupported_token_type&quot; =
which doesn&#39;t seem appropriate here. The errors in <a href=3D"http://to=
ols.ietf.org/html/rfc6749#section-5.2">http://tools.ietf.org/html/rfc6749#s=
ection-5.2</a> are referenced too and, while &quot;invalid_client&quot; see=
ms right for failed client authentication, what&#39;s the intended way that=
 the &quot;request is refused and the client is informed of the error&quot;=
 when the the token was not issued to the client making the revocation requ=
est? None of the defined error codes seem to fit.<br>

<br></div>Furthermore, wouldn&#39;t it be better to go ahead and just revok=
e a token in the case it&#39;s presented by the wrong client? I seem to rec=
all some discussion around this when 7009 was just a baby draft-ietf-oauth-=
revocation and, while I don&#39;t recall the outcome, I was surprised to lo=
ok at the RFC again and see the text that is there.<br>

<br></div>These questions came to me by way of a developer working on imple=
menting the RFC. I didn&#39;t have good answers, beyond the prognostication=
 herein, so I thought I&#39;d take the questions to the WG list and the doc=
ument authors.<br>

<br></div>Thanks for any clarification,<br></div>Brian<br><div><div><div><b=
r><br></div></div></div></div>

--14dae9340f7979886204f1471580--

From lainhart@us.ibm.com  Fri Jan 31 09:06:31 2014
Return-Path: <lainhart@us.ibm.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A5051A1F4A for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 09:06:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.435
X-Spam-Level: 
X-Spam-Status: No, score=-7.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c5_jGQ5iDiO7 for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 09:06:29 -0800 (PST)
Received: from e7.ny.us.ibm.com (e7.ny.us.ibm.com [32.97.182.137]) by ietfa.amsl.com (Postfix) with ESMTP id E3F381A0459 for <oauth@ietf.org>; Fri, 31 Jan 2014 09:06:28 -0800 (PST)
Received: from /spool/local by e7.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for <oauth@ietf.org> from <lainhart@us.ibm.com>; Fri, 31 Jan 2014 12:06:25 -0500
Received: from d01dlp01.pok.ibm.com (9.56.250.166) by e7.ny.us.ibm.com (192.168.1.107) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;  Fri, 31 Jan 2014 12:06:23 -0500
Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by d01dlp01.pok.ibm.com (Postfix) with ESMTP id 5EDF938C8027; Fri, 31 Jan 2014 12:06:23 -0500 (EST)
Received: from d01av04.pok.ibm.com (d01av04.pok.ibm.com [9.56.224.64]) by b01cxnp22033.gho.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id s0VH6N1a6881654; Fri, 31 Jan 2014 17:06:23 GMT
Received: from d01av04.pok.ibm.com (localhost [127.0.0.1]) by d01av04.pok.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id s0VH6M0C019380; Fri, 31 Jan 2014 12:06:22 -0500
Received: from d01ml255.pok.ibm.com (d01ml255.pok.ibm.com [9.63.10.54]) by d01av04.pok.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id s0VH6LVJ019124; Fri, 31 Jan 2014 12:06:21 -0500
In-Reply-To: <CA+k3eCSNX43gFYUA8jGgFZ4Ri6nWQ=+R6Ru2j+v04r_2pZdQhA@mail.gmail.com>
References: <CA+k3eCSNX43gFYUA8jGgFZ4Ri6nWQ=+R6Ru2j+v04r_2pZdQhA@mail.gmail.com>
To: Brian Campbell <bcampbell@pingidentity.com>
MIME-Version: 1.0
X-KeepSent: DA940505:5D93BC11-85257C71:005DCB58; type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.5.3FP5 August 01, 2013
Message-ID: <OFDA940505.5D93BC11-ON85257C71.005DCB58-85257C71.005DF5C2@us.ibm.com>
From: Todd W Lainhart <lainhart@us.ibm.com>
Date: Fri, 31 Jan 2014 12:06:17 -0500
X-MIMETrack: Serialize by Router on D01ML255/01/M/IBM(Release 9.0.1IF1|November 26, 2013) at 01/31/2014 12:06:21, Serialize complete at 01/31/2014 12:06:21
Content-Type: multipart/alternative; boundary="=_alternative 005DF5C285257C71_="
X-TM-AS-MML: disable
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 14013117-5806-0000-0000-0000240764AE
Cc: oauth <oauth@ietf.org>, OAuth <oauth-bounces@ietf.org>
Subject: Re: [OAUTH-WG] Another question on RFC 7009
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 17:06:31 -0000

This is a multipart message in MIME format.
--=_alternative 005DF5C285257C71_=
Content-Type: text/plain; charset="US-ASCII"

> ...what's the intended way that the "request is refused and the client 
is informed of the error" when the the token was not issued to the client 
making the revocation request?

We return an error_code of "invalid_request" and an appropriate error 
message.





Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainhart@us.ibm.com




From:   Brian Campbell <bcampbell@pingidentity.com>
To:     oauth <oauth@ietf.org>, 
Date:   01/31/2014 11:58 AM
Subject:        [OAUTH-WG] Another question on RFC 7009
Sent by:        "OAuth" <oauth-bounces@ietf.org>



Greetings WG,

In section 2.1 of RFC 7009, it says:

   "The authorization server first validates the client credentials (in
   case of a confidential client) and then verifies whether the token
   was issued to the client making the revocation request.  If this
   validation fails, the request is refused and the client is informed
   of the error by the authorization server as described below."

The only error described below is "unsupported_token_type" which doesn't 
seem appropriate here. The errors in 
http://tools.ietf.org/html/rfc6749#section-5.2 are referenced too and, 
while "invalid_client" seems right for failed client authentication, 
what's the intended way that the "request is refused and the client is 
informed of the error" when the the token was not issued to the client 
making the revocation request? None of the defined error codes seem to 
fit.

Furthermore, wouldn't it be better to go ahead and just revoke a token in 
the case it's presented by the wrong client? I seem to recall some 
discussion around this when 7009 was just a baby 
draft-ietf-oauth-revocation and, while I don't recall the outcome, I was 
surprised to look at the RFC again and see the text that is there.

These questions came to me by way of a developer working on implementing 
the RFC. I didn't have good answers, beyond the prognostication herein, so 
I thought I'd take the questions to the WG list and the document authors.

Thanks for any clarification,
Brian

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


--=_alternative 005DF5C285257C71_=
Content-Type: text/html; charset="US-ASCII"

<font size=2 face="sans-serif">&gt; </font><font size=3>...what's the
intended way that the &quot;request is refused and the client is informed
of the error&quot; when the the token was not issued to the client making
the revocation request?</font>
<br>
<br><font size=2 face="sans-serif">We return an error_code of &quot;invalid_request&quot;
and an appropriate error message.<br>
</font>
<br>
<table width=223 style="border-collapse:collapse;">
<tr height=8>
<td width=223 bgcolor=white style="border-style:solid;border-color:#000000;border-width:0px 0px 0px 0px;padding:0px 0px;"><font size=1 face="Verdana"><b><br>
<br>
<br>
Todd Lainhart<br>
Rational software<br>
IBM Corporation<br>
550 King Street, Littleton, MA 01460-1250</b></font><font size=1 face="Arial"><b><br>
1-978-899-4705<br>
2-276-4705 (T/L)<br>
lainhart@us.ibm.com</b></font></table>
<br>
<br>
<br>
<br>
<br><font size=1 color=#5f5f5f face="sans-serif">From: &nbsp; &nbsp; &nbsp;
&nbsp;</font><font size=1 face="sans-serif">Brian Campbell &lt;bcampbell@pingidentity.com&gt;</font>
<br><font size=1 color=#5f5f5f face="sans-serif">To: &nbsp; &nbsp; &nbsp;
&nbsp;</font><font size=1 face="sans-serif">oauth &lt;oauth@ietf.org&gt;,
</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Date: &nbsp; &nbsp; &nbsp;
&nbsp;</font><font size=1 face="sans-serif">01/31/2014 11:58 AM</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Subject: &nbsp; &nbsp;
&nbsp; &nbsp;</font><font size=1 face="sans-serif">[OAUTH-WG] Another
question on RFC 7009</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Sent by: &nbsp; &nbsp;
&nbsp; &nbsp;</font><font size=1 face="sans-serif">&quot;OAuth&quot;
&lt;oauth-bounces@ietf.org&gt;</font>
<br>
<hr noshade>
<br>
<br>
<br><font size=3>Greetings WG,<br>
<br>
In section 2.1 of RFC 7009, it says:<br>
<br>
&nbsp;&nbsp; &quot;The authorization server first validates the client
credentials (in<br>
&nbsp;&nbsp; case of a confidential client) and then verifies whether the
token<br>
&nbsp;&nbsp; was issued to the client making the revocation request.&nbsp;
If this<br>
&nbsp;&nbsp; validation fails, the request is refused and the client is
informed<br>
&nbsp;&nbsp; of the error by the authorization server as described below.&quot;<br>
</font>
<br><font size=3>The only error described below is &quot;unsupported_token_type&quot;
which doesn't seem appropriate here. The errors in </font><a href="http://tools.ietf.org/html/rfc6749#section-5.2"><font size=3 color=blue><u>http://tools.ietf.org/html/rfc6749#section-5.2</u></font></a><font size=3>
are referenced too and, while &quot;invalid_client&quot; seems right for
failed client authentication, what's the intended way that the &quot;request
is refused and the client is informed of the error&quot; when the the token
was not issued to the client making the revocation request? None of the
defined error codes seem to fit.<br>
</font>
<br><font size=3>Furthermore, wouldn't it be better to go ahead and just
revoke a token in the case it's presented by the wrong client? I seem to
recall some discussion around this when 7009 was just a baby draft-ietf-oauth-revocation
and, while I don't recall the outcome, I was surprised to look at the RFC
again and see the text that is there.<br>
</font>
<br><font size=3>These questions came to me by way of a developer working
on implementing the RFC. I didn't have good answers, beyond the prognostication
herein, so I thought I'd take the questions to the WG list and the document
authors.<br>
</font>
<br><font size=3>Thanks for any clarification,</font>
<br><font size=3>Brian</font>
<br><font size=3><br>
</font><tt><font size=2>_______________________________________________<br>
OAuth mailing list<br>
OAuth@ietf.org<br>
</font></tt><a href=https://www.ietf.org/mailman/listinfo/oauth><tt><font size=2>https://www.ietf.org/mailman/listinfo/oauth</font></tt></a><tt><font size=2><br>
</font></tt>
<br>
--=_alternative 005DF5C285257C71_=--


From t.broyer@gmail.com  Fri Jan 31 10:19:46 2014
Return-Path: <t.broyer@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B0F11A042F; Fri, 31 Jan 2014 10:19:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level: 
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eO169z9PhpFv; Fri, 31 Jan 2014 10:19:44 -0800 (PST)
Received: from mail-lb0-x22b.google.com (mail-lb0-x22b.google.com [IPv6:2a00:1450:4010:c04::22b]) by ietfa.amsl.com (Postfix) with ESMTP id AA6391A046F; Fri, 31 Jan 2014 10:19:43 -0800 (PST)
Received: by mail-lb0-f171.google.com with SMTP id c11so3779754lbj.30 for <multiple recipients>; Fri, 31 Jan 2014 10:19:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=5gmK+6pAiGkobqi1mVUkHHiQ2xjAF4ElCAlLPD9dtSU=; b=VcXM+pbZTGsRUHCOvjmjzAVseD/KvkYiPS1aMAkuHxVyvP3/FbvQSfKnb2+PhswEY9 mmsWTlnxE97UqFwVQb5EorlmgNJdLSpORshjYiHtVRMGql8kBvhhEcmMRe9iuYc/Kor+ T7Tl8LMw8mbg7uUEXrZtN1fRzxN/2IuTq2sdt2pAikG8uhSbMhJtg4DyHex1LJyVV9Cy phxlyXtqPaa/z3RC/aB9tQAmYDqTWF+ABkOL+zjijLj3RKJvpZEq1ubgMUxo0736xp4V HA1kpS1wcij0npD9kNc/JZKMU6zUmWsLs9a06mBe5D7XzF7xiUXFBnEMIHuLwz9udCFg B4TA==
MIME-Version: 1.0
X-Received: by 10.152.19.200 with SMTP id h8mr50060lae.83.1391192379275; Fri, 31 Jan 2014 10:19:39 -0800 (PST)
Received: by 10.152.111.131 with HTTP; Fri, 31 Jan 2014 10:19:39 -0800 (PST)
Received: by 10.152.111.131 with HTTP; Fri, 31 Jan 2014 10:19:39 -0800 (PST)
In-Reply-To: <OFDA940505.5D93BC11-ON85257C71.005DCB58-85257C71.005DF5C2@us.ibm.com>
References: <CA+k3eCSNX43gFYUA8jGgFZ4Ri6nWQ=+R6Ru2j+v04r_2pZdQhA@mail.gmail.com> <OFDA940505.5D93BC11-ON85257C71.005DCB58-85257C71.005DF5C2@us.ibm.com>
Date: Fri, 31 Jan 2014 19:19:39 +0100
Message-ID: <CAEayHEPYp7YxYr77nLTqkR4Xh1eg9sjMkGczcHEBnqG6U5VboA@mail.gmail.com>
From: Thomas Broyer <t.broyer@gmail.com>
To: Todd W Lainhart <lainhart@us.ibm.com>
Content-Type: multipart/alternative; boundary=089e0149410a94beaa04f1483728
Cc: "<oauth@ietf.org>" <oauth@ietf.org>, OAuth <oauth-bounces@ietf.org>
Subject: Re: [OAUTH-WG] Another question on RFC 7009
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 18:19:46 -0000

--089e0149410a94beaa04f1483728
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

FWIW, we return unauthorized_client.
Le 31 janv. 2014 18:06, "Todd W Lainhart" <lainhart@us.ibm.com> a =C3=A9cri=
t :

> > ...what's the intended way that the "request is refused and the client
> is informed of the error" when the the token was not issued to the client
> making the revocation request?
>
> We return an error_code of "invalid_request" and an appropriate error
> message.
>
>
>
>
>
>
>
> * Todd Lainhart Rational software IBM Corporation 550 King Street,
> Littleton, MA 01460-1250*
>
>
> * 1-978-899-4705 <1-978-899-4705> 2-276-4705 (T/L) lainhart@us.ibm.com
> <lainhart@us.ibm.com>*
>
>
>
>
> From:        Brian Campbell <bcampbell@pingidentity.com>
> To:        oauth <oauth@ietf.org>,
> Date:        01/31/2014 11:58 AM
> Subject:        [OAUTH-WG] Another question on RFC 7009
> Sent by:        "OAuth" <oauth-bounces@ietf.org>
> ------------------------------
>
>
>
> Greetings WG,
>
> In section 2.1 of RFC 7009, it says:
>
>    "The authorization server first validates the client credentials (in
>    case of a confidential client) and then verifies whether the token
>    was issued to the client making the revocation request.  If this
>    validation fails, the request is refused and the client is informed
>    of the error by the authorization server as described below."
>
> The only error described below is "unsupported_token_type" which doesn't
> seem appropriate here. The errors in
> *http://tools.ietf.org/html/rfc6749#section-5.2*<http://tools.ietf.org/ht=
ml/rfc6749#section-5.2>are referenced too and, while "invalid_client" seems=
 right for failed
> client authentication, what's the intended way that the "request is refus=
ed
> and the client is informed of the error" when the the token was not issue=
d
> to the client making the revocation request? None of the defined error
> codes seem to fit.
>
> Furthermore, wouldn't it be better to go ahead and just revoke a token in
> the case it's presented by the wrong client? I seem to recall some
> discussion around this when 7009 was just a baby
> draft-ietf-oauth-revocation and, while I don't recall the outcome, I was
> surprised to look at the RFC again and see the text that is there.
>
> These questions came to me by way of a developer working on implementing
> the RFC. I didn't have good answers, beyond the prognostication herein, s=
o
> I thought I'd take the questions to the WG list and the document authors.
>
> Thanks for any clarification,
> Brian
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>

--089e0149410a94beaa04f1483728
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<p dir=3D"ltr">FWIW, we return unauthorized_client. </p>
<div class=3D"gmail_quote">Le 31 janv. 2014 18:06, &quot;Todd W Lainhart&qu=
ot; &lt;<a href=3D"mailto:lainhart@us.ibm.com">lainhart@us.ibm.com</a>&gt; =
a =C3=A9crit :<br type=3D"attribution"><blockquote class=3D"gmail_quote" st=
yle=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<font face=3D"sans-serif">&gt; </font><font size=3D"3">...what&#39;s the
intended way that the &quot;request is refused and the client is informed
of the error&quot; when the the token was not issued to the client making
the revocation request?</font>
<br>
<br><font face=3D"sans-serif">We return an error_code of &quot;invalid_requ=
est&quot;
and an appropriate error message.<br>
</font>
<br>
<table width=3D"223" style=3D"border-collapse:collapse">
<tr height=3D"8">
<td width=3D"223" bgcolor=3D"white" style=3D"border-style:solid;border-colo=
r:#000000;border-width:0px 0px 0px 0px;padding:0px 0px"><font size=3D"1" fa=
ce=3D"Verdana"><b><br>
<br>
<br>
Todd Lainhart<br>
Rational software<br>
IBM Corporation<br>
550 King Street, Littleton, MA 01460-1250</b></font><font size=3D"1" face=
=3D"Arial"><b><br>
<a href=3D"tel:1-978-899-4705" value=3D"+19788994705" target=3D"_blank">1-9=
78-899-4705</a><br>
2-276-4705 (T/L)<br>
<a href=3D"mailto:lainhart@us.ibm.com" target=3D"_blank">lainhart@us.ibm.co=
m</a></b></font></td></tr></table>
<br>
<br>
<br>
<br>
<br><font size=3D"1" color=3D"#5f5f5f" face=3D"sans-serif">From: =C2=A0 =C2=
=A0 =C2=A0
=C2=A0</font><font size=3D"1" face=3D"sans-serif">Brian Campbell &lt;<a hre=
f=3D"mailto:bcampbell@pingidentity.com" target=3D"_blank">bcampbell@pingide=
ntity.com</a>&gt;</font>
<br><font size=3D"1" color=3D"#5f5f5f" face=3D"sans-serif">To: =C2=A0 =C2=
=A0 =C2=A0
=C2=A0</font><font size=3D"1" face=3D"sans-serif">oauth &lt;<a href=3D"mail=
to:oauth@ietf.org" target=3D"_blank">oauth@ietf.org</a>&gt;,
</font>
<br><font size=3D"1" color=3D"#5f5f5f" face=3D"sans-serif">Date: =C2=A0 =C2=
=A0 =C2=A0
=C2=A0</font><font size=3D"1" face=3D"sans-serif">01/31/2014 11:58 AM</font=
>
<br><font size=3D"1" color=3D"#5f5f5f" face=3D"sans-serif">Subject: =C2=A0 =
=C2=A0
=C2=A0 =C2=A0</font><font size=3D"1" face=3D"sans-serif">[OAUTH-WG] Another
question on RFC 7009</font>
<br><font size=3D"1" color=3D"#5f5f5f" face=3D"sans-serif">Sent by: =C2=A0 =
=C2=A0
=C2=A0 =C2=A0</font><font size=3D"1" face=3D"sans-serif">&quot;OAuth&quot;
&lt;<a href=3D"mailto:oauth-bounces@ietf.org" target=3D"_blank">oauth-bounc=
es@ietf.org</a>&gt;</font>
<br>
<hr noshade>
<br>
<br>
<br><font size=3D"3">Greetings WG,<br>
<br>
In section 2.1 of RFC 7009, it says:<br>
<br>
=C2=A0=C2=A0 &quot;The authorization server first validates the client
credentials (in<br>
=C2=A0=C2=A0 case of a confidential client) and then verifies whether the
token<br>
=C2=A0=C2=A0 was issued to the client making the revocation request.=C2=A0
If this<br>
=C2=A0=C2=A0 validation fails, the request is refused and the client is
informed<br>
=C2=A0=C2=A0 of the error by the authorization server as described below.&q=
uot;<br>
</font>
<br><font size=3D"3">The only error described below is &quot;unsupported_to=
ken_type&quot;
which doesn&#39;t seem appropriate here. The errors in </font><a href=3D"ht=
tp://tools.ietf.org/html/rfc6749#section-5.2" target=3D"_blank"><font size=
=3D"3" color=3D"blue"><u>http://tools.ietf.org/html/rfc6749#section-5.2</u>=
</font></a><font size=3D"3">
are referenced too and, while &quot;invalid_client&quot; seems right for
failed client authentication, what&#39;s the intended way that the &quot;re=
quest
is refused and the client is informed of the error&quot; when the the token
was not issued to the client making the revocation request? None of the
defined error codes seem to fit.<br>
</font>
<br><font size=3D"3">Furthermore, wouldn&#39;t it be better to go ahead and=
 just
revoke a token in the case it&#39;s presented by the wrong client? I seem t=
o
recall some discussion around this when 7009 was just a baby draft-ietf-oau=
th-revocation
and, while I don&#39;t recall the outcome, I was surprised to look at the R=
FC
again and see the text that is there.<br>
</font>
<br><font size=3D"3">These questions came to me by way of a developer worki=
ng
on implementing the RFC. I didn&#39;t have good answers, beyond the prognos=
tication
herein, so I thought I&#39;d take the questions to the WG list and the docu=
ment
authors.<br>
</font>
<br><font size=3D"3">Thanks for any clarification,</font>
<br><font size=3D"3">Brian</font>
<br><font size=3D"3"><br>
</font><tt><font>_______________________________________________<br>
OAuth mailing list<br>
<a href=3D"mailto:OAuth@ietf.org" target=3D"_blank">OAuth@ietf.org</a><br>
</font></tt><a href=3D"https://www.ietf.org/mailman/listinfo/oauth" target=
=3D"_blank"><tt><font>https://www.ietf.org/mailman/listinfo/oauth</font></t=
t></a><tt><font><br>
</font></tt>
<br><br>_______________________________________________<br>
OAuth mailing list<br>
<a href=3D"mailto:OAuth@ietf.org">OAuth@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/oauth" target=3D"_blank">h=
ttps://www.ietf.org/mailman/listinfo/oauth</a><br>
<br></blockquote></div>

--089e0149410a94beaa04f1483728--

From hannes.tschofenig@gmx.net  Fri Jan 31 13:07:42 2014
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A1D61A03F5 for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 13:07:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.665
X-Spam-Level: 
X-Spam-Status: No, score=-1.665 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_WEB=0.77, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Yo7Y-uZRDxr for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 13:07:41 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) by ietfa.amsl.com (Postfix) with ESMTP id A928E1A03CC for <oauth@ietf.org>; Fri, 31 Jan 2014 13:07:40 -0800 (PST)
Received: from [192.168.10.207] ([212.95.7.40]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MAkkB-1VzDNE2WRn-00BrY6 for <oauth@ietf.org>; Fri, 31 Jan 2014 22:07:36 +0100
Message-ID: <52EC1093.7050102@gmx.net>
Date: Fri, 31 Jan 2014 21:07:31 +0000
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: oauth@ietf.org
X-Enigmail-Version: 1.5.2
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="VD7iuP0uk4pO72mDdagjr0rqqC2BnE5SO"
X-Provags-ID: V03:K0:+EMN0CQfe1TJULtrX3pSW25cuNFQBKCh9Fssrd+NBQxlxFBMUJq V0bD25R+qYpXETNxRgMzSK7YI67OKB/LgkK8YnTIO7VEQwBk6p9xTD5XmgXRwovmNAAxINl oiRWf5fK9nXmqpQAc5R+LMXBUr9x5seZd1Iq6vYuT6JhLQhbVzRGzH2IGrWTUKzQvOdoAE/ UYLbWl+JGxdeZWf3gBE8Q==
Subject: [OAUTH-WG] Shepherd Write-Ups for OAuth Assertion Framework and SAML Assertion Profile
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 21:07:42 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--VD7iuP0uk4pO72mDdagjr0rqqC2BnE5SO
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi all,

I have been working with the co-authors of these two documents to get
the shepherd write-ups written:
http://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/
http://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer/

The shepherd write-ups can be found here:
https://github.com/hannestschofenig/tschofenig-ids/tree/master/shepherd-w=
riteups

I am waiting for Yaron to make the IPR confirmation and for Brian to fix
a minor nit. Once I got those I will send them to Barry for review to
make sure he is happy with the documents.

Ciao
Hannes


--VD7iuP0uk4pO72mDdagjr0rqqC2BnE5SO
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCgAGBQJS7BCTAAoJEGhJURNOOiAtNHgH/Aq/IY0CXe0misLdSNNx/4n1
Tkumd04MvmuwUrMo5/oeZlZgm1j7T9cgjcNDggQghTOS64DPBiAw8iG+QE1/rSER
X28utAlTjhd5R9rojqI2oelzAaTbAiv9ewSbfmRPnKo1GimZELSRzygCKVATChh6
uGshWPLWtF3wA00PoOrv3Scnzn3XSfVaH2W8WBD46XjtLwMOd4oJAIUNWrCXsHLE
vT3z3xHCMbEG/uiEJaH0qrE9LW2tA0r/mnDRWb6q7cwv8cb0mUn3qWW533jYDW2r
m9yLYZzHPPyXbO0Y6irsK0JfoIPA/1xCCtiIOm60QKrImxFgNuuWRHj9muQBRcg=
=0TnJ
-----END PGP SIGNATURE-----

--VD7iuP0uk4pO72mDdagjr0rqqC2BnE5SO--

From internet-drafts@ietf.org  Fri Jan 31 14:49:51 2014
Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E8181A8028; Fri, 31 Jan 2014 14:49:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PZbCD_cQC39P; Fri, 31 Jan 2014 14:49:50 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B650D1A1F71; Fri, 31 Jan 2014 14:49:48 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 5.0.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140131224948.21866.68256.idtracker@ietfa.amsl.com>
Date: Fri, 31 Jan 2014 14:49:48 -0800
Cc: oauth@ietf.org
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-assertions-14.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 22:49:51 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Web Authorization Protocol Working Group of the IETF.

        Title           : Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants
        Authors         : Brian Campbell
                          Chuck Mortimore
                          Michael B. Jones
                          Yaron Y. Goland
	Filename        : draft-ietf-oauth-assertions-14.txt
	Pages           : 22
	Date            : 2014-01-31

Abstract:
   This specification provides a framework for the use of assertions
   with OAuth 2.0 in the form of a new client authentication mechanism
   and a new authorization grant type.  Mechanisms are specified for
   transporting assertions during interactions with a token endpoint, as
   well as general processing rules.

   The intent of this specification is to provide a common framework for
   OAuth 2.0 to interwork with other identity systems using assertions,
   and to provide alternative client authentication mechanisms.

   Note that this specification only defines abstract message flows and
   processing rules.  In order to be implementable, companion
   specifications are necessary to provide the corresponding concrete
   instantiations.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-oauth-assertions-14

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-assertions-14


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/


From bcampbell@pingidentity.com  Fri Jan 31 14:59:07 2014
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A76191AC7EE for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 14:59:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.912
X-Spam-Level: 
X-Spam-Status: No, score=-2.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pxgg_kDPQX1g for <oauth@ietfa.amsl.com>; Fri, 31 Jan 2014 14:59:05 -0800 (PST)
Received: from na3sys009aog109.obsmtp.com (na3sys009aog109.obsmtp.com [74.125.149.201]) by ietfa.amsl.com (Postfix) with ESMTP id B69271AC4C1 for <oauth@ietf.org>; Fri, 31 Jan 2014 14:59:04 -0800 (PST)
Received: from mail-ie0-f175.google.com ([209.85.223.175]) (using TLSv1) by na3sys009aob109.postini.com ([74.125.148.12]) with SMTP ID DSNKUuwqtN1gq1u1p9oSNMNG6mS8pSxwmbTO@postini.com; Fri, 31 Jan 2014 14:59:01 PST
Received: by mail-ie0-f175.google.com with SMTP id ar20so4721009iec.6 for <oauth@ietf.org>; Fri, 31 Jan 2014 14:58:57 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=Vph7i4ZWF9gKpkX3R0JjDWPSzVB2tfVOXtn1D30beCs=; b=GMraHm5BeIAte7AymEXQkggXaRdIaVN8U/EJoaFlBMoO4GGPcohnY4dHeEPrQfy9i0 NjNmumDLfTLyZ4/XuuHn9IRTbM2F1zpCgLIQAtWZOhQgVklCtO5tpDBj355OCpIVXZsl EwmsZ9au0H1xriRhX3+ODMreL4fcRj9bNq3FWwKIyVFImZVuLWs6QJdK+R3WZGtjks1T R9wXUYEUJCkml8CW2zPFhkrXu9WczlOQYk15wstQAvV3Cm5GBgDsSKFyi4m91nt0RHN9 4KU9lDlNO1f6nJw9K5FG9vlDpbjgkHRQHt7T6ydHiyPRRk1Yw+tTvsEanad5y4MgDDPT y32A==
X-Gm-Message-State: ALoCoQnmfHZ+OrCt3FH9B7fwK1uiMKPRDrnKSeotzQ+6LFvFa3Rd14zSBFPpN5hIpDP/W+0tmSJEyZNr/HERZA6H0Ab1Wxaj7MvHPpTmteUazp8nj06uGhpEzz/N1sxxjCWnMp/TiVO/QfueqOl4yxDQ1Qxz5brTkA==
X-Received: by 10.50.109.132 with SMTP id hs4mr970523igb.34.1391209137394; Fri, 31 Jan 2014 14:58:57 -0800 (PST)
X-Received: by 10.50.109.132 with SMTP id hs4mr970507igb.34.1391209137228; Fri, 31 Jan 2014 14:58:57 -0800 (PST)
MIME-Version: 1.0
Received: by 10.50.65.4 with HTTP; Fri, 31 Jan 2014 14:58:27 -0800 (PST)
In-Reply-To: <20140131224948.21866.68256.idtracker@ietfa.amsl.com>
References: <20140131224948.21866.68256.idtracker@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 31 Jan 2014 15:58:27 -0700
Message-ID: <CA+k3eCTsm5y0L-U533aWvcj3DS974=fsN0ja+6W6O8BnpavnuQ@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary=089e013a1d906eeb2904f14c1e7d
Subject: [OAUTH-WG] Fwd:  I-D Action: draft-ietf-oauth-assertions-14.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2014 22:59:07 -0000

--089e013a1d906eeb2904f14c1e7d
Content-Type: text/plain; charset=ISO-8859-1

Just updated a couple of references.

---------- Forwarded message ----------
From: <internet-drafts@ietf.org>
Date: Fri, Jan 31, 2014 at 3:49 PM
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-assertions-14.txt
To: i-d-announce@ietf.org
Cc: oauth@ietf.org



A New Internet-Draft is available from the on-line Internet-Drafts
directories.
 This draft is a work item of the Web Authorization Protocol Working Group
of the IETF.

        Title           : Assertion Framework for OAuth 2.0 Client
Authentication and Authorization Grants
        Authors         : Brian Campbell
                          Chuck Mortimore
                          Michael B. Jones
                          Yaron Y. Goland
        Filename        : draft-ietf-oauth-assertions-14.txt
        Pages           : 22
        Date            : 2014-01-31

Abstract:
   This specification provides a framework for the use of assertions
   with OAuth 2.0 in the form of a new client authentication mechanism
   and a new authorization grant type.  Mechanisms are specified for
   transporting assertions during interactions with a token endpoint, as
   well as general processing rules.

   The intent of this specification is to provide a common framework for
   OAuth 2.0 to interwork with other identity systems using assertions,
   and to provide alternative client authentication mechanisms.

   Note that this specification only defines abstract message flows and
   processing rules.  In order to be implementable, companion
   specifications are necessary to provide the corresponding concrete
   instantiations.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-oauth-assertions-14

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-assertions-14


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

--089e013a1d906eeb2904f14c1e7d
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Just updated a couple of references.<br><div><br><div clas=
s=3D"gmail_quote">---------- Forwarded message ----------<br>From: <b class=
=3D"gmail_sendername"></b> <span dir=3D"ltr">&lt;<a href=3D"mailto:internet=
-drafts@ietf.org">internet-drafts@ietf.org</a>&gt;</span><br>

Date: Fri, Jan 31, 2014 at 3:49 PM<br>Subject: [OAUTH-WG] I-D Action: draft=
-ietf-oauth-assertions-14.txt<br>To: <a href=3D"mailto:i-d-announce@ietf.or=
g">i-d-announce@ietf.org</a><br>Cc: <a href=3D"mailto:oauth@ietf.org">oauth=
@ietf.org</a><br>

<br><br><br>
A New Internet-Draft is available from the on-line Internet-Drafts director=
ies.<br>
=A0This draft is a work item of the Web Authorization Protocol Working Grou=
p of the IETF.<br>
<br>
=A0 =A0 =A0 =A0 Title =A0 =A0 =A0 =A0 =A0 : Assertion Framework for OAuth 2=
.0 Client Authentication and Authorization Grants<br>
=A0 =A0 =A0 =A0 Authors =A0 =A0 =A0 =A0 : Brian Campbell<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Chuck Mortimore<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Michael B. Jones<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Yaron Y. Goland<br>
=A0 =A0 =A0 =A0 Filename =A0 =A0 =A0 =A0: draft-ietf-oauth-assertions-14.tx=
t<br>
=A0 =A0 =A0 =A0 Pages =A0 =A0 =A0 =A0 =A0 : 22<br>
=A0 =A0 =A0 =A0 Date =A0 =A0 =A0 =A0 =A0 =A0: 2014-01-31<br>
<br>
Abstract:<br>
=A0 =A0This specification provides a framework for the use of assertions<br=
>
=A0 =A0with OAuth 2.0 in the form of a new client authentication mechanism<=
br>
=A0 =A0and a new authorization grant type. =A0Mechanisms are specified for<=
br>
=A0 =A0transporting assertions during interactions with a token endpoint, a=
s<br>
=A0 =A0well as general processing rules.<br>
<br>
=A0 =A0The intent of this specification is to provide a common framework fo=
r<br>
=A0 =A0OAuth 2.0 to interwork with other identity systems using assertions,=
<br>
=A0 =A0and to provide alternative client authentication mechanisms.<br>
<br>
=A0 =A0Note that this specification only defines abstract message flows and=
<br>
=A0 =A0processing rules. =A0In order to be implementable, companion<br>
=A0 =A0specifications are necessary to provide the corresponding concrete<b=
r>
=A0 =A0instantiations.<br>
<br>
<br>
The IETF datatracker status page for this draft is:<br>
<a href=3D"https://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/" t=
arget=3D"_blank">https://datatracker.ietf.org/doc/draft-ietf-oauth-assertio=
ns/</a><br>
<br>
There&#39;s also a htmlized version available at:<br>
<a href=3D"http://tools.ietf.org/html/draft-ietf-oauth-assertions-14" targe=
t=3D"_blank">http://tools.ietf.org/html/draft-ietf-oauth-assertions-14</a><=
br>
<br>
A diff from the previous version is available at:<br>
<a href=3D"http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-oauth-assertions-1=
4" target=3D"_blank">http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-oauth-as=
sertions-14</a><br>
<br>
<br>
Please note that it may take a couple of minutes from the time of submissio=
n<br>
until the htmlized version and diff are available at <a href=3D"http://tool=
s.ietf.org" target=3D"_blank">tools.ietf.org</a>.<br>
<br>
Internet-Drafts are also available by anonymous FTP at:<br>
<a href=3D"ftp://ftp.ietf.org/internet-drafts/" target=3D"_blank">ftp://ftp=
.ietf.org/internet-drafts/</a><br>
<br>
_______________________________________________<br>
OAuth mailing list<br>
<a href=3D"mailto:OAuth@ietf.org">OAuth@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/oauth" target=3D"_blank">h=
ttps://www.ietf.org/mailman/listinfo/oauth</a><br>
</div><br></div></div>

--089e013a1d906eeb2904f14c1e7d--