From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Mon Feb 2 05:10:44 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id FAA00395 for ; Mon, 2 Feb 2004 05:10:44 -0500 (EST) Received: (qmail 28952 invoked by uid 605); 2 Feb 2004 10:10:41 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 28945 invoked from network); 2 Feb 2004 10:10:40 -0000 Received: from 216-239-45-4.google.com (216.239.45.4) by mail.netbsd.org with SMTP; 2 Feb 2004 10:10:40 -0000 Received: from mother.corp.google.com (mother.corp.google.com [172.24.66.116]) by 216-239-45-4.google.com (8.12.9/8.12.9) with ESMTP id i12AAaaD003574; Mon, 2 Feb 2004 02:10:36 -0800 Received: from mother.corp.google.com (localhost.localdomain [127.0.0.1]) by mother.corp.google.com (8.12.8/8.12.8) with ESMTP id i12AAaW2002058; Mon, 2 Feb 2004 02:10:36 -0800 Received: (from frank@localhost) by mother.corp.google.com (8.12.8/8.12.8/Submit) id i12AAaPK002056; Mon, 2 Feb 2004 02:10:36 -0800 Date: Mon, 2 Feb 2004 02:10:36 -0800 From: Frank Cusack To: Bill Sommerfeld Cc: ietf-ssh@NetBSD.org Subject: Re: Russ Housley: IESG comments on draft-ietf-secsh-auth-kbdinteract-05.txt Message-ID: <20040202021036.C1995@google.com> References: <200310172036.h9HKaQwT007094@thunk.east.sun.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <200310172036.h9HKaQwT007094@thunk.east.sun.com>; from sommerfeld@east.sun.com on Fri, Oct 17, 2003 at 04:36:26PM -0400 Sender: ietf-ssh-owner@NetBSD.org Precedence: list On Fri, Oct 17, 2003 at 04:36:26PM -0400, Bill Sommerfeld wrote: > FYI, comments from the IESG. In summary, looks like an IANA issue, a > few I18N issues, some matters of taste, plus a few nits. > > We'll need to re-spin the document and resubmit it. My responses are inline. > ------- Forwarded Message > > From sommerfeld-request@east.sun.com Fri Oct 17 16:32:34 2003 > Date: Fri, 17 Oct 2003 16:31:21 -0400 > To: sommerfeld@east.sun.com > From: Russ Housley > Subject: IESG comments on draft-ietf-secsh-auth-kbdinteract-05.txt > Mime-Version: 1.0 > Content-Type: text/plain; charset="us-ascii"; format=flowed > Content-Length: 3128 > > Bill: > > A revised Internet-Draft is needed to resolve the comments. > > Russ > > = = = = = = = > > DISCUSS > > 1. This sentence caused a lot of trouble: > > The actual names of the submethods is something which the user and > the server needs to agree upon. > > These submethods need to be specified by RFC, probably a standards-track > RFC, and listed in an IANA registry, otherwise there can't be any > standards-based interoperability of submethods. There isn't intended to be. This is explicitly stated in the paragraph just following the quoted text above: Server interpretation of the submethods field is implementation- dependent. It continues: One possible implementation strategy of the submethods field on the server is that, unless the user may use multiple different submethods, the server ignores this field. So by example the text makes it clear that a client must expect that the server may ignore this field totally. There is no standards-based interoperability of submethods. But if, say, the XYZ vendor client learns in the connect phase that it's talking to an XYZ vendor server, it might optimistically set a submethod. What if we defined a namespace for submethods? VENDOR-submethod? With IETF-* reserved for standards based submethods and anything thing else is wide open. Or submethod@VENDOR. I really want to keep this as minimal as possible. The paragraph just before the quoted text says The submethods field is included so the user can give a hint of which actual methods he wants to use. What if I added: The client must not expect the server to take any particular action based on the submethod--it's just a one-way hint. > 2. Explain why the language tag in the SSH_MSG_USERAUTH_INFO_REQUEST is > not deprecated, especially when they are deprecated in > SSH_MSG_USERAUTH_REQUEST. oops, it should be deprecated. > 3. Section 3.4 seems problematic. It says: > > Note that the responses are encoded in ISO-10646 UTF-8. It is up to > the server how it interprets the responses and validates them. > However, if the client reads the responses in some other encoding > (e.g., ISO 8859-1), it MUST convert the responses to ISO-10646 UTF-8 > before transmitting. > > If I read the author's intentions correctly, they mean to say that a server > might use an authentication method that was functionally similar to > case-insensitive passwords, and would thus treat the strings > like "aCEddd8" and "AceDdd8" (encoded in UTF-8) as equivalent. I don't > think it > should be "up to the server" though, I think the method (or submethod) > has to determine this; otherwise the interaction seems pretty hard to > debug. > > There are also a lot of worms under the carpet of "if the client reads the > responses in some other encoding...it MUST convert the responses". > It is particularly problematic when you have the possibility of authentication > mechanisms that are not exact match, as the temptation is to increase > the set of matches rather than strongly define the conversion. There > are clear security concerns there. The text is simply lifted from the userauth draft (-18, sec 3.4). I don't know enough about this stuff to comment further or to come up with a reasonable description. help! > The reference to UTF-8 should probably be updated. Easy enough. Should it be referred to as STD-63 or RFC-3629? > 4. Building on the previous comment, when I see a document that talks about > using UTF-8 and reading stuff from keyboards I immediately think "where's > the stringprep profile?" I didn't see one specified here -- isn't one needed? > If not, why not? I'll have to do some research here, but help is appreciated. > COMMENT > > 5. I find the whole User Interface section grating. It has two or three > visual models in > mind and ignores a plethora of other possibilities. I'd personally rather > they ripped > it out, but this is probably rank prejudice, so take it as such. It describes the most common interfaces. Other interfaces are free to implement whatever they need. The point is to describe how one *might* display the various fields, and to make it clear that the client is *not* to add additional text to the prompts. It's important (IMHO) to have an example otherwise implementations will be awkwardly different. > 6. 2nd to last paragraph of 3.1: Under what circumstances is an > SSH_MSG_USERAUTH_SUCCESS sent in response to an SSH_MSG_USERAUTH_REQUEST? > Some guidelines are given for when the other two possibilities (including > FAILURE and INFO_REQUEST) are sent. I assume it's only when no > authentication is needed for this particular user - when just asserting the > username is sufficient authentication. Could the case in which this makes > sense be stated explicitly here? Good point, I will clarify. > 7. Nit, top of page 4 (section 3.1): "It is a a comma-separated list..." > > 8. Nit, second paragraph of page 4 (section 3.1): "which the user and the > server needs", should be "need" > > 9. Missing IPR section > > 10. RFC2279 (norm ref) is being updated, 2279bis is in RFC-Editor > queue. Probably want to reference the new version. Last 4 are covered. So I need some feedback on points 1 (submethods) and 3 (UTF-8) to make headway. thanks /fc From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Mon Feb 2 09:00:29 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA13050 for ; Mon, 2 Feb 2004 09:00:29 -0500 (EST) Received: (qmail 11935 invoked by uid 605); 2 Feb 2004 13:59:46 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 11918 invoked from network); 2 Feb 2004 13:59:45 -0000 Received: from mail.lysator.liu.se (130.236.254.3) by mail.netbsd.org with SMTP; 2 Feb 2004 13:59:45 -0000 Received: by mail.lysator.liu.se (Postfix, from userid 1646) id 7D9D147D24; Mon, 2 Feb 2004 14:59:43 +0100 (MET) Received: from sellafield.lysator.liu.se (sellafield.lysator.liu.se [130.236.254.103]) by mail.lysator.liu.se (Postfix) with ESMTP id 72D76DB9C7; Mon, 2 Feb 2004 14:59:30 +0100 (MET) Received: from sellafield.lysator.liu.se (smmsp@localhost [127.0.0.1]) by sellafield.lysator.liu.se (8.12.10/8.8.7) with ESMTP id i12DxUCM026488; Mon, 2 Feb 2004 14:59:30 +0100 (MET) Received: (from nisse@localhost) by sellafield.lysator.liu.se (8.12.10/8.12.8/Submit) id i12DxPEY026485; Mon, 2 Feb 2004 14:59:25 +0100 (MET) X-Authentication-Warning: sellafield.lysator.liu.se: nisse set sender to nisse@lysator.liu.se using -f To: Frank Cusack Cc: Bill Sommerfeld , ietf-ssh@NetBSD.org Subject: Re: Russ Housley: IESG comments on draft-ietf-secsh-auth-kbdinteract-05.txt References: <200310172036.h9HKaQwT007094@thunk.east.sun.com> <20040202021036.C1995@google.com> From: nisse@lysator.liu.se (=?iso-8859-1?q?Niels_M=F6ller?=) Date: 02 Feb 2004 14:59:25 +0100 In-Reply-To: <20040202021036.C1995@google.com> Message-ID: Lines: 47 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Spam-Checker-Version: SpamAssassin 2.61-lysator_fetto_1.1 (1.212.2.1-2003-12-09-exp) on fetto.lysator.liu.se X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.61-lysator_fetto_1.1 Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 8bit Frank Cusack writes: > > There are also a lot of worms under the carpet of "if the client reads the > > responses in some other encoding...it MUST convert the responses". > > It is particularly problematic when you have the possibility of authentication > > mechanisms that are not exact match, as the temptation is to increase > > the set of matches rather than strongly define the conversion. There > > are clear security concerns there. > > The text is simply lifted from the userauth draft (-18, sec 3.4). I > don't know enough about this stuff to comment further or to come up > with a reasonable description. help! I think it makes sense to do whatever the userauth spec does. The use of utf-8 in the userauth spec (for usernames and passwords) was discussed some moths ago. There seems to be two alternatives: 1. Say that all utf-8 data should be normalized on the wire. The details would be, or look very much like, a stringprep profile. 2. Say that it's always the receiver's responsibility to perform any normalization that is appropriate. At the minumum, the receiver *must* respect canonical unicode equivalence as defined in the unicode specification. My current thinking is that the normalization needs are genuinely system dependent. If the system allows unicode/utf-8 usernames and passwords in /etc/passwd, and the system convention is to use utf-8 normalized in some particular way, then the receiving ssh server needs to normalize the data according to the same conventions. And if the receiver just converts the input to its favourite 8-bit character set, then correct conversion will often imply normalization. E.g. all of "\u00C5", "\u212B" and "\u0041\u030A" would map to "Å" (0xC5) in latin-1. Last time, it seemed that (2) was what the people in the wg wanted. Most other new protocols that use utf-8 on the wire seems to choose (1). Does anybody here have experience with systems that use usernames and passwords in unicode or utf-8? What normalization do such systems use and expect? Regards, /Niels From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Mon Feb 2 16:07:37 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id QAA09889 for ; Mon, 2 Feb 2004 16:07:37 -0500 (EST) Received: (qmail 21933 invoked by uid 605); 2 Feb 2004 21:07:33 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 21834 invoked from network); 2 Feb 2004 21:07:29 -0000 Received: from odin.ietf.org (HELO ietf.org) (132.151.1.176) by mail.netbsd.org with SMTP; 2 Feb 2004 21:07:29 -0000 Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA09844; Mon, 2 Feb 2004 16:07:25 -0500 (EST) Message-Id: <200402022107.QAA09844@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ssh@NetBSD.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-secsh-agent-02.txt Date: Mon, 02 Feb 2004 16:07:24 -0500 Sender: ietf-ssh-owner@NetBSD.org Precedence: list --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Shell Working Group of the IETF. Title : Secure Shell Authentication Agent Protocol Author(s) : T. Rinne, S. Lehtinen Filename : draft-ietf-secsh-agent-02.txt Pages : 13 Date : 2004-2-2 This document describes the Secure Shell authentication agent protocol (i.e., the protocol used between a client requesting authentication and the authentication agent). This protocol usually runs in a machine-spe- cific local channel or over a forwarded authentication channel. It is assumed that the channel is trusted, so no protection for the communica- tions channel is provided by this protocol. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-secsh-agent-02.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-secsh-agent-02.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-secsh-agent-02.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-2-2151127.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-secsh-agent-02.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-secsh-agent-02.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-2-2151127.I-D@ietf.org> --OtherAccess-- --NextPart-- From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Mon Feb 2 18:30:27 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA22356 for ; Mon, 2 Feb 2004 18:30:26 -0500 (EST) Received: (qmail 9008 invoked by uid 605); 2 Feb 2004 23:30:24 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 9001 invoked from network); 2 Feb 2004 23:30:23 -0000 Received: from ixion.tartarus.org (195.149.39.210) by mail.netbsd.org with SMTP; 2 Feb 2004 23:30:23 -0000 Received: from simon by ixion.tartarus.org with local (Exim 3.35 #1 (Debian)) id 1AnnWB-0000Ux-00; Mon, 02 Feb 2004 23:30:15 +0000 X-Mailer: Jed/Timber v0.2 From: Simon Tatham To: ietf-ssh@NetBSD.org In-Reply-To: <200402022107.QAA09844@ietf.org> Subject: Re: I-D ACTION:draft-ietf-secsh-agent-02.txt Message-Id: Date: Mon, 02 Feb 2004 23:30:15 +0000 Sender: ietf-ssh-owner@NetBSD.org Precedence: list wrote: > http://www.ietf.org/internet-drafts/draft-ietf-secsh-agent-02.txt ... which contains ... > The "ssh-rsa" private key format has the following specific encoding: > > string "ssh-rsa" > mpint e > mpint d > mpint n > mpint u > mpint p > mpint q Is there a standard definition of `u', `p' and `q' that I don't know about? I have a feeling I've seen different implementations use p and q opposite ways round. It might be good to make it very clear which of p and q is the larger prime, and whether u is the inverse of q mod p or vice versa. > These messages can be sent to either direction. However, the agent MUST > send these messages only as responses to the client's requests. Wording nit: is this intended to indicate that the agent must send extension messages only in response to a client's _extension_ message? If so, it isn't clear; this only seems to say that an agent can't suddenly volunteer an extension message when no message at all has been sent from the client. However, I'm generally happy with this; all my suggestions have happened, and I think I could usefully get started on some implementation with this draft. Cheers, Simon -- Simon Tatham "Selfless? I'm so selfless I don't even know who I am." From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Mon Feb 2 19:18:22 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id TAA26168 for ; Mon, 2 Feb 2004 19:18:21 -0500 (EST) Received: (qmail 13250 invoked by uid 605); 3 Feb 2004 00:18:21 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 13229 invoked from network); 3 Feb 2004 00:18:18 -0000 Received: from unknown (HELO mail.mel.netstarnetworks.com) (61.95.66.138) by mail.netbsd.org with SMTP; 3 Feb 2004 00:18:18 -0000 Received: from mindrot.org (89.195.20.10.dhcp.netstarnetworks.com [10.20.195.89] (may be forged)) by mail.mel.netstarnetworks.com (8.11.6/8.11.6) with ESMTP id i130KFJ22813 for ; Tue, 3 Feb 2004 11:20:25 +1100 Message-ID: <401EE89E.4020602@mindrot.org> Date: Tue, 03 Feb 2004 11:17:34 +1100 From: Damien Miller User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113 X-Accept-Language: en-us, en, ja MIME-Version: 1.0 To: ietf-ssh@NetBSD.org Subject: Re: draft-ietf-secsh-agent-02.txt References: <200402022107.QAA09844@ietf.org> In-Reply-To: <200402022107.QAA09844@ietf.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit Sorry for not looking at this sooner. Some comments: 1. Why not make the SSH_AGENT_CONSTRAINT_* constraints strings? They are not performance critical, and this will allow us to use the same extension@vendor.domain mechanism used elsewhere in the protocol. 2. We should also have some text describing what should happen when an agent is asked to process an unrecognised extension. I.e should constraint extensions be "critical"? (I think so) 3. I also have concerns about how "forwarding steps" and "forwarding path" extensions could be safely implemented beyond one hop. I don't know of any implementation that does this, so I'd be wary of the specification anticipating reality. 4. I don't see any value in the SSH_AGENT_RANDOM exchange. If a remote agent doesn't have a good local randomness source, then it shouldn't be talking ssh. Trusting random numbers from a remote source could lead to things like DSA private key exposure. Furthermore, the ability for a remote attacker to perform arbitrary requests on your randomness source would increase your exposure to any implementation vulnerabilities at your end. 5. I'd prefer to see section "4. Agent Forwarding With Secure Shell" moved to near the start of the document, but that is just my taste. OTOH I don't think that it should break the vendor extension section from the rest of the agent protocol description. -d From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Tue Feb 3 09:22:18 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA09415 for ; Tue, 3 Feb 2004 09:22:18 -0500 (EST) Received: (qmail 4117 invoked by uid 605); 3 Feb 2004 14:22:10 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 4110 invoked from network); 3 Feb 2004 14:22:09 -0000 Received: from dsl093-061-085.pit1.dsl.speakeasy.net (HELO mariner.pc.cs.cmu.edu) (66.93.61.85) by mail.netbsd.org with SMTP; 3 Feb 2004 14:22:09 -0000 Received: from mariner.pc.cs.cmu.edu ([127.0.0.1]) by mariner.pc.cs.cmu.edu id aa31370; 3 Feb 2004 9:21 EST Date: Tue, 03 Feb 2004 09:21:43 -0500 From: Jeffrey Hutzelman To: Damien Miller , ietf-ssh@NetBSD.org Subject: Re: draft-ietf-secsh-agent-02.txt Message-ID: <5490000.1075818103@mariner.pc.cs.cmu.edu> In-Reply-To: <401EE89E.4020602@mindrot.org> References: <200402022107.QAA09844@ietf.org> <401EE89E.4020602@mindrot.org> X-Mailer: Mulberry/3.0.3 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit On Tuesday, February 03, 2004 11:17:34 +1100 Damien Miller wrote: > 2. We should also have some text describing what should happen when an > agent is asked to process an unrecognised extension. I.e should > constraint extensions be "critical"? (I think so) Probably. If they are, then we need a wrapper like Kerberos's "IF-RELEVANT" (see draft-ietf-krb-wg-kerberos-clarifications-04.txt 5.2.6.1), which is mandatory-to-implement and has the semantics that whatever's inside it is ignored if not supported. Or, we could go the reverse route, making constraint extensions non-critical, but requiring implementation of a wrapper which makes its contents critical. While the two options are semantically equivalent, in this case, I think the former approach is better, because of the reduced chance of an implementation error leading to a security problem -- an implementation which fails to implement IF-RELEVANT correctly is more likely to reject a permissible request than to accept an prohibited one. If we accept your proposal of replacing constraint ID's with strings, we can easily achieve this effect simply by partitioning the constraint namespace -- any constraint whose name starts with "OPT:" is treated as non-critical. -- Jeffrey T. Hutzelman (N3NHS) Sr. Research Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Thu Feb 5 09:05:44 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA15578 for ; Thu, 5 Feb 2004 09:05:44 -0500 (EST) Received: (qmail 27679 invoked by uid 605); 5 Feb 2004 14:05:28 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 27590 invoked from network); 5 Feb 2004 14:05:26 -0000 Received: from penguin-ext.wise.edt.ericsson.se (193.180.251.47) by mail.netbsd.org with SMTP; 5 Feb 2004 14:05:26 -0000 Received: from esealmw141.al.sw.ericsson.se ([153.88.254.120]) by penguin-ext.wise.edt.ericsson.se (8.12.10/8.12.10/WIREfire-1.8b) with ESMTP id i15E5KYG028199 for ; Thu, 5 Feb 2004 15:05:24 +0100 (MET) Received: from esealnt612.al.sw.ericsson.se ([153.88.254.118]) by esealmw141.al.sw.ericsson.se with Microsoft SMTPSVC(6.0.3790.0); Thu, 5 Feb 2004 15:05:20 +0100 Received: by esealnt612.al.sw.ericsson.se with Internet Mail Service (5.5.2657.72) id <1CV4YQ8K>; Thu, 5 Feb 2004 15:05:20 +0100 Message-ID: From: "Mats Gustafsson C \(LI/EAB\)" To: "'Joseph Galbraith'" , "'ietf-ssh@NetBSD.org'" Subject: RE: new sftp draft gotta come soon: summary Date: Thu, 5 Feb 2004 15:04:35 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain X-OriginalArrivalTime: 05 Feb 2004 14:05:20.0993 (UTC) FILETIME=[17789510:01C3EBF1] Sender: ietf-ssh-owner@NetBSD.org Precedence: list Hi all, From what I can see in the IETF archives, the SFTP draft is still expired. Is anyone working on getting an SFTP draft re-submitted? Right now we've got a situation where we have a widely deployed and used protocol but no specification to refer to ... BR //Mats -----Original Message----- From: Joseph Galbraith [mailto:galb@vandyke.com] Sent: den 5 september 2003 19:04 To: ietf-ssh@NetBSD.org Subject: new sftp draft gotta come soon: summary Well, the sftp draft has expired, so I guess I can't let the priority of a revision keep getting bumped down anymore :-) So, here are what I think of as open issues: - A bit or flag in the attribs to reflect if the file should be hidden. (I was supposed to put this in last time, but didn't-- ) - A bit or flag in the attribs to reflect 'readonly' status -- this readonly status is an advisory as opposed enforced readonly. (Windows is the operating system that does this.) - A way to specify how to access the file during file open (should match up with access modes in ACLs.) Currently, it is hard to know with what access a file should be opened-- what if the client comes back and does a fsetstat and tries to write an ACL? - A way to control file sharing during file open (operating systems that don't support it ignore it?) - We never reached consensus about case-sensitivity. (See next email for details.) - Performance enhancments. (See next email for details.) - Security considerations section - Normative vs. non-normative references - Change of sftp rename command (see next email for details) Are there any other issues that anyone wants fixed or flogged to death to make sure everyone agrees? You are implementing and sftp server on the latest and greatest bi-endian 1024-bit super-opper-dupper computer running your very own custom operating system and you users want to be able to x when they transfer files and sftp doesn't make it possible. You are implementing a filesystem redirector for you super-dupper operating system and SFTP makes Z a very big pain for you. This is your last chance :-) We're gonna ship this one and do last call. Thanks, Joseph This communication is confidential and intended solely for the addressee(s). Any unauthorized review, use, disclosure or distribution is prohibited. If you believe this message has been sent to you in error, please notify the sender by replying to this transmission and delete the message without disclosing it. Thank you. E-mail including attachments is susceptible to data corruption, interruption, unauthorized amendment, tampering and viruses, and we only send and receive e-mails on the basis that we are not liable for any such corruption, interception, amendment, tampering or viruses or any consequences thereof. From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Thu Feb 5 09:59:25 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA17333 for ; Thu, 5 Feb 2004 09:59:23 -0500 (EST) Received: (qmail 28878 invoked by uid 605); 5 Feb 2004 14:59:22 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 28858 invoked from network); 5 Feb 2004 14:59:21 -0000 Received: from mail.vandyke.com (HELO vandyke.com) (204.134.9.1) by mail.netbsd.org with SMTP; 5 Feb 2004 14:59:21 -0000 Received: from [127.0.0.1] (HELO VIPER) by vandyke.com (CommuniGate Pro SMTP 3.4.7) with SMTP id 3511213; Thu, 05 Feb 2004 07:59:20 -0700 Message-ID: <003001c3ebf8$a25ff400$8b67000a@VIPER> From: "Jeff P. Van Dyke" To: "Mats Gustafsson C \(LI/EAB\)" , "'Joseph Galbraith'" , References: Subject: Re: new sftp draft gotta come soon: summary Date: Thu, 5 Feb 2004 07:59:10 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit Mats, I spoke to Joseph this week and I believe he's planning to have the revised draft out next week. --Jeff ----- Original Message ----- From: "Mats Gustafsson C (LI/EAB)" To: "'Joseph Galbraith'" ; Sent: Thursday, February 05, 2004 7:04 AM Subject: RE: new sftp draft gotta come soon: summary > Hi all, > > >From what I can see in the IETF archives, the SFTP draft is still expired. Is anyone working on getting an SFTP draft re-submitted? Right now we've got a situation where we have a widely deployed and used protocol but no specification to refer to ... > > BR > //Mats > > -----Original Message----- > From: Joseph Galbraith [mailto:galb@vandyke.com] > Sent: den 5 september 2003 19:04 > To: ietf-ssh@NetBSD.org > Subject: new sftp draft gotta come soon: summary > > Well, the sftp draft has expired, so I guess I > can't let the priority of a revision keep getting > bumped down anymore :-) > > So, here are what I think of as open issues: > > - A bit or flag in the attribs to reflect if the > file should be hidden. (I was supposed to put > this in last time, but didn't-- ) > > - A bit or flag in the attribs to reflect 'readonly' > status -- this readonly status is an advisory as > opposed enforced readonly. (Windows is the operating > system that does this.) > > - A way to specify how to access the file during file > open (should match up with access modes in ACLs.) > > Currently, it is hard to know with what access a file > should be opened-- what if the client comes back and > does a fsetstat and tries to write an ACL? > > - A way to control file sharing during file open (operating > systems that don't support it ignore it?) > > - We never reached consensus about case-sensitivity. > (See next email for details.) > > - Performance enhancments. (See next email for details.) > > - Security considerations section > > - Normative vs. non-normative references > > - Change of sftp rename command (see next email for details) > > Are there any other issues that anyone wants fixed or flogged > to death to make sure everyone agrees? > > You are implementing and sftp server on the latest and greatest > bi-endian 1024-bit super-opper-dupper computer running your very > own custom operating system and you users want to be able to x > when they transfer files and sftp doesn't make it possible. > > You are implementing a filesystem redirector for you super-dupper > operating system and SFTP makes Z a very big pain for you. > > This is your last chance :-) We're gonna ship this one and do last > call. > > Thanks, > > Joseph > > This communication is confidential and intended solely for the addressee(s). Any unauthorized review, use, disclosure or distribution is prohibited. If you believe this message has been sent to you in error, please notify the sender by replying to this transmission and delete the message without disclosing it. Thank you. > > E-mail including attachments is susceptible to data corruption, interruption, unauthorized amendment, tampering and viruses, and we only send and receive e-mails on the basis that we are not liable for any such corruption, interception, amendment, tampering or viruses or any consequences thereof. > > > From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Wed Feb 11 04:38:10 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id EAA24680 for ; Wed, 11 Feb 2004 04:38:09 -0500 (EST) Received: (qmail 9596 invoked by uid 605); 11 Feb 2004 09:38:01 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 9554 invoked from network); 11 Feb 2004 09:38:00 -0000 Received: from smtp.cs.auckland.ac.nz (130.216.33.151) by mail.netbsd.org with SMTP; 11 Feb 2004 09:38:00 -0000 Received: from localhost (csmail.cs.auckland.ac.nz [130.216.33.150]) by smtp.cs.auckland.ac.nz (Postfix) with ESMTP id 86D6334147 for ; Wed, 11 Feb 2004 22:36:31 +1300 (NZDT) Received: from 218-101-47-90.paradise.net.nz (218-101-47-90.paradise.net.nz [218.101.47.90]) by mail.cs.auckland.ac.nz (Horde) with HTTP for ; Wed, 11 Feb 2004 22:37:58 +1300 Message-ID: <20040211223758.5qan4c0sw0kgo4gs@mail.cs.auckland.ac.nz> Date: Wed, 11 Feb 2004 22:37:58 +1300 From: pgut001@cs.auckland.ac.nz To: ietf-ssh@NetBSD.org Subject: Bug? in SSH public key file format MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) 4.0-cvs Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit The "SSH Public Key File Format" draft currently says: >The first line of a conforming key file MUST be a begin marker, which is the >literal text: > >---- BEGIN SSH2 PUBLIC KEY ---- It might be a good idea to point out in the text that this is unlike any other known (standardised) use of this type of tagging (PGP, OpenPGP, X.509, PKCS #10, CRLs, etc etc etc) which all use 5 dashes and no space, e.g: -----BEGIN CERTIFICATE----- MIID2zCCA0SgAwIBAgIBAzANBgkqhkiG9w0BAQQFADCBoDELMAkGA1UEBhMCRlIx -----BEGIN PGP PUBLIC KEY BLOCK----- mQCNAi+0jQEAAAEEAK7oX0FeNncaHfa1v+V7SMUviAm8qB8orWG0zvja4ZtSrHVg Peter. From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Wed Feb 11 09:33:01 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA02325 for ; Wed, 11 Feb 2004 09:33:01 -0500 (EST) Received: (qmail 1436 invoked by uid 605); 11 Feb 2004 14:32:57 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 1429 invoked from network); 11 Feb 2004 14:32:55 -0000 Received: from nic.rfc.se (HELO mail.rfc.se) (195.47.254.20) by mail.netbsd.org with SMTP; 11 Feb 2004 14:32:55 -0000 Received: from criollo.schlyter.se (criollo.schlyter.se [195.47.254.130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.rfc.se (Postfix) with ESMTP id 073B51961D; Wed, 11 Feb 2004 15:32:52 +0100 (CET) Date: Wed, 11 Feb 2004 15:32:51 +0100 (CET) From: Jakob Schlyter To: pgut001@cs.auckland.ac.nz Cc: ietf-ssh@NetBSD.org Subject: Re: Bug? in SSH public key file format In-Reply-To: <20040211223758.5qan4c0sw0kgo4gs@mail.cs.auckland.ac.nz> Message-ID: References: <20040211223758.5qan4c0sw0kgo4gs@mail.cs.auckland.ac.nz> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: ietf-ssh-owner@NetBSD.org Precedence: list On Wed, 11 Feb 2004 pgut001@cs.auckland.ac.nz wrote: > The "SSH Public Key File Format" draft currently says: > > >The first line of a conforming key file MUST be a begin marker, which is the > >literal text: > > > >---- BEGIN SSH2 PUBLIC KEY ---- > > It might be a good idea to point out in the text that this is unlike any other > known (standardised) use of this type of tagging (PGP, OpenPGP, X.509, PKCS > #10, CRLs, etc etc etc) which all use 5 dashes and no space, e.g: > > [...] or perhaps change the format to use 5 dashes and no space? jakob From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 13 06:39:26 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id GAA05466 for ; Fri, 13 Feb 2004 06:39:26 -0500 (EST) Received: (qmail 25067 invoked by uid 605); 13 Feb 2004 11:39:20 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 25057 invoked from network); 13 Feb 2004 11:39:20 -0000 Received: from smtp.cs.auckland.ac.nz (130.216.33.151) by mail.netbsd.org with SMTP; 13 Feb 2004 11:39:20 -0000 Received: from localhost (csmail.cs.auckland.ac.nz [130.216.33.150]) by smtp.cs.auckland.ac.nz (Postfix) with ESMTP id 3FD8E34057 for ; Sat, 14 Feb 2004 00:37:45 +1300 (NZDT) Received: from 218-101-47-210.paradise.net.nz (218-101-47-210.paradise.net.nz [218.101.47.210]) by mail.cs.auckland.ac.nz (Horde) with HTTP for ; Sat, 14 Feb 2004 00:39:18 +1300 Message-ID: <20040214003918.zgkggsk0sww0cgcw@mail.cs.auckland.ac.nz> Date: Sat, 14 Feb 2004 00:39:18 +1300 From: Peter Gutmann To: ietf-ssh@NetBSD.org Subject: Re: Bug? in SSH public key file format MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) 4.0-cvs Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit Jakob Schlyter writes: >On Wed, 11 Feb 2004 pgut001@cs.auckland.ac.nz wrote: >> The "SSH Public Key File Format" draft currently says: >> >> >The first line of a conforming key file MUST be a begin marker, which is the >> >literal text: >> > >> >---- BEGIN SSH2 PUBLIC KEY ---- >> >> It might be a good idea to point out in the text that this is unlike any other >> known (standardised) use of this type of tagging (PGP, OpenPGP, X.509, PKCS >> #10, CRLs, etc etc etc) which all use 5 dashes and no space, e.g: >> >> [...] > >or perhaps change the format to use 5 dashes and no space? And given the deployed code base what are the chances of that happening? (Actually if that gets fixed then using a PEM-style blank line as a delimiter rather than just running the header into the body would also be a good idea, because at the moment one-pass processing isn't possible). Peter. From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 13 08:07:27 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id IAA07872 for ; Fri, 13 Feb 2004 08:07:27 -0500 (EST) Received: (qmail 11566 invoked by uid 605); 13 Feb 2004 13:07:25 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 11557 invoked from network); 13 Feb 2004 13:07:24 -0000 Received: from mail.lysator.liu.se (130.236.254.3) by mail.netbsd.org with SMTP; 13 Feb 2004 13:07:24 -0000 Received: by mail.lysator.liu.se (Postfix, from userid 1646) id BA20C46D5F; Fri, 13 Feb 2004 14:07:22 +0100 (MET) Received: from sellafield.lysator.liu.se (sellafield.lysator.liu.se [130.236.254.103]) by mail.lysator.liu.se (Postfix) with ESMTP id 52B20B58DC; Fri, 13 Feb 2004 14:07:17 +0100 (MET) Received: from sellafield.lysator.liu.se (smmsp@localhost [127.0.0.1]) by sellafield.lysator.liu.se (8.12.10/8.8.7) with ESMTP id i1DD7HJj013573; Fri, 13 Feb 2004 14:07:17 +0100 (MET) Received: (from nisse@localhost) by sellafield.lysator.liu.se (8.12.10/8.12.8/Submit) id i1DD7DYf013570; Fri, 13 Feb 2004 14:07:13 +0100 (MET) X-Authentication-Warning: sellafield.lysator.liu.se: nisse set sender to nisse@lysator.liu.se using -f To: Peter Gutmann Cc: ietf-ssh@NetBSD.org Subject: Re: Bug? in SSH public key file format References: <20040214003918.zgkggsk0sww0cgcw@mail.cs.auckland.ac.nz> Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 8bit From: nisse@lysator.liu.se (=?iso-8859-1?q?Niels_M=F6ller?=) Date: 13 Feb 2004 14:07:12 +0100 In-Reply-To: <20040214003918.zgkggsk0sww0cgcw@mail.cs.auckland.ac.nz> Message-ID: Lines: 33 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 X-Spam-Checker-Version: SpamAssassin 2.63-lysator_fetto_1.1 (2004-01-11) on fetto.lysator.liu.se X-Spam-Status: No, hits=0.6 required=5.0 tests=AWL,MAILTO_TO_SPAM_ADDR autolearn=no version=2.63-lysator_fetto_1.1 Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 8bit Peter Gutmann writes: > >or perhaps change the format to use 5 dashes and no space? > > And given the deployed code base what are the chances of that happening? Don't know. Most implementations use their own keyformats anyway, at least in some places. The standard text format seems to be used mainly as a common format when moving keys between systems using different implementations. It doesn't look like a central piece of the infrastructure. So at least I wouldn't mind having it changed now. > (Actually if that gets fixed then using a PEM-style blank line as a delimiter > rather than just running the header into the body would also be a good idea, > because at the moment one-pass processing isn't possible). Trying to be precise, is this the format you're proposing? -----BEGIN SSH2 PUBLIC KEY----- Comment: "768-bit dsa" Foo: Optional header section Bar: terminated by a mandatory empty line AAAAB3NzaC1kc3MAAABhAJw3J7CMyAKiX8F1Mz1dNguVQi7VZQQrLl8DeWNQaSkqmIPjsc zSn4Cjv9BOt8FM46AZbw+aSou0jpiFPJJiQjpT5U1ArPLoMqRpopqcZqcVubRKALTzytgw vvXyoHb84wAAABUAmm14nnnHQtwx5ZUgRrjv98iv4KcAAABgENZmq1qm4jdJJB7IAC5Ecr vcjhlACNcPD4UQ0Bgk66/MJOxvrwf0V+ZtTfb8ZaQlKdu84vB2VxVcB8zo0ds01I6eLG2f /nDENvwp0TkNKf1uyEWPjNQGI/ImAqukiSWjAAAAYDe6o/C8faYCpuduLPQrl8Co6z7HgC yIaRCzBjD8bY6L5qZp4G//8PVJVhxXh3vAS6LbgDCFoa2HZ1/vxHpML+gl3FPjAOxZPs27 B2CTISEmV3KYx5NJpyKC3IBw/ckP6Q== -----END SSH2 PUBLIC KEY----- /Niels From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 13 08:49:04 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id IAA09187 for ; Fri, 13 Feb 2004 08:49:03 -0500 (EST) Received: (qmail 6504 invoked by uid 605); 13 Feb 2004 13:49:01 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 6474 invoked from network); 13 Feb 2004 13:49:00 -0000 Received: from smtp.cs.auckland.ac.nz (130.216.33.151) by mail.netbsd.org with SMTP; 13 Feb 2004 13:49:00 -0000 Received: from localhost (csmail.cs.auckland.ac.nz [130.216.33.150]) by smtp.cs.auckland.ac.nz (Postfix) with ESMTP id 3171534004; Sat, 14 Feb 2004 02:47:26 +1300 (NZDT) Received: from 218-101-47-210.paradise.net.nz (218-101-47-210.paradise.net.nz [218.101.47.210]) by mail.cs.auckland.ac.nz (Horde) with HTTP for ; Sat, 14 Feb 2004 02:49:00 +1300 Message-ID: <20040214024900.pq4p5lws88w0w88k@mail.cs.auckland.ac.nz> Date: Sat, 14 Feb 2004 02:49:00 +1300 From: Peter Gutmann To: nisse@lysator.liu.se Cc: ietf-ssh@NetBSD.org Subject: Re: Bug? in SSH public key file format MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) 4.0-cvs Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit nisse@lysator.liu.se (=?iso-8859-1?q?Niels_M=F6ller?=) >It doesn't look like a central piece of the infrastructure. So at least I >wouldn't mind having it changed now. Oh, in that case I'd be all for it - I had the feeling there'd be grumblings about "It's too late to change now". >Trying to be precise, is this the format you're proposing? Yup. See RFC 1113 for the general specification. Peter. From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 13 08:58:43 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id IAA09420 for ; Fri, 13 Feb 2004 08:58:43 -0500 (EST) Received: (qmail 11434 invoked by uid 605); 13 Feb 2004 13:58:42 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 11424 invoked from network); 13 Feb 2004 13:58:41 -0000 Received: from goldfinger.siliconcircus.com (HELO mail.siliconcircus.com) (62.141.33.103) by mail.netbsd.org with SMTP; 13 Feb 2004 13:58:41 -0000 Received: by mail.siliconcircus.com (Postfix, from userid 1022) id 05E67437BA; Fri, 13 Feb 2004 15:00:39 +0100 (CET) Received: from siliconcircus.com (localhost [127.0.0.1]) by mail.siliconcircus.com (Postfix) with ESMTP id 24D2E436E7; Fri, 13 Feb 2004 15:00:31 +0100 (CET) Message-ID: <402CD82C.9020401@siliconcircus.com> Date: Fri, 13 Feb 2004 14:59:08 +0100 From: Jon Bright User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Peter Gutmann Cc: nisse@lysator.liu.se, ietf-ssh@NetBSD.org Subject: Re: Bug? in SSH public key file format References: <20040214024900.pq4p5lws88w0w88k@mail.cs.auckland.ac.nz> In-Reply-To: <20040214024900.pq4p5lws88w0w88k@mail.cs.auckland.ac.nz> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.2.1-2003-12-09-exp) on drno.siliconcircus.com X-Spam-Status: No, hits=-4.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.61 Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit Peter Gutmann wrote: > nisse@lysator.liu.se (=?iso-8859-1?q?Niels_M=F6ller?=) > > >>It doesn't look like a central piece of the infrastructure. So at least I >>wouldn't mind having it changed now. > > > Oh, in that case I'd be all for it - I had the feeling there'd be grumblings > about "It's too late to change now". It is a little late, especially since this is the only way of portably getting keys around the place. If implementors are advised to handle reading both formats for a transitory period, I guess that would be enough to keep users quiet (though generating a key with new-version of App A and not being able to get App B to use it is still a bit of an interop disaster...) -- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 13 09:38:57 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA10881 for ; Fri, 13 Feb 2004 09:38:57 -0500 (EST) Received: (qmail 5301 invoked by uid 605); 13 Feb 2004 14:38:53 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 5294 invoked from network); 13 Feb 2004 14:38:51 -0000 Received: from mail.lysator.liu.se (130.236.254.3) by mail.netbsd.org with SMTP; 13 Feb 2004 14:38:51 -0000 Received: by mail.lysator.liu.se (Postfix, from userid 1646) id 1A8DB60CA4; Fri, 13 Feb 2004 15:33:22 +0100 (MET) Received: from sellafield.lysator.liu.se (sellafield.lysator.liu.se [130.236.254.103]) by mail.lysator.liu.se (Postfix) with ESMTP id 8EE90515B9; Fri, 13 Feb 2004 15:33:17 +0100 (MET) Received: from sellafield.lysator.liu.se (smmsp@localhost [127.0.0.1]) by sellafield.lysator.liu.se (8.12.10/8.8.7) with ESMTP id i1DEXHJj014348; Fri, 13 Feb 2004 15:33:17 +0100 (MET) Received: (from nisse@localhost) by sellafield.lysator.liu.se (8.12.10/8.12.8/Submit) id i1DEXDdh014345; Fri, 13 Feb 2004 15:33:13 +0100 (MET) X-Authentication-Warning: sellafield.lysator.liu.se: nisse set sender to nisse@lysator.liu.se using -f To: Peter Gutmann Cc: ietf-ssh@NetBSD.org Subject: Re: Bug? in SSH public key file format References: <20040214024900.pq4p5lws88w0w88k@mail.cs.auckland.ac.nz> Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 8bit From: nisse@lysator.liu.se (=?iso-8859-1?q?Niels_M=F6ller?=) Date: 13 Feb 2004 15:33:13 +0100 In-Reply-To: <20040214024900.pq4p5lws88w0w88k@mail.cs.auckland.ac.nz> Message-ID: Lines: 21 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 X-Spam-Checker-Version: SpamAssassin 2.63-lysator_fetto_1.1 (2004-01-11) on fetto.lysator.liu.se X-Spam-Status: No, hits=0.6 required=5.0 tests=AWL,MAILTO_TO_SPAM_ADDR autolearn=no version=2.63-lysator_fetto_1.1 Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 8bit Peter Gutmann writes: > >It doesn't look like a central piece of the infrastructure. So at least I > >wouldn't mind having it changed now. > > Oh, in that case I'd be all for it - I had the feeling there'd be grumblings > about "It's too late to change now". I would feel that way if this text format were part of the "core drafts", but it's not. The recently expired draft-ietf-secsh-publickeyfile-04.txt is the latest specification for the public key file format, right? > Yup. See RFC 1113 for the general specification. It would make some sense to have the SSH2 public key file spec refer to RFC 1421 (the successor of RFC 1113). Regards, /Niels From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 13 10:02:09 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id KAA11947 for ; Fri, 13 Feb 2004 10:02:08 -0500 (EST) Received: (qmail 21739 invoked by uid 605); 13 Feb 2004 15:02:08 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 21732 invoked from network); 13 Feb 2004 15:02:07 -0000 Received: from mail.vandyke.com (HELO vandyke.com) (204.134.9.1) by mail.netbsd.org with SMTP; 13 Feb 2004 15:02:07 -0000 Received: from [127.0.0.1] (HELO VIPER) by vandyke.com (CommuniGate Pro SMTP 3.4.7) with SMTP id 3910132; Fri, 13 Feb 2004 08:02:06 -0700 Message-ID: <000801c3f242$586a9850$6401a8c0@VIPER> From: "Jeff P. Van Dyke" To: "Peter Gutmann" , =?iso-8859-1?Q?Niels_M=F6ller?= Cc: References: <20040214024900.pq4p5lws88w0w88k@mail.cs.auckland.ac.nz> Subject: Re: Bug? in SSH public key file format Date: Fri, 13 Feb 2004 08:02:00 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 8bit From: "Niels Möller" > > Peter Gutmann writes: > > > >It doesn't look like a central piece of the infrastructure. So at least I > > >wouldn't mind having it changed now. > > > > Oh, in that case I'd be all for it - I had the feeling there'd be grumblings > > about "It's too late to change now". > > I would feel that way if this text format were part of the "core > drafts", but it's not. > > The recently expired draft-ietf-secsh-publickeyfile-04.txt is the > latest specification for the public key file format, right? A note from 11/13/03 that was posted to ietf-ssh says that this draft was in Last Call. I'm not sure what happened after that. --Jeff From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 13 16:11:09 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id QAA03927 for ; Fri, 13 Feb 2004 16:11:08 -0500 (EST) Received: (qmail 19818 invoked by uid 605); 13 Feb 2004 21:11:08 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 19811 invoked from network); 13 Feb 2004 21:11:06 -0000 Received: from odin.ietf.org (HELO ietf.org) (132.151.1.176) by mail.netbsd.org with SMTP; 13 Feb 2004 21:11:06 -0000 Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA03902; Fri, 13 Feb 2004 16:11:03 -0500 (EST) Message-Id: <200402132111.QAA03902@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ssh@NetBSD.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-secsh-filexfer-05.txt Date: Fri, 13 Feb 2004 16:11:03 -0500 Sender: ietf-ssh-owner@NetBSD.org Precedence: list --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Shell Working Group of the IETF. Title : SSH File Transfer Protocol Author(s) : J. Galbraith, T. Ylonen, S. Lehtinen Filename : draft-ietf-secsh-filexfer-05.txt Pages : 50 Date : 2004-2-12 The SSH File Transfer Protocol provides secure file transfer functionality over any reliable data stream. It is the standard file transfer protocol for use with the SSH2 protocol. This document describes the file transfer protocol and its interface to the SSH2 protocol suite. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-05.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-secsh-filexfer-05.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-secsh-filexfer-05.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-2-13163338.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-secsh-filexfer-05.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-secsh-filexfer-05.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-2-13163338.I-D@ietf.org> --OtherAccess-- --NextPart-- From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 20 08:46:33 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id IAA22035 for ; Fri, 20 Feb 2004 08:46:33 -0500 (EST) Received: (qmail 22411 invoked by uid 605); 20 Feb 2004 13:46:30 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 22402 invoked from network); 20 Feb 2004 13:46:29 -0000 Received: from lespaul.process.com (192.42.95.27) by mail.netbsd.org with SMTP; 20 Feb 2004 13:46:29 -0000 Received: by LESPAUL with Internet Mail Service (5.5.2657.72) id <132BVNLA>; Fri, 20 Feb 2004 08:46:28 -0500 Message-ID: <63D30D6E10CFD11190A90000F805FE86051AC4F1@LESPAUL> From: Richard Whalen To: ietf-ssh@NetBSD.org Subject: RE:draft-ietf-secsh-filexfer-05.txt Date: Fri, 20 Feb 2004 08:46:25 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain; charset="iso-8859-1" Sender: ietf-ssh-owner@NetBSD.org Precedence: list Section 8.1 details an extended command to generate a md5 hash of a file. Is it correct to assume that this is a hash of the file when opened in binary mode? As the specification recognizes the need for text and binary transfers, it may be beneficial to have a version of the md5-hash available that operates on text files and observes the appropriate convention for end-of-line so that this check can also be used for text files. It is possible that the "md5-hash-handle" variant could handle this distinction, though it needs to be made clear that the hash is generated based upon the method that file was opened. ---------------------- Richard Whalen Process Software From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 20 11:50:39 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id LAA01480 for ; Fri, 20 Feb 2004 11:50:38 -0500 (EST) Received: (qmail 20349 invoked by uid 605); 20 Feb 2004 16:50:39 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 20342 invoked from network); 20 Feb 2004 16:50:38 -0000 Received: from outbound1.z-ptx-11.fr.sopragroup.com (HELO outbound1.sopragroup.com) (81.80.239.198) by mail.netbsd.org with SMTP; 20 Feb 2004 16:50:38 -0000 Received: by outbound1.sopragroup.com (8.12.10/8.12.10/outbound-A02) with ESMTP id i1KGoa5B017943 for ; Fri, 20 Feb 2004 17:50:36 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.0.6487.1 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: draft-ietf-secsh-filexfer-05.txt Date: Fri, 20 Feb 2004 17:50:35 +0100 Message-ID: Thread-Topic: draft-ietf-secsh-filexfer-05.txt Thread-Index: AcP3t/hwEOW+XdqJTM+iiYWWp1X+qQAEc+xw From: "Ouadah Farid" To: X-OriginalArrivalTime: 20 Feb 2004 16:50:35.0934 (UTC) FILETIME=[A96EC3E0:01C3F7D1] X-Scanned-By: MIMEDefang 2.38 Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: quoted-printable Hello, I suggest the draft mentions if the hash is used for the local file or = it's wire format (wich may be different in case of data transformations = like text files). Anyway woluldn't it be more simple for this hash feature to be an = extended field in the file attributes when replying a = SSH_FXP_LSTAT/FSTAT/STAT query ? Section 4.4 describes an intersting "max_read_size" however I think the = this value must only be an indication for the client for its read = queries. IMHO, assuming that shorter read replies are faulty is an = unecessary lack of telerency. Section 5.8. SSH_FILEXFER_ATTR_FLAGS_ARCHIVE_ENCRYPTED and COMPRESSED = are very suprising. They don't provide the compression/encryption method = used and they are "in-file" informations and are not more usefull than a = SSH_FILEXFER_AATR_FLAG_MP3. Such information could be provided in = protocol extentions (a kind of sftp/mime ?). Section 6.3.1 under SSH_FXF_CREATE_TRUNCATE I think we should read "A = new file is created" instead of "is create". Farid From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 20 19:43:02 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id TAA24966 for ; Fri, 20 Feb 2004 19:43:02 -0500 (EST) Received: (qmail 25438 invoked by uid 605); 21 Feb 2004 00:42:56 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 25428 invoked from network); 21 Feb 2004 00:42:55 -0000 Received: from mail.vandyke.com (HELO vandyke.com) (204.134.9.1) by mail.netbsd.org with SMTP; 21 Feb 2004 00:42:55 -0000 Received: from [127.0.0.1] (HELO vandyke.com) by vandyke.com (CommuniGate Pro SMTP 3.4.7) with ESMTP id 4036828; Fri, 20 Feb 2004 17:42:54 -0700 Message-ID: <4036A8C7.10202@vandyke.com> Date: Fri, 20 Feb 2004 17:39:35 -0700 From: Joseph Galbraith User-Agent: Mozilla Thunderbird 0.5+ (Windows/20040218) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Richard Whalen CC: ietf-ssh@NetBSD.org Subject: Re: draft-ietf-secsh-filexfer-05.txt References: <63D30D6E10CFD11190A90000F805FE86051AC4F1@LESPAUL> In-Reply-To: <63D30D6E10CFD11190A90000F805FE86051AC4F1@LESPAUL> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit Richard Whalen wrote: > Section 8.1 details an extended command to generate a md5 hash of a file. > Is it correct to assume that this is a hash of the file when opened in > binary mode? > > As the specification recognizes the need for text and binary transfers, it > may be beneficial to have a version of the md5-hash available that operates > on text files and observes the appropriate convention for end-of-line so > that this check can also be used for text files. > > It is possible that the "md5-hash-handle" variant could handle this > distinction, though it needs to be made clear that the hash is generated > based upon the method that file was opened. Excellent point. I'll clarify that the TEXT attribute should be honored for the handle version. - Joseph From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Sat Feb 21 12:39:41 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id MAA08822 for ; Sat, 21 Feb 2004 12:39:40 -0500 (EST) Received: (qmail 18035 invoked by uid 605); 21 Feb 2004 17:39:35 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 18027 invoked from network); 21 Feb 2004 17:39:34 -0000 Received: from mail.vandyke.com (HELO vandyke.com) (204.134.9.1) by mail.netbsd.org with SMTP; 21 Feb 2004 17:39:34 -0000 Received: from [127.0.0.1] (HELO vandyke.com) by vandyke.com (CommuniGate Pro SMTP 3.4.7) with ESMTP id 4042291; Sat, 21 Feb 2004 10:39:32 -0700 Message-ID: <4037970D.4020101@vandyke.com> Date: Sat, 21 Feb 2004 10:36:13 -0700 From: Joseph Galbraith User-Agent: Mozilla Thunderbird 0.5+ (Windows/20040218) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ouadah Farid CC: ietf-ssh@NetBSD.org Subject: Re: draft-ietf-secsh-filexfer-05.txt References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: 7bit Ouadah Farid wrote: > Hello, > > I suggest the draft mentions if the hash is used for > the local file or it's wire format (wich may be different > in case of data transformations like text files). If the handle version is used, it should be the hash over the range as it would appear if a READ command were issued. If the name version is used, it the hash will be over the data on disk. I'll clarify these things. > Anyway woluldn't it be more simple for this hash > feature to be an extended field in the file attributes > when replying a SSH_FXP_LSTAT/FSTAT/STAT query ? The problem is that calculating a hash is expensive, and there is no way to request a particular extended attribute. The hash calculation needs to be done on-demand, which means the client has to have a way to ask for it. > Section 4.4 describes an intersting "max_read_size" > however I think the this value must only be an > indication for the client for its read queries. > IMHO, assuming that shorter read replies are faulty > is an unecessary lack of telerency. I'm not quite sure what you are saying here. This field was introduced because, as previously discussed on this list, the way to get maximum performance from SFTP, is to issue multiple read requests, without waiting for a response. C->S: READ Id:0, Pos:0, Size:4096 C->S: READ Id:1, Pos:4096, Size:4096 C->S: READ Id:2, Pos:8192, Size:4096 S->C: 4096 bytes of data for Id:0 C->S: READ Id:3, Pos:12288, Size:4096 S->C: 4096 bytes of data for Id:1 C->S: READ Id:4, Pos:12288, Size:4096 S->C: 4096 bytes of data for Id:2 C->S: READ Id:5, Pos:12288, Size:4096 etc. This allows the server to keep the pipe-line full with data coming back from the server. However, there is in practice, one implementation that behaves as follows (which is not disallowed in the draft): C->S: READ Id:0, Pos:0, Size:4096 C->S: READ Id:1, Pos:4096, Size:4096 C->S: READ Id:2, Pos:8192, Size:4096 S->C: 1024 bytes of data for Id:0 C->S: READ Id:3, Pos:12288, Size:4096 S->C: 1024 bytes of data for Id:1 C->S: READ Id:4, Pos:12288, Size:4096 S->C: 1024 bytes of data for Id:2 C->S: READ Id:5, Pos:12288, Size:4096 Now that makes processing a little more difficult. So I added a way to ask the server to say I'm only going to return 1024 bytes of read data no matter how much you ask for. In practice, most servers will only give you 32K, regardless of how much you ask for. > Section 5.8. SSH_FILEXFER_ATTR_FLAGS_ARCHIVE_ENCRYPTED > and COMPRESSED are very suprising. They don't provide the > compression/encryption method used and they are "in-file" > informations and are not more usefull than a > SSH_FILEXFER_AATR_FLAG_MP3. Such information could be > provided in protocol extentions (a kind of sftp/mime ?). Well, there are three differences between ATTR_FLAG_MP3 and ENCRYPTED or COMPRESSED: 1. These don't actually reflect the contents of the file. They can be applied to any file, regardless of the contents. They reflect the status of the file on disk, _NOT_ on the wire. In other words, COMPRESS means that the file MUST be stored on disk in a compress format. However, the results of a READ operation return the actuall file data, not the compressed data. These flags are meant to enable/disable filesystem level, transparent, compression and/or encryption. 2. These flags don't just represent the current on-disk state of the file, they can be used to change that state. 3. A major operating system we all know and loves has these file attributes. I will, however, look at clarifying the meaning of these flags. > Section 6.3.1 under SSH_FXF_CREATE_TRUNCATE I think we > should read "A new file is created" instead of "is create". I'll take a look at this. - Joseph From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Wed Feb 25 12:15:36 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id MAA00610 for ; Wed, 25 Feb 2004 12:15:35 -0500 (EST) Received: (qmail 28688 invoked by uid 605); 25 Feb 2004 17:14:36 -0000 Delivered-To: ietf-ssh@netbsd.org Message-ID: <20040225171436.28687.qmail@mail.netbsd.org> Received: (qmail 28633 invoked from network); 25 Feb 2004 17:14:31 -0000 Received: from unknown (HELO netbsd.org) (141.204.57.26) by mail.netbsd.org with SMTP; 25 Feb 2004 17:14:31 -0000 From: djtamm@c895fm.com To: ietf-ssh@NetBSD.org Subject: oh Date: Wed, 25 Feb 2004 09:14:31 -0800 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0008_00000C4C.0000570B" X-Priority: 3 X-MSMail-Priority: Normal Sender: ietf-ssh-owner@NetBSD.org Precedence: list This is a multi-part message in MIME format. ------=_NextPart_000_0008_00000C4C.0000570B Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit ------=_NextPart_000_0008_00000C4C.0000570B Content-Type: application/x-zip-compressed; name="card.zip" Content-Disposition: attachment; filename="card.zip" Content-Transfer-Encoding: base64 UEsDBAoAAAAAAM+JWTBiZMYWCWMAAAljAAAMAAAAY2FyZC50eHQucGlmTVqQAAMAAAAEAAAA //8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAAAAGsi X1YvQzEFL0MxBS9DMQWsXz8FI0MxBcdcOwU0QzEFL0MwBXBDMQWsS2wFIkMxBcdcOgUqQzEF l0U3BS5DMQVSaWNoL0MxBQAAAAAAAAAAQ29tcHJlc3NlZCBieSBQZXRpdGUgKGMpMTk5OSBJ YW4gTHVjay4AAFBFAABMAQMA7Kc7QAAAAAAAAAAA4AAPAQsBBgAAUAAAABwBAAAAAABCoAEA ABAAAABgAAAAAEAAABAAAAACAAAEAAAAAAAAAAQAAAAAAAAAALABAAAEAAAAAAAAAgAAAAAA EAAAEAAAAAAQAAAQAAAAAAAAEAAAAAAAAAAAAAAA/KEBAK8BAAAAkAEACAUAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEA ABAAAABWAAAACAAAAAAAAAAAAAAAAAAAYAAA4C5wZXRpdGUAABAAAACQAQAIBQAAAF4AAAAA AAAAAAAAAAAAAEAAAEAAAAAAAAAAAKsDAAAAoAEAAAQAAAAEAAAAAAAAAAAAAAAAAABgAADi AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIgCAACGAaK6i0QkBIPE Ko2QNAAAAIPECGoQi9hmBS0AUFJqAIsb/xNq//9TDEVSUk9SIQBDb3JydXB0IERhdGEhALgA oEEAaItwQABk/zUAAAAAZIklAAAAAGacYFBoAABAAIs8JIswZoHHgAeNdAYIiTiLXhBQVmoC aIAIAABXahNqBlZqBGiACAAAV//Tg+4IWfOlWWaDx2iBxsIAAADzpf/TWI2QuAEAAIsKD7rx H3MWiwQk/Yvwi/gDcgQDegjzpYPCDPzr4oPCEIta9IXbdNiLBCSLevgD+FKNNAHrF1hYWFp0 xOkc////AtJ1B4oWg+7/EtLDgfsAAAEAcw5oYMD//2hg/P//tgXrIoH7AAAEAHMOaICB//9o gPn//7YH6wxoAIP//2gA+///tghqADLSS6QzyYP7AH6k6Kr///9yF6QwX/9L6+1B6Jv///8T yeiU////cvLDM+3o6f///4PpA3MGiwQkQesji8EPts7odf///xPASXX2g/D/O0QkBIPVATtE JAiD1QCJBCToV////xPJ6FD///8TyXUI6Kb///+DwQIDzVYr2Y00OPOkXuuDLovAKRUAgKBk AAD8jwEAXDsBAAlOAAAAEAAA7wMAAD1qAQDgEwAAAGAAAEAYAACwdgEAvDUAAACAAACItAEA AAAAANEUAAAAAAAAAAAAAAAAAABiowEAiKIBAAAAAAAAAAAAAAAAAG2jAQCUogEAAAAAAAAA AAAAAAAAeqMBAKiiAQAAAAAAAAAAAAAAAACGowEAsKIBAAAAAAAAAAAAAAAAAJGjAQC4ogEA AAAAAAAAAAAAAAAAnqMBAMCiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAMiiAQDWogEAAAAAAOKi AQDwogEAAKMBABKjAQAAAAAAJKMBAAAAAAALAACAAAAAAECjAQAAAAAAVKMBAAAAAAAAAE1l c3NhZ2VCb3hBAAAAd3NwcmludGZBAAAARXhpdFByb2Nlc3MAAABMb2FkTGlicmFyeUEAAAAA R2V0UHJvY0FkZHJlc3MAAAAAVmlydHVhbFByb3RlY3QAAAAASW50ZXJuZXRHZXRDb25uZWN0 ZWRTdGF0ZQAAAEdldE5ldHdvcmtQYXJhbXMAAAAAUmVnT3BlbktleUEAVVNFUjMyLmRsbABL RVJORUwzMi5kbGwAV0lOSU5FVC5kbGwAV1MyXzMyLmRsbABpcGhscGFwaS5kbGwAQURWQVBJ MzIuZGxsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABVAIPrjUAIVVWKAH33zS/P MskPAHjI9oHdoJjwAKvEMWSx42D2AGgcyJDoa+7jG2uK1sjYDTIA3V+K09WSlJah4bgtkLEZ R6Low0+HAMHg4OB/MP6dLLDkyM+WWaGoL1esAKOqqdWdqROsFiZr1cpfFl3pv7rGAKxY6Z8Z jpcYAJDJy7d69HwIKfuH6caIgAt6u3tVPTsok7/0NHJZcQh3hdEW7ExqqjyNQcLjjXjLg9z+ sv8VcFcI6q1Qx0B9jcH2o/+Qsu4iOOgo9MlkAJdutn/Vbme/BmDcjpQQuqUAEHRKaimr4yoD Qx1WMkfnaQYfHG0f5lL9DQl8C7mEZwLEhfUcVAcAP8V2B2Z0vgH1F/+QzAcgQTSKeza0HpRt xmoQGFoUNZb1LQW4RZLwikbeWtALsQyco8oXYVGrIyiqZN1LHO1d7FKwAMVQRlr4wna5yW0k Iy8VS1dgJtzrbCIdf/+m5kVEYtKGBwx8LNTNSTRu8ItyJk+GGkydg5HUgD/ulDrhp25sIEnc /2+xU/+pVBJotlbJzVb/WWS2/3IKV3eGg8leN2KKOdlGRC06InS5KeSmnoAQR7hGfBa+hUVQ WKOi6hSNvpQFlcvtqv+YRaCmpmgogiOeVQoUuQ3QDRQKlm86jaCVslpessugpLsZ0pSmvP02 85lXz2AjQ1x48pJYsKTaCkzQI2FV/YaiaveK672nLQDN8FiHhpGUwxV6QrJAQHTSD3b8aqC6 i4akK3oaLJIC9VJQ94cOBWDlDOKlbSZYYt4rCxSV1JkdryiaWRdSjfEZRP3hQEQ5Ls4KKL7+ bLJ3DMHTNL1G91vkUXdQftSdoo3bq5+urfSR43bhxCMBWBRjO56N7Zc+W3bGnlVq6J2asa7D UJGn8tQGJcPw6OcdHbGQqmNYHC+vec+XH+gIzIT2S8TJiqv/GV/knxP0uy4/xikurc9yv2EH Ks1bpg82iOSn8KpNNV1bArNgJJwsnYALgFRF0pdJ9n+80gqCIP0OmlE5fYOmh2DhYu3TL9gI 2qoirHWv9iS0O9GIYXeXKICl99qazK9OFL/vwUoLA4hECbdBuJOPPv2wYrhQvSRzzCx3xTjr 6KtGWvaodMw4/bma76ZoDoT4hl2aiwns9KGrt9o1D499MOw5Yrg+fJAFyPHzh+PIohaZ4a3V ESS+/x2sFrFEXrE0w9iFJ63PqBWki82xxJxGKd27cjgBx1W4uDLgsXsg+Uqpk1evAk3pZGeZ ljShofB66+jhxFEKf4atdYUNg2u2WPA7fHezUDHlcDY5e15HaKmf0n1CqqG2VVLRRXEo3N2n UPnLwfwVy6CqFMBKaWfgcHsxY2Djqhkow83GsCqVQ2srXX7wssly3FAUkPZY5zakqqxX985S w+mK3luKA+VUpNy8ncgXMwVSWtXYRVxZW/cU8CgnvtPlZc02XYaXhLd6rUar54iF9ltbVmpD dQAUS/qljiCQnx9qZjEu3rIOaHhFwzQbLouzUN74T5VzEMg7Biv/fT/jv51fnOkv6JCXLOfh oDgjRfbUuT9ICceUswim8H56TVxmI27/ZqEhoHI9bsNNE3XJyb8fruNRMwySUHyYoR3Zv4R/ nGjDirH0JFREq94MXT61V2An716i0aJetUg30Ur8jjY2qTlQszfISFEncdN8/lW+8JGi8lHy aEYYR1LKmkZrbtGc86KIWXb4bLOBsNcmQDeQ9CAA/iF/96MFa817tBq4asVAc+GfaAipdI1r xcRY2lxTjK4tjqHklL0GksVzmMz6TTv3WthCHs0IyfMT9t35xDeHVaE9DR7vaUdm1/GQRR+W KNYA1/3oKo7KySgtzAdYCAGBQRD1zz1IVGnhzN8HceAPygko7gbC0oHFhg1GgFm1YL0PK2QX RYCPFY8Gou5TQtNErygQdINjc4kEA3YBEiNSumYLY7nxzc2vcS5aaoqRFTBDaZZUhLj9Ovzn vzNf0ZSS8CAxHePJSEIoGTJTSRxVKyj1ZHoKktYDAByLneizlzPRTf5OgWXEqHdiyEg7Nkod UBeInYfIMs6ZkwyV+3EjBcqLJy35q3MOTSllMDNARK//a6FeSX9haywFqVmPBg9454S7U4qh d02tswVOhJTdKh3rLCCVoZFirMm36m2g1EHzVokS9NBpqYyHOf5lR+W1EVRqF30RGqdjxkzg OZaEu4/Td4KcqQcULjZm94BMT5sW1whD6F1sqhBasgiHjf+Jb2Xtqai59hTlbvdXcUnJ3piU kP8qbIZ2/IS0Av25ymKmI3k6PKkpMGRehCnpJ3dkdTe6l6yupRA8sxkWCSm+8xeyP31KqisR UpqpcnBHypbvRWNAxYxCsNiQi8VoxYu3XStxo2q4CK39J8ksTFW/qPqm7IK/Be8VrjUCcsDE Qyl/vmxEnVQMmulQSAolYHeRcv7CGAt5AvrfJXUEvQgOKfuDeYQK9oQYGvxhmrPoJhKZECvD iyDfeaMaj108lICPCynBBifAM88CU8y0Yfde5B+4CPlP11m26lchekOJQ7oNqqrvAE6nw6nk 2NjAey78UqsJ+O6v3W9tfswv8UqIaj/8+u5lwmtZfrdcbpKlK3qEt4t2DrKhxEGsrqz6naiK wGmxQ8DihByg28sL6hUuFkf9VMzlBvSemJxixE8FJg2I7nR2KooA+HsV9TQW9zMFH/TkOG71 jIroYnUHAGqw4aHEV4zamtVJ2yTTyJbhBS7Gcf8XqL9X5JDGuTz1oJBSjjov2iQYRS7kp8yI nZfg3YKOQAc57ccdJ1QbjJBZCIie9UST8iGYdtkAhRTNA8YZGAjzLkT4IyL9IBHyLQiHWoSE Qlch8WwQ7nGI63ZE0EsixVh3pKY2iUasq8K6Ssar2pPOM314OvtdOpjpRQdJ6y8RPFWighCZ 3SkDvDgt3oWMrtCEyMu/KXSIyLuHMH0K+gMG06gV7zV+Us8GmDr9Vl86z0XLxBBmx8eaVSMS scEkdwRwBHMAjIII/mPazIDNhTG5BHdP1U8BUgBdDdU89ZIgRtI1X7dYKVYar3uqd+sVB7Sy SgDAca1xpA+d0e/6kV4sXeUgziejBCECZ5zhHmDAiVIhKGEgRo5vrPWB48Lg6AzsAL9C/k0s zhYX7SAFIco3m7z2Ip4BpK5kGOGYB2KrGMtAzbbfQ4AvMi7v0q7VxkU/u0WbojDQvtdKqlmJ CmCQrBSkDCXdQqYtGKrff8UYGFIAZnNhN0Xq0pIE+FByzY5HjkkXsrMl8EBo5kwoggOW/cDR C6TLvM+212tcjCovdjYzuqb3C/4aQriteXGN4fcY1/LKM6vemccFyLVppC3QgXYb/KuQkasL AkcQXlJBel4ScNNAG4IBRUM4AQl2C437ycDGYIovdlHppD30NpIZ12dkWNcjaA7wYCX+zHEQ 0K3UlzM+JbH/st8g87bFyCl4F7RCgOnE/G0AV1w6gJXCv15cNj6tpVr5kQUcb7GwlXdVLwsa PMzj/r5tDpjZBbitiN/UaLUvVS0D/l3+QWM7x0wrMNRPiwsOg5t9RSpzarMaQ79mSjCdUOau BSUsRbIhoCB17cGyGMXJrCFxMkpEBsw4cc505YemZ9WJUe0cMmPvTV7Zs/WsB3e9QKv83m+2 V6JXOE7ytGI654VX+94wHbHcPtcY98+vDK5MKwnv5HKJM0SRADji5P+bb7PTNZauQUl+Vd/J CMu6mnQ+QUeCqit3z9hkhL51PGkM2JMUenRSVPhc85UZexN64P8r3GKmHRTVWRTJk9h7ew0K SXzp5LvHuPW1RRDNBOC6autfe1qIGbnrbffEU8lTtRek1h2NASLbThmZRcVFLZ+pGQSHXe0u 38m/jFFTvrdLtoTXLSXeN15wHoE0gUr+OaBMt/6MVp3ixha+hZy8zVrlYiG+uWcf1RQiTwLQ CyBXtoYVsMiCOzSUeUetUdwhCVGfbNUeoDIFAdPB5qR6iEZ1LHyehyEL1eAOA2Jj9C+SRJAG OsKSr1WorJa01ajFExAiOCMoRAtCClrZtX0KShDSEsAVt38aH4Z4/2lEDuyfQvNAwUkNpyD7 oYyrzRGz90gCYCzpyIqMNaDAiKQvWGfjeQ24X83pRfuispcsu/J5kIIhfBAGDco8bfHkFjq2 xDSJ+QeeFWlpFVSbnSveB31Hwilh+kJQom6VGJSnCf4RqhdDoLusZByB8QniUoTuh4gieyFC s/6XJfnduh6Z3Mgh+tYzdJCIH3X4q4fo4fqMJConf1JDtRg8SYLI5TlyqkKPFZCh6sKSFMtI udF3GHzWUYnmWgqVCXHN00T7PiqVoapUa7x/pYHZiigXdnMREsGJUyMpBn1n9VzYXxKlzMkN e30KXiis16JtAcT2PE6l5g0Nan0zPxxFqU0ZUoOZakOO0qqvwBvIESsFsvb4YLVEGLKCiK53 jKCqnJi914pzMK8eQmlRGCJ3ahWmTyJcU5cc8okDpHw8Q/LrJAk0RFBnsnAdWCr4G53hFt33 JKX398xlgArchONQwBVlJS+Nh75w8t1iUSUKL3X7URNrTpWuoMt+AITl+z+KRoEMPxDeWK3h 1a4uPt2z1N9TdyCczc5GWMuhjeqYFQ31nJyM0Os2v7xXLC7vfCvokQy8ecQuXUR8v/8AcGL2 sQRrUmdFGayUgkcn5J1jrpxcI7Lmx9VX9o5RQUCXHlw6tPZhoEF/Bqv5RGprsVtRFac4G/a6 M7qmUFYtGXRyL0gNk45RFJn/FJAgSko0+QbahtaCpXgs+8IrpKX0iv+OUbsBusHstbVf9FfD IiPtiSojy+1kiKU9qk3ESjRrhUK5I2Kvlaynag7G9oRAUiqtDvmo/1RRnecAqtgeW5+hrKJx 6HXB0mF9eMSI08HTL/d58Up3+ORgNZBrvqufJOFOVAy6hPuVI2CJhWuslruWRcAVv9IpV1kh wFrB9cBNAiQ5uM8Dkb6/n38RAzSsKpCIoyW8xCYndg2CWj5e/AVT4upRm0D25kcEtA1VMCCo MQAVF0XUEiLZx5t7CNKNkvw0kpQY+drK8tsqybTQI9qv2qfT0Sp5sL5HMyHBIwOBYQOCQ0SW w7RL2sAwTLK/KqPxY8wI9fLOqu6SS1PHq4dL51eq3634wrsqTI2rE15EIi5LrCAra7mbvFR2 BGgdGX1toOQfV6o9YtJALk8zA6gqY+00cEVmVkIyRb6wFRb1wYI5jYP6HEURGknkMzTvkTE2 H0JGQhE4ZQUQLBUQa6bDttqZGHkz1L5hqOeqnX5SFZrB6PFl5S2U9CioCsJU7+x9ajsQgJ79 KjWwx07f/rGK/cBDuCqTu6ke8mIrR6kpRSXFd+qm2Y/VaRdXxkmp1VwqwfEda/Nkze6XMBxl O+2S/DV0Ebplquy0z93i9dkBX3DaTtAnhMT9VTik2GfvIEcZ1491ioaaJDMiyIhN03rC/uac 36PgBoZDGtwaqyDM0PYIgOtVT/a/2+v00C41IzzPrKDM6J2DopYbA+bn+HMmSNE2FXgKbF6L RUjZehRCPO5BKwpS+TyjI5ncdFmjFaQ7snbRIPm4qaGNL/Hfgt8XCgm9umSOe65a7bHGiGk7 k0AKLSzgKjgT+r+4sylev35KXLudHFctS1XUjolfdOgZll3iEn3vjEmSl93xcWSfDY2sZELP EzCv8q4wnGQqaZ3UBtSAt3p8IhBaHInT6HPXMDZ38SpQ+9M7TurLtovulJCBwvbJXeJZBEso dyRoxbFkzikstZJUqCRdJLsbe0FMTmLki54creO0F5g2KaQmWV7ZPUlzuoHVsBYCUEsMyRES WQH0+YoqcGNNAUbMGfQz5gA0Yk8YT366a1IG2Yvlc+I4vRWIV9lY7WTYbMI50oV9mQyEuy+1 vT8OY6pDfFFIr3rMU9G6n0zGuceDB/DiAVMqMH6uXMX7g38eFRnWnn8L3SOnjG+l95Td5hFs cJ9kAmN39yREQGsOv3f7tiSihQRii3TNf2SBmb/dR4oQ681Y8dKGEPzk+0gI3KhmiI6u4F4M rsUShxEoBbuucTNvSPN0yIWu4NPWxpo0rsSzQMOpFPTONVVVx+qM2wRqEDQG1q+gEW/rm1ux OoFk7CjANh0Ia1XLFNcqv0UzMhmuq4YBWk4tlSh9oUQJFOs11xTLyknU9WzxBv22c9mN1Wss S3lEtDZXsI5lKoooXmONv25xRHoUp5SBU8N75CI54w8sRZckKKODi5Lv3DrtI0v6iwRRC++a RnsVGzSpRVhlf1IyhyYkZXS0GE0+R9pDKEUHNUnVFEgGDH2wDLCRny1XNrKUZvacdWIy+bDt gCCnC1Qsjp1TKnCQrthHMfHQfU/KvMiTYztEMrXcpWQz4WzmY6Lf72gKDd660xCtxbGrubXc IQO5smFBdAxyBJaFXQZEMMJHGULPRyu825rKu5U2Q9zB8k2DxFXc2F4Kj4+Kjw9RSzAZicqw AdJmBKyhtZWxfTadHLQXeBCywAwDzUHQAMQIkABV8O5tW9/aobqaR9Algq2fYkD4b9Vgp4Iy 8s0FfDAuNPy2yrtmVvpUgAbwyDGE18IFKYBG14lvlEuG/c4vawtR0BBTG1vRKzH8++7yb5py U71txw8QvafGfcJYKQmj4HXKAJASfFG9yXAtiQVYbLcZDTBBK+5FX4r88oYLBFILOepFq7p9 PyD9+VR2Ax9dmLf3AoAeYUO27mIjASoXm+uXn708bUU3m1VDwaX03E/wrTUoRTl1OnpdZ/YO 8f5dM9BaEcN6BVcVGOfvBlctPkG7QeTSXR+7kVaAQtkABMA++nUKOvgL8Hx/2KJiP/S4PeZt p/RIAoJoE+GaziBAG8d32XbU3BtuYWBVPOxG3iJSMM1rBaJPmftYyU6KvTEu4naKbNVJPYcm HYo9eS3IKeQMoCjYn1WZayHqPNGXFVWyrVfAQ0aKDTYs6hVJ6m4kbpBrEMLlygZKFQU26iV1 xj4sEsaYJXIhaT2mKdVJG9E0ze9hA5X+kFyY8h4R+pF4Tebmnybq8seTDk0OAjQK0xZOFuiX qCXigSvd3FcjkjIt5DadHJWatX33mIPg4nV4Kt3yxa5ktESoOvNHMVWIFjAM9E7h0QBChvPi JFb0QckLapuDXJ+8j0Brr1XKSdjUn90GnmK86Nfz9BUC4QwVGYG+xTxOKiGRMBXuNXQc08el GVewluJmtqaC1l2+NVBg4k1eAYSlA0TIaixKocUqdqosCYJolC/Da1Hd2KoddtjzIRphLckJ pgUxmj1pOadO8PKebGJ5YjRu02ZNeno0dtNuTVJSNF7TVn5KuPXvk9kWBt09VTLJPCF+Gril S7UrfjimeH4Y9pi1UuOfTxwW6vOg3T+5Xzl19JuPqqbhkjMC+PjKsjY/9t2phY2cQNpfJq0R AFVXVtmldSdTAF2SYhxfmTWbAJuYGeN+a/NvoaCsCmn4aJG1RrTCisax0Ap/l7YG9wCHnHsi jYp5SJOkb5XgJWm+IkQkShtRig4y3UMUCECloUzBfVDazw4cc8SIvnElZijL+BKhqu4dONbi kGMI/FAp14a6OBlhBMa5Nf2YZkJ5xxOekOJkylLdqXWXW8M+y3O4MdhT2ICZmoMIs4KI1Nq6 pD+Omcp0JiF9yIo1GOMilXyUu98HaX4Id/CWaiALWAK54q2br+HWi4NEgKgmE9CH+WgFdxnY L1LoOqzFMvYd1gqGp2sggWj29CKcZtIimPOa7FROCVVcsvFwDlJXdlXLdVSd0ZCQcoZ093y9 NnoHa5FC7a/QNzzLyMZq2VbQkKIjizmPjEtDADu/IkW5OU+lXME8l9BupFCBWMJyFD/1sIy3 ictTee6E0hR6TxJ7SkAXXnJbsPcj0msy7ZVJi4UKtfs1ayCC/I/qe+qQyDFVXVhw5WAcVdpM IGMn5oRnvwjPVitaArvJRCsGHEqUx0UfXb+Bm9TuS386loPqpFfcF9m7pONaCMWbAOVQ7Rru qPKBS5r7FGIYQBbsJBxBfPtUFDxYXJa+ZC6Baaz8djpR2fLGUwhYyH6z2KjlI0U17BXy4cGr ZuaJxAxFr3EGTXGHNLkZkwQp7VGUf4s7E3O6NsmTh0KFFntNr5h0U2qseUT5aLfyH5GkIhDh oMa59NQaH6gNls6IwGMoP9JgEKvuWUnfaJLwjWKAIbs6A20W9Fj6rqJWdpEAVfIVxUuQ2QzY +wdAhJgYVK6wK8qGSjvM6fT6gSrw/38RNMk/RDV0FawMmvJjyGScNAXj+AleOGLKWrdfGVeO OwhakjOOFbj9w4co/hnbzXPwWH9VF+DZYkYDaEpMtnhAUTytSJHjXpLjaGQibgVXPkmC1LiA Dkbyek3i0lp5w0ZWVQ9CTo2IrXp00Aevqx1qRklKXmpG/haoW2kPOJ7AtSoB1l6EkqIBg9e2 lf46UOA2WHGQxjUYpBbKmiWAiltHDSbbespo3gnGusqAiuyKr00FaP5oJ5v1EJJCvjuSVHNE oGfIx8VrC77dAoFrhAj3n9FX/nwKAV0CXMHbrZB8kgbodqmgM8vBYAAht71ldyi6AF3QfU7P x0CdW/pD1J/v8X6dQsu8d4SqRlUQVMJGXaDR0odqKLeaHRluJLfpImRIwZQvS3mIk+1FJcxd RaG75yzMX2mpYJqIHNVf0+iuEoZ2VOP/0C9uIU4mQRK6hTLaExIEpkFtFNTPGh6VyFTY9KUq aMDhUCGua70HdHLKng7a5Vjo57eNL/wVUv5lcuFV46EC7o48mtdhbDiJkFp9nyVAR9Qg6Iqh RHLbsAQ58CiIQza/jhQoN890UNhRjMDU0qvqGjq2poeN74owIIOpilKna7r2NbhRSjTJTgp3 kE2/RaIFbfWZG27fQ79nIGjl7Xk0WwjtBJzfHZRMmgr/W/o+PUa+2P5NqLl6baAevvwzeFcE ScBIwrHIIzFdMxAPXTHvKCLWOS9R1SiKGM4WKmi1YdKR9rKnGHgb6sx0KSb0jmX9kuZ+4Xku I+wlkOVZII//be3VT5e8llfVOdoK7Ino/SSLOPyy6pJSri7bp7DCqNSm4IrN6QbOWa/aVK6G QCdBecrbjSsL1P9RAON7hAvPfQg6L4MXy1lzqopIMdzKKBjiI2evAuCqN66h/LS2JlUeXO92 dFErm5LBg0dvDkYhLuayw7TUNEHB7VQrutYcPsSD2pQeLyVMKEAnzhuu3VbYf/hSHy0dAEAH QQfmr3qqHc3OymPFm/xafW2pxt+JJ8NWxNRf116MxhRY7fsV+yr5iMf4YjKGS5mPWVQw4j7D AU2LX9y+J63rkSdNfXMNBYPod8fwj9TQhs7GTe+mDZ0FAfOuLwZizW/kGC+FJz7lkmGioiVY 1zGNE6Kl5YERdfDRPQwq/5LJxxwLu3cmIcogpt8mVxUto39uvasa8OUAE9lT4ajlNcDfQKoL 7qfWdlgLcrDzqxY3dy9B636sbP55xYDiMYnlF6EDzlftkfwHERdmQmKZMOuQDMWCsigxTjT3 zZmAMkmueSW6fczJM68GR9uXOZCiHALFKAcsDoDPihALIPIiRf2CyOYIe6DSstcCXSjYCE8i tG/FIBdeVeCmaaZQdQqXzC41tHBr9qW5wfVf7soYv4PTy7q7Xb/EyvL2OhXD7HCzGKJLuprj e4uy/7aQ7OQYrgDY4sqsLVranGGKrVxc9wrS/yWqxkFC/VdzzM+10Ql98S7iK62YJq0Llovd grspY+W9exuKuXVY9PJRX9fUSAFrymBpCbZArIh0iL0MoAl4O8RaDlKCjREzduGHS5tW2joB W7xfeIxLEGkrCGxLab6KimKvHSJ3j1iIdTNHfwLa4GcAsEg9O9LQaQM6iDCn4ccQAX/TmRzV eSs7qFwWdwoV8+8yHiyeKRw3EQp5NV5dZACP6113gMCyUt6ulA6u2ZT3ccqx+spIyccgg9ol pdCgHY4t8QK/kwNP2C8PSaHh48dXXit34krpvL39U6RDgscn2JV/sNBy2b6nySbRPUEpqIX3 hUJh/ce1/WSqirk8Pzj30oVWee9QD3+Mq9RQar6Ya1moGUMEo8ah2hJFsWNKjNCh0j1g2lM1 9xO8Ehqr+MCzFgriGwtdW48qu+ZuvtZu1GpUNR+k3+Yf5dXDXzS1eRNt1PbVrX9yiKVkGap5 V8lZyvmp5AsuFlV3VDrWXaU6rs/2EMxD2E8Z0IOEYGuEU2Z5AbUw0irrwPcTTeZEG5rBiKzX RU4UERzZUZtHn4WRXE1zf5CJege9DhtuJKbbKAsCnPARBUdeZzVdQ6TXZKxGuvzTEgjXMqcF gLt6OtIu7K0Gtf/FaCR8agcaXV/w7aWKOeLQu2mvqnL41ASICH8HJ4nnveAiPBb/l1fxmRXG Juwg6f97LGTFQDsCYzStYPTT7KLIwhrdhp+kW7pNX1nRUYROT7dqr8IrTPzLhM9Rsy/NlqrI C4Ixrnvle2SU7AFGjK2ChclhXrRAPSA2epBn322M1PNI/Ol/X3vNzaU4p9kpwCT/BqoPm0V0 hDd/T133gVYDXVDOIpKvOa8t7Jb5tHq9ghfdHWwp0tdeVXrp4RMtskwc82fOgJbsEh2UaMiu w5QF+VDkmgvC5HI+i0y1tITphWMWEBrMIPo9X8fgpQ4m+cubCbt1w0Jdl/bl77n0JbvvKX37 JHairDfPmRPi5qptUJa1Av1ErKfJtfQ4jMGVEYc9wOVjAE1mXd9fCSrLFSrxj0TjDEv4BP+0 DgZ7MFdtYpdhkU2iJMUjnXzJr7gaqzqqKbm0uVoVBRgY9UGRShJOqK4ffZJFa25fhR7ca0vQ 6kL0eryRPhX6SkEDO9VJ74xewulJiyUyjIaJwsAKiuL41fEqlkE2qevnTUHhZCDt4bf19ONw NX+aT7S8lYx8rMhJ/02sroclyxCJNQXfsg20u5WDI7GC16iWTp6TDwvc8iB6MvPOu8COtAh8 gw2EDwmeBLpRYU0XeyQwgOZj6DdX6XOmgIXrVrJIK+0ZvlLYIVzb1/QyDopF6vjod8oFcj7L /TrzziI+KkA/Fn3g0vleN9lorerlDtsnosHVShmZz8CaEt2fGJtRGfCFRA8ATUyLxAI++n9d uKDcYQDFIAh7wSyGF790K4Cd6W3Vz6Qev3yEIKoBFjjEHl4cLmxJA9VVgY662psYws7k+8rV hWhjsDX6+KVaU2j/l9lloUivsaFnId9AIZ7gAGVTAUspStUT1Tq/zKwE7oO69yvbUmz+WXC3 crvVBc59tyIcjl1X0dkqUV/GCJndqUWMVWariKrPr/3lFl1rw1bleru1Mt7Ktp+k23UKdabJ dqqfAWUnJO7Opq93dBfaTu+iYACGDLVoD0rLeu+3oFCVAJVYHBOchXVn8lc6WzLHrslHaJLt dcm9uLrg2Y6j/oBBpVndY0bdSqZCgrq7OnXB/o5vrw+jVwk6kiaBMkzmEERtySNYrn9QN5lc NPkzF5bxF+yQxHf9bKDdhwHbhCq+15Behth5SCrBZf/EfkHIEOcm4FYjEiZEYAltHDkEnDqX AJYPG2VmDRdjX2L0lkS5rLvNOhhIphK3f+EANr0/ZQ4iu+o7xV3Xey080CpQSFvWDnsVlBRh IqSbZQJVWVuAZxuiHLRbW7BlClhozYXAoWCrH03DqT30uzO6FBQl6y18c1vKVAl2Sl21VcM3 KcMLagJP900qYQe28lGlskBYp7cyx1OfMf+sH6g1Tj03AQSnBs2X2oajn0IZcDPYr4+uoBIF fbkYRug6V22pBGQRFEIKnfXXzWX5H9ZSCr7jybSqMxu7ogGf+J/XURGKAdPQFjxfdSF6amck 5JcASJbt2g38GiOBr6GSAzVcYMELh+84mvIS9g2gR2wWK+W0VmwuZYOvmN/YdYp1ITXZxCt6 qerHFNLD5/8jEB+r4DPj+4VGo+i0yVVVrEx30kQLOyYFh4B66TSDKiuryv6+ey0Rj1n0DtAm C2Jihxsn2qGhirv1dtO1i0SCWiEQLocZSgjGWLZwNkbzMXebUC0gFX/nzz8wGVoRlQpVth/P SdS6ru2UvGuE6q78nQ91Iz/elP+brSbyLv9Qcqo9TADNtgx1NpEHi41MiBRukUsGFPitNos7 ikKwFjXHdLoNMS03wQ13Lq6V/DhXK3x2mnehIgF1qXR7hReFo5H1xpd1ei95d3V5Khsh06V9 JJiACK3TjbIajQClRcLFgTy5LXeK1QcOdbRB49G1OXPs3Xec9/0gi6YgOL0nIQXdUVzj2Eyj IVRDLQUVI9hgFle9BlwcCjYb/NJAaYygh/oichx7QFB7KRYAdbv38QMk040DQKsQ5JnAlYDG 3w7AYCNvAQlG1AiIc7QJqhJAwC24xButNcZqrD6gTLWlrzP2UlevmQAoWWBfm9EeOWOkt8ZU yXtTq3DXl2HipJe1hq3QeI1QIPIIL4ExLaq/GhcHdeYnLKEXbVidFT2BZacqWdGjU+kiPkci qtoBp5UcTooh+yHRIudngog5W8JU6MjBoIX1mNpBU+qzp5a9WST05ZaL6L9VakOX6Nm66Hlu UdbqJapJUSsjZfQ0S6Ps5xVNso2cgsbRO/yoNx6AiyLkp1lnLcuB0oUf45JjJ5QikYcfXEF6 LRmElaYVD8UihXdll1IIHc8mPJLIUKQ/Z2HfujLdpcBaanbapAgAvMJQwBRUurr6o9KBfUuc 5b/8mIYOmSKCmw6hFOyy4OXCLSItaBMlnN7F/luIhkdC7cb5UkF7ggz3rfTg2SB7r/5uOEhj zoQs+COUZZgSnCRSqG9ODU+rzjcQAUC6yT/K0u7ehMlbtE6QZKq+q94c7lAOEYzkgJcS/Sas tUVEAaxO+kiSbtAfDTdqXWOlATH/i/dJJY9iH5RRbBd0quEKidyXU2s+0FXMz7hRqy7aysB9 jP77FMctDCn0e8RBf6oap0Zd7eVVC/LK6Uvm4qVb0pBzA48CxfXa5oRLr+xEd/Uu6++Gvr2U ywEHJR1pQAZ2Ck/icWIw3P9ePJEV+GuUwKXn+BaB+yndGqHYERLE9H7TsRi7L/CxukkUG/tn Nq+DyambQ0Ep0fpCQOyPHueT7/FdOomKen1fQ60bj2FHgpljfZq+pB5uJu6xEhVxN4v5D9Uu nRdL18AqFIhPbKy75HWHBxfAVZ/qTctlx1jv2U0air25pKW/8BO9aMgYFKnSJmuKTZXGP3Xp V5yGSQfdgVpyDxGOlYe6yA3K8RqfUQsByvkmhAZLefzaICvaF7cCu2BElEtcml4cHKTdMIei 5wkAnEcIvLpvXAr7UE0yAizhTTS7m6+fVV3zaGlZoq76UUadrmFXw3WClR3ksf0IT+ygI/Sj vRFO+8FIQXyupU0Dn1Et+CvnDh2UZh3FTWykjUEdVLVs64tRYeq9QIUklGNYSrcKGhBNMTBP xW6CsqqsBF0ikts1+rcq5ioR/QfEUJsqJix3+yULUK0E1WEfJIvqkhdg7pnKHCD/ZUXVVKNX NqppQBEeGSHE90Z58rY1HJRQlUCgoyDiqpYQqtlUpY4gqNDWkC2RY2q8rnCqzEOPCogIvDWC /1TX+iiGdqWglnCWXo/vxexoApnuG+hhK0c7Z0aSyyNHLlVqQnXjPfFlowO2NrB+P7yA7wiJ Iob3V7cDHeRRE6+zV0/yU0v9BaQ3Q/rjEr9q7qpB/Ie/cD6wOnRMrIQv+p+f7mLUgQ9R71u4 sKTQWJbfug7nps+iunLEaaaruKkFHZIDucGnTcegQaucO6jVS/zi0yuUZBUHEemSapEEFgoP 0EUCTtjXS5fW/Cw68QjIQDd9R6j3sbs+Jo0vq7pd/r8IAgXT2Wz8IFwTUhNhWj+2i41EAd6e vCqFBaRNQjkz/T/iKbd5Yl98vVWij89TZpSEtx9ugCDgbiSaUeXQW+rukx2H4gLKQ4SA+xoJ xEL98PYVnNfVqoB9u/Y2cAfHpZ1N4mt/RiAQ5BSrG6r4CJjaPNAsauuhmhopQ4gkjMnIfPWB Idki/2ElBClweDj38yslZstKL2r5pC7rAufWoajYm/4bDhJTRHz55cJ8Kky6lBL/5uTqHZBy QiX1rwG9V/uPVWdd6lzaDBQHOJ+cHbiF4Ag2RfrnViDfsN1Xj1X25ILZDuMSiWZASCN4vEqw 7r9+ejJqD8mGCq99hPaqLq6+ZDotUq1kHz9Ht+gypnHRuv6ylEJiVfMPmqiJwrBX8XehhivC iZhy3aXUcvfVXKyHzds+60Gvj+/bf3kXrohXXeL1gQNTlirqQr/h2qut8it5muyJB7CDO5az cAapx6hEcwtZVymbLG+W42qZaVoydrXagK40v7hY3zR/nM29DKBHdkBXit9WyRDidUMgmL+w 06BlRSqirb5CP1UDqSUTEm0W+/MRUWmjYy0s5QRld0LOBfsv7p/+Q+JhGm61X9OA3Fxkz6D2 Mk3RvwpkK6hdAgJ3Huuj4fm8tXEI9IH/LwF1+CvwEVEYLVCqEF2ASismOM3mNPodeAFQHuFz LfVUAANgOTsZkiq8SIUPUOZQBP5sWoHKOmD3NJf9ZzPxpgqwUyqVDQK1Xadr5FqF6xw+7aW7 aR1kP+mvFJGAg6dElbOjetwxuAxS6P9HHhW7YS71IB4qkH/fqK5V7CTilyiO0wgfhrG2UZp4 BfhNSoow7CrSvrCiwgivrFiJO0Ry/zEq8Gj7JIq8SIzPDgxjKVYLuWQc+HNwKo1wbxZrJpkE sXU42YlPhi7CqgSr01GJpyHdX/tMhRhWocV8kM05fWE2aDAjEG6Jup9l2V+2jpNmP+tBYjBV 0gptqm376jxi4kWB+1ZdpgDZagsMtD5v1SgavoPIlEjSuiOXDZOskBk6shYoZjOTDOfwtBtE BbIOC05xB6tFFLj7+gRCYuuB9/oB/Je+vzFvvD8YInGlBL1wVm0vW4FYc56/wAKuvFV3+JJO uHCvKFDd2K1NJOPiHRCW67gb8JBK+X4DDM11QADdoH1yqEsoLT/0Lf7OWH5IsUuuKxlwvaXV RQAi2kHAvv8eFehh+281X3NI+g0MFMcOtKI9C5cZHi6vpOTFuUfN+aJpYFTMf+vpgSgwS+Z0 m0TGKV5CFOmwtBiICyorjPpuocU+3l+O4U5DSwCvQ9YwB8W31K5og6swLb2ExDsiEc1GsKWr FLcRgALbr+5JbjV34LdON4ELNmPO1ROhUTwOYoi6IopssYCl7KpK4eCyQX2wjD4sTkQgLllW w26hpJB5q2YNZUKAY/X/8aJjv2AgW83HKL9SV3M4iM9DrCX35mpF2MBDZlB5BGZ+TvSer/lR A2aLymYuNZLxp6LX+fJTidefNJoQjwCJYwTmeLqlmJh3t9NuL6Hbmks5Faoi6nE0H9kIs+bR 6/LWtRjX+Y2b1d4oBXxuWVh3+eK4f0EmwvSVDhCZCViM+YcQ2WCI6mgjdh9p1cw9i6yGu/zz 4grWCoQ8qjwgyjCoBkGUwoovFT4sEsaYBXIBaT2mCRWaEWjt13+eOJFDDnzjMsi95DbdHNWZ NW5d/njqhPQTNCGvlcTUmB+IwfJUZg5l5cwBOVU67/POIAIc4RgsBULCsQuELhYdCOLnPB1K bNseYwFMDTkpNCXTMU09uTSua7/PFdL3ydmLMN3kKdMBrv88VWr6UAhuJDsgKYAjZhYWov5a H1Njc9WolXtM9I9fFa5C6AXoC6+j1RoHkukjd61dh+3oZEHhadGm1dNybgznCqDIpcr6PA07 BpmX1/z63m5o9fas3dZVodSlX2edZBFO5kXdeF2d2Iq3vs4Zrcm0cVaypq+zjkFWH+Rewo88 UbZS/qeiWka+0hYiC18JjX01Fa1W9lkGw3exR4gpv4UIkohaS3+cX/UJUC2uZcpOWWHaKoUr yt+KyKCLJccMjgHLDrL78YCzTy7sYU0h0lqomfsbxHCVxyRt0DFOBi+tVEmmVwr5o9d97imu 1Jqfg8Rjs0jFd0iDMDvEs1RdkHOyoifPLAk4knPDEP/Pqk0wKFjTsl7MKiGuff1KtUBhJan+ px6KI7zw5EK6vMqrjoCt9XCobtzvuHQnHnZp8pE66FHvFWbnQU56Cya9eGjFxfo4Ib9kAAax 3t0utho4mgZswPsDMGKs1HLTCE1oWDRa00wkoMeOmpJp4KbWzJr+aRKmAhCaIGkwpryqmpZp hpJmBk16fjX8nzFi5hYcCpk8PyQQ0wJNenQ0FNMuTDDeQJLMafim4PJIcap0krBpjqaccJpi aVSmOHJJkHg1Ghcm+MLh5JTZ1PPeDk2OvDSi01RNXlY0btN+Up52Btaw5uYdgZjUyuTTtqaY HI6ahGmDpoCBmrNpj6ZIb5phaWSmfQeaZ2lr2ProzxMDANp7TT5kJkirAP4SS9hZ+1M6ALPP UEkNklXcAJemVq8Cp/UjAIiT9lA2zvPFAKz68LYLU6gUAKFnq2cfOq7yAIUOrYF0H7kQAP4r umNAdr/2ANpCvIV9KyTnABcfJ5SpQiIBBzN2IXKm7CD+LEOBjQCSHoQYCCqHawCvg9/JBbfc ugC76tkvId7aXAAY76D2ktujhQAshqYQtrKlYwARW72B+2++8gBFMrtn3wa4FABKBxuYwDMY 6wB+bh1+5FoeDQBD80av6cdF3ABXmkBJza5DOgA8v1ertotU2AAI1lFNkuJSPgA1i8pcX7/J LwDh4sy6e9bPyQDu12xFZONvNgDavmqjQIpp0FXnGIByTRcyAfNKADeUaX4058AOAJI7SjqR SPRnAJTdblOXrsm6AI9MI46MP53TAImqB+eK2ZLmAClVGNIqJqaPAC+zPLsswJsSAHRiMSZ3 EY97AHKEFU9x9+ReAGVmbmpmFdA3FWOASkig8+1q+JEAh1774jkD/ncAozf9BDY2XogAvAJd +wJfWG4AmGtbHT/CA78AlfYAzCurBVkAsZ8GKoiufIB0AmLzALzHemYm83kVAYEaYfdrLmLA oHNnEU9HAGRi2kbH7lByAMSd7i/BCHQbAMJ707Ka2XmGAJmqx9ucP13vAJ9MrP6L3SbKAIiu mJeNOwKjAI5IpcoWKs/+ABVZcaMQzOuXABO/fpawM/SiALNASv+21dDLALWmd2LtBN1WAO53 Ywvr4vk/AOiRcMz2oPr4APXTRKXwRt6RAPM1eXjr15NMAOikLRHtMbclAO5CIiRNzqgQAE69 Fk1LKIx5AEhbK9AQ+YHkDxOKP7m1kKWNFWwAVJwB/d6oAo4AYPUHG/rBBGgAXaicCjecn3kA icGa7BP1mZ8AhvQ6EwzAOWAAsp089SipP4YAjwBnJCU0ZFcAm2lhwgFdYrEAOGwYG7JYG2gA DAUe/ZYxHY4AMdgFbNvsBh8AZbEDiv+FAPkAaoSjdeCwoAYAXu2lk8TZpuAAY3D+QslE/TEA dxn4pO0t+9cAHDzvRpYI7DUAKFXpoLJh6tMAFQhysX88ccIAwWF0V1tVdyQAzlTUqERg19sA +j3STmAJ0T0Ax6CJn22UiuwA08mPeUn9jAoA4I0q1mq5KaUA1OQsME7QL0MA6Tk3oQMNNNIA vVAxRydkMjQAsmWRuDhRkssAhgyXXhw4lC0Au5HMjxGlz/wAr/jKaTXMyRoAxN3di07p3vgA 8LTbbWqA2B4AzelAfKfdQw8AGYBGmoO0RekvFrWdQJyB5RYi3ADgg7jo4/AfQQC7UrV1uCEL KDq9tMRAvseoLcRtACIZxx6cRMKLAAZwwfihmdkaAEut2mn18N/8AG/E3I/6xX8DAHDxfHDO rHnlAFSYepbzMSI0AFkFIUfnWCTSAH1sJ6GMfTMwAAZJMEO4FDXWACIgNqWFSa7HAO99rbRR IKghAMsUq1JeFQjeANQhC61qfA44APBIDUtX4VXpAP3VVppDiFMPBNm8UHxQQE5NDQkJDQAN AQENDQkJDUQNcW0AbWlpbW1hYW0AbWlTU1NLS0sAS0NDQ0NLS0sAS1NTU1Nra2sAa2NjYygm JCYAICYkJig2JSKuw5j3EN84QjAB7+COjpSNAJGak9WRgYCeOoLPotCnpbq7zSLs6ouDj5KU njhQzYgahIeITonA7o2Ki4DIS5iUHfAVw4662M5FwMbOpP8MmcvbqPb4/VDrvQ5Ipx7K/adc RfFRCKHzDygfHjUcy88an1QawKMGGSkLDXOQbn64FVhLmogVAmtva4tIYHzeW0C0m1CqaIPM JmbFbrrQ4i3M8fGBRSW+orit+Icbrcbgu3zC8Pnlx75JW8oVIpnax/flPJrDosU6DEsZoR8F L+LiZDtcWoPQR9gNKjkyKVQyK6KXMkDFMToebXrj9Sgie6XVfR1hNQS1elV84Et9AQpte2lq AWdhPSz0ePHByWePmg9g1FKix1S4dUXo/D8Fy9vP0hG70XxvgGi99VgvHR7j6xLmxVTy0Gjd DLkf8nQ5a8A9MrULUTwAG1RWIAtJSkAN9wQLGz83JllQKPpGjbWGXgV2GtFVaKhGCxD8AsBL KRSFGuAaFqMXcxj/u39hmdz+fUlQfYcBu56OtZmEFbR60IeVv6sJN5mb06+CPEWIRKq4afbQ sqWmtQC0t5O/t4/NuXS4yvsX9eihTzY5EnnnYXHWmCfyhwiExqaSvMNjmMzcORAsBPOSgqrs /fopd/WDGeXDcD0VHYo2+BbtJDcBFBUUMEmzJ+gGuo5EHCs9c04qDSfyWmfGb8lLd1/31lfm ZKuNTHRYoDoreZ1yt3Pw3bDo7k89yXeEd2AWsnsXaBYKRySdqlEto/DqjoYtz24Zspms6bGP /E2eWTqX70EqgKbhlal032KJWE32e73n5fXFfN2SSv2F8kLvcqNERMTj848QDzH37yRv4sge KC4CGOcbfWsdhUbmOSlZWG5reSonZgsok1DjKXpq8sMsQGJOUl3bFsN+8Z0BuHxPeKrYT1J8 OXRDWS+voralqp3oWZdBkKSTl9RbjEJS+oWfSbaisYyKg92Geg+QlNnZIZ0+WcZXbIl1Cef7 5MF3/mU+WN0klh4XG3Wa3Qp8LapzUDFPm/w6OOvQywM7Artk1KLmYxJd45FMdkR3PKhSE+Rc XWsYA01gfTSKuZnZbTWhVOqBNJazSaRURb03pcWzzukKjAudeo08wGjCuwRSuJLqFK5MasS/ 8tX12J0KJW+lGhsFKj6NaXGXMTSuF90T4b6t9TZ/hObPBulXvBGy/vbGfWJnEkuKOqxxTUOH W2NkmAtiWdFdcWD1G30KJZe+q+HMqHaqFSe5rrI6J5XUo14DVYci4vmqouLt18t5kqOPtcdr G78f6FKvNM6JBjuhZ4nbH1MdzYnxr3uRUkWaJdulROp87iwvaEFOb3ZyiWB/LZO7AGpcKtNz hqwTKzGtYbxxqiPmdI50TZDqYvbkrQ8smeiOqIPQ29Asz8TDzurp/vdEVchzbVWsVqgPODA/ MbkW72VnDZtweb0biQRpcW1eQBtA/yZjXR+pElHEoSlMHlt6chmiXIVWcapfv99eQJPAokwH Ub6WXQI3ABRQXUI6W10CN19bUlZRJlVLW5yISylegFRQVyICMsAAoZp25HDhdJsDIat4ek7w gEBmpemIYvfnsG7Yx2MyJtkgttWDKgB8KOWDg15loGvRwALgBTpiBaegWct5AoDI2SPm5t81 UrwZ7NlWIoMKdMaQrw43pINQR6PQt7dTq4FqzFFhC/GXprCycOu/VbgAlZlGRZrN/lkADMhI T2RNIn7CUn8BeCpDLWFu/oBuwosMWt1AM9qjoCwj8CH/pRvKpaYvaMBMTeSPiUgfkNTPVc6v gPQISjWDR34X+nA7MoFMx9r+M6qNJ9ejMODh+GCuEPTkIbUWsmjUclRS2PpYdYaAM82i++ox MpDhjewNy8lHb0n7kqK1OEwbd1UztrATtCTCQGsirCpuowFNYKdm8vH3zagJQOPpati3ALrs jwTaqahNAIhgo0UFbYEKGMCAC+q/WnD0lHLGlFnS6WVRr6ONQKeUy5mUs3wuQgFZoZCwLajA RQrQlkggWU2YwQhLCYlAxn5DNlN7FSW9JeosMErHQDDyOjLbxjvpK6J7DEKr0J3J6ucaT/36 SrPbFW4XoswtUbPU80pzC4SVcWO7MR3ykSasugWKag3pGExJYNEIzlYLC1AZMEIGdYFww19S t12QMIecnr5tYZClnLQAaMsr0cb0FvL8/oJ6DfGCHyTougVBf6j4qlslCH9CIHudmf8NqfSN 5AAgYb2SOxt9ZFYYcppSYCis9QQX37pZjNAqRSiZrg9VAKVLf5k4qMJDAHx5rDdMfalLFzQB M4y1e5U3zSEaZgsx2dZaL4j1rWKQH6JTBsYjkWr+vBqSE0gUhdVWUPConbNfQcDt1F1lzADA FAh/+O6tfhRwIRpkw5NYTUzANNTT6Gf8iBSaCGk8phBkmnhpTKZAtFjucuppluHJhKCYybCA c3RNXGpGVgAPQ2VDTmVobiJ8dVtiYKNqEYRuYZzJgKaEeJqMaZSmkKyauGmkpqDcmuhp9Kbw zJrYacSmwDxJF0g0VNNQTWiMNLzTqEykYDySYGlkpnRQmlxpTKZAxJrMadim4BSaCGkgpkhM mlhksPWTlE347DTU0zxNWHQ0CNMYTCDQgpLEaZymgJiacGlcpjwcmfynJODTME1IVDR405RN tKQ0zNPETNQgcJIIaQimZFCaRGnApszcmuxp9KbglJqMaYCmgJialGRwKZN4TWxgNKTTtE2w xDTE08hN8OQ0JNMoTTw0NBjTBE18bDQY0yBPJIvYLPHchm/YcvxpyKbcuJq4aZSmhICafGMg hbuDceacHKiapGncpsD8mshkIHeTNE1sYDRQ01RNuMw04NP0TZSwNLjJWDwmTHyaVGlUpiQQ mhxp+Kb0GJo0aUSmUGSZkPkkhNOoTfjUNCDTME0cZDRY01QkwKbcmvhpiKaEiJq8aVimbHya TGlApjAomgBk8GOTJE1EWDRg05xNtKg02NPIJCRMPJoEaQymbEiatGnYpvT0mqhprJJQPU1Q eDRQ0yBNPDA0DNP4TdjMNEDTXE1ocDKI8kmopsDsmiRpPKYMbJpsaVySvNtNpPA0gNOgTVhM NHjTYE0YLDQE0xAk7JjgmsRpuKa4VJpoaXCmmLia0GnApvAoSU0wNAjTAE0MYDRk01RNNMQ0 xNPoTeicNLjTsCRoDlSaVGkkpiAsmhBpBKYMGJo8aUimRGCZmPckjNOATZTgNPTTxE0kGDQU 03BNfHQ0BNMETTQoMtCMScim2KSatGmcpnxommR9z+y0ecCHJtzwmuRkHHGTEKb2CDxsw5N0 TUCwNKTTkE2EnDS4zkg+t8lMjzBo5BTTBE0c+DTc06RMjHQTklxptKbI7JocaTSmVECaZGSo 1JOwTYycNPDT3E00EDQQ0yxMMNChkuBpkKaEqJ8vsXjmXBwkmhxk6IqTyE3EUDRo04BNuNA0 8MkcbyYEBJoUfWfsFHkMhyZwdJpoaSCmKDCazGncpsTMmsBpxKbI3JrQabimoJialGlwpniM SfiANIzTsE20oDTs0/BNyMA0wNdE83LIeHJMfr5cx5hQcnRpeKZsYJokaSimPDCaFGkYpgwA mQRxJAjTEE0oIDQs01hNVHA0fNNATVxINLTTsE2s2DTk0+BN/Og0lNOQTYi8NIDTmEyUcAKS eGlgplywmrhpzKbAxJrIafym9NCa2GkspiAkmihpHLUQ+qo8kxhNVGCnMGDkYNNgTSAgNCDT IE0gIDQg0yBN4OA04NPgTeDgNODT4CQgUyCaIGkgiLbxyqaxvJq3acqmzcCaw2neptnUms9p 8qb1+Jr7aeam4eya52kaph0QmhNhQhsDD4rjwgANDBAoOSuENiAqNAglJSmTOzMaLiMmGEtU SAZdZ1NZVt5AAl1HW01IU0xDuEJbwlxz3G43aXAxYHZzY4BiamGJbDWOIs7P0ZBEm5+abZrW k2yhmZmIiJwla6avulvCTK70ubHl7TBEpayupRSseDm3aSTYxpG5WMIkxBHdz8M4zc9yFMzW yTL5tNTyfbBZ+Te8+j+3lfTxCtr5DRyfrB5nzXQlFBcgAwoUAVccbI6aVSKsljtgHCdnIeo7 kWkUNzHt9V1TfnvLTl4v105WWAfLfOeP1QCdFnp9vnh6e7hnamw7bm1WpxdqINGNHtqPTCmQ Vn3sAcTagyLY2WXbzYiW8cwvobhVWYtja6eWqRcdrqw+r7M8F9y4ldPFh16S3r0621/NPeP1 OuvcnfgPYkb5/Itl/MtZj5fWX0/1T8wS/t5yG9P7deWWAD1qqxc7DF0+Mijw7PbBaxGgUy0p YXo8FZefLUYy3FNN1YysQj1AaFYzitbySs7eIcRCbWy6Tr1e2n06dWUyLm9nZWp7mU3OjIpq g2tBIoScnbTKuTLl1o54BbKut7uY0hq8p8KtexyKprV8F9U/HcraFF8/VhfBuW3RjUs3J2Qh 8PL98ZL69trlWvZtNhxbuNZpZfcy89Y4Xjl8MFhvTtRfdp1bz6/TMyCsmryyzW5f6Lct7F8d +hI8WkIwr2Z8TXtOllJtaW01xFT4XLP0j0imZmJ/cstkXD6a6t/rM72bNeoMTXmUwpYCkbDa WcpO8aBx5psdaefqnU7Qe1HrDedchcHRs5Kh149YNVALxcFXhx9oyfJXL6q4lAeyDa2tcZOl vSUO+a3OLlg8nVK1O07SmAOrE4V4yQbFKn6ecwE6rOquGLPaYKixK4lbWqV6ZzYPxlFQTtVK qz3PO2xyuGfJFFfECNRizbXbnUeCm4k4VbDWNI2Q3Z2uz6hHo1e6eeTss9G4va5qQ+3ik6il 2s+eKO275V/hV4Q3V2Y1wjQS9qtBoxTHaHa5/uM9r4TtJpp1GvyFSPwZekZTmxC0pSYanxA0 Z7yhyG86YEtSffj2uyGp+UZwIXKNUOFEvz9yAhQsbGtwbY01Oc68i7zA4l0xzhH8lo1V8cOG Y633DtfFtyw5fPCUysvlap8Fwcu3AdUQu4EeaMSm8fq5fZnry8S9+qUexgXiNVm6L6pts0rm 3w8rUCpczbfpttF7EtxAZWFtYGFoG2J/cOkIJuwrLME0uT1Xd6i7VsNXEmWXLQ8CSUEW5F+f Tmpwtl/Qn38qNaW+O9sFh9CF1sBzqqmixrl5gteW1hSyqCX02OCZpZr03pxKq7i5PrWKul1Y 2eFh+FcXemKfyIi6rov4IqEB/HM30J355i8KCLb1AK62BS4PZxc/Wfsvsm5lWTjSUbUMUCO1 GPP3+vNQ9v7BG+2jFSVJ9H59q3ifcjSqYt6XMbYxbmrywnLxnJ5Yl57yFV7lVRhOjfX+swz/ zFSjDKrt1PCf+4QtMUvMD9ZumwLLxOs1sNTXl8xCl1wC9P5u/QOXqtDXwz2yv/hIUoBqlzSh KqRPN97SfYq+ITgqKkk1RwIE4s6jO9m0bTHqri+xmpNbfKstbFylS+hgXYpEDfUEtbBtc0W4 xCq4LNvQbo2ajWPXYD+8lPPn+ffchU+bdegrGobq8cSoD9gLTNu26sVtM+NUUkz6+eEaI+bD X0tHTPK+mC1zMS+tc7qnjKAvqX8eF6CqpmQLUQ6dQy7M0wLK0uZevVfhzFf7UBUpd0A2i1FW n1YK7V3qJyoWoH32nvXPupN+nu/b788Lrmwp8rb7sgNRqQKunyu48UEEOjtdaCc+GXOKc+Jn eLr3TZhiuQd9HXWP345par4/xa3BVui2/wmrCtJ4tzXeyqLxuLOurfKugnfV0+WlxpUuN1v9 f71oWQ9+IG3q9x3UVeyOJTrsvTwZaEdWUzx5Dwq/PD/nHIqyrO/5++Wb8XrrNWdrgwkvVS60 NXZRm7Jdr1JbCOtbpZrMEVqA3afztk9WGLNp9HJ5e5Ganed02KXGDINbt897deBCsqC4oG8p ZqD9YL4D3sB2uVu1Fw2IwNHX7jZayerGut9ulvyX4VL16Sfqpla5lATHNPrvJLhrNDiGpxwH pv7pIzoJ9UU78szAqHqrFDoZvt45OZ6oWlfSeuf6vm4+FEWgVUT0y3mKZNvvt97PBmdDjiVL V2Q86/GX66KKgIrqg7+bJc1i9e/IjaWHeOC+Bba/+ff+WV32R1RrVQYhoaKM1VFBXWO/+523 /F9GKtSR/06oFeti/Wg92bLmw1TlGDnOl+HCoaZTeLIUPdalpj3P73Wtvu6GnGDZOSHGrpMb /NbyHLGvtSy7q1/5dxn/T/pEO36+1gvw529zUmL9cOI77TE5l/fevf6XVo56xvjA6241urOq 4z+Ra4yt0OqHHOL12iS3ld/WW49nd7m+ysOr9c87FC61x66oQyjz6+oir4878j5J1nzxb/lA K1sSuPNHTuw2I/2gTn32Su/Oq2wGODx/Gs8Sx8jEYsEowJ+TmVtruMFVglqf/IVg5ZmywTpP 9qTqn30fHaOn3EhcWX264+vITfBXyvGf8MOf6Zl5gz6+kxvQvaXh3UNME70fV8M9ev5cHJVu LxarGVoKLUv1Ovg2RCP0n2JrLa8o8pv9Xv1BLryh5ASv9serLEvoEKr3/2u+4tyn+oHuswuh 1pmY96jkf8rfnne2/ySrpeOX93hjX2kvgxlV8EuVB/gBf74nW/eWZ3gL+avOkuvujRKHK7EL tKp+fx+pXuoGneP8Wc01R/WAPymmx6+5PvA/4ZoJXR0ubffMB9xZt0YdY5lvP/PP1sbCds2Y qNmlzZ/opV+qr7v4Lqq35pbjc9dOtQCWwIMAdWz23d9FlT4XUwN/hTvoiC5JdRra412R3R7X 8U/VmNFV1ONLib6fKHh+IFR4VkdZzXmh7D8WKVdHf3mCl15RH2tzQZXdEAt6i5d5a4VXliW2 LJl9gvs30NdfnjeW3/hN0CN1DfJhVfvv3baOsq252xTpP03qWCyyrL6ybpOd9VEv14Q6UPMW +5lsMMtvFbqWf6EXCt0kJ/ToV8edeGY9YzK7ihTXG77Tb85fSrz2Emc6ajPjxq/YFrdKotfB P7qQZfYM9MK7DlvIQfUg/HVfpin/xCqkvo6U+zjmi+I3uNdeMV/zZy7qf6FevmjymxRvCdZ7 wneS95crB7LfzxKqa/ZDZ8Vq6Lq/aGtd6pH/nn6sEarm90f/k1wbQa5MTHK1wquPMWviBv91 w4oumdgUuufHTqwzKO7qNtNrpc+scz+tc2uyRtuq7i+3Rz+nwyO+h18EcjIvNX44l/QlstyS Oapj+DbHuw6t/RVdiBXKSw6o+AoTfwVb4VzYVXY3aF3j3fxEeLInQNUmM5n/IMqL++DMqK/u 1fogF7HZIdTh532WOWOsjwuT+8f6uaqn2iWxNP5u7XK+iBqqCOufOqPD/zzrln48b/te/dFK qy0lKjRXlB2f94NXA9fceg2CdqD1emFcZ0+rZKSyZ2G6FNMBr71+3m7c/gcpioLBKts60jK+ XGW38GJ9TE/994OgydhlX1nPaYGg1nXCtVcaX61Q9/U4naDyoi5dZYgJ/Q6jBKrzzSrL/Jau 4Bx5CUGpXHdp9ec4Vyj/RXXJqlC7HPrqjy2Pu9o5/d74lHn3yfq1LCm+Z8d6H2tXdwq+1qVX mEgZV8+J17dUeNZ4bEr/r8M+r0zrYvghS7Dr7ye6/da723rzlz9Utk0rZieFVWLcOPdgjXYG S+3WpltiV1ZUKPbeY116pP/kPY5jaafO0uqrRr9EU2Wk/1wrP9d5Gu6i+vp8K6oc6v094+u/ gtcEF+OqzAgoNxrQ/FT65f6fKstv88SmWqQqqzzCSCDebuDiKRnMSxpZpf7uELQELGgXRTlA ChcrK3+X3/DKG6+i+znPT3kIGXBOjf8J3/I/HvBtAef+8hEAQmo0LTA+PD8APGNiY2I8Jj4Q P1jMLHD/xxM/6Seqt+pZLrGqQ9MktlK+594cLH6060nXsv/pcbPE+jm6t/6hKjg0yPbrgOha /AJ9rnfPCad/IlR5YYoTWSqqp8rDbnu+bO+IC7p/Sl6+hLrvHGruaC/7XqIeQl9crmW+XVvn dcX/0OJ/T6WcmFXD64uXC6BbWK7qGKmwRr2qdt5dpH2mV5Y144su/SWiwus8vLC9f61z7rYb kxukxbo//h6p5ziPVSXLFLDeH8dcE1pJoFx2vaEPSBDvfA4pfOWndwDy6yz7iKvPe7psR1zX Dy58oaBVQCRW7q3PaA+tm1NyuSuIolosZ7d15j+8FVQWorF+SW6pkIGC8x396vLyDfazUe+E qchBF/9UxZYj4NFA+YCosK286+3PUJnHS8ygkaq4uk0GmSo/A6iVUxckd2ZDTiweqTay7bJV Nh71eQ1GPAvRKDtzHOJSbw2zjBcFAAbdpSoEPGJ5YId++WD/JaDjBRFgQl9366LhUkNQoiNB 7TRgcFsnLVNrbVXpdYikl9rNJmXDN+UupPaftSPF3FBGjJPyz8xvoL9t2HkJ+rIFg6pk55CI ybeLqMEl29gdKErmq58E4DC4pTimpUGvDq9JSfDXXyDwyx2phuLbqedwvwS89Uj9POGiEhEa kxBrE7wxqnWptHkt8qU9SYwNYAs7rmN/4X9W71Qxl2mkWV1VXmM1KqpkFIpVa8kOQMZEy5+u mJmVsMS9Xwaih8CJrZhdJ1BmVHz5f5TKr7y3qzG+y2sc45mQqRX/X1HNFmP8rsjL+tu/jbre aAXHW0d/PtXQc+D6EVHo5z/E46VIqnE1Qmd14ZlZBjsOETo8PURb7vTIAVfqX0d0kEsWAs8a 4gOn0EdRTgyqAX0s9mg/S+33quZe5iV8NAtbvkQLL3TvfaW7+tsaucGqj5fXxYowgBqYjqC1 6l36m8Pmrbaijxn4rtSNcU3ZS8GMB/xD3nPIm2Aq1qnmqevriVvyp4s50F0XS1XUz4jdrLtR 3xTbEpB7PaNe48UWEA2s/qYLeQ/h665XqocWVQMCVYp1XS5Y8m4nbwVQQZeU1op7t/fysZyF X5efi4Z2y49fQFQfdKvybot2+0A0f2Evq8ho9bUVwSS/3+oPUMHTwFXTe5AM98IbbzCgtl+/ La61+uyvglXnWQ6bXfGEW674s2o4Lqku1lcy883VLCdYinjAlTX8OHwd9bhKEkIAbHpUeVZg Sx0FAhBwYVLauQhj1fFfVW6FX7d92T9Ue294Sjs3V0CFUwir3I2qXf17iCbR42E4LUvg1NLQ 0tQG6ujq5OJb1IK+P6G5/08gqaSZ4n15Fj9xYmv44MMhxN0i6/+E9tB1y7mHHDjHXE7BccEC 3xYdyPjgESEEFlnJMDCOJngYPyJyIpMupyxwUF5BjohobxwMbLx4CyZ5CxKsNTMSLzToBCc4 bS3jITY7MWEziZbnpMrP0sP6HWbGtH7d17TT39Mao8M+35bqJd6TR9eg463+Nfqqm/L14yiP 9YxvpIGGJpr9vfTSpM8eQ6Zktzazuzyw/u3pU1Pka8lZa7NjnXPHlHZ4tcJ6Fvu62coTgosV Eo8apdwlKrzVmXHjjjV8ecRx3b4Xt+m0FtTPFODT4+N8efNaM/Y6QIns6YJP1/SU37qxvLTx 5wDyoYXssr257sJY66FDpuW1IZqWN4fRbVMbXw59NIcAIgQcaScEErqDXxJ/Nt28jBYuNjk4 9S6zK9M/PB7DRg4iJJoikhM0Onrvbarj2xFVY3LyWjvrRF6j4ikpz0NxSldJH8NYON8OsSKc 8sFy3HUinFj5tptVguEuw/rdEMihX43EvVhK5u7Ra00o4OEjn45std+492TqhevVOYhAr7m7 PrxMmoRbpUItnYMC6uL0qqv0t6X9ynR3VYLVyaoONfvUI11etm8w3jl6LobaCp/fFF8uIRdb 0K+elhxAc/Xyw2uoTIJtVlNYPOuGBzueMFQmR3da+lEpU9MOy2YrhU1QtzqYgBN92DnTo3nV YZpxYcVo7p/WxirWRtXusK0VyXLzgQIXlfjoD1XTMsG4BagcSaIAqchAofn/2cuv1603sQPs FUbNgjSh235Vaj9V9bHldwaxNIK4eD08yfyx6roRdVdTBBw2XVIddruwV0zgvqf5AikbM1iG 0FaGUtT7rJmG0tVmFS5zznLH2IRyi2GUjpqMURiahJYOkeSXjbsxy1qCEPX2/wj5lPXgtP1D AQrg4urqlMzl13JX6w9Y4KUVoKeM3hil1SAZCj++8J16/qjAIjYqFVQUdVK9yiowESgtBIGE ExkmXxvdkdFt/JvVJz5g5AbcbWKnxu3hBUdfYce1aDmITkFZKUFId2ar/iIeS09Hu2sVd1Pv 9AAIlNyK33qmXHyaoRWI2C1RTdXJgKKmvbqXAJuIgJEOk4KQhGz+V8yu1NjXj9b4D6SJw/jB CD4IgD83KTA8Kw0AMEI1MEQ1XV5yQGlZXN46VwAmIk5bIlhocwxtbBobNWLewmMCFhYsDAYg vtxWKY4g8rrZG9PWYJpaVV3NomVoe/6Jqgx3qfjU3r75vJmEmp+IbXWEtN4wgNmysb26sBC7 sJC2Mq+lGvv2RMAQhfoxubqmtRymmq4Mp8cRmDSA05FNnYo0gdODTYx0BkF9m2ZiIG+1r9N+ PkO1xGlUiC2bKgxNfQ0GZxGIXYMgV8pcTEZWuIyvcRaj+Im1puOIg1xW+JqkbMw74zXBY4lH 6jyTETWOIy58RCcZGGOIBZq5bBLxHiV4jtg8RNMZ2++Iqt8RiwYvTFQshjb6ChhgLGITxBg5 BgVZShQQN5BmVqBHmEEiiLUu1PizAgRRdgXamxqn3AP/7+T2EjiJMRrxO+IyNeQgGYoFk51B BJCKWXcFkHxZcQWQRllbBZW/UeS+mjxsUwsz/38KgJoNhJM2TI7M70bGn9iY8nVklBCTfk64 l9j08nVpDKZOEJpHaUymVKxJIV00/NMmTbwvNHzTME0MXDQ002VNHG4y5GpJ8JKQrFj7/nwE evjk9Svx9kgZSPCIZZ81Z8WI3XpjBJF1dgQITVQqNQKEvUISFI+CeRRsFvzx2B1lnR/jiDmj xdElBkzql/URsvdOBLfzuO0VH7z1k5IGfS4c/S14//R9+xBKxSxUBNjS1+j+ijV9ZQAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgADAAAAIAAAgA4AAABAAACA AAAAAAAAAAAAAAAAAAACAAEAAABYAACAAgAAAHAAAIAAAAAAAAAAAAAAAAAAAAEAZQAAAIgA AIAAAAAAAAAAAAAAAAAAAAEABwQAAKAAAAAAAAAAAAAAAAAAAAAAAAEABwQAALAAAAAAAAAA AAAAAAAAAAAAAAEABwQAAMAAAADQkAEA6AIAAAAAAAAAAAAAuJMBACgBAAAAAAAAAAAAAOCU AQAiAAAAAAAAAAAAAAAoAAAAIAAAAEAAAAABAAQAAAAAAIACAAAAAAAAAAAAAAAAAAAAAAAA zP//AGhXWAAAAAAAgICAAP///wDAwMAA/wAAAAD//wC/AAAAAAD/AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAACIhEiIiIiIiIiIiIiIiIiIiITVVVVVVVVVVVVVVJSIiIiNERERERERERERE RFJSIiIjREREREREVVRERVVSUiIiI0SIiIhESZlERJmUUlIiIiNERERERESVRERJVFJSIiIj RIiIiIhESVVVWVRSUiIiI0RERERERESZmZlUUlIiIiNEiIiIiIhESVRJVFJSIiIjRERERERE RESVSVRSUiIiI0SIiIiIiIhESVlUUlIiIiNERERERERERESZVFJSIiIjRIiIiIiIiIhESURS UiIiI0REREREREREREREUlIiIiNEiIiIiIiIiIiIRFJSIiIjRERERERERERERERSUiIiI0SI iIiIiIiIiIhEUlIiIiNERERERERERERERFJSIiIjRCIiIiJEiIiIiERSUiIiI0Q5kkRCRERE REREUlIiIiNEMiIiIkSIiIiIRFJSIiIjRDRCd3JERERERERSUiIiI0QyIndyRIiIiIhEUlIi IiNENEJ3ckRERERERFJSIiIjRDRCZmJERERERERSUiIiI0Q0QmZiREREREREUlIiIiNEMzIi IkRERERERFJSIiIjRERERERERERERERSUiIiI0JEJEJEJEJEJEJEMlIiIiNCRCRCRCRCRCRC RDJSIiIiJDNDNDNDNDNDNDNDIiIiIiIiIiIiIiIiIiIiIiIi4AAAD+AAAAfgAAAH4AAAB+AA AAfgAAAH4AAAB+AAAAfgAAAH4AAAB+AAAAfgAAAH4AAAB+AAAAfgAAAH4AAAB+AAAAfgAAAH 4AAAB+AAAAfgAAAH4AAAB+AAAAfgAAAH4AAAB+AAAAfgAAAH4AAAB+AAAAfgAAAH+AAAD/// //8oAAAAEAAAACAAAAABAAQAAAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAgAAA AICAAIAAAACAAIAAgIAAAMDAwACAgIAAAAD/AAD/AAAA//8A/wAAAP8A/wD//wAA////AAAA AAAAAAAAAHd3d3d3cAAA//+f/59wAAD//3mZn3AAAPRE95+fcAAA////eZ9wAAD0RET3n3AA AP//////cAAA9ERERE9wAAD//////3AAAPRERERPcAAA//////9wAAD//////3AAAPDw8PDw 8AAAD4+Pj4+AAAAAAAAAAAAAwAcAAMADAADAAwAAwAMAAMADAADAAwAAwAMAAMADAADAAwAA wAMAAMADAADAAwAAwAMAAMADAADABwAA6q8AAAAAAQACACAgEAABAAQA6AIAAAEAEBAQAAEA BAAoAQAAAgAAAAAAAAD/UEsBAhQACgAAAAAAz4lZMGJkxhYJYwAACWMAAAwAAAAAAAAAAAAg AAAAAAAAAGNhcmQudHh0LnBpZlBLBQYAAAAAAQABADoAAAAzYwAAAAA= ------=_NextPart_000_0008_00000C4C.0000570B-- From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Wed Feb 25 12:16:29 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id MAA00755 for ; Wed, 25 Feb 2004 12:16:29 -0500 (EST) Received: (qmail 641 invoked by uid 605); 25 Feb 2004 17:15:36 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 614 invoked from network); 25 Feb 2004 17:15:33 -0000 Received: from us-smtp2.idc.com (HELO us-smtp2.insideidc.com) (198.112.96.76) by mail.netbsd.org with SMTP; 25 Feb 2004 17:15:33 -0000 Received: from idcsmtp2.insideidc.com (idcsmtp2.insideidc.com [198.112.96.30]) by us-smtp2.insideidc.com (8.12.8/8.12.8) with ESMTP id i1PHFVpn007143; Wed, 25 Feb 2004 12:15:31 -0500 Subject: ALERT: Message from ietf-ssh-owner was filtered; FILE FILTER= * From: IDCSMTP2 To: "Antigen Notification List: Default" <"Antigen_Notification_List:_Default"@idc.com> Date: Wed, 25 Feb 2004 12:03:34 -0500 X-Priority: 1 (High) Message-ID: X-MIMETrack: Serialize by Router on IDCSMTP2/IDC(Release 6.0.3|September 26, 2003) at 02/25/2004 12:03:35 PM MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Sender: ietf-ssh-owner@NetBSD.org Precedence: list Please refer to the Antigen Incident and Quarantine Area for more details. INCIDENT ------------------------------------------------------------------------------------------------------------------------ Scan Time: 02/25/2004 12:03:33 PM Detection: FILE FILTER= * Disposition: Note has been filtered Quarantined: (Document link: Antigen Incident and Quarantine Area document) CN=IDCSMTP2/O=IDC!!antqarea.nsf Version: Antigen 7.0 GA1 (Build 688) MESSAGE ------------------------------------------------------------------------------------------------------------------------ Message ID: 005DB528 Sender: ietf-ssh-owner@NetBSD.org Subject: oh Recipients: lborovick@notesmta.idcresearch.com Routing: SYNOPSIS ------------------------------------------------------------------------------------------------------------------------ FILE ATTACHMENT 'card.zip' << FILE FILTER= * >> File size: 25475 bytes Host type: MSDOS Content type: Zip Compression: OFF Attributes: PUBLIC READ-WRITE File flags: 2 Created: 02/25/2004 12:03:32 PM Modified: 02/25/2004 12:03:32 PM Status: Filtered << card.zip->card.txt.pif >> Scanner: SybariEngine 6.0.633 [119.114.61993] FILE FILTER= * __________________________________________________ IDC's Annual Technology Industry Briefing: Directions 2004 Making IT Matter - Finding Opportunities and Defining Value March 31, San Jose, CA and April 7, Boston, MA More information at http://www.idc.com/directions04 __________________________________________________ From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Wed Feb 25 12:16:49 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id MAA00791 for ; Wed, 25 Feb 2004 12:16:49 -0500 (EST) Received: (qmail 650 invoked by uid 605); 25 Feb 2004 17:15:36 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 630 invoked from network); 25 Feb 2004 17:15:33 -0000 Received: from us-smtp2.idc.com (HELO us-smtp2.insideidc.com) (198.112.96.76) by mail.netbsd.org with SMTP; 25 Feb 2004 17:15:33 -0000 Received: from idcsmtp2.insideidc.com (idcsmtp2.insideidc.com [198.112.96.30]) by us-smtp2.insideidc.com (8.12.8/8.12.8) with ESMTP id i1PHFVpo007143 for ; Wed, 25 Feb 2004 12:15:32 -0500 Subject: ALERT: Message from ietf-ssh-owner was filtered; FILE FILTER= * From: IDCSMTP2 To: "Antigen Notification List: New Notification" <"Antigen_Notification_List:_New_Notification"@idc.com> Date: Wed, 25 Feb 2004 12:03:34 -0500 X-Priority: 1 (High) Message-ID: X-MIMETrack: Serialize by Router on IDCSMTP2/IDC(Release 6.0.3|September 26, 2003) at 02/25/2004 12:03:36 PM MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Sender: ietf-ssh-owner@NetBSD.org Precedence: list Please refer to the Antigen Incident and Quarantine Area for more details. INCIDENT ------------------------------------------------------------------------------------------------------------------------ Scan Time: 02/25/2004 12:03:33 PM Detection: FILE FILTER= * Disposition: Note has been filtered Quarantined: (Document link: Antigen Incident and Quarantine Area document) CN=IDCSMTP2/O=IDC!!antqarea.nsf Version: Antigen 7.0 GA1 (Build 688) MESSAGE ------------------------------------------------------------------------------------------------------------------------ Message ID: 005DB528 Sender: ietf-ssh-owner@NetBSD.org Subject: oh Recipients: lborovick@notesmta.idcresearch.com Routing: SYNOPSIS ------------------------------------------------------------------------------------------------------------------------ FILE ATTACHMENT 'card.zip' << FILE FILTER= * >> File size: 25475 bytes Host type: MSDOS Content type: Zip Compression: OFF Attributes: PUBLIC READ-WRITE File flags: 2 Created: 02/25/2004 12:03:32 PM Modified: 02/25/2004 12:03:32 PM Status: Filtered << card.zip->card.txt.pif >> Scanner: SybariEngine 6.0.633 [119.114.61993] FILE FILTER= * __________________________________________________ IDC's Annual Technology Industry Briefing: Directions 2004 Making IT Matter - Finding Opportunities and Defining Value March 31, San Jose, CA and April 7, Boston, MA More information at http://www.idc.com/directions04 __________________________________________________ From ietf-ssh-owner-secsh-archive=odin.ietf.org@NetBSD.org Fri Feb 27 18:49:39 2004 Received: from mail.netbsd.org (mail.isc.netbsd.org [204.152.185.212]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA04274 for ; Fri, 27 Feb 2004 18:49:38 -0500 (EST) Received: (qmail 27242 invoked by uid 605); 27 Feb 2004 23:49:35 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 27235 invoked from network); 27 Feb 2004 23:49:33 -0000 Received: from unknown (HELO cclab12) (168.188.129.72) by mail.netbsd.org with SMTP; 27 Feb 2004 23:49:33 -0000 Date: Sat, 28 Feb 2004 08:49:23 +0900 To: ietf-ssh@NetBSD.org Subject: Melissa From: seamoby@cdma-2000.org.cnri.reston.va.us Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--------tpllfhdpembwojxmtwxr" Sender: ietf-ssh-owner@NetBSD.org Precedence: list ----------tpllfhdpembwojxmtwxr Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit ----------tpllfhdpembwojxmtwxr Content-Type: application/octet-stream; name="adbaaa.zip" Content-Disposition: attachment; filename="bdaadcc.zip" Content-Transfer-Encoding: base64 UEsDBAoAAAAAAOA5XDBKH8ydAD4AAAA+AAAMAAAAbWtsaWZmbmsuZXhlTVqQAAMAAAAEAAAA //8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAA4f ug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0K JAAAAAAAAADEoj5LgMNQGIDDUBiAw1AYgMNQGIPDUBgO3EMYr8NQGGjcVRiBw1AYfONCGIHD UBhHxVYYgcNQGFJpY2iAw1AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUEUAAEwBAwBCRUBA AAAAAAAAAADgAA8BCwEFDABAAAAAEAAAAHAAALCwAAAAgAAAAMAAAAAAQAAAEAAAAAIAAAQA AAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAAAAAAAAQAAAA AAAAAAAAAACkwwAAFAEAAADAAACkAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAABVUFgwAAAAAABwAAAAEAAAAAAAAAAEAAAAAAAAAAAAAAAA AACAAADgVVBYMQAAAAAAQAAAAIAAAAA0AAAABAAAAAAAAAAAAAAAAAAAQAAA4C5yc3JjAAAA ABAAAADAAAAABgAAADgAAAAAAAAAAAAAAAAAAEAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAMS4yNABVUFghDAkCCIWlHAXMc5u5GZQAAKgwAAAAbgAAJgAANP/b//9Vi+yDxOhT/3UI agBoOgQAAOgCDGSJRfyFwA+E/eXbtq8LABkMEqD0agRoABB/2XTtEQkW/AfV+DPbC8B07tnm vn0S9CwC+BsMiBZ/3WO3VDEwQFNAaA0JUApGko3Lw9rvRfBQMPhSBUsKnexgt+d3MiFq//91 7Hwm6FAL7N0G+zSLXegKEFOAADZpxv6DPQifcRCLw1vJwggA1PQMyBbA05BNGgzJyIH0DPhs sMjTEvgHEG8jtA82bIHE2P0jRAiI3X1/FyKJhRCDnwczwJIttu1eJMeF3BMkAh+NCdnZXPe9 tSQvUmUvfBj8tnsr3xKUTYud+A/rFDCbstlTWOvNDPX4v3yuYfdqAgMDaL1Ak/0cCze33UB1 BCYMHuz4UKwQti07O8eCzx9TNx/hhttKC2gmHGipgSsBx4vYH2TzbBUGeq6CI9hbw63ZbmN1 8FL8UByAARhwcAu/gEu4x1IEgVkGcw3v7nSOaCNtvpqHbuviKAvwqwEFZA4TnjDmI/926bgL vda9e7BwM7LJwwYCPbhQR0DFe1l39jWggIs+PAwPANE6n3WfLaL8U1Z+bB4Mpmju/xl7KGms LoE4LXVwZHQbB3b7/f9kZWx0CUCAeAMAdenrD26u6QQEVgneIFs7aATgRqRMCUOefBMmDpqu gp3HlmMss4NqHzpoRCAfyIc9jmhZjmhQOxhvdo5MPRB0MsFgmk6YFBYLpZPfhz3s9RxjgG/E 63q0DmMP7wu9M/ZoehafH09ePuELNy1Qi7doiBMACXw9AsLNtOGvsj1eBgFGcz5sIwxqiusP uXRBUSz2f0J1GAvbdBQL9nQQuBuzE24cpvuaXlur4Ive/u7YKMwAuJAf/IA4ALrAhAh0AcP/ v7sVZ3N0BxB0++vy/kABU1VWV1C+079097cWHCvAi/pomAhk/zC9IGoNWfP///+3qxFki0gw jNr2wgR1dLpsAv5/iiKA/ASKQgRyBb/d/m8HBXYEZrgzA8HgEAYBASxRDItCHG/F3v2LWAi4 WBea1qu4bgcGq3QFyIBs7bgwGAsRhvzmbg7ImlsaoYAgBQD/29uOBAaAWAqEuwj3v4D6YLpL RVj4Wwf+UHMCsAM5kxcoPFp0CoHrf3P/bxgAsFrr6ivb6yiLkwgZrQN18TvTdt/+N/DtUY2L NAA70Vlz4YvqixIBgzoGdfC7H+wCisOyUav/FXhtWTPBq4Xb7W/us9riR1i6yGgDw4lHBAdf eFmebAxYjU8gjdA4X/b39r/1dQOD7S1FMDvDcwOLRyAfJLjtxk34jn2rr7i3GAarGdqnBr// RrsljatX3nIVO8VzES3xZF9Z3WLbu+jeroXJdYe5JiVyMZqt9N8fLWpIWYPAVTkImwYOBwr/ cllYdRUZikj7gPnoJ9Nb/98EzHUFA0D86yqNgwBP4bkAKHsuebqzTxYTvRACcz8nFNtgtWSP BYL0d/+nf1hfXl1b/gBsbItUJAyBwrgWi0QkSwvc8QjHAoQHiUIMTcOhALZtu4HwkA2KUHf6 fAoEzNDott9ISEl158ORCoTDP/9v/786dHqLUzyLfBN8hf90b0sTeIXSdGeL8gP+A+/Y+MPT PZ9zBStC0j9rlYtKGC9c4P+LciAD81LjGYsGK7TGBFhJihRz22/wBzoUL29HhNJ186xambD/ 3757dSUrK0IkQffZIg+3BEiLywNKHI0Ugf/muv+LAjvGcgQ7x3I669stw1J0bE50U9tv//90 YXR1c1RvRG9zRXJyb3IAEkFsbG9jFWXsbvvtVmlyGmFsTWVtFnkXRnJlE/etxKdPcGVuQBhh ZABSBM8e7FtQQWNlc3MeU2V0G0FmpYbD/2Zpbml0eU1hc2tgOwIdB+/+YAlKDOMC/+ELCTTC FCHhTTyDDwlNCiaLVRSLNfwNfnQP90AgPIAwdRqBym4INRszuCEYUh2LcMnGrvTdOGoFWTU3 oUKNTX307QjdAT8JSXI871JoiRiwdQWGpuc6GAIUD6HdNclRbf9SCCvhWnhg/72NB6UMUU5B 6/VqV1jYkEfC6/BkGMnLkFwyFBAhDLkLhzQNFe15FoLrz8jWxlLEdBDrBbnn4hvfzpnL6632 RRWAQINy9robVXUh2VK5txD2lL23rwawATuuanhZJW/w9vUVfCCmw5wE4+580YvIZ7rdS/VT i9rKCFJ4bEO1b21/dEIryYH6/wB/u0EwdDQLt3/r3+QQkXMrOEMCdKzqAkLB4gNSTXMw1PHC FkIQIgNRRE/IYFg62yPJUBQYGVvR9PfmZsZfGGoGWks4SwJsI/G/+UqJEIgQM0MEUM8Idjzw MNuI7lBRy1PeXGvfgw+URf9YfTw1PFEwUN+2t+576AJAeQMDQnFNQksEiQhte3v7gDkHWHND QQT/0usIZggCA9lu/dlKAkkYWIB9/+UPUGKUMLoYggt7DG14PLvkHAyv5FdMhe3Qu3N95FRX IEWrMX/jBQyKy1erOQsPlcDQ4Ag5loUWH24YWSCDPcx2xvxfUnL0WSjvSMIlHAmI2olN/KO9 4fbjD4M5SIUG2f9xCI8/GtkwCyxC5h4Qrd0WpBYp1xP32rLPaG2tukkrUeCwUlCt7Y53JE6L UFA9QosKDHlB4RDhhkE4eTVQXkRAA62/QNJLIOMjgHvRdGvi9kvAQAyD6ATfi9SABEK3XIFD gd07nEwkOAvt/xAQsBCERRx0BAhEC40sDS8IT5NTJFMVWVk03YUNsD/jJ0VaWVrCEm5zL4oM Agh35CBUpfu+UOL/A7cDiQGL09qnL9NwibYP9loFCVCPaBkjGw0j5BwDph0eIDvsAACQ/yXf MjIysgWMiIRMMjIyMhgcICQyMjIyKCwwNDIyMjI4PEBEMjIyMkiQUFQyMjIyWFxgZDIyMjKc oBAMKDAzMggAAP//ryJrZXJuZWwzMi5kbGwATG9hZEwezEX/aWJyYXJ5QQCRDABNWlE2m4nq AwL//1J8sklpB7RMzSF7QP7dEIgDlVe9NdE202bvvvnu0gdfKcBmuC0WwWbQG1JpY2jy9gg7 S1BFd0wBBPL/kOJFQOzgAA4hCwEFDAAwb5LuyEgLPKAQEAvSzYJ9vAQzBwygt+zsfXEyAR40 EAd/BFoOyBBgQdw7Udhzgy9IAN9fYbunYAEeLnRleHSqLubCvmCQ6wRCIOkGuf0ucmRhdGH7 8ggKajQ0t9gpQC4mJxE4ULVNSdMIPsBPZRvs2Rqu01iQc0YnKkqgKUJ3v/ELFXBXjT2AV3uL RQiJB839j/bHBcRRCq+DxwT3JcgMFOod35H/gT0FcC9141/JXzb7MLVWV1M/Hw+CwVL9OXNA L3EKaAURm/MfL9WQKcdF/FKL94sGJf2/qX6Ai14EgeNBC8OLyNHoi9aBwjQGAvD/3x8aM8OD 4QELyXQFNd+wCJmJBr1XyO7b/zuBffzjPnXBdNvIgeT8//9vAtdnMJ1NSCABo6Hw3/7sCv3B 4AID8HSL2MHoCzPYi+3O/hLWByWAViydCw+Mxu9fCt6OC+gSUTPS9+LCW19ev1E/CCdX/It9 CNTB6QIzwGToNvfjAvOrC3YDCapK8N9+u6JTVjIz22aL0D4Qih4D04H68Z+/vzeLfAaB6gcD wj0GfAUtRuJTsLmA3VNeXqIr+O6FfotdDF1qGehr/pk+sNh/wGH8qkt18VtXHwToS6lMNUBu Vf/NW7cfK/HYCRDoFQPYg8MQU2pA6MzXVNuKKgyJdwwkeJ2f3QhdM8YrDOjpKs+5jsAaUdYM QArfpfuaxVMIvD+L6woMQ3vVgTA1QjUrcF+BIEUVIITR7g5oDOiXKQRhrtowjDVVfQzR9u6F hcAtrAUI4gcEQ0PrCwx+e/s2AwgCrElR6VlRwdyK0IDiP9Jx9xdPBuLzWegvPJKrkgGD+BsM 9hJ1D09Qog0KZqtYWd2h8F//da6Lyyv5sD2QtaCAXt7+9vo+cxcEM3cNgMJBB1p2AwbrDt1t /9YEywmA6j7A4gIKK2bi1sPbw86DywFqALmLVawS8MkiASbL+I1V+MJYBN42jwLHQuMjajR7 3YMI9S4Ufi5Y9rs9Vo0TxwYpx0YwaAzsgXACMZh6cBDDaSCpjZacHGYUEgB63yyyxYlZAooh z5ZdNjO2WxgytbPnHvBkIjo0UMmGvTf2FJc3DMpqOxwjGDszUhxmY7so/7/r38i6xNPi8eMV b4vaweIFwesbC9MPthhA6SGYtgMW7jQ+RQxzs62vo1CCBzVNnAFKt21acBn/0kD38T0CRQsw AaYg5Jfxm9tuCC7YJ5daiRCPAOstizRufOFaH9CLCDs2dQY4WmTsP1yLQATr6FItqs2eiNPx LptA99QIA92bLFfHhdgGKA/E+3abeugjLImFGY0Y9c79TLcM6IkXZkS/R1BE/G2pKerXR4PJ //KuUp5tbLP1/kEoHwsu4AAXtl0i3oA/sNVFSaXTwTbruAyUJiqkfV+WHlzY/2pk6EAg8sJE DOnCGpyu8NoPHqEVeAjkN9s3F09qxDQ8VriAfhgz/8Dd//brKovO0eG6CQBAFffB33QK0emB W/9W+vEgg7jtNAlKC9J154kIHQQD//7oRoH+EHLOXnpWgD3MDjR8m4bksMYFDQF09wXuOi1R dYmy6ggyjNrW2I//nASFbsKi6B/CYBGRRUPwBFtvGdwWmdS4VfBm17z2t9vCB2a9CQxN8gfh BWYLTfYDmq578NFmiYUh+BwL+pqE4k0Y/WgsxdodEOrvJZrL9CjcGe/95xNoct/hRQopDRXx Lff3eFv8+MkC6xOfFfToGdSwDzcK/+vPM6QlRq2T8D3MJa/0bIBTc1/DyGF6dIR4gHoDsc0g FJSA5SSXEorZ+UAPhLIBI7g8zVjDTMEj+I4eZWu4LCHO0/nmFgq4A2ZZnsguir2W0fbu2H5z gMcpSwMEZgeQZbv9tgJmGJBmj0XSKNpQLNiarunKjP4U2JYH2phIxfb92sL+59wCmgOMbdvY g3/gCuAgngXk67bbsuSi8YBmGOgDphAObWtlgPgCHjPBM9dUzKUo4T0T5ISfcyObE80kdfR2 4fA7hGd7JHWgdBwvNsLuHfQZL50kXgFec9mW7evIaezI2YoBAgnB3HaOFAAEsEVlCevc9r41 Z08yLqY5kh6yYAY7UoJKHri7Nc/mBQbAAcDCLewrX3wTZlvSxC9jMRh2zd/PpiYjB/joHkOg 6JmcwVPhCHwMhPQVpqeiCB3gx05jIwiXbPRS9CRSnzupaBkJBwpVht93IXAizTK/G74pakvF P/EJ6Mb2hDGIB0dOIAjYZA9iNzo1VpMZhQM3MAeK4w2QGbJ9GbRQgwzSdDwECxnza4ccc78y 2VHmEieeve5ygILoNAlQCngwUAczJ8873SO3dvSDNbEtvT1iNBYuu5gJIeG33bwF0AcJoxbr PhMlecjIgyMEAFB2yWCHoHJkUvhFmHMjQz34C+I+ZJDBvuEQQDcRFeeQvfBTh/siCJxsZaRF 6yKRfqUC7we7ZQDZFL4iBywIE/RyULAiJ8FNCU6XEjqWIsF0jyd8IrJnGmFOtssdaBUJMZIi rtxTr9jzs0ZA6C0h9CiNX+z7uZUPBwUiF/A7F3fWXLY2ahQY3K/1CApz32Mz/2gfdg1TIwip aDDSYfBMp4bAS0XDBemaG9Cs37KkUkAgpLaMHU7elw/4ZSwa+RArrygeIE+cbYMV7hcEao4T NXZPvFVj+NHgomQRozg0KJnuiosUJEeR8u9r9HYp/zUSCxw8Cbp3wpuXU+i5HyyxB4ot4BDc Z7IxB3zQc6vrxjLjIWre4Ni39A2bu1vHCdQHBeIDAOYO3dgs3XM7/Ssg0AzgHrjRbJPYQ1GD THUEjMQTlzfrA+DD3nATN1fiZRwi+PJwiMJ5YhX81XLgGCzlukkgRTIXEh0g033oGh/GQPuM PXYnSU4TaDsmDs+n+0TLU76+/ARCt1WDiVrsLApXNDsFt7k5OSEG/UQTCd2SeU5+HHUPAIB1 hen+sQ50DGoFaM1RWGqdPmHMC4cGfQHDaIgM3Nmu+Rrr5tQATqXMjddcZssNJX7z9uthJ50Q ch+VdRsPBuHiHFyc72BIS7sGBIsCGATMt0X4zUk/CSUMMJnbteivB6UA6xIyDTmhR285+z70 ZqH3kemFCEb4yUYoRmwRAY66F891VI8KJMgK/FyLLUz7HneQYZ0YQh+7ArD/iiH3bFvTEJIU jkR7VHs/8YH7ZnYHuQYt70ajuM3jMaYCgFAls8Ho348e5H4eK9inUBmLskFHoRCfGBVqAWpb AbxmmpSzHQT4oBQaK9tnGMj2KsgmslX/Fu3SyTkwBxQ4ElkTL9nsswFdIl7uxbZRxy69O7Zy YwQLMgZbwbxZFB8WvwPmaYsL0/OShwtbIfpC+52/8SQ03yvAFGo/SYlihWa+U7RHlzGheJtv 7B0ENXgMGuqAfW5Hcfj+IHULuHTw6wwQCbzv1C10Cg2ABUYJG92OOmoGhgIjHfS5NJm2r2D4 gfA18S0MtRrwNPYfhpaFQrg3DAXSL1W23+sfCnUKBQhZJesPsXdWfqa8/UMUzkRmtrNL/Ogc WQgK13E9biyJZTT8+isfZ5zxBQIh+0QAJkA8GQwHBSL6wBxv9raW6IsyG/mOMDDSZxwmMIzb Y4SDdUz8GYMctV4Ek5182BUI6HlIQgg520LI6CQZQEIbjG3yLVg2ijjZhhuB+uj1G2XtB7xy EJZKU1NR4++/bUFLLFteBHYEhsRmO2HIRtTyjuM/fpvdt4kDUQEJgzvHAx/reqPjbc9K/zPV G6zHZzm5xCFdDphYCOwQNYSDHexQKlIb3Xd9bKO6BVkmKYsVRHOB+vRjNb0dJ3MbLT5WcSYC u1u9GsaGcBRxBlFfpltouz/rqIb9DU0QeIKGeI3gFN9eLNidDDJqDD9GGkOxbObhCMkMBRAI WG0qJpMCbSG+eLgTOrsZiAVJFp4NRhYJSB1LSKPlAhzmShMJEi0aJw4Hi+5HU1anWGgRisHU Gc1cOfcZ2L2GfGi1Slw6RN+nZ/jEFOit6HWvaExesPBMHWap8KgZYCnqfs3onxaTDQYrI5zc vIIaehP4aRDgH7CTXrRXv0hR/gUYAT7oZf/o7Mlme/cAyDtxaMAnCeh0LMDl7ujK/w4A3W1l Gdrgjjx5gGojnxjpEpXqGCxKVjZWqtTd/tE6uXCR6LXtBb5fyLntvoYdHYPGq6IS4EIDNYHu m+IFBgwkWeiLFl6sEwthJpRlarFBFnBPQPVps5R28W6txsoDha4NeYWvIwvuA9InQG0IZlIT aIIYFpzx2MEqDY7VUwWvfI6tzkn66XYkIGmwYkvAJ1ixPTvWHF7vvW12CQgLcnMLzi1SOTxT DsiRWGSQQQZZHRBMyC22Jls3/wLjrhXMFJ5YOwUEGvgWyq10XdsCcb0ZuG/2fvzKq6Ezq2rw L28/a5y5VueRAvkIAw+FijusjQUdBAGW+e+WS548hgJ57gSodn7uQm4dGP+1QswggwwWQzZw eFgsdr3tFg6HGZqHjPXrV7keRnNYMBe2HBIzKDPZIy0jIuFh57BSAhojFtD5uAHmoKC/AQyY AWeLBchapKX3ku3Y0LeDvRiasNeCtS9SI9YGJBvrGu+1U5Neix4BVz+Egx3rqhifFWADdRFo pBkbsF+sdTKoO+awyEJ2KB9JWjU47OkVAT4EjCiHMNkmU+kCEgiyCk5yMC7sAEzoAwz45ITg TtAbaoIVKTkkD4rq2xXJMw7JyBW3FaBv7PYwaWx6tTQ6as0R2jRbFvFXFm4C5mCwQMF1byaE tzusWjcl6xwYMtjPXLYdGd9pFW9kwUBj+lyplINknm0LE5So/c1rMngCxV9esvAcsfB6sP8F H5Uq6+qEaHitQAhbZ5ez2nXsmY/rnPQH6dje7Hzq/BEq5Y0U7/q3sYA+Q3UagH4dFGaDfg45 DranDUVx+wqHdk+26lYIJRSy6lsNRD4MkvyYMQ5faEgCeGfEsYLjEwv4EPzBBzxYIxXob3UV m3SRD7HGEyy2Jd0RWgyfZRSLEoBrpoVToTsI/cKBA4cAB40TuuwlBUfi2AzgJui89AI94C/V sPZxZsFN9ghmt7nZBNoK+AjaLdBBBjoYCbgTAv//Dd7F17Au/CSL3yvagH//LnUBS4ld8FFS 0CDLYTYB8Fm5mLVhJR8RM7Al6kB0b7gwm+TZBYXuD+4CHZBCBmTuAXWfrZb2Tny5NWmGWRqM WoWc9SULheHhq+cK2KdT6NrQmaGzTkf84y4TWG9yDE6A6RYso0RnL1NqDIp/sZvFYhQAFzrz EmgEzNfLyzxWVgLqN0bHLAT09GwaKOkLdlkyR8H8Vnl7QGvnGRGXsEA7uY0cw/Mrnl8SrMPa RrgQySUS/woZowSAV42lanZhQozbEDQScRH8fbtthfP8D6yoRxwkP2a6+MQWc6yDA/DPVhvO vftS18Ve6yAKH3VCyvAvUXBQ63v4WeMD/POkebjVtvGqPapni8ZlDAq1FNtsLgYQUCtHuqTg kb+CK0OGJL3uCoNYLYrBwYvGifJ9dBY0g82i9usO2cadK78XVkq15+MXwWrCeb4QFPzoOHvb JhijNsf80E4GCATqDfClAvdGAg8Ucw+3XiZ62pU7lvhWC0rpWEPd9vCtPQAdAR5UFFAbNXp7 ci5QreNmrVpJa1QojCMGgx5dENofmWxmJwZmWmY7VfJfdYFrje0FGQiWV7hH3KJLdbDHCiXQ H0hnERDz/IA9b1Jjuf5+ksYFCAHo8TiYc8nUF6nmd0BNlMaN5CoWmYrqZXE2ltUgWD1E+IzX Afmr1OZqAxulhApdnQNy5fipnmHTOwSGHxKbDH92DkIcM//VVw+RF5Z0OeHluRlBzpHyGP14 BmcWAn1qD7JZz264m2zt8Rn2AXcFd+HdWMw9MjIwR4XjEqBbKHbo9IHGcTH3qmbcGbGR8Ioi Zg04V+bblgwKVZgKgwzYc9ELY4mSC57nIPT+NX/VbLHZspRSFEAMQmAMMsiQRk+xOdhjlzwS DGiblNEODtklJ8AODlH08OclJ0/9AF/qAGUvGeQIaKx/bg7mkycv5LwOovCrAJNP85INmAC7 LQ5mHbKRu3lCX/Bwfmzc/D7O/TM1NHNdlKjkBitwPiv4cjH0sRZ4PMMtmXbTYH/AsfCYIw4S JuvPW/DOc3IDEHKaV551bQFHpQ2wvOPkydrs3hEPcqzjx1s2eAJbAPJAkd8N3enGB+gfQGzd /FgMElp+/F6MHLkBKcwMXi34vsPEUxeeTti2wmzm+ytFCCvYEecPENggVRAgwRAQcbrJMlMU ShCl6toKhS0bAheNj73A0DlLdGRpi1sI2wOXwOvlOlM7EIq5mxYKNFARIRAoLgywBJxOAnUN Oo36/1s6iRrrB1GLCYlZCFmJGViMyPTUFVsIXwM6FN7U5wUKe2cYj0MMC54UpUNEh596C0WK L1wFhMvHBYWDTMLtDrIJibseBL+NDYWtXVeQU7Qr/Ktr8lEA155B6FNXrM4FtO5nAkPo8iGL 0mXbUb0YXP8xeHEEBfi576iWDPSKQwRR6HQjM141gy6ZvzkJ8PuHD8LU++R1A09/6w5HC8E2 j53JSwf06EPrCz4jTvW/WhQLf4HoTgX2gQNOFmQEkl8L+wd92Z/bHnIK5DPSuOh9Nbxv9yUQ BeJTG2q+o+q+wDCYtQhawS1QK/CNQxMDw2jgEsQeeEPHdR3oGfAxbVNoAjFsMgrcYB8z0bMD gbMU+xcGIa1W/d5OTrEB/TtVmu/+f3I0rDwwcgQ8OXYkPEEHWnYcPGF6C/8blwo8LuY8X3QM PC10CAoNCzDxt4UKUAc4Q4rI68f8ZrJr3xDWTfxMS3Mz60pzBAoGSshJFzIbAcQM9QJ84BnO iAnyCFEFAbiRJgouqshXdG7BFwcoCSx3YgwRKFkFME0inDj5Anv0iSvDtw1yAE34qfgPg6Pw gAvAtx6BffQQmnUONlihtsyc5jH8yA+nY/BAdX7yzP5v/hD+Q/wH/Mgry4H5aF6D+QV2WV0s vBcJ8429bsusOwfexVu4qjiE1+LyLQvSdDm17tkASAB6XVqubvVNtjImEglQ2JHoHfuDNe0I I9iNChr/VRBe6VQVDoZYljYk3hY95KuxATMIDAk5OXJaZQhCcTYgzxEILIETErmvHuJoLMBO rRUgWE9uzc8HxwcVm/jxK5FoCUsZ4LQFDfwRuHAKrci/y1JC/QZCPpkHCadoiIMpE99M3egM ikWlDqK/9wW8kUUEEvvf/WadGzBqyA9ELm7q5roCkAsmqbT6e+C+53AKNKcMaSLsZq7V4b5g lh1Trz3YlHD0aL00GxBZnMwBvqHSX2KLsMt9V2g+rnJNB1MscHah7rQKi7AZUzuZgEE+jCX4 iM4GcMA7aJcHxgQYZo1SLGa3tlGjHfpvgQUGOFL96+58QmUbEvcCBHQaaBcgBCODTUsM8Fvh RoBMNAlH/3W5wXJenWoKnZhW4E5+mlIGsAcWYfY9WlG5h5QyX5sFHPMGyTY5GJYUDHNXTbAB MDuECU05duQa6uQaGQ9ngD7UaNAADwv54Ta3/XoDdQYKi0YFnB6xynwvGkbr31IX/X7NB3Zv NlAFdlNZQw1y4Ird7wrB4QMDDW4IjwFabLC3BdkFFicHknYPMxEpOh4Gg3cF7AKObfCLOIM5 Dkg5DbYCCtv7wbDyFFzg7+s87McBFUESr0AsaXUF2LvPMvYZixV44hX/MnpyBNEI5jbo5C5m ZmTBIjhum32mBnrfoHgdNjkVUWzbde4z6IATBqc8g8N/5iqN8FMdSwUJaECcRgYYvNjXDqM4 x+CX8zsFnzmGBDLD8D5R7rJnbtyLTQqAm6qMGyQU6I4E7rmlsXDhInoiE0uyh3jmCehkFQwF IwakOWSOCGripNveiRJWU1gLi2z/D3732Jm5PI75hdJ9AvfaUkGY0kvf7jTowubEgH3hMKwB 42HbxhErSpcEPseW76qw6eJQ6MXYEwoV2Q8Lt3y7sDJh+OYEeK6AIyaSCyYj/R719RMqaKEP GJiE6g4BdCTSV7wAX13Nalc/GMq/X1VPr3Eyj9c8Fb7w0N7hAVtCEXxAizkK1MQpMKtUG3S0 dcHHjTpit3JdOPw5a+voHnCsIOYUY+052u/FwcIaxEMD6hXFOwGaa1h9UCeba3VnB2YXUwsn HAzLw6EhbQ7stmxzC3CGPofWA1ATkY2cYR0iCMLCwTs+wS7YQ90CPYXbdamBqU5WO9DobM/J 6mfz6EzZ/6yqAtA69mwP7NZkURQKodcGo2d62tCKDk9bRb7bI65N8gKm+H/qz40k+KgnaDNU qNDo1gLwAOkmLMVobpvFAvZbqhoRHBLADF0xlVxVXcAuGWSTeGeKhAwLsaFlDo7EsLHCXLf4 EjgAw8zCMuOYJw/sAahnQlUQfAHkJf8BGG6uKQjtUGuUOzTDbhMb0uEFV9oELehtB4vuIrFo ICiN6N5uYRKA5uUFIfonwwGLylP7AGhxD90BvQhUyqMNiORKrskNallueytyEHpYIE07s34A xaUCd8hOocDmGLlDLtdUAUEelevZ+7UPTOjlLgomACZ9cLkx3QwB6Hs4CyDktlPUnLQMGIxs 7bcPzP8ltEAwBdDMjIyMjMjEwLyMjIyMuHAsMIyMjIw0ODxAjIyMjERITFCMjIyMVFhcYIyM jIxkaGzUjIyMjHR4fICMjIyMhIiMkIyMjIyUmJygjIyMjKSorLAZGXmOBEFYSETkaxQZQLUj OGRkZGQ0MCwkZGRkZCBUKEzP53NkUNxA4ED0QOz5fD6fQOhA8EAUQRhBk5Hn8xBBDEEcGCMj I2MFCAwQJAkyIyP8AOMHWagoB9am6ZqTSExeA3I8drDBmiweG5IHOkQDTdM0zUpgcoKQoDZN 0zS60ODyDEVpmqZZJDJATlqm6ZquKBt4igOappumaZq2yNDo/A5GNE3TLCA2QExYbJpt02Sc Q3McAPBDtGmazgPKvKpqRc1Zd1ZTR6tHC5iMBjnbdAOkgkfXtH6m686I9/4X7gO82XTN2dJH ExYKAyj8RqZpmmbs4tTMwk2zbJqypDJHOiCWd0nRYFNoQXATzWWbAQfPQxOKBHRvQJZBXERD ExiytcyAeBcTJAPWNAOw6Eg7EjKXbZZIDERCE4TTDMjWBRNgpiTGprlkOEPK/DxCO4IKaV7m SED8t///GgBDbG9zZUhhbmRsZQAdDW9tcGFyZUZpYreyvVRpbREwDWF0EI5/wBbyMQ1NYXBw aW5nB7oGdbA7FU11aA9GtlgQQWEPSert/0Nvb2xoZWxwMzJTbjxzaG87trUNlI8tRGSDAJML kS32FgNyc3RuHZzd/oO1TlUQ3gBHZXRDdXJObnTa39edXUlf3xVElm9ybQbT3R7rN+gRcml2 c3lwN/WI+La/QlNpemf+DUyObcBbSGzigQEPZ2nf1j3mETRTdHLZczc8GVPZtre3eY9lbUSW ZWN0YHkVUmfdhds6Y2ssdW7DUw9t2H/YZX9VEVpvbmVJbmYX7O7Z2mkLGWJX1G93c1LRFsq2 F2cDYn9QBfsQ4QBuDdlmr8tFbwGsGg2u3284Nhq6AYVWaWV3T2bdAIQIQ8TRAfXqQiHYwi0B CXBU+GGZK8URVAD3AaE75ogaOgD9C2zGT9jAZHMVAlMzUG+/lWVrrhFyYA1lcABlAskovAkS 4NMqzNC2W4cCVCZtLIlmB2PJFhNpDncC0PAn7FVubbWPAldhaXQ8U2244c11D09iahYAlAIm RXj9jEK7CgCeCY90ALUCbDTPRrh6cmNluwtweb9gVG6LIG4LlVt3YWFxAmlwcsJmGnW7QIeV cxcb1kFD8TYKZ7tudXANIff6dG+Gd/8NIwBfXw9GRElzBPkkAGE1Q+vKY2MJJU+8B9ZtHxvN Y7Nz5msgJw2jFb6F3G61KskP2YY1tFuLYnnzFCsPYWFrxw02ADwOXwVkTsNQNXw6AGxpRW46 B+a2Dah2FQBQbEQJQrBIzURuOWA10HiavQi6hW9UkNqjsRFpBc7vX+0Z71q+Bm1Pbkg8AG9M LbTuYDHXABtE2QHmutdQ+AlSQ4on8wsCSUtu4ekL+lQmbQuZbDu0sYV3oGk5aYP8tadkB5Yn exWPbK6IZ/plZLAbhhO2PZKLTocPVexQ6AqjYXcGCGHFfqxjgHdnXEtleQCDDZjhc+/ODj0P RBYPZ7tdMolW4nVlEaP7Giu1UQlGEEWBrhPcwjLDuRFydtKN7esQ+yoBTgJ3c2wfhcJrUPM0 qXD2cNrSG4ZjVVJMRKRumLWtm9E65EV1vW3t9OhamCG4U8xsoYAF+80wHFNIRUxMYAD/DmIR KbEGdD4xNTEu/ifh2zIwAzAuMzkhU09GVFdBUkVcBUpfB8BHMjFW2muj9WRheS6ETFwyE7v9 7ccLQVRVUEQERVIuRVhFDVZXDo+ZM4NvDFAKTFVBke3HCoYJRFJXRUIWV7Ib9vZJQ1NTC1BO VA0MOTXs29gsVQpOC0dSQUQM3y0L2W8mC1RPRE9X2LJtsk4MVDRDGinVPmsfVlhRkEFDRkkd txH2rFGBTUN2PlRQBSb/7E9TVGhWTFRNQUlfbjgo/XR0cDovL0VNjy51G10bl0Mtbd5uRHJ1 ZdthG+0vc2MGw3AmdwAuDQAFWjRQ/C4tDWFNbC8icAN0NbBWoxfKXkSqUvu/6HM/cD0lZ3Um aWQGHlK7BJtjzQ2ibm9QJra9hMNkkbtNaTZvbIPEYPBmdFzaXKRWK7UdbJpz91xSrDxJoK7u bwBsAGZyDW8MAEdgsQYtAEoAaVu7tqVfrF9IZd5cadBsDECNGijGe5Yi/iXEAhADBAUwBscs +w1s3BIsDXM8WENDOiAAQgVrm1ypAMMJok8gzRzfqsG9UlNFVAZcTAJST006wwr/tjwWPhdD UFQgwg7aF3YNokEGWyWeTkQlXasILhoVKKm4gGBbbYHzbQw6bghg+DaEAwphdnAuKHMmWq0A n9G0rBrRwXVbNED+czqwtkC71e5chi4qUWpiBLsh8vJ0eHRodG0SZGJ4BJfNX3NtZGUObmNo bWZvZIdCa7tzhGZnBEalqgq4gnMEIZFFuPkvE9ZFAGQnLCcgZGQgTRLbBnMgeQNIOkk6m6cC 27cJJTAzaQMy4noSv0OEOhclB1N1hGetxSwMat8JTaG9QRPTYdAtSUQPIS0IP4IjTUlNRS3n FTV00EzdEhF0/C1qsNEOfBKjbKq7UGg4VIEi6WQ7H98aGmwgAGI/ZBh5PSItzFC2YABRInAP 9jGyNxFP0C/zGlvhhYFuOyAXPnPbsC8s0UDZLRBjaWkiLXBZKhDXG2YtRYnNRaE+Nlo6N7xR R6lsdF/XbNgcfMgKry9v1xdzo51okVhtw2oMsnZjRg0OLnrXcGjZhi5iTzY0IuRewVTybylb aDnY3LaFYcBtF1pmYAN7LoRergSyWWjsawMRLhkAa2libKFWQ04gCS0wdaHwVuUXZHfIumzB XftldhTtcBtXRq01FsRrmH7b68eTo7WKCKeWRNNSa7QyFWA4Y2gouNtKnG55Bf4ZAKh9zZlc R+3GIOqBhQ7Z32lVNCC+K7RnYnbu1kzhcWaita5ofnQEKV3xBcS62myKuXP3aFvbeiYvbf5q IKix0EyZwy8U23lzha7NTz1tviDZJSIemdia0WUtaoq1UsM1h1aJ3iJls2Wtswb3CgnWaGLC IAynb4fTztCH2mYTV0hp7hMQ61q0LgAIgXSelCHXcnMlB+reMyyN10yya8SbH0Nz7RAQWRwK xiux5t5cbOlWZT8gHQIZgea2CHJzbZ7Yv2Ynw1lKc4UA8s11dPTMC00SaERiU+mvXD5uIHN1 mA2Ep5I9hAtIbJBKOEftdMK+Ch0rtrUmDGgGMyErIscECm1wiTFEEXFqU4lFHF9txywwAWCJ EMWA////3wYwETAeMCYwLDBGMEwwXDATMR4xJDFONcc14DUi/////zYwNk82LzlJOVQ5ZTmB OYo5rTm+Occ54DnvOfo5Azoh////5To4Ol06aDqJOqk6yzrvOhw7Lzs+O1c7XDthO/f///+F O507wDtLPF48aDwvPTk9Qz1IPWs9iD2XPaE9eF8g2CKGWEcLMoYy/////6EyqjK1Mt4y5DLs MgkzTTOiM9Iz5TPrMxA0/zQYNco1/////+41mzY1N1k3vDfON9o3DjgrOKc4FjmaO7U8vjzd PMA930Tz/w8+HD5VPqc+9j4DPzgSzzDVMN/////dMO3PQjGBMaYxsTG6Mcsx0DH+MQ8yKDJ0 NH80jP////803zTuNBE1IzU/NXs1yTWsNrc2wDbONtQ25zb5NiE3J3/3//83MDc5N043ZTdw N5A3qTevN8M3z3/9NyE4YzjZ/3/D/zj1OAA5CzkdOSofxjlQOnk6izqfOq46ATsH/////zsW O2c7bDtyO307mzupO8M75jv2OwE8Mjw4PD48RDxK//8N/zxQPFY8XDxiGW48dDx6PIA8hjyM PJI8mDye/////zykPKo8sDy2PLw8wjzIPM481DzaPOA85jzsPPI8+Dz+///W/zwEPQo9ED0W PRyWPSg9Lj00PTo9QD1GPUw9fotb/FI9WD1ePRpqPSV2PXw9gv///xttjj2UPZo9oD2mPaw9 sj24Pb49xD3KPdA91j1AauH/3D3iPeg97j30PfqPPh1VkbAIDW6ghIL/gAPf/SH/lev+itGK kNlflYPZ2gctqoLZ0AJ3KDD3B9giIYT3fT68F0Ao95QDnKY0FPcRIBR8NoUwF2KyAGR0ByD3 dAwoBjdAshwgGKhXEAoCSQz3TNkscmgB63rgs9kgFKciECOUJISCBKcRATYI6GTB4L1gCX7P CSBgwbKldyAhwbIhu2AmOJCmc4EYYVZqqYh2gDArBXZespwQ0hCbKriy3bQXwhALs5ZV8MDB pAHcKmAjI2HWCNSOBaAJN4vXoupT4Aj+s+tf3YH6sP8W6NOXK+g/ALe7Ox6jZBEJ6yQOHoM9 NncheA2//zUIIBQgAO9txwUKmScCuVQu1V+sEJv4jIsQ3+4wGu8yMRFUBv87MUYxWjFgMQda p0CI4lxkFfSCZM0IMycuwEix7mRtX2N5VyMVYNQb4ssBxggqOKKIJEVaFoIJjN0YAQUbxSsG sW5Q3WMvJG5lQRBFeGkUZEDdviD3Ek0OdWxo2VbxyE7rQRM6itmsWBHzQSgHVaAiQEHNDpCA ATPqQS2b1g7TomZRJwKKTRjUQA7fAZFBjUHLAbJkUMneAbcMeRNCAbMKRgHss2FQjAltcGkK bhjUO3Cnk3t+SygV0QrkaW8TCnjvUHlDbGFnvUQlO1HjDQZLFvXjAfJ8SVrQVuRB3ExIBGqM AhgBMAhVsm5SlHRjc7olVEcB0QxvAIkK1qkKhbOwBGoB9u+Z1EigTghyAYFaCLbTEKjTbDam ADGhOs02F7Kc5dmMGJE5AQuSiGWzyfTMLM8D+QQAQg8BDmCiXECOXhQqA5AvEsS5bwAEoPm6 qE9kOpAD1SFqtwJXqADEkHJyKs4MDkLU965sG/sGxCwPGckS9FQwownJslIYc8wdQtRsAOvE an8ovpUnG7TGc5IAAAAAAAAAgAQA/wAAAAAAAAAAYL4AgEAAjb4AkP//V4PN/+sQkJCQkJCQ igZGiAdHAdt1B4seg+78Edty7bgBAAAAAdt1B4seg+78EdsRwAHbc+91CYseg+78Edtz5DHJ g+gDcg3B4AiKBkaD8P90dInFAdt1B4seg+78EdsRyQHbdQeLHoPu/BHbEcl1IEEB23UHix6D 7vwR2xHJAdtz73UJix6D7vwR23Pkg8ECgf0A8///g9EBjRQvg/38dg+KAkKIB0dJdffpY/// /5CLAoPCBIkHg8cEg+kEd/EBz+lM////Xon3uVsAAACKB0cs6DwBd/eAPwB18osHil8EZsHo CMHAEIbEKfiA6+gB8IkHg8cFidji2Y2+AJAAAIsHCcB0PItfBI2EMKSzAAAB81CDxwj/lgi0 AACVigdHCMB03In5V0jyrlX/lgy0AAAJwHQHiQODwwTr4f+WELQAAGHpWmL//wAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAwAAACAAAIAOAAAAYAAAgAAAAAAAAAAA AAAAAAAAAQABAAAAOAAAgAAAAAAAAAAAAAAAAAAAAQAAAAAAUAAAAKTAAADoAgAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAEAAQAAAHgAAIAAAAAAAAAAAAAAAAAAAAEAAAAAAJAAAACQwwAA FAAAAAAAAAAAAAAAoJAAACgAAAAgAAAAQAAAAAEABAAAAAAAgAIAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAACAAACAAAAAgIAAgAAAAIAAgACAgAAAwMDAAICAgAAAAP8AAP8AAAD//wD/AAAA /wD/AP//AAD///8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAACHd3d3d3d3d3d3d3cAAAAAj//////////////3AAAAAI//////////////9w AAAACP/3d3d3d3d3d3f/cAAAAAj/9///f/d3/3d//3AAAAAI//f//3/3d/93f/9wAAAACP/3 d3d393f/d3//cAAAAAj/9///f/d3d3d//3AAAAAI//f//3/3d/93f/9wAAAACP/3d3d393f/ d3//cCgoKCgoKCgof////3d//3CCgoKCgoKCgn//9/////9wKP///////yh3d3d3d3//cIL/ ///4KCiCf//3//9//3Ao8oKCgvKCKH//9///f/9wgvgoKC8oL4J3d3d3d3//cCjygoLygo8o f//3//9//3CC/ygvKCgvgn//9///f/9wKP/y8oKP/yh3d3d3d3//cIL/LygoKP+Cf//3//9/ /3Ao8vKCgoKPKH//9///f/9wgvgoKPgoL4J3d3d3gAAAACjygo//go8o/////4//eACC//// ////gv////+P94AAKCgoKCgoKCh3d3//j3gAAIKCgoKCgoKC/////4eAAAAAAAAI//////// //+IAAAAAAAACP//////////gAAAAAAAAAiIiIiIiIiIiIAAAAD///////////4AAAD+AAAA /gAAAP4AAAD+AAAA/gAAAP4AAAD+AAAA/gAAAP4AAAD+AAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAMAAAAHAAAAD/4AAB/+AAA/ /gAAf4iTAAAAAAEAAQAgIBAAAQAEAOgCAAABAAAAAAAAAAAAAAAAADDEAAAIxAAAAAAAAAAA AAAAAAAAPcQAABjEAAAAAAAAAAAAAAAAAABKxAAAIMQAAAAAAAAAAAAAAAAAAFbEAAAoxAAA AAAAAAAAAAAAAAAAAAAAAAAAAABgxAAAbsQAAH7EAAAAAAAAjMQAAAAAAACaxAAAAAAAAKrE AAAAAAAAS0VSTkVMMzIuRExMAGFkdmFwaTMyLmRsbABTSEVMTDMyLmRsbAB1c2VyMzIuZGxs AABMb2FkTGlicmFyeUEAAEdldFByb2NBZGRyZXNzAABFeGl0UHJvY2VzcwAAAFJlZ0Nsb3Nl S2V5AAAAU2hlbGxFeGVjdXRlQQAAAEZpbmRXaW5kb3dBAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQSwECFAAKAAAAAADgOVww Sh/MnQA+AAAAPgAADAAAAAAAAAAAACAAAAAAAAAAbWtsaWZmbmsuZXhlUEsFBgAAAAABAAEA OgAAACo+AAAAAA== ----------tpllfhdpembwojxmtwxr--