From leifj@mnt.se  Sun Mar  3 17:37:22 2013
Return-Path: <leifj@mnt.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBF3921F8871 for <scim@ietfa.amsl.com>; Sun,  3 Mar 2013 17:37:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1
X-Spam-Level: 
X-Spam-Status: No, score=-1 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KC8CnrL2NLS8 for <scim@ietfa.amsl.com>; Sun,  3 Mar 2013 17:37:21 -0800 (PST)
Received: from mail-pa0-f47.google.com (mail-pa0-f47.google.com [209.85.220.47]) by ietfa.amsl.com (Postfix) with ESMTP id 7ECB421F8846 for <scim@ietf.org>; Sun,  3 Mar 2013 17:37:18 -0800 (PST)
Received: by mail-pa0-f47.google.com with SMTP id bj3so2843721pad.20 for <scim@ietf.org>; Sun, 03 Mar 2013 17:37:18 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding:x-gm-message-state; bh=rLBGegxlZMA3V+qKUtbTRrAIPdcpaLtcdRDozIzsNWk=; b=FAYgEQluYgRtDw/+Hx6w9/BrOXqOb8CMr4wqQDF6wlJhBOp2vi5ZnEHOY6Z93HOmbH kSCIxpgVf9M3+imv+i/S+zhVE0fko8f+nicUZr7RwCd6/++Z0FlRO4MV3d4eKcpNPoUi 2MQOGJUW743RM4qFK6b25nFy6rwaz8tN4Vka/vt/IFdRfr48FAVLpYaj7XvzCe3CMDYV dVdgPiZaQVlLVPU54qEFFZqM68+T0r/LnEWHTjSldIPP39+Jt8LUtzfSFN2RI/GcRv8n t51qNJALIOyT9U9TbzwpDeGQdhCx4jMkLnAlxKjCxqQ1wLnbdlL93ITYFXYRmJJu23pU MSRQ==
X-Received: by 10.68.213.231 with SMTP id nv7mr26296443pbc.85.1362361038299; Sun, 03 Mar 2013 17:37:18 -0800 (PST)
Received: from ?IPv6:2001:2f8:200:1:e513:5ca4:242a:dfd2? ([2001:2f8:200:1:e513:5ca4:242a:dfd2]) by mx.google.com with ESMTPS id zv5sm20102014pab.2.2013.03.03.17.37.16 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 03 Mar 2013 17:37:17 -0800 (PST)
Message-ID: <5133FACB.8080308@mnt.se>
Date: Mon, 04 Mar 2013 02:37:15 +0100
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130221 Thunderbird/17.0.3
MIME-Version: 1.0
To: scim WG <scim@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Gm-Message-State: ALoCoQk+eBzz7qKr94Ev0be6OEbLwL/xaPZh8L76hqZFEGABXPxeE4jHfvmoPqnrDk/FjCa0qCtM
Subject: [scim] agenda for SCIM @ IETF86
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2013 01:37:22 -0000

Here is the draft agenda for our meeting next week:

- Note Well (1m)
- Agenda Bashing (5m)
- Search Extensions (Björn,15min)
- Paging Semantics (Phil,15min)
- Multi-tenency (Björn,15min)
- Schema (Kelly,15min)
- Tracker Issues & Open Mic (Kelly+Melinda,remaining time)

We're going to keep the presentations etc short to give enough time to
spend on tracker issues.

If you have something else that should go on the agenda please send
an email but note that we do want to spend as much time as possible
on open issues for our core documents so time for presenting unrelated
new material will be very limited.

        Cheers Leif & Morteza

From tonynad@microsoft.com  Mon Mar  4 09:14:53 2013
Return-Path: <tonynad@microsoft.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D78021F851F for <scim@ietfa.amsl.com>; Mon,  4 Mar 2013 09:14:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.533
X-Spam-Level: 
X-Spam-Status: No, score=0.533 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u89IlExHR2TO for <scim@ietfa.amsl.com>; Mon,  4 Mar 2013 09:14:49 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0209.outbound.protection.outlook.com [207.46.163.209]) by ietfa.amsl.com (Postfix) with ESMTP id 264AF21F8CB1 for <scim@ietf.org>; Mon,  4 Mar 2013 09:14:48 -0800 (PST)
Received: from BY2FFO11FD013.protection.gbl (10.1.15.203) by BY2FFO11HUB012.protection.gbl (10.1.14.83) with Microsoft SMTP Server (TLS) id 15.0.620.12; Mon, 4 Mar 2013 17:14:46 +0000
Received: from TK5EX14HUBC102.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD013.mail.protection.outlook.com (10.1.14.75) with Microsoft SMTP Server (TLS) id 15.0.620.12 via Frontend Transport; Mon, 4 Mar 2013 17:14:46 +0000
Received: from am1outboundpool.messaging.microsoft.com (157.54.51.113) by mail.microsoft.com (157.54.7.154) with Microsoft SMTP Server (TLS) id 14.2.318.3; Mon, 4 Mar 2013 17:14:19 +0000
Received: from mail31-am1-R.bigfish.com (10.3.201.229) by AM1EHSOBE023.bigfish.com (10.3.207.145) with Microsoft SMTP Server id 14.1.225.23; Mon, 4 Mar 2013 17:14:18 +0000
Received: from mail31-am1 (localhost [127.0.0.1])	by mail31-am1-R.bigfish.com (Postfix) with ESMTP id E3A08A0A05	for <scim@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Mon,  4 Mar 2013 17:14:18 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT001.namprd03.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: -17
X-BigFish: PS-17(zz9371Ic89bh542Izz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ah1082kzz1033IL17326ah8275dhz31h2a8h668h839h947hd24hf0ah1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h1ad9h1b0ah9a9j1155h)
Received-SPF: softfail (mail31-am1: transitioning domain of microsoft.com does not designate 157.56.240.21 as permitted sender) client-ip=157.56.240.21; envelope-from=tonynad@microsoft.com; helo=BL2PRD0310HT001.namprd03.prod.outlook.com ; .outlook.com ; 
X-Forefront-Antispam-Report-Untrusted: SFV:SKI; SFS:; DIR:OUT; SFP:; SCL:-1; SRVR:BY2PR03MB042; H:BY2PR03MB041.namprd03.prod.outlook.com; LANG:en; 
Received: from mail31-am1 (localhost.localdomain [127.0.0.1]) by mail31-am1 (MessageSwitch) id 1362417257371191_1277; Mon,  4 Mar 2013 17:14:17 +0000 (UTC)
Received: from AM1EHSMHS001.bigfish.com (unknown [10.3.201.236])	by mail31-am1.bigfish.com (Postfix) with ESMTP id 4E23A400085; Mon,  4 Mar 2013 17:14:17 +0000 (UTC)
Received: from BL2PRD0310HT001.namprd03.prod.outlook.com (157.56.240.21) by AM1EHSMHS001.bigfish.com (10.3.207.101) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 4 Mar 2013 17:14:15 +0000
Received: from BY2PR03MB042.namprd03.prod.outlook.com (10.255.241.146) by BL2PRD0310HT001.namprd03.prod.outlook.com (10.255.97.36) with Microsoft SMTP Server (TLS) id 14.16.275.5; Mon, 4 Mar 2013 17:14:15 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com (10.255.241.145) by BY2PR03MB042.namprd03.prod.outlook.com (10.255.241.146) with Microsoft SMTP Server (TLS) id 15.0.620.20; Mon, 4 Mar 2013 17:14:12 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com ([169.254.7.143]) by BY2PR03MB041.namprd03.prod.outlook.com ([169.254.7.231]) with mapi id 15.00.0620.020; Mon, 4 Mar 2013 17:14:12 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: Leif Johansson <leifj@mnt.se>, scim WG <scim@ietf.org>
Thread-Topic: [scim] agenda for SCIM @ IETF86
Thread-Index: AQHOGHjqiZrIiqcvlEeMzQNFF0yZKZiVxVGw
Date: Mon, 4 Mar 2013 17:14:12 +0000
Message-ID: <a6244e6de83744388ba4790c50a34eee@BY2PR03MB041.namprd03.prod.outlook.com>
References: <5133FACB.8080308@mnt.se>
In-Reply-To: <5133FACB.8080308@mnt.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.255.124.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BY2PR03MB042.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%MNT.SE$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC102.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC102.redmond.corp.microsoft.com
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(13464002)(377454001)(189002)(199002)(16676001)(47776003)(54316002)(74502001)(59766001)(53806001)(47736001)(77982001)(74662001)(76482001)(56776001)(5343655001)(44976002)(20776003)(69226001)(47976001)(46102001)(47446002)(23756002)(6806001)(63696002)(15202345001)(4396001)(51856001)(33646001)(80022001)(50466001)(31966008)(56816002)(50986001)(65816001)(49866001)(79102001)(54356001)(42262001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB012; H:TK5EX14HUBC102.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en; 
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0775716B9D
Subject: Re: [scim] agenda for SCIM @ IETF86
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2013 17:14:53 -0000

Would like 5 min to discuss a new draft that was submitted about a week ago=
 http://www.ietf.org/id/draft-wahl-scim-jit-profile-00.txt which is a profi=
le for just-in-time provisioning patterns in a protocol (i.e. SAML).

-----Original Message-----
From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Lei=
f Johansson
Sent: Sunday, March 3, 2013 5:37 PM
To: scim WG
Subject: [scim] agenda for SCIM @ IETF86


Here is the draft agenda for our meeting next week:

- Note Well (1m)
- Agenda Bashing (5m)
- Search Extensions (Bj=F6rn,15min)
- Paging Semantics (Phil,15min)
- Multi-tenency (Bj=F6rn,15min)
- Schema (Kelly,15min)
- Tracker Issues & Open Mic (Kelly+Melinda,remaining time)

We're going to keep the presentations etc short to give enough time to spen=
d on tracker issues.

If you have something else that should go on the agenda please send an emai=
l but note that we do want to spend as much time as possible on open issues=
 for our core documents so time for presenting unrelated new material will =
be very limited.

        Cheers Leif & Morteza
_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim




From leifj@mnt.se  Mon Mar  4 14:22:51 2013
Return-Path: <leifj@mnt.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD4C721F8904 for <scim@ietfa.amsl.com>; Mon,  4 Mar 2013 14:22:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qTEfzodEfKVl for <scim@ietfa.amsl.com>; Mon,  4 Mar 2013 14:22:51 -0800 (PST)
Received: from mail-pb0-f47.google.com (mail-pb0-f47.google.com [209.85.160.47]) by ietfa.amsl.com (Postfix) with ESMTP id 3760621F8A80 for <scim@ietf.org>; Mon,  4 Mar 2013 14:22:51 -0800 (PST)
Received: by mail-pb0-f47.google.com with SMTP id rp2so3495478pbb.6 for <scim@ietf.org>; Mon, 04 Mar 2013 14:22:50 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding :x-gm-message-state; bh=7rlka8AAoihx+rKJfUMQPmNGEnFhrCigdkMXfocfT9k=; b=XAUjKJUZU8Mn9MLpuapGTwSCjevmLLgZLQakfOot74mU8K9qMJi/jbXODM6f/xAlC4 p9FH70rQW6qKnxTdRWylRrKt0cS8V095XwydgIYV1PNam9Jl5kTMwuNXjU1ImPRXJJEw lYJFaOZ/+UCH8IxRzJvUAxGTz7Pu2TMDmkbtLsY68k4wkf/+HEwBsOgLF8xishY6rdTm jfJq+duR7UyCkCRHX5ANktG3BD0RzwMJRndxv9Nb7eD+OWFkX9sU2QL+L/uGsaiMjRnE 3kdxksEm4bSyHXRHaaW5XQPhvqt0mespbEf4tTlfP6CjcYbeqRNmnwxqYymMpZ0lvSP9 ZkHQ==
X-Received: by 10.68.25.138 with SMTP id c10mr31802775pbg.133.1362435770167; Mon, 04 Mar 2013 14:22:50 -0800 (PST)
Received: from [172.21.3.5] ([61.115.201.105]) by mx.google.com with ESMTPS id ti8sm4935971pbc.12.2013.03.04.14.22.48 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 04 Mar 2013 14:22:49 -0800 (PST)
Message-ID: <51351EB7.7040703@mnt.se>
Date: Mon, 04 Mar 2013 23:22:47 +0100
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130221 Thunderbird/17.0.3
MIME-Version: 1.0
To: scim@ietf.org
References: <5133FACB.8080308@mnt.se> <a6244e6de83744388ba4790c50a34eee@BY2PR03MB041.namprd03.prod.outlook.com>
In-Reply-To: <a6244e6de83744388ba4790c50a34eee@BY2PR03MB041.namprd03.prod.outlook.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Gm-Message-State: ALoCoQlYJL/JH7zK3qHo+6vuRL+gZIUBNdt/P+0Ks/wP7hYcpJLyUaSyNesH7+n1EWJotq8ohxj5
Subject: Re: [scim] agenda for SCIM @ IETF86
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2013 22:22:52 -0000

On 03/04/2013 06:14 PM, Anthony Nadalin wrote:
> Would like 5 min to discuss a new draft that was submitted about a week ago http://www.ietf.org/id/draft-wahl-scim-jit-profile-00.txt which is a profile for just-in-time provisioning patterns in a protocol (i.e. SAML).
>
Very good.



From mrutkows@us.ibm.com  Mon Mar  4 15:02:34 2013
Return-Path: <mrutkows@us.ibm.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2D2111E80A2 for <scim@ietfa.amsl.com>; Mon,  4 Mar 2013 15:02:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.998
X-Spam-Level: 
X-Spam-Status: No, score=-7.998 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x1C7gsoZ--SL for <scim@ietfa.amsl.com>; Mon,  4 Mar 2013 15:02:34 -0800 (PST)
Received: from e39.co.us.ibm.com (e39.co.us.ibm.com [32.97.110.160]) by ietfa.amsl.com (Postfix) with ESMTP id 08E1521F893D for <scim@ietf.org>; Mon,  4 Mar 2013 15:02:32 -0800 (PST)
Received: from /spool/local by e39.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for <scim@ietf.org> from <mrutkows@us.ibm.com>; Mon, 4 Mar 2013 16:02:31 -0700
Received: from d03dlp02.boulder.ibm.com (9.17.202.178) by e39.co.us.ibm.com (192.168.1.139) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;  Mon, 4 Mar 2013 16:02:29 -0700
Received: from d03relay02.boulder.ibm.com (d03relay02.boulder.ibm.com [9.17.195.227]) by d03dlp02.boulder.ibm.com (Postfix) with ESMTP id 4A4993E40055 for <scim@ietf.org>; Mon,  4 Mar 2013 16:02:18 -0700 (MST)
Received: from d03av02.boulder.ibm.com (d03av02.boulder.ibm.com [9.17.195.168]) by d03relay02.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id r24N2Epw053694 for <scim@ietf.org>; Mon, 4 Mar 2013 16:02:22 -0700
Received: from d03av02.boulder.ibm.com (loopback [127.0.0.1]) by d03av02.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id r24N2EaP012304 for <scim@ietf.org>; Mon, 4 Mar 2013 16:02:14 -0700
Received: from d03nm133.boulder.ibm.com (d03nm133.boulder.ibm.com [9.63.34.21]) by d03av02.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id r24N2B6k011765 for <scim@ietf.org>; Mon, 4 Mar 2013 16:02:11 -0700
Auto-Submitted: auto-generated
From: Matt Rutkowski <mrutkows@us.ibm.com>
To: scim@ietf.org
Message-ID: <OF8A6350B6.D677F845-ON87257B24.007E8613-87257B24.007E8614@us.ibm.com>
Date: Mon, 4 Mar 2013 16:01:58 -0700
X-MIMETrack: Serialize by Router on D03NM133/03/M/IBM(Release 8.5.3FP2 ZX853FP2HF4|December 14, 2012) at 03/04/2013 04:02:11 PM
MIME-Version: 1.0
Content-type: multipart/alternative;  Boundary="0__=08BBF1B7DFED00838f9e8a93df938690918c08BBF1B7DFED0083"
Content-Disposition: inline
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 13030423-3620-0000-0000-000001780F55
Subject: [scim] AUTO: Matt Rutkowski/Austin/IBM is travelling (returning 03/08/2013)
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2013 23:02:34 -0000

--0__=08BBF1B7DFED00838f9e8a93df938690918c08BBF1B7DFED0083
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: quoted-printable



I am out of the office until 03/08/2013.

I will be travelling to the IBM Pulse 2013 conference and unable to che=
ck
my emails until late evenings or early mornings while attending.


Note: This is an automated response to your message  "scim Digest, Vol =
15,
Issue 1" sent on 03/04/2013 1:00:16 PM.

This is the only notification you will receive while this person is awa=
y.=

--0__=08BBF1B7DFED00838f9e8a93df938690918c08BBF1B7DFED0083
Content-type: text/html; charset=US-ASCII
Content-Disposition: inline
Content-transfer-encoding: quoted-printable

<html><body>
<p><font size=3D"1" face=3D"sans-serif">I am out of the office until 03=
/08/2013.<br>
</font><font size=3D"1" face=3D"sans-serif"><br>
</font><font size=3D"1" face=3D"sans-serif">I will be travelling to the=
 IBM Pulse 2013 conference and unable to check my emails until late eve=
nings or early mornings while attending.<br>
</font><font size=3D"1" face=3D"sans-serif"><br>
</font><font size=3D"1" face=3D"sans-serif"><br>
</font><font size=3D"1" color=3D"#808080" face=3D"sans-serif">Note: Thi=
s is an automated response to your message &nbsp;</font><font size=3D"1=
" face=3D"sans-serif"><b>&quot;scim Digest, Vol 15, Issue 1&quot;</b></=
font><font size=3D"1" color=3D"#808080" face=3D"sans-serif">&nbsp;sent =
on </font><font size=3D"1" face=3D"sans-serif"><b>03/04/2013 1:00:16 PM=
</b></font><font size=3D"1" color=3D"#808080" face=3D"sans-serif">. <br=
>
</font><font size=3D"1" color=3D"#808080" face=3D"sans-serif"><br>
</font><font size=3D"1" color=3D"#808080" face=3D"sans-serif">This is t=
he only notification you will receive while this person is away.</font>=
</body></html>=

--0__=08BBF1B7DFED00838f9e8a93df938690918c08BBF1B7DFED0083--


From phil.hunt@oracle.com  Tue Mar  5 21:23:54 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8360321F84EF for <scim@ietfa.amsl.com>; Tue,  5 Mar 2013 21:23:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YiE8U-nNlkg5 for <scim@ietfa.amsl.com>; Tue,  5 Mar 2013 21:23:53 -0800 (PST)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id A84AF21F84D6 for <scim@ietf.org>; Tue,  5 Mar 2013 21:23:53 -0800 (PST)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r265Nqts012383 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <scim@ietf.org>; Wed, 6 Mar 2013 05:23:53 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r265NqLC026706 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <scim@ietf.org>; Wed, 6 Mar 2013 05:23:52 GMT
Received: from abhmt115.oracle.com (abhmt115.oracle.com [141.146.116.67]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r265NqmM010545 for <scim@ietf.org>; Tue, 5 Mar 2013 23:23:52 -0600
Received: from [192.168.1.14] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 05 Mar 2013 21:23:51 -0800
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Tue, 5 Mar 2013 21:23:28 -0800
Message-Id: <40CEDD99-8B81-4AF2-BCB7-CA34EB25FAEF@oracle.com>
To: "scim@ietf.org WG" <scim@ietf.org>
Mime-Version: 1.0 (Apple Message framework v1283)
X-Mailer: Apple Mail (2.1283)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Subject: [scim] Proposed search enhancements posted to tickets 25,29
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2013 05:23:54 -0000

Folks,

I have put some proposed search enhancements on Ticket 25 and 29.=20
=
http://trac.tools.ietf.org/wg/scim/trac/raw-attachment/ticket/25/draft-sci=
m-api-01-diff.html
http://trac.tools.ietf.org/wg/scim/trac/ticket/25
 =20
Supported is ability to search for multiple resource types from the root =
and the ability to perform searches using POST.

Some other todos left to determine:

*  How is paging best handled (total counts, performance issues with =
very large result sets)
*  How to handle resourceTypes within the core schema spec.

Obviously there are more tweaks to go, but wanted to keep the group =
informed on progress.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com






From stpeter@stpeter.im  Wed Mar  6 10:01:38 2013
Return-Path: <stpeter@stpeter.im>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB70021F8606 for <scim@ietfa.amsl.com>; Wed,  6 Mar 2013 10:01:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.56
X-Spam-Level: 
X-Spam-Status: No, score=-101.56 tagged_above=-999 required=5 tests=[AWL=-1.038, BAYES_00=-2.599, SUBJ_ALL_CAPS=2.077, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KIU-sbKQzZg5 for <scim@ietfa.amsl.com>; Wed,  6 Mar 2013 10:01:34 -0800 (PST)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id C359C21F87A4 for <scim@ietf.org>; Wed,  6 Mar 2013 10:01:31 -0800 (PST)
Received: from [10.129.24.65] (unknown [128.107.239.234]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id C7E114004E; Wed,  6 Mar 2013 11:09:44 -0700 (MST)
Message-ID: <5137847B.4020100@stpeter.im>
Date: Wed, 06 Mar 2013 11:01:31 -0700
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130216 Thunderbird/17.0.3
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
X-Enigmail-Version: 1.5
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>
Subject: [scim] JCARDCAL WG
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2013 18:01:39 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks, in case you missed it, we've formed a JCARDCAL Working Group to
define JSON representations of both vCard and iCalendar information:

https://datatracker.ietf.org/wg/jcardcal/charter/

Given past discussions in the SCIM WG, I figure that some people here
might be interested in this initiative. If so, please join the
jcardcal@ietf.org mailing list:

https://www.ietf.org/mailman/listinfo/jcardcal

The working group aims to complete its work in the next few months, so
your timely participation would be very much appreciated. :-)

Thanks!

Peter, co-chair

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJRN4R5AAoJEOoGpJErxa2p4eAP/RgetPkT8dMqx6KRSA7UMQPb
57tYF3rhXu6342dRslo8VfSVRz5SiuYqjYKMJiSIDmu/M7dmD5LnpIyOwbyCs20/
O164fOxNW+6GhrnZJVM7ISI7pZqJn9jCrL3z1gAk6jQCPTmkGp+duATNCOP7IEzU
Dvf2OvmKIbWu8ayKRHUdRJXTz/KcSbVxDEjKZweeUacUy4HNvs5P2qPBJSlJGAFm
ZFWnZ1xukFq3dIQpG1UE1hvopklYQQkUnkBiwo7dnSIvOKLtuJLKIX9ZToGJtrPI
kQpTis0Yne7LW7yGIEncJ8a0K6IclC624QIj0gngDwuyfP5wIlVwBjtv/tF2OVp/
Z0W10GhF0O9ig8091JSbwD1oGDdQUVg6yenEZRvELtiedrIb3DDsebA1p2yzYHBT
aNBLJhaIq+tLcEIfUlLSNxOJPlakYTg8cl/svu58+z8B0UbzsOuVsuSwLO/V9bXj
LAAFlgvIW2k2UmE59ahpMJN/Gm3DqNpiDy0oVpWtY0EFNY/iUEU7oL+HEqwOOuuy
LEqNZvmvMY1tPbsLNyyRtzL65SL9WGIxOb7n0DidSCvjGtGBsjZVp+rLlv3k3z1Y
GpzNp6ND9efv+NRkn64EWN19mCPvgkcrwB4mm5bQ0BcXgUpqKeY/bAsSjnVMZIZz
1L4ZPzzG2tdW5Pe+A1mp
=pupW
-----END PGP SIGNATURE-----

From bjorn.aannestad@unboundid.com  Thu Mar  7 16:00:46 2013
Return-Path: <bjorn.aannestad@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E23B21F8696 for <scim@ietfa.amsl.com>; Thu,  7 Mar 2013 16:00:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.226
X-Spam-Level: 
X-Spam-Status: No, score=0.226 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HOST_EQ_STATIC=1.172]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YzqAHD+yPQPI for <scim@ietfa.amsl.com>; Thu,  7 Mar 2013 16:00:45 -0800 (PST)
Received: from mail-ob0-x22f.google.com (mail-ob0-x22f.google.com [IPv6:2607:f8b0:4003:c01::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 9EF7521F8691 for <scim@ietf.org>; Thu,  7 Mar 2013 16:00:45 -0800 (PST)
Received: by mail-ob0-f175.google.com with SMTP id uz6so870623obc.34 for <scim@ietf.org>; Thu, 07 Mar 2013 16:00:45 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding:x-gm-message-state; bh=1uyrAukhkscsQAeFxZYpFHzTT0Ey7yhxGe04kl11j6o=; b=hgWrB9P7ep6dzB57/4zJkdUTKkrFu7PI01xoM9LAY4QCbZ7WIDcPxVKoqH/yoJIYSx eDXF3UHEGJpWqkDCnc9ZDXhagqtnJRuikEuUL4TpofntXPBgkzjxUCm4+Qsa4NKTZQRb 5SzWY8jRiIR6o/CXbYFApEgYIlIczu6TV48uD+rfXQxXMHLjkW6J62KIlrIv6XRV20/H ftQSr4a1QEGulOdCP9l08Kob9f3ANKOckYV7Vq1PKHoWOc1cIjXJzTxov2bkZ2dD9GfM UbpE91FPrXUjmFwgEq6ZjexGzPSOelkV8+7fdj3B3FBLsJBnkTjGsE4IKQpcZOFzAasv zK2w==
X-Received: by 10.182.222.101 with SMTP id ql5mr120154obc.55.1362700845156; Thu, 07 Mar 2013 16:00:45 -0800 (PST)
Received: from [10.8.1.116] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id i19sm3386965obf.0.2013.03.07.16.00.41 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 07 Mar 2013 16:00:42 -0800 (PST)
Message-ID: <51392A29.2060706@unboundid.com>
Date: Thu, 07 Mar 2013 18:00:41 -0600
From: Bjorn Aannestad <bjorn.aannestad@unboundid.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130215 Thunderbird/17.0.3
MIME-Version: 1.0
To: "scim@ietf.org" <scim@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Gm-Message-State: ALoCoQlL5zGhpBVpTIDgI6WOGY8WJ9hnqIfuVLC73InJnPyhZW6+9P/qFH6gPMCeJa+a7Y3nd8uX
Subject: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2013 00:00:46 -0000

Hi all,

The informal design group has drafted a new section for the core SCIM 
spec.  This is in response to the Tracker ticket #28, about clarifying 
the stance with respect to multi-tenancy.

It is not a full treatment of multi-tenancy.  Rather, it is intended to 
provide guidance.

http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comment:7

(Note that the ticket has grown long with earlier versions of the text.  
Comment #7 is the one that is being put forth as the starting point for 
the full Working Group to comment on).

This item is on the Agenda for Orlando next week.  Let the discussions 
begin!

-Bjorn Aannestad
UnboundId


From kelly.grizzle@sailpoint.com  Tue Mar 12 21:27:19 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EE9911E8148 for <scim@ietfa.amsl.com>; Tue, 12 Mar 2013 21:27:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level: 
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X4Oryy-pmChg for <scim@ietfa.amsl.com>; Tue, 12 Mar 2013 21:27:18 -0700 (PDT)
Received: from co9outboundpool.messaging.microsoft.com (co9ehsobe003.messaging.microsoft.com [207.46.163.26]) by ietfa.amsl.com (Postfix) with ESMTP id 7498F11E80E1 for <scim@ietf.org>; Tue, 12 Mar 2013 21:27:18 -0700 (PDT)
Received: from mail93-co9-R.bigfish.com (10.236.132.235) by CO9EHSOBE022.bigfish.com (10.236.130.85) with Microsoft SMTP Server id 14.1.225.23; Wed, 13 Mar 2013 04:27:17 +0000
Received: from mail93-co9 (localhost [127.0.0.1])	by mail93-co9-R.bigfish.com (Postfix) with ESMTP id BCC2E6601A3	for <scim@ietf.org>; Wed, 13 Mar 2013 04:27:17 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT004.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -31
X-BigFish: PS-31(zzc85fh8a5Szz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz18de19h1033IL17326ah8275dh18c673h8275bhz31h2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1155h)
Received-SPF: softfail (mail93-co9: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT004.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail93-co9 (localhost.localdomain [127.0.0.1]) by mail93-co9 (MessageSwitch) id 1363148835327848_27939; Wed, 13 Mar 2013 04:27:15 +0000 (UTC)
Received: from CO9EHSMHS024.bigfish.com (unknown [10.236.132.242])	by mail93-co9.bigfish.com (Postfix) with ESMTP id 43C4164005E	for <scim@ietf.org>; Wed, 13 Mar 2013 04:27:15 +0000 (UTC)
Received: from BLUPRD0412HT004.namprd04.prod.outlook.com (132.245.1.133) by CO9EHSMHS024.bigfish.com (10.236.130.34) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 13 Mar 2013 04:27:14 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.238]) by BLUPRD0412HT004.namprd04.prod.outlook.com ([10.255.214.165]) with mapi id 14.16.0275.006; Wed, 13 Mar 2013 04:27:12 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: "scim@ietf.org" <scim@ietf.org>
Thread-Topic: Please review before the WG meeting
Thread-Index: Ac4fog2Ro6O/BIplRMW0m3GUyNRM2g==
Date: Wed, 13 Mar 2013 04:27:11 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C37BCF3@BLUPRD0412MB643.namprd04.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 8E31B5D2003E8A8E31B71F
x-originating-ip: [72.182.10.254]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34375C37BCF3BLUPRD0412MB643_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Subject: [scim] Please review before the WG meeting
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 04:27:19 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34375C37BCF3BLUPRD0412MB643_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

The design team has been discussing and working on some of the larger issue=
s.  Please review the following recommendations prior to the WG meeting and=
 come ready to comment.  As always, healthy discussion on this mailing list=
 is also highly encouraged.

Searching across resource types (issue #25) and non-URL based search (issue=
 #29).  View the proposed changes here: http://trac.tools.ietf.org/wg/scim/=
trac/raw-attachment/ticket/25/draft-scim-api-01-diff.html.

Multi-tenancy (issue #28).  View the proposed text here: http://trac.tools.=
ietf.org/wg/scim/trac/ticket/28#comment:7.

Schema reference support (issue #33).  View the proposed changes here: http=
://trac.tools.ietf.org/wg/scim/trac/attachment/ticket/33/issue33.patch.


Other interesting information:

JIT profile for SCIM.  Read the draft here: http://www.ietf.org/id/draft-wa=
hl-scim-jit-profile-00.txt.


Issues that need discussion:

Issue #31: Support for consistent paged results - http://trac.tools.ietf.or=
g/wg/scim/trac/ticket/31
Issue #38: Clarify the schema extension model - http://trac.tools.ietf.org/=
wg/scim/trac/ticket/38
Others?

--Kelly

--_000_56C3C758F9D6534CA3778EAA1E0C34375C37BCF3BLUPRD0412MB643_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal">The design team has been discussing and working on s=
ome of the larger issues.&nbsp; Please review the following recommendations=
 prior to the WG meeting and come ready to comment.&nbsp; As always, health=
y discussion on this mailing list is also highly
 encouraged.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Searching across resource types (issue #25) and non-=
URL based search (issue #29).&nbsp; View the proposed changes here:
<a href=3D"http://trac.tools.ietf.org/wg/scim/trac/raw-attachment/ticket/25=
/draft-scim-api-01-diff.html">
http://trac.tools.ietf.org/wg/scim/trac/raw-attachment/ticket/25/draft-scim=
-api-01-diff.html</a>.
<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Multi-tenancy (issue #28).&nbsp; View the proposed t=
ext here: <a href=3D"http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comm=
ent:7">
http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comment:7</a>. <o:p></o:p=
></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Schema reference support (issue #33).&nbsp; View the=
 proposed changes here:
<a href=3D"http://trac.tools.ietf.org/wg/scim/trac/attachment/ticket/33/iss=
ue33.patch">
http://trac.tools.ietf.org/wg/scim/trac/attachment/ticket/33/issue33.patch<=
/a>. <o:p>
</o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Other interesting information:<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">JIT profile for SCIM.&nbsp; Read the draft here: <a =
href=3D"http://www.ietf.org/id/draft-wahl-scim-jit-profile-00.txt">
http://www.ietf.org/id/draft-wahl-scim-jit-profile-00.txt</a>. <o:p></o:p><=
/p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Issues that need discussion:<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Issue #31: Support for consistent paged results - <a=
 href=3D"http://trac.tools.ietf.org/wg/scim/trac/ticket/31">
http://trac.tools.ietf.org/wg/scim/trac/ticket/31</a> <o:p></o:p></p>
<p class=3D"MsoNormal">Issue #38: Clarify the schema extension model - <a h=
ref=3D"http://trac.tools.ietf.org/wg/scim/trac/ticket/38">
http://trac.tools.ietf.org/wg/scim/trac/ticket/38</a> <o:p></o:p></p>
<p class=3D"MsoNormal">Others?<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">--Kelly<o:p></o:p></p>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34375C37BCF3BLUPRD0412MB643_--

From randomshelley@gmail.com  Wed Mar 13 09:15:42 2013
Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C719321F8CD8 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 09:15:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a5xZCVK8pN9i for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 09:15:42 -0700 (PDT)
Received: from mail-ie0-x232.google.com (mail-ie0-x232.google.com [IPv6:2607:f8b0:4001:c03::232]) by ietfa.amsl.com (Postfix) with ESMTP id 1D7C121F8DEA for <scim@ietf.org>; Wed, 13 Mar 2013 09:15:42 -0700 (PDT)
Received: by mail-ie0-f178.google.com with SMTP id c13so1659059ieb.37 for <scim@ietf.org>; Wed, 13 Mar 2013 09:15:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=g7O58bSA+m91w9HbR3O6SirA4OaW5OsYm5q1p68MH/8=; b=aAeQ9Z4XFeYqBhSNtdvlvEW+EcsgcpFVrowPj4d+v3S7mCwIRBmeZTwQ4mzQ5B1Ocq exTN8L/PewNV947zQon1qn+gLY67JBdtQlOIKnPlQbXhZU9N8cNRcsmkQhegPMH92ID0 8GjgcRG43kWxwM5Szb/wnerRFm/XTFV4RD3OSn9Jr98ykQv58xpBSwFTcsfNdhFAotFW yOxbwk+AKZQYuubkvXm7xhk+8xc5ICYJ8qPQl1lhl7uypNNghSl1OXAkEfvGwxSX/uyG c8TvXHVPOOttkSlvmVj+00R1Zr5kxOyxf4LTNAH3z+sr3E2CHZqMNGJDBj8A8Y7sKphI qwTg==
MIME-Version: 1.0
X-Received: by 10.50.42.168 with SMTP id p8mr16971612igl.106.1363191341695; Wed, 13 Mar 2013 09:15:41 -0700 (PDT)
Received: by 10.64.126.65 with HTTP; Wed, 13 Mar 2013 09:15:41 -0700 (PDT)
Date: Wed, 13 Mar 2013 11:15:41 -0500
Message-ID: <CAGUsYPxgWHP0ofxiORy0pg7S2J-nB+yLSTqKBjvnDT+Wcmc1_A@mail.gmail.com>
From: Shelley <randomshelley@gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary=14dae934108daf179c04d7d0b7e5
Subject: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 16:15:42 -0000

--14dae934108daf179c04d7d0b7e5
Content-Type: text/plain; charset=ISO-8859-1

Regarding the following text from the proposed text for multi-tenancy [1]:

 In any Multi-Tenant Implementation:
>
>    - The SCIM id, defined by the Service Provider, MUST be unique across
>    all Resources for all Tenants
>
>
In HTTP/REST, typically the URL in its entirety serves as the global
identifier for a resource. What are the reasons for imposing such
restrictions on SCIM resource identifiers to be globally unique? SCIM
resources are already relative to a resource and tenant, and MUST be unique
within that context, but it's unclear to me why IDs must be unique beyond
that scope.

*Re: Unique across all Tenants*

In particular, for service providers that use a URL prefix or subdomain to
represent multi-tenancy, the SCIM resource is scoped to the tenant and
therefore the ID is relative to that tenant and unique within that context.
e.g. /Tenants/abc/Users/123 and /Tenants/xyz/Users/123 should be acceptable
as it represents different resources, each relative to its corresponding
tenant.

Technically, this limitation might need to be imposed upon service
providers that use HTTP Headers since the resource identifier (URL) is not
scoped to a tenant; however, this should not be imposed on providers that
use URL-based tenancy.
*
Re: Unique across all Resources*

Likewise, why is this restriction imposed? Resource identifiers are
relative to a SCIM resource endpoint. e.g. /Users/123 and /Groups/123
should be acceptable, since each represents a different resource type.

[1] http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comment:7

--14dae934108daf179c04d7d0b7e5
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Regarding the following text from the proposed text for multi-tenancy [1]:<=
br><br><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid =
rgb(204,204,204);padding-left:1ex" class=3D"gmail_quote">=A0In any Multi-Te=
nant Implementation:<br>
<ul><li>The SCIM id, defined by the Service Provider, MUST be unique across=
 all Resources for all Tenants </li></ul></blockquote><br>In HTTP/REST, typ=
ically the URL in its entirety serves as the global identifier for a resour=
ce. What are the reasons for imposing such restrictions on SCIM resource id=
entifiers to be globally unique? SCIM resources are already relative to a r=
esource and tenant, and MUST be unique within that context, but it&#39;s un=
clear to me why IDs must be unique beyond that scope.<br>
<br><b>Re: Unique across all Tenants</b><br><br>In particular, for service =
providers that use a URL prefix or subdomain to represent multi-tenancy, th=
e SCIM resource is scoped to the tenant and therefore the ID is relative to=
 that tenant and unique within that context. e.g. /Tenants/abc/Users/123 an=
d /Tenants/xyz/Users/123 should be acceptable as it represents different re=
sources, each relative to its corresponding tenant.<br>
<br>Technically, this limitation might need to be imposed upon service prov=
iders that use HTTP Headers since the resource identifier (URL) is not scop=
ed to a tenant; however, this should not be imposed on providers that use U=
RL-based tenancy.<br>
<b><br>Re: Unique across all Resources</b><br><br>Likewise, why is this res=
triction imposed? Resource identifiers are relative to a SCIM resource endp=
oint. e.g. /Users/123 and /Groups/123 should be acceptable, since each repr=
esents a different resource type.<br>
<br>[1] <a href=3D"http://trac.tools.ietf.org/wg/scim/trac/ticket/28#commen=
t:7">http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comment:7</a>

--14dae934108daf179c04d7d0b7e5--

From bjorn.aannestad@unboundid.com  Wed Mar 13 10:31:48 2013
Return-Path: <bjorn.aannestad@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3341C21F8E06 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 10:31:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.226
X-Spam-Level: 
X-Spam-Status: No, score=0.226 tagged_above=-999 required=5 tests=[AWL=-0.001,  BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888,  HOST_EQ_STATIC=1.172, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XerWD5jftZ9R for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 10:31:47 -0700 (PDT)
Received: from mail-ob0-x231.google.com (mail-ob0-x231.google.com [IPv6:2607:f8b0:4003:c01::231]) by ietfa.amsl.com (Postfix) with ESMTP id 7808E21F8DF2 for <scim@ietf.org>; Wed, 13 Mar 2013 10:31:46 -0700 (PDT)
Received: by mail-ob0-f177.google.com with SMTP id eh20so1305742obb.36 for <scim@ietf.org>; Wed, 13 Mar 2013 10:31:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:x-gm-message-state; bh=zIMCsvzeaohFnH48mF7gTA8lmv84/4YeGzgtzUNIB+U=; b=CC844ONYilyzCWd73ROdwvHjYk6jIyjrD3Lo5dE8P5vvAN7nC3LhSeSKbiKDsyV/aW 5k2CtQ3pck0bUEZ1Ra0Xcd1u0KPgXE/iQqK2BGNqSO5aVKJn/3JzQBuFnQ1PvZGHqT4q jS4VGqU5JOrR0uu75Or4MJVgk80KfwrV/2LX1Qyu7UAFRqs751yWV+WA6EzkRoKqtiDF fQqCHJqWzK0cT4SN+eM3q8wGOz4bFln13bQIvU/3TcrU9sCnxUEqSCsJVkknUtrh9yGC D8LXns9Uki9QEv7BMhEMvoEVxcW65VUzBtquRvVUw2gzhSe8Mne6a0JLxNH65Ojb3JQb /L3Q==
X-Received: by 10.60.13.39 with SMTP id e7mr16158337oec.74.1363195905807; Wed, 13 Mar 2013 10:31:45 -0700 (PDT)
Received: from [10.8.1.116] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id 4sm26344678obj.7.2013.03.13.10.31.44 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 13 Mar 2013 10:31:45 -0700 (PDT)
Message-ID: <5140B7FF.6000909@unboundid.com>
Date: Wed, 13 Mar 2013 12:31:43 -0500
From: Bjorn Aannestad <bjorn.aannestad@unboundid.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: scim@ietf.org
References: <CAGUsYPxgWHP0ofxiORy0pg7S2J-nB+yLSTqKBjvnDT+Wcmc1_A@mail.gmail.com>
In-Reply-To: <CAGUsYPxgWHP0ofxiORy0pg7S2J-nB+yLSTqKBjvnDT+Wcmc1_A@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------020308090005070306070903"
X-Gm-Message-State: ALoCoQl3Ae3ceiuPUsn0mMajQA3Q6EROx1Ja1SNVAzVrT48fIntB8vgxGH5SPgjZsWFbRwEdlbhI
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 17:31:48 -0000

This is a multi-part message in MIME format.
--------------020308090005070306070903
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit


Good questions!

My take on it is that:
a) Within the proposed text, there is no requirement that the Service 
Provider use the URL to distinguish tenants.  Thus, a URL including a 
non-unique SCIM Id would be ambiguous.

b) There is a use case for retrieval of a resource when the Consumer 
does not know the resource "type" and therefore cannot use a specific 
resource end point.

By making the SCIM Id unique across all Resources within the Service 
Provider, both of these are resolved.

Note that The SCIM id is generated by the Service Provider.  On the 
other hand, Resources created by different Tenants can still have 
duplicate externalIds.   This means that one Tenant will not impose any 
constraints on the ids generated by any other Tenant.

-Bjorn Aannestad

On 2013-03-13 11:15 AM, Shelley wrote:
> Regarding the following text from the proposed text for multi-tenancy [1]:
>
>      In any Multi-Tenant Implementation:
>
>       * The SCIM id, defined by the Service Provider, MUST be unique
>         across all Resources for all Tenants
>
>
> In HTTP/REST, typically the URL in its entirety serves as the global 
> identifier for a resource. What are the reasons for imposing such 
> restrictions on SCIM resource identifiers to be globally unique? SCIM 
> resources are already relative to a resource and tenant, and MUST be 
> unique within that context, but it's unclear to me why IDs must be 
> unique beyond that scope.
>
> *Re: Unique across all Tenants*
>
> In particular, for service providers that use a URL prefix or 
> subdomain to represent multi-tenancy, the SCIM resource is scoped to 
> the tenant and therefore the ID is relative to that tenant and unique 
> within that context. e.g. /Tenants/abc/Users/123 and 
> /Tenants/xyz/Users/123 should be acceptable as it represents different 
> resources, each relative to its corresponding tenant.
>
> Technically, this limitation might need to be imposed upon service 
> providers that use HTTP Headers since the resource identifier (URL) is 
> not scoped to a tenant; however, this should not be imposed on 
> providers that use URL-based tenancy.
> *
> Re: Unique across all Resources*
>
> Likewise, why is this restriction imposed? Resource identifiers are 
> relative to a SCIM resource endpoint. e.g. /Users/123 and /Groups/123 
> should be acceptable, since each represents a different resource type.
>
> [1] http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comment:7
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--------------020308090005070306070903
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <br>
    Good questions!<br>
    <br>
    My take on it is that:<br>
    a) Within the proposed text, there is no requirement that the
    Service Provider use the URL to distinguish tenants.&nbsp; Thus, a URL
    including a non-unique SCIM Id would be ambiguous.<br>
    <br>
    b) There is a use case for retrieval of a resource when the Consumer
    does not know the resource "type" and therefore cannot use a
    specific resource end point.&nbsp;&nbsp; <br>
    <br>
    By making the SCIM Id unique across all Resources within the Service
    Provider, both of these are resolved.&nbsp;&nbsp; <br>
    <br>
    Note that The SCIM id is generated by the Service Provider.&nbsp; On the
    other hand, Resources created by different Tenants can still have
    duplicate externalIds.&nbsp;&nbsp; This means that one Tenant will not impose
    any constraints on the ids generated by any other Tenant.<br>
    <br>
    -Bjorn Aannestad<br>
    <br>
    <div class="moz-cite-prefix">On 2013-03-13 11:15 AM, Shelley wrote:<br>
    </div>
    <blockquote
cite="mid:CAGUsYPxgWHP0ofxiORy0pg7S2J-nB+yLSTqKBjvnDT+Wcmc1_A@mail.gmail.com"
      type="cite">Regarding the following text from the proposed text
      for multi-tenancy [1]:<br>
      <br>
      <blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid
        rgb(204,204,204);padding-left:1ex" class="gmail_quote">&nbsp;In any
        Multi-Tenant Implementation:<br>
        <ul>
          <li>The SCIM id, defined by the Service Provider, MUST be
            unique across all Resources for all Tenants </li>
        </ul>
      </blockquote>
      <br>
      In HTTP/REST, typically the URL in its entirety serves as the
      global identifier for a resource. What are the reasons for
      imposing such restrictions on SCIM resource identifiers to be
      globally unique? SCIM resources are already relative to a resource
      and tenant, and MUST be unique within that context, but it's
      unclear to me why IDs must be unique beyond that scope.<br>
      <br>
      <b>Re: Unique across all Tenants</b><br>
      <br>
      In particular, for service providers that use a URL prefix or
      subdomain to represent multi-tenancy, the SCIM resource is scoped
      to the tenant and therefore the ID is relative to that tenant and
      unique within that context. e.g. /Tenants/abc/Users/123 and
      /Tenants/xyz/Users/123 should be acceptable as it represents
      different resources, each relative to its corresponding tenant.<br>
      <br>
      Technically, this limitation might need to be imposed upon service
      providers that use HTTP Headers since the resource identifier
      (URL) is not scoped to a tenant; however, this should not be
      imposed on providers that use URL-based tenancy.<br>
      <b><br>
        Re: Unique across all Resources</b><br>
      <br>
      Likewise, why is this restriction imposed? Resource identifiers
      are relative to a SCIM resource endpoint. e.g. /Users/123 and
      /Groups/123 should be acceptable, since each represents a
      different resource type.<br>
      <br>
      [1] <a moz-do-not-send="true"
        href="http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comment:7">http://trac.tools.ietf.org/wg/scim/trac/ticket/28#comment:7</a>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
scim mailing list
<a class="moz-txt-link-abbreviated" href="mailto:scim@ietf.org">scim@ietf.org</a>
<a class="moz-txt-link-freetext" href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>

--------------020308090005070306070903--

From randomshelley@gmail.com  Wed Mar 13 12:17:33 2013
Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AB9211E81A2 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 12:17:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YtNSDrAYBFH3 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 12:17:31 -0700 (PDT)
Received: from mail-ie0-x22a.google.com (mail-ie0-x22a.google.com [IPv6:2607:f8b0:4001:c03::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 8024811E8107 for <scim@ietf.org>; Wed, 13 Mar 2013 12:17:31 -0700 (PDT)
Received: by mail-ie0-f170.google.com with SMTP id c11so1977230ieb.15 for <scim@ietf.org>; Wed, 13 Mar 2013 12:17:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=tsx4KI0m0wuC8k4txxfNC5CXH5iURT1gN+lmV6MIvWA=; b=qtD0/zaj0nV7+s1bWVNzzSQf1EUKj8n3QsHYkmUMC9tao9tVvd25kJ5fliFRUE08TN yvHfjx5UMqhM/uw2MztCGgxh8JsnHVMMLAdhA5uVu3sFKw1rfc4PVTMEYKFkGmDgGtrC mO0Ztj1ZNLD1WccFl5OyYuIReZzRWxZxUzDBhrYYCfUpTGqZi9HDV5h3AYDYReeeJEfZ fpD3UwP1t+YOi/odoCi2HsBHE1v9iLjfgIB8fmBdGu27mxCuzKJuIhZNQ2Soz084IXXv dsC1hmnyZAKoBoc/tMzspc+7QxKprR8PomhzrYW2E/eWYRmqE7o8nhDMV1qD9z19YVyQ evyQ==
MIME-Version: 1.0
X-Received: by 10.43.9.137 with SMTP id ow9mr17370372icb.32.1363202248121; Wed, 13 Mar 2013 12:17:28 -0700 (PDT)
Received: by 10.64.126.65 with HTTP; Wed, 13 Mar 2013 12:17:27 -0700 (PDT)
Date: Wed, 13 Mar 2013 14:17:27 -0500
Message-ID: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com>
From: Shelley <randomshelley@gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary=bcaec5161fcdc28cc004d7d341fd
Subject: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 19:17:33 -0000

--bcaec5161fcdc28cc004d7d341fd
Content-Type: text/plain; charset=ISO-8859-1

As a developer of a service provider implementation that supports
multi-tenancy, this requirement seems a bit imposing with little value.
Given that all SCIM resources are relative to a given tenant and to a
particular endpoint/resource type, it seems that the scope of SCIM
identifiers need not go beyond these contexts. The SCIM Protocol is built
upon REST, which is resource-oriented and based on URIs as GUIDs, and so
requiring an additional GUID beyond this seems unnecessary.

Technically, for example, assume that a service provider is using a
standard RDBMS to persist user and group resources. This requirement now
imposes uniqueness of identifiers across tables. Further, consider a case
where a separate database schema maintains the data for each tenant. Not
only must uniqueness be guaranteed across tables, but also across schemas.

*a) Within the proposed text, there is no requirement that the Service
> Provider use the URL to distinguish tenants.  Thus, a URL including a
> non-unique SCIM Id would be ambiguous.*
>

I agree that if service providers choose not to use URLs to distinguish
tenants, they must use unique resource identifiers across all tenants. In
that case, I'd suggest that the burden of this limitation be placed on
these service providers, not on all service providers. This should be a
factor in choosing such a method for implementing multi-tenancy.

Given that the SCIM Protocol is built upon REST where URIs uniquely
identify resources, service providers that choose this method should be
aware of the limitation they are imposing. It is my opinion, however, that
this should be the exception and not dictate requirements for all providers.

*b) There is a use case for retrieval of a resource when the Consumer does
> not know the resource "type" and therefore cannot use a specific resource
> end point.   *
>

Could you elaborate on this use case? Further, if this is a valid use case,
why wouldn't the ability to search across multiple resource types be
sufficient for finding such resources? e.g:

   GET /Tenants/abc?filter=externalId eq xyz
   {
      "totalResults": 1,
      "Resources": [
         {
           "id": "123",
           "resourceType": "User",
           "externalId": "xyz",
           "meta": {
               "location": "https://example.com/Tenants/abc/Users/123",
               ...
           },
           ...
         }
      ],
      ...
   }

(Or alternative to the "resourceType", the response could contain a list of
"Users" and/or "Groups" instead of generic "Resources".)

The current SCIM protocol at least requires that resources are created and
managed at a particular resource endpoint, and the introduction of the
resource type and proposed search functionality seem to offset any need for
a global identifier across all tenants and resources.

--bcaec5161fcdc28cc004d7d341fd
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

As a developer of a service provider implementation that supports multi-ten=
ancy, this requirement seems a bit imposing with little value. Given that a=
ll SCIM resources are relative to a given tenant and to a particular endpoi=
nt/resource type, it seems that the scope of SCIM identifiers need not go b=
eyond these contexts. The SCIM Protocol is built upon REST, which is resour=
ce-oriented and based on URIs as GUIDs, and so requiring an additional GUID=
 beyond this seems unnecessary.<br>
<br>Technically, for example, assume that a service provider is using a sta=
ndard RDBMS to persist user and group resources. This requirement now impos=
es uniqueness of identifiers across tables. Further, consider a case where =
a separate database schema maintains the data for each tenant. Not only mus=
t uniqueness be guaranteed across tables, but also across schemas.<br>
<br><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb=
(204,204,204);padding-left:1ex" class=3D"gmail_quote"><i>a) Within the prop=
osed text, there is no requirement that the Service Provider use the URL to=
 distinguish tenants.=A0 Thus, a URL including a non-unique SCIM Id would b=
e ambiguous.</i><br>
</blockquote><br>I agree that if service providers choose not to use URLs t=
o distinguish tenants, they must use unique resource identifiers across all=
 tenants. In that case, I&#39;d suggest that the burden of this limitation =
be placed on these service providers, not on all service providers. This sh=
ould be a factor in choosing such a method for implementing multi-tenancy.<=
br>
<br>Given that the SCIM Protocol is built upon REST where URIs uniquely ide=
ntify resources, service providers that choose this method should be aware =
of the limitation they are imposing. It is my opinion, however, that this s=
hould be the exception and not dictate requirements for all providers.<br>
<br><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb=
(204,204,204);padding-left:1ex" class=3D"gmail_quote"><i>b) There is a use =
case for retrieval of a resource when the Consumer does not know the resour=
ce &quot;type&quot; and therefore cannot use a specific resource end point.=
=A0=A0 </i><br>
</blockquote><br>Could you elaborate on this use case? Further, if this is =
a valid use case, why wouldn&#39;t the ability to search across multiple re=
source types be sufficient for finding such resources? e.g:<br><br><span st=
yle=3D"font-family:courier new,monospace">=A0=A0 GET /Tenants/abc?filter=3D=
externalId eq xyz<br>
=A0=A0 {<br>=A0=A0=A0=A0=A0 &quot;totalResults&quot;: 1,<br>=A0=A0=A0=A0=A0=
 &quot;Resources&quot;: [</span><br><span style=3D"font-family:courier new,=
monospace"><span style=3D"font-family:courier new,monospace">=A0=A0=A0=A0=
=A0=A0=A0=A0 {<br></span>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 &quot;id&quot;: &qu=
ot;123&quot;,<br>
=A0=A0 =A0=A0=A0=A0=A0=A0=A0 &quot;resourceType&quot;: &quot;User&quot;,<br=
>=A0 =A0=A0 =A0=A0=A0=A0=A0 &quot;externalId&quot;: &quot;xyz&quot;,</span>=
<br><span style=3D"font-family:courier new,monospace"><span style=3D"font-f=
amily:courier new,monospace">=A0=A0=A0 =A0=A0 =A0=A0=A0 &quot;meta&quot;: {=
<br>
=A0=A0=A0=A0=A0 =A0=A0 =A0=A0=A0=A0=A0 &quot;location&quot;: &quot;<a href=
=3D"https://example.com/Tenants/abc/Users/123">https://example.com/Tenants/=
abc/Users/123</a>&quot;,<br>=A0=A0=A0=A0=A0=A0=A0 =A0=A0 =A0=A0=A0 ...<br>=
=A0=A0 =A0=A0=A0=A0=A0=A0=A0 },<br></span>=A0 =A0=A0 =A0=A0=A0=A0=A0 ...<br=
>=A0=A0=A0=A0=A0=A0=A0=A0 }<br>
=A0=A0=A0=A0=A0 ],<br>=A0=A0=A0=A0=A0 ...<br>=A0=A0 }<br></span><br>(Or alt=
ernative to the &quot;resourceType&quot;, the response could contain a list=
 of &quot;Users&quot; and/or &quot;Groups&quot; instead of generic &quot;Re=
sources&quot;.)<br><br>
The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants and resources.<br>

--bcaec5161fcdc28cc004d7d341fd--

From moransar@cisco.com  Wed Mar 13 13:53:47 2013
Return-Path: <moransar@cisco.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D271711E80DC for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 13:53:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level: 
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BOgryO7MnFMf for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 13:53:47 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id BF4F711E809C for <scim@ietf.org>; Wed, 13 Mar 2013 13:53:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10650; q=dns/txt; s=iport; t=1363208026; x=1364417626; h=from:to:subject:date:message-id:in-reply-to:mime-version; bh=qx1ul99Wy+x9mvUCgshOO7GU9NX/1sVLxFoGGvWL+ZU=; b=UBFsqkMnDmZbvRKLXBLU7Pd4KpbIiDN0sRKDGt54Tq0E2isDvDKtwqmp 3FYdtiQt/G/Lz1IH+FnBknnYRD34YUodKIzPh5QsyqA7m1KKrhlANE9LR fh8TjZwA8bOzVGMfIHVyRqYevg1wTNJ0HT1Z39P/58Piyist+PO4vlTwb Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgEFAELmQFGtJXG//2dsb2JhbAA5CoQTwEaBWRZ0gioBAQEEgQsBCBEDAQILHSgRFAkIAgQBEgiHegMPDLlRDYlEEwSMRYENgQogBgcLgl9hA5R2jT2FGYMKgig
X-IronPort-AV: E=Sophos;i="4.84,840,1355097600";  d="scan'208,217";a="186954724"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-1.cisco.com with ESMTP; 13 Mar 2013 20:53:43 +0000
Received: from xhc-rcd-x01.cisco.com (xhc-rcd-x01.cisco.com [173.37.183.75]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id r2DKrhGa009733 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 13 Mar 2013 20:53:43 GMT
Received: from xmb-rcd-x08.cisco.com ([169.254.8.192]) by xhc-rcd-x01.cisco.com ([173.37.183.75]) with mapi id 14.02.0318.004; Wed, 13 Mar 2013 15:53:43 -0500
From: "Morteza Ansari (moransar)" <moransar@cisco.com>
To: Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] Proposed Text for Multi-Tenancy
Thread-Index: AQHOIB9xhiASesnvfUSWtWmfhL9vSZikOvYA
Date: Wed, 13 Mar 2013 20:53:42 +0000
Message-ID: <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com>
In-Reply-To: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/14.3.1.130117
x-originating-ip: [10.21.81.139]
Content-Type: multipart/alternative; boundary="_000_CA3B67220D628A4780D6FEB31F18A3E32864A004xmbrcdx08ciscoc_"
MIME-Version: 1.0
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 20:53:47 -0000

--_000_CA3B67220D628A4780D6FEB31F18A3E32864A004xmbrcdx08ciscoc_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Another reason for this is group membership. Given group members are only i=
dentified using the ID field, if ID namespace is per tenant, then you can't=
 have groups that cross tenant boundary regardless of whether the SP uses U=
RL prefix or other mechanisms.

I do see your point that if SP is using multiple DB's, this requirement add=
s additional burden on the SP.  I think the original intent of this languag=
e (in 1.0) was for id to be unique within a given endpoint (in your example=
 each DB), but the language is not quite clear.


Cheers,
Morteza

From: Shelley <randomshelley@gmail.com<mailto:randomshelley@gmail.com>>
Date: Wednesday, March 13, 2013 11:17 AM
To: "scim@ietf.org<mailto:scim@ietf.org>" <scim@ietf.org<mailto:scim@ietf.o=
rg>>
Subject: [scim] Proposed Text for Multi-Tenancy

As a developer of a service provider implementation that supports multi-ten=
ancy, this requirement seems a bit imposing with little value. Given that a=
ll SCIM resources are relative to a given tenant and to a particular endpoi=
nt/resource type, it seems that the scope of SCIM identifiers need not go b=
eyond these contexts. The SCIM Protocol is built upon REST, which is resour=
ce-oriented and based on URIs as GUIDs, and so requiring an additional GUID=
 beyond this seems unnecessary.

Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains the data for each tenant. Not only must un=
iqueness be guaranteed across tables, but also across schemas.

a) Within the proposed text, there is no requirement that the Service Provi=
der use the URL to distinguish tenants.  Thus, a URL including a non-unique=
 SCIM Id would be ambiguous.

I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I'd suggest that the burden of this limitation be placed on these se=
rvice providers, not on all service providers. This should be a factor in c=
hoosing such a method for implementing multi-tenancy.

Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate requirements for all providers.

b) There is a use case for retrieval of a resource when the Consumer does n=
ot know the resource "type" and therefore cannot use a specific resource en=
d point.

Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn't the ability to search across multiple resource types be suffi=
cient for finding such resources? e.g:

   GET /Tenants/abc?filter=3DexternalId eq xyz
   {
      "totalResults": 1,
      "Resources": [
         {
           "id": "123",
           "resourceType": "User",
           "externalId": "xyz",
           "meta": {
               "location": "https://example.com/Tenants/abc/Users/123",
               ...
           },
           ...
         }
      ],
      ...
   }

(Or alternative to the "resourceType", the response could contain a list of=
 "Users" and/or "Groups" instead of generic "Resources".)

The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants and resources.

--_000_CA3B67220D628A4780D6FEB31F18A3E32864A004xmbrcdx08ciscoc_
Content-Type: text/html; charset="us-ascii"
Content-ID: <4675E40DC9450F41A7DBA3AF43290EB6@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Calibri, sans-serif; ">
<div>Another reason for this is group membership. Given group members are o=
nly identified using the ID field, if ID namespace is per tenant, then you =
can't have groups that cross tenant boundary regardless of whether the SP u=
ses URL prefix or other mechanisms.</div>
<div><br>
</div>
<div>I do see your point that if SP is using multiple DB's, this requiremen=
t adds additional burden on the SP. &nbsp;I think the original intent of th=
is language (in 1.0) was for id to be unique within a given endpoint (in yo=
ur example each DB), but the language
 is not quite clear.</div>
<div><br>
</div>
<div><br>
</div>
<div>Cheers,</div>
<div>Morteza</div>
<div><br>
</div>
<span id=3D"OLK_SRC_BODY_SECTION">
<div style=3D"font-family:Calibri; font-size:11pt; text-align:left; color:b=
lack; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM:=
 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid;=
 BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style=3D"font-weight:bold">From: </span>Shelley &lt;<a href=3D"mailto=
:randomshelley@gmail.com">randomshelley@gmail.com</a>&gt;<br>
<span style=3D"font-weight:bold">Date: </span>Wednesday, March 13, 2013 11:=
17 AM<br>
<span style=3D"font-weight:bold">To: </span>&quot;<a href=3D"mailto:scim@ie=
tf.org">scim@ietf.org</a>&quot; &lt;<a href=3D"mailto:scim@ietf.org">scim@i=
etf.org</a>&gt;<br>
<span style=3D"font-weight:bold">Subject: </span>[scim] Proposed Text for M=
ulti-Tenancy<br>
</div>
<div><br>
</div>
<div>
<div>As a developer of a service provider implementation that supports mult=
i-tenancy, this requirement seems a bit imposing with little value. Given t=
hat all SCIM resources are relative to a given tenant and to a particular e=
ndpoint/resource type, it seems
 that the scope of SCIM identifiers need not go beyond these contexts. The =
SCIM Protocol is built upon REST, which is resource-oriented and based on U=
RIs as GUIDs, and so requiring an additional GUID beyond this seems unneces=
sary.<br>
<br>
Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains
 the data for each tenant. Not only must uniqueness be guaranteed across ta=
bles, but also across schemas.<br>
<br>
<blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204=
,204,204);padding-left:1ex" class=3D"gmail_quote">
<i>a) Within the proposed text, there is no requirement that the Service Pr=
ovider use the URL to distinguish tenants.&nbsp; Thus, a URL including a no=
n-unique SCIM Id would be ambiguous.</i><br>
</blockquote>
<br>
I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I'd suggest that the burden of this limitation be placed on these se=
rvice providers, not on all service
 providers. This should be a factor in choosing such a method for implement=
ing multi-tenancy.<br>
<br>
Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate
 requirements for all providers.<br>
<br>
<blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204=
,204,204);padding-left:1ex" class=3D"gmail_quote">
<i>b) There is a use case for retrieval of a resource when the Consumer doe=
s not know the resource &quot;type&quot; and therefore cannot use a specifi=
c resource end point.&nbsp;&nbsp;
</i><br>
</blockquote>
<br>
Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn't the ability to search across multiple resource types be suffi=
cient for finding such resources? e.g:<br>
<br>
<span style=3D"font-family: 'courier new', monospace; ">&nbsp;&nbsp; GET /T=
enants/abc?filter=3DexternalId eq xyz<br>
&nbsp;&nbsp; {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;totalResults&quot;: 1,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Resources&quot;: [</span><br>
<span style=3D"font-family: 'courier new', monospace; "><span style=3D"font=
-family: 'courier new', monospace; ">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp; {<br>
</span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;i=
d&quot;: &quot;123&quot;,<br>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;resourceType&=
quot;: &quot;User&quot;,<br>
&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;externalId&quot;: =
&quot;xyz&quot;,</span><br>
<span style=3D"font-family: 'courier new', monospace; "><span style=3D"font=
-family: 'courier new', monospace; ">&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;=
&nbsp;&nbsp; &quot;meta&quot;: {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&quot;location&quot;: &quot;<a href=3D"https://example.com/Tenants/abc/User=
s/123">https://example.com/Tenants/abc/Users/123</a>&quot;,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; =
...<br>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; },<br>
</span>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp; }<br>
</span><br>
(Or alternative to the &quot;resourceType&quot;, the response could contain=
 a list of &quot;Users&quot; and/or &quot;Groups&quot; instead of generic &=
quot;Resources&quot;.)<br>
<br>
The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants
 and resources.<br>
</div>
</div>
</span>
</body>
</html>

--_000_CA3B67220D628A4780D6FEB31F18A3E32864A004xmbrcdx08ciscoc_--

From leifj@sunet.se  Wed Mar 13 15:41:22 2013
Return-Path: <leifj@sunet.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95A6511E8126 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 15:41:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4IQCFAXOrUWE for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 15:41:22 -0700 (PDT)
Received: from smtp1.nordu.net (smtp1.nordu.net [IPv6:2001:948:4:6::32]) by ietfa.amsl.com (Postfix) with ESMTP id D69FE11E8125 for <scim@ietf.org>; Wed, 13 Mar 2013 15:41:21 -0700 (PDT)
Received: from [130.129.10.34] (dhcp-9222.meeting.ietf.org [130.129.10.34]) (authenticated bits=0) by smtp1.nordu.net (8.14.6/8.14.6) with ESMTP id r2DMfDqW026253 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for <scim@ietf.org>; Wed, 13 Mar 2013 22:41:20 GMT
Message-ID: <51410084.4060705@sunet.se>
Date: Wed, 13 Mar 2013 23:41:08 +0100
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Thunderbird/17.0.4
MIME-Version: 1.0
To: scim WG <scim@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [scim] slides
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 22:41:22 -0000

Those of you who will be presenting please send slides as soon as
possible _before_ the meeting :-)

Those of you who will be presenting issues for consensus call, please
make those slides contain clear summaries on what the issues are.

        Cheers Leif

From randomshelley@gmail.com  Wed Mar 13 17:20:46 2013
Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AC2C11E80E0 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 17:20:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ncVzAJZYAnqT for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 17:20:45 -0700 (PDT)
Received: from mail-ie0-x22b.google.com (mail-ie0-x22b.google.com [IPv6:2607:f8b0:4001:c03::22b]) by ietfa.amsl.com (Postfix) with ESMTP id BDD0F11E80DC for <scim@ietf.org>; Wed, 13 Mar 2013 17:20:44 -0700 (PDT)
Received: by mail-ie0-f171.google.com with SMTP id 10so2321988ied.30 for <scim@ietf.org>; Wed, 13 Mar 2013 17:20:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=35xgTrkeAmZfXPt6tpHZa3afgr2AldUkXKguQY9vRuk=; b=AMyTlGQpEDgQrcuwEaHRresF8ll4ZK2osMevrNwZMy+xP9dRvI6OTdaTwjCgdz6mk8 TayRkFKj8ZwW7WJ4I9ERYpaKXBIRCncvl7Yg2ujou6GLp0mBM6L3tBVECqVlNt2/Slmh mnA7KNxTobNcc5FTa7NpBHLnSqABFvinhrMI42waE8keAGBoKDIqGkD/YHJmapjZmXHX C+eL5/CAdoHjttwLAUNlnDimQVgzoc31X3K5tpyxW32X3EWR8vOnjagmlh0yIh3oGYbP gVFa8aKwPYJCojf/hKEC5WYScp30ch3YNcG1MrmamyAsNTg8hPKAdxbG6UArU8WpGuIG IlcQ==
MIME-Version: 1.0
X-Received: by 10.50.149.233 with SMTP id ud9mr308352igb.92.1363220444299; Wed, 13 Mar 2013 17:20:44 -0700 (PDT)
Received: by 10.64.126.65 with HTTP; Wed, 13 Mar 2013 17:20:44 -0700 (PDT)
In-Reply-To: <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com>
Date: Wed, 13 Mar 2013 19:20:44 -0500
Message-ID: <CAGUsYPxxOnxr1pM0vWvfRuqhVnsudbe0y2DAtLNQdJ_MPW7BLg@mail.gmail.com>
From: Shelley <randomshelley@gmail.com>
To: "Morteza Ansari (moransar)" <moransar@cisco.com>
Content-Type: multipart/alternative; boundary=e89a8f3ba181554c6104d7d77e64
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 00:20:46 -0000

--e89a8f3ba181554c6104d7d77e64
Content-Type: text/plain; charset=ISO-8859-1

>
> *Another reason for this is group membership. Given group members are
> only identified using the ID field*
>

Group members are identified by both a value (ID) and a type (User, Group).
I asked a related question [1] on the mailing list a few weeks ago related
to requiring the type when adding group members, as I was under the
impression that identifiers are not required to be unique across all
resource types.

*if ID namespace is per tenant, then you can't have groups that cross
> tenant boundary regardless of whether the SP uses URL prefix or other
> mechanisms.*
>

I'm not sure that groups should* *ever cross tenant boundaries. The general
goal of multi-tenancy is to create virtual boundaries between
services/resources, so crossing them seems to defeat the purpose and expose
a security risk.

[1] http://www.ietf.org/mail-archive/web/scim/current/msg00935.html


On Wed, Mar 13, 2013 at 3:53 PM, Morteza Ansari (moransar) <
moransar@cisco.com> wrote:

>  Another reason for this is group membership. Given group members are
> only identified using the ID field, if ID namespace is per tenant, then you
> can't have groups that cross tenant boundary regardless of whether the SP
> uses URL prefix or other mechanisms.
>
>  I do see your point that if SP is using multiple DB's, this requirement
> adds additional burden on the SP.  I think the original intent of this
> language (in 1.0) was for id to be unique within a given endpoint (in your
> example each DB), but the language is not quite clear.
>
>
>  Cheers,
> Morteza
>
>   From: Shelley <randomshelley@gmail.com>
> Date: Wednesday, March 13, 2013 11:17 AM
> To: "scim@ietf.org" <scim@ietf.org>
> Subject: [scim] Proposed Text for Multi-Tenancy
>
>  As a developer of a service provider implementation that supports
> multi-tenancy, this requirement seems a bit imposing with little value.
> Given that all SCIM resources are relative to a given tenant and to a
> particular endpoint/resource type, it seems that the scope of SCIM
> identifiers need not go beyond these contexts. The SCIM Protocol is built
> upon REST, which is resource-oriented and based on URIs as GUIDs, and so
> requiring an additional GUID beyond this seems unnecessary.
>
> Technically, for example, assume that a service provider is using a
> standard RDBMS to persist user and group resources. This requirement now
> imposes uniqueness of identifiers across tables. Further, consider a case
> where a separate database schema maintains the data for each tenant. Not
> only must uniqueness be guaranteed across tables, but also across schemas.
>
>  *a) Within the proposed text, there is no requirement that the Service
>> Provider use the URL to distinguish tenants.  Thus, a URL including a
>> non-unique SCIM Id would be ambiguous.*
>>
>
> I agree that if service providers choose not to use URLs to distinguish
> tenants, they must use unique resource identifiers across all tenants. In
> that case, I'd suggest that the burden of this limitation be placed on
> these service providers, not on all service providers. This should be a
> factor in choosing such a method for implementing multi-tenancy.
>
> Given that the SCIM Protocol is built upon REST where URIs uniquely
> identify resources, service providers that choose this method should be
> aware of the limitation they are imposing. It is my opinion, however, that
> this should be the exception and not dictate requirements for all providers.
>
>  *b) There is a use case for retrieval of a resource when the Consumer
>> does not know the resource "type" and therefore cannot use a specific
>> resource end point.   *
>>
>
> Could you elaborate on this use case? Further, if this is a valid use
> case, why wouldn't the ability to search across multiple resource types be
> sufficient for finding such resources? e.g:
>
>    GET /Tenants/abc?filter=externalId eq xyz
>    {
>       "totalResults": 1,
>       "Resources": [
>          {
>            "id": "123",
>            "resourceType": "User",
>            "externalId": "xyz",
>            "meta": {
>                "location": "https://example.com/Tenants/abc/Users/123",
>                ...
>            },
>            ...
>          }
>       ],
>       ...
>    }
>
> (Or alternative to the "resourceType", the response could contain a list
> of "Users" and/or "Groups" instead of generic "Resources".)
>
> The current SCIM protocol at least requires that resources are created and
> managed at a particular resource endpoint, and the introduction of the
> resource type and proposed search functionality seem to offset any need for
> a global identifier across all tenants and resources.
>

--e89a8f3ba181554c6104d7d77e64
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rg=
b(204,204,204);padding-left:1ex" class=3D"gmail_quote"><i>Another reason fo=
r this is group membership. Given group members=20
are only identified using the ID field</i><br></blockquote><br></div>Group =
members are identified by both a value (ID) and a type (User, Group). I ask=
ed a related question [1] on the mailing list a few weeks ago related to re=
quiring the type when adding group members, as I was under the impression t=
hat identifiers are not required to be unique across all resource types.<br=
>
<br><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb=
(204,204,204);padding-left:1ex" class=3D"gmail_quote"><i>if ID namespace is=
 per tenant,=20
then you can&#39;t have groups that cross tenant boundary regardless of=20
whether the SP uses URL prefix or other mechanisms.</i><br></blockquote><br=
>I&#39;m not sure that groups should<i> </i>ever cross tenant boundaries. T=
he general goal of multi-tenancy is to create virtual boundaries between se=
rvices/resources, so crossing them seems to defeat the purpose and expose a=
 security risk.<br>
<br>[1] <a href=3D"http://www.ietf.org/mail-archive/web/scim/current/msg009=
35.html">http://www.ietf.org/mail-archive/web/scim/current/msg00935.html</a=
><br><br><br><div class=3D"gmail_quote">On Wed, Mar 13, 2013 at 3:53 PM, Mo=
rteza Ansari (moransar) <span dir=3D"ltr">&lt;<a href=3D"mailto:moransar@ci=
sco.com" target=3D"_blank">moransar@cisco.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">



<div style=3D"font-size:14px;font-family:Calibri,sans-serif;word-wrap:break=
-word">
<div>Another reason for this is group membership. Given group members are o=
nly identified using the ID field, if ID namespace is per tenant, then you =
can&#39;t have groups that cross tenant boundary regardless of whether the =
SP uses URL prefix or other mechanisms.</div>

<div><br>
</div>
<div>I do see your point that if SP is using multiple DB&#39;s, this requir=
ement adds additional burden on the SP. =A0I think the original intent of t=
his language (in 1.0) was for id to be unique within a given endpoint (in y=
our example each DB), but the language
 is not quite clear.</div>
<div><br>
</div>
<div><br>
</div>
<div>Cheers,</div>
<div>Morteza</div>
<div><br>
</div>
<span>
<div style=3D"border-right:medium none;padding-right:0in;padding-left:0in;p=
adding-top:3pt;text-align:left;font-size:11pt;border-bottom:medium none;fon=
t-family:Calibri;border-top:#b5c4df 1pt solid;padding-bottom:0in;border-lef=
t:medium none">

<span style=3D"font-weight:bold">From: </span>Shelley &lt;<a href=3D"mailto=
:randomshelley@gmail.com" target=3D"_blank">randomshelley@gmail.com</a>&gt;=
<br>
<span style=3D"font-weight:bold">Date: </span>Wednesday, March 13, 2013 11:=
17 AM<br>
<span style=3D"font-weight:bold">To: </span>&quot;<a href=3D"mailto:scim@ie=
tf.org" target=3D"_blank">scim@ietf.org</a>&quot; &lt;<a href=3D"mailto:sci=
m@ietf.org" target=3D"_blank">scim@ietf.org</a>&gt;<br>
<span style=3D"font-weight:bold">Subject: </span>[scim] Proposed Text for M=
ulti-Tenancy<br>
</div><div><div class=3D"h5">
<div><br>
</div>
<div>
<div>As a developer of a service provider implementation that supports mult=
i-tenancy, this requirement seems a bit imposing with little value. Given t=
hat all SCIM resources are relative to a given tenant and to a particular e=
ndpoint/resource type, it seems
 that the scope of SCIM identifiers need not go beyond these contexts. The =
SCIM Protocol is built upon REST, which is resource-oriented and based on U=
RIs as GUIDs, and so requiring an additional GUID beyond this seems unneces=
sary.<br>

<br>
Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains
 the data for each tenant. Not only must uniqueness be guaranteed across ta=
bles, but also across schemas.<br>
<br>
<blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204=
,204,204);padding-left:1ex" class=3D"gmail_quote">
<i>a) Within the proposed text, there is no requirement that the Service Pr=
ovider use the URL to distinguish tenants.=A0 Thus, a URL including a non-u=
nique SCIM Id would be ambiguous.</i><br>
</blockquote>
<br>
I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I&#39;d suggest that the burden of this limitation be placed on thes=
e service providers, not on all service
 providers. This should be a factor in choosing such a method for implement=
ing multi-tenancy.<br>
<br>
Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate
 requirements for all providers.<br>
<br>
<blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204=
,204,204);padding-left:1ex" class=3D"gmail_quote">
<i>b) There is a use case for retrieval of a resource when the Consumer doe=
s not know the resource &quot;type&quot; and therefore cannot use a specifi=
c resource end point.=A0=A0
</i><br>
</blockquote>
<br>
Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn&#39;t the ability to search across multiple resource types be s=
ufficient for finding such resources? e.g:<br>
<br>
<span style=3D"font-family:&#39;courier new&#39;,monospace">=A0=A0 GET /Ten=
ants/abc?filter=3DexternalId eq xyz<br>
=A0=A0 {<br>
=A0=A0=A0=A0=A0 &quot;totalResults&quot;: 1,<br>
=A0=A0=A0=A0=A0 &quot;Resources&quot;: [</span><br>
<span style=3D"font-family:&#39;courier new&#39;,monospace"><span style=3D"=
font-family:&#39;courier new&#39;,monospace">=A0=A0=A0=A0=A0=A0=A0=A0 {<br>
</span>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 &quot;id&quot;: &quot;123&quot;,<br>
=A0=A0 =A0=A0=A0=A0=A0=A0=A0 &quot;resourceType&quot;: &quot;User&quot;,<br=
>
=A0 =A0=A0 =A0=A0=A0=A0=A0 &quot;externalId&quot;: &quot;xyz&quot;,</span><=
br>
<span style=3D"font-family:&#39;courier new&#39;,monospace"><span style=3D"=
font-family:&#39;courier new&#39;,monospace">=A0=A0=A0 =A0=A0 =A0=A0=A0 &qu=
ot;meta&quot;: {<br>
=A0=A0=A0=A0=A0 =A0=A0 =A0=A0=A0=A0=A0 &quot;location&quot;: &quot;<a href=
=3D"https://example.com/Tenants/abc/Users/123" target=3D"_blank">https://ex=
ample.com/Tenants/abc/Users/123</a>&quot;,<br>
=A0=A0=A0=A0=A0=A0=A0 =A0=A0 =A0=A0=A0 ...<br>
=A0=A0 =A0=A0=A0=A0=A0=A0=A0 },<br>
</span>=A0 =A0=A0 =A0=A0=A0=A0=A0 ...<br>
=A0=A0=A0=A0=A0=A0=A0=A0 }<br>
=A0=A0=A0=A0=A0 ],<br>
=A0=A0=A0=A0=A0 ...<br>
=A0=A0 }<br>
</span><br>
(Or alternative to the &quot;resourceType&quot;, the response could contain=
 a list of &quot;Users&quot; and/or &quot;Groups&quot; instead of generic &=
quot;Resources&quot;.)<br>
<br>
The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants
 and resources.<br>
</div>
</div>
</div></div></span>
</div>

</blockquote></div><br>

--e89a8f3ba181554c6104d7d77e64--

From kelly.grizzle@sailpoint.com  Wed Mar 13 17:26:32 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD9B811E80C5 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 17:26:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.098
X-Spam-Level: 
X-Spam-Status: No, score=-5.098 tagged_above=-999 required=5 tests=[AWL=-1.500, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n-ooQT1-ZnFV for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 17:26:31 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe001.messaging.microsoft.com [216.32.180.11]) by ietfa.amsl.com (Postfix) with ESMTP id 3A4E011E80A6 for <scim@ietf.org>; Wed, 13 Mar 2013 17:26:31 -0700 (PDT)
Received: from mail112-va3-R.bigfish.com (10.7.14.250) by VA3EHSOBE007.bigfish.com (10.7.40.11) with Microsoft SMTP Server id 14.1.225.23; Thu, 14 Mar 2013 00:26:30 +0000
Received: from mail112-va3 (localhost [127.0.0.1])	by mail112-va3-R.bigfish.com (Postfix) with ESMTP id 62F6738018C; Thu, 14 Mar 2013 00:26:30 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT004.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -22
X-BigFish: PS-22(zz9371Ic85fh1432Izz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL17326ah8275dh18c673h8275bhz31h2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1155h)
Received-SPF: softfail (mail112-va3: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT004.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail112-va3 (localhost.localdomain [127.0.0.1]) by mail112-va3 (MessageSwitch) id 1363220787954453_409; Thu, 14 Mar 2013 00:26:27 +0000 (UTC)
Received: from VA3EHSMHS011.bigfish.com (unknown [10.7.14.248])	by mail112-va3.bigfish.com (Postfix) with ESMTP id DDD543600C2; Thu, 14 Mar 2013 00:26:27 +0000 (UTC)
Received: from BLUPRD0412HT004.namprd04.prod.outlook.com (132.245.1.133) by VA3EHSMHS011.bigfish.com (10.7.99.21) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 14 Mar 2013 00:26:25 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.238]) by BLUPRD0412HT004.namprd04.prod.outlook.com ([10.255.214.165]) with mapi id 14.16.0275.006; Thu, 14 Mar 2013 00:26:25 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: "Morteza Ansari (moransar)" <moransar@cisco.com>, Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] Proposed Text for Multi-Tenancy
Thread-Index: AQHOIB9zAUUdFdzt7UCepBSzgYEe6pikGXEAgAA5vRA=
Date: Thu, 14 Mar 2013 00:26:24 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com>
In-Reply-To: <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 927BA3A0003E9E927BA4ED
x-originating-ip: [72.182.10.254]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34375C381A0CBLUPRD0412MB643_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 00:26:32 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34375C381A0CBLUPRD0412MB643_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I agree with Shelley.  It is a significant burden on the service provider t=
o require fully unique IDs across tenants and resource types.

> Given group members are only identified using the ID field

This is likely going to change with the reference attribute type being adde=
d in issue #33.


> The SCIM id, defined by the Service Provider, MUST be unique across all R=
esources for all Tenants

Maybe this could be reworded so that the MUST is conditional on whether mul=
ti-tenancy uses fully unique URIs or not.

--Kelly

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Mor=
teza Ansari (moransar)
Sent: Wednesday, March 13, 2013 3:54 PM
To: Shelley; scim@ietf.org
Subject: Re: [scim] Proposed Text for Multi-Tenancy

Another reason for this is group membership. Given group members are only i=
dentified using the ID field, if ID namespace is per tenant, then you can't=
 have groups that cross tenant boundary regardless of whether the SP uses U=
RL prefix or other mechanisms.

I do see your point that if SP is using multiple DB's, this requirement add=
s additional burden on the SP.  I think the original intent of this languag=
e (in 1.0) was for id to be unique within a given endpoint (in your example=
 each DB), but the language is not quite clear.


Cheers,
Morteza

From: Shelley <randomshelley@gmail.com<mailto:randomshelley@gmail.com>>
Date: Wednesday, March 13, 2013 11:17 AM
To: "scim@ietf.org<mailto:scim@ietf.org>" <scim@ietf.org<mailto:scim@ietf.o=
rg>>
Subject: [scim] Proposed Text for Multi-Tenancy

As a developer of a service provider implementation that supports multi-ten=
ancy, this requirement seems a bit imposing with little value. Given that a=
ll SCIM resources are relative to a given tenant and to a particular endpoi=
nt/resource type, it seems that the scope of SCIM identifiers need not go b=
eyond these contexts. The SCIM Protocol is built upon REST, which is resour=
ce-oriented and based on URIs as GUIDs, and so requiring an additional GUID=
 beyond this seems unnecessary.

Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains the data for each tenant. Not only must un=
iqueness be guaranteed across tables, but also across schemas.
a) Within the proposed text, there is no requirement that the Service Provi=
der use the URL to distinguish tenants.  Thus, a URL including a non-unique=
 SCIM Id would be ambiguous.

I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I'd suggest that the burden of this limitation be placed on these se=
rvice providers, not on all service providers. This should be a factor in c=
hoosing such a method for implementing multi-tenancy.

Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate requirements for all providers.
b) There is a use case for retrieval of a resource when the Consumer does n=
ot know the resource "type" and therefore cannot use a specific resource en=
d point.

Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn't the ability to search across multiple resource types be suffi=
cient for finding such resources? e.g:

   GET /Tenants/abc?filter=3DexternalId eq xyz
   {
      "totalResults": 1,
      "Resources": [
         {
           "id": "123",
           "resourceType": "User",
           "externalId": "xyz",
           "meta": {
               "location": "https://example.com/Tenants/abc/Users/123",
               ...
           },
           ...
         }
      ],
      ...
   }

(Or alternative to the "resourceType", the response could contain a list of=
 "Users" and/or "Groups" instead of generic "Resources".)

The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants and resources.

--_000_56C3C758F9D6534CA3778EAA1E0C34375C381A0CBLUPRD0412MB643_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
span.EmailStyle17
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I agree with Shelley.&nbs=
p; It is a significant burden on the service provider to require fully uniq=
ue IDs across tenants and resource types.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&gt;
</span><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quo=
t;sans-serif&quot;;color:black">Given group members are only identified usi=
ng the ID field<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p=
>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">This is likely going to c=
hange with the reference attribute type being added in issue #33.<o:p></o:p=
></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&gt;
</span><span style=3D"font-size:11.5pt;color:black;background:white">The SC=
IM id, defined by the Service Provider, MUST be unique across all Resources=
 for all Tenants</span><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">Maybe this could be rewor=
ded so that the MUST is conditional on whether multi-tenancy uses fully uni=
que URIs or not.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly<o:p></o:p></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> scim-bou=
nces@ietf.org [mailto:scim-bounces@ietf.org]
<b>On Behalf Of </b>Morteza Ansari (moransar)<br>
<b>Sent:</b> Wednesday, March 13, 2013 3:54 PM<br>
<b>To:</b> Shelley; scim@ietf.org<br>
<b>Subject:</b> Re: [scim] Proposed Text for Multi-Tenancy<o:p></o:p></span=
></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">Another reason for this is =
group membership. Given group members are only identified using the ID fiel=
d, if ID namespace is per tenant, then you can't have groups
 that cross tenant boundary regardless of whether the SP uses URL prefix or=
 other mechanisms.<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">I do see your point that if=
 SP is using multiple DB's, this requirement adds additional burden on the =
SP. &nbsp;I think the original intent of this language (in 1.0)
 was for id to be unique within a given endpoint (in your example each DB),=
 but the language is not quite clear.<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">Cheers,<o:p></o:p></span></=
p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">Morteza<o:p></o:p></span></=
p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p=
>
</div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;;color:black">From:
</span></b><span style=3D"font-size:11.0pt;font-family:&quot;Calibri&quot;,=
&quot;sans-serif&quot;;color:black">Shelley &lt;<a href=3D"mailto:randomshe=
lley@gmail.com">randomshelley@gmail.com</a>&gt;<br>
<b>Date: </b>Wednesday, March 13, 2013 11:17 AM<br>
<b>To: </b>&quot;<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a>&quot; &=
lt;<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a>&gt;<br>
<b>Subject: </b>[scim] Proposed Text for Multi-Tenancy<o:p></o:p></span></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p=
>
</div>
<div>
<div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-s=
ize:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:bla=
ck">As a developer of a service provider implementation that supports multi=
-tenancy, this requirement seems a bit imposing with little
 value. Given that all SCIM resources are relative to a given tenant and to=
 a particular endpoint/resource type, it seems that the scope of SCIM ident=
ifiers need not go beyond these contexts. The SCIM Protocol is built upon R=
EST, which is resource-oriented
 and based on URIs as GUIDs, and so requiring an additional GUID beyond thi=
s seems unnecessary.<br>
<br>
Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains
 the data for each tenant. Not only must uniqueness be guaranteed across ta=
bles, but also across schemas.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;;color:black">a) Within the proposed t=
ext, there is no requirement that the Service Provider use the URL to disti=
nguish tenants.&nbsp; Thus, a URL including a non-unique SCIM
 Id would be ambiguous.</span></i><span style=3D"font-size:10.5pt;font-fami=
ly:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black"><o:p></o:p></spa=
n></p>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-s=
ize:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:bla=
ck"><br>
I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I'd suggest that the burden of this limitation be placed on these se=
rvice providers, not on all service
 providers. This should be a factor in choosing such a method for implement=
ing multi-tenancy.<br>
<br>
Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate
 requirements for all providers.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;;color:black">b) There is a use case f=
or retrieval of a resource when the Consumer does not know the resource &qu=
ot;type&quot; and therefore cannot use a specific resource end point.&nbsp;=
&nbsp;
</span></i><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,=
&quot;sans-serif&quot;;color:black"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><br>
Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn't the ability to search across multiple resource types be suffi=
cient for finding such resources? e.g:<br>
<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;;=
color:black">&nbsp;&nbsp; GET /Tenants/abc?filter=3DexternalId eq xyz<br>
&nbsp;&nbsp; {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;totalResults&quot;: 1,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Resources&quot;: [</span><span style=
=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;=
;color:black"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;;=
color:black">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;id&quot;=
: &quot;123&quot;,<br>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;resourceType&=
quot;: &quot;User&quot;,<br>
&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;externalId&quot;: =
&quot;xyz&quot;,</span><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;;=
color:black">&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &quot;meta&=
quot;: {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&quot;location&quot;: &quot;<a href=3D"https://example.com/Tenants/abc/User=
s/123">https://example.com/Tenants/abc/Users/123</a>&quot;,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; =
...<br>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; },<br>
&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp; }<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quo=
t;sans-serif&quot;;color:black"><br>
(Or alternative to the &quot;resourceType&quot;, the response could contain=
 a list of &quot;Users&quot; and/or &quot;Groups&quot; instead of generic &=
quot;Resources&quot;.)<br>
<br>
The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants
 and resources.<o:p></o:p></span></p>
</div>
</div>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34375C381A0CBLUPRD0412MB643_--

From phil.hunt@oracle.com  Wed Mar 13 20:55:54 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B368211E809C for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 20:55:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level: 
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id umqHB8TTLww1 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 20:55:53 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 6DFDA21F8C2A for <scim@ietf.org>; Wed, 13 Mar 2013 20:55:53 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2E3to90020193 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 14 Mar 2013 03:55:50 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2E3tnRn004027 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 14 Mar 2013 03:55:49 GMT
Received: from abhmt119.oracle.com (abhmt119.oracle.com [141.146.116.71]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2E3tneZ025578; Wed, 13 Mar 2013 22:55:49 -0500
Received: from [10.0.1.2] (/64.134.184.181) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 13 Mar 2013 20:55:48 -0700
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_525F3415-7073-4A7B-AF76-327E0063BBEC"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com>
Date: Wed, 13 Mar 2013 23:55:49 -0400
Message-Id: <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
X-Mailer: Apple Mail (2.1283)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Cc: "scim@ietf.org" <scim@ietf.org>, Shelley <randomshelley@gmail.com>, "Morteza Ansari \(moransar\)" <moransar@cisco.com>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 03:55:54 -0000

--Apple-Mail=_525F3415-7073-4A7B-AF76-327E0063BBEC
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

Hmmm=85calculating a UUID is fairly straight forward and doesn't require =
checking across tenancies to be universally unique (at least =
statistically).

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:

> I agree with Shelley.  It is a significant burden on the service =
provider to require fully unique IDs across tenants and resource types.
> =20
> > Given group members are only identified using the ID field
> =20
> This is likely going to change with the reference attribute type being =
added in issue #33.
> =20
> =20
> > The SCIM id, defined by the Service Provider, MUST be unique across =
all Resources for all Tenants
> =20
> Maybe this could be reworded so that the MUST is conditional on =
whether multi-tenancy uses fully unique URIs or not.
> =20
> --Kelly
> =20
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Morteza Ansari (moransar)
> Sent: Wednesday, March 13, 2013 3:54 PM
> To: Shelley; scim@ietf.org
> Subject: Re: [scim] Proposed Text for Multi-Tenancy
> =20
> Another reason for this is group membership. Given group members are =
only identified using the ID field, if ID namespace is per tenant, then =
you can't have groups that cross tenant boundary regardless of whether =
the SP uses URL prefix or other mechanisms.
> =20
> I do see your point that if SP is using multiple DB's, this =
requirement adds additional burden on the SP.  I think the original =
intent of this language (in 1.0) was for id to be unique within a given =
endpoint (in your example each DB), but the language is not quite clear.
> =20
> =20
> Cheers,
> Morteza
> =20
> From: Shelley <randomshelley@gmail.com>
> Date: Wednesday, March 13, 2013 11:17 AM
> To: "scim@ietf.org" <scim@ietf.org>
> Subject: [scim] Proposed Text for Multi-Tenancy
> =20
> As a developer of a service provider implementation that supports =
multi-tenancy, this requirement seems a bit imposing with little value. =
Given that all SCIM resources are relative to a given tenant and to a =
particular endpoint/resource type, it seems that the scope of SCIM =
identifiers need not go beyond these contexts. The SCIM Protocol is =
built upon REST, which is resource-oriented and based on URIs as GUIDs, =
and so requiring an additional GUID beyond this seems unnecessary.
>=20
> Technically, for example, assume that a service provider is using a =
standard RDBMS to persist user and group resources. This requirement now =
imposes uniqueness of identifiers across tables. Further, consider a =
case where a separate database schema maintains the data for each =
tenant. Not only must uniqueness be guaranteed across tables, but also =
across schemas.
>=20
> a) Within the proposed text, there is no requirement that the Service =
Provider use the URL to distinguish tenants.  Thus, a URL including a =
non-unique SCIM Id would be ambiguous.
>=20
> I agree that if service providers choose not to use URLs to =
distinguish tenants, they must use unique resource identifiers across =
all tenants. In that case, I'd suggest that the burden of this =
limitation be placed on these service providers, not on all service =
providers. This should be a factor in choosing such a method for =
implementing multi-tenancy.
>=20
> Given that the SCIM Protocol is built upon REST where URIs uniquely =
identify resources, service providers that choose this method should be =
aware of the limitation they are imposing. It is my opinion, however, =
that this should be the exception and not dictate requirements for all =
providers.
>=20
> b) There is a use case for retrieval of a resource when the Consumer =
does not know the resource "type" and therefore cannot use a specific =
resource end point. =20
>=20
> Could you elaborate on this use case? Further, if this is a valid use =
case, why wouldn't the ability to search across multiple resource types =
be sufficient for finding such resources? e.g:
>=20
>    GET /Tenants/abc?filter=3DexternalId eq xyz
>    {
>       "totalResults": 1,
>       "Resources": [
>          {
>            "id": "123",
>            "resourceType": "User",
>            "externalId": "xyz",
>            "meta": {
>                "location": =
"https://example.com/Tenants/abc/Users/123",
>                ...
>            },
>            ...
>          }
>       ],
>       ...
>    }
>=20
> (Or alternative to the "resourceType", the response could contain a =
list of "Users" and/or "Groups" instead of generic "Resources".)
>=20
> The current SCIM protocol at least requires that resources are created =
and managed at a particular resource endpoint, and the introduction of =
the resource type and proposed search functionality seem to offset any =
need for a global identifier across all tenants and resources.
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_525F3415-7073-4A7B-AF76-327E0063BBEC
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
">Hmmm=85calculating a UUID is fairly straight forward and doesn't =
require checking across tenancies to be universally unique (at least =
statistically).<div><br><div apple-content-edited=3D"true">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>Phil</div><div><br></div><div>@independentid</div><div><a=
 =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
font-family: Helvetica; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: =
none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div =
lang=3D"EN-US" link=3D"blue" vlink=3D"purple"><div class=3D"WordSection1" =
style=3D"page: WordSection1; "><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">I =
agree with Shelley.&nbsp; It is a significant burden on the service =
provider to require fully unique IDs across tenants and resource =
types.<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">&gt;<span class=3D"Apple-converted-space">&nbsp;</span></span><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; ">Given group members are only identified using the ID =
field<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
10.5pt; font-family: Calibri, sans-serif; color: black; =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">This =
is likely going to change with the reference attribute type being added =
in issue #33.<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">&gt;<span class=3D"Apple-converted-space">&nbsp;</span></span><span =
style=3D"font-size: 11.5pt; color: black; background-image: initial; =
background-attachment: initial; background-origin: initial; =
background-clip: initial; background-color: white; background-position: =
initial initial; background-repeat: initial initial; ">The SCIM id, =
defined by the Service Provider, MUST be unique across all Resources for =
all Tenants</span><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); "><o:p></o:p></span></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">Maybe =
this could be reworded so that the MUST is conditional on whether =
multi-tenancy uses fully unique URIs or not.<o:p></o:p></span></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
">--Kelly<o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); =
"><o:p>&nbsp;</o:p></span></div><div><div style=3D"border-right-style: =
none; border-bottom-style: none; border-left-style: none; border-width: =
initial; border-color: initial; border-top-style: solid; =
border-top-color: rgb(181, 196, 223); border-top-width: 1pt; =
padding-top: 3pt; padding-right: 0in; padding-bottom: 0in; padding-left: =
0in; "><div style=3D"margin-top: 0in; margin-right: 0in; margin-left: =
0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><b><span style=3D"font-size: 10pt; font-family: Tahoma, =
sans-serif; ">From:</span></b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; "><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> =
[mailto:scim-bounces@ietf.org]<span =
class=3D"Apple-converted-space">&nbsp;</span><b>On Behalf Of<span =
class=3D"Apple-converted-space">&nbsp;</span></b>Morteza Ansari =
(moransar)<br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Wednesday, March 13, 2013 =
3:54 PM<br><b>To:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Shelley; <a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Re: [scim] Proposed Text =
for Multi-Tenancy<o:p></o:p></span></div></div></div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><o:p>&nbsp;</o:p></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; ">Another reason for this is group membership. Given group =
members are only identified using the ID field, if ID namespace is per =
tenant, then you can't have groups that cross tenant boundary regardless =
of whether the SP uses URL prefix or other =
mechanisms.<o:p></o:p></span></div></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; "><o:p>&nbsp;</o:p></span></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 10.5pt; font-family: Calibri, =
sans-serif; color: black; ">I do see your point that if SP is using =
multiple DB's, this requirement adds additional burden on the SP. =
&nbsp;I think the original intent of this language (in 1.0) was for id =
to be unique within a given endpoint (in your example each DB), but the =
language is not quite clear.<o:p></o:p></span></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 10.5pt; font-family: Calibri, =
sans-serif; color: black; =
"><o:p>&nbsp;</o:p></span></div></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; "><o:p>&nbsp;</o:p></span></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 10.5pt; font-family: Calibri, =
sans-serif; color: black; =
">Cheers,<o:p></o:p></span></div></div><div><div style=3D"margin-top: =
0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; =
font-size: 12pt; font-family: 'Times New Roman', serif; "><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; ">Morteza<o:p></o:p></span></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 10.5pt; font-family: Calibri, =
sans-serif; color: black; "><o:p>&nbsp;</o:p></span></div></div><div =
style=3D"border-right-style: none; border-bottom-style: none; =
border-left-style: none; border-width: initial; border-color: initial; =
border-top-style: solid; border-top-color: rgb(181, 196, 223); =
border-top-width: 1pt; padding-top: 3pt; padding-right: 0in; =
padding-bottom: 0in; padding-left: 0in; "><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><b><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
black; ">From:<span =
class=3D"Apple-converted-space">&nbsp;</span></span></b><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
black; ">Shelley &lt;<a href=3D"mailto:randomshelley@gmail.com" =
style=3D"color: blue; text-decoration: underline; =
">randomshelley@gmail.com</a>&gt;<br><b>Date:<span =
class=3D"Apple-converted-space">&nbsp;</span></b>Wednesday, March 13, =
2013 11:17 AM<br><b>To:<span =
class=3D"Apple-converted-space">&nbsp;</span></b>"<a =
href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: =
underline; ">scim@ietf.org</a>" &lt;<a href=3D"mailto:scim@ietf.org" =
style=3D"color: blue; text-decoration: underline; =
">scim@ietf.org</a>&gt;<br><b>Subject:<span =
class=3D"Apple-converted-space">&nbsp;</span></b>[scim] Proposed Text =
for Multi-Tenancy<o:p></o:p></span></div></div><div><div =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; "><span style=3D"font-size: 10.5pt; font-family: Calibri, =
sans-serif; color: black; =
"><o:p>&nbsp;</o:p></span></div></div><div><div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-size: 10.5pt; font-family: Calibri, =
sans-serif; color: black; ">As a developer of a service provider =
implementation that supports multi-tenancy, this requirement seems a bit =
imposing with little value. Given that all SCIM resources are relative =
to a given tenant and to a particular endpoint/resource type, it seems =
that the scope of SCIM identifiers need not go beyond these contexts. =
The SCIM Protocol is built upon REST, which is resource-oriented and =
based on URIs as GUIDs, and so requiring an additional GUID beyond this =
seems unnecessary.<br><br>Technically, for example, assume that a =
service provider is using a standard RDBMS to persist user and group =
resources. This requirement now imposes uniqueness of identifiers across =
tables. Further, consider a case where a separate database schema =
maintains the data for each tenant. Not only must uniqueness be =
guaranteed across tables, but also across =
schemas.<o:p></o:p></span></p><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><i><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; ">a) Within the proposed text, there is no requirement that the =
Service Provider use the URL to distinguish tenants.&nbsp; Thus, a URL =
including a non-unique SCIM Id would be ambiguous.</span></i><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; "><o:p></o:p></span></div><p class=3D"MsoNormal" =
style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; =
margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', =
serif; "><span style=3D"font-size: 10.5pt; font-family: Calibri, =
sans-serif; color: black; "><br>I agree that if service providers choose =
not to use URLs to distinguish tenants, they must use unique resource =
identifiers across all tenants. In that case, I'd suggest that the =
burden of this limitation be placed on these service providers, not on =
all service providers. This should be a factor in choosing such a method =
for implementing multi-tenancy.<br><br>Given that the SCIM Protocol is =
built upon REST where URIs uniquely identify resources, service =
providers that choose this method should be aware of the limitation they =
are imposing. It is my opinion, however, that this should be the =
exception and not dictate requirements for all =
providers.<o:p></o:p></span></p><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><i><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; ">b) There is a use case for retrieval of a resource when the =
Consumer does not know the resource "type" and therefore cannot use a =
specific resource end point.&nbsp;&nbsp;</span></i><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; "><o:p></o:p></span></div><div style=3D"margin-top: 0in; =
margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: =
12pt; font-family: 'Times New Roman', serif; "><span style=3D"font-size: =
10.5pt; font-family: Calibri, sans-serif; color: black; "><br>Could you =
elaborate on this use case? Further, if this is a valid use case, why =
wouldn't the ability to search across multiple resource types be =
sufficient for finding such resources? e.g:<br><br></span><span =
style=3D"font-size: 10.5pt; font-family: 'Courier New'; color: black; =
">&nbsp;&nbsp; GET /Tenants/abc?filter=3DexternalId eq =
xyz<br>&nbsp;&nbsp; {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "totalResults": =
1,<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "Resources": [</span><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; "><br></span><span style=3D"font-size: 10.5pt; font-family: =
'Courier New'; color: black; =
">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
{<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "id": =
"123",<br>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
"resourceType": "User",<br>&nbsp; &nbsp;&nbsp; =
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "externalId": "xyz",</span><span =
style=3D"font-size: 10.5pt; font-family: Calibri, sans-serif; color: =
black; "><br></span><span style=3D"font-size: 10.5pt; font-family: =
'Courier New'; color: black; ">&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; =
&nbsp;&nbsp;&nbsp; "meta": {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "location": "<a =
href=3D"https://example.com/Tenants/abc/Users/123" style=3D"color: blue; =
text-decoration: underline; =
">https://example.com/Tenants/abc/Users/123</a>",<br>&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; =
...<br>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
},<br>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
...<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
}<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
...<br>&nbsp;&nbsp; }<br></span><span style=3D"font-size: 10.5pt; =
font-family: Calibri, sans-serif; color: black; "><br>(Or alternative to =
the "resourceType", the response could contain a list of "Users" and/or =
"Groups" instead of generic "Resources".)<br><br>The current SCIM =
protocol at least requires that resources are created and managed at a =
particular resource endpoint, and the introduction of the resource type =
and proposed search functionality seem to offset any need for a global =
identifier across all tenants and =
resources.<o:p></o:p></span></div></div></div></div>______________________=
_________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim</div></span></blockquote></div><br></div></body></html=
>=

--Apple-Mail=_525F3415-7073-4A7B-AF76-327E0063BBEC--

From sal@idmachines.com  Wed Mar 13 21:34:35 2013
Return-Path: <sal@idmachines.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B68521F86D9 for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 21:34:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level: 
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VUBDnBRK7RgU for <scim@ietfa.amsl.com>; Wed, 13 Mar 2013 21:34:32 -0700 (PDT)
Received: from atl4mhob09.myregisteredsite.com (atl4mhob09.myregisteredsite.com [209.17.115.47]) by ietfa.amsl.com (Postfix) with ESMTP id B3E8D21F8507 for <scim@ietf.org>; Wed, 13 Mar 2013 21:34:30 -0700 (PDT)
Received: from mailpod1.hostingplatform.com ([10.30.71.115]) by atl4mhob09.myregisteredsite.com (8.14.4/8.14.4) with ESMTP id r2E4YRe9026057 for <scim@ietf.org>; Thu, 14 Mar 2013 00:34:27 -0400
Received: (qmail 24392 invoked by uid 0); 14 Mar 2013 04:34:26 -0000
Received: from unknown (HELO salPC) (sal@idmachines.com@203.176.188.14) by 0 with ESMTPA; 14 Mar 2013 04:34:26 -0000
From: "Salvatore D'Agostino" <sal@idmachines.com>
To: "'Phil Hunt'" <phil.hunt@oracle.com>, "'Kelly Grizzle'" <kelly.grizzle@sailpoint.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com>	<CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com>	<56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com>
In-Reply-To: <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com>
Date: Thu, 14 Mar 2013 00:34:22 -0400
Message-ID: <00d901ce206d$35253cc0$9f6fb640$@com>
X-Mailer: Microsoft Office Outlook 12.0
MIME-Version: 1.0
Thread-Index: Ac4gZ9bupV0hgMrmQe+Z9YyChAMQSwABQDBg
Content-Language: en-us
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_00D1_01CE204B.A7D19790"
Cc: scim@ietf.org, 'Shelley' <randomshelley@gmail.com>, "'Morteza Ansari \(moransar\)'" <moransar@cisco.com>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 04:34:35 -0000

This is a multi-part message in MIME format.

------=_NextPart_000_00D1_01CE204B.A7D19790
Content-Type: multipart/alternative;
	boundary="----=_NextPart_001_00D2_01CE204B.A7D19790"


------=_NextPart_001_00D2_01CE204B.A7D19790
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit

I'm with Phil, 

 

RFC 4122  - x.667 

 

Not that hard.

 

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phil
Hunt
Sent: Wednesday, March 13, 2013 11:56 PM
To: Kelly Grizzle
Cc: scim@ietf.org; Shelley; Morteza Ansari (moransar)
Subject: Re: [scim] Proposed Text for Multi-Tenancy

 

Hmmm.calculating a UUID is fairly straight forward and doesn't require
checking across tenancies to be universally unique (at least statistically).

 

Phil

 

@independentid

www.independentid.com

phil.hunt@oracle.com

 





 

On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:





I agree with Shelley.  It is a significant burden on the service provider to
require fully unique IDs across tenants and resource types.

 

> Given group members are only identified using the ID field

 

This is likely going to change with the reference attribute type being added
in issue #33.

 

 

> The SCIM id, defined by the Service Provider, MUST be unique across all
Resources for all Tenants

 

Maybe this could be reworded so that the MUST is conditional on whether
multi-tenancy uses fully unique URIs or not.

 

--Kelly

 

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
Morteza Ansari (moransar)
Sent: Wednesday, March 13, 2013 3:54 PM
To: Shelley; scim@ietf.org
Subject: Re: [scim] Proposed Text for Multi-Tenancy

 

Another reason for this is group membership. Given group members are only
identified using the ID field, if ID namespace is per tenant, then you can't
have groups that cross tenant boundary regardless of whether the SP uses URL
prefix or other mechanisms.

 

I do see your point that if SP is using multiple DB's, this requirement adds
additional burden on the SP.  I think the original intent of this language
(in 1.0) was for id to be unique within a given endpoint (in your example
each DB), but the language is not quite clear.

 

 

Cheers,

Morteza

 

From: Shelley <randomshelley@gmail.com>
Date: Wednesday, March 13, 2013 11:17 AM
To: "scim@ietf.org" <scim@ietf.org>
Subject: [scim] Proposed Text for Multi-Tenancy

 

As a developer of a service provider implementation that supports
multi-tenancy, this requirement seems a bit imposing with little value.
Given that all SCIM resources are relative to a given tenant and to a
particular endpoint/resource type, it seems that the scope of SCIM
identifiers need not go beyond these contexts. The SCIM Protocol is built
upon REST, which is resource-oriented and based on URIs as GUIDs, and so
requiring an additional GUID beyond this seems unnecessary.

Technically, for example, assume that a service provider is using a standard
RDBMS to persist user and group resources. This requirement now imposes
uniqueness of identifiers across tables. Further, consider a case where a
separate database schema maintains the data for each tenant. Not only must
uniqueness be guaranteed across tables, but also across schemas.

a) Within the proposed text, there is no requirement that the Service
Provider use the URL to distinguish tenants.  Thus, a URL including a
non-unique SCIM Id would be ambiguous.


I agree that if service providers choose not to use URLs to distinguish
tenants, they must use unique resource identifiers across all tenants. In
that case, I'd suggest that the burden of this limitation be placed on these
service providers, not on all service providers. This should be a factor in
choosing such a method for implementing multi-tenancy.

Given that the SCIM Protocol is built upon REST where URIs uniquely identify
resources, service providers that choose this method should be aware of the
limitation they are imposing. It is my opinion, however, that this should be
the exception and not dictate requirements for all providers.

b) There is a use case for retrieval of a resource when the Consumer does
not know the resource "type" and therefore cannot use a specific resource
end point.  


Could you elaborate on this use case? Further, if this is a valid use case,
why wouldn't the ability to search across multiple resource types be
sufficient for finding such resources? e.g:

   GET /Tenants/abc?filter=externalId eq xyz
   {
      "totalResults": 1,
      "Resources": [
         {
           "id": "123",
           "resourceType": "User",
           "externalId": "xyz",
           "meta": {
               "location": "https://example.com/Tenants/abc/Users/123",
               ...
           },
           ...
         }
      ],
      ...
   }

(Or alternative to the "resourceType", the response could contain a list of
"Users" and/or "Groups" instead of generic "Resources".)

The current SCIM protocol at least requires that resources are created and
managed at a particular resource endpoint, and the introduction of the
resource type and proposed search functionality seem to offset any need for
a global identifier across all tenants and resources.

_______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

 


------=_NextPart_001_00D2_01CE204B.A7D19790
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META =
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 12 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
span.apple-style-span
	{mso-style-name:apple-style-span;}
span.apple-converted-space
	{mso-style-name:apple-converted-space;}
span.EmailStyle19
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>I&#8217;m with Phil, <o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>RFC 4122 &nbsp;- x.667 <o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Not that hard.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'><o:p>&nbsp;</o:p></span></p><div><div =
style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span>=
</b><span style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> =
scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] <b>On Behalf Of =
</b>Phil Hunt<br><b>Sent:</b> Wednesday, March 13, 2013 11:56 =
PM<br><b>To:</b> Kelly Grizzle<br><b>Cc:</b> scim@ietf.org; Shelley; =
Morteza Ansari (moransar)<br><b>Subject:</b> Re: [scim] Proposed Text =
for Multi-Tenancy<o:p></o:p></span></p></div></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><p =
class=3DMsoNormal>Hmmm&#8230;calculating a UUID is fairly straight =
forward and doesn't require checking across tenancies to be universally =
unique (at least statistically).<o:p></o:p></p><div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><div><div><div><div><div><div><div=
><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'>Phil<o:p></o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'><o:p>&nbsp;</o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'>@independentid<o:p></o:p></span></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:9.0pt;font-family:"Helvetica","sans-serif";color:black=
'><a =
href=3D"http://www.independentid.com">www.independentid.com</a><o:p></o:p=
></span></p></div></div></div></div><p class=3DMsoNormal =
style=3D'margin-bottom:13.5pt'><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif";color:blac=
k'><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p></o:p><=
/span></p></div><p class=3DMsoNormal><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif";color:blac=
k'><o:p>&nbsp;</o:p></span></p></div><p class=3DMsoNormal><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif";color:blac=
k'><br><br></span><o:p></o:p></p></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><div><div><p class=3DMsoNormal>On =
2013-03-13, at 8:26 PM, Kelly Grizzle wrote:<o:p></o:p></p></div><p =
class=3DMsoNormal><br><br><o:p></o:p></p><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>I agree with Shelley.&nbsp; It is a significant burden on the service =
provider to require fully unique IDs across tenants and resource =
types.</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&gt;<span class=3Dapple-converted-space>&nbsp;</span></span><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>Given group members are only identified using the ID =
field</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>This is likely going to change with the reference attribute type =
being added in issue #33.</span><o:p></o:p></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&gt;<span class=3Dapple-converted-space>&nbsp;</span></span><span =
style=3D'font-size:11.5pt;color:black;background:white'>The SCIM id, =
defined by the Service Provider, MUST be unique across all Resources for =
all Tenants</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>Maybe this could be reworded so that the MUST is conditional on =
whether multi-tenancy uses fully unique URIs or =
not.</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>--Kelly</span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497=
D'>&nbsp;</span><o:p></o:p></p></div><div><div =
style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial'><div><p =
class=3DMsoNormal><b><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span>=
</b><span class=3Dapple-converted-space><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>&nbsp;</span=
></span><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'><a =
href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> [<a =
href=3D"mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]<s=
pan class=3Dapple-converted-space>&nbsp;</span><b>On Behalf Of<span =
class=3Dapple-converted-space>&nbsp;</span></b>Morteza Ansari =
(moransar)<br><b>Sent:</b><span =
class=3Dapple-converted-space>&nbsp;</span>Wednesday, March 13, 2013 =
3:54 PM<br><b>To:</b><span =
class=3Dapple-converted-space>&nbsp;</span>Shelley; <a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><b>Subject:</b><span =
class=3Dapple-converted-space>&nbsp;</span>Re: [scim] Proposed Text for =
Multi-Tenancy</span><o:p></o:p></p></div></div></div><div><p =
class=3DMsoNormal>&nbsp;<o:p></o:p></p></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>Another reason for this is group membership. Given group members are =
only identified using the ID field, if ID namespace is per tenant, then =
you can't have groups that cross tenant boundary regardless of whether =
the SP uses URL prefix or other =
mechanisms.</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>&nbsp;</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>I do see your point that if SP is using multiple DB's, this requirement =
adds additional burden on the SP. &nbsp;I think the original intent of =
this language (in 1.0) was for id to be unique within a given endpoint =
(in your example each DB), but the language is not quite =
clear.</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>&nbsp;</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>&nbsp;</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>Cheers,</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>Morteza</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>&nbsp;</span><o:p></o:p></p></div></div><div =
style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial'><div><p =
class=3DMsoNormal><b><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:black'=
>From:<span class=3Dapple-converted-space>&nbsp;</span></span></b><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:black'=
>Shelley &lt;<a =
href=3D"mailto:randomshelley@gmail.com">randomshelley@gmail.com</a>&gt;<b=
r><b>Date:<span =
class=3Dapple-converted-space>&nbsp;</span></b>Wednesday, March 13, 2013 =
11:17 AM<br><b>To:<span =
class=3Dapple-converted-space>&nbsp;</span></b>&quot;<a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a>&quot; &lt;<a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a>&gt;<br><b>Subject:<span =
class=3Dapple-converted-space>&nbsp;</span></b>[scim] Proposed Text for =
Multi-Tenancy</span><o:p></o:p></p></div></div><div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>&nbsp;</span><o:p></o:p></p></div></div><div><div><p class=3DMsoNormal =
style=3D'margin-bottom:12.0pt'><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>As a developer of a service provider implementation that supports =
multi-tenancy, this requirement seems a bit imposing with little value. =
Given that all SCIM resources are relative to a given tenant and to a =
particular endpoint/resource type, it seems that the scope of SCIM =
identifiers need not go beyond these contexts. The SCIM Protocol is =
built upon REST, which is resource-oriented and based on URIs as GUIDs, =
and so requiring an additional GUID beyond this seems =
unnecessary.<br><br>Technically, for example, assume that a service =
provider is using a standard RDBMS to persist user and group resources. =
This requirement now imposes uniqueness of identifiers across tables. =
Further, consider a case where a separate database schema maintains the =
data for each tenant. Not only must uniqueness be guaranteed across =
tables, but also across schemas.</span><o:p></o:p></p><div><p =
class=3DMsoNormal><i><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>a) Within the proposed text, there is no requirement that the Service =
Provider use the URL to distinguish tenants.&nbsp; Thus, a URL including =
a non-unique SCIM Id would be =
ambiguous.</span></i><o:p></o:p></p></div><p class=3DMsoNormal =
style=3D'margin-bottom:12.0pt'><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
><br>I agree that if service providers choose not to use URLs to =
distinguish tenants, they must use unique resource identifiers across =
all tenants. In that case, I'd suggest that the burden of this =
limitation be placed on these service providers, not on all service =
providers. This should be a factor in choosing such a method for =
implementing multi-tenancy.<br><br>Given that the SCIM Protocol is built =
upon REST where URIs uniquely identify resources, service providers that =
choose this method should be aware of the limitation they are imposing. =
It is my opinion, however, that this should be the exception and not =
dictate requirements for all providers.</span><o:p></o:p></p><div><p =
class=3DMsoNormal><i><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
>b) There is a use case for retrieval of a resource when the Consumer =
does not know the resource &quot;type&quot; and therefore cannot use a =
specific resource end =
point.&nbsp;&nbsp;</span></i><o:p></o:p></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
><br>Could you elaborate on this use case? Further, if this is a valid =
use case, why wouldn't the ability to search across multiple resource =
types be sufficient for finding such resources? e.g:<br><br></span><span =
style=3D'font-size:10.5pt;font-family:"Courier =
New";color:black'>&nbsp;&nbsp; GET /Tenants/abc?filter=3DexternalId eq =
xyz<br>&nbsp;&nbsp; {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&quot;totalResults&quot;: 1,<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&quot;Resources&quot;: [</span><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
><br></span><span style=3D'font-size:10.5pt;font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
{<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&quot;id&quot;: &quot;123&quot;,<br>&nbsp;&nbsp; =
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;resourceType&quot;: =
&quot;User&quot;,<br>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&quot;externalId&quot;: &quot;xyz&quot;,</span><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
><br></span><span style=3D'font-size:10.5pt;font-family:"Courier =
New";color:black'>&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; =
&quot;meta&quot;: {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; =
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;location&quot;: &quot;<a =
href=3D"https://example.com/Tenants/abc/Users/123">https://example.com/Te=
nants/abc/Users/123</a>&quot;,<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; ...<br>&nbsp;&nbsp; =
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; },<br>&nbsp; &nbsp;&nbsp; =
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
...<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
}<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
...<br>&nbsp;&nbsp; }<br></span><span =
style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'=
><br>(Or alternative to the &quot;resourceType&quot;, the response could =
contain a list of &quot;Users&quot; and/or &quot;Groups&quot; instead of =
generic &quot;Resources&quot;.)<br><br>The current SCIM protocol at =
least requires that resources are created and managed at a particular =
resource endpoint, and the introduction of the resource type and =
proposed search functionality seem to offset any need for a global =
identifier across all tenants and =
resources.</span><o:p></o:p></p></div></div></div><p =
class=3DMsoNormal><span =
style=3D'font-size:13.5pt;font-family:"Helvetica","sans-serif"'>_________=
______________________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/=
mailman/listinfo/scim</a><o:p></o:p></span></p></div></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></div></body></html>
------=_NextPart_001_00D2_01CE204B.A7D19790--

------=_NextPart_000_00D1_01CE204B.A7D19790
Content-Type: application/x-pkcs7-signature;
	name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIITIjCCBDYw
ggMeoAMCAQICAQEwDQYJKoZIhvcNAQEFBQAwbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRy
dXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZ
QWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ4MzhaFw0yMDA1MzAxMDQ4Mzha
MG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3Qg
RXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3Qw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC39xoz5vIABC054E5b7R+8bA/Ntfojts7e
mxEzl6QpTH2Tn71KvJPtAxrjj8/lbVBa1pcplFqAsEl62y6V/bjKvzc4LR4+kUGtcFbH8E8/6DKe
dMrIkFTpxl8PeJ2aQDwOrGGqXhSPnoehalDc15pOrwWzpnGUnHGzUGAKxxOdOAeGAqjpqGkmGJCr
TLBPI6s6T4TY386f4Wlvu9dC12tE5Met7m1BX3JacQg3s3llpFmglDf3AC8NwpJy2tA4ctsUqEXE
XSp9t7TWxO6szRNEt8kr3UMAJfphuWlqWCMRt6czj1Z1WfXNKddGtworZbbTQm8Vsrh7++/pXVPV
NFonAgMBAAGjgdwwgdkwHQYDVR0OBBYEFK29mHo0tCb3+sQmVO8DveAky1QaMAsGA1UdDwQEAwIB
BjAPBgNVHRMBAf8EBTADAQH/MIGZBgNVHSMEgZEwgY6AFK29mHo0tCb3+sQmVO8DveAky1QaoXOk
cTBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0
IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
ggEBMA0GCSqGSIb3DQEBBQUAA4IBAQCwm+CFJcLWI+IPlgaSnUGYnNmEeYHZHlsUByM2ZY+w2He7
rEFsR2CDUbD5Mj3n/PYmE8eAFqW/WvyHz3h5iSGa4kwHCoY1vPLeUcTSlrfcfk7ucP0cOesMAlEU
LY69FuDB30Z15ySt7PRCtIWTcBBnup0GNUoY0yt6zFFCoXpj0ea7ocUrwja+Ew3mvWN+eXunCQ1A
q2rdj4rD9vaMGkIFUdRF9Z+nYiFoFSBDPJnnfL0k2KmRF3OIP1YbMTgYtHEPms3IDp6OLhvhjJiD
yx8x8URMxgRzSXZgD8f4vReAay7pzEwOWpp5DyAKLtWeYyYeVZKU2IIXWnvQvMePToYEMIIEnTCC
A4WgAwIBAgIQND3pK6wnNP+PyzSU+8xwVDANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3
b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTA1MDYwNzA4MDkxMFoX
DTIwMDUzMDEwNDgzOFowga4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2Fs
dCBMYWtlIENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0
cDovL3d3dy51c2VydHJ1c3QuY29tMTYwNAYDVQQDEy1VVE4tVVNFUkZpcnN0LUNsaWVudCBBdXRo
ZW50aWNhdGlvbiBhbmQgRW1haWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyOYWk
8n2rQTtiRjeuzcFgdbw5ZflKGkeiucxIzGqY1U01GbmkQuXOSeKKLx580jEHx060g2SdLinVomTE
hb2FUTV5pE5okHsceqSSqBfymBXyk8zJpDKVuwxPML2YoAuL5W4bokb6eLyib6tZXqUvz8rabaov
66yhs2qqty5nNYt54R5piOLmRs2gpeq+C852OnoOm+r82idbPXMfIuZIYcZM82mxqC4bttQxICy8
goqOpA6l14lD/BZarx1x1xFZ2rqHDa/68+HC8KTFZ4zW1lQ63gqkugN3s2XI/R7TdGKqGMpokx6h
hX71R2XL+E1XKHTSNP8wtu72YjAUjCzrAgMBAAGjgfQwgfEwHwYDVR0jBBgwFoAUrb2YejS0Jvf6
xCZU7wO94CTLVBowHQYDVR0OBBYEFImCZ33EnSZwAEu0UEh83j2uBG59MA4GA1UdDwEB/wQEAwIB
BjAPBgNVHRMBAf8EBTADAQH/MBEGA1UdIAQKMAgwBgYEVR0gADBEBgNVHR8EPTA7MDmgN6A1hjNo
dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vQWRkVHJ1c3RFeHRlcm5hbENBUm9vdC5jcmwwNQYIKwYB
BQUHAQEEKTAnMCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3
DQEBBQUAA4IBAQABvJzjYyiw8zEBwt973WKgAZ0jMQ+cknNTUeofTPrWn8TKL2d+eDMPdBa5kYeR
9Yom+mRwANge+QsEYlCHk4HU2vUj2zS7hVa0cDRueIM3HoUcxREVkl+HF72sav3xwtHMiV+xfPA+
UfI183zsYJhrOivg79+zfYbrtRv1W+yifJgT1wBQudEtc94DeHThBYUxXsuauZ2UxrmUN3Vy3ET7
Z+jw+iUeUqfaJelH4KDHPKBOsQo2+3dIn++Xivu0/uOUFKiDvFwtP9JgcWDuwnGCDOmINuPaILSj
oGyqlku4gI51ykkH9jsUut/cBdmf2+Cy5k2geCbn5y1uf1/GHogVMIIFGjCCBAKgAwIBAgIQbRnq
pxlPajMi5iIyeqpx3jANBgkqhkiG9w0BAQUFADCBrjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVU
MRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3Jr
MSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmly
c3QtQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw0xMTA0MjgwMDAwMDBaFw0yMDA1
MzAxMDQ4MzhaMIGTMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAw
DgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDE5MDcGA1UEAxMwQ09N
T0RPIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoSEW0tXmNReL4uk4UDIo1NYX2Zl8TJO958yfVXQeExVt0KU
4PkncQfFxmmkuTLE8UAakMwnVmJ/F7Vxaa7lIBvky2NeYMqiQfZq4aP/uN8fSG1lQ4wqLitjOHff
sReswtqCAtbUMmrUZ28gE49cNfrlVICv2HEKHTcKAlBTbJUdqRAUtJmVWRIx/wmi0kzcUtve4kAB
W0ho3cVKtODtJB86r3FfB+OsvxQ7sCVxaD30D9YXWEYVgTxoi4uDD216IVfmNLDbMn7jSuGlUnJk
JpFOpZIP/+CxYP0ab2hRmWONGoulzEKbm30iY9OpoPzOnpDfRBn0XFs1uhbzp5v/wQIDAQABo4IB
SzCCAUcwHwYDVR0jBBgwFoAUiYJnfcSdJnAAS7RQSHzePa4Ebn0wHQYDVR0OBBYEFHoTTgB0W8Z4
Y2QnwS/ioFu8ecV7MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMBEGA1UdIAQK
MAgwBgYEVR0gADBYBgNVHR8EUTBPME2gS6BJhkdodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVRO
LVVTRVJGaXJzdC1DbGllbnRBdXRoZW50aWNhdGlvbmFuZEVtYWlsLmNybDB0BggrBgEFBQcBAQRo
MGYwPQYIKwYBBQUHMAKGMWh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VVE5BZGRUcnVzdENsaWVu
dF9DQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
AQEFBQADggEBAIXWvnhXVW0zf0RS/kLVBqgBA4CK+w2y/Uq/9q9BSfUbWsXSrRtzbj7pJnzmTJjB
MCjfy/tCPKElPgp11tA9OYZm0aGbtU2bb68obB2v5ep0WqjascDxdXovnrqTecr+4pEeVnSy+I3T
4ENyG+2P/WA5IEf7i686ZUg8mD2lJb+972DgSeUWyOs/Q4Pw4O4NwdPNM1+b0L1garM7/vrUyTo8
H+2b/5tJM75CKTmD7jNpLoKdRU2oadqAGx490hpdfEeZpZsIbRKZhtZdVwcbpzC+S0lEuJB+ytF5
OOu0M/qgOl0mWJ5hVRi0IdWZ1eBDQEIwvuql55TSsP7zdfl/bucwggUlMIIEDaADAgECAhAxNisl
hAwmPFmhraHt/QtWMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGlt
aXRlZDE5MDcGA1UEAxMwQ09NT0RPIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVt
YWlsIENBMB4XDTEyMTAyMjAwMDAwMFoXDTEzMTAyMjIzNTk1OVowIzEhMB8GCSqGSIb3DQEJARYS
c2FsQGlkbWFjaGluZXMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMUItbfY
tMuC9vO6iN41DxtnlxM682Fr96jQQGvpQzUrj4tNMHUlad9Fge5rCHPryqG2bEATpf/fCunOsV9C
9D5+khqCpZlQzk6vdKxnHgv4tFv7KAv+6DxS9GCqgbNSLo1WSh16FnlwRAZT4jUd59GB5uHjxvEZ
E4eOAEKL+izQIEBzpMMDxDOS4J2wU3W88mCPLcuEESGKE5QUgRV2ARmyWMPdJhpFUpZGJv183zYf
JLLa6+mgd+cWbfPp3GUs+/xdpSd3gRY64XCsyPmygWC+zrw2XJW+bL1Ge+m5sUJ5DJSGE1XENdvj
2z6j0q56G1Q8SJrAY76XrTrNnGrMiwIDAQABo4IB4jCCAd4wHwYDVR0jBBgwFoAUehNOAHRbxnhj
ZCfBL+KgW7x5xXswHQYDVR0OBBYEFGSBNSyMTkmxv/++DoKmF05IEiYnMA4GA1UdDwEB/wQEAwIF
oDAMBgNVHRMBAf8EAjAAMCAGA1UdJQQZMBcGCCsGAQUFBwMEBgsrBgEEAbIxAQMFAjARBglghkgB
hvhCAQEEBAMCBSAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAQEwKzApBggrBgEFBQcCARYdaHR0
cHM6Ly9zZWN1cmUuY29tb2RvLm5ldC9DUFMwVwYDVR0fBFAwTjBMoEqgSIZGaHR0cDovL2NybC5j
b21vZG9jYS5jb20vQ09NT0RPQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNy
bDCBiAYIKwYBBQUHAQEEfDB6MFIGCCsGAQUFBzAChkZodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
T01PRE9DbGllbnRBdXRoZW50aWNhdGlvbmFuZFNlY3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzAB
hhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wHQYDVR0RBBYwFIESc2FsQGlkbWFjaGluZXMuY29t
MA0GCSqGSIb3DQEBBQUAA4IBAQA+jYBRYaQc2qf+SipdyHuI7A9W76ZCWAqCmeez66TNECSjbcvA
pw1HEKiehUGT4BiGSqTEBLnXM4pqsD5vUZLMiFnVAXhkgkNAOBZFq9G/bJSPW6pW9cNIjWifyAtn
wdqYXakYWQIuws08lYfGM/751/DXPioEuFSv0pqfCm/r9ashpU9+qMSmX4+nmS5VuUtRrVsyujq9
lQ0Jic737mkW6iVDIJzg4oE2ujL7l6dJBM5VdbCJns4y/R2iBn5JfIcO8ZACDuw/If558mBvhRzI
K5iBLkgqVKM6C/XTQ9Z+rc0YOaooiOn2CO4hILdhicFwr8M6V5cTBMltmrfOLqwyMYIEZTCCBGEC
AQEwgagwgZMxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV
BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTkwNwYDVQQDEzBDT01PRE8g
Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEDE2KyWEDCY8WaGtoe39
C1YwCQYFKw4DAhoFAKCCApEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUx
DxcNMTMwMzE0MDQzNDE1WjAjBgkqhkiG9w0BCQQxFgQUWeiIhjDjX3DMNy5OscsbxdkVZ0AwgbcG
CSqGSIb3DQEJDzGBqTCBpjALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAoGCCqGSIb3DQMHMAsG
CWCGSAFlAwQBAjAOBggqhkiG9w0DAgICAIAwBwYFKw4DAgcwDQYIKoZIhvcNAwICAUAwDQYIKoZI
hvcNAwICASgwBwYFKw4DAhowCwYJYIZIAWUDBAIDMAsGCWCGSAFlAwQCAjALBglghkgBZQMEAgEw
CgYIKoZIhvcNAgUwgbkGCSsGAQQBgjcQBDGBqzCBqDCBkzELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENB
IExpbWl0ZWQxOTA3BgNVBAMTMENPTU9ETyBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3Vy
ZSBFbWFpbCBDQQIQMTYrJYQMJjxZoa2h7f0LVjCBuwYLKoZIhvcNAQkQAgsxgauggagwgZMxCzAJ
BgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQx
GjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTkwNwYDVQQDEzBDT01PRE8gQ2xpZW50IEF1dGhl
bnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEDE2KyWEDCY8WaGtoe39C1YwDQYJKoZIhvcN
AQEBBQAEggEAMpT013IBAjwopcUiDPks6JhbWy4G07PT4aFa851upK54EOWa3Fc/arXz35t31/Cp
uozwjALB/rrG8FTt0zYxOctT+ch++dRrV47UPGT+ICdE84Ip+ArPvPJ1AgNP04sJA7pMLMy4Lba6
O1EsRypvvNWVpBQotW26PtYcnu9X3ZUGXZFJsCPuOGdOW27QGR+UFxiwhH6Cm36NX0ERrv/mI3J4
jyx4VAEMbvhtG4CBStgp1J6H+/jxslHEm8aKRArrJBiY61lezgl3RbuCwBP1QajifZdIUvoJ97tQ
niDeXcHu8SAGYf0KYn2/zMto0C5hEi2LhoONqHfIAoiLMWY9FgAAAAAAAA==

------=_NextPart_000_00D1_01CE204B.A7D19790--


From kelly.grizzle@sailpoint.com  Thu Mar 14 09:02:55 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C314911E8208 for <scim@ietfa.amsl.com>; Thu, 14 Mar 2013 09:02:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level: 
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2tXrMwRHDL7A for <scim@ietfa.amsl.com>; Thu, 14 Mar 2013 09:02:51 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe001.messaging.microsoft.com [216.32.180.11]) by ietfa.amsl.com (Postfix) with ESMTP id 77F2611E81C5 for <scim@ietf.org>; Thu, 14 Mar 2013 09:02:48 -0700 (PDT)
Received: from mail209-va3-R.bigfish.com (10.7.14.241) by VA3EHSOBE009.bigfish.com (10.7.40.29) with Microsoft SMTP Server id 14.1.225.23; Thu, 14 Mar 2013 16:02:47 +0000
Received: from mail209-va3 (localhost [127.0.0.1])	by mail209-va3-R.bigfish.com (Postfix) with ESMTP id 82BE864006A; Thu, 14 Mar 2013 16:02:47 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT001.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -30
X-BigFish: PS-30(zz98dI9371I936eIc85fh1432I179dNzz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL17326ah8275dh18c673h1954cbh18602eh8275bhz31h2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1155h)
Received-SPF: softfail (mail209-va3: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT001.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail209-va3 (localhost.localdomain [127.0.0.1]) by mail209-va3 (MessageSwitch) id 1363276965816834_28872; Thu, 14 Mar 2013 16:02:45 +0000 (UTC)
Received: from VA3EHSMHS010.bigfish.com (unknown [10.7.14.246])	by mail209-va3.bigfish.com (Postfix) with ESMTP id C0181C80051; Thu, 14 Mar 2013 16:02:45 +0000 (UTC)
Received: from BLUPRD0412HT001.namprd04.prod.outlook.com (132.245.1.133) by VA3EHSMHS010.bigfish.com (10.7.99.20) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 14 Mar 2013 16:02:43 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.238]) by BLUPRD0412HT001.namprd04.prod.outlook.com ([10.255.214.162]) with mapi id 14.16.0275.006; Thu, 14 Mar 2013 16:02:43 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Salvatore D'Agostino <sal@idmachines.com>, 'Phil Hunt' <phil.hunt@oracle.com>
Thread-Topic: [scim] Proposed Text for Multi-Tenancy
Thread-Index: AQHOIB9zAUUdFdzt7UCepBSzgYEe6pikGXEAgAA5vRCAADwzgIAACsYAgAC/WBA=
Date: Thu, 14 Mar 2013 16:02:42 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com>
In-Reply-To: <00d901ce206d$35253cc0$9f6fb640$@com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 005E341B003EA4005E3568
x-originating-ip: [173.226.147.242]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34375C381F12BLUPRD0412MB643_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "scim@ietf.org" <scim@ietf.org>, 'Shelley' <randomshelley@gmail.com>, "'Morteza Ansari \(moransar\)'" <moransar@cisco.com>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 16:02:55 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34375C381F12BLUPRD0412MB643_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

You're right ... generating a uuid is not hard.  My bigger concern is where=
 the SP is putting a SCIM interface on an existing datastore (eg - a multi-=
tenant app that uses a database per tenant).  In this case we may be imposi=
ng a restriction that has little value (if they have unique URIs) but won't=
 be able to use the underlying datastore's existing identifiers.

--Kelly

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Sal=
vatore D'Agostino
Sent: Wednesday, March 13, 2013 11:34 PM
To: 'Phil Hunt'; Kelly Grizzle
Cc: scim@ietf.org; 'Shelley'; 'Morteza Ansari (moransar)'
Subject: Re: [scim] Proposed Text for Multi-Tenancy

I'm with Phil,

RFC 4122  - x.667

Not that hard.

From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf Of Phil Hunt
Sent: Wednesday, March 13, 2013 11:56 PM
To: Kelly Grizzle
Cc: scim@ietf.org<mailto:scim@ietf.org>; Shelley; Morteza Ansari (moransar)
Subject: Re: [scim] Proposed Text for Multi-Tenancy

Hmmm...calculating a UUID is fairly straight forward and doesn't require ch=
ecking across tenancies to be universally unique (at least statistically).

Phil

@independentid
www.independentid.com<http://www.independentid.com>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>



On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:

I agree with Shelley.  It is a significant burden on the service provider t=
o require fully unique IDs across tenants and resource types.

> Given group members are only identified using the ID field

This is likely going to change with the reference attribute type being adde=
d in issue #33.


> The SCIM id, defined by the Service Provider, MUST be unique across all R=
esources for all Tenants

Maybe this could be reworded so that the MUST is conditional on whether mul=
ti-tenancy uses fully unique URIs or not.

--Kelly

From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf Of Morteza Ansari (moransar)
Sent: Wednesday, March 13, 2013 3:54 PM
To: Shelley; scim@ietf.org<mailto:scim@ietf.org>
Subject: Re: [scim] Proposed Text for Multi-Tenancy

Another reason for this is group membership. Given group members are only i=
dentified using the ID field, if ID namespace is per tenant, then you can't=
 have groups that cross tenant boundary regardless of whether the SP uses U=
RL prefix or other mechanisms.

I do see your point that if SP is using multiple DB's, this requirement add=
s additional burden on the SP.  I think the original intent of this languag=
e (in 1.0) was for id to be unique within a given endpoint (in your example=
 each DB), but the language is not quite clear.


Cheers,
Morteza

From: Shelley <randomshelley@gmail.com<mailto:randomshelley@gmail.com>>
Date: Wednesday, March 13, 2013 11:17 AM
To: "scim@ietf.org<mailto:scim@ietf.org>" <scim@ietf.org<mailto:scim@ietf.o=
rg>>
Subject: [scim] Proposed Text for Multi-Tenancy

As a developer of a service provider implementation that supports multi-ten=
ancy, this requirement seems a bit imposing with little value. Given that a=
ll SCIM resources are relative to a given tenant and to a particular endpoi=
nt/resource type, it seems that the scope of SCIM identifiers need not go b=
eyond these contexts. The SCIM Protocol is built upon REST, which is resour=
ce-oriented and based on URIs as GUIDs, and so requiring an additional GUID=
 beyond this seems unnecessary.

Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains the data for each tenant. Not only must un=
iqueness be guaranteed across tables, but also across schemas.
a) Within the proposed text, there is no requirement that the Service Provi=
der use the URL to distinguish tenants.  Thus, a URL including a non-unique=
 SCIM Id would be ambiguous.

I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I'd suggest that the burden of this limitation be placed on these se=
rvice providers, not on all service providers. This should be a factor in c=
hoosing such a method for implementing multi-tenancy.

Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate requirements for all providers.
b) There is a use case for retrieval of a resource when the Consumer does n=
ot know the resource "type" and therefore cannot use a specific resource en=
d point.

Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn't the ability to search across multiple resource types be suffi=
cient for finding such resources? e.g:

   GET /Tenants/abc?filter=3DexternalId eq xyz
   {
      "totalResults": 1,
      "Resources": [
         {
           "id": "123",
           "resourceType": "User",
           "externalId": "xyz",
           "meta": {
               "location": "https://example.com/Tenants/abc/Users/123",
               ...
           },
           ...
         }
      ],
      ...
   }

(Or alternative to the "resourceType", the response could contain a list of=
 "Users" and/or "Groups" instead of generic "Resources".)

The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants and resources.
_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


--_000_56C3C758F9D6534CA3778EAA1E0C34375C381F12BLUPRD0412MB643_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
span.apple-style-span
	{mso-style-name:apple-style-span;}
span.apple-converted-space
	{mso-style-name:apple-converted-space;}
span.EmailStyle21
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle22
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">You&#8217;re right &#8230=
; generating a uuid is not hard.&nbsp; My bigger concern is where the SP is=
 putting a SCIM interface on an existing datastore (eg &#8211; a multi-tena=
nt app
 that uses a database per tenant).&nbsp; In this case we may be imposing a =
restriction that has little value (if they have unique URIs) but won&#8217;=
t be able to use the underlying datastore&#8217;s existing identifiers.<o:p=
></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly<o:p></o:p></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> scim-bou=
nces@ietf.org [mailto:scim-bounces@ietf.org]
<b>On Behalf Of </b>Salvatore D'Agostino<br>
<b>Sent:</b> Wednesday, March 13, 2013 11:34 PM<br>
<b>To:</b> 'Phil Hunt'; Kelly Grizzle<br>
<b>Cc:</b> scim@ietf.org; 'Shelley'; 'Morteza Ansari (moransar)'<br>
<b>Subject:</b> Re: [scim] Proposed Text for Multi-Tenancy<o:p></o:p></span=
></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I&#8217;m with Phil,
<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">RFC 4122 &nbsp;- x.667
<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">Not that hard.<o:p></o:p>=
</span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
<a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> [<a href=
=3D"mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]
<b>On Behalf Of </b>Phil Hunt<br>
<b>Sent:</b> Wednesday, March 13, 2013 11:56 PM<br>
<b>To:</b> Kelly Grizzle<br>
<b>Cc:</b> <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a>; Shelley; Mor=
teza Ansari (moransar)<br>
<b>Subject:</b> Re: [scim] Proposed Text for Multi-Tenancy<o:p></o:p></span=
></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Hmmm&#8230;calculating a UUID is fairly straight for=
ward and doesn't require checking across tenancies to be universally unique=
 (at least statistically).<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black">Phil<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></=
p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black">@independentid<o:p></o:p><=
/span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black"><a href=3D"http://www.inde=
pendentid.com">www.independentid.com</a><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:13.5pt"><span style=3D"font-s=
ize:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:b=
lack"><a href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p>=
</o:p></span></p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span><=
/p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><o:p>&nbsp;</o:p></p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal">On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:<o:p>=
</o:p></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I agree with Shelley.&nbs=
p; It is a significant burden on the service provider to require fully uniq=
ue IDs across tenants and resource types.</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&gt;<span class=3D"apple-=
converted-space">&nbsp;</span></span><span style=3D"font-size:10.5pt;font-f=
amily:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Given group m=
embers are only
 identified using the ID field</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">This is likely going to c=
hange with the reference attribute type being added in issue #33.</span><o:=
p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&gt;<span class=3D"apple-=
converted-space">&nbsp;</span></span><span style=3D"font-size:11.5pt;color:=
black;background:white">The SCIM id, defined by the Service Provider,
 MUST be unique across all Resources for all Tenants</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">Maybe this could be rewor=
ded so that the MUST is conditional on whether multi-tenancy uses fully uni=
que URIs or not.</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly</span><o:p></o:p>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span class=3D"apple-=
converted-space"><span style=3D"font-size:10.0pt;font-family:&quot;Tahoma&q=
uot;,&quot;sans-serif&quot;">&nbsp;</span></span><span style=3D"font-size:1=
0.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"><a href=3D"mai=
lto:scim-bounces@ietf.org">scim-bounces@ietf.org</a>
 [<a href=3D"mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>=
]<span class=3D"apple-converted-space">&nbsp;</span><b>On Behalf Of<span cl=
ass=3D"apple-converted-space">&nbsp;</span></b>Morteza Ansari (moransar)<br=
>
<b>Sent:</b><span class=3D"apple-converted-space">&nbsp;</span>Wednesday, M=
arch 13, 2013 3:54 PM<br>
<b>To:</b><span class=3D"apple-converted-space">&nbsp;</span>Shelley; <a hr=
ef=3D"mailto:scim@ietf.org">
scim@ietf.org</a><br>
<b>Subject:</b><span class=3D"apple-converted-space">&nbsp;</span>Re: [scim=
] Proposed Text for Multi-Tenancy</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<p class=3D"MsoNormal">&nbsp;<o:p></o:p></p>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">Another reason for this is =
group membership. Given group members are only identified using the ID fiel=
d, if ID namespace is per tenant, then you can't have groups
 that cross tenant boundary regardless of whether the SP uses URL prefix or=
 other mechanisms.</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p=
>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">I do see your point that if=
 SP is using multiple DB's, this requirement adds additional burden on the =
SP. &nbsp;I think the original intent of this language (in 1.0)
 was for id to be unique within a given endpoint (in your example each DB),=
 but the language is not quite clear.</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p=
>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p=
>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">Cheers,</span><o:p></o:p></=
p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">Morteza</span><o:p></o:p></=
p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p=
>
</div>
</div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;;color:black">From:<span class=3D"appl=
e-converted-space">&nbsp;</span></span></b><span style=3D"font-size:11.0pt;=
font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Shelley=
 &lt;<a href=3D"mailto:randomshelley@gmail.com">randomshelley@gmail.com</a>=
&gt;<br>
<b>Date:<span class=3D"apple-converted-space">&nbsp;</span></b>Wednesday, M=
arch 13, 2013 11:17 AM<br>
<b>To:<span class=3D"apple-converted-space">&nbsp;</span></b>&quot;<a href=
=3D"mailto:scim@ietf.org">scim@ietf.org</a>&quot; &lt;<a href=3D"mailto:sci=
m@ietf.org">scim@ietf.org</a>&gt;<br>
<b>Subject:<span class=3D"apple-converted-space">&nbsp;</span></b>[scim] Pr=
oposed Text for Multi-Tenancy</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p=
>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-s=
ize:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:bla=
ck">As a developer of a service provider implementation that supports multi=
-tenancy, this requirement seems a bit imposing with little
 value. Given that all SCIM resources are relative to a given tenant and to=
 a particular endpoint/resource type, it seems that the scope of SCIM ident=
ifiers need not go beyond these contexts. The SCIM Protocol is built upon R=
EST, which is resource-oriented
 and based on URIs as GUIDs, and so requiring an additional GUID beyond thi=
s seems unnecessary.<br>
<br>
Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains
 the data for each tenant. Not only must uniqueness be guaranteed across ta=
bles, but also across schemas.</span><o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;;color:black">a) Within the proposed t=
ext, there is no requirement that the Service Provider use the URL to disti=
nguish tenants.&nbsp; Thus, a URL including a non-unique SCIM
 Id would be ambiguous.</span></i><o:p></o:p></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-s=
ize:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:bla=
ck"><br>
I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I'd suggest that the burden of this limitation be placed on these se=
rvice providers, not on all service
 providers. This should be a factor in choosing such a method for implement=
ing multi-tenancy.<br>
<br>
Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate
 requirements for all providers.</span><o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;;color:black">b) There is a use case f=
or retrieval of a resource when the Consumer does not know the resource &qu=
ot;type&quot; and therefore cannot use a specific resource end point.&nbsp;=
&nbsp;</span></i><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><br>
Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn't the ability to search across multiple resource types be suffi=
cient for finding such resources? e.g:<br>
<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;;=
color:black">&nbsp;&nbsp; GET /Tenants/abc?filter=3DexternalId eq xyz<br>
&nbsp;&nbsp; {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;totalResults&quot;: 1,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Resources&quot;: [</span><span style=
=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;=
;color:black"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;;=
color:black">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;id&quot;=
: &quot;123&quot;,<br>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;resourceType&=
quot;: &quot;User&quot;,<br>
&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;externalId&quot;: =
&quot;xyz&quot;,</span><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:black"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;;=
color:black">&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &quot;meta&=
quot;: {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&quot;location&quot;: &quot;<a href=3D"https://example.com/Tenants/abc/User=
s/123">https://example.com/Tenants/abc/Users/123</a>&quot;,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; =
...<br>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; },<br>
&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp; }<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quo=
t;sans-serif&quot;;color:black"><br>
(Or alternative to the &quot;resourceType&quot;, the response could contain=
 a list of &quot;Users&quot; and/or &quot;Groups&quot; instead of generic &=
quot;Resources&quot;.)<br>
<br>
The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants
 and resources.</span><o:p></o:p></p>
</div>
</div>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;">_____________________________________=
__________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org=
/mailman/listinfo/scim</a><o:p></o:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34375C381F12BLUPRD0412MB643_--

From bjorn.aannestad@unboundid.com  Thu Mar 14 09:45:23 2013
Return-Path: <bjorn.aannestad@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BE4A11E80E7 for <scim@ietfa.amsl.com>; Thu, 14 Mar 2013 09:45:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.998
X-Spam-Level: 
X-Spam-Status: No, score=-2.998 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_27=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G2ry5ziQaND4 for <scim@ietfa.amsl.com>; Thu, 14 Mar 2013 09:45:19 -0700 (PDT)
Received: from mail-qe0-f54.google.com (mail-qe0-f54.google.com [209.85.128.54]) by ietfa.amsl.com (Postfix) with ESMTP id 45BEB21F8545 for <scim@ietf.org>; Thu, 14 Mar 2013 09:45:19 -0700 (PDT)
Received: by mail-qe0-f54.google.com with SMTP id i11so1384000qej.13 for <scim@ietf.org>; Thu, 14 Mar 2013 09:45:18 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:x-gm-message-state; bh=ix3b0mAn2mqbGKK29uTsfDBh6McwvNqXFGrMB1dbhY4=; b=KZ0tZRtLGTnVGURR9GmhRHb2BcEFno3bON8PyNmYfiuXmW0yE7ThmnBoYoQQvP92AB Q4Hr+GghvAMBoHgbwpcgPFtk5vE/LuXjkWZQAFt4L9SfApvwOfEUbL8/FFmz6WCgFKMW iZLj0sGsW8nbsr+4IQkAmKNjycBnE8BvUhctoAyb241IPMLW/374kngCLPNdGTbtjB+D hrqrO7ps4zmPPc7vkT8TLYKO6YpVDeeXfTy159ZVmthmlI16ia08+vu3KKDdZf5fc5Vy KMM6OnoUNPvr19ePBsHL8o+lEBL582Cp8Oro2oLzzd4EnyIYEiAcsjroWUPPdAVqyYR4 EKgg==
X-Received: by 10.224.178.12 with SMTP id bk12mr3344669qab.98.1363279518679; Thu, 14 Mar 2013 09:45:18 -0700 (PDT)
Received: from [10.8.1.116] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id gw9sm4919787qab.10.2013.03.14.09.45.15 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 14 Mar 2013 09:45:17 -0700 (PDT)
Message-ID: <5141FE99.6050006@unboundid.com>
Date: Thu, 14 Mar 2013 11:45:13 -0500
From: Bjorn Aannestad <bjorn.aannestad@unboundid.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: scim@ietf.org
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com> <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com>
Content-Type: multipart/alternative; boundary="------------040808060306080700060507"
X-Gm-Message-State: ALoCoQmkZ2lViIyreXuH8JXw7azlcJt9q3dO2rTORSMu4FohYfRrJEDIimc8t38Fdt9gr3rTcYIC
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 16:45:23 -0000

This is a multi-part message in MIME format.
--------------040808060306080700060507
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit


FWIW, when I once did this before (exposing multiple tenants through a 
single interface) it wasn't too hard to prepend the "database id" onto 
the not-globally-unique record ids.  They weren't used for internal 
references, of course.

More to the point: When unique URIs are in use in the context of 
multi-tenancy, can we equivocally say that there are no cases where a 
resource identifier would be used alone, without the disambiguating 
URI?   A single reasonable use case would indicate that there is a need 
for globally unique identifiers.

-Bjorn




On 2013-03-14 11:02 AM, Kelly Grizzle wrote:
>
> You're right ... generating a uuid is not hard.  My bigger concern is 
> where the SP is putting a SCIM interface on an existing datastore (eg 
> -- a multi-tenant app that uses a database per tenant).  In this case 
> we may be imposing a restriction that has little value (if they have 
> unique URIs) but won't be able to use the underlying datastore's 
> existing identifiers.
>
> --Kelly
>
> *From:*scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] *On Behalf 
> Of *Salvatore D'Agostino
> *Sent:* Wednesday, March 13, 2013 11:34 PM
> *To:* 'Phil Hunt'; Kelly Grizzle
> *Cc:* scim@ietf.org; 'Shelley'; 'Morteza Ansari (moransar)'
> *Subject:* Re: [scim] Proposed Text for Multi-Tenancy
>
> I'm with Phil,
>
> RFC 4122  - x.667
>
> Not that hard.
>
> *From:*scim-bounces@ietf.org <mailto:scim-bounces@ietf.org> 
> [mailto:scim-bounces@ietf.org] *On Behalf Of *Phil Hunt
> *Sent:* Wednesday, March 13, 2013 11:56 PM
> *To:* Kelly Grizzle
> *Cc:* scim@ietf.org <mailto:scim@ietf.org>; Shelley; Morteza Ansari 
> (moransar)
> *Subject:* Re: [scim] Proposed Text for Multi-Tenancy
>
> Hmmm...calculating a UUID is fairly straight forward and doesn't 
> require checking across tenancies to be universally unique (at least 
> statistically).
>
> Phil
>
> @independentid
>
> www.independentid.com <http://www.independentid.com>
>
> phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>
>
> On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:
>
> I agree with Shelley.  It is a significant burden on the service 
> provider to require fully unique IDs across tenants and resource types.
>
> >Given group members are only identified using the ID field
>
> This is likely going to change with the reference attribute type being 
> added in issue #33.
>
> >The SCIM id, defined by the Service Provider, MUST be unique across 
> all Resources for all Tenants
>
> Maybe this could be reworded so that the MUST is conditional on 
> whether multi-tenancy uses fully unique URIs or not.
>
> --Kelly
>
> *From:*scim-bounces@ietf.org <mailto:scim-bounces@ietf.org> 
> [mailto:scim-bounces@ietf.org]*On Behalf Of*Morteza Ansari (moransar)
> *Sent:*Wednesday, March 13, 2013 3:54 PM
> *To:*Shelley; scim@ietf.org <mailto:scim@ietf.org>
> *Subject:*Re: [scim] Proposed Text for Multi-Tenancy
>
> Another reason for this is group membership. Given group members are 
> only identified using the ID field, if ID namespace is per tenant, 
> then you can't have groups that cross tenant boundary regardless of 
> whether the SP uses URL prefix or other mechanisms.
>
> I do see your point that if SP is using multiple DB's, this 
> requirement adds additional burden on the SP.  I think the original 
> intent of this language (in 1.0) was for id to be unique within a 
> given endpoint (in your example each DB), but the language is not 
> quite clear.
>
> Cheers,
>
> Morteza
>
> *From:*Shelley <randomshelley@gmail.com <mailto:randomshelley@gmail.com>>
> *Date:*Wednesday, March 13, 2013 11:17 AM
> *To:*"scim@ietf.org <mailto:scim@ietf.org>" <scim@ietf.org 
> <mailto:scim@ietf.org>>
> *Subject:*[scim] Proposed Text for Multi-Tenancy
>
> As a developer of a service provider implementation that supports 
> multi-tenancy, this requirement seems a bit imposing with little 
> value. Given that all SCIM resources are relative to a given tenant 
> and to a particular endpoint/resource type, it seems that the scope of 
> SCIM identifiers need not go beyond these contexts. The SCIM Protocol 
> is built upon REST, which is resource-oriented and based on URIs as 
> GUIDs, and so requiring an additional GUID beyond this seems unnecessary.
>
> Technically, for example, assume that a service provider is using a 
> standard RDBMS to persist user and group resources. This requirement 
> now imposes uniqueness of identifiers across tables. Further, consider 
> a case where a separate database schema maintains the data for each 
> tenant. Not only must uniqueness be guaranteed across tables, but also 
> across schemas.
>
> /a) Within the proposed text, there is no requirement that the Service 
> Provider use the URL to distinguish tenants.  Thus, a URL including a 
> non-unique SCIM Id would be ambiguous./
>
>
> I agree that if service providers choose not to use URLs to 
> distinguish tenants, they must use unique resource identifiers across 
> all tenants. In that case, I'd suggest that the burden of this 
> limitation be placed on these service providers, not on all service 
> providers. This should be a factor in choosing such a method for 
> implementing multi-tenancy.
>
> Given that the SCIM Protocol is built upon REST where URIs uniquely 
> identify resources, service providers that choose this method should 
> be aware of the limitation they are imposing. It is my opinion, 
> however, that this should be the exception and not dictate 
> requirements for all providers.
>
> /b) There is a use case for retrieval of a resource when the Consumer 
> does not know the resource "type" and therefore cannot use a specific 
> resource end point. /
>
>
> Could you elaborate on this use case? Further, if this is a valid use 
> case, why wouldn't the ability to search across multiple resource 
> types be sufficient for finding such resources? e.g:
>
>    GET /Tenants/abc?filter=externalId eq xyz
>    {
>       "totalResults": 1,
>       "Resources": [
>          {
>            "id": "123",
>            "resourceType": "User",
>            "externalId": "xyz",
>            "meta": {
>                "location": "https://example.com/Tenants/abc/Users/123",
>                ...
>            },
>            ...
>          }
>       ],
>       ...
>    }
>
> (Or alternative to the "resourceType", the response could contain a 
> list of "Users" and/or "Groups" instead of generic "Resources".)
>
> The current SCIM protocol at least requires that resources are created 
> and managed at a particular resource endpoint, and the introduction of 
> the resource type and proposed search functionality seem to offset any 
> need for a global identifier across all tenants and resources.
>
> _______________________________________________
> scim mailing list
> scim@ietf.org <mailto:scim@ietf.org>
> https://www.ietf.org/mailman/listinfo/scim
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--------------040808060306080700060507
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <br>
    FWIW, when I once did this before (exposing multiple tenants through
    a single interface) it wasn't too hard to prepend the "database id"
    onto the not-globally-unique record ids.&nbsp; They weren't used for
    internal references, of course.<br>
    <br>
    More to the point: When unique URIs are in use in the context of
    multi-tenancy, can we equivocally say that there are no cases where
    a resource identifier would be used alone, without the
    disambiguating URI?&nbsp;&nbsp; A single reasonable use case would indicate
    that there is a need for globally unique identifiers.<br>
    <br>
    -Bjorn<br>
    <br>
    <br>
    <br>
    <br>
    <div class="moz-cite-prefix">On 2013-03-14 11:02 AM, Kelly Grizzle
      wrote:<br>
    </div>
    <blockquote
cite="mid:56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <meta name="Generator" content="Microsoft Word 14 (filtered
        medium)">
      <style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
span.apple-style-span
	{mso-style-name:apple-style-span;}
span.apple-converted-space
	{mso-style-name:apple-converted-space;}
span.EmailStyle21
	{mso-style-type:personal;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.EmailStyle22
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">You&#8217;re
            right &#8230; generating a uuid is not hard.&nbsp; My bigger concern is
            where the SP is putting a SCIM interface on an existing
            datastore (eg &#8211; a multi-tenant app that uses a database per
            tenant).&nbsp; In this case we may be imposing a restriction that
            has little value (if they have unique URIs) but won&#8217;t be
            able to use the underlying datastore&#8217;s existing identifiers.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <div>
          <div style="border:none;border-top:solid #B5C4DF
            1.0pt;padding:3.0pt 0in 0in 0in">
            <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
                <a class="moz-txt-link-abbreviated" href="mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> [<a class="moz-txt-link-freetext" href="mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]
                <b>On Behalf Of </b>Salvatore D'Agostino<br>
                <b>Sent:</b> Wednesday, March 13, 2013 11:34 PM<br>
                <b>To:</b> 'Phil Hunt'; Kelly Grizzle<br>
                <b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:scim@ietf.org">scim@ietf.org</a>; 'Shelley'; 'Morteza Ansari
                (moransar)'<br>
                <b>Subject:</b> Re: [scim] Proposed Text for
                Multi-Tenancy<o:p></o:p></span></p>
          </div>
        </div>
        <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">I&#8217;m
            with Phil,
            <o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">RFC
            4122 &nbsp;- x.667
            <o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">Not
            that hard.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span></p>
        <div>
          <div style="border:none;border-top:solid #B5C4DF
            1.0pt;padding:3.0pt 0in 0in 0in">
            <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
                <a moz-do-not-send="true"
                  href="mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a>
                [<a moz-do-not-send="true"
                  href="mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]
                <b>On Behalf Of </b>Phil Hunt<br>
                <b>Sent:</b> Wednesday, March 13, 2013 11:56 PM<br>
                <b>To:</b> Kelly Grizzle<br>
                <b>Cc:</b> <a moz-do-not-send="true"
                  href="mailto:scim@ietf.org">scim@ietf.org</a>;
                Shelley; Morteza Ansari (moransar)<br>
                <b>Subject:</b> Re: [scim] Proposed Text for
                Multi-Tenancy<o:p></o:p></span></p>
          </div>
        </div>
        <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        <p class="MsoNormal">Hmmm&#8230;calculating a UUID is fairly straight
          forward and doesn't require checking across tenancies to be
          universally unique (at least statistically).<o:p></o:p></p>
        <div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          <div>
            <div>
              <div>
                <div>
                  <div>
                    <div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:black">Phil<o:p></o:p></span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:black">@independentid<o:p></o:p></span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:black"><a
                              moz-do-not-send="true"
                              href="http://www.independentid.com">www.independentid.com</a><o:p></o:p></span></p>
                      </div>
                    </div>
                  </div>
                </div>
                <p class="MsoNormal" style="margin-bottom:13.5pt"><span
style="font-size:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:black"><a
                      moz-do-not-send="true"
                      href="mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p></o:p></span></p>
              </div>
              <p class="MsoNormal"><span
style="font-size:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></p>
            </div>
            <p class="MsoNormal" style="margin-bottom:12.0pt"><o:p>&nbsp;</o:p></p>
          </div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          <div>
            <div>
              <p class="MsoNormal">On 2013-03-13, at 8:26 PM, Kelly
                Grizzle wrote:<o:p></o:p></p>
            </div>
            <p class="MsoNormal" style="margin-bottom:12.0pt"><o:p>&nbsp;</o:p></p>
            <div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">I
                    agree with Shelley.&nbsp; It is a significant burden on
                    the service provider to require fully unique IDs
                    across tenants and resource types.</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&gt;<span
                      class="apple-converted-space">&nbsp;</span></span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Given
                    group members are only identified using the ID field</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">This
                    is likely going to change with the reference
                    attribute type being added in issue #33.</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&gt;<span
                      class="apple-converted-space">&nbsp;</span></span><span
style="font-size:11.5pt;color:black;background:white">The SCIM id,
                    defined by the Service Provider, MUST be unique
                    across all Resources for all Tenants</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">Maybe
                    this could be reworded so that the MUST is
                    conditional on whether multi-tenancy uses fully
                    unique URIs or not.</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly</span><o:p></o:p></p>
              </div>
              <div>
                <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p></p>
              </div>
              <div>
                <div style="border:none;border-top:solid #B5C4DF
                  1.0pt;padding:3.0pt 0in 0in
                  0in;border-width:initial;border-color:initial">
                  <div>
                    <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span
                        class="apple-converted-space"><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">&nbsp;</span></span><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"><a
                          moz-do-not-send="true"
                          href="mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a>
                        [<a moz-do-not-send="true"
                          href="mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]<span
                          class="apple-converted-space">&nbsp;</span><b>On
                          Behalf Of<span class="apple-converted-space">&nbsp;</span></b>Morteza
                        Ansari (moransar)<br>
                        <b>Sent:</b><span class="apple-converted-space">&nbsp;</span>Wednesday,
                        March 13, 2013 3:54 PM<br>
                        <b>To:</b><span class="apple-converted-space">&nbsp;</span>Shelley;
                        <a moz-do-not-send="true"
                          href="mailto:scim@ietf.org">
                          scim@ietf.org</a><br>
                        <b>Subject:</b><span
                          class="apple-converted-space">&nbsp;</span>Re:
                        [scim] Proposed Text for Multi-Tenancy</span><o:p></o:p></p>
                  </div>
                </div>
              </div>
              <div>
                <p class="MsoNormal">&nbsp;<o:p></o:p></p>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Another
                      reason for this is group membership. Given group
                      members are only identified using the ID field, if
                      ID namespace is per tenant, then you can't have
                      groups that cross tenant boundary regardless of
                      whether the SP uses URL prefix or other
                      mechanisms.</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">I
                      do see your point that if SP is using multiple
                      DB's, this requirement adds additional burden on
                      the SP. &nbsp;I think the original intent of this
                      language (in 1.0) was for id to be unique within a
                      given endpoint (in your example each DB), but the
                      language is not quite clear.</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Cheers,</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Morteza</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p>
                </div>
              </div>
              <div style="border:none;border-top:solid #B5C4DF
                1.0pt;padding:3.0pt 0in 0in
                0in;border-width:initial;border-color:initial">
                <div>
                  <p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">From:<span
                          class="apple-converted-space">&nbsp;</span></span></b><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Shelley
                      &lt;<a moz-do-not-send="true"
                        href="mailto:randomshelley@gmail.com">randomshelley@gmail.com</a>&gt;<br>
                      <b>Date:<span class="apple-converted-space">&nbsp;</span></b>Wednesday,
                      March 13, 2013 11:17 AM<br>
                      <b>To:<span class="apple-converted-space">&nbsp;</span></b>"<a
                        moz-do-not-send="true"
                        href="mailto:scim@ietf.org">scim@ietf.org</a>"
                      &lt;<a moz-do-not-send="true"
                        href="mailto:scim@ietf.org">scim@ietf.org</a>&gt;<br>
                      <b>Subject:<span class="apple-converted-space">&nbsp;</span></b>[scim]
                      Proposed Text for Multi-Tenancy</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">&nbsp;</span><o:p></o:p></p>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal" style="margin-bottom:12.0pt"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">As
                      a developer of a service provider implementation
                      that supports multi-tenancy, this requirement
                      seems a bit imposing with little value. Given that
                      all SCIM resources are relative to a given tenant
                      and to a particular endpoint/resource type, it
                      seems that the scope of SCIM identifiers need not
                      go beyond these contexts. The SCIM Protocol is
                      built upon REST, which is resource-oriented and
                      based on URIs as GUIDs, and so requiring an
                      additional GUID beyond this seems unnecessary.<br>
                      <br>
                      Technically, for example, assume that a service
                      provider is using a standard RDBMS to persist user
                      and group resources. This requirement now imposes
                      uniqueness of identifiers across tables. Further,
                      consider a case where a separate database schema
                      maintains the data for each tenant. Not only must
                      uniqueness be guaranteed across tables, but also
                      across schemas.</span><o:p></o:p></p>
                  <div>
                    <p class="MsoNormal"><i><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">a)
                          Within the proposed text, there is no
                          requirement that the Service Provider use the
                          URL to distinguish tenants.&nbsp; Thus, a URL
                          including a non-unique SCIM Id would be
                          ambiguous.</span></i><o:p></o:p></p>
                  </div>
                  <p class="MsoNormal" style="margin-bottom:12.0pt"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black"><br>
                      I agree that if service providers choose not to
                      use URLs to distinguish tenants, they must use
                      unique resource identifiers across all tenants. In
                      that case, I'd suggest that the burden of this
                      limitation be placed on these service providers,
                      not on all service providers. This should be a
                      factor in choosing such a method for implementing
                      multi-tenancy.<br>
                      <br>
                      Given that the SCIM Protocol is built upon REST
                      where URIs uniquely identify resources, service
                      providers that choose this method should be aware
                      of the limitation they are imposing. It is my
                      opinion, however, that this should be the
                      exception and not dictate requirements for all
                      providers.</span><o:p></o:p></p>
                  <div>
                    <p class="MsoNormal"><i><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">b)
                          There is a use case for retrieval of a
                          resource when the Consumer does not know the
                          resource "type" and therefore cannot use a
                          specific resource end point.&nbsp;&nbsp;</span></i><o:p></o:p></p>
                  </div>
                  <div>
                    <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black"><br>
                        Could you elaborate on this use case? Further,
                        if this is a valid use case, why wouldn't the
                        ability to search across multiple resource types
                        be sufficient for finding such resources? e.g:<br>
                        <br>
                      </span><span
                        style="font-size:10.5pt;font-family:&quot;Courier
                        New&quot;;color:black">&nbsp;&nbsp; GET
                        /Tenants/abc?filter=externalId eq xyz<br>
                        &nbsp;&nbsp; {<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "totalResults": 1,<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "Resources": [</span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black"><br>
                      </span><span
                        style="font-size:10.5pt;font-family:&quot;Courier
                        New&quot;;color:black">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "id": "123",<br>
                        &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "resourceType": "User",<br>
                        &nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "externalId": "xyz",</span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black"><br>
                      </span><span
                        style="font-size:10.5pt;font-family:&quot;Courier
                        New&quot;;color:black">&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; "meta": {<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "location": "<a
                          moz-do-not-send="true"
                          href="https://example.com/Tenants/abc/Users/123">https://example.com/Tenants/abc/Users/123</a>",<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; ...<br>
                        &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; },<br>
                        &nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>
                        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
                        &nbsp;&nbsp; }<br>
                      </span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black"><br>
                        (Or alternative to the "resourceType", the
                        response could contain a list of "Users" and/or
                        "Groups" instead of generic "Resources".)<br>
                        <br>
                        The current SCIM protocol at least requires that
                        resources are created and managed at a
                        particular resource endpoint, and the
                        introduction of the resource type and proposed
                        search functionality seem to offset any need for
                        a global identifier across all tenants and
                        resources.</span><o:p></o:p></p>
                  </div>
                </div>
              </div>
              <p class="MsoNormal"><span
style="font-size:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;">_______________________________________________<br>
                  scim mailing list<br>
                  <a moz-do-not-send="true" href="mailto:scim@ietf.org">scim@ietf.org</a><br>
                  <a moz-do-not-send="true"
                    href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a><o:p></o:p></span></p>
            </div>
          </div>
          <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
scim mailing list
<a class="moz-txt-link-abbreviated" href="mailto:scim@ietf.org">scim@ietf.org</a>
<a class="moz-txt-link-freetext" href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>

--------------040808060306080700060507--

From kelly.grizzle@sailpoint.com  Fri Mar 15 08:19:14 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F8E221F875C for <scim@ietfa.amsl.com>; Fri, 15 Mar 2013 08:19:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level: 
X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vmQWQaEJkmQI for <scim@ietfa.amsl.com>; Fri, 15 Mar 2013 08:19:13 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe005.messaging.microsoft.com [216.32.181.185]) by ietfa.amsl.com (Postfix) with ESMTP id 947BC21F8763 for <scim@ietf.org>; Fri, 15 Mar 2013 08:19:12 -0700 (PDT)
Received: from mail144-ch1-R.bigfish.com (10.43.68.226) by CH1EHSOBE008.bigfish.com (10.43.70.58) with Microsoft SMTP Server id 14.1.225.23; Fri, 15 Mar 2013 15:19:11 +0000
Received: from mail144-ch1 (localhost [127.0.0.1])	by mail144-ch1-R.bigfish.com (Postfix) with ESMTP id B21B24033F; Fri, 15 Mar 2013 15:19:11 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT001.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: 0
X-BigFish: PS0(zzc85fhzz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz17326ah8275dh18c673h8275bhz31h2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah34h1155h)
Received-SPF: softfail (mail144-ch1: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT001.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail144-ch1 (localhost.localdomain [127.0.0.1]) by mail144-ch1 (MessageSwitch) id 1363360722919753_17702; Fri, 15 Mar 2013 15:18:42 +0000 (UTC)
Received: from CH1EHSMHS004.bigfish.com (snatpool2.int.messaging.microsoft.com [10.43.68.239])	by mail144-ch1.bigfish.com (Postfix) with ESMTP id DA23E2E0348;	Fri, 15 Mar 2013 15:18:42 +0000 (UTC)
Received: from BLUPRD0412HT001.namprd04.prod.outlook.com (132.245.1.133) by CH1EHSMHS004.bigfish.com (10.43.70.4) with Microsoft SMTP Server (TLS) id 14.1.225.23; Fri, 15 Mar 2013 15:18:40 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.238]) by BLUPRD0412HT001.namprd04.prod.outlook.com ([10.255.214.162]) with mapi id 14.16.0275.006; Fri, 15 Mar 2013 15:18:39 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: "scim@ietf.org" <scim@ietf.org>
Thread-Topic: Schema slides for WG meeting
Thread-Index: Ac4hkEjanHgZ8uH8RMCrVng9ohZOGQ==
Date: Fri, 15 Mar 2013 15:18:38 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C382B17@BLUPRD0412MB643.namprd04.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: 
x-vipre-scanned: 055C2344003EBC055C2491
x-originating-ip: [130.129.23.78]
Content-Type: multipart/mixed; boundary="_004_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "Leif Johansson \(leifj@sunet.se\)" <leifj@sunet.se>
Subject: [scim] Schema slides for WG meeting
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Mar 2013 15:19:14 -0000

--_004_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_
Content-Type: multipart/alternative;
	boundary="_000_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_"

--_000_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Attached are the latest slides that will be presented at the WG meeting tod=
ay.

--Kelly

--_000_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal">Attached are the latest slides that will be presente=
d at the WG meeting today.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">--Kelly<o:p></o:p></p>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_--

--_004_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_
Content-Type: application/octet-stream; name="IETF 86 - Schema.pdf"
Content-Description: IETF 86 - Schema.pdf
Content-Disposition: attachment; filename="IETF 86 - Schema.pdf"; size=326130;
	creation-date="Thu, 14 Mar 2013 03:32:27 GMT";
	modification-date="Fri, 15 Mar 2013 15:16:56 GMT"
Content-Transfer-Encoding: base64

JVBERi0xLjUNCiW1tbW1DQoxIDAgb2JqDQo8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFIvTGFu
Zyhlbi1VUykgL1N0cnVjdFRyZWVSb290IDYxIDAgUi9NYXJrSW5mbzw8L01hcmtlZCB0cnVlPj4+
Pg0KZW5kb2JqDQoyIDAgb2JqDQo8PC9UeXBlL1BhZ2VzL0NvdW50IDExL0tpZHNbIDMgMCBSIDEy
IDAgUiAxOSAwIFIgMjggMCBSIDMxIDAgUiAzNiAwIFIgMzggMCBSIDQyIDAgUiA0NCAwIFIgNDYg
MCBSIDUzIDAgUl0gPj4NCmVuZG9iag0KMyAwIG9iag0KPDwvVHlwZS9QYWdlL1BhcmVudCAyIDAg
Ui9SZXNvdXJjZXM8PC9Gb250PDwvRjEgNSAwIFIvRjIgNyAwIFI+Pi9Qcm9jU2V0Wy9QREYvVGV4
dC9JbWFnZUIvSW1hZ2VDL0ltYWdlSV0gPj4vTWVkaWFCb3hbIDAgMCA3MjAgNTQwXSAvQ29udGVu
dHMgNCAwIFIvR3JvdXA8PC9UeXBlL0dyb3VwL1MvVHJhbnNwYXJlbmN5L0NTL0RldmljZVJHQj4+
L1RhYnMvUy9TdHJ1Y3RQYXJlbnRzIDA+Pg0KZW5kb2JqDQo0IDAgb2JqDQo8PC9GaWx0ZXIvRmxh
dGVEZWNvZGUvTGVuZ3RoIDQwMT4+DQpzdHJlYW0NCnicfZJNTwIxEIbvm+x/mGNrdJjpx7abEGJA
MGhINJJ4IB4IWYW4+IFe5NfbgpBdYL20TTrzvs98QOsO2u3WqDe8Aup0oHvVg880ISAkIlaKHDhF
YA3BqkiTxzN4SxOGl30MUcZkakHPZ2lynybQH/UAKgb8Z9Adp0lrwGAMUmZg/BwVgxwwKO0xy0Dl
Odrws4w2G6/rNJmIh95wBA+zebGcyicY36RJP0hFuV2+8YzGVPMnAiqxR0zqgEmrIybOMyQNigj1
FgmtdhuszWODNuyPpRYDaOBS1qH2FQ24CN2z0Wk2ET47zGsN1CkUlTtUqipDUaBN2pnOocLJYjRr
5CpIvT9VZq2ozjwRo+lKshezObA9Dz8srdAN6VbF8TY6HU1Cn5jEQfVexerZmnhtJW8jT1GWPyCN
uF4twrleh0mURdOGaIcuq4v8y2UqXPuV8Aa9AyaPvFuz1wZDzj1qU4+NwNKRQHmRi5fVIhKvy3AU
l1/TRfkRqnhfvMlcfONMMon3ZVOTtUWuax8V8ws1F8dQDQplbmRzdHJlYW0NCmVuZG9iag0KNSAw
IG9iag0KPDwvVHlwZS9Gb250L1N1YnR5cGUvVHJ1ZVR5cGUvTmFtZS9GMS9CYXNlRm9udC9BQkNE
RUUrQ2FsaWJyaS9FbmNvZGluZy9XaW5BbnNpRW5jb2RpbmcvRm9udERlc2NyaXB0b3IgNiAwIFIv
Rmlyc3RDaGFyIDMyL0xhc3RDaGFyIDEyMi9XaWR0aHMgMzEwIDAgUj4+DQplbmRvYmoNCjYgMCBv
YmoNCjw8L1R5cGUvRm9udERlc2NyaXB0b3IvRm9udE5hbWUvQUJDREVFK0NhbGlicmkvRmxhZ3Mg
MzIvSXRhbGljQW5nbGUgMC9Bc2NlbnQgNzUwL0Rlc2NlbnQgLTI1MC9DYXBIZWlnaHQgNzUwL0F2
Z1dpZHRoIDUyMS9NYXhXaWR0aCAxNzQzL0ZvbnRXZWlnaHQgNDAwL1hIZWlnaHQgMjUwL1N0ZW1W
IDUyL0ZvbnRCQm94WyAtNTAzIC0yNTAgMTI0MCA3NTBdIC9Gb250RmlsZTIgMzA4IDAgUj4+DQpl
bmRvYmoNCjcgMCBvYmoNCjw8L1R5cGUvRm9udC9TdWJ0eXBlL1R5cGUwL0Jhc2VGb250L0FCQ0RF
RStDYWxpYnJpL0VuY29kaW5nL0lkZW50aXR5LUgvRGVzY2VuZGFudEZvbnRzIDggMCBSL1RvVW5p
Y29kZSAzMDcgMCBSPj4NCmVuZG9iag0KOCAwIG9iag0KWyA5IDAgUl0gDQplbmRvYmoNCjkgMCBv
YmoNCjw8L0Jhc2VGb250L0FCQ0RFRStDYWxpYnJpL1N1YnR5cGUvQ0lERm9udFR5cGUyL1R5cGUv
Rm9udC9DSURUb0dJRE1hcC9JZGVudGl0eS9EVyAxMDAwL0NJRFN5c3RlbUluZm8gMTAgMCBSL0Zv
bnREZXNjcmlwdG9yIDExIDAgUi9XIDMwOSAwIFI+Pg0KZW5kb2JqDQoxMCAwIG9iag0KPDwvT3Jk
ZXJpbmcoSWRlbnRpdHkpIC9SZWdpc3RyeShBZG9iZSkgL1N1cHBsZW1lbnQgMD4+DQplbmRvYmoN
CjExIDAgb2JqDQo8PC9UeXBlL0ZvbnREZXNjcmlwdG9yL0ZvbnROYW1lL0FCQ0RFRStDYWxpYnJp
L0ZsYWdzIDMyL0l0YWxpY0FuZ2xlIDAvQXNjZW50IDc1MC9EZXNjZW50IC0yNTAvQ2FwSGVpZ2h0
IDc1MC9BdmdXaWR0aCA1MjEvTWF4V2lkdGggMTc0My9Gb250V2VpZ2h0IDQwMC9YSGVpZ2h0IDI1
MC9TdGVtViA1Mi9Gb250QkJveFsgLTUwMyAtMjUwIDEyNDAgNzUwXSAvRm9udEZpbGUyIDMwOCAw
IFI+Pg0KZW5kb2JqDQoxMiAwIG9iag0KPDwvVHlwZS9QYWdlL1BhcmVudCAyIDAgUi9SZXNvdXJj
ZXM8PC9Gb250PDwvRjEgNSAwIFIvRjMgMTQgMCBSL0YyIDcgMCBSPj4vUHJvY1NldFsvUERGL1Rl
eHQvSW1hZ2VCL0ltYWdlQy9JbWFnZUldID4+L01lZGlhQm94WyAwIDAgNzIwIDU0MF0gL0NvbnRl
bnRzIDEzIDAgUi9Hcm91cDw8L1R5cGUvR3JvdXAvUy9UcmFuc3BhcmVuY3kvQ1MvRGV2aWNlUkdC
Pj4vVGFicy9TL1N0cnVjdFBhcmVudHMgMT4+DQplbmRvYmoNCjEzIDAgb2JqDQo8PC9GaWx0ZXIv
RmxhdGVEZWNvZGUvTGVuZ3RoIDY1OT4+DQpzdHJlYW0NCnicnVRNa9tAEL0L9B8GctkNZLNfo5XA
6BDHKSmEpNTQQ+jBtTe2oJapFNvtv++uZBtLlhy3F4ndmTfzZt/MwO0LDAa3T8PHe+BpCnf3Q/gV
Bhw445wLKbkBIzmg5lDYMPh2DXkYCJgffDiPBNcNp7frMPgSBjB6GgIcJRC7BHfjMLh9EKA145GG
8ZuP6MKBAGmQyQg0xgwTGC99mirXpzB4Jc8bKjixBb2JySazFMmWfofx5zAYuZA+7D6OdrGNPI7z
SuDI94SbbHBToOQJN62YBBVzprCOOOA8NmmTgK+rA2t4C0u+Thd2OQGqSLlYFe73ToUiUxqT1TLL
qSbzEuiNJpOCiois1vnMHRWxVCD57Q2Vv81LB81+ZA7wM/NR/gDtZtRFSAuW7AltqfFPKySx4L+z
rHRBp+52talS1bYZzNYuT5Hl84rQZugZIvH0cA9alxWtVd4jDyYRU3Ez/1l5VIc8HerIBFl8Vh3Z
9xYtqBpxwSUXwk1BNHRdrlI14MLcu6GI/dH/Uyl3d/HQ/bGGRA+VXeHI36eCOx8xSs2ghsTVsTbJ
2qR9lKhO5k2Jw+ODv/Z5ezpcCWZEi7YyuqcfW4+lDYtMA0zafXPwRc0i1fTNvLzl2lYdcKVUn8xu
mrE/y4nK+kKVdcKM+XgGu1Q+gpLH0jfr2pZVGdvsfeGOYH2bNybMD9cqh6WdLiZ5Vi5d7adD1tVY
KASTpsX3Uo1QGiZVk3GfRqg0Q2z6HjS6UnEPLEJkZzKc6IMX6sMVi5L/0+cISl7q1Te1pVPILf43
Kp0QBRQ0IXbu6hO7rWnrbdS1HWvtysv1UkmL/7/o5bZ7o4KP9Dr2bc0UP6OZlpelqZ5UoGEYX+Tp
yu+d07+LXK6HDQplbmRzdHJlYW0NCmVuZG9iag0KMTQgMCBvYmoNCjw8L1R5cGUvRm9udC9TdWJ0
eXBlL1R5cGUwL0Jhc2VGb250L0FyaWFsL0VuY29kaW5nL0lkZW50aXR5LUgvRGVzY2VuZGFudEZv
bnRzIDE1IDAgUi9Ub1VuaWNvZGUgMzExIDAgUj4+DQplbmRvYmoNCjE1IDAgb2JqDQpbIDE2IDAg
Ul0gDQplbmRvYmoNCjE2IDAgb2JqDQo8PC9CYXNlRm9udC9BcmlhbC9TdWJ0eXBlL0NJREZvbnRU
eXBlMi9UeXBlL0ZvbnQvQ0lEVG9HSURNYXAvSWRlbnRpdHkvRFcgMTAwMC9DSURTeXN0ZW1JbmZv
IDE3IDAgUi9Gb250RGVzY3JpcHRvciAxOCAwIFIvVyAzMTMgMCBSPj4NCmVuZG9iag0KMTcgMCBv
YmoNCjw8L09yZGVyaW5nKElkZW50aXR5KSAvUmVnaXN0cnkoQWRvYmUpIC9TdXBwbGVtZW50IDA+
Pg0KZW5kb2JqDQoxOCAwIG9iag0KPDwvVHlwZS9Gb250RGVzY3JpcHRvci9Gb250TmFtZS9Bcmlh
bC9GbGFncyAzMi9JdGFsaWNBbmdsZSAwL0FzY2VudCA5MDUvRGVzY2VudCAtMjEwL0NhcEhlaWdo
dCA3MjgvQXZnV2lkdGggNDQxL01heFdpZHRoIDI2NjUvRm9udFdlaWdodCA0MDAvWEhlaWdodCAy
NTAvTGVhZGluZyAzMy9TdGVtViA0NC9Gb250QkJveFsgLTY2NSAtMjEwIDIwMDAgNzI4XSAvRm9u
dEZpbGUyIDMxMiAwIFI+Pg0KZW5kb2JqDQoxOSAwIG9iag0KPDwvVHlwZS9QYWdlL1BhcmVudCAy
IDAgUi9SZXNvdXJjZXM8PC9Gb250PDwvRjEgNSAwIFIvRjIgNyAwIFIvRjMgMTQgMCBSL0Y0IDIx
IDAgUi9GNSAyNiAwIFI+Pi9Qcm9jU2V0Wy9QREYvVGV4dC9JbWFnZUIvSW1hZ2VDL0ltYWdlSV0g
Pj4vTWVkaWFCb3hbIDAgMCA3MjAgNTQwXSAvQ29udGVudHMgMjAgMCBSL0dyb3VwPDwvVHlwZS9H
cm91cC9TL1RyYW5zcGFyZW5jeS9DUy9EZXZpY2VSR0I+Pi9UYWJzL1MvU3RydWN0UGFyZW50cyAy
Pj4NCmVuZG9iag0KMjAgMCBvYmoNCjw8L0ZpbHRlci9GbGF0ZURlY29kZS9MZW5ndGggODkxPj4N
CnN0cmVhbQ0KeJyllktP20AQx++R8h3muEbNsk97jSJLIQ/USkhFjcQB9RBgKZYSkyZBwLfvzNoO
ceJQ1B4Q9nhe/53fjgKn36HfP70cfh2ByDI4Hw3hd7cjQHAhhFRKJJAoAdYIWPlu5/oEim5Hwq+t
jxCxFKbh9HDS7Vx1OzC+HALsFJBVgfNpt3M6kWAMF7GB6QNlxHQgITU8sQqMddymMF1QmVDrotu5
YePXqKfYJpKC+WId9TTLb/N5vnmD6CdMv3U7Y8xcZldt2bUSXJrd7Dd9oROT7Ue39qaN4rIRzPbr
bl2twvCm78UqkpY9PZOEJaAUmbLZYjn3R3LEynKljtc7OF7VOF6Nag8kGM0VaGe43MoXLmmR3xKb
iL3YoMihoiUs/CLS7NavIiXZ+jGPLEqMeo7la7TD4unez/09PeYF2i37Mfx6Sa8tc6PSbZVNymNd
dy3TgZAW/9wwkw7fk5GQ5xZtItiF0Fkv3vGTY7IJoZIyJtmJcWn4pu0462my2+Af/otJRiZ6pbCU
UqKznYQQKVTmQpUyYxo6woqjzPQpuCxAn02/biLrURahsECMtrLZdgZK5dJyvIb7ymtFsQst1S1i
t5TP9oMeI/rlmVDztqE5dPhfWrR1R9DZp06RgF0dH5OsP0myShR38t9I3o1lV2eANF4/ziLHNvA4
Wy59ERm2RlYTlj/gI7xFKaIOL5HUbFYEvw09P8Ga9lH5jBdCMg8LDKifP0+40o4ru52zHREgmaQJ
KpcpU02PZhLIrMcVRqSrr4hUAzEaWz3ztLoXpvwWhh7s7/T0jCFwzjNbkR6caoDc4aUJRShBKgIm
1DW5E9rbe4QqZNmqNqNtf4fYfzgvoXlcb55JJOmEwUcyYa+0hWiT4tbxX8gWs9dlHnbRLErYJqdx
FHAfXmhOnh/ZuQaXjLbNWh+SalpIbQFVxpIb9XdQW3TvhrLBGaE4fcyJTMPuUNCsgFtfb1iYrWEG
hUevF1gFqeun5xWd0t0Bis0yKuYursps3pZ4RG3r2bS0KVGiNY0MqFERpuXqGEriINA6fEctlkSa
LZeYHdOvDfIWCteRMSUlYfUOKsgG5V0oyc3Siv1hkvVUP/AYMtfMUlh1IZDnLfy02eygsX5lPKkq
jVuZtEeZTBVXrjqzlUf8HsKRr3xxh9vCr+HFz+fHWFNJyoVt5DhA7Q+1GAC5DQplbmRzdHJlYW0N
CmVuZG9iag0KMjEgMCBvYmoNCjw8L1R5cGUvRm9udC9TdWJ0eXBlL1R5cGUwL0Jhc2VGb250L0FC
Q0RFRStDYWxpYnJpLEJvbGRJdGFsaWMvRW5jb2RpbmcvSWRlbnRpdHktSC9EZXNjZW5kYW50Rm9u
dHMgMjIgMCBSL1RvVW5pY29kZSAzMTQgMCBSPj4NCmVuZG9iag0KMjIgMCBvYmoNClsgMjMgMCBS
XSANCmVuZG9iag0KMjMgMCBvYmoNCjw8L0Jhc2VGb250L0FCQ0RFRStDYWxpYnJpLEJvbGRJdGFs
aWMvU3VidHlwZS9DSURGb250VHlwZTIvVHlwZS9Gb250L0NJRFRvR0lETWFwL0lkZW50aXR5L0RX
IDEwMDAvQ0lEU3lzdGVtSW5mbyAyNCAwIFIvRm9udERlc2NyaXB0b3IgMjUgMCBSL1cgMzE2IDAg
Uj4+DQplbmRvYmoNCjI0IDAgb2JqDQo8PC9PcmRlcmluZyhJZGVudGl0eSkgL1JlZ2lzdHJ5KEFk
b2JlKSAvU3VwcGxlbWVudCAwPj4NCmVuZG9iag0KMjUgMCBvYmoNCjw8L1R5cGUvRm9udERlc2Ny
aXB0b3IvRm9udE5hbWUvQUJDREVFK0NhbGlicmksQm9sZEl0YWxpYy9GbGFncyAzMi9JdGFsaWNB
bmdsZSAtMTEvQXNjZW50IDc1MC9EZXNjZW50IC0yNTAvQ2FwSGVpZ2h0IDc1MC9BdmdXaWR0aCA1
MzcvTWF4V2lkdGggMTk1Ni9Gb250V2VpZ2h0IDcwMC9YSGVpZ2h0IDI1MC9TdGVtViA1My9Gb250
QkJveFsgLTY5MSAtMjUwIDEyNjUgNzUwXSAvRm9udEZpbGUyIDMxNSAwIFI+Pg0KZW5kb2JqDQoy
NiAwIG9iag0KPDwvVHlwZS9Gb250L1N1YnR5cGUvVHJ1ZVR5cGUvTmFtZS9GNS9CYXNlRm9udC9B
QkNERUUrQ2FsaWJyaSxCb2xkSXRhbGljL0VuY29kaW5nL1dpbkFuc2lFbmNvZGluZy9Gb250RGVz
Y3JpcHRvciAyNyAwIFIvRmlyc3RDaGFyIDMyL0xhc3RDaGFyIDExOS9XaWR0aHMgMzE3IDAgUj4+
DQplbmRvYmoNCjI3IDAgb2JqDQo8PC9UeXBlL0ZvbnREZXNjcmlwdG9yL0ZvbnROYW1lL0FCQ0RF
RStDYWxpYnJpLEJvbGRJdGFsaWMvRmxhZ3MgMzIvSXRhbGljQW5nbGUgLTExL0FzY2VudCA3NTAv
RGVzY2VudCAtMjUwL0NhcEhlaWdodCA3NTAvQXZnV2lkdGggNTM3L01heFdpZHRoIDE5NTYvRm9u
dFdlaWdodCA3MDAvWEhlaWdodCAyNTAvU3RlbVYgNTMvRm9udEJCb3hbIC02OTEgLTI1MCAxMjY1
IDc1MF0gL0ZvbnRGaWxlMiAzMTUgMCBSPj4NCmVuZG9iag0KMjggMCBvYmoNCjw8L1R5cGUvUGFn
ZS9QYXJlbnQgMiAwIFIvUmVzb3VyY2VzPDwvRm9udDw8L0YxIDUgMCBSL0YyIDcgMCBSL0YzIDE0
IDAgUj4+L1Byb2NTZXRbL1BERi9UZXh0L0ltYWdlQi9JbWFnZUMvSW1hZ2VJXSA+Pi9Bbm5vdHNb
IDMwIDAgUl0gL01lZGlhQm94WyAwIDAgNzIwIDU0MF0gL0NvbnRlbnRzIDI5IDAgUi9Hcm91cDw8
L1R5cGUvR3JvdXAvUy9UcmFuc3BhcmVuY3kvQ1MvRGV2aWNlUkdCPj4vVGFicy9TL1N0cnVjdFBh
cmVudHMgMz4+DQplbmRvYmoNCjI5IDAgb2JqDQo8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3Ro
IDExMzA+Pg0Kc3RyZWFtDQp4nJ1XTY/bNhC9G/B/IJALFSQ0vykVhoFdrzdIgQXarIMeFj1oFdlW
u2u5ltw0/74zlGRLtuQuerAkSjNvOMP3hjSZ/EKm08nD/PMd4bMZub2bk7/GI04445wLKbkjTnJi
NCf7dDz67T3ZjkeCrI82nFvBdcdo9X48+nU8IouHOSGtAKIOcLscjyb3gmjNuNVkuUJEgCOCCKUY
V0SbkJmILF8xjI/1aTx6oot/go+SloEQNN0WwUdFs+fsJQs0LX+Q4Hey/Hk8WgB4FUD2BVCArGU7
wNOUK6dn596901MhZ7rjTM/jHk0jzpTt2n4JhKNp4OgqkJqm+0AoSCRJiyEQE1lm7XDAixLLTokV
UbBGspuDVkxCIiFzpsmfh+4if9nn6/ilr7znIuLV79ZwIRbACTUzUNZbx9Xi3v/gFRfujosw8ibC
2ZmeVo/iBh+9RXSDjmjoh1zi17aFMuAQzmeicp4JDncZzqSpwfCbnXZjcD9Uxk+jckFULmfR1McU
YuqD4WfrX3Exd81kEUQZ479e0kTxnhKZiEV1iej3TZZsCJA0K0hMqkUPBEcSGE8CuG4DRZOUwLUE
euQkMDTe5uUm3ZPH+ecHHFeORX6AhxCM2QBnrAqZtN0pXOWMuuBMD1+kOqL182WgEC0/+rWAbMOQ
fiCfIAdL88PuA2Q8RH4pgWe6C7HYBlHdAPbgutuj+IsUkOG+HwDSPGKh6wINBdXCslB1bYtkk77G
BUk28XYNy5N+87O2zVr1laJfOjIyTKga9gCTBpyKAB1CWCSE9oTQQB80q1afxLvdPpCc5lXmMUyg
qsYQG7RzTETdwFfZoN/ABgncatCGu0dP+l0/lDJq09zUcjVHEaKaUcmqVjI2F+we2GDwfXiStW8U
gnvdYr9w9ihjc+d7gKqN7X3doW5mNW7dUf6bzFpLJkwnAXpNyctAa/pjh6wsejamM3QrHXNtcNxa
LVkmuDfVXettepPAPNVgIADOTdB8T2JoISXOsNxnzzDHAwwkHd56pHLMqDbg06k3Fbs0yQBkBdsu
7MLHDtf0qvz5jzQp8amEIlzEuCoRLlgjvATixVsC12esJEpFDEnFaxJeK58sWWd/o53/iFKtlVKn
r336uHoD+y4kDyef9lyGBGbgmABbdNv0qr7MG/QlrGH/o9m23Ohj6ptL0y3yIv0GSwWFanpYgWXN
kK0kK4qD33veKTxfqcFeEkFDjjphrqZqW6l285PR2xDc2YlR6v7jTBQxfD0E+LgDFjWY4QXmJR6U
U+v6+Ikv9+vm6Ys/iG6QWxWddj9NJiUQMaJxwvBW4rc8B469FAyKmqXlKrAhZbnfooSma9CMopPv
yOb6GUVaJNkr2CMarFmcTPA0kCVw/TNQwPZyAgBKXatX1FNxI0DBopPS6UQ9ePAUhinTcuqanqri
y2UdCwkYCSBIGFbDl/FIGc2MPQ5xIlDs86HFa8u6GTdgzbiK1Iw21d+My/8Y/Gx5Q8Z7Fti4Uyl6
KPMvs4y6OA0KZW5kc3RyZWFtDQplbmRvYmoNCjMwIDAgb2JqDQo8PC9TdWJ0eXBlL0xpbmsvUmVj
dFsgNDMuMiA2My45NiA1MTAuMzEgOTMuMjRdIC9CUzw8L1cgMD4+L0YgNC9BPDwvVHlwZS9BY3Rp
b24vUy9VUkkvVVJJKGh0dHA6Ly90cmFjLnRvb2xzLmlldGYub3JnL3dnL3NjaW0vdHJhYy90aWNr
ZXQvMzMpID4+L1N0cnVjdFBhcmVudCA0Pj4NCmVuZG9iag0KMzEgMCBvYmoNCjw8L1R5cGUvUGFn
ZS9QYXJlbnQgMiAwIFIvUmVzb3VyY2VzPDwvRXh0R1N0YXRlPDwvR1MzMyAzMyAwIFI+Pi9Gb250
PDwvRjEgNSAwIFIvRjIgNyAwIFIvRjYgMzQgMCBSPj4vUHJvY1NldFsvUERGL1RleHQvSW1hZ2VC
L0ltYWdlQy9JbWFnZUldID4+L01lZGlhQm94WyAwIDAgNzIwIDU0MF0gL0NvbnRlbnRzIDMyIDAg
Ui9Hcm91cDw8L1R5cGUvR3JvdXAvUy9UcmFuc3BhcmVuY3kvQ1MvRGV2aWNlUkdCPj4vVGFicy9T
L1N0cnVjdFBhcmVudHMgNT4+DQplbmRvYmoNCjMyIDAgb2JqDQo8PC9GaWx0ZXIvRmxhdGVEZWNv
ZGUvTGVuZ3RoIDExMzA+Pg0Kc3RyZWFtDQp4nJ1W30/jRhB+j5T/YcWTfSrrndmfjhBS4Sh3JyFd
aVCloj6EYEgqIGkcTtxV/d87s07ATuIk9CXyTna+mW/m290R2VdxdJRdnH7+KNTxsTj5eCr+7naU
UFIpBYjKC49KWKPErOh2fv8gnrqd7Pw3rcV92e2AuH/drZQDZRrb7z50O792O+Ls4lSIWihYhDrp
E9gvIIyRyhnRv2NEghMgciO9RWFskDYX/UcOE2OddzvXydlLeojJPAWVFE9leqiT8c34YTz/LtI/
Rf9Lt3NGyBU6bkLXqCSYOvr1kdLeHK96b8xNG5TQcE5W475utUjuzb3nsxRsMnlmClNBVCBPBo/T
h6IFw6GViO3x1sqLjfI6QWRXKRgtUegcpYeIKA5pjw60aUgJnvVF1pIMKM3J1FyZ0OR5elE83hSz
cjSeli2umBMP23TNALX41O9/zUBCi5+xINE3slUxz61F0BuKsKkGTsu8VgOsSvBpUs57oniJfZHD
yWMbJ+MjpxrKHrmZWm7NbLSVsJ7Nz8/z0WQ2/jGYjydPPXFSDGbFTIxMULd/lbke3YYdpavB7pGe
bU1POalhHwm6PSWI3kuzFPU/LSysXd25Nbbfr/NognT5Wq1F21F2vul0nRzcs/APeuJgNJ9Py16W
1QSTfYMsHowyM9Yd/NSGqrzUjVz2aFBoaxBCLsO7Ob05EafnspgxpeyKPsrMh7w1d02OJP560D2S
z/eUBuTAV+fa7bSdTM2LyAzKcnz/VNwyIVSg206xByZSj1gROWxzCHrVoZ6iaguklX9foEWJWwNB
X5medT3EP1rbZILnS2A96NY2gdrvGIFDie6dkqs5UZeKl+l4Fu+2XX2qXpB6yB3lW9R7c47tbdLw
zjhGb4mj611qa1KexyathdzeJGi7CUBraZYV/nfbxdrYuT3acrBQEnP6MbmhX0+z4IxGM0P60vTW
0LSigiA0TQa6HRy9GVo88JoecE8GIyGwwZDBafJAmSMbRrzJMjh6SspUKIpd4n6lZMAIoBYGigBL
g1E0a1X47m0R4Ya8N05ibMiDiJ4xN8uOhAvL1bDKFHRlqDKPQ09ENpWBHiNC98j2hYEhyBB4OvI8
qjEJG2jlZF6tiGaEp5KwwXCvmTFVgVdEosl/GGtyt6kXemWGppI2zmalJw1Bwtv4TKPETWqScvLw
POchtBDpYUiuLlObfBY0lpqkoM+7FOmvavnEw/Uw1UnrdOoCCb0WaJeIzC4R0SCFoLiA3H5wMlDb
SCOu6gV4uv/IQCONXapIUcVAs+4WKkIqH79snisfYUxsGBpWBcPQF7AhyPBq8ASDOauTVUxa4L+p
Z7wKNq50bCA6Do7opav2siN1WccFhrhy1V7Kwcb8fVjm72zMJNfLwIEJ0YVRMSQIE19VVx0ny29s
4DeWV+DiSldS4qx9JOppDCXarDQOIZo12KKkjeNeJR9UTK0mn8sUSQoPg9Qn8zFJ5VvKIrq6jOpx
/0c9wOPPa5gN4vkPfN3wYg0KZW5kc3RyZWFtDQplbmRvYmoNCjMzIDAgb2JqDQo8PC9UeXBlL0V4
dEdTdGF0ZS9CTS9Ob3JtYWwvY2EgMT4+DQplbmRvYmoNCjM0IDAgb2JqDQo8PC9UeXBlL0ZvbnQv
U3VidHlwZS9UcnVlVHlwZS9OYW1lL0Y2L0Jhc2VGb250L0FCQ0RFRStDb3VyaWVyIzIwTmV3L0Vu
Y29kaW5nL1dpbkFuc2lFbmNvZGluZy9Gb250RGVzY3JpcHRvciAzNSAwIFIvRmlyc3RDaGFyIDMy
L0xhc3RDaGFyIDEyNS9XaWR0aHMgMzIxIDAgUj4+DQplbmRvYmoNCjM1IDAgb2JqDQo8PC9UeXBl
L0ZvbnREZXNjcmlwdG9yL0ZvbnROYW1lL0FCQ0RFRStDb3VyaWVyIzIwTmV3L0ZsYWdzIDMyL0l0
YWxpY0FuZ2xlIDAvQXNjZW50IDgzMy9EZXNjZW50IC0xODgvQ2FwSGVpZ2h0IDYxMy9BdmdXaWR0
aCA2MDAvTWF4V2lkdGggNzQ0L0ZvbnRXZWlnaHQgNDAwL1hIZWlnaHQgMjUwL1N0ZW1WIDYwL0Zv
bnRCQm94WyAtMTIyIC0xODggNjIzIDYxM10gL0ZvbnRGaWxlMiAzMTkgMCBSPj4NCmVuZG9iag0K
MzYgMCBvYmoNCjw8L1R5cGUvUGFnZS9QYXJlbnQgMiAwIFIvUmVzb3VyY2VzPDwvRm9udDw8L0Yx
IDUgMCBSL0YyIDcgMCBSL0YzIDE0IDAgUj4+L1Byb2NTZXRbL1BERi9UZXh0L0ltYWdlQi9JbWFn
ZUMvSW1hZ2VJXSA+Pi9NZWRpYUJveFsgMCAwIDcyMCA1NDBdIC9Db250ZW50cyAzNyAwIFIvR3Jv
dXA8PC9UeXBlL0dyb3VwL1MvVHJhbnNwYXJlbmN5L0NTL0RldmljZVJHQj4+L1RhYnMvUy9TdHJ1
Y3RQYXJlbnRzIDY+Pg0KZW5kb2JqDQozNyAwIG9iag0KPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0xl
bmd0aCAxMDg1Pj4NCnN0cmVhbQ0KeJydVltv6kYQfkfiP+zj+khs9m5bQq4CIVUq5SiVIvXhnD4Y
WA6WwE4xKCf/vjNrm9pg07QPXLw7129mvjG5eyHT6d3z/OmB8CQhs4c5+Ws84oQzzrmQkocklJwY
zcnBjUd/fCH5eCTIj7MM51Zw3RHafBmPfh+PyOJ5TkjLgagdzF7Ho7tHQVTMYkteN2gQrBFBdMhs
FBFt4EaQ1z168a5+HY++0ecimCh6CISkjiyCiaQ/8esYCE5dXmbLbJcdP8gLSChaLPFu5/YlCf4k
r7+NRwtwW7mWPa6NECxse/425SrUyaVuX9hGCWZlR5leej3Las5MV/SpLE8OoyUKE4wGNG0omRbD
Xq7wlh28FZEh41J3AVcMwIgiJsMmaR6FPUn36Ib8QpfOT4dAY4Es1CMQgh5JYGm52rpA0X1Kgoiu
i9Vpj5cSL6FwWUl22Y9tEMJzkZPA0LUDJSiqoWm2K0l6CKSkxSlfXxcS4+qJCRASDUIuEJr+PILr
pkV8z3wENqJsAGnoeqairp2bSKsrpHtQlorpf0W5J5uWHn0C0DRilu2xVd6KEnLaYUYO0T0i6AXx
2e525H2brbZYgi4IRQ4zAYIpgVLBUVlA3UBg5foR7q+8jDWTcR3XCktZ5FUIWLi87Jm6HlPCSiZ0
xxjMnYmAV1QSTvEHGEZzYe65EAt/rFFikUg15SIGlhK8uU7wKDRccOmvlHn0GgLPuUwi1LhPhPG/
XETzBP+aB7h95GJmqms5PfuKzwYTAeGIediEIEILnwdvCKP0FmqtsDJwFkHDpooScvvceNlQsMh2
Yb7ZhPoTTShNxKz5703Y1qMvgYgpdh72XU26m0AC5x6GBkpYFuqulSGClFL6vNuyVXv5Pt9llV9s
4qXDhnv3/O+AO6CH06YFj0hF2fLkRwIaG1ZCnu7d1Tbopiljphuw37PjNstx3lJSroDBtg45LKTf
abYhGc7fkaz8xHUaH0X2p90xe9s54pDp2pP3PQBLQ8RjYZHoizBu1tx8kuJFrFgk/x/Ft3XpV4dc
DlQc033hWcORDmGTdFkA6JoiH20L+POOEDYMFLcYCIA9oJarWR+Q3GS5Ww+iow1TuhvPTXTsJToX
2cVMwpGwHvQGm5now+aCtTi8LEQdTTpPsS1zpNsPSL04EQAqXa9J7t4RrvK0HMhL8YjFqmttMiQL
kyRNVzYF63XP+4YHjEvi34oKHwM0KcSzh3b0RcBgelR+GURdsbjr8Cbo4edAhxYHRrgBuhwCvasp
pCfniawYWZlZw8iJrVm4ucZdgVRvH888bprj+2pnwEIQ+sz+fqX4bTC3ycTWy4O3yL0xiSRfP6NZ
3DPVOvAbCVfNXPyjCccTVcXrveCCwRWBgaEsWozi6rm1h1rBecfNZsFzTAT3YG0aVfq6+Hr/1qDy
1kwdP95cOTSEwnJ4T+7IX7XD38sOoo0NCmVuZHN0cmVhbQ0KZW5kb2JqDQozOCAwIG9iag0KPDwv
VHlwZS9QYWdlL1BhcmVudCAyIDAgUi9SZXNvdXJjZXM8PC9FeHRHU3RhdGU8PC9HUzMzIDMzIDAg
Uj4+L0ZvbnQ8PC9GMSA1IDAgUi9GMiA3IDAgUi9GMyAxNCAwIFI+Pi9Qcm9jU2V0Wy9QREYvVGV4
dC9JbWFnZUIvSW1hZ2VDL0ltYWdlSV0gPj4vQW5ub3RzWyA0MCAwIFIgNDEgMCBSXSAvTWVkaWFC
b3hbIDAgMCA3MjAgNTQwXSAvQ29udGVudHMgMzkgMCBSL0dyb3VwPDwvVHlwZS9Hcm91cC9TL1Ry
YW5zcGFyZW5jeS9DUy9EZXZpY2VSR0I+Pi9UYWJzL1MvU3RydWN0UGFyZW50cyA3Pj4NCmVuZG9i
ag0KMzkgMCBvYmoNCjw8L0ZpbHRlci9GbGF0ZURlY29kZS9MZW5ndGggMTA5Mj4+DQpzdHJlYW0N
CnicnVdNb+M2EL0L8H/gkVwgND8lqghySDYNtmiAbeKih0UPsldOhNqSa8nt+t/vDGU5+jSCXGyR
4szjvHkzpMj8K7m+nj/efflMxM0Nuf18R/6dBYIILoSQSomIREoQawTZp7Pgr08knwXzh2etyUs5
CyR5Oa8WIpTCdJavP82CP2YBuX+8I6QFJU9Qtwtw9qskOuZxSBZrdAjeiCQm4qFzxFh4I8liiyge
6mEWfKOPBbvSdM+koim5Z1eK/sCfiklB07zMltkmq47kK6zQtFjiu026LQn7myx+mwX3AFtDqxFo
KyWP2sjfroWOzE3fdmzbVkseqo4x7aOe1xrBbXfpl7I8pLhbojFAN2EZRoobOY0y4Ft1+NZEKy5C
0yVccyDDCa5tE7Rw0VjQQ9tI9GwpMh/SYleU6XfCHC2LzYEZWmXwU+QTYWlheRh3HV0MS/fCUlE/
H1HMlTJEQ6ZAyU1ct3IkrqGxFCAE1zGmdxumaZp4YaV7AuF8T1F16yyH5wwCtBAgKO1KRrRYk3KF
iXxNtwlMGfofC2nJ4TFE9RqalsUBHixdpTAZnd+PE9RsCHgyzYYAPUL1A7ks9uL3O+ATLpR0PO56
uEixeS/FKrRc6g9S3Damz+kO+FWKJiyqg5riQwkH2F3rJ2SzReuCGU2PO4ZcT+kuCrmzXTdTkNpp
bnprkxw0fuXo8wrzXI5mdwo7NJAPM409SIjtJUTaAacwhaxoh1FdrOURY637xkhp1MQSQyzAJcSo
YkgOtKrjLvXSfk1Q6SVWe0L+fPodSwBymOMs8BPRDFfnIPA1uin24GZbpxjm/csi90WQLNGmOFT4
h/4A1/U2MKVvK0IuZXf/F/kM380n/Dn5UT5bxrVOoEoTr5qGtwSYqfBE83zsoc14TpaHKmUnXg/Y
TZew7ugZT4jvspcywz2hBBHBSSPOFRRVnRiyTIn3itPwdtfB3kIdAs5xeG7WoTozFquMQ25dUxvn
qPaZD8VgKD79FveKbRSz+wNeWQrdC5tnIxA7XYYSoGwX6iRThtKB/iGQD0uh/g0yAY9TNWhEzHXc
dTalLwPA0Dk7ay/qK3pvA5VwmtsP9s+W7aABtvsREL9mCiRTD3M4deqTrHcMVaeG6QXqT7YSl/lm
nKBYYjzbLp9SUoFCTnsq6844ZRDH3KmOwQilz7skP7PqehdIZbhQIxeaGG4m5nR9xMn9S/P09PAe
nHiAM8SwcGtppPCKd4EKmax2v8znla/LZMXxz99OiwLI3JQcSyyt1ix0lOOUT8gLlKSm8/+ZlM0z
UxLYy7awHr2BqpPVHAZVtoLff5iGXFdzcKDdJRVK0Qrk7aILFy3Z2n/7ij15a4XCh9tZO+j20jea
a240h08CWCVjaMjuNN7MAm0Nt+HbGPcC5A7GkhvXXt+MG3/NuEZrRq/1p8eQhsGHh0K8QUrhCyA0
b5SM6OQnVULNFg0KZW5kc3RyZWFtDQplbmRvYmoNCjQwIDAgb2JqDQo8PC9TdWJ0eXBlL0xpbmsv
UmVjdFsgNDMuMiA4My43NiA0OC42IDExMy4wNl0gL0JTPDwvVyAwPj4vRiA0L0E8PC9UeXBlL0Fj
dGlvbi9TL1VSSS9VUkkoaHR0cDovL3RyYWMudG9vbHMuaWV0Zi5vcmcvd2cvc2NpbS90cmFjL3Rp
Y2tldC8zOCkgPj4vU3RydWN0UGFyZW50IDg+Pg0KZW5kb2JqDQo0MSAwIG9iag0KPDwvU3VidHlw
ZS9MaW5rL1JlY3RbIDQzLjIgNDkuMiA1MTAuMzEgNzguNDhdIC9CUzw8L1cgMD4+L0YgNC9BPDwv
VHlwZS9BY3Rpb24vUy9VUkkvVVJJKGh0dHA6Ly90cmFjLnRvb2xzLmlldGYub3JnL3dnL3NjaW0v
dHJhYy90aWNrZXQvMzgpID4+L1N0cnVjdFBhcmVudCA5Pj4NCmVuZG9iag0KNDIgMCBvYmoNCjw8
L1R5cGUvUGFnZS9QYXJlbnQgMiAwIFIvUmVzb3VyY2VzPDwvRXh0R1N0YXRlPDwvR1MzMyAzMyAw
IFI+Pi9Gb250PDwvRjEgNSAwIFIvRjYgMzQgMCBSPj4vUHJvY1NldFsvUERGL1RleHQvSW1hZ2VC
L0ltYWdlQy9JbWFnZUldID4+L01lZGlhQm94WyAwIDAgNzIwIDU0MF0gL0NvbnRlbnRzIDQzIDAg
Ui9Hcm91cDw8L1R5cGUvR3JvdXAvUy9UcmFuc3BhcmVuY3kvQ1MvRGV2aWNlUkdCPj4vVGFicy9T
L1N0cnVjdFBhcmVudHMgMTA+Pg0KZW5kb2JqDQo0MyAwIG9iag0KPDwvRmlsdGVyL0ZsYXRlRGVj
b2RlL0xlbmd0aCA5MTc+Pg0Kc3RyZWFtDQp4nJ1XS28aMRC+r7T/weK0RI3xY23voiiHJBS1UqQ2
IeoB5YAIpBx4dJdIqar893q8LJ1N1hh6QcbM4/vm5YH0vpGLi97t9Zcbwi4vydXNNfkVR4wwyhjj
QjBDjGBEpYwUszj6cUZWcdQb3ktJnss44uR5L82Y5ixtiM/P4uh7HJHB7TUhyBXfuboaWWOfOUlT
ynRKRnOwaM0RTnjKqJAkVRlVORktwY3zNYyjcXLX5SaZlevuuUxeii4XyXQ26qYq+b2Zld1HMvoa
RwNrHBzUFlOmKcuwxXFCfLJcUf1Ots2nR12ZnGba7+pDQEQjINqyp6wZj1RSQWSeUSacQXJugy6s
zHScDAcj0vNAyRQVVgxrMqd0NwMKlg5iI5NRlzMbRHvyxpHnkuYNiwFyEpFr0jGGZnJnYuyLJae6
KXnQWep1pgzV5kPsiK8ENGuoVEH74xPOqMiwfACl8qKUhiregtKL02iaNdQqpJ2VzeEEsrmEvHb6
kGLSsccHuCzhsoCvnzx2BRNUpthygJP2cuKGSnU6J6S24wSgVwD/CSp0vQBOqy3Qg8s+gVMPKJZQ
wHBXwKnj5agE1Qp7CnA0Po4iN5S3VddhjlhtxxEATwH6T2C7nABHmz1pgdnLzgvkDXLb3wsulvB1
CoLroibef7CnKsugzOGOskPBkNoOrRxDCgQj8wbDdis7vYixGkr4K0DfutSXwHGxrqughPp1WfcN
j10RI8sBTrmXk7IQ24vYy8oOSm3lsOqOF6B/gVytXF+WU3tcuGaFZLmvVfrhbgKZ7rtx/bqt87uC
yyoU/f2d+9UN801RW3Q10B+A4F65gPYpXPu4n9FIcMVC7Qdz5eYrFpXZUdeISiCwnHkjKzXV+f9F
Fqm2R3b2BO+ba4h7e9pO7Md8DhGBO+GIdg5PB+QkxJF7OXJNlTy9I5Baxe/R/8zD8oUUQljbVg7d
snPwXEML7aHLLPxwIp1x8uarIUvR7ljYfsXxMG553KrErXWenfTcY5VjnnskHwLt3Uq4baCWjS5U
GFgt9N4PXce7PW9z8DHkjJoUmw6x8m4xXCrYf09mhdRCr2Gj0eX7CTpdg2Axqxt9CIJreDs3p72G
CFIoGt79h9s/E6evBkjruO0Hct0bwgxf1zNv47YfX77tvy6hkJ8QQXPkxMgVVaJtYHh7L6Mp1qr4
vh0cG//EQ7Cz4waGUVTWifZNWfdfBAt+8PwXV2sQeg0KZW5kc3RyZWFtDQplbmRvYmoNCjQ0IDAg
b2JqDQo8PC9UeXBlL1BhZ2UvUGFyZW50IDIgMCBSL1Jlc291cmNlczw8L0ZvbnQ8PC9GMSA1IDAg
Ui9GNiAzNCAwIFI+Pi9Qcm9jU2V0Wy9QREYvVGV4dC9JbWFnZUIvSW1hZ2VDL0ltYWdlSV0gPj4v
TWVkaWFCb3hbIDAgMCA3MjAgNTQwXSAvQ29udGVudHMgNDUgMCBSL0dyb3VwPDwvVHlwZS9Hcm91
cC9TL1RyYW5zcGFyZW5jeS9DUy9EZXZpY2VSR0I+Pi9UYWJzL1MvU3RydWN0UGFyZW50cyAxMT4+
DQplbmRvYmoNCjQ1IDAgb2JqDQo8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDEwODU+Pg0K
c3RyZWFtDQp4nKVYTW/bOBC9G/B/IHySi82Ewy9TRtFD07RogWI/6uwegh5cR+4aiN1EtoEWxf73
5VCWQ2lFyutcBJmaGb73ODMamV3+xl6+vPx49f4N469esddvrtjjcMAZB845CsEnbCI404qzshgO
/nrBNsMBsq9HG84NctUwWr4YDn4fDtj1xyvGgg3wsMHr2XBw+RaZUsCNYrMlRXThGDLMFQjJlLag
czZb0zZ+r3fDwW32afF3Mb4Q2Xq+ZX+McZIV22/jC5ntyzGKbFGMP7PZh+Hg2sWnPeqgWmiwJgx6
m7HA9j9ARQOoYeiANnEqCYIpzkGrQ8B312OZzZi7XH5yl8UYeebQSgeWwG0j2NBFMqYZKolNdmAz
HeCklTDBQ8TbmDIIpmmZ3Fudpos0BvIqILtwSSKczcKFZhEUhjdcuLf+GTO2IGxo34NZB5ibKDUH
7EIZxTkxYBtuFdLRyp3yHZ33aOru2IjO26WkzDa0ON1SOpDNelonxjd6WkzJ8IYeF7RY0mMEd+Ej
d/klgkJKAwpDHD0KmKgCUoI8Q4HA7aDAxuGdE4c1ZfzIE2NE4oYWt7RYpjgJLkCqMHIPp0mUExrQ
Z3AK3A6c7upz2S4I/oo4Pezc7cqf4KYiKiueM1/udMhbRoYrOlVGi3NqCV/m9GRVHz+7oZ8FGSZl
ka4b5nkIrkcWG5NF5Hld4/9HltDtIAsx2RGJHeXw6otP9t1RK6IzJcqxlnM46iByD6c8yskKsHkn
pyir3HVbZxe6ptsNcoQ8tO9BizwK17UsfoxBEgUXnxUxCMhBNt3bBef7DAWqelGy1DAHVC00SUYY
ZaRyEM9gFLqPKIV+kNNDixFVUpVrtLb5SmtRclqA0S1gSXIiSk4KUM8gF7qPoqYWJk3T9Z4K6v7Y
Z/6kervfU33dRU+U03jT2rHWb+nHj/vjWyYqnTWALdxp6WRUOtRgniFd6N5uw3S3eqCUoEyvuvBT
rtwQ1w09eaTFPaUS8yVR1K9j77f03bygrAJaBHrrQqpslHvr2kmLWlKermGpa1DD3NLxHdXS4WWM
2KNWwz2daA3T0omqsvmd2+VX2mVz7+5+xPytpim1udeUAO4oSrl3t0VPUTZ5JqXTp82Z6LoyN2fn
WcN9VNZ59riva68s6mbqs8u/9Upfin1UG8CSVKPDGRoN4hnkQveetAhNF9XXCjG/pl2+U/9Z7GIB
ckrq1mbTGuHS966tL7WYYIZD3kKbFiw6+aGyoMxZ40DLFVXl+k/smElitA23aopIQ49OZyiRyuss
6IFrhaFuaPEj1zZ060Mdnb/QlaXtRp2aKUO3CvHniLlrOvTXQuDQ993OT+y5rhVx9YRc2v4v1CeX
RGI4gsaG0U9IC4GndTuLIFSH2nHITx4uK6IZcVA5CH8K6OjcZBSoetPYwfq/HULD9F6y9b+R7dRH
S8BolvwL+Lm0SA0KZW5kc3RyZWFtDQplbmRvYmoNCjQ2IDAgb2JqDQo8PC9UeXBlL1BhZ2UvUGFy
ZW50IDIgMCBSL1Jlc291cmNlczw8L0ZvbnQ8PC9GMSA1IDAgUi9GNiAzNCAwIFIvRjcgNDggMCBS
Pj4vUHJvY1NldFsvUERGL1RleHQvSW1hZ2VCL0ltYWdlQy9JbWFnZUldID4+L01lZGlhQm94WyAw
IDAgNzIwIDU0MF0gL0NvbnRlbnRzIDQ3IDAgUi9Hcm91cDw8L1R5cGUvR3JvdXAvUy9UcmFuc3Bh
cmVuY3kvQ1MvRGV2aWNlUkdCPj4vVGFicy9TL1N0cnVjdFBhcmVudHMgMTI+Pg0KZW5kb2JqDQo0
NyAwIG9iag0KPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0xlbmd0aCA5OTA+Pg0Kc3RyZWFtDQp4nJVW
32/aMBB+R+J/sHgK0zA+/w6q+gBl0yZN2iamPaA9dG3asZXAQiutmva/z+ckJFZxgIeEw7777vPl
7nxk/JFcXIw/zN5dEXZ5SaZXM/K732OEUcYYcM4MMZwRJRkpsn7v6yuS93tA7vc6jGlgMlC6e9Xv
fer3yPzDjJCWA6gcTBf93vgNECkp05Is7hDRwREgmlGTciKVpSolizW68b7e9nvLZP5nCDa5Xm8f
MvJllxXkaTcciWSV35PhN7J43+/NHTTC13gSUurYtfCWSTEEkWS7DZo+uT88uckWQ6mS520WgdEq
pSJEaXt8cVIenFQTUDS14UmloJyIVFPOK8S38wUZD0c8+eJOZZOs2I1hOAKWcBGhBcZQq0OUTl7i
AC99gJYRFNQpgLIFGEIoRgEqiL8R/opTG2p2OlNRZ9xQl6gIgUnJXaRvHFYsKTSnMrTx+oMnDP4u
w3eBXyC/RnHtFwa4MCGlGPka1lCp28DL5PtPtMhy/x1L6DxizpWkFiJnGbyOWRlJQRw4TWckdTSS
zNWkODOSbZuS7dqf+hHf1xi4wQRFEssDkK5KdRvoCH8T488to+mBTIiewALVTiuwK88QMUjB1Vpg
4DpKVn7fDZ7StRT3vvElvEDxeeujEfuATFOtQzwMl8Mjg7oboLnDK/xCLBUEE5SpEKkzijYaRWVo
eiALjkaxsVsmlNLY5wZGlQy9HM/ZNMpWuMJJz8vZwMbr/4uoG04h8HGEJrAoTwBq1Zk8G5uuiLqk
FFKGHo5HFODEawqspcbumTO8M45SD4yqBlvkZWbvblbrWvqR+W5x7S+9SfbnsSymfLfa5Lgx8amf
P2bF1m8Uq13m28k8xw1cL/yGW69qxXfvCVA28BuTaOPRrvHI4HzHQnboZj9wg4JW1MjzKyiwO6UP
tQyWCUbSnXf7gFHYPO/7RvYOxdvueytAqhp2GT/g+EdIfCvfzmO9zApqRIjUHU4RKxaQnJ55o7dN
TijpRv0YyeiQA266dL27xIh580NOoNntTZ1YlG7oOw1QB4AmlrJu5lMV4AVjAhhT/HLEnawMY9KW
Mly5iV+UMn9zObLuV0r36HJNzpt9tPf7abM2FW691tXumVayLXUVQ7zK3u1PKxnta1/KNLyUquxn
7qlkVWO1eUPDocYSusV72uiGHEpdJlprqtHd82r5avtFXcVqjhUvaPbRruaF/P3+zK+F6dTRbNzg
KOpUePAzyOYXvle+f95jxRI/yj6S/Wyb3dWdshxP64nl1td994ja9vf5wOjjx9wFwnWPPsIwylUA
F7vghElxqGmrvkj6/w809xANCmVuZHN0cmVhbQ0KZW5kb2JqDQo0OCAwIG9iag0KPDwvVHlwZS9G
b250L1N1YnR5cGUvVHlwZTAvQmFzZUZvbnQvQUJDREVFK0NvdXJpZXIjMjBOZXcvRW5jb2Rpbmcv
SWRlbnRpdHktSC9EZXNjZW5kYW50Rm9udHMgNDkgMCBSL1RvVW5pY29kZSAzMTggMCBSPj4NCmVu
ZG9iag0KNDkgMCBvYmoNClsgNTAgMCBSXSANCmVuZG9iag0KNTAgMCBvYmoNCjw8L0Jhc2VGb250
L0FCQ0RFRStDb3VyaWVyIzIwTmV3L1N1YnR5cGUvQ0lERm9udFR5cGUyL1R5cGUvRm9udC9DSURU
b0dJRE1hcC9JZGVudGl0eS9EVyAxMDAwL0NJRFN5c3RlbUluZm8gNTEgMCBSL0ZvbnREZXNjcmlw
dG9yIDUyIDAgUi9XIDMyMCAwIFI+Pg0KZW5kb2JqDQo1MSAwIG9iag0KPDwvT3JkZXJpbmcoSWRl
bnRpdHkpIC9SZWdpc3RyeShBZG9iZSkgL1N1cHBsZW1lbnQgMD4+DQplbmRvYmoNCjUyIDAgb2Jq
DQo8PC9UeXBlL0ZvbnREZXNjcmlwdG9yL0ZvbnROYW1lL0FCQ0RFRStDb3VyaWVyIzIwTmV3L0Zs
YWdzIDMyL0l0YWxpY0FuZ2xlIDAvQXNjZW50IDgzMy9EZXNjZW50IC0xODgvQ2FwSGVpZ2h0IDYx
My9BdmdXaWR0aCA2MDAvTWF4V2lkdGggNzQ0L0ZvbnRXZWlnaHQgNDAwL1hIZWlnaHQgMjUwL1N0
ZW1WIDYwL0ZvbnRCQm94WyAtMTIyIC0xODggNjIzIDYxM10gL0ZvbnRGaWxlMiAzMTkgMCBSPj4N
CmVuZG9iag0KNTMgMCBvYmoNCjw8L1R5cGUvUGFnZS9QYXJlbnQgMiAwIFIvUmVzb3VyY2VzPDwv
Rm9udDw8L0YxIDUgMCBSL0YyIDcgMCBSL0YzIDE0IDAgUj4+L1Byb2NTZXRbL1BERi9UZXh0L0lt
YWdlQi9JbWFnZUMvSW1hZ2VJXSA+Pi9Bbm5vdHNbIDU1IDAgUiA1NiAwIFIgNTcgMCBSIDU4IDAg
UiA1OSAwIFJdIC9NZWRpYUJveFsgMCAwIDcyMCA1NDBdIC9Db250ZW50cyA1NCAwIFIvR3JvdXA8
PC9UeXBlL0dyb3VwL1MvVHJhbnNwYXJlbmN5L0NTL0RldmljZVJHQj4+L1RhYnMvUy9TdHJ1Y3RQ
YXJlbnRzIDEzPj4NCmVuZG9iag0KNTQgMCBvYmoNCjw8L0ZpbHRlci9GbGF0ZURlY29kZS9MZW5n
dGggMTA3NT4+DQpzdHJlYW0NCniclVZLb+M2EL4b8H8g0Au5QGi+RRVBio03LVIgRbsbtIdsD1pb
toU6kmvJzfbfd4aKbEmWnO3BMjniPPjN4xOZ/Uqur2cP8/sPRNzckNsPc/L3dCKI4EIIqZSISKQE
sUaQfTqd/PGO5NOJJOvjGSGcFKZzaPVuOvltOiF3D3NCWg7kq4Pbx+lk9qMkxnDhDHlcoUUwRyRx
EXdaEWM9tzF5fEY3wddP08kTvfvKrhStmJQ0zUt2pWlW5IQZ+pHJiKbrrGQxrfZMepqwiFbh7Z/k
8efp5A581n7VkF8TWS582+/TtdCRuelrD0Zt4ogDBm1t2nfcnLWAaOfgfVke8Fop0WJEx1nF9QX7
Z0irDtIaLHOhejFrroj2lvuoua/w0cB9B3Qj0dOl/8wTgN3QJWZjk5QkwcUOZDEtFmkJAlhbWhzy
Jbwg+5DDdQbrEpd1TvewzXJ4rEnKpKNfK8hnioISUlme5xKjG4jMam6ayF6yakOYpvfvf3mPFcNH
MFZCcNPTvYix7mGsHNZAJ5iYK0BOS8/FCeRbeXNm9dMuyY+GTa9Nzg1LIXnk24Zr+X7drD6Gftlg
OzAJLbP7fjare8fTogA4tiXP0mrFnKO8gGxougZ0LJ1twvnn7QwO7VdMabpwkABtmaUCft+VKTwX
2FtjFW4sjzvRPdGrsbMAd9w9KiGFl3C3LXiOZuK457I9NtppPAEVQHSgY7lUBFQUAK3iRrCdTrQV
3KuWAKeEti0B+vV+SABVZDoqjeBotBEc3TaCY2CNYFOP1DMk3Dd2uYJCtPoEy/9u9ZaBJ/ppfv9A
YLou4FcctlAmS/Ilhb88xdJZZbCsyBd4+y9JlsUOqqXK8jXOg4SU+PY52+JmT3ZhVIf5MNaWDhjB
9CK42JbRt7algkEu9XBbvtl6bWU6BxjqwZdud/h/gFHlYZKRZQoduMrycH8p6MsmwZbEeQQNn+LE
BEozoS2R0UxNaDAoM5iY+XKMRJooJMRnX6PYFMzRF4IjsyCBUcqUwCaryGeahX15AAm0uvaf2Rjg
GrhG2a7pi4D7AcDdIOLSQ9RvA+4GEW8p0/keKy1NENIAXRkwA86BAR+GWfgWQF7ZsysHhYjrYgWw
I+gWQddH0C2CPlqARkdIum33F+GIz5ryvCElPKV/i3bP+7CtR39nGjK9PeQn/kyhgPb4KVT+MMZy
MKmE6xoauE6Hj6ToE9LAjJECJrC5wEVvepEDcz2YjjxXpinyOuWQwkBpVfjASBYc/yp8B+RmkNwg
1TW/eeC3GhYTKE7T2QuC9bpmStJykT3DebSmBFhD6quyBTz/YkCJaTVDAhSXsi7VECsBlWnZin+M
lLpKgTDalx7mrxobyx1yl4w98k7YBpIx3LrjFgMBa/2tweHWOt3sG2PNvvbU7MbYSOpemQxVvsEy
PhHReVX8BwV7nMgNCmVuZHN0cmVhbQ0KZW5kb2JqDQo1NSAwIG9iag0KPDwvU3VidHlwZS9MaW5r
L1JlY3RbIDEwMS43OCAzMTEuMTEgNTQ1Ljk4IDM0Mi45MV0gL0JTPDwvVyAwPj4vRiA0L0E8PC9U
eXBlL0FjdGlvbi9TL1VSSS9VUkkoaHR0cDovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjNjM1MCkg
Pj4vU3RydWN0UGFyZW50IDE0Pj4NCmVuZG9iag0KNTYgMCBvYmoNCjw8L1N1YnR5cGUvTGluay9S
ZWN0WyA1NDUuOTggMzExLjExIDU1My45IDM0Mi45MV0gL0JTPDwvVyAwPj4vRiA0L0E8PC9UeXBl
L0FjdGlvbi9TL1VSSS9VUkkoaHR0cDovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjNjM1MCkgPj4v
U3RydWN0UGFyZW50IDE1Pj4NCmVuZG9iag0KNTcgMCBvYmoNCjw8L1N1YnR5cGUvTGluay9SZWN0
WyA1NTMuOSAzMTEuMTEgNTk5Ljk4IDM0Mi45MV0gL0JTPDwvVyAwPj4vRiA0L0E8PC9UeXBlL0Fj
dGlvbi9TL1VSSS9VUkkoaHR0cDovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjNjM1MCkgPj4vU3Ry
dWN0UGFyZW50IDE2Pj4NCmVuZG9iag0KNTggMCBvYmoNCjw8L1N1YnR5cGUvTGluay9SZWN0WyA0
My4yIDEwMy40NiA0OC42IDEzMi43NF0gL0JTPDwvVyAwPj4vRiA0L0E8PC9UeXBlL0FjdGlvbi9T
L1VSSS9VUkkoaHR0cDovL3RyYWMudG9vbHMuaWV0Zi5vcmcvd2cvc2NpbS90cmFjL3RpY2tldC8z
MCkgPj4vU3RydWN0UGFyZW50IDE3Pj4NCmVuZG9iag0KNTkgMCBvYmoNCjw8L1N1YnR5cGUvTGlu
ay9SZWN0WyA0My4yIDcxLjc2IDUxMC4zMSAxMDEuMDRdIC9CUzw8L1cgMD4+L0YgNC9BPDwvVHlw
ZS9BY3Rpb24vUy9VUkkvVVJJKGh0dHA6Ly90cmFjLnRvb2xzLmlldGYub3JnL3dnL3NjaW0vdHJh
Yy90aWNrZXQvMzApID4+L1N0cnVjdFBhcmVudCAxOD4+DQplbmRvYmoNCjYwIDAgb2JqDQo8PC9U
aXRsZShJRVRGIDg2IFNDSU0gU2NoZW1hKSAvQXV0aG9yKEtlbGx5IEdyaXp6bGUpIC9DcmVhdGlv
bkRhdGUoRDoyMDEzMDMxNTExMTY1Ni0wNCcwMCcpIC9Nb2REYXRlKEQ6MjAxMzAzMTUxMTE2NTYt
MDQnMDAnKSAvUHJvZHVjZXIo/v8ATQBpAGMAcgBvAHMAbwBmAHQArgAgAFAAbwB3AGUAcgBQAG8A
aQBuAHQArgAgADIAMAAxADApIC9DcmVhdG9yKP7/AE0AaQBjAHIAbwBzAG8AZgB0AK4AIABQAG8A
dwBlAHIAUABvAGkAbgB0AK4AIAAyADAAMQAwKSA+Pg0KZW5kb2JqDQo2NyAwIG9iag0KPDwvVHlw
ZS9PYmpTdG0vTiAyNDUvRmlyc3QgMjIyNC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDMzNzE+
Pg0Kc3RyZWFtDQp4nNVbXY8ltRF9R+I/+DF5mnb5W0JIEEAQCKx2kfKAeBh2b5YJuzNomJXg3+cc
d7nv5U67+45BSiKttj19uz5cderYbbtjMJOJxQRrYjZ2ciZZY2MwSYzYaJIzEpNJk3E2m+iNK96k
YDyeTtkEmUxKJuCxLCa6aDIUFTGZT00m4/6Em/znTQ6mQCBnUyCbE+3h7oQrRFIx1sJQ8saKc6bg
vpvwrMM1ThA11lvch5xP0ZRobHBiCuQCHi7wP3rcnNCDNEHLBA0pWlOCsRmG4brNdA4SJYTaXZkc
7Uc04KydArrtYMFORmQSuoZGoG+IiLNsWDTggLXeiHdsQI+nn4iYhMAG9ERLzZkBnNg1I6n+hDsM
ihXoydQs0JzZHfgoxfOOM26qtgoayIUVhN463JkSGrQF55wwSBKNc8ye4GEPrVYyGsiSdda44BlI
PBxqJKG5RgmRd5Gxc8G4FIRBNi5PlIKJHKDQQU9Bd2nYFWTQQpefLH9iI9WUGC8IkvUODRr1Yjw8
Q8OjwaB7AMZHuooGMYMEAkKMPEACLMExdNsnRj5AKjPyCJav8QnR+MJoIGe+MPJwLkyMfAD4JvYL
2gMlAAWgkpGPDg1GPooBTlKFdXCEHXoSPLyzAEcIhAr6HwKhj0IIMbJfEbCuUjBRwwJdoYaF9VIA
BwuohgL8W+A/EssWf8SJXYaXkcosYB2FMQTkozBNtVKEDdQKAo2GR2l5NqAnsO8oihjoBkoH7qDv
eC5G/GUR4piYQUQ/5voTTFT8FNYyMmxRYrHw4czaDfyJlQ1UWtYvu2tZcsJ+FVY7E1cs6p0KCwuf
ChGR5ANjiDuB8EOVoaSAZVRZIrBlIgUAnkLySPBFENCUgQJqxw2UAuCeigfwgd48QRTVhkagVAFn
4DZzlplGBisLSwohzmQf/pEdywUVlwFWNAIoBq6So7LPfBiag+PD0Iz0oFHIOrQOPRXqoI5MAhDo
yoXOw+8yodpESDjInqCaCiEsyH1hbASpKkLnYa84Og/gFkfnUV/F03nyEBFeiSvQeaChAElogPUi
K9uRsxKloDlBq7jKhOQVaM74XTx5DGkUlFUpngRDhkPUwTRkNGROiNypchYxM9WgVeKTykjkVQIN
tEWKI7uw5KaA8hGyyxThpRADExElhOmUYFoCNRPsUumRaBeiZyILSKBm0oCwCmAYHa/MODGUrG9L
5gLxsYUKECLYMm4SyXzCRJFGQEOQRT2ixVTFyqbMVST3+kIJ2iCZSmXNyDB73gO2TC1sFAf6lvhr
IeGSjoBdyLImhQUpqdIqbWQSI0uSXsApoFQyxxrGWliGcJT3Yh1/eI+8S2YVkgaCzV8ri9EXjlcI
BHqZyL0kVeHIAtfgS+a9RP84bkEVW5WaIUc7YGvHFn0pqDWZx7vAFum5RrJUDofNWp+O8JDK2fTP
cXyrzC8c+0D9tJHYgk03ke1D4HOeLXjkpkrznr9Wnrdskd8TMuA4KLlMbHAMdjkzR7RWKpuR/RGC
So4sHKa00jqz58kFDLZPKGT2FAMQ8UL6T6VGA61cf8nkfSH/1hZjUEdxkpNIpX7micQTAiuvMjM4
znzwwdUzTkMm8/zqxdWLn69vr7797efD1YuH+3cvHz59c3h79ey1cfX3L8304YfvvzeLZBX53D4S
+PI7Y783i9xRppn59vDrww93v64JIjx4Zk0a4Ziln63JydNF3NNF/Gi3EG88w0lgvbheJ6NtmXhz
8+qwGqBQVczxV3dXO7KXUyuPkooqvyCps+BjQ1vdz0c3z8Rz6/FXH9+9+m0jtedyLVFffbEmlKVv
0e1ZdEMWfd9i2LPohyzGvsW0ZzEMWeznMZUmuSo4438OvcZDnRwGVZ664vtllGYXZsSr8+sRaf3q
1lF5VEdFLqqjsm5oo8vlhDjOxEu8tI7O5MJmxkvqW8x7Ft2QxdK1yBfQCwvpSSb5htvtZUPiKq7n
qGsomn/j6Q1d8X1El2l2ZR5iit+IYoNnD9KSH0GaL/IXYHqWXDG10WtOvBdfHykoexmXjmDeTrmd
+kbt7pjkBo3KhtHdYckPGvUbRndHpjBodCuny+C0DocyF9OchRaY5uuOytVpWxwRSitC9bFvPv77
86tvfvg35vdVfkWzNJ7arbB8kosF6je3P61GRjQisgWjvfFqMV0ujYR2p66iDWbATn+EH5RdbdJr
+1uBIn2A79Mm1yxn7g56Tf1OStgJrrOPmVMue1WyHVNbkZHTt6UzBe6i96UnCbkRIT8iFEaE4ohQ
GhHKI0JlRKgVzhOl/gionLKME71qgTivVy0UF/WqZem0LJ2WpZ/64Fwc+ezm9bv7w9VHbx7+8lez
jvF1DV42A9CB6kUB8O5PcbwD/ItcWMf/BWwmmhRpyVDq9ppUr0n1mkwf+n317ZWiy3bxMdv5Nv5s
s13smNoMyimgzhSE3dmTdAQbjjoTmeA3jO7Ontyg0bhhdPfV3g8azRtGd6fhYcxo3MhplD2jsSNo
d4y6DaN+z2gaNBo2wrv0dF1UizZuYdFuqghK4kHJOyhpByXraPuqLytO6Sq4gLa8uuPVnbDhTtyl
pZXX13gZLeWOqa2e/24N9kxBupiWzgV36ib5DaO7S0GuI7izTJLShtHd1SA/aLT0je4vHoeO4PY6
pz1dPn4ku5vTOGh0K6dLlNZFdXjPbsPv3dEqjWXodB26j+P15Op0Jel0Jet0JYcNldtMl5TpUk/F
71/i/fIS/yheDdG7PHPyEn9ceO+9xGeluLJFG62L65Pb02X4ra7ZXtfK3grg0rWTRYJi97pWNPRl
A8iLll3Tdro4ILroacslsNl+YxoaAdR81lGsaDWWfmFcMCZG1RYVMMluRDXtRNU/3u3jQZMLxkQv
HVMbEZHTBfUzBTJtvrnJiJAbEfIjQmFEKI4IpRGhPCJURoTawsQTpdZBtSc1BAo7hAo7BAs7hAs7
BAw7hAy7Do0Ly3kmdh7xma9Br1GvSa9ZrzNlybzJUk+gzVfRq+qzqs+qPqv6dKVXdKVX7Mkc8KwD
FxBpaV6pN5N0tcnuyv28cPJ7IpU2I9wmUt8xtRX507XtRwravGyTSJ8k5EaE/IhQGBGKI0JpRCiP
CJURoYVInybVA9W21BAo7BAq7BAs7BAu7BAw7BAy7BA07BA2ZAgbMoQNGcKG9LBxEbkp3YvSvS5a
i+jwoYvXojsSojsSojsSojsSojsSojsSojsSojsSojsS4lWfLoaLLoaLV326KC5e9XnV50/WPc46
uj/8iO7a6ijRAroeNr/3zukfL7nLsvS3PfzEjqmtDJ2u6p0rWJbcN4efJwm5ESE/IhRGhOKIUBoR
yiNCZURoGX6eJtUB1Y7UECjsECrsECzsEC5sBxiXlZiSjq7MS1DS0RV6CUpiulIvUUksKq3o5oBE
pZeo+vSgsETVp8sJEk8Wj84cvoDMdIFeOacFZr37ce8oSnh8rlyWBcNNMguuY2or0qfHrs8V7K+Z
S0dwe3FUTtfMz2Xz3svGEiC3usCn+49rmvcW+BbNfl1zXNV89lDqml9WujtLhaIngSUrWvVIsJyu
JY+HK5zkZ/8AoS6ea9Dqxyl9nGyfe5PTQ8l9qKwjpWx0fXd3JY7BM28YLbu7K6kjuL3RIUU2jO7u
ruRBo344M7qeK2WDQI5HjHt+l7EMlY2KWI7JdxCl1K+7K4qiFqrm84rqszrPvTove9PVpSJPFvOl
7O2RyHwGvH6Qtd/39elnyZf1rXT65nZPSR/7Zk+k9jZJnK6luamPx6OWfdtyaUS0Q/VLtcGgtpnY
2OirDD9nv/WxfiTXc+eC+UhSKOsWjKReVE+Ev70/HJ7f3T1cPb97c/jH9c9GD5o8u74/3NZfTdT4
fqdfd+kHKaZt3mks9TBXOyLRtovaqmp7DW4zwRYpurfY+hox+/LwG2TU08/g2u3dw+Hqa/736e2r
4x8tvi8OLx+uPj9cvzrcz23KtPYXt29ubg8vfrxmh3njo1touH64ubvVv+8fbv51jUb965939z/9
cHf309Undy/fvYVT9c4vPx4OD/Ty4eof1y/v707+/tuP+P/k709urt/cvT65MWfr+OxsB4+9vr9+
qwfntK9fv3v7y3emfvFY42YaZRnlXFe/eGTLL+eQQ/32ka1Yv32s+anfPtYUtf1RU44bg1P9ILI2
bf0ics5e/SSyNl39JnLO5TIT4DewrRmPzdTYBZZaWX1v2KPj53mzsfXP/vhc+/5IfZ4f0MnQPAda
Prbi4+3jjpk7FF2tR22zjQ8ejzNrRHUJXj89aF8DtAP6jw9VL7FRPW0BuipfTheq5T/3qOjJKUXV
c35KsTrRzgq11OkLlB6aa+fY2tGydtrreACrKmmbq8ofep6mHXFpp07aQZB2NqOddWi7922ru+08
H7d8q5Fl40HnD/8r2yh07rgspcL/b4txtRPL66gK/7depqszy1ikwoql4/tFe9dp99UJJSmdobYZ
X5v9tJlCG7iPI+b77/0Ht28+4Q0KZW5kc3RyZWFtDQplbmRvYmoNCjMwNyAwIG9iag0KPDwvRmls
dGVyL0ZsYXRlRGVjb2RlL0xlbmd0aCA0Mzc+Pg0Kc3RyZWFtDQp4nH2Ty26CQBSG9zzFLNtFw1yA
wcSQ1FETF72ktg+AMFqSOpARF759h/PTiywk0eRzzuH/jnBis1luXNOz+NW31db2bN+42ttTe/aV
ZTt7aFwkclY3VT8SfVfHsovi0Ly9nHp73Lh9G83nLH4Lh6feX9jdY93u7H0Uv/ja+sYd2N2H2Qbe
nrvuyx6t6xmPioLVdh9u9FR2z+XRspjaHjZ1OG/6y0Po+at4v3SWSWIBmaqt7akrK+tLd7DRnIer
YPN1uIrIunpyPkPXbl99lp6qVajmXPJiICGJEkUkNUiD1qAZkVqBDFEKStGXJaAElIPSgQRHQibI
bvQQP1Y/QwhOYUJwVMuxGuf5ZAghHlFGgUJAJkOgRHyWEaXjDTVo7MtBSxANKDIDWoAwfPjxprZO
SVtnqF5eaeupth4D1xSRz4g0ByFeS6IZtLUCQVtj3EUKwrhGgPRtUUOGwuAJ6/xKNJmIqgSiikRV
ikBpQPh/5Qq0CCSD4s14hfdFpWtUm6t4NY3XCcpoerWAswSt8GCU+h84vPfDev4uVXX2PuwT7TAt
0rBCjbO/a9613dA1fL4B/NUZYg0KZW5kc3RyZWFtDQplbmRvYmoNCjMwOCAwIG9iag0KPDwvRmls
dGVyL0ZsYXRlRGVjb2RlL0xlbmd0aCA5Mzg1OS9MZW5ndGgxIDE5NzAwOD4+DQpzdHJlYW0NCnic
7HwHfFRV3vY5c6dlSmYmmUmbJDPJJJOEBAIJJRTJkEYJLSQDSSCQkNCUEkKvYkWD2MDesGEJ6mQQ
CVZU7AUL6q7uKq6uurtg11U0yffc+78nBnT99H3f79t3f7+c8NznOf9T7vn/T7mHJS7jjDEXHlo2
taRy/NjD6/vPYJqPExlLWFlaVFJ1w/JbtzD2yR7GYq8qLZpYXGR7s5yxo8gb2diS0rKPn/yaMc0H
OYxJn46dOqVyUdPIsxlnJYxfbxlbGSySpKzvmeb6qYyVvT2lMjfv+z+99Q1j/A94a33jkobmoWMq
4hjLbMYAFjauXukNXXfoNcZqtYzpEuc3L1jy7beTLIzloH5EwoKGFc0skfnw/uvR3r5g8br5I+uT
XmFsjpexseGF8xqajr2bdxT9z0L50IUwWO8xDEN+J/JpC5esXGtd6X4bAy5gzF9wxryWpXMjGj5i
7Kk0xiJjFi9rbIgZpHcytvsIY8mTlzSsbU4Zkm5H+w609y5tWDIv/u7lGxh7fRRj1tHNy1as7Haz
8zGejXJ5c8u85jPu03QxNgRBSbMzOba6jmkbst8vmmMb9Q2LNzI5PfSPjS/K/MLbe8/54UTntohj
hgeQjWAaRgnt9KyL8UOmXT+cOLEr4pjSU68kfStbbH52HtOx8UxCSzvLZfMYc1yqvJczSZvNL0Wp
UXeNLh9dJhNLr7DzNZg7jU2n0Wi0kkZ7lGm6A2xPN72XsUmVXi8LwJ0kGoPhRo3fy/hNynv36yJl
T9F75E+j4YcxezfL8/L7k7aENfyWetInbM9vqncP26OzsJm/Vkej/W199U7aTGoj1f1yW/1beG+/
Xy7TTWSNv+tdqdSPbi5r1Faf3Cf8G/tLbaSPmO2kd6ayu3/z+1pZqiGZnfZ7xtiX+pKcpDfYrN/b
RjuYXSPNZbW/sW79Se/7gdX9lnaa5Sz9947r/2eSDrEhv6WeHCuh+Zs4739H4n/vfqPnfbee1M81
v1Rf38Su6f2+n42l4LfNWU/9Xn1pnj+5XymFVfyWPjT3spTf887/TsJ4d/7WutINLFXX8fM5lNaw
LOkmlvozexar+e+Ory/1pb7Ul/rSf07SXMdNQkv7fv37zbtZP6VNGntIo2NXnWpX+qhhFwDZv3cc
Uuypf4dUx7eClSrlP3Z/+1v60Sxh5wHrf+/7f0+ShrBtvfOGjP+Xb/uF9//I0v6n+sLfk89Qedr/
VJ//xXGMA+4FWoAFqm3e/5bx9aW+1Jf6Ul/qS32pL/WlvtSX+lJf6kt9qS/1pb7Ul/pSX/qPT5KK
RPoXCT4ROSipgGn5QBhymJdpmQXKynwsi+WzoayAjWBjWDEby8azGayZrWe72D1euzfaG+9N6u5W
+rWiXSZaD1FqF6J2KWqXswbW0qt2Imrz7m/wvunAw/hJYqz7MPARDa+7UfPUB3M/aPig6IMi9d9M
MpVRURoMDAUK2FS29FTPpAnSVdJ+KSi1SNXSYumYdFz6VPpMmiRdB48SmZ9lsFFsNCvByMrhRw2r
ZbNZE1vIVrCVXMNt3M4TeDLP5FN5La/ji/hivoyv4qv5Jn4hv4hfyq/l+/hB/jh/mj/DX2R6fkx5
7xc/+7cdzjTqbxNq2K8n3nvkPY5sls5U+BRPYPlC+hLPr4EZPbXJP8ailFmVvWQsF/iXvv7CMP4v
3qPGz/3/352kXhIeS7OlOXj+6m8m/krq2xu/a28ExjbNmV03a2ZtTXWwqnJaxdQpkydNLJ8wftzY
stKS4qIxgcLRp40aOWJ4wbChQ3IH9M/J9Ken+VI9cU6H3WY1myKMBr1OK2k4yyn1ldV7Q/76kNbv
Gzeuv5z3NcDQ0MtQH/LCVHZynZC3XqnmPblmADXnn1IzQDUDPTW53TuKjeqf4y31eUMvlfi8Hby2
ohp6e4mvxhs6ruhJitb6lYwVmZQUtPCWxi0s8YZ4vbc0VLZ6YWtpfQn6azebin3F80z9c1i7yQxp
hgpl+prbeeZorghNZumIdg0zWuXXhqT00oam0NSK6tISd0pKjWJjxUpfIX1xyKD05V0kj5lt87bn
HGy9qMPO5tZnW5p8TQ2zqkNSAxq1SqWtrVtDjuxQlq8klLX+wzi4PC+U4yspDWX70Fn5tJ4X8JAu
3e7ztn7DMHjf8WMnWxpUiz7d/g2TpexiT5hQLjTD2DBC+JeSIo9lW0eAzUUmtKWimvJeNtcdZoHc
7JqQpl4uOShKXEG5ZIso6Wle70uRp6q0Xv2zemFcaMtcb/8cRF/5k44/KPeGJH/93MaFMjfMa/WV
lFDcqqpDgRKIQIPqa2n7wFzUb6iHE4vkMFRUh3J9zSGnr4gqwOCV52BRZbXSRG0WchaHWH2j2iqU
W1oij8tb2lpfQgOU+/JVVB9g+d1H2wd73XvzsStr5HGEYooxKf7S1uqm+SFPvbsJ63O+t9qdEgrU
IHw1vup5NfIs+eyhrKN4XYryRqUVfDultqgse25IN3qrNW6pRp4tGLxlePiKRqHAjulSsvKMFo3y
VnM3E9XwFrWGrE7qBxkpvXicXCTJTYvHuVNqUij9ypDc6ph06SFjr77sMPSMid7zL4dGteUBZXlL
55X0GuBJnerUAaq9/fI4NXIs1BejhVGeznGiSErHzoVNg24UkzyLcd4Qm+qt9s3z1fiwhgJTq2Xf
5Fgr81te6SuvqK1WZltdJVUn5ai8gHIhloJikdEUYw2WZbvFtCr5sUq+JzvulOLxotjbavSVV7bK
nfvUDpkXOwhO6/3jG7YVRA3G1izD6eYra/DhY1LW2tDRvWVua3sg0NpcWr9whNyHb3xTq6+yepRb
Geu06k3u9fKrolg5L68q6p+Ds6eo3ccvqGgP8Asqa6sP2BnzXlBVHdZwTXF9UU17GsqqD3gZCyhW
jWyVjXLGK2fknqYhY1Tquw8EGNuilGoVg5Jv7OBMsRmFjbPGDg3Z7MKmgU1LtoBikxMmKW4hQozj
ttTbJE/PxpqFrfU18uZiMZhK/OEh7hvNQhrf6Hau0VtCJt+8opDZVyTbC2V7Idn1st2AhcFjOIIj
n0mt9T6cU1hQ1czNaSlKcpfeju7uquqUl9zHa1Kw1GYBtdWhiGyc/br0Cag3VkY9zGNDWxob5HGw
YLXc1pA+vrEGy1Z0iCrjQxHoIULtATXKlDbyckSjRswNJlBpvwWZ0JaaUE22/NLqRTXKcraH2Djf
CEw79anzyy/KrWmN8uUpexNbwZS+VaYIjI1VVpPFjSxeVkNBMlgw8kYfihrrvYi2ljVWYqnTWWpy
k2UejkStf54Ck1stZLJbUrrZagpFDECH+CNr8wB5S+rSDTU1NHglt1WtgHfbQ2aMyN8rlGoDRAdF
4+Wx4M9WDFWu+rjcTUUHm+Zbi5NFHrTSkwHFIWv6+AYc/tTeDIuvQDQ2ymeEWe3jEFkNsucWxF1K
r+rovsO3LqVX6p/jkz8O8sJk7gNY2Kym9VRDaGZ2/xzjqVarYm5tNVp/uQHFy2jtYdnoLcVXg7Fw
hOTt0Jx7f0QcnwBxjhBnC3GWEFuEOFOIzUJsEmKjEBuEWC/EOiHWCrFGiNVCrBJipRArhFguRLMQ
y4RYKsQSIRYLcYYQpwuxSIiFQiwQYr4Q84RoEqJRiLlCNAhRL8QcIWYLUSfELCFmClErRI0Q1ULM
EGK6EEEhqoSoFGKaEBVCTBViihCThZgkxEQhyoWYIMR4IcYJMVaIMiFKhSgRoliIIiHGCBEQolCI
0UKcJsQoIUYKMUKI4UIUCDFMiKFCDBFisBD5QuQJMUiIgULkCjFAiP5C5AiRLUQ/IbKEyBQiQwi/
EOlCpAnhEyJViBQhvEJ4hEgWIkmIRCHcQiQIES9EnBCxQsQI4RLCKUS0EFFCOISwC2ETIlIIqxAW
IcxCmISIEMIohEEIvRA6IbRCSEJohOBCMFXwbiG6hOgU4kchfhDihBDfC/GdEP8U4lshvhHiayG+
EuJLIb4Q4nMhPhPiUyGOC3FMiH8I8Xch/ibEJ0J8LMRHQvxViA+F+ECIvwjxvhBHhXhPiHeF+LMQ
fxLiHSHeFuKPQvxBiLeEeFOIN4Q4IsTrQrwmxKtCvCLEYSFeFuIlIV4U4gUhnhfiOSGeFeIZIZ4W
4ikhDgnxpBBPCPG4EAeFeEyIR4V4RIiHhXhIiAeFOCBEhxD7hXhAiH1C3C/EXiHCQrQLERLiPiHu
FeIeIfYI0SbE3ULcJcSdQtwhxG4hbhfiNiFuFeIWIW4WYpcQNwlxoxA3CHG9ENcJca0Q1whxtRBX
CXGlEFcIsVOIHUJcLsRlQlwqxCVCXCzEdiEuEmKbEK1CXCjEBUJsFeJ8Ic4TQlx7uLj2cHHt4eLa
w8W1h4trDxfXHi6uPVxce7i49nBx7eHi2sPFtYeLaw8X1x4urj1cXHu4uPbwFiHE/YeL+w8X9x8u
7j9c3H+4uP9wcf/h4v7Dxf2Hi/sPF/cfLu4/XNx/uLj/cHH/4eL+w8X9h4v7Dxf3Hy7uP1zcf7i4
/3Bx/+Hi/sPF/YeL+w8X9x8u7j9c3H+4uP9wcf/h4v7DxbWHi2sPF9ceLm47XNx2uLjtcHHb4eK2
w8Vth4vbDhe3HS5uO7x4ryxwaw4nj/bgzhxOdoHOptxZ4eQRoC2UO5NoczjZAtpEuY1EG4jWE60L
J40BrQ0nFYPWEK0mWkVlKym3gqiFjMvDSUWgZqJlREupyhKixURnhBNLQacTLSJaSLSAaH44sQQ0
j3JNRI1Ec4kaiOqJ5hDNpnZ1lJtFNJOolqiGqJpoBtF0oiBRFVEl0TSiCqKpRFOIJhNNIppIVE40
IeweDxpPNC7sngAaS1QWdpeDSsPuiaASomKiIiobQ+0CRIXUbjTRaUSjqOZIohHUfDhRAdEwoqFE
Q6izwUT51Ese0SCigdRZLtEAatefKIcom6gfURZRJlEGde0nSqc+04h8RKnUdQqRl9p5iJKJkogS
idxECeGEyaB4orhwwhRQLFEMGV1ETjJGE0UROajMTmQjYySRlchCZWYiE1EElRmJDET6cPxUkC4c
XwHSEklk1FCOEzGFeDdRl1KFd1LuR6IfiE5Q2feU+47on0TfEn0TjqsCfR2OqwR9Rbkvib4g+pzK
PqPcp0THiY5R2T+I/k7GvxF9QvQx0UdU5a+U+5ByH1DuL0TvEx2lsveI3iXjn4n+RPQO0dtU5Y+U
+wPRW+HYGaA3w7HTQW8QHSHj60SvEb1K9ApVOUz0MhlfInqR6AWi56nKc0TPkvEZoqeJniI6RPQk
1XyCco8THSR6jMoeJXqEjA8TPUT0INEBog6quZ9yDxDtI7qfaG84phAUDsfMBLUThYjuI7qX6B6i
PURtRHeHY3Be87uolzuJ7qCy3US3E91GdCvRLUQ3E+0iuok6u5F6uYHoeiq7juhaomuIrqYGV1Hu
SqIriHZS2Q7q5XKiy6jsUqJLiC4m2k50EdXcRrlWoguJLiDaSnR+2NUAOi/smgs6l+icsGs+6Gyi
s8KuIGhL2IXDmJ8Zdg0FbSbaRM03UrsNROvDribQOmq+lmgN0WqiVUQriVZQ1y3UfDlRc9jVCFpG
nS2lmkuIFhOdQXQ60SJqt5BoAY1sPjWfR9RENRuJ5hI1ENUTzSGaTU7X0chmEc0kp2up6xp6UTXR
DBrudHpRkHqpIqokmkZUEXYGQFPDTvkNU8JOeXlPDjvPAU0KO/uDJlKVcqIJYSfuBXw85cYRjSVj
Wdi5GVQadm4FlYSdZ4KKw84toKJwVBloDFGAqJBodDgK33d+GuVGhR01oJFEI8IOeWkMJyoIO8aC
hoUd1aChYUctaAiVDSbKDztyQHlUc1DYITs2MOyQ92Yu0QBq3p/ekEOUTZ31I8qizjKJMoj8ROlh
hxylNCIf9ZlKfaZQZ17qxUOUTO2SiBKJ3EQJRPFhex0oLmyfDYoN2+eAYohcRE6iaKIoauCgBnYy
2ogiiaxEFqppppomMkYQGYkMRHqqqaOaWjJKRBoiTsQC3ba5HhldtkZPp63J8yP0D8AJ4HvYvoPt
n8C3wDfA17B/BXyJsi+Q/xz4DPgUOA77MeAfKPs78n8DPgE+Bj6KXOD5a+RCz4fAB8BfgPdhOwp+
D3gX+DPyfwK/A7wN/BH4g/UMz1vWQZ43wW9YF3uOWP2e14HXoF+1ZnteAQ4DL6P8JdhetC7xvAD9
PPRz0M9aT/c8Y13kedq60POUdYHnENo+if6eAB4HAt0H8XwMeBR4xLLc87ClxfOQZYXnQctKzwGg
A9gP+wPAPpTdj7K9sIWBdiAE3Gde57nXvN5zj3mjZ495k6fNvNlzN3AXcCdwB7AbuN3c33Mb+Fbg
FrS5GbzLfIbnJugboW8Aroe+Dn1di76uQV9Xw3YVcCVwBbAT2AFcjnaXob9LTZM9l5imeC42LfBs
N93uuch0h+c8Kd1zrlTgOYcXeM4Obgme1bYleGZwU3Bz26ageRM3b3JvKt+0YVPbpnc2BaL0po3B
9cENbeuD64Jrgmvb1gQf1JzP5mvOC4wKrm5bFdSucq5auUr6ehVvW8VLVvGBq7iGrbKv8q6SLCuD
LcEVbS1B1jK1ZUtLqEU7MtRytEXDWripo/vg3hZ3chk4sLHFai9bHlwWbG5bFlw6f0nwdAxwUcGC
4MK2BcH5BU3BeW1NwcaCucGGgvrgnIK64Oy2uuCsgtrgzLbaYE1BdXAG6k8vqAoG26qClQUVwWlt
FcEpBZODk2GfVFAenNhWHpxQMC44vm1ccGxBWbAUzrNEe6I3UbLLA5iciJEwNy8a6A64j7o/d2uZ
O+Q+6JaibAmeBE2WLZ4XT4nny+LPjL8kXrLFHY7TBOKycspssYdj34v9LFYbHYjNGlDGYuwx3hjJ
JfsWM6mqTOHCEuJBQxRfJ8X4/GU2F7e5PC5NqcfFmeOo43OH5HrMftiusdm4zdZt0wRsqG6L9ERq
5Ed3pBSIHDSszGb1WDXyo9sqxQSssMg9ZlimVpXZzB6zJlhonmLWBMyFxWUBc/+BZUziXs4Zt4Mk
ozwK7vKUYV/vjeE6ju95e1VldnZ5h5FNKw8Zp84M8QtC6ZXyM1BRG9JfEGLB2pnV7ZxfXNPONcVV
Iaf8L7ZK/rzt21lRUnkoqbI6tCuppjy0BSIgi24IltQew4pqsmevWLUiO3vlbDxmr1iZrfxBjq+S
c9myUf6zYiXy8s8qJc+yfzVRNdCcFUgrhXHlr7f63574v3sA//mpncm/ZDCmW3Mua9KcA5wNnAVs
Ac4ENgObgI3ABmA9sA5YC6wBVgOrgJXACmA50AwsA5YCS4DFwBnA6cAiYCGwAJgPzAOagEZgLtAA
1ANzgNlAHTALmAnUAjVANTADmA4EgSqgEpgGVABTgSnAZGASMBEoByYA44FxwFigDCgFSoBioAgY
AwSAQmA0cBowChgJjACGAwXAMGAoMAQYDOQDecAgYCCQCwwA+gM5QDbQD8gCMoEMwA+kA2mAD0gF
UgAv4AGSgSQgEXADCUA8EAfEAjGAC3AC0UAU4ADsgA2IBKyABTADJiACMAIGQA/oAO2YbjwlQANw
gLEmDhvvAjqBH4EfgBPA98B3wD+Bb4FvgK+Br4AvgS+Az4HPgE+B48Ax4B/A34G/AZ8AHwMfAX8F
PgQ+AP4CvA8cBd4D3gX+DPwJeAd4G/gj8AfgLeBN4A3gCPA68BrwKvAKcBh4GXgJeBF4AXgeeA54
FngGeBp4CjgEPAk8ATwOHAQeAx4FHgEeBh4CHgQOAB3AfuABYB9wP7AXCAPtQAi4D7gXuAfYA7QB
dwN3AXcCdwC7gduB24BbgVuAm4FdwE3AjcANwPXAdcC1wDXA1cBVwJXAFcBOYAdwOXAZcClwCXAx
sB24CNgGtAIXAhcAW4HzgfNY05gtHPufY/9z7H+O/c+x/zn2P8f+59j/HPufY/9z7H+O/c+x/zn2
P8f+59j/HPufY//zFgBnAMcZwHEGcJwBHGcAxxnAcQZwnAEcZwDHGcBxBnCcARxnAMcZwHEGcJwB
HGcAxxnAcQZwnAEcZwDHGcBxBnCcARxnAMcZwHEGcJwBHGcAxxnAcQZwnAEc+59j/3Psf469z7H3
OfY+x97n2Psce59j73PsfY69z7H3/93n8H94qvl3D+A/PMXNmc2Y4UbGunac9PvaU9npbAXbgp/z
2Xa2gz3G3mFz2TlQ17BdbDe7i4XY4+w59tZ/8ffZfzF1rdMtYRZpP9OzaMa6T3Qf79oNdOgie1l2
IBet9f5k6bZ3f3qK7dOuHd32rg59FDMpba2a12D9ind2n8D3FfnuoXJesxXaprT4wnBj131dd5wS
gwpWy2ayWayO1bMG+C//PvoiROYMtpgtYUuV3FKULcBzPnJzUAtniaJ/qrWMNQMtbCVbxVbjpxl6
hZqTy5Yr+VVsDX7WsnVsPdvANrJN6nONYtmIkvVKfi2wmZ2JmTmLna0owWQ5h53LzsOsbWUXsAt/
NXdhj2pl29hFmOeL2SX/Um8/KXcpfi5jl2M97GRXsCvZ1VgX17HrT7FepdivZTeym7Bm5LIrYLlJ
UXLpw+xpto/dy+5jDyixbETUKCIiLvOVGDYjBhvh4Tm9RkzxW9MTrc3wXfatVfV0Lexn92qxWo2j
XPMc1KReaB7kXjadEolL4QPpnzyi3BWK/z9Ze0fl16wiHtf3isx1Sk5Wp1r/lb6S3YAdeDOeclRl
dQs0qZsU3dt+Y0/dXUr+VnYbux1zcYeiBJNlN/Qd7E7s7btZG9uDn590b0V8L7tHmbkQa2dhtpfd
j5l8gO1nHYr918p+yb5XtYd7LAfYg+whrJBH2UGcNE/gR1gege0x1XpIsVH+CfYk8nItyj3NnsEJ
9Tx7gb3IDrOnkHtZeT6L3CvsNfY6e4tboV5lf8Ozk72i+5BFsjGM6R5EnK9ns/Gjw6m0QnoNp4jE
DGw4m8Qms5kPMys+9zFsBN+3z1VSYuxveBSfcg3z4jJgZJwXB2xajXV/QkKhb/8Q/XbJMb6D97+/
0LAd19zCznc7X87tfPd41PDc4zz3z++/+779i5cdw3Pz3z/y/qCB3JHiUOCM1BgMTr0vdYBmSIZ/
aH5+3mjNkMF+X2qkRrENHjpstJSfl6yRnMIyWiPnufTaj7XSlE69ZrOvcHq+LjnB5rTqdZrEuKj+
o9LtlTPTRw1IMkgGvaQzGjKHFaWWLy5NfdvgSHLFJEUZjVFJMa4kh6HzHV3kiS91kT8Uaxf/sFPS
j5xVmCZdbTJqtHp9R3JcfL+RKeOn26LtWnO03RFjNEQ5LJklszrPdyXKfSS6XNRX5ySExdd9QrtZ
52SpzM9uOMDSuj+532LnE30dqvB3dH9+vxnCLIQJIpAgq3S7/LQqT4vyDGTydLk4x8wnpfn86V9b
zJa41CSfycpjtBZmsVs09/ke8x32ST6LzxKVNC0qqAuywsLCqOHDc3Pr6hyxwx2Qjnz78TxHPiKe
XUefQpadnR4To1dCniGlSJGSL9XvHzqMU5xjDT4pRbvKyO3pHk96dIR2WedHp0umaF9iUrqNG3lY
a43PSPb2S4jUbuDv8SdOi3FHaiWDJYKP7Houwhqh1UW6Y7Rhc6RRkow28/bODfJ/fdfQ/bnWokvG
ypq7N5GNzEZM9tr5JPDne20KH9trVfjTvRaFP9kLx7Mfxd/7Ilkcz2UpzM9zwtGV2od4PzaEDeQD
2iOmY5kdOS6D576vOGd/89CggenOSH2vpaJ3qUtHXlQuZ7JGXmOyq1qLRmd0BuZsGL/5hUsmVV75
6pkFp9eWuY06SWs0GyPzpiyfMn1707AhjZfOnLSiYrDNYNJL++1xUZHOrAx31W1f3HDzj/fNcnn7
uSOjE6KcidERGbkZpec/vnHDI2eO8ef69Y5keL6HMWkj9lUOW92ekKH6naH6rbBV4W9lvzNUvzM6
NI5ARES0N9rLIlhCBzcGrFv8/KCfv+Lnfr8+Xv6f1q0VGaB2fRUrPF4o77O65S0IRK6yAOwUjzwl
GhpfSqp/iGPw0PwUuK2EI8VxipQ2ak1WY+eO2KysWM18o9Wo0+HRpedhIyZVGwE9WcONVpN2bJQ7
yujJ0J6d4TFGuZ1Rboex6/QIe2J0VILd0DXI6HDLM76n+4RUBb8z2Kx2Q7Tqd7Tqd7Tqd7Tqd7Tq
dzT83mdNYslJBri2Nzo6Xt/BM/emVsTLS1s9S3IPOYb3eMd/5ow4J4S7UhUcM3QhegYMXtEBo9Ob
EJfqNMLVMsV6KDoRXowz2N2uaLcjovOvBqtBp8NDe6/sZZLs0czuT7VrdV5WyG4JJCUm2uLi4FGc
3SY/4EucySIreBEnz56VPZbBvRmBjPoMKcOm+m9T/bep692mrneb6r9N/r3e3MF8cFwHN92fmjo8
d/RD3ITT2cSzwsMrnR08pz13ujzfWPMOCkcdxeJIXd0hUjCrcTlpzQ8d5pBXgbwnlGghUNpeu0Sr
Xas1WgyWgtnn1J5x9+rC0vV3zRu1YUjXEYdDG4HdfZ05JsoUNWLW3KZBVx67dXrdXccvnXD2vNIE
k3Z2dFK00T/AP7n10WUbD55bkpTE16WmIYxGoz0xqis6wZ+UGmep2/P5zmtPhBoSfFkJqbQ+eDVO
Sxebur8wdkrsfbESU6PE1CgxdZUwdZUwNUrsQY2DmboP7nfxSSb7NOXY47nZ5P2ggXXpPy0B2ugu
Xm10psTLMx7hSomNT3EaE+ArJthi1L4tlFi132FU+WxuwDFInsyBcXjkyirFpI7PpI7PpI7PpI7P
pI7PJM+/xZUxLcVkd0+z/3QuF4pjCgsXTxqn35/BHT8bsUM9jl1OvYHzmBjpO4Mz1e3LiTF0pQlf
jM7UONkX/rzeHpuSkOCNNlijuir5yw5DoryB9XaTZmvnup6l3ONp5+OawgiLQauDwZoQ29ndeW1C
tHpWlcP7BDbuAHORsy7VWZfqrEt11qU665J/w5pF2Ka5Oni2ehjx3JfEZPQ6fYRnyqYsx4kS0Xko
NqvHiVfkj0e50x0dgbPlXjHUH26OcCSqM6PPxnkyiu0J2OtHN4/WWAcOjM3NNQ2Ii0tQJyZBHWuC
OtYEdawJ6lgT5IlJThtksZjkvWuS965J3rsmee+a5Jk2yWuLdR8MxMsLLW1ohTku1pobN2iA3pNZ
4QmKj2xhFD6v+XD0iLrs8I219yjH8NNy8/Plr26vtejj8pcW31zuO+mMUj66PF+ebyU++myj0xMf
mxJt1HTlS2ZXktOV7DRrusZynFrxcZjkHPdC78C0uAi+RsfPNyd4/PFLbO5oy09LesEPOw0mg6TF
BwvXmmt67Lv7pVkSMt0/zpB2J/eLN0dEJ7kosri3ONhp7Ly9GTabUw2mwjaVrQp/LgfTqQbTqQQz
2TRgQJ4czLw4m/xAxTy7RVaokidXsbPkgmmmAbYMbbx8jssrRAmfHLyfxS43X10yFCnsDV9MjOsX
4pUsxeb7e60q7WarK8E6LCHD53N1LfSOSdRoNMZoT1ycJ8qYkzAtKcOT5OAjkobmDYrj+IxFe+Jj
vFHGsU7c48xJeRmao8M3jRx35YQfv+rZLXdnpppiszydzw5urK/LndI2RfMobjn4EloM8v/fQGP3
ce0nuhT8TTyDbQwkOOUYOOUF5XTKwYqSIxVHYcoPRHjZQPy9VWLJanCT1ZWarH4IktUPQbIa3OSH
cPExsXgc+7ZKn7yzdMqx33PROVIndhg/5WJsGHzyTUf7yYQd7+68/I1tJRN2vrvzkiPbS/dlzLy6
ufnqOVn+2qtall87O1Nz5Q0/ts+ZsfvbXdecuG/O9Nu/umvpI9smV1300IKWg9smVV3yMPyVT8Zn
sP8SWRZb256mVx3Rq47o1S2nV7ecXnVELy+BWEeSHJ4kOTxJdouVT0zyoixJ/lVB5kjHt26vXm+B
m+a9rgpLr089LRD7yV9736mfeK3iss8heys9E1hzz9odEdEp8fKp0i+Bu/pNWrRkYta+kTPqcm66
bvKCsjRpR8P1S0d1DejZF5hqQ2zhrHUzppw+OLLz+8yxjTTDY3RbMcMZbCS7OJBkSonKlL3IlL3I
lCc5U57kTHmSM+FJwMS8iQMTtyRKiXlqcPLU4OSps5ynznKeGpw8+b/niUoxWft38Kz7YyvTtcPk
qbbKU33kJTkIw3+a756v+/BBA3VqBDL0vS+6yg3IkKzjp6wAeGGy6J01K88dPejKRrEStr1+ybjo
rNH9xi8dl+k0du05dVG0xHoc+pTC2lHJOdN3/3PXtd/LK+PLGyp2ntvcf1Rxqi3apzm69OFtkyu3
P7iw5bGLsEweYbROtGask6GshF0WSLYPcAwzwtVhctSGKXM/TI7iMDlsw+D//qwAslmFDjlWUA41
Zg51QTnUBeVQY+aQf/EycYAdd+IHmgM8EIg9DetmX0pFrHo0Kzfh4z2ByxMntBI4cRxnSAOkny2k
mNhkiUIoxUbHxPDB/gy/X11XWrPemZackOI0a9e4+o+uGrlCLLGsWB49aExC+YrJGb6iWcO9g/tn
OldGGrs6S6bGF+ZfdmdJY5EHR7MRJwcOxkGDZxT6Ov/Ys/RwvdRJ1oLpy4rH/B/2vjxOqvJK9H73
VtWtve5S+74vXV29Vi/VW91ueqtegAaa7ga6WWQRRBbZVIigINGo0SRqBuOLJpOnWY0IQoNJxN8j
4zMzGJ2nqJm45GUyKhmSMZOfS7Sr3vnuvVXdQJNk8t5/rzlw7q2vum593/nOfs7XbFjQZDYmW+ZX
538d9lC3D2y00ar8QKB5IejonsJF6hrgxRzx7imiHQJKE4SI7TKJ2mXStcsaul0mVfskWS4kawTe
jAZqBBbiyJpwjd5lx591YbPnYhiM4CMuvB2u02Q1tn3HXKKvdeaYQ76apesJE4sGCH3FMyhGNIBL
GhV0rL8BNQg6PRpgcdVfi+8a2AbW2gL++9PtLmVisRV4W9ZesAUXWRydJJPjzEUGCzjemdL+4Dcu
U2uKIm9LiYEK1VWCOhV1zbw93xhv3zrSbNOBI6s21i7c3tc4Pi9cs2jjlmsX1TZv/NKS5MhgC69S
kJRKR+sqO8eb6hemnTWLN23ZtLgWXbf8i9fUWP1Be8Rn9XB0MB7yNiysbZjfXF3btmT7gqH9S1Mm
h4/XsXaeg1jPHfJ4qjoi9fNbampbF2+HPTKBhnwNOD9IrDtpF3BEwGKqHcce7F+tLrH7wRbOPI05
X8Xh4Mcja8QacHE/EInz0yRzNlkKfUo8HChqAtHBek0M2e4v+opwJ4d01CExoBMjnk+/XmLENWrW
zfNSOgP7W98F+3YT+IJJ4ojgWZVCfiy1fizFfsw6fuwx+THX4JN1AksI4IwTAo8RcBphlRdslRds
lRdslRdslRdsPU0y2Jc/ZhH95zOCBh6hjS5iFrmm+QZ79zJjvJKcZpFxdKXbLKu8GY7BTV0HJndd
9+QtnVLQx6vLF+/K9e8aSoqkCfAa9NbuUwc62m46sYcKFcnx2R+WHR5LlY/eNkLZZsYHQdBu1wJV
wsQWwRPGii0eRk58jTpR3IaiBlTuQOV25JiUhVS8wWrPXhzBNwKHhxx2hz0a8S2yKzkpiuEyWZZD
kiDgFRLj42h8fDw5noyIzqMCu0T19TNcxhqrVUWTJxVGR8xjDdhZPU3lx9SIiwfdAU6jQDsQ2kip
QXX5wgZK7cVpGQR+v06teEpM3EBA/+mziiwex4kbvMZW8LTfgTW2EBuORVsQGKuPhXlYsCPAgmp8
E69EEUYciaCgHd8kgsjuxzepapSqQqkwSoVQw6KyRaEqHTUzOQV+XxZ2Dv7ghJQMkZJnTBXvLl/m
pQtWHlQw7oTXl3QbFfkPyD9RRmfCHyh3m6j8d1WIjfp9YZ4mUQghM6UxR7zugFlDoQSJPJSKD3m8
IQYpo0YWe3OskXr5s8riveJ7NiemilH36VlFk84EWltt0n36D4pmLdwrjU4btnErQBtnqZ9BlCgQ
Twp+U4evo7KD0mlsaT2wdhrLRxqLRprB+52eRB8JRiIWMxFIT2AJIppkTd0k+9ZNsjQ0FXmkaZJU
C2bW9lMizaTJ5jNpRKRROl3RXjaJXILppSAKBhWeCxV9rb/UDyqIymIGSEwKjG+fGC86imeTE+MZ
ORtUAwZwAiIS7DSA71w3w3morZN9BnlEIcoOLSlXK04eUFnG7XL6jM1fGurZMZRq2/ntjfus1fMz
ratz1Xo1OMa0q2Pp+vTqO5ZEv3VP59oO39jC9q2tdr0ePDv9smx3pHt9+8C2vkh3emGdyxPyqBmH
yeFxhjx8+fAtS87aUtlE9+KOTqDuEaDuq8rtRBmOSJ4G4dcG6mWtUS9rkXqZXvi1SK/6SfSx4LIk
sUeW9ONMIqZ/EuusJCMmGEmtoCEs2vq6gEJZNYmUJ6J9rm5mIAO3R5WDopYBEtoypahkmmYlPROz
XKlwJOYsOt00a7WKbuirtdfcN57MdXfH1JzLAmGGiub9dgfEHPH+3t74mrtG4k9Y0ksFf5vQFevc
N69ttMGB3t31zKFuNtqU2AI6R6EAnaNsFD0HQFO/STSGmPkHn9zVddvaVq6soyZ/ZPFIyzV7QWKX
AcX81AtEHXHnUbdosaUsyjty9uS94ziYnSX5+LtLk46FC1IyktQJhkojMjre9QlaQ68vPInI43wf
9dtqbM80ht7q8kmkOqoZxPnX5EURlRJRZ0tpx8uSsCrJXKtmpmApP6mkHS39o5WrH1xX1779yFhy
qLPOrlGRnMEUaxlu2rM/IIy3ZJZmk3oc0n6TdbAGR8TDCXuP7br92ZubGWfQbuTtXMwXiAdOPjFy
cDQZTobUvAfL6Sqgy8PK64kokSHuEnzZZqRzZbB0ZrD1ymDvJ4O5I4OZJfMM+oQgiEqJapUysSpl
YlXKElspE6sSM5SWD3TrMjGXwliGW5ftfSDqimPGQeUANtgiO5VSPsVYNzMzKTBTBMH9LHEVFY3O
dOAbqIdp1m3GRYeeI8uvuXskXrPmSysXHBRosw/zlOaxeZ/rzAIHAUe1B1qF7pijyEB7BpcOHjy6
Zuczh3q65pG6YnQ71QW8s2af0HnbOuCledWYWuNArSOg1ZJEmnhCKKusz9Zvrad4LE28Hydt+UA5
9hXLMbXKMRnLRf0GvPDJ053JbyVJnM5/GktbWiEzn0LmMfG1TrxKCk6B6RcIlD9/QHGfgjyjQC8p
kELhrvxltM9+YZVxm5E0ai64RQYbn5ndloTyzaTEbDAsOwKqUGAGW1kuZT7SEqsXCUpTR2KOqae8
3duGhLW5Sj2tU1EkRevql24Xtj5+Q1PL9kev2fTAqtRj1E17Wle0BUmSjAX6b1xaYXFaaKODM/Am
vc5h59tunrx556lbuzp3fG2Uv+3+ioF1+L9fJiKFP5GHlTeC5Vz7lJXBAigKnkvWWq6itnLJ6swl
M5MLH9KqKotMFl4SOAac7Ij2Yn2PM3qxqtc/wPSKUU0Njv2TZ2s/kGSs9uxlOV6LnC2cGdWE5Hxv
bTHHSx4G26+iLd6EK5L2G19Q6zRKzvSCGlST3c+r9zMMVjX7Q73X94U6wnrwCUy8zajU6DT22qGm
NTTr5MP+z36L3QdcIqEs/jDvZOnxic8vTRhMet6Ffx9gXf4r1J3U/yTaiPnESuIlwcKlerCU9ahh
yT1+hkcDPbVZ8CowCbKyfMH1nRP4rSy9AG4Fg4lDAwtcClMVVUvTmHsYkV5nBAPcpGppl4uuTSkw
jYU0JvIo/opRPwMfGy2LCDq4RkxVNNXY9wv94vcsllWN1PstvWX+jjca+5a/4V8gF02yUhr9vKT6
k7XnMHFt4IBhF4yFQeZcEv4miwhTHWhstUqmIAoROBhImxw5FnmuAcxrul7EkmRDcInS0ZI5bSN5
CC5jRkp+Rd3Jm24NuWvGD8xvuMbF2drrfztv26KK9HWPbb/+yJpyJlDtr66sifjC6RW3DiR6fIhh
2Xx+3XhVT6Vt3fLq3krb4pVD7/sTds2h3f3r2lzUzpAvPFI5/8bF5R4rV+ENVZBaMtA61ty2bbg6
IoylA22NtQ7HQHnrqmhkvGPw5iUpjTqQ/2DFBn9jLj623tfQOzXRlCXVjlQibmmf56lqw/x9BCKc
R8Ey1xA3Hc+mUdl02UZm7Bn1HLm+A2bZ5tVhdavDGkOHdYdOVBs6/J6WEHBi31vmgIBedTLVF+52
DIjqUwzkUaWc1peMcebS5L5oTehZcueS62ihHlVzks21V+Sq2vZ1wksxgVo0xT335ZbtHQg4ivxM
mgYnOsOjw1N3FUdm2t/+XOv6O1djTXl74U9oSFlJWIgAcffJbGhBaGuIssq+3CURDi9e37ksEpIi
n2fI7YSbsFwtrS6T1AJkOqH1CfBJfFzpuIPJifQ5fzEpa0PZssxe+eCx2cXMCFyI2i4nAF/e3JTE
/0okoA7R0oJpVNVUlsjAP1hx4dX8V9BaWHGYqCIOH1tQg2vTorMA1z/geUeKih0XrfECIvjkdlJP
yD83o4YjratUzAHdJ2gdDqKmAq+xAtZ4LO7LmcGSHlWKUgorZWtri/6stFpYq/KSBIH10qjvkmUP
eYW1Pf6UHcIhitbQqpAtUOk1FpUepkFZsrm5zLR275KkWmtgOQOuZCrNqd4c9b0rySHJwT6QgzTx
gKDP1qNENaoWODQI7tFL4uKqZfNXjVevF6+i+at+howRQUIv00Avi4leJo5epokei4bTmkoRmCSS
iFiDOmU85+5mi+IhJgfB2QLvXrQJNe8UuaDEBn9VYWmfmg86XSG7SZU/dDl/oCVqzhG0O4IWjcGU
P422GHRiKouiDRr0h7zhSjH57J/Rbq1BQ4FR1ejtTP50PsJaZN2B2oBmFkIQ631bxXrf7PW9aR5B
Hx/XMt3iimUGmL2+dwVnO66cmjwL5Uvg4ywkLgguDlf1eKyRomI0GxND2W2LUPeVdWkpwzajfn2h
pN+8XivO4HtrpCqSWE8SS0mimtMCf59ciHMiC9uuLPNLj72iHeAZ9DEoWQapnurvA+dbJRja+9q6
U4251IBjxv7PLAhk5DwnmylWQrG2FI+t/DmVeTUdapHDb5lZlC9JqpRXm8s7KzI7urD02AI8bS2f
V5HZWdKsKs5ts3oYeuDeXONYZxWTGurvCY/szvmmdWwoc5mOvXKEOgSOCUVpdOo9wwucle3x6s4y
HpTvQNEGwQ7WEPcLJmkHMZLN0eW7dJUuAxwsenXY/5esEvYdJCMl2id4/6RsmLBZErSpvjJHOFck
PfYaSpapWJ2Qqf1XmCfLXzJPJSJ+dfAvmKdLCAUEWoWtE44G3wIK4crUtwV3NoHiHEqwODcV1aOo
GkVpVCZmQ2apRr0zazUKO+veSi3Szihz+S8tc50mtTh3fNJEDG6DbXLg85qmvhBEjnJ4jSNEmWSV
peLVePHPX6piUW817fjBDVv/+5b6zI7v74BrwxOutk0Lchs7A67spgW9mzr96DdbTh3u77jl+A1w
7YPrvtxtazLplbcN9t22OpOeuA3nFvL3U68CbXBu4QDOLQTqZ6niS9pnupyPnRiLlFYQEwxiBl3K
MMyaV8gxC66aV5gtrTALj1w9rfDliXhnuxCewSxmi4ujEwODQ6k1X8BphVoxrdAd67x5XttYgxO9
v/tHB3uYYDqUbyvqQsX7wDMUBdxzU1lbwjJw6Ie7um5d28In5lXnH1o82rJ2n6wtycfFPNc1x7fV
oahJJtF0u4pMKpNMQxMmFTcjDYxpRjiBghFBk+yLmiz+nGWAkJWXaL6SJc9uZjgzm9iIJFGRj5Mq
jVpt84Qtjqq6ptDlQhNpb8p4DIGwR6+gELXG6mU1Go3aXDHQMPXklWJzsL4zZqLUWq3GKHYtDRUu
ki/CinPEi4K+sj/bv6B/f/8P+5UzSi0fyiUWUWLacbKFv6wEI5Ze0C8Fn1RvESstWLnI5RYc8GEJ
cp1GH4qtBlps5PWCaPjhZRSel9X/UE/qK95s0P6WXciuYrexlFRW+RdcU+mzviexVqmgIpdTxnGC
fEY5Zdoz/K+WU8gXaydum1810lVl1SpwuSSZXdpY1lnjigkLh4eEWGLR3kXh3qaEhabA1mtVmmB9
rrJMSFjiwqLhxUIMGbs2w37bHOawjwdvyuV3caH6SDQd9wWTbUtb6lbnyvWchdGbrAzrYGirw8qH
qtyxurg/WNayBO9FoPB78nrFD4gmYsXxBMGGUjLNU/JepOS9SMlaLCVzZQozod5mSF0M9XoMF229
1diXpCUldA6zXa2cizl3VkpUKWYPly8Nqq3F5AJ5vZrxJyps3WsFzy0mDtdUPld0O97FmVDO9G5D
jy3sNquVGqViuSfIGDWqSP+O+aRRipfPFxsJzksRdV47vlKj1SiNdrzu+3HWivoRWLgvCz6wa7oY
5qAY5qAYrjTERL8ixogOBPrkhCRpPpkqPpkqcP1YlE18g8niKwqrT+ZRH/a8NXwqF9MpHTlwM5TT
qauZzUollpo1dXVZ6aW+YTqJ9TDNeSw2D6safFA0ZLRZ8rhtlb1VbXu7aLMPJJfTlOzbnuH5LRvu
XEMGi9I59ccFK+dFRofJXcURuQZD7QX6lBO/PkWECqCbsdvmEysTER/ySjdeZJXXaZGv5mlnTrxy
pYpy4T+EBlyOBhvJohiD4koUjMNAaxCFgyiAb7MBFA4gvzjqR2E/ipnQ7gAK4JSNhrX0BvwgtQFc
2dEAKwZwvgy/wjsRwM/X4wayeC6gc+Z0kgIUi1pJ3I87LtrBpPQX13vkTl1cG0mKHdKl1qFpA2nj
bQ283Bq9F5EUmT+nMDjjXm/cYVTkX1QocZOLzRPiNYq8gvqU1PIBl83L0tQjCo1WT3/2HVzyUaiN
WmpEz2koiHBIQJopp15P/ptGr6ZItQ5Tuw485kNA7S7irVNED6inVlhaI07lJBpRA75GKlA0gKJ+
FPWhqBdFPSjmRnEFSlCoqRk1N6HmFGrBv+vfggYZORjGV0EL7Mr44QmMSR7GV0GPDQkeNrXnxJ/D
xMwyC5itzH5GwQictZepzUVyTfeVo3L8XjnWmgxv7d1Qvqec7IJR24AGE/lVTMnxs9nsOaCkRO/p
wppUWpP+SIRWlehMxegZlahZSD7jVnlIocx/RBlsca+vzKGnfkySP6QMzoTXF4NX+U+UCvCVbe4g
p6beIMnnSQ0HbO/j1ORrJDpPaviA0+7B20KbTdObQt6j0UztmN4ik5nW6GCHIO6acmo0sEMGULy4
lc9efEWqtXi/EiAd/bBflcThU0Q1EIbF2WqsNyqwxmiuQHbgxxO4OmVHNlk3WItDVqTB3FqGozD8
mRYCNYZQvQ7p/NhZxrui01VXJXIhHevJsSWHWKpbVpZqlph5Jf5NRqzmYrP5dK/5dH2P54tFPUTN
U/Mxnzdk0Slef02hswTdngiLNMie/0iN+JjfEzJrFedeUmhZn8sT4UhN/pNyI69XQqxJo3X5r8GF
Uup5IzqJHjfyBgWl0tL5o2iBCvfC6cym/ATWHuAB7gP6hIlFpwgXrLUOS74LJVzILoaCdhQ11hvJ
mAY5sUluciJHIyacA/lyDi2f0/YrFhD9cgiGa5lJSWix8AYoaakNPO7qjKZLNUxezFFYzTRZe6Oq
usbpZ0nVPg1D5Z9VM2GvN2jWKBGiPlaxQb87zKryTzOsUm82ooyC01IrLHajklKbDFMV5HlepwQ7
wcFKxsDZf406SSSJ5lMEAyux4ppyVOyxqYT305pODamJsOCCH3P0mmKiKw4Tx6nkGvAVzo3jLtRS
g6aYt0SXtAiLzTAI35KvqdRG9dR5iwvzI7onv5/hcQcnqdCxehqP5Xehx9QGjaqbd7G0OxA0Wq0O
htwUiHDwWmW0sn6j3eZkph6kGfC0SKQtfIh+qZwgLESCMD6tjLgGmW4g6psvzuhoo6KldM5lhz9+
TOPDF26OZpHaEnK7Qha1UeOI+3wJkAd7wueLOzRoV9HbpU7rOb1SpWf1n2YCSZdO50oGAimHTudI
idm8D6kRmEma6CWigjEc9mnMx5TKKk1nE7aR6GhVN3Yd3sSnV8RssTTD0rEVcZayP3VFDfXyuIYa
qVl2yyAdilm8nFqFNJybs7avyDj9wuqOphEhoaXBGKrMmaHV6eseWluVPwur8fphNbA6vxdWR709
eseqeuUHJhMWfwT2lacTnStqMiu7og6vXcV6rHYH73Nyrdfe/Vnz5atFRFn+LbSDeIdwEdqndDY3
wbxyTmqLomlJ4zXwJSrvUBlt7J1KA+/gWZsWKW7X2cNOR9imu9eXrkg5XqS1alEJIf6Ay8+oVIwf
x5/PFD5C91APiPGn6yhhniT3ntR6QxA9m3qJ7LnsOeyA1VzZuMhevsn34B31x/GOxv0+iQaXvKb8
/nK8vnJ/MIWvqal4QBqABYMhc6awRvwqzGcLrFhH2I7iRpwzJ3DDjYYC1QVTST6Hlz8jW7ilsq2l
Av+7vqeyogv+4WeUUbvQDuWNQDUNUK0HPllkgr+eaMqor7YyZX+R1ouqW4P4/U4/p1JxItXuoPZQ
FeI3NBCG46qgtQa+pfYcptMllQX5OBQ9y6ioXx7T2UJ2e9CqUxlszOeVes7BMVYtUuZts7wBmlbR
c4s8C6e3Fjb1nFpL4/M86vzFq7yBZ5uk9pAvl2ari9lqS7MtUSUaTU+TRTkrsciX8WTuUBg4O54M
dUhrCzlsIasu/9CMN2D6CvEdPHtlzAezsZ9T62A24LAgFqjIqlSs33m1N2D/UP5dSqv8CWgb9VFG
SVSCDNvkycj5UPrbCoPZY3EEOIWKHFcYeK8FHHqF8gODSa2gDbxBtddg0sD6zQZ4Xhc6TlaQrYSJ
MB4naN1FBYHbVeXqUEDiJVFvVnBsfoKDP+iboB2V6JOY1xeNelWsk0CgAS8qSPIWeAr7FDzlFHIT
V3uQguT5z7I8x/HUcxqTRknWR0OhaCSkkU7b3J5/HP2n8i4iRAQFC4UNPYVDTEo0BpTFp7udyFaC
3EmtdSqIaThb6RBYBSXykEQH9PuV4yuXK5HR4+CcvJ6qX9To9mUW1SIN47ba3AypXPNCfuz8a/ll
/6hndUpSpVauf/n1N7dv/+Ub/7xBoVKB0WXwjG6GGb0LMwoQtacITvLAOTmCw9en8cw4sa1QJ+YI
pBkma0rdf3TRW6jn6tJkTLYFNiuH3nU3DtVTet7JOT0GpFwxMTGhIBm3zeJm1eSGXaRj+5uvv7xe
qVaRSjBPP0OPv3YePf6ChtHC7FSKc/kFwMF3UevJh5S7ivbHFe1hgIWz52YqJqqYjLpsxGohD6oY
G8fZTSqb1hyw2QNmDcp//pKxqih1uGiA0M+Ld/nqS8cYBv8PagWD6kZlBbFNPLm86dj2g/bIJLpe
qK7Q21ONxF77sH2Y6L5m5698cV/1Lb9jl/1u4cJ+Wn+wYntYyfoAJlp/t/nQUP/vJ4B7sq9cFGN/
zpapwRZLPP+HkwPPncXDzzEvn2czmV+xuB0WybFvTOouKxotW4PkuNCUCke9CtmwXdK5IZXYw6J3
rBIlXOxZUMgVzQakupGNti3bM5joro/Q8f7erkCyozZs1xr9jYtvGPA319c4WYU7yjmMSnKMqZqX
6KgJWrWVNzx73+7Ju9d2lVnp2lte+UZu90i9VgX8jhS0PrP6tvnP5Kf+vlfnaxzb/4O37/nW7x8e
mPpRdGFtWWdNyKqpy9prGrPRTz+jUOcXD+9ZVsuHM5F4JsywgaqW3rLk1t3bxxpM/qrAqNGooME5
TI8sTnSPb9hcM/Lf9vSkx3YevHP/ttjWycN9LM/SJhtr5Ex6rdlsHP3Wv30x/fkjj/zd59c1Lbjv
52eEzkT7oqVDvr6FbCgToxYBP4XF7k8zeGXjREbwLFy0tDX39rI61bI0vfxtbxnrXQYQnrcoPGyb
PqbJ1uLjmTXyJVtscMe63CLdFTVmoHRXylLwss2qlQMRCxWQ72j8ACW8hBlBaHAwvtPEq9QG+vYy
pAIxsXkZFSrLXygjlSa3zY5fJcSf0KsPJ24y8bzpjgSiWa/N7jYpypA1htSM127zGJUovsPETx2N
I0sZtZu1m+j8cW9QvH4XO9+iI7505r0Hv6tGA15/yIvaYUihoHWq/E9m3vtW5Y+jAWxVritcpH6s
9Iue2JFTRB9ELzYTObiqDyV3ZdH6LJqXReksCmdRdpKcJ5j1brf+5jq0qQ7116GmOpSsQ3Xwxolt
BMJKHweV0jGy907CY4gqPdJPFv4kaOGFvqlQVaWMTiLiKX6scxJZjipXFs9R4kaL8Vcgfhn/lRgd
criBTryrwe7+jFSa4vLUGX1Z3raYvf5xevNj24f2rWiNMFzFgj2PbYkMCOVGWkEiWqfRResHa8cP
DycoZ/vg0uqN941Fn7DVL+uI9HVlnYHsRFaYaPOgvx9+5KZcvG/zF741sfi7X79rQ4vGxOkMJt7I
ORm1kTUOHPjOCpPXbsqsu3NV08qOsMHm4259YmOqamgd7spYBLQ9LZ5maCB60G2niHqcDmJx6xzc
YGVcNymP1BVH0sWRdHGkFmtwFg3Wypo8J7aFwxblUFXxZ6qKiaaZI2L5s2qSdAgOc1y0SnExjSXf
+6VDFHbB6TWFvF58lsgsIq/Zq20Uf6YRp1osHjTYKH5QHsQfbDxNzgMd+soxvMnTm17qW5e74c7I
tcYzYlNOB45ztfgZHVXw0I7ipDuKk+6QJ92BWY3V4lhQW9eqTE05xrqmSsySKR08fEVK2lzSzA4X
ZkbWH3NP6RfJzXR/GyQTPH2Gg6LSpV45W309nxZ1tNSKSZ1u2f7YdWu/vqUp3r+lq2WFEKi+5sj6
NfeOl+NWuZ6t/bHXPY2L6zZvdWVGWtZtLgt2bejMrmz13X7owEE0sOTgsoqyRTcOtq5f2h/0dQ2t
qO/cM1pbObQlWzuxJOcP9Q2vJFeWdVY51gzH5rVkfOlbpr5Z0d/eGvC1deTKV2+6DuS0F3jpefHs
U5K4IDguKy9FiuWlFM7LRDB3pNCMwhGulppxNtOMN89sx3fPkOCqE34pkeuXmcsvV1n9ckoTru9h
3z3sR/j/tBE0WnysSiAo8Ry9BnfpaRdoSULMyYlH+ySGOCNKPKEltKlyF/41pKbF+MxR8UjVdMc1
xPAg6DOreuKW/ZkalWJGjUpBPV95/ZO33vz4+mTV5icP7IXrk0ZXsmWwanhTq9Xbvq63cbgVohfy
Cw98eHT1yHc+evT+j8Tr91c/tHu4wbHw7h9t/tI/HmgKz5u44XZQX0+A2D6itBEVxG+EcNiLwh4U
dqOQC4WdKOxAOFFhQwmR9hzOzlSJ3VGY3FWIwKQlEnJmPCETNCHniBMyQRNy+ieBD2kZvXb8IbsO
Yx0ryxFcRbliZTmaMX5GPpYDpIdPPMoilucmUfZYaFGCmUS0dBa0Jjt1TqxL4D/ncONa8QyDJAzT
ObhxORNRPMTA0iqVlHtriMgGjhUj6EdUWgM9tYLW61QqjUGNjH/CPWqUSqdBZQo9BAx2CFsuqI0a
ZSeuPNCMk+ecrIZ6/QGtwuC1sXZGr3qWUigQNj+f3qsBVxyofQNQ+2Hg6TbifsGQqEdJL0p4cD5T
mCyaIQFZMRdbRc1j9Yt5MzJ1ojYCQGRkWmdOk/sJnUQcHc5e6nBtmW3M+P0ZYL6KE7VWVcViJjOJ
4kUKSVWcSkmZgAI5VzrAL9JIzFNeQhycerws2aAq6Q5aPP7xsBKihKk6o8VEU1qT/tORjRnOXbcw
LbZrY9tLKtX25rHrmifuGa+w9hzeeo6sVZt0yj58toVmvFaz12YzIO2KL9+4JpkcbAoG40E157WY
rIzREg7Z61bc3NW2994f3nBew4kRyAbQCV8G+o0i5SliGZDMjUm2DFWrgSjVWPCrRbpVY7pVT5J1
gnb+4uj8+XYeDQo4bx6FH4nidK4Ao1GBMrrUTLFSJn7S5RdbJSWWdQHlnxZTlGJ/M5Zvo8yaRpnb
jXjjeNgGYzNuo2kWxMRYMxJZV2ZhyQI0s82stX4S6QRtbnH5f/r9yhw+tqQrHVuqvJhhSieXQHVX
Svpe1vViuyBuveAy03peVhYqMatQqrdJB1sl/+3KjNH0JlrAAny5bed3r2vfPtpkUqsoo0FTt3hr
Z8fazmBy8U2De2GvaJXOqNnesTEXc6aH6ppWD9RoseMFERnfNLxVWHbH8pS/bVnzvK0LU+iGsXvX
N1g8PqMRYtyw2x/xB9uGaxpGhSCIh4V3mOigMNYQz9X7QvGQ0uSyYueXh32uWLKrp3XjUEZH0nUL
r4N9Xgf7/KDSCHLynGCINaBYvdhSQIlyckISkwZZFhrEX3SCj/zhY01xIHccH6DEuxE3LqjZWrO/
hqqZ/WjoabIWTPp7skk/87TYB8VP4gYD3GfI22G7ygV9edMf/fgshLJ8yH7Jho1fxBtWmUTMeXmf
zo6/Im2ZJFRYqqb36JKiKDa8oUt+YQaE4nJTIfVg94Gjm1s2L6k3qZQkpdbR2rKejb3ztg1VxIb2
LW0djbrtPg/ZqjZplWYu7wnlqrY+tjWDHr32m1ubWIfdqGedHOti1Q6P09+5oa9tZdand0ZIU8Cv
AdELx/MPKMm61V8oFIreMKmifgakKBQ9OHhd/D/BvyEBqvwz8P0rgYzPAl+iGi+Dg1cDBQmwcAZM
Kf9uGlTMVeBO1Z10mP65BOpvTINGLcNXZgOtUvvgHFwNdF1Xhbf0m64EA5Lhm1eCMfL/FkzcLPAg
BvDgZ4cHMbBVIuyYBm4J95uZwO+YHcxaEQ5KYMnNAj/9W8A6PBvY9LZ/LYJ9p/2NIjga52AO/j+F
z4nwx0vBGQG43nmvCGcwuGyurVeFr86A0wBvXwnuuPvG/yL8RALPo38beDv+KvgP73/4rf+X8ELg
QNAfMgO8EHoZ4I05mIM5mIM5mIM5mIM5mIM5mIM5mIM5mIM5mIM5mIM5mIO/DcR6MiIII0cgcqme
IDSkglAQXOEDwDER9xfeBzwm4rWFVYCvLbwDeEfhccA7C08SCvRQ4Z8Anyn8AvDzhdcIBTVY+BHg
YcIEeJTQA15eeArwRKEf8Erx/gZ4Pgff8jvA/SIeE/FaQktw1HDhI8DLiTHAE/AEjloJ925CUbgA
mCu8Bzgm4n6Yjxs+i/FE4d8JNyILbwFmCv8K2Fn434C9hX8BHC+cAfw58f4h/FmY80uAnxN//nl8
D7P6DRGFb7kHMAfziYozjIozjIozjMK3/JqIwre8ABh/SxS+5d8Be+G7ovB8PHJf4U0iCqtIAx4t
ZAEvJyjAK0W8ufAsEQN6fgh4h4h3wnpjMJ9fA34O1hhD/1D4A+Dn4ZktMJOnAMeA2i0wk0cAj4l4
AubTAjvya8A7YRUt4tpbYFavA3YW3gaM194Ca38X8C6gUgvaLeLPieN3ivd3i/g+/DSgzC8APy2O
nCl8DfBzhW8Afr7wPaIF6PMW0QbzuQA4VngZcH/hfwEeE/HawibA1xZeAbyjcD3gnYUvEG3w7e8D
xk9ug2c+Bfi5wiTg5wtHiTbgExbwcvzzwCHNgFfCPXAKfKofnvkC4B0w/3542gWiHyjzR8D/BHTr
Bwq/BHgUqNQPFNYDxjTpBzrriRF4wkbAa4G2IyKdR4A+rwBmCq8CdsJaRoA+rwGO458HmuD7+2Dt
I+ghceR5jOFbSMCj+U8BLyeqAE8QBsArxfvNhfsB31D4H8Cha4EmY+Jsx2C2f/w/xH0NfFTVte/e
cybznTAgYqA0HAE1KA0RqXIh4oBBERCmIIqhMBnyxUg+hplJSJDAMSIGTO1orSJai9THs16f9dbr
Z312IrzEai5FRIuINkVFxQDRUkxt5Lz/WufMZAKxpffX93tnsf6zz9n7rL33f++19j5JOCNuln4x
FRgS84FtYpS4Gf0NAZcIBzDAWCmagetFjijiWVcEbo8C52BeFYFbwmWYmUWwT+ko5lgR7KMk2n8Q
2Ki/A0zoh4GtGPcicAuE97nEMvDwBbAUM2oZ7iWM0RWU/wzYqh8HtqPNyzAKyFXIj5ZhFCgdAXul
sFAMHIJaStG2/wOco7cBb2ZcBm5LISNFKRimb5n06vRdkSN0+pbKHJ2+J9Kv0zdU1ur0PZh1jI18
fROnWxjjOn175bOcTuj0/Z2tOn27Z5tO3+nZrtO3eXboEVGKEckD3qSvAS7Wvw+kcSnFuAwDBjhd
qf8UGEF7VqD9b4kVuOsj4GIwFsWVbUBiO4oefQKcA4aj6BHhMoxdFOIUUfTobqBXfxA4Qv8lMEff
CvTrDwNr9d3AOsZGtDaKHlG6hTGOlkfRI0q3IyZE0f6nRBQtwSii/c8DF+uXAZeI7wMDjJX6/cAI
vC+Gdv4CSB4XQzsJ5zDezEjMx9DCF4FeeFYMLXwBmKM/C/TrrwNr9V3AOkZqYQwtpHQLYxxtiKGF
lE7AI2Jo5xsihhbmAhfrE4FLRBYwwBjRH5cWePQJ4Fb9KBB3AVv1L4FtfKVdPyAtmEXvyUEoeRwY
108Ct+pfAROcbmVs0/8AbOd0h/6RHIS7jkgvenQc2AjMgYVjwK36X4B0bw7fm4N7/wRs1/8M7NC7
ZA75vszFvfuBXv0t4Aj9DWCO/l/AXJTJBSe7gI3628C4/jEwITKBrcIGbBcuIFnLBQNNwMV6PXCJ
qAIuE8OBAU5H9N8B4bPSjxoPAL3gxI8ajwJz0HI/fP8cYCOY8aP9f5J++P55wCViIRAxBBjgdKW4
ThYxq0XMahGzWsSsFjGrRcxqEbO6FBaGAQPAEKdDnK5ES94HevU9wBH6a8Ac/RVgo/4bYBx2KmH/
JPBZ/bCsRC+ekbVcby3XW8v11nK9tVxvLddby/XWcck6LlnHJeu4ZB2XrOOSdVyyEblfAVv1HmAb
RqQRuX8BdoDzRnD7ntzEc2MTz41NPDc28fhu4vHdxHNjE8+NTTw3NvHcaEEf3wF69UPAEbjegj5+
DPRzulH/IxDrLzAB/lswsm4gjWwL6vUDMauBS8QS4DKs/S1gj9IRzI04WnUUuFX/DJjAqMW5PXG0
5wiwHS2Poz3HZBzt+VhuRXs+AXoZR+CurWjPEWAjZtFW2PlQbkVd1wKXoSVbURelI3qrTODeQ0C6
N0G7CGAOYy5KJrhHCdg5CoyDnwRWJRcwITzAVsZ2xg6MZgK9CwIX64uBS2j9Ro3wN9RI6Yj+pmxF
jZ8BvailFTUeA+Yw5mL+t6JGSlONrbQfAG7Frq6Va2xFjQ5gO6c7MHatzGcrasRIc42tXGMr19iK
Gt+WbajxPaBX3wscoe8D5uivAxvhQW2o5QRwK2pvw5zskm2wcxkwwBjRX5XtsPAnoBd9bIeFT4E5
YKwdbXYB/Xy9ka/TDG9nltq5ze3c5nYe/XZuczvaXA1crDcAl9AuhNvcjhopHUHc6KB9FNDL6RFo
eQdqJMzFTOhAjceBjZwbx1h3oOV0PQHGOmj/BmynNOyPBAaws7we6THAAHAR9s6DgaX6rcCoXguM
6bcoizBb3lYWYRVG/KXdMjDA6Zj+OtZyq/AAh+gHgBcxYi0A3sxYqlcAV+jHgFE9BIzpYWUx2rwf
6BfDgFv1fcCE/gywVX8Z2M7pDuFSFqPeW4DL9CuBAU5H9B+j3dZTPcAhKL8E9T4DnMN4M2OpGKQs
AWMrgV69EjhCrwHmMPp1rG1yqXAAQ/pJYK3+FrCOsZHLb+J0C2Ncvx34LKcT+sfAVsY2/U1gO/hZ
gnH8RFmCcZwCXIzW0g7nBuBF+kEgcbKMOcGeRywBRsVkYAx9XIZ27gZ69UeBI/RfAHP0XwL9+lPA
Rv0lYBx1LYP9GcDF+nSMGTEQYAYCzECAGQgwAwFmIMAMBJiBADMQYAYCzECAGQgwAwFmIMAMBJiB
ADMQYAYCzECAGQgwAwFmIMAMBJiBADMQYAYCzEAlGHhRofj/nkLxnzCH0a+/r1D8J4zr7yoRWk+B
CcY2zKIIbHYp6zBDXMCQuIqfC79nGS3o/5DRUcqo8NNiFp9R2iKyFKuZVsRYZYiZtqaVyRDZyuVm
2pZ23S7qlHlm2iEuRo6RdgpV2WWmXZZtqfJucaPykZn2iIutU8x0pmWLNVkmS1Taeul5lo+J9hVm
Wgq7fauZtgi744iZVsQQxxdm2ppWJkN4nIqZtqVdt4upzkFm2iHOtdeYaafwOmebaZf0p8q7xSXO
IjPtEec67zDTmXKuM1kmS1zuOoyWSKvT5NlIGzwbaYNnI23wbKStaWUMno20Le26wbORNng20gbP
Rtrg2UgbPBtpg2cjbfBspA2efylUMRH77EuBqriev+E4ImrgazWiHL6miqv5m6GN74cO4koIqWqR
h5zpohKiigW4VoHdeQx30VkZPstQug5YipJX475KlFmOayGUCHG5ILQKtkq5bDXOorhWzXnG/SG0
QIUGUS4ECw04W41UDHWp/H3Uy5GuRFmV21yLu0v5+64r2EqNaTWGElVmnVRCRR9ruM4y/l5r6st1
3NdyXAny9y1HuBcqfwa5l1Sv0Y8S5Ixny1V8pZItBsGRcT1ZSxXsVDJjYbOV1bhSxbUaNqmfsbQW
UI1h7kvy+7gNto22U001YEDlb6KuYBZC/N3T9J3eMT6jHsdS42FwZtSicturzX7VMLfLuWRfi9N7
RKzV831Gr1fiPI/nQ/poXsTWqthCA/NQa458Ot80Ykb/y7j91H9jXCI8G+jTqJHGWoWNcKo3Rhsr
zDJRnK0xrcfQC2OE6lKjFOQ5EsTVqn79Ss7mErQkyPWXmPXn8Yyt4LGinDN9YMoZvb7RnDkhc459
H1augAd9+0yPcZ2lPBOplpWpMUhyM5DvVZjzOpwqTTPXGPFqlC/juTMXJUpELnM6DmVK2d61fG8N
249BwujHBMhqljz2qf715ZnWJyDdwDOwglsdhoUGXCXGyrnHNFP7W01eL+dvoY/wfEnau5n7YMyS
Bh7dKLcwxvM4yn5n3K1yH8gHyngEQ1xHGY/hcr43ydZMsQj9nm7eG0nLMfynlDnp84nV5re3r/iW
eo1zKluCEaxlDktTc6yU88M8QxrS5lWYe1ptzizDVhkjecrp/aZ8wyNzcReNFM2G5amaBmpV9RmW
z56jPuvJqKiacS3G7S7pF1/O7HsympzerqlpDFBPjL4YUTa5TkRSEbuUY1Y1x67gt/bU4DnYj1PD
42tMNHplpGt55tXynaXs/9SbspQdKlnJXvP3Ruhf5Rd9PjGBW0M+YET+PB6rsKj/pTox/9KJ6vWh
kkhNtKY8pl5dEwnXRIKxUE11njq9slJdEKpYEYuqC8qiZZG6stK8q4OVoeWRkBqKqkG1qqa0LFKt
RoPVURX5oXK1PFgVqmxQV4diK9Ro7fJYZZkaqamtLg1VV0TVGhSNlVXhzupStaQmUl0Wieap18XU
8rJgrDZSFlUjZcFKNRRDHSXR8Wq0KogWlATDSNMtVbWVsVAYJqtrq8oiKBkti7GBqBqO1KDd1GxY
r6ysWa2uQMPVUFU4WBJTQ9VqjPqBluEWtTJUjbpqytXloQo2bFQUK6uP4ebQyrI81ezmRVG1Kljd
oJbUovNGu2MrUH/ZajUSRF8iIXQbNwar1NowVQOLFbgSDa1B8VgNOlRHXQqqq4ORKqMuorlkRTCC
hpVF8haUVdRWBiOpEZiSrPpGkIPuqN/Pu2JiP9JjkWBpWVUwspJ6QK3pG70KcB2myyU16Hh1qCya
N7e2JDcYHaeWlqnXRmpqYitisfCUCRNWr16dV5W8Lw/FJ8QawjUVkWB4RcOEklh5TXUsahaldHkQ
1a+kcjfX1IKSBrU2WobK0SDKVoMYgbJIVSgWKytVlzdws2YumjsduRE+wfiU1hojsXpFqGRF2r34
DFWXVNaW4lYwVhqKhitRAXEVjoRQoASlyqpjeWqy7ppqDGRuaJxaVrWcbuozVZ0sPGCLuDhNRQxL
NBYJlRjzJVU7TZOkrancgNwQasGUJZ+I0MQurVldXVkTTK8UbQ4aLcXAo7vgmBK1sXBtDLTXhUrK
qMyKssrwaR06m7HgkZhQWlYexOTPC0bD9annJqFni41ioEOiBHbe4hxh13UxCHt842lDyFzoWOP3
cn/nsConPB6JMpa5Z1s+M5PKK+GzLT9oEJW33ne25b1eKp/xwtmWHzyYytsOnm35c85BeXwKevqy
cnl6+ryacYjIFCPFCPp9HWQS4ul0USDmiWliiShEtJ2JuDpHNImbxI+xuj4sisQTYpl4HlF3F3Lf
RKz9AFH3c2mRQg6SbumV2XKEHCNzZL7MlVOlX86SRXKRXCqXy5CskZVyHfAuWSu3yDr5C9kon5Kb
5IuyhX6iJd+UW+VB+az8VCbkn2WrPCXbLINku2WE7LBcpMy2TFSut1ylLLLMVW6y3KAstgSUJZYy
ZZmlSglYapVKS6MSsfxIiVl+oqyzPKistzyuPGB5XnnI8lvlecs7SpflQ+WopVs5ZvlGOa64lC+U
85QvlbHKCeVSjO+0/hwpM/4JjhrB0WZw9AA4egwc/Roc/RYcdSD3XXB0GBz9mb5KGRydA47OB0fj
wdEUcDQTHC0ER8XgqBoc3QqONoOjLeBoBzj6D3D0Mv08FxztA0d/BEdHwNFXMmGxyFZLJjjKAUfj
wNHl4Gg6OJoPjpaCozJwFAZHdeBoHTjaCI7uBkePgKPHwNET4OglcPQ6ONoLjj4HRz3KUSVDOaYM
AUejwNF4cPRv4OgacLKwP0e2n6ZxdB44ugAcXQaOpoOj+eBoKThaCY4awFEcHD0Cjp4ERy+Bo7fA
0Z/A0XFw9I2ISreIydHg6N/A0UxwdAM4KgZHNeDoVnC0GRw9CI4eB0fPgaN25LwDjj4GRz2y0WKV
myxe2WIZJeOWS+RWyxXyWctMcPQDcLQUHIXB0VpwdBc4egAc7QBHz4KjV8DR6+DoTXB0ABx9CI66
wNEpJaZYlXWYJ+uVkcoDSp7ykHKF8ryyQOlSisFRNThaC442g6Mt4GgHOPpPcPRqf45cN6VxNBwc
5YKjK8DRNeBoEX37Ff3OFxw1gaOHwNET4Ih+I7oXHB0FR72iFNyskCPA0ThwNAMcLQFHFeBoNTi6
HRz9BBz9HBz9Chy9Ao52g6OD4OgoOPpG1mKO1FlUcDQeHE0GR9eCo4XgKACOqsBRAzi6AxxtAUeP
gaNnwNFvwdHvwdEfwdGn4OgEOPqbsgycBJRMpVIZpkSUXHCUB44mgaNrwVEROCoBRxo4+jE4egQc
/S9w9DI4egMcHQBHn4Gjnv4cZc1P4+g74OgScDQVHM3hvV4BdpvTsB4UivvB0X/gagc4ot8UfyWK
5FCxDHGwVE4CR4XgKACO1oCjn4Kj7eDoGXCUAEdvgqMPwNFxcKTLpZgrIcyVSsulssYyAxwtBEcr
wFEtOGoCR/eCo5+DoyfB0W/A0Wvg6G1wdAQcfSU7FLsyWxmqXK9coCxSLlduUq5SFitzlSXKQnD0
Q3BUBo6qwdFt4OhOcPQjcPQoOHoWHL0Cjt4HR0ch3yjHrJnKcet3lS+s31O+tF6pnLBejxC9tD9H
Q55M4+i74GgK/XUFOPohOGoAR5vB0UPg6ElwRL/5Pyxukoq4GfwUye+DowXgCE9jErtmeQ84egoc
vQGO3gVHn4Ojv8oci1vmWoZLP/ynyFIAjuaBo2JwVAuO7gRHD4Kjp8HRK+CoAxy9D44+B0d/lc8q
TplQzpOtSp5sU2bKdmUhOAqDo3XgKA6OtoOjJ8HRS+CoFRy9AY7eBkd/BEd/AUd/U9ZZLcp663nK
A9bxykPWy5XnrTcpXdaYctR6Bzi6Hxz9T3D0Ajj6HTg6AI4+p/XfYcc/rzc3t3BtU5MjQzps4WYN
R3PYYcVJt6bhn9adfqI5bNLhmFyoaQ9vKJzskNJh1cyDDTTHtyW2xePNdE+GmdHtcEiHa+fO/4Hj
wQfZwK5djz12330tLXxSv4GPejbQ3dzcTBU57Wk5Nsqyc1a8mW3biuOaT/XGix0ZwmHrUY2DzW1I
mqPeNTUVFubmer0Ot3C4N6gb1Nm+2b4fQFRN1WwZ0mbvdtQ3N3PddjS1meqwWaUtI0xND/N1BxVB
IS4fbu7RtHqHVTis+b5uHx0oZLPVx+PFWri527T09Gt0i0GQMHhwKbpDUYXZ1gR3Q9OIsG3xfkza
HNLmeu53m3BwlYYts3Yc1Cqb3WgrSivSZu00bkTDbWEtke/ttFuF3Wq0L5/vpNJbVtgyhC2judnv
V1WbU9iczVqztgjRdDTEyEOOv9nRV8znowoyOpHQOtOaKTTuQKfXW+zzCZ9iEVJBEZuUNkWjDZQm
cSCgWYSDMhSaEf5t2xQwl+H3b3NnCGeGw+H1qlSHpsHlrNZOaRNWW68LC76VLtLh8/EpJejQNEWB
pW3btjmd0uHOEeeLedq92nbtMe0h4YM7O2z4l5u7Ntff4/fz9GDSmDacFG9j+nvMHLRA9aVOwg6H
WayH5615MtnHMyOctBbmk37eg5lnJ7fQNLjFf9N77AN7D3WzVWtFF7dr90FozPp7EXzFObmwCQes
plyFvMjRl1Og/Eu8yPN3vMiZIZ12Ld2NbIYbcYYj5UeUURzvpgyrcMKPBnKkpLFv8SRrnyc5rdIJ
TzJdySmlM0XrP+tL5PlPJ07zJXZ238DOZPs7zmTrcybbAM6U3lChcSeK42fhTk7TnZymOzn/kTu5
Lago6U5wIz5P+pPhUE5yKJdLOjyjhKrN890Lud93Fxrmw+p4mkthFvW5FE76XIpzki5lnJguhZM+
lyJfSbmUYY1dyukUTqdDDIUQh9PFeh5wrAVOR8EMbv2MAp4XPZrhUT2ps55kSSeVvLupCSX7zQSn
DVY2GC7WvIHusyWzepwu6fQkcDzqe5T7fq+vBQL3cbpaH330nk2b7rjjdj4rmHEbHTBO5nrgIlyx
y0l5Yoa4LSUzQJzU+oo1N2/gWu20yDIrTrtw2k95zYPb3mQchZOZCrI8HTQQGUSKQzjd0plJHrjZ
9MFLNfJBe4a0E9n1mJUum3Q5cOMLu1Drrhcoy1jXm8OcZbVaYy3IaonZbdJOa2yvpq11WYUrI+WI
PpS029fSmGgoUN/PJrrBxJrOqHkU3dnnjfBHV4Z0keeaXLukdPUNg2Z3SrvnGdHBccwQbohpO9mo
DUa15vVdL9CdVmk3vZPTFFyKvd5OCiIZyabnswG+Hz0kXsj14Ht2l7C7C32Fvos1ksFisDCyken3
N7vSisKD2H63l3yp2yUtrmQ4Rqe5ezTN81XqtdUiLFbyI7uUdvSTfFWzSGlB2mpB1ynPintss+Lx
uDVDIDFrVjzTJtw2q7Wfy0prRqe0iwz7qUxFujLUNJ9V+QoljINsWmETJuNumhSDNIyeeq26Sb1X
vdf3I/bcqwRPsbFj140dO6t31ixz+pm+y2em76o9Zh63x9d3ZkxU08ngvskz+K/hwCmbrC6ncMGD
+3x4PaYvO4hDupzTphvdmT6NJ1Rv0m17mdKUF3NhFxf+8W23oXD/CcT3bkiulRvo1J7K7HW5pSsz
UZwoRkDbdo96Dzxls0oew0bJmQ1vhse63NPM1iWP6fBZNk8ea3i22zVguauESLjs6JNREr7dZM4L
mpNEk8suXI6Ud3u5+tvMY0YBE3WmfzsEtT9rg5pcZdN83HAM61rMa7dNuskf053cbjo551kH9nK3
VbjJy1NubkfeOnI1DZuYtf3N/kM/d2dINzNvOrpbSnfaOP2rPJ36Vs8hs/v/tae7pcWd9HTqN/eQ
3ODsfN2d9HW33fB1Svw9X3eIDIeepUh3mq+Tj/OlPmc3vd3N3u7xYIIMSuSrPu818U24cI/3J2pL
wieKxSh4Dibd6NGj9dGFemFhIc9l8ymKWM6wuBxqyuXNXG6Y6utNndZj8pgxfy06lHZa4DPnRn3K
Mluvd7uE2+XBAzbJ+RCftl5DYZ/mczuk25kTNLrnC+bwJCPXN32/75xBczul2z1KFGs+gSEQPzbu
04q1UeL0Cea2w3RTak1vIlN9oQCmM6V7UCI7kb0td1tufFZ8FsW9Oxx3OJocXEtC2waJQ5q1DZAm
yG1GA0aKkn4+Px3nIwVX2LMBK7QRHDyubyn6XYSHVGEjPHDrQBk6k+8gRt124U4LEF6uVzvjoJjE
9BKZ+KedzwQT0R4I97EJPZrpNSSXOrvN6/P6zKdrRAw4iMcuPU7Dt2mHseuFfo8snGvBMeUayr1m
ivmkQlEDuRnCkzG5L2z43PR0noobTWtPM97UZITsFCmZiu5KDx1qwmOTHkda7NjgkdKTPraawy0d
WS8m2tQNacKPOslK+j33uPtyOITw840ZQjRzl0mRGYGZ1mKfr8foymS2YhhEt/G44xjwcScZSYwH
NYodCCXu9OLwbWOfC29SfVqPR1o8qS0mccF9DjfDnU4PJw5poQc+cVo88STjiScZTzwcT7LswmO3
WJIRxQwoGcmAMkiRHgooyYiClMrXOJWMKBxSPHYKKZk0h+yJ7HzVe+2sWa/BU5rjzffE7y42gorb
gYnKQcWIKjyxDd6T1Lud+f64OY9P8Xn9BswmKwWWvnNEFouFJj7OjchiSZ0boaXPHtkvNMDjFh53
lsgS32G5VLtUK06sxxpPy7zHKT2uUSKsFYtEmhTjyijB8/IUbex7CRKn+i4wJBLwYI9nlBb2Gbe3
G1dhOJwYpXksGMFE2uFxoLKdbR0d+7v37+9oa9tJ9hxpBU55sqTH2zmyc2R3wZ7x+yv3V742t6Nj
V0t7y07PTg9X1pnoTuxJ7Id0QNogryZ2JloTHrf0ZI4Sq8x+JaU4sSqBjlDFvW07d+5sM3qS5fn2
0proFPnMS69oEztZ2gSljbNWjWkoKE8kOutHZtlsHfUeh/A49ey+g5uaGOAIalcJHhCjOhIaEGNo
aJA8g6RncKut1bZzY0lLSUt5R3nH5fsnLS6oz87PzueHnLVtNtu6trbddZkOmekiowcP76Tj8EHj
Ua+cayov4HwFx9QKzq+YSs9gaHhbG4ZveUGmTWbaCoqLi3uKzcND+evbcKxNrMMd606vYufOTIvM
tCYSCNDJw2vVMzPy84XI7zs6M+0y00m5bRjs7v0dHW3mjWmH0yOdgw52fpLf1k/4QTFVn/HYWM7p
8gJPWt7hg2SD9s/7O5MW6XGxfheNi6elnrYftr7eTWZTpllwQY+I9IOhEkFyOWQkxJmFfzTbSrIr
tpRumfR0QXd2cXYxduVOx87y8oLsgvLynZ6B782G5AtuRK8nOzsfA9ybabFkpjkBaGNq6ltsNptn
MqgCbRmKtGSghQkNi4gzg9gVRDCtKDhDdqaRnYFbHaPLOzo6Muwi01FeXt7RPNgusuyw5UGN2cQ9
lUxIq8ywdUv6uYquea0YaOO66Z/Fxfl8kVPmQfkZmBKODjqy4ImD7Z3Zk/OzKyoru+CLHfs73t2/
O8zBwQfvdmLOG4upzovqDIiuzeBPdjhz1JID53FNrt+fdBCdL6xtw+xE20FV3wVbgQ1X29byhXU0
cmvTLuQwq219RqmWcq6qvMD4rbRLbLcsFkpJQ6RSDK2IlK0UUyqDsWoxFzly4YIZKoaJ3tVMv9Ow
iUw8ORhnUoBKcS5fN65Y8EQxSAyDKNf5/bPE2AXzr1dF/g0L5qjYVhhl6O8CvOI8PlNQw+CUdTwt
8O/ejDNsAsQ5YoT4Tkk4GhaPMT7B+DTjc4wvM766sixSLV5j3M24j/EAYyfjYcYu+rMV8SWhtDGO
YMxjnMF4I+MtVSurVsp1jBsZ72a8n/ERxh2MT6V+u/+PUJ4lOsCkAg5sYBiOBF7+/12zYBwy/+nP
LJHDfz9Kf/HYJO4V28WvxatirzgkvpQW4eSeOszedgn6220F9w1FUJD0uyI5xfhs3mh8/qwn7R7M
t2Pb+51LT2//86wL+58PHtL//Jyt/c8vONX/PPe0/ItH9D+fhLBlST8/kZZvE/Lagv7nczfj04U5
nSv89PfuuKcJVOVb/GK95THLH8Q25WfKz8Q+a8z6qHg74y1bs1RcC11B+aLrTjyGvObxemZarvYs
8TxiacgszbzF8r8z12e2WHZlWbIclr1ZX2V9ZXlXSO0kcWN7J/O5AWUP5EDmR2lyxJQ9A8iJrNEp
yYVMgRRCbmHZcrpk7snanvWfxruuIdvS5AkS2swOIK7B/pRsHnxfSk4aMmTkAJIHmTR0a5o8Zgjn
nCZDfz30tZTsPrcTcphkmHUgGZI3bMiw3PM2p8l9LK8OKHvO+zop2UOzR6Sk0JTZA4qf5Ubzs79o
JlK5NpZ9KTHu/iC7e/jFw0uHPzL8cZLTrQ9/aiAxrA9/YfghU9LeY0y1DP+a69JIvzt3zJSUzB2z
ICWlptwC0cbcQl8EP9Z3Qd4FhWNuAeZd8OqFr130DsuJ3CJIeNyFkPHjDo3rgR4ad+ri1y55hGTc
oUtevuTIJUfGW8dnjR86/iXIvrxpEH9e0YSHTXnlUu2yCy/7dNK9l0+CTLsi+4qiK+on/9qUlye3
Td435WLI5Ckbpx680sYSv/JVlt5pl0970pTnruzF+ZPTuvms+yrLVZZpT1413ne37+XpeTMXQz64
dsWVcaM0PruNUtdNo3LXzZ09enb+7GmzH59zIYt/zi0s9XM2znkYWD/ndUjn3DVztbkfXB+G3D+v
GKX883bP2z3ndeBBSkEOzeua9/V8jWXH/A6WD+Z3QT+Yf9JvnX8S+V3+Iv9B/6EfxCD3LlBRbsf8
k0bOgjXzTy74aMGxRf4b2xYvXjpk6cilF1ZYK4oq9ld8nfxcMR7y62pv9ehwfbgpnAgfCneFT66y
rpq4qnBV+arwqjWrmlfdv+rJVc+t2rVqbyQcuTfyeOTLqIgOic6KLo++HH0nNim2PPZw7Y21zbWv
1J6os9WNr7um7sm6w6sLV39dP7L+mvri+kj9w/VP1e9vGN3ww4bnGvY3fL3Gs2bYmslrZqwpXbNj
zf5bL7618NZlt2659YlbD956cq1v7Zq1LzfaGn2NkcanG9sae9eNWLdi3Y51XeunrK9f/5Tm/5ZY
9dzp8ah/tNHq+oTiCP9kxRQjgnyL780+3eP6+4kx0weMOsnIkyb9Y4fW1icUHbR9fWLEBYqh3iey
2867D3H4wLRuRE2OwfyJeDvYj/i6JWu79/7MPamYibKDT44ppXszn8va0hc7DZYQnQs5/hqlRmdt
T7JHV/mbB6jsAcrn8iaDsPtc5keI5NtxxwG2tgetux+fB1j6Vocjp60KhWnrQN9KsJ3afUb0f+KM
6O8yY/5mjvcc5dkO7s4qRHpLMhJiPB43xwuxyYg/RnwzxxExERGQRq00FR2TI4oYlz1bO0R39I3x
mAXaIe0QrFGpE8jzDz80ZsGZcwJxcF9aRB0gzqbH1TNjqhm523g2GVF0bjJ+UlzHFdSqdQ1/HFcW
ZPsvnzRv9zCrsY7xJ9as874+txOzakhy9UmuKkNGDrP2rUDGrKS1jUtbqQTufXXYEMqhK1SKrg8Z
mbknOVOzRwwZiRVwCN1PaeNq3zqavpJSW3jVNNfNtJVzCCycvk7e12913GOujEOTrUf+10btVP8c
/7md2YVoTz/2iTXiGCOV5rFJjg1PJDaNmTKmFHzPptEkJrL9Q7fyeD9OY5Pm1VOGP4W+JlfYfYZV
rStb07oMoRroc8wCGhVKGTONPrWuC/LGTjTUWOHGTuRVKU1ohTNWN14f/5vCa2qanFmCV9o0MVfc
lJx5B620/5zwWnzWklqxv0VOZ4oktY5/i/DKftbCu42zlNPZ4T1KmpzJH+9d0oTmvTHS/5ycafkf
t+7sxOCZ9i5Z26+0zR59ZW/mAdr1sMT5io12OnwWnz2a9kBmHgQ7qMm0azKuUuynFAnvjhbzzor2
UN3Tunl/hN0RUq9eGefdiZbaxZDsmK/NOzhfox0Mn+0w9zlGegd2QYfoCu1o6L55pvCOJ8Z7I5Tl
3B2Ew59C6R20m0K0uHDeQd531Zvi5ysX0q6Lz/zzDlJcMvMg2LnlY69GOzS6byOnILxPC/N+DmV5
p5bar83xX2VhRnqJix/EDCautHF/0GKjpXNeZ9tU00a2xXb7e+KZI5o+Dy56xzgTNnqzGL1RjN4n
Rm8TozeHKa+IKwS9eWYPv7GLUl38dh/Jbw6zAH+nLNb34An93/VesUvvlcXiHBkUC+RyMVyWiPNl
qRgsV9JbGPRJ9IYufieX5DdwWVHWg7KDUdaDsi629zFKHRNOSe8LKRZjkL8I+d9F/hjYugC2zqf3
ZfEbstz0lit6r5WyFu1o1J9He6coH+oPKB+JfOVjMVH5RFyifKa/qRzB0y5Z38PvsLLSm6boPVP0
Til+o1S9GCRmCy90ihgnpkLpDVNl0HIovWeK3jJVC62DrobWQxuER6zR94pboWuhjdB10Ntx/wbo
HdCN0DuhzdBN0M3Qu6At0BfFDPEStAfpU1BdjJMCKqF+MVX+ALoAuhB6AzQk5tO7rejNVsqNooDe
bUVvtqL3WtEbcpTbhKrcLnKsP9f3WrdBH4XuFeOsb0H3Qd+GvgP9A3Q/9F3oAeh70IPQ98W4DK/+
Zkanvjfjc+HJ6EL6KLRb32vLELNt4/B5mRhnuxyflfqbtipoNbQGWqt/YquDghsbuLGBG9saKLix
/UpMtT0NfR76lZhqv1iMsl8CDYhx9mLocugqaATaANWgt0HBkT0OvQf6c+ijYob93/F5FHoM2g39
Avol9CsoOHSUQEuhZdBaMcopxFTnUDGK5+5hfk8XpT7j922di1n7DGbtM5htF2K2Tcdsa8JsW4jZ
thyz7TrMNh+9IYveg6XcqN9Nb8Ki92DRO6/ojVfKK/oO5UPMs4+FohzGHPxMLOF59hG//WpwyiuW
iQlp9mfBfh3sz4T9K+gdVbB9H72lit5RRW+londSwd7LsHejyIKV47ByHFa8sHIRrFTDygRYmQAr
l8AKvdPuA3qXFCzRm7om0vujuKe/Q+pXIhs2fgsbv4WNXBnQX4KdCbATgJ1JsLMQdq6SIf33sDVB
btFfwJ2/gT0r7NWhZeWweQ5adjus3aUc0k+gda8rn8JbPxPfU46YHjsYVi+G1RCsXgGrM2F1LCzm
wtpb9MYXfmfh85i/bjPCfINIQpHlQXG73iU2QO+AboTeCW2GboJuht4FbYG+rveIN6Ad0P+C7ob+
HroH+iZ0L/Qt6D7o29D90Pd1XXwA/SO0E/on6CHoh/ob4iPox9Av9ffEn+HnJ6B/gZ6EfgXtQXT7
K/K/hv4N2gv9BnoKbdH1LimgkqPih0oRZtgP9ePKMnwW68ete/Uu61vQfdC3oe9A/wDdD30XegD6
HvQg9H3op3qP9TPoEejn0C7oUegx6HFoN/QL6JfQP0NPQNEW6ymorr+RMUR/w+7Te+wzobOhc6Dz
9E/sN+BzEbQI+Uugy6ABvcteDF0OXYm8VfiMQGNIr4bWQxtwvhafGj5vg25E+s7/y9u9x8dVl/se
X5lpkzSZcC3XghAoKMhF7goq4KUCat3qRhH3dscLaFARwQLqLrQEYSOXqggUEUEpcrNFiUURCQVa
WlICSZukaaY0adMhyXSSJmnWZNqCv/OeOZGDnnNe5/xzzh8fZtaadfk93+/zPL/fGsIAPlQs8PoT
rz/F7d7/HHfgTtzl+vfZ/xvvF3n/mPePe/80eFTBowoeVfCoIh1CxQbwqIJHFTyq6HXOJmwGjyoG
Q7oii61iyWEotFYMY5vPRlx7FGMYt827irzXCds8qvwqvoaL+JWIbouml2auZHSb3D2/+Gs//J1q
a7Gt82ydK8uXJ1+N3h2V2ZuPPiIz0zIzLTPTMjMtM9MyMy0z0zIzLTPTMjPt6H6ZVpBpBZlWkGkF
mVaQaQVZlJMxeRmTlzF5GZN3v+JvSKWT/x5NTX4ZX5FBXw19siYta9KyJi1r0rImLWvSsiYta9Ky
Ji1r0rImLWvSnMxzMs/JPBfTXExzLs+1NNfS3MpzKs+pNFfS3EhTvUD1AtULVC9QvUDVHFVzFM1T
NE/RPBXTVMxTMU3FNBXTpYrtjipoebZKrjT3PmPuXZpsNde2mYXMNiV9syJsE+Gmkr7/aWt/WwfR
9zpXWBddYJ6sNU/WmidrzZO15sla82StebLWPFlrnqw1T9a606nmypnmyplqtl3NtqvZdjW7Sc3G
ajZWs7GajdVsbD7dS81m1GxGzWbUbEbN8jv6uHnzZHW6SZ32qNNN6rQn+ZXoyORXi78XGl1vHj3E
PHqIeXSGubPW3Flr7qw1d9aaO2vNnbXmzlpzZ625s9bcWWvurDV31qrFjFrMqMWMWmxXe7Gaa1dz
7WouY46rNcfVmt9qzW+15rVatZIxt9Wa22aqlYz5rVb+t8v/dvnfLv/b5f8m+b9J/sfyPzb/7WX+
20v+Z+R8u5yP5XzGHFhr/qs1/9Wa/2qL+R7GaD1mfXZb+BEHztHPN+nnczhxDice9Oktsv2jyTVW
Uu3hb8mO6Csl99KO7nZUlxnztnCNra84d41z19p7lnNvc+5K557n3HbnfSEqn6yjzzuyw5Htjjyv
tL4q5sxDpStd5PMzff6Kzzt9foYr3eTT37vSh1yp2ZXeUzp+fWmduLH0z3xUVbZ7dEjZhfgWvo3v
4DJ8F5fje/ixmX7P4i8NFn9VsPibgsXfDyytje6P9ks+HZ2SfI7/m6PDzdqftUrcy8x9oFXi4ckB
nWHQCLL2bY1OMZ9fHp5zxr7WlIcV53Tnfys61wx2YfE3tqJzk18qrb7OjXYzshlGNsPIZhjZDCOb
YWQzjGyGkc0wshlGNsOZ0515qTOnO/PS0pk1zqxxZo0za5xZ48waZ9Y4s8aZNc6scWbxl21PcGbx
t21PKJ2ZcmbKmSlnppyZcmbKmSlnppyZcmZq8syTJ888WSRfjI727uiSxo2lNcJE8XcCi7+phE/j
M/gs/jWqsnarsnarsnarsnarmlb897RTir/4V/xNusmVxvKSR5ui9rJ3hc1lR+FovBvH4Fgch+Px
HpyAE3ESTsYpOBWn4b14H07HGXg/PoAP4kychbPxIXwYH8FHMQsfwzk4F+fh4/gEPonZ+BR+gXvw
S/wK9+F+/Bq/wQNYhAfxWzyEh/EIHsVj+B0WYwkex+/xBzyBRvwRS63Wlnl9LnSXPY8XsBwr8KL9
K0NH2Sq8hGasRvG3BVvwCl61grjQ08qXQuuUFVYSL2IlVuElNGM1XkZL6JjyCl4NHVP3DJunTsc+
2Bf7YX8cEDaXL8DdoEH5r8Lr5b8N28ofwsN4BI/ij/a/4NVqs3yF962ho3yt47u8z4fNFQfjHTgE
h6I2bKs4DIdjJo7AkaGj4p14V+iuOApyoUIuVPC94kTbJ/nsjPB6xfu9fiZsq0yEzZVJTMFUlKMC
lZiGKlQjhRrsht2xB8RbuRf2hrgrxV0p7kpxV4q7UtyVB2IGDoLxVxp/pfFXGn9lLQ7D4ZiJI3Ck
MZ0YXq88Ce8LHZWn4wz7zsIsfAz/4biveL3YZ1933DdQj0swx2dzcQ2uxTwssP8Bxz/k+IdDd+Uj
th/FmH1x2DytDGKdtnfomCaOafuE16cdKod+WPrlSuqUUaeMOmXUKaNOGXXKnFFGnTLqlFGm9PuW
e2Iv7I3p2Af7Yj/sjwNQ/AXM4u9fHoJDUYvDcDhm4ggciXcWf5/VU/ZROBrvxjE4FsfheLwHJ+BE
nISTcQpOxWl4L96H03EG3o8P4IM4E2fhbHwIH8ZH8FHMwsdwDs7Fefg4PhEV/7/01WWz8SkUf7vz
0/gMPot/xfnG/Tl8HhfgCyj+1uY1uBbzMB/XoQHX40e4ATfiv+B5o/RboD/Fz3A7fo47cCfuQvH3
L+/BL/Er3If78Wv8Bg9gER7Eb2EGLHsYj+BRPIbfYTGWQK8t02vL/oAn0Ig/Fn+JtPhLoHgeL2A5
VhR/dROr8BKasRr/3EXOD18u/lKpeWD34i+HFn+Ds/irocVfKZ2i403R8aboeFN0vCk63hQdb4qO
N0XHm6LjTdHxpuh4U3S8KUs8ozyO3+MPeAKN+COW4s9haMpT+Auexl/xDJrwLJbhOTyPF7AcLVFq
yit4NUpN3TOqmjo9qp66D/bFftgfB0TV5beEofJbQ658gfd3er8w9JffbU7iQamb3e8zsZQ/6DNj
LjfmcmMu16XLHw9byn+PJ3zWiGKXe9Lxf7LvKZ//BU/b/iuMs9w4S91vpe1mn632+rJ9LXgFr6I1
SpWvdW/PduWe7co77VsXJkqdstvYPM+V9zvXM0t5znur63Kr6/Jt8MxS7pml3DNL+XaMI0ZebBNh
S8VuYahid+yBPbF/mKg4AAdiBg7CwVFVxTtwCA7FkVGq4p14F47CCfad6PUkmGUrzK7/vetGqcpE
VF2ZxBRMRTmKf5Zd/IvXaahCNVKowW7YHXtgT+yFvTE9qqrcB/tiP+yPA3AgZuAgGGelcVYaZ6Vx
VtYW/1Qfh2MmjsA7w1Dluz2jHYNjcZxtK4XKE7z/eyc+2ftTcRrei/eJ43R8wvtPwnNu5aec9y9h
eeWn8Rl8IUxU/odxXuy4f+7SnncrPe9WXoW5xnANrsU8x9/k3uq/1LXv9LrQde/GL3APHnK9h/H3
Lv6YfTysjJ27K0xMi8KWaWXF/yQo5KbRc1qV1z3t3ztKlTq7GWrafvbtjwOgH087qPi9ZLHSJ9dV
c4u/6ltaoz3/1v5Li7+mW/oepbjeGo6mJs4J/5b8ZHjB6rSq+N2Wz4aiYxLvCdnEyTgNZ+Kc0JY4
N6xOfByftCo/P2y0uthgdbGh6oKwuupC3BiyVf+Fm/Bj3IxbcCs8y1UtwE/wU/wMt+PnuAN34i4s
xN34Be7BL3EvfoX7cD9+jd/gASwK2dS7QzZKGmk+cYFn4ss9Q59h/LHxx4nTQ8b448SHvd4UNiV+
7Nnli9Gx+texjlxd9dmQqfpXfA7/hq+GTVWX4Fu4FJfhe7gxxGKLxRaLLRZbLLZYbLHYYrHFYovF
FostFlsstlhssdhiscVii8UWiy0WWyy2WGyx2GKxxWKLxRaLLRZbLLa4+rywqfrj+AQ+idn4FP4F
nw6bxB7z8LSwjkMvJ0o+hlWlbw4PEfvD4n448cWwJPE1fBs3hWU0KP7CdLfYHxb7w2J/WOwPi32Z
2JeJfZnYl4l9mdiXVV0dllR9Hz/EfPwoLDGuZca1zLiWGdcy41pmXMuMa5lxLYvO5kA9B+qNrY8D
9cY3IYPGZdC4cfYYSZeRdCXP/9t48oK/xWaXGs4cX/ytde4cP/mMv1x2jcuucaPrMrouo+syui6j
6zK6Ls7Uc6aeM/WcqedMPWfqOVPPmXrO1HOmnjP1nKnnTD1n6jlTz5l6ztRzpp4z9Zyp50w9Z+o5
U8+Zes7Uc6aeM/WcqedMPWfqKdBFgS4KdFGgiwJdFOiiQBcFujhTH32YCnVUqOPFS1So48dLiXOi
g0U/W/SzJ79vvXnyefpoKuxb/FXt4v8dofi72pPfEn+BVy/x6iVevcSrl6gxmxqzqTGbGrOpMZsa
s6lRR406atRRo44addSoo0YdNeqoUUeNOmrUUaOOGnXUqKNGHTXqqFFHjTpq1FGjjhp11KijRh01
6qhRR406atRRo44addSoo8ZsasymxmxqzKbGbGrMpsZsasymRl1UIRfGRZwS8U9FfKWI9xLhNSK8
KjqARsvps5w2nbTpLP6OdfGXnH16u/iXi3+5+JeLf7n4O8XfKf5O8XeKv1P8ncbRaRydxtFpHJ3G
0WkcncbRaRydaqU+PPRP/W48OjbxaT3uAtTrc5focd/Et+DaRtz7Vq+bq2dcG1ZX/zBkq/8Tc3EN
rsU8zMd1aMD1+BFugN5YrTdW643VemO13litN1brjdV6Y7XeWK03VuuL1fpitb5YrS9W64vV+mK1
vlitL+42DVWo1vOKnT1bGnusxjNqPKPGM3QrPqcf6dM1ajejdjNqN6N2M2o3Y+yxscfGHht7bOyx
scfGHht7bOyxscfGHht7bOyxscfGHht7bOyxscfGHht7bOyxscfGHht7bOyxscfGHht7bOyxscfG
Hht7bOzFnnVBWE/tlyn83Fs9qxhRT3SiiBp9vtnnE9x4gxtvcOMNx/Y4ttKx1SqlSqTHqZQq0R43
+R3Qixx6g0NviLJRlI2ibBRloygbRdkoykZRNoqyUZSNomwUZaMoG0XZKMpGUTaKslGUjaJsFGWj
KBtF2SjKRlE2irJRlI2ibBRloygbRdkoykZRNoqyMTpFJA28WcWbVYn66CD+rBLBV1XADhWQF8n1
Itlv8puZ/YrfzIjkruK3WbxbxbtVvFvFu1W8WyWqBlE1iKpBVA2iahBVg6gaRNUgqgZRNYiqQVQN
omoQVYOoGkTVIKoGUTWIqkFUDaJqEFWDqBpE1SCqBlE1iKpBVA2iahBVg6gaRNUgqgZ1fEGpjt8r
ilcn/53TLKO+3aifiKrF2yLeFrG2iGsfMe3jkzvE0yKeFvG0iKdFPC1ReWIOX68MOxJXhdcT18uL
W8Nw4o7iN+327kxcH/JRmX/uiI5yRD5xtYz4Pq4PHYkbosrEjc6+JQwk7iz+7nXYlbg77Kq2vq22
vq0+GO/AITgUtTgMX3PMRbgYX8c3UI9L8E18C9/GpfgOLsN3cTmuwPcwB1fiKlyN7+MHYVcpnp1G
2peYG/rFsiXx87At4UkvujBxuWy/AnPsvVqU38e1oTUxD/NxHa6P9kncEB5PLHDcT0Jv4qf4GW7H
wvCU+J6qToSXq5OYgqkoRwUqMQ1VqEYKNdgNu2MP7Im9sDemYx/si/2wPw7AgZgRhmk4TMNhGg7T
cJiGwzQcpuFw9emhtfoMvB8fwAdxJs7C2fgQPoyP4KOYhY/hHJyLr4njIlyMr+MbqMcl+Ca+hW/j
UnwHl+G7uBxX4HuYgytxFa7G9/GD8FQ0ReZspOJaKm5K3BlG5dL1YUyeTET/woUCFwoc2MmBYoZt
MuPkzTh5R+SpXKBywQyTN8PkzTB5M0zeDJM3w+SpX6B+gfoF6heoX6B+gfoF6heoX6B+gfoF6heo
X6B+gfoF6heoX6B+gfoF6heoX6B+gfoF6heoX6D+TurvpP5O6u+k/k7q76T+TurvNMvlzXJ5s1ze
LJc3y+XNcnmzXN4sl6dugboF6haoW6BugboF6haoW6BugboF6haoW6BugboF6haoW6BugboF6hao
W6BugboF6hbU3JWyu1iLc2l6jey+PtqN2n3U3kztbdFlNG6icZNMH3DkKlr30bov8QPbc8Ogs8Zk
fk7m52R+Tubn+PAmH5r40MSH0cRtYaUKWKcC1qmAdSpgnVp6WW94kUcdPOrgUROPmnjUxKMmHjXx
qIlHTTxq4lETj5p41MSjJh418aiJR008auJRE4+aeNTEoyYeNfGoiUdNPGriUROPmnjUxKMmHjXx
qIlHTTzq41Efj/p41MejPh718aiPR30qJKdCciokp0JyKiSnQnIqJKdCciokp0JyKiSnQnIqJKdC
ciokp0JyPG7icROPm3jcxOMmHjfxuInHTTzu4HEHjzt43MHjDh538LiDxx087uBxB487eNzB4w4e
d/C4g8cdPO7gcQePO3jcweMOHnfwuCOq52CGgxkObuf381zcxrluzm3l3DDnhjk3zLlh/qf4/wT3
ctzLJW6271ZOLwiLOTjAwQEODnBwgINDHByVJ89wsYeLPVzMcTHHxRwXc1zMcTHHxQwXM1zMcDHD
xQwXM1zMcDHDxQwXM1zMcDHDxQwXM1zMcDHDxQwXM1zMcDHDxQwXM1zMcDHDxQyXhrk0zKVhLg1z
aZhLw1wa5tIwl4a5NMylYS4Nc2mYS8NcGubSMJdyXMpxKcelHJdyXMpxKcelHJd6uNTDpR4u9XCp
h0s9XOrhUg+XerjUw6UeLvVwqYdLPVzq4VIPl3q41MOlHi71cKmHSz1c6onew6U8l/KlavzvLoxz
YZQLoxzIc6D43DRK3VHqjlJ3lLqj1B2lbp66eermqZunbp66eermqZunbp66eermqZunbp66eerm
qZunbp66eermqZunbp66eermqZunbp46o9QZpc4odUapM0qdUeqMUmc0OlpneENneEP158znVYmb
RXGLKEqj9/5OLDTf323enmFVdxAOxjtwCA5FLQ7D1xxzES7G1/ENWEHSeoLWE7SeoPUErSdoPUHr
CVpP0HqC1hO0nqD1BK0naD1B6wlaT9B6IvoGrQdoPWDEOSPOqYKsKsiqgqwqyJb0/3sF0P1/ynwr
+ETxm43/fbYP8GOAHwP8GODHAD8G+DHAjwF+DPBjgB8D/BjgxwA/BvgxwI8BfgzwY4AfA/wY4McA
Pwb4McCPAX4MUDBHwRwFcxTMUTBHwRwFcxTMqYasasiqhqxqyKqGrGrIqoasasiqhqxqyKqGrGrI
qoasasiqhqxqyP5fVEOWQ1kOZTmU5VCWQ1kOZTmU5VCWQ1kOZTmU5VCWQ1kOZTmU5VCWQ1kOZTmU
5VCWQ1kOZUtz/Ejp30Keyqscr3K6TU63ydA+R/uixjka52ico3GOxjka52ico3GOxjka52ico3GO
xjka52ico3GOxjka52ico3GOxjka52ico3GOxsUYc2LMiTEnxpwYc2LMiTEnxpwYc2LMiTEnxpwY
c2LMiTEnxlx1MRfm4EpcBfkmxpwYc9EeenH8jzUj024uVXpeT83/n2rE2v1Ka1RPpqotpdrKVdsm
lbaPSquKZr/VUeaYjefiGs/l17vXTWFEZo84uqA2R8zO4846jsJ5Co+/bdU0IrtHZPeI7B6R3SOy
e+T/U7cZkX0jsm9E9o3IvhHZNyL7RmTfyP/TVVHxaaVAqZVvPbeMR8nJfQUu7YrOp20zbZv5N8S/
IdoWn2y6OTGVvv307S/1vwW2f+4Z4Q4rpYX23R366dpP13669tO1n679dO2nazNdm+naTNdmujbT
tZmuzXRtpmszXZvp2kzXZro207WZrs10baZrM12b6dpM12a6NtO1ma7NdG2ma7OcGpJTQ3JqSE4N
yakhOTUkp4bk1BDd++neT/d+uvfTvZ/u/XTvp3s/3fvp3k/3frr3072f7v1076d7P9376d5P9366
99O9n+79dO+ne391Mc45uBJX4Wp8Hz8I/SWNd0xWQiHaO7E02jfxnBXn8/LyhTAvsTI8nNhunRGH
BYkdoTWpcyaP9fR6fHg8eXLIvPXXyp+L9kh+vvT/bCv+TeFAKh1e4dgi112C51XAC6E9sVymr8BK
91zldXVIJ17xpNvubh1eOzEQTUsMqtTYGjdvJTSBnWE0GYXeZAUqcYCn/+NDX/KEsD15Ik7CKSGf
PCNsTtWFXOqi0JL6JvSI1He8XhbSqe9CT0j90Otcr9fAGjrVADNm6laoytQCn99un96Xusv2QvzS
NRaFHalHXP9x/D5sT/0BT9jXaPspr2JKtdrXhjVYZ7sLae83oNdxQ6E3tR0Tobdmehiu2Qf7wtNh
jafDmpn2XxJaaqzpa4yr5sYwXnNr2F5zB+7GA2E4Om9S1W4+Fai6jqpDVB2i6htU3ULVLqquo+p2
qq6j6jpq5qk5Rs0xSo5RcoySY1TcQcWYijEVYwoOUbCbgusouI6C3RRcR8EuCnZRsJuCXf+kYDcF
hyg4RMEhCnZRsJuC3RQcouAQBddRb4h6Q9SLqRdTbohiMcViisWUiikVU2qIUmOUGqPUGKXGKDVG
qTFKjVFqjFJjlFo3qVQ3pYYoFVMqplRMqbHosMSj4YeJpeH3lGqSg7so9FuqbE1sDF+XZ3MSg+E+
2f25xLiV9o7wQXn2YjIZlifLw23JVLhUtnckp4fa5CHRxckjwvdk/mHJ48KHqPaA7J8l5+5JfjBc
kzw7fHHyr7N6kp8P9ycvCJck68Mzxb9fEtVf9KTnzBIvYGV4zR1f58dGd8y4w6CrjrjiZlfcppbO
UEsf8ET4KMeeC23OKtbLy6UaGYje4ew1znzJmVuMLWNs1a7QXqqHk0O7M58LLznrdWc96Yy9nbHJ
/XpK9eupulTDh6jTY20fHzY6q9col0cHy6ztpTOXy6wVWCVjVjv7FVnVbhXZ4bUzbJEdW2THFpmx
RWZskhmbZMUmWbFdVmyXFdtlREFGFGREQUZskgkFmVCQCVs4t4Vz27lW7PwD0W7GU27ki9zvUff9
s1ifwqqwk64b6JlJXR3yrj/m+mOuP5a62/avQt51xqIpzho38sudsbmY91bCj+olS8XyQmi1N51o
00eKGm4MWbq1ue46110XXeCuCxw9T031lbLlz2Guu8915igldlJipyv0USJQYnyyrsYpMZ7oCktc
sVEmtSZysqcK08NFyX25sR/2x+HhiuRMHBG2Jt/F56NwLPfonjzT52eX/nb5BKM5Qe31UXecuuNq
r4/C4xQOFA5qr48KcykdKLGAEgsosUD99VF7J7V3UnsntYP661N/fVTfSfWd1JpL+XGKzU0t1omW
4OlwRWq515fRglewHt14zWc9Xje5xuZwRU0UXqyZGpbUlKMCtbaPxCU61PywQA32cXNnzZ1hc81d
WIhf4N6wJKqWkWOycTOnT9J93tR93tR93uT6aSr9TZX+pkp/U1W/GR3Ej6KXedqP0H7EWeV61Kge
NapHjYp9XOzjYh8X94i4R8Q9ItYRsY7oL6P6y6jeMqq3jOoto/J7VG8ZNdZx4xzRK0b1ilG9YrSs
yh3ny4A7ub+M+z/j/s8Sz3C0Cc+FlYnlZsUVWBkekAW7Emvsb5dbXWFOYn34a6IbaWzAa9gYbkz0
eN2MPtfc4jWDfgxE82VLYyLr/VbkZN6Q12FsC1ckRjDq/Ri2h3q9qVXn7tK5u1Tw5/SoVxK7fPYG
3gzPJP7mNZiFy5BAsX9NkW1TvS/Xp6rCvGS196nw7VI/293rHtgTe2F6OEO2niNbz5Gt55hbb0ge
GK5KzvDZQSj+f9xrvR6Gw/W8mTgi/FvySNvvxLtsH4WjvT8Gx4YP65Ff1lkWc20+1+Zzbb5s/6R+
eWvyVMechveG65Lv83o6zgjXJt/v9QP4YPh3VXFO8izvzw6Xq4zPTf7F7GIVclXywmj/5JdQH17V
X3+Xqg+tqUtwWdilSnapkJ+pkF2yZL4smS9L5qfm+/w6/Bduwo9xS7Rv6lbchgWOv8O+O3GX7YW4
23Xusf0rr/eFb6d+jQewKNyQejBcZTa7NvWo7cfwOywOs1TVLDPctTJwvgycb31wg1nu2tQfw3Wp
pXjScU/Z97Tj/ur9M2iyf7ntlfavct1m+1bjZfta8ApaXasNa7DW8esc24X1PuuG7i2756vaWamN
4a8qd5ZZ9FrVe47qnZXqs08OpuRg6nXIw9QABsOylDxMycNUDnIwtQ0jGNUBxpD3vhCeSe3ATu/f
hJxLyTldYV6NvKuRdzXJ8EzNFK9TwxxdYo4uMaem0vY03aMKcrAmFZbV1GA373fHHvbvib2wt/3T
Q5eZvstM31Wzn+vt75gDcCBm4CAc7NhDfH4oat3/MPt0WN1oXs21oVWFz6+5Mdq3htc1vK7hdc3N
uAW3+uz2cJXKn69TzdKpZulUs3SB+brVrJp7XOde477PNR9w/UW2H8Rv8VC4IqrVJS7XJf5Qmpmf
L83nK3SCfhW/QGX/u8peqmofV7UvmXNjFfusiu1TlW2qsVkVPqMK16q6j6qsL6mkx1XMrSpmhYrp
VyV3qJK1qqBJ9j8o+z8l+5fJ/uJ/qXCqjH81+op+9YiR/M6MtSbxuFlqqZ7wZ/uewvPmuRd8tjx0
6p6dZq5letaQmWupOXDIaAfNXkvNXkv1r0VGvkKfGjTyV/Si5Ubdpd9s1m82G3m/ft1u5Nv07HY9
u10/WW70i/WCxXrBYqPcZZSfKa55zF5rUl/WaS8KS81gS81ga8xgS9XmkNocMoOtUZ+PqM8h9fmI
+nxEfT5iBluTut55P8LNuCV06uqdunqn2hwym60xm63R4Tt1+E61+YjZbKnafEQtLZb3i+X5Yjk9
aD5pN5+0y9tBc0q7XB2Up8vl5SJ5uUheLpKLg3Jts1zbLNc2y61BuTUorzbLq83yarm5qF1OLTfD
LZVTj5jh1pg5OuXHIvkxKD82W0E+Iw+a8JwV2srwZ0pvMTu0yYUP6eYbdPMN8mE1VXup2krVVjnx
J517I2VX6dQbKLuKsqvkxla58bpuvFY3Xqsbr5Ujx8iRCV22W5ftlivr5UlGZ23RWVt01hY506Gb
rtdFu3TOtTpim47YRvUtVN9C7S06YJsO2KYDtumAbTpgG2W36Hptul6bTtemo3XpYt26WLcu1qWL
tehiLTpYlw62Xgdbr1ut1626dadu3albd+rWnVp0pxbdqUV3Wq8rdetK3ZNdqUU36taNunSjtdxZ
pbNs0Fk2cGkVh1bpLht1l406yEbdYoNusUFn2KAzbNAZNnCqlVOtnGrVFTbqABs41cqpVpW/gVOr
VH6bim9T8W0qvk3Ft6n4NhXfotpbVHu3au9W7d2qvUW1d6v2DVxsVeUbVPkGVb5BlW/wTDxgdVxc
V58c3ohOUWXF56xvqqiFKmqhinqez/NUzQ6+/pavjXxtVC1ZvvbxdQlPl/B0iYooqIICL+bxYp4K
KPBjnowvyPKFsnyhLF/Ii3myvCDLC7J8oSxfKJt30GsJnZbI5h20WkKrPlr1yeod9OqTyTvo00if
Rvo00qdPNu+QzTto1EijRvoskb0F2btQ5u4Qc6MYXwi3ytgJETxja7uxx+FRubkxOlBk221lRDYo
skGRjYiqRR/IiqxFZC1Gt93oWoyuxei2G12LUW03ou1GNGhEg0Y0aDTbjWa70QwazaDRtBhF8Vl2
MDrEnWJ3Wu9OGXfKuNMADYvPqK3uNu5ure7W6m6xu7W6W6u7xe7WSosxWoy5a0yLMXeO3Tnjzhl3
ztBizN1jd4/dPePuGXdvdffi82HGM8JG/XJ7eFXUr7rzuDtu0Mue0nHX6bjF54M/lTpuuaPGJ5+h
spP/DdPxyQuiE0vK9fpkg096S1vFZ7tdJR2nTp41Zivn+p2uP2o13GVNm6PwTnFWUSLCVGvSclSg
1vaRuDeMuMbGkjNtjk6bRYpjHI+OdI0VPvkz/cZc6y+OeP3vz/el+SbSXypQiarwF1F9WjRfpeMY
HTfScSMdi8/XG+k3Zgx/MYYVxrDCGFbQ8h+fu2fgoLc9f9c6fqZaPNLrvY6/z77iM3eZmIej/Yxv
1JhGjWmrMW2d/AZnm9EPGtc249pmHNuMY5sxbHPvUfcede9R993qvlvdd6v7bXW/re61zX1G3WNr
NNPVnxb9iyJf9bYu207nxe6UL3XVqtJfivxo0sv1oq8v/kXP37uPiFe569Pu+rS7Pv2/7DzFTlPr
uGKXOdJrsWPc69h/7hjTSrPoduuAHZ6ty/l6frhs8q87XnXnL5T+YvRE497oyD9xrcVzQafxP0ul
x9/WQYozQxel7uV1cd59nVr3Uute8Tzrqje72hIutli7dVLwXgrey8kWKt6rIrpURBdHW8T3rKro
EuNGMW4U40autliDdVqDdVpvdf5T5+jicguXW97qHLWuMTPcK/Znxb2Ryy2l7jGD6mmqp0vfRsS6
yI7wglEPUT5txENGXPwOZ4jaaWqnjXLICIeonKZymsppKqepnKZymsJpdxqicJq6aeqmqZumblpV
xbruTrOf7JFhcXg2SpgFd1op7YiSViMrbY3a6o9qbQ17hilYnwxbnwybKSfMlBNmyonJ7wiz1iwj
1vEFM17WTJc1002Y6Sas1wtmu6w1esG6YtiavGB2mzC7TZjdJqy7C9bdBTPbhJltwrpj2MyWtfYY
NtNMmGkmzC4T0TRz+Q4j+aW5e9icXVzXve6uwxx8gIMPlLrKNLP9eHK6TnJsyIlg0FG55CnR7jqM
Z57oBPfpiqa4zhbXKX7nWihGIOJU6RuEbPF4SkxXT6eEgv3Fb2Ud4bzN0T62itGPi35c9OOlyC+0
VvhS6Hhb5OMiHy9F3eq1DWuQxgaITmTjIhsX2Xh0qLu9Qt+Yvuvou+7tT+bunXOXDG1jd8i4Q+at
p/EnSt/4ZWgb03YdbeN/eEJfZ7ur9C1g6UmdtuvcPUPbdW9/Wo/KRB5HM5M13k0P91ktDVstDVst
DRvTk8b0JLViK6ZBK6bit2tDdNpqZTTMgTc48BgHHvMcuZfnyOJfRxZXPYNWPYPG9aTVzaDVzaDV
zaDVzaDVzKDVzKDxPGklM2gVM2xMT1pRDFpRDFpRDFpNDEYVRvMHd97ujgV33O5uO9xttbutjg73
6Sa69RvjemNc78j85HfY/8OhU6zszpDXZ9NhUein4U4a7nzLpSfsa7T9lNenrbRWen27a+tsd+Hv
7r3mmF7Hbw7r/8HFfanWS7VeqvVSqpdSvcbdM/mdVC9FeinSS41eavRSo5cavdTopUYvJXop0UuF
Xir0UqGXCr3RgeJ8TYyvifE1MW4TY7sY14pxrRjXWqkWs26teNZaVWatKrNiec3KspiBa8WyVixr
rSSz4lgrjrXieE0Mr4lhrRjWimFt6b+iPDz5H9Hh0cLoa+Hu6CJcjCvC/dEPwk+jH+I/MRfXoC8s
jLYggzHH7Ag/iXZiF97Am+EnZe8KrWVH4Wi8G8fgWByH4/EenIATcRJOxik4FafhvXgfTscZeD8+
gA/iTJyF/0bcmYBHUaVr+FSd6qrq6uqwh1VAdnBUUAZHXOI4GTc2UVEEBBxQBBMEBQRCwB0FZN9B
FkGIoILEjdWFcVfWBpqGIDuhEyqK7Il97ltNnKsjjs7ceZ6bPK+1na1Onfr/78sj3X+GG+EvkA5/
hZvgZrgFboXboBW0hjbQFtpBb1FZ+0C9r32o3tU+gvXwd/gYPlVrtc/gc/gCvlRrjblqgjEP5sPX
HG+AjcC9GglQanygrJoRKK+mB1DZAVR2AJUdqAxVoCrsVRMChZQ5Bt+qCWZjaAEZaoaZCX3hERio
5pmDgHk3x6lN5ia11sTxWA3UWqshNFLvWo3hCriS42uhk5pudYauarw1DRbCXo73wX7gmVlH1Twr
DkVcO8HxKTXe1tUmW4IBATABpWijFO0gOBACF8KQAmWgLJSD8lABrlZr7ZbQjf0H2T7BdjHbHPWu
fVJtCtJWsAL6+D5RXm0QFYDoJypBKlSGhtAIGkMTuARaQWtoA22hHdwO7eEOuBPuhnuhp5rNyp3N
yp3Nyh0uBqiXxEAYBI/DYBiqcljNOazmHFZzDqs5xxilNhijYQy8CGNhHIyHCTARJsFkmAJTYS71
5sF8lcNTnx3YoTYEdkMefAN7OX+Y7REo5Pox+JZzP6gNpgkWBMGBKlAV6kMDYB5M5oHVkWM2Z9uC
7TVsb4b7oCt0g+6QoWazcmazcmazcmazcoazcoab3K/J/bKCcuxH/LkRE9QmMREmwWSYAlNhESyG
HHgVlsAX8CV8BV/DBtgIm2AzbIGtEIFtEIUDagUxYQUxYQUx4XPxPZyAk3AKTsNZtYw4sYw4sYw4
sYw4sczIV5uMoxCHAigE3InhQRF8C9/BccCxGCfAr5cApZbxvq2wiAUW777Fu27xrlu851Zb9bl1
F9sO0IkynaGrWmY9zPEAGAiPw2AYBs/BSOB9s5gjizmymCOLOeJ9Wma9zHYh22VsVwPzYDEPFvNg
MQ+8ayt411bwrq3gXVvBu/Y579rnVgEUQhF1T3Ce+eC9W6ZdJgxRTgTA9L/bxv9WCgiC/+ndIXD9
j5iEFGgpUsU10FNlscazWONZrPGBrPE+rPE+rPE+rPE+rPE+YggtDFWZrPNM1nkm6zyTdZ4pnhZl
xDPwLDwHI+F5eAFGwWgYAytFTbEKDqihPNGhPNGhPNHJPNEcnmgOTzSHJ5rDE80R/idIn1XZPNVs
nmo2TzWbp5qtzVTbtFkwG+bAXJgH8+FlWAAL4RVYBIshB16FJbAUXoPX4Q1YBsvhTVgBufCW2qY3
FWX0ZiJVb842DW5RWfqt6jG9FbTnuLd6Uu+jMvSHIUNloNlayc5qALqtlezGdoD6Qg5Um+UmEZCb
RUW5FdW7DVe+XTjygMqRB9Eih0QjeZjtEf+zgdgWiPLGAFHOGAiD4HEYDENgKGTBMMiG4TAC5qpM
4kUm8SLT2CLKGFshAttgO+yAKOyEGOyC3ZAHzCerPZvVnk2syQqUU9tY9UOJMZmBAuEQX7KIL1nE
l8xAsShnSmBtmeWhAtSFxirTbMK2GVwpUokpmeZV7GeoLOJHFvEji/iRRfwYSPwYSPzoQ/zoY7KW
zKHAWjJnqG3mzOS/oN9mXQQ1oRbUhmbQVuXwpg3lTRvKm5Zt9RdlrEfhCXgSJsA0zs9lO1/U5G3K
tpayv5fy+2A/sOZ4cybz5kzmzcnhzcmxjomg5UER5U9wnfXHG5RtnRZl7Ipqm10JUqEyVIGqUA2q
Qw1grDZjtRmrzVjti6EO1IV6UB960FZPeACyOR4OI9S2oKa2OR3VY04nyFYZzgjgvXF4bxzeG4f3
xuG9cXhvnBdhLIyD8cD9OhNhEkyGKTAVpsF0mAEzYRbMhpdgDjA/zjyYDy/DAlgoyoSyYBhkw3AY
AcxtiLkNPQW83yHe7xDvd4j3O8Q4Q4wzxDhDjDPEOEOMM8Q4Q4wzxDhDjDPEGEOMMcQYQ4wxxBhD
jDHEGEOM0b1ElEkJggMh4oMuN/KmHCAa+Xv+Z49U1h8nmrnJbxcwwQIbguD432+U/JYj/xPsXf/L
RVAAMRRADAUQQwHEUAAxFEAMBRBDAcRQADEUQAwFECPyVSDyVUAJxFECcZRAHCUQRwnEUQJxlEAc
JRBHCcRRAnGUQJwo2Yso2Yso2Us8pDzRG/rAw5ABmdAXHoF+0B8ehcdUbyJqPyJqPyJqPyJqPyJq
P6JpOtE0nWiaTjRNJ5qmE00doqlDNHWIpg7R1CGaOkRTh2jqEE0doqlD3t1N3t1N3t1N3t1N3t1N
3t1N3t0t/L935MCrsARWiqpE3qrkX4/865F/PfKvR/71yL8e+dcj/3rkX4/865F/PfKvR/71iNb9
idb9idb9xRG8bD4chTgUQCEcAw+K4Fv4Do6raUT2RUT2RUT2RUT2RUT2RUT1IUT1IUT1IUT1IUT1
IWj6KJo+iqaPoumjaPoomj6Kpo+i6aNo+iiaPoqmj6Lpo2j6KJo+iqaPoumjaPoomj6Kpo+i6aNo
+iiaPoqmj6Lpo2j6KJo+iqaPoumjaPoomj6Kpo+i6aNo+iiaPoqmj6Lpo2j6KJo+iqaPoumj2u0i
VWsPd8CdcBfMVBEyUYRMFCETRchEETJRhEwUIRNFyEQRMlGETBQhE0XIRBEyUYRMFCETRchEETJR
hEwUIRNFyEQRMlGETBQhE0XIRBEyUQQvkYuXWIOXWIOXWIOXWIOXWIOXyMVL5OIlcvESuXiJXO0r
4WhfwwbYKByymEsWc8lirt7S/zeqbP/C9hY1gmzWlmzWNpnNOqtCvSf0Jrv9JKvpmaqQzHYdma0P
me06MlsfvPg4+Zh6Xa5WH8l1IkV+SPbbiJ/fjE/fKiqT5eJkOSl34O/PZ7oAma5e8jMm45wvIPMM
EC5ZziXLuWQ5lyznkuVcspxLlnPJci5ZziXLuWQ5FyUdR0nHUdJxlHQcJR1HScdR0nGUdBwlHUdJ
x1HScZR0HCUdN6Ypz5gOM2AmzILZ8BLMgbkqncyZTuZMx3fl4rty8V25ZFGHLOqQRR2yqEMWdcii
DlnUIYs6ZFGHLOqQRR2yqIPO9NCZHjrTQ2d66EwPnemhMz10pofO9NCZHjrTQ2d66EzPOKkKjVNw
Gs7AWTgHxVACvBNk5iFk5iFk5l5k5giZuT/+L4r/i+L/ovi/KP4viv+L4hJiuIQYLiGOS4iRwdMD
B5WHU4jhFGJk8l5k8l4BxhRgTGT0dDK6i2uIBRIcK+WZAjTQQQqXTO/iKGI4ihiOIoajiJH5XTK/
i7OI4SxiZg3KXgR1OVef4wZArMVlxFAG6SgD12zKddYg6qACriOGQkhHIbg4jxjOI4bziOE8YjiP
GM4jhnLohXLohXLohXLoZRJHTeKoSRw1H4MBMFD1Rk30Rk30Q030Q0Wk42ejKIkISiJizkl+IlOq
uRzeSn4qU6r5MdtNKheVETF5lvjeqHlapKI4IiiOCIojguKI4IVz8cK5eOE1eOE1KJAIfngNfjjX
ukY4eOJcfIGHL/DwBR6+wMMX7EalLMIXePgCD7XSH7XS3+qiCq37oKsagj/wrAz2eaesvvAI9IP+
tPkocF94h914Bw/v4OEdPBSOg8Jx8BAeHsKzRlF+dPJTBT1Uj4Of8PATHn7Cw094qKAhqCAHFVQV
X+GhhIaghBy8hYe38PAWHt7Cw1t4eAsPhdQfhdQfhdQfhdTfOkjbh+AwEOstYj2qaRqqaRqqaRGq
aRFqaQhqqT9qaRFqaQhqycHrR/H6Ubx+FK8fxetH8fpRvH4Urx/F60fx+lG8fhSvH8XrR/H6Ubx+
FK8fxetH8fpRVFcE1RVBdUVQXRFUVwTVFUF1RVBdEVRXBNUVQXVFUF0RVFcE1RVBdUVQXRFUVwTV
FbGvYExXwtUq124J3Wi7B8c94QF4kHO92D4EvaEPPKLiKLQICi2CQovYT1BnHOcXUzZHrbFfZX8J
nFTRoBCpKLhIkHsLVlC5wUrCce5UB5y74G7oqNqi7No6XdgfrAqdIZAFPyq9J9l/FkYKF8Xnovhc
FJ+L4nNRfC6Kz0XxuSg+F8XnovhcFJ+L4nNRfC6Kz0XxuSg+F8XnovhcFJ+L4nNRfC6Kz0XxuSg+
F8XnovhcFJ+L4nNRfO7/o+Jzf6b4Komx6lqtq2ijdRd3aveLwdrfxF+1HuJarae4R79FdNR7i7tl
B3Wj7Kj+LFepRXKdaiP3q8/RhhUlEU4eVhNkvvpUHhXVZRy/VaBOiVpibGK9WKq2iL+rLbR+femn
wbag9Uto/RJav0HrrU6RWw/RC24OV9ZBtaSX6+hloFyjVsu1sC5RKD9Qb5PjdsiP1MdyvRpL78/Q
8xl5SB2h95b0Po7eJb3Poff1wpYb1EK5iTHh5OUW1UNuVStlhFrb1S6yYh46dan6hLF9Qsl7yZ0b
KD2N0llySyJB6fmUvpU8+jY1HqfGzORnO17OaLPJ5heRvW/V25DJe6veel8h9SXo5PXqb/qnarq+
R/xRP0lGrijKyMvVK3KNcMnSl3MHb9LTp/hRKbfgNbept8jSAVpPcEcRMnVWaaaWpZ5UcmdH5FHu
Ks75AnVMu0cYaqUIgAkW2BAEB0LgQhhSoIxaLcpCS7VLXANPq+XiGXgWnoOR8Dy8AKNgNIyBsczh
SrVZrFKbNV3t0iQYEAATLLAhCA6EIAxloRyUhwpQESpBKlSGKlAVakItqA0XQx2oC/WgPjSAhnC7
ytPawx1wJ9wF2TAcRsAT8CQ8BU/DM/AsPAcj4XkYr3ZqE2AiTILJMAWmwjS1U2+qluvNIQ3aq/f0
F1RMH6VirPIOPJVC1lkJa2w5T6KQNdaONVYiTyXy5WneiDPKkmcTp+W5xC5ZrExZkjgif1BpMsF5
paoagUS+YaobDUtZhp04bQQTuwxHmUYoccRwVZoR5nwK5QaolcZAGASPw2AYAkMhC4ZBNgyHEfCy
2mUsgIXwCiyCxZADr8ISWAqvwevwBiyD5fAmrIBceAvehvdUnrESVsFqWANrYR28Dx/Ah/ARrIe/
wxa13NgKEdgG22EHRGEnxGAX7IY8tTxQrFaaEli/ZkCtNsuzrQB1oQk0gyvVLvMqtmNUnjkVpnPM
fZqvsM/9mNyPyf2Y3I+5jHPLYQXkwruwkvOrYDWsAcZuMnbzC/a/hK/Y/xo2wEbYDjvUTjPGtSNQ
AN/BcfgeTsBJOK3yrBQoA2WhHFRRO62qUA2qQw1ornZZV0F/tdx6FJ6AJ2ECzIX5arO1lO1ptdxu
qPLsS9Qu+zK2Tdm2hXbs36t22j243hMegBc4P53zM2AmzIKlUKx2BoXKC5Zjy/sV5L0KVoMaapfT
Q8WcPpABfaEfDADed4f33eF9d3jfHd53h/fdeRHGwjgYD4zXmQiTYDJMgakwDabDDJgJs2A2vARz
gHt05sF8eBkWwEK1PHSbioVaQWtoA22hHdwO7SFLvRcaBtkwHEbAE/AkPAVPwzPwLDwHI+F5eAFG
wWgYAy/CWBgH42EiTILJMAWmwjSYDjPUe+4lanlKUL2X4kBIvScMcsVyIn9cbhOXEZdLxBQxVM0S
WTAMsmE4nFUx/HMM/xzDP8fwzzH8s4d/9vDPHv7Zwz97+GcP/+zhnz38s4d/9vDPHv7Zwz97+GcP
/+zhnz38s4d/9vDPHv7Zwz97+GcP/+zhnz38s4d/9vDPHv7Zwz97+GcP/+zhnz38s4d/9vDPHv7Z
wz97+GcP/+zhnz3/U7i0Txjnp6oQz1qIZy3EsxbiWQvxodPxodPxnVvxnVvxnVv1hSo/+f9Hnv+/
jvbpp9U+slmULDZLbhS1yJd7yWBj8HCz8HCz8HCz8HCFeLhCPJzvn2L4pxj+KYZn8vBMHp7JwzN5
eCYPz+ThkWbhg2bhU2bhSWbhIWbhITw8QiHewMMHFOIDCq0mKmZdkvw8zkK0v6/lY+jsGNo6hhaO
oYFj6F8P/euhfz30r4f+9dC/HvrXQ/966F8P/euhfz30r4f+9dC/HvrXQ/966F8P/euhVwvRq4Xo
VQ+NWmgPpO0n2F/sf2qa8tCbHnqzMFiR96mjmo7GnI6m3Iqm3Opmq3x3OIxQ+eGKal+4EqRCLagN
T3J+gdondLLKa+R1dJxcJa6Wq8V98n3RXH4gqjC/78qPUFLrRUO5QbRlrtvi6wMohuvx9uVlRFzB
vH+DcqiJztnP2QOiCXqhLXqhgcwXN9HuR6V/y76Enj5USyk/Kdnncq71QVWsFimc+5yjjf7nUv7y
s3S13iLtwp+ny3ia8XZcS6+tyYe3MobzZ5qRLU9z9kay5WqyZTz5GcUF/rdRcrYGR9cn/6ZYmbL1
GYP/XQSHxaWUuIyjjSKNO6zItZrcq/+pbx3V13KAaMn4PzKuQ6/pnPmMoy8pTW5CExZxlMdRhghz
dI6jz0RDYYg0EQATLLAhCA6EwIUwpNBjB1FJdkLjdYUM7mk1OvADdOaHarMxQKQZA2EQPA6DYQgM
hSwYBtkwHEaINLx8Gp49Dc+ehkdPw6On4cnT8N9peO80/HZa8vsvwqjbE/SUx10clu/zJP1vM/lQ
vYO6LeDeBzAnqxjXWkpxt9x7WJTXNom62mbRlJnpyjz8RXaiVGfRWXZNfsZcZ5mhPvQ/lUgOUvvl
VNFCThNX0Y/Hk66PknnDuFpcYbQUTZmtzqImNWrST3Oe5gBRm56O+f0newqXfq/Jp7ILte+jfHe2
97MdwArbpHaikQvRx2eT62e7sKklhel/EwqlUymZSskgJT1KFIlUcYAoioYSh9BNj9KT/0wHqa3o
7kKeehki7uZkexGe4DZq0aaviAPlVQkevgQPX4JHLsEjl+CRS/DIJXjfEvrsoPL9f/FEi014U6xk
a9vUCVH5Z312IWZ1h0zubQBKfKP6jtEVcR8eK64SfZ+k1sf0G6LfM7/Zb4h+9/vfzUJr5ek3QIsn
abGQFk/QYpDWviu9ixLesw6c9T8vsAtKvjs8ypUBoio1g4zYpOYpapZQM8xYEv6sUbOYt+KAuFkc
hENwlpV9DoqhBH4gOnTAuXRUTWUXosV9opvszvZ+tpl4n0cZzyC1QA5jXUwVf2I9XMuMb6LHlsln
s0W9lOwtorbzzlXE5ZwrXSNXGLRtJECJhoHy4marE3SGrqKhNQ0Wwl6O98F+YJxWEedOsD3F2PzP
fyxiZGe557OMrAn3fZaRNeG+q3HffsSwuV+Hez0id4iyyVW3hhofUeMgNapR4yA1qlHjT5Quy5gP
J1feFlXMuM9Q82CyViT5vQSd6K8zK7kr225sBxIV94s6RLwiYoxDZKxKZCxHvFuT/EYd//nFKCU5
U8Rz6MBex+S74X8aXqp8jFX1OPnuMOPOp8ejykuut73UO0g9h9ZtWta5EhNVRU/1nXgAHoTHePod
eJ6dGFdXGMjK9EsfYJUcZqaPMKaj+Ms4rRSQJ68TlQNl1XeBQjimvjMzIBP6wiMwEAbRbkrpdwJF
aTlGyzH5GHc1kJi/n+d4gFV0kDcoebfE4Xzm6Kj6KunFKzO+YsZXzPiKS+/e/5vyHlrZQys6rTRh
jGVp5TStJGjF/6R5mxb2+d9HxPiKGV8x4ytmfMWMr5jxFTO+YnGp6ClaiwfgQRgq0kUWDINsGC7S
6bEMPf6BmBVghtsTswLMcnti1mJmegUzvZZ1+inr9FbWaWu5RE3gnr4kQzQ4Pxrylj+afNTE1aIl
a7SlcZ2KGnNFujEP5ov0QFnROrCXbSHbY/CtSDcbQwvIEK3NTOgLj4A/PptRnSpdN3rputGTz8qf
waPqSPKvEW8w7kWlpVJLS6Uybo+SVyT/AnFUbWVlZCTW4wWP4f324vWO4e32Go0Sh1hrGQmPs0Wc
KTIaqetpNSOxR55inoupXUJs+EFtMALqNL7wjBFSJyi5gZI3Jet+yNXNnNnMGSdZ15Pn6K+YWflB
bcNjJoygMKmboNQ2vGSCkmnEpYzEYXpJ4FJPMLJCeZZtMb2WsDLP1yyh1wTu9AQjLjRstg6jCHH+
fEsl3MFJVl0Gvva00GiliFYStKJoIT/Ztyk0ahdRO0FtRc380jE09ucpMZ4x7Kd2XWrvovYpeY43
1h99Cev4B1ZcAp2g1A+MZT+t1aW1XbR2ygiqSPKuQjxnV5TFKcdp+QfG9LqfRZVOi2cYR55MCJ1a
Z+g7zwiz30hd7JdIbKTEEfrzZypGiSO06c9SjDa+ZXb/6Xnx9EufE7V/4/kkyyafC2V/43lwj//H
50A8/TfnnyjzX5537vFX5jt55YLzLFKMiiJoVGJ8VYRjVKO16tSpgWa4iP2aXKvFtTpcq8dxfa41
4FpD8oFhpNJDda7WZlufZ+IaFTnCQxiV6b8aPVSnJ7+tmpyvxfmLOV+P8/U5Tzs8Bb+033P10hJ+
T35b5RmXztVDRipnKkMVUZPxlafkIdqsyfh0xqdT65BRm+sXQx3O16NMfc41YL+h/63ktJLHWP07
1I2qjLWaCJS24tfOY/z+HepGXa7V49r52jr3WxEqsfZSGXMV2q3GvVTn6degr4v8++J6La7X5nod
rtfjXH2uN+B6Q+6Pu+DZVKLdVM5WhipqO2NIMDv7jRo8y4u455qUqUWZ2ly/GOpQpi5l6lGmAWUa
ktn85+Qm57WKqMg4/Bk7wzgqMo4Q43CTc1uH43rJGTzDGCoyhpD/VIRM3nu10nk+P3p/9mTyvs/X
KCodtS7K/KdrgrfWY/7+aV3wtl8uwv/u2qBWU2H92vrgan1R4b+1RmjtD9z1f7hOqN1IlPu/rhVa
udq/o//OeuFJfJF8jv/RmknmhvC/u26SUb2RPJU4SiTtTsSpQVRrI88liohqf5UliTjRpydRrTZR
raURSBwlonYnGtUgqrUxgokiotpfjVAiTmTqSVSrTVRraVRMnGJGLmVGGjMjjY0qHFdVf2BGUhhV
M2alAbNS36jJ+VqUq02Zi6EOx3UpV49y9SnXgHINWTVBnJuL50qT/vf6rBcVULsVUbr1UBV/Qit8
jNork/xuoVVaV3GN1l3cpN0vRmt/Y9sD595BzZZ340XuUatQHrOT31TX+F+U+jhZyv8OpB3Jsz8e
Lf/HkY6TX6d9oJYn9/xvt9vPXhlc8qVCiJZ40ibiz/w2Fa3EnaKZuFvcw9l70XLXiofEGHGbGCuW
iEfEKrGOow/4nSC+ENvFRBHld67Iw53ME0do8VWtulZdbNFqapeKrVprrY04oLXT7hKHtE5aF1Gg
ddO6CU+7X+spirQMra/4XhuoTRentJn8VtNm81tdm8NvDe1VbYl2kfaBtlGrpTfVr9Au15vrV2lX
6C31lloL/Xo9TbtK/4uerl2t36TfpF2j36K30q7V2+httBv09vqd2p/1u/WOWrreWe+s3ax307tp
t+g99Qe0W/Veei+tld5b76u11h/VB2l36IP1kdo9+gv6i1ovfZw+VcvQp+sztAH6Qv1NbZCeq3+s
PaN/qm/XpulR/YC2WD+qF2i5epH+rfaOflw/rb2nn9WLtXW6kkL7UOpSauulJcPax7KMLK99JSvK
itommSqraZvlxbKOtl3Wk/W1qGwoG2sx+Qd5qZYnL5eXa9/IZvIKba9sLlto+2VLeY12SF4nr9eO
yBvkDdpReaO8UYvLdJmuFcg2sp1WKO+SHbUi2Un20E7IDJmpJeSj8nFdyGFymG7K4XK4bsmpcppu
yzfkG7oj35Jv6SH5rnxXd+VKuV4Pyw1yh15F7pcFeh15Sir9D0bASNFbGBWNRvoNxnXGdXoHY4Ax
Ur/bGGW8rfcx3jPW6VONr42N+kvGFuOQPs/IN5T+VsAJOPpXATfg6l8HygbK6xsCWwM79c2B3YG9
ejRwIHBAzwscDhzW9wTyA0f1bwIFgW/1fYHjgeP6kcDJwGk9P3A2cFYvCBQHivXCwA9mQD9mWmaK
fsosa5bVE2Z5s5KuzCpmTSnNi80rpWP+0fyjvMi8yrxZ1jTbmR3k5eZ95lOyhfmM+ZzsYr5gjpbd
zHHmOPk3c4I5UfYwp5hT5APmNHO2fNCcZ86TGeYCc4HMNF8xX5F9zaVmrnzEfMdcIweb75sfyRHm
J+an8mnzc3ObfNbcYUblRDNmxuRkc4/5jZxiHjHjcpr5nVkiZ1nC0uViy7JqyyVWA6u5/Lt1tXWd
3GrdYN0go9ZfrJvlTus2q63cY7W32ssD1l3WXfKgdbd1tzxkdbK6ycNWD6unLLR6W72lZz1sDZZF
1lBruPzBesJ60tCt56yRhmGNskYbpjXOmm7Y1kxrplHemm3NNipYc6y5RkVrobXQSLWWWquNytZ6
63OjkbXZ2m5cbu2yjht/tE5Y54w2VomljLvsBnYDo6PdyG5i3GtfZl9udLGb282NrvbVdkujm32t
fZ1xv32DfYPRw77Fvs3oabe2Wxu97LZ2O+Mh+067g9HHvte+18i0e9i9jL72I3Z/4zF7qD3UGGRn
29nG4/YT9lPGYHuk/YKRZY+2xxjD7XH2OOMJe6I90XjSnmrPMp6yF9s5xvP2UnupMcp+w37DGG0f
t783xtgn7ZPGWPuMfcYYFyTwGeODRtAwJgatoGNMCrrBysa0YNVgVWNBsHqwprEwWDtY28hx7nQ6
Ga863Z3uxptOT6enscJ5yOlt5DoPOw8bbzuZTl/jHaef0894zxnkDDJWOkOdocYqZ5gzwljtjHRe
M953PnA+Mw4525zdhufscQ4Zp5yzoWpGIlQ3ND5QOzQxND8wNvROaF1gTmhj6HhgsWu5VQJfupe4
fw3kuR3dhwJn3IfdfmbQfdQdYJZxB7mDzfLuUHeoWckd5j5rprrPu2PN2u54d7zZ0J3oTjYbuVPd
eeYl7svuy2YLd6H7mnmVu8x9y7zBfdddbd7krnXXmq3c9933zdbuh+5nZhv3K3eL2cGNuBGzi7vd
jZr3uTH3G7O7u8/91nzQ/d49Yw5yz7kl5jA3ERbmiLAe1s2nwkbYNJ8O2+Gw+Vy4bDjVHBOuEq5i
TgpXC9cwJ4drhuuZ08INwg3MOeER4RHm3PCT4WfNeeHnwy+ar4QnhCeZS8NTwlPNN8IzwjPM5eFZ
4Vnmm+GXwvPNFeEF4cXmuyl6Soq5JqV8SmXz85TqKReZG1NOp5wztwjdQb8L4d5Y7nbRSNQW/6Uf
tUodUIdFU5XP/q4LlkioWWoZv0VqFEe3q87U+Zi9/NLr+SrOf/eVHp36RX3/alyd4Pd/r1kX6Od7
mPyb482CtT87s4ceUv1efvUH50W5naqYfZdM3kWEOT7w8zH+eDcX6PMrtVd56mta2M/dHvmtMf6O
H5tWp5a2flAVqo/VodKj47/ovQDy1DdqqzqjbhNB5q6JuPgn1xO/1Zk6ybM7QQv/O3LmH8Vy/uor
6hXhwj+e4T/VPgaHVIw29nAYQGc1ENezVyt59e9qg9rO+mHt4Nsv3P8S9bKaw/Z5SFOXqYFqAHs/
mccf7569wl/UTqhP1BFW0CfqS8bBc/Bn7+e1/lH2q9+YCoFPFSIluTe29IxH21//uDZ/uipKz5zg
zo8z97vU9+j9MpxqzlP4R++qIPmECn4s/Yv6heoo75j344z7fxlNbnf/tMxvjbu0XOxnR/1/dvTZ
72uDn2bJ8qUrTe3g+dlqx2/0fPon73Yz8affKP2ayvHfaPXJ7x7Tz+sf9leHv2Z/cWXb76jNnann
knvv/PP7rP72O+qzRtRbybi1x39u/+6PejUZTV9lXn/5Y/+uForUqmTU/J3r4gItHP/9q+oCtUsj
rNryH9VenvzvDj9y/Nd/rvwd/R8+n8tUMevo+3+7B/dfXm0IdyR7+THj7Tv/W3q91gXqNOa3Fr+N
fzbKRaXbjed//0X9ZhesXzq7rJKTRKeTvzZg4ucx9R0RbG/ynfJX9Znk+UnJyzXVB2qdivgZ/Vfq
l/xkf7SoSvy/R7Tz35DSc3nkhtW/jMX/qFP8k/3xZJ4y4lbRnf03Ss8dYPY2/3pW/bH/5IqeQf0g
0efR0kjun1+hlgmp3v3V+v+8CgOop16cf7H0+mfqU+b/i9KjX8bvcz/ZH0XtqqKN8JVQWum5tWol
Lbz+q/0fvPD5BE/Mj4+qvWqreqp2paXn/qL+U0SxV9TrapOK/OS0Lu4TT4sx7I0V4/x/MyNeY+W+
Id5FHa4W68QVyb8qtBDrxXZxldgpDolW4oimiY5ad627eAxHf4cY4Ht5Mch38eJxvY+eKYbgx6Mi
W9+lHxDD9Xw9X4zU43qBeN735mKUfko/LcboxXqxGOt7czHO9+ZiAt48JCbJWrKWmC67yPvEDNld
3i9mGe8Y7wjf1SoxJ1A+UF58Zb5tvi2+Ntea68QGc5e5W2wylanEFt/Tia2+pxNR63arvcjzPZ34
Bk93j9jrezqx3/d0It/3dCLuezpR4Hs6cdb3dCKBpxutCdzcBM20JlnTtaDv6bQyvqfTyvqeTitn
LbAWahV8T6dV8j2d1gBPd1y7FDentHa2tAPa/1D3LXA2lev/z3rXXpe997vnjrkY97tJgzHEEEJF
F5UuRxijomTMHKnMZPZQkaSSTqhELnWKjpwuKvlVp6N7R6KQ3MktSRIqrP/3efaeaUS5njr/NZ/3
2e9+1nvbe7/r+36fdfnOta7rBow+rnZjjDw33k00rncruVWMAW6qW9UY6FZzaxj5bm23rlHotnPP
NW5B1HaDcSuiszHGMERn9xnFHH8Zd3BMZAznmMgoCd4RHG+M5EjHmKTjdLLxun5OP2cs0pv0buMd
jjWMZRxrGF9wrGGs5ljDWMexhrGeYw1jE8caxnaONYzdHGsY33GsYezlWMP4meMI4yDHEcYhjiOU
ivHHBJUTUymmigrEHIj5SfE1hRUyYwyZMQozZiIiikn0GOb04zQLnqfw59DTNBur1BzMJ1vmk435
tBBH3f9hVgVkVgUwqz6A/0P6jIL0Of4UZtlysOovaDXY1RraiGNsE+ZcTdpK3+GI34O/WvQ97afa
dAB/dehHOkR16TBmZLzMyHSZkabMSC0zUmNGDqI4lY95qWVeJmBerqHKaq1aS4lqndpAVdRGtZGS
1SbM16oyX9NkvibLfK0k8zVV5mui8pRHiSboPyVh1ipYbFQJc9dBHj8+pZh+zOMkmcdpmMe9qJ7Z
G7O5PmZzX+TzMKfry5xOx5xeQ4Zvre8rUr4tvq1k+7b5dlHQ961vL1Xz/eDbR7G+/b6DVN13CLO/
rsz+mjL702X2p8vsT5fZn47Zfx4lOZ2cThR0Ojudyed0wfFg4XjoCk83pxs8FzkXkeNc7FxMrnMJ
jpPaOE66o+5lOFr8crQE+QwIhZyrcczE4Ji5lmo6vZzeFOv0cfpQXScXR1G8HEXxchQZOIpuRq1B
TiHK/NUZAs8tzi2knKHOrejlNuc2tHw7jrQgjrQ7UGu4Mxz+EqcE5cM49kJy7Bl8PgVlxjj3ot+x
zn3Y+6DzIDzjnfGo9ZDzEMo87EyEZ5IzCSOZ7EyGB8cnBfj4RDtTnamoNc2ZBv9MZybameXMQsk5
zhx4nnPmou7zzvP4HuY5L+Gbedl5DeNc4CzAd/K68zpG9W/nHYz2XecDtPmpg5npfO5gTjornFVo
7UtnHdVw1jub8J1sdrahr+3ODqrlfO3sxDf5jbOL6jjfOt+ix93OHox5r7MXJX9wfsDefc4++Pc7
+zGSA86PaP8n5ye0/LPzM1o+6BykROeQcwi9H3YOo67nePz/VV2L0hlNYIEmsEATWKAJLNAEFmgC
CzSBBZrAAk3IAJrcAzvGHUOKMYV8jClkMKaQBqYMhy0JlFIcIwuZQJblpIMrgispFPwiuIfiGGXI
ZJShFKDMJkrUm/VmStJf6a8opLfoLVRZb9VbsXeb3kbJerveTlX1Dv0N8rv0LpT/Vn+LMrv1bpT5
Xn+P/F79A6XqfXofyuzXB1DmJ/0T9v6sD1JQH9YeJYc4tE5k/IL1hXywVsimBKCYS1VC/lCAKoWC
oSBK6lCIqgLXEuFJClWmVEY3qgx0S4VNC1VFmWqh6pQUqhGqgXZqhmohXztUG+XrhOogD+yDH9gH
zxOhqehlWuhJ1Joemo6WZ4Zmoc2nQn+nSoyGZDIaUhyjIcUBsf4ZRcPx+DMFDS2g4WTkHwcOmoKD
NlDwOeTn0quwrxFmG9DwLeTfBgaa9A5w0AQOfg7EXA58NeX8vSs4aAoOVhIcrCw4GBAcrCI4mCw4
mCI4mCo4qI1YI5ZCRk+jJ+wgIx+2wBgCO9QYCjvWGEshoORlpAQl/UDJ62EZJYOCkn5ByRjBxCS1
U+2keMHBBMHBRHVIHaJYQcA402f6KAHY5yIfMAMUb/Y0e1JV81q5k42xL12wr7rZx+wDf67c3cY4
mC44WN3sZ15HaeU4uJVMIOBecoF9BykgqJcqqFeZz9ri+OzgdMDR29HpSKZgnOucD4zzAeO6Ic/o
Zgq62YJuyc6lzqXwMLqZzhXOFbA9nCtRkjHOJ+hWWdAtIOiWCnTrS9rp5/SDvc65DuVvcG6AHeAM
gGWkcwXpAlGkG+oMhedWIJ0tGOc6RU4R6hY7xShfhnSlyEcw7k7nLuQZ6VxBOlOQLuCMc8ah1v3O
A/Aw6rmCejqKehOcCfAz9rmCfamCeqagns95AqhnRlHvSedJ5Kc704FoM5wZKM84aAoOplbAQVNw
0AUOLkA+gn0LnX8h/29nCSxjnwvsW4U8o14lQb3KgnoBQb0qgnrJgnopgnqpgnra+d75HrUY+yoL
9iUL9qVGse8gMM4UjNOu4RpkRtAqMCxQRP7AHYE7YEsCJRQMlAKbgoGRgZHwjAqMIr/glApOCD5K
ShAnSX8DrInT3+k9lCD4EifIkgRk2Y/8Af0jxQJTDuM4Z0yJD5khk2KBJg7FCI4kCI4kAUESkGcE
SQxVCVVBGcaOpFB6KB3+6lHsqIkWGDsSBDviBDviBTsSgB1PoM1poWmoNTM0E+VnATUSBDUUqWa7
+cxryy3nZVNXuua3eP7/H5u3zdvOKfpu/bHiLj7PI+f6TrbtzXyGSyLvt+T9l2V9il0SjT53cvwp
segqb6O39cgzOsfvt+wMnVd48iM8s5vXDZEnv/5m7H1UjW2ItN879fMy5e3s/PU77zuxUT9ixb34
Zjd6u5DKz+xViESTKtRehVIric97VEEueoaxLLr+g7ZA+Wgq9qvpL+L7+lhnF7wdR5+b8/Z4G7wv
sOeoqxCnupWdJT/yHR8/0Vld4XwBxm6W53f+1q/srTv6rOaZ2o59Bee4tWZ50+X1oJwNf58Tnx/y
nkXug2iZspnFR/AP3idl/pPqZ7PM0Y2/vOezYN6aCiXul/NBfK58neQ2YzQVESr6/Z7o7ytnrTce
v9zJb5hpFdr19nkHkX7ic13eoSPK/d51qf+x7Q8+5k9g86acRuXux2hvIzXAHKx2Gq3+/taABFsZ
TwVTj7kBG074GuLprxW/au+IUVU89k6w/gveG9686PWBJG+a94Z4N/HqXnH1PiX+sBLYuF74w1bh
JoJmvCZ56/E6J1pql1xv+xDpHfxtPfLMtSBZCpWdm12EteAD71OkKfB29ZZ5H4n/swiLkCvafzn5
kR418u1HvJM11PtnBc9Ab6aX793LZ/m9IeXeNvC9ysfd0Vcdia+5Hn0tdIf3Fj7LqjN3pJbNB17H
gGBlvPADil6frTgG4HL5tRG+xnKclv9zpsZ4qhu+pZC8PsTXm4/aO9RbdETZyOsarG6beIacQn+f
86wXviXfE+ewvq2Pfmuw3k3eYvm995N5jDUsRJlHtbkLx8E30atLJpCj7KrT/sje01/ffrkOfeT1
yjKWwtxL1u3N+Nt1FPdcJ9zzGEc7juYzjF3H2n6FZ8uO2n/w156o/6/H9tPJXEc/6c3rf5IVIvdY
jPFGyeu3ggAvckLuGW9+JCf7yviZXO/EL/XaKYzuBe9VIObL0XeLvNnE9we9wnkkICdQbBFQoowF
fwv0/SiKE5HrZzFHtfme97L3ZrTNJH4X9R+BDp538qOVejhKvS/K35XFLhs4VxZXRpi4INoHPD8i
94hEj589gsi9ve7y7k3iq3mFSLcjN96bjLXu9mgrFe5twTfwuld8CqPN80q8GV4+cm/jqJ7hDRB8
uB+r0Qx8z296U7wbsbZ+y9cA5ZMt8OZ6T0Z6jq4aqd7bv2pzq7ccUWXkyG1RnovyTu/HSDpxxnxE
23vleC+/K+jIVUrW6fLIV5jvernvoeIdF02OvGPlj9qOvIordzB9c/yRyCc66v6rP2I7MpLlbxVz
+Pvj4af8Omcs0j2ZrSL/wNHAUdYKvP7Gle7ykjtOf7zeE95w725vkuQ/wXyfznfKRNehCF/8wXsJ
6Y3T60dayozcyXJabWzytmAllPURv+kWzMNyzh351b3d4By7j8UAT7qvU+DcFWp/FPlVMRbGwf9E
362LHj/RUf85x/OxNq+/d4O30JtPSt6VeLcBrftGGIH3incA78Z5f/XO8WoDR7O8272bTqOvCH+s
cVrjjWJSJKYtv99w+pF7z+TmzToDbfDsXR5BdfDbo3592b/RW/rLKvznbhjNlzjm5Jwn5jBHiuWR
SoTpYu97SL9xr+ofvWG8D1Q8csGvFvyZ4/ntDUfbUOZOkTtdvVvAjj7D0RfZ96bYL73XvGu9e5F7
0Fsd8Z1iX++d/nhPsse9Fe/z+t/dyjnuntO/u/JY97qfyS3CDsG/v8KqdwbOWBzvHuXfrXuCM8p7
Xs7tf33qPVXYUs5IKye0gQudNnP1HjoTIzlOH1GkA7s97fPyZ+hXOl4vm8Bs/8tHypnbwHr2nrFv
JuE0xnEmjvc/8HrEqcxG8J6NkZrRJzvKzosslusMi3+38uBo2Xkn3+8fvZ3KMxBHtfGbV0N+p46c
reczRZFIOHJGp/xacOD34mM5t5tC+WSffL9S/xSe8vK2ytrxy7NkZefkTjS2C9L5J9/rn7pVPtWK
J3/lifiuBr4uXR7Ze6+L/Qb4fNyrEf9rG3j/D7/9zESFcgf++2M5se3EEPJUV/VjPit13L7kDoJf
nh2UKxblMytwzEplZflcVVW6Fsfcn7Adyd0jqIHo6Tg4K1di/oTzfd53Z7CtDRQ9o3zMJ44aylNO
fAX9k2PsPV7b/BzVhrKaZTk5w78h6inrs4309atxVXh3zy9tlo2Fn9c6alT8VFZTvkpzKlG7N8V7
2ltQ/hxYNMeMIHpO85PycTQ9arxPn3x/R9Q/hTuFvKVyVeLD8vdyDxD4pn3CV/pO4Om93+j7mM8m
H6fOFjlrxSu5YIG8W4RjL4IMgd/jl7KixFK7E3te8xj1T+X+h2X8vKWkfZH3YqNnzX8fHaKfpeqR
9xthfn3nfSppClUBJ90evZq0PnJMy1wbePIjPc7niFxhqxCte329272/e1NFN6D8nh6vm/fCSba8
6I9hzDzG3+7HO3ysq8qRK4q/8n13/Ks4p7rJPTJRZPb2gE/sAT9a6a36BYm8nfDxNeNW3lXy/kXM
gOVeb+8dfu+96f3Ne5fPmMu+h49oe02Z/6RGdKmX7430ukbfSQ4zcIDkn/ZmekMwD6aArS3Ayssl
5nsvey9FV20+O1+ZMuWa8zBvkPgi9yNOBa9+gn8PVkkovwvoiHNB3o9lT/Of1Hgf9Z5FrPZY9N1i
6XuK4Pxi+Q746us8b6/3LykQeWo/eodBdBa3OPle/6ztv/I09tG9bChDrMh15z9rO5XrVPilv6EK
Zx3KFRJOZO1JJL5/5wrJV6UsxJ41pO5XYB1fyWqSRs29z3GE8t8ab613Do6XAaS9yLoejVNxdEZi
qirR9y9Er1QoKn9iWvzP/c7nkHsrvGKsc9EzkF4HLxepm9efEr3IGlymoVGC1Nlr413pRZ9s8N73
VsvdEnzE7sCatCEavzamBrJyNpZSv39249jjmu7NhH22/P0CjuWOuLOiRzRzLV1OraiZ6MTUlT0V
P3vg8FIveHi/rJQLvZu9F3kN88LeXZxDq2OP6DZyD9jNpzDeQV4BPn+BvHGRGyS4eZes1J/it9x6
OPIk/SuiClK2yTfr3RJt4wRivGP2vf34ZY6qs1PuCGCeILNJZvMivPfJbv27fIdrxVIORq9o2XF0
7HpGdezupAsNZVSi60Wdbpio040RdbqxRk+jN403bjJuor+JLt0jxq3GWJpsjDMm0VxWp6MFrE5H
r7M6HS1kdTr6P+Nfxif0pspUTWmxylLZtITV6WiZOledS5+xOh19ri5U3WiFGqJuoVVqmCqi1Wq8
epjWqllqFm1Uf1dzaZOar16hr9Vr6jX6Ri1Ub9AutUi9Q9+pD9QH9L36j1pMe9US9SntU8vUMjqg
lqvl9KOpzRD9ZMaZCXSQFebIE4U5EoU5y6xj1jEcUZhzRVUuaGab2UZIVOViRFUuTlTlEkRPLtHs
aV5rJJl9zFyjMj8rZySz6puRyqpvRhPfK743jJ6s+mb0Y6U34wZWejP6W3FWvDHASrJSjJtY780o
sFZbG4zbWO/NGM56b0YJ670ZYdZ7M0aw3psx2vrB+tm4hzXejAdY482YxBpvxjTWeDOeZI03YxZr
vBlzWOPNeIM13ow3WePNWGL3tkcbK1jdTRms7qZ8rO6mLFZ3Uw6ruynXftKeqWJY100lsK6bSmRd
N1WVdd1UbdZ1U/XtD+yVqiEruqlzWNFNtba32l+rHFZ0Ux1Y0U1dzIpuqjsruqmBrOimivj5OBV2
latUqWu7jhrhBt2gutONdePUXW6Sm6RGucluihrtprvpaoxb062l7mXFNXUfK66pcay4ph50m7pN
1UOsu6YmsO6aeph119Qjbnu3g5rEumvqUdZdU1NYd009wbprahrrrqkZbn93gJrJumvqKXeoO1Q9
w+pr6llWX1OzWX1NzXHvde9Vc91x7jj1vPugO17NY/U19QKrr6kXWX1Nvcbqa+p190X3DbXQfctd
pt53l7sr1Gr3C/dLtdZd425VG9zt7vdqJ6uyqf2syqYOuJ7fUD+yKps6yKps6hCrspmGP8VfzQyx
HpuZ6K/lb2Am+Rv7m5hp/mb+ZmZ1fwt/C7OGv6W/jVnT39bf0azn7+TvZGb4u/gvMM/yd/V3MzP9
F/svNZv5r/ZfY7bwD/YPMVsGagTqmDms7mZ2YHU380JWazO7slqbWchqbWYRq7WZI1mtzbw32CN4
nTmHn9ozX2e1NvPf2tGx5ses02Z+rq/VN5q7WafNPMw6bT4f67T5HNZp8wVYp80XZJ02XyXWafNV
ZZ02XzrrtPlqsE6br7Gepef4MlinzZfFOm2+1qzT5juXddp87VmnzdeBddp8F7JOm68767T5LmOd
Nl8PvUFv9PVklTVfL1ZZ8/VmlTVfP1ZZ893IKmu+m1llzZcfo2Jc3+AYHRPjuzUmISbJN4yV1Xx3
xOyP2e8Lx1Ks4SslZWwE6sUg4oulODIoHn8mJWAd9lEy1m4Lq3pd+Ovhz6H6WAVdygBK+oGHbUgD
D/n/PLST/4DBiBkjiBkLxLwKta7GXzxwszda7EPXUXu6HhjaARg6BMzhFvx1pKE0jCpREf4qUzGF
0XMpEDYZCKspxQgZMZQqTwinGXHA3LOAufXhaWA0oEyjodEI/sZGY+QzgMUpgsVNgcWXwnYHIncW
vdAUozdwuZngcjPB5ebA5eHwlxj3UJYxxhiDNu8FUqcBqR+kbGO88Qi1NCYCtZsKajcV1G4qqJ0J
1H4W+dnA7kxg9ztYD9413qU2xnvGR5RjfAw0bytoroDmWbAtgOm2YHqcYLoSTI8TTE8STD9PMP1s
wfRWgulVgenPUnU1W82mdDVH/YNqqrlA+VqC8rUE5WsA5RfC/h+wvppgfR3B+nRg/X9gFwPxawDx
l8B+CtyvJrhfTXC/NnBfU10zBPSvJ+jfQNC/PtA/mRqZKWYKNTZTzVTqxCsB8lgJqCFWgvqwDcyG
qIX1gDJ4PUCt1mZr2DZmG+xta7aFbWe2QxmsDbBYG+DhZ63Pl2etL5Dnq8+X56svkGequ2CdKKV2
vhG+e8jAajGeYn0P+SbSOb5JvsmU6HvUN5Va+6b5plMV3wzfPyjFN9f3MqViRXmFmrGaKGXxukI5
vK6Q5nUFNs6Kow5WvBVPTXl1oWZYXT4j0/rc+pxqWMut5RRrrbBWkM9aaX1BFlad1fCssdbAs9Za
S461zlpHrrXeWk+VrA3WBgrymkQhXpNQcpu1jeKt7dZ2SsDK9DUZ1k7rG/S4y/qWEq3d1m6qwmsV
evzB+oGSrX3WPmpr7bf2Y2wHrAMYz4/Wj8j/ZP2E/M/Wz9TOOmQdQsuHbUWJtmn7qJ1t2RYZWOEc
wmJhuxSy/XaAYu2gHSTT1ramZDtkh6itHWPHoAxWQf6v7nYi6ibZlVA32U5B+VQ7jRLsqnY6Wq5m
VyNWQK0JW8uuhRZq27VRvo5dB+Xr2g1QvqHdkKrYjexG8De2G5PPzrAzKMY+y26C9s+2z0bdTDsT
rTW1m6JMM7sZ6ja3m5PmFRd9tbRbwt/Kbo2Sbew2aCHHbk+W3cHujJJd7C7k2Ofb52PMl9qX4XNd
bl+J9nvbfdF7nt0PvVxn90c7A+ybqb09yC6gDnahPRQ93mrfRh3t222gh11kF1Nl+w77Dox2uB3G
Zym1R6CdkfZItHCnfSdauMu+i4L23fbd6GWUPQplRtuj0QsYAKUxA6BMMICHKMueYE+g5swDKAU8
YBL2TrYnU6r9qA0csB+3H6cce4o9Bd/2k/aTsNPtGdSMNWBRHlwBLcyx58A+Z2OW2nPtuaj7vD2P
Otv/tP+Jll+wX8Te+fZ81H3FfgX+V+0FKPm6vRAl37Tfwt5/2W9TNhjGu/C/Z79HTcAzPkD5D+0P
4fnI/gglP7Y/Qckl9hKM51N7Kcoss5dhhJ/Zn2PMy+3ldJa9wl5BLe2V9krUBUdBrbX2WrS8zl6H
WlvtrWhtm70D5b+2v0b57+wfUGafvQ/fxn57P8Z2wD5IKcxjqDl4TAj5GCeespwEJ5HSnCSnCmU7
yU5VaumkOzWoKVhOfcpxGjgN6UKnkdOY2jgZTgY8ZzlnU1sn08lEC02dpijZzGmGMs2d5tib5SB2
BDc6h1o4rZ3W6KuN0wblc5wc7G3rtEVfrClgMGeiZsyZYMGZYMGZYMGZYMGZYMGZYMGZYMGZKJU5
E6UxZ4IFZ6KzmDMhD85EOcyZKIW1aqmJ28HtgFpgTvCAOaEMmBMsmBNlM3OilmBOiATcAe4Aagv+
VECxbqH7V5QBi0JdsCj4waJQcoQ7Au2MdEcif6d7J/xgVBgPGBXKP+g+SFnueHc8aoFXUXPwqonw
THIx69zJ7uPI/939O/p6xn2GLmSmBQ+YFgWYacGCacGCacGCacFud7+jc9097h708r37PdoB66JM
Zl3Ie67H/3vLT9TZb/gNSmEGRmlgYA6s63ephR8bZfoD/gDy2h8DG+vH+uuP88dRtj/enwBPoj+R
cvxJ/iRq7q/kr0Rt/ZX9VeBP8adQlj/Vn0pn+dP8achX9VdFL+n+dOyt5q8GD7gd8uB2GAm4HSy4
HSy4HSy4HSy4HSy4HSy4HSy4HSy4HSy4HSy4HQWY29G54HZXUFygR6AH2YErA1cif1XgKuSvDlyN
/DWBnpTEzA+eewKzSAWeCjyHPPgf8uB/KAP+hzI/Bg1SQRVMpfOYBVKriHYDs0BSzAJhwQJhr9XX
UrrupXtRDd1b96Z43Uf3oeo6V+dSbd1X96VaOk/nkan76RuQ76/7o/wAPQBlbtQ3oszN+mbkB+l8
qqMH68EoU6ALUWaIHoK9t+ihVA3M8nb4h+lh8INfwg7Xw2FLdJiq6lI9gmrqkfpOlLxL34WSd+tR
6HGMvg+ecfoBtAwOil4m6AmwD+u/ocxEPQljnqwno51H9WPIP64fR/kpegryT+gn0OZUPRV7p+lp
VF8/qZ+khsxcqQGY6yxqrJ/ST1En/bR+FvnZejbKzNFzsPd5/TzsPP1PytAv6Bew90X9Eva+ol+l
Rvo1vQCe1/Xr8IDvwoLvwv5Lv0119b/1IpR5R79L9fR7+j2UfF+/j14+1p/As0QvRZtgw2h/uV4O
u0KvRJlV+kvsXa1Xo501ei3y6/Q6ygJL3oDWNuqNVJ+5MlUDV76TqobuCt1NtUKjQviWwJvHUEbo
3hC+q9C40DiqHro/dD88D4UmUOPQw6GHqRPzaXjApymD+TQlMZ8mxXwaFnwaFnyakphPUzMwu/bC
p7sIn1bCpCO8uYwxMz+OEX4cQ3/BX4ww4wuEGXcVZpwgzPgiYcaVhRlXEWacLMw4pYJ+jyX6Pa7o
91ii32OJfk9A9Hss0e+xRL8nJPo9luj3WKLfY4l+T6zo91ii3xMr+j2W6PdcKPo93US/J1H0ey4W
/Z5LRL/nUtHv6S76Palg6kHw5pAREo6eQi2MVCMVHJqZeisw9UuptXDxK4wrjb/Az1y8jdHf6A+G
fatxK+xtRjF483Aw8pZg5GOoLbj4vcjfZ9yH8szIW4KRT6L24OJTqANY+EuwLxsvU0djvvEm9jIL
v1pY+HnCwjsJC+8MFp5JprBwswL/NsG/zxP+fSH4dzdh4aww5BOFoXhRGIoXhaFKojAULxz9MuHo
56h71Vhqx8r+1CPK1JmXN1bPq+epoXoVvLy2MPK6wsjrq4/UR+DfzMVrqqVqKfyfg3/XFNWidPWF
WgNGvk6tg2UFowxRdWukNquv4NmqtsKytls1UTaqo75Ru5BnfaN66ju1B3lWOWqgflYHkWeto+rq
sPKomige1TINUyHPukf1TMu0kGf1o1qiflTHDJpBeGLB/psI728mvD9LeP/lZppZFX5m/03M2mD/
Z5v1wP6bCPvPNBuZjZDPMDNgm5rNqTkigZbItzJb0VnmOYgHmkg80NTMQTzQxDzXPBftczzQRCKB
KyUSuEoigSslErhKYoAuYP8TKQa8fyolCONPFsafJoy/lW8+GH8bMP5F1Nb3ju9j6ii8v1MFTSZL
NJliRZMpUTSZuksk0FUigQ6iz9RN4oHWiAeWkS0xgGN9gRjAlhjAkRggRti/I+w/2dpsbQbL32Jt
hYd5vy2Mv4ow/q7C+BOE8ScL40+x9lp7YZnTdxFO7winTxBO30U4vbJtcHpH2LwjbD5FWHsX4euO
MPUEYeopws67CC93hJcnCy/vAi6OuNduAkZuCxdPEC7eJcrCs+wslM+2s1GeuXgXYeERzu0Iz3aE
W18g3LqrcOsE4dYXCbeuLNy6inDrZOHWKcKeU+xx9jhwyvvt+8EmmT23FsacY0+0J8LPjLmFMOYO
9lR7Kngkc+Vsewa4co5w5TThym3tp+3Z4PFzwJLThCVfIfy4rf2S/RJqMUvOFpZ8BVjyq6j7Grhy
mnDlVsKV29r/thehhXfsd1CeuXK2sOQ0YcmthCW3FZbcyV4KlpwjLLmDsORsYclthSW3F5bcWVhy
C3uNvQZ7mR9HmHELe6e9Gx7mx62EH7cWfnyFfdg+DIbKzDhHmHFbMOMqyDMnbi+cuINT06lLHYUZ
dxJmfLUw4/OEB3cQHny18OBOwoPTnJZOS1hmwJ2FAXdyznXORZusKBYrWmKWaInFiopYrKiIWaIi
FhAVsUtERcwSFTHLudy5HL2zlpglWmKxoiLWTVTEEkVFrLuoiKWKiliqqIhZoiJmiYqYJSpisaIi
llhBRSxWVMQCoiIWKypiqaIiZomKWKyoiFkVVMQsURGLFRUxS1TEEkVFLFVUxCxREYsVFbHUCipi
lqiIxYqKWHdREbNEP8yqoB9miX5YSPTDYkU/zBL9sO4V9MMs0Q+LFf0wS/TDYkU/zBL9MEv0w2JF
P8wS/bALRT+sm+iHJYp+2MWiH3aJ6IddKvph3UU/LFX0wyzRD+sm+mGXiH5Y9wr6YZboh6WKfpiF
GCaRWiNiqUsdJD7p6NZ36yM2aOA2ANdv7DamVm6GexbijSZuE/gz3cxo3JLtNnObU2eJXrLdbLcV
LMcwndw2bhu0wzFMR7eLez7sBW43tHaRezHKXOJeQi3cSxHJtHW7u5cjQrjavRp7OZ5p7+a6uRhP
P7cfakWUGDnC6YQIZyD64ggnxv2rOwTt3OLeglq3urfSee7t7u3wlLil+BQc57SW2CZNlBuzJcLJ
cR9wH4DlOKezxDk57iMuUELinGyJcNq609xp8Mx0Z6J3jnY6SbRztfusOxu1OOZp6/7D/QfKPO/O
g30RkU/QXetugv0KMU9QYp7zJebp6O5196Jljnlauz+7P+PTccwTlJjnCol5OkjMkyPRTrZEO60l
2sn2hxDh5CDCiaf2EuF0kgjnPIlwOiPCqYwoqIo/GSVTEOG0ktgmTeKZjohn6qOXRohngohnsmCz
/a1h2yKGCUoME0QMcyksRy9BiV6CEr2cj+ilRzRi4VjlGsQhPSVi6RXoBc91geuoXWBgYCDsoMAg
2MGBwbCFgULYoYGhsKxFFy9adPGiRVdJtOgqiRZdvGjRxUvkY0psc1kwLViLzgl2DV5G7YLXB4up
hyjV+STa8SHCaYwogmOYxhLDNNQ3IIapqW/SA8HUOW6pKRFLY0QsBcgX6r8icrhN3wYPxyq19R36
DnhKdCmiFI5P6kp80ljik4aIT8bCcx+ilIYSpdTXD+oHUZ7jk8b6ET0ReychPqmP+ORRtMbxSV2J
TyKRSW2JTJro6Xo67Ew9E5YjkyyJTC7XzyIyaYrI5Dn4/6HnUqZEJk0lMmkukUkWIpMX4XlJv0xn
6fl6Pkq+pl+Dn+OTs/VCxCdN9Bv6DexdhMgkU2KSLIlJLtcf6o+w92O9GH6OTJrrZXoZSnJMkqW/
0Kvg/xIxSXPEJGvQ2lpEJtUkMsnU6/V69MvxSTOJT87WmzQ4nqgDZogeaSO9Q++Eh5UCa+ldejfy
rBdYT/QCa4leYIboBdYSvcDqokdaTR/Sh2BZOzBDexoMUBQE64CYgwGKjmB10SatJmqC6aJNWk00
BeuJpmCGaJM2CsWEYuFnfcF6ocRQIjysMthAVAarh5JDqdjLWoMZojVYT7QGG4jWYJ1QrVAt7GXF
wXqiOFhLFAfrhAaGBlJNicTqIhIbKZEY5kPontA9iNDGIPqqK9FXc4m7Lkfc9QjyE0OTKVOir+ah
x0KPIc/KhfVEuTBdlAszRLmwgSgX1hPlQh8ZaXuqjgD51eZYWkfUtydSX6T+SIOQhiANK381Cmfj
NYx0N9JYpPFIE5GmIM1AegZpLtJLSAuQ3kJ6F+ljpKVIK5HWkhrxoSTqu1mSGrEEaTnyO5B2I+1D
OkiUp5BcpBikJKRUpBqRMeTV+43XjEhbec2iieu0Qmon+yivE1LXyHilzozIZ8zrjnQVUq+IP/qq
RqyWZBTOQ5qP/MZyXyRtQ9oVzS9H2hvN/xRJIymabCSNlICUjFQtUnZkHSlPef2Qbox8T3mDy7/z
SNlGUo7yhiIVI41AGh39DOMi/Y3MjH7WCUiTkaZG98+K7s+Ophz48Dvm8edZiPR2+WeJfOb5SAuR
3kZ6H2kx0mdIq5DWI22Jvu6s8FpWfg/Sgejrqmi9AxX2Hybq50MKIMUhVUaq+ssr/379aiE1OOFX
NbLjL78Vf7Z+TaK/9cmm1COTzO+xkX5kXqVGykm/FVMWUutfXsvbiLSrRl4Af3ukLtH5h339Lvrl
td/lSNf44vusz+9asqTv3QUk1harYccWJMCOL0iGnVhQDXZKQR3YGQWNSpZwrdJefZ8pyCzt12dL
fveS5X125l9Vsrrv3IJssTnl+ZcKOpas5r2lN/bZk9+rZGPfBQUXlGyM5KP2QH6/km193yq4RGwP
2Hcl/67kPy7oCbu0oC/syoL+sGsLBpVs41qlg2FvRP5w/uCSXX03FwyB3VEwDHZ3QbhkF/tLh+b6
8oeW7O27r+Bu2IMFY0uLcwP5xSU/5amC8WInip0C6+Z1go0pmAGbVPAMbGrBXNgaBS+V/MS1Skfk
1StYEJ6SG5c/IoxvtuCtMOVWzh8dttmWjs6tmj8urPOaFbwL26rg47BmT+m4iD9qa+VPCCfkNsif
HE7Oa1ewtNx2KlgZTmZ/6YSobZI/NVwtr2vBWrGbYbtL/qqCHbC9CnbD9ivYB3tjwcFyO7hQlU7O
G1rolk7NzcqfFa6TV1wYE64jrTWKekYUJpVZ9pTOym2dPzucmTe6MFVsjbI8+0tn57bPnxfOzhtX
WC+czfnSebntCzOQ75I/P5yTN6GwmdhW5fnJhe1gpxZ2gp1V2BV2dmF32HmFV0m+VziH65bOz70o
f2G4Y+7l+W+HL8ibX9iv3C4s7Fe6MO/twhvDF+Rek/9++JLcPvmLZQyDxQ4tz79fWIyRXJ//WbhH
3uLCEeX2s8LR4R65A/NXhXve9FbRCLGjxY6DfbdoAuzHRZNhlxZNhV1ZNAt2bdHscE+uNar4ps1F
80aNyC3MXx/um3tb/pZw/5t2FM2H3V20UCzn9xW9He7Pe0eNzh2evzNs33Sw6P2wPVDl7xw1LmJz
78zfEx400C1aLPYz2BjJx0g+qWgVbGrRetgaRVtg6xXtDA/iWqMmwB5Afkz+4fCQgRlFe2CbFR2A
bVUED/tHTc59YLAvPGxgu2K2nYoDo6bm/m1wIBwe2LU4ju3A0ZKvDNu9uCrsVcW1YHsVN4DtV9wE
9sbirHCYa42aNXBwcetRs3Mfy90Yvnvg0OL24btznxwcFx7LdmSd3KcHVw6PH1hc3AV2RPFF4fHs
GTUv4v9/7H1/UBvZnedrIQuNh2EYhmFYhhCGIQwhhBDiEI4lhBCGEMIQlhDWSwhopO6W1N1qpFar
JYNoCSFk4nAU4/US1uc4PtbnoxyHcijOIZzjEJ+P9bIUoQjrY10cRbwUIRxFOIewPody7vueJMY/
ksz8sf/d1be+Hz2/fv36/fi87/f7nrvtCF4R09ShtnExUz3HhToaDrG/4zisHcjvvRbBSTFHHeFO
d7QSpA/Twx0c4PkOO+DFDgXwcocX8GpHAPBaR1/vde56x4DP2HZDzFdHuZsdZ3pvktrGIjm3O84C
zmPEOb23226Jx9QJbqnjAsFL0TTO751vmxVL1CnubscVdQqne5e4tY7x3rttC2K5Os1twMgDdkwe
prc7bgDe77gF+KBjFvBRx4I6zWs77gAe7VhRp/G9vWttd8QqdaZtRaxV5/iEjntPYXLHpjrXdk9s
UBfbNsXj6jKf1rFDcO8wndnxUF1u2xFb1VU+pxMdYn6nTl1t2xNpdf2du/Z+gqcB10h6wz4MuG0/
D3jffhHwgf0y4CP7VXUd3+W7adTar/lutz0UOXXLgES7ums8ar8OmEAwmWCa/aa6i6/65g06UVH3
DTr7bYw4bcy0z/viDXGiVz0w5tiXCN59Kp1vXwM8Zt8ALLFvA5bb76sH+C7fkiFRDPg0hhSxz6c3
VtkfANbaHwE2OLSAxx1HfXpDujjgize2EqQdCb67hizxjC/JyDmSCaYRzPQlGbIcOZC2O/IBFccx
QK+jBOdD+TVjwFEOOX2OKt+GIVc860s1DjhqAc84GnyphgLxgrqI0bdtPOs47rtvKBIvQfkLjlao
ochBY4SctXB+BEvFK74MQ4U4Dm275OAArxAcd9hhZHD+A+OkQwHvSdKGanHSl2284fASDBziLUcf
4KxjAHDBcQbwjuMs4IrjAuA9xyXfI+Om44pfC/Xc8OUZ0h3jgBXiLcA6cRbaueOYBNzDSHLWDI3i
gq/Q+NBx40nE+X7Ytjpu+bJNOsesP8HQLN7xFZviHAu+Ypz2JxuaHZBjMIgrpF9hvBdNmxIdm4Ap
jh3AdMceYJbjIWCuhAALJB30Hd/7wMCK93xlBkHc9FWaiqS4p7BUSvRVGiRxx1dj8Ih7vnpThf00
RinlEKuldF+9QRUf+ppMdVIWYCPBZikX0CAV+NNwTOLPNLFSEcQnEBv4c0yCVNq1aZKkCkCPVB32
4P587Af9x0yqVKemm4JSo5qOPZG/xHRKasZeSTIAgq/xl5sGJVYtMg1JAvgXWC/+KtM5SVLXMW/9
taYRyaMemEYlFXBMCoY55m/A8+s/bpqQTvmyDdXSICCMg7/VNCUN4TGRzgGGezotjQDOSKO+euJx
NvhjnXHgfbDl3+ZLOhNVgS/vTAGs6kyP2Of72Mr1PuBrO7PUkbbJzlxAbGce8Q2dBdjmdBYBgiUJ
afnjnaVgPVo7K9Rlwvw105w05qdNi9KEnzMtS1N+u2lVmvYrpnVppmvFtCXNdd0z7UqLfi+UWYYy
+9KqP2A6kNb9fbRG2vIP0Hpp13+Gjpf2u3baaqUDtYJOcmr8Z+lUp95/oe24M16tozOcSf5LbTnO
VP+VtnxnhppOZzuzfbfpPGeef5wudBb6J8PxBl3sLPbfoMucZV0LOKLw36IrnZX+WbrGWYNnwVkf
9ex0vbOJYAtgE7RtgW5xGv13aKPT4l+hLU7Rf48WnbJ/k5adHf4dusPp9++FY9p3NM4QRHHhOIpE
KbTf2Q+xK4kb6ZDzNGC/cxiiOMyNh+8YnYD0aefFbkQPOy936+jzzqvdcfRFXLJN67zWtUdfdl7v
TgxHboZzzptdC/RV521Y4yRGpa8557s230l1LnU9pK8778LTLc41GIebzg3A285tNYued96HGOyy
8wG0Z8n5CPCurPUPGPblo1D/mpzQnUJvyMn+BTwC3en0tpwW5nZ3Fn1fzoR6Hsg5ahH9SM7vzmW0
8rHugnCEyRyVS7qLmAS5vLsUr4vuCiZZroIoHWL17uowMmlybTgC7657DBsJNpOnGAiyTKbc0LXJ
5MjHu3aYfLm1aw9H1N0Cc0ymI2mJoAevr241MpIQD3cHCZ7CreoeZEpkrnswnCY4xJTLdjWRqZIV
iIchKu4+x9TK3nAM3D3yGI5CpCqrWUyDHAA8jhFHrd1jYWRa5b5wpNo9wdDygFrAcPIZQMiHHLt8
Nhy1+svfw+4pvOq7pwnOhJFR5AsQi0JE2j3HeOVLEHlCXNq9yATkK2od0yePA9rlSYg55+UbEFvi
eVkOIzMg3+peNWbKs7C6sWWOZ87IC+A9M+U7kD4rr3SvG9Lle9gjyJvdW8wFecd3n7kk73XvMlfk
h937zLgLdR8wky5dQBOx7cR6G5pdcQE9c8OVCNbY40oJxIctIXPLlR5IYmZdWYFUZsFRFchg7rhy
A9nhGMDIuQrAFxAvw6xgux320cw9V1Egj9l0lQYKmR3sbZk9VwV4PbBagWLjgqs6UMw8tC8Fyoxn
XHW+VBa5GgOpEb98ydXsi2d1LgOOJVysus7GuQTs012SesAmujy+JDbFpcJzV1xB7L9cYAPZdNcg
5Ge5hnxJpgLXuainYHNdI4FKtsA1Cm2DWKI7kS1yjfkXcO8CNWypayJsaX1LbIVrCuqpdk2DFwCf
G6hn68TxQBP2U4EWttE1EzCyza65gIU1uBYDIh63gEzq6WBZ13LAzwquVdjjgA0PhMLRDkZ/axij
UY2oBPoxhnMCpwkO4zYEzhO8yEqudZ+G9bi2fHpWxdEIjkz8rWzQtRtOg78DhLvAFwQuY6sbuMye
cu2H44rA1QhCL/wN7KDrAPwFSZN+XWaHFI0vgz2n6CGigLgicI0dUeLDUQS06hADw8ZLSpIvjx1V
UgHHlIywx4d6AAPX2QklO+zlAzfZKSXPV8hOK4WAkA85M0px2MsHbj+G89hPBZYIDhO8y84pZeC7
wYMH1thFpRI8NfjxwAa7rNT4athVpR5wXWkCL1antPiayJhvE7wfGZktxegrZncVi6+S3VdEXz17
oMjqulmjdAQe8HRndegoz3XWBet4e2cjoNLZrA7y3k6DyvKBTlbV8X2dQigBykhwdaDTE0rmz3Sq
cPVsZzCUxl/oPBXK5C91DsJu6ELnkHqKv9J5LpTTdqZzRFX58c7RUD4/2TkWOsbf6JwIlYDHnFJH
+Fud0z19/GznTKicX+icC1WFdwdts52L6hR/p3M5VMuvdIyHGvh7nauh4/xm5zrs4zY7tw7j8J3O
3VArv9e5D+mHnQc94wLyakK0oPPqQ5wQ540P2YVEb1JIEVK8qSGvkO7NCAXCO1CuxpsNe67wTofs
KYQsb16oL7zLE3IhRxIKvIWw5wJfHxrgLnqLQwN8jrcsdEYo8laGzgql3poQx+Xhkm0D3nrVI1R4
m0IXwvss67S3JbqfDe8xhWqyr6zhNvCOz2s8fPplrwWQ7JWEOq8IO6bwHucR7DGnhcbO3e5Srswr
Q/3N3o7QJcHg9cM+C0YgdEVgvaFIrHJaELz96oggeU+ry4LHOxwaF1Tv+dBkeD8oBL0XQzeEU97L
oVs4zgnNCoPeq7Cnhp11aIHgHWHIew28BuygwV8AhlYw+sieOnQPPyW0GUbhnPc69GgE9lySMOq9
qXrw/je0I4x5b0fSewQf4njpJIqMJOxeT+oiCK06GSdMeOdPxoXTBBOFKe+SOiRMe+/C7hX2sCdT
hBnvWnjHejL9Mczibns3YMTmvNuAixjxHtN/PIzCsvd+eF95MldY9T5QJ4R17yNAyIecrS5teI95
suAxLMJR3MlSghVhFHa7jsLOEfaPJ6uF/a4E2CfCLvJknXDQlawu2jRdaYD6rkx12RbflRNqxfNy
spFgc9tAV35ox5bUdUydsqV2lahztoyuciiZ3VWlNpv1ij/wiOwdiD8itgv2LOZ4JdSjNScp/T1H
DTrldHeiOVUZxr5DOd+TYM7ACOmLPcnmbOVyTxrg1UPMU671ZJoLles9OeZiuEsf3tOZy5SbPfnm
SuV2zzFzjTLfU2KuV5Z6ys2p2H4SfGBuUu5272Jr2VNFsNYYUNZ8SeYWZaOnwWxUtnuOG4qU+741
s0V50NNqFpVHPTRBDtvJHntkbwXYo5hlt7bHG95nmTvcR3sCZr87oafPHHIn9wyY+91pPWfMp92Z
gMPunJ6z2Gb2XCB4yXzend9zBfCYT2O+6C7pGTdfdpf3jId9ivmqu6pn0nzNXdtzw3zd3dBzy3zT
fbxn1nzb3dpdSqyo3jzvplXWvOTmehbMd932njvmNbfSs2IQ3F5fpXnDHfCVmbfdfepE2ENh7Lln
UMEbQto9EOgIR25MgvtMz6b5vvtsz44BuS/07JkfuC/1PDQ/cl8JPDLnucd7Mi1a92RPvuWo+0YQ
WRLct4I6S7J7NhhnSXMvqIOWTGU4mPh4bZYc951giiXfvRJMtxxz3wtmWUrcm8FcS7l7J1hgqXLv
BYsste6HwVJLgwcFKyzHPbpgtaXVExess9CeREDOkxJMjKDdk66uWxRPVrDR4vXk9gQsAU9BsNnS
5ykKGiwDntIgaznjqQgKlrOe6qBkueCpC3rw/AZVyyWDJxi0XPE0Bk9Z0jxg8y3jHkNwMDx3lkkP
Gxyy3PAI/gHLLY8UPGeZ9XgAFzxqcMRyB24dtax4TgWSDNUe2GFZ7nmGADc954Jjlh3PSHDCsucZ
BXzoLglOWZFnrHvVqvNMqDprnGcqOG1N9EwHZ6wpnhlVsKZ75oJz1izPYnDRmutZDi5bC8SF7lJr
kWe1p8Ra6lkPrkLJLShZ4dkNroefYq327Ae3rHWeA/+CtfGEJrhr0Fly1H1r8wl9cN9QeiLel2E1
nEgKHljZE6m9GqtwIqNXb5Us3l69ofEEeGer50ReL8RyJwp9TVb1RHFvkjV4oqw31XrqRGVvhnXw
RE1vtrnwRH33LsbevPCu3zp0oqm30HruREtvMY5eestwlNJbiU9RemvCK46cYPRHTiqeXB03ImcF
5GSgt946csLYk4P9e28T3oP3tmA29hrDp0PEPjywjirDUD+JxKxjJyy+JXP2CdG3FDm9Iecq1gnR
3msx3z8h94rhXb916kRHr4zn2t+ANOhVapf63whRv6X2kYZ6SP0Oaanfayik0xzR6NBzmuc1ceh5
TYLmJfSC5hVNMnpRk6p5Db2kydS8gV7W5Gg+il7RfEfzHfRqTHXMl1DKkaojX0SpR6QjTpR25KdH
forS40HQh+Mz4t9GGfH18S2oLr4tvhd9Pf7d+J+gQPzt+G30g/id+H10B1rzF0hL/veDePQieg69
hBrR86gJGdFXEI2+hVrQv0cDKIgG0c9RCP0T+gWaRf9CHUX/g4qjXkC/p16kXqEoCn/jpMfvTVKv
Us2UmUqjrFSIyqX6qDNUNTVMfYf6GvVfqJ9RX4/5fsz3KUUra12UW+vXBqgT2j7ttyiv9l3tu5Rf
+23t31Ld2u9q/44Kase0V6lvaq9pf0T1a3+i/Qk1qP3v2r+n3iXfY57RLmp/Tn1bu6pdo/5Wu6H9
FXVO+2vtr6kL2t9q/5X6j/gtOurikZePvEz95yM/P/KIGtUd0WVRS7o3dW9Se7qP6vKp3+o+oyuh
foe/8KB+r/uCrlKj1VXp3tbodF/RtWjide/oaE2ajtVJmgydS6dqPq77pm5A8xndoO6c5rO67+ou
aWrwlxOaBt2Y7h81X9XN6+Y1Dt2Cblkj6VZ0K5pO3ZpuTePV/VK3penC72NpunW/0e1pQrp93SNN
XyyKfUHzbmxi7Cua78a+GvuG5u9is2M/rbka+/lYQTMd64w9rdmO/ZvYv4mJi/127LmYF2K/FzsW
8zL+f1VjXo39YexkTFrsVOxPY9Lx+0Ax2bH/FLsccyz2buxGTHHsr2L/NeYtfbZ+PKZR/5vnXo/5
Rfzv4n+nxd/LCagPMA6l46+NK65GVA+ah7IFY/UDwVJZ/aU7lQWCKMhCR/Wa4BdClUL9oHBNuC7c
rJwSbgvzwpJwV1gTNmqP1mYK/bWKcPqtmrcswrBwXrgoXBau1ma+VQms0gLHdwnHf4so6vfU75EG
GJ2AYuDah8ibqEjzPc33EKX5vub7cO2q5gcoRvNjzY/REfImqk7zM83PkJ58Cfac5ueaJXSUvIMa
R94+fUHzC80vUDx57/RFza81v4bVgd8sTYyhYqjD/zX4SIwOJZMvx1JikmOS0Z/FpMSkoFTypuhr
MTkxOehD5Kuw9JjSmFKUQb4Bez2mPObzKJN8FZNF3tn4CLQ/jkokI4cR8beQl7/Fz/IL/B1+hb/H
b/I7/B7/UED8nqAT4oREIYVoupAl5PI7QoFQJJQKFUK1UCc0Cs2CQWAFQZAEj6AKQeGUMCgMCeeE
EaKjwpgwIUwJ08KMMCcsCsuPi61JWBXWhS1h91D2hQObxqZ/TOJtSbZUWwbkZj8hLbZsKJtnK7QV
CwdRsZXZKm01gFjqbUZh12aBsqLNaJNtHTa/LWTrhzqzbadtw7bztovQf+o5IWI18DfrL5ExSQGJ
QWkgWpSN3kRHUB5ILPoEiB6VgDyHSkGOojKQ51Eleou8Xf5lsDr4u8sX0V+hZpSAWkESwe7Q6GVk
AUlCTiSTLy47yLeWPvJGeQ9KBXv0LnoNfRvkQ+g/gKSj/4QuoQ+j74G8jsZAMtGPQN5A/xUkC/0Y
5CPov6Fb0L5ZkBzyv2F/FC2jf0a56H+C5KF/Afk4+iVIPrqPfgNtf4D+D/okegTyKUpDxaJj1FGw
fSXk/fE/B9uXgErJ++NlVDr1Ovoc9Qb1BvoC+d6zEqxhPfmisxlVUd+gDOiLlJEyoi+Td8lryded
b1MCJaA6qp1qR1+hXJSC6qkuKoAawHaG0HGwnt9Ef0V9i+pHX6cGqUH0DfJ1ZytY0knURk1RU8hE
TVM/RTQ1Q/09Yql/oP4BWah/pOaQlfCXByuQgwR9rj4XtZO38+z6T+oLkYO8kefUl+hLkKwv05ch
F/mSSCHv37n1Bv076ITepDehTpjbDbRPuF+E/2UJbgJ0CnQadAZ0LqKLEV0GXUV/yU1x09wMN8ct
csvcKrfObXG73D7gAa/h9SDxfBKfymfw2XweX8gX82V8JV/D1/NNfAtv5C28yMt8B+/nQ3w/f5of
5s/zF0Eu81f5a/x1/iZ/m5/nl/i7/Bq/wW/z9/kH/COhT9AKR4UEIVlIEzKFHCFfOCaUCOUgVUKt
0CAcB2kVaIET7IIieIUAyIBwRjiL/wfRI8YjVnCC34hvJf++wlv/Zvx+G+RFwvIEwvKXCMtfJixP
Iix/hbA8mbA8hbA8lbD8NcLyNMLydMLyDxOWZxCWZxKWv0FYnkVY/hHC8mzC8jcJyz+K5kByCdc/
RrieR7ieT7j+CcL1AsL1TxKuf4pw/dPAdQ0qIvz+DOH3v6M+RKUD7zGzSwmzP0uYXUa+j/gcYXM5
YfPnCZsrCJu/AGzugjXgo3ywBvBXEl8kbK4mbK6h/pr6a1gPmNO15PuItwmb6wib66k54HEDNU/N
o6/qv6b/GmrUN+ub0df0Vr0Vf6+d4E84BfMUB2P/PKIcrcC7QtBi0DLQykheDWg9aBNoC87TvsQd
cxTxi39aSZllaYkrcZRy5Y4KfvVJxXlclaOaXwfdku5i5Woddfzun1ZchmtwNHLHHc38/nuK/8y1
Ogz8gcMgaKQ1jnawgv5PKykTL21wnEMQkhwCZ3dIRBWHR0gFzZBEks6WtoU86T7ndahcwBEUCt9T
8udi6QHX5zgllL2PVkqPhBqnlhtwDBI94xjizjrOCfVhxWncN6HpPSV9veAYEVocI/iX6CXHqGB8
f8XluCuOMW7cMSFYnlRu0jEVrfdx5W44pgXxPeVuOWY+iNpblbPcrGOOW3As/kG941jGaqeVC1i5
FcfqB9J7jnVu07H1jO44drHaOecAt+fY/yBqtyuXuIeOA6w8kjREdZIeq11RruDfdtF1mTdIRj5O
iucTpaSn1e5VxvkUKfX91B5QJkkd6VIG0Swpm8+V8p7QAqnwGS2Sip/QUqnsA2uFVMlXSzXPaJ1U
zzdKTc9os9TyhOJ+fwAVZOdRnpUsvCCJf1DhmtDhTBD8zmRSTpLkD6QeqYNXJf8ziusLgfY70/ig
FPogKpx2ZvKnpP5DHZROHyq+Pgx63plD0hed+cJl5zF+SBom7X1KhavOEpI+J51/PxWuOcuF686q
J+oYkS4+oaPS5WcU33vTWcuPSVeF284G8jvvPP6H2vNHdUK6xk9J15/RaekmPyPdfkbnpPnHVVhy
tkZt++O2OGorD23cXSd9aIPWnNzjduSQJ4/Pa3ReomO04bQfju22U3m8TcSW9IFNgbVvHwjbAPuZ
8Pol6+qslEr8BvDdfgH0knIjymf7FfiF5+Drwn2nV3jgDAiPnH02rXMA+xfbUecZnI/7ZktwnrUl
Oy9g+2pLc17CdtKW6bxiy3GOYx9gy3dOYttO+gx8tx1z3ojaZ1uJ85at3DmL+22rci7gsbDVOu9g
24nrJNrgXLEdd96ztTo3bbRzx8Y592x250ObIiM8vsQH4bGEMbR5wU9G/JktAP4nMs62PqhnQNbh
Osi1M3Kc7ayciP3Ooa99bI4O68Qa8SlRX4DbhH2j7YKcQtp2SU6PzjMpj20/zD3xy+DzSN+uyFk4
zzYOPrwkrNhf4/F9QmvDfhn7K+KP4TlRX4x/iQJ/SN+e8rHkWaC2SYeKFfvYqF+Nqu2GYxDroY/E
PjPiGx/3lU/4yIifjKrtFvhBmGPi+8Af2mYdU1gJb7GfuxHWQ5sFaluQc8nvHbnAtiIXkXywH7Z7
cqltU66w7cjVtj25juTjNYx9CV63sI7werI9lBtFJDdjWyTqZANZF9F1ELGLhFtQD7ZzYhzYpsga
IfMFdgvfH7WBz6ytp9bVoX2Jth/qwHZTTJRZPOdiiiwc3o/Lw3oT02VJzJI9uN1irqyKBXKQ2HDc
H+iDWCSfEkvlQXLf+9mfSLvEiogdj67x0GNlIm0mfX3KHh/2B9vhqP6xZ/0ReypWR37rpKu4T4f6
tJ183FZi+xi1kY/bRChL6sFl8DUYA7HRWWsfV27ZJ5VZrDi2wfNN4pobygLJA5slLrri7beUO9H4
xT6rrIhBeZrYMYg77AvKPRJTgE0Tx+QtUZWnojGB/Y6ySWwa9v84bsC2bkXZwT7afk/Zs28qD8Vp
+cC+40b2PbfO/tAd50DuRIfOneKIc6eTmCxiL8m9ODaLxE0k5onGKLiuSB34miPRnYXtJW7XYWwX
jcP23rPBRKMxTCT2wHXheMyR4s7F8Y4j3V0QvZ+Uh/6QP8N4kXUCfXNkuYtIHo4boxqJE5/Qp2PB
SOz3hEbG9em47lBxLBbVp+O6aIz2B2IzR25Y3zc2w7HX4/EXjrmicddjMRZuK7kXl4mMyTNrC9af
2CwPPbOuDPK5aIwlsvKIKMij2BZFy4mSPIZ5LXrkCcKnqB3AZfCaA/6R31PyjDgoz5H0kLwonpOX
sT6+3sQReRXbCHFUXif8nJB3n4ljQMUpeZ8o8BErWYfYbs24NOR3zqWPrkG8JsRlV5K46ko9XH/Y
Bq27Moit2XJli7uuPHHfVYh9T1Rxf/Eei6w/6LN44Cpu17jKSN1gP9r1rkrSz0j59nhXTXuSq749
1dXUnuFqwbaoPdtlbM9zWdoLXWJ7sUvG/o/4QGyfICZoL3N1tFe6/Nget9e4QmTPAr6wvd7V397k
Ot3e4hrG49VudJ1vt7gu4n1Cu+y6isepvcN1DZdv97uut4dcN9v7XbdxDIjtf9Q2t592zbcPu5aI
Qn3Yz2But5933cXj3n7RtdZ+2bWBedZ+1bVNbBjMY/s1131y7brrAanjpusRtuXttxVt+7xytH1J
SWi/qyS3rylp7RtKZvu2ktN+X8nH49v+QDlG7Bju/yOlBP/atUo55oP9qFJlT1Bq7clKgz1NOX7I
H4jBcfxhz1Ra7TkKbc9XOJIfsbn2Y4rdXqIoZP5gndjLFa+9SgnYa5W+Q65G9wFRHwVpe4MygMvY
jytncB7SICo+FD+I0P//G5T/h/4GZRvdf+/vAeh9JDCpTAaTzeQxhUwxU9aoZSqZGqYesIlpoffD
wmRgZYyMhT4ICyMyMtPB+JkQ08+cZoaZ88xF5jJztXGAucZcb7zB3GRuM/NMfEROE11i7jJJEVlj
Npht5j7zgHnEatmjbAKbzKaxmWwOm88eY0vYcraK0UQFStSyDexxtpXRh4WlWY61QzmFtBC3CJfE
1/Dz4An4nP+Fy8DtL/2bnIO+DWvjKyAvkXPQRHIO+jI5B32FnIMmIwvi0KtIAEklp6GvkdPQD5HT
0A+T09AMchr6OjkNfYOchmaR09CPkNPQN8lpaA45Df0oOQ3NJaehHyOnoXmw5uZQPpoH+SQ5DS0k
p6GfIqehnyanoUXol+hX6DPof4GUkDPRPydnop8lZ6KfI2ei5eRM9PPkTPQLVDqVjirJmehb5Ey0
ipyJfpGciVaTM9EvkTPRGnIm+mVyJlpLdVE+VEd1U93oL8iZaAM5E/0qORP9GjkNbYKV/kP0l9SP
qB+hZnIm+nVyJvoNcibapj2l/RYykH9p0Kid1P4I0bCuZxCr3dT+Cllg/e7DWFLIg9T3uGqCHpvu
mFZM90ybph2QPdNDGHgdHUcn0il0OhGWFmiJ9tAqSJA+RQ/SQ/Q5eoQepceIZNG5dAFdRJcSqSBY
TdcBNtLNtAEL5o3mY8Cbj0d4k0iejxmjgTl6E9iDuaKF8S8E9mCu6AhXYoEpbwGH8Jn5c8COZuAQ
5sfzhB9x5Jz8BegXD0zCbEgALrwLfMI8SAQWXAI+YQYkoR+AvEIYkEwY8CrM/y3gLT4P/zOY838G
huFZf43Meho5A/8QzPwWSidznEElwBy/TmY3k8zrG2RGs6g2yoA+Qmb0TZhRO8qhFJjRXHLK/TGq
H2Yxj8zix8ks5pMz7U9QP6QmUQGi9EX60sfmI1f7kin3aaE7aL+pwFQUFTrbVBqRiqeFDpmqTXVh
oftNjaZG+jTkPCX0MH3e1AxiAGGx0BfJr2CSokJfNnmeFfoqqcFjUiMSDAt9zXTKdIq+Djj4rNA3
TUOmc4cygstGZDQiY0+Ldcw6YZowTUWF3TVNR2TmabFOmeaiz7JOmxZBRiDnKWGOmfZNyyD4eatY
LDl0PPyukzuIMDvP1m6asVSRGmaiI2vaCot1xrRr2rWOAu4/K9Y56N/BodTRmkPRh+UPjNRtep6O
p5MOZYlOJXL3vZGICr1GZ9DZUSEzvkHnPSXboPfpQiLFIA8i+Y8YLWDZYY/qTCpzlK58VpgEuoZJ
puvpJixMGt0SFiaTFiHHSBuZHNr4WD2HwuSbtmjLoYi0HJXw6JtWYUaA30wJ4W41U85UYY4xtXgk
mAbMD+Y4pFpJb/MYmuFIizjS13BNmCmLZJbmrMvWVcKGdTL6W2Sktxk7rJ0CGL8iUymjmEYZL4xy
PBOA9vUxA8BlA3MG+O5hztIa5gJwedDYx1yii+G5A8CTIJS9wowzk6YD5gZzi5mFFmP+DzILpJcG
mLHbpiBzB0rUMSvMPagLr1rSI1IyvFbw7AZNjcwmtH8H+rwH+aegXBGsulPMQ0gVMK0sMpWyOjaO
TWRT2HQ2i6zlxrCwuWwBXq9sEVsKUsFWw2oVwiuWrWMbydPgSWyzKcga8JpkoWYoKbAS62FVNmga
Yk9F1h9egaPsICsA1+IJ31Lh6hBdQxez5+hUdoQdZcfoFnYC5hdmixlgp9hpdgZGLo+uhDYN0fPs
HLsIpZdBVulCdoowEPeSzBUuBwKMwaPEroNu0ZWwhgfZfciX2QOzhl01683wbHOSOdWcYc4258FY
c+ZCzHdzsbnMXGmuMddjjsPIkjk3NzE5wLZicwsrmI0gFrNIl2GBa7K50NwBPaihm+CKn24xhzBP
AY3mfvNp87D5PJtlvmjaMl+mLearwEcR9818zXwdnmkEhsq4f9Zd04R130KDZZi2HsD8rEJ/KoEv
g5yG04MVGOXiwVLMsEPmbS7JlGKaMs6a67lULgOva+AMjBaXzeVxhewoV8yVAUOx5dgHa4ZHZ9Q6
ZZ0KlzANWha4SqgL2zvCYFIybGWAwVDXIldjGuLqTWNck2mG1kC5KWjPLtcCqQlzC2c0TTMl5kJL
CWfhRE4mVjBiybgOK7Gs5mLronWR83MhsHPrYVvH9XOnydPgSdywaYs7j60Z4C53nrvIXeauWpI5
sOjmlrDlIrZLb93irnP9dAt3E7fEfBPmCXOnxXzbPI/5ExZmANo9Y17CNsl8F+Z4ja6H2dkAXuWB
Pcgzb8NYXzT/X/bOBbrK4trj3/leiQhHxBQhRhpTROQlBqSAXFCLQHIeIIVKkUoEjCeINkWKiFxE
RBupIrFgEQEppRhjQEVEwIBKeUmRVxEQkaZIkQIGhRSRQnL3/s0XiDRdteuuu9Zd69511v6fnT17
9szs2bNn5juHw/FhXe85dU/l0HjCTUjeGXogUT/RcMjGIRsTaTKD8yVuvhg6JpGRaJ5ok2if6Jy4
adiQ3H3q96FLhnVM9EhEh36R6JsYkHsgcaesnsmSYIYPu1/a3yf748HETbKCw5KzhkhJfmJ0Ytyw
1MTEREFiSmLa0PHDkhMzE3MTC4ZuT5QkFieWDQsnVonVcGJNYuPQ3WJ5X2Kr9CksfdmZ2JvYnziU
KE9USB83ie3koV+I5uk8K88fOjmvrmSbBrKW4hI3jaROK4mVjnlNJH6P5jUduijR/J6j9xy9e8o9
ZUP35W7Pa5HXNq+p+MHO65DXJe+W3E15vfLief3yBubl5OXm9RqWLe8jck/mjcwbI9rjE1Pu2Zw3
KW/ysFF5U/Oey5uVNy8xJa/o7mGcplr//w3z/9ANM2Hl862Ghvq/yeQUWaG7bCslZ768iuX1mryW
yqs0p3SgvHJW56wevHvw7pwN8tqcsxnZDnntkZfKyuR1UF5Sb0D5gPKco/I6nqN3WDscD/eWNupz
o7G40djcZRzOvC53GY9bjM+ZN4lbTDK3mIu4uVzMzaUuZ94wZ95LOPPW585yKbeVy6xQ/WH172dM
fO8wp70VyonKe2d57+te2mtBTo9vQ9nZ8l4itPif0DJD2YMM9Vr1LWmN0MZaaKuh7FHyvvPbUfYE
ed8b0P6ADhnK2mfes2cIzRG+XKjiHym7WN5P/2vKXipUKnatgHyhut8kxnYBZTW4gBr9G9REqGkt
1KIWu0ptL6AO347i4vesLkK3/BPqZSi+01BW/FtSP6GBtVCOobjMW1but6O4zG3WiIBGBjTGUPyQ
eY+Vyft2ofFCk/6R4hIDWZP/NcUrAhtTA3pOaNYFNK8WKrqAFv0btERoRS30rtC6WmjTBbT921H2
QXnfncP6qJWkLPuo0PFA78C3pMNCX9RCuwOblfJ+8ttRxJX3M+cp2z5P53TqB+8NhdKkLPl8WzUp
khG0H/7XFGku1Oab9bNTLqDUWkjrtpf3dHnvHLzfVHt//hllNxNqVQtlCnWshbp+kyI9auTvmvm2
Ol8GeSwSzTmXXyJ9c76ZP6rjpOa8Bv4+56MBNXx75zf7dC6n1MwB1Ws4WFu6Z1THfO9GF8T0SVMe
GSY0XCjf5AjdXyLjjFzHFJkoVGDya47Ol+TJyDShmWYPiMwN8vtpE+8R8Ul1fo7InhZZbMYbWRb4
QWxqvlSbkNqV+YxIXoyI7yLSh4jaPRT4N/Cn1mWfrN7D9tfws9iJWsaGlkVlv4jWDfp14TxdMEfn
9pTqeSowe2O0gelbtFGN+qfNWPh7cbD3yd/RJoGspAYtq4Uu3Je31kI7a+yvNfbYc1Regy7YX8/t
l/+dfbJJzjf3whY55/fAGvvduZwlFL0leJd9KxoP1pjkj6jsSVHZg6Ky/0RzA7msYd0/WLc9zHqK
yj4THWlyUXRMsC6CdVCdFzW21I7mOfJT9RopMHlL65/LgReurQvWVXV+Obe2CoL+TwrmfPL5+ujL
eovK3hR9zvQ7KntSVPegfUFO0jHIHhRdFNT7Vznowjxem051n2vJx+fKks/TP811/yqfpn+T/iFP
1syVmTVyZI18iG56oNPR+EBzdG+Jn94tDOnZRudbzzS92wYyiZVYd+E1jwXnl95yNoqeDPKYzGlv
ja1JJp/F1Pfqr+BM0LtXkMt0/38uyHMaf7JH9xZ7vcVeTPrbW+Kmt9jrLXHWW21KjPUeH+TP6ny5
KDibVZ+bRp7Po9gKbNDHSSZf0q8L8/AFOfjcGaY6D+s41ZaWSUz1nlqj/uRgPB2Mvzhzydh6PxfI
utSgXrXQhWfBnFoo8OuF57pzNL4GXXiuqz6j/XfOZktyvnn+ejfn/Lmr5hkrJ6i7ooZPLlxbsv6i
m3L+YV1Ft+ecO2NFdV3vM7noXL46YOI6ejiIp2q56pwM4k/fJa/EgnUXkzUWCxuqud5iKSZHxFJN
fMaa1XKOEYq1CijTEHlQ7XcM3rueX4O6JmKy18X61Fh/ohf7kVlvMdmjY0OEEmbvqSbyUbHxk445
dr/QqMC2jCM2NhhnoB+TO13sCaGnhJ7NIRfFZgjJHS42X6jY7H9K5Ek5E8ReE1pq8nGs1MSp7oWx
1UIbhDYH/tohtMfcE2IHjZ9iR41+TPaO2CmhSnMG1PxfnZvjsgfE6xhSe+wzEtvx+sbvcTmDxtNM
nMUzjB91HuPNg7I2gY32JpfH5YwYl/NhXHOPnMficg6Ly7kqLuep+DDj3/jwII/J+OP5wftoEw9x
OQvF5QwUlz0iPuV8/Gju1vNAXM5CcTkLxecG8iDnxuU8EC8x9nWdxMVHcTkDxFfViNXqe0D1HiV8
fI3RiW80Mv02Rr3V9db+/7cx/i89K3NbuGv0E1V7o/WqZSWlCzUTaiWUKdRRqGuN9+5C2UJ9hH4k
NEhoiFBC6H6hUUJjhSYIPSH0lNCzQjOE5gjNFyoO6DWhpUKlQquFNghtFtohtEeoTOhg0ObRf/J+
XOhUQKpfaVnJrpEn1xGqH/TtaPAuY0huKJQmlGHk596bC7UxfU1uf37MyZ2FbhLqIRQ1dpL7mvaS
BwjdKTQskA8XyhcabewmjxOaKFQgNEVomtBMoblCC4RKgvfFNd6r9ZcJrQre5wb1VtUoXyO0UWir
0E6hvUL7z7+rf5IPCZX/G+/Vvqgwfvx3iTmoSX0MqX3mqyzQPXQBnTb/7Xz1e3X9arsX+UJ1g/kW
+UUNzr9f1EioifVqpFckHukXGRjJieRCIyIjI2Mi4yOTIpMjUyPPRWZF5kWKIosiSyIrIu9G1kU2
RbbLa3dkX+RA5HDki8jJyJmoHU2OhqMp0VQoPdqMv1vJKzPaUahrtHs0O9on+qPI1OigSFF0SDQR
vR8aFR0bnRB9IvpU9NnojOic6PxocfQ1+XtptDS6Orohujm6I7onWhY9GD0aPR49Fa2MubE6sfqx
hrG0WEaseaxNrH2sc+ymWI9YVMtF3jc2IHZnbFhseCw/Njo2LjYRKohNiU2rlWbG5sYWREbESoLX
YnnVxi+T16rYmthG4bcGr52xvdB+eR2SV3msInY6bsV9qG68gewJjWv9xQUr+MWFZH5xoQ6/uFCX
X1wI84sL9fnFhQb84kIKv7jQkF9cuJzfWmgcTg9fb10RbhfubrUODw0nrG7hEeGfWbeGR4UfsiLh
8eFHrNvCk8KPWz8MF4bftvqHV4ZXWRPCG8JHrIn8+sKC/8U9C4UahPL5vsoK/d/kMzIDksyS0TWg
7gFl1+CVZNVk/CjgVW9QwA8JKBGQZN0MyboZknUzJOtmPBHoPhXoq+zZGn/PCN7nBDS/RpvFwd+v
WS2zN8pra/bO7L3Z++V1CNyfXS6viuzTESviR+qaV/bGSINIo0iTSFORthB5k0jbSIfs/ZEukVtk
TbIqsytkXcYjOTJXl/BLGxa/sWHzGxtOODOcabnhW8M9LC+cFY5ZSfzeRt3w4PAQmYe88L3WleGR
4Qes9PDY8H9aGeGJ4cesZuHScKnVPPxO+B3r2vDR8FGrxf+w9VDlHe4PBAdKdIQqL4avA389/PXw
7dxegu29UciHIP81/FOCmd7r8L3gTd3r4ftQ9zrBNsjbu/djR+tmYn+Q207Ru0O/++SNFT7FvUXR
+7ngYnRe1HbPwp9dSR8mIr8Xvh18O/j2prcBjgV/ho7YPPtnt6VgWTCilpTeQa8YqduJceXR84Ty
zm74ZEotar2M5D7qRpBcAt+Nug9i7RJ60g300OmATq5gW/i28JluZ+TD4TtgATnYjtJMSr/v3qjo
3UtPOqOpfDvnODrGD09hrRRrOhfXuUXIDXYE+6IzDJtLsSnesG/TFu3WXo7g456sbns0fDdwtzdS
cLzqhGxwOvr007YUnVw0p3tDBRdg81KVhHYpHzpBaSH6t6L/DHwK1k6AZeifdv8gcttdK9jX3aGt
KB86hiTX3SXYRXWsk4qhbPBrcKWi46CZhZ3+qh/6FAtF8Asp7Yl+Ffot4A+Cq8E30T/i/lQ0o97v
hT+lcWv73jvCV6o8NMTbKLjflUiwU1XHOuI9Kvg3xdDBQCLoZGInFUyj7t1gIXi5W0XpXcJvUbT3
wpeCW8Hp7iCdI/8IuBQsBgvAcsWkRtJWezODaD7u62+oDIHvBtYLsBgsALXu5WiuofQ1JLuRjEcy
18y78oJLwWKwACwHVT8LzXHUsgx6z2tUwE+n5wvgV4ALAkkxWACWg91lLO96BURRQpHWd4EnqFsY
4FKwGCwA1UIh3nhGdZwZ4DP0+QRYhp0y7XPoiLdJsAI84s0G88HBIJHgHRULlzNfp9AsAw8H+Cgx
sFpjA0klFiqxUImFSqJiP6X7kewPJCsEHcZylbeGmNkE5oODwW2KREKZiTHlJdLU2jb4I3Km1z6I
xO4coIzFXq9RaqchSUOSxupOU8uCa8EVRGaJjHGsiU8sTwULg7q6Lh4g5i/X/4lb2poN5oODwbXg
UVBt7qXuXryxFWtb4afDvxigem8j/bwtSa3VM2giDX6BQe9tZjafedTSE/BH/P9QDxvUXllI5E6r
mIp8KzO7Fcli1kgzMJ0sdD357XG/ueAjyD8jF1XAP6s7SOgv5LR6Jh+qZqiOd4/gZWSzSeDleGMR
Oq1YCx/C3wYWBTlQ9pcQ9u0kRX+bzr7/S/WGRy51c9Qn/jLl/VbKO4eI7SLiJJPo3UStZd5iresu
oldaOtzkc18zZ0tFWZs7WFM7WEe6Oq6GL6T0L8EYH6A/udR9Bf1X8DMZxjuk/lGUXK1o5qu1L/uj
PRr9evBr0B8fZI9i8kCB7g6swVzk08FLwatpZRdYldRLZzOphHa19FadZVm5yqcEqDZvCHLyHOEb
EZPbkKSDe/wrdH7Jty8Sz7eTt5doFvW2E5NbVdNrTuwlq0TmTmM4RfN5aJNZxXJXlh2BedmuHpY8
sIIYW8GqNLiW9bICXMsOork6VeuKP9+h1qOsoEeJQ23l59orJ0tLnSyTVVw5q4SuZI3fQq1l/lfk
B9XvqL2VSFbJQV3pEuEf6s5CzzOD/PMomtrKfLAQXO1fo7z/NCu3t+4yrNy9lJYGaFao8v38lpQe
RXKU/quHO/jbNNfR29m6G4Y+YE9Mpbdnkb+Oz6+ET2cs+/WkZPdx1f5mNyx4SE+PdmNFma9HySo6
azMZ4xxda8717IPXKjrprkjs97H8AponsPwn+D/B98T+JvW8oFrOps/3K1qvwR8Gb/fqWHquUPs3
MlMtsLDZ7L96jpJzwl1kP43wyZxeDrvDGYXG2/conUnPt9HWSqyl6kjdP6o3PHzifsX8jtb93Wmo
1pwPlXdvhO/BeMsZxVfkiq9Yian0k2xvl2oPnfaM/aKgt9qTDPhWrpxdQ+sZ9VuunAZDN9G3DdQl
2u3O7ghd49Tqp2dgu5/zueA091ax3JV5XOIO0/i0XxB+B9Y+C1CtvYidG7CZ6bqCnypK1F1p6alM
POAk4YeXqDUSnEoMHHLVe4uw0Bz8NXbi8D9n7LPx8y2McTi1PgP3gnnqMTll6Sgm6qlV+Is0KtiD
7sPaEPrZDzu+95xmgCAadXRv05/TflNF7wT4IbgSeQaYrTnBnDlV024LdvZ2sY8o38OcQrGzDVyP
nfXYWY+dj9HPRT9XJXY+ki5I4ubUqrx1Unsi+CG4EnkGvOrXMydbWllpkHNUFnaytK7dH76/4dWO
4ErkGeCVSNKIH84b2PwUaxVgEbgQLHF1B+yJzZ7Y7InNntjsic2eeKmnWnZaqKbTAg+sxsJq+Dfh
39RRiFfn0H/FN8x4lZe+zcHOHGqdwIJKOtLPrwLcyMrSPvT1rmO16uw86upp893gdqCtrHV3sma5
HaimZU7yBzjbN+YW0At8H2uNsX8S3AmWUHcA2IO6y5B/Bm5yJUr9DB2XX6zoDlcdd7O3XFY6bfkj
Pd2nBuGrfDzwNfph9apfzLq+nt5uI04+BacG95RdzM46YnIXs7YLzxCfusrEA810przLBWdxJ7LR
bILmNvhJtN7FxBtz8bJKHIeZcpBnof8p+BVYBK7jJF/kH6QVlVTpvMj8Kn8wQOYafpmJHJVIJGQz
g9nMuNyjrUnOH+VeGfcuVvTl3np2i67Es1s8mWXnBU5KG9Unbifdd9y7lXdeB3+FvEjPY+6LZEX0
5Wys56LvUjfCueheNN/T+6a7XrO0w/3R6a/3Zbc+pW9Q63eKSVcgb4iFM2AJ+jnEyXidC+dN9a2z
D74n2E7RTdc5cjOIjQL03yGiPlL05qPTjqhIVU3nSWb2c/jhlF5LaSOipTsWzF21BOxFW904FbzI
DthDPeZ8yg5SQG5cw66xTs8nzlxOpFPYg+ZxPhyH5HFONeXYWQXuAD8EP8LOAXAz+CB700fss8sU
vffgx4PLya4n2YN+oec3tyWnuI8CfilYDBaA5VqqNy/vMP7PQrMu2Mn/saC5kXFDdJYHWAwWgGrh
dTTHUOtNlQiqpI9KvDuJikGcdR8EI2A+J8ORnD97cCflBOs2I37epi00nQLNpS4SQR3FISxfHeBS
sBgsAMWad63eSf13iJn1XkOpdTHW5oJDQe6nbgpjfwh+aYBLwWKwgFId10PqK3el8klX+s+DA9Q+
tdwA1T/cEZwS9YPTjVPfuABng/ngYJBY0pObX4d5/wmaPTQ3eld764U/5r0n+DzynQHmg4PBteB1
Gm+UrkOyDsmTetZ1XtUVGvpPztJNwP8AH+Rsmc49qBNn11aciqcQUQ8SsVP0HGj3wPIb8A9xe11C
3z5B/onacSP0f59K3CsCnA3mg4NBXV/XaK/c7+od1n/JxLyuCPsA1i4G53JCmMA6SuH88DPifxal
HwU4G8wHB4Nr0RF/uldpK957+lxRUHWWU2s5fAoeOImX9njFrIUmWmqQG+tBvbG6h1TirdSeuEvh
j8G7xImL/jjvCLNgUG+vW/T2Kt7QqNjsTqBvGrEW/HJ6vpxSk0W7ghd7KYKWzpfX2L9N+Hkq964i
kj8BHwpyqWaeUnJpITqT0X+ZFfc56+hiMmpHMvBM+Lc1A0tcSS3vXeZlHTa5vTrPYvk+rLWEX6r3
X7nhamk+mqWKySs1wpMtblu/xjLPTJJMtv8Dt5sCVuhhVtCbrI4bQG7HzkIsvIQ1y31capVi5y3t
m8tzKpcbscyF7qF3cxd+QHmxUA7uYF2XgztYreXgDnr7hvBP0+IyvHRGzwDOC2Sn9aBL397WO7L7
W3CUosOTE2ej/4Tud6ziQvg30X+Ruk+z0gtU4ic0G/j3In8P/TKwPzjXP6mYNFB3OnR+p5GTdAV8
Q7Ad1s6gP40+19HdwW2gz6nc67xU4kd5W/vmHdXZdxuwdsaZ+ybxUOJt0DhRuftpcKfWJ5bF3HE6
sa576h6R1Iu5+5CZulF5v45XT0pPsWct1xuxRK/mhO5amtSLnWWuribJVyvAteSlFaDuodk8R2qJ
fB/yfciPIT+A/CPkg7D2Ca2Ym9c4dsYd4HJt1yvTEfk8j3UWc+Oexx43Q/Xt3+v9WrLcYDz8FX3W
vNRJ79p+PVZ9Oat7laJ4chN55jp6oriZ0os5F12sJx/Jh2dZC7PJGFo6HiwIsofW2kXeeEfv3aIz
E/lM+k++8h8Rfil9vtW9QvA3im46/n+NkX7M7IxG5/ZAUyVNuAe9r2N0L9U7ssNTZcfc2nZza9tA
Tn4YP6Qx7625lz1PtDTyJBf5ydT6ihPCq3of94a7crNwp5Bj76fu/dR9Cr5I27K/T4tDmJcXufUP
Y0S/4Ia7gxXhInlab+VuS/p5B/pf0CK98ibBj9O7ufNTeKNzHxY6gD/R85KcG3VVLncv132BHn5G
nJvb9M1EQk/Gfp1TKuMaqHb8UeBYRXeuu5DMqSviB8p7Y7wx9Er92Q8d83nHSrKZp6XOA7qLeSHs
1Mf/y+nh7/Te7eyBP6a3ded6+J56W3deYSyXaE88VpB7u9tYJHPo/wTnmOAjjkSCe1g/5fF/y5nw
Lr2ty+i0P1fond2ZjM0HAlQf1gNv13u6txz8sd4jnL/r2P2GeCCbO/h+auXoPd35DvwqSivoz1/p
4WLkX/JZRrp6xm9O613BwYx3BNghOFvqrtqYWpv05m7/UW/uzi/wT2OeH5bRw7vAbGbnSeYxorMm
0StoL0SSRj9ncospBLsZnhtKIWutkJtOod6qpFRuIt41nKjfRfMx8E3vcfKh8mEwYhALESxEsNAT
zXLuei1V4rZEsgvJTFdmPERduyn4BPflH3Jf/iG3sE7c757Xu5JEgujbCTQ/osWGnD9bY6211nW7
wz9qEMmjak1wJfIM8Ep2dvGMt43RDXflVujMwmYn7JvRdQUf1run9J9RYLMlNlsy0nJGWq6+cm9X
y353bzv4mEYRFl4ziH+GwPfCD938KL5S7M39fY/e32UUUX325W6j3Sgr6GMsnMBaVHcr7ZVkHsUX
3KsF73QninwMGZX7styvtfRJMA1JV3eS8Pmu9q01EvKteyVz8Tn4paKzUdHbrOi2Bh/Vul4bWvkO
NrPAzuB8rBUYX2HhGNgcDz8E3qcZL2m9eiA5jj9Pce+7l6f09ymf5LPr3aWl3jV4eCOa3eHvVj5p
vVpLjuvJxKvkPtiJcZnY6Mgsd2deZsGnYKELOq/o8wEnR/3vpjILrxEbV+ku5hzU0TkL4evDj0dn
H9iaWhlgCrPZUOt683TGvfnI26H5ErP8pPL250g6+R3AaRpvaDbW2ZQ4eZwcqLgVmyXwV9PnFHz4
sMpF8xS9PcUK5ZP6qpetkOVUvQ+/UD/LBjOrXoK/FizQT8mD0pfBeeiPhTfYCCxEbuougl+EtRLw
EySfwO9GR+T2bVX6RLQ1+Dg4GuwG7gbHK4ZsRasCSSZoKTq58NPBBeClAa+fGuyi7gkkheCt1HoG
PoXSMvA0Elqx+yI5Bm/sd6H1k+BHlH4NrsSag04W2B/5pwGvfShCshBJT/gqarWAPwiuBt8Ej6AZ
hT8F78NXgo3A/ZUt9GRIf9C3/qYSx3gmDUxVSYhRh24HtyDfC18KbkXHeO+2ypvFQnszF8rb3cA5
4FwzC/CZoAVOBxdU6un0XeN/lYReBU9Q+gGWZ5jRwV9uPI9OJTpXmbEgKaNXB+G3BWO5mXElS92x
1B2nEgv/hB5BM7Myzihm0vOZ9HYmfVMsRHICPILkKkXL8GlgKniAFpuB6eD14Ge0ZSLwWfi/gKmV
twj2g7+MmZ1kYlLl9iL4VpV6+/4QvjNyosJOUvSJNP9BRXc5Fs6qB/z7lPc2MtcLjGeqXtBPG9H/
pYkNrD1LH75C52t8dZuuSllTjYh/xalmls8e1xXHSEcHaIPpgpeD3cDxlI7H2niViD9V3gN5JmgF
mK77Avz0AFUzjrd3BZ5PZxbmgMrfqnLnGUorqHUDPTQRXsGI8H9oj5kRRvqiiWf4YegswUvbTfZQ
X7k78JhZvynwaXhmNfqrK2/Sp1Lwo7Hzc/jZig6r2MkiAk/ht0JKmc3QlciPqA9DZ+izj/dSGVEy
XqpUlLgyvI4RX4V+CZo4vCvAdOrOwY7qb8HmdkpfBvGn9QWjPgzOBj+oukzwLGOsg+R1+Cvh05m1
PvCb6fkhShsrLxmjSCQ3UfoAOJPSOXiAaHeuhzcrPVU9Zl+L3KyI98EXsHw3Fu7G8s7AS8qbzLaJ
db2G1foZs0BWCbl4/kbsmEy4GfxrVTv1JPxGkwPRnIzm90wOpJVtyFl97gTWznr4r6p6Sj/NPjKP
bPOh+sq9Eb4H8nLsfAVPJrQvAluCGWbNorMefCvITjcIslOENqCzxKxokAxgT8NLXdHZAZq8Qdza
7AviVblTOKz90EvgSNDkiubgr8GfIx8Ffws4nAh8CPnLwV6g8Twx4NUDZu8YhD45xB5i9hRm08f/
jcBCcAtYCpLPQ68zX1Xwb4OnqbvVzBc8ngwdg88F43jpJHw9SlfCZ4H9K09qD5F/is2p4EKwJFi/
pi2N/PVE/klWRH+wJ/LV8B3RfxRr7DuhtbReSWywM4bI5E5jNFcSLfChk2TjnfAlyAfAm7zK7PvF
RFR98DEyDOcTvwnWTEbqT2/frJqlnzFhoaryl4xXMLQOPE0e7ksmWQjeieZp8nBdxmL2qZQgr6YT
25oZuiDpgve6kFVOIq+HH1YGqLnXQTMrQLVQROnCANPZd0bgw3T6qXkpndJN4JvU7cMzxgqe4afx
pDHNf0M06wbfrtFvp3TkOzlnebZ8rX7LMbRF0S7m89+13D15QhX6i6vfzHmXGxmfttjd/Yt1pfMJ
zmbl7ffgj7u7uavymZeez62BdjOdF30i4bRw87R197d6xlDeLne/1GhUdI67Cyx9viSa1l7FUIJa
vRS9Yp5p+GAbd5yuTSwUuXLudQZh4YyW+v2o1Rdsz/cTToHJbqrOuPOwesxZozrK2xP0X7jYIxSd
fGcf1kTT2qAYyjC1kGxXdI8qyigU5zlP6yiw012fKtjrjB1KByh6E7FwCtwHTgYXO/o8p4WiXero
7T5d7/X2KSQNvIH0U79FVlcl1nblrb2Koq/8BtX3umAnnVptHf3+XjNnhs6+M4++legzbWotBjsj
aa763ipqHQh6oqUDkMxxxmq2Qd41QP0ekRtYm6deom9LlQ+V0R/HDil6FfqrN/C2basktIpS/QZy
u9B+vjGr32rrY08WbK1PXexS+xnNuvYvtOf273RdK28/YT8hON7WT7dt1Q8Vgn0VnXvRmW7zXUd7
quB1zpOCr8O3cl7CjvChE2hS176Vus/AX4a1ExqloT/R+mn7Ml3LtkbFALsR/ayv8W/zKb/ti+Rm
+xJdy/Y1upZVPxQHb1O0/qboOFjohbX+dmPNmfYWbCp/0v5Udw34EjSjWKik7nfhD4LvhdTDS+jD
4dD3RLNNSJ9wSl4UyZmQfsp8NlShe4HdVvOqPYFP7fWXZY+EyrQ/iqGb7YYqsZfpzhX6i+65YBrY
RlGsCVqfwk8FG4T2oblPVzr83tBY3U2wuSU0X3Ba6GPdj7Qn1mdY+Jv2xD5jWfotdPcLRT8F/s/w
9fh2+sXw30f+KhKx4/7GF5vuQLA7eFTROQQuVPTqIj+jaLvg00iao/MTRX8Xmi3AKKUZ8EPgB6B5
EAlyd7JiUhP4ayh9B6xAQivOH+Dvhp8A9kEyERyjGKK3dldK34cvoz8+OoVgMaVr4V+H/xzsDf4Y
OSNyzlLXWNsEPgbmgR+i2R6ecTl/p8Wfwa+hPzvBw0h+i7Vh1OqI5kbkV8Evgp+NT5bBPwi+CF5L
rd8kye7jX2FmR3n3KFhl5kh5ry6SM/A3mTlC8qyZKeWdn4BDwHys3Wnmi1pJZtbg8Yl/zMwa+gvB
g5RmKCY1QfIOfbsOzafA4cY/tP4Deviu8YlKZE9U3ngMP7vzwC60iLdDX1KKJ+1SLBB13jRwHfpz
we1gDGTUrom02fRzPPpXYwGfe2H6QPzYzYi9i9A/gM4r8N3QNDF2CxhWTH5F6yZ/h3466PTEwltg
CvIrGHVzPLMR/emUskbcHdRqSlv41plm1h0+3EVdfOtOBq/BzhvotMU+/rRvpu4S5Kwyz8RqgrbM
SmxiYg87H8CjaT9JrSPo/Ao0EYL3nJEmkmn3Kny1SDH0JZIXaMvE4Q3gjeBt1N0K3w4LmeBn4NfI
n6CtofA/xA7j8mjd64DmFOzMgMfzNvnBnQ+OBvujY1r8I2gi5G1K7wWZF6cxLf4UxPNJSNwTtDgW
uclprEHXrG5WrncJkgYgmcEhKhys2SZTkVXsL9CnrjsKfBksQm5yI7yzBcl6+H20Tlw5rB37OLWI
Os+sJjOilejUQX8WEjPvq5D3BVNB+uyQM/0CbJpeERXuxyBryiU2QvTcf4RaD6N/Gp6V6I4DdyNn
Th387w1CTo5yyVou8WCT1d1ccAX6FcTMBOLH5KtikFzksY6cx5CYzFlOXTOnzLvDTPnEknMHyFpz
poJEb9JmxWSiwmP/8oh2H28nMXafUhd9hxzldAJ7a+uWpXcQ9zeV+mnRQLA7eFTROQQuVPTqIj+j
aLvg00iao/MTRX8Xmi3AKKUZ8EPgB6B5EAlyd7JiUhP4ayh9B6xAQivOH+Dvhp8A9kEyERyjGKK3
dldK34cvoz8+OoVgMaVr4V+H/xzsDf4YOSNyzlLXWNsEPgbmgR+i2R6ecTl/p8Wfwa+hPzvBw0h+
i7Vh1OqI5kbkV8Evgp+NT5bBPwi+CF5L3SuoW4XOTfDPUpoPfyfyJJCx+MfA6yh9ChwO/oBa79Ju
Gj00PWe87jywC3UZdehLShmRXUpdZt+bBq5Dfy64HYyBpodmxs24xoNXY4Gxe2FsMo92M2LgIvQP
oPMKfDc0zVzfAlIrmdLk79BPB52eWHgLTKF0OjyR6e5ApymW8YxD/503KG2LHTxj34x8CXKi1zMx
kMCaiXATqx8gR8d+EskRSn8FMjs2fnBGgi9gzczjDeCN4G2UboVvR61M8DPwa+RPYHMo/A+xQ889
WvE6oDkFOzPg8ZXNynLng6PB/uiYFv8Imjl9m9J7QTzpNKbFn4J4LwmJe4IWxyI32YDodc26IOa9
S5A0AFlTDvPoYM02a5z1aH+BPnXdUeDLYBFyk1XgnS1I1sPvo3UiwSHC7ePUIk48E/NmRCvRqYP+
LCRmZlch7wumgvTZIdv4Bdg0vWLe3Y9BVoHL7Ifouf8ItR5G/zQ8a8cdB+5Gzpw6+N8bhJzV7RIJ
NpnQzQVXoENUuyaTlMObmWI2HfzvEyHOHSAx70wFib2kzcQ/c+2Rzz1i1ceHSYzIp9RF3yE/OJ0U
rY/tjyx9KrJZSpua5xjOFJH04t6dq08bnHk8SciidI7+21gnXb+f5szgWYqtEvuvyKeoXL9gYem/
tlDJIEVvu6LbBnkFdfMpPaToj4TPBXthrdxo0u6A4GlGU0ufUejdcA6Sx4MnHm34t3X6FCWb5yen
eR6SwrOREuTzta69FUkupc/B21goB0eDRYy9rqI9AQ/00yck9jqeWrSHb++8pXVVx6riecVlwfMT
QevPquNlYqcvtbrzhKSzSkKXubNE3jB4NlLCM5ASnocIVj5bpc+p+lRt1twLP0DvtvZW5UO3wg+k
tDv8SvjdaI6DT4bvTOnvqXUYSQNjDcn+Sr3pt0KnAbXagkMo3WmQ0lT405Q+j4WmyH+HvAN8C0p9
+Hvgf2H6oHzoI9MHSscoX9m36qREQjMki63Ggnvg5yjvXMJdvkrR6QoeR3Iafgaaf1L0tiu6IeQ2
WEJpsmKoAr4cbIu+hc4UsAU4idLR9GEa/BD4Ilo8gs5Y+A2UjsBOHeyvBucHPdeeDEeyDEkpOBlk
pE4vSsNIJlS+zf/CrpZXVeqTwHQs3x/0QeV7dY6crorWXuouAqdijSce9gEk/VTHbVap31XrRunN
lS8JVlpRkddH53qV2F+YPmN5nvbBvxLJSuVDU5H3rXxd41P13TWU7tRSGbvOTl0s90XeCJvP0P8r
qk5LPyfS27/Rtz1ay8tnLAeRzyXqxmutUAfaGgufgZ22lWf4BOGM+hOcrCinKcUyJGnoHIRvoOj8
gF61Z9bW0dYYLOfSwzJF38W3zU2EVPXXqFMdu4FK9Pd3JEOyytz6Oha/EfoHlfd6oFMXyUATh3g7
jVbq4pkG6rHQE4x6QKU+mx1BD4vg61TerjFWqU87LwPjtL4Ob9wKP0Q1QxXUagt/Es11WJgK/xTy
nXhjE/JmSE5QWohkD9YKkXRD85iiZBzmy8Qh/Y8ylj/ThzIiwUTyNB213AL24SXmHZzATFWgX4mF
NrTVmdK2xE8Z8o6Kkt91XrICHcUDxMB2LG81/g+8oT3vzljK8FVD5PXAAWiOCNo9w7o4Q+wdJxKM
pvqtifIS28eJZNW5E5yK5HY0U2krFc3N1FqHzkxwGaXxYP1mylh8+ryEMX6APA18h/4kjCbjvd+M
WjUlinhqTUT5gVfnEdV4Qz0TSmD5OfLAKry3OmhL7WQyUw1NpqJWObVWo1lJtLdFcwmRmaK8n2Fd
QqS9/V/sfQd4FsX295mZ3Xfe7O57EkICIRTpvYUSadIEpEmXJkUI3VCEAIo0EaSIijTpTZqAgIiA
CEgHEQGR3nvvvSV8Z09WLon+P7nXe//P93zPffbJ70zb2ZnfnDlnZnffDY+42/5JiTPamyNubU14
jLIyvsUtvOJZvDTsa9yrbPfm7DjKXZw4l93ayFqO5VYV4rMS7apb80C+S3wNWrFetXJ9+tPaFK7P
WneJy7AdUInzaDifW0P+zJr/A4+m28e1ibaRS/bj9HrM/GgXyS79wLbCtSqJIzKX0c+5GbnX5bm/
xxg/ZXzCNVfg8SrLmJmxqlfGtXJ9vXF0Ldso12aSPvzAs2kOa8UTfpL7hHX1CevzEx4LN/yAeevv
ebE0nOL2egL3tFSiF2Obc41HZ5WLmrVIs5dRF7hkK0b2cXDD1UNaAx9lG3iLbaBrYepxO0uwlhZk
Hd7FWs22iErO4JJu+UWcHsslK3O4GqfP5Jbv4/ACTq+UsIexC8++W+6a3L1Kwrinp3i86rizlcf0
de5X5kS/lrCBn9eHu63llg/gvmTkknUSeM3D56aDDFRnpDeyFI7/2q0ZgL/zBob7Ox3vTqOLYHG6
5aYDuCkJb7pvWSc0dt+ET+DfgyRYHI7icBSHC7vvaScUcd+lp/QunD6Pw83d98fcN/MpvInD1zh8
xQ27v+Khc1e6X7nh9CLu24BUz3z+Nstd/r7NKhfd3xEAuL9zTwhzf82REOb+HiRhiS/W/cqN/sD9
yo0bjl/thhMG+D5zv3Kjb7j1+864qK9z+LBbv77A4cccTixTm7Ewl2zB2Mr97o3btvgTiW32fcHl
Z3A48axL3OY7nJ6V00Nc1GW5d/kZr3N/B3LuUkbN6S9zyfJ8rSucvo3rLMQpJZiZxJRHnPsmlx/G
V9zGLD1i7MdXL8cl8/C5bsmCHC7I4UK+rZz+gMN5uJ7E9OzckvoczsXhRlzPfhf9msP8JR+/n3Pf
5JShXNv37jdwuIaXuYYoDkdxuLD7e3kq/yuHUzGG81kVuc2FuM0teZQnc0/vci63zTebU5ozbmK8
w7mpCQvoRRxezHWu4fBwLvMt4yhOX8rh3Ry+7bbQ/QoHtdbVw8L8XF7FP+Uw8+Y+SU+Iir/otiee
x8J98k4pt9zc+NUuk4kpCf0YMzLyWVxDVPxGLsnnxnOv4ydz+AzXuYHD+zh8jXNZo+IPcsp5rsd9
AwfAEkP8l0DFvNc1FsLadm39NvSNbRHXCZYA7fzq1imfEWhn8fQphIMDPkgHWSAU8kNRKA5loSo0
gKZUR214Hz6AGGgPnaE7DPbKB0BDesgKKaEARFMt5aAaNIRmdNU60BsGkOXoAF2gBwzh/zGYeA6C
n2xGNgiDgvAylITyZJ0bQXOQUBf6wIfQGt6Gd6AnDIVUoKrUqlUZqtap+XpGaFmvTrWMMI5rSc3f
DH2JbHN2qjEKSsGr8Bq8Do3hLVCQG+pBXxgIbSAWusK7MIzPCYKMkANcT/cKVIAakAc+5vQICCEe
MkEk5KR6C0MxKA0VoTLUhDehBbU7L7wB/WAQtIWO0A3eg+FeC1KADZkhLeSiGopAGagEVaAWNIGW
YEI+qA/94SNoB50gDnq53zKNKdQtRtVnbMbYhrETYw/GvjEtYuPUR4wjGCcwzmRcyLgipkW31mo9
41bGHYx7GA8xnoiJ6dhFnWO846IhGUMYMzDmZSzRKrZ9W6MSY3XGOq06de5oNGRsxtiKsQNjF8Ye
jL3bdG0RYwxgHM44lnEa4zzGpYxrqOIWxlbGHYx7GA/Fdure0TjBeI7xCuMtxgeMCS6aRmznmFjT
YgxhjGDMQJldzayMuRkLMkYzlmIsz1i5s1tPDcZ6jI0Z32JswxjL2LVz11adzHcZ+zIO7OKmD2Mc
wTiWcRLjDMa5jAu70RiZSxlXMq5n3Mq4g3Fft/ad2phHGE8xXmC8xniH8VG3jjFdfMBoMYYxZmDM
yVioW7eCUb5SjBUYqzPWY2zC2IqwkC+WMY6xN+NAxuGMowkL+yYxzmRcwLiUcRXjRsIivu2MuxkP
MB5jPMN4qVv3lt18NxjvMT5xUUtGPyN2696lmw5jjGTMyJidMS9joThiUhdjLM1YgbEqYy3G+ozu
alyS7Qn7J6SieZ4W0v1LIcEfDv2/o0kWwyQrqsH/b4sZHEsMC7J6yTHwgqjIztn8zeW/ExJkvf8c
Q18YJY+IpFrdGN/tcf2Du0p8YUzxwpj+DxjywpiRW6pYiufQ7cHzafiXqMhTpYKIfzKUmkOS/FPm
f0pmgaz/lMwG2f8JKciT/jX+NSeCPPhfY/ALYRStNuLI64+GmbAUNsIeOAN3hCHCRFZRRFQQ9UQr
EScGitFiplgqNoo94oy4Iw2ZQVaXveQwOUHOkyvlNnlIXpKPlKUiVW5VQlVVjVUH1UsNUxPUPJqD
7rX8iTqraiSLt0wWH54s/ulzcSNZvo+m+QHQ4rm4VSRp3JmR9Hy8l7T+sMZJ4+GQtP7wsGTx7MnK
V04Wb5Isnqw/4YeSxlPlTBavlSz+btL2p5uWND/9qqTxbHmTxfM/F6f5l61gsvwBHJdkH0ITe5ij
VqLMmdhzg3QuFdmq7F7qLk8e8uQZT974s9K5i3iytCcre7Je0lbkHpa0l3mik8bzJyQtX6Bh0nhU
slEoVChZvEiy+K5k8d3J4leSxa8ljRcOfU7LKBAdliwenbR8dLFk8eT5VZPFqyeL10g6isWrEiIx
EyPGQBsxia1tSzqAZupoEGaImYJ9RSj4nCq42amMG3EtrqcUn7gqrlK5G+IGCHFL3AIp7oq7oLAc
lgMDX8VXyW+6+iBVReWOl5ShMpxS3F8QodseFaAz81M8Fe1GusIk2Awn4JEIozb4qVVhTm2QTmWn
DmEVpy6h27sQsskZabdQkPY8pfACKBlCbbrIcjPSTkuGU/wyy824DyTFDhBuxkOEW6mvroZGQmY8
QW1dS7knWW7GUyTXU/w0y83PlTzjlTzrlTznlTzvlfy9vdW4vdW5va9ze3/PqcE5NTmn1vM5uI1b
uJ1buINb+HvOLs7ZzTl7OEeClnTQNLOl++Z2iAwhVsOJVeVUcl4j1tfiWvBRm9YTUwpcjy8U32Gi
v5x0/gDq1QCKBotg6CciRXroz//PcqBoLJrAIBErOsIQ/h+Ww8Q7Ig4+FsPEMPhMjBPjYYS4KW7C
SHFP3INR4rF4DKNd1YAx0id9MFY60oEvZAqZAsbJVDIVjJdpZVqYILPILDBR5pK5YJIsKGvBZBkn
u8Ma2VP2hLVk/XvBOtlH9oX1cqAcCBvlYDkYNsnRcjRsll/IL2CLnCn3w1YVIK15ooqoIpCgyqsK
8FRVUVWEVJPVZKGMOGO6MMwYM0YUMlubrUVhs63ZVhQx25vtRVGzm9lNRJvdze7iZbOn2VMUM3/z
DRHFrbpWC3HdGmwLkeCEOBXle86bzhS5KNAq0EHeDvQLDJePUKJf+TETZlLBmAWzqBDMhtlUCsyB
OVQo5sJcKiXmwTwqDPNhPhWOBbCASoVRGKVSYxEsoiIwGqNVGiyGxVQklsASKi2WwlIqHZbG0io9
lsWyKgOWx/LqJayAFVRGrIyVVSZshs1UZvdfCqss2AbbqKzYDtupbNgRO6rs2Bk7qxz4Dr6jcmJ3
7K5yYU/sqXLje/ieyoP9sJ/Kix/gByofDsJBKj8OwSGqAA7DYaogfoKfqCj8DD9ThXAkjlSFcTSO
VkVwLI5VRXEcjlPROAEnqJdxEk5SxXAKTlHFcRpOUyVwBs5QJXEmzlSlcDbOVq/gXJyrSuM8nKfK
4AJcoMriQlyoyuE3+I0qj9/it+pV/A6/UxVwOS5XFfF7/F5Vwh/wB/UarsE1qjKuw3WqCm7ADaoq
bsJNqhpuwS2qOv6EP6nX8Wf8WdXAX/AXVRN34k5VC3/FX1Vt/A1/U3VwL+5VdXE/7lf18CAeVG/g
YTys6uNxPK4a4FW8qhriDbyhGuEtvKUa4x28o97Ee3hfNSHlbcH2C9hyCfFIPCIr9lQ8JethStoH
8DwzeZ75eJ5pGSkjwS8zy8wQJHPKnGCpymTdbLOl2RIcs5XZCgJmG7MNoNnObAfBZlezK4SYcWYc
pDB7mD0gFDNiRkiJmTEzzfGsmBXCMTtmh1SYE3NCasyNuSEC82JeSIP5MT9EYkEsyN+pLwzpsCgW
hfT4Mr4MGbA4FoeXsCSWhIz4Cr4CmbAMliFr5drfLGx/s+Jr+Bpkw6bYFLJjDMZADmyNrSEntsW2
kAtjMRZyYyfsBHmwC3aBvBiHcZAPe2APyI/v4rtQAPtiXyiI/bE/ROFAHAiFcDAOhsI4FIdCERyO
w6EofoqfQjR+jp/DyzgKR0ExHINjoDh+gV9ACRyP46EkTsSJZK8n42R4BafiVCiN03E6lMEv8Uso
i7NwFpTDOTgHyuNX+BW8ivNxPlTAr/FrqIiLcTFUwiW4BF7DpbgUKuMyXAZVcAWugKq4EldCNVyN
q6E627/X2f7VINu5EWqS7dwMtXArWc/auI2sbR3cTta2Lu4ga1sPd5GVfQN3k5Wtj3vIyjbAfeQz
GuIB8hmN8BD5jMZ4DI/Bm/yN+CZ4Ha9DU7yJN6EZ3sbb0Bzv4l2+75W4vxJQhG1tLtItUzQVTSm5
tWgNwlhuLAfpi/fFg/KX9pcmO/zv0T6ygf/Vvv9qn6d9kax9ud3VlmjvO/xfHfuvjv2bdEyYHWg9
HyIyyyKqktEQ0kEJKA9VoQ40pv1CB1q/96KV5TAYCRNgBsyDJbAS1sM22A2H4BRcglu0sgfhE07Q
u6CCugXFBb3HsntQL5Y9gt5n2TOoD8k4CvVlGRfUj2X3oP4sewR9wLJn0Icku1O5gSzjggax7B70
EcseQYNZ9gwaSrIHlRvGMi7oY5bdg4az7BH0CcueQZ+R7EnlRrCMC/qcZfegkSx7BI1i2TOoN0jK
HUDYPWgIYY+gTwl7/g1GxnDPuwWN9Zj5wmNmnMfMeI+ZCR4zEz1GJnmMTPYYmeoxMs1jZLrHyAyP
kS89RmZ5jMz2GJnjMTLXY+Qrj5H5HiMLPEa+9hhZ6DGyyGNkNPW/W9AUZmQmMzLvbzLyjcfIEo+R
bz1GlnqMfOcxstxjZIWnK997zKz0mPnBY2aVx8xqj5k1HiM/eoys8xhZ7zGywWNko8fIJo+RLR4j
Wz1GfvIY2eYx8rPHyGJmZBlrylpmZPPfZOQXj5EdHiM7PUZ2eYz86jHym8fIHo+RvR4j+zxG9nuM
HPQYOeQxctjTlSMeM0c9Zo55zBz3mDnhMXPSY+S0x8gZj5GzHiPnPEbOe4xsZ0Z2MyMHWFNO/U1G
LnqMXPIYuewxcsVj5KrHyHWPkRseIzc9Rm55jNz2GLnrMXLPY+S+x8gDj5GHHiOPPUaeeIzEe4wk
eLryNJEZCxKZsUQiM5ZMZMZSHjMXmJFrzMgdZuSRqynu/2l028130xpCLrFbTlXVVU3VRrVVHdTb
qpvqrnqq91QfNUQNVcPUx2q4+oR2wafUaXVGnVXn1Hl1QV1Ul9RldUVdVdfUdXVD3VS31G11R90N
RLv/R0nsErvoAlPcX+eqaqoaSFVD1QClWqnWYKh2qj34VFfVFfwqTsVBkOqhetBK4F31Ltiqt+oN
juqrPoSAmqgmQkq1Uv0CYYGigaJ8lyESLCOD8ZKR0chkZDayGFmNbEZ2I4fbM2rRXb67nrheSefd
m8jj5tE5ifeuhYp9ViKnVyKve29KxVIOGGGG+wWwnEZOsJ87L/G6YUa4kcpIbUQYaYxI99t3VPYf
15WQFYKNUCOlYRo+Qxt+I8iwDNtwjICBRrARYrj3uwzqWz9qpHuONF4xSoNjlDPKAVJeNESo2Wqu
WqAWqY1qk9qstqit6ie1Tf2stqtf/oxx926ZmqVmUY1z3N81q/lqPvG9UJEdJeY20PVOqcvPap9F
peZT7kr1g1qlVqs16ke1Vq1T69WGPxtjrn22mk21z1Vz3Tcy1QKqfZEi60wt/IVqd/vh1p4fwv60
1j/pB3N2yuPMPe8FtYvPc7WBzjM7yaXwIQyEQfARDIYhMJTm9ccwnP+76GcwAj6nWT4KRsMYGAtf
wDgYT3N+IkyCyTAFpsI0mE4W4EuYCbNgNsyBufAV2YP5sAC+hoWwCBbDN2QdvoWl8B0sg+WwAr4n
W/EDrILVsAZ+hLWwjizHBtgIm2AzbIGt8BPZkZ9hO/wCO2An7IJfyar8BntgL+yD/XAADpKNOQxH
4Cgcg+NwAk6SxTkNZ+AsnIPzcAEukv25DFfgKlyD63ADbpI1ug134C7cg/vwAB7CI3gMTyAeEuAp
qbGQtWUdWVfWk2/I+rKBbCgbycbyTdlENpXNZHP5lmwhW8oY2Uq2lm1kW9lOtpcd5NsyVnaUnWRn
2UW+I6fJA/KgPCQPyyPyqDwmj8sT8qQ8JU/LM/KsPCfPywvyorwkL8srypJX5TVly+vyhrwpb8nb
8o68K+/J+/KBfCgfycfyiYyXCfIpmSD3bXulDGUqn9LKr4JUbVVH1VX1VBPVVL2lWqiO6h01UA1S
H6nBapQaryapxeob9a1aqlao79UOtVPtUr+q3eo3tUftVfvUfnVAHVSH1GF1RB1Vx9RxdUKdNEoa
pdz/22rsMfYa+4z9xgHjoHHIOGwcMY4ax4zjxgnjpHHKOG2cMc4a54zzxgXjonHJuGxcMa4a14zr
xg3jpnHLuG3cMe4a94z7xgPjofHIeGw8MeKNBOOpGTBDdTldXr+qK+iKupJ+TVfWVXRVXU1X16/r
GrqmrqVr6zq6rq6n39D1dQPdUDfSjfWbuoluqpvp5vot3UK31DF0tKajLR3tdQf9to7VHXUn3Vl3
0e/orrqbjtPddQ/dU7+r39O96Oit++i+up/urz/QA/SHeqAepD/Sg/UQPVQP0x/r4foT/an+TI/Q
n+uRepQercfosfoLPU6P1xP0RD1JT9ZT9FQ9TU/XM/SXeqaerxfor/VCvUgv1t/oJfpbvVR/p5e5
//tVf69X6h/0Kr1ar9E/6rV6nV6vN+iNepPerLforfonvU3/rLfrX/QOvVPv0r/q3fo3vUfv1fv0
fn1AH9SH9GF9RB/Vx/RxfUKf1Kf0aX1Gn9Xn9Hl9QV/Ul/RlfUVf1df0dX1D39S39AP9UD/Sj/UT
Ha8T9FM/+IWepWfrOXqu/krP07f1HX1X39P3rXet96xe1vtWb6uP1dfqZ/W3PrAGWB9aA61B1kf2
+3Zvu4/d1+5n97c/sAfYH9oD7Y/swfYQe6g9zP7YHm5/Yn9qf2aPsCfYE+1J9mR7ij3VnmZPt2fY
X9oz7Vn2bHuOPdf+yp5nz7e/thfai+zF9jf2Evtbe6n9nf2jvdZeZ6+3N9gb7U32Znub/bP9i73D
3mnvsn+1d9u/2XvsvfY++4B90j5tn7XP2xfty/Z1+6Z9275j37Xv2fftB/ZD+5H92H5iJ9hPHXCE
Ix3lGI7p+JzTzhnnrHPOOe9ccC46l5zLzhXnqnPNue7ccG46t5zbzh3nrnPPue88cB46j5zHzhMn
3klwngYgIAIyoAJGwAz4AjrgDwQFrIAdcAKBAAaCAyGBFIHQQMpAWCA8kCqQOhARSBOIDKQNpAuk
D2QIvBTIGMgUyBzIEsgayBbIHpgYmBSYHJgSmBqYFpgemBH4MjAzMCswOzAnMJefPvO9fb7H3k9O
lWRB+c75dFWV/Pte9Tr59/2qsXoTDqpmqjkcZm96VHVRXeAYebwP4LgaqUbCaTVOjYMz7NnPst86
x37rPPutC+y3LqplajlcYg9xxShulBDAd+ClaZmWKGiGmCEiiu+xF/Kd9J0TF3RBXURc4/vtt63B
1kQprVnWjzK19ZP1QBbiu+4t+X77bPL2tyAIIiAz+fwatAKaQB5gDVlnuoQ9CCT+xKEFHHKf0YRA
Kkhnb6H4fnsr4UH7J8LD9vZnZfdTaB34aT0RARloBZA78emRfdBNtw8T/mwfJfzFPk64077qnonh
bo2Yyq0RU7s1cl3xXOvvz2iCKLYJLcItaCfJCeacEM5JkSQngnPScE4k50gIolErSGNXTLr/Lamk
LAlSVpKVQMkqsgoYsqasCaY1yhoFPmu5tRy0dcO6QfVJc6789T/kY5N62P+//ev/jod1feiL+s3/
pM8M1a10G91Ov08eyPWcFclnVmdvVps806fsJxuSj3S9Y6JvbP2CXrH3X/jDP3rD8eQH/+EBn/cu
/695w2fejvziOPLfz3vFcrT6cNceiSsPd91Ri1YeD711x2NadTSiFccUXnNMpRXHI9La+qSpzV29
/N13yo5J/aYT4qRwQp2UTpgT7qRyUjsRThon0knrpHPSOxmcl5yMTiYns5PFyepkc7I7OZycTi4n
959620F/7m8xCC20X8jrLvij38VgDMEUf/C+W+yt9k/sg7f/qRfeT374oH3YPmof/90fYypMzT75
6v/oleP/6JcxAtNg5L/knZP4Zif+f8E71xBShNNWNlLkhDBRS9SDLPzMPadoJlpDHtFWtIXCor1o
D0XE26IjFBWdRS8oJnqLMVBBTBCToZn4TuyElrKrjIM+sofsA/1lP/kBDJEfysHwsRwqP4ER8jM5
Esbw0/Pxcqwka897/CnKUaEwVYWpMJitUqncMEflVQVglYpSFWAte/w97PH38u5tnzHD2AmXzBRm
ChFh3jPviTTmA/OBiDQfmY9EWh/RJdL5hvo+Eel9n/lGicy+Mb5xIodvgm+yyOOb6psnCvgW+JaK
kr5lvs2igm+rb5d4w7fPt0808x30HRbNfUd9x0VLWhvEi9a+p7Q2GKCjdUmxQr+iy4g1/lz+3GKd
P6+/gNjgj/JHiS3+aH+02Oov7i8ufnKfn4lt/rL+suJnf3l/ebHdX8lfSfzir+KvInb4q/uri53+
ev56Ype/gb+B+NXf2N9Y7PY398eI3/zt/e3FgSDa9ouDVksrRhyyWlvtxBGrgxUnTlg9rB7iMvnZ
ieIK+dkfxV3ysw9Egi3tN6W2m9q9ZAtnqnNK9gt8EpggNyS+30K70YX8xKWpaOOlLHsuRUAJ8Hlr
j+y0pilC+bPocHEhrQpmsXRjq73YaoodpcN9yyaPyENak1/kJ3dXTBSjOl8Tr5FzqSaqgSHGiXH8
ls1WaGFGmmnNdGZ6M4P5kpnRzGRmNrOYWc1sZnYzh5nTzGXmNvOYec18Zn6zgFnQjDILmYXFb2KP
2Cv2if3igDgoDonD4og4Ko6J4+KEOClOidPijDgrzonz4oK4KC6Jy+KKoQxD3VP31QP1UD1Sj9UT
Fa8S1NO/k2ZQVwzJdxoM/rVCCr73E0GHgnR0GMRcDuppXnDfSytAh59YLUHrxFJ0WFCaDhsqQEVw
oBodCA3oCIZG0JjWh83oCIVWdKSEdnSEQTeIg3B4D3pBauhHRxqanRIiRbAIgbQ0RyMhvcggMkAG
fjvmJZqvtSAjzdfGkImf6mbmmZpFxIpYyMrvy2QT3UUPyC76iD40p4eKoZBLfCyGQ24xQoyAvDSD
J0A+msHfQX6xVqyDAmKz2AJRYrvYDoX5flMRnnnRvKauynedmvFdp7ee3Qvb6N0Ly0dMpZdRMopW
jNEy2v1tmKxAK8aqsiqtGOvIOrRibCAbgEnrntbgoxXP27RiHGINA7813BoBtjXbmgMh1lfWAgi1
9ln7IZV10DoCEdZx6zStpXvbfSETeY+BkNX1DJCLPMN0yOPacShAdnwfRJH1PgpFyYIfh2iy4afh
ZbLjZ6EY7a3OQ3Gy5RehBNnzy1CSbPpVGiP3/a+Sssmzvmzz+pKf+pIhSV+Ky+JU1u2RkrVoL2Nw
j0zukY/Wd41Bc7/8tHp7B4K4Xxb3K8D9CuV+hVkLrcXUoyXWMkjLfczIfcxsnbcuQnbrsnWd+uX2
ND/3NIp7Gs09LUb+bxbtD+bQLqMM97oi9/o18kv3oBp5pXjambg9qiI7eE9f3V85tuIeFXD7KOrw
vIdnKcD3MqVoJ8o+S5OinshLsbBn5WgG/AkXpWQp4sJlxOAxNpkXH/OimRc/8xJE696mYDE7No+6
wxwFrEZWI0DamfeFYNp9jaSxH21NhHS0B1sGWa0V1o8QTTux61Daumk9gNa0hhgMHWm1MAJ60epg
AQwg3/8djCFffxAm89iv4LH/njz4SVjJGvADa8Aq1oDVrAFrWAN+ZA1YS579Oqwj734T1pOHj4cN
5M99sIPWOBGwj9Y1meAYrWVywzlaldhwjVYXKeAm+fhI2gGQJaQd0jsA7g4Syrt3GaC2+94W1LXf
dyrCDjonvRjPbzmqf4wItGReC7LW1XpuRAr+Y0SgHpR+liahLD89D3tWToKyJlkz6cprra2kbQ9t
V38plffZie3JxC0p6F1d0lUi/xXLSmeGsx0CtkOC7ZBiO2SwHTLZDvnYDmm2Q362Q0Fshyy2Qzbb
IYftELIdCmY7FMJ2KJTtUEq2Q2Fsh8LZDqVmO+T+rng99cCRldVKYuKvnsNIYYlQamVmkVsUEiVE
eVFV1KHWtRQdRBfRg9YuA8QQ8akYTVedJmaLBWKJWCHWiI1im9hF3BwhHi6Ia+KOeETG3ycdGSoj
ZAaZVeYmdqNFbup9TuIiH8vG5P1c2VQUZ9lMlGDZXJRk+ZYoxbKFeIVlS1GaZYwow7IVzTxXthbl
WLYRFVi2F5VYxpJHdWVnUZPlBDO1K41lZgTL5WYaV+Jjv+1KM6XfcaVvpj/AcrUfWa7xB7OM94ew
TPCnYPnUH+pKWr2kZFkmWPB1OohcZAmCyc9LiuUlbEze3l07kD2gXpIOUh+jCN8ShQhbiMKELQWt
I6hvRQlbiWjC1uJlwjaivPvuh3iV8G1RkTCW1guSelWZsIuoQviOqErYVVQnnCBeJ5wkahBONMNA
Un/DCZeb7p2Px34aGOopaTX10yBc7af1BvXR577N5NeECX4/4VN/EEjqG61+/GUgF82qJuRvY8nP
9oaBMBxGwySYCQtgKawiP7Yd9sAR2vlfobntPc8jTYogXc9KulRQRItSpE2VRQ2ykI2p322oF/OI
rQnE0HyWTcUCls3E1yybi4Us3xKLWLYUi1nGiG9YthBLWLYS37JsLZaybONP70rqYwZXUi9fYrna
n5HlGn8mlvH+zCwT/FlYPvVndSX1OBvLMmIKj99UHrlpPHLTeeRm8Mh9yWM2k8dsFo/ibB65OTxy
c3nkvnLHwx/GjIcz46mY8dTMeAQznoYZj2TG0zLj6ZhxAUYw8Fvdim0F8EwXwe5PNNwv+dbgd+pz
QiHyxd6dKJGKdS0160iEe223FpHmWaidq0mu7SV7MpZ1hdF9QiZCyEKBCKc9jWBLJNm+uD4tAoaK
N0QD0Ug0FPVFO6sheZ/GifeFZXfZVw6RY9QE9ZVagk8wHhPwKdnXydYUa6o1zZpuzbC+tGaSrV1n
rbc2WButTdZma4u1Fe+jRIUGmuhDjX7rofXIemw9seKtBOupTWbP/tweaY+yR9tj7LH2F/Y4e7y9
zF5ur7C/t1faP9ir7NX2GvuQfcQ+Zp+wT9ln7HP2BfuSfcW+Zt+wbzna8TtBjuXYjuMEHHSCnTxO
Xiefk98p4BR0opxCTmGniFPUiXZedoo5xZ0STkmnlPOKU9op45R1yjnlnVedCk5FdDCAiKGYEsPw
AT7ER5gW06H7DDI77/qAd3omrRyqkU/rIGPJa8fRjs6RfWhHF+C3n5H3b8G8Kwvhe68p1DfqGwj1
LfIthpS+5b7lEO6777tP6zbaq0Bqd69C65tj1lnI5e5YaDUzhHx3Cdqzfwev0m77IFSnHfdheJ19
dw323TXZd9di312bfXcd9t112XfXY9/9Bvvu+uy7G7DvbmgnkNdu5ISQp27JnroPe+r+GE6e+kPq
50po/CIj+q+N4H9knH4fIYvZBGYziHkMZR7TMo9Zuef5uOfR3PPa3PN6vEZpkLjzM/k//VG4Krj3
dctDhuf1P7kW/8/6mKg7VEMK1hRgTVE8wj4eT+TxDObxDOHxTMHjGcrjmZLHM4zHM5zHMxWPZ2oe
zwgezzQ8npE0bqkhrdd628TnWo+03vRmrDvnWU+B9VSwnkrWU+Wd65jBz50bQauSZ1bg95nOloNn
AWuyyZqsWZP9ibtYcVPcE4+91UAKmUqmlVlkLlXFjDFbm23N9mY3s7vZEzNhFsyGOTAX5sF8WAD/
T3tnAk7V1v/xvbZzDEd2cpB5jsiwjyEqEjIUIUcUUuYIR4cMlVtOUbmkWzJEMqRUpkITksotpQlF
gwZpoiQlpcF/nVWKbvd97/s+//d/n//zvM/vOef81tr77LP3Xmt/1+e31z5rMQh9YiphREwnjImZ
xCzCnJhN2BCehC/hTywjQggWsYJYSUQRMcRaIo6IJzYRiUQykUJsI1KJNCKD2ElkEzlELpFP7CH2
EkXEAaKYKCUOERVEFXGUOE5UEyeJeuIM0UCcIxqJi8Ql4gpxjWghrhNtxE3iNnGPeEH0Ef3EG+Lt
f58q/+8zl/9Lz1zimDBkfn8qnfgA23zTv/RMObwSQRDvnVFPAPNzn5X5+lTNP3xG5ttzNHAbuAnu
+S1m/5JjCxVoJObFwRtsEDK6AW4E17CAeQ74fNwFX4R74L5Qq8Kg6sVy+7R+Ztx+rNEGtzLWjP5o
3F6v0cbtI/upWfxgVtwetDHm8Efj9qaNNngsf2KwPRhj8JjH2qKfGWw/xhg8S2PNE9n3tO8PFgAt
6E8s7Gcm+HmswVZrrEn+YEpj7evxfdlftIX/3pv4k3sTALsL209j2NbbQMp2RuOgjIx+wh0JJRHb
iqXB6CcfK8JKYfxzAjuF/Q4joGasHZ4/EvX1/qvvRv/Wu8O/8/7T+x9f7o6Mgx9p3LgHM+PGArCt
E0fRA7ePAwB1GEfjsLXfAf00kA79DMCdvTsHRl44qAIvuSPAglcwXulHc2AMgLfQHwTvUZv5Afof
wWfoD+PcGUhwnALrHBXnhT4fzh01VRCH8TcuhObzEMZhjI2L4KLQF8PFoT+ROz8HbFeloS+DK0Jf
CYeRG67CnfkDtrHq0NfANaA/BZ8CfU1cE+POaKIFfW2cOxNPFp4F/Ww8G/q78F3Qz+GxRqO4zsF4
eOZS6dxx4qjweKlSVEvuyIZUa4yHakP14o7TTQ2EfhB3VmDYVkdBP5o7YhQ1nhoP/QTqKYw7w3E9
9E/zQ2Xmx2EUifOrCizHgECwACQ9gRCh/RgQOiAEo16hg0L10D8t1AD93yGpAkIOcgYPpMlhFOFB
VR6Pj5/05T/OqGRwzPvrP3O/MwhADAIQg4BR/yAFiEEAYhCAGAQgBgHofx8AMQhADAIQgwDEIAAx
CEAMAhCDfNlDHJEIQCQCEIkARCIAkQhAJAIQiQBEIgCRCEAkAhCJAEQiAJEIQCQCEIkARCIAkQhA
JAIQiQBEIgCRCEAkAhCJAEQiAJEIQCQCEIkARCIAkQhAJAIQiQBEIgCRCEAkAhCJAEQiAJEIQCQC
EIkARCIAkQhAJAIQiQBEIgCRCEAkAhCJAEQiAJEIQCQCEIkARCIAkQhAJAIQiQBEIgCRCEAkAhCJ
AEQiAJEIQCQCEIkARCIAkQhAJAIQiQBEIgCRCEAkAhCJAEQiAJEIQCQCEIkARCIAkQhAJDIyPsi3
0UKkPOGnKMrFpFxIjpQTr4BGgk3CoBDgw3M5UhYwyxQHgCFICvBSpxA8uBQVI714aVN4AQVwDHFA
yWWS80nNUTky+XLrZFB3jjHmgHlj4RgLiqgfFgFf3O6dmaTiqI1RRCcP061zbM13psgGdAmuYekX
Cfm35nLEtEgOJZfk8GzK5cEBjtO8JJu2o932J4W+7SSgwt2JQXvHs4DCS8cXMBl0cgI3wU+nuXqF
LwsMDYhghTKESYKbyUfnc/LzDWGF+jLkSBluDo0uNi/Qh80KZ/lHKFiw2GEstldEIPyGMqnIXc5D
lxq93NdPgRkYEAq3quBoYUbKTRRiMBgkg9Ql9XR1DdxgUo9kfEuScev/I/smRApylwvSKfMcHJ1G
Vuf5k9VJDlAafc64s0dxoNzAfBrOAQDrdT8ZO0HlYQLvff9hm6qJtXhX5TjdPvbMWO2NbfZ5h/ZZ
6Az65TAe6DIsS9vqVTYotmlXbfhlyKCFKdN2ZL6cw2X/4z1Hx+Gf1D1Kija+vaBUeb2Of+VAYliK
T9vLRLlnKRYqvm4tG2O3hswojrzkOjX2aY2wS3FG3+bF2r6/l6kKeMr5iL0yqRNPydyEnyGP1gsu
lR/PbrpxtMhAJCErT5D2eLv7liHn7PrXkkvMk0V2y5puPapGXy+py5F9fXNjq+Jh4/wjfA5tKgd6
kwcqbg69n+aw71l/2SKnN3fMsnQmhPl0dN898CpEkSLM1Ks+7NDwgHnYzM861PBtzbMscbPflmu7
k2dwHnhBFHCALDwjkiQdnkvZSZRxJI2XH1ZqKpWPh4eU5WYSELZFpZ2I1xM0jp7afGZCnElr2sLj
BcxQVICy47kTrlFgq7aOlOemlSkSpPg60YsTnl5orhRfCBoNtfXExY/b7aTJky7cFeQpDuQ80jZ3
Tq51guWyiIiw6To6Puxg7ZCRUtT2YYXohC0P5ObqhLFZvit9IsJ1YCHDigirIayBS0gjLT2Gli6s
gtpwJdJtZJ8BoNiTduTckTSJJ8z8+hNRUVE/+wk/9j/cdsQPlx0Pt+YUuk8NLrHPChR5yErEswKj
zgT7sidvumliGaIpsbp1sg69c1GQ9GlB/aOJn7qPpz7nYzwOerOS0rLvlud03hzhT/uFarPnW7CG
A1KzH1xZ06dSbtC0fnHvrVOsqXNOudFc34Y/yHn9kN9uxkydpuZLvQ5KYYMUeXyvbdaxFI9NxNTU
YD2+Y/tL5udePX1ni5JI7Zl7nDaXvMGOvkIFV2HhXb3FCRHBK7Lq+/pPh3nuux0yz3Bh5ryYWVf1
F7tNKg3okba34i1PUpcvEE4p1NutfP1dlVXs/V6fjK22M6lFOuUSFYv2lJkxt/BThbU0Gqfz2slo
72fMd/Et3tlUnJ6hnpi+dWP3riNQo05Ajcof0SiqZBrSUukfNSrqP6IDiqiiwQtf4vty58AQPy1m
hFdI2HeFIg11DXRJfV3GNK5C6UJ9GkmScRX/FwqlRk76kpQLtQgMW+bHVpjNtFSwZNpPn2ZpaKRl
NFXfXIvUmzabMYlU/nJEMj89IqYfOzLQx++fKlrLxRnM/N2zC1YdnOeygpkYdcBw+y9g5qeDeAFz
//C1Q0oN2NYnK0N7JZ7GEfSGdi/spHxu5AyKEKWBklv00YLJm0ehHBfcloF7G71s1RMZnGKy+mWJ
pWv8DoXdbT762d5WW06W3r+ZM+3t/gWfrjyJemxAf+nxtM5mu4OUBd9Co8S18aLB3Y1XbVdxQi+2
iC3lF92cWuRuOr3RVCE2RGehVOyFRKOaM6enLWvXWiil/EJDmN9NIYlT+OJauuW2+KYzhuvvCWWs
aWg5cj+T2R7NP/BIWZHPO8EtKFDyU9h7pn7c4CSGZMLGX08t2PnpgJ2B2Cf3ZzsaDzIz1JdoFj6Y
NN63ob9cbeWIognAM0IdJV4xyk/yhE4u0Fwmoe7NCbjx+sFUI7cxYqWs/+6mk1UY7cWsD5EfKqaU
nzGoGE86fxErKFUklKpcywSLf0msvizmliIqRFgrkVQtHCVVUKhIm1FSZfzXpOqnW474mYLz/0y9
rE9HxrkzOlgtxpn9q4J/Sac7alInSgsfm51XlfTG5UptuWKlb4iXTHvv056Bbb0W+RKzzwwNvSw5
4rE2PcS2yuKDmlc0v/OaQ+/LMmiVEWcPPNVyPBv7OdY+L/OG2uSjpe33DqWsV9py+XXMRy/RkLqe
pg3l9wqq3alHu50HvGWD1fb62A49zBuqvhef5hfILD+yIsNX1b+24ZWHd81vb0yybc0xoStGVFFV
tzsaVNu1QZlG7R3hmfmXkxxVcvb0DJgmRjc5Zy6e5L/HjHdy2ZyzlU6pz+/i630/z2sdts3/qL7u
dq/pQeMXepsu1Cktveoxg1JOq8wIMd433WHnNSA+wTvRLBLSFbUGqteeEfXSU5VC6sX4Ub2WIFmg
CWxT3by9X9MXSIrzwLJgSJITx2QKfCsqhhY55ct1rPL9OnZisaBIwLIL9A/08YrwUzBbGbGMxQ6M
iEEqRZJGegxdKEp6ulCldL8mdbnJvxPx/pnUHGYv8pAkfetkdy5VUDDPjGQGz5S+wWq6+Kp7+ed0
ceH796ZHrJc6qpOr+3z47mlze+XrbOy2gStt84VShTlv+pYVz7NNLqyNsV2RZc1369Oke7tWbrpy
IHz22ra4269r+6fuafSwvFNWYnJ/8rJ0qX2F7HCXVxNTuz4ZpLJzb0QukYuyXB9vJH413J16IsAp
ufBwoM4tScHP2yLUOyN1nDtEyUXvmpO9P11sXGLFcDyuRu+aRV5hqwtPVjpnaG+Sq2uy9VKeEW+8
h70LZ7IGVfeobZuDz5NmLe9XliZPivmxt1Z5Odfck1SZT1cdmNtvdcXQ2CinMsqjcGJO8sUJKS7G
9cUCS3haRqTGE54RN3I899Kjc0GISvLAj1Ha81MOEkTgxKUmkECK8Ap8jSLEAIWKNgybg295OHcr
n64x7FtUE3c8yFg6o4jB2mtc065FSn5bSRSnjJOjYUxsJYw8LDCzMeJGFHOWznJRS380if5R4wGN
uWNR1x7S8Yu4zSGtSctci1yzBNO/Lm7fFrNh1eaqEhI251HCZkNakbNHCZvRvyJs3AvG4stW/0hf
OMAWTZu5VtWqrIc165BuVVAPoRNaNGewZ8nKF3YztNosSgQ/X3ymxShQblrjmLFOcXGxiY7difwi
l+yHYdXHKt/FVM1hD87sNlt74cG4iYEXC7MVtIYEHc+6XNJ6OLe5JuxJkVA+T6HL/WOJtq79O8yz
X71+2fswQV7f+JjLzj6mcrzGHo7M9s5UPtn+Tvt3SXkXntILf7M/L92cwt6hsSIkS+qdTB/zRkCT
0rCH7KX8pFq1wzE+LrPz5196/6xgoUtHFm45W2fJm1ulrRzd0I97dtC7egKf7M/XPHl+ijDhtyXz
9kD+kIiqgJ9R6qtV8nOrrz1weXo1Ok3Co9FAfEnHdtk5W7ROlujPlukVFpPCFncYuCtezjgn0BtP
JDmEEHR7kzXqNtnsa6+DL9Q/Dytw3eYam5qcK23D4zZ4pSCAFlE49YWWzsTzj9mGIm9Yh4wDOO+d
DifrifvJEYkdwnd937AuW7W2THwWc5ZS2fJB8558Yk4x7QNdbVZJ1/sH+9daVfMttfZbOsu+3Py5
/YuKyJh2mr5AiMw6hnwn4dzxKO/DI2vhEt+MYUdx7TV1VMVVnTvM1ALPbE/Z0ZjcnqVYKuSR3Zdf
mrBs/bggrerI5ZhsWkm/+Oq34utVjm+6ElRkzdDZeefhCpM27Bdv62uXNzUekxgi2Mn1BSZl+Kyg
4cCstE7hIuFKQ0f+G2dMSA4vH9TvlyP6Lb5MH+m3zN+h36QhqU9CxTbQI7mUCSGTm9Qjucm/D3//
mXrvzgs+dO+2zTaNNcu1JR/Udj5syJyv7FhyuUPCXmV877V91+xKIkiFCT181513iM1JlTbfVprh
QarewpY/XV37fDPf+EGCAkPZJvmLeiobd/W/CZDR/Lj6ySbZ7if2BXn1yswLyUOWVwSuepZdLTen
5L/fG7w9oG3yHStmecLVR5OttNWKExwWOI3r4tH8ELR1Kxm68fUictfQLzfSK54qpv/yrpn+mv8o
M8Sp0nLrbhtsrrX/BDV1/6L0rhbeuLn57zfsm2AtKsDZveHFgujPYKesI388JkxavTh6V9mq+qyW
8+4yuWgzRlRT1r0Z67fneeFVskKHPg5mHQaXlWydh99Tz5xWEBxR74PwjOz7R+r9UzAco97Co9Wb
Ow81GZfxRXzjtpJxyT+X3zyfPV7/8erJEY4pEc+bm1tYYhe+8A0fXdvv/43q/yWUhedaOD3xjAfP
7KkdzypLom5fjpk/DxzSjljhHjKOfvDyydUpx7RbRfKTQryPueIX7RXojpkdq2Z1ulaXLdwp80AW
JBRXR/f/evX5DNDbeTKFRj2fbNPZxxTrcDi4retJctD1dfWPU/t5deJ5nv2moaIU9uHtx67oTG2h
Qb7OsBoJ+11bltPYO47lTcsO0GqYT3R7e5iKZ/yqYNrJJ6X7vokxN5JhMoUteL47zGQ4nka/d5rm
taWv7djEHvtf1zYYTPEsqOupiRU0X93KZCv2kheqo/083MFEmijRfEs0Y8D4uP/CCi2dJ+/jE5rm
uzzdFZYaXDzNrvVtTN0BiVXe6i/zs9T1eaOkvBtN5ELkOX2C5zSrr1hUPHr/PLbq4Z6iCINj9g0r
lEVUIwWNnZJWuFlZiNZUVJTPCzi/23x4XYziuhwx0v+puYin1PkcJcWrFs+mPKt+Y9Ok2dquu85O
VcNGZYlbt8vLvXczd12YzqqNU4vgndAbqViXxalXcz5yKMhkc16kV2VoHn1v3QHrPhHWp0Td4MOf
780/n6Tc6F+7S3ajiC9uolW2KOVYl+KjqvILPpXRztRWM23H4tTywuiDFblpK6VubttIX6mko1vE
H5rrnjSpLvflhguKN3rkHBp39s65Pwj8WJsFY88Hnn8c2r0v/TJDfZhocPdonyed1z6kk2OqvUB8
eSO94BODQ0knOZTtOABk3Ma/kZfH3Kj9fps3N+4sl9K+VlsBHsa40feQ4e9+TwkyCHL0UjEuA458
kcKAWgRaB7Vc5tLezmqOb2iYkCPjnpFVQ/qO+so4hgvpnKuxbjI2DwvEfDA2xkK3of2xCEwBc8Zi
sDCYCoD5XtBbhsXkqa5T+dNrNCImjBXA9gpbFqPwQ1tC4QCMPthlqelzpKKyktrhrTR0e52A4JIo
evpqa6/S4LV8G3gvhd/WGXoYev9l/JHje1/ONjohsYk28GH/kuTXzpeilmVNNtITOZh94IXQW/lH
m31pzyXXlc9qnmyid1jideel7QmlJbMP7u8MNThMrxUqTj/e7BqluG2XqebRk6cbsQG5QzU3b/fW
61N8zJL8z/XJ138w39BV5uE0/tkpt7PX4n/L65Q7b5TZe53s2OocHVBRhi94PPPg5/Ahs0x3Vo8P
sSq0mz4oJrZwYF5Yy3ypbvGizw2zOJlCK18+XXE3TWJI7OI7/NWvCUl7XY/Y7Rzw9zT1PIVr9fa5
5vrod6VcNwwNG2xtsNswNY+Dy5IcfFTh8jI4OA1m8aLKGP+3Nf5j7sfxfa2KuYtJidH1UPB7hweA
v/htCZUxnnurjDRgGMKYdKoehJgfq+EgQ1avcGOqwin5/frP+FxDXhjWXflBm7kVxLLqjv/N9y8i
22Wl/YPMl9vVn1MgGts33F3+bh/Pvu5zpprHT1fTty2+c6fsovTMgnQD2+dbk6MX3zB42NOmVlOr
4Ubej6cd+PzB/1hZ9Cv+hbmbzBISlXRPMKsEz1eUNqect61RDsvpKOCxKb8uZ7FG4fEtsbQTc/g7
Yvw1pJmPu+YGhG/MuLy3zntpxa2ZjwTulH6OyOYRKtq+OpL6zrar9O3Ngftpwyu7X6dV5taqLAEP
Sy+suhJzqez3jGGVxEvK+zHSlsx43hhRZ2nV7CrF5zJFusfJJPZXwWkF4YUOc/Ynhrabx8eSWh+3
WTwPIrwlTwwkLVBtvDmNfbtXj7F1PJ+vZ1v4RQz7H0Be79YNCmVuZHN0cmVhbQ0KZW5kb2JqDQoz
MDkgMCBvYmoNClsgMFsgNTA3XSAgM1sgMjI2IDU3OV0gIDE4WyA1MzNdICAyOFsgNDg4XSAgMzhb
IDQ1OSA2MzFdICA0N1sgMjUyXSAgNjBbIDUyMF0gIDYyWyA0MjBdICA2OFsgODU1IDY0Nl0gIDc1
WyA2NjJdICA4N1sgNTE3XSAgODlbIDY3MyA1NDNdICA5NFsgNDU5XSAgMTAwWyA0ODddICAxMDRb
IDY0Ml0gIDExNVsgNTY3IDg5MF0gIDI1OFsgNDc5XSAgMjcxWyA1MjUgNDIzXSAgMjgyWyA1MjVd
ICAyODZbIDQ5OF0gIDI5NlsgMzA1XSAgMzM2WyA0NzFdICAzNDZbIDUyNV0gIDM0OVsgMjMwXSAg
MzYxWyAyMzldICAzNjRbIDQ1NV0gIDM2N1sgMjMwXSAgMzczWyA3OTkgNTI1XSAgMzgxWyA1Mjdd
ICAzOTNbIDUyNV0gIDM5NlsgMzQ5XSAgNDAwWyAzOTFdICA0MTBbIDMzNV0gIDQzN1sgNTI1XSAg
NDQ4WyA0NTIgNzE1XSAgNDU0WyA0MzMgNDUzXSAgNDYwWyAzOTVdICA4NDVbIDQ2M10gIDg1M1sg
MjUwXSAgODU1WyAyNjggMjUyXSAgODU5WyAyNTBdICA4NjJbIDQxOCA0MThdICA4NzZbIDM4Nl0g
IDg4MlsgMzA2XSAgODg0WyA0OThdICA4OTRbIDMwMyAzMDNdICA5MjNbIDg5NF0gIDk1MVsgNDk4
XSAgMTAwNFsgNTA3IDUwNyA1MDcgNTA3XSAgMTAwOVsgNTA3IDUwN10gIDEwMTJbIDUwN10gXSAN
CmVuZG9iag0KMzEwIDAgb2JqDQpbIDIyNiAwIDAgNDk4IDAgMCAwIDAgMzAzIDMwMyAwIDAgMjUw
IDMwNiAyNTIgMzg2IDUwNyA1MDcgNTA3IDUwNyAwIDUwNyA1MDcgMCA1MDcgMCAyNjggMCAwIDAg
MCA0NjMgODk0IDU3OSAwIDUzMyAwIDQ4OCA0NTkgNjMxIDAgMjUyIDAgNTIwIDQyMCA4NTUgNjQ2
IDY2MiA1MTcgNjczIDU0MyA0NTkgNDg3IDY0MiA1NjcgODkwIDAgMCAwIDAgMCAwIDAgMCAwIDQ3
OSA1MjUgNDIzIDUyNSA0OTggMzA1IDQ3MSA1MjUgMjMwIDIzOSA0NTUgMjMwIDc5OSA1MjUgNTI3
IDUyNSAwIDM0OSAzOTEgMzM1IDUyNSA0NTIgNzE1IDQzMyA0NTMgMzk1XSANCmVuZG9iag0KMzEx
IDAgb2JqDQo8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDIzND4+DQpzdHJlYW0NCnicXZBN
asQwDIX3PoWW08XgxF20i2BopxSy6A9NewDHVlJDYxvFWeT2lT3DFCqw4aH3iSfJU//UB59BvlO0
A2aYfHCEa9zIIow4+yDaBpy3+aLqbxeThGR42NeMSx+mKLoO5Ac310w7HB5cHPFGyDdySD7McPg6
DayHLaUfXDBkaITW4HDiQS8mvZoFQVbs2Dvu+7wfmflzfO4JQVXdnsPY6HBNxiKZMKPoGi4N3TOX
Fhjcv746U+Nkvw0V9/0du1WjlC7qsa2qva3sxVWmlGWvEe1GxOnqRWqsEsgHvB4txVSo8n4BilBx
3w0KZW5kc3RyZWFtDQplbmRvYmoNCjMxMiAwIG9iag0KPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0xl
bmd0aCA0MDQ4NS9MZW5ndGgxIDE3NjMwOD4+DQpzdHJlYW0NCnic7J0JYBRFvv9/Vd1zH5kJuRMy
PRkySgYI5IAQYjI5ASNyJGCiBBIgEpAjEEBUkLiKYDxQn7KArnisiieTQxyCLqywriKXinisQgS8
F0GfB3Kk3696ApK3yZKRnZe/f+pT1Lfu7l9XV9dUJZkGCACEo4hQnVc0fKgQpQsDujoNMxcNzcsv
uOOXu4cD2fUoAH1t6KiRRTeNe24tkLenADwfNbRobM7+nPLRQBfXAkSvuryouGBmwjQ1to/Ao8Ze
UVw0rHeI+TaA+BYAU9nIosQkS9Li1QDkOJaXj8q9ovj0TZm5ePwqTA8clzeiZNT9038ESHYDWB+Y
PLOi+pmBlx8FsnQRtnlt8oJ50mMx738DZHU1gLr42uqpM3fcULoGyDKsr541taKmGiJAh8crweNZ
ps644dq96odnAVm7DUD3cNWUmQu/PvX2doC8vUDc66oqK6bsn1N8DI+9iJ2/CjOCk00pmG7CdK+q
mfMW5kRSLKN4PMfyGbMnV6x58+FfgDxTDhDVNLNiYXXwLKMJ63+A9aVZFTMrC290LASyLQRA36t6
ds08OQFWoj1prLx6bmV1/L4Rm4Hc7QEw/AVY36si17g/nhU/MSjjR220FhiPH7okgYVvPv/mphPr
T0+1gNaISZ1Sn4GhJrP1Ssi1wIn1J260wNmSNsTrWI6pFGKBKhkULJAI47DkeTwvQxCWk3tBBVrV
GlUyHiDaFwpvw7U0WKuiBrVIGWILJMhbYGGuYgFSPCJXAjfYpTjVu62jSbImkzS4gciyjEd3qjax
KwVR3WYSHQxnQg99HybA7wT1s7AqUMcWa6Dgt7Sjz8LS/7Qt3QHdCTO724auINbIp7rbBg6Hw+Fw
OJz/K8g6ubm7begqqujfj60cDofTnRCQm7XoLcDnTQ6Hw+FwOBwOh8PhcDic3z+mUg0h8Jy66y3m
d5ztaJfy43h+t/D/2BzOWcj5q/yGqpzzQAjvTQ6Hw+FwOBcHAgiEoRIEQnENFKH6p2ELHNfKoAWt
3Ao60MmnQQ96VAMYUI1gRDWBCdWsaBCYUS0QhGpFPQXBYEXtAcGoIdADNRT1JIRBCGo4hKJGoJ6A
SAjHeBREYjwaolBjFO0J0aixECP/AjZFJeiJagcbahxIqA7U49AL7KjxEIfqRP0ZLgEH6qXQC7U3
OFETFHXBJfJP0AcuRe2raD9IQE0EF2p/6Is6APVHSIJ+qMmQiJoC/eUfIFXRgTAAdRAko6ZBivzf
MFjRdEhFHaJoBgxEvQwGoWZCGmoWDJa/Bzeko2bDENQcyEDNRf0O8uAy1HzIRC2ALPkYDAU36jDI
Rh0OOaiXK1oIuahXQB7qCCiQj8KVio6EoaijYBjqaBgufwtjFC2Cy1GLoVA+AmNhBOo4Ra+CK1FL
YKT8TyiFUahXox6Ba2A0xsdDEWoZFKNOUHQijJW/gXIYh1oBV6FOQv0aJkMp6hS4GrUSrkG9FsbL
X8FURaugDHUaTJC/hOlQjvHrFJ0BFagzYRLmz4LJqLMVrYYp8hcwBypR58JU1BpF50GV/Dlu66eh
LoDpqNejfgYL4TrUG2Am6o0wC/UmRRfBbNTFUI16M8yRD8MSRWuhBvUWmIf6B5gvH4JbYQHqbYou
hevlg3A7LERdBjegLocbUe+Am+RPoQ4Wod4JizHnLtRP4W64GfUeWIK6Am5BvRe1Be6DP6DeD7ei
/hfcJh+ABxR9EJairoRlqH+E5Vi6CvUArIY7UNdAnbwfHoI7UR+Gu1D/pOgjcA/qWliB+ijci/oY
6ifwONyH+gTcj/pn+C/UJ+EB+WN4Ch6U/wFPw0rUdfBH1GcUfRZWoT4Hq1Gfh4dQX1D0RXgYdT38
CdUDj6DWo34EDbAWtREeRW2Cx+UP4SV4Qv4ANij6MvwZ1QtPom6Ep1CbFd0E61BfgWfk9+FVeBb1
L4puhudQt8DzqH+FF1BfgxdRt8J6eR9sAw/q36Befg9eV/Tv0ID6BjTKe+FNaELdDi+hvgUbUHfA
y6g7wYu6Czai7lZ0DzSjvg2voL4Dr8rvwruo78Be+Avqe7AZdR9skd+G9xX9AF5D/RC2on4E21D/
oejH8DfUT+B11P3wd3kPHFC0Bd6Ud8OnsB31ILyFekjRw7AD9TPYifo57EL9AvbIu+BLRb+Ct1G/
hnfknfANvIv6T0WPwF7Ub2GfvAOOwvuoxxT9Dj5A/R4+RP1v+Aj1B0V/hI/lt+An+AT1Z9iPehx1
O/wCB1BPQAvqSfgU9ZSip+GQ/Ca0wmFUGT5D5XN64Of0737nc/o3XZ7Tv+pkTv/qX+b0LzuZ07/4
lzn98y7M6YfPzulz283phzqZ0w8pc/qhf5nTDypz+sFz5vSDypx+UJnTD54zp3/6L3N6izKntyhz
esvvcE7/sJvm9L18Tudz+u9uTv+9r9N/v3N6Z+t0PqfzOb3jOf2N/w/mdMAZF0zjDWFaEICKXf9R
jrbj7Pa/j/bjeH634L/55lwAtOtVNYGz4qKDGMK62wQOh8PhcDicQGOM0LFffPuxF9J1nN1+HRrI
vRVf8XIuAD/2Vp38GIHzG6DGiO42gcPhcDgcDifQmKL0uK0RVF1vYeg4+0L3Vl23gO+tOBeA0PWq
fG/1n4OaorrbBA6Hw+FwOJxAExRrwI2Q6sL3Vu3XoX4cz+8WfMXLuQD82FvpA2fFRQcNiu1uEzgc
DofD4XACjUUysr2VH99hMnWc3f5PBf3fW3Xdgk7+KJHD6Qp8b9UtUIvU3SZwOBwOh8PhBBprnAk3
Qv/xvVUg/xcHvrfiXAB+/LlqJ7+i5fwGqDWuu03gcDgcDofDCTQ9nGbcW6n9+A5TUMfZ7deh/u+t
um4BX/FyLgA/9lbGwFlx0UF7OLvbBA6Hw+FwOJxAE5pgwY2QP3sra8fZ7Xc8/r9voust+IqXcwH4
sbfq5Fe0nN+AEJrQ3SZwOBwOh8PhBJqI/sG4rdH68Xd2PTrONrdL+f++ia634CtezgXgx1cBO/kV
Lec3IET0724TOBwOh8PhcAJN9MAQ9t/C+/Gt/fCOs9uvQ/3/TlTXW/AVL+cC8OPPVTv5FS3nNyBE
D+xuEzgcDofD4XACTc/0MNxb6S58b2Vpl/L/DWtdb2E5bw0Op1P82Ft18itazm9A7Jne3SZwOBwO
h8PhBBrJHQE6MPjxfojojrPb/4zf//dNdL1FsN/H5nDO4sdXAUMCZ8VFhyi5u9sEDofD4XA4nEBj
z4lkeys/3g/Ryd6q/Y7H/71V1y3geyvOBeDH3io0cFZcdIj2nO42gcPhcDgcDifQxF8eA3ow+PF+
CFvH2e3Xof6/y6/rFvAVL+cC8OM1KxGBs+KiQxV/eXebwOFwOBwOhxNoEool3AiZ/Xg/hKPj7PZf
wzJ3XOnf0HULOvnCF4fTFfx4zUonv6Ll/AZUCcXdbQKHw+FwOBxOoOk33gEmMFu63iK+4+yodin/
3+XXdQuizl+Fw+kMP16z0jNwVlx0qPuN724TOBwOh8PhcAJN0hQnmMHix3eYenecHdMu5f/bq7tu
Qcz5q3A4neHH3koKmBEXH+qkKd1tAofD4XA4HE6gGTijNwSB1Y+3TfftODu2Xcr/90103YLY81fh
cDrDj9esxAXOiosOzcAZ3W0Ch8PhcDgcTqBJn9cHLNDDj/dDJHacLbVL+f8/A3X9fdfSeWtwOJ3i
x2tWOvnzV85vQJM+r7tN4HA4HA6Hwwk0ubcn4UYozI83og3qOLv9OjTMb0O6/oYKvuLlXAB+vGbF
FTgrLjq0ubd3twkcDofD4XA4gaZwZRqEQrgfb0S7rOPshHapSL8N6fobKhLOX4XD6QxL16v2D5QN
FyG6wpXdbQKHw+FwOBxOoCl6KhPCIdKPN6Lld5zdr13K//dNdN2CfuevwuF0hh+vWUkNnBUXHfqi
p7rbBA6Hw+FwOJxAM96bD1EQZe96i8KOs5PbpTr5D4b/DVKXayafvwqH0xl+fBVwSOCsuOgwjvd2
twkcDofD4XA4gWbKG4UQAzG9ut6iqOPstHYpP/ZqbXTyXxKf90wcjl/48doWd8CMuPgwTXmju03g
cDgcDofD+T9AaPMxQJT0DExhjMwFEUYB+4KKRSmPgxEwBeaq3VIPKU6Wge2g2uXIh3zulKflkZbK
tqO1g6jhbDahFID+7wroRVXXbe/fcfbQdqmxXT/eGZZ1vWq9v8f+j/eqO3dscbY7K/OyjCHpg9MG
paYkJw3on9ivbx9XQu9LL3HG93LE2SVbbM+Y6KjIiPCw0JAewVZLkNlkNOh1Wo1aJQqUQJ98R0G5
5HGWe0SnY9iwviztqMCMinMyyj0SZhW0r+ORypVqUvuabqx57f+q6fbVdJ+tSSxSBmT07SPlOyTP
zjyH5CVXjy7B+N15jlLJc0SJj1Di9ypxE8btdmwg5UdU5UkeUi7lewoWVNXll+fh4eoN+lxHbqW+
bx+o1xswasCYJ9xRXU/CM4kSoeH56fUUtCY0yhPlyMv3RDrymAUeIT6/Yopn1OiS/Lxou720bx8P
yZ3smOQBR44nyKVUgVzlNB51rkejnEaaxq4G7pTq+2ypu8trgUnlLuMUx5SK8SUeoaKUncPqwvPm
ecJvPBzxaxIPHpxbsuzc0mihLj9imsSSdXXLJM+jo0vOLbUzLS3FY2BbGl9QXleAp74LO7GwSMKz
0aWlJR6yFE8psSthV+W7vkpHPsspny55dI4cR1Xd9HK8NVF1Hhhzg70hKsq9UW6BqHyprrjEYfdk
RTtKK/Ji6kOgbswNjZFuKbJ9Sd8+9Rarr2PrzUFtEaPp3Ejl2TIlplRnscIxZ3uWMIscw3FAeKTJ
ElpS4sBrSmNSmQZ1k9OwGlJKsJVnCt6RaR5dbnmdJZ3ls/YeVbzFIdX9CDgCHEf+2T6noi1HHW/5
EViUjZOzQw3Lz8Q9LpcnIYENEU0u3lO0MVNJp/bts8BLHY5qi4QBdh+Mwr6tKE1PxO6329kNvtPr
hkmY8NSOLvGlJZgU3QDuRFeph5azki1nSkLHspLaMyVnm5c7cCQ3KY90qEfrPPsvyBLWI78q3UPC
/k1xpa+8sMhROPrqEim/rrytbwuL26V85Wlny9pinh65JUI0bYvRaEEpxUE5/mxlligxesR4/KdW
BvUUr0aLo1LJIVKBx1I+zKeleru9i4288jHWSgl+bdZmpifd1T49pF26nXnGOgENFp20sPjqujp9
uzIcar4TDm8LcMRDcYldyvXAWHwy4/GfV96SxnxptMeNXZbLKuD482W1JdtVjG6LlyJsdPbtU4AT
XV1dgUMqqCuvq/DKtZMcksVRt5G+Rl+rq84vPzNwvHLzndGegrtKsa+qSDo+FBRy6h1k+eh6N1le
dHXJRguAtLy4pIESmlueU1rfC8tKNko4uSu5lOWyTJaQWAIKCV5kA9Uq9aM3ugFqlVJRyVDSk70E
lDztmTwCk73Ul2c5k0cxT/TluZU8BptjcotLzh09yiNZ2hdgIxQLlzY6I2x7XhF6Qwt6KvRucPW0
bRQuEXo2DLG5vYKjMTg0KSi7ryDhORMVlVBno1+PfjN6ESYKsZhvQV2Cvhb9evSb0e9Bj2sFVFYq
oZ+Nfi36FlYi9BRiGiSbJfsSIRLbRuI1BAnhcBS9jF4AG2oi+pHoJ6JfgX4terVSj+XMRr8E/Wb0
x5QStxDecH8y2h7ecKcSNE6fkaQkK3zJ8WVKsvGqUl84YrQvzBvuq5buqzYgxZfdL8cXXtLHFwbH
J9WyUG9K2pIdJoThRYah4dWohG6DIELABo8KoeBBTwV1W45bCG7s5Uxau1kQgQhUILg4sMlbBNJg
siZl66lMj0Iw2Oi39IivhB5pNFuT1mZfTg/CevSb0Qv0ILpP6aewhLawPkfNQr8W/Wb0u9EfRa+m
LegOoNtP90MQ/QQS0Wehn4h+LfrN6I+i19BPUC30YzY/KcriWegp/RjVQv+Bl/UP1CD6EcY+oh+h
ae82DBqctFGJuBLbIrb4tkh4dFskOCzJS99p+KU3jign3mkcUZuEOMiEZCGuIX6AzStENGRMs3np
oUbJZXs0uz/dCx70bEG5F8+8FyT0o9CXo69Gr8bYPoztg1r096J/FL0HPY4yVAt6iW5HvwP9PuiP
3o1+FHot3dOAp/HS3Q3OHFt2GN1F/w7h2OM76RtKuIO+roRv0b8p4ZsYxmK4nb7eEGuDbAOWA7ax
YGjBMBHLVfSvjb2CbXK2lW7GvrOhJqLPQj8S/UT0K9Cr6WYa1zDFFowH2QTbtYA1G+ArJXwKHteC
e7rN7czFASgxcaZfhjGUtdJaJ3U7V67GJBPnPfdjjInztrswxsR54y0YY+KcsQBjTJxTpmOMifPq
iRhj4hxZjDEUL33k5V6X2AaNvI5I2UH0euyl67GXrsdeuh5Eej1z8IvIbHuoISEBe2yN29U7wVbb
TGpfIbVjSO3jpLaS1N5Mam8htRmkdgKpdZHaGFIbS2rdpHYTScOuqCXupnbJwe4IUrud1L5AamtI
rZPUxpPaXqRWIoPcXmpvGJ6sBPlK0JjNHjoML8vE2SeI2rFH7Tjm7TgnbEbdjV5WUm6sJMX5KkfG
sjCuMSHLl+6XnjQ7exjdig234m3YCgfQi3iDtuIw2ooH2YoHCELNQj8R/Rb0R9HL6NVYOw4NX6Fo
EGoi+iz0E9EvQX8UvVox5yh6CrPbTFyvGJbYZvRIlqJb0cWhs1O7u6clxuKyDBNWxJCgWDIyVo6l
gyCMvTYw2Kq1eolpw8+m4z+bQJeto/fQFdATb8S9beGKhl962rxkVYNzky07lPwRYkUcdWQwOEk8
hmlQo6RTIUbLwhSIoc9hmNQQMw6bBTU4+9iaiZm12mD7Jeaw7asYL8XolzGbbO9LXpE02N7DnOc2
2PbG3GF7M9GrxZxXnF6CQbOkVN0Yk2Z7YbtS9RYsWNNgu5kFG2yLY4barotRCip9BRNqMOUOso1x
Xm0bhsfLi5lkc9fgMTfYsmIm2DJ8tVJZmw22/miCyxdNQGN7xygndcQqBxw7yEuq3H00KzUlmpGa
gZokTR+NXWPT9NREa0K0wVqL1qw1avVarVatFbVUC9oQr9zidrGdaIjawgK1yFRU4hbKlG1a2aRH
tBQuB08PoZAWFuWQQs+WyVA4SfL8VOTwEj2uVlSOHOIJLoTC4hxPmqvQq5HHeAa5Cj2aUdeU1BNy
Tynmeuhy/JQuLvESmWUtjWb7go1AiHXp3dEsvHTp3aWlEBG2ICsiKzjTOrggrwMpb1PXr0S0i/f0
rCwsKvE827PUk8Qics/SQs9/sY3DRvI9OZaft5F8x4LSko1CJvk+fwzLFzLzSksLvWScUg8k8h3W
wxHznVJPix/MrB5I2lhfvTW+evHYHuv1YgHW0+kgXqkXr9Mp9UTC6tXX9MrPq+/VS6kTLkGNUqcm
XDq3zvZ4rBMfr9QJq4XtSp3tYbWsjidTqRITg1ViY5QqJApilCoxJEqpMu7XKoltVe44W+UO5UwC
+bVOjK+OqeVMHVML1nF1lcocl4s0DimdPJ5tusod+ZXoyz13LqiK8NROkqT6yaVtuzFn+aTJVSys
qPSUOirzPJMdeVL9kPEdFI9nxUMcefUwPr+4pH68uzKvYYh7SL6jIq+0ceiolEHtznXH2XOljOrg
YKPYwVLYuYYO6qB4ECseys41iJ1rEDvXUPdQ5VygjPFRJfVayCnFNb4SNlKDHsdrebS9NCfMUp2p
DN4h9oibo5txtbIODLjlMeL22YSeFfXN7pvNivCZYkVmtrNuK4q4eYg9upmsayuyYLbVkQOuefNr
5kNE/rQ8378aBLPmzWcd7lNXTWdgWT5ukvNq5gEUehKKCj1ZuJqt12gwt5xdkif9TJ7BkI9re19m
P8xMZ5mCcLYiy8tgeTpdW8V/vf/z28Jc9hTU0k2NxB1L5kFNqeCJLSymOBUUt21hmnEtxT4eakrx
AmuIi9ScOUab2S4X+NLArvmMnze/LdbWF/PaQl9LbFJzpkvOwjrLdbbH5uEBQdUMkeijVE9DpOiE
CAD5C/RfsrB1mvwlK2ch/RonOm+bB1gHL5Bp8AJshtfIMWy1HjcCTcCWQHnwMCyCB2AZfqxdjTl3
wBh0Ksx/gETKTZAIj+EH22OwE+teBTdDM4SRCPkrWAJLhXex1VIwQRxkwyiYDXeTK+T5MB4OiLfC
ILgCZkE1qZVL5Hvk++U/w5OwUXhDPg0GiILJ6HbK36o+kD+GvtjiQVgNB8j9upfAjWepxZp/grmw
RigTiTxVPoEW2OF6tEGEEbCTbKEuPHolfEEiyCIhF4/yhOyRt2GtGCiDKlgDzSSVDKV21Xh5hLwT
wvAcC/Goq6EBNqDzwqvwETGqjsl/lo9BJPSB4Xg9TbCLbBFaT9/SmoU9psJe6g2DsWQ2/AX+DnuI
g/yVzlYZVUkqt+pGeS+EwAAYi9Y+jS0/Jz/Tm9EtEV4XC+QcMGO/3Md6G/4Gn5IokkhGknG0N51N
HxHmghbPOADdFJiG/b0Kj74fh9EGaqS7hSfE58ST6p6tLbIZ74gTHoI/wV+JCa9UIjXkD2QfOURz
6UT6ED0oPCA+I76jqcCrngAz4W54Dn4mwSSNjCbXkCqyiCwj95HVZCfZQ76k2bSYXkePClXCHOFV
MQddkVgj3qq6XXWn+svWktZtrW+3/iwnybfDaBwPt6D1D8IjeGUbYTd8iO4AHCQqYiBmdBKxk7Hk
JnQ3k7vJ42QdeYY04Vn2kIPkK/xI+pGcpPhJS9U0Ghc/bAnkoHNxhfkAfZjuRreH/pP+IoQLcYJL
SBUyhFJhNlq1TLgX3UvCp2KUuFuUsZ+TVCtVa1XrVM+pXlMdUxs1f8DP+B2nnjidcHp/K7Qub13Z
2tDaJH8KoXgP8dMDN1wZaH0Fuul4v1fiiFsP7xIj9l0USSCZ5ArsmYlkOplDFmJP3kbWkCcV218k
r2AvvU+Oos0mGqPY3I+m0hw6Et0EWknn4GLsftpE99ETgkYwCEFCqJAgDBXKhEphnnCDsFLwCDuE
T4SDwk/CKXSyqBdtYpzoFF3iUHGiOF98RPxC/EI1XvWW6jO1Xj1Tfbvaq/4OVzWZmlGa0ZoyzQrN
Bs1ebTmOzq3wErx87s+ISYtwi5AvvAT30GQxErcwu3A8T4QpwgiKI5WuI8vpYtJEe6kWqofQIeRK
OCY6sa9fp2vpT3SIMIIUkiKYTgf4jqYOEZ/FIEPcCkfEV/DaduGRF6qN5GZ6VG2EBlwjDcZz/k3o
L7qEt+Aj4QDRiI/BP0Q9CSdH6NPCKBwFr4qZqhKwCw/Di8IcshheovkA+pPau3AcX0mexXmhmCSR
44KMy+ArcRQNEg7BrXAd/QCO4HO8HP5IpohT4R5IJovgC3gKn4reqlnqBHUoeZNOE+toD9IEVHwG
r24w6UUEVQjcRsqENeqj9EOYD7tFPewXnkfrd9MXhRHiMdUYUoVPwGK4HebIt8ANqhLxHTIVBDIO
4sUWnN0WCUmiHcMlOKuMxzltAz7dzTgPZAsjMCcCR84VOC7G4gyxBt0qnCdEHEHT8Bm/CmexXdCk
LqZemKoyE5x1AMS3WsfA1fJTsFqeCrPk+6EvzgfL5EV4xHXwGayAdWRp601QjVvJD/HZvkJVQHer
CuS+tI5+SIvoyvb3F3s7nkTA1+hexESmahPUie9DEWTJd8nv4ei+FGfY1TAJF6yH8Sq/xTMME7ZA
cuuVtF4uEKrxeg/AaPlp2Ub0UCXPgJHwCjypUUGFxoX32EPeweu9CSrpGHmeUNk6DfthBfaCG3tr
Ps4/d+BqWJnwVOx3SRoAu9VujUfBlTOckoQtp9wqOAmSuIX9zseD1q7ATxkV6GBxvZr9oKmBgspL
17sN2gy1XpcuZqjTCUk8fPowZJ3+PCu6PkYpdWIpBbXe8JagS1eliRmQhvWEDEolQshber3hFvtj
q3Dle6Xlh7KMEZYjlsN4iMOWbyEra4Tl9Oe48m1U4cKEWDIsGaWlA/r3EKzJVkFITQ79YtCBlCd2
kxmCjuS3bjr1c+sDO3cyWycIjfR6xVYDzN+IH5HHG+PiU1Re+bg7ztk7xaDWYyfh3kmlUhu+1Wm1
gkBBo83QB+lqdVSHKwV3qCkoRbefCGIGJW6TNYVEGuc8HcFMdGWMOJ1hOe0qyzidAVkZzKjTGSjE
Gjx4MPMD+hOXqwczT0hW9N6knX0/GbCzv9BIwo8da/3Kp2w7sgqfyiC00yKEu43aBIMpZyxVtJ6y
/t0IWvknt8FopGO1ZpOVjqVe+dsmFsFL+dZ9KYsZg1mxKsgo6IBQrc5gBq2O6g1qi4WONVhMJlSv
fGIDq2WwgFf+vImVYOR4U1CQEjnVxGpBIi41diqCHb9li2XPni3W4PDBLpdyQS6I9t10t00jGQzq
sWpFBUVFRVWKar3y924Hi1GjUkNtNGLczFRnZKpXVMMsMJmUBsfdNhZzqohR0genBCmiMgpAzAbQ
agnVswtnR1MiykE20XEQjJu7cW4TKCcC5URw5rBA2LX8kPgDmp6VkZWR4buYMt/VnLNai3YvARqk
DaHRWnGB8XbjG9iVxuHG4UFCbzHe1MdcIlwjLjAtNC8zaQ1UpR1sGmgeSQuFPI1bO8KUY9avoquF
lZqV2nXC0xp1MA0ym/uraIhKRbVGk6m/SotRrXFM0BjiJpRqtTq9wWAymc0Wdp/Kg2uDaXAzXQcm
MqBBJWm9ZIA7zKjDh8KQM1aPPYUquY1LDMTQjBdsJgasRb0YBBG81J+aWD0WYcMEY1JQtYVYvHTc
y5KqXFWrEvARXNdoHVIa4YrExwsfsIjTLleG5UhUpOUIpqLOSR4ug4isrAxlSJ9xUZYjR5ap+rmW
Ld62rF8ECwb0x4W1ARfWsbiwfhWM8kkcpfuAyvvS0tJKcUNtxLJLsWwjmOTj9WY9y1UW1yZ57wb7
YHMf+2CTF6ODBpuTBinRl/pibt/BvptSOndOGcwpI2W4gXa5knE2CgsfOIjYrQ4rrsSsq/Bj4Zr+
YZGp+IGu2tQ6bn1riar55Pf3DRv1kHDqRIH41slUseWkxGaBAvlL4QA+XVboSTa7F+mpaIo3pZjy
TKrUkNSYq2ixfkxIUcxUOkVVqZscUh6zxbZX9V6PTyI/6/FZyNHwbyI/69lik21hNpsrKiMsI6ow
qtp2r03Tj/Yy9QtLp6mmQppvKggZHnOVfpxpqukz9RdhJ8gPZgsJFcwGSxBExxg0VtCHxgiGCN+g
zBnLIi+zGxWRzG7f9y8rty/eGnSmAkZ+aGIVgthjdAkrDoq3WPZYicXqtpZba62izW0w0LE2N3to
rcHsYbZiI7eVPc1WtdmMGqGUsSMY2JNhNVssapb2PTrWM48Ii7jL2dms84K17PQ4mWAq2MzOG9xL
Y2EpjYWVbNbs1hzQyBrRpsnSjNQImlhmhSaCzSuaWHY+jfIUaozsyJoo5RGPjE0Z5Zs0FcrmuFwj
jmDk9Dl7nbI5OPwwxCk14zB7Vo/g04reyiZTHGxlhI0He6raEed0pqYED0xOCgvHDwASEpacNDA1
xemIUwtplduWvDd/+t5by1cmNp6Wnp+/4Ml1Ny187PZH7jr5xFoi1I3OpuYTBTR4x/a/vv7Rjm1s
7l2KQ+R1MRNHx373iMQexCISh5gi5uLy+FpxnqjWWbU6rc7Uw6ozgaAlhhi1hqhBr7v0Xi3Rxkk9
SA8aZ1U6yqp0nVXpOms8u69b3JbkgSnH2A+cJNgDLfh5yvr8zMTrtrK7BCLrO1CzflRmYXaTgN3K
sKCgs9OZVpnLrgweui3CZfnp105zZbBOPGwp+2EuftxmZR2x4qfP4MHKpxBY3lxmVp7UsrmkLNma
HDoQey1cw7pKow61Ln08c1rWNRMyc3KGTAiJFZ2PzRmW/vQlQ7PK557eizbPJHtoFa4ADWDbiEup
IrdZp94hQX98pOYbr3qa2VF2BBKP4CdxCrsboSHs3sx8sGragw9Oq3qQ7pr2wAPTMI69LJ8i28XZ
9BpcX8S6g0gq0CgV+7VSpNh4IxsYh8ssn0PiCDyUkGoPFcUasv2++1i7ZlwZrSPvYruIV4HSo/jZ
9g3esGP1KpJowQvGFsSeaifrWoPJtyT+xbY2qujzt1FFn1irqvi1DYHO2nz263mgtZkU/NpG24U2
Wvi5WXtOG0sX2ljgaLPF14b9QbnPXYf7yQA4OssfJyzu3OGeJ/CufwDcFdxxxx133eKuDYir5Y67
/wfdGrFJ3MUdd9xxxx133HHHHXfccccdd9xxx93v2QFAOv0L+L6ZDjBdURYnoFdSLE7BDF/DmW+w
T4AdbXHxnDrsbzBPtMXVYCYJbXENTDpbRwv9lf/insV1UEfS2uIm+ix57ew3rlPFGW1xAirxsbY4
Bc3/8PY14FFd1drrnDPnZMKcBJoiUMrPFGMaKKQhUEojH1KMiAhpmsYxM82X5j+TEJLJ5MxPZoZk
JuYicgPFiFgREbkx0lxEzI0YMVKKFAFrpaRFWhALRf5ESimllCJz373PmTCtrd/3+N3nY5537/fs
vfbaa6+19j7ndJLUdMrgEj1oOmJwU5yMTKrpgsEVSpAFgyfQ9CEZM40xNRk8kb4gmw2eJHxFXsJ+
I98kYS5V2cK5DD5C6eVc4e17OU/g7S9xbub8JOeJhg91rvtQ57oPda77UOemOBndhzrXfahz3Yc6
132oc92HOtd9yPiwOPst3LbLnKtx7cmc3+Z8BLMtQdd5N3hKwjjOR8bJf4rr0fmouPZ7+NgMzu/l
MrrO8XEyE+N4Kpefw/kUzhdxPo3zQsbNcfab4+ZS49rV2FqeJStlwSPsJ3StVEBOqkS9hBqoHtCo
mVy85fO4coOzshTtNVwiAz2PUh0+VspHWzXGa9TErypRV0Lai7ICko+C12Ask63hMqWAxvVVQGYZ
ajctRVsDVf1LtnxUMvtDczKLqskDzubJJhu3rskYbaWHoGE6PGGldGiqoXL0NqCfWaPR5DhdS2Db
P1pVMMRyuF0+SNdjRis9Bg1VXCPrncZtaUBG1vB5c3mPEy3MsiaairY8vi4376nhfnoCpQfyFYbV
Vtj6CM1G7OwY6cE1818zag/3O/Os0/BzFbdV420NKCt4u4vP18zjwPRa0eLmNjHJcmNMpXFdyjW5
+OzLIKXxPjaqjOvQjGjVGeusH7JCHxGzwx0n6+IeroDF5XwO3R8+bjfzyMevQb9msuWYzcM9UsEz
8aOeYCPqOEuH/GTULMvKDLs/Xnf9/8Pa72ivGIq9m++DWCxjufpxK4jN/o92fTYuRmwl+lo0Pl9s
FzD9+lor0OLjK2/gO+ufZULph6JeyaPTYJT6qnTuwZWLl1ZurXcom3U9TLIOEv8shzKetWZlTp9u
LXBWWpc01Ddoza5K6+cb3K4Gd6lW01CfYX20rs6aX1Pt1Jqs+ZVNlW5vZUXGo+6a0jprTZO11Kq5
Sysql5W6l1obqj5ZS6wxWx+ZX1ntqSt1Z9sq3U3otj6UMT3Tmr6kptzd0NRQpU3mUksKhlQVsCLH
Xeqrqa+2PlZVVVNeaZ1mzW8oq6m35taUOxvqSpumWvNKNXdNeU2p9YlST30FVFunPzI7y97gsS4r
bbZ6miqtmhM2VzXUa1atwVpR0+SqQ0dpfYXV5a5BYzl6KlGXNlldle5lNZpWWWEta8awSmsd5qxn
KtDBdLh5q8vdUOEp16yww+eEIXEzoK6pL6/zVMBf1pgRDfV1zdb0msnWymVl0B0nXf9PZ+fiFWz1
7somtkrm1TsTsOFDuj7LV5Reg1m0ymUsBO4azFrR4Kuvayit+LATSvWlV7qtWFEDpkLp0VwezVpR
6WVuhoyzss71YQ9l4Hxs4PuOnbz1yHB2cjYLSciqWlxf4KdwrP8J5Jm+U9iOqJA2SD+Tfi09B/xS
2iVti9NVyk+q2PUprrvyQ3NVfkgb12eaYJpu+rLpi6b/hfIRSJdiJ7A9pt8JnMIO4Yd4HGM7n90t
3PzEZjr0Z0OK3k+f9P9ylog9Bd1FQjSq/1WjJeJzk8RHTGlE816Xd+Haqid07F8U/+hz0duP5i/O
z8w0/rwmexJTUV0RbkBbHh76OkgQV4vfJUncIG4A/574PfCN4kbw74ubwH8gXgF/W7wB/r4EC6QU
KYUk6W5pAfgXpS+DL5ZawFulVhKlsHQN/F3pFvjfpdvgUfabDyZiT4UmzaSBe0zN4AFTADxo+iZ4
p+lb4OtM68C/bfo2+Ho5iwR5hjyTJPkh+WHw2fJnwecoOSQoX1Awr7JYWQKeqzwBXsB+vFmxKV8F
L1QKwe3Kk+BFigbuUTzgXsUH7lf+jURlhfJ18JXKN8BXJXSRkPCjhB+RlNCd8HPwneZHSTTPN4dI
Mi83Y3XmVvNG8O+bL4O/Zb4G/m4iZkm0J/pISvRb8DRqGWZJIsmSbEkHn2yZAT7T8mPwrZafgu+w
PA++17IP/AXL78BftPyeRMtLFjxTWy5a/ob2y5Z3wK9ZroO/Z3kP/IYFnre8b7kJ/gGCJ6mC+hs8
oe1Tfwt+QL0K/o56jUT13aQRJCTdlXQPSUljkwrZL/saMRfpPu553ee6tw0/Y435WFGBGX4zF5ox
yuwwF4OXmstRVpldKL3mZpQBeIP5IYKyzdyGlq+Zvwbebl4B/nXzN8BXmf8dfC18xbx01fCJCG88
AD7V8iDWkmnJ5Ov9K/glyyW+lhdQ7lf3Y0W/xbrYKkahHJ00GmsZkzQG/B62LmM9w2i9MEByqbu0
jKzlze46mlvtrlxKuc7KMjcV15Vq9dj9w0j4Sn6OlUZiZ0XhAxNZDIb3GO4b4ruJvcskxV0LeB9I
HroWsPOgaXHBQiuNMiREvBkMN7iE3hF019JKdz05eVnPS42XAXZDojAvV/JyLS/X87KHly/x8vSy
pcuW0nVe3maloPAymZejeDmBaOjN7aOlaPxCd6wW2F+EgO0ye1ODvcOwepW/HcJaSqG74ZdPYUWj
8U7EfmPsXhpH49mfe+D/552PG/dxbSLWb/pQPRz6P6mejKfgIpyHdTj1QtROHbSONlIXbaM+GqB9
eGd7hU7QGbpE1+iWYBJUYayQLswScoTFQoFQJLiFTmGDsEXoEXqFXcJe4ZBwBJrxhimswOx4G03J
hI2oxzthKWor6fV9Z/S9MKldr2fd1uuHD+v1Ixl6na3nhfDF63q98KRef2mvXj9uJRP71fnHe0hh
f1ruqRApSCCh9Iw+f/kmZg0JFexvziWg3qS3V/TrdWWGXleP4nKmmoya+TW2mlrj6ljNpVqqHalf
1R6tvVh7e2mKfrU0vHTd0q1LB/TxdS16vaxWr+tzuJS5YUJDVsPChuIGrWFVw+aGnbw1ybXRtcO1
z3XMdamRGkc2pjfOacxrrGj0N3bo1rrZ36dgdbGuzV2l103z9Frr02vPRV3OV2zUVTzbBN8aEoa7
uIdq6ISgIG5ZwjyhWHAJbcKLoijOFN1iSFwlrgM2iV1ir3hAvIitkyxZgUWSS/JKB6QjuEeMNRWa
3KaVpi2mbXKWvFk6IB9SrEqt4lK6lRNScoKSMBIj8EmYn1CYUJxQkdCTcMacbd5m3m8+bL6ZOC4x
K3FeYlXiusTrw2YO67UsttRbOizrLZstPZYzaoqao9rUderRJEoalpSZND/JlbQhqSupN+mVpOvJ
5uSsZC25M7k/+VDyseTTw03DJw2fOnwRsj01+jQ9HD1Oc6LHhbejTwvvAx9EnxYFIDF6XBwGDEe/
QCOjTuwPics76REgO9qHcU6yo98BFAE7cS3R8Oh4ugtg2hMwpi9ujJOPKULbTvSa0Hucht++QXcB
qegxcXseAbJ1u7CjuQz0jcAIpnc8MIHrd1IW+nLAFwALgcXQnI/6K6htqAtROzCuCEiClhxDSw60
9EFLH9eSAyxE+2Joy0fNRrORzE4Vo57GqOMY9TRGHceo4xjVh1F9GMVGHMeI4xjBvHAZJ0JsVSMw
D1vZeIycEA3GzZVjWJpDT+C6AHUhZOyASF9inqTPcE8+zWfdSYvZSQPJuwBxqF2gn0NW4j62cf8f
J1mcFi0RZwGLgcejA2JBdAD7YXh0IsZMxBNSF+KcgzjnIM454tjoVvF+KiQZrcfRehytLPK7Efnd
JKH1haErk5AVfVMcF31NTI0eFDuib9IwISP6pvAgMB2Ygd4RwGjACkwC0oAHIJkoTI2+KkyDNjn6
KrLLCa1OaHWKozAffAqd7C8SYS4aCdnVkF0N7QugeQE0L4DlPbDGCRudsNEJPavFpOgmMQX87mif
OAb1WNT3oh4PWKMLsLIycXJ0AYnQ+zJmexknPMtiZOr/lT0Kk2aShtQ3YlI0HK3PY/zTsPEcPHAO
dp6Dnecg+Ty8cA5eOCfeA0wErEAaMBl4IHruH/QOzT4Uh1c/FAfFyKmbyKeb8V4gETHZhFhsovuM
ncLjjJybiJybiDmOw8rjsHKikAlMB2bwPBj4iDePw5vHYflEEePFkdFceCIXXq3lXh2PegLOBSv6
Ph3Ng3eeFj+DtvtpQEyH3GS0T4nm4n4bs3QE/A5rjex/+hNi+lErPhzTUeAfH9dmHleWf73wfi80
9kJjL+zvhddfg1QvPN4LqV54vBfPBLDrfzyvUqDJh/n7oM2HSPRAow82+DD6OKzvwejjsGcTNByH
BpZZPdDgg20+aPDBNh+i14PMx76ipH/Ipo/LpEkfySY26hRGncKoUxjFongK0qcgfQrSLyNif8CI
UxhxClH6A0ad4r47iFEHMeogRh3EqIOY6yBGHsTIgxh5ECMO4hSI7Xu25y2fOC42Jk0fh1kO4rll
eFRBRir0bNRHPUBvdBAn185oCS99eGrbCY/PpRzx0egF8Qs0TVwYHRS/BP5l1OwUWxLtFnNxkj0O
/lW0OWi0WId6GWTqwX00jZLFbLQwDQv5yAsY2YWRL2PkBfEx9D2Oa5yF0HBBtAOVwDLY8imMHBDn
QmIe1zAgfoFrGYCWAWjxQcsAn/8x2KFrWQ0NA2Ix5KqAOnBmSwPQCN4cvYCnzo9ZN2byYSYfZhnE
LKvFBbBvIeovQyvT6AAvAooh8xRQBl4JVAHVgBNttaiXofag9gJ+oBn6FXEJfJHLV7pLLIU/nbhe
Bt+IfL6lsGqY4aFB3UPoXwJ/FwDMp08hn5zcKxfIbHgh5stBeOEC9+Xj4PAf7jTx3tbn3sX+FgCu
nuQzj6ZEY8QFXT/AbFqq98JXFxC70WThsYtFgM27BPVj8Ik+1yD8McjjBQ/juX747eU4WZbjZBnE
yTII764e8uw8SN3xbtxaeTYMGtnQxbU6eAxLsO5urLtb9KGtGXfL4UP28IyEVEzTYvAlPBNWG/fW
XTyf2OpK4EWsCG8asSegZ6PdsK3biDzLsQFxHiR1rYPQ2MXzSrelC5Hvhi2rEfVusQKoRFsVt61E
rEHNIr+UR381PNEtNgEewAv4geboakqDd67AO1eGvKNb0QUrLhhe6jI8NMCzPJfvCd3PTwIs//43
ZHTP+MQS9Jdyq7rEcvAK1JVor0JdDbCcrEFdCywFb0DtAtxAE+AHWH6aDa8O8JkXQ+OSoQjvgsYB
SuB2xXaebtcuIyMHkcUL+d5n+eyIZTY7QdjOwVsbTpS4PBowvLwLsRs0soDFb4aRVyXGOdCF7ONx
Qe7Hov0YRulZN4Cojma28X3O9rVqRLLbyNWuuD2y2tDNsqrLiN4FvFmV8jNCP68asZLhiPbLXOYp
tJQApTy/mTzfp2y9Yj3P9wF+omiAj1swSCMwGjsMYOfPHQ3sRHuZ28k8tnRoTl1TI7Rrxtk0LHY2
QdOgYcegoWEQo5kNg1xSxJhBvkcTjRkH4+wdiDv5BpmdWOuTcXtbQ4QsQ+OeGrLyjoX8BDdOTcyE
8wnxhY5p/KwoZb6POzPqDN3MHpG3Mm9KfAammZ045jgb9fXEPN9geJ9JvGz07vpoL1+1iUfdGXdC
DYvtae57lhfc7zhjdY8Zq4HkCEjOgOQM6sF4h3EW3hkxmo/Qo3QOe0YfyXzgMzIsYchj8dbHbEsc
in7Mn3eiHfPlIFbwkV546Snjahn3Xh12QCPflTw2zNux+Bt314Yhe2IejVke62UziUPrTRi64905
eUpw8pTwO34if1P4P70liPQQ/29PRCPxESiV2De/k/GR6EF8TDQDHxlSD+GZ+GF8EugRysb7zRx8
htGX8LHQV/BRyU4OvPMV4TOcfo53qBG0D58U4QFhGt0tPCg8SKPwPj+DRgtvC2/TPcK7wns0Vnhf
eJ/GCx8IH9AEkf3RlImiLMp0n5ggDqNJoiomUZo4XBxO6eJocTRNFu8R76Ep4r3iOHpAnCjeh8xN
FVMpU0wT02i6OFmcTFniA+IDNEPMEDNopjhThO1itvgoPSzmiAvoc+JCcSHNFxeJefR58QncixeJ
NrGQFosO5P9jYoVYRV8VnYiKQ6wVXfSk2CQ24enTK/qpXFwhrqAqcaW4kqrFDrGDnCQoFUoP+5ab
TtJMItdGYAsJ7hOotwLbwU+j7gN2AXsM7AdeNHCEqNGJ+hhwEjiDMedRXwSuANeBW5ARATOQDIwE
xgJWIA2YijGXUWcBs3mf4L7G+wX3TdRzgRxgEZAH2EhoQtgbi4AyIk83sA3oJcHTj3o3sE8odW1x
Z7tNTS2uPe78qmJ3heui28Vxy+1tNLs3g29rLGpSeV3WpDZecoeAla6t7nmu7UCfe151pnte40tN
BS7FvcC1y71gSOaYuxBt89A2T9dfvbaxy13c2OMudu135/P+F1GfRH1n3lAcL3ZdQQ00ihiXDNnr
wC33ZlxvbrS6u7ldrD7m3oY5duP68FB93X2U45b7BMdF92ngfGOa+0TjVGC2+zRwHuNPN+Y1KRw5
7psxHlt7VXHTBIbGQNMUjhVNs+C3/MYO9wa2hsYdsHML7NvZRI0DTXOYL2I+aLzU5ABK2NoNH0Me
+hms7psx/8UAfy1mPoz5jet65Y4+1xGs/0yc3/a4C3nc9sOGY9Xrh9o/2h/nR/jExYD4Fsf5ui0+
9p8g420ciXUnu9cA68DXsXiAb+DtMYzV48PiFA8eM7MeN9jUa9T9Rvz6Yeu+j8avMQtxYvGaixjN
NWLFsKOpncMKn+ehZkB706omhcGQWcsR387iuwiYinzZYuQ1Ygzden7b9BrtJ9CeEst7Xjt5fRPX
Y1CvQZ0Sa2+sR36EkRsM8Vy7w5FDqcifTI4O+POYu7axE757BuDX1esbNyGn7sRqJd8vRSwGTfNj
4DkRA8uN1w3+BnA2Pvdi+xD7jvVdaqrCtRd1HeBuvOq+3Hijyd9426j1OPTC/4f4uu7sk8vANZb3
8OdC+C2X9XNsdM/ke5LlgWjE+ABishf7wKhde5paeP7znOT7IJazhZiP1ZOYjXo76tjZEJ+zRg6y
fESMXCzneE4Ze1+7wXQAV7DHr7jPa7ex348B1/VrjwnryLtzreeHZxJHXK7E1sVzwazHnV+b2TX0
x67FphQGxHSWJx1r52dCU0tjhyeDrcUzE/Zhn3qyUZ9k62Lnh3sShxh3fsF23F0s/JtT4t+Zmvm3
pYn8O81k/m3mCP495kj+Dea9/LvL+/i3lp/m3xim8e/7MqDlN+JbIu4n0kRpIonSfdJ9JEn3S5PJ
JD0gPUAJ0jRpGrQ/KD1IidJ0aToNk2ZIM8giPSTNIlWKSP9GydLXpX+nu6XV0tM0Rvqm9E26V/qW
9G0aJ31H+g5NlL4rfZes0vek79F90velH9Ak6YfSf9BnpB9JP6Z06VnpWXpA+k/pP2mq9BPpJzRN
+qn0U8qQfib9jB6U/kv6L8qUfi79nKZLv5B+QVnSL6Vf0gzpV9KvaKb0a+nX9JD0nPQczZKel56n
h6UXpBdotnRQepkekQalV2m+9EfpNfqCdFw6TgulP0mn6EvSm9KblCv9RfoLPSadk85RnnRB+hs9
Lr0lvUM2OV2eSk/Kc+QcKpEXyAuoRl4oL6JaebG8mJbJuXIu1ct5ch41yPlyPrnkArmAGmWbbCO3
XCgXUpPskB2kyUVyEXnkYrmYvHKJXEI+uUwuI79cIVdQs1wlOykg18p1tFyul10Ult2yRl+TvbKf
VsgBOUTfkFvkFuqQw3KYVsttchutkdvldnpaXiGvoLXySnklfVNeJa+iTrlD7qBvyWvkNbROXiuv
pW/LnXInrZfXyevoO/J6eT09I+ND35U3yBtog7xR3kjfkzfJm2ijvFneTN+Xt8hbaJPcJXfRD+Ru
uZs2y1vlrfRDuUfuoS3yNnkb/Ye8Xd5OXfIOeQf9SO6Ve6lb7pP76MfyTvlXtFX+tfwcbZefl39D
P5NfkH9LffJB+Xf0C/n38h9ol/yy/DL9Wh6UB2m3/Kr8Kj0n/1H+I+2RX5Nfo+fl4/Jx2iv/Sf4T
/Ub+s/xn2iefkk/RC/Kb8pu0X/6L/Bf6rXxOPkcH5AvyBToo/1X+Kx2S/yb/jX4nvyW/RS/Kb8tv
0+/ld+R36CX5Xfld+oP8nvweHZbfl9+nl+UP5A/oiPx3OUqDiqBIdFSRlQR6TUlULHRCSVKS6M/K
cGU4vaHcpdxFp5S7lbvptPIp5VP0pjJaGU1nlHuUe+kvynhlEp1XUpVUuqykKWn0lpKupNMVZYoy
hd5WpipT6aqSoWTQO0qmkknXlCxlFr2rzFZm000lW/ksfaDMVT5Pf1eKlCJBUoqVYsGklCglgqyU
KWWCgqfGaiFBqVFqBIuyVKkTVMWtNAnJlkRLojDC8jNLv3CXisdf4R7VpJqEsaqiKsK9qlk1C+PU
YeowYbyKf8IENVlNFiaqI9QRglVNUVOE+9SR6khhkjpKHSV8Wh2jjhFS1bHqWOEz6jh1nJCmTlCt
wv3qJDVVmKKmqWnCNDVdTRcy1CnqFOFBdao6VchUM9QMYbqaqc4RstS56jzhc+p8NU+Yr+ar+cLj
aoFaIOSrNtUmPKEWqoVCgepQHcJX1CK1SLCpxWqx8FW1RC0RCtUytUywqxVqheBQq1Sn8KRaq9YK
xWqdWic8pdar9UIJCeJsseXO83Mlnkcry0ioxnN0JZ6JK+vBt6DWgAAQNrAC6DDQSVSVjvoZYBPQ
hTF49q7sAXYAO4EBYC9wAHgJeAV4HXgDOAtcwpjtqK8CN3ifUN3H+4VqPLdX3sYcJmAYMAIYhXY8
x1eNAyYR1VYBdYCbhFo/6hagne6l2bSA8vBmxH56x09t1EHraTPeVftoNx2gI3SCztIVuimYhGRh
jDBJmCksEPJIcux8cpJj4Ml0x94ncXI7VjlOOjY6zoCFHW84Oh1nwbyOQ442x2GwOseLDr/jCFiZ
Y6fD6XgJrNDR7yh2HALLdWxxFDi2guU4uhyLHHhbcWQ71jgWONaBZTrWOuY41oOlOTY5pjo6wcY5
Qo5JjjVgKY4qxxhHHZgZepMd9WCjHPkOk6MQTHUU2G86HGCiY679iiOHRPsNxzz7WccCsMuOKfYT
jkywM46p9iOOLLC96D3gGAfW75hj3+2YQCb7ScciSORBwmY/Bh0mlIvQmodWm/2iowjSq+wn7Wvt
WL9zh/0N+wrnzv+xe6LMf96I+E8a6T/Tk8h/nmY0/2mYe0hAVNrwZqwiXlOJypBHZcijMuRRGfKo
DHlUhjwqe8MAcqnskgHkUvlK1LCyDPlTjvwpR/6UI3/KRwHInXLkTjlytzwDQP6XZwPzgAXAYiAf
KIxrLwYqgFrABXiBENBGVI13ymq8T1bjfbIa75HVZ2iqPd2eAcwEsquT7Qvsi+2j7OPsk+yH7BX2
efZae7690O6ye+3F9hDKNvtKfNbY19k32Dejpdu+DZ9eez/4bvu+6kXVedU2xthPkcH/WKF4TXyX
RPE9xMLEY6HwWCTwWKiIxSOIyGeHInIXIvI4jVGeQFzG8biMVxyKgyYiLtvIatmO6HzG8oHl73S/
JYoYTfn/OJNA80jjsc4g8z+PE84Lc6FWGCgMF64o7CjsLHymiv10ill8R3wH5Lp4nQQ5W84mUclX
8klC7tnJpDyJDJQtP7H8hBTLbcttSviXxggpl+9GP6nCbsKZ44StzmRgJDCWxDByzWkF0gDkrDPL
uJ4NzAVyjOtFBvIMGRtQNATBqZEYMZGIc1GMDOM1OcvAR4Dvj8MutI0CxulgbUhRMTJJH8+RbiDD
kJ8JYKWRecCCIfk7NuHsd9YDOPedAa6D2czHGPOSE/cB5wouJ0YWG20d/wJw/3A+EwfcQ5xd3B9i
WZjEp1YMgZw9elsZm3sHt43bx693fiL0/gFWi3+yrfLtad2sLfQEWrtt65v7W7dpuZ7k1l6toHl3
a7+W27wPvQ607NZKUO7TqpoPtR7S6jR/62He0q+5mw+3HtX8zUdbT2glzScgw+RPY+zu1vNaC/hl
ru2aVoBZzmsLwW9C8jQkC5rPh8m21b8prGjtnuSwyltStFXNl1u7tbXN18JjtPXNh1Fu9DhRbvEE
whNs+5tvhlO1rd7L4SnaxgCFM7XtkJmg9fmqwrO0XSjnaHt4y37/pfB87cWAEl6oHQmoaDmGcoxt
fyAFozYGxoRztZOBCeFZtjOB1HCBdiYwJexAewokLwYywyXaFYytAk8BvxiYFa6zHQvMCbu164H5
YUK5EPbDb2G/diuQ29rvEQMFrfs85oCj9TR4Cda4PrCdrSKu3B7o4xylJ4+3sNVtRPsurOsfSo8t
sCfs8BQF9mO9VYEXw1tQHmk9ZLseOBae4CkLnISeTyi1PYEz4a28ZJIotS283I6xqZ7kQFW4RXME
6mCtM3AxvN1Tj/Y+zR8aVrrbMzLgDpNnbMCP0hxogUwgcD38oiccuBU+4tEgucvWHhRbzy8tCbRD
xso9oI9KC+SG242WqYFV4VWeLJRrPbMDa1HODawPr/fkcJ3x5aLARnhvUWALLxlf4b+KfNvu2xM+
pu3StoZPejqC5rDq6Qwmh0s8z2CWPqxoV/gMz7devq49iMXWcIpuoZYbuIKsY+37PZuCI1tP2K4H
x4YverKCVvhwVfPu8BXbMfj/uqcrmBa+ZTsSnArv9TDu2cG47Ujz7oio3QpmIT9Z7I55dgZnR8ye
gcCsSLJnLyzv9RxAnnfzvdPveSk4NzLSMxDMQe8rwUWt/YjUmYjoeT2Yh7FvBG3h+Z6zwSKsqM+2
inHk6jFtv6cTfBH8uQ/yu8Jjlq5n3HMpWAZ7rgad2FPbg/WI6a2gCNtsQS0y1jOS8xuBFyNWeD43
kma7FQyEz3huN/dHpnpNwXAkyzsMUegGXxGZ7R3BdHpHBTvCqTrX9gQ7kQls7FzvuOAzGKvzSYzb
1gc3tfZ604NdpYe9GcGe1vMsHyJp3plsRd5saNgGq8rA5wV3DPEFwZ04GZivUrEicOQeuHcx4958
zguxohPeYujJ8VZAD49LJEdzBAcii7y1wQ60u7i13uDe8ARvKDgAa7cHD4C3NY8Lr/KuDL7Uesgz
O/hK6yHvysCLnL/OOXaHd42ns3Q3zoT2SJ53XfCNiM27IXg2UuTdDP1l2nZbX8Tp7cZJMoGdYJFk
LlnPZolo2pHgpUgO9vV5nFpHApmRHI8Zlpz2zuSxyDH41fAY7zZPcqTM2+vzl07CLkC2224FtkcC
mpvlA3x+I+zw9ht+vgrLd+uc7UHd/3yfTvDuY/Pa9gRSsOpDwdvhI97DIRPWfhQymxHTq6UrPTb/
yPB876HldWHFe2K5O1wF7ue8hfM77UdDIURKC2SWrtQcoRHInGOhUcicktA2rOhYsCec6jvi29PW
7TvWfK1t29ISdhfwnVze3tbrvRzqbutnZ2zbbo811N3a7zuzfBXiyLntOjt7fReXr23b57uyfH14
vu+6r73tELzX0naYnfxtR3G6qm0nPDngpzF2Y3iP71bz6bbzaJ/Vdtnbj5P/Gtq3IAe2BQfarvnF
5VvDG71H4e3NfjPaDQ77Z4U3Li1pEZHVRwJ9kbO+iy1mzLuxJRmZn9MyEidGGTvHvCNaxmJdexi3
rQ+Nwy7GXOz8DE1CNp5A5uz2nsa9qdfTGUpvPeo9HcpAVp8PzYTnL4eyw+3ea6F5rdu8N0ML4KXc
UHYkDX5bjJzcHsrHqbIQkqnsrhEJ21aFCnlLcWQuJCsiK3wUqkUmnw65Ih0+JeSNdLKTKvKMT/WX
tR7ypYRCYdVbHGpjdyhvOizv9CmRTb4xoZWQLAkOhG/5JgQo0oUZ1yBS/tC61tO+1NAG3OnWhzZj
Ty0MtSErtoW6Iz1aO7ur4h6UGi7xTcHZpfoyPWeRySZtY2QHMvkETqGtWklkJ+ORAcy+GN5Y23w+
stc3K9QbOeApC22LvARv9EdegZ5ZkddxcvZH3sCJgZNQ28Ps9LW0WNvHYr3UbvV3tKS1p/k7W6a2
T/U/05LVnuXf1DK7fba/q2Vu+1x/j+Zvy/bvaMlpz/HvbFnUvsg/0JLXnmfbH7ocTvXvbbG12/wH
Ahfbi7CvN+EJAfdrrKWwpQh8C9vv/mTErt//UkvZ1xyaw7c9sojlT+QG4uuMLGLxBd/bUt9epu1p
0XA+7G8JtDv9r7SEYdXrsKre/was0vxnW0bGzhDb9pYV4VvsjtAewNix4XacqLjbYq4O5FUn+B7k
FTjLq/AeyHSG2/X88R7lnN8ffRdxt9riXdmSHF4V44E9bfu8/Sz3vMUtz7DTgHFtO3gq9Gxqvea/
1NLVHvZYGde2tnSFZ3kXt/TE8hNjh7jmbulsX+E1eW+2d2hbfHsiTv/V5RPaO/1pwR3tz/hvtOxA
DmzHCTPSfxtPPn2+rbgPprLYtW9isWvvYrtDX0XkrPdyc//X1rKdy72n746T4dRmU8tO5MwtrHSj
b0KwJ3JW2xjqj1zyzUEsLmkL8QSV6puPTLiK82dWRPThaTByA3snxHI+tJuX+yCTGzoUue2bHzrU
ZmLyKAtQDvOsCB0uHQH5bETnWOgoK7H7xvgcAWobYbsSOtF6k+US2vlcrGwbpfVpF3F6lPhahsoq
bWHbOL3Udnk62yYh809Hunx1ofNt6bzM4OVMvl+c3H7nf5P3NVBRpVeC33sU9cOfZUGQRiRFiTSh
aZqwUAEkyKFejLyqIsSFqoIY2ibEEGIIbZC/BaQLMK5rXGKI6Rinl7EdY3qMcRjiEsYY2nZYwvEY
QtuuS4xB27AcYzzEYRgPMbD33vde8aoa205mJmfPmfOde79b993vfve73/3u971HFU+KNOiRQY97
2ub33WxqblvE/IyR2dTRzrwFTd0NxYA7mhJfimu41a71biVsQdxpbTro1r/igsi04kjBP60N99rD
vA6wpNS7vam3YWdVXtNRWNGwptpNLy02HW/q9Xoa7jb1vrQInrzeGe/Wt8eAP8Ebr7Q2lbbHg4a5
9sTOXU3bYKW3Np4CO1txvjoXEHsrG47/lze81ZiHvdVNvSDjaqzEmQU7K8CSSei9VjqVgbYU2Z76
phPt6TBSOJ16G5tOu45C78B/6UBTcbvV2+ZaaGt7RWjqdp1+xbW3CnbJxKaz7Xle796I9kLvgabB
9m3ew03a9vRXjjQNtxeD90baS719gCu8xxoq2ndCljjavmvfPGRIb+fdptE2r7ef9ohF15WW+S7W
HAGn90XIEhOwrqP2tnpPNce2THRpYadr7QrDE3iX6Ut4R9DfWAlX+/E83xWDdFc80Yl7q5DGHbMr
xbUAMrXIfyWqYQToasxsXekNN1oWuxjSwCd67yW8B2k242l/r9DW1mWFtcO81Y1G6Gt+7xTag2uk
K6/pNNhQ2JyE/OZUH38b8YuJLkXaW9t4uGX8JQveL3i37jWD/GxzBshUND6APWsexwL7FNBdO4mG
DIwaGgab73snmrOB3tWc7zrYtZv4u5DftYfoZpLZ2iy0HejqaBbbz3aebRbaB4keBlpsH+nqbi5p
HwWcBHv0PO2nI7DLtHUdbJiEPfcm0XlEXyS6l+javVHtV2BPn4HceFJNN14HHyY1uzCSG/vB5qPN
O9q1XceJ3kb0CZCfhBxbtbem67TrYPtkV2JzDdBnkd812FzXpO06/R56mORHmiPab8C8Z7gmu0Yh
/m90XWnY5brSNamibxB9C2mvBWzO7boLUZrujSa6FGnMyQrddQ/PJ3CGtLSHvTIF+1obnAEa2sO6
5hrH8U4QzjC3One5Bptf61qAdXSr6zGcB26i/N5OmCN/ms4Jezs7j0OcXMQzz95O2tEudvPN/N7O
bj3SXVeIjnAtNGnhVJPRfrc7qrm1/V7nrubO9jnIirfaF16Zad7f/rjT2tPY09bjbWnbZ+wsbGnc
Z+wpgJXlhWiEjAQxg3eRc5ixOyuarsBqEiXcEtJxofuNFmPHpe5zLdGte7rPt8R1jHVfaLF0XO2+
JN0jtyS3FneP4Z1m91W8i+y+1pLWcQ1OBdIdLt3byne1qjtW+V6V7lJbMjum/O9VpbvRltyO6e6p
loKOme7plq0d97tnWhwdD7vvt2zveNT9sMXT8QhakZ6Wyo6lzpiW6n2a7kfYb/cS9ZuO/fZo5Ltp
vHdOx3vnnhC0pMdIlqSvWNITLY1CypB4p9wTh/fIPXHSuPDOHTTT/TXmJWwLcT6KO0iPBXeQnmTk
9KThGuyJbqndW9OTKWs7TnbW7wvpyW3x7ov2tklPJ6QnBi0HmkZ6tjaUwjlnqOXwvrgeh/wsgu76
W/r2WXq2txzbl9zjkZ85kN/kpwp0/94ysG9rT6381EJ6PiDR0vMKaNW1raV/X5r3YsupfZldJ1pq
9+X2VLac2VfQU43/rYJ+dchUvzrk6VeHGn2h3sOC6ZeGcfRLwwT6pWGivlHfxl7Q79P/N2alXxHa
6FeEJaEfCU1npaH3Qu+zHfTLxxfpd46fgz4yWCL7OGNMYJ9lsayKvcIy6T1OpayXfYOVsX7218zN
TkEpZ2fYOVbBfsyG2YtslL3DXmLT7DfsZfZ/2X3WxBbYMmvneC6FfY07yB1i57ij3Dvs77lfcXfZ
P2lqNV9mf9Cc1HyPLWsuaN7kgjRXNG9zBs2s5rfcWs1CcBD3oeDE4E3cRu1B7QVuk3ZE+ybn0b6l
fYur0I5pf8F9Rvu/dVru8zqDbh33Ld0GXTx3Upeg28edMuwz7OeDDf/VcIQPN3zbcIxfZ/grwxl+
veGHhnH+OcPbhin+k4ZfGRb4Txn+EBLFfxH/0sR3hUaEruG7Q02h6/j9ob8OneUPhdWHvcYfDfvn
cJ7/x/D14ev5t8M3hG/kr4WnhKfwvwx/Pvx5ert1KaulJ6Xx+Hst21GA4wAnAE6zWNtx2wnbadtZ
26Bt2DYC1Kjtim3SdsN2y3bXds82B/WC7bHAC3ohQogSYgWzkIS//aO5ZXqb3sZ4vagX6TeSJj6V
T2WMz+azGcfn8rmM57fwW1gQX8jbmIa+z6XlnbyT6fgyvozpeTdfwQz8i/yLLJyv4j/HIuj7XEb+
y/yX2Vp+L78XdDbxrSySvs+1DvydyGK0v9D+Ap/3sxvsFo3MhL+ItFWzKlu1rdZWb2u0tdm8tgO2
w7Y+2zFbv+2U7YxtwDZku2i7bBu3Tdiu227a7thmoX5gm7ctCkzQCmGCSYgR4oVEIUVIF6xCnlAo
bAOeSSgWSoUKYaewS9gt7BGaBTjM2xZXCslgmRMWqJh85bFcDgq9wtFP8MJxACacEE7DtbNADQrD
wohwTxgVrsCnSeGGcEu4i7+v0/0NeDPaL87xfyhksnqI2lzWAjFfSHFuh/g+x5wQ4T9mxRDf77BP
0ZvUSshHn9Zt1G1i23XP6p5lZbrndM8xl+55XRpz69J16axcZ9VZWYUuV5fLPqPL0+WxHbpP6rax
z+o+o9vBXtRV6iphvXDsOKwk9LIFX5EGMcNsZwEGAYYBRliebdo2Y7tve2h7ZFsSNLZHQohgFKKF
OMFieygkC2lCppArFAhbBQfg7QAeoVKoFmqFeiiNQpvgFQ4Ih4U+wMeEfuEU8M4Ab0AYEtpsU7ar
wkXbVShjQF8DfNV2znbedsF2CX+LqH9Zv5d+bRri560WKJns51Cy2LtQrLDqf8M+xmahZOtKdCUs
R1emK2O5umpdNdvMuLD5cPpvOCwF3wFXGgEQxTjXHNSxAGagFwAeB2WU6l13CSJc9wiQjnLNlca6
Fuiz2fW4NMnNEz/VrS/NcEcQH68jT5FT2il0tjvKpxv52BYBdSk06lbofHcsAV7HGvtRrikguM10
XWmHNPaHtQIi9CfK48G+S6B2gY1YB+pbzSa1bWp4UttAwLHucCeRX2rcqb6xK3ahLXgd/aP4VVwF
qqBPNWA7BXAsCii2oc+wHeqsgz4V3yh9q+cQdchjLAhxZ/j5sUSu8boir9R4rcGd7fOtohvrVtkG
pDvd+VTvdws+vyu10jd+xvlUasVG9BeOCcdwyC2+p70yNqU+4i4pfdXtKn3NvcPPTvVYAm0VA/yg
1LEq23A8iv8CY6FKRatjVi+PQfEf8hQdJ91Vfn0odcQTxq+MNyJg/MpnjB+klXbQl0sr8QJrn8wb
7prSc+660kfuc6VL7vNP9MtqdesHvP40uT+lnyrZv4qfYwPm6/3q1pXPrjBp3E+qfX4J8LXLJPnp
abVv3sVVavU41LGP9Xl3gy9vXHC3ll5ydxKt1EpOVtbnmHu/79pV9yHqF+NeydfX3EdKp9yv+nym
X4kNqqfdr/nGiPIz7pOl90HmofsN3zqX25Rp3BfKQtyXSI8Sk1CXGd1jqKMs2n3VF69KLee6smT3
dFmc+xr5MMUz5Er3XHRZPZddeZ5xzOuuQs8E8bZ5rruKPTdJrhRyIubLwDkGH7piQH8gH9Z/Wb9n
O8V9xUofvjnf6bmDY/D5+mmxVxWwtgNjKjBfBeYl2Udok2uXZ1bJIa7dngeuPZ55V7Nn0ecrpc/A
fKzEzWr7UwC/zOKeIj8jpLlnyjLd99X7VFmu+2FZgftR2Vb3kp8uZZ8FKHN4NGXbPSFEezxG2nMV
UPRUeqKprvbEldV6LGX1nmQa/xOgrNGThqDEXVmbJ5NqrydXvZeWHfAUlB32bFXvPWV9HgfVx0AH
+JHmV723J0lxUHbK48Hx0hjPeCrLBjzV1G7IU6v2V9lFT33ZZU9j2binrWzC4y277jlQdtNzuOyO
p69s1nOs7IGnv2zec6ps0XPmPblwtb1P2VPUefhJdWB8BepT+LiPVanibbW837qKfiUnKucDZZ0o
a16viiWUw1iMl/fn/JXalSjNt1L74GnjfEKu9Ytlda2sm4iAdRS4/6lyKY1HVfv2/YCc5Fc/yd6S
AH8G9OfbKwP31cC6TpXv1LUyJ0q+TpX8/ZWGr7Qq683VUc5wHbi6y7Wug+VhLuYZIOgtNyH4zuGK
PkU32ne0PMa3hrEf9flYWX/K2VhuT/kb9gnX8fJ437pHPqw7XH9qfa4T5Ymrnr1lva7T5Sl+6zAg
Rym5yHW2PN3vTITXMCcOlltL9eV5pRHlha7h8m1Ep5YXlyaVl5bml1e4Rsp30me4XiqU76LrcM11
pbyZ+CBDtayDaHP5bpIZLd+Dd/H6r+v/O2OhH6X/XPW70N8x/I+sSX/Z5yvBQWyZnqO8SM9RXtKO
aN/i+ugJyqv0BOUEPUGZpCcot+kJyruGfSFRfCE9F7lBz0X+Dz0X+SU9F7lNz0V+i89FgmLxuUhQ
Mj4XCfoIPhcJSsfnIkEfhTvak+yNlacHVp5ts+ZbBatoLbG6rDusqdYqa421ztoAuBVo3tpp3W89
ZD1ifdWqt2ZYX4MrJ61vWCOonAM4bzUDvgDlknXMetV6zRqR6bVOWaetM9b71igoD62PrEsf01hj
qZitSdALlgzSiJ9iCbJBNsOKrwjl9OX4/cmAe9tWmJF2tg/uas9CyaH73Fz2CzYJd7LXoHyc+xk3
zvI1E5q3WQE+r4KWHPOwStV4zcwiW5AB/Ukjz5DHroy8VTXmQzBiHO85GOcbUM6DVJX1AtmIT/7W
0S8SGURPEvCSofBwL43/bzcVioalsRdYMPsoy4D76yyWzQxgk8DC2VYoEWwblDVMhGJkDihrWTH7
FFj6abadRUHMeVg0/ZfNWNYIZT3rgBLHOqFsYFegxMPY32Yf5iK4CJZA3w7tWBlr0dWgjKKreXNF
14qmiqbzDxfNFN3PGt8yUnS/6GHRo6KlomuipuihGCIaszyiMe+uGC3G5deKFuAl5zusiXn38h6L
aWJmVr+Yi9iqtbJ8h1ggbs3qz6/NG7Uy0VE0k9/2QrW4vehq0VXRUzRNWo2g31fEetBDZUtp3uOs
cbERtSjFyqSSNStWQsu2fIc9BnUBfUA8/EJ1fi3Q0wTTYrVYC+01MJ5r2AuVvqKHYJ8R7QYrprYc
za+FVodFb9GMmAbSx8T+omv5DoSsWdDzUDwlnimasiYWTYkD4lDRdN491OCDJSsjAHkxBDSHiBdJ
+2VxPMuTNyoaYdQI0JsME+J11Kv0QhoVABsQxJtQ3wetAGKf2IgFPSHeEWe3jIi5m8FGMRPkHojz
YOGinSnaxBC7Fvv36xvAHmY3idHgfRgtWAmUAsihliBFdv0pMG0/7me/H9iPZ41n9dtP2E/bz9oH
feNVwWp85NmHVyz3GwXw7SM4yxKgDdiHz/5reffEZHt8fhvgRIjKNtI6VXTNnpI1a0+3W/Pr7XlF
M/ZC+zZ7cdZ40X2KU2YvLVqyV4DUTvuu/D7Ra99Nc7ho32NvRk/aO+zdEDuZELkwh/aD9l6IDo/9
qFjgrHc2OtucXucB52Fnn/OYsz+rwFkgthXNOE/RbEIPzjPOAQT7QecpMVdqgdecQy9UUuz4vCl5
TuzLm8QZX5lTUQOx1QfrbhZgHmPLedF5mXSPOyfy6/PmsuopVo+J9dgCfZN3z5qYVQDF43jDcU6h
qRQ4zkPspEF9AeASjJ9l9WHZcnbLWceY46rjmmPKMW1NdMyAfwoc9x0PHY+2jG4ZdSyJXvFOVv/H
6xx8vsOp2ZzsDHEaHTXOaGcc9VBvTXRaYHVedCZDrEMfzrSP8/kF9j20nqBnZ6Yz194Lvqv4eF3e
FWeBc6vTIS46txctOT04S85KMRNHkjcHMzhqv2KftN8QPTAqWIH2WwB37TfsMDLx2Gavz1/H7HP2
BftjHH3+4bzHit+L7jt4qRYzHXpHhCPKEYurSOFt7gfdiw4zgiMpvcOR6sgoemTV+oDWtr3bkQ19
Fq7kBd+8aCC3IdC6d+QDCA4xvQNjx1HicFEMyTRF0Q1IYDscVfY9jhp7oaPO0eBodXQ69ivRDRnV
AbKHpJXpOALZtQ0BZ1PKHQ7e8arjNcfJvNGiGYj+h1l9L05gtnVeh3m47rzprHbWOu+IWzEfgo0P
Ye5T7YX5x8RkyM6PYUxMLMjql7Ixzo9zVjzmtODMiwXQe7LzgXPeuSimFbNibXFYsUkseKHSfrA4
pji+OFH0FKcUpxdbi/OKC4u3ZRUUFxeXFlcUpxQ9zO+D2TJizoWcDdmpeGfxLvQJ2l3cLGVKjGCY
1dHi3cV7aC/8/H+gE1QNq6dn5vg/5VlaI+MAotL2QGmG0gFlJ5RuKAfTrqT1QjkKJQXKcSgHoZyA
choK8s5CGYQyDKUUygiU0bRR/O+W+hf1O+m/eH6CfRL8WgQLO4g54XSgZf8ZvBcKfv4si2Rc2GzY
Q7KI/taVM8i4vDyoh6EuDMrIOZvzmGBQBqSHAUbkz6MAV2T+JMANmT8i80YC2in0LblW+JMyXFHR
oyr6rgxX5PqG6poC9+Troypdg3KtgHo8Sq3YGKhvNZvUtqnhSW0DAcc6J/e5oBq7YteIfP1WgL2B
ENj/iAoGVaDYdldud0XuU/HNpIqvzOGIaoyPA/yo1JMqeaWGa7m8yrfqa4oNUOfq5TpCZcNgQN+D
8nwqtdr2UanOjVql/XCO3xhzYwHMAEn+dvqNJdDWQD8E1oF9Bs6FGtQxq4xB8d/dFR25qe/T12rj
D7QhsL6lmgelf4UXWMsyuRkA2QCdAPvfxy//v9SKf5X6SfP1lNo37qfUgT5W/PS02m99BdaTq9iv
6M/P8a2dXAFAlGlRJaeK5dwSlYxL0k9xL+fr3B0AVSqfqWMD578mx28d5tYBNAC0qvyuxMohgCM5
vrXoW5Ovyra8luOfa4ZzfLku9xzASYnefBigD+AYQH8O5fXNp2TeGYABuW/MiQurzKEyhkA+9LU5
WRqbug/l+uYhaQx+OfBpsRaYb98vX62Wl0YlmzZfXOFvvgwwDjCh8tWT8pAy1tX2pwB+7huynxHO
A1zI8dunci8BjAFcDdB1dwVyrwFMyfS0NDc+UPTMyPV9gIcAj+TxPwFylyRQ4m6zRq5Dcvz20s1G
gOgcvzy9OU6uLbIfk1VjVwB8tTlNGi+OcXMmQK7crsDfX5u3AjgAtgN4ACoBqgFqAeoBGgHaALwf
ID7Ue8r75eUPGm9KraytJ+09T6rVuVG91gNrZc6fVN94Ajyt/6fl3tX8F7h+Vtv/n1arctGq9Z8y
P2q9T9gzV+1/tXpS1b/K725lnnANXJfWweabAHcADsgwK4HvvKq0V3RjLD/IWVnDozn+52Nl/Sln
Y7k95m/cJzbPr9hAay9aWn9qfZsXc1Y/e8t681iO/zoMyFFKLsrT5vifiSaldZwXtjK+PJMqLmS5
vJiAOJH9nZe44kvfvKnXAMrE5zzG7z3RWxbYf5x7Ta4X/ws/C+Mi8MUmKSMAowBXACYBbgDcArgL
cE/+PAewAPBY+vwcL4NeknkuAiBKBbEqGTNAEkAqQIbcPhsgX+YLfwaIACUqcAHskO2oAqiR+iKo
ex9oYAUpzSkdKd0pB1N6n2lNOfpMA5aUXlU5rlDPHEk5kXL6mUPy9RMAZ58pSRlMGXw2ETHWMjUs
fQLJEySHbUdSTqeMpoyCxBVVwXcwmN77TV96s4iG3inyIXp3SDS9O+QZemtIHL0vZAN9x9dM3/F9
nt4R8lF6O0gmvRcki94LYqU3gmTTG0Fy6F0gW/7i/XGciZO+NTvMnmPsWYilZxcC4LEMhVKdDHGT
DLGVHKECiKtkiKtkswy8DElynbqii2Rh7pOzJSB+4QrgNcvYU+G5Z3ufPRpQjr+H8/78VQq+TZC+
yc3ozTHSO2OC6ZvcIfRN7nB6Z0wMvScmjt4Qs4HeDWOmd8BY6O0vSfTGl2R6y8tH6P0uKf9uejl2
lg2u/A1oQx9zbpraMIRl0/QGz6aZTfc3Pdx0nz4/wppgacNQkiYpRJYaSjIiH0tSNPKSLFCMUtk0
hUXRmBQHGn36CC9JmhQ9GzykIQRkTmE75Es9bxjCJ4c8+ljL9/M/gbT+Jv+PLJ7/X/wM26ht0jYx
G2ZPJoT+OHSEfYLeWBMDYJLfBZPga6+B9ieh/Sl+mAXzF0BXLLWJA4lowrI/1qcxDgHf+oQY32bE
slm+SiKGmWImYybXx1vqLA3r49cnrk9ZXwwlZn16zK31VoC89YXrt5GOV/EbuPz3+O9B3z/gfwCc
H/I/ZDw/wA+wIP5H/I/Asn8Aa4JhTGNMT6MJAct+wkJDfwr2GWHFHeDG6NnddrYWIrmTsQ+7JLDs
X6HVYDm0Oh+AszxkTovDMmS+a7loTrdcxvqZastAgt4y/uFkywTSyufYFMt1lLFst9xEnsVjuYN8
8y3LLMlEWG5aKi0PsEZZBEu1ZZ7agKyl1rJoqd/IFKC26RsLEVAngWejFqDUB2CbAmAb9L8xUbZx
3nJ4Y4pEb7RacjfmQX+Xqa8+0hMm2zUk2/RAZc910l27scJybGN6bMrGeEv/xm2WUxuLlfE/4wA7
GjeGWdo2mmhcXhivQh/YGEPziO8EY/QGLc5QYfgs4w0vGnYyraHaUM30hl2GLzCD4YuGL7JQw1cM
X2Fhhj2Gr7JwQ6Ohia35wDHMcWfonWRhrBHOLSwBsmHCeRkuAFySAbJawlWAawBTEmzYBfWMVKsh
4f4KHT+1AvCZs0QT7TRnm7PjJ2Ki4+MSBtYBta5kXUn8PJSLG6KAWlxXYqbPCY6Y6A/vio9bdx5K
ScKQWTBXJRyAK+Px4ygDUosx0evOQ4vzMXEx0THRCRcTDgN3NibaLMTfMbvW1cRPmHf4gHSaDyHE
D8QvIpiFddlmIWHCB9krRbIx/oFko7kE2rUm9COdMJRwypyU4ICrcZJ9aJtsVzb0LoJmES0C7bI9
oBvtmTfvBzsvgxXjaHf8hDR+kKtJ6DNXmWugN2gbPwuagE44Bp8azPhelTD+6zzkaP7b/LeZgf8O
/x0WYig3lEMEVBoqIQI+Z/gcRECtoY5FGF42vMwi6a1nUaHzofNsXehC6AKLofeaPfMn5Th8o1kJ
QB1lOQv9xqSCvsuQJ2c+C8m10jcOOLZVJZfBduHbeXxyHGSj70JE85CPqH/qLZ56w/fp6inSGUW6
hiJdS5Guo0g3UKSHUKSHQqQ3snDShGNgNIZgGsMmsueobPcZ6nsj8bxkNcdGVLyrst1quWGymmP1
Mg//e9a/xvfo9ZgnjlpLmhhp4kgTT5qCSJOedOCbloPfawP1Ekr6I57oC57e+YXekOYhkcbYLPui
3sfj2Q55FtVyu2RfbJN5f84sPW3en2T3UTakslviDbOTqtiTeHXyLKp5R+RZVHj/VnP4QWbhXzPL
q/mCY+fZFToVxOJ/H4/a7gNnlAglNqokyhW1A3AVfNpBvBrCEi3CVTGqDkpVVAN9RlqUSycUMWq/
DKJKox6KSKDoUzSp9dRRjVdaqf8a6TOOxfCS4SUYc70Bosyw14AR8IH3JjZAMyj/ZTOyEuAUc0ae
gFJI+LSvPuErpyPP+uhBKIBNA6bDpnosKskR0wCB8lnSdJbqFQ1nfZokPY2RYRLH5AG4bKo2XY4c
jhxGbLqMUW74vKHmzx2h6QHAPHOa5kwLpseRfKQ+MiIyCjDWsZHmyCSiUyMzAPOR2ZH5wDNHCpEi
0CWRLipVIBkbWQMlWy7YRu/TWBfZQDg2shVkUJte1tQp66kyLcA15OipNYJAV3bQCKsMDX/C/sHD
+f86ZVdpHSbh/8/nMrhsdgk+v+rHTebSKAt7/bjxXCLl8t1+3CgulnXCZ5cfN4Qz0u8sC/y4jNOy
UvicouLybIHO2VE+3srYnr7CTfwJ/nWQ+Bv+FGS27/Pfh5P1Gf4MtDzHnwPfDPFDTAe+eZPp+cvg
IQP/c34C8s8k/zYL59/h32Fr+Bv8DWbkp/gptpaf5qdB57v8u5BzhkOHIef8BE7lH4JT+U8hNvBs
/w3CXyf8nffQ31DRR1R0n4r+lkzD2DkzB+PllPeUPku8GC4ePs358Ywc9n7Tj6fnIuDTmB8PPczB
TKt47BFbgk/9frw58DoHe5GaN8se0G6k5k2zGfhU7ceTfmda4seboNjK8+ON+e0FEm+Ejarm+lm6
R8N5ZZSTOcrJmI13047n51VD7Xu8ekTF/ybRVSq6UuX5r6s8/40VWpb5lqrtt1Q6JfpLfrMm0TgW
C32rE+8jpdEkr0iD/dI9KOIBwCEsGE57IT6uX74JW2IsXMOc4SxcGx4GYAqPCY8HjHUifE4JT4cS
E24FnBdeCPxtUEzALw4vBQksu+U6kdqpSzzImaCtNnwP6GiGGmXC5Kt5AB3hFXRNao1QQSU9fCfg
neG7VOeGD3o/E8GV0gj3wLiZKQTAqAK4/zCB30wWAIgQU5rMR7n+ADgl12dkegAgEyAXoED6bDzK
nCHda6fXlgCeWXt/7cO1j6DcX7tk0oR0YzGFrF3C2rht7bTJuHbGZDRFm4wg/RCLKcRkMVlIzigV
qZWi0ZSMGgGTPlMa6kJNK3pMmaBXs3Y6VAQ6LjQ1ZHfIcVMc4O6Q3f9mJ54PupvdoWwRRt8lZqHp
AFaAPLlGKATYJtfF8jWUK5WhAvzZEZoE4zgYmhGaHZofKkARQ0tCDoZ0YAFapFoAqQwoSaGu0B30
GQrUJSCL13dIRW61orFOrQ91yZoUPdmhSSCZhLpCmkN6Q3pDq0JroO4I6f0z70/+rMhdA2vTCPnZ
CJFphAg1QuQaIXKNELlGiFwjRK4xU5ZzAMBp0OgBgFOSEfKmsRagXr7WCABRayyQAT5ndDCnbnxN
UsRRwKlrsqHkQ8leM71G1I1jWVOyRqA6f03SGhfIuNbsWOOiz1jq1tSsqaHrLqnIrfw1ZoMU6UNd
pGlFTzZ8EgHyga7S79EN6O6sqQI8rhv4i0cuvo93UXUCwPsd7VL9H+8q5Sk7BspzNHuYg8eWs5Wc
HNSt7QV6RotzO6M7SNiDfN0Fxmk6gm9CZn6gxV1sMega44JvauEuWROLfENa0CzjdHEaB3DuaPdD
jFQGM2y7jDvcDGKQgPzPibQLzCzVI404qBs5Qd1/nEIZxJoO5PAXSHIRMfQBWPN54j9ArNu9dAL4
zcuwmwdtR8ylLtfiSUF7D7HuNOEE4pQS7iWM9t/U4ncv57TliHUTJNmDO5R2GvBRLd7JZej0xN9N
Moj7CbNgvD9leBXky4lDzxGCB4mDbZnmDtERxL9J8q8RJg1yX9cJo7cXqdUijogt4iiAvoZXl/IJ
ZxKmu98lmLflSNS89CvSb9D8lHo8D575gU4A/DrhPi3MNP8m4QeEp5AftB7poBHiTBD9c8IpxHlO
8xZggXCRhJHPLRE9gZi7R/SbhBsJ50oypCeM9GxB/vLv+d8DxxwMo9Mc1sB5OThVA7u65ndIa35K
/CbEwZ/RvAH0EtJcK+KgYrr6XeI4g/8Bjm0mkuQIf5k0XCKdHsLhxGklPX9NMiGEIxHrRNL2LmFJ
/4mgEzh2wv8jCKI96J3gAfQMcvjtweNA39VsBPw/kcOlavAc+gLiICvRSSivNcka/hbwW8jn92k2
AP3ZILCH+2dNFtA/oVbfRBz8VaJ3ET5O+O8QaytJz2PE2mnqsQ75Gi3x75HkdqJjqC8z0d0kuVmT
TBbiSvk94qBJxBri8C8T3Rl0A9+CTpKVJDNO+Axitp5zYRQRNhDWc7ASlx/wP6L/zJKOa5bD+6Cb
QevRcrzP4aZ59MMS4qD1sC45Ph1p/jWie4K2YTwQ/YDwr5HDv054AjncBuI/QgxZBX/BtIh00C7C
KXR1QhOL45X0IM2fJvoLhKdIcpzo1wl7CD/HQbbki8me5wjnkrUaovGdYjAizTnERN+WOGgD9I4y
Wwh7iD9HbeeJ82vEy3OaDPCqI7gO8Dlc+0FfohnZS9buIvqbRJ9ADDJ1FPMgqbmKmH+dWqUQJxav
Bs2STIPMGaRIHkQvkWQYcboQB3+V6GySP0LYRRpGiK7Fq7p1JHOE8EdIwzdJ2xJlqmWyLQwxu006
3yKbW6W4Ij9/QfOfgNZRjEUGvwgyH6NWOdIYCW9DvHwHT/j8a5Tno5d/T9kb878ZaW4DXX0dr/Ie
ot8heoDwQZLfLfNRfp446YQFwqalHcrdHVzFPWWS5JNIQxK1uke4iWSWCH+CsHTv+BZhfFsDrCN8
oggz/UXAh0nPg6XzOHaSuUl7Sj3SwdQLyKNkN+ZnuJeGeYeVQLsbYs2Hid5LuJUkazTfBcnP4C7A
ufgcpPnt4KUf8Z2Ef0T4LnnjNuC7FFfhPGQhnqPVtJ3wqxR1ds1vcb/XvAucv0LNQWbS7yF6FjE3
T5wLxOkmvB2xJpb4ScQ5T/jnhL+EODiZZL5NdBTR54huJp2XiOMg+VcJ1yNmixp8qjlG+GuIuRii
+xGDVUjfJnyROHGkrZcs0csakEOa+XSiUwlfITxE/D7Cuwl3Er+S2jK5d6TJTnaT8BuE52QZxEcJ
HyJch3h5J9HVhPNQT1Amaab54k5SXxM00mvkh62StmXawSHG8TzzY/TG8jkcF+EHiIGPmWQQMZxD
kHOerl4gLBC/l/A0Yo2DZLYTNhMOIzxL8q+TzB3SOUat5gnHEG4jmYMkX08yjzWQq7kMzS+A/qfg
WqKXAJuDjRj5GD9cMNJcVHA84NDgMKQ1eI68rcVnKTeC8UxyTxtG3hMBP487DluveQEw7XdsC9EG
3N2Wf0MyJk0nyScRRv6/IAbaQTiKcDadc9IJf4hORC8RthC+DK2GMLaBxndyrKM91BMchB7DMyS7
TWetfsK3pZMY2swnBVMGCB5DjKc7PgnPq1ylNpXwPGLiXEJJ7hLxLxF/njjzxJknzqXgasR41uXm
EYMNkkwvyY8RX9I2Rnp6SQZ795BMqqSfZHqJ7iXNvchhizSWMcKLdNJelKxF//BbaCxbNP+CGFsB
Rg2p1FevpJ/sOUm4VKbxailKwm5COZbseZ1sex1HBHQq5XwaC/YFZ4Z6oo+jPZDDIH7Yp3H26S8v
9xj+EpYxK2G01sD+lvBezGPLP4S236e8GgnZFDQs0e5AuJc4i4i5VInG8zycZs/jVaS5VAlLJ3Zq
lUr3Ar10eu/Fcy9gzLRJyOc9JDNPOitJphLvWYLpCVlwFOoBXEu5tAJbkeQ89XKJ6GOEL1GPxwjP
k85KsnCOrjZJmFo10dVfUl+/JPtvk+RtSSeewLlKyU7yz6LEka/iGX6MWo0hH67mE51PIw3D9f7H
08iReic9qTjjbI5aMXoGtpUwW/4Z4KjlScDxxIkiTvzyH+D8P4IcaI/4PGKenrPxerKKnnrCGJGT
TnSqtHvSVXpeyfcRnpB2arraJo1I2luJ/iFi8Dis5WUbYugL6VjEoA37bST8MuE6xJCvfoYzgpbD
vIQQTbs/Ws5Xk8wQ4V6ZlmzGjHGI8AzhScL9hG9TjzVE32R0l4E7JvsaR/etuirKNuRDyoRMyir0
rZ7nkbP8ADmQGXA1xejwWyuT5HmGqwayE2UkbQx5PpZmh6KaMkMvzh2/BdcsrM1ezNXS/bJ8Vyut
FPTVcfKeIPvwKJ5XiQ4nvIXwXfL2PaIPSicQwh6Uh/PG/2Pvy6OqOLb163Sd6nOEBgdQEVERJ1TE
g6ICKqIgIo5BNEaJQUAURUBEJIYooKBR1DjEqEFEHOJ1jnPirImzOEScxzjEEccYhwi/qq/ac733
5t533x+/d9db6yUrX39n1+5d1bv23qequzkRrT302ZxD9HvdhiWQ4C0eQ2+pz23wvgQangO/FEhe
g/8FuBc69YHLIfEAtwO2A96E/B74duBkYIlAGobWA8B0YA/08hg6fpCEApcAFwJL0VoMjIckHCMP
x4yHiwgxdAXvAd5DxAa/ahn54nutCbxaXY9Acb3rEat/YN3VAdY2AAP0O8xzkO9C0w/yo8ADwIVy
hQnNyvhm7wC0BXYC+mCdMB5cBWIFRWoBK+irF/EtHArNTQLfdilDzSybBMwDDgV6AjcBxaqV6fIU
oKi6pPQh+I/AscIa1rrk7Uu0cl56lvFv87cXxbdz6SPVluNDgTzCVwCPIG5rgsu7AS+A4zBCqSPe
iYjTOcZDn4H/gPh/AL4P8rvgRcBFQFGpCHZ/xIjxCw+UPRD2iSN6eQJOjJFAXIuRX2PpLyY+I29v
mvzEyMV3N5fgHogaAHwE3AFMBorVHRH6fFRYP7DXkA8HpgMDgZn4/i0A7uHfAn3M3hwPCDTeEKj6
ClSARgIcCfkKgaapAg3QVyAxQ8dUw4z7LdC/j9bewFUCKeTsOjgsGIshOQTLl8DbgTNgRUgCwMdA
PwVYir40oCtan0LzQ/ByQGm5P/TRSm0heYNWT0huQXIXfCW4HfTLA9OACvARriIfmADJLGA8rPUC
YuTGWKC8akfgEUhygZFAd2A4MAKIazQOw0jk2Frj6rYA0WqW49+A1kTw3ejXBTwUiJHTX2DNB5Jx
Am0wR+UwX+YYIOQ0D/anwU5jyIMhH4tzl8HOGWAOJPA/w1woj3GuE1qXwkJntG6EBciZN3gBeF/g
baAFckRIWX8Rhxx5HCrjgOmIzIHiHpHhW7W8iE8R+eyAQOMNgaqvQAVoxL1B40jIVwg0TRVogL4C
CY/wuYjwuYjtuSJipQXBTTWkZcGN96U1wZXe0FklkEKfYRVNYd9YDMkh9HsJvB04A1aEJAB8DPRT
gKUYoQZ0RetTaH4IXg4oLfeHPlqpLSRv0OoJyS1I7oKvBLeDfnlgGlABonoo+cAESGYB42GtFxAj
N8YC5VU7Ao9AkguMBLoDw4ERQFyjcRhGIsfWGle3BYhWsxz/BrQmgu9Gvy7goUCMnKLKGX0gGSdn
E7N2CViMOSICDXI2Vwi0AZbDjJtjgDiX5sHCNPTVGHIi9cGDoTMWfS1Dv2eAOZBgvhjmTsF9bJMT
WpfCWme0boQFyJk3OO51s77A20AL5Iirsv5iL1zWu4zHeVlXfKuuLO3G8QZwhEDqItAAVAjQF/Le
wP0CCfQNkBihQ6dBLvVHobURsA8wA/LH4LCgDAXexLkJ4AvBFaAZkgLwtuB+wHGQ5AC/BH4KNAKl
zdVAyA3Z4G/RWhWSp5A8By8GhzXFBGwDNABHQ6cHsBUknYEtYa0hsBYkzYHyem2AgyAJBlqAjkBP
oCuwBTS/Bi6AtYtAXLWRQec8WreAX0OrPfhS4ES0PgGX87VLIJPzgjkyNgO2g2YRLBwAVoa8DuQ4
S/kZOAwYCPwBuAM6aTgrF5Iw8LrgF9Aq5fPBT4iVD4+rCMSVwFVAXyDWRUTKnwnkURSBeBOSueC/
Qce97IW474p142bE6kusHvE2jlEFYsVO8d4PWwHJJKwSb0OCXTCNAE9A6zKgM6ztB27Hk6xYnLW0
dIzYWUCShL3tNVjwB3oLiQl7NIMbUO4L+kLTHr3IN0xOifGbsKdjcv3vJPdr2BcHCWRtBBpV4DrI
X+I50UZ5P7Y0RKzYBSrZYlT0uLxvib6GAANkv7BwDq135H4QPgwXSFfhWk5Dc43YE1G5Z/SGH1AB
eMaJ1hsY+UbMQglG2A8SyFWMn/uEt7KDAo1dgXliF6xMRo9LYN8b/RZCX0PvGmymSgviLi7/EtqN
nfVuXLXASsDtwAxgKtCiy0/DzwJnQ7IcPAN+iweW4M4Dni1SvPFl1O9sl07Arr8Q/RZidsS5+/WR
J2G3KC2cFrsDYLhA7knZi5Ac1fVPo5qdhk0Z1UnQLAQvxBUJuRk+uSY0jW3l/gUWYoALgAdlNOrx
X4jYiMAsyxlMwrXD54iljZiXNMx4BfApsPCj3F1C30/ek4EFJ1x1MiJwCDyfjLOCZbTIqNBzpBzn
OeIsFfcZWK5oVc/AcpSwY3wA+xfQ41SMKldgOcSe+alAE+5LqFt1C2MwIxxN2DWrAwRnBPLl8Nth
aRN95ctdM+7z3BNonCDjByPcjWsJEG9+M3kPJNFwictrQGcursUJPAJz+hpXegmSQkjmoK+bkITB
h2OBQ4HOwK5o3QzN5XhecAaWjbAAn7BjiPwMWc0wNmQ6rYNRjcBT1MnAxXiu6gpejCetbuBvgKlo
DQOaIFkOHKHW4Fgbz2drQ1IfvBIsfAlJkEByH3hd6oBfgrVY+WwXaMGT3yVAB1h4DvlV4Gz9ubNY
YxTjKbOrQOYIm7P1lZvQ2a6vx4LEXQisb910DBLexhrDVbcjsDOe3Q9Bj0ZYs2BsE9BvPNAsJMau
kG/GCD0gXw7Lz6U3YNkf2AiIdZpSFa3zga1w1mTIA9gj8Y0D+U5xZ0nBWohg/aP0hbwFemyIXpIh
iYf3ysAzoHkBaCeuQpFPximu5aScX7xT0Rh2sMqlTaG/Hb7aD94drSHgLuBYr/KZEjafgX8mvQrL
DTAeJ8nlE3mM/BR6vAmshCtdD5108BJYKEG/F+RbAZDchf568KvyuuTzfVYmxqlH3RQxHrFbp76C
0wmw7AHNl9CZBd4XfS2WflbFm0QBaB2D1u6Yu6NotYOFa5JD/gp3J+6DD5AxLzgdBjRBvlciZuEx
+EXwOcDbMuZZlhi/4GwFcIaMZ3Hfj96Bjgt8ux2950PiqL8LkY6s4WjAbovbBNffsogW0ajHpNBM
hd+y0doLvayB5AQQuxUlCDgC8X8fuYM9FI2Qc42ryMS5meCPwB9JjnMperyLkTwHfol9AaLdhPGr
oQJNiE92EONZLdD8HVq/grwNEDsmmiR9AjsYiQneUIfA29gjGNJlJUHv9TGSKGkZFnIx/lxZH9Q0
+CcNcTIF1UnwMNWHW5gHHV8mKna2eDLFa06J2McJHXJDcD7veLsAGAzE3SrFE62XEBvX4ZOtwo6y
UK9v4jnRM3W0sK9XwpqoYEI+l4k3fH5DX7+ghqwDjsV1jcb4D8M/9pCj3jICbALJ19AphE+OCzQ6
C2SvIbkCiS3QB5LqwFEyStkzzh9Ccgf4BJpdxZ0xHocBGE8a+g1ALQ1A7xxN+HZgaej9DnS6CuQ6
gjvDt5OB24U+rxVpOFdgDLCJQFqInL0DPM7wXcNkdiOegdsFGutC5wq4rUB1CUO0CDRtQYRUxbX3
xhiKYH8Uk+PEqJjMMtF7MFo3w+Yr8FfwJ6qiUYEfVkN+GFfhIvVxvX8wmbNpeKtBjPAE7MwC7wuv
Vhdo9MFo+6D1NM4qkN9r8vtCH20AZj8NXMg7oa8/ZLWU9nVPih7Hg/vB5h+YtYfQaSx6NE2HnUvo
NwWRcwY2x6Ovnej9ChB5Z8wDNsRstoL+UXB3GUWSQ+eytAOcCU14jGWBI9q5Vx0x+0LSEhLkoLoG
fCRsxoDbAPeh9SOc1Qc+bw78Bde1APniAklD4GVgJ9SBAHADuD0sIweVwcC3sLBb2pGZBe6Ks16A
z8VZwfK7QKApG9ZQ503xcjyySkNzBiQPwFGNubdFK74RTPhWYjthuZA1QDw3wLdVL8xXA0RvA0R7
A+TdTHGfCj3iW1INB+8I7oS+ijDyXcAHsF+A0e6XXNoB7kZfg6Hpg4ybDIzX4z8AsyPyepywYNNP
8HIzBTd7AxX0i1VEOU9kE96pY1iJmRbDQk/EqjP4Cr0+CDTokc/RZiT08V6fcZAe2wJVJmMsANkh
eBfIO6GXZoKrqN5qFDwcjWg/KJ440MvsNMdk+GSk0Z9zW+NyEeHGyVwTq03DAcF5RkwW99mAEQIN
AzAjbcRZxpHCSzxifcT9PaPYCyQLiaFY9GJEPTfK7xdU+7fd9ecpmRzLg5fXn6Tg2XQZnnSUjQfG
A3vi3tF98FzxVELol70oOw3JTPFtLuwoIwTSKuCTgdsh8QUvFmhwAx6FpC9aw4CukMwG18BLgKnA
5ZAfB18MnAe0AOsDg2C5nJS8PS++3XB1aeDXYSEWre2EhO9ihP4AYCnkV8GviVZFjqFYcGNz8BNo
9QA6wfJryM14Qt0A3B29RIDHQ/M5rPnJEcJaV+hshgTXTi5JTUjsoD8ZNq/h3V2THLO8diFRwoDb
8Vz7NizsQ+t6OQviObhhAPBLSAbrPhHWXGG5o3yqjnO7wFoJsB1srgUvBtpJP0PfDZIM2JmAc89K
D8jZROt67MgcoJ8O+UvI9+Cqk6S3pR20UmB3SDpLLmdB95iwc1FEo+GkQD7jgr+CvgtaP4J+OEYV
gl5CwKWXGkMnFKO9L68I1zgHci/0UqmsrkC0+uk9CnljWN4qkM0QaHwjWjmvK+oDJM5yJDLmxdsI
Sn1gCxn/4Ba8pVAD1mrgvYXrAmkVtDYGdy2bIXyOvS2FPB+4XHpGIiQZQD/ZCnQBzgauh+YReMBf
xq0cD7AEGAW8Cs1KMnIgicfYzgLvy7s3sPOhjGro7AeewLkXcF2hwAHAR7jGW9DZAsvTIb8GHCIz
GjwacdISmqnSGpDC/6/gk+NynMDBOKsU3AyejL7OYGZvi7PM3oKbkKdqODAAc9dbtJpQo9QGeBP+
AeaxJq5rDEbVC1ERA01ULVXaN0L+WI78bSoyS+BeOWaZ6bhfRHFXKhc2c5HF+SJOeD2si7iti2pW
V1QeWWGAvqhF2bDjh/qAGkVuQBKsZ5/QKSfrmEAaK+sb5KXAi8CTsBlU2ogjAfeEZhpGu1DmFHz4
DHcvfYF4wq7MxfX+Jq8a75ZEGm/y8aQauwuOaN+D/Ugk7k7vwdO9xoTo7wjYkHzDCsIGJg+MIq7R
nybHk/DByYOGkQFDBkUlk6HxA1MSSJqw2zssyJXU5N8cZeL/8UfKEVtSkTgQO/GJy8xE/NWaRsqT
SsSR2PPP4k1T0UKszCD+GkPnClEJFXa7hoe4it9iQbtRb2OkAqkcHT08iWQAc4C5wDnAfODymPi4
wWR9bFzCQLIVuDMuIS6F/Ag8HDcyMZ6cAJ7higPJJeAv8YnR8eQOsGT4oJg48hz4Opk3GwgQ98KJ
0YoUTNycEqNT/0byV2YguGct333R0fY9NL+Hdu+hCSjt2LyHmo4VSV3iQbxJGxJEupJwEkFiSDxJ
Ien4hYDZJI8sIap4LYFMkmM2VJJHVb6/ZjCL33QWv7BdVz/OJuIvPw023Qn+AsZmI8ZrsCnSj5fk
sUJNeXRYz8/jx6rB8ug0RNpx2s374vadTuifb+pXId4nwhtE+FUThY+6m3iTweSHT//Dv0fFhoqI
Mrgp3jTY2Je4ED/SgYSSMNKPRJGhJJmMIVncc1+SuaSALCfryGayk+wnReQMuUJukgfkOfmDf3Vo
ps2EmlaZVpu24LjGtBXHtabvcVxn+oEfV3O2DcfVpu04rjHtwHGtaSeO60y7iMKPu/mnNVx7D46r
TXtxXGPah+Na0484rjP9xLXXmPbzT2u59gEcV5sO4rjGdAjHtabDOK4zHeHaa01H+ad1XPsYjqtN
RTiuMR3Hca3pBI7rTCe59rq/84j4ZfI0kvFveeQUrnyV6WfdM6d1zxTrnjmje+Ys72eV6Zzun/O6
Xy7ofrmo++WS7pHLukeu6B65qnvkmu6R6/DIL7pHbugeual75Jbukdu6R36FR+7oHrmre+Se7pH7
ukce6B55+F94ZA7JJ8vImn/qkRLdI490jzzWPfJE98hT3SPP4JHnukd+0yPmhe6Z33XPvNQ98woR
81r3zxvdP3/ofnmr+6VU90iZ9AgvNPCI2SA9YlakR8xUeMRslB4xM+kRsyo9YjZJj5jN0iPmcv8N
j/xIjpLT5BL3yD3ylLw2KAYbs430iNlWesSsSY+Y7aRHzPbSI+bywiPmCtIj5orSI+ZK0iNmB+kR
s6P0iLmy8Ii5ivSIuar0iNlJRoy5mvSM2Vl6xlxdRIzZRfrHXEP3T03dP7V0v9QTV2p21f1SW/eL
m+6XOrpf6kq//Lc98sDqkfq6RxroHnHXPdJQ90gj3SON4REP3SNNdI946h5pqnvEonvECx5ppnuk
ue4Rb90jLXSPtNQ90goe8dE94qt7xE/3SGs9YtronmmLiPHXPdNO90yA7pn20jPitzXFuPENNJN/
E2gkQbw8xr8NXEh9YuH+CiLdSV/tZ17pA80fGGdqp3U2SysGC+OyMzqbpZ3lrCP0zulslnYeTOhd
0Nks/L5KXeJJfPh8dCV9SCSv6ilkLJmkXbT2dMna02VrT1esPV219nTN2tN1a0+/vOtJu89ZJ3Mg
lz3Q2SztIVhHLivR2b8a0Q3riG5aR3TLOqLb1hH9ah3RHeuI7lpHdM86okfWET22juiJdURPrSPi
uW/wNHjyBYyz4szXg3WUOvgu5is3O2+sAlKI+LUo9W9mi69+aCeiKL+DhVhZZysLtbIuYAy/gefE
14p1ceZTnPUMZzyH9m/QfCGiRXnKzxDRMptU+0dfkfl8XbOGbCWneP685JmjGaoYXA2NDN4Gf0OI
QbzvbLTdy23NA9tnZT++Y8oxzuaCFVnZcSs7YWUnwcSqVFNOCa7c4DgHbT9btU5bWTEY5d6zJ47K
GZwhRjJVEaP4Cjpn39OpoogxzVF+IpRrzlHOWS2dt7ILVnbRyi5Z2WUru2JlV63sGpiJr5udiCuf
PU/SkrRR+NpAWcD7O4ReFygHuNYCha8UlHz++TCk+cpBLs1Xrltt/aL7wqRMU77k8VKgLOOay5VV
xEZZo6wh5ZV1ynekgrJB2UgqKZuVH/iKn2Jl7MijRvyKi1j3VdB/UXERb1iprOQ2N3J9quxQdvC1
Io88ZTb+Ulz8Xp6IQ/6tI/4f6Xzly+usMl+ZT2ooeUoeqclt7CK18Jff7fCX3wH45TuqTlRzFLFb
oBTdUxtqI+5DUQ32uAa9q9agIvINai21thihIYKspPdoLepOG1NP2oy2pFl0As2mk+hkOo1Op7Pp
V3QezaeFdBn9C11JV9O19Du6iX5Pd9A99Cd6mBbRk7SYnqeX6XV6i9t6QB/Sx/Qpc2cerC1rx9qz
QBbEgllnFsq6szDWh/VjA1gUG8yGsUQ2ko1mn7GxLINlsQksh01ik1kum8a+ZDPZbDaHzWXzWR7L
ZwVsCVvOVrF1bCPbwn5g29guto8dYEfYcXaSnWbn2EV2ld1gd9gD9pg9Zy/ZG1amUtWk2qrl1Yqq
g1pVdVZr8ut2VWurbmpdtb7qrjZSPVRP1aI2V1uoPmprtZ3aXg1UI9RIdZA60na97UbbzZqiqZqN
Zq9V0qpozlotrY5WX3PXGmkempfWQvPV2mgBWkets9ZN66mFa321CC1Si9HEr1Z8S81ULDlq0Vp8
HhrQBkThXm7M56EJbcLrgxf1Ioy2oC2ISjNpJjHR8XQ8MXPvZ5NydCKdSGzoF/QLYkun0qlE47Mx
ndjRWXwG7fmsfEXK85mZRyrQBXQBqUgX0UWkEl1KlxIHPlN/IY58tlaSynzGVpMqfNbWkqp85r4j
Tnz2NpFqfAa/J858FneQ6nwm9xAXPps/kRr0ED1EatJj9BipxWf2JHHls1tMavMZPk/c+CxfJnX4
TF/n1ewWvUXq0bv0LqlP79P7pAGf+YfEnT6ij0hD+oQ+IY14FLiTxjwSPIgHa8PakCbMn/kTTxbA
AkhT1oF1IBYeHUHEi0dIMGnGQlgIac4jJZR482jpTlrwiAkjLXnU9CGteOT0Iz48egYQXx5BUcSP
xbJY0poN5TuaNiyBJZC2LJklE3+WylJJOzaGjSEBPLrGkvY8wjJIBx5lWSSQR9oEEsSjLYd05BE3
iQTzqJtMOvHIyyUhPPqmkc48Ar8koTwKZ5IuPBJnk648GueQbjwi55LuPCrnkx48MvNITx6d+eQD
HqEFJIxH6RLSi0fqchLOo3UV6c0jdh3pw6N2I/mQbWabSV8RveQjHr+7SH8ew/tIBI/jA+RjHstH
yAAez8fJJzymT5JI9jP7mQxkZ9lZEsXj+yKJ5jF+lcTwOL9BBrFf2a8klt1n98lg9og9IkPYM/aM
xLHf2e9kKI//N2QYK2NlJJ7nASXDeS6YSALPB1uSyHOiPEnieVGRjOC54UCSeX5UJSPVamo1kqLW
UGuQUTxX3Egqz5S6ZAzPlvrkM54x7iSdZ00j8rkq/qJtLM8eTzKOZ5CFZKjN1GYkU/VWvUkWzyYf
Ml71U/3IBNVf9SfZaoAaQHLUDmoHMpFnWASZxLMsknyhxqgxZLKarCaTKbbf2X5Hcm032G4gU203
2W4i03j2KWQ6z0CVfMmz0IbM4JloT2bybKxEZvGMrEJm86x0Jl9pNbWaZI7mprmRr3mG1idzeZa6
k3k8UxuR+TxbPcg3mkWzkDzNW/MmCzQfzYfk8+xtQxbyDA4gBVqQFkQWaSFaCCnUumpdyWKe0T3J
Ep7V4WQpz+y+ZBnP7gjyLc/wSLKcZ3kM+YsWz3N9Bc/2B2QkrU0bUgv1ps/oFDqDfk2/oQvpYvot
3UC30G10FyrmUXqCnqbn6EV6jd6gv/J6+YA1pM9YQ9aYTmFdWU8WzvqyCBbJYtgQFs+SWApLY+ms
kC1jK9gatp7H0vesMdvJ9rL97DAroqf58Qy7wC6z6+wWu8dK2FP2gr1mpaqiqqqNakd/ZV3VytRN
ra7Gqy1ZOGcD1Ch1MLtuu1UzamZN0ypojpqT5qK5anU1T6251kprrbXTArVOWhethxam9dH6aQO0
KC1WS+DXmoyaRlDTDKhmCqoZRTUzomox1CsVlcqESmVGpSqHSmWDSmWLiqShItmhItmjIpVHRaqA
ilQRFakSKpIDKpIjKlJlVKQqqEhVUZGcUJGqoSI5oyJVRy1yQS2qgVpUE7WoFuqMK+pMbdQZN9SZ
OqgzdVFn6qHO1EedaYA644460xB1phHqTGPUGQ/UmSaoAJ6oAE1RASyoAF6oAM1QAZqjAnijArRA
BWiFCuCDCuCLCuCHCtAaFaANKkBbVAB/VIB2qAABqADtUQE6oAIEogIEoQJ0RAUIRgXohAoQggrQ
GRUgFBWgCypAV1SAbqgA3VEBeqAC9OS5X4t8gFwOQxb3QhaHI3N7I3P7IHM/ROb2RbZ+hGzth2zt
j2yNQLZ+jGwdgGz9BNkaiWwdiGyNQm5GIzdjkJuDkJuxyM3ByM0hyM045OZQ5OYw5GY8cnM4cjMB
uZmI3ExCbo5Abia/l5tNafN/mZtH6HH6Mz3Lc/MqcpPHkJ6bjf7t3NzKGrEdbA/7iR1ix+jP/FjM
zuu5eZc9ZE/Yb+wVe6saVKaWs+ZmbZ6bw5CbtZGbsTw3t/xpbjbTWmp+mr/WQQvWQrXu/5eb/5eb
/4tz02AQ/0dqFzKAFPBv0Y1kJzmI3e1t8hj3SbBvJo34Porv3+hvPJaz6O8cJ9BXHCfRNxynqZOI
wtqqaRzbqWM4tlfTOQb+iYUXsPASFl7Dwh+w8AUsfAoLn8HC57DA93/qWKEBNs7KMqws08qyrGy8
lU2wsmww7Ki1Z4Jrz99JeLW5Rgh7y0qJwusC3yfy2qASldcHG2LmeR2Lv3sNxR2k+sQbVirYHuXZ
zM+k994xHhdit3+Mf3rGd2+XoWdPx/Hc523ySO9hhyh2FAR7AwM/86rYE+IZhRk73l/5bnSVuAei
FMidIym2LW9r/w9PLsSYxLMpN+LBvRug3y84gr3sUeu+/6b49UOwW1Z2+x1TRwvtf7k3xhMbPJHT
8KSJu0p5TKsbBxuHGOP0J3cGqUVIVfF3Fo6QkqoDLFlV+6nlGuWE5PxuZzApBVlVu3BRJ8Vg8LK1
lFNZY3uqODNiGajaNFYNRkNWK8VgLOhl+cDi8Z7EpbBmhgtpg397kCgykiSSeDKIpPD//MW/ltrv
GTM6emaruZdWFv04xzLm/poabV08K38xrSCrkpclyxhpyaJdC6hiUBQbz5UVL/Usi1hwZPe7s2vw
oSR5NbY0VGlvo62DW2Bi0qfJcYOHpLi6Rzd09fL1beXaLS46OXFkYmyKa2BicpKnV02Li1Su/Lct
ickDU+ISE7xqW2qJdurg9Nf2sMTEFNf2o1KGJCbHpXxqqVnVztLK4tOM/9Pcy9KsX1U7r2b8Ywsu
5P/0s3wKX3EjqoPSu5eXg6Wi+GB2sPlw4MghcQmDU3g3FSz2QmhyMIUNihmemBDzbmA2/2xgdSy1
5cCc32+PGeTaK25wArfq2jOwvSXL4Gaxs06gwcAIzTKUJ1xuo2QZDGTLp5+f+XhDR9/l3qu8Lryq
16Lz6N1vauUf6Dji0cngO6dz9w3rGhb1fJ6yr9u5zvFN6/oP2lVUZ4ttyJZxoy533LFiun3Pn+o1
flrwq12dWifb130dNe94tY5LZ4XWmndsQ1O3faFN0hPPV67ZOte3gu/lHQ2fx7ZuYmhWVtogZNmm
eMPEvDc/rI8el/UqoiBzQva0dU+3zl583GdZz+yqDSZ2v2x5Qdo+3/+qbebOnIfxvt96er/Y6LnW
5vOoGWmxeXNH2uWsffrjM9fve1SaGn3E43yzjtVKtoXOad2zl1NR7Aefrlg98WAf/4VZPSclsO9a
7Pms7o6w2Lbzuh9tPLZ5woRO6sn8E6E5SkIOWbJ74tVeivhV4MWZry2Zv1scuDtr1DNqFhvVzEOX
MROllsxCITUYM+dbMr/OqND/RNKjuOT8Oh+MdVzfbVrZkUXJ//PxllWe7CFT2rSZVPGk/4voB1cD
LOXFGB0MhjIjs1B+sNQQAntjFaPj0RpFqSSp/9onF37sPv+DIM/FQdGPLbaiubzRyNMo573UoSIi
Plu5Zmxo/adF27unFPZtkNJo1Iactyu7zk4j3e4evu90Ke4n+8L0Z0rg/sMTj77sdXTvwh19Eh9H
B/0liJTMOTi/2GWr7cJqdrPPXqi5uuHnjx4uG7lq+hXfaW3nDt3uM/zUpLV13l69eyau3IxJO0qv
k23ez35Pf1Whkie733DOrA7D3Eds8Zl+zWR36OMhx3ZktB8Wu3zblm3TvA8/pRXSx/x26lqHq5+V
Xr++qvTF1WK7DUlnZt7osdmnML3J6bYXvW2jWikLM4fW+eJFRPT0df22+Z6NzO09wbn5b63nFmRp
hZ9M2eCxZdHSIysvuG7eZamW7epo12h72PP21wZYbsx0j5u4J+mXZ9+uLMrokJxqz2vMGF5jovQa
M9Cw/hvUwsrv5xHjdeY/mNW84HjxQtOMl5kWzb30gtPC+tGSOf7/y9jsEDg8dI3devQMe6dO/4n6
f1l7lo5IcTpyMa/p6yfR1TIWTys7mDReW9Sp0evX/dYVdSu/o/WF2sdY8efp7TbNS63nd6mgh+ut
5J8DR9wui3d8tXDC+noTdzhu+nhnqy88f1qZHTkiO7PB983pq9VnZiklm3tXVI6Mz36xJzt6YLUC
x7wFC/OCo1udq9jmwwMhrr2q/H60b+mL3c6HNwfH293xY0XLXG5Menx5xd6k8f1PPn3abuv5JQsW
k4QVmcdK/Iyrd4fO9HC4drd9arkMQ/xg141e6/yHnQowjy9Osky1/Loz90TTktM57Zz7Ld09JPvO
F+kzaGjCR4GuIXmTSg913HKnq9FgG1VU+MBlVr23J76z3/9yc13nz96kn4nofnLwXb32vLRk/vbn
teevWXw++fQRLeqTy4tTFn5iP7f98v4OgfUxfTXKi6zniWzKQN2oUcfoZKmS8edpHyQUahnbWlpb
fAtaFbTIaT4kJSXJr2nT6OR4z+Hv5tAzOnF406RhcULaNCk5MWZUdMrIpoG9eOB5cpEl5N0IDQZj
G4ufxefdZ4uS46EbHD169J8ZHJT8nqWUv0soVJ/IyAbn0i2dK3Vq36rNgFEbbxaSlhVD1nn0/WZu
+sPFlRbNLXHa8PWL4dPOWZxdVteObh886+xaZ/cuX7f8PCA88mjU9rt/xH37ybifJi7L0dL/8stH
n1+cVDw6jS2rezjmZfcPtgS5T3P2CDe7J/9Uy6mtx3HSINHh5NKBT89E+e0g3VnTeYM/vxUd2K61
tnOKacz1tIBdV9OKJroWVlu0PfLxwlVhEamOb6unsbPRo4Zlvp0YvHr1R2G7Ptu1ttqSmeuf2nqM
tVS46NVl54R+437/plLa3StjI1fa7feq+SJ5vv/g4z4lPkW+1UdebH3e++r4U3nHrk+54lwaY/5k
7QvPrc3qpcbVe1Y8tUWdfRfrBfHqs4BXn2xZfSoMtZ3XYzept7LixY61+o4ZXPj3Neg/s9ZpafH1
amnxsnh7txKlx5d//A+sdcLjhg8amTJweNK/u9a51CrhzdqDHUJHOB0sCvHvtfv1SscfPJptq9Qj
7OD4h/7Nz3f2mum+eUbMtVo9J/ywt8vJcezlo1E7pxxYXrwmLik2rUHsnc1bHmV/f6xkxdtKS2w/
cmvY9HjA+T7G6qmbhscMDw2/ePnJlV0Lxx/IuDquq9Jq9m+78819ag7pdOz87tSIpp9vrmfc2Kf/
UJfosoz0NiXFxnrdfEenmD7eG3Eup5XHqEP292r6lktPLV0QnzDm2gP/6V/nj7D/pFEPp6jIZvmn
xndv7BYxpOOUK00nVOi5/tUm56nxJfW+cXh5pMLZbPvnWakjW+7/akzh0Uj1AVuX03zLy9n9J7Sf
0Dd7dsK6Wh4hRxPzAq8NvTOu/rRhst5kGdy5R+r+WcUx/+9Y7VRQy+k7i8oGsYQh7xXKxDvd2339
vffKLjnTt+fdW9W6feD+E5Zq1hMcFaNW04b0IqP4LiSQtP/bldA/LKP+pEDN7lbRa296z20Vpy0a
aDLY5yZ1nPpoZPiOduVYk7KtH/TKdnnoO2PL4j62V3I3t65+8s2qbw9t+e6D2tUTzXFjh9FCt+CH
8RuHp7ttDf55wrOp5XeaJrfcc3/s3aSPOy6ceepo0eVpu6/vanQs/cGhNc2KJ35/JPrHliedau9K
vdJ6/obqI/NrTzq3cWOl8NzneXsHhc53r58XObl86wMOg9JCth1fPd6vx7qovlcsd+/61rjxxdML
vpmvHGrnxmREq8Y5T+crgU0/C570Q5lyftCr0CsXaMqsDSxBO7rgkvvA9JAnVfMq1vZRXCb+v61h
OzrNaMdTh2PBtntXdt57kWbe+0Vp2pwzG8pDAq2uFblsUv4GLKBWAQuoSbDmEesiA3DziGPgmkcY
BQGojLIwMDcyBRZNhoamoDLKGMI1BHENGjfTo3mkbqAK4crlOWcWZKQWKbgEuyq4BvtZWZi6GOsa
G5g665o6ObsZqhooQ/wkg+on3WCQpxSCU4vKMpNTCRZvH1h0N007INWYrrpRLWmzsPc5g10HhCz+
NKaasB8x26SS8Y2d5QD79C/bP1bLJem43fReEmiy/XLO2yjrLc0L3W0FOfRMs12fHbLpYUpjWimR
+drrrbrOO5vy6CVXCmZ6h7cIXFiv+6NT9tkrzS3Pz89jS1peFHLI+th5+x0PN0QI5Dxdev3woVLz
vV9aHza+0Lgh/fHTuo9Ni69dZ140X7Tlt+2v1Q+3GZ1YwJTy+dl/KbVCjuAuUaZPzeplnk2Fy9+v
Nao4dj1HzF8pdXqSr5v+f+X1rW+WFexlPn3rhhHrUe0JDtvmXdVpy9l+WtiotvdY3TpxfaM/abtl
N7iG/lj7Sze9OV1zcsulqIXKyM0pRIHwYvq37+97Pj7LfByZ4fd9RlfV3dl6KC0lrCUGJS2lkuKC
5ESqtJRgJpVgL6xR2n9sB7CVVrz25fETbfYtNV1ym5W1RT7s0/uZy45z9OpvPmtfeLWtplz+7mvx
TXtrHv+c+YnL1WOtyO5MnU926Ukhn97VqwtOsnxz7ma7X8f3BHflanVRB475+3kNWZpumG7jmcNw
uXtVReLRrR2Oc+3M7kQsUZ9tdWsvW6zIsk38Pgf7bLo/Jc38kfb26mcZjQ1Gt08Zcu75rZTh5vPr
crHSc80+JYbfYfvZ1jUuEN1l8lOjT94riXVh59dG95e8EzmuR1j3y2VzZq484FET2mQfz2DhPIft
jP0N/f3+xZy2f3fFfTn+xvxQSuIC3yu2BWeiNwg3Hryy2FBqb8q1aZeq7LWi3YI5bc4y/7SPZDjT
GZxo2MQyG1hiTWdiZDRobB/ALhtKRxIx1LWg8RiodoJGGyezIQ/yOBrQXgSP25DPAFlWFFhqwDWy
GAKT+onL250fmm7rOn/sw46uD0cWPqjf6GWQhqSFxzDCIGyBToMWgy9DJkMyQxFDPngoLo2hhEEB
WB3mA0UKwGQiUCQTyMpbqNaggjOlllQW5KcXJRZkVCqglUwsTYwMvb4pv/odz7cKVJc9O807bYHn
7+eOU/cbcL/6FOM681W0e3de5YeLE0SvNO3gM5tmmX6wnfeXi8PynDlrC2RSIyfevbSx5vmcnSZr
GH8dXOvz0VLo34Kdt25ITApS1NKKT8xPzXibnDn9Y/hexq+Xbyq/2NN09cgP7f//MoJv9dl+O2a6
rfPanOWrD31QFKm9x7X3yLrDL2rXeBYsmLzspaH0LtElx8NmtF3xutY7paE3R4En9SbX/hpprspa
56BZyhGX86UzF9xnLgi0Zvx5aLnWzyk+t9fxKfUl/Q7reiVSaXTgt9KE2h+TOOJF5l1mVVkVo+F3
Yt3aNA79i6lTV6ft7D6+8fKtjOqvG7q6Qxc2MckbNDFJI2KJzbCJiQcoxEH35IheRaJU3OzQ5Lgg
1kACOS1yIwZ+GYF2wmVYDfnB4w/GRoaG5kZmBsZRGElRNGviSd2lE2pefyitOCy2L/fM6ec/0con
UBI5I5h9Qlh9X6GjWYRc3PoT6Zfn8O9hdWdOfP5jQcBeRt8/eoa83IymMx9eKn0d8SJi85ymkNVl
URaTAve8v3quYPHt2eWFtx4+rdj8e2bJwh65+E0Tb71cyrbPtdhxj2mZk4mNtKDly/DnH1T32DHO
5mOapKxsdvSi8vulfkdC+5/V2Hh+XtD19eICUeazsz71OGjp3gy93n1gQilH7pmjG5SXPCoT//j0
PPuyEt2cmmiGi1OPHwp7+3Rpum778ktCwTp9f2wjypODbWW2a4rW/RYuu8b6dM2HeKtrD80nKFw8
wXS57cFWo+bkEy//3ddwEG3+wvc4dnfMQo8zJ6+ttjC0LrAIczZac3GJzi9rBgYA4/GA6Q0KZW5k
c3RyZWFtDQplbmRvYmoNCjMxMyAwIG9iag0KWyAwWyA3NTBdICAxMzVbIDM1MF0gIDE3N1sgNTU2
XSBdIA0KZW5kb2JqDQozMTQgMCBvYmoNCjw8L0ZpbHRlci9GbGF0ZURlY29kZS9MZW5ndGggMzQ3
Pj4NCnN0cmVhbQ0KeJxd0s1ugzAMAOA7T5Fjd6gg/BYJIXVpK3HYj8b2ADQxHdIIUaAH3n7Bpt1U
pFb6ZBsHO76oDpXuJua/20HWMLG208rCOFytBHaGS6c9HjLVyWkV/su+MZ7viut5nKCvdDt4RcH8
DxccJzuzzV4NZ3jy/DerwHb6wjZfonaur8b8QA96YoFXlkxB61700pjXpgfmY9m2Ui7eTfPW1fxl
fM4GWIjmdBg5KBhNI8E2+gJeEbinZMXJPaUHWj3EeUZl51Z+NxbTI5ceBGFQLuIhKo5QoSDtSCdS
jopj0gGVHFEJ1vGA3pJyFN+TYhJlpgkqWWPYgafUIRWoLCUdSQfSCbXLUVlAonNmISoPSHSWnDpk
MY5j/W5+m8JtalxgERecstM1m+LRw9C4yCgNRxElCY1QkJ6dQtf4f8NlE8uFua9ZXq11G8Zbhatd
ltppuF88M5ilavn9ArphuXQNCmVuZHN0cmVhbQ0KZW5kb2JqDQozMTUgMCBvYmoNCjw8L0ZpbHRl
ci9GbGF0ZURlY29kZS9MZW5ndGggMTE1Mzk0L0xlbmd0aDEgMjI0OTkyPj4NCnN0cmVhbQ0KeJzs
nAdcXFX2+M97b3ovwADDNKYw1KETSmDoNQECk0AqhMQkmoJJSNOscV3XiCVq7K6xrGUVdzMQ4xLN
rlGzltXY+6qxdzT23WiY33nvzBDAuKv+97+//fz/XObM995zy7v33HPLTEaBAYBofBNBS1Vbfe2N
h99QAde+EiB+fXVFVXtdh30BwI1NALKnqyuaKlvnv3QtwC4XVvDWVlXX6BMsNwDX0gvAHa1taW7L
e7hyBcCAHdjObbVtgYpTTrkhAJzoeoDGJ5vbfNnfKV7OB2BexKd29azq7l0xcNIGAG8V1r+pZ8N6
e+Cp5g6ApigAyR0n9S5bdcOHFXcApL4PIDcu617XC7HgxOdjPuiWrdx8kuZX2XcCzDoAkOBdvrR7
yUcXF2JbzHzMz1+OCvU3GjGmL8W0a/mq9Zt6dojeBmCnAXgUpyxdu/pJ05+vAbjgIOruWLmmp3vO
J20vAazG51lfXtW9qTfha9N1WH8Y69tXd69a6jjckAJwEY5XfVbvmnXrQzr4NcC1X/L5vWuX9t5/
+hbsf+53ACYT8LYVD8/K3nuua5G25CuIkwEf7vno9Md4PvryvsNHNx27QGGV7gcO5MACBawngVFg
DiquP7rpH48prDJgroZxgbuKL6NdCXNALChY0IEPurBXUfhcoYiokd2PuTLxVeIcbNJK5J6Eu1mQ
AauVspxIpGBFrwMb8sMdIXouwIw2ux0cOJw46oN0F+uxA3Od0OgBsYYfKbauOd4b5gn42UHk4Xv9
fz+IVZAbibOJx+P/riAZ/fe3eaLA7QuF/hPPmQpT4ccEUSGU/px6XCMU/5z2uU9+XD12e6jh5/Tr
vy2IpoHn390m880Pt/nPnod5JT/lOaLC0OFInH1qYrtc0thp908D+yAs/CnP/E8F7j5YLf4aTj9h
3gMQ9Z/uz1SYClNhKkyF/67AXgPX/OiyutBZY3En5B3XQ/e/u1//zYH7Jbz/v92HqTAVpsJUmApT
YSpMhakwFabCVJgKU2EqTIWpMBWmwlSYClNhKgAXlgT6DRl8iCmMsc+DCB7HtBfsGON//qaGREiD
DKiEepgBbdANJ8FyWAm9sB42wma43h4X/oWTGutQybpwyR6h5GpYCxvGSjKhr/DRyVxK6AmA0Deg
hBuw7ucM3xtgGpiZoZ63KsK9coV7mximVXi3j+mFkXAN3BX4XB+jY+IZK+NlNjBbmXOZ85mLmKtB
wnwslPos3OLxwAAb/kXDv/pdAzPuOd83ZACl41+0cDwYxmLY43Csalz+P/ntBIP9jIwRY3PD2jUo
woiRNGZgDjD34ftDP7pX/1uBO6Fy3s9s7f8pz/XXLFq4YP68uZ0dgfa2Wa0tzTNnNDU21NfV1lRX
VVaU+8tKp5cUFxVOK8jP82Wkp3k9bpcz0RYbpddp1UqFXCaViEUcy0BatbOmyx70dAVFHmddXTqf
dnajonucoitoR1XNxDJBe5dQzD6xpB9LnjSppJ9K+sdKMjp7CZSkp9mrnfbgoSqnfZiZ29qB8Quq
nJ324IgQnyHERR4hocaEw4E17NWxy6vsQabLXh2s2bC8v7qrCtsbVCoqnZVLFelpMKhQYlSJsaDX
2TvIeEsZIcJ6q4sGWZCp+ccGOXd195JgS2tHdZXZ4egUdFAptBWUVAalQlv2FXyf4Tz7YNqB/vOH
dbC4K1W1xLmke35HkOvGSv1cdX//OUF9ajDZWRVM3vJ2LA55aTDNWVUdTHViY42zxh7ABMVundPe
/xVg550jH0/UdIc1ErfuK+Cj/BDHzIT5kThg37CHOD6Hg+/LecN+WIyJ4LbWDkrbYbF5CPy+1M4g
28XnHIjkRAf4nG2RnLHqXU4HP1XVXeHXhuWxwW2L7elpaH3h5cYX5tuDnKdrcc9ynt1L+51VVWS3
9o6gvwoj/u7wWKsHM31YvrsLB7GCN0NrR9Dn7A1GOSuoACrs/BysaOsQqoSrBaMqg9DVE64V9FVX
8f2yV/d3VVEH+bacrR37ICf0+mCu3bwnB3Khk+9HMKYSJ8VT3d+x5KSgrcu8BP3zJHuH2RH0d6L5
Op0dSzv5WXLqgsmv4+McwhOFWji2SaUjhfmRS90yewdr5jr52UKFvQbfnBUlmKHD6RKS/IxWlNg7
GDNEiuFTwiX42IR2MMG5K+v4LI6vWllndnQ6KPyTLpnDfRK7g7JxbelQMdYnes4Pdo1K8x1Ktlcv
rRrXwQmNisMdDLd24n6yvC3CD8YaMn466yJZnBtXLupYbEZQ8bMYaw9Ci73DudTZ6UQf8rd08GPj
bS3Mb2Obs7F1bocw22EvaZ+QovxplAqCA7MjCbYSfbAm1RyZViFdK6THknWTsusj2fZ+mbOxrZ9v
3BluEOy4gnDQEk9993nTDLm4NGtwd3PWdDvtOntNf/dwaNvi/kG/v7+3umt5Ed+Gs35Jv7Oto8Qs
9HVWx1bzFv5RBmhkGtsr0tNw76kYdDLbWwf9zPa2uR37dLjhb2/vGGIZtrKronPQhXkd++wAfkHL
8lpeySfsfIJvaRYmZEJ58z4/wDYhVyQohHTPMAOCThbRMdAzzJJOF9GxqBORzi/o+ICTFLscTYzb
bbV9CT89p3cu7+/q5BcXxOBU4osJMs5SCLLO0kGGlaiCCufSiqDSWcHry3h9GeklvF6KjsHEMGgc
fk/q73LiPoUO1QFmhlyR45u0D4dC7R2OQ+aRTge62nyUuR1BeSru/WJ3A5ar5aUL1bXBbT3dfD8g
0MHXlbrrezrRbSMNYpH6oBxbkIdbwBI1Qh3eHbFSD84NTqBQfxsmgts6g52p/EM7VnQK7qwLQp2z
CKed2hR7+Af5OvsNzmxhbeJSULjP4SHHvkFbB2nMmMSHdZKRpCrseY8Ts3q67GhtEfS0oavTXqow
k2Ypbokiz1JBFOZwJvDD4txKtSIoz8AG8cXHlRn8khS7pZ2d1HkhdU64AD5bF1RijzzjTBmugNbB
rHq+L/g6B7vKF72Pb6Z1GGY5N+HOwndaaEmK2UG1u74bN3+qr0SNc1qksozfI5ThNg6SVsqPXIV2
59ztw6FbnZsd40J6mpM/HHjHBPM+dGzo7J+sCM5LTU+TTdaqBXV/v0x94gpkL5l6jKiEQTk3zP52
yJxrG2avGYrPQ1xIWDsUV4A4ldBLmD8UW4iYR5hLcA6ZihGJBAfBTrARrAQLIYEQRzATYgmmoZga
2zDzBuF1wmHCa4RXCa8Q/kZ4mfAS4UXCC4TnCc8QniM8S3ia8BThScLjhEOExwiPEv5KeITwMOEh
woOEg4QHCPcT7iPcPRTN44mh6ABiH2GY8EfCXUPRSxB7CXcS9hCGCH8RwOUO2dIROYRsQhYhk+AT
5pbLoJR6yOpDKAWw3w5ZMhFHCX8nfEP4mvAV4UvCF4TPCS8PJeQgXiK8SHiB8BzhWcIzhH3UFxW5
2x8JTxOeItxFuJMwTK54I+EGwvWEvYRdhOcJvyFcR956PuECwrnkYL+m1NmENeTC5xHOIawirCSc
QjiZqgcInYQOwhzCbEI/oY3QSriWMJOwndBCaCbMIDQJ4LSUaiA0EmIEJ2KjCasJswhRBCPBQNAT
dAQtQUNQE1QEJUFBaCfIyWkPkNfdS15nJV+yEBIIZkIcIZYgInfjyN3eI7d5l/AO4W3CQ+QhDxL+
QjhIXvAA4feEOwgD5EvxNOH5ZJ48Qo/Qay6GOhFNiCIYCQaCnqAjMNRdoO6GCMcI3xHepO6+QXid
cJjwGuFVwiuEvxHupxHdRzhAuJfwZ8KfCPsJ9xDuJtxGg/4d4VbCLYSbCTcR3iKDXEa4lHAxYQdh
J7n+JYQthM2ETYSNhIsIGwh9hPWEdYTFtDoWERYSFhC6Cbk0KzmEbEIWIZPQRfARMgjphFRCCiGZ
4CG4CS6Cl5BEC4glF04jF/6a8CXhC8LnhM8IRwifEj4hjBA+JnxE+JDwAeF9wnuEdwnvEL4ivE14
i/Am+Wc6eV0aIZWQQkgmeAlJBDfBSUgkOAg2goJcWE6QEaQECbnwZ+SRRwifEj4hjBA+JnxI+IDw
PuEJ8sjHCR8RniQcIjxGrvhXwiOEh2nBeig1RK4YJOwm/IFwNeEqwpWERwm3C+DE5HyXE84ibCOc
STiD8AvCUnLFPYQVhOXkLycRlhAGCdWEOkIFoZzgJ5QRfkX4JeEKQgmhlFBMKCIUEuoJtYQawjRC
AUFGLiwlTCdICGKCiMARwj7PEKoIlQQgnEY+GCKMknIZpY4RviN8SzhK+Afh74Q/04nwJ8J+wj2E
waGo8xBBAexWmoDTBTBW/0O6Cts3mjrb1yhfqRtsb6K8gfK6aqbtLygHUR5AuR/lPpQDKPcqZ9v+
jHInyh6UIZRBlCDKbpQ/oPwe5Q6UAZTbUW5D+R3KrSi3oNyMchPKb1FuUCy3XY9yHcoulGtRfoNy
DcrVKFehXIlyBcrlKJfJN9ouRrkIZQfKhSj7uDauxa+YbbsAE+fLl9rK5dwsrgWWg41rJTI3Dhmz
cdA3EK4fMvAmuI5wMeGiIb0fsYNwIeECwvmE8wj9hHMJ2wnnEGYSZgyhcYeZJkIjoYFQT6gj1BJq
CNWEqiFtNaKSUEGwEBIIZkI8IY4QO4RzOcyYCDGEaEIUwUgwDOFMDzN6/xzklyhfoHyO8hnKEZRP
UT7BGT+M8hrKqyivoPwN5WWUl3D2XkT5E8p+lLtR9qHciLN0KU7EMHMVGftKwgoyzHLCMsJJhKWE
JYQewmJCN6GLkEfIJTPlELIJWYRMgo+QQUgn+6QRpAQJQcxjH9fMzRwqtuXey82EKpR2FC50AJXJ
aTX7hIghpmaY+f2QMQor3TFkNCMGCLcPGZ2I2wi/I9xKA7+FcDPhJsJvCVcQLidcRriU/HEn4RLC
IsJCGv8CwnzCPMJcQiehgzCHMJsQILQT2gizCK2EFkIzIZWQQlZMJngJSQQPwU1wEZyERIKDDG0n
2AgiAkdgCQwB/Gehl4ZQRlGOoXyH8i3KUXTLf6D8HeVjlI9QPkT5AOV9lPdQ3kX3fAflbZS3UJ5A
eRzlEMpjKI+i/BXlEZSHUR5CeRBlGOWP6MJ3oexFGWZ204z8gbCLcC3hNzQj1xCuJvyacPaQPgPx
K7LeWYRfEs4kbCOcQfgFYSvhdMJphC2EzYRNhI2EDYQ+wnrCOsJawqmEXsIawmrCKsJKQjnBT5NW
RiglTCeUEIoJRYRCwjRCAU1hPkFH0BI0BDVBRVDSjqQgyAkyvw85gjPyAsrzKM+hPIvyDMrTKE+h
PImztBM3m0uEDecUMv7J/tU4jrM5t+1XXIbtLCbD9su6bYEzB7YFzqjbGvjFwNaAcmvx1satnHKr
GXHa1oGtf9sqOb1uS+C0gS0B0ZaoLaxic93GwKaBjQHlRka1oa4v0N73dt+XfVxUX3vfkr71fZf2
PYsK6U19d/Yd7OOGQwf8hr5pxTXb+i7qY6Mwn4U+Rsur7X1KTc36urWBdQNrA6K1rrXta7nCI2sZ
1r+W6Vrbu5bFQnvWurw1fGHz2pj4Gvta/9qWtdypdWsCvQNrAqvrVgU+XcXoyhVcAOwoT6JwoOXa
YQfX7g+xsLJ3JSs/GUe7ImNZYPnAssBJGUsCSweWBHoyFge6M7oCizIWBBYOLAjMz5gbmDcwN9CZ
0RGYg+VnZ7QHAgPtgbaM1sCsgdZAc8bMwEzUz8hoDDQNNAYaMuoC9QN1gZY6pjajJlDN5dvwJAUr
vnqt26xHrCJll6XXwvZaXrccsXC9CUcS2DPMjDb+jPgd8ZwW31h6i7PF7Yi7Lm53nFgrRDhVr2Gb
ge3Vb9OzmXq//kn963oR6K/Xs9od2uu0u7Vcs3aR9lNtSCvarWV2a+7VPKHhmjWLNGs0nFbDpzmd
X5ORVaNV+xttap+aK/Gpy9TNam6HmvGrM7Jr/GpXUk2Zqlm1SMVdp2L8Kk9yzaeKkIL1KzDDL/ek
45vJXAMcY2cY/l+e7Qwn4+eCibbhJg97Yhgxg3eCwfa21NTGYWloVmNQ1jIvyGwPutv4d3/r3KBk
exACc+d1DDLMhZ2DDFvZHoziv4cX0mdfcAFUWBqDlraO4PWWzsbgNoz4+UgII2AZjIGKztSF6/rW
paamrktdtx7f1y9ch5r1ffgSwOA7sm89n7N+HfAFTxz4bGoodV3fIqwt6Nbx7fal8ile+Gf8l4f/
th4y/9sd+P86xC7ifzIi3QUwunPcbwt64Uz4DQzAXrgb7oO/wjPwBaOALjgb7oW34EP4HL7FNS1l
opkEJvln/t7iBGH0LPEqUHMHQAImgNDR0Aejt4U+ABBrxml2Ysok8hzXhAyhkcm60Z2jw6OPS5Sg
E+rq2EdRe4QZCR1ly/h0KJ9Ps+fwcaHGEemu0d2j103oziIc8WpYg9Y4FRbDMkythU2wBU6DrfAL
OAO2wVlokV/DOXAuvp8PF8CFsAMuhktgJ1wKl8HlcAVcCVfB1XANWvNa2IX6yzG9S8gFIed6uBFu
gd/B7XAH/B7+ADdg+rdwE9wMt6L2NtQPYPpWocRAuMwu1NyCutvCtXZDEAbDeRQfgj1wJ87e7knp
P8Iw7IO7wrwb7oH98Cf4M87qAZzn+8PvlDNe/8M1HoMH4CD8BR6Eh+BheAR95VHUHYLH4Ynv6U+k
i5T94VaehKfgafTAZ+E5eB5ehJfgZfgbvAaH4U30xbfhY6EE5b4Cr2LO66h9E96fVPOFsbpU6jCW
eyPcxrvwHpb/AEbgk3F1qPwrWOp9+Bq+QZ+XMfGMhdEwRvgK/o5pNRODOUcZOcYcTBKTzmQwPiaX
yWOKmXKmgpmFqUw4GU6Bi9AvLsXZJ3+4Gv1hI/rRuajjvYVm/BZcdbeNzfJunDd+1q5Bm/N/9wqW
v/8EljqEI/0d1hoU5vj7c3V/uMbDmP9X9LvxpfiZfGBCa7zFbxd6wPvN3VjiQLj2I2Oz8Ry28uwE
a74J72AObzc+/0Uh51HByocFK7+N+e8Ks8CXIvu+gPP7/FgLB7G/b2Ddp3FenhZK8bP2Egpf5hEs
dQfmvxaeuffhI5wtfs4+xNR7GN8v7EzvYI/5uXwrnPcY5hzB/epLnNlP4TOMfYFx/u8+1HyO8glq
P8UnfIHCl/kI+3UEe/QxzvHnOOvfYM4/MP41fId/X2KPjsK3GONzXsacr4X0txCCUQjhrsgwLMOh
no+DUOc7HP8x7M0olhzFy9AxhmNEjAT3Txl6joJRMir0H76moKFW0KtYLMXnyQSNUB7+PlZei3cq
PWNgjEwU7sMx2KoGdQYmNpwjj+QwJtRpxpWPBhB0cUw8/38KxJuZAx7HndwKX6N/J6CH25lEzGUZ
C87zc4wTPdvLJDOZTA6ThzVcjBufxnt6KVPGOFHjZjxMEjIVx4cez5RgTjlTxVRjbohJY/JxPZQy
NSfa89mrcAUIAffvF8UaRoz7//3sTNiE6RfQB6+HFuiAhXCy+H32Mf7/fzi6jnsdd3UOpFAMAZgN
zXvTY9JjZCXlCrYI6kHKBIEFOwsgQzsO+g0i1l0g4VrNan1vK9NaJWXboezV115d8Nqrh5CHGN+r
I8+P6I49P2IoLPT5sjIZvUMvSJSGlUolEmdiBltQkJ+fk5NdyublZrDORA2KJy+3lC0o5XKyraxQ
lEoKWizMa7nXv2vmao652A32quV1Vi7dHWMzSJk4sTNe6avwGtQWn9NTlBwvkUlFEoVUllRQkVi9
rCpx9FGRTCPXpNoTnEaJSK5VqpMd8YlG6ahHrDn6uVjz7RxR1bf7OX3+0pk5ks1qJSuWy251mK2Z
xdYot0Wv1qo1GmmCLUEqNWgVzumtx3bJE+wWhVoj10WrlBabVaFRybQxxxzool2hj0SbxU6YBivu
5mq4WuhI5W/agY49FgvohjnZXemieFF8tJz/gJzbFo2fmvf4vbO9qbFl8TNGykb0vNEY38jBQjSd
ee+/LpuV2clEka3QkKLoKCvLGzYnOyY6SiMLm1DE20+02WgxqF1FcysbtnTV+UzOiq6S2qW1PqNa
LpLIFOoY//z1Fat2b6nwzNhww6GtNVsXuEUXJywsdHgcxd2/2H5OUc3JNU6ry2rUSxOcyU5LjNMa
XbRhaOOCRw7ccWaTJZN3WcgNHRXbxFHggwMTx+83OVXqRHVirEltcikVbp8bFKaUWS7nMHO63+ZX
xrp9iSKLSQFqkVersqlYFadSGSyzDAFxgB9xWZmh0AeLFi5INRUaTIUH42ccO1jG+J7MPpC99ZyD
B/VMTqzuwWwdH0fD7fk/bRnN6tZwgq8aHVwkRu4p5RyRmMjL6uy5Hk+2WcEtH01YzuocOZ6krAQF
9xVDGQlydhHzzkJ2LOVU6BRiMb6xqmNfRuKihyOxURfzSiRO9mTz0J7RUD3JntpoUCqilaAQiXWz
wiPB7jO+B3Oy0QJ+5ffzxg8qPACmDLucG+myHnvvybKM6+TxjoVnVyrG3aIIbp7Um1yfMkOdFp1u
NKrtSgUUxUQ7/Pbc1ox0ZXSaz1Ek84Aixi4yqvHP7Gk1B3Rjxi8T9gmDYHuc0PhD2TnPoqBWn0N/
/Gh+RlvjR+tk+CXiSeKc4+eSt4DJmMOEo1KJmVNZst1JmfFS9mn22F5VdVl5IXMl+wyrtmR5PJnx
Mu5dcbTNa7oprdQbLdoqZvZHebNKku+Oc0WLRcdtZvn27Ti9SS+yffvmmO7MOK9Zo3UVJX83yrFJ
hW69xpwUhzYNhUIfcPeK3dAA50606X7Qsx9CGeSzn/n18WX4B259fpVNmiZNy1LxX3hVtWUNM717
/LZJe4IezcD4DvJR3YhuhLef4sfXFHYUjSi8o7C4o0hwK8F4BhfZSsJbt4TfnTEt4u7lJHK1Tq5J
mT4rN78x0+QqmdE8o8TVdN5fNpWvDhQliKQKjV6h99V0VRZ3lthcxY0zG4tddduGTsme25AbJRcN
yKwuty0qzhJnzZpucxX40jILG7vLFt6wsSra6rBaZXZ3kj3K5rZbc6uT3dN8KZnTGheXz71y1XSt
KcEYjUdUaegDURz3AnjwHLvsbq6Oqz++98otMuswm3qnJ8lTLOP/YRg8WcPsbX6VUV6cZMGjkXPU
p/BfN8c35A8z7Xv9mhlck+BSgml4t+JX1sizr46gP+p4WwlL7CfU5r0xcviRC5IxY0zh403KeDzj
d/ACbomoYLotKVbKJmgr5q4qajnZb47Nnrnqgs62bZk6zLN6TTJ29ClnYFpKTX6yWS2P9drS5rdM
1ziiDfwxt8NeW+SZtmhLZdlll557cll1RXO0QSzXKka/LCjwVnYs6k625qfE5c3bXM2v7eLQh9xc
7nnIg1MnWm9vQgLovbn34O1DDArGO+RrsN/DuCAOopiWPX73DHKhY8+OlKEwvkN0du2H3B9Xg/yN
PX6CxRw/wCR0MRAJTjZXaTDrtAnJpVm5s6Z745W1TdNaCpP1CrlMrTcXNXVmDtxuym3btGuZt8mf
FSvlekxFuc5Ya1xG/YJFc+yt7RZngkGvz8lNj3fE635/2/RLdvaf7FdFJ5gMEPafVfiJOQ2X3M6J
FvArHOlliZghTyzg3UYbnZbIJdWgUg4yiSaTn/uEhqITzD2/DwmLkT/Qc/Ck0gjHk1/zExv4nveI
IkvRNLaTR9wnhrxnacR7zIL3FAame2MVsTnoPx1JtcWZ+kWsxpbldvvi0Ye2og8lVxckmzXZ+ZM8
qNhtya5qak0qv2zn9uWleos3hnlBoVNKJEqd4lhLwbSk8jldXalNM/I60Y1Y9KIPuEdwFWZACeyd
aMW7UrILJCKQD7M7/XKnXmXloqKcvmF2hz8JnHq9KvvDlIIHvSDRSfySFkmXJCg5IJGaOYnEmtKg
CvmtMyJbVeS4HuEXoo+/cKLGVIgpk7As3T+/sYgvOiWSCX7ISsevWbR2Lm9sVsqX4B4pP/eZS+aL
RO0LKlY056pUColSr1T55/YWde3oyoyb1rH1phXzzmpP/qasJLu5JFXd3rKywsq+XLeuLc2Ubmyd
ZTQZNVp9WqpHoYqNUntnnTGn8qrLti8rTa2dV+nNc01v80W7svCkaBjdyfnFm/CWft2k/c1g1dvu
YTfhzqdHc+rrS+r89cX++piYen+xCFJwy/fsmVlrLRlmvHcV21yGurp8XuV3NUfMcBCdDK89uHwP
mvAcoJNANxLZ6vaB6kc3Men8kErJhCInnb24B3vGnyN4OIfXeE74+m+KieH8nFim1Mgkxlibwe5L
jJVpb9SqOJlKY1TedK2+eO5pM3NrFGIRHjtKjVyCai1fSn5Fr0rNSRU6o3q1UVc677SZ8bkpdolE
LM6VmBNdNqNEKjEklaY2GaMVdjdeZb870vaLQKoO16BakuBABcuxRm9ZOntEH6uwu9wWY0/7ttmp
YrlKIjbwu6QndBTvAL1QDr+atEfoMuJc5XjlcipjleW5IrFxmOnwG/yFDc44BbgyJNbkGmuTuCl8
48RljTYT7mu+g9n6nEPCpe2un1R1/AUnPz/yUUoaueEwkduqhpNSNDpKIuVWsFpblsfli5ezp4gk
8ih7THJnc6m6FdXZLrfPLGMZKauxh7eGWrFKq5UaKwI9uVULS8wyaaJCy99otArWFJ0XHeM2a3Pn
bqocXR1Ri52R3WH08pjsrAyD3Z/r8FQtnOaqdZL92FS0XzTUTrYf3mf9CsArLV5aa8KjFQwUfyh8
o/1+5jgTRIbLOFmtNdvl4Qc4fiSJ3+9heD7fw/2qCLZM6o8qKz7e7OG0Io1bG81PSJQ/v0GkMbvj
tVkemT213t4knzglx6dSuLPug+gfU4s+wI3NmjCTngkTGdnhw7PIvSeXruEnkR+XnF0pFnvSJ0/h
HlZtTrXakmKkrCW6Zt4pRTWLiuPZF5w17mMvHZ/A2GxjelFu58bK0ZURJbdVoZWL+VvCTmd9kTu5
ZgF/Npbg2QhoJRN+rpsz0U73Yv7dEAsufFeBhUkcMjYkDzPOPX7p2B47wl+dRgST/ECBcXtGZG8Q
5074RCsSgblo3hk3LVu6c3Hm8djod/qk6WnZLWUZVs3xGLu27sqLz+ie5pt39uy6Ky86s4uPLUsp
T49NqpjT1ZOeUoGxyjndi4ENHR69TBhbCp77k/ZVv9qRl69S56nzYtWmWOCPfnmqSZWf5xBJ8cxu
96s9DSZ1rF1kMNcbmgtRM35QwgTTEn92xMd/kNEJ5z9+VOWX+k9uZpyNksZ5y3jXEEf2AGlMDNlM
uDB2eGuKMw3NvHu43RnoHkdF+aW2JLw9JmjL560qmrGi3DJ6TBmXlJA+r6VUnRC5DajZs8ovv/Tc
5aU6S1LM6KrIshEdpnvkxY7aYk/e/NMXJE5LiuKvkduFe2VXd3hdqdCqObB5kk2NXr3eYkgASwL/
Ydyn4tQcnk+L/Dp/eoMhQe+1JElMifWmsSXOG4E/ofnVNfZ5kD+P/nmVyafQDywmUwynEslUWqNS
boiJ1yfOqClQtRxfR0OsJrKOEmLLapvcWps5WiLh7pC6MnPSEqRSaW7g1NLRNd9fPhem1uVZcX8V
S/j/uhlvRVK0Rg2cNdEa+0HLbsZjO5e9zG+MKcY/cGpz/ebq98SKD/wN9mEG7krx/cNvnnhlPsEH
PNWPrDbxts1/uhOFP92xkw5mPFBE4Q94vJmkUo1RpXZmV6Y7C1zGnKaOpuyiNdctyZxTnamSSTmp
XKWRaRLzm4uTp3uNWQ1zGrLyl1+6MKW5zKdQchtVvkyn0WQw2FJibSlub8ns8qYzF+ZpouKVMoNG
npCYmKCPtcQZE9PinGkeb9Hs8tot83KUhhil8L3DwtDH7DuiQaie/MnOb8lPSy1IrZDJy+XlBfLU
1MwCU4EJMivqCspLZGl4WdkrT3Xk12mHmVl7/I5xt77CkexDhfwXDoeErwwKw+vz4EEdfYN0149u
IuJpTu6HL41jtxx27JYj3ItwVFLe+R5o58Se5NjEOINMppThJ2m5K2taQsm8UhsrFnNzVqpVUl28
4RSvsO27MnHb996nV3GXKWwul8U4ukCbrPa6pXKpVm/MTHfL5TqVNC6/vURpsTvUzB59rL4gz/MQ
rl+xGNfvQzG8TVfjCn2HexCyYPZEm+4DB5syZIjx3sPeBgB29hK/0h+TXp+oNterw2tM+KZmBm7q
ulcF75NPzg6fanj1IBskcR7PmDMZo9EGYTNw70gk7rkrt9YrErz5rgJ/oopZwbByc06qNyNOxjSJ
c9pqS60c/72a2xcn525W2g0rX3r2sUUavZwVq6J1XKIuQRUVrZaIFHrVsVPj5DN+c1NwsRq3KVzX
OM7TQ0clMTjORrh+8jjT2eQ7rYlGQ+Y9/8PeucdHVZ17f+3Zk7llcoFkIITbcA3XEIJCgKh4406b
csSD6NHcyWWSjMkkBA9C6q1qeT1UPdaDtKJVioqKaG2rPTAUTCgSpFAlUsZGEIgIFCmNVJD9ftfa
M7lA2tLz6fs5f7zh8bf22muv53nWei5rrZ1kHMsTnACmamfe6jml5+Ab3rW8yMTHkJMx0wbPmHX1
rBEJ06LjZmbKP7jgmir/+CVOVjIT9D4ps/rMjWnf0oX8RfB1EfO0HaLDdoqX0rpiu64Li+mXm86T
YI8cdHon9G63oq2XwzrstuLam5z9R141eNTE/tFaaqsjYdg149OuIQLmaZqj39WpKVh0tGbThkfF
9R83ZFhqsku7SrMNmzNzWrIl3pueMozn+otxg92dDGwZ/s3BHr3cUcrYKa5kV0JSnF0Z2+92W1a5
e7iscsH7pjw6etqalzfdGjE9tk+8+J/6UWyfJooueWMZkpgw8l3Lesw82LLuzaQk+Vp4aFrstITU
WUMcif1nJc6J/Xbkh7PhYGucPK7tfWSau8t+7TY0XzWGT5yU0CnwJoQt1ks/arMN/nbhfbecdfYd
OWX46KuTLDGHn7BYYwZeNWzkuCSn5Q5L+vybJidZYgdNHD0tTX8uxtvjju17PllycV1Mj2ibPT6p
hzZaXxTTz9UT0+iuxLhv/mPO6md/8i9y/Y+XZ6ZnjC8tL0cVcdIdJ6ZOS/RE9xoS3XdIrxHW0QOi
PcJljY8a/QvthbcGzIufPiJiHALnm928xfYwXwzUXqdd+sPnrn850mSJ6zd6oHdkL4dljaXH4Ikp
Iyb0d+iHHDGJMQlTU4eO6+uyxSbG9poyKmVcX6e2PrKX6yvpYLNRnH+sZ9r40TEJCdG9BibGj0sf
G9urR0xvL++d9188qN2tDeL0N/gNt5AfXom1J/y39hNOfSMiA48/28ghr3582jDsr4anjB/5hc7d
10zZ0HNyev8hsVbHxgH2XkOuGj40rW90aPbj04KJPWzRiXFa4pODR/Wy23skEzdXG3/SSrQRaBz4
KyF0DyfLBO2lTfa5HSwlD5VSXedTo1Zii/EMvCZ92Pj+bnuMxzvlqpT0fs76uLQJ4wYmuJOG9YlP
m5A6MCG2zzAZnzn6BMs83qj7iP6/xGef/Cw+1umZ0UEJk/oILTKo7G0RFZ6UZd61k19x9howvA/T
0p0bB9g8clrj+kVHTZj1xHVBV6zTGuVOjFUz661mZhEter7+eNQSkSBSRCavi4naUTFADLSkC/nr
k2PCJRIsE6Y5o1Oi+gydEd9xKNeFtsvBhNTv1i4Ji172S271fhZ30pDkvoMSorQbLbH9U73Xj7Ve
7GFx9x5KY0+b5UYtrv9Y7w1jo/THXPEum41C2yI3CI/n4vWXtpCl6/8+aSP+B7RHkqX3FdPWf5z0
gm76Z5A16m/Qg5dT1IgwfXQ52Z7+f0/2jCumuo7kSOhE3+2anGMUvWmS61+6oG/+eRR9N29K7fRq
N3XT/+8U07NLmqNohaJf/O8QB61u6qZu6qZu6qZu6qZu6qZu6qZu6qZu6qZu6qZu6qZu6qZu+l8j
9VFZ+V0r6ykrtDph05JFT32B8TXl7eJacacWND6j3GqcpGwwDos79duNE1q8ZjFOU8Ybn8tvjFD1
AcaXlPcaJ+X3RxjnKVcbZyiDxh8pt9JnABJOaSPg/ZJS8o6AV9YHGC3y9+EijvJe1bIKCSO0oGrZ
KtyUDbLO2N6mXGi8SHm7yNYWoeUkZdA4RLmVsS1CS7NWo9prVHuNaq9R7ffS8jXlVuMrygbGdi8y
P9UeYczfUK4yWilXG+cog6q+VZUNxp+1lYynJ+VW4aJsEDHaSnjvo1xolFLeLuZoq5BjyG/NYEar
kHCccqtxlrIBLauZewtlPO2rmbusD8Amq5m1bFmNltXIydCCyhpB2s9RrmLMQW01eoPKJvJbVWQp
bRJkDGsoFxqMD96p2lZ4oyhXqzII11Y15q30p6T/M5QLjZ9Syv4NSleDkt+g+jeo/g30j9IalPwG
+svydjFNX8A49+kLiISH9YWip3FQX0jLbsqg8Q7lVmMLZYMs6VMCT0/6387csRFzf5gyWdUHGD+g
rDFeo7zXuJ/yEVVfqcpVxjr9drRnUi405hCrYy3yW0zM72rJV6WuIjhW3cm6RfTSR4nItwpl6tZw
3SqG68nhepRI0qeF6zYxVH1njqzbRY2+LFx3iFFINetO4dXPhOsuy9o2XdHiVmvPcN0tRlmLwvUY
y9PWx8P1WOGzj2r7xp90+1Phuibs9h3hukVEO0dHvttHDHAmhetWkeAcEq5HCbdzYrhuEz2dkW93
sYupzlvCdYfw2H8UrjtFvPM/wnWXltWmK1qMdj4brruFx7kzXI/R5jr/EK7HionRo+W3MFmdYTub
ddPOZt20s1k37WzWTTubddPOZt20s1k37WzWTTubddPOZt20s1k37WzWTTubddPOZt2080vCK9JF
mhhP6RXzRLHIE5WiQlSBQhGg7UZqlcKvyhxaiqmVi1SeXC98kFfMp22xKOJZlbor4Fqgvn2ngBHJ
b+bJoV+xyKWtmB7Fql8OKENWvupbzl0VbeXqmclfzAi8IId+xUhYyt0SagF0yT7VSAzQXsCdHHM1
3Pk8L2c0UkpFWGqAHmVhnbKHlzlWKJ1SS5Wayyw110Ja5ByraS9QHJWqxadGHQjPI48nY5TkMtXi
UxJzsJHZHtFShhyfspg/PMpyWsqUVlOmnGegwwikRr+ai2nviLXNsUtNFVjAy/xNi8tRldFXfudR
QN3JGQfa/GHazNTiVWMvD8+rQtk2V/VsH3HHGUmr1So+c9al3KeqeOjozRQlrUxJWKrsUB32fEd7
S4+Z8y9Q45fzN/1SqaJBXk2N0tdeZPjbZmOOcXG4TxV394SlB5iF6aGaNi/lqBjJobWs07wi0Sy/
GypH6c8L60/tIuqnXDZPr7iBZz4lbVaHSLg1HEPF4Wi7GnmTyKXO3GPbuDvy/vW8CKgR5qu4laMt
bfNYxJJdZericBb423rLODfjo5z+BSrS5tIjT4xQHhhJn3wlb4birVDyA5AfG4yDlihKVRnYWV9q
WPo46ktVvC5Wo/YjYSmt0r6FyioyrjtLjbTL3DZnX9om7zY1BzOmlqpYqFIjDKior1JZanJ71Rxk
xhQofxcrHQXKR7mKN2Ktm8UC5n19mLeywxMz2/KVTdozaInSlacyrCu95r3sm4cHq5UN89siMl89
lzlvziAShX410/JwHJqyClQp8+rSecvnZv6OgEt6SkZDbpumrkZVfpnkK7dRu/TIGuoNr4IBNe68
TqvR5XOPrD2XjmtqBwvImZhzMdfkyK5S2ba+56sVrlytdDl/daamnXM62dRcHyrCpTkrs16tIq9a
cear1ULOpqBNjuzpU1nztzz0z8qL9pwYp0Yjc8DcJ1KVr/yi9iVvetr4dO+84rzKiqqKwoD3xopK
f0VlTqC4ojzVe73P551fvLgoUOWdX1BVUFlTkJ96Y46vOLey2Ftc5c3xllXkF1SWe6tyyqu8PC8u
9BbmlBX7lnqXFAeKvFXVuQFfgbeyoro8v7h8cZW3gq6BgjI4y/O9eRWV5QWVVaneWQFvYUFOoLqy
oMpbWZDj8xYH0JFXNcZbVZbDCPJy/NQlS1m1L1DsR2R5dVlBJT2rCgJKQJXXX1nBuOWwke7zVSzx
FjFwb3GZPycv4C0u9wbkPBgZLF5fcTm6Kgq9ucWLlWBTUaCgNgBzcWlBqjc8zZQqb1lO+VJvXjWT
N8cdKEJ/wRJvZQ5zqSxm2jDmlHmr/VINEhfTUlV8D90DFUyoRk4px7skp7LM1CXNnFeUU8nACipT
20w/JaLTe0OFL59JSSPcioWYk/fq1Enp4cdj5WPzaSdfBCpz8gvKcipL5cTkINuduhgX+GVzXgX2
KC8uqEqdW503IqdqpDe/wDujsqIiUBQI+KeMG7dkyZLUsghfKt3HBZb6KxZX5viLlo7LCxRWlAeq
wl1lvTAH9aWy320V1Vhqqbe6qgDlDEg+9ubgmILKsuJAoCDfm7tUDevmBXOv52mlusFt+dWmg5YU
FecVdeDlWlye56vOhxVD5hdX+X0okCb0VxbTIY9eBeWBVG9Ed0U5/h1RPNJbUJYrmdpFlUc6dzki
1V1GKN6qClQW55lh1KZdRk9E1lQ1gBHFaCGSZapUynjPr1hS7qvI6aiUMeeYIyUemC42lpXqgL86
gNlrivMKZJ+iAp//kgldiS+UJ8blFxTmkBOpOVX+WvVOI7970kgSD3X1f+DiHUHnHO8SccJuGJSW
8BuLkN8UKuqEaHsX6vpfT/2HbrdGH239lfaPiZH9LVcsPy5O9b9i+fHxsr9+xfJ79FD9r1h+QgL9
e6pvdHXw/iT7y7fWZPUNrWNEDCtrsriJs+mdIlOziFlavLhFSxZ3aQOED6su0RaJh7QK8YRWI9Zq
94pXtEfE29pKsU1bJXbzTv8xb/RHeJ8/zdv8eX225uD93cP7+QDesIfpP9RSGeLEzvq1KVeovwz9
teh/GP1Pof8F9L+O/nfQ34D+vegPof84+v+sNWg29CegfxD6R6F/PPrRpd3QWb9lWQf9segfhv4J
6J+N/oXoz0e/H/0r0P999P8I/RvQ/y76G9C/D/2H0H8K/fInJw5tq5aI/hT0T0T/zej/FvoXoP9O
9C/urF8/3EF/HPpHoH8S+rPQfxf6S9G/BP3fQ/8T6F+H/rfRX4/+vej/BP0n0f8XbbUWhf4E9A9E
fzr6r0f/d9C/CP056C9Bf1Vn/VG3dtDfF/0T0T8d/Tnovxv9y9H/ffSvR//P0P8b9B9A/xfolz+5
itJWah5tlTYY/ePQfy3656A/G/1+9H8X/Y+i/wfol9/S+5PO+m1/6aC/P/qnoH8O+ovQ/yD6n0D/
c+iXP6Xajf7D6P+zVqPZtXvR+4g2BP1Xof8G9GehPxv95eh/EP3Po/8t9G9G/3vo/wD9H8t1wmHT
HLaM/OxgMLjD77BrDkdhYeHyXfxz6MKhZ/OPR0GHU3O48ury6qqh3wtJ++AVitefkfS032YTNlum
b1dTU60tStii0oqCwT3ZqovbHWnXbLa0haeDQb/LdtFhdSdlJiWl8a9ZdcvOrvX5mpqa2hRLzUqs
2a6qGb5du5r8jnDrriaE2azCZvWbvaXmjOxsRNqtwm7NPi2bs5XipqY9p5uDNodmc/7+9wdOndil
hPh8vqK0tOygQ9ccVqVTBINW3bDIEQQtFmHR5b2mRhTUdYsjau3atdJQ9n65UuX22r9hNZfmiL47
WBWsDNYEQ3Whuo+hS6ym2ezt1glbzWnXnHab7XKzRdsNpzU2qc1uThsdGb5pIKdVc+rcRSyH6Ijl
qEYsZ7aalpMqa9vsHJWR78942u+wao6o7Ijp6G+DscmfbXNpNteu4C45E3FK7JKxo54tlMaXyq3Z
f8OCzogFnTYsKKfoMC2ICZ1O4XSOrxtfl8fJd4WQZT3ktPKfOSE6OmOEMyYjI6PWd7psY9nGirTF
afXZ2zGWcNozc7FnP/fKWrtd2B3XFtbX7zros9uEHUur0HY5hMuh63qHR9Ii54LB2hjHRVeU3e2+
Nsm0alqzy05n9PpqCgvxqcsqXO3DCCoV4UeqnonM+l21Lodhd0ycOmFCXuEy+kkVUT4zLsMjyU7D
5c4o4YxKSzunhPmlADvcvlp/tj1a2KPrs+uzdwfLg1XKFi7zsc9XmyGjVI4EXjUUaWXrRYscmLKy
Vd5raqBULC57VtbatS675nL0u7ZSReqFWpdLuFxpwbRgTl1O3Qoop26bkHTJFF2xwhWb0S8z01fr
a/I1lT1d9nRDWkNafZq0jL3ftbnK2Of8prWXM/4LYZMu2x7ccc4f7RDR0tq2yDNlpuX1F4IXlsU6
LkZH2ePcSddea9r7dHO0ne5yWr7lyqrRVhFtTbvU4ss7WByx9RfCFr8Oiy+PWNzmW9bB4svy054+
pyxuw+KYPHiaMWt2R5vFNbt7V/YuLP5J8CvT4g7k5+UVFmYqi8uhRCz+V0webZrcpkXbZbZFO7Vo
Z5y4rs5fB0OYDonlIlNEu7ToaGl+6QDT/BEHRCMnqsOUo2O16LiMfhmZGb6OPqiHlHFjB45Py+gX
a3voQq3DoTmcU1fkbWvYfbHGXJmW5yp3u50a/9VJ0nmJlom1TTSI3eIiL7Bq2eq3vPDCOZwS5zDc
bU4Je8XtgFsOqXxFVV4eBndbNXebW+QglebIU3UzgGFsq79YG93+5OJB2VNuM75lZjbIGyJFLjbn
/K4ozRV2jvSOw25xKO8U4R6H2+KIkVPenV2aXTqtSiWFFK0c5DM9JEdlaxuVcpERcZFmiVIucodd
ZHErF7ldmttlrxsYzJjmF+1O+hQLXSvc0ZrbnZYtKTuYHVwByevWOklSWVRHE7jjNXePDHtGXGZf
3wDfRN9ENoL6wvqGldtWbnO7ncJNKAysS6tLExmiH8cqO0f1+7H/MuF0aE6XdJvym7keSr9Jx8U4
tRjXpY5rd51klaa+eCEYvLg83mHE2PCdW/ku7LwYBxLanCf9E2PVYtqHLseuRtD2XN0p/0kHujs8
Ux5Ue1L5cn+YVS665jrAMhAtYz8t7cIFJfhcrRofYuS65fc7YzRn7LakhqSGtA/SSrP/Pdv0o1uu
+TIB8jhlToQyRRKUphwiByud2u7VKLwaJe8jbo2yWmLMhiibJcahNrrwyd8lnrfcKvS8pZU+kbi4
sqBUTPHlBMrFXJ5o/zL/Bi96BG9K8sRv46ydGL7TcE+s8Kh2s8XC6SxO9IL0WVlZM8XQ+d+e5xVp
t8yf4yVUzD7y3Ste/X/rDeou0aNNOmsH57k+4bso+ZFyTnh98/xVfvGCKl9W5UZVvq3KX6ny16UF
leVihyp3q/J3qjygymZVHlXlCfmTAXFGlppNlUmqHKPKaaq8RZVFZaVlpdoyVT6gypWqfFKVa1T5
gio3tL1B/b1Su8LSgSV1bMCqTF3+dkmoVOjc0lWvf3abBS/E/MPXWDFApIr56ifN94nHxfNik/i1
2Mu6fobTuVPN0xGe6wkhf8Omw5dIymvylM37lrouLTGvGz/pwEPcvbCx8/22+M7326d0vm8Y3vn+
N691vj+Y1Pn+k7c63zdf1fn+eJZwWjrcf5HY4blNaN/kdrq3WDZydRHRI0QW84mF5z5MlWbJEiss
L1j2i7X6j/Qfid9ZA9bnxIdRIdvjmu76L9dPtV+6GqNnaDvct7q/b7nR/Zz7M8vSmJdjNlr+O+a9
mL2W7bEzY79l2Rt3Tdw1lo+FdvfbMhNti9ybu6Qm6Iz7QjvFWExSTy6hGHfM7DbKgnIhH/S8oj2X
EhwHYi7ErQvTxg70tqT4fl3S8PhlbVQf3xShHrPDVNcFPQ49nXCxnRIdJqknl1Bir8QxbZTuuQma
raioK+rxuKfG83Cv45J6J3VJw3tntVFJb38brQ7TWmhd7w0d6G3Vdik102td7+akiUkT+6yXJGvU
6/s0JfdMnpv8UHIweacks72dkpu7IqV1XfJxk/pa20nK7uuSZe9mif43DRreRpmD5rdRUZjugVYN
umfwDdDcwZsG76C+afCmIdOHzh22SFFg2AHo9PB10IaU3JRakJuyfMRNI5MlpeSOzBhZCC0b+dDI
laNckHf0Q9DTo58fvT5MO8euHJc+7mxa7PiN0DvpT6Z/lH52Qk2Y6iY8OuHpq45D566ePXHNpM2S
MrIyHlO0a7Jt8gNh4o77BybvUHc7Ju+FHph8bup9UzdmDp62atqq64ffsCEjy+zNdYfZ66ZNst9N
wZufuvmFmzdN7zd9taLt0z9RdGL61zPiZyRzPTFjJnTnjHMzbTPzZ16ceXHW0Fmn6Ld99h2z75gx
k7JE1iD/7HvmiDkDFA2dGzs3EUqfmwEeg56c2zovfl7yvOS5T84bOu/ReY/SzpNvZYOaefFz0791
+ltff+eO+Xtvyb8t+baht6Xm7MhNzX0r96PINc8BPV6UUTS7eG3xy8UtJa6SxJIBJWNK0ktuKiks
8ZfcU/JwyVMl60teK3mr5LXS6aVZpY+VrildV/qr0vrSltJWX5Jviu8O33Lfk77XfDt8u30HfcfL
HGWjymaW5Zb5ymrKHi57vOytss1lzeWDy28pX1ce7Kqt/EBFYsXwioUVlRW/qmj1Z/jv8/+qqzb/
qbtX/ZV1aPNla02nlUStC2oVuDRnOke8GbVdrhCRVaIDdc5zlckqb+W6Fvd2n/W9jrM2npm8g5XM
XBfllTUwfhlr3p6YA3Hr3E1t6xjraI/Zg4okr3tzeMSKzNmxYvrUmmj2mh1zIDJr2SrXR9X3jHyu
+kdm3sTdBVbXA3CcUdKaGN06rmcUta3YHddstVL7OqzN7avzATnuy1bkty9bkYeH1+F6uQabK6+S
A3eMj/oetVaxWmH3nVzXytXEXDHMtYd1SnqkqM1LrEHyrt1XrDxSwoa+VtV+fND8sMwNHddEc8Vr
W9O6XNHM1VLpnx9ewzIjqxetwwfNT95JHfnjN86+w1Nk7g/qyl7QO4sdoMhT07bCh1fuHnXhqFBk
RpDcM1TvItkD3iRPjXwSiSDZ3qPO3dQWVX6ezfbUSH5VV63t+1PHHUqORe1Gkf2ofUeqMUd3yR40
PLzzlKhdR42Z51lhnWidvt1zU+/VniJzJ2iz7jppJ/MuYkkzQ6TNTM8OKpJ2HVQk59x7bcJFekpP
NKtrJNeGJzczKym7ORINUqJpbfpukP3YJ24wYe4Ug29Qq3sHkjuFuUuofeZ/SGpv6kBd9NjUmcI7
VxtdzqF2rH+I1J525bT+b9OllpLUth/+FVI75BWT2rWvkC61jtrrO9Dl9lNngA4k49j09D9Gl0v+
+6O7MjLtLM8AMQcmbb75qYxd7jPy9KAoS7ZM2ixPDPIuI+vmp+RZwnwm6apzV52Tpw+zVe0We02S
PNNWqROKPIvsmLxDnTPkWWQHHFns84nh8wA0u0SdAhLlOUHeq6s8Icg+j5kke8g+ULgluXnOAHnm
IM9Xzy6R5xN5NlG0XbWslmcTdbd9dolcR8LPIE44L0z/RJ5jFN/X6kQDSQ545LmHvvIM036qmb59
8l41411yrvOSzZlO2hweVaw5whkzlWyp6Wspy5R7Sa5d5rGOfh62yLwTNi1o/FKfZzymLxB99IUi
Tq80GvXNYiRPYozPtFjQ1zio9QNBYxdPDwuL/NtlfYFxVGjq78EtlI36QmO3iBOvGK1iu9EK7/vw
vg/vMXiPadlisJYjsrRcMVbLEyO0fJGglcqvQTWy4SzXfQbvasg9Kaz0jaPvYPrG0TdOyf+CXl+K
GOQeQu4h5O5F7l7tTjGE/qn0v4v+mfRPR/ZYZI9E2k8Zb5OIpraB+fXXlxk/0u81ipnfBP2wsVb/
TIzVj4jB+jExQP/cOKYf511RamtC26fCgbZP0PYJ2o6g7Yj6e+OFxlhG+ziSj4kSRjdJxIMpWGwq
yDc+EgWgEFQZH4uAcUJUgxqwBNSCe4wt4t/BMnAvWA7uF0PEA+BB8BD4HngYPAIeBd8HK8EvRbp4
B5wTfcRF3twNkcjLfKKmgWJxi1YvPMz0Lv1WMVW/Xbj1u4BPlOsrxED9u+B+kWx91thiXQueA3vF
EOs+8DvwIfgI7AdN4GNwAPweHAQhMSQq0fgo6rixJaqV61fga2OLDRvYJnC9Roy0TeNaY3xkWwJq
wVKwwvjYVge+a5yw3QceNLbYrxYe+0RQIhLtpaAMLBND7PeCB6gzXzvztf+Q+jNgDfWXwQaRbn+b
K/O3/wWc59kF8I1IdFjEEIeT60tc6et4BbwrPM5FwqNi9hTx7VJR9hnWe8XYSaTuxMe1+LgWHy/G
x4uJqAwi6k4iahURdRcRlU9EZRFRt8C5kxj4jn6r8Yr+r8bLxMKtxMIjxEKVvtlYrR8W44knl36U
CPpczFGxdIhexxhBe2Y8ib4n0bcGfWs0+ZvzbHEz+pag7xb0ZaMvE33T4M4N69qGlOnoegZd65C/
Rcnv2UHqG0h9A6k/R+rPkZqC1EykBpA6HanXI3UCUicxi2NIrkOyjPPvIHEzWdfX2AfnPp7+gpaX
RT9kb0b2ZmQHkB2gRyk9SpE9SbvL2I38a5C/DPlzkH8L8qdpxawTpeh92nhH/cX/AmMieu5nBg+h
axwzWIr0H+iHjFZmEdJbjMPMZIR+3DivsvtLNH2JptNoOo2mHmhJR0s2WtLRMgktA8PZ/SGSQsLK
6vUEMZ+IdxNpOcOqVMla8V/ifsoHwIPgIfA98DB4BDwKvg9Wgp3ofh/sAo1gN/gA7AG/BXvBPvA7
8CFoAiHjgvgE/AE0g0/BIXDY2Cc+A0fAGfAnRngW/Bm0gq/AOeO34i/Gz8XX4Dy4AL4BF4kTg7VS
AE356At9kXFUv4P6nVyzjWPWvcaX1n3gd+BD8BHYD5rAx+AA+D04CEKgxThv/RxgX+sX4AQ4CU6B
P4LT4EtwBvwJnAWMxXoRGMbPo3oZ++xzjPP2LLAA3ApuM0L2u7hmgwKeF4Ji4+f2EuOYvRSUgRqe
LTO+tN8LVlC/D9wPHuDZ97hiezu2t/+A+uPgh7Sv5voM1zW0/5j6s2AteA48j/yXaX+V+uvU36b+
DvV6cBCEwCfgD+CoccF+DLSAz8Fx8AVjPAFOglPgLPgzwCd2fGLHJ/a/AHxiP88YLoBvgGHscwgj
5NCMnzssxpcOp3HM8RJXxuJ4hdixiMeIOrkL6uIxYnmBsY8438c+8pjxJnfPcfcMUb9P/0AMFhqt
reImIjNEZIaIzBCRGSIyQ0RmiMgMEZkhIjNEZIbofYxIO0+knSfSzhNp54m080TaeaLoBBHTSsS0
EjGtRExrZJ/U/419PAfksmflGUeImhBREyJqQkRNiKgJETUhoiZE1ISImhBREyJqQkRNCE+24slW
PNmKF0N4MYTnWvFaCK+F8FYrnmrFUyG8EsIbIax+Hqufx+rnsfp5rH4eq57AqiewaCsWbcWirVgx
hBVbsWIIK4awYkhl7F5hx5aT1DlkmVHNPj1f30P9tyJB38d6Le0rcyLEDI8KK3druKvmrhD7PisW
sod62EM97KEe9lAPe6iHPdTDHuphD/Wwh3rYQz1oSWcfHcg+OpB83UO+7iFf95Cvn5GvR8jXI+Tr
EfL1CPl6BEtfJF8byddG8rWRfG0kXxsZ6a3ss+nk6DFy9Aty9Bg5+oWeK8boecAn8tl3x7LvDmHf
HcJe62Gv9bDXethrPey1HvZaD3uth73Ww17rYa/1sNd62Gs95GEjedhIHjaSh3vIuyPk2x7ybQ/5
1sh+6WG/9LBXetgrPeyRHvKkkX3Swz45kDxpZK/0EPt7iP09xP4eYn8Psf8Zsf8ZsX+E2D+Cly7i
pYvEfiPxvod4P0K8N7KfethLPeylHvZSj4jG5quw+RZW9A9Y0eXu8UNsvwXvbSe+03XiTGeV1D8U
c5W/DtH7mNr/XNyt4245vDvh3SI/kwbvw/KEBu9YeA/DN0PY6Pkzeq5T+9O/Gr+np+z1WxUlrytJ
9/P8RzzfwfPf8nwdkl7n6RYkjVCj+FCMUf2b1H7/R1W2cgoI7yzCpcWJNG0R8IEyUAH84G5QCQLg
UZEmPB1OgV/C+6X8lJ38rKH8pCEaTqiz1Vr0vsupcis4xPPDYjqny0ROA/GcLgfqLdQ/F5mcMF36
F2KEuEN9BvEZsAb8GDwL1oLnwPPgJ+AF8CJYB34K1oOXwMvgFbABvApeA6+DjeANsAm8Cd4C8lOO
8jOOvwbbwHbwHqjnmfzU4w7wG7ATvG80E82NRHKjtdFotu4GHxjNUR7jpI3x2BiP7YDRbAsZJ+0j
wEgwCowG441mezqYQL5fBa6mbSLIBNdwfy3PZhjNDq9x0jEIDAZDwFAwDAwHKQC5DuQ6kOtArmMM
GAtSwTiQBsaDFciqAxvAu9xvA9vBe+AkbaeME84ZxknnbUazcxHvFXb8eBg/HsaPLfixRb3pvCt6
8TbQh1PEItGDE3OWzpmDU3OWiCVC4oiQOCIkjgiJI0LiiJA4IiSOCIkjQuKIkDg4J8G5AM5JcC5Q
nClwpsCZAmcKnClwpsCZAmcKnClwpsA5BM4COIfAWaA4E+FMhDMRzkQ4E+FMhDMRzkQ4E+FMhDMd
zkw40+HM/Ic554Y553JGvV3V0kUUFvoUC32Khd7HQu9joXfUyflr+TlY9Ub4Mc/lX43KTwLfJz/b
qt6DZHYdF4+pT7Y+A9aAH4NnwVrwHHge/AS8AF4E68BPwXrwEngZvAI2gFfBa+B1sBG8ATaBN8Fb
4GfGWTR+SlwfJK4PEtcHieuDxPVB4voocb2fuN5PXO8nrvcT1/u1XcZXWiPYDT4wviLO9xHn+6zv
GWet9aAB7AC/ATvB+2AXaDT2kwf7yYP95EELedBCHrTY1htf2TYaZ21vgE3gTfAW2Ex7I9fdAD3k
y37ypcV2yPiKnGkhZ1rImRZypsU+xjhrHwtSwTiQBsYb+8mj/eTRQfLoIHl0lDw6Sh61kEcHyaP9
9unImsH134yz5FML+dRCPrWQTy3kUwv51EI+tZBPLeRTC/nUQj61kE8t5FML+dRCPrWQTy3kUwv5
1OLwIavW+MqxFKww9pNb+x3fpe0hsBL8H7AebKD9Vfq8Bl4HG8G7xlHyr4X8ayH/Whwf0vY5fU/S
95Rx0PFH7k8bXzkzjLPkZAs5uZ+cPOq8nbZC46w41xZ58tPGI8EoMBqMAWNBKhgH0sB4kA4mgKvA
1WAimAQywGQwBUwFmeAacC24DkwD14MbwI3gJnAzmA5mgJlgFpgN5oC5YB74Fvg2kJ+5Xg5WgDrw
XXAfuB88AB4ED4HvgYeB/HT2D8Dj4AnwJPhP8BT4IZCfq34GrAE/Bs+CteA58Dz4CXgBvAjWgZ+C
9eAl8DJ4BWwAr4LXAPujthG8ATaBN8Fb8rPhjF1+LvzXYBvYDt6Tn+wGO8BvwE7wPthlnCJTTpEp
p8iUU/Iz3mq3ZnWRnwln5UhkvZhq/YVxzvpL8A54F/wK/DfYDLaAINgKfg22ge2gUcRZd4MPRFyU
R7iikrj2AcmgL+gH+os421PGOdt/cV3LFRvYsAEZd8r2OvfosaGHTDtl+w3XnYBx2j7iuh80gY/B
AfhD8DVT/9T4mgw8ZRcizt7HOGdPBn1BPzDE+No+FAwDw0EKGCFc9pFgFBgNiDk7MWcn5uzEnD2T
NuLKTlyRjafsxI4jBsQC9g1HPOgBeoIEkAg8oDdgzg7m7GDODubsYM4O5uwYAAYCr3A5BoHBYAgY
CoaB4SAFMDYHY3MwNgdjc4wBY0EqGCf/JBSMB2XGOUcA1BqnyOpTjhXIrgP/SduzxteOF6lvAK/y
7DXwOtgItsG7HbwH6v8vY/ceH2dd5n387iRNSpoQkQoWRZSToFbO6oKorCviIh52l8phLewuEUHU
Xd0CWgJYIIhQkYMQDo9UVhChOuUQkJYeaBsLbZMmnaYt6UzaTtO5k2badJLJlKbu/vY9Q3V5PS+f
1z5/fLhnJjP3/bu+3+t3Xdc9aYuf93itz2e2gJaTtmGX13dj2M/2oBDePMh+O+icMH7Q56O6g+yV
g77m8cWOl4bdld6y2w7fXf43BMr/ykD53xiovDrk1SEdZ6OOs1E3WVV5NefV3IH3lrPv0ajaqzu9
utN7t3nvtmhi4rzQ5O6/7cDdf/m7y13RRxInh1zidHw85BOfdjwvrE98IbQnzscFYV3lO5lLKvP6
UN0vQnvdXHSEXF0n1qIL3ViHFNajBxuwEZvwBnqxGWlk0Ict2IptyGI7+rEDOcQYwCB2hlz9v7mX
SSQucu9mkoymJs4M2cRncYd1/8Q9/6XR++219/tpqu6hkK17GI/icfzGOebjObyAF7Eg5Cb/DPfg
XtyH+/FzPIAHXW8iZYap0kON9gN3rJnoKNd+0rWfTFyKK/Bt3BE2WsfGA9d/0vWfdP0nXf9J19/o
+htdf6Prb3T9ja6/sW6xny3Bq1iJ1eFJa9poTRutaaM1bbSmjda00Zo2WtPG6ByutXCtxdq2ca3F
+vZxrcC1gnV2WcmglQxa79nW666L35e6b5jheFlU/k72rvIswtECRwtWN2h1g1Y3aHWDVjdodYOc
buF0C6dbON3C6RZOt3C6hdMtnG7hdAunWzjdwukWTrdwuoXTLZxu4XQLp1s43cLpFk63cLqF0y2c
buF0C6dbON3C6RZOt1BgkAKDFBikwCAFBikwSIFBCgzKhJbos1RookITL1JUaOJHKnEeb+4IM0Q/
Q/SXuu95/M/fPl7iDvnS6CQqTKVC+fu1VirM4VWKVylepXiVosYMasygxgxqzKDGDGrMoEYTNZqo
0USNJmo0UaOJGk3UaKJGEzWaqNFEjSZqNFGjiRpN1GiiRhM1mqjRRI0majRRo4kaTdRookYTNZqo
0USNJmo0UaOJGjOoMYMaM6gxgxozqDGDGjOoMYMaTVGNaK8W7YOiffjAd603iu6Byj55njbP06WL
Ll00KGdBuQI8I/bnxf682J8X+/Ni7xJ7l9i7xN4l9i6xd1lDlzV0WUOXNXRZQ5c1dFlDlzV02SdX
hR+pLwve9u3iQDQt8dWw244d8NNViavDosS3cA2+E7ZZcV5t2ai2bKxbHhbVtYdFk18Nuycvw3Ks
QDv+gJV4Da9jFVZD752s907WeyfraZO70I11SGE91OPJG7AJb6AXm5FGBn3YEnYf/GV8BdZbuReO
K2sv2t9b7e+t9vdWup1ItxMr+3tx2GrfbrVvt9q3W+3brdZetPaitRetvWjtRWsvWnvR2ovWXrT2
orUXrb1o7UVrL1p70dqL1l609qK1F629aO1Fay9ae9Hai9ZetPaitRetvWjtRWsvWnvR2ovWXuTD
RSFN7XUU7vzzN0ATKt9bnyKipJ9v8/MxbuS5kedG3nt7vPfaym+XLokOrmTIDMdyllwTHuROnjt5
ESZFmBRhUoRJESZFmBRhUoRJESZFmBRhUoRJESZFmBRhUoRJESZFmBRhUoRJESZFmBRhUoRJESZF
mBRhUoRJESZFmBRhUoRJESajM0TRypcUX1KJq+T3t8v/ik64V/ZvlP3bRbFAFEce2OtHHtjrbeXf
BvAtxbcU31J8S/EtJapWUbWKqlVUraJqFVWrqFpF1SqqVlG1iqpVVK2iahVVq6haRdUqqlZRtYqq
VVStomoVVauoWkXVKqpWUbWKqlVUraJqFVWrqFpF1Sqq1qi20tcuDDeJYp0oNoriRqt+0qo7o8ni
XSTeRWJdJK73iel9ZU/Fs0g8i8SzSDyLxLNIDlwb9ieuw61RY2KO48/L3+d4tZC4tZzf/vumOnld
eNOjzkSL89/uXXeFkcQD0bsSrbrJQ2Hf5KfxDObht/gdkpiPZ/EcnscLaMOLeAm/x8tYgIV4BYuw
GEuwNOyzxuvCjkSz6jDH8f6wK/Gg7L048b2wLPF9XK+v/wA38fhm/AizcWv0gUSL7L47bE78TFe+
B/fiPrSaWR4K7ZPPC8smfwF/i/PxRVyAL+HL+Aq+ir/D3+MfcCGm42u4CBfjElyKf8TXMQOX4XL8
U8hO/mf8C65AE76BK/FNWPNka55szZNvwa24DS24HT/GHfgJ7sRdmIOf4m48LY5nMA+/xe+QxHw8
i+fwPF5AG17ES/g9XsYCLMQrWITFWIKloT2qlgnbqLiViv2JByq5cWvYyf+9ldzIR5O8I82hEofy
iRvLeRMd4xNZn9jiEyPRv3KqnVPtiZnecV1YybE8x/KJH/Kymac3enyT2elm/AizcatMuyOs0YXW
uNq+xE9NTD/THe7BvbgPph35muJmLzd7daQ1OtIaHWmNjrRGR1qjI63hcjuX27nczuV2LrdzuZ3L
7Vxu53I7l9u53M7ldi63c7mdy+1cbudyO5fbudzO5XYut3O5ncvtXG7ncjuX81zOcznP5TyX81zO
cznP5TyXh7k8zOVhLg9zeZjLw1we5vIwl4e5PMzlYS4Pc3mYy8NcHubysK66Rlddo6uu0VXX6Kpr
dNU1uuoaXXWNLOiVBb2yoFcW9MqCXlnQKwt6ZUGvLOiVBb2yoFcW9MqCXlnQKwt6ZUGvLOiVBb2y
oFcW9MqCXlnQKwt6o6s4OMTBIQ7u4/dLXCxwLs257Zwb4dwI50Y4N8K5qfx/iXsD3BtI3Ck35vjs
3eGpv+BgzMFd8mQDF7OJhyrz9wAXB7g4wMUBLg5wcYCLQ1wc4uIQF4e4OMTFIS4OcXGIi0NcHOLi
EBeHuDjExSEuDnFxiItDXBzi4hAXh7g4xMUhLg5xcYiLQ1wa4dIIl0a4NMKlES6NcGmESyNcGuHS
CJdGuDTCpREujXBphEsjXBrg0gCXBrg0wKUBLg1waYBLA1zKcinLpSyXslzKcinLpSyXslzKcinL
pSyXslzKcinLpSyXslzKcinLpSyXslzKcinLpWx0MpdKXCpVduOt0fu4sIcL+7mwnwMlDpTn9/3U
3U/d/dTdT9391N1P3RJ1S9QtUbdE3RJ1S9QtUbdE3RJ1S9QtUbdE3RJ1S9QtUbdE3RJ1S9QtUbdE
3RJ1S9QtUbdE3RJ19lNnP3X2U2c/dfZTZz919lNnf1SjouzQY6Yk7pRDd5VX7Ggujb4ptqzYsn+u
HTfJnJvxI8xGOesO3MuU45RpWZmWlWlZmZaVXTnZlft/3b+IPyv+rPiz4s+KPyv+rPiz4s+KPyv+
rPiz4s+KPyv+rPiz4s+KPyv+rPiz4s+KPyv+rPiz4s+KP/v/USNi2RfLvlj2xbIvln2x7ItlXyz7
YtkXy75Y9sWyL5Z9seyLZV/8v90Lyb6c7MvJvpzsy8m+nOzLyb6c7MvJvpzsy8m+nOzLyb6c7MvJ
vpzsy00u3wUvxCtYhMVYgqWVu20VrfJ99sd4VeBVodKrf27nt3r8UCjQuEDjAo0LNC7QuEDjAo0L
NC7QuEDjAo0LNC7QuEDjAo0LNC7QuEDjAo0LNC7QuEDjAo0LNC7QuCDGghgLYiyIsSDGghgLYiyI
sSDGghgLYiyIsSDGghgLYiyIsSDGghgLYiyIsSDGghgLYixE71D7dsnAcRk4Xu5+dlhRfRuTcSU1
bA+Hxzk8zuFxDo9zeJzD4xwe5/C42e1ac9at5Z4qX9/KcpUxOlKWvy96P+XGKTeeaPb4Rtf7qZ17
d3QCFfdRb5x649Qbp9449capN069ceqNU2+ceuPUG6feOPXGqTdOvXHqjVNvnHrj1Bun3jj1xqk3
Tr1x6o1Tb7wy+e21vtWVR+UYC1GVR0WPiqL9Y/QP1pizxhwdSnRQaey+FlHdweWf4E779+7oMO7v
tO4C90e5P2rnFey8gp1XsPMKdl6hbkElK3LiyokrJ66cuHLiyokrJ66cuHLiyokrJ66cuHLiyokr
J66cuHLiyokrJ66cuHLiyokrJ66cuHJ8KfGlxJcSX0p8KfGlxJcSX8qVqWDnFOycgp1TsHMKdk7B
zinYOeWsGpVVo7JqVFaNyqpRWTUqq0Zl1aisGpVVo7JqVFaNyqpRWTUqq0Zl1aisGpVVo7JqVFaN
yqpRWTUqq0Yr+pan6130fZN2bebWV8MfEsv02uXhe4mV4T8So2apsXB/Yp/7l/oQVzWEzVWNYWfV
FEzD6V67IDxe+S3/9OiIqq+5G3vrm7s8x37l3PaBM+53xnRihZxrx0pz1mvmutVqZqc5ar3nPY4b
MGAlg1wd05lL5qy9GHeVKGyoqsUkTA17q04J/VWn4jScEUaqzgrd9U+GQv0zIVX/LDhd3+aozta/
BPuq/lXH5WFX/Qq043WvrQtD9SmsR4+fv+G1XmQ870PWOXaGvfXDzj+GUuiv34s3vbbP8xD2NjTg
sNDfcDjejSM9fx8+4PHROD50N5wWNjT8Fc7GJWFjw6X4RzThG7ja6/NDqmFl2NVgXQ0dYagh5bOb
sQWDYWN0HkXzFM1TcwM1M9TMUHMfNXdQcwc1u6lZpGY3NbupOEjFmIplBQcpOEjBQertod4e6u2h
XI5yecp1U66bcnnKdVNuB+V2UC5PuR2Uy1MuT7k85fKUy1AuQ7kM5XZQLk+5POUylMtQrptqOarl
qLaHansolqPUHkrtodQeCu2h0B4K5Sg0SKFBCg1SKKZQTKGYQjGFYgoNUqibQnkK5SmUodAeCu2h
0B4KxdGxiafD1Ym2sEQmd1LmWcrso0gp0RdukFu3JQbDr2X19xNFk+K+cJncylRVhd6qmpCU4d+V
4dtl+F9XvSMsrjoEUzw+KvrXquPCDTL+r6s+Gq6pOinMlfmXyrsFVZ8KT1Sd43MXhlvcF+fcF29z
Xzyn6qrwul0wTya/quqW/Vopk0fVpjFZvi9kXa3kagVXG3WV0aqjPJ/meLrXLozOsp/O8emnrf1V
Ti4Xx8qwthLLQPRJZ9rkLN3O0uss25xls7Nsttb3OstmZ+mJDvbJlT65xyfn+9RpPrXO9Tf6ZLtP
ZnyyzyfTPpn2yRN9coNP9rrz/pXrLLdXV6ii7XhN1q2WWZ2iWW9P9zhuwEDU4JN1smeb7Nkmc7bJ
nKLMKcqaoqwpyZqSrCnJmFEZMypjRmVMUaaMypRRmbKNs9s4W+LqqB4wEB3rrIeL4Femdb018XsT
/st4LRRpvYXG2frFYcT5B5x/wPkH6rd43h9GnGfAOZaHa8qrjg7y+e1yYtgrKa+0J7qdrxxDX+W3
YV3O1RX9sys97J232F/ldz/nine64p0+VaTCGBXGfHpdYnV0CBVKzrCPCiUqlBKb6NsXXpZdqUQ+
rKiqQ33F2wJtC1WH4XC8G0epj8eEpVXH4jjPT8CJmGY1p5tlzoqmVH3a83Mqkd5sdT+rfDs+I2q0
T7dTukTpkn26ndql+hejQ+pfwiueLw531r/q8fLwMFUepsrD9up2yo9RfozyY/U9fv6G13qR8bwP
W3wu61z9jsPRlPpRFbCIMY/3RVMaJoSlDXWq0jtxKMTUcBTeD7E0iKPheO/7oOMJnp8bVjScH+Y3
fBEX4ErPr8F8Dq8MD9u/2zk91pD2/gz6sBXbw3z336+qWCvdW682pwxE51Lss5XfVs6wmhejqaKd
KsqpIpkavfdApm7nUT+P+isZeUrYob7tUN92/F8Z2E+Hfjr0i71f7P1q0w61aYe6tENd2qEu7VCX
dqhLOw5kZL86s0Od2aHO7Jjwngk/C/Mn3IN7cR/ux8/xAB6UCb8KLTLpbln0uiy6TRbdllgkMxbj
1dCTWGF/tWOlOrU6OjSxrtIDh2TRLYk3PO7FZqSRQV+4PbHFUS9KbEc/diCu9MvvyboXEzs9Hqpk
312JXY67Mex8e1DweASj4Xp1L/WnjqAKfEf925TY77U/4j/D+sR/OQbdfgISqEK12jbRsSbMl9l3
VU2uTAPfVz22yvDL1cqn1Mqnqt6JKZ4fFq6W7VfL9qv16heqjggvVr3Hz96Lo6JvVH3A8Wgco24e
i+PUy+M9/yBO8PkT8SGPP4Jp4etq7hw19ymuJrma5GrSTpmu/q6o+pjXP45PuM5fOZ6Js0Jb1Scd
z8anwn/YTVdXfcbjc5znrT9pVv7+8jU76w55dZy8Ok69Xqpe/7JmW5hfewyOxXE4Hh8M8yc9FuYf
dA6+FubXJ80E88uzRXSoXDzUrrtNPh4q01pkWotMa6lf6eevwXxTvxZdWBcdVZ/CevR4P4/reVyf
8bwPW5xnm+f9jjvCU/UxBrEzvFA/FF7UTdvq93hewAhGw+V26eU6bJssTsripLnkBV22rX7ccT/+
6H0hvGAHf7chEZ5qqEK153XhcnPLCw0Hhxcb+NfAP7v7crv7crv7crshaTck7YZkAw/NNC+YaV6w
6y+36y+3Q5J2SNLu/27DseaW47x2fGhTAa5WAb7bcKLXPoQP4yOYho/iJJyMU3AqTscZ+Bg+Hm5p
+AQ+6fGnwvqGT+MzHn8Wf4PP4dxwV8PnHc/DF/z8bx3P95kv4gJ8yfMvO34FX/X47/D3+AdciOle
/xouwsWev33S+LrzzfDaZbgc/4R/xr9475+mkCtd/5teu8pr13jcXpnZWho6oqMaeN3A6wZeN3TD
vlY5kg1v0HizY5pGGfRhi+dbHbc5z3bYz+UJpmGnx0PIY1e4JTpOJfm2StKmcmQqk3R5Cnit0n92
qgw3qgDXqwDz7e5n7e4N+nvRzv6dnd1f2b01odNu/Y3d2mm33mO3rrRbV9qp99iNV9p9z9hlP7XL
ltllr9hZD9lZHXbOa3bMM3bMD+yYpXbMs3ZM+c/7r43+SY17zsrm65ZLE+7lrXCNWrdQrVtolUUV
+UUVeYWKvMJqf2N22KNrztd7YyvfrXPO1znnq3nLRLFKbRsWxRvqV5cIRtWoQTVqUBQbTK6xKEqm
19j0GqtBXWpHSu1IWeF45c+wXhSW6I5L639t2nzGHn0WL3je5viiyfMlvOL54rDQXLLHXn3OXn3O
Xn1Oh1xav8rnVqMb68IKXWKFLrHCnLJHt1yqWy7VMVboGCvs04W65Xz7dKF9lbIHUnK+nN/DptjY
FBvL4WGTbCxvh+VslxxdJkeXydFl8nJY3g3Ku0F5NyjPhuXZsBwblGODcqzLtBvLry4dc778ek7H
XKoTrZAry+TKsFwZjH6kqyzTVZbJjaUUL8mNJygdV+aTdV7/03wyEH1ON+jQDTrkSXtlBiyp9Hsr
s+hvVf7NVO5W6Tuo3E3l8mTZJWc2yZkeOVOSMyU506O696juPap7j/z5uPwZUbV7VO0eedShSi9Q
pReo0gvkUqfKnFKRX1eFeyqzSzIsUz2XVWaYyvwSYu7EXIlVzWWq5jJVc5mquUzVXMaBWKVcplIu
Ux2XVeaU4fC66tej+vWofq+rfgtUvwUq3+sqX0rlS6lyKVWuR1XrUdV6VLUeVW2BqrZAVVugqqVU
sx7VrEc1W6CaLVDFelSx11WxHk52q0gdKlIHR7u52a0qbVaVNqs8m1WZDlWmQ0XpUFE6VJQOrqa4
muJqSjXZrHJ0cDXF1XLF6OBqd2UGaueiGFWLZarFMtVimWqxTLVYoFIsUCl6VIoelaJHpVigUvSo
FB1cT6kQHSpEhwrRoUJ0uI8fiD7KiaOpvS86o3LHvTx8y+571O571O7LyonH7LAS35/kexvf2+ys
PN/7+T6P5/N4Pq9yB12+c34xPMaTxw7cNT924E75UbviUbviUZ489rY75Uftikdlf4lm82g1T/aX
6DWPXv306rcLSjTrl/klGrXRqI1GbTTql/0l2V+iUxud2mg078Ad8KMyvSTmNjEuD9fJ7n4RJD0b
DZs9uk/u9kRHiKzg2Rsi6xNZn8hyolqlZuREtkpkq6yuYHWrrG6V1RWsbpVVFayoYEV9VtRnRX1W
U7CagtX0WU2f1ayyioJV6NCuVHSl9a60wZU2uFKWhgVXK9fZgqulXK1cCYqulnK1lKsVXa3c0Qq0
KLhqkRblKxddeYMrb3DlDbQouHrR1YuuvsHVN7h6ytWLrr4hqlMnHxJ5pnz36MqFyhUv5Nxbv1VO
q4HzVOfVUY13ldeZ9s68e8lz3UtOq7ooOqaiXMZP+v1ky5913Fv+fieaeOBTWc+Gnb/b+XdGCRPS
x0xIHzOXb/K5PK3H3aWU7wbOxfkc/CIuwJWeX1OZ4vudrU/1HtOrxtWAKrWjJuyJjneODj9ZQsmd
zrXAO4apmadm3jt7KFn2LEfFnGssqMR3Ufg1RXdSNEfRHEV3UjRHyZ3WsMAaOqyhwxo6qLqTqnmq
5qmap+hOiu6kaJ6ieWtcQNWcdS6wzg7q7qRuvqJFVqwTxToxOtw691pbbG1Za8se+A6q3Id2/qkP
/bnWl+v8+WGvNey1hr2un3X9rOtnXTfrutlKPd/uZ4MhW1EhSYWFFFioLvery/2uX74v762oW21f
1oWFol/9NndXW1+99dVzeb3a1K829VNgoasnXT3p6kl1qV9d6leX+tWlfnWpXx0qu7NQDeoX+UK1
pN9qkmpJv1rSr5b0qyX97pX7dIdRd1PlbyhqytlT+TseXVbQdeBvbvwhOtX6M97ZwcWMO5JYHClq
LaHWy9R6WQwL7YuyYm28L59pN9XaqNYmrvKfhVjvbG9wNWMiLCvZRsk2zmao2WavxPZKuXtmxFee
9MoKZ8SYEWOGyxmTXWyyi01xMcVfpvjLFH/ZPoq5nuF6hvovU/9lsac40Cb2lLgzXM9w4uXoPdTv
pn63mF8/MDn93qrzHOi24rwV560uT+1uandbZd4K81TupnI3lbup3E3lbip3U7jblfIU7qZuN3W7
qdtN3W45NqYej7trqin/HRbP5thf5e8Dzghbow+4Vxox1+TNNXlddEwXHdNFx8o/1UG3V11CtRlh
vfuBER1wu863Xecb0/nGzP0jut92s/6ImSRvth/R7cZ0uzHdbsz8PmJ+H9HpxnS6MTNLXqfbbm7J
6zpjus6YTjMW1VrBS1bwEo8W8+hpZ3vJu1/yzpeiCdYyFJ35v/056Mp3H299t5V/2+yQNzvkzQ55
s0NetCVzQ97ckDc35HWvXaLMmxPy5b8JWv4zvn/pz/KW/6xr5c+lfi2MU6I8C+TNAnmzQJ4ieUqU
KJGnREn/LytRMgPkzQB5M0CeEiVKlPT+vN6f1/PLSuT1/Ly+m9d38/puXs/NV+IdpUl95XuyrWLZ
K5a9Ytlqzdutub/ynsHoXWbn/Vwrca3EtZJY+jiW4VjGGvusrY9bJW6V19fHnRJ3StwpcaXElZJ1
9HGjxI0SN0qVc2+N3v22rBh2/mHnHz6QFbm3fcc67NzDle9YyxlwmCnxcLwbH8DReMv13AHXh11n
2HWGo5rKt0+fiBrrx7E/amyoxtTK39a/hI8zyn83Uka8IiNejKZWvjtsxBQcFrbwdAtPt/Azw8+M
s6Vps5mXW3iT4U2GFxk+ZPiQ4UOG/hn6Z+ifof0W2mdon6F9hvaZ6AxXGZNFe1xpzJXGXGnMlcZc
acyVxlxpzJVKVImpElMldtWSibOs/iZXH9P9Pqn7HS+KtCjS1NpkRWNWNEa1TVSLqRZTbZPJsWRy
LJkcy5kzZrVjVjtmtWPUjKkZUzM2OZazZ8zqxygbUzYWxRhlN4lkjLIxZWMRjYloTETlvRWLakx/
+Usqv6/yO41jwhCXh8STEU9GPJlyLJXfP5SouBfl3zscWGfldw8TwlBlvW/9DiJjjRlrzFTW+D+/
h8hYY4b7Q5wv/14hY30Za8pU/r7QsVWXRcdGrdEV4YmoCd/A98P90Q/DrGgWbkAzbsR2P+vHDoyE
p6J94e5oHPvxR/xnuHvCCdHUCSfiQ/gwPoJp+ChOwsk4BafiNJyOM/AxfByfwF/hTJyFT+JsfAqf
xmdwDv4an8Xf4HM4F5/HefgC/hbn44u4AF/Cl3FVVP5/FS6f8CqWYTlWoB0rw4oJr+F1rMLqsKL6
sTCrei5+Cfdg1Z1YC7FW/xdCuHvilPDExMPw7mjqxKk4Au/Be3EkdoZZE0t+vhfjYVbNafgMrg1P
1FyH6/ED3BTur7kZt/nZQ9HUmt6wojaKptae4ngqTgvLa0/H2fiU558Hz2p5VntVuLv2cSQx5Hke
u7AbxfBU7Rh4VRvCE5MmhLsnNURTJx2MRrwDh+CdOBRT8C4cDjFNEtMkMU0S0yQxTRLTpPfhKNwU
Vky6GU94PM/xD467HHeH5Qfx7yCaH3RxWBF9PXpnWBsdiil4Fw7D4fggTsCJ+BA+jPPxRVyAL+HL
+Aq+ir/D32M6LsYVYZ7MnSdz58ncO6N/d5cwE9fiOlyPH2IWbkAzbgzJ6p+EtdV34i7MwU9xN36G
e3Av7sP9+DkewGM+Nxe/DEmuz5u4LaydmEOMQez0+h7HAkp+vhfjIVlTG9bWvAOHgAY1NKg5Gsfg
JJyMU3AqTvP+Tzl+xvFzjmKuuRLfxFW4GteGeTJnnsyZJ3PmyZw7Zc6dNT/ymdm4LSQntZW1ie4x
3d+L+3A/fo4H8CR+jafwGzyNVViNNehAJ9aiC91YhxTWowebsN0dWj924K1/JSEVFTGGEvZiX1is
TixWJxarE4vVicXVAyFV7Y62eieGYIqs3oXdGMYeFOCc1c5Z7ZzV5c/9F0JYbL+11Z4fUrVfwYWY
jotwMS7D5XBXaW+02RuLa6/1/CbcjNm4BbeDPrX0qX0Yv8BjmItf4nGf+61j0nGB4x+QRgZ92IIh
589jF3bjf/41glSt2O25xfZc2yR3ifbdYrWwOjrCXcYRUQ1qMQkHoQ6TUY8GHIwzo2nRWbgiNMvx
ZjneLMd/LMdvl+O3y/Hb5fjtcvz26AfRIfJ8pjyfKc9nyvOZ8nxmdEs0NboVt6EFt+PHuAM/wZ24
Cy+7zgJsD3M5Opejczn6IEcf4egjHH2Eo49w9JHozWgKV2dxdRZXZ3F1Fldnlf+PoRMewaOg5gRq
TqDmBGpOeBz/gV/hCcjACTJwggycIAMnyMAJz2AeqD7hd0hiPp7Fc3geL7jf0EUSp0TTErpHQldI
nBeaE18ItyTOx1ejoxNXhScTV4e7Et9C+W+TXBK+U/n/mM5wvMzx391XdZm9u6MpVSnzW4/5bUN0
ZNV2885bf9f7xKqcYxwdU7XTcShqrP736IjqmbgW1+F6/AA/xCzcgGbciJsq/zbPTLViploxs3pd
NLU6hfXowQZsxCa8gV5sRhoZ0FKmz5Lps9SZ5onvCikZP1d9mTlxLDpEbWlWW5rVlpk1cqlGvtTI
l5r34khMw2l+drrjWTg7mqaezKw5x+NrQ7Pa0ax2NKsdzWrHj9WOH6sdt6sdt9fcEh1Scytu835+
1fCrppzxJ+BEfAgfxicru+0Ru2yuXTbXLptVe4Nu1Qw5VSunah/F415/2nFeNM1OmlVrhrRr5to1
c+2auXbNXLvmQbvmQbvmEbvmkVr5VbsP8svumWv3PGL3zJqU0F3ebyd9AEfjGByL43A8PgjrnGSd
k6xzknVO+gim4aM4CSfjFPzGuaxr0jNY7vkKtIfUQZ8PqbpfhFvq5mJ5uKuuHR3R1LpOrEUXusHT
Op7W8bSOp3U8reNpHU/reFrH0zqe1vG0jqd1fdiCrdiGLLajHzuQQ4wBDGJnNHXyq9HRk5dhOVag
HX/ASryG17EKq7EGHejEWnShG+uQwnr0YAM24Q30YjPSyKAPW6Kj6/8tmnrwl6OjD/4K7CeT4tqo
rmp75Z5gbXSER1MSx6tkjSpZo0rWqJI1Vv7l8oNQ/v9CTUY9GnAw3hnSun9a90/r/mndP637p3X/
tO6f1v3Tun9a90+rekerekebAmJTQGwKiE0BsSkgNgXEpoDYFBCbAmJTQGwKiFXI2SrkbBVydvRN
dyxX4Wp8C9fg2/gOvot/xb+h/G8Lfd/7//LEMF0lna6STldJp6uk01XSRpW0USVtVEkbVdJGlbRR
JW1USRtV0kaVtFHPTeu5aT03reem9dy0npvWc9N6blrPTeu5aT03repOUXWn6L2x3hvrvbHeG+u9
sd4b672x3hvrvbHeG+u9sd4b672xSj1HpZ6jUs+JYs8HUP6TMDsxhDx2YTeGsQcFjKjso2b4IsZg
NlXVn1DRm1X0ZhW9WUVvVtGby//HZxW9U0XvVNE7VfROFb1TRe9U0TtV9E4VvVNF71TRO1X0ThW9
U0XvVNE7VfROFb1TRe9U0TtV9E4VvVNF71TRO1X0ThW9s/wvTJX/j9Jm8iVm8iVm8iVm8iXl/7+0
mXyJmXyJmXyJmXzJhDVR3YQOdEJe6gZTdING3WBK4syQ0RGmJD7reF64V1e4Qle4QldoTFwa4sQV
uCo8qDs06w7NukNz4tvuHS8Jp1b+L9YzHC9z/F74XdXCsLRqcVRf9Wq4vcocpFs06hbv0C1i3aKu
amPYrmNs0jEadYx3Vf7tubf+VZA63aJRt2jULRp1i0bdolG3aNQtGnWLRt2iUbdo1C0adYtG02hs
Go1No7FpNDaNxqbR2DQam0Zj02hsGo1No7FpNDaNxtUPhkJ1Kx7Cw3gEj+L/4Bd4LEzXgabrQNPd
uyxx77LEvUv5X4pr1I0adaNG3ahRN2rUjRp1o0bdqFE3atSNGnWjRt2o0awWm9Vis1psVovNarFZ
LTarxWa12KwWm9Vis1psVovNanH1GNxfV7u/rn4T+zCO/fgj5JYO16zDNetws3W4Th1ujok6baJO
m6hjE3Vax5s+cXcomKrTpuq0zjdb55s98U2v7cN4mK4DNpqw0zWTQqHmINRhMuqh/uiMjabvtOk7
bfpOm77TOmVjTflvpx/t8TE43ns/iGleO8nzk3EKTsVprnG618/087Mcz46ONqGnddTpOmqjKT1t
Sk+b0tOm9LQpPW1KT+u0s3Xa2TrtbJ12ds0PfX4WbkAzbsRNXr8Z/zO5T9d1O3XdzpqnorqaxZDj
7gWX6MKdNdmoTifu1Ik7deJOnbjT/eES94dL3B8ucX+4RGfudI+4xD3iktpzvf/zjmqpWTk2K8dm
5disnNa9nzArx2blWBefo4vPqb3S42/iqtBsZo5rr8P1+AF+iFmQu7p8o3k6Nk+nzdOxefq/OTsX
+CjKs+3PzDM7s9lks2i3yFEOQdEqVUQtSlFrrbUiRT9fj0HRV9RXi75fLR4r2FZFpdBXjeIJD6Vq
C7Ra+7qURctBViBEljMZwwZ2A8lmD5NNCGxIluT5/jMbECv299Xf/C52d/bZmXue57ru+3o27DPO
amBJKn+Ayh/AVyfx1UkTrprz3BXBkriBAB47icdO4rGTeOwk7mAG7iCAOwjitZM4hBk4hAB+O4nf
TuK3k/jtJH47id9O4hzm4hzm4hzm4hzmmvDPhH8m/DPhnwn/cBNv4Sbewk28g5t4BxcxAxcxFxfh
zH1n4CICuIgoLiKKi4jiIqK4iCguIoqLiOIioriIKC4iiouI4iKiuIgoLiKKi4jiIqK4iCguIup9
SPF5HwaPyRXMg1fgKgK4igCuIsB8eIX3L7z3Hngf/BWEZBK3EcVtRHEbUe929tm0awE5nrcqPhxI
lDnzipJKxed7Rdb7XgXzwRtyKq5kqm8Bz5fLpG8FWAVWyxm4lBm+tTynhuBWgriVIG4liFsJ4laC
uJUgbiWIWwniVoK4lSBuJYhbCeJWgriVIG4liFsJ4laCuJUgbiWIWwniVoK4lSBuJYhbCeJWgriV
IG4liFsJ4laCuJUgbiWAWwngVgK4lQBuJYBbCeBWAriVAG4lgFsJ4FYCuJUAbiWAWwngVgK4lQBu
JYBbCeBWAriVAG4lgFsJ4FYCuJUAbiWAWwngVgK4lQBuJYBbCeBWgriVAG4lgFsJMJf5naxU/XKz
Wg4Gyg3qIHCz8gv1FmWKeqvyG/U/lUr1NuUGdaoyRbtMuUK7y135rdL9ZfIyGRbL5W2igYzPFYu9
zAma5FuiWUZFShkp0mT8jMwrwzjLd5XF1NOITHK2WZxtFmebw9nmcLYpnO3HnO0azvZjznaFs/Yk
Zzux92zO+qMTONuz4mNZLf4BlssSsVLWUG/2iE84y2r5JlEsIIKCaJStRDGJKF4jCh9RfEgUWxWv
iMrfi03ExgxdbCH+rXKd2MandsgEFWorLmyxXEWMq2h5C3VsI63fovXTtGb2IxfT+lpq2go+MZNP
PI7z+p0yTvUrfdRysFK+4861LqOKTmSudZd8TruXCruIfavlrdpa+QttlzJOOyBniAsUj/iYarhc
OYOrWMfZPmKe5ROwjzNEqZoBzlDgquJUzqd7K6evd67l4+paRYorS7M/I3PqqYou31U8wAAm8IIS
4AOloAz4QTkIyMVKH3C+jCrjwONygfIEeBLMAk+Bp8EzYDb4LZgDfidXKmG5WlkmVzOOUcYxqvYB
x4HjwbdAEFCj1L7gBNAP9AcngiGAfKKST1TyiUo+UcknKvlEJZ+o5BN1BjPXmeAx8Cvwa/Ab8Dh4
AjwJZoGnwNPgWT7zHHgeVIEXwItgHnhJRrUz5eva2eBCcJUMac8wK54NA5bLq9wVOfe6q3L+lR7N
wpfx8CUv8j2fiA7G/GBPvejs2Sa6ehaJQo8lDvUsE92yVPSwX/ZkdE/PJ7ohg7rZU697e7bpJT2L
dF+PpZf2LNPLZKnuZ3857abLd/X7wQPgQfAQeBg8An4JHgUzwEzwGMD/6fg/Hf+n4/90/J+O/9Px
f3oILJVb9TBYBj4CH4N/gOVgBVgJVoFPADM2nRmbvkUu0LcCGK9vBztALbDA56AO7AQxUC8XGHDJ
gC8GfDHgizGIx8FgFDgbjAPjqbM/4HEeM9+3AD7XeJ9H4jGIxyBvG2tANc/XA5ht7OARtRkW+BzE
QYL9e8EBUACHQDfoAZIa3Z8Z9AAwEAwC8MaENya8MeGNCW/MR+UCcwaAqyZcNeeDReDPcrW5RC7w
auAeZq4/p5ZM5xGeeF/kEZ/uXch7tPUuBrvYtxsQlzcB2pjp/oA6cx2YAm6RUd9CZr5/BX8DH4Il
gLHwbZCv+6JgI9gENoMtYCvYBraDHaAWWOBzUAd2ghioB7vAbhAHCdAA9oC9oBE0gSRoBimQlq+X
Piu3lj4HngdV4AXAtZUyLqUvub+MD5V+AlaDCPgUrAFrwTpQDdaDGvAZ2ACiYCPYBDaDLWAr2Aa2
gx3AAp+DOrATxEA92AV2y1DZz+Xr5ZNkqPxKgPYUnUz6V7JoUmxXTiG/5ZVrmD8uZv64mPnjYuaP
i5k/LmZ+FWF+FWF+FWF+FWF+FSG7tqlrZIx5TpZ5TpZ5TpZ5TpZ5Tpa5yzvMXd5hrrKeucp65irr
3V+B4B/ItraWlx1ah+xw/5q6Sr7LzLyU3B4j04bw/ovx/ovx/ovx/lm8fxbvn8V3R/DdEXx3BG+9
GP+8GH+7GC+7GO+5GJ+ZxU9m8ZPOun8x81x3nbIsHjKLJ4zg1yJ4tAieKoKXiuB7svieLF4n6/1I
xvAyWbxLtuRGGcOvvINfeQd/sh5/sv5LvyJx/np70P07Vt79K+3hv8zeKDv8lWAyuB3cAZxffaRk
h6KR1d6lPuAvxTJljPhIuU2sUEaIlcpArv8z8QlzsNWMQFSZQF9McOdrW5QK5mw+sU0ZTb9kqEAV
1MwG5SJqez/qzgTqzgjh/E/zFLO94nd9Z3GmVbgAaqJ7Tov3ZiqC841i31ZerVBU9S5lDCO/kTnf
dmWcu0okeZZjF/ecSBZuZu8pZOFqsrDlro2ckVmOuMddQfIs97sUp+1ZHNtZb7pJ6e+uKCnY/10i
D/BegHMUVzHfLKYrY/Tx7FF5tYV/pylBZYSiE4cHGMAEXlACfKAUlAE/KKfHrlGOY6a7hlnuGj49
SneOeD94ADwIHgIPg0fAL8GjYAaYCR5TxjDTGsOMagwzqjHMoMYwgxrDjGkMs6MxzIzGMBsaw1VN
V04nzqASUDcpJ6qblZPc1V+ul7eLG5XTRCV9fjOPU3ic5v5SZrN4AK8yTzlVvKScqp+nfEc/XzmJ
Xqh011Ks4HhnuEcd4R7V43J8M3VtqzzkjscOd633Tfi07WjPcURZetCDKi3a5FFmnnfanHaO++DI
UXfkfL3tN6LcTbTZLPfT62V8pot3qo+0d45YoNUeWmVp1UYrDy2yvS3cc/Jso7R7j5OnhclxCrTa
Q4s29xjOysEVbpxb5N/cd7fJWsY4iPPq5vPuMZy43aO3ilrG0HDj3MSrzbKdz7XxuYO828Q7DfDd
rfO0SCp9YLEPbq6GGSliEjCvAPMKvGrjVQNHbQLMqonNebWH2NzPcowUPjDNPoeh6INP7eH6HOdZ
bHGw90jrXe/rfN5Hi+beFs7KqM6Rd7vr7hMZPb8HXbnvkhudd5s5r+YeLSVbXV05x3NW/T4oc/iP
mG7KHP7CadUt8zxz+jVPqwI4xJV3ywbdIwu6DzC/p0WD29bimUXbLs7itO2mpyVtShSP27YMn1DO
OPZxj9bB1R7k2jo5YvHIzic28Ym8e3SDR5NM6eUMxTM5R9jEEfJwo4NPHZQH+LQTV48Tk3sug9am
PMCnnPh6nNjccwY5Z0J0ENlBHjs5t/N/4ornreXTUvTIRo7QybkTukHEJo9eYijBERXPX8vRpO6X
jRyxk9496EacET1uaye6jO53+/0gPOly33V6s5VjFNweLdeDiql/m6P24zMDFJ8+UDbpg3g+mOcn
8t4Q3hvO6xG8Pon3Tub5SPin6305xkDeHcrjSU4f6EFefZvrPcE5lvtuq3ss8jfHadOHOcdxW7c6
x1EMt3U/96wH3BbD3bMcUI4nLg/vZvS+7DkB9FOGEF+AlhmOOYT4OC4YwuuhvD8MDGf/CNqcxL6T
eT6Sc5RzlCZiLV5hf84+QBG9R3E+3UT8xSus4L0RvFf8tEfpQww+Pt3iXmk/jjuAVgPh4iD2F8/v
4wgtbg8M5/0R7DuJ909mv3NurkImOUKBI7TqJzjXCuPcGBjLQZx3MPtOpM0Q9g2lzTCnD2jjxkKb
k2kzEpU64xRw+7WfEuwdpwJxBImjnDgCbt8O53VxnArEECSGcmdU3N47PLr7vxT9FyO7/0jUpzAf
2AyfR8EaATNHMx9YDjMHMB9YDYPOYz5QgJl9mA9sht+jYJSAmaOZDyyHmQOYD6yGXecxHyjATPqx
Zw+9MIBe6EsvDNT79WygFwboA3paiehUeqKUnuijn0i7IewfSrthtBtOuwpej6DdSbQ7mXYjZR+l
hCofoOr+iAofpLIPJ0M6c8khZJGzyB1LqAf9FU117p86SlGU85ULle8oP2A7U5mgXK2MVq5VrmPv
DcodyveV/1LmKJczs12k/LeyTFnOK+cWvM8p65UdyvOKxfamskdpVN5Skqqq/EH1c9zl6kB1oLJW
PVEdpaxTr1AnKpY6SZ2k1Kk3qpOVneoU5vS71Gnqvcpe9X51Np+co76sdKuvsvnU+Wyl6htsZepC
dRFHXKluVAPamdpZ6hDtbO176nDtfO189WTtAu1CdaT2Q+0S9VTtUu1S9TTtMm2Cero2UZuonqld
pV2tjtau1a5Xz9YqtUr1e9oUbYo6Vpuq3a6ep92p3amO0+7S7lW/r92nPaBerD2kPaX+WHtGm6te
p/2PNk+drL2svaJO1d7WPlDv0P5X+1Sdrq3VdqhPaZa2R31Ja9Yy6h+0nNaq/lHbp3WoC7VOraC+
r0mhqH8TmhDqh8IUpeoS4Rd+9SMREAH1Y3G8OF79h+grBqjLxTAxXF0tRoiT1E/FSHGqulacLkap
68UZ4gz1MzFanKVuEGeLc9WN4nwxTt0ixouL1G3iYnGJaomJYpK6U/yHuF7dJW4Ut6l7xDRxj2qL
+8SDak48Kh5VD4iZYqaaF/PES2qHeE+8p3aKD8WHapf4u/i7WhBh8ZF6SPxDrFaliIpajfojMhrZ
XkhtgO7Ry7URelA/RfuuPl4fr/1Qn64/pV2iz9af1a7XX9Jf1qbob+q/127V39ND2lR9qb5cm6Zv
0Ddqv9C36I3aA3qz3qLN1g/oee05vVuXWpWn3FOuzfP08fTRXvIEPX21lz31nj3aa54mT1pb4LE9
tvZHT6unVfuTZ5+nXVvoOeDp0hZ7DnkOaR94pKFqfzOEIbSQ4TE82hLDNALa343jjH7aSmOAMUBb
ZwwyhmjVxnDjFG2DcZoxXttmXGhcqCWNHxhXac3GDcYUrdO405gjFON3xrPiZKPKeFGcarxivCJO
N14z5otRxu+Nd8UZxiJjkTjHeN94X5xrhIyQ+J6x1FgqxhofGf8Q5xkrjZXi+8anxhox3qg2PhMX
GluNreKHxnajTlxi1BsN4nJjr7FXXGk0GylxlbHPOCCuNgqmIq4zS02/uMnsb54mbjFHm+eLX5jf
Ny8QM8wfmZeJX5kTzAniCfOn5v8RT5rXmDeI2eZkc7L4H3OKOUU8a95q3iqeM2837xbPm/ea/y1e
Nqeb08Wr5gPm4+I180nzGbHQ/K05R7xnPmc+L/5qvmjOE38zXzX/ID403zHfEcvNP5p/FCvMheYi
sdJ833xffGIuMdeI1WbU3Ca2mTEzIXaaGbNbJEzp9Yj9XtPrEwXvNO80Ib33ev+vrnine+/XhfdB
74O6x/uI9xHd8D7m/ZVuep/3Pq+XeF/wvqj7vK94X9PLvG9639QD3oXev+h9vCHv3/Vve1d6V+r9
vKu9q/X+3rXedfoA7wbvRn2Qd7N3iz7Eu927XR/mtbyWPtwb8yb0Cq/tbdFP9bZ52/TTvPu9+/XT
S8aWnKePKhlXMk4/o+SCkgv0M0suL7lcH10ysWSiflbJpJJJ+piSa0qu1c8uuaGkUj+3ZErJrfp5
JVNLpurf973ie0sf73vX967+I98i3yL9Ut97vvf1H/s+8H2g/8T3v74P9ct9S3xL9Ct8H/s+1if6
VvpW6j/1feL7VJ/k2+Dbp19dapSW6w+XDiwdrv+mdETpafrs0gtLb9GfL72rdIf+YalVmvQMLz1U
pnvOKvt22VjPuLKJZTd7ppT9vOy3np+XvVH2nmdO2QdlSzyvly0tW+b5Q9nHZcs975atLFvpWVj2
SVmNZ1FZtGyb58OyHWU7PB+VWWV1no/LYmV7PSvKmsqaPOvK0mU5T7Vz9y/PxjLmgJ5NZd2Yl63+
En+5p9Z/vL+fp94/2H+iZ69/qH+Yp8lf4T/J0+wf6R/pyfhP9Z/ryfrP81/g6fJf5L/YUPyX+C81
hP8y/2WG4b/cf4Vh+n/qv9rw+a/1Tzb6+G/232yc4L/F/59GP/9U/93GQOcuj8Zw/6f+T40K/1p/
jTHCH/VvNU711/o/N87w7/THjLP8u/27jbP9CX/COMe/x580zvWn/LYxrvyy8v8wLiq/vvwmY2L5
reW3GVcHxgcuMq5V1HNedu4brCbEZ1/djPON870NX2y+ycXN2f/PW+ne8vsOb6V1x94CZwbOPF5z
ti/vD6471macf8LQ/luK2wjri23kxc42aPKxtlMOfWfJ4e30R0dFD2+D/1TcvPO98/ve52yD8s7W
974hC4alnW3o2OHTna3CN2L4iH4VvgrfsKnDplYsqFgwdCzbjqE7hk0duqNimvNs6I4R/c7Ijl7k
4Fj9drjvvtQ/X7lOJ95idCMvHrojuK7Yv86j05ffWRI4M7jO6YHDV3v4KsRnxc8Wt+K5nF532gfX
OS3K7xs0+YShzjvOHqf/nJbOe8U9zjYqKj47XjthqHOE/lucV8X9X4zy0ePsROSM3uHxO147fJwT
hh5rlIpjdPQonXKoODanP+qMS/FKRl78nSXFOJxI+m8ZOjZw5uA/Bdd90YfeBvHZF6PljN7/71Yc
5S82J87iUf697atHhgPw4YShw9IV0xy2OFxxtqFjnT0Azjivho6tmOb0UPE9ZxuyYMiC4dNdXjks
G+48O8yyCpeHbluHYUcYx1GnOp9z3uFcTjv3M8VYjo5UeU15jjnp86AKvABeBPPAu+CP4E9gIVgE
wkoFXrJCWc/zGvAZ2ACiYCPYBDaDLWAr2Aa2Awt83d2A9siHlb2gESRltdIMUiANMiALbNACcqAV
tIF9cv7X/K+O+5UuUACHQLe8X9woZ4hK+amYLCvFTXKBuJnXU3h9C69vlQv0ZlmvMzfX0yADssAG
LSAHWkEb2AfawX5wQFbredABDoJO0AUK4BDgvHoPkPJ+T1/5sDlB1ptXgmvAteB6UPyLdL15C7id
NneAO2W1+V/gLnm/+QD7H+T5Q+Bh8Aj4JXiM/b8CvwGPg6cA42gyjuaLvD8PvMrzN8Cb4C3we7CA
Y/5ZqTD/wvP3eb6MxzUgBpy7J+0Cu7/mjkgZYssCG7QAxsJkLEzGwtwH2sF+Od88AL74S/T9ppQP
9/4l+n7lZeVxmVSeAE+CWeAp8DR4BswGvwVzwHOyAVY2wMoGWNkAKxtgZcMxWblexmFjHDbGYWMc
NsZhYxw2xmFjHDbGYWMcNsZhYxw2xmFjEjYmYWMSNiZhYxI2Ov9XKAmrMrAqA6sysCoDqzLuPas6
mbF2gQI4BLpBj9yvSLlfVYAq94ublP7iVqW/voXZ71awDWwHO0AtsMDnoA7sBDFALDAwDgPjMDAO
A+MwMA4D4zAwDgPjMDAOA+MwMA4D4zAwDsPaYFgbDGuDXXHYFYddcdgV72VXBnbFYVccNrWZd8v9
5s/APeAB9j0qk+YM8BjPi2yKw6a4+QTvP8UjY2EyFjArDrPi5kvsf5XH13icz/43eP4meAv8Hizg
HIvY/xeev8/zJTxfxvM1IAbqwS6wGzTxXhI0gxRIu/+PIQl7krAnA3syR+7BRZ+bBc55CHTL/bAp
A5vavJpMekt4vZBHzut1/jZ9nFYp67Wp4G75M+1nYBq4R9aTAyrJAa+j/Uq0/7pvuaz3rQCrwGr5
M9+nYC3Pnbx2M/yz4J8F/yz4Z8E/C/5Z8M+Cfxb8s+CfBf8ssmKArBiAhxY8tOChBQ8teGjBQwse
WvDQgocWPLTgoQUPmYGDffIA3ErArRa41QK3WuBWC9xq6V0n/gIxWfHBq3N614u/QNzC61uVc+CM
BWcsOGPBGQvOWHDGgjMWnLHgjAVnLDhjwRkLzlhwpgXOtMCZFjhjwRkLzlhwxoIzFnyx4IsFX1rg
iAU3LLhhwQ0LbljwwoIPFnyw4IIFByw4YMEBCw5YcKCFDBOAAxYcaGH8LcbfYvwtxt9i/C3G32Ks
DzDWBxjjBGOcYIxbGNMWZQoZIkaGiJEhYmSIGBkiRoaIkSFiZIgYGSJGhogpYZlXloE9sob6UUP9
qKE3Y6g3iXqTqDeJepOoN0kPL6eHq+nhanq4mh6upoerUW8T6m1CvU2otwmOxKkRO+FInNqwU/wn
j7ehtC0yhppjqDmGmmOoOYaaY6g5hppjqDmGmmOoOYaaY/RyNb1cTS9Xk/trUKLzP45qyO819Gw1
SmxCiU0osQkVxlBhDNU1obgYiouhtCZU1oTKYvRoNaqKmX+WeXq0GlXFyMU15OIacnENubiG3ozR
mzGUk0Q5SXp1Ob26nF6tRjlNKKcJ5TSRi2tQT5KerkY9MdTThHpiqCeGepxvom9S+sKtvsofGIcI
4xBhHCKMQ4RxiDAOEcYhwjhEGIcI4xBBKSmUkkIpKZSSQikplJJCKSmUkkIpKZSSQikpxmwNY7YG
paRQSgqlpFBKCqWkUEoKpaRQSgqlpFBKCqWkUEoKpaTI2C1k7BYydgsZu4WM3ULGbunN2FnGPMuY
ZxnzLGOe7c3YBca8wJgXGPMCY15gzNOMeZoxTzPmaVQ2wF1LfjLqukk5GZUNcNeVv8W9E+HJcOBx
OPA4HIjAgQgciMCBCByIwIEIHIjAgQgciMCBCByIwIEI6kyhzhTqTKHOFOpMoc4U6kyhzhTqTKHO
FOpMoc4U6kzBmwK8KcCbAupMoc4U6kyhzhTqTMGjLApNodAUPCrAozQ8SsOjNGpNwaUIXIqg2hSq
TaHaFKpNwa00yk3Brwj8iqDgFApOwbM0Kk7BtTRci6DmFGpOoeYUak7BvQLci8C9NSg6Bf8K8C+C
qlOoOoWqU6g6hapTqDpFVm8hq7eQ1VvI6i1k9ZajsnoWbmaPyuoFuJmGm2m4mYaXWXhZgJcReJmG
lxF4GYGXEeUMWFaAZQVYVoBlBVhWgGWOe0yj/jTqT8OENphgwwQbJtgwwYYJNkxIwoQ4TIjDhDhM
iMOEOKP9LUb4W/R6nF6P0+tx1Jqml23UmkataXrZqWtOPYujujSqS6O6NKpLc2VtXFkbV2ZzZTZX
luTKklxZHKU5V2RzRXHlQ7RkoyUbLdloyUZLNlqy0ZKNlmy0ZKMlm6sMc5VhrjLMVYa5yjBXGUZL
YbQURkthtBRGS2GqznFUnePQUggthdBSCC2F0FIILYXQUggthdBSCC2F0FIILYXQUggt5dBSTnF+
DxsHCdAAklSiZpACaZABWWCDFpADraAN7CNeeEtvp+jtFL2dordT9Hae3m6mt5vp7WZ6u5nebu6t
ZhXobDA9f1FvNatAZ4MZhYvQl42+bPRloy8bfdnoy0ZfNvqy0ZeNvmz0ZaMvG32F0FcIfYXQVwh9
hdBXCH2F0FcIfYXQVwh9hdBXCH2F8OwJPHsCz57Asyfw7Ak8ewLPnsCzJ2BCM0xohgnN6C+E/kLo
L4T+QugvDDNS6C+E/kL49AQ+PQFDmtFeCJ+ewKcn8OkJfHoCn55AjzZ6tNFjCD2G0WMIPYbQYggt
2mjRRoshtBjCtyfw7Qn0GEKLNloMocUQWgyhxRAsbEaLNtX1OLQYgpHNaNFGiyG0GEKLIbQYQosh
tBhCizm0mEOLObSYQ4s5PHsCz57Asyfw7Ak8ewIW27DYhsUpWJyCxXlYnIfFzTA4BYOb0aSNHm30
aKNHW/lAeVwZrDwBngSzwFPgafAMmA1+C+aAr/fxX/09XlgZC6PHfsPf5c0iD8wiD8yCxbWwuFZx
1hFNgwzIAhu0gBxoBW1gn5wJi+fA4jmweA4sngOL58DgShhcCYMrYXAlDK7EHUzAQf4ah3Axs8iH
cAkTcJK/xilczCzyIX2LMljfCraB7WAHqAUW+BzUgZ0gBurBN/lN4AFZC4NrYXAtDK6FwbUwuBYG
18LgWhhcCYMrYXAluWzW1/xmcM5RvxmcRZ6bBZtrYXMtbK50fzv4IM8fAg+DR8AvwaPKYHMGONbv
Chlvk/E+8vvCF2k/Dzi/M5zP/q/+1rDSXMT+Pytje39zWGku4fXX/+5wFrl3Frl3Frl3Fkyuhcm1
MLkWJtfC5FqYPBMmz4TJc2DyHBhcSR6eBYvnwOJKr6YM9i4EnNe7GG7eTV5Ok5fT5OU0eTlNXk6T
l9Pk5TR5OU1eTpOX0/iWVnxL67/4DuPoe2fXw6gGGNUAoxpgVAOMaiAvVsOqVbBqFaxaBatWwapV
+JEEfiSBH0ngRxLuGgST3bUU2mBWPf4jg//IkB/T5Mc0+TFNfkyTH9PkxzT5MU1+TJMf0+THNPkx
TX5Mw4RVMGEVTFjl3gv7Btlw1D2vV+EdEniHBN7ByVNp8lQan5AgL6XJS2m8QQJfkCAXpRmtVeSe
ND6glZFaRd5Jf813BP98r+p6RqSeEWlgRBrILdXklmpGZhW1P0HtT1D7E733qm5glFaRa9LU/wT5
Jk2+SZNv0spp2lWykRldDTO6GmZ0NfRSunhfHB6nKAFmcDXM4GpKV8nG0k/AahABn4I1YC1YB6rB
elADPgMbQBRsBJvAZrAFbAXbwHawA1jgc1AHdoIYqAe7wG7ZWD4JXAmIU/kzvArDqzC8CsOrMLwK
w6swvArDqzC8CsOrMNkxT3bMkx3zZMe84twZxrkDyLuynezYTnZsJzu2kx3b4WAEDka+4T3fu+Bt
F7ztgrdd8LYL3nbB2zy8zcPbPLwtwNtueNsNb7vhbTe87Ya32+FtO7xth7ft8LYd3rZ/de6keBiR
0dT2UmddIUZlNHW9FP7eA3/vgb9h+BuGv2H4G4a/Yfgbhr9h+BuGv2H4G4a/Yfgb/ob3f2+H8+1w
vh3O579y//frZTs66D7qHvB59JBHD+1fmpMV7wEfRhNh9x7wv+L9L+4D39R7H/gwOgkfdR/4pt77
wDvztvAx7gPfjobCaCjSey/4dnQU/hf3gu9CX13oqwt9daGvLvSVR1959JVHX3n0VUBfBfTVjb66
0dd29LUdfbX/07wvj7660Vc7+gr3zvvC6CuMvsLKgn/DoWZhbBbGZmFsFsZmYWwWxmZhbBbGZmFs
FsZmv+EsLwNTMzA1A1MzMDUDUzMw1YapNky1YWoTTN0HU/fB1H0wdR9M3QdL62BpHSytg6V1sLQO
luZgaQ6W5mBpDoYOILs2wM4BZNeGb+A6v8msrg5W1sHKOlhpH2Nml4WV+47M7G6nzR3gLlkHK3Ow
Mgcrc70zvMOO0pnhZY+a4eV6Z3iHXeXhGV6ud4aX63WV/zzDq3NdZXF2V9frKL9udpeBkRkYmYGR
GRiZgZE2jLRhpA0jbRjZBCObYOQ+GLkPJtbBxBxMzMHEHEy0YeI+mFjnusoSmfuSszz53/j+p418
2EZ+SZBfEv/udzRHvnc5/J2L811L8XsW55vLmPv9yNHfjZxODarSKuU2bSq4R247fAc633K5zbcC
rAJrQY3cRh2qog5VUYeqqENV1KEq6lAVdaiKOlRFHaqiDlVRh6qoQ1XUoSrqUBV1qIo6VEUdqqIO
VVGHqqhDVdShKupQFXWoijpURR2qog5VUYeqqENV1KEq6lAVdaiKOlRFHapSZtKXefoyT1/m6cs8
fZmnL/P0ZZ6+zNOXefoyj6rjqDqOquOoOo6q46g6jqrjqDqOquOoOo6q47h0Dy7d842+dW9nzJg1
o9o2VNuGattQbRbVZlFtFtVmUW3WXafnJmWMs1YPNWQMY5tnbPOMbZ6xzTO2ecY2z9jmGds8Y5tn
bPOMbZ6xzX/Db9OzqDSLSrPH+DY9jkLbjvo2Pdv7DXoeDuV7v0GPH/kGvfjteR5e5Y98e+58cz6f
11/91jwL7/I4YU/vN+dZ+Jf/2m/O6TeU1YaysiipDSVl4Woerubhah6u5pWTNGZ6GjM9LS8/0jrc
FepeFIp8VeioxeTRK1/1jwHfkwn/WHAez8eDC+SL/gvBT8Ak9l8JrgXXgevBjfIjfyWYDG6iDcrz
387zO9wV9xL+uzlGgscUr9M8ZkAWON8gjCSqDqLqIKoYUcV61+QMEVXHkTXzbpQWrs5y18n7nuwg
ug53vbziWnnFNTad9TUnsf9KcC24DlzvrkYYI7oY0cXc9TZvc/9XfYzoYkTX4a6Ll3BXJowRXQfR
dRBdB9F1KBWaJbvcVS/zcinRLSW6dUQ3l8jmEtlcd1WNm+W9vSteziWqub0rXs4lsnVEtq53xct1
/gmyy38FmAiKq18uJbKlRLaUyNYdtfrlUqJbSmRz/XtoW1wBc6kyjGiaicZZb9BZmbGGiGrcvvpi
bcEkkRy9nmDS7aNLeLzUXUOwmQiaiaCZCJx1A2uIoIYIajh7krM795uo4ew1/jvde044awY6Kzc2
E0WSKGqU4UQxmwjeOMKnbjy3wyGffMO9N+XNSvkRDl2gBPwXgkvlG/6f8DhBziaC2UQw+5hcuok2
Dn/upL3DnWk8OtzZQ/t/5o7D6DgRxI+soNkt8/RHlGji9EmUPonSF1GiiRNNnD6J0h9RRibPyDhr
suaJIk4UcaKIE0WcKOJfWkHzJtrcxr7DK2jexfO7OUaCxxSvySdEFSeqOFHFlX5EFSOqGJG0EkmM
SFqJpJVIWokkRiQxImklklbOHuPsMc4e4+wxzh7jbA4zY5yllbM4rIxxhhhniHGGmOLnepdxvcu4
3he4lhe4lhe4lheIexlxLyPuZcT9AjEvI+ZlxLlMGcy4vc24rSG+RuJrJLZGxmwNY3Y8Y3Y8sTUS
WyNjtYZxeptxeptxepsYG4mxkRgbibGRGBuJsZExWkOcjYzRGuJsZIzeJtZGYm0k1kZibXTXT3X+
SnWOMorzp2FvhvN3cv5OrqKOq6ijn3YTSyf9tJt+2g2DM/TVbuLpJJ5O+mo3TM7QX7thcobY0sSW
JrY0sXUSWydszhBfJ/F1El8nPVFHT9TRE3UwOwOzM8TcSY/U0SN1xN1J/+4m7k7iTsPuDL1UR/yd
xN9J/J3E36m8Sr3MUS9z1Msc9TJHvcxRL3PUyxz1Mke9zFEvc9TLDPUyQ73MUC8z1MsM9TJDvcxQ
LzPUywz1MkO9zFAvvdRLL/XSpl7a1EubemlTL23qpU29tKmXNvXSpl7a1EubemlTL+1/8X3DTtzw
TtzwTtxwA3W1kbraSF1tpK42UlcbmbflqK27qK27qK27qK27qK3FdRorZcFZq1EwD6K25qitOWpr
jtqao7bmqK05amuO2pqjtuaorTlqa47amqO22tRWm9pqU1ttaqtNbbWprTa11aa22tRWm9pqU1tt
aqtNbd1Fbd1Fbd2FA95JfbWprzb11aa+2tTXDPW1kfpqU1+db9934oB3Umd3UWdt6myOOpujztrU
2Qx11qbO2tRZmzqbo87mqLM2dfb/kXYn8FHV5/7Hz2CYM4Cl4m5ttVHbYq11re21LrX3Vm3FGi21
mtta9Xa1m7viRdS6ILbiEpVWrSRqoyAqaoIK6uAyCgoTmGAGNDBhXE7oDMoopG71/N8nCdW6tLf+
X+f14Zw5M5lMft/n9zzPd5jfmdXq7Gp19mV1drU6u1qdXa3OrlZnV6izL6uzGXV2tTq7Qp19WZ1d
rc6uVmdXq7Or1dnV6uzqD3l/41nd7rO63Wd1u8/qdsu63bKa/IKa/AL/9TL/9bLavEKn+6z6/IL6
vEJ9Trrcl9Xnl9Xnl4Nfi7QWkdYi0lpEWotIaxFpLSKtRaS1iLQWkdbyT66t8gHvn3Lqs/FkXBJp
JZFWEmklkVYSaSWRVhJpJZFWEmklkVYSaSWRVjJzt9F17bHB94MtdV6HmcXJt9ruscGxbh/n9vHx
FF32FNHSIlpaREuLaGkRLS2ipUW0tIiWFtHSIlpaREuLaGkRLSXRUhItJdFSEi0l0VISLSXRUhIt
JdFSEi0l0VISLSXRURIdJdFREh2l/vcsf2h/LE7H+LhFNLSIhtLg+5Al0VASDSXR0CIaWkRDSTSU
RENJNLSIhpJoKImGkmgoiYQWnf7TIqEkClpEQUkUlERBSRSUREFJFJQo10K5Fsq1UK6lX7k2yrVR
ro1ybZRro1wb5doo10a5Nsq1/ROnHFEuolxEuYhyEeV6KNfzUa6KQ7lNKHcQ5bai3NGU24RyB1Eu
+STK0ZS7knJXUq6Ncm2Ua6NcG+XaKNdGuTbKtVGujXJtlGujXNtHuQrKB1x1I/r7FTeSq2uMj9so
1zZ4JY3oH6+k4bxx+/uVNPqvoOH2e6+gMd25Gfrg5OoZsxx/yJUzKNdGuTbKtVGuLTiJclnKZSmX
pVyWclnKZSmXpVyWclnKZSkXUS6iXES5iHIR5aJ/oVyZcmXKlSlXplyZcmXKlSlXplyZcmXKlSlX
plzyjnDfoHo7DM67nw6qt8PgvPsp9W6m3s3Uy1IvS70s9bLUy1IvS70s9bLUy1IvS70s9bLUK1Ov
TL0y9crUK1OvTL0y9crUK1OvTL0y9cp1SSY7BA34Lo7EgHpl6pWpV6ZelnpZ6pUH1StTr0y9MvWy
1MtSr0y9MvXK1MtSr0y9MvXK1CtTLzuoXpl6WeqVqVemXpl6ZeqVqVde/79QVMxSMUvFLBWzwVjq
zKXOXOrMpc5c6sylzlzqzKHOHOrMoc4c6sx51ydzctTJUSdHnRx1ctTJUSdHnRx1ctTJUSdHnRx1
cmpvVe2tqr3VILk+8kqU+73phoOfFfhvSm04+DmB/zbiOSOeM+I5I54z4jkjnjPiOSOeM+I5I54z
4jkjnjPiOSOeM+I5I54z4jkjPseI54x4zojnjHTOSM8x0jkjnTPSOSOcM8I5I5wzujmjmzO6OaOb
G/zkTc6o5oxqzqjmjGrOqOaMak5Nq6ppVTWtqqZV1bRqMNG8aDIvmsyLJvOiybxoMi+azIsm86LJ
vGgyL5qMfM7I54x8zsjnjHzOyOeMfM7I54x8zsjnjHzOvCibF2Uj32HkO4x8h5HvMPIdRr7DyHcY
+Q4j32HkO4x8h5HvMPIdRr5m5GtGvmbka0a+ZuSTz9r1BXHclwqQ6p87yf8oj6bGdtQ4bfB/lEdT
ZDuKnGbuTDJ3Jpk7TeZOk7nTZO40mTtN5k6TudNk7jSZO03mTpO502TuNFGyg5IdlOygZAclOyjZ
QckOSnZQsoOSHZTsoGQHJTso2UHJDkp2ULKDkjlKdlCyIzxBLP8Cv8Lpbo+Pm8yjJup2UDdH3Q7q
doQXuH+ivfE2l5oo3UHpjnCK89faX2d/vfM3OJ6KZrRgunMzzJnbHc9yPNv+cXRjOVaghBfjGvVr
1K9Rv0b95HN1feFb+Fv/XGvKDOt/J6HJfGsy35qC34iORtHRKDoaRUej6GgUHY2io1F0NIqORtHR
KDrmi475omO+6JgvOuaLjvmiY57omCc65omOeaJjnuiYIzrmiI6s6MiKjqzoyIqOrOjIio6s6MiK
jqzoyIqObJCsTpftPuwdYio3UrmRyo1UbqRyI5UbqdxI5UYqN1K5kcqNVG6kcpbKWSpnqZylcpbK
WSpnqZylcpbKWSpnqZylcnJVqSyVs1TOUjlL5XlUzlI5S9ksZRsp20jZLGXnUTZL2SxVs1RtpGoj
VbNUzVI0S81GamapmaVmlppZajZScw41s9RspGaWmllqZqmZpWaWmtkPejeWgo3Ua6ReI/Uagzep
V0+9eurVU6+eevXUq6dePfXqqVdPvfrg8vhhCo6l4FgKjqXgWAqOpeDYYIr7/oDrcD3+hBswFc1o
wY24CTfjz2iNx1B9DNXHUH0M1ccEM5y/A3diJu7C3bgHbWjHLNyL+3B//AtR8otgjuMH8CAeQhZz
8QgeRQ6P4wnMw3w8GTeIrAaR1SCyGkRWg8hqEFkNIqtBZDWIrAaR1SCyGoIuP1PEUsfL7J/Bs+jG
8niSiJsk4iaJuEkibpKIm6R+l+SkWXLSLDlplpw0SxTWi8J6UVgvCutFYb0orBeF9aKwXhTWi8J6
UVgvCuvrVsQP15XQg5Uo4zk8jxfwIiL0xg2itUG0NojWBtHaIFobRGuDaG0QrQ2itUG0NojWBtHa
IFobwkPjh0Vsg4htELEN4ffcPioeEzbafx/H4IfOH4sT4lny1Cx5alb4a+dPxMk43X3j43qRXS+y
G0T2GJHdILIb5KxZ4YUeM9HxxfaTcAnElWivDy91PBlXuP9KNDm+ClP8nJgK/4hrnb/O7es9XmyZ
EQ1mRIMZ0WBGNITiKbwV0/r/F7o+vM1+RvwLM6QhvKP/f6PrQzETipnwfsx2XsyEYiYUM6GYCcVM
KGbChyFuQnETPgaxY3Y1hGInFDuh2AmfxFNYgDw6sAiLUUAnluBpiJtQ3IRLIW5CcROKG7O1wWxt
MFsbzNaGkL4hfUP6hvQN6RvS1yyeZBZPMosnmcWTzOJJep+S3qckN8+Sm2fJzbPCt/v/Z7w+E9pn
MCyeldnQfppzxsRsrw+GBA3B+cHvgyCYHFwWDA+uCGYEGwZ3BPcGo4M5wUPB7v0rgPcKHg26gi8H
y4IXgkP61/4eNeTwIUcEpyRrbYPTklW2welDThjyq+DMIUuHLA3GD3l2yHPB2UN6h/QGFw35y5BK
MDFZOxtMGtI35K/B74a8OeTN4NJk7WwwOVk7G1yerJ0Nrtxg2w22DaZs8H2V+Q8bHKseX1tXqHsp
uD5ZVxrcn6wrDeYM3Xzo5sFDybrJIJusmwweS9ZNBvOTdZPBk+Fx4fHBU8m6yWBhsm4y6EzWTQZP
J+smg65k3WTwfLJuMlgVXhFeE1TCa8Prg1p4Q3hTsDZZNxm8kaybDN5M1k0Gb4V3hHcGbyfrJlNB
sm4yNSrsDv+W2jKMM8NTe2emZW5LHZhZmMmnvplZnFmcOiRZuZgak6wmTB2arCZMfXvEwyO6Ukck
awRTP9vwyA2PSf0+WdWXujpZpZe6Jlmll7o5WaWXmp6s0kvdnqzSS81MVuml7kpW6aXaklV6qdnJ
Kr3Uw8kqvdQjySq9VC5ZpZdakKzASy1MVuCl8skKvFTnyMNGHp5aOvK/R/4g9ezH9/v411IrgtTL
eyZr7zaYevuPPmgLDw4PHjV380ve2bZcO7Al97x3++QDo/dav+241FbesbxT3U51ew1Ptn1Gv3cL
D97/xAMnD2x359/Z2jPJdsi8D9rm/uXQ3vXb0Uccd9T67Tc3DGynP3D6A+MmXzbynS05897tygPH
TR43+coDp+yZbNelbRsl29QJH7QlzzhucvOYwe3Jd7aBn5+yZ/JMVx5Ynb1+u+nxW45av00rDGyj
Lkq2rXffevf98qMu2i+/X37M28m24CsLvnLF0iuW3nT9wDb+5vMmJ9uEWRfOTraJY5PtwvEXjj+3
+dzmSddPun7CLPetv735pSMvvTzZJmf6t0sW3DD5ksmXXHqtbeSlIyevmbxm/fGl13Zd1PPLhIVb
LtzygxUf0Pzd2z9qlmgwMOLvHdPr0v84agN/fRID7ZnBMR7cRs0dNffC8fuMHoimZJ9EzqG9O9Xt
MzqJiPDg9fofd9Soub+5YVphx/J16YTbfzTwCga2gVc7eq/k5/YZPfDI0Xvtf+L6vyI5m8RW8tjk
d/7mhuT8+r/kuKNu/9Hml+w1fP8T9z9x1Nzk2cKDdywfOPn2HyWPTaJ+fay/O9qTV5rE9Pqofieu
k+d5fzQPxPK7o3nuXwZi+OgjkvgdiNrkeZKf3qnuNzfsMzqJtiQ6p064bqNxk09/IImwgThKRm8g
IgdidVohGfnkKInM5NY7oz9lz+RZLhvZ/GRyvnnMLUcNPO+7Z8SVB/5j3H9wnK+P8kTPgehO4nsg
qqfsWZ19y1HXbTStkDx/ePC7dX73NjCH1r+CcZOT57ouPXB7/e9LnnPgr78uPa2Q/ObklY+bbBzS
yWtMjtb/ddXZA/NyYCYP7JO/MXklUydcNjJ51H75ZK4lDMy0rXcfmIMfbUtm7ru39z8imdPv3gZ+
6zvb+38imfv/3rY+S3zY9v/zF/57W5KD9j/xvMmTNp84dtTcgSw1ceyEWckZyFPJrQmzJm2e5KmB
+5Jt/M3jb07y2sDZZKYlR+tz26Trk9y3PuOtz3P+nT1hlix2+fr81p/jkqwnvznuz3wD+/6s51H9
GW8wA8qByWOTnxk8O3XC5My5zclrSX7XqLmT1wy8hvMm9z9f8lv6f+5fKTjm7SS6h1wW1MVRMBRp
hMhgGIZjBDbExzASG8fLg02wKTbD5tgCn4t7gtHYEZ/HTjgk7g7G4FB8G4ehAYfjCHwHR+JoHBNX
gx/iWByH4/E/OCfuC87Fefht/+czVnBmKzizFZzZCs5sBWe2gstaxmUt47KWcVnLuKxlH3Ftbh+H
0xck38PVg5Uo96+tejF4Hi9gYG3VymAt1qEPf8XA6rXlwRt4E2/hb/Hy1JC4O7UB6jAUaYTIYBiG
YwQ+ho3ilalR2BibYFNshs2xBbbEVviEx26DbfFp1GM7bI8d8Bl8Fp/D6LgztSM+j53wBeyML2IX
7IrdsDv2wJ74EvbCl/EV/Af2xlexD/bFftgfX8MB+Dr+E/+Fb+BAHISD8U18C4dgDA7Ft3EYxERK
TKTEREpMpMbiuxAbqe/hKIiR1E/ivtRpOB1n4EyMw1kYj7ON9QScg3NxHn6L83EBLsRFmIiLMcnP
/M7z/t7+UkzGZbg27kldh+txA6aiGS24ETfhZvwZrbgFt2IapuM2zMDtuAN3Yibuwt24B21o97tm
4V7ch/sxG3PwAB7EQ8ji4biQegSP4jHk8ES8IDUP8/EknooX1J0aR3Wn4XScgTMxDmfhfzEeZ2MC
zsElcXedMaj7PS7FZFyGy3EFrkQTrsLVuAY34ibcjD+jFbfgVkzDdNyGGbgdd+BOzMRduBv3oA3t
uC9eXnc/ZmMOHsCDeAhZzMXDeASP4jHk4r66x/EE5mE+nsRTWICFxiKPDnyUNe3mbd3biOPlQzfr
Xw314tAt486hW+ET2BqfxKew0mNeRBR3D/V7hnq+oZ5v6Ftx39C347603JoO4+VpOTQth6Y3cjwK
8mhaHk1v5jGfdP5T2M7t7THauZ3d3sXxrtgNu2NP577svq/a7+f2AfbfsD8cP8XP8HOcgJPiavpk
nIJTcRou8rMTcTHEevoaj5sSd6f/GHemp7rd7PaN8cq0GE+L8TQt0zOcp2P6TvfNdHwX7sY9aAMN
07NwL+7D/ZgNOqbpmJ7r+GE84rGP2j+GHB7HfPfL0+mF7stjsXNL8DS6nC9CXk4vwzPxgnS3xyz3
ula4v4Qe55/3eo19ugb5ON1n/1e8htfxBt7EW/gb3kYcd4dB3BnKzeGwuC/cGJtgU9AjTD4zvQW2
xFbx8vAT2BqfxKec2wbb4tOox3ZQ/0L1L1T/QvUv/IJzO+OL2AW7Yrd4Qbg79ogL4Z7Yx+P2td/P
uf29lq/jIMff6v/M9nuvk7AsPDpeGf7Afe9cK+HF8Cegef81Egauh7DsA6+H8MHXQVg+eA2E5f/k
Ggh9YYRerMJfUPE7q1iNl/DOutuVoVr4rtXMy8M4fjETxCszqXh55mNxZ2YkPo6NMAobYxNsis2w
Bcy1jLmWMdcy5lrGXMuYa5ltsC0+Hfdk6rEdtscO+Aw+C71IhhYZWmRokaFF5gvYGV/ELtgVu+GX
cV/mV17Xr+1PirszJ+MUnOrc6fZn4CyMx9mYgHPiBZlzoSfJmE8Z9SOjfmTUj4w5lbkcV0DuzMid
mav87Vd7vj8592ev/Vb7GX7evMmYMxlzJiP3Zx60f9Rregw5PO6xHc6ZE5mC+5egC8+i2zn6ZOiT
MQcyclDmBefpk1ntuV+KCxk5KPOq2+vQF/cN+wr2jruHqeHDDrQ/KO4ZJs6G6c2GqcPD1OFh33F7
LL6LI3F0vGDY953/AY7BD3Esjod6HIzs/96V5DtXvhkfMeSQ+IjBqwvcMnh1gVve8z0GRwxvhqhL
7a7vrOg7K/rOir6zou+s6Dsr+s6KvrOi76zoOyv6zkrwo3hx8GP8BKfESwL6BKdBzAdn4EyMi58K
zorvC/4X43E2JuAcP38uzsNvcX78SnABLsRFmIiLMQmX4Hf4Pf7xk/YrP2Q9fVHP16Xn69Lzden5
uvR8XXquSM8V6bkiPVek54r0XJGeK9JzRXquSM8V6bkiPVek54r0XJGeK9JzRXquSM8V6bkiPVek
54r0XJGeK9JzRXquSM8V6bkiPVek54r0XJGeK9JzRXquSM8V6bkiPVek54r0XJGeK9JzRXqcSI8T
6XEiPU6kx4n0OJEeJ9LjRHqcSI8T6XEiPU6kx4n0OJEeJ9LjRHqcSI8T6XEiPU6kx4n0OJEeJ9Lj
RHqcSI8TpR7X5zxhPw/z8SSe6v/WnZUiZKV+paJfqehXKvqVin6lol+p6Fcq+pWKfqWiX6noVyr6
lUrd1Pi+uma0YKH+JY8OFOJX6jqxBE+jC0UsxTI8g2fRjeWgkfrepb53Dd00XqzGR8mKBDU+UuMj
NT5S4yM1PlLjo6F/ie8bui5+amifx/4Vb7j9VlxR3yvqe0Vtr6jtFbW8opZX1PKKGl5RwyvpPeL7
1O2Kul1Rtyvpr7l9gP3p8eL0GTgT43BOvCR9LvStafk7fX78VPoCXOjxF3n8RFyMy/BHdZ9GanSk
Lkbp5PMeAcSdGhSpQZEaFKk3kXoThV9SZ/aCOFJrIjUmGrwWw/oVFl3h+PiV8GyI/1D8h9fjRuen
299pP8v+/ascVsr7K991vYWivF+U97sGVzgk11joygyJX5H7I7k/kvsjuT+S+yO5P5L7I7k/kvsj
uT+S+yO5P5L7I7k/kvsjuT+S+yO5P5L7I7k/kvsjuT+S+yO5P5L7I7k/kvsjuT+S+yO5P5L7I7k/
kvsjuT+S+yO5P5LHI3k8kpOjzDSvz9+ZuQ3iOjNH/n3U/jHk8DhWx5HcGcmbkXwZyY3RsEY+99rg
48GmwUZIruQ6Gjvi89gJezv/VRzCzY7Bofg2DkMDDscR+A6OxNH4UTA8+DF+kvzfhQxzJZpwFa7G
NWiNCxxvgeMtcLwFjrcQ3B9sE8zGk+5/CguwEHl0YBEWo4BOLMHTWIrIa+1Fcs3ov6CCKlbjJbyM
Najhtb9/5mC/9ddi4SSqnESVk6hyElVOospJVDmJKidR5SSqnESVk6hyElVOoqozL+rMizrzos68
qDMv6syLOvOizryoMy/qzIs686LOvKgzL9ati2t1ffgrXsPreANv4q24NnTTYLhOvDq0z/6vwfA0
bdL74nTHZ+BMjAuG666Kuqui7qqouyrqrgq6qqKuqhj+NK6FP8Ppjs+wPxPjcBb+F+c4f67H/9b+
fEwEnXRZxfBq91+Dax3fgKloRgtmBNvotoo6raJOq6jTKuq0ijqtok6rGBrj0BiHxjh8Ba9i/ed/
2sVF8l5Nt5rZrWZ2q5ndama3mtmtZnarmd1Bcs3njyXXfcbH4zXBRtjbT341iap4qRq6VA1dqob2
qKFVNbSqhlbV0KoaWlVDF6ih89XQ+WrofDV0vho6Xw1dp4auU0PXqaHr1NCKGlpRQytqaEUNraih
FTW0ooZW1NCKGloJ7o9fC2bjtf51km8GcfxmKkAqflMN6FMD+tSAbjWgWw3oVgO61YBuNaBbDehW
A7rVgG41oFsN6FYDutWA+WrAfDVgvrxfkfcr8n5F3q/I+xV5vyLvV+T9irxfkfcr8n5F3q/I9Uvl
8vly+QK5fKlcvlQuny+Xr5PL18nl3XJ5t1zenTZ+8vk6+bxbPu+Wz9fJ58m3gs2Xz7vl83XyeXd6
X77qa84d0P/NX0vl9KVy+lI5famc3iOn98jpVTm9KqcvkNMXyOnz5fR1cvo6OX2dnL4uPCF+M/wF
ftW/5rIiF1fCC/rXV1bk40o4pX9N5ZvyckVOroQz4tfk5OTqUK+KkGSd45vhW/hb/7VDKplh9tPs
PVZeqwTHD9k1rg3ZE/3flWef9G2Hx31/v1KUTnjIJFyiV3t335Z879Q0zMTdaMMszO7/Pqp3rh41
eNWo4Qvj2vA8OrAIi1FAJ5bgaXShiKVYhmfwLLqxHCtQQg9Woozn8DxewIuQs4bLWcPlrOFy1ojL
4+UjuJ0R3M6IJlwFnfcILnfEFDwc943gQkc8iseQw+N4AvMwH0/iKSwAVzqCKx3RgUVYDJ34iE7o
xkc8DR35iKVYhmegOx/BpY5YjhUoxX0bnhTXRh4W941sQDLeK8zjZvO42TxuNo+bzeNm87jZPG42
j5vN42bzuNk8bjaPp5jHU4KNZd5NsCk2w+bYAh9YdeKbzPmbVJ2aqlNTdWqqTk3Vqak6NVWnpurU
VJ2aqlNTdWrBMfGq4Ic4FsfhePwPxulzz9EPn4vz8Fuc73VdgAtxESbiYkzCJfgdfo/L+9+zXaSC
LVLBFqlgi1SwRSrYomCK+/6A63A9+KPgBkxFM1pwI27Czfhz/3rwRareIlVvkaq3SNVbFMxw/g7c
iZm4C3fjHrShHbNwL+7D/fEdctIdwRzHD+BBPIQs5kKEBCIkEB2B6AhERyA6AtHxb1+RQ3QEyfdE
JFfmECGBCAlESCBC/skK3yrfUeU7qqpyVVWuqsrVIPmMYvItDVWsxkt4GWtQwyvxcx/iURbxKGt4
lDU8yhoeZQ2PskY+XiwfL5aPF8vHi1ND9OYboA5DkUaIDIZhOEb0f+NZlNoofjE1ChtjE2yKzbA5
tsCW2Ap6uNQ28crUtvg06rEdtscO+Aw+i8+hwWMPxxH4DsbiuzgS38NR0HOlfhJXU+pWSt1KqVsp
dSs1DmdhPM72XBNwDs7FefgtzscFuBAXYSIuxiQ/8zvPq3NJ6VxSOpeUziV1udd/Ba5EE67C1bgG
U6Aip2bhXtyH+zEbc/AAHsRDyOp0To2b1bhmNa5ZjWtW45rVuGY1rlmNa1bjmtW4ZjWuWY1r1k3V
dFM13VRNN1XTTdV0UzXdVE03VdNN1XRTNd1UTTdV003V6vi2Op6gjieo09PW8W11fFsd31bHt9Xx
bXV8W53+to5vq7uD/7oTM3EX7sY9aEM77sP9mI05eAAP4iFkMRcP4xE8iseQ87c+jicwD/PxJJ7C
AhT8bZ1YgqfRhSKWYhmewbPoxnLIoHUyaF0PVqKM5/A8XsCLiPrXuX6UK8hUdZJVnWRVJ1nVSVZ1
klWdZFUnmXxj0hoecQ2PuIY3rA5VhYaqOrrL2tBV/d9MWhuqU9NLRPqHV/QPr+gfmtNh8u2j9nK3
HmJKeiO3R0HuTsvdeopX9BTNeorm9HZub4/Rzu3s9i6OVen0btgdezr3Zfd91X7f+Kb0fs4d4Pgb
9nJ4Wqea1qmmf44TcFK8Kn0yTsGpOA3n84cX4CLPMxEX4zJcE69MT3F+qr6k2fGN8YtpMZKe4bb4
SIuN9EzHd+Fu3IM2tLtvFu7FfbgfsyE+0uIjPdfxw3jEY3moNA+Vzjn/OObjSSx0Xx6L3bcETzvX
hSKWYhm63b/CfSX0uL3S63sekds1rHMsx6XluPRreB1v4E2PfQt/w9uI+VO5LRwWV8ONsQk2xWag
a7gFtsRWHvcJbI1P4lPObYNt8WnUYztsH78Y7oDP4LP4HL7g/M74InbBrtjf7/w6vtW/jrozPFQn
/+4rEH3P7aPiRf0+XC8cfh8/8Nhj+t/fXX9Voip/XuVIqhxJ8k1ca/SJi/WJi/WJi8Nfe+yJOLn/
E9XJ1Yqq3EqVW6lyK1VupaqXbNZLNg9erWjR369WdIGfv7D/k9ad4cX2k3AJ1G79ZnN4qePJ/eu2
B65k1OT4KnBvHE5VP7o4VL/DP/Z/KrtTb7pYb9oc/ql/bfd7r3K0JlS/w1sxDdM97rZkrXd8R/9V
j+7ov6bjGv1sc6hOh+p0eH//2u/OUJ0O1elQnQ7V6VCdDtXpUDcXqtWhWh3q5kL1uv+KSep1qF6H
6nWomwt1c6FuLtTJhTq5UCcX6uRCnVyokwt1cqFOLlSrQ7U61M2FanWoVodq9fuuwCQXhXJRKBeF
clEoF4Vy0YdcFaIaqteheh2q1xxelcOrcnhVDq/K4VXDtfFz4Tq88x7KIv38olC91tMv1tMv1tMv
Dt/2O+L+te7Jeypr9PjNmZAzzGBYvDizof0v3f+reGXm1/Yn2Z/ssafgVMen25+BszAeZ2MCeJPM
RVD/MupfRv3LqH8Zzj3DuWeu9JgmqH+Zqz3Pn5yb6vhW+2leAy35i2YOtZaREzJyQkYtzDxo3wFz
PFNwewm68Cy6nVvhuUowtzMrod/J6HMyNcfGJSM/Z+TnYV/B3nE07ID4xWEH2ptPw75tr18Y9h3H
Y/FdHInvecz3nf8BjsEP45XDjsXxjs2j4Ge66Td0029ww33ccF+QvIt9SryWG36dG36dG36dG36d
G36dE+7hhHs44R5OuIcT7tGdrdWdrdWdrdVxvaTjelXH9aqO61Ud16s6rld1W326rT7dVp9uq0+3
lfwP7supR/AoHkMOj8e11BNxb2oe5uNJPBX3crg9HG4Ph9tTt9DtPDqQfDuWKFCR+jjZPlVpLTfb
w8n2cbJ9nGyPivMGh9rDkfZwo33caB832seN9nGja7nRtdzo69zo61xoT/qZuDfcDbtjj/jlcE98
Ka6Fe2Ffx/s5fxCO5jB/HK+VjdbKQn1mdDJjk/8JWivC14rwtSJ8rWh+STS/JJpfFc2viuIkapNr
Fb8qavsy58S9mXMxA3NEzGr7l+KXhx0d9w5r5EKGrH9fIDiYS+rkkjq5pE4uqZNL6uSSOrmkTi6p
k0vq5JI6uaROuj5H1+e4lSp30sud9HInvdxJL3fSy530cie93Ekvd9LLnfTqyjp1ZZ26sk5dWaeu
rFNX1qkr69SVderKOnVlnbqyTl1Z8p2jvbqXXt1Lr+6lV/fSq3vp1b306l56dS+9upde3Uuv7qVX
Z1DVEXTqBjp1A520eU7l71T5O1X7TtW9U2XvVNE7VemqKp1k617ZulcW7pWFe2XU5GqHyRUOk6sP
9ppxvWZcrxnXO+RhnrCdJ2znCdt5wnaesJ0nbOcJZ/KEM3nCmTzhTJ5wJi/Yygu28oKtvGArL9jK
C7bygq28YCsv2MoLtvKCrbxgjRes8YI1XrDGC9Z4wVrwMzPg5zgBv8Av8Sv8Gr/BiTgJJ/e/v7TK
jFplRq0yo1aZUat4wXZesJ0XbOcF23nBdl6wna9r5+va+bp2vq6dr2sP7g+2Cmbjo13XcxVvtYq3
WsVbreKtVvFWq8zevNmbN3vzvFWet8rzVnneKs9b5XmrPG+V563yvFWet8rzVnkzfZ6ZPs9Mn2em
zzPT55np83ir5LotC832hWb7QrN9odm+kJcq8FIFXqrASxV4qQIvVeClCrxUgZcq8FIFXqrASy3h
pZbwUkt4qSW81BJeagkvtYSXWsJLLeGllvBSBV6qi5fq4qW6eKkuXqqLl+ripbp4qS5eqouXSv7/
aVVqR3weO+EL2BlfxC7YFbthd+yBPfEl7IUv4yv4D+yNr2If7Iv9sD++hgPwdfwn/gvfwIE4CAfj
m/gWDsEYHIpv4zA0+FsOxxH4DsbiuzgS38NROBr/+jM/RV6vyOsVeb0ir1fk9Yq8XpHXK/J6RV6v
yOsVeb3i4Gd+Cu/7zA9fxevVeL0ar1fj9Wq8Xo3Xq/F6tdS1NL0O1+MGTEUzWnAjbsLN+DNacQtu
xTRMx22YgdtxB+7ETNyFu3EP2vDvfSboNhXlNhXlNhXlNhXlNtVkumoyXTWZrppMV02m85KtvGQr
L9nKS7bykq28ZCsv2cpLtvKSrbxkKy/Zyku28pKtdVNUnj/gj7gW1+F6/Ak34Ma4wGsWeM0Cr1ng
NQu8ZoHXLPCaBV6zwGsWeM0Cr1ngNbt4zS5es4vX7OI1u3jNLl6zi9fs4jWLvGaR1yzymkVes8hr
FnnNIq9Z5DWLvGaR1yzymkVes/h/+AzQdJVzuso5/SNeIzfPH+b5wzx/mOcP8/xhnj/M84d51Xih
arxQNV44dDNsHueHbhmvGroVPoGt8Ul8Civjdt6xnXds5R3bh76kavud/GP70Nccv64Sh3F7OmM/
DMMxAhtiI+dHQZ7nH9t5xnaesT39Wfd9Drs43hW7YXfs7dx+9t/A4fgpfoaf4wScxCeejFNwKk6D
Tiet00nrdNI6nfSE/vesV+kSVvGJRT6xkP6j44HPCBV5xSVpMZ8W8zxjYfAzQgWesfghnxEq8IwF
nrHAMxZ4xgLPWOAZizxjkWcs8IyFwc8IFXjGAs/YxTN28YxFnrH4rs8IFXjGAs/YxTMWecYiz1jk
GYu6memDnxFayDsWeMcC71jkHWu84xLescA7FnjHJbxjgXcs8I4F3rHAOxZ4xy7esYt37OIdu3jH
rjCIV/GPhf/D54SK/GORfyzyj8UP/ZwQv88/1vjHGv9Y4x9r4eh4YbgjPo+d8MGfHZquS5uuS7tN
l3ZbuI/H7Wu/n3P7e31fx0GOBz479N5rNrfr4OYNfnZo4LrNP47zurk8b5nnLfO6uoWD12/O85B5
HjLPQ+Z5yPzgdZvb/+G6ze9crznPD+b7r9f8/ms1LwxnBFsNXqd54T+5RvMq3mkV77SKd1rFO63S
WeZ1lnmdZV5nmeed8rxTnnfK80553imv25yn25yn25yn25zHO9V4p+SaYAt1nXld5zxd58LMx+JV
mZH4ODbCKGyMTbApNsMWMH8z5m/G/M2YvxnzN2P+ZrbBtvi056rHdtgeO+Az+Cw+Bzpm6JihY4aO
mS9gZ3wRu2BX7IaBzx0VBz931MWnFfi0Ap9W5NMKfNr/o+3e4+Ou63yPTyCdmeCNSyviKiJ4wQsK
gpcFEdEVVkG0622rq7A5j8i6c9zH0TVcYgGRq5LIpQGOyEpSRblEwCQQmMaUmCk4AlPJr8DP5lII
k0ls2u50attIGL7nOWnFCsVz4PE4f7wev7llmsvn+/m83vD7/mZYThuW04bltGE5bZg538Kcb/l/
OO9oWF4bltfWyGuPzZ93dAPTvtH3v+Pco1tktZ/JasOy2vDOc4+G00O+rxxW4T6vXe0xa2035x4N
y26PyW6PyW6PyW6P7XLu0S1s/lYZ7rHdnHs03MAl5LjNctxww4nhoZ3nHw03cAJ5bvh55x99wWuX
hFtkumGZblimG5bpHpXpHpXphmvnINVdknhV4tjE3tg35Nlwng3n2XCeDefZcJ4ND7HhITY8xIaH
2PBQ4ujEIYljcFLIseIcK86x4hwrzrHiHCvOseIcK86x4hwrzsmMjTJjo8zYyIR7mXAvE+5lwr1M
uJcJ9zLhXibcy4R7mXAvE+6VL/+VDV/Mhi9mwxez4YvZ8MXy5WL5crF8uVi+XCxfLk5ckFiUuBAX
4WJcgkvxPXwfl6EVV8o8V2EZ2nE1rsHuzws4jkkfx6QLTLrApAtMusCkC0y6wKQLTLrApAtMusCk
C0y6wKQLjPk6xnwdY76OMY8w5hHGPMKYRxjzCGMeYcwjjHmEMY8w5hHGXLsa06Uv8KlUjWy5kS03
suVGttzIrmJ2FbOrmF3F7CpmVzG7itlVzK5idhWzq5hdxewqZlcxu4rZVcyuYnYVs6uYXcXsKmZX
MbuK2VXMrmJ2FTOmXsbUy5h6GVMvY+plTF2MqYsxdTGmLsbUJYEev+eXwtel0OP3PDV8nUHlGFSO
QeUYVI5B5RhUjkHlGFSOQeUYVI5B5RhUjkHlGFQvg+plUL0MqpdB9TKoXgbVy6B6ZfzFMv5iGX8x
U+liKl1Mpat+OLGoPsIaPIJH8Rhi/B5rMYJRjEGCYTYFZlNgNgVmU2A2BWZTYDYFZlNgNgVmU2A2
BWZTYDYjzGaE2YwwmxFmM8JsRpjNCLMZYTaNzKaR2TQuWIhFIWY317GYPIvJs5gci8kvWB8WM5le
JpNnMvkF27x2O2Y99ic8FRazmjyr6WU1vayml9X0sprepDXLbPLMJs9s8swmz2zyzCbPbHqZTS+z
yTObPLPJM5t88kjvd7THj00cwnDyyQ+7/zHHxTgd/4av4d9xRmhMnomzcDZafN23sRTn4FycF/41
+R2cHy5mOhcnL/J+ao3VxEyiK1n7nJ5D8Ta8He/AEaHLFO4yhXtN4V5TODaFe03hLtO3y+QtmLwF
k7dg8hbmzyvZ8elmBVO3YOpeZ+peZ+qOmLq1K3s1mroFU3fE1B0xdUdM3RFTdyS1NLEodQ7O8/yO
800Kpm/B9C2k9IGUPmAKF0zhgik8YgqPmMKF1PUe/7HjDehAJ5b7d27xeFfiONO4YBo3pu5yP+v2
fRjFGMaxDjO+xw3YiE2wtk3fEdN3xPQdMX1rV/261PS9dJdPOWs0da/b+Slnjek9EotMzNjEjE3M
2MSMTczYxIxNzNjEjE3M2MSMTczYxIxNzNjEjE3M2MSMTczYxIxNvy7Tryt9s/f0c6RvRZf7d4ac
yRWbXLHJFZtAXSZQr+kSmxxdiZsT9aGYWIAkUkijAXvhZXg5XoFX4lVhLLE3jg4ziWPmzzuNdPxI
x4908RFdfEoXn9LFp3TxKV18KnF2uFcnz+nkOZ08p5PndPJc4rzwROI7OB/fxf/jf5VK3BM2JLLz
n9sz9dwrvdTJO3WyTR0XruPCdatrZ2KFzTuvAL+5dgX4+m+FYn0zzsCZOAtnowXfxlKcg3NxHm7Q
rTrQiRf7X7gWhkgXyC3YGu61+iOrP7LqcwueDk8sqP2/F7/3pN9t0u82+ar5vQ5PJF/n9utxqNuH
OR4ZcsmjHN/v/jGOx86fI5lLHu/2GSGyiiOrOLKKIyt2xIodsWKnrNip5AXh3uSFuMjrL/b1l+BS
XA6uk5SVk35Hydp/q38v3ocTsOuVaP78X9wunP9/Hzv+q1vtSjM7rjKz47++dc1fi3b62U+2+eur
xUzPXy3mLJw9f9WYZ/8LXfoX7t+G2yEXpeX49CP4b5T5zRfxJX/jQ/c4PDy5x1E4Dh8Pv9vjpPA7
f9UD/EUP2OvH4Xd7deCh8OReBazG7/AwhhFhDR7Bo3gMMX6PtRjBKMYwjnV4HE9gAk+iiEmUMIVp
/AHrw5Mv/0Z4su5+66jNOmqzjtqsozbrqM06arOO2qyjNuuozTpqs47arKNzraNzraPLraPLraNg
HQXrKFhH26yZ2JrZYs1ssWa2WDNbrJkt1sy0NTNtzUxbM9PWTLs1027NtFsz7dZMuzXTbs20WzPt
1ky7NdNuzdxvzdyfeDKRTljhiclEum6PMFm3J+qxAEmkkEYD9sLL8ArsHdbV7YN9sR8WYhFejf3x
GhyA13rtgY5vwEF4Iw7GIXgT3oy34K04NLGw7m14O96Bd+IwvAvvxuE4Au/BkTgK78X78H58AH+P
o3EMPohj8SEchw/jeHwEH8U/4GM4ASfiH/FxfAIn4WR8EqfgU/i0n2Ux/gmfwWfxOXweX8A/YwnO
8bOci/PwHZyP7+ICXIiLcDEuwaW4zNdc5/1/hOvxY9yADnRiOX6Cn+JG/Aw/x024GbfgVnThF7gN
t+MO/BLd6EEv7sdvwPnrfosHEgv3/CK+lDhsz684npo4TD9s0w/b9MM2/bBNP2zTD9v0wzb9sE0/
bNMP2/TDNv2wTT/coh9u0Q+31C8Pk/U/wU9xI36Gn+Mm3IxbcCu68AvcFtbV34478Et0owe9uBN3
4x5ksQL9+BUGsBL3YhC/xhByeCixsL6A1RgO7fpzu/7crj+368/t+nO7/tyuP7frz+36c7v+3K4/
t+vPYcGixMIFr06kF7zG8QC8Fn+H1+H1WB+26N+x/h3076B/b9G/p/Xvaf27Tf9u07/b9O9z9e9p
/btN/27Tv6f17zb9e4v+3aZ/T+vfbfr35fr3Fv27Tf8O+nfQv4P+HfTvbfr3Nn071rdjfXuLvj2t
b0/r29P69nTymrAueW2YTP4wsTDZ4fZyqJekekn6fSf9npN+x8k7He9CH+7GPcjC7zTpd5q81+1B
DCGHVR67D3n8Fg97bA0ecftRPIYYv8da/9YYxj2/Do97rIgptzdjq9vbHLdjFn/CU5jz+NOo4hmE
sC6VSCxM6UUp/SP1WvwdXgf9IaU/pPSHlP6Q0gtSekHKOk9Z46njfM1HYC2nmhLp1FexNLSbVe3m
VLs51W4+tZtP7ebT/eZTe2rGazZgIzYhJNLmU3v6FYmF6VfiVdgb+2Bf7IeFUCPp/aFG0mokrUbS
aiStRtJqJH0g3oCD8EYcjEPwJrwZb8Fb4WdK+5nSfqa0nymt56X1vLSel9bz0npe2s+Z/npYl/4G
vhkm0/+Jb7l9huOZaMFSnINzcZ7XfwdXub0M7V57NfQOs7bdrG03a9vT+kVaLaTVQvpXGHI/h1W4
D6s95m+eHsW4r69d1dTfNf0ENnp+c1jXcHSYbNBrG05w9HtvOMVRr2zQKxuWOP6L45fxFZzq9aeh
Ub875UWdnfnizsqcSZyK0/CvtbN48T/mzXStibrWRF1roq7d7dncLWGNCbvGhF1jwq4xYdf8jf0E
f+vzXMcTD+BBPIQCVuN3eBjDiLAGjyDGi9lPsOOTK3f3iQgbE09hDk+jGjaavhOm74TpO2H6Tpi+
E6bvhOk7YfpOmL4Tpu/Ei94NPhjW1/0aQ8hhFe7Hb5DHb/FAWP+Szsy7IawxUdaYKGtMiAkTYsKE
mDAhJkyICRNiwoSYMCEmXtJu6Id8XwWsxnQYr/8D1mMGG7ARm/DfKGMzKtiCP+L/sqei3u+9/hmE
sNFEWfu8M+HWhzXPng23zfPb8VRYM38m3HPPfvvzGW/PPdPtSK+vnd32YccXPrttJvlN/Ce+heb5
XVRrTZi1JsxaE2atCbPWhFn77Bn3F3m/2i7n2s7m2g7mP+9KXhUmTIOJZ3cgP+L283ccr5/fYTzn
uadRxTMIYeJ5u4KPCOtT78GROArH4kM4ESeF8dSn8Tl8HrXPF97xKRrjqdPw5/0mXwsbU2e4v/s9
J+M7P394PHUBLsGVuAp/2XMyLvePy/3jcv+43D8u92/ceTXUcZm/9pk24/L+uLw/Lu+Py/vj8v74
bvee/OUTS//8SRsbd37Sxsb5XbPfCBPzO2XPC+tl8/Xzu1y7HGtnAj13d+pGj2/C5jAml6/XPSd0
z4nEJ+WKvFyRlyvyckVersjLFXm5Ii9X5OWKvFyRlyvyckUsV8TP7mm5IJTkg5J8UJIPSvJBST4o
yQcl+aAkH5Tkg9Iumbq23yTPB/N8MM8H83wwzwfzfDDPB/N8MM8H83wwzwdre0xKnKvEuUqcq8S5
SpyrxLlKnKvEuUqcq8S5SpyrxJnynCnPmfKcKeZLeb6U50q1fSN5jpSf3zNyfMib5yXzvPZ5xyXz
vPZ5WSXzvLQzb5Z2ufpv7XOqSmZdyawrJY6WF1vkxZY9jg6rZcaWPT7q+L2wdI/vh6Xst3bN8gP3
+mFYvdd1uB7LcXNYutcd6EYv7kIWD4UWubJFrmyRK1vkyha5skWubJErW+TKFrmyRa5skStb5MoW
ubJFrmyRK1vkyha5skWubJErW+TKFrmyRa5skStb5MoWubJFrmyRK1vkyha5suVlV4SlL7sSV2EZ
2nE1rsG1Yanc2bLHWvXRqT461Uen+uhUH53qo1N9dKqPTvXRqT461Uen+rhMfVxmGs+YxjOm8Yxp
PGMaz5jGM6bxBtN4g2m8wTTeYBpvUEt3qqU7X9QOva+E7abydlN5u6m83VTebipvl2tre6Na1WSr
mmxVk61qslVNtqrJVjXZqiZb1WTrzr0RWdM4axpnTeOsaZw1jbMvcW9E1gTPmuBZEzxrgmdfwt6I
rHWSfYl7I7IsIcsSsiwhyxKyLCHLErIsIcsSsiwhyxKyLCG7y96I7G72RpQS41iHx/EEJvDi9kNs
YxVlVlFmFWVWUWYVZT0gfoH9EH/1OX51e4S+uj1RjwVIIoU0GrAXXoZXYO9wW90+2Bf7YSEW4dXY
H6/BAXit1x4YuhlMN4PpZjDdDKabwXQzmG4G081guhlMt3zeJ5/3yed98nmffN4nn/fJ533yeZ98
3ief99V9NUR1zTgDZ+IsnI0WLMU5oYcJ9TChHibUw4R6mFAPE+phQj1MqIcJ9TChHibUU/c9X3OZ
9211bMMPcDmuCA/WXYmrsAztuBrX4Frc6TV3oQ934x5ksQL9+BUGsBL3h1FmNcqsRpnVKLMa1bX2
0bX20Z879edO/blTf+7Unzv15079uVN/7tSfO/XnTv25U3/ufEk7T5eHPrm+T67vk+v75Po+ub5P
ru+T6/vk+j65vk+u75Pr+1hbN2vrZm3drK2btXWztm7W1s3aullbD2vrYW09rK2HtfWwth7W1sPa
elhbD2vrYW09rK2HtfXUrwpR/X24H79BHr/FA3gQD4VRVjfK6kbNoFYzqNUMajWDWs2gVjOo1Qxq
NYNazaBWM6jVDGo1g1pfxL6JLFvMssUsW8yyxSxbzLLFLFvMssUsW8yyxSxbzLLF7IvaN/FEmGGK
M/M7cv/gWMZmbJ3fa9nJEGt75zvNyk6z8jK2OMMWZ9jiDFus7aXvNDs7WeMMa6ztp+9kjjPMcYY5
zjDHGTO100ztNFPvZJAz5mong5xhkDMMcoZBzjDIGQY5wyC3M8jtDHI7g9zOILcnL/C9XIhrQk/y
2tCXvCFEbLEnuTzcllQHyS731QB77Ene4fYv0Y0e9OJOz92FPtyNe5CFGmCaPcl73R7Er712yDGH
VaGbfXazzx722ZN8yHMFPOy5NXjEc496/DHE+D3WhtHkqNeMe34dHvfYE+HBZNH3OeX+Zmx1e5vj
dsziT3gKc97vaVTxDELoTulvqYYQpfbFfliIRah9Ru7+eA0OCD0st4fl9rDcntTrPXYg3oCD8EYc
jEPCg6k34c14C96Kd3r8MLwL78bhOCKMsuRRZjyaOs6//xGc6PYnPHdSyO7cI5FlylmmnN25RyLL
lsu77JGIdu6RyLLn7HP2Rvzls0v/em9E9gX2RrTyr1Z2nWXXWXadZdfZ+c823bE3IvucvRGtPK11
l70RWQae3c3eiNIueyOyOz8LtXXn3ogsQ88y9CxDz+5mb0Trzr0RWdae3WVvROtz9kZkX+TeiOz/
h70RWSkiK0VkpYjs39gbUUpNYRp/wHrsfi/ENoljm8RRljjK/Dfmv/HOvRB/+RzXZ+Y/x7W8cx9E
6y77IEo790FEEkpP+j8cvxG6098Mfen/xLc8dobjmWjBUpyDc3FeGJViRtPn+5qLYf6lzb+0+Zc2
/9JX4Epc5bXL0B5uk3h60v/lsRvCg+mbHG/2vfj7cfRWSWi0tms/rS+k9YW0eZj+leNqWOfpYffX
4FGMYNRj495vHaxtqaknPenxP2Cj99rs/ha3t2JbiBo+gKNDX8Px4cGGExytoYZTHHlDw2fc/iw+
h8/jC16zJIw2/Ivnvoyv4NTQLYF1NzS6zSH2qGPNA6x5gDUPsOYB1jzAmgdY8wrWvII1r2DNK1jz
Crbcz5b72XI/W+5ny/1suZ8t97Plfrbcz5b72XL/C17d8cWdDX5IIouXdjb4bj/BJPFkWJkoYhJT
YZBZDjLLQWY5yCwHmeUgsxxkloPMcpBZDjLLQWb5ALOMmGXELCNmGTHLiFUOscohVjnEKodY5RCr
rLLKKqusssoqq4xYZcQqI1YZscqIVUasMmKVEauMWGXEKiO2GLHFmC3GbDFmizFbjNlizBZjthiz
xZgtxmwxYosRW4zYYsQWI7YYscWILUZsMWKLNRuM2WDMBmM2GLPBmA3GbDBmgzEbjNlgzAZjNhgz
wajuujBc9yNcjx/jBnSgE8vxE/wUN+Jn+Dluws24BbeiC7/Abbgdd+CX6EYPenEnExwM99b9GkPI
YRXuDyvZ4kq2uJItrmSLK/f8Utiwp5pif/3sr5/99bO/fvbXz/762V8/++tnf/3sr5/99bO/fvbX
z/4i9hexv4j9RewvYn8R+4vYX8T+IvYXsb+I/UXsL2Z/MfuL2V/M/mL2F7O/mP3F7C9mfzH7i9lf
zP5i9hezv5j9xewvZn8x+4vZX8z+YvY3yv5G2d8o+xtlf6Psb5T9jbK/Ufa3kv2tZH8rX+LZy4Ms
bZClDbK0QZY2yNIGWdogSxtkaUMsbYilDS1YFIYXvDqsZGsDbG2ArfWztQG2NsDWBljaADMbYGYD
zGyAmQ0wsgFGNsDGBtjYABsbYGMDDGyAfQ2wrwH2NcC+BtjXAPsa2O0VCa8JMeuqGVecVEdJdcS6
asYVMa6YcY0yrlHGNcq4RhnXKOOKGFfEuCLGFTGuiHFFjCtmXDHjihhXzbYithWxrZhtxWwrZlsx
2xplW6NsK2JbEduK2VbMtmK2FbOt2vk/K5Njvpdxz6/D4x6bctwM651hRQwrYlgRw4oYVsywYoYV
M6yYYcUMq2ZQMYOKGVTMoGrnEw2n3oa34x14J/s5DO/Cu3E4jggrWdLK1JHh3tRR+KDXHev4IY8d
5z0/ghPnP4Vld2f5RgxpdJezfFemvorTwyBLGmRJQyypypKqLKm684zfQWY0yIwGmdEgMxp83hm/
F3rtX5/1O8h0ap9fUZ0/8/dHjs8/+3co1ZU4ZOfZv0N/4+zf530aU2rG97wBG7EJ+i9bGGQLg2xh
kC0MsoUH2MIDbCFiCxFLGGIJVZZQZQnVVAgrWULEEoaYQTV9UBhOvxEH4xC8CW/GW/BW+Nuk/W3S
/jZpf5v0O3EY3oV343Acgf9pGn89xMwiZhYRs4iYRcwsImYRMYuIWUTMImIWEbNYySxWMotRZjHK
LEaZxSiTiJhExCJi9jDKGFYyhn7GEDGGmi1E6SH/Xg6rsNr9h+dNIWIKMVOImULMFGKWMMoSVqY3
hXuZQswORtlB7Up/UcOJYZgZ1K7wF7GAlSwgYgERC4hYQMwCYhYQsYDRPa9M1IcliQVIIoU0GrAX
XoaX4xV4JV4VPpPYG/uGLHPIMocsc8gyhyxzyO7WHI4OHYljcJLpeDI+iVPwKXwai/FP+Aw+jyV4
oWuTPPf60BeEkxMX4iJcjEtwKb6H7+MytOIKVnNlOJ19nM4+Tmcfp7OP09nH6YlrPfe/8SNcj//C
j3EDOtCJ5fgJfoob8bOQYSwZxpJhLBnGkkl0efw23I478Et0owe9uBN3oQ93455wSSKLFW7341cY
wErci19jCKtwH+7Hb5DHb0MzK2pmRc2sqJkVNbOiZlbUzIqaWVEzK2pmRc2sqDnxqK95DLHbv3dc
ixGMYiwsY0vL2NIytrSMLS1jS8ues3cux5ZybCnHlnJsKceWcmwpx5ZybCnHlnJsKceWhtjSAFsa
YEsDbGmALQ0kZsNPGFPMmGLGFDOmmDHFjKmbMXUzpm7G1M2YMowpw5gyjCnDmDKMKcOYMowpw5gy
jCnDmDJ1e4fT6vbBvtgPC7EIr8b+eA0OwGu99sDQyKwamVUjs2pkVo3MqpFZNTKrRmbVyKwa6w4N
q+rehrfjHXgnDsO78G4cjiPwHhyJo/BevA/vxwfw9zgax+CDOBYfwnH4MI7HR/BR/AM+hhNwIv4R
H8cncBJOxidxCj6FT/tZFuOf8Bl8Fp/D5/EF/DOW4Mthsu6roaOuGWfgTJyFs9GCpTgnNLHDJnbY
xA6b2GETO2xih03ssIkdNrHDJnbYxA6b6r7nay7z3q2ObfgBLscV4fy6K3EVlqEdV+MaXIvrQoFR
FhhlgVEWGGWBURYYZYFRFhhlgVEWGGWBURYYZYFRFhhlgVEWGGWBURYYZYFRFhhlgVEWGGWBURYY
ZYFRFhhlR91d6MPduAdZrEA/foUBrMTuzPO+0MU+V7DPFexzBftcwT5X1D0Yrq97CAWsDtfv+aXE
oj1PTSyq/1ZYUt+MM3AmzsLZaMG3sRTn4Fych+8zsMvQijb8AJfjClyJq7AM7bga12B5yLDXDHvN
sNcMe82w1wx7zbDXDHvNsNcMe82w1wx7bWSvjey1kb02stdG9trIXhvZa2P9XWGyvg93hyYW28Ri
m1hsE4ttYrFNLLaJxTax2CYW28Rim1hsE4ttYrEdLLaDxXaw2A4W28FiO1hsB4vtYLErWOwKFrui
fjicXB9hDR7Bo3gMMX6PtRjBKMYwHgbq1+FxMNP6CTyJIibBVOunMB2a2XEzO25mx83suJkdN7Pj
ZnbczI6b2XEzO25mx83suJkd59hxjh3n2HGOHefYcY4d59hxjh3H7DhmxzE7Luzc27dqwQF4Lf4O
r8Pr8UTIsuYsax5izVnWnGXN2V2u/72EQWeTZmbSzEyamWw6y6azbDrLprM7rwG+JPl6HOz+Idhx
DfAlDDvLsLMMO8uws8mjPLbjGuBLkseGDsadTR7v9sccF+N0/Bu+hn/H7q4J8/zrgDex8Ezyh2FV
8gbv2eH+8nAaIy8w8kLypnA9K88kuzynpph5EzPvYOYdzLyDmXcw8w5mnmHmGWaeYeYZZp5h5hlm
3sTMm5ID3ude9wfxa68fcsxhVWhk6I0MvYmhNzH0DobekbS2WHqGpWdYeiNLb2LpTSy9iaU3sfQV
yVGvG/M9jnvNOjzu8SfC+ckJX1v0M0x5bDO2ur3NcTtm8Sc8hTnv+zSqeAYhNKYSYRV7z6QaQkdq
X+yHhViEV2N/vAYHhCZ238Tum9h9U+r1HjsQb8BBeCMOxiHh/NSb8Ga8BW/FoaEgCRQkgYIkUJAE
OiSBDkmgQxLokAQ6JIEVksCKZ5PAe0NX6n34oNfvSAQrJIKMRJBJnRCulwpWpD7h604KzalPhgHp
oFk6aJYOmlNfcN8skBAGUl/Ev+DLXvsVx1M9fxr+sicwJy3kpIVYWuiWFrqlhe7Uf3jt/8I3cYbX
n+k1Z+FstODbWBpOTp2D8zz/Hf/edx0vwIW+/iJfd4nblzp+D98HJ0txslSb2z/AlZ6/CsvcbsfV
3vMaXOvreVnqh7jO8z9y/3pfx88kj2bJo1nyaJY8miWPOMXLUjfhZtzidbc6doVLpJHmFC+TSOLU
XR7nXyn+lboHWc/xrxT/SvGvFP9K8a8U/0oNgoOlOFgqBx4mzTSneFiKh6V4WOq3eAAPooDV+B0e
xjAirMEj4GApDpaKwcFSHCzFwaSjZumoWTpqlo6aU/pfSv9L6X8p/S+l/6X0P6lpmdS0TGpaJjUt
k5qW7WbPZE5qyklNOakpJzXlpKYhqWlIahqQmgZSPCz1J/Aw6albeuqWnrpTz3huxx7KAQkqTu8R
Tk6n3E6jIXSnX+74irAq/Uq8CntjH+yL/bAQi7A/9M603pnWO9N6Z1rvTOud6QPxBhzk33kjDsYh
eBPejLfgrbBWJLOCZFaQzAqSWUEyK0hmBcmsIJkVJLOCZNYhmTWl/8PxG6FROstIZxnprEk6y0hn
mfRZ4fr02WhxeynOwbk4L6yQ0lZIaR1SWoeU1iGldaQ5TZrTpK/AlbjKa5ehPZwmuTWl/8tjN4Tz
0zf6OW5y+2a/J/WWvhVd3u8X/q3bcDvuwJ3SqP4o4WXSfCS9InRJehlJryDpFSS9Qvo+77XaY3pf
ethr1uARX/uo4whGPT7u314H/U4CbEpPevwP2OjfrKXA//b6MjZ7bovHt2Jb6JAMOyTDTAMXbTg+
nC8hZiTEQoO+ISVmGjilpJhp+Iz7n8Xn8Hl8wWuXhBUNXwxdDV8K10uRGSkyI0VmpMhGKbJRisw0
1ByztlugIkVWpMiKFFmRIitSZEWKrEiRFSmyIkVWpMiK9FiSHkvSY0l6LEmPJemxJD1OSY9T0uOU
9DglPU5JjZNS46TUOCk1TkqNk1LjpNQ4KTVOSo2TUuOk1DiZ+FbYmmjGGTgTZ6El/DHxbSzFOTgX
L7yXMpLqIqkukuoiqS5K3JM4NJHFi70SZO0KkE+GzRLUZglqswQ1JUFNSVBTEtSUBDUlQU1JUFMS
1JQENSVBTUlQUzs/cWhCgpqQoCYkqAkJakJ6mpCeJqSnCelpQnqakJbK0lJZWipLS2VpqSwtlaWl
srRUlpbK0lJZWipLSxukpQ3S0gZpaYO0tEFa2iAtbZCWNkhLG6SlDdJSWVoqSUslaakkLZWkpZK0
VJKWStJSSVoqSUslaaQsjZSlkbI0UpZGytJIWRopSyNlaaQsjZQljaKkUZQ0ipJGUdIoShpFSaMo
aRQljaKkUZQ0ipJGUcooM/SYoccMPWboMUOP2fkYOx9j52PsfIydj7Hxg9j4QWy8wsYrbLzCxits
vMLGK2y8wsYrbLzCxitsvMLGK2x8ko1PsvFJNj7JxifZ+CQbn2Tjk2x8ko1PsvFJNj7Jxifrbwh/
rO9AJ5aHMjMvM/MyMy8z8zIzLzPzMjMvM/MyMy8z8zIzLzPzEjMvMfMSMy8x8xIzLzHzEjMvMfIi
Iy8y8iIjLzLyIiMvMvIiIy8y8iIjLzLyIiMvMvIi4x5j3GOMe+wlXhVxihlPMeMpZjzFjKeY8RQz
nmLGU8x4ghlPMOMJVryZ/ZbYb4n9TrLf0oL14Y8MuMSASwueCn9kvxX2W2K/FfZbYb4l5ltiviXm
W2K9FdZbYb0l1ltivBXGW2K8JcZbYryl5JHe56j5qyBW2G4p+WH3j3f7Y24vxun4N3wN/47zw9bk
d3GR110Tisy2zGiLjHYDiy0z2DKDLbLVMlsts9UyWy2z1TJbLbPVIlstMtUyUy2z1DJLLbPUEkst
sdQiSy0y0zIzLTPTEjMtMtMiMy0y0yIzHWOkZUZaZqRFJrqBiZaZaDlZuy7UNsftmMWf8BTmvM/T
qOIZhFBioWWWWWSZRZZZZJlFVjjGCsdYYcwKa/tPYyY4xgTLTLDMAsfmrzi469UG/xlLwsQuVxbc
zPQ2M70ppjfF9CZ2XkFwitFNMbopRjfF6KZ2XjkwevbKgbUrBv75qoBXe/4a1K4A+Pyr/k2kuhKH
zl/h73a3a1fzq12h77lX1JvxfWzARmyC3sdapljLFGuZYi1Tu3zCzARrmWArE+xkMzuZYCcTpn7R
xC+Z+GUTv2ziF038solfNunLJn3ZpC+b9GWTfsykHzPJyyZ52STfYJIXTesx03nSdC6bzmVTuWwK
l03hsolbNnGLJm7RxC2auEWTdsykjU3YoolaNknLJmjZ9CyblGMmZNmELJuQZROyZEKWTMhyorfu
0DBX9za8He/AO3EY3oV343AcgffgSByF9+J9eD8+gL/H0TgGH8Sx+BCOw4dxPD6Cj+If8DGcgBPx
j/g4PoGTcDI+iVPwKVwXKnU/wvX4MW5ABzqxHD/BT3Ejfoaf4ybcjFtwK7rwC9yG23EHfolu9KAX
VpeOXtbRyzp6WUcv190XHtbVN+nqm3T1Tbr6Jl19U92DYbruIRSwOkzv+cUwsedXdKKHwiYdb5OO
t0lWr8jpc3L6nJw+J6fPyelzcvqcbDsnz1bk2Yo8Oy2LTsuX01bqJvmxIi9Oy31zcllFLqvIZRW5
rGK1bbLaNlltZautLIM9LIM9LINVrLyylbdJ9qpdJW8TH57jw3N8eI4Pz/HhOT48x4fn+PAcH57j
w3N8eI4Pz/HhOT48x4fn+PAcH57jw3N8uMKHK3y4wocrfLjChyt8uMKHK3y4wocrfLjChyt8uMKH
K3y4wocrfLjChytcd5rrTqv4TSp+E0edU+WbOOk0J53mpNOctHYlvof5Z4V/VvhnhX/O8c1pFb5J
hZe55DSXnOaMc1yxwhHnVPgmLvgwF5xOrFLRVRVdVdFVFV1V0VUVXVXRVRVdVdFVFV1V0VUVXVXR
VRVdVdFVFV1V0VUVXVXRVRVdVdFVFV1V0VUVXVXRVRVdVdFVFV1V0VUVXVXRVRVdVdFVFV1V0VUV
XVXRVRVdVdFVFV2tuyJsq7sSV2EZ2nE1rsG185/6N6viZ1X8rIqfVfGzKn5Wxc+q+FkVP6viZ1X8
rIqfVfGzKn5Wxc+q+FkVP6viZ1X8rIqfVfGzKn5Wxc+q+FkVP6viZ1X8NhW/TcVvU/HbVHxtV/eI
it+q4req+K0qfquK36riSyq+pOJLKr6k4h9S8Q+p+K0qfquK36riZ1V8VcVXVXxVxVdVfFXFV1V8
VcXPqvhZFV9S8SUVX1LxW1X8bPKJ+Z3R/4e5e4+PqyDzPz5Jmgs1I4pc5Cb3q1wFFbkvu4qICuqK
AqvIuiQRdnWDgFUwoOJtddete3FXLq2suroNBrAxFuMUpBPaTkgKoZzmRnomTOb0NEk5TTKk1Hr2
ndpVfyv89vL6/fH74/OayUw658w8z/f7fZ4MzEzo+l31R6WV+qNxDI7FcenCN5rNU8I8JcxTwjwl
zFHCHCVUKGHh/6gepoRhSpinhAolzFHCBCXMUcIuSthFCbsoYRcl7KKEXZSwixJ2UcIuSthFCbso
YRcl7KKEXZSwixJ2UcIuSlh4z26eEuYpYZ4S5ilhnhLmKWGeEuYpYZ4S5ilhnhLmKWGeEuYpYZ4S
5ilhnhLmKWGCEiYoYY4S5mxsC9/GtYsa5qhhghomqGGCGiaoYZga5qlhnhrmqWEXNUxQwxw1LPzf
2xPUMEENu2xQFYqYp4hdNqSFb8yao4phqpjI3Fn9o/T56p+n66tzWJPeXZ1HIf1kdR+ecttGl89A
4lVLvOpK+mD1C9iVLqvJpN+oWZSWa+pdNmD/NK45AK/F8TgBp6c/rHkDzsBZuuOctK3mArdflX60
5ur0Tt3y0Zpr0jsbTaKNK9JPNnak6xsfwIOur3Rbp8ufoAvdfn7U5ePuX4t1fu5z2Y8NeCq9u3EA
T8N5Nw66fwjD7hvBqNufReh60f3b0rbGmTRunMWc65X0h40vYIfrL6ZPNO5Mn8guwuI0zu6D12Bf
7J/+MHsAXosD3X+Y2w7HEX4+Ese4fmzalj3O5RnpN7JvTsvZs/AW18/D+emy7AW4BJe5/XJcgQ/g
g7gqfTB7Nf4EH/I7H3Xbda434WOuX+8xHkg/mc2n67Neg+wT6d1Zr0PW65D1OmSfhNplB5zLMEac
xyiexZifN7sMPc4Wj2ezy9rssja77MJm9xndEOqGUDds0g2bdENJNwzohlA3DOiGAd0Q64ZYNzyp
G57UDcO6oU83xLqhTzf06YbtumG7btiuG2Z0w4xuCHRDoBsC3RDrhn7dsF039OmEPh0woANCHRDq
gAHVH1D9kuqXVL6k8qHKh6oeqnqo6qGqb1L1Taq+SdVLqh2qdqjam1R7k2qHqj2g2v2qPaPaM6rd
r9qBageq3a/asWrHqh2r9oxqz6j2jGrPqHag2oFqB6odq/aMas+odqDagWrPqHa/am9X7T7VjlU7
Vu0+1e5T7WHVHlbtYdWOVTtW7Vi1Y9WOVftJ1X5StZ9U7WHVjlX7SdV+UrVj1e5T7QHVDlV6k0qH
Kh2qdKjSoUqHKh2odKDSMyo9o9IzKh2o9IxKxyr9pErHKh2rdKzSceac6u+mG+l/rLojnan+qUqv
wpo0UPVA1WdVvUvFu1S8q3pTOlU9mc7WLMZR6caao9ONNDvW+K9ezRVpl2p10euYinWp2KyKzdLr
WGNOBR51/TG/vwZ5rHP7ev+ugCfxlCp4BioYqOAs3Y7R7ZgKBioYNI55jKLHfc6zr0o3Zh0/ezze
ls5mL02nsu/Eu9Ds5z/HA2lX9nH3O45XLMgufE/eTvnaLl/b5Wu7fG2Xr+3ytV2+tsvXdq/G9V6N
nV6Jm70SN9PBAB0MVBcyr9T7A16BT1QPpkPVQxjGCEYxhiLG0w3Vz7ksoYwYWzGZ3lY95XIa29Il
dLOkOnF9O+yx9FOu3un6L7Erfab6Vy7TdKimCtVYlC6pqXW5OL2t5hUu906X17wKr8Y+2D+9gs6u
oLMrag5Mv19zUHp/zcFuPwRH4EgclV6gYhfUHOv6cTg+vYgeL6o50fWTcHq6ki5X0uXKmjf5+c04
K3245i0uz8Y56Zqac12ehwsc50KXV2WOr/lw5ngZ3S6b22Vzu2xul83tsrldfrXLnnaZ065TdtL1
AF0P6JKdjT/JvLKxC92u59KbGx91/bH0eh1yvQ65ns4H6HxAp+yk9QFaH6D1gcaNfm/QbUMY9rM9
TXfcTOMDuuPmxlK6vLGMLYjT7zduTe+n+zWNz/s5wXbMpBfxgIt4wBoesJIHrGyc97s7/Pxi+jAf
eLjxl34vTb+v2y7IVqfLszVYlD7MGy7KZt3+yvT+rBpk1YBXXMQrLuIVF/GKlbxiJa9YySsezh7q
d1+Hw9x3OI5w+5FQj+zR6RDvuIh3rOEdV+joC7InuO1EvB4n4WScglPTDdnTXJ6ON+BMvBFvwpvT
JfxmSfZc189Pn+E1z2QvdP0P8Ud4K96W3pa92OXbcYn73+Hy0vQTlPMJyvlE9t1+vsxjXI73uP5e
x3sf/tj19+MKt38AH8SVbr9KWlyNP8GHPN6H/c41+AiuxZ/io373Ovc3odnxW9z2Mbf9uet5fvZ4
ej2F7uRnA/xsgJ8N8LMBfjbAz1ZmB73Gwy5HvEajeBZjft7sMvQ4486b1nhbmbct4W1LeNsS3rYk
szcf6+RjnXzsEenSLl3a+dIjfOkRfvQIz+nkOZ08p5PnPMJrOnlNZ3bhv9ht4gGTPGCSBwQ8INiT
gUU+EHDEIkcs0vIYLY/R7BSNjtHhEB0O0eEQvT1Pb8/T2TCdDdPXMH0N09cwLUU0NMQ1izQR0ETA
PYucs/ibrMulk3vyLqCDgAYCGghoINiTcYHeX3DGSb0fcMei/p/U65H+Htbfw/o70t/D+ntYb0d6
+Xn9O6xfh/XrsH4d1q/D+nVYvw7r0WE9OqxHh/XosB59Xn8O689Ifw7pz+f12pheG9NnU/psSi9N
6ZsxfTOmR8b0yJgeGdMTU+o/pt5j3Lio3oE6B+ocqHOgzoE6B+o8rMbDajysxsNqPKzGw2o8rMZj
6jqmrmPqOqauY5m/VJFeFelVkS0qMqEivSoyoSITKjKkIguuOsJVR1SmaCoJVGfIVBKYSgJVClUp
VKVQdUZUZ0R1+lSnT3X6uN6ICuVVKFShCRXqVaFeFZpQoQkV2qJCW1Rni+r0qk6v6vSqTq/q9KrO
FtXpVZ1elelVmQlVyavKiKqMqEpeVfpUpU9V8hxnhOOMcJcR1RlRnRHVGVGdEdXpU50+1enjJiMq
NKJCIyrUp0J9qjOiOnnVCU0egeoMqc6QySMweQSqVFSloioVVWlIlRaUPKRKQ6o0RMUjVDxCxSMq
VlSxIYododgRlRsyeQSqN6F6varXq3q9qterer2q16t6farXp3ojqjeieiOq16d6I6q3oMwRFRxS
wSEVHFLBocwRlJmjzJwK3qdSK1RqhUr1q9QqVVqlSqu8yvd5le/zKt9HqTlKzVFqzqt7H6XmKDXn
Ga/yTFd5pqs8037PtN8z7fesVnhWKzyrFZ5Vv2e0wjNa4dmsou6cs1qRGTEN9JkG+kwDfaaBPtNA
n2mgzzTQZxroMw1cywWu5wLX67lRPTdqElik30ZNAjeZBMomgbJJoGwSKJsEyiaBsingKVNA2RRQ
NgWUTQFlU0DZFLDcFFA2BZT1aac+7TQFlE0BC+lflv5lyV+W/GXJX5b8ZX3bKfnLkn+55C9L/m7J
3y35uyV/t16+Ry/fo5fvkfyh5O+V/N2Sv1vyd0v+bk50Iye6UfJ3S/5uPb9Uzy+V/N2Sv1vvj+v9
cb0/Lvm7JX83DTwn+bslfzctTEr+bsnfTRP3SP5uid8n8fskfp/E75P4ffUL74EuS/skfp/E76Ob
UboZlfSLJP0ijna9lF8k5a+V8tdK+WvpZ5R+RulnlH5G6WdUwi+in1H6GeVu19PQKGe7XrJ3S/Zu
yd4t2UPJ3ktXk5K9W7J3S/ZuGltKY0tpbJLGxmlsXLKHdDZJZ8/R2XOSvVuyh9zwRsneLdm7ae85
2lsq2UPJ3ivZuyV7Ny0upcWltLiUFsdpcZwWx2nxOckeSvaQJpfS5FKaHKfJca55o2Qv0+ZS2pyk
zXs4542SvSzZy5K9LNnLkr0s1Z+S6mWpXpbqZaleluplqV6m5U5a7pTkZUleluJlKb5cipeleFmC
lyX4TRL8Jgl+kwQv03gnjXdK76ek91PSuyy9F3bLTprvpPlO6f2UtC5L67K0LtN8p3ReLp3LNN8p
nZfT+6h0vpbmR2l+lOZHaX6U5kdpflwy99L9ON0vpfuldL+U7sfpfindd0rmm+i+k+476b6T7jsz
h+vQ7bpxUjdO6ro5XTen6+Z02LiEflpCP62y21V1XAXHVXBOBedUcLsKjqvadlWbVKXtqjGnGnOq
MacS21ViuwrMqcCcCkx65ce96pPOds6Zzjm7ud3f2zHnKHOZg53LDufQ7xz6nUO/jp927zXuvcY5
7HDsfsfud+wdOmda50w7/g6dMu34Oxy/3/H7Hb9fN0w7hx3OYYdz6HcO/Y7b77j9jtu/+5lPeOZj
nvmYo8466qyjznrmC0ctO2rZURdyYtozn3b0WUefdfQJz3zhyBOe+ZgjTzjyrCPPOvKso0446oSj
zjrqrGc+5plPe+ZjzmDWGcw6g9nMgf8p9TZzgM2OPrs75bY50ky6mXI2O/qsI85Sw2bdv1n3b9b9
m3X5Zl2+WVdvdoTZ3Ykz4voonsXmdHOm3nMMPMfAZnCozeBQ5xw4p8D5BJmH/ofv+26pejX2wWuw
L/bD/jgAr8WB+PX7vknVYTgcR+BIHIWjcQyOxXH477/vO1XVhttxBz6Hz+MLuBNfxJfwZXwFX0uf
/1+8r5os6sADeBAP4cdYiU78NJ1atAoP42foxs+Rw2o8gkfxCzyGNelU3T/i1+8jTtXdl275nfcR
p/4v7yNO1Xncl3gfManrwTr3rcdv30dM6p7xc4BNGMRv30OcqnvOcX/7HuKWl3kPMan7JXbhV0jT
ZM97iFP1B+FgHII97xU2/EU61dCaJr/zvtnUy75v9tv3y7Y0/IPfe/n3yaYaxuCcG0Ik6dTvvT/2
f743luz1ESy8N3Zw9Y3ptupPptte8XZcgnfgUrwT78K7cRkux3vwXrwPf4z34wp8AB/ElbgKV+NP
8CF8GNfgI+m2qnPoJqGbhG4SuknoJqGbhG4SuknoJqGbhG6S/4FuErqJ6Caim4huIrqJ6Caim4hu
IrqJ6CaqOj6zd9UJOBGvx0k4GafgVJyG0/EGnIEz8Ua8CW/GWXgLzsY5OBfn4XxcgAvxB7gIf4g/
wlvxNlyMt+MSvAOX4p14F96Ny3C55/IevBfvwx/j/bgCH8AHcSU+izbcjjvwOXweX8Cd+CK+hC/j
K/ga/jbdaUrcaUrcaUrcaUrcaUrcaUrcaUrcWfVoprHqF3gMa5DH485pLdZhPQr4vU/EzRxZc3Xm
I1zyyJprMh/hHwn/SPhHwj8S/pHwj4R/JPwj4R8J/0j4R8I/Ev4R8Y+If0T8I+IfEf+I+EfEPyL+
kfCPhH8k/CPhHwn/SPhHwj8S/pHwj4R/JPwj4R/Joicyey/qQ39m79rX4kAchINxCA7N7M1jEh6T
1P2z68tdLvjMwqfYOj9ek/CahNckvCbhNQmvSXhNwmsSXpPwmmT3J946Pr9J+E3CbxJ+E/GbiN8k
/CbZ/Ym4T7p8Ghvd/ozLAJswiCHHf9blGDYjTHcufILuHv9J+E+yx38S/pPwn4T/JPwn4T8R/4n4
T1S38AmS6cK7qpm9eVDCgxIelPCghAclptydptydptydptydptyd9Xq9Xq/Xn5FprD8T50Ev86uE
XyW7P71X3zZk8UrsjVfh1dgHr8G+2A8HwGvd4LVu8Fo3eK0bvNYNXuuG1+Ew/AXva00j/pfwv4T/
Jfwv4X/Jbz7R9zOu3wY9zgeThtv9uzvwTdf/Dr/2w8SEvrPhe25vx3/+5F/14pUJr0waetzf71IN
dn8a8Mjuz8tKeGbCMxOemTRM+Z3pTON/fFIwD014aLIXjdsCdvLShJcme9EoP01sBTv3utL1q9MK
b014a8JbE94a8dZor4Vv8JrldhG3i7hdxO0ibhdxu4jbRdwu4nYRt4u4XcTtYm4Xc7uY28XcLuZ2
MbeLuV3M7WJuF3O7iNtNc7tpbjfN7aa53TS3m+Z209xumttNc7tpbhJxk4ibRNwk4iYRN4m4ScRN
Im4ScZOIm8TcJOYmMTeJuUnMTWJuEnOTmJvE3CTmJjE3iblJVPXtdK7qLtyNe7EMy/Ed3Id/wXfx
PXwf/4of4If4N6xAO+7Hj9CBB/AgHsKPsRI96Yscpp7DnMVh6jnMWRwm4jARh4k4TMRhIg4TcZiI
w0QcJuIwEYeJOEzEYaY5zDSHmeYw0xxmmsNMc5hpDjPNYWIOE3OYmMPEHCbmMDGHiTlMzGFiDhNz
mJjDxBwmrt1v92eYxBwk4h4x94jrPOc6z5mDRBwk4iAxB4k4SMRBIg4ScZCIg0QcJOYgMfeIuEfE
PSLuEXGPae4xzT1i7hFzjohzRJxjmnPEnCPmHDHniOtGHetZ941hs5+fQ9n1BHOuV1y+gHnswIsw
/XOMaY4xzTGmOcY0t4i4RcwtYm4Rc4u4/vh0rv4EnIjX443pi/VvwrmuX+D3L6Liw9O5BptKg02l
4SgcjWNwLI6Dx2jwGA0eo8FjNJyEk3EKTsVpsD1xhZgrTHOFiCtEXCHmChFXiLhBxA0ibhBxg4gL
RFwg4gILn4AXU3pE6Qv/TcWL1B41PObx1iCPfj97/Sg+oviY4mOKjyl+4ZPxYgqPKDva6+J0jroj
yl74VsQXKTqi6IiiI4qepuhpio5sXXs+I7zqYNou0HaBtgu0XaDtAm0XaLtA2wXaLtB2gbYLtJ2n
7Txt52k7T9t52s7Tdp6287Sdp+08bRdou4e2e2i7h7Z7aLuHtntou4e2e2i7h7Z7aLtA2wXaLtB2
gbYLtF2g7QJtF2i7QNsF2s7Tdp6287Sdp+08bedpO0/bedrO03aetvO0naftgklhm0lhm0lhm0lh
m0lhm0lhm0lhm0lhG+1XaL9C+xXar9B+hfYrtF+h/QrtV2i/QvsV2q/QfoX2K7Rfof0K7Vdov0L7
Fdqv0H6F9iu0X6H9Cu1XaL9StfAZzvelBVov0HqB1gu0XqD1Aq0XaL1A6wVaL9B6gdYLtN5D6z20
3kPrPbTeQ+s9tN5D6z20nqf1PK3naT1P63laz9N6ntbztJ6n9Tyt52k9T+v5RXnn0YPHsRbrsB4F
9KZjtfvt/n968rygwAvyvCDPCyq8YGGaKPCCAi/I1z2QjtU9iIfwY6zc/bnKBf5Q4A8F/lDgDwX+
UOAPef6Q5w8F/lDgDwX+UOAPPfyhhz/k+UO+7gmP0bf785ULfKLAJ3r4RJ5P5PlEnk/k+USFTxT4
RIFP5E0Y23hFnlcUeEWBV+R5RYFXFHhFgVcUeEWBV/Twih5e0cMrenhFD68o8Io8r8jzijyvyJss
tpkstpkstpkstpkstvGPCv+o8I8K/6jUn5SO1Z+MU3AqTsO5br/A412ED6Vj/KTCTyr8pMJPKvyk
wk8q/KTCTyr8pMJPKvykwk8q/KTCTyr8pMJPKvykwk8WPo9mjKfkeUoPTynwlAJPyfOUAk8p8JQC
TynwlAJPKTR8zu9/CV/HX+Obbvs7/L1/8w9Ylm5r+IHb1YjXFPhMgc9U+EyFz1T4TIHPFPhMgc/k
+Uyez+T5TL5hi3+XpPm9ztr9eccF08Q2nlPgOQvfxVTgOQXTxDaeU+A5BZ5T4Dk9PKeH5xT2akrH
MmdUPZq+UPULPIY1yKMn3Vj1ODWuxTqsRwG96Vbz+Vbz+Vbz+dZFT6TbFvWhX9V/kG41s241k26t
G/JzMd1af7pqvQFnpC/Un4k3phs5/cb681w/3+1v8zsXewWWpFvNZ1sbbnf9DrTjfj//CB14AD9L
N5qxtjZMuW86fcE8tdU8tXUvmyFn3Whe2po5zKax2Kax2Kax2Kax2Kax2KaRtWlkbRpZm0bWppGV
+wdy3Evl/oLrXmqqz5rqs6b6rKk5a3rNml6zptfFptfFptfFptesiTVrasyaGrOmw6zpLmu6W2xi
y+7+r0HTqhNwIl6Pk3AyTsGpOA2n4w04A2fijXgT3oyz8BacjXNwLs7D+bgAF+IPcBH+EH+Et+Jt
uBhvxyV4By7FO/EuvBuX4dumq7twN+7FMizHd2Dy4a4Rd424a8RdI+4acdeIu0bcNeKuEXeNuGvE
XSPuGnHXiLtG3DXirhF3jfTUrJ6a1VOzempWT83qqS16KtRToZ4K9VSop0I9leipRE8leiqpuSqd
qPlwOqG3Qr0V6q2QC0a1r03T2gNxEA7GITg0Tev+Gc6bI0Z6cGFvWtiL7D5pyJ0ifZjUZ9KUa0Rc
I+IaEddY+K7kUG+GenNWb87qzS16cwvniPTnrP4M9WeiP8OGbJo2vBJ741V4NfbBa7Av9sMBcI4N
zrHBOTY4xwbn2OAcG16Hw3C4aeEIHImjcDSOwbE4Ds6RC0VcKOJCEReKuFDEhSIuFHGhiAtF9JLQ
i/3Fud2B73nsdpd2S5pJaCahmYRmtnCTiJtE3CRq6PF7G3d/V3NIQ7M0lNCQXSRNuUa0lx6hp5Ce
ttBTkllcvSSdqv50OvWKa/Gn+Cj+DNehCc1oSacyz5laAlNLYGoJTC2BqSUwtQSmlsDUEphaAlNL
YGoJTC0bTC0bTC0bTC0bTC0bTC0bTC0bTC0bTC0bTC0bTC2BqSUwtQSmlsDUEphaAlNLYGoJTC2B
qSUwtQSmlsDUEphaAlNLYGoJTC2BqSUwtQSmlsDUEvwvPjcpMLXMmFpmTC0zppYZU8uMqWXG1DJj
apkxTUxyk6M4yVGmisBUEZgqAlNFYKoITBWBqSIwVQSmisBUEZgqAlNFYKoITBWBqSIwVQSmisBU
EZgqAlNF8L/8TKJJU8WkqWLSVDFpqpg0VUyaKiZNFf/xWT3B7s/quS/dYJIITBLBns/pmTRJTJok
Jk0SkyaJSZNEYJIITBKBSSIwSQQmieB3PqcnMEkEJonAJBGYJAKTRPA7n9MzaZKYNEkEJonAJBH8
3uf0POu2MSx8Pk+YzpgiNpgiAlNEYIrYYIoITBGBKSIwRQSmiMAUEZgiAlNEYIoITBGBKSL4vc/q
OSqdMUXMmCJmTBEzpogZU8OkqWHS1DBpapg0NUyaGAITQ2BimJT0k3s+GyaQ9IGkD/Z8Nkwg6QNJ
H0j6QNIHkj6Q9JOSflLST0r6SUkfSPpA0m/Y/bkwy9IZSb/wKXKBpA8kfSDdA+keSPfgJT4HZnLP
579MSvdAus9I90CyB5I9kOwzkj2Q7IFkDyR7INkDyR5I9snMvf/f/0Xy27L5LtyNe7EMy/Ed3Id/
wXfxPXwf/4of4If4N6xAO+7Hj9CBB/AgHsKPsRIvPRPUmglqzQS1ZoJaM0GtmWA/Kr7QTLDwGRAX
mglqzQS1ZoLa2v0yi1/2r30Lf+VzrnXO1exQWzdqVlj4S9nxLk/AiXg9Ts/UmilqfzNTnPubuaLW
XFH7/+wvYYdnFjccgSNxFI7GMTgWx8F5NTivBufV4LwaTsLJOAWn4jScjtud0x349V/Cahu8fg1e
vwav3+6/fE25bWH2WfhL1sUuF/6CdWWmdncWhLIglAWhLAhlQSgLQlkQyoJQFoSyIJQFoSwoyoKi
LCjKgqIsKMqCoiwoyoKiLCjKgqIsCGVBLAtiWRDLglgWxLIglgWxLIhlQSwLYlkQyoJQFoSyIJQF
oSwIZUEoC0JZEMqCUBaUZEFJFpRkQUkWlGRBSRaUZEFJFpRkQUkWlGRBSRaE/40sWPgWt4N00EGy
IJQFoSwIZUEoC0JZEMqCUBaEsiCUBaEsCGVBKAtiWRDLglgWxLIglgWxLIhlQSwLSrKgJAtKsqAk
C0qyoCQLSrKgJAtKsqAkC0qyoCQLSrIgkQWJLEhkQSILElmQyIJEFiSyoCQLQllQkgVFWRDKglAW
lGRBIgsSWZDIgkQWLPzdOpQFoSwIZUEoC0JZEMqCkiwoyYJQFoSyIJQFoSyIZUEsC0qyoCQLElmQ
yIJQFoSyIJYFJVlQkgUlWVCSBaEsCGVBaU8WFGVBKAtCWVCUBaEsCGVBKAtCWRDKglgWxLIglgWx
LIhlQSgLSrKgJAtKsqD0MlmQyIJEFiSyIJEFiSwIZUEoCxJZkMiCkiyIZUEoC0JZUJIFoSwIZUEo
C0JZEMqCUBYksiCRBYksSGRBKAtCWVCUBaU9WZDIglAWhLIglAWhLAhlQSgLSrKgJAtKsqAkCxJZ
UJIFC387DvdkQSgLQlkQ7smCUBaEsiCUBbEsiGVBKAuSqqsy+6QDmddgX+yH/XEAjkufyhyPE3Ai
Xo+zM4dkzsGl6frMO/EuvBuX4XK8B+/F+3AFrsSfpVdnrkMTWtK1mY/hetyAP8df4OP4BP4SrbgR
n0xvytyUfitzM27Bp7AEn0kvydyK2/BZtOHlv/Hmpf7v7hMzD8P0kSmgF0+gD/3YgCfxFAbwNDbC
NJIZT2/NPIcS/mfflHt3ZiZdkZnFHCp4ATvSGzIvYid+iV3pDTaxnE0sZxPL2cRyNrGcTSxnE8vZ
xHI2sZxNLGcTy9nEcjaxnE0sZxPL2cRyNrGcTSxnE8vZxHI2sZxNLGcTy9nEcjaxnE0sZ+PqsHF1
2Lg6bFwdNq4OG9YVNVenX7VlXVFzTfrVRX+Vrl/0NXwdf42/wTfwt1iKb+Lv8Pf4B/wjvpWuXfRP
+Gd8G3fhbtyDe7EsvWTRcnwHT6QdNrkOm1zHosh0ugUxtmISU5jGNjwPU8+i7ZjBLP7rb7m9YdGv
kKY31O6bXm1bzNXun95aG6YDtRMop+trt+z+fstLaqfTtbXPu56g4ndfwLzbduDF9JK6+nSgriFd
W7cXFuMVaMSr3P5q0FAdDdUdiaNwrPuOw6mun4bT8Qac4bHOdvt5mUPqzvfzhX5+q8v3oBkt+Biu
xy3p1XWfwhJ8Gp/x727Fbfgs2nB7elPdHfhc+q26z+OLHk+P2HpzNt0Om27Ohpuz4eZsuDkbbs6G
22HD7bDR5myzHTbZjvpLTcOX4/24Ar/+v4lX1F/j+kdwXXprfRN++622N9Tf4vaX+lZbG9Se/5t4
U73tqd7GVL8U38Rvv8V2U/29WAbbRv13cJ/HbM+cWH+/6x2u22zqezCChW/qNQnXm4TrtzqPSUxh
Gi/9zbV318+B1upprZ7O6tP01oZMuqKhKr3Bxp2zceds3Dkbd87GnbNx52zcORt3zsads3HnbNw5
G3fOxp2zceds3Dkbd87GnbNx52zaHTbtDlt2R0Nnut5WnbNV52zVOdt0h+05Z3PuyPxNZlE6l6lF
HerRgL2wGK9AI7J4Jc7OZDltlnvG3DPmnjFHHOOI0xxxmiNOc8Rpjjidse9zxUGuOMgVB7niIFcc
5FYBtwq4VcCBBjhQwIECDhRwoIADBZn5dIILreZCq7nQai60mgutrno0nar6BR7DGuTxeDrOMcY5
xjjHGOcYC//d2eTuz+n98J7P6r0pnVt0M27Bp7AEn8ZncCtuw2fRhtuxLB3kBoPcYJAbjHODcW4w
TrmrKXc15a6m3JhqAyodrJ3b/f1TMXXGVDlY5/Ws85rVec3qDsGhOBlnuO9Ml+fgvEyWygbr/sD1
W+T/p7AEn8bt6Rj1jFHPNPVM133B/HEnvuj3h9JxShmnlPH6M9Kp+jNxHs7388W40j54HZrwsXS1
7l2ta1frzkB3Broz0J2BThzQiQM6MdCJQb3XvH4HvOY6MtCRgY5crZPGddK4ThrXOeMN0+mUzhmv
ntc5rTqnVee06pxWndOqc1p1TqvOadU5rTqnVee0ZvaWm6+CqVmuF+V6Ua4X5XpRrhfl+qBcH5Tr
g3J9UK4PZs5O12XOwaWuvxPvwrtxGS7He/BevA9X4Er8WeagzHVowhdk8J3gPZkv4cv4Cr6Kv8LX
8HXIDVndKqtbZXWrrG6V1a2yujXzLff9E+7C3bgH92IZluM7uA//gu/ie/h++nH5/nH5/nH5/nH5
/vFMu9t/hA48gAfxEH6MlaDRzE/QhZ9ilWx+GD9zvRs/Rw6r8Qh+gceQRw8ex1qsw/q0zQzRZoZo
M0O0mSHazBBtZog2M0SbGaLNDNFmhmgzQ7RlnvFvAmxyfdDlEIYxgtF0TeZZjGEzQhRRTrvMGV3m
jC5zRpc5o8uc0WXO6DJndJkzuswZXeaMLioPXkbl/VS+lcq3UvlWKt9K5Vtf4vtwmm1nzbazZttZ
s+2s2XbWbDtrtp01286abWfNtrNm21mL7azFdtZiO2uxnbXYzlpsZy22sxbbWYvtrMV21mw7a7Kd
NdnOmmxnTbazJttZk+2syXbWZDtrsp012c6abWfNtrNm21mz7azZdtZsO2u2nTXbzpptZ81VTemq
qptxCz6FJfg0PoPb8FnHbcPtuAOfw+fxBdyJL+JL+DK+gq/6N1/zuF93+df4G3wD/9VnXHb6nZ+g
Cz/FKjyMn6EbP0cOq/FoupajruWoaznqWo66tqonzXPVdVx1HVddx1XXcdV1Vb3pXVVPoA/96V17
3pM4Zs97Esdw2VYu28plW7lsK5dt5bKtXLaVy7Zy2VYu28plW7lsqzlu0Bw3aI4bNMcNmuMGzXGD
5rhBc9ygOW7QHDdojhs0xw2a4wZtqM021GYbarMNtdmG2mxDbbahNttQm22ozTbUZhtqsw212Yba
ZENtsqE22VCbbKhNNtQmG2qTDbXJhtpiQ22xobbYUFtsqC021BYbaosNtcWG2mJDbbGhtthQW2yo
LTbUVTbUVTbUVTbUVTbUVTbUVTbUVTbUVRJjncRYJzEWvsPtkkUDeBob8QwCbMIghjCMEYziWbPq
GDYjRBHjeA4lTMB8aC5tM5e2mUvbzKVt5tI2c2mbubTNXNpmLm0zl7aZS9vMpW3m0jZzaZe5tMtc
2mUu7TKXdplLu8ylXebSLum2VbptlW5ba/fNHGQeLZpHi+bRQfNo0RxaNIcWayvueyFzkJRrNX8W
JV2rpGut4/HmzqK5s2juLJo7i9KvVfq1mj+L5s+iFGw1exbNnkWzZ9HsWZSIrRKxte68dJ3ZsygR
W82eRbNn0exZNHsWzZ5Fs2ex7hbH/RSW4NP4x7Sl7ltpc92ydFXdctfvww/Su+r0QV272/RAXYfb
HnD9QTyEH2MlOt33E3Thp1iFh6EH6vRAXc7jPOLnR/ELv/+YyzXIp011PVjnd9bjCff1gSbqnnT/
09jo/mfcF2ATBjHk+Y34vWfdP4bNbvv150XeVfec62W3JZhzveLyBcxjB17ETo/5S+zCr5CmTfW8
sX6vdFX9PngN9sV+2B8H4LXgd/UH4WAcgkPd9jochsNxBI7ES31W5EluPxmn4FT8O233At1EnS9w
/D+TZGaSJuBiReoiK5WAwuKCcr1eHkWtq6viq+sTH0BxYXVRKEReQqEEBd1cr63aSh2VsLESxCk+
oFCVh7QVGBoepRihJRYxQVQkKE/R//229O5y3b17znrOPZ5PJq+2IU3/8/0d004/9JcbqY+N1McG
6mOD/m+yVr8cQzifw/VDeUxX41r5EkWyUb+Bj7lRFurM5bR8IS1fSMsX6ndx+W75aFuxDOf8fbif
+z7AdgS3j8RYWUXXV1EyX/7kGDub9AmYiMncbwr3mYppmI7HwSyuM4vT/YV0/6N0fyHdX9h+jJ1N
9H+hPp/tU2Cm1OkBnR7QmSl1Zkpmg0Jmg0KdWVJnlmRGqGJGqGo/xs4mfQHKuf30MXau12kDZodC
ZodCZodCZodC6utLnSbQFyOKJdzvDbZLmQHe5HaagDr7Ul/B9ez7dfb9+ipUcxv7fp19v86+X2ff
r7Pv19n36+vA/l9n/6/XgAZgHinUaQCdBtBpAH0TbGxGDFuwFduwHQ3YgUaw/9fZ/+txsP/X2f/r
7P+ZbwqZbwqZbwqZbwp11iSdNUlnTdJZk3TWJJ01SU/KGj2F/fgCB8D+n9mnitmnitmnitmniuL8
mOL8+Izi3EJxbqE4v/zJMXY2tdfnl4Yqrzd0Lhs4fYydTcY4ucp4RP7ReJRtgRxjTJRjjUkIcN1k
tlMwVb5kTMN0zs/ATBRiltxIzW40ivjYJ8G+1WDfarBvNdi3Gs+iGCXc9zk8z+d8AS9zXevfWlzM
Nspj4vtovIGlfK43+ToWKrEMy+UnBmuKwZpisO813pO1xgec3wLWB2M71+1AI/fdyXY3mrh+D18n
AdYFowWfc/0X+JqvcVBuML7h/oeQ5rZvuf4IjspV7iswUI5t/5uKY938vLlvZku3uH/P+dtxB+7E
6b+luNE9XNa675Uvue/jPvfjAYyQY9wjkc95WkZtoPDLKfxyCr+cwi+n8Msp/HIKv5zCL6fwyyn8
cgq/nMKfQOFPoPATFH6Cwk9Q+AkKP0HhJyj8PRT+Hgp/D4W/h8LfQ+Evo/CX/UuF/4A8JEZgJEah
9b37ozFJuCn+AMUfoPgDFH+A4g9Q/AGKP0DxByj+AMUfaD8CZpjiD1P8YYo/TPGHKf7wzzwCZpji
D1P8YYo/TPGHf8YRMJdT/Mt/5hEwoxR/lOKPUvxRij9K8Ucp/ijFH6X4oxR/lOKPUvzRM46AGf0H
R8Cso/jrKP46ir+O4q+j+Oso/gTFn6D4ExR/guJPUPwJ0fr7uwfxDQ4hjeOymYpPU/FpKj5Nxaep
eJOKN6l4k4o3qXiTijepeJOKN6l4k4o3qXiTii+h4kuo+BIqvoSKL6HiS6j4Eiq+hIovoeJLqHiT
ii+j4suo+DIqvoyKL6Piy6j4Miq+jIovo+LLqHiTijepeJOKN6l4k4o3qXiTijepeJOKN6l4m4q3
qXibirepeJuKt6l4m4pvfRdhhIqPUPERKj5CxUeo+AgVH6HiI1R8hIqPUPERKj5CxdtUvEnF21S8
TcXbVHzrOwsrqfhKKr6Siq+k4iup+EoqvpKKr6TibSrepuJtKt6m4m0q3qbibSrepuJtKt6m4m1q
PUWtp6j1FLWeotZT1HoVtV5FrVdR61WUeg8qvQeVXk6ll1Pp5VR6OZVeTqWXU+nlVHo5lV5OpZdT
6eVUevnPrHSTSjepdJNKN6l0k0o3qXSTSjepdJNKN6l0k0o3qfQyKr2MSi+j0suo9DIqvYxKL6PS
y6j0CJUeodIjVHqESo9Q6REqPUKlR6j0CJUeodIjVHqESo9Q6TaVblPpNpVuU+k2lW5T6TaVblPp
KSo9RaWnqPQAlR6g0gNUeoBKD1DpASo9QKUHqPQAlR6g0gNUeuBfOMpllEqPUulRKj1KpUep9CiV
HqXSo1R6lEqPUulRKj1KpUep9ASVnqDSE1R6gkpPUOkJKj1BpSeo8gRVnmiv8gRVnqDKE9R4OTWe
oMbLqfFyanwCNZ6gxhPUeIIaT1Dj5dR4OTWeoMYT1Hg5NZ6gxhPUeIIaT1Dj5dR4OTW+jBpPUOPl
1HiCGk9Q4wlqPEGNJ6jxhFYgD2kTMQkBPIZZwq3NRqmMUOYmZd76TtAIZV5CmVdR5iZl3vpOUJMy
j1DmNmVuU+Y2ZW5T5jZlblLmJmVuUuYmZW5S5iZlHqHMI5R5FWVuUuYmZd76jlCTMjcp8zLKvIwy
j1DmEcrcpsxtyryKMjcpc5MyL6PMI5R5hDKPUOYRyjxFmduUuUmZm5R5hDKvpMyrKPMSytykzE3K
vIQyNylzkzI3KXOTMjcp8zLKvIwyL6PMyyjzMsrcpMxtytymzG3K3KbMbcrcpsxtyrz13aMRyjxC
mUco8whlblPmNmVuU+Y2ZW5T5jZlXkmZV1LmlZR5JWVeSZnblLlNmduUuU2Z25R5ijJPUeEpKtyk
wk0qvPVIlykq3KbCo+1HuoxS4VEqPNp+pMvwGUe5tNuPchmlwKMUeIICT1Dfaeo7TX2nf3KEyyj1
naC+E9R3gvpOUN8J6jtAfQeo7yj1Haa+o9R3lPpOtx/hMvqTI1wGqO/AGUe4jFLf0TOOcJmgvhPU
d/qMI1xGqe809R1oP8JllPqOUt9R6jv6k6NbBtqPbrmc8o62Hd1yBdf97yNbRv/FI1tG/x+ObBml
uqNUd5Tqjv6TI1vWUd11VHcd1V1HdddR3QmqO0F1J6juBNWdoLKbqexmCjtNYacp7HTbUSxVGTjj
6JXp9qNX2pR1hLK2KesyytqkrE3KOkJZm5S1SVlXUdatR7E0KWuTsjYpa5OyTlHWKcrapqxtytqm
rG3K2qasbcrapqxtytqkrE3KuoSyjlDWNmVdSVnblHWAsg5Q1gHKOkVZV1HWVZR1FWVd1V7WJmVt
Utat7z42qWqTqjapapuqtqnqKqrapqpb34VsUtURqjpCVUeo6ghVbVPVNlWdoqirKOoqijpCUdsU
tU1R2xS1TVGbFHUlRW1S1DZFbVLUJkVtU9Q2RW1T1K3vWK6kqFPUdBU1bVLTJjVtUtNl1HQZNW1S
07bIUl+U36sL5PcZS/AGluJNWKjEMryFt/EO3sVyrEAVVmIVqvEe3scHWI01WCu/F90cWfK440J5
2NED/eUJx6W4DINk0ntAHvd+w/YIjsoT3mM4znUnuCzlcZ8iD/t8bDvLE75z0QXnc7kbunM+G3xu
X0+Z9F3EtoHLu5GQJ9R7hVP0Ei5o0GHADQ8y4IUPHdBRXCnOQifZwrTQwrTQwrTQwrTQwrTQwrTQ
wrTQwrTQwrTQwrTQIgaKbDEIN8o400KcaSHOtBBnWogzLcSZFuJMC3GmhTjTQpxpIS4elMPFHzAG
f5RN4iE8jD9hHB7BoxiPCSjAREySd4iADInHMBlTMBXTRJaYLq8Qj2MGZqIQQR7XXDyBJzEP8/EU
nsafEUIx/44SPIfn8QJKUYHXsRhRLMEqcamoxs97T8A8sQ+fIyWTlHuSck9S7knKPUm5Jyn3JOWe
pNyTlHuSck+Kw3Kq+FaWiu9wBEdxDMd57CfkMHES3+MUfpDDlHLZoLwEE6/gVSxEGIvwF0TwGirw
OhYjiiV4A0vxJixUYhnewtt4B+9inXxN+RDrUYNafETVb8BGbIKNzaKjUo8YtoiOaj+RrQ7AQBlX
h7LNZXu9vE29EbeJi9R7ZYP6IB6Wd6p/wjg8wmVLeNVK4VFXCr+6CjVyjVoLW3ZXj8oa9Rh+kJMc
F4osRw/0l2v4SVvDT9qa1r+w5gyIXs7HMBlTMBXTMB2PYwZmohCz8LSMU9lxKjtOZcep7DiVHaey
41R2nMqOU9lxKjtOZcep7LizTDY5X8QClOMlmHgZr+BVeYVzIcKop6Jj2ILtItvZgB1oxE58jDg+
wS7sRhOa8fPeA5GkYpNUbJKKTVKxSSo2ScUmqdikk9eO80dIOcyVKYe7zpENrs5yHnXbQt22ULdx
6rbFdUBe4Toom6jcFiq3xXVEZLmOcv9jOM71J3BSXqGx7lC/LZohmzQ3PMiAF6w5GmuOxppDEbdQ
xC0UcQtF3KJ15frzkc35C9GT+/dCX677DZf7oT8uxWV8nQFcP5DbB7EdIrIp5BbtSq6/isu/5fxt
GIs/4iE8jMlyuDYFUzEN0/n4xzEDM1GIWfIObTaKZEibg6DI0ubiCT43P0MaP0PaYtFRWw1e1xRr
mdbMdXtb37cpG/SL0Rt92o51XkYFlumXydf0ARjMdUPY5nDdtdz/OrZ//76KFv0eWXrG+yrm6WMw
Viapv6T+kBzW/r6KJKWXpPSSlF6S0kvqM0S2PhOn31/R8r/eX8G6p7PunfE+iyQVl2x7n4XJ9X//
Xoth+hKuXyoubX+/xTB9BZf/7/dczNO/wtc4CNYyCihJASUpoCQFlNS/k1P1I2At01nLdNYy/QRY
y3Qp5xlClhqKHGaoItu4QDYY3ZGNC9EDfvREL/BcGzzXBs+1wXNt/Bp9cQl+g37oj6miozENs6io
2Yjyufl3GW9gKZff5DYLlViG5TJurOfjalCLxtb3q3K/g/I14xvOH2p9z2rbUTTL3PeKjp4FMu7h
OfSYeEXe5lmIRZxfLRs8a7AO6+Wdnlp8xHkb9SLbE8MWbMU2sBZ4WAs8rAUe1gIPa4GHtcDDWuBh
LfCwFnhYCzysBR7WAs8eJPApWrAXn2EfPkcSKezHFzggsjPWiYsyPsR61KAWdfgIG7ARm2BjM+oR
wxZsxTZsRwN2oBE7Eccn2IXdaEIz9iAhLvIWiGxvhfB6Xxce77tsV8ju3iq8z/nVwu9dx/mNnN/E
7Ta2Ybtc423ADjRy+yfcvgvNXN6DBB+3D0c5fwztf1nSp4istr8k2VmuoZzWUE5r2v5SZHe22WA/
4bsIOXKSbyiux3BZ47sX9+F+Lv+B7RjwmHz1fAyPg7paQ12t8X0hazrcIi7qcCta91vThFOOEy5o
0GHADQ8y4IUPHdBRPiTOwj86rs1AuVoMwo0yTVWlqao0VZWmqtJUVZqqSlNVaaoqTVWlqaq0eFBc
J/6AMZgkLhMBcbZ4DJMxBVMxXfQRj2MGZqIQQTlBzMUTeBLzMB9P4Wn8GSEUy0YqqZFKaqSSGqmk
RiqpkUpqppKaqaRmKqmZSmoWq+Rrohqb+LfY2Ix6xLAFW7EN29GAHWhEHJ+JwWIfPsdhcYn4lsf9
HY7gKI7hhOgpTuJ7nMIPoqeiynrFASdc0KDDgBseZMCHs+QG5RfohLORiXPQGeeiC7JwHvfthl/h
AnRHNi5ED/jRE71wK25DHn6P23EH7sRduBv3YIw8rjyGyZiCqZiG6ZiBmdynELMwG0WYgyDm4gk8
iXmYj6f4mD+zDbH9TzyD/8KzMqUUowTP4Xm8gFKUYTn3WYEqrMQqVOM9vI8PsBpr5HG1nxyrDsBA
eVQdyjaX7fWip3ojbpMTKLYUxZZSHxZd1T9hHB7h8lOyXn1a1jsDcpzzMUzGFEzFNEzH45iBmSjE
LDwt05RXmvJKU15pyitNeaUprzTllaa80pRXmvJKU15pyivtfFX0cS5EGIv4mn9BBK+hAq9jMaJY
gjewFG/CQiWW4S28jXfwLpZjJVahGu/hfXyA1ViDtViHD7EeNaiVx511+AgbsBGbYGMztssJzgbs
QCN24mPE8Ql2YTea0Iz9MkXxpSi+FMWXovhSFF+K4ktRfCmKL0XxpSi+FMWXovhSTn4unD9Cip6u
THGdq7MYTMWlXQdEH9dRLh/DSdFHY83SWJc01iWNdUnryvZ89MVl3D6A7SAMkau1K7l8Fecni+u0
KZiKaZglLtNmo0icrc3BE9yvVNZrZXhVHtcWsl0kN2g899pSLvO8azzn2jLOv4W38Q7eBc+5tgJV
4LnXeO41nnuN513jedd4vjWeb+1D7svzrfF8a7Wow0ZsQj23xbCN8zvQiJ34GHF8giZu38M2gU/R
IlPaPh5jivNpHOH8UbbHcBwncBLf4xR+wI+Qsl5n/dHd8rjeCWcjE+egM85FF2RxH9YU/ZfoCuZ4
nTle/xUuQHdk40KZ0nvAj55gH6H/muv74hL8Bv0wlM9xNW7g/I3c51bcgTtxt2zW7xFn6/dz2wgu
j8QfxGB9DB4SPSnHlD5DTtBnYhbnZ3P/OWyDmAfWfZ11n0pMUYmtx/RJ6SaXX2H7KhYijEV8riVc
v5SafZPLlVxeweVqztehCc3YgwS+5Ot/ha9xEN+JS/QjYG3XWdt11nVdisGGEGcbiuhpqHKCMU4e
Nx6R9cajbAvYTsQkBDAZUzAdM8D6abB+GkXc90mwLhqsiwbrosG6aDyLYpRwn+fwvNxgvMD2Za7j
32UsZhvla/JvMt7A8rbfsag3eB0arJEGrz9jC3hdGdu5vAM7sRtNXMfryeD1ZPB6MlrwOdd/AV5P
xrdsj+CoPO6+AgNlvfsqmXJfy5bvoftmtuxH3L/n/O24A3fiLu5zH9ffjwcwAiORD/YnlOdRyvMo
5XnU84ro6VmIRZxnrfOwpnlYzzysZR5+pjz8HFGkKYo0RZGmPOtFV08tPuI8+2pPvRzriWELtmIb
tqMBO9CInfgYcXyCXdiNJjRjDxL4FC3Yi8+wD58jiRT24wsckGMznpX1GcXg+5LB9yXjefB9yWAN
yWANyVgnJ2R8iPWoQS3q8BE2YCM2wcZm1COGLdiKbWDNzWDNzWDNzWDNzWDNzWC9zWC9zWC9zWC9
zWC9zWC9zdiDhJzgLZBjO9wiJ3S4FezrHGdTeTlUXg6Vl0Pl5VB5OVReDpWXQ+XlUHk5VF4OlZdD
5XWm8jr/k9+doapxMXqjDwbKZ6i/Z6i/GPUXo/5i1F+M+otRfzHqL0b9xai/GPUXo/5i1F8W9ZdF
/WVReZlUXiaVl0nlZVJ5mVReLpWXS+XlUnm5VF4ulZdL5eVSeblUXi6Vlyuohn/yf+FT4kW8BBMv
g9VA8FMjWA0Eq4FYhL8ggtfwj/8vfEpYqMQyvIW38Q7exXKsQBVWYpV8kZp8UbzH+ffxAXgFC17B
Yi0+xHrUghVH8EoWG7ARm/h6NjajHjFswVZsw3Y0YAcasZOP+bitRMPiE7a7sBusYqJZrhN7kMCn
aMFefMZzvg+f4wTP9Ul8j1P4QWRSpiHKNESZhijTEGUaokxDlGmIMg1RpiHKNESZhijT+ZTpfMp0
PmU6nzKdT5nOp0znU6bzKdP5lOl8yjREmRZTpsWUaTFlWkyZFlOmxZRpMWVaTJkWU6bFlGmIMg1R
piHKNESZhijTEGUaokxDlGmIMg0p94uO1KlFnVrUqUWdWtSpRZ1a1KlFnVrUaZA6DVKnQeo0SJ0G
qdMgdRqkToPUaZA6DVKnQeo0SJ1a1GmIOrWoU4s6tahTizqtoE4rqNMK6rSCOq2gTiuo0wrqtII6
tahTizq1qFOLOrWoU4s6tahTizq1qFOLOrWUzbJGqUcMW2QNtZpHreZRqzFqNY9ajVGpfiq1mkqt
pkyrKdNSyrSUMs2hTHMo0xzKNIcyzaFMcyjTHMo0hzLNoUxzKNMcyjSHMo1RpjHKNEaZxijTGGUa
o0xjlGmMMo1RpjHKNEaZxijTGGWaSZlmUqaZlGmIMg1RpiHKNESZhijTEGUaokxDlGmIMg1RpiHK
NESZFlOmxZRpMWVaTJkWU6bFlGkxZVrsXCE6OquwUgYp1CCFGqRQgxRqkEINUqhBCjVIoQYp1CCF
GqRQgxRqkEK1KFSLQrUoVItCtShUi0K1KFSLQs2lUHMp1FwKNZdCzaVQcynUXAo1l0LNpVBzKdRc
CjXXyR7eyR7e+SkoKedefIZ9+BxJpLBfhinZMCUbpmTDlGyYkg1TsmFKNkzJhinZMCUbpmTDlGyY
ks2kZDMp2UxKNouSzTrjd7Nip383i9v++ntZ3H4M/CxStzltv5PFmkzh5lC4nf/ud7G6cv35+J/f
yerL+b/7fSw+1wCuH4Qh8pnTv5PFdVdx+f/8vSyRRSVnUclZVHIWVZxJFQep4hBVbFHFQap4vrZY
1lDGIcrYooxDlHGQMrYoY4sytihjizK2KOMQZRyijEOUcYgyDlHGIco4SBkHtdV8nrVcXocPuf96
tjWolcXUcTF1HKSOg9SxRR1bGj8vFHKIQg5RyMUUcpBCDlLIQQo5SCFbFHKIQg5RyEEKuULby8fs
4zGnuC6NI5w/yvYYjuMETuJ7Pt8p/IAfIWUxlRyiki0q2aKSLSrZopItKtmiki0q2aKSg1RykEoO
UslBKtmiki0q2aKSLSrZopItKrmCSq6gkiuo5AoquYJKtqhki0q2qGSLSrao5BCVHNKvlTWUskUp
h/Wb2mo5TC2HqeWwfldbMbf+H/eUfh/u534PsB3BdSPBvpVyzqKcM/VHuX4CJmIyt82QuVR0LhUd
bv+/6mEqOqw/0VbSYX0+26fwdFtV51LVufp/cv4ZsK+lrsM6E7rOhK6zf9UXtNV2mNrO1dnHUtxh
ijtMcYcp7jDFnamzb9UXI4ol3O8NtkvlixR4WLfaKjyTCs/V2Yfq7EP1VajmNvahOvtQnX2ozj5U
Zx+qsw/VKUGd/ajOflSvQW1bvYd19qU6+1Kdfam+CRSivhkxbMFWbMN2NGAHGsF+VGc/qsfBflRn
P6rvbpsGwkwDYaaBMNNAWGet0FkrdNYKnbVCZ63QWSv0pFynp7AfX+AAvuT5/wpf4yD42dZ/5L5S
ZDEpZDIp5Bo6BW/Ai3HSYmoIMjVYTA3FTA0hpoYQU0OQqSHE1BAypsoaYxqmc34GZqIQRXzMk2C/
xfRgMT1YTA8W04PF9GAxPYSYHkJMD/OZHoJMDxbTQwXTg8X0kMv0kMv0kGu8yee2UIllWC5jTBMh
pokQ04TFNBFimggxTYSYJiymCcto5H472e5GE9fv4fMnwM8fE0WQicJiorCMb7jfIaS57lsuH8FR
aTFZWEwWISaLCiaLEJOFxWQRYrIIMVlYTBYWk4XFZGExWVS475U1TBchposQ00WI6aKY6aKY6SLE
dGExXcSYLmJMFzGmihhTRSlTRSlTRSlTRSlTRSlTRSlTRTVTRTVTRTXTRDXTRDXTRB7TRB7TRB7T
RB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7T
RB7TRB7TRB7TRB7TRB7TRB7TRB7TRB7TRCnTRCnTRCnTRCnTRCnTRCnTRCnTRCnThJ9pws804Wea
8DNN+Jkm/EwTfqYJP9OEn2nCzzThZ5rwM034mSb8TBN+pgk/04SfacLPNOFnmvAzTfiZJvxME36m
CT/ThJ9pws804Wea8DNN+Jkm/EwTeUwTfqYJP9OEv+0vrLiUi9EbffBr9MUl+A36oT8uxWUYgH/D
5fh3XIH/wEAMwmAMATOKMhRX4ipcjVxcg9/iWlyH3+F63IAbMQw34WbcgnK8BBOv4FUsRBiL8BdE
8Boq8DoWI4oleANL8SYsVGIZ3sLbeAfv4h//hRWPsgEbsQm28LT/hZVB7X9hZZCzXnicMWwRHtc5
wuXqgiych1+iK84XLm0BeKwaj1XbJTxas3DpAjz/Os+/zvOv8/zr/YVHvxR/+wsrrva/sOLRrxMe
wydcRgd0xFn4BTrhbGSCx2CcCx6HweMweBwGj8PgcRg8DqMbfoUL0B3ZuBA94EdP9AKPy+BxGTwu
g8dl8LoweF0YvC4MXhcGrwuD14Uxi8c0Gzz/xlK269nWoBZ1+JrrTv+FFZeb77eb76n7HuERqvhI
OEVfIcRAMVT0FlfxXz9xo/i96C/uFHdx7XCmycHij2KOuF7xKeeIB5VuvEIfUYbx+nhcuYVXx0zl
fqaGQuUh5SExSxmnPCpmKzOVp0VQCSllolgp59XzsmLy2nlF4T/xqhLlNbFQWadsEYvUfmp/8ZY6
QL1cvKMOVAeKFepQdaioUnPVa8RK9Xr1RlGtTlQniQ/Uqeo0sUZ9Vn1OrFMjakTUqq+rlqhTV6hV
IqauUleJrer76mqxTa1Ra8UOdaO6UexU69WY+Fjdqm4Tn6gNaoPYre5Ud4omh8/hE82OsxydxB5H
Z8d5osXR3ZEtko4ejh5iv6OX42LxhaO/41LxlWOQY5A46BjiyBHfOK50XCnSjmsc14jDjuG8Ar91
PMDr74gj3zFaHHMGnPPECefTzmcVn7PM+aKS6XzVGVY6Oy3nciXLWeVcrXR31ju3KBe7Org6KL92
neU6S+nrynSdo1zi6uI6X+nnanZ9plzuSroOKENcX7u+Vq52HXIdUnJdh13fKte4jrhOKte6TrlO
KcNcUuMnVNO1jsrt2i+0Lsr92nnaecoftK7ar5QxWrZ2kfKw1kcbohRoQ7WhylztKu025QntHm2E
UqqN1ULKy9oz2rPKeu057QWlTlugLVA2ai9pprJJC2sVymZtibZU2a5VapVKo7ZcW67s1FZqK5WP
tfe0D5S4tlZbq+zWarU6pUnbqG1W9mgNWoOyV2vUdimfac3aXuULbZ+2T/lG2699oRzSDmtHlMPa
97pQjuoZuk85pWfpfRSp99cHqp30wXqO2lX/rf479Vf6y/rL6oWGz/CpPYxfGJ1Uv3Guca7ay/il
0VW9yLjAuEDtbfQw/Gof42LjYrWv0de4RL3EGGeMU/sZjxoT1P5GwHhMHWBMMaaolxvTjenqvxuz
jNnqFcY8Y5460CgxStRBxvPGC+pgY4HxkppjvGq8ql5lLDXeVK82lhtV6jVGtVGtXmesNdaqvzPW
G+vV642PjA3qDcYWY4s6zNhubFdvMhqNnerNRtyIq7caTUaLepvxtXFQvctIG2n1HvcV7v9Qh7sH
uQep97lz3Dnq/e4b3DeoD7hvct+kjnDf4r5FHem+w32nOsp9j/tedbR7hHuUOsb9oPtB9SHPAs9C
9WFPhadCneip9xxWJ2VoGR3UBRm/zMhWF2X0yOijLskYmjFSfTujPCOq7siIZyTUfRmnvE71K+9N
3jvUI94C75/VH71hr+XI8r7lXeHo5V3prXb09b7vXe3o513rXeu4zPuh13YM8Ma8Oxw53p3enY7f
euPeXY5rvU3efY7rvUlv0pHn3e/d7/i994D3G8ft3rQ37RjuPeI97rjX+4NPOEb43L4OjtG+Tr4u
jod85/nOc0zwdfV1cxT4LvB1dwR8F/r8jsm+Xr5ejmm+Wl+tY7rvI5/teNwX8zU4Zvs+9n3ieNK3
29fkeMqX8CUcf+7wuw43O0Id8jrc7niuw90dhjtKO4zqMNqxoOOQjkMcZsdrO17neFkovzzcdbZw
CK/jaZEQYuRETEUh5uJpPPvXrTIpk20pTCzCYlh4F9VYizpsxnbEsQf7cACHcFSowdVtxMhTbdRg
DTYJMUqFgQ7ga406DxegJ36NS3EFcnDNGdsbzrh8a/vnuhP3IR9/xKMIYDpm40mEUIIX8QoiWIJl
f92qwa3Yyb/9PFzA+aa2y3+zF/txEN/h5OnrefrUuRq86IQu6IYe6I1+p+879/K2+4tRK/A+PsQG
xLCj/b6DcTWXd+FTJPEVDuN4+9f7Hed/FCLfCQ/OQmd0bb/9ZtyO4VyXjYv49/Rs8z//FpF/CQZg
IK7EtRiGPNyNB/AgHsaE9suTz7j/DMzBfDyD59svl2MhKrAUb2MleA3k1/xt2/r9y+d7l7/1jG3r
42o6Y7sX+/+6VeeOZHsQPPdzx7A9KcRodr+jtX+R9yc6teuCbmfcr8dPtN7WG/1w+d99HnXuOLaD
T39fRvM9HM33afTNZ2xvx3DnL0bsHW/N/m7UkwUPtp0+3HY6gdNQwWROSwpmcPpiwRxOXymYz2mk
4JnZ37V+1JzAqCUFz8+ZPmL/+HdnnxxxcHx1Ea/cgnJOVxQs5PT9tvMfFlQUidZb58we8d34tUXa
qA0FS4u00+fbT0+OryvyjoqN9nK6o+BtTne1nd/Vdv7TgpWcJgtWc/pVQQ2nhws2FXlbP2rOkyPF
+M1FnUZq47cXdRl1vGArpz8W7Czqku8saCrq0nr9nNBI7/h4Ubd8T8FeTs8q2D+nZGSn8XuKeuR3
LjjIadf8ptbTgu84zS44yelFEwWnl+S33jpgosbpwIleTq8cv2fOi/nXTuw055WRXcbvK+qdPyx/
flHvkd3GHyjql583/sCcyMge4w8VXZ5/98QunD4wsRunD44/NGdJ/sNt1z/Yejqy9/ijRYNH9ht/
qujq/AkTe3A6ue10xsTe/83O98fFkVX53io6TQ/DEAYZBhkGkUFERGSQRZZFzCBBRERERESMDWma
/kVXdXd1dXV1dUNVN03T4eXDRD4xGzHLwyzGGFnMJ8sybIw8NpvNRj6YjVmWzcuyGLMYeXwi8pDl
ZVl8594GJsmMzvyx/70353O+ffvWrVu37v3ec849dEYux/XKOMEJbRFLy1VtClzFmA8YIuXj9iLA
QXsp4Gl7OeCwvWofR+21yuW2C/YGZUZbymrk2raL9ma5lvTWsFszadfuIa5RrmvL2Ti5ue0KzDkg
zP9uGdcrc9oqNlHWtl2162UtLiu3227YLVCuZVNkfdtNux1w3i4A3iXle3Yf4AN7APChPQy4YR8A
fGQ/KeuPIvsQoJpNUe5oG9h02aJtZrNk+9FY+4iydDThMUy2n1OWtFo2Vxa0erZA9h1Ns48BZtov
EcTlHPuU7NNa2GI5cDTfPg1YRLDUfk0OaO1smRy2pEkRrCBYDZgp1QHmSI2A+VILYJHUBlgqGeQw
visYYymXrH28VmAr5AGtj62WT1qqJA6wVhIJ4nKD1C2fxFf7JG2ArZPzLc1SUM6PlHcxzDbKQxat
1E/wxFNlvXQK0CKdAbRLZwEF6bw8hO/qU7QDbIs8oj3JtsnnLD5pHDAgTQCGpcvyOVzfF9IOsQZ5
zDIgzQCelK73HdeOsFb5kmVImiN4m+AdwBFpCfCctAw4Jq0CXpLWAaekLfkSvqtv0DIt7YQmtOe0
a/KU5ZpXJU9px1hOnsbYd1p7iRXla5ZZbwzgLW+8fA3X9A1H6ndxiu2WZ7XTbFC+ZVnwJu3jojdV
voXr+0YJXtBeY/vlBct9bwbB7P3yijcPcM1bCLjpLQHc9h6SFzppbyWgxlvTd7EzzlvfN6mdZU/I
i52J3iZ5kfR2f7cmxXtkD3FNX5P2FntKXulMh7UD9Or2yri+74p2gT1D3ssE44dy33BnlpeF8iJ7
Vl7rzPXyBKX9coFXASz2hgDLvMcBK7yDgNXe04B13mF5Dd/bd1V7nz0vb2pX2HF5u7PRO7qPLQTb
vBfkbZjbCZjhNfayQncavBcJTu6Xrd4rCg1MmJFHOjnv1X0UvTeAG5vsdUVztNw+S/AWYBUp19oX
ABvsi4DN9vuAWvsKoN6+pmjIXctHLfZNZVW7zc4pca00e1tJPGq3bwMKBH0EAw5aSSRX11s17B0l
pVXj0GDE5aNhR5yS2xrHLskJRwcciQRTniqfdKQDNjuyAIccuYAjjgI5Ad+lXG9NZJeV9NYUdlXJ
OlrlKAY85ygDHHNUAF5yVCtZrensupJ7dIrgtKNO2WrNYreUgqPXHI2As44Wgm1KQWuWwwDlWw4r
4IKDA1x0iLge2u8cve/ohpoVR9Cvas1ld5Tio2uOfsBNxwmluLXAplLKjm7bVP4YHe04pZS1Ftti
lAKdxnEGMM5xFjDRFuOP16UAJuEy9Fxmi1cqWitsSUquLt1xfh+zHOMwM1DvT9XlOib8GaSc3Vpt
S1WqdQWOywRn9rHYcR2wzDEHWOG4DVjtuANY51gCbHQs+/N0LY5VfyH0k6HU6doc60odlLMB62x5
MDaDY4vgDowK1+y0NtoKlUadlVM9ibjeX6LjuBj/IZ3IxfsrW1tsJUqLrptLUlpw2V/T2sKlQrnN
dgi/EZdBMHu/nMXlAQa5QsB+rgTwBIdbnuIqYY3CXA28O9zrr2812Crl5larrUZp053h6gHPEjxP
cJxrUtpaOVu9YmgVbU1Klm6CO0JQt4+XORNwoNt2RLHqZjh2H69zPOAcJ/mbdLeZMf8R3R0OYhUc
G/h1uiUuJMfqlrnjgKvcoJypW2cW/SbsB/2sbos7LVfpdrhhuQp7Ij/fruJGsVfiLsj69hi2wC+1
x3MXZV97EjcJ/gX2i19pT+WuKBrMW7+uPYO7Kie0Z3M3APO4mxGO+UN4ff3H2wu5eaW6tZq7C4jn
YbC9hLuH54R7AAhv6j/dfoh7qGS1V3IbShb2OH03Oru9N8H7YMt/szPonZeHOvu9dwFPeO/t2ud5
bOX67nae8j4AS3jG+1BeIHbmXudZ7wa2Od5HgGBJ+h50nvchsB7jPrVCt9c4uv3x7fXcI3m2vcmJ
/MPtR5xq/2i7zhnrv9Bucib4L7azzmRZ3c470/yT0CYT2kjOHP+VdsWZr5xoDzmLlMT2485S/9X2
QWe5nNx+2lklW9qHnbX+G+2jzgb/zfYLzmY5v/2iU+ufb5906v132684LXJV+1Wn3X+v/YZT8D9o
v+n0+R9G4o32eWfAv9F+1xn2P8IRRQC133MOBNTtD5wn8So4h8ByEs/e/tA5ArjhPAf4yDkWiNUj
56VAgl7tnAok62Od04E0fYLzWiBTn+ycDeTo05y3Avn6TBzT6nOcC3KmPp/ETiRK0Rc5FwNFkbix
7a7zvpysL3VCFIe5ESjVlzvXAKucm4Fyfa1zO1Clb+DhLKVvJi21vEYu1+v5uECt3sInQtnOp8BT
BD4d0MdnybH6AJ8LGOYL4LkDfDHgSb5MrtIP8RWAI3y1XKs/x9cBjvGNMJ5LfAvgFN8WaGiL4Q1y
mn6atwaa9dd4DmIPmIGAVj/LixFuB/T6W3w39LPAB2WffpHvD1j09/kTAbt+BUeY+jX+VEDQb/Jn
Aj68LwIB/TZ/FqJ0iNUDYYIDHTR/PhKBB04SHCI4QvAcecpYBDs0/Lic0BHHT8jJHYn8ZTmtI4VZ
CFzqSOdndstTBKdxhBy41pHl3I2HA7MEb+G4N7DQkctfDyyQ8iLB+x0F/Jxc2lHM34Z4GKLiwEpH
GX8nEgMH1ghuEtzuqOCX5NqOan4ZsA4jjlp7aIKajkZ+NRKp9sR1tPDrcnNHG78FaOBXocbK70Si
1p5EgikE0/Gu78kimEuwoINzqWRLh8im9xR3dLtiZHtHkM3qKevod8XLQscJVxLgKVeq7Os448qA
2BLWpaeCYHXHWVe2f1TX5gKr2HHeVdhT1zHuKulphBqwih0TrkoY+WVXTU9Lx4yrvqet47qrSSnr
mHMd6TF03HbpeqxQb+rhOu642B6xY8nFg1Un1rtj2SX1dHesuhSlpWPdFeoJRixhx5breE9/x45r
sOeEQeU63XPKEOMa7jljiCcxwKxrFHxBxMsQux3x0YYk1wVlFXvbnrOGVOxtDRmui+DpwGr1nNdV
uCZ7zhuyXVd6xg15rqs9E4ZC142eE7oJ3FKX7rqp5BpKXPM4lnDdVTSGQ6572Ke7HkDPla6HSoGh
BntbQ71rA/sv1yOl2tAkIKg5IqgBdULsnqcwmISEnssGVkiGMi+k9cwYJCGz5zp+u545gyLkRCxt
z21DSMiHfo4LRTDaQaG0547htFDes9SxLFT1LBuGhdqeVcOo0NCzbrggNPds4Xnr2cH9BFWGi4IW
3mJS0AdjsA0PxkeiHYzBJIKphiuRqIa9E8wgmE0wj2AhHkNgDGOwxHBVsCjpMBI7jOQGjkYMN9l1
/6BhXhAi5eAhgpXYFwRrDHcd3YD3yAxDdBGsJ9iE4wp/yPBA8IG/gHLwCEGd4aEQUCoMG0IYIgqI
K4ImwyNhYDeKGMQYZAnyunThpFIHV4eUOiMSRiIePygRVIxq4VzEywdDxlhhTGk0JgiXAKE+eNyY
LExFvHxwkOBpgsPYTwVHCV4gWGlME6bBd4MHD140ZgrXwFODHw9OGnOEWcVgzBduARYJC8CNGWFR
sZI5v0LwKpmHG8ZS4b7SYiwXVpQ2Y5WwhqM7HIUaa4VNf2XnhC+272HnZV9CcL5zxpfct9F53ZfW
O9I558vse9R525cj53fe8eWTNkXQZslXCnHvsq88jDpXfVU9dZ3rvtqwunPL1xCO7dzxNfdtWFU+
bTjBGuPTh5Ot8T6LPG1N8tnDadZUnxDOtGb4fPKCNdsXCOdY83xh2WIt9A2E8yOnA2uJ76R8zXrI
NxQuspZ42XCptdI3Ei631vjOYa/qGwtXReJwa73vEsEpwCbfdLjWesR3Ldxg1flmw81Wk+9WWGtl
fQthvZX3LYYtVsl3P2zfPYEO+VbgzEVOOpEzhVXxrYWFyCnPGvJtAh73bcOJAHx92GfZ7KLDvk6u
SxMOWAe74sJh6+muxHCzxUdaDnelhILW0a708MDuOSutK0sOWy905cKztF0F8pD1YlcxnCuHusrk
S9bJroq9p1uvdFXDGMgpyXq1qw5OTJHx3OhqBLzZ1RI+aRnoapPHrPNdhvCQ9W6XVU7AMxAesd7r
4iKxSvic9UGXCL097OpWaOtGVzA8Zn3U1R++FDkPMqjrRHiKUXedCk/jOCd8jYntOgN+DU7W4VmC
t5iErrOR83J4geAiwfsEV8hT1ghudopd5+URJrkLzsJMWteEPIbPv+FtJrPrcqR8jCaowfHSsbjd
mYTT67FEgil4VMfSmZyumWPppJxFMJfJ77ouzzJFXXNweoUz7LECprTrduTEeqyYYBnBis6Urjvy
IlPetbSH+Ix5rJpgHVPVtRw5Vx5rZGq7VuUVpqFrHRDqoaa5aytyxoSnY2whmIujuGNtBA0ErYy2
awfiHzg/HuMYfbcKzolwijwmMpbuGHmasXfHAwrdSRDjcd2pcBKEdTnWTbBFO9SdcSzI+LqzYf4D
3XnyNhPuLlRoZqC7RA4bG4RtRdMx46aVXGOzWwMxajpYxVyj1h3X02/UuxODN40Wd4q/3mh3pytb
RsENZ7d9zA3OG33uguBdwGKCZYABd0XwnjHsrg4+MA7AXVmRMx08pQ56PuluDD40DrlbghvGEXdb
8FHHErafGOEp59yGXmQcc3T3qo2XAGPba9xwgjNOubneBOO0W+xNNl5zd/emGWfdwd5M4y13v1KB
sTcH28nefGIh6yNoXHCfkAXjoi21t8h4332qt9S44j7TW25cc5/trTJuus/31hq33eOAm+6J3gYT
7b7c20xQa9K4Z3r1gNcB49xzgQbA24EGbEt7LaZE951euynFvdQrmNLdy70+U5Z7tTdgynWv94ax
Fe0dMBW4t3pPmordO/KaqUxU9Q6ZKsQYudlULcYrbYbjYlLviKlOTO09F/FQGHvHWrvBG463dosZ
vZdw5NY7pd8Us3unTY1iXu81U4tY2DurLRJL5CpTm3io95bJIFYG75msYk3vgokT63sXTaLY1Hvf
1C0e6V0xBUVd75qpXzT1bj7R2wmR7d0G5EO06ZQohTSmM6ISijOdFUOhRNN58XgoxTQuDobSTRPi
6VCW6bI4HMo1zYij/gum6+KFUIFpTrwYKgacDJWZbotXQhWmO+LVULVpSbyhrJqWxZuhOtOqOB9q
NK2Ld0Mtu7gl3gu1Rdhi2hEfhAxmlfgwZDXHiBshzhwvPgqJ5iQPCnWbUz3qnkZzhic2FDStehJC
/eZsT3LohDnPkxY6ZS70ZIbOmEs8Of5C8yFPPnCp2VOkVJsrPaWANZ7y0FlzvadK1gLWAjZ5GkLn
zUc8zaFxs86jDU2YTR596LKZ9VhCM2beYw9dN0seITRnVjw+ecUc8gRCt83HPWGl0TzoGei9ZT7t
ORm6Yx72DAUazKOeERhb5CkXPOdCS+aLnrHQsnbbcym02qrxTCkp5knPdGi9tcxzLbTVWuGZDe0A
3lLqzFc8C30qwMU+VWuj535fjPmqZ0Ueae32rPXFm294NvuSzDc9232p5nmJ7ssw35U0fdnme1Ic
zBJgX17k1G9+ICX2FZofSin+Rzh66SvBUUrfIfMGu9xXGdlxJI9xluQudp7aHRm7uYKdCJ/Nj6T0
vhrs3/vq8Rm8rynCyUh2COcW/PUWJGX1HYnkaixqKRcwVipQru9mb0hexahlb/fp8O7oM0VO/ZYE
qbiPtSRD/CMhGr1IrVG/QYj6LbWJaOoR9R9IRf2OppCaPkCr0TP0s3QsepaOp59Hz9Ev0EnoIJ1C
v4SepzPoV9B76Gz6Q+gF+tv0t9GLUVVRn0HJB+oOfAGlHJAOeFHqgZ8c+AlKi9PF6dD74vRx30Dp
cSfjRlBt3J/H/QR9Ne6fDh5AysG4gwXohwcLD5aieRhNPVKhWIRQHDqInkHPowb0LGpEbejzSIeO
oRb039BxFEAD6GcoiP4R/RzdQL+gYtA/UbHUc+h31EHqBYqiUqhsSkPVUQ3Ui1Qz1UGlUkYqSOVQ
IWqQqqJOUd+mvkT9JfVT6qtRP4j6AcWrOJWTcqm6VQrlVoVUxyhJ9brqdapb9U3Vn1Ky6s9U36EC
qjHVONWnmlC9QfWrfqz6MTWg+lvV31Gvk18bDKpuqX5GfVO1qFqi/lS1rPoVNaT6terX1LDqt6p/
p/676j9Vv6POHnjxwIvUdw/8i1pDnVMfVOdRt9Wvql+lNtQfUxdTv1W/pq6g/kNdqa6mfqf+nLqW
Vqnr1F+m1eqvqPV0nNqsttKpalYt0enqLnWI/oj6G+pT9MfVp9Wj9CfU31OP09X4NwR0vXpS/Y/0
F9UL6gXapr6jvkfb1cvqZdqjXlGv0JL6N+oN2qveVD+iZfV/qnfoYDSKRnQomo5+hu6LfjY6mX49
+uXodPrPojOi8+jvRL8afYgej66JdtHT0b7ob9Or0cPRw1Gx0SPR3416Lnoi+o2o90T/dfSPo16M
non+m6jU6L+Nno1Ki56L/p9RWdFL0b+IKoz+t+jfRBVHb2joqMMai2YrquGZP36mI+rnB187+Joq
HlHIgkKAsSgN1h2V06BxoCmgZSirYrFikw2xx9nBwwXsaXaYHWUvsBfZycPWw0H2weHL7MPDM4dX
2Q32kQ3Z1LbYw+uVMeyVyiOVqZWVlTx7lb3B3mTn2bvsvcpDwC0VMH2NMP23iKJ+R/0O0cDreBQF
114mv3hB9Pfp7yOK/gH9A7g2Tv8QRdE/on+EDpBfvKjpn9I/RRr6H+h/gH3xM/o2iqEX6AUUS/8r
/a+wO35O/xzF0ffpf4M98mv617BHNul/RwlRVBSFEqPgP/RC1IEoNUqKio2KRclRSVFJ6L1RyVHJ
KCXqpahU9FJUdlQ2epn8KiYtqjSqFKVHlUWVofdHHYp6DWXgFUaZsb+M/SX6AIw/lkogM4cRMStI
YlaYNWaT2WZpVsPGsYlsCpvOZrG5bAFbzJaxFaDVbB3bCN9a2Da4YmCtLMeKbDcbZPvZE+wp9gx7
lj3PjgNOsJfZGfY66Bx7m73DLrHL7CpcWWe32J3HxabYVLYYW7wtaV9SoTbDlv2Y5NkKbSW2Q1Bb
+ZiEbMdtKmhbY6u3NdmO7IvOZrKxNp6IZBu0nYY2KtuwbdR2wXbRNmm7YrsKfapsN2w3bfO2Gnh/
6pmLsIZfAA4Bi8Bq4DlJBolCqSAqlEX+/zy5INHooyAaVALyDCoFiUFlIM+iCnQYZvOzIHHoyyAH
0VdQM4pHR0ASwPro0HuQASQRORCHXkBuJKIXURfIe5EfJAWs0uvoJfRNkJfRt0DS0J+jUfQ+9H2Q
96MxkAz0Bsgr6K9BMtGPQD6A/gZdhfHdAMkGCziPPoQW0D+jHPQvILnoFyAfQb8EyUPr6H/D2LfQ
/0Gvoh2Qj1E0FY0KqRiwgCXUc2AB/wQsYDwqBQuYgsqoNOr96JPUK9Qr6FNgEbNRBdjEOnQYbGIz
qqS+RmnRp6k2qg19ltJTelRDfl/2OcpCWVAtxVAM+jzlpHhUR3kpBdWDBQ2iJrChfegr1DGqH32V
GqAG0NfIr8+OgD2dRF+npqgpdJSapv4H0lHXqL9Deurvqb9HBuon1CwyEv6awQpYkUUDFEWMhtNw
iNW4NAKy4V8SIYemW9ONOE1AE0BO/HsixGtOaL6BXJpRzXeRW/M9zfeQB9Z2GW0S7hfB6iHrMugq
6DroFuhORBnVrsYQ/bJ12bpqXbduWXcYFRPDxDNJTCqTwWQzeUwhUwJyCLSSqWHqmSbmCKNjTAzL
8IzEKEyIOc4MMqeZYWaUucBcZCaZK8xV5gZzE2SeucvcYx4wD5kN5hGLWDUbywyyCWwym8ZmsmNs
DpvPFrGlbDlbxdayDWwzq2X1IBbWzgqsDyTAhtkB9iQ7xI6w50AusVPsNPCZPmA54ABX+J24s8BY
Gvj5X8Xvz4EcJCyPJyx/nrD8PYTliYTlLxCWJxGWJxOWpxCWv0RYnkpYnkZY/j7C8nTC8gzC8lcI
yzMJyz9AWJ5FWP5BwvIPoVmQHML1DxOu5xKu5xGuf5RwPZ9w/VXC9Y8Rrv8RcJ1GRYTfHyf8/mPq
ZSoNeI+ZXUqY/QnC7DLya8lPEjYfImx+jbC5nLD5U8BmL+yBLqoL9kAfsPnThM1VhM3V1Deob8B+
wJyuAU7/JewHzOZawuY6ahZ4XE/NUXPoi5pvab6FGjTDmmH0Jc1faP4CohQqvjs+DOsUC3P/LKL4
buBhE+gRUB2oCeqC8MmC8qASqAJ1/arnrc28jln/w0rabLm2rVreZNXzLLPzpOI6q4XnWRVojEBj
tdp5iY3/w4rbWAVesfr4EJv0puLv1gB/nE0FzRA01jA/yGb/YSVt8oQ46wB/mi3kT1tP8sNEh/hR
tgT0kJBIypVCClsjpFtH+AvWc/xFtv5NJd+bhCzrGD/JHnkH1Qm5pI9L/BWiU/xV6zR/gzVFFJet
1/ibLPum4u/WWX6e5fl5/En0Fn+Xld5ZcTvrAn/Pusg/YJUn1Xqff2hd4TfY0JNqXeMfscffVOum
C70bdbZJp63bLjVDu2LfVjWuBKxOgzSMlYlzJb8rTXSlMSmuzN+nTqs0yqS7ct6NcnbPeSbLlU80
11VEtMBVitXJSRfwJzfiueMUpYtMsaucKXNVPa2czzPBVLhq30md3dKkMyhdYapdDUTrXM1Mo0v7
hLa49G/RNpflCTW47O9arS6B4Vy+t6joCjDdrvBb9Om5DroG3o2yg0IB0+86yZxwDb2twjX2tFDM
DgtlpN0p18i70jOuc2/LHdzfKOgFoYI56xp7N8peFKqZ865L+zrumtpXfH0S9IpQR8pXhUb2htDC
TLimyXifUvam0EbKl13X3knZecHA3hWsT/Qx45p9Qq+7bj2t7D2BYx8IIjPnWmAfCt3kc0MIvt14
fq/edi0yd1z336JLrhVm2bX2Fl11bT6u7COhf8+2P2GLd23lno2zIeHEng2yqYVTj9uRfZ48vq57
67I7R7ZY4czemG0JwtnHx0RsSb8LYT46T0R46Ty1u4fxvjoDela6ivnuPA86Lt3Y47NzAj7hObZk
4bwtTRi3ZQoTthzhsi1fmMH+xVYkXMf15N3AR9hKhTnsS2zlwm1blXDHViss2RqEZVuzsGrTCuvY
tuN3tumFLZtF2MH22WZ3q2yCO8bmc8cTu4xtOsyFLeBOwrbTFnan4n5tA+4M20l3tm3InWcbcRfa
zrlLbGPuQ7ZL7ko8v8QHYZ+A53DKtW2bdtdgP2a7Bv5nb55noa9b7nrcB7m24G6yLbqPYL+z52cf
X6P9PrHu+pQ9X4DHhX2j7b5bZ1txm2xrbnZ/nXF7bPth7W2bbt627ZbstFuxa9whXGePAx+ujSj2
19hvP6H2iF+2J/IK8cfwnD1fjD+JAn/Iuz3lY/EnVnsKfwEr9o97fnVP7en8Faz7PhL7zF3f+Liv
fMJH7vrJPbVngR8EX0h8H/hDey7/ECvhLfZzaxG1F7iPY17ai92D9jL3aVKucA/bq92jhLNgP+x1
7gv2RvdFcq3FPUk+29xX7Ab3Vbxv7Vb3DbyfyHtx7pt20T1v73bfJftibx/s2kVsS+1B9z1s5+z9
YJt294j9hPsBtlv4/j0b+Ja99dS+2rcvu3sL94Htpv2UMGM/436Ix7h/P24P+81+1r1hP+9+ZB8X
kX1CVNsvi7F43MQuwTvYZ8QE+3Ux4hveyf7sjss+t2vH9+zn6GNtdsdM3vUpe7z/PtgO7+nve9bv
saf227ufd1wLeC329Wk7+bitxPZxz0Y+bhPxHOJ+cBt8DebAviSIzsvSTbzGzhlpHr+n87p01zkn
3XPelh6Qtcc2q0zinXekhzh+wbzDbZ1L0gaJNyDucC5Lj0hMgW3aqhfhNnsxgXPdq3ZueWOx/3fu
eBOwreNVXmIL+RhvGla8R/l4byaf5M3hU7352A7zGd4iPttbim0otpd8nrec3FvordqPmXDMsxuj
kL52+8DX+BJvrTNdasLj2ovr9mOD9DdtMNG9GGY39sB9kT4OeRscDzzp+J79+3F7sM/kO+YFngN4
N77S20yeA3Hjnu7FiU/ou4kF8dj2YrrH4rp9xfHcnj4d1+3FaG8Tm/E1EX3H2AzHXo/HXzjm2ou7
Ho+x8FjxvbjN3pzs7i37sphGPlfFTPu6mEP2Do559vbVlphv3xGLsDpUYqkjRix3xItVjiSx1pEq
NhDNEJsd2aL2cb478kQ90ULRgveXo0S0Ow6JgqNS9DlqxMDb7Td8PnDUi2FHkzjgOCKedOjEob39
5jCJI/tlVjxHlBfHsOK955DESw5FnCKfIXF6bw86jovXHIPirOO0eGt//8G+cgyLC2Q8o+IitlmO
C+J97Hv2FMeUjoviimNSXCPvfEXcdFwVt7HtwvbDccNDY5+y195x06NxzHviHHc9iY57nhTMR8dD
T5Zjw5PreOQp4JCnGMcFnNpThvvB88fFeiq4BE81iW1h/blkTx2X5mkkmulpwXOO547L8bRx+R4D
V+SxcqUeDtturtwjkvZVnm6u1hPkGjz9OAbkmj0n9mwzp/Wc2vNLnN5zhrN4zuLzCCd4xvGZggt4
LnNhzww34LnOnfTM4Xnkhjy38XkE+27unGcJ98GNeZbxOnOXPKt4X3FTnnVu2rPFXfPscLOSirsl
xXALUjz27+TaopSE9xwp43Hfl1K5FSmDW5Oyydg3pTxuWyrEa+6kpRKnRjqE38sZJ1U6E6UaZ4pU
T2zCns0FO+nMko5gX+nMlXTOAsnkLJZYYu8qJMlZLSmYu3i+cNlZJ4UwnzEXnI3ScWeLNIjnEdGI
ipuNm0fo//8d5f+5v6OsovU3/xpgTkQWc7G5zFxhrjbXmRvNLeY2s8FsNXOAornbnLgrZUSD5n5z
yq6cMJ8ynzGfNZ83j5snzJfNM+br5jnz7aZb5jvmJfOyedW8bt4y5+7KBNEdi8pcEBFLjCXekmRJ
bZq1ZFiyv9JmyftKo6XQUmI5ZKm01FjqLU2WIxadOT0iFp3FZGFBeHNWRCySRbGELMctg2R8eES4
Jb6GnwdPwNn+59aA4Z/5L8mGfg52yOdBnifZ0ASSDX0PyYa+QLKhSciATOhFZAFJITnRl0hO9GWS
E30fyYmmk5zo+0lO9BWSE80kOdEPkJzoB0lONJvkRD9EcqI5JCf6YZITzYWdN4vy0BzIqyQnWkBy
oh8jOdE/IjnRIvRL9Cv0cfS/QEpIZvRPSGb0EyQz+kmSGT1EMqOvkczop6g0Kg1VkMzoYZIZrSSZ
0U+TzGgVyYx+hmRGq0lm9LMkM1pDeakuVEvJlIy+QDKj9SQz+kWSGf0SyYk2wn7/K/Rl6g3qDdRM
MqNfJZnRr5HM6NdVYdUxpMX/Mhu1qSZVbyAd7O5rSK96oPoVMsAu3oS5pJCAfG9y1biBCowbxkcm
ZFKbYkESTMmmNFOmKceUbyoylRIRTD5TwBQm1wdMJ01DphHTOdOY6ZJpiki5qcpUa2owNRPREtSb
LIDlIHYsmDf0h4E3H9nlTQJ5PmYMDWv0QWAP5ooK5r8A2IO5oiZciQamHAYO4cz5M8COZuAQ5sez
hB+xJFv+HLyXGZiE2RAPXHgd+IR5kAAsGAU+YQYkoh+CvEAYkEQY8CKs/1XgLc6KvxfW/J+BYXjV
XyKrnkoy4S/Dyq+gNLLG6VQ8rPH7yepmkHV9haxoJvV1Sos+QFb0g7CiLMqmeFjRHJLr/jDVD6uY
S1bxI2QV80hm+6PUX1GTKB9RmiJN6WPrUaR63lj0tJjajCPGUmO50RIRk8FYarJiMVY9LSbOWGts
iIhJNDYbm03dUPOUmIKmFKPWcMP4f9k7HzAby63/7/382TMNZ/vTpEiSjCMhyf80qZBK82fvbcIp
yb+x/89UB0mT40hySpJw5Mg7b0kdSRJSJEdIjsQcSZIczSskSVLG9q71eZ5hQtfpXO/1u67fdb3v
dV/r+yzrWfd67nvd6173fT/7aRoixbH5ONd7wyMqS2RyuOTsEpmOhbHhCW6ZFJlFeT48SfiXBaee
XSILwjOlD5Vl7tA5leWU5SFnFv0NNDw/vCi8zymxWHiZW1aeWYrWSV/WOKVoY3hDeENR2dD1Zxb9
JTW8Wco2KTu1FJUnN8u1VGs4pehAeM9Z5cZwqdaXVrieHbrQKUWHw4fCh+LrBM+utafoWPhouOJU
2TZ0d2Wp1IgYZ5XFkbfD+4aOj6xyyzpHPrTo7F5HNkbSI/5TRbSkX/0jDX9WyoS2RzIp9aTscuXl
kQOCTaTWYbcci6Qizc8s4ZlRK9I6mhHpEMnWEq2pPdYSrROtH22kox5tKiN/dk+MaMtI18itp0pe
pOBUudMp0TbRTlK6ELs50e7RnhoL0YDGTLS3xke0n9gZRG8bRiPR3tqm6CCsF6kljZTYNr0/dH28
vOh+/J5SjG1WT0eHRUdFx0THRydGp4Q7R2eEQ9HZYntOdJ6M4xC5vzA8JLpU4r0kuiK6Oro+uim6
Nbojuju6N3pQozN6JPqTLD++WPVY7dhFsQaxxjIjc6SVU2PNiIUhsVaxdrHOsRtj1cOhWI9YjtjS
WUuP0CxhnkiPYqFw31jfWP/YkHA7ieYSsd9OYuvG8KTYvcJ1jo2IlQiWxMbGJsQmxabGZjKX+zol
VhqbS29LYvNj86O9Y4tktmoZEVsWWxlbw9PkSbENYm+zjov4ZZKjGdsZ2xPbF54ZO+TMP52B4ZLY
0Whv8cq+6ByJMyNWETfi6ZF6cb9kjg7xzHi6RHY9GVkZrXjDeJN483hribD+MgJGvEM8O95VYq5e
/FYpeZHMeBMnAkWDsZKi8aMxI7J4gdCd8QHxoXJNiLwgfr/8e2R8tMTVqvi4+OPxyfHp8VnSlkHx
5zUao/3iL8cXxBfH3ybGD8vIq51V8XXxdfLUjdLySDQSL4tvlxjWYkR7x3dJjXTpQ3a8PH5AWu/M
zsPhSfFjUlKxmNRfEOmasCK3JjIkHvPo2+FEzUQd6eet8i8jUT86RXwzqdiS2b6sWLQkc+2MzCqu
GV5TXCfcWLLAtuL6kin2FDcKNy5uKnN539A5sZnJqRKBuyWDSj489cVF9+iK4p4SZes1HuOZ5Kdt
MhY7xb5oiMVAcW+xpfmOCHY0iSu9TgpvKO4X3lk8KDykOBLeI/aHSKt2hg8VFwk3X7zQL7wsOogv
NcboFx1kwQ3xXZrJiqdIvGyLDoodKp5RPCO2rXi2m33lXmxD8RyeJk+K7xq6MH5As5n6THRPfecR
Piozk8yluUt6LPdkhh0KV2hLEo3EW02ltEy0SXSSDDU+0SXRZeh4iZWGie6JnpqTwjcmAokuMsaH
E70T/eL+xKBIQ1m2iiLPJ4YlRiXGJMbLnYmJKYlGiRmJ2Yk5OmMT8+LpiYWR7MRSsb8isTpRP5Ke
WJ/YlNgaTyR2hGOJ3ZF6ib2RXYmDiSOJn+JDEwuTnqQvWT0+Ljw2sTvRKDw1WTt5UaxUorADdxok
GydlriZbJdslOydvTPaQmC+ReznJULJvsn9SfJ+MJWPhmcl7kyOSJcmx4Z3JCclJMqKNkzOTpcm5
yfmRO5OLomOSy5Irk2uSG5Kbk9uSO5N7IrOS+5JTk4dknLZFDujXP5EDRZpP60X4Cig8ge+A6hU1
lDFbpF8DRXsWtZaMM0m/CQoviq0s6up+FaTfBA2NtC5KRHvGNvBd0P2VXwZFFrvfBk3n66DF8XJ2
Uy3+75z5v+6cOdRTxBcOdQQ9hc97vIUHPJmFs6XMkTJPysLChQPuHXAv/NLCpXfPvHtmYRcpK6So
bLWU9VJE1q93v96Fmwo3obO1cOs9u+/ZXbijcIc8x/BP8T8jz6jJucbDucbgRGOy87U40dicZXzs
fNM4y6RzljmP80s1zi/V2fn62fnWYOdbk5NLLc4s53u8NQfVTNAnvkEsbCB9ulGujeXaw6rVc2Vh
519DOf3kukZowy/QZodyihzque1X0k6hPeegfQ7ljJfroV9HOVPketSlCoduNxwqvMi55swTWih8
upD/bMpZIdfMf005610b9VxqKNTkDGp+Dmp9BnX4NyhbqOs56FahvHNQwRl056+j4Dq5DhAa+guU
cCi40aHb7/+VNFJo9C9TsEyu434dBSR2bn/cpckuTXcouN29yvgEdwk/S+j5sykgcXb7y/+aguVC
B4Rf4NJiobfPoFXnoHVn0MZ/g9QX289B2p/yc9CZvj7w6yjnJ7keFjr2CyT3cj1CPlcv9esoxzpH
3Ax1bajN2qKT8esoV+ZuTk3oRq51qlClTmP32kyolfD1Tz+rKuW2c645jf415XYWuvHn9XOankEt
z6bcHkI5wreRvNPAueb2PXd7folyOgl1OQd1F+p5Dgr8nHL7V8nfVfOtmysr81jukMJT+SU3Vvjz
/FEZJ1XHtXJcKn10bxXfjvh5m07llKpxWTmH3bkVyjgd86E6P49pxrNEaKzQBKFJhZ3zUs76kjvT
kWufdI3ILXXWkkKJg9z5QouElglJ/3Nl3SK/a39lrcqVdUrzc67UzZU6uZoHWrs5Xf0g647my9xD
jt1cWU8KJa7yZP3Ik5ySJ7byxFZePde/lf7s4KyTeU3cNayiip9FJ6+DY0Pv5Ukuz+vqtOuscTpj
jE6tJ5XjdMhZG/Mk7+fJOOUVnK6Pfp7z7zzxfZ7k8TyZd3kJV2dNFdp8DjpzXd53Djp0en2tusae
ovQqdOYaW7le/k/WyezCn6+FtxaeXgOrrHd50524zJP8n/e8y0vM5S1w55jEW57k8ry33Xur3Kvk
6ryNzrzNK3Pmk/YrT/JvnuTfvHJnXlTOg8q8qLk074CT58hN7hzJO+bkL61/KgeeMbfOnFeV+aVy
buW5uVjjP99y2lhZH32Zb/lSP1+eky/Pzpf8l9/IaTd5SfqQL/byW7r1/lUOOjOPnytHVbb5HPn4
FNU/Tb+Y6/5FPtVxqEpn5cmqubJ7lRxZJR+i28bV6en4QHN0qJEzxqGmTj9D8ryQ6IU6OXLNWUGJ
nZDUY/+S7eiG5BnsN2TfEVJ7z7v5LODGprsnCPUWkpyg639okJvnIo7dUJFDOkdDw4RGCY1x8nBI
clpoYqGTPyVfhqa4dWcUnt4zTS48nUeLTtvQe6HZ0u5xbrvOzMNn5OBTe5jKPFzk2pgje6Qct05l
fdUvd/891PWB9m2eKxtQhRLnoF+zFxxXeHpPN7nw1L7uFM2qQmfu6yr3aP+TvVlZ4c/3X7sKT++7
qq5lo92626v4xJ1b+T3dq8673oWn9jyV8ypfYiJ/kEsSD/ni83wZv3wZv/wxLkkM5E/8ebznT3Fp
hjO/8mWc82Wc8sX/+Qt/Yb5JbsxfKiRnm/zVQutPz7f8TVX4rS7tcEjnXv5uob3u9eDpOZh/REjy
XcBTZf5JnwM+pz2B6k7OCtR21p5K0j1lQPZzgQZOnwOyXgeaOblL80eglbOmVOoHZL8WkH1YQPZh
gR5OPAZCQrKfCsgeJzDE2RcEYq4d8V9A9iSBEU4+1vEPyB4iMNalCY7P1XcBrTdVSPYSgVIndwfm
uvqyhwjIHiKwzNkDBlaezs0B3U+461JA9hOBzc55JLDTOVMEZI0MyBoZkH1DoMLxY9BwziO6dgf9
jo1gpjPOwXrOvArKGTIo62FQ1r+g2A7KWhfMdtZ37nV15pzy2u6gjGtQ1rxggdP2oJ7dBjhjHlS9
hNOvoOYwmW/B0W5OqMy5ksOCen5S+zLPgnpmmuXku6C2Z4ETu+ov5YOL3XiWWAiKX4OrHD/yZUa6
v9r/fZnxv++NmdXMWq2/rhrrPa96PGkNhZoINRdqLdRBKLvKtavQrUJ5QgVCdwoNEBoqlBC6X2ik
0GihcUKPC00Wmi40S+h5oZddWiC0WOhtoVVC64Q2CpUJbRfaJVQudEDocJXrsSr/Tnk86ZZQhlBN
oTpC9YUaCTUVainURqiTUBeh7kI9hQJCvYX6VbkOEooIFQkNExolNEZovNBEoSlCM4RmC80Rmie0
UGip0Aqh1ULrhTYJbRXaIbRbaK/QQaEjQj95ZFIJ+YRklp1XW+gioQbuvxuf1j+vmVAroXZCnYVu
dP/dQyhHKCTUV6i/0BChmNC9p6/qn/NGCJVUuY4VmlDlOkloapXrTKFSoblC84UW/Zu07Axa6dIa
oQ1V9DafQXpvm9BOoT3nsLPP8fV5h4SOClWcvmYYQumeVwPZga6BWwN5gYLAnYEBQkMDicD9gZGB
0YFxgccDkwPTA7MCzwdeDiwILA68HVgVWBfYKKUssD2wK1AeOBA4HDgWSAWtYEawZrAOVD/YKNg0
2DLYJtgp2CXYPdhTSiDYO9gvOCgYkVIkZZhbRkkZI2W8lInBKUIzgrODc4LzpCyUslTKCimrpawP
bgpuDe4I7g7uDR4MHgn+FPKEfKHqodqhi0INQo1DzUKtQu1CnUM3hnqEckKhUN9Q/9CQUAy6NzQi
VAKNDU2AJoWmQjOllIbmhua7ZdEpTvlFoWVuWSllTWhDaLPIt4V2UvaE9oUOhY6GKnoZvdJ7+Xtl
9qrXq2Fofq8mSr2a92otK0Pdc/4lBo/7lxjS+UsMGfwlhur8JQY/f4mhJn+JoTZ/iSGTv8RQh7/E
cCF/g6Guf4h/uOdi/wP+CZ4W/pf88z3X+xf6l3i6+Zf53/Hc5l/tf8+T71/v/8AT9H9cw+vpVcOs
YXlG1/DXuNozhr/KMOf/45Z5vbW9RXy7ssxzpceT5XcpU6ieS5JxsyTjZjV3r5Uk2TdLsm6WZN0s
ybpZt7pyybxZknmzJPNmSebNksybJZk3SzJvlmTerNGu7jhXX2WShbMmu/+e7l4lG2dJNs56ucoz
JSNnSUbOettzZf4+KYfyj+ZXBIxAesAvpCUzUC/QMNAk0DzQOtBBZlyHn8255jLnWleZdSNl3v1s
5slY1eAvcHj42xsGf3vD9I/wj/BY/j/5H/fY/if9T3vS+Dsc1f0v+OfKOLzqf81ziX+p/01PQ/9K
/988jfzr/O97mtQwahiepjXsGrbnihqta7T2NPt/bN2b+p11rWBfO+Lxnvha+RMH4A8ir6N8qhp8
tl0geJ6VI3i1PVp09lv3C9/angavOg2ou9+6Uvim9m3YbC58TeTbrSA2SwQz0G9oNRW80w7od1D2
SOEzrca052HBheg8R134E8tpzxjkUfib4W+Gv8bKFhxi3wffQ3Aw/DQsP2EPEcy3roPvg851YHvt
EW3uZDWCVzttuNsHvo+reSWYxd22YAvBgNURVJ2EdRPYHTsdQZVfbZ5UX1le+C/Ujvm54EDaOci6
Acs3gd1oZw3wfMFcqyXYiqfUAM8HbwId/eb0VPuYAz8BPo9a0/BPa+TDXbnyU+FHuJ7phOR+2qD8
A/B58IPR/yua7a2rBR+yo4K/5W7c/j09mq5PMWdgQesm7VL42fAb4R+HX4j3bgJvxgPZPCUbnbbg
tXhP422a5bRqLO1UviP8FeB1YJLISdrFaHaEH6SttcOCN9hverxGzJ4omG2PF3zEltYaw+AvBE1w
my3tN8apprcWOINarUGPovkwmqX2nwQX2c8KXqYS7x7lvce5OxP9u9CfDd8GzMTmV+hcbn0gWN96
TzBglelTlPd+BK5FPsT6WDBHNb3pYD9qGfDLFc3GaA5EHld9bwoLS+CXc7eAu/XQ70bdcvBHKyny
nrZqHrMSwvvsLeoNlXsH2OsFv7TiIslSHc9xe7lI/OB+VyJo3oCdLLAJdWPgdPAy+7fcvUe9pGgc
h98KfgnmW3fqGKVdIjgrTU5wxiZfhfK+MiRZ4F3yrBK8twTNR8D/BJf4TghOgb8QvAW83kGsXY+1
67F2PfpHubsbyTYkS5H8h0aIt5by3jtcNBTVjvcmtSOSLPgTRItEuzGIWvOx0BqJB95j7wZV0hQs
Q77eRe3vIvhycDOSQ7S5nDZvpoWLfDKXzQ/xwGXEahD96mAN2nncnqwRiGQZuNpFgz6qzdXYXO30
Wr0qmEXcStvMx1XfLHeQ/jpe6g72xcLF8Gk88QQe+FEOAeJ5B+094Dpm1qt619Zal/lkdpt1iYpj
qundDh4Ej9mbibSjWgs7pmuhAtyMzQpwMzZF0/sbWtJKec8WreU5jrUaWlfi81WwQtGSLGR4nRhW
3utHc7/9N0Ukd6f1Fbzc/gLUedFC0ciiPVn0q4I2NEHSBEkT2tlEnyXIXXrRxDoo/b3bmR32EZ0X
PHE6dTuopjcCXuYbhs468FWwgueKx4x30Kdfpu2ganq/xNqX8NPgp+Gl9TpzJeNppE1IW8GMcFBj
OEt5z3fc3YF8Ec+aCZ+JPJNoyVSJjGycEQG1v+LhOB4gMyhKG/bQHuE97+PnecRhR/AW8m1d+0XB
r3w9BSci/07RC8qMe5EYeEkzA5JtaN6ldT0HmFkNsdNa0RwJX2pPpf1Sy2yL/Sep2wX9L+Bbgm86
84IsvYSM/TnzKE3laRdpFPnmqg/tS7SuFVVP+j5X3peDV2cR7VnE2w5Fqz7zqC+SReSE75RPs9Qb
vinWLmaW3h2LV+/TdhqlaTk6OmlXYbMu43IV+aouOecqcktdcsJVPEv5y+CD8DPhN6L/Pf16Csv1
8UmMPFYOdqeFMZ/sXoxHfG0EG2hLvMeV977LuGenXaEtQf8y3yd4XmstRTKOlq9i1remLw30rvkw
+eFFdBY7dbl7GXwQNMCGaW8ItknP0PyPpC54FzF2Fzlns0pkrdRn9eDuEJ7YHT4r7Q6iSGaQcRXY
yfpan0X7r0OSZX3OXP5BsAtz7bBPdgLG31Qus0nlpi2zyTsQfi3rzu913bHLmVMerWWHyC3fIKlL
7vqU2XdtmuReLzPRaxEnO3R8JQt9w7z4hjwj6LXdDKB8zEXmMvx0S+f4TWrNiNvfCtZQFDubqbWZ
2aRZ6yD9qqftN5uwLu93Mqeu3Z5D5Ks4Pd2pd73b02Q/aTzseENzmhFNu0U0/4rmftrfXvO8eR+9
u8HNt/rE0eB0B31PC5b51PKVvtnsbTTLHefuVhfJP/BB3x/JTm3JAIr3pDVid/E5OVDH5TXdXXhX
Wzt5ova6lY6C7DT07htoXqzo2UP2uMp+VOT7rFsFD1lRxld70Vaf6PlSec8HSJ7GAxtBw/5e+pVu
yynV+BY7bdhZNcaHXXnKFnCDJftD75NY+MDJzLQkD/xex8jblMx8F2vHe/DbwIG27F2N3tgvYDQb
YsdpOauMdzv4IPrztNfen6z76OODgs2srZqX0HkBH+7XdnpnYWG29t2+UL1kZyqa0zRuJb+JNfMb
5a3h8MO15WY+I16XjPeDm/E03s5Xa+al2kJZc7XXtenXZ9YO4a+23hd+gUo879CSdiB+8z5ES7bT
u07wISx0s2T3bnS1dM8wRXlZ3dRjO9BsYl4g/Nc85Tj4shPtWGhvjWNcFG+zNSdYtPASnrgE/fnW
WubI53hMcRzy77HQCWsj4O9BvsbeSZt1XhTrPlP2k8MFp+q64N1idRX7d/iukT7+RK1iK8LY6VwY
QN1u+GqOrd4o09GRaFT8i55WPG9Q63LfHeC1YDMwA+wDPiXo7NgDaLYBA77mmjOV937kYjMwA+wD
NifXqf5ErE1EkoOkv61ZOp266fp0wWZgBtgHVP32aPZDc7mD7DkHYmcgLY/Dx12+GZgB9gELyEj9
xGPXc4JIYTOFtSWOTetljXnsFGCnADsF2CnATgHeKFBrZjfVNHPBPrS8HDvl8Gvh19L+y31b8IaD
Tk+30CrQro7NLdS9FlT5g7acjg0/eIF9MxnpJnKg5A0jF/mfFb1r4cN2V+a74jwkW9G8gJ7WtxYI
lihvGIpmD/iBYFxrmbUUZc3SurWptRz7B5AU6dw0CuwOxLP6cJJ6zNdFe+pbrWj9RWtZP+ju3d6v
vG8s+5n2+HAkvjXQ70Ldbczodpzg8uzr8dVAvDQQLw3ESwMZqYF4Sfn3aM896Jvwl+PnuKJ4j+i1
czVK7d70QlYK75+tlSKp78atE5kZRKMTk82Irgw9dTKmjZEPxGYKXOKiroxL0oahrzr1dNQkHprT
OwedeGiOTjPuPoXkKVr7e5l9Y02ZlamY9RYo+/YTH+p7JPNZfRdhrrf7iyc7ara3BitvvgY+jXyu
fa/gc6rpRV92C4LWpdS9TdEXRfNdWzxmrdX3ReYuLPTSdyZWTe6+Tq0XFNMuRl4HCxXgPPT7c7Iu
0RE339BMbu6Evxm8RtFqqOdxqxHn7vHov8OYfqJoP4/ONcpb9VTTfIx88jV8hLtXcPciRV9XLDhv
AOaBPXjW9ZoJzef0TYjZXddc85/2O4LjOYOs1nOBuUZP9LLXEh3vRPsPgqWK5igkj+jOwT6InRVg
GfgP8BPs7AE3gsOtk8hlN2UuVbTfhS8B3+S8f5TT/evsmTmPm2+5vKGoOz2Ls7nF2Vzuyvria4//
42hywrU6+h4QXImFrx3UuoJlSLTua+g8i36FSqwKJOxX7WdYJZ9hp/oguJ1d6EfsNp/jRJ/SPadE
js7KEE95Q3OpXRcLdVXfHgk/0uG1rmAZErFg/1HP6WkG7TftOoK3Y2cfrbpNZ7T1Chb8LqodP3b8
+OEVWv6K+sHuqHza731/BkdoDGDnAQfx3nnYn6c9NYexu/vYQd25Ca4DXwUr0JFM5buJMR2DZndb
TiX2NN+lYu06Pb2ai1VuXeigWhB8FawAc7R33OWEbq5RiVlK3b06+7w72Dk/BE4FV7GTHM0591HO
uX9gjzSRnQBvALwHdddnzMbyRfCb9FRuZtspnSPIr1E71m5tv8Vu3BrsIPLBtHYwrR1Maydqq6z7
9Dzu+zu1PJo3zPr0nbO8GQSXsh94nR5N5VT+FLuvDdhv4SBPacFTWvCUFuhvUK9aj+qzfG3sUaB6
fhG1LnAQSS7eOIrHjtmfE/OdiGEHNSZb6ulb4k0kviKb2IAP06MHmDsPoP+x/RUj4qB6uIGexC1L
JfYA621aqPxo+Ato/wVIahON08HedqZY26PnaPsG30SRbFG5PZO73RTNt+C/Ux2rFufu1eiUqb6d
wQn0UrAP5+hXOEEfUrTr6q7MHqm1fNk8pQs232eufYbl17A2BvTrad1azN0XmE2Z4Pl697xMjfn0
vpzFTmo2tgdqHkt7l1zdXXnjU8717ZlTFcyX55xZjMSHheNqM72vNUtq1SLb/6gtFM/r6JzQs7bk
pbqMy1WgnsFncQb/q/KieRVYl5l+FViX8boK1Lov+DQP7KINvOWwQr76upaRndaCD5BDGutp3fpC
T+jWQkVZ7zS61vteIM51jq+Gr6AXz1F3F5nwDZX4Nmuu8EWRvwsOIj/som4v8Ou0q8FxutKpxE7T
iEq7GP064AvYJH+ac/UMbt2sZw3rHjCTlfcO+zmi6wi86Pt6I7+HM9dbnPIGMtf+6avLGidyu0RR
5qCeid5j1/SNalp/IA+M1b192gzm4zEdR19PRvMZlfhustU/9fU8KxGuOY23iMZzimkzdK0xN+vs
M4fpiVtQe7EYfjGze7zyUtdBvduCu5cysxz+AW2DdY0+RdZQOYVZnTmLfaw5yixTlBn0KivmEdZK
PR8N177YG3Ul9YXIrt+y4pdyjhjKSe1HPadbvBc1Z+sJ3XhUM7wvom22D5ITVpBd78ED/1De2ANu
5G7QVwPUc+5wjSIZiz268nK3BDxInnmTWrxfNS/Uc7pkpNdo+Wua5XwS89ZvGIsW4ABGbZSl+fY9
8CR9/5LRaYAOJ3rzKfAxMB95Aee1Mu2pdQuSy+HbWh9iX095+M37Kd6ojjcu4fQ9Vk/u1oPWAWnh
YGrdpvsoey/Rstr6HblI+/sWdd+i7m1ES308vx8cT3uWMXYXc1p8ghF/k1VmLmOdjeRVPSlYnD2t
Feh3x9rrivYW+EXkdh98Cedox0IncIye663PmMvn677UytN22rY9UzMG7ZxBtCxjT/iwuUbke9ST
vn9olMpKpDhO0fqnpePyAnn+QeXtr2xd699gtfocnaFkwp/IkwO4W1vR/LOukvYEbaHvdjzwGa3d
pid9q5qe9M37OC9/Taty6PWl9Kubtsr+AA/cgXyh9sJcZcm5wPqL/v5ozTQ/oQ3C+z7G/lb0BzPK
g/XUL3GuT/wI+eXwz7o6avNxPfX7PIrWbD37WwGV+4bThqfQr69nf+MQ9vuBAeRfYCFPeftp+Czn
Kbyva8GsZH30fYqvloHseM2XwVGgMx8vYL+6HH+a1qfCN9NVyVyN96bxjrQ2T+kJdsFj68kMJ8hm
x/DPY+DNxFhLTkPLwHYufy3YDMwA+3BXTjf2E+zVD6D5J/ANe67Y7wTfApzoYjMwA1QLN6PZgLPk
wyqxHkZSB8lBzrATOEXOBvuAmzit0x7jRc50k3l7cETPXzLXpJYxB80jPPch3fFapdgs1brWI/Dl
Ll4LNgMzQG3Jt3rql7NtP/FkC/q4RH87Nv8Lm83A/uC7era1mmLtMRevBZuBGdztA4rHrA/Vsm+l
vucUnCMW/katxi6qlxZiuYd6Q/yci8cUn6TvDfSNgfRCJPZn+j5BnqL8DvjGPL2xSqz5tK2zovmd
JSdos9h6R+eF/TiZTe8e4+73YATJQ3p2NueDUZXYXdEfgW8vBY8oSmZYoKszfClYrrXsE4rWVmwO
VLn5KJYbggfID49ZiwT7crctHp4NPqU66U3UA+n4wX6Sc+V3rJ5blU9LsobO5+4TePhhvHcd+Agx
NhULTdRm+kLdEfkmc+p8S8/g5gg3tuW8bL7qxqe+c+DNhvGo8mJnICM+EA8r31bfP1jDecostSP7
xpYaCcRtPbAx7XmOZw2yawm2VjRz8GcJY7oTjKL/MPqN4Icz+r1U4musEWI/j/wa8CLa+ZjyxtdY
+JPvTvCwjh06D+no+7pydzmSztichySflg/H5++q3LfS9xva/Bu88XuZR+GTsgp4mp7U9xV/PfmK
4EvgM+DUky/CtwTFTmo58mngFFfzJWq9BF8KX4rOZPjJyCXPp14/uRq5Y3M+/Hz4GTxrnn6FcvIz
eMUkuOLkNsHfwT/j0f1S7KS+C80GHwGHgReCJrgNHKforaXoSSFpDXoUzYfhS8FF4GUOn9J32nuo
exzJTPAuas2GbwNmovMV/OVgfTCA/CNwLZIhYA6SdNrzNRIDyXIsN0YyEIwjd9ocpz1L4AvAeuh3
Q6cc/BF5T/hj8D745qlsfbuY0vyZxXPpkWedSrz7sXMD+k3ALOTTqeu0BH3vVnAakliqvcY2fFB5
40LwfvA/sP85/CDH28p7NyIpAkvBRSnNAB86o4bOFPB97s7kKYuc3sHXhV/I3VZOX+Cn0ea/K++h
rpex8J7g7hfYvx2+SUp/Z7mbu0OQdMA/6eBAJFlYaJ3qQU8LaJug5wT8VHA86AEv5O5/waeDtRTF
55IHjI48/RaQ9hvv4vOLacN3YD2e2B2euDInglfQ67bUQtPokpI9j9fpUcSJz1QN3SUiSVNMu0jR
N0XR+jvYUf3j+0/k6cqbS904b0/0DtZffp3oTenvX9/DP5VqLPzRVDv60h5vlOuMU5TnKj6JZqcT
2wWb0ffslJwgjN7ww+C7nliPpBrjWE1PE9wdl7oSrKa/6SPvjDxPa3l3ux5WfpveNe9BMhEsxfJY
arVFEkRzE57/DDyO5DN0+qe6M2rKl4DXq445Bs3Pwa+weZXTI/A6Z66l9N1aF7x92J0j4iXjb84c
OXFc+OFE4GsqsX9yMoZKrBTyL0/wrQXenpbSd+x+5GXKG/ETeiKogbW/4O1P0RyJvERRnqInNbKH
eT51j+H/6ehPY3Qup9aPJ/T3hZop/YWiAg8cpnd76Z1Px0Lk1YjqavTlFmZKNWaTjtF+9Pervgcf
evCh2d6NbbWThv63aN7NU8bCjwQHuqjyPtj8Cv/Xgt+OHafuH8EH0DwBrk7J6mb48cYbeNKZKc3o
3b5UTcFD7ih0FJ7ZIahv7Il/79PgRtDAM6vUz+YNqi+oEjKt2RU7W8AZOlu9rCzeT8gk24n/y1OX
C+Yhn478PZV49iKvAVZnjF5y4oEx7Y3Nhki+BLeD+1IVjJfs3LwPosPa5CUneOcRG078kIGNlsgD
2N9Pe2Yhb6UxaRFv1h6tZTc5KZ4xnfz8kbbK/EY9aQ2HH05/87H2g2NZvSGorT2fu5cirw06K8LV
6C8g035Gm9sh+RZ0cg79MkJIPoNnVTIc35KFvKx03peR3AS2B7Fj3JaS3ZpB/jEvQXM+yNptbAbv
Accjn6S52iSzGW8heQqsAN93fM64THVaq7z1CvwoahU7ayWR4COumoM+au2B38rdtvCvueOuPGis
ddZZJB8hyQb746sNyLeDzyC/FnTWl3hqk7SfFcH7IJICsAZzYS2ryRHmSB/wRuSb4Z09wAWgs3sJ
Y4cV1nDW6PrOmoI/e6DzGetILWd8dQUxGqCz3FmRnbUS3MUacSvIDsqKgqzRNiPuY99lOiPYhz6u
Pam/SXVxZmuqm3rJGTXnLviSm6N0BQmQu5aDxc4YndjL7NCeHiHDZNLfDPgM6maSPV4HPyJ3dUIn
J3U92VXl6cjrIDfIJ89h8xmX1zzG6iwjotgN+92oVRtJbTT/TK2XuNuY3FWATgeeUsHacbWrU0Au
Us0L+froWd4hP+s7pvOUr2db+farPvLfsjN/ka+eevIV2Y+2fqnyJV/rfcLXJg/w+5cJn+LrVof/
yKdv1wf6Wnj010ZBYz/v6L7jdzR+WTPqKp5cYHQSfoKtb8+qW2E9w1pLBKcrb2yy9DuWWYpmmaVn
0vWq6dms6B1KrR5IdijaK5AcBvda+n6yoWtTrQ3jLU0bx5rq+G5Fs42isR2sbdUTXGjqNySjTf2d
pTp8V+RNFM1m5k5sCu+ZDf7k1FK0tqGTDfYwn9D2Y2GuoveIfqMuLalHSxTTFe08LMwDc8C3zXm0
RN/IpZsTtSV2X1pVpHb062uxrP+1yAhTzq2exxWNYVpL/NNXW0LduegvNd8CF2u+Mkux/xrWRN9a
wLN6gxNU7t2qaM3BwiZFuwF8DJyCzVXwXcHaatN7BH6Ni9qqRdgZz7MOKpp3IjcNr6K+X/IY8Iah
XyGa3hXc1S/e/+jV7ytixgTNWsaj2mZDf7mepbz3O0O/M9xq6Pvtx40SwXGG5GfvVarvXQRuAK9U
NP+ChTLjMc3Vhv7i/4gZBR/TXIqkLjqreWIxtVbAB8CmRrrmH3QuN2RvY9Q3zlcPGPorZw/lvWvB
efp/5DRyjAywjs538F5wEuhXNBtjYaDyRtxooPPIkCg1ksobtQ05S3qXIF+OZgGa9ajbzau7NQNr
5d6/6gz17tc57t0nfBl8La9+IWkq721utEJH1+h+VqbumvSu1wYnGLpDq2ssFcu3uXYUm7j8dsE0
Rc/3WJsOtsJ+lvef+FD8Yxz3jtJxQfIllqehk6boOai1PD9oS2QkZMalyizJridr6rsF4b8Qvp6e
+lNldjX49shfVd7+VGLpE9/zgqPAzop2NUXzv8B5SOqC1RWNRuAc9PujM0DRl0KnGxjm7o3wD8H/
Ac114FHkHZG/pZjWBX4o2BSdLfA3gx2QfAD/FPyTYG8kM2lPTdB5rg1fQat6IFkLbqfWCfidYBaS
JPggEvprtaXuBHiLu38Hv0NyG3wf+DSeNV7R+wO8472PsTAGnduRb0N+Nfwa+PfxA94wXwHXgy2p
9UlaTH/7cMZFebsaeIkzOvB1wergTc7oKG+974yR8uYAsBgchrUSZ6SodZkzXvD3OiOF5jrwKPKO
imldsNwU+Rbadg369MV6wvEMOvfAm45PVGLcR3vq03Ln7k9gX7y0Ar4InVrgXmptRd8ZxwbghbSW
sbbxku3EgNPyp0GnVZ/ScieGv0XzPtq2DPtDQCfeBhGBtM0XQZNnmR+Cq9C5ExyMZD+8XzF9p9pM
J5J9V1A3/t/sfQmUFUWydmRmVeXte6uyGugGRPZ9E9nBZlERERABEZB932mgZVVEQURARFREQAcQ
HVQERB0RFRpEWQVBZBMQ2fd9l0Vu/5lflf9A6zvDvJn3zn/+M/Q5X0VGRmZFRkZG5M0q7kVvkJGN
wa8ITUoE6wXWO4FWKyGTBP5htC0EGr2Jk6DrgH4BdBR04FHD0M88zEIc46oFXAzsAZwIyfZotRA0
PMTpi7EH6/Eg7jsGdAr4pyAJa8inQHO0ag56YODbuPuHgZ2B+dB2FmjMF4f1nOnAt8EJYsVrwXpB
D+Uwy6uAWaBzA8h0BmJN2YVBY16sRsAq6KEZ6HbA+pDZAtyL2t7AgF8MiBjCsZatucB66P8b4AfA
qZBBPOQz0eo4fPg0OJgLjrFYnwKxZq37IbkAuBU4H73dBfoSZJoC24KDGOtA3kEskq0hj7hqOaBx
Fwdx1boIxBoRZ0BjRPYQcBA/LUgKWJjDA8V+0Fhl9ueQmQ0MYtqL4AeR9isg5lEEVh0NRFS0D4Ce
AkyAVtUgCS8SWBcCGgpkB2sQWgWesAd82EEiAthNwE8HH2tQ1ABi7TsfQ+dUIDzHwigszKwFq/Jg
FMH8Ijs4iLRWMF9oayEyiOBeXwI3AQMvCiJMEAmDfPQSdENOsYK8Bq8QHuhkIFaKE0Tmh+C9r8Bv
E+G3O7HG0Y+FVWnDzmI9ahHhrVLAIA5gfm34s5gMfZ5E/68C4QliKDDIzvtAXwWi5wiiawQ625+h
FVacDGLaHPAxOw5qreVoi9go+hmtiDJSgDmBH5mMEzdPGIcBqxu0YwbFEeA8cO4AugZ5QeD7kO8A
mU4GnThkHgT2RG0t0M+Afg6Sa4CXwb8H/MUG5X2gewCLQ2Yz6IeAVcFZB/o10K8AW4AzDfokAoP7
2qB/g1Z1wVkN3IlWN0DvBhYBpx/waXAwXqsS2o4DbaF2PfACOA+Dbgla4l5jDbJfQQfW+wk9jITM
I+BvB78c6FWgv4MdYA3xEXAtsAzaVkRtHuAD6Afy4gngYHCeRW0BYH+0qgA++rdeBnYECtx3ADA3
egj414Ct0HYp6DTIZAEeBW6DfGDPvMAcuCNsbkNbO5gL6GC9Dgw0+Rm1gS+dAw0drEXouRswmPcu
8ATo5vSCJO4lfgB+C5k2wK7gnACtDEYwmxF4lFMCbfugN8jIxuCAH1kJThLaHga/EGi0FSdB1wH9
Augo6GAeJwLbg7MQNObF6YtRBB5+EH2OAZ0C/ilIYlzyKdAcrZqDHgjJD0Hng/ws0LA2x9id6cC3
wQlWHFaB1QB0ZyA80C4MGtazGgGroFUz0O2A9SGzBbgXtb2BAb8YECuOw/OtucB66P8b4AfAqZBB
9OAz0eq4QXYaHNiQQ2frUyA83LofkguAW4Hz0dtdoC9BpimwLTiISA7kHaxc2RryiEKWAxp3cRCF
rItAeLI4AxojsoeAg2hjQVLAkhx+IvaDxlqwP4fMbGAQAV4EP4hLXwHh1SKw6mggYoh9APQUYAK0
qgZJeIiA9wpoKBBLrUFoFcz4HvBhB4k1YjcBPx18rBRRA4gV6nwMnVOB8BALo7AwsxasyoNRBPOL
WOogLlnBfKGthfUrgnt9CdwEDLwoiANBtAmi90vQDRHYCrIAvEJ4oJOBWAVOEBkC+cCSiHVWKSDW
o4W5s+GrYjLu9STavgrELIuhwCBP7QN9FYg+I4hsEehjf4ZWWDUyiCpzwIflHdRay9EW0YkGiRya
Po/3ZxzbnDOkmzMivtOc4Yhuwjx5b4JzpHqonWHbmpMfb59OxUkaNxx+DPwJ4K81knTYcFh/8Gsa
tDcZtHKBfxGSaajdYtBpCroJsCL6PB1I4u4tgOPMtwcI15yb8RHgtAVeMe870XuG1unKcHbiPG0B
zsSScD42FLWzLHP+Pxuc/KjtC/mNwFXAg+Z0S6M5KyuIs7LsOCU7Kr4wkoZPGcY+LFt40qXlaZ/d
19wrtJ7BK+gnEtRa04z1cEq2Aq1SUTsDJ2kXDcbTMi5rTuMM8xZTeoY5sWyBp/8bDc1Kg26F2tqg
l4DeDslhhmZx9FAUtcvRahvorEFv4OyPmxO2nCHf9FAW2Am1Fw2fXQPnabQqDMn3QJcE3wHnXtBj
wE/B3Rejh72ofdLQ8SYGrQbBKMi8i3vF0MLHXQqCTjNooU+mwFkL+Z0GHQu10EGUBHLgbshEQLug
JxnUs2U4W8CZjTvOCGvvAMfUZge+a5DOgu4GmcGhngb/Bn2+B90QOqyAZBO0mmPeT+Cd4ovNyW3c
nOLWDfU3fj4erUZAcrmxto51xuYYC4ujt1roLX/QytTyVPAT4x+YGQSugs4HDa0tUMXkx1Bec1j9
+HRERe05TuAbKah9NW7OXXsYGZEdWNGgTWTWb1nIvGFa8XTDp7O41yQzIj0KrT+1Mj1rDzErsQ20
SjY0H2d6tutgXEuNzjQekk3jJlY8YPqnkaYfugbdKpq7sIKm1mqO+x5H7WFYbxxwBN70uAg6AjoO
mU2gVfxtaDgP85WE2USMIt+cQGLUp8N5MfyDwFXQcCZ6uA9eBG/Xaziwv5YRyzIGmn1gxkmNN8L5
ikIfc6/8WEdXgLmB44DSYASzJuEtelUTdobaB5zKplbvfOaZc/iMa5i7T4HzsNZM2zsDTQxNu+AV
lzKOGX+GD3TCXdLjy2ATnLEH6xT2aQgcjHHtjTcxKzreDZLd4DPvIt+ZPisDt0Fym6nVUQ/WC23e
DW1N7bfAL0N+4BXv4i5GJgW136O2qNHN+gSar0H/9Y1XWJ+EXjfU9GZqnfnQuYUZhd7lLjMxBG33
B+varBpduxC6mSi6xdBWrjieCxhJPbqF8JZABk8uDFqXg1Uf6rkQmuzGqBFp44+Y+YLO8419tGXS
0I/p4V6MqzY0Lw3cC087GvpbGmy4BfNiehgN7A/sAWyJ3tJhjY3gvAk6D1qNB90CMzg747qxCei9
1AS7zYWItIYzAjacg1mOQ6tVoa/asKFpOwv0Nqy706atPRmeU93IWydNW/1ZyazuDkZeZ1zjjbnQ
/4xwBhdiXgx+GcyI8XAdNwxnGNZvX4xoPlb6hEAGvT0ZrFbwOSJYTapueoM+RQM9UZuGiPGk6cdG
LLXLIyJNM99bpde4+d9wB6gmdkqaL0YZPxS/BTEcnHnmjtqvrsNDfKzxJETjJON7sNXS+AREV7Ny
6+MuhB4mQJ/0MF+UN3sSGg9tNW1th8x5HcV1NDP969xh3sZvAwt/GcS0MIbUQZ4yT11PZ1Q16xoy
FzHG3mg7CpIHwVdmvhxkKx39jC+9hdrcQa4xo+anuXmrc2mQZTAjB6HPKMx1O3hLqlkLoi44lQ3a
eBNP7/e2wEu3wGMNJ79BqxZywXbM+27gKOSC0qDnIZKXRVRfCsmBqL0PtVMRhxeFGpootxAWW4hR
WJiL/LB5Tmh72uim/WQh/BPeG0SMMIfq3ESToVtNzMgc5L7yqG0TPHlHnAwwPfBP4FjEZGR/vQsk
rLi1GAvyYBiRjJe2g7awA5sQf4vMKUcaas1q9UL5d+HnW4BpiFrwanDeAqc29B8H+aKGk1EpYz/m
tAnGYp4+z4Mdcob5y8zFrmAssNLjaDuCzNO0TtBqHZ469TH9ZFw236+lsZOWfALnWkdxEoXTvwie
uVDUyGjsZM6dwIEPx6fY5m3Pyc4l801ZoIuDzgO6EehioB+y0zUOdXZqfNA8Q4/3Mc/fde0Y8x6p
Mw+04bQy/y8yXgzPv7rISuhZ79DiDcDPrudK782crRrr6FVrvtvtJ41TzRN8qi6bme8Tc8z3lU2W
k813lJn/Wxf/Wc423zhn6BtXDR1f6ugZiX8gz5hnrDIH8Ip5i9U5pPHdgDbfL6Hpq6CNzDvgb3aM
zt855pvf5jrmbdsjsj7alsE3la3WOBjYB+NNA76B0fWzV4BTQeNLjt6xx+fIwmg1AWj67wvsB3zb
uaBxJrCfU9zogH5eMv/LJj4B9ATnRY0vOylGN9kDoy6rcZVsp3GTo2NIhi91To+PdIpqXA3+TEf7
Q/ywbA6++ca5NdJ8e97XznLImz3wO475HrnDEd/YxylvRi07oG15tDX0584IjdeleTd4jPl/nfH1
5v9wxYeAXgK6n/MoZvlR0IWB0lhP3gu6BujeoAuAbgQrVTf3gue8A+zn2JiLFrDPWXBOmVHDi/o5
icAKmBHTw+fAKdLMxSBgV+BTwClSoDcBejxog3PtH9H/ZsxvBvQx30c3wFlkUJpMdBfeqaMbp42k
eeNFo7FkH3BaAlvdMLq1jKcC9TqNP3dDZ/x46xtLNbaIdwL/RWCyaRuisVtrYMv400DTf+cbE9H2
APpfDc4icD4DZydwD+77lcbycY5+DJa7sQO151F7VGM+8FvGC2AtR9nkhAYkOj/VP5WSuvfv2ptG
pnYc2Je+NFnrsSa18usMShkZlJ1ccig3FaKsVIYqUQrdTw9TCzKxrgl1oV6URoNpGI2ksTQhbOGR
pDxUmLLR3VSZqlEtakAtqb2+72PUlXrTEzSEnqHn6UV6Bb/hG7RSFNHxqoiO6WV1ZqtOD9Aj1Io6
EKem1I1SqT9+cXgUjaNXtbSo17hxXWrQpNEj+alb0yYP56cZ6Ccnvo87n473RSmZylENqk11qSG1
po4kdJZvRt2pDw2gp2g4vUAv0WtoFaX8VEz3Wp6q6uz/IDWiUjQRNXdQoq4tQLmoOOWgCnQP3auz
bz1qTG2ok9a+NDWnHjoiD6ShNIJG63z+eqhHFopRQbqTSmi6It1HD1F9epTaUmedee6ix6kn9aNB
9DQ9R2PoZZpEb3QuP6CzGAEcC3wVOBU4Ezi7c8fUgeIT4CLgCuAG4Hbg/s4dB3QVJ4HngVeAcYOW
BYx27twnzUoE5gWWBqYA6wKbA7t0Se3Z3UoDDgYO69K3Xx9rJHAscAJwEvAt4Ezg+936d+xszQMu
BC4DrgVuAe4GHtUdd7TOA68A4wZtK7XvoD52FJgIzA7MDSwILA4sk9qvc6pdEZgCrAWsC2yoRfrb
TYGtgB2A3YCpwP7AJ/uZ3p4FjgKOA74KnAycBny3X/8ufe3ZwPnABWmGvwi4DLgK+D1wE3A7cPcA
PVP2QeBx4HngFWDcoOMM6Nm3m+MCswJzAvMCCwNLDujTOc0pC0wB1gY2BLYAdhowoGw5JxU4EDgM
OAo4HjhJY3lnGnAWcB5wATAduEJjBed74BbgLuBB4EngRY0Vnd8MSg6MABUwCZhLYyWZH1gUWBpY
HlgVWHPAoE4DZG1gfWBjYHNgG2CnAYPSBsgewL7AgcChwBHA0QO1teV44ETgVOAM4CzgHKD5XMh1
7En+J65Cr+7cOtL9dyi9t/qHaOs/R8fSCL4M/d9TslAKaEb5/4DqNlHo6ObqSP+vUYzy/ReY7bZR
YEYEMgkjnLchw4U7VordNma9bcz7B8xy21gA+lq4spvQaH4zz/+HKHTGyqEz1D9H5QTFdW4q9E9d
C+vc/M9ci+qMevtXpvPrP8YSt4H/2G6Mct0GJt4WVtDZ/0m995lKs/XeaQ1tp6N0hUVYTlacVWV1
WQvWgz3JxrKpbDb7kq1h29lRdoVHeE5ennfgE/gMPp8v5Rv4bv0JPC6UyCvKiJqioWgn+opnxQQx
Q8wXS8UGvX7N/SKBb4u+mcojM5UnZSovzVRedlNZrxux/6ayo0NGGZLspnJ03K1l98qt7f0Gt/af
9Mmt5eTmt/af3CtTeVgm+RmZyn/LVN5/azl72UzlZzOV389U3nCr/rkv31qfN+ut5SJjM5XH3VTW
67bI+Ez1u1HmOopnDUZYbF5wLZ6GGkvH0Ow6chQNuCVKh9fK4fW+8Nrgz6RLqfCaM7wWDK9lbtWi
1LxbR1m6xa3l8rVulS8/7dZypYK3liu7mcoqU3lOpvK8TOVVmcprMpVP3lquMvImr9NEyqhM5Uyz
mjI7Uzlz/aJM5fRM5aW3zmqNRRqVtlRn9gZ1Y9OQZTrpP2KT2CRzGmQna575zWFhR23X9owE40y3
xW8cM/zGsZHISo77iu+6E/yo7/gRzXHYKXZKy51lZ7XceXaeOLvELpFQY9QYstSL6kWdqY0HcfGg
qGs04lm5uV8i2TpOZBPJopQoq8u28ITOpSJRJBITSSJJtygpSpIQd4u7tfaMldEjyq4/VfWnabSK
9tI1lqRHEtFjS3KnEHcnuFM1vuK+qfFVbYNEnSPy64hbVn96q+6XIcETtd534+r6ZfU1WZfL4er6
uYnrUl6Nrp9fo7GY8ftcVNAvSkKPN+oXw9X1i+trRJdL4OreJFkylCwVSpYOJe8KJX/X9zXoOxH6
vg59f6+ZhJo3UDP55ho/ERpmhYZJ0PD3muyoyYmaXKjhJLn+04s3xs3/KEnkujVP1pYX7nj3ZbK0
dg7pOdSzKHU/jJvn0sGugPDbCh0xp4TZZOwau6ZnNoNlaGvZ3CYL/dro10G/kufiuSjCC/KClMCL
8+IUFfVEPYrZqXYquXZfuy95dpqdRsrWn1LIt4fZwyjRftZ+lrLYI+wRlFV1U90om+qhelCS6qV6
UbJKVamUXfVVfSmHSlNplFP1V/3pDjVQDaRcarAajN/seIpyq6fV05RHPaOeobxquBpO+dRz6jnK
r55Xz1MB9YJ6gQrCJwvBJwurl9XLVET9Vf2ViqoP1YdUTM1Vc6m4+kh9RCXU39TfqKRaoBboMLVQ
LaTSapFaRHepdJVOZdRStZTuVivUCiqrVqlVVE6tVWupvFqv1lMF9YP6gSqqTWoTVVJb1BYdYH5S
P1EVtUPtoKrqZ/Uz3aN+Ub9Qitqj9lA1tU/to+rqgDpANdQhdYhqqiPqCN2rjqljdJ86oU7Q/eqU
OkW11Bl1hh5Q59Q5qq0uqAv0oLqsLlMddUVdoYfUNXWN6qrf1G9UT8VVnOr7ZpvwsC98QQ0w349g
vhtqX4lSI+0rLjX2lfaWR/1E7V1N/Kzaux7zk7R3NfWza69q5ufUXtXcz6W96nE/t14jLfy8eo20
9PPrNdLKL+wXptb4vYw2fiW/ErX1q/hVqJ1/j38Ptfer+dVw7jFSr4+R2pN85tNwlovloRGIK6NY
K9aGXmCprA+Nxe+lj2NPsIH0EhvHxtEreq/xJr3KzrFzNJFdZpfpdXadXadJJhDRG9zhDk3mLndp
Cs/Cs9BUnp1npzf5nfxOeosX4oXoL7wEL0HTeFnemKbzgXwQLeVD+BBaxofyofQNf4Y/S9/yUXwU
reBj+BhaySfxSbSKT+FTaDWfxX+iNTomKfpNVBQVKS5qidqUYXyacTFdTGfCGmi9wyy7j92Hlbf7
2f1YBfsJ+wlW0R5gD2CV7GfsZ1hle7g9nFWxn7OfY1XtX5yJ7J7om9EP2Jno+thDLO42d1/iT7nv
uAf5x94c7xN+wVvpbeLXVF3VUERUd9Vd+Kqn6ikSVW/VW2RRfVQfkVX1U/1ENvWEekIkqQFqgEhW
g9QgkV0NUUNEDjVUDRU51TA1TNyhnlXPilxqhBoh7lQj1UiRW41So0QeNVqNFnnVWDVW5FPj1DiR
X01QE0QBNUvNEgXVHDVHFFLz1DxRWM1X80UR9Zn6TBRVn6vPRTH1hfpCFFeL1WJRQi1RS0RJ9bX6
WpRSK9VKUVqtVqvFXWqdWifKqA1qg7hbbVQbRVm1WW0W5dRWtVWUV9vVdlFB7VQ7RUW1S+0SldRu
tVtUVnvVXlFF7Vf7RVV1UB0U96jD6rBIUUfVUVFNHVfHRXV1Up0UNdRpdVrUVGfVWXGvOq/Oi/vU
RXVR3K9+Vb+KWuqquioeUNfVdVFb3VA3xIMqQ2WIOtoBmXjIt3xL1PWlL0U9P8FPEPX9mB8TD/ue
74kGvv4nHvGz+FlEQz+bn0008pP9ZNHYz+HnEI/6d/h3iCb+nf6d4jE/j59HNPXz+flEM7+AX0A0
94v4RcTjfgW/gmjhV/Yri5Z+Vb+qaOWn+CmitV/dryHa4HMew36qImJtKZP7WFvWVrO7sq7ErC+s
L4jLiIyQiIyKjNKr5z/R+D/R+N8Tjf/ufbngfWbHzllP59B/fOw/PvZv8jFm99J7/kRWkFcUdawW
lJtSqBbVpybUSn/q6KX370P1fmAcTaS36F2aQ3+jRfQtraVNtJP203E6r3f2xBzmJiwlkfBVwqKE
r3FdnLAM1/SEb3BdkrBcXxdpagWuixJW4ro4YRWu6QmrcV2S8J2+LtZya3FdlLAO18UJ3+OanrAe
1yUJP+hrupbbiOuihB9xXZywCdf0hM24LknYqq9LtNw2XBcl/ITr4oTtuKYn7MB1ScK3xHXtGo2L
EzZoTE/YonHJv2CRnzHyrxJ2hZb5JbTM7tAye0LL7A0tsy+0yP7QIgdCixwKLXI4tMiR0CJHQ4sc
Cy1yIrTIydAip0KLnA4tcia0yLnQIudDi1wILXIxtMil0CI79fi/SjgIixyHRc7+ixb5NbTIldAi
V0OLXAstcj20yI3QIvHQVzICy0QpsEyUBZaJ8sAyURFYJmoFFonagUWiMrBINBJYJJoQWCQaDSwS
jQUWiXqBRaIqsEjUDywSTQwsEs0SWuQyLPKb8ZSoYywSdf81i0SzBRaJJgUWiSYHFolmDywSzRFY
JHpHYJForsAi0TtDi+QOLZIntEi+0CL5Q4sUCHwlWjC0TKHQMoVDyxQJLVM0tEyx0CIlQouUDC1S
KrRI6dAidwUWiWY1FonmhEXyGk+JFv8XLXJ3aJGyoUXKhRYpH1qkQmiRSqFFKocWqRJapGpokXtC
i1QLLVI9tEiN0CI1Q4vcG1rk/tAitUKLPBBapHboKw+GlqkTWuah0DJ1Q8vUCy1TBhapCIukwCL3
GU8xv+Rs9MYZXQsqwTbxt0UD0Uh0E91FL9FbDBCDxBDxlHhGjBUvinHiJTFevKw/u+wXB8RBcUgc
FkfEUXFMHBcnxElxSpwWZ8RZcU6cFxfERXHJG2Z+Y5FtZBv1DWaY/58vHhYPExcNRUMSoovoSpbo
IXqSI/qL/hQRA8VAShCDxWC9E3hSPEkxMUwMI1c8K54nT/xF/IWyiUViPSV5T3tPk55VvQuJWnmt
fFZ+q4BV0CpkFbaKWEWtYmZkWqNLOOtnlPOms4m7zCmXSDUSumWxUCL3TRJlbqrTq1mkammykizz
zcLFreIUC++bZCVb2a0cVk7rDiuXdaeVW0v8/b7mCYBvZbWyWbblWNKKWAlW1IpZruVZSn+ESLSy
mOcfemzDtQqmDbdqWDXJte637idzAlOZcor3xWwxT3wsVoiVYpVYLdaI78RasU58L9b/mcXNiZp4
T7yne/xAmPfH5oq52t7zxXw9jkViub7ffnHi//b+npaaq2sXicUiXSwRS8XXYpn4Rnwrlv/ZHKP3
98X7uvfZwnw/yDwxT/f+sfhY975Cz4uFcZjey1DSn/b6J+OAzfaHNjPtbtO70M54g25n9+UL6Hka
RS/QaBpDY+lFva5fovH4/fFX6FV6Ta/y183bBTSZptBUelOv+b/QNJpOM+htmknv6AjwV5pF79H7
9AHNpg91PJhL8+gjmk8f0yf0qY4On9EC+pwW0hf0JX2lY8ViSqcltJS+pmX0jY4cy2kFraRVtJrW
0Hc6jqyj72k9baAfaCP9qKPKZtpCW2kb/UTbaYeOMT/TLvqFdtMe2kv7dMQ5QAfpEB2mI3SUjun4
c4JO0ik6TWfoLJ3T0egCXaRLdJl+pSt0la7RdfqNblCcMrRDM/4ob8If4015M96cP85b8Ja8FW/N
2/C2vB1vzzvwjrwT78y78K68G+/Oe/CevBfvzVN5H96X9+Np/Ak+k2/nO/hO/jPfxX/hu/kevpfv
4/v5AX6QH+KH+RF+lB/jx/kJflJE+Sl+WsT4GX6Wn+Pn+QV+kV/il/mv/Aq/yq/x6/w3foPHeYZO
g0xwIYQlbOEIKSIiQTwqmojHRFPRRrQVHURH0Uc8IUaJF8RoMUa8Lt4U08Qn4lPxmVggvhRfiQ3i
B7FR/Cg2ic1ii9gqtomfxHaxQ+wUP4td4hexW+wRe8U+q5pV3fyyu7XF2mpts36ytls7rJ3Wz9Yu
6xdrt7XH2mvts/ZbB6yD1iHrsHXEOmods45bJ6yT1inrtHXGOmuds85bF6yL1iXrsvWrdcW6al2z
rlu/WTesuJVhZ7GzywbyEdlQNpKN5aOyiXxMNpXNZHP5uGwhW8pWsrVsI9vKdrK97CA7yk6ys+wi
u8pusrvsIXvKXrK3TJV9ZF/9l6b/+uu/gXKQHCyHyCflU3KofFoOk8/IZ+VwOUI+J0fK5+Uo+YL+
GyPHyhflOPmSHC9flhPkK/JV+ZqcKF+Xk+QbcrKcIqfKN+Vb8i9ympwuZ8i35Uz5jnxX/lXOku/J
9+UHcrb8UM6Rc+U8+ZGcLz+WC+UX8kv5lVwkF8t0uUQulV/LZfIb87vwcoVcKVfJ1XKN/E6ulevk
93K93CB/kBvlj3KT3Cy3yK1ym/xJbpc75E75s9wlf5G75R65V+6T++UBeVAekoflEXlUHpPH5Ql5
Up6Sp+UZeVaek+flBXlRXpKX5a/yirwqr8nr8jd5IyIiVsSOOBEZiUQSItFILOLKT+Sn8m/yM7lA
fi7jMiNCERbh0aXRr6PLot9Ev40uj66Iroyuiq6Orol+F10bXRf9PvZN7NvY8tiK2MrYqtjq2JrY
d7G1se9j62MbYj/ENsZ+jG2KbY5tiW2NbYvtje2L7Y8diB2MHYodjh2JHY0dix2PnYidjJ2KnY6d
iZ2NnYtdiF2MXYpdjv0auxK7GrsWu+7aruNKN+ImuFE35rpuopvFzeYmucludjeHm9O9w83l3unm
dvO6xdwSbin3Lvdut5xbya3i3uOmuNXc6m4Nt6Z7r3ufe79by63tPujWcR9y67r13Pruw24Dr4RX
0ivllfbu8sp4d3tlvXJeea+CV9Gr5FX2qnhVvXu8FK+aV92r4dX07vXu8+73ankPeLW9B7063kNe
Xa+eV9972GvgPeI19Bp5jb1HvSbeY15Tr5nX3Hvca+G19Fp5rb02Xluvndfe6+B19Dp5nb0uXlev
m9fd6+H19Hp5vb1Ub5+33zvgHfQOeYe9I95R75h33DvhnfROead13C0QnMjiZHQ4f5vrCIrzzndE
fZ3ft4pHdH7/SbQSrWmHaCfa08/Iob+INJFGu3XGe472iIliIh0QU8VUOojMfgh56zDy1hHkraPI
W8fEQvEFHUeGOGndY6Uwwrkpt5WtWFk7yU5i5XAyWt454ZxlR2U1eS87jVPSC9H10X2cR0/EbJ4j
5sdq8vI4K+2EU9L3dbY/Twl6d1CQSlNDvQN6S2eApTo661vE1hH3fVDnQZlnNImUnXK7ni7ncXWW
8/O5vsYCbtbfZV29A/DNOyZZda959Q6gZPD0yM1n+G4BjVncQhqzuUU0JrsVTEvV2vSo2pgeVVvT
I/p6AL2Gz2hUI12KqcYaPfXoLTXNUNMcNY/fUtMONe1R0wE1nBL0rJXVc1eVm/9TV41XI87rcL2D
5PV4PbJ4I96I7OiO6A5yojeiN0jGKscq6/64PZv/+D+UY2/NsP9/59f/nQxrcujt5s3/yZyZXfaT
T8gBcrTOQCZzNtY583FkszY6M72JPNlZ50iTHYPcmHabWXHMP8iHf8yGs3Qe/HsGvDm7/D+WDf+e
7SJC5/D3b8mKDfTuw+w9gp2H2Xe0lq0iVrDviDh619FF7zg+xJ5jjuwdsbXXNtee2t745e+5k/e5
NW+6zd3H3RZuS7eV29pt47Z127nt3Q5uR7eT29nt4nZ1u7nd3R5uT7eX29tNdfu4fd1+btqfZtt1
f55vVSPVWD16W1n3/B/zrmqmmqvH/5B9PVe5PnJw1j/Nwnl0Hs7nFnALuUV+z8eqjWqLnFzhv8zK
D/wxL6t2qr3q8N/Kzrfm5gf+F7JzI8ZZsv4om4sVpyTWmDWlQnhSWpy1Y12pFOvOulMF1pP1pIqs
N+tDlVg/NpSqsmHsDarN3mLTqR37nP1AnXh/PpCe4YP5MzSCD+fP0Vj+PB9DL/EX+cv0Kn+FT6Q3
8MzzTT6Z62iPz/gzhCuy0tt4A+N9kV2UpA9EaXE3pYtyojYtQ8bfgoy/FZ/etlnvWj/QcTvZTmY5
HXKI3eFwh7Ncjv7YzO50cjg5WG7ndWcKy+O86UxnBZ23nXdZMWeW8wEr5XzoLGB3Owudpayas8zZ
yGo7m5ydrJmz19nL2jkHnEOsvXPEOcY6OScksa6Sywh7Wkb1DmGkvF/WYV/KurI+WxrpF0lj30T6
Rwax5ZEhkSFsdWRYZBhbExkeGc6+M0/R2NrI6Mhoti4yNjKWfR8ZHxnP1kdeibzCNkQmRiayHyJv
Rd5iGyPTI9PZj5GZkZlsU+S9yIdsc+TjyMdse0L9hPpsR3R29EO2Mzo3Op/tin4SXcT2RtOj6eyE
zrb72MnojZjNLulsW5PFY3Vj73AZ+2tsGe/oHvKK8+HeZm8vXx68CaM/k87Hc5e2rFvIWXgTh1GK
NmOwAymqdzYVdf17+s/gfL03eA9XU1oSlpbo0i/6z7yP83/a+w6oKJK17aqeaWhmhh4EBEQyKJJ7
SKKCSBRFyYIiBnIQBBFRzKBgWNMaMQPq6hoxrVnXwJpYEwbWnNYsKqY1/2+/hkWve+/e+3/77fnO
uacO9VZXB/oN9dRT1dU9dtQOYseRir+66EE94JrtaXvoYoJpMJHSUlqK63EOkHjWim3GNmet2Ras
DWvL2rH2rAPryDqxAqtinVkX1pV1Y93ZlqwH24ptzbZhPVkvWkNP0lP0ND1Da+kv9Cw9R8/TC/Qi
vUQv0yv0Kr1Gr9Nf6Q16k96it+kdepfek0qkUskzyXPJb5IXkpeSV5LXkjeSt5J3/z91UlBFyuB8
gxRXzDbCZ1oGkCTECJIU12OyYD17ok6cIHFg1dbAFj0hyUhbSHLiTwKIggRD4kkMJCXpRmKBJfaE
pE2SIOmQNEi6pD/JI41JARlM9MkISE1wfZQhVVIt0hRaqiExpibUhJjgygZTXDFlBq02lpjjs10L
bK+WNJNmEitc69CMDqD5pDkdRodByx5HxxEb+g2dQGzpFDqF2EM7nkMcoB1vJI70R7qbONGf6H6i
otW0mrjgrJMrtj93ZNYdce6pJ8499cYZMcMGM2JOuO6qDQMMlRgzKkYF/NFd/GIk48/4w56OTEfg
jxFMBPDHGCaGsMCCkoka8J8+RF12RHaMcLITstNELrsnu0+0ZA9k9URbbiQ3JnpyU7kFMZA3k9sQ
I+hN9hFz6EsOESuxnyA20E/cJHYiqhMnQHUjogIstyRugOfNiDsgug1pCahuRzxgpOVAWgGyO5HW
gO4q0gYQ3gV89aUuAurSgckAXUw+06UV0wr2iBpJmDAY2UhRIxY1UgO2F0vUUS8OuFw/ooF6yVAv
TdRLG/XSlT2RPSMGst9kr0lT1NEMdbSQO8idSHO5Su4GeomaOqKmKtTUHTX1gN7wLvGEvrCeeKPW
Aah1e+ilPEkw9FF+ME55/wy2E7TPJNRIJeoICC62e/Kp5v1qYQaiYeanOoaeoMthS/fTcdACvmID
TwbshpaQom9ZtIca2kMd7cGhPTSA/fYgMrSKHL2tQNtoyhbKFhIexuf7iBLGYLXg87OyK8RIdhes
YiV7K2dBYyVYoq28pbwtSQYm8TPJAs5wmgwGjlBPioABvCIzoMc3JfPR55vR51ugH7cmW9Hz29Dz
29HzO9DzO9Hzu9DzP0L/7kZ2Qx/fkuyBft6P7IVevRM5AkynJzkN7CaVXARGk0NuADcJJ3XAMWLI
I+jpe8M4AJAQxkn9CBHHkcRXnGsg4eKaGxIp3634hhyBcxLp7D99HH7v9i+66qd4IPiWKnHGmE9p
EA/Ov8cDvqn2sY6BUVxug3hwFue7ZVdldwiRq8l5oiH3hv+pLdbiWP/9/ZjjnQh/UPtR03//jNaA
h/9B/wBnNv6w2lREU4poKkE0lSKasoimaoim6oimHKKpBqKpDNFUjmiqQDTlEU2ViKZaiKbaiKY6
iKa6iKaNEU31EU3FXyKsFXtcJkTyI7ud/Yk9Rtr9yydLDJVRbbhXC2pLnWlr6ks70gi4xwSaQXNo
PrCxIjqWTqLT4X+X0e/oSrqObqY76T56iB4DC50Ha9yidfQJfQkdmRqjYLQZA8aEsWJswcbu1BZs
0AIs4oAyFnpyUfagrVD2pK1R9qJtUPamnijjqRfKBNoWZSL1RplE26FMpj4oU6g/ynQaiDIT2IEo
s2koyjlsU1FKf2CNUG5ijUWp9OH0RcnqcwaiVFvNNUG5nzNEeYDD82DAg+epa3B4nrqMMxElMDFT
lMXK9vh/MqgNoJoSOAsDW/aQxwJzEXmQE+Q9KcQc6Ag4BxpCdIN+LpAnUOBEoJsb5EnUHfJk2hLy
FOorrmahfpD3oQGQZwL3YUCrIMhzaAfI+9GOkOfSTpDPoZ0hn0dDIJ/LGhAG9G0C+SZWXEXrw2kS
BjTlwT2rOSXk+zktyA9wjcT1WRy0K9BPB3IZp0sY0K0x5MXEhkSROOAOmcAZhpLRZAKZTuaRxWQl
2UC2k32kmpwk58l1cg9w6sMTSogkA4h4K4glgbpTT4imIBpCo8AavUGrTEB9CdxtC7oCZQ+6EmVP
ugplL7oaZW+6BmUCrUSZSNeijKfrUCbR9SiT6QaUKZyNKEFHMdrmgJZ2KPdz9igPcGL0zQFdHVFq
cE4oZZwgStBYhbKYLkD/LUTPlaHnytFzFei5ReizxeizJejF79BzS9Fzy9Bz34v+4MzQ4uZocQu0
uCVa3Aot3gwt3hwtbo0Wb4EWb/UnLP2aSsHOutQIrGxPXb9i41w6iA6no+l4sc+FqKigy+hquoFu
BcT4CZDiBGDaRcCvO/Qhfca5EAkrp0rOHWUs54uyB+eHsifnj7IXF4CyNxeIMp5rjzKBC0KZyHUQ
JaPNdcTtZC4YZQoXgjKdC0OZyXVBmc11QzmHSxQl2CpJlGCtZJT7uRSUB7hUUYLN0lBqcOkoZVyG
KMFyfVAWc2KrUnLQnmBLbE+xnNiSenDiyKEn10r0Itda9CLXRvQc5yn6kvMSfcm1Fb3IeYte5NqJ
XuTEVpXOia2qDxcqtj8uXGx/XITY/rhIsf1xUWL746LR3zFi++O6iu2Pi0Xfd0ffx6Hve6Dve6Lv
e6Hve6Pv49H3Ceh7SqScnnjHWPL5WFIG4tsPLPYgBPGfgr3kcL74+oVEGQhHiF9RCcH3UlpA3+n5
cd6V6iEO6SN+GIj3KV6RNvlUShO1FHt56HFmIo5gLj4PplrQhxHaGEbwFPsqBnsgkbvNI4fBxs6c
C+fKuXHuXEvOg2vFtebacJ6cF9eW8+bacb6cH+fPBXCBXHsuiOvAdeSCuU5cZy6EC+XCuHAugovk
orguXDQXw3XlutEuNIZ2o11pNE2TLQDWVvb+qQozgBnOjGVmSOZIvpesY01YU9aMNWctWEulr9JP
6a9OlQFcLNedi+N6cD25XlxvLp5L4Hy4RC6JS+ZSuFQujUvnMrg+wCauya7LfpXdkN2U3ZLdlt0B
ZqEu5+QacplcLlfINeW80osP4jvwHflgvhPfmQ8B1tFO7iP3lfvJ/eUB8kB5e/kZea38F/lZ+Tn5
efkF+UX5Jflr+Rv5W/k7BZhQwSgkCqnCTGGhsFI0V7RQ2CrsFY4KQeGscFW4KzwUnRUhilBFmCJc
EaGIVEQpuij6KXIV/RV5igGKfMVAxSBFgWKwYohiqGKYYrhihGKkolBRpBilGK0oVpQoxijGKsYp
xiu+4SP4SD6K78p342OVbZXeynZ8PJ/AJ4LfbCBOosBv4tyKA4wugoFXZzCZRMXkMXnElRnGDCNu
uErcHWdMWuI8iAc+7WglWStZS1qzBtBHtlHboraV+KjtVttN/NTFF3H8xRcxSACnCT1foDhTQLqJ
MwUkQW4ltyN9xPkC0l9+BJjzUPlj4MzFClPgzJMU5gpzMhmZ8xRkzt8ic56KzHkaMufpyJxnIHOe
icx5FjLnUmTOs5E5z1H4A2eeq4gGnrwYefIu5Ml7+O7Ak6tA860k9s/4+D/06V/guU8+k6E1CVpT
A+2ojXZsina0Qs0dUHN31DwcNY/CEULM+3kXlhd/RRHKHclByH2JScNW9GVc/3GEvo8muEIjjB2C
sSNBD6uhP3n0pxL9qYX+bIT+1EZ/6qA/ddGfjdGfeuhPffSnAfqzCfrTEPzWgzT9cPdKVrvB3fMw
2vvQ7kUkwsglGLkUI5fByJV8OFeL1WlwrgGw6U9Y8h4jlAGIZ+L8I8GoZjGq1TGexXe/xhPf/2k8
a4hU6vTPIRTeZQvgrQRbYAtsdY7Y3pzez3TRR/QZffWBZTdi9JimjCVjI+nAZrHZbD+2PzuMHcEW
8ql8Ot+Hz+Kz+X58f34AP5AfzA/lh/Mj+SJ+NF/Cj+XH85P4xfxyfiW/ml/Pb+Q38dv4Hfwuvorf
zx/mj/DH+Br+FF/Ln+XP8xf5y/xV/jp/g7/F3+Hv8XX8Q76ef8I/51/wr/g3/DslVUqV6koNpVyp
qVQqGyl1lI2V+somyqZKY6Wp0lzZTOmidFd6KFsrPf+7Ovu/q7P/x97H0gJWlMLqK32ATxX/qbdP
AC9ohtqNBu8KcOJauk8r8f7JarpP6/DgGowX07PBTKRYEww4+Wk+jz4Rf1uGcWM84Ag/qAtlwplo
phsTxyQBouYANu8Vn35/LYlPvBsmuMrnyeMfk/h8vGESn6Z/Nfl9kQLFZ+2fpdB/TOJz94YJdPmD
BL3WZwl0/jx1+1qCXu6zBFb6PPXE9Pt20hcpFVLGH6ScryXoUT9P0V+kXl+ktM/TB/3wbt9f4b/z
l38wf0nJRejlPYGRiF99isIvSH359aiZMNatIMvIahjtbiU/kp9gvHuC1IL9BFwV8u/mHv9RHvqf
5F+dpRRnMBWAQxV0ORzhJ46ioKfTw3GXIb6HbkPFMWUYnQHlmXQWlEup+C3cBXQDlDfSB1B+SB8R
Ca3H38l6Sp9B+Tl9gT3mKyi/pm+h/I4Rf6WMYaQQcSyjBmV1/LUvOaOAsiajxDemG0FZmxG/itmY
0YOyPiN+GdiQaQplI8YcyhaMJZStGGsi/r6YDZRt8ZfF7Bg7KNsz9lB2YByg7MiI31Gcy8yF8jxG
/Cr1fGY+lBdI2ovfooR+WSLpyOrDGFXkMAzwIPG318PYcBilR7B9oJzJ9odyHjsEykPZQigXiV/e
Yyezk6E8hT0E5cPsYShXcwpCgf+Is1F6MDamnD6ngrKzxlpCNdZprCMSjfWaYCvNh5oPiUTzEa9O
KM/xciLhFcCsKZ8EjEOi9AIGSGGc3J4wyiBlH0I/fJtGRPOED2/8/85GKLIRimyENnjrnCIbochG
KLIRimyEIhuhyEYoshGKbIQiG6HIRiiyEYps5P0dMshJKHISipyEIiehyEkochKKnIQiJ6HISShy
EoqchCInochJKHISipyEIiehyEkochKKnIQiJ6HISShyEoqchCInochJKHISipyEIiehyEkochKK
nIQiJ6HISShyEoqchCInochJKHISipyEIiehyEkochKKnIQiJ6HISShyEoqchCInochJKHISipyE
IiehyEkochKKnIQiJ6HISShyEoqchCInochJKHISipyEIiehyEkochKKnIQiJ6HISShyEoqchCIn
ochJKHISipyEIiehyEkocpKPXzj69L0jQ/GrfLpYSwyjhSLDCDUN25KgkueaVJ0pKzL0gypvhlKV
XNBQY+14CWPIEiFeTWanRqW0qCVDpWWRQrhg36DGqMJkpBE+/PUkoSSB9CfZAKfJJA/+xIfBbQXz
BheT6lZJvP1L8r81fViXOKWyw3Zv78yFK8qKGjsIRdIyoUgytkzCUIaRxTepnoa3nSJofrpJysLt
FODdSbpI1XSYLpEqHaGRuMHpyGLi+6el903Ny+6r0hJ4sVJdRz0iOSkru2+SykQwEmtkOo07pyfm
ZvfPTskz88vOzcnOjc9LhzMsBXNxv0THsOH+pGSzyPTUvnBVszA/H8FEX1OlUgkqwVlwcXZ2i4VN
F0H1aVMoHPWX3JumIBf3y3WknUPDIj4eLvmDw4UiatHQZpQlkiIIR6iXMUWUkrruO4c1srpWonY5
5V3QRv0dzPUNCueHuW2HOY45E1K+dqmf0/PkBaorzqqA1Wd2W402P+O4cfTwl241kUZnfgg3CT2S
suXuJgXzxiZu1bIxzw5ZbDi1ixvwdHzO5MQzD8ab3J7sZ5UUWzNm2JSsNivzf45xH3Zru1b0ytKH
43o4Jv20prlGT5PExo+8dulNnj2W2Sts2i3vbarMrT69aZmbdsnccrnsxrTuk15Gzdv9uEkv34na
C429p2yy1hnVxLnI+PEvY06ar/Os+EE99IzV8rqJT9f/8vJFq9Clt+vXdIt4ct5nrlOjnMQLdy4u
f5RlLtWKdNm2LrTqSuQ6n+T2fVs+2357rp7Pt30cuwt7GQk0iEVF1Bgs0kTQAVsaN5MqBJkaB0HN
suoSiWAsVvJAu3WbRvCPG9lu+nHc3kaFXidndt2yKLIvOtBYCcAslUIPN1IwFbctpQaC3kjdw41u
HTqxQa8rPdjS0UVPb0unOTJTIVo8wFQaKnQWgss6lLUvCUjLy8tp7eSUmJvpmPXRi46J2VlOOX3S
xVqnnNzspAGJef2dwMkQiBCGEIG9BA8HF5WDM4SgIxwkxH68Z0qlIUInoePHbYEpafvhXwwcOPBr
/yI5959eO++LZicRI2dJd/fMVSFz07WvZY9n5qYP3JuZlNti7C9eAVn2BkNOtnDSudoto+keueum
8W/ubJl+T111I+PJAGnN0rM9W6st0HrzveaOeeF+2e9Sp8+7cnToQ6tKt+pRPerO/pjt3uHHWFnM
s/5XFjy+xnVq09ap+sTPdaEWOc+lpsx3wXM3T44by7tPz3RR3/z9qvCyY3vOT7LQ3rH3UtGZ6PLn
Fx4uMYvR0ppft7IkL7Pf3N0P6/fk9Fx6Lqtzy66zOxe0O+baI7bZ6tS7TUMC1Son2Jgu0pq8xGWh
5anfNgYOu1yXWDoluC27zKnSYH23xWt8IidxrJaD7cHWap2MHL9XhUcnrZxTvXJWqc34WVPG3Jn/
A2DUVsCoio8YxTaZiVja9EuMGviX4IA5Bho0fIPf90elZyU7RObFZ+X8jlBCS2c3Z8HVWdVKRChn
wKePm0Lh+v8NhLIWmr3fNOnrl56Tlpxr5h8ZYBYQGdK6VUBLDwcPd1dfB8Gllb+qmWD5XiOjr2oU
mZybn56Y/C8RreZwm8iKhf6LBq/oHN0vcvzA5S2nDadt36xgFkV+/+74WosqMuXmgL51BrcKeZ2q
2niy07Qsv41UU1olLVv22i9SrVwq3SKfWsokeDw46aL93M5ryINVATHFM8wWnkl0nZcQOGnn6su/
LGj17Psub47eHHjDTedB3K1dQdNCDf3Uu3qMH1Gsm3nn4LHgwUV9D9c07s3pjpu+rLt364PeZsOy
nLoaDjs03mP73j2t0moduhpa3rfV4mLNJhQtuX98VsDU4uq9LUdd0iwdWlXzw+XZkbWDuKe/Wpqr
J5TEZqQ3eZPzItK18HkzVZOSMd/82GXOm+Wd3Bq/6X57xsEVkaU2veyXXGmmTKqqr7Qe8BHRNMAi
bAPwKrC8Wa65s4t9moFNQlHq6cdX3D1iPwMrS9fffokIzJHdb/cq/9V6u8q9buuVQtR7sAKoEgCq
ygJK/P4tsHq/W/QiOhGiEqGqawOoAqASghpAleefg6qvXjnvawjOfQ292u/JL+yuupBd4zm7fnDm
8Fk6YfasflOtzf7lGyc8iT66o9J8Q1JWvFFt3a27T6fW+VUY+O99+fLBqh/iRszKCt7o98o6fhAX
NXTtizWlsg15+5bfcgjbN+ztsJDy2aetW2xaXXtp7eRRFpOOPC54Ha+btetu9ejKS4u2dWc33Yl6
mmCcaf1dYvDLa+Uvt10qnpmcHln5Q7/SpOYpO6oexSVs//aJ17xgX6J51IPVbR573pYNHpEx26P2
Qv/ZFUcmhFktWHz3qff4QdVRs3s0S1nso9ZiTYd9GyKm37vIjEp62/nku+CK1zYjz9V5r/C87zL2
0C6L3sfi2kgrZRtKszyXtg6dc5zqNUoY75MP7IrdDui1+CN6uTQ3RPRSfYlevRAWZBpTm4+bVm+f
RJvoScAXqiaC/meVGp9cpXIQ7N63Y6vf23FEdjaABPguPSU9MT4v2cxnQF5adm56XgGilCB4uKic
AZRcnAGlnD9sOoubfyfF+1dQsy63W1wTIWmX8ZzeZma+s/MjM9s2PZ1dffjRnT5vZ+lpXb7UOm+U
4SanMud77y7u8Q2xPJVLzrnFyMYdWm3W4cnDtJWdgycu2VEQ3G9ue/Wzb5pdmj9g7NHl/f1HnCk8
93hHvfvig3EB59es8rrcIm2W4dIluf2jH+lPv/7GbXpu2en8XiYDA0YVe+gd69+d3ZoaMXHJunSn
s03kb6fm2VzNd4q6oCt0++3ExIQ3hw/2ClSFbbHWud5OOJpro9XCYn/LEK8yZ68pP5d7qBXHhUQX
tbBlnTcFnwlNvHnCIeFRgNfNlRx5Fli+4Hj3Cc0jbw1e3rE+8GhLT48FGwbGLdFfMPFwo8nRnrtX
avSS1HyEmp5gkVhBKTY9HZEIsYIERAPs+SoPkiNxElkTLRG01TQ+jCIaUymLF4bu4FMdI17lzXFV
SE3z8TOulPZus0yV/Z3n9loHocmng3QZqcJERiLJABh5+BGfz8CNX1nUu1209axfm+m8tr0ii5zR
7fpiIew9uHUQ2gsBZX5lPiXefx7cPu3OhdAWUQmBLaoBsAUJgYJ/A2Dz+HeATWwwfu+v+o/si6Gk
W6u2I5oHrrmb3W6t88aMu7xT32Udnt/tNeB+pzYOZ/xWyd8evu2gWmRZPTSsdKR5j5VeTp22ViyL
nnctZ9vmDb8VbOyQ+7ztHZ8Rh64o9NMPL5ln5vBSHrYv+meHax1PbM+5uUyzQrIk+vLm8cEx9TN8
5z16/KDuWompq+fm6DkPIy2LbRcXGU27Ol3duP5qyG8Tyg/d0lnybciBpicm586w7Zc11/A3o4eR
p1OrLd7FGf9cMWGH9bqCxGj/ivCfX9xe1DX6wlwmwN+p15Ozq08WOfd9vXiGzvW76Te/r7DfecBO
i0+eNPvc04qX2s01kj2mPxps2nHb8SvRt44NmmkQd9BNr9eFacYdJjnsXOXqb1Sn1diQ9Ljg1t38
SOl+jbpifkJoFq8T4jXUJmhe7vHHmYd238tZFDM1Ztj0iWVNgySxz48uSpXlLXG/7+Ckf+BGbkvt
J9lrPVOLXkSsm+iil2zCj7+gdTHpSfaRwJM1+rcL9kk31Lyyv2Q6fsFK2Ssd63arrr+48v2IwG3q
vdsn924XUul7L+T++vyCWpmrRpbRSJXpVT7qwq/lr35tr7UqqfRdmJ7j0F2s+eCrM3ys0/dOmzzj
4MTauearNePmPaxYXZI2SpHhsC2/DzGeuapeb8gzvVFWW8YezVjWXuU05/y1fl5nyPCE9sePjD24
2eAlnztx9yKvNUy7jHfpc2de1VqmtaFlGHd6r5dQpKYO+P3gI37rpbkifhv9HfgttBRcBUBsNxdB
ZJlAMsVNF0Hc/Pvo779C74XlmWsvnQuaaju0j2OTKzuuXquaHW4ZturIBYMQK2Xd8aXHO63KE8wa
3VU/FTWjcYfpTX2nri6NE5qfJX1uDdlxb5y68jkvhaFstelhF6sx8+ufpBrZvx5yc6zxnZshi8p3
W0Yemvgy4KjGsZ5rjlX6SitefJc5LfVMi/OBkZUlx35tEehovbIktEuE4rrE/lXGlClC3zGPuwnz
Xw4/PWv9LfNZw387ofOY2xSZFbEhYMrCINKxfUoja5uUZbOu16gVdqx4MXppo/a6GkULR9/vMugt
nWMcxhUTLSHw/qaLloHb9jlELVxjMshHNbB67qU2o6aVxzMbjTXXvn4+dx09YhEc9e4Fu3ePmfwj
eq8Aiyz9Z+j9VWL4GXprNURvqCFCYel78C2cIhRO/Dr8licujv/Lw7NIq2CVXnnHsiWrOvXv+kRd
xzH5/wzq/ykqC7bWmjV+b5zE3/3C7Q2rBp47UhDema51zOvXPUuhs+LIziGTNzue1K6YkJWwOYY5
HGKmEzb7wuB2V2O2rek6x+iKMS1ZuW1Q/TfH7rWhdVd3TpaxByYGXX0Y2fhC6Iqp129OzDg1cveN
6fVqTsWS29/aWlnkvHr2+vqg2Y6az9Wv5mw3CJk/qY8sd8bm8lbzUh2qwvk7CXHeeqXfmHlfVTd0
flGt6piv8rLLlR+4k+P1rlimc2mPLH7SwzOb9e+GfDOiys2u56Jdd7cPk/sOORmZa14nHNo2KDmu
O9WX6fInzuqWPvXcktJ1vYPTzRfFJdXh0bfm50zPXNmq08lnBbuWGwxOsHlQMdfGVW2gYcJBL5Ms
06KH8v322476rf/1xb1hG68tXpbntjmkqp+ldvN8uWfEhH6xgX6629evr+ycemCh77uRBeYjFzQW
Um75avc0PLDAwvyY322729ueBFXbn6x1HtmpuW2QVa/YO9EPvrs4e/6h1tk7Cq3z1BrV5Zvvmlu0
2zrqh7UZXuPK8+M39C3X+W7X8vYPtbPfjHfOXPf2UviBCZYHU3bMNx6jncR4OazpNnnzdfNfN1Ye
StwwKIo96eMYtnJ65ZJBK9aXzRxg+MvUMToDLJycl3F9y7pPaLar7MHoQ+an75qEHpxT1+Hyc5qc
PU4+7ED6gRt97yyddURl846v6h5X27lpee1LpwXejl30+hzUWfRGVSSdJRRJpzGUCoVj/ka+/NlE
7e/TvGWF+0SW9iFsNSQqRcM5ZPi/v2/JVbzQcG9jkQN+PFGqAizyLKyc/VAWvXJPWr3+1VubSxnZ
3AghqcEpClW0EFVmO7IF6UzSSSLJJdk4DZ1C8ogZiSIFJAe2UqE+HkpppKC8+UirP2yjeQU52am5
8TlpBWZf9CXSIko2Kc60qdhxt0J6cU9aVUZMzd7eC3MDCr69Ed9q07hapV6kw177pOD7Zd2LNvdV
5aVfa6e75Xr9iDd9jU5vTjhUdtfNsMd2naXPb/7gmpjo2mT2pKTO52bWOp1oc9t6VGevilOVuS2i
a5J9/ZWd1kQ77pnhMKX+5wWr32kPbhwdZmhnVqN6cjI6QHLH4PHTxG6naxKeRrSzGN4it2Jis7CA
Z3KNVWvY6k7zQ7bFLbx9zK1oxA6XG1uG2x46qSj00x1Sn+qz9WniuAi7b1Mb/2I93ebUVqWXwZ0u
z+ty9fb59rzytqjPpQ1jiqdGbLevHlcln5Fw/cTO2q5V6t/4L1s46cmUoHyzBe50afd9+8yGlxcx
xkIR08C5aqoiRgZVahiMxX9b5//ZfJz6h1As6yEYNIxD+e8PPCj8x097WJVSnCoT3FQtYUzq7gIk
5sswvFcaV7l04ALtHVeKz3jaqRYWHDne7wtsFgPEYOcwH91K/5c/hViV02/bZXdZU+MadOfRjK2D
x4T1++bC047hMTFHdU6453aZPVuv9TvJ8LD9ewwPj22lZe40Wvtcrql64ZznK14EpWWe6UGaW83Q
PlO3vrBT1tom9VVBVw6eyt99eu9h/36mP8W+qNJ6clA1atcvHXZu8ZqRXbFi8KY77ybdiImvbVdu
5D2p7RUh/K6p8SMLiZb2A/NDp5IG9LXvdTOzptWNjA67lmwL1w7ZpJX2yjt1/4kbxt6N9EbsPL6r
3n55u+Kj2Zfdgn4LWCtdzN2btL/pJKfb3auPBETW3Gidml5k6KXjFzmt882qlJQ35ZfNbYcsWh/R
df2IEPsnQiK3X+tK4b0cG0L+H65QmIkNCmVuZHN0cmVhbQ0KZW5kb2JqDQozMTYgMCBvYmoNClsg
MFsgNTA3XSAgM1sgMjI2XSAgMThbIDUxOV0gIDQ0WyA2MzFdICA0N1sgMjY3XSAgNjhbIDg3NF0g
IDk0WyA0NjVdICAyNThbIDUyOF0gIDI3MlsgNDEyXSAgMjgyWyA1MjhdICAyODZbIDQ5MV0gIDI5
NlsgMzE2XSAgMzQ2WyA1MjddICAzNjdbIDI0Nl0gIDM3NFsgNTI3XSAgMzgxWyA1MjddICAzOTNb
IDUyOF0gIDM5NlsgMzUyXSAgNDAwWyAzOTRdICA0MTBbIDM0N10gIDQ0OFsgNDY5IDc0NV0gIDQ1
NVsgNDcwXSAgODUzWyAyNThdICA4NTZbIDI2N10gIDg1OVsgMjU4XSBdIA0KZW5kb2JqDQozMTcg
MCBvYmoNClsgMjI2IDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMjY3IDAgMCAwIDAgMCAwIDAg
MCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAw
IDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgMCAwIDAgNDEyIDAgNDkxIDMxNiAwIDAgMCAwIDAg
MjQ2IDAgNTI3IDAgMCAwIDM1MiAzOTQgMCAwIDAgNzQ1XSANCmVuZG9iag0KMzE4IDAgb2JqDQo8
PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDMzMT4+DQpzdHJlYW0NCnicfVLLboMwELz7K3xM
DxGYRx4SQgqkkTj0odJ+ALGXFKkYyzgH/r72OqFtKsWSscY7s7NmNyirfSU7Q4NXPfAaDG07KTSM
w1lzoEc4dZKwlIqOmwvCL+8bRQIrrqfRQF/JdiBZRoM3GxyNnuhiJ4YjPJDgRQvQnTzRxUdZW1yf
lfqCHqShIclzKqC1iZ4a9dz0QAOULSth452Zllbzw3ifFNAIMfPF8EHAqBoOupEnIFloV06zg105
ASlu4iuvOrb8s9HIji07DKMwd4gxjx492iOKd4iiA6KkRBR7ZuKZ8QpRGqPnJXt09ZpLSxIv2uKx
YqhNimtevNxcUngRu63XGiKtuO+Uhr6gyLP36JSm/nKDxzq675T6gtbb307sn1Phf2DhnhaFrPyT
1DXAzcncXX7W2jYWhwk76nrZSZjnTQ3Kqdz+Bn1Bw94NCmVuZHN0cmVhbQ0KZW5kb2JqDQozMTkg
MCBvYmoNCjw8L0ZpbHRlci9GbGF0ZURlY29kZS9MZW5ndGggNDA4OTkvTGVuZ3RoMSA4MDE2MD4+
DQpzdHJlYW0NCnic7Hx5fFRF1vY5dW8nnQ4hCwGyENJNkxDohH0JoSEdkrCFJUCABFCyEAgiQzSA
iEKiDi4BBVwAhQHGXSPSCSgJIIQBdxFFFhfmBRVkRkRcwJkRkvs9Vd0dAuro+/vmj/l9n/dwnqpb
e506derUtSMxEbUC6NQ9Y/zwoS2q+tYSx9xOFP3k0IzMIeGWoAlEB3UiMXJo9pjxUau3XyJ6P5so
edzQ8RMG+5n2XCAOeBKNHB0zvlvPYMeiGiKuRav5EzNG5fasGdUJbVUQhT5cNKegdEnnXgZRUjja
G1y0YJ71+ZbFiKeeIvJfPqN05pzqsL49ibrlEpk+nFlQVkoOCiB69wLaC5l5460zLt3cO4hoaClR
0cslxQXTP/jC7wb050R+3xIkWF4UiPM8vHcsmTNvYedzrR5HXxFEkTNunFtUcOu6/ElEVQl4L5xT
sLA05MfAzii/FuWtfyiYU3zfhyPR/v7lRJbM0rll8xrjCfN/97DML725uHTXphWxRH26I7+apOxM
7Tr32pq3aFqw86I5wEzyeSJubIEMX90wtpPh/+NK/ZLZgdcAVV4+CP2ea3gUQj9g+BuH9EtNOb5H
kykt3DQUMfkICqFuciTap+hXpegHeCWZyGx6zNQLTcZ4Qq2AZogwk0n4awFCmISun6QuRj0tTFcj
wJMzKt1KLrJaY/QzjUvkSMRMF7FhYF20Qv1BOVPS9QM0U5ZGKAd8li20k06BG/lTcR0n0We0kh20
gw/QF3QaOVW0j47Sfg6jD+gMt+IDnEyFVEwPcys6RqE0icppA+XSRqqg2ahRRXmIRVBXKqGt4Fyq
oxU0HvOMo2wqoiNiIH2OdYVm8C5aSUmosQQ1jtFiyOEV2kZ7MJrWdCOtQl4Fcg/SgzSFBlAyen2E
zvEjwskPo0woqBzty57Go6UrVIV6HtrhJdmaj6Z46TKPxShupxU8V41aiYV3cir6CcNY56ClQnoY
PJnc0Ne+9Ax9ygkcTwMxm1L6gs9invdRNcYyHjMrRz05phJwGK0yvsX8P+EGjkM76zDyIkjen2aL
HGpJregSJOmgk2grFHOQnAvpeahE0XhFO9iJPp2cIoireQcP4MOQ3kT0WQfJHKFzwmk00B1o/RH0
l4TVa8kLeAIXeTVOrstitClLl2OekpcYp8V+9LlS8Qa8N6D3CsUVaNnHXSE3ySWQWi7qSZbtrMCK
SB4PKUrGKBSXY4aTIa+XOJrW0nt0m3GawxBvSYIX+1giPQdZPUorRYzcICJGxEj0sO/hxciVpT3b
4hfiv/yImb4IKNjLL2K947H3NIwkjWoxS4H5beRgjDsAq4JkrNdO5AmexbPoReiGlJFPcj4peSS1
uIlnQ3dn0yDIeWczfgU1tkGz9kBWPnlWeOXpk6lHnouaZOnjOOi7XNNjqv8waFw2lWJXynQfIx/6
5aR7MfoWKBdI0cIM/djJZnIZlzGfNOMHmInD9J3aqcXo8YjapXmQhtyjD2Ec06E3+zGGIvQQQ07k
FlEhVm0Z76RJrNMQnkjLaKsIhqakUQ6N4EyM/S2MexLWMJPmcwJiq8DzlSaXg+qUHleRHfIPpVso
Eb3IEUhrMYJyjUt0MyWAbkGJCIzIM4pyjCJRjSOPOuPk0tXaTYJ2t8F4V0J2t0GvJiMMx1sKaCH1
oljUXwWWluRpjP8WzHMUDSEbKAutP013Uke6C7UeQG1pT16BRdhGvYyvsWILUWM2el6LHd6DSkQc
j+DhPFx05O2gtbwWsSzRUfSFVq8VTm0Z1fE70O0N3JqeoE18Cw/H6pZwGdZqG9XDaizF/mtHYxD/
jn6k/6HH6VV6gd6hTVjlpcjdQ//A+v4N5R9R+lmPvDrF7ynytVwMS3ul3aWqTdliU3t8C1ZkG1Je
EOm8nPO5I7/Or9MlgU3Fx3kN+Dg/AX6LP+GPeDos2wUu5xzux2b25060GqW/ECP4ff6eg7gTh2Jl
r+y/t4QmWGj8OD/JVTyHxyFtPRdyPnQvThUJJD9VMgTjkM9KSF7znmwWkHyeh6X8htaAv0GpDdgL
IIxE2mlP+hq+i49g5M/yWygfg3VwNIW++H/gwdjXqxOOKBy73EJvQ0JroPn1vIv/qcapjAXi3vnx
G/zHprn60rxz/Um4gcdKVjKQ7OeRTVN47dPCKx9vyFFY32ahT7bQ3qMq3Ib9LvPNdJMKa7hGpTdC
q+X79xirfDAfNZfnaYF6n4k9eif9mdbDkoBFJFYbekEFNBIS+QS6EQQNeAKSuA7+gQnr8BboCFbj
LuTKXtbTev6SL/JF7O/Z/BJf4M85XhRBam7smzSK55NI+Zy/5r1o8XVIYQP6Oga/4V06wDfAZ3uA
DtAu5c09QvdBA0Ppa2j7LtDr9Bjsx918HWg3aBc/xieuSLtJClJTpJxjlD4QDwXl0vf0Mf8T6/Uu
kqQ9hd3EGB7Frt3Pb3M97OCr0Nw6dmBnRPD1nKEtpjdU/Y38Cj/F+9QedyhKUGQ00X5IoPn7FRqM
0uCm8/O3cvOz4+f4NKySPDN8p8Nv5WtPjuZcpPwOD8sxyD5+oQ5343C6CIYthH0Ohx1dqHg2qBD1
JWdDszvDtsrzbjDGjLagD8t5Cg/jPaBhim5Ru0hqok8br9lFvzX8xd32K7vwZ3kNeF2zHfpLfO3O
/ZUd/JMd+2uh3NE+NoHk47Oa3l3+k9BnTX8lbLIOvxD6rMWvhU3yhFWB1/m9iiMEv9G0rr/Ewdil
XmvqXX+PJZLhZA/JEwe3iVycKvW8SVhwyoWTRUSLdjwbKWX8Ds8DbaYe0iqIaK6/dhV8Uoclr1HS
03DSr6ftPjvXnNFeCny5pSJMRGMMD9C/OEj5ImuUr9IaflAY9G0svA8dLL3oNshNUixLVME/likV
9BJ26s3otgL3kdbYTZ8r724nrGBrpErPzond1Qb1tirPbj98pwdhWaW/7MQuG4hS0lP+s6JP4I3s
h849SEm405yhYtwozCALxmPGfvUHWdAXdi53a/IDfT6n7NlnA/5My6Ernroyz4IRSG/zWtvjsTE7
rvJAJfvsgM+7rwJ5fNq76Ywasa8VueMTrrI/0raU4A7XRXlgNyAm73Oj1QlfQveAFoOq6EmUnYDz
aCa9Al9Sesg7casMheRae6WXghKjccqsojJFVZDQceADoIO4Z0l6H6OT98FarIe8E6bh7RxuZstp
MzRsG7gKvd6GXuUM6ugP8OwqVI7FS4VNsedwmwwDzeEk7gJKor/hNGT4Rri1cYNoKVrivuVSt8BF
tEj0xYmyC+jEObVLngWqxFpFTt6Em1cvHsV53IddeHfi9gfEHUje3VKxdwawE7WPIEwByT7itEjV
lqeFM1dak3OVdeDP7+DDqk+bbE3VTJDfRTz3QsjtGfhwLfH2PLfnfYLQ3y6MMwGtm2U9aNURtOg5
327g7d4N1Alv3Tmb47kt92cNK/E+pDAAJ0AfzyyhwUPhzRJ4FfXEWS3XejnWYSPIhRvBcpzKcuU8
ujIfsq7DTWSfurPfAa3ZpWLbUK+K/gXdScB7Cvb5avjl/ZX9DJU3LljAzjhXZHgrdmQMbhSypyis
ruT28O9dNA31wjFTWbscbW6DlJ0iSAQRgxLQ7iSaoXZuHPXGDl2pTq628PvljdyCfTQJ+1ve4FbA
7rYAyVPMBFsl+XTTeWfHfWK2l2SJCIrllKZdJHef3AM4+VQN2c8+yEH2L9m3I+6Ax5WIXeFj2ZJA
W/OwM0IwI7mrx8IOWtR+DVdywrjgq2TxcdxAauGbfMgDgafAT2nD6TMK54m8BOuIFPoU3tZTeK/C
21q8E3+DW0o3kFzjv/JtXmvhs2EeO1Ylb/o/4Z/zRDbCbl651V7N0kORFkRaHx83/2YgOQJa4WPf
N4Tm3xKa81ZlK5OaLFHz7wzXsu+7w7XfH5pzCHRGsu+OLD0WydJK+b5TSJ6A+slIW4m5Fl5DzR4j
2ojmZtQ8D3vgarqmngji07AKqxVbrvkUKPV2VTOSddaD9hv71dnUnMiYB4rGHruayPjKmAhaAoo2
/OXY1RgxFq7gKtXuJHUvn/9rc/y1ufyWvpuR3HXy7h6KPdoXcoBeNmtbeGm28vkTYIHDlXTlx1H5
3QB5npwmCbwFkmERSNaERwPrltBsPL42nSIBVuFR6Krvkd8U42HfUugL+U0A99nHsW9OwR7vgiUe
gP4P8N+9JC3scD4Fe5qCG4IsFSFaetuRWjoA9484aKL8iiBpJW1nxj46CCslT687wVXQNjt3VNJ/
mu4CPU0TMaIInELyxDqHWm7krcXbbOTFwOZ8Skdx+w7lNrDGbdXtfAY88Uvclg7Tt/CUwmAZRnJf
tnMg/VXtco0OUSPsdnfY6x4gDbY8ATZ8ACy6ExyP3AFoayT0+yJq5lEDPHMrTrls2Pm2SJMpPWTK
lZXWrPCr7uYH+VbUvQ73wt0iCr69717re1IoCHarPU78GPg67ZF3gmowIgdklNpUSnqk5dKCwvMd
CgpVNqgCO/cgZLBQW4Z1iOZNKGVXXpaktdDaOtiyW3gtHcdd8DN1qzgAXfgY4/xP3SKa39W9fuW1
9+9f9Op9nvo1oe8+fu29/Ceetc8Tv/a2QTj3dgPlib4O510etP0cjeZI+JwEP/MUtG8i9QUuwYoG
N30lT1K6WA1dKkb5yViTJViDZLTtr74/yv+qsBza0Z+DcQvuwdNBGjyFbNGd54MK4R07sX774Vkd
QXo4dCecc3i00p5h3Aq39Yt8k6LenC41i7+Chh1Q/kM8tK8P1lSei+U4Fa6xMmjJQy08dK1lYxOo
ebr02F/B7ugCWx6sziLpQeQgDEZM2vAqRTvVFzufbZfnME5unuQh2kt7sb7Yu5i73KvzUL4Uvkmu
8rXlKSZPLXkKeG63t/FrfBI3D6fy2ipwTlVwuecrOi/kEtjShaAKjsOJVaFOlfk4kUsgcxNFQRJJ
/CloMeisIqdPM1g+Jk1jOJUUYfoqsJ7+aTZw6vsZjRRAAbhXWBQGUiAQfgkwCHiZWlIQMFhhCLUE
hlIwvI4wha0oRHkgocDWwB+xD8OAbakVMILCjX9RJLUBRimMprbAdsB/Ys9GANtTJDBWoZWijX/A
NkrsQO2AdooxfoD3JDFOYTy1B3aiWOMifB2JnckG7AK8gJ3fAZhIdmCSwq7U0fieulEcsLvCHhQP
7EmdjO9g8boAe5MD2Af4LTQ7EdiPkoDJCvtTV+Mb2BqJA6gb0Ek9gAOB52kQ9QSmUi+gS33LTaPe
wMHUB5iuMIP6Guewr/oBh1AycCj1Bw4DfkXDKQU4ggYAs4BnaSQ5gaMUjqZBwDGUanwJHZM4llzA
cZQGHA/8O/RyMHCCwomUafwNGjwUmKswj4YBJ9Nw4wz8EolTaQTwOoXXU5bxBfb5SGA+jQIW0Gjj
NHbNGEN+gZc4nbKBxTTWOAXvVuJMGgcsUTiLcozPcd+aAJyt8EaaaHwGf30S8A8K51IusBT4KexO
HvBmmgIsA57EvpgKnE/XARcovIWuN05gV+QDb6UC4CIqBN5GRcb/0O00HbiYioFLgH/FLpwBrKCZ
wDsU3kklxnGceRL/SDcAl9Js4N3AT3AruxF4L80B3gf8mCrpD8BlCpfTXOD9VGp8BGt5E3AF3Qxc
SWVA3AqND7F/5wEfUvgwzTeOwSYsAK5WuIYWAtfSrcZRnLgSH6PbgesUrqfFxhH6Ey0BblC4kcqN
w7SJ7gD+WeHjdCfwCbrL+AA3VolP0R+BTyt8hpYah+hZuhv4HN0DfJ7uNd6HjbkP+ILCzVQJfBH4
Hm2hZUA3LQdWK6yhB4yDOCdXALcpfIlWGu/Sywq30ypgLT0IrAMegE19CLiTHjHkN9Q1xjuwj2uB
u+lR4B6F9fSY8TasnsS/0DrgPloP3E9/Mt6iV2kD8DXaCHwd+Ca9QZuAbyp8i/4MfJseN96gdxQe
oCeB79JTwIPA1+k9ehr4vsJD9IzxGn1AzwIPKzxCzwGPUpXxKqy3xA/pBeBHCj+mzfBoP6EXgccV
/pW2GPvof6gGeIK2Ak/SNuCn9JLxF9hViZ/Ty8BTCk/TdmMvfLda4BmFf6M6o57+TjuBXyo8S7uA
XwH3wKq/AvyadgPPK/yG9hi74UfVA7+jvcDv6S/GK3RB4UXaB/yB9gP/AdxF/6RXgf+iN4A/KrxE
bxo76bLCBnoL2EhvGzvIUNjcpluUTbf8f2nTE3636b/b9N9t+v+FTV/7u03/3ab/V9n0/5f89Iz/
pU3P+t2m/1ubftPvNv13P/3f2vQd/1U2ndS3OsntvL/MfcHzi1yuIR3aK38ha0WMYF1TYKEyYXuy
YTGmwBYswN5aDA3cbI2Rv6hFuURYskxYqpGwNZNRogD70VOinWEYn/8CFRlFJ9f85HfBP/OwH135
YbEQ8qdJ1xTAVHRT02twSGhYq/DWbdpGREZFt/P+ZKpjHOEU6OJIJOrWvUfPXtSnb79k+R/fBg6C
NSbKyBwydNjwEVkjR40ekz123PicCRMn5ebRlKnXXQ9r9x98NG+4ddv/qtp/3aq40nJcqYMGOgek
9E/u16d3r549unfrmpTo6NI5oVN8XEd7B5s1tn1Mu+ioyIi2bVqHtwoLDQluGdQi0BJg9vcz6Zpg
Ssy0D8m3uuPz3Xq8fdiwJPluL0BCQbOEfLcVSUOuLuO25qti1qtLulByxjUlXZ6SrqaSHGJ1kjMp
0Zppt7oPZNittTx5bC7i92fY86zucyo+SsVXqngQ4jYbKlgzI0oyrG7Ot2a6hywoqczMz0Bz1YGW
dHt6sSUpkaotgYgGIuZuay+t5raDWEVE28yUakHmIAzKHWXPyHRH2jPkCNxaXGbBdHf22NzMjGib
LS8p0c3pRfZCN9kHu4Mdqgilq27cfuluf9WNdZacDS2zVifWVy6vDaHCfEeL6fbpBVNz3VpBnuwj
1IF+M9xtF52KuPKKxsPSc+9pnhutVWZGzLLK18rKe6zuTWNzm+faJObloQ3UFXFD8iuHoOvlEGLW
eCt6E0vzct28FF1a5UzkrDzzK7ZnypT8G6zuAPtge0nlDflYmqhKN4271VYTFeWqw9EdlWmtzMm1
29yp0fa8gox21eFUOe7WrZEua+TVOUmJ1SGhHsFWtwz2RloENY8UN+WpmCouY1njmiTLckT24VAI
t7XIipHk2jGnZAnFyVRZlIxiePIYtdzTsSKz3AHp+ZUhKTJd1neb4kLs1sqLBA2wn/vq6pQCb4pf
XMhFklGpJ02qhnxf3O1wuLt0kSrin441xRgHqfc+SYkLasUse2mIFQHER9mQbUFeSjeI32aTC7ys
1kWFeHFXjM31vFupMLqGXN0ceW6RL3PqfTmtJ8icCl9OU/V8OzR5m9rgrd3m+KZ/wSFtWmWWpLi5
zb/JLvbkZ423Z42dnGvNrMz3yjYr56o3T35yU5435m6VnqtFC29MRGsqF0o5tamwfMlt4dbj8M9P
KfX0Wn8ztFKlsHWIOyR/mAfzLDbbb6xUa3wja6ngSjXvMN0pjqvfB1z1ftXwWlRqGLAeL7JyJldW
Wq7KGwILVFk5xG4dUplfWVBrVBTarSH2yjotXouvLM3M961orbFjWbR7yPI8TKKEU6CtggZX2/ne
sdUuvnf85Ny6EJjve3NyawSL9PzBedUdkZdbZ4XNVamiKVW+WeUbZTE0vUaYVVZ0nYuoQuXqKkG9
F9UyqTSzL42pqFZ40kJUGp6kHXDS67X6mgm9XLUIUlSwtWXHnhUyDAxSYU1Ar9S0blo9lYK3gA+C
dZoGLPemaBQLTAXL1BUqf5O2k9zgevB7YJmyAyk7kLIDKTuQkqrVEmvbtZdrOsai621bIzv2PJ8W
pW0lAyy0VdoyXPxiteu94TRvuAJhF4QrveH92rKaAbHBaQF4ZzoPNMACc1tfM3RMzzoV6edUkXW+
lHVbkRKbFqmtx6jWY1TrMar1GNV5IKPVdUhfh/R1SF+n0tcRq6Zsnb1NeSPra4LbeFMQSbNoedpE
3CVjtVxvOEmbWNMzdk9avjYBTW9RuEnLAa5QOE3hGIXlKrdcxeeq+FwVT1XxVG9cYrdmGKswWKI2
ThuP+2+sNlYbocJsLRP35FhtDN5lOFobrsJR2lAVjkR6BMIslAtDOEJTvwHShuM9A+EwvMtwqDak
JiO2e1op3qchT6A/mZ6BMWRgTBkQkkxZAd4EPqFSpgHLwQfBmirJWgYoHZSmpaGGC224kOMiTXOB
UkGDtEHIGYiyA4Euzanm6EQpJ3pyQlZOtOzE8jixPE7y15xAq9aHuoNd4GxwPtiEdhJRLxHjSkQP
iVoSdURbNrGcwhFavWGsWCZ/d6W1F8tq2se60gLENsoG54NLwRViW40pLDgtHOVk2W7gMeBp4HLw
RvAWsJlSPTmuQJEqUrUxYoymQ7s7b3U6e6qwV19P2C7GE7aI6hmcdrPWGWLqTBvBGobcGUPujKn6
3mLBAqrTifaAD4JPgKXAO0EYnSCMTphgJ9TvpEr5qXLnwQZYgxJ1QvtXlzGp2rHgbs1akakJSEnA
WwLqJKBsAlJPAFnVkPnZ4BXgPd68DkqZOyjl7IC2OmC03YCpKhYMjNU61IiA4FrIl1OC0/pB7mPA
yBT3Q5r3Q273Sw0RchN3Q06qt8QK8BawSasDdQZ1AiWAOoBsICsIK6i1x+qtBK0APQC6H7QctAyr
Eb7FscchpvWZ26e8z4o+G/ts6bOnj/9OUQDKF/kuC7Vpg5MwLNQclRYidJpKQfyjws0Kb1boUtjW
FTU16NTUoDemBj06NeiRqUG5U4NGTw0aMjWo29SgWi50tXUEfeIIWukImugI6usI6uMI6uUI6uwI
SgvlPJ5EQbRb4WCFPRV2UBjDk2qCKGAXTyGbGRrPnbbZ7og9bavVuSb2LlutGcGdnrcpnmCATHw5
trttZmyiJyXeE3S0vaKjBZrAL5A/O1yJ/m/6T/N3+ff37+qf5J/g38nf7h/rH24OM4eYW5pbmC1m
s9nPrJuFmczhtcZJl0PetsL9QmTgp0vUVTxE/hJJXcxY/hTZLGgEuVtpWSJr/GDOctcXUVah1f3D
eHstW3CmmuyD2R2WRVk5gyPc/RxZtf7GOHeyI8sdkD0lt5r5gTy8ucW9OLJycmvZkElLo6X7WkfM
iUvvj/aGeXmyTm61zvffn0dtFqRGpIYNCu0/JONnIN+LjitPhKP5C0YS416dNT7X/XxMnrunjBgx
eVmQnPR260Sy6JuZUSf6ySAvt85SIZIzx8l0S0VG3pVyZEV6Rh3ZZKDKkVWWI+s15dqLfrJcnAw8
5dqrcu2vKlc90JaZUW2z+coMVGUGXl1m5tVlZqoyM71lNE8ZW7My/ifJpsrY/E/+pEz731Am7mfL
NJNm8WDHv3m4jkbw0er0RfKqkG/PLAbnu5ctKIlwVxRarXWUzke9t4j4/MKiEhkWFNfyUXtxhjvd
nmGtHrHop/nuRTJ7hD2jmhZl5uRWL3IVZ9SMcI3ItBdk5G0dWtBl81Xd3efrrrpLwc80ViAb6yL7
Grr5Z7I3y+yhsq/Nsq/Nsq+hrqGqL6X1UEszDc6Db6rCrSLQAgXOj7blDW4TUjpIafMAW8SS6B06
8bMUCFe9Ba59QWCZlZSWlCazsMtkVkt5I/RmRSwZYIvewc96s0KQHGofTBGZszLwr6zMG/mN/8rK
yuZdX3Z9mQzVv7J588FymeSPz+cRZpDWQp1vsbDG0jYvAy9XNlorK8ubR2pNy+aTbG2ehCuNN8Xm
o2Uua64EVHbtIzXDQR5Gc2XzGaVkwfletSmTf6KEZkgO0tsKkX4G/CBFI2yvFeLEJuOElz+TfwEu
8xsbDEMcQ+EcL3ueHNAjCnN4lCek6XRY/dZ7DdJ68bv0HLkoGOmHSWPiXHLSQ3QLHaEJxrdItdET
dJ4SqT+VGI3qt32NvJieYM9f2ybTB/L3bcKpOfSzMI5duLtWxXdSElrJodXUlg6ixS6GBe9bRYxw
olYOva1NMyca3Y3vuF5/0yikx9kpjuov0jt0jjvo1HiXscxYZ6ynlnRBi2nYZ/Qw5qDWBMqn+XQ7
RlBBG+gA54mBYo9xn/qb6mKkbqe32QGFyodHNw6l/0hrqY5200H6kE4zczAncAV/wIdN1LC/cb8x
3Cg05lImjaZsqkBuDMdxmpisTdY2a8caPm88abRH2zm0gBbSbbRC/b35MfqIPmFNWESOmKBtpmga
qP4SehVktgGSfJNOsJl7cwq7+G5+QSzQtYb9OOF1ag0JDlPSX0XrINOnaAvtp/fofbT5rfqFZyQW
fwJP5cW8lB/gh/kpfoFf5LPCJD7UNO0O/TX9bONRw2I8ZjyHfqOpHVnh6yZiDUZiPQ/Ql5hfF07k
VD4kHCJRY71FQ2NjL2OoUW68ahwjO3VC2YHwazNpFE3CqG+lu2gnvYa6B+hd+oL+ASlpbOEwyMLK
dh7H43k+RrGZz3ODaIP1SxY3ihpxWHNoB/RJ+osN2xpbN9Y0nm80jCrDbewz3lHr2xf9pGMFrqNS
bDG5Yi+hn1fpFP2dLqIPP47FWIdxFua7Fu2f4MtQJ7NYIl4QBrzfldqbeqS+tnF045zGtY1bjd7G
KOiWBqcrknqDUqBN8rd9Zep3uE+ovwXZCu05Sl9zBLfn7jycJ3Iu53MJz+VSvolv49sh1ed4G+/k
o/wJf42ro59oDTk5RJG4Uzwkton94qg4pZE2HneYm7TbtIe0bdp72t/0ED1R766P0vP1W/VFJrhk
fm3M71xue3lOQ2HDYw37Grs2ZjTOblzWuLfxaONnRqCxxzgNV7Q7xphHMzHGxZj/3fQAbYR+PI8x
fkpn6CzW/DvIQuMAjsKIY9W6pWPcozDySXCZZoBK+AbIv4KruIZ3cT3v5Tf5bT7Ex/k8Ls+tRVfQ
AOyCCWIG5vCYqBJu8RHoovgXruWJWk+tF24V+ZjNPdq9mM8a7bh2Whd6a72HPl4v1183aabpptWm
dab9pjdMX/qF+E3x2ogrFkR+031H7NUHaTfSJtwONO1LcUg4ebG4xM+IGN6L3mJw38oW6WIAfKOd
0PI5FO6/zs/mZxPhFOKfL9sQj4okbZIer7WgefKvQMRkcbfIp6d5F10Sw6BpC7QDYpOYpq3TH9QH
8THcL/bqJIL4B0qjNB6EtfuAbsIKJWlbdPl3oGQya5dNc0SQcY9+xiS0Q7CDA1lob/FkPsfZog2k
NUA8QHa8h/A5hMOxAz+C5tfB7UzWT2rLxQjxCdJupId4L+a4k24UO/lxrEsy9uPNnM3rtR60hG+C
NPrTDeJh6iBKRQfo8wT6nu/k1ti5l7A2HcUM0rUgUUSHRR5W/T0OE115CfR0Di3jSkrkBq6nd8Qq
6svF2u7LkQ0Jgi+f42ptGFXzJf1N/U0435cgyRhorhkO96fQ6XXo5TWyafHQmmQyCdzjsJ/ysddD
xUW+XdxIs3it9nd+SqTRGCrWysQQXt14UU/TekFiO2BN0v36m8nkNMXovbHiZ2iQ+pss8ivRT5ju
lHHtA+2CkWfYGqeZWjYep0WQzjBYt2XYS8PoY27D1/NY3RBZumFMpCqxRT9utOUWbKP3DeywxpfY
yR0NK99kBPJYaPj18v+Joi/Tl+rz9dtxNl2C1bybHqTH6C84TZ7EudUJchwJaU6F7ZmFM6I79aQ+
mN0gGgyrNBx58nv/ZMxyOs2gP9BNsLx/oheoGidUFuRxPerNoBuQXoYT6jZagv1/Dy2HDVhNT9P7
4nmxEXfce8WrYoGYRR/Tx9rrmosn0mH9Pr2cxuMOPJZboed+WKVY1FtufIDeOlM0rH9v7FLovXHW
OGo823AQ7T0t/wLNbzCd9UunBBrDP+hRbIJ9gwz1mSb5nzr8aUi1n38tt9gmmEy6jGhk8TMh8rKm
iagAf5n2MlOkecxtEY7RIRecoxqco0N+cI4KacCl3tnglNyje69QW2icLdQ2U6fLVq3+sstEl8iq
12M/nTU+E5+ZTDiJYmmMK/ho4OlAYfa3UAi3mheF5re7WgVRVGCbF0MGsWVQzIu4Rvmz/y4xHKdD
I4+mCEfID9edO3Uq5NQpSk09F3KOQ8P641+P7jCLmp+fvUN8Jy2+T+++vXq2aR2uKfSzIxVJYnu8
aBsa1lbEiW52e9fiTo6Bg7pI0B9smGyNirKKpyMCO3TtardcNg90JDoHdklyyvuRRTyj7dUPqb9t
zK9uaaoVd7ssbAmQ/wcdy7GAHeJJChS7XS2soXtCD4aeCD0fagrdwW1IiN1bzdj7teLJl7qb5+Je
tks8itP8W872zOPCuZAGzObCOcjOGeKEPDENm3cWVyLoa4ifNTLS6sczVTQiymrSDzVGxcfGxvMX
nhA3LEfjYfE+d6UA6uWK+AsdopP0DY7ql3X+XuylQ8G4LAr/XbyWLDSHYzxDONVwirqdQ7fXsY39
lJz6wTSHNh6Ljo+0a9y14cOe9khLC3lV3CH89VaiHJoS5WpB9YKiTCJSL6qSqnAq5AvqNko21NrW
R291+RlRvnAhxnTA+Axu2Le4GLeDzGrMgfqHgZEt59Rxe1IaNApzR624qxdqQsfk7LH9JHw7Jjll
tGT0/4UxSfvSNIdCaI4rJSCgDUcGaMnUP2AIDw+YEjA7YAEvDLjPfF/Aan404Cl+LuBlevn/cPYt
cE5UZ9/nzEySyXVuyWQmyUwyuUw2971l2YVdMrgFFVSwIggaF7Vqa6nL1guifV+wKghesKK9gApW
8VpUWJF1EfBrtWqpFatoq7agHyLyivL6IUXLZr9zJgkLq/bX9w2bM3POJLuZ8zzP//n/n3N2gS/B
V+xvwb3wY/theMTud9qhcwC+vJF0jgfn2gfgBvShzqW3FEhIvs0NwM3rn0Ozcqg8hGxSm5e+chke
m5i2mlvtHjqPC3Kyg3jA6fVwsiX+1TkJmXH5LI/4PTLjRFH1IbrvfRac4QtwXT9POGKDw58DcvjQ
hhydmmBH5w3Dh0By+B9ARE/f8D+eCXnsHtpDDA4fAezw5xsUTw6/Iz38uRFLWUKesCfK/4hWQzzI
w6TFHY15tC4+22XhLRZ3oAv52B+faYp3eeTG+wehFUhIblenlz2MZrjEokjhO3CgcLhB4dK9wJhN
5Fldkv2yKPtkr2yxhoJKUA2Gg5Q1qTfoKT2tU1any+Gyu2iXzWWxknqUixsgIgQMmLEmDJCjCgaM
MZoBgzJqdFfWAHkCNSb9Nwl/Gj0y14P22gO2H/9AWsXwcaogl7wq5y9xuBFVlS9FB4b/aRjoJOkN
cagJsqiRGdT4PaUYbpJe0Y3OUEN60etIlXeWcg7UiPhM8coa/iafGH50wnj9YfyucIlwsNx4P27g
N+hc/LFnQR9rM+NOR1/FIjsG29wvoi9bKxpJ6rEo4fN5Ud8vtjTzRXLf9RevnHxDXpnI+NHZlJ/m
1e+w4vTutNzQcfJta7ozUkPHKbeuId7dUfnv+34yrqjd2TXjih2QxefROztnLJz/aldMjlV2P//s
/D91ReU41J7H0bYHQfI+6ghixus38HRwYPiIwXBWQNuDRnAaPy1I2ZlB4lHggqsMO+tyMexWO03g
EQsa4aHFQsCtdG0518YHvYNIT3HEpZuAxU67ZMK7mbge4Zmf+JPhAJdyHLwUYTC7hZiHiPj9SEaZ
HoSxtpMdOsCaEFU6gNHW3wHYoS6+oyBB9otDL5zQaWoEZdPKnFaNZ82M5xaNs9RCqG0McQeMqIGA
OjQXtzBS+dRrZ2QHLVNH/nmeX+AliRf8VOMMq8wxbhpj7ONoJt5GsZSBkfVWonv6OZuCzoyF8gIw
AM/d6HB5u6IWhCKlIfzhmhqDz6KY+ruRDcZbT2Gu9SxOLm5YnHqo4aHUZtfTabubd4hFV3uaSsXS
asabVBtiLq8Te4p7P39A/IofEqkGuj6T722qTaRlC9yDgNUJ3QjUzn3abne4AgPwy6fNn70ZZSkU
9Gicfp/rSkxwE72IDvjRqIpe7yR+hEjTz+pRyR4+hIMSNRj6DpTQ/O5Baaw2jaA6jSg6Q+E4L4mJ
iO7TJAMIMc6A/rDXgHwcNbXouv766nyjB+iDfZlZY7Ra6kMoHB8znii2Ine12qy26vTX8MtqtQHb
EHGThGb76JsQfN43PfzEdZc/JlvtLpbz/+DZC+79QD/36spfBqdr2EhX/WTvp73fn9ow96H/LEs2
h59tfPD8d5aNveCKKyvv3Y999XfDH1BoogAyfP/cdggGEGq1NDcXubHxU+OTE93tPwbWhdri9rup
FcWft68tPtT+rDDo3y5s977qf1f4m/8T4Sv/cIHD79vojSLDcQPIgiF0kqIZZ6aBIwvog0jAEgsB
WY006FkZmb4/EuGzA/C2fr2rxYOOG/kua6yrbQC6DYeviwyFOsjA2MIgMkGIuH6TU+5osVjdnwzC
RVVDIFiEGCL37DmD3Yvm/nQWZ2JsjaE9qHsA4SSGS9Pl0RdXBc1QazGeELyUJdEaM6Bg8RkwXtQN
6KV4AwDTLtejBzq0l/vaQXsfFM1IwIBi2gajRhuyi161SIvf7JlWqsdI1UikcOW1XwzM3Zdn/Czr
XbXuzhcveKasBmT5lL4VK38y884syzk5aeaClav/eCHxeOvGC3/x0XmNLM9KzBWb5k254ywcS3DZ
ueff0dnqtfvZhq6zt904/ecoN72F4wkxaAUg7mu4UT6PEKpmUcIhEU3r3mcUZavI+PgBOMfgPZ6t
voimXUqQXoIgCS0cQRO/iSQpi6a6VXS+AXhQ8kH5SgnhMBABg8ZEHzlA3GAw0OK5VFHCgFEhCgV1
kLgcaPBcw4liCMpRivK5ULb6MzJH/Jg5+k5HlKivE/GhoU52D2A7D+CTTztZBEQmSRrq5DosS/KZ
/2BfQNGCAueLNzvrR6apsQ9qRdjC1flE/aQGRC0cF4MkOfQGfOPJSeFAIDzJbCsv4/bebGUm7LmA
TB79I567yhd1NII9xK4hDfn5C9jP0cxlwd+NqDNoD0XtKXmsZMmlTkv1pC5P/TL1ivyu9F8SLWMn
FrETC+gkGInRXjYSF8MBGFY0sAXiP5QG8RIB3GPYlS6KcgA9IQzA/2vY/V2OQBeLSO8gcRNIEXM3
oldemogPwL9tYuVcgnLUXXhkzk4/hGg3e2CoXHXfTg67L0Jt7MKYH5t+bHqvJIUs9pAF5W/Jjpqg
VTGgTPtHPBeFcCZT7oNcHSpi0eRoz41Fq3BSB3m4cPLNXfftPPj0/MvPMHSJ5YRfbFjx/EOLbrgh
4uZFYjKGEOrOysXh8N83vnykmBijibzM3/bKw7evm8hKIpHDOITgk0ezG0AoEgON8DHDlY96461R
NaNqqj44fBiXBw1PkRpHd1NT6LOp2bQ1gSa4H81vpHaMmsdYa3xg+E3DgdEDvTtOuwfQOxdSFEV7
KS+tUzqdFsYKU4RzhcuEBcLNwk3xzcLG+DvOd/j/cgtOaKFtEasuM/FIQrs4cpG2QFvQcEVhXmN/
dHP6LdcHjr0ufjaNSA/L8RHBG/apouKXWckdBXG3K+HUHbCxQOSzKIukbJm0xW/1uONNKEbWbsx1
kaQ9OAD/bojhLq8l2WV3S+9bu0CaTUfSjWkqvYV4FWnIOIwDF/HQpmhXowd65KbNsB1ef4zSlU/H
uWOojIg7ynkHDmBb76mqIH9HNQNimEpkIxolsAzH8AxpdbmdbsKapdIGjAjRAfgbwwd0B+JyiXgD
jQYzlpwBNSaMrzhhwp00QMqWNN0COwbbaTI5jGt9ZsIx2VI19WTgiKuYnoLSDvaVmu/EosDnRfRp
xHXg3DPWXrx4x9aHf7SlrbvUuGbnT6a3SyLn5lNdv6tsk/UHeuetXnPxBbM7CeGKy3c9+PMvF9+y
7s/33fyD1RdHGZn3O7yV9R9prz9zz5O33vCbs8agqHxjuEK+haLSBxatt5M4cVsRdKUJq5Ukttpd
bvelPuD1+YAPkQmX3+lzAZKFxKVOB8ewDop1OQdRJELikaf9dln85Dj6vOd0k/iUTOBBuOM3owkH
0xJPPuPBCDQqb8OiVp2IIjqBdUAnrx96CGMJSVaeoEUPL1mpuboZFqsX//PlACexDh6h8EdIM3xk
aoYEaIJLjO/wD0f/AD4Fn7qoAKX4MrmZmYsJi9NDSUGPV1om3QVX0iudK5KrM/fkHoUPJDcS2xyD
rsHMq44/ZIQFcK1GNHlziNlsCMXUgeG/bWiM5QeH/4bExpGnObqhIY7H0g3RweFPQGJ4/4ZkVMM0
iM80GHSsK5WyKl2CpdBldccG4F8NNpUSWb2LfD/QVRKnioQ4AA8YzpZIF/t+tssuN4+SHchFD2Fl
i6For+mo2E9N12zMNQXDnI+iVT5igJAX4VDehjRDowWl0TCHECnoQ02OLhigCQmMETGBE+vXlQQo
w3If6OvGi3SZ4X39SA2gG9nXj0QCPhqNSCNYJNSzSOgM4jMomWNeV8knoZf78JgPj/nw2AnSYNax
/I0wcEwdCtGQzTrGTNtICiDfFo47J4Uf/HD3mjW7f3jZeemxO3/+izfHptz3X3Xl/auvnr/a/5tF
i36zbuHCdcQtLQ/Pufudd+7uebi12HHmhctee23ZhdPGfjx31T2XXbhiRcXW++CDl//4kUcQLgoI
F/3ILxKgBU4zcjaaStsyIP9YfDBu1TFIxrKo8UiocXvU5lZXFDXNYks2mfVhJsac2/Qh/2Xs/6UP
5S3bAGzCKInfNYCNLiL77wfNaJ5y6F1W78amF5reaKLOp91xoHtcSWeDPY3UHzpz62jATTHxVJfD
gvHMcBQQoDm0LtGtDyLMchMPGY54FxMoBt63dWW3EI+A1hHoYg8NIaJ1GLnGh6DqDXtKVT3Bmcq0
BlzJZD4ao3xuj8tDWDlEZwTWy1JWSyJtRz7S4EQ+ktSjvjhGKgHmKSw26RQa9KAmxmpofCPIWQvH
sOs48ALlDAasPngMw9C5GaQ1q/pNu5ps+bicB4qtSX3EvGPayG0T+s+f+cCcbWt+/Fxrd4e+4rz/
vHl2R0DiXP5ky07Y7C3e+4Mf/vrXl4y7okUjfn/Fld/7P5etHLp9yboPN1w97eeFUpSVOL9TgC0f
pf+yfcXTty3tN4wMsrNZKyEvBG6k+ZoMO7NBdNIbgJXfDEWECRQUNzqdshwaKZ50ns5WVQQuocAT
SijCtxVURhrywmljxp2Bn0PLj1VZCKQJAbWNuhOkQR4+Y2TaOAR4wfHZMbmT+VMDp2Un5ZD4FHsC
PdlpuSNpJgPS6WweEkTOwQ4QDxqie7l7tZvY5YbuFOd2s5zi4PhYCl/y6HpLWtdTaSWWztpJc8hq
bTFhWrETOVkwh0RxBi+KAq/IPBcN4aFTwiC8KHxHmNwRhuFUMBwOBZVoMBDIptNqMOANBgM8x6lE
DjHUXDwWc9hpANUMkw/niXzeLueyekDQAzIRGITnICU23vCm9aDB2EuAg0wwHNwdPBikUFrOPtNI
6FxO5wfheMANP9/POUpIiDxvsOi1DAcBN5X7jBvmKA69tr8wca40UBPJfcjNsKCrng6ZahnzVox+
ZbMsihLIEotJWpfkpcyS/0DclT6mnP+73FdASvq4gf9R13y3DSUp/KyW8shRtBfWxIYGR10gyRhJ
Xjf0l777cTqq/B63E+AVR0xt/jBcOcEcfgnT4zUr9oXfh0sqr9ZpMbnfLwj+f/72GE1eQlw0dC+u
JM9EPjQL+VAIJEEzvMTY8mT68czvHS8633ZYlqeXZe6NrEqszjyRsF4XX5i4InNVbrljufeW+PIE
fTZ7MbvQMY+dx83j5wm2yZHTtVPjUzKLPZZmZlxkrDY2UUqPy0xkTmZpe0GOhLRgIpgOFmJMOkMv
YJ+Lv1QgJ0VOTVwdWRxZ1nh3ZG1kY4TO0kjYZABQRIK2ZCBU6MaIh4w1eJojSSWli0mdVhW1qblZ
pAmRjiUYV9hVcJVcU109rl6XzTUAbzBSuQTgWI5guDu457kd3G7uIGflAq3JBiRtAAuIg4iIyC2T
F1R9AvO0vlp1vGxKGswjkL1Mos5WtWWtmHKihDFBUI1nea/DKeiZRNqby8GEI5aDWT6VA3GnnoNg
JB+CvjLs6+sro0eCqxvZTE9m2jpmaEFrHtNmMjAN0fa2qgDVIOjD9iXYe19ce8O109ZeMHQr7r8I
Uz1Tu75z1/xKP3z0zGvGz7rvlsqfp1fNvfHalT2Fe86ffsuF2OREWyx02ZipNx0VT7msw7hmPJqE
c5DtC8j2RcgbgZ5wr3WhleScngzPK85oKFyMxZQQabeiuOpn1BI+GllGLllnEAgFvAF/RhCUQGue
aQo3EU2ZYlHJJ3OYIRPpjK4rOURR5xqdAQLqzlhcDxSRblIBcAYIJx3VmRD8LDQcIkITSB3Y4TT7
GvsO+277QbvFXtT1PMixOSI3gBBATCTiCCTs3xUK/Gf8QZ7k5bbJvSaoljtPPzCE9echHLlsue8A
MmXNekNVAYq/kLWQ2vqi/GbnsZOaBc1uJlO/cGwcF8cgVy/QcMcUad1qXJ04jrymNgLPJhbjuT96
AbZOn2kz8go8MvQQNNUTsoVEFCthM24rT49EZ2UXHnm1MqXHvPIpbnuQlRYN76JuotaBTqgb7bdG
VkaIAltip7Lkqa5J8RnOsmtG/CHnQ/HnrIMuOxXzx3RXMqbH2+LWNtBxB+joAEpbsYDBuYVphs1t
+ebmQl4pOuhwks0JUPVLyBVybemwwpJasFNvK+htlxSLlKAlPCSC2h8YEa9XINIJyq5eks/nVAhB
YHxSZ+gwTdBy15LekTg6/UB9iYk1JQ+az5LJK/eYgVTlD7BKIkxyzh9foSxXS5TVDosrlFOecp41
5an4mbPPmeAALCK/Fvy7pYgEpdCzYXj/xrgYFWNinV7OQpIHYEWMiUKeKBZbecwLarW0uuypFnBQ
l8IMoW5cS7XaRhXmbOtZ8urtU5d+euv2W21YAUg854fW16+7cvOZbRC8f9pPZ1YtBe9SA6wXbqj8
stg27Y4NS1cug5ZlvU1eJqBuDct+5ey5F99evvpXrx+ONMAxyMAS9Atu0YYs+kMUd70o7rrhbw0X
f7/4RKFf3FagqmnZ6c7UsnEgYmZZVoFKRlOUiKYEss3mECjAQqqlUGhuUbKdJ+EhlimFS0Qp010q
ndStdFZzttOaqaXsasJ2iqlavs4kzO/DNMCGTLyhIRFXMuOKeKgbILaeaW1vL7Yq42JRFUCIFIOe
zWYieiChZzLV/Nw5bpwDJe8WNd6qxruNULh1dfeT3cTy7l3dRPcAsdkITuRVTePURsIg7iDIqcQO
gmCIHqKXIInniM3gO3ibGjBXcFDIYqBFoZvpNDkSjtxOnJVN/MUtV4Pj0a7yjb1v7/yrd43+HmZy
NoVKAcGenfGWRAM1BQSCmzwC6qCmKjq0rxWuajBxrLClfW1kdGq/YegNEyoq75lR34qT+JcmghC5
eWpADn+JR1p76q+Rw/OItop6Yno3QeQ0+HT9/KhYv4587kOU7D9GPhcGbxu5ApW3xFwRd8Qb8RVC
BXW8pcXV6G30lUIl9QxLt8vwGr4poanKVNWH9xAjz3G1mQsXyJPCZj/UBkKhMFBkmjD7ljaz+q7Q
Eo/7SV8b5/PxnCKFdZnXZYkgdJrR7XYaEz5uKgtZOXLrrjqKm0vS2NjY6gf+HVN+k7W+tpKhHZdk
rTHiZ6NWM3abCfUus+Y1fmSyRiYT18sXoVg9B82bBuYa7Sg5FnFy1IJqEZGUIEqO79ZyYRHnQkJ3
BnF6Y+zQHoihOxV4Obp2wXEL8HvLKD1VxcBIBjqWd0aYBboZ7tuyT62Ut5PIm6sCc/ANvPyyeVMf
1m8GnoGdpHL+qBuCQEL38zy6n3YiaYz9QNmrEpPA5PbnwQ7wBvxL6HXlMDgMDyuOBEgqSVVvPzk0
M/SI+qz6JngTvqnsh/sU9zkqdJlGFlYzkGHCDMGkBIbhBcUVNmGFBdFpUSKa0qPRhK6ECyawOJtb
2pqbi21KwWkx+3QLRdMWSnEGfdVvJkFGCkuElPJKks+rBPMNVazLTMsQmVQyk2lIKvmB4VuMkAJB
JKQoKiS8ELdqOwCIFnrREBK7iuFUE3o4rKohRYe4PzkUCraPIUifHiTyhWSbXig4nS5K0F20nmxv
V1RVGdOmJg3wGgwne5K9ySeT25KWpJFMtSYNvsgklyd3JHcnD6KxAeJ9w6eEYQ8klsPX8F9do0Ih
iiAoZYBYYIhChKS8lDpVeE3YJXwmUILc8dsaVzkdV8UDMntA4joK1a9yH+qWkbKV2L0Bs1qOR1kU
DCZ7MclLZwkzHLNzwBxDnoPlCdIlS2ikTyxIp2Skb4e1vv8dNvaZMfVjlE/7YAx+vTZfBzQIv7V8
HyPum1PZwq4yMesPuD25iNs/wfGw408mnlUr+tuRNAyv4nHpfnQUDmWJN0+EMnI/jso88uLrkRdn
Ya+BpAC0h+QQ8RIBndAaDEIxSDk508k8Kd7j4VDEJjJVZ0IJL5VtaMhklYSDMl9iayFtNopE6dZr
9hGr9fu9KJjjKu5HtRZF01RFiQcJyEM1FPQib4JBIGT0RELV43EEgNc+E/TqKPKRBr7WcECnwwFp
JaRCRIyMIABZI1FkslOzPdne7PLsrqw1G8gTpMoH8csFvkfoFZYLBwWKEaAg58b+8Bih6sMMl61K
kwxCjb1VoOysAaW50mJuq+lYks/gFXoG0t6GEvRyIdSwQbM+NsuUsP9jUP16Qiz3IXKlxeC3O8Mo
iIpRxNyhu1dVjWwu4ZhJ7j1i7iqMTrDNdArKf7RrlE79iHxxBIMJ8H3EgL+PGLAbyPCoMfwK86JM
8HvFvdKX7Jf8IfGQbH1J/Cv7V/4t8W3pY/Zj3hZgA7xPFCXqJf4r5rBA3mu/2/Ug8ajlUfuDrj9Y
/0DTNxC3Wm6jF7mWCkt9dxGrLPQY6xi6xd7pGsu28C3iWIlOExlXgU3wCbEgjSNszzHb2A38BmGD
7ylxmzQo0+uYJ9i1/K+FB3wPik9Kj8n0TOFMsSytZu8WVoj3SL+S6YnCRN9EcbJ0mjybmc1+l6dT
0limTRjj65DOYCazE3naaXXQQWuQTjFJIelDnFSGFC0wbgrY/IhucwkH6UlgyRoBjWANsID53oRN
7g90X1vbkIOXkXBJyZSnfnNnlfnAGhNFbrmMfGKj6AhxJX5g+HA/OrIDw0f6eakk4k0KHm+wJEqi
UpJwYx8Y3t2P5B26tB8fLQPDbx3rO3nc/y0+2mtHAR/dXMmH31c9HjI8Lrbki7j58YKKGoiLu4Jc
cteOBD6yvpKrdpRwzdPNCeOhBzWuKD775r0e2I+RJvMSiMMjdQ+QC/K2VgJv8PCiDk99/+bPlm6v
bIfF7Us/XXr2p1vW/xPa1m75lJj0SOX9NXAW9EAGnrOm8sGjr8JJlVfe2195G/9XNAToR0hyLkKS
GMiBg4ZEBaigTQVhIciHE8FicGLw2YwjzScHhj812KsCNwaIJJ2mVwTuDhN1ZpSpMaNvZkJNvkyN
CWVNHhQDaoJn4qU4EY9LiA6lEkgJhwKFHKJFrJw/PFKVqNck8L6rTlydAmaExw0093HESFHjZDAH
nVXbzffvUyW8B6G9HfaNpkyjOIa5GSFRq0HENPhUlUBVgiPaFu5b9+7JzVOmjZ1R+RK6yg9Meeyn
lZ1wd+XKEyP6j0vP/GmiPSBMP+ua8Rfdh+cd1x62onnPgTHw/meBNvyCcUZEG5/xIj16bvGSpqua
SFtmbNPkptmBc5qujFyZvaZ4W3Ft+rGm1/Sd4Tciu/Sduc90DlHKponhSdo12ZvCy7I/C/86/Hj2
5cgr2t6MW908fATYAfONNmo5wUbjRmwUjqQzmjWay8bCedCmy4i8SkQOqIU8nvY8nvF8npZSMT2d
xmw2PEhcC3LEGsMN0I2obEsiBHSoD8DyxoWh5SGUEWCDgX/hbFp0TXRH9GCUimJGwnAGCwvsQZZg
5fbJc0+sRJX79pT3lDEPRnn/cE0QHTArlCgUsLEPdJ5Yl/p3Dd+OFDVfU9Qbwq7IIJLT2vChpzOu
ohhGCLGhNdKEor2+WlMT1HgLy7dhfs1RRNFf5wGEnky0HHOZs6vov+Y4jzl679s33TN70W0G7s27
5/HeyhcfXt5/5qMLKtsJR2XyiY7z0n/MXl0cf8/n5g4J/9bi9Glz26f/EjGAZ1FO8KKc8B3wrpHu
ajktOLWl3DJfXCwuCSwN3trxq5Mcp0YmTSCwSzw64ZGTdvr3+r/w24L4JgWpDS/3z8oYqa5xAYmx
eAEc42lujJH5VsYNSM4p652drVyi23kLlb8l2ZrQukkKBb5m9+j0nDGJHrVXJdTAJG/CaNJjujGh
N7UwtTy1OvVkypKSJ947CMPHrQHvOYBStRnIQ0O4OFXd4ofNy5lbV6pLwdXFf391gyxeOYMYwGF9
j9BxtQufVyXwjrbasm19EbO2KlJbvU3qx/YCkCuquZT3Q8sDN97yYP60OZc8PmHmrL2/e/cGPK3V
K5vvu2/TpImNv3z9vPPeWPcUNT6ErfOWGpCC0xcvv6D5uy1hLqQkl51/x/aljfjSvjC6dN4v7pt7
0qWqLxA75ZSbbtyKmdlyFNedJp7ebqQZu6vIorCLhsJtuJhI0JYiLuoKstiGdJQc4xH1I1AYyQOw
9xmW5VT8P4AiThdhQ4XQnNBrIYoJlUJTQz2heSiangztCtGhjxOYUuNi7aHazpOSCX+janijK3pf
d+F6GW/khLjjHVMh/gO371QeMVeC1+HpO1EgVv6GvRrOryw1j0jpgbOQP/4E3XcjjG4GIfwH1YaP
bAizIbxJNIhybXR+cI91b2h/+EviC+sXwSPhf0bsToKywqAzfFNwldXKS1Xt5GN9hK9F9vkkWeHT
jVXamoO5FMjlGoGS5hzVKlHK7nY77AqXiuH+yXpLFHuHkmpEyBTTUylJ5x06zxEKYhJRTYWwF9mG
YMBU0IO3BTfLAZWmp9p77L32hfbldotdbjqOeZbNKh722nJty/jxlPN/VWwxd+iasNIOqxOOZry+
jarOGDlz3a6tOIpJkkOfPDzviWtPVgMel1rljau2/vSspZea6qI6QI0fOmn9wQtfuobYiizmdpj6
4aRbfnvafReZI3UFzNYyTwbOMkI2YJMawWnS5Mwc5U52h/Kl9GXG8Qh4RCFc3mr1jW3xsazXp7h8
YjSNhxDAz9MJoLP6HH2HTul6KqPr6YwSzQCnWXaTem0Q7+DutSFlkSJsNpJQnATUZHzxVEVpkRRF
lhRN8vuQflTRDaJYljJIw/olr98v+cW0HpV1zau7SN0Z1TSXy0ngv+uegRm9UZomPSUdlCgJF8ed
fkIv+Hp823ykD/X7h/3QPwhvACKxoz9rrnp9Dy/n7i0fKpur/GUzVuo6Ev8rFOpq8hsWu0YvZplq
8l8O1MyMVEJtqdY0YXV9IwZbvmmUWHtVZdYEv9ft9vphhyS4PYL/frjYCq9fI3lRR4Lt1aNBjbf7
XC6fvdoeFcn9x/cx+uwEgKwg28owbHQsICF/gf0C3xxxnqPPOU+0DpD7iH0MSRPoyYRJP9NAFMh2
/GcDyIXkfOZqdilxM8m4rGaA2WdY7HarRXFVa6dphFjV2inLECRHWVSPm+ARYEGaMSJFxlDQUw61
MjqFVV1MrkZaL6BAIMjprgkRCKfCXrgQHoQUlAMo1qoJH+UHHGYo7x/AXLf+qxl4B8vxG1ZG716Z
8pSvlsifBczw5+sJT73+jauWG0m8BRuR/Q/6a8dNfk+JIJlwZ7VoWda04sgOGE7zQV+94ERWjr5N
PDb0Oi4uETuHZhA34sC5ltxi+4eJdlPmHz3JDhP4HECiqzJE3k19BDgwydA5p+dzAJqdCOc/h7CZ
djpYmgcwbmcdjY5pDtIh8xc/enzRr/RNla86TnPHCnd/NGnn7ir9pO78ahv+RJb95mY0AGFnZYi4
y/wM443I6M/AOnm7Iw5LeNGv9tOP1n/66J9tGVnhqWUJorT9+Grhk5YJeP3mKzMXIBZ7B0L9GeQi
0ADa4IXGmY/ZHgw/lid1WyI8jrpSmB+4OrjIe1PgTu/dgcdta7wPBp4obLQ951nvfTrwrLrdc6jJ
54AyTENyJXdXgLguvyy/Kv+Y5/H8i007mz5sohsQV3zCCCQKWiIR1aINvCL4U20aaEtBssVlz7YN
wN3GbHhzA3C0aKTTroEsm52XJbOpcS5Xg/ceVlNs+IIbRCKa4RZLjAYLWkmbqvVoq7UntW3aLo3W
Au3+5Y2aFV/vta62brPuslJWeUx680gygJnTh/aeUV0yr05dfTtboXwAZwZz99AxFtPBdYxinoh3
yjV33QZsKCW2Dh8ERfSUhw/183Seri3ggHJfbdHHi166GajoJcLw8/gKIkNlrVjb3YOpznHbG/Fm
9WqxtOY7pG5eq+0CIc/ZtOMXj+1+e+zNUxctunB9xM76HZ6L7pm2esM87MUvjrvx1E2XnjH/xz/a
fNGClb/qvfYZhr154iUdDonnHEwgfe9FQ2+a/PPXHDt13HdP+/7MHqxgcsj2M5HXhUADjK93C9hW
TrbgZVnBG3WHRNwX5IJPlkVfNKTaSOiM6K6ycwBetFHX7BENMZ2LjDQZQphlszsVjUEzT1gD6dh0
4Ir4vHjbA+Pt9e7yomBOnX/78ebARthTF4coimR2j4TAXN4j7amtrv2rjf9TnnLVjGFMv8wOG52N
8ZMbZjR8r+HR6Nr4Jvis8zn1meQLlu30m9R79B7LfpoTqSbYbOlydsOpzlPVGfBsS9lWdn4PXmKZ
67yKuM5xnbogvFQdDG+JbkyISPUf3OBkG5CSWK+K1R3vZdg36/+z9+3xURTZwlXdPT0zPe+enkfP
TGZ6ZjJJJu/H5AETkoHwkrcICkpcQxIkEJIQAoi6GtZdH+tjVQQBdWXXdR/CIstDAz7YdRFRXHGv
6CrrCnpR9yErruh6FzP5TlXPJJMo3r339/v++L5fKKbqdHV1dXVVnVPnnDqngm0wRgjkdcK1hkcI
EjjDKgvnb/5DH+aT/9z39obnM/ZRf3ji3ntPkB/3Yf9rh5OfPXcoefbwo9QJoY6qwo88/Kc/PQw/
4okAozMdMDMfnd0XFEBscwDrnygE4AXH25G3ck8FTgX/FvlrrjbbkeucqMyMzMydrzRGLs9dZlkm
t0Vuk41OopxYZZcW2i91LI8syf3co+E9stXhiVqjYsTzfesD1k3ujZ5HHY9C2TCwWhZZ8mLE6syy
z6XKEehWWzCqNezheN+PXcGwwRzXLdwWwHcHfh1gAp5CKZhDBnlbDrbkBHLuzmFz5IJDGeMM2EZ3
VGGROKd6IEA4ndpHVY3dx6heQjCohLcC+k+EtbTQwGcKDao9VMoeLhxClTEEssHzhJxhl93mYvjH
73vquTceW3x0rsNqc7U+cuRo8jw2HP0Na/IRLHk24HF5p/T+9f5Hjk+dI7lsBROWY/aFo9hIcOEG
6O3t5JQA6O93n7gof2k+Q0TtncC6arCmhErbIZ3fTbKs3hKX1+t2hfyCM5SnbxQADfbkBaG/AR2U
UFDyI6NB0pIjT1wBvdJL/Ocx9hRGgr1WbO3Dd+wpyO9N2/OsTPUPEZUJRa8nnM1p+H+O4MGFWdOy
0um7nCkk2GPWiTpCYobwYj/KH/hotyLlEvY9Z+DDPWFdtjxIowaXqHAlP8jQlLvSUznTwJBjVBJz
77vdv1+37ver3t5Er7ve3LjpzTc3bXyT+/D8CkJbfnZk3am115y89gg+oc7kbW+/vY3MZIbu/5fA
TJaRgl5NtAnOLQ6mnJnAzGWamcPMYftL8gnxhPy29z/d7wf+5TTJvnxfjKnxT/POCCzyXh7o9LYH
bvDe4d3i2+J/UmNZ7TzgO8QeEl/0vejndc/bPIoCK6gtK+jSckGbwTjPE9+GcBdgUB9+P+EKKXEc
3ybhTumgdAxIESfJwfwdGVN05hlqSnXmdNpylJrNDCMyu50SDyRhr1cK+Jm+gY8GST2G/0HnsIk5
ODORVt2o54q+/Lnz/V9c+cp4u9nqtpZ+tv7N5ElsOfIKFi6TX9+w4bgHP/TIC3UVFtlms5Zfhr0v
PgmU49P1t+/ccSfhCP8A3P7lMDNj6GgikjDO0fRqbjKuL9tm3G3cW/BcwfECwaUDMfWI1RrSx4pR
GS7rY7gnEAoVAwPRhxMJD4aZm50XQpHGaDALIVGRi4vcvF4nhGAuJoQqVIgVzzE6NTcmTCWOhKPL
8aqDc8iVq8kf8k7t/lATlVrrB5QBryVMXj81BR9hVdQ4wrzInF/ghQEtDKACbzSAiQiwfv1X9zqH
dPApU8ghm27e4UjzUSWY0tH+ThIffYLET+y4a+0tFQ63pLPfv7RjLb6NElpT/5S0sMvsJ/PxxmUP
OnVOUXSxrvZJN6p8F4O+nbyBuwFmZi6qwP5E2SSpS2LeDr4W+Sh4OnI+eC6bXx5dUdRc0lxxren6
6MqKO6K9FQ9F76nYHt1WccBvZnSEGiymBEKv0ej0IQb5C8rcitWlwFia/RvKgopQEEQbcrS6OMNj
HudlKVgRBKt+m36XnrXoifj6uP4YCK+eyuJgb/ju8LbwrjB3MHwsfCp8NsyF5Vh+07DJSqkF2X+F
wSAMYP1pQlLr05ZeY0YQiYxZ/BSI8eeQZ+Dc7nxdeR8I934d6oOrQl0pSaLGCpJZ5CwZUqClJjrh
XHDl4D6ZpDUz4SGPouqqSkJFmMqYWFE+zDZ5vbr2Zbu7Fs2k1kCfTFub67zl9V+eP//L1285eued
L710551HmSNbKcXYP29C4ZV51M5kxkX547/cj/G+fRglp9/38u823Pe73wEuzAdcWAG4UIO7E0Vb
POcVhsMO3MKv5u/G9zHb8E+YXXgPIzzK/1S7V7NPe1j7pvakR+vR2VyUblukgMRIi9yS5HKHbNES
yvAULiotLCwpDUWtgkrvTdi0iKomQlaVfzVEFqX415pych2uLCmrrCwvC9VgJeoLctG8PBjuGsRp
rYJOr8gn3RjWiUcShrEoqJQdLD1WypT24b/tGTOladCKkxAZilEpkk8FWtsFCf6/ay0Ct1S3xf3k
8EHipwK8zKndNk8MgdBEEdLq8Wq0fMSrkQPYo/WpKEm8cYY0q/sRP3Bun2IMSCr3s1BV5al+OkM8
6iDqqnys9kIqVjx3zoYrFt+26MqALAeSH5Pl48qbVi8aX9KeaShGMRv4ovOXTZn0g9n9/xzEX/aK
a4uUtf0fDfpr1qk+POgZmA1OjQ2xwMHemMgPyeVyQp4rN8s98ndlrd1kXSABH8sb9Qs0mpDR6ZM3
OoCPZZ9n+vB9T/h4k1FA+ClMlEkMiCFmjtMojtkSluSsi28ckvGs/XSUaus/PzNC1MsQ+RqxI1xp
/4r9RqoDmLuvvxFPI9/d76bC2LTPyI6xxvbWW8mLv/xHBqUCXobQpb3JG9ga+mVZ6OFEgZW4yzJW
9grLQh9wd74eSy/qxb1ML7vRYp6l+4HuYd123wGfxqfzEoW4D7BZY9D14V8+wXEhg/rBCbOB98yT
FdFudm7wEyXltxI2hmFZf8BoUrKyZnOYk/0H8D78e+QeUqBRw6W0krL/dP3n/UMWhsQvAhZA8uWD
X0z2XMKDFmlVlczJ69cnTWSzlJmyYMG4ecnPaAfol3+XfH3/lxTzm5ffXRSgiH/H1YDlB2FcNwCW
VzJ9+1EUprHTVB8lNpySkaaJ2aKh/mr7T+3MoRjOl/IjxdH8WF7lmOz6yLhofWyZtCxsWGLHYXuV
nSmQZkffirwV+yjyUex85HxMNzYyNrYse1nldml7mM+uDIeRSsYNgzTcR5B+LwrgQIC81GitD1DD
bOC8A4vCgUAoHPKFUVEFpRalpZNjpaUVsVBRrNJmoBWZSwSz2SCEbMQuBCQo1SjEvYVahYS8kr0w
h+RPiUYXRaLRnEioMJIdyc5WKmNSZWUsLNlFu4LCEvmbj/bKbEkTxqG4z+eIe/mceGFFvKiosJAx
xEUb0sUxI0hEhNZ3hnF4ayR7fuUBvA1FIMfUFeuNMUqsNHZVjI0RapRVbYe1H1afLn2vnrHqFX0p
AGQd4vVy1VP4IUQc/Voy7InpMRHEJpVq3oiZuWrTpho6pXbuXWNu4ejW/X6Qc4/v8deSbdXje3zV
aiqXq6mriKa7pbx6lPJ1uUXz7UO3mFMWIN+stRtJ8C5cFkjZV4przdba2jRZtA+c2uPJjkl0r9gW
sxPyCCl1x6daqSEOOgwctKSLkKMRYgOfZ9pnQgkoNSdV6os9ETmmqHRyJd1tKhg0JBjia2x4hG0B
Hmkfj/HTGcLi87i1gOKKiRCOpmQffriJbkWdJbnx5P14TfL7GaLjv3AhIR8ETv49uXDQUH4VYNRT
gFESYJQbNSZiix2rHDc5gPkwLiA8I3CJCwiHKLodG222kBsBY4iwYrNaZ1sPWlmrLGdSQ+qaf2Eq
eEEKeM9w+vcPQv/SokMGUYe2OohPCPBkk5n8RK2l2lJjHmMZa6m1jLMkLA2WSXoxx1hl3OvdXcjl
4irMzPct1i729Wh7fJoqbblvknaSb75WU6qrHkfx8+RYPHZy3dix4+pC1Q4LyfIrIp4jviqeEs+K
HBKtYkJkxclmUbSYQ45IgDIKKGQNMaHJ/lAo4A9FqkrVzAprBVMxuaSiorQkVDU5QTJbTzbghsn1
DQ2J+lBRCe/PKS7Ky/LxWJtfnYijyXx+kPUE9XpWW11VFYk4BJNZcTkTgcpSZ6+TcX6Zk+VXcnPI
dU5vDpPzZR0qUerriCIL1R2sO1bH1slT8n/pztCZAFBQO5gMmpqmTA/T+3DiGPS/sBltHGFrlcFM
8IQKU2ZiJFOR4iqUvKhbFoycxhCJcrkBrOFlwRXAeZr8AHYbPQHVj4C4R1HHusZGYDe8Q6bRwsDf
EQc/7cAJeNcJYF5eS/OeWPW205IWeOqoLT+kpCW7IVWP0Wi0O6hGjUqxQwxK2KY6uw+/zuBURiLp
n5e3j18crFk19oqqKVPoHs2siuIl4ydTcHZZUeG4Bpr9HrX7oSC7eP6qSZMnT4rPuLx/H5nNzP2J
eZNa+1+j8D0Nl2VFW9SLIWEEZnk7zPLLYJbX4FsS1a/zr+uYQ/whHfOIbje/W8eu1PZqmWZti67F
yz7gfZRnrgvswXsZ1hdYFmAQ5hjGrxNVXYTFEXAwjsl0uy0kjuRp1SXJjMzYPDm1Kqk8rRVFrBFm
BGNrqpysMrbl8RoeH8CnkIKbE/asIKcFHlcUbYJeUDwnZSyTBcVK2du7S7cBeysT3naIZUpxturk
7D8Hi8X/3J75f8rXSl6fRqfV8TqG92lgwnl1WSpvm095W++g1YAEj77zK6+kTq+V1KmlsRE4uKqU
4PmV2TF8Fn2Fvb1swV0Lr5pdcwWdD+9SM7HvrLjk2pWZ3G1qrty4cGLUf/tF/R8PcbcLr2v4Xv8n
IyYI8ID3DJzkamGGGJALT03UiE7OKbmc7Iv4RcPrzB81f9K+buCXa9tsTCvTyrXp2oRlpnZbq32J
S+cIspagnjXotcYgor4vcj1NzS6aJkyOyl3kTz2XoquAxexjbkm4xSCfIJ4xCSjTyR/kj/Gn+LO8
hu/D7+1xAwlKyy2wuJ3pb1xJRIb0WT/D3ByeQk7gQKWBc3utkllyHRh4D1bc9/aY/Db/kDzZSJZR
gtYJg5MY+UkkshH1pt3irzdIEOkEiLQkshFH4Szg+LSSQYSbEDklm6tOIpFdskikxKGECIAgALOm
IxHdKMJpw6sMB1uiu03rZzK1XLXJM88dSv4di4eew/b5727b9i754cd/nTyLbQfJIVVnf/PDd04+
9OCpk0RznryBYi/xnS5K1JcJljG58KssuhjPZxpNLRjGhF9u6sHX5XcXG37L/1p4S/uW/kTuW2Uf
8O8LOpktZK/T3sFuYXewvNNHUVYuyZJlX1bIqa5SBvHIsCVpfKgktRphU7TEEnf44jBTzSVBgxAN
4g2cFgXiET4naNFhnaeiEJkVvyVrdta3sjqzuCy5PFP5Tlm7tOr9TC1VIHyd/uCbTXEy1WN5xlIi
dxRRQxyTgsmolw386Ve54WGOLcRzUcUyot0hSvQLotQwXfr0Hauv/49Vyf5n3r1D3UfrzFCpP/Ta
5i3Hj2+5/zi7eMsVi3qOde9LDjyZ5FW7EOAr4pQharvn2Kt33/PqMaKNhLF7DMYujErwDOLF/flu
y5gomXw1ljE70c+8OyPsXPQtTwvq8CwLrkLXe9YU34Tu9NxcvCXnwcL7i3+Rs6Pwp8W2n4TxA9Ht
yvYoq8oP5kw1kEqbDY4jKbKskuG5hAynhQPkyS1yx0XCyJuLgj5BTzREuUG0IaTNxrJeVnoFbBFO
CWcFVvCU5QeJU+q2wK4AdyxwKnA2wAbk0rQSOVMzRI20gfTCoBIzK2ry8BW10DdQ2eED65EQ8dgv
AUY4IhUS9/48qaAPRjY6YmRVrf0FLalVpWj2CPXQjuepJpnqk5NdVKV3+3tPJ/sx++yp249v3nyc
/JgXt5ARPP98ekTxv57EeN8TA8np9xw7ds89r76qntrEXc6uBWrvSEjXm3GhfrawTFwn3iZu4h+y
a32qGidwJCW9eR0HmJ0g7CQS+pRQRtyJdiZm582ivkShAoNZon+QSKM1YTuSzFYhOxJHBbxQb4XF
EGQxIpJ5BYv2rJbReoqQpGRbwnPCqgLvbJgPy4X9dw0tiKrbhOo1Qc9hooJ12hcd28b8uyZw37gI
wsjZUiO3zy6ZnaIvzUGlsG6YA9mFFLAM85NHJk1fL9sFsz0ck6sfOIh7KOu+gkjxR6nhM7v4+H3z
Wz12WWsPexZsT8bo4Ig2F/N0ir85NnCSTQKWTcSfJG6V6n3jGXEGWojaJu5QdlT/qOZl+4sT3rG/
4Xyj7o8T/mY/HfvzhC/t52JfTBANdt6pqdNPCNgdTkedd8LtoY2xpyyGy+yX17TVLItfW3ND/Laa
2+KPSrsl4a74vgBzsa4gGs4pS4yrjXncFrPWYRyDYuWlYa64ymI2sgJibXJ83LigLdgg9OHKvaxS
jIv78KaEL6cqGERx7fwxwdl+YhDH+j2Ty+aF41FHMEFWSSesh4mFnVEclSc1aFk+RwgarkyhHLWC
w6peHBecsfafHrSPI2PcOGQcNybDPC7lPyiqpw/UVE8QFV/EHnHVOQIo7h0TwNUKROIEuHTWuwPI
5a4bNzarFngZT7y2JlAVQNJ4G2WlCWOlRilzY8rjpEd/b1yKCb6nBz5ELsDeiYC2dVI1YO+ekLPW
N6TXpUdZNFLuugbWWD2IHXEJohqy4rqtDriCaCJZYidKsKhOlAyWeh+pB3qGFHqSMBYSiTKWWFjd
h5v85aZ2sl3ODKM/ic8w+hs6tCU3Jzt1PgJ7vSrNkn29mrm33DkrPrn05scnNn3rlRdeuFHnMFGz
P9kV3tL5k20Xz02+cOuM4xt2sgVZMFPv9nuccm1uzZiCyto8n8XuDl8/dfnPWkOS2eP/JUxfR3Gg
tP7aibNKSpTY0tr2G4nUeS9wW3Hij4FeTGSf92KT1+NlfiLsE54TXhNOC5o15pvNG80/NR82vGHg
XTpyYtJOxOHuhEPHcVpdCFslvcNG/sCcpJGN0T78SMLmj2dna+MYI94YlA3SrVwf/kVCKizU6ZWc
4GHks/oUX5fvoE8DHMD7e4qIoEdOyaTbLOfS7qfEbUbdKCUzaMQiTPZXPF7BYPDoA0jwGgNI3V+h
29WNOI3hNmnkFlVO5fD9FqcD2H3qgZWsWb1y/uFqyWR1m5R/rtywkxqoPUAGg11MkLv/9xctrlBM
5MS84Mzvr2ZKSCb1BSb9eAX040J2McoFSmwUuH1OJs+JPTqLnlJgY4nOaNTrQhZ1I9XgnZXaSM0N
kusichzRZCU7O6iEcrHTIinBOMoVXO54wO+36PRxq4WXgqxBURByOYkMoo9abYrumBZriYI9b6SC
vbZWPbKiVnVHShkm/bvLYZrcJgScIMRWGaZGF+3kpBA7ZwsgkZfUnlfR0J5Cw2eQA9DPCcyQOPBe
aseQGoDkZnQ/HZvqocu0/cfNO45cl7hE1QQtnfW77XQYPqZixHUPNixYzfjpYNw5d9nTKqjqkckY
xMmZ9zAGYfytRNl2vF3cYWcVQTEoxGHSrFgUkNziuEYca1/CXG1rk9rCj0Ohx+xiIoCJC+/OhMOE
TFZTiYk1zaKuvCHBJqqLKHxtAGeoQYmf7k5ytsYi6qgb0jNYVXvWu1W956xBtaeNwVgRbRLIkVIY
IcUuSXa7ZBcxElIKTq81LrBxQc+H41IfXpYw2Jl4ia3e9riNtR3Ay5Ad6xOmhIhLxU5xm/iqyInP
4MdhzkRwUFVdEkboA2opqJ6KkbL2rK/9RiPBxv/myIuvuaY2gihlJThMqVcxMofZdVfyZ5dStVec
xLfjWAQX07MPcC3ZEZnPmqhbPRnOKar8l9aFtcJILoORbGDuTWwM2AIiI9bYLrMxXiK9BUJX4RVi
Z7AzfFXDb/Fvra+IrwRfDr9c/lzsuQaLDrnR5hCLyrHYYBMbwtZQ2BqMVZTjYKw8bBWtCi6XMC6P
NYiiqARjUjAYY+I4bonDENjjYjwYV+Kesnh5PDsejudPiDfEK+OxeDzR0FBfU1MfDucWF+fWL9TE
+nDxXqVha72VqKG9GGuMwaDTaNQgJ3Y6s/BWi6ZTw2g8k8rh/p7w1lyRlgtuzV1oySpJCSiaLHmi
IHiEfD7Of3AAawePTEwvsaflc+4zshUissrKM0+7iTcJrK8ycTgkwwJ3T3vOuK2nSSbJSKUe5Lae
OUPs14dFmltSKmtx4CWiohZTKmpId+yR8lRnIzFM0veI1AzpO7u9tXWpJS41j4gAG7ZWwfPWQnjY
moAnrQI8ZvXDM1Y/LKXW0OBT9DEL/FOJyj6b22SJVfQN/Hk3pCpZUbXLtGEVA+8l9CD02vwg71aQ
Q+WmAWATnK46GyBjXcN4v1iPSdRQ7bPVYxI1VHutAEHUQIwnMYmCQpZSF7NAVC7J3jorWdHLyRIO
qZhKG0B+3mOViE7tUMIEQLgWoiCJLujMRJZ5rFrAZuivh/H9IMbh1GlHFYMq72F+5HyY2YbX50gW
4P//QXjM25P7k09R1Eh+7PdY7Dl4ffKxbDvcf59gSgv24qwWojp+n9zNxs8nf6B1mlKK7jHJF1Qt
ismpBZZ3qo7eIdLfx9imYpXRqQOs2ggS4GbAqnL8NJAp5BbdoQJT0FWJK22zTQnXeft/hQx6+3T7
tNBSvNR2jf2a0K32W0P7bc/YD4QOh/4QMgNqiuWirdyuUku/yVQySCa9IX+vH/u3hPwgr3tD4YIy
sptUXEq5TlfCUF5cXFYeKii361XzIo1mi2pcpMeIOHACiXWVurCrhDpxhjz28vxskrsiN7cknJub
HQ7lh0P28nIlHJLC4ZAN0BdhCYl2hMvhhmjDSOfXiHpCVL1eKe7xAEYzhKhmx/PL4gUF+Wbkn+Nn
uvyn/GcJzxubo8FIY9Uomi7NKc1ZDa+RK/IPUIqqHkzXuBKkl5WD4ksGWU3ZcN2iK6Z7OAQn/put
nH+X1KYvrSNLa3XWWl2taqKN0+fMXnB6jdhhCTLtyWtlv8fkcH5AVQj4MjyXLrHvBzxWqbj/o5vo
3KOuI1gLdFk0OfSUMM9mfqVOIZhcQ7IoodFnEGL/DrPJhf6SEMxE+YR1ZoF5ZuBzZBr4AgmII5yO
toQ66YYEJ50yE+0lFrvdagk5zZgRGcVklkwms8nImLHTxBix2aIgF6ynisEo4EYubhHqhU6iCZCd
jZ1GbJTdqzOE/5kpS8rTg8bXY4ZO4wRSpx4DwajbcQzRBAK5oilQLEjf3A30Kk2i3N9otU1PwwMx
G6fPjdEGK/HgOYTsG/23MzV0J7cfMd39n6ts4/T+cT3Ux38681w3AV5AGG9M9rNjuQ9RGdq873Xx
9RCjBSL7pL/SGfKFYn7i3yQBEA5lF9tEK2vRFF6RqAf2sI9x70OK7oqEBaBEECkelHu82Hic02QD
N3HcU1KcHQwqx5HH6mE8cvm/9uNvD1ow0Y1sGp+2nkZySYnH2u/2nJEhaYR08IA4EKXJbsVKTA5p
s6nHb6fMkSptxDWJns9HnDwGz+cDrpococNUlYuuCWUBweSRZ1dOmVDhczp9sfHXzHN7THqlfHwe
/kdOqKguuWXMRRpWbwSyVT6pGS+tns6xTsnuZLnp1Xjpld92i6JRYDXTqpOb62dCX92X/JIdQ/vq
9YQ9P4SvDb0U+muIfSyEfYWRopibnEFqBiArBFGARC4yupA6yAF8kNLzYYMA+MkDnCiJDO1ai8Y/
0zkTKVroXQu2qL1bcEWC9HMiS+3dVJd6BjsZ6DF07tPME6gCP4WPpv7AgNqvavLVzoX0TPoPKJAO
bkyvJyCFduOcdM8OHoWn9rvqxMmnTyeiZtK025nNFTboaEVvkuU5sSkNFV6XyxubcM0lsmwU0h1d
WIeX1kzjWL1JFN0VE1uSm2lH2yXa0cnN0NF20ahnNdDrV9fPot60zHvsJ9DTemRHExNZBsbLMKwJ
a20DgoCNV9gNPcKn9hMO3IM+BZHm030SRs1Pu4FZwfSs7XP0qO3UycHEnbnRXmFPzZ0haM+J7Xq/
0yffDmmWM0vmPkxe7DI6/Hn4TykAWvJH5j1OTrWkPmHViZgzk0YIPYZPbb8xwssTFgfqwZ9qf8Oc
gGa8sF1txrkzqTO/M5tRMfhnBYagu99K/tHtd/j1zKK3km/LWU6/AA0J5/klkws/ngLUP2NTnQr3
oPe/GoAYlOD5eDvzMnsxF+L+S7OJn6Rt0j6v+73+eUGXGQz5xjwazhvPm05b/JYDJFhDtu+J19sf
k5ZISxw3O+c6X3E94r5HDfI0+Q4IL6rB84J3k2+m73zWVv/UgKLkKvcF7aGnw2L29yKbclpyJ+QV
5n2WPzP/k4I9hZsLNxc3lCwr5UsfLH2w7OL/J8Kmsj+OhtEwGkbDaBgNo2E0jIbRMBpGw2gYDaNh
NIyG0TAaRsNoGA2j4f+XQPdYxjLPIvL3bMi/ZTQmMEZOekVgBplxaQpm0eW4LgVzGWU0yI03p2Ae
+fCuFKxFhwfL6FAp+mkK1kOZl1OwidmK/wxvVP9Vct9JwRgZuCdTMIO0Gk8KZlGRJpiCuYwyGmTU
zErBPDJrLk/BWtQ8WEaH3NzrKVgPZZamYBOeqVkDNWOOhXcZ+d9SmPzteCv/GoV5mv+fFNbS/I8p
rKPwAIX1qT5UYbUPVVjtQxVW+1CFuYwyah+qsNqHKqz2oQqrfajCah+qsNqHBBYy2k/+SrdVa6Gw
MSPfTGBtgMJW0jZtCYXtAIvacRSWMso76DeqsDMjX6bPzqawl75LrTMro0wgA86m5RspnE/h5RQu
ovA6Ausy2q/LeJcxI9+Y/pZfIAWVQ4+UohqA5qGlqBXSmagTdcCvB61DXTSnAa66ASZxE+S30RLF
cGc8aoegoLmQdzU834NW0atWSFuh9BqIW6AkqWE1XLfRXAXNgnQtpG20fBP8emjdLZC/AtJutBzy
OtGS/0W7SK0dtEb1uflw1QZXpCUKugSgJnqlvrkDcktoDQqte2mqhc20xR20XW20dDH9rqsht522
cGR7xl7gK8fSXuiGGtLtq4S6yiAoKA9qaYN3dcOdVfR7e1AUXXqB8sPrV2ufA180E/poKtxbS9tF
vnI63OuB0E5LLqTPKbRn10G6mo6O2kPqCCyhb+qhPUKuu+hzK2i/pXtuMX023auToF9nwPirz3Zn
3OmiX9MCb2mmNaqjsZa+qxnir3+vek3KNkOrV9OZ0ELLdkLcQu930Z5fNzhu6rvaUjU0p+pqpTGZ
ncpXvpyUaKdQHjwXhZTMt8WD7/q6dnV8pe5/v5eGam+hNV0Ned10Nqnzqnlw1n791w/N5OHtimf0
AfkS9Vt66PvS+EDqV7+1hc4N8uWdFMe+/kvVnm4a1qutKbwYiR2kV3ug3Gr6JGntGvo1rYP1kJLt
UOIbx+gXSnlpaY0yb2mrMrOzo7NnXVer0tDZ3dXZ3dTT1tlRrIxvb1fmtl29tGeVMrd1VWv3mtaW
4obO1d1trd3KrNa1StsqpUnp6W5qaV3R1L1c6VxywbqUtg6lB+7N72jraW1RLulp6mmFhztaSjq7
lU640600d67u6IGqVxXPbb16dXtTd7qesRmvHLumtXsVqa+yuKxMyZvZ1tzduapzSU/00oz8VHko
PueSmfOmdq5t6m5Rprf29LS3di/sXK2saFqnrF7VCg2CD1jS2dGjNK1Sulq7V7T1kMYtXkebOmn+
jPFwt5tedHV3tqxu7iGfsXZpW/PSjGchbetobl/dAo/2dCotbau62uEF8G3wVBsUaIZSrR09xYqS
fnlnR/s6Ja8tqrSuWEyeGqqrI136a5tEi7e0dVytdLeugr5qJl2b8Xrayam64rQFeW3wlp7WFWQc
utvgrS2dazvaO5syXwqNblKbCn08OBydq3u6VvcoLa1r2ppbSZmlre1dI74IiGAnRcEmmGwdMNk7
CQJiE0ywZXD9F0qg0/dV0k+QhpJJdiv7K/YZ9iD89rMH2B0ZdZHSbYPX79K6W4e9q3VYbbQ+zs+V
cdO5Kdw4iMdA6SZACoJu6iKxFO/CPwJ+jRCB8VC+O7W8NKV5RviXDAMlR4O8XOY/FhFOKRvhAcor
QQ45AG8i5e2uhPgNeubYH+Dem8wdCDN3MlsQy2xltgL8APMAwA8yDwL8EPNDgB8mf4yQ+YT5AuD/
YjUIszyrRSyrY3UA61ngsliBNQJsYm2IYUXWCTku1gU5btYDsJf1AuxjfQBnsVUAV7OToeQUdjrk
zGCvA/h69tuQfwN7I8C97DmAP2O/BLifg+/hMEd84lnC0XEC4a84E3BKLOfkXAC7OXgL5+V8AGdx
YYCzuRyAczngtbhSrgzgci4GcCVXBXA1B3wXV8clAB7PXQTwNG46wDO4WQDP5mYDPIe7DN64gFsC
8NVcO8AruOvg7vXcjQD3cj8C+MeaXIQ1eZoCxGoK+fEI8xP4qYjlL+KnATydvwTgefw8gOfzCwBe
yAMPzLfxyxDDL+eBH+Pb+XaAV/ArAO7g1wC8ll8LZa7hr4GcdXwvwOv570D+TfwPAL6bvx/yN+te
Ao7tqO4viNX91WBC2GA2QJ8bXAZojyHPkA9wgaEM4HJDBWIMMcMUgKcaoG2GiwwzAJ5pAE7SMMcw
B+CLDRcDPNdwCcDzDAsBvtw4HTi/GcaZiDHOMj4Os4VLzTTyEwBdjiO2qbtpMZKWti7uRuXtTT0d
qA7u4PlzJypIQghmHqPOVQqRGkgd5AoT7hUxM+ZNVZBz7uyZCvLRfDQs1hAijRQa59M4tmL5iuXo
chovHpSdmGGQDTh7Hrh4HXDsAjLAvDchM7LA+2xIRHZomYNiAUtbo6Z+aPlkQMFLATeWAJqtQTeg
m9FdaBP6IdqBnkUvo3fQB+jv6HNsxIU4hmvxRDwDz8OLcAtuV3sFV0E9GNIv4P2QGhVoBaTmWjW1
qvIUtv5cLWdLIGKljkUJrrWQJtR88apU+h9qKh2g5ThXu6vXdZ/r5/SKd7/j/ofMyx65WJ6g3vc8
53nD81dPUr3v3eU95H3T+5EP+SS1nqz71NTfq6aBy2lJnRJTpipXKj3K95VtyhPKyzTXlP109qvZ
p7O/iBgjSiQWmRpZFOmKfDeyObJDbXVOC4kh/b5aW869aprbrqbRa9U0f5darvDZVHqYzgRcmISU
lC0/X/F/P8C7LJR6IUq3dJRiCUCl7MhAKZCJ40HiFAGP85CdYrAEuDsbefm5gMEK4O6lKMQvAAzO
BjxzoAhgyaWoyLAAcKUUYf1E/Y+JjARUtRyhwsnwAwwrfgXSufBbAPBxSIHuFrbAbw38boXfswiV
AiUsPgFwV+r+WPJnmFK//0PdlcBFVX3/896d+xi5gAiIiIDjCAPqMDMsKq6ZqZmBC26kRqi44IKE
Zmb+TMktcsE1JVPclwzNPXfNFI3MTM1IzczUzMyUzEzxf+6ZYRjM+lW/xd/f9znnnXvevefdd+/5
nnvPY2bE3DamOZ5HIU1FmoWUhZSLlIe03HFeg7QeaSvaOofn/UgYHSwX8XwUz1fRzkqk1khtkXDN
iMFsPSYFz32RBiHlI21E2oa0B+mAWs3sYYmIXGDtaw61WIhqW5qZa1szzc0tqdYR1tGRessd81nL
nchAS7Ik8yBLljmFaJY5xTrOvNGyS1JktOUakZcl2ZptrxtpQrpoOR953NrcHIK2JQU4KB/bSfKx
NESKjTyH9YqwXjdsn4P38cE6PqX9scRjf5KtIyypkavR5g68brO0ImqN+jlYroeypLZYnl+un5Ow
n4tdylOJMlHuSzTVfAxptGUN0TjLmsjNeF6JfVvp6OMepAOW/Q46TFSIsqRjKB8j3WmisyifdSlf
QFnS9X9CZy2XHXQY73vYPAJlSXdRzicb9nnA8Y30w+e7gH06i+PumJdI8wPj38XqE9kDaZg1JHIk
lhdYbURLLYetaD9ytbWeOd+ab+5kH7/Ida5k9Sh9/siL1tZy/vDclubR7hcbcU5aEZ119MuA7ZCc
82uf14bOeXQdz/wyu+bGllbWbS7z9uA8yrm3z/8AvO8enPNEok6WDOsBLD9Y/7ftk9CfC7H9cGx/
DMc0y0FTHVS+XOYnuUSynEnlPKTlrvXRZ13rL6f62eg7knIs6x20lSjbQXPw2hy6btfPt6yxnsLy
YjzPd5zP4nkbjtM2h+/tcYzdH1FpPQcenf55ynIU6aSL/54kKvPfk0QHLOeJzmJ9SaX+ewV974qL
n94in7wcqaJ8l/y2/PxfIJ9oRT6Jvvib61dQxphCscFE18mPnf6st8voz8VED8aVUj9viuULWEbZ
egXLLbB8XV63QmS09Vakl9XDmm29S3XjkErjEco2FcttLMk2vSxbNZtq1SIDrR6RJqQ4K9hUm5e9
viw76rfH+oi7yF5WH1sg4moM4moGlvtj2YDlCViei+V0LJuwPNkaYosjHAYgDgMQh6GRI6217biz
mdF/R1kP2KIRa/XMK635kZut9SKP4Hm1tXHZdYy/pMdyWbzKRb/LlTGQaB/eqwy3PpJ+4xv5D6fI
ggfoiINKMX8VzzcoJqdac7AvpfUuWprh9U5YrxueUyJv4/hJKrGTi28dLedbF7AsqTS24byhzxZT
XIqzz1P0qeg5Eg+EidK15Qg+22acC8fZXDvGRNTcOto6B2N7PYwPktrGmBFDqfaYERNNsWqOdTTG
i3izDcudsIxjGhNniY+Jc5Y3/qa+jEk56Mela1Ffx9g/NEbgGpgd0xSpRUybmPZ47uIc9wfXiLt2
7JRiKqaX5TJRD5R7lF13yL/F1gPlh2GBqBQLEgeEhZj+1uyY9JgxVhvRMLzfSFwDyq8JdyI3x0yI
PBIzoXRcYiZb68XMsMkxTY5ZijQXywvKyg+uMc7Y82AMcjz/f3iHpkIV9QfMYQFzTyyxGMxA/dlY
zDEDMcvrAFN1nTDXy+FmvgRm8eV8leLB8/l+xZsf4AeUcF6gKUoEdoArvTS95qmkat6avzJAC9AC
lee1IC1IGaaFaPWVF7SG2mPKNMzyUpXZWl+tv7LI/Xn355WlmJeFKMtEd1GgvIM5wjrVq2y/aPRH
CgIldAGejUgRKC+VP+2NFIuE+0ljEhLuAU2YS4SuRrmZ47o7kreDcO9YywfP8Ui4lzTiXtOI+08j
7iONuL80DneccT9pxH2kcRLaWodn3FcaMe8PlT8nnofnHWhnBFIAUghSKFJt3NPb8FwPqTHSaKRx
SNlIOUhzMLcy4Ug3hBaYRyVhdjYIs6gxkA2zMIdaCethBxyAo6Ca7obrw9VwfP5wd1NJuHe4DiUP
U3G4j+kOSqrpSriX6TrWux3ujlf9UbpmOhnuEx6A0gVToemu6RhKRaZ92NodW2imrabLpl3UNt90
xXQLr5aYlpqOm1ajdMeUazppOo/SLVOOaY9pDko3TBOw9RGUZqHtNSbMrU3Z2DLftA2lMab+prmm
dJSGm5Kx9fL/uG8yes8B2hDM/vWUc3ujj/goozBT8oBtUAeg+g0k7EH1EgAD5q0GnHcDzrkB/cWA
PmLAOa55Hs9B9mvVce9f/aqdDOhfpmt4jkBCHzGg7xjQdwzoVwb0FUOi44w+ZkC/MaDfGNBPDOgv
BvSVcMwXTMVId1DGFDZcQ0I/wxmB8G5ImEeEYx6BuR+EZ0KdsKVhq8PWhW0O2xG2L6wg7EjY8bCi
sHNhF8OuIt8cdsM0HGvcDisJW2rSSY5UErbO5G7yNvkjHTaNMmWZJpmm4uzkmo7i7J02nTddxnGq
hLOA46AWqz+Bqv6MM6KjGdFoRvQ4Iz5QgWbEnWakIs2IN81IJZyRthBAMxKkdcEZCcG58IHqwg9n
JJRmxEQzUuu/eCcF8dKfZrk2uOFoIxINmN0ZMKszYHZnwMzOgJldmAncQg+EFoYeCz0Vejb0Qlig
/AutelO9iX28pd4ChfmiN6paO/Q6hv7WGXTkb1z4Cl/Q/nLt1piZG/4NWbeXOkWdjXd9Q50HFei9
oge91/LUF+o/Bi/9J/pj4KM/qT8JfvpT+s+hsv4L/RdQRf+V/isI0F/QfwNV9Zf1l6EavdEKovdU
1XG88mEjjZqPfKeCMTPBaDRGGC3GWGND4yxjM2MrYzzyRGNSjaXGZGOqcYAxwzjcOKrGkRpHjFk1
1hkn1ViHR4kx15hknGrMw5qJNZbisc5ORvs/V4tl9lKlLWnJxc4svJ6E0gzUzCh/yLcdKkYd0NQ8
dSeOxV71AwhRD6oXoaY2UhsJT8gVAlqI6sIELeldrfxlLR/HmzZ/Z3sdtsdVQV2ubgOu7kBbgdQG
Vw4IBCONh/wLLoR6IPUFxTBavhGjN7hoA+8hva1Z2bgZUsDX0A2PY4ZTSGflEToGjzah7UO7hPYI
7RXaPzQ9dFjoSOrDXLRdQV2hrsA+vKPiKqauVdei/fXqemDqJnUT9nA79orjsxWAnp7KnXooMJpN
UgpoxUuESo7o9PdJqXkYEqrn4bEcaQ1J9sNVflhZHusf0K9/SB15bP0d/V89/qiPD/bv9/rysP4s
/+t9wRlwJxQCoVAhFKqEQo1QqCcUViAUCkKhB6HQE1H4LVT8016sqK3UGejLHrgHCAQIxpjjQvAQ
+j3979V1taXWOEfnhODJvzlW41Eqr8PjtzUmB8/AY3Lw5uBzD71qP3YEX0Q+F4/y+n3BR5xyQfBV
lys3SHP7D2y69upIcAny48T/9eOPn9r+vPY7FpXryeQHntH16f7qc/3Lh4wXzvXjDYw983AVcdd/
qP8QffOo/ij65gn9CfTN0/pzuJZ8rf8afGmd8BMJIgGqiHaiHQTQmlH1L8XfJKT2SOkUgavI/zkC
lsJULDV2ROUqVG8/Eu7VoaisnuINd7Dk56wnI/CbiDXc5dnvT3cLobvJz+roCYNAGNQRBjXCoBth
sAJh0J0wKGgl9Pw3W5KjATQanEYj7BFbkuMq/1aA0QmO0xgGkE5+Yk3+zaGkTKdo9nlSglx0ITRL
ihLroqtnnycl3kXXiWZJUQY4dCqIf8nXpJcF/O7caGQJyJJCllSyxMiSnmxU+N3WOuzZFOzZdOyf
Qj3T6H5uv9uCqVPVHMezMOqn7nfn6K/U/eOePKzFn3tyibBcGEfzaUdOVZp1O+YURF+pTsW931ya
T9d6i+2zCVsdun8frv4Yv65Xf/v0f+6qfKbjDp+3P1Mg6W7AafJ5F53iDsUuY2TXxTp83lUX7/B5
V90Ah8+X6v6zHv/v89l/DU//qx6vwGYopL24nB0IwFw7AHPtyrsgwe/A/+ohn1n/qf5TfLrz+vP4
dJf0l1D3p3eFsB62leUpvrhrqzIKEnxP4nFa8iqdSHaeHVdOu5QeOMpq+jW3k0s753UXe7+15aLx
21b+kBjVf6Yv+rtP6FNClOA/Go9xeIz29fH1kSXfU8RTiNvsZ4eMh392aVm2sNcsq+M8xvkWllos
s1daj+y4WPAf7VPsU+w7uvxBT3hcf/Ev7I9UJZSy7zWOSFINdUxZrMxXzFie66pV9aqqyAw4q5w2
Xe2v3Ab63zFctMfVI2oylru4allDFqvKfVazcto8lstqY7m2i1bVActxiXDVXJ7NR12sLsFnW6Yu
x6i7Sl2FuF6jrsFcdZ26Dp98q7oV3PDJ94Je3Y/PX0H9WD2K8fGY+il4qifUE1BRPaWeAm+1SC2C
Suo59Rza/FqVMdEgDBgTa4qaUFmEiTCa+T+KGv/dvsjMfQrx6Y/w3vMeyb2nP8J7z3iE9571CO89
+xHeex5Fp2gZh5TST6sFka42xiwFrpfTGSlvOF1OF6jIXWRBOZ2P4oGljeV07or8dFNeOZ0Kd7E0
2VWHuWCxy74uyLGvu+qyr7PrrsAFl32dXXee9n+Ny+mKKCeKKKc7RvsIP6dORnIZcYD2IQrtQ1Ta
hzDch5zF3fA53I24lUOI02P1p8t5r+QzXfR2+XiZl8k9jnPWp7jI08tk1zqOtrNdbNrlM+W8Rz5X
BBiR+8tPBtKTBZfVw6eQ9daD/d2oAu7Acdfv7iyXW4W9LgBUjIMEkf6/erhkCn9yn6GsVK7R+9RM
fG7cnoPi5eUkWX6Q7HrVhXo8UO7llBWv/kjpdLbr9JDgbnuEx9lHeve/ffzbcqw/u/s8r/iT37cC
nG0PC1IsQIWMh5OHu0NOKiMPf0jQt/r7hwf8K63/2fE38/q/hSm3fFDcRjtJlh+k8vqU39bRB5bV
RbmUSnUJ2un/4eO8g/7Hjv86puTnne+45BLyr3P6kox7F1yPv7Dqyh2GQiiV61jB/bjSdU3tySsT
D0GeSnwot5GskD4C+QDSJ8lv5KpGXQLpw5Gn8d7Im+l6It+siyd9RdlW1wF5D10iXZV1BtPV7rpZ
dFXK9XXdSb4gZbKfSDW7O+rLq/vYauQ2+S1f1abtI/k6ycmSs+OS6+KI76er2FvmIfXMQzdfcj6Z
OBCX72P3sbmS61JIjiV+lzTSwg6yliRbKcW8QMoOzQjkJqlB/Wkp091N1MrEU4lPJi4/l58sryrJ
sg/I9xO33/E43StOcqq5T3eL5BHEqYd0932yrdqC7LeQbdUWNBctqO05qplDstnB55Ne2swhC0t5
HvJRkqvjdK8iNxAfyc8jv82XIF/H7+HIZHD0DzVbjjM7rpkll+OMco7USw1elSOvp6feQTyb+pZt
l6lv2TQC2epKGpkUGg3qp9QoOSyD+ryf5OMkryPZQ/af6pjJ2nP3o4hLH8u83wD58Psdkfe/L+c9
8f4q5NfuvylnXHqyOutekZQlhzsl8r3sHfLwApILSuT+b47kqo/UK/lSr/qUbCZ+Wc6pQyN7lXkP
vVTxkleVTKrvVZJBvKnUkN5MbZPo7knUNkneXdnn6INBytQ2me5+h+6+g+znkJ19dBcz1cmx16Q+
3ylZI/X0RD52LuujLLFTRHf0oToBkqsmspNcQmMoOdwhTY7slZIjZbSJFuAijcZqsqYnO6m8Ko2M
rFlMM9LGMWKyh+dopoppBovJu4rJr7zsz2v3cHpqM1kopJptaHyKpR/CZHreALt9QlCSxI4SQFcL
pN/CaWkT77iGeltE+vmkz5PvcKQeNpInH+EH0cKrfBPyWtJv8UmL6EnJA6Wvgvyn3J9PfB3t4aNJ
3k+yPceiTOb+ABUt3Pcm+ZTkmMFJeRLxYfZW939GrsmaJfTmSVlKFux51B2qEy859gBK8yYcOxkN
kkjzE/Hd1DaT5HeIf06aUSTbs0F7XreC+HriHxM/RjVziJ8jzRzilFcqASRfIb5BctX+fmunQ8bs
hLWkET5A6I693wVbbZUc9e1J7ydlXYGUNSNpdsmYIOvAAR1mZWrQvQMkx8u2UkYLmNuqX2lJxJtJ
LmeW+csIyQzy+2bIk6QdWZ/NlVxN1doR30C+V0DyUjlWFGHaaqOkxq0KRXgZeVpoXvKqWxLpjxIn
WSukeDiC5ByyRt5FFlo4NKfpKtm8J1eZ1JKByHPvybg6/N4WucrcO0RXpfyUriOtQSW0Br1Da5PE
+HSO66f6yv23kFt0P5HlJtR2JtnvK69qy6QFTVobTnyTNlaufaRPJTlRjrCayI20un1C9ouIF9Ad
fyK+W16Vn5JQh3PZ8+7a08SbI/fVvpAWtMqEWYoJhNY8wqONEDq2pBLyZsQLabXylbELPqMItk+u
U8hl7nedYsJksrNDxmFc6STXSw4FhKxkiWi4Q7hOliOMslynfKVH4V2l/2vk863tmHJkzZES7+Sf
ycT3UR0D+aSJeAvS0/tV+1sTjEeyzlTiIyXHHkh+gfgOstxaWga470932UUcdwv3k0u+lZzsHCa+
l/g1wH0ItpHyWrLwGPHV9jgB8juFE5R0cP1OYWv6TmEX53cKQ+h7gW4gf29EDxWhkvxvN0gn92hu
UAH3VN7gAwK485uGKr1LKP9dwxCXbxkqmCHYz17g27v34AwYRnwk8TGpg9L6waS+aek9YSrxWWnp
acMgl3he2tAhg2A58TVYsSesJ7510JDeg2AX8f3EDw/uk5oGR4mfzJQ2TxM/T8+uOrlK31kE2h1K
zl24mwvXuXDhwpljLIF2mJJrLlzv4F44AiawQL2HfuvR3i7DcR5u/x4fTLbvWpUeyCvgebjjnGM/
a8fsZ3cz1sez5wF7O6+rjm8/5tv1lRzfRqzk+J5gpVEypwPFoy3ZHyY/Mwg6Nw83Tzcvt4r0t6Vf
ZHRXqisG+ubgPrQSAEYwY++bQRvohD2WKNExH/lJTZKedEqtndJTTqmNU3qaJA3v6AeBYMAxMZOV
H8nCDWp9k1oWU6ufqMUt+cs36GUBOIqhDDMJ9TarQq0CqZU/1a8q68usADxYZbLjR23lXw1/xLsC
c2Nu4EafxNRT1sm0MdorKnkss//4jztzpz20B40D1mDfan5spqyh+Wv+CINADTNK+flzWUPpAitZ
CDOwUBbBzMzColk9lsXGsQlsEstmU1kOm8XmsFy2gC1my9lqtobls3VsPdvMtrFdbB87wA6zI+wY
O8mK2Fl2nl1kV9hVdo1dZzd0HXSdeSS38igew+vy+rwBb8If5y35U7wDT+Cd+TP8Wd6T9+FpfDAf
wp/nQ/kL/EX+En+Z/4O/wsfyV/l4PpG/xl/nU/g0PpO/wd/kC/kSvoKv5Rv4Fr6d7+Z7+fv8A17A
P+Kf8BP8c36Gf8W/4d/y7/mP/Cf+C7+nKRrXKmieWiWtslZdq6HV1MK0cK2WVkeL1KxalFZXq681
0ppoj2ndtGStl9ZfBIhAESR6iBSRKvqLQSJDDBMjxCgxRowTE0S2mCpmiDkiVywQi8VysVrki/Vi
s9gmdol9Yr+Qf/FcyYJZMM5GdVYdZ6MmqwkqC2fhOBt1WB30okgWCZxFsSjQWF1WF+d0LBsLevYq
exUqsPFsPLiziWwiCPYaew29YQqbAp5sGpsGXmwmzmZFNpvNBm82j82DSuwt9hb4sEVsEfiyZWwZ
+LFVbBVUZm+zt8GfvcPegSpsLVsLAexd9i5UZZvYJghk77H3oBrbyXZCENvL9kIw+4BhVssOsUNQ
nX3EPgID+4R9AjXYCXYCjOxz9jnUZGfYGfTgr9hXEMa+Yd+AiX3LvoVw9h37DiLY9+x7qMV+YD9A
bfYj+xHq6Nrr2oNZ10nXCSK5mZvBwvEAK7dhlmrj0Twaongsj4VoXo/Xgxgex+MgljfmjaEub8ab
QT3egreA+rw1bw1xPJ7HQwPeHnc+DXkn3gka8SSeBI15D94DmvAUngJNeSquko/x/rw/NOOD+CB4
nKfjitmcZ/AMeIJn8kxowYfxYdCSD+fDoRUfgWvik3wkHwmt+ShctZ/io/loaMPH8DHwNM/iWRDP
x/FxkMAn8AnQlk/ik6Adz+bZ0J5PxpW0A5/Kp0Iin8FnQEc+h8+BTjyX50JnvoAvgC58MV8MXfly
vhySeD7Ph2f4er4euvHNfDN059v4NujBd+Ge7Vm+h++BZL6P74Pn+H6+H1LQrwugJy/khdCLH+VH
oTc/zo9DKj/FT0Effhr3SH35OX4O+vEL/AL055f5ZUjjV/lVGMCvY8Y3kBfzYhjEb/PbMJjf5Xch
XZOBfYim03SQoek1PTyveWgekKl5a94wVPPT/EB+LyUEXtAMmgGGa0bcVb6ohWqhMEIzaSZ4SYvQ
ImCkVlurDS9rZtz7jdIsmgX+odk0G4zWYrVYeEWrp9WDMVpDrSGM1RprjSFLa6o1hVe1Z7RnYJz2
rPYsjNd6aj1hgtZP6wcTRRVRBSaJqqIqvCaCRTBki+6iO7wunhPPwWTRW/SGKaKf6AdTxUAxEKaJ
IWII5IihYihMFy+KF2GGeFm8DDPFK+IVmCVeFa/CbDFejIc54jXxGrwhpogpMFdMF9NhnpgtZkOu
mCfmwZviLfEWzBeLxCJ4SywTy2CBWCVWwULxjngH8sS74l1YJDaJTbBYvCfegyVip9gJS8VesReW
iffF+7BcfCA+wH2/innAQGZkJlab2VgsK2aT2Qw2l81neWwpW8k2sq1sB9vD9rMCVsiOsuPsFDvN
zrEL7DLGy6usWNdR15U34o/xJ/iT/GnekbfjXXl3/hzvzfvxgXw6n83n8bf4Ir6Kv8s38ff4TrRh
4gf5h/xj/in/jH/Bv+Rf80v8O/4Dv8l/5r/y++yyJphR89WqatFaDy1FSxUhIln0En3FAJEuMsVw
MVKMFpPEZJEjZom5Yr7IE0vFSrFGrBMbxVaxQ+wR8jPYAymSAUUyhSKZSjGMUQzTUQzjFKs0ilJu
FJ/0FJ8qUHxyp/gkKD55UBzypDjkRXGoIsUhb4pDlSgO+VAc8qU45EdxqDLFIX+KQ1UoDgVQHKpK
cSiQ4lA1ikNBFHuCKfaEUOypTnHFQHGlBsUVI8WVmhRXQimuhFFcMVFcCae4EkFxpRbFldoUV+pQ
XDET4iMJ8RZCvJUQbyPERxHWownrMYT1WMJ6XcJ6PUJ5fUJ5HKG8AaG8IaG8EaG8MaG8CaG8KaH8
MUJ5M0L544Ty5oTyJwjlLQjlLQnlrQjlTxLKWxO+nyJ8tyF8P017gHhCagJhsS1hsR1hsT0hrwMh
L5GQ15GQ14mQ15mQ14WQ15WQl0TIe4aQ143Q1p3Q1oPQ9iyhLZnQ9hyhLYXQ1pPQ1ovQ1pvQlkpo
60No60to60do609oSyOEDUAvvApDWQ0WxmoxK4thN9nrbDp7g73JFrIlbAXbwLaw7Ww3e58dZB+y
j9mn7DP2BfuSfc0uSa/QJbKbukRdF/Y6b8ib8ua8FW/DE3lb3oV348m8F+/LB/AcPovP5fN5Hkbt
lXwd38i38h3Y5lMWxg/ww/wIP8ZP8iJ+lp/nF/kVfo3f4Lf4HV7CLvGGmjurofloAVo0b45Sd+05
rTc/JqqJZ0VP0UekicHiefGCeEn8Q0wUr4tpYqZ4Q7wpFoolYoV4W6wVG8QWsV3sFgfxWYf+P0Oc
XPODCXchhLvqhDsDreo1CH1GQl9NQl8ooS+M0Gci9IUT+iIIfbUIfbUJfXUIfWZCXyShz0LosxL6
bIS+KEJfNKEvhtbbWMJgXcJgPcJgfcJgHGGwAa23DQmJjQiJjQmJTQiJTQmJjxESmxESHyckNick
PkFIbEFIbElIbEVIfJKQ2JqQ+BQhsQ0h8WlCYjyttwmEx7aEx3aEx/aExw6Ex0RaMzvSmtmJsNmZ
sNmFsNmV1skkQugzhNBuhNDuhNAehNBnCaHJhNDnCKEphNCehNBehNDehNBUQmgfQmhfQmg/Qmh/
QmgaIXQAIXQgIXQQIXQwITSdEDqEEJpBCH2eEJpJn672wAwnBRbDGtgMe+AwHIezcBluwF3MWBz5
D9QGG2ZijRnmOphr/Ix8HPsF+ST2K/Kp2ljkIVoaqDxSG4jcqg1GHvUQC7fIwm2ycIcs3CULWWRh
AFkYRBbSyQJmcNoQWYOkDKf0vFPKdEpDndIwp/SCUxpeKnnEO6UEkjB/w6hzDgCjww941xv8Jugw
SmDWiJHiV9AjwvfI9xPKfKgKcdAc4jGbTsEINwxz6UnOsSuCC/IrWIqfEqJEKNFKY6WV0p4+GacT
EZgXziOpllOqXSqpH6E0l6QjTuljp3TUKX1CEqPs3k89JkvqXlBFW/VrlOdQnU+dtY87pRPl2p2k
dvuQT1HfRz6b6nzmUsdf3S/tqR9gHjsXz6eclj53SkVO6QundNopnXFKZ53Sl07pHElu4I3eYXC8
pWisHsK7vYX3O0R3fUs9SN9rO4ylBVg+TNoFKu5ukH/ltHWeJPndR/vnffPU5VhzpboG3NV8NR8q
quvUd8Fb3aBuBB91s7oN/By/wOsnf9WHvisH9Bdk+d27RXjhbfVttLkR6zN1p7qTPjesqrPor5Hy
e1UyT3dDG5zeZ9V0/KJaMP2WWgja2A3V6a+Lj9FfF6X9NvQtKRPE0rsCbxGN6wF6HLtSKmn+5BEx
WLqJOfwZqufFXsHVA6/Zz+wKvTWQmSVQjqhgyy/pfYkP2P+CqVMvYU/lG3xFzaP7chzj0vco9J5C
/ZCepdA57xfkp1JI+sYpXSyVtJGy9h+OTel7KMevhlWTbxT9SAvVJtiyqmVpFWpPaD3hZ0/FTc3L
qjYUVUNURYkStgoar+PF1EAOtp6aex1N0SlZ9VVFl9fR1sFmdtEELQ4ZEwSN6WgHvehHUQfRj5n2
gabysNVwMabzix+98pWq3/UzPr/pfOcVZ1YfLqz/9IC8LP8nbVk6H1uWeiePqYqqVoS98HrjxpMq
fdL0Vu+rXzazeTp7Kn+l2JYRVcdWS2OddcLX+MSQjJcy5U9OGiJ61zJENWhQ3+D8kUf6QUlLVIgt
yF65cvkrjp+ajKphqy6vM9+AsuuJQ4YMMzz+wrD+QzLThr1kC6ni2aC+LSrKZqtvw3/dqnhG26Ki
Y6IcxUfQoyzF6DosCgeWpVQE1LurWYoCq9SdezMuNrrRtlrEwjdGJNuuLF41Jey52yWz45dsKXlr
saHpqA6L31w8LSV64CfNU1+6tmb4oU5FN76bPyFo2sJxfTd8MHBkr5ongxufrajMuDxn/+7Ivrm5
/U3zjjY07/bYlGTa2+qSe9O4OeZVEQ1WXn3q1eZfj6u4PXdQ555rskYtSol8Mf7beRtTG+W2D4rS
h/otXHVpep2Ai03m9vZLSeJ9FgbXT5z484ofZqkHqn26u3PLDa+N2d3waqdZbfPvrRg5eFjbtQGF
cypE1ICuOSlp9bc/7ePWuMv97r8u7euuX35sbJeuP2xulOw/9kVd0a1d+WNml6z76JWTKwIzezQ+
vOO6fonRtkEbf2iD4UXf8V+qDB1/ydiVtrHLbGMX42gGK7qxubaxb4zx7n4044e0zAU1O4z2W58w
9f6HizL/+/OX9U98nMk5nH1Z7Jly842Aut9vVUJPvVjpZo+U6IULxIdN+fRJ0w41vFjjxvWuM82b
8p4s6PXD3c8KGzXqtqpep7SS0MGPHSpcfZaPOhM1pclC74wB20t82gWk7bl79ImvK3UztLvS6+W1
q6sW1KkfFrmrzyKf7LCKvZf83CnolxqHTla+mbgm/Ylot3tZVW5/02+QZ4dbO39MPLjz0n7bXUNU
hUnBs2sFJpwIVpf9OOYc29i9+N0zBV2v9XnqYGKnzRtZhM/9nJPX9dNGb33jg7frmy+MvLDyxa+H
58HRAY/tPVYv+9zjPivrDqg24Iu6Xx0P0l1Y2VJX0C0mLj0hyLPXFvfFkz890emxVh8FdV6e8YVP
w4kzX1i44lgeRoUUWxaLt0cFd8vblU63v9/jrQ/3lMaU4EcVDBD3cdH4DyNANAaDqGgs1i0NBi9R
BEUjmq/auWOUr62SLOh93bv2HNo/Lb3fMLyNt81LKt183RL7pA4ekp5a2jH33+tYTVsNe8cCXa+n
9jF0TOuXLn/itf0Tj//TqLDlpX+cfHZDywYrY9dEFf0SVvepF/f8Wn3BwZbP//BJq8vHJ78/MD6x
V/E89f2EU08NsoY27bP7SM0tovWWV14403Ln6mle7T8Iq3Mj75JnzeqfPB56p9e8j6u2XDazTfV5
H22wGt9vEzlqyOeVQxpNbuDd4MzOWsV9G0Uq0fdLwlsv3zRImTj/123re7+S9UuPvLHjxk9dd2Pr
rCUfxy1vP75K+MS2Z2y3oEnxgV+ajN014ftBDVZYYm9ttKx1/0ev6SP6zp871HPC2hv7bxrea+cz
pfeH5s+jW1a9tr3NnEbtOwYc6dvhpdXvTCzo0nRhVvtJ6fzduntfDt2Z2LfJvLaFdUbHpI97Uvtk
wdE2E9T0CbB0z8QvOzqiwh3b2J9tvjIohOk8bO6aHhc0zt0Y+/8RKirKPvoqyn0dtzE82YKlwkvn
r/MrDD4yHDK6r/2xaH/b3A4tLEta9L5uE/JyRZ0OYTTBBToUY15+O390G9ONIzvaDlucFD6s9gsb
Jtx7O37WCEj49vB3AafTPvBaPOqm+sSBwxMLb3cs3LdwZ5ch13u3WNUCrs0pyD0RtFUsrOo567Oi
kHdq/eOH75cPXTPtbIOpTeYO2BE3+NiktTXvffntybQK0yftLPkKtsfe/HnUL94+Fv5drTkzmw+M
eH5L3LRzbp6Hnu3/0c4xjw/su3L7lu1TYw/fYN6jRv507FzzL18u+eqrNSW3vjzhuSHj5Iyv222O
Wzwq8niTL2JFr/rqwrEDar52q0fvaeu6bW/wWcrkzuMCY35qNDcvy2Pxc69vMG9ZtOzDt4sMm3fb
qo43+HnW3pFY/Pi5ZNvXMyLSJu7NOH9zxdtHxjTPHO6FMWYkxphejhjTUwsfSzskvSuOOMaZR4hq
GXDiMNJER0dFx9atKwOODbcfWIyRRdvYV/8jffMkx0HX1SW0a59YWp39TvV/Gnt2Zm587VLQwvEH
h21N6cHqNZl/b97I3FqtjOtWTOz4/bVWDQ9256Lryi2HeeGn8S8+mTF+wzcfftnv0pJ7w8Jn9lv4
WTZrYTvw86FthxoG67u0aFdF7/nLxqr9V4cG/cq7jv/2g7ZuNeqv+O6I2bq5+Uc1+IqTFz+N6Hqw
2sgjtf6vunMPh2rr4/jMGMY9DYnkbphxycwoYyhiGiFMc0hy6bgWMQzGTOSeWxjXQWlcqtPJJeVE
rq/Lca2I8FaUWxyFlAq5Fe/QjY7zvO/zvO9zet4/9h+/tfdae6+9fr/P77vXep691CH3s460Vb2V
eZkr+wsfon7pQYOVtuO+FmVDnjN+EW+ip7yqcVYjV4r5po8swYaGpbpfZBxnXFVTgQcfFTtyihd9
YOqEu+cbDeYUqDDjUv95iAD/XhHXYT9TfaGhirgHviTmdQBTRW+WWG41cxp/dnxXgFKV7X1Re3gh
A8fddEpv5Tb6xi8ImQHhse7P7JlHhs5uzp5vUSzb6aNoXL00Kr3oJXFhW+f2hcZfY9aGT3zLatSz
AhkSssYNcVmwCFI4ZPOwP7B6gSR4H1ILic3B5OyJVHOhUMiaqqqO3u67SF/GcJejJ0mV7Oa6Wqr6
+bflPqo4M5bj7WIVIQ2+PCFLl+xFaiI1vthIUKTy5wZpNNpmDTp7r2uJ8l1ArdEHh+hwrHYf8SE1
XHhM4o3Wajbw8Ye1Kw9jzmTuzq6Wba8Z7LHx2+omSJQCOlZ4z3GONAcSFYXh/+x8cVGxQ4SvS9Ar
CTFpUb3wqIlP9aazCskEj7DwDifodJ0S13XI87OJf9NCi2kFwXdltjCVRisUufon04dH/enHBaLN
LvXbEWjnvexyrbFJ3QVQSfbxBnxedz2x4mZ53weOcMAM5crTlTbxHFl2yB8Ke+rTE0Xzw+wUxpbC
lSQ6wa3xHWF8j3NNcPt9uwb6aVMxNm5bopwSSirLKgtOmkvj841cXpgfjxWyOXl6MtGGTSCJM1NO
Kn1sELCVnLdwy5tcdmO4PlsYxKJPJos+EZ/oI3CK5wKhDgAr2PoUL2npf/Ly9wz6MVpHHYlFqSNR
yN27MavowbLMH6B1zF1Jzj4UexL5P9U6fRiPpZt39Iy8RO60G2ib1S0WCFUqo6ughJ/unH2lrdZr
iEqGlyY5DUkeDq+sP9QZzD4/5VsT25L78IYr+cRphRNjpWVTERX3X+d/hP7Cc0wGodqxv9cCLEa9
TXIiGZk/7X87UJt9tiVkMNgYhGHM1mVxWki4HLzfW0e1UQ0shYFLLKxP7XRcCQnY+/ohGGaCpVEg
tvU2PZEYZd+7/BMSWK4A6nKmu4f/0KR2QnqWF//PigQRBzt0VtdZUyUZGxd87IBquMDhWwu3d9Dd
X8MuCs63CjyO4J8Jo/qoN6f6X26z45hkL4pUK5tnWIfrhltGMDyKJJUN2jyZuKFTY8Hy8W6feBMG
hLPeiNxmxOH8/1A7Ahxcn+cbtgFXJQxgHSg9x0x10it2FxyKTPgHc+K6li6u+QFS9GsFIRCYV4Ib
YAbwBTgAcADdjUroTzJqE0AxTLai6gMOV22Nv2QPAfLHkfH0KR/zah0udpWVcqJZxM5X2KSyKxY8
A3GlWmKdS9ev3S37jSgt5snpGuTGdllG/5V7CSlAply/O3yavqUGEqP++8ugcbItPju5q629P77u
Wa3i/YDJuzfQD6MqWh0b1TtFpGupA1oZxWI+WdLRPSUlUPO4GWa9s1EGXJ5pF7NFq0XQ+bRBVUfh
WU1CkYPlAHJ8HCs+cu7dE2zogqB0nFOIIwc47V0GCKd6Rj+6cgXU67xgNPCEjZJSzO7B25bZB7cP
MHi7nblVWgO0M+o6R1Maunx0f7PZvuq8cwNjJzD0GZk0ZlsRzZyo+cj7wC3Z9yxA5bMAlfxVHjFU
1uQR14+TR38CwZo8QmLQe1hoQqPWGKX2yUStmsjQ4r9DHikgYZ9MCQ+cK3l1R4wDZngpvJmpJkZX
A62irqGhq4LVx6JRMKTspz7t3NgnFbPVTkmZOXuv7qDxb/GWGsotpSdC9O9NfXXxY19U5xJ/guBE
PgYOpS6bHC6gpiumHBzKs3AFjTKCTCKeBntN+QKeVuHclzyve71R6gxIbmdsz7zUVLkwF9Rv/0wF
KcGUV6HqPNdPi7/Rcw7T0zY13WHd8MFl6J1TwsWxBujClZrwD49i29n3VQOphxXY5sPLhCPpdjW2
COW9HVc/nrfaI04QrtPokbDX2adebCG0jZaqJbAIKEoZtsUUKFQ5KhsIhR4ZcZ/IU0qlR/MHXQFc
pclBziuS2coV5RIzBpouyxyqNT7GQTP3xhVpO/WnhHNali6PRxlyqRcXz6vlBRlf9gtGH0PwZ92e
HdqbpTOpr7VeTn0DAjw1uhak9fIJozJQf8ti60xQ5krnBqW0KTH+G6VE8SE72v9PlNKXliibw3qD
/uOo24xWgNfXPwx3RZ+4hxixqrgPCAvabtMkdwxalTvn9jhqmd56myopJvN+7tm9kgpd4A5MoQEm
jbzYpnYNHlfOU0oRhJcV+z5T5BqOJQye10kv2w0NnRDoF++rdOowPaxlHPNRtB9242Fa1MShxtE3
C7rbbYEvj0YHUv1HPZejpK6nMOMyan/ekbMNKTd0Ocg+SRyBaDBM1MSdPfd64OHZfoLyHq0XurrA
fAAvz7tHhmLtevQzRdMqdFvEsxp6cNI2aondkpBCvifUUQ9uqRmjFbv/j7KmtuSjO/Ut3BJak00s
2AH35pH78aaDotHVswJv+ncMwiVKiO9oQ/IjVVyh0D4JzQd4VBi4kEWsPBAQiAyN+oGfbBs+JL9N
gOeE9iCFvmYnOBAFYWNfW/JYzVmfB5OLDcW7fs6d9TTfLB4UP3L92W0slnytCEaxAsDFy/wdYcA2
g2OnkLZIIjw6E1rIQDqsq8KLMkf+lAMPkf/LXd427Jt2ST5E7i99l+JH9jzpbU928ZP6jlXgMCBA
+x3kTrAOG/rWCBE21zBhvngvxSzRfAFbngnkXqzVOJYtigimTSf3aGcb+fNXPEc0jxN9FSJf4WUp
MX5csjIhXWFVTQxoQsY/5A663GgRmD/5PuWWen15UIjv6E0itzD4ebd+edaKv378gbHcOvNF4aOp
blUwarxJ6i4GgCl//JECyVDt4FWGD7dRz4vzy74EXjH/OXhvhPMj3HtUoI1V9+wcWEaOe3k/+ddG
9MQ9DoOo3EnBgr3k+cArj0l2XpJLMJ160jWiUCxJ56biGfnSEmKqJn4KYTCXNlxPBNz9mB0WTiYU
06cVLA/WxVWIzOjq6F7++MhE2MXo2YEVPuvC6UthIElkGEjs2whxoMJAvKwizr/dQb9PmhtSOeSz
g+bYIkXW+yHPtwUiIOueX8+wo7awUi52dQWEdajv3mP1Jze0vGB2stwrnX6kz12hnIa5Zmw42fgd
sVZd5MQlSIT/xZbfZhJQqiaUc1kvnQiVty6Kn0r+4Hmv3bW9c/CJ/bLB0ZNL0g51gzI7oOCfibFG
FKxwM7jRQk7DVOcEVpChe7uuSzkqrQ+W2m3gkZG94Hm1qNkgRokptwBCN/DNiepbvTSeTXS+WWwt
mAJ3po8ETkL0KqPUKQ1PSwFT2HM+03/I0ZZK4VT8KB3U+0aNz6+NfFq4Y7nkp1cjXLY7qLDKPD9R
/scmZWhRv1SQrcngR8IZjzDPOK5MiLhkwIjA771QqmeopBWSTjRtbI0+s612pRCYVPOB23rUTxfH
y6bf3uoz9dzQsiXQIRXmIir7u+vBYBf9WVeS19uCxl8BgH8BsnCIYA0KZW5kc3RyZWFtDQplbmRv
YmoNCjMyMCAwIG9iag0KWyAwWyA2MDBdICAzWyA2MDBdICA1WyA2MDBdICAxNVsgNjAwIDYwMCA2
MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDBdICAzNlsg
NjAwIDYwMF0gIDQwWyA2MDBdICA0MlsgNjAwIDYwMCA2MDBdICA0N1sgNjAwIDYwMCA2MDAgNjAw
IDYwMF0gIDUzWyA2MDAgNjAwIDYwMCA2MDAgNjAwXSAgNjFbIDYwMCA2MDBdICA2NFsgNjAwXSAg
NjhbIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2
MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMF0gIDkxWyA2MDAgNjAwIDYwMCA2MDBd
ICA5NlsgNjAwXSAgMTc5WyA2MDAgNjAwXSBdIA0KZW5kb2JqDQozMjEgMCBvYmoNClsgNjAwIDAg
NjAwIDAgMCAwIDAgMCAwIDAgMCAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAw
IDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDAgMCAwIDAgMCAwIDYwMCA2MDAgMCAwIDYwMCAwIDYw
MCA2MDAgNjAwIDAgMCAwIDYwMCAwIDYwMCA2MDAgMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDAgMCAw
IDYwMCA2MDAgMCA2MDAgMCAwIDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAg
NjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDYwMCA2MDAgNjAwIDAgNjAw
IDYwMCA2MDAgNjAwIDAgNjAwXSANCmVuZG9iag0KMzIyIDAgb2JqDQo8PC9UeXBlL1hSZWYvU2l6
ZSAzMjIvV1sgMSA0IDJdIC9Sb290IDEgMCBSL0luZm8gNjAgMCBSL0lEWzwzNzczQ0Q0MkMwRUVB
MjRDOEQ2MDBBMzc4MDY4MzhDRT48Mzc3M0NENDJDMEVFQTI0QzhENjAwQTM3ODA2ODM4Q0U+XSAv
RmlsdGVyL0ZsYXRlRGVjb2RlL0xlbmd0aCA2OTI+Pg0Kc3RyZWFtDQp4nDXVaZjXUxgG4N9M/xZq
Ju0LRZpKi0xlZkJRM01U05gIMRIVslWKbEVCogXZUslWKBWy7wpRhkqJyRKjiMp++YBL/vPenA/n
vs653vN8OR+eJEmvffsy0nuDJKlmCv4OMnYHNdYGqXFBzRGowj9BrUXYFdSuDOpsCequCup1RQl2
BFkus9sE9XODhn8EjaZjcdC4DPODJvOCpqVBM5nNhwWtsrE6aL01aDsLa4KciUG7MUH7UUGnPUGX
FkHu0qBbedA9K+jRMsj/MyjYG/SaFPSW2XdhUNgBxRBdlB/06xwUDw0GbA4GTg4G5aAiKJkaDM5L
ksz0rxQl32EXvkdt/DfyQ/pBadn/p0xkoBZqIIWaaII62I39sR8aoxHqoS6ykYUDUB8N0QBt0BR7
0BzNcAgORku0wEE4EK3RCgU4FHuRg7bIx+Foj3Y4DB3QCR3RBZ3RFUfgSHRHLrqhB/IwCD3xI47G
USjGMeiF3jgWx6EP+qIQReiH/jgBx2MABuIslOAnlGIwhuNMlOFEnIQhGIqTcSpOQTmG4TScgdMx
GSPwM87B2bgG4zEKIzEO52I0zsd5uBgXYAwuwoUYi0twGSbiUkzAVbgCl2MSrsTVmIsp+AXX4Vrc
gam4HtNwA27ETZiOmzEDt+BWzMQszMYc3IbbsQJ34lfcjbuwHPfgXszDfZiPBViI+7EID+BBPISH
8QgWYwkexWN4HEuxDE9gNVbiNzyFJ/EmnsYqPINn8Ryexwt4ES/hZbyCV/EaXscb+BZr8DvexlvY
iW1Yi3ewERvwId5FBd7DOqzH+/gAH2ETPsEWbMZWfIxKfIov8QU+w+f4Bl9jO75CFXak+6hc2w/f
WU1GBTaMDDYuDzZVVZM5fjQWBBMKq0nlxWQqf0ZQECOpnn8FlVHJqW1zk+RfIevxcw0KZW5kc3Ry
ZWFtDQplbmRvYmoNCnhyZWYNCjAgMzIzDQowMDAwMDAwMDYxIDY1NTM1IGYNCjAwMDAwMDAwMTcg
MDAwMDAgbg0KMDAwMDAwMDEyNSAwMDAwMCBuDQowMDAwMDAwMjUyIDAwMDAwIG4NCjAwMDAwMDA0
OTEgMDAwMDAgbg0KMDAwMDAwMDk2NiAwMDAwMCBuDQowMDAwMDAxMTM1IDAwMDAwIG4NCjAwMDAw
MDEzNzUgMDAwMDAgbg0KMDAwMDAwMTUwNiAwMDAwMCBuDQowMDAwMDAxNTM0IDAwMDAwIG4NCjAw
MDAwMDE2OTQgMDAwMDAgbg0KMDAwMDAwMTc2OCAwMDAwMCBuDQowMDAwMDAyMDA5IDAwMDAwIG4N
CjAwMDAwMDIyNjAgMDAwMDAgbg0KMDAwMDAwMjk5NCAwMDAwMCBuDQowMDAwMDAzMTE4IDAwMDAw
IG4NCjAwMDAwMDMxNDggMDAwMDAgbg0KMDAwMDAwMzMwMCAwMDAwMCBuDQowMDAwMDAzMzc0IDAw
MDAwIG4NCjAwMDAwMDM2MTcgMDAwMDAgbg0KMDAwMDAwMzg4OCAwMDAwMCBuDQowMDAwMDA0ODU0
IDAwMDAwIG4NCjAwMDAwMDQ5OTggMDAwMDAgbg0KMDAwMDAwNTAyOCAwMDAwMCBuDQowMDAwMDA1
MjAwIDAwMDAwIG4NCjAwMDAwMDUyNzQgMDAwMDAgbg0KMDAwMDAwNTUyOCAwMDAwMCBuDQowMDAw
MDA1NzEwIDAwMDAwIG4NCjAwMDAwMDU5NjQgMDAwMDAgbg0KMDAwMDAwNjIzMiAwMDAwMCBuDQow
MDAwMDA3NDM4IDAwMDAwIG4NCjAwMDAwMDc2MTcgMDAwMDAgbg0KMDAwMDAwNzg5NCAwMDAwMCBu
DQowMDAwMDA5MTAwIDAwMDAwIG4NCjAwMDAwMDkxNTQgMDAwMDAgbg0KMDAwMDAwOTMzMSAwMDAw
MCBuDQowMDAwMDA5NTc2IDAwMDAwIG4NCjAwMDAwMDk4MjcgMDAwMDAgbg0KMDAwMDAxMDk4OCAw
MDAwMCBuDQowMDAwMDExMjg5IDAwMDAwIG4NCjAwMDAwMTI0NTcgMDAwMDAgbg0KMDAwMDAxMjYz
NSAwMDAwMCBuDQowMDAwMDEyODEzIDAwMDAwIG4NCjAwMDAwMTMwODIgMDAwMDAgbg0KMDAwMDAx
NDA3NCAwMDAwMCBuDQowMDAwMDE0MzE3IDAwMDAwIG4NCjAwMDAwMTU0NzggMDAwMDAgbg0KMDAw
MDAxNTczMSAwMDAwMCBuDQowMDAwMDE2Nzk2IDAwMDAwIG4NCjAwMDAwMTY5MzUgMDAwMDAgbg0K
MDAwMDAxNjk2NSAwMDAwMCBuDQowMDAwMDE3MTMyIDAwMDAwIG4NCjAwMDAwMTcyMDYgMDAwMDAg
bg0KMDAwMDAxNzQ1MSAwMDAwMCBuDQowMDAwMDE3NzQ4IDAwMDAwIG4NCjAwMDAwMTg4OTkgMDAw
MDAgbg0KMDAwMDAxOTA2OCAwMDAwMCBuDQowMDAwMDE5MjM2IDAwMDAwIG4NCjAwMDAwMTk0MDQg
MDAwMDAgbg0KMDAwMDAxOTU4NCAwMDAwMCBuDQowMDAwMDE5NzY1IDAwMDAwIG4NCjAwMDAwMDAw
NjIgNjU1MzUgZg0KMDAwMDAwMDA2MyA2NTUzNSBmDQowMDAwMDAwMDY0IDY1NTM1IGYNCjAwMDAw
MDAwNjUgNjU1MzUgZg0KMDAwMDAwMDA2NiA2NTUzNSBmDQowMDAwMDAwMDY3IDY1NTM1IGYNCjAw
MDAwMDAwNjggNjU1MzUgZg0KMDAwMDAwMDA2OSA2NTUzNSBmDQowMDAwMDAwMDcwIDY1NTM1IGYN
CjAwMDAwMDAwNzEgNjU1MzUgZg0KMDAwMDAwMDA3MiA2NTUzNSBmDQowMDAwMDAwMDczIDY1NTM1
IGYNCjAwMDAwMDAwNzQgNjU1MzUgZg0KMDAwMDAwMDA3NSA2NTUzNSBmDQowMDAwMDAwMDc2IDY1
NTM1IGYNCjAwMDAwMDAwNzcgNjU1MzUgZg0KMDAwMDAwMDA3OCA2NTUzNSBmDQowMDAwMDAwMDc5
IDY1NTM1IGYNCjAwMDAwMDAwODAgNjU1MzUgZg0KMDAwMDAwMDA4MSA2NTUzNSBmDQowMDAwMDAw
MDgyIDY1NTM1IGYNCjAwMDAwMDAwODMgNjU1MzUgZg0KMDAwMDAwMDA4NCA2NTUzNSBmDQowMDAw
MDAwMDg1IDY1NTM1IGYNCjAwMDAwMDAwODYgNjU1MzUgZg0KMDAwMDAwMDA4NyA2NTUzNSBmDQow
MDAwMDAwMDg4IDY1NTM1IGYNCjAwMDAwMDAwODkgNjU1MzUgZg0KMDAwMDAwMDA5MCA2NTUzNSBm
DQowMDAwMDAwMDkxIDY1NTM1IGYNCjAwMDAwMDAwOTIgNjU1MzUgZg0KMDAwMDAwMDA5MyA2NTUz
NSBmDQowMDAwMDAwMDk0IDY1NTM1IGYNCjAwMDAwMDAwOTUgNjU1MzUgZg0KMDAwMDAwMDA5NiA2
NTUzNSBmDQowMDAwMDAwMDk3IDY1NTM1IGYNCjAwMDAwMDAwOTggNjU1MzUgZg0KMDAwMDAwMDA5
OSA2NTUzNSBmDQowMDAwMDAwMTAwIDY1NTM1IGYNCjAwMDAwMDAxMDEgNjU1MzUgZg0KMDAwMDAw
MDEwMiA2NTUzNSBmDQowMDAwMDAwMTAzIDY1NTM1IGYNCjAwMDAwMDAxMDQgNjU1MzUgZg0KMDAw
MDAwMDEwNSA2NTUzNSBmDQowMDAwMDAwMTA2IDY1NTM1IGYNCjAwMDAwMDAxMDcgNjU1MzUgZg0K
MDAwMDAwMDEwOCA2NTUzNSBmDQowMDAwMDAwMTA5IDY1NTM1IGYNCjAwMDAwMDAxMTAgNjU1MzUg
Zg0KMDAwMDAwMDExMSA2NTUzNSBmDQowMDAwMDAwMTEyIDY1NTM1IGYNCjAwMDAwMDAxMTMgNjU1
MzUgZg0KMDAwMDAwMDExNCA2NTUzNSBmDQowMDAwMDAwMTE1IDY1NTM1IGYNCjAwMDAwMDAxMTYg
NjU1MzUgZg0KMDAwMDAwMDExNyA2NTUzNSBmDQowMDAwMDAwMTE4IDY1NTM1IGYNCjAwMDAwMDAx
MTkgNjU1MzUgZg0KMDAwMDAwMDEyMCA2NTUzNSBmDQowMDAwMDAwMTIxIDY1NTM1IGYNCjAwMDAw
MDAxMjIgNjU1MzUgZg0KMDAwMDAwMDEyMyA2NTUzNSBmDQowMDAwMDAwMTI0IDY1NTM1IGYNCjAw
MDAwMDAxMjUgNjU1MzUgZg0KMDAwMDAwMDEyNiA2NTUzNSBmDQowMDAwMDAwMTI3IDY1NTM1IGYN
CjAwMDAwMDAxMjggNjU1MzUgZg0KMDAwMDAwMDEyOSA2NTUzNSBmDQowMDAwMDAwMTMwIDY1NTM1
IGYNCjAwMDAwMDAxMzEgNjU1MzUgZg0KMDAwMDAwMDEzMiA2NTUzNSBmDQowMDAwMDAwMTMzIDY1
NTM1IGYNCjAwMDAwMDAxMzQgNjU1MzUgZg0KMDAwMDAwMDEzNSA2NTUzNSBmDQowMDAwMDAwMTM2
IDY1NTM1IGYNCjAwMDAwMDAxMzcgNjU1MzUgZg0KMDAwMDAwMDEzOCA2NTUzNSBmDQowMDAwMDAw
MTM5IDY1NTM1IGYNCjAwMDAwMDAxNDAgNjU1MzUgZg0KMDAwMDAwMDE0MSA2NTUzNSBmDQowMDAw
MDAwMTQyIDY1NTM1IGYNCjAwMDAwMDAxNDMgNjU1MzUgZg0KMDAwMDAwMDE0NCA2NTUzNSBmDQow
MDAwMDAwMTQ1IDY1NTM1IGYNCjAwMDAwMDAxNDYgNjU1MzUgZg0KMDAwMDAwMDE0NyA2NTUzNSBm
DQowMDAwMDAwMTQ4IDY1NTM1IGYNCjAwMDAwMDAxNDkgNjU1MzUgZg0KMDAwMDAwMDE1MCA2NTUz
NSBmDQowMDAwMDAwMTUxIDY1NTM1IGYNCjAwMDAwMDAxNTIgNjU1MzUgZg0KMDAwMDAwMDE1MyA2
NTUzNSBmDQowMDAwMDAwMTU0IDY1NTM1IGYNCjAwMDAwMDAxNTUgNjU1MzUgZg0KMDAwMDAwMDE1
NiA2NTUzNSBmDQowMDAwMDAwMTU3IDY1NTM1IGYNCjAwMDAwMDAxNTggNjU1MzUgZg0KMDAwMDAw
MDE1OSA2NTUzNSBmDQowMDAwMDAwMTYwIDY1NTM1IGYNCjAwMDAwMDAxNjEgNjU1MzUgZg0KMDAw
MDAwMDE2MiA2NTUzNSBmDQowMDAwMDAwMTYzIDY1NTM1IGYNCjAwMDAwMDAxNjQgNjU1MzUgZg0K
MDAwMDAwMDE2NSA2NTUzNSBmDQowMDAwMDAwMTY2IDY1NTM1IGYNCjAwMDAwMDAxNjcgNjU1MzUg
Zg0KMDAwMDAwMDE2OCA2NTUzNSBmDQowMDAwMDAwMTY5IDY1NTM1IGYNCjAwMDAwMDAxNzAgNjU1
MzUgZg0KMDAwMDAwMDE3MSA2NTUzNSBmDQowMDAwMDAwMTcyIDY1NTM1IGYNCjAwMDAwMDAxNzMg
NjU1MzUgZg0KMDAwMDAwMDE3NCA2NTUzNSBmDQowMDAwMDAwMTc1IDY1NTM1IGYNCjAwMDAwMDAx
NzYgNjU1MzUgZg0KMDAwMDAwMDE3NyA2NTUzNSBmDQowMDAwMDAwMTc4IDY1NTM1IGYNCjAwMDAw
MDAxNzkgNjU1MzUgZg0KMDAwMDAwMDE4MCA2NTUzNSBmDQowMDAwMDAwMTgxIDY1NTM1IGYNCjAw
MDAwMDAxODIgNjU1MzUgZg0KMDAwMDAwMDE4MyA2NTUzNSBmDQowMDAwMDAwMTg0IDY1NTM1IGYN
CjAwMDAwMDAxODUgNjU1MzUgZg0KMDAwMDAwMDE4NiA2NTUzNSBmDQowMDAwMDAwMTg3IDY1NTM1
IGYNCjAwMDAwMDAxODggNjU1MzUgZg0KMDAwMDAwMDE4OSA2NTUzNSBmDQowMDAwMDAwMTkwIDY1
NTM1IGYNCjAwMDAwMDAxOTEgNjU1MzUgZg0KMDAwMDAwMDE5MiA2NTUzNSBmDQowMDAwMDAwMTkz
IDY1NTM1IGYNCjAwMDAwMDAxOTQgNjU1MzUgZg0KMDAwMDAwMDE5NSA2NTUzNSBmDQowMDAwMDAw
MTk2IDY1NTM1IGYNCjAwMDAwMDAxOTcgNjU1MzUgZg0KMDAwMDAwMDE5OCA2NTUzNSBmDQowMDAw
MDAwMTk5IDY1NTM1IGYNCjAwMDAwMDAyMDAgNjU1MzUgZg0KMDAwMDAwMDIwMSA2NTUzNSBmDQow
MDAwMDAwMjAyIDY1NTM1IGYNCjAwMDAwMDAyMDMgNjU1MzUgZg0KMDAwMDAwMDIwNCA2NTUzNSBm
DQowMDAwMDAwMjA1IDY1NTM1IGYNCjAwMDAwMDAyMDYgNjU1MzUgZg0KMDAwMDAwMDIwNyA2NTUz
NSBmDQowMDAwMDAwMjA4IDY1NTM1IGYNCjAwMDAwMDAyMDkgNjU1MzUgZg0KMDAwMDAwMDIxMCA2
NTUzNSBmDQowMDAwMDAwMjExIDY1NTM1IGYNCjAwMDAwMDAyMTIgNjU1MzUgZg0KMDAwMDAwMDIx
MyA2NTUzNSBmDQowMDAwMDAwMjE0IDY1NTM1IGYNCjAwMDAwMDAyMTUgNjU1MzUgZg0KMDAwMDAw
MDIxNiA2NTUzNSBmDQowMDAwMDAwMjE3IDY1NTM1IGYNCjAwMDAwMDAyMTggNjU1MzUgZg0KMDAw
MDAwMDIxOSA2NTUzNSBmDQowMDAwMDAwMjIwIDY1NTM1IGYNCjAwMDAwMDAyMjEgNjU1MzUgZg0K
MDAwMDAwMDIyMiA2NTUzNSBmDQowMDAwMDAwMjIzIDY1NTM1IGYNCjAwMDAwMDAyMjQgNjU1MzUg
Zg0KMDAwMDAwMDIyNSA2NTUzNSBmDQowMDAwMDAwMjI2IDY1NTM1IGYNCjAwMDAwMDAyMjcgNjU1
MzUgZg0KMDAwMDAwMDIyOCA2NTUzNSBmDQowMDAwMDAwMjI5IDY1NTM1IGYNCjAwMDAwMDAyMzAg
NjU1MzUgZg0KMDAwMDAwMDIzMSA2NTUzNSBmDQowMDAwMDAwMjMyIDY1NTM1IGYNCjAwMDAwMDAy
MzMgNjU1MzUgZg0KMDAwMDAwMDIzNCA2NTUzNSBmDQowMDAwMDAwMjM1IDY1NTM1IGYNCjAwMDAw
MDAyMzYgNjU1MzUgZg0KMDAwMDAwMDIzNyA2NTUzNSBmDQowMDAwMDAwMjM4IDY1NTM1IGYNCjAw
MDAwMDAyMzkgNjU1MzUgZg0KMDAwMDAwMDI0MCA2NTUzNSBmDQowMDAwMDAwMjQxIDY1NTM1IGYN
CjAwMDAwMDAyNDIgNjU1MzUgZg0KMDAwMDAwMDI0MyA2NTUzNSBmDQowMDAwMDAwMjQ0IDY1NTM1
IGYNCjAwMDAwMDAyNDUgNjU1MzUgZg0KMDAwMDAwMDI0NiA2NTUzNSBmDQowMDAwMDAwMjQ3IDY1
NTM1IGYNCjAwMDAwMDAyNDggNjU1MzUgZg0KMDAwMDAwMDI0OSA2NTUzNSBmDQowMDAwMDAwMjUw
IDY1NTM1IGYNCjAwMDAwMDAyNTEgNjU1MzUgZg0KMDAwMDAwMDI1MiA2NTUzNSBmDQowMDAwMDAw
MjUzIDY1NTM1IGYNCjAwMDAwMDAyNTQgNjU1MzUgZg0KMDAwMDAwMDI1NSA2NTUzNSBmDQowMDAw
MDAwMjU2IDY1NTM1IGYNCjAwMDAwMDAyNTcgNjU1MzUgZg0KMDAwMDAwMDI1OCA2NTUzNSBmDQow
MDAwMDAwMjU5IDY1NTM1IGYNCjAwMDAwMDAyNjAgNjU1MzUgZg0KMDAwMDAwMDI2MSA2NTUzNSBm
DQowMDAwMDAwMjYyIDY1NTM1IGYNCjAwMDAwMDAyNjMgNjU1MzUgZg0KMDAwMDAwMDI2NCA2NTUz
NSBmDQowMDAwMDAwMjY1IDY1NTM1IGYNCjAwMDAwMDAyNjYgNjU1MzUgZg0KMDAwMDAwMDI2NyA2
NTUzNSBmDQowMDAwMDAwMjY4IDY1NTM1IGYNCjAwMDAwMDAyNjkgNjU1MzUgZg0KMDAwMDAwMDI3
MCA2NTUzNSBmDQowMDAwMDAwMjcxIDY1NTM1IGYNCjAwMDAwMDAyNzIgNjU1MzUgZg0KMDAwMDAw
MDI3MyA2NTUzNSBmDQowMDAwMDAwMjc0IDY1NTM1IGYNCjAwMDAwMDAyNzUgNjU1MzUgZg0KMDAw
MDAwMDI3NiA2NTUzNSBmDQowMDAwMDAwMjc3IDY1NTM1IGYNCjAwMDAwMDAyNzggNjU1MzUgZg0K
MDAwMDAwMDI3OSA2NTUzNSBmDQowMDAwMDAwMjgwIDY1NTM1IGYNCjAwMDAwMDAyODEgNjU1MzUg
Zg0KMDAwMDAwMDI4MiA2NTUzNSBmDQowMDAwMDAwMjgzIDY1NTM1IGYNCjAwMDAwMDAyODQgNjU1
MzUgZg0KMDAwMDAwMDI4NSA2NTUzNSBmDQowMDAwMDAwMjg2IDY1NTM1IGYNCjAwMDAwMDAyODcg
NjU1MzUgZg0KMDAwMDAwMDI4OCA2NTUzNSBmDQowMDAwMDAwMjg5IDY1NTM1IGYNCjAwMDAwMDAy
OTAgNjU1MzUgZg0KMDAwMDAwMDI5MSA2NTUzNSBmDQowMDAwMDAwMjkyIDY1NTM1IGYNCjAwMDAw
MDAyOTMgNjU1MzUgZg0KMDAwMDAwMDI5NCA2NTUzNSBmDQowMDAwMDAwMjk1IDY1NTM1IGYNCjAw
MDAwMDAyOTYgNjU1MzUgZg0KMDAwMDAwMDI5NyA2NTUzNSBmDQowMDAwMDAwMjk4IDY1NTM1IGYN
CjAwMDAwMDAyOTkgNjU1MzUgZg0KMDAwMDAwMDMwMCA2NTUzNSBmDQowMDAwMDAwMzAxIDY1NTM1
IGYNCjAwMDAwMDAzMDIgNjU1MzUgZg0KMDAwMDAwMDMwMyA2NTUzNSBmDQowMDAwMDAwMzA0IDY1
NTM1IGYNCjAwMDAwMDAzMDUgNjU1MzUgZg0KMDAwMDAwMDMwNiA2NTUzNSBmDQowMDAwMDAwMDAw
IDY1NTM1IGYNCjAwMDAwMjM1MjQgMDAwMDAgbg0KMDAwMDAyNDAzNyAwMDAwMCBuDQowMDAwMTE3
OTg5IDAwMDAwIG4NCjAwMDAxMTg2MjYgMDAwMDAgbg0KMDAwMDExODk1NiAwMDAwMCBuDQowMDAw
MTE5MjY2IDAwMDAwIG4NCjAwMDAxNTk4NDQgMDAwMDAgbg0KMDAwMDE1OTg5OSAwMDAwMCBuDQow
MDAwMTYwMzIyIDAwMDAwIG4NCjAwMDAyNzU4MTAgMDAwMDAgbg0KMDAwMDI3NjEwNCAwMDAwMCBu
DQowMDAwMjc2MzI0IDAwMDAwIG4NCjAwMDAyNzY3MzEgMDAwMDAgbg0KMDAwMDMxNzcyMiAwMDAw
MCBuDQowMDAwMzE4MDk4IDAwMDAwIG4NCjAwMDAzMTg0MzIgMDAwMDAgbg0KdHJhaWxlcg0KPDwv
U2l6ZSAzMjMvUm9vdCAxIDAgUi9JbmZvIDYwIDAgUi9JRFs8Mzc3M0NENDJDMEVFQTI0QzhENjAw
QTM3ODA2ODM4Q0U+PDM3NzNDRDQyQzBFRUEyNEM4RDYwMEEzNzgwNjgzOENFPl0gPj4NCnN0YXJ0
eHJlZg0KMzE5MzI3DQolJUVPRg0KeHJlZg0KMCAwDQp0cmFpbGVyDQo8PC9TaXplIDMyMy9Sb290
IDEgMCBSL0luZm8gNjAgMCBSL0lEWzwzNzczQ0Q0MkMwRUVBMjRDOEQ2MDBBMzc4MDY4MzhDRT48
Mzc3M0NENDJDMEVFQTI0QzhENjAwQTM3ODA2ODM4Q0U+XSAvUHJldiAzMTkzMjcvWFJlZlN0bSAz
MTg0MzI+Pg0Kc3RhcnR4cmVmDQozMjU5NDcNCiUlRU9G

--_004_56C3C758F9D6534CA3778EAA1E0C34375C382B17BLUPRD0412MB643_--

From prateek.mishra@oracle.com  Fri Mar 15 10:18:21 2013
Return-Path: <prateek.mishra@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5444921F892C for <scim@ietfa.amsl.com>; Fri, 15 Mar 2013 10:18:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000,  BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tUKqvc2uGwhP for <scim@ietfa.amsl.com>; Fri, 15 Mar 2013 10:18:20 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id C467F21F8922 for <scim@ietf.org>; Fri, 15 Mar 2013 10:18:20 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2FHIJRY007079 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <scim@ietf.org>; Fri, 15 Mar 2013 17:18:20 GMT
Received: from acsmt357.oracle.com (acsmt357.oracle.com [141.146.40.157]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2FHIJO5007511 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <scim@ietf.org>; Fri, 15 Mar 2013 17:18:19 GMT
Received: from abhmt105.oracle.com (abhmt105.oracle.com [141.146.116.57]) by acsmt357.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2FHIIGh002104 for <scim@ietf.org>; Fri, 15 Mar 2013 12:18:18 -0500
Received: from [130.129.23.121] (/130.129.23.121) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 15 Mar 2013 10:18:18 -0700
Message-ID: <514357D4.1020804@oracle.com>
Date: Fri, 15 Mar 2013 13:18:12 -0400
From: prateek mishra <prateek.mishra@oracle.com>
Organization: Oracle Corporation
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130215 Thunderbird/17.0.3
MIME-Version: 1.0
To: scim@ietf.org
References: <56C3C758F9D6534CA3778EAA1E0C34375C382B17@BLUPRD0412MB643.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C382B17@BLUPRD0412MB643.namprd04.prod.outlook.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
Subject: [scim] SAML V2.0 Change Notify Protocol
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Mar 2013 17:18:21 -0000

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-notify-protocol/v1.0/cs01/sstc-saml2-notify-protocol-v1.0-cs01.pdf

The SAML V2.0 Change Notify Protocol describes request and response 
messages for informing
SAML endpoints about available changes to subjects and attributes 
associated with subjects.

From ietf@meetecho.com  Sat Mar 16 07:55:23 2013
Return-Path: <ietf@meetecho.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE9CE21F8AB8 for <scim@ietfa.amsl.com>; Sat, 16 Mar 2013 07:55:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.719
X-Spam-Level: 
X-Spam-Status: No, score=-0.719 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G5UT6QwWi4l4 for <scim@ietfa.amsl.com>; Sat, 16 Mar 2013 07:55:23 -0700 (PDT)
Received: from smtpdg1.aruba.it (smtpdg1.aruba.it [62.149.158.231]) by ietfa.amsl.com (Postfix) with ESMTP id DF5BB21F8AC2 for <scim@ietf.org>; Sat, 16 Mar 2013 07:55:22 -0700 (PDT)
Received: from dell-tcastaldi ([87.16.35.204]) by smtpcmd01.ad.aruba.it with bizsmtp id CEvK1l00R4QFnDT01EvLxF; Sat, 16 Mar 2013 15:55:20 +0100
Date: Sat, 16 Mar 2013 10:55:16 -0400 (EDT)
From: Meetecho Team <ietf@meetecho.com>
To: scim@ietf.org
Message-ID: <860069.1.1363445716513.JavaMail.tcastaldi@dell-tcastaldi>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_Part_0_2614099.1363445716467"
Subject: [scim] SCIM session recording available
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Mar 2013 14:55:24 -0000

------=_Part_0_2614099.1363445716467
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Dear all,

the full recording (synchronized video, audio, slides and jabber room) of the 
SCIM WG session at IETF 86 is available at the following URL:
http://ietf86.conf.meetecho.com/index.php/Recorded_Sessions#SCIM

In case of problems with the playout, just drop an e-mail to ietf-support@meetecho.com.

For the chair(s): please feel free to put the link to the recording in the minutes,
if you think this might be useful.

Cheers,
the Meetecho Team


This email has been automatically generated by The Meetecho Conferencing System


------=_Part_0_2614099.1363445716467--

From leifj@sunet.se  Sat Mar 16 09:01:17 2013
Return-Path: <leifj@sunet.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 870AC21F8994 for <scim@ietfa.amsl.com>; Sat, 16 Mar 2013 09:01:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gSfzD08tUxkA for <scim@ietfa.amsl.com>; Sat, 16 Mar 2013 09:01:17 -0700 (PDT)
Received: from smtp1.nordu.net (smtp1.nordu.net [IPv6:2001:948:4:6::32]) by ietfa.amsl.com (Postfix) with ESMTP id 88F9B21F8A7E for <scim@ietf.org>; Sat, 16 Mar 2013 09:01:16 -0700 (PDT)
Received: from [192.168.154.211] ([98.79.94.25]) (authenticated bits=0) by smtp1.nordu.net (8.14.6/8.14.6) with ESMTP id r2GG1BFE013077 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for <scim@ietf.org>; Sat, 16 Mar 2013 16:01:15 GMT
Message-ID: <51449747.4030206@sunet.se>
Date: Sat, 16 Mar 2013 17:01:11 +0100
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Thunderbird/17.0.4
MIME-Version: 1.0
To: scim WG <scim@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [scim] please review draft-wahl-scim-profile-00
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Mar 2013 16:01:17 -0000

In Orlando we were asked to adopt draft-wahl-scim-profile as a WG
document. The topic is in scope of our charter but the document
should get more review before we have a consensus call on adoption.

Please review!
       
        Cheers Leif

From leifj@sunet.se  Sat Mar 16 09:01:43 2013
Return-Path: <leifj@sunet.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A089621F8999 for <scim@ietfa.amsl.com>; Sat, 16 Mar 2013 09:01:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TO1KmKvERCwN for <scim@ietfa.amsl.com>; Sat, 16 Mar 2013 09:01:43 -0700 (PDT)
Received: from smtp1.nordu.net (smtp1.nordu.net [IPv6:2001:948:4:6::32]) by ietfa.amsl.com (Postfix) with ESMTP id DBD7C21F897F for <scim@ietf.org>; Sat, 16 Mar 2013 09:01:42 -0700 (PDT)
Received: from [192.168.154.211] ([98.79.94.25]) (authenticated bits=0) by smtp1.nordu.net (8.14.6/8.14.6) with ESMTP id r2GG1bEJ011671 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for <scim@ietf.org>; Sat, 16 Mar 2013 16:01:41 GMT
Message-ID: <51449761.8090206@sunet.se>
Date: Sat, 16 Mar 2013 17:01:37 +0100
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Thunderbird/17.0.4
MIME-Version: 1.0
To: scim WG <scim@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [scim] notes up
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Mar 2013 16:01:43 -0000

Notes from Orlando meeting are online.

        Cheers Leif

From samuel@erdtman.se  Mon Mar 18 00:13:11 2013
Return-Path: <samuel@erdtman.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDFAA21F88D8 for <scim@ietfa.amsl.com>; Mon, 18 Mar 2013 00:13:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eeo9CIbJKbRs for <scim@ietfa.amsl.com>; Mon, 18 Mar 2013 00:13:10 -0700 (PDT)
Received: from mail-ee0-f53.google.com (mail-ee0-f53.google.com [74.125.83.53]) by ietfa.amsl.com (Postfix) with ESMTP id BF8C821F86C9 for <scim@ietf.org>; Mon, 18 Mar 2013 00:13:09 -0700 (PDT)
Received: by mail-ee0-f53.google.com with SMTP id e53so2380771eek.12 for <scim@ietf.org>; Mon, 18 Mar 2013 00:12:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:references:from:mime-version:in-reply-to:date:message-id :subject:to:cc:content-type:x-gm-message-state; bh=sFDQpX4oAkmvolhEyQxN2YOJ8E/LRTAe07O6XoakCDc=; b=I1i7LTciv7E4UFcIgZjF0f52ihJUXFZWM9hral7MTEU5Lj7MNXrQFbfgjZlCtYZTAT 8IPySwqGh4zjvuRJ4x26y5Idxz9h3vZ1oDoMGfh9NVPWKTwrxPI5dxHfgzZCkqHTgCet XCG2ZkRELcAq52cLcplAUIWcQ8A9BjCYSkOoGiJ1TQWOT4Cc42VCP5RscWT6pT0/kUQ5 Taiq+M2wy1r7UVjDi3gtCooP70KvLVcb40UcRQnXRUUD1b+hj1ZgXbmEP6bEjOdZ6mfw gUqB1NNIRBTjUIrBNj51bsOx6iEItKLNpky+H5ScWb8YhUHGdoJ+Ikapax58GnFC4sXg 0qkA==
X-Received: by 10.14.206.132 with SMTP id l4mr19978048eeo.38.1363590775911; Mon, 18 Mar 2013 00:12:55 -0700 (PDT)
References: <CAGUsYPxgWHP0ofxiORy0pg7S2J-nB+yLSTqKBjvnDT+Wcmc1_A@mail.gmail.com>
From: Samuel Erdtman <samuel@erdtman.se>
Mime-Version: 1.0 (1.0)
In-Reply-To: <CAGUsYPxgWHP0ofxiORy0pg7S2J-nB+yLSTqKBjvnDT+Wcmc1_A@mail.gmail.com>
Date: Mon, 18 Mar 2013 08:12:54 +0100
Message-ID: <3865098278735616088@unknownmsgid>
To: Shelley <randomshelley@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQnBeetiy9SjDi6IuuDU/BCaoI3+6450Ng7pvmReNElLD3GfsDBEUrArb5MesMfdnWCgyScI
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2013 07:13:11 -0000

Hi All,

A late comment. In the case that company A owning tenant abc buys
company X owning tenant xyz and only wants one tenant, then a merger
of tenants would have to be done. In this case it would simplify the
merger if all id's in them self where unique.
This argument might not grant a MUST on uniqueness but it would be god
to have it recommended with an explanation.

Sent from my iPhone

On 13 mar 2013, at 17:15, Shelley <randomshelley@gmail.com> wrote:

> Tenants

From kelly.grizzle@sailpoint.com  Mon Mar 18 19:12:37 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA92721F8D9C for <scim@ietfa.amsl.com>; Mon, 18 Mar 2013 19:12:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z0NZzR-IaIUs for <scim@ietfa.amsl.com>; Mon, 18 Mar 2013 19:12:37 -0700 (PDT)
Received: from co1outboundpool.messaging.microsoft.com (co1ehsobe006.messaging.microsoft.com [216.32.180.189]) by ietfa.amsl.com (Postfix) with ESMTP id 4ECD421F8D84 for <scim@ietf.org>; Mon, 18 Mar 2013 19:12:36 -0700 (PDT)
Received: from mail72-co1-R.bigfish.com (10.243.78.242) by CO1EHSOBE041.bigfish.com (10.243.66.106) with Microsoft SMTP Server id 14.1.225.23; Tue, 19 Mar 2013 02:12:36 +0000
Received: from mail72-co1 (localhost [127.0.0.1])	by mail72-co1-R.bigfish.com (Postfix) with ESMTP id 65DA09A00EB; Tue, 19 Mar 2013 02:12:36 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT001.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -23
X-BigFish: PS-23(zz98dI9371I1432Idb82hzz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL8275dhz31h2a8h668h839h944hd25he5bhf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1155h)
Received-SPF: softfail (mail72-co1: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT001.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail72-co1 (localhost.localdomain [127.0.0.1]) by mail72-co1 (MessageSwitch) id 1363659153275096_26697; Tue, 19 Mar 2013 02:12:33 +0000 (UTC)
Received: from CO1EHSMHS006.bigfish.com (unknown [10.243.78.229])	by mail72-co1.bigfish.com (Postfix) with ESMTP id 407451C0059; Tue, 19 Mar 2013 02:12:33 +0000 (UTC)
Received: from BLUPRD0412HT001.namprd04.prod.outlook.com (132.245.1.133) by CO1EHSMHS006.bigfish.com (10.243.66.16) with Microsoft SMTP Server (TLS) id 14.1.225.23; Tue, 19 Mar 2013 02:12:33 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.238]) by BLUPRD0412HT001.namprd04.prod.outlook.com ([10.255.214.162]) with mapi id 14.16.0275.006; Tue, 19 Mar 2013 02:12:32 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Leif Johansson <leifj@sunet.se>
Thread-Topic: [scim] please review draft-wahl-scim-profile-00
Thread-Index: AQHOIl+BXO0bZZVSLU+XtWx9RxtUqZisSa6c
Date: Tue, 19 Mar 2013 02:12:32 +0000
Message-ID: <CE7A1CEF-1C13-468A-8BB5-4B1580FB8B50@sailpoint.com>
References: <51449747.4030206@sunet.se>
In-Reply-To: <51449747.4030206@sunet.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [72.182.10.254]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: scim WG <scim@ietf.org>
Subject: Re: [scim] please review draft-wahl-scim-profile-00
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2013 02:12:38 -0000

I mentioned this in Orlando, but generally I like the proposal.  It would b=
e nice to have a mechanism for the RP to register for notifications from th=
e IdP for a user (or set of users).  Since there is usually a one-to-many r=
elationship between IdP -> RP, it feels like this will be important.  Maybe=
 this is out of scope for this proposal and would happen when the JIT user =
creation occurs?

--Kelly

On Mar 16, 2013, at 11:01 AM, "Leif Johansson" <leifj@sunet.se> wrote:

>=20
> In Orlando we were asked to adopt draft-wahl-scim-profile as a WG
> document. The topic is in scope of our charter but the document
> should get more review before we have a consensus call on adoption.
>=20
> Please review!
>=20
>        Cheers Leif
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>=20


From randomshelley@gmail.com  Wed Mar 20 16:09:38 2013
Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01A7421F8935 for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 16:09:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u5krYDGWnI7a for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 16:09:34 -0700 (PDT)
Received: from mail-ie0-x22f.google.com (mail-ie0-x22f.google.com [IPv6:2607:f8b0:4001:c03::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 0324B21F88FC for <scim@ietf.org>; Wed, 20 Mar 2013 16:09:33 -0700 (PDT)
Received: by mail-ie0-f175.google.com with SMTP id c12so2830531ieb.34 for <scim@ietf.org>; Wed, 20 Mar 2013 16:09:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:content-type; bh=B0/UBztv0trQEoLMiLiO6PP1Dd65JA2UVlsiUsxfuz4=; b=OIGZ3FC8excoyqNCAjd8lnKGYNL0eXw8RSv/A9aTpI5PWVYP1BBRSFGDThASgVIpJ+ Xt0YMN43LWqxqr7dZrNh4+5ylefFiy1eFOS6jo5tu64KJn2z13nudG9BRQZgR6R+w5Ju HjSojt43JKnuw4KZB9PNtPGAv4KoNTuinxF0oTsggMpu6Wx4/r7HvOYP5TnG2xdRHd3f GIn0Rxbur/uOw2PeS/vGWzwwdX0YLcDIztlT3SuVwIMusTvtAborW5gIc88ksdUazHQQ NekDq3hNQMDZApQ0arYjXYcmO0jXwtEm+S9TXTqQHOvf7GmdxsgsUYX4yU8HMFYMhYEL gUhA==
MIME-Version: 1.0
X-Received: by 10.50.42.168 with SMTP id p8mr602114igl.106.1363820973487; Wed, 20 Mar 2013 16:09:33 -0700 (PDT)
Received: by 10.64.126.65 with HTTP; Wed, 20 Mar 2013 16:09:33 -0700 (PDT)
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com> <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com>
Date: Wed, 20 Mar 2013 18:09:33 -0500
Message-ID: <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com>
From: Shelley <randomshelley@gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary=14dae934108da97f0704d8635005
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2013 23:09:38 -0000

--14dae934108da97f0704d8635005
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Generating UUIDs may not be hard, but why should SCIM dictate the use of
UUIDs? This seems like a technical implementation detail that should be
left to the service providers. I am still not sure that there's a valid use
case for *requiring* globally unique identifiers across all tenants and
resources unless the service provider chooses to do so (e.g. by opting for
a non-URL-based tenancy model). To reiterate - the general principle of
REST is to use URIs as global identifiers and it seems unnecessary for SCIM
to require anything beyond this.

Also, to clarify - I'm opposed to *requiring *uniqueness* across tenants*,
but I'm also opposed to requiring uniqueness *across different resource
types*. The language in the core schema for the *id* attribute is a bit
ambiguous about this:

Unique identifier for the SCIM Resource as defined by the Service Provider.
> Each representation of the Resource MUST include a non-empty id value. Th=
is
> identifier MUST be unique across the Service Provider's entire set of
> Resources.
>

The "entire set of Resources" may be interpreted as the set of resources
for a given resource type *or *across all resource types. As discussed on
this thread, it seems there should be no reason for identifiers to be
unique across different types of resources (i.e. Users and Groups) even
within the same tenant (provided the clarifications to group membership are
updated as discussed).


On Thu, Mar 14, 2013 at 11:02 AM, Kelly Grizzle <kelly.grizzle@sailpoint.co=
m
> wrote:

>  You=92re right =85 generating a uuid is not hard.  My bigger concern is
> where the SP is putting a SCIM interface on an existing datastore (eg =96=
 a
> multi-tenant app that uses a database per tenant).  In this case we may b=
e
> imposing a restriction that has little value (if they have unique URIs) b=
ut
> won=92t be able to use the underlying datastore=92s existing identifiers.=
****
>
> ** **
>
> --Kelly****
>
> ** **
>
> *From:* scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] *On Behalf
> Of *Salvatore D'Agostino
> *Sent:* Wednesday, March 13, 2013 11:34 PM
> *To:* 'Phil Hunt'; Kelly Grizzle
>
> *Cc:* scim@ietf.org; 'Shelley'; 'Morteza Ansari (moransar)'
> *Subject:* Re: [scim] Proposed Text for Multi-Tenancy****
>
>  ** **
>
> I=92m with Phil, ****
>
> ** **
>
> RFC 4122  - x.667 ****
>
> ** **
>
> Not that hard.****
>
> ** **
>
> *From:* scim-bounces@ietf.org [mailto:scim-bounces@ietf.org<scim-bounces@=
ietf.org>]
> *On Behalf Of *Phil Hunt
> *Sent:* Wednesday, March 13, 2013 11:56 PM
> *To:* Kelly Grizzle
> *Cc:* scim@ietf.org; Shelley; Morteza Ansari (moransar)
> *Subject:* Re: [scim] Proposed Text for Multi-Tenancy****
>
> ** **
>
> Hmmm=85calculating a UUID is fairly straight forward and doesn't require
> checking across tenancies to be universally unique (at least statisticall=
y).
> ****
>
> ** **
>
> Phil****
>
> ** **
>
> @independentid****
>
> www.independentid.com****
>
> phil.hunt@oracle.com****
>
> ** **
>
> ** **
>
> ** **
>
> On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:****
>
> ** **
>
> I agree with Shelley.  It is a significant burden on the service provider
> to require fully unique IDs across tenants and resource types.****
>
>  ****
>
> > Given group members are only identified using the ID field****
>
>  ****
>
> This is likely going to change with the reference attribute type being
> added in issue #33.****
>
>  ****
>
>  ****
>
> > The SCIM id, defined by the Service Provider, MUST be unique across all
> Resources for all Tenants****
>
>  ****
>
> Maybe this could be reworded so that the MUST is conditional on whether
> multi-tenancy uses fully unique URIs or not.****
>
>  ****
>
> --Kelly****
>
>  ****
>
> *From:* scim-bounces@ietf.org [mailto:scim-bounces@ietf.org<scim-bounces@=
ietf.org>
> ] *On Behalf Of *Morteza Ansari (moransar)
> *Sent:* Wednesday, March 13, 2013 3:54 PM
> *To:* Shelley; scim@ietf.org
> *Subject:* Re: [scim] Proposed Text for Multi-Tenancy****
>
>  ****
>
> Another reason for this is group membership. Given group members are only
> identified using the ID field, if ID namespace is per tenant, then you
> can't have groups that cross tenant boundary regardless of whether the SP
> uses URL prefix or other mechanisms.****
>
>  ****
>
> I do see your point that if SP is using multiple DB's, this requirement
> adds additional burden on the SP.  I think the original intent of this
> language (in 1.0) was for id to be unique within a given endpoint (in you=
r
> example each DB), but the language is not quite clear.****
>
>  ****
>
>  ****
>
> Cheers,****
>
> Morteza****
>
>  ****
>
> *From: *Shelley <randomshelley@gmail.com>
> *Date: *Wednesday, March 13, 2013 11:17 AM
> *To: *"scim@ietf.org" <scim@ietf.org>
> *Subject: *[scim] Proposed Text for Multi-Tenancy****
>
>  ****
>
> As a developer of a service provider implementation that supports
> multi-tenancy, this requirement seems a bit imposing with little value.
> Given that all SCIM resources are relative to a given tenant and to a
> particular endpoint/resource type, it seems that the scope of SCIM
> identifiers need not go beyond these contexts. The SCIM Protocol is built
> upon REST, which is resource-oriented and based on URIs as GUIDs, and so
> requiring an additional GUID beyond this seems unnecessary.
>
> Technically, for example, assume that a service provider is using a
> standard RDBMS to persist user and group resources. This requirement now
> imposes uniqueness of identifiers across tables. Further, consider a case
> where a separate database schema maintains the data for each tenant. Not
> only must uniqueness be guaranteed across tables, but also across schemas=
.
> ****
>
> *a) Within the proposed text, there is no requirement that the Service
> Provider use the URL to distinguish tenants.  Thus, a URL including a
> non-unique SCIM Id would be ambiguous.*****
>
>
> I agree that if service providers choose not to use URLs to distinguish
> tenants, they must use unique resource identifiers across all tenants. In
> that case, I'd suggest that the burden of this limitation be placed on
> these service providers, not on all service providers. This should be a
> factor in choosing such a method for implementing multi-tenancy.
>
> Given that the SCIM Protocol is built upon REST where URIs uniquely
> identify resources, service providers that choose this method should be
> aware of the limitation they are imposing. It is my opinion, however, tha=
t
> this should be the exception and not dictate requirements for all provide=
rs.
> ****
>
> *b) There is a use case for retrieval of a resource when the Consumer
> does not know the resource "type" and therefore cannot use a specific
> resource end point.  *****
>
>
> Could you elaborate on this use case? Further, if this is a valid use
> case, why wouldn't the ability to search across multiple resource types b=
e
> sufficient for finding such resources? e.g:
>
>    GET /Tenants/abc?filter=3DexternalId eq xyz
>    {
>       "totalResults": 1,
>       "Resources": [
>          {
>            "id": "123",
>            "resourceType": "User",
>            "externalId": "xyz",
>            "meta": {
>                "location": "https://example.com/Tenants/abc/Users/123",
>                ...
>            },
>            ...
>          }
>       ],
>       ...
>    }
>
> (Or alternative to the "resourceType", the response could contain a list
> of "Users" and/or "Groups" instead of generic "Resources".)
>
> The current SCIM protocol at least requires that resources are created an=
d
> managed at a particular resource endpoint, and the introduction of the
> resource type and proposed search functionality seem to offset any need f=
or
> a global identifier across all tenants and resources.****
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim****
>
> ** **
>

--14dae934108da97f0704d8635005
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Generating UUIDs may not be hard, but why should SCIM dictate the use of UU=
IDs? This seems like a technical implementation detail that should be left =
to the service providers. I am still not sure that there&#39;s a valid use =
case for <i>requiring</i> globally unique identifiers across all tenants an=
d resources unless the service provider chooses to do so (e.g. by opting fo=
r a non-URL-based tenancy model). To reiterate - the general principle of R=
EST is to use URIs as global identifiers and it seems unnecessary for SCIM =
to require anything beyond this.<br>
<br>Also, to clarify - I&#39;m opposed to <i>requiring </i>uniqueness<i> ac=
ross tenants</i>, but I&#39;m also opposed to requiring uniqueness <i>acros=
s different resource types</i>. The language in the core schema for the <b>=
id</b> attribute is a bit ambiguous about this:<br>
<br><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb=
(204,204,204);padding-left:1ex" class=3D"gmail_quote">Unique identifier for=
 the SCIM Resource as
            defined by the Service Provider. Each representation of the
            Resource MUST include a non-empty id value. This identifier MUS=
T
            be unique across the Service Provider&#39;s entire set of Resou=
rces.<br></blockquote><br>The &quot;entire set of Resources&quot; may be in=
terpreted as the set of resources for a given resource type <i>or </i>acros=
s all resource types. As discussed on this thread, it seems there should be=
 no reason for identifiers to be unique across different types of resources=
 (i.e. Users and Groups) even within the same tenant (provided the clarific=
ations to group membership are updated as discussed).<br>
<br><br><div class=3D"gmail_quote">On Thu, Mar 14, 2013 at 11:02 AM, Kelly =
Grizzle <span dir=3D"ltr">&lt;<a href=3D"mailto:kelly.grizzle@sailpoint.com=
" target=3D"_blank">kelly.grizzle@sailpoint.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">





<div link=3D"blue" vlink=3D"purple" lang=3D"EN-US">
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">You=92re right =85 genera=
ting a uuid is not hard.=A0 My bigger concern is where the SP is putting a =
SCIM interface on an existing datastore (eg =96 a multi-tenant app
 that uses a database per tenant).=A0 In this case we may be imposing a res=
triction that has little value (if they have unique URIs) but won=92t be ab=
le to use the underlying datastore=92s existing identifiers.<u></u><u></u><=
/span></p>


<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>=A0<u></u></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">--Kelly<u></u><u></u></sp=
an></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>=A0<u></u></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> <a href=
=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-bounces@ietf.org</=
a> [mailto:<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-=
bounces@ietf.org</a>]
<b>On Behalf Of </b>Salvatore D&#39;Agostino<br>
<b>Sent:</b> Wednesday, March 13, 2013 11:34 PM<br>
<b>To:</b> &#39;Phil Hunt&#39;; Kelly Grizzle</span></p><div><div><br>
<b>Cc:</b> <a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org=
</a>; &#39;Shelley&#39;; &#39;Morteza Ansari (moransar)&#39;<br>
<b>Subject:</b> Re: [scim] Proposed Text for Multi-Tenancy<u></u><u></u></d=
iv></div><p></p>
</div>
</div><div><div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">I=92m with Phil,
<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>=A0<u></u></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">RFC 4122 =A0- x.667
<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>=A0<u></u></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">Not that hard.<u></u><u><=
/u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>=A0<u></u></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-bounces@iet=
f.org</a> [<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">mailt=
o:scim-bounces@ietf.org</a>]
<b>On Behalf Of </b>Phil Hunt<br>
<b>Sent:</b> Wednesday, March 13, 2013 11:56 PM<br>
<b>To:</b> Kelly Grizzle<br>
<b>Cc:</b> <a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org=
</a>; Shelley; Morteza Ansari (moransar)<br>
<b>Subject:</b> Re: [scim] Proposed Text for Multi-Tenancy<u></u><u></u></s=
pan></p>
</div>
</div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
<p class=3D"MsoNormal">Hmmm=85calculating a UUID is fairly straight forward=
 and doesn&#39;t require checking across tenancies to be universally unique=
 (at least statistically).<u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;">Phil<u></u><u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;"><u></u>=A0<u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;">@independentid<u></u><u></u></span></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;"><a href=3D"http://www.independentid.co=
m" target=3D"_blank">www.independentid.com</a><u></u><u></u></span></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:13.5pt"><span style=3D"font-s=
ize:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;"><a hre=
f=3D"mailto:phil.hunt@oracle.com" target=3D"_blank">phil.hunt@oracle.com</a=
><u></u><u></u></span></p>


</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;"><u></u>=A0<u></u></span></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><u></u>=A0<u></u></p>
</div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
<div>
<div>
<p class=3D"MsoNormal">On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:<u></=
u><u></u></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><u></u>=A0<u></u></p>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">I agree with Shelley.=A0 =
It is a significant burden on the service provider to require fully unique =
IDs across tenants and resource types.</span><u></u><u></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">=A0</span><u></u><u></u><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">&gt;<span>=A0</span></spa=
n><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;san=
s-serif&quot;">Given group members are only
 identified using the ID field</span><u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">=A0</span><u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">This is likely going to c=
hange with the reference attribute type being added in issue #33.</span><u>=
</u><u></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">=A0</span><u></u><u></u><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">=A0</span><u></u><u></u><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">&gt;<span>=A0</span></spa=
n><span style=3D"background:white;font-size:11.5pt">The SCIM id, defined by=
 the Service Provider,
 MUST be unique across all Resources for all Tenants</span><u></u><u></u></=
p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">=A0</span><u></u><u></u><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">Maybe this could be rewor=
ded so that the MUST is conditional on whether multi-tenancy uses fully uni=
que URIs or not.</span><u></u><u></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">=A0</span><u></u><u></u><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">--Kelly</span><u></u><u><=
/u></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">=A0</span><u></u><u></u><=
/p>
</div>
<div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span><span style=3D"=
font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">=A0=
</span></span><span style=3D"font-size:10.0pt;font-family:&quot;Tahoma&quot=
;,&quot;sans-serif&quot;"><a href=3D"mailto:scim-bounces@ietf.org" target=
=3D"_blank">scim-bounces@ietf.org</a>
 [<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">mailto:scim-bo=
unces@ietf.org</a>]<span>=A0</span><b>On Behalf Of<span>=A0</span></b>Morte=
za Ansari (moransar)<br>
<b>Sent:</b><span>=A0</span>Wednesday, March 13, 2013 3:54 PM<br>
<b>To:</b><span>=A0</span>Shelley; <a href=3D"mailto:scim@ietf.org" target=
=3D"_blank">
scim@ietf.org</a><br>
<b>Subject:</b><span>=A0</span>Re: [scim] Proposed Text for Multi-Tenancy</=
span><u></u><u></u></p>
</div>
</div>
</div>
<div>
<p class=3D"MsoNormal">=A0<u></u><u></u></p>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Another reason for this is group member=
ship. Given group members are only identified using the ID field, if ID nam=
espace is per tenant, then you can&#39;t have groups
 that cross tenant boundary regardless of whether the SP uses URL prefix or=
 other mechanisms.</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">=A0</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">I do see your point that if SP is using=
 multiple DB&#39;s, this requirement adds additional burden on the SP. =A0I=
 think the original intent of this language (in 1.0)
 was for id to be unique within a given endpoint (in your example each DB),=
 but the language is not quite clear.</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">=A0</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">=A0</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Cheers,</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Morteza</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">=A0</span><u></u><u></u></p>
</div>
</div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in =
0in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;">From:<span>=A0</span></span></b><spa=
n style=3D"font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-seri=
f&quot;">Shelley &lt;<a href=3D"mailto:randomshelley@gmail.com" target=3D"_=
blank">randomshelley@gmail.com</a>&gt;<br>


<b>Date:<span>=A0</span></b>Wednesday, March 13, 2013 11:17 AM<br>
<b>To:<span>=A0</span></b>&quot;<a href=3D"mailto:scim@ietf.org" target=3D"=
_blank">scim@ietf.org</a>&quot; &lt;<a href=3D"mailto:scim@ietf.org" target=
=3D"_blank">scim@ietf.org</a>&gt;<br>
<b>Subject:<span>=A0</span></b>[scim] Proposed Text for Multi-Tenancy</span=
><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">=A0</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-s=
ize:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">As a dev=
eloper of a service provider implementation that supports multi-tenancy, th=
is requirement seems a bit imposing with little
 value. Given that all SCIM resources are relative to a given tenant and to=
 a particular endpoint/resource type, it seems that the scope of SCIM ident=
ifiers need not go beyond these contexts. The SCIM Protocol is built upon R=
EST, which is resource-oriented
 and based on URIs as GUIDs, and so requiring an additional GUID beyond thi=
s seems unnecessary.<br>
<br>
Technically, for example, assume that a service provider is using a standar=
d RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a se=
parate database schema maintains
 the data for each tenant. Not only must uniqueness be guaranteed across ta=
bles, but also across schemas.</span><u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;">a) Within the proposed text, there i=
s no requirement that the Service Provider use the URL to distinguish tenan=
ts.=A0 Thus, a URL including a non-unique SCIM
 Id would be ambiguous.</span></i><u></u><u></u></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-s=
ize:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
I agree that if service providers choose not to use URLs to distinguish ten=
ants, they must use unique resource identifiers across all tenants. In that=
 case, I&#39;d suggest that the burden of this limitation be placed on thes=
e service providers, not on all service
 providers. This should be a factor in choosing such a method for implement=
ing multi-tenancy.<br>
<br>
Given that the SCIM Protocol is built upon REST where URIs uniquely identif=
y resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this shoul=
d be the exception and not dictate
 requirements for all providers.</span><u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;">b) There is a use case for retrieval=
 of a resource when the Consumer does not know the resource &quot;type&quot=
; and therefore cannot use a specific resource end point.=A0=A0</span></i><=
u></u><u></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;"><br>
Could you elaborate on this use case? Further, if this is a valid use case,=
 why wouldn&#39;t the ability to search across multiple resource types be s=
ufficient for finding such resources? e.g:<br>
<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;"=
>=A0=A0 GET /Tenants/abc?filter=3DexternalId eq xyz<br>
=A0=A0 {<br>
=A0=A0=A0=A0=A0 &quot;totalResults&quot;: 1,<br>
=A0=A0=A0=A0=A0 &quot;Resources&quot;: [</span><span style=3D"font-size:10.=
5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;"=
>=A0=A0=A0=A0=A0=A0=A0=A0 {<br>
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 &quot;id&quot;: &quot;123&quot;,<br>
=A0=A0 =A0=A0=A0=A0=A0=A0=A0 &quot;resourceType&quot;: &quot;User&quot;,<br=
>
=A0 =A0=A0 =A0=A0=A0=A0=A0 &quot;externalId&quot;: &quot;xyz&quot;,</span><=
span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-s=
erif&quot;"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;"=
>=A0=A0=A0 =A0=A0 =A0=A0=A0 &quot;meta&quot;: {<br>
=A0=A0=A0=A0=A0 =A0=A0 =A0=A0=A0=A0=A0 &quot;location&quot;: &quot;<a href=
=3D"https://example.com/Tenants/abc/Users/123" target=3D"_blank">https://ex=
ample.com/Tenants/abc/Users/123</a>&quot;,<br>
=A0=A0=A0=A0=A0=A0=A0 =A0=A0 =A0=A0=A0 ...<br>
=A0=A0 =A0=A0=A0=A0=A0=A0=A0 },<br>
=A0 =A0=A0 =A0=A0=A0=A0=A0 ...<br>
=A0=A0=A0=A0=A0=A0=A0=A0 }<br>
=A0=A0=A0=A0=A0 ],<br>
=A0=A0=A0=A0=A0 ...<br>
=A0=A0 }<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quo=
t;sans-serif&quot;"><br>
(Or alternative to the &quot;resourceType&quot;, the response could contain=
 a list of &quot;Users&quot; and/or &quot;Groups&quot; instead of generic &=
quot;Resources&quot;.)<br>
<br>
The current SCIM protocol at least requires that resources are created and =
managed at a particular resource endpoint, and the introduction of the reso=
urce type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants
 and resources.</span><u></u><u></u></p>
</div>
</div>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;">_____________________________________=
__________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><u></u><u></u></span></p>
</div>
</div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
</div>
</div></div></div>
</div>

</blockquote></div><br>

--14dae934108da97f0704d8635005--

From bjorn.aannestad@unboundid.com  Wed Mar 20 16:33:06 2013
Return-Path: <bjorn.aannestad@unboundid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C87CE21F8C08 for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 16:33:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.998
X-Spam-Level: 
X-Spam-Status: No, score=-2.998 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_27=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UQe5JqKc7daT for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 16:33:03 -0700 (PDT)
Received: from mail-oa0-f52.google.com (mail-oa0-f52.google.com [209.85.219.52]) by ietfa.amsl.com (Postfix) with ESMTP id 237DC21F8BC5 for <scim@ietf.org>; Wed, 20 Mar 2013 16:33:03 -0700 (PDT)
Received: by mail-oa0-f52.google.com with SMTP id k14so2427665oag.39 for <scim@ietf.org>; Wed, 20 Mar 2013 16:33:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:x-gm-message-state; bh=06rILbaxg1TI+r7xiSyOnApmEzmY5lcV0oqyA4m8a00=; b=Ae/6TzYURDJdlK2/aqjfC/Qs4ymQIpx7g70NwwoLVaC63ECkFZqSrQwjKHfj4wYGD7 yH2SmF90uq8QE53gbD8IF2KeaJzfd5AnF3t9Pi6rMPUkUuh8i+nSQNWXJba/gOlUFANX ItW92JEsEmSNVPRsFNRIvsTOrddlT56RIOwaYZuDqgKmBWqZVoQqeof5r1MQPXDiWC0C GRtbKBGpPglhfuYwYiEMcpigts2ABBjXhmupgo/3RqiSQKDQLiOYhudZrDWm+Lv2viWI hz+tRrL9ZF1TkMz6cAZm3NXPC15zGKupinpLHo9azpxcHTF3wyFMm+QCggQWcYkD3a7l Ug6A==
X-Received: by 10.182.49.102 with SMTP id t6mr5371443obn.75.1363822382575; Wed, 20 Mar 2013 16:33:02 -0700 (PDT)
Received: from [10.8.1.116] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id ri1sm4510166obc.12.2013.03.20.16.33.01 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 20 Mar 2013 16:33:01 -0700 (PDT)
Message-ID: <514A472A.40005@unboundid.com>
Date: Wed, 20 Mar 2013 18:32:58 -0500
From: Bjorn Aannestad <bjorn.aannestad@unboundid.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: scim@ietf.org
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com> <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com> <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com>
In-Reply-To: <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------020605090708060301090909"
X-Gm-Message-State: ALoCoQnen015sWmyUY0DRUQw7nEEGmPPiEMHPn9pgn3Ak86EMmBTZLA5miaQNkwOG0COQf/9HRP1
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2013 23:33:06 -0000

This is a multi-part message in MIME format.
--------------020605090708060301090909
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit


The discussion at Friday's meeting led to the same conclusion -- SCIM 
should not require the globally unique identifiers across tenants.   
That text will be removed from the next revision.

-Bjorn


On 2013-03-20 6:09 PM, Shelley wrote:
> Generating UUIDs may not be hard, but why should SCIM dictate the use 
> of UUIDs? This seems like a technical implementation detail that 
> should be left to the service providers. I am still not sure that 
> there's a valid use case for /requiring/ globally unique identifiers 
> across all tenants and resources unless the service provider chooses 
> to do so (e.g. by opting for a non-URL-based tenancy model). To 
> reiterate - the general principle of REST is to use URIs as global 
> identifiers and it seems unnecessary for SCIM to require anything 
> beyond this.
>
> Also, to clarify - I'm opposed to /requiring /uniqueness/across 
> tenants/, but I'm also opposed to requiring uniqueness /across 
> different resource types/. The language in the core schema for the 
> *id* attribute is a bit ambiguous about this:
>
>     Unique identifier for the SCIM Resource as defined by the Service
>     Provider. Each representation of the Resource MUST include a
>     non-empty id value. This identifier MUST be unique across the
>     Service Provider's entire set of Resources.
>
>
> The "entire set of Resources" may be interpreted as the set of 
> resources for a given resource type /or /across all resource types. As 
> discussed on this thread, it seems there should be no reason for 
> identifiers to be unique across different types of resources (i.e. 
> Users and Groups) even within the same tenant (provided the 
> clarifications to group membership are updated as discussed).
>
>
> On Thu, Mar 14, 2013 at 11:02 AM, Kelly Grizzle 
> <kelly.grizzle@sailpoint.com <mailto:kelly.grizzle@sailpoint.com>> wrote:
>
>     You're right ... generating a uuid is not hard.  My bigger concern
>     is where the SP is putting a SCIM interface on an existing
>     datastore (eg -- a multi-tenant app that uses a database per
>     tenant).  In this case we may be imposing a restriction that has
>     little value (if they have unique URIs) but won't be able to use
>     the underlying datastore's existing identifiers.
>
>     --Kelly
>
>     *From:*scim-bounces@ietf.org <mailto:scim-bounces@ietf.org>
>     [mailto:scim-bounces@ietf.org <mailto:scim-bounces@ietf.org>] *On
>     Behalf Of *Salvatore D'Agostino
>     *Sent:* Wednesday, March 13, 2013 11:34 PM
>     *To:* 'Phil Hunt'; Kelly Grizzle
>
>
>     *Cc:* scim@ietf.org <mailto:scim@ietf.org>; 'Shelley'; 'Morteza
>     Ansari (moransar)'
>     *Subject:* Re: [scim] Proposed Text for Multi-Tenancy
>
>     I'm with Phil,
>
>     RFC 4122  - x.667
>
>     Not that hard.
>
>     *From:*scim-bounces@ietf.org <mailto:scim-bounces@ietf.org>
>     [mailto:scim-bounces@ietf.org] *On Behalf Of *Phil Hunt
>     *Sent:* Wednesday, March 13, 2013 11:56 PM
>     *To:* Kelly Grizzle
>     *Cc:* scim@ietf.org <mailto:scim@ietf.org>; Shelley; Morteza
>     Ansari (moransar)
>     *Subject:* Re: [scim] Proposed Text for Multi-Tenancy
>
>     Hmmm...calculating a UUID is fairly straight forward and doesn't
>     require checking across tenancies to be universally unique (at
>     least statistically).
>
>     Phil
>
>     @independentid
>
>     www.independentid.com <http://www.independentid.com>
>
>     phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>
>
>     On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:
>
>     I agree with Shelley.  It is a significant burden on the service
>     provider to require fully unique IDs across tenants and resource
>     types.
>
>     >Given group members are only identified using the ID field
>
>     This is likely going to change with the reference attribute type
>     being added in issue #33.
>
>     >The SCIM id, defined by the Service Provider, MUST be unique
>     across all Resources for all Tenants
>
>     Maybe this could be reworded so that the MUST is conditional on
>     whether multi-tenancy uses fully unique URIs or not.
>
>     --Kelly
>
>     *From:*scim-bounces@ietf.org <mailto:scim-bounces@ietf.org>
>     [mailto:scim-bounces@ietf.org]*On Behalf Of*Morteza Ansari (moransar)
>     *Sent:*Wednesday, March 13, 2013 3:54 PM
>     *To:*Shelley; scim@ietf.org <mailto:scim@ietf.org>
>     *Subject:*Re: [scim] Proposed Text for Multi-Tenancy
>
>     Another reason for this is group membership. Given group members
>     are only identified using the ID field, if ID namespace is per
>     tenant, then you can't have groups that cross tenant boundary
>     regardless of whether the SP uses URL prefix or other mechanisms.
>
>     I do see your point that if SP is using multiple DB's, this
>     requirement adds additional burden on the SP.  I think the
>     original intent of this language (in 1.0) was for id to be unique
>     within a given endpoint (in your example each DB), but the
>     language is not quite clear.
>
>     Cheers,
>
>     Morteza
>
>     *From:*Shelley <randomshelley@gmail.com
>     <mailto:randomshelley@gmail.com>>
>     *Date:*Wednesday, March 13, 2013 11:17 AM
>     *To:*"scim@ietf.org <mailto:scim@ietf.org>" <scim@ietf.org
>     <mailto:scim@ietf.org>>
>     *Subject:*[scim] Proposed Text for Multi-Tenancy
>
>     As a developer of a service provider implementation that supports
>     multi-tenancy, this requirement seems a bit imposing with little
>     value. Given that all SCIM resources are relative to a given
>     tenant and to a particular endpoint/resource type, it seems that
>     the scope of SCIM identifiers need not go beyond these contexts.
>     The SCIM Protocol is built upon REST, which is resource-oriented
>     and based on URIs as GUIDs, and so requiring an additional GUID
>     beyond this seems unnecessary.
>
>     Technically, for example, assume that a service provider is using
>     a standard RDBMS to persist user and group resources. This
>     requirement now imposes uniqueness of identifiers across tables.
>     Further, consider a case where a separate database schema
>     maintains the data for each tenant. Not only must uniqueness be
>     guaranteed across tables, but also across schemas.
>
>     /a) Within the proposed text, there is no requirement that the
>     Service Provider use the URL to distinguish tenants.  Thus, a URL
>     including a non-unique SCIM Id would be ambiguous./
>
>
>     I agree that if service providers choose not to use URLs to
>     distinguish tenants, they must use unique resource identifiers
>     across all tenants. In that case, I'd suggest that the burden of
>     this limitation be placed on these service providers, not on all
>     service providers. This should be a factor in choosing such a
>     method for implementing multi-tenancy.
>
>     Given that the SCIM Protocol is built upon REST where URIs
>     uniquely identify resources, service providers that choose this
>     method should be aware of the limitation they are imposing. It is
>     my opinion, however, that this should be the exception and not
>     dictate requirements for all providers.
>
>     /b) There is a use case for retrieval of a resource when the
>     Consumer does not know the resource "type" and therefore cannot
>     use a specific resource end point. /
>
>
>     Could you elaborate on this use case? Further, if this is a valid
>     use case, why wouldn't the ability to search across multiple
>     resource types be sufficient for finding such resources? e.g:
>
>        GET /Tenants/abc?filter=externalId eq xyz
>        {
>           "totalResults": 1,
>           "Resources": [
>              {
>                "id": "123",
>                "resourceType": "User",
>                "externalId": "xyz",
>                "meta": {
>                    "location":
>     "https://example.com/Tenants/abc/Users/123",
>                    ...
>                },
>                ...
>              }
>           ],
>           ...
>        }
>
>     (Or alternative to the "resourceType", the response could contain
>     a list of "Users" and/or "Groups" instead of generic "Resources".)
>
>     The current SCIM protocol at least requires that resources are
>     created and managed at a particular resource endpoint, and the
>     introduction of the resource type and proposed search
>     functionality seem to offset any need for a global identifier
>     across all tenants and resources.
>
>     _______________________________________________
>     scim mailing list
>     scim@ietf.org <mailto:scim@ietf.org>
>     https://www.ietf.org/mailman/listinfo/scim
>
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--------------020605090708060301090909
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <br>
    The discussion at Friday's meeting led to the same conclusion --
    SCIM should not require the globally unique identifiers across
    tenants.&nbsp;&nbsp; That text will be removed from the next revision.&nbsp;&nbsp;&nbsp; <br>
    <br>
    -Bjorn<br>
    <br>
    <br>
    <div class="moz-cite-prefix">On 2013-03-20 6:09 PM, Shelley wrote:<br>
    </div>
    <blockquote
cite="mid:CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com"
      type="cite">Generating UUIDs may not be hard, but why should SCIM
      dictate the use of UUIDs? This seems like a technical
      implementation detail that should be left to the service
      providers. I am still not sure that there's a valid use case for <i>requiring</i>
      globally unique identifiers across all tenants and resources
      unless the service provider chooses to do so (e.g. by opting for a
      non-URL-based tenancy model). To reiterate - the general principle
      of REST is to use URIs as global identifiers and it seems
      unnecessary for SCIM to require anything beyond this.<br>
      <br>
      Also, to clarify - I'm opposed to <i>requiring </i>uniqueness<i>
        across tenants</i>, but I'm also opposed to requiring uniqueness
      <i>across different resource types</i>. The language in the core
      schema for the <b>id</b> attribute is a bit ambiguous about this:<br>
      <br>
      <blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid
        rgb(204,204,204);padding-left:1ex" class="gmail_quote">Unique
        identifier for the SCIM Resource as defined by the Service
        Provider. Each representation of the Resource MUST include a
        non-empty id value. This identifier MUST be unique across the
        Service Provider's entire set of Resources.<br>
      </blockquote>
      <br>
      The "entire set of Resources" may be interpreted as the set of
      resources for a given resource type <i>or </i>across all
      resource types. As discussed on this thread, it seems there should
      be no reason for identifiers to be unique across different types
      of resources (i.e. Users and Groups) even within the same tenant
      (provided the clarifications to group membership are updated as
      discussed).<br>
      <br>
      <br>
      <div class="gmail_quote">On Thu, Mar 14, 2013 at 11:02 AM, Kelly
        Grizzle <span dir="ltr">&lt;<a moz-do-not-send="true"
            href="mailto:kelly.grizzle@sailpoint.com" target="_blank">kelly.grizzle@sailpoint.com</a>&gt;</span>
        wrote:<br>
        <blockquote class="gmail_quote" style="margin:0 0 0
          .8ex;border-left:1px #ccc solid;padding-left:1ex">
          <div link="blue" vlink="purple" lang="EN-US">
            <div>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">You&#8217;re
                  right &#8230; generating a uuid is not hard.&nbsp; My bigger
                  concern is where the SP is putting a SCIM interface on
                  an existing datastore (eg &#8211; a multi-tenant app that
                  uses a database per tenant).&nbsp; In this case we may be
                  imposing a restriction that has little value (if they
                  have unique URIs) but won&#8217;t be able to use the
                  underlying datastore&#8217;s existing identifiers.</span></p>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">--Kelly</span></p>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
              <div>
                <div style="border:none;border-top:solid #b5c4df
                  1.0pt;padding:3.0pt 0in 0in 0in">
                  <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
                      <a moz-do-not-send="true"
                        href="mailto:scim-bounces@ietf.org"
                        target="_blank">scim-bounces@ietf.org</a>
                      [mailto:<a moz-do-not-send="true"
                        href="mailto:scim-bounces@ietf.org"
                        target="_blank">scim-bounces@ietf.org</a>]
                      <b>On Behalf Of </b>Salvatore D'Agostino<br>
                      <b>Sent:</b> Wednesday, March 13, 2013 11:34 PM<br>
                      <b>To:</b> 'Phil Hunt'; Kelly Grizzle</span></p>
                  <div>
                    <div><br>
                      <b>Cc:</b> <a moz-do-not-send="true"
                        href="mailto:scim@ietf.org" target="_blank">scim@ietf.org</a>;
                      'Shelley'; 'Morteza Ansari (moransar)'<br>
                      <b>Subject:</b> Re: [scim] Proposed Text for
                      Multi-Tenancy</div>
                  </div>
                </div>
              </div>
              <div>
                <div>
                  <p class="MsoNormal">&nbsp;</p>
                  <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">I&#8217;m
                      with Phil,
                    </span></p>
                  <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                  <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">RFC
                      4122 &nbsp;- x.667
                    </span></p>
                  <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                  <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">Not
                      that hard.</span></p>
                  <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                  <div>
                    <div style="border:none;border-top:solid #b5c4df
                      1.0pt;padding:3.0pt 0in 0in 0in">
                      <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
                          <a moz-do-not-send="true"
                            href="mailto:scim-bounces@ietf.org"
                            target="_blank">scim-bounces@ietf.org</a> [<a
                            moz-do-not-send="true"
                            href="mailto:scim-bounces@ietf.org"
                            target="_blank">mailto:scim-bounces@ietf.org</a>]
                          <b>On Behalf Of </b>Phil Hunt<br>
                          <b>Sent:</b> Wednesday, March 13, 2013 11:56
                          PM<br>
                          <b>To:</b> Kelly Grizzle<br>
                          <b>Cc:</b> <a moz-do-not-send="true"
                            href="mailto:scim@ietf.org" target="_blank">scim@ietf.org</a>;
                          Shelley; Morteza Ansari (moransar)<br>
                          <b>Subject:</b> Re: [scim] Proposed Text for
                          Multi-Tenancy</span></p>
                    </div>
                  </div>
                  <p class="MsoNormal">&nbsp;</p>
                  <p class="MsoNormal">Hmmm&#8230;calculating a UUID is fairly
                    straight forward and doesn't require checking across
                    tenancies to be universally unique (at least
                    statistically).</p>
                  <div>
                    <p class="MsoNormal">&nbsp;</p>
                    <div>
                      <div>
                        <div>
                          <div>
                            <div>
                              <div>
                                <div>
                                  <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;">Phil</span></p>
                                </div>
                                <div>
                                  <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                                </div>
                                <div>
                                  <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;">@independentid</span></p>
                                </div>
                                <div>
                                  <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;"><a
                                        moz-do-not-send="true"
                                        href="http://www.independentid.com"
                                        target="_blank">www.independentid.com</a></span></p>
                                </div>
                              </div>
                            </div>
                          </div>
                          <p class="MsoNormal"
                            style="margin-bottom:13.5pt"><span
style="font-size:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;"><a
                                moz-do-not-send="true"
                                href="mailto:phil.hunt@oracle.com"
                                target="_blank">phil.hunt@oracle.com</a></span></p>
                        </div>
                        <p class="MsoNormal"><span
style="font-size:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                      </div>
                      <p class="MsoNormal" style="margin-bottom:12.0pt">&nbsp;</p>
                    </div>
                    <p class="MsoNormal">&nbsp;</p>
                    <div>
                      <div>
                        <p class="MsoNormal">On 2013-03-13, at 8:26 PM,
                          Kelly Grizzle wrote:</p>
                      </div>
                      <p class="MsoNormal" style="margin-bottom:12.0pt">&nbsp;</p>
                      <div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">I
                              agree with Shelley.&nbsp; It is a significant
                              burden on the service provider to require
                              fully unique IDs across tenants and
                              resource types.</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&gt;<span>&nbsp;</span></span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">Given
                              group members are only identified using
                              the ID field</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">This
                              is likely going to change with the
                              reference attribute type being added in
                              issue #33.</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&gt;<span>&nbsp;</span></span><span
                              style="background:white;font-size:11.5pt">The
                              SCIM id, defined by the Service Provider,
                              MUST be unique across all Resources for
                              all Tenants</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">Maybe
                              this could be reworded so that the MUST is
                              conditional on whether multi-tenancy uses
                              fully unique URIs or not.</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">--Kelly</span></p>
                        </div>
                        <div>
                          <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span></p>
                        </div>
                        <div>
                          <div style="border:none;border-top:solid
                            #b5c4df 1.0pt;padding:3.0pt 0in 0in
                            0in;border-width:initial;border-color:initial">
                            <div>
                              <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">&nbsp;</span></span><span
style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"><a
                                    moz-do-not-send="true"
                                    href="mailto:scim-bounces@ietf.org"
                                    target="_blank">scim-bounces@ietf.org</a>
                                  [<a moz-do-not-send="true"
                                    href="mailto:scim-bounces@ietf.org"
                                    target="_blank">mailto:scim-bounces@ietf.org</a>]<span>&nbsp;</span><b>On
                                    Behalf Of<span>&nbsp;</span></b>Morteza
                                  Ansari (moransar)<br>
                                  <b>Sent:</b><span>&nbsp;</span>Wednesday,
                                  March 13, 2013 3:54 PM<br>
                                  <b>To:</b><span>&nbsp;</span>Shelley; <a
                                    moz-do-not-send="true"
                                    href="mailto:scim@ietf.org"
                                    target="_blank">
                                    scim@ietf.org</a><br>
                                  <b>Subject:</b><span>&nbsp;</span>Re:
                                  [scim] Proposed Text for Multi-Tenancy</span></p>
                            </div>
                          </div>
                        </div>
                        <div>
                          <p class="MsoNormal">&nbsp;</p>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">Another
                                reason for this is group membership.
                                Given group members are only identified
                                using the ID field, if ID namespace is
                                per tenant, then you can't have groups
                                that cross tenant boundary regardless of
                                whether the SP uses URL prefix or other
                                mechanisms.</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">I
                                do see your point that if SP is using
                                multiple DB's, this requirement adds
                                additional burden on the SP. &nbsp;I think
                                the original intent of this language (in
                                1.0) was for id to be unique within a
                                given endpoint (in your example each
                                DB), but the language is not quite
                                clear.</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">Cheers,</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">Morteza</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                          </div>
                        </div>
                        <div style="border:none;border-top:solid #b5c4df
                          1.0pt;padding:3.0pt 0in 0in
                          0in;border-width:initial;border-color:initial">
                          <div>
                            <p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">From:<span>&nbsp;</span></span></b><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">Shelley
                                &lt;<a moz-do-not-send="true"
                                  href="mailto:randomshelley@gmail.com"
                                  target="_blank">randomshelley@gmail.com</a>&gt;<br>
                                <b>Date:<span>&nbsp;</span></b>Wednesday,
                                March 13, 2013 11:17 AM<br>
                                <b>To:<span>&nbsp;</span></b>"<a
                                  moz-do-not-send="true"
                                  href="mailto:scim@ietf.org"
                                  target="_blank">scim@ietf.org</a>"
                                &lt;<a moz-do-not-send="true"
                                  href="mailto:scim@ietf.org"
                                  target="_blank">scim@ietf.org</a>&gt;<br>
                                <b>Subject:<span>&nbsp;</span></b>[scim]
                                Proposed Text for Multi-Tenancy</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>
                          </div>
                        </div>
                        <div>
                          <div>
                            <p class="MsoNormal"
                              style="margin-bottom:12.0pt"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">As
                                a developer of a service provider
                                implementation that supports
                                multi-tenancy, this requirement seems a
                                bit imposing with little value. Given
                                that all SCIM resources are relative to
                                a given tenant and to a particular
                                endpoint/resource type, it seems that
                                the scope of SCIM identifiers need not
                                go beyond these contexts. The SCIM
                                Protocol is built upon REST, which is
                                resource-oriented and based on URIs as
                                GUIDs, and so requiring an additional
                                GUID beyond this seems unnecessary.<br>
                                <br>
                                Technically, for example, assume that a
                                service provider is using a standard
                                RDBMS to persist user and group
                                resources. This requirement now imposes
                                uniqueness of identifiers across tables.
                                Further, consider a case where a
                                separate database schema maintains the
                                data for each tenant. Not only must
                                uniqueness be guaranteed across tables,
                                but also across schemas.</span></p>
                            <div>
                              <p class="MsoNormal"><i><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">a)
                                    Within the proposed text, there is
                                    no requirement that the Service
                                    Provider use the URL to distinguish
                                    tenants.&nbsp; Thus, a URL including a
                                    non-unique SCIM Id would be
                                    ambiguous.</span></i></p>
                            </div>
                            <p class="MsoNormal"
                              style="margin-bottom:12.0pt"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
                                I agree that if service providers choose
                                not to use URLs to distinguish tenants,
                                they must use unique resource
                                identifiers across all tenants. In that
                                case, I'd suggest that the burden of
                                this limitation be placed on these
                                service providers, not on all service
                                providers. This should be a factor in
                                choosing such a method for implementing
                                multi-tenancy.<br>
                                <br>
                                Given that the SCIM Protocol is built
                                upon REST where URIs uniquely identify
                                resources, service providers that choose
                                this method should be aware of the
                                limitation they are imposing. It is my
                                opinion, however, that this should be
                                the exception and not dictate
                                requirements for all providers.</span></p>
                            <div>
                              <p class="MsoNormal"><i><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">b)
                                    There is a use case for retrieval of
                                    a resource when the Consumer does
                                    not know the resource "type" and
                                    therefore cannot use a specific
                                    resource end point.&nbsp;&nbsp;</span></i></p>
                            </div>
                            <div>
                              <p class="MsoNormal"><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
                                  Could you elaborate on this use case?
                                  Further, if this is a valid use case,
                                  why wouldn't the ability to search
                                  across multiple resource types be
                                  sufficient for finding such resources?
                                  e.g:<br>
                                  <br>
                                </span><span
                                  style="font-size:10.5pt;font-family:&quot;Courier
                                  New&quot;">&nbsp;&nbsp; GET
                                  /Tenants/abc?filter=externalId eq xyz<br>
                                  &nbsp;&nbsp; {<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "totalResults": 1,<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "Resources": [</span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
                                </span><span
                                  style="font-size:10.5pt;font-family:&quot;Courier
                                  New&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "id": "123",<br>
                                  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "resourceType": "User",<br>
                                  &nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "externalId": "xyz",</span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
                                </span><span
                                  style="font-size:10.5pt;font-family:&quot;Courier
                                  New&quot;">&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; "meta": {<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "location": "<a
                                    moz-do-not-send="true"
                                    href="https://example.com/Tenants/abc/Users/123"
                                    target="_blank">https://example.com/Tenants/abc/Users/123</a>",<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; ...<br>
                                  &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; },<br>
                                  &nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>
                                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
                                  &nbsp;&nbsp; }<br>
                                </span><span
style="font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
                                  (Or alternative to the "resourceType",
                                  the response could contain a list of
                                  "Users" and/or "Groups" instead of
                                  generic "Resources".)<br>
                                  <br>
                                  The current SCIM protocol at least
                                  requires that resources are created
                                  and managed at a particular resource
                                  endpoint, and the introduction of the
                                  resource type and proposed search
                                  functionality seem to offset any need
                                  for a global identifier across all
                                  tenants and resources.</span></p>
                            </div>
                          </div>
                        </div>
                        <p class="MsoNormal"><span
style="font-size:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;">_______________________________________________<br>
                            scim mailing list<br>
                            <a moz-do-not-send="true"
                              href="mailto:scim@ietf.org"
                              target="_blank">scim@ietf.org</a><br>
                            <a moz-do-not-send="true"
                              href="https://www.ietf.org/mailman/listinfo/scim"
                              target="_blank">https://www.ietf.org/mailman/listinfo/scim</a></span></p>
                      </div>
                    </div>
                    <p class="MsoNormal">&nbsp;</p>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </blockquote>
      </div>
      <br>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
scim mailing list
<a class="moz-txt-link-abbreviated" href="mailto:scim@ietf.org">scim@ietf.org</a>
<a class="moz-txt-link-freetext" href="https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman/listinfo/scim</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>

--------------020605090708060301090909--

From phil.hunt@oracle.com  Wed Mar 20 19:31:45 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2285111E8127 for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 19:31:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.052
X-Spam-Level: 
X-Spam-Status: No, score=-5.052 tagged_above=-999 required=5 tests=[AWL=0.150,  BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EfcWvP3wTjbS for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 19:31:43 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id EC88E11E8122 for <scim@ietf.org>; Wed, 20 Mar 2013 19:31:40 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2L2VcBb026456 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 21 Mar 2013 02:31:39 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2L2VcI4025414 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 21 Mar 2013 02:31:38 GMT
Received: from abhmt109.oracle.com (abhmt109.oracle.com [141.146.116.61]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2L2VcLM031738; Wed, 20 Mar 2013 21:31:38 -0500
Received: from [192.168.40.100] (/207.6.31.219) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 20 Mar 2013 19:31:37 -0700
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com> <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com> <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com>
Content-Type: multipart/alternative; boundary=Apple-Mail-EA3AA516-767F-42DC-BE1A-A8EE581943C2
Content-Transfer-Encoding: 7bit
Message-Id: <196FDFD1-2331-4F8C-BECD-A8E15AE2AF04@oracle.com>
X-Mailer: iPhone Mail (10B146)
From: Phil Hunt <phil.hunt@oracle.com>
Date: Wed, 20 Mar 2013 19:31:35 -0700
To: Shelley <randomshelley@gmail.com>
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2013 02:31:45 -0000

--Apple-Mail-EA3AA516-767F-42DC-BE1A-A8EE581943C2
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

Unfortunately group memberships and multi-tenancy seems to cause the complic=
ation at the moment.=20

There was discussion in orlando about allowing optional reference attribute a=
s an alternative way to point to a member, since the old way depends on a un=
ique id - which in multi tenant scenarios becomes a problem.=20

Phil

Sent from my phone.

On 2013-03-20, at 16:09, Shelley <randomshelley@gmail.com> wrote:

> Generating UUIDs may not be hard, but why should SCIM dictate the use of U=
UIDs? This seems like a technical implementation detail that should be left t=
o the service providers. I am still not sure that there's a valid use case f=
or requiring globally unique identifiers across all tenants and resources un=
less the service provider chooses to do so (e.g. by opting for a non-URL-bas=
ed tenancy model). To reiterate - the general principle of REST is to use UR=
Is as global identifiers and it seems unnecessary for SCIM to require anythi=
ng beyond this.
>=20
> Also, to clarify - I'm opposed to requiring uniqueness across tenants, but=
 I'm also opposed to requiring uniqueness across different resource types. T=
he language in the core schema for the id attribute is a bit ambiguous about=
 this:
>=20
>> Unique identifier for the SCIM Resource as defined by the Service Provide=
r. Each representation of the             Resource MUST include a non-empty i=
d value. This identifier MUST             be unique across the Service Provi=
der's entire set of Resources.
>=20
> The "entire set of Resources" may be interpreted as the set of resources f=
or a given resource type or across all resource types. As discussed on this t=
hread, it seems there should be no reason for identifiers to be unique acros=
s different types of resources (i.e. Users and Groups) even within the same t=
enant (provided the clarifications to group membership are updated as discus=
sed).
>=20
>=20
> On Thu, Mar 14, 2013 at 11:02 AM, Kelly Grizzle <kelly.grizzle@sailpoint.c=
om> wrote:
>> You=E2=80=99re right =E2=80=A6 generating a uuid is not hard.  My bigger c=
oncern is where the SP is putting a SCIM interface on an existing datastore (=
eg =E2=80=93 a multi-tenant app that uses a database per tenant).  In this c=
ase we may be imposing a restriction that has little value (if they have uni=
que URIs) but won=E2=80=99t be able to use the underlying datastore=E2=80=99=
s existing identifiers.
>>=20
>> =20
>>=20
>> --Kelly
>>=20
>> =20
>>=20
>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of S=
alvatore D'Agostino
>> Sent: Wednesday, March 13, 2013 11:34 PM
>> To: 'Phil Hunt'; Kelly Grizzle
>>=20
>>=20
>> Cc: scim@ietf.org; 'Shelley'; 'Morteza Ansari (moransar)'
>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>> =20
>>=20
>> I=E2=80=99m with Phil,
>>=20
>> =20
>>=20
>> RFC 4122  - x.667
>>=20
>> =20
>>=20
>> Not that hard.
>>=20
>> =20
>>=20
>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of P=
hil Hunt
>> Sent: Wednesday, March 13, 2013 11:56 PM
>> To: Kelly Grizzle
>> Cc: scim@ietf.org; Shelley; Morteza Ansari (moransar)
>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>=20
>> =20
>>=20
>> Hmmm=E2=80=A6calculating a UUID is fairly straight forward and doesn't re=
quire checking across tenancies to be universally unique (at least statistic=
ally).
>>=20
>> =20
>>=20
>> Phil
>>=20
>> =20
>>=20
>> @independentid
>>=20
>> www.independentid.com
>>=20
>> phil.hunt@oracle.com
>>=20
>> =20
>>=20
>> =20
>>=20
>> =20
>>=20
>> On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:
>>=20
>> =20
>>=20
>> I agree with Shelley.  It is a significant burden on the service provider=
 to require fully unique IDs across tenants and resource types.
>>=20
>> =20
>>=20
>> > Given group members are only identified using the ID field
>>=20
>> =20
>>=20
>> This is likely going to change with the reference attribute type being ad=
ded in issue #33.
>>=20
>> =20
>>=20
>> =20
>>=20
>> > The SCIM id, defined by the Service Provider, MUST be unique across all=
 Resources for all Tenants
>>=20
>> =20
>>=20
>> Maybe this could be reworded so that the MUST is conditional on whether m=
ulti-tenancy uses fully unique URIs or not.
>>=20
>> =20
>>=20
>> --Kelly
>>=20
>> =20
>>=20
>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of M=
orteza Ansari (moransar)
>> Sent: Wednesday, March 13, 2013 3:54 PM
>> To: Shelley; scim@ietf.org
>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>=20
>> =20
>>=20
>> Another reason for this is group membership. Given group members are only=
 identified using the ID field, if ID namespace is per tenant, then you can'=
t have groups that cross tenant boundary regardless of whether the SP uses U=
RL prefix or other mechanisms.
>>=20
>> =20
>>=20
>> I do see your point that if SP is using multiple DB's, this requirement a=
dds additional burden on the SP.  I think the original intent of this langua=
ge (in 1.0) was for id to be unique within a given endpoint (in your example=
 each DB), but the language is not quite clear.
>>=20
>> =20
>>=20
>> =20
>>=20
>> Cheers,
>>=20
>> Morteza
>>=20
>> =20
>>=20
>> From: Shelley <randomshelley@gmail.com>
>> Date: Wednesday, March 13, 2013 11:17 AM
>> To: "scim@ietf.org" <scim@ietf.org>
>> Subject: [scim] Proposed Text for Multi-Tenancy
>>=20
>> =20
>>=20
>> As a developer of a service provider implementation that supports multi-t=
enancy, this requirement seems a bit imposing with little value. Given that a=
ll SCIM resources are relative to a given tenant and to a particular endpoin=
t/resource type, it seems that the scope of SCIM identifiers need not go bey=
ond these contexts. The SCIM Protocol is built upon REST, which is resource-=
oriented and based on URIs as GUIDs, and so requiring an additional GUID bey=
ond this seems unnecessary.
>>=20
>> Technically, for example, assume that a service provider is using a stand=
ard RDBMS to persist user and group resources. This requirement now imposes u=
niqueness of identifiers across tables. Further, consider a case where a sep=
arate database schema maintains the data for each tenant. Not only must uniq=
ueness be guaranteed across tables, but also across schemas.
>>=20
>> a) Within the proposed text, there is no requirement that the Service Pro=
vider use the URL to distinguish tenants.  Thus, a URL including a non-uniqu=
e SCIM Id would be ambiguous.
>>=20
>>=20
>> I agree that if service providers choose not to use URLs to distinguish t=
enants, they must use unique resource identifiers across all tenants. In tha=
t case, I'd suggest that the burden of this limitation be placed on these se=
rvice providers, not on all service providers. This should be a factor in ch=
oosing such a method for implementing multi-tenancy.
>>=20
>> Given that the SCIM Protocol is built upon REST where URIs uniquely ident=
ify resources, service providers that choose this method should be aware of t=
he limitation they are imposing. It is my opinion, however, that this should=
 be the exception and not dictate requirements for all providers.
>>=20
>> b) There is a use case for retrieval of a resource when the Consumer does=
 not know the resource "type" and therefore cannot use a specific resource e=
nd point. =20
>>=20
>>=20
>> Could you elaborate on this use case? Further, if this is a valid use cas=
e, why wouldn't the ability to search across multiple resource types be suff=
icient for finding such resources? e.g:
>>=20
>>    GET /Tenants/abc?filter=3DexternalId eq xyz
>>    {
>>       "totalResults": 1,
>>       "Resources": [
>>          {
>>            "id": "123",
>>            "resourceType": "User",
>>            "externalId": "xyz",
>>            "meta": {
>>                "location": "https://example.com/Tenants/abc/Users/123",
>>                ...
>>            },
>>            ...
>>          }
>>       ],
>>       ...
>>    }
>>=20
>> (Or alternative to the "resourceType", the response could contain a list o=
f "Users" and/or "Groups" instead of generic "Resources".)
>>=20
>> The current SCIM protocol at least requires that resources are created an=
d managed at a particular resource endpoint, and the introduction of the res=
ource type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants and resources.
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

--Apple-Mail-EA3AA516-767F-42DC-BE1A-A8EE581943C2
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D=
utf-8"></head><body dir=3D"auto"><div>Unfortunately group memberships and mu=
lti-tenancy seems to cause the complication at the moment.&nbsp;</div><div><=
br></div><div>There was discussion in orlando about allowing optional refere=
nce attribute as an alternative way to point to a member, since the old way d=
epends on a unique id - which in multi tenant scenarios becomes a problem.&n=
bsp;<br><br>Phil<div><br></div><div>Sent from my phone.</div></div><div><br>=
On 2013-03-20, at 16:09, Shelley &lt;<a href=3D"mailto:randomshelley@gmail.c=
om">randomshelley@gmail.com</a>&gt; wrote:<br><br></div><blockquote type=3D"=
cite"><div>Generating UUIDs may not be hard, but why should SCIM dictate the=
 use of UUIDs? This seems like a technical implementation detail that should=
 be left to the service providers. I am still not sure that there's a valid u=
se case for <i>requiring</i> globally unique identifiers across all tenants a=
nd resources unless the service provider chooses to do so (e.g. by opting fo=
r a non-URL-based tenancy model). To reiterate - the general principle of RE=
ST is to use URIs as global identifiers and it seems unnecessary for SCIM to=
 require anything beyond this.<br>
<br>Also, to clarify - I'm opposed to <i>requiring </i>uniqueness<i> across t=
enants</i>, but I'm also opposed to requiring uniqueness <i>across different=
 resource types</i>. The language in the core schema for the <b>id</b> attri=
bute is a bit ambiguous about this:<br>
<br><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(=
204,204,204);padding-left:1ex" class=3D"gmail_quote">Unique identifier for t=
he SCIM Resource as
            defined by the Service Provider. Each representation of the
            Resource MUST include a non-empty id value. This identifier MUST=

            be unique across the Service Provider's entire set of Resources.=
<br></blockquote><br>The "entire set of Resources" may be interpreted as the=
 set of resources for a given resource type <i>or </i>across all resource ty=
pes. As discussed on this thread, it seems there should be no reason for ide=
ntifiers to be unique across different types of resources (i.e. Users and Gr=
oups) even within the same tenant (provided the clarifications to group memb=
ership are updated as discussed).<br>
<br><br><div class=3D"gmail_quote">On Thu, Mar 14, 2013 at 11:02 AM, Kelly G=
rizzle <span dir=3D"ltr">&lt;<a href=3D"mailto:kelly.grizzle@sailpoint.com" t=
arget=3D"_blank">kelly.grizzle@sailpoint.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px=
 #ccc solid;padding-left:1ex">





<div link=3D"blue" vlink=3D"purple" lang=3D"EN-US">
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">You=E2=80=99re right =E2=80=
=A6 generating a uuid is not hard.&nbsp; My bigger concern is where the SP i=
s putting a SCIM interface on an existing datastore (eg =E2=80=93 a multi-te=
nant app
 that uses a database per tenant).&nbsp; In this case we may be imposing a r=
estriction that has little value (if they have unique URIs) but won=E2=80=99=
t be able to use the underlying datastore=E2=80=99s existing identifiers.<u>=
</u><u></u></span></p>


<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>&nbsp;<u></u></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">--Kelly<u></u><u></u></span=
></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>&nbsp;<u></u></span>=
</p>
<div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0=
in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot;=
Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-siz=
e:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> <a href=3D"=
mailto:scim-bounces@ietf.org" target=3D"_blank">scim-bounces@ietf.org</a> [m=
ailto:<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-bounce=
s@ietf.org</a>]
<b>On Behalf Of </b>Salvatore D'Agostino<br>
<b>Sent:</b> Wednesday, March 13, 2013 11:34 PM<br>
<b>To:</b> 'Phil Hunt'; Kelly Grizzle</span></p><div><div><br>
<b>Cc:</b> <a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org<=
/a>; 'Shelley'; 'Morteza Ansari (moransar)'<br>
<b>Subject:</b> Re: [scim] Proposed Text for Multi-Tenancy<u></u><u></u></di=
v></div><p></p>
</div>
</div><div><div>
<p class=3D"MsoNormal"><u></u>&nbsp;<u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">I=E2=80=99m with Phil,
<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>&nbsp;<u></u></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">RFC 4122 &nbsp;- x.667
<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>&nbsp;<u></u></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">Not that hard.<u></u><u></u=
></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>&nbsp;<u></u></span>=
</p>
<div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0=
in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot;=
Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-siz=
e:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-bounces@ietf=
.org</a> [<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">mailto:=
scim-bounces@ietf.org</a>]
<b>On Behalf Of </b>Phil Hunt<br>
<b>Sent:</b> Wednesday, March 13, 2013 11:56 PM<br>
<b>To:</b> Kelly Grizzle<br>
<b>Cc:</b> <a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org<=
/a>; Shelley; Morteza Ansari (moransar)<br>
<b>Subject:</b> Re: [scim] Proposed Text for Multi-Tenancy<u></u><u></u></sp=
an></p>
</div>
</div>
<p class=3D"MsoNormal"><u></u>&nbsp;<u></u></p>
<p class=3D"MsoNormal">Hmmm=E2=80=A6calculating a UUID is fairly straight fo=
rward and doesn't require checking across tenancies to be universally unique=
 (at least statistically).<u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><u></u>&nbsp;<u></u></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Helv=
etica&quot;,&quot;sans-serif&quot;">Phil<u></u><u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Helv=
etica&quot;,&quot;sans-serif&quot;"><u></u>&nbsp;<u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Helv=
etica&quot;,&quot;sans-serif&quot;">@independentid<u></u><u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Helv=
etica&quot;,&quot;sans-serif&quot;"><a href=3D"http://www.independentid.com"=
 target=3D"_blank">www.independentid.com</a><u></u><u></u></span></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:13.5pt"><span style=3D"font-si=
ze:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;"><a href=3D=
"mailto:phil.hunt@oracle.com" target=3D"_blank">phil.hunt@oracle.com</a><u><=
/u><u></u></span></p>


</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;"><u></u>&nbsp;<u></u></span></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><u></u>&nbsp;<u></u></=
p>
</div>
<p class=3D"MsoNormal"><u></u>&nbsp;<u></u></p>
<div>
<div>
<p class=3D"MsoNormal">On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:<u></u=
><u></u></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><u></u>&nbsp;<u></u></=
p>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">I agree with Shelley.&nbsp;=
 It is a significant burden on the service provider to require fully unique I=
Ds across tenants and resource types.</span><u></u><u></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span><u></u><u></u>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&gt;<span>&nbsp;</span></sp=
an><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;san=
s-serif&quot;">Given group members are only
 identified using the ID field</span><u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">&nbsp;</span><u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">This is likely going to cha=
nge with the reference attribute type being added in issue #33.</span><u></u=
><u></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span><u></u><u></u>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span><u></u><u></u>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&gt;<span>&nbsp;</span></sp=
an><span style=3D"background:white;font-size:11.5pt">The SCIM id, defined by=
 the Service Provider,
 MUST be unique across all Resources for all Tenants</span><u></u><u></u></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span><u></u><u></u>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">Maybe this could be reworde=
d so that the MUST is conditional on whether multi-tenancy uses fully unique=
 URIs or not.</span><u></u><u></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span><u></u><u></u>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">--Kelly</span><u></u><u></u=
></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;;color:#1f497d">&nbsp;</span><u></u><u></u>=
</p>
</div>
<div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0=
in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot;=
Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span><span style=3D"fo=
nt-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">&nbsp;=
</span></span><span style=3D"font-size:10.0pt;font-family:&quot;Tahoma&quot;=
,&quot;sans-serif&quot;"><a href=3D"mailto:scim-bounces@ietf.org" target=3D"=
_blank">scim-bounces@ietf.org</a>
 [<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">mailto:scim-bou=
nces@ietf.org</a>]<span>&nbsp;</span><b>On Behalf Of<span>&nbsp;</span></b>M=
orteza Ansari (moransar)<br>
<b>Sent:</b><span>&nbsp;</span>Wednesday, March 13, 2013 3:54 PM<br>
<b>To:</b><span>&nbsp;</span>Shelley; <a href=3D"mailto:scim@ietf.org" targe=
t=3D"_blank">
scim@ietf.org</a><br>
<b>Subject:</b><span>&nbsp;</span>Re: [scim] Proposed Text for Multi-Tenancy=
</span><u></u><u></u></p>
</div>
</div>
</div>
<div>
<p class=3D"MsoNormal">&nbsp;<u></u><u></u></p>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">Another reason for this is group membersh=
ip. Given group members are only identified using the ID field, if ID namesp=
ace is per tenant, then you can't have groups
 that cross tenant boundary regardless of whether the SP uses URL prefix or o=
ther mechanisms.</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">&nbsp;</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">I do see your point that if SP is using m=
ultiple DB's, this requirement adds additional burden on the SP. &nbsp;I thi=
nk the original intent of this language (in 1.0)
 was for id to be unique within a given endpoint (in your example each DB), b=
ut the language is not quite clear.</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">&nbsp;</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">&nbsp;</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">Cheers,</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">Morteza</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">&nbsp;</span><u></u><u></u></p>
</div>
</div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0=
in 0in;border-width:initial;border-color:initial">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:&quot;=
Calibri&quot;,&quot;sans-serif&quot;">From:<span>&nbsp;</span></span></b><sp=
an style=3D"font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-seri=
f&quot;">Shelley &lt;<a href=3D"mailto:randomshelley@gmail.com" target=3D"_b=
lank">randomshelley@gmail.com</a>&gt;<br>


<b>Date:<span>&nbsp;</span></b>Wednesday, March 13, 2013 11:17 AM<br>
<b>To:<span>&nbsp;</span></b>"<a href=3D"mailto:scim@ietf.org" target=3D"_bl=
ank">scim@ietf.org</a>" &lt;<a href=3D"mailto:scim@ietf.org" target=3D"_blan=
k">scim@ietf.org</a>&gt;<br>
<b>Subject:<span>&nbsp;</span></b>[scim] Proposed Text for Multi-Tenancy</sp=
an><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;">&nbsp;</span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-si=
ze:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">As a devel=
oper of a service provider implementation that supports multi-tenancy, this r=
equirement seems a bit imposing with little
 value. Given that all SCIM resources are relative to a given tenant and to a=
 particular endpoint/resource type, it seems that the scope of SCIM identifi=
ers need not go beyond these contexts. The SCIM Protocol is built upon REST,=
 which is resource-oriented
 and based on URIs as GUIDs, and so requiring an additional GUID beyond this=
 seems unnecessary.<br>
<br>
Technically, for example, assume that a service provider is using a standard=
 RDBMS to persist user and group resources. This requirement now imposes uni=
queness of identifiers across tables. Further, consider a case where a separ=
ate database schema maintains
 the data for each tenant. Not only must uniqueness be guaranteed across tab=
les, but also across schemas.</span><u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot;=
Calibri&quot;,&quot;sans-serif&quot;">a) Within the proposed text, there is n=
o requirement that the Service Provider use the URL to distinguish tenants.&=
nbsp; Thus, a URL including a non-unique SCIM
 Id would be ambiguous.</span></i><u></u><u></u></p>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><span style=3D"font-si=
ze:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
I agree that if service providers choose not to use URLs to distinguish tena=
nts, they must use unique resource identifiers across all tenants. In that c=
ase, I'd suggest that the burden of this limitation be placed on these servi=
ce providers, not on all service
 providers. This should be a factor in choosing such a method for implementi=
ng multi-tenancy.<br>
<br>
Given that the SCIM Protocol is built upon REST where URIs uniquely identify=
 resources, service providers that choose this method should be aware of the=
 limitation they are imposing. It is my opinion, however, that this should b=
e the exception and not dictate
 requirements for all providers.</span><u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><i><span style=3D"font-size:10.5pt;font-family:&quot;=
Calibri&quot;,&quot;sans-serif&quot;">b) There is a use case for retrieval o=
f a resource when the Consumer does not know the resource "type" and therefo=
re cannot use a specific resource end point.&nbsp;&nbsp;</span></i><u></u><u=
></u></p>


</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.5pt;font-family:&quot;Cal=
ibri&quot;,&quot;sans-serif&quot;"><br>
Could you elaborate on this use case? Further, if this is a valid use case, w=
hy wouldn't the ability to search across multiple resource types be sufficie=
nt for finding such resources? e.g:<br>
<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;">=
&nbsp;&nbsp; GET /Tenants/abc?filter=3DexternalId eq xyz<br>
&nbsp;&nbsp; {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "totalResults": 1,<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "Resources": [</span><span style=3D"font-size=
:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;">=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "id": "123",<br=
>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "resourceType": "Use=
r",<br>
&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "externalId": "xyz",</spa=
n><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot;sans=
-serif&quot;"><br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Courier New&quot;">=
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; "meta": {<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "=
location": "<a href=3D"https://example.com/Tenants/abc/Users/123" target=3D"=
_blank">https://example.com/Tenants/abc/Users/123</a>",<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp; .=
..<br>
&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; },<br>
&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ],<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ...<br>
&nbsp;&nbsp; }<br>
</span><span style=3D"font-size:10.5pt;font-family:&quot;Calibri&quot;,&quot=
;sans-serif&quot;"><br>
(Or alternative to the "resourceType", the response could contain a list of "=
Users" and/or "Groups" instead of generic "Resources".)<br>
<br>
The current SCIM protocol at least requires that resources are created and m=
anaged at a particular resource endpoint, and the introduction of the resour=
ce type and proposed search functionality seem to offset any need for a glob=
al identifier across all tenants
 and resources.</span><u></u><u></u></p>
</div>
</div>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;">_______________________________________=
________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">htt=
ps://www.ietf.org/mailman/listinfo/scim</a><u></u><u></u></span></p>
</div>
</div>
<p class=3D"MsoNormal"><u></u>&nbsp;<u></u></p>
</div>
</div></div></div>
</div>

</blockquote></div><br>
</div></blockquote><blockquote type=3D"cite"><div><span>____________________=
___________________________</span><br><span>scim mailing list</span><br><spa=
n><a href=3D"mailto:scim@ietf.org">scim@ietf.org</a></span><br><span><a href=
=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mailman=
/listinfo/scim</a></span><br></div></blockquote></body></html>=

--Apple-Mail-EA3AA516-767F-42DC-BE1A-A8EE581943C2--

From mark.ennis@viewds.com  Wed Mar 20 19:39:00 2013
Return-Path: <mark.ennis@viewds.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 567B821F8233 for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 19:39:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UBxzURp3Ntfa for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 19:38:59 -0700 (PDT)
Received: from mail-pd0-f177.google.com (mail-pd0-f177.google.com [209.85.192.177]) by ietfa.amsl.com (Postfix) with ESMTP id AFBC421F84CA for <scim@ietf.org>; Wed, 20 Mar 2013 19:38:54 -0700 (PDT)
Received: by mail-pd0-f177.google.com with SMTP id y14so874334pdi.36 for <scim@ietf.org>; Wed, 20 Mar 2013 19:38:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding:x-gm-message-state; bh=AoPIuVT2I95BShUklu/yFDPLiHUcuHrFlb4Fl6osnmg=; b=EfoNXxzb6G530uZ5JIodKUUzEUN91MnYSz7tvYryR03lhQYozuGsipryy4QiGayMBu maxByiDeMDCyVMLa/P2hQqL638ltG6TGJu9FEOk2l3ThtnSqUqAeABSGP3kUzAvYlKZw /NnJWAg3u2hpjGaXRJMLrgPAvyDawBgbrxsFQGm3OYjGY4FLV/G1nxJFqt0h85wSmrc4 3vz9XfFdktXEit0yz0FUiUP6ULhkBHrK/TDwMR7yNA997TQyYG/bGvmknQNct4U5CWJx y5u6rHAiTZ9/ST9LOHq1tTHkqnnUDRHiNW121RpD8KNf10ZFc6EdshutcqA2jZBHazKs P7XA==
X-Received: by 10.68.221.68 with SMTP id qc4mr12465751pbc.152.1363833534352; Wed, 20 Mar 2013 19:38:54 -0700 (PDT)
Received: from garm.software-aus.com.au (eth3065.vic.adsl.internode.on.net. [150.101.156.248]) by mx.google.com with ESMTPS id qb10sm4165040pbb.43.2013.03.20.19.38.51 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 20 Mar 2013 19:38:53 -0700 (PDT)
Message-ID: <514A72B5.30306@viewds.com>
Date: Thu, 21 Mar 2013 13:38:45 +1100
From: Mark Ennis <mark.ennis@viewds.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: Phil Hunt <phil.hunt@oracle.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com> <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com> <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com> <196FDFD1-2331-4F8C-BECD-A8E15AE2AF04@oracle.com>
In-Reply-To: <196FDFD1-2331-4F8C-BECD-A8E15AE2AF04@oracle.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Gm-Message-State: ALoCoQltnWMlrPJpU9vYUjeYnkkhYA3PCe0Ttf/lV5oqU84sh7k6Fyymg2dfFHqjQghiH4FcA0C2
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2013 02:39:00 -0000

The issue of identifying members of a group when that member is not in 
the local repository is an issue that should be addressed independently 
of the multi-tenancy issue. Whether you are identifying an object in 
another tenant of the current service or on a different service should 
make no difference to the solution. Forcing service providers to 
implement uniqueness across all tenants seems unnecessary and doesn't 
address the real issue.

- Mark.

On 21/03/13 13:31, Phil Hunt wrote:
> Unfortunately group memberships and multi-tenancy seems to cause the complication at the moment.
>
> There was discussion in orlando about allowing optional reference attribute as an alternative way to point to a member, since the old way depends on a unique id - which in multi tenant scenarios becomes a problem.
>
> Phil
>
> Sent from my phone.
>
> On 2013-03-20, at 16:09, Shelley <randomshelley@gmail.com> wrote:
>
>> Generating UUIDs may not be hard, but why should SCIM dictate the use of UUIDs? This seems like a technical implementation detail that should be left to the service providers. I am still not sure that there's a valid use case for requiring globally unique identifiers across all tenants and resources unless the service provider chooses to do so (e.g. by opting for a non-URL-based tenancy model). To reiterate - the general principle of REST is to use URIs as global identifiers and it seems unnecessary for SCIM to require anything beyond this.
>>
>> Also, to clarify - I'm opposed to requiring uniqueness across tenants, but I'm also opposed to requiring uniqueness across different resource types. The language in the core schema for the id attribute is a bit ambiguous about this:
>>
>>> Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the             Resource MUST include a non-empty id value. This identifier MUST             be unique across the Service Provider's entire set of Resources.
>>
>> The "entire set of Resources" may be interpreted as the set of resources for a given resource type or across all resource types. As discussed on this thread, it seems there should be no reason for identifiers to be unique across different types of resources (i.e. Users and Groups) even within the same tenant (provided the clarifications to group membership are updated as discussed).
>>
>>
>> On Thu, Mar 14, 2013 at 11:02 AM, Kelly Grizzle <kelly.grizzle@sailpoint.com> wrote:
>>> You’re right … generating a uuid is not hard.  My bigger concern is where the SP is putting a SCIM interface on an existing datastore (eg – a multi-tenant app that uses a database per tenant).  In this case we may be imposing a restriction that has little value (if they have unique URIs) but won’t be able to use the underlying datastore’s existing identifiers.
>>>
>>>
>>>
>>> --Kelly
>>>
>>>
>>>
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Salvatore D'Agostino
>>> Sent: Wednesday, March 13, 2013 11:34 PM
>>> To: 'Phil Hunt'; Kelly Grizzle
>>>
>>>
>>> Cc: scim@ietf.org; 'Shelley'; 'Morteza Ansari (moransar)'
>>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>>
>>>
>>> I’m with Phil,
>>>
>>>
>>>
>>> RFC 4122  - x.667
>>>
>>>
>>>
>>> Not that hard.
>>>
>>>
>>>
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phil Hunt
>>> Sent: Wednesday, March 13, 2013 11:56 PM
>>> To: Kelly Grizzle
>>> Cc: scim@ietf.org; Shelley; Morteza Ansari (moransar)
>>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>>
>>>
>>>
>>> Hmmm…calculating a UUID is fairly straight forward and doesn't require checking across tenancies to be universally unique (at least statistically).
>>>
>>>
>>>
>>> Phil
>>>
>>>
>>>
>>> @independentid
>>>
>>> www.independentid.com
>>>
>>> phil.hunt@oracle.com
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:
>>>
>>>
>>>
>>> I agree with Shelley.  It is a significant burden on the service provider to require fully unique IDs across tenants and resource types.
>>>
>>>
>>>
>>>> Given group members are only identified using the ID field
>>>
>>>
>>>
>>> This is likely going to change with the reference attribute type being added in issue #33.
>>>
>>>
>>>
>>>
>>>
>>>> The SCIM id, defined by the Service Provider, MUST be unique across all Resources for all Tenants
>>>
>>>
>>>
>>> Maybe this could be reworded so that the MUST is conditional on whether multi-tenancy uses fully unique URIs or not.
>>>
>>>
>>>
>>> --Kelly
>>>
>>>
>>>
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Morteza Ansari (moransar)
>>> Sent: Wednesday, March 13, 2013 3:54 PM
>>> To: Shelley; scim@ietf.org
>>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>>
>>>
>>>
>>> Another reason for this is group membership. Given group members are only identified using the ID field, if ID namespace is per tenant, then you can't have groups that cross tenant boundary regardless of whether the SP uses URL prefix or other mechanisms.
>>>
>>>
>>>
>>> I do see your point that if SP is using multiple DB's, this requirement adds additional burden on the SP.  I think the original intent of this language (in 1.0) was for id to be unique within a given endpoint (in your example each DB), but the language is not quite clear.
>>>
>>>
>>>
>>>
>>>
>>> Cheers,
>>>
>>> Morteza
>>>
>>>
>>>
>>> From: Shelley <randomshelley@gmail.com>
>>> Date: Wednesday, March 13, 2013 11:17 AM
>>> To: "scim@ietf.org" <scim@ietf.org>
>>> Subject: [scim] Proposed Text for Multi-Tenancy
>>>
>>>
>>>
>>> As a developer of a service provider implementation that supports multi-tenancy, this requirement seems a bit imposing with little value. Given that all SCIM resources are relative to a given tenant and to a particular endpoint/resource type, it seems that the scope of SCIM identifiers need not go beyond these contexts. The SCIM Protocol is built upon REST, which is resource-oriented and based on URIs as GUIDs, and so requiring an additional GUID beyond this seems unnecessary.
>>>
>>> Technically, for example, assume that a service provider is using a standard RDBMS to persist user and group resources. This requirement now imposes uniqueness of identifiers across tables. Further, consider a case where a separate database schema maintains the data for each tenant. Not only must uniqueness be guaranteed across tables, but also across schemas.
>>>
>>> a) Within the proposed text, there is no requirement that the Service Provider use the URL to distinguish tenants.  Thus, a URL including a non-unique SCIM Id would be ambiguous.
>>>
>>>
>>> I agree that if service providers choose not to use URLs to distinguish tenants, they must use unique resource identifiers across all tenants. In that case, I'd suggest that the burden of this limitation be placed on these service providers, not on all service providers. This should be a factor in choosing such a method for implementing multi-tenancy.
>>>
>>> Given that the SCIM Protocol is built upon REST where URIs uniquely identify resources, service providers that choose this method should be aware of the limitation they are imposing. It is my opinion, however, that this should be the exception and not dictate requirements for all providers.
>>>
>>> b) There is a use case for retrieval of a resource when the Consumer does not know the resource "type" and therefore cannot use a specific resource end point.
>>>
>>>
>>> Could you elaborate on this use case? Further, if this is a valid use case, why wouldn't the ability to search across multiple resource types be sufficient for finding such resources? e.g:
>>>
>>>     GET /Tenants/abc?filter=externalId eq xyz
>>>     {
>>>        "totalResults": 1,
>>>        "Resources": [
>>>           {
>>>             "id": "123",
>>>             "resourceType": "User",
>>>             "externalId": "xyz",
>>>             "meta": {
>>>                 "location": "https://example.com/Tenants/abc/Users/123",
>>>                 ...
>>>             },
>>>             ...
>>>           }
>>>        ],
>>>        ...
>>>     }
>>>
>>> (Or alternative to the "resourceType", the response could contain a list of "Users" and/or "Groups" instead of generic "Resources".)
>>>
>>> The current SCIM protocol at least requires that resources are created and managed at a particular resource endpoint, and the introduction of the resource type and proposed search functionality seem to offset any need for a global identifier across all tenants and resources.
>>>
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>>
>>
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From phil.hunt@oracle.com  Wed Mar 20 20:55:17 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A7B311E80F1 for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 20:55:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.436
X-Spam-Level: 
X-Spam-Status: No, score=-3.436 tagged_above=-999 required=5 tests=[AWL=-1.566, BAYES_00=-2.599, FB_IOW=3.333, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lkb1pqposy+k for <scim@ietfa.amsl.com>; Wed, 20 Mar 2013 20:55:15 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id F2E6511E80EE for <scim@ietf.org>; Wed, 20 Mar 2013 20:55:14 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2L3tDUo016111 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 21 Mar 2013 03:55:14 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2L3tCgt022707 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 21 Mar 2013 03:55:12 GMT
Received: from abhmt120.oracle.com (abhmt120.oracle.com [141.146.116.72]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2L3tCJG006549; Wed, 20 Mar 2013 22:55:12 -0500
Received: from [192.168.1.125] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 20 Mar 2013 20:55:11 -0700
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com> <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com> <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com> <196FDFD1-2331-4F8C-BECD-A8E15AE2AF04@oracle.com> <514A72B5.30306@viewds.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <514A72B5.30306@viewds.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Message-Id: <EE7ABA6F-ED42-4DC3-8A07-E94A28786CF1@oracle.com>
X-Mailer: iPhone Mail (10B146)
From: Phil Hunt <phil.hunt@oracle.com>
Date: Wed, 20 Mar 2013 20:55:09 -0700
To: Mark Ennis <mark.ennis@viewds.com>
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2013 03:55:17 -0000

If you don't change then you must have unique uuids or group members may con=
flict. Thats why i support more discussion on this issue.=20

Iow i agree and understand the limitation of not being able to support uuids=
. But we still have a problem to address.=20

Phil

Sent from my phone.

On 2013-03-20, at 19:38, Mark Ennis <mark.ennis@viewds.com> wrote:

> The issue of identifying members of a group when that member is not in the=
 local repository is an issue that should be addressed independently of the m=
ulti-tenancy issue. Whether you are identifying an object in another tenant o=
f the current service or on a different service should make no difference to=
 the solution. Forcing service providers to implement uniqueness across all t=
enants seems unnecessary and doesn't address the real issue.
>=20
> - Mark.
>=20
> On 21/03/13 13:31, Phil Hunt wrote:
>> Unfortunately group memberships and multi-tenancy seems to cause the comp=
lication at the moment.
>>=20
>> There was discussion in orlando about allowing optional reference attribu=
te as an alternative way to point to a member, since the old way depends on a=
 unique id - which in multi tenant scenarios becomes a problem.
>>=20
>> Phil
>>=20
>> Sent from my phone.
>>=20
>> On 2013-03-20, at 16:09, Shelley <randomshelley@gmail.com> wrote:
>>=20
>>> Generating UUIDs may not be hard, but why should SCIM dictate the use of=
 UUIDs? This seems like a technical implementation detail that should be lef=
t to the service providers. I am still not sure that there's a valid use cas=
e for requiring globally unique identifiers across all tenants and resources=
 unless the service provider chooses to do so (e.g. by opting for a non-URL-=
based tenancy model). To reiterate - the general principle of REST is to use=
 URIs as global identifiers and it seems unnecessary for SCIM to require any=
thing beyond this.
>>>=20
>>> Also, to clarify - I'm opposed to requiring uniqueness across tenants, b=
ut I'm also opposed to requiring uniqueness across different resource types.=
 The language in the core schema for the id attribute is a bit ambiguous abo=
ut this:
>>>=20
>>>> Unique identifier for the SCIM Resource as defined by the Service Provi=
der. Each representation of the             Resource MUST include a non-empt=
y id value. This identifier MUST             be unique across the Service Pr=
ovider's entire set of Resources.
>>>=20
>>> The "entire set of Resources" may be interpreted as the set of resources=
 for a given resource type or across all resource types. As discussed on thi=
s thread, it seems there should be no reason for identifiers to be unique ac=
ross different types of resources (i.e. Users and Groups) even within the sa=
me tenant (provided the clarifications to group membership are updated as di=
scussed).
>>>=20
>>>=20
>>> On Thu, Mar 14, 2013 at 11:02 AM, Kelly Grizzle <kelly.grizzle@sailpoint=
.com> wrote:
>>>> You=E2=80=99re right =E2=80=A6 generating a uuid is not hard.  My bigge=
r concern is where the SP is putting a SCIM interface on an existing datasto=
re (eg =E2=80=93 a multi-tenant app that uses a database per tenant).  In th=
is case we may be imposing a restriction that has little value (if they have=
 unique URIs) but won=E2=80=99t be able to use the underlying datastore=E2=80=
=99s existing identifiers.
>>>>=20
>>>>=20
>>>>=20
>>>> --Kelly
>>>>=20
>>>>=20
>>>>=20
>>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of=
 Salvatore D'Agostino
>>>> Sent: Wednesday, March 13, 2013 11:34 PM
>>>> To: 'Phil Hunt'; Kelly Grizzle
>>>>=20
>>>>=20
>>>> Cc: scim@ietf.org; 'Shelley'; 'Morteza Ansari (moransar)'
>>>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>>>=20
>>>>=20
>>>> I=E2=80=99m with Phil,
>>>>=20
>>>>=20
>>>>=20
>>>> RFC 4122  - x.667
>>>>=20
>>>>=20
>>>>=20
>>>> Not that hard.
>>>>=20
>>>>=20
>>>>=20
>>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of=
 Phil Hunt
>>>> Sent: Wednesday, March 13, 2013 11:56 PM
>>>> To: Kelly Grizzle
>>>> Cc: scim@ietf.org; Shelley; Morteza Ansari (moransar)
>>>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>>>=20
>>>>=20
>>>>=20
>>>> Hmmm=E2=80=A6calculating a UUID is fairly straight forward and doesn't r=
equire checking across tenancies to be universally unique (at least statisti=
cally).
>>>>=20
>>>>=20
>>>>=20
>>>> Phil
>>>>=20
>>>>=20
>>>>=20
>>>> @independentid
>>>>=20
>>>> www.independentid.com
>>>>=20
>>>> phil.hunt@oracle.com
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>> On 2013-03-13, at 8:26 PM, Kelly Grizzle wrote:
>>>>=20
>>>>=20
>>>>=20
>>>> I agree with Shelley.  It is a significant burden on the service provid=
er to require fully unique IDs across tenants and resource types.
>>>>=20
>>>>=20
>>>>=20
>>>>> Given group members are only identified using the ID field
>>>>=20
>>>>=20
>>>>=20
>>>> This is likely going to change with the reference attribute type being a=
dded in issue #33.
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>>> The SCIM id, defined by the Service Provider, MUST be unique across al=
l Resources for all Tenants
>>>>=20
>>>>=20
>>>>=20
>>>> Maybe this could be reworded so that the MUST is conditional on whether=
 multi-tenancy uses fully unique URIs or not.
>>>>=20
>>>>=20
>>>>=20
>>>> --Kelly
>>>>=20
>>>>=20
>>>>=20
>>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of=
 Morteza Ansari (moransar)
>>>> Sent: Wednesday, March 13, 2013 3:54 PM
>>>> To: Shelley; scim@ietf.org
>>>> Subject: Re: [scim] Proposed Text for Multi-Tenancy
>>>>=20
>>>>=20
>>>>=20
>>>> Another reason for this is group membership. Given group members are on=
ly identified using the ID field, if ID namespace is per tenant, then you ca=
n't have groups that cross tenant boundary regardless of whether the SP uses=
 URL prefix or other mechanisms.
>>>>=20
>>>>=20
>>>>=20
>>>> I do see your point that if SP is using multiple DB's, this requirement=
 adds additional burden on the SP.  I think the original intent of this lang=
uage (in 1.0) was for id to be unique within a given endpoint (in your examp=
le each DB), but the language is not quite clear.
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>> Cheers,
>>>>=20
>>>> Morteza
>>>>=20
>>>>=20
>>>>=20
>>>> From: Shelley <randomshelley@gmail.com>
>>>> Date: Wednesday, March 13, 2013 11:17 AM
>>>> To: "scim@ietf.org" <scim@ietf.org>
>>>> Subject: [scim] Proposed Text for Multi-Tenancy
>>>>=20
>>>>=20
>>>>=20
>>>> As a developer of a service provider implementation that supports multi=
-tenancy, this requirement seems a bit imposing with little value. Given tha=
t all SCIM resources are relative to a given tenant and to a particular endp=
oint/resource type, it seems that the scope of SCIM identifiers need not go b=
eyond these contexts. The SCIM Protocol is built upon REST, which is resourc=
e-oriented and based on URIs as GUIDs, and so requiring an additional GUID b=
eyond this seems unnecessary.
>>>>=20
>>>> Technically, for example, assume that a service provider is using a sta=
ndard RDBMS to persist user and group resources. This requirement now impose=
s uniqueness of identifiers across tables. Further, consider a case where a s=
eparate database schema maintains the data for each tenant. Not only must un=
iqueness be guaranteed across tables, but also across schemas.
>>>>=20
>>>> a) Within the proposed text, there is no requirement that the Service P=
rovider use the URL to distinguish tenants.  Thus, a URL including a non-uni=
que SCIM Id would be ambiguous.
>>>>=20
>>>>=20
>>>> I agree that if service providers choose not to use URLs to distinguish=
 tenants, they must use unique resource identifiers across all tenants. In t=
hat case, I'd suggest that the burden of this limitation be placed on these s=
ervice providers, not on all service providers. This should be a factor in c=
hoosing such a method for implementing multi-tenancy.
>>>>=20
>>>> Given that the SCIM Protocol is built upon REST where URIs uniquely ide=
ntify resources, service providers that choose this method should be aware o=
f the limitation they are imposing. It is my opinion, however, that this sho=
uld be the exception and not dictate requirements for all providers.
>>>>=20
>>>> b) There is a use case for retrieval of a resource when the Consumer do=
es not know the resource "type" and therefore cannot use a specific resource=
 end point.
>>>>=20
>>>>=20
>>>> Could you elaborate on this use case? Further, if this is a valid use c=
ase, why wouldn't the ability to search across multiple resource types be su=
fficient for finding such resources? e.g:
>>>>=20
>>>>    GET /Tenants/abc?filter=3DexternalId eq xyz
>>>>    {
>>>>       "totalResults": 1,
>>>>       "Resources": [
>>>>          {
>>>>            "id": "123",
>>>>            "resourceType": "User",
>>>>            "externalId": "xyz",
>>>>            "meta": {
>>>>                "location": "https://example.com/Tenants/abc/Users/123",=

>>>>                ...
>>>>            },
>>>>            ...
>>>>          }
>>>>       ],
>>>>       ...
>>>>    }
>>>>=20
>>>> (Or alternative to the "resourceType", the response could contain a lis=
t of "Users" and/or "Groups" instead of generic "Resources".)
>>>>=20
>>>> The current SCIM protocol at least requires that resources are created a=
nd managed at a particular resource endpoint, and the introduction of the re=
source type and proposed search functionality seem to offset any need for a g=
lobal identifier across all tenants and resources.
>>>>=20
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>>=20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>>=20
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

From kelly.grizzle@sailpoint.com  Thu Mar 21 06:07:57 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A913321F8E51 for <scim@ietfa.amsl.com>; Thu, 21 Mar 2013 06:07:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.933
X-Spam-Level: 
X-Spam-Status: No, score=-1.933 tagged_above=-999 required=5 tests=[AWL=-1.667, BAYES_00=-2.599, FB_IOW=3.333, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ITIL3V5FuMr for <scim@ietfa.amsl.com>; Thu, 21 Mar 2013 06:07:56 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe005.messaging.microsoft.com [213.199.154.208]) by ietfa.amsl.com (Postfix) with ESMTP id F23BC21F8714 for <scim@ietf.org>; Thu, 21 Mar 2013 06:07:55 -0700 (PDT)
Received: from mail1-am1-R.bigfish.com (10.3.201.236) by AM1EHSOBE016.bigfish.com (10.3.207.138) with Microsoft SMTP Server id 14.1.225.23; Thu, 21 Mar 2013 13:07:54 +0000
Received: from mail1-am1 (localhost [127.0.0.1])	by mail1-am1-R.bigfish.com (Postfix) with ESMTP id 4A5A72000CA; Thu, 21 Mar 2013 13:07:54 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT002.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -26
X-BigFish: PS-26(zzbb2dI98dI9371Ic89bh936eI542I1432Izz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL8275dh18602eh8275bhz31h2a8h668h839h93fhd25hf0ah1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1155h)
Received-SPF: softfail (mail1-am1: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT002.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail1-am1 (localhost.localdomain [127.0.0.1]) by mail1-am1 (MessageSwitch) id 1363871271674733_22578; Thu, 21 Mar 2013 13:07:51 +0000 (UTC)
Received: from AM1EHSMHS010.bigfish.com (unknown [10.3.201.254])	by mail1-am1.bigfish.com (Postfix) with ESMTP id A17753E006F; Thu, 21 Mar 2013 13:07:51 +0000 (UTC)
Received: from BLUPRD0412HT002.namprd04.prod.outlook.com (132.245.1.133) by AM1EHSMHS010.bigfish.com (10.3.207.110) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 21 Mar 2013 13:07:51 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.238]) by BLUPRD0412HT002.namprd04.prod.outlook.com ([10.255.214.163]) with mapi id 14.16.0275.006; Thu, 21 Mar 2013 13:07:43 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Phil Hunt <phil.hunt@oracle.com>, Mark Ennis <mark.ennis@viewds.com>
Thread-Topic: [scim] Proposed Text for Multi-Tenancy
Thread-Index: AQHOIB9zAUUdFdzt7UCepBSzgYEe6pikGXEAgAA5vRCAADwzgIAACsYAgAC/WBCACeY5gIAAOHKAgAACAYCAABVYgIAAmb1A
Date: Thu, 21 Mar 2013 13:07:43 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C3884A3@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAGUsYPxgWUq_PRu79TyJPSzNde72MPOWNXnpewBqBgGRvAFrqQ@mail.gmail.com> <CA3B67220D628A4780D6FEB31F18A3E32864A004@xmb-rcd-x08.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34375C381A0C@BLUPRD0412MB643.namprd04.prod.outlook.com> <BD785332-777F-4549-AE83-E25ED5B5B409@oracle.com> <00d901ce206d$35253cc0$9f6fb640$@com> <56C3C758F9D6534CA3778EAA1E0C34375C381F12@BLUPRD0412MB643.namprd04.prod.outlook.com> <CAGUsYPzXAohBPUkrP=memKR=6XO7b4UoUvriPpO6RHwcfbkL2Q@mail.gmail.com> <196FDFD1-2331-4F8C-BECD-A8E15AE2AF04@oracle.com> <514A72B5.30306@viewds.com> <EE7ABA6F-ED42-4DC3-8A07-E94A28786CF1@oracle.com>
In-Reply-To: <EE7ABA6F-ED42-4DC3-8A07-E94A28786CF1@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 0F078EF4003F420F079041
x-originating-ip: [72.182.10.254]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Proposed Text for Multi-Tenancy
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2013 13:07:57 -0000

PiBUaGVyZSB3YXMgZGlzY3Vzc2lvbiBpbiBvcmxhbmRvIGFib3V0IGFsbG93aW5nIG9wdGlvbmFs
IHJlZmVyZW5jZSBhdHRyaWJ1dGUgYXMgYW4gYWx0ZXJuYXRpdmUgd2F5IHRvIHBvaW50IHRvIGEg
bWVtYmVyDQoNCk9uY2UgaXNzdWUgIzMzIGlzIHJlc29sdmVkLCB1c2luZyBhIHJlZmVyZW5jZSAo
aWUgLSBVUkkpIGluIHRoZSBncm91cCBtZW1iZXJzaGlwIGxpc3Qgd2lsbCBub3QgYmUgb3B0aW9u
YWwuDQoNCi0tS2VsbHkNCg0KLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206IHNjaW0t
Ym91bmNlc0BpZXRmLm9yZyBbbWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxm
IE9mIFBoaWwgSHVudA0KU2VudDogV2VkbmVzZGF5LCBNYXJjaCAyMCwgMjAxMyAxMDo1NSBQTQ0K
VG86IE1hcmsgRW5uaXMNCkNjOiBzY2ltQGlldGYub3JnDQpTdWJqZWN0OiBSZTogW3NjaW1dIFBy
b3Bvc2VkIFRleHQgZm9yIE11bHRpLVRlbmFuY3kNCg0KSWYgeW91IGRvbid0IGNoYW5nZSB0aGVu
IHlvdSBtdXN0IGhhdmUgdW5pcXVlIHV1aWRzIG9yIGdyb3VwIG1lbWJlcnMgbWF5IGNvbmZsaWN0
LiBUaGF0cyB3aHkgaSBzdXBwb3J0IG1vcmUgZGlzY3Vzc2lvbiBvbiB0aGlzIGlzc3VlLiANCg0K
SW93IGkgYWdyZWUgYW5kIHVuZGVyc3RhbmQgdGhlIGxpbWl0YXRpb24gb2Ygbm90IGJlaW5nIGFi
bGUgdG8gc3VwcG9ydCB1dWlkcy4gQnV0IHdlIHN0aWxsIGhhdmUgYSBwcm9ibGVtIHRvIGFkZHJl
c3MuIA0KDQpQaGlsDQoNClNlbnQgZnJvbSBteSBwaG9uZS4NCg0KT24gMjAxMy0wMy0yMCwgYXQg
MTk6MzgsIE1hcmsgRW5uaXMgPG1hcmsuZW5uaXNAdmlld2RzLmNvbT4gd3JvdGU6DQoNCj4gVGhl
IGlzc3VlIG9mIGlkZW50aWZ5aW5nIG1lbWJlcnMgb2YgYSBncm91cCB3aGVuIHRoYXQgbWVtYmVy
IGlzIG5vdCBpbiB0aGUgbG9jYWwgcmVwb3NpdG9yeSBpcyBhbiBpc3N1ZSB0aGF0IHNob3VsZCBi
ZSBhZGRyZXNzZWQgaW5kZXBlbmRlbnRseSBvZiB0aGUgbXVsdGktdGVuYW5jeSBpc3N1ZS4gV2hl
dGhlciB5b3UgYXJlIGlkZW50aWZ5aW5nIGFuIG9iamVjdCBpbiBhbm90aGVyIHRlbmFudCBvZiB0
aGUgY3VycmVudCBzZXJ2aWNlIG9yIG9uIGEgZGlmZmVyZW50IHNlcnZpY2Ugc2hvdWxkIG1ha2Ug
bm8gZGlmZmVyZW5jZSB0byB0aGUgc29sdXRpb24uIEZvcmNpbmcgc2VydmljZSBwcm92aWRlcnMg
dG8gaW1wbGVtZW50IHVuaXF1ZW5lc3MgYWNyb3NzIGFsbCB0ZW5hbnRzIHNlZW1zIHVubmVjZXNz
YXJ5IGFuZCBkb2Vzbid0IGFkZHJlc3MgdGhlIHJlYWwgaXNzdWUuDQo+IA0KPiAtIE1hcmsuDQo+
IA0KPiBPbiAyMS8wMy8xMyAxMzozMSwgUGhpbCBIdW50IHdyb3RlOg0KPj4gVW5mb3J0dW5hdGVs
eSBncm91cCBtZW1iZXJzaGlwcyBhbmQgbXVsdGktdGVuYW5jeSBzZWVtcyB0byBjYXVzZSB0aGUg
Y29tcGxpY2F0aW9uIGF0IHRoZSBtb21lbnQuDQo+PiANCj4+IFRoZXJlIHdhcyBkaXNjdXNzaW9u
IGluIG9ybGFuZG8gYWJvdXQgYWxsb3dpbmcgb3B0aW9uYWwgcmVmZXJlbmNlIGF0dHJpYnV0ZSBh
cyBhbiBhbHRlcm5hdGl2ZSB3YXkgdG8gcG9pbnQgdG8gYSBtZW1iZXIsIHNpbmNlIHRoZSBvbGQg
d2F5IGRlcGVuZHMgb24gYSB1bmlxdWUgaWQgLSB3aGljaCBpbiBtdWx0aSB0ZW5hbnQgc2NlbmFy
aW9zIGJlY29tZXMgYSBwcm9ibGVtLg0KPj4gDQo+PiBQaGlsDQo+PiANCj4+IFNlbnQgZnJvbSBt
eSBwaG9uZS4NCj4+IA0KPj4gT24gMjAxMy0wMy0yMCwgYXQgMTY6MDksIFNoZWxsZXkgPHJhbmRv
bXNoZWxsZXlAZ21haWwuY29tPiB3cm90ZToNCj4+IA0KPj4+IEdlbmVyYXRpbmcgVVVJRHMgbWF5
IG5vdCBiZSBoYXJkLCBidXQgd2h5IHNob3VsZCBTQ0lNIGRpY3RhdGUgdGhlIHVzZSBvZiBVVUlE
cz8gVGhpcyBzZWVtcyBsaWtlIGEgdGVjaG5pY2FsIGltcGxlbWVudGF0aW9uIGRldGFpbCB0aGF0
IHNob3VsZCBiZSBsZWZ0IHRvIHRoZSBzZXJ2aWNlIHByb3ZpZGVycy4gSSBhbSBzdGlsbCBub3Qg
c3VyZSB0aGF0IHRoZXJlJ3MgYSB2YWxpZCB1c2UgY2FzZSBmb3IgcmVxdWlyaW5nIGdsb2JhbGx5
IHVuaXF1ZSBpZGVudGlmaWVycyBhY3Jvc3MgYWxsIHRlbmFudHMgYW5kIHJlc291cmNlcyB1bmxl
c3MgdGhlIHNlcnZpY2UgcHJvdmlkZXIgY2hvb3NlcyB0byBkbyBzbyAoZS5nLiBieSBvcHRpbmcg
Zm9yIGEgbm9uLVVSTC1iYXNlZCB0ZW5hbmN5IG1vZGVsKS4gVG8gcmVpdGVyYXRlIC0gdGhlIGdl
bmVyYWwgcHJpbmNpcGxlIG9mIFJFU1QgaXMgdG8gdXNlIFVSSXMgYXMgZ2xvYmFsIGlkZW50aWZp
ZXJzIGFuZCBpdCBzZWVtcyB1bm5lY2Vzc2FyeSBmb3IgU0NJTSB0byByZXF1aXJlIGFueXRoaW5n
IGJleW9uZCB0aGlzLg0KPj4+IA0KPj4+IEFsc28sIHRvIGNsYXJpZnkgLSBJJ20gb3Bwb3NlZCB0
byByZXF1aXJpbmcgdW5pcXVlbmVzcyBhY3Jvc3MgdGVuYW50cywgYnV0IEknbSBhbHNvIG9wcG9z
ZWQgdG8gcmVxdWlyaW5nIHVuaXF1ZW5lc3MgYWNyb3NzIGRpZmZlcmVudCByZXNvdXJjZSB0eXBl
cy4gVGhlIGxhbmd1YWdlIGluIHRoZSBjb3JlIHNjaGVtYSBmb3IgdGhlIGlkIGF0dHJpYnV0ZSBp
cyBhIGJpdCBhbWJpZ3VvdXMgYWJvdXQgdGhpczoNCj4+PiANCj4+Pj4gVW5pcXVlIGlkZW50aWZp
ZXIgZm9yIHRoZSBTQ0lNIFJlc291cmNlIGFzIGRlZmluZWQgYnkgdGhlIFNlcnZpY2UgUHJvdmlk
ZXIuIEVhY2ggcmVwcmVzZW50YXRpb24gb2YgdGhlICAgICAgICAgICAgIFJlc291cmNlIE1VU1Qg
aW5jbHVkZSBhIG5vbi1lbXB0eSBpZCB2YWx1ZS4gVGhpcyBpZGVudGlmaWVyIE1VU1QgICAgICAg
ICAgICAgYmUgdW5pcXVlIGFjcm9zcyB0aGUgU2VydmljZSBQcm92aWRlcidzIGVudGlyZSBzZXQg
b2YgUmVzb3VyY2VzLg0KPj4+IA0KPj4+IFRoZSAiZW50aXJlIHNldCBvZiBSZXNvdXJjZXMiIG1h
eSBiZSBpbnRlcnByZXRlZCBhcyB0aGUgc2V0IG9mIHJlc291cmNlcyBmb3IgYSBnaXZlbiByZXNv
dXJjZSB0eXBlIG9yIGFjcm9zcyBhbGwgcmVzb3VyY2UgdHlwZXMuIEFzIGRpc2N1c3NlZCBvbiB0
aGlzIHRocmVhZCwgaXQgc2VlbXMgdGhlcmUgc2hvdWxkIGJlIG5vIHJlYXNvbiBmb3IgaWRlbnRp
ZmllcnMgdG8gYmUgdW5pcXVlIGFjcm9zcyBkaWZmZXJlbnQgdHlwZXMgb2YgcmVzb3VyY2VzIChp
LmUuIFVzZXJzIGFuZCBHcm91cHMpIGV2ZW4gd2l0aGluIHRoZSBzYW1lIHRlbmFudCAocHJvdmlk
ZWQgdGhlIGNsYXJpZmljYXRpb25zIHRvIGdyb3VwIG1lbWJlcnNoaXAgYXJlIHVwZGF0ZWQgYXMg
ZGlzY3Vzc2VkKS4NCj4+PiANCj4+PiANCj4+PiBPbiBUaHUsIE1hciAxNCwgMjAxMyBhdCAxMTow
MiBBTSwgS2VsbHkgR3JpenpsZSA8a2VsbHkuZ3JpenpsZUBzYWlscG9pbnQuY29tPiB3cm90ZToN
Cj4+Pj4gWW914oCZcmUgcmlnaHQg4oCmIGdlbmVyYXRpbmcgYSB1dWlkIGlzIG5vdCBoYXJkLiAg
TXkgYmlnZ2VyIGNvbmNlcm4gaXMgd2hlcmUgdGhlIFNQIGlzIHB1dHRpbmcgYSBTQ0lNIGludGVy
ZmFjZSBvbiBhbiBleGlzdGluZyBkYXRhc3RvcmUgKGVnIOKAkyBhIG11bHRpLXRlbmFudCBhcHAg
dGhhdCB1c2VzIGEgZGF0YWJhc2UgcGVyIHRlbmFudCkuICBJbiB0aGlzIGNhc2Ugd2UgbWF5IGJl
IGltcG9zaW5nIGEgcmVzdHJpY3Rpb24gdGhhdCBoYXMgbGl0dGxlIHZhbHVlIChpZiB0aGV5IGhh
dmUgdW5pcXVlIFVSSXMpIGJ1dCB3b27igJl0IGJlIGFibGUgdG8gdXNlIHRoZSB1bmRlcmx5aW5n
IGRhdGFzdG9yZeKAmXMgZXhpc3RpbmcgaWRlbnRpZmllcnMuDQo+Pj4+IA0KPj4+PiANCj4+Pj4g
DQo+Pj4+IC0tS2VsbHkNCj4+Pj4gDQo+Pj4+IA0KPj4+PiANCj4+Pj4gRnJvbTogc2NpbS1ib3Vu
Y2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSBPbiBCZWhhbGYgT2Yg
U2FsdmF0b3JlIEQnQWdvc3Rpbm8NCj4+Pj4gU2VudDogV2VkbmVzZGF5LCBNYXJjaCAxMywgMjAx
MyAxMTozNCBQTQ0KPj4+PiBUbzogJ1BoaWwgSHVudCc7IEtlbGx5IEdyaXp6bGUNCj4+Pj4gDQo+
Pj4+IA0KPj4+PiBDYzogc2NpbUBpZXRmLm9yZzsgJ1NoZWxsZXknOyAnTW9ydGV6YSBBbnNhcmkg
KG1vcmFuc2FyKScNCj4+Pj4gU3ViamVjdDogUmU6IFtzY2ltXSBQcm9wb3NlZCBUZXh0IGZvciBN
dWx0aS1UZW5hbmN5DQo+Pj4+IA0KPj4+PiANCj4+Pj4gSeKAmW0gd2l0aCBQaGlsLA0KPj4+PiAN
Cj4+Pj4gDQo+Pj4+IA0KPj4+PiBSRkMgNDEyMiAgLSB4LjY2Nw0KPj4+PiANCj4+Pj4gDQo+Pj4+
IA0KPj4+PiBOb3QgdGhhdCBoYXJkLg0KPj4+PiANCj4+Pj4gDQo+Pj4+IA0KPj4+PiBGcm9tOiBz
Y2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJl
aGFsZiBPZiBQaGlsIEh1bnQNCj4+Pj4gU2VudDogV2VkbmVzZGF5LCBNYXJjaCAxMywgMjAxMyAx
MTo1NiBQTQ0KPj4+PiBUbzogS2VsbHkgR3JpenpsZQ0KPj4+PiBDYzogc2NpbUBpZXRmLm9yZzsg
U2hlbGxleTsgTW9ydGV6YSBBbnNhcmkgKG1vcmFuc2FyKQ0KPj4+PiBTdWJqZWN0OiBSZTogW3Nj
aW1dIFByb3Bvc2VkIFRleHQgZm9yIE11bHRpLVRlbmFuY3kNCj4+Pj4gDQo+Pj4+IA0KPj4+PiAN
Cj4+Pj4gSG1tbeKApmNhbGN1bGF0aW5nIGEgVVVJRCBpcyBmYWlybHkgc3RyYWlnaHQgZm9yd2Fy
ZCBhbmQgZG9lc24ndCByZXF1aXJlIGNoZWNraW5nIGFjcm9zcyB0ZW5hbmNpZXMgdG8gYmUgdW5p
dmVyc2FsbHkgdW5pcXVlIChhdCBsZWFzdCBzdGF0aXN0aWNhbGx5KS4NCj4+Pj4gDQo+Pj4+IA0K
Pj4+PiANCj4+Pj4gUGhpbA0KPj4+PiANCj4+Pj4gDQo+Pj4+IA0KPj4+PiBAaW5kZXBlbmRlbnRp
ZA0KPj4+PiANCj4+Pj4gd3d3LmluZGVwZW5kZW50aWQuY29tDQo+Pj4+IA0KPj4+PiBwaGlsLmh1
bnRAb3JhY2xlLmNvbQ0KPj4+PiANCj4+Pj4gDQo+Pj4+IA0KPj4+PiANCj4+Pj4gDQo+Pj4+IA0K
Pj4+PiANCj4+Pj4gT24gMjAxMy0wMy0xMywgYXQgODoyNiBQTSwgS2VsbHkgR3JpenpsZSB3cm90
ZToNCj4+Pj4gDQo+Pj4+IA0KPj4+PiANCj4+Pj4gSSBhZ3JlZSB3aXRoIFNoZWxsZXkuICBJdCBp
cyBhIHNpZ25pZmljYW50IGJ1cmRlbiBvbiB0aGUgc2VydmljZSBwcm92aWRlciB0byByZXF1aXJl
IGZ1bGx5IHVuaXF1ZSBJRHMgYWNyb3NzIHRlbmFudHMgYW5kIHJlc291cmNlIHR5cGVzLg0KPj4+
PiANCj4+Pj4gDQo+Pj4+IA0KPj4+Pj4gR2l2ZW4gZ3JvdXAgbWVtYmVycyBhcmUgb25seSBpZGVu
dGlmaWVkIHVzaW5nIHRoZSBJRCBmaWVsZA0KPj4+PiANCj4+Pj4gDQo+Pj4+IA0KPj4+PiBUaGlz
IGlzIGxpa2VseSBnb2luZyB0byBjaGFuZ2Ugd2l0aCB0aGUgcmVmZXJlbmNlIGF0dHJpYnV0ZSB0
eXBlIGJlaW5nIGFkZGVkIGluIGlzc3VlICMzMy4NCj4+Pj4gDQo+Pj4+IA0KPj4+PiANCj4+Pj4g
DQo+Pj4+IA0KPj4+Pj4gVGhlIFNDSU0gaWQsIGRlZmluZWQgYnkgdGhlIFNlcnZpY2UgUHJvdmlk
ZXIsIE1VU1QgYmUgdW5pcXVlIGFjcm9zcyBhbGwgUmVzb3VyY2VzIGZvciBhbGwgVGVuYW50cw0K
Pj4+PiANCj4+Pj4gDQo+Pj4+IA0KPj4+PiBNYXliZSB0aGlzIGNvdWxkIGJlIHJld29yZGVkIHNv
IHRoYXQgdGhlIE1VU1QgaXMgY29uZGl0aW9uYWwgb24gd2hldGhlciBtdWx0aS10ZW5hbmN5IHVz
ZXMgZnVsbHkgdW5pcXVlIFVSSXMgb3Igbm90Lg0KPj4+PiANCj4+Pj4gDQo+Pj4+IA0KPj4+PiAt
LUtlbGx5DQo+Pj4+IA0KPj4+PiANCj4+Pj4gDQo+Pj4+IEZyb206IHNjaW0tYm91bmNlc0BpZXRm
Lm9yZyBbbWFpbHRvOnNjaW0tYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIE1vcnRlemEg
QW5zYXJpIChtb3JhbnNhcikNCj4+Pj4gU2VudDogV2VkbmVzZGF5LCBNYXJjaCAxMywgMjAxMyAz
OjU0IFBNDQo+Pj4+IFRvOiBTaGVsbGV5OyBzY2ltQGlldGYub3JnDQo+Pj4+IFN1YmplY3Q6IFJl
OiBbc2NpbV0gUHJvcG9zZWQgVGV4dCBmb3IgTXVsdGktVGVuYW5jeQ0KPj4+PiANCj4+Pj4gDQo+
Pj4+IA0KPj4+PiBBbm90aGVyIHJlYXNvbiBmb3IgdGhpcyBpcyBncm91cCBtZW1iZXJzaGlwLiBH
aXZlbiBncm91cCBtZW1iZXJzIGFyZSBvbmx5IGlkZW50aWZpZWQgdXNpbmcgdGhlIElEIGZpZWxk
LCBpZiBJRCBuYW1lc3BhY2UgaXMgcGVyIHRlbmFudCwgdGhlbiB5b3UgY2FuJ3QgaGF2ZSBncm91
cHMgdGhhdCBjcm9zcyB0ZW5hbnQgYm91bmRhcnkgcmVnYXJkbGVzcyBvZiB3aGV0aGVyIHRoZSBT
UCB1c2VzIFVSTCBwcmVmaXggb3Igb3RoZXIgbWVjaGFuaXNtcy4NCj4+Pj4gDQo+Pj4+IA0KPj4+
PiANCj4+Pj4gSSBkbyBzZWUgeW91ciBwb2ludCB0aGF0IGlmIFNQIGlzIHVzaW5nIG11bHRpcGxl
IERCJ3MsIHRoaXMgcmVxdWlyZW1lbnQgYWRkcyBhZGRpdGlvbmFsIGJ1cmRlbiBvbiB0aGUgU1Au
ICBJIHRoaW5rIHRoZSBvcmlnaW5hbCBpbnRlbnQgb2YgdGhpcyBsYW5ndWFnZSAoaW4gMS4wKSB3
YXMgZm9yIGlkIHRvIGJlIHVuaXF1ZSB3aXRoaW4gYSBnaXZlbiBlbmRwb2ludCAoaW4geW91ciBl
eGFtcGxlIGVhY2ggREIpLCBidXQgdGhlIGxhbmd1YWdlIGlzIG5vdCBxdWl0ZSBjbGVhci4NCj4+
Pj4gDQo+Pj4+IA0KPj4+PiANCj4+Pj4gDQo+Pj4+IA0KPj4+PiBDaGVlcnMsDQo+Pj4+IA0KPj4+
PiBNb3J0ZXphDQo+Pj4+IA0KPj4+PiANCj4+Pj4gDQo+Pj4+IEZyb206IFNoZWxsZXkgPHJhbmRv
bXNoZWxsZXlAZ21haWwuY29tPg0KPj4+PiBEYXRlOiBXZWRuZXNkYXksIE1hcmNoIDEzLCAyMDEz
IDExOjE3IEFNDQo+Pj4+IFRvOiAic2NpbUBpZXRmLm9yZyIgPHNjaW1AaWV0Zi5vcmc+DQo+Pj4+
IFN1YmplY3Q6IFtzY2ltXSBQcm9wb3NlZCBUZXh0IGZvciBNdWx0aS1UZW5hbmN5DQo+Pj4+IA0K
Pj4+PiANCj4+Pj4gDQo+Pj4+IEFzIGEgZGV2ZWxvcGVyIG9mIGEgc2VydmljZSBwcm92aWRlciBp
bXBsZW1lbnRhdGlvbiB0aGF0IHN1cHBvcnRzIG11bHRpLXRlbmFuY3ksIHRoaXMgcmVxdWlyZW1l
bnQgc2VlbXMgYSBiaXQgaW1wb3Npbmcgd2l0aCBsaXR0bGUgdmFsdWUuIEdpdmVuIHRoYXQgYWxs
IFNDSU0gcmVzb3VyY2VzIGFyZSByZWxhdGl2ZSB0byBhIGdpdmVuIHRlbmFudCBhbmQgdG8gYSBw
YXJ0aWN1bGFyIGVuZHBvaW50L3Jlc291cmNlIHR5cGUsIGl0IHNlZW1zIHRoYXQgdGhlIHNjb3Bl
IG9mIFNDSU0gaWRlbnRpZmllcnMgbmVlZCBub3QgZ28gYmV5b25kIHRoZXNlIGNvbnRleHRzLiBU
aGUgU0NJTSBQcm90b2NvbCBpcyBidWlsdCB1cG9uIFJFU1QsIHdoaWNoIGlzIHJlc291cmNlLW9y
aWVudGVkIGFuZCBiYXNlZCBvbiBVUklzIGFzIEdVSURzLCBhbmQgc28gcmVxdWlyaW5nIGFuIGFk
ZGl0aW9uYWwgR1VJRCBiZXlvbmQgdGhpcyBzZWVtcyB1bm5lY2Vzc2FyeS4NCj4+Pj4gDQo+Pj4+
IFRlY2huaWNhbGx5LCBmb3IgZXhhbXBsZSwgYXNzdW1lIHRoYXQgYSBzZXJ2aWNlIHByb3ZpZGVy
IGlzIHVzaW5nIGEgc3RhbmRhcmQgUkRCTVMgdG8gcGVyc2lzdCB1c2VyIGFuZCBncm91cCByZXNv
dXJjZXMuIFRoaXMgcmVxdWlyZW1lbnQgbm93IGltcG9zZXMgdW5pcXVlbmVzcyBvZiBpZGVudGlm
aWVycyBhY3Jvc3MgdGFibGVzLiBGdXJ0aGVyLCBjb25zaWRlciBhIGNhc2Ugd2hlcmUgYSBzZXBh
cmF0ZSBkYXRhYmFzZSBzY2hlbWEgbWFpbnRhaW5zIHRoZSBkYXRhIGZvciBlYWNoIHRlbmFudC4g
Tm90IG9ubHkgbXVzdCB1bmlxdWVuZXNzIGJlIGd1YXJhbnRlZWQgYWNyb3NzIHRhYmxlcywgYnV0
IGFsc28gYWNyb3NzIHNjaGVtYXMuDQo+Pj4+IA0KPj4+PiBhKSBXaXRoaW4gdGhlIHByb3Bvc2Vk
IHRleHQsIHRoZXJlIGlzIG5vIHJlcXVpcmVtZW50IHRoYXQgdGhlIFNlcnZpY2UgUHJvdmlkZXIg
dXNlIHRoZSBVUkwgdG8gZGlzdGluZ3Vpc2ggdGVuYW50cy4gIFRodXMsIGEgVVJMIGluY2x1ZGlu
ZyBhIG5vbi11bmlxdWUgU0NJTSBJZCB3b3VsZCBiZSBhbWJpZ3VvdXMuDQo+Pj4+IA0KPj4+PiAN
Cj4+Pj4gSSBhZ3JlZSB0aGF0IGlmIHNlcnZpY2UgcHJvdmlkZXJzIGNob29zZSBub3QgdG8gdXNl
IFVSTHMgdG8gZGlzdGluZ3Vpc2ggdGVuYW50cywgdGhleSBtdXN0IHVzZSB1bmlxdWUgcmVzb3Vy
Y2UgaWRlbnRpZmllcnMgYWNyb3NzIGFsbCB0ZW5hbnRzLiBJbiB0aGF0IGNhc2UsIEknZCBzdWdn
ZXN0IHRoYXQgdGhlIGJ1cmRlbiBvZiB0aGlzIGxpbWl0YXRpb24gYmUgcGxhY2VkIG9uIHRoZXNl
IHNlcnZpY2UgcHJvdmlkZXJzLCBub3Qgb24gYWxsIHNlcnZpY2UgcHJvdmlkZXJzLiBUaGlzIHNo
b3VsZCBiZSBhIGZhY3RvciBpbiBjaG9vc2luZyBzdWNoIGEgbWV0aG9kIGZvciBpbXBsZW1lbnRp
bmcgbXVsdGktdGVuYW5jeS4NCj4+Pj4gDQo+Pj4+IEdpdmVuIHRoYXQgdGhlIFNDSU0gUHJvdG9j
b2wgaXMgYnVpbHQgdXBvbiBSRVNUIHdoZXJlIFVSSXMgdW5pcXVlbHkgaWRlbnRpZnkgcmVzb3Vy
Y2VzLCBzZXJ2aWNlIHByb3ZpZGVycyB0aGF0IGNob29zZSB0aGlzIG1ldGhvZCBzaG91bGQgYmUg
YXdhcmUgb2YgdGhlIGxpbWl0YXRpb24gdGhleSBhcmUgaW1wb3NpbmcuIEl0IGlzIG15IG9waW5p
b24sIGhvd2V2ZXIsIHRoYXQgdGhpcyBzaG91bGQgYmUgdGhlIGV4Y2VwdGlvbiBhbmQgbm90IGRp
Y3RhdGUgcmVxdWlyZW1lbnRzIGZvciBhbGwgcHJvdmlkZXJzLg0KPj4+PiANCj4+Pj4gYikgVGhl
cmUgaXMgYSB1c2UgY2FzZSBmb3IgcmV0cmlldmFsIG9mIGEgcmVzb3VyY2Ugd2hlbiB0aGUgQ29u
c3VtZXIgZG9lcyBub3Qga25vdyB0aGUgcmVzb3VyY2UgInR5cGUiIGFuZCB0aGVyZWZvcmUgY2Fu
bm90IHVzZSBhIHNwZWNpZmljIHJlc291cmNlIGVuZCBwb2ludC4NCj4+Pj4gDQo+Pj4+IA0KPj4+
PiBDb3VsZCB5b3UgZWxhYm9yYXRlIG9uIHRoaXMgdXNlIGNhc2U/IEZ1cnRoZXIsIGlmIHRoaXMg
aXMgYSB2YWxpZCB1c2UgY2FzZSwgd2h5IHdvdWxkbid0IHRoZSBhYmlsaXR5IHRvIHNlYXJjaCBh
Y3Jvc3MgbXVsdGlwbGUgcmVzb3VyY2UgdHlwZXMgYmUgc3VmZmljaWVudCBmb3IgZmluZGluZyBz
dWNoIHJlc291cmNlcz8gZS5nOg0KPj4+PiANCj4+Pj4gICAgR0VUIC9UZW5hbnRzL2FiYz9maWx0
ZXI9ZXh0ZXJuYWxJZCBlcSB4eXoNCj4+Pj4gICAgew0KPj4+PiAgICAgICAidG90YWxSZXN1bHRz
IjogMSwNCj4+Pj4gICAgICAgIlJlc291cmNlcyI6IFsNCj4+Pj4gICAgICAgICAgew0KPj4+PiAg
ICAgICAgICAgICJpZCI6ICIxMjMiLA0KPj4+PiAgICAgICAgICAgICJyZXNvdXJjZVR5cGUiOiAi
VXNlciIsDQo+Pj4+ICAgICAgICAgICAgImV4dGVybmFsSWQiOiAieHl6IiwNCj4+Pj4gICAgICAg
ICAgICAibWV0YSI6IHsNCj4+Pj4gICAgICAgICAgICAgICAgImxvY2F0aW9uIjogImh0dHBzOi8v
ZXhhbXBsZS5jb20vVGVuYW50cy9hYmMvVXNlcnMvMTIzIiwNCj4+Pj4gICAgICAgICAgICAgICAg
Li4uDQo+Pj4+ICAgICAgICAgICAgfSwNCj4+Pj4gICAgICAgICAgICAuLi4NCj4+Pj4gICAgICAg
ICAgfQ0KPj4+PiAgICAgICBdLA0KPj4+PiAgICAgICAuLi4NCj4+Pj4gICAgfQ0KPj4+PiANCj4+
Pj4gKE9yIGFsdGVybmF0aXZlIHRvIHRoZSAicmVzb3VyY2VUeXBlIiwgdGhlIHJlc3BvbnNlIGNv
dWxkIGNvbnRhaW4gYSBsaXN0IG9mICJVc2VycyIgYW5kL29yICJHcm91cHMiIGluc3RlYWQgb2Yg
Z2VuZXJpYyAiUmVzb3VyY2VzIi4pDQo+Pj4+IA0KPj4+PiBUaGUgY3VycmVudCBTQ0lNIHByb3Rv
Y29sIGF0IGxlYXN0IHJlcXVpcmVzIHRoYXQgcmVzb3VyY2VzIGFyZSBjcmVhdGVkIGFuZCBtYW5h
Z2VkIGF0IGEgcGFydGljdWxhciByZXNvdXJjZSBlbmRwb2ludCwgYW5kIHRoZSBpbnRyb2R1Y3Rp
b24gb2YgdGhlIHJlc291cmNlIHR5cGUgYW5kIHByb3Bvc2VkIHNlYXJjaCBmdW5jdGlvbmFsaXR5
IHNlZW0gdG8gb2Zmc2V0IGFueSBuZWVkIGZvciBhIGdsb2JhbCBpZGVudGlmaWVyIGFjcm9zcyBh
bGwgdGVuYW50cyBhbmQgcmVzb3VyY2VzLg0KPj4+PiANCj4+Pj4gX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj4+Pj4gc2NpbSBtYWlsaW5nIGxpc3QNCj4+
Pj4gc2NpbUBpZXRmLm9yZw0KPj4+PiBodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3Rp
bmZvL3NjaW0NCj4+PiANCj4+PiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fXw0KPj4+IHNjaW0gbWFpbGluZyBsaXN0DQo+Pj4gc2NpbUBpZXRmLm9yZw0KPj4+
IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbQ0KPj4gDQo+PiANCj4+
IA0KPj4gX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj4+
IHNjaW0gbWFpbGluZyBsaXN0DQo+PiBzY2ltQGlldGYub3JnDQo+PiBodHRwczovL3d3dy5pZXRm
Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NjaW0NCj4gX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX18NCj4gc2NpbSBtYWlsaW5nIGxpc3QNCj4gc2NpbUBpZXRmLm9y
Zw0KPiBodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NjaW0NCl9fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpzY2ltIG1haWxpbmcgbGlz
dA0Kc2NpbUBpZXRmLm9yZw0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9z
Y2ltDQo=


From randomshelley@gmail.com  Fri Mar 22 19:59:56 2013
Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3230921F8E90 for <scim@ietfa.amsl.com>; Fri, 22 Mar 2013 19:59:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id snay6KPEoRdG for <scim@ietfa.amsl.com>; Fri, 22 Mar 2013 19:59:55 -0700 (PDT)
Received: from mail-ie0-x22c.google.com (mail-ie0-x22c.google.com [IPv6:2607:f8b0:4001:c03::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 3DF9621F8CE0 for <scim@ietf.org>; Fri, 22 Mar 2013 19:59:52 -0700 (PDT)
Received: by mail-ie0-f172.google.com with SMTP id c10so5687169ieb.3 for <scim@ietf.org>; Fri, 22 Mar 2013 19:59:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=s7xK4A1q6ahOYPIyBM8AO7O8ednJ7TQiOwjUTy7a36M=; b=WB+GaS0A7jRrF1LtSuHeHlNBDvN1ZiwiIKYA/Dj/3GRs5LREwS0TVyLMb0AVJVYNRn J5YI20Ix2sD2CWMSFnSdIbMb9qsdSHiFVdlNQ05Bz2j5GJmb76YlW1tpiJ7hnOqTKbfJ EA+lXLKuFTw960YYOCV7BR3EpHCtp80DbYatyVQqvWybGD6qGNSEc1CFdHAWZQtSvUs8 C1vR/I5CuWTuMVrUtTMMZb5ozwODgPMXp/vEfU5Q1ePP9Oi8dypYBlGpSRScFdhRoniW 4THXMM0WZMES27rMr4QKJUIJNMe9oB9rbGx+iO1iKEA0Q4zqPie15NGk0A+FDOAZFMGt v99w==
MIME-Version: 1.0
X-Received: by 10.50.149.233 with SMTP id ud9mr2798201igb.92.1364007591886; Fri, 22 Mar 2013 19:59:51 -0700 (PDT)
Received: by 10.64.126.65 with HTTP; Fri, 22 Mar 2013 19:59:51 -0700 (PDT)
Date: Fri, 22 Mar 2013 21:59:51 -0500
Message-ID: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com>
From: Shelley <randomshelley@gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary=e89a8f3ba181fcb23104d88ec3e3
Subject: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Mar 2013 02:59:56 -0000

--e89a8f3ba181fcb23104d88ec3e3
Content-Type: text/plain; charset=ISO-8859-1

As a SCIM service provider, we are trying to determine the best approach
for accepting and managing names that may be federated from global
consumers.

Were there any considerations made in the SCIM core schema for using
multi-valued attributes for the individual name components? The use of the
"familyName" and "givenName" as opposed to "firstName"/"lastName" helps
minimize a western/US-centric approach, but using three individual,
singular attributes for these name components still hints at a particular
name format that may not be global.

For example, in many countries, individuals have a given name and two last
names (rather than first name, middle name, last name). Does SCIM provide
any recommendations for how to represent this using the existing name
components? For example, are consumers expected to consolidate all last
names into the single familyName attribute to accommodate this scenario?
Likewise, there are many other cases [1,2] that don't quite cleanly fit
into these singular name components.

The "formattedName", "displayName", and "nickName" attributes help to
mitigate some concerns around formatting names and addressing users, but
we're still trying to iron out how to accept identity data from varying
contributing sources as well as enable consumers to obtain the discrete
name components.

[1] http://www.w3.org/International/questions/qa-personal-names
[2] http://en.wikipedia.org/wiki/Personal_name

--e89a8f3ba181fcb23104d88ec3e3
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

As a SCIM service provider, we are trying to determine the best approach fo=
r=20
accepting and managing names that may be federated from global=20
consumers.<br><br>Were there any considerations made in the SCIM core schem=
a for using multi-valued attributes for the individual name components? The=
 use of the &quot;familyName&quot; and &quot;givenName&quot; as opposed to =
&quot;firstName&quot;/&quot;lastName&quot; helps minimize a western/US-cent=
ric approach, but using three individual, singular attributes for these nam=
e components still hints at a particular name format that may not be global=
.<br>
<br>For example, in many countries, individuals have a given name and two l=
ast names (rather than first name, middle name, last name). Does SCIM provi=
de any recommendations for how to represent this using the existing name co=
mponents? For example, are consumers expected to consolidate all last names=
 into the single familyName attribute to accommodate this scenario? Likewis=
e, there are many other cases [1,2] that don&#39;t quite cleanly fit into t=
hese singular name components.<br>
<br>The &quot;formattedName&quot;, &quot;displayName&quot;, and &quot;nickN=
ame&quot; attributes help to mitigate some concerns around formatting names=
 and addressing users, but we&#39;re still trying to iron out how to accept=
 identity data from varying contributing sources as well as enable consumer=
s to obtain the discrete name components.<br>
<br>[1] <a href=3D"http://www.w3.org/International/questions/qa-personal-na=
mes">http://www.w3.org/International/questions/qa-personal-names</a><br>[2]=
 <a href=3D"http://en.wikipedia.org/wiki/Personal_name">http://en.wikipedia=
.org/wiki/Personal_name</a><br>

--e89a8f3ba181fcb23104d88ec3e3--

From marc.blanchet@viagenie.ca  Sun Mar 24 15:36:24 2013
Return-Path: <marc.blanchet@viagenie.ca>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44DC621F8E34 for <scim@ietfa.amsl.com>; Sun, 24 Mar 2013 15:36:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.337
X-Spam-Level: 
X-Spam-Status: No, score=-102.337 tagged_above=-999 required=5 tests=[AWL=0.261, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Af1lyxIE7trw for <scim@ietfa.amsl.com>; Sun, 24 Mar 2013 15:36:23 -0700 (PDT)
Received: from jazz.viagenie.ca (jazz.viagenie.ca [206.123.31.2]) by ietfa.amsl.com (Postfix) with ESMTP id 44DFB21F8E30 for <scim@ietf.org>; Sun, 24 Mar 2013 15:36:23 -0700 (PDT)
Received: from mb.lan (modemcable180.211-203-24.mc.videotron.ca [24.203.211.180]) by jazz.viagenie.ca (Postfix) with ESMTPSA id 1FF7140420; Sun, 24 Mar 2013 18:35:52 -0400 (EDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_773EEC70-D219-4203-8622-11630FC78B95"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Marc Blanchet <marc.blanchet@viagenie.ca>
In-Reply-To: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com>
Date: Sun, 24 Mar 2013 18:35:24 -0400
Message-Id: <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com>
To: Shelley <randomshelley@gmail.com>
X-Mailer: Apple Mail (2.1503)
Cc: scim@ietf.org
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2013 22:36:24 -0000

--Apple-Mail=_773EEC70-D219-4203-8622-11630FC78B95
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=iso-8859-1

might want to look at vCard  (RFC6350).

Marc.

Le 2013-03-22 =E0 22:59, Shelley <randomshelley@gmail.com> a =E9crit :

> As a SCIM service provider, we are trying to determine the best =
approach for accepting and managing names that may be federated from =
global consumers.
>=20
> Were there any considerations made in the SCIM core schema for using =
multi-valued attributes for the individual name components? The use of =
the "familyName" and "givenName" as opposed to "firstName"/"lastName" =
helps minimize a western/US-centric approach, but using three =
individual, singular attributes for these name components still hints at =
a particular name format that may not be global.
>=20
> For example, in many countries, individuals have a given name and two =
last names (rather than first name, middle name, last name). Does SCIM =
provide any recommendations for how to represent this using the existing =
name components? For example, are consumers expected to consolidate all =
last names into the single familyName attribute to accommodate this =
scenario? Likewise, there are many other cases [1,2] that don't quite =
cleanly fit into these singular name components.
>=20
> The "formattedName", "displayName", and "nickName" attributes help to =
mitigate some concerns around formatting names and addressing users, but =
we're still trying to iron out how to accept identity data from varying =
contributing sources as well as enable consumers to obtain the discrete =
name components.
>=20
> [1] http://www.w3.org/International/questions/qa-personal-names
> [2] http://en.wikipedia.org/wiki/Personal_name
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_773EEC70-D219-4203-8622-11630FC78B95
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=iso-8859-1

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Diso-8859-1"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">might =
want to look at vCard =
&nbsp;(RFC6350).<div><br></div><div>Marc.</div><div><br><div><div>Le =
2013-03-22 =E0 22:59, Shelley &lt;<a =
href=3D"mailto:randomshelley@gmail.com">randomshelley@gmail.com</a>&gt; =
a =E9crit :</div><br class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite">As a SCIM service provider, we are trying to determine the =
best approach for=20
accepting and managing names that may be federated from global=20
consumers.<br><br>Were there any considerations made in the SCIM core =
schema for using multi-valued attributes for the individual name =
components? The use of the "familyName" and "givenName" as opposed to =
"firstName"/"lastName" helps minimize a western/US-centric approach, but =
using three individual, singular attributes for these name components =
still hints at a particular name format that may not be global.<br>
<br>For example, in many countries, individuals have a given name and =
two last names (rather than first name, middle name, last name). Does =
SCIM provide any recommendations for how to represent this using the =
existing name components? For example, are consumers expected to =
consolidate all last names into the single familyName attribute to =
accommodate this scenario? Likewise, there are many other cases [1,2] =
that don't quite cleanly fit into these singular name components.<br>
<br>The "formattedName", "displayName", and "nickName" attributes help =
to mitigate some concerns around formatting names and addressing users, =
but we're still trying to iron out how to accept identity data from =
varying contributing sources as well as enable consumers to obtain the =
discrete name components.<br>
<br>[1] <a =
href=3D"http://www.w3.org/International/questions/qa-personal-names">http:=
//www.w3.org/International/questions/qa-personal-names</a><br>[2] <a =
href=3D"http://en.wikipedia.org/wiki/Personal_name">http://en.wikipedia.or=
g/wiki/Personal_name</a><br>
_______________________________________________<br>scim mailing =
list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></div></body></html>=

--Apple-Mail=_773EEC70-D219-4203-8622-11630FC78B95--

From Bert.Greevenbosch@huawei.com  Sun Mar 24 22:41:12 2013
Return-Path: <Bert.Greevenbosch@huawei.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E20521F8E4D for <scim@ietfa.amsl.com>; Sun, 24 Mar 2013 22:41:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.247
X-Spam-Level: *
X-Spam-Status: No, score=1.247 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, MIME_BASE64_TEXT=2.796, MIME_CHARSET_FARAWAY=2.45, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zmlkL1Z7nBiI for <scim@ietfa.amsl.com>; Sun, 24 Mar 2013 22:41:11 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 5D1F721F8E69 for <scim@ietf.org>; Sun, 24 Mar 2013 22:41:10 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml203-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id APT30696; Mon, 25 Mar 2013 05:41:09 +0000 (GMT)
Received: from LHREML404-HUB.china.huawei.com (10.201.5.218) by lhreml203-edg.huawei.com (172.18.7.221) with Microsoft SMTP Server (TLS) id 14.1.323.7; Mon, 25 Mar 2013 05:40:53 +0000
Received: from SZXEML406-HUB.china.huawei.com (10.82.67.93) by lhreml404-hub.china.huawei.com (10.201.5.218) with Microsoft SMTP Server (TLS) id 14.1.323.7; Mon, 25 Mar 2013 13:41:05 +0800
Received: from szxeml558-mbx.china.huawei.com ([169.254.7.185]) by szxeml406-hub.china.huawei.com ([10.82.67.93]) with mapi id 14.01.0323.007; Mon, 25 Mar 2013 13:41:00 +0800
From: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>
To: Marc Blanchet <marc.blanchet@viagenie.ca>, Shelley <randomshelley@gmail.com>
Thread-Topic: [scim] Name Internationalization
Thread-Index: AQHOJ3KFy727VUoVnEmlhNc7iCT2rJi06r4AgAD7whA=
Date: Mon, 25 Mar 2013 05:41:00 +0000
Message-ID: <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca>
In-Reply-To: <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.66.162.63]
Content-Type: multipart/alternative; boundary="_000_46A1DF3F04371240B504290A071B4DB63D688951szxeml558mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 05:41:12 -0000

--_000_46A1DF3F04371240B504290A071B4DB63D688951szxeml558mbxchi_
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64

SSBzdHVtYmxlZCBhY3Jvc3MgdGhlIHNhbWUgaXNzdWUgd2hlbiBkb2luZyB2MDIgb2YgdGhlIFND
SU0vdkNhcmQgbWFwcGluZyBkcmFmdC4gU2VlIHNlY3Rpb24gNi4NCmh0dHA6Ly9kYXRhdHJhY2tl
ci5pZXRmLm9yZy9kb2MvZHJhZnQtZ3JlZXZlbmJvc2NoLXNjaW0tdmNhcmQtbWFwcGluZy8NCg0K
SW5kZWVkIGluIHZDYXJkIG11bHRpcGxlIHN1cm5hbWVzLCBnaXZlbiBuYW1lcyBhbmQgYWRkaXRp
b25hbCBuYW1lcyBhcmUgcG9zc2libGUuDQoNCkJlc3QgcmVnYXJkcywNCkJlcnQNCg0KRnJvbTog
c2NpbS1ib3VuY2VzQGlldGYub3JnIFttYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnXSBPbiBC
ZWhhbGYgT2YgTWFyYyBCbGFuY2hldA0KU2VudDogMjAxM8TqM9TCMjXI1SA2OjM1DQpUbzogU2hl
bGxleQ0KQ2M6IHNjaW1AaWV0Zi5vcmcNClN1YmplY3Q6IFJlOiBbc2NpbV0gTmFtZSBJbnRlcm5h
dGlvbmFsaXphdGlvbg0KDQptaWdodCB3YW50IHRvIGxvb2sgYXQgdkNhcmQgIChSRkM2MzUwKS4N
Cg0KTWFyYy4NCg0KTGUgMjAxMy0wMy0yMiCopCAyMjo1OSwgU2hlbGxleSA8cmFuZG9tc2hlbGxl
eUBnbWFpbC5jb208bWFpbHRvOnJhbmRvbXNoZWxsZXlAZ21haWwuY29tPj4gYSCopmNyaXQgOg0K
DQoNCkFzIGEgU0NJTSBzZXJ2aWNlIHByb3ZpZGVyLCB3ZSBhcmUgdHJ5aW5nIHRvIGRldGVybWlu
ZSB0aGUgYmVzdCBhcHByb2FjaCBmb3IgYWNjZXB0aW5nIGFuZCBtYW5hZ2luZyBuYW1lcyB0aGF0
IG1heSBiZSBmZWRlcmF0ZWQgZnJvbSBnbG9iYWwgY29uc3VtZXJzLg0KDQpXZXJlIHRoZXJlIGFu
eSBjb25zaWRlcmF0aW9ucyBtYWRlIGluIHRoZSBTQ0lNIGNvcmUgc2NoZW1hIGZvciB1c2luZyBt
dWx0aS12YWx1ZWQgYXR0cmlidXRlcyBmb3IgdGhlIGluZGl2aWR1YWwgbmFtZSBjb21wb25lbnRz
PyBUaGUgdXNlIG9mIHRoZSAiZmFtaWx5TmFtZSIgYW5kICJnaXZlbk5hbWUiIGFzIG9wcG9zZWQg
dG8gImZpcnN0TmFtZSIvImxhc3ROYW1lIiBoZWxwcyBtaW5pbWl6ZSBhIHdlc3Rlcm4vVVMtY2Vu
dHJpYyBhcHByb2FjaCwgYnV0IHVzaW5nIHRocmVlIGluZGl2aWR1YWwsIHNpbmd1bGFyIGF0dHJp
YnV0ZXMgZm9yIHRoZXNlIG5hbWUgY29tcG9uZW50cyBzdGlsbCBoaW50cyBhdCBhIHBhcnRpY3Vs
YXIgbmFtZSBmb3JtYXQgdGhhdCBtYXkgbm90IGJlIGdsb2JhbC4NCg0KRm9yIGV4YW1wbGUsIGlu
IG1hbnkgY291bnRyaWVzLCBpbmRpdmlkdWFscyBoYXZlIGEgZ2l2ZW4gbmFtZSBhbmQgdHdvIGxh
c3QgbmFtZXMgKHJhdGhlciB0aGFuIGZpcnN0IG5hbWUsIG1pZGRsZSBuYW1lLCBsYXN0IG5hbWUp
LiBEb2VzIFNDSU0gcHJvdmlkZSBhbnkgcmVjb21tZW5kYXRpb25zIGZvciBob3cgdG8gcmVwcmVz
ZW50IHRoaXMgdXNpbmcgdGhlIGV4aXN0aW5nIG5hbWUgY29tcG9uZW50cz8gRm9yIGV4YW1wbGUs
IGFyZSBjb25zdW1lcnMgZXhwZWN0ZWQgdG8gY29uc29saWRhdGUgYWxsIGxhc3QgbmFtZXMgaW50
byB0aGUgc2luZ2xlIGZhbWlseU5hbWUgYXR0cmlidXRlIHRvIGFjY29tbW9kYXRlIHRoaXMgc2Nl
bmFyaW8/IExpa2V3aXNlLCB0aGVyZSBhcmUgbWFueSBvdGhlciBjYXNlcyBbMSwyXSB0aGF0IGRv
bid0IHF1aXRlIGNsZWFubHkgZml0IGludG8gdGhlc2Ugc2luZ3VsYXIgbmFtZSBjb21wb25lbnRz
Lg0KDQpUaGUgImZvcm1hdHRlZE5hbWUiLCAiZGlzcGxheU5hbWUiLCBhbmQgIm5pY2tOYW1lIiBh
dHRyaWJ1dGVzIGhlbHAgdG8gbWl0aWdhdGUgc29tZSBjb25jZXJucyBhcm91bmQgZm9ybWF0dGlu
ZyBuYW1lcyBhbmQgYWRkcmVzc2luZyB1c2VycywgYnV0IHdlJ3JlIHN0aWxsIHRyeWluZyB0byBp
cm9uIG91dCBob3cgdG8gYWNjZXB0IGlkZW50aXR5IGRhdGEgZnJvbSB2YXJ5aW5nIGNvbnRyaWJ1
dGluZyBzb3VyY2VzIGFzIHdlbGwgYXMgZW5hYmxlIGNvbnN1bWVycyB0byBvYnRhaW4gdGhlIGRp
c2NyZXRlIG5hbWUgY29tcG9uZW50cy4NCg0KWzFdIGh0dHA6Ly93d3cudzMub3JnL0ludGVybmF0
aW9uYWwvcXVlc3Rpb25zL3FhLXBlcnNvbmFsLW5hbWVzDQpbMl0gaHR0cDovL2VuLndpa2lwZWRp
YS5vcmcvd2lraS9QZXJzb25hbF9uYW1lDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fXw0Kc2NpbSBtYWlsaW5nIGxpc3QNCnNjaW1AaWV0Zi5vcmc8bWFpbHRv
OnNjaW1AaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL3Nj
aW0NCg0K

--_000_46A1DF3F04371240B504290A071B4DB63D688951szxeml558mbxchi_
Content-Type: text/html; charset="gb2312"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dgb2312">
<meta name=3D"Generator" content=3D"Microsoft Word 12 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:=CB=CE=CC=E5;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:"\@=CB=CE=CC=E5";
	panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple" style=3D"word-wrap: bre=
ak-word;-webkit-nbsp-mode: space;-webkit-line-break: after-white-space">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">I stumbled across the same issue when d=
oing v02 of the SCIM/vCard mapping draft. See section 6.<o:p></o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">http://datatracker.ietf.org/doc/draft-g=
reevenbosch-scim-vcard-mapping/<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Indeed in vCard multiple surnames, give=
n names and additional names are possible.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Best regards,<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Bert<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm =
0cm 0cm">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> scim-bou=
nces@ietf.org [mailto:scim-bounces@ietf.org]
<b>On Behalf Of </b>Marc Blanchet<br>
<b>Sent:</b> 2013</span><span lang=3D"ZH-CN" style=3D"font-size:10.0pt;font=
-family:=CB=CE=CC=E5">=C4=EA</span><span style=3D"font-size:10.0pt;font-fam=
ily:&quot;Tahoma&quot;,&quot;sans-serif&quot;">3</span><span lang=3D"ZH-CN"=
 style=3D"font-size:10.0pt;font-family:=CB=CE=CC=E5">=D4=C2</span><span sty=
le=3D"font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot=
;">25</span><span lang=3D"ZH-CN" style=3D"font-size:10.0pt;font-family:=CB=
=CE=CC=E5">=C8=D5</span><span style=3D"font-size:10.0pt;font-family:&quot;T=
ahoma&quot;,&quot;sans-serif&quot;">
 6:35<br>
<b>To:</b> Shelley<br>
<b>Cc:</b> scim@ietf.org<br>
<b>Subject:</b> Re: [scim] Name Internationalization<o:p></o:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">might want to look at vCard &nbsp;(RFC6350).<o:p></o=
:p></p>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">Marc.<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal">Le 2013-03-22 =A8=A4 22:59, Shelley &lt;<a href=3D"m=
ailto:randomshelley@gmail.com">randomshelley@gmail.com</a>&gt; a =A8=A6crit=
 :<o:p></o:p></p>
</div>
<p class=3D"MsoNormal"><br>
<br>
<o:p></o:p></p>
<p class=3D"MsoNormal">As a SCIM service provider, we are trying to determi=
ne the best approach for accepting and managing names that may be federated=
 from global consumers.<br>
<br>
Were there any considerations made in the SCIM core schema for using multi-=
valued attributes for the individual name components? The use of the &quot;=
familyName&quot; and &quot;givenName&quot; as opposed to &quot;firstName&qu=
ot;/&quot;lastName&quot; helps minimize a western/US-centric approach, but
 using three individual, singular attributes for these name components stil=
l hints at a particular name format that may not be global.<br>
<br>
For example, in many countries, individuals have a given name and two last =
names (rather than first name, middle name, last name). Does SCIM provide a=
ny recommendations for how to represent this using the existing name compon=
ents? For example, are consumers
 expected to consolidate all last names into the single familyName attribut=
e to accommodate this scenario? Likewise, there are many other cases [1,2] =
that don't quite cleanly fit into these singular name components.<br>
<br>
The &quot;formattedName&quot;, &quot;displayName&quot;, and &quot;nickName&=
quot; attributes help to mitigate some concerns around formatting names and=
 addressing users, but we're still trying to iron out how to accept identit=
y data from varying contributing sources as well as enable consumers
 to obtain the discrete name components.<br>
<br>
[1] <a href=3D"http://www.w3.org/International/questions/qa-personal-names"=
>http://www.w3.org/International/questions/qa-personal-names</a><br>
[2] <a href=3D"http://en.wikipedia.org/wiki/Personal_name">http://en.wikipe=
dia.org/wiki/Personal_name</a><br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
https://www.ietf.org/mailman/listinfo/scim<o:p></o:p></p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
</body>
</html>

--_000_46A1DF3F04371240B504290A071B4DB63D688951szxeml558mbxchi_--

From trscavo@gmail.com  Mon Mar 25 03:47:50 2013
Return-Path: <trscavo@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69A6721F888C for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 03:47:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FNAV9Ds91ACj for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 03:47:49 -0700 (PDT)
Received: from mail-ob0-x22b.google.com (mail-ob0-x22b.google.com [IPv6:2607:f8b0:4003:c01::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 99CA321F8967 for <scim@ietf.org>; Mon, 25 Mar 2013 03:47:46 -0700 (PDT)
Received: by mail-ob0-f171.google.com with SMTP id x4so5802727obh.16 for <scim@ietf.org>; Mon, 25 Mar 2013 03:47:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=4E9m99whkrNoe6RR8wrDV8Z8KGT15uJN/lu/xasHw0c=; b=VL0UrVBbvbjen3oGi8EHYOoh6xkorGASLscTUlqTwCfxu/uxJ6y97Jc0MvIqjK6L+E fMaNenHZy+CwrJgAZAmyHcrqOXXd4Gg/BJdAuUjoSKrYFXVhhtWxi5KN0cWBd1KCZTaZ 4cDJv09eUzwvQCAeqU5q6L7oA/zhbQlt7ZKmES8O+DQkT4YMGZ6aAUZRr2Q+1iwMkR8n UiyL4qs52h/aG68BipyUEAXGOUBXn2g3tZEf/ZJSU0uQ38gKub5QLvri/IZ8u6m6ab8O oNhhdTwBW6muNG41m0oudoPybb2/T4gVv8ZZv93CuTxAtRe4OF/rTsdn6NaA346oaE2v vKDA==
MIME-Version: 1.0
X-Received: by 10.60.3.10 with SMTP id 10mr11082425oey.61.1364208466228; Mon, 25 Mar 2013 03:47:46 -0700 (PDT)
Received: by 10.76.137.200 with HTTP; Mon, 25 Mar 2013 03:47:45 -0700 (PDT)
In-Reply-To: <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com>
Date: Mon, 25 Mar 2013 06:47:45 -0400
Message-ID: <CAEtu=dMC31h8hceMN3Wimz0QsaEXMc2_x5=X2a5hw5dphx8Dbw@mail.gmail.com>
From: Tom Scavo <trscavo@gmail.com>
To: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: Marc Blanchet <marc.blanchet@viagenie.ca>, Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 10:47:50 -0000

On Mon, Mar 25, 2013 at 1:41 AM, Bert Greevenbosch
<Bert.Greevenbosch@huawei.com> wrote:
> I stumbled across the same issue when doing v02 of the SCIM/vCard mapping
> draft. See section 6.
>
> http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vcard-mapping/
>
> Indeed in vCard multiple surnames, given names and additional names are
> possible.

Yes, but perhaps there should be one and only one displayName. Such is
the case in the LDAP inetOrgPerson Object Class
(http://www.ietf.org/rfc/rfc2798.txt).

Tom

From tatsuo.kudo@gmail.com  Mon Mar 25 08:46:10 2013
Return-Path: <tatsuo.kudo@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72E2D21F8D24 for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 08:46:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q7tWKWcYirRw for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 08:46:09 -0700 (PDT)
Received: from mail-la0-x234.google.com (mail-la0-x234.google.com [IPv6:2a00:1450:4010:c03::234]) by ietfa.amsl.com (Postfix) with ESMTP id 10D6E21F8C97 for <scim@ietf.org>; Mon, 25 Mar 2013 08:46:05 -0700 (PDT)
Received: by mail-la0-f52.google.com with SMTP id fs12so11573047lab.39 for <scim@ietf.org>; Mon, 25 Mar 2013 08:46:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=RfQRJd1STM/wUzvpWwrubq2XEsq9e92y0IrPYex2q8Y=; b=A15znOaBAgkd09fSmabP5M4KRfl7a7acR2+StfC99ZQy0PcIFxbSry8y96hf1BeiKg CyBnfq6uqIhDy7gHEL43tIaFn0GqZbNvWfPjPLafphGRi2aqZnhotjM8QsKIGdKTuWA7 GD+6YA9ucG9DQaBgvHhusxX8QzXnaFHQUql9dslDZX/oOHSUNa2zqKHsslaZwI6Uz7Jv q8nFURDFEILkZu6ltgb7rWdB/YcE52sQO6s6ZEWSqVoAKg5K+hBQxvS8/iw3i4XLjOLW sZ8jPYLOAapw9BsxlwJKvTuEjXGmjp+oz6PeOTw/89jbzyFj7W/A7iYZlCTFBXENzEuS MhOg==
X-Received: by 10.112.39.138 with SMTP id p10mr6359530lbk.31.1364226364926; Mon, 25 Mar 2013 08:46:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.112.3.163 with HTTP; Mon, 25 Mar 2013 08:45:44 -0700 (PDT)
In-Reply-To: <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com>
From: Tatsuo Kudo <tatsuo.kudo@gmail.com>
Date: Tue, 26 Mar 2013 00:45:44 +0900
Message-ID: <CAG-hk4gp85BEGRgRYpj_YgYzas1J0ewtkwq7B1haNLC6NTmrQg@mail.gmail.com>
To: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: Marc Blanchet <marc.blanchet@viagenie.ca>, Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 15:46:10 -0000

I think most of attributes currently defined as "Singular Attributes"
in the schema draft should allow multi-valued ones as well for
non-English environment.  For example, businesses in Japan usually
store Kanji and Kana characters (cf.
http://en.wikipedia.org/wiki/Japanese_writing_system) for almost all
attributes from name to department.

I prefer Kelly Grizzle's suggestion in his follow-up to my question last mo=
nth.

 http://www.ietf.org/mail-archive/web/scim/current/msg00926.html

And would like to apply it other than phonetic representation like:

"displayName": [
    { "value": "<Kana characters>", "locale": "ja-kana-JP" },
    { "value": "<Kanji characters>", "locale": "ja-JP" }
  ]

Thoughts?

Tatsuo.


On Mon, Mar 25, 2013 at 2:41 PM, Bert Greevenbosch
<Bert.Greevenbosch@huawei.com> wrote:
> I stumbled across the same issue when doing v02 of the SCIM/vCard mapping
> draft. See section 6.
>
> http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vcard-mapping/
>
>
>
> Indeed in vCard multiple surnames, given names and additional names are
> possible.
>
>
>
> Best regards,
>
> Bert
>
>
>
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of M=
arc
> Blanchet
> Sent: 2013=E5=B9=B43=E6=9C=8825=E6=97=A5 6:35
> To: Shelley
> Cc: scim@ietf.org
> Subject: Re: [scim] Name Internationalization
>
>
>
> might want to look at vCard  (RFC6350).
>
>
>
> Marc.
>
>
>
> Le 2013-03-22 =C3=A0 22:59, Shelley <randomshelley@gmail.com> a =C3=A9cri=
t :
>
>
>
> As a SCIM service provider, we are trying to determine the best approach =
for
> accepting and managing names that may be federated from global consumers.
>
> Were there any considerations made in the SCIM core schema for using
> multi-valued attributes for the individual name components? The use of th=
e
> "familyName" and "givenName" as opposed to "firstName"/"lastName" helps
> minimize a western/US-centric approach, but using three individual, singu=
lar
> attributes for these name components still hints at a particular name for=
mat
> that may not be global.
>
> For example, in many countries, individuals have a given name and two las=
t
> names (rather than first name, middle name, last name). Does SCIM provide
> any recommendations for how to represent this using the existing name
> components? For example, are consumers expected to consolidate all last
> names into the single familyName attribute to accommodate this scenario?
> Likewise, there are many other cases [1,2] that don't quite cleanly fit i=
nto
> these singular name components.
>
> The "formattedName", "displayName", and "nickName" attributes help to
> mitigate some concerns around formatting names and addressing users, but
> we're still trying to iron out how to accept identity data from varying
> contributing sources as well as enable consumers to obtain the discrete n=
ame
> components.
>
> [1] http://www.w3.org/International/questions/qa-personal-names
> [2] http://en.wikipedia.org/wiki/Personal_name
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

From randomshelley@gmail.com  Mon Mar 25 12:06:59 2013
Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFCD321F9571 for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 12:06:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bO+XwBHiIiXm for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 12:06:58 -0700 (PDT)
Received: from mail-ie0-x22f.google.com (mail-ie0-x22f.google.com [IPv6:2607:f8b0:4001:c03::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 9FC7E21F9562 for <scim@ietf.org>; Mon, 25 Mar 2013 12:06:58 -0700 (PDT)
Received: by mail-ie0-f175.google.com with SMTP id c12so7732794ieb.6 for <scim@ietf.org>; Mon, 25 Mar 2013 12:06:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=6nWTB26mZ/39UhPPVZowkk6gRj/yIX62S3fq0CwC5Rs=; b=FxiBzMyKIGdd+WoEdep75iRx6ob5+s0fOG71ut5LvPYA1MyTopI1CJN6EWU6A6MSDm qIlRpAraqYgnj14vZa15VkNiQXWUAF8Xy4bd5xq4n1f6b57kFieAatq6u4DgYxL7OZ8k yc49rd2O2ZD3amyWap55z/elZsB5zuDp2J6zNCPXJOrvNJP1/r21Gv678GAvUYB+k0dl XRLapFlM4VT3wvnuwWI197534vjp4v0qLG3h6vTzPWTwoV9m2X4CQafEibrHL4ND3MHC QwLflkxtxdf5bRsj2QyilrDgFFelNqWrIj7fraJFqDFUcVXqKLAmolJtLfFsSCQDLwQt OY4w==
MIME-Version: 1.0
X-Received: by 10.50.42.168 with SMTP id p8mr8888983igl.106.1364238418110; Mon, 25 Mar 2013 12:06:58 -0700 (PDT)
Received: by 10.64.126.65 with HTTP; Mon, 25 Mar 2013 12:06:58 -0700 (PDT)
In-Reply-To: <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com>
Date: Mon, 25 Mar 2013 14:06:58 -0500
Message-ID: <CAGUsYPw7n0CqwUZE=ktEkM5sxjWLUrzCwV9oPVvk6zf+fC1FMw@mail.gmail.com>
From: Shelley <randomshelley@gmail.com>
To: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>
Content-Type: multipart/alternative; boundary=14dae934108d4eef6d04d8c4824c
Cc: Marc Blanchet <marc.blanchet@viagenie.ca>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 19:06:59 -0000

--14dae934108d4eef6d04d8c4824c
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Thanks, Bert. So to clarify, in the SCIM/vCard mapping proposal, multiple
name components will be *comma-separated* in the corresponding SCIM
singular attribute? In our case, we are initially considering *space-delimi=
ting
*the components such that this would effectively serve as a "formatted"
familyName/givenName/etc. and could potentially accommodate contributing
systems that only store single-valued name attributes as well.

With a comma-delimited value, all SCIM consumers must be aware of this
special format when dealing with the attribute. With a space-delimited
value, consumers may not be able to retrieve the individual values, but can
handle the name consistently without attempting to parse and regardless of
the origin of the data (i.e. whether it came from a system that only stores
a single value or multiple values).

I also noticed that the SCIM/vCard draft includes this as an open issue,
proposing that it may be more appropriate to update the SCIM schema to
handle multiple values. Is this a topic that's currently being discussed?

We are currently adopting the SCIM 1.1 specification, but are trying to
consider potential changes for SCIM 2.0 in our implementation.


On Mon, Mar 25, 2013 at 12:41 AM, Bert Greevenbosch <
Bert.Greevenbosch@huawei.com> wrote:

>  I stumbled across the same issue when doing v02 of the SCIM/vCard
> mapping draft. See section 6.****
>
> http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vcard-mapping/***=
*
>
> ** **
>
> Indeed in vCard multiple surnames, given names and additional names are
> possible.****
>
> ** **
>
> Best regards,****
>
> Bert****
>
> ** **
>
> *From:* scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] *On Behalf
> Of *Marc Blanchet
> *Sent:* 2013=E5=B9=B43=E6=9C=8825=E6=97=A5 6:35
> *To:* Shelley
> *Cc:* scim@ietf.org
> *Subject:* Re: [scim] Name Internationalization****
>
> ** **
>
> might want to look at vCard  (RFC6350).****
>
> ** **
>
> Marc.****
>
> ** **
>
> Le 2013-03-22 =C3=A0 22:59, Shelley <randomshelley@gmail.com> a =C3=A9cri=
t :****
>
>
>
> ****
>
> As a SCIM service provider, we are trying to determine the best approach
> for accepting and managing names that may be federated from global
> consumers.
>
> Were there any considerations made in the SCIM core schema for using
> multi-valued attributes for the individual name components? The use of th=
e
> "familyName" and "givenName" as opposed to "firstName"/"lastName" helps
> minimize a western/US-centric approach, but using three individual,
> singular attributes for these name components still hints at a particular
> name format that may not be global.
>
> For example, in many countries, individuals have a given name and two las=
t
> names (rather than first name, middle name, last name). Does SCIM provide
> any recommendations for how to represent this using the existing name
> components? For example, are consumers expected to consolidate all last
> names into the single familyName attribute to accommodate this scenario?
> Likewise, there are many other cases [1,2] that don't quite cleanly fit
> into these singular name components.
>
> The "formattedName", "displayName", and "nickName" attributes help to
> mitigate some concerns around formatting names and addressing users, but
> we're still trying to iron out how to accept identity data from varying
> contributing sources as well as enable consumers to obtain the discrete
> name components.
>
> [1] http://www.w3.org/International/questions/qa-personal-names
> [2] http://en.wikipedia.org/wiki/Personal_name
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim****
>
> ** **
>

--14dae934108d4eef6d04d8c4824c
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Thanks, Bert. So to clarify, in the SCIM/vCard mapping proposal, multiple n=
ame components will be <i>comma-separated</i> in the corresponding SCIM sin=
gular attribute? In our case, we are initially considering <i>space-delimit=
ing </i>the components such that this would effectively serve as a &quot;fo=
rmatted&quot; familyName/givenName/etc. and could potentially accommodate c=
ontributing systems that only store single-valued name attributes as well.<=
br>
<br>With a comma-delimited value, all SCIM consumers must be aware of this =
special format when dealing with the attribute. With a space-delimited valu=
e, consumers may not be able to retrieve the individual values, but can han=
dle the name consistently without attempting to parse and regardless of the=
 origin of the data (i.e. whether it came from a system that only stores a =
single value or multiple values).<br>
<br>I also noticed that the SCIM/vCard draft includes this as an open issue=
, proposing that it may be more appropriate to update the SCIM schema to ha=
ndle multiple values. Is this a topic that&#39;s currently being discussed?=
<br>
<br>We are currently adopting the SCIM 1.1 specification, but are trying to=
 consider potential changes for SCIM 2.0 in our implementation.<br><br><br>=
<div class=3D"gmail_quote">On Mon, Mar 25, 2013 at 12:41 AM, Bert Greevenbo=
sch <span dir=3D"ltr">&lt;<a href=3D"mailto:Bert.Greevenbosch@huawei.com" t=
arget=3D"_blank">Bert.Greevenbosch@huawei.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">





<div link=3D"blue" vlink=3D"purple" style=3D"word-wrap:break-word" lang=3D"=
EN-US">
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">I stumbled across the same issue when d=
oing v02 of the SCIM/vCard mapping draft. See section 6.<u></u><u></u></spa=
n></p>

<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;"><a href=3D"http://datatracker.ietf.org/=
doc/draft-greevenbosch-scim-vcard-mapping/" target=3D"_blank">http://datatr=
acker.ietf.org/doc/draft-greevenbosch-scim-vcard-mapping/</a><u></u><u></u>=
</span></p>

<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;"><u></u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Indeed in vCard multiple surnames, give=
n names and additional names are possible.<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;"><u></u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Best regards,<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;">Bert<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>=C2=A0<u></u></spa=
n></p>
<div>
<div style=3D"border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0cm =
0cm 0cm">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> <a href=
=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-bounces@ietf.org</=
a> [mailto:<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-=
bounces@ietf.org</a>]
<b>On Behalf Of </b>Marc Blanchet<br>
<b>Sent:</b> 2013</span><span style=3D"font-size:10.0pt;font-family:=E5=AE=
=8B=E4=BD=93" lang=3D"ZH-CN">=E5=B9=B4</span><span style=3D"font-size:10.0p=
t;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">3</span><span styl=
e=3D"font-size:10.0pt;font-family:=E5=AE=8B=E4=BD=93" lang=3D"ZH-CN">=E6=9C=
=88</span><span style=3D"font-size:10.0pt;font-family:&quot;Tahoma&quot;,&q=
uot;sans-serif&quot;">25</span><span style=3D"font-size:10.0pt;font-family:=
=E5=AE=8B=E4=BD=93" lang=3D"ZH-CN">=E6=97=A5</span><span style=3D"font-size=
:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">
 6:35<br>
<b>To:</b> Shelley<br>
<b>Cc:</b> <a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org=
</a><br>
<b>Subject:</b> Re: [scim] Name Internationalization<u></u><u></u></span></=
p>
</div>
</div><div><div class=3D"h5">
<p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p>
<p class=3D"MsoNormal">might want to look at vCard =C2=A0(RFC6350).<u></u><=
u></u></p>
<div>
<p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p>
</div>
<div>
<p class=3D"MsoNormal">Marc.<u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p>
<div>
<div>
<p class=3D"MsoNormal">Le 2013-03-22 =C3=A0 22:59, Shelley &lt;<a href=3D"m=
ailto:randomshelley@gmail.com" target=3D"_blank">randomshelley@gmail.com</a=
>&gt; a =C3=A9crit :<u></u><u></u></p>
</div>
<p class=3D"MsoNormal"><br>
<br>
<u></u><u></u></p>
<p class=3D"MsoNormal">As a SCIM service provider, we are trying to determi=
ne the best approach for accepting and managing names that may be federated=
 from global consumers.<br>
<br>
Were there any considerations made in the SCIM core schema for using multi-=
valued attributes for the individual name components? The use of the &quot;=
familyName&quot; and &quot;givenName&quot; as opposed to &quot;firstName&qu=
ot;/&quot;lastName&quot; helps minimize a western/US-centric approach, but
 using three individual, singular attributes for these name components stil=
l hints at a particular name format that may not be global.<br>
<br>
For example, in many countries, individuals have a given name and two last =
names (rather than first name, middle name, last name). Does SCIM provide a=
ny recommendations for how to represent this using the existing name compon=
ents? For example, are consumers
 expected to consolidate all last names into the single familyName attribut=
e to accommodate this scenario? Likewise, there are many other cases [1,2] =
that don&#39;t quite cleanly fit into these singular name components.<br>

<br>
The &quot;formattedName&quot;, &quot;displayName&quot;, and &quot;nickName&=
quot; attributes help to mitigate some concerns around formatting names and=
 addressing users, but we&#39;re still trying to iron out how to accept ide=
ntity data from varying contributing sources as well as enable consumers
 to obtain the discrete name components.<br>
<br>
[1] <a href=3D"http://www.w3.org/International/questions/qa-personal-names"=
 target=3D"_blank">http://www.w3.org/International/questions/qa-personal-na=
mes</a><br>
[2] <a href=3D"http://en.wikipedia.org/wiki/Personal_name" target=3D"_blank=
">http://en.wikipedia.org/wiki/Personal_name</a><br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><u></u><u></u></p>
</div>
<p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p>
</div>
</div></div></div>
</div>

</blockquote></div><br>

--14dae934108d4eef6d04d8c4824c--

From nsekimori@gmail.com  Mon Mar 25 16:11:29 2013
Return-Path: <nsekimori@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B48DA21F8821 for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 16:11:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.398
X-Spam-Level: 
X-Spam-Status: No, score=-0.398 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SBSualkGx3zR for <scim@ietfa.amsl.com>; Mon, 25 Mar 2013 16:11:28 -0700 (PDT)
Received: from mail-pa0-f47.google.com (mail-pa0-f47.google.com [209.85.220.47]) by ietfa.amsl.com (Postfix) with ESMTP id 38E0221F8804 for <scim@ietf.org>; Mon, 25 Mar 2013 16:11:28 -0700 (PDT)
Received: by mail-pa0-f47.google.com with SMTP id bj3so822546pad.34 for <scim@ietf.org>; Mon, 25 Mar 2013 16:11:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=Uid0PveUP4dN0lGi6fRFWl9RJAphpO8wyEBeHm9Qhz8=; b=t5SeXlaI3nYXSLR3SkEOeY4E8+wIkoffeqySunJoKJgFD1Jq8txd1aoreioUqCtckY 2kwpmsC1ObccK+CxrLdR8CDR0yMssNEorvgkjkFICNMpPLxZh8sQeNYabbKD0F7t7Pf3 Jp9mAOWFEVHkV/oMEY2yKVCPTH8gerv1TwIE5TZaiR91cEmTxn/lZylKmGh2nze3VmUZ G96AWzq+SR3naILk8jQ5hBTlVMZ7Ceu2W8luVBZNxilMJ7+ICA1sOzWkeosewNgbUj4O wItYt7sDVlk5t+clZRr1OCJhdXJUE3NJ05Xej6jeRfOV8Fwzo7XwnCzNOdB94H0jDUIW yJXg==
MIME-Version: 1.0
X-Received: by 10.66.88.105 with SMTP id bf9mr20475789pab.175.1364253082446; Mon, 25 Mar 2013 16:11:22 -0700 (PDT)
Received: by 10.70.20.131 with HTTP; Mon, 25 Mar 2013 16:11:22 -0700 (PDT)
In-Reply-To: <CAG-hk4gp85BEGRgRYpj_YgYzas1J0ewtkwq7B1haNLC6NTmrQg@mail.gmail.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com> <CAG-hk4gp85BEGRgRYpj_YgYzas1J0ewtkwq7B1haNLC6NTmrQg@mail.gmail.com>
Date: Tue, 26 Mar 2013 08:11:22 +0900
Message-ID: <CAAd8xPUk4+H2rE+OSbP9SUiDtomggY61KZNbFwtbeK3GsLaUfg@mail.gmail.com>
From: =?ISO-2022-JP?B?GyRCNFg/OT8uRzcbKEI=?= <nsekimori@gmail.com>
To: Tatsuo Kudo <tatsuo.kudo@gmail.com>
Content-Type: multipart/alternative; boundary=f46d042e01875cf6d804d8c7ec98
Cc: Marc Blanchet <marc.blanchet@viagenie.ca>, Bert Greevenbosch <Bert.Greevenbosch@huawei.com>, Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 23:11:29 -0000

--f46d042e01875cf6d804d8c7ec98
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

This discuss is very interesting. I think the current specification of name
attributes is not extensible enough. Shelley has considered multiplicity of
name attributes. I will show another issue of 'Name Internationalization'.

As Tatsuo was saying; Countries using Kanji have various appearances of
name. These countries need to consider logographic scripts and syllabic
scripts, separately. In Japan, we use syllabic scripts 'Kana' for sorting,
do not use logographic  'Kanji' scripts. If any name attributes have only
logographic value, we are not able to sort as well.

For resolving this issue, vCard adopts parameter 'SORT-AS'. I think this is
a nice for SCIM. For example:

"name": {
  "familyName": "logographic".
  "givenName": "logographic",
  "familyName-SORT-AS": "syllabic",
  "givenName-SORT-AS": "syllabic"
}

Thoughts?


2013/3/26 Tatsuo Kudo <tatsuo.kudo@gmail.com>

> I think most of attributes currently defined as "Singular Attributes"
> in the schema draft should allow multi-valued ones as well for
> non-English environment.  For example, businesses in Japan usually
> store Kanji and Kana characters (cf.
> http://en.wikipedia.org/wiki/Japanese_writing_system) for almost all
> attributes from name to department.
>
> I prefer Kelly Grizzle's suggestion in his follow-up to my question last
> month.
>
>  http://www.ietf.org/mail-archive/web/scim/current/msg00926.html
>
> And would like to apply it other than phonetic representation like:
>
> "displayName": [
>     { "value": "<Kana characters>", "locale": "ja-kana-JP" },
>     { "value": "<Kanji characters>", "locale": "ja-JP" }
>   ]
>
> Thoughts?
>
> Tatsuo.
>
>
> On Mon, Mar 25, 2013 at 2:41 PM, Bert Greevenbosch
> <Bert.Greevenbosch@huawei.com> wrote:
> > I stumbled across the same issue when doing v02 of the SCIM/vCard mappi=
ng
> > draft. See section 6.
> >
> > http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vcard-mapping/
> >
> >
> >
> > Indeed in vCard multiple surnames, given names and additional names are
> > possible.
> >
> >
> >
> > Best regards,
> >
> > Bert
> >
> >
> >
> > From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
> Marc
> > Blanchet
> > Sent: 2013=E5=B9=B43=E6=9C=8825=E6=97=A5 6:35
> > To: Shelley
> > Cc: scim@ietf.org
> > Subject: Re: [scim] Name Internationalization
> >
> >
> >
> > might want to look at vCard  (RFC6350).
> >
> >
> >
> > Marc.
> >
> >
> >
> > Le 2013-03-22 =C3=A0 22:59, Shelley <randomshelley@gmail.com> a =C3=A9c=
rit :
> >
> >
> >
> > As a SCIM service provider, we are trying to determine the best approac=
h
> for
> > accepting and managing names that may be federated from global consumer=
s.
> >
> > Were there any considerations made in the SCIM core schema for using
> > multi-valued attributes for the individual name components? The use of
> the
> > "familyName" and "givenName" as opposed to "firstName"/"lastName" helps
> > minimize a western/US-centric approach, but using three individual,
> singular
> > attributes for these name components still hints at a particular name
> format
> > that may not be global.
> >
> > For example, in many countries, individuals have a given name and two
> last
> > names (rather than first name, middle name, last name). Does SCIM provi=
de
> > any recommendations for how to represent this using the existing name
> > components? For example, are consumers expected to consolidate all last
> > names into the single familyName attribute to accommodate this scenario=
?
> > Likewise, there are many other cases [1,2] that don't quite cleanly fit
> into
> > these singular name components.
> >
> > The "formattedName", "displayName", and "nickName" attributes help to
> > mitigate some concerns around formatting names and addressing users, bu=
t
> > we're still trying to iron out how to accept identity data from varying
> > contributing sources as well as enable consumers to obtain the discrete
> name
> > components.
> >
> > [1] http://www.w3.org/International/questions/qa-personal-names
> > [2] http://en.wikipedia.org/wiki/Personal_name
> > _______________________________________________
> > scim mailing list
> > scim@ietf.org
> > https://www.ietf.org/mailman/listinfo/scim
> >
> >
> >
> >
> > _______________________________________________
> > scim mailing list
> > scim@ietf.org
> > https://www.ietf.org/mailman/listinfo/scim
> >
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

--f46d042e01875cf6d804d8c7ec98
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>This discuss is very interesting. I think the current=
 specification of name attributes is not extensible enough. Shelley has con=
sidered multiplicity of name attributes. I will show another issue of &#39;=
Name Internationalization&#39;.</div>
<div><br></div><div>As Tatsuo was saying; Countries using Kanji have variou=
s appearances of name. These countries need to consider logographic scripts=
 and syllabic scripts, separately. In Japan, we use syllabic scripts &#39;K=
ana&#39; for sorting, do not use logographic =C2=A0&#39;Kanji&#39; scripts.=
 If any name attributes have only logographic value, we are not able to sor=
t as well.</div>
<div><br></div><div>For resolving this issue, vCard adopts parameter &#39;S=
ORT-AS&#39;. I think this is a nice for SCIM. For example:</div><div><br></=
div><div>&quot;name&quot;: {</div><div>=C2=A0 &quot;familyName&quot;: &quot=
;logographic&quot;.</div>
<div>=C2=A0 &quot;givenName&quot;: &quot;logographic&quot;,</div><div>=C2=
=A0 &quot;familyName-SORT-AS&quot;: &quot;syllabic&quot;,</div><div>=C2=A0 =
&quot;givenName-SORT-AS&quot;: &quot;syllabic&quot;</div><div>}</div><div><=
br></div><div>
Thoughts?</div></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">2013/3/26 Tatsuo Kudo <span dir=3D"ltr">&lt;<a href=3D"mailto:tatsu=
o.kudo@gmail.com" target=3D"_blank">tatsuo.kudo@gmail.com</a>&gt;</span><br=
><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1=
px #ccc solid;padding-left:1ex">
I think most of attributes currently defined as &quot;Singular Attributes&q=
uot;<br>
in the schema draft should allow multi-valued ones as well for<br>
non-English environment. =C2=A0For example, businesses in Japan usually<br>
store Kanji and Kana characters (cf.<br>
<a href=3D"http://en.wikipedia.org/wiki/Japanese_writing_system" target=3D"=
_blank">http://en.wikipedia.org/wiki/Japanese_writing_system</a>) for almos=
t all<br>
attributes from name to department.<br>
<br>
I prefer Kelly Grizzle&#39;s suggestion in his follow-up to my question las=
t month.<br>
<br>
=C2=A0<a href=3D"http://www.ietf.org/mail-archive/web/scim/current/msg00926=
.html" target=3D"_blank">http://www.ietf.org/mail-archive/web/scim/current/=
msg00926.html</a><br>
<br>
And would like to apply it other than phonetic representation like:<br>
<br>
&quot;displayName&quot;: [<br>
=C2=A0 =C2=A0 { &quot;value&quot;: &quot;&lt;Kana characters&gt;&quot;, &qu=
ot;locale&quot;: &quot;ja-kana-JP&quot; },<br>
=C2=A0 =C2=A0 { &quot;value&quot;: &quot;&lt;Kanji characters&gt;&quot;, &q=
uot;locale&quot;: &quot;ja-JP&quot; }<br>
=C2=A0 ]<br>
<br>
Thoughts?<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
Tatsuo.<br>
</font></span><div class=3D"HOEnZb"><div class=3D"h5"><br>
<br>
On Mon, Mar 25, 2013 at 2:41 PM, Bert Greevenbosch<br>
&lt;<a href=3D"mailto:Bert.Greevenbosch@huawei.com">Bert.Greevenbosch@huawe=
i.com</a>&gt; wrote:<br>
&gt; I stumbled across the same issue when doing v02 of the SCIM/vCard mapp=
ing<br>
&gt; draft. See section 6.<br>
&gt;<br>
&gt; <a href=3D"http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vca=
rd-mapping/" target=3D"_blank">http://datatracker.ietf.org/doc/draft-greeve=
nbosch-scim-vcard-mapping/</a><br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; Indeed in vCard multiple surnames, given names and additional names ar=
e<br>
&gt; possible.<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; Best regards,<br>
&gt;<br>
&gt; Bert<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; From: <a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</=
a> [mailto:<a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</=
a>] On Behalf Of Marc<br>
&gt; Blanchet<br>
&gt; Sent: 2013=E5=B9=B43=E6=9C=8825=E6=97=A5 6:35<br>
&gt; To: Shelley<br>
&gt; Cc: <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
&gt; Subject: Re: [scim] Name Internationalization<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; might want to look at vCard =C2=A0(RFC6350).<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; Marc.<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; Le 2013-03-22 =C3=A0 22:59, Shelley &lt;<a href=3D"mailto:randomshelle=
y@gmail.com">randomshelley@gmail.com</a>&gt; a =C3=A9crit :<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; As a SCIM service provider, we are trying to determine the best approa=
ch for<br>
&gt; accepting and managing names that may be federated from global consume=
rs.<br>
&gt;<br>
&gt; Were there any considerations made in the SCIM core schema for using<b=
r>
&gt; multi-valued attributes for the individual name components? The use of=
 the<br>
&gt; &quot;familyName&quot; and &quot;givenName&quot; as opposed to &quot;f=
irstName&quot;/&quot;lastName&quot; helps<br>
&gt; minimize a western/US-centric approach, but using three individual, si=
ngular<br>
&gt; attributes for these name components still hints at a particular name =
format<br>
&gt; that may not be global.<br>
&gt;<br>
&gt; For example, in many countries, individuals have a given name and two =
last<br>
&gt; names (rather than first name, middle name, last name). Does SCIM prov=
ide<br>
&gt; any recommendations for how to represent this using the existing name<=
br>
&gt; components? For example, are consumers expected to consolidate all las=
t<br>
&gt; names into the single familyName attribute to accommodate this scenari=
o?<br>
&gt; Likewise, there are many other cases [1,2] that don&#39;t quite cleanl=
y fit into<br>
&gt; these singular name components.<br>
&gt;<br>
&gt; The &quot;formattedName&quot;, &quot;displayName&quot;, and &quot;nick=
Name&quot; attributes help to<br>
&gt; mitigate some concerns around formatting names and addressing users, b=
ut<br>
&gt; we&#39;re still trying to iron out how to accept identity data from va=
rying<br>
&gt; contributing sources as well as enable consumers to obtain the discret=
e name<br>
&gt; components.<br>
&gt;<br>
&gt; [1] <a href=3D"http://www.w3.org/International/questions/qa-personal-n=
ames" target=3D"_blank">http://www.w3.org/International/questions/qa-person=
al-names</a><br>
&gt; [2] <a href=3D"http://en.wikipedia.org/wiki/Personal_name" target=3D"_=
blank">http://en.wikipedia.org/wiki/Personal_name</a><br>
&gt; _______________________________________________<br>
&gt; scim mailing list<br>
&gt; <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
&gt; <a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blan=
k">https://www.ietf.org/mailman/listinfo/scim</a><br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; _______________________________________________<br>
&gt; scim mailing list<br>
&gt; <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
&gt; <a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blan=
k">https://www.ietf.org/mailman/listinfo/scim</a><br>
&gt;<br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><br>
</div></div></blockquote></div><br></div>

--f46d042e01875cf6d804d8c7ec98--

From prvs=47984C9989=erik.wahlstrom@nexussafe.com  Wed Mar 27 01:18:53 2013
Return-Path: <prvs=47984C9989=erik.wahlstrom@nexussafe.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41D8921F8E51 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 01:18:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.298
X-Spam-Level: 
X-Spam-Status: No, score=-2.298 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JpFG6s662ZUk for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 01:18:47 -0700 (PDT)
Received: from MailEdge.nexussafe.com (mailedge.nexussafe.com [83.241.133.98]) by ietfa.amsl.com (Postfix) with ESMTP id 1C1C521F87FB for <scim@ietf.org>; Wed, 27 Mar 2013 01:18:38 -0700 (PDT)
Received: from MARVMAILCAS.technxs.com (10.75.28.35) by MailEdge.nexussafe.com (83.241.133.98) with Microsoft SMTP Server (TLS) id 14.1.438.0; Wed, 27 Mar 2013 09:18:37 +0100
Received: from MARVMAILDB.technxs.com ([fe80::95d1:b13:6f90:bdad]) by MarvMailCAS.technxs.com ([::1]) with mapi id 14.01.0438.000; Wed, 27 Mar 2013 09:18:35 +0100
From: =?utf-8?B?RXJpayBXYWhsc3Ryw7Zt?= <erik.wahlstrom@nexussafe.com>
To: =?utf-8?B?6Zai5qOu5L+h5LmL?= <nsekimori@gmail.com>
Thread-Topic: [scim] Name Internationalization
Thread-Index: AQHOJ3KDjO8lyJNncE6ziBmV9MhvRpi1YBcAgAB26QCAAKj2AIAAfIIAgAIrOAA=
Date: Wed, 27 Mar 2013 08:18:33 +0000
Message-ID: <866ECE78-9F11-403F-AB53-119E5387F180@nexussafe.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com> <CAG-hk4gp85BEGRgRYpj_YgYzas1J0ewtkwq7B1haNLC6NTmrQg@mail.gmail.com> <CAAd8xPUk4+H2rE+OSbP9SUiDtomggY61KZNbFwtbeK3GsLaUfg@mail.gmail.com>
In-Reply-To: <CAAd8xPUk4+H2rE+OSbP9SUiDtomggY61KZNbFwtbeK3GsLaUfg@mail.gmail.com>
Accept-Language: en-US, sv-SE
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [192.168.4.226]
Content-Type: multipart/alternative; boundary="_000_866ECE789F11403FAB53119E5387F180nexussafecom_"
MIME-Version: 1.0
Cc: Tatsuo Kudo <tatsuo.kudo@gmail.com>, Bert Greevenbosch <Bert.Greevenbosch@huawei.com>, Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>, Marc Blanchet <marc.blanchet@viagenie.ca>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 08:18:53 -0000

--_000_866ECE789F11403FAB53119E5387F180nexussafecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SGksDQpXb3VsZCBpdCBiZSBwb3NzaWJsZSB0byByb2xsIHRoaXMgaW50byBhbiByZWFsIHNjaW0g
ZXh0ZW5zaW9uPyBPbmUgdGhhdCBhZGRzIHRoZSBTT1JULUFTIGZ1bmN0aW9uYWxpdHk/DQoNCkEg
KHZlcnkgcm91Z2gpIGV4YW1wbGUgdG8gc2hvdyBwb3NzaWJsZSB3YXkgZm9yd2FyZC4NCg0KLi4u
Li4NCiJ1cm46c2NpbTpzY2hlbWFzOmV4dGVuc2lvbjogbmFtZWludGVybmF0aW9uYWxpemF0aW9u
OjEuMCI6IHsNCiAgICAibmFtZS1TT1JULUFTIjogew0KICAgICAgICAiZmFtaWx5TmFtZS1TT1JU
LUFTIjogInN5bGxhYmljIiwNCiAgICAgICAgImdpdmVuTmFtZS1TT1JULUFTIjogInN5bGxhYmlj
Ig0KICAgIH0NCiAgfSwNCi4uLg0KDQovIEVyaWsNCg0KT24gTWFyIDI2LCAyMDEzLCBhdCAxMjox
MSBBTSwg6Zai5qOu5L+h5LmLIHdyb3RlOg0KDQpUaGlzIGRpc2N1c3MgaXMgdmVyeSBpbnRlcmVz
dGluZy4gSSB0aGluayB0aGUgY3VycmVudCBzcGVjaWZpY2F0aW9uIG9mIG5hbWUgYXR0cmlidXRl
cyBpcyBub3QgZXh0ZW5zaWJsZSBlbm91Z2guIFNoZWxsZXkgaGFzIGNvbnNpZGVyZWQgbXVsdGlw
bGljaXR5IG9mIG5hbWUgYXR0cmlidXRlcy4gSSB3aWxsIHNob3cgYW5vdGhlciBpc3N1ZSBvZiAn
TmFtZSBJbnRlcm5hdGlvbmFsaXphdGlvbicuDQoNCkFzIFRhdHN1byB3YXMgc2F5aW5nOyBDb3Vu
dHJpZXMgdXNpbmcgS2FuamkgaGF2ZSB2YXJpb3VzIGFwcGVhcmFuY2VzIG9mIG5hbWUuIFRoZXNl
IGNvdW50cmllcyBuZWVkIHRvIGNvbnNpZGVyIGxvZ29ncmFwaGljIHNjcmlwdHMgYW5kIHN5bGxh
YmljIHNjcmlwdHMsIHNlcGFyYXRlbHkuIEluIEphcGFuLCB3ZSB1c2Ugc3lsbGFiaWMgc2NyaXB0
cyAnS2FuYScgZm9yIHNvcnRpbmcsIGRvIG5vdCB1c2UgbG9nb2dyYXBoaWMgICdLYW5qaScgc2Ny
aXB0cy4gSWYgYW55IG5hbWUgYXR0cmlidXRlcyBoYXZlIG9ubHkgbG9nb2dyYXBoaWMgdmFsdWUs
IHdlIGFyZSBub3QgYWJsZSB0byBzb3J0IGFzIHdlbGwuDQoNCkZvciByZXNvbHZpbmcgdGhpcyBp
c3N1ZSwgdkNhcmQgYWRvcHRzIHBhcmFtZXRlciAnU09SVC1BUycuIEkgdGhpbmsgdGhpcyBpcyBh
IG5pY2UgZm9yIFNDSU0uIEZvciBleGFtcGxlOg0KDQoibmFtZSI6IHsNCiAgImZhbWlseU5hbWUi
OiAibG9nb2dyYXBoaWMiLg0KICAiZ2l2ZW5OYW1lIjogImxvZ29ncmFwaGljIiwNCiAgImZhbWls
eU5hbWUtU09SVC1BUyI6ICJzeWxsYWJpYyIsDQogICJnaXZlbk5hbWUtU09SVC1BUyI6ICJzeWxs
YWJpYyINCn0NCg0KVGhvdWdodHM/DQoNCg0KMjAxMy8zLzI2IFRhdHN1byBLdWRvIDx0YXRzdW8u
a3Vkb0BnbWFpbC5jb208bWFpbHRvOnRhdHN1by5rdWRvQGdtYWlsLmNvbT4+DQpJIHRoaW5rIG1v
c3Qgb2YgYXR0cmlidXRlcyBjdXJyZW50bHkgZGVmaW5lZCBhcyAiU2luZ3VsYXIgQXR0cmlidXRl
cyINCmluIHRoZSBzY2hlbWEgZHJhZnQgc2hvdWxkIGFsbG93IG11bHRpLXZhbHVlZCBvbmVzIGFz
IHdlbGwgZm9yDQpub24tRW5nbGlzaCBlbnZpcm9ubWVudC4gIEZvciBleGFtcGxlLCBidXNpbmVz
c2VzIGluIEphcGFuIHVzdWFsbHkNCnN0b3JlIEthbmppIGFuZCBLYW5hIGNoYXJhY3RlcnMgKGNm
Lg0KaHR0cDovL2VuLndpa2lwZWRpYS5vcmcvd2lraS9KYXBhbmVzZV93cml0aW5nX3N5c3RlbSkg
Zm9yIGFsbW9zdCBhbGwNCmF0dHJpYnV0ZXMgZnJvbSBuYW1lIHRvIGRlcGFydG1lbnQuDQoNCkkg
cHJlZmVyIEtlbGx5IEdyaXp6bGUncyBzdWdnZXN0aW9uIGluIGhpcyBmb2xsb3ctdXAgdG8gbXkg
cXVlc3Rpb24gbGFzdCBtb250aC4NCg0KIGh0dHA6Ly93d3cuaWV0Zi5vcmcvbWFpbC1hcmNoaXZl
L3dlYi9zY2ltL2N1cnJlbnQvbXNnMDA5MjYuaHRtbA0KDQpBbmQgd291bGQgbGlrZSB0byBhcHBs
eSBpdCBvdGhlciB0aGFuIHBob25ldGljIHJlcHJlc2VudGF0aW9uIGxpa2U6DQoNCiJkaXNwbGF5
TmFtZSI6IFsNCiAgICB7ICJ2YWx1ZSI6ICI8S2FuYSBjaGFyYWN0ZXJzPiIsICJsb2NhbGUiOiAi
amEta2FuYS1KUCIgfSwNCiAgICB7ICJ2YWx1ZSI6ICI8S2FuamkgY2hhcmFjdGVycz4iLCAibG9j
YWxlIjogImphLUpQIiB9DQogIF0NCg0KVGhvdWdodHM/DQoNClRhdHN1by4NCg0KDQpPbiBNb24s
IE1hciAyNSwgMjAxMyBhdCAyOjQxIFBNLCBCZXJ0IEdyZWV2ZW5ib3NjaA0KPEJlcnQuR3JlZXZl
bmJvc2NoQGh1YXdlaS5jb208bWFpbHRvOkJlcnQuR3JlZXZlbmJvc2NoQGh1YXdlaS5jb20+PiB3
cm90ZToNCj4gSSBzdHVtYmxlZCBhY3Jvc3MgdGhlIHNhbWUgaXNzdWUgd2hlbiBkb2luZyB2MDIg
b2YgdGhlIFNDSU0vdkNhcmQgbWFwcGluZw0KPiBkcmFmdC4gU2VlIHNlY3Rpb24gNi4NCj4NCj4g
aHR0cDovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1ncmVldmVuYm9zY2gtc2NpbS12
Y2FyZC1tYXBwaW5nLw0KPg0KPg0KPg0KPiBJbmRlZWQgaW4gdkNhcmQgbXVsdGlwbGUgc3VybmFt
ZXMsIGdpdmVuIG5hbWVzIGFuZCBhZGRpdGlvbmFsIG5hbWVzIGFyZQ0KPiBwb3NzaWJsZS4NCj4N
Cj4NCj4NCj4gQmVzdCByZWdhcmRzLA0KPg0KPiBCZXJ0DQo+DQo+DQo+DQo+IEZyb206IHNjaW0t
Ym91bmNlc0BpZXRmLm9yZzxtYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnPiBbbWFpbHRvOnNj
aW0tYm91bmNlc0BpZXRmLm9yZzxtYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnPl0gT24gQmVo
YWxmIE9mIE1hcmMNCj4gQmxhbmNoZXQNCj4gU2VudDogMjAxM+W5tDPmnIgyNeaXpSA2OjM1DQo+
IFRvOiBTaGVsbGV5DQo+IENjOiBzY2ltQGlldGYub3JnPG1haWx0bzpzY2ltQGlldGYub3JnPg0K
PiBTdWJqZWN0OiBSZTogW3NjaW1dIE5hbWUgSW50ZXJuYXRpb25hbGl6YXRpb24NCj4NCj4NCj4N
Cj4gbWlnaHQgd2FudCB0byBsb29rIGF0IHZDYXJkICAoUkZDNjM1MCkuDQo+DQo+DQo+DQo+IE1h
cmMuDQo+DQo+DQo+DQo+IExlIDIwMTMtMDMtMjIgw6AgMjI6NTksIFNoZWxsZXkgPHJhbmRvbXNo
ZWxsZXlAZ21haWwuY29tPG1haWx0bzpyYW5kb21zaGVsbGV5QGdtYWlsLmNvbT4+IGEgw6ljcml0
IDoNCj4NCj4NCj4NCj4gQXMgYSBTQ0lNIHNlcnZpY2UgcHJvdmlkZXIsIHdlIGFyZSB0cnlpbmcg
dG8gZGV0ZXJtaW5lIHRoZSBiZXN0IGFwcHJvYWNoIGZvcg0KPiBhY2NlcHRpbmcgYW5kIG1hbmFn
aW5nIG5hbWVzIHRoYXQgbWF5IGJlIGZlZGVyYXRlZCBmcm9tIGdsb2JhbCBjb25zdW1lcnMuDQo+
DQo+IFdlcmUgdGhlcmUgYW55IGNvbnNpZGVyYXRpb25zIG1hZGUgaW4gdGhlIFNDSU0gY29yZSBz
Y2hlbWEgZm9yIHVzaW5nDQo+IG11bHRpLXZhbHVlZCBhdHRyaWJ1dGVzIGZvciB0aGUgaW5kaXZp
ZHVhbCBuYW1lIGNvbXBvbmVudHM/IFRoZSB1c2Ugb2YgdGhlDQo+ICJmYW1pbHlOYW1lIiBhbmQg
ImdpdmVuTmFtZSIgYXMgb3Bwb3NlZCB0byAiZmlyc3ROYW1lIi8ibGFzdE5hbWUiIGhlbHBzDQo+
IG1pbmltaXplIGEgd2VzdGVybi9VUy1jZW50cmljIGFwcHJvYWNoLCBidXQgdXNpbmcgdGhyZWUg
aW5kaXZpZHVhbCwgc2luZ3VsYXINCj4gYXR0cmlidXRlcyBmb3IgdGhlc2UgbmFtZSBjb21wb25l
bnRzIHN0aWxsIGhpbnRzIGF0IGEgcGFydGljdWxhciBuYW1lIGZvcm1hdA0KPiB0aGF0IG1heSBu
b3QgYmUgZ2xvYmFsLg0KPg0KPiBGb3IgZXhhbXBsZSwgaW4gbWFueSBjb3VudHJpZXMsIGluZGl2
aWR1YWxzIGhhdmUgYSBnaXZlbiBuYW1lIGFuZCB0d28gbGFzdA0KPiBuYW1lcyAocmF0aGVyIHRo
YW4gZmlyc3QgbmFtZSwgbWlkZGxlIG5hbWUsIGxhc3QgbmFtZSkuIERvZXMgU0NJTSBwcm92aWRl
DQo+IGFueSByZWNvbW1lbmRhdGlvbnMgZm9yIGhvdyB0byByZXByZXNlbnQgdGhpcyB1c2luZyB0
aGUgZXhpc3RpbmcgbmFtZQ0KPiBjb21wb25lbnRzPyBGb3IgZXhhbXBsZSwgYXJlIGNvbnN1bWVy
cyBleHBlY3RlZCB0byBjb25zb2xpZGF0ZSBhbGwgbGFzdA0KPiBuYW1lcyBpbnRvIHRoZSBzaW5n
bGUgZmFtaWx5TmFtZSBhdHRyaWJ1dGUgdG8gYWNjb21tb2RhdGUgdGhpcyBzY2VuYXJpbz8NCj4g
TGlrZXdpc2UsIHRoZXJlIGFyZSBtYW55IG90aGVyIGNhc2VzIFsxLDJdIHRoYXQgZG9uJ3QgcXVp
dGUgY2xlYW5seSBmaXQgaW50bw0KPiB0aGVzZSBzaW5ndWxhciBuYW1lIGNvbXBvbmVudHMuDQo+
DQo+IFRoZSAiZm9ybWF0dGVkTmFtZSIsICJkaXNwbGF5TmFtZSIsIGFuZCAibmlja05hbWUiIGF0
dHJpYnV0ZXMgaGVscCB0bw0KPiBtaXRpZ2F0ZSBzb21lIGNvbmNlcm5zIGFyb3VuZCBmb3JtYXR0
aW5nIG5hbWVzIGFuZCBhZGRyZXNzaW5nIHVzZXJzLCBidXQNCj4gd2UncmUgc3RpbGwgdHJ5aW5n
IHRvIGlyb24gb3V0IGhvdyB0byBhY2NlcHQgaWRlbnRpdHkgZGF0YSBmcm9tIHZhcnlpbmcNCj4g
Y29udHJpYnV0aW5nIHNvdXJjZXMgYXMgd2VsbCBhcyBlbmFibGUgY29uc3VtZXJzIHRvIG9idGFp
biB0aGUgZGlzY3JldGUgbmFtZQ0KPiBjb21wb25lbnRzLg0KPg0KPiBbMV0gaHR0cDovL3d3dy53
My5vcmcvSW50ZXJuYXRpb25hbC9xdWVzdGlvbnMvcWEtcGVyc29uYWwtbmFtZXMNCj4gWzJdIGh0
dHA6Ly9lbi53aWtpcGVkaWEub3JnL3dpa2kvUGVyc29uYWxfbmFtZQ0KPiBfX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiBzY2ltIG1haWxpbmcgbGlzdA0K
PiBzY2ltQGlldGYub3JnPG1haWx0bzpzY2ltQGlldGYub3JnPg0KPiBodHRwczovL3d3dy5pZXRm
Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NjaW0NCj4NCj4NCj4NCj4NCj4gX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj4gc2NpbSBtYWlsaW5nIGxpc3QNCj4g
c2NpbUBpZXRmLm9yZzxtYWlsdG86c2NpbUBpZXRmLm9yZz4NCj4gaHR0cHM6Ly93d3cuaWV0Zi5v
cmcvbWFpbG1hbi9saXN0aW5mby9zY2ltDQo+DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fXw0Kc2NpbSBtYWlsaW5nIGxpc3QNCnNjaW1AaWV0Zi5vcmc8bWFp
bHRvOnNjaW1AaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZv
L3NjaW0NCg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18N
CnNjaW0gbWFpbGluZyBsaXN0DQpzY2ltQGlldGYub3JnPG1haWx0bzpzY2ltQGlldGYub3JnPg0K
aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltDQoNCg==

--_000_866ECE789F11403FAB53119E5387F180nexussafecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <4EBD3FCF664CD94B9D92F8BE293C30B6@nexussafe.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgLXdlYmtpdC1saW5lLWJy
ZWFrOiBhZnRlci13aGl0ZS1zcGFjZTsgIj4NCkhpLA0KPGRpdj5Xb3VsZCBpdCBiZSBwb3NzaWJs
ZSB0byByb2xsIHRoaXMgaW50byBhbiByZWFsIHNjaW0gZXh0ZW5zaW9uPyBPbmUgdGhhdCBhZGRz
IHRoZSBTT1JULUFTIGZ1bmN0aW9uYWxpdHk/PC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRp
dj5BICh2ZXJ5IHJvdWdoKSBleGFtcGxlIHRvIHNob3cgcG9zc2libGUgd2F5IGZvcndhcmQuPC9k
aXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRpdj4uLi4uLjwvZGl2Pg0KPGRpdj4NCjxkaXY+JnF1
b3Q7dXJuOnNjaW06c2NoZW1hczpleHRlbnNpb246IG5hbWVpbnRlcm5hdGlvbmFsaXphdGlvbjox
LjAmcXVvdDs6IHs8L2Rpdj4NCjxkaXY+Jm5ic3A7ICZuYnNwOyAmcXVvdDtuYW1lLVNPUlQtQVMm
cXVvdDs6IHs8L2Rpdj4NCiZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmcXVvdDtmYW1pbHlO
YW1lLVNPUlQtQVMmcXVvdDs6ICZxdW90O3N5bGxhYmljJnF1b3Q7LDxicj4NCiZuYnNwOyAmbmJz
cDsgJm5ic3A7ICZuYnNwOyAmcXVvdDtnaXZlbk5hbWUtU09SVC1BUyZxdW90OzogJnF1b3Q7c3ls
bGFiaWMmcXVvdDs8YnI+DQombmJzcDsgJm5ic3A7IH08YnI+DQo8ZGl2PiZuYnNwOyB9LDwvZGl2
Pg0KPC9kaXY+DQo8ZGl2Pi4uLjwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxkaXY+LyBFcmlr
PC9kaXY+DQo8ZGl2Pjxicj4NCjxkaXY+DQo8ZGl2Pk9uIE1hciAyNiwgMjAxMywgYXQgMTI6MTEg
QU0sIOmWouajruS/oeS5iyB3cm90ZTo8L2Rpdj4NCjxiciBjbGFzcz0iQXBwbGUtaW50ZXJjaGFu
Z2UtbmV3bGluZSI+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIj4NCjxkaXYgZGlyPSJsdHIiPg0K
PGRpdj5UaGlzIGRpc2N1c3MgaXMgdmVyeSBpbnRlcmVzdGluZy4gSSB0aGluayB0aGUgY3VycmVu
dCBzcGVjaWZpY2F0aW9uIG9mIG5hbWUgYXR0cmlidXRlcyBpcyBub3QgZXh0ZW5zaWJsZSBlbm91
Z2guIFNoZWxsZXkgaGFzIGNvbnNpZGVyZWQgbXVsdGlwbGljaXR5IG9mIG5hbWUgYXR0cmlidXRl
cy4gSSB3aWxsIHNob3cgYW5vdGhlciBpc3N1ZSBvZiAnTmFtZSBJbnRlcm5hdGlvbmFsaXphdGlv
bicuPC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRpdj5BcyBUYXRzdW8gd2FzIHNheWluZzsg
Q291bnRyaWVzIHVzaW5nIEthbmppIGhhdmUgdmFyaW91cyBhcHBlYXJhbmNlcyBvZiBuYW1lLiBU
aGVzZSBjb3VudHJpZXMgbmVlZCB0byBjb25zaWRlciBsb2dvZ3JhcGhpYyBzY3JpcHRzIGFuZCBz
eWxsYWJpYyBzY3JpcHRzLCBzZXBhcmF0ZWx5LiBJbiBKYXBhbiwgd2UgdXNlIHN5bGxhYmljIHNj
cmlwdHMgJ0thbmEnIGZvciBzb3J0aW5nLCBkbyBub3QgdXNlIGxvZ29ncmFwaGljICZuYnNwOydL
YW5qaScgc2NyaXB0cy4NCiBJZiBhbnkgbmFtZSBhdHRyaWJ1dGVzIGhhdmUgb25seSBsb2dvZ3Jh
cGhpYyB2YWx1ZSwgd2UgYXJlIG5vdCBhYmxlIHRvIHNvcnQgYXMgd2VsbC48L2Rpdj4NCjxkaXY+
PGJyPg0KPC9kaXY+DQo8ZGl2PkZvciByZXNvbHZpbmcgdGhpcyBpc3N1ZSwgdkNhcmQgYWRvcHRz
IHBhcmFtZXRlciAnU09SVC1BUycuIEkgdGhpbmsgdGhpcyBpcyBhIG5pY2UgZm9yIFNDSU0uIEZv
ciBleGFtcGxlOjwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxkaXY+JnF1b3Q7bmFtZSZxdW90
OzogezwvZGl2Pg0KPGRpdj4mbmJzcDsgJnF1b3Q7ZmFtaWx5TmFtZSZxdW90OzogJnF1b3Q7bG9n
b2dyYXBoaWMmcXVvdDsuPC9kaXY+DQo8ZGl2PiZuYnNwOyAmcXVvdDtnaXZlbk5hbWUmcXVvdDs6
ICZxdW90O2xvZ29ncmFwaGljJnF1b3Q7LDwvZGl2Pg0KPGRpdj4mbmJzcDsgJnF1b3Q7ZmFtaWx5
TmFtZS1TT1JULUFTJnF1b3Q7OiAmcXVvdDtzeWxsYWJpYyZxdW90Oyw8L2Rpdj4NCjxkaXY+Jm5i
c3A7ICZxdW90O2dpdmVuTmFtZS1TT1JULUFTJnF1b3Q7OiAmcXVvdDtzeWxsYWJpYyZxdW90Ozwv
ZGl2Pg0KPGRpdj59PC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRpdj5UaG91Z2h0cz88L2Rp
dj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iZ21haWxfZXh0cmEiPjxicj4NCjxicj4NCjxkaXYgY2xh
c3M9ImdtYWlsX3F1b3RlIj4yMDEzLzMvMjYgVGF0c3VvIEt1ZG8gPHNwYW4gZGlyPSJsdHIiPiZs
dDs8YSBocmVmPSJtYWlsdG86dGF0c3VvLmt1ZG9AZ21haWwuY29tIiB0YXJnZXQ9Il9ibGFuayI+
dGF0c3VvLmt1ZG9AZ21haWwuY29tPC9hPiZndDs8L3NwYW4+PGJyPg0KPGJsb2NrcXVvdGUgY2xh
c3M9ImdtYWlsX3F1b3RlIiBzdHlsZT0ibWFyZ2luOjAgMCAwIC44ZXg7Ym9yZGVyLWxlZnQ6MXB4
ICNjY2Mgc29saWQ7cGFkZGluZy1sZWZ0OjFleCI+DQpJIHRoaW5rIG1vc3Qgb2YgYXR0cmlidXRl
cyBjdXJyZW50bHkgZGVmaW5lZCBhcyAmcXVvdDtTaW5ndWxhciBBdHRyaWJ1dGVzJnF1b3Q7PGJy
Pg0KaW4gdGhlIHNjaGVtYSBkcmFmdCBzaG91bGQgYWxsb3cgbXVsdGktdmFsdWVkIG9uZXMgYXMg
d2VsbCBmb3I8YnI+DQpub24tRW5nbGlzaCBlbnZpcm9ubWVudC4gJm5ic3A7Rm9yIGV4YW1wbGUs
IGJ1c2luZXNzZXMgaW4gSmFwYW4gdXN1YWxseTxicj4NCnN0b3JlIEthbmppIGFuZCBLYW5hIGNo
YXJhY3RlcnMgKGNmLjxicj4NCjxhIGhyZWY9Imh0dHA6Ly9lbi53aWtpcGVkaWEub3JnL3dpa2kv
SmFwYW5lc2Vfd3JpdGluZ19zeXN0ZW0iIHRhcmdldD0iX2JsYW5rIj5odHRwOi8vZW4ud2lraXBl
ZGlhLm9yZy93aWtpL0phcGFuZXNlX3dyaXRpbmdfc3lzdGVtPC9hPikgZm9yIGFsbW9zdCBhbGw8
YnI+DQphdHRyaWJ1dGVzIGZyb20gbmFtZSB0byBkZXBhcnRtZW50Ljxicj4NCjxicj4NCkkgcHJl
ZmVyIEtlbGx5IEdyaXp6bGUncyBzdWdnZXN0aW9uIGluIGhpcyBmb2xsb3ctdXAgdG8gbXkgcXVl
c3Rpb24gbGFzdCBtb250aC48YnI+DQo8YnI+DQombmJzcDs8YSBocmVmPSJodHRwOi8vd3d3Lmll
dGYub3JnL21haWwtYXJjaGl2ZS93ZWIvc2NpbS9jdXJyZW50L21zZzAwOTI2Lmh0bWwiIHRhcmdl
dD0iX2JsYW5rIj5odHRwOi8vd3d3LmlldGYub3JnL21haWwtYXJjaGl2ZS93ZWIvc2NpbS9jdXJy
ZW50L21zZzAwOTI2Lmh0bWw8L2E+PGJyPg0KPGJyPg0KQW5kIHdvdWxkIGxpa2UgdG8gYXBwbHkg
aXQgb3RoZXIgdGhhbiBwaG9uZXRpYyByZXByZXNlbnRhdGlvbiBsaWtlOjxicj4NCjxicj4NCiZx
dW90O2Rpc3BsYXlOYW1lJnF1b3Q7OiBbPGJyPg0KJm5ic3A7ICZuYnNwOyB7ICZxdW90O3ZhbHVl
JnF1b3Q7OiAmcXVvdDsmbHQ7S2FuYSBjaGFyYWN0ZXJzJmd0OyZxdW90OywgJnF1b3Q7bG9jYWxl
JnF1b3Q7OiAmcXVvdDtqYS1rYW5hLUpQJnF1b3Q7IH0sPGJyPg0KJm5ic3A7ICZuYnNwOyB7ICZx
dW90O3ZhbHVlJnF1b3Q7OiAmcXVvdDsmbHQ7S2FuamkgY2hhcmFjdGVycyZndDsmcXVvdDssICZx
dW90O2xvY2FsZSZxdW90OzogJnF1b3Q7amEtSlAmcXVvdDsgfTxicj4NCiZuYnNwOyBdPGJyPg0K
PGJyPg0KVGhvdWdodHM/PGJyPg0KPHNwYW4gY2xhc3M9IkhPRW5aYiI+PGZvbnQgY29sb3I9IiM4
ODg4ODgiPjxicj4NClRhdHN1by48YnI+DQo8L2ZvbnQ+PC9zcGFuPg0KPGRpdiBjbGFzcz0iSE9F
blpiIj4NCjxkaXYgY2xhc3M9Img1Ij48YnI+DQo8YnI+DQpPbiBNb24sIE1hciAyNSwgMjAxMyBh
dCAyOjQxIFBNLCBCZXJ0IEdyZWV2ZW5ib3NjaDxicj4NCiZsdDs8YSBocmVmPSJtYWlsdG86QmVy
dC5HcmVldmVuYm9zY2hAaHVhd2VpLmNvbSI+QmVydC5HcmVldmVuYm9zY2hAaHVhd2VpLmNvbTwv
YT4mZ3Q7IHdyb3RlOjxicj4NCiZndDsgSSBzdHVtYmxlZCBhY3Jvc3MgdGhlIHNhbWUgaXNzdWUg
d2hlbiBkb2luZyB2MDIgb2YgdGhlIFNDSU0vdkNhcmQgbWFwcGluZzxicj4NCiZndDsgZHJhZnQu
IFNlZSBzZWN0aW9uIDYuPGJyPg0KJmd0Ozxicj4NCiZndDsgPGEgaHJlZj0iaHR0cDovL2RhdGF0
cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1ncmVldmVuYm9zY2gtc2NpbS12Y2FyZC1tYXBwaW5n
LyIgdGFyZ2V0PSJfYmxhbmsiPg0KaHR0cDovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFm
dC1ncmVldmVuYm9zY2gtc2NpbS12Y2FyZC1tYXBwaW5nLzwvYT48YnI+DQomZ3Q7PGJyPg0KJmd0
Ozxicj4NCiZndDs8YnI+DQomZ3Q7IEluZGVlZCBpbiB2Q2FyZCBtdWx0aXBsZSBzdXJuYW1lcywg
Z2l2ZW4gbmFtZXMgYW5kIGFkZGl0aW9uYWwgbmFtZXMgYXJlPGJyPg0KJmd0OyBwb3NzaWJsZS48
YnI+DQomZ3Q7PGJyPg0KJmd0Ozxicj4NCiZndDs8YnI+DQomZ3Q7IEJlc3QgcmVnYXJkcyw8YnI+
DQomZ3Q7PGJyPg0KJmd0OyBCZXJ0PGJyPg0KJmd0Ozxicj4NCiZndDs8YnI+DQomZ3Q7PGJyPg0K
Jmd0OyBGcm9tOiA8YSBocmVmPSJtYWlsdG86c2NpbS1ib3VuY2VzQGlldGYub3JnIj5zY2ltLWJv
dW5jZXNAaWV0Zi5vcmc8L2E+IFttYWlsdG86PGEgaHJlZj0ibWFpbHRvOnNjaW0tYm91bmNlc0Bp
ZXRmLm9yZyI+c2NpbS1ib3VuY2VzQGlldGYub3JnPC9hPl0gT24gQmVoYWxmIE9mIE1hcmM8YnI+
DQomZ3Q7IEJsYW5jaGV0PGJyPg0KJmd0OyBTZW50OiAyMDEz5bm0M+aciDI15pelIDY6MzU8YnI+
DQomZ3Q7IFRvOiBTaGVsbGV5PGJyPg0KJmd0OyBDYzogPGEgaHJlZj0ibWFpbHRvOnNjaW1AaWV0
Zi5vcmciPnNjaW1AaWV0Zi5vcmc8L2E+PGJyPg0KJmd0OyBTdWJqZWN0OiBSZTogW3NjaW1dIE5h
bWUgSW50ZXJuYXRpb25hbGl6YXRpb248YnI+DQomZ3Q7PGJyPg0KJmd0Ozxicj4NCiZndDs8YnI+
DQomZ3Q7IG1pZ2h0IHdhbnQgdG8gbG9vayBhdCB2Q2FyZCAmbmJzcDsoUkZDNjM1MCkuPGJyPg0K
Jmd0Ozxicj4NCiZndDs8YnI+DQomZ3Q7PGJyPg0KJmd0OyBNYXJjLjxicj4NCiZndDs8YnI+DQom
Z3Q7PGJyPg0KJmd0Ozxicj4NCiZndDsgTGUgMjAxMy0wMy0yMiDDoCAyMjo1OSwgU2hlbGxleSAm
bHQ7PGEgaHJlZj0ibWFpbHRvOnJhbmRvbXNoZWxsZXlAZ21haWwuY29tIj5yYW5kb21zaGVsbGV5
QGdtYWlsLmNvbTwvYT4mZ3Q7IGEgw6ljcml0IDo8YnI+DQomZ3Q7PGJyPg0KJmd0Ozxicj4NCiZn
dDs8YnI+DQomZ3Q7IEFzIGEgU0NJTSBzZXJ2aWNlIHByb3ZpZGVyLCB3ZSBhcmUgdHJ5aW5nIHRv
IGRldGVybWluZSB0aGUgYmVzdCBhcHByb2FjaCBmb3I8YnI+DQomZ3Q7IGFjY2VwdGluZyBhbmQg
bWFuYWdpbmcgbmFtZXMgdGhhdCBtYXkgYmUgZmVkZXJhdGVkIGZyb20gZ2xvYmFsIGNvbnN1bWVy
cy48YnI+DQomZ3Q7PGJyPg0KJmd0OyBXZXJlIHRoZXJlIGFueSBjb25zaWRlcmF0aW9ucyBtYWRl
IGluIHRoZSBTQ0lNIGNvcmUgc2NoZW1hIGZvciB1c2luZzxicj4NCiZndDsgbXVsdGktdmFsdWVk
IGF0dHJpYnV0ZXMgZm9yIHRoZSBpbmRpdmlkdWFsIG5hbWUgY29tcG9uZW50cz8gVGhlIHVzZSBv
ZiB0aGU8YnI+DQomZ3Q7ICZxdW90O2ZhbWlseU5hbWUmcXVvdDsgYW5kICZxdW90O2dpdmVuTmFt
ZSZxdW90OyBhcyBvcHBvc2VkIHRvICZxdW90O2ZpcnN0TmFtZSZxdW90Oy8mcXVvdDtsYXN0TmFt
ZSZxdW90OyBoZWxwczxicj4NCiZndDsgbWluaW1pemUgYSB3ZXN0ZXJuL1VTLWNlbnRyaWMgYXBw
cm9hY2gsIGJ1dCB1c2luZyB0aHJlZSBpbmRpdmlkdWFsLCBzaW5ndWxhcjxicj4NCiZndDsgYXR0
cmlidXRlcyBmb3IgdGhlc2UgbmFtZSBjb21wb25lbnRzIHN0aWxsIGhpbnRzIGF0IGEgcGFydGlj
dWxhciBuYW1lIGZvcm1hdDxicj4NCiZndDsgdGhhdCBtYXkgbm90IGJlIGdsb2JhbC48YnI+DQom
Z3Q7PGJyPg0KJmd0OyBGb3IgZXhhbXBsZSwgaW4gbWFueSBjb3VudHJpZXMsIGluZGl2aWR1YWxz
IGhhdmUgYSBnaXZlbiBuYW1lIGFuZCB0d28gbGFzdDxicj4NCiZndDsgbmFtZXMgKHJhdGhlciB0
aGFuIGZpcnN0IG5hbWUsIG1pZGRsZSBuYW1lLCBsYXN0IG5hbWUpLiBEb2VzIFNDSU0gcHJvdmlk
ZTxicj4NCiZndDsgYW55IHJlY29tbWVuZGF0aW9ucyBmb3IgaG93IHRvIHJlcHJlc2VudCB0aGlz
IHVzaW5nIHRoZSBleGlzdGluZyBuYW1lPGJyPg0KJmd0OyBjb21wb25lbnRzPyBGb3IgZXhhbXBs
ZSwgYXJlIGNvbnN1bWVycyBleHBlY3RlZCB0byBjb25zb2xpZGF0ZSBhbGwgbGFzdDxicj4NCiZn
dDsgbmFtZXMgaW50byB0aGUgc2luZ2xlIGZhbWlseU5hbWUgYXR0cmlidXRlIHRvIGFjY29tbW9k
YXRlIHRoaXMgc2NlbmFyaW8/PGJyPg0KJmd0OyBMaWtld2lzZSwgdGhlcmUgYXJlIG1hbnkgb3Ro
ZXIgY2FzZXMgWzEsMl0gdGhhdCBkb24ndCBxdWl0ZSBjbGVhbmx5IGZpdCBpbnRvPGJyPg0KJmd0
OyB0aGVzZSBzaW5ndWxhciBuYW1lIGNvbXBvbmVudHMuPGJyPg0KJmd0Ozxicj4NCiZndDsgVGhl
ICZxdW90O2Zvcm1hdHRlZE5hbWUmcXVvdDssICZxdW90O2Rpc3BsYXlOYW1lJnF1b3Q7LCBhbmQg
JnF1b3Q7bmlja05hbWUmcXVvdDsgYXR0cmlidXRlcyBoZWxwIHRvPGJyPg0KJmd0OyBtaXRpZ2F0
ZSBzb21lIGNvbmNlcm5zIGFyb3VuZCBmb3JtYXR0aW5nIG5hbWVzIGFuZCBhZGRyZXNzaW5nIHVz
ZXJzLCBidXQ8YnI+DQomZ3Q7IHdlJ3JlIHN0aWxsIHRyeWluZyB0byBpcm9uIG91dCBob3cgdG8g
YWNjZXB0IGlkZW50aXR5IGRhdGEgZnJvbSB2YXJ5aW5nPGJyPg0KJmd0OyBjb250cmlidXRpbmcg
c291cmNlcyBhcyB3ZWxsIGFzIGVuYWJsZSBjb25zdW1lcnMgdG8gb2J0YWluIHRoZSBkaXNjcmV0
ZSBuYW1lPGJyPg0KJmd0OyBjb21wb25lbnRzLjxicj4NCiZndDs8YnI+DQomZ3Q7IFsxXSA8YSBo
cmVmPSJodHRwOi8vd3d3LnczLm9yZy9JbnRlcm5hdGlvbmFsL3F1ZXN0aW9ucy9xYS1wZXJzb25h
bC1uYW1lcyIgdGFyZ2V0PSJfYmxhbmsiPg0KaHR0cDovL3d3dy53My5vcmcvSW50ZXJuYXRpb25h
bC9xdWVzdGlvbnMvcWEtcGVyc29uYWwtbmFtZXM8L2E+PGJyPg0KJmd0OyBbMl0gPGEgaHJlZj0i
aHR0cDovL2VuLndpa2lwZWRpYS5vcmcvd2lraS9QZXJzb25hbF9uYW1lIiB0YXJnZXQ9Il9ibGFu
ayI+aHR0cDovL2VuLndpa2lwZWRpYS5vcmcvd2lraS9QZXJzb25hbF9uYW1lPC9hPjxicj4NCiZn
dDsgX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX188YnI+DQom
Z3Q7IHNjaW0gbWFpbGluZyBsaXN0PGJyPg0KJmd0OyA8YSBocmVmPSJtYWlsdG86c2NpbUBpZXRm
Lm9yZyI+c2NpbUBpZXRmLm9yZzwvYT48YnI+DQomZ3Q7IDxhIGhyZWY9Imh0dHBzOi8vd3d3Lmll
dGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbSIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3
LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbTwvYT48YnI+DQomZ3Q7PGJyPg0KJmd0Ozxi
cj4NCiZndDs8YnI+DQomZ3Q7PGJyPg0KJmd0OyBfX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fXzxicj4NCiZndDsgc2NpbSBtYWlsaW5nIGxpc3Q8YnI+DQomZ3Q7
IDxhIGhyZWY9Im1haWx0bzpzY2ltQGlldGYub3JnIj5zY2ltQGlldGYub3JnPC9hPjxicj4NCiZn
dDsgPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltIiB0
YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2lt
PC9hPjxicj4NCiZndDs8YnI+DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fXzxicj4NCnNjaW0gbWFpbGluZyBsaXN0PGJyPg0KPGEgaHJlZj0ibWFpbHRvOnNj
aW1AaWV0Zi5vcmciPnNjaW1AaWV0Zi5vcmc8L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cu
aWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltIiB0YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly93
d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltPC9hPjxicj4NCjwvZGl2Pg0KPC9kaXY+
DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjxicj4NCjwvZGl2Pg0KX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX188YnI+DQpzY2ltIG1haWxpbmcgbGlzdDxicj4N
CjxhIGhyZWY9Im1haWx0bzpzY2ltQGlldGYub3JnIj5zY2ltQGlldGYub3JnPC9hPjxicj4NCjxh
IGhyZWY9Imh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vc2NpbSI+aHR0cHM6
Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zY2ltPC9hPjxicj4NCjwvYmxvY2txdW90
ZT4NCjwvZGl2Pg0KPGJyPg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+DQo=

--_000_866ECE789F11403FAB53119E5387F180nexussafecom_--

From Bert.Greevenbosch@huawei.com  Wed Mar 27 03:42:13 2013
Return-Path: <Bert.Greevenbosch@huawei.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E06F621F8FC0 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 03:42:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.676
X-Spam-Level: 
X-Spam-Status: No, score=-2.676 tagged_above=-999 required=5 tests=[AWL=3.923,  BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EqCv6ORyBMcS for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 03:42:12 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 9D17821F8F29 for <scim@ietf.org>; Wed, 27 Mar 2013 03:42:11 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml203-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id APV35367; Wed, 27 Mar 2013 10:42:10 +0000 (GMT)
Received: from LHREML403-HUB.china.huawei.com (10.201.5.217) by lhreml203-edg.huawei.com (172.18.7.221) with Microsoft SMTP Server (TLS) id 14.1.323.7; Wed, 27 Mar 2013 10:41:46 +0000
Received: from SZXEML413-HUB.china.huawei.com (10.82.67.152) by lhreml403-hub.china.huawei.com (10.201.5.217) with Microsoft SMTP Server (TLS) id 14.1.323.7; Wed, 27 Mar 2013 10:42:06 +0000
Received: from szxeml558-mbx.china.huawei.com ([169.254.7.185]) by szxeml413-hub.china.huawei.com ([10.82.67.152]) with mapi id 14.01.0323.007; Wed, 27 Mar 2013 18:41:43 +0800
From: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>
To: Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>, Marc Blanchet <marc.blanchet@viagenie.ca>
Thread-Topic: [scim] Name Internationalization
Thread-Index: AQHOJ3KFy727VUoVnEmlhNc7iCT2rJi06r4AgAD7whCAAFxXAIAC25xQ
Date: Wed, 27 Mar 2013 10:41:43 +0000
Message-ID: <46A1DF3F04371240B504290A071B4DB63D68DB20@szxeml558-mbx.china.huawei.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com> <CAGUsYPw7n0CqwUZE=ktEkM5sxjWLUrzCwV9oPVvk6zf+fC1FMw@mail.gmail.com>
In-Reply-To: <CAGUsYPw7n0CqwUZE=ktEkM5sxjWLUrzCwV9oPVvk6zf+fC1FMw@mail.gmail.com>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.66.162.63]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Cc: Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 10:42:14 -0000

SGkgU2hlbGx5LCBhbGwsDQoNCkluIHZDYXJkLCBhbGwgbmFtZSBpbmZvIGlzIHB1dCBpbnRvIGEg
c2luZ2xlIE4gZWxlbWVudC4gVGhlIGRpZmZlcmVudCBuYW1lcyBvZiB0aGUgc2FtZSB0eXBlIGFy
ZSBjb21tYS1zZXBhcmF0ZWQsIHdoZXJlYXMgdGhlIGRpZmZlcmVudCB0eXBlcyBhcmUgc2VtaWNv
bG9uLXNlcGFyYXRlZC4NCg0KRm9yIGFkZHJlc3NlcywgdGhlIFNDSU0gc2NoZW1hIGRlZmluZXMg
YW4gImFkZHJlc3NlcyIgZWxlbWVudCB0aGF0IGNvbnRhaW5zIG11bHRpcGxlICJhZGRyZXNzIiBl
bGVtZW50cy4gSG93ZXZlciwgdGhlcmUgaXMgbm8gIm5hbWVzIiBlbGVtZW50LCBidXQgdGhhdCB3
b3VsZG4ndCBoZWxwIGFueXdheS4gVGhlIGdpdmVuIG5hbWUgaXMgZS5nLiBzdG9yZWQgaW4gIm5h
bWUvZ2l2ZW5OYW1lIiwgc28gd2l0aCB0aGUgInNpbmd1bGFyIGluIHBsdXJhbCBlbGVtZW50IG1l
Y2hhbmlzbSIgeW91IHdvdWxkIG5lZWQgc29tZXRoaW5nIGxpa2UgIm5hbWUvZ2l2ZW5OYW1lcy9n
aXZlbk5hbWUiIGlmIHlvdSB3YW50IHRvIHN0b3JlIG11bHRpcGxlIGdpdmVuIG5hbWVzLiBJIGFt
IG5vdCBzdXJlIGlmIHRoaXMgaXMgZGVzaXJhYmxlLg0KDQpNYXliZSBtdWx0aXBsZSBuYW1lcyBj
b3VsZCBiZSByZXNvbHZlZCBieSBqdXN0IGFsbG93aW5nIHNwYWNlcyB3aXRoaW4gdGhlIGZpZWxk
IGFuZCB0cmVhdGluZyBpdCBhcyBhbiBvcGFxdWUgc3RyaW5nLg0KDQpGb3IgYWRkaW5nIG5ldyBu
YW1lIGZpZWxkcywgSSBmb3VuZCB0aGUgZm9sbG93aW5nIHRleHQgaW4gc2VjdGlvbiA0Og0KDQoJ
IlVubGlrZSBMREFQIHRoZXJlIGlzIG5vIGluaGVyaXRhbmNlIG1vZGVsOyBhbGwgZXh0ZW5zaW9u
cyBhcmUgYWRkaXRpdmUgKHNpbWlsYXIgdG8gTERBUCBBdXhpbGlhcnkgT2JqZWN0IENsYXNzZXMg
WzNdKS4gLi4uIEVhY2ggc2NoZW1hIGV4dGVuc2lvbiBtdXN0IGlkZW50aWZ5IGEgVVJJIHVzZWQg
dG8gaWRlbnRpZnkgdGhlIGV4dGVuc2lvbi4gWE1MIE1VU1QgdXNlIFhNTCBuYW1lc3BhY2VzIGFu
ZCBKU09OIGZvcm1hdHMgTVVTVCB1c2UgdGhlICJzY2hlbWFzIiBhdHRyaWJ1dGUgKFNlY3Rpb24g
NS4yKSB0byBkaXN0aW5ndWlzaCBleHRlbmRlZCByZXNvdXJjZXMgYW5kIGF0dHJpYnV0ZXMuICIN
Cg0KSSBndWVzcyB0aGlzIG1lYW5zIGluIHRoZSBKU09OIGNhc2UsIHRoYXQgeW91IGNhbiBwdXQg
bmV3IGVsZW1lbnRzIGFueXdoZXJlIHlvdSB3YW50LCBhcyBsb25nIGFzIHlvdSBjcmVhdGUgYSBu
ZXcgVVJJIGFuZCBwdXQgaXQgaW4gdGhlICJzY2hlbWFzIiBhdHRyaWJ1dGU/DQoNCihBcyBKQ0FS
RENBTCBjby1jaGFpcjopIFdlIGFyZSBoYXZpbmcgYSB2ZXJ5IHNpbWlsYXIgZGlzY3Vzc2lvbiBp
biBKQ0FSRENBTCwgYWJvdXQgbXVsdGl2YWx1ZSBmaWVsZHMsIGFuZCBzdHJ1Y3R1cmVkIGZpZWxk
cy4gQXMgZGlzY3Vzc2VkIGluIE9ybGFuZG8sIGl0IHdvdWxkIGJlIGdvb2QgZm9yIFNDSU0gdG8g
a2VlcCBhY3F1YWludGVkIHdpdGggdGhlIEpDQVJEQ0FMIHdvcmsuDQoNCkJlc3QgcmVnYXJkcywN
CkJlcnQNCg0KDQotLS0NCkZyb206IFNoZWxsZXkgW21haWx0bzpyYW5kb21zaGVsbGV5QGdtYWls
LmNvbV0gDQpTZW50OiAyMDEz5bm0M+aciDI25pelIDM6MDcNClRvOiBCZXJ0IEdyZWV2ZW5ib3Nj
aA0KQ2M6IE1hcmMgQmxhbmNoZXQ7IHNjaW1AaWV0Zi5vcmcNClN1YmplY3Q6IFJlOiBbc2NpbV0g
TmFtZSBJbnRlcm5hdGlvbmFsaXphdGlvbg0KDQpUaGFua3MsIEJlcnQuIFNvIHRvIGNsYXJpZnks
IGluIHRoZSBTQ0lNL3ZDYXJkIG1hcHBpbmcgcHJvcG9zYWwsIG11bHRpcGxlIG5hbWUgY29tcG9u
ZW50cyB3aWxsIGJlIGNvbW1hLXNlcGFyYXRlZCBpbiB0aGUgY29ycmVzcG9uZGluZyBTQ0lNIHNp
bmd1bGFyIGF0dHJpYnV0ZT8gSW4gb3VyIGNhc2UsIHdlIGFyZSBpbml0aWFsbHkgY29uc2lkZXJp
bmcgc3BhY2UtZGVsaW1pdGluZyB0aGUgY29tcG9uZW50cyBzdWNoIHRoYXQgdGhpcyB3b3VsZCBl
ZmZlY3RpdmVseSBzZXJ2ZSBhcyBhICJmb3JtYXR0ZWQiIGZhbWlseU5hbWUvZ2l2ZW5OYW1lL2V0
Yy4gYW5kIGNvdWxkIHBvdGVudGlhbGx5IGFjY29tbW9kYXRlIGNvbnRyaWJ1dGluZyBzeXN0ZW1z
IHRoYXQgb25seSBzdG9yZSBzaW5nbGUtdmFsdWVkIG5hbWUgYXR0cmlidXRlcyBhcyB3ZWxsLg0K
DQpXaXRoIGEgY29tbWEtZGVsaW1pdGVkIHZhbHVlLCBhbGwgU0NJTSBjb25zdW1lcnMgbXVzdCBi
ZSBhd2FyZSBvZiB0aGlzIHNwZWNpYWwgZm9ybWF0IHdoZW4gZGVhbGluZyB3aXRoIHRoZSBhdHRy
aWJ1dGUuIFdpdGggYSBzcGFjZS1kZWxpbWl0ZWQgdmFsdWUsIGNvbnN1bWVycyBtYXkgbm90IGJl
IGFibGUgdG8gcmV0cmlldmUgdGhlIGluZGl2aWR1YWwgdmFsdWVzLCBidXQgY2FuIGhhbmRsZSB0
aGUgbmFtZSBjb25zaXN0ZW50bHkgd2l0aG91dCBhdHRlbXB0aW5nIHRvIHBhcnNlIGFuZCByZWdh
cmRsZXNzIG9mIHRoZSBvcmlnaW4gb2YgdGhlIGRhdGEgKGkuZS4gd2hldGhlciBpdCBjYW1lIGZy
b20gYSBzeXN0ZW0gdGhhdCBvbmx5IHN0b3JlcyBhIHNpbmdsZSB2YWx1ZSBvciBtdWx0aXBsZSB2
YWx1ZXMpLg0KDQpJIGFsc28gbm90aWNlZCB0aGF0IHRoZSBTQ0lNL3ZDYXJkIGRyYWZ0IGluY2x1
ZGVzIHRoaXMgYXMgYW4gb3BlbiBpc3N1ZSwgcHJvcG9zaW5nIHRoYXQgaXQgbWF5IGJlIG1vcmUg
YXBwcm9wcmlhdGUgdG8gdXBkYXRlIHRoZSBTQ0lNIHNjaGVtYSB0byBoYW5kbGUgbXVsdGlwbGUg
dmFsdWVzLiBJcyB0aGlzIGEgdG9waWMgdGhhdCdzIGN1cnJlbnRseSBiZWluZyBkaXNjdXNzZWQ/
DQoNCldlIGFyZSBjdXJyZW50bHkgYWRvcHRpbmcgdGhlIFNDSU0gMS4xIHNwZWNpZmljYXRpb24s
IGJ1dCBhcmUgdHJ5aW5nIHRvIGNvbnNpZGVyIHBvdGVudGlhbCBjaGFuZ2VzIGZvciBTQ0lNIDIu
MCBpbiBvdXIgaW1wbGVtZW50YXRpb24uDQoNCk9uIE1vbiwgTWFyIDI1LCAyMDEzIGF0IDEyOjQx
IEFNLCBCZXJ0IEdyZWV2ZW5ib3NjaCA8QmVydC5HcmVldmVuYm9zY2hAaHVhd2VpLmNvbT4gd3Jv
dGU6DQpJIHN0dW1ibGVkIGFjcm9zcyB0aGUgc2FtZSBpc3N1ZSB3aGVuIGRvaW5nIHYwMiBvZiB0
aGUgU0NJTS92Q2FyZCBtYXBwaW5nIGRyYWZ0LiBTZWUgc2VjdGlvbiA2Lg0KaHR0cDovL2RhdGF0
cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1ncmVldmVuYm9zY2gtc2NpbS12Y2FyZC1tYXBwaW5n
Lw0KwqANCkluZGVlZCBpbiB2Q2FyZCBtdWx0aXBsZSBzdXJuYW1lcywgZ2l2ZW4gbmFtZXMgYW5k
IGFkZGl0aW9uYWwgbmFtZXMgYXJlIHBvc3NpYmxlLg0KwqANCkJlc3QgcmVnYXJkcywNCkJlcnQN
CsKgDQpGcm9tOiBzY2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0
Zi5vcmddIE9uIEJlaGFsZiBPZiBNYXJjIEJsYW5jaGV0DQpTZW50OiAyMDEz5bm0M+aciDI15pel
IDY6MzUNClRvOiBTaGVsbGV5DQpDYzogc2NpbUBpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtzY2lt
XSBOYW1lIEludGVybmF0aW9uYWxpemF0aW9uDQrCoA0KbWlnaHQgd2FudCB0byBsb29rIGF0IHZD
YXJkIMKgKFJGQzYzNTApLg0KwqANCk1hcmMuDQrCoA0KTGUgMjAxMy0wMy0yMiDDoCAyMjo1OSwg
U2hlbGxleSA8cmFuZG9tc2hlbGxleUBnbWFpbC5jb20+IGEgw6ljcml0IDoNCg0KQXMgYSBTQ0lN
IHNlcnZpY2UgcHJvdmlkZXIsIHdlIGFyZSB0cnlpbmcgdG8gZGV0ZXJtaW5lIHRoZSBiZXN0IGFw
cHJvYWNoIGZvciBhY2NlcHRpbmcgYW5kIG1hbmFnaW5nIG5hbWVzIHRoYXQgbWF5IGJlIGZlZGVy
YXRlZCBmcm9tIGdsb2JhbCBjb25zdW1lcnMuDQoNCldlcmUgdGhlcmUgYW55IGNvbnNpZGVyYXRp
b25zIG1hZGUgaW4gdGhlIFNDSU0gY29yZSBzY2hlbWEgZm9yIHVzaW5nIG11bHRpLXZhbHVlZCBh
dHRyaWJ1dGVzIGZvciB0aGUgaW5kaXZpZHVhbCBuYW1lIGNvbXBvbmVudHM/IFRoZSB1c2Ugb2Yg
dGhlICJmYW1pbHlOYW1lIiBhbmQgImdpdmVuTmFtZSIgYXMgb3Bwb3NlZCB0byAiZmlyc3ROYW1l
Ii8ibGFzdE5hbWUiIGhlbHBzIG1pbmltaXplIGEgd2VzdGVybi9VUy1jZW50cmljIGFwcHJvYWNo
LCBidXQgdXNpbmcgdGhyZWUgaW5kaXZpZHVhbCwgc2luZ3VsYXIgYXR0cmlidXRlcyBmb3IgdGhl
c2UgbmFtZSBjb21wb25lbnRzIHN0aWxsIGhpbnRzIGF0IGEgcGFydGljdWxhciBuYW1lIGZvcm1h
dCB0aGF0IG1heSBub3QgYmUgZ2xvYmFsLg0KDQpGb3IgZXhhbXBsZSwgaW4gbWFueSBjb3VudHJp
ZXMsIGluZGl2aWR1YWxzIGhhdmUgYSBnaXZlbiBuYW1lIGFuZCB0d28gbGFzdCBuYW1lcyAocmF0
aGVyIHRoYW4gZmlyc3QgbmFtZSwgbWlkZGxlIG5hbWUsIGxhc3QgbmFtZSkuIERvZXMgU0NJTSBw
cm92aWRlIGFueSByZWNvbW1lbmRhdGlvbnMgZm9yIGhvdyB0byByZXByZXNlbnQgdGhpcyB1c2lu
ZyB0aGUgZXhpc3RpbmcgbmFtZSBjb21wb25lbnRzPyBGb3IgZXhhbXBsZSwgYXJlIGNvbnN1bWVy
cyBleHBlY3RlZCB0byBjb25zb2xpZGF0ZSBhbGwgbGFzdCBuYW1lcyBpbnRvIHRoZSBzaW5nbGUg
ZmFtaWx5TmFtZSBhdHRyaWJ1dGUgdG8gYWNjb21tb2RhdGUgdGhpcyBzY2VuYXJpbz8gTGlrZXdp
c2UsIHRoZXJlIGFyZSBtYW55IG90aGVyIGNhc2VzIFsxLDJdIHRoYXQgZG9uJ3QgcXVpdGUgY2xl
YW5seSBmaXQgaW50byB0aGVzZSBzaW5ndWxhciBuYW1lIGNvbXBvbmVudHMuDQoNClRoZSAiZm9y
bWF0dGVkTmFtZSIsICJkaXNwbGF5TmFtZSIsIGFuZCAibmlja05hbWUiIGF0dHJpYnV0ZXMgaGVs
cCB0byBtaXRpZ2F0ZSBzb21lIGNvbmNlcm5zIGFyb3VuZCBmb3JtYXR0aW5nIG5hbWVzIGFuZCBh
ZGRyZXNzaW5nIHVzZXJzLCBidXQgd2UncmUgc3RpbGwgdHJ5aW5nIHRvIGlyb24gb3V0IGhvdyB0
byBhY2NlcHQgaWRlbnRpdHkgZGF0YSBmcm9tIHZhcnlpbmcgY29udHJpYnV0aW5nIHNvdXJjZXMg
YXMgd2VsbCBhcyBlbmFibGUgY29uc3VtZXJzIHRvIG9idGFpbiB0aGUgZGlzY3JldGUgbmFtZSBj
b21wb25lbnRzLg0KDQpbMV0gaHR0cDovL3d3dy53My5vcmcvSW50ZXJuYXRpb25hbC9xdWVzdGlv
bnMvcWEtcGVyc29uYWwtbmFtZXMNClsyXSBodHRwOi8vZW4ud2lraXBlZGlhLm9yZy93aWtpL1Bl
cnNvbmFsX25hbWUNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fDQpzY2ltIG1haWxpbmcgbGlzdA0Kc2NpbUBpZXRmLm9yZw0KaHR0cHM6Ly93d3cuaWV0Zi5v
cmcvbWFpbG1hbi9saXN0aW5mby9zY2ltDQrCoA0KDQo=

From kelly.grizzle@sailpoint.com  Wed Mar 27 06:11:03 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA75621F9027 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 06:11:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JFFsCcL8z5Rn for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 06:11:01 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe005.messaging.microsoft.com [216.32.181.185]) by ietfa.amsl.com (Postfix) with ESMTP id EE82021F9026 for <scim@ietf.org>; Wed, 27 Mar 2013 06:11:00 -0700 (PDT)
Received: from mail11-ch1-R.bigfish.com (10.43.68.232) by CH1EHSOBE014.bigfish.com (10.43.70.64) with Microsoft SMTP Server id 14.1.225.23; Wed, 27 Mar 2013 13:11:00 +0000
Received: from mail11-ch1 (localhost [127.0.0.1])	by mail11-ch1-R.bigfish.com (Postfix) with ESMTP id 3430BA01DC; Wed, 27 Mar 2013 13:11:00 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT002.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -25
X-BigFish: PS-25(zz98dI9371Ic89bh936eI542I4015Idb82hzz1f42h1fc6h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL17326ah8275bh8275dhz31h2a8h668h839h93fhd25hf0ah1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1155h)
Received-SPF: softfail (mail11-ch1: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT002.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail11-ch1 (localhost.localdomain [127.0.0.1]) by mail11-ch1 (MessageSwitch) id 1364389857344994_3689; Wed, 27 Mar 2013 13:10:57 +0000 (UTC)
Received: from CH1EHSMHS024.bigfish.com (snatpool3.int.messaging.microsoft.com [10.43.68.225])	by mail11-ch1.bigfish.com (Postfix) with ESMTP id 512483C00B3;	Wed, 27 Mar 2013 13:10:57 +0000 (UTC)
Received: from BLUPRD0412HT002.namprd04.prod.outlook.com (132.245.1.133) by CH1EHSMHS024.bigfish.com (10.43.70.24) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 27 Mar 2013 13:10:51 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.165]) by BLUPRD0412HT002.namprd04.prod.outlook.com ([10.255.214.163]) with mapi id 14.16.0275.006; Wed, 27 Mar 2013 13:10:50 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>, Shelley <randomshelley@gmail.com>, "scim@ietf.org" <scim@ietf.org>, Marc Blanchet <marc.blanchet@viagenie.ca>
Thread-Topic: [scim] Name Internationalization
Thread-Index: AQHOJ3KD4yzbcyHqRkCMPn6ouHItxZi1cNoAgAB26gCAAOEvAIACl3+AgAAk/MA=
Date: Wed, 27 Mar 2013 13:10:49 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C3ACD77@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com> <CAGUsYPw7n0CqwUZE=ktEkM5sxjWLUrzCwV9oPVvk6zf+fC1FMw@mail.gmail.com> <46A1DF3F04371240B504290A071B4DB63D68DB20@szxeml558-mbx.china.huawei.com>
In-Reply-To: <46A1DF3F04371240B504290A071B4DB63D68DB20@szxeml558-mbx.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 11D02F08003FD611D03055
x-originating-ip: [72.182.10.254]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: Peter Saint-Andre <stpeter@stpeter.im>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 13:11:03 -0000

SSBhZ3JlZSB3aXRoIEVyaWsgdGhhdCB0aGlzIG1pZ2h0IGJlc3QgYmUgaGFuZGxlZCB0aHJvdWdo
IGFuIGV4dGVuc2lvbiAocGVyaGFwcyBhIHN0YW5kYXJkIGV4dGVuc2lvbikuICBJdCBmZWVscyBs
aWtlIHRoZSBjb21tb24gY2FzZSBpcyBzdGlsbCBhIHNpbmdsZSBuYW1lIGFuZCB0aGF0IGkxOG4g
bmFtZXMvbXVsdGlwbGUgbmFtZXMgbWF5IGJlIG1vcmUgb2YgdGhlIGV4Y2VwdGlvbiB0aGFuIHRo
ZSBydWxlLiAgSSBtYXkgYmUgd3JvbmcsIHRob3VnaC4NCg0KPiBJIGd1ZXNzIHRoaXMgbWVhbnMg
aW4gdGhlIEpTT04gY2FzZSwgdGhhdCB5b3UgY2FuIHB1dCBuZXcgZWxlbWVudHMgYW55d2hlcmUg
eW91IHdhbnQsIGFzIGxvbmcgYXMgeW91IGNyZWF0ZSBhIG5ldyBVUkkgYW5kIHB1dCBpdCBpbiB0
aGUgInNjaGVtYXMiIGF0dHJpYnV0ZT8NCg0KVGhpcyBpcyBzb21ldGhpbmcgdGhlIGRlc2lnbiB0
ZWFtIGlzIGRpc2N1c3NpbmcgaW4gaXNzdWUgIzM4LiAgSXQgaXMgbm90IGNsZWFybHkgc3BlbGxl
ZCBvdXQgaW4gdGhlIHNwZWMgY3VycmVudGx5LCBidXQgZXh0ZW5zaW9ucyBtdXN0IGJlIHJlcHJl
c2VudGVkIHdpdGhpbiBhIEpTT04gc3ViLWF0dHJpYnV0ZSBuYW1lZCBieSB0aGUgc2NoZW1hLiAg
Rm9yIGV4YW1wbGUsIHRoZSBub24tbm9ybWF0aXZlIGVudGVycHJpc2UgdXNlciBleGFtcGxlIGlu
IHRoZSBzY2hlbWEgZG9jIGhhcyB0aGlzOg0KDQogICJ1cm46c2NpbTpzY2hlbWFzOmV4dGVuc2lv
bjplbnRlcnByaXNlOjEuMCI6IHsNCiAgICAiZW1wbG95ZWVOdW1iZXIiOiAiNzAxOTg0IiwNCiAg
ICAiY29zdENlbnRlciI6ICI0MTMwIiwNCiAgICAuLi4uDQogIH0sDQoNCkkgdGhpbmsgdGhpcyB3
b3VsZCBwcmVjbHVkZSB5b3UgZnJvbSBtaXhpbmcgZXh0ZW5zaW9uIGF0dHJpYnV0ZXMgaW4gd2l0
aCB0aGUgY29yZSBhdHRyaWJ1dGVzLCBsaWtlIHRoaXM6DQoNCiAgIm5hbWUiOiB7DQogICAgImZv
cm1hdHRlZCI6ICJLZWxseSBHcml6emxlIiwNCiAgICAidXJuOnNjaW06ZXh0ZW5kZWRVc2VyLmFs
c29Lbm93bkFzIjogWyAuLi4gXQ0KICAgIC4uLg0KfQ0KDQotLUtlbGx5DQoNCi0tLS0tT3JpZ2lu
YWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBzY2ltLWJvdW5jZXNAaWV0Zi5vcmcgW21haWx0bzpzY2lt
LWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBCZXJ0IEdyZWV2ZW5ib3NjaA0KU2VudDog
V2VkbmVzZGF5LCBNYXJjaCAyNywgMjAxMyA1OjQyIEFNDQpUbzogU2hlbGxleTsgc2NpbUBpZXRm
Lm9yZzsgTWFyYyBCbGFuY2hldA0KQ2M6IFBldGVyIFNhaW50LUFuZHJlDQpTdWJqZWN0OiBSZTog
W3NjaW1dIE5hbWUgSW50ZXJuYXRpb25hbGl6YXRpb24NCg0KSGkgU2hlbGx5LCBhbGwsDQoNCklu
IHZDYXJkLCBhbGwgbmFtZSBpbmZvIGlzIHB1dCBpbnRvIGEgc2luZ2xlIE4gZWxlbWVudC4gVGhl
IGRpZmZlcmVudCBuYW1lcyBvZiB0aGUgc2FtZSB0eXBlIGFyZSBjb21tYS1zZXBhcmF0ZWQsIHdo
ZXJlYXMgdGhlIGRpZmZlcmVudCB0eXBlcyBhcmUgc2VtaWNvbG9uLXNlcGFyYXRlZC4NCg0KRm9y
IGFkZHJlc3NlcywgdGhlIFNDSU0gc2NoZW1hIGRlZmluZXMgYW4gImFkZHJlc3NlcyIgZWxlbWVu
dCB0aGF0IGNvbnRhaW5zIG11bHRpcGxlICJhZGRyZXNzIiBlbGVtZW50cy4gSG93ZXZlciwgdGhl
cmUgaXMgbm8gIm5hbWVzIiBlbGVtZW50LCBidXQgdGhhdCB3b3VsZG4ndCBoZWxwIGFueXdheS4g
VGhlIGdpdmVuIG5hbWUgaXMgZS5nLiBzdG9yZWQgaW4gIm5hbWUvZ2l2ZW5OYW1lIiwgc28gd2l0
aCB0aGUgInNpbmd1bGFyIGluIHBsdXJhbCBlbGVtZW50IG1lY2hhbmlzbSIgeW91IHdvdWxkIG5l
ZWQgc29tZXRoaW5nIGxpa2UgIm5hbWUvZ2l2ZW5OYW1lcy9naXZlbk5hbWUiIGlmIHlvdSB3YW50
IHRvIHN0b3JlIG11bHRpcGxlIGdpdmVuIG5hbWVzLiBJIGFtIG5vdCBzdXJlIGlmIHRoaXMgaXMg
ZGVzaXJhYmxlLg0KDQpNYXliZSBtdWx0aXBsZSBuYW1lcyBjb3VsZCBiZSByZXNvbHZlZCBieSBq
dXN0IGFsbG93aW5nIHNwYWNlcyB3aXRoaW4gdGhlIGZpZWxkIGFuZCB0cmVhdGluZyBpdCBhcyBh
biBvcGFxdWUgc3RyaW5nLg0KDQpGb3IgYWRkaW5nIG5ldyBuYW1lIGZpZWxkcywgSSBmb3VuZCB0
aGUgZm9sbG93aW5nIHRleHQgaW4gc2VjdGlvbiA0Og0KDQoJIlVubGlrZSBMREFQIHRoZXJlIGlz
IG5vIGluaGVyaXRhbmNlIG1vZGVsOyBhbGwgZXh0ZW5zaW9ucyBhcmUgYWRkaXRpdmUgKHNpbWls
YXIgdG8gTERBUCBBdXhpbGlhcnkgT2JqZWN0IENsYXNzZXMgWzNdKS4gLi4uIEVhY2ggc2NoZW1h
IGV4dGVuc2lvbiBtdXN0IGlkZW50aWZ5IGEgVVJJIHVzZWQgdG8gaWRlbnRpZnkgdGhlIGV4dGVu
c2lvbi4gWE1MIE1VU1QgdXNlIFhNTCBuYW1lc3BhY2VzIGFuZCBKU09OIGZvcm1hdHMgTVVTVCB1
c2UgdGhlICJzY2hlbWFzIiBhdHRyaWJ1dGUgKFNlY3Rpb24gNS4yKSB0byBkaXN0aW5ndWlzaCBl
eHRlbmRlZCByZXNvdXJjZXMgYW5kIGF0dHJpYnV0ZXMuICINCg0KSSBndWVzcyB0aGlzIG1lYW5z
IGluIHRoZSBKU09OIGNhc2UsIHRoYXQgeW91IGNhbiBwdXQgbmV3IGVsZW1lbnRzIGFueXdoZXJl
IHlvdSB3YW50LCBhcyBsb25nIGFzIHlvdSBjcmVhdGUgYSBuZXcgVVJJIGFuZCBwdXQgaXQgaW4g
dGhlICJzY2hlbWFzIiBhdHRyaWJ1dGU/DQoNCihBcyBKQ0FSRENBTCBjby1jaGFpcjopIFdlIGFy
ZSBoYXZpbmcgYSB2ZXJ5IHNpbWlsYXIgZGlzY3Vzc2lvbiBpbiBKQ0FSRENBTCwgYWJvdXQgbXVs
dGl2YWx1ZSBmaWVsZHMsIGFuZCBzdHJ1Y3R1cmVkIGZpZWxkcy4gQXMgZGlzY3Vzc2VkIGluIE9y
bGFuZG8sIGl0IHdvdWxkIGJlIGdvb2QgZm9yIFNDSU0gdG8ga2VlcCBhY3F1YWludGVkIHdpdGgg
dGhlIEpDQVJEQ0FMIHdvcmsuDQoNCkJlc3QgcmVnYXJkcywNCkJlcnQNCg0KDQotLS0NCkZyb206
IFNoZWxsZXkgW21haWx0bzpyYW5kb21zaGVsbGV5QGdtYWlsLmNvbV0gDQpTZW50OiAyMDEz5bm0
M+aciDI25pelIDM6MDcNClRvOiBCZXJ0IEdyZWV2ZW5ib3NjaA0KQ2M6IE1hcmMgQmxhbmNoZXQ7
IHNjaW1AaWV0Zi5vcmcNClN1YmplY3Q6IFJlOiBbc2NpbV0gTmFtZSBJbnRlcm5hdGlvbmFsaXph
dGlvbg0KDQpUaGFua3MsIEJlcnQuIFNvIHRvIGNsYXJpZnksIGluIHRoZSBTQ0lNL3ZDYXJkIG1h
cHBpbmcgcHJvcG9zYWwsIG11bHRpcGxlIG5hbWUgY29tcG9uZW50cyB3aWxsIGJlIGNvbW1hLXNl
cGFyYXRlZCBpbiB0aGUgY29ycmVzcG9uZGluZyBTQ0lNIHNpbmd1bGFyIGF0dHJpYnV0ZT8gSW4g
b3VyIGNhc2UsIHdlIGFyZSBpbml0aWFsbHkgY29uc2lkZXJpbmcgc3BhY2UtZGVsaW1pdGluZyB0
aGUgY29tcG9uZW50cyBzdWNoIHRoYXQgdGhpcyB3b3VsZCBlZmZlY3RpdmVseSBzZXJ2ZSBhcyBh
ICJmb3JtYXR0ZWQiIGZhbWlseU5hbWUvZ2l2ZW5OYW1lL2V0Yy4gYW5kIGNvdWxkIHBvdGVudGlh
bGx5IGFjY29tbW9kYXRlIGNvbnRyaWJ1dGluZyBzeXN0ZW1zIHRoYXQgb25seSBzdG9yZSBzaW5n
bGUtdmFsdWVkIG5hbWUgYXR0cmlidXRlcyBhcyB3ZWxsLg0KDQpXaXRoIGEgY29tbWEtZGVsaW1p
dGVkIHZhbHVlLCBhbGwgU0NJTSBjb25zdW1lcnMgbXVzdCBiZSBhd2FyZSBvZiB0aGlzIHNwZWNp
YWwgZm9ybWF0IHdoZW4gZGVhbGluZyB3aXRoIHRoZSBhdHRyaWJ1dGUuIFdpdGggYSBzcGFjZS1k
ZWxpbWl0ZWQgdmFsdWUsIGNvbnN1bWVycyBtYXkgbm90IGJlIGFibGUgdG8gcmV0cmlldmUgdGhl
IGluZGl2aWR1YWwgdmFsdWVzLCBidXQgY2FuIGhhbmRsZSB0aGUgbmFtZSBjb25zaXN0ZW50bHkg
d2l0aG91dCBhdHRlbXB0aW5nIHRvIHBhcnNlIGFuZCByZWdhcmRsZXNzIG9mIHRoZSBvcmlnaW4g
b2YgdGhlIGRhdGEgKGkuZS4gd2hldGhlciBpdCBjYW1lIGZyb20gYSBzeXN0ZW0gdGhhdCBvbmx5
IHN0b3JlcyBhIHNpbmdsZSB2YWx1ZSBvciBtdWx0aXBsZSB2YWx1ZXMpLg0KDQpJIGFsc28gbm90
aWNlZCB0aGF0IHRoZSBTQ0lNL3ZDYXJkIGRyYWZ0IGluY2x1ZGVzIHRoaXMgYXMgYW4gb3BlbiBp
c3N1ZSwgcHJvcG9zaW5nIHRoYXQgaXQgbWF5IGJlIG1vcmUgYXBwcm9wcmlhdGUgdG8gdXBkYXRl
IHRoZSBTQ0lNIHNjaGVtYSB0byBoYW5kbGUgbXVsdGlwbGUgdmFsdWVzLiBJcyB0aGlzIGEgdG9w
aWMgdGhhdCdzIGN1cnJlbnRseSBiZWluZyBkaXNjdXNzZWQ/DQoNCldlIGFyZSBjdXJyZW50bHkg
YWRvcHRpbmcgdGhlIFNDSU0gMS4xIHNwZWNpZmljYXRpb24sIGJ1dCBhcmUgdHJ5aW5nIHRvIGNv
bnNpZGVyIHBvdGVudGlhbCBjaGFuZ2VzIGZvciBTQ0lNIDIuMCBpbiBvdXIgaW1wbGVtZW50YXRp
b24uDQoNCk9uIE1vbiwgTWFyIDI1LCAyMDEzIGF0IDEyOjQxIEFNLCBCZXJ0IEdyZWV2ZW5ib3Nj
aCA8QmVydC5HcmVldmVuYm9zY2hAaHVhd2VpLmNvbT4gd3JvdGU6DQpJIHN0dW1ibGVkIGFjcm9z
cyB0aGUgc2FtZSBpc3N1ZSB3aGVuIGRvaW5nIHYwMiBvZiB0aGUgU0NJTS92Q2FyZCBtYXBwaW5n
IGRyYWZ0LiBTZWUgc2VjdGlvbiA2Lg0KaHR0cDovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9k
cmFmdC1ncmVldmVuYm9zY2gtc2NpbS12Y2FyZC1tYXBwaW5nLw0KwqANCkluZGVlZCBpbiB2Q2Fy
ZCBtdWx0aXBsZSBzdXJuYW1lcywgZ2l2ZW4gbmFtZXMgYW5kIGFkZGl0aW9uYWwgbmFtZXMgYXJl
IHBvc3NpYmxlLg0KwqANCkJlc3QgcmVnYXJkcywNCkJlcnQNCsKgDQpGcm9tOiBzY2ltLWJvdW5j
ZXNAaWV0Zi5vcmcgW21haWx0bzpzY2ltLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBN
YXJjIEJsYW5jaGV0DQpTZW50OiAyMDEz5bm0M+aciDI15pelIDY6MzUNClRvOiBTaGVsbGV5DQpD
Yzogc2NpbUBpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtzY2ltXSBOYW1lIEludGVybmF0aW9uYWxp
emF0aW9uDQrCoA0KbWlnaHQgd2FudCB0byBsb29rIGF0IHZDYXJkIMKgKFJGQzYzNTApLg0KwqAN
Ck1hcmMuDQrCoA0KTGUgMjAxMy0wMy0yMiDDoCAyMjo1OSwgU2hlbGxleSA8cmFuZG9tc2hlbGxl
eUBnbWFpbC5jb20+IGEgw6ljcml0IDoNCg0KQXMgYSBTQ0lNIHNlcnZpY2UgcHJvdmlkZXIsIHdl
IGFyZSB0cnlpbmcgdG8gZGV0ZXJtaW5lIHRoZSBiZXN0IGFwcHJvYWNoIGZvciBhY2NlcHRpbmcg
YW5kIG1hbmFnaW5nIG5hbWVzIHRoYXQgbWF5IGJlIGZlZGVyYXRlZCBmcm9tIGdsb2JhbCBjb25z
dW1lcnMuDQoNCldlcmUgdGhlcmUgYW55IGNvbnNpZGVyYXRpb25zIG1hZGUgaW4gdGhlIFNDSU0g
Y29yZSBzY2hlbWEgZm9yIHVzaW5nIG11bHRpLXZhbHVlZCBhdHRyaWJ1dGVzIGZvciB0aGUgaW5k
aXZpZHVhbCBuYW1lIGNvbXBvbmVudHM/IFRoZSB1c2Ugb2YgdGhlICJmYW1pbHlOYW1lIiBhbmQg
ImdpdmVuTmFtZSIgYXMgb3Bwb3NlZCB0byAiZmlyc3ROYW1lIi8ibGFzdE5hbWUiIGhlbHBzIG1p
bmltaXplIGEgd2VzdGVybi9VUy1jZW50cmljIGFwcHJvYWNoLCBidXQgdXNpbmcgdGhyZWUgaW5k
aXZpZHVhbCwgc2luZ3VsYXIgYXR0cmlidXRlcyBmb3IgdGhlc2UgbmFtZSBjb21wb25lbnRzIHN0
aWxsIGhpbnRzIGF0IGEgcGFydGljdWxhciBuYW1lIGZvcm1hdCB0aGF0IG1heSBub3QgYmUgZ2xv
YmFsLg0KDQpGb3IgZXhhbXBsZSwgaW4gbWFueSBjb3VudHJpZXMsIGluZGl2aWR1YWxzIGhhdmUg
YSBnaXZlbiBuYW1lIGFuZCB0d28gbGFzdCBuYW1lcyAocmF0aGVyIHRoYW4gZmlyc3QgbmFtZSwg
bWlkZGxlIG5hbWUsIGxhc3QgbmFtZSkuIERvZXMgU0NJTSBwcm92aWRlIGFueSByZWNvbW1lbmRh
dGlvbnMgZm9yIGhvdyB0byByZXByZXNlbnQgdGhpcyB1c2luZyB0aGUgZXhpc3RpbmcgbmFtZSBj
b21wb25lbnRzPyBGb3IgZXhhbXBsZSwgYXJlIGNvbnN1bWVycyBleHBlY3RlZCB0byBjb25zb2xp
ZGF0ZSBhbGwgbGFzdCBuYW1lcyBpbnRvIHRoZSBzaW5nbGUgZmFtaWx5TmFtZSBhdHRyaWJ1dGUg
dG8gYWNjb21tb2RhdGUgdGhpcyBzY2VuYXJpbz8gTGlrZXdpc2UsIHRoZXJlIGFyZSBtYW55IG90
aGVyIGNhc2VzIFsxLDJdIHRoYXQgZG9uJ3QgcXVpdGUgY2xlYW5seSBmaXQgaW50byB0aGVzZSBz
aW5ndWxhciBuYW1lIGNvbXBvbmVudHMuDQoNClRoZSAiZm9ybWF0dGVkTmFtZSIsICJkaXNwbGF5
TmFtZSIsIGFuZCAibmlja05hbWUiIGF0dHJpYnV0ZXMgaGVscCB0byBtaXRpZ2F0ZSBzb21lIGNv
bmNlcm5zIGFyb3VuZCBmb3JtYXR0aW5nIG5hbWVzIGFuZCBhZGRyZXNzaW5nIHVzZXJzLCBidXQg
d2UncmUgc3RpbGwgdHJ5aW5nIHRvIGlyb24gb3V0IGhvdyB0byBhY2NlcHQgaWRlbnRpdHkgZGF0
YSBmcm9tIHZhcnlpbmcgY29udHJpYnV0aW5nIHNvdXJjZXMgYXMgd2VsbCBhcyBlbmFibGUgY29u
c3VtZXJzIHRvIG9idGFpbiB0aGUgZGlzY3JldGUgbmFtZSBjb21wb25lbnRzLg0KDQpbMV0gaHR0
cDovL3d3dy53My5vcmcvSW50ZXJuYXRpb25hbC9xdWVzdGlvbnMvcWEtcGVyc29uYWwtbmFtZXMN
ClsyXSBodHRwOi8vZW4ud2lraXBlZGlhLm9yZy93aWtpL1BlcnNvbmFsX25hbWUNCl9fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpzY2ltIG1haWxpbmcgbGlz
dA0Kc2NpbUBpZXRmLm9yZw0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9z
Y2ltDQrCoA0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
Xw0Kc2NpbSBtYWlsaW5nIGxpc3QNCnNjaW1AaWV0Zi5vcmcNCmh0dHBzOi8vd3d3LmlldGYub3Jn
L21haWxtYW4vbGlzdGluZm8vc2NpbQ0K


From asantos@pingidentity.com  Wed Mar 27 09:04:36 2013
Return-Path: <asantos@pingidentity.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB38521F8629 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 09:04:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.976
X-Spam-Level: 
X-Spam-Status: No, score=-5.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z+nhun7BpjeJ for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 09:04:36 -0700 (PDT)
Received: from na3sys009aog117.obsmtp.com (na3sys009aog117.obsmtp.com [74.125.149.242]) by ietfa.amsl.com (Postfix) with ESMTP id 7710C21F918F for <scim@ietf.org>; Wed, 27 Mar 2013 09:04:35 -0700 (PDT)
Received: from mail-we0-f198.google.com ([74.125.82.198]) (using TLSv1) by na3sys009aob117.postini.com ([74.125.148.12]) with SMTP ID DSNKUVMYigBN4tzWBrOIXweERliXOYN5+3X/@postini.com; Wed, 27 Mar 2013 09:04:35 PDT
Received: by mail-we0-f198.google.com with SMTP id k14so7493021wer.1 for <scim@ietf.org>; Wed, 27 Mar 2013 09:04:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:x-received:mime-version:from:date:message-id:subject:to :content-type:x-gm-message-state; bh=TAep4OZ+384/gFbtF8y9SZy0IUlWz1OIMos25dwJFN8=; b=oVtOyMbJyIHa9uTDs/kfYZS/zEeGUx9WhAmeIq4++1IsG9Y/2Pw6mGbdhlEmkdjKiA kG7zHTu3lNxFvrsRhhXg9e5LsVqCrw7tez2/eYfZcRvxTrIyo2Ge1FyDpluX8VGBNn9u EkfA1XTsofWDvRFu0JKIYOL70M/RC6oSmvoxy2yKu4O4t8lkop8YBW0kziZAP0k68Itz FqhlYrUAqGQw7R2jdn78M4v1+a0I0GEA5WecjgDzqr+odldrWHzGIRuN2lw/lvE5JHcH LfNbzFOYQZ7ouMqVpCdoRYzRTw5U1gtL+RPJ1niiVXAsgxvnY8mL2nrt35+hlbHABErq Tt9g==
X-Received: by 10.180.77.226 with SMTP id v2mr10578089wiw.33.1364400252672; Wed, 27 Mar 2013 09:04:12 -0700 (PDT)
X-Received: by 10.180.77.226 with SMTP id v2mr10577748wiw.33.1364400249689; Wed, 27 Mar 2013 09:04:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.152.226 with HTTP; Wed, 27 Mar 2013 09:03:49 -0700 (PDT)
From: Alexandre Santos <asantos@pingidentity.com>
Date: Wed, 27 Mar 2013 09:03:49 -0700
Message-ID: <CAPx6tN7x1MS+W=rbXF1c9p2qepJN3pco+h6MQYXmGHJakF+3Vw@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary=f46d043c7f1a36fbdf04d8ea30b7
X-Gm-Message-State: ALoCoQlBgusqvx02W1H+B76+GzQvFcmgPfS7NhuqskcyzXMsZq6zsn29B80ep20nQmkguHKOOY4ZuvZjDXsYhdq/Yb3GxghX8JEefeRKF5zSfXBjs/3oKm9EamOnyq+jb59Zx5jTAB+g
Subject: [scim] Clarification on body request for DELETE
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 16:04:36 -0000

--f46d043c7f1a36fbdf04d8ea30b7
Content-Type: text/plain; charset=ISO-8859-1

The spec for PUT says "3.3.1...  Unless otherwise specified a successful
PUT operation returns a 200 OK response code and the entire Resource within
the response body"
For POST: "3.1...  the response body MUST contain the newly created
Resource."
For DELETES it says " 3.4.  Deleting Resources

Consumers request Resource removal via DELETE. Service Providers MAY choose
not to permanently delete the Resource, but MUST return a 404 error code
for all operations associated with the previously deleted Id. Service
Providers MUST also omit the Resource from future query results. In
addition the Service Provider MUST not consider the deleted resource in
conflict calculation. For example if a User resource is deleted, a CREATE
request for a User resource with the same userName as the previously
deleted resource should not fail with a 409 error due to userName conflict.
"

My question is, what (if anything at all) should be returned in the
response body as a result of a successful DELETE operation.

Thanks,
Alex Santos
*
*

--f46d043c7f1a36fbdf04d8ea30b7
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">The spec for PUT says &quot;3.3.1...=A0<span style=3D"colo=
r:rgb(0,0,0);font-family:verdana,charcoal,helvetica,arial,sans-serif">=A0Un=
less otherwise specified a successful PUT operation returns a 200 OK respon=
se code and the entire Resource within the response body&quot;</span><div>

<font color=3D"#000000" face=3D"verdana, charcoal, helvetica, arial, sans-s=
erif">For POST: &quot;3.1...=A0</font><span style=3D"color:rgb(0,0,0);font-=
family:verdana,charcoal,helvetica,arial,sans-serif">=A0the response body MU=
ST contain the newly created Resource.&quot;</span></div>

<div><font color=3D"#000000" face=3D"verdana, charcoal, helvetica, arial, s=
ans-serif">For DELETES it says &quot;</font><h3 style=3D"font-family:helvet=
ica,monaco,&#39;MS Sans Serif&#39;,arial,sans-serif;color:rgb(51,51,51);bac=
kground-color:transparent">

3.4.=A0 Deleting Resources</h3><p style=3D"margin-left:2em;margin-right:2em=
;color:rgb(0,0,0);font-family:verdana,charcoal,helvetica,arial,sans-serif">=
Consumers request Resource removal via DELETE. Service Providers MAY choose=
 not to permanently delete the Resource, but MUST return a 404 error code f=
or all operations associated with the previously deleted Id. Service Provid=
ers MUST also omit the Resource from future query results. In addition the =
Service Provider MUST not consider the deleted resource in conflict calcula=
tion. For example if a User resource is deleted, a CREATE request for a Use=
r resource with the same userName as the previously deleted resource should=
 not fail with a 409 error due to userName conflict.</p>

<div>&quot;</div><div><br></div><div style>My question is, what (if anythin=
g at all) should be returned in the response body as a result of a successf=
ul DELETE operation.</div><div><br></div><div style>Thanks,</div><div>
Alex Santos<br>
<div><span style=3D"background-color:rgb(255,255,255)"><b style=3D"font-fam=
ily:arial,sans-serif;font-size:13px"><span style=3D"font-family:&#39;Lucida=
 Grande&#39;,Tahoma,Arial,Verdana,sans-serif;font-size:12px;color:rgb(42,42=
,42)"><font face=3D"Arial" style=3D"font-size:11px"><table cellpadding=3D"0=
" cellspacing=3D"0">

<tbody><tr valign=3D"top"><td nowrap style=3D"margin:0px;font-family:arial,=
sans-serif"><br></td></tr></tbody></table></font></span></b></span></div>
</div></div></div>

--f46d043c7f1a36fbdf04d8ea30b7--

From kelly.grizzle@sailpoint.com  Wed Mar 27 11:10:45 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AF5721F9289 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 11:10:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level: 
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oF3VAU-8Oa7K for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 11:10:43 -0700 (PDT)
Received: from db8outboundpool.messaging.microsoft.com (mail-db8lp0184.outbound.messaging.microsoft.com [213.199.154.184]) by ietfa.amsl.com (Postfix) with ESMTP id 9749921F9258 for <scim@ietf.org>; Wed, 27 Mar 2013 11:10:39 -0700 (PDT)
Received: from mail135-db8-R.bigfish.com (10.174.8.234) by DB8EHSOBE017.bigfish.com (10.174.4.80) with Microsoft SMTP Server id 14.1.225.23; Wed, 27 Mar 2013 18:10:35 +0000
Received: from mail135-db8 (localhost [127.0.0.1])	by mail135-db8-R.bigfish.com (Postfix) with ESMTP id F2BBA18012B; Wed, 27 Mar 2013 18:10:34 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT001.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -22
X-BigFish: PS-22(zz9371Ic85fh4015Izz1f42h1fc6h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL17326ah18c673h8275bh8275dhz31h2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1bceh1155h)
Received-SPF: softfail (mail135-db8: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT001.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail135-db8 (localhost.localdomain [127.0.0.1]) by mail135-db8 (MessageSwitch) id 1364407832800872_18459; Wed, 27 Mar 2013 18:10:32 +0000 (UTC)
Received: from DB8EHSMHS015.bigfish.com (unknown [10.174.8.241])	by mail135-db8.bigfish.com (Postfix) with ESMTP id BD9176004A; Wed, 27 Mar 2013 18:10:32 +0000 (UTC)
Received: from BLUPRD0412HT001.namprd04.prod.outlook.com (132.245.1.133) by DB8EHSMHS015.bigfish.com (10.174.4.25) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 27 Mar 2013 18:10:31 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.165]) by BLUPRD0412HT001.namprd04.prod.outlook.com ([10.255.214.162]) with mapi id 14.16.0275.006; Wed, 27 Mar 2013 18:10:28 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Alexandre Santos <asantos@pingidentity.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] Clarification on body request for DELETE
Thread-Index: AQHOKwTvu+Y5Y4yD5EuVkmnqyAXIcZi51gWQ
Date: Wed, 27 Mar 2013 18:10:28 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAPx6tN7x1MS+W=rbXF1c9p2qepJN3pco+h6MQYXmGHJakF+3Vw@mail.gmail.com>
In-Reply-To: <CAPx6tN7x1MS+W=rbXF1c9p2qepJN3pco+h6MQYXmGHJakF+3Vw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 12E289DA003FD812E28B27
x-originating-ip: [173.226.147.242]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3BLUPRD0412MB643_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Subject: Re: [scim] Clarification on body request for DELETE
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 18:10:45 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3BLUPRD0412MB643_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

The SCIM API spec is not entirely clear here.  According to RFC 2616, the D=
ELETE operation should work like this:

   A successful response SHOULD be 200 (OK) if the response includes an
   entity describing the status, 202 (Accepted) if the action has not
   yet been enacted, or 204 (No Content) if the action has been enacted
   but the response does not include an entity.

I can't think of anything interesting for SCIM to return in a response body=
, so my vote would either be a 200 with an empty response (or just a messag=
e) or a 204 with no response body.  Perhaps we should open an issue to clar=
ify this.  Thoughts?

--Kelly

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Ale=
xandre Santos
Sent: Wednesday, March 27, 2013 11:04 AM
To: scim@ietf.org
Subject: [scim] Clarification on body request for DELETE

The spec for PUT says "3.3.1...  Unless otherwise specified a successful PU=
T operation returns a 200 OK response code and the entire Resource within t=
he response body"
For POST: "3.1...  the response body MUST contain the newly created Resourc=
e."
For DELETES it says "
3.4.  Deleting Resources

Consumers request Resource removal via DELETE. Service Providers MAY choose=
 not to permanently delete the Resource, but MUST return a 404 error code f=
or all operations associated with the previously deleted Id. Service Provid=
ers MUST also omit the Resource from future query results. In addition the =
Service Provider MUST not consider the deleted resource in conflict calcula=
tion. For example if a User resource is deleted, a CREATE request for a Use=
r resource with the same userName as the previously deleted resource should=
 not fail with a 409 error due to userName conflict.
"

My question is, what (if anything at all) should be returned in the respons=
e body as a result of a successful DELETE operation.

Thanks,
Alex Santos



--_000_56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3BLUPRD0412MB643_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Verdana;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
h3
	{mso-style-priority:9;
	mso-style-link:"Heading 3 Char";
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:13.5pt;
	font-family:"Times New Roman","serif";
	font-weight:bold;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p
	{mso-style-priority:99;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
pre
	{mso-style-priority:99;
	mso-style-link:"HTML Preformatted Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.0pt;
	font-family:"Courier New";}
span.Heading3Char
	{mso-style-name:"Heading 3 Char";
	mso-style-priority:9;
	mso-style-link:"Heading 3";
	font-family:"Cambria","serif";
	color:#4F81BD;
	font-weight:bold;}
span.EmailStyle19
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.HTMLPreformattedChar
	{mso-style-name:"HTML Preformatted Char";
	mso-style-priority:99;
	mso-style-link:"HTML Preformatted";
	font-family:"Courier New";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">The SCIM API spec is not =
entirely clear here.&nbsp; According to RFC 2616, the DELETE operation shou=
ld work like this:<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; A successful response SHOULD be 2=
00 (OK) if the response includes an<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; entity describing the status, 202=
 (Accepted) if the action has not<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; yet been enacted, or 204 (No Cont=
ent) if the action has been enacted<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; but the response does not include=
 an entity.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I can&#8217;t think of an=
ything interesting for SCIM to return in a response body, so my vote would =
either be a 200 with an empty response (or just a message) or
 a 204 with no response body.&nbsp; Perhaps we should open an issue to clar=
ify this.&nbsp; Thoughts?<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly
<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> scim-bou=
nces@ietf.org [mailto:scim-bounces@ietf.org]
<b>On Behalf Of </b>Alexandre Santos<br>
<b>Sent:</b> Wednesday, March 27, 2013 11:04 AM<br>
<b>To:</b> scim@ietf.org<br>
<b>Subject:</b> [scim] Clarification on body request for DELETE<o:p></o:p><=
/span></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<p class=3D"MsoNormal">The spec for PUT says &quot;3.3.1...&nbsp;<span styl=
e=3D"font-family:&quot;Verdana&quot;,&quot;sans-serif&quot;;color:black">&n=
bsp;Unless otherwise specified a successful PUT operation returns a 200 OK =
response code and the entire Resource within the response body&quot;</span>=
<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Verdana&quot;,&quot=
;sans-serif&quot;;color:black">For POST: &quot;3.1...&nbsp;&nbsp;the respon=
se body MUST contain the newly created Resource.&quot;</span><o:p></o:p></p=
>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Verdana&quot;,&quot=
;sans-serif&quot;;color:black">For DELETES it says &quot;</span><o:p></o:p>=
</p>
<h3><span style=3D"font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;=
;color:#333333">3.4.&nbsp; Deleting Resources<o:p></o:p></span></h3>
<p style=3D"mso-margin-top-alt:5.0pt;margin-right:24.0pt;margin-bottom:5.0p=
t;margin-left:24.0pt">
<span style=3D"font-family:&quot;Verdana&quot;,&quot;sans-serif&quot;;color=
:black">Consumers request Resource removal via DELETE. Service Providers MA=
Y choose not to permanently delete the Resource, but MUST return a 404 erro=
r code for all operations associated with the previously
 deleted Id. Service Providers MUST also omit the Resource from future quer=
y results. In addition the Service Provider MUST not consider the deleted r=
esource in conflict calculation. For example if a User resource is deleted,=
 a CREATE request for a User resource
 with the same userName as the previously deleted resource should not fail =
with a 409 error due to userName conflict.<o:p></o:p></span></p>
<div>
<p class=3D"MsoNormal">&quot;<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">My question is, what (if anything at all) should be =
returned in the response body as a result of a successful DELETE operation.=
<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">Thanks,<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal">Alex Santos<o:p></o:p></p>
<div>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding:0in 0in 0in 0in"></td>
</tr>
</tbody>
</table>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
</div>
</div>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3BLUPRD0412MB643_--

From phil.hunt@oracle.com  Wed Mar 27 14:49:00 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7936F21F89A5 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 14:49:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level: 
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XW5zU7QZUGKw for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 14:48:59 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id 49CD121F8994 for <scim@ietf.org>; Wed, 27 Mar 2013 14:48:59 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2RLmvJ6013148 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 27 Mar 2013 21:48:58 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2RLmtqH016495 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 27 Mar 2013 21:48:57 GMT
Received: from abhmt102.oracle.com (abhmt102.oracle.com [141.146.116.54]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2RLmtjN021747; Wed, 27 Mar 2013 16:48:55 -0500
Received: from [192.168.1.14] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 27 Mar 2013 14:48:55 -0700
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_3B3ED4DE-A92A-4DC4-8BD4-63672DB80BB1"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3@BLUPRD0412MB643.namprd04.prod.outlook.com>
Date: Wed, 27 Mar 2013 14:48:51 -0700
Message-Id: <FAFB4AAB-09FA-41BB-9824-F59851C5B0FE@oracle.com>
References: <CAPx6tN7x1MS+W=rbXF1c9p2qepJN3pco+h6MQYXmGHJakF+3Vw@mail.gmail.com> <56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3@BLUPRD0412MB643.namprd04.prod.outlook.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
X-Mailer: Apple Mail (2.1283)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Cc: "scim@ietf.org" <scim@ietf.org>, Alexandre Santos <asantos@pingidentity.com>
Subject: Re: [scim] Clarification on body request for DELETE
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 21:49:00 -0000

--Apple-Mail=_3B3ED4DE-A92A-4DC4-8BD4-63672DB80BB1
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

We've been discussing that 202 should generally be interpreted as, =
transaction is syntactically valid but pending completion (e.g. an =
approval workflow). It seems there is a need to do this with all SCIM =
operations.

Successful immediate completion would be status 200 or potentially 204.  =
Is there any reason for a SP to indicate for example that an entity =
wasn't actually deleted, but rather suspended (e.g. because the SP has a =
tombstone feature to preserve UUIDs)?

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2013-03-27, at 11:10 AM, Kelly Grizzle wrote:

> The SCIM API spec is not entirely clear here.  According to RFC 2616, =
the DELETE operation should work like this:
> =20
>    A successful response SHOULD be 200 (OK) if the response includes =
an
>    entity describing the status, 202 (Accepted) if the action has not
>    yet been enacted, or 204 (No Content) if the action has been =
enacted
>    but the response does not include an entity.
> =20
> I can=92t think of anything interesting for SCIM to return in a =
response body, so my vote would either be a 200 with an empty response =
(or just a message) or a 204 with no response body.  Perhaps we should =
open an issue to clarify this.  Thoughts?
> =20
> --Kelly
> =20
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Alexandre Santos
> Sent: Wednesday, March 27, 2013 11:04 AM
> To: scim@ietf.org
> Subject: [scim] Clarification on body request for DELETE
> =20
> The spec for PUT says "3.3.1...  Unless otherwise specified a =
successful PUT operation returns a 200 OK response code and the entire =
Resource within the response body"
> For POST: "3.1...  the response body MUST contain the newly created =
Resource."
> For DELETES it says "
> 3.4.  Deleting Resources
>=20
> Consumers request Resource removal via DELETE. Service Providers MAY =
choose not to permanently delete the Resource, but MUST return a 404 =
error code for all operations associated with the previously deleted Id. =
Service Providers MUST also omit the Resource from future query results. =
In addition the Service Provider MUST not consider the deleted resource =
in conflict calculation. For example if a User resource is deleted, a =
CREATE request for a User resource with the same userName as the =
previously deleted resource should not fail with a 409 error due to =
userName conflict.
> "
> =20
> My question is, what (if anything at all) should be returned in the =
response body as a result of a successful DELETE operation.
> =20
> Thanks,
> Alex Santos
> =20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_3B3ED4DE-A92A-4DC4-8BD4-63672DB80BB1
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">We've =
been discussing that 202 should generally be interpreted as, transaction =
is syntactically valid but pending completion (e.g. an approval =
workflow). It seems there is a need to do this with all SCIM =
operations.<div><br></div><div>Successful immediate completion would be =
status 200 or potentially 204. &nbsp;Is there any reason for a SP to =
indicate for example that an entity wasn't actually deleted, but rather =
suspended (e.g. because the SP has a tombstone feature to preserve =
UUIDs)?</div><div><br></div><div><div apple-content-edited=3D"true">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>Phil</div><div><br></div><div>@independentid</div><div><a=
 =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2013-03-27, at 11:10 AM, Kelly Grizzle wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
font-family: Helvetica; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: =
none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div =
lang=3D"EN-US" link=3D"blue" vlink=3D"purple"><div class=3D"WordSection1" =
style=3D"page: WordSection1; "><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">The SCIM API spec is not entirely clear here.&nbsp; =
According to RFC 2616, the DELETE operation should work like =
this:<o:p></o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; A successful response SHOULD be 200 (OK) if =
the response includes an<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; entity describing the status, 202 =
(Accepted) if the action has not<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; yet been enacted, or 204 (No Content) if =
the action has been enacted<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; but the response does not include an =
entity.<o:p></o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); ">I can=92t think of anything =
interesting for SCIM to return in a response body, so my vote would =
either be a 200 with an empty response (or just a message) or a 204 with =
no response body.&nbsp; Perhaps we should open an issue to clarify =
this.&nbsp; Thoughts?<o:p></o:p></span></div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); =
">--Kelly<o:p></o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><b><span style=3D"font-size: 10pt; font-family: Tahoma, =
sans-serif; ">From:</span></b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; "><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> =
[mailto:scim-bounces@ietf.org]<span =
class=3D"Apple-converted-space">&nbsp;</span><b>On Behalf Of<span =
class=3D"Apple-converted-space">&nbsp;</span></b>Alexandre =
Santos<br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Wednesday, March 27, 2013 =
11:04 AM<br><b>To:</b><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>[scim] Clarification on =
body request for DELETE<o:p></o:p></span></div><div style=3D"margin-right:=
 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
"><o:p>&nbsp;</o:p></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; ">The spec for PUT says =
"3.3.1...&nbsp;<span style=3D"font-family: Verdana, sans-serif; color: =
black; ">&nbsp;Unless otherwise specified a successful PUT operation =
returns a 200 OK response code and the entire Resource within the =
response body"</span><o:p></o:p></div><div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-family: Verdana, sans-serif; color: black; ">For POST: =
"3.1...&nbsp;&nbsp;the response body MUST contain the newly created =
Resource."</span><o:p></o:p></div></div><div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-family: Verdana, sans-serif; color: black; ">For DELETES =
it says "</span><o:p></o:p></div><h3 style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 13.5pt; font-family: 'Times New Roman', =
serif; font-weight: bold; "><span style=3D"font-family: Helvetica, =
sans-serif; color: rgb(51, 51, 51); ">3.4.&nbsp; Deleting =
Resources<o:p></o:p></span></h3><p style=3D"margin-right: 24pt; =
margin-left: 24pt; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-bottom: 5pt; "><span style=3D"font-family: Verdana, =
sans-serif; color: black; ">Consumers request Resource removal via =
DELETE. Service Providers MAY choose not to permanently delete the =
Resource, but MUST return a 404 error code for all operations associated =
with the previously deleted Id. Service Providers MUST also omit the =
Resource from future query results. In addition the Service Provider =
MUST not consider the deleted resource in conflict calculation. For =
example if a User resource is deleted, a CREATE request for a User =
resource with the same userName as the previously deleted resource =
should not fail with a 409 error due to userName =
conflict.<o:p></o:p></span></p><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
">"<o:p></o:p></div></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
"><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; ">My question is, what =
(if anything at all) should be returned in the response body as a result =
of a successful DELETE operation.<o:p></o:p></div></div><div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
">Thanks,<o:p></o:p></div></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; ">Alex =
Santos<o:p></o:p></div><div><table class=3D"MsoNormalTable" border=3D"0" =
cellspacing=3D"0" cellpadding=3D"0"><tbody><tr><td nowrap=3D"" =
valign=3D"top" style=3D"padding-top: 0in; padding-right: 0in; =
padding-bottom: 0in; padding-left: 0in; "></td></tr></tbody></table><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; =
"><o:p>&nbsp;</o:p></div></div></div></div></div></div>___________________=
____________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim</div></span></blockquote></div><br></div></body></html=
>=

--Apple-Mail=_3B3ED4DE-A92A-4DC4-8BD4-63672DB80BB1--

From asantos@pingidentity.com  Wed Mar 27 16:01:34 2013
Return-Path: <asantos@pingidentity.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37C2621F89DE for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:01:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.976
X-Spam-Level: 
X-Spam-Status: No, score=-5.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id px5yzInuszkg for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:01:33 -0700 (PDT)
Received: from na3sys009aog129.obsmtp.com (na3sys009aog129.obsmtp.com [74.125.149.142]) by ietfa.amsl.com (Postfix) with ESMTP id 6650121F8FC6 for <scim@ietf.org>; Wed, 27 Mar 2013 16:01:28 -0700 (PDT)
Received: from mail-wi0-f197.google.com ([209.85.212.197]) (using TLSv1) by na3sys009aob129.postini.com ([74.125.148.12]) with SMTP ID DSNKUVN6QotmLq/dRGLtTF7/oDVXiELu8gtl@postini.com; Wed, 27 Mar 2013 16:01:28 PDT
Received: by mail-wi0-f197.google.com with SMTP id hn17so3743684wib.8 for <scim@ietf.org>; Wed, 27 Mar 2013 16:01:21 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:x-received:mime-version:from:date:message-id:subject:to :content-type:x-gm-message-state; bh=8+dQ9lReKEioI9bIlg943Ytz05JpZqASVbYpCSqiYRw=; b=ZPnhWLALWjhsgcDn5nCFTz0iFLAimNnMrFqEbOU9JW8+AifkJizX/AJEebjdliFr4W lKjtk3W1Z5AI3VTGB2tx+2Kg5eXSOUWsoXSjfmBuFkht5xLfJql40Eog3CCVQYCmwg93 lZrEaJ/HqQkmg6+ilAf/lv/FJhb3i3VfjF0wIWrWlPZaAY9FI64+9RMHfOq7wmx/3MKx HJMk8IEH3r1TU2M1D4mzvc4u/+wsRxFxCcP/b+8ZUcX58ofwZdw30m+F8IDSdf5ATa2m 3EC3LLXHZt50oZjWdY7ccB5ttUsNFmKkP5FQjmW2aMjBTf2G/hYSq1D4glPDE24oMCJ6 e3cA==
X-Received: by 10.180.77.226 with SMTP id v2mr12539677wiw.33.1364425281662; Wed, 27 Mar 2013 16:01:21 -0700 (PDT)
X-Received: by 10.180.77.226 with SMTP id v2mr12539669wiw.33.1364425281561; Wed, 27 Mar 2013 16:01:21 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.152.226 with HTTP; Wed, 27 Mar 2013 16:01:01 -0700 (PDT)
From: Alexandre Santos <asantos@pingidentity.com>
Date: Wed, 27 Mar 2013 16:01:01 -0700
Message-ID: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary=f46d043c7f1a3afe9404d8f00437
X-Gm-Message-State: ALoCoQkNq8isU6veJtfcj0C9nzWk/cyEUpTHPbih5WZwabLQdeqW4pkfWuVIGAk1ZpVKEL5GpSxm3x6PxyF3qUmx1Y1nYeEIbp44uZDHuEKd617geiNsHyJ7+zT6fb5tYS8WrpQouAxx
Subject: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 23:01:34 -0000

--f46d043c7f1a3afe9404d8f00437
Content-Type: text/plain; charset=ISO-8859-1

For groups with many users (>10k) it becomes problematic to do POSTs or
PUTs. The only alternative would be PATCH. However PATCH is not mandatory.

For this reason we would like to request your input for the following
proposal: allow membership changes via PUT and DELETE.

For this the PUT and DELETE commands would be in the format:
PUT /Groups/<groupId>/user/<userId> - to add a user to a group
DELETE /Groups/<groupId>/user/<userId> - to remove the user from the group

Thank you,

*Alexandre Santos*  | Sr. Development Engineer
*Ping**Identity*  |   www.pingidentity.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
*O:* 604.697.7056
*Email:* asantos@pingidentity.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
*Connect with Ping*
Twitter: @pingidentity
LinkedIn Group: Ping's Identity Cloud
Facebook.com/pingidentitypage
*
*

--f46d043c7f1a3afe9404d8f00437
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div style>For groups with many users (&gt;10k) it becomes=
 problematic to do POSTs or PUTs. The only alternative would be PATCH. Howe=
ver PATCH is not mandatory.</div><div style><br></div><div style>For this r=
eason we would like to request your input for the following proposal: allow=
 membership changes via PUT and DELETE.</div>

<div style><br></div><div style>For this the PUT and DELETE commands would =
be in the format:</div><div style>PUT /Groups/&lt;groupId&gt;/user/&lt;user=
Id&gt; - to add a user to a group</div><div style>DELETE /Groups/&lt;groupI=
d&gt;/user/&lt;userId&gt; - to remove the user from the group</div>

<div><br></div>Thank you,<div><br clear=3D"all"><div><span style=3D"font-fa=
mily:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><fo=
nt color=3D"#343634" face=3D"Tahoma" style=3D"color:rgb(52,54,52);font-size=
:12px"><b><span>Alexandre Santos</span></b>=A0=A0| Sr. Development Engineer=
</font><br>

<font face=3D"Arial" style=3D"font-size:11px"><font color=3D"#343634" face=
=3D"Tahoma"><b>Ping</b></font><font color=3D"#e71939" face=3D"Tahoma"><b>Id=
entity</b></font>=A0=A0|=A0=A0=A0<a href=3D"http://www.pingidentity.com/" s=
tyle=3D"color:rgb(0,0,204)" target=3D"_blank">www.pingidentity.com</a><br>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -<br><font color=3D"#005568"><b>O:</b></font>=A0</font></span><span styl=
e=3D"background-color:rgb(255,255,255)"><font face=3D"Arial"><font color=3D=
"#343634"><span style=3D"font-size:11px">604.697.7056</span></font><br>

<font color=3D"#005568" style=3D"font-family:arial,sans-serif;font-size:11p=
x"><b>Email:</b></font><font face=3D"arial, sans-serif"><span style=3D"font=
-size:11px">=A0</span></font><span style=3D"font-family:arial,sans-serif;fo=
nt-size:11px"><a href=3D"mailto:asantos@pingidentity.com" style=3D"color:rg=
b(0,0,204)" target=3D"_blank">asantos@pingidentity.com</a></span><br>

<font face=3D"arial, sans-serif"><span style=3D"font-size:11px">- - - - - -=
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -</span>=
</font><br><table cellpadding=3D"0" cellspacing=3D"0" style=3D"font-family:=
arial,sans-serif;font-size:11px">

<tbody><tr valign=3D"top"><td nowrap style=3D"margin-top:0px;margin-right:0=
px;margin-bottom:0px;margin-left:0px;font-family:arial,sans-serif"><div sty=
le=3D"float:left"><font face=3D"Arial" style=3D"font-size:11px"><font color=
=3D"#005568"><b>Connect with Ping</b></font><br>

<font color=3D"#000000">Twitter: @pingidentity</font><br><font color=3D"#00=
0000">LinkedIn Group: Ping&#39;s Identity Cloud</font>=A0=A0 =A0<br><font c=
olor=3D"#000000">Facebook.com/pingidentitypage</font></font></div></td></tr=
></tbody></table>

</font><b style=3D"font-family:arial,sans-serif;font-size:13px"><span style=
=3D"font-family:&#39;Lucida Grande&#39;,Tahoma,Arial,Verdana,sans-serif;fon=
t-size:12px;color:rgb(42,42,42)"><font face=3D"Arial" style=3D"font-size:11=
px"><table cellpadding=3D"0" cellspacing=3D"0">

<tbody><tr valign=3D"top"><td nowrap style=3D"margin-top:0px;margin-right:0=
px;margin-bottom:0px;margin-left:0px;font-family:arial,sans-serif"><br></td=
></tr></tbody></table></font></span></b></span></div>
</div></div>

--f46d043c7f1a3afe9404d8f00437--

From tonynad@microsoft.com  Wed Mar 27 16:47:03 2013
Return-Path: <tonynad@microsoft.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8273321F8FE9 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:47:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.534
X-Spam-Level: 
X-Spam-Status: No, score=0.534 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c2oOKVKi6ZWA for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:47:02 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0242.outbound.protection.outlook.com [207.46.163.242]) by ietfa.amsl.com (Postfix) with ESMTP id BB27921F8FDF for <scim@ietf.org>; Wed, 27 Mar 2013 16:47:01 -0700 (PDT)
Received: from BN1BFFO11FD003.protection.gbl (10.58.52.204) by BN1BFFO11HUB009.protection.gbl (10.58.53.119) with Microsoft SMTP Server (TLS) id 15.0.651.3; Wed, 27 Mar 2013 23:46:58 +0000
Received: from TK5EX14HUBC104.redmond.corp.microsoft.com (131.107.125.37) by BN1BFFO11FD003.mail.protection.outlook.com (10.58.53.63) with Microsoft SMTP Server (TLS) id 15.0.651.3 via Frontend Transport; Wed, 27 Mar 2013 23:46:58 +0000
Received: from DB8EHSOBE030.bigfish.com (157.54.51.112) by mail.microsoft.com (157.54.80.25) with Microsoft SMTP Server (TLS) id 14.2.318.3; Wed, 27 Mar 2013 23:46:52 +0000
Received: from mail220-db8-R.bigfish.com (10.174.8.225) by DB8EHSOBE030.bigfish.com (10.174.4.93) with Microsoft SMTP Server id 14.1.225.23; Wed, 27 Mar 2013 23:46:50 +0000
Received: from mail220-db8 (localhost [127.0.0.1])	by mail220-db8-R.bigfish.com (Postfix) with ESMTP id 20CE832011D	for <scim@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Wed, 27 Mar 2013 23:46:50 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT001.namprd03.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: -15
X-BigFish: PS-15(zz9371Ic85fh62a3Idb82hzz1f42h1fc6h1ee6h1de0h1202h1e76h1d1ah1d2ah1082kzz1033IL17326ah18c673h18602eh8275bh8275dhz31h2a8h668h839hd24hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h1ad9h1b0ah1bceh17ej9a9j1155h)
Received-SPF: softfail (mail220-db8: transitioning domain of microsoft.com does not designate 157.56.240.21 as permitted sender) client-ip=157.56.240.21; envelope-from=tonynad@microsoft.com; helo=BL2PRD0310HT001.namprd03.prod.outlook.com ; .outlook.com ; 
X-Forefront-Antispam-Report-Untrusted: SFV:SKI; SFS:; DIR:OUT; SFP:; SCL:-1; SRVR:BY2PR03MB043; H:BY2PR03MB041.namprd03.prod.outlook.com; LANG:en; 
Received: from mail220-db8 (localhost.localdomain [127.0.0.1]) by mail220-db8 (MessageSwitch) id 1364428009121882_12222; Wed, 27 Mar 2013 23:46:49 +0000 (UTC)
Received: from DB8EHSMHS022.bigfish.com (unknown [10.174.8.229])	by mail220-db8.bigfish.com (Postfix) with ESMTP id 1AF2420045; Wed, 27 Mar 2013 23:46:49 +0000 (UTC)
Received: from BL2PRD0310HT001.namprd03.prod.outlook.com (157.56.240.21) by DB8EHSMHS022.bigfish.com (10.174.4.32) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 27 Mar 2013 23:46:48 +0000
Received: from BY2PR03MB043.namprd03.prod.outlook.com (10.255.241.147) by BL2PRD0310HT001.namprd03.prod.outlook.com (10.255.97.36) with Microsoft SMTP Server (TLS) id 14.16.287.3; Wed, 27 Mar 2013 23:46:46 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com (10.255.241.145) by BY2PR03MB043.namprd03.prod.outlook.com (10.255.241.147) with Microsoft SMTP Server (TLS) id 15.0.651.13; Wed, 27 Mar 2013 23:46:43 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.206]) by BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.155]) with mapi id 15.00.0651.000; Wed, 27 Mar 2013 23:46:43 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: Alexandre Santos <asantos@pingidentity.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] Request for Input
Thread-Index: AQHOKz9DMr3AuFO2FUyvr+9JFswjWJi6M9Mw
Date: Wed, 27 Mar 2013 23:46:43 +0000
Message-ID: <69ca6b0e2eaf48b1aebf7c5c11f53b32@BY2PR03MB041.namprd03.prod.outlook.com>
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com>
In-Reply-To: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [2001:4898:2a:2:c141:44ab:5800:b985]
Content-Type: multipart/alternative; boundary="_000_69ca6b0e2eaf48b1aebf7c5c11f53b32BY2PR03MB041namprd03pro_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BY2PR03MB043.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%PINGIDENTITY.COM$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC104.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC104.redmond.corp.microsoft.com
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454001)(189002)(199002)(252514003)(69226001)(56776001)(51856001)(79102001)(46102001)(76482001)(63696002)(20776003)(71186001)(5343635001)(5343655001)(16236675001)(65816001)(54356001)(80022001)(53806001)(59766001)(77982001)(54316002)(6806001)(81342001)(56816002)(15974865001)(512954001)(49866001)(47736001)(47976001)(47446002)(50986001)(15202345001)(74502001)(74662001)(31966008)(561944001)(16676001)(4396001)(33646001)(42262001)(3826001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:BN1BFFO11HUB009; H:TK5EX14HUBC104.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en; 
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0798146F16
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 23:47:03 -0000

--_000_69ca6b0e2eaf48b1aebf7c5c11f53b32BY2PR03MB041namprd03pro_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

What do you mean by "membership changes" below ?

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Ale=
xandre Santos
Sent: Wednesday, March 27, 2013 4:01 PM
To: scim@ietf.org
Subject: [scim] Request for Input

For groups with many users (>10k) it becomes problematic to do POSTs or PUT=
s. The only alternative would be PATCH. However PATCH is not mandatory.

For this reason we would like to request your input for the following propo=
sal: allow membership changes via PUT and DELETE.

For this the PUT and DELETE commands would be in the format:
PUT /Groups/<groupId>/user/<userId> - to add a user to a group
DELETE /Groups/<groupId>/user/<userId> - to remove the user from the group

Thank you,

Alexandre Santos  | Sr. Development Engineer
PingIdentity  |   www.pingidentity.com<http://www.pingidentity.com/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -
O: 604.697.7056
Email: asantos@pingidentity.com<mailto:asantos@pingidentity.com>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -
Connect with Ping
Twitter: @pingidentity
LinkedIn Group: Ping's Identity Cloud
Facebook.com/pingidentitypage





--_000_69ca6b0e2eaf48b1aebf7c5c11f53b32BY2PR03MB041namprd03pro_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">What do you mean by &#822=
0;membership changes&#8221; below ?<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-=
size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"> scim-b=
ounces@ietf.org [mailto:scim-bounces@ietf.org]
<b>On Behalf Of </b>Alexandre Santos<br>
<b>Sent:</b> Wednesday, March 27, 2013 4:01 PM<br>
<b>To:</b> scim@ietf.org<br>
<b>Subject:</b> [scim] Request for Input<o:p></o:p></span></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal">For groups with many users (&gt;10k) it becomes prob=
lematic to do POSTs or PUTs. The only alternative would be PATCH. However P=
ATCH is not mandatory.<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">For this reason we would like to request your input =
for the following proposal: allow membership changes via PUT and DELETE.<o:=
p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">For this the PUT and DELETE commands would be in the=
 format:<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal">PUT /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to=
 add a user to a group<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal">DELETE /Groups/&lt;groupId&gt;/user/&lt;userId&gt; -=
 to remove the user from the group<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<p class=3D"MsoNormal">Thank you,<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><br clear=3D"all">
<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:9.0pt;font-family:&quot;=
Tahoma&quot;,&quot;sans-serif&quot;;color:#343634;background:white">Alexand=
re Santos</span></b><span style=3D"font-size:9.0pt;font-family:&quot;Tahoma=
&quot;,&quot;sans-serif&quot;;color:#343634;background:white">&nbsp;&nbsp;|=
 Sr. Development
 Engineer</span><span style=3D"font-size:10.0pt;font-family:&quot;Arial&quo=
t;,&quot;sans-serif&quot;;background:white"><br>
</span><b><span style=3D"font-size:8.5pt;font-family:&quot;Tahoma&quot;,&qu=
ot;sans-serif&quot;;color:#343634;background:white">Ping</span></b><b><span=
 style=3D"font-size:8.5pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&q=
uot;;color:#E71939;background:white">Identity</span></b><span style=3D"font=
-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;background=
:white">&nbsp;&nbsp;|&nbsp;&nbsp;&nbsp;<a href=3D"http://www.pingidentity.c=
om/" target=3D"_blank"><span style=3D"color:#0000CC">www.pingidentity.com</=
span></a><br>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -<br>
<b><span style=3D"color:#005568">O:</span></b>&nbsp;<span style=3D"color:#3=
43634">604.697.7056</span></span><span style=3D"font-family:&quot;Arial&quo=
t;,&quot;sans-serif&quot;;background:white"><br>
</span><b><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quo=
t;sans-serif&quot;;color:#005568;background:white">Email:</span></b><span s=
tyle=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot=
;;background:white">&nbsp;<a href=3D"mailto:asantos@pingidentity.com" targe=
t=3D"_blank"><span style=3D"color:#0000CC">asantos@pingidentity.com</span><=
/a></span><span style=3D"font-family:&quot;Arial&quot;,&quot;sans-serif&quo=
t;;background:white"><br>
</span><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;s=
ans-serif&quot;;background:white">- - - - - - - - - - - - - - - - - - - - -=
 - - - - - - - - - - - - - - - - - - -</span><span style=3D"font-family:&qu=
ot;Arial&quot;,&quot;sans-serif&quot;;background:white"><o:p></o:p></span><=
/p>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding:0in 0in 0in 0in">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:8.5pt;font-family:&quot;=
Arial&quot;,&quot;sans-serif&quot;;color:#005568">Connect with Ping</span><=
/b><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-=
serif&quot;"><br>
<span style=3D"color:black">Twitter: @pingidentity</span><br>
<span style=3D"color:black">LinkedIn Group: Ping's Identity Cloud</span>&nb=
sp;&nbsp; &nbsp;<br>
<span style=3D"color:black">Facebook.com/pingidentitypage</span><o:p></o:p>=
</span></p>
</div>
</td>
</tr>
</tbody>
</table>
<p class=3D"MsoNormal"><b><span style=3D"font-size:8.5pt;font-family:&quot;=
Arial&quot;,&quot;sans-serif&quot;;color:#2A2A2A;display:none;background:wh=
ite"><o:p>&nbsp;</o:p></span></b></p>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding:0in 0in 0in 0in"></td>
</tr>
</tbody>
</table>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
</div>
</div>
</body>
</html>

--_000_69ca6b0e2eaf48b1aebf7c5c11f53b32BY2PR03MB041namprd03pro_--

From asantos@pingidentity.com  Wed Mar 27 16:49:28 2013
Return-Path: <asantos@pingidentity.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6DF521F8FFB for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:49:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.976
X-Spam-Level: 
X-Spam-Status: No, score=-5.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CQKaoUOWf0iV for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:49:28 -0700 (PDT)
Received: from na3sys009aog108.obsmtp.com (na3sys009aog108.obsmtp.com [74.125.149.199]) by ietfa.amsl.com (Postfix) with ESMTP id 84D2C21F8FE6 for <scim@ietf.org>; Wed, 27 Mar 2013 16:49:27 -0700 (PDT)
Received: from mail-ea0-f198.google.com ([209.85.215.198]) (using TLSv1) by na3sys009aob108.postini.com ([74.125.148.12]) with SMTP ID DSNKUVOFh9YdfWFnAmNs7HtApB86CqAdSRek@postini.com; Wed, 27 Mar 2013 16:49:27 PDT
Received: by mail-ea0-f198.google.com with SMTP id h10so6903820eaj.9 for <scim@ietf.org>; Wed, 27 Mar 2013 16:49:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:x-received:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:x-gm-message-state; bh=0MgslDg/xtT47vzSN23MaEOmJIwev/ZYt/HC1/Te6TQ=; b=EZjX16Vw5W/TIhCOn/l2UBhcHxugzc28xiJVOqMyWTicvPi99FWXLiJ/tNAjpXhX7d +pWdGo6h6Qkg7nDvWKHlqJueqrncyS4gKg7m0ls8fvbZAjBDPyq+AnS0j8OvT7CU9c55 8cOwtByDWRx3EyfNvACn9Bi9nw1KQIK+/LgLJSmWTNMC+2VQT1GGAZBUhYtW8LZz4M/o kRBjbvzE6wGc++wFt7KtySMly2paEs0OKz/8FlFQoYkp9fRUfiGKPIe1UOUDFn8PqRy3 67fxUSeufRqxXzSWAPkptKPoopydMI0nKzKb+QbzmucBr+FY/KrnNCK4P0o3iqKeSfRb cylw==
X-Received: by 10.194.173.167 with SMTP id bl7mr34859542wjc.50.1364428166024;  Wed, 27 Mar 2013 16:49:26 -0700 (PDT)
X-Received: by 10.194.173.167 with SMTP id bl7mr34859536wjc.50.1364428165849;  Wed, 27 Mar 2013 16:49:25 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.152.226 with HTTP; Wed, 27 Mar 2013 16:49:05 -0700 (PDT)
In-Reply-To: <69ca6b0e2eaf48b1aebf7c5c11f53b32@BY2PR03MB041.namprd03.prod.outlook.com>
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com> <69ca6b0e2eaf48b1aebf7c5c11f53b32@BY2PR03MB041.namprd03.prod.outlook.com>
From: Alexandre Santos <asantos@pingidentity.com>
Date: Wed, 27 Mar 2013 16:49:05 -0700
Message-ID: <CAPx6tN4LzgadyDiHFNwEK7HfvRkP4K+G6_eNNmN-B78MYLmsNQ@mail.gmail.com>
To: Anthony Nadalin <tonynad@microsoft.com>
Content-Type: multipart/alternative; boundary=089e010d851025b95a04d8f0b026
X-Gm-Message-State: ALoCoQnpXLgLwG1qhF1xImnH0JhE5+SC1cHCP4jtWwCMpg3TAQPRn4XTenQklLJKdSMZyjQW6YkBPa5zg2raIuAFp4G3YNc8WujSollvGKzvQB1F8t1BTDhfQPH6eXCJ560z4d12Z2kj
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 23:49:29 -0000

--089e010d851025b95a04d8f0b026
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Adding and removing users to and from a group.

*Alexandre Santos*  | Sr. Development Engineer
*Ping**Identity*  |   www.pingidentity.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
*O:* 604.697.7056
*Email:* asantos@pingidentity.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
*Connect with Ping*
Twitter: @pingidentity
LinkedIn Group: Ping's Identity Cloud
Facebook.com/pingidentitypage
*
*


On Wed, Mar 27, 2013 at 4:46 PM, Anthony Nadalin <tonynad@microsoft.com>wro=
te:

>  What do you mean by =93membership changes=94 below ?****
>
> ** **
>
> *From:* scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] *On Behalf
> Of *Alexandre Santos
> *Sent:* Wednesday, March 27, 2013 4:01 PM
> *To:* scim@ietf.org
> *Subject:* [scim] Request for Input****
>
> ** **
>
> For groups with many users (>10k) it becomes problematic to do POSTs or
> PUTs. The only alternative would be PATCH. However PATCH is not mandatory=
.
> ****
>
> ** **
>
> For this reason we would like to request your input for the following
> proposal: allow membership changes via PUT and DELETE.****
>
> ** **
>
> For this the PUT and DELETE commands would be in the format:****
>
> PUT /Groups/<groupId>/user/<userId> - to add a user to a group****
>
> DELETE /Groups/<groupId>/user/<userId> - to remove the user from the grou=
p
> ****
>
> ** **
>
> Thank you,****
>
>
> ****
>
> *Alexandre Santos*  | Sr. Development Engineer
> *Ping**Identity*  |   www.pingidentity.com
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - -
> *O:* 604.697.7056
> *Email:* asantos@pingidentity.com
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - -****
>
> *Connect with Ping*
> Twitter: @pingidentity
> LinkedIn Group: Ping's Identity Cloud
> Facebook.com/pingidentitypage****
>
> * *
>
> ** **
>

--089e010d851025b95a04d8f0b026
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Adding and removing users to and from a group.</div><div c=
lass=3D"gmail_extra"><br clear=3D"all"><div><span style=3D"font-family:aria=
l,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><font color=
=3D"#343634" face=3D"Tahoma" style=3D"color:rgb(52,54,52);font-size:12px"><=
b><span>Alexandre Santos</span></b>=A0=A0| Sr. Development Engineer</font><=
br>

<font face=3D"Arial" style=3D"font-size:11px"><font color=3D"#343634" face=
=3D"Tahoma"><b>Ping</b></font><font color=3D"#e71939" face=3D"Tahoma"><b>Id=
entity</b></font>=A0=A0|=A0=A0=A0<a href=3D"http://www.pingidentity.com/" s=
tyle=3D"color:rgb(0,0,204)" target=3D"_blank">www.pingidentity.com</a><br>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -<br><font color=3D"#005568"><b>O:</b></font>=A0</font></span><span styl=
e=3D"background-color:rgb(255,255,255)"><font face=3D"Arial"><font color=3D=
"#343634"><span style=3D"font-size:11px">604.697.7056</span></font><br>

<font color=3D"#005568" style=3D"font-family:arial,sans-serif;font-size:11p=
x"><b>Email:</b></font><font face=3D"arial, sans-serif"><span style=3D"font=
-size:11px">=A0</span></font><span style=3D"font-family:arial,sans-serif;fo=
nt-size:11px"><a href=3D"mailto:asantos@pingidentity.com" style=3D"color:rg=
b(0,0,204)" target=3D"_blank">asantos@pingidentity.com</a></span><br>

<font face=3D"arial, sans-serif"><span style=3D"font-size:11px">- - - - - -=
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -</span>=
</font><br><table cellpadding=3D"0" cellspacing=3D"0" style=3D"font-family:=
arial,sans-serif;font-size:11px">

<tbody><tr valign=3D"top"><td nowrap style=3D"margin-top:0px;margin-right:0=
px;margin-bottom:0px;margin-left:0px;font-family:arial,sans-serif"><div sty=
le=3D"float:left"><font face=3D"Arial" style=3D"font-size:11px"><font color=
=3D"#005568"><b>Connect with Ping</b></font><br>

<font color=3D"#000000">Twitter: @pingidentity</font><br><font color=3D"#00=
0000">LinkedIn Group: Ping&#39;s Identity Cloud</font>=A0=A0 =A0<br><font c=
olor=3D"#000000">Facebook.com/pingidentitypage</font></font></div></td></tr=
></tbody></table>

</font><b style=3D"font-family:arial,sans-serif;font-size:13px"><span style=
=3D"font-family:&#39;Lucida Grande&#39;,Tahoma,Arial,Verdana,sans-serif;fon=
t-size:12px;color:rgb(42,42,42)"><font face=3D"Arial" style=3D"font-size:11=
px"><table cellpadding=3D"0" cellspacing=3D"0">

<tbody><tr valign=3D"top"><td nowrap style=3D"margin-top:0px;margin-right:0=
px;margin-bottom:0px;margin-left:0px;font-family:arial,sans-serif"><br></td=
></tr></tbody></table></font></span></b></span></div>
<br><br><div class=3D"gmail_quote">On Wed, Mar 27, 2013 at 4:46 PM, Anthony=
 Nadalin <span dir=3D"ltr">&lt;<a href=3D"mailto:tonynad@microsoft.com" tar=
get=3D"_blank">tonynad@microsoft.com</a>&gt;</span> wrote:<br><blockquote c=
lass=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;=
padding-left:1ex">







<div lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d">What do you mean by =93me=
mbership changes=94 below ?<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u>=A0<u></u></span><=
/p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:&quot=
;Calibri&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-=
size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;"> <a hre=
f=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim-bounces@ietf.org<=
/a> [mailto:<a href=3D"mailto:scim-bounces@ietf.org" target=3D"_blank">scim=
-bounces@ietf.org</a>]
<b>On Behalf Of </b>Alexandre Santos<br>
<b>Sent:</b> Wednesday, March 27, 2013 4:01 PM<br>
<b>To:</b> <a href=3D"mailto:scim@ietf.org" target=3D"_blank">scim@ietf.org=
</a><br>
<b>Subject:</b> [scim] Request for Input<u></u><u></u></span></p><div><div =
class=3D"h5">
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
<div>
<div>
<p class=3D"MsoNormal">For groups with many users (&gt;10k) it becomes prob=
lematic to do POSTs or PUTs. The only alternative would be PATCH. However P=
ATCH is not mandatory.<u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
</div>
<div>
<p class=3D"MsoNormal">For this reason we would like to request your input =
for the following proposal: allow membership changes via PUT and DELETE.<u>=
</u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
</div>
<div>
<p class=3D"MsoNormal">For this the PUT and DELETE commands would be in the=
 format:<u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal">PUT /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to=
 add a user to a group<u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal">DELETE /Groups/&lt;groupId&gt;/user/&lt;userId&gt; -=
 to remove the user from the group<u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
</div>
<p class=3D"MsoNormal">Thank you,<u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><br clear=3D"all">
<u></u><u></u></p>
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:9.0pt;font-family:&quot;=
Tahoma&quot;,&quot;sans-serif&quot;;color:#343634;background:white">Alexand=
re Santos</span></b><span style=3D"font-size:9.0pt;font-family:&quot;Tahoma=
&quot;,&quot;sans-serif&quot;;color:#343634;background:white">=A0=A0| Sr. D=
evelopment
 Engineer</span><span style=3D"font-size:10.0pt;font-family:&quot;Arial&quo=
t;,&quot;sans-serif&quot;;background:white"><br>
</span><b><span style=3D"font-size:8.5pt;font-family:&quot;Tahoma&quot;,&qu=
ot;sans-serif&quot;;color:#343634;background:white">Ping</span></b><b><span=
 style=3D"font-size:8.5pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&q=
uot;;color:#e71939;background:white">Identity</span></b><span style=3D"font=
-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;background=
:white">=A0=A0|=A0=A0=A0<a href=3D"http://www.pingidentity.com/" target=3D"=
_blank"><span style=3D"color:#0000cc">www.pingidentity.com</span></a><br>


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -<br>
<b><span style=3D"color:#005568">O:</span></b>=A0<span style=3D"color:#3436=
34"><a href=3D"tel:604.697.7056" value=3D"+16046977056" target=3D"_blank">6=
04.697.7056</a></span></span><span style=3D"font-family:&quot;Arial&quot;,&=
quot;sans-serif&quot;;background:white"><br>


</span><b><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quo=
t;sans-serif&quot;;color:#005568;background:white">Email:</span></b><span s=
tyle=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot=
;;background:white">=A0<a href=3D"mailto:asantos@pingidentity.com" target=
=3D"_blank"><span style=3D"color:#0000cc">asantos@pingidentity.com</span></=
a></span><span style=3D"font-family:&quot;Arial&quot;,&quot;sans-serif&quot=
;;background:white"><br>


</span><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;s=
ans-serif&quot;;background:white">- - - - - - - - - - - - - - - - - - - - -=
 - - - - - - - - - - - - - - - - - - -</span><span style=3D"font-family:&qu=
ot;Arial&quot;,&quot;sans-serif&quot;;background:white"><u></u><u></u></spa=
n></p>


<table border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
<tbody>
<tr>
<td nowrap valign=3D"top" style=3D"padding:0in 0in 0in 0in">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:8.5pt;font-family:&quot;=
Arial&quot;,&quot;sans-serif&quot;;color:#005568">Connect with Ping</span><=
/b><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-=
serif&quot;"><br>


<span style>Twitter: @pingidentity</span><br>
<span style>LinkedIn Group: Ping&#39;s Identity Cloud</span>=A0=A0 =A0<br>
<span style>Facebook.com/pingidentitypage</span><u></u><u></u></span></p>
</div>
</td>
</tr>
</tbody>
</table>
<p class=3D"MsoNormal"><b><span style=3D"font-size:8.5pt;font-family:&quot;=
Arial&quot;,&quot;sans-serif&quot;;color:#2a2a2a;background:white"><u></u>=
=A0<u></u></span></b></p>
<table border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
<tbody>
<tr>
<td nowrap valign=3D"top" style=3D"padding:0in 0in 0in 0in"></td>
</tr>
</tbody>
</table>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p>
</div>
</div>
</div>
</div></div></div>
</div>

</blockquote></div><br></div>

--089e010d851025b95a04d8f0b026--

From phil.hunt@oracle.com  Wed Mar 27 16:50:38 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16B5A21F8E7F for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:50:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level: 
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k04u9vqDoyd4 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 16:50:36 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id 86DD721F8B6E for <scim@ietf.org>; Wed, 27 Mar 2013 16:50:36 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2RNoYc0009952 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 27 Mar 2013 23:50:35 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2RNoXMR020340 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 27 Mar 2013 23:50:34 GMT
Received: from abhmt108.oracle.com (abhmt108.oracle.com [141.146.116.60]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2RNoXB0012211; Wed, 27 Mar 2013 18:50:33 -0500
Received: from [192.168.1.14] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 27 Mar 2013 16:50:33 -0700
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_0B7DAB0F-4F7D-4A28-946D-3F9EEFFAEC25"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <FAFB4AAB-09FA-41BB-9824-F59851C5B0FE@oracle.com>
Date: Wed, 27 Mar 2013 16:50:31 -0700
Message-Id: <DC2940ED-6864-4673-BF5F-EE4882A3B94B@oracle.com>
References: <CAPx6tN7x1MS+W=rbXF1c9p2qepJN3pco+h6MQYXmGHJakF+3Vw@mail.gmail.com> <56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3@BLUPRD0412MB643.namprd04.prod.outlook.com> <FAFB4AAB-09FA-41BB-9824-F59851C5B0FE@oracle.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
X-Mailer: Apple Mail (2.1283)
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
Cc: "scim@ietf.org" <scim@ietf.org>, Alexandre Santos <asantos@pingidentity.com>
Subject: Re: [scim] Clarification on body request for DELETE
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 23:50:38 -0000

--Apple-Mail=_0B7DAB0F-4F7D-4A28-946D-3F9EEFFAEC25
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

Sorry, by "we" I meant I was discussing with my colleagues at Oracle. I =
don't want to imply that other members of the WG are in agreement or =
disagreement. I simply want to concur Oracle identified as an issue =
needing more discussion.  :-)

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2013-03-27, at 2:48 PM, Phil Hunt wrote:

> We've been discussing that 202 should generally be interpreted as, =
transaction is syntactically valid but pending completion (e.g. an =
approval workflow). It seems there is a need to do this with all SCIM =
operations.
>=20
> Successful immediate completion would be status 200 or potentially =
204.  Is there any reason for a SP to indicate for example that an =
entity wasn't actually deleted, but rather suspended (e.g. because the =
SP has a tombstone feature to preserve UUIDs)?
>=20
> Phil
>=20
> @independentid
> www.independentid.com
> phil.hunt@oracle.com
>=20
>=20
>=20
>=20
>=20
> On 2013-03-27, at 11:10 AM, Kelly Grizzle wrote:
>=20
>> The SCIM API spec is not entirely clear here.  According to RFC 2616, =
the DELETE operation should work like this:
>> =20
>>    A successful response SHOULD be 200 (OK) if the response includes =
an
>>    entity describing the status, 202 (Accepted) if the action has not
>>    yet been enacted, or 204 (No Content) if the action has been =
enacted
>>    but the response does not include an entity.
>> =20
>> I can=92t think of anything interesting for SCIM to return in a =
response body, so my vote would either be a 200 with an empty response =
(or just a message) or a 204 with no response body.  Perhaps we should =
open an issue to clarify this.  Thoughts?
>> =20
>> --Kelly
>> =20
>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Alexandre Santos
>> Sent: Wednesday, March 27, 2013 11:04 AM
>> To: scim@ietf.org
>> Subject: [scim] Clarification on body request for DELETE
>> =20
>> The spec for PUT says "3.3.1...  Unless otherwise specified a =
successful PUT operation returns a 200 OK response code and the entire =
Resource within the response body"
>> For POST: "3.1...  the response body MUST contain the newly created =
Resource."
>> For DELETES it says "
>> 3.4.  Deleting Resources
>>=20
>> Consumers request Resource removal via DELETE. Service Providers MAY =
choose not to permanently delete the Resource, but MUST return a 404 =
error code for all operations associated with the previously deleted Id. =
Service Providers MUST also omit the Resource from future query results. =
In addition the Service Provider MUST not consider the deleted resource =
in conflict calculation. For example if a User resource is deleted, a =
CREATE request for a User resource with the same userName as the =
previously deleted resource should not fail with a 409 error due to =
userName conflict.
>> "
>> =20
>> My question is, what (if anything at all) should be returned in the =
response body as a result of a successful DELETE operation.
>> =20
>> Thanks,
>> Alex Santos
>> =20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_0B7DAB0F-4F7D-4A28-946D-3F9EEFFAEC25
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
">Sorry, by "we" I meant I was discussing with my colleagues at Oracle. =
I don't want to imply that other members of the WG are in agreement or =
disagreement. I simply want to concur Oracle identified as an issue =
needing more discussion. &nbsp;:-)<div><br><div =
apple-content-edited=3D"true">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>Phil</div><div><br></div><div>@independentid</div><div><a=
 =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2013-03-27, at 2:48 PM, Phil Hunt wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><div =
style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; ">We've been discussing that 202 =
should generally be interpreted as, transaction is syntactically valid =
but pending completion (e.g. an approval workflow). It seems there is a =
need to do this with all SCIM operations.<div><br></div><div>Successful =
immediate completion would be status 200 or potentially 204. &nbsp;Is =
there any reason for a SP to indicate for example that an entity wasn't =
actually deleted, but rather suspended (e.g. because the SP has a =
tombstone feature to preserve UUIDs)?</div><div><br></div><div><div =
apple-content-edited=3D"true">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
font-family: Helvetica; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
font-family: Helvetica; font-size: medium; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; font-family: Helvetica; font-size: =
medium; font-style: normal; font-variant: normal; font-weight: normal; =
letter-spacing: normal; line-height: normal; orphans: 2; text-indent: =
0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; font-family: Helvetica; font-size: =
12px; font-style: normal; font-variant: normal; font-weight: normal; =
letter-spacing: normal; line-height: normal; orphans: 2; text-indent: =
0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>Phil</div><div><br></div><div>@independentid</div><div><a=
 =
href=3D"http://www.independentid.com/">www.independentid.com</a></div></di=
v></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2013-03-27, at 11:10 AM, Kelly Grizzle wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
font-family: Helvetica; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: =
none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div =
lang=3D"EN-US" link=3D"blue" vlink=3D"purple"><div class=3D"WordSection1" =
style=3D"page: WordSection1; "><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); ">The SCIM API spec is not entirely clear here.&nbsp; =
According to RFC 2616, the DELETE operation should work like =
this:<o:p></o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; A successful response SHOULD be 200 (OK) if =
the response includes an<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; entity describing the status, 202 =
(Accepted) if the action has not<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; yet been enacted, or 204 (No Content) if =
the action has been enacted<o:p></o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 10pt; font-family: 'Courier New'; =
color: black; ">&nbsp;&nbsp; but the response does not include an =
entity.<o:p></o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); ">I can=92t think of anything =
interesting for SCIM to return in a response body, so my vote would =
either be a 200 with an empty response (or just a message) or a 204 with =
no response body.&nbsp; Perhaps we should open an issue to clarify =
this.&nbsp; Thoughts?<o:p></o:p></span></div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><span style=3D"font-size: 11pt; font-family: Calibri, =
sans-serif; color: rgb(31, 73, 125); =
">--Kelly<o:p></o:p></span></div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: =
rgb(31, 73, 125); "><o:p>&nbsp;</o:p></span></div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><b><span style=3D"font-size: 10pt; font-family: Tahoma, =
sans-serif; ">From:</span></b><span style=3D"font-size: 10pt; =
font-family: Tahoma, sans-serif; "><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> =
[mailto:scim-bounces@ietf.org]<span =
class=3D"Apple-converted-space">&nbsp;</span><b>On Behalf Of<span =
class=3D"Apple-converted-space">&nbsp;</span></b>Alexandre =
Santos<br><b>Sent:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>Wednesday, March 27, 2013 =
11:04 AM<br><b>To:</b><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><b>Subject:</b><span =
class=3D"Apple-converted-space">&nbsp;</span>[scim] Clarification on =
body request for DELETE<o:p></o:p></span></div><div style=3D"margin-right:=
 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
"><o:p>&nbsp;</o:p></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; ">The spec for PUT says =
"3.3.1...&nbsp;<span style=3D"font-family: Verdana, sans-serif; color: =
black; ">&nbsp;Unless otherwise specified a successful PUT operation =
returns a 200 OK response code and the entire Resource within the =
response body"</span><o:p></o:p></div><div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-family: Verdana, sans-serif; color: black; ">For POST: =
"3.1...&nbsp;&nbsp;the response body MUST contain the newly created =
Resource."</span><o:p></o:p></div></div><div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; "><span =
style=3D"font-family: Verdana, sans-serif; color: black; ">For DELETES =
it says "</span><o:p></o:p></div><h3 style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 13.5pt; font-family: 'Times New Roman', =
serif; font-weight: bold; "><span style=3D"font-family: Helvetica, =
sans-serif; color: rgb(51, 51, 51); ">3.4.&nbsp; Deleting =
Resources<o:p></o:p></span></h3><p style=3D"margin-right: 24pt; =
margin-left: 24pt; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-bottom: 5pt; "><span style=3D"font-family: Verdana, =
sans-serif; color: black; ">Consumers request Resource removal via =
DELETE. Service Providers MAY choose not to permanently delete the =
Resource, but MUST return a 404 error code for all operations associated =
with the previously deleted Id. Service Providers MUST also omit the =
Resource from future query results. In addition the Service Provider =
MUST not consider the deleted resource in conflict calculation. For =
example if a User resource is deleted, a CREATE request for a User =
resource with the same userName as the previously deleted resource =
should not fail with a 409 error due to userName =
conflict.<o:p></o:p></span></p><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
">"<o:p></o:p></div></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
"><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; ">My question is, what =
(if anything at all) should be returned in the response body as a result =
of a successful DELETE operation.<o:p></o:p></div></div><div><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; "><o:p>&nbsp;</o:p></div></div><div><div style=3D"margin-right: =
0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; =
">Thanks,<o:p></o:p></div></div><div><div style=3D"margin-right: 0in; =
margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', =
serif; margin-top: 0in; margin-bottom: 0.0001pt; ">Alex =
Santos<o:p></o:p></div><div><table class=3D"MsoNormalTable" border=3D"0" =
cellspacing=3D"0" cellpadding=3D"0"><tbody><tr><td nowrap=3D"" =
valign=3D"top" style=3D"padding-top: 0in; padding-right: 0in; =
padding-bottom: 0in; padding-left: 0in; "></td></tr></tbody></table><div =
style=3D"margin-right: 0in; margin-left: 0in; font-size: 12pt; =
font-family: 'Times New Roman', serif; margin-top: 0in; margin-bottom: =
0.0001pt; =
"><o:p>&nbsp;</o:p></div></div></div></div></div></div>___________________=
____________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/m=
ailman/listinfo/scim</a></div></span></blockquote></div><br></div></div>__=
_____________________________________________<br>scim mailing list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></div></body></html>=

--Apple-Mail=_0B7DAB0F-4F7D-4A28-946D-3F9EEFFAEC25--

From phil.hunt@oracle.com  Wed Mar 27 17:01:52 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5814821F90DF for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 17:01:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level: 
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kcto4BFkdm6y for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 17:01:51 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 5441B21F90DB for <scim@ietf.org>; Wed, 27 Mar 2013 17:01:51 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2S01nhM032043 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 28 Mar 2013 00:01:50 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2S01nHJ001973 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 28 Mar 2013 00:01:49 GMT
Received: from abhmt118.oracle.com (abhmt118.oracle.com [141.146.116.70]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2S01nvC028521; Wed, 27 Mar 2013 19:01:49 -0500
Received: from [192.168.1.14] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 27 Mar 2013 17:01:48 -0700
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_A9A51A14-A835-420F-8DB0-54D694E78775"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com>
Date: Wed, 27 Mar 2013 17:01:47 -0700
Message-Id: <AAE9F872-F35E-4A73-8674-4A7AF6C0537B@oracle.com>
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com>
To: Alexandre Santos <asantos@pingidentity.com>
X-Mailer: Apple Mail (2.1283)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
Cc: scim@ietf.org
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2013 00:01:52 -0000

--Apple-Mail=_A9A51A14-A835-420F-8DB0-54D694E78775
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=iso-8859-1

I think this may fit in with our discussion of adjusting PATCH to work =
better with multi-value and complex attributes (ticket 18).

So far, we've been avoiding extended paths that go within the Resource =
entity (e.g. to address specific attributes).

If you were to do the item below, I think you would have to add the =
attribute name to the path at the very least.

PUT /Groups/<groupid>/members/Users/<userid>

Still I think that may have problems if the member is actual a URL =
rather then a simple UUID.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:

> For groups with many users (>10k) it becomes problematic to do POSTs =
or PUTs. The only alternative would be PATCH. However PATCH is not =
mandatory.
>=20
> For this reason we would like to request your input for the following =
proposal: allow membership changes via PUT and DELETE.
>=20
> For this the PUT and DELETE commands would be in the format:
> PUT /Groups/<groupId>/user/<userId> - to add a user to a group
> DELETE /Groups/<groupId>/user/<userId> - to remove the user from the =
group
>=20
> Thank you,
>=20
> Alexandre Santos  | Sr. Development Engineer
> PingIdentity  |   www.pingidentity.com
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- - - - -
> O: 604.697.7056
> Email: asantos@pingidentity.com
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- - - - -
> Connect with Ping
> Twitter: @pingidentity
> LinkedIn Group: Ping's Identity Cloud   =20
> Facebook.com/pingidentitypage
>=20
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_A9A51A14-A835-420F-8DB0-54D694E78775
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=iso-8859-1

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">I =
think this may fit in with our discussion of adjusting PATCH to work =
better with multi-value and complex attributes (ticket =
18).<div><br></div><div>So far, we've been avoiding extended paths that =
go within the Resource entity (e.g. to address specific =
attributes).</div><div><br></div><div>If you were to do the item below, =
I think you would have to add the attribute name to the path at the very =
least.</div><div><br></div><div>PUT =
/Groups/&lt;groupid&gt;/members/Users/&lt;userid&gt;</div><div><br></div><=
div>Still I think that may have problems if the member is actual a URL =
rather then a simple UUID.</div><div><br></div><div><div =
apple-content-edited=3D"true">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>Phil</div><div><br></div><div>@independentid</div><div><a=
 =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div></span><br =
class=3D"Apple-interchange-newline"></span><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2013-03-27, at 4:01 PM, Alexandre Santos =
wrote:</div><br class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite"><div dir=3D"ltr"><div style=3D"">For groups with many =
users (&gt;10k) it becomes problematic to do POSTs or PUTs. The only =
alternative would be PATCH. However PATCH is not mandatory.</div><div =
style=3D""><br></div><div style=3D"">For this reason we would like to =
request your input for the following proposal: allow membership changes =
via PUT and DELETE.</div>

<div style=3D""><br></div><div style=3D"">For this the PUT and DELETE =
commands would be in the format:</div><div style=3D"">PUT =
/Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to add a user to a =
group</div><div style=3D"">DELETE =
/Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to remove the user from =
the group</div>

<div><br></div>Thank you,<div><br clear=3D"all"><div><span =
style=3D"font-family:arial,sans-serif;font-size:13px;background-color:rgb(=
255,255,255)"><font color=3D"#343634" face=3D"Tahoma" =
style=3D"color:rgb(52,54,52);font-size:12px"><b><span>Alexandre =
Santos</span></b>&nbsp;&nbsp;| Sr. Development Engineer</font><br>

<font face=3D"Arial" style=3D"font-size:11px"><font color=3D"#343634" =
face=3D"Tahoma"><b>Ping</b></font><font color=3D"#e71939" =
face=3D"Tahoma"><b>Identity</b></font>&nbsp;&nbsp;|&nbsp;&nbsp;&nbsp;<a =
href=3D"http://www.pingidentity.com/" style=3D"color:rgb(0,0,204)" =
target=3D"_blank">www.pingidentity.com</a><br>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- - - -<br><font =
color=3D"#005568"><b>O:</b></font>&nbsp;</font></span><span =
style=3D"background-color:rgb(255,255,255)"><font face=3D"Arial"><font =
color=3D"#343634"><span =
style=3D"font-size:11px">604.697.7056</span></font><br>

<font color=3D"#005568" =
style=3D"font-family:arial,sans-serif;font-size:11px"><b>Email:</b></font>=
<font face=3D"arial, sans-serif"><span =
style=3D"font-size:11px">&nbsp;</span></font><span =
style=3D"font-family:arial,sans-serif;font-size:11px"><a =
href=3D"mailto:asantos@pingidentity.com" style=3D"color:rgb(0,0,204)" =
target=3D"_blank">asantos@pingidentity.com</a></span><br>

<font face=3D"arial, sans-serif"><span style=3D"font-size:11px">- - - - =
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
-</span></font><br><table cellpadding=3D"0" cellspacing=3D"0" =
style=3D"font-family:arial,sans-serif;font-size:11px">

<tbody><tr valign=3D"top"><td nowrap=3D"" =
style=3D"margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px=
;font-family:arial,sans-serif"><div style=3D"float:left"><font =
face=3D"Arial" style=3D"font-size:11px"><font color=3D"#005568"><b>Connect=
 with Ping</b></font><br>

<font color=3D"#000000">Twitter: @pingidentity</font><br><font =
color=3D"#000000">LinkedIn Group: Ping's Identity =
Cloud</font>&nbsp;&nbsp; &nbsp;<br><font color=3D"#000000"><a =
href=3D"http://Facebook.com/pingidentitypage">Facebook.com/pingidentitypag=
e</a></font></font></div></td></tr></tbody></table>

</font><b style=3D"font-family:arial,sans-serif;font-size:13px"><span =
style=3D"font-family:'Lucida =
Grande',Tahoma,Arial,Verdana,sans-serif;font-size:12px;color:rgb(42,42,42)=
"><font face=3D"Arial" style=3D"font-size:11px"><table cellpadding=3D"0" =
cellspacing=3D"0">

<tbody><tr valign=3D"top"><td nowrap=3D"" =
style=3D"margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px=
;font-family:arial,sans-serif"><br></td></tr></tbody></table></font></span=
></b></span></div>
</div></div>
_______________________________________________<br>scim mailing =
list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></div></body></html>=

--Apple-Mail=_A9A51A14-A835-420F-8DB0-54D694E78775--

From nsekimori@gmail.com  Wed Mar 27 19:46:27 2013
Return-Path: <nsekimori@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A10821F9414 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 19:46:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Level: 
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[AWL=1.100,  BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3iGg6uTQc+X8 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 19:46:25 -0700 (PDT)
Received: from mail-pd0-f171.google.com (mail-pd0-f171.google.com [209.85.192.171]) by ietfa.amsl.com (Postfix) with ESMTP id 8EA8F21F9412 for <scim@ietf.org>; Wed, 27 Mar 2013 19:46:25 -0700 (PDT)
Received: by mail-pd0-f171.google.com with SMTP id z10so1813739pdj.2 for <scim@ietf.org>; Wed, 27 Mar 2013 19:46:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=TXhB5ztYs/S66Xs721c/h2TYnZ9QdZXH0ka1BwtFMT4=; b=I0C4Lpj6FWq/6zNRltfRkomVCadMqHwyIiY4pQF7062TY0yRWsWX3cO9ugW53RzJwk TekHNKqBiAIGF/6p9dyodtCDFrWKVenLNDD9LF69UC95j03LfVfK9B1GLfekRJVUP1WH pa7Lx9Wsepv0sFGqRinsF1H6DW+KBxYeIaN1s8WLC+eRZmEqxckI422J/sLzuTIxZ9z1 swmjS8w9WjmXNKfJaGOGpjnifXshZkoJ32XnfNatqxPcQ/8rKITWl4nU+JhHJp0uit6T n65wPZjfLYXZ1TJtxbX2OGKBpR8BNxvbhkJkwQEHnYnpU1cmlKUlPuCbvS5UwO4Eyd0u dJRg==
MIME-Version: 1.0
X-Received: by 10.68.125.169 with SMTP id mr9mr32634184pbb.74.1364438785296; Wed, 27 Mar 2013 19:46:25 -0700 (PDT)
Received: by 10.70.20.131 with HTTP; Wed, 27 Mar 2013 19:46:25 -0700 (PDT)
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C3ACD77@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com> <CAGUsYPw7n0CqwUZE=ktEkM5sxjWLUrzCwV9oPVvk6zf+fC1FMw@mail.gmail.com> <46A1DF3F04371240B504290A071B4DB63D68DB20@szxeml558-mbx.china.huawei.com> <56C3C758F9D6534CA3778EAA1E0C34375C3ACD77@BLUPRD0412MB643.namprd04.prod.outlook.com>
Date: Thu, 28 Mar 2013 11:46:25 +0900
Message-ID: <CAAd8xPVZAb0mfzXuVFRQ+fnBB4afbwHAgrVE92Ti_1n60vYGJQ@mail.gmail.com>
From: Nobuyuki Sekimori <nsekimori@gmail.com>
To: "scim@ietf.org" <scim@ietf.org>
Content-Type: multipart/alternative; boundary=047d7b2e4d6a1d96a904d8f32968
Cc: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>, Kelly Grizzle <kelly.grizzle@sailpoint.com>
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2013 02:46:27 -0000

--047d7b2e4d6a1d96a904d8f32968
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Sorry, I'd sent mail without my sign and my mail sender's name was with
Kanji. My name is Nobuyuki Sekimori.

Thanks Bert and Kelly, for brushing up my opinion.

--=20
Nobuyuki Sekimori


2013/3/27 Kelly Grizzle <kelly.grizzle@sailpoint.com>

> I agree with Erik that this might best be handled through an extension
> (perhaps a standard extension).  It feels like the common case is still a
> single name and that i18n names/multiple names may be more of the excepti=
on
> than the rule.  I may be wrong, though.
>
> > I guess this means in the JSON case, that you can put new elements
> anywhere you want, as long as you create a new URI and put it in the
> "schemas" attribute?
>
> This is something the design team is discussing in issue #38.  It is not
> clearly spelled out in the spec currently, but extensions must be
> represented within a JSON sub-attribute named by the schema.  For example=
,
> the non-normative enterprise user example in the schema doc has this:
>
>   "urn:scim:schemas:extension:enterprise:1.0": {
>     "employeeNumber": "701984",
>     "costCenter": "4130",
>     ....
>   },
>
> I think this would preclude you from mixing extension attributes in with
> the core attributes, like this:
>
>   "name": {
>     "formatted": "Kelly Grizzle",
>     "urn:scim:extendedUser.alsoKnownAs": [ ... ]
>     ...
> }
>
> --Kelly
>
> -----Original Message-----
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
> Bert Greevenbosch
> Sent: Wednesday, March 27, 2013 5:42 AM
> To: Shelley; scim@ietf.org; Marc Blanchet
> Cc: Peter Saint-Andre
> Subject: Re: [scim] Name Internationalization
>
> Hi Shelly, all,
>
> In vCard, all name info is put into a single N element. The different
> names of the same type are comma-separated, whereas the different types a=
re
> semicolon-separated.
>
> For addresses, the SCIM schema defines an "addresses" element that
> contains multiple "address" elements. However, there is no "names" elemen=
t,
> but that wouldn't help anyway. The given name is e.g. stored in
> "name/givenName", so with the "singular in plural element mechanism" you
> would need something like "name/givenNames/givenName" if you want to stor=
e
> multiple given names. I am not sure if this is desirable.
>
> Maybe multiple names could be resolved by just allowing spaces within the
> field and treating it as an opaque string.
>
> For adding new name fields, I found the following text in section 4:
>
>         "Unlike LDAP there is no inheritance model; all extensions are
> additive (similar to LDAP Auxiliary Object Classes [3]). ... Each schema
> extension must identify a URI used to identify the extension. XML MUST us=
e
> XML namespaces and JSON formats MUST use the "schemas" attribute (Section
> 5.2) to distinguish extended resources and attributes. "
>
> I guess this means in the JSON case, that you can put new elements
> anywhere you want, as long as you create a new URI and put it in the
> "schemas" attribute?
>
> (As JCARDCAL co-chair:) We are having a very similar discussion in
> JCARDCAL, about multivalue fields, and structured fields. As discussed in
> Orlando, it would be good for SCIM to keep acquainted with the JCARDCAL
> work.
>
> Best regards,
> Bert
>
>
> ---
> From: Shelley [mailto:randomshelley@gmail.com]
> Sent: 2013=E5=B9=B43=E6=9C=8826=E6=97=A5 3:07
> To: Bert Greevenbosch
> Cc: Marc Blanchet; scim@ietf.org
> Subject: Re: [scim] Name Internationalization
>
> Thanks, Bert. So to clarify, in the SCIM/vCard mapping proposal, multiple
> name components will be comma-separated in the corresponding SCIM singula=
r
> attribute? In our case, we are initially considering space-delimiting the
> components such that this would effectively serve as a "formatted"
> familyName/givenName/etc. and could potentially accommodate contributing
> systems that only store single-valued name attributes as well.
>
> With a comma-delimited value, all SCIM consumers must be aware of this
> special format when dealing with the attribute. With a space-delimited
> value, consumers may not be able to retrieve the individual values, but c=
an
> handle the name consistently without attempting to parse and regardless o=
f
> the origin of the data (i.e. whether it came from a system that only stor=
es
> a single value or multiple values).
>
> I also noticed that the SCIM/vCard draft includes this as an open issue,
> proposing that it may be more appropriate to update the SCIM schema to
> handle multiple values. Is this a topic that's currently being discussed?
>
> We are currently adopting the SCIM 1.1 specification, but are trying to
> consider potential changes for SCIM 2.0 in our implementation.
>
> On Mon, Mar 25, 2013 at 12:41 AM, Bert Greevenbosch <
> Bert.Greevenbosch@huawei.com> wrote:
> I stumbled across the same issue when doing v02 of the SCIM/vCard mapping
> draft. See section 6.
> http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vcard-mapping/
>
> Indeed in vCard multiple surnames, given names and additional names are
> possible.
>
> Best regards,
> Bert
>
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of
> Marc Blanchet
> Sent: 2013=E5=B9=B43=E6=9C=8825=E6=97=A5 6:35
> To: Shelley
> Cc: scim@ietf.org
> Subject: Re: [scim] Name Internationalization
>
> might want to look at vCard  (RFC6350).
>
> Marc.
>
> Le 2013-03-22 =C3=A0 22:59, Shelley <randomshelley@gmail.com> a =C3=A9cri=
t :
>
> As a SCIM service provider, we are trying to determine the best approach
> for accepting and managing names that may be federated from global
> consumers.
>
> Were there any considerations made in the SCIM core schema for using
> multi-valued attributes for the individual name components? The use of th=
e
> "familyName" and "givenName" as opposed to "firstName"/"lastName" helps
> minimize a western/US-centric approach, but using three individual,
> singular attributes for these name components still hints at a particular
> name format that may not be global.
>
> For example, in many countries, individuals have a given name and two las=
t
> names (rather than first name, middle name, last name). Does SCIM provide
> any recommendations for how to represent this using the existing name
> components? For example, are consumers expected to consolidate all last
> names into the single familyName attribute to accommodate this scenario?
> Likewise, there are many other cases [1,2] that don't quite cleanly fit
> into these singular name components.
>
> The "formattedName", "displayName", and "nickName" attributes help to
> mitigate some concerns around formatting names and addressing users, but
> we're still trying to iron out how to accept identity data from varying
> contributing sources as well as enable consumers to obtain the discrete
> name components.
>
> [1] http://www.w3.org/International/questions/qa-personal-names
> [2] http://en.wikipedia.org/wiki/Personal_name
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim
>

--047d7b2e4d6a1d96a904d8f32968
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div style>Sorry, I&#39;d sent mail without my sign and my=
 mail sender&#39;s name was with Kanji. My name is Nobuyuki Sekimori.<br></=
div><div><br></div><div>Thanks Bert and Kelly, for brushing up my opinion.<=
/div>
<div><br></div><div>--=C2=A0<br><div dir=3D"ltr"><font face=3D"times new ro=
man, serif">Nobuyuki Sekimori</font><div><br></div></div></div><div class=
=3D"gmail_extra"><br><div class=3D"gmail_quote">2013/3/27 Kelly Grizzle <sp=
an dir=3D"ltr">&lt;<a href=3D"mailto:kelly.grizzle@sailpoint.com" target=3D=
"_blank">kelly.grizzle@sailpoint.com</a>&gt;</span><br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex">I agree with Erik that this might best be handled through =
an extension (perhaps a standard extension). =C2=A0It feels like the common=
 case is still a single name and that i18n names/multiple names may be more=
 of the exception than the rule. =C2=A0I may be wrong, though.<br>

<div class=3D"im"><br>
&gt; I guess this means in the JSON case, that you can put new elements any=
where you want, as long as you create a new URI and put it in the &quot;sch=
emas&quot; attribute?<br>
<br>
</div>This is something the design team is discussing in issue #38. =C2=A0I=
t is not clearly spelled out in the spec currently, but extensions must be =
represented within a JSON sub-attribute named by the schema. =C2=A0For exam=
ple, the non-normative enterprise user example in the schema doc has this:<=
br>

<br>
=C2=A0 &quot;urn:scim:schemas:extension:enterprise:1.0&quot;: {<br>
=C2=A0 =C2=A0 &quot;employeeNumber&quot;: &quot;701984&quot;,<br>
=C2=A0 =C2=A0 &quot;costCenter&quot;: &quot;4130&quot;,<br>
=C2=A0 =C2=A0 ....<br>
=C2=A0 },<br>
<br>
I think this would preclude you from mixing extension attributes in with th=
e core attributes, like this:<br>
<br>
=C2=A0 &quot;name&quot;: {<br>
=C2=A0 =C2=A0 &quot;formatted&quot;: &quot;Kelly Grizzle&quot;,<br>
=C2=A0 =C2=A0 &quot;urn:scim:extendedUser.alsoKnownAs&quot;: [ ... ]<br>
=C2=A0 =C2=A0 ...<br>
}<br>
<span class=3D""><font color=3D"#888888"><br>
--Kelly<br>
</font></span><div class=3D""><div class=3D"h5"><br>
-----Original Message-----<br>
From: <a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> [m=
ailto:<a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a>] O=
n Behalf Of Bert Greevenbosch<br>
Sent: Wednesday, March 27, 2013 5:42 AM<br>
To: Shelley; <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a>; Marc Blanc=
het<br>
Cc: Peter Saint-Andre<br>
Subject: Re: [scim] Name Internationalization<br>
<br>
Hi Shelly, all,<br>
<br>
In vCard, all name info is put into a single N element. The different names=
 of the same type are comma-separated, whereas the different types are semi=
colon-separated.<br>
<br>
For addresses, the SCIM schema defines an &quot;addresses&quot; element tha=
t contains multiple &quot;address&quot; elements. However, there is no &quo=
t;names&quot; element, but that wouldn&#39;t help anyway. The given name is=
 e.g. stored in &quot;name/givenName&quot;, so with the &quot;singular in p=
lural element mechanism&quot; you would need something like &quot;name/give=
nNames/givenName&quot; if you want to store multiple given names. I am not =
sure if this is desirable.<br>

<br>
Maybe multiple names could be resolved by just allowing spaces within the f=
ield and treating it as an opaque string.<br>
<br>
For adding new name fields, I found the following text in section 4:<br>
<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 &quot;Unlike LDAP there is no inheritance model=
; all extensions are additive (similar to LDAP Auxiliary Object Classes [3]=
). ... Each schema extension must identify a URI used to identify the exten=
sion. XML MUST use XML namespaces and JSON formats MUST use the &quot;schem=
as&quot; attribute (Section 5.2) to distinguish extended resources and attr=
ibutes. &quot;<br>

<br>
I guess this means in the JSON case, that you can put new elements anywhere=
 you want, as long as you create a new URI and put it in the &quot;schemas&=
quot; attribute?<br>
<br>
(As JCARDCAL co-chair:) We are having a very similar discussion in JCARDCAL=
, about multivalue fields, and structured fields. As discussed in Orlando, =
it would be good for SCIM to keep acquainted with the JCARDCAL work.<br>

<br>
Best regards,<br>
Bert<br>
<br>
<br>
---<br>
From: Shelley [mailto:<a href=3D"mailto:randomshelley@gmail.com">randomshel=
ley@gmail.com</a>]<br>
Sent: 2013=E5=B9=B43=E6=9C=8826=E6=97=A5 3:07<br>
To: Bert Greevenbosch<br>
Cc: Marc Blanchet; <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
Subject: Re: [scim] Name Internationalization<br>
<br>
Thanks, Bert. So to clarify, in the SCIM/vCard mapping proposal, multiple n=
ame components will be comma-separated in the corresponding SCIM singular a=
ttribute? In our case, we are initially considering space-delimiting the co=
mponents such that this would effectively serve as a &quot;formatted&quot; =
familyName/givenName/etc. and could potentially accommodate contributing sy=
stems that only store single-valued name attributes as well.<br>

<br>
With a comma-delimited value, all SCIM consumers must be aware of this spec=
ial format when dealing with the attribute. With a space-delimited value, c=
onsumers may not be able to retrieve the individual values, but can handle =
the name consistently without attempting to parse and regardless of the ori=
gin of the data (i.e. whether it came from a system that only stores a sing=
le value or multiple values).<br>

<br>
I also noticed that the SCIM/vCard draft includes this as an open issue, pr=
oposing that it may be more appropriate to update the SCIM schema to handle=
 multiple values. Is this a topic that&#39;s currently being discussed?<br>

<br>
We are currently adopting the SCIM 1.1 specification, but are trying to con=
sider potential changes for SCIM 2.0 in our implementation.<br>
<br>
On Mon, Mar 25, 2013 at 12:41 AM, Bert Greevenbosch &lt;<a href=3D"mailto:B=
ert.Greevenbosch@huawei.com">Bert.Greevenbosch@huawei.com</a>&gt; wrote:<br=
>
I stumbled across the same issue when doing v02 of the SCIM/vCard mapping d=
raft. See section 6.<br>
<a href=3D"http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vcard-ma=
pping/" target=3D"_blank">http://datatracker.ietf.org/doc/draft-greevenbosc=
h-scim-vcard-mapping/</a><br>
=C2=A0<br>
Indeed in vCard multiple surnames, given names and additional names are pos=
sible.<br>
=C2=A0<br>
Best regards,<br>
Bert<br>
=C2=A0<br>
From: <a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a> [m=
ailto:<a href=3D"mailto:scim-bounces@ietf.org">scim-bounces@ietf.org</a>] O=
n Behalf Of Marc Blanchet<br>
Sent: 2013=E5=B9=B43=E6=9C=8825=E6=97=A5 6:35<br>
To: Shelley<br>
Cc: <a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
Subject: Re: [scim] Name Internationalization<br>
=C2=A0<br>
might want to look at vCard =C2=A0(RFC6350).<br>
=C2=A0<br>
Marc.<br>
=C2=A0<br>
Le 2013-03-22 =C3=A0 22:59, Shelley &lt;<a href=3D"mailto:randomshelley@gma=
il.com">randomshelley@gmail.com</a>&gt; a =C3=A9crit :<br>
<br>
As a SCIM service provider, we are trying to determine the best approach fo=
r accepting and managing names that may be federated from global consumers.=
<br>
<br>
Were there any considerations made in the SCIM core schema for using multi-=
valued attributes for the individual name components? The use of the &quot;=
familyName&quot; and &quot;givenName&quot; as opposed to &quot;firstName&qu=
ot;/&quot;lastName&quot; helps minimize a western/US-centric approach, but =
using three individual, singular attributes for these name components still=
 hints at a particular name format that may not be global.<br>

<br>
For example, in many countries, individuals have a given name and two last =
names (rather than first name, middle name, last name). Does SCIM provide a=
ny recommendations for how to represent this using the existing name compon=
ents? For example, are consumers expected to consolidate all last names int=
o the single familyName attribute to accommodate this scenario? Likewise, t=
here are many other cases [1,2] that don&#39;t quite cleanly fit into these=
 singular name components.<br>

<br>
The &quot;formattedName&quot;, &quot;displayName&quot;, and &quot;nickName&=
quot; attributes help to mitigate some concerns around formatting names and=
 addressing users, but we&#39;re still trying to iron out how to accept ide=
ntity data from varying contributing sources as well as enable consumers to=
 obtain the discrete name components.<br>

<br>
[1] <a href=3D"http://www.w3.org/International/questions/qa-personal-names"=
 target=3D"_blank">http://www.w3.org/International/questions/qa-personal-na=
mes</a><br>
[2] <a href=3D"http://en.wikipedia.org/wiki/Personal_name" target=3D"_blank=
">http://en.wikipedia.org/wiki/Personal_name</a><br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><br>
=C2=A0<br>
<br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a><br>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" target=3D"_blank">ht=
tps://www.ietf.org/mailman/listinfo/scim</a></div></div></blockquote></div>
</div></div>

--047d7b2e4d6a1d96a904d8f32968--

From n-sakimura@nri.co.jp  Wed Mar 27 23:31:23 2013
Return-Path: <n-sakimura@nri.co.jp>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FC3921F911F for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 23:31:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.09
X-Spam-Level: 
X-Spam-Status: No, score=-0.09 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XPlVRO7bqpro for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 23:31:22 -0700 (PDT)
Received: from nrifs04.index.or.jp (nrigw01.index.or.jp [133.250.250.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D2AD21F90F1 for <scim@ietf.org>; Wed, 27 Mar 2013 23:31:21 -0700 (PDT)
Received: from nriea04.index.or.jp (unknown [172.19.246.39]) by nrifs04.index.or.jp (Postfix) with SMTP id 21634472EE0 for <scim@ietf.org>; Thu, 28 Mar 2013 15:31:20 +0900 (JST)
Received: from nrims00b.nri.co.jp ([192.50.135.12]) by nriea04.index.or.jp (unknown) with ESMTP id r2S6VJ19015447 for <scim@ietf.org>; Thu, 28 Mar 2013 15:31:20 +0900
Received: from nrims00b.nri.co.jp (localhost.localdomain [127.0.0.1]) by nrims00b.nri.co.jp (Switch-3.3.3/Switch-3.3.3) with ESMTP id r2S6VJ02022818; Thu, 28 Mar 2013 15:31:19 +0900
Received: (from mailnull@localhost) by nrims00b.nri.co.jp (Switch-3.3.3/Switch-3.3.0/Submit) id r2S6VJt1022817; Thu, 28 Mar 2013 15:31:19 +0900
X-Authentication-Warning: nrims00b.nri.co.jp: mailnull set sender to n-sakimura@nri.co.jp using -f
Received: from nrizmf21a.index.or.jp ([172.100.25.19]) by nrims00b.nri.co.jp (Switch-3.3.3/Switch-3.3.3) with ESMTP id r2S6VJ9F022813 for <scim@ietf.org>; Thu, 28 Mar 2013 15:31:19 +0900
Received: from 127.0.0.1 (127.0.0.1) by m-FILTER with ESMTP; Thu, 28 Mar 2013 15:31:19 +0900
Message-ID: <5153E3B1.3060705@nri.co.jp>
Date: Thu, 28 Mar 2013 15:31:13 +0900
From: n-sakimura <n-sakimura@nri.co.jp>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.12) Gecko/20130105 Thunderbird/10.0.12
MIME-Version: 1.0
To: scim@ietf.org
References: <CAGUsYPwE4JCm-zsmWqNaXPHaLGGL_22jCE+uWneT7W3Fb5b2Hw@mail.gmail.com> <A37D572D-A5A4-4BD8-82DD-0B71107C9B6D@viagenie.ca> <46A1DF3F04371240B504290A071B4DB63D688951@szxeml558-mbx.china.huawei.com> <CAG-hk4gp85BEGRgRYpj_YgYzas1J0ewtkwq7B1haNLC6NTmrQg@mail.gmail.com> <CAAd8xPUk4+H2rE+OSbP9SUiDtomggY61KZNbFwtbeK3GsLaUfg@mail.gmail.com>
In-Reply-To: <CAAd8xPUk4+H2rE+OSbP9SUiDtomggY61KZNbFwtbeK3GsLaUfg@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
X-MailAdviser: Ver1.3.3
Content-Transfer-Encoding: quoted-printable
Subject: Re: [scim] Name Internationalization
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2013 06:31:23 -0000

familyName-SORT-AS is nice, but that probably does not bring us very far.

In many cases, a name may have multiple scripts representations.
ja-Kana-JP representation of the name is one such case, which happens to=20
be used for sorting.

So, IMHO, Tatsuo's proposal is more general and preferable.

FYI, OpenID Connect and OAuth Registration adopted this approach though=20
to comply with "flat schema for basic cases principle", we opted to=20
append the language tag after #:

e.g. name#ja-Kana-JP.

One possible variation on Tatsuo's proposal would be to adopt modified=20
BCP47 langauge tag (use "_" instead of "-") to make it possible to=20
reference it as a part of javascript names. e.g.,

"displayName": {
	"en":"<English alphabet representation>",
	"ja_Kana_JP":"<Katakana Representation>",
	"ja_Jpn_JP":"<Kanji Kana Mixed Representation>"
}

Nat


(2013/03/26 8:11), =E9=96=A2=E6=A3=AE=E4=BF=A1=E4=B9=8B wrote:
> This discuss is very interesting. I think the current specification of
> name attributes is not extensible enough. Shelley has considered
> multiplicity of name attributes. I will show another issue of 'Name
> Internationalization'.
>
> As Tatsuo was saying; Countries using Kanji have various appearances of
> name. These countries need to consider logographic scripts and syllabic
> scripts, separately. In Japan, we use syllabic scripts 'Kana' for
> sorting, do not use logographic 'Kanji' scripts. If any name attributes
> have only logographic value, we are not able to sort as well.
>
> For resolving this issue, vCard adopts parameter 'SORT-AS'. I think thi=
s
> is a nice for SCIM. For example:
>
> "name": {
> "familyName": "logographic".
> "givenName": "logographic",
> "familyName-SORT-AS": "syllabic",
> "givenName-SORT-AS": "syllabic"
> }
>
> Thoughts?
>
>
> 2013/3/26 Tatsuo Kudo <tatsuo.kudo@gmail.com <mailto:tatsuo.kudo@gmail.=
com>>
>
>     I think most of attributes currently defined as "Singular Attribute=
s"
>     in the schema draft should allow multi-valued ones as well for
>     non-English environment.  For example, businesses in Japan usually
>     store Kanji and Kana characters (cf.
>     http://en.wikipedia.org/wiki/Japanese_writing_system) for almost al=
l
>     attributes from name to department.
>
>     I prefer Kelly Grizzle's suggestion in his follow-up to my question
>     last month.
>
>     http://www.ietf.org/mail-archive/web/scim/current/msg00926.html
>
>     And would like to apply it other than phonetic representation like:
>
>     "displayName": [
>          { "value": "<Kana characters>", "locale": "ja-kana-JP" },
>          { "value": "<Kanji characters>", "locale": "ja-JP" }
>        ]
>
>     Thoughts?
>
>     Tatsuo.
>
>
>     On Mon, Mar 25, 2013 at 2:41 PM, Bert Greevenbosch
>     <Bert.Greevenbosch@huawei.com <mailto:Bert.Greevenbosch@huawei.com>=
>
>     wrote:
>      > I stumbled across the same issue when doing v02 of the SCIM/vCar=
d
>     mapping
>      > draft. See section 6.
>      >
>      >
>     http://datatracker.ietf.org/doc/draft-greevenbosch-scim-vcard-mappi=
ng/
>      >
>      >
>      >
>      > Indeed in vCard multiple surnames, given names and additional
>     names are
>      > possible.
>      >
>      >
>      >
>      > Best regards,
>      >
>      > Bert
>      >
>      >
>      >
>      > From: scim-bounces@ietf.org <mailto:scim-bounces@ietf.org>
>     [mailto:scim-bounces@ietf.org <mailto:scim-bounces@ietf.org>] On
>     Behalf Of Marc
>      > Blanchet
>      > Sent: 2013=E5=B9=B43=E6=9C=8825=E6=97=A5 6:35
>      > To: Shelley
>      > Cc: scim@ietf.org <mailto:scim@ietf.org>
>      > Subject: Re: [scim] Name Internationalization
>      >
>      >
>      >
>      > might want to look at vCard  (RFC6350).
>      >
>      >
>      >
>      > Marc.
>      >
>      >
>      >
>      > Le 2013-03-22 =C3=A0 22:59, Shelley <randomshelley@gmail.com
>     <mailto:randomshelley@gmail.com>> a =C3=A9crit :
>      >
>      >
>      >
>      > As a SCIM service provider, we are trying to determine the best
>     approach for
>      > accepting and managing names that may be federated from global
>     consumers.
>      >
>      > Were there any considerations made in the SCIM core schema for u=
sing
>      > multi-valued attributes for the individual name components? The
>     use of the
>      > "familyName" and "givenName" as opposed to "firstName"/"lastName=
"
>     helps
>      > minimize a western/US-centric approach, but using three
>     individual, singular
>      > attributes for these name components still hints at a particular
>     name format
>      > that may not be global.
>      >
>      > For example, in many countries, individuals have a given name an=
d
>     two last
>      > names (rather than first name, middle name, last name). Does SCI=
M
>     provide
>      > any recommendations for how to represent this using the existing=
 name
>      > components? For example, are consumers expected to consolidate
>     all last
>      > names into the single familyName attribute to accommodate this
>     scenario?
>      > Likewise, there are many other cases [1,2] that don't quite
>     cleanly fit into
>      > these singular name components.
>      >
>      > The "formattedName", "displayName", and "nickName" attributes he=
lp to
>      > mitigate some concerns around formatting names and addressing
>     users, but
>      > we're still trying to iron out how to accept identity data from
>     varying
>      > contributing sources as well as enable consumers to obtain the
>     discrete name
>      > components.
>      >
>      > [1] http://www.w3.org/International/questions/qa-personal-names
>      > [2] http://en.wikipedia.org/wiki/Personal_name
>      > _______________________________________________
>      > scim mailing list
>      > scim@ietf.org <mailto:scim@ietf.org>
>      > https://www.ietf.org/mailman/listinfo/scim
>      >
>      >
>      >
>      >
>      > _______________________________________________
>      > scim mailing list
>      > scim@ietf.org <mailto:scim@ietf.org>
>      > https://www.ietf.org/mailman/listinfo/scim
>      >
>     _______________________________________________
>     scim mailing list
>     scim@ietf.org <mailto:scim@ietf.org>
>     https://www.ietf.org/mailman/listinfo/scim
>
>
>
>
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--=20
Nat Sakimura (n-sakimura@nri.co.jp)
Nomura Research Institute, Ltd.
Tel:+81-3-6274-1412 Fax:+81-3-6274-1547

=E6=9C=AC=E3=83=A1=E3=83=BC=E3=83=AB=E3=81=AB=E5=90=AB=E3=81=BE=E3=82=8C=E3=
=82=8B=E6=83=85=E5=A0=B1=E3=81=AF=E6=A9=9F=E5=AF=86=E6=83=85=E5=A0=B1=E3=81=
=A7=E3=81=82=E3=82=8A=E3=80=81=E5=AE=9B=E5=85=88=E3=81=AB=E8=A8=98=E8=BC=89=
=E3=81=95=E3=82=8C=E3=81=A6=E3=81=84=E3=82=8B=E6=96=B9=E3=81=AE=E3=81=BF=E3=
=81=AB=E9=80=81=E4=BF=A1=20
=E3=81=99=E3=82=8B=E3=81=93=E3=81=A8=E3=82=92=E6=84=8F=E5=9B=B3=E3=81=97=E3=
=81=A6=E3=81=8A=E3=82=8A=E3=81=BE=E3=81=99=E3=80=82=E6=84=8F=E5=9B=B3=E3=81=
=95=E3=82=8C=E3=81=9F=E5=8F=97=E5=8F=96=E4=BA=BA=E4=BB=A5=E5=A4=96=E3=81=AE=
=E6=96=B9=E3=81=AB=E3=82=88=E3=82=8B=E3=81=93=E3=82=8C=E3=82=89=E3=81=AE=E6=
=83=85=E5=A0=B1=E3=81=AE=20
=E9=96=8B=E7=A4=BA=E3=80=81=E8=A4=87=E8=A3=BD=E3=80=81=E5=86=8D=E9=85=8D=E5=
=B8=83=E3=82=84=E8=BB=A2=E9=80=81=E3=81=AA=E3=81=A9=E4=B8=80=E5=88=87=E3=81=
=AE=E5=88=A9=E7=94=A8=E3=81=8C=E7=A6=81=E6=AD=A2=E3=81=95=E3=82=8C=E3=81=A6=
=E3=81=84=E3=81=BE=E3=81=99=E3=80=82=E8=AA=A4=E3=81=A3=E3=81=A6=E6=9C=AC=E3=
=83=A1=E3=83=BC=E3=83=AB=20
=E3=82=92=E5=8F=97=E4=BF=A1=E3=81=95=E3=82=8C=E3=81=9F=E5=A0=B4=E5=90=88=E3=
=81=AF=E3=80=81=E7=94=B3=E3=81=97=E8=A8=B3=E3=81=94=E3=81=96=E3=81=84=E3=81=
=BE=E3=81=9B=E3=82=93=E3=81=8C=E3=80=81=E9=80=81=E4=BF=A1=E8=80=85=E3=81=BE=
=E3=81=A7=E3=81=8A=E7=9F=A5=E3=82=89=E3=81=9B=E3=81=84=E3=81=9F=E3=81=A0=E3=
=81=8D=E3=80=81=E5=8F=97=20
=E4=BF=A1=E3=81=95=E3=82=8C=E3=81=9F=E3=83=A1=E3=83=BC=E3=83=AB=E3=82=92=E5=
=89=8A=E9=99=A4=E3=81=97=E3=81=A6=E3=81=84=E3=81=9F=E3=81=A0=E3=81=8D=E3=81=
=BE=E3=81=99=E3=82=88=E3=81=86=E3=81=8A=E9=A1=98=E3=81=84=E8=87=B4=E3=81=97=
=E3=81=BE=E3=81=99=E3=80=82
PLEASE READ:
The information contained in this e-mail is confidential and intended=20
for the named recipient(s) only.
If you are not an intended recipient of this e-mail, you are hereby=20
notified that any review, dissemination, distribution or duplication of=20
this message is strictly prohibited. If you have received this message=20
in error, please notify the sender immediately and delete your copy from=20
your system.


From kelly.grizzle@sailpoint.com  Thu Mar 28 06:00:09 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2473621F87A4 for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 06:00:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Level: 
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[AWL=-0.501, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P8yfrJjfTi1s for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 06:00:06 -0700 (PDT)
Received: from db8outboundpool.messaging.microsoft.com (mail-db8lp0188.outbound.messaging.microsoft.com [213.199.154.188]) by ietfa.amsl.com (Postfix) with ESMTP id 6EE0621F8765 for <scim@ietf.org>; Thu, 28 Mar 2013 06:00:05 -0700 (PDT)
Received: from mail120-db8-R.bigfish.com (10.174.8.228) by DB8EHSOBE033.bigfish.com (10.174.4.96) with Microsoft SMTP Server id 14.1.225.23; Thu, 28 Mar 2013 13:00:04 +0000
Received: from mail120-db8 (localhost [127.0.0.1])	by mail120-db8-R.bigfish.com (Postfix) with ESMTP id 5389446050F; Thu, 28 Mar 2013 13:00:04 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT002.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -19
X-BigFish: PS-19(zz98dI9371I936eIc85fhd799h4015Izz1f42h1fc6h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL17326ah18c673h1954cbh18602eh8275bh8275dh1b8612mz31h2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1bceh1155h)
Received-SPF: softfail (mail120-db8: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT002.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail120-db8 (localhost.localdomain [127.0.0.1]) by mail120-db8 (MessageSwitch) id 1364475601633419_10546; Thu, 28 Mar 2013 13:00:01 +0000 (UTC)
Received: from DB8EHSMHS030.bigfish.com (unknown [10.174.8.244])	by mail120-db8.bigfish.com (Postfix) with ESMTP id 9805F8004B; Thu, 28 Mar 2013 13:00:01 +0000 (UTC)
Received: from BLUPRD0412HT002.namprd04.prod.outlook.com (132.245.1.133) by DB8EHSMHS030.bigfish.com (10.174.4.40) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 28 Mar 2013 13:00:00 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.165]) by BLUPRD0412HT002.namprd04.prod.outlook.com ([10.255.214.163]) with mapi id 14.16.0275.006; Thu, 28 Mar 2013 12:59:54 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Phil Hunt <phil.hunt@oracle.com>
Thread-Topic: [scim] Clarification on body request for DELETE
Thread-Index: AQHOKwTvu+Y5Y4yD5EuVkmnqyAXIcZi51gWQgAA9rYCAACH/gIAA2+/w
Date: Thu, 28 Mar 2013 12:59:54 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C3ADF05@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAPx6tN7x1MS+W=rbXF1c9p2qepJN3pco+h6MQYXmGHJakF+3Vw@mail.gmail.com> <56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3@BLUPRD0412MB643.namprd04.prod.outlook.com> <FAFB4AAB-09FA-41BB-9824-F59851C5B0FE@oracle.com> <DC2940ED-6864-4673-BF5F-EE4882A3B94B@oracle.com>
In-Reply-To: <DC2940ED-6864-4673-BF5F-EE4882A3B94B@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 16EC9064003FE016EC91B1
x-originating-ip: [72.182.10.254]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF05BLUPRD0412MB643_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "scim@ietf.org" <scim@ietf.org>, Alexandre Santos <asantos@pingidentity.com>
Subject: Re: [scim] Clarification on body request for DELETE
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2013 13:00:09 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF05BLUPRD0412MB643_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Phil ... I think the two thoughts you bring up are valid.  The 202 status c=
ode should probably be addressed as a part of issue #32, and the suspension=
 vs. deletion could be addressed in issue #15.

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phi=
l Hunt
Sent: Wednesday, March 27, 2013 6:51 PM
To: Kelly Grizzle
Cc: scim@ietf.org; Alexandre Santos
Subject: Re: [scim] Clarification on body request for DELETE

Sorry, by "we" I meant I was discussing with my colleagues at Oracle. I don=
't want to imply that other members of the WG are in agreement or disagreem=
ent. I simply want to concur Oracle identified as an issue needing more dis=
cussion.  :-)

Phil

@independentid
www.independentid.com<http://www.independentid.com>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>




On 2013-03-27, at 2:48 PM, Phil Hunt wrote:


We've been discussing that 202 should generally be interpreted as, transact=
ion is syntactically valid but pending completion (e.g. an approval workflo=
w). It seems there is a need to do this with all SCIM operations.

Successful immediate completion would be status 200 or potentially 204.  Is=
 there any reason for a SP to indicate for example that an entity wasn't ac=
tually deleted, but rather suspended (e.g. because the SP has a tombstone f=
eature to preserve UUIDs)?

Phil

@independentid
www.independentid.com<http://www.independentid.com/>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>




On 2013-03-27, at 11:10 AM, Kelly Grizzle wrote:


The SCIM API spec is not entirely clear here.  According to RFC 2616, the D=
ELETE operation should work like this:

   A successful response SHOULD be 200 (OK) if the response includes an
   entity describing the status, 202 (Accepted) if the action has not
   yet been enacted, or 204 (No Content) if the action has been enacted
   but the response does not include an entity.

I can't think of anything interesting for SCIM to return in a response body=
, so my vote would either be a 200 with an empty response (or just a messag=
e) or a 204 with no response body.  Perhaps we should open an issue to clar=
ify this.  Thoughts?

--Kelly

From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf Of Alexandre Santos
Sent: Wednesday, March 27, 2013 11:04 AM
To: scim@ietf.org<mailto:scim@ietf.org>
Subject: [scim] Clarification on body request for DELETE

The spec for PUT says "3.3.1...  Unless otherwise specified a successful PU=
T operation returns a 200 OK response code and the entire Resource within t=
he response body"
For POST: "3.1...  the response body MUST contain the newly created Resourc=
e."
For DELETES it says "
3.4.  Deleting Resources

Consumers request Resource removal via DELETE. Service Providers MAY choose=
 not to permanently delete the Resource, but MUST return a 404 error code f=
or all operations associated with the previously deleted Id. Service Provid=
ers MUST also omit the Resource from future query results. In addition the =
Service Provider MUST not consider the deleted resource in conflict calcula=
tion. For example if a User resource is deleted, a CREATE request for a Use=
r resource with the same userName as the previously deleted resource should=
 not fail with a 409 error due to userName conflict.
"

My question is, what (if anything at all) should be returned in the respons=
e body as a result of a successful DELETE operation.

Thanks,
Alex Santos


_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim

_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


--_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF05BLUPRD0412MB643_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:Verdana;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
h3
	{mso-style-priority:9;
	mso-style-link:"Heading 3 Char";
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:13.5pt;
	font-family:"Times New Roman","serif";
	font-weight:bold;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p
	{mso-style-priority:99;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
span.apple-style-span
	{mso-style-name:apple-style-span;}
span.apple-converted-space
	{mso-style-name:apple-converted-space;}
span.Heading3Char
	{mso-style-name:"Heading 3 Char";
	mso-style-priority:9;
	mso-style-link:"Heading 3";
	font-family:"Cambria","serif";
	color:#4F81BD;
	font-weight:bold;}
span.EmailStyle21
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">Phil &#8230; I think the =
two thoughts you bring up are valid.&nbsp; The 202 status code should proba=
bly be addressed as a part of issue #32, and the suspension vs. deletion
 could be addressed in issue #15.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> scim-bou=
nces@ietf.org [mailto:scim-bounces@ietf.org]
<b>On Behalf Of </b>Phil Hunt<br>
<b>Sent:</b> Wednesday, March 27, 2013 6:51 PM<br>
<b>To:</b> Kelly Grizzle<br>
<b>Cc:</b> scim@ietf.org; Alexandre Santos<br>
<b>Subject:</b> Re: [scim] Clarification on body request for DELETE<o:p></o=
:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Sorry, by &quot;we&quot; I meant I was discussing wi=
th my colleagues at Oracle. I don't want to imply that other members of the=
 WG are in agreement or disagreement. I simply want to concur Oracle identi=
fied as an issue needing more discussion. &nbsp;:-)<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black">Phil<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></=
p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black">@independentid<o:p></o:p><=
/span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black"><a href=3D"http://www.inde=
pendentid.com">www.independentid.com</a><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:13.5pt"><span style=3D"font-s=
ize:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:b=
lack"><a href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p>=
</o:p></span></p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span><=
/p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;;color:black"><br>
<br>
</span><o:p></o:p></p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal">On 2013-03-27, at 2:48 PM, Phil Hunt wrote:<o:p></o:=
p></p>
</div>
<p class=3D"MsoNormal"><br>
<br>
<o:p></o:p></p>
<div>
<p class=3D"MsoNormal">We've been discussing that 202 should generally be i=
nterpreted as, transaction is syntactically valid but pending completion (e=
.g. an approval workflow). It seems there is a need to do this with all SCI=
M operations.<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">Successful immediate completion would be status 200 =
or potentially 204. &nbsp;Is there any reason for a SP to indicate for exam=
ple that an entity wasn't actually deleted, but rather suspended (e.g. beca=
use the SP has a tombstone feature to preserve
 UUIDs)?<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;">Phil<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;"><o:p>&nbsp;</o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;">@independentid<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;"><a href=3D"http://www.independentid.co=
m/">www.independentid.com</a><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:13.5pt"><span style=3D"font-s=
ize:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;"><a hre=
f=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p></o:p></span=
></p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;"><o:p>&nbsp;</o:p></span></p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;"><br>
<br>
</span><o:p></o:p></p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal">On 2013-03-27, at 11:10 AM, Kelly Grizzle wrote:<o:p=
></o:p></p>
</div>
<p class=3D"MsoNormal"><br>
<br>
<o:p></o:p></p>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">The SCIM API spec is not =
entirely clear here.&nbsp; According to RFC 2616, the DELETE operation shou=
ld work like this:</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; A successful response SHOULD be 2=
00 (OK) if the response includes an</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; entity describing the status, 202=
 (Accepted) if the action has not</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; yet been enacted, or 204 (No Cont=
ent) if the action has been enacted</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
urier New&quot;;color:black">&nbsp;&nbsp; but the response does not include=
 an entity.</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I can&#8217;t think of an=
ything interesting for SCIM to return in a response body, so my vote would =
either be a 200 with an empty response (or just a message) or
 a 204 with no response body.&nbsp; Perhaps we should open an issue to clar=
ify this.&nbsp; Thoughts?</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly</span><o:p></o:p>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">&nbsp;</span><o:p></o:p><=
/p>
</div>
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span class=3D"apple-=
converted-space"><span style=3D"font-size:10.0pt;font-family:&quot;Tahoma&q=
uot;,&quot;sans-serif&quot;">&nbsp;</span></span><span style=3D"font-size:1=
0.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"><a href=3D"mai=
lto:scim-bounces@ietf.org">scim-bounces@ietf.org</a>
 [<a href=3D"mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>=
]<span class=3D"apple-converted-space">&nbsp;</span><b>On Behalf Of<span cl=
ass=3D"apple-converted-space">&nbsp;</span></b>Alexandre Santos<br>
<b>Sent:</b><span class=3D"apple-converted-space">&nbsp;</span>Wednesday, M=
arch 27, 2013 11:04 AM<br>
<b>To:</b><span class=3D"apple-converted-space">&nbsp;</span><a href=3D"mai=
lto:scim@ietf.org">scim@ietf.org</a><br>
<b>Subject:</b><span class=3D"apple-converted-space">&nbsp;</span>[scim] Cl=
arification on body request for DELETE</span><o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal">&nbsp;<o:p></o:p></p>
</div>
<div>
<div>
<p class=3D"MsoNormal">The spec for PUT says &quot;3.3.1...&nbsp;<span styl=
e=3D"font-family:&quot;Verdana&quot;,&quot;sans-serif&quot;;color:black">&n=
bsp;Unless otherwise specified a successful PUT operation returns a 200 OK =
response code and the entire Resource within the response body&quot;</span>=
<o:p></o:p></p>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Verdana&quot;,&quot=
;sans-serif&quot;;color:black">For POST: &quot;3.1...&nbsp;&nbsp;the respon=
se body MUST contain the newly created Resource.&quot;</span><o:p></o:p></p=
>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-family:&quot;Verdana&quot;,&quot=
;sans-serif&quot;;color:black">For DELETES it says &quot;</span><o:p></o:p>=
</p>
</div>
<h3><span style=3D"font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;=
;color:#333333">3.4.&nbsp; Deleting Resources</span><o:p></o:p></h3>
<p style=3D"mso-margin-top-alt:5.0pt;margin-right:24.0pt;margin-bottom:5.0p=
t;margin-left:24.0pt">
<span style=3D"font-family:&quot;Verdana&quot;,&quot;sans-serif&quot;;color=
:black">Consumers request Resource removal via DELETE. Service Providers MA=
Y choose not to permanently delete the Resource, but MUST return a 404 erro=
r code for all operations associated with the previously
 deleted Id. Service Providers MUST also omit the Resource from future quer=
y results. In addition the Service Provider MUST not consider the deleted r=
esource in conflict calculation. For example if a User resource is deleted,=
 a CREATE request for a User resource
 with the same userName as the previously deleted resource should not fail =
with a 409 error due to userName conflict.</span><o:p></o:p></p>
<div>
<div>
<p class=3D"MsoNormal">&quot;<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal">&nbsp;<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal">My question is, what (if anything at all) should be =
returned in the response body as a result of a successful DELETE operation.=
<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal">&nbsp;<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal">Thanks,<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal">Alex Santos<o:p></o:p></p>
</div>
<div>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding:0in 0in 0in 0in"></td>
</tr>
</tbody>
</table>
<div>
<p class=3D"MsoNormal">&nbsp;<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;">_____________________________________=
__________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org=
/mailman/listinfo/scim</a><o:p></o:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
<p class=3D"MsoNormal">_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org=
/mailman/listinfo/scim</a><o:p></o:p></p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF05BLUPRD0412MB643_--

From kelly.grizzle@sailpoint.com  Thu Mar 28 06:10:12 2013
Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F0B321F8C00 for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 06:10:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.348
X-Spam-Level: 
X-Spam-Status: No, score=-3.348 tagged_above=-999 required=5 tests=[AWL=0.250,  BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F5+rL4QlPQzT for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 06:10:10 -0700 (PDT)
Received: from co1outboundpool.messaging.microsoft.com (co1ehsobe006.messaging.microsoft.com [216.32.180.189]) by ietfa.amsl.com (Postfix) with ESMTP id 0824021F8BF4 for <scim@ietf.org>; Thu, 28 Mar 2013 06:10:09 -0700 (PDT)
Received: from mail28-co1-R.bigfish.com (10.243.78.240) by CO1EHSOBE035.bigfish.com (10.243.66.100) with Microsoft SMTP Server id 14.1.225.23; Thu, 28 Mar 2013 13:10:09 +0000
Received: from mail28-co1 (localhost [127.0.0.1])	by mail28-co1-R.bigfish.com (Postfix) with ESMTP id 6DB224C043C; Thu, 28 Mar 2013 13:10:09 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:132.245.1.133; KIP:(null); UIP:(null); IPV:NLI; H:BLUPRD0412HT002.namprd04.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -20
X-BigFish: PS-20(zz98dI9371I936eIc85fh1418I62a3Idb82hzz1f42h1fc6h1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL177df4h17326ah18c673h1954cbh18602eh8275bh8275dh1b8612mz31h2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1bceh1155h)
Received-SPF: softfail (mail28-co1: transitioning domain of sailpoint.com does not designate 132.245.1.133 as permitted sender) client-ip=132.245.1.133; envelope-from=kelly.grizzle@sailpoint.com; helo=BLUPRD0412HT002.namprd04.prod.outlook.com ; .outlook.com ; 
Received: from mail28-co1 (localhost.localdomain [127.0.0.1]) by mail28-co1 (MessageSwitch) id 1364476208217904_2494; Thu, 28 Mar 2013 13:10:08 +0000 (UTC)
Received: from CO1EHSMHS004.bigfish.com (unknown [10.243.78.231])	by mail28-co1.bigfish.com (Postfix) with ESMTP id 32B1AB40050; Thu, 28 Mar 2013 13:10:08 +0000 (UTC)
Received: from BLUPRD0412HT002.namprd04.prod.outlook.com (132.245.1.133) by CO1EHSMHS004.bigfish.com (10.243.66.14) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 28 Mar 2013 13:10:06 +0000
Received: from BLUPRD0412MB643.namprd04.prod.outlook.com ([169.254.4.165]) by BLUPRD0412HT002.namprd04.prod.outlook.com ([10.255.214.163]) with mapi id 14.16.0275.006; Thu, 28 Mar 2013 13:10:01 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Phil Hunt <phil.hunt@oracle.com>, Alexandre Santos <asantos@pingidentity.com>
Thread-Topic: [scim] Request for Input
Thread-Index: AQHOKz8MhibPsFuXXUSPark5DwFmRJi6OGKAgADaRtA=
Date: Thu, 28 Mar 2013 13:10:00 +0000
Message-ID: <56C3C758F9D6534CA3778EAA1E0C34375C3ADF35@BLUPRD0412MB643.namprd04.prod.outlook.com>
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com> <AAE9F872-F35E-4A73-8674-4A7AF6C0537B@oracle.com>
In-Reply-To: <AAE9F872-F35E-4A73-8674-4A7AF6C0537B@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-vipre-scanned: 16F5D2E0003FE016F5D42D
x-originating-ip: [72.182.10.254]
Content-Type: multipart/alternative; boundary="_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF35BLUPRD0412MB643_"
MIME-Version: 1.0
X-OriginatorOrg: sailpoint.com
Cc: "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2013 13:10:12 -0000

--_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF35BLUPRD0412MB643_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

PATCH was added specifically to address the "changing membership of a large=
 group" use case.  The POST/DELETE to the members endpoint was considered w=
hen looking into PATCH, but unfortunately this does not work in the general=
 case.  Specifically, this only works if the list elements have a unique id=
entifier, so it fell apart when trying to apply this to adding/removing add=
resses (which do not have a unique identifier).

I'm not convinced that we need to add another mechanism to solve this use c=
ase, but I do agree that PATCH could be simplified.

--Kelly

From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phi=
l Hunt
Sent: Wednesday, March 27, 2013 7:02 PM
To: Alexandre Santos
Cc: scim@ietf.org
Subject: Re: [scim] Request for Input

I think this may fit in with our discussion of adjusting PATCH to work bett=
er with multi-value and complex attributes (ticket 18).

So far, we've been avoiding extended paths that go within the Resource enti=
ty (e.g. to address specific attributes).

If you were to do the item below, I think you would have to add the attribu=
te name to the path at the very least.

PUT /Groups/<groupid>/members/Users/<userid>

Still I think that may have problems if the member is actual a URL rather t=
hen a simple UUID.

Phil

@independentid
www.independentid.com<http://www.independentid.com>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>




On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:


For groups with many users (>10k) it becomes problematic to do POSTs or PUT=
s. The only alternative would be PATCH. However PATCH is not mandatory.

For this reason we would like to request your input for the following propo=
sal: allow membership changes via PUT and DELETE.

For this the PUT and DELETE commands would be in the format:
PUT /Groups/<groupId>/user/<userId> - to add a user to a group
DELETE /Groups/<groupId>/user/<userId> - to remove the user from the group

Thank you,

Alexandre Santos  | Sr. Development Engineer
PingIdentity  |   www.pingidentity.com<http://www.pingidentity.com/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -
O: 604.697.7056
Email: asantos@pingidentity.com<mailto:asantos@pingidentity.com>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -
Connect with Ping
Twitter: @pingidentity
LinkedIn Group: Ping's Identity Cloud
Facebook.com/pingidentitypage<http://Facebook.com/pingidentitypage>



_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


--_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF35BLUPRD0412MB643_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:Helvetica;
	panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.apple-style-span
	{mso-style-name:apple-style-span;}
span.EmailStyle18
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">PATCH was added specifica=
lly to address the &#8220;changing membership of a large group&#8221; use c=
ase.&nbsp; The POST/DELETE to the members endpoint was considered when look=
ing
 into PATCH, but unfortunately this does not work in the general case.&nbsp=
; Specifically, this only works if the list elements have a unique identifi=
er, so it fell apart when trying to apply this to adding/removing addresses=
 (which do not have a unique identifier).<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">I&#8217;m not convinced t=
hat we need to add another mechanism to solve this use case, but I do agree=
 that PATCH could be simplified.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D">--Kelly<o:p></o:p></span>=
</p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:&quot;Ca=
libri&quot;,&quot;sans-serif&quot;;color:#1F497D"><o:p>&nbsp;</o:p></span><=
/p>
<div>
<div style=3D"border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:&quot=
;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style=3D"font-s=
ize:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> scim-bou=
nces@ietf.org [mailto:scim-bounces@ietf.org]
<b>On Behalf Of </b>Phil Hunt<br>
<b>Sent:</b> Wednesday, March 27, 2013 7:02 PM<br>
<b>To:</b> Alexandre Santos<br>
<b>Cc:</b> scim@ietf.org<br>
<b>Subject:</b> Re: [scim] Request for Input<o:p></o:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">I think this may fit in with our discussion of adjus=
ting PATCH to work better with multi-value and complex attributes (ticket 1=
8).<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">So far, we've been avoiding extended paths that go w=
ithin the Resource entity (e.g. to address specific attributes).<o:p></o:p>=
</p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">If you were to do the item below, I think you would =
have to add the attribute name to the path at the very least.<o:p></o:p></p=
>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">PUT /Groups/&lt;groupid&gt;/members/Users/&lt;userid=
&gt;<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">Still I think that may have problems if the member i=
s actual a URL rather then a simple UUID.<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black">Phil<o:p></o:p></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span></=
p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black">@independentid<o:p></o:p><=
/span></p>
</div>
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:9.0pt;font-family:&quot;Hel=
vetica&quot;,&quot;sans-serif&quot;;color:black"><a href=3D"http://www.inde=
pendentid.com">www.independentid.com</a><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-bottom:13.5pt"><span style=3D"font-s=
ize:13.5pt;font-family:&quot;Helvetica&quot;,&quot;sans-serif&quot;;color:b=
lack"><a href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><o:p>=
</o:p></span></p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;;color:black"><o:p>&nbsp;</o:p></span><=
/p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:13.5pt;font-family:&quot;He=
lvetica&quot;,&quot;sans-serif&quot;;color:black"><br>
<br>
</span><o:p></o:p></p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div>
<div>
<p class=3D"MsoNormal">On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:<o=
:p></o:p></p>
</div>
<p class=3D"MsoNormal"><br>
<br>
<o:p></o:p></p>
<div>
<div>
<p class=3D"MsoNormal">For groups with many users (&gt;10k) it becomes prob=
lematic to do POSTs or PUTs. The only alternative would be PATCH. However P=
ATCH is not mandatory.<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">For this reason we would like to request your input =
for the following proposal: allow membership changes via PUT and DELETE.<o:=
p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<div>
<p class=3D"MsoNormal">For this the PUT and DELETE commands would be in the=
 format:<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal">PUT /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to=
 add a user to a group<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal">DELETE /Groups/&lt;groupId&gt;/user/&lt;userId&gt; -=
 to remove the user from the group<o:p></o:p></p>
</div>
<div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
<p class=3D"MsoNormal">Thank you,<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><br clear=3D"all">
<o:p></o:p></p>
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:9.0pt;font-family:&quot;=
Tahoma&quot;,&quot;sans-serif&quot;;color:#343634;background:white">Alexand=
re Santos</span></b><span style=3D"font-size:9.0pt;font-family:&quot;Tahoma=
&quot;,&quot;sans-serif&quot;;color:#343634;background:white">&nbsp;&nbsp;|=
 Sr. Development
 Engineer</span><span style=3D"font-size:10.0pt;font-family:&quot;Arial&quo=
t;,&quot;sans-serif&quot;;background:white"><br>
</span><b><span style=3D"font-size:8.5pt;font-family:&quot;Tahoma&quot;,&qu=
ot;sans-serif&quot;;color:#343634;background:white">Ping</span></b><b><span=
 style=3D"font-size:8.5pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&q=
uot;;color:#E71939;background:white">Identity</span></b><span style=3D"font=
-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;background=
:white">&nbsp;&nbsp;|&nbsp;&nbsp;&nbsp;<a href=3D"http://www.pingidentity.c=
om/" target=3D"_blank"><span style=3D"color:#0000CC">www.pingidentity.com</=
span></a><br>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -<br>
<b><span style=3D"color:#005568">O:</span></b>&nbsp;<span style=3D"color:#3=
43634">604.697.7056</span></span><span style=3D"font-family:&quot;Arial&quo=
t;,&quot;sans-serif&quot;;background:white"><br>
</span><b><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quo=
t;sans-serif&quot;;color:#005568;background:white">Email:</span></b><span s=
tyle=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot=
;;background:white">&nbsp;<a href=3D"mailto:asantos@pingidentity.com" targe=
t=3D"_blank"><span style=3D"color:#0000CC">asantos@pingidentity.com</span><=
/a></span><span style=3D"font-family:&quot;Arial&quot;,&quot;sans-serif&quo=
t;;background:white"><br>
</span><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;s=
ans-serif&quot;;background:white">- - - - - - - - - - - - - - - - - - - - -=
 - - - - - - - - - - - - - - - - - - -</span><span style=3D"font-family:&qu=
ot;Arial&quot;,&quot;sans-serif&quot;;background:white"><o:p></o:p></span><=
/p>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding:0in 0in 0in 0in">
<div>
<p class=3D"MsoNormal"><b><span style=3D"font-size:8.5pt;font-family:&quot;=
Arial&quot;,&quot;sans-serif&quot;;color:#005568">Connect with Ping</span><=
/b><span style=3D"font-size:8.5pt;font-family:&quot;Arial&quot;,&quot;sans-=
serif&quot;"><br>
<span style=3D"color:black">Twitter: @pingidentity</span><br>
<span style=3D"color:black">LinkedIn Group: Ping's Identity Cloud</span>&nb=
sp;&nbsp; &nbsp;<br>
<span style=3D"color:black"><a href=3D"http://Facebook.com/pingidentitypage=
">Facebook.com/pingidentitypage</a></span><o:p></o:p></span></p>
</div>
</td>
</tr>
</tbody>
</table>
<p class=3D"MsoNormal"><b><span style=3D"font-size:8.5pt;font-family:&quot;=
Arial&quot;,&quot;sans-serif&quot;;color:#2A2A2A;display:none;background:wh=
ite"><o:p>&nbsp;</o:p></span></b></p>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding:0in 0in 0in 0in"></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<p class=3D"MsoNormal">_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org=
/mailman/listinfo/scim</a><o:p></o:p></p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</div>
</body>
</html>

--_000_56C3C758F9D6534CA3778EAA1E0C34375C3ADF35BLUPRD0412MB643_--

From prvs=37999AAD08=erik.wahlstrom@nexussafe.com  Thu Mar 28 10:54:07 2013
Return-Path: <prvs=37999AAD08=erik.wahlstrom@nexussafe.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0921521F90CC for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 10:54:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.298
X-Spam-Level: 
X-Spam-Status: No, score=-2.298 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uV9Mx+LS7iJo for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 10:54:02 -0700 (PDT)
Received: from MailEdge.nexussafe.com (mailedge.nexussafe.com [83.241.133.98]) by ietfa.amsl.com (Postfix) with ESMTP id 9CF9121F90B2 for <scim@ietf.org>; Thu, 28 Mar 2013 10:53:59 -0700 (PDT)
Received: from MARVMAILCAS.technxs.com (10.75.28.35) by MailEdge.nexussafe.com (83.241.133.98) with Microsoft SMTP Server (TLS) id 14.1.438.0; Thu, 28 Mar 2013 18:54:05 +0100
Received: from MARVMAILDB.technxs.com ([fe80::95d1:b13:6f90:bdad]) by MarvMailCAS.technxs.com ([::1]) with mapi id 14.01.0438.000; Thu, 28 Mar 2013 18:53:56 +0100
From: =?Windows-1252?Q?Erik_Wahlstr=F6m?= <erik.wahlstrom@nexussafe.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
Thread-Topic: [scim] Request for Input
Thread-Index: AQHOKz8Kw3uNirm8ME6e701e8goi/Zi6J5+AgADcOQCAAE9UgA==
Date: Thu, 28 Mar 2013 17:53:55 +0000
Message-ID: <E963C9E3-BC9D-4E54-A409-ABC0B1FC7D9E@nexussafe.com>
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com> <AAE9F872-F35E-4A73-8674-4A7AF6C0537B@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34375C3ADF35@BLUPRD0412MB643.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C3ADF35@BLUPRD0412MB643.namprd04.prod.outlook.com>
Accept-Language: en-US, sv-SE
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [192.168.4.226]
Content-Type: multipart/alternative; boundary="_000_E963C9E3BC9D4E54A409ABC0B1FC7D9Enexussafecom_"
MIME-Version: 1.0
Cc: "scim@ietf.org" <scim@ietf.org>, Alexandre Santos <asantos@pingidentity.com>, Phil Hunt <phil.hunt@oracle.com>
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2013 17:54:17 -0000

--_000_E963C9E3BC9D4E54A409ABC0B1FC7D9Enexussafecom_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable

+1
Rather make patch mandatory before adding functionality to PUT and DELETE. =
Just for simplicity.
/ Erik

On Mar 28, 2013, at 2:10 PM, Kelly Grizzle wrote:

PATCH was added specifically to address the =93changing membership of a lar=
ge group=94 use case.  The POST/DELETE to the members endpoint was consider=
ed when looking into PATCH, but unfortunately this does not work in the gen=
eral case.  Specifically, this only works if the list elements have a uniqu=
e identifier, so it fell apart when trying to apply this to adding/removing=
 addresses (which do not have a unique identifier).

I=92m not convinced that we need to add another mechanism to solve this use=
 case, but I do agree that PATCH could be simplified.

--Kelly

From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-boun=
ces@ietf.org] On Behalf Of Phil Hunt
Sent: Wednesday, March 27, 2013 7:02 PM
To: Alexandre Santos
Cc: scim@ietf.org<mailto:scim@ietf.org>
Subject: Re: [scim] Request for Input

I think this may fit in with our discussion of adjusting PATCH to work bett=
er with multi-value and complex attributes (ticket 18).

So far, we've been avoiding extended paths that go within the Resource enti=
ty (e.g. to address specific attributes).

If you were to do the item below, I think you would have to add the attribu=
te name to the path at the very least.

PUT /Groups/<groupid>/members/Users/<userid>

Still I think that may have problems if the member is actual a URL rather t=
hen a simple UUID.

Phil

@independentid
www.independentid.com<http://www.independentid.com>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>




On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:


For groups with many users (>10k) it becomes problematic to do POSTs or PUT=
s. The only alternative would be PATCH. However PATCH is not mandatory.

For this reason we would like to request your input for the following propo=
sal: allow membership changes via PUT and DELETE.

For this the PUT and DELETE commands would be in the format:
PUT /Groups/<groupId>/user/<userId> - to add a user to a group
DELETE /Groups/<groupId>/user/<userId> - to remove the user from the group

Thank you,

Alexandre Santos  | Sr. Development Engineer
PingIdentity  |   www.pingidentity.com<http://www.pingidentity.com/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -
O: 604.697.7056
Email: asantos@pingidentity.com<mailto:asantos@pingidentity.com>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -
Connect with Ping
Twitter: @pingidentity
LinkedIn Group: Ping's Identity Cloud
Facebook.com/pingidentitypage<http://Facebook.com/pingidentitypage>


_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim

_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim


--_000_E963C9E3BC9D4E54A409ABC0B1FC7D9Enexussafecom_
Content-Type: text/html; charset="Windows-1252"
Content-ID: <BF1678943A6DFE4689111A6DEC3911F7@nexussafe.com>
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
<base href=3D"x-msg://1096/">
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; ">
&#43;1<br>
<div>Rather make patch mandatory before adding functionality to PUT and DEL=
ETE.&nbsp;Just for simplicity.&nbsp;</div>
<div>/ Erik</div>
<div>
<div><br>
<div>
<div>On Mar 28, 2013, at 2:10 PM, Kelly Grizzle wrote:</div>
<br class=3D"Apple-interchange-newline">
<blockquote type=3D"cite"><span class=3D"Apple-style-span" style=3D"border-=
collapse: separate; font-family: Helvetica; font-style: normal; font-varian=
t: normal; font-weight: normal; letter-spacing: normal; line-height: normal=
; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: n=
one; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-hori=
zontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-dec=
orations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stro=
ke-width: 0px; font-size: medium; ">
<div lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1" style=3D"page: WordSection1; ">
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); ">PATCH was added specifically to address the =93changing m=
embership of a large group=94 use case.&nbsp; The POST/DELETE to the member=
s endpoint was considered when looking into
 PATCH, but unfortunately this does not work in the general case.&nbsp; Spe=
cifically, this only works if the list elements have a unique identifier, s=
o it fell apart when trying to apply this to adding/removing addresses (whi=
ch do not have a unique identifier).<o:p></o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); "><o:p>&nbsp;</o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); ">I=92m not convinced that we need to add another mechanism=
 to solve this use case, but I do agree that PATCH could be simplified.<o:p=
></o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); "><o:p>&nbsp;</o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); ">--Kelly<o:p></o:p></span></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 11pt; font-family: Calibri, sans-serif; color: rg=
b(31, 73, 125); "><o:p>&nbsp;</o:p></span></div>
<div>
<div style=3D"border-right-style: none; border-bottom-style: none; border-l=
eft-style: none; border-width: initial; border-color: initial; border-top-s=
tyle: solid; border-top-color: rgb(181, 196, 223); border-top-width: 1pt; p=
adding-top: 3pt; padding-right: 0in; padding-bottom: 0in; padding-left: 0in=
; ">
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<b><span style=3D"font-size: 10pt; font-family: Tahoma, sans-serif; ">From:=
</span></b><span style=3D"font-size: 10pt; font-family: Tahoma, sans-serif;=
 "><span class=3D"Apple-converted-space">&nbsp;</span><a href=3D"mailto:sci=
m-bounces@ietf.org" style=3D"color: blue; text-decoration: underline; ">sci=
m-bounces@ietf.org</a><span class=3D"Apple-converted-space">&nbsp;</span>[m=
ailto:scim-bounces@ietf.org]<span class=3D"Apple-converted-space">&nbsp;</s=
pan><b>On
 Behalf Of<span class=3D"Apple-converted-space">&nbsp;</span></b>Phil Hunt<=
br>
<b>Sent:</b><span class=3D"Apple-converted-space">&nbsp;</span>Wednesday, M=
arch 27, 2013 7:02 PM<br>
<b>To:</b><span class=3D"Apple-converted-space">&nbsp;</span>Alexandre Sant=
os<br>
<b>Cc:</b><span class=3D"Apple-converted-space">&nbsp;</span><a href=3D"mai=
lto:scim@ietf.org" style=3D"color: blue; text-decoration: underline; ">scim=
@ietf.org</a><br>
<b>Subject:</b><span class=3D"Apple-converted-space">&nbsp;</span>Re: [scim=
] Request for Input<o:p></o:p></span></div>
</div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
I think this may fit in with our discussion of adjusting PATCH to work bett=
er with multi-value and complex attributes (ticket 18).<o:p></o:p></div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
So far, we've been avoiding extended paths that go within the Resource enti=
ty (e.g. to address specific attributes).<o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
If you were to do the item below, I think you would have to add the attribu=
te name to the path at the very least.<o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
PUT /Groups/&lt;groupid&gt;/members/Users/&lt;userid&gt;<o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
Still I think that may have problems if the member is actual a URL rather t=
hen a simple UUID.<o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 9pt; font-family: Helvetica, sans-serif; color: b=
lack; ">Phil<o:p></o:p></span></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 9pt; font-family: Helvetica, sans-serif; color: b=
lack; "><o:p>&nbsp;</o:p></span></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 9pt; font-family: Helvetica, sans-serif; color: b=
lack; ">@independentid<o:p></o:p></span></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 9pt; font-family: Helvetica, sans-serif; color: b=
lack; "><a href=3D"http://www.independentid.com" style=3D"color: blue; text=
-decoration: underline; ">www.independentid.com</a><o:p></o:p></span></div>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-top: 0in; margin-right: 0in; margin-=
left: 0in; margin-bottom: 13.5pt; font-size: 12pt; font-family: 'Times New =
Roman', serif; ">
<span style=3D"font-size: 13.5pt; font-family: Helvetica, sans-serif; color=
: black; "><a href=3D"mailto:phil.hunt@oracle.com" style=3D"color: blue; te=
xt-decoration: underline; ">phil.hunt@oracle.com</a><o:p></o:p></span></p>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 13.5pt; font-family: Helvetica, sans-serif; color=
: black; "><o:p>&nbsp;</o:p></span></div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<span style=3D"font-size: 13.5pt; font-family: Helvetica, sans-serif; color=
: black; "><br>
<br>
</span><o:p></o:p></div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
<div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:<o:p></o:p></div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<br>
<br>
<o:p></o:p></div>
<div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
For groups with many users (&gt;10k) it becomes problematic to do POSTs or =
PUTs. The only alternative would be PATCH. However PATCH is not mandatory.<=
o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
For this reason we would like to request your input for the following propo=
sal: allow membership changes via PUT and DELETE.<o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
For this the PUT and DELETE commands would be in the format:<o:p></o:p></di=
v>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
PUT /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to add a user to a group<=
o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
DELETE /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to remove the user fro=
m the group<o:p></o:p></div>
</div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
Thank you,<o:p></o:p></div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<br clear=3D"all">
<o:p></o:p></div>
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<b><span style=3D"font-size: 9pt; font-family: Tahoma, sans-serif; color: r=
gb(52, 54, 52); background-image: initial; background-attachment: initial; =
background-origin: initial; background-clip: initial; background-color: whi=
te; background-position: initial initial; background-repeat: initial initia=
l; ">Alexandre
 Santos</span></b><span style=3D"font-size: 9pt; font-family: Tahoma, sans-=
serif; color: rgb(52, 54, 52); background-image: initial; background-attach=
ment: initial; background-origin: initial; background-clip: initial; backgr=
ound-color: white; background-position: initial initial; background-repeat:=
 initial initial; ">&nbsp;&nbsp;|
 Sr. Development Engineer</span><span style=3D"font-size: 10pt; font-family=
: Arial, sans-serif; background-image: initial; background-attachment: init=
ial; background-origin: initial; background-clip: initial; background-color=
: white; background-position: initial initial; background-repeat: initial i=
nitial; "><br>
</span><b><span style=3D"font-size: 8.5pt; font-family: Tahoma, sans-serif;=
 color: rgb(52, 54, 52); background-image: initial; background-attachment: =
initial; background-origin: initial; background-clip: initial; background-c=
olor: white; background-position: initial initial; background-repeat: initi=
al initial; ">Ping</span></b><b><span style=3D"font-size: 8.5pt; font-famil=
y: Tahoma, sans-serif; color: rgb(231, 25, 57); background-image: initial; =
background-attachment: initial; background-origin: initial; background-clip=
: initial; background-color: white; background-position: initial initial; b=
ackground-repeat: initial initial; ">Identity</span></b><span style=3D"font=
-size: 8.5pt; font-family: Arial, sans-serif; background-image: initial; ba=
ckground-attachment: initial; background-origin: initial; background-clip: =
initial; background-color: white; background-position: initial initial; bac=
kground-repeat: initial initial; ">&nbsp;&nbsp;|&nbsp;&nbsp;&nbsp;<a href=
=3D"http://www.pingidentity.com/" target=3D"_blank" style=3D"color: blue; t=
ext-decoration: underline; "><span style=3D"color: rgb(0, 0, 204); ">www.pi=
ngidentity.com</span></a><br>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -<br>
<b><span style=3D"color: rgb(0, 85, 104); ">O:</span></b>&nbsp;<span style=
=3D"color: rgb(52, 54, 52); ">604.697.7056</span></span><span style=3D"font=
-family: Arial, sans-serif; background-image: initial; background-attachmen=
t: initial; background-origin: initial; background-clip: initial; backgroun=
d-color: white; background-position: initial initial; background-repeat: in=
itial initial; "><br>
</span><b><span style=3D"font-size: 8.5pt; font-family: Arial, sans-serif; =
color: rgb(0, 85, 104); background-image: initial; background-attachment: i=
nitial; background-origin: initial; background-clip: initial; background-co=
lor: white; background-position: initial initial; background-repeat: initia=
l initial; ">Email:</span></b><span style=3D"font-size: 8.5pt; font-family:=
 Arial, sans-serif; background-image: initial; background-attachment: initi=
al; background-origin: initial; background-clip: initial; background-color:=
 white; background-position: initial initial; background-repeat: initial in=
itial; ">&nbsp;<a href=3D"mailto:asantos@pingidentity.com" target=3D"_blank=
" style=3D"color: blue; text-decoration: underline; "><span style=3D"color:=
 rgb(0, 0, 204); ">asantos@pingidentity.com</span></a></span><span style=3D=
"font-family: Arial, sans-serif; background-image: initial; background-atta=
chment: initial; background-origin: initial; background-clip: initial; back=
ground-color: white; background-position: initial initial; background-repea=
t: initial initial; "><br>
</span><span style=3D"font-size: 8.5pt; font-family: Arial, sans-serif; bac=
kground-image: initial; background-attachment: initial; background-origin: =
initial; background-clip: initial; background-color: white; background-posi=
tion: initial initial; background-repeat: initial initial; ">-
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- -</span><span style=3D"font-family: Arial, sans-serif; background-image: =
initial; background-attachment: initial; background-origin: initial; backgr=
ound-clip: initial; background-color: white; background-position: initial i=
nitial; background-repeat: initial initial; "><o:p></o:p></span></div>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding-top: 0in; padding-right: 0i=
n; padding-bottom: 0in; padding-left: 0in; ">
<div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<b><span style=3D"font-size: 8.5pt; font-family: Arial, sans-serif; color: =
rgb(0, 85, 104); ">Connect with Ping</span></b><span style=3D"font-size: 8.=
5pt; font-family: Arial, sans-serif; "><br>
<span style=3D"color: black; ">Twitter: @pingidentity</span><br>
<span style=3D"color: black; ">LinkedIn Group: Ping's Identity Cloud</span>=
&nbsp;&nbsp; &nbsp;<br>
<span style=3D"color: black; "><a href=3D"http://Facebook.com/pingidentityp=
age" style=3D"color: blue; text-decoration: underline; ">Facebook.com/pingi=
dentitypage</a></span><o:p></o:p></span></div>
</div>
</td>
</tr>
</tbody>
</table>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<b></b></div>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" style=3D"padding-top: 0in; padding-right: 0i=
n; padding-bottom: 0in; padding-left: 0in; ">
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: und=
erline; ">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color: blue=
; text-decoration: underline; ">https://www.ietf.org/mailman/listinfo/scim<=
/a><o:p></o:p></div>
</div>
<div style=3D"margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-=
bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; "=
>
<o:p>&nbsp;</o:p></div>
</div>
</div>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" style=3D"color: blue; text-decoration: und=
erline; ">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color: blue=
; text-decoration: underline; ">https://www.ietf.org/mailman/listinfo/scim<=
/a><br>
</div>
</span></blockquote>
</div>
<br>
</div>
</div>
</body>
</html>

--_000_E963C9E3BC9D4E54A409ABC0B1FC7D9Enexussafecom_--

From samuel@erdtman.se  Sun Mar 31 11:47:45 2013
Return-Path: <samuel@erdtman.se>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98D2421F8518 for <scim@ietfa.amsl.com>; Sun, 31 Mar 2013 11:47:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.3
X-Spam-Level: 
X-Spam-Status: No, score=0.3 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jwaRe2ybAwbY for <scim@ietfa.amsl.com>; Sun, 31 Mar 2013 11:47:44 -0700 (PDT)
Received: from mail-ea0-x22b.google.com (mail-ea0-x22b.google.com [IPv6:2a00:1450:4013:c01::22b]) by ietfa.amsl.com (Postfix) with ESMTP id CFCF721F8498 for <scim@ietf.org>; Sun, 31 Mar 2013 11:47:40 -0700 (PDT)
Received: by mail-ea0-f171.google.com with SMTP id b15so814599eae.2 for <scim@ietf.org>; Sun, 31 Mar 2013 11:47:39 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:references:from:mime-version:in-reply-to:date:message-id :subject:to:cc:content-type:x-gm-message-state; bh=a5blhIbMm4UlCw+oLsKD2h0S7j/QioysGVdMgl+2jiI=; b=hECE8Medgnjx1dGmQc+tGnNNLG7WzYXYvhhKgwK8blg4+Xn67MnM/App4BrQiCVHPf 8sya/c73TEkEvNNpfww6pjgRPbefWxldi9S1nP1N3ueediD4A8+Nyr4/uhUsg0K9lo7F Kxc92xmRi5j+sLb4AA/EC6J311KcbyrdJblKHrlz2OFa/wvxlpO8S1PnqvDavlTuQeeV 2vHQPSYpgjsOhZsxmMuPCaaogf3GwgXFRzeqYJ5BaJVe6jVWoHqqzz+6luwW3kuOaHaq lllRCMjzaRHDm42Z5lzHIh4r4YxNAqK7VssbjpVneNoPOJxKu8hJdtDzlOwpS2YSOqX3 5Rcg==
X-Received: by 10.14.175.71 with SMTP id y47mr29805127eel.18.1364755659382; Sun, 31 Mar 2013 11:47:39 -0700 (PDT)
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com> <AAE9F872-F35E-4A73-8674-4A7AF6C0537B@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34375C3ADF35@BLUPRD0412MB643.namprd04.prod.outlook.com> <E963C9E3-BC9D-4E54-A409-ABC0B1FC7D9E@nexussafe.com>
From: Samuel Erdtman <samuel@erdtman.se>
Mime-Version: 1.0 (1.0)
In-Reply-To: <E963C9E3-BC9D-4E54-A409-ABC0B1FC7D9E@nexussafe.com>
Date: Sun, 31 Mar 2013 20:47:37 +0200
Message-ID: <-2041779814984196830@unknownmsgid>
To: =?ISO-8859-1?Q?Erik_Wahlstr=F6m?= <erik.wahlstrom@nexussafe.com>
Content-Type: multipart/alternative; boundary=047d7b603e96489dd204d93cf018
X-Gm-Message-State: ALoCoQkM+Q4FW8RQu+1U5W1CC1zaPIBs6rJpxLIRoeRR2aBTL/+lRc6LY8+p6ngec4K5B4/evN/+
Cc: "scim@ietf.org" <scim@ietf.org>, Phil Hunt <phil.hunt@oracle.com>, Alexandre Santos <asantos@pingidentity.com>, Kelly Grizzle <kelly.grizzle@sailpoint.com>
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Mar 2013 18:47:45 -0000

--047d7b603e96489dd204d93cf018
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

I would vote for the simplest solution that solves the problem, I think
Kelly raises a point that makes PUT and DELETE harder to get as clean as in
the examples I.e. there is no single unique id for most multivalued
attributes, the value attribute could be the same for several attributes
e.g. Same phone number could be used for both mobile and work then it is
the combination value and type that makes it unique. (With the current
discussion on not requiring global unique id's for the combined set group
and user will have the same problem if not required unique)

The solution might be to something like this:
PUT /Groups/<group-Id>/<attribute>/
e.g.
PUT /Groups/<group-Id>/members/

DELETE /Groups/<group-Id>/<attribute>/<type>/<value>
e.g.
DELETE /Groups/<group-Id>/members/User/<value>

We could also allow replace in one operation by doing put to a uniquely
identified attribute:
PUT /Groups/<group-Id>/<attribute>/<type>/<value>
e.g.
PUT /Groups/<group-Id>/members/User/<value>

In case we go for a solution like this I think that we also should simplify
or remove PATCH operation. We could do singe attribute delete, add and
update like this:
PUT /Groups/<group-Id>/<attribute> (add or update attribute)
PUT /Groups/<group-Id>/<attribute> (remove attribute)
This has the disadvantage towards patch that you can only handle one
attribute at the time or the full resource object.

Finally I would like to remind everyone that we have had the discussion of
adding an "unique" identifier to the attributes in a multivalued attribute
and the strongest argument against was that it is not possible when putting
SCIM on top of an existing data source.


Sent from my iPhone

On 28 mar 2013, at 18:54, "Erik Wahlstr=F6m" <erik.wahlstrom@nexussafe.com>
wrote:

 +1
Rather make patch mandatory before adding functionality to PUT and
DELETE. Just for simplicity.
/ Erik

 On Mar 28, 2013, at 2:10 PM, Kelly Grizzle wrote:

  PATCH was added specifically to address the =93changing membership of a
large group=94 use case.  The POST/DELETE to the members endpoint was
considered when looking into PATCH, but unfortunately this does not work in
the general case.  Specifically, this only works if the list elements have
a unique identifier, so it fell apart when trying to apply this to
adding/removing addresses (which do not have a unique identifier).

 I=92m not convinced that we need to add another mechanism to solve this us=
e
case, but I do agree that PATCH could be simplified.

 --Kelly

  *From:* scim-bounces@ietf.org
[mailto:scim-bounces@ietf.org<scim-bounces@ietf.org>
] *On Behalf Of *Phil Hunt
*Sent:* Wednesday, March 27, 2013 7:02 PM
*To:* Alexandre Santos
*Cc:* scim@ietf.org
*Subject:* Re: [scim] Request for Input

 I think this may fit in with our discussion of adjusting PATCH to work
better with multi-value and complex attributes (ticket 18).

  So far, we've been avoiding extended paths that go within the Resource
entity (e.g. to address specific attributes).

  If you were to do the item below, I think you would have to add the
attribute name to the path at the very least.

  PUT /Groups/<groupid>/members/Users/<userid>

  Still I think that may have problems if the member is actual a URL rather
then a simple UUID.

     Phil

  @independentid
  www.independentid.com

phil.hunt@oracle.com




  On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:


  For groups with many users (>10k) it becomes problematic to do POSTs or
PUTs. The only alternative would be PATCH. However PATCH is not mandatory.

  For this reason we would like to request your input for the following
proposal: allow membership changes via PUT and DELETE.

  For this the PUT and DELETE commands would be in the format:
  PUT /Groups/<groupId>/user/<userId> - to add a user to a group
  DELETE /Groups/<groupId>/user/<userId> - to remove the user from the grou=
p

 Thank you,

  *Alexandre Santos*  | Sr. Development Engineer
*Ping**Identity*  |   www.pingidentity.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
*O:* 604.697.7056
*Email:* asantos@pingidentity.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
   *Connect with Ping*
Twitter: @pingidentity
LinkedIn Group: Ping's Identity Cloud
Facebook.com/pingidentitypage
   **
      _______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

 _______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim


 _______________________________________________
scim mailing list
scim@ietf.org
https://www.ietf.org/mailman/listinfo/scim

--047d7b603e96489dd204d93cf018
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=
=3Dutf-8"></head><body dir=3D"auto"><div>I would vote for the simplest solu=
tion that solves the problem, I think Kelly raises a point that makes PUT a=
nd DELETE harder to get as clean as in the examples I.e. there is no single=
 unique id for most multivalued attributes, the value attribute could be th=
e same for several attributes e.g. Same phone number could be used for both=
 mobile and work then it is the combination value and type that makes it un=
ique. (With the current discussion on not requiring global unique id&#39;s =
for the combined set group and user will have the same problem if not requi=
red unique)</div>
<div><br></div><div>The solution might be to something like this:</div><div=
>PUT /Groups/&lt;group-Id&gt;/&lt;attribute&gt;/</div><div>e.g.=A0</div><di=
v><span style>PUT /Groups/&lt;group-Id&gt;/members/</span><br><br><div styl=
e>
DELETE /Groups/&lt;group-Id&gt;/&lt;attribute&gt;/&lt;type&gt;/&lt;value&gt=
;</div><div style>e.g.=A0</div><div style>DELETE /Groups/&lt;group-Id&gt;/m=
embers/User/&lt;value&gt;<br></div><div style><br></div><div style>We could=
 also allow replace in one operation by doing put to a uniquely identified =
attribute:</div>
<div style><div>PUT /Groups/&lt;group-Id&gt;/&lt;attribute&gt;/&lt;type&gt;=
/&lt;value&gt;</div><div>e.g.=A0</div><div>PUT /Groups/&lt;group-Id&gt;/mem=
bers/User/&lt;value&gt;</div><div><br></div></div>In case we go for a solut=
ion like this I think that we also should simplify or remove PATCH operatio=
n. We could do singe attribute delete, add and update like this:</div>
<div><span style>PUT /Groups/&lt;group-Id&gt;/&lt;attribute&gt; (add or upd=
ate attribute)</span></div><div><span style>PUT /Groups/&lt;group-Id&gt;/&l=
t;attribute&gt; (remove attribute)</span></div><div><span style>This has th=
e disadvantage towards patch that you can only handle one attribute at the =
time or the full resource object.</span></div>
<div><span style><br></span></div><div><span style>Finally I would like to =
remind everyone that we have had the discussion of adding an &quot;unique&q=
uot; identifier to the attributes in a multivalued attribute and the strong=
est argument against was that it is not possible when putting SCIM on top o=
f an existing data source.</span></div>
<div><br></div><div><br>Sent from my iPhone</div><div><br>On 28 mar 2013, a=
t 18:54, &quot;Erik Wahlstr=F6m&quot; &lt;<a href=3D"mailto:erik.wahlstrom@=
nexussafe.com">erik.wahlstrom@nexussafe.com</a>&gt; wrote:<br><br></div><bl=
ockquote type=3D"cite">
<div>

<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
<base href=3D"x-msg://1096/">


+1<br>
<div>Rather make patch mandatory before adding functionality to PUT and DEL=
ETE.=A0Just for simplicity.=A0</div>
<div>/ Erik</div>
<div>
<div><br>
<div>
<div>On Mar 28, 2013, at 2:10 PM, Kelly Grizzle wrote:</div>
<br class=3D"Apple-interchange-newline">
<blockquote type=3D"cite"><span class=3D"Apple-style-span" style=3D"border-=
collapse:separate;border-spacing:0px">
<div lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1" style>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,7=
3,125)">PATCH was added specifically to address the =93changing membership =
of a large group=94 use case.=A0 The POST/DELETE to the members endpoint wa=
s considered when looking into
 PATCH, but unfortunately this does not work in the general case.=A0 Specif=
ically, this only works if the list elements have a unique identifier, so i=
t fell apart when trying to apply this to adding/removing addresses (which =
do not have a unique identifier).</span></div>

<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,7=
3,125)">=A0</span></div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,7=
3,125)">I=92m not convinced that we need to add another mechanism to solve =
this use case, but I do agree that PATCH could be simplified.</span></div>

<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,7=
3,125)">=A0</span></div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,7=
3,125)">--Kelly</span></div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,7=
3,125)">=A0</span></div>
<div>
<div style=3D"border-right-style:none;border-bottom-style:none;border-left-=
style:none;border-width:initial;border-color:initial;border-top-style:solid=
;border-top-color:rgb(181,196,223);border-top-width:1pt;padding-top:3pt;pad=
ding-right:0in;padding-bottom:0in;padding-left:0in">

<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<b><span style=3D"font-size:10pt;font-family:Tahoma,sans-serif">From:</span=
></b><span style=3D"font-size:10pt;font-family:Tahoma,sans-serif"><span cla=
ss=3D"Apple-converted-space">=A0</span><a href=3D"mailto:scim-bounces@ietf.=
org" style=3D"color:blue;text-decoration:underline">scim-bounces@ietf.org</=
a><span class=3D"Apple-converted-space">=A0</span>[<a href=3D"mailto:scim-b=
ounces@ietf.org">mailto:scim-bounces@ietf.org</a>]<span class=3D"Apple-conv=
erted-space">=A0</span><b>On
 Behalf Of<span class=3D"Apple-converted-space">=A0</span></b>Phil Hunt<br>
<b>Sent:</b><span class=3D"Apple-converted-space">=A0</span>Wednesday, Marc=
h 27, 2013 7:02 PM<br>
<b>To:</b><span class=3D"Apple-converted-space">=A0</span>Alexandre Santos<=
br>
<b>Cc:</b><span class=3D"Apple-converted-space">=A0</span><a href=3D"mailto=
:scim@ietf.org" style=3D"color:blue;text-decoration:underline">scim@ietf.or=
g</a><br>
<b>Subject:</b><span class=3D"Apple-converted-space">=A0</span>Re: [scim] R=
equest for Input</span></div>
</div>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
I think this may fit in with our discussion of adjusting PATCH to work bett=
er with multi-value and complex attributes (ticket 18).</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
So far, we&#39;ve been avoiding extended paths that go within the Resource =
entity (e.g. to address specific attributes).</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
If you were to do the item below, I think you would have to add the attribu=
te name to the path at the very least.</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
PUT /Groups/&lt;groupid&gt;/members/Users/&lt;userid&gt;</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
Still I think that may have problems if the member is actual a URL rather t=
hen a simple UUID.</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black">=
Phil</span></div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black">=
=A0</span></div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black">=
@independentid</span></div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black">=
<a href=3D"http://www.independentid.com" style=3D"color:blue;text-decoratio=
n:underline">www.independentid.com</a></span></div>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal" style=3D"margin-top:0in;margin-right:0in;margin-left=
:0in;margin-bottom:13.5pt;font-size:12pt;font-family:&#39;Times New Roman&#=
39;,serif">
<span style=3D"font-size:13.5pt;font-family:Helvetica,sans-serif;color:blac=
k"><a href=3D"mailto:phil.hunt@oracle.com" style=3D"color:blue;text-decorat=
ion:underline">phil.hunt@oracle.com</a></span></p>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:13.5pt;font-family:Helvetica,sans-serif;color:blac=
k">=A0</span></div>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<span style=3D"font-size:13.5pt;font-family:Helvetica,sans-serif;color:blac=
k"><br>
<br>
</span></div>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
<div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:</div>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<br>
<br>
</div>
<div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
For groups with many users (&gt;10k) it becomes problematic to do POSTs or =
PUTs. The only alternative would be PATCH. However PATCH is not mandatory.<=
/div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
For this reason we would like to request your input for the following propo=
sal: allow membership changes via PUT and DELETE.</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
For this the PUT and DELETE commands would be in the format:</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
PUT /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to add a user to a group<=
/div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
DELETE /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to remove the user fro=
m the group</div>
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
Thank you,</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<br clear=3D"all">
</div>
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<b><span style=3D"font-size:9pt;font-family:Tahoma,sans-serif;color:rgb(52,=
54,52);background-image:initial;background-color:white;background-repeat:in=
itial initial">Alexandre
 Santos</span></b><span style=3D"font-size:9pt;font-family:Tahoma,sans-seri=
f;color:rgb(52,54,52);background-image:initial;background-color:white;backg=
round-repeat:initial initial">=A0=A0|
 Sr. Development Engineer</span><span style=3D"font-size:10pt;font-family:A=
rial,sans-serif;background-image:initial;background-color:white;background-=
repeat:initial initial"><br>
</span><b><span style=3D"font-size:8.5pt;font-family:Tahoma,sans-serif;colo=
r:rgb(52,54,52);background-image:initial;background-color:white;background-=
repeat:initial initial">Ping</span></b><b><span style=3D"font-size:8.5pt;fo=
nt-family:Tahoma,sans-serif;color:rgb(231,25,57);background-image:initial;b=
ackground-color:white;background-repeat:initial initial">Identity</span></b=
><span style=3D"font-size:8.5pt;font-family:Arial,sans-serif;background-ima=
ge:initial;background-color:white;background-repeat:initial initial">=A0=A0=
|=A0=A0=A0<a href=3D"http://www.pingidentity.com/" target=3D"_blank" style=
=3D"color:blue;text-decoration:underline"><span style=3D"color:rgb(0,0,204)=
">www.pingidentity.com</span></a><br>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
 - -<br>
<b><span style=3D"color:rgb(0,85,104)">O:</span></b>=A0<span style=3D"color=
:rgb(52,54,52)">604.697.7056</span></span><span style=3D"font-family:Arial,=
sans-serif;background-image:initial;background-color:white;background-repea=
t:initial initial"><br>

</span><b><span style=3D"font-size:8.5pt;font-family:Arial,sans-serif;color=
:rgb(0,85,104);background-image:initial;background-color:white;background-r=
epeat:initial initial">Email:</span></b><span style=3D"font-size:8.5pt;font=
-family:Arial,sans-serif;background-image:initial;background-color:white;ba=
ckground-repeat:initial initial">=A0<a href=3D"mailto:asantos@pingidentity.=
com" target=3D"_blank" style=3D"color:blue;text-decoration:underline"><span=
 style=3D"color:rgb(0,0,204)">asantos@pingidentity.com</span></a></span><sp=
an style=3D"font-family:Arial,sans-serif;background-image:initial;backgroun=
d-color:white;background-repeat:initial initial"><br>

</span><span style=3D"font-size:8.5pt;font-family:Arial,sans-serif;backgrou=
nd-image:initial;background-color:white;background-repeat:initial initial">=
-
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- -</span><span style=3D"font-family:Arial,sans-serif;background-image:init=
ial;background-color:white;background-repeat:initial initial"></span></div>

<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap valign=3D"top" style=3D"padding-top:0in;padding-right:0in;paddin=
g-bottom:0in;padding-left:0in">
<div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<b><span style=3D"font-size:8.5pt;font-family:Arial,sans-serif;color:rgb(0,=
85,104)">Connect with Ping</span></b><span style=3D"font-size:8.5pt;font-fa=
mily:Arial,sans-serif"><br>
<span style=3D"color:black">Twitter: @pingidentity</span><br>
<span style=3D"color:black">LinkedIn Group: Ping&#39;s Identity Cloud</span=
>=A0=A0 =A0<br>
<span style=3D"color:black"><a href=3D"http://Facebook.com/pingidentitypage=
" style=3D"color:blue;text-decoration:underline">Facebook.com/pingidentityp=
age</a></span></span></div>
</div>
</td>
</tr>
</tbody>
</table>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
<b></b></div>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0">
<tbody>
<tr>
<td nowrap valign=3D"top" style=3D"padding-top:0in;padding-right:0in;paddin=
g-bottom:0in;padding-left:0in">
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" style=3D"color:blue;text-decoration:underl=
ine">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color:blue;=
text-decoration:underline">https://www.ietf.org/mailman/listinfo/scim</a></=
div>
</div>
<div style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom=
:0.0001pt;font-size:12pt;font-family:&#39;Times New Roman&#39;,serif">
=A0</div>
</div>
</div>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" style=3D"color:blue;text-decoration:underl=
ine">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" style=3D"color:blue;=
text-decoration:underline">https://www.ietf.org/mailman/listinfo/scim</a><b=
r>
</div>
</span></blockquote>
</div>
<br>
</div>
</div>


</div></blockquote><blockquote type=3D"cite"><div><span>___________________=
____________________________</span><br><span>scim mailing list</span><br><s=
pan><a href=3D"mailto:scim@ietf.org">scim@ietf.org</a></span><br><span><a h=
ref=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/mai=
lman/listinfo/scim</a></span><br>
</div></blockquote></body></html>

--047d7b603e96489dd204d93cf018--

From phil.hunt@oracle.com  Sun Mar 31 12:31:39 2013
Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1833E21F86AE for <scim@ietfa.amsl.com>; Sun, 31 Mar 2013 12:31:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.999
X-Spam-Level: 
X-Spam-Status: No, score=-3.999 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VUXmSPXnRhKp for <scim@ietfa.amsl.com>; Sun, 31 Mar 2013 12:31:37 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 93DA021F868B for <scim@ietf.org>; Sun, 31 Mar 2013 12:31:37 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2VJVY6I000440 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 31 Mar 2013 19:31:35 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2VJVW6w025000 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 31 Mar 2013 19:31:33 GMT
Received: from abhmt108.oracle.com (abhmt108.oracle.com [141.146.116.60]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2VJVVUe005742; Sun, 31 Mar 2013 14:31:31 -0500
Received: from [192.168.1.14] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sun, 31 Mar 2013 12:31:31 -0700
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_62F1BF01-35D0-4A64-8B0C-849468B9230A"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <-2041779814984196830@unknownmsgid>
Date: Sun, 31 Mar 2013 12:31:36 -0700
Message-Id: <25337D60-E43F-4794-BF84-BD317869E5FB@oracle.com>
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com> <AAE9F872-F35E-4A73-8674-4A7AF6C0537B@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34375C3ADF35@BLUPRD0412MB643.namprd04.prod.outlook.com> <E963C9E3-BC9D-4E54-A409-ABC0B1FC7D9E@nexussafe.com> <-2041779814984196830@unknownmsgid>
To: Samuel Erdtman <samuel@erdtman.se>
X-Mailer: Apple Mail (2.1283)
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
Cc: =?iso-8859-1?Q?Erik_Wahlstr=F6m?= <erik.wahlstrom@nexussafe.com>, Kelly Grizzle <kelly.grizzle@sailpoint.com>, Alexandre Santos <asantos@pingidentity.com>, "scim@ietf.org" <scim@ietf.org>
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Mar 2013 19:31:39 -0000

--Apple-Mail=_62F1BF01-35D0-4A64-8B0C-849468B9230A
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

The trade off here is that the simple request you propose becomes =
complex because multiple operations must be completed against a resource =
rather then completing all changes in a single albeit somewhat more =
complex patch.

The RESTful model now becomes more complex because now we have both a =
Resource level set of verbs and then we have attribute level verbs.

Finally, it seems doubtful you could get rid of the current PATCH =
operation - by adding simple value modification proposed below, the spec =
would now have two ways of modifying things through 2 different RESTful =
models (per above).=20

Overall, the spec gets much longer and more complex because it has =
multiple choices and RESTful verb models.

Aside: We've talked at length about positional identifies before. The =
trouble with value identifiers is managing all those keys and requiring =
the client to look them up before deleting. In practice it seems =
simplest to just specify the value you want deleted and let the server =
sort it out on the server side (avoiding extra request/responses). The =
limitation of the server-side value key approach is you cannot have =
duplicate values. In general this seems reasonable.

Another option that was considered is the JSON Patch draft. =
http://tools.ietf.org/html/draft-ietf-appsawg-json-patch-10
It works reasonably well when you know the entire contents of a JSON =
record/document. It's path construct doesn't really lend itself well to =
a Resource where the full document may not be available at the time of =
the PATCH.  In other words, the SCIM operation is to patch a remote =
object rather than a JSON document in hand.  In the end, it has the same =
limitation as the value identifiers. In particular for large groups, we =
want to avoid downloading the entire group just to allow the client to =
be able to patch it.  It's also worth noting that a SCIM client may not =
be allowed to know about the entire set of members in a SCIM Group.

A subtle tweak to the current PATCH that makes it more readable and less =
cryptic might be all we really need.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2013-03-31, at 11:47 AM, Samuel Erdtman wrote:

> I would vote for the simplest solution that solves the problem, I =
think Kelly raises a point that makes PUT and DELETE harder to get as =
clean as in the examples I.e. there is no single unique id for most =
multivalued attributes, the value attribute could be the same for =
several attributes e.g. Same phone number could be used for both mobile =
and work then it is the combination value and type that makes it unique. =
(With the current discussion on not requiring global unique id's for the =
combined set group and user will have the same problem if not required =
unique)
>=20
> The solution might be to something like this:
> PUT /Groups/<group-Id>/<attribute>/
> e.g.=20
> PUT /Groups/<group-Id>/members/
>=20
> DELETE /Groups/<group-Id>/<attribute>/<type>/<value>
> e.g.=20
> DELETE /Groups/<group-Id>/members/User/<value>
>=20
> We could also allow replace in one operation by doing put to a =
uniquely identified attribute:
> PUT /Groups/<group-Id>/<attribute>/<type>/<value>
> e.g.=20
> PUT /Groups/<group-Id>/members/User/<value>
>=20
> In case we go for a solution like this I think that we also should =
simplify or remove PATCH operation. We could do singe attribute delete, =
add and update like this:
> PUT /Groups/<group-Id>/<attribute> (add or update attribute)
> PUT /Groups/<group-Id>/<attribute> (remove attribute)
> This has the disadvantage towards patch that you can only handle one =
attribute at the time or the full resource object.
>=20
> Finally I would like to remind everyone that we have had the =
discussion of adding an "unique" identifier to the attributes in a =
multivalued attribute and the strongest argument against was that it is =
not possible when putting SCIM on top of an existing data source.
>=20
>=20
> Sent from my iPhone
>=20
> On 28 mar 2013, at 18:54, "Erik Wahlstr=F6m" =
<erik.wahlstrom@nexussafe.com> wrote:
>=20
>> +1
>> Rather make patch mandatory before adding functionality to PUT and =
DELETE. Just for simplicity.=20
>> / Erik
>>=20
>> On Mar 28, 2013, at 2:10 PM, Kelly Grizzle wrote:
>>=20
>>> PATCH was added specifically to address the =93changing membership =
of a large group=94 use case.  The POST/DELETE to the members endpoint =
was considered when looking into PATCH, but unfortunately this does not =
work in the general case.  Specifically, this only works if the list =
elements have a unique identifier, so it fell apart when trying to apply =
this to adding/removing addresses (which do not have a unique =
identifier).
>>> =20
>>> I=92m not convinced that we need to add another mechanism to solve =
this use case, but I do agree that PATCH could be simplified.
>>> =20
>>> --Kelly
>>> =20
>>> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf =
Of Phil Hunt
>>> Sent: Wednesday, March 27, 2013 7:02 PM
>>> To: Alexandre Santos
>>> Cc: scim@ietf.org
>>> Subject: Re: [scim] Request for Input
>>> =20
>>> I think this may fit in with our discussion of adjusting PATCH to =
work better with multi-value and complex attributes (ticket 18).
>>> =20
>>> So far, we've been avoiding extended paths that go within the =
Resource entity (e.g. to address specific attributes).
>>> =20
>>> If you were to do the item below, I think you would have to add the =
attribute name to the path at the very least.
>>> =20
>>> PUT /Groups/<groupid>/members/Users/<userid>
>>> =20
>>> Still I think that may have problems if the member is actual a URL =
rather then a simple UUID.
>>> =20
>>> Phil
>>> =20
>>> @independentid
>>> www.independentid.com
>>> phil.hunt@oracle.com
>>>=20
>>> =20
>>>=20
>>>=20
>>> =20
>>> On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:
>>>=20
>>>=20
>>> For groups with many users (>10k) it becomes problematic to do POSTs =
or PUTs. The only alternative would be PATCH. However PATCH is not =
mandatory.
>>> =20
>>> For this reason we would like to request your input for the =
following proposal: allow membership changes via PUT and DELETE.
>>> =20
>>> For this the PUT and DELETE commands would be in the format:
>>> PUT /Groups/<groupId>/user/<userId> - to add a user to a group
>>> DELETE /Groups/<groupId>/user/<userId> - to remove the user from the =
group
>>> =20
>>> Thank you,
>>>=20
>>> Alexandre Santos  | Sr. Development Engineer
>>> PingIdentity  |   www.pingidentity.com
>>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- - - - - -
>>> O: 604.697.7056
>>> Email: asantos@pingidentity.com
>>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- - - - - -
>>> Connect with Ping
>>> Twitter: @pingidentity
>>> LinkedIn Group: Ping's Identity Cloud   =20
>>> Facebook.com/pingidentitypage
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>> =20
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>>=20
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim


--Apple-Mail=_62F1BF01-35D0-4A64-8B0C-849468B9230A
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=windows-1252

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">The =
trade off here is that the simple request you propose becomes complex =
because multiple operations must be completed against a resource rather =
then completing all changes in a single albeit somewhat more complex =
patch.<div><br><div>The RESTful model now becomes more complex because =
now we have both a Resource level set of verbs and then we have =
attribute level verbs.</div><div><br></div><div>Finally, it seems =
doubtful you could get rid of the current PATCH operation - by adding =
simple value modification proposed below, the spec would now have two =
ways of modifying things through 2 different RESTful models (per =
above).&nbsp;</div><div><br></div><div>Overall, the spec gets much =
longer and more complex because it has multiple choices and RESTful verb =
models.</div><div><br></div><div><div>Aside: We've talked at length =
about positional identifies before. The trouble with value identifiers =
is managing all those keys and requiring the client to look them up =
before deleting. In practice it seems simplest to just specify the value =
you want deleted and let the server sort it out on the server side =
(avoiding extra request/responses). The limitation of the server-side =
value key approach is you cannot have duplicate values. In general this =
seems reasonable.</div></div><div><br></div><div>Another option that was =
considered is the JSON Patch draft.&nbsp;<a =
href=3D"http://tools.ietf.org/html/draft-ietf-appsawg-json-patch-10">http:=
//tools.ietf.org/html/draft-ietf-appsawg-json-patch-10</a></div><div>It =
works reasonably well when you know the entire contents of a JSON =
record/document. It's path construct doesn't really lend itself well to =
a Resource where the full document may not be available at the time of =
the PATCH. &nbsp;In other words, the SCIM operation is to patch a remote =
object rather than a JSON document in hand. &nbsp;In the end, it has the =
same limitation as the value identifiers. In particular for large =
groups, we want to avoid downloading the entire group just to allow the =
client to be able to patch it. &nbsp;It's also worth noting that a SCIM =
client may not be allowed to know about the entire set of members in a =
SCIM Group.</div><div><br></div><div>A subtle tweak to the current PATCH =
that makes it more readable and less cryptic might be all we really =
need.</div><div><br></div><div><span class=3D"Apple-style-span" =
style=3D"font-size: 12px; ">Phil</span></div><div><div =
apple-content-edited=3D"true"><div style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-indent: 0px; =
text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><br></div><div>@independentid</div><div><a =
href=3D"http://www.independentid.com">www.independentid.com</a></div></div=
></div></div></span><a =
href=3D"mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a><br><br></div=
></span><br class=3D"Apple-interchange-newline"></div><br =
class=3D"Apple-interchange-newline"><br =
class=3D"Apple-interchange-newline">
</div>
<br><div><div>On 2013-03-31, at 11:47 AM, Samuel Erdtman wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><meta =
http-equiv=3D"content-type" content=3D"text/html; charset=3Dutf-8"><div =
dir=3D"auto"><div>I would vote for the simplest solution that solves the =
problem, I think Kelly raises a point that makes PUT and DELETE harder =
to get as clean as in the examples I.e. there is no single unique id for =
most multivalued attributes, the value attribute could be the same for =
several attributes e.g. Same phone number could be used for both mobile =
and work then it is the combination value and type that makes it unique. =
(With the current discussion on not requiring global unique id's for the =
combined set group and user will have the same problem if not required =
unique)</div>
<div><br></div><div>The solution might be to something like =
this:</div><div>PUT =
/Groups/&lt;group-Id&gt;/&lt;attribute&gt;/</div><div>e.g.&nbsp;</div><div=
><span style=3D"">PUT =
/Groups/&lt;group-Id&gt;/members/</span><br><br><div style=3D"">
DELETE =
/Groups/&lt;group-Id&gt;/&lt;attribute&gt;/&lt;type&gt;/&lt;value&gt;</div=
><div style=3D"">e.g.&nbsp;</div><div style=3D"">DELETE =
/Groups/&lt;group-Id&gt;/members/User/&lt;value&gt;<br></div><div =
style=3D""><br></div><div style=3D"">We could also allow replace in one =
operation by doing put to a uniquely identified attribute:</div>
<div style=3D""><div>PUT =
/Groups/&lt;group-Id&gt;/&lt;attribute&gt;/&lt;type&gt;/&lt;value&gt;</div=
><div>e.g.&nbsp;</div><div>PUT =
/Groups/&lt;group-Id&gt;/members/User/&lt;value&gt;</div><div><br></div></=
div>In case we go for a solution like this I think that we also should =
simplify or remove PATCH operation. We could do singe attribute delete, =
add and update like this:</div>
<div><span style=3D"">PUT /Groups/&lt;group-Id&gt;/&lt;attribute&gt; =
(add or update attribute)</span></div><div><span style=3D"">PUT =
/Groups/&lt;group-Id&gt;/&lt;attribute&gt; (remove =
attribute)</span></div><div><span style=3D"">This has the disadvantage =
towards patch that you can only handle one attribute at the time or the =
full resource object.</span></div>
<div><span style=3D""><br></span></div><div><span style=3D"">Finally I =
would like to remind everyone that we have had the discussion of adding =
an "unique" identifier to the attributes in a multivalued attribute and =
the strongest argument against was that it is not possible when putting =
SCIM on top of an existing data source.</span></div>
<div><br></div><div><br>Sent from my iPhone</div><div><br>On 28 mar =
2013, at 18:54, "Erik Wahlstr=F6m" &lt;<a =
href=3D"mailto:erik.wahlstrom@nexussafe.com">erik.wahlstrom@nexussafe.com<=
/a>&gt; wrote:<br><br></div><blockquote type=3D"cite">
<div>

<meta http-equiv=3D"Content-Type" content=3D"text/html; =
charset=3DWindows-1252">
<base href=3D"x-msg://1096/">


+1<br>
<div>Rather make patch mandatory before adding functionality to PUT and =
DELETE.&nbsp;Just for simplicity.&nbsp;</div>
<div>/ Erik</div>
<div>
<div><br>
<div>
<div>On Mar 28, 2013, at 2:10 PM, Kelly Grizzle wrote:</div>
<br class=3D"Apple-interchange-newline">
<blockquote type=3D"cite"><span class=3D"Apple-style-span" =
style=3D"border-collapse:separate;border-spacing:0px">
<div lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1" style=3D"">
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125=
)">PATCH was added specifically to address the =93changing membership of =
a large group=94 use case.&nbsp; The POST/DELETE to the members endpoint =
was considered when looking into
 PATCH, but unfortunately this does not work in the general case.&nbsp; =
Specifically, this only works if the list elements have a unique =
identifier, so it fell apart when trying to apply this to =
adding/removing addresses (which do not have a unique =
identifier).</span></div>

<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125=
)">&nbsp;</span></div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125=
)">I=92m not convinced that we need to add another mechanism to solve =
this use case, but I do agree that PATCH could be =
simplified.</span></div>

<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125=
)">&nbsp;</span></div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125=
)">--Kelly</span></div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125=
)">&nbsp;</span></div>
<div>
<div =
style=3D"border-right-style:none;border-bottom-style:none;border-left-styl=
e:none;border-width:initial;border-color:initial;border-top-style:solid;bo=
rder-top-color:rgb(181,196,223);border-top-width:1pt;padding-top:3pt;paddi=
ng-right:0in;padding-bottom:0in;padding-left:0in">

<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<b><span =
style=3D"font-size:10pt;font-family:Tahoma,sans-serif">From:</span></b><sp=
an style=3D"font-size:10pt;font-family:Tahoma,sans-serif"><span =
class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim-bounces@ietf.org" =
style=3D"color:blue;text-decoration:underline">scim-bounces@ietf.org</a><s=
pan class=3D"Apple-converted-space">&nbsp;</span>[<a =
href=3D"mailto:scim-bounces@ietf.org">mailto:scim-bounces@ietf.org</a>]<sp=
an class=3D"Apple-converted-space">&nbsp;</span><b>On
 Behalf Of<span class=3D"Apple-converted-space">&nbsp;</span></b>Phil =
Hunt<br>
<b>Sent:</b><span class=3D"Apple-converted-space">&nbsp;</span>Wednesday, =
March 27, 2013 7:02 PM<br>
<b>To:</b><span class=3D"Apple-converted-space">&nbsp;</span>Alexandre =
Santos<br>
<b>Cc:</b><span class=3D"Apple-converted-space">&nbsp;</span><a =
href=3D"mailto:scim@ietf.org" =
style=3D"color:blue;text-decoration:underline">scim@ietf.org</a><br>
<b>Subject:</b><span class=3D"Apple-converted-space">&nbsp;</span>Re: =
[scim] Request for Input</span></div>
</div>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
I think this may fit in with our discussion of adjusting PATCH to work =
better with multi-value and complex attributes (ticket 18).</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
So far, we've been avoiding extended paths that go within the Resource =
entity (e.g. to address specific attributes).</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
If you were to do the item below, I think you would have to add the =
attribute name to the path at the very least.</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
PUT /Groups/&lt;groupid&gt;/members/Users/&lt;userid&gt;</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
Still I think that may have problems if the member is actual a URL =
rather then a simple UUID.</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black">Phil<=
/span></div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black">&nbsp=
;</span></div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black">@inde=
pendentid</span></div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:9pt;font-family:Helvetica,sans-serif;color:black"><a =
href=3D"http://www.independentid.com/" =
style=3D"color:blue;text-decoration:underline">www.independentid.com</a></=
span></div>
</div>
</div>
</div>
</div><p class=3D"MsoNormal" =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:13.=
5pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:13.5pt;font-family:Helvetica,sans-serif;color:black"><a=
 href=3D"mailto:phil.hunt@oracle.com" =
style=3D"color:blue;text-decoration:underline">phil.hunt@oracle.com</a></s=
pan></p>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:13.5pt;font-family:Helvetica,sans-serif;color:black">&n=
bsp;</span></div>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<span =
style=3D"font-size:13.5pt;font-family:Helvetica,sans-serif;color:black"><b=
r>
<br>
</span></div>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
<div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:</div>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<br>
<br>
</div>
<div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
For groups with many users (&gt;10k) it becomes problematic to do POSTs =
or PUTs. The only alternative would be PATCH. However PATCH is not =
mandatory.</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
For this reason we would like to request your input for the following =
proposal: allow membership changes via PUT and DELETE.</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
For this the PUT and DELETE commands would be in the format:</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
PUT /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to add a user to a =
group</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
DELETE /Groups/&lt;groupId&gt;/user/&lt;userId&gt; - to remove the user =
from the group</div>
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
Thank you,</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<br clear=3D"all">
</div>
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<b><span =
style=3D"font-size:9pt;font-family:Tahoma,sans-serif;color:rgb(52,54,52);b=
ackground-image:initial;background-color:white;background-repeat:initial =
initial">Alexandre
 Santos</span></b><span =
style=3D"font-size:9pt;font-family:Tahoma,sans-serif;color:rgb(52,54,52);b=
ackground-image:initial;background-color:white;background-repeat:initial =
initial">&nbsp;&nbsp;|
 Sr. Development Engineer</span><span =
style=3D"font-size:10pt;font-family:Arial,sans-serif;background-image:init=
ial;background-color:white;background-repeat:initial initial"><br>
</span><b><span =
style=3D"font-size:8.5pt;font-family:Tahoma,sans-serif;color:rgb(52,54,52)=
;background-image:initial;background-color:white;background-repeat:initial=
 initial">Ping</span></b><b><span =
style=3D"font-size:8.5pt;font-family:Tahoma,sans-serif;color:rgb(231,25,57=
);background-image:initial;background-color:white;background-repeat:initia=
l initial">Identity</span></b><span =
style=3D"font-size:8.5pt;font-family:Arial,sans-serif;background-image:ini=
tial;background-color:white;background-repeat:initial =
initial">&nbsp;&nbsp;|&nbsp;&nbsp;&nbsp;<a =
href=3D"http://www.pingidentity.com/" target=3D"_blank" =
style=3D"color:blue;text-decoration:underline"><span =
style=3D"color:rgb(0,0,204)">www.pingidentity.com</span></a><br>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- - - -<br>
<b><span style=3D"color:rgb(0,85,104)">O:</span></b>&nbsp;<span =
style=3D"color:rgb(52,54,52)">604.697.7056</span></span><span =
style=3D"font-family:Arial,sans-serif;background-image:initial;background-=
color:white;background-repeat:initial initial"><br>

</span><b><span =
style=3D"font-size:8.5pt;font-family:Arial,sans-serif;color:rgb(0,85,104);=
background-image:initial;background-color:white;background-repeat:initial =
initial">Email:</span></b><span =
style=3D"font-size:8.5pt;font-family:Arial,sans-serif;background-image:ini=
tial;background-color:white;background-repeat:initial initial">&nbsp;<a =
href=3D"mailto:asantos@pingidentity.com" target=3D"_blank" =
style=3D"color:blue;text-decoration:underline"><span =
style=3D"color:rgb(0,0,204)">asantos@pingidentity.com</span></a></span><sp=
an =
style=3D"font-family:Arial,sans-serif;background-image:initial;background-=
color:white;background-repeat:initial initial"><br>

</span><span =
style=3D"font-size:8.5pt;font-family:Arial,sans-serif;background-image:ini=
tial;background-color:white;background-repeat:initial initial">-
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- - -</span><span =
style=3D"font-family:Arial,sans-serif;background-image:initial;background-=
color:white;background-repeat:initial initial"></span></div>

<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" =
cellpadding=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" =
style=3D"padding-top:0in;padding-right:0in;padding-bottom:0in;padding-left=
:0in">
<div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<b><span =
style=3D"font-size:8.5pt;font-family:Arial,sans-serif;color:rgb(0,85,104)"=
>Connect with Ping</span></b><span =
style=3D"font-size:8.5pt;font-family:Arial,sans-serif"><br>
<span style=3D"color:black">Twitter: @pingidentity</span><br>
<span style=3D"color:black">LinkedIn Group: Ping's Identity =
Cloud</span>&nbsp;&nbsp; &nbsp;<br>
<span style=3D"color:black"><a =
href=3D"http://Facebook.com/pingidentitypage" =
style=3D"color:blue;text-decoration:underline">Facebook.com/pingidentitypa=
ge</a></span></span></div>
</div>
</td>
</tr>
</tbody>
</table>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
<b></b></div>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" =
cellpadding=3D"0">
<tbody>
<tr>
<td nowrap=3D"" valign=3D"top" =
style=3D"padding-top:0in;padding-right:0in;padding-bottom:0in;padding-left=
:0in">
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" =
style=3D"color:blue;text-decoration:underline">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" =
style=3D"color:blue;text-decoration:underline">https://www.ietf.org/mailma=
n/listinfo/scim</a></div>
</div>
<div =
style=3D"margin-top:0in;margin-right:0in;margin-left:0in;margin-bottom:0.0=
001pt;font-size:12pt;font-family:'Times New Roman',serif">
&nbsp;</div>
</div>
</div>
_______________________________________________<br>
scim mailing list<br>
<a href=3D"mailto:scim@ietf.org" =
style=3D"color:blue;text-decoration:underline">scim@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/scim" =
style=3D"color:blue;text-decoration:underline">https://www.ietf.org/mailma=
n/listinfo/scim</a><br>
</div>
</span></blockquote>
</div>
<br>
</div>
</div>


</div></blockquote><blockquote =
type=3D"cite"><div><span>_______________________________________________</=
span><br><span>scim mailing list</span><br><span><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a></span><br><span><a =
href=3D"https://www.ietf.org/mailman/listinfo/scim">https://www.ietf.org/m=
ailman/listinfo/scim</a></span><br>
</div></blockquote></div>
_______________________________________________<br>scim mailing =
list<br><a =
href=3D"mailto:scim@ietf.org">scim@ietf.org</a><br>https://www.ietf.org/ma=
ilman/listinfo/scim<br></blockquote></div><br></div></div></body></html>=

--Apple-Mail=_62F1BF01-35D0-4A64-8B0C-849468B9230A--