From sharon.boeyen@entrust.com Tue Mar 5 12:18:51 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC3B411E8120 for ; Tue, 5 Mar 2013 12:18:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i4cwAP5Pyz0Q for ; Tue, 5 Mar 2013 12:18:51 -0800 (PST) Received: from ipedge2.entrust.com (ipedge2.entrust.com [216.191.252.25]) by ietfa.amsl.com (Postfix) with ESMTP id 369CC11E811A for ; Tue, 5 Mar 2013 12:18:51 -0800 (PST) X-IronPort-AV: E=Sophos;i="4.84,790,1355115600"; d="scan'208,217";a="3807808" Received: from unknown (HELO sottexchcas1.corp.ad.entrust.com) ([10.4.51.93]) by ipedge2.entrust.com with ESMTP; 05 Mar 2013 15:18:50 -0500 Received: from SOTTEXCH10.corp.ad.entrust.com ([fe80::389b:f45b:7ea1:79b7]) by sottexchcas1.corp.ad.entrust.com ([::1]) with mapi id 14.02.0342.003; Tue, 5 Mar 2013 15:18:50 -0500 From: Sharon Boeyen To: "wpkops WG (wpkops@ietf.org)" Thread-Topic: wpkops agenda topics Thread-Index: Ac4Z3qWlUsdqoIb+QZi2k8bQESzS9w== Date: Tue, 5 Mar 2013 20:18:49 +0000 Message-ID: <65DA4BEA501AFC409DF274CC71ED01A5772C6701@SOTTEXCH10.corp.ad.entrust.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.4.161.55] Content-Type: multipart/alternative; boundary="_000_65DA4BEA501AFC409DF274CC71ED01A5772C6701SOTTEXCH10corpa_" MIME-Version: 1.0 Subject: [wpkops] wpkops agenda topics X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Mar 2013 20:18:52 -0000 --_000_65DA4BEA501AFC409DF274CC71ED01A5772C6701SOTTEXCH10corpa_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Please let me know if you would like to add an agenda topic for next week's= wpkops meeting. Thank you, Cheers, Sharon Boeyen --_000_65DA4BEA501AFC409DF274CC71ED01A5772C6701SOTTEXCH10corpa_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Please let me know if you would like to add an agend= a topic for next week’s wpkops meeting.

Thank you,

Cheers,

Sharon Boeyen

--_000_65DA4BEA501AFC409DF274CC71ED01A5772C6701SOTTEXCH10corpa_-- From hallam@gmail.com Tue Mar 5 12:20:39 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 326CD11E8112 for ; Tue, 5 Mar 2013 12:20:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Atg8BOaOpCyC for ; Tue, 5 Mar 2013 12:20:38 -0800 (PST) Received: from mail-we0-x232.google.com (mail-we0-x232.google.com [IPv6:2a00:1450:400c:c03::232]) by ietfa.amsl.com (Postfix) with ESMTP id 5F9591F0D18 for ; Tue, 5 Mar 2013 12:20:38 -0800 (PST) Received: by mail-we0-f178.google.com with SMTP id u7so5543921wey.37 for ; Tue, 05 Mar 2013 12:20:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding; bh=AblVUymFPNTC1qyswv2Xr8bZg3oCKpUCx/tHm8zabzg=; b=pwrCDgQ/vfIzFymBTGQPEez9VynoIxUOkBNAkcZQnufyExUT1UBb3C7hGFV09S7BBw eKuLSfQV4xVNsDChXxkd8m2G5VwS6dVeE0zsGVkbKAyrKeeGi5DzjO/RQhxguB1MnigF L/xtdDUBhQ2X06yHVdp455Vh/WsC4coP/fb5Y+FsPc0I8fcZW28hSV/i2up8VP2Gp/Ex DUaSrMlLHfnnicxhcKPnMuc5B6GX1Zv4MDGehhWoruyPTFJrbSEiBCeLn0Vlq3G8vkpu 29YJiROQekxYjDoumPOeH4VLE6OinDThr2SfywFKY0oKQOPJZyeNoWtUMHGvcFx7jUdo p9gg== MIME-Version: 1.0 X-Received: by 10.180.94.69 with SMTP id da5mr21450624wib.30.1362514837284; Tue, 05 Mar 2013 12:20:37 -0800 (PST) Received: by 10.194.11.71 with HTTP; Tue, 5 Mar 2013 12:20:37 -0800 (PST) In-Reply-To: <65DA4BEA501AFC409DF274CC71ED01A5772C6701@SOTTEXCH10.corp.ad.entrust.com> References: <65DA4BEA501AFC409DF274CC71ED01A5772C6701@SOTTEXCH10.corp.ad.entrust.com> Date: Tue, 5 Mar 2013 15:20:37 -0500 Message-ID: From: Phillip Hallam-Baker To: Sharon Boeyen Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Cc: "wpkops WG $wpkops@ietf.org$" Subject: Re: [wpkops] wpkops agenda topics X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Mar 2013 20:20:39 -0000 There is the revocation draft thingie we are planning to work on (maybe). On Tue, Mar 5, 2013 at 3:18 PM, Sharon Boeyen w= rote: > Please let me know if you would like to add an agenda topic for next week= =92s > wpkops meeting. > > > > Thank you, > > Cheers, > > Sharon Boeyen > > > _______________________________________________ > wpkops mailing list > wpkops@ietf.org > https://www.ietf.org/mailman/listinfo/wpkops > --=20 Website: http://hallambaker.com/ From paul.hoffman@vpnc.org Tue Mar 5 17:52:08 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD9BB11E80F1 for ; Tue, 5 Mar 2013 17:52:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TzrQoiKWRSOK for ; Tue, 5 Mar 2013 17:52:08 -0800 (PST) Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id 4DF2611E80EC for ; Tue, 5 Mar 2013 17:52:08 -0800 (PST) Received: from [10.20.30.90] (50-1-98-12.dsl.dynamic.sonic.net [50.1.98.12]) (authenticated bits=0) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id r261q4pZ020361 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 5 Mar 2013 18:52:05 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 6.2 $1499$) From: Paul Hoffman In-Reply-To: <65DA4BEA501AFC409DF274CC71ED01A5772C6701@SOTTEXCH10.corp.ad.entrust.com> Date: Tue, 5 Mar 2013 17:52:04 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: <43F2F286-C217-4830-952B-5B46230D1C34@vpnc.org> References: <65DA4BEA501AFC409DF274CC71ED01A5772C6701@SOTTEXCH10.corp.ad.entrust.com> To: Sharon Boeyen X-Mailer: Apple Mail (2.1499) Cc: "wpkops WG $wpkops@ietf.org$" Subject: Re: [wpkops] wpkops agenda topics X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Mar 2013 01:52:08 -0000 On Mar 5, 2013, at 12:18 PM, Sharon Boeyen = wrote: > Please let me know if you would like to add an agenda topic for next = week=92s wpkops meeting. Please see my earlier message about Adam Langley and I volunteering to = edit the "TLS stack" document. We could give a brief presentation on = what we think the topics will be so that the WG can start thinking about = what to contribute. --Paul Hoffman From ben@digicert.com Wed Mar 6 07:28:04 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E945E21F8C3E for ; Wed, 6 Mar 2013 07:28:04 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.739 X-Spam-Level: X-Spam-Status: No, score=-4.739 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zhT1bdtTHtTQ for ; Wed, 6 Mar 2013 07:28:04 -0800 (PST) Received: from mail.digicert.com (mail.digicert.com [64.78.193.232]) by ietfa.amsl.com (Postfix) with ESMTP id E959C21F8C3D for ; Wed, 6 Mar 2013 07:28:03 -0800 (PST) Received: from BWILSONL1 (unknown [64.78.193.228]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.digicert.com (Postfix) with ESMTPSA id 803098FA975; Wed, 6 Mar 2013 08:28:03 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digicert.com; s=mail; t=1362583683; bh=md28GALP9gqwOm6eKlPGQfpLYNIIHmjDbdPE866zXKA=; h=Reply-To:From:To:Cc:References:In-Reply-To:Subject:Date; b=PAcYXkRaH/7kPm7yUo+nrYuJi5QawXzZxuo8JzRoO3hAFYev9/TEPQqKZeEz2pr/q TyhlJ+Vzxnr/GAeY391B5yyczHxgNRNjEYlYKI0I5uC3iWf0sYqeDRFiL1uL+xyJOY 0jK1KiL5MynW8Rqor3bEGw1TL6dzzgXWA5wvJKvQ= From: "Ben Wilson" To: "'Sharon Boeyen'" , "'wpkops WG'" References: <65DA4BEA501AFC409DF274CC71ED01A5772C6701@SOTTEXCH10.corp.ad.entrust.com> In-Reply-To: <65DA4BEA501AFC409DF274CC71ED01A5772C6701@SOTTEXCH10.corp.ad.entrust.com> Date: Wed, 6 Mar 2013 08:28:02 -0700 Organization: DigiCert Message-ID: <006101ce1a7f$315e3770$941aa650$@digicert.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0062_01CE1A44.84FFD4A0" X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQKZhdbC05rilE2Wpk5VZ9VzQz/Hq5cB8XhA Content-Language: en-us Cc: robin@comodo.com, Phillip Hallam-Baker , 'Jeremy Rowley' Subject: Re: [wpkops] wpkops agenda topics X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ben@digicert.com List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Mar 2013 15:28:05 -0000 This is a multipart message in MIME format. ------=_NextPart_000_0062_01CE1A44.84FFD4A0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sharon, Jeremy Rowley and I from DigiCert will be working on documenting the certificate processing behavior of user agents, along with Robin Alden and Phill Hallam-Baker of Comodo. Jeremy will be in attendance and able to participate in the discussion. Thanks, Ben From: wpkops-bounces@ietf.org [mailto:wpkops-bounces@ietf.org] On Behalf Of Sharon Boeyen Sent: Tuesday, March 05, 2013 1:19 PM To: wpkops WG (wpkops@ietf.org) Subject: [wpkops] wpkops agenda topics Please let me know if you would like to add an agenda topic for next week's wpkops meeting. Thank you, Cheers, Sharon Boeyen ------=_NextPart_000_0062_01CE1A44.84FFD4A0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Sharon,

Jeremy Rowley and I from = DigiCert will be working on documenting the certificate processing = behavior of user agents, along with Robin Alden and Phill Hallam-Baker = of Comodo. Jeremy will be in attendance and able to participate in = the discussion.

Thanks,

Ben

From:= = wpkops-bounces@ietf.org [mailto:wpkops-bounces@ietf.org] On Behalf Of = Sharon Boeyen
Sent: Tuesday, March 05, 2013 1:19 = PM
To: wpkops WG (wpkops@ietf.org)
Subject: [wpkops] = wpkops agenda topics

Please let = me know if you would like to add an agenda topic for next week’s = wpkops meeting.

Thank = you,

Cheers,

Sharon Boeyen

------=_NextPart_000_0062_01CE1A44.84FFD4A0-- From sharon.boeyen@entrust.com Mon Mar 11 05:43:19 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89EF521F8815 for ; Mon, 11 Mar 2013 05:43:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0G62Rq6ca-uD for ; Mon, 11 Mar 2013 05:43:18 -0700 (PDT) Received: from ipedge1.entrust.com (ipedge1.entrust.com [216.191.252.10]) by ietfa.amsl.com (Postfix) with ESMTP id 76A1D21F8806 for ; Mon, 11 Mar 2013 05:43:17 -0700 (PDT) X-IronPort-AV: E=Sophos;i="4.84,822,1355115600"; d="scan'208,217";a="8150892" Received: from unknown (HELO sottexchcas1.corp.ad.entrust.com) ([10.4.51.93]) by ipedge1.entrust.com with ESMTP; 11 Mar 2013 08:43:16 -0400 Received: from SOTTEXCH10.corp.ad.entrust.com ([fe80::389b:f45b:7ea1:79b7]) by sottexchcas1.corp.ad.entrust.com ([::1]) with mapi id 14.02.0342.003; Mon, 11 Mar 2013 08:43:16 -0400 From: Sharon Boeyen To: "wpkops WG (wpkops@ietf.org)" Thread-Topic: Meeting Agenda posted Thread-Index: Ac4eVf/2BsYS84/iSOieLIdNhRw7wA== Date: Mon, 11 Mar 2013 12:43:15 +0000 Message-ID: <65DA4BEA501AFC409DF274CC71ED01A5772CABB1@SOTTEXCH10.corp.ad.entrust.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.4.161.55] Content-Type: multipart/alternative; boundary="_000_65DA4BEA501AFC409DF274CC71ED01A5772CABB1SOTTEXCH10corpa_" MIME-Version: 1.0 Subject: [wpkops] Meeting Agenda posted X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Mar 2013 12:43:19 -0000 --_000_65DA4BEA501AFC409DF274CC71ED01A5772CABB1SOTTEXCH10corpa_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable The agenda for Thursday's meeting, along with some of the presentation mate= rials, has just been posted. https://datatracker.ietf.org/meeting/86/materials.html Cheers, Sharon --_000_65DA4BEA501AFC409DF274CC71ED01A5772CABB1SOTTEXCH10corpa_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

The agenda for Thursday’s meeting, along with = some of the presentation materials, has just been posted.

https://datatracker.ietf.org/meeting/86/materials.html

Cheers,

Sharon

--_000_65DA4BEA501AFC409DF274CC71ED01A5772CABB1SOTTEXCH10corpa_-- From sharon.boeyen@entrust.com Tue Mar 12 10:16:19 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54ADC11E80F9 for ; Tue, 12 Mar 2013 10:16:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YKnTpdD-hRgV for ; Tue, 12 Mar 2013 10:16:18 -0700 (PDT) Received: from ipedge1.entrust.com (ipedge1.entrust.com [216.191.252.10]) by ietfa.amsl.com (Postfix) with ESMTP id DF6B011E80FA for ; Tue, 12 Mar 2013 10:16:17 -0700 (PDT) X-IronPort-AV: E=Sophos;i="4.84,832,1355115600"; d="scan'208,217";a="8174855" Received: from unknown (HELO SOTTEXCHCAS2.corp.ad.entrust.com) ([10.4.51.224]) by ipedge1.entrust.com with ESMTP; 12 Mar 2013 13:16:17 -0400 Received: from SOTTEXCH10.corp.ad.entrust.com ([fe80::389b:f45b:7ea1:79b7]) by SOTTEXCHCAS2.corp.ad.entrust.com ([::1]) with mapi id 14.02.0342.003; Tue, 12 Mar 2013 13:16:17 -0400 From: Sharon Boeyen To: "wpkops WG (wpkops@ietf.org)" Thread-Topic: Volunteers needed for jabber scribe and minute taker Thread-Index: Ac4fRUtPWKLcd+eaQ/igGrDQzwVPaw== Date: Tue, 12 Mar 2013 17:16:16 +0000 Message-ID: <65DA4BEA501AFC409DF274CC71ED01A5772CC56E@SOTTEXCH10.corp.ad.entrust.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.4.24.253] Content-Type: multipart/alternative; boundary="_000_65DA4BEA501AFC409DF274CC71ED01A5772CC56ESOTTEXCH10corpa_" MIME-Version: 1.0 Subject: [wpkops] Volunteers needed for jabber scribe and minute taker X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Mar 2013 17:16:19 -0000 --_000_65DA4BEA501AFC409DF274CC71ED01A5772CC56ESOTTEXCH10corpa_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable If anyone is willing to volunteer to be the jabber scribe or the minute tak= er for the wpkops WG meeting on Thursday, please let me know. If we can get= volunteers ahead of time this will save some time at the beginning of the = meeting. Thanks Cheers, Sharon --_000_65DA4BEA501AFC409DF274CC71ED01A5772CC56ESOTTEXCH10corpa_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

If anyone is willing to volunteer to be the jabber s= cribe or the minute taker for the wpkops WG meeting on Thursday, please let= me know. If we can get volunteers ahead of time this will save some time a= t the beginning of the meeting.

Thanks

Cheers,

Sharon

--_000_65DA4BEA501AFC409DF274CC71ED01A5772CC56ESOTTEXCH10corpa_-- From sharon.boeyen@entrust.com Wed Mar 13 05:53:37 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6E5521F8CCF for ; Wed, 13 Mar 2013 05:53:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SQZjOkT7fgtJ for ; Wed, 13 Mar 2013 05:53:37 -0700 (PDT) Received: from ipedge1.entrust.com (ipedge1.entrust.com [216.191.252.10]) by ietfa.amsl.com (Postfix) with ESMTP id E1EB921F8CBB for ; Wed, 13 Mar 2013 05:53:36 -0700 (PDT) X-IronPort-AV: E=Sophos;i="4.84,836,1355115600"; d="scan'208,217";a="8184616" Received: from unknown (HELO sottexchcas1.corp.ad.entrust.com) ([10.4.51.93]) by ipedge1.entrust.com with ESMTP; 13 Mar 2013 08:53:36 -0400 Received: from SOTTEXCH10.corp.ad.entrust.com ([fe80::389b:f45b:7ea1:79b7]) by sottexchcas1.corp.ad.entrust.com ([::1]) with mapi id 14.02.0342.003; Wed, 13 Mar 2013 08:53:36 -0400 From: Sharon Boeyen To: "wpkops WG (wpkops@ietf.org)" Thread-Topic: Still need a minute taker Thread-Index: Ac4f6cWG3Y6cleAuT3S0X3iBEYdovg== Date: Wed, 13 Mar 2013 12:53:35 +0000 Message-ID: <65DA4BEA501AFC409DF274CC71ED01A5772CD7FE@SOTTEXCH10.corp.ad.entrust.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.4.25.3] Content-Type: multipart/alternative; boundary="_000_65DA4BEA501AFC409DF274CC71ED01A5772CD7FESOTTEXCH10corpa_" MIME-Version: 1.0 Subject: [wpkops] Still need a minute taker X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 12:53:37 -0000 --_000_65DA4BEA501AFC409DF274CC71ED01A5772CD7FESOTTEXCH10corpa_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable We have a jabber scribe for tomorrow's meeting but still need a minute take= r. Come on folks....... --_000_65DA4BEA501AFC409DF274CC71ED01A5772CD7FESOTTEXCH10corpa_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

We have a jabber scrib= e for tomorrow’s meeting but still need a minute taker. Come on folks= …….

--_000_65DA4BEA501AFC409DF274CC71ED01A5772CD7FESOTTEXCH10corpa_-- From bruce.morton@entrust.com Wed Mar 13 09:08:06 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E83721F8DF2 for ; Wed, 13 Mar 2013 09:08:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aO7CcouZvWbX for ; Wed, 13 Mar 2013 09:08:04 -0700 (PDT) Received: from ipedge2.entrust.com (ipedge2.entrust.com [216.191.252.25]) by ietfa.amsl.com (Postfix) with ESMTP id 0EDEC21F86D9 for ; Wed, 13 Mar 2013 09:08:03 -0700 (PDT) X-IronPort-AV: E=Sophos;i="4.84,837,1355115600"; d="txt'?scan'208,217";a="4392041" Received: from unknown (HELO sottexchcas1.corp.ad.entrust.com) ([10.4.51.93]) by ipedge2.entrust.com with ESMTP; 13 Mar 2013 12:08:03 -0400 Received: from SOTTEXCH10.corp.ad.entrust.com ([fe80::389b:f45b:7ea1:79b7]) by sottexchcas1.corp.ad.entrust.com ([::1]) with mapi id 14.02.0342.003; Wed, 13 Mar 2013 12:08:03 -0400 From: Bruce Morton To: "wpkops WG (wpkops@ietf.org)" Thread-Topic: Web PKI - Trust Models Thread-Index: Ac4gBOn6F83Ct/OwRJmp3mD11VyDNg== Date: Wed, 13 Mar 2013 16:08:02 +0000 Message-ID: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> Accept-Language: en-CA, en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [10.4.24.236] Content-Type: multipart/mixed; boundary="_004_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_" MIME-Version: 1.0 Subject: [wpkops] Web PKI - Trust Models X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 16:08:06 -0000 --_004_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_ Content-Type: multipart/alternative; boundary="_000_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_" --_000_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Please find attached a draft of the Web PKI Trust Models document. I plan to review the document in the meeting tomorrow. I=F1igo and I would = appreciate any comments on the document plan and the content. Thanks, Bruce Morton +1 613.270.3743 --_000_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Please find attached a draft of the Web PKI Trust Mo= dels document.

I plan to review the document in the meeting tomorro= w. I=F1igo and I would appreciate any comments on the document plan and the= content.

Thanks,

Bruce Morton

+1 613.270.3743

--_000_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_-- --_004_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_ Content-Type: text/plain; name="draft-barreira-webpki-trustmodel-02-03.txt" Content-Description: draft-barreira-webpki-trustmodel-02-03.txt Content-Disposition: attachment; filename="draft-barreira-webpki-trustmodel-02-03.txt"; size=17670; creation-date="Tue, 12 Mar 2013 18:31:46 GMT"; modification-date="Tue, 12 Mar 2013 18:31:46 GMT" Content-Transfer-Encoding: base64 DQoNCg0KSW50ZXJuZXQgRW5naW5lZXJpbmcgVGFzayBGb3JjZSAgICAgICAgICAgICAgICAgICAg ICAgICBJLiBCYXJyZWlyYSwgRWQuDQpJbnRlcm5ldC1EcmFmdCAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBJemVucGUNCkludGVuZGVkIHN0YXR1czog QkNQICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBCLiBNb3J0b24sIEVkLg0K RXhwaXJlczogTWF5IDQsIDIwMTMgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBFbnRydXN0DQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgIE9jdG9iZXIgMzEsIDIwMTINCg0KDQogICAgICAgICAgICAgICAgICAg ICAgVHJ1c3QgbW9kZWxzIG9mIHRoZSBXZWIgUEtJDQogICAgICAgICAgICAgICAgICAgICAgIGRy YWZ0LXdlYnBraS10cnVzdG1vZGVsLTAwDQoNCkFic3RyYWN0DQoNCiAgIFRoaXMgaXMgb25lIG9m IGEgc2V0IG9mIGRyYWZ0cyB0aGF0IGRvY3VtZW50IHRoZSBvcGVyYXRpb24gb2YgdGhlIFdlYg0K ICAgUEtJLiAgSXQgZGVzY3JpYmVzIGNvbW1vbiB2YXJpYW50cyBvZiB0aGUgV2ViIFBLSSB0cnVz dCBtb2RlbA0KDQpTdGF0dXMgb2YgdGhpcyBNZW1vDQoNCiAgIFRoaXMgSW50ZXJuZXQtRHJhZnQg aXMgc3VibWl0dGVkIGluIGZ1bGwgY29uZm9ybWFuY2Ugd2l0aCB0aGUNCiAgIHByb3Zpc2lvbnMg b2YgQkNQIDc4IGFuZCBCQ1AgNzkuDQoNCiAgIEludGVybmV0LURyYWZ0cyBhcmUgd29ya2luZyBk b2N1bWVudHMgb2YgdGhlIEludGVybmV0IEVuZ2luZWVyaW5nDQogICBUYXNrIEZvcmNlIChJRVRG KS4gIE5vdGUgdGhhdCBvdGhlciBncm91cHMgbWF5IGFsc28gZGlzdHJpYnV0ZQ0KICAgd29ya2lu ZyBkb2N1bWVudHMgYXMgSW50ZXJuZXQtRHJhZnRzLiAgVGhlIGxpc3Qgb2YgY3VycmVudCBJbnRl cm5ldC0NCiAgIERyYWZ0cyBpcyBhdCBodHRwOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZHJhZnRz L2N1cnJlbnQvLg0KDQogICBJbnRlcm5ldC1EcmFmdHMgYXJlIGRyYWZ0IGRvY3VtZW50cyB2YWxp ZCBmb3IgYSBtYXhpbXVtIG9mIHNpeCBtb250aHMNCiAgIGFuZCBtYXkgYmUgdXBkYXRlZCwgcmVw bGFjZWQsIG9yIG9ic29sZXRlZCBieSBvdGhlciBkb2N1bWVudHMgYXQgYW55DQogICB0aW1lLiAg SXQgaXMgaW5hcHByb3ByaWF0ZSB0byB1c2UgSW50ZXJuZXQtRHJhZnRzIGFzIHJlZmVyZW5jZQ0K ICAgbWF0ZXJpYWwgb3IgdG8gY2l0ZSB0aGVtIG90aGVyIHRoYW4gYXMgIndvcmsgaW4gcHJvZ3Jl c3MuIg0KDQogICBUaGlzIEludGVybmV0LURyYWZ0IHdpbGwgZXhwaXJlIG9uIE1heSA0LCAyMDEz Lg0KDQpDb3B5cmlnaHQgTm90aWNlDQoNCiAgIENvcHlyaWdodCAoYykgMjAxMiBJRVRGIFRydXN0 IGFuZCB0aGUgcGVyc29ucyBpZGVudGlmaWVkIGFzIHRoZQ0KICAgZG9jdW1lbnQgYXV0aG9ycy4g IEFsbCByaWdodHMgcmVzZXJ2ZWQuDQoNCiAgIFRoaXMgZG9jdW1lbnQgaXMgc3ViamVjdCB0byBC Q1AgNzggYW5kIHRoZSBJRVRGIFRydXN0J3MgTGVnYWwNCiAgIFByb3Zpc2lvbnMgUmVsYXRpbmcg dG8gSUVURiBEb2N1bWVudHMNCiAgIChodHRwOi8vdHJ1c3RlZS5pZXRmLm9yZy9saWNlbnNlLWlu Zm8pIGluIGVmZmVjdCBvbiB0aGUgZGF0ZSBvZg0KICAgcHVibGljYXRpb24gb2YgdGhpcyBkb2N1 bWVudC4gIFBsZWFzZSByZXZpZXcgdGhlc2UgZG9jdW1lbnRzDQogICBjYXJlZnVsbHksIGFzIHRo ZXkgZGVzY3JpYmUgeW91ciByaWdodHMgYW5kIHJlc3RyaWN0aW9ucyB3aXRoIHJlc3BlY3QNCiAg IHRvIHRoaXMgZG9jdW1lbnQuICBDb2RlIENvbXBvbmVudHMgZXh0cmFjdGVkIGZyb20gdGhpcyBk b2N1bWVudCBtdXN0DQogICBpbmNsdWRlIFNpbXBsaWZpZWQgQlNEIExpY2Vuc2UgdGV4dCBhcyBk ZXNjcmliZWQgaW4gU2VjdGlvbiA0LmUgb2YNCiAgIHRoZSBUcnVzdCBMZWdhbCBQcm92aXNpb25z IGFuZCBhcmUgcHJvdmlkZWQgd2l0aG91dCB3YXJyYW50eSBhcw0KICAgZGVzY3JpYmVkIGluIHRo ZSBTaW1wbGlmaWVkIEJTRCBMaWNlbnNlLg0KDQoNCg0KDQoNCkJhcnJlaXJhICYgTW9ydG9uICAg ICAgICAgIEV4cGlyZXMgTWF5IDQsIDIwMTMgICAgICAgICAgICAgICAgICBbUGFnZSAxXQ0KDA0K SW50ZXJuZXQtRHJhZnQgICAgICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAg ICAgT2N0b2JlciAyMDEyDQoNCg0KVGFibGUgb2YgQ29udGVudHMNCg0KICAgMS4gIEludHJvZHVj dGlvbiAgLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAz DQogICAgIDEuMS4gIFJlcXVpcmVtZW50cyBMYW5ndWFnZSAuIC4gLiAuIC4gLiAuIC4gLiAuIC4g LiAuIC4gLiAuIC4gLiAuIDMNCiAgICAgMS4yLiAgRGVmaW5pdGlvbnMgLiAuIC4gLiAuIC4gLiAu IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gMw0KICAgMi4gIEJhc2ljIHRydXN0IG1v ZGVsIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiA1DQogICAz LiAgVHJ1c3QgbW9kZWwgdmFyaWFudHMgIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4g LiAuIC4gLiAuIDUNCiAgICAgMy4xLiAgQ2VydGlmaWNhdGUtdXNpbmcgcHJvZHVjdCBhZG9wdHMg cm9vdCBzdG9yZSAuIC4gLiAuIC4gLiAuIC4gNQ0KICAgICAzLjIuICBDZXJ0aWZpY2F0ZS11c2lu ZyBwcm9kdWN0IHVzZXMgT1Mgcm9vdCBzdG9yZSAgLiAuIC4gLiAuIC4gLiA1DQogICAgIDMuMy4g IENlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3QgdXNlcyBUcnVzdCBTZXJ2aWNlIFN0YXR1cw0KICAg ICAgICAgICBMaXN0IElzc3VlZCBieSBSZWNvZ25pc2VkIEF1dGhvcml0aWVzIC4gLiAuIC4gLiAu IC4gLiAuIC4gLiA1DQogICAgIDMuNC4gIENlcnRpZmljYXRlIGhvbGRlciBjZXJ0aWZpY2F0ZXMg aXNzdWVkIGJ5IHJvb3QgQ0EgLiAuIC4gLiAuIDYNCiAgICAgMy41LiAgT25lIHJvb3QgQ0EgY3Jv c3MtY2VydGlmaWVzIGFub3RoZXIgcm9vdCBDQSAuIC4gLiAuIC4gLiAuIC4gNg0KICAgICAzLjYu ICBJc3N1aW5nIENBIGlzIGFuIGFmZmlsaWF0ZSAgLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAu IC4gLiA2DQogICAgIDMuNy4gIFJlZ2lzdHJhdGlvbiBhdXRob3JpdHkgaXMgYW4gYWZmaWxpYXRl ICAuIC4gLiAuIC4gLiAuIC4gLiAuIDYNCiAgICAgMy44LiAgUm9vdCBDQSBpcyBvcGVyYXRlZCBi eSBhIGdvdmVybm1lbnQgLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gNw0KICAgICAzLjkuICBDZXJ0 aWZpY2F0ZSB1c2VyIGRpcmVjdGx5IHRydXN0cyBpc3N1aW5nIENBIGtleSAuIC4gLiAuIC4gLiA3 DQogICAgIDMuMTAuIENlcnRpZmljYXRlIHVzZXIgZGlyZWN0bHkgdHJ1c3RzIGNlcnRpZmljYXRl IGhvbGRlciBrZXkgLiAuIDcNCiAgICAgMy4xMS4gQ2VydGlmaWNhdGUgaG9sZGVyIG9wZXJhdGVz IGlzc3VpbmcgQ0EgIC4gLiAuIC4gLiAuIC4gLiAuIC4gNw0KICAgICAzLjEyLiBDZXJ0aWZpY2F0 ZSBob2xkZXIgc291cmNlcyBtYW5hZ2VtZW50IG9mIGlzc3VpbmcgQ0EgLiAuIC4gLiA3DQogICAg IDMuMTMuIENlcnRpZmljYXRlIGhvbGRlciBtYW5hZ2VzIFJBIC4gLiAuIC4gLiAuIC4gLiAuIC4g LiAuIC4gLiAuIDcNCiAgIDQuICBJQU5BIENvbnNpZGVyYXRpb25zIC4gLiAuIC4gLiAuIC4gLiAu IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gOA0KICAgNS4gIFNlY3VyaXR5IENvbnNpZGVyYXRp b25zIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiA4DQogICA2LiAgTm9y bWF0aXZlIFJlZmVyZW5jZXMgIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4g LiAuIDgNCiAgIEF1dGhvcnMnIEFkZHJlc3NlcyAgLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAu IC4gLiAuIC4gLiAuIC4gLiAuIC4gOQ0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoN Cg0KDQoNCg0KDQoNCg0KDQoNCkJhcnJlaXJhICYgTW9ydG9uICAgICAgICAgIEV4cGlyZXMgTWF5 IDQsIDIwMTMgICAgICAgICAgICAgICAgICBbUGFnZSAyXQ0KDA0KSW50ZXJuZXQtRHJhZnQgICAg ICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAgICAgT2N0b2JlciAyMDEyDQoN Cg0KMS4gIEludHJvZHVjdGlvbg0KDQoxLjEuICBSZXF1aXJlbWVudHMgTGFuZ3VhZ2UNCg0KICAg VGhlIGtleSB3b3JkcyAiTVVTVCIsICJNVVNUIE5PVCIsICJSRVFVSVJFRCIsICJTSEFMTCIsICJT SEFMTCBOT1QiLA0KICAgIlNIT1VMRCIsICJTSE9VTEQgTk9UIiwgIlJFQ09NTUVOREVEIiwgIk1B WSIsIGFuZCAiT1BUSU9OQUwiIGluIHRoaXMNCiAgIGRvY3VtZW50IGFyZSB0byBiZSBpbnRlcnBy ZXRlZCBhcyBkZXNjcmliZWQgaW4gUkZDIDIxMTkgW1JGQzIxMTldLg0KDQoxLjIuICBEZWZpbml0 aW9ucw0KDQogICAgICBDZXJ0aWZpY2F0ZTogVGhlIHB1YmxpYyBrZXkgb2YgYSB1c2VyLCB0b2dl dGhlciB3aXRoIHNvbWUgb3RoZXINCiAgICAgIGluZm9ybWF0aW9uLCByZW5kZXJlZCB1bmZvcmdl YWJsZSBieSBlbmNpcGhlcm1lbnQgd2l0aCB0aGUgcHJpdmF0ZQ0KICAgICAga2V5IG9mIHRoZSBj ZXJ0aWZpY2F0aW9uIGF1dGhvcml0eSB3aGljaCBpc3N1ZWQgaXQuDQoNCiAgICAgIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5IChDQSkgLSBBdXRob3JpdHkgdHJ1c3RlZCBieSBvbmUgb3IgbW9yZQ0K ICAgICAgdXNlcnMgdG8gY3JlYXRlIGFuZCBhc3NpZ24gY2VydGlmaWNhdGVzLg0KDQogICAgICBD ZXJ0aWZpY2F0ZSBob2xkZXIgLSBBIG5hdHVyYWwgb3IgbGVnYWwgcGVyc29uIHdobyBpcyBpZGVu dGlmaWVkDQogICAgICBhcyB0aGUgc3ViamVjdCBpbiBhIGNlcnRpZmljYXRlLg0KDQogICAgICBD ZXJ0aWZpY2F0ZSBwb2xpY3k6IEEgbmFtZWQgc2V0IG9mIHJ1bGVzIHRoYXQgaW5kaWNhdGVzIHRo ZQ0KICAgICAgYXBwbGljYWJpbGl0eSBvZiBhIGNlcnRpZmljYXRlIHRvIGEgcGFydGljdWxhciBj b21tdW5pdHkgYW5kL29yDQogICAgICBjbGFzcyBvZiBhcHBsaWNhdGlvbiB3aXRoIGNvbW1vbiBz ZWN1cml0eSByZXF1aXJlbWVudHMuDQoNCiAgICAgIENlcnRpZmljYXRpb24gUHJhY3RpY2UgU3Rh dGVtZW50IChDUFMpOiBBIHN0YXRlbWVudCBvZiB0aGUNCiAgICAgIHByYWN0aWNlcyB0aGF0IGEg Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZW1wbG95cyBpbiBpc3N1aW5nLA0KICAgICAgbWFuYWdp bmcsIHJldm9raW5nIGFuZCByZW5ld2luZyBvciByZS1rZXlpbmcgY2VydGlmaWNhdGVzLg0KDQog ICAgICBDZXJ0aWZpY2F0ZSBzdWJqZWN0IC0gVGhlIGNlcnRpZmljYXRlIGhvbGRlciBhcyByZXBy ZXNlbnRlZCBpbiB0aGUNCiAgICAgIGNlcnRpZmljYXRlLg0KDQogICAgICBDZXJ0aWZpY2F0ZSB1 c2VyIC0gQSBuYXR1cmFsIHBlcnNvbiB3aG8gb3BlcmF0ZXMgYSBjZXJ0aWZpY2F0ZQ0KICAgICAg dXNpbmcgcHJvZHVjdC4NCg0KICAgICAgQ2VydGlmaWNhdGUtdXNpbmcgcHJvZHVjdCAtIEEgcHJv ZHVjdCB0aGF0IGV2YWx1YXRlcyBhIGNlcnRpZmljYXRlDQogICAgICBvciBjZXJ0aWZpY2F0ZSBj aGFpbiBhbmQgYWRqdXN0cyBpdHMgYmVoYXZpb3IgYWNjb3JkaW5nIHRvIHRoZQ0KICAgICAgcmVz dWx0Lg0KDQogICAgICBFbmQgZW50aXR5OiBBIGNlcnRpZmljYXRlIHN1YmplY3Qgd2hpY2ggdXNl cyBpdHMgcHVibGljIGtleSBmb3INCiAgICAgIHB1cnBvc2VzIG90aGVyIHRoYW4gc2lnbmluZyBj ZXJ0aWZpY2F0ZXMuDQoNCiAgICAgIEludGVybWVkaWF0ZSBDQSAtIEEgQ0EgdGhhdCBpc3N1ZXMg Y2VydGlmaWNhdGVzIHRvIGlzc3VpbmcgQ0FzDQogICAgICBhbmQvb3Igb3RoZXIgaW50ZXJtZWRp YXRlIENBcy4NCg0KICAgICAgSXNzdWluZyBDQSAtIEEgQ0EgdGhhdCBpc3N1ZXMgY2VydGlmaWNh dGVzIHRvIGNlcnRpZmljYXRlIGhvbGRlcnMuDQoNCg0KDQoNCg0KDQpCYXJyZWlyYSAmIE1vcnRv biAgICAgICAgICBFeHBpcmVzIE1heSA0LCAyMDEzICAgICAgICAgICAgICAgICAgW1BhZ2UgM10N CgwNCkludGVybmV0LURyYWZ0ICAgICAgICAgVHJ1c3QgbW9kZWxzIG9mIHRoZSBXZWIgUEtJICAg ICAgICAgIE9jdG9iZXIgMjAxMg0KDQoNCiAgICAgIFBvbGljeSBtYW5hZ2VtZW50IGF1dGhvcml0 eSAtIEEgbmF0dXJhbCBvciBsZWdhbCBwZXJzb24gd2hvDQogICAgICBhZG1pbmlzdGVycyB0aGUg Y2VydGlmaWNhdGUgcG9saWN5IGJ5IHdoaWNoIG9uZSBvciBtb3JlDQogICAgICBjZXJ0aWZpY2F0 aW9uIGF1dGhvcml0aWVzIG9wZXJhdGUuDQoNCiAgICAgIFB1YmxpYy1rZXkgaW5mcmFzdHJ1Y3R1 cmUgKFBLSSkgLSBpcyBhIHN5c3RlbSBmb3IgdGhlIGNyZWF0aW9uLA0KICAgICAgc3RvcmFnZSwg YW5kIGRpc3RyaWJ1dGlvbiBvZiBjZXJ0aWZpY2F0ZXMgd2hpY2ggYXJlIHVzZWQgdG8gdmVyaWZ5 DQogICAgICB0aGF0IGEgcGFydGljdWxhciBwdWJsaWMga2V5IGJlbG9uZ3MgdG8gYSBjZXJ0YWlu IGVudGl0eS4NCg0KICAgICAgUmVseWluZyBwYXJ0eTogQSB1c2VyIG9yIGFnZW50IHRoYXQgcmVs aWVzIG9uIHRoZSBkYXRhIGluIGENCiAgICAgIGNlcnRpZmljYXRlIGluIG1ha2luZyBkZWNpc2lv bnMuDQoNCiAgICAgIFJlZ2lzdHJhdGlvbiBhdXRob3JpdHkgKFJBKTogQW4gZW50aXR5IHRoYXQg aXMgcmVzcG9uc2libGUgZm9yDQogICAgICBpZGVudGlmaWNhdGlvbiBhbmQgYXV0aGVudGljYXRp b24gb2YgY2VydGlmaWNhdGUgc3ViamVjdHMsIGJ1dA0KICAgICAgdGhhdCBkb2VzIG5vdCBzaWdu IG9yIGlzc3VlIGNlcnRpZmljYXRlcyAoaS5lLiwgYW4gUkEgaXMgZGVsZWdhdGVkDQogICAgICBj ZXJ0YWluIHRhc2tzIG9uIGJlaGFsZiBvZiBhIENBKS4NCg0KICAgICAgUm9vdCBjZXJ0aWZpY2F0 ZSAtIGlzIGVpdGhlciBhbiB1bnNpZ25lZCBwdWJsaWMga2V5IGNlcnRpZmljYXRlIG9yDQogICAg ICBhIHNlbGYtc2lnbmVkIGNlcnRpZmljYXRlIHRoYXQgaWRlbnRpZmllcyB0aGUgUm9vdCBDZXJ0 aWZpY2F0ZQ0KICAgICAgQXV0aG9yaXR5IChDQSkuICBBIHJvb3QgY2VydGlmaWNhdGUgaXMgcGFy dCBvZiBhIHB1YmxpYyBrZXkNCiAgICAgIGluZnJhc3RydWN0dXJlIHNjaGVtZS4NCg0KICAgICAg Um9vdCBDQSAtIFRoZSB0cnVzdCBhbmNob3IgZm9yIHRoZSBkaWdpdGFsIGNlcnRpZmljYXRlIGlz IHRoZSBSb290DQogICAgICBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgKENBKS4gIEEgQ0Egd2hvc2Ug cHVibGljIGtleSBpcyBpbmNsdWRlZCBpbg0KICAgICAgYSByb290IHN0b3JlLg0KDQogICAgICBS b290IHN0b3JlIC0gQSBzZXQgb2YgY2VydGlmaWNhdGlvbiBhdXRob3JpdHkgcHVibGljIGtleXMg dGhhdCBpcw0KICAgICAgZW1iZWRkZWQgaW4gYSBjZXJ0aWZpY2F0ZS11c2luZyBwcm9kdWN0Lg0K DQogICAgICBTZWxmLXNpZ25lZCBjZXJ0aWZpY2F0ZTogQSBjZXJ0aWZpY2F0ZSBmb3Igb25lIENB IHNpZ25lZCBieSB0aGF0DQogICAgICBDQS4NCg0KICAgICAgVHJ1c3QgYW5jaG9yIC0gaXMgYW4g YXV0aG9yaXRhdGl2ZSBlbnRpdHkgcmVwcmVzZW50ZWQgdmlhIGEgcHVibGljDQogICAgICBrZXkg YW5kIGFzc29jaWF0ZWQgZGF0YS4NCg0KICAgICAgVHJ1c3QgbW9kZWwgLSBUaGUgcm9sZXMsIGFu ZCB0aGUgcmVsYXRpb25zaGlwcyBiZXR3ZWVuIHRob3NlDQogICAgICByb2xlcywgdGhhdCBhcmUg cmVsZXZhbnQgdG8gdGhlIG1hbmFnZW1lbnQgYW5kIGV2YWx1YXRpb24gb2YNCiAgICAgIGNlcnRp ZmljYXRlcy4NCg0KICAgICAgVHJ1c3Qgc2VydmljZSAtIFNlcnZpY2Ugd2hpY2ggZW5oYW5jZXMg dHJ1c3QgYW5kIGNvbmZpZGVuY2UgaW4NCiAgICAgIGVsZWN0cm9uaWMgdHJhbnNhY3Rpb25zLg0K DQoNCg0KDQoNCg0KDQoNCg0KDQoNCkJhcnJlaXJhICYgTW9ydG9uICAgICAgICAgIEV4cGlyZXMg TWF5IDQsIDIwMTMgICAgICAgICAgICAgICAgICBbUGFnZSA0XQ0KDA0KSW50ZXJuZXQtRHJhZnQg ICAgICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAgICAgT2N0b2JlciAyMDEy DQoNCg0KMi4gIEJhc2ljIHRydXN0IG1vZGVsDQoNCiAgIEluIHRoZSBiYXNpYyBXZWIgUEtJIHRy dXN0IG1vZGVsLCBhIGNlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3QNCiAgIGluY2x1ZGVzIGEgcm9v dCBzdG9yZSB0aGF0IGNvbnRhaW5zIG9uZSBvciBtb3JlIHJvb3QgY2VydGlmaWNhdGlvbg0KICAg YXV0aG9yaXR5IHB1YmxpYyBrZXlzLCBlYWNoIG9mIHdoaWNoIGlzIHVuZGVyIHRoZSBjb250cm9s IG9mIGEgQ0EgYW5kDQogICBtYW5hZ2VkIGluIGNvbmZvcm1hbmNlIHdpdGggdGhlIGNlcnRpZmlj YXRlIHBvbGljeSBwcmVzY3JpYmVkIGFuZA0KICAgYWRtaW5pc3RlcmVkIGJ5IHRoZSBjZXJ0aWZp Y2F0ZSB1c2luZyBwcm9kdWN0IHN1cHBsaWVyLiAgRWFjaCBzdWNoDQogICByb290IGNlcnRpZmlj YXRpb24gYXV0aG9yaXR5IGlzc3VlcyBhIGNlcnRpZmljYXRlIHRvIG9uZSBvciBtb3JlDQogICBp c3N1aW5nIENBcyB0aGF0IGFyZSB1bmRlciB0aGUgY29udHJvbCBvZiB0aGUgc2FtZSBjb21tZXJj aWFsIENBLg0KICAgRWFjaCBpc3N1aW5nIENBIGFjY2VwdHMgYW5kIHJlc3BvbmRzIHRvIGNlcnRp ZmljYXRlIHJlcXVlc3RzIGZyb20gb25lDQogICBvciBtb3JlIGNlcnRpZmljYXRlIGFwcGxpY2Fu dHMgdmlhIG9uZSBvciBtb3JlIHJlZ2lzdHJhdGlvbg0KICAgYXV0aG9yaXRpZXMgdGhhdCBhcmUg dW5kZXIgdGhlIGNvbnRyb2wgb2YgdGhlIHNhbWUgQ0EuICBJZiB0aGUNCiAgIHJlcXVlc3QgaXMg Z3JhbnRlZCwgdGhlbiB0aGUgY2VydGlmaWNhdGUgYXBwbGljYW50IGJlY29tZXMgYQ0KICAgY2Vy dGlmaWNhdGUgaG9sZGVyLiAgVGhlIHJvbGUgb2YgdGhlIHJlZ2lzdHJhdGlvbiBhdXRob3JpdHkg aXMgdG8NCiAgIGNvbmZpcm0gdGhlIGFjY3VyYWN5IG9mIHRoZSBpbmZvcm1hdGlvbiBwcm92aWRl ZCBpbiB0aGUgY2VydGlmaWNhdGUNCiAgIHJlcXVlc3QuDQoNCiAgIFRoZSBjZXJ0aWZpY2F0ZSB1 c2VyIGltcGxpY2l0bHkgYWNjZXB0cyB0aGUgcG9saWN5IG9mIHRoZSBwb2xpY3kNCiAgIG1hbmFn ZW1lbnQgYXV0aG9yaXR5IGJ5IGNob29zaW5nIHRvIHVzZSBhIHBhcnRpY3VsYXIgY2VydGlmaWNh dGUtDQogICB1c2luZyBwcm9kdWN0Lg0KDQogICBBbGwgZnVuY3Rpb25zIG9mIHRoZSBDQSBhcmUg c3ViamVjdCB0byB0aGUgYXVkaXQgcHJvY2VzcyBwcmVzY3JpYmVkDQogICBieSB0aGUgY2VydGlm aWNhdGUgcG9saWN5Lg0KDQoNCjMuICBUcnVzdCBtb2RlbCB2YXJpYW50cw0KDQogICBUaGVyZSBh cmUgc2V2ZXJhbCB2YXJpYW50cyBvZiB0aGUgYmFzaWMgdHJ1c3QgbW9kZWwgaW4gY29tbW9uIHVz ZS4NCg0KMy4xLiAgQ2VydGlmaWNhdGUtdXNpbmcgcHJvZHVjdCBhZG9wdHMgcm9vdCBzdG9yZQ0K DQogICBJbiB0aGlzIHZhcmlhbnQsIHRoZSBzdXBwbGllciBvZiB0aGUgY2VydGlmaWNhdGUtdXNp bmcgcHJvZHVjdCBhZG9wdHMNCiAgIHRoZSBwb2xpY2llcyBvZiBvdGhlciBzdXBwbGllcnMgYnkg Y29weWluZyB0aGVpciByb290IHN0b3Jlcywgd2l0aG91dA0KICAgc2Vla2luZyBpbmRlcGVuZGVu dCBldmlkZW5jZSBvZiBjb25mb3JtYW5jZS4NCg0KMy4yLiAgQ2VydGlmaWNhdGUtdXNpbmcgcHJv ZHVjdCB1c2VzIE9TIHJvb3Qgc3RvcmUNCg0KICAgSW4gdGhpcyB2YXJpYW50LCB0aGUgY2VydGlm aWNhdGUtdXNpbmcgcHJvZHVjdCBkb2VzIG5vdCB1c2UgaXRzIG93bg0KICAgcm9vdCBzdG9yZS4g IEluc3RlYWQsIGl0IHVzZXMgdGhlIHBsYXRmb3JtIG9wZXJhdGluZyBzeXN0ZW0gcm9vdA0KICAg c3RvcmUgYW5kIGNlcnRpZmljYXRlIHByb2Nlc3NpbmcgZnVuY3Rpb25zIHRvIGV2YWx1YXRlIHRo ZQ0KICAgY2VydGlmaWNhdGUgaG9sZGVyJ3MgY2VydGlmaWNhdGUuICBJdCBtYXkgdGhlbiBjaGVj a3MgdGhhdCB0aGUNCiAgIGNlcnRpZmljYXRlIHN1YmplY3QncyBkb21haW4gbmFtZSBtYXRjaGVz IHRoYXQgcmVxdWVzdGVkIGJ5IHRoZQ0KICAgY2VydGlmaWNhdGUgdXNlci4NCg0KMy4zLiAgQ2Vy dGlmaWNhdGUtdXNpbmcgcHJvZHVjdCB1c2VzIFRydXN0IFNlcnZpY2UgU3RhdHVzIExpc3QgSXNz dWVkIGJ5DQogICAgICBSZWNvZ25pc2VkIEF1dGhvcml0aWVzDQoNCiAgIEluIHRoaXMgdmFyaWFu dCwgb25lIG9yIG1vcmUgYXV0aG9yaXRpZXMgKGUuZy4gIEVVIG5hdGlvbmFsDQoNCg0KDQpCYXJy ZWlyYSAmIE1vcnRvbiAgICAgICAgICBFeHBpcmVzIE1heSA0LCAyMDEzICAgICAgICAgICAgICAg ICAgW1BhZ2UgNV0NCgwNCkludGVybmV0LURyYWZ0ICAgICAgICAgVHJ1c3QgbW9kZWxzIG9mIHRo ZSBXZWIgUEtJICAgICAgICAgIE9jdG9iZXIgMjAxMg0KDQoNCiAgIHJlZ3VsYXRvcnkgYXV0aG9y aXRpZXMpIHByb3ZpZGUgYSBsaXN0IG9mIENBcyB3aGljaCBoYXZlIGJlZW4NCiAgIGFzc2Vzc2Vk IGZvciB0cnVzdHdvcnRoaW5lc3MgZm9yIHNwZWNpZmljIHB1cnBvc2VzIChlLmcuIHdlYiBzaXRl cw0KICAgbWVldGluZyBFVSByZWd1bGF0aW9ucyksIGNhbGxlZCB0aGUgVHJ1c3QgU2VydmljZSBT dGF0dXMgTGlzdCAoVFNTTCkuDQoNCjMuNC4gIENlcnRpZmljYXRlIGhvbGRlciBjZXJ0aWZpY2F0 ZXMgaXNzdWVkIGJ5IHJvb3QgQ0ENCg0KICAgU29tZSBsZWdhY3kgc2l0dWF0aW9ucyBkZW1hbmQg dGhhdCB0aGUgY2VydGlmaWNhdGUgaG9sZGVyIGNlcnRpZmljYXRlDQogICBiZSBpc3N1ZWQgZGly ZWN0bHkgYnkgdGhlIHJvb3QgQ0EsIHdpdGhvdXQgdGhlIGludm9sdmVtZW50IG9mDQogICBpbnRl cm1lZGlhdGUgb3IgaXNzdWluZyBDQXMuICBUaGlzIG1vZGVsIGlzIG5vdyBkZXByZWNhdGVkLCBi dXQgdGhlDQogICBwcmFjdGljZSB3aWxsIHJlbWFpbiBpbiBlZmZlY3QgaW5kZWZpbml0ZWx5Lg0K DQozLjUuICBPbmUgcm9vdCBDQSBjcm9zcy1jZXJ0aWZpZXMgYW5vdGhlciByb290IENBDQoNCiAg IEEgc21hbGwgYnV0IHNpZ25pZmljYW50IHBvcnRpb24gb2YgdGhlIGNlcnRpZmljYXRlLXVzaW5n IHByb2R1Y3RzIGluDQogICBhY3RpdmUgdXNlIGRvZXMgbm90IHBvc3Nlc3MgdGhlIGNhcGFiaWxp dHkgdG8gYmUgdXBkYXRlZCBpbiB0aGUNCiAgIGZpZWxkLiAgQ29uc2VxdWVudGx5LCB0aGVzZSBw cm9kdWN0cyBkbyBub3QgYWNjZXB0IGNlcnRpZmljYXRlcw0KICAgaXNzdWVkIGJ5IENBcyB0aGF0 IGNhbWUgaW50byBleGlzdGVuY2UgYWZ0ZXIgdGhleSB3ZXJlIGZpcnN0DQogICBkZXBsb3llZC4g IEFsdGhvdWdoIHRoZWlyIGNlcnRpZmljYXRlcyBhcmUgYWNjZXB0ZWQgYnkgbmV3ZXIgcHJvZHVj dHMNCiAgIGFuZCBvbmVzIHRoYXQgY2FuIGJlIHVwZGF0ZWQgaW4gdGhlIGZpZWxkLCBuZXdlciBD QXMgb3BlcmF0ZSBhdCBhDQogICBkaXNhZHZhbnRhZ2UgdG8gb2xkZXIgQ0FzLCBhbmQgdGhleSBj b21tb25seSBhZGRyZXNzIHRoaXMNCiAgIGRpc2FkdmFudGFnZSBieSBoYXZpbmcgdGhlaXIgcHVi bGljIGtleSBjcm9zcy1jZXJ0aWZpZWQgYnkgYW4gb2xkZXINCiAgIENBLg0KDQogICBCZWNhdXNl IHRoZSBjcm9zcy1jZXJ0aWZpZWQgcm9vdCBDQSBpcyBhbHNvIHJlY29nbml6ZWQgZGlyZWN0bHkg YnkgYQ0KICAgcG9saWN5IG1hbmFnZW1lbnQgYXV0aG9yaXR5LCBpdCBvcGVyYXRlcyBpbiBhY2Nv cmRhbmNlIHdpdGggdGhlDQogICByZXF1aXJlbWVudHMgb2YgdGhhdCBjZXJ0aWZpY2F0ZSBwb2xp Y3ksIHJlZ2FyZGxlc3Mgb2YgYW55DQogICByZXF1aXJlbWVudHMgcGxhY2VkIHVwb24gaXQgYnkg dGhlIGNvbnRyYWN0IGJldHdlZW4gaXQgYW5kIHRoZSBjcm9zcy0NCiAgIGNlcnRpZnlpbmcgcm9v dCBDQS4NCg0KMy42LiAgSXNzdWluZyBDQSBpcyBhbiBhZmZpbGlhdGUNCg0KICAgVGhlIGlzc3Vp bmcgQ0EgbWF5IG9wZXJhdGUgYXQgYXJtJ3MgbGVuZ3RoIHRvIHRoZSByb290IENBLg0KDQogICBU aGUgaXNzdWluZyBDQSdzIGJlaGF2aW9yIGlzIGdvdmVybmVkIGJ5IGl0cyBjb250cmFjdCB3aXRo IHRoZSByb290DQogICBDQSwgd2hpY2ggY29tbW9ubHkgc3RpcHVsYXRlcyBhZGhlcmVuY2UgdG8g dGhlIHBvbGljaWVzIG9mIHRoZSBwb2xpY3kNCiAgIG1hbmFnZW1lbnQgYXV0aG9yaXR5Lg0KDQoz LjcuICBSZWdpc3RyYXRpb24gYXV0aG9yaXR5IGlzIGFuIGFmZmlsaWF0ZQ0KDQogICBUaGUgcmVn aXN0cmF0aW9uIGF1dGhvcml0eSBtYXkgb3BlcmF0ZSBhdCBhcm0ncyBsZW5ndGggdG8gdGhlIGlz c3VpbmcNCiAgIENBLg0KDQogICBUaGUgcmVnaXN0cmF0aW9uIGF1dGhvcml0eSdzIGJlaGF2aW9y IGlzIGdvdmVybmVkIGJ5IGl0cyBjb250cmFjdA0KICAgd2l0aCB0aGUgaXNzdWluZyBDQS4NCg0K DQoNCg0KDQoNCg0KQmFycmVpcmEgJiBNb3J0b24gICAgICAgICAgRXhwaXJlcyBNYXkgNCwgMjAx MyAgICAgICAgICAgICAgICAgIFtQYWdlIDZdDQoMDQpJbnRlcm5ldC1EcmFmdCAgICAgICAgIFRy dXN0IG1vZGVscyBvZiB0aGUgV2ViIFBLSSAgICAgICAgICBPY3RvYmVyIDIwMTINCg0KDQozLjgu ICBSb290IENBIGlzIG9wZXJhdGVkIGJ5IGEgZ292ZXJubWVudA0KDQogICBJbiB0aGUgY2FzZSB3 aGVyZSB0aGUgcm9vdCBDQSBpcyBvcGVyYXRlZCBieSBhIGdvdmVybm1lbnQgZGVwYXJ0bWVudCwN CiAgIHRoZSBwb2xpY3kgYXV0aG9yaXR5IG1heSByZWxheCB0aGUgcmVxdWlyZW1lbnQgZm9yIGEg ZnVsbHktDQogICBpbmRlcGVuZGVudCB0aGlyZC1wYXJ0eSBhdWRpdCwgcmVseWluZyBpbnN0ZWFk IHVwb24gYW4gYXVkaXQNCiAgIGNvbmR1Y3RlZCBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIGdvdmVy bm1lbnQncyBvd24gaW50ZXJuYWwgYXVkaXQNCiAgIHByb2Nlc3MuDQoNCjMuOS4gIENlcnRpZmlj YXRlIHVzZXIgZGlyZWN0bHkgdHJ1c3RzIGlzc3VpbmcgQ0Ega2V5DQoNCiAgIFRoZSBjZXJ0aWZp Y2F0ZS11c2luZyBwcm9kdWN0IG1heSBhbGxvdyB0aGUgY2VydGlmaWNhdGUgdXNlciB0bw0KICAg ZGVzaWduYXRlIGEgQ0Ega2V5IGFzIHRydXN0ZWQsIGEgcHJpb3JpLCBmb3IgdGhlIHB1cnBvc2Ug b2YNCiAgIGV2YWx1YXRpbmcgY2VydGlmaWNhdGUgaG9sZGVyIGNlcnRpZmljYXRlcy4NCg0KMy4x MC4gIENlcnRpZmljYXRlIHVzZXIgZGlyZWN0bHkgdHJ1c3RzIGNlcnRpZmljYXRlIGhvbGRlciBr ZXkNCg0KICAgVGhlIGNlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3QgbWF5IGFsbG93IHRoZSBjZXJ0 aWZpY2F0ZSB1c2VyIHRvDQogICBkZXNpZ25hdGUgYSBjZXJ0aWZpY2F0ZSBob2xkZXIga2V5IGFz IHRydXN0ZWQsIGEgcHJpb3JpLg0KDQozLjExLiAgQ2VydGlmaWNhdGUgaG9sZGVyIG9wZXJhdGVz IGlzc3VpbmcgQ0ENCg0KICAgQSBjZXJ0aWZpY2F0ZSBob2xkZXIgbWF5IG9wZXJhdGUgaXRzIG93 biBpc3N1aW5nIENBLiAgVHlwaWNhbGx5LCB0aGUNCiAgIGNlcnRpZmljYXRlIGhvbGRlciBpcyBh cHByb3ZlZCB0byBpc3N1ZSBjZXJ0aWZpY2F0ZXMgb25seSB3aXRoaW4gYQ0KICAgc3BlY2lmaWMg cmVnaW9uIG9mIHRoZSBuYW1lLXNwYWNlLCBhbmQgdGhpcyBsaW1pdGF0aW9uIGlzIGVuZm9yY2Vk IGJ5DQogICBjb250cmFjdC4NCg0KICAgVGhlIHJvb3QgQ0EgbWF5IHVzZSB0aGUgUkZDIDUyODAg W1JGQzUyODBdIG5hbWUgY29uc3RyYWludHMNCiAgIGNlcnRpZmljYXRlIGV4dGVuc2lvbiB0byBs aW1pdCB0aGUgcmVnaW9uIG9mIHRoZSBuYW1lLXNwYWNlIGluIHdoaWNoDQogICB0aGUgaXNzdWlu ZyBDQSBjYW4gaXNzdWUgdmFsaWQgY2VydGlmaWNhdGVzLg0KDQozLjEyLiAgQ2VydGlmaWNhdGUg aG9sZGVyIHNvdXJjZXMgbWFuYWdlbWVudCBvZiBpc3N1aW5nIENBDQoNCiAgIEEgcm9vdCBDQSBt YXkgaG9zdCBhbiBpc3N1aW5nIENBIG9uIGJlaGFsZiBvZiBhIGNlcnRpZmljYXRlIGhvbGRlci4N CiAgIFR5cGljYWxseSwgdGhlIGNlcnRpZmljYXRlIGhvbGRlciBpcyBhcHByb3ZlZCB0byBpc3N1 ZSBjZXJ0aWZpY2F0ZXMNCiAgIG9ubHkgd2l0aGluIGEgc3BlY2lmaWMgcmVnaW9uIG9mIHRoZSBu YW1lLXNwYWNlLCBhbmQgdGhpcyBsaW1pdGF0aW9uDQogICBpcyBlbmZvcmNlZCBieSB0aGUgaG9z dCByb290IENBLiAgRXhhbWluYXRpb24gb2YgdGhlIGNlcnRpZmljYXRlDQogICBjaGFpbiB3b3Vs ZCBpbmRpY2F0ZSB0aGF0IHRoZSBpc3N1aW5nIENBIHdhcyBvd25lZCBhbmQgb3BlcmF0ZWQgYnkN CiAgIHRoZSBjZXJ0aWZpY2F0ZSBob2xkZXIuDQoNCjMuMTMuICBDZXJ0aWZpY2F0ZSBob2xkZXIg bWFuYWdlcyBSQQ0KDQogICBBbiBpc3N1aW5nIENBIG1heSBob3N0IGEgcmVnaXN0cmF0aW9uIGF1 dGhvcml0eSBvbiBiZWhhbGYgb2YgYQ0KICAgY2VydGlmaWNhdGUgaG9sZGVyLiAgVHlwaWNhbGx5 LCB0aGUgY2VydGlmaWNhdGUgaG9sZGVyIGlzIGFwcHJvdmVkIHRvDQogICBpc3N1ZSBjZXJ0aWZp Y2F0ZXMgb25seSB3aXRoaW4gYSBzcGVjaWZpYyByZWdpb24gb2YgdGhlIG5hbWUtc3BhY2UsDQog ICBhbmQgdGhpcyBsaW1pdGF0aW9uIGlzIGVuZm9yY2VkIGJ5IHRoZSBob3N0IGlzc3VpbmcgQ0Eu ICBFeGFtaW5hdGlvbg0KICAgb2YgdGhlIGNlcnRpZmljYXRlIGNoYWluIHdvdWxkIGluZGljYXRl IHRoYXQgdGhlIHJlZ2lzdHJhdGlvbg0KICAgYXV0aG9yaXR5IHdhcyBvd25lZCBhbmQgb3BlcmF0 ZWQgYnkgdGhlIGlzc3VpbmcgQ0EuDQoNCg0KDQoNCkJhcnJlaXJhICYgTW9ydG9uICAgICAgICAg IEV4cGlyZXMgTWF5IDQsIDIwMTMgICAgICAgICAgICAgICAgICBbUGFnZSA3XQ0KDA0KSW50ZXJu ZXQtRHJhZnQgICAgICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAgICAgT2N0 b2JlciAyMDEyDQoNCg0KNC4gIElBTkEgQ29uc2lkZXJhdGlvbnMNCg0KICAgVGhpcyBtZW1vIGlu Y2x1ZGVzIG5vIHJlcXVlc3QgdG8gSUFOQS4NCg0KDQo1LiAgU2VjdXJpdHkgQ29uc2lkZXJhdGlv bnMNCg0KICAgVGhlIHRydXN0IG1vZGVscyBkZXNjcmliZWQgaGVyZSBleGhpYml0IHNldmVyYWwg dnVsbmVyYWJpbGl0aWVzIHRoYXQNCiAgIGNvdWxkIGFkdmVyc2VseSBhZmZlY3QgdGhlIHJlbGlh YmlsaXR5IG9mIHRoZSBhdXRoZW50aWNhdGlvbiB0aGV5DQogICBwcm92aWRlLiAgVGhlIGZpcnN0 IGNvbmNlcm5zIHRoZSBuYW1pbmcgb2YgY2VydGlmaWNhdGUgaG9sZGVycy4gIFRoZQ0KICAgc2Vj b25kIGNvbmNlcm5zIGNvbnRyb2xsYWJpbGl0eSBhbmQgb2JzZXJ2YWJpbGl0eSBvZiBpc3N1ZWQN CiAgIGNlcnRpZmljYXRlcy4NCg0KICAgQ2VydGlmaWNhdGUgaG9sZGVyIG5hbWVzIHdpdGggYW55 IG9mIHRoZSBmb2xsb3dpbmcgY2hhcmFjdGVyaXN0aWNzDQogICBjYW4gYmUgdXNlZCBpbiBhbiBp bXBlcnNvbmF0aW9uIGF0dGFjay4NCg0KICAgbyAgaG9tb2dyYXBoaWMgbmFtZQ0KDQogICBvICBt aXhlZC1hbHBoYWJldCBuYW1lDQoNCiAgIG8gIG5hbWUgdGhhdCBjb250YWlucyBhIHN0cmluZyB0 ZXJtaW5hdGlvbiBjaGFyYWN0ZXINCg0KICAgbyAgbm9uLXVuaXF1ZSBuYW1lIChlLmcuIGFuIGlu dGVybmFsIHNlcnZlciBuYW1lKQ0KDQogICBXaXRoIHRoZSBleGNlcHRpb24gb2Ygbm9uLXVuaXF1 ZSBuYW1lcywgQ0FzIGluIHRoZSBXZWIgUEtJIGFyZQ0KICAgcmVxdWlyZWQgdG8gc2NyZWVuIG91 dCByZXF1ZXN0cyBmb3IgY2VydGlmaWNhdGVzIHdpdGggYW55IG9mIHRoZXNlDQogICBjaGFyYWN0 ZXJpc3RpY3MuICBDQXMgYXJlIHJlcXVpcmVkIHRvIHBoYXNlIG91dCB0aGUgcHJhY3RpY2Ugb2YN CiAgIGlzc3Vpbmcgbm9uLXVuaXF1ZSBuYW1lcyBieSAyMDE2Lg0KDQogICBUZWNobmljYWxseSwg dW5sZXNzIGNvbnN0cmFpbmVkIGJ5IGFuIHVwc3RyZWFtIENBIHRvIGlzc3VlDQogICBjZXJ0aWZp Y2F0ZXMgb25seSBpbiBhIHNwZWNpZmljIHJlZ2lvbiBvZiB0aGUgbmFtZS1zcGFjZSwgYW55IENB IGluDQogICB0aGUgV2ViIFBLSSBjYW4gaXNzdWUgYW4gYXBwYXJlbnRseSBsZWdpdGltYXRlIGNl cnRpZmljYXRlIGZvciBhbnkNCiAgIG5hbWUsIHdoZXRoZXIgb3Igbm90IHRoZSBsZWdpdGltYXRl IGhvbGRlciBvZiB0aGF0IG5hbWUgaXMgYXdhcmUgb2YNCiAgIG9yIGFwcHJvdmVzIHRoZSBpc3N1 YW5jZS4gIEZ1cnRoZXJtb3JlLCB0aGUgbGVnaXRpbWF0ZSBob2xkZXIgb2YgdGhhdA0KICAgbmFt ZSBtYXkgbm90IGRpc2NvdmVyIHRoYXQgc3VjaCBhIGNlcnRpZmljYXRlIGhhcyBiZWVuIGlzc3Vl ZC4NCg0KICAgSW4gdGhlIGV2ZW50IG9mIGEgY29tcHJvbWlzZSBvZiBhIHJvb3QgQ0EsIGl0cyBr ZXkgaXMgYmxhY2tsaXN0ZWQgYnkNCiAgIGNlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3RzIGJ5IG1l YW5zIG9mIGEgc29mdHdhcmUgdXBkYXRlLiAgVGhpcyBoYXMNCiAgIHRoZSBlZmZlY3Qgb2YgaW52 YWxpZGF0aW5nIGV2ZXJ5IG90aGVyd2lzZS12YWxpZCBjZXJ0aWZpY2F0ZSB0aGF0DQogICBjaGFp bnMgdG8gdGhhdCByb290LCB3aGV0aGVyIG9yIG5vdCBpdCB3YXMgaXNzdWVkIHdoaWxlIHRoZQ0K ICAgY29tcHJvbWlzZSBleGlzdGVkLiAgVGhpcyBzdGVwIHdvdWxkIGhhdmUgYSBzZXZlcmUgaW1w YWN0IHVwb24gdGhlIENBDQogICBhbmQgaXRzIGNlcnRpZmljYXRlIGhvbGRlcnM7IGEgc3RlcCBu b3QgbGlrZWx5IHRvIGJlIHRha2VuIHdpdGhvdXQNCiAgIHZlcnkgY2FyZWZ1bCBkZWxpYmVyYXRp b24gYW5kIChwZXJoYXBzKSBoZXNpdGF0aW9uLg0KDQoNCjYuICBOb3JtYXRpdmUgUmVmZXJlbmNl cw0KDQogICBbUkZDMjExOV0gIEJyYWRuZXIsIFMuLCAiS2V5IHdvcmRzIGZvciB1c2UgaW4gUkZD cyB0byBJbmRpY2F0ZQ0KDQoNCg0KQmFycmVpcmEgJiBNb3J0b24gICAgICAgICAgRXhwaXJlcyBN YXkgNCwgMjAxMyAgICAgICAgICAgICAgICAgIFtQYWdlIDhdDQoMDQpJbnRlcm5ldC1EcmFmdCAg ICAgICAgIFRydXN0IG1vZGVscyBvZiB0aGUgV2ViIFBLSSAgICAgICAgICBPY3RvYmVyIDIwMTIN Cg0KDQogICAgICAgICAgICAgIFJlcXVpcmVtZW50IExldmVscyIsIEJDUCAxNCwgUkZDIDIxMTks IE1hcmNoIDE5OTcuDQoNCiAgIFtSRkM1MjgwXSAgQ29vcGVyLCBELiwgU2FudGVzc29uLCBTLiwg RmFycmVsbCwgUy4sIEJvZXllbiwgUy4sDQogICAgICAgICAgICAgIEhvdXNsZXksIFIuLCBhbmQg Vy4gUG9saywgIkludGVybmV0IFguNTA5IFB1YmxpYyBLZXkNCiAgICAgICAgICAgICAgSW5mcmFz dHJ1Y3R1cmUgQ2VydGlmaWNhdGUgYW5kIENlcnRpZmljYXRlIFJldm9jYXRpb24gTGlzdA0KICAg ICAgICAgICAgICAoQ1JMKSBQcm9maWxlIiwgUkZDIDUyODAsIE1heSAyMDA4Lg0KDQoNCkF1dGhv cnMnIEFkZHJlc3Nlcw0KDQogICBJbmlnbyBCYXJyZWlyYSAoZWRpdG9yKQ0KICAgSXplbnBlDQog ICBDL0JlYXRvIFRvbWFzIGRlIFp1bWFycmFnYSA3MSwgMW8uIDAxMDA4IFZpdG9yaWEtR2FzdGVp ei4gU3BhaW4NCg0KICAgUGhvbmU6ICszNCA5NDUwNjc3MDUNCiAgIEVtYWlsOiBpLWJhcnJlaXJh QGl6ZW5wZS5uZXQNCg0KDQogICBCcnVjZSBNb3J0b24gKGVkaXRvcikNCiAgIEVudHJ1c3QNCiAg IDEwMDAgSW5ub3ZhdGlvbiBEcml2ZS4gT3R0YXdhLCBPbnRhcmlvLiBDYW5hZGEgSzJLIDNFNw0K DQogICBFbWFpbDogYnJ1Y2UubW9ydG9uQGVudHJ1c3QuY29tDQoNCg0KDQoNCg0KDQoNCg0KDQoN Cg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCkJhcnJlaXJhICYgTW9ydG9uICAg ICAgICAgIEV4cGlyZXMgTWF5IDQsIDIwMTMgICAgICAgICAgICAgICAgICBbUGFnZSA5XQ0KDA0K --_004_452C99D20750E74083DBA441FF93238577479014SOTTEXCH10corpa_-- From ben@digicert.com Wed Mar 13 11:06:08 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EAA621F8A0C for ; Wed, 13 Mar 2013 11:06:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.064 X-Spam-Level: X-Spam-Status: No, score=-6.064 tagged_above=-999 required=5 tests=[AWL=0.534, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0g84hw9tSzOw for ; Wed, 13 Mar 2013 11:06:07 -0700 (PDT) Received: from mail.digicert.com (mail.digicert.com [64.78.193.232]) by ietfa.amsl.com (Postfix) with ESMTP id CDCD121F8735 for ; Wed, 13 Mar 2013 11:06:06 -0700 (PDT) Received: from BWILSONL1 (unknown [64.78.193.228]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.digicert.com (Postfix) with ESMTPSA id 6DE828FA963; Wed, 13 Mar 2013 12:06:06 -0600 (MDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digicert.com; s=mail; t=1363197966; bh=5b7cuY21JSqEHL0HNDUoia+50heA7hnKt+pOcaD7o64=; h=Reply-To:From:To:Cc:References:In-Reply-To:Subject:Date; b=VPKqcNkvx8qlSCJY5Btp+qBZnCuFut5XNXTnaii3qnGAZNg49vOF+0i4U+lH3obMZ aqqjVBGCEsxaf+HC02jFZ3+X/8OTTVyM0HuIsVvT752kLv2VzX2XQQcSH9uzh4Sk8F bk9FqzIRTp368CwFS4bjZvGyLxSpDezyIUh8SVTM= From: "Ben Wilson" To: "'Bruce Morton'" , "'wpkops WG'" References: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> In-Reply-To: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> Date: Wed, 13 Mar 2013 12:06:05 -0600 Organization: DigiCert Message-ID: <014801ce2015$6e9ba820$4bd2f860$@digicert.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0149_01CE1FE3.2401AD50" X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQKQjcyJ/gIEv/VdFT4nYALbRnJKopcfDwaA Content-Language: en-us Cc: i-barreira@izenpe.net Subject: Re: [wpkops] Web PKI - Trust Models X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ben@digicert.com List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 18:06:08 -0000 This is a multipart message in MIME format. ------=_NextPart_000_0149_01CE1FE3.2401AD50 Content-Type: multipart/alternative; boundary="----=_NextPart_001_014A_01CE1FE3.2401AD50" ------=_NextPart_001_014A_01CE1FE3.2401AD50 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Here are some comments. =20 From: wpkops-bounces@ietf.org [mailto:wpkops-bounces@ietf.org] On Behalf = Of Bruce Morton Sent: Wednesday, March 13, 2013 10:08 AM To: wpkops WG (wpkops@ietf.org) Subject: [wpkops] Web PKI - Trust Models =20 Please find attached a draft of the Web PKI Trust Models document. =20 I plan to review the document in the meeting tomorrow. I=F1igo and I = would appreciate any comments on the document plan and the content. =20 Thanks, =20 Bruce Morton +1 613.270.3743 ------=_NextPart_001_014A_01CE1FE3.2401AD50 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Here are some comments.

From:= = wpkops-bounces@ietf.org [mailto:wpkops-bounces@ietf.org] On Behalf Of = Bruce Morton
Sent: Wednesday, March 13, 2013 10:08 = AM
To: wpkops WG (wpkops@ietf.org)
Subject: [wpkops] = Web PKI - Trust Models

Please find = attached a draft of the Web PKI Trust Models document.

I plan to = review the document in the meeting tomorrow. I=F1igo and I would = appreciate any comments on the document plan and the = content.

Thanks,

Bruce = Morton

+1 = 613.270.3743

------=_NextPart_001_014A_01CE1FE3.2401AD50-- ------=_NextPart_000_0149_01CE1FE3.2401AD50 Content-Type: application/pdf; name="draft-barreira-webpki-trustmodel-02-03.pdf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="draft-barreira-webpki-trustmodel-02-03.pdf" JVBERi0xLjUNJeLjz9MNCjU1IDAgb2JqDTw8L0xpbmVhcml6ZWQgMS9MIDI2MTc3L08gNTcvRSA1 Mjc4L04gMTEvVCAyNTc5MC9IIFsgNDU1IDIxNl0+Pg1lbmRvYmoNICAgICAgICAgICAgICAgICAg DQo2MSAwIG9iag08PC9EZWNvZGVQYXJtczw8L0NvbHVtbnMgNC9QcmVkaWN0b3IgMTI+Pi9GaWx0 ZXIvRmxhdGVEZWNvZGUvSURbPEZEMjY5MDNCOTExNDZDM0JDQ0M1ODVCMjg1NDQwMTFDPjxEMjAw MzM3NDg3ODA1QTQ1QUI4MDM2NTNBM0FEQkQ0OT5dL0luZGV4WzU1IDEzXS9JbmZvIDU0IDAgUi9M ZW5ndGggNTIvUHJldiAyNTc5MS9Sb290IDU2IDAgUi9TaXplIDY4L1R5cGUvWFJlZi9XWzEgMiAx XT4+c3RyZWFtDQpo3mJiZBBgYGJg6gcSDIFAgrEJxH0FJFj3AYlvUQxMjAzHQLIMjOjEf8bePwAB BgDZ6gfkDQplbmRzdHJlYW0NZW5kb2JqDXN0YXJ0eHJlZg0KMA0KJSVFT0YNCiAgICAgICAgDQo2 NyAwIG9iag08PC9GaWx0ZXIvRmxhdGVEZWNvZGUvSSAxNDQvTCAxMjgvTGVuZ3RoIDEyOS9TIDk1 Pj5zdHJlYW0NCmjeYmBgYGZgYJJgYGRgYPzJwMOAADwMTEA5FgaOBobfQYpxCxgqSxWjpt1X2jJZ VmDuuyUMM072bJZMnebAwaDB4MHB3AAEGOqAxsgzMKSeBtIsQMwKNrgJaDRjhvMpJoELIK4CA0N6 FJAGuoChC4iVGRjKzSF8RkWAAAMALH0exg0KZW5kc3RyZWFtDWVuZG9iag01NiAwIG9iag08PC9N ZXRhZGF0YSAzMyAwIFIvUGFnZUxhYmVscyA0OSAwIFIvUGFnZXMgNTEgMCBSL1R5cGUvQ2F0YWxv Zz4+DWVuZG9iag01NyAwIG9iag08PC9Db250ZW50cyA1OSAwIFIvQ3JvcEJveFswIDAgNjEyIDc5 Ml0vTWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MiAwIFIvUmVzb3VyY2VzIDYyIDAgUi9S b3RhdGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNNTggMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2Rl L0ZpcnN0IDMyL0xlbmd0aCAzOTUvTiA1L1R5cGUvT2JqU3RtPj5zdHJlYW0NCmjetFPfS8MwEP5X 7lEf5iVtjQ5GYat2Dtwcpqgw9hC7uAW6pqQZzv/epJ3zF3tQlHJt7rvv7r67UBYAARZCNwIWAaUB sFOgZ+7DIOxS6PUw0YU2vBK59E7NPJ3AbRzj5dYOuRXWB4ac+gptINWldViWNXVabGp0zqWd4fQi xUxu7TyOZzhKkoGo5QIY8by5y7qZwpMoaukOY6DI+zuXj4GckACzl0q+t0ZdtfE4drn9OpelhfMw wERUV1ItVxYoIQQvZBvqhM5JC7GsIYwaoYOB3s46NAigw87dMoLQZQR03gRTsVbFy1GiN0ZJAxP5 fNzgE7GWuEMdOOXjrMG5NdLmK5xosxZFA923KiLXd2RFofJ+uSwkEORWru8g2k3kqV6kUZXVBh8+ iG9G82vynK9dL8tcL1S5xHtV9sta7f1UmdomK2HAbeNzdX/Jbtt4LXYMGjHkm0frhWRmIxtFe1mu 9MKu6hkj/pLa99vpo31HfmOHqh/m/03Xw3P9l/3scRnul3kVYABn6fGtDQplbmRzdHJlYW0NZW5k b2JqDTU5IDAgb2JqDTw8L0ZpbHRlci9GbGF0ZURlY29kZS9MZW5ndGggMTE0Mz4+c3RyZWFtDQpo 3pxWTVPjOBC951d0zWE3TBHF+QTmNkBmi5phllpctYdlD4rdTjTYkkuSgeyv3245Hw4xzICB4Lis 1uv3+nWr/8ftABaucx53+nE8hAHEWWcQiQlE9BNuTiYimsLJ8AziohPBgv7ihD8eO104in/QbW8g BqPBGOLL9aP4Y6cnoiga8KvdK+3RavQw0wulEa3SC4ilu4cvxiYIL11XAs6ltaisPIZZKpq7nQzC bpvQvUsrMw/vuK7+Q11iSyIcWqeYgvPSV+4TnF/c/FrIcwHXxnqjd6iJkO7sqVQWKdC1XMH4GIbR YPQmqDPtbeX8NiC88/oz8WaOFkaDAGJ4yGuQuEXdhqjtoeMAsDAp5g5MBn6J8DfO4ebr1c9gp6xg 7xHn5b3qhURDmF4UbVYeoqrRNlB9njtvZeIPoTcW71cno14qB/RrNDJoCY6KlW4CJEdJSA+pSaoC tQ8pmRKt9MroZo6N/ChdQaVFq9AlVs3RQWKKgt5/kFZJ7Q/I8TviOE7/wk0hceRHAjo6Gw63/12i O6NTMSZ7brMSdbaLjpjWj+s8Z/FP4oxPTsVwCpPJmZgOYSpGIMbDKBqDxU7GPaGtE0wmdD9l8up2 8HqZ3Abz1NkSw9dYmBY52xV5Zm564qp5obwnUyoNWZXnRKvOjC2kpj7yqPwykHrYJyhkac2DcqRZ QMNmPjkFqdP69ky8rWT2sTmQlvY39p5b26ZUtiK3NsBGuTR64V33ahZ/uTui8vluPNa1ZyiIhYU1 VemgoO4hc2cgVVTral75FxI+hCOfc+oEU42QUygGm1TUbqnGt2+1NXiAdc4kCIFbel9+6vdTSUqT 9e7RCoU+E8Yu+rWB+uuwffEr0rcxG+I0EnmQuUqBhCevFvJJFVXB8J16Igtpv3TtjLDaTN8coSoJ MKbHVOplLhO+o2hm7kyOXF/z1Zr1BnueAqzaGfGqwNrx3Em0LKnaSnI6K2igcniYlqOtMyReEmzW QkFraGHOcGhpokIRYLGGQ/Wgee0HVpddQBstaKo48eENbfIFhz0qchSGMUW9sDmn3uKOC1OurFos PVew2mX3mui7NXfd5O6oHkvshPVEYeXYSdR3HTtYpSSJyhQpJd3Lnt82bVn5pbFc7p8pxbAT8+/Q PmAq3jEttpHrrvQDaeaQXI22Eoy/zeB3B99wQbI2p8SuI/2FOc0TMivFCIsut2XXmthdd227MDcQ d5bLiXHtsKeoLxKRVCGYZYyOBGVIXPbsldYyLqs5rW9MtkamxN1NjpJK2eKDwkeORl/SPaDrzBIy Lbfn1fFantV2EsLKVHajAPNEKlAbS3zgIbRwelJisnfOIVqeg7mgWUkfRUlTm7fHpzD5qSIya4r9 16HYnJsOmFQ6ySuKdKuKMq8r6vz2Er7VNIKnsJzDBn6YPLcY4MJYvEwlc13Xbq17Q2zOmrtamEh8 wuSsTUX+o9MuHQ5WvGEj+b29OW47VvGGBrA5V8Nv66Nq45RZH1NfP6X+cyMXCIN/N+eM/wUYAEd6 ZBUNCmVuZHN0cmVhbQ1lbmRvYmoNNjAgMCBvYmoNPDwvQWx0ZXJuYXRlL0RldmljZVJHQi9GaWx0 ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDI1OTcvTiAzPj5zdHJlYW0NCmjenJZ3VFTXFofPvXd6oc0w 0hl6ky4wgPQuIB0EURhmBhjKAMMMTWyIqEBEEREBRZCggAGjoUisiGIhKKhgD0gQUGIwiqioZEbW Snx5ee/l5ffHvd/aZ+9z99l7n7UuACRPHy4vBZYCIJkn4Ad6ONNXhUfQsf0ABniAAaYAMFnpqb5B 7sFAJC83F3q6yAn8i94MAUj8vmXo6U+ng/9P0qxUvgAAyF/E5mxOOkvE+SJOyhSkiu0zIqbGJIoZ RomZL0pQxHJijlvkpZ99FtlRzOxkHlvE4pxT2clsMfeIeHuGkCNixEfEBRlcTqaIb4tYM0mYzBXx W3FsMoeZDgCKJLYLOKx4EZuImMQPDnQR8XIAcKS4LzjmCxZwsgTiQ7mkpGbzuXHxArouS49uam3N oHtyMpM4AoGhP5OVyOSz6S4pyalMXjYAi2f+LBlxbemiIluaWltaGpoZmX5RqP+6+Dcl7u0ivQr4 3DOI1veH7a/8UuoAYMyKarPrD1vMfgA6tgIgd/8Pm+YhACRFfWu/8cV5aOJ5iRcIUm2MjTMzM424 HJaRuKC/6386/A198T0j8Xa/l4fuyollCpMEdHHdWClJKUI+PT2VyeLQDf88xP848K/zWBrIieXw OTxRRKhoyri8OFG7eWyugJvCo3N5/6mJ/zDsT1qca5Eo9Z8ANcoISN2gAuTnPoCiEAESeVDc9d/7 5oMPBeKbF6Y6sTj3nwX9+65wifiRzo37HOcSGExnCfkZi2viawnQgAAkARXIAxWgAXSBITADVsAW OAI3sAL4gWAQDtYCFogHyYAPMkEu2AwKQBHYBfaCSlAD6kEjaAEnQAc4DS6Ay+A6uAnugAdgBIyD 52AGvAHzEARhITJEgeQhVUgLMoDMIAZkD7lBPlAgFA5FQ3EQDxJCudAWqAgqhSqhWqgR+hY6BV2A rkID0D1oFJqCfoXewwhMgqmwMqwNG8MM2An2hoPhNXAcnAbnwPnwTrgCroOPwe3wBfg6fAcegZ/D swhAiAgNUUMMEQbigvghEUgswkc2IIVIOVKHtCBdSC9yCxlBppF3KAyKgqKjDFG2KE9UCIqFSkNt QBWjKlFHUe2oHtQt1ChqBvUJTUYroQ3QNmgv9Cp0HDoTXYAuRzeg29CX0HfQ4+g3GAyGhtHBWGE8 MeGYBMw6TDHmAKYVcx4zgBnDzGKxWHmsAdYO64dlYgXYAux+7DHsOewgdhz7FkfEqeLMcO64CBwP l4crxzXhzuIGcRO4ebwUXgtvg/fDs/HZ+BJ8Pb4LfwM/jp8nSBN0CHaEYEICYTOhgtBCuER4SHhF JBLVidbEACKXuIlYQTxOvEIcJb4jyZD0SS6kSJKQtJN0hHSedI/0ikwma5MdyRFkAXknuZF8kfyY /FaCImEk4SXBltgoUSXRLjEo8UISL6kl6SS5VjJHslzypOQNyWkpvJS2lIsUU2qDVJXUKalhqVlp irSptJ90snSxdJP0VelJGayMtoybDFsmX+awzEWZMQpC0aC4UFiULZR6yiXKOBVD1aF6UROoRdRv qP3UGVkZ2WWyobJZslWyZ2RHaAhNm+ZFS6KV0E7QhmjvlygvcVrCWbJjScuSwSVzcopyjnIcuUK5 Vrk7cu/l6fJu8onyu+U75B8poBT0FQIUMhUOKlxSmFakKtoqshQLFU8o3leClfSVApXWKR1W6lOa VVZR9lBOVd6vfFF5WoWm4qiSoFKmclZlSpWiaq/KVS1TPaf6jC5Ld6In0SvoPfQZNSU1TzWhWq1a v9q8uo56iHqeeqv6Iw2CBkMjVqNMo1tjRlNV01czV7NZ874WXouhFa+1T6tXa05bRztMe5t2h/ak jpyOl06OTrPOQ12yroNumm6d7m09jB5DL1HvgN5NfVjfQj9ev0r/hgFsYGnANThgMLAUvdR6KW9p 3dJhQ5Khk2GGYbPhqBHNyMcoz6jD6IWxpnGE8W7jXuNPJhYmSSb1Jg9MZUxXmOaZdpn+aqZvxjKr MrttTjZ3N99o3mn+cpnBMs6yg8vuWlAsfC22WXRbfLS0suRbtlhOWWlaRVtVWw0zqAx/RjHjijXa 2tl6o/Vp63c2ljYCmxM2v9ga2ibaNtlOLtdZzllev3zMTt2OaVdrN2JPt4+2P2Q/4qDmwHSoc3ji qOHIdmxwnHDSc0pwOub0wtnEme/c5jznYuOy3uW8K+Lq4Vro2u8m4xbiVun22F3dPc692X3Gw8Jj ncd5T7Snt+duz2EvZS+WV6PXzAqrFetX9HiTvIO8K72f+Oj78H26fGHfFb57fB+u1FrJW9nhB/y8 /Pb4PfLX8U/z/z4AE+AfUBXwNNA0MDewN4gSFBXUFPQm2Dm4JPhBiG6IMKQ7VDI0MrQxdC7MNaw0 bGSV8ar1q66HK4RzwzsjsBGhEQ0Rs6vdVu9dPR5pEVkQObRGZ03WmqtrFdYmrT0TJRnFjDoZjY4O i26K/sD0Y9YxZ2O8YqpjZlgurH2s52xHdhl7imPHKeVMxNrFlsZOxtnF7YmbineIL4+f5rpwK7kv EzwTahLmEv0SjyQuJIUltSbjkqOTT/FkeIm8nhSVlKyUgVSD1ILUkTSbtL1pM3xvfkM6lL4mvVNA Ff1M9Ql1hVuFoxn2GVUZbzNDM09mSWfxsvqy9bN3ZE/kuOd8vQ61jrWuO1ctd3Pu6Hqn9bUboA0x G7o3amzM3zi+yWPT0c2EzYmbf8gzySvNe70lbEtXvnL+pvyxrR5bmwskCvgFw9tst9VsR23nbu/f Yb5j/45PhezCa0UmReVFH4pZxde+Mv2q4quFnbE7+0ssSw7uwuzi7Rra7bD7aKl0aU7p2B7fPe1l 9LLCstd7o/ZeLV9WXrOPsE+4b6TCp6Jzv+b+Xfs/VMZX3qlyrmqtVqreUT13gH1g8KDjwZYa5Zqi mveHuIfu1nrUttdp15UfxhzOOPy0PrS+92vG140NCg1FDR+P8I6MHA082tNo1djYpNRU0gw3C5un jkUeu/mN6zedLYYtta201qLj4Ljw+LNvo78dOuF9ovsk42TLd1rfVbdR2grbofbs9pmO+I6RzvDO gVMrTnV32Xa1fW/0/ZHTaqerzsieKTlLOJt/duFczrnZ86nnpy/EXRjrjup+cHHVxds9AT39l7wv Xbnsfvlir1PvuSt2V05ftbl66hrjWsd1y+vtfRZ9bT9Y/NDWb9nffsPqRudN65tdA8sHzg46DF64 5Xrr8m2v29fvrLwzMBQydHc4cnjkLvvu5L2key/vZ9yff7DpIfph4SOpR+WPlR7X/aj3Y+uI5ciZ UdfRvidBTx6Mscae/5T+04fx/Kfkp+UTqhONk2aTp6fcp24+W/1s/Hnq8/npgp+lf65+ofviu18c f+mbWTUz/pL/cuHX4lfyr468Xva6e9Z/9vGb5Dfzc4Vv5d8efcd41/s+7P3EfOYH7IeKj3ofuz55 f3q4kLyw8JsAAwD3hPP7DQplbmRzdHJlYW0NZW5kb2JqDTEgMCBvYmoNPDwvQ29udGVudHMgMiAw IFIvQ3JvcEJveFswIDAgNjEyIDc5Ml0vTWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MiAw IFIvUmVzb3VyY2VzIDM3IDAgUi9Sb3RhdGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNMiAwIG9iag08 PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDY4Nj4+c3RyZWFtDQpo3pyWS3PaMBCA7/4Ve2pp pzh+BEiO5DEdpnlN8EwPnR6EvHbUgkUlmZZ/35XNwwYcMPaEIRn729Wn3VUuvo59SLVzEzkXURSA D1Hi+J7bA4/u4sug53p9GATXEM0cD1L6ibj9+Ot04FP0i752fdcP/UuI7pyu63meb5/ojDKDKkPT vVMsMbC+IpVrAzMZ41SDTMC8IXzHCbx8G22egWdu5AQVBJ4fFEGiz2XcWsiBvxMyYpMpWuitpOCZ 0fsJVijErLxLUX0XgLJWMs65ETIDcFvf4RrdKRZCgQn6in9yoXBWpPTAsjRnKbYC1la8RgeEvsNE ZMJmq8/MtabHoi32hmnBwWz3qiW6V9UQurVthwVTglkV5wIt0nq9RWVEIjgz2M21yFKYl5sHLJZz CqCkNKCNVNgAPOA1LLw2o3ONGp7HVfZ76K1Xiw6Po0tTY1QLwRHGhplc1xdfXg+CHhtpnWMMkyXV GJdpJjT9NszNm1RUFKhPtXlZzwve5DSm/uPbP2kQm1jF0m+HFWC/2WaP0M8Zbl7iSmrdXZEJyzJJ M0AdgB5A1232bcNSVtYhvSksDFiSiKmwizhaVP1dDYOiWVMyq1gxAdhK5fI0+B7wygJXCyOCnCOB S4kMUrmgCWmnQmOGg2av1ztbRsWjIKYxw810WbZuuWcrO79x2Yyue6XBfxzN98tlHWKw16y+e6i8 Vjpqab6joQoMDgK1zBUn3oxlNGELs3QaVOgnePXDg+gSqeF1eKSoGrzaDhsNn4b2bNIixrLA2g3t q6oG21dj5HlRnWdCa0DbTU9SzYixQGqDBBVm1mbrDPe8lhNJf4RhHCvUuh20vK9bHOY3TCkUisEH eJTK2KN8fd3/m1Mha3hkS7j8Yv/DCGHv+vFiD+jgZ4G+j5z/AgwA6zA5Wg0KZW5kc3RyZWFtDWVu ZG9iag0zIDAgb2JqDTw8L0ZpbHRlci9GbGF0ZURlY29kZS9GaXJzdCA1L0xlbmd0aCA3NS9OIDEv VHlwZS9PYmpTdG0+PnN0cmVhbQ0KaN4yNlcwULCx0XetKHEPLkksSQWy3YMNFcxMgOJBdnb6bvl5 JUCxkBAjBTMzqFhAUX5ycGpJtH6Ai5t+SGpFSaydHUCAAQDM4xRGDQplbmRzdHJlYW0NZW5kb2Jq DTQgMCBvYmoNPDwvQ29udGVudHMgNSAwIFIvQ3JvcEJveFswIDAgNjEyIDc5Ml0vTWVkaWFCb3hb MCAwIDYxMiA3OTJdL1BhcmVudCA1MiAwIFIvUmVzb3VyY2VzIDM4IDAgUi9Sb3RhdGUgMC9UeXBl L1BhZ2U+Pg1lbmRvYmoNNSAwIG9iag08PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDE2Mjg+ PnN0cmVhbQ0KaN6kV11z2kYUfedX3OHJ6YS1diUE8kvHsd3WUzt2bTKZTpIHIRZQAhJdSXb973vu 6sPCYAMNHqMVrO7ee865Hxz/fi9plnU+jDrHo5EiSaNpRzqiTw7+7GLQF45PAxXQaNlxaIb/UcRv j50jejf6jmVPCulKj0bnnZ5wHEfyjqPLJNcm0Xnv3ITTnOrXyBRZTst0ohcZpVPK55o+6zHd/nnZ 7KGbKE/H2pBypLKHjH4pz107ciBfHCkFEY416aSI8jhNNv1rGYHJtUf54Tv9TxEbvdRJntFVmMyK cKYPcIDjQzw/9BM9pmaSUff60/2o+7680scbu767+OvT5d3FOa/v/zi9umoW1Y4Nt9kwdtx8uqoe 4tWzubOb6+uLj+elxevTv3EJkwl1b25HlzcfT6+6FCcAOs7qUNjeJI0KDpRCoylPaayxC5StjM71 hMKMJjqLTDzGDR6/++2MlJQBfcGKF9/EQcwowHuup3ESMzPZAdSUkjjTJo+ncRTm+sSCvCrGiziy WENGIRWZNu8RyExDUoYe43xOWbrUlNr7VuR4xck0NcuQXXlPRicTbRBmwZ/OdDheaBo/kU6ieIVn LUrWHot1ZeIHOLEZbmW6coi3Ro3PLMawyOepiXNoYx5Hc4qzrGBsc/ETYLDh08bw16Oz06/vqNf6 KOd8wzGIJ00AhkHuGf0CDsYuYxFERnNsrJ4wy+JZ0opBZ2Iz6E3uNwrBBn80TxcAnN2kJMwLEy7Y r4WeYbGCJ4jpcZ4CIIonwB6PIYB1jyFPRjgrxt91lLNAw7ar4rCkfeHfKoWynk6se0scnemcKTXF QvOxIZ83KSGxXmzNV3ZytYKhcBwvmAmr0paPjHdIqxAfRMUiNBSly2WR8Fbgf5y+1Gy0ACXWSmnW cm9lyQ9inemosJybVhn7GST4gFsTopZGmu5z+GxTASq7vf/6jvHJmg8ryb8GxaoyU+EXviphvVwt 0qeMGeUEiZNZux463Icao8swCWd2h9EP6Q+srHKRz/qRbwCh0T0kJN+sCZktouN5Zcc7Pst8ijLc AAs3UKq5ZlHScYfCQzfkY798GH2WJ2Qduhh1vMFQKJ/cITwbkjsQQ5LCGeLQzpR76rZO6g6U8Ibc TI/OU3pKC3oMAR+0oP9dsfe2TuM2TqJFMdFrimG4iwxgpg9xBtwQ16/fqliq7s0t2lPCLz1ukQ5/ 346z8s8PhEueN8D77mB8RyivngwOLQN18vZsPY82CwSS3Gj0owwCK7tQLbFWVryd9Dtaia18a4XI ovkmTkpWamhqVhn2rNNvhNKqYinWtlKE+9Gggr7oA1onEEOP+r4YkPBkEOxgwnHEYNgw0Qbztewp Mk6LVTktHZQRGMqe80Gd0Hk8sUqO0NhjJq40zWRhoFhS16KMUSrJuzUIGO3YbzX0haPIVXIfvakB ZKmYzKWFv4upsacTbtgTah2yLSnkoGbn8KRQA09A0HKowMZuL/0+dpdebuTF7vbTWyPGirNe29qp H8JFUSlqO8/rpRc4tbdF85C7JXf4yXfMBii1+B/refgQY2sYRZhcLX3pi4q+Lh+kZbE4TDdcIJ+F 457QJSLTU9DWfSWontGLMK+6P8iSyIcACCu/zBHU0j34APVD32oGCp3YAbQrtkhkINT/Voj0hD/k A/09HHKwTb0ikFcK5wUI41kot3NJtKWM7lG56vJUDqBWTXXt8uuWcYQ8KjXRmrD3QsL1PcZZBg5f XIl4hadKJFw14MgliltQdkrRd4MgeBMnicZaEmdRmlYj0db5ojCrlB0vp32EhnkI8+tG5/+JEdb+ osU8GDPqZ6c2M3FhGHdjL4NG/DzYJikPQSbF5ey05gChbwrwbbM1ay1nObVri6rpSPbXRrZnC0Kd Q5ZJzxUKI40zELLFZOALt/lS9eFy891rPLoe9rb03mZkjyCf64aOmx9zdtCp8TrigakcF4HnnmFW xQR8AyXPs0HubLRSAVOnnbvlqP88se8bS6nUeF1UGHWqPI911rDoNDSKg4YI/EwXfVVWpXZsdeTK s7sw4fplPu6IHWvPf459/8xpqGknDVWaXFMDiNwNIhiriX/ZAXksR1vw4S2PRB7ZeVb0LWdvBTfk SYt7RDl8biVCykOJYAYkjLti2PCgGleqk4dc5UoBtvz8T4ABAAdjD30NCmVuZHN0cmVhbQ1lbmRv YmoNNiAwIG9iag08PC9GaWx0ZXIvRmxhdGVEZWNvZGUvRmlyc3QgNS9MZW5ndGggMTAwL04gMS9U eXBlL09ialN0bT4+c3RyZWFtDQpo3jK2UDBQsLHRd87PyS8KLkhMTgVxis0UzIyBEkF2dvquFSXu wSWJJSAJ92BDBTMTqIRbfl4JUCwkxEjBzAwkBmSaKJiYQ6UDivKTg1NLovUDXNz0Q1IrSmLt7AAC DABvaR4TDQplbmRzdHJlYW0NZW5kb2JqDTcgMCBvYmoNPDwvQ29udGVudHMgOCAwIFIvQ3JvcEJv eFswIDAgNjEyIDc5Ml0vTWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MiAwIFIvUmVzb3Vy Y2VzIDM5IDAgUi9Sb3RhdGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNOCAwIG9iag08PC9GaWx0ZXIv RmxhdGVEZWNvZGUvTGVuZ3RoIDE0MT4+c3RyZWFtDQpo3mSNsQrCQBBE+/2KqSSCuezmEoNtMFgF BLcTi0PiEUEjF0H9ey8pbJxhhlcMTLY7CPxItVKmmkOgFxI2JTh6hqo0vEaVb6A3YvgYPU/1ogRL vUZMxYiVArql1DCzTIukdiF0fXBYoB3Cc7jjp+b96EM3onUfFCvkLBZ/Ou6d72BP80mj9BVgAK1t JgQNCmVuZHN0cmVhbQ1lbmRvYmoNOSAwIG9iag08PC9GaWx0ZXIvRmxhdGVEZWNvZGUvRmlyc3Qg NS9MZW5ndGggNzUvTiAxL1R5cGUvT2JqU3RtPj5zdHJlYW0NCmjeMrZUMFCwsdF3rShxDy5JLEkF st2DDRXMTIDiQXZ2+m75eSVAsZAQIwUzM6hYQFF+cnBqSbR+gIubfkhqRUmsnR1AgAEAzXMUSA0K ZW5kc3RyZWFtDWVuZG9iag0xMCAwIG9iag08PC9Db250ZW50cyAxMSAwIFIvQ3JvcEJveFswIDAg NjEyIDc5Ml0vTWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MiAwIFIvUmVzb3VyY2VzIDQw IDAgUi9Sb3RhdGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNMTEgMCBvYmoNPDwvRmlsdGVyL0ZsYXRl RGVjb2RlL0xlbmd0aCAyMDUzPj5zdHJlYW0NCmjenFhdb9u4En33ryD24SJdJKpE0from9stFovF 4hatgT5s94GWaVtbWQpEOVn/jf3F9wxFSlTixspNgMQRFXLmzJkzM3z765eI7fXi/Xrxdr3mLGLr 3SIKgyUL8W0+pMsgTFjKc7Y+LkK2X9wFYRjixQJ/rR8XN7/VnWpr1d390spdx9zXuj3pjh2brao0 a3asOyj2VW3Yp99/G95h/y26ZqNaxsOIszfrv7HlXRREcSTY+hfav1jcmOfrn71zb/p//tRUZXFm R1nLvTqqumPy1B2atuzO7I6tWC27Uysr1rSsUnt8uFetbmr2eGj8s9KIzrJ7yu2xrEsNj7SxuFBt V+7KQnaK3ffnbc7YoSwOrKkV7X1sWvXcdrvf+P8lTnb2lQqQwBrsGjj3rjl72uD0u+/qzMp610rd tacC/in27QaQfnsDl0vNJNNnWH9kO1hmHGiVOfv2hy7rrmkB4C2T9ZZt4Xtbbk7GXETN81+bHd5+ 0AkrNJgCC+Oc8+G3LuoFz4IMxKHNaTcfPd0hHP0eH9eLOE0DkbBE8CATLIqzIGGBiPI8Y61a7IiQ l2iYxDG9DybeAIWmPfa49vHoDrKzXu4XUTxaApBOWm1Z17AH1Za7s7PiZWfckWGQJ3T+1MIoy4wH /XIcwcbJ8jIMElrGWgpTgqUIQ/GyczyirWya2egYpyS7l0CyOFWyZfeGCYyYsFFVU+81OSYN2LKs GRIBGRC8mE4THjzj2mdVnct6bw49v0MmXQ+8B7cfdBeNNOB2FYFoZ+wX29fBYnATqW1wGDN3Twi6 E1tVmYyqDeNnxZZHOWG9zJcBH4LLhwiJyDy3yxw/J8sxT03AwjCIGXiA1WV8jbvLLKHNXHi3spNI ZQTuunaoOREY8QBofnbct81DuQX/oVz+nidtgtw2WyjJgCuY7PaBdbPAtKmwTCkJYqRoPkHrR3gk HJ8dHEf5nazZqqLUMFoHz3n6nL89XBf4uycZm2ruGUL5efXtDfjscqQnFVSzVfoeZ5abShnhtCJs twN2tS/iEDbalB7aR1OhZPq0+VsVnb5lENInm5kjtw3oWjcd0+W+phpSan1SU7H9dlMGKiBVZp9X ZCQKKapYhzj+SMmdAnRSfzfpsFEHWe3IPMk+wPfg1TX2cwMrPbtmKYHL9XfYwFQl9dGxK0GiWXIB wZa8O9WEAtzyhO0p9Wfkc0xyK9IkiFFPMkfBqKcgx/NxGT+mqzGYiNUsCuKMCRFEvVxHL/JXJClt 5ghsaXOxqWBaVbs766bv21CyrnjHB0whnw9gh6RS35kWS9bFwWQ8nrQULldiwyyIYOYSznHGI+FE 7IpbIqb3qcRSZ6AM34fwueDZlFB9l2RY8uG1MXPnoVAiJvEs46BOiXhSIldehvcsf13BWvWw+XEB Z6n49Znj8dL6ZauHoG6E8URQ9ZhBGPxXagqAE5ZpI6eLA9rYYChwibPQy9G5oFIrgXYefBdzapMI 0aPwEdcZGmtCvkJ+rw+zypMj8IS0l9vj89C9OrwzbpqsPCZjo2X0hMoYH2ghzsF4hizOJz6LWFAi 9Ks2u68iEmeCfplO05F9yx6hWqzstM+JMfF8BsEB88zk0Lbclx0GEOuOOwHwQm7QamQTb0SOUk7r 6Bf4bDmKU07bkcFPmDxk6PT4VBipxP75rP2TMODCY6+f7xdScEXsQMOm1QQsDbyK6kTtyNheuBM4 2CpESvI8wyCRBbGfTtJD/EKXGLwmgWK071DBCDIhZhkTI9Myl0DzO5XBYDOxatVNe4lpVow46qF1 Gc8IaUQfao46btTWoix9Zt5N2r5gRvFJXc323Hq7Xov+tsAter79+X79VaD4fzk0pwptJzqbg6z3 tnOh0gTJJIaHuZn+EpJRZPCVjAzNKxRvzDs/Tcqo0RSD40/9GKt2GOMNfMdma3L3lmrmY1lVsKdo jmqc2wcC8jxFLoglxP26OTzLA5OzJuMqJU0JPp4Zsr2jiUyjBSQDYoTGTGqPwV8WOnvRQlRBSv2f Gs+hDyEKO9H0qrEYt0PeGztX4b9c7lloHvSxJ6mmm5APc8ZEFEzXQjyi/VO+llrXBfgGbnCIAaal KAyNOl69GeDLeAyHVRonAmLsnnp3Nuex85qLNgQhdmos+Mu2CDSSE7R7wVxdB0gMcvUvOvjHmhVN 208n2z5rywcCHQ4OCpcP3s1UuAjzLMY1HmNqE3T11g+/L7vEc3r5tfq29or9q0bYd3ZykKunreco iJDHB+VGuVbdAyf8gfA+lNKO1XNHV+qOE2gQ96HgYkl9g12zQ8Ok4aA+MJ1fonm4DBKfFx7zL10A EI3NtKl1U5Rm9KNbg7lXht4N7Czsx7HtbiDXEBDT5rVNpXR/UUhNRasqU6L0obzXkLjuUSm6g6Ga PxN9TghHmKSiKcA2LhE1NcLG5TrA0TILQvEs8azZ/VVaa+xWD7I2Kk1++DfIcA1r1WkY7GfczujX RYRGuLKYM0pHwaQ6vHNhGUR0huReqM+m1fgyXPgMu/V2sTkqxQcVf3bzOo74qkbZL2hGtDKwnUmL XNCgFCG7UNx6XowFwA5fdtWO+uOyvZuzy8/uZTkmHXSNERc08ltijdMAiWI2LJuj/VWq+cOqvde9 OkpE+CwSj5VFU+9oqADWtge+RDCQtOjapoZAdK2stTTtxMi1m/cSpaFsJfsP+6NpO9B1+Pr4z30J OWR/yDMTt6TxMXv29ecnsJ6Jv1xQ/ifAAOdugU0NCmVuZHN0cmVhbQ1lbmRvYmoNMTIgMCBvYmoN PDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0ZpcnN0IDUvTGVuZ3RoIDEwMC9OIDEvVHlwZS9PYmpTdG0+ PnN0cmVhbQ0KaN4yMVAwULCx0XfOz8kvCi5ITE4FcYrNFMyMgRJBdnb6rhUl7sEliSUgCfdgQwUz E6iEW35eCVAsJMRIwcwMJAZkmiiYmEOlA4ryk4NTS6L1A1zc9ENSK0pi7ewAAgwAbG8eDA0KZW5k c3RyZWFtDWVuZG9iag0xMyAwIG9iag08PC9Db250ZW50cyAxNCAwIFIvQ3JvcEJveFswIDAgNjEy IDc5Ml0vTWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MiAwIFIvUmVzb3VyY2VzIDQxIDAg Ui9Sb3RhdGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNMTQgMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVj b2RlL0xlbmd0aCAxNDMyPj5zdHJlYW0NCmjenFjLcttGELzzK+aUKClpjRdJ8CjLrpQqcdkVMZVD ksMSWJJrA1hmF5DCv08PXgRFSKRMlyUYWMyjp6dn6He/PPi0cZP3y8m75TIgn5brie+JKXn4U1/M p8Kb0TxY0DKfeLTB32XCP54mV/TT8isub3zhh35Eyw+TG+F5ns8nru6LUtlClTcfrFyX1H2WtnIl 5SZVmSOzpnKr6E+1oi+/3vdn6HNSmpWyFHh+UDtZ/tz4PXI595+5DATRe+l0QuXBy2mQA0uwO3gf nu+LOqJVbaWLa2DtmiQlypZ6rRNZqpvK6WJDO2vSKik7k2xIF0lWpcrhvDWmJFcaq2BblpSYopS6 QPqFImNhGE/qQwfL2hSnqbJdWZVbY3W5p121yhDkN7V316RksmU4n7YaF9pRVaQAkHNhd9Zk/FTS 3S3JIj3FhE3nspAblSJ0fmdtLG4kip50ua1feHfnZpQ4sASQhYsg6H+7pJj4sZiBNGyLvcrWx2YS 9vcHwNHOIPj9JXZ9EfV2gR5yk0midqVq0vi4nASLqZjOaBZ6YjEjP4BDEfmLRUxWTdaTKJiL+PDY 80R89DyYeyLk5zMKpgLep5HnRc0zdMZYP8wCn22hJa52VrnE6hXC6ZBFSN2xSIDBcXyhVVx7cW2V K53mutAOXaTSHsxFD+Zq31R3gOkxGV2122VaWTTFR2aHq5JtF97rkHfRBCKIOrzORz9dxILJ1MgE ZzDC6QN9tXNV3R7DDEpz1BSjNL2AMgi4AUmzCOUq1Wz87tax5Q5KFKY9hEgYODw/b3vWF6BpZokw R3uN/+lkrjrIFyEzZhqHIozBUaZo0EMaxAsR8NMYdymIpmIOyMOeoi9BPo/YGhMmMXmubKJlhjy6 FOc9EOItlZ/OZ6g3xeD4RVHMAlwP6l7T7YBq26+u7g90y84UqeNSDytv1b+gAw6trclrEozKX8eM 4auSeZ7IAi8/anmsqmqDDrInenpgU0dIDS5eWNC7W7TUfXNjoPhtBixQG4toVHrNR4qTNu3jpZVC 2eomGNgZHt2aLK07eLnlEZGpLpCjxIZNxbiOIseSrm1ev42CVFZCfltrulH72hjk41GnzRh4Hvko gm3eF7RO1zioDqJcqW4SjjrrOBwEbyWxH8ZMy4hlF80ULjBAhnr/Ao2j+YLPD9ec1zccaspyrMDg jc65vrrM9j3zObd24rWQD+bfSamaQZwrMORQWuh9sjWmlnigB0+gzU7Cd1Jl0h5tJeOFOhoPYmSv OtmGbrOM1lWRMDH6bY0bGj3iqtVXhTGDWGpKVaku2XiinKPBUBzNcGR4NYCIN6xroThaJ+lRWl2r wOUbY1NCZFNnpB6VlQM7bcKrk5Wy3pDyHN2CMrwtZB9B3724QMrUMF0GG+MFVap3VnR+G/d1o1Tt 9O+SSM75HK1Tz1SWR1gyuGF7264mpdnta05ulbaDyLGU8uZoqnKcjU6pb/yehtbuFH6A7YqVh3dO uBqsoOe5GorgVVxRJkefH54De5TvZR0/CvbL4KYGjgtTR0CaOfVUHA2NPiCeKQW2PYmxoduIa/gz WTIQZHaK9R7G3R7n8ubdga0mLx6yR33VtCS/d2hlNK16lFlV71zbF2bt6SD60Q1vcsToCLlvxlyy Vcm381MgDBs1b+B2ncx3a9UQ7Xoed+Gdlf0IOzm+BQTeXMxjmomwWVr9V0Xfx1o2j9jhYX0Z5t2q HBJPTY5RRQVvABiVyLZdGNr5B6lrVW2U7s+nhHiDSmFlPM/uRgkflH3UaKCHUpaVo9+wJNA9b9p1 dKOR4fM79pANvmvg1O1gH/oe7RluX8Pd6u8rJTb8VeQPQMgklNl3teB7aS2ERtIP9MnYEhLcfz7+ t9PQHfoERkbX/J8HIZ18/vqC0UrTfzpO/S/AAN5xxFINCmVuZHN0cmVhbQ1lbmRvYmoNMTUgMCBv YmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0ZpcnN0IDUvTGVuZ3RoIDkyL04gMS9UeXBlL09ialN0 bT4+c3RyZWFtDQpo3jIxVDBQsLHRd87PyS8KLkhMTgVxis0UzIyBEkF2dvquFSXuwSWJJSAJ92BD BTMTqIRbfl4JUCwkxEjBzAwqFlCUnxycWhKtH+Diph+SWlESa2cHEGAAScQbtQ0KZW5kc3RyZWFt DWVuZG9iag0xNiAwIG9iag08PC9Db250ZW50cyAxNyAwIFIvQ3JvcEJveFswIDAgNjEyIDc5Ml0v TWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MiAwIFIvUmVzb3VyY2VzIDQyIDAgUi9Sb3Rh dGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNMTcgMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0xl bmd0aCAxNTU5Pj5zdHJlYW0NCmjepFjbktpGEH3nK/opWafYMRJCiLztrl0pV+KyK6uUH7x+GKQB JhEaZUYCk8/IF+e0LlwWeSEJe6PEqC+nT59u7eufHj1ausF9PHgdxz55FC8G3khMaISv+s10IkYh Tf0ZxevBiJb4iRP+tR3c0Kv4d7y99YQ39gKK3wxuxWg08vjEzbu8VDZX5e0bKxclda/YVq6ktUlV 5sgsqFwp+qTm9PHnd/sz9CEpzVxZ8keeXzuJf2j8nrices9c4k6rllUmS2N3JKtyZawutXJPr6iw ZqNTRZIyjQDg+eHO0XalkxWt5EbRXKn8PCG2KZ1T+E5pYSyVHP/W2HKlc1ytr7lCJXqhEyoqWxgc pqcbJZaiNvf6wYWUOGCLQMcz39//dUk+GIcAmv1sgYHTpXJNCMvBRATNR0eJv40vmAsmYy5XGI3F JKJJKKYkJuPZLAIwgwXXua+6YTgTk6Ar8Cmga6VKnS/p7W8dttrkAHRIicwygMIFbIr6qOxGJ4oe S1lWjn5hnJ9u4sfHX55eiXNoryjoWASC6EHZkuGVpaKVyVIQIzlccqSdqxDIfEfWmBJ1fdEXqHSa 4aNZK8rUUiY7rkDVZEipWsuc05NlnWPyYhSdaTY4V11IqbYqKbMdx8Y22viGtNXgZtUY1vnGZBu1 VnlNyzM82KTmZlqrVLMrMI7tc1XAYQAUr7RrWgofUG62CL6AZxxOhzRv/fRyu7AyKbloW51lqPBa 6hzeSC0WiBzvUrXQOXiZ7URPJ56CCdIhmg/5PlFKrHHutsUJpZK5QSi2r1BNsuekOBMWRH1Hbg32 1ak5vczrIgC+An2J4nW6clSf28oxXlCBtEpKxykeVYwxgARUTlFqFEPItuq2bwzJQs51pkuU0XB9 qyJlcNlMB21rCmlmKZMWHFJ/VihqthvyIdjee09N7UImiSrKUzL3l3/PcBatmpKJXDN1EI76ikZT OWoInQW28LWjrbIKsVi0YG/dQZDM7BRHepcxF5crvlE/ay0JK02UjftcwfAhj2MI0SsGithFl/fA VGMzbI1wJqZQlhmNO+SxsVQ7mW5QUblUjHjTbrhjSE1PIsPErNcmR2/JNLVNofQ34Dsxhyyg90yG Jt+immeQ7j/Y5Alb64SRR+O8F8WHu76meFmiz/TnHo3KzKuJ9iyCrk+QmcycQYMmBnT/65m2yG46 NHoe+J6Y+RQEUzG+Rv+D0VREPut/LQkGeOwI6ge4alXqJimIrMuuaHUPgRvGpjKvBaRc7ZvhEMpo JuA98CYiuiaU8WwiZkEXikUHIU0Ool0W5Em7tLEOeTRJm2ZMAxyT+e40ivEsEh6No+A6PPgg/vQF UWQyAfhVAZUBFq2uJyYvWUjB+XLLewQ+aonalvRZPFEoQAee1iECCpgNLwY09UUQdQE1AOyYwi0/ atbFcdAucL7otgrx+T7+NPmRR0TdyJXlKVcjCUo5DOqmwpADlacALx92kfoegoNr7AZjGnsT8sSo ha0LKhAhXI6jK5MIR+2WcVNPMJ5YXZ8NyakNaJXRRlot56gkLlXYzSQvaaoeGueFf4bqBHwPW1QP 0X4rnCAS04b0yYqnHlQtAYEYVu26qZyKLy243XYc9W1lnckJZ+hFsyvc+6EIwm7nenniIR/o9BXL 5L7u7473BeiH6QRsOfC8brG8ebffImqBQTsvFphy3Tpzcdv0wLQIqcDklDxvxttm4F/kwcjHweOn iYvzPm5l5cLyK/w2MX1V+oclCmK3OxlGdv29w06YL1nTzLGsXUJkJryQ/GjKKtZB4l0SHH8aiSji fFs6tH0t/t0m+z9h+tudAHVQkQNQQGWueHw2Hbw0G37GqyelbveBqzGa+MJn+fBZlAP/ZYCCMQ4f AbRX3P3YqSHrHf/1wl0/6O13Blfqgp9leMVJoS31+tQWupYWXlbbLfJIas4WgL4hec2ePEU//6qW WNxs/bhxuLu3E//DisxcsP0eriB7V/Gjnax/13nhUfzbEVxg0b62vZDvC35g5WXE76W1WPYkfUfv 8YyAYPavt18LTHdH74FKMOR/OYzp7PX5I6+O4ZeO4f8IMADU4sFcDQplbmRzdHJlYW0NZW5kb2Jq DTE4IDAgb2JqDTw8L0ZpbHRlci9GbGF0ZURlY29kZS9GaXJzdCA1L0xlbmd0aCAxMDAvTiAxL1R5 cGUvT2JqU3RtPj5zdHJlYW0NCmjeMjFSMFCwsdF3zs/JLwouSExOBXGKzRTMjIESQXZ2+q4VJe7B JYklIAn3YEMFMxOohFt+XglQLCTESMHMDCQGZJoomJhDpQOK8pODU0ui9QNc3PRDUitKYu3sAAIM AG1JHg4NCmVuZHN0cmVhbQ1lbmRvYmoNMTkgMCBvYmoNPDwvQ29udGVudHMgMjAgMCBSL0Nyb3BC b3hbMCAwIDYxMiA3OTJdL01lZGlhQm94WzAgMCA2MTIgNzkyXS9QYXJlbnQgNTIgMCBSL1Jlc291 cmNlcyA0MyAwIFIvUm90YXRlIDAvVHlwZS9QYWdlPj4NZW5kb2JqDTIwIDAgb2JqDTw8L0ZpbHRl ci9GbGF0ZURlY29kZS9MZW5ndGggMTg3OT4+c3RyZWFtDQpo3qxYTXPbNhC961fgVqcjMQQIfh1d J+l4emibaqaHpgeahCS2FKnyI47+fd+CIAXJtEV7Es9ElAAuFvve7j7g/c9/cLZtFj+tF+/Xa8E4 W28W3HV85uJPP4S+4wYsFDFb7xcu2y5Wjuu6mJji2/pxcXNftqouVbv6UCeblg3/1nXXtGxfZapo WLVh7U6xP9UD++2X+3EO+zVtqwdVM+Fywd6t/4HJFXe4xyVbfyD76eJG/77+0Vr3xnMih7HPVdWy u1uWw/5B1UmrMvZwZAnbVl/h0V6VrW0z5Bc2z9ayrMOv+1L7myaNYo87VSv9tZ6xYKYOSd3S43Jw nAzS64eqyFNM79pdVeftke2TI6tVkXzrrav/urxW2sqmqmF20xXFcWWbyUvYV/gPc9pdXmcrWo1s ZjkWhLFjXm4xrWlVkrHuUJUsKfvhp7Egi2lVZl1KO8kxL02rOkvKFLvO251267S3H7DtxxLzCO+k eGq1jyRZPdRVqprGGXx/AckYSN6pus03eYqIsq4BHzIEIm2LI2uJRQ0i3nS0MQT/X3V8K6prgvS0 1KpryCZ8pQhoNJKiqB576C9daisbiEw1+bakwWRwKml6b1W2xI+HOgfI9Mb7uyZgaYPcgjNeLMT4 2aTlQviOQKrpuAF00OlQqwbRTtpcg5fpZT+uF54XO0HA/JAjK7mUTswcKVxXAvbFhlJ4KnH9QOAZ qXsDcNWh1eACwgo+aj43bVWrPnDbBQ+cyHiz1CTUvO3qQ4VEQBIbV17eklnYh7uoKGHgyFmO+ngO CKy+zFCU1dek6BAIoGTjsauKDIhYPxmmza0eWHYG6SaWHMh3TukzKn5/yj3JLpt8zzj5NjJ6coTf kNEALqXryIDJKHIw1QsxzZE8jqMXIZVhTNOnyWc7rl09Z6KQTmBccV5DOwm+eZIJP3K8nnb8ZR+D kOYb0s0AFezhF+wxcTc94axazWclcL2dQpM4YiyzvDUleFwAnqyPB7yATrHULLKK1IQ1tK7kAPp9 RcEHDGTojHiwXyIDqPpTP5juGc1BpTQfgd1SkTLdvUz2atUcklQtdd2CiYYV+T43tQzfVImikvZt c5LaaEdtnaTtda4GIz+Iqq1KdyWFgSw0MAGWNWNV8/uZfeyd67YH02fwfMIy6luyPxRqOTCSyrAX MC/2iEvcD8Erm3SeGzl8HKfsmcNJL5L0oTlp8XH7Um+7vik+5na7HiMzNh9L3hDjUH80pp8/3TFf RC77C0/08LeG2Y7yvOxEBGLsLIiRlsFFanLXdQQGQ0mpqEd9eTVIAV6Sdrew6a6+tapsiHVgueag 0VjThCXx87jL0900K2myldRpUprMQX/Ks4lG9LLk4cKZA5gcwZkoNveXNQZgDvg2VYckawBkmWzV qIOv0IOjT/fvIzzDbk0LArzCi5wIYRfcCQXTONotQMahZno/jB0GZ8Ocx/1w4IRIFHwLz0CWIuyt 6/He+gwOYJ3QNJiyAkr1GIxTJ7u7nZMbQ6hXfa2lvSNuUOljdN1hjoXszKbkubETSQaFI8+jgpie hrmLEM7pqx7yJYxO1L8ie29noO+Z7esaMGzZ+z4RXLKmQ2aRJEEe9aOopWBZMpzhluOSpyql69Cs IHMEFspYRIHjQp143iCNx/oSQFoyEfOeNFSkfe9alEUYwpwlSHcVREpid180S/agdkmxmRGgwNJW ff3pw8NyOs4hvfszGA2YpKas8zkJL4HSCGiFcC8azHO+Bz7m977f2HXRgGBvYTOpIicAeZUOEzh3 oKbzSFCmW5wWaJIhjUN3oWMSb2ZkuvA9R+/aqvevaXmjSLK6+JjZYjzyDALqSrKM0mNCYRlQ9/l2 14IcpHoGsWBoig9vrKDCUJTlbPEf1tP7RisMNeyYGkqW7vXPe90oaUeFeVrR+wXlfv+wWfxuGq3w fRImfnBRZ4fo98MTdTiMCLZhXJfxGehIji1Z6FzRmJNN9lx4vlFj2ncl53KT3tYZbGQOWvBH8CAv +xeNfRvQ6fuSXUJaoeoKytbMnF92SXuRV7NO/mNBsJYdWBme7gUek2aGubF9Q6B3D1Wd5eWwC7o9 kL7mhSuIUYAtOJFP+lqeTo9J3ZEFehNazkxtxkHCcCg/oMB4eWbtE+cYAEMY2ndpxtvBjEuiYLzr MBQGaWMaxIYY94R2CdU8ftmliJMtcsgIuudr3nBeeF3F46TaxXAImOERKkAcnZJm3tnT+67SkRJi 0IkN+3xLyUa6fsylk/DjKAlQcINIMWCcSpbEUSfup/nRqWRpNlHF0g9TBctIQ056fqIiGeL2w8E8 +oGzvMf6dNk6gBu8VcRxiRYUmZI67P85DzwgENnt6ppGO5MVpHx6tcHOEDntZhQeun/PaFmx4UM5 NKjhZges9ftO4IunCvW5/XG6DzIJrq+K913R5miqMJ/1S+Rg1Jcb5WwdptBuq6Oi2wUc1esk05dg Sd2Wqm6+vHNGsRENRewN8ICYIJ50vYtD9v8CDAA1SmJ3DQplbmRzdHJlYW0NZW5kb2JqDTIxIDAg b2JqDTw8L0ZpbHRlci9GbGF0ZURlY29kZS9GaXJzdCA1L0xlbmd0aCA5MS9OIDEvVHlwZS9PYmpT dG0+PnN0cmVhbQ0KaN4yMVYwULCx0XfOz8kvCi5ITE4FcYrNFMxAEkF2dvquFSXuwSWJJSAJ92BD BTMTqIRbfl4JUCwkxEjBzAwqFlCUnxycWhKtH+Diph+SWlESa2cHEGAASogbtw0KZW5kc3RyZWFt DWVuZG9iag0yMiAwIG9iag08PC9Db250ZW50cyAyMyAwIFIvQ3JvcEJveFswIDAgNjEyIDc5Ml0v TWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MiAwIFIvUmVzb3VyY2VzIDQ0IDAgUi9Sb3Rh dGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNMjMgMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0xl bmd0aCA2NzU+PnN0cmVhbQ0KaN6MVUuPmzAQvvMr5lSlVeK1jbHDsbtd9bRSpXKrenCJCa4SE9nO ZvPvOyaEUO0jIYcAYz7P9xi4+/6TwTpk91V2V1UcGFRNxigpgOKvP1EFoRIUL6HaZhTW2YJQSnFh jVfVIZsBwOfqb3b3ECTUASGwnpecj/+hdhkjSwSsvmWz2vhoG1vraKDtNivjSXo8ITNGxLAKoDru cNFmc5xDbM0tW1DC390DvFnbEL2OtnM92GOVCUGJSNwkYTwRlUAEp1Tg6qzJypyUWM0ZYRIYK4kC UuRluTyVc06J+qCOmr6pJFNpNxRzpvex7byNR+h2BlszAQ42ttb1jIPxz7Y20DWN8dat8aS/b0PY p8uHr6Dd6iR+Uk+c2dtwJvixYOd+BOEChGD/kX+ve1qk1UMUZnq3892zWUHshj4WqEau2GBi36yB iR8BOrc5nnlqCDtTp1JvEFozkHR6axZhp2sznwIzcQZO1BEiwMZubTzZilfGNZ2vsaE/xx6n7UKc KEYAHl/01rpLDqovPd6w7zQ5dautuyV4cgz3odtvVrDV6Kjv/1wXR4MYx4ANFrnVaY/r6MU4E7HV F7B8vHkLCB9BjIspcENA+LIkXIKUkkgJpUCfpyEQpUrZHsq5Qp7TMi9Ymh+pGEb/VJ3kf5iuocoS 9PXpkIVKW6Xp6Ol2Bxfm43jMk6x4jh5vw0XXctT/rSm/ZQhkIYhaAqeKlLeMgRQFUXwcg5THcZav u6EuedEhUcS8pjwPNMfwXnLb7F2dOIUzZ16OjpLbiAq6TK8zKThZCihkelsJNvrB8E5fxuZQiAIf LsRVGfI8gQ0y0PRNmL0e18sHY3avvTfWa/gET52PaNJ4PL7srMfXwxNOjZijFSyHV8evH3ptQP0+ U/4nwAB3G7CHDQplbmRzdHJlYW0NZW5kb2JqDTI0IDAgb2JqDTw8L0ZpbHRlci9GbGF0ZURlY29k ZS9GaXJzdCA1L0xlbmd0aCA5Mi9OIDEvVHlwZS9PYmpTdG0+PnN0cmVhbQ0KaN4yMVEwULCx0XfO z8kvCi5ITE4FcYrNFMyMgRJBdnb6rhUl7sEliSUgCfdgQwUzE6iEW35eCVAsJMRIwcwMKhZQlJ8c nFoSrR/g4qYfklpREmtnBxBgAErqG7gNCmVuZHN0cmVhbQ1lbmRvYmoNMjUgMCBvYmoNPDwvQ29u dGVudHMgMjYgMCBSL0Nyb3BCb3hbMCAwIDYxMiA3OTJdL01lZGlhQm94WzAgMCA2MTIgNzkyXS9Q YXJlbnQgNTIgMCBSL1Jlc291cmNlcyA0NSAwIFIvUm90YXRlIDAvVHlwZS9QYWdlPj4NZW5kb2Jq DTI2IDAgb2JqDTw8L0ZpbHRlci9GbGF0ZURlY29kZS9MZW5ndGggMTI5MD4+c3RyZWFtDQpo3qRW TXPaSBC98yu69rDlbIGCBNhQe3JIsuVKJZtKqMohyWGQGjRrSaOdGRnz7/N6BFgG8uEKLmNZGnW/ 7tevu5//8zGmteu9WPSeLxYJxbRY9eJhNKEhfsLF1SQaXtJVMqNF2RvSGr+LVL42vQt6tvgPl4M4 ikfxmBYve4NoOBzGcuLipvJsK/aDl1atPO0/C9s4T6XJuHBkVuRzpk+8pPdvbg5n6N/UmyVbSoZx Epws/mr9PnJ5FR+5HEdEN9fvrmluKqcztsprXJ3C7NiC5Y4FAZhrRyWXhnSVFk3GjipDlv9vGMC9 CR6iJ6CaANVHThur/fY3kTH5bvqALbV6yRnlbJn4PtdL7cnxHRwUdNcUFS6WutBeIwyfK7+3LPZS 0xQZqQynHRdbUqsVpz4wYrnQ7YvbPUmqwXfldRqgy63tadhitrbmDiFGLeCVtgCcmipFNbhgqVKl rtZiF/e8XolJptwUyIvbvXaSGLHsGHayB2O48NYUxR6pwkOzdGzvOti1cw0y1I37wat7CpF4dX4C WKJBbjfa5/B/yNYKsMxGwkxzZVUKLWiH5LnzkaWqoiVT44BUVzBEuqyRDVO12Vbeq/T2HNiTKjEE ZKVZW1XnOg3wTqM6jfZEv62pUt9zNlBFnasl+wdrPwcRjoaSE5qUBl+KnLeSE2QDJdCGdsjPb6Cs TDVoKg2Jtm6/XHC0jkIaQxeCGKQqdmx9efYrIXwSRoVKvk+5DlDB7ZEn16f5tRPKun1MWT4vDeki 2oJjtBFIlxk2G79vLg5VYx9V53FZue8I46jGoCFBJTC6HsEhDIhDAVvLGzplMd0Rh8hFKDoOlJZb aceXTxTMgtO8QjBFse1TUxXsgmxRB6gIwFqKaqmpcYNVCdgCNEj2O5F2s2MqdC2RC7maU7mNeNc7 pnadhgeuVin3QxZhHsc70XZZEw22nnGh6hrpqzwcFDDpdSmS7/Yr4UpsdqyJuz5tcoZZS3hemTbX HRO7rhEAqp2gMHDURth6TIU4qKWbcts3BZxC6wO9rxsrPkpj4fDHHs4WYnBbqm1AmGmXGhFHOO+a FCX3uDUr0C/F2vbS6Glj66YVB4ZS5QUVbJsSYZXacfu/vPZ87i4J7TEmvDyaJcnhr0urXpJECTYS QW+N2Qe17o12N+fXfdIQ0C2GErK5LNAtC4ihrTA5/WrxExej4TSKLym5mkXxlEYxdp9oMpY4LPdW siKdW4ySy0kUjyXYdjs6qtFB40RMiDZrUh9EVLKqXBu3MysfeG/qDIej3fIh6T7LWkhjO6RlsFV3 qtB4UTzIyEeXkKLYIK+D8OgRicfF8Kh7SHeG8A5nfpwqxD/tsDG/PtARXe7un8gAe8kGce2m8SbX BYd4fombJIZlJHs0jcZjihO4icZJS0w8xU08G4+i8ZSSCQolmoxms9mPeUtmYqrL2kNR8n0onT0f uK5pE5alXN2xECfpZpnR6KFgr92HpL2cTbDsJVKdZ9adv8NQhH3JUaFvZQ8DEdgFvLqF4mQASMc+ Ww+B8xQFtGoKLIMFVkG72xfg8csFNohc1Q7zDqND+/DoKeJFs6d3xqKraIT9gVcIGv3HPW0EfP7w ep7E8ewr0QurMqykffoY9emPNxDrxtisnXvYfaQ543AoxZsqaxP163BfKGtZW0V/0ltjPdJw+Ly6 rzEFHb1Fyxv3ZZCN6OTz+b1aM02/7mvymwADACCKwokNCmVuZHN0cmVhbQ1lbmRvYmoNMjcgMCBv YmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0ZpcnN0IDUvTGVuZ3RoIDkyL04gMS9UeXBlL09ialN0 bT4+c3RyZWFtDQpo3jIxVTBQsLHRd87PyS8KLkhMTgVxis0UzIyBEkF2dvquFSXuwSWJJSAJ92BD BTMTqIRbfl4JUCwkxEjBzAwqFlCUnxycWhKtH+Diph+SWlESa2cHEGAAS0wbuQ0KZW5kc3RyZWFt DWVuZG9iag0yOCAwIG9iag08PC9Db250ZW50cyAyOSAwIFIvQ3JvcEJveFswIDAgNjEyIDc5Ml0v TWVkaWFCb3hbMCAwIDYxMiA3OTJdL1BhcmVudCA1MyAwIFIvUmVzb3VyY2VzIDQ2IDAgUi9Sb3Rh dGUgMC9UeXBlL1BhZ2U+Pg1lbmRvYmoNMjkgMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0xl bmd0aCA2MDI+PnN0cmVhbQ0KaN6cVFtT2kAUfudXfONDq21YdwMY8Um5aBl0ZDBTO1UfFjjAtkkW Nxss/vpuAjpA+mIPE+ZssnPOdzm7x1d3ArO00gorx2HoQyCcVgRnDXD3K5KgwfgJAr+JMK5wzNwT jvO/l8ohjsJfLq0KJmqijrBTqTLOuch3HPYSSyYhW+0YObV4i9BkqUWsJxSl0FPYOeGeRhj0e+97 cDu2ekQGPhd+0ST8su670zIQey2xE0N6zpShmBKLa1q6fgceWu0BRN3D8LINX4imhxtpxnOIZjNg ZT5bTR2E3VYPrkbDP+VPQFvrBRkPHebhTjriaaoTl7rlpTSGomi9aGla0ebDpuYe6G86SyNaOYBu i0wmuGcY6Oi3h4M3QfGDNXgTg2wUqTH6tCprsle0l0yNTK3JxjYzhDYZq6ZqLC0VLbbXQ1pqlyid 4Fo5o0qK7JV+PGwPrx+PMDB6qiI6WCuby5Iru3IO8lP2Dwt31bzI7Fyb9DMuJhPjxKO0zKnsf2nk CqpqptHKRVdGOng0UVYbh3BL794rJQvaftM+bpG0GqGOZYoJ4WcWuxpyJhEID0IzcOGo4HteTcnq ldOT1CvD3UKq5H/RDuY6oTN8rdXRrDf4SRDwxjasbixVdAZVHW0InasCOsvH4EPnouXMJ9xoY52z e6qU/O0mtjilW0gcee7ETfRyPRwdo5bEcGutfJEebhMrjXIqtWUiJxJ9v49aN/gYxg3bUQ6VxQXU c1pDYWMdf+B0vvv/6Y3ye3T/LNylkBbD6e4Bd8PUUIqHgZwRmk9F6W5Y+SvAAENbTVYNCmVuZHN0 cmVhbQ1lbmRvYmoNMzAgMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0ZpcnN0IDUvTGVuZ3Ro IDc1L04gMS9UeXBlL09ialN0bT4+c3RyZWFtDQpo3jIxUzBQsLHRd60ocQ8uSSxJBbLdgw0VzEyA 4kF2dvpu+XklQLGQECMFMzOoWEBRfnJwakm0foCLm35IakVJrJ0dQIABAMzkFEYNCmVuZHN0cmVh bQ1lbmRvYmoNMzEgMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0ZpcnN0IDEyL0xlbmd0aCAz MDQvTiAyL1R5cGUvT2JqU3RtPj5zdHJlYW0NCmjehFJRS8MwEP4r96gPJUlb7IRRWKtFQYfYsgpj D7ENbaBNRpKh+/cm3bSubkhIuPu+u8vlvoQRYAhnEBIC8zlKqGaZFAalcqc4U0v28ZJ7iezq5wLd i0rWXDSo5GIhNP/xM660SVuqIPCRS79julJ8a6RytTG8oid6jCA+Qfnu3ey3DBVqx4rBcMdwb8lr 0+r1DcY27XBOl0O/96l3yozRU/tv9UvIab2Rn8Zf6mLa0Xn8n8xNHFtpFrpiwsDMjjil2wfGm9YA wRgjN21HeYF1so42GoJwGGeSyM+1R2598CKCIcK+nb9PNgOZ0Z53+6uj0mClvh7wJe3ZWf0dmRvF TNWipVQ97QaoPLQS2csfDe14tRBNxwCj3LB+5Voc9R0/Bnr79YQ4/hJgAP9HqjsNCmVuZHN0cmVh bQ1lbmRvYmoNMzIgMCBvYmoNPDwvRmlsdGVyL0ZsYXRlRGVjb2RlL0ZpcnN0IDExL0xlbmd0aCA0 NC9OIDIvVHlwZS9PYmpTdG0+PnN0cmVhbQ0KaN4ysVQwUDA1UDC0VLCx0fcrzS2OBvMNFIJi7eyA QsH6LnZ2AAEGAKP3CMsNCmVuZHN0cmVhbQ1lbmRvYmoNMzMgMCBvYmoNPDwvTGVuZ3RoIDM2MzIv U3VidHlwZS9YTUwvVHlwZS9NZXRhZGF0YT4+c3RyZWFtDQo8P3hwYWNrZXQgYmVnaW49Iu+7vyIg aWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/Pgo8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2Jl Om5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA0LjIuMS1jMDQzIDUyLjM3MjcyOCwg MjAwOS8wMS8xOC0xNTowODowNCAgICAgICAgIj4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRw Oi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNj cmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6ZGM9Imh0dHA6Ly9wdXJsLm9y Zy9kYy9lbGVtZW50cy8xLjEvIj4KICAgICAgICAgPGRjOmZvcm1hdD5hcHBsaWNhdGlvbi9wZGY8 L2RjOmZvcm1hdD4KICAgICAgICAgPGRjOmNyZWF0b3I+CiAgICAgICAgICAgIDxyZGY6U2VxPgog ICAgICAgICAgICAgICA8cmRmOmxpPkJlbi5XaWxzb248L3JkZjpsaT4KICAgICAgICAgICAgPC9y ZGY6U2VxPgogICAgICAgICA8L2RjOmNyZWF0b3I+CiAgICAgICAgIDxkYzp0aXRsZT4KICAgICAg ICAgICAgPHJkZjpBbHQ+CiAgICAgICAgICAgICAgIDxyZGY6bGkgeG1sOmxhbmc9IngtZGVmYXVs dCI+TWljcm9zb2Z0IFdvcmQgLSBkcmFmdC1iYXJyZWlyYS13ZWJwa2ktdHJ1c3Rtb2RlbC0wMi0w My5kb2M8L3JkZjpsaT4KICAgICAgICAgICAgPC9yZGY6QWx0PgogICAgICAgICA8L2RjOnRpdGxl PgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJv dXQ9IiIKICAgICAgICAgICAgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAv Ij4KICAgICAgICAgPHhtcDpDcmVhdGVEYXRlPjIwMTMtMDMtMTNUMTI6MDQ6NDctMDY6MDA8L3ht cDpDcmVhdGVEYXRlPgogICAgICAgICA8eG1wOkNyZWF0b3JUb29sPlBTY3JpcHQ1LmRsbCBWZXJz aW9uIDUuMi4yPC94bXA6Q3JlYXRvclRvb2w+CiAgICAgICAgIDx4bXA6TW9kaWZ5RGF0ZT4yMDEz LTAzLTEzVDEyOjA0OjQ3LTA2OjAwPC94bXA6TW9kaWZ5RGF0ZT4KICAgICAgPC9yZGY6RGVzY3Jp cHRpb24+CiAgICAgIDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiCiAgICAgICAgICAgIHht bG5zOnBkZj0iaHR0cDovL25zLmFkb2JlLmNvbS9wZGYvMS4zLyI+CiAgICAgICAgIDxwZGY6UHJv ZHVjZXI+QWNyb2JhdCBEaXN0aWxsZXIgOS41LjMgKFdpbmRvd3MpPC9wZGY6UHJvZHVjZXI+CiAg ICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogICAgICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0i IgogICAgICAgICAgICB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21t LyI+CiAgICAgICAgIDx4bXBNTTpEb2N1bWVudElEPnV1aWQ6ODExNTE0ZWQtMzA5MS00MGU3LWE0 ZjItYzFkMjU0NTAzNzhhPC94bXBNTTpEb2N1bWVudElEPgogICAgICAgICA8eG1wTU06SW5zdGFu Y2VJRD51dWlkOjJmNGE5ZDliLTA3NGMtNDIyNC04NjI5LTIxYWNkOGNhYTFiMjwveG1wTU06SW5z dGFuY2VJRD4KICAgICAgPC9yZGY6RGVzY3JpcHRpb24+CiAgIDwvcmRmOlJERj4KPC94OnhtcG1l dGE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAK PD94cGFja2V0IGVuZD0idyI/Pg0KZW5kc3RyZWFtDWVuZG9iag0zNCAwIG9iag08PC9GaWx0ZXIv RmxhdGVEZWNvZGUvRmlyc3QgMTgvTGVuZ3RoIDExOC9OIDMvVHlwZS9PYmpTdG0+PnN0cmVhbQ0K aN4yNVQwUDA1UjAxUTA1VjA0NVWwsdF3zi/NK1EwNNT3zkwpjgbKGigEgaSBVKx+SGVBqn5AYnpq sZ0dQq0BVK05WK0hmDQBk1ARAwhlDKHMIJQlmDKCWGBkCrEgILEoFWikKdgQHNZBbDOyIKQDIMAA pEk4pQ0KZW5kc3RyZWFtDWVuZG9iag0zNSAwIG9iag08PC9GaWx0ZXIvRmxhdGVEZWNvZGUvRmly c3QgNS9MZW5ndGggMTk1L04gMS9UeXBlL09ialN0bT4+c3RyZWFtDQpo3nzMsU7DMBCA4VfxVnuw 49gJqKiqVMhaqRKILF2c+CpOmFx1vqivTwZm9v/7+055dTg0p1W+iPUrLG7EUmkxzRtDEqRlSAJ6 eAm+jT62sQ2+656tf9p5v/urNnl5nxnv0rtcivoErptUvQsumOZM+f/JhSmvM7A+zUxTEjVgFSwF WO1d76K66hGXTI96Nab5QCmgz7i1lW6iRuKsrMqcbmKnxAzIyT5gun+jFV6r/FCGYn2wPrpMszke fwUYAO0oTLINCmVuZHN0cmVhbQ1lbmRvYmoNMzYgMCBvYmoNPDwvRGVjb2RlUGFybXM8PC9Db2x1 bW5zIDQvUHJlZGljdG9yIDEyPj4vRmlsdGVyL0ZsYXRlRGVjb2RlL0lEWzxGRDI2OTAzQjkxMTQ2 QzNCQ0NDNTg1QjI4NTQ0MDExQz48RDIwMDMzNzQ4NzgwNUE0NUFCODAzNjUzQTNBREJENDk+XS9J bmZvIDU0IDAgUi9MZW5ndGggMTMwL1Jvb3QgNTYgMCBSL1NpemUgNTUvVHlwZS9YUmVmL1dbMSAy IDFdPj5zdHJlYW0NCmjeYmIAAiZGkXkMTAyMDUCC+TOQYFgO47ItArEOwrgMl0AssGwTkODwAbEO gSRAXLb7IO5OGJc9DsQ6BFcMsoNhB4zL/BLE3Qnjsgai6GVeAOKuABH9IKILSPDVgVhXQYQi0M1z XECKmUkhGEEEAyOI9R/GYoKzIBL/AAIMAIiIGpQNCmVuZHN0cmVhbQ1lbmRvYmoNc3RhcnR4cmVm DQoxMTYNCiUlRU9GDQo= ------=_NextPart_000_0149_01CE1FE3.2401AD50-- From bergtau@gmail.com Wed Mar 13 12:35:19 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C745E1F0D0C for ; Wed, 13 Mar 2013 12:35:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.598 X-Spam-Level: X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wO0L5eS+70EM for ; Wed, 13 Mar 2013 12:35:18 -0700 (PDT) Received: from mail-ve0-f173.google.com (mail-ve0-f173.google.com [209.85.128.173]) by ietfa.amsl.com (Postfix) with ESMTP id 9B41B1F0CF7 for ; Wed, 13 Mar 2013 12:35:18 -0700 (PDT) Received: by mail-ve0-f173.google.com with SMTP id oz10so1059022veb.18 for ; Wed, 13 Mar 2013 12:35:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=Y8Yhi8x0ldsAxB2TZwo+fj2GgxYm0MeVXWm//iWdgFA=; b=WTicemdPBuXe8klioSOlu7jjeFqw9VZuUm80h6OeaIndUnwERdxjdJ9Lj/dtX+u09C KmGQK10THilQs9MDsMiXZE/cPftqf7KXLxw+G57lBhxHX3Y4D45CvqtsekWW3PzxNJVG ePjzog09RvDXpEMkoelbAzN3s30oxATpSs9keyF72tufPuwLdzydkGYvuRSZJ8vTXYuY FSv0d11XMMQjo8jj2dgGOGLaK4zgMIhm6KsCc1cVyt6Ypov5m+7UvJsgcKc9hxzT4624 /XFksYHbHuLSTrOYPAmhN4alU/6ZigkfMx/n6nHOWeDKNKaczJl5oIQoJZ3rVz+lDKHt HrKQ== MIME-Version: 1.0 X-Received: by 10.59.3.9 with SMTP id bs9mr9012025ved.38.1363203317983; Wed, 13 Mar 2013 12:35:17 -0700 (PDT) Received: by 10.58.254.72 with HTTP; Wed, 13 Mar 2013 12:35:17 -0700 (PDT) In-Reply-To: <014801ce2015$6e9ba820$4bd2f860$@digicert.com> References: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> <014801ce2015$6e9ba820$4bd2f860$@digicert.com> Date: Wed, 13 Mar 2013 15:35:17 -0400 Message-ID: From: Michael Jenkins To: ben@digicert.com Content-Type: multipart/mixed; boundary=e89a8f921936869f0604d7d38111 Cc: i-barreira@izenpe.net, wpkops WG , Bruce Morton Subject: Re: [wpkops] Web PKI - Trust Models X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 19:35:19 -0000 --e89a8f921936869f0604d7d38111 Content-Type: multipart/alternative; boundary=e89a8f921936869f0204d7d3810f --e89a8f921936869f0204d7d3810f Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable some other comments. On Wed, Mar 13, 2013 at 2:06 PM, Ben Wilson wrote: > Here are some comments.**** > > ** ** > > *From:* wpkops-bounces@ietf.org [mailto:wpkops-bounces@ietf.org] *On > Behalf Of *Bruce Morton > *Sent:* Wednesday, March 13, 2013 10:08 AM > *To:* wpkops WG (wpkops@ietf.org) > *Subject:* [wpkops] Web PKI - Trust Models**** > > ** ** > > Please find attached a draft of the Web PKI Trust Models document.**** > > ** ** > > I plan to review the document in the meeting tomorrow. I=F1igo and I woul= d > appreciate any comments on the document plan and the content.**** > > ** ** > > Thanks,**** > > ** ** > > Bruce Morton**** > > +1 613.270.3743**** > > _______________________________________________ > wpkops mailing list > wpkops@ietf.org > https://www.ietf.org/mailman/listinfo/wpkops > > --e89a8f921936869f0204d7d3810f Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

some other comments.

<= br>

On Wed, Mar 13, 2013 at 2:06 PM, Ben Wilson <= span dir=3D"ltr"><= ben@digicert.com> wrote:

Here are some comments.
=A0

From: wpkops-b= ounces@ietf.org [mailto:wpkops-bounces@ietf.org] On Behalf Of Bruce Morton=
Sent: Wednesday, March 13, 2013 10:08 AM
To: wpkops WG (wpkops@ietf.org)
= Subject: [wpkops] Web PKI - Trust Models

=A0
Please find attached a draft of the Web PKI Trust Mode= ls document.
=A0
<= p class=3D"MsoNormal"> I plan to review the document in the meeting tomorrow. I=F1igo and I would = appreciate any comments on the document plan and the content.=
=A0
Than= ks,

=A0
Bruce Mo= rton
+1 613.270.3743

_______________________________________________
wpkops mailing list
wpkops@ietf.org
= https://www.ietf.org/mailman/listinfo/wpkops

--e89a8f921936869f0204d7d3810f-- --e89a8f921936869f0604d7d38111 Content-Type: application/octet-stream; name=comments against draft-webpki-trustmodel-00 Content-Disposition: attachment; filename=comments against draft-webpki-trustmodel-00 Content-Transfer-Encoding: base64 X-Attachment-Id: f_he8w1k1e1 ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgCgoKCkludGVybmV0IEVuZ2luZWVyaW5nIFRhc2sg Rm9yY2UgICAgICAgICAgICAgICAgICAgICAgICAgSS4gQmFycmVpcmEsIEVkLgpJbnRlcm5ldC1E cmFmdCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBJ emVucGUKSW50ZW5kZWQgc3RhdHVzOiBCQ1AgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgIEIuIE1vcnRvbiwgRWQuCkV4cGlyZXM6IE1heSA0LCAyMDEzICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgRW50cnVzdAogICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIE9jdG9iZXIgMzEsIDIwMTIKCgog ICAgICAgICAgICAgICAgICAgICAgVHJ1c3QgbW9kZWxzIG9mIHRoZSBXZWIgUEtJCiAgICAgICAg ICAgICAgICAgICAgICAgZHJhZnQtd2VicGtpLXRydXN0bW9kZWwtMDAKCkFic3RyYWN0CgogICBU aGlzIGlzIG9uZSBvZiBhIHNldCBvZiBkcmFmdHMgdGhhdCBkb2N1bWVudCB0aGUgb3BlcmF0aW9u IG9mIHRoZSBXZWIKICAgUEtJLiAgSXQgZGVzY3JpYmVzIGNvbW1vbiB2YXJpYW50cyBvZiB0aGUg V2ViIFBLSSB0cnVzdCBtb2RlbAoKU3RhdHVzIG9mIHRoaXMgTWVtbwoKICAgVGhpcyBJbnRlcm5l dC1EcmFmdCBpcyBzdWJtaXR0ZWQgaW4gZnVsbCBjb25mb3JtYW5jZSB3aXRoIHRoZQogICBwcm92 aXNpb25zIG9mIEJDUCA3OCBhbmQgQkNQIDc5LgoKICAgSW50ZXJuZXQtRHJhZnRzIGFyZSB3b3Jr aW5nIGRvY3VtZW50cyBvZiB0aGUgSW50ZXJuZXQgRW5naW5lZXJpbmcKICAgVGFzayBGb3JjZSAo SUVURikuICBOb3RlIHRoYXQgb3RoZXIgZ3JvdXBzIG1heSBhbHNvIGRpc3RyaWJ1dGUKICAgd29y a2luZyBkb2N1bWVudHMgYXMgSW50ZXJuZXQtRHJhZnRzLiAgVGhlIGxpc3Qgb2YgY3VycmVudCBJ bnRlcm5ldC0KICAgRHJhZnRzIGlzIGF0IGh0dHA6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kcmFm dHMvY3VycmVudC8uCgogICBJbnRlcm5ldC1EcmFmdHMgYXJlIGRyYWZ0IGRvY3VtZW50cyB2YWxp ZCBmb3IgYSBtYXhpbXVtIG9mIHNpeCBtb250aHMKICAgYW5kIG1heSBiZSB1cGRhdGVkLCByZXBs YWNlZCwgb3Igb2Jzb2xldGVkIGJ5IG90aGVyIGRvY3VtZW50cyBhdCBhbnkKICAgdGltZS4gIEl0 IGlzIGluYXBwcm9wcmlhdGUgdG8gdXNlIEludGVybmV0LURyYWZ0cyBhcyByZWZlcmVuY2UKICAg bWF0ZXJpYWwgb3IgdG8gY2l0ZSB0aGVtIG90aGVyIHRoYW4gYXMgIndvcmsgaW4gcHJvZ3Jlc3Mu IgoKICAgVGhpcyBJbnRlcm5ldC1EcmFmdCB3aWxsIGV4cGlyZSBvbiBNYXkgNCwgMjAxMy4KCkNv cHlyaWdodCBOb3RpY2UKCiAgIENvcHlyaWdodCAoYykgMjAxMiBJRVRGIFRydXN0IGFuZCB0aGUg cGVyc29ucyBpZGVudGlmaWVkIGFzIHRoZQogICBkb2N1bWVudCBhdXRob3JzLiAgQWxsIHJpZ2h0 cyByZXNlcnZlZC4KCiAgIFRoaXMgZG9jdW1lbnQgaXMgc3ViamVjdCB0byBCQ1AgNzggYW5kIHRo ZSBJRVRGIFRydXN0J3MgTGVnYWwKICAgUHJvdmlzaW9ucyBSZWxhdGluZyB0byBJRVRGIERvY3Vt ZW50cwogICAoaHR0cDovL3RydXN0ZWUuaWV0Zi5vcmcvbGljZW5zZS1pbmZvKSBpbiBlZmZlY3Qg b24gdGhlIGRhdGUgb2YKICAgcHVibGljYXRpb24gb2YgdGhpcyBkb2N1bWVudC4gIFBsZWFzZSBy ZXZpZXcgdGhlc2UgZG9jdW1lbnRzCiAgIGNhcmVmdWxseSwgYXMgdGhleSBkZXNjcmliZSB5b3Vy IHJpZ2h0cyBhbmQgcmVzdHJpY3Rpb25zIHdpdGggcmVzcGVjdAogICB0byB0aGlzIGRvY3VtZW50 LiAgQ29kZSBDb21wb25lbnRzIGV4dHJhY3RlZCBmcm9tIHRoaXMgZG9jdW1lbnQgbXVzdAogICBp bmNsdWRlIFNpbXBsaWZpZWQgQlNEIExpY2Vuc2UgdGV4dCBhcyBkZXNjcmliZWQgaW4gU2VjdGlv biA0LmUgb2YKICAgdGhlIFRydXN0IExlZ2FsIFByb3Zpc2lvbnMgYW5kIGFyZSBwcm92aWRlZCB3 aXRob3V0IHdhcnJhbnR5IGFzCiAgIGRlc2NyaWJlZCBpbiB0aGUgU2ltcGxpZmllZCBCU0QgTGlj ZW5zZS4KCgoKCgpCYXJyZWlyYSAmIE1vcnRvbiAgICAgICAgICBFeHBpcmVzIE1heSA0LCAyMDEz ICAgICAgICAgICAgICAgICAgW1BhZ2UgMV0KDApJbnRlcm5ldC1EcmFmdCAgICAgICAgIFRydXN0 IG1vZGVscyBvZiB0aGUgV2ViIFBLSSAgICAgICAgICBPY3RvYmVyIDIwMTIKCgpUYWJsZSBvZiBD b250ZW50cwoKICAgMS4gIEludHJvZHVjdGlvbiAgLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAu IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAzCiAgICAgMS4xLiAgUmVxdWlyZW1lbnRzIExhbmd1YWdl IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gMwogICAgIDEuMi4gIERlZmlu aXRpb25zIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIDMK ICAgMi4gIEJhc2ljIHRydXN0IG1vZGVsIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4g LiAuIC4gLiAuIC4gLiA1CiAgIDMuICBUcnVzdCBtb2RlbCB2YXJpYW50cyAgLiAuIC4gLiAuIC4g LiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gNQogICAgIDMuMS4gIENlcnRpZmljYXRlLXVz aW5nIHByb2R1Y3QgYWRvcHRzIHJvb3Qgc3RvcmUgLiAuIC4gLiAuIC4gLiAuIDUKICAgICAzLjIu ICBDZXJ0aWZpY2F0ZS11c2luZyBwcm9kdWN0IHVzZXMgT1Mgcm9vdCBzdG9yZSAgLiAuIC4gLiAu IC4gLiA1CiAgICAgMy4zLiAgQ2VydGlmaWNhdGUtdXNpbmcgcHJvZHVjdCB1c2VzIFRydXN0IFNl cnZpY2UgU3RhdHVzCiAgICAgICAgICAgTGlzdCBJc3N1ZWQgYnkgUmVjb2duaXNlZCBBdXRob3Jp dGllcyAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gNQogICAgIDMuNC4gIENlcnRpZmljYXRlIGhvbGRl ciBjZXJ0aWZpY2F0ZXMgaXNzdWVkIGJ5IHJvb3QgQ0EgLiAuIC4gLiAuIDYKICAgICAzLjUuICBP bmUgcm9vdCBDQSBjcm9zcy1jZXJ0aWZpZXMgYW5vdGhlciByb290IENBIC4gLiAuIC4gLiAuIC4g LiA2CiAgICAgMy42LiAgSXNzdWluZyBDQSBpcyBhbiBhZmZpbGlhdGUgIC4gLiAuIC4gLiAuIC4g LiAuIC4gLiAuIC4gLiAuIC4gNgogICAgIDMuNy4gIFJlZ2lzdHJhdGlvbiBhdXRob3JpdHkgaXMg YW4gYWZmaWxpYXRlICAuIC4gLiAuIC4gLiAuIC4gLiAuIDYKICAgICAzLjguICBSb290IENBIGlz IG9wZXJhdGVkIGJ5IGEgZ292ZXJubWVudCAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiA3CiAgICAg My45LiAgQ2VydGlmaWNhdGUgdXNlciBkaXJlY3RseSB0cnVzdHMgaXNzdWluZyBDQSBrZXkgLiAu IC4gLiAuIC4gNwogICAgIDMuMTAuIENlcnRpZmljYXRlIHVzZXIgZGlyZWN0bHkgdHJ1c3RzIGNl cnRpZmljYXRlIGhvbGRlciBrZXkgLiAuIDcKICAgICAzLjExLiBDZXJ0aWZpY2F0ZSBob2xkZXIg b3BlcmF0ZXMgaXNzdWluZyBDQSAgLiAuIC4gLiAuIC4gLiAuIC4gLiA3CiAgICAgMy4xMi4gQ2Vy dGlmaWNhdGUgaG9sZGVyIHNvdXJjZXMgbWFuYWdlbWVudCBvZiBpc3N1aW5nIENBIC4gLiAuIC4g NwogICAgIDMuMTMuIENlcnRpZmljYXRlIGhvbGRlciBtYW5hZ2VzIFJBIC4gLiAuIC4gLiAuIC4g LiAuIC4gLiAuIC4gLiAuIDcKICAgNC4gIElBTkEgQ29uc2lkZXJhdGlvbnMgLiAuIC4gLiAuIC4g LiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiA4CiAgIDUuICBTZWN1cml0eSBDb25zaWRl cmF0aW9ucyAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gOAogICA2LiAg Tm9ybWF0aXZlIFJlZmVyZW5jZXMgIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAu IC4gLiAuIDgKICAgQXV0aG9ycycgQWRkcmVzc2VzICAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAu IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiA5CgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKQmFycmVp cmEgJiBNb3J0b24gICAgICAgICAgRXhwaXJlcyBNYXkgNCwgMjAxMyAgICAgICAgICAgICAgICAg IFtQYWdlIDJdCgwKSW50ZXJuZXQtRHJhZnQgICAgICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdl YiBQS0kgICAgICAgICAgT2N0b2JlciAyMDEyCgoKMS4gIEludHJvZHVjdGlvbgoKMS4xLiAgUmVx dWlyZW1lbnRzIExhbmd1YWdlCgogICBUaGUga2V5IHdvcmRzICJNVVNUIiwgIk1VU1QgTk9UIiwg IlJFUVVJUkVEIiwgIlNIQUxMIiwgIlNIQUxMIE5PVCIsCiAgICJTSE9VTEQiLCAiU0hPVUxEIE5P VCIsICJSRUNPTU1FTkRFRCIsICJNQVkiLCBhbmQgIk9QVElPTkFMIiBpbiB0aGlzCiAgIGRvY3Vt ZW50IGFyZSB0byBiZSBpbnRlcnByZXRlZCBhcyBkZXNjcmliZWQgaW4gUkZDIDIxMTkgW1JGQzIx MTldLgoKMS4yLiAgRGVmaW5pdGlvbnMKClttamo6IElmIGFueSBvZiB0aGVzZSB0ZXJtcyBjYW1l IGZyb20gYW55d2hlcmUgZWxzZSwgcGxlYXNlIGluY2x1ZGUgYSByZWZlcmVuY2UuIEkgd291bGQg c3VnZ2VzdCB1c2luZyBleGlzdGluZyBnbG9zc2FyaWVzIHdoZXJlIHRoZXkgZXhpc3QgcmF0aGVy IHRoYW4gY3JlYXRpbmcgeW91ciBvd24gZGVmaW5pdGlvbnMuXQoKICAgICAgQ2VydGlmaWNhdGU6 IFRoZSBwdWJsaWMga2V5IG9mIGEgdXNlciwgdG9nZXRoZXIgd2l0aCBzb21lIG90aGVyCiAgICAg IGluZm9ybWF0aW9uLCByZW5kZXJlZCB1bmZvcmdlYWJsZSBieSBlbmNpcGhlcm1lbnQgd2l0aCB0 aGUgcHJpdmF0ZQogICAgICBrZXkgb2YgdGhlIGNlcnRpZmljYXRpb24gYXV0aG9yaXR5IHdoaWNo IGlzc3VlZCBpdC4KW21qajogSSB3b24ndCBxdWliYmxlIHdpdGggdGhpcyBidXQgZG9uJ3QgbGlr ZSBpdCBmb3IgYSBjb3VwbGUgb2YgcmVhc29ucy4gU3BlY2lmaWNhbGx5LCAidW5mb3JnZWFibGUi IGlzIGEgZ29hbCwgbm90IGEgZ2l2ZW4sIGFuZCBpdCdzIGEgZGlnaXRhbCBzaWduYXR1cmUgLSBl bmNpcGhlcm1lbnQgbWFrZXMgaXQgc291bmQgbGlrZSBjb25maWRlbnRpYWxpdHkgaGFzIGJlZW4g cHJvdmlkZWQsIHdoaWNoIGlzIHBvc3NpYmxlIGJ1dCBub3QgbmVjZXNzYXJ5LiBJIHdvdWxkIHBy ZWZlciAiVGhlIGJpbmRpbmcgb2YgYSBwdWJsaWMga2V5IGNvcnJlc3BvbmRpbmcgdG8gdGhlIHBy aXZhdGUga2V5IG9mIGEgY2VydGlmaWNhdGUgaG9sZGVyIHRvZ2V0aGVyIHdpdGggc29tZSBvdGhl ciBpbmZvcm1hdGlvbiBhYm91dCB0aGF0IGNlcnRpZmljYXRlIGhvbGRlciwgZWZmZWN0ZWQgYnkg dGhlIGRpZ2l0YWwgc2lnbmF0dXJlIG9mIGEgcmVjb2duaXplZCBhdXRob3JpdHkuIiBZZXMsIG1p bmUncyBhIGxvdCBtb3JlIGF3a3dhcmQgOikgXQoKICAgICAgQ2VydGlmaWNhdGlvbiBBdXRob3Jp dHkgKENBKSAtIEF1dGhvcml0eSB0cnVzdGVkIGJ5IG9uZSBvciBtb3JlCiAgICAgIHVzZXJzIHRv IGNyZWF0ZSBhbmQgYXNzaWduIGNlcnRpZmljYXRlcy4KCiAgICAgIENlcnRpZmljYXRlIGhvbGRl ciAtIEEgbmF0dXJhbCBvciBsZWdhbCBwZXJzb24gd2hvIGlzIGlkZW50aWZpZWQKICAgICAgYXMg dGhlIHN1YmplY3QgaW4gYSBjZXJ0aWZpY2F0ZS4KW21qajogSSB0aGluayB5b3UnbGwgZ2V0IHB1 c2gtYmFjayBmcm9tIGRldmljZSBhbmQgc2VydmljZSBzdWJzY3JpYmVycy5dCgogICAgICBDZXJ0 aWZpY2F0ZSBwb2xpY3k6IEEgbmFtZWQgc2V0IG9mIHJ1bGVzIHRoYXQgaW5kaWNhdGVzIHRoZQog ICAgICBhcHBsaWNhYmlsaXR5IG9mIGEgY2VydGlmaWNhdGUgdG8gYSBwYXJ0aWN1bGFyIGNvbW11 bml0eSBhbmQvb3IKICAgICAgY2xhc3Mgb2YgYXBwbGljYXRpb24gd2l0aCBjb21tb24gc2VjdXJp dHkgcmVxdWlyZW1lbnRzLgoKICAgICAgQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg KENQUyk6IEEgc3RhdGVtZW50IG9mIHRoZQogICAgICBwcmFjdGljZXMgdGhhdCBhIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5IGVtcGxveXMgaW4gaXNzdWluZywKICAgICAgbWFuYWdpbmcsIHJldm9r aW5nIGFuZCByZW5ld2luZyBvciByZS1rZXlpbmcgY2VydGlmaWNhdGVzLgpbbWpqOiBUaGVzZSAo Q1AgYW5kIENQUykgYXJlIGdvb2QuIElmIHRoZXNlIGNhbWUgZnJvbSBSRkMzNjQ3LCBwbGVhc2Ug c2F5IHNvLl0KCiAgICAgIENlcnRpZmljYXRlIHN1YmplY3QgLSBUaGUgY2VydGlmaWNhdGUgaG9s ZGVyIGFzIHJlcHJlc2VudGVkIGluIHRoZQogICAgICBjZXJ0aWZpY2F0ZS4KW21qajogQ2VydGlm aWNhdGUgc3ViamVjdHMgaW5jbHVkZSBkZXZpY2UgbmFtZXMsIGRvbWFpbiBuYW1lcywgYW5kIHNl cnZpY2UgaWRlbnRpdGllcyAtIEkgZG9uJ3QgdGhpbmsgdGhpcyBkZWZpbml0aW9uIGZpdHMgV2Vi UEtJLl0KCiAgICAgIENlcnRpZmljYXRlIHVzZXIgLSBBIG5hdHVyYWwgcGVyc29uIHdobyBvcGVy YXRlcyBhIGNlcnRpZmljYXRlCiAgICAgIHVzaW5nIHByb2R1Y3QuClttamo6IEkgYWN0dWFsbHkg bGlrZSB0aGlzLCBidXQgaXQgc2hvdWxkIGJlIG5vdGVkIHRoYXQgdGhlIGNlcnRpZmljYXRlIHVz ZXIgaXMgb2Z0ZW4gdW5hd2FyZSBvZiB0aGUgZmFjdCB0aGF0IGEgY2VydGlmaWNhdGUgaXMgYmVp bmcgdXNlZCwgYW5kIG1heSBiZSBpcnJlbGV2YW50IHRvIHRoZSBwcm9jZXNzaW5nIGFuZCBvdXRj b21lLl0KCiAgICAgIENlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3QgLSBBIHByb2R1Y3QgdGhhdCBl dmFsdWF0ZXMgYSBjZXJ0aWZpY2F0ZQogICAgICBvciBjZXJ0aWZpY2F0ZSBjaGFpbiBhbmQgYWRq dXN0cyBpdHMgYmVoYXZpb3IgYWNjb3JkaW5nIHRvIHRoZQogICAgICByZXN1bHQuCgogICAgICBF bmQgZW50aXR5OiBBIGNlcnRpZmljYXRlIHN1YmplY3Qgd2hpY2ggdXNlcyBpdHMgcHVibGljIGtl eSBmb3IKICAgICAgcHVycG9zZXMgb3RoZXIgdGhhbiBzaWduaW5nIGNlcnRpZmljYXRlcy4KW21q ajogcGV0IHBlZXZlIC0gVGhpcyBpcyBhIGNvbW1vbiBleHByZXNzaW9uIHRoYXQgaXJyaXRhdGVz LiBQdWJsaWMga2V5cyBhcmUgTkVWRVIgdXNlZCBpbiB0aGUgc2lnbmluZyBvZiBjZXJ0aWZpY2F0 ZXMuXQoKICAgICAgSW50ZXJtZWRpYXRlIENBIC0gQSBDQSB0aGF0IGlzc3VlcyBjZXJ0aWZpY2F0 ZXMgdG8gaXNzdWluZyBDQXMKICAgICAgYW5kL29yIG90aGVyIGludGVybWVkaWF0ZSBDQXMuCgog ICAgICBJc3N1aW5nIENBIC0gQSBDQSB0aGF0IGlzc3VlcyBjZXJ0aWZpY2F0ZXMgdG8gY2VydGlm aWNhdGUgaG9sZGVycy4KCgoKCgoKQmFycmVpcmEgJiBNb3J0b24gICAgICAgICAgRXhwaXJlcyBN YXkgNCwgMjAxMyAgICAgICAgICAgICAgICAgIFtQYWdlIDNdCgwKSW50ZXJuZXQtRHJhZnQgICAg ICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAgICAgT2N0b2JlciAyMDEyCgoK ICAgICAgUG9saWN5IG1hbmFnZW1lbnQgYXV0aG9yaXR5IC0gQSBuYXR1cmFsIG9yIGxlZ2FsIHBl cnNvbiB3aG8KICAgICAgYWRtaW5pc3RlcnMgdGhlIGNlcnRpZmljYXRlIHBvbGljeSBieSB3aGlj aCBvbmUgb3IgbW9yZQogICAgICBjZXJ0aWZpY2F0aW9uIGF1dGhvcml0aWVzIG9wZXJhdGUuCgog ICAgICBQdWJsaWMta2V5IGluZnJhc3RydWN0dXJlIChQS0kpIC0gaXMgYSBzeXN0ZW0gZm9yIHRo ZSBjcmVhdGlvbiwKICAgICAgc3RvcmFnZSwgYW5kIGRpc3RyaWJ1dGlvbiBvZiBjZXJ0aWZpY2F0 ZXMgd2hpY2ggYXJlIHVzZWQgdG8gdmVyaWZ5CiAgICAgIHRoYXQgYSBwYXJ0aWN1bGFyIHB1Ymxp YyBrZXkgYmVsb25ncyB0byBhIGNlcnRhaW4gZW50aXR5LgpbbWpqOiBJIG1vcmUtb3ItbGVzcyBh Z3JlZSB3aXRoIHRoaXMgZGVmaW5pdGlvbiAtIGJ1dCBub3RlIHRoYXQgImlkZW50aXR5IiBpcyBu b3Qgc3BlY2lmaWNhbGx5IGNhbGxlZCBvdXQgaW4geW91ciBkZWZpbml0aW9uIG9mICJjZXJ0aWZp Y2F0ZSIuXQoKICAgICAgUmVseWluZyBwYXJ0eTogQSB1c2VyIG9yIGFnZW50IHRoYXQgcmVsaWVz IG9uIHRoZSBkYXRhIGluIGEKICAgICAgY2VydGlmaWNhdGUgaW4gbWFraW5nIGRlY2lzaW9ucy4K CiAgICAgIFJlZ2lzdHJhdGlvbiBhdXRob3JpdHkgKFJBKTogQW4gZW50aXR5IHRoYXQgaXMgcmVz cG9uc2libGUgZm9yCiAgICAgIGlkZW50aWZpY2F0aW9uIGFuZCBhdXRoZW50aWNhdGlvbiBvZiBj ZXJ0aWZpY2F0ZSBzdWJqZWN0cywgYnV0CiAgICAgIHRoYXQgZG9lcyBub3Qgc2lnbiBvciBpc3N1 ZSBjZXJ0aWZpY2F0ZXMgKGkuZS4sIGFuIFJBIGlzIGRlbGVnYXRlZAogICAgICBjZXJ0YWluIHRh c2tzIG9uIGJlaGFsZiBvZiBhIENBKS4KCiAgICAgIFJvb3QgY2VydGlmaWNhdGUgLSBpcyBlaXRo ZXIgYW4gdW5zaWduZWQgcHVibGljIGtleSBjZXJ0aWZpY2F0ZSBvcgogICAgICBhIHNlbGYtc2ln bmVkIGNlcnRpZmljYXRlIHRoYXQgaWRlbnRpZmllcyB0aGUgUm9vdCBDZXJ0aWZpY2F0ZQogICAg ICBBdXRob3JpdHkgKENBKS4gIEEgcm9vdCBjZXJ0aWZpY2F0ZSBpcyBwYXJ0IG9mIGEgcHVibGlj IGtleQogICAgICBpbmZyYXN0cnVjdHVyZSBzY2hlbWUuClttamo6IEkgZG9uJ3Qga25vdyBpZiB5 b3UgY2FuIGNhbGwgYSBjZXJ0aWZpY2F0ZSBhIGNlcnRpZmljYXRlIGlmIGl0J3MgdW5zaWduZWQu IEkgcHJlZmVyICJBIHNlbGYtc2lnbmVkIG9yIHVuc2lnbmVkIGZvcm1hdCBvZiBjb252ZW5pZW5j ZSBmb3IgdHJhbnNwb3J0aW5nIGFuZCBwcm9jZXNzaW5nIHRoZSByb290IHB1YmxpYyBrZXkgb2Yg YSBoaWVyYXJjaGljYWwgUEtJLiBjZi4gJ3RydXN0IGFuY2hvcicuIl0KCiAgICAgIFJvb3QgQ0Eg LSBUaGUgdHJ1c3QgYW5jaG9yIGZvciB0aGUgZGlnaXRhbCBjZXJ0aWZpY2F0ZSBpcyB0aGUgUm9v dAogICAgICBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgKENBKS4gIEEgQ0Egd2hvc2UgcHVibGljIGtl eSBpcyBpbmNsdWRlZCBpbgogICAgICBhIHJvb3Qgc3RvcmUuClttamo6IEkgcXVpYmJsZSB3aXRo IHlvdXIgZGVmaW5pdGlvbiBvZiB0cnVzdCBhbmNob3IsIHdoaWNoIGV4dGVuZHMgdG8gaGVyZS4g SSBwcmVmZXIgIkEgQ0EtY2VydGlmaWNhdGUgaXNzdWVyIHRoYXQgaXMgdGhlIHJvb3Qgb2YgYSBo aWVyYXJjaGljYWwgUEtJIChpLmUuLCBhYm92ZSB3aG9tIGlzIG5vdCBvdGhlciBDQSkuIiBJIGRv bid0IGxpa2UgdGhlIHNlY29uZCBzZW50ZW5jZSBlaXRoZXIgYmVjYXVzZSBJIHF1aWJibGUgd2l0 aCAicm9vdCBzdG9yZSIgOikgXQoKICAgICAgUm9vdCBzdG9yZSAtIEEgc2V0IG9mIGNlcnRpZmlj YXRpb24gYXV0aG9yaXR5IHB1YmxpYyBrZXlzIHRoYXQgaXMKICAgICAgZW1iZWRkZWQgaW4gYSBj ZXJ0aWZpY2F0ZS11c2luZyBwcm9kdWN0LgpbbWpqOiBJIHByZWZlciB0aGUgdGVybSAidHJ1c3Qg YW5jaG9yIHN0b3JlIi4gTm90ZSB0aGF0IHRydXN0IGFuY2hvcnMgZG9uJ3QgaGF2ZSB0byBiZSBy b290LUNBIFBLcywgbm9yIENBIFBLcyBhdCBhbGwgLSBhbHRob3VnaCBpbiB0aGUgY3VycmVudCBX ZWJQS0ksIHRoZXkgYXJlIGxpa2VseSB0byBiZS4gSWYgSSB0cnVzdCBhIHNlbGYtc2lnbmVkIHNl cnZlciBjZXJ0LCB0aGF0J3Mgbm90IGEgcm9vdCBvciBDQSBvZiBhbnl0aGluZy5dCgogICAgICBT ZWxmLXNpZ25lZCBjZXJ0aWZpY2F0ZTogQSBjZXJ0aWZpY2F0ZSBmb3Igb25lIENBIHNpZ25lZCBi eSB0aGF0CiAgICAgIENBLgpbbWpqOiBJIHByZWZlciAiQSBjZXJ0aWZpY2F0ZSBzaWduZWQgYnkg dGhlIHByaXZhdGUga2V5IGNvcnJlc3BvbmRpbmcgdG8gdGhlIHB1YmxpYyBrZXkgaW4gdGhlIGNl cnRpZmljYXRlLCB0aGF0IGlzIGhlbGQgYnkgdGhlIGNlcnRpZmljYXRlIHN1YmplY3QuIiBDbHVu a2llciwgYnV0IG1vcmUgcHJlY2lzZS5dCgogICAgICBUcnVzdCBhbmNob3IgLSBpcyBhbiBhdXRo b3JpdGF0aXZlIGVudGl0eSByZXByZXNlbnRlZCB2aWEgYSBwdWJsaWMKICAgICAga2V5IGFuZCBh c3NvY2lhdGVkIGRhdGEuClttamo6IEZyb20gYSB0ZWNobmljYWwgcG9pbnQgb2YgdmlldywgdGhl IHRydXN0IGFuY2hvciAqaXMqIHRoZSBwdWJsaWMga2V5IC0gaXQgZG9lc24ndCBuZWVkIGJyYW5k aW5nLiBBbHNvLCBmb3IgdGhlIGFzc29jaWF0ZWQgZGF0YSB0byBiZSBwYXJ0IG9mIHRoZSBUQSwg aXQgaGFzIHRvIGJlIGJvdW5kIHRvIHRoZSBwdWJsaWMga2V5Ll0KCiAgICAgIFRydXN0IG1vZGVs IC0gVGhlIHJvbGVzLCBhbmQgdGhlIHJlbGF0aW9uc2hpcHMgYmV0d2VlbiB0aG9zZQogICAgICBy b2xlcywgdGhhdCBhcmUgcmVsZXZhbnQgdG8gdGhlIG1hbmFnZW1lbnQgYW5kIGV2YWx1YXRpb24g b2YKICAgICAgY2VydGlmaWNhdGVzLgoKICAgICAgVHJ1c3Qgc2VydmljZSAtIFNlcnZpY2Ugd2hp Y2ggZW5oYW5jZXMgdHJ1c3QgYW5kIGNvbmZpZGVuY2UgaW4KICAgICAgZWxlY3Ryb25pYyB0cmFu c2FjdGlvbnMuCgoKCgoKCgoKCgoKQmFycmVpcmEgJiBNb3J0b24gICAgICAgICAgRXhwaXJlcyBN YXkgNCwgMjAxMyAgICAgICAgICAgICAgICAgIFtQYWdlIDRdCgwKSW50ZXJuZXQtRHJhZnQgICAg ICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAgICAgT2N0b2JlciAyMDEyCgoK Mi4gIEJhc2ljIHRydXN0IG1vZGVsCgogICBJbiB0aGUgYmFzaWMgV2ViIFBLSSB0cnVzdCBtb2Rl bCwgYSBjZXJ0aWZpY2F0ZS11c2luZyBwcm9kdWN0CiAgIGluY2x1ZGVzIGEgcm9vdCBzdG9yZSB0 aGF0IGNvbnRhaW5zIG9uZSBvciBtb3JlIHJvb3QgY2VydGlmaWNhdGlvbgogICBhdXRob3JpdHkg cHVibGljIGtleXMsIGVhY2ggb2Ygd2hpY2ggaXMgdW5kZXIgdGhlIGNvbnRyb2wgb2YgYSBDQSBh bmQKICAgbWFuYWdlZCBpbiBjb25mb3JtYW5jZSB3aXRoIHRoZSBjZXJ0aWZpY2F0ZSBwb2xpY3kg cHJlc2NyaWJlZCBhbmQKICAgYWRtaW5pc3RlcmVkIGJ5IHRoZSBjZXJ0aWZpY2F0ZSB1c2luZyBw cm9kdWN0IHN1cHBsaWVyLiAgRWFjaCBzdWNoCiAgIHJvb3QgY2VydGlmaWNhdGlvbiBhdXRob3Jp dHkgaXNzdWVzIGEgY2VydGlmaWNhdGUgdG8gb25lIG9yIG1vcmUKICAgaXNzdWluZyBDQXMgdGhh dCBhcmUgdW5kZXIgdGhlIGNvbnRyb2wgb2YgdGhlIHNhbWUgY29tbWVyY2lhbCBDQS4KICAgRWFj aCBpc3N1aW5nIENBIGFjY2VwdHMgYW5kIHJlc3BvbmRzIHRvIGNlcnRpZmljYXRlIHJlcXVlc3Rz IGZyb20gb25lCiAgIG9yIG1vcmUgY2VydGlmaWNhdGUgYXBwbGljYW50cyB2aWEgb25lIG9yIG1v cmUgcmVnaXN0cmF0aW9uCiAgIGF1dGhvcml0aWVzIHRoYXQgYXJlIHVuZGVyIHRoZSBjb250cm9s IG9mIHRoZSBzYW1lIENBLiAgSWYgdGhlCiAgIHJlcXVlc3QgaXMgZ3JhbnRlZCwgdGhlbiB0aGUg Y2VydGlmaWNhdGUgYXBwbGljYW50IGJlY29tZXMgYQogICBjZXJ0aWZpY2F0ZSBob2xkZXIuICBU aGUgcm9sZSBvZiB0aGUgcmVnaXN0cmF0aW9uIGF1dGhvcml0eSBpcyB0bwogICBjb25maXJtIHRo ZSBhY2N1cmFjeSBvZiB0aGUgaW5mb3JtYXRpb24gcHJvdmlkZWQgaW4gdGhlIGNlcnRpZmljYXRl CiAgIHJlcXVlc3QuCgogICBUaGUgY2VydGlmaWNhdGUgdXNlciBpbXBsaWNpdGx5IGFjY2VwdHMg dGhlIHBvbGljeSBvZiB0aGUgcG9saWN5CiAgIG1hbmFnZW1lbnQgYXV0aG9yaXR5IGJ5IGNob29z aW5nIHRvIHVzZSBhIHBhcnRpY3VsYXIgY2VydGlmaWNhdGUtCiAgIHVzaW5nIHByb2R1Y3QuCltt amo6IFRoaXMgbWlnaHQgYWxzbyBiZSBkb25lIGJ5IHJlcXVpcmluZyB0aGUgdXNlciB0byBhY2tu b3dsZWRnZSBhIHVzZXItYWdyZWVtZW50LCBvciBtaWdodCBiZSBhIGNsYXVzZSBvZiBhIGNvbnRy YWN0Ll0KCiAgIEFsbCBmdW5jdGlvbnMgb2YgdGhlIENBIGFyZSBzdWJqZWN0IHRvIHRoZSBhdWRp dCBwcm9jZXNzIHByZXNjcmliZWQKICAgYnkgdGhlIGNlcnRpZmljYXRlIHBvbGljeS4KCgozLiAg VHJ1c3QgbW9kZWwgdmFyaWFudHMKCiAgIFRoZXJlIGFyZSBzZXZlcmFsIHZhcmlhbnRzIG9mIHRo ZSBiYXNpYyB0cnVzdCBtb2RlbCBpbiBjb21tb24gdXNlLgpbbWpqOiBGb2xsb3dpbmcgeW91ciBk ZWZpbml0aW9uLCBJIHdvdWxkIGluY2x1ZGUgYW4gaW50cm9kdWN0b3J5IHBhcmEgY29uY2Vybmlu ZyBhbGwgdGhlIHJvbGVzIHRoYXQgbWlnaHQgY29uc3RpdHV0ZSBhIHZhcmlhdGlvbiwgYW5kIHdo YXQgZGlmZmVyZW50IGtpbmRzIG9mIHJlbGF0aW9uc2hpcHMgdGhlcmUgbWlnaHQgYmUuIFRoZSBz dWJzZWN0aW9ucyBzaG91bGQgaW5kaWNhdGUgd2hpY2ggcm9sZXMgYXJlIGluY2x1ZGVkIGJ5IHNw ZWNpZmljIHJvbGUgbmFtZSwgYW5kIHNob3VsZCBpbmRpY2F0ZSBleGFjdGx5IHdoYXQgdGhlIHZh cmlhdGlvbiBmcm9tIHRoZSBiYXNlIG1vZGVsIGlzLl0KClttamo6IEFjdHVhbGx5LCBub3cgdGhh dCBJJ3ZlIHJlYWQgdGhlIHN1YnNlY3Rpb24gdGl0bGVzLCB0aGlzIGlzIGFsbCBvdmVyIHRoZSBt YXAuIEl0IHN0YXJ0cyBvdXQgYXMgInRydXN0IGFuY2hvciBtYW5hZ2VtZW50IHZhcmlhdGlvbnMi LCB0aGVuIGdvZXMgb24gdG8gIkludGVyLSBhbmQgSW50cmEtIFBLSSB0cnVzdCBleHRlbnNpb24g YW5kIGRlbGVnYXRpb24iLiBJIHJlY29tbWVuZCB0aGF0IHlvdSBzY29wZSB0aGUgZG9jdW1lbnQg dG8gYmUgb25lIG9yIHRoZSBvdGhlciwgb3IgbWFrZSBzZXBhcmF0ZSBzZWN0aW9ucyBpZiB5b3Ug cmVhbGx5IHdhbnQgdG8gZ2x1ZSB0aGVzZSBjb25jZXB0cyB0b2dldGhlci5dCgozLjEuICBDZXJ0 aWZpY2F0ZS11c2luZyBwcm9kdWN0IGFkb3B0cyByb290IHN0b3JlCgogICBJbiB0aGlzIHZhcmlh bnQsIHRoZSBzdXBwbGllciBvZiB0aGUgY2VydGlmaWNhdGUtdXNpbmcgcHJvZHVjdCBhZG9wdHMK ICAgdGhlIHBvbGljaWVzIG9mIG90aGVyIHN1cHBsaWVycyBieSBjb3B5aW5nIHRoZWlyIHJvb3Qg c3RvcmVzLCB3aXRob3V0CiAgIHNlZWtpbmcgaW5kZXBlbmRlbnQgZXZpZGVuY2Ugb2YgY29uZm9y bWFuY2UuClttamo6IFlvdXIgdHJ1c3QgbW9kZWwgZGVmaW5pdGlvbiBzYXlzIGl0J3MgYWJvdXQg cm9sZXMgLSBhcmUgY2VydGlmaWNhdGUtdXNpbmcgcHJvZHVjdCBhbmQgcm9vdC1zdG9yZSByb2xl cz8gSWYgbm90LCB5b3UgbWF5IHdhbnQgdG8gcmV2aXNpdCB5b3VyIHRydXN0IG1vZGVsIGRlZmlu aXRpb24sIG9yIGNoYW5nZSB0aGUgbmF0dXJlIG9mIHRoZXNlIHN1YnNlY3Rpb25zLl0KCjMuMi4g IENlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3QgdXNlcyBPUyByb290IHN0b3JlCgogICBJbiB0aGlz IHZhcmlhbnQsIHRoZSBjZXJ0aWZpY2F0ZS11c2luZyBwcm9kdWN0IGRvZXMgbm90IHVzZSBpdHMg b3duCiAgIHJvb3Qgc3RvcmUuICBJbnN0ZWFkLCBpdCB1c2VzIHRoZSBwbGF0Zm9ybSBvcGVyYXRp bmcgc3lzdGVtIHJvb3QKICAgc3RvcmUgYW5kIGNlcnRpZmljYXRlIHByb2Nlc3NpbmcgZnVuY3Rp b25zIHRvIGV2YWx1YXRlIHRoZQogICBjZXJ0aWZpY2F0ZSBob2xkZXIncyBjZXJ0aWZpY2F0ZS4g IEl0IG1heSB0aGVuIGNoZWNrcyB0aGF0IHRoZQogICBjZXJ0aWZpY2F0ZSBzdWJqZWN0J3MgZG9t YWluIG5hbWUgbWF0Y2hlcyB0aGF0IHJlcXVlc3RlZCBieSB0aGUKICAgY2VydGlmaWNhdGUgdXNl ci4KW21qajogSSdtIG5vdCBzdXJlIHRoZXJlJ3MgYSBiaWcgZGlmZmVyZW5jZSBiZXR3d2VlbiAz LjEgYW5kIDMuMi4gQWxzbywgdGhlIGNlcnRpZmljYXRlIHByb2Nlc3NpbmcgYW5kIGNvbnRlbnQg Y2hlY2tpbmcgYXJlIGluZGVwZW5kZW50IG9mIHdoYXQgcm9vdCBzdG9yZSBnZXRzIHVzZWQuXSAK CjMuMy4gIENlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3QgdXNlcyBUcnVzdCBTZXJ2aWNlIFN0YXR1 cyBMaXN0IElzc3VlZCBieQogICAgICBSZWNvZ25pc2VkIEF1dGhvcml0aWVzCgogICBJbiB0aGlz IHZhcmlhbnQsIG9uZSBvciBtb3JlIGF1dGhvcml0aWVzIChlLmcuICBFVSBuYXRpb25hbAoKCgpC YXJyZWlyYSAmIE1vcnRvbiAgICAgICAgICBFeHBpcmVzIE1heSA0LCAyMDEzICAgICAgICAgICAg ICAgICAgW1BhZ2UgNV0KDApJbnRlcm5ldC1EcmFmdCAgICAgICAgIFRydXN0IG1vZGVscyBvZiB0 aGUgV2ViIFBLSSAgICAgICAgICBPY3RvYmVyIDIwMTIKCgogICByZWd1bGF0b3J5IGF1dGhvcml0 aWVzKSBwcm92aWRlIGEgbGlzdCBvZiBDQXMgd2hpY2ggaGF2ZSBiZWVuCiAgIGFzc2Vzc2VkIGZv ciB0cnVzdHdvcnRoaW5lc3MgZm9yIHNwZWNpZmljIHB1cnBvc2VzIChlLmcuIHdlYiBzaXRlcwog ICBtZWV0aW5nIEVVIHJlZ3VsYXRpb25zKSwgY2FsbGVkIHRoZSBUcnVzdCBTZXJ2aWNlIFN0YXR1 cyBMaXN0IChUU1NMKS4KCjMuNC4gIENlcnRpZmljYXRlIGhvbGRlciBjZXJ0aWZpY2F0ZXMgaXNz dWVkIGJ5IHJvb3QgQ0EKCiAgIFNvbWUgbGVnYWN5IHNpdHVhdGlvbnMgZGVtYW5kIHRoYXQgdGhl IGNlcnRpZmljYXRlIGhvbGRlciBjZXJ0aWZpY2F0ZQogICBiZSBpc3N1ZWQgZGlyZWN0bHkgYnkg dGhlIHJvb3QgQ0EsIHdpdGhvdXQgdGhlIGludm9sdmVtZW50IG9mCiAgIGludGVybWVkaWF0ZSBv ciBpc3N1aW5nIENBcy4gIFRoaXMgbW9kZWwgaXMgbm93IGRlcHJlY2F0ZWQsIGJ1dCB0aGUKICAg cHJhY3RpY2Ugd2lsbCByZW1haW4gaW4gZWZmZWN0IGluZGVmaW5pdGVseS4KCjMuNS4gIE9uZSBy b290IENBIGNyb3NzLWNlcnRpZmllcyBhbm90aGVyIHJvb3QgQ0EKCiAgIEEgc21hbGwgYnV0IHNp Z25pZmljYW50IHBvcnRpb24gb2YgdGhlIGNlcnRpZmljYXRlLXVzaW5nIHByb2R1Y3RzIGluCiAg IGFjdGl2ZSB1c2UgZG9lcyBub3QgcG9zc2VzcyB0aGUgY2FwYWJpbGl0eSB0byBiZSB1cGRhdGVk IGluIHRoZQogICBmaWVsZC4gIENvbnNlcXVlbnRseSwgdGhlc2UgcHJvZHVjdHMgZG8gbm90IGFj Y2VwdCBjZXJ0aWZpY2F0ZXMKICAgaXNzdWVkIGJ5IENBcyB0aGF0IGNhbWUgaW50byBleGlzdGVu Y2UgYWZ0ZXIgdGhleSB3ZXJlIGZpcnN0CiAgIGRlcGxveWVkLiAgQWx0aG91Z2ggdGhlaXIgY2Vy dGlmaWNhdGVzIGFyZSBhY2NlcHRlZCBieSBuZXdlciBwcm9kdWN0cwogICBhbmQgb25lcyB0aGF0 IGNhbiBiZSB1cGRhdGVkIGluIHRoZSBmaWVsZCwgbmV3ZXIgQ0FzIG9wZXJhdGUgYXQgYQogICBk aXNhZHZhbnRhZ2UgdG8gb2xkZXIgQ0FzLCBhbmQgdGhleSBjb21tb25seSBhZGRyZXNzIHRoaXMK ICAgZGlzYWR2YW50YWdlIGJ5IGhhdmluZyB0aGVpciBwdWJsaWMga2V5IGNyb3NzLWNlcnRpZmll ZCBieSBhbiBvbGRlcgogICBDQS4KCiAgIEJlY2F1c2UgdGhlIGNyb3NzLWNlcnRpZmllZCByb290 IENBIGlzIGFsc28gcmVjb2duaXplZCBkaXJlY3RseSBieSBhCiAgIHBvbGljeSBtYW5hZ2VtZW50 IGF1dGhvcml0eSwgaXQgb3BlcmF0ZXMgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZQogICByZXF1aXJl bWVudHMgb2YgdGhhdCBjZXJ0aWZpY2F0ZSBwb2xpY3ksIHJlZ2FyZGxlc3Mgb2YgYW55CiAgIHJl cXVpcmVtZW50cyBwbGFjZWQgdXBvbiBpdCBieSB0aGUgY29udHJhY3QgYmV0d2VlbiBpdCBhbmQg dGhlIGNyb3NzLQogICBjZXJ0aWZ5aW5nIHJvb3QgQ0EuCgozLjYuICBJc3N1aW5nIENBIGlzIGFu IGFmZmlsaWF0ZQoKICAgVGhlIGlzc3VpbmcgQ0EgbWF5IG9wZXJhdGUgYXQgYXJtJ3MgbGVuZ3Ro IHRvIHRoZSByb290IENBLgoKICAgVGhlIGlzc3VpbmcgQ0EncyBiZWhhdmlvciBpcyBnb3Zlcm5l ZCBieSBpdHMgY29udHJhY3Qgd2l0aCB0aGUgcm9vdAogICBDQSwgd2hpY2ggY29tbW9ubHkgc3Rp cHVsYXRlcyBhZGhlcmVuY2UgdG8gdGhlIHBvbGljaWVzIG9mIHRoZSBwb2xpY3kKICAgbWFuYWdl bWVudCBhdXRob3JpdHkuCgozLjcuICBSZWdpc3RyYXRpb24gYXV0aG9yaXR5IGlzIGFuIGFmZmls aWF0ZQoKICAgVGhlIHJlZ2lzdHJhdGlvbiBhdXRob3JpdHkgbWF5IG9wZXJhdGUgYXQgYXJtJ3Mg bGVuZ3RoIHRvIHRoZSBpc3N1aW5nCiAgIENBLgoKICAgVGhlIHJlZ2lzdHJhdGlvbiBhdXRob3Jp dHkncyBiZWhhdmlvciBpcyBnb3Zlcm5lZCBieSBpdHMgY29udHJhY3QKICAgd2l0aCB0aGUgaXNz dWluZyBDQS4KCgoKCgoKCkJhcnJlaXJhICYgTW9ydG9uICAgICAgICAgIEV4cGlyZXMgTWF5IDQs IDIwMTMgICAgICAgICAgICAgICAgICBbUGFnZSA2XQoMCkludGVybmV0LURyYWZ0ICAgICAgICAg VHJ1c3QgbW9kZWxzIG9mIHRoZSBXZWIgUEtJICAgICAgICAgIE9jdG9iZXIgMjAxMgoKCjMuOC4g IFJvb3QgQ0EgaXMgb3BlcmF0ZWQgYnkgYSBnb3Zlcm5tZW50CgogICBJbiB0aGUgY2FzZSB3aGVy ZSB0aGUgcm9vdCBDQSBpcyBvcGVyYXRlZCBieSBhIGdvdmVybm1lbnQgZGVwYXJ0bWVudCwKICAg dGhlIHBvbGljeSBhdXRob3JpdHkgbWF5IHJlbGF4IHRoZSByZXF1aXJlbWVudCBmb3IgYSBmdWxs eS0KICAgaW5kZXBlbmRlbnQgdGhpcmQtcGFydHkgYXVkaXQsIHJlbHlpbmcgaW5zdGVhZCB1cG9u IGFuIGF1ZGl0CiAgIGNvbmR1Y3RlZCBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIGdvdmVybm1lbnQn cyBvd24gaW50ZXJuYWwgYXVkaXQKICAgcHJvY2Vzcy4KCjMuOS4gIENlcnRpZmljYXRlIHVzZXIg ZGlyZWN0bHkgdHJ1c3RzIGlzc3VpbmcgQ0Ega2V5CgogICBUaGUgY2VydGlmaWNhdGUtdXNpbmcg cHJvZHVjdCBtYXkgYWxsb3cgdGhlIGNlcnRpZmljYXRlIHVzZXIgdG8KICAgZGVzaWduYXRlIGEg Q0Ega2V5IGFzIHRydXN0ZWQsIGEgcHJpb3JpLCBmb3IgdGhlIHB1cnBvc2Ugb2YKICAgZXZhbHVh dGluZyBjZXJ0aWZpY2F0ZSBob2xkZXIgY2VydGlmaWNhdGVzLgoKMy4xMC4gIENlcnRpZmljYXRl IHVzZXIgZGlyZWN0bHkgdHJ1c3RzIGNlcnRpZmljYXRlIGhvbGRlciBrZXkKCiAgIFRoZSBjZXJ0 aWZpY2F0ZS11c2luZyBwcm9kdWN0IG1heSBhbGxvdyB0aGUgY2VydGlmaWNhdGUgdXNlciB0bwog ICBkZXNpZ25hdGUgYSBjZXJ0aWZpY2F0ZSBob2xkZXIga2V5IGFzIHRydXN0ZWQsIGEgcHJpb3Jp LgoKMy4xMS4gIENlcnRpZmljYXRlIGhvbGRlciBvcGVyYXRlcyBpc3N1aW5nIENBCgogICBBIGNl cnRpZmljYXRlIGhvbGRlciBtYXkgb3BlcmF0ZSBpdHMgb3duIGlzc3VpbmcgQ0EuICBUeXBpY2Fs bHksIHRoZQogICBjZXJ0aWZpY2F0ZSBob2xkZXIgaXMgYXBwcm92ZWQgdG8gaXNzdWUgY2VydGlm aWNhdGVzIG9ubHkgd2l0aGluIGEKICAgc3BlY2lmaWMgcmVnaW9uIG9mIHRoZSBuYW1lLXNwYWNl LCBhbmQgdGhpcyBsaW1pdGF0aW9uIGlzIGVuZm9yY2VkIGJ5CiAgIGNvbnRyYWN0LgoKICAgVGhl IHJvb3QgQ0EgbWF5IHVzZSB0aGUgUkZDIDUyODAgW1JGQzUyODBdIG5hbWUgY29uc3RyYWludHMK ICAgY2VydGlmaWNhdGUgZXh0ZW5zaW9uIHRvIGxpbWl0IHRoZSByZWdpb24gb2YgdGhlIG5hbWUt c3BhY2UgaW4gd2hpY2gKICAgdGhlIGlzc3VpbmcgQ0EgY2FuIGlzc3VlIHZhbGlkIGNlcnRpZmlj YXRlcy4KCjMuMTIuICBDZXJ0aWZpY2F0ZSBob2xkZXIgc291cmNlcyBtYW5hZ2VtZW50IG9mIGlz c3VpbmcgQ0EKCiAgIEEgcm9vdCBDQSBtYXkgaG9zdCBhbiBpc3N1aW5nIENBIG9uIGJlaGFsZiBv ZiBhIGNlcnRpZmljYXRlIGhvbGRlci4KICAgVHlwaWNhbGx5LCB0aGUgY2VydGlmaWNhdGUgaG9s ZGVyIGlzIGFwcHJvdmVkIHRvIGlzc3VlIGNlcnRpZmljYXRlcwogICBvbmx5IHdpdGhpbiBhIHNw ZWNpZmljIHJlZ2lvbiBvZiB0aGUgbmFtZS1zcGFjZSwgYW5kIHRoaXMgbGltaXRhdGlvbgogICBp cyBlbmZvcmNlZCBieSB0aGUgaG9zdCByb290IENBLiAgRXhhbWluYXRpb24gb2YgdGhlIGNlcnRp ZmljYXRlCiAgIGNoYWluIHdvdWxkIGluZGljYXRlIHRoYXQgdGhlIGlzc3VpbmcgQ0Egd2FzIG93 bmVkIGFuZCBvcGVyYXRlZCBieQogICB0aGUgY2VydGlmaWNhdGUgaG9sZGVyLgoKMy4xMy4gIENl cnRpZmljYXRlIGhvbGRlciBtYW5hZ2VzIFJBCgogICBBbiBpc3N1aW5nIENBIG1heSBob3N0IGEg cmVnaXN0cmF0aW9uIGF1dGhvcml0eSBvbiBiZWhhbGYgb2YgYQogICBjZXJ0aWZpY2F0ZSBob2xk ZXIuICBUeXBpY2FsbHksIHRoZSBjZXJ0aWZpY2F0ZSBob2xkZXIgaXMgYXBwcm92ZWQgdG8KICAg aXNzdWUgY2VydGlmaWNhdGVzIG9ubHkgd2l0aGluIGEgc3BlY2lmaWMgcmVnaW9uIG9mIHRoZSBu YW1lLXNwYWNlLAogICBhbmQgdGhpcyBsaW1pdGF0aW9uIGlzIGVuZm9yY2VkIGJ5IHRoZSBob3N0 IGlzc3VpbmcgQ0EuICBFeGFtaW5hdGlvbgogICBvZiB0aGUgY2VydGlmaWNhdGUgY2hhaW4gd291 bGQgaW5kaWNhdGUgdGhhdCB0aGUgcmVnaXN0cmF0aW9uCiAgIGF1dGhvcml0eSB3YXMgb3duZWQg YW5kIG9wZXJhdGVkIGJ5IHRoZSBpc3N1aW5nIENBLgoKCgoKQmFycmVpcmEgJiBNb3J0b24gICAg ICAgICAgRXhwaXJlcyBNYXkgNCwgMjAxMyAgICAgICAgICAgICAgICAgIFtQYWdlIDddCgwKSW50 ZXJuZXQtRHJhZnQgICAgICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAgICAg T2N0b2JlciAyMDEyCgoKNC4gIElBTkEgQ29uc2lkZXJhdGlvbnMKCiAgIFRoaXMgbWVtbyBpbmNs dWRlcyBubyByZXF1ZXN0IHRvIElBTkEuCgoKNS4gIFNlY3VyaXR5IENvbnNpZGVyYXRpb25zCgog ICBUaGUgdHJ1c3QgbW9kZWxzIGRlc2NyaWJlZCBoZXJlIGV4aGliaXQgc2V2ZXJhbCB2dWxuZXJh YmlsaXRpZXMgdGhhdAogICBjb3VsZCBhZHZlcnNlbHkgYWZmZWN0IHRoZSByZWxpYWJpbGl0eSBv ZiB0aGUgYXV0aGVudGljYXRpb24gdGhleQogICBwcm92aWRlLiAgVGhlIGZpcnN0IGNvbmNlcm5z IHRoZSBuYW1pbmcgb2YgY2VydGlmaWNhdGUgaG9sZGVycy4gIFRoZQogICBzZWNvbmQgY29uY2Vy bnMgY29udHJvbGxhYmlsaXR5IGFuZCBvYnNlcnZhYmlsaXR5IG9mIGlzc3VlZAogICBjZXJ0aWZp Y2F0ZXMuCgogICBDZXJ0aWZpY2F0ZSBob2xkZXIgbmFtZXMgd2l0aCBhbnkgb2YgdGhlIGZvbGxv d2luZyBjaGFyYWN0ZXJpc3RpY3MKICAgY2FuIGJlIHVzZWQgaW4gYW4gaW1wZXJzb25hdGlvbiBh dHRhY2suCgogICBvICBob21vZ3JhcGhpYyBuYW1lCgogICBvICBtaXhlZC1hbHBoYWJldCBuYW1l CgogICBvICBuYW1lIHRoYXQgY29udGFpbnMgYSBzdHJpbmcgdGVybWluYXRpb24gY2hhcmFjdGVy CgogICBvICBub24tdW5pcXVlIG5hbWUgKGUuZy4gYW4gaW50ZXJuYWwgc2VydmVyIG5hbWUpCgog ICBXaXRoIHRoZSBleGNlcHRpb24gb2Ygbm9uLXVuaXF1ZSBuYW1lcywgQ0FzIGluIHRoZSBXZWIg UEtJIGFyZQogICByZXF1aXJlZCB0byBzY3JlZW4gb3V0IHJlcXVlc3RzIGZvciBjZXJ0aWZpY2F0 ZXMgd2l0aCBhbnkgb2YgdGhlc2UKICAgY2hhcmFjdGVyaXN0aWNzLiAgQ0FzIGFyZSByZXF1aXJl ZCB0byBwaGFzZSBvdXQgdGhlIHByYWN0aWNlIG9mCiAgIGlzc3Vpbmcgbm9uLXVuaXF1ZSBuYW1l cyBieSAyMDE2LgoKICAgVGVjaG5pY2FsbHksIHVubGVzcyBjb25zdHJhaW5lZCBieSBhbiB1cHN0 cmVhbSBDQSB0byBpc3N1ZQogICBjZXJ0aWZpY2F0ZXMgb25seSBpbiBhIHNwZWNpZmljIHJlZ2lv biBvZiB0aGUgbmFtZS1zcGFjZSwgYW55IENBIGluCiAgIHRoZSBXZWIgUEtJIGNhbiBpc3N1ZSBh biBhcHBhcmVudGx5IGxlZ2l0aW1hdGUgY2VydGlmaWNhdGUgZm9yIGFueQogICBuYW1lLCB3aGV0 aGVyIG9yIG5vdCB0aGUgbGVnaXRpbWF0ZSBob2xkZXIgb2YgdGhhdCBuYW1lIGlzIGF3YXJlIG9m CiAgIG9yIGFwcHJvdmVzIHRoZSBpc3N1YW5jZS4gIEZ1cnRoZXJtb3JlLCB0aGUgbGVnaXRpbWF0 ZSBob2xkZXIgb2YgdGhhdAogICBuYW1lIG1heSBub3QgZGlzY292ZXIgdGhhdCBzdWNoIGEgY2Vy dGlmaWNhdGUgaGFzIGJlZW4gaXNzdWVkLgoKICAgSW4gdGhlIGV2ZW50IG9mIGEgY29tcHJvbWlz ZSBvZiBhIHJvb3QgQ0EsIGl0cyBrZXkgaXMgYmxhY2tsaXN0ZWQgYnkKICAgY2VydGlmaWNhdGUt dXNpbmcgcHJvZHVjdHMgYnkgbWVhbnMgb2YgYSBzb2Z0d2FyZSB1cGRhdGUuICBUaGlzIGhhcwog ICB0aGUgZWZmZWN0IG9mIGludmFsaWRhdGluZyBldmVyeSBvdGhlcndpc2UtdmFsaWQgY2VydGlm aWNhdGUgdGhhdAogICBjaGFpbnMgdG8gdGhhdCByb290LCB3aGV0aGVyIG9yIG5vdCBpdCB3YXMg aXNzdWVkIHdoaWxlIHRoZQogICBjb21wcm9taXNlIGV4aXN0ZWQuICBUaGlzIHN0ZXAgd291bGQg aGF2ZSBhIHNldmVyZSBpbXBhY3QgdXBvbiB0aGUgQ0EKICAgYW5kIGl0cyBjZXJ0aWZpY2F0ZSBo b2xkZXJzOyBhIHN0ZXAgbm90IGxpa2VseSB0byBiZSB0YWtlbiB3aXRob3V0CiAgIHZlcnkgY2Fy ZWZ1bCBkZWxpYmVyYXRpb24gYW5kIChwZXJoYXBzKSBoZXNpdGF0aW9uLgoKCjYuICBOb3JtYXRp dmUgUmVmZXJlbmNlcwoKICAgW1JGQzIxMTldICBCcmFkbmVyLCBTLiwgIktleSB3b3JkcyBmb3Ig dXNlIGluIFJGQ3MgdG8gSW5kaWNhdGUKCgoKQmFycmVpcmEgJiBNb3J0b24gICAgICAgICAgRXhw aXJlcyBNYXkgNCwgMjAxMyAgICAgICAgICAgICAgICAgIFtQYWdlIDhdCgwKSW50ZXJuZXQtRHJh ZnQgICAgICAgICBUcnVzdCBtb2RlbHMgb2YgdGhlIFdlYiBQS0kgICAgICAgICAgT2N0b2JlciAy MDEyCgoKICAgICAgICAgICAgICBSZXF1aXJlbWVudCBMZXZlbHMiLCBCQ1AgMTQsIFJGQyAyMTE5 LCBNYXJjaCAxOTk3LgoKICAgW1JGQzUyODBdICBDb29wZXIsIEQuLCBTYW50ZXNzb24sIFMuLCBG YXJyZWxsLCBTLiwgQm9leWVuLCBTLiwKICAgICAgICAgICAgICBIb3VzbGV5LCBSLiwgYW5kIFcu IFBvbGssICJJbnRlcm5ldCBYLjUwOSBQdWJsaWMgS2V5CiAgICAgICAgICAgICAgSW5mcmFzdHJ1 Y3R1cmUgQ2VydGlmaWNhdGUgYW5kIENlcnRpZmljYXRlIFJldm9jYXRpb24gTGlzdAogICAgICAg ICAgICAgIChDUkwpIFByb2ZpbGUiLCBSRkMgNTI4MCwgTWF5IDIwMDguCgoKQXV0aG9ycycgQWRk cmVzc2VzCgogICBJbmlnbyBCYXJyZWlyYSAoZWRpdG9yKQogICBJemVucGUKICAgQy9CZWF0byBU b21hcyBkZSBadW1hcnJhZ2EgNzEsIDFvLiAwMTAwOCBWaXRvcmlhLUdhc3RlaXouIFNwYWluCgog ICBQaG9uZTogKzM0IDk0NTA2NzcwNQogICBFbWFpbDogaS1iYXJyZWlyYUBpemVucGUubmV0CgoK ICAgQnJ1Y2UgTW9ydG9uIChlZGl0b3IpCiAgIEVudHJ1c3QKICAgMTAwMCBJbm5vdmF0aW9uIERy aXZlLiBPdHRhd2EsIE9udGFyaW8uIENhbmFkYSBLMksgM0U3CgogICBFbWFpbDogYnJ1Y2UubW9y dG9uQGVudHJ1c3QuY29tCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgpCYXJyZWlyYSAmIE1v cnRvbiAgICAgICAgICBFeHBpcmVzIE1heSA0LCAyMDEzICAgICAgICAgICAgICAgICAgW1BhZ2Ug OV0KDAo= --e89a8f921936869f0604d7d38111-- From kent@bbn.com Wed Mar 13 13:07:08 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5816D11E80AD for ; Wed, 13 Mar 2013 13:07:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.598 X-Spam-Level: X-Spam-Status: No, score=-106.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FHlYV9kktXBp for ; Wed, 13 Mar 2013 13:07:07 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 42DEB11E80A5 for ; Wed, 13 Mar 2013 13:07:07 -0700 (PDT) Received: from dommiel.bbn.com ([192.1.122.15]:59983 helo=dhcp107-16-217-98.hil-mcowdes.orl.wayport.net) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1UFrx4-000Iww-8g; Wed, 13 Mar 2013 16:07:06 -0400 Message-ID: <5140DC69.10900@bbn.com> Date: Wed, 13 Mar 2013 16:07:05 -0400 From: Stephen Kent User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130307 Thunderbird/17.0.4 MIME-Version: 1.0 To: wpkops@ietf.org, Steve Kent References: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> In-Reply-To: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> Content-Type: multipart/alternative; boundary="------------010200090103050704080503" Subject: Re: [wpkops] Web PKI - Trust Models X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 20:07:08 -0000 This is a multi-part message in MIME format. --------------010200090103050704080503 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit I reviewed just the definitions section, and it has a LOT of problems. Comments on that section below. Steve ------ 1.2. Definitions Why are not all most of these terms taken from X.509 or RFC 5280, with appropriate cites? Certificate: The public key of a user, together with some other information, rendered unforgeable by encipherment with the private key of the certification authority which issued it. This is an RSA-centric view of how a signature is computed; it fails to describe how a DSA-based sig is computed. Also, it ignores the use of a hash function as is common ptractice. Certification Authority (CA) - An entity trusted by one or more users to create and assign certificates. Certificate holder - A natural or legal person who is identified as the subject in a certificate. or a device, or organization, or ... Certificate policy: A named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements. cite 3647? Certification Practice Statement (CPS): A statement of the practices that a Certification Authority employs in issuing, managing, revoking and renewing or re-keying certificates. cite 3647? Certificate subject - The certificate holder as represented in the certificate. the holder of the private key that corresponds to the public key in the cert. Certificate user - A natural person who operates a certificate using product. relying party? Certificate-using product - A product that evaluates a certificate or certificate chain and adjusts its behavior according to the result. End entity: A certificate subject which uses its public key for purposes other than signing certificates. since a public key IS never used to sign anything ... Intermediate CA - A CA that issues certificates to issuing CAs and/or other intermediate CAs. this def will overlap with that of a TA, so not very useful. Issuing CA - A CA that issues certificates to certificate holders. is there any other kind of CA? Barreira & Morton Expires May 4, 2013 [Page 3] Internet-Draft Trust models of the Web PKI October 2012 Policy management authority - A natural or legal person who administers the certificate policy by which one or more certification authorities operate. Public-key infrastructure (PKI) - is a system for the creation, storage, and distribution of certificates which are used to verify that a particular public key belongs to a certain entity. not revocation too? Relying party: A user or agent that relies on the data in a certificate in making decisions. decisions about what? Registration authority (RA): An entity that is responsible for identification and authentication of certificate subjects, but that does not sign or issue certificates (i.e., an RA is delegated certain tasks on behalf of a CA). Root certificate - is either an unsigned public key certificate or a self-signed certificate that identifies the Root Certificate Authority (CA). A root certificate is part of a public key infrastructure scheme. no mention of the relation to the more formal term, TA? Root CA - The trust anchor for a digital certificate is the Root Certificate Authority (CA). A CA whose public key is included in a root store. Root store - A set of certification authority public keys that is embedded in a certificate-using product. not just Root CA public keys? Self-signed certificate: A certificate for one CA signed by that CA. we have expanded the def in PKIX to include certs signed by EEs, to more closely match common practice. do you mean to exclude this case? Trust anchor - is an authoritative entity represented via a public key and associated data. if the "authoritative" part were true, the problems faced by this model would be much less severe :-). The problem is that almost none of the TAs embedded in browsers are authoritative for the certs they issue! Trust model - The roles, and the relationships between those roles, that are relevant to the management and evaluation of certificates. Trust service - Service which enhances trust and confidence in electronic transactions. vacuous def. --------------010200090103050704080503 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit I reviewed just the definitions section, and it has a LOT of problems.

Comments on that section below.

Steve
------

1.2. Definitions

Why are not all most of these terms taken from X.509 or RFC 5280, with
appropriate cites?

      Certificate: The public key of a user, together with some other
      information, rendered unforgeable by encipherment with the private
      key of the certification authority which issued it.

This is an RSA-centric view of how a signature is computed; it fails to describe how
a DSA-based sig is computed. Also, it ignores the use of a hash function as is common
ptractice.

      Certification Authority (CA) - An entity trusted by one or more
      users to create and assign certificates.

      Certificate holder - A natural or legal person who is identified
      as the subject in a certificate.
or a device, or organization, or ...

      Certificate policy: A named set of rules that indicates the
      applicability of a certificate to a particular community and/or
      class of application with common security requirements.
cite 3647?

      Certification Practice Statement (CPS): A statement of the
      practices that a Certification Authority employs in issuing,
      managing, revoking and renewing or re-keying certificates.
cite 3647?

      Certificate subject - The certificate holder as represented in the
      certificate.
the holder of the private key that corresponds to the public key in the cert.

      Certificate user - A natural person who operates a certificate
      using product.
relying party?

      Certificate-using product - A product that evaluates a certificate
      or certificate chain and adjusts its behavior according to the
      result.

      End entity: A certificate subject which uses its public key for
      purposes other than signing certificates.
since a public key IS never used to sign anything ...

      Intermediate CA - A CA that issues certificates to issuing CAs
      and/or other intermediate CAs.
this def will overlap with that of a TA, so not very useful.

      Issuing CA - A CA that issues certificates to certificate holders.
is there any other kind of CA?

Barreira & Morton          Expires May 4, 2013                  [Page 3]

Internet-Draft         Trust models of the Web PKI          October 2012

      Policy management authority - A natural or legal person who
      administers the certificate policy by which one or more
      certification authorities operate.

      Public-key infrastructure (PKI) - is a system for the creation,
      storage, and distribution of certificates which are used to verify
      that a particular public key belongs to a certain entity.
not revocation too?

      Relying party: A user or agent that relies on the data in a
      certificate in making decisions.
decisions about what?

      Registration authority (RA): An entity that is responsible for
      identification and authentication of certificate subjects, but
      that does not sign or issue certificates (i.e., an RA is delegated
      certain tasks on behalf of a CA).

      Root certificate - is either an unsigned public key certificate or
      a self-signed certificate that identifies the Root Certificate
      Authority (CA). A root certificate is part of a public key
      infrastructure scheme.
no mention of the relation to the more formal term, TA?

      Root CA - The trust anchor for a digital certificate is the Root
      Certificate Authority (CA). A CA whose public key is included in
      a root store.

      Root store - A set of certification authority public keys that is
      embedded in a certificate-using product.
not just Root CA public keys?

      Self-signed certificate: A certificate for one CA signed by that
      CA.
we have expanded the def in PKIX to include certs signed by EEs, to more closely
match common practice. do you mean to exclude this case?

      Trust anchor - is an authoritative entity represented via a public
      key and associated data.
if the "authoritative" part were true, the problems faced by this model would
be much less severe :-). The problem is that almost none of the TAs embedded
in browsers are authoritative for the certs they issue!

      Trust model - The roles, and the relationships between those
      roles, that are relevant to the management and evaluation of
      certificates.

      Trust service - Service which enhances trust and confidence in
      electronic transactions.
vacuous def.
--------------010200090103050704080503-- From paul.hoffman@vpnc.org Wed Mar 13 17:58:01 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C75F11E8106 for ; Wed, 13 Mar 2013 17:58:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.574 X-Spam-Level: X-Spam-Status: No, score=-102.574 tagged_above=-999 required=5 tests=[AWL=0.025, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lOvTYI7YhSGX for ; Wed, 13 Mar 2013 17:58:00 -0700 (PDT) Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id A899111E80E0 for ; Wed, 13 Mar 2013 17:58:00 -0700 (PDT) Received: from dhcp-4717.meeting.ietf.org (dhcp-4717.meeting.ietf.org [130.129.71.23]) (authenticated bits=0) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id r2E0vxRD062330 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for ; Wed, 13 Mar 2013 17:58:00 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.2 $1499$) From: Paul Hoffman In-Reply-To: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> Date: Wed, 13 Mar 2013 20:57:57 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: References: <452C99D20750E74083DBA441FF93238577479014@SOTTEXCH10.corp.ad.entrust.com> To: "wpkops WG (wpkops@ietf.org)" X-Mailer: Apple Mail (2.1499) Subject: Re: [wpkops] Web PKI - Trust Models X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Mar 2013 00:58:01 -0000 Steve Kent was faster than I was about posting some of the problems with = the definitions. But he stopped there, so let me continue with the = "basic trust model". Just a reminder from our WG charter: The working group's goal is to = describe how the Web PKI "actually" works in the set of browsers and = servers that are in common use today. Given that, I believe the following is fairly flawed. In the basic Web PKI trust model, a certificate-using product includes a root store that contains one or more root certification authority public keys, each of which is under the control of a CA and managed in conformance with the certificate policy prescribed and administered by the certificate using product supplier. Each such root certification authority issues a certificate to one or more issuing CAs that are under the control of the same commercial CA. Each issuing CA accepts and responds to certificate requests from one or more certificate applicants via one or more registration authorities that are under the control of the same CA. If the request is granted, then the certificate applicant becomes a certificate holder. The role of the registration authority is to confirm the accuracy of the information provided in the certificate request. - Some web browsers have a root store, but others use the OS's root = store - Some of these root stores have public keys associated with an = enterprise; those keys are often not managed in conformance with = anything - "Commercial" is just plain wrong: many trust anchors are run by = governments - Many trust anchors in the root store issue end entity certificates = directly - Many trust anchors in the root store do not have registration = authorities In summary: this definition does not represent how the Web PKI actually = works. The text that follows seems based on these assumptions, and thus = has similar problems. --Paul Hoffman= From ben@digicert.com Thu Mar 14 11:33:25 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A016D11E81FB for ; Thu, 14 Mar 2013 11:33:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.739 X-Spam-Level: X-Spam-Status: No, score=-4.739 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DcoZPNgl011C for ; Thu, 14 Mar 2013 11:33:24 -0700 (PDT) Received: from mail.digicert.com (mail.digicert.com [64.78.193.232]) by ietfa.amsl.com (Postfix) with ESMTP id 7A33E11E81B0 for ; Thu, 14 Mar 2013 11:33:24 -0700 (PDT) Received: from BWILSONL1 (c-98-202-213-133.hsd1.ut.comcast.net [98.202.213.133]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.digicert.com (Postfix) with ESMTPSA id 06A3A8FAA05 for ; Thu, 14 Mar 2013 12:33:23 -0600 (MDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digicert.com; s=mail; t=1363286004; bh=gzOVZwjoFVvPxKez7niv8edJ6MH6kBumi3xfpVrA9KA=; h=Reply-To:From:To:Subject:Date; b=MkRkb5xieJaCjC6wS9m+dAIOULge1MkHFfrU83/vnPMPOqKhnhY8gmS3cmDoIGEux 64zSUgxDtQw0gUMYmW4CQDioCFUGkLOIONKJxOvTWIZVqHWHXYYEwOpO8qZNsrCqkz GEiLvzjVYtdbVK5022R7VBx+i/CzTNuX+k0UM1dU= From: "Ben Wilson" To: "'wpkops WG'" Date: Thu, 14 Mar 2013 12:33:23 -0600 Organization: DigiCert Message-ID: <012d01ce20e2$69111cf0$3b3356d0$@digicert.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_012E_01CE20B0.1E774930" X-Mailer: Microsoft Outlook 14.0 Thread-Index: Ac4g4OBK2XBJP27tSH6Q34GQ2Ex7Gg== Content-Language: en-us Subject: [wpkops] Spreadsheet on User Agent Behavior X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ben@digicert.com List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Mar 2013 18:33:25 -0000 This is a multipart message in MIME format. ------=_NextPart_000_012E_01CE20B0.1E774930 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Here is the link to the https://docs.google.com/spreadsheet/ccc?key=0Ah4hAObl77LxdF9iQ0M5TUJ1MTlyWmo 4X2RSeklnSkE &usp=sharing I will back up the workbook every day or so. I've shared it "Anyone with link can edit". As mentioned in today's presentation, there are three types of sheets Referential Integrity enforced with these keys: . Conditions (Name mismatch, expired, revoked) . UA Behaviors (visual cues and bypassable errors) Input sheets for User Agents, OSs, & Platforms (Safari on Win7, Firefox on Android, Opera on Wii) Results sheets for Conditions (programmatically filled in from data added by input) For the kick-off, we did not populate the sheets with all of the conditions and behaviors. We will try to organize those by category. We will start populating the information that we already have. ------=_NextPart_000_012E_01CE20B0.1E774930 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Here is = the link to the https://docs.google.com/spre= adsheet/ccc?key=3D0Ah4hAObl77LxdF9iQ0M5TUJ1MTlyWmo4X2RSeklnSkE&usp=3D= sharing

I will back up the = workbook every day or so. I’ve shared it “Anyone with = link can edit”.

As = mentioned in today’s presentation, there are three types of = sheets

Referential Integrity = enforced with these keys:

• = Conditions (Name mismatch, expired, = revoked)

• = UA Behaviors (visual cues and bypassable = errors)

Input sheets for User = Agents, OSs, & Platforms (Safari on Win7, Firefox on Android, Opera = on Wii)

Results sheets for = Conditions (programmatically filled in from data added by = input)

For the kick-off, we did not populate the sheets with = all of the conditions and behaviors. We will try to organize those = by category. We will start populating the information that = we already have.

------=_NextPart_000_012E_01CE20B0.1E774930-- From joelja@bogus.com Thu Mar 21 12:59:12 2013 Return-Path: X-Original-To: wpkops@ietfa.amsl.com Delivered-To: wpkops@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95A6F21F8C66 for ; Thu, 21 Mar 2013 12:59:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.316 X-Spam-Level: X-Spam-Status: No, score=-102.316 tagged_above=-999 required=5 tests=[AWL=0.283, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tRaj+FaRZwr8 for ; Thu, 21 Mar 2013 12:59:12 -0700 (PDT) Received: from nagasaki.bogus.com (nagasaki.bogus.com [IPv6:2001:418:1::81]) by ietfa.amsl.com (Postfix) with ESMTP id 365A521F8A4E for ; Thu, 21 Mar 2013 12:59:09 -0700 (PDT) Received: from joels-MacBook-Air.local (host-64-47-153-50.masergy.com [64.47.153.50]) (authenticated bits=0) by nagasaki.bogus.com (8.14.4/8.14.4) with ESMTP id r2LJx8Us088332 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT); Thu, 21 Mar 2013 19:59:08 GMT (envelope-from joelja@bogus.com) Message-ID: <514B6687.7070107@bogus.com> Date: Thu, 21 Mar 2013 12:59:03 -0700 From: joel jaeggli User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:19.0) Gecko/20130117 Thunderbird/19.0 MIME-Version: 1.0 To: wpkops WG , wpkops-chairs@tools.ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (nagasaki.bogus.com [147.28.0.81]); Thu, 21 Mar 2013 19:59:09 +0000 (UTC) Subject: [wpkops] Volunteers Wanted. X-BeenThere: wpkops@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Mar 2013 19:59:12 -0000 Hey folks. I was pleased to see the extent to which the first chartered meeting of wpkops went down down something in the capaable hands of it's first-time wg chair. I've been looking for an additional chair to assist the very capable Sharon Boyen and round out the roster. At this point I'd like to throw the process of finding a new chair open to volunteers. If you are willing any able to serve in the role of co-chair for wpkops would you shoot me an email offlist? I'll follow up individually over the next couple of days with the volunteers and see if we can't get someone to share the (not yet daunting) workload. thanks joel