From utconverge@linkssoft.nl Sun Jul 01 02:12:30 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I4sfe-0001vF-0m for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 02:12:30 -0400 Received: from [59.28.117.108] (helo=linkssoft.nl) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1I4sfd-0004Tj-7m for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 02:12:29 -0400 Message-ID: <001301c7bbf2$3c7d68c0$06db4e74@ddong4z0zhjiwe> From: "Mitchel Grimm" To: "pana-archive" Subject: Re: Thanks, we are accepting your debt request Date: Sun, 1 Jul 2007 15:08:40 +0900 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0010_01C7BBF2.3C7D68C0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2462.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.1081 X-Spam-Score: 2.1 (++) X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15 ------=_NextPart_000_0010_01C7BBF2.3C7D68C0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Your your credit report doesn't matter to us! If you OWN property and want IMMEDIATE ready money to spend ANY way you = like, or simply want to LOWER your payments by a third or more, here is = the deal we can offer you NOW (hurry, this deal will expire TODAY): $455,000+ debt AND EVEN MORE: After further review, our lenders have set the lowest = entire payment! Hurry, when our deal is gone, it is gone. Simply finish this simplified = form... Don't worry about approval, your credit will not disqualify you! http://planzxtranes.com/ ------=_NextPart_000_0010_01C7BBF2.3C7D68C0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Your credit score does = not matter to us!

If you OWN real estate and = want IMMEDIATE cash to spend ANY way you like, or simply want to LOWER = your monthly payments by a third or more, here is our deal we can offer = you TONIGHT (hurry, this lot will expire THIS NIGHT):

$226,000+ = loan

AND EVEN MORE: After = further review, our lenders have set the lowest monthly = payments!

Hurry, when best deal = is gone, it is gone. Simply finish this simple form...

Do not worry about = approval, your your credit report will not disqualify you!

http://planzxtranes.com/

------=_NextPart_000_0010_01C7BBF2.3C7D68C0-- From rcae@jmnetworking.net Sun Jul 01 06:00:57 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I4wEj-0006yx-38 for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 06:00:57 -0400 Received: from acju101.neoplus.adsl.tpnet.pl ([83.10.70.101]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I4wE1-0000Hd-Qn for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 06:00:57 -0400 Received: from rbv.xwiw ([27.97.136.53]) by acju101.neoplus.adsl.tpnet.pl with Microsoft SMTPSVC(6.0.3790.0); Sun, 1 Jul 2007 12:00:13 +0200 Message-ID: <001801c7bbc6$9e28c820$3588611b@rbv.xwiw> From: "greeting-cards.com" To: Subject: You've received a postcard from a school mate! Date: Sun, 1 Jul 2007 12:00:13 +0200 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="Windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2499 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2499 X-Spam-Score: 1.9 (+) X-Scan-Signature: 97adf591118a232206bdb5a27b217034 Good day. Your school mate has sent you a postcard from greeting-cards.com. Send free ecards from greeting-cards.com with your choice of colors, words and music. Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print. To view your ecard, choose from any of the following options: -------- OPTION 1 -------- Click on the following Internet address or copy & paste it into your browser's address box. http://24.131.132.135/?ae57a4a6c198eb161d496d2989907cd64e28cae -------- OPTION 2 -------- Copy & paste the ecard number in the "View Your Card" box at http://24.131.132.135/ Your ecard number is ae57a4a6c198eb161d496d2989907cd64e28cae Best wishes, Postmaster, greeting-cards.com From xutfb@designact.com Sun Jul 01 10:25:21 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I50Mb-0005KS-5e for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 10:25:21 -0400 Received: from 249-83.2-85.cust.bluewin.ch ([85.2.83.249]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1I50Ma-0005Ne-IJ for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 10:25:20 -0400 Received: from [55.111.122.83] (helo=vtj) by 249-83.2-85.cust.bluewin.ch with smtp (Exim 4.62 (FreeBSD)) id 1I50OP-0005LQ-0r; Sun, 1 Jul 2007 16:27:13 +0200 Message-ID: <4687B91A.2080807@designact.com> Date: Sun, 1 Jul 2007 16:24:26 +0200 From: Graham User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: doghouse Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.8 (/) X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464 ERMX Grabs Edge Of US Trade With China And Moves Into Nitride Devices! EntreMetrix Inc. (ERMX) $0.16 Congress's push to increase trade agreements with China gives ERMX huge advantage as they enter joint venture to manufacture Nitride Devices for military, energy and technological solutions in China. This is huge. Get on ERMX Monday! Another told me that in a society that is democratic and where the buses are subsidised by the government, a minority's concerns should not override those of the majority. " "Highly recommended. The civil war also drew in Iran to fight Israel and support the Lebanese Shia. Lebanese Muslims have tended to look east for support from the other Arab states and from Iran. Overcrowding in this part of society means that people who lead a spiritually holy life are shoved against the hum and scrum of society. There is a huge hurdle that needs to be overcome before there can be movement. The sunlight is so harsh you have to squint to look at the view. But dealing with the armed gangs isn't so straightforward. I ask Osama what he hopes for from his new life. They put down their bags, and hug one another. " "Highly recommended. This caused large-scale death and destruction but failed to secure the soldiers' release or Hezbollah's defeat. By the time I realized my error, the resize was no longer in Photoshop's history. They don't arrest me like they might arrest Osama. From pana-bounces@ietf.org Sun Jul 01 18:57:30 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I58MC-0003Dz-O3; Sun, 01 Jul 2007 18:57:28 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I58MB-0003Du-LU for pana@ietf.org; Sun, 01 Jul 2007 18:57:27 -0400 Received: from mout.perfora.net ([74.208.4.194]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I58M7-0008BB-05 for pana@ietf.org; Sun, 01 Jul 2007 18:57:27 -0400 Received: from [212.252.249.91] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis), id 0MKpCa-1I58Lv49AM-0001fG; Sun, 01 Jul 2007 18:57:21 -0400 From: "Alper Yegin" To: "'Sam Hartman'" Date: Mon, 2 Jul 2007 01:57:01 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: Ace6iwiMB1l6Y2NMTZmw2K8ivPBbsABoom9A X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 In-Reply-To: Message-ID: <0MKpCa-1I58Lv49AM-0001fG@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX19aO0xY+st+Uk2BpWcHjEqkORSiLpLqMJ8vena gY0R0manx0TeDQpAwrhTxAFKmPYAyqy8cyhRkMRM0ftjz8/I/K TjaT5AIuLjofUi0Oa3JUA== X-Spam-Score: 0.0 (/) X-Scan-Signature: c0aa019322dfce838bd8604f5a841b57 Cc: 'Mark Townsley' , 'Jari Arkko' , pana@ietf.org Subject: [Pana] RE: Sam's IESG comments X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org > Sam> What must a receiver do if it receives a PANA message with > Sam> unknown version? How is the version field actually useful? > Sam> (How do you get backward compatibility if you discard packets > Sam> with unknown version?) > > -> I think version number must be updated only when we are about > -> to > > introduce an incompatible change. So I think (not sure > > though), if an implementation receives a message with an > > unknown version number, it shall silently ignore the > > message. I think a peer with version N+M cannot really speak > > to another peer with version N unless the former > > implementation can also behave like version N. > > This is what I was afraid of. > I implement two versions. > How do I distinguish you not implementing my preferred version from > network trouble? I guess this is leading to something like "version discovery and negotiation". We certainly don't have such a thing in our documents. I don't remember any WG discussion about the version number and how it is intended to be used. How about if we leave "version discovery and negotiation" to future versions? Does this make sense, or would you recommend something else? > Sam> The framework document says that sometimes a PAC is expected > Sam> to reconfigure its address after PANA. The PANA protocol has > Sam> no normative discussion of this. In order to get > Sam> interoperable implementations, you need to clearly indicate > Sam> when address configuration is required. Perhaps you are > Sam> deferring this to future documents. If so, then the > Sam> framework should indicate that unless a PAC implements a > Sam> protocol extension that mandates address reconfiguration and > Sam> that protocol extension is used, then the PAC need not do > Sam> address configuration. Or, if address reconfig is supported > Sam> in the base protocol, you need to have normative language > Sam> describing it. > > -> We had thought about it and even designed an AVP to tell PaC > -> what > > mechanism to use for re-configuration. Version 12 of the spec > > included not only an indication that the PaC shall > > reconfigure a new IP address but also the name of the > > mechanism to use (DHCPv4, DHCPv6, stateless addr. autconf, > > IKEv2, etc.). > > -> Then we realized we were stepping outside the scope of the > -> access > > authentication, and we decided to remove it. We decided that > > anything with IP address configuration is outside the scope. > > -> Would you suggest we re-introduce what we had but only with a > -> one-bit > > info that says "PaC shall configure a new IP address" > > (without enumerating any specific address config mechanisms)? > > As I mentioned my preference is that you drop the IP address > reconfiguration for now and handle it in an extension when needed. > However if you need IP configuration then yes I think this is a fine > approach. I understand we'll have to sell this to Mark if we go that > route. OK. Will follow up under the other thread. > > -> How about if we extend it to say: > > > PANA is intended to be used in any access network > > regardless of the underlying security. For example, the > > network might be physically secured, or secured by means of > > cryptographic mechanisms after the successful client-network > > authentication. While mandatory to implement behavior for a > > PANA deployment is the integrity of PANA messages when the > > EAP method produces MSK, there is no mandatory to implement > > support for network security either at the link-layer or > > network-layer. > > This is fine text, and I support adding it. However since my > understanding of the current text ended up being correct I also think > the current text is OK. OK. > > > > > > Sam> Section 5.5 of the protocol document should include a rule > Sam> that messages expected to have an auth attribute but which do > Sam> not do so MUST be discarded. You need to specify which > Sam> messages are expected to have auth attributes (presumably all > Sam> of them after a completed authentication with an EAP method > Sam> that generates an MSK). > > -> We shall change > > > o When an AUTH AVP is included, the AVP value matches the > > hash value computed against the received message. > > > > > O Once the PANA authentication succeeds using a > > key-generating EAP method, the PANA-Auth-Request message that > > carries the EAP Success and any subsequent message in that > > session contain an AUTH AVP. The AVP value matches the hash > > value computed against the received message. > > Works for me. > > > > Sam> I'm particularly concerned that even if the algorithm AVP is > Sam> sufficient, you recommend against using it unless the link is > Sam> secured. That seems highly problematic; protected > Sam> negotiation is a better solution. > > -> We allow inclusion of the Algorithm AVP in the very first > -> message, so > > that in case of a mismatch the PaC can decide not to > > continue. But in case the link is not secured, that "early > > negotiation" is susceptible to spoofing. So we wanted to warn > > the deployments. Would you recommend we remove that warning? > > And would that not have an impact on the PaCs being turned > > down due to a spoofed message? > > Yes, I think the warning is problematic. I think Yoshi's approach is > reasonably good. OK. We shall remove the warning, and implement Yoshi's approach. > > Sam> I am uncomfortable with the claim in the protocol document's > Sam> security consideration section that physical security > Sam> provides protection of confidentiality and spoofing. I'm not > Sam> really sure that is true in any reasonable sense for DSL > Sam> lines. I think a better way to state this is that the > Sam> environment provides adequate protection against spoofing and > Sam> confidentiality based on the operational needs of the > Sam> environment. > > Sam> Similarly, I'm concerned that the blanket claim that if a > Sam> link does not provide security then security is required at a > Sam> higher layer. I agree that PANA integrity protection is > Sam> required, but for example I don't see why data origin > Sam> authentication or connectionless integrity is required for > Sam> most Internet traffic. I think the security considerations > Sam> section could be reworked to talk a lot more about tradeoffs > Sam> and a lot less about hard requirements. Some hard > Sam> requirements are probably still necessary. > > -> We can remove references to any specific network types > -> (DSL/3GPP2), and > > physical vs. cryptographic security. > > -> I think what we are really concerned is data origin > -> authentication, > > integrity and replay protection (not confidentiality, like > > the current spec is saying). Those are important, because > > they are the primary tools for enforcement points in policing > > the data traffic. Unless there is a way to perform data > > origin authentication, the enforcement points cannot > > distinguish traffic of authenticated clients from > > unauthenticated clients. > > I'm not sure this is true in practice. I'm sitting at a wireless > hotspot. I log into a web page and give them my credit card number. > MAC address seems to be good enuogh. It does not provide data origin > authentication, but it seems to be operationally good enough. Yes it's true that many users and hotspot operators are using such a scheme (UAM -- Universal Authentication Method) everyday. It's very "practical" because it does not require any special client (just web browser), but it's "security is very weak." The only reason it's being used (and widely used!) is that the operators cannot practically install 3rd party software on the client base. And they (and unknowingly the users) trade a lot of security for a lot of practicality. More specifically, anyone can impersonate your PC and spoof and consume traffic on your behalf. And anyone can impersonate the wireless hotspot and spoof and consume traffic on its behalf. (And that effectively negates the whole idea behind "access authentication.") These threats are possible because there is no cryptographic protection (data origin auth) of the data traffic after the client and the network authenticated each other. The next step from UAM would be to use an EAP-based solution. The appropriate client software would include EAP methods, EAP, EAP lower layer (IEEE 802.11i, IEEE 802.16e PKMv2, PANA, etc.), L2/L3 per-packet crypto protection, etc. Hosts with such a package would naturally utilize data origin authentication. > -> Based on these, I'd propose we change > > > An important element in assessing security of PANA design > > and deployment in a network is the presence of lower-layer > > (physical and link-layer) security. In the context of this > > document, lower-layers are said to be secure if they can > > prevent eavesdropping and spoofing of packets. Examples of > > such networks are physically-secured DSL networks and 3GPP2 > > networks with cryptographically-secured cdma2000 link-layer. > > In these examples, the lower-layer security is enabled even > > before running the first PANA-based authentication. In the > > absence of such a pre-established secure channel prior to > > running PANA, one needs to be created after the successful > > PANA authentication using a link-layer or network-layer > > cryptographic mechanism (e.g., IPsec). > > -> To > > > An important element in assessing security of PANA design > > and deployment in a network is the presence of data origin > > authentication, integrity and replay protection by the > > lower-layers. In some networks, this level of security is > > already enabled even before running the first PANA-based > > authentication. In the absence of such a pre-established > > secure channel prior to running PANA, one needs to be created > > after the successful PANA authentication using a link-layer > > or network-layer cryptographic mechanism (e.g., IPsec). > > > > See above. > > Sam> I am uncomfortable with the recommendation of eap methods > Sam> like md5 even when link security is available. Can you > Sam> please work with the EAP and EMU working groups and see if > Sam> they support this recommendation in the framework document? > > > -> We didn't really mean to recommend use of any EAP method. For > -> that, we > > shall remove the statement "For example, weak authentication > > methods, such as EAP-MD5, may be used for such networks but > > not for the others." > > Works for me. > > > > > Sam> Comment [2007-06-21]: The PANA protocol document says that > Sam> the derivation of keys for use in setting up or binding to > Sam> link or layer 3 security is out of scope. That's fine and > Sam> probably even a good idea. however there needs to be a > Sam> single document that specifies this derivation that all the > Sam> uses of the PANA SA end up referring to. IT would be > Sam> inappropriate for the PANA IPsec document to use one method > Sam> and say a method to set up preshared secrets for 802.11I to > Sam> use another mechanism that might interact badly with the > Sam> ipsec mechanism. > > -> Would the following take care of this? > > I'm not asking for a change. > I'm just making a note about future work. > > -> Currently > > PANA_AUTH_KEY = prf+(MSK, > > PaC_nonce|PAA_nonce|Session_ID|Key_ID) > > -> We could change this to: > > > PANA_AUTH_KEY = prf+(MSK, > > PaC_nonce|PAA_nonce|Session_ID|Key_ID) PANA_SECASSOC_KEY = > > prf+(PANA_AUTH_KEY, Key_Name) > > -> The PANA_SECASSOC_KEY SHALL be used as the root key for any > -> secure > > association key management for securing link-layer or > > network-layer. Key_ Name is a string and it SHALL be assigned > > by a separate specification that describes how PANA-generated > > keys are used with the specific secure association protocol > > (e.g., "SECURE ASSOCIATION ROOT KEY FOR IKE-IPSEC", "SECURE > > ASSOCIATION ROOT KEY FOR IEEE 802.11I".) > I don't object to this change, but don't think it is necessary provided > you do this work somewhere before using the keys. > I think a change of this type would require a new ietf last call. OK, let's deal with this in a separate document. > > > -> We also need to change Section 11.5 accordingly (last sentence > Sam> especially). > > -> Does this make sense? Alper _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From drthq@col-westanglia.ac.uk Sun Jul 01 23:45:30 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5Cqw-00069W-Ov for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 23:45:30 -0400 Received: from [65.70.219.66] (helo=pnppxo) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I5Cqg-0005pz-Tw for pana-archive@lists.ietf.org; Sun, 01 Jul 2007 23:45:30 -0400 Received: from undsy.ukfni ([71.179.131.238]) by pnppxo with Microsoft SMTPSVC(6.0.3790.0); Sun, 1 Jul 2007 22:48:27 -0500 Message-ID: <000301c7bc5b$d90a3880$ee83b347@undsy.ukfni> From: "egreetings.com" To: Subject: You've received an ecard from a partner! Date: Sun, 1 Jul 2007 22:48:27 -0500 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="Windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2499 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2499 X-Spam-Score: 4.4 (++++) X-Scan-Signature: 97adf591118a232206bdb5a27b217034 Good day. Your partner has sent you an ecard from egreetings.com. Send free ecards from egreetings.com with your choice of colors, words and music. Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print. To view your ecard, choose from any of the following options: -------- OPTION 1 -------- Click on the following Internet address or copy & paste it into your browser's address box. http://24.219.121.50/?290b516c3c2cd8a7c0b58e47d14c775ed217 -------- OPTION 2 -------- Copy & paste the ecard number in the "View Your Card" box at http://24.219.121.50/ Your ecard number is 290b516c3c2cd8a7c0b58e47d14c775ed217 Best wishes, Webmaster, egreetings.com From gcgk@mbox.com.ua Mon Jul 02 03:57:47 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5Gn5-0005ei-3d for pana-archive@lists.ietf.org; Mon, 02 Jul 2007 03:57:47 -0400 Received: from 24-197-143-249.dhcp.spbg.sc.charter.com ([24.197.143.249]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1I5Gn2-0003Rt-C1 for pana-archive@lists.ietf.org; Mon, 02 Jul 2007 03:57:47 -0400 Received: (qmail 23548 invoked from network); Mon, 2 Jul 2007 03:56:14 -0400 Received: from unknown (HELO rprad) (216.167.104.50) by 24-197-143-249.dhcp.spbg.sc.charter.com with SMTP; Mon, 2 Jul 2007 03:56:14 -0400 Message-ID: <4688AF9E.3060003@mbox.com.ua> Date: Mon, 2 Jul 2007 03:56:14 -0400 From: Guerrero W. Benjamin User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: Re: e-mail-922ce.pdf Content-Type: multipart/mixed; boundary="------------040803010503030601080602" X-Spam-Score: 2.3 (++) X-Scan-Signature: 52f402fbded34a6df606921f56b8bdd8 --------------040803010503030601080602 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit --------------040803010503030601080602 Content-Type: application/pdf; name="e-mail-922ce.pdf" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="e-mail-922ce.pdf" JVBERi0xLjMgCjEgMCBvYmoKPDwKPj4KZW5kb2JqCjIgMCBvYmoKPDwKL1R5cGUgL0NhdGFsb2cK L1BhZ2VzIDMgMCBSCj4+CmVuZG9iagozIDAgb2JqCjw8Ci9UeXBlIC9QYWdlcwovS2lkcyBbIDQg MCBSIF0KL0NvdW50IDEKPj4KZW5kb2JqCjQgMCBvYmoKPDwKL1R5cGUgL1BhZ2UKL1BhcmVudCAz IDAgUgovUmVzb3VyY2VzIDw8Ci9Gb250IDw8IC9GMCA4IDAgUiA+PgovWE9iamVjdCA8PCAvSW0w IDkgMCBSID4+Ci9Qcm9jU2V0IDcgMCBSID4+Ci9NZWRpYUJveCBbMCAwIDUwMCAxNzVdCi9Dcm9w Qm94IFswIDAgNTAwIDE3NV0KL0NvbnRlbnRzIDUgMCBSCi9UaHVtYiAxMiAwIFIKPj4KZW5kb2Jq CjUgMCBvYmoKPDwKL0xlbmd0aCA2IDAgUgo+PgpzdHJlYW0KcQo1MDAgMCAwIDE3NSAwIDAgY20K L0ltMCBEbwpRCmVuZHN0cmVhbQplbmRvYmoKNiAwIG9iagozMQplbmRvYmoKNyAwIG9iagpbIC9Q REYgL1RleHQgL0ltYWdlSSBdCmVuZG9iago4IDAgb2JqCjw8Ci9UeXBlIC9Gb250Ci9TdWJ0eXBl IC9UeXBlMQovTmFtZSAvRjAKL0Jhc2VGb250IC9IZWx2ZXRpY2EKL0VuY29kaW5nIC9NYWNSb21h bkVuY29kaW5nCj4+CmVuZG9iago5IDAgb2JqCjw8Ci9UeXBlIC9YT2JqZWN0Ci9TdWJ0eXBlIC9J bWFnZQovTmFtZSAvSW0wCi9GaWx0ZXIgWyAvTFpXRGVjb2RlIF0KL1dpZHRoIDUwMAovSGVpZ2h0 IDE3NQovQ29sb3JTcGFjZSAxMSAwIFIKL0JpdHNQZXJDb21wb25lbnQgOAovTGVuZ3RoIDEwIDAg Ugo+PgpzdHJlYW0KgAAgUDgkFg0HhEJhULhkNh0PiERiUTikVi0XjEZjUbjkdj0fkEhkUjkklk0n lEplUrlktl0vmExmUzmk1m03nE5nU7nk9n0/oFBoVDolFo1HpFJpVLplNp1PqFRqVTkZAaRrRawq kgZ5AQjFlDSaVdr5Jrdnk5/NBoPJ8tESZ7PYK4NYIgR5d7BNawcwADEFLgAKMFBdvhVisitgawuM KrUDV0EARRtcJYOIr2KqZAy7SgSElVjpeTtY0hugwwAsdxXF2ACWgl9d8FNevgqLhQIQit10QNkY 3YINbmz0G2Ea4ufgXD1cJ2uLgZrAaWRotIEL5MXasR7IA3sRJsOE5cq1i70psWih/X50F00pRsP7 9ovsG9/LACwQUDNnXAYBoGGgqoSsYEGKJL5oY/aLwNBDhoO+6MPYgTXN6Z6EsegTfoFCYAEy7CCr s4kLofDKHO6syBxIgo8oPEyFD2gjPRXCCHP6LkAIU8iBPUhsWoTDoASChsRxWNoaGrH6FxygbcHM PYTxkZ8Gre56CjadBLDaaStHM/QAS9EhxD+ABBSHGSCM1EqED+E8zIZGiEDahbGEswKFzugUSTUw 6CQWAE4xBNJAuZFZWyw46DPqh5goKeU0OMg5dIcWKDM8BB5T5PSCNhLkooJOouHEhVPx4h9EoOZ9 EzdJoFljGNTQogVCRHRpcUPLM5oXUc0kXV0oIGxFMIHWqouE4iCAQBBGgRXTajaDFGwycRxTyhDu vwsdGwpZldTAvxg0XUVqiBCKD2xPRgwu78uWeAFwlgFFqzxNAkwO4SFW8AFvXjateT6gsUtVANlW Y6JzTnbYAX9f8aoJgUHxDbrsr/LwUXzSxpCBe2BUBhQAYmWErTBftrINAdgoEs0HIIZ4aLs+MMXl hd5gANYqkWNpY5Q5L2QdEdAZfWV6IJm6B5RWKB2PbSoDRY+igAJLUPygVdXFaiF4/pVCz3qRY10E +EWi+ow1EgU/2vjTvyKZ8ra/Ty+7HeIwoXpGBiA3WnIVStiVAFGy4bhyCanlo1lbqUeFhsNoIFud xoTO7iwnfCC8OQmvoJaF4YuhGtNU5PCR7qOpwzuW/72KouBoy8Obzyi47bw6FL7v7A15Du+Pu4pC ac5k9cNjqE7ogncUggY0ZaqA5xdWbUW2+ttmrUZLSZhxpGDycVOWVpA8u5bcIFhVq+ohixewgjC/ DDOpufzTiO3vdITOg3CfAg2Tfv+iDLlkXuaqsRqw0npBcVQQVlC22PoJAApogTCGUkIHKQZj7hFA JpIIwpb0Al8s7dVAh7MFXtkKeiQI443nMkCdU585TfUSOGECQx+BA4TEDX0wo67y3tFPgoptlRoD ZkEYqtN6pgEeI9eQy1kQCHEMDIGX9qgAFRRDgkQc76K2vDvOKouJ5CQ2ifdS6uHhC2OulII4Fk5B khorLqQJvkDXwpegGQkT5Aj3nZiObR5jfVrkEQGhFIMWmRw/TAO9uTAI6NJABEeQBConGPTuhE5J gYbCEDm04TCgC4xJhFHBf8kCCOrMQABwkWimFekqAh9LnFZgAEQQU2Z3YCkEVKeYgUOCByqCTC8A EWCBw/HMMGAcsT3EHjuM+XAgRMytIEIsc0hBpSkIOG0Yp44HximQIiXhApnS/hiQgsBBVAmMBQME WCd0PvfIFE4gUZoaAAPGaY7MtlQEDnOzZ4yihpA1GlNKKDyX0TzIHMqBshFvkJBqQRyJBIcPpXei +VxBVeBcDWN44lByBTveJJSYs46HEFAxM+YBA1rUWQC6xIVGpUFQLIHNQhCZ6uNAADMgsUiBpQPJ LSUU4DWB8RTNgq4sEMjmGeNV/D9zynqpYXtHtPJrmLFgO+mRE10EHlzMmVwMy+EbOaLhWcyYsHPq gXyoaBFXxQKsnqU0ukVC4qZNWmLsxghsOKqWJgAKkiwOKjSl6jJZSINRUp2BjiCwxPIOaUldCYVp NSR8Vs1IbP7LkedD0uyrkUPGZynFLEWnJZfVWgRZ6mnJkJVmQyeSxymgk0KXpBJBEWkoIEPNHSOI dQnbFGdgp/WLt0UUucShAjMt3cG4Vw7iEUK7Eq4tyblW7QjVEktiCHCZGZNkmU0Ll3XuwUJayG3O kcugQ2ZAsrqEwc9dm815ychrtMQSO74SITdXOQMYJl7uEJN7eMiFUyKzqvRf2/xMxpTUXfQqC84x gr6QIQc4lMjiwdvoQtfUghpSEvKpYhlvy8kNtbf/DmHT0TukkQMMtLx3lxvnQGyjI7SNFsMNKuVF zyXzv1e7FDNg1jvtGQKOaHCCYvgvg+uwaBM3iSMFUKtn5d4eyVksklc0doaDLQ+AwiKfJWo/GhYK G3FYxwrfIgkyirhrwnE4L5A20YuoQZy+ZvxMyVulD++YbRW5HahkzO2dyNXcwEQK5xArgRnkQpMg sM8aHZy7GEADPMA1Ph+B+dsF6+spDKIQe8yM/lyW23a7+eNOadazpHGk9Ic6JIQ2h/8DT6liy2oG cDSmUWf0bo4TElzY0Ax6QSepchpHztlp7X2v6Cn4y8QSa4uEVwKySQUTAbRvFYUWWINemyCbG0wQ O6ankM6OjbHqRCjRpDeDnpSXVXF3jBXZsDdG6YtHFdXgc78yF9LYZELAWIMtlDvhNr1fINLI5fiw iYZgzcowyL3YZqpV4OoUG8JmeqR9MHZw3uniW6MHYIimQVdosdtkrz/L0QXBWlBAvVhDY2h+J8n5 RynlXK+Wct5dy/mHMeZcz5pzXm3N+cc551zvnnPefc/6B0HoXQ+idF6N0fpHSeldL6Z03p3T+odR 6l1PqnVSbCND+IEZtlS39bL3vojqZOrdjcGOgP4mRBYzIsyMAC5iW9owDdYj4hB0LBbCfq+vZOmv BV2RQ+erCW6mJGx0QTIkvJ/HIEkKqYyBluIJTLjcbe5d65V25LqX4+EO3wNJ9JvJb8m7AQX0JC69 n7FcE0chBS2B8gYQ5l2uCEeoHl4vsSSiBD3rtspg/lOYNtEJWpLkzHGECHrnMMPYgAFuAWAs59Xp nlaFighMDosFEHQGH8Cl7aGVu74ixK60RYDiHqQP7Hq27V8IJ7bWwAHhlsIH8ymM9UvEEft7zlk5 A1sCrPNogf4hWguHhgAC2gqvlk5gZpkj0gAFKmWGFP8hGgBDFpmKCCBv/vjvsiBQCGMo2JviEwID YpBF/wAvkiJk4gBBqv9thoUCBPskWwCH0wDoVFku2P7OUJVCBpuotQRKRP3gABvAZhCDOkhGVKYK GguA+BLHhirvhHKiBgKCBA+PzoiiuiGICv6jIwVCLpjFOAwhqsEFohXAwgkjNEyA0QjAAKGQfryt kQaN0lApuv6tyPVMpFTESJvtaJMi6ndCEIFPHQNCGD5mRjklYCBI7vtk4FkiEJnBcF/jjojmkAZh vO3Gow2OVjGC5C6QhDonjErL2wzhBAZsYq6mhsTC6L7iEQdJDo0QgjLRSkJmPp1DhAuDSQnlfESo 1CEG4jsk7ojvHAFj9sniBjdxKOVG2KuN4sehYAmhqo7mYjYhBMBDujXDsjeklItDwssCCxoL9DWF miBkOrWg0DpFEgaBWv6nyiBjWkjhLRqkNEMu2DTRaoUEOw1xhuZg2KgCCKaOMGAoGjVvXiBEkl2v 1gAABgkhMlyiCRBxRCPxJPXGXkjoYkrR7seHiNSKEFgvAR6uolilOEtldk2k3ilkTNBE4xfxsq3S NSUyVSVyWSWuxnDCLByp9yXSaClJ5E9JNCGnAgaMXO1SayfidJTKNoUPuiCqQjotCSgSlCgLTpKK 3Q+iEKxSLylyqCfrbv1yGomtgv2AAAZODSqywCbj0kaPbOTI3CBgBgwhESvPJywy3CVj0p1K1MBi GL6mzSzy3y8iXjPGFNKkeSMk/CCQRNaS9TCiUoOqcJEhAgaKHS5rVwbg/hEBZAyskTDTLCRL1IwP VEEm8DvmRMcJ1BqhMTJTLzSiTKinOs5ILg1sxOIzTTXiaSzTYTZzaTazbTbzcTczdTdzeTezfTfz gTgzhThziTizjTjzkTkzlTlzmTmznTniMBYtZzXToTlBqAyhYiszqCZzZCQuLCRNpCfzCTqiLBZM 6iczuiQT0iMvRidzxiLSkinz2iJuNrrTUCEAuAMAMJBQZiqT+p3MWlNqMCWSsiSz0r+CJg9TAKdC 5p2vozKiTAky1hMT5iEROiaz9E5voiFj9mwlF0FiLOBiBrvzwyjBcT8gMFdSigARzClw4k/AgUPD PKOLLoZNJgATHCEAvgvyvNcBPgFlvMWtBQsCKsyhzBcTviFjrtzT4iDT+yvUkCGBdQbMBgEBvURE PN+BnhcNyBBB3gZA7UdoaBZQYRvUPCOUw0eFFqZUf0koqCWUmUsBM0tDlgMUvUwMyiBUkUyIaEzU z0ppyFS04zys+0/SvwiCGkaEFg7I5CoLrF9C+gZg9QdkhUrMRpbDTUuUXgZUd01CBTJhMg9tlkhD hpfs+iDs2shCGUdyvI1rJmzliBg1JKRDOG8Umx0BcAaMriBVWBzVXCFVT1a1LNRR0Jq081fAEVQM zORVDj80aiBUrs2iG08iCVQVRFnLDGP0akJ1Uq90dVWyE1Rj2VI0FRvHsVhpEuGN+KuNyDi081W1 kuB1Ro3VZUFDH1hUriFFzVqDvTzU+1mHk1niEtWN7VWCCMRo8VTURxQifN7CDPti+r6lPmFUsBZA aBXUuE8hMUwBz0eEKBmqojChvUYkNCFUrtxVvCCg7BzxNK3tTmwsXUpsYCB0V2MgaLnVGWWiFO8x gNCUcs+CDV4WQIaWRmwvPstjrmN2TvcCF2HCChmweEhWYEN1A2GWlpkCGWO1wP4g90gIZjiA2VAR 5HsAkoZtKsh2LgANyKo2HU1C62oAASFFP2eDOVoEdWVEQkriD0aRgHBCCWN2V2PCBWhniWptBWkT 1iXRmp7NkwhlrE7vlxPz42nErC5GXhCRmqfkMgbBLAkyFCDxIG+V/CErVUcNhC/ISXPCBDBp+szD cj7NiCGGTE+LnG0E1FsOsOtOuLR3OGBDKIjjcRfXQztwU3MiDXeg9xdlWs+BvBYh3hBXRr7XMOs3 Tr+RBojxy3Iqo3nhZAZXvLJDilt3p3dVEDbXWv6XIiFjnkSFzW4StCDDKEmiFWnGWmFXFu2XOCBx GguXsifO6Ozu0nGhBA2BzAmkAG7EflfBYUm36NRqc1Xu7gAENyCwoiCgZzsXiE9AaBCX/mkk/4KE mPbN9O+EaPkCD4QFElrNCN8UJvJH9IHkM4DCCAIC2XIYF4LuNlUmXYOXXMe4C4KCBAIP6VoYcN8C F4d4OjVO7m0O+YVI2W/xJqCkSHCEFxrQMHj3WgF4F3XomE4vSy0X9ILCE4GtEHQiCotEAYaA83+U WicgkuzKXu8DHmOxHYFT40IR/AaEU4APDEyx7guPErcA53nYju2gkmBE/jH45vFxCJ/iE4XJMY9Y 3kdPE5GC7v13nhEJFmA434AIG45E8lePV0WMCE4R/iBYviBZAgAPkQoXy4MorO6ky4+iCPUkWQoY FJa3nBBZNQFNW5DZOpzsVGVPaYhQB5ciEizHfZY5PYBY/v+iCSoCDLPxpGHzAtbmj5WPG4KinPWY FWmW7FzpxkaBLO0EM4BvTiF4tB7gZ5BiF0qZUPC4Ig2PThyPZ4g4hiEhMBYjeErF1YNiJvtCKBCY 3lUPDgAQrtEkx41IF5v1TlTvRZ0PUJ1g/41RehYZ2Z3CFZx4NkU5zWjCBxr5bxyqFXnVbj3aCZZC FPZl/i26SG9vPDiJVaU5ylQYBvMiBv1NBvOZ9jNItD3ks5zYeiBFH6F5RiqQBvlpAiTvmQfRziDi rEun1PxCKBEUNiigqwLGj6lCOHNGFiB6tElam6HlUl1YHg86opmDoCiZICJE+ULuMEvKBP6kSBAg /60Dkl9Pxv2PsQBCz6kiey2vKQTa0zyCNaEiBQyW9CfUKipSfCPQuSPbDCGIkkkLNisKnyFjYROx DCCwOCY0QCoEXn5imvR0XjU3Pr/C5i6ggDti8uCpnDojA34pl7OnBiabQiH7bCcGtadCnzZbHljJ SiSlA4RB3yJxljnjqu2vWxECwpQkKEHkSQ46DKnu8iEbOlhDYjREVgaR17SX9DqkOhzRnz7kVRuI SEhOuCE3F42iLbBJDlfb4bziGbjiGb3CPphCQxlRwnqxyR4if7fKZyCq9kns92BiDQcCtR7itEJy DbwFNl7rc03HGkbiGqjkLl7nfIQO2sWO8WSkcHqmcAFknlg7tDvGuEKSIA8u1D/8H7a8DbzDVHYD 37LSBR2hYLucRCOwZkbkmFy8R758ZnM7LabSK8XZsiGkLCFi+4BkTR9MLEp7PpMZTkMccggE8yDk BcACaGgEVkstayzk7ExlWbalX8Dlzi5cvktG4CBSSPycyjDkplMq1FDEZHFGqBdEwk7XZDOlLvdy 6F9lQYlnGlVFRPkY2FXL5SxiBXbx0FcEtE8cyEF3+p3anoaaVZFBBc9DGJ1yp2BlME+EL0tk+G4D H89y7xMwziHjklblEF9ETdDcyEhdEiF9HQKFEURvD89ISdDlSk1RByxlhx+81bTvqyT35Camlt+j vX7thl5Fxk8mcFdcZSOdmlmjPDnpGoUFR2+lzjkmBLOGlEt4+nTJ2I+HVQEkO31lG3S9yDhmrFpz zoUSeQEgAcNUPmXllx6doFqdpGc4c9jmlFIGxF4UiSEECGNGOSMZ/je93noGLGa9VCIUP7nS8D8p VFRlymb78CBQOd8mCjXGRdnmGWdNt9wGDltUQHPGG5uCXI7kUNbJGnamsGjsD+Ao8QmHvIto3HTj lvBJ7mp+KoVonn3F4iFo2nWDkm9FNkaI26QGPlrEgmkJaHXLc4Hyov+nbnwmdCGXK3GWX+CmyFxg 1+gcTG1ehDkmRwvHNwAz/31YHHCK6ItFeezCDDdcUbzngDUGKJbxsdBQUwZEiiGJ1HOGG8ZCVpT8 SQmL5DaoHStxxkeeu4uM6nvGtNvecruxg2o9Anumvnnp7pooOIwHryhbzoJ/PisJ0oyiCNCDPfRq TShELP8H/CEn3nx1oAaA1yZcKEKcSDGkTG+GRnxICewCDjOnsGpvt/g7FyAYwCHIP8OXTF9i9a1d A3W+3n9L2n+IXNT/vFsfXJPpierk5GxsGnqKJ0CiWKUUnR9kMl4I4kOSeK5fepLKhELn15CIgSty CV9SKiAAAAAhMOZnweBAgkoRYwIALBzO8MMFzQ6LRc2p8qgAaQJpM8gAA5xZnxcAQx3w+BSmHNWL DQgDRpGyBRouABgwKQIQ5mgEQ6DrA1yaTOZYS6bwKYzOiUSCRUASWHISPLCIRKBLCLAOmwKOw6Qw mSRaqVkARGJ0aHOKuyapAA0UCgmufgBYu9pVaBBiLWwAVyPW0AECeWOHXWGw6oWeHUmvgCaY2iT2 n2+2xKc41xAPH4LPZ/QUqeT6HChgrAuEmHXihw5pOZgy6LN5zNIa57KAtYSXMwJM6G20mdRYEboA CiBalAplEQ5F2jgdG24ucRc17S2x/CT3pd3vR418/FbFxFxLcEaMFpR+HXHSxbloi8QK0NLvdrC0 DTVquyyBNkSwuOu6imrChzdv2pLfuc1zYGqv0BNo2yHBOprcu/DEMtAnY5kC1qDmeXA+Is/0NRNE 6iREJL4xRFruvxF0Yq6gxquErouCA9aLJGoCLxZFDtRaMMcPvEDPogy0cIq3sZSbGL8Q7J0pRiYI aIU5cpyzLUty5LsvS/MEvI+BCyxQGRzQJMKurqsyBGCXCFTVOUTFiPcKznPE8y7Jk9T60I5kQgs0 s8+0tL4hw8ovA0DtDQbXO6NZYHeQT7y2YI2jaNc7z9TlOwyztPVCi5ZMU6T+SyYIZocQKLz4AFCs /RzA1NSNJu7V0mt61spDKohpV3UVgu9TdhS8kLl1IgVdyY5rvECGhYGk5DBodZIAKGzCLEQWQy2a 7I2VUuCLNNUa8KEhycmkao/odQLsosTI0WewVYKxV9128TF0MbUEnUG9SmIEuNoVg6VrItHSTXCi 9ps9dN1xQYJgiA1QAVIvNgKI5s0Nul71Mg9txraNZpXs+w/22i4a4/YliwwNYuI7j7fJ9ReJgQBB Y2bU9DgAapMW3g42YAiz1DYb2BAQIB3sy3rEoeNZ32zn2gFkWWMpMnOjgBBc3Msuz5Lyhy0qPfWL axX6bt6bxM3jpTLxInCjZ/Ztdsja8bN9t1CKFEqiTQmbe5jiWA7dpdcM9oCm4Kh276LjVzbGimyo FoTomCZ+JCAn+dXNZe52qNfAbvmD05nrnHq7vqsbnqrFcDhOXQyaQT8HmbRkCZl0N7Zrev8aRY6B SjXBm9dC9MmZ9YFVqHI2h1d0P4HhaQtrMjYfUyzck1vItnun+o1z19qx/r9wtvuPsiYF+kgXwYLl vyp7ViBNNS926YNeSLaE/AYXYisEeAAb8iQYJQ2SkWeC4trLjAADMaYuRdp8oCtjIcYl4aszQwPY kG0AAVVvGtMw+t76j4MJMezANor+YDjBAWu1UpHoGOyOkoUpJmQyiZJ610yzzj/IlC+38mbCUbGR gCcMgTzoMGKC+J8TAa4LoFcar1uJF4kRTIvE9kBAnamuDZDc7hXXuLYAwRCJZAhBEhTQRZU8ST3D vIPBsgQiD5LKME1iNZvWuvnNY1FEonymuOTcq4TIso3Q7jkfMlZJlgKyKbISN5OYqqFalGMc0P4z K+Fg7VRcUmuMHIu2F/JKWegAbMtdhEMnZxae0MGLsOD3FRIsK2OLzyLAfJM/w2obFCstN8Q53Rb4 OGrJMwWYKNyLSAd0ReWUiYkkOmLElTaTIikmirAYi0lgAKUZa4xXEDpHwRkQW1RcSTeycfOrNgs2 CLwxVxHkgQbRWwejnM0AELYtSMKJHknMzyWMkIkNKW071fF5fhF4NE7ltPPWwRYPZYIuSoQwZE/h vCpj3ocYcgQzBEPiVPQEiyy6JOpDKIQe6WAgSPTY9wgQugPgfDsJiexXX/kOpKJkZiiwEBVCrRpR hFqXgLDa+AxbYpAjSBnSMtsSEdKSHfSyj1QaQG1VPCY31N43xHji7Epr4HXyZC4W9hdSVZxro8Rd QbXyBPzdTA1b0ayBUwqhLwwRy6rUUhcABYlHqYzHqky2o5VK1TUo0+KAVPiHDeU0mhxFEDPmZhoT hiQbA5tdfRBE+yu5kkWEE/mxRVXauZIdZOAINCEKwpVRmlrT3VVrhwj8w4VVgMZA+8ETExbFNEd3 KwwVOQ1xyQOpOzNAjx24KixKViPLAlSt5HKGJFpnvhkzWusQAG6xmGZakopRG8kCtGm4aVy5aEmE xbWU1RTPHxK+swrKtRBWZlK0VgF0XtWhZHb4rVZLNP5MZYw7qBE7uEJEi2xAi79qvU1du/h0zYKv VvbxiOACBU1EQLgt9vLgpbLrMk/g7wZXXuDgONJ4Hap8pJa5iRP2sEWw+eOQCGJMqSM8bCXSv3dj SG8HN7OCcdY7x4lNeQmbnpqcZc01diCITObSv1eNgTQjNDLbQlhEJ8JSHMGwDFz1LgIq5j3LmXcv ZfWCGXJ8pcU5gzNRAc1YcvCyGpmdYosQFxOG8/zN2dXZZlS4bVDFizQAYTYi0BEnjozmWCr8Ndqp ppdDnEyJwQDW5EzsZ6g2kUYzjOjWi/ue3Zyj0AZ7Ths0u4IM+fIBAuNDkOzanPAhFpGZ/S9q5LuW qRxf0oiaoIQM6HSX7pkkyOHT4lYsTpXAfBYCYDsvAPdQHmGgkHaQiwmKd0qRGYJxF3yL7NLefbaK GViE/pHRYttwZSjNRmluhurF3nf2Od/SCU2C7gK7hfWpXba2b1Wuir05zgZiEzucgW90DyaYmAAb 0XksFRrQF8WKkQ2tPhuHu8kLzcXoKkMFQNvZ1Wqa68OxQWw9KtUWh05mziccXERxlnGhCmmnIs5v gsOGRlN29v2syW53YENgFtRSfORWnKJkE4GfDPcNZwrc4GeN5kXr2Q4XR+4tmD1kQ43+FIdgAC+P I4QfBEDNBmITMjWXHps3hLCT5FgZEO6516veUyBbAAALi+csyHdnIcwuYJzzYC67AVMi3cLIV3Wu DIQnWtyGCggm5A2OSL3vIt4TruZOAHVs+Rbb+TDQ5qPDYrvRjTLeVOYYJARJu1dAIuSXl2ESHd+5 KvpZqAvBdaOlphrmEy3qBg9OoptUN796NPXKxnjCBBsD0aZmFkA2gIBmgu9HhwqrdFiEk1rFe22H JMw06vx/kx5X7yoAAXBEZi69Go0Imaar7IdOa1UnJS1uulHl3vlHnixMTz76v7S290JMEk4SZbEM MgKcG7qbapKO60I/6+CIuM6+yl6La+gIu/AvG9IIcdM+wdQ7kcIBk+aIE+g/k/010ne+Qwi+WI9A wW6MFAgyM+C+G/+x6aeguGkGC+GGeKGM6eoXkR6jiYWYq/SmEIu4/AkJw+Oy2tOrCNaTYyeo+NBB q4OMtCIoSrevCKJBoXgiMIFCI/k1gKbB8K81AK6ubB2Iciw+HB+ISxuXiO6pURKcYZbDKlfAYk+F sik+AIuBOMeJ+gCQW9qgrA2Fiz+tUpkTc+OZovQhIM8tU0eV0x6yeEWxgPocewQjy9UYKMS/wAAz aFjEWHe7GBnBUi2g3BALgdyDa9UAAAwBmEEBk+ereNQGYGonM7GLa+QEIyWIEFwfqGkUPFQ/07oO Eae3gMWGCfGMzFjFm7ee6gqIEBkEw/YKIrCRtCw/NGQ7mIs1SmY7qIshq+xFkO6byjWv8uc7bDMM FD8gbFbHGlvG+YWfnFqwgABEolLHKM8mimDFkXkGYmK6E/OIs3AOpHwZcDmgSMUlyD0JK27AWuEO rGkWuvGKEVJH+iaiw+EGeP4dMAQEEaQXibaueAwAww42eXO1TIe0cM/IsbaJIcyd9FQFaNbIYGpH +jM0cxCKiq8MfJIa6meOFJSDWvGMEdHB9IKK6YkC5I2P8WAYOYyfe7ibY6kNCrcveMXIG3yJxIqb YoQJNEoJVErJcLajumyZCAADaquNXJylKzY0SJNJmYkfbCm7i0/Gms1EbBuzOcA50VfGCMyq4a6S YmKERGTGW9BAnDaQxEu0aSzIYAAk4jO98O/Fy/oIslwGlLocuFxKEIs+kvLEUic4kwYI4g2DRCVK qM+tUU248GedoXQDbM8MFI2DbFQIdGUDWzY+4MMe1NQbYO4EypOtAmdFyVGNAdobUYFNtBs2FMnL aWrHKEWNaWJC01qq8QNLxLjK6RM19H66SlQ+SE+2VLg7iCBLSeo/KT6DWAwEFI6MUFwDa0E/qou6 iosbatIRCSm4KpI9KFxFGkbOwoupXOtP3P4dlLM1qoOEytJPtP7QKTC3XQNQSy4WQ13QVQcNA8iN DQbQfQpQrQsKIEIEIHQD+Ey44FgEEDYKhMsAAUSmXHyKaYzQmNBRM0vQvRdRfReBoCSCTQ2QWdFQ +DYK0HIIuLi2nGs5k9KQzR8FgG8BmiKOoV29lRhSXSY3m0wjWJoCbR2IED+AhRJSHFeliTY8OOAH FSrRIIcN0HvSNEIIGPfSbTRTS0oVwYKL4FgHEHqg6DCXZSunq6WIu+eJ+NqMsECD+DyLCwIDaImI cnjTmAoleAWzjSLTK+k3bTVUfUgogcyXOLALyOeJSJzTglkDCUQD4iqKIIaCSAQKGV0CSEaAEGqJ CFhUvUGABTjSoAoIFU9USqDEIFiGLM1UjV1V2hkGeP2IsGqDaV+1WUPU4+6PaC5R8igAAYqVOjWJ cxoL2IFWNSoOTTDHuPWJ3TDV5W5W6WDGWJcRzB4783OD+LiDzWULcIFVwlJOjXCim9UPMYFXQCrU SYQR0QM6RW9X3X4S5TuWogEMyQIJ+C4AFAlXSlOOJOiJCUSheGkFcDDVGOEDQBoRGpiRsLfRHX7Y 3Y4SmdEI+IRK/UqwKP+vLDGV8IuTYRATgg4PO4kFgCaJdX0k0eNY7ZtZuSnVHT2uUlOYyK0nG0tT LWZJMGeK+M7X0pkRxUdZxaZabadafahajalanaparatavaxaza1a3a5a7a9a/bBbDbFbHbJbLbNb PbRbTbVbXbZbbbdbfbhbjblbnbpbrbtbvbxbzb1b3b5b7b9b/cBcDcFcHcJcLcNcPcRcTcVcXcZc bcdcfchcjclcncpcrctcvcxczciICAplbmRzdHJlYW0KZW5kb2JqCjEwIDAgb2JqCjkxMzAKZW5k b2JqCjExIDAgb2JqClsgL0luZGV4ZWQgL0RldmljZVJHQiAyNTUgMTQgMCBSIF0KZW5kb2JqCjEy IDAgb2JqCjw8Ci9GaWx0ZXIgWyAvTFpXRGVjb2RlIF0KL1dpZHRoIDEwNgovSGVpZ2h0IDM3Ci9D b2xvclNwYWNlIDExIDAgUgovQml0c1BlckNvbXBvbmVudCA4Ci9MZW5ndGggMTMgMCBSCj4+CnN0 cmVhbQqAP+BQOCQWDQeEQmFQuGQ2HQ+IRGJROKRWLReMRh5Ph3uF1NZwOFnt9yMN5vV3PB4u18vh 5v1+PZ+zB6Ot1Px8PiDPt+PuePp/UGZv2g0J+vV1Oh7PZ3TN+PyYQOhUWBvZ8PFutZju90OB0vNy UV8Pl5vd9PGUu10OZ0UVvulot9oMV8vR5vqcP6Z0WoPunQZ9Pt8Px9Xh9vqiUOiUG8PmDPN5upyO dqPl7PWi06i0LA4PCQN8vp6uh4N+iPyB0OfPqB4V8T58zB91Og0982Z6vnLX+BOFwud0ORx4R64R 8Sh2bLExmLudzNhpNhatJjrtiLtLsNnKBltdbNJqsN8PZ4PR7u9sM9euhvNVsuVluJoMxwtRitJu rlxOdrNNqmE1bQnuZ5jFa4BpmicJgnOchrm+bhgGGaxTG0cpnIGeh5HUcJuGSaBdFUbptmYop2HO bZznSapom6YpqmsZqnHeeZzucapymmZRuHIZJomEWpyugbJvlwbJyGQcZ0m6op1nabx0nIbKumse J5RqaxrnUcZtmibxfnKd5tIGc5xGkbZwGKahhlieRynIbx2GqcboHFHhjmuVxoG4YKBnec5sw8Ux umuZJzm+bMzmcdZxnCgZrnKZhrm6ZRyG2YJ1P+thrGqZBbleYBBl+XZOnYclGoFJp0nUdJxRUWx2 nAZplmQVhvq0aBxF+vx9uYiZ1nIcBol+Wq2QqaJonRP5rnCYpynSb57nuex9HueRqGmVppmsXs6m wX5hFIZ5YlIYxlE6aZvl4Zpql41bAnuZJplWbJumQYRklWaZmF4W5GD2YRlEpLpdtAeh4v4YZvHA Zh7YMgZ2mwbhtGWXRrnAY5pG+X6hn4lp9HmeB5HgdayneXZmFEa5jl0Zphk+XpmE2ZRsFuoZ3HI/ polhF5hHCaZpnQcRrHCaRlnAchlG6c5moGbh0GUahqlqpJsygbpqmqW5znKa7gmyapvl3CpjIGdZ 1m+3zu0sb5qGYZJrFUcBymigdWmocuzmwbRgmqbZcHGcZlHCaxnGeYpamMaxZnfX6Bm6dBno8a54 HgdCUuecZkbaXxrmaX6oMdXqI8ocpynQbh6QyebyHaeZ0tgvsBNkdx2G4dZ2G2cncHgex2nseZ4m mYZadKaSTnan69H6d55HMeHXHjxmzHGahhF2ey0LGep4nqdKDMSqiBJgmDCr6p7WIWoqfn03R6Hg dh6vIep8Hgvh9tCfJ6/j3h4nizo9x6jzNgYF0I/ynE8HyUJ+5ZB3vIH6YgvZQXvl6gU/cw5ZCmD5 H2PcgZti+k/JmUCCkEjmEwfOrx0RExwjlGSNobQuBpDUGQNsuQxRpiyHKNoY44BvjHGyOIZI8jIj FGiJ8Yo0BPCkF2Hkd49R1lQH4g4ZQ2RoC3FmLcPyMBcDoG6NIcA6BpN4GrD4WYsxQCXF2KoTYxxk CiHWfV243IUxzjpHWO0d48ENHiPYcz/RxDMGwLhUw2BvNtduN4eZNRrjQFoPMdCHBtC9bwNAcxcI QF6UeMscg5RqjUGkLFSozRwjOGMNwcAxBujjF4NQawuBnDJF2NgYwxRcnbJINB1I6o8y7l5L2X0v yEvqMIbwf5tB/E9gSTMjBmynGEfMT0zZtYHnLmBNWa015sTZm1Nubk3ZvS+Q0O8cw4xuEzNnMwqU 0ZkE/ihOkzc7nwkHeAO0dQ7BtGnmjO8hA+ixsNHm8wcZuh7QLY4U+E0xyoD+nOP6b9DaHR5G0NU7 ozxhKSFoOkc42h0jbGsPQd89RzjJGAL4TQ0xiipGkM8W44R0DVHaOsdCzhkmXLUSGmFAR7DqRmmC R8xx+jwHchtYI3RxDHHMn8cA2htjwHEOAoRBkkjdHAOBzo05QM4GuMsXw2hrEgG3DYZowEGDNHaO kakyKH1prUr0a45xkDJGyLVFI1x2DtG2NQbIwRyjiG6Oocw1BdC+EqMgZ4qU/jPGAM8UIuhgCcP8 LEdQ6xsJkG6qwb0jxqDjHKM0Zo1BXzmHUPGHKgJKjVHOOobQ3hrjPG6NkaxkRozxK+OUb45kVjRF 6OAc40BfsoGu52qgxRnDMFQNwbwyR0DaGoPspda7nXPIktFkDIx3DvHKPYeQ7nVjun6Pcyw6h3Df HYR0no+nnjlHMO8b7IWSROgRAEeI7FFwPLGaIoRfTXFOgOYc1Zhx7zxM4YJyg6R7j4Hk9wdkex3L RHoPge48CWjyHoPYd88boYXwwQZSQwxjjFFikMZQ5mhFFj2OtFAypOi8HEOUYeGcXYvxgRkbzgRk DWFiNpn44x0DZTJUsdw5hojVFsNUaQxBuDRYJjHJWS8mEIfO+cobyjIEsfzEIdRsDZZNy1lvLmXc vZfy6tQeo9x5jswscwzJeplmZH6RWfMwC9D8zPmDOhAhyjeGiOa446R1jRHAOoZqKRrO0HQVwdJY x6GBd/Xweaix4DlG4O8eJb6mDrHiOQno+6PDwfGQMeqJmQDnMKbo0Q7x6JOHINHA47iBjy0+Sd5g 6hwYOHiw/Ro7B5Dorq852kX0sjvK8NQZw8UtDpHHeu0R5h0YFHlgx9z9c2DoGaLwlY4h4rPWiO4e w+XuD0doOoc+m4TEDg2bl7D+R4FjZAeS9iyRxbgHEkkbQ4hqjKddjrSBaxqDhHWfSyU9RxuUHaal 8ZPh8OpHaOYcg6C4PxHSPJNpsEx7AGqNoYw8RwjdNEWUeGVycOrHfsyAkeUlDaUONEaQ1xXjMGiK ocQ4hojLGKJQYovxVjgGyMS040xfCpEOMsVQnRcCrEAL0YgjhmDGFTwao44BYCVEdmUdZA+eCvGk sNRAyRqDUFqL4XgoksDF4yhcgQ4hvDNGwNYYQ1BkixHMN0bBA9wEhG+e4rQ04ZDOGQLMcI2xjJbG ZXkXIrxOiKF0MMSQzxpisF4L8VwyBgidFWJoQ2ZB5FFGyM8XndRmRdGANIawrhji/E2NMaDJxkCr FII4QI7i1qOGQLwYYqBOjGF8JAbaEMUC/GiM0WAthXiJFiJUQoxRcCRGgM0WNgBVCzEyIkbw2Rey EF+M4aQvRjjDEyNMaQtCBjwVZ7kYY5xvDaUAMr6wtj9jS5SMFPw2yBzjGkOpIPahWI8GSNUaAwhz DrGqGYGqF0GEFyFGz0GOjyfyHuJWJSdcHq28gWP4F6HCG0TYHedefuHGHcceQ2GqGmF+GsG4F+h4 GKwKHoOAG+GSGIFSd+wqKeMmGqHmHaHaqkGOtqGQQaGYgCHoMO1qIEHspgHWG0Gk3kpeHMKKH0Ya uw5CMuLGJUZuPGHgJ4PGHY9c5eHQYg0kTe/MS2Gc/KF6N0HwKKwaiEHkHadSHgG0HAGSG+G8GgG8 G4pYQaGeGcF0YaHkccHSGuGy70FsF8EYHIHMGKwcLKLQMisqUG46HEMLBYHYHKG2G2N0Hqn41OHI vWUMe2HKKKHuemHGGWgaOAG8HEvGHIuqHNAUHge2HiKLBkG67eGOLsHMHY3A7SGcHaHgHI1OHYtW GmK5EyhGoYhTEiHOHe0iHcZIHmwWHy0eHOG6toGuSsGe0aG8YfBMGMGoFgGWGUFk8OEGGAGcFSGQ 5qG29OJgyqHcHC5kvi4eMieAHUHUHaG1DcF4ee6mIEdIF4GYEwGwGcFyz8F1FiG+RSGkGMGiFAN+ GoHgo+HcHGF2RqsQGaFAxwF2GmQUGWGOFqHW2MIGTcbYGWGCHEGwFUzKG/I2HgG8GUG2FyGg54bk GWGYG2Fsz4HDDKOGMEJ+HWHEG2e2VgHQGsHeI6HOHWGcQqGSHGHOGwxEF4LGHOg6JgGwaeRqG3Iy HGG6R4vAx0S20eGkL0gSKC0+0sicHWHKHCdoHCGyHGGS/6HEwOHa42MgQ2G6Gegaj+HDC+g2KKGu G0GGHMHMG0ROGENEHGjmHEa+FoFUEQG4G6Gcr48UG2FoGIGqFSs6F6PmFIGkGUFW++HcHSQ8FWGo GWFyGmF6FO3et+HGGOTcGuNgHkd6HARGPYGiGmG8FoWEFkF6FQEMFcGID8RQaZHtEcGCF8EcGEGM FKQQGGGgHGGMHIGoGOGSGKEih+50HZMIGuF5CEFoF+GKEkFoE+ESGGFuFWGAGIFGHWHBGmIEG0HG uE+uw6E2HGYWKqHqHaGqG6FkhWGnJyGIFgGCD2GdJg5YFuJae2icFUFaDy8yF4GmG6F8HIHE7wGS FaFsGSEaGSOlJ+HIJmgKwSHMGyGuGMGWG8GA8yGGGuGwFeSMGMHAHGGsGwGmFwKWzMKCQsGcG6G8 GcFcFoEWGuGIFsG6HCGQGmHAF+G3HQGwGwGBFCGXL4GtJyGmFeF+EOHiHwHaKKR28UHAGGG2G0GQ HgHaHEjmz4G+GEFYFEx0qWnEpfJmddNYLUQa9yFmKgMKfYHeHcWcvCHi46NdEiKsHmNuNyPGJ+JU HXDgGcGsTVBUFARqGmHiHo0PCQwdNYKQQEwkHUWkHoNuHuMOfoHiHGxWGoJSHPAcHYfabkGkHQ2O n6mINsgGMEu8RoG6GSWk1NPmwYJydSNHNYnqHiHMJbU0n4G+UgSqHWwkj2OPLgZCHKwnGSHqeSKD NYHdBkj6fowmeYQ0LsHbBKHanEKW5CY+uk1cVgHYGyHizKJ6JcHsHSHKHYGwHKHOpctEe4HUcoHQ eAHWNPKaJ8MINWKGjmLYaKGuFiR+Fa/2GAGaGYFyG+ooG+HEGaG2GaF0GwGQFkTuFSGSTwGQO8GG GCFks6xUHCGgHKYWGcGuF2GMFiEisRMyIFXmHIFuGEFTEe9BJOHEPsG4Gy+qG0F2HEG0GSr3DcHI GO4qFqFmFWE4GUF0ySH+HXKOhiFsFgF0D8GuGKFYTOGKJIGSHWHcHAGeGGF+/KGqGIGwFoGoGgFq ReFqKEeeTQGmE+G2HEGIcSFglIF6tOG0KKUYGcbQGQHUGyGaKuHcVaGhTbKQGgHeRM7QGAHIG4GY XsE8GaGyFyHMWCVWGwJOHUnjKMGyE6FoD+rCFEb0F2+wEmG4GoF8GkG4FqGuG86MGkFKVsGooiGa NWLWGsFgFoD0GYGaFMHIGwGOGEGkFAHAHMGWm6HMHcGypYXEF+E0GWF6FxFLJwGyGzReHbcWPIHc GaGkFMGOGsFCb6FqG4tWGwGSGPC6GBIyG8MvDQGKF3DyGSNALIHYHgs0HEG4GwGEGCKQ/6G1Llfo HmtoHCGq+mHKhgG6FmGQGwF2tc7IH+nEG5HGFsGYGYFY3oGadKP8HJa+HSGcF+GmFgGeGIF6FUFk EdOaFecMFMKdQG4gpgHcJAHMGQ/6HGyjRmGyGPEeGAGqF2FcHWGuSwG2FrCuyCG2F046HSGeF+F6 k8ZOF0E+HavDGQHGGYF0EbDSxUHYGoIG2IHXHCFgHJb6OCGoGIGGEq7eGcJaHhJQFdZMEQGUQ+w8 FdX2T9DaGSFPFkG2ebZ4G6F60sG6m7Tq2sHgHCfmI2WqKeH2zGHkgIeUoQHqZEJUpYHaMqLqvGHH Ea/7Ea20HWLrFQHaHO0bWU1ykrj+IKHrJ/ihlAHaHGHoHYowG0GwoEPNGMHmHMKs0+RMK5eOHgec 1lCRDGHkoOKCPMRnDKqoGoOOHovKTeUUG+GmMkHFVcMCHmKMfGfONuNgfu2YHiGisauMF2HKHUGj BKHWxEe2HgHuLsKKMse7dKLsHOHwH1DuIENcukMUL1EXU2LqHnnigDVq4OnHdKGMGOWkHsdjkeeU nSoKJgqel+Q2ci+kF0GoFYFqGOEoGZNAyKGBABAlfIHE5qGuF+FoGyGMFvPgGWceGuF6GcFMFIEw EEGSGDYSaJeoGQG8GOFsF+FMEaeqFMbkGVoaH+twF+FsFIE4GOGgFYGuGcF8HSGaGK7gGaqSF+GI GsFQ0K7qG2GGGeF2FyGUGSFmGgkYaIGOGeE6EcHkHYHMIGHDHgGwHGGcGgGQF6ZuHKKdfsGO/Aqo F+FuLkSRSAHAxMGqG8GCGSGEFwGYFuF40ynzXUG8pgGykBp8HUQcHIGYF+FUFQGiFzaUdYHfJyGq GMFxRvbTWeicGSGcFiGqGfDWG8GkGEGOE8G6GIFqGiE4EfTsHC4OHoIGvGHDgnoqFoFkGKF4FUGm XAzKHQIGK65SGoFyGKGyFuHNsol8KCJcHkutDSHWGShnpHZ0G6xwSgbQHOGuV+G2k4F8HEZUaCGq 1wHaG4HOk+F6EmGcGUGAHSQ4HS4S1lKeHAko7qG47UNdt6owaEQdHgkqG4HcxxErC6aKG+HAGUPK x0HVreG9KlU8HsWqzKHOHGF+Fg4O1YIEHMHaGeGyHMGaMsLuWjSsHOGiHGHIGq0+HSxFvAGYFmHO HaaqHcG4GIGdSgFwFeG+GaGmnifa4OiaeaNIqTOUyIyM+47kQ2G4GUFyGtbMrCFkKK22kcvDowF6 GAFkFiEuFKDstbL2GMF0UMG3GQ4GIEWlXYG4F8GPeeGUFsFvPyGKp1MEIEKyGiGuU610GxFIHIl6 eVLjYcGks4GwFcG8G6GY2MHFPMG8RqG9kQkcqOHSG5UaHbAcLKwfw03v0jQ6GqZUwkwJuwHIHTbu hIzqftK6oS4KJ44NK7GAIymaMOv0KiIEzSmaJaHwVYG+QEIkhMKeoSzkzUfEv2KN2Ql2KcGIGyFb KriSGOEnfMFMyOGUGk8gHIG1qAKCROP8GOFk5MGUGViS8UFYGmG0F8uHqrqYGMF+EMGiG0FoGZBU HQHQGgzmzr34zoKExWGSG33ybMi+HYo7laHZEaejcwL01cHWewqCHfxicCHecrXKHHHeHAHnuxnS HWqB0acyn4Ht33375L5N5P5R5T5V5X5Z5b5d5f5h5j5l5n5p5r5swyICCmVuZHN0cmVhbQplbmRv YmoKMTMgMCBvYmoKNTExMAplbmRvYmoKMTQgMCBvYmoKPDwKL0xlbmd0aCAxNSAwIFIKPj4Kc3Ry ZWFtCv///xeFhom5zbWeikV/nZPoHW/XFsbjuaVaYxTgzYfBjdXZE1xjzSkYa7Ne61Hx025hq4Uo jj7O6aLiynBqi/4/ZRGcyN/F4Up5PzbKMQo5k7W+u0T9iS6fbPgQ1oQOFukfsrH+eJJJ8dKAvAOK 9Zc/s1KEsdyyUUirYR4vbzUYj+jKjmBc2FIuWA4y4gTJIrgcpmn4WbpBBRtgNIuVTRp9F6nedIEw o9k/1btDn977vIVktd8f9uQ7VxnG7Gbhan2KSPILeZXluGug+wt/9scEW33je3PHtsvgfbhHXyLF 6Wu39eVM2p24e5nD+o+L/+sI4mZ8qh1Hi5v/0voil+SOT9pznLQQVDCpFys5oyolqwyMKLaqb0JF bxQ/kawkIPv+k5ezpOvjTQMOh6c4rVJFOXv84+o+KVpSaez/jQz6i5+RP0N9IpGBMRkoasZ7rwD2 rOPh6g08PXYoPAM0No/UyM4YRvGpyCLD8I2JbDyKY+huRNN7gBDxqUz13YOEskxSypJEdFpnN0v0 wbcwSxsZuV/tNOD9JolKG2fOnxka8uStNlgInY9TklELw5wm3FaGyopnyLHxEsxY4Wxy/F5WqZWv sTM+BcWPEIgsN2WCvS8NJPe+FQqKbuz24ehVN5Lr50QeJUnktVpt4pLSZFACcnT6MIoFu/nxstrZ CBJs8/mwEh/699RVZLbnNhs3OY2sM743OHkwKSwKAzQdbycWIDo1GjEKcJXBV8zdjwVrOzgpcnGi oprOrZ4Dyg4q4S9lF0mWIros5BH4waH9LNw2Vk+n+PJCx5/hymrv9UweWmRo8YYiHWs0FS3VE1my SrAB8qjzNXCTFjv+BjFLJIyvjX01sJqh5bDOu8QnbQ/YbwGBYzbx9kwt9VNeQHfq7wVnJbYCxpuz lFZ4vMOHlDOJFZa/B40MNIJgksPXfbPd5diT6J8umzOFFPBJnIR8JZoS5aGf8tYiUmnmKuaZCMtx m7QQyk9ET2Q0mQC5FSZTJwz1x/7M6lE10HsbaYPn2wplbmRzdHJlYW0KZW5kb2JqCjE1IDAgb2Jq Cjc2OAplbmRvYmoKeHJlZgowIDE2CjAwMDAwMDAwMDAgNjU1MzUgZiAKMDAwMDAwMDAxMCAwMDAw MCBuIAowMDAwMDAwMTg1IDAwMDAwIG4gCjAwMDAwMDAyMzQgMDAwMDAgbiAKMDAwMDAwMDI5MyAw MDAwMCBuIAowMDAwMDAwNDk3IDAwMDAwIG4gCjAwMDAwMDA1ODAgMDAwMDAgbiAKMDAwMDAwMDU5 OCAwMDAwMCBuIAowMDAwMDAwNjM2IDAwMDAwIG4gCjAwMDAwMDA3NDQgMDAwMDAgbiAKMDAwMDAx MDA1NSAwMDAwMCBuIAowMDAwMDEwMDc2IDAwMDAwIG4gCjAwMDAwMTAxMjcgMDAwMDAgbiAKMDAw MDAxNTM3NiAwMDAwMCBuIAowMDAwMDE1Mzk3IDAwMDAwIG4gCjAwMDAwMTYyMjAgMDAwMDAgbiAK dHJhaWxlcgo8PAovU2l6ZSAxNgovSW5mbyAxIDAgUgovUm9vdCAyIDAgUgo+PgpzdGFydHhyZWYK MTYyNDAKJSVFT0YK --------------040803010503030601080602-- From nrflwtqx@comcast.net Mon Jul 02 04:26:01 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5HEP-0008FP-Sz for pana-archive@lists.ietf.org; Mon, 02 Jul 2007 04:26:01 -0400 Received: from c-68-41-40-251.hsd1.mi.comcast.net ([68.41.40.251]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I5HEP-0005Vq-MU for pana-archive@lists.ietf.org; Mon, 02 Jul 2007 04:26:01 -0400 From: "Workflow" To: pana-archive@lists.ietf.org Subject: Short 30 second form Date: Mon, 2 Jul 2007 04:25:40 +0400 MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_000_0000_01C7BC61.0BF147C0" X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: Ace8YQvzD99v3dWST/6f57syr9UtYA== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 Message-Id: <41ACC0A66D26D7A.9B7E0A8EDE@comcast.net> X-Spam-Score: 4.2 (++++) X-Scan-Signature: d6b246023072368de71562c0ab503126 ------=_NextPart_000_0000_01C7BC61.0BF147C0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Thank you for your loan request, which we recieved yesterday, your refinance application has been accepted

Good Credit or Not, We are ready to give you a $471,000 loan, after further review, our lenders have established the lowest monthly payments.

Approval process will take only 1 minute.

Please visit the confirmation link below and fill-out our short 30 second Secure Web-Form.

http://whozifxorgood.com/ ------=_NextPart_000_0000_01C7BC61.0BF147C0-- From pana-bounces@ietf.org Mon Jul 02 08:43:36 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5LFe-0001U0-V6; Mon, 02 Jul 2007 08:43:34 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5LFc-0001LG-2u for pana@ietf.org; Mon, 02 Jul 2007 08:43:32 -0400 Received: from [2001:418:1403:0:212:17ff:fe52:7811] (helo=toshi17.tari.toshiba.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5LFY-0007Pm-Jx for pana@ietf.org; Mon, 02 Jul 2007 08:43:32 -0400 Received: from steelhead.localdomain (tarij-95.tari.toshiba.com [172.30.24.143]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id l62CgKcp010212; Mon, 2 Jul 2007 08:42:20 -0400 (EDT) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.67) (envelope-from ) id 1I5LEN-0002fS-Uz; Mon, 02 Jul 2007 08:42:15 -0400 Date: Mon, 2 Jul 2007 08:42:15 -0400 To: Alper Yegin Subject: Versions [was Re: [Pana] RE: Sam's IESG comments] Message-ID: <20070702124215.GC7059@steelhead.localdomain> References: <0MKpCa-1I58Lv49AM-0001fG@mrelay.perfora.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Content-Disposition: inline In-Reply-To: <0MKpCa-1I58Lv49AM-0001fG@mrelay.perfora.net> User-Agent: Mutt/1.5.13 (2006-08-11) From: Yoshihiro Ohba X-Spam-Score: -2.4 (--) X-Scan-Signature: 39bd8f8cbb76cae18b7e23f7cf6b2b9f Cc: 'Mark Townsley' , 'Jari Arkko' , 'Sam Hartman' , pana@ietf.org X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org If a PANA node supports multiple versions, it can simply try out all of them either one-by-one (perhaps the highest-version first) or in parallel, and it can conclude that there may be a network trouble if no other PANA node responds to any version. We can add some text on this in the PANA specification if needed. Regards, Yoshihiro Ohba On Mon, Jul 02, 2007 at 01:57:01AM +0300, Alper Yegin wrote: > > Sam> What must a receiver do if it receives a PANA message with > > Sam> unknown version? How is the version field actually useful? > > Sam> (How do you get backward compatibility if you discard packets > > Sam> with unknown version?) > > > > -> I think version number must be updated only when we are about > > -> to > > > introduce an incompatible change. So I think (not sure > > > though), if an implementation receives a message with an > > > unknown version number, it shall silently ignore the > > > message. I think a peer with version N+M cannot really speak > > > to another peer with version N unless the former > > > implementation can also behave like version N. > > > > This is what I was afraid of. > > I implement two versions. > > How do I distinguish you not implementing my preferred version from > > network trouble? > > I guess this is leading to something like "version discovery and > negotiation". We certainly don't have such a thing in our documents. > I don't remember any WG discussion about the version number and how it is > intended to be used. > > How about if we leave "version discovery and negotiation" to future > versions? Does this make sense, or would you recommend something else? _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Mon Jul 02 14:02:38 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5QEP-0005vn-PB; Mon, 02 Jul 2007 14:02:37 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5QEP-0005vf-1p for pana@ietf.org; Mon, 02 Jul 2007 14:02:37 -0400 Received: from [2001:418:1403:0:212:17ff:fe52:7811] (helo=toshi17.tari.toshiba.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5QEB-0004n9-0p for pana@ietf.org; Mon, 02 Jul 2007 14:02:37 -0400 Received: from steelhead.localdomain (tarij-95.tari.toshiba.com [172.30.24.143]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id l62I1Pfs011738; Mon, 2 Jul 2007 14:01:25 -0400 (EDT) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.67) (envelope-from ) id 1I5QDB-0003Ea-4f; Mon, 02 Jul 2007 14:01:21 -0400 Date: Mon, 2 Jul 2007 14:01:21 -0400 To: Sam Hartman Message-ID: <20070702180121.GF7059@steelhead.localdomain> References: <0MKpCa-1I58Lv49AM-0001fG@mrelay.perfora.net> <20070702124215.GC7059@steelhead.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.13 (2006-08-11) From: Yoshihiro Ohba X-Spam-Score: -2.4 (--) X-Scan-Signature: 7d33c50f3756db14428398e2bdedd581 Cc: 'Mark Townsley' , Yoshihiro Ohba , 'Jari Arkko' , pana@ietf.org Subject: [Pana] Re: Versions X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org All error indications except for authentication and authorization errors were removed from PANA specification for DoS resiliency, based on the following thread: http://www1.ietf.org/mail-archive/web/pana/current/msg02664.html. Regards, Yoshihiro Ohba On Mon, Jul 02, 2007 at 12:54:39PM -0400, Sam Hartman wrote: > >>>>> "Yoshihiro" == Yoshihiro Ohba writes: > > Yoshihiro> If a PANA node supports multiple versions, it can > Yoshihiro> simply try out all of them either one-by-one (perhaps > Yoshihiro> the highest-version first) or in parallel, and it can > Yoshihiro> conclude that there may be a network trouble if no > Yoshihiro> other PANA node responds to any version. We can add > Yoshihiro> some text on this in the PANA specification if needed. > > I'd rather simply define an incorrect version error. > _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jul 03 09:36:02 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5iXx-0003jh-Mu; Tue, 03 Jul 2007 09:36:01 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5iXv-0003SY-Bp for pana@ietf.org; Tue, 03 Jul 2007 09:35:59 -0400 Received: from mout.perfora.net ([74.208.4.195]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5iWv-0003LS-12 for pana@ietf.org; Tue, 03 Jul 2007 09:35:59 -0400 Received: from [86.108.183.5] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis), id 0MKpCa-1I5iWj1vGn-0001ZB; Tue, 03 Jul 2007 09:34:55 -0400 From: "Alper Yegin" To: "'Mark Townsley'" Date: Tue, 3 Jul 2007 16:34:36 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: Ace3cMOlaINiQyKrRhCVI0tInVxeEgGBO2hg X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 In-Reply-To: <467FF654.7080406@cisco.com> Message-ID: <0MKpCa-1I5iWj1vGn-0001ZB@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX1/7p2OAeehUv3hfiiQo2mnusAhtwa1DLkjDqak 7rTzo1FGvzwConk4Opc9nGuQ6m1MDM4WLXjyXc3thKnhC3n6e8 m3N4apCTi8cbJOgqfXWTw== X-Spam-Score: 0.0 (/) X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d Cc: 'Jari Arkko' , 'Sam Hartman' , pana@ietf.org Subject: [Pana] RE: Sam's IESG comments X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org > > -> Would you suggest we re-introduce what we had but only with a one-bit > > info that says "PaC shall configure a new IP address" (without > enumerating > > any specific address config mechanisms)? > > > Sam, the notification of an IP address change in the PANA protocol > itself was among the items that we removed in order to reduce PANA's > complexity. If the IP address changes for some reason, whether it is > configured via DHCP, SA, IKE, IPCP, or manually, PANA would need to > react like any other protocol that would be affected (e.g., TCP) by > this. I believe we discussed that ending the current session and > restarting PANA would be a perfectly reasonable thing to do, but not > certain that this made it into the text. Somehow I must have missed this. I don't remember discussing termination of current session and start of a new one when the IP address changes. Section 5.6 describes how the PaC's IP address (as one of the PANA session attributes) change is handled. > You suggest that PANA try and indicate when address configuration is > required. Trying to enumerate this is due to the number of environments > PANA wishes to applicable in and the number of ways an address may be > configured sends the author and the reader out into the weeds rather > quickly. Rather, I believe in the base framework and protocol spec it is > sufficient to say that the IP address may change, and if it does PANA > needs to know this and may need to restart. Specific "PANA with Foo" > specifications may make this recommendation more precise if need be. I agree enumeration of IP address configuration mechanisms is not a good idea. But how about that one-bit indication of "PaC shall configure a new IP address"? Sam agrees that his comment can be handled that way. If you are fine with it, we can do that. Alper _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From wdwex@printec-signograph.de Tue Jul 03 12:33:54 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5lK6-00048a-8q for pana-archive@lists.ietf.org; Tue, 03 Jul 2007 12:33:54 -0400 Received: from adsl-153-184-84.shv.bellsouth.net ([70.153.184.84]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1I5lK5-0005fV-Se for pana-archive@lists.ietf.org; Tue, 03 Jul 2007 12:33:54 -0400 Received: (qmail 14074 invoked from network); Tue, 3 Jul 2007 11:35:23 -0500 Received: from unknown (HELO fkr) (35.97.45.229) by adsl-153-184-84.shv.bellsouth.net with SMTP; Tue, 3 Jul 2007 11:35:23 -0500 Message-ID: <468A7ACB.1060703@printec-signograph.de> Date: Tue, 3 Jul 2007 11:35:23 -0500 From: Andrew Snider User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: She says a lot of mean stuff about people that is not well founded, and is usually incorrect. Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d ERMX Jumps 12.5% and Volume Goes Through The Roof! EntreMetrix Inc. (ERMX) $0.18 UP 12.5% Big news last week pushed investors to the table. Wallst.net release of an audio interview got them excited. This is only the first day after the release. Act fast and get on ERMX Tuesday morning! WE LIVE IN AMERICA PEOPLE, WE ARE ALL ENTITLED TO OUR OWN OPINION! This great opportunity is just the thing to move your career forward if you're looking for a change of scenery. Obey school bus stop laws. You will be a highly motivated individual with the dedication and distinction of a university graduate who has also recently or is well on the way to becoming chartered. Premium Shopping Is Easier, Safer, Smarter, Shop Now. The companys new name and old ticker symbol, CHE, should take effect immediately, said Dave Williams, chief financial officer. Two easy ways to order: expert one-to-one assistance over the phone, or easy-to-follow click-through menus online. Obey school bus stop laws. I think all TV stations should remove them from the air. The consultancy is dealing with infrastructural development of the site, including roads, bridges, services and waterways. Your role will involve working on behalf of quality clients in the Virgin Islands on hotels and high-spec residential projects. But from what happened to wildlife expert Crocodile Hunter Steve Irwin last year, know that there are dangers, too, in the waters of the Reef. They work on some of Europe's largest building and engineering projects across a variety of public, private and utility sectors. The good news is: If you know what the dangers are, you can make sure to take precautions. The leaks are unpredictable and so far have been in the cold water lines only. From xaarose@jetcosys.com Tue Jul 03 12:51:38 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5lbF-000670-VC for pana-archive@lists.ietf.org; Tue, 03 Jul 2007 12:51:38 -0400 Received: from [125.141.5.121] (helo=jetcosys.com) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1I5lbF-0006nr-A4 for pana-archive@lists.ietf.org; Tue, 03 Jul 2007 12:51:37 -0400 Message-ID: <000f01c7bddd$f6555cc0$00497f7c@tempcom> From: "Edith Gallegos" To: "pana-archive" Subject: Fwd: Thanks, we are ready to lend some cash Date: Wed, 4 Jul 2007 01:50:44 +0900 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000C_01C7BDDD.F6555CC0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.2962 X-Spam-Score: 0.0 (/) X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15 ------=_NextPart_000_000C_01C7BDDD.F6555CC0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable Your credit score doesn't matter to us! If you OWN property and want IMMEDIATE pin money to spend ANY way you = like, or simply want to LOWER your current payments by a third or more, = here is our deal we can offer you THIS NIGHT (hurry, this lot will = expire TODAY): $400,000+ loan AND EVEN MORE: After further review, our lenders have set the lowest = monthly payments! Hurry, when the deal is gone, it is gone. Simply fill in this short = form... Do not worry about approval, your credit will not disqualify you! http://livefashealthh.com/ ------=_NextPart_000_000C_01C7BDDD.F6555CC0 Content-Type: text/html; charset="windows-1252" Content-Transfer-Encoding: quoted-printable

Your credit score does = not matter to us!

If you OWN real estate and = want IMMEDIATE ready money to spend ANY way you like, or simply need to = LOWER your current payments by a third or more, here is the deal we can = offer you NOW (hurry, this lot will expire TONIGHT):

$461,000+ = debt

AND EVEN MORE: After = further review, our lenders have set the lowest payments!

Hurry, when best deal = is gone, it is gone. Simply fill in this short form...

Do not worry about = approval, your credit history will not disqualify you!

http://livefashealthh.com/

------=_NextPart_000_000C_01C7BDDD.F6555CC0-- From yynf@findlay.edu Tue Jul 03 15:10:17 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5nlR-0001ti-CA for pana-archive@lists.ietf.org; Tue, 03 Jul 2007 15:10:17 -0400 Received: from host-83-146-11-167.bulldogdsl.com ([83.146.11.167]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I5nlK-0000kq-Rc for pana-archive@lists.ietf.org; Tue, 03 Jul 2007 15:10:17 -0400 Received: from thlns.zn ([219.45.196.161]) by host-83-146-11-167.bulldogdsl.com with Microsoft SMTPSVC(6.0.3790.0); Tue, 3 Jul 2007 20:09:43 +0100 Message-ID: <001d01c7bda5$b6ca4030$a1c42ddb@thlns.zn> From: "vintagepostcards.com" To: Subject: July 4th Family Day Date: Tue, 3 Jul 2007 20:09:43 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="Windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4029.2901 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4029.2901 X-Spam-Score: 4.7 (++++) X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a Hi. School-mate has sent you a greeting ecard. See your card as often as you wish during the next 15 days. SEEING YOUR CARD If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet: http://74.233.153.251/?0a47ec5b6e92ded5e559ae0855a16e2a1 Or copy and paste it into your browser's "Location" box (where Internet addresses go). PRIVACY vintagepostcards.com honors your privacy. Our home page and Card Pick Up have links to our Privacy Policy. TERMS OF USE By accessing your card you agree we have no liability. If you don't know the person sending the card or don't wish to see the card, please disregard this Announcement. We hope you enjoy your awesome card. Wishing you the best, Webmaster, vintagepostcards.com From uzong@joris.org Thu Jul 05 00:25:13 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6Iu1-00015M-PK for pana-archive@lists.ietf.org; Thu, 05 Jul 2007 00:25:13 -0400 Received: from [62.140.227.78] (helo=hjftlv) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I6Itx-0003eN-5U for pana-archive@lists.ietf.org; Thu, 05 Jul 2007 00:25:13 -0400 Received: (qmail 9947 invoked from network); Thu, 5 Jul 2007 08:24:52 +0400 Received: from unknown (HELO cyosq) (35.238.236.75) by hjftlv with SMTP; Thu, 5 Jul 2007 08:24:52 +0400 Message-ID: <468C7294.6050602@joris.org> Date: Thu, 5 Jul 2007 08:24:52 +0400 From: assertiveness User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: slapdash Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 4.3 (++++) X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5 ERMX Continues To Expand As Stock Climbs Up 16.6%! EntreMetrix Inc. (ERMX) $0.21 UP 16.6% ERMX announced further expansion with K-9 Genetics. Healthy and Premium dog foods grossed $3.6 Billion in 2006, up from $1.9 billion in previous years. Read up on ERMX over the holiday, we think you will see even more fireworks on Thursday morning! Wenn alles gesagt ist: Schluss! To enable Japan to reopen its market to U. empfohlen hat, ist bei Ihnen eine Stelle als . Who is R-CALF and OCM really trying to help? How can you beat that? Feeder cattle prices continue to be nothing short of phenomenal! " Notieren Sie sich auch die Fragen, die Sie stellen wollen. that the international scientific community has not confirmed these findings," the U. Vaccine may prevent mad cow disease Vaccine may prevent mad cow disease Excerpt. Sigurdsson, and Thomas Wisniewski of the NYU School of Medicine; Fernanda Schreiber and Jose Alejandro Chabalgoity of the University of Uruguay; Richard Carp and Harry C. Meeker of the New York State Institute for Basic Research in Developmental Disabilities, New York City; David R. Ein Anregung zu proaktivem Verhalten. However, CJD differs from the other neurodegenerative diseases in one important respect: it also is transmissible. Stimmbildung - Wie trainieren sie eine leise Stimme lauter? Achten Sie darauf, dass alle Teilnehmer sich an der Diskussion beteiligen. Ich-Standpunkt: er wird immer dann verwendet, wenn wir eine Form von Kritik zu formulieren haben, z. Vaccine may prevent mad cow disease Vaccine may prevent mad cow disease Excerpt. " Because the research was conducted in normal mice, the NYU researchers say it will be easier to apply in animals in the wild, which are at risk for developing prion disease. That being said, market uncertainty is amplified by current litigation surrounding Canadian trade. Additionally, the university reported that a highly sensitive livestock feed test aimed at preventing the disease has been developed by UCD researchers and is nearing commercialization. Dean Cliver, professor of food safety at UCD, is a national expert on mad cow disease. Bietigheim-Bissingen, Ludwigsburg und Remseck sind nahe beieinander. scientists said studies in mice indicate a vaccine they developed may stave off mad cow disease and similar disorders. home with valley views at perfect price! They do not mention the upward pressure on cash prices that contracting a portion of the supply has. From vcypriot@mpinet.net Thu Jul 05 06:14:15 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6OLn-0002KF-Rt for pana-archive@lists.ietf.org; Thu, 05 Jul 2007 06:14:15 -0400 Received: from 19.red-83-58-164.dynamicip.rima-tde.net ([83.58.164.19]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I6OLj-0000zt-7Q for pana-archive@lists.ietf.org; Thu, 05 Jul 2007 06:14:15 -0400 Message-ID: <001001c7befd$fba50dd0$0eca7fbc@usuario2be8wa6> From: "Frieda Godfrey" To: "pana-archive" Subject: Superstar Stock Report Date: Thu, 5 Jul 2007 12:14:06 +0200 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.2962 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.1106 X-Spam-Score: 4.7 (++++) X-Scan-Signature: 7a6398bf8aaeabc7a7bb696b6b0a2aad MRMT IS THE TRUE SUPERNOVA MONSTER MOTORS INC - Hires Award-Winning Design Studio for National Branding Television Commercial Ticker: MRMT Trade: July 05 Thursday, 2007 MRMT Price: $0.6 Monday July 2, 9:00 am ET - News Release CHICAGO, IL--(MARKET WIRE)--Jul 2, 2007 Monster Motors, Inc. (Other OTC:MRMT.PK - News) announces a major contract with top Commercial graphic producer Keech Studio for the production of a National advertising spot for Monster Motors, Inc. The Monster Motors commercial ad spot is designed for showing in Major cable television Markets nationwide represented by Viamedia including those markets serviced by Verizon FiOS, RCN, Knology, WOW, Surewest, New Wave, Everest, Grande, Blue Ridge, Service Electric, CATV and Atlantic Broadband. WATCH MRMT SHOOT THROUGH THE SKY THURSDAY! From xxocarlton@ahtech.com.cn Thu Jul 05 07:00:02 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6P46-0003D6-KF for pana-archive@lists.ietf.org; Thu, 05 Jul 2007 07:00:02 -0400 Received: from [91.77.0.17] (helo=ppp91-77-0-17.pppoe.mtu-net.ru) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I6P41-0004Dm-88 for pana-archive@lists.ietf.org; Thu, 05 Jul 2007 07:00:02 -0400 Message-ID: <001301c7bf15$27095550$060a9a2c@wksex033m> From: "Luther Lane" To: "pana-archive" Subject: Stock Trader HOT Alert Date: Thu, 5 Jul 2007 14:58:26 +0400 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0010_01C7BF15.27095550" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.2969 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Score: 3.1 (+++) X-Scan-Signature: fb6060cb60c0cea16e3f7219e40a0a81 ------=_NextPart_000_0010_01C7BF15.27095550 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MRMT IS THE TRUE SUPERNOVA MONSTER MOTORS INC - Hires Award-Winning Design Studio for National = Branding Television Commercial Ticker: MRMT Trade: July 05 Thursday, 2007 MRMT Price: $0.6 Monday July 2, 9:00 am ET - News Release CHICAGO, IL--(MARKET WIRE)--Jul 2, 2007 Monster Motors, Inc. (Other OTC:MRMT.PK - News) announces a major = contract with top Commercial graphic producer Keech Studio for the = production of a National advertising spot for Monster Motors, Inc. The = Monster Motors commercial ad spot is designed for showing in Major cable = television Markets nationwide represented by Viamedia including those = markets serviced by Verizon FiOS, RCN, Knology, WOW, Surewest, New Wave, = Everest, Grande, Blue Ridge, Service Electric, CATV and Atlantic = Broadband. WATCH MRMT SHOOT THROUGH THE SKY THURSDAY! ------=_NextPart_000_0010_01C7BF15.27095550 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

MRMT IS THE TRUE = SUPERNOVA

MONSTER MOTORS INC - = Hires Award-Winning Design Studio for National Branding Television = Commercial

Ticker: MRMT =

Trade: July 05 = Thursday, 2007

MRMT Price: $0.6 =

Monday July 2, 9:00 am ET = - News Release

CHICAGO, IL--(MARKET = WIRE)--Jul 2, 2007

Monster Motors, Inc. = (Other OTC:MRMT.PK - News) announces a major contract with top = Commercial graphic producer Keech Studio for the production of a = National advertising spot for Monster Motors, Inc. The Monster Motors = commercial ad spot is designed for showing in Major cable television = Markets nationwide represented by Viamedia including those markets = serviced by Verizon FiOS, RCN, Knology, WOW, Surewest, New Wave, = Everest, Grande, Blue Ridge, Service Electric, CATV and Atlantic = Broadband.

WATCH MRMT SHOOT = THROUGH THE SKY THURSDAY!

------=_NextPart_000_0010_01C7BF15.27095550-- From pana-bounces@ietf.org Thu Jul 05 18:15:54 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6Zc9-0004c2-Tr; Thu, 05 Jul 2007 18:15:53 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6Zbv-0003FD-3J; Thu, 05 Jul 2007 18:15:39 -0400 Received: from ns0.neustar.com ([156.154.16.158]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6Zbo-0006AA-RB; Thu, 05 Jul 2007 18:15:39 -0400 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns0.neustar.com (Postfix) with ESMTP id 856353290B; Thu, 5 Jul 2007 22:15:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1I6ZbK-0006HE-DL; Thu, 05 Jul 2007 18:15:02 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Message-Id: Date: Thu, 05 Jul 2007 18:15:02 -0400 X-Spam-Score: -2.5 (--) X-Scan-Signature: 73734d43604d52d23b3eba644a169745 Cc: pana@ietf.org Subject: [Pana] I-D ACTION:draft-ietf-pana-statemachine-05.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Protocol for carrying Authentication for Network Access Working Group of the IETF. Title : State Machines for Protocol for Carrying Authentication for Network Access (PANA) Author(s) : V. Fajardo, et al. Filename : draft-ietf-pana-statemachine-05.txt Pages : 37 Date : 2007-7-5 This document defines the conceptual state machines for the Protocol for Carrying Authentication for Network Access (PANA). The state machines consist of the PANA Client (PaC) state machine and the PANA Authentication Agent (PAA) state machine. The two state machines show how PANA can interface with the EAP state machines. The state machines and associated model are informative only. Implementations may achieve the same results using different methods. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-pana-statemachine-05.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-pana-statemachine-05.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-pana-statemachine-05.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2007-7-5170607.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-pana-statemachine-05.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-pana-statemachine-05.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2007-7-5170607.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana --NextPart-- From usachanppp@yahoo.fr Thu Jul 05 20:31:50 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6bji-0004NK-Bg for PANA-ARCHIVE@LISTS.IETF.ORG; Thu, 05 Jul 2007 20:31:50 -0400 Received: from [222.170.80.56] (helo=so-net.ne.jp) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I6bjh-0000cB-7E for PANA-ARCHIVE@LISTS.IETF.ORG; Thu, 05 Jul 2007 20:31:50 -0400 Received: from fibcddsgcb8 (unknown [76.204.44.147]) by smtp60 (Coremail) with SMTP id e1mqc4e57WFyCZ8o.1 for ; Sun, 22 Jun 2008 10:28:46 +0800 (CST) X-Originating-IP: [76.204.44.147] Subject: =?iso-2022-jp?B?GyRCJD8kQyQ/JE4bKEIzMDAwGyRCJSglcyRHGyhC?= From: =?shift-jis?B?l5yJ1A==?= To: X-Mailer: Microsoft Outlook Express 6.00.2800.1478 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0008_01C7BD7D.BDFCC710" X-Priority: 3 X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Score: 4.0 (++++) X-Scan-Signature: cdeeb24e6b743a852c396a4af0e53c8f This is a multi-part message in MIME format. ------=_NextPart_000_0008_01C7BD7D.BDFCC710 Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit $B%;%C%/%9$7J|Bj!*!*(B $B$3$l$r8+F($9Lu$K$O$$$+$J$$!*!*(B $B4|4V8BDj$@$+$i5^$$$G!*!*!*!*!*(B http://pure-love.biz/yu/?my03 $B8+F($7$A$c$&!#!#!#(B hosono145yuko@yahoo.co.uk ------=_NextPart_000_0008_01C7BD7D.BDFCC710 Content-Type: text/html; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable

=1B$B%;%C%/%9$7J|Bj!*!*=1B(B

=1B$B$3$l$r8+F($9Lu$K$O$$$+$J$$!*!*=1B(B=

=1B$B4|4V8BDj$@$+$i5^$$$G!*!*!*!*!*=1B(B=

http://pure-love.biz/yu/?my03

=1B$B8+F($7$A$c$&!#!#!#=1B(B

hosono145yuko@yahoo.co.uk

------=_NextPart_000_0008_01C7BD7D.BDFCC710-- From rxoc@higginsbrick.com Fri Jul 06 10:15:41 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6oaz-00054y-5T for pana-archive@lists.ietf.org; Fri, 06 Jul 2007 10:15:41 -0400 Received: from [88.236.30.14] (helo=oldxq) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I6oau-00076E-A8 for pana-archive@lists.ietf.org; Fri, 06 Jul 2007 10:15:41 -0400 Received: from jec ([191.179.151.142]) by oldxq with Microsoft SMTPSVC(5.0.2195.6713); Fri, 6 Jul 2007 17:15:53 +0300 Message-ID: <468E4E99.7070704@higginsbrick.com> Date: Fri, 6 Jul 2007 17:15:53 +0300 From: Beck User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: Re: journal-jttgnztlohsi.pdf Content-Type: multipart/mixed; boundary="------------010104080803070301020205" X-Spam-Score: 4.3 (++++) X-Scan-Signature: 343d06d914165ffd9d590a64755216ca --------------010104080803070301020205 Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Transfer-Encoding: 7bit --------------010104080803070301020205 Content-Type: application/pdf; name="journal-jttgnztlohsi.pdf" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="journal-jttgnztlohsi.pdf" JVBERi0xLjMgCjEgMCBvYmoKPDwKPj4KZW5kb2JqCjIgMCBvYmoKPDwKL1R5cGUgL0NhdGFsb2cK L1BhZ2VzIDMgMCBSCj4+CmVuZG9iagozIDAgb2JqCjw8Ci9UeXBlIC9QYWdlcwovS2lkcyBbIDQg MCBSIF0KL0NvdW50IDEKPj4KZW5kb2JqCjQgMCBvYmoKPDwKL1R5cGUgL1BhZ2UKL1BhcmVudCAz IDAgUgovUmVzb3VyY2VzIDw8Ci9Gb250IDw8IC9GMCA4IDAgUiA+PgovWE9iamVjdCA8PCAvSW0w IDkgMCBSID4+Ci9Qcm9jU2V0IDcgMCBSID4+Ci9NZWRpYUJveCBbMCAwIDM4MSAxODldCi9Dcm9w Qm94IFswIDAgMzgxIDE4OV0KL0NvbnRlbnRzIDUgMCBSCi9UaHVtYiAxMiAwIFIKPj4KZW5kb2Jq CjUgMCBvYmoKPDwKL0xlbmd0aCA2IDAgUgo+PgpzdHJlYW0KcQozODEgMCAwIDE4OSAwIDAgY20K L0ltMCBEbwpRCmVuZHN0cmVhbQplbmRvYmoKNiAwIG9iagozMQplbmRvYmoKNyAwIG9iagpbIC9Q REYgL1RleHQgL0ltYWdlSSBdCmVuZG9iago4IDAgb2JqCjw8Ci9UeXBlIC9Gb250Ci9TdWJ0eXBl IC9UeXBlMQovTmFtZSAvRjAKL0Jhc2VGb250IC9IZWx2ZXRpY2EKL0VuY29kaW5nIC9NYWNSb21h bkVuY29kaW5nCj4+CmVuZG9iago5IDAgb2JqCjw8Ci9UeXBlIC9YT2JqZWN0Ci9TdWJ0eXBlIC9J bWFnZQovTmFtZSAvSW0wCi9GaWx0ZXIgWyAvTFpXRGVjb2RlIF0KL1dpZHRoIDM4MQovSGVpZ2h0 IDE4OQovQ29sb3JTcGFjZSAxMSAwIFIKL0JpdHNQZXJDb21wb25lbnQgOAovTGVuZ3RoIDEwIDAg Ugo+PgpzdHJlYW0KgAAgUDgkFg0HhEJhULhkNh0PiERiUTikVi0XjEZjUbjkdj0fkEhkUjkklk0n lEplUrlktl0vmExmUzmk1m03nE5nU7nk9n0/oFBoVDolFo1HpFJpVLplNp1PqFRqVTqlVq1XrFZr Vbrldr1fsFhsVjslls1ntFptVNT5ZtdvuE3AhukCfT4EgT/ttxvlgEgkbrdukQNx0kAEAj/gRZuc ff4TT8lC4XgeIvuXh2BgSCdUQJrFgQQ0ECCa4XAwgWTN2AgZzzgETEGvVtAgkQAnADFCG7hYX1bd hWQAGJh6X0un1GqwGBLkCdWwAGPgd6gW1zHXgyZvHD2Ozy3VuaAge8YuogQwXECLGUv/ALiZABZt 0JxnhE4BZu8AAwePn9IAPWAC/oE96ELugbGIc9CCwGAD3gI+ZMAuxThrwvaBNu7ENMWLIuAuVDFM QvEIOGwb8NCYppv6gZUBg9bVgAzSCw/CiDMa+4AN20SBHjFcWoFGDmC5EiDu/EosPuZqFR+gkZQh DsaQO6r5IJE8NuwC7YvBIyBE43EcghHkexWzbKIILjmyK7aCy8AD8xyLEeoE3SBt9Bs0IZIgAS8A LQzChBBTsEkCTSLMsxAu8jPkyLxz/K7MOk8EqSrP4IPMeLUAgVCBk5QcYuaAjOoRPSBgDRwAHiS9 MIEVBBIG9rgOHUUJoRSYAVNP7+ITTqC1CAjJuky0iCyyImz60LzUey8pPi+T50bHhLznP45k4gbA kzNLoIJEVbII/TqubTRBDmgpuvggZMB2HcaoOTgmzBHYAEvNcbViyrY3ZA7LSof9rT9aNlMxERUF QyN/IM/g53qmYuWeiEdP3FYuVPGd0IGHclOjLgssUALRtzZOBZGrWFtDhlviydQuXVN2QAJTaBxw hNwZJm2b5xnOdZ3nme59n+gaDoWh6JoujaPpGk6Vpemabp2n6hqOpanqmq6tq+sazrWt65ruva/r ACUZsGlDoOgMAwXF/o0CYJwou2YpVtG1JCuyHn+f+Y2yT5/v+ADTujv2yJptCGFRMyIH/eRUDpkS CDmwaQk5v3IBILl2orgqBbnydXXI1c08PNO+bVtcXIECoJ8Gmu6IXAqGBJtxntzsxmmaVHCoPyyG NNxyHkFVyBd2ADJgA7W+In26BdagcYOiykH9Jye/tRAK89n1aZtd4FyuHvPiuHvhOX+046es1naA X2xcbT6fgXI6fDgv6OEIJ81X1iYrDIV+C85i9FLrgiGvsNa8EyqFH5vhX85M0x6jfEFf09kmTwCC uHQIXh5hAnzHsUGYJ/QxRmjFPS3R97wQ3MxfAAAT7dIGp1ciAAN0H3YORfA2KDJEXmPcBIYOCyDo MLWgaDB/Zq1PEDhBBImIc4impXQ31PcAoHkEDdAYADaW/ueXJDtEDek0p7bWgxe6c2NELRAQNbLy 3xwCIgLiA0SmLJDQo9MGByT2HAMEQQYrqokEvDc5gLijHxvUjAQUdT3X2uCC+JePpBm7PLjUQJGU Ro9RkcRI2Bh5oou/gNItM5kXWuAVecsgZnCBxWj2S5757zmwrkcfsLC5olnVfaACChAwYN4i5GiW zvkgPdllDcgz84zkIRfEWHZDRBJkbyQWVjfz0unWuN2Y5Ao3QBlOTU0p54hntl6RSABA3ewbIacK WkVCNBzVE7yBD0TIzZg1K8iBrprtkh6R+Ws82vzDI6IIL8+J/T/oBQErs0g3S+oFQd4Sng3GDQ6Q oxqZ0htjoQ1o5dC55PEbiQahb+2TmkknRNq5gaFnVWBOSjQdFjEECwoyFtIGrhcNcrMx6iSFM1AA ceXlLmpmMQlCpRh1GaMgP2f961OmrqIREhwhSKiCJMedUZqyiURrOVLGMgacpRpmfRVBqdUmULQq uDA3SrZQyRq41RUlZ61VrrZW2t1b64VxrlXOulda7V3rxXmvVe6+V9r9X+wFgbBWDsISed1hSqvI ImMWL4uKOEmbNXt6ZFHbABXgUUf9QiIDFoyRoZqxyGgni+TQI4f39u2tQQOlJQhigLIWE2y5F3L2 aIzPciNnyPAutctMiiMhBVfIGAu0odDdWoqsQgLkYSGBut1aUhNsE2DFgTJAbonBiwGN3UAkbFAI F6Nrcy4QALiJ/srZYgbtih3OIfdYit4SOgEi6RG6BHRUW7b/aNOcuHiLombC1vBCgF0cc7OW/My3 jURb8LiELqAKi4bcQIT6og6SPTmMW/QF7+HpsnhYgxu8IwawoRbBpBMP3ifY2qNj7zcmgwMTjBuD yC4TIhPqR0IXMEGwCQTFKrhUGjwMtmG2NTRgVxfjcgjnXg49wtkYirZ5wRYmqQOVUgF/xzwYQp3O BLkN7S7F+J1N49DPMi4xzeIb/5SypIJv4FTpgQzEJ/MkVcQnRdEdN0uFMYKsf3IeEs1XvkKjnl9t rinsOMbOBggj73u5nym3100tz/ttIFmKDWh855/who6IFOSD5ZceCSMrxHRxxd68vNmkgAaUIPGw zei8mEWz49wwd/35pok9Gkgb1tUEIhzQY1KaI/5fpaADIheU/uaBhoiJ5CZ6uBlbNB1KKM9bJmsQ yP99yGGis4pvakT4KOQQdOu+JCdouKVZtzZVk3+uXABD3YJ/4gzw3LtrZG6c5oOi7Dc9ebHeRfcq 5fAyeNsPUmhm3c6gHgvD2aRoTmygAb/bwZN18TjTSghgp4Z7FSCgYk3LHieKDzsixhBFNym5TW2I K6/auVooj/exZHdrczNzmIK8fYXFiD8wzLw1zy5Xdj/egfCxRBzVuydoQJ5XJ4TKe6Ag6JvID9nJ hf0cgnSiFtinBI/PJCeOPN6ZxLTMrZXSZTnaezprdZoU5URue4bjE0Z6xss/dj0Y8Z5IQmLPbnMd xgZURxGqU/vqzLNTRRCe4zgiFPBAQ3e7XnxO5N7r/UiyAcFUUg16JwLlgpNPX52lOSPQajvwWcm/ +Re6cTUT4YAwtQCg24LGorC49MQt+uasO20ILPf1EwjtyBzUoLaXo5TUaO3DWiRGvJPfTN1iNMoP LR4uORL5pqIN1P6pCLaqr+ppsgYReHX25wPkcd64gsBJR8JhOu3BHiCDoyuIbk/77v0KsTMkPgZy JtoxVj+9v8s8tPOCELJrxPFP9IYu6CDsoniMMP7M7j/n7kBIOwDE5v4sQn5GLpgCMPOHio4N7iEI 8iatQiTQQtVjkJXk7KzPyskHuH4iLIpoQDQOrH+wQsgEanekXHwEZQXPotPv0iFucDfrlCGoTi+g 5o8uHCYI+sWwRO/rEGnpUwmiPvDmbDji0ntuaClKLibhPqPohQhLgCFC7KPipucCVqtiWqRtEwrm gLDiKh/w1CDQ2CesziJQHiIw3AvkyCjpGpRp+iFm2ooPwC4w/wyCCopjnxAj4w8iFRCQzxECBkLi CNajtxBxIxHEDGHiOwtiVFEr/gsh4ghw5teNOCORBo5wTQgCIxPkaxJCBqcRRxSD/uCpRDNqZRHr tASJcQmGEwCCXpSOrxcMfk0m2p3RZLlDnkJMmDrLajnsSQviMxjlaOwiCRQqfNdpXC6wtnVN4uLn 0KCjqxkDqm+RIM6CBJhtJNhiTJQOyPOGWMIF6kEiBAkxdRKIXIyLvC8KgAuA3AsR5LpwwrDwbi6D lx2BMFECEx+JmKWNSniHIppEzktCEx9x+sSQ/uCPniDSCsSC9R4AAR+u1iCyApjKCngyCkQjtxxw FSKOxSGCCIdpfSSvjpgphMII9QbSWSBjNxMDLR8oaHRxsoWwbiUQHvyJ0EWEKQpQ0E3NxiCQuqEi FLtDFjtg6EkxwswHlnqqtKRC6B1D5wRiEErRWyavEynJuxplmCDywKPSrpxPyDZKJSUS0iEoojNR vEHDKSoDqupuBDSRYqOS2yuFWSjyYrzyfKby+vWwIy6kPR3GxDFR4SpspRJwxJQiTy5owlfxHjty oKUDxmUBOPEnEQUEbQ5w0D8D9RNIWn7nnDBS6xmtsmKzUkXrqJRqvxqFvzYQHTZCGkuKHlvwpHdK FC6LflWDIkuEgO6QpHWqiwUHwEpS8TfQUoHEgjgSRjtmDEKsIC3TSoxpGzYlzHIzMCQqKoXxoi8y Nl6lTNcvjpoKnykiFTHrLkdJ4JssrSblYxDGUPUKaxeJXHzqRRIxdSoiEAIReT6vgCGxQjCiERrC DLfDOzmx8MjFcE/xNJbJ4T2uplIvUSOCDKVyQULpuKRjnqSqfyji6TOEwSw0LT/TWRItXiRKTSWj xKwS+R1EzJIxfCGEMk6DcgsBLlpJBT/FPjnDYRdQ9iFDjR0CJC7DGJYiCUfiC0WQgxLiCDPiExGE CPTjuo9DiSUCHwTtEp0x3MIFGDbCEjjOQjUjfiElIiCUm0dk/hiz+CjmZiHjlyPqHA3DbrQDRD+E ej0T6oiJIj5DoTnkSkMiZFVkGJRPPCKDdjykeVARR1CKejwVDCMltoDjK09Ev0rxTCISzisEkS4i XLOJBmeTFisTjGjwspISlmbyvQoUrrRv7CRS2iaK0tslWw3pGGUFiCulVCrlNCpVhiT1iiKlvHDV eCBGWjKxnCoF3iEguPcCdmYGDRMCFhBQOigGTJR1tu2Vvj6UXiDQMCCvMDquziNVmiKmKCL1rGIV nibsOAAU6leruPPiesLIV1O1Hlk12vPjEFYgIGVCQQBDQmVL419E1i9BcV6luV7oA2AiFWFC8V9W Gk/ONCJVz1HV4iGVLmFL4DeVtHJxnHbV5t22LCUpmk30+h4lygLtjj/jv1/mWGMjoh/jEV0iSpGk rF5VugIHbm6VVx2zzWcxH2G1SFv2gjwDmEckKWbIKlN2V2M2YFWG/ACUplel62pk5lk2YWgWdCEG 8WjWJmFIK1w0r1Okc1IGTDeBUG1GYzREbFNzriWFjEdEwlU2XjdmNLJjNM3FWAd2imYN2lGW7qbV zNcWsBu1/m82oQAz4k/29FfryIvzRXHjvzr1o0UneC8EZBnpcGM2TsemDFilj3EEc2+m/XGHDKhL Vj9BLnu3UDZBUXRDwCDXDiD2qnbNcP9NJxk3SFKCC3YniEwr0WSDt1/k1Xgk9rViUlwXJiCBml/p a2YLtAXMl2crNT0iIBBBu3KIVNMTbFS04jzVusjwj2qoIEasei8lrXuVIFduOXvXin/ALgXCDV51 oj9FdPL3qLsVxjoqJX+EVgCFHXpr8KmxdX23hGQjKkdXeOZjUk/wlEWMfG1qbYDXUovJy3vi8zBj hmYuh3OCUF5EKmavZFwzzOmukKJTn0+iGHgL4XrCCAFn1KaUB3JXZU43/xpsblmKgKUj9WXCEqLz FszgL4bGNXCXwiBT02fKv4Ujhou3xiCva21pqDt2gPc1eYbyzCC1+4iXOLGYpL4TzDUr7Yv38nHY trGOHlXYZ4KUAt2o4rYjzxFCSX+3w2NkK3lILYbKO4BVy3zk1DQi9KMgd2MiD2QGxoQwBYzUAZAV 0PwmAX4zfluYtDFIegF3BAIGYXXD84hmF0j5MXlSUiGZQkw3+pGsFuU5FDKm4ob343pGNMU4tNjk zZONV4E4xLzjQNWDLLss4IU5dgm2WDy5eiT5Rm3DQY3Derdj9MLAsj02kjSNX31Zhu/j9B/1sCDu tiDrus4CHWejR5l0X5hFN4kmACiDEWv0EFn5UkeHus8skZ24P40Z1iC5yDKvj2DGBwth/wd4fHDr dY0k3Bmpm5UaBCQY+CyWgaEN76AaFtUxclGmI5wDRQ85vmuBcBi5nCTvfGk6GrEA6HxtfGj6RiyZ TCojZiSaVjcr3CH5CCMLULQCcnt2O5aAA6bC0LuiYrTCRrMiSafCDagVQTJiK6UxF1lp7aci+kuY RiW3ZiN6Ym6sjapteQDiKrzCIzhiUzwiPOdCs31C8rWr1OkLUiS6lE6lGaxCG6ja0LcCEwtrHDDM kWxazA/5aUqj8IxrpUKzIMtEc3Qaojx60rYa+iFLRMUjh45iHLUVqXdM3VLiIALqJLRCuG8G+DFL 3UePMLYLV6Pts7NF2rTUeaDrLY7OUj/7MYZYNWJ2MroWTL2EHbWMBjh2M7O4Dox7QlrIerIn3WF1 xvMauZq18Fv7SCFrKr5vMVTG/mzbMCDznrx5XiDguHBNWCt5ICBajPMLP7QadmNbnCDrf17i7jmr WvLmNbi6eFrn9p5ZIbKaD0q7EE+rGDQP7Bu734ZLuMjbuox6uFb7xFN2sYubtkCahCEbPrL5Wn+b tkpb0lp1z7Ulb77LrBUb86tOUnMbPElbU3nUGyphOPNWQk/r4cErxLi8AbQCiLmI8LyGNL5sukCW s74jIwALz6aiBbmYEkYl/5g8TUna98d8GFrLpFzcf2QiF8OrVLYvfLk3fWH3Uaz59LLkrbabRnhD B8qOkFj8ZE5xdLrVeLdVzb1k+7EE3cerqkz0KLviBL1aHk3cz8GaJich1KMnWpa6PP6MMMIMKNij okwsSsjj/89IEY5sFC8s2MHDQ4QYJL8jUnoGGdEjosiD/3Uc8oDWT8+oVMND/sONi6Nv+iD4GRgm 79BMJMEoS9IEzvesvNXr6vynghBFN2T0rqrMRkwMIr6sZO5IjMluFifaxbsvks6tr4OZvMwsxwDp as/Jc2xBcMiHVNzIVWwpaKDHRIzsvxp9ot5tVVydVwWRbHmNAtI9lNKuZWxNMYmjgm3XAN2s99Cn g9nVyXeiCNoucwjv/lN4K5Fl2sYG4dmJzYqigJDo1vm2xNjt0QEHQNxdjiHaPGC8NL18eqb4AinN ut1Hut2PUje9pakCFeGtfiGALt+Npd4eM9CtfN3dHCpT6ucg6HbdrCOeYiS4TC/OAbHCR1Gw/OXE wuYHcL7uukgUnObCuSLiDPhiRhm20CJO7eJ1ZCZPqiG5/CQ+leoi1MUamClwEq3eq46Cb+XiH7si M25UkRLCEwzO8IqJOCT+CCUVy3u+tiTp9aQr6edWd+4+5CN8cWPeLv28hCDLbd+iR9giV0lCJOUe +ACNYngD+pbu1G9mx/EDAyXe5uUmLiW/ECCp0H4ACDIYpJaEehcEap2J40xdOqLpkh4j/5ieQpuI YfO6TiCfRplveFGDj+miHyPuKpMVBCQ0sCIfa+ZiJUYpa/SH5Rwp2oRqcz3DSIV/VKsPOvD/euvJ Ie0CKOcfYDnHgmxEpJa/WOU6nPcoXjv/HEfHoHR+QRCyt+t/SdWqPTvCEB1BBKF/xnwxspnIHQIT qf2/7CAACBQOCQWDQJcLgYHQsQeBOpBG43ASBAQCIJBQRcP+HQOEwuBG4SCRut2OgCLQR4vGBKgL hcuFwCJ9PhMJwiQQ45uqDRaMxiERyBTGBTWDFgLwKSSE5yenQSahNcQOGQVum6CRKaJ+LUIvywAP 9UQao0+DG5PwR/0KVxuBBdMyi0zanVc3HOMxKzS6oWkAR+F0isQ69ACuQJ/xkAPGNy64TLDTe/jD AheRACSwSI2axS+BzSbVPKW/BwbN4a0gSvWAAXyO6MAZYAUsAXeO2tBV+/0LHzOowmBQykw6I2i/ WGhQTXXKBVKqYISQKrwKgWaT3QAbDZVnFUXJYi/EPecODQrrQMJ8fDFnEZ2hxTf07CgSsUanzCCd jKUizfbVIELKwM6pLIPi7KkPIkLSu89STsgAD9Bg/jZpMg60Iqih/k/ALxIG/COwmpbpgAdSKIdD blJeoiaQg0QYNipLaLPBr1oND7Ipwt7hsy2rFMK86DuAgsZIfEyixNDYsxMsSBEyLkQPJHiOpmgg COi1qYLjHCpPMk5BJ42KOMOp4uPVIToOlCqDzHFDZt4LknS2j7SJG6SsS/NbkoPJzQIQqYATQzE1 ILFiwrTJSDzKk7L0EAC8IETEEoLKyCTg1EIJu81AsxBbPxpSiC0U5s/wkpUrxHErwSAhzYIIbsro GTCxrVDaKDchrYye7znOzCTtqVTqDQ1JQuKwJMVKKsrJ0BSSDVlDUl1qpzQxckLopKElgqgoQCV1 Y8mt9FrJ1K2dr2ypoAC4TCHUQg8qXFXtrNo213L9RFbrfXTmy4g95qaLNdQ1EAkyqv0uT/eU1Uen saCxglCO/XrBIHV67u6VFoSNVaCRDCt6IHgWN5FkaHKrcuSZQ882jcOiBGbXTQUyqbhJFIiT2G+i OvtM7hqWiSdvZE8lMKAOX3062fzAC9ZpSh2ipi3zvoVlqB5s28aZSk5Pz1kiRykQWNazsWx7Jsqn 6jfiQV/s0/E4nNGRHIA6Cbtm67tsc27vvW975vu/b+ggAghwHCb3nHC8RxPFcXvgmmKCHB8ZyXJ8 pyvLcvzHM81wlyc3z3P9B0PRcAAmg9H0/UdT1SnCyT5OboAHIAgGCwBhx5UO7UICRLZqCCz03V+D 4Xh8YriLdLoJ/k4gXIAAYvaJRJ4IVmTipgJKVUgAHaOeP0uQeX4nw/F8e7pSVCxiyjgAmL5n2Hjd CBkFP5URNONIB2gRin/ppUOP9b5IAQBgExsAhY2BAnAC7FyL0FukFeqmlACYAADNGakeApRWEPNg HBuDkHTWlpFwCeCbgwIPsUcRSDRA2mhcciupkBQnzv9IFAggcJYPQ3hw+F1wAHBQKIEJcOYBDhwU KshUZ5QgdwVQwS0mj4IUw5ihFF1ITYEvNegyh/RJ3BOQhNCeKUX4wRhVYayMUZYzRfiDGeNUa4OP vXfGyOEcY5RzjpHWO0d48R5j1HuPkfY/R/kBIGQUg5CSFkNIeREiZFSLkZI2R0j5ISRklJOSklZL SXkxJmTUm5OSdk9J+UEoZRSjlJKWU0p5USplVKuVkrZXSvlhLGWUs5aS1ltLeXEuZdS7l5L2X0v5 gTBmFMN0RAQKZW5kc3RyZWFtCmVuZG9iagoxMCAwIG9iago2NjA4CmVuZG9iagoxMSAwIG9iagpb IC9JbmRleGVkIC9EZXZpY2VSR0IgMjU1IDE0IDAgUiBdCmVuZG9iagoxMiAwIG9iago8PAovRmls dGVyIFsgL0xaV0RlY29kZSBdCi9XaWR0aCAxMDYKL0hlaWdodCA1MwovQ29sb3JTcGFjZSAxMSAw IFIKL0JpdHNQZXJDb21wb25lbnQgOAovTGVuZ3RoIDEzIDAgUgo+PgpzdHJlYW0KgD/gUDgkFg0H hEJhULhkNh0PiERiUTikVi0XjEZjUbjkdj0fkEhkUjkklk0nlEplUrkD+lz7fL7lz+lk1m03nE5h j5fL8azUdjocbvfr8fszftHe72fC5WrBeDyeL5pb0eTwqL0rD3e70fDwdrzoz9brTbzAWDFXivYT odTpfD5fFIpLxeT2er1fUzf1Hc7ecbsczrmcGfb6fTxdzteTzebrdjzdrre1Wezmc7pdjrdzncTr vL5ws60mlkebeSFPasRyCUifRKrZC+aKxWS9XLIXqPTSHYLFXa7Wy1T6jVCGRa4Wazaq+WDHXiwY 1xfS/WjDNJiOpVNpaSiiSbEYa9Xq/YSqWjLRKMXSuVLIflGdTkdivS6zUCWUjFaLCdx5HcgZtmyb JYFUVpbl0ZxGEYXA0iwSBADsSZREyV5OkCUZhlsYhWF0WKkn600RxIjZ3naeBPEgVRLj+UZTEUVZ wnGcJRFYT5ZFuWRcl0WBmGSZBimCaBVlWZpXFOY55ruahnG8XBSGEqh8mgbJnP4YhUlWVxXlYWBo GSaZTlUZhYFaaZSlQXhkGQZsQngdh4lgVZUj0SA7k2UxPGYZxoIGZxmGuUJRF8WJbmMPQ9kg7o+k WOZNFGSJQlhNJdmMW5amAWsQxLTtPIk+J+nWdB3nYdJ2qseUQnirC8Hu+NYKMozEVgo6Xn0fjDn4 ukQqKfZ+MQfakn8vC5HvWlfvigaZneeZ3nDGZwHAcjIHegZ2nceBpmebZrnEbxxHMchum0obFnKd Bwnse56nieZ4HRUzR0/el63te98XzfV935ft/X/gGA4FgaBJmvJ6K0eCk12vi+ISmB9XaeZ6XdWG G4cgp4sYw59oSmZ73cfR8HvYd5oYmZ8qZji+qPlqjqtiZ6HvE53n0uR6noeebHzgmeo2vp/F6UhX moYJlHIcZy6SdBbluYTNnQdB0nMcx1HaaEnFgWBUkCRQ7koQpDm4aBtsmeJcF0Zhtm5pJvnCfC8G iZxm2weJ1HWeB5nqeVlqOY5YF3K5mlGU5glmWRhGmZZpnrJaErkfBdFrDhVFqZxgmGWhWGOVRXGG QxBEsSRBEWSI+jqWxclsYRgl6YJcFlWWfdmilhlKShaGaYxsE0TJVE8S5NE4R5EG+bxtkoTxWl+Y 5rkiQhWEWQ48kqRQ+UWRBAjUS86FySZKFGVpTlSXRWlNjR1FIUxgm2bZ0kuThNG6cBtWWlxXlaYJ dl0ZRSlGLMQwdQ6C3FmLUcq6CuD6IMZ0dIvRTiwFMJcWwyhkjbEiJAUokBDiXEoIYQYmxJCJD+IE TojBHi6GmM0bwqhTCdLyPN2kMSIEzG2Nob41hsDhGWL0YgzxljBGAMQY40xpjpGKMQb7Nh9jiW8N 8aQ0zOjrHAN0cKZhgDQGYNoaSQRgDDF0OYdA5SBjiHAO4dg5R2DJFuMAcw3RyEDVsNcbQ4WqGRKi Ogcw4hqDZbcOAdY5BvDqIMV0e4thVi3FoLYYYyRgDRGQLcX40xnDIGmNUZ47x3j0GQMddA5h4jaG gOI84vlcwKhlKchyoR2jvHuN8b47RsjXHKPtX5Ax7D2KoPcfLCB7jtHUUQoy+iZjsP+PgfEpiJj4 HqPkeo8B7SomgQ5bY5w8hyFgIAPQnRChzEgZMd6oRVi5FumEZguBai8FOJETY7h0jpmjO+eBGBuj WHIGoKYghDhwEuKIQAoxrjbGsPJvYxhkvMGOMFHQuBLCWFeOQcqAZ40RokQ4d46x4i+FcModg55M yZHMO0c49DKjnHOOMcSM52yfGyO5mw/KJ0vphTGmVM6aU1ptTenFOV+q9YWUVk5LlQqhXmOszI8J MExJ7T4go7kTlYHcqwdqsI4FJVwTIl0tpdkxHwwtZKuR+DSGaMcpY9ZaVWJoRcmY+paRKrUPsu5U l2jkHaOMeo+Gcj3HgyYlhMy7jzZaQNWY+WIsLr0Qcuw85jD4IqO5u7e4YELLuPAbI5hpkxHuRIaI 2Rpp8NmLYXEgB1DcG4N4XIuRijOGWNEbY0xoUIGMMUWQvC5M8IEL4YQuRWi1FOJwT4mBqDTGs1ga QwBfDMFK8qsMFDdDXGZacYIwRhC8GIK8XAqzNjmIHacXQv6EI8F6LUV4rxfC0F0J4SojRo2sE4Js TZ0BhjeGuNNXLHSBDyMaOMcipx0jnVMOMoo/C8D1FSKYUQshUi5FQK4WAjxFB6EcIMRIbxAByFML JQgzRdVpZsOlpQ6hxDjeMN2kg5h04fXaPUcw3C3tVHRfwbA1BujpHIOEdsvh0o0Gwj9K4xhzriFk LUUpXB6rXl8N8cQ2xdi3FyOUcQ3WsDGWgN4gwxRljGGqNkaUNxwC/Fu4uSo0rMjETWNIZIwxnDOG ILcU2BxTCsVLRAf66RxDSGGNMW4vRYitFsJ8xFiiIjMF0MMWonhVhpCycgQQmxEiHE2IcPYhRKiJ D6MwZQwDjC1EsJMQ8t8hkCGwMYZ1uBiC1FXjw+johRB3DGGYUInBMDRGiM0VoohMIvEwKUUQmhUC TE2KgRYpRxRzIGL8XoyBhC+deK4VSZhPikFQK0UYmRKyQFmJYRQhxMh7ESKwSgqm4VbKSMAW4xBJ iEEcdEVIvN1S0H4Y0eIlhOiNGALMXYoxBCSEGGQQolhECtDuHESgjhGChGWMQYhMxrjZHSJARQlB FiLD8J4UAlxOiIEeLETArBZinGAJoSIsBGCHE4KITYpA/hsDRgQT+vBWjGdaJYTIi0bieFhrUVAj xSj2b0QMbQ1huC3FgLgVooX5IEFmLAWcFBiEGGmMEZwzxgjPE6J4XIXgvCAEwJITYqRPo25IHcP4 hxXC1Fvs8Two9aNyGYQMXgsRjiaEprMTwrhijCGVYUhi5B0DVyyK8Wgvhhi7GPPNb085Oj3mNfEb Qts8mImQxwdpkWcj2ZsPocY3hsrkuANsbtTx6LoHIOQdA4h1GeW+OIV4pxcjrHVnBJY8hzjhG6zl dzOWJj4lXKxuA8TNjNGH1ITosDFDvMOPobTcu6i5GYNEbQwhhjgVCsYZgwHAi4GgNUZA2xfi+GWP EeI9BqDRG6O0dJkMOEzjIO8WwuxgDAdfjmHwtRlDQGVZoaQ2xbi2GQmAaAxhfjhhdBZBjvBhghfB thhQBhvBtBtB0BvhuhmhiBsBeheBnCeJkDFIpBuBqhohqhtBqBoB1BuhuGpJfCDBwhwMPBwrQhvh yBoBorRwPMOBwIwBzwOh0hqhsHjPZL9hxGKFrCBG6hrhuI/B0h1F3wfoZijh1EZhchRhVh3QoB1v ImNB5h0D6DHB7BxBvh0hvBqhvE4B3l5hwQOhsk+CNlYLEl5q7mRpkCBhxm2FSh3l3B6hzo0Bvo5B wBvhwKDhfsQldCuC5iXEQhvhqhwh3h0wkCGFciyBth3F2K7B3m+CLkQilplKRLvhkBzhvhzhbhMh dB0hvh1GUi4l1xCBqDEB8mrGFCkiHw0KRB2PQqSGlKPo8B5ieB9pjCeJdGRB8qQB1sZB1GqDGKnp 2Bzh6jKiNh5vvBWBQhQBOhPhWhmhmhxhiBehshVhPBcBOBFBThtBphuBeBZBghRNnBmPlsShxNjB eBoBpBrhdhfBkqph+hntQPpv6OohZNxBYLvhkhdBjBjhYhbNYBoBdBhBmBSBRhnhhRrQAhjhdxxE piBkthXBiBhNRhUhcBPhHBLBLhDBCM1hcpEhpBoBoBxyFhnBdrTGdh3iohEhJBKloByBphfhiMuB ZBaBeBdhxh0M4DKh7hZBSheBusYBUBGBUByqHBehjhgBuxNiBqRB7I1uChihvriBrBfP9BMhKBUL mhpuKhSMsBtBOBIBQhvBphrhcBQBTBohlhkBQhRhYvyh4BfEFRpBqBix/F2LLiBI+BvruBnBjBYh dBXnhBCA+g+A/BChQgzg0HfhJBeBfMuhPBIhVoMkthVhaBihgBjtZhZBKg/BJBehVBWBXkthuQWC 8mSRWCKC4h8kEhphahahsluhvpGBlhhhchhhIhBhLhvBwhvhZhhhZychehthqBqP2BgBEBGBUjxB tKDhtrACjBjPuNlBYBOBUBPA3BDA2BJBLBGhNBEhGhMBLhUBGhHhaBLBHBdA3gwBLBvhtBzENhjh jBgBlKythhlBghpBnv6hohnhbBeBbhWBYz6hehvzjhvqTB0hrhlhrhZhRhfQ2Rjh6hRBYhTSWB3h ThSBUg4g7hOhVBXhlG9LaB/vKhbhShcQRBvhUhXhXB1CgrwBWhsNYCBh0h0B4hGBChbBJhFhXhNh HhUBLBBBOi0BgiuB8x4BhhosXodhmQtBuhThVhahhhkBrLjhjGzBUuMhThLBWhPhJBVqiB2u2TIB fzIBdJEBNhRhbhKhOBgBWhUhnA9AzhHBbhTkdBRBctrBThRBUBTBTBchTpLBpy7hm0zhchnI9hdB cEBhuB0onhsrZiMEQqylgJaLBPWh0hnhuBlw5JMi8Pil2B6QpB5kBh2FiiYL6B/lhwSB0B2lxMZB kjxBgrSuDBrhYGiCgh6BwhtvYhvpZq1HGh7RYl1xjxAJjvQh2RBKfliB5i8CvB6DQieKjB3EQhyB zh4BuKVh3h3Q6RQiuxAh/GUiYjDhnJJBsBpBsIwhxjHPvGcMWh2BMhHhUowB2BrBkhrh1jBmRQ2i EFkjGljlcB1FSFg19h2FTB3hxByhzlkiBnGh5jMByF1h7mJ1yixh+hphlBqmcRbVkvRQih0vEKtq riWG5BoBSBRBQVFBlloBxBkhnBpBlhntALqBrocBym7htoyKABvRfh2imGEDKl5i4qxirB42Kr7F sVUJcClh8kTh21ZhghshvGihkBiBqMrhYBaVEhjhkygBcQ8h0Bjhihpxgh1wtBzFSh1BwByhtJdS 9h/pdB8ByBzBxj2vlWyz6BkhlWZh1C3hlBhhl0aBpBOhIhKmlByWRpFhmhtKABWhQBUjoBpGgCBx oBUhgBdBjhLhFhLhnhqhlhgO6sWBvhzBwq1JkCeB8qBB5hd2rhqBrBtLBK7OdRUJ20cRlBdhfhfs eh1mR1y1V3f2RhmBkBmBun2hwlxhmhmBlkcheBP3oBXBSBWmph4CBqBB5BihlBjhsOEofBkudLHi OBdtBBJBPhIA4g6g8oChcDeBJBQhKhRhKBGBRBGhIBKhKDXhCA+BFBCg8BEBq3YBVmhBmBpBnC6B /BlBjBlhEA9X5hEhSBOhTBR03BNhyhwoxCBVFBjhMEVBTIWX7BLHJhauiBNEhBkBVkPEZhyhRBSh VhYIHhQBPBNhJhQBBhNBQhKBxByBxCBhuOfBMBCBNBAg8BMTzhOgwg8g3BRhWBVSUhbBFBHg/hGB LusBNBLmqGqRghLBOBMhYy4BUhRhawFI3iChVjjBiBkBhhNBShIhRO0BMBSBQR/BeTSBVRjh7EQh fhjBhhcBg46s2y2hnBbG/hQBWBNBlosBDhKBFBABFg9hMBHhKBV08BWhYhaBqBsBq3VBZhXhYhl4 FJFhfP5hkhcriA+BEBAA+hAg9g1Asg5INBOhiBghmiBz+BrBHhGBFDbBUhUBYBO1qiPXjhvhiBbB gZL0XqQYLh0G1hxhlswBfs0XtBjkNheBkhmBfi5B9DgUqjfq0paBZBWhcg+hCBFR/QChoBhhUU/j BB1iBi7B3hYhXhVBhhhBgBtBwBrh2Rg41BmhuvM2dhvm8h5W7B0o9hlhjhovAyFhLzz4eBwiBnjB yBZlDM7vAMyBhBnhkBw4dh1qiBnhtBnBwIyItButvmOBuBsWFjBowB02KCDC3BzBshwz4lxBzXSx Nz4IchdhghiWKEQlAhmhbhWhZpYhphkMyBjBhBhBbBWBWo5BqBfBay0hIBTBQBOBSBbBfBehADYB gBpBixUHABUBkhnhjhrBmhqBuBqBtlwLNBohmQNBwhmBmr0hqBrrDiBxlB4a2hnhvByG2FoVJiNF mD/2EB3HMBiFZXUB8RcCHlhy9K1zpB9hsZ8qBB6Kqlfh9jHGdDDiZr50YRjDKhiBfBgPIh2FjlXq lB/mUPEM+xeGJh4hnhnhkhcDglcB9BhhqBhhzjOrLbNLZvYhzBsBnhsKvXVLZleW4Cwh1KMhUB1B 5B0R5CqB8ByhuByudW4mPCXW4GZB6CeVxIxhuBzBehVhijLCBqyilpeh5h3KMhVBvh0BvFYB1h3x RCeKvKpF7FhhPBNBVBfhdBeBHhRBGBZhkBZBTBiBOBQhfBCBlBrhfBqifiBm4B8hshrBwBkBkhmh bBXBci3BzhmBshlHEhghFhYA+hlBthcj4q3B5B7nYBeBcBaaphWvfhmBqmgCZhVhgBVBsBxhrBaB mBQBXhjhNhZqMWrhoBZ4PuYoMBNBU6PFsET8BhGhaBkhZhXBjhThkBshfhWhihNBVhZBXBXBWhdh e8ZhNhGhMkrBvBYsFBpa6EQhqo9BOhehKBZhlhNhLBbhDJcJniBFvhsj2haTJhUhaOxkUB2Fyo5h 1huvrBRBlvtBJhWBJheDzBkTb2/hxiBhcBchfhYBUBYvRByBahjhbBphwdJhzBlimB5iZhhhgLUh mhlhThQBRhqp/kCBwjOB1PxMswQjAhrB1B4BxO8CUmgZ5hZm5JHnNZ5BahXBduJhSHghNhKBZBTh T4fJK3DUhg9BCsuBiJ2hzhQ9zBKBNYZBThKhMBTBQ0KDKh8Z50+hFsGBEBEU+hXqvNhheBh9dBpG hhOBDBJhGDhharWBrhUBNhMBAAzA2BQBSBQjIB1klh3hWSEPGR/BlhdwOBlZehSkbnKs9N5haRth JVCXiP957GWBrBu+ABXBOJIBaDyhhCDW2ByBUE0kKoHoWDZhgBLBDBPBThUYXhcBQwchrhThTBP2 rhfLqhUBuBnho5bBsBrBpsX2aBnnghRhGBMBDhcBiBVB5B6M4JEdT7SBNBIBJA9A6hAhDnSBeM8B M4rhlNPhIBLBAuxhWixicCZjFMasORRiqB9b1yWB4hh7SBdTIiB1q6nBQhZhWBUWIRFkaB2BxPSB vQZ4eB1RFmPi8lxBwBThWBPDIVl2S0TbGlYDGh6vIiwjFJjB79MBbMz0Ri7K7t2MT/CRUKqsAGJs +1oJcmUvECuFU/CM/VWCjDHbMPHC4iDbqL7B42ob7QeB0vqFAufB2EUfPG9HGh0Ip+yQwij1LJaF ihvBvQbhrQtxECDI8hwhoBmhlXPszhkBlS7hihyhuhxO+BxrEhkBjCANJvthwP6DP+EQmDP18PZ6 QZ/Ph7vh8xWExeMRmNRt/P1/N5qtN5PB2uVzuh6ylvNhwttpuBxtpwupxOhZJRROVut9yON2O10O 6IRl7PZ9L9bNmGvlzuBzuxxutyNtuMFgsl1ul2v1+PyEvl9PtxOR4sJet5rs5yPx9vywvpxNVwtR itFTKVcNdotyaOF4O51xCIPd6RJ7PmNv+IL1csN2Ol1utzON0up1Nlu5F1PR6PJ7vp9V7Exi2Ppp MthOx1OWEvt8vt6POJ4d8PV8uZtuZpsFnvmKV+JRR8PN6RV8aJ/2x+NBjNVsstmtFdtFisBhstkN FWKJdMZeMPTr6uvtyuJ4MljN92OV3OKWO1zO1xttsvF5PRZLJhNJoNd1nQcp4PsdDNsieahtGxSD GwY5lmmYxilqWpbKobxZleahvm0dJQkKVBDjGRxQEIUBdFMXBTk2Ur/nUWJRFqZ5jmYeZ4rAfLkM 6exUEoWRqGWbBTkkVJIDuRJRk4VJAjiRZZk0UZ7PuhL6HQRREloRg8lIZpfGo5SEmaZRnF2WZdFE SMjkWSZCD+PpXFmXa2rcfB9FeT5dFYTpcmaYBnGSYBjksTBRlETZZEaOBDFESpMEIRBEEkTRaEcR phGIXhqlnEqsnehLVHcWZZF6aZjmeYBVlgVBVFQS5MlIbhunKjp/GAV5kFESBXlARJUF4UhdGZGR bleWzgomfBZQkUJSF+SxKGOWpWmY5SJHyTRAFCYJYF6SRCEuMAtDqOIojcP4xjiSBJEmYBgGYfqP GRLhTEwW5rmYbBSEUVBtmcbxVFIVpeFiYROEWThfFwXpKk2U5QlEYhQEyYhWFAYN3H9BMFH8WhZl oYJfmuWJXGibZtHUYZemWcpwnOZheGWXhVmEZRjGgZpmmoY5emSdJwnAaBqGiaJrmybRtHad53nu r57nyYRXmEYxhGmXJfGGWpZmAYhYl+Wa7leWRbvufCEnGmZbFeXxiFuY5o6kfTXoSdJzHWaBgmMa RkmIYplGgVZXGeaZonRWR9TmXhTF0WRUl+VevkiQJMDwLY5EuQpCkGQZCE2UhhlSV5oGQYxuGgZ5 unYc51loT5cHKcB0oSZ5hGeTxDkeWJUdwVRbDuQRXlGS5hHKb521kYBWmGSBBk2ThOFKWRaF8cia 1KYqHM9OZUFYZhUk2YpWlKYBbFaYB9rCsB9FSWRXlyWBiFWTZXlRdJmmGYRKE4XZjmUb5omQcJXR +jWGWNcbC9h2tHgINofBFBnjEGgfMbgvRfi9Z+N1jg1RnjFG8LYUouhQiJFOxZjBEB3jxHsOYco9 B4juHqRIt4+13D9IyRUirbzEkQfKPxBDGCNFhNcaEfhHoeRDiIRBt5oCwjyPuOUbg4meDhMgOkdk JR7j3H3Ds1pYSHD3hEQgwg9R0jnHEO4d48Cfj0HcO4ew94WlchkQgdA6xxivGAK4d48x3ETHzFgj BFTXJzfO2+K5gh/NMjYPMe0P23o3XcRWHRBzSJxLbESG67iYjiHCNcccfIemvGwNIcA2XSjdGsNp CAuxejHF4MVCAxxkjIGIMIYY0xnDcHAN8dIvRaDJGOMUZo2RpDhHQOIdQvhXC+HyROSky5mTNmdM +aCCZCGCmjNWa015KDuHYPARAexGCDEAH0RCjBNigE8IgRwjxojSGqLAUgshRCZFcJkSQsBdi5GQ JUTgnw9huEIJQRYmRcC2FkKUWIpI1j2mxQuhlDaHUPohRGaMCx6jIGeL0YAyxfDbG8NuW45iajkH sQ0dY5x6DnHKOobA3CZE9HQOQdY2RrDXFAKcT4vBfi8HCN8c6XqJU/qBUGoVQ6iU/OUOIbY5B3js HjUWp1T6oVRqlVOqlVarVXqxVmrVW6uVdq9V+sFYaxVjrJWWs1Z60VprVWutlba3VvrhXGuVc66V 1rtXevEyyAgKZW5kc3RyZWFtCmVuZG9iagoxMyAwIG9iago2ODU3CmVuZG9iagoxNCAwIG9iago8 PAovTGVuZ3RoIDE1IDAgUgo+PgpzdHJlYW0K////OokUAjuRQvP/NxZqchPQzIiqcSe2Ii/+RL1Z +0qwKoU6Pod10MppzwGAOnOTC0ActrFDbNNzaxgwxBR7dD4ArnyIJE1Sjh1UDlfIomMIvhm6AoaO dfGmpra6ISv4Itp1qv/D/Y3gUZw3GT+bIf202/87anUtEBvjyz0OxF/oOQrn/Ad13VgSFHJRsJRP ZHBPoNrEzevfsbYcv3p8qLSGkLGNBY7mF6NZaFPuuLheB1g5yyYkq9fbyJZVRD8Jy8+7WdRJP+zs mVU/hw345hRQH992RItNH1PkdJgjfmPyObzHg/yzcJYJsB0WqAQq+CMKb2iWvYfpofyCxXrmuLSj fzigM6g2PFhUUwBYfvl8iWjkHyZrCchni43ickaXFcbPtfl36zbQP4rQmAjKFJEz+LFZY7ohy0av rbj1Rc67FIO1jG/rXK92LUd++FsQK1PBhbd8poLCVTB7S3VJBorNuxY9p3PsHaE0nJmPrMXjbkqb 6vAdrEZOKJHDcphNP1RkfPvXaRl5nbYSLGLXENAiq7sTyWdZGJDr2wKEKUHYjb7TZSft3sSj8fEG yQLX662S/nf6WI+KRGuMyJXOoCKMdIizYmd4BVlpDCJs4w4ZdQ2RcGUh+qqNh3IiVRNF4YfNlek1 Du+OePuw5N+//lTMj8Uxsb/bPkZOYJxhpX7pcxPSqCLCNpq953+cpn3xcg22pL52gP29z11ZMAPX GXbr7B8NrlaobD4nCeSk+leysfxwKH1t5UzLP33PFpdFAoRlEDO7uJ/64KjfhaM3N1QzqHyxFmL9 4qF7sbgT9ruXXMvKGIRqEmUS8eq1KCIKXMqHDeHqC8OMh3REmmsAMcfM/OBRZvK2eeShLg3DOWmO wXdvq4MyNwqmfKUSfNfZSdO6mjqsULOR8uKetRsIQ9x/s4gD5b8NjDuzn7iKeQJdM5yX3+1LcN8t D5RIF9gll4ytm3JtqP+pXJ5i5hdkREoA3CrtJ5rMVKphncI6w1nHcPQ53p04h/nW6eDtTSQ4CmVu ZHN0cmVhbQplbmRvYmoKMTUgMCBvYmoKNzY4CmVuZG9iagp4cmVmCjAgMTYKMDAwMDAwMDAwMCA2 NTUzNSBmIAowMDAwMDAwMDEwIDAwMDAwIG4gCjAwMDAwMDAxODUgMDAwMDAgbiAKMDAwMDAwMDIz NCAwMDAwMCBuIAowMDAwMDAwMjkzIDAwMDAwIG4gCjAwMDAwMDA0OTcgMDAwMDAgbiAKMDAwMDAw MDU4MCAwMDAwMCBuIAowMDAwMDAwNTk4IDAwMDAwIG4gCjAwMDAwMDA2MzYgMDAwMDAgbiAKMDAw MDAwMDc0NCAwMDAwMCBuIAowMDAwMDA3NTMzIDAwMDAwIG4gCjAwMDAwMDc1NTQgMDAwMDAgbiAK MDAwMDAwNzYwNSAwMDAwMCBuIAowMDAwMDE0NjAxIDAwMDAwIG4gCjAwMDAwMTQ2MjIgMDAwMDAg biAKMDAwMDAxNTQ0NSAwMDAwMCBuIAp0cmFpbGVyCjw8Ci9TaXplIDE2Ci9JbmZvIDEgMCBSCi9S b290IDIgMCBSCj4+CnN0YXJ0eHJlZgoxNTQ2NQolJUVPRgo= --------------010104080803070301020205-- From pana-bounces@ietf.org Fri Jul 06 18:42:08 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6wV6-0007oo-Ms; Fri, 06 Jul 2007 18:42:08 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6wV5-0007oT-9q for pana@ietf.org; Fri, 06 Jul 2007 18:42:07 -0400 Received: from mout.perfora.net ([74.208.4.195]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I6wUq-0001Ng-1B for pana@ietf.org; Fri, 06 Jul 2007 18:42:07 -0400 Received: from [77.67.190.110] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis), id 0MKp8S-1I6wUA0W7o-0002ra; Fri, 06 Jul 2007 18:41:19 -0400 From: "Alper Yegin" To: "'Sam Hartman'" Date: Sat, 7 Jul 2007 01:41:00 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 In-Reply-To: Thread-Index: Ace/0dz9NUcjG5ZbQQCMzPfhG/TQiAAS3VcQ Message-ID: <0MKp8S-1I6wUA0W7o-0002ra@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX18YsjChIu0IZjGmOO0SWSnp5Hqm8rIdUyCLt/l JHloq9nReXVtXfYSVeqSYASO+Bti5N/UiM9wfxsKFUvQQnBAMn uss421NGmk1Mmw7r4SSaw== X-Spam-Score: 0.0 (/) X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2 Cc: 'Mark Townsley' , 'Jari Arkko' , pana@ietf.org Subject: [Pana] RE: Sam's IESG comments X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org Sam, Thank you. Let's see if we can close the opens until than. If not, we'd like to get on your agenda. I'll send you a separate note on that. I think we have reduced the list down to two: - Version number management. Need more thinking/discussion. - Necessity of data integrity. I had sent a response. I wonder if it made sense, or you'd still prefer to change the language in the document. Alper > -----Original Message----- > From: Sam Hartman [mailto:hartmans-ietf@mit.edu] > Sent: Friday, July 06, 2007 4:31 PM > To: Alper Yegin > Cc: 'Jari Arkko'; 'Mark Townsley'; pana@ietf.org > Subject: Re: Sam's IESG comments > > If we are not able to resolve this before Chicago, perhaps we could > meet there and try to come to resolution on these issues. > > My schedule is still relatively free. _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Fri Jul 06 19:38:46 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6xNr-0007ce-LO; Fri, 06 Jul 2007 19:38:43 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6xNn-0007c9-6A for pana@ietf.org; Fri, 06 Jul 2007 19:38:40 -0400 Received: from mgw.toshibaamericaresearch.com ([165.254.55.12] helo=toshi17.tari.toshiba.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I6xNb-0006FE-IJ for pana@ietf.org; Fri, 06 Jul 2007 19:38:39 -0400 Received: from steelhead.localdomain (tarij-95.tari.toshiba.com [172.30.24.143]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id l66NbZav031332; Fri, 6 Jul 2007 19:37:35 -0400 (EDT) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.67) (envelope-from ) id 1I6xMf-0005Ly-UJ; Fri, 06 Jul 2007 19:37:29 -0400 Date: Fri, 6 Jul 2007 19:37:29 -0400 To: Alper Yegin Message-ID: <20070706233729.GF17506@steelhead.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Content-Disposition: inline User-Agent: Mutt/1.5.13 (2006-08-11) From: Yoshihiro Ohba X-Spam-Score: 0.0 (/) X-Scan-Signature: 4166dd0e0c668adc975c3d3e0f1bce3b Cc: 'Mark Townsley' , 'Jari Arkko' , 'Sam Hartman' , pana@ietf.org Subject: [Pana] Proposed changes for algorithm negotiation X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org Here is line-by-line proposed changes to support algorithm negotiation: [1] Change the following paragraph in Section 4.1: " An Algorithm AVP MAY be included in the initial PANA-Auth-Request in order to indicate required and available capabilities for the network access. This AVP MAY be used by the PaC for assessing the capability match even before the authentication takes place. Since this AVP is provided in the insecure initial request, there are certain security risks involved in using the provided information. See Section 11 for further discussion on this. " to: " If a PANA SA needs to be established with use of a key-generating EAP method, PRF and integrity algorithms to be used for PANA_AUTH_KEY derivation (see Section 5.3) and AUTH AVP calculation (see Section 5.4) are negotiated as follows. The PAA sends the initial PANA-Auth-Request carrying one or more PRF-Algorithm AVPs and one or more Integrity-Algorithm AVPs for the PRF and integrity algorithms supported by it, respectively. The PaC then selects one PRF algorithm and one integrity algorithm from these AVPs carried in the initial PANA-Auth-Request and responds with the initial PANA-Auth-Answer carrying one PRF-Algorithm AVP and one Integrity-Algorithm AVP for the selected algorithms. The negotiation is protected after the MSK is available, as described in Section 5.4. " [2] Change the following paragraph in Section 4.1: " When an EAP method that is capable of deriving keys is used during the authentication and authorization phase and the keys are successfully derived, the last PANA-Auth-Request message with the 'C' (Complete) bit set MUST contain a Key-Id AVP and an AUTH AVP, and an Algorithm AVP for the first derivation of keys in the session, and any subsequent message MUST contain an AUTH AVP. An Algorithm AVP MUST NOT be contained in any PANA-Auth-Request message after the first derivation of keys in the session. " to: " If a PANA SA needs to be established with use of a key-generating EAP method and an MSK is successfully generated, the last PANA-Auth-Request message with the 'C' (Complete) bit set MUST contain a Key-Id AVP and an AUTH AVP for the first derivation of keys in the session, and any subsequent message MUST contain an AUTH AVP. " (Note: I don't see the need for including *-Algorithm AVPs in the last PAR/PAN exchange if the algorithm negotiation has been made in the initial PAR/PAN exchange.) [3] Change Figure 1 as follows (added algorithm negotiation in the initial PAR/PAN and removed Algorithm AVP from the last PAR): PaC PAA Message(sequence number)[AVPs] -------------------------------------------------------------------- -----> PANA-Client-Initiation(0) <----- PANA-Auth-Request(x)[PRF-Algorithm, Integrity-Algorithm] // The 'S' (Start) bit set -----> PANA-Auth-Answer(x)[PRF-Algorithm, Integrity-Algorithm] // The 'S' (Start) bit set <----- PANA-Auth-Request(x+1)[Nonce, EAP-Payload] -----> PANA-Auth-Answer(x+1)[Nonce] // No piggybacking EAP -----> PANA-Auth-Request(y)[EAP-Payload] <----- PANA-Auth-Answer(y) <----- PANA-Auth-Request(x+2)[EAP-Payload] -----> PANA-Auth-Answer(x+2)[EAP-Payload] // Piggybacking EAP <----- PANA-Auth-Request(x+3)[Result-Code, EAP-Payload, Key-Id, Session-Lifetime, AUTH] // The 'C' (Complete) bit set -----> PANA-Auth-Answer(x+3)[Key-Id, AUTH] // The 'C' (Complete) bit set [4] Change the following paragraph in Section 4.1: " There is a case where EAP authentication succeeds with producing an EAP Success message but network access authorization fails due to, e.g., authorization rejected by a AAA or authorization locally rejected by the PAA. When this occurs, the PAA MUST send the last PANA-Auth-Request with a result code PANA_AUTHORIZATION_REJECTED. If an MSK is available, the last PANA-Auth-Request and PANA-Auth-Answer messages with the 'C' (Complete) bit set MUST be protected with an AUTH AVP and carry a Key-Id AVP. The last PANA-Auth-Request message MUST also carry an Algorithm AVP if it is for the first derivation of keys in the session. The PANA session MUST be terminated immediately after the last PANA-Auth message exchange. " to: " There is a case where EAP authentication succeeds with producing an EAP Success message but network access authorization fails due to, e.g., authorization rejected by a AAA or authorization locally rejected by the PAA. When this occurs, the PAA MUST send the last PANA-Auth-Request with a result code PANA_AUTHORIZATION_REJECTED. If an MSK is available, the last PANA-Auth-Request and PANA-Auth-Answer messages with the 'C' (Complete) bit set MUST be protected with an AUTH AVP and carry a Key-Id AVP. The PANA session MUST be terminated immediately after the last PANA-Auth message exchange. " [5] Change Figure 2 as follows (removed Algorithm AVP from the last PAR): PaC PAA Message(sequence number)[AVPs] ------------------------------------------------------ -----> PANA-Notification-Request(q)[AUTH] // The 'A' (re-Authentication) bit set <----- PANA-Notification-Answer(q)[AUTH] // The 'A' (re-Authentication) bit set <----- PANA-Auth-Request(p)[EAP-Payload, Nonce, AUTH] -----> PANA-Auth-Answer(p)[AUTH, Nonce] -----> PANA-Auth-Request(q+1)[EAP-Payload, AUTH] <----- PANA-Auth-Answer(q+1)[AUTH] <----- PANA-Auth-Request(p+1)[EAP-Payload, AUTH] -----> PANA-Auth-Answer(p+1)[EAP-Payload, AUTH] <----- PANA-Auth-Request(p+2)[Result-Code, EAP-Payload, Key-Id, Session-Lifetime, AUTH] // The 'C' (Complete) bit set -----> PANA-Auth-Answer(p+2)[Key-Id, AUTH] // The 'C' (Complete) bit set [6] Change the following text in Section 5.3: " The PANA_AUTH_KEY is derived from the available MSK and it is used to integrity protect PANA messages. The PANA_AUTH_KEY is computed in the following way: PANA_AUTH_KEY = prf+(MSK, PaC_nonce|PAA_nonce|Session_ID|Key_ID) where the prf+ function is defined in IKEv2 [RFC4306]. The pseudo-random function to be used for the prf+ function is specified in the Algorithm AVP in the last PANA-Auth-Request message. The length of PANA_AUTH_KEY depends on the integrity algorithm in use. See Section 5.4 for the detailed usage of the PANA_AUTH_KEY. PaC_nonce and PAA_nonce are values of the Nonce AVP carried in the first non-initial PANA-Auth-Answer and PANA-Auth-Request messages in the authentication and authorization phase or the first PANA-Auth-Answer and PANA-Auth-Request messages in the re-authentication phase, respectively. Session_ID is the session identifier of the session. Key_ID is the value of the Key-Id AVP. " to: " The PANA_AUTH_KEY is derived from the available MSK and it is used to integrity protect PANA messages. The PANA_AUTH_KEY is computed in the following way: PANA_AUTH_KEY = prf+(MSK, PaC_nonce|PAA_nonce|Session_ID|Key_ID) where the prf+ function is defined in IKEv2 [RFC4306]. The pseudo-random function to be used for the prf+ function is negotiated in the initial PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' bit set using PRF-Algorithm AVP. The length of PANA_AUTH_KEY depends on the integrity algorithm in use. See Section 5.4 for the detailed usage of the PANA_AUTH_KEY. PaC_nonce and PAA_nonce are values of the Nonce AVP carried in the first non-initial PANA-Auth-Answer and PANA-Auth-Request messages in the authentication and authorization phase or the first PANA-Auth-Answer and PANA-Auth-Request messages in the re-authentication phase, respectively. Session_ID is the session identifier of the session. Key_ID is the value of the Key-Id AVP. " [7] Change Section 5.4: " 5.4. Message Authentication A PANA message can contain an AUTH AVP for cryptographically protecting the message. When an AUTH AVP is included in a PANA message, the value field of the AUTH AVP is calculated by using the PANA_AUTH_KEY in the following way: AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU) where PANA_PDU is the PANA message including the PANA header, with the AUTH AVP value field first initialized to 0. PANA_AUTH_HASH represents the integrity algorithm specified in the Algorithm AVP in the last PANA-Auth-Request message. The PaC and PAA MUST use the same integrity algorithm to calculate an AUTH AVP they originate and receive. The algorithm is determined by the PAA. When the PaC does not support the integrity algorithm specified in the last PANA-Auth-Request message, it MUST silently discard the message. " to: " 5.4. Message Authentication A PANA message can contain an AUTH AVP for cryptographically protecting the message. When an AUTH AVP is included in the last PANA-Auth-Request and PANA-Auth-Answer messages with 'C' (Complete) bit set in the authentication and authorization phase, the value field of the AUTH AVP is calculated by using the PANA_AUTH_KEY in the following way: AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU, I_PAR, I_PAN) When an AUTH AVP is included in any other PANA message, the value field of the AUTH AVP is calculated in the following way: AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU) In the above AUTH AVP calculation algorithms, PANA_PDU represents the PANA message including the PANA header, with the AUTH AVP value field first initialized to 0. I_PAR is the initial PANA-Auth-Request message with 'S' (Start) bit set. I_PAN is the initial PANA-Auth-Answer message with 'S' (Start) bit set. PANA_AUTH_HASH represents the integrity algorithm negotiated during the initial PANA-Auth-Request and PANA-Auth-Answer message exchange. " [8] Change PAR format in Section 7.2 as follows: PANA-Auth-Request ::= < PANA-Header: 2, REQ[,STA][,COM] > [ EAP-Payload ] [ Nonce ] * [ PRF-Algorithm ] * [ Integrity-Algorithm ] [ Result-Code ] [ Session-Lifetime ] [ Key-Id ] * [ AVP ] 0*1 < AUTH > [9] Change PAR format in Section 7.3 as follows: PANA-Auth-Answer ::= < PANA-Header: 2 [,STA][,COM] > [ Nonce ] [ EAP-Payload ] [ PRF-Algorithm ] [ Integrity-Algorithm ] [ Key-Id ] * [ AVP ] 0*1 < AUTH > [10] Change AVP occurrence table as follows: The table uses the following symbols: 0 The AVP MUST NOT be present in the message. 0-1 Zero or one instance of the AVP MAY be present in the message. It is considered an error if there are more than one instance of the AVP. 1 One instance of the AVP MUST be present in the message. 0+ Zero or more instance of the AVP MAY be present in the message. +---------------------------+ | Message Type | +---+---+---+---+---+---+---+ Attribute Name |PCI|PAR|PAN|PTR|PTA|PNR|PNA| ----------------------+---+---+---+---+---+---+---+ PRF-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | Integrity-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | AUTH | 0 |0-1|0-1|0-1|0-1|0-1|0-1| EAP-Payload | 0 |0-1|0-1| 0 | 0 | 0 | 0 | Key-Id | 0 |0-1|0-1| 0 | 0 | 0 | 0 | Nonce | 0 |0-1|0-1| 0 | 0 | 0 | 0 | Result-Code | 0 |0-1| 0 | 0 | 0 | 0 | 0 | Session-Lifetime | 0 |0-1| 0 | 0 | 0 | 0 | 0 | Termination-Cause | 0 | 0 | 0 | 1 | 0 | 0 | 0 | ----------------------+---+---+---+---+---+---+---+ Figure 4: AVP Occurrence Table [11] Remove Section 8.1 (Algorithm AVP) and add the following sections instead: " 8.X. Integrity-Algorithm AVP The PRF-Algorithm AVP (AVP Code X) is used for conveying the the integrity algorithm to compute an AUTH AVP. The AVP data is of type Unsigned32. The AVP data contains an IKEv2 Transform ID of Transform Type 3 [RFC4306] for the integrity algorithm. All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) [RFC4595]. " " 8.Y. PRF-Algorithm AVP The PRF-Algorithm AVP (AVP Code Y) is used for conveying the pseudo-random function to derive PANA_AUTH_KEY. The AVP data is of type Unsigned32. The AVP data contains an IKEv2 Transform ID of Transform Type 2 [RFC4306]. All PANA implementations MUST support PRF_HMAC_SHA1 (2) [RFC2104]. " (Note: Unsigned32 is used here instead of Unsigned16 because RFC3588 does not define Unsigned16 datatype.) [12] Change Section 8.2: " 8.2. AUTH AVP The AUTH AVP (AVP Code 2) is used to integrity protect PANA messages. The AVP data payload contains the Message Authentication Code encoded in network byte order. The AVP length varies depending on the integrity algorithm specified in an Algorithm AVP. The AVP data is of type OctetString. " to: " 8.2. AUTH AVP The AUTH AVP (AVP Code 2) is used to integrity protect PANA messages. The AVP data payload contains the Message Authentication Code encoded in network byte order. The AVP length varies depending on the integrity algorithm negotiated in the initial PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' bit set using Integrity-Algorithm AVP. The AVP data is of type OctetString. " [13] Change the following paragraph of Section 10.3.1: " AVP Code 0 is not used. This document defines the AVP Codes 1-8. See Section 8.1 through Section 8.8 for the assignment of the namespace in this specification. " to: " AVP Code 0 is not used. This document defines the AVP Codes 1-9. See Section 8.1 through Section 8.9 for the assignment of the namespace in this specification. " [14] Remove the following paragraph from Section 11.2: " In networks where lower-layers are not secured prior to running PANA, the capability discovery enabled through inclusion of an Algorithm AVP in the initial PANA-Auth-Request message is susceptible to spoofing leading to DoS attacks. Therefore, usage of this AVP during the initial message exchange in such insecure networks is NOT RECOMMENDED. The same AVP is delivered with integrity protection via the last PANA-Auth-Request message upon successful authentication. " _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From pwtjw@email.aamu.edu Sat Jul 07 01:30:24 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I72sC-0005jQ-O0 for pana-archive@lists.ietf.org; Sat, 07 Jul 2007 01:30:24 -0400 Received: from [124.82.35.121] (helo=82.124.in-addr.arpa.tm.net.my) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I72s7-0003o7-Hk for pana-archive@lists.ietf.org; Sat, 07 Jul 2007 01:30:24 -0400 Received: from [196.138.185.46] (helo=krc) by 82.124.in-addr.arpa.tm.net.my with smtp (Exim 4.62 (FreeBSD)) id 1I7Ht-0007kq-QC; Sat, 7 Jul 2007 13:35:17 -0700 Message-ID: <468FF8C5.5040606@email.aamu.edu> Date: Sat, 7 Jul 2007 13:34:13 -0700 From: steak User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: laughable Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 3.5 (+++) X-Scan-Signature: 1a1bf7677bfe77d8af1ebe0e91045c5b VPSN WILL MOVE LIKE A COMET AND ITS ONLY GOING TO GET BETTER! Watch this SUPERNOVA closely MONDAY! VISION AIRSHIPS INC Symbol: VPSN Price: $0.021 BANGKOK, THAILAND, July 2007 Advertising Agencies Ready to Ink Deals! The company wishes to announce that it is in final negotiations for representation with some of the world's largest advertising agencies to market and reserve the blimps for there clients. VPSN THE RISING STAR, IS SET FOR SUPERNOVA STATUS ON MONDAY! So distant, general and obtuse but perhaps worth some effort. As I said at the start, I'm writing to let you know about this because I know that in your shoes I would want to know. Except this was a swish hotel with four stars and not the cheap seats on a flying bus. It says that you have ample parking and a team of award winning chefs . And a very strange meeting it was too. And a few minutes later, I was chatting with the Chamber's chair who had been wanting to come along but the date had crept up on him and we had gotten full. Don't sell clashing events in too close a proximity. And that is exactly as you would expect from a show laid on by the supporters of the plan, including the consultants and council who are advocating it. Don't sell clashing events in too close a proximity. We ended up laughing things off as best we could and taking comfort in the fact that we weren't alone in receiving this treatment. I saw one issue that I knew to be contensious passed. Our Regional Chair, who has done so very much for the FSB over recent years, had been asked to stand aside from official duties while certain issues are addressed. But if this is the best that B-o-A can do, as seen at last night's FSB Regional meeting, then Melksham can do far better. I look, too, at the central and branch costs and I wonder how the organisation as a whole stacks up on this. A cancellation phone call last night, just before I left home to go out to a Chamber of Commerce meeting, left us with an unfilled seat. But in fact it's full of tightly worded paragraphs which I have no doubt may be quoted back and referred to as policy in the coming decades . Ensure you can serve the food fresh and not with the gravy dried to a crust. But we can sure as heck do our very best, put anything raised right a. But we can sure as heck do our very best, put anything raised right a. We tried closing the windows; the sound muffled for a couple of minutes, the temperature rose . This was a special weekend away so we really didn't want to ruin what atmosphere there was, nor did we want to make a scene once we knew the score. and I noted with a wry smile that the reception counter was being used as a counter for the food that awaited service to our group. A cancellation phone call last night, just before I left home to go out to a Chamber of Commerce meeting, left us with an unfilled seat. We don't have the space, we don't have all the facilities, and we could not do a good job. I'm sure that on other occasions the Walton Park is a lovely hotel, but I do feel that you had grossly overbooked your facilities at the weekend, and you did not have adequate trained staff. An excellent opportunity, again, to see what's done by others and learn. I look, too, at the central and branch costs and I wonder how the organisation as a whole stacks up on this. All this is not to say that we get it perfect - we don't. Clearly we let you down on this occasion and I am very sorry. Your communication has been discussed with the Management Team who are obviously embarrassed at the points you make, particularly that they were 'not able to deal with the issues'. I'm sure that on other occasions the Walton Park is a lovely hotel, but I do feel that you had grossly overbooked your facilities at the weekend, and you did not have adequate trained staff. Clearly we let you down on this occasion and I am very sorry. And a few minutes later, I was chatting with the Chamber's chair who had been wanting to come along but the date had crept up on him and we had gotten full. I look, too, at the central and branch costs and I wonder how the organisation as a whole stacks up on this. Perhaps all this is true, but little of it was available to us on our visit due to a wedding. A request for a better table was denied. and I noted with a wry smile that the reception counter was being used as a counter for the food that awaited service to our group. What are those extra letters that you sometimes see at the end? From pana-bounces@ietf.org Sun Jul 08 19:49:04 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7gUx-0000Jo-0Y; Sun, 08 Jul 2007 19:49:03 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7gUw-0000Ji-1W for pana@ietf.org; Sun, 08 Jul 2007 19:49:02 -0400 Received: from mout.perfora.net ([74.208.4.195]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7gUr-0004tJ-Jc for pana@ietf.org; Sun, 08 Jul 2007 19:49:02 -0400 Received: from [77.67.189.116] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis), id 0MKpCa-1I7gUf3MUn-0001dx; Sun, 08 Jul 2007 19:48:56 -0400 From: "Alper Yegin" To: "'Yoshihiro Ohba'" Date: Mon, 9 Jul 2007 02:47:38 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 In-Reply-To: <20070706233729.GF17506@steelhead.localdomain> Thread-Index: AcfAJsr5rQQ0e6wPSH+XIlOODE1NewBh3yrw Message-ID: <0MKpCa-1I7gUf3MUn-0001dx@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX19Rgn/jJ89YsngTqxybdz0yTtWWX0fSDA87FEq pc/O8opAMkEzAOUBlXJcxAXdkdjs8jEmugS4IndZLQeSHqPtow vzxEu9JtG0BAiwLbUeFNA== X-Spam-Score: 0.0 (/) X-Scan-Signature: 93df555cbdbcdae9621e5b95d44b301e Cc: 'Mark Townsley' , 'Jari Arkko' , 'Sam Hartman' , pana@ietf.org Subject: [Pana] RE: Proposed changes for algorithm negotiation X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org Yoshi, > 5.4. Message Authentication > > A PANA message can contain an AUTH AVP for cryptographically > protecting the message. > > When an AUTH AVP is included in the last PANA-Auth-Request and > PANA-Auth-Answer messages with 'C' (Complete) bit set in the > authentication and authorization phase, the value field of > the AUTH AVP is calculated by using the PANA_AUTH_KEY in the > following way: > > AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU, > I_PAR, I_PAN) > > When an AUTH AVP is included in any other PANA message, the value > field of the AUTH AVP is calculated in the following way: > > AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU) Not sure which one is better: Having single formula in the spec (good for a simpler spec), or not having to repeat the same AVPs at a later message (good for reducing payload). I'm slightly leaning towards the former..... > In the above AUTH AVP calculation algorithms, PANA_PDU represents > the PANA message including the PANA header, with the AUTH AVP value > field first initialized to 0. I_PAR is the initial > PANA-Auth-Request message with 'S' (Start) bit set. I_PAN is the > initial PANA-Auth-Answer message with 'S' (Start) bit set. So that people don't mistakenly take the whole IP packet as the PANA message, let's say "I_PAR is the initial PANA-Auth-Request message (the PANA header and the following PANA AVPs) with 'S' (Start) bit set." Alper > PANA_AUTH_HASH represents the integrity algorithm negotiated during > the initial PANA-Auth-Request and PANA-Auth-Answer message > exchange. > " > > [8] Change PAR format in Section 7.2 as follows: > > PANA-Auth-Request ::= < PANA-Header: 2, REQ[,STA][,COM] > > [ EAP-Payload ] > [ Nonce ] > * [ PRF-Algorithm ] > * [ Integrity-Algorithm ] > [ Result-Code ] > [ Session-Lifetime ] > [ Key-Id ] > * [ AVP ] > 0*1 < AUTH > > > [9] Change PAR format in Section 7.3 as follows: > > PANA-Auth-Answer ::= < PANA-Header: 2 [,STA][,COM] > > [ Nonce ] > [ EAP-Payload ] > [ PRF-Algorithm ] > [ Integrity-Algorithm ] > [ Key-Id ] > * [ AVP ] > 0*1 < AUTH > > > [10] Change AVP occurrence table as follows: > > The table uses the following symbols: > > 0 The AVP MUST NOT be present in the message. > > 0-1 Zero or one instance of the AVP MAY be present in the message. > It is considered an error if there are more than one instance > of the AVP. > > 1 One instance of the AVP MUST be present in the message. > > 0+ Zero or more instance of the AVP MAY be present in the message. > > > > +---------------------------+ > | Message Type | > +---+---+---+---+---+---+---+ > Attribute Name |PCI|PAR|PAN|PTR|PTA|PNR|PNA| > ----------------------+---+---+---+---+---+---+---+ > PRF-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | > Integrity-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | > AUTH | 0 |0-1|0-1|0-1|0-1|0-1|0-1| > EAP-Payload | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > Key-Id | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > Nonce | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > Result-Code | 0 |0-1| 0 | 0 | 0 | 0 | 0 | > Session-Lifetime | 0 |0-1| 0 | 0 | 0 | 0 | 0 | > Termination-Cause | 0 | 0 | 0 | 1 | 0 | 0 | 0 | > ----------------------+---+---+---+---+---+---+---+ > > Figure 4: AVP Occurrence Table > > [11] Remove Section 8.1 (Algorithm AVP) and add the following sections > instead: > > " > 8.X. Integrity-Algorithm AVP > > The PRF-Algorithm AVP (AVP Code X) is used for conveying the the > integrity algorithm to compute an AUTH AVP. The AVP data is of > type Unsigned32. > > The AVP data contains an IKEv2 Transform ID of Transform Type 3 > [RFC4306] for the integrity algorithm. > > All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) > [RFC4595]. > " > > " > 8.Y. PRF-Algorithm AVP > > The PRF-Algorithm AVP (AVP Code Y) is used for conveying the > pseudo-random function to derive PANA_AUTH_KEY. The AVP data is of > type Unsigned32. > > The AVP data contains an IKEv2 Transform ID of Transform Type 2 > [RFC4306]. > > All PANA implementations MUST support PRF_HMAC_SHA1 (2) [RFC2104]. > " > > (Note: Unsigned32 is used here instead of Unsigned16 because RFC3588 > does not define Unsigned16 datatype.) > > [12] Change Section 8.2: > > " > 8.2. AUTH AVP > > The AUTH AVP (AVP Code 2) is used to integrity protect PANA messages. > The AVP data payload contains the Message Authentication Code encoded > in network byte order. The AVP length varies depending on the > integrity algorithm specified in an Algorithm AVP. The AVP data is > of type OctetString. > " > > to: > > " > 8.2. AUTH AVP > > The AUTH AVP (AVP Code 2) is used to integrity protect PANA > messages. The AVP data payload contains the Message Authentication > Code encoded in network byte order. The AVP length varies > depending on the integrity algorithm negotiated in the initial > PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' bit set > using Integrity-Algorithm AVP. The AVP data is of type > OctetString. > " > > [13] Change the following paragraph of Section 10.3.1: > > " > AVP Code 0 is not used. This document defines the AVP Codes 1-8. > See Section 8.1 through Section 8.8 for the assignment of the > namespace in this specification. > " > > to: > > " > AVP Code 0 is not used. This document defines the AVP Codes 1-9. > See Section 8.1 through Section 8.9 for the assignment of the > namespace in this specification. > " > > [14] Remove the following paragraph from Section 11.2: > > " > In networks where lower-layers are not secured prior to running PANA, > the capability discovery enabled through inclusion of an Algorithm > AVP in the initial PANA-Auth-Request message is susceptible to > spoofing leading to DoS attacks. Therefore, usage of this AVP during > the initial message exchange in such insecure networks is NOT > RECOMMENDED. The same AVP is delivered with integrity protection via > the last PANA-Auth-Request message upon successful authentication. > " _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From cdt@email.msn.com Mon Jul 09 12:21:12 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7vz6-0000sz-H5 for pana-archive@lists.ietf.org; Mon, 09 Jul 2007 12:21:12 -0400 Received: from dynamic-acs-24-154-145-88.zoominternet.net ([24.154.145.88]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I7vyt-0004KE-HE for pana-archive@lists.ietf.org; Mon, 09 Jul 2007 12:21:12 -0400 Received: from [128.111.164.226] (helo=fkvub) by dynamic-acs-24-154-145-88.zoominternet.net with smtp (Exim 4.66 (FreeBSD)) id 1I8P-0007Xd-7S; Mon, 9 Jul 2007 12:22:33 -0400 Message-ID: <46925FEF.1020302@email.msn.com> Date: Mon, 9 Jul 2007 12:18:55 -0400 From: Mata X. Benny User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: notice.DIWSKTEBOZGNKP.pdf attached Content-Type: multipart/mixed; boundary="------------040304060002080404050106" X-Spam-Score: 0.1 (/) X-Scan-Signature: 2f0065339d489fe5a2873ea9ad776d1a --------------040304060002080404050106 Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Transfer-Encoding: 7bit --------------040304060002080404050106 Content-Type: application/pdf; name="notice.DIWSKTEBOZGNKP.pdf" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="notice.DIWSKTEBOZGNKP.pdf" JVBERi0xLjMgCjEgMCBvYmoKPDwKPj4KZW5kb2JqCjIgMCBvYmoKPDwKL1R5cGUgL0NhdGFsb2cK L1BhZ2VzIDMgMCBSCj4+CmVuZG9iagozIDAgb2JqCjw8Ci9UeXBlIC9QYWdlcwovS2lkcyBbIDQg MCBSIF0KL0NvdW50IDEKPj4KZW5kb2JqCjQgMCBvYmoKPDwKL1R5cGUgL1BhZ2UKL1BhcmVudCAz IDAgUgovUmVzb3VyY2VzIDw8Ci9Gb250IDw8IC9GMCA4IDAgUiA+PgovWE9iamVjdCA8PCAvSW0w IDkgMCBSID4+Ci9Qcm9jU2V0IDcgMCBSID4+Ci9NZWRpYUJveCBbMCAwIDM4OSAyNjVdCi9Dcm9w Qm94IFswIDAgMzg5IDI2NV0KL0NvbnRlbnRzIDUgMCBSCi9UaHVtYiAxMiAwIFIKPj4KZW5kb2Jq CjUgMCBvYmoKPDwKL0xlbmd0aCA2IDAgUgo+PgpzdHJlYW0KcQozODkgMCAwIDI2NSAwIDAgY20K L0ltMCBEbwpRCmVuZHN0cmVhbQplbmRvYmoKNiAwIG9iagozMQplbmRvYmoKNyAwIG9iagpbIC9Q REYgL1RleHQgL0ltYWdlSSBdCmVuZG9iago4IDAgb2JqCjw8Ci9UeXBlIC9Gb250Ci9TdWJ0eXBl IC9UeXBlMQovTmFtZSAvRjAKL0Jhc2VGb250IC9IZWx2ZXRpY2EKL0VuY29kaW5nIC9NYWNSb21h bkVuY29kaW5nCj4+CmVuZG9iago5IDAgb2JqCjw8Ci9UeXBlIC9YT2JqZWN0Ci9TdWJ0eXBlIC9J bWFnZQovTmFtZSAvSW0wCi9GaWx0ZXIgWyAvTFpXRGVjb2RlIF0KL1dpZHRoIDM4OQovSGVpZ2h0 IDI2NQovQ29sb3JTcGFjZSAxMSAwIFIKL0JpdHNQZXJDb21wb25lbnQgOAovTGVuZ3RoIDEwIDAg Ugo+PgpzdHJlYW0KgAAgUDgkFg0HhEJhULhkNh0PiERiUTikVi0XjEZjUbjkdj0fkEhkUjkklk0n lEplUrlktl0vmExmUzmk1m03nE5nU7nk9n0/oFBoVDolFo1HpFJpVLplNp1PqFRqVTqlVq1XrFZr Vbrldr1fsFhsVjslls1ntFptVrtltt1vibnaiXWbWgbgEgZDLggTWc5GgRYOkHRmDgaZdoAT50SQ fgRwPcFGyMhbUbLKx7EJ0CU7dVp7yMDPeJkR0OeTM4ZuFU1KMHWFS+hxF2lpkMUEd5kYzxgTgWYA a5DgYZyjWALngSmVsHHTpAB1vhNSkCWbqgZmTsFEi6yrUC8CHCdYgAIeRU7A5cDPR7IbWd58MRCi qMvkCMWAVobjZ67f1hrws08qPHa4Ihv8g78joT4AEY4jmjq6CRvCggvFOizdj0S6BQI4UGNUhzXI IPQmgATJLJaRr5IGGx3mMMiBLmABZmugwSCcvwACMM6Dim6ZGDuAA9HfDbaAASgzIKUwSIWLZTGo yxlFaTpOlSgbOvSCq+NAhkXILGZ0w6I0PxwAAzmyhp3koTKFDMTyBH2GyBM/NYXD2zAASey70oGY krj2cEsoSMhVBCgcXN4ABLiQ37yQOgxsw0gkeoLNLZoST0lIG5TQzqZQtoJKMRPGg7QHSUSCUHQq BjJRAAUXGgAHA+sbTIg4MimgY7yWgTEJaMRGoEIo9AAAkhgAc7KAAeECIIA5qHAuxztugzUjsdJ0 wg0M1IGO1gIILZ2IWPdwEYOpWmyVocDg0QvC8gU/gAdNhoXYqDWWgYSMpZ6BjEA7lP0hI9kpYyDy mgxwFMABWhCTJiBcgR2XLc6EC9PaEka2yB2LF8GEu/whw6g9/IK1KCDq0MSyKghOswdhqN6U2ExL h2UIFdCBM0hAhucAAQl2+1gDEIqBtygePXvkEGAOvuVIIcEdoFbGiOmlgmj4gQjMccB0RbjiBiGa +eHA1TfVrp0GgySgdGpIAAOkgZ1EWgozTOhU6gBTAAAvPSBlaPUKs9XgdD0LdVIPraDLpr9ZQ+gR z6ohW2SDEiDjNmoABJOM5D2a4nzrNsnb3UMKQshWrAAITAVjrhjAAeJKUi4GeIOSnVLvZMYbahPL U074bMnhPOc9R8ouzUlYIIUXKRyxwAa4gfYcVsMDIaT7/bU9XlpWSj4RVYSFGvGghyWDJqBtpqBk +RhTOJNd3lugYAg4go4eMhJr4fTwAEXKCBhw34cAp13AAD2+4hT3yCiMdiNcc74yCDWfQQYTKw2T kIUIkkYCmhTB7B0/gYingxNyIOHpRxBhdnTPisEPQNgCAADIEc5B1HkEGbMAAO6C0RB0DqQmC5An 9DAP6ACDcHSDmXISZ8gzPiBhCY5CsgcMFEg2RnAwhodHdHEIHBUloOhRB8EkQIMjzVVqtCQcJMBA h8AZH2QgaUOFbkDDortEqJ1QOXINAUgjp29wEeM35vsdiDRhIM69r4zlGkDH2owhQUx0iZGoYYgw HBVEFGyzIADwICJrFOHtEZCBWsWiLFyL0YDHA2dY15RRCRZgBIKJcaRB5HxyIJJIgYcEkCmd88CJ BBg6nfIQZ2Ag1xVHyC23UAAklvAfcMl16MZZDIGGoPghAynYgAjfI4mEXIlteVWEcSiMQALMViBl 2xBRWmGEY1BwaECBHSBYKoUT8xGh6OwnYg8G0RIqf6u9PYLpQEHiZIEI6KzaPURyNQYkEIYwJagk GHZBwOKnABPVO4AE4F8nwNcYgxF5kGMgQoRrkHT0BOaJQJqxpvuRVGpqf8WaHvJfmQI7AAH9Akou zEg4UoROHgGAAHR06QkDdPC5abbqUFzfOXeEsaJLECDOHZ3BLmFlYXaMATo4H4EHEkiqPLrSBMea +yEhb1iBrXISBwDgR1kidluBdzJBAQ0aGIJSJjVzRLrISEJVoLDp1bWCEVFITRjVeIQNQIwdkDo6 adJZqRBp4gArUQKthAq3A2HBVGbZCg9wDquQIeJfAQgsIFVsIS00UkCN2ZQ3xAmkmrJyE0DJ8WMj sCFSci5pluWYIWZAzCmVNSAIGMq4BAg6vLGyDptyHzbD8I6LoRgeqoMXFEJiu5AkmgkFnc4M8+CH h6GIFkbpBBz2WIkXQa0M7XXpvVeu9l7b3XvvgRODbDyLhmG66W+Is7LXHeVbGJgqh+RiIJeZsJCX ahnuEp1iilZ3gAA4MYMQehSkEH1BEntwiJYPwiKUYbhhrSKIG54dIjQjvaI5YKbhD8EEZBDcMiAH AnK7BIHVDo4Ez39hTV1F5ciCDphiXonI3Q4DdqxiBflXDCKRWYgYOz5UDhbTunUboXrLnNAAFSnp ArHpGGGQMbt9CLg2vDgauxEaDEZA/RLLmXSBAuggE5hDCa4kGSgHuNYrxTQxyEQO/R9RROQoncwR ttiJBiU+RgYeEyHjnFuy+Ag+xL54RknHIZ9byAholjkgWg0hxQIHOIcAdicYwskCSpcoyEyEVdGa sWPZjLvzAnh3RAsGgAGNVzFpCRMhPIIEOl5BdSEJm0Q0S9L4zkaEzaKJcBg9guFSbR9cu9e0PHAF 4fYLWoBOjW5gvl2QAXHREwtoYQmCEGTAODRxAxzuzIRI4O4XgKq8nfTFEubAAbOIEZMg88EOjZ2r tvB22huidSWOc3+NiBzIIECHcaQ1WXECQ4sm4r1wy1xmLehYAITkKhesgS6cZxQ04yAAYjNTmh3C o6UFj7hMWE0TEe5AxDhCUOQNQRgi3NAAHYOcJGYoRuGIWsjT96GmcjIbyuSetqBkCFLfYfRAs4Mx FbEQgXNCBc3BtpAV6x+I57ccnEPSqgpm3noAARq3oaGkgcQOCFwdm0rsuZJyk8CBBH2VRPMY1jNk GCGKrmm6OsED53z3PYdX4Xk6qrhIKSOzxghhVE4JNxLgtIICTMZBbQumsJsUWbYLW58abl8ggt92 AADEB8FgLMkCZ3sQY5RwDxiU6SQIW59QW1NABkQcBwgbMLBZmohBux0+c89q0uqoMvpbIV6kIVaC BjDEyCk0Pet9EF9ku8PXtQvIaFMdPGJd/eHpi76YPThOKy8yMXdRg6W6+i3z6QgYXgben9SQKtJh wUkC2eQejfshKBbpOKsgAPbhKH5vLMiDyJFPfj7PylwFDLCLWOiCYtrIhBGueOcmnNXiDLat1KkC EBwO9u3EKQBN8ovtkiCB4oDGDmYoOH8OZo4g9lkh9hzCCOfDnhbr9CBNhvgpUHNIqC7wQg9QNCGJ 3s1PWBhgdAzBiOnhrN4iCgXO+hKDBwYgANrBzGEueF8KHr9rkKhgAQHM6JqiCC9i+oYsMPRlkg6A qLHJFBhs2QljmHxJJwYJEQrlgPCF1vDCBtwQvQwLBDJP0iYgpuchYhKB4CDtvCEh2O0FWEMiEB8L MBstXtmiCt3iBAPvWiFBdJdGGGHGqItAbL8FlQQgAOME5OgQNmCRHDyJDCBxINXQhmTHdRMIxAyA /w3CCBUpWCCmGkjDboKxBhTkNRCsvHjODBdDlwFiBA9KWh4l5h4KxJojqRdxJCDAbFcBMtqGlgAA PnIRbqZJAKpmHPTBaRgE4vJiBB4NtAALOkZDuAARlEgj0rTifBGKshLhTBVQLvLvPoRxFratOtAG nHGnHKOvcg9hiAvBbjKA9HdBGtlISRNJdDIqNCBAMqHx7CCR9PKtLKliBx6LIGqPji7yCRlxYj1O UAbIvvUhVSIgjwVAXBTgKxNlkoOKnAxSLurhboBx8lXQMLWg9LkD7SBInpvwxFZDeu9hzl5tmhuy ECBnBuUCBv6onwjxUDkmLAzxfgSDQwKAAR9OugVtTGQygl+GqRFvrN0ibB0gkBUssiMDdB4oFSPO 2OjCNAvR3qcDgBKAzhGovmoy2l3AsE3AAMYshnHRAiBwwIXKvKwGvpZKyyTiGhby/iFPXqnS/F3y 2CBzByBQ9CPD6O2tkRMmYCCS+L4icgXIBrnCIQrgPwDNeDntWiDA9R/w/ljy1CCgMkbDjzUBGwVT UTgzhCCxuu4zhzjzkTkzlTlzmTmznTnzoTozpTpzqTqzrTrzsTsztTtzuTuzvTvzwTwzxTxzyTyz zTzz0T0z1T1z2T2z3CCNmyvAHAeAnBvuniBAhB7hLD7z3zlGMApAppfCHOaRDx2TICPBrHIAKnSy niBBaAeCBS2l4u0B4pyiCT/vFCEhrAOB3zcz+ipBTqxBRDAFpADjeQTiBA+NRGfTTteh4KYzOi+z YiDAdA9gsxlloRdgADcgpxTHHBzg/gAqJASEigyFGG7k3qHgSOI0QiHB2KimFmfkjDkItAOQSUPi ohvkqiBhRI6B4lEBzzgKZShI4El0Nk8PbjHB4MLG1HDBKEDhUlGApkSTRAAUuprD/AznVBTr8B9t tg6ldhUgXPSiD0UAAUAkkIhPu0r0sCq0JOzO0AjKihKB2zgA7SDP/mvq0BbhLgsU7IIhVDHHsDyN AAAjaUAFjn0M/oSC/GZRQm+h9h2h0zch9A9O0CD1KiBgpUVFhq+Pu1Gish9u9q5iBhLMkFjhMoDV UFNUoD2n5hqNsPZrxDpyNgABdRSAAxdgOGOAmhz0dAABLI6FYoYgjGCJPiFViCEAxKF0MKJhMhKP cVgCqHM1HiBA/1xCCVckcgpCCONiBA7mTjhB31OOtmDuMBVOKgax3mcDjVTCChzjjOqg/j1FdhTH bA9wNBqKX1BCEz+NaFw1dgLhlAdUpV5CrBbvaxSR6WPPTIYy0CBmGHoB1Uq0OiDWHOqjHBztyyI1 siD2IEZKiu/EZV4FpgbI7R7WUiFB4qi1kuzAyApUVn3BKSiWTCmgmsTB0vz0KgxHajDu7ofLkAxG EhbjDUNtyiBWevaDpxuzTGqWIsPiBxTBrQBAA2JiOWtmqVKNNgjV+KaAdA/qi2qioA9XAh4B9BiP ziDV12mkRIlCHAOUClYloBRB2HIAvQQpVgABrBUjcsyiUgDlphM2X3BXSXS3TXT3UXU3VXV3WEYA SSZKdiGh02qCDUAyriJBRAPx9Wz3WzjhMmCAsh0CHs5iG0VCIB2PgVjBRRdmBxSg9BKBGi+WGiBB 32+3er0o8CCgCD6hsyDCCBTGhiG2niIPbiCVshRFEXdWdCByWjfRdhUt6XrrXASBrjSCBAvIWoCB lXu2rhwAbOIg63wXiPTUKhQULpygdUxCChzVPFlJWAAh7iBBLVQyBAxFaAAWb35L1A9hhjSXXjeq 2EzhKEXkbBiFdgipDWuvTRtkS3EuwiFtIOqn51s0hKJXKqFg9Ap1AYMVv4NL0hrgdkZDQgCBbuSk glhgmhwOvBTFwwf11iBhqYFCFhwBLhzWCh4YexL3mhblhhFwQMLYfC01Li7jI24QqhdPawvkz2rh bldu4gdFVAjHbA0NfiHMPgSFIwCsDWdEhhGA7EI4wi4A7WRObtPh4BZhUh9X8HUDpvy2rjHkl3wH HKigD4DSP0LCEU6hTVb0hD1BwBzqYroUPZAr1h4B4Bv0bgakSJikRgyBbuABGB2AdRWmIAUCCBM3 wiFkbiFB225h3i7ASEOhZh0rdZSL1Ze5jXehFh1X6Zk5nZn3ehrXI5oT3hLAdBlBn4GijtGBb4wZ qCwh4I6BWwaCWBxKVh3hGWR4YBzBwRdgdShApqFh218ZvivhOjaZrwBhGBVBMnZhsgtsBCOA0Q1M qAxIm3buqlkhLtW25jqPd56ixBwFRhzrkBngWjKAWUyX9jDgzAhuIiBhzBn3uiCSnCFB2ZKgHGcF 550CEgtmqBLpq4EvaWIQMaICu0rBiBO5yZ8zaE7yHl3lGBdAaiBaRW40Dlmh2AURtssZWwICCjLA tghA9OAAA5pxS5vabCrH5CCpGjCJfBs3EiBB9BxBPhFhLhniIADgUB2JpaCBwJOiEALjvBs2pqvo StGasiv2IsB5i13ofQh5ECKgja1gUB8UIQq3vFvmZZ/lY6jh2y7a8ir57n6IMiDZ+LKE7h2HmgzG qBdDrRl7EiDUSh2aTiBMsFDNygQm6ghFPu/Y8BzGQ6ZbIjV1L6NypqQxSAW7Qu2UOBzlEak7DI83 rQdBlBTKG2bZpB2gdX7bZzo0Obm7obo7pbp7qbq7rbr7sbs7tbt7ubu7vbv7wbw7xbx7yby7zbz7 0b02q64EZA5p+PKCBBPKOga1GCEA4EAghhUgKnrKOj23qAa0MifmGbIb1CHEehhpDJOFeDSA5i7A za0NvuKgbWFiH04n0qXhKF5n5ahrrEwRWhLpICBhnMfCP8Gh21ErNYpCE6yItCHG6cQB48CXWFlk CmnO2gxB8GZIbp0wdBMg9jlhbnKYzGejlhnjMb5CJ77v42F3oDyC7D3TFKOhlZtCB8aFuAjNHC/c cTLiIgCEi8jRluAcuUKje46rWD65AF4j20dApg7At3vIX5SA6v1mQi9jf7fHVcQIcDDjQGUETF+D nF0m6CKBWq8ICF2nrA9jnAtjnW0gAA7JLBncUKvodmwDerDDqEyEzCJA57PmFAcb4qOn1tPkOyIi FAvIcWskNpWAOcOBTKOgzXeX5JwHwiBC8lYnz8tQvpzoEhMgdE9gm0yA6DVAQgzKPiJnRzCqOokF hA9Ah0dcAN1XvMeKkljnxmydqgAB8NDiHgAuc9iofZchdD/OqGRiE9TICF59nYMDaUAj1cKYfB4v hjfEOnqAjBGLsTekdDlkFLLgMtRcfRlnljqvTFPhO9DCII9mcUtgAE/KyjadWj1PSlWd5iBECi+d 7o5cyCIFej7NDpbF8OcqpwqzKiDBieGPcjP3/XpVs9WoRA9VCYNc49MjgEDGxwyKFY5CBg5n1EP4 4Rln4eOh1S/g9n7At6jpeN0kJmcAvJ/EV8NN6ALqmh3mCEYrzlG+by6iIwUm4eiejI5S9B2qVpzd QEKJ/DQOwdnn5FjepZkmiiBZ2RoF8BGJpLsC/B4xt89D/Kzd0mCBZndKZ8IiGg9o5NpDyl2i7nND 2CBhFtREV38nXLVRDkCl8vQHXYWCFkhCCA7gphG9wGbXEto2YiDeFT4IBokPEdngAAa3Y5AhdGCC 5HFHHC8SklogjdtiMg99JiO63vlB3hFrZAxB+D/c49aMfD6wyXNcZKfDYfB/dnNiDhLkoF0uoF5n Ag9/FDI7n5koVmNnWxV+akOjiS6CKfAiaRnDqEOEDHca9iR9RiHgnfDjRHf7d8CilTdiRklE4f7f +f+r3iALNrACCQWDQeEQmFQuGQ2HQ+IRGJROKRWLReMRmNRuORtGJcbLOEtQbQ9GJk9HQ6xJTMAS R2YTGZRE+JJGwljGSZnSXwtlHuYHovKeZkNwTOKns9RI9teLJRLwp8BmHhkpwRqHSWBeIHWuUiwW GHqImnyEk13xk6HOxQ9Wnqj22LrcmpQWKqLMRiRJW0CKkdKQQbNZ2tchgBwVQAMSBwpGGeCnqVxB lFuIFJF3LNXJWiEAJSzQdGkKMq2oxhOmZsqavxM4J0AHq/MBOuBb6QAZ0WYGLtQjHa43ylgAWB+K te9pTcNTWwgvbTbQRwbqGsZjQRL3HDEOX7+GJ/gul0nU62+G6mIEKdZv2UgbUcdLuC+oxPx2EImw QjueCtZrmu/gAAyIwSCcAKCnwbIsLWgg9DsRiCkuPZbniTIAEaURMIKPY4IILZTIIXTHlMvyFj22 A9laxYsoIEiVnOkoAPjAQxPogj8He9YAEugSCHOuMCIKc4jQSLCFmk08KwvDLrw2ysQIJEY9h0AA XMOADMIWYkWIKJsAmzKiFrRHxqII/0AHAnqFwYgkHwtHa/EyFkMINDiDlnEQzyggghpu9s/pgIZZ hszqCJqggjCKIs/DI9bsoIwzEN8AASJEAAxCMhA9QhGTJoMD54oKRhlII1TPsaRk9oUbI9xOHDYu GbpugAW9BUIzzQIIMlEiKgkcwi7QhqNSYAFnA6HB0yY9LrN4ODehDVgAawnIIU0VEyvYAPUhY9OG 6RbsFFSFtHXVQsQWbC2EhpWzVTY7HTZNPIJUFRVIgpTN4hBiBdQF+o0EjgnApayRunQig+/CCkoa keP8ACjIQa18w3bwdEZeQdBYgpjElSBnAAU0rhtTiFEXMqCE6OBW3EElZ4Ag4dFEgkajJPyD4XMy nIQJxrMahZGYsOqXneSmMlUDjIqaZxs4fVEQSnPjcITlaDG6ntBoZg9fPXhkenTK6FCNpgAC8pWS IKcGiYzjeOoNkOfIKHQn39uiLDhWbBJKEL5Uum4xUVmxjQCgsAYjuCCBdeyCnSO6C6Igp4G1UsLD NvFpoYMjMoJVo4VeAB4JLu8fJLQoACmMRGx0g3BOkeEfbBM3DoO6PGAAU8YoMbT1kzCxuqIAAnKP ayCL0hfOoMfcO1pwaEDJv9enitIAHORhzO15iDjEA8SX4n6CFvKg7k/X188ihJTlTuv1IzlqC0Ex GxiaxQyLxjeuKjh3Z0tOt+Zhk4XnpAAaOzMpYwzPAAH07IgwjQjkFGyqQToLRTQDAAN0OCLjBFxL IBkMRBBVD8fshEgTOk7wKcQBUggOishUIIJRZrSDYilAACEvw1lLLWSm3MhcEYJotgsmo9gexlAu hQjJ/8AYKEIBcPpty4n1xPIqdMEIojeBCW81s/Z0n9kGGoOBnpBXvAAD2N0Lw4GSBUC8Q0YYpXKv 9IqK9VRBmsQzZkHxGsV0xkLKMHYDLJyFRjbieONDuAACiA4NoupBI2DdBc4cPcB4oETB1IKNJChK DDjWGaSMm5OFIhoRcfYLZOkdeHKOU0p5UPrjWRQagjBFyElSRJnrwZYy1ltLcmAHAjh/TfLiX0v5 gTBmFMOYkxZjTHmRMmZUy5mTNmdM+aE0ZpTTmpNWa015sTZm1Nubk3ZvTfnBOGcU45yTlnNOedE6 Z1TrnZO2d0754TxnlPOek9Zkg6D/PafRFQXD7IunJuhOYGnsHanIdglBzi3DsHqSEzADwdIXQqeA lHXEwHhDCVI5hzBYE8f2HREx3pNT+JlXqbWzkYB0Doc46QQjgBsJQuEaWe0hdULMDg53sGbEofkj i8JnCpdxD0h1LSLgVNDJGoBHRrQBPbQVhQt1RphXwLcrRDAAjWE6rMW6ARKDphBS8xANhUmNV+Qe m5BAvC3CNF0ttByO1bmBQcSi4EtNgo2Qgboda4EEq8RcJ0lSFCnFPG4rAtAHAgCkQwSgRlMkTGI7 AjMX1ABicGB9AIjAzCZN4OcdRC4KBPguZMflKoZlHisPtagAAOQBHOJcS4SIYDntSBkl4ATeDvsA QYOpVyCgHEaMMFjUmZ0PHO7xg456eAAs0vgggdCmjWlgQdF1K4QIypbakhdrbXo+tkKKxqxhKBns SQQU6rV+D7MmA4VgALfXANwEIIwlKIXKTfchNdzwbUagk/W3SAaVA6qIQsMg8XsU4Cdd4hRQyDCn n8RC+RBbjWWIWOq5w12fX7ILaC6aQsAHBeA+lQFjCCgsHY98C4ep8CUuYQoV98wACdJ60VKlPgvX yLiAFY4ZKBkgu4QQeKmTBqIuS8gl4PAHJYFqcTEpBQjYuqcZ8/mJ4W1TIhjAg0k3iW5IXjynBBBL KhJIzPIDv4x4MIJkbJBBB2IYEszM3glKC4kYmQcW7jSCCzNPi0glV8YFxpSRDHRB8ukMCbLDBkQC F5NYUO3NWcyDZ1IQOYV5BarrfZgtmsK/cHkEd5C2hUVyFjUSNR46VKwADpMCCEU4TjeLGV8k0PRp 6zgAACzIDJcbFkJBdGkOotAAA8sSAfTGYjeWUzUXjT7ezAiUEovIhQ1qP6nTDgAhh1h46xABbBHy BwjGKHOYEMj0gXXmIJr3X94xiZruEojFxC9mPuCQVhIwlIYBPWzqYh9ISD7aIYEZ1RBQvYNIYKK+ eirlZLITu/OkfgOUVGIT1eGqEwmf1AZuh6QtGAAoOFK3iMyFDvroOw/mfEXLga0DofgxBT7MiABw WYxosgAyC9Mgd8EzU5AAMp3w+wSBTB4NIAAZMQEH4viIAFwDP3jZvXQhY8FjvfQCOfiZCAAwwiyO ZGOXQAm4MYAAM9jbBDEXtzzX/QAACpFOOnhDCrGjtGGQsMSewSM65AAAV+S9KgAr0RDqpB+sENHO ZB8/AiFCi6frkAHbu4RxAAJiAPIkzGw72ADCV5NHGaEtwWiAmcShkD5QshoHBbjUlEQ/ahD1HvTP 4NZmS54/h713ejM92Hs3xohcXjVEPQMK5wwqjBiC41uIVjjV5sTTjWP4OdVBR2JK+KG/3XfereBO G+PpK4Qh7sKUxu0g5uyCnkIJRcgkEt6GNNr3zp6DTTkLR7wCwarSHLkURsX3pxNHDtoqACCTscX6 44QBCsImiaKIw9YCEEkw8wWbw4CzOiAHSNGFEzaCMXMviIITmDIsSxOB0xUIcoQ6cRaHACG8uIMG squFSJECOroi+0HAMTMvk7AFOG6D2L2H2LiQK7OGJAcIrA0FMyojEhMZQYAsgZ2dk9GCHB+I6x+U QsaISxQIQBIRK9IR8oqz7BCm0+EIyFEAOn3C3C4IdAhC7DBDC+QHOv4nkBIuiJi9FDCk42MIOHej 8igCeGsCG4qmIFUzaIYsEfWiSugmMCmpOmvA2I4C9CEI4Gy2imSFnBEIKBsd+bq7u0o/SigFSBc7 UIiCkqOmIEpAeIKHi+2QCzXAuwgxU4UIgHBAQIuDED+EsEtDKIOD3COLa9IDOiSISHOHeAIAqtSH AWMWOA4GMD4r2htFUzaFUEpF4Y2HeBtFgdiHSI1FEYUSgHUDqRKABFmaPA9A4Lg1c7PF/EyI4HA9 o7gcGdSl+W6CaCaLjEoIITpCSAAxEyeCMvGGU6mAADoQkIaACi2Ig5e45BS6YIWGMCcFOE+j9HOy GI2qnHuccFuHM405Gxwf2A+OMIM4VBIWkUsCmXAskIOD4ekACBeIQCfGcIMBsHhHWSWADHcIQEaU yCmK4nwIKqoIM7rCkxxEkIMF0y0+IAAGMsSq2Z6FuD5FiIKGoE7JGS7FQIS6MOJJa44luVM6CXAC cHgH03SJuHbDwwfDazWTa4qDqzsV89IT2xwGtFO0aeYisUqTMxBGCz2HOt4IWBebwIIDgk0UuJ0t RKq2G6Iso06UMoWVwShLA/C9+3oz2Z8FFCuC8CdLUJE7y889UIMxxFap4+UIQHAeUV0rpKq40T88 yIS846CLMoY94IM/EWqN5J4ISAJMYILG4FSLTLcHOQOCnNoADFasCF1Lqk0D0DEDIFu8I4Se1L8T fMiIIF3FIlG/gNiPypcIOBC4y0U6MbWSxLiXuAMISAKShGyU/IoABJ0OkWo7zJ8INDUIWADIAGoL 8W6ABHSJLJQIQsWUyaAQusbAynyZBOzB8bcEaHO6dElIme/N3BGWO5eAAD4uSFvI/PyHepzIKIMW WME3jEqIIHa5waATnHlJeIK7iTqZ9O2/DJwIPPCMQtSGsfTPKS8tVQWz3PyukkrPWQbDqIQ4MVoU 5JaIIykUu8YfWFuLiGyKWCaroFSiYCKTC1y02DqTDN+IQDO8ET4ouFuNOooYjRfFwhaKXIu7OqYW k/qvsIKF0roGUaZHQIcDEzmxJN+8+dLSe3LGqEu1GIUD+ONFuzuMCi9LYSwqO+Qz2WPTMIOFPQII JSCe/PgiYRkY+ITSXTUdVOSt0RLSmha/yIXNa4pT9S5QQXA+UoTNuISFuXFTEIJTIIe8RHeB5Aqy XTY2Uk6C8MmD2fiCbBsr4CKBCcKAAHisWFAgXAvLiD+T2GkJ68cWq7We/DwemekxqUoUsADRS45R Ws8l6bIkqE6KBPaIae0IOEY7eILQ4ABV+IIAM7NLEzUQDIiFvWPFuBrQIEoJ7J5J8CmPyGs9EHe6 eCEEaFUl6FatzVgIJTNKpVoIUFAyPKaINHoIPWCwtWGZBWKIKEtInTshbXbWZWdPdMusUBqrRWpG qIXVuM+sbW2V06UlGjIc2NgIaBDUUIiBCY0IIFfVQYeorTiIQEs9a8oN5UsphUwIjHKaqC8E/TGb GIYHSXMIKB4MmHZTXMCIY9FZmigE7TIOHR+rRRoIuCHZlTkIq+IFnNkr3JqIQEyCaEWOCFvY4IVZ TQ6N5aOzU91aqluFMpKIuFMAMDuFabBLGXzNW8oFVYiLFWqqHJIIMDQB4D0QtZ7DWIhQTNoIkAqc 0IdVq1QIWUXGgmCH2DoJUnaxJcRc2n3cLc5c+IsFBZgTndBC6hsX7IWli4fEAuGr5WkIeFmH2/Xd KLEDQqqluGG4yT+DPP2liguIVDaB5DgIhLMlwDrR6I0HBdmIRC/DC7mIhHSJgWilqBIBXOhBDKYI NaS88DsIYHbKIJjWuIsG7KUIkB1LuX6EYoWive+FmkBTEYEQbHQFuJ6jMC3HqI6BaMsIkDsDqi8e oW9GCHO1GHTfVPaHULjdORDR+W9UAIiDqHS84vmM6EzfOlteiXupKHO+4JOIhLWIKHMFNP8LADsO aIogsIWEmHYAPV2IW48IuLgHO4bKKQK+aIcAuXsE+J6HgFnSKV8NJULPcHBhQZBbie0EmIOTlRyV KPiBDaEIOEvIc0oHa1qW5e7BsEopPiiW1iyABhwlcUohJh8AAHeNxIPfLg2APiQABYHAqJvKeRkb 4LlTRQiFuHVCfW4HgG+CyF1YyIMCadUjMIIGdcCt1giIcB5LCbcN4Gve/RaUoCHP+f2TTT6ILDOD racU2CnfEIPj3j7QjkBOCgqz8Y+8QBRC1ggpIXyoYF2B0XtkSuxdkCwuYCHkaP6UtP+1OU4BJCPT Rk0e+s66OGsHhj1j5YyCFf3lDOE7YINbWAACKMC8+IcCHlkXwore+IUFnGcCm+YQCCcBtkuAACwx cW7jtNPmLk+AAC3ie37C1lPdcM+PXNKM0EuQhgLi8U2RaKdmGG+bIAJQiiuashShIU1deIRbnIqB IEu/2Wlls5AA4MaCGhgD01a4yDqBKIQDFkKIYC9n+ZBVigqbwFMxmvkAOHYxKFAFoKWFLJJW8INb oIIioYihIFuhhBAtUSuYgIUtcr4U5nzjDmxJoohIOIVciQRpTcKhlOthMIPpkWqfrlsISA4aRoo9 di67OWpp4ILhLp/QsdlQ8IYB0Gu1Qg7pOIJpUABpYIJpcLaDrIdjpiyXFju8ShNnWIMBIeUFvCOD roMIMDNf2NiN4H3ikFEbhkfpuWK1QHaHA0wAMHg3jKK+4IPmHJOS4CbqGp5rwrzQtoIAABQHwIRE wIQC20nYkw9sKSErolplyM/d0IQBsMnjoAAEZrk7m4zJPPBj9nXQkUpM08ToIHYBQIUD5dYQaXyr uWltcINkjsS8Tm6/C3jtgIMs0NyW9qjtwAABrIQIO8mcKAPuEAAHxVQEyEgIJtEM1thiiEZXyB1e 7tmMyD3vKITmQukh/FRpNhWDQIaEykgDo1HXaWrZs1oekGsJ7mGIWFS/zi2RNvlmIIIHUp5iDfpi IMIR9rLYaEo3+hnnZFKFNZsEzF8IGCGb4CHo2IPvSHMZJhKGVjBvi/wIIH1QJvpopSHsntdpMIJd sIOClS6ILv9ksNOFFUpruMPwOHSb4vADgfSqSILXzR0cVxc/yF1mCIVd+8SMPg2zVC0NiGG1Rw0L CeDoWAuLsTeD0VIXYIVu0KQB1WkB4EuXwN49ShS4zYuHPDxqMIMGIoreUIZzQWkoqC8HQhbsBgwz vXmekCNvBzy4rgrPlziOCz+eW1KEtgUIrzMIzGQIN0ThW3KCGGJt4ITZeIMHBdlfKPZ0DzUISBWY A/akiHhDwGeSNXyHTvcGyickjoUZhQuFu6YCH0oowKM9Ew9ld1iIULeBYEzd1mMCaalwyIZJWIMb L2cIIBCTeC3d4B5Tl1yIf0oIvhKih2xazdolsEs/qm0HBuUIeAuCF2R3GnsB13Sm1145d3dC7zYI ci8HgMb3LZpDnMxL4lSDtZgM2BYYsIOA/r73qmWC8ivnmIkH53j26M3N9OAIyCaiv2uT+FVW54Um sjRJpbc2ffwYfWOLaGf5CIi3CINicT+CO3X46JlBIqW6YEYpYOH3Ys0U4GyC2A+Y0hph6y0ItkSC 94Y6CGN4ugPr+FNeHMmMJ3huWexDlRGI0Fo9LJkHA030OHPaKLODJ6OKXgr6UIKC3GPwMquHa4mH fDn3MFuGIBxdmEkdVtocV2oD3h6Ib6x5gIOE7IuA5YyDgGAhSDMEY3/hwzV4RgsCHUQFpilqrfoD 0ZsIVhZIrnkDN3u69qYT4Mb8utUdl741p79MyGA1H8Gx1FcIZyn8Zv+p58gMRXnjI/r7yIL8tUIM hvoM+JeHNCMemSoADwJsl9BLr8CVKpP2+IL4QhaMP9TuQe+0R5gCLs77b7eD0PkD17iYUoXTJ55Z bJyDdRnt59kIVuD2iOGEWFvlZldeQ9SHhd1keIN+gWkQO7r7eAAF2gODINIs1+yIWC9UGVgIAAAA t3AADE1IFCYVCi8XoUtz1Ah0ygAZzElC2piEAH2l4WOnaHFu73VC4S1gDJgAuxDC0ylIUWw+LEyL EaACdDgAlxbCSaZIJMGos2sHHfKqRSaVS6ZTadT6hUZUjXZC6NKkYZIEmXTMZvJl06lpHj0ekoTY JSgPVYSVJ0d3VEKYJD3AgC8IS56PC6oAE61gAAQ4AHA3QAWK6AKyQlVTSHOoEWIiALQAD0YqadCp CrjW12AEopoWlBJC3OOqZf5ViIWqkzCmyW9GQ4FYoTZtvmKlu95vd9v92ja/CQDgL8wIUeiaACEL IEjFaymzKpyBEXh8nTDEB4UPG9Aj0dTp1wAOs/KkpBQAO5TEktJuEABCncDKXetwAwHNAhDESO5q lg+c6FEuLDwOWcD1KWUAeIU8SBGU1BRJglbUEpCiTuMSzDJU+a7OM/L9oU/6FOigSZgAIoPoELwC Nu7LCFU3TgRpGsbRupIxOG4h2j0GoABWYAsEo1CBMYrgAAuiiVFmnRaRE3ClHOIy1gAA40IEU6Cj odR3xghYtiERgSGuhR2yKhUdAAvrVR6wgVoFIiEsYpQWLYhMnguybKqbK5pM2cCEABLyBD2c5KDO /jZIWu8zqUdj5xBN6FjErSFSU2KtucAEmoScwLpMPUdxxUlS1NU6olVAaBEXAsv1QqT4w8ax2oGW 49mAj0Ro2pBMtfWFgOAD9f1UhNWpUcDMFuWdg2bZ1n2haKlGuRlLlEHTL2lbVSrEFs9MuoCBIPbd yXLc1zqYANa3Rdl23dd94Xip4n0leV7XvfF831fd+X7f1/4BgOBYHgmC4Ng+EYThWF4ZhuHYfiGI 4lieKYri2L4xjONY3jmO49j+QZDkWR5JkuTZPlGU5VleWZbl2X5hmOZZnmmJD25RKEydpZpKlRPD 0EgbBtauapMlDBBq8jHGuIYh0CgQSFm9qKlaS46E+pGbibnKoEYUxWhCTJiC8SQjD29RslaVqBFS 2gAFObu12cM+q6ucBGAyOx0kyPe5NBX9/AycBiGteqmFueLOEkhJOj2MxPKYPe+jrQTeimC7RMsG yBDII5KcrgQXFbyXNj1tyBBry5TEY/vNpMoiFgyDIAcIgQjCMgQ6DmkwQ10AB451EBGjMPfG8ehO hzMYlC7WahsyWTvlj15fRAAPfXLswfU1Ap2mQT2XBoT29FgAT+iPKlqBcQAB2msT51cXbZ0+x35G HMcB4CHMoABJ86iDnHidwnYdCks3IULMO5CQzCdE6kspQLi6v8DqABtIew4EJD2Q0YDcgbDgCHBE ADSQ7ECCKV0Ahex4vnIU/0fCY3/wBa+rocAZ3ZkCDqHVm5e2utffS9YZQewSQTJVBmDA4IOkqDtC okz9yFBDNK1BZkACBNVJMOkxJCWuECCmI0EIZkIHTf4LohTYVCkUiCBc6cFhiCpISF6DcIHrG0A4 0kpUKX7l4IFE4hY1kBgHcy1chLeoMB6HehgO4U1thiH4Qpzo51BDWTKOdBRAnCqrC2gYpAdHfPsR AB94gcHHBFKSNcF0U25PPISMQJxCW4kCiOQkowizMBkkVJMlQ6VVgAcFJSXJAg5vJIk0QPZyyoiM USQKUhCYqEmCcl9644A9RwlklIagl3YS4ITLtwpAh8PkIUIwHT52tkJE+HQSSKwASgIEFsEg+3ku jIEC4wzahLkIGUK0HEFyBDEFOACeBhCIh7VqO9pRCx3qWJ2swAE2CFBOMAlMyMBCBQ0ITJqYa7Ax SiABCcAAxnEmEoU01BQ4CUIDCM5mW8Qk4iZEszwKYYoulMBC/sPaSxqPcL88skz14mjWHeHw5ktK NFJHa/uPbU5/AbfKeqcENpbFNF0gqmZTQnQfmVHAhNPylUeTNUZvBhKSozJUDodME5oEJpaOqRAA IFzrm815sFNCKDUpu2kHBCarCnOQABoRli60+KRRwk1RSFiMpIAFVbXyEt3ITWWgExFyhCUtEajq lpqxNQTLoElDjQO4KRFkgUhZyC0IuUx0YmQnylIEKZ0EDI2Iljg5IAAogmiSEbZI+URodQHGvFdq EqyEhnOm7ogQGa1iMgSVGdpCg92oKaLN6YAJWxVFFVuhAAAkUKMIQUDJpY+FMEzciJ4AHgiftIhh xxCp3wRggAAjNdJUNsoU3Cf80HJW+IWDYd4xiF3ZIUOCzwALvhGmOAAObWKVm3tEuURtQiBQnkaS qJwjDuUku+UhvNzEMDWFmHSEZSxTGijJOtO5CQ4Sqja36hZEQQi7EpS84Yen6ELqK6cA7oDttfqU YSGkgipDsdAfxsRTZokNiHD0lVgrFl4aYc+AU2yF4HkDFalUhRMuGgYQqd1q215DvcOxaorTpz5g wQ1tbZ4MZIJNhAhIl5Jx6IFSQAA50Zgbd3cXD8WLdrSD4GIIVnhwDoIWJd3w6WnXcHA7ApFXyEh3 vGzpngixKBFi8SqYAe6aaVJMHBuQXp+kJEykUEIOrq59RPmok1vc4w1wFLkUxHhP3c1YVAbNKCFj XCeSq+M/hWh6083GEAepvEm0CSaazp7MkC0UQpu1X05IHtBAp4oZtagXvG1/TChXjpJ12eAnU/zL bDJVftOMm9DTZILhcgTVtYrVAyhgEir1o6mhIq8RglwbCzki24DI1MZlKD1RI0CaClgkjEoU1ALq dAAEW5UTs+g9STuaQIRo2X059twSYI8ud9R5vGDZEARjZB0uSKbVgdKVFKgaQng0GOCGwh/w8pQm VRrOEYJngMExboYVPr1FjfuaEq4zXxFwAONo0AzzfgK5xRVAc5OgpQzjEjUHxrNZ1zZ+EJD4HWNG lROtq3kVEMg8RKaEsa6cDI+4sO4GU77Rgmcgkqh+HDTU7mh62aKVOyQH9Ud5Y5U3v3gfBFK5N4Pw 3h/EeJ8V4vxnRnPyU1UQuhxxgjHTBcF5m8Kg6gkqeberHjfQLnDqLdAYNmwRarFIwYyq38LrwmAA amciDHcD3aoPen6Fh3E+Kd+goi8Bk7D6H4S0BuwXDqEMWcr7aFICaMbscjprAA1U99wUUSYBngcM qUvO/YGaIUCwxoHL+fD/ItL5Ni1lxHBDdUqYTaD8b3vomvA4A7b9wEYAMT5L2heILWQOozYygxIU Qwb8sApZwSkAgvzzgc5ZgcCMAkwIom7cjsgS6lTQwgrqpqLOaK4bqUr2oGzST2AO4LwCohL8EA0F BYAV5O74o0r0iV4kwMwqoRo5aRp87Gp/gDIfAhDKAACH7hSxZaodK5IgQmkFMI5UwnghIJwEgwxB L5ApAsohT5qrjZR/TOIah2b+ShY6YZRDgAAFxzaK0JEMhWAfY/YRoc4JB1yII/AlS0pOcGoI72Df ChSSTRDyYgTXYPYwwW6FQGx+MMsQQ4AU8JQSiPAboTrzopb5yj430MMQcSMSUScSkSsS0S8TETMT UTcTkTsT0T8UEUMUUUcUkUsU0U8VEVMVUVcVkVsV0V8WEWMWUWcWkWsW0W8XEXMXUXcXkXsX0X8Y EYMYUYcYkYsY0Y8ZEZMZUZcZkZsZ0Z8aEaMaReAgIAplbmRzdHJlYW0KZW5kb2JqCjEwIDAgb2Jq CjEzNDcxCmVuZG9iagoxMSAwIG9iagpbIC9JbmRleGVkIC9EZXZpY2VSR0IgMjU1IDE0IDAgUiBd CmVuZG9iagoxMiAwIG9iago8PAovRmlsdGVyIFsgL0xaV0RlY29kZSBdCi9XaWR0aCAxMDYKL0hl aWdodCA3MgovQ29sb3JTcGFjZSAxMSAwIFIKL0JpdHNQZXJDb21wb25lbnQgOAovTGVuZ3RoIDEz IDAgUgo+PgpzdHJlYW0KgD/gUDgkFg0HhEJhULhkNh0PiERiUTikVi0XjEZjUbjkdj0fkEhkUjkk lk0nlEplUrhz+l0vmExmUzmk1l8Gm05jE1lk9n0VnMwkLreL2cTseTTaLhWqsY7SYrHZ7HY7VaLd WKuVrOZ7bez0fDud7yaDIbTIZDLYy5ZLSazWbriZ7ydjvcjZcEGabYbjPaLFZi6UDcYa0b7RYbeb LSZTKYTgc7ufuTfT5fjvd73feVdbsczncztcrkdLYaLjqDasb3gb3e74djwd0Dlz9dWedjccTyeL udjucjzebvc7ocbjbjQeLsc7zdTlem/f2Tl+R4T1e+febkb7ebjWaT2eTzgb2eb1dLZdVxdLdbO7 pDmdjl1z1l7ye70871eDyeB5ro/p2Hsex3wAdR3nAbx+HyfB+H4fa6nSeZ7HqcyxnceZ6Gkarjm+ bZvm6a5znIzp0HQ1zxHsfJhGYaxtmgbpjmcYhmmyZLJn6jx1HgepOFuZBKlUXRKkeWpimEahhGKX JgmMWxPkgTpIkYTDOnadiiEiRZZkkR5UF0XBfmMY5llsXhhnGdRwmYbJjMmfiBl8YpZE8WhWE8UZ FGqaBdF8S5DGSVRQFGXJMG8dRyJedR0HcYBdGeep5HoXJYlmX5clyWhSFiYBjMcYpkH2fB8peZ5o GqVZVltBp9QoeRemcWZ0G8b5mmKYJUS6UhTD0RZOEgXpiF0eR3HQa9KnUbJsumfp4nqexCzAV5fG iRo/lYRxBFQYxemAZxlmCgZyHOdJeGAZZvmyc5oGGbRvGccBkl+ZB1HS6D8l8aZdmCZxjlgUJUla VZNFoWxIOweJlmqXxsGYYJ+s2cJvGgY8+lwaJjFPT9uGiVJSmEXpZGETpDkaTRJkSYxgGGcxynKg ZrmIbZrGebpfmCZZaF2XlSHwjyXmMaxnGKapsmabZzHoep9mUaBxGsaBoGoaxlmWZBtnqeh7n4fR +HGZpymibBym4bJunCbBxl2qZom2a5pm8ZD/nQgZvnMbJ0HadBlmmbhtnGaxxHAadaGwaphFmdJw nE6hynWeRQl1txyneUJWGWahkGSZxhF+apmmgaJkmMeDZQgfplF6aRiGCZR2HSdx8nyfVhGOZBnm QZRplsXRUleYRhlmUxVEKXZgGEdZ3HsbJrl8eLiIGbZynQVZhGITBaGAShUF4N5IFCWBamcchvHG gZ0Pkxxk0YeJwm4dJ1nIdRnF4ap0G0dNJnoVJcF0L0YothfDAFULASgoBWinFQO43g0BpjlOKPIg ZpRqDLF0KoWQwxcC4GEMEWAwxoioGAM0XoyRtiyFgMcVQlhPjAFgK8xQ3CBmfHgZgeo1RtjpOOOg m5IEHj7HuPMeI7TijnHaO0bw6DiDzHgP0lw+R7D4XsORAjW0VjxHoPYdI739DwHQPkeq0ENInfSb 4cg6B0oraWO4daOScEuQYPkfbtGImbdoOcdg9IlD0NIPCOY+x+oPkEQNCEgB9oMHePkd70HZj6IG PuQ7sx9m3HONcbo2nKjhHMOYb47B1I8N6N8co3jxj1dofkeQ9h4qTKQlkog44joUHvKYfEEB5D6H 0P2XA/DqS8H8O4dw8BrOHMqPsl6Bh6DxHihQe0NYatDGJIsd0h5eROJePcew9x4vpHeOhRI2RuDt HIfIdY7RwjnHUOJHhwh7DUGk/AdQ64on8lXGGRxJiXjdL4NEXwtBfieFKNscA4xQC7GONQcw5JrD RGkOAUYnxUCxFMKAYyS5PjuFoMEV44BtDLGeLcVI1FTjCFM/8ZoxhFiuFOL4Z64RlCldmPaXg/Bp IyGqNUZQ1RpyYG2Oh0FNXQj4HiPAbo3RtjDGkMmUxrCBIQH46AbwzRkDFb+NIfA+B7DYGsM018YS 6S4Z+QIYo3hnihSeJUXgohfi+E+K0TQhhVCqFCLwZItxtDdG8L4XouhciZFaMYW4wBqC8Fu7xPwt hajUG6NYVIxRbiFFSLIcQ6x4EvcONIbw1BsTxHWLgYAtx0DrHAPAc6Cq7jgGQNd3QyWMDKFOMcUb aBnjcGiMdso3ZBCmFkK8WArhYi6E2K8XgrRZiwEKH8X4nxRCsFKKgV4xhoC8GmNIQIpRZCaFSMYX YuBjLgaENEaZJyXjSF4NBgwuxYCdFJaQdIx2VliHaQOEw4hQi4GSJQRApxkjDGIPk14whdDFmUPA YoyRYjnYmMsWYthqjJGsKEW4sReDbGWMUbQwx9RzkKLgUorBFiaDyKIUYjxZYQGWLkYw2hijNGSL UWoxxXC7FlcwZI0BjEDVIPsS4qxi4yGCLUWAphvDdGregXa5BxDHX2f++JAn5Dte0MAQYsBRidGE KMRwtA/jCFIJ4Z4uBcjZG2NMTYrRRCbEkKwWYihSivE+KcYYvxfjMFkLQWIoRRicFiLAWS/hoPlR yMIXgyhrDKGiO4dQ7hgi2GILMV4oyo0bGtg0XAxYCC9F4MQZgpBfi6GMjIUowxJjPGeLmQQsBeij E8KIUQqxMi0GULcYwsBPKrEYIwYeeBjDBF+KkYAvM+jHFaMoZzwBqDqHOOUcMl7xD+H+bwejUBt7 JHOPgeQ8h6nCkKeUyo5JFjbG8bkbg5x9TzLBJBr45hwmViDJ44bWx6j4MyPMfBriZDpGaNNzQztw DVGsOB+bsRz13GpXcZgxBiDfGeMob41RsSEMmMUcQ3RYDFaiMsbA6xyjpHUOYdI8B2jyGYMoYnIc mj/H0PdVw6h4jnHlEScpkB0j6a0POdEqx4RbHUNUcI6hxjheoOIco3ZNj0N5OmLb0N4zYqufeLMT B51OPEPWUfAByDgPyj03qGkKDvHrvMeMsxcDSGCNEc40iXjrHXyw4Q44jH8HlUIeiWB2j1HaOoeh mB5n56WPBCo8aryQjnHIn/hfDeH8QROa0UR8Ru8T4/yHkfJeT8p5Xy3l/MeZJZhkfrs5rbOIKS+X DXpIG1IxIKQLXZsD2HaOse47R8jyHQXU4RoR3+cIHHKOqOiC+CM2nHzXwfhEIJeOV0Q5h0DnGKNR ZAzBtCtGYMMZIzRxjOyIOF2A6RwN8F+MWyIuRfC6Fh3ccsch9jLGuMc7w10+I2pqMgYQ29SGIVuM UYwwxnfTGOLgXw1hZhThthaBqBjhOBYBeBXhWtPBkB2CiiBhhK7slBvhkLphjjwHPGihmhuEHveP hwOvNCXhwsahZhMBRhiBoBmhKH/BiGothhZhZipBohuByhZHWheBYBdBHg8BIhJBGhUBxnqByByh xhEBSBOBRBaBZhlNKhdhaBUhJBGBIhaBZBeBYk7hSBYBUhYBbhaBVBXBZBdhZhhBphkhel1G1BqB wEnhbl7hxCBhghqBqnxhmg8hOhag7hNBRhRIPDQh2JqwPQ/vgpZh8FcBoh1hzhzhdBkBgBrhxh2L MByBdqthqD0htB1BsBfhoBlBwhphyBqBmBsNsh8BvBtBsBpBmBmhYhbhdBgGpBuBpwxhhqDBfhbh fBbvphmBpHqD0tlnYh4OjB4ofujN5I8I4iBhuByB2BqBxBzhbBphnBPv8BohyBsF1qFDJxARsPKJ jpgB3BtBxPYh7vUiZIlOZmuiZEsFJIsjaCYh7DKh8JcESh0Kahuh0oth2pVh3jfD9JaPgCLCgxsy APLCXhoBrBjuDhbBsBcBiHQRFBmBfBmhghoBXBaBUBmhzBmhpBvhwhnhsh2IQE2JMBwh3t1kGCBo IB1mohshDBHBBhBs0BDBThVMXhkBOhKBMBVhLhNE+LwyAyeyfCWiXHGB0BiHVBfhahUhahGhJhNg 7BBBLhSBWhMBEhMhbwmBRBiBXhPNPBjBqBxhphux5BzhvB8DNvcloBeBPBTBdhahchdGQhnBtBqB XhdhehJhEBQhQhFBRhtBohrSfy/zACEnaFXGllih6hkhbBcsVBkq8DkO3DcB1D/BzucjMh9O4h9h 0B6ppxriBJjlGJskVkHh3uQBxuAB0BxBxmXBzowqmTAzXTAhrhskaBmBeTUJRzTkMh2pROsIoB9K rqnHaB8pApAEIOIB/BzM/hwCrhpBtBsiioJCBNrh5nCBtBuBvhtBflPBtBrxSRSzXzvyelwhfMZB Tq6KDBthmpOhxBcBphghYhsBemaBpBphWyIhkBoB1oaO1CBjMh9g+hUhqhQBMBehMhCBSKGBvJdh rBvBwBLhVBVtdhhhghdxmhohqhXoFTwUNRsH0hvEsIjDnkKj9B8B6hrBzBuBlhuC3LRLuhihphhh oB2DfpgjZiBKrh7hOBUhdhGhchmheBeERtxhqhqT8h4h0hcSChlBsRGUFhthsBphXhfhTt4h6UN0 rTACXpqonJAk4EHiZR1h/OjJTPzB+CYUvUspAoeh/pBMMh9PTUr04U405U506U607U7vJPRJITBt ynZr/PSPzIoJjCXCDI5usnlixvRkUjzJcvPigvQCJieCBInB+UqU1I3ihPiCaU8PKDPFjhrhmx8h 2BsC/BkhpnprNhlBkhrmMBXBchhhahhhehfBjhioABrBkBfhphfnCBw1LiBJVB1hjSshrhYhfBrh eBkBWBchXBPhKhTKbhuBjDGBwBthtxBHDhohnhpsLBs0TpwEXBtB1ohVfh/h8h6B8hlRV0ZFyjgB zFEhehnhdpzwhBxGlB3h6PUm+OeBkueBzhxGqBmj3Byj3hwBqBoBsmpBv1OPJhlBihsBWhQhThbB VBRBSBHBPg8g4A/hFBEhMBdBVhmr0hcBSBbhRkgBdBdBghghXBVhdBaBehQDPxJh4I2zOB/lTBlv 4hmEkhcBZhYhOhDMFy1WfhbBWBihfBkBiIzh1BWBQyjBShWhPBKBIBNBEBKhaS5hWhfBiQGUqiCk crEBaIHBphcBjhdBmBthghkFzhlBrhlBYwwBtBthuEchvBrhoE2BnMfhRhThLBDhHA/g9hLBFBTB gF0GXB1WGPJBshnhvhdhWBnBahRhaKthnVmBZhXBQBUBcSImjhyh3B2puouJxhyu7pgrKC6hwKGh kpDUwOXh3Ns18OXh0m3h7CxFaWDQxirByhjClk+S+IHhgEmhWhWBNQmNGBeHPBhBhCDD/h5BtBph wJkh7hxJ1B2h5j2h0pwjeBi2kV7EFpAKiht0ZBvhrVZBoBehXhlwtp+hYBphmBvwNiJVJXFiNDXB 8hwXQJJB4TnpUt0Dp1ICDPO0th/B+DNEGVGpDmIpTiJKZh5F7YDR+0wJqJcHZqrlWh3jOlmiHpIB +iwOVJIOvxgJDiDIwh4kGmuJdt0YRECpeB9iEkchwBsD4B3MBqkhpTfB70speBsnzB1BuDJJACDI 5B9GXByvHCCDzTg4JzAiXJ9BsBMBThWBuBxh02nhnhXhmBqBuPsNkOh2DJLwgq8KklEBth4NlH4v ZnBhyBtN1BtmJhqkZBoYZnBufjP4kkshwBdhYhKBtSHBqEnKpBkhgOyQYhyGbB1G4lyzM2DUlt/B lwVlGB1HABzTBiBhwnphVNMBbKkt/Bumlh5hxB2zUvkhfhiBYFPBbtSByJ7CB1dhYBurwQThmhrh yhqiZLnBkBehYnEhZBQBMhIBIhqhnBpEczfB9hihYhnBhheBlxZhghzBx2ABzm7vWv8BbFoB6hxB vBxEeh7CohsHGB2Tvp8hiBehlheBchUhXBXhIhZnvBYBYhPBfhlhYBVhhhYhWBUKVBROqhcBbhc2 7hvKdBkBrVQBhBchhBkhmBokmhiBZBahfBZBnitS0BchWBTkGqwh/hmF4hlBlmeBbBGBgBWBVBhB RBOhihcBaBVrdg9hNhdwohk4aB0BZBW2kabwmBZmaBrBYBVBTh3ksRjBpVihRhYhNBFhMyoBWr+B lhOhchNrfBJhaBWhSQphTQshTixB3iBhshohejvVSM7BlhfBfEcpDh/BUlThWryhhBdhkhXBQhNm qBmZjmvBgsHWkLEBchYHOhlhSwroABkBaBahfx7h4q9hXBzp9BuhwBqpgG6zXvRRQkKtED0hwG/u NzIh5TUB4huBuPkhxX5EIB4B1IiBxBwplTIpuh0hvhvovYbByjYucOjT0zEBhhNpcTWtsIoKru1B 0BkqWB3B0zM3RB2Bwi7hwBxCrhzB1h6B4BwBwB3Jkj+I2IhH3OiJZh7DyuQNEV/rFB15uxDh1Bor NBxh14qv5GJhsuEBajX2v1zIwFnmtje0SB6CZSyI/vBIfpBVBiYI5GuzfEAR7oahxBtBvh47Z3+p Ur/BvB1hqpkh14ipB37CUpg4IB5h11ypCJeU/8OPH4LL/Yd1CcLcTcT8UcU8VcVvIiXu/B4NvbxK Et6B6iHiXo5U/R3lSTfKryyEckGlS8SiJuVB+x3x+t0GtB8iJUtqZvMvUvBJVh5U1Yeb/iDbtjNv SUyonCBmIjKqhiGCXh2PX8tYYpDjzDX8eD8iGFapgB37uCNCXtvByBNBhhWhUlzheFbhfjGGhhwU uJrC3PmBmBe6FBbkfwChVLnBJhLBWBTBhUlhyBcBVOxhkFwBhrFBsBvDQH9bqYAh4hzDeh1h9OE3 9JlBz83BjzmhRtBByp4okhxpxlGByN1qriBh1uOaGBkB0B5vkjuFR6OU/B2BwB0urhxEQBwBw7lh vRkB3jP9hBso+DRBvB8hoqEhrvkmkh1bphzhbmK7Th4IJhuTlXmXhhkDQh4BxGjRShrBerBpg5yT OiXaDhyJgB4uyBkGzBvjqB7pPh0C0PXh3hvhihyDep7h/x3h9BfTmBzbTBqh0hvYQCBhxiuhnhg2 upgTUjSByBtufI8B4HYD5hjBeBi6vuHiOt4h8hTSIhZhosrlHyXVlhkhjsMvBB+51BoBiGVmRMRB XhSBRhfycBJhABZhWLGhhBpWIheT3ZeBVhXhKhMhQSYhaBmBmBqo6hphU0dBBhdhLhLhkBqhrhth jGyBHBZBfhHBahXhF2KBKhXhakwBeBbP+Ojb4nyhtwwBVBfl5hXBdBUDSBwmY+wBNhIBUBThIBS7 AhSBHhKhOBTBXBbhRBPBYhehKhGBoaUhfBHBlBXhUBmA/BJBEhbRTnVhpBKY+Kew2iBBrYuk/BgB fBSLihXBh6XFLBSBMBZVmEsXFd4h/BahaMLBtBwhjhbBgxShsEcksB3hfBcBkB7o0OKBZj0fduUJ DhRBd6E5ihLBfwkmoCBoHBuGnBoN1B0WkBnBZCshchSBQZ1BahN2TBosKhxtmCOpqikboIsh2B6h 4jSFitrxziAOt5O53PN6vR5vd6vh7vt8sZvtB2PF2v1+Px6vV7viNPN3vBwOJvqRZLNktFrv6VPF yt11M9puxsOp3uZ1uJ2utitZttRvudpuRvMxvOZuuJ1NdxN6Nvl/097Pd7tZrNVzt5wNlttqFven v91upzM9kMZrtJuuBuNxotNnNxwORpNhrtZpNp2NFludoRJsuRushjtJqNJ3vR6OV2vB8PqnU94v d6NZxt9vttyOBttt1O13uGsOhwN12ud0Px9PuVP50ONwPJ4O54Ot4uZwOOLPx97t4vF4Pt7PZ5ut zajHv/VwJ5OR1vBsuN1Ol3vKvuyPOqKPR5PJ1OVyOl1PButlrOVtXVttnEPF9Qyv+/4fH5fDGvl4 PCPO12tZxOFwnSdhqm+dJuHUc5snEeBimuaZqNAdx0HkeZ4Hqizcn4dhynMfZ9H0eJ0nSxx8oufi EHmaRqm4cZ0KSkR5nweyvnEcBsGYYhcHkejenmezdH23KvtWfaLn7IsiHsfB8Hod7JHge5tnAdEA PCd52HeeZ5nEbRxnYcx0G6bRqvGbxvG4dBZF0Wrnm+kJyHHFJrF0X52rEcJuGw1ESnYdscuGd54y IfR+H6b5ynmmkPnUdxxPKbzoF4ZJnloVRRu2d7VtQfZznCcZ0nIcRumwbx0nQeZ2HWiZ4Hk1J9NW 1cYHq4LlmsbJvnGbx+pUr5zz5MR1GIZxynyfMLUGfx+vnZNlWW95tm6apalyYBXk2VRSlEUJMFwU 5KFmXZElYWxMF4YpVF+ZRnGvOxpHOcZtnWaxlG2ZhkmwUZNEkchuG6WhmmMbhtG+ZBcGEXJVFOVR OFoXRaGWUxTlsdZ2ncr5kGEYxomEZBpYsWJfGCXZTlqbximCix9nkex8lEX5mGObxolWYhoFGXBb l2XJnmOW5nmAXRjFWWxdFAT5KGYa5oE8XJb0mWpUk2UJPEkRZSE4WRIEcUxfmEZRGEmSZSFSWRYF kXB1MyZxcFqbUVF2UZYlYUJQlEWxWG4cxwnqfJ8EUWJcj6T5cGMaRrFqXZiG2aJsl2Whek8TpRlc VpRQ7vZ6HsZBUFsY5WlkVJOE6ThFlPqZTkYQpNE6UpPp+cJ+HyfRq28ZRfFmVRXFkc1CtWr5VGEa RNlwYhKFgYRcGWbhaGIY3kGz3lmeh6B3G4b5ummZprvJRi030VxhloY5sGsa5vHQpB4m0bx5QKc0 zHOZhamqXZTFuY+NnRiZamAXBlQaVwsBdi+FeLQZIxRfjNGOM8aw1BxjzMQV8a45BzDbHKOgdAyx pDTGIMMYQzBeEKHoaseJGWGjQHWO4eQshdjQESKkXgq2NKcHUPQdY9RsjTHEMwZY1jTDkGmXR7g3 hpH9G6N0byYYFjmGuNUcgzxlDQG8N8cI0RxDjHiR4eI4RyDsHgOcZI0hjDMZ+NQZoyFeDlNWOAcA 7RkjeHCQUekaxxj4ISowbAyBdDFRQNpIY/B7ntQEN9fQ4xsjaGwM4YwwRbCtF6KQUAvBUCmFkf0c iJBmDMGoNkYA0RnjGGIcEep8RkjddoNEZgyIoDJGmNwUIvonDUG4896Msz5qulsV8fg9h9DyHOPQ dw5xyEcR6kVFA7xnDeG6ZEg49G9kaQ6Psdo6VUDkHKkNlBwTdj8lsP5ZM20izfH6h0e8slcj9Mak llQ95dLvHHDUeEsjVzfWOP4fcf5ZEamGPyWamCLpCQ4j43SJGTqDUHN8fY+B/D5Hosgp826HEqSK q5IMtkOj8Hen83c1kLD9myNMaAxiDjzm/QEjQ9zpjxm2i9vY+KAo/WOPKEY6UEy0WWkQdaf0dqbH OOxDI6C7j2HaPUa4yxmmAG+M4bI0BLCxFsN8pA2jvC3GUNJWI+ivlGHANIX4xyCDyGmN0b46B1jh JFBUcY5DWjkHgfodQ6BzD4MOPMc48RslHeoOOgiFh5n/HrUEcw5h1NpF4PNOg4yai8bufweSA6zj uHKMIbQwx5oSHYNkdQ8jFsTHgNgb406/jjGaMQZA3FaVDGaOkcw5SvzqHyMSqY2RsDcGOLhNImRH jEFGLYXAwxmC7FsMsY4uRfDXHWOBUY8RsDlJqOgd4whtq0HGm8co2R9ThoDUkbQ20yDIGcMEeI8h 3lfGYMMaIsxSCtGWMwZ4zRexOF+M8XdvBXCmFeMwYIwRtjHGSMQUgt3mDXGFHo9qxFjjUHEOQYQ1 h0CxGONAWo0BmiyGOL4X41hi00WVHQfAvBQi/EqKdyYrRWCzFQKRtwnR4k4GYNgbo26zmBGAL8XY rR7D1HmORK4thmjOHgdqq47YLl2GcMdOIsxfCwxIMIXwxRSCbFOLMUQoxTimE8LQV4pRwvIGSKUW 4zhkFVGsN5EhCB3riEqMAS4phYivGIKsVouBkCrFOLwYArhLCwFUJoYA1BXjOGfZwcArhcDFpuO8 YIxRlDHGaNAYgyxnrRFcMYZQwxYCoFWKUSomBSChE0M/IZXyWDuGILEZQxBjjUGGpATQkBBC5FOJ 4X+JhbtcFIKwW43xtFaKyMcaIxhbDSHMKcYmOxmDctoNIqSIh9C8FsMhGw0RaCtFQWsahXxgC3Fy KgUQoBXisFMLYUwpRfiUFIONB2EqtjKGSM4aAvRdCoFAMwXo0BljAGuY6g6sRfi6FmIwVApxWDQG +KcYLQBiC2GKUTDE3UijdGcYUa9kRtlvHCaSxxXztowj+cYfQ9oQkqIaPweQ+DVK6KfH8ew7qgDs PCOIc457ijm48PUYQyxeiiFMKBdAxhqjYRS+IbIyhojquiOUco4kiLDHsil7A1xnjlfCNIbJoBuj lHcOwdxoBwJbHWOMgtK07jYOaPIbA7RrqdHgNobQ6LpjlVUO+m465gDoFuLMWkSxnpBSKPqZm+Bn xGGP04icNSEMpHpSVJJDjgo6N9H+N49h4kTVIOxIk8xyjgHoOwcRvRyjrwGV8xysB6D3HzCDkeNl MkNdghxIY+lYqrIX1kdpjptEWUOOe1A4/SD65CPRJQ+B8j74WsseA7x1HjG4bE2o7TbcsHOlVCI7 BuDuHGOUcI2h8I5IdLkqSsR7K5m4U+uQ8BvDBGiLt+w0RuDXHPLwdw8R6ZAHONEawyRWjAFGdYdQ sRainT2QMHCssHMHGHsQkcq/g9IN2oeH88uHSGYGcP+HOscQAMuJ+fwNWoqF0F4GuGixaGGG0Geq CrkRAHWQ0GgicRYfMrI+AOOHiHcHeQgHKGg4qGAgWOkVOHkSsHqHetQHEHuHil05IIUhAHrAW+HC PCRCTCQGEGyGSFuGCF4GEcMFkFkFGFQF0F6FmGGGgE6gEEQGEFAFyGYFuHaG4HIGWFEGSFYFYFqF iFkF8HWhOK+G6HSHoeKsiFgGUFqFIF+EiE6E2Z4GIUEH4miHSFeFOE4W8JIFkFyHUHUHYF8GqGEE kFAEOFCEgEoGGFskWF6GCW0GCF6GkGa5QNWGkf44cG4F+GCGSFQFUkaE8FeiKHIoM5IGCE+MGGWG wFiF+FuE2GIFcEuFqFmFiFmFkGGGAaWGEFmE0EsE6bwHSK+F4F0FSGoGYF+fSG0GWGqGk7+G02KG uFkGuF+EuGAFIFmFYFiGoFsGsLcG4F0FuGQGG0aGkGgGwojCVHxHzH0PiG+NkHQMQtSHCiWGifMG +GsHCHAGQKyGrIEHdB2Qst6yIGQ4cGUGsT6K+98H0GWG+HUbYHkHSGsKMGEJErOnKK6/oGqiqGyb uG2IWHsG9BeFSjATQFCFkFaFNCyFgF8GWGUFKGKGMHaIMK+GeHMP4HcJsHG7SG0JEG0HMnm70H8S 0HwHYGoHaHKG4HSQEGwGgtIGwKvKCHgVIHIGiGoGOKkHoK+HI6ytiGYswOs+dKCOgHiPCHSuIG8F oG4GGGSGGGOHCGqHGGuGYHCJOGsF4GNIOG8HPH3MXMZMa+GnknKWM5NMcPmoKoIP0d0G+GqI2Hwx 6HmoKK+nKllMpNIoaJU9rMsR+HqHiHyOmO0Re2TNLNlNnNpNrNtNvNxNzN1N3N5N7N9N/OBODNmm 8ojMmnjOK/DOFN3OOnlNHNMWOoi/BOQnnAXNFMmomnmnBObOrOdCQVcnLPA/AodNkI2nUxqT2Hmf MHMHcmiHCxYTCGgsAHdB+HyNWgkHIcaF2G6GjI4HMHaGYG2gOvGHiOmOqHUHAPMG6ouhqHqHc8yH VQa8kHXNeGwGmQIrOiWS0fK6SSSPAHgHMwOHErEHuR5PYIMZSLCHY3wWSNSQxQIKiN6TonqVaJVK sNuG4GoF2FeFSGhA+GyGu+OP8Icl3BgGMF4TUGhMCGAt5Aet6GsHeG8MYPaGZFEF8jBDMG0GoTKP 4Ga86HIGUGMGOGMGQFuGKGLFCGgj0GiZmF+FZISF2HHK2vAHaGqGelgGmHVOoJVPQpkS0RQHKUcr qG+xkGkGYFm1QGgGORUG4F2GKGELYG3B4RjMdAkHeFU0UFGE2F+EwEeFkF+FoFkGQFyF6W2FSEWE MEQFjTKSGH6KkHyZ8y+GuGuFSFWFUEaEiEa/MF2R6K8KeGYGiFuFwFyE0gSGGGuG2GkGkF4FOLkG OGmZwHIK2EmEaFCDcEiFUEMFGFoicGmIUHwG6HCGsF6GKF2GZTCFaFWFcPGHAF2E8YulcFmFcGAK NGgPmIOHtTOGIGuHAGO0cFpByHaNWGzXMRsFu1iEyHQHJMGGVBARSm/AGHYFiFI0OF+cEF8F8FQE 0FSEsEsE0GoGqG0McH0GeGiGkFeFqFwF8F6F+EmEocgFOFTG1E6F4FiuAGKFoFxC6FwE4FMFUFSF IFQEQGqGOFoGQFSEuGcFgFOFgyaFEE0FMHgiu94H2YMGeGeGCGqf2Fo1wGwF0FgFqEyE+FCysJ2G XP2GKGyFSFCFiF4FyIgG3XrMaoKzmGqY8GeFcFeGKO6HaG+GaG0FiFSFEFcFJaUE8FcozRaGyfKp kQIlWbIFjasG3NYOoKeG8GoqGGjE6GYFePIGacScS/sGmF6FgU2G2F4GqFuEyGBaUlcFkGCGUOCH sHIV4F6GGF7AeGEGSXPHiGQGCGIGiGAFajEFmGmG3KwJaHQPiIWHmGKGgFyHaP8LKFsG8h9PsHeH AL6FsGwF8FoHcMAGwHMfSHYHJIwHeHqHEGoHKSWroGYGaHCG2G+/WeouenCH6HWGiHSGTG1L0GOF c0EGMGcGYR4fQHAGI7UGwMyHAGoG054HCevIMG6HGGmNmh8F+FsGuGUGA7+GaHEHeHQj6g6G+FkF YGUGWd+HSHKHSTAQQG4HCGQGUGZQ+HkHKGQHKGa7+4SGfSyG7NkI0oUZVCAnGJU9YKi8yI+VQHio 0IuIYSQWGMk9Gb2deR+SGK+Q4VYHygdPmNgHmMjgGIQHcWG5Io4UEmydeUENWI2H2p4Hi40pCMkn UI2O2K6Hyp2HiRUtUPgUGH2IM88VkSs+CqsKeSMN2oRMnMsWPMZAxcQSIoZO9NOSIoCQtT0IEHsI mHkoym+n2JUdguqSLMoNW80HGGcF2GNCcFwGSewSQQ898EWEwF8FCEyFI1SFquCGEFUEwFKFOFuF 8GEF6FiGyGWF+GWFmGEGaE6Fyd0HKFigCGnWPOVmfmhmjNsNWGMa4GWFyW2DyEAFKEiEyMQR0MkE GFWFoEKEcFsEWEKFOFzCoE2EiE4EkEUFGFWzkGQ1iGCFMEwFmEuFSF6cCGJFEXkGrmloHoJoLCUN WHmHMHYGmGMJga2Gsa29K9WH4naraOtL0HCGHawd0KwGwJEkyHGfaVUfwMy4mGm4848cvoNpXpZp bpdpfphpjplpnppprptpvpxpzp1p3p5p7p9p/qBqDqFqHqJqLqNqPqRqTqVqXqZpqICACmVuZHN0 cmVhbQplbmRvYmoKMTMgMCBvYmoKOTc4MwplbmRvYmoKMTQgMCBvYmoKPDwKL0xlbmd0aCAxNSAw IFIKPj4Kc3RyZWFtCv///zY2Bkb05B4BnXoKeKSW0pZj3xuA5wV7BXL6G/QevDJV8jic5hy66Lk1 8jLZiQVv7OWLbcyR6dIE5O74A6orWJxj9YOAr2s65F5tvudyLtRYuUIkSiv2ThDkRxOPc2ws12Gv VxEbkfV5/7NhceI1yZt37uaj5TWzyn3GWfAzhseUNR6lUbCby69PLCExYuvM2dqzfMDoMIpl9+RV Kmodv6A7ZPLsAL2cT+q+gEyqTSWEAaJE6dPPT8q0pPQfwrPA/hiy6hhwh2haRumm8DfMdDhvuSFC iXAMPRUAXde0HdXNz8DlQEhOmo43QH5vDfOnfK3JvjY6ynRPy9Enf+79Tb6+M/4GgZiUudkTKOcH z2O0mSHr0+xfI7cxSjcgSITeBrfdDTl2ovJQtRs3veuacYS8XViovHtg7caXDg4c7BXUySIOQMQA kHocxzcHYamMHQbkxsNfJrEmvr802qtKr3VsvbUxvkWr2gzj4m6Mb4ySVFJVs3gG2jbFDhFxWMDn xX6c9jzioRbvhfldEWjppLw8+XC0AErrxln9OLK+H3c8vG54nhCPjZWI66bx1UquEUQfxkVpsQvD r0R2bWPtqR9bIb5ssEwBOTenKwzy2R02+ON8YpWIJkTMnLEviltP5nwNUi1aU2eR+5Ke7Wy8JGWg ocg2Ke569YssJRaHdPwEgk4y3KKabp4tDYuZybD/aVHHn3q2GnBCR5VYzwpU04yjBmlGoNjkzeVv Z64gZhhyLrfs5dFdJxnyf+j81LuJd8LyvmPKojCwEpheMv92pC0ukRMA7joZ4boB3Y69ZgZ/WcTj JGYU1HisM6urqlDZ2OLt2NEn8rLh85BwsfZ2MVA7FHShKEka1XzGgSYXW//5SNjLb8p9Ub4OwW8F OKBVc7XKFd4TL7OP9jS2DY+1B9eN0kdYUJkWXluGY5MnuQfcgxy6lkxtJkOi3VAxk1cJICpReXrq j9lFFTzZPPXgGXn90xBKQTaN4xTdFac1H8hfcEHZWtCyoObveSPlWgplbmRzdHJlYW0KZW5kb2Jq CjE1IDAgb2JqCjc2OAplbmRvYmoKeHJlZgowIDE2CjAwMDAwMDAwMDAgNjU1MzUgZiAKMDAwMDAw MDAxMCAwMDAwMCBuIAowMDAwMDAwMTg1IDAwMDAwIG4gCjAwMDAwMDAyMzQgMDAwMDAgbiAKMDAw MDAwMDI5MyAwMDAwMCBuIAowMDAwMDAwNDk3IDAwMDAwIG4gCjAwMDAwMDA1ODAgMDAwMDAgbiAK MDAwMDAwMDU5OCAwMDAwMCBuIAowMDAwMDAwNjM2IDAwMDAwIG4gCjAwMDAwMDA3NDQgMDAwMDAg biAKMDAwMDAxNDM5NiAwMDAwMCBuIAowMDAwMDE0NDE4IDAwMDAwIG4gCjAwMDAwMTQ0NjkgMDAw MDAgbiAKMDAwMDAyNDM5MSAwMDAwMCBuIAowMDAwMDI0NDEyIDAwMDAwIG4gCjAwMDAwMjUyMzUg MDAwMDAgbiAKdHJhaWxlcgo8PAovU2l6ZSAxNgovSW5mbyAxIDAgUgovUm9vdCAyIDAgUgo+Pgpz dGFydHhyZWYKMjUyNTUKJSVFT0YK --------------040304060002080404050106-- From pana-bounces@ietf.org Tue Jul 10 04:09:58 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8AnF-0003Wm-C8; Tue, 10 Jul 2007 04:09:57 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8AnD-0003Wg-Fg for pana@ietf.org; Tue, 10 Jul 2007 04:09:55 -0400 Received: from mout.perfora.net ([74.208.4.195]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I8An9-0003Nq-5c for pana@ietf.org; Tue, 10 Jul 2007 04:09:55 -0400 Received: from [77.67.158.135] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis), id 0MKp8S-1I8An50U6q-0002xu; Tue, 10 Jul 2007 04:09:50 -0400 From: "Alper Yegin" To: Date: Tue, 10 Jul 2007 11:09:42 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 Thread-Index: AcfCyatqjCEu59eBSpC881et61yFmw== Message-ID: <0MKp8S-1I8An50U6q-0002xu@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX18eg/y12TW01LQzIW5B71b3B5vL8YhIaSh4qzl HQDr54PAsMqWz78Mw8A3MP2Yoxa7Kh1pT+CUpm8ctFT5rkPs7n PvETrtS0S/0s4OnBiZeFQ== X-Spam-Score: 0.0 (/) X-Scan-Signature: 7aefe408d50e9c7c47615841cb314bed Subject: [Pana] Agenda request X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org If you'd like to have time on the PANA WG meeting agenda, please let us know. Alper _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From juigwnauh@tpnet.pl Tue Jul 10 08:40:16 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8F0q-0004MT-A2 for pana-archive@lists.ietf.org; Tue, 10 Jul 2007 08:40:16 -0400 Received: from abhc21.neoplus.adsl.tpnet.pl ([83.7.92.21] helo=abgf165.neoplus.adsl.tpnet.pl) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I8F0q-0003At-0s for pana-archive@lists.ietf.org; Tue, 10 Jul 2007 08:40:16 -0400 From: "Suite" To: pana-archive@lists.ietf.org Subject: Bad credit ok Date: Tue, 10 Jul 2007 14:40:23 -0200 MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_000_0004_01C7C300.3F3A7340" X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: AcfDAD86ivruTjoqT1+/M1+IOCE+Yg== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 Message-Id: <46B345501BA3D66.C24B19D5F5@tpnet.pl> X-Spam-Score: 2.6 (++) X-Scan-Signature: d6b246023072368de71562c0ab503126 ------=_NextPart_000_0004_01C7C300.3F3A7340 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Thank you for your loan request, which we recieved yesterday, your refinance application has been accepted

Good Credit or Not, We are ready to give you a $479,000 loan, after further review, our lenders have established the lowest monthly payments.

Approval process will take only 1 minute.

Please visit the confirmation link below and fill-out our short 30 second Secure Web-Form.

http://healtzzone.com/ ------=_NextPart_000_0004_01C7C300.3F3A7340-- From pana-bounces@ietf.org Tue Jul 10 09:21:57 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8Ff7-0004Kw-OX; Tue, 10 Jul 2007 09:21:53 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8Ff6-0004Js-4P for pana@ietf.org; Tue, 10 Jul 2007 09:21:52 -0400 Received: from [2001:418:1403:0:212:17ff:fe52:7811] (helo=toshi17.tari.toshiba.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I8Ff5-0004Ja-9r for pana@ietf.org; Tue, 10 Jul 2007 09:21:52 -0400 Received: from steelhead.localdomain (tarij-95.tari.toshiba.com [172.30.24.143]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id l6ADKkhq044851; Tue, 10 Jul 2007 09:20:46 -0400 (EDT) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.67) (envelope-from ) id 1I8Fdx-0003br-GY; Tue, 10 Jul 2007 09:20:41 -0400 Date: Tue, 10 Jul 2007 09:20:41 -0400 To: Alper Yegin Subject: Re: [Pana] RE: Proposed changes for algorithm negotiation Message-ID: <20070710132041.GC13640@steelhead.localdomain> References: <20070706233729.GF17506@steelhead.localdomain> <0MKpCa-1I7gUf3MUn-0001dx@mrelay.perfora.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Content-Disposition: inline In-Reply-To: <0MKpCa-1I7gUf3MUn-0001dx@mrelay.perfora.net> User-Agent: Mutt/1.5.13 (2006-08-11) From: Yoshihiro Ohba X-Spam-Score: 0.0 (/) X-Scan-Signature: 612a16ba5c5f570bfc42b3ac5606ac53 Cc: 'Sam Hartman' , 'Mark Townsley' , 'Yoshihiro Ohba' , 'Jari Arkko' , pana@ietf.org X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org On Mon, Jul 09, 2007 at 02:47:38AM +0300, Alper Yegin wrote: > Yoshi, > > > 5.4. Message Authentication > > > > A PANA message can contain an AUTH AVP for cryptographically > > protecting the message. > > > > When an AUTH AVP is included in the last PANA-Auth-Request and > > PANA-Auth-Answer messages with 'C' (Complete) bit set in the > > authentication and authorization phase, the value field of > > the AUTH AVP is calculated by using the PANA_AUTH_KEY in the > > following way: > > > > AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU, > > I_PAR, I_PAN) > > > > When an AUTH AVP is included in any other PANA message, the value > > field of the AUTH AVP is calculated in the following way: > > > > AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU) > > > Not sure which one is better: Having single formula in the spec (good for a > simpler spec), or not having to repeat the same AVPs at a later message > (good for reducing payload). I'm slightly leaning towards the former..... If that is the case, how about having I_PAR/I_PAN in the PANA_AUTH_KEY derivation algorithm, and keeping the currently defined AUTH AVP calculation algorithm in pana-pana-17 as it is? I mean: PANA_AUTH_KEY = prf+(MSK, I_PAR|I_PAN|PaC_nonce|PAA_nonce|Key_ID) (SessionID is included in I_PAR and I_PAN.) Yoshihiro Ohba > > > > In the above AUTH AVP calculation algorithms, PANA_PDU represents > > the PANA message including the PANA header, with the AUTH AVP value > > field first initialized to 0. I_PAR is the initial > > PANA-Auth-Request message with 'S' (Start) bit set. I_PAN is the > > initial PANA-Auth-Answer message with 'S' (Start) bit set. > > So that people don't mistakenly take the whole IP packet as the PANA > message, let's say "I_PAR is the initial PANA-Auth-Request message (the PANA > header and the following PANA AVPs) with 'S' (Start) bit set." > > Alper > > > > > PANA_AUTH_HASH represents the integrity algorithm negotiated during > > the initial PANA-Auth-Request and PANA-Auth-Answer message > > exchange. > > " > > > > [8] Change PAR format in Section 7.2 as follows: > > > > PANA-Auth-Request ::= < PANA-Header: 2, REQ[,STA][,COM] > > > [ EAP-Payload ] > > [ Nonce ] > > * [ PRF-Algorithm ] > > * [ Integrity-Algorithm ] > > [ Result-Code ] > > [ Session-Lifetime ] > > [ Key-Id ] > > * [ AVP ] > > 0*1 < AUTH > > > > > [9] Change PAR format in Section 7.3 as follows: > > > > PANA-Auth-Answer ::= < PANA-Header: 2 [,STA][,COM] > > > [ Nonce ] > > [ EAP-Payload ] > > [ PRF-Algorithm ] > > [ Integrity-Algorithm ] > > [ Key-Id ] > > * [ AVP ] > > 0*1 < AUTH > > > > > [10] Change AVP occurrence table as follows: > > > > The table uses the following symbols: > > > > 0 The AVP MUST NOT be present in the message. > > > > 0-1 Zero or one instance of the AVP MAY be present in the message. > > It is considered an error if there are more than one instance > > of the AVP. > > > > 1 One instance of the AVP MUST be present in the message. > > > > 0+ Zero or more instance of the AVP MAY be present in the message. > > > > > > > > +---------------------------+ > > | Message Type | > > +---+---+---+---+---+---+---+ > > Attribute Name |PCI|PAR|PAN|PTR|PTA|PNR|PNA| > > ----------------------+---+---+---+---+---+---+---+ > > PRF-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | > > Integrity-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | > > AUTH | 0 |0-1|0-1|0-1|0-1|0-1|0-1| > > EAP-Payload | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > > Key-Id | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > > Nonce | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > > Result-Code | 0 |0-1| 0 | 0 | 0 | 0 | 0 | > > Session-Lifetime | 0 |0-1| 0 | 0 | 0 | 0 | 0 | > > Termination-Cause | 0 | 0 | 0 | 1 | 0 | 0 | 0 | > > ----------------------+---+---+---+---+---+---+---+ > > > > Figure 4: AVP Occurrence Table > > > > [11] Remove Section 8.1 (Algorithm AVP) and add the following sections > > instead: > > > > " > > 8.X. Integrity-Algorithm AVP > > > > The PRF-Algorithm AVP (AVP Code X) is used for conveying the the > > integrity algorithm to compute an AUTH AVP. The AVP data is of > > type Unsigned32. > > > > The AVP data contains an IKEv2 Transform ID of Transform Type 3 > > [RFC4306] for the integrity algorithm. > > > > All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) > > [RFC4595]. > > " > > > > " > > 8.Y. PRF-Algorithm AVP > > > > The PRF-Algorithm AVP (AVP Code Y) is used for conveying the > > pseudo-random function to derive PANA_AUTH_KEY. The AVP data is of > > type Unsigned32. > > > > The AVP data contains an IKEv2 Transform ID of Transform Type 2 > > [RFC4306]. > > > > All PANA implementations MUST support PRF_HMAC_SHA1 (2) [RFC2104]. > > " > > > > (Note: Unsigned32 is used here instead of Unsigned16 because RFC3588 > > does not define Unsigned16 datatype.) > > > > [12] Change Section 8.2: > > > > " > > 8.2. AUTH AVP > > > > The AUTH AVP (AVP Code 2) is used to integrity protect PANA messages. > > The AVP data payload contains the Message Authentication Code encoded > > in network byte order. The AVP length varies depending on the > > integrity algorithm specified in an Algorithm AVP. The AVP data is > > of type OctetString. > > " > > > > to: > > > > " > > 8.2. AUTH AVP > > > > The AUTH AVP (AVP Code 2) is used to integrity protect PANA > > messages. The AVP data payload contains the Message Authentication > > Code encoded in network byte order. The AVP length varies > > depending on the integrity algorithm negotiated in the initial > > PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' bit set > > using Integrity-Algorithm AVP. The AVP data is of type > > OctetString. > > " > > > > [13] Change the following paragraph of Section 10.3.1: > > > > " > > AVP Code 0 is not used. This document defines the AVP Codes 1-8. > > See Section 8.1 through Section 8.8 for the assignment of the > > namespace in this specification. > > " > > > > to: > > > > " > > AVP Code 0 is not used. This document defines the AVP Codes 1-9. > > See Section 8.1 through Section 8.9 for the assignment of the > > namespace in this specification. > > " > > > > [14] Remove the following paragraph from Section 11.2: > > > > " > > In networks where lower-layers are not secured prior to running PANA, > > the capability discovery enabled through inclusion of an Algorithm > > AVP in the initial PANA-Auth-Request message is susceptible to > > spoofing leading to DoS attacks. Therefore, usage of this AVP during > > the initial message exchange in such insecure networks is NOT > > RECOMMENDED. The same AVP is delivered with integrity protection via > > the last PANA-Auth-Request message upon successful authentication. > > " > > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www1.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jul 10 16:28:46 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8MKE-0004eZ-17; Tue, 10 Jul 2007 16:28:46 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8MKC-0004dz-P2 for pana@ietf.org; Tue, 10 Jul 2007 16:28:44 -0400 Received: from mout.perfora.net ([74.208.4.195]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I8MK8-0002BF-5h for pana@ietf.org; Tue, 10 Jul 2007 16:28:44 -0400 Received: from [86.108.169.234] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis), id 0MKpCa-1I8MJr1Lg2-0001Z1; Tue, 10 Jul 2007 16:28:34 -0400 From: "Alper Yegin" To: "'Yoshihiro Ohba'" Subject: RE: [Pana] RE: Proposed changes for algorithm negotiation Date: Tue, 10 Jul 2007 23:28:18 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 In-Reply-To: <20070710132041.GC13640@steelhead.localdomain> Thread-Index: AcfC9Uq8cumX3Y2yQrmsPjdL29GxrgAO27BA Message-ID: <0MKpCa-1I8MJr1Lg2-0001Z1@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX18RcBhDfs0jpM9faEtVdAU7ONC179KfVNMRJ32 LCVjfGOYf6nFk/eXtiXGIYocEdsp+jYCngDhFlS2WFm91yHRIf 6fEu9snRqU/cqwSCsj09Q== X-Spam-Score: 0.0 (/) X-Scan-Signature: b84f8c8fba0e1389e5eb998b64078964 Cc: 'Sam Hartman' , 'Mark Townsley' , 'Jari Arkko' , pana@ietf.org X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org That makes sense to me. Alper > -----Original Message----- > From: Yoshihiro Ohba [mailto:yohba@tari.toshiba.com] > Sent: Tuesday, July 10, 2007 4:21 PM > To: Alper Yegin > Cc: 'Yoshihiro Ohba'; 'Mark Townsley'; 'Jari Arkko'; 'Sam Hartman'; > pana@ietf.org > Subject: Re: [Pana] RE: Proposed changes for algorithm negotiation > > On Mon, Jul 09, 2007 at 02:47:38AM +0300, Alper Yegin wrote: > > Yoshi, > > > > > 5.4. Message Authentication > > > > > > A PANA message can contain an AUTH AVP for cryptographically > > > protecting the message. > > > > > > When an AUTH AVP is included in the last PANA-Auth-Request and > > > PANA-Auth-Answer messages with 'C' (Complete) bit set in the > > > authentication and authorization phase, the value field of > > > the AUTH AVP is calculated by using the PANA_AUTH_KEY in the > > > following way: > > > > > > AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU, > > > I_PAR, I_PAN) > > > > > > When an AUTH AVP is included in any other PANA message, the value > > > field of the AUTH AVP is calculated in the following way: > > > > > > AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU) > > > > > > Not sure which one is better: Having single formula in the spec (good > for a > > simpler spec), or not having to repeat the same AVPs at a later message > > (good for reducing payload). I'm slightly leaning towards the > former..... > > If that is the case, how about having I_PAR/I_PAN in the PANA_AUTH_KEY > derivation algorithm, and keeping the currently defined AUTH AVP > calculation algorithm in pana-pana-17 as it is? I mean: > > PANA_AUTH_KEY = prf+(MSK, I_PAR|I_PAN|PaC_nonce|PAA_nonce|Key_ID) > > (SessionID is included in I_PAR and I_PAN.) > > Yoshihiro Ohba > > > > > > > > In the above AUTH AVP calculation algorithms, PANA_PDU represents > > > the PANA message including the PANA header, with the AUTH AVP value > > > field first initialized to 0. I_PAR is the initial > > > PANA-Auth-Request message with 'S' (Start) bit set. I_PAN is the > > > initial PANA-Auth-Answer message with 'S' (Start) bit set. > > > > So that people don't mistakenly take the whole IP packet as the PANA > > message, let's say "I_PAR is the initial PANA-Auth-Request message (the > PANA > > header and the following PANA AVPs) with 'S' (Start) bit set." > > > > Alper > > > > > > > > > PANA_AUTH_HASH represents the integrity algorithm negotiated during > > > the initial PANA-Auth-Request and PANA-Auth-Answer message > > > exchange. > > > " > > > > > > [8] Change PAR format in Section 7.2 as follows: > > > > > > PANA-Auth-Request ::= < PANA-Header: 2, REQ[,STA][,COM] > > > > [ EAP-Payload ] > > > [ Nonce ] > > > * [ PRF-Algorithm ] > > > * [ Integrity-Algorithm ] > > > [ Result-Code ] > > > [ Session-Lifetime ] > > > [ Key-Id ] > > > * [ AVP ] > > > 0*1 < AUTH > > > > > > > [9] Change PAR format in Section 7.3 as follows: > > > > > > PANA-Auth-Answer ::= < PANA-Header: 2 [,STA][,COM] > > > > [ Nonce ] > > > [ EAP-Payload ] > > > [ PRF-Algorithm ] > > > [ Integrity-Algorithm ] > > > [ Key-Id ] > > > * [ AVP ] > > > 0*1 < AUTH > > > > > > > [10] Change AVP occurrence table as follows: > > > > > > The table uses the following symbols: > > > > > > 0 The AVP MUST NOT be present in the message. > > > > > > 0-1 Zero or one instance of the AVP MAY be present in the > message. > > > It is considered an error if there are more than one instance > > > of the AVP. > > > > > > 1 One instance of the AVP MUST be present in the message. > > > > > > 0+ Zero or more instance of the AVP MAY be present in the > message. > > > > > > > > > > > > +---------------------------+ > > > | Message Type | > > > +---+---+---+---+---+---+---+ > > > Attribute Name |PCI|PAR|PAN|PTR|PTA|PNR|PNA| > > > ----------------------+---+---+---+---+---+---+---+ > > > PRF-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | > > > Integrity-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | > > > AUTH | 0 |0-1|0-1|0-1|0-1|0-1|0-1| > > > EAP-Payload | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > > > Key-Id | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > > > Nonce | 0 |0-1|0-1| 0 | 0 | 0 | 0 | > > > Result-Code | 0 |0-1| 0 | 0 | 0 | 0 | 0 | > > > Session-Lifetime | 0 |0-1| 0 | 0 | 0 | 0 | 0 | > > > Termination-Cause | 0 | 0 | 0 | 1 | 0 | 0 | 0 | > > > ----------------------+---+---+---+---+---+---+---+ > > > > > > Figure 4: AVP Occurrence Table > > > > > > [11] Remove Section 8.1 (Algorithm AVP) and add the following sections > > > instead: > > > > > > " > > > 8.X. Integrity-Algorithm AVP > > > > > > The PRF-Algorithm AVP (AVP Code X) is used for conveying the the > > > integrity algorithm to compute an AUTH AVP. The AVP data is of > > > type Unsigned32. > > > > > > The AVP data contains an IKEv2 Transform ID of Transform Type 3 > > > [RFC4306] for the integrity algorithm. > > > > > > All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) > > > [RFC4595]. > > > " > > > > > > " > > > 8.Y. PRF-Algorithm AVP > > > > > > The PRF-Algorithm AVP (AVP Code Y) is used for conveying the > > > pseudo-random function to derive PANA_AUTH_KEY. The AVP data is of > > > type Unsigned32. > > > > > > The AVP data contains an IKEv2 Transform ID of Transform Type 2 > > > [RFC4306]. > > > > > > All PANA implementations MUST support PRF_HMAC_SHA1 (2) [RFC2104]. > > > " > > > > > > (Note: Unsigned32 is used here instead of Unsigned16 because RFC3588 > > > does not define Unsigned16 datatype.) > > > > > > [12] Change Section 8.2: > > > > > > " > > > 8.2. AUTH AVP > > > > > > The AUTH AVP (AVP Code 2) is used to integrity protect PANA > messages. > > > The AVP data payload contains the Message Authentication Code > encoded > > > in network byte order. The AVP length varies depending on the > > > integrity algorithm specified in an Algorithm AVP. The AVP data is > > > of type OctetString. > > > " > > > > > > to: > > > > > > " > > > 8.2. AUTH AVP > > > > > > The AUTH AVP (AVP Code 2) is used to integrity protect PANA > > > messages. The AVP data payload contains the Message Authentication > > > Code encoded in network byte order. The AVP length varies > > > depending on the integrity algorithm negotiated in the initial > > > PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' bit set > > > using Integrity-Algorithm AVP. The AVP data is of type > > > OctetString. > > > " > > > > > > [13] Change the following paragraph of Section 10.3.1: > > > > > > " > > > AVP Code 0 is not used. This document defines the AVP Codes 1-8. > > > See Section 8.1 through Section 8.8 for the assignment of the > > > namespace in this specification. > > > " > > > > > > to: > > > > > > " > > > AVP Code 0 is not used. This document defines the AVP Codes 1-9. > > > See Section 8.1 through Section 8.9 for the assignment of the > > > namespace in this specification. > > > " > > > > > > [14] Remove the following paragraph from Section 11.2: > > > > > > " > > > In networks where lower-layers are not secured prior to running > PANA, > > > the capability discovery enabled through inclusion of an Algorithm > > > AVP in the initial PANA-Auth-Request message is susceptible to > > > spoofing leading to DoS attacks. Therefore, usage of this AVP > during > > > the initial message exchange in such insecure networks is NOT > > > RECOMMENDED. The same AVP is delivered with integrity protection > via > > > the last PANA-Auth-Request message upon successful authentication. > > > " > > > > > > _______________________________________________ > > Pana mailing list > > Pana@ietf.org > > https://www1.ietf.org/mailman/listinfo/pana > > _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From teq@dgo.megared.net.mx Wed Jul 11 05:08:37 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8YBZ-0000Rd-T5 for pana-archive@lists.ietf.org; Wed, 11 Jul 2007 05:08:37 -0400 Received: from auh-as9919.alshamil.net.ae ([217.164.133.13]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I8YBU-0001Xg-PZ for pana-archive@lists.ietf.org; Wed, 11 Jul 2007 05:08:37 -0400 Received: (qmail 24709 invoked from network); Wed, 11 Jul 2007 13:11:04 +0400 Received: from unknown (HELO qgyq) (82.121.46.131) by auh-as9919.alshamil.net.ae with SMTP; Wed, 11 Jul 2007 13:11:04 +0400 Message-ID: <46949EA8.7080503@dgo.megared.net.mx> Date: Wed, 11 Jul 2007 13:11:04 +0400 From: Simon User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: extinction Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 2.2 (++) X-Scan-Signature: b7b9551d71acde901886cc48bfc088a6 Vision Airships Global Expansion! BANGKOK, THAILAND, Jul 09, 2007 (MARKET WIRE via COMTEX) -- Vision Airships Inc. (PINKSHEETS: VPSN) -- The company wishes to announce that it has finalized arrangements for funding for its global expansion. Vision Airships is set to become a worldwide operator of blimps used for advertising around the world. As the advertising market gets more crowded in conventional mediums -- the use of alternative forms of advertising is gaining more and more traction -- this is where Vision Airships comes in and supplies the end to end solution to major advertisers worldwide with its unique form of alternative displays. The size of the market worldwide will support 24 airships which would bring in approximately $400,000,000 annually. Check out the news and get on VPSN first thing Wednesday! He is searching for men and women like you and me, mere people made up of flesh, bone, and blood. A truly cheerful face radiates from a relaxed, joyful heart. He is searching for men and women like you and me, mere people made up of flesh, bone, and blood. com is a proud member of the Salem Web Network, a subsidiary of Salem Communications Corporation. Insight for Living is committed to excellence in communicating biblical truth and its application. Being a good neighbor by Jesus' definition means understanding that your faith is lived out against the backdrop of everyday relationships that come across your path. Ours is a walk of faith, not sight. Then where did it come from? A pastor at heart, Chuck. A truly cheerful face radiates from a relaxed, joyful heart. I know of many who have! Learn how to create a unique family mission statement. Give your faith a lift and praise God for His faithfulness. The well-manicured front lawn is a modern moat that keeps barbarians at bay. Ours is a walk of faith, not sight. Then where did it come from? Pushed together but uninvolved. Colleen and her husband, Mark, recently moved to Southern California where Mark pastors a growing church. but I'll never forget. When it shined light into your soul like the first glowing dawn following a month of clouds? Being a good neighbor by Jesus' definition means understanding that your faith is lived out against the backdrop of everyday relationships that come across your path. Learn how to create a unique family mission statement. He is searching for men and women like you and me, mere people made up of flesh, bone, and blood. When it shined light into your soul like the first glowing dawn following a month of clouds? Give your faith a lift and praise God for His faithfulness. com is a proud member of the Salem Web Network, a subsidiary of Salem Communications Corporation. From her own heart, she expresses the fears they've faced and the triumphs they've known. We hear that so much, it's easy to shrug it off as "only natural. Although crowded, we are lonely. The well-manicured front lawn is a modern moat that keeps barbarians at bay. When your first love for Christ blossomed? We hear that so much, it's easy to shrug it off as "only natural. We are alienated from each other. but I'll never forget. But He is also looking for certain qualities in those people, like the qualities He found in Esther. even the White House. Give your faith a lift and praise God for His faithfulness. Life is not about your being comfortable and happy and successful and pain free. Although crowded, we are lonely. When it shined light into your soul like the first glowing dawn following a month of clouds? even the White House. When your first love for Christ blossomed? When it shined light into your soul like the first glowing dawn following a month of clouds? He is searching for men and women like you and me, mere people made up of flesh, bone, and blood. From pana-bounces@ietf.org Wed Jul 11 06:29:44 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8ZS0-0002ID-JX; Wed, 11 Jul 2007 06:29:40 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8ZRy-0002HP-Qq for pana@ietf.org; Wed, 11 Jul 2007 06:29:38 -0400 Received: from p130.piuha.net ([193.234.218.130]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I8ZRu-0003Up-20 for pana@ietf.org; Wed, 11 Jul 2007 06:29:38 -0400 Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 4138419866E; Wed, 11 Jul 2007 13:29:33 +0300 (EEST) Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id DA04A19866D; Wed, 11 Jul 2007 13:29:32 +0300 (EEST) Message-ID: <4694B10D.2020403@piuha.net> Date: Wed, 11 Jul 2007 13:29:33 +0300 From: Jari Arkko User-Agent: Thunderbird 1.5.0.12 (X11/20070604) MIME-Version: 1.0 To: Alper Yegin Subject: Re: [Pana] RE: Proposed changes for algorithm negotiation References: <0MKpCa-1I8MJr1Lg2-0001Z1@mrelay.perfora.net> In-Reply-To: <0MKpCa-1I8MJr1Lg2-0001Z1@mrelay.perfora.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-Spam-Score: 0.0 (/) X-Scan-Signature: 71f780ffdd80c541d3e75aa5f2710d3d Cc: 'Mark Townsley' , 'Yoshihiro Ohba' , 'Sam Hartman' , pana@ietf.org X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org This would also work for me. Jari Alper Yegin kirjoitti: > That makes sense to me. > > Alper > > >> -----Original Message----- >> From: Yoshihiro Ohba [mailto:yohba@tari.toshiba.com] >> Sent: Tuesday, July 10, 2007 4:21 PM >> To: Alper Yegin >> Cc: 'Yoshihiro Ohba'; 'Mark Townsley'; 'Jari Arkko'; 'Sam Hartman'; >> pana@ietf.org >> Subject: Re: [Pana] RE: Proposed changes for algorithm negotiation >> >> On Mon, Jul 09, 2007 at 02:47:38AM +0300, Alper Yegin wrote: >> >>> Yoshi, >>> >>> >>>> 5.4. Message Authentication >>>> >>>> A PANA message can contain an AUTH AVP for cryptographically >>>> protecting the message. >>>> >>>> When an AUTH AVP is included in the last PANA-Auth-Request and >>>> PANA-Auth-Answer messages with 'C' (Complete) bit set in the >>>> authentication and authorization phase, the value field of >>>> the AUTH AVP is calculated by using the PANA_AUTH_KEY in the >>>> following way: >>>> >>>> AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU, >>>> I_PAR, I_PAN) >>>> >>>> When an AUTH AVP is included in any other PANA message, the value >>>> field of the AUTH AVP is calculated in the following way: >>>> >>>> AUTH AVP value = PANA_AUTH_HASH(PANA_AUTH_KEY, PANA_PDU) >>>> >>> Not sure which one is better: Having single formula in the spec (good >>> >> for a >> >>> simpler spec), or not having to repeat the same AVPs at a later message >>> (good for reducing payload). I'm slightly leaning towards the >>> >> former..... >> >> If that is the case, how about having I_PAR/I_PAN in the PANA_AUTH_KEY >> derivation algorithm, and keeping the currently defined AUTH AVP >> calculation algorithm in pana-pana-17 as it is? I mean: >> >> PANA_AUTH_KEY = prf+(MSK, I_PAR|I_PAN|PaC_nonce|PAA_nonce|Key_ID) >> >> (SessionID is included in I_PAR and I_PAN.) >> >> Yoshihiro Ohba >> >> >>> >>>> In the above AUTH AVP calculation algorithms, PANA_PDU represents >>>> the PANA message including the PANA header, with the AUTH AVP value >>>> field first initialized to 0. I_PAR is the initial >>>> PANA-Auth-Request message with 'S' (Start) bit set. I_PAN is the >>>> initial PANA-Auth-Answer message with 'S' (Start) bit set. >>>> >>> So that people don't mistakenly take the whole IP packet as the PANA >>> message, let's say "I_PAR is the initial PANA-Auth-Request message (the >>> >> PANA >> >>> header and the following PANA AVPs) with 'S' (Start) bit set." >>> >>> Alper >>> >>> >>> >>> >>>> PANA_AUTH_HASH represents the integrity algorithm negotiated during >>>> the initial PANA-Auth-Request and PANA-Auth-Answer message >>>> exchange. >>>> " >>>> >>>> [8] Change PAR format in Section 7.2 as follows: >>>> >>>> PANA-Auth-Request ::= < PANA-Header: 2, REQ[,STA][,COM] > >>>> [ EAP-Payload ] >>>> [ Nonce ] >>>> * [ PRF-Algorithm ] >>>> * [ Integrity-Algorithm ] >>>> [ Result-Code ] >>>> [ Session-Lifetime ] >>>> [ Key-Id ] >>>> * [ AVP ] >>>> 0*1 < AUTH > >>>> >>>> [9] Change PAR format in Section 7.3 as follows: >>>> >>>> PANA-Auth-Answer ::= < PANA-Header: 2 [,STA][,COM] > >>>> [ Nonce ] >>>> [ EAP-Payload ] >>>> [ PRF-Algorithm ] >>>> [ Integrity-Algorithm ] >>>> [ Key-Id ] >>>> * [ AVP ] >>>> 0*1 < AUTH > >>>> >>>> [10] Change AVP occurrence table as follows: >>>> >>>> The table uses the following symbols: >>>> >>>> 0 The AVP MUST NOT be present in the message. >>>> >>>> 0-1 Zero or one instance of the AVP MAY be present in the >>>> >> message. >> >>>> It is considered an error if there are more than one instance >>>> of the AVP. >>>> >>>> 1 One instance of the AVP MUST be present in the message. >>>> >>>> 0+ Zero or more instance of the AVP MAY be present in the >>>> >> message. >> >>>> >>>> +---------------------------+ >>>> | Message Type | >>>> +---+---+---+---+---+---+---+ >>>> Attribute Name |PCI|PAR|PAN|PTR|PTA|PNR|PNA| >>>> ----------------------+---+---+---+---+---+---+---+ >>>> PRF-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | >>>> Integrity-Algorithm | 0 |0+ |0-1| 0 | 0 | 0 | 0 | >>>> AUTH | 0 |0-1|0-1|0-1|0-1|0-1|0-1| >>>> EAP-Payload | 0 |0-1|0-1| 0 | 0 | 0 | 0 | >>>> Key-Id | 0 |0-1|0-1| 0 | 0 | 0 | 0 | >>>> Nonce | 0 |0-1|0-1| 0 | 0 | 0 | 0 | >>>> Result-Code | 0 |0-1| 0 | 0 | 0 | 0 | 0 | >>>> Session-Lifetime | 0 |0-1| 0 | 0 | 0 | 0 | 0 | >>>> Termination-Cause | 0 | 0 | 0 | 1 | 0 | 0 | 0 | >>>> ----------------------+---+---+---+---+---+---+---+ >>>> >>>> Figure 4: AVP Occurrence Table >>>> >>>> [11] Remove Section 8.1 (Algorithm AVP) and add the following sections >>>> instead: >>>> >>>> " >>>> 8.X. Integrity-Algorithm AVP >>>> >>>> The PRF-Algorithm AVP (AVP Code X) is used for conveying the the >>>> integrity algorithm to compute an AUTH AVP. The AVP data is of >>>> type Unsigned32. >>>> >>>> The AVP data contains an IKEv2 Transform ID of Transform Type 3 >>>> [RFC4306] for the integrity algorithm. >>>> >>>> All PANA implementations MUST support AUTH_HMAC_SHA1_160 (7) >>>> [RFC4595]. >>>> " >>>> >>>> " >>>> 8.Y. PRF-Algorithm AVP >>>> >>>> The PRF-Algorithm AVP (AVP Code Y) is used for conveying the >>>> pseudo-random function to derive PANA_AUTH_KEY. The AVP data is of >>>> type Unsigned32. >>>> >>>> The AVP data contains an IKEv2 Transform ID of Transform Type 2 >>>> [RFC4306]. >>>> >>>> All PANA implementations MUST support PRF_HMAC_SHA1 (2) [RFC2104]. >>>> " >>>> >>>> (Note: Unsigned32 is used here instead of Unsigned16 because RFC3588 >>>> does not define Unsigned16 datatype.) >>>> >>>> [12] Change Section 8.2: >>>> >>>> " >>>> 8.2. AUTH AVP >>>> >>>> The AUTH AVP (AVP Code 2) is used to integrity protect PANA >>>> >> messages. >> >>>> The AVP data payload contains the Message Authentication Code >>>> >> encoded >> >>>> in network byte order. The AVP length varies depending on the >>>> integrity algorithm specified in an Algorithm AVP. The AVP data is >>>> of type OctetString. >>>> " >>>> >>>> to: >>>> >>>> " >>>> 8.2. AUTH AVP >>>> >>>> The AUTH AVP (AVP Code 2) is used to integrity protect PANA >>>> messages. The AVP data payload contains the Message Authentication >>>> Code encoded in network byte order. The AVP length varies >>>> depending on the integrity algorithm negotiated in the initial >>>> PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' bit set >>>> using Integrity-Algorithm AVP. The AVP data is of type >>>> OctetString. >>>> " >>>> >>>> [13] Change the following paragraph of Section 10.3.1: >>>> >>>> " >>>> AVP Code 0 is not used. This document defines the AVP Codes 1-8. >>>> See Section 8.1 through Section 8.8 for the assignment of the >>>> namespace in this specification. >>>> " >>>> >>>> to: >>>> >>>> " >>>> AVP Code 0 is not used. This document defines the AVP Codes 1-9. >>>> See Section 8.1 through Section 8.9 for the assignment of the >>>> namespace in this specification. >>>> " >>>> >>>> [14] Remove the following paragraph from Section 11.2: >>>> >>>> " >>>> In networks where lower-layers are not secured prior to running >>>> >> PANA, >> >>>> the capability discovery enabled through inclusion of an Algorithm >>>> AVP in the initial PANA-Auth-Request message is susceptible to >>>> spoofing leading to DoS attacks. Therefore, usage of this AVP >>>> >> during >> >>>> the initial message exchange in such insecure networks is NOT >>>> RECOMMENDED. The same AVP is delivered with integrity protection >>>> >> via >> >>>> the last PANA-Auth-Request message upon successful authentication. >>>> " >>>> >>> _______________________________________________ >>> Pana mailing list >>> Pana@ietf.org >>> https://www1.ietf.org/mailman/listinfo/pana >>> >>> > > > > _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Thu Jul 12 05:50:02 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8vJB-0002BA-9J; Thu, 12 Jul 2007 05:50:01 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I8vJA-0002B2-4v for pana@ietf.org; Thu, 12 Jul 2007 05:50:00 -0400 Received: from mout.perfora.net ([74.208.4.195]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I8vJ5-0004eC-Sl for pana@ietf.org; Thu, 12 Jul 2007 05:50:00 -0400 Received: from [85.103.239.77] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis), id 0MKpCa-1I8vIk17SY-0001d2; Thu, 12 Jul 2007 05:49:40 -0400 From: "Alper Yegin" To: "'Sam Hartman'" Date: Thu, 12 Jul 2007 12:49:31 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: Ace6iwiMB1l6Y2NMTZmw2K8ivPBbsABoom9AAg74HJA= X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 In-Reply-To: Message-ID: <0MKpCa-1I8vIk17SY-0001d2@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX1/R9cvkH+vVdhT+qy4TXR9klr499knnks2t0zZ GxSIyJdgPIr/gOrgMIhtzDq3Vs1Rw89qm2UybjfnRIIM9k2wYI 3SUu4qd63ltP9/PO+e4mQ== X-Spam-Score: 0.0 (/) X-Scan-Signature: c0bedb65cce30976f0bf60a0a39edea4 Cc: 'Mark Townsley' , 'Jari Arkko' , pana@ietf.org Subject: [Pana] data origin auth X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org Hi Sam, Please see below for my response regarding the language about data origin authentication in the spec. Let us know if it makes sense, so we keep the current text as-is; or you still recommend a change. Thanks Alper > > Sam> Similarly, I'm concerned that the blanket claim that if a > > Sam> link does not provide security then security is required at a > > Sam> higher layer. I agree that PANA integrity protection is > > Sam> required, but for example I don't see why data origin > > Sam> authentication or connectionless integrity is required for > > Sam> most Internet traffic. I think the security considerations > > Sam> section could be reworked to talk a lot more about tradeoffs > > Sam> and a lot less about hard requirements. Some hard > > Sam> requirements are probably still necessary. > > > > -> We can remove references to any specific network types > > -> (DSL/3GPP2), and > > > physical vs. cryptographic security. > > > > -> I think what we are really concerned is data origin > > -> authentication, > > > integrity and replay protection (not confidentiality, like > > > the current spec is saying). Those are important, because > > > they are the primary tools for enforcement points in policing > > > the data traffic. Unless there is a way to perform data > > > origin authentication, the enforcement points cannot > > > distinguish traffic of authenticated clients from > > > unauthenticated clients. > > > > I'm not sure this is true in practice. I'm sitting at a wireless > > hotspot. I log into a web page and give them my credit card number. > > MAC address seems to be good enuogh. It does not provide data origin > > authentication, but it seems to be operationally good enough. > > Yes it's true that many users and hotspot operators are using such a > scheme (UAM -- Universal Authentication Method) everyday. It's very > "practical" because it does not require any special client (just web > browser), but it's "security is very weak." The only reason it's being > used (and widely used!) is that the operators cannot practically install > 3rd party software on the client base. And they (and unknowingly the > users) trade a lot of security for a lot of practicality. > > More specifically, anyone can impersonate your PC and spoof and consume > traffic on your behalf. And anyone can impersonate the wireless hotspot > and spoof and consume traffic on its behalf. (And that effectively negates > the whole idea behind "access authentication.") These threats are possible > because there is no cryptographic protection (data origin auth) of the > data traffic after the client and the network authenticated each other. > > The next step from UAM would be to use an EAP-based solution. The > appropriate client software would include EAP methods, EAP, EAP lower > layer (IEEE 802.11i, IEEE 802.16e PKMv2, PANA, etc.), L2/L3 per-packet > crypto protection, etc. Hosts with such a package would naturally utilize > data origin authentication. > _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From sjniz@coocretal.cl Sat Jul 14 13:41:07 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9lcA-0002xK-Qn for pana-archive@lists.ietf.org; Sat, 14 Jul 2007 13:41:07 -0400 Received: from mail.outsource.us.com ([213.131.122.102]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1I9lc6-0007Xg-1C for pana-archive@lists.ietf.org; Sat, 14 Jul 2007 13:41:06 -0400 Received: (qmail 9166 invoked from network); Sat, 14 Jul 2007 18:41:09 +0100 Received: from unknown (HELO hvxi) (197.191.187.158) by mail.outsource.us.com with SMTP; Sat, 14 Jul 2007 18:41:09 +0100 Message-ID: <46990AB5.2050108@coocretal.cl> Date: Sat, 14 Jul 2007 18:41:09 +0100 From: Woodruff User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: humor Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 4.3 (++++) X-Scan-Signature: 6e922792024732fb1bb6f346e63517e4 SZSN Goes Through The Roof! UP 37.5% Shandong Zhouyuan Seed and Nursery Co., Ltd (SZSN) $0.33 UP 37.5% Brokers are grabbing up SZSN like crazy after two news releases this week. Huge expansion plus multi-million dollar development projects are pushing share prices through the roof. Act fast and get on SZSN first thing Monday! Not only does this help explain of the impact of cultural differences, but it will be particularly helpful to people considering mergers or acquisitions or a move to another organisation. Creating riches will at the same time garner huge rewards to the CEO and his key staff. Complicated Management If you think that management is becoming increasingly complicated, you are probably correct. All of which meant that if other companies enjoyed higher productivity, that they had an even bigger opportunity than they had previously thought. If the new CEO is able to increase profits by just a small percentage, then the costs of their wages will pale into insignificance. Help to make a motivated, industrious and enjoyable work environment for yourself and your colleagues. The message of course is to be careful about your assumptions - they can fence you in! A common perception was that, while all of the issues raised are very real, the Chinese government is aware and talking quite openly about most of them. One example is the internet, which is constantly reinventing the complete customer process, from information to after-sales. Twelfth, tell the WE story. Creativity is always involved in design in one sense. Creating riches will at the same time garner huge rewards to the CEO and his key staff. Managers must show analysis and decision-making skills and the ability to seize a situation and make the best of it. Click here if you would like to purchase a copy of this book. The key to success is the strength of the whole management team, and of its relationship with customers and workforce. Focus on being inclusive and considering what is best for all. There was no use for perceptual thought because the starting points were not matters of human perception but fixed dogmas. Should China give in to US pressure to revalue the Reminbi, most believe that this would have a significant impact on demand for Chinese goods and services. Scolari has worked at club as well as international level, has worked in different countries and across different continents and has led two national sides. Once a person taps into their deep hunger, action and movement begin to occur because of the desire to "be fed". What is your bigger yearning? Well, who doesn't want to be a skilled artist, whether in the director's chair, the boardroom, on the factory floor, or even just in dealing with life's everyday situations? If we want everyone to succeed, it may well be that we need to make changes to this model. Energy supply was seen as a major potential hurdle along with rising traffic congestion and air pollution. Waiting to begin is the worst part, but once you have started then your adrenaline and enthusiasm will make you shine. I wrote that I want us "to have faith and take action". Big-time managers and their advisers have spotted the advantages of small-time management and they have tried to replicate them. These positions are summarised below. Design always carries with it some risk. The bottom line is "it is not about you". One example is the internet, which is constantly reinventing the complete customer process, from information to after-sales. Your Purpose is not about fulfilling some personal need or desire. The intellectual foundation for this double disaster is simple. " with a smile will probably make your audience laugh, help and love you! We exercise greater choices in our spending patterns, personal relations and our lifestyles. Those who delay were expected to find increasingly strong Chinese competitors and face much higher costs of entry and more significant survival risks. Don't be afraid to be afraid. com debunks the Cult of the Chief Executive and the Cult of Shareholder Value. Going with your strong feelings allows you to be more authentic, and to go to new heights of accomplishment. However, before you begin, remember to take some deep breaths to calm your mind down. Seventh, be present to the ways things are. About the author Edward de Bono is the world's leading authority in the field of creative thinking and the teaching of thinking as a skill. We may all experience these feelings on occasions, but where they become more prolonged is usually a sign of an imbalance that needs to be addressed. From vtj@siren.ocn.ne.jp Mon Jul 16 11:15:39 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IASIV-0004cJ-8S for pana-archive@lists.ietf.org; Mon, 16 Jul 2007 11:15:39 -0400 Received: from 198-82.187-72.tampabay.res.rr.com ([72.187.82.198]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IASIQ-0007T7-RR for pana-archive@lists.ietf.org; Mon, 16 Jul 2007 11:15:39 -0400 Received: (qmail 7627 invoked from network); Mon, 16 Jul 2007 11:18:01 -0400 Received: from unknown (HELO xdtuj) (25.190.50.87) by 198-82.187-72.tampabay.res.rr.com with SMTP; Mon, 16 Jul 2007 11:18:01 -0400 Message-ID: <469B8C29.6050503@siren.ocn.ne.jp> Date: Mon, 16 Jul 2007 11:18:01 -0400 From: Woodard Mary User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: amicable Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 4.3 (++++) X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3 - SZSN Announces Sales Income UP 37.6% Over Last Year! Shandong Zhouyuan Seed and Nursery Co., Ltd (SZSN) $0.38 UP 15% (9:36AM EST) SZSN continues to climb as more great news unfolds. Read the news and get on SZSN today! Can't wait to plug in. In this workout, Billy takes the basics of his world-famous Tae Bo moves and adapts them just for kids to create a fast-moving, entertaining routine to keep them slim, strong, and active. Added to Taylor's vast experience means the Photography School Asia's Affiliate Program is HOT. This Trojan can be used to steal passwords stored on systems. com, No one knows home bar supplies and equipment like we do! We are currently working hard on a Valentine's Day jewelry promotion. We would like to apologize for any dissruption this may have caused you in terms of missing images, broken links, and datafeed problems. This tactic is known as 'social engineering'. Contact me if you need content, creatives or data feeds. - From rio@yorkrepro.co.uk Tue Jul 17 01:24:01 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAfXU-000751-Kw for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 01:24:01 -0400 Received: from [74.7.66.77] (helo=ecefnwy) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IAfXQ-00083s-33 for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 01:24:00 -0400 Received: from [155.181.97.87] (helo=fnbp) by ecefnwy with smtp (Exim 4.62 (FreeBSD)) id 1IBfg-0007V5-PB; Mon, 16 Jul 2007 22:31:20 -0700 Message-ID: <469C53D5.6050806@yorkrepro.co.uk> Date: Mon, 16 Jul 2007 22:29:57 -0700 From: Theodore Elmore User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: Actually, God gave me two miracles. Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 4.3 (++++) X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976 SZSN Sales UP 30%! Market Watchers Pick SZSN. Shandong Zhouyuan Seed and Nursery Co., Ltd (SZSN) $0.43 UP 30% Sales reports show sales up 37.6% over last year. OTCPicks.com and RedHotPennyStock.com feature SZSN. Stock UP 30%! Get on SZSN first thing Tuesday! what I think about I bring about . I am reminded of a good friend from college days who was getting her Masters in Art. Yes, she had cried her eyes out at first, but rather quickly dried her eyes and realized that this was a marvellous opportunity to forge forward with renewed life and creativity. When I am peaceful, everything else falls into place. I rejoice at you success, dear Dr. And I recalled that of all my sisters, I was the only one who went round the house singing all the time. " Big Clue: It sometimes is missing from my life, too. " Nevertheless, I will go along with the majority, only making a point that this skink did not wait until the snake finished striking, but instead targeted the snake's mouth with the tail first. In meditating, I often dwelled on what I really needed. I had to put my trust in Him, because He was in control and He was the only one who could help me. " So when you begin the day. By the way, Janus was the god of gates, protecting our entrances and exits. We either grow or decay. The key word of the article is hidden in the introduction of the story. I am reminded of a good friend from college days who was getting her Masters in Art. I learned that truth by experience. Being part of a family implies a committment to it. Decide that people will just have to wait until your ideal weight shows itself. It is the existences of the comments. But to both my amazement and Patty's, the skink then performed the most incredible tactic to save itself from certain death. When I am peaceful, everything else falls into place. And I recalled that of all my sisters, I was the only one who went round the house singing all the time. Talk about burning bridges literally. I need to learn how to be organized with my time and be more dedicated so that I can receive blessing for being a faithful servant! She taught me a great lesson that day. " It must be the consciousness I've been in, writing this latest series about Great Whites. I am not yearning for some unrealized dream. Last newsletter, some of you shared such beautiful stories . I AM ALSO IN SEARCH FOR A PURPOSE. He was running in one direction with me almost catching up to him. She told him no, that I had been dating someone from the Junior College in our town but he had recently gone back home to Washington state. The pain subsided, and the blackness gradually became a white fog. I had two episodes of CHF before I was twelve and went through nursing school with it, but had my first open heart surgery the year I graduated. I am meeting them only in tales, where the ugly fogs symbolize the most beautiful princesses, and where the love is one and only indeed sure sword and the most secure shield from all disasters. You will then be over-pouring with love. It's when we face those attacks head on with the intention of overcoming them that makes us stronger and helps us learn to become winners in all aspects of our lives. I AM CURRENTLY EMPLOYED AT A JOB THAT BRINGS ME NO FULLFILLMENT AND I HAVE LOST MY FOCUS ON GOD. And it was stated that this was a "unique" solution, "out-of-the-box. I think that I sometimes "play dead" with my life, and just for some reason, won't do the things I am supposed to be, easier just to do nothing. So he asked a mutual friend if i had a boyfriend. But you have to be the first person to love yourself "as is. And you yourself likely have done it before with an answer that came out-of-the-blue or with patience and the grace of God. When I stopped suffering from what my husband calls "mental diarrhea" and took responsibility for my life, everything changed for me. I feel light, there is a strange sensation behind my eyes that feels like a glowing. The interesting lesson for me is that the skink willingly lets go of a part of himself in order to be free. Love is the greatest gift we can give to each other. From rtits@coastalnow.net Tue Jul 17 02:30:01 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAgZN-0001CI-Bx for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 02:30:01 -0400 Received: from [81.213.168.223] (helo=dsl.dynamic81213168223.ttnet.net.tr) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IAgZH-0001Ym-D2 for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 02:30:01 -0400 Received: from ews ([190.225.197.165]) by dsl.dynamic81213168223.ttnet.net.tr with Microsoft SMTPSVC(5.0.2195.6713); Tue, 17 Jul 2007 09:29:49 +0300 Message-ID: <469C61DD.3050806@coastalnow.net> Date: Tue, 17 Jul 2007 09:29:49 +0300 From: Bod User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: pana-archive@lists.ietf.org Subject: Fwd: Content-Type: multipart/mixed; boundary="------------060808010103030207010504" X-Spam-Score: 3.5 (+++) X-Scan-Signature: ed68cc91cc637fea89623888898579ba --------------060808010103030207010504 Content-Type: text/plain; charset=windows-1250; format=flowed Content-Transfer-Encoding: 7bit --------------060808010103030207010504 Content-Type: application/pdf; name="Mail.pdf" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="Mail.pdf" JVBERi0xLjMKJeLjz9MKMSAwIG9iaiAKPDwKL1BhZ2VzIDIgMCBSCi9UeXBlIC9DYXRhbG9nCj4+ CmVuZG9iaiAKMiAwIG9iaiAKPDwKL0tpZHMgWzMgMCBSXQovQ291bnQgMQovVHlwZSAvUGFnZXMK Pj4KZW5kb2JqIAozIDAgb2JqIAo8PAovQ3JvcEJveCBbMCAwIDQ4MCAxNjZdCi9QYXJlbnQgMiAw IFIKL1RodW1iIDQgMCBSCi9NZWRpYUJveCBbMCAwIDQ4MCAxNjZdCi9SZXNvdXJjZXMgCjw8Ci9Y T2JqZWN0IAo8PAovSW0wIDUgMCBSCj4+Ci9Gb250IAo8PAovRjAgNiAwIFIKPj4KL1Byb2NTZXQg NyAwIFIKPj4KL0NvbnRlbnRzIDggMCBSCi9UeXBlIC9QYWdlCj4+CmVuZG9iaiAKOCAwIG9iaiAK PDwKL0xlbmd0aCAzMQo+PgpzdHJlYW0K/F3+cpJbXWQYyS1bLNd/bQxgn6nvxXEEbt6c1WBcjgpl bmRzdHJlYW0gCmVuZG9iaiAKNyAwIG9iaiBbL1BERiAvVGV4dCAvSW1hZ2VJXQplbmRvYmogCjYg MCBvYmogCjw8Ci9CYXNlRm9udCAvSGVsdmV0aWNhCi9TdWJ0eXBlIC9UeXBlMQovTmFtZSAvRjAK L0VuY29kaW5nIC9NYWNSb21hbkVuY29kaW5nCi9UeXBlIC9Gb250Cj4+CmVuZG9iaiAKNSAwIG9i aiAKPDwKL1dpZHRoIDQ4MAovQml0c1BlckNvbXBvbmVudCA4Ci9OYW1lIC9JbTAKL0hlaWdodCAx NjYKL1N1YnR5cGUgL0ltYWdlCi9GaWx0ZXIgWy9MWldEZWNvZGVdCi9MZW5ndGggNTY3MQovVHlw ZSAvWE9iamVjdAovQ29sb3JTcGFjZSA5IDAgUgo+PgpzdHJlYW0KTxTN2Kmq2GyoepvoyF+kbjVF jpfylpKRCasiLvK77h6ihy8UvV4crbQ1w7Em+ftkwPVRoxTqAf3Ty9RWz3fd1e2CdZfjgyCDjyk4 6kCwK1kv+V7HhGZSF97k1ornNxf5myxrnSZZBqneFioVgaSg4gAZIQbRwEJWn8W6YQuIbWaeUQjn G6r7TA8w6x4cMCNCljCalKGDvqeWp6vL0paY7V0QxgHzUo25VnN4svC+zzPRZMKN5ZhjGtxH47YG Sh8ryI6lxLzgkLIazXO/uAYjqcYeo/njKdqGjmq70fhyu2tIEWMAcNYxi6xQm8pqxAcvPvhl2e41 Iwcehm06WZ8enjyswyRU08iCMb2btK8DiuPmLLksLFyxdihbepWM33uSViWK8nhBded6pIAlNh+k R2E6QQje03sBtL/SalkPCu+0UXh56GXhiQ8BVp1tfuXuNiysGeqY23qVqJWHt6p78P61FtE/zzkH iQ8xQyfJeVDbKDGoWGum3r7zZ0id6JB+gaDdazKyXCwYQvzoV6TR8zOLIeDPWOfTUVCUYD6mhfio P84iL9h56SlvWTGfhZMRSU1KGvJnXhCBWd2CEBVBP+jaz137UQ0KLHquyjhAXlm5Cx+R5Ja217gR WP+uIlqv6VVyk2hnfnKmealJmq2x52fuIYyeZRh1mx5J+IKIc1Du/iW+22AybADy/LgnrDUy46DA HBz+Q0QduFsTDpynqN47JAo4t60GfAePBlB73kWIQGJvlwc22+nWDdRzS96nxE+K9t3isVoDVhTv eoTefxh9tz5rwk1JJRyzV+zpPDBJu2QWdotZ5Y5qyg6d5MXG5Mvmk4M+B+i6u9GGB79Sg6en0HIM RQqRl7yQktjYIppFxOMK9BZ5dRWGF36xj21hTNDjSotxon0lXvomh6DmbOzpRgjKD2PSnZepqM8S s/Mas0Pl8KwOa20GeJnSglPw/dllefAqwdph3uAFw/MjZO6Le7J1QsB6Krq5Aiu2CgJ9VQu3frJT Tih/Gilyi6xmu3DiJoGK6MejVl67Y7lMqMVzYFheINBBZEB6I2090rnZpakVfoPluRFOayjnG4U+ IcHNKFn9Pl5jNKoj/nO1wNmm6tA1NOBr6m/q8Bfk4JD1sseY6BR8qO8SHgoGSVQThNueb7KT1nLJ skB3L2fUMwQZLzY7U6wYsHOagwjXtY9+WmkehIt6QM3cvp750cs2dbUdq+RJIRlOkBj0uqKz+brN zNZ5DHKu5cWcUy4HyPSssRQKHMeAttg9rivyfejR7uM7kkUKTpyrcy2FGjEeZdjvUzUE7o2Y0kXh 1lMGRRdBubJQGwbzv3gEImP1m/Ot8bxmXcBYOF0qi2bHMVawNCMZUTBE2IqS6uRNgToPKHrpdX2H bAoSyObPqeujq5evOL9bOOZpJjDoIYV45H7SyfaBz53tdvGaykNFcjDRErTh6j48CSRmpFuwoW5N oOEOr6OvF6avp/iNIsYDDdv+wFlLrzkpYobgq/yAfIiSD3Fj6AlOX45K1kvDauCCu3W1U9gKqR6G PekIqWTd8XrC9SVbW8npKHO8lwcUE6BvEfvji76+WeRxVzKRAfB4GA4kpC6hVyfk95ZhWgRqHkUN psNqrWWB5T7JsJe2Jixjwm8y05WG4VMXaJOkxmOSk6RwcZpu3kh7x64CoRKpD3zhvpgITZ1geVhF 1aLiFG1owwRefdK24saGWWVpHMq7arElFdVK1NLvLiwqXcNb4wsYBLCy1qTRp93f09SMjVQMZksT P/sm2S8OmR0+dRUyKeIZMC3Uvqtc65ModlMATq+PToTbwUl5im7F+KDyFMsHvkSpHRKr5D1PIInV Uk25DxTfBNnH/oax3KcPxEL4vZtzyQ4087c2xPn3zLDNsv0l+GNR8bXP8uRf3v0vvOUK+zD4Tqkr 8fNXhxiecOV2tNp0o/sEHEs1Kbg8volXhexuJV4I7VN+rsHSHwVaCzULsYko8KKyas4kJZiOgXO6 6kA+M7TlvBHQfw0XHG1kV+NGyZ7W6SZC09NXD96qTOturJ74Wb/k9ZoFpqPd27BzfnuQglg+03yc PcCyqmeZjpiDgVpiZonSphtRFdIoJGyIJht+0p5fv4UvqSaVF+rg+TpzbX9PqT5mQ5ad7hlrV+83 Ny98H0THfqnv/kqLpI0ML946XVgX1ynpeEBwmo/uquA4N9rQqpBqWn9EiOh+xeH/J5Ii6yDKmXKI bTOxGauP7mWTCsB51uM+jryDiIkWyfwXDUVs4i58ACuNY6xJGbPpgWpyyzWCadHelULNY8faJtNK srM2E5udh2TI59s3cTm7Tk4EZTmDU1uXZZfWUCZ3USvIHH9OJutbut1bm5UhISuQ49i0/yn95F+G bGtbTlpkR59U77xe/ZtqKmcqWIMW9BaAI7UfHD3LQozmHC2jA3mIYYzkOXpX/ZXcx3XDFHs6MdmB UTACTg+Ao2AErhqImEUBzR6X5Z0InJbTiOOoyxD1y911NmkOhXB4r3xwHfkhSLijQBwxMKhomeE/ 508LHv+j+de8X2C13PDEQu2d6qiR3NJ+WP+KSuPcA8VGh5MTAa3SWc2qiWSScqiwuO4DE6q8iRqk dxUrgkCY2530FPDpqxpUL54e0B2Ls/KueVd2YTuvoZkUUhTW+BODeOU8MdiCcT5J4hkF5R70vCTB oLLV8d1OKsc3pYKBDov8SeYYJs1Jv+baX0tJ16jVw9VXDH+xgU5wa1XZNnCPDdhKbXlLiV8Sdf9I m8bPXpOhO57GcJVT3TxswezdfJB0+6zzDO3xreHu8vGIyQi8FICL1DzwqDEoqZECCpVInAv+IV3F TPkX4HST0V367DEA+msxU3qEoVoge8x+OHPYm+RpVpD2OfWIjLDIOJhvSSJO0xpuCYpFCCpD0HBv lXw5aFh38fRbEcoHxiFCdum6fhdn2w2CrwJOsusD5JFJ9nX6G+CWHhISzmNH7exULejhJIT/7jgv 9RorHRYL8WS34ZS5n23vrtc7Nlnp7YmGUn7FopgHhfVCFqNN3CAOvuk37lZsrJ3aSWUhdevh7uWN BlwK1yRqBf8/k6Z8fLCLilHTCF2CwwwXhwBUKrUoaeQwyjozEs1SRAVXRWiLabOfMEVgBT7AL3CA KsaAWrYw4nI4fE9gnQUwKyy7WxQXsZB8EVhRXDK9sZKE2LKx9voyIs84Wu1plrDqOBML5tqXGRB8 nK1E0dZYCE9IqA7S76mYjo3YU1HLdVVU0KBpsxZqsOrLnzIMqUvtd4E8oL8sHwR7BLDK9poactLQ 3J0mjAf/78Y8pla2MDoLsjjbwzHYRrwLsn8t+ZyP3pDWDfhq3g8anvxfoXWP5poUDJ3TbrDDfyWq A/pVWahofea9O9K77lm3qeZSTsrLaI7zUblVTYTccTjbDo61/qT1hZrD+E+jdVXc/flVgm+lJxFF zSTg/Ur74dN9EV1WvTc8pTsaRiEdcEhyE865fAUJLaBkAgLOWVB4TgwV+zMO/f12QzUBT3xlyQE1 HnAC8fZIUq4eYITyufkE9ehT6hk33dznqMW2f6ruD9YFG7TiTF3aGB2WqN3XfPSVTqe+1agwsVYd ucQXoEOO+XM0Ds1/Q0RxZC6LQIOkjwd70OEcxFi0N+LDk4xaWw7eYxy6uVgoT1BOpzM4VfCNc51M Yxxdy2oQCCZgQVaDTsw8Dg77Ya++z2LspNncTPA0P8zAwNlgztj6MMRlNX75rEOGYMpmnrnCE5ri tFJ6MEBHXXlVBuilgLJmquUmfro9WXT6YIJ/yj4xTJO6xds3lZfEjRkduwXYSjrEMELtqP7Fe7nQ 0v1Ds25VdSLKIj9yvBY0j5n+Hypx991Xsbt47XdYINPWbSZ+07S+bSdLtdxKFpFbk4BnZgbpIfpb xBpOAk0ZobEMOqEGikpfZcm281S18VUw5pZhO+taKdotuD854NnzpLMIFTPEPtK+jwRVi02qIabd Fnx/UtZCynq5A9cpUJvphsxwGfg7agEPecVhKV3y5TQK8GyG9riTGuwNNpUSQ4LXpMuXcI90BBkQ 5bwMY+QCTBbkQwVm2Fj0St5bAtSDTGKzB5Epj5oDNLySAHGU3RZDJZAh+ckvzR0dK2/ldFEf6mj+ Icwd0ve5W8/nMUEHY2to2zQlBHLfziPFMqil8+NZ/incFBm5AYn1b5IGV9/Lclr4WHN+Z9yC0b5t 86WiIdN4osplBW+qIJSRp5RrwaRxCQ88CQd03o71izLyJHa1/I5VOGCGryRtOGAbdPErGW/NKaiI rLilYqQ9uJ9odeXvMa6sFCPiZLb8q7Qec15+LK5UJBCM3WSfHJLiLQCAu6lw3AvcmdK+oJB3C9Vg /TUHqkNnu5CHqzJEfJEu3JVZMaM2peNOjv0rwA0+OomtkjDoNZOQtHuMabcIBY4dTaxSPr+i+8e3 pvAjrNw68fzL1LdcQlAFzYyGvDlBVmNTZlW7ons3Pp9q/wJrM2/tlEJEU8a+xySlW0KpwfSXIW4e YZlqMEZDTSFfnn6b+dumEYas7nchAOBo8hVe3VOmP6zJnN6J3LBwuow+nXJf0X959p7Ire7iiBNx 4Elru1g5oFH6dHjpnvxpq4YyA8l/bCKiZqiXWhtPGCVbTnqbuEJgOunYazvVPoJH1VOM77BwZfPI BPbzWT64rEr0dNMSpf1SpsZqzcwqoEzaRWyYTR23AuNgO728xtX6UuuVrLK8645KO+I/mY/9tdmB mV/VsIwrVOAr62xbB8utmP2RUh/gkHBYpJjZqbzNv9LtjLYw+KlKwpEJrAR1pImvH7QUUN01mEXV pIJtSeRyHf4XPRpwNtdC/IMeCw7kx8XYaUc6SN/pxcx5o8aeFjR1RiDOj0M++FPaN+QtiQk4JTax S6WNYivzkJTZv5qM0LRuqr7kNY819+EPZ0x/8pDXp7RcO/QmpFrfSKQbD0H+h/P6Q3rXZJodHWn+ LS5oJi5QgPnz7JLnJEUlK0xcZ/6L0s+54edj3tuQXrkOm+1NvdcEF6uY39VSr1Yv9L5eFCORjVxA eGR6pF/XVE6BzHxxUhWGEE3GsQ5lKo98PWFPvq5n4TGEyLdIJvZmXWRzY069bACTTV+5M7nKdWIK IZqeULn11nUnZSN4BQ0NPp3R1Bd7oDOMAfm3EJSZchYjGPnLfzffiVtixkjWo1wYKK65+VQDzxBS AptbG2kajkPpiAz+/iLQapff8Lc9r6vk9BaqRZcHeSS98Vo8OK7LfaouOlTktPOaO7FRpOUMDW0m X6OUahkp150ILUFhORBF6lgAXG8iibb12+u6k2e6N9UWVCv1dy8Lk9H6Wmotz9zU3iDOTqIDZpnC TNAIv5uDOlknIcA/uq9HvG5GLV0GKqFNByJQH6rf7h7tIwLBIMmPaR2CmL3pTUp2yPfIfeZuIYMv 3zn5ZdHu0w8Vhe7t4u8X9/kSpCs8aBtZe8eYSKE5GalijnOE8Q4jI0dAgIxeh0nwBHaB85yOUyO7 w+Wp/hGc6lqKEWj5YNfimHMLGeyBrHBpAfzwlHbApaKlqVIOmkUeiq5ZhKYuHQFte8qpOc42HcjZ WkhapWZ0+V6HDutlHSwkgSHHsQx2LdFlJQ274F3p91ZSZfhFputJbIZ2RPUrXLXPtWdLsgfZ58kP 3jhfS6pb2Ns3zkcwDN/nR6862iQb01NrhbEogAVvS6nOK+ZbQMtCbBR4/yq01n9/RiEMCJPAlMTz MOecEX9yQmZcek2VGnT6Xlb5EiQaaD1B+M5EYHe5q3tFV/BnzT9VdUUWJ+kxwC8qJ28hQvsF79fe hg1s+Z7jASOxff+D+dzNxqk2jzULSznS5LK7F7ouo/5AXJuq5LMARMx6pSEAmzvxeNEFxjvO6Ckz AG6okFoh5UjodEwGk8Fq3+R0qB0svT0mvHslAvRm20UJ32eFsAT9HgV2GX7Y/ioc1pVTg45PmjYy pNtBkbvot9/8jYrXlNN6Uusc/aZrkMyOErSBbN0dHnHqJ9VBjGX5moFNA4nX4VID8vzyaqZU0/Bo df2xPuGwKPAEHk6BwkDDPfyYqfTP+zVQTagr4Q4cMsVG+DCItV2IMI1s9v9r/fx+WnOM5cd5A9rp y3XPGan/sKi4kymCUvZbjzOCi+vNhB2U8XRkYEsX3cUZ7JpbpPbz4PhmX6zo6cjhx9aD7SiwbVGy Ejl4RX/C+qh1PkdOLYPmb+M4GaCTL5LOLAFfCmar5r4rbpd8ylGF23uLLH0bm8CFO9FWPg1g0qFe LCRrbodciJETWDH21OtitKCGrN5qWBuuhmYTaS3wAorcnL7AF7NnHW9h5VYDrj9dbilghdDKugu7 T//ze2S0UMaMxlpTFSpkoTZnqF1wHNHkgpiTpn0aJ6FYAOPw6qXXSA/+ikG8i+ZiunLBc/lqSTDd NCK/FBU1pwMGVJnJx8rUPSJV8mbosOPu5A+3RuNkQ7hxqQuCdZxDoT0vOILcSAJ8wGwz6Z69BpKq BQ76AcdYZsSeizQjKB1SNtvHfHRAQap+4ozGeT6X7AoKGuK1g9pi284MbE7prspfi+GFwawQs/E1 qy+HnXykEK50b/ElCoPQREmjqa1lIcDAmU5+U05fz+5EpmXoaF8EEx73SnsXysY703ZlJ7NWjmfY BBOyaf6W8dh9ZUZJa6rWLtfkfqHkwdQhMY7G7ygQEFj2sZzG2A3uQd19dHgbxQGYOcABdmtjSO+w H7a0YsI7i+b34w3WEhaDai9+nj0uiR1DUI9l9xwOzxD6Mw6VHdV58YiO5cZBTYW4+Gs1XoPKGap9 3UqXvCtXCJ7TnphYDpSLgfG/ltT+RaNm3Wszvl7thghfMcvlbsLnP8DGC+oz+JDQ64Hz2dtWF5PQ nVB32kXqoJmF5bv3UV2lT0ueYMpvBWvwY/J1h3Njg3r4fJbDocmtD+ATKKC34QoGJUNKNvNSJVx8 hRcqDak/AWammbKQY4XSEfIlnJ4qlINoOHk1tgjHDPYjzqXq/ExfzNClBIn+3K97GKnTPH94csPc empjQ6uyhIfPZ3+gQUm1ybkLaI1YnXZB332RvQNg8YHWXUYJ4B/DGnDUNl2udRd3SpGg00QlD1MM S322nPpWK03QKZ8LFdARoIhpCs6Uk12TJTiZfd7/22gmZ5uHch6MC7SOOi4AHzfHk8VsA9k3X4WJ A2FngbN7sI1fmOY3ySG6D/7MELPqonvIBmEHJ1HevQr2LIGXwt5P+ycvVe58mEEVQGCWwvfTY86N T5x1vxN7DhG7X31Al+aSICL/EY3TQS+7gtAcDz7UrQ3qUXCdKgvziQ/tPTvtQIwgtKeR2CAXZP5g LNWHIlAVRyOb7EoBxSxSDnE9gtAq043vuNKVNBvGk4viY+ozVzrhGYuL2z+Vhz6dtVLXacqmQ9Si VCywFYDBDb6bv/MfqR6D3CvkKrzRaoOLj1njDryplSW0CIMwHbfL7lTN7kE80tCcQcvpgYsCTbwN VnNZLn6K+MyeZDHehfEWy/nJ7OgrEEF9OBza6tB+Z3SCqcDbOU6/wz3yFkFXQ/deYZL+nfYZarMU MXovOV+yMCM2AgplbmRzdHJlYW0gCmVuZG9iaiAKOSAwIG9iaiBbL0luZGV4ZWQgL0RldmljZVJH QiAyNTUgMTAgMCBSXQplbmRvYmogCjQgMCBvYmogCjw8Ci9Db2xvclNwYWNlIDkgMCBSCi9GaWx0 ZXIgWy9MWldEZWNvZGVdCi9MZW5ndGggNDQxNgovV2lkdGggMTA2Ci9IZWlnaHQgMzcKL0JpdHNQ ZXJDb21wb25lbnQgOAo+PgpzdHJlYW0Kquf6SkJkLf5wkk3WgepLl7T9SYVLF3j7upvKVXhLrsoI u9Q3ASY0FSXKTs3HUj0uD8Dajo/u81n36kF8cnn6Az2dgLsoSA/6T2+Abxz+d99x2McfVDLHmjyj /2SEMj6Bp/G1qtlnaGesvXEPQONQzCwlxgZN3oq8re4XqrOpVTQ7H3Sf+xshrq9IPst/vYEqQvqI tMYzUqo5R2Zpg18oKuT8ZcPkHzaRdYg9+UM/ITcLcFk653OlzmtDtk/4szzZq48dHpsRJ7eEXtYZ dveVpytHTnyrmyIohF03OidV0zXV1uf9dj2YNyNer8z+8CwV8MwFFVEBRPyRjrXr0LrH0Folci9w oURyK99d2BUUFMy0ZMgRIZFfO8cEmc7T1utrsGwM0ekT1aD5AFobSQZqJ8FcUbqIyt2McQ+x67zw Gq7XTM3W7lMPxMW2OWvZKYwFSTYlSSEBZ1jE7iubfG4dUMd4L5GLYrYerA06Z/HgK8AEeEwgh0D7 vOxEg/PHIoJnePY6jQ4T/u4q/aHJSAa6qBJkQe1LYfqWTivHD8XDpvwfL60jq+1L3fy+3vhDt42d r1l89g/sGULkbq5ZTXjSfSvivZnqPNE7lSYr1jDgPKWyie+24NMEI0+1rqX99B0k3Qeri8SQSjSk 8lqMMsYuawSzWFrAfkrm7mTqFmMF+uzS1sJ2jR3zQLw6LF98dXPudEc4mn0qekoWl5cX7O4sc7FM /UWpfKDSfEvrHGtXCbTm0SIy797jyYeduIhGP2NIQob9nGZUQMoeTqlZW4jDl+cR01CKD0Apb0P9 4n/6pGzgYsHdLYYfIO3CGvETMhp+uPOY6RY3bhmIkEsqJXKyqMHF5OJZKI5/krDXnwNLPY0S+UZc xW5R8iqk2Xxk5O43akUYcuo2mYVgzVt12rxfnO3SXnCDU4UPqYJW4MuhDSpC5BnOxeXLA7n3+TBL TnnKYTYGwkooELb1OeOg5XZanI+ubsZNs1tpgmBaxt35oDJu2/nVt8XtVxu8oPIX0rqFRVQqwLzd YuiwQKUbAzFaQNSAXXsWi/tJYNSOK0Ru9m2djqerOme2O8ZfzdPWMalXMFOZlH/WWs/4krY2kpCU NrN6NmR9yiZebeFXuqqpv4zT6iUfWNH1gje2qWCDdQXTEPS1XkjshOPRLunTnSJIzQww2SeuUXuv C7tkclJySQTARLD2kaDzp7gF6S3rT3bLUBrRX2lct5BpBMMFg1xH9LjPFfhPhj0P77v74WcRglOq NCRQebP9GT2feJzpR6D+nM4SnS708c1V0sP8iJnjB5XYa9fO0eP6VrnnRuk6PqUkBwDJIeycrDjX OnvibJX3GjnvNgnQk4cQT+oB+Z+NfHzqyxSiOsHL6aXMl8x4qcN+Pma6ThceHepvyzmiERep4/ti sPRkWcByeOqIQisEhD2zz6FxK2UpbiVg4jeeTNUyK5nu71Ycaoblt9si88m7uUkGwmwGlFl7g9Zs g5NmoyZSOjsbtNAUr65pJFb4sl7mqWzX/B1MRfA0BJll6WwbOXokNpf9F775VxJR5ob1aLQb7/ae 9WccsFWQ1LcfhxaHuKec+gqw1IOC8eMKRGR3d7gzIJogthYSeUxVUc/Fbfr17O/ugBjfmy613mFR Gopr8SeHJmlrNzUwd6erqr+r+30xUmFt6mOw/y3Wro06cV8Qj0MWkzesm9Up+rCcnphJZvNH6wuK UC+v4yXCMpfY/tQ3WaUgk/hm1EI+g524NoA7/nR0pvh7rd86vLfTPnRK/fMIyxPQH+866aahxsZ0 n4NoxpU+pdkwx3Y5K03e7whD9qr/A1cbBA+Rck5xGosJxsc450lT+DCpus10JAhJHrujkJ43l6/5 2L3V3o2QcX3ge24ZDLfG4S8fGEKCvGENNWZLRFpmbC8lKNm74OBGs2g3znAUM6iLldJDShLGv7Sg fCaOijBG/gw3l0idVxfR9T4dWaahe8IpTA9PpXHYZaV0RuU/cJhlaoVz6/pmKkB0XVCMVgt1twSA jNCm5Gc/4mm9impEgnLYD6X656hS3ZbvI1DeXmidAlj1zSGTenAKQuweptr51uKIhdKto4e4g4D7 GyJzRsQDMgsiSJ3guTpzI4W0JhvKh33QxlMyICf41ZDWKDZmZyem/BA8nZedtiOnZ9zlCGxH0k6J l8h2LzX3/qlTRYdJ3eDBcIqNUesO+IDI1j4oXErLvguMZiiBCGYdg8y1zkGSzQaH8IqZFSsgLW9H keCzwoy2c32DYGvzufvPqoUMIJO0ws6cG4DqZrUwhWySmAWyvURtyg7mdG/CPT9a+Hm6Q8E60MuW OD5NRfXgokd1N4QgMb0+c5yLjXLsT7U0GW8UG32GVT9qUWJ5VGpQSZUdHnhBg5YzdKNlR+0yQKlC NOFQpdmMnU5KjeE+Hpf+fAyIaMhs1eoteUpEl7JHnvq2vq/Dr4UNzezQ/va3byR8nljBQjRWpZVJ +1gq/AvluhjjjraM/NbII9qZPynndW/84CdSHS4k9txOMjdLSnkNF9MjLOMi+Ob17HEF8M85u1gm XFv0ym29HkjoVZ8TuIxT5mSzMuUadOwZBvN8Wp9mc0JsSpOY+SOFNLZDXoKybfd2+I3KJRSu95aF SSPYD2CPDaon8OUNmn/e8XsvaMH6omOHGFYgdu4gMUlCEYiny8WUd9Cacg87D/27wD1m+/se2yGh spMmyY9d87LOXzWrYfKi8nt5I/rHUOAhigF/VFYMPHlq1ohUEotxpbtFvfcJ4Muy2mk8QF2LzvZp JBRbZKTKnbh+Y7aIzVJ3bIkonu9G7vL0e7ilm0SkRO9J2Iu/ZVS2P3OsRsaAJm2/s+j1GuzoGbBH 02Qn/5l/rN4vrXCRrnKVX6/xC+UCHaoJj1ct6OzlRkQD8ai1nUZQVzb6B86O5dE2RhXym6BPYAVQ H0cllAlRgH4sakNdLXC/gNvKqVkKI/mMt/8dKh1YrRUz3rf4DLOn/fE7MmuYKiX+5ia0AmcHOY91 ZPU+yCJHhcNUbfuq5/Cr+1suK1AVADWLlRIM1BxcX8Md+fidVGV1bcKOvBUAM0sqR6D79IvCcby1 u6wnwmLpEwQH5qTKxHETK3Hk34ICKtfCk+ut+IlC9wah5Rbf+2Lv9b3pheawgR8Dks6NjDK8QXA/ aogD/nn/9RxIuLBtvGe4+0oN5TWgV/CA53OdeB+xXjvnBwPm7A7uznYsCF6GsBiEzINXL6CB3YYC 7ZV7iBVj6Kc/ZSs1Vxu7idBGEvWJpkvA6mxgAcMex3fxjoHo/lLS91Y6VHxxs5uE7h6xJMo3ALud ifVFnj1ADW2LFkqhwHJsnBpXxPMQULeX4LXsoNtb12mdSuYMFfH1IxjTyQc4xSPSo2/cujX3EnYt c2xZ3PMjvCoAq5IAyaEAVOjHCBvi9kMd4U/D3XS3YnQwKEwvALVddmsYM4h64VMl1M4LvWwAGJe/ Nkil8rN/ECA/7lBCdJsVBauKt++0/gxNIw+kGbFnk6Yrff4HMRdtA7cvQiyBysqsvL0JdbgoL99d NLnjdRpDBFUefNtmcsoeujNV3LaHslZitgmB8ape+n9f8LGm03eis6P3c6ZPVkVqZ4Xk3DEVXdU+ j33thYZFFvwXTk01QSpY3i8yoE0Fc7mMllX8uMbqqN4IcSX1goRw7oJjo+mafEqyUTiq+80nBpLE rWJrdRkpUG/9LfJqiL0Mrm4l53e30H8nskzGfer2IfuoyUpHw0G64VUuMBz0TI8CHyDu5jM28B3J nEpJBoZBYI80f3V9Bqn+tE3lTrcL4bns6gZUnL7o+Zq9lZfCeoRhfnhztBIJENFi2XSAQWWamMcM grTyuNMV/swaNsFvhYBrr/3pU1IjFhv6MSvaBHew6EPkqSM+wp5wfIUHk0pcVDCZ6XynptsUAuh0 9SwsbP+VqQR6nxreq2LW6Bq+57dUwoDlMj3Uom51Zgd01WtwH9AvWlWScfwjH/cUcMoPhmKBMa5I TLFO03VNqw5kCkWbzzQfAK6qmRpzz5hwNXwy/8N1fK/oDmNYYb76CiB/23+R1eI2fWqNdnXKc6vb YjxzXa1+GiRsrnPBVjOmpbQXSCUqDGod9iAxmHTK/ICEcKGS87f1bwgovi0LJzGcUg069yq34RWy zmzujXsl9sUVhH/w2JPFL8ibIQbZHBabT14SfuPMzgBSVrWeU0wO0UYtMr9hseCw4MAZc0+fBltV z7l81FbM+BpDkdS/CwZsd6s+BnkkCk5AEXdVbDdL3or4562hXUCEgv5+2oDCXD9NYhpHWrnVb/nn 5zVmbRXFoGpzXTZLQB3I8fOkP2DZAD9chm5cnIl45Hk7+DHylnZRtNNA7wMcBLCGWtYRJqgfCPHh UMi6jAWL3eW9gb5Yi1QUxM2PjowPYX58aPAfgnL4nUi7wJ4QvoVS/nJte7x9xm3JzX6GowdxvrnH p3qwrXu/adZHYliliBYPDUbh6bgouBWz7wRNwZXHOjr9Lk+6mR5vysnfaSiVIDG01Ch89WCTQ53r d+bl++5sfn7jrxHDpOwC3MRfL5l/prK+ID+FyXTQrev+5ZTlhVsQ6KauUcARm+ERL7V9efyTiqfJ dikCsYBn3unnZ3YVtwehJ9V95n+mZ3w2TCa3n54KZXS664UnukOx9jbQk1glru/VlUr/4FaQEfrK Apiuz20ekBqOBu4Img9jTPmT1VP6nNc21I1b2CYcKNVUB5SB2n6I19CgNQzxYQUAgBR4iH9comDV bQfHbzRMZbJ7te+A3QWOk2hOqTJc4NylBDfv1FWam8F+CI6o+eAuaFLUaNqNlbJxNOGfXBm3EI+K bMwE1QIA1TJJgL0Rl5aPUqYnUH3F5AA/ruN9+rXV6y887vYeET8eu3UKexEVuNlW7bc5pQtcImG9 ItCP3WG54tcfJzxfXaQQMhmBvtAnWwhqyWQbw3wFRVJt8n96q/dL8hnYEmgxOyGQL04+kr/h+N8M DsM8sp2N0iFZtRSixzN1i2u7apaGnWzC2/+1HgREfLkbMhb0kZUyhBv7BkYI6zgVObqXJUQT+BiF 5+GboEHqDeDamMys7RbXQbG5eDX4iq4yUt9nY9wL6qd5AGnEVdt9VVQxejYIVMFTtYf7jNxilYLb hDPCS46McRdHrKtU+fnvW7Pq71785bd0V4SjJC5nyUYq2WntKf+IkOaWQWXlmOMGt2CS00omO+e5 geebkv2cQPX7tCGNXDdJuuS1nC1oXBE0fDNmyA33Su+LN/fTQGk+lLRxgZ8813ledLIvAmBhP5aU sF1mtdBVjvOY6jYww9asx7PdNTmtZuTrmvS3P9ejqsmVO428hJSvppbul+LaiM8xMvNPOjuOxGA9 Mlbxp+h/vMMLlfmm2DPcbXQhu5ZT+5g3fc2iKZWelcVYKllzBu0AXlXphk35mjvHMOH01Myx7X7G HUXH5+cbKGGGAVab90LLDlcfzwN8Mosu2C+1JNLFtvHhRxjmRmGxAipqYCVyn+Tj05xcZHGkkiGm N3uu7SHP+YI6My62z9ZqKxzovERmnkfq2+JYswH9jqxA/f+lm03gQ+KiC/aFBLK/ryrfxFFXhpwR oA5nrcosNNkAdwK5R+uCsOrYrhZqFJdPE1I8va5WIsTlyJn11nI8wkEFlvyaG1KcA0dAT9MMkaIn IyAhp1BKmlEpfnn3zLAbj/RXVgB8g4nYY1PkOaaBbrkIAqcBJL1LLx7xneT2Q8ka7xLWEbbf4/kw kxIrAbN6obBbKyTAZnrbmPB72oRsupTQ1DS2S/a474q+iTyPNtU/dRMjtazin3Iarl1zjaGg/Iyv DxW3OqJsj8tq/ZaUShmfHZUHK+LsAL47EdyZbBTe4u2C/LrfiLjnuVMpH5b0Z7Fgs7SkCmVuZHN0 cmVhbSAKZW5kb2JqIAoxMCAwIG9iaiAKPDwKL0xlbmd0aCA3NjgKPj4Kc3RyZWFtCnA/R9Eq6NsR 4X8v2ODGuoYOXKCzsmkWExoFeJn9h1f8F5dwwsfTsNBuG69bvePTYc2UBnb6/p9svvmlh1C4whzy AGrRo1LDTnmt53GNeOskQu6a4EUyXNar2EbYHu6YjwuPICmzEdTtRl535DSR6bbsnHpfGtOsg0aQ BD2mk33DR73vTN9sX1eXgAAeXlBwdugemQDN+P8qbNvqPbGn8Cq0OUOTN0SS7cvZ2kPaB7B/kUXU yMYpK96FlhdDn9rUqnCQvm6u2C0cyydJwnGeAsUp6WiNdQaSWPo44Nw81k2vq0vB9IStk+KWfCLq lw4Av/N98ujHzRNtZbBLWLhlXzgGJOs6DdUcsZCIlpEzK/1Mnm+kNsUUtKHSruQDUg7qI5VFfoOh GmvPXc5OXFIB/ezcrwUBJCmgn1gmAg2bGV4eZiGk317MbXZhM5rrkQrkSs4AIadpKG03AdWRLxq6 CTQ3SobsF6NxXD/+WqjN5LuPv7c7M0pRA8EWgWLNs7/U6pYrEO9Vkz7HlQhkeIgr0a+Q5H2sk/4L S249M0XbZ3f0plNQ4s7pi9cUB+lpV3B4vjblm7VYpz3+Pb5xrDSdlU7XW6LItnHAZOlAfdK7D9OQ Gh6UcFrctUEBKQfH9NznSCrjX28hY+/rfp/v9UpUrcIXpjug/oDFP/Kg0saOMm0wbKhNmbPW2fXD Fl1UzAQRHer8I7533CMBor+8v876l3Y01cVytD7rN//SYdm+vxq4etixzj++2P/BRso/oaX160SJ rnAJ8EvuPRCm3dFXsmIyynQSM+yXiUZ3K9uii3XrGqggC1Q9qvSQI0AGuujUHJfablDHeqRkNZt5 iwTwdXzG62jt0NYbiF5exEDoSEVNnAbj19CZf5vp3BZXPc6RE2tCaw33fZqAAlJFeUiectziria6 nupjl6RfcK1DBDP4Yq7zMLx0glsnZR64g89chJQ/eNR3yFXdE4Yiai0hwbYVruaiihN5BC7D6t2I CBXkYLJWGk+ZHVFf1PzQ8ymZhQplbmRzdHJlYW0gCmVuZG9iaiAKMTEgMCBvYmogCjw8Ci9SIDMK L1AgLTM5MDQKL08gKK6OQfYUOqtIZohOo6qoJ1wpzzpexUUvJIpf1nz/0GTTNykKL0ZpbHRlciAv U3RhbmRhcmQKL0xlbmd0aCAxMjgKL1YgMgovVSAokOuk18XKwVnF3n7BDi7BPQAAAAAAAAAAAAAA AAAAAAApCj4+CmVuZG9iaiAKMTIgMCBvYmogCjw8Ci9UaXRsZSAoeZN7WHxcYn4fbIkDnXopCi9Q cm9kdWNlciAoQ4p1XFxyGmsVdcQY2So0XCirECc+F7Zy8L/lEBA/Q/gdkj6bHNOKk8gQv64HlFxi Wr9ArZuq9f6QkypUKQovTW9kRGF0ZSAoTt0mCydgOkUtkELJL1woLL0pCi9DcmVhdGlvbkRhdGUg KE7dJgsnYDpFLZBCyS9cKCy9KQo+PgplbmRvYmogeHJlZgowIDEzCjAwMDAwMDAwMDAgNjU1MzUg ZiAKMDAwMDAwMDAxNSAwMDAwMCBuIAowMDAwMDAwMDY2IDAwMDAwIG4gCjAwMDAwMDAxMjUgMDAw MDAgbiAKMDAwMDAwNjQ2MyAwMDAwMCBuIAowMDAwMDAwNTY0IDAwMDAwIG4gCjAwMDAwMDA0NTQg MDAwMDAgbiAKMDAwMDAwMDQxNyAwMDAwMCBuIAowMDAwMDAwMzMzIDAwMDAwIG4gCjAwMDAwMDY0 MTQgMDAwMDAgbiAKMDAwMDAxMTAxNSAwMDAwMCBuIAowMDAwMDExODM4IDAwMDAwIG4gCjAwMDAw MTE5ODggMDAwMDAgbiAKdHJhaWxlcgoKPDwKL0VuY3J5cHQgMTEgMCBSCi9JbmZvIDEyIDAgUgov Um9vdCAxIDAgUgovU2l6ZSAxMwovSUQgWzxiOGNkMmVhNTgyMDkzYThjOGU3OTFiZGUzMWE2NGI5 ZT48OTA2NDQ2MWRkYTQ2MGZkZmQ0ZTgyMzk1YWY1Y2FiYmI+XQo+PgpzdGFydHhyZWYKMTIxNzEK JSVFT0YK --------------060808010103030207010504-- From allisonmyung-yu8@k65.net Tue Jul 17 03:36:31 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAhbj-0004hS-0b for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 03:36:31 -0400 Received: from cpe-24-208-33-152.new.res.rr.com ([24.208.33.152]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IAhbi-0005K7-D3 for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 03:36:30 -0400 Received: from [24.208.33.152] by (null); Tue, 17 Jul 2007 07:36:06 +0000 Message-ID: <000501c7c845$019ee8b9$a83704a6@tyctevrd> From: "Carmela Mcnally" To: "Al Clifton" Subject: Re: Thank you for your recent debt request, we are ready to give you a loan Date: Tue, 17 Jul 2007 05:48:43 +0000 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0002_01C7C845.01992325" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.3790.2663 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757 X-Spam-Score: 0.0 (/) X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4 This is a multi-part message in MIME format. ------=_NextPart_000_0002_01C7C845.01992325 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Credit doesn't matter to us! If your family OWN real estate and want IMMEDIATE pocket money to spend = ANY way you like, or simply wish to LOWER your payments by a third or = more, here is our deal we can offer you TONIGHT (hurry, this lot will = expire THIS NIGHT: $456,000+ loan AND EVEN MORE: After further review, our lenders have established the = lowest current payments! Hurry, when the deal is gone, it is gone. Simply finish this simple = form...=20 Don't worry about approval, your Your credit report will not disqualify = you! http://haltqhh.com/ ------=_NextPart_000_0002_01C7C845.01992325 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Credit doesn't matter = to us!

If your family OWN real = estate and want IMMEDIATE pocket money to spend ANY way you like, or = simply wish to LOWER your payments by a third or more, here is our deal = we can offer you TONIGHT (hurry, this lot will expire THIS = NIGHT:

$456,000+ = loan

AND EVEN MORE: After = further review, our lenders have established the lowest current = payments!

Hurry, when the deal is = gone, it is gone. Simply finish this simple form... =

Don't worry about = approval, your Your credit report will not disqualify = you!

http://haltqhh.com/

------=_NextPart_000_0002_01C7C845.01992325-- From npzlmsrup@rr.com Tue Jul 17 05:22:11 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAjFz-0005iF-2S for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 05:22:11 -0400 Received: from cpe-24-168-71-191.si.res.rr.com ([24.168.71.191]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IAjFy-0008Qh-To for pana-archive@lists.ietf.org; Tue, 17 Jul 2007 05:22:11 -0400 From: "Ring" To: pana-archive@lists.ietf.org Subject: We accepted your loan request Date: Tue, 17 Jul 2007 05:22:03 +0400 MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_000_0005_01C7C832.68BE4B10" X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: AcfIMmi+3O8sJ/dwRiKMy9C72PHNDg== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 Message-Id: <0186EA2B2009F57.5EA03CECE9@rr.com> X-Spam-Score: 1.0 (+) X-Scan-Signature: d6b246023072368de71562c0ab503126 ------=_NextPart_000_0005_01C7C832.68BE4B10 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Thank you for your loan request, which we recieved yesterday, your refinance application has been accepted

Good Credit or Not, We are ready to give you a $356,000 loan, after further review, our lenders have established the lowest monthly payments.

Approval process will take only 1 minute.

Please visit the confirmation link below and fill-out our short 30 second Secure Web-Form.

http://veeaqlthh.com/ ------=_NextPart_000_0005_01C7C832.68BE4B10-- From pana-bounces@ietf.org Tue Jul 17 05:30:40 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAjOB-0004kZ-UR; Tue, 17 Jul 2007 05:30:39 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAjO9-0004ig-3f for pana@ietf.org; Tue, 17 Jul 2007 05:30:37 -0400 Received: from mout.perfora.net ([74.208.4.195]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IAjO8-0000Hg-SC for pana@ietf.org; Tue, 17 Jul 2007 05:30:37 -0400 Received: from [85.105.144.107] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis), id 0MKp8S-1IAjNx2WLF-0005pF; Tue, 17 Jul 2007 05:30:28 -0400 From: "Alper Yegin" To: Date: Tue, 17 Jul 2007 12:30:21 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 thread-index: AcfIVRhqt0JfYTrASBib3eI7LTML7g== Message-ID: <0MKp8S-1IAjNx2WLF-0005pF@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX18Gav5z7vOVg4zwcAt2QUD0HDBIAc7NTNUd+AN NpKxdmPWL9oBk5kcdGesrS2N9CnNTTeyLTArylNJ5OXlXPnXF9 w5CPxvUT3UNvBDI8uQJhQ== X-Spam-Score: 0.0 (/) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f Subject: [Pana] IETF 69 PANA WG meeting agenda X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org 0. Blue sheets, agenda review, volunteers for taking minutes and Jabber scribe 1. WG status and documents update, Chairs, 5 min 2. PANA framework revision, Y. Ohba, 5 min 3. PANA protocol revision, Y. Ohba, 15 min 4. State machine revision, F. Fajardo, 5 min 5. Next steps, Chairs, 5min _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jul 17 10:48:56 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAoMB-0005xf-Su; Tue, 17 Jul 2007 10:48:55 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAoMA-0005vv-FA for pana@ietf.org; Tue, 17 Jul 2007 10:48:54 -0400 Received: from mgw.toshibaamericaresearch.com ([165.254.55.12] helo=toshi17.tari.toshiba.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IAoM9-0002gf-4v for pana@ietf.org; Tue, 17 Jul 2007 10:48:54 -0400 Received: from steelhead.localdomain (toshi17.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id l6HEmkZT073784; Tue, 17 Jul 2007 10:48:46 -0400 (EDT) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.67) (envelope-from ) id 1IAoM4-0004AT-92; Tue, 17 Jul 2007 10:48:48 -0400 Date: Tue, 17 Jul 2007 10:48:48 -0400 To: pana@ietf.org Message-ID: <20070717144848.GB15507@steelhead.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Content-Disposition: inline User-Agent: Mutt/1.5.13 (2006-08-11) From: Yoshihiro Ohba X-Spam-Score: 0.1 (/) X-Scan-Signature: 02ec665d00de228c50c93ed6b5e4fc1a Subject: [Pana] Minor fix on pana-pana Section 5.5 X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org - Ping request should not be processed in authentication and authorization phase (as ping request sender is allowed to send ping request in access phase only). - Additinal 'S' (Start) bit and 'C' (Complete) bit wording is missing to refer to initial and last PANA-Auth-Request messages. Change: " o The message type is one of the expected types in the current state. Specifically the following messages are unexpected and invalid: * In the authentication and authorization phase: + PANA-Client-Initiation after completion of the initial PANA-Auth-Request and PANA-Auth-Answer exchange. + Re-authentication request. + The last PANA-Auth-Request as well as ping request before completion of the initial PANA-Auth-Request and PANA-Auth-Answer exchange. + The initial PANA-Auth-Request after a PaC receives a valid non-initial PANA-Auth-Request. + PANA-Termination-Request. " to: " o The message type is one of the expected types in the current state. Specifically the following messages are unexpected and invalid: * In the authentication and authorization phase: + PANA-Client-Initiation after completion of the initial PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' (Start) bit set. + Re-authentication request. + Ping request. + The last PANA-Auth-Request with 'C' (Complete) bit set before completion of the initial PANA-Auth-Request and PANA-Auth-Answer exchange with 'S' (Start) bit set. + The initial PANA-Auth-Request with 'S' (Start) bit set after a PaC receives a valid non-initial PANA-Auth-Request with 'S' (Start) bit cleared. + PANA-Termination-Request. " Yoshihiro Ohba _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana From xcourageous@mail2tycoon.com Thu Jul 19 13:00:42 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IBZMo-0003BJ-TL for pana-archive@lists.ietf.org; Thu, 19 Jul 2007 13:00:42 -0400 Received: from c-71-224-131-162.hsd1.nj.comcast.net ([71.224.131.162]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1IBZMo-0006An-Ca for pana-archive@lists.ietf.org; Thu, 19 Jul 2007 13:00:42 -0400 Message-ID: <001001c7ca04$d07f6bc0$06d86f5c@pgburgess> From: "Thelma Akers" To: "pana-archive" Subject: Fw: Thank you, we are ready to lend you money regardless of Credit Date: Thu, 19 Jul 2007 12:57:14 -0400 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000D_01C7CA04.D07F6BC0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.2969 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2720.3000 X-Spam-Score: 3.5 (+++) X-Scan-Signature: 82c9bddb247d9ba4471160a9a865a5f3 ------=_NextPart_000_000D_01C7CA04.D07F6BC0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: quoted-printable Your your credit report doesn't matter to us! If you have your own business and require IMMEDIATE money to spend ANY = way you like or want Extra money to give the business a boost or = require A low interest loan - NO STRINGS ATTACHED, here is best deal we = can offer you THIS NIGHT (hurry, this tender will expire NOW): $59,000+ loan Hurry, when best deal is gone, it is gone. Simply Call Us... Do not worry about approval, your credit score will not disqualify you! Call Us Free on 877-542-1880 ------=_NextPart_000_000D_01C7CA04.D07F6BC0 Content-Type: text/html; charset="windows-1251" Content-Transfer-Encoding: quoted-printable

Your credit doesn't = matter to us!

If you have your own = business and need IMMEDIATE money to spend ANY way you like or require = Extra money to give your company a boost or need A low interest loan - = NO STRINGS ATTACHED, here is our deal we can offer you THIS NIGHT = (hurry, this deal will expire TONIGHT):

$21,000+ = loan

Hurry, when best deal = is gone, it is gone. Simply Call Us...

Do not worry about = approval, your your credit report will not disqualify you!

Call Us Free on = 877-542-1880

------=_NextPart_000_000D_01C7CA04.D07F6BC0-- From ClydeyoghurtBradley@maef.org Sat Jul 28 15:37:28 2007 Return-path: Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IEs6R-0003pw-UW for pana-archive@lists.ietf.org; Sat, 28 Jul 2007 15:37:27 -0400 Received: from cpe-24-58-143-187.twcny.res.rr.com ([24.58.143.187] helo=Kristi.twcny.rr.com) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1IEs6R-0005gV-CP for pana-archive@lists.ietf.org; Sat, 28 Jul 2007 15:37:27 -0400 Message-ID: From: "Gilbert Austin" To: Subject: Fw: Thank you, we accepted your application Date: Sat, 28 Jul 2007 15:36:33 +0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_B798_01C7D14E.B8DF6190" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Score: 3.9 (+++) X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17 This is a multi-part message in MIME format. ------=_NextPart_000_B798_01C7D14E.B8DF6190 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Your credit history doesn't matter to us! If your family OWN property and want IMMEDIATE pin money to spend ANY = way you like, or simply need to LOWER your current payments by a third = or more, here is best deal we can offer you NOW (hurry, this lot will = expire TODAY): $277,000+ debt AND EVEN MORE: After further review, our lenders have established the = lowest payments! Hurry, when best deal is gone, it is gone. Simply complete this = user-friendly form... Do not worry about approval, your credit score will not disqualify you! http://wacheseeasy.com/ ------=_NextPart_000_B798_01C7D14E.B8DF6190 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable =20

Your credit history doesn't matter = to=20 us!

=20

If your family OWN property and want = IMMEDIATE=20 pin money to spend ANY way you like, or simply need to LOWER your = current=20 payments by a third or more, here is best deal we can offer you NOW = (hurry,=20 this lot will expire TODAY):

=20

$277,000+ debt

AND EVEN MORE: After further review, = our lenders=20 have established the lowest payments!

=20

Hurry, when best deal is gone, it = is gone.=20 Simply complete this user-friendly form...

=20

Do not worry about approval, your = credit score=20 will not disqualify you!

=20

http://wacheseeasy.com/

------=_NextPart_000_B798_01C7D14E.B8DF6190-- From pana-bounces@ietf.org Mon Jul 30 16:59:14 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IFcKf-0004Ew-VY; Mon, 30 Jul 2007 16:59:13 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IFcKf-0004Er-1o for pana@ietf.org; Mon, 30 Jul 2007 16:59:13 -0400 Received: from mout.perfora.net ([74.208.4.195]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IFcKd-0000oi-M5 for pana@ietf.org; Mon, 30 Jul 2007 16:59:13 -0400 Received: from [88.234.220.192] (helo=IBM52A5038A94F) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis), id 0MKpCa-1IFcKX3Ih1-0006Z3; Mon, 30 Jul 2007 16:59:10 -0400 From: "Alper Yegin" To: Date: Mon, 30 Jul 2007 23:59:02 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-index: AcfS7HVnYBQ2z0owQDyrByNz+16eDQ== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 Message-ID: <0MKpCa-1IFcKX3Ih1-0006Z3@mrelay.perfora.net> X-Provags-ID: V01U2FsdGVkX19ay91aWD5w50wnxDWeR5391jxG8SXj3EGfO3J keLKXLgivsDe4xtcXmHL/i+09GF+u+1+OMhW2bWkCQ1ewjK3UJ KlYZ5MI8FOQZ0F3Ej/jfQ== X-Spam-Score: -0.0 (/) X-Scan-Signature: de4f315c9369b71d7dd5909b42224370 Cc: 'ext Mark Townsley' , 'Jari Arkko' Subject: [Pana] IESG comment resolution X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: pana-bounces@ietf.org Please see the revised versions of PANA Framework and Protocol Specification documents at: http://www.panasec.org/docs/editing/pana-spec.html The revisions address all of the issues/comments brought up during the IESG review. Please do a sanity check on the changed text and let us know if there are any problems. Comments are welcome until the end of Aug 3rd. Thanks. Alper _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana