<?xmlversion='1.0' encoding='utf-8'?>version="1.0" encoding="UTF-8"?> <!DOCTYPE rfc [ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]><?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?><!-- generated by https://github.com/cabo/kramdown-rfc version 1.6.11 (Ruby 3.1.2) --> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-privacypass-protocol-16" number="9578" submissionType="IETF" category="std" consensus="true" tocInclude="true" sortRefs="true" symRefs="true" updates="" obsoletes="" xml:lang="en" version="3"> <!-- xml2rfc v2v3 conversion 3.12.10 --> <front> <title abbrev="Privacy Pass Issuance">Privacy Pass IssuanceProtocol</title>Protocols</title> <seriesInfoname="Internet-Draft" value="draft-ietf-privacypass-protocol-16"/>name="RFC" value="9578"/> <author initials="S." surname="Celi" fullname="Sofía Celi"> <organization>Brave Software</organization> <address> <postal> <city>Lisbon</city> <country>Portugal</country> </postal> <email>cherenkov@riseup.net</email> </address> </author> <author initials="A." surname="Davidson" fullname="Alex Davidson"><organization>Brave Software</organization><organization>NOVA LINCS, Universidade NOVA de Lisboa</organization> <address> <postal><city>Lisbon</city><street>Largo da Torre</street> <city>Caparica</city> <country>Portugal</country> </postal> <email>alex.davidson92@gmail.com</email> </address> </author> <author initials="S." surname="Valdez" fullname="Steven Valdez"> <organization>Google LLC</organization> <address> <email>svaldez@chromium.org</email> </address> </author> <author initials="C. A." surname="Wood" fullname="Christopher A. Wood"> <organization>Cloudflare</organization> <address> <postal> <street>101 Townsend St</street> <city>San Francisco</city> <region>CA</region> <code>94107</code> <country>United States of America</country> </postal> <email>caw@heapingbits.net</email> </address> </author> <dateyear="2023" month="October" day="03"/> <keyword>Internet-Draft</keyword>year="2024" month="May"/> <area>sec</area> <workgroup>privacypass</workgroup> <abstract> <t>This document specifies two variants of the two-message issuance protocol for Privacy Pass tokens: one that produces tokens that are privately verifiable using theissuance private key,Issuer Private Key andanotherone that produces tokens that are publicly verifiable using the Issuer Public Key. Instances of "issuance protocol" and "issuance protocols" in the text of this document are used interchangeably to refer to the two variants of the Privacy Pass issuancepublic key.</t>protocol.</t> </abstract> </front> <middle> <section anchor="introduction"> <name>Introduction</name> <t>The Privacy Pass protocol provides a privacy-preserving authorization mechanism. In essence, the protocol allowsclientsClients to provide cryptographic tokens that prove nothing other than that they have been created by a given server in the past <xreftarget="ARCHITECTURE"/>.</t>target="RFC9576"/>.</t> <t>This document describesthetwo issuanceprotocolprotocols for PrivacyPassPass, each of which is built on <xreftarget="HTTP"/>.target="RFC9110"/>. It specifies two variants: one that is privately verifiable using theissuance private keyIssuer Private Key based on theoblivious pseudorandom function fromOblivious Pseudorandom Function (OPRF) as defined in <xreftarget="OPRF"/>,target="RFC9497"/> and one that is publicly verifiable using theissuance public keyIssuer Public Key based on the blind RSA signature scheme <xreftarget="BLINDRSA"/>.</t>target="RFC9474"/>. Instances of "issuance protocol" and "issuance protocols" in the text of this document are used interchangeably to refer to the two variants of the Privacy Pass issuance protocol.</t> <t>This document does not cover the Privacy Pass architecture,including choiceswhich includes (1) choices that are necessary for deployment andapplication specific(2) application-specific choices for protectingclientClient privacy. This information is covered in <xreftarget="ARCHITECTURE"/>.</t>target="RFC9576"/>.</t> </section> <section anchor="terminology"> <name>Terminology</name> <t>The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here.</t> <t>This document uses the termsOrigin, Client, Issuer,"Origin", "Client", "Issuer", andToken"Token" as defined in <xref section="2" sectionFormat="of"target="ARCHITECTURE"/>.target="RFC9576"/>. Moreover, the following additional terms are used throughout this document.</t><ul<dl spacing="normal"><li>Issuer<dt>Issuer PublicKey: TheKey:</dt><dd>The public key (from a private-public key pair) used by the Issuer for issuing and verifyingTokens.</li> <li>Issuertokens.</dd> <dt>Issuer PrivateKey: TheKey:</dt><dd>The private key (from a private-public key pair) used by the Issuer for issuing and verifyingTokens.</li> </ul>tokens.</dd> </dl> <t>Unless otherwise specified, this document encodes protocol messages in TLS notationfrom <xref(<xref section="3"sectionFormat="of" target="TLS13"/>.sectionFormat="comma" target="RFC8446"/>). Moreover, all constants are in network byte order.</t> </section> <section anchor="protocol-overview"> <name>Protocol Overview</name> <t>The issuance protocols defined in this document embody the core of Privacy Pass. Clients receive TokenChallenge inputs from the redemption protocol (<xref section="2.1" sectionFormat="comma"target="AUTHSCHEME"/>)target="RFC9577"/>) and use the issuance protocols to produce correspondingTokentoken values (<xref section="2.2" sectionFormat="comma"target="AUTHSCHEME"/>).target="RFC9577"/>). The issuance protocol describes how Clients and Issuers interact to compute a token using a one-round protocol consisting of a TokenRequest from the Client and a TokenResponse from the Issuer. This interaction is shown below.</t> <figure anchor="fig-issuance"> <name>Issuance Overview</name> <!-- Removed height="224" width="520" to see if the SVG will display correctly in the HTML and PDF outputs. --> <artset> <artwork type="svg"><svg xmlns="http://www.w3.org/2000/svg" version="1.1"height="224" width="520"viewBox="0 0 520 224" class="diagram" text-anchor="middle" font-family="monospace" font-size="13px" stroke-linecap="round"> <path d="M 8,32 L 8,64" fill="none" stroke="black"/> <path d="M 40,64 L 40,208" fill="none" stroke="black"/> <path d="M 80,32 L 80,64" fill="none" stroke="black"/> <path d="M 184,32 L 184,64" fill="none" stroke="black"/> <path d="M 216,64 L 216,208" fill="none" stroke="black"/> <path d="M 256,32 L 256,64" fill="none" stroke="black"/> <path d="M 336,32 L 336,64" fill="none" stroke="black"/> <path d="M 376,64 L 376,144" fill="none" stroke="black"/> <path d="M 376,192 L 376,208" fill="none" stroke="black"/> <path d="M 424,32 L 424,64" fill="none" stroke="black"/> <path d="M 440,32 L 440,64" fill="none" stroke="black"/> <path d="M 472,64 L 472,208" fill="none" stroke="black"/> <path d="M 512,32 L 512,64" fill="none" stroke="black"/> <path d="M 8,32 L 80,32" fill="none" stroke="black"/> <path d="M 184,32 L 256,32" fill="none" stroke="black"/> <path d="M 336,32 L 424,32" fill="none" stroke="black"/> <path d="M 440,32 L 512,32" fill="none" stroke="black"/> <path d="M 8,64 L 80,64" fill="none" stroke="black"/> <path d="M 184,64 L 256,64" fill="none" stroke="black"/> <path d="M 336,64 L 424,64" fill="none" stroke="black"/> <path d="M 440,64 L 512,64" fill="none" stroke="black"/> <path d="M 48,96 L 88,96" fill="none" stroke="black"/> <path d="M 168,96 L 216,96" fill="none" stroke="black"/> <path d="M 40,112 L 56,112" fill="none" stroke="black"/> <path d="M 192,112 L 208,112" fill="none" stroke="black"/> <path d="M 224,126 L 240,126" fill="none" stroke="black"/> <path d="M 224,130 L 240,130" fill="none" stroke="black"/> <path d="M 352,126 L 368,126" fill="none" stroke="black"/> <path d="M 352,130 L 368,130" fill="none" stroke="black"/> <path d="M 216,160 L 288,160" fill="none" stroke="black"/> <path d="M 408,160 L 464,160" fill="none" stroke="black"/> <path d="M 224,176 L 288,176" fill="none" stroke="black"/> <path d="M 416,176 L 472,176" fill="none" stroke="black"/> <path d="M 48,192 L 64,192" fill="none" stroke="black"/> <path d="M 192,192 L 216,192" fill="none" stroke="black"/> <polygon class="arrowhead" points="472,160 460,154.4 460,165.6" fill="black" transform="rotate(0,464,160)"/> <polygon class="arrowhead" points="376,128 364,122.4 364,133.6" fill="black" transform="rotate(0,368,128)"/> <polygon class="arrowhead" points="232,176 220,170.4 220,181.6" fill="black" transform="rotate(180,224,176)"/> <polygon class="arrowhead" points="232,128 220,122.4 220,133.6" fill="black" transform="rotate(180,224,128)"/> <polygon class="arrowhead" points="216,112 204,106.4 204,117.6" fill="black" transform="rotate(0,208,112)"/> <polygon class="arrowhead" points="56,192 44,186.4 44,197.6" fill="black" transform="rotate(180,48,192)"/> <polygon class="arrowhead" points="56,96 44,90.4 44,101.6" fill="black" transform="rotate(180,48,96)"/> <g class="text"> <text x="44" y="52">Origin</text> <text x="220" y="52">Client</text> <text x="380" y="52">Attester</text> <text x="476" y="52">Issuer</text> <text x="128" y="100">Request</text> <text x="124" y="116">TokenChallenge</text> <text x="296" y="132">Attestation</text> <text x="348" y="164">TokenRequest</text> <text x="352" y="180">TokenResponse</text> <text x="128" y="196">Request+Token</text> </g> </svg> </artwork> <artwork type="ascii-art"><![CDATA[ +--------+ +--------+ +----------+ +--------+ | Origin | | Client | | Attester | | Issuer | +---+----+ +---+----+ +----+-----+ +---+----+ | | | | |<----- Request ------+ | | +-- TokenChallenge -->| | | | |<== Attestation ==>| | | | | | | +--------- TokenRequest ------->| | |<-------- TokenResponse -------+ |<-- Request+Token ---+ | | | | | | ]]></artwork> </artset> </figure> <t>The TokenChallenge inputs to the issuance protocols described in this document can be interactive ornon-interactive,non-interactive andper-origincan be per Origin orcross-origin.</t>across Origins.</t> <t>The issuance protocols defined in this document are compatible with any deployment model defined in <xref section="4" sectionFormat="of"target="ARCHITECTURE"/>.target="RFC9576"/>. The details of attestation are outside the scope of the issuance protocol; see <xref section="4" sectionFormat="of"target="ARCHITECTURE"/>target="RFC9576"/> for information about how attestation can be implemented in each of the relevant deployment models.</t> <t>This document describes two variants of the issuance protocol: one that is privately verifiable (<xref target="private-flow"/>) using theissuance private keyIssuer Private Key based on theoblivious pseudorandom function fromOPRF <xreftarget="OPRF"/>,target="RFC9497"/> and one that is publicly verifiable (<xref target="public-flow"/>) using theissuance public keyIssuer Public Key based on the blind RSA signature scheme <xreftarget="BLINDRSA"/>.</t>target="RFC9474"/>.</t> </section> <section anchor="setup"> <name>Configuration</name> <t>IssuersMUST<bcp14>MUST</bcp14> provide two parameters for configuration:</t><ol spacing="normal" type="1"><li>Issuer<dl spacing="normal"><dt>Issuer RequestURL: AURL:</dt><dd>A token request URL for generating access tokens. For example, an Issuer Request URL might behttps://issuer.example.net/request.</li> <li>Issuer<https://issuer.example.net/request>.</dd> <dt>Issuer Public Keyvalues: Avalues:</dt><dd>A list of Issuer Public Keys for the issuanceprotocol.</li> </ol>protocol.</dd> </dl> <t>The Issuer parameters can be obtained from an Issuer via a directory object, which is a JSON object (<xref section="4" sectionFormat="comma" target="RFC8259"/>) whose values are other JSON values (<xref section="3" sectionFormat="comma" target="RFC8259"/>) for the parameters. The contents of this JSON object are defined in <xref target="directory-values"/>.</t> <table anchor="directory-values"> <name>Issuerdirectory object description</name>Directory Object Description</name> <thead> <tr> <th align="left">Field Name</th> <th align="left">Value</th> </tr> </thead> <tbody> <tr> <td align="left">issuer-request-uri</td> <td align="left">Issuer Request URL value (as an absoluteURL,URL or as a URL relative to the directory object) as a percent-encoded URL string, represented as a JSON string (<xref section="7" sectionFormat="comma" target="RFC8259"/>)</td> </tr> <tr> <td align="left">token-keys</td> <td align="left">List of Issuer Public Key values, each represented as JSON objects (<xref section="4" sectionFormat="comma" target="RFC8259"/>)</td> </tr> </tbody> </table> <t>Each "token-keys" JSON object contains the fields and corresponding raw values defined in <xref target="tokenkeys-values"/>.</t> <table anchor="tokenkeys-values"> <name>Issuer'token-keys' object description'</name>"token-keys" Object Description</name> <thead> <tr> <th align="left">Field Name</th> <th align="left">Value</th> </tr> </thead> <tbody> <tr> <td align="left">token-type</td> <td align="left">Integer value of theToken Type,token type, as defined in <xref target="token-type"/>, represented as a JSON number (<xref section="6" sectionFormat="comma" target="RFC8259"/>)</td> </tr> <tr> <td align="left">token-key</td> <td align="left">Thebase64url-encodedbase64url public key, encoded per <xreftarget="RFC4648"/> Public Keytarget="RFC4648"/>, for use with the issuance protocol as determined by the token-type field, including padding, represented as a JSON string (<xref section="7" sectionFormat="comma" target="RFC8259"/>)</td> </tr> </tbody> </table> <t>Each "token-keys" JSON object may also contain the optional field "not-before". The value of this field is the UNIX timestamp (number of seconds since January 1, 1970, UTC -- see <xref section="4.2.1" sectionFormat="of"target="TIMESTAMP"/>)target="RFC8877"/>) at which the key can be used. If this field is present, ClientsSHOULD NOT<bcp14>SHOULD NOT</bcp14> use a token key before this timestamp, as doing so can lead to issuance failures. The purpose of this field is to assist in scheduled key rotations.</t> <t>Beyond staging keys with the "not-before" value, IssuersMAY<bcp14>MAY</bcp14> advertise multiple "token-keys" for the same token-type to facilitate key rotation. In this case, Issuers indicate their preference for which token key to use based on the order of keys in the list, with preference given to keys earlier in the list. ClientsSHOULD<bcp14>SHOULD</bcp14> use the first key in the "token-keys" list that either does not have a "not-before" value or has a "not-before" value in the past, since the first such key is the most likely to be valid in the given time window. Origins can attempt to use any key in the "token-keys" list to verify tokens, starting with the most preferred key in the list. Trialverificationverifications like this can help deal with Client clock skew.</t> <t>Altogether, the Issuer's directory could look like the following (with the "token-key" fields abbreviated):</t> <artwork><![CDATA[ { "issuer-request-uri": "https://issuer.example.net/request", "token-keys": [ { "token-type": 2, "token-key": "MI...AB", "not-before": 1686913811, }, { "token-type": 2, "token-key": "MI...AQ", } ] } ]]></artwork> <t>Clients that use this directory resource before 1686913811 in UNIX time would use the second key in the "token-keys" list, whereas Clients that use this directory after 1686913811 in UNIX time would use the first key in the "token-keys" list.</t> <t>A complete "token-key" value, encoded as it would be in the Issuer directory, would look like the following (line breaks are inserted to fit within the per-line character limits):</t> <artwork><![CDATA[ $ echoMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQE \BglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAmKHGAMyeoJt1pj3n7xTtqAPr_DhZAPhJM7BCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAmKHGAMyeoJt1pj3n7xTtqAPr \Pc8ENR2BzdZwPTTF7KFKms5wt-mL01at0SC-cdBuIj6WYK8Ovz0AyaBuvTvW6SKCh7ZPXEqCGR_DhZAPhJM7Pc8ENR2BzdZwPTTF7KFKms5wt-mL01at0SC-cdBuIj6WYK8Ovz0AyaBuvTv \sq5I0nthREtrYkGo113oMVPVp3sy4VHPgzd8KdzTLGzOrjiUOsSFWbjf21iaVjXJ2VdwdS-8O-W6SKCh7ZPXEqCGRsq5I0nthREtrYkGo113oMVPVp3sy4VHPgzd8KdzTLGzOrjiUOsSFWb \430wkucYjGeOJwi8rWx_ZkcHtav0S67Q_SlExJel6nyRzpuuID9OQm1nxfs1Z4PhWBzt93T2ozjf21iaVjXJ2VdwdS-8O-430wkucYjGeOJwi8rWx_ZkcHtav0S67Q_SlExJel6nyRzpuuI \Tnda3OklF5n0pIXD6bttmTekIw_8Xx2LMis0jfJ1QL99aA-muXRFN4ZUwORrF7cAcCUD_-56_6D9OQm1nxfs1Z4PhWBzt93T2ozTnda3OklF5n0pIXD6bttmTekIw_8Xx2LMis0jfJ1QL99 \fh9s34FmqBGwIDAQABaA-muXRFN4ZUwORrF7cAcCUD_-56_6fh9s34FmqBGwIDAQAB \ | sed s/-/+/g | sed s/_/\\//g | openssl base64 -d \ | openssl asn1parse -dump -inform DER 0:d=0 hl=4 l= 338 cons: SEQUENCE 4:d=1 hl=2 l= 61 cons: SEQUENCE 6:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss 17:d=2 hl=2 l= 48 cons: SEQUENCE 19:d=3 hl=2 l= 13 cons: cont [ 0 ] 21:d=4 hl=2 l= 11 cons: SEQUENCE 23:d=5 hl=2 l= 9 prim: OBJECT :sha384 34:d=3 hl=2 l= 26 cons: cont [ 1 ] 36:d=4 hl=2 l= 24 cons: SEQUENCE 38:d=5 hl=2 l= 9 prim: OBJECT :mgf1 49:d=5 hl=2 l= 11 cons: SEQUENCE 51:d=6 hl=2 l= 9 prim: OBJECT :sha384 62:d=3 hl=2 l= 3 cons: cont [ 2 ] 64:d=4 hl=2 l= 1 prim: INTEGER :30 67:d=1 hl=4 l= 271 prim: BIT STRING ... truncated public key bytes ... ]]></artwork> <t>Issuer directory resources have the media type "application/private-token-issuer-directory" and are located at the well-known location /.well-known/private-token-issuer-directory; see <xref target="wkuri-reg"/> for the registration information for this well-known URI.The reason that thisThis resource is located at a well-known URIis thatbecause Issuers are defined by anoriginOrigin name in TokenChallenge structures; see <xref section="2.1" sectionFormat="of"target="AUTHSCHEME"/>.</t>target="RFC9577"/>.</t> <t>The Issuer directory and Issuer resourcesSHOULD<bcp14>SHOULD</bcp14> be available on the sameorigin.Origin. If an Issuer wants to service multiple different Issuerdirectoriesdirectories, theyMUST<bcp14>MUST</bcp14> create unique subdomains for each directory so the TokenChallenge defined in <xref section="2.1" sectionFormat="of"target="AUTHSCHEME"/>target="RFC9577"/> can be differentiated correctly.</t> <t>IssuersSHOULD<bcp14>SHOULD</bcp14> use HTTP cache directives to permit caching of this resource <xref target="RFC5861"/>. The cache lifetime depends on the Issuer's key rotation schedule. Regular rotation of token keys is recommended to minimize the risk of key compromise and any harmful effects that happen due to key compromise.</t> <t>Issuers can control the cache lifetime with the Cache-Control header, as follows:</t> <artwork><![CDATA[ Cache-Control: max-age=86400 ]]></artwork> <t>Consumers of the Issuer directory resourceSHOULD<bcp14>SHOULD</bcp14> follow the usual HTTP caching semantics <xref target="RFC9111"/>semanticswhen processing this resource. Long cache lifetimes may result in the use of stale Issuer configuration information, whereas short lifetimes may result in decreased performance. When the use of an Issuer configuration results in token issuance failures, e.g., because the Issuer has invalidated its directory resource before its expiration time and issuance requests using this configuration are unsuccessful, the directorySHOULD<bcp14>SHOULD</bcp14> be fetched and revalidated. Issuance will continue to fail until the Issuer configuration is updated.</t> </section> <section anchor="private-flow"> <name>Issuance Protocol for Privately Verifiable Tokens</name> <t>The privately verifiable issuance protocol allows Clients to produceTokentoken values that verify using the Issuer Private Key.This This protocol is based on theoblivious pseudorandom function fromOPRF <xreftarget="OPRF"/>.</t>target="RFC9497"/>.</t> <t>Issuers provideaan Issuer Private Key and Public Key, denoted <tt>skI</tt> and<tt>pkI</tt><tt>pkI</tt>, respectively, used to produce tokens as input to the protocol. See <xref target="issuer-configuration"/> for information about how these keys are generated.</t> <t>Clients provide the following as input to the issuance protocol:</t><ul<dl spacing="normal"><li>Issuer<dt>Issuer RequestURL: AURL:</dt><dd>A URL identifying the location to which issuance requests are sent. This can be a URL derived from the "issuer-request-uri" value in the Issuer's directory resource, or it can be another Client-configured URL. The value of this parameter depends on the Client configuration and deployment model. For example, in the'Joint"Joint Origin andIssuer'Issuer" deploymentmodel,model (<xref target="RFC9576" sectionFormat="comma" section="4.3"/>), the Issuer Request URL might correspond to the Client's configured Attester, and the Attester is configured to relay requests to theIssuer.</li> <li>Issuer name: AnIssuer.</dd> <dt>Issuer name:</dt><dd>An identifier for the Issuer. This is typically ahost namehostname that can be used to construct HTTP requests to theIssuer.</li> <li>IssuerIssuer.</dd> <dt>Issuer PublicKey: <tt>pkI</tt>,Key:</dt><dd><tt>pkI</tt>, with a key identifier <tt>token_key_id</tt> computed as described in <xreftarget="issuer-configuration"/>.</li> <li>Challenge value: <tt>challenge</tt>,target="issuer-configuration"/>.</dd> <dt>Challenge value:</dt><dd><tt>challenge</tt> -- an opaque byte string. For example, this might be provided by the redemption protocol described in <xreftarget="AUTHSCHEME"/>.</li> </ul>target="RFC9577"/>.</dd> </dl> <t>Given this configuration and these inputs, the two messages exchanged in this protocol are described below. This section uses notation described in <xref section="4" sectionFormat="comma"target="OPRF"/>,target="RFC9497"/>, including SerializeElement and DeserializeElement, SerializeScalar and DeserializeScalar, and DeriveKeyPair.</t> <t>The constants <tt>Ne</tt> and <tt>Ns</tt> are as defined in Section <xref target="RFC9497" section="4.4" sectionFormat="bare">"OPRF(P-384, SHA-384)"</xref> of <xrefsection="4" sectionFormat="comma" target="OPRF"/> for OPRF(P-384, SHA-384). Thetarget="RFC9497"/>. For this protocol, the constant <tt>Nk</tt>, which is also equal to <tt>Nh</tt> as defined in <xrefsection="4" sectionFormat="comma" target="OPRF"/>,section="4.4" sectionFormat="of" target="RFC9497"/>, is defined by <xref target="private-token-type"/>.</t> <section anchor="private-request"> <name>Client-to-Issuer Request</name> <t>The Client first creates a context as follows:</t> <artwork><![CDATA[ client_context = SetupVOPRFClient("P384-SHA384", pkI) ]]></artwork> <t>Here, "P384-SHA384" is the identifier corresponding to the OPRF(P-384, SHA-384) ciphersuite defined in <xreftarget="OPRF"/>.target="RFC9497"/>. SetupVOPRFClient is defined in <xref section="3.2" sectionFormat="comma"target="OPRF"/>.</t>target="RFC9497"/>.</t> <t>The Client then creates an issuance request message for a random 32-bytevalue<tt>nonce</tt> with the input challenge and Issuer key identifier as described below:</t> <artwork><![CDATA[ nonce = random(32) challenge_digest = SHA256(challenge) token_input = concat(0x0001, //Token typetoken-type field is 2 bytes long nonce, challenge_digest, token_key_id) blind, blinded_element = client_context.Blind(token_input) ]]></artwork> <t>The Blind function isdefineddiscussed in Sections <xref target="RFC9497" section="3.3.1" sectionFormat="bare"/> and <xref target="RFC9497" section="3.3.2"sectionFormat="comma" target="OPRF"/>.sectionFormat="bare"/> of <xref target="RFC9497"/>. If the Blind function fails, the Client aborts the protocol. The Client stores the <tt>nonce</tt> and <tt>challenge_digest</tt> values locally for use when finalizing the issuance protocol to produce a token (as described in <xref target="private-finalize"/>).</t> <t>The Client then creates a TokenRequest structured as follows:</t> <artwork><![CDATA[ struct { uint16_t token_type = 0x0001; /* Type VOPRF(P-384, SHA-384) */ uint8_t truncated_token_key_id; uint8_t blinded_msg[Ne]; } TokenRequest; ]]></artwork> <t>The structure fields are defined as follows:</t> <ul spacing="normal"> <li>"token_type" is a 2-octet integer, which matches the type in the challenge.</li> <li>"truncated_token_key_id" is the least significant byte of the <tt>token_key_id</tt> (<xref target="issuer-configuration"/>) in network byte order (in other words, the last 8 bits of <tt>token_key_id</tt>). This value is truncated so that Issuers cannot use <tt>token_key_id</tt> as a way of uniquely identifying Clients; see<xref target="security"/> andreferenced information from <xref target="security"/> for more details.</li> <li>"blinded_msg" is the Ne-octet blinded message defined above, computed as <tt>SerializeElement(blinded_element)</tt>.</li> </ul> <t>The values <tt>token_input</tt> and <tt>blinded_element</tt> are stored locallyand used later asfor use when finalizing the issuance protocol to produce a token (as described in <xreftarget="private-finalize"/>.target="private-finalize"/>). The Client then generates an HTTP POST request to send to the Issuer Request URL, with the TokenRequest as the content. The media type for this request is "application/private-token-request". An example request for the Issuer Request URL "https://issuer.example.net/request" is shown below.</t><artwork><![CDATA[<sourcecode name="" type="http-message"><![CDATA[ POST /request HTTP/1.1 Host: issuer.example.net Accept: application/private-token-response Content-Type: application/private-token-request Content-Length: <Length of TokenRequest> <Bytes containing the TokenRequest>]]></artwork>]]></sourcecode> </section> <section anchor="private-response"> <name>Issuer-to-Client Response</name> <t>Upon receipt of the request, the Issuer validates the following conditions:</t> <ul spacing="normal"> <li>The TokenRequest contains a supported token_type.</li> <li>The TokenRequest.truncated_token_key_id corresponds to the truncated key ID of aPublic Keypublic key owned by the Issuer.</li> <li>The TokenRequest.blinded_msg is of the correct size.</li> </ul> <t>If any of these conditionsisare not met, the IssuerMUST<bcp14>MUST</bcp14> return an HTTP 422 (Unprocessable Content) error to theclient.</t>Client.</t> <t>If these conditions are met, the Issuer then tries to deserialize TokenRequest.blinded_msg using DeserializeElementfrom <xref(<xref section="2.1"sectionFormat="of" target="OPRF"/>,sectionFormat="comma" target="RFC9497"/>), yielding <tt>blinded_element</tt>. If this fails, the IssuerMUST<bcp14>MUST</bcp14> return an HTTP 422 (Unprocessable Content) error to theclient.Client. Otherwise, if the Issuer is willing to produce a token to the Client, the Issuer completes the issuance flow by computing a blinded response as follows:</t> <artwork><![CDATA[ server_context = SetupVOPRFServer("P384-SHA384", skI) evaluate_element, proof = server_context.BlindEvaluate(skI, pkI, blinded_element) ]]></artwork> <t>SetupVOPRFServer is defined in <xref section="3.2" sectionFormat="comma"target="OPRF"/>target="RFC9497"/>, and BlindEvaluate is defined in <xref section="3.3.2" sectionFormat="comma"target="OPRF"/>.target="RFC9497"/>. The Issuer then creates a TokenResponse structured as follows:</t> <artwork><![CDATA[ struct { uint8_t evaluate_msg[Ne]; uint8_t evaluate_proof[Ns+Ns]; } TokenResponse; ]]></artwork> <t>The structure fields are defined as follows:</t> <ul spacing="normal"> <li>"evaluate_msg" is the Ne-octet evaluated message, computed as <tt>SerializeElement(evaluate_element)</tt>.</li> <li>"evaluate_proof" is the (Ns+Ns)-octet serialized proof, which is a pair of Scalar values, computed as <tt>concat(SerializeScalar(proof[0]), SerializeScalar(proof[1]))</tt>.</li> </ul> <t>The Issuer generates an HTTP response with status code 200 whose content consists of TokenResponse, with the content type set as "application/private-token-response".</t><artwork><![CDATA[<sourcecode name="" type="http-message"><![CDATA[ HTTP/1.1 200 OK Content-Type: application/private-token-response Content-Length: <Length of TokenResponse> <Bytes containing the TokenResponse>]]></artwork>]]></sourcecode> </section> <section anchor="private-finalize"> <name>Finalization</name> <t>Upon receipt, the Client handles the response and, if successful, deserializes the content values TokenResponse.evaluate_msg and TokenResponse.evaluate_proof, yielding <tt>evaluated_element</tt> and <tt>proof</tt>. If deserialization of either value fails, the Client aborts the protocol. Otherwise, the Client processes the response as follows:</t> <artwork><![CDATA[ authenticator = client_context.Finalize(token_input, blind, evaluated_element, blinded_element, proof) ]]></artwork> <t>The Finalize function is defined in <xref section="3.3.2" sectionFormat="comma"target="OPRF"/>.target="RFC9497"/>. If this succeeds, the Client then constructs aTokentoken as follows:</t> <artwork><![CDATA[ struct { uint16_t token_type = 0x0001; /* Type VOPRF(P-384, SHA-384) */ uint8_t nonce[32]; uint8_t challenge_digest[32]; uint8_t token_key_id[32]; uint8_t authenticator[Nk]; } Token; ]]></artwork> <t>The Token.nonce value is the value thatwhichwas createdinaccording to <xreftarget="private-request"/>.target="token-verification"/>. If the Finalize function fails, the Client aborts the protocol.</t> </section> <section anchor="token-verification"> <name>Token Verification</name> <t>Verifying aTokentoken requires creating aVOPRFVerifiable Oblivious Pseudorandom Function (VOPRF) context using the Issuer Private Key and Public Key, evaluating the token contents, and comparing the result against the token authenticator value:</t> <artwork><![CDATA[ server_context = SetupVOPRFServer("P384-SHA384", skI) token_authenticator_input = concat(Token.token_type, Token.nonce, Token.challenge_digest, Token.token_key_id) token_authenticator = server_context.Evaluate(token_authenticator_input) valid = (token_authenticator == Token.authenticator) ]]></artwork> </section> <section anchor="issuer-configuration"> <name>Issuer Configuration</name> <t>Issuers are configured with Issuer Private Keys and Public Keys, each denoted <tt>skI</tt> and <tt>pkI</tt>, respectively, used to produce tokens. These keysMUST NOT<bcp14>MUST NOT</bcp14> be reused in other protocols. ARECOMMENDED<bcp14>RECOMMENDED</bcp14> method for generating keys is as follows:</t> <artwork><![CDATA[ seed = random(Ns) (skI, pkI) = DeriveKeyPair(seed, "PrivacyPass") ]]></artwork> <t>The DeriveKeyPair function is defined in <xrefsection="3.3.1"section="3.2.1" sectionFormat="comma"target="OPRF"/>.target="RFC9497"/>. The key identifier for a public key <tt>pkI</tt>, denoted <tt>token_key_id</tt>, is computed as follows:</t> <artwork><![CDATA[ token_key_id = SHA256(SerializeElement(pkI)) ]]></artwork> <t>Since Clients truncate <tt>token_key_id</tt> in each <tt>TokenRequest</tt>, IssuersSHOULD<bcp14>SHOULD</bcp14> ensure that the truncatedformforms of new key IDs do not collide with other truncated key IDs in rotation. Collisions can cause the Issuer to use the wrong Issuer Private Key for issuance, which will in turn cause the resulting tokens to be invalid. There is no known security consequence of using thethewrong Issuer Private Key.A A possible exception to this constraint would be a colliding key that is still in use but is in the process of being rotated out, in which case the collision cannot reasonably beavoided but itavoided; however, this situation is expected to be transient.</t> </section> </section> <section anchor="public-flow"> <name>Issuance Protocol for Publicly Verifiable Tokens</name> <t>This section describes a variant of the issuance protocol discussed in <xref target="private-flow"/> for producing publicly verifiable tokens using the protocol defined in <xreftarget="BLINDRSA"/>.target="RFC9474"/>. In particular, this variant of the issuance protocol works for the RSABSSA-SHA384-PSS-Deterministic and RSABSSA-SHA384-PSSZERO-Deterministic blind RSA protocol variants described in <xref section="5" sectionFormat="of"target="BLINDRSA"/>.</t>target="RFC9474"/>.</t> <t>The publicly verifiable issuance protocol differs from the protocol defined in <xref target="private-flow"/> in that the output tokens are publicly verifiable by anyone with the Issuer Public Key.This This means any Origin can select a given Issuer to produce tokens, as long as the Origin has the Issuerpublic key,Public Key, without explicit coordination or permission from the Issuer. This is because the Issuer does not learn the Origin that requested the token during the issuance protocol.</t> <t>Beyond this difference, the publicly verifiable issuance protocol variant is nearly identical to the privately verifiable issuance protocol variant. In particular, Issuers provide an Issuer Private Key and Public Key, denoted skI and pkI, respectively, used to produce tokens as input to the protocol. See <xref target="public-issuer-configuration"/> for information about how these keys are generated.</t> <t>Clients provide the following as input to the issuance protocol:</t><ul<dl spacing="normal"><li>Issuer<dt>Issuer RequestURL: AURL:</dt><dd>A URL identifying the location to which issuance requests are sent. This can be a URL derived from the "issuer-request-uri" value in the Issuer's directory resource, or it can be another Client-configured URL. The value of this parameter depends on the Client configuration and deployment model. For example, in the'Split"Split Origin, Attester,Issuer'Issuer" deploymentmodel,model (<xref target="RFC9576" sectionFormat="comma" section="4.4"/>), the Issuer Request URL might correspond to the Client's configured Attester, and the Attester is configured to relay requests to theIssuer.</li> <li>Issuer name: AnIssuer.</dd> <dt>Issuer name:</dt><dd>An identifier for the Issuer. This is typically ahost namehostname that can be used to construct HTTP requests to theIssuer.</li> <li>IssuerIssuer.</dd> <dt>Issuer PublicKey: <tt>pkI</tt>,Key:</dt><dd><tt>pkI</tt>, with a key identifier <tt>token_key_id</tt> computed as described in <xreftarget="public-issuer-configuration"/>.</li> <li>Challenge value: <tt>challenge</tt>,target="public-issuer-configuration"/>.</dd> <dt>Challenge value:</dt><dd><tt>challenge</tt> -- an opaque byte string. For example, this might be provided by the redemption protocol described in <xreftarget="AUTHSCHEME"/>.</li> </ul>target="RFC9577"/>.</dd> </dl> <t>Given this configuration and these inputs, the two messages exchanged in this protocol are described below.TheFor this protocol, the constant <tt>Nk</tt> is defined by <xref target="public-token-type"/>.</t> <section anchor="public-request"> <name>Client-to-Issuer Request</name> <t>The Client first creates an issuance request message for a random 32-bytevalue<tt>nonce</tt> using the input challenge and Issuer key identifier as follows:</t> <artwork><![CDATA[ nonce = random(32) challenge_digest = SHA256(challenge) token_input = concat(0x0002, //Token typetoken-type field is 2 bytes long nonce, challenge_digest, token_key_id) blinded_msg, blind_inv = Blind(pkI, PrepareIdentity(token_input)) ]]></artwork> <t>The PrepareIdentity and Blind functions are defined in<xrefSections <xref target="RFC9474" section="4.1"sectionFormat="of" target="BLINDRSA"/>sectionFormat="bare"/> and <xref target="RFC9474" section="4.2"sectionFormat="of" target="BLINDRSA"/>,sectionFormat="bare"/> of <xref target="RFC9474"/>, respectively. The Client stores the nonce and challenge_digest values locally for use when finalizing the issuance protocol to produce a token (as described in <xref target="public-finalize"/>).</t> <t>The Client then creates a TokenRequest structured as follows:</t> <artwork><![CDATA[ struct { uint16_t token_type = 0x0002; /* Type Blind RSA (2048-bit) */ uint8_t truncated_token_key_id; uint8_t blinded_msg[Nk]; } TokenRequest; ]]></artwork> <t>The structure fields are defined as follows:</t> <ul spacing="normal"> <li>"token_type" is a 2-octet integer, which matches the type in the challenge.</li> <li>"truncated_token_key_id" is the least significant byte of the <tt>token_key_id</tt> (<xref target="public-issuer-configuration"/>) in network byte order (in other words, the last 8 bits of <tt>token_key_id</tt>). This value is truncated so that Issuers cannot use <tt>token_key_id</tt> as a way of uniquely identifying Clients; see<xref target="security"/> andreferenced information from <xref target="security"/> for more details.</li> <li>"blinded_msg" is the Nk-octet request defined above.</li> </ul> <t>The Client then generates an HTTP POST request to send to the Issuer Request URL, with the TokenRequest as the content. The media type for this request is "application/private-token-request". An example request for the Issuer Request URL "https://issuer.example.net/request" is shown below.</t><artwork><![CDATA[<sourcecode name="" type="http-message"><![CDATA[ POST /request HTTP/1.1 Host: issuer.example.net Accept: application/private-token-response Content-Type: application/private-token-request Content-Length: <Length of TokenRequest> <Bytes containing the TokenRequest>]]></artwork>]]></sourcecode> </section> <section anchor="public-response"> <name>Issuer-to-Client Response</name> <t>Upon receipt of the request, the Issuer validates the following conditions:</t> <ul spacing="normal"> <li>The TokenRequest contains a supported token_type.</li> <li>The TokenRequest.truncated_token_key_id corresponds to the truncated key ID of an Issuer Public Key.</li> <li>The TokenRequest.blinded_msg is of the correct size.</li> </ul> <t>If any of these conditionsisare not met, the IssuerMUST<bcp14>MUST</bcp14> return an HTTP 422 (Unprocessable Content) error to the Client. Otherwise, if the Issuer is willing to produce a token to the Client, the Issuer completes the issuance flow by computing a blinded response as follows:</t> <artwork><![CDATA[ blind_sig = BlindSign(skI, TokenRequest.blinded_msg) ]]></artwork> <t>The BlindSign function is defined in <xref section="4.3" sectionFormat="of"target="BLINDRSA"/>.target="RFC9474"/>. The result is encoded and transmitted to theclientClient in the following TokenResponse structure:</t> <artwork><![CDATA[ struct { uint8_t blind_sig[Nk]; } TokenResponse; ]]></artwork> <t>The Issuer generates an HTTP response with status code 200 whose content consists of TokenResponse, with the content type set as "application/private-token-response".</t><artwork><![CDATA[<sourcecode name="" type="http-message"><![CDATA[ HTTP/1.1 200 OK Content-Type: application/private-token-response Content-Length: <Length of TokenResponse> <Bytes containing the TokenResponse>]]></artwork>]]></sourcecode> </section> <section anchor="public-finalize"> <name>Finalization</name> <t>Upon receipt, the Client handles the response and, if successful, processes the content as follows:</t> <artwork><![CDATA[ authenticator = Finalize(pkI, nonce, blind_sig, blind_inv) ]]></artwork> <t>The Finalize function is defined in <xref section="4.4" sectionFormat="of"target="BLINDRSA"/>.target="RFC9474"/>. If this succeeds, the Client then constructs aTokentoken as described in <xreftarget="AUTHSCHEME"/>target="RFC9577"/> as follows:</t> <artwork><![CDATA[ struct { uint16_t token_type = 0x0002; /* Type Blind RSA (2048-bit) */ uint8_t nonce[32]; uint8_t challenge_digest[32]; uint8_t token_key_id[32]; uint8_t authenticator[Nk]; } Token; ]]></artwork> <t>The Token.nonce value is the value thatwhichwas sampledinaccording to <xreftarget="private-request"/>.target="public-request"/>. If the Finalize function fails, the Client aborts the protocol.</t> </section> <section anchor="token-verification-1"> <name>Token Verification</name> <t>Verifying aTokentoken requires checking that Token.authenticator is a valid signature over the remainder of the token input using the Issuer Public Key.The The function <tt>RSASSA-PSS-VERIFY</tt> is defined in <xref section="8.1.2" sectionFormat="of" target="RFC8017"/>, using SHA-384 as theHashhash function, MGF1 with SHA-384 as thePSSProbabilistic Signature Scheme (PSS) mask generation function (MGF), and a 48-byte salt length (sLen).</t> <artwork><![CDATA[ token_authenticator_input = concat(Token.token_type, Token.nonce, Token.challenge_digest, Token.token_key_id) valid = RSASSA-PSS-VERIFY(pkI, token_authenticator_input, Token.authenticator) ]]></artwork> </section> <section anchor="public-issuer-configuration"> <name>Issuer Configuration</name> <t>Issuers are configured with Issuer Private Keys and Public Keys, each denoted skI and pkI, respectively, used to produce tokens. Each keySHALL<bcp14>SHALL</bcp14> be generatedsecurely,securely -- forexampleexample, as specified in FIPS 186-5 <xref target="DSS"/>. These keysMUST NOT<bcp14>MUST NOT</bcp14> be reused in other protocols.</t> <t>The key identifier for an Issuer Private Key and Public Key (skI, pkI), denoted <tt>token_key_id</tt>, is computed as SHA256(encoded_key), where encoded_key is a DER-encoded SubjectPublicKeyInfo<xref target="RFC5280"/>(SPKI) object <xref target="RFC5280"/> carrying pkI as a DER-encoded RSAPublicKey value <xref target="RFC5756"/> in the subjectPublicKey field. Additionally,the(1) the SPKI objectMUST<bcp14>MUST</bcp14> use the id-RSASSA-PSS object identifier in the algorithm field within the SPKIobject, theobject and (2) the parameters fieldMUST<bcp14>MUST</bcp14> containaan RSASSA-PSS-paramsvalue,value andMUST<bcp14>MUST</bcp14> include the hashAlgorithm, maskGenAlgorithm, and saltLength values. The saltLengthMUST<bcp14>MUST</bcp14> match the output size of the hash function associated with the public key and token type.</t> <t>An example sequence of the SPKI object (in ASN.1 format, with the actual public key bytes truncated) for a 2048-bit key is shown below:</t> <artwork><![CDATA[ $ cat spki.bin | xxd -r -p | openssl asn1parse -dump -inform DER 0:d=0 hl=4 l= 338 cons: SEQUENCE 4:d=1 hl=2 l= 61 cons: SEQUENCE 6:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss 17:d=2 hl=2 l= 48 cons: SEQUENCE 19:d=3 hl=2 l= 13 cons: cont [ 0 ] 21:d=4 hl=2 l= 11 cons: SEQUENCE 23:d=5 hl=2 l= 9 prim: OBJECT :sha384 34:d=3 hl=2 l= 26 cons: cont [ 1 ] 36:d=4 hl=2 l= 24 cons: SEQUENCE 38:d=5 hl=2 l= 9 prim: OBJECT :mgf1 49:d=5 hl=2 l= 11 cons: SEQUENCE 51:d=6 hl=2 l= 9 prim: OBJECT :sha384 62:d=3 hl=2 l= 3 cons: cont [ 2 ] 64:d=4 hl=2 l= 1 prim: INTEGER :30 67:d=1 hl=4 l= 271 prim: BIT STRING ... truncated public key bytes ... ]]></artwork> <t>Since Clients truncate <tt>token_key_id</tt> in each <tt>TokenRequest</tt>, IssuersSHOULD<bcp14>SHOULD</bcp14> ensure that the truncatedformforms of new key IDs do not collide with other truncated key IDs in rotation. Collisions can cause the Issuer to use the wrong Issuer Private Key for issuance, which will in turn cause the resulting tokens to be invalid. There is no known security consequence of using thethewrong Issuer Private Key.A A possible exception to this constraint would be a colliding key that is still in use but is in the process of being rotated out, in which case the collision cannot reasonably beavoided but itavoided; however, this situation is expected to be transient.</t> </section> </section> <section anchor="security"> <name>Securityconsiderations</name>Considerations</name> <t>This document outlines how to instantiate theIssuanceissuance protocol based on the VOPRF defined in <xreftarget="OPRF"/>target="RFC9497"/> and the blind RSA protocol defined in <xreftarget="BLINDRSA"/>.target="RFC9474"/>. All security considerations described in the VOPRF and blind RSA documents also apply in the Privacy Passuse-case.use case. Considerations related to broader privacy and security concerns in a multi-Client and multi-Issuer setting aredeferred tocovered in the architecture document <xreftarget="ARCHITECTURE"/>.target="RFC9576"/>. In particular,Section <xref target="ARCHITECTURE"Sections <xref target="RFC9576" section="4" sectionFormat="bare"/> andSection<xreftarget="ARCHITECTURE"target="RFC9576" section="5" sectionFormat="bare"/> of <xreftarget="ARCHITECTURE"/>target="RFC9576"/> discuss relevant privacy considerations influenced by the Privacy Pass deploymentmodel,models, and <xref section="6" sectionFormat="of"target="ARCHITECTURE"/>target="RFC9576"/> discusses privacy considerations that apply regardless of deployment model. Notable considerations include those pertaining to Issuer Public Key rotation andconsistency,consistency -- where consistency is as described in <xreftarget="CONSISTENCY"/>,target="I-D.ietf-privacypass-key-consistency"/> -- and Issuer selection.</t> </section> <section anchor="iana-considerations"> <name>IANAconsiderations</name> <t>This section contains considerations for IANA.</t>Considerations</name> <section anchor="wkuri-reg"> <name>Well-Known'private-token-issuer-directory'"private-token-issuer-directory" URI</name><t>This document updates<t>IANA has updated the "Well-Known URIs"Registryregistry <xref target="WellKnownURIs"/> with the following values.</t> <table anchor="wellknownuri-values"><name>'private-token-issuer-directory'<name>"private-token-issuer-directory" Well-Known URI</name> <thead> <tr> <th align="left">URI Suffix</th> <th align="left">Change Controller</th> <th align="left">Reference</th> <th align="left">Status</th> <th align="left">Relatedinformation</th>Information</th> </tr> </thead> <tbody> <tr> <td align="left">private-token-issuer-directory</td> <td align="left">IETF</td> <tdalign="left">[this document]</td>align="left">RFC 9578</td> <td align="left">permanent</td> <td align="left">None</td> </tr> </tbody> </table> </section> <section anchor="token-type"><name>Token Type Registry Updates</name> <t>This document updates<name>Privacy Pass Token Types</name> <t>IANA has updated the "Privacy Pass TokenType" RegistryTypes" registry <xref target="PrivPassTokenTypes"/> with thefollowing entries.</t>entries below.</t> <section anchor="private-token-type"> <name>Token TypeVOPRF (P-384,VOPRF(P-384, SHA-384)</name><ul spacing="normal"> <li>Value: 0x0001</li> <li>Name: VOPRF (P-384, SHA-384)</li> <li>Token Structure: As<dl spacing="compact"> <dt>Value:</dt><dd>0x0001</dd> <dt>Name:</dt><dd>VOPRF(P-384, SHA-384)</dd> <dt>Token Structure:</dt><dd>As defined in <xrefsection="2.2"target="RFC9577" sectionFormat="of"target="AUTHSCHEME"/></li> <li>Tokensection="2.2"/>.</dd> <dt>Token KeyEncoding: SerializedEncoding:</dt><dd>Serialized using SerializeElementfrom <xref section="2.1"(<xref target="RFC9497" sectionFormat="of"target="OPRF"/></li> <li>TokenChallenge Structure: Assection="2.1"/>).</dd> <dt>TokenChallenge Structure:</dt><dd>As defined in <xrefsection="2.1"target="RFC9577" sectionFormat="of"target="AUTHSCHEME"/></li> <li>Public Verifiability: N</li> <li>Public Metadata: N</li> <li>Private Metadata: N</li> <li>Nk: 48</li> <li>Nid: 32</li> <li>Reference: <xref target="private-flow"/></li> <li>Notes: None</li> </ul>section="2.1"/>.</dd> <dt>Publicly Verifiable:</dt><dd>N</dd> <dt>Public Metadata:</dt><dd>N</dd> <dt>Private Metadata:</dt><dd>N</dd> <dt>Nk:</dt><dd>48</dd> <dt>Nid:</dt><dd>32</dd> <dt>Change controller:</dt><dd>IETF</dd> <dt>Reference:</dt><dd>RFC 9578, <xref target="private-flow"/></dd> <dt>Notes:</dt><dd>None</dd> </dl> </section> <section anchor="public-token-type"> <name>Token Type Blind RSA (2048-bit)</name><ul spacing="normal"> <li>Value: 0x0002</li> <li>Name: Blind<dl spacing="compact"> <dt>Value:</dt><dd>0x0002</dd> <dt>Name:</dt><dd>Blind RSA(2048-bit)</li> <li>Token Structure: As(2048-bit)</dd> <dt>Token Structure:</dt><dd>As defined in <xrefsection="2.2"target="RFC9577" sectionFormat="of"target="AUTHSCHEME"/></li> <li>Tokensection="2.2"/>.</dd> <dt>Token KeyEncoding: SerializedEncoding:</dt><dd>Serialized as a DER-encoded SubjectPublicKeyInfo (SPKI) object using the RSASSA-PSS OID <xreftarget="RFC5756"/></li> <li>TokenChallenge Structure: Astarget="RFC5756"/>.</dd> <dt>TokenChallenge Structure:</dt><dd>As defined in <xrefsection="2.1"target="RFC9577" sectionFormat="of"target="AUTHSCHEME"/></li> <li>Public Verifiability: Y</li> <li>Public Metadata: N</li> <li>Private Metadata: N</li> <li>Nk: 256</li> <li>Nid: 32</li> <li>Reference:section="2.1"/>.</dd> <dt>Publicly Verifiable:</dt><dd>Y</dd> <dt>Public Metadata:</dt><dd>N</dd> <dt>Private Metadata:</dt><dd>N</dd> <dt>Nk:</dt><dd>256</dd> <dt>Nid:</dt><dd>32</dd> <dt>Change controller:</dt><dd>IETF</dd> <dt>Reference:</dt><dd>RFC 9578, <xreftarget="public-flow"/></li> <li>Notes: Thetarget="public-flow"/></dd> <dt>Notes:</dt><dd>The RSABSSA-SHA384-PSS-Deterministic and RSABSSA-SHA384-PSSZERO-Deterministic variants aresupported</li> </ul>supported.</dd> </dl> </section> </section> <section anchor="media-types"> <name>Media Types</name><t>The<t>IANA has added the following entriesshould be addedto theIANA "media types" registry:</t>"Media Types" registry <xref target="MediaTypes"/>:</t> <ul spacing="normal"> <li>"application/private-token-issuer-directory"</li> <li>"application/private-token-request"</li> <li>"application/private-token-response"</li> </ul> <t>The templates for these entries are listedbelow and thebelow. The referenceshould beis this RFC.</t> <section anchor="applicationprivate-token-issuer-directory-media-type"> <name>"application/private-token-issuer-directory"media type</name>Media Type</name> <dlspacing="compact">spacing="normal"> <dt>Type name:</dt> <dd> <t>application</t> </dd> <dt>Subtype name:</dt> <dd> <t>private-token-issuer-directory</t> </dd> <dt>Required parameters:</dt> <dd> <t>N/A</t> </dd> <dt>Optional parameters:</dt> <dd> <t>N/A</t> </dd> <dt>Encoding considerations:</dt> <dd><t>"binary"</t><t>binary</t> </dd> <dt>Security considerations:</dt> <dd><t>see<t>See <xreftarget="setup"/></t>target="security"/> of RFC 9578.</t> </dd> <dt>Interoperability considerations:</dt> <dd> <t>N/A</t> </dd> <dt>Published specification:</dt> <dd><t>this specification</t><t>RFC 9578</t> </dd> <dt>Applications that use this media type:</dt> <dd> <t>Services that implement the Privacy PassissuerIssuer role, andclientClient applications that interact with theissuerIssuer for the purposes of issuing or redeeming tokens.</t> </dd> <dt>Fragment identifier considerations:</dt> <dd> <t>N/A</t> </dd> <dt>Additional information:</dt><dd><dd><t><br/></t> <dl spacing="compact"><dt>Magic number(s):</dt> <dd>N/A</dd><dt>Deprecated alias names for this type:</dt><dd>N/A</dd><dd><t>N/A</t></dd> <dt>Magic number(s):</dt> <dd><t>N/A</t></dd> <dt>File extension(s):</dt><dd>N/A</dd><dd><t>N/A</t></dd> <dt>Macintosh file type code(s):</dt><dd>N/A</dd><dd><t>N/A</t></dd> </dl> </dd> <dt>Personand& email address to contact for further information:</dt> <dd><t>see<t>See the Authors' Addressessection</t>section of RFC 9578.</t> </dd> <dt>Intended usage:</dt> <dd> <t>COMMON</t> </dd> <dt>Restrictions on usage:</dt> <dd> <t>N/A</t> </dd> <dt>Author:</dt> <dd><t>see<t>See the Authors' Addressessection</t>section of RFC 9578.</t> </dd> <dt>Change controller:</dt> <dd> <t>IETF</t> </dd> </dl> </section> <section anchor="applicationprivate-token-request-media-type"> <name>"application/private-token-request"media type</name>Media Type</name> <dlspacing="compact">spacing="normal"> <dt>Type name:</dt> <dd> <t>application</t> </dd> <dt>Subtype name:</dt> <dd> <t>private-token-request</t> </dd> <dt>Required parameters:</dt> <dd> <t>N/A</t> </dd> <dt>Optional parameters:</dt> <dd> <t>N/A</t> </dd> <dt>Encoding considerations:</dt> <dd><t>"binary"</t><t>binary</t> </dd> <dt>Security considerations:</dt> <dd><t>see<t>See <xreftarget="security"/></t>target="security"/> of RFC 9578.</t> </dd> <dt>Interoperability considerations:</dt> <dd> <t>N/A</t> </dd> <dt>Published specification:</dt> <dd><t>this specification</t><t>RFC 9578</t> </dd> <dt>Applications that use this media type:</dt> <dd> <t>Applications that want to issue or facilitate issuance of Privacy Pass tokens, including Privacy PassissuerIssuer applications themselves.</t> </dd> <dt>Fragment identifier considerations:</dt> <dd> <t>N/A</t> </dd> <dt>Additional information:</dt><dd><dd><t><br/></t> <dl spacing="compact"><dt>Magic number(s):</dt> <dd>N/A</dd><dt>Deprecated alias names for this type:</dt><dd>N/A</dd><dd><t>N/A</t></dd> <dt>Magic number(s):</dt> <dd><t>N/A</t></dd> <dt>File extension(s):</dt><dd>N/A</dd><dd><t>N/A</t></dd> <dt>Macintosh file type code(s):</dt><dd>N/A</dd><dd><t>N/A</t></dd> </dl> </dd> <dt>Personand& email address to contact for further information:</dt> <dd><t>see<t>See the Authors' Addressessection</t>section of RFC 9578.</t> </dd> <dt>Intended usage:</dt> <dd> <t>COMMON</t> </dd> <dt>Restrictions on usage:</dt> <dd> <t>N/A</t> </dd> <dt>Author:</dt> <dd><t>see<t>See the Authors' Addressessection</t>section of RFC 9578.</t> </dd> <dt>Change controller:</dt> <dd> <t>IETF</t> </dd> </dl> </section> <section anchor="applicationprivate-token-response-media-type"> <name>"application/private-token-response"media type</name>Media Type</name> <dlspacing="compact">spacing="normal"> <dt>Type name:</dt> <dd> <t>application</t> </dd> <dt>Subtype name:</dt> <dd> <t>private-token-response</t> </dd> <dt>Required parameters:</dt> <dd> <t>N/A</t> </dd> <dt>Optional parameters:</dt> <dd> <t>N/A</t> </dd> <dt>Encoding considerations:</dt> <dd><t>"binary"</t><t>binary</t> </dd> <dt>Security considerations:</dt> <dd><t>see<t>See <xreftarget="security"/></t>target="security"/> of RFC 9578.</t> </dd> <dt>Interoperability considerations:</dt> <dd> <t>N/A</t> </dd> <dt>Published specification:</dt> <dd><t>this specification</t><t>RFC 9578</t> </dd> <dt>Applications that use this media type:</dt> <dd> <t>Applications that want to issue or facilitate issuance of Privacy Pass tokens, including Privacy PassissuerIssuer applications themselves.</t> </dd> <dt>Fragment identifier considerations:</dt> <dd> <t>N/A</t> </dd> <dt>Additional information:</dt><dd><dd><t><br/></t> <dl spacing="compact"><dt>Magic number(s):</dt> <dd>N/A</dd><dt>Deprecated alias names for this type:</dt><dd>N/A</dd><dd><t>N/A</t></dd> <dt>Magic number(s):</dt> <dd><t>N/A</t></dd> <dt>File extension(s):</dt><dd>N/A</dd><dd><t>N/A</t></dd> <dt>Macintosh file type code(s):</dt><dd>N/A</dd><dd><t>N/A</t></dd> </dl> </dd> <dt>Personand& email address to contact for further information:</dt> <dd><t>see<t>See the Authors' Addressessection</t>section of RFC 9578.</t> </dd> <dt>Intended usage:</dt> <dd> <t>COMMON</t> </dd> <dt>Restrictions on usage:</dt> <dd> <t>N/A</t> </dd> <dt>Author:</dt> <dd><t>see<t>See the Authors' Addressessection</t>section of RFC 9578.</t> </dd> <dt>Change controller:</dt> <dd> <t>IETF</t> </dd> </dl> </section> </section> </section> </middle> <back> <displayreference target="RFC9576" to="ARCHITECTURE"/> <displayreference target="RFC9110" to="HTTP"/> <displayreference target="RFC9497" to="OPRF"/> <displayreference target="RFC9474" to="BLINDRSA"/> <displayreference target="RFC8446" to="TLS13"/> <displayreference target="RFC8877" to="TIMESTAMP"/> <displayreference target="RFC9577" to="AUTHSCHEME"/> <displayreference target="I-D.ietf-privacypass-key-consistency" to="CONSISTENCY"/> <references> <name>References</name> <references> <name>Normative References</name><reference anchor="RFC2119"> <front> <title>Key words for use in RFCs to Indicate Requirement Levels</title> <author fullname="S. Bradner" initials="S." surname="Bradner"/> <date month="March" year="1997"/> <abstract> <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="2119"/> <seriesInfo name="DOI" value="10.17487/RFC2119"/> </reference><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <reference anchor="WellKnownURIs"target="https://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml">target="https://www.iana.org/assignments/well-known-uris/"> <front> <title>Well-Known URIs</title> <author><organization/><organization>IANA</organization> </author><date>n.d.</date><date></date> </front> </reference> <referenceanchor="ARCHITECTURE">anchor="PrivPassTokenTypes" target="https://www.iana.org/assignments/privacy-pass/"> <front><title>The Privacy<title>Privacy PassArchitecture</title> <author fullname="Alex Davidson" initials="A." surname="Davidson"> <organization>LIP</organization> </author> <author fullname="Jana Iyengar" initials="J." surname="Iyengar"> <organization>Fastly</organization> </author> <author fullname="Christopher A. Wood" initials="C. A." surname="Wood"> <organization>Cloudflare</organization>Token Types</title> <author> <organization>IANA</organization> </author><date day="25" month="September" year="2023"/> <abstract> <t> This document specifies the Privacy Pass architecture and requirements for its constituent protocols used for authorization based on privacy-preserving authentication mechanisms. It describes the conceptual model of Privacy Pass and its protocols, its security and privacy goals, practical deployment models, and recommendations for each deployment model that helps ensure the desired security and privacy goals are fulfilled. </t> </abstract><date></date> </front><seriesInfo name="Internet-Draft" value="draft-ietf-privacypass-architecture-16"/></reference> <referenceanchor="HTTP">anchor="MediaTypes" target="https://www.iana.org/assignments/media-types/"> <front><title>HTTP Semantics</title> <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/> <author fullname="M. Nottingham" initials="M." role="editor" surname="Nottingham"/> <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/> <date month="June" year="2022"/> <abstract> <t>The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document describes the overall architecture of HTTP, establishes common terminology, and defines aspects of the protocol that are shared by all versions. In this definition are core protocol elements, extensibility mechanisms, and the "http" and "https" Uniform Resource Identifier (URI) schemes.</t> <t>This document updates RFC 3864 and obsoletes RFCs 2818, 7231, 7232, 7233, 7235, 7538, 7615, 7694, and portions of 7230.</t> </abstract> </front> <seriesInfo name="STD" value="97"/> <seriesInfo name="RFC" value="9110"/> <seriesInfo name="DOI" value="10.17487/RFC9110"/> </reference> <reference anchor="OPRF"> <front> <title>Oblivious Pseudorandom Functions (OPRFs) using Prime-Order Groups</title> <author fullname="Alex Davidson" initials="A." surname="Davidson"> <organization>Brave Software</organization> </author> <author fullname="Armando Faz-Hernandez" initials="A." surname="Faz-Hernandez"> <organization>Cloudflare, Inc.</organization> </author> <author fullname="Nick Sullivan" initials="N." surname="Sullivan"> <organization>Cloudflare, Inc.</organization> </author> <author fullname="Christopher A. Wood" initials="C. A." surname="Wood"> <organization>Cloudflare, Inc.</organization><title>Media Types</title> <author> <organization>IANA</organization> </author><date day="21" month="February" year="2023"/> <abstract> <t> An Oblivious Pseudorandom Function (OPRF) is a two-party protocol between client and server for computing the output of a Pseudorandom Function (PRF). The server provides the PRF private key, and the client provides the PRF input. At the end of the protocol, the client learns the PRF output without learning anything about the PRF private key, and the server learns neither the PRF input nor output. An OPRF can also satisfy a notion of 'verifiability', called a VOPRF. A VOPRF ensures clients can verify that the server used a specific private key during the execution of the protocol. A VOPRF can also be partially-oblivious, called a POPRF. A POPRF allows clients and servers to provide public input to the PRF computation. This document specifies an OPRF, VOPRF, and POPRF instantiated within standard prime-order groups, including elliptic curves. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF. </t> </abstract><date></date> </front><seriesInfo name="Internet-Draft" value="draft-irtf-cfrg-voprf-21"/></reference> <!-- draft-ietf-privacypass-architecture (RFC 9576) --> <referenceanchor="BLINDRSA">anchor="RFC9576" target="https://www.rfc-editor.org/info/rfc9576"> <front><title>RSA Blind Signatures</title><title>The Privacy Pass Architecture</title> <authorfullname="Frank Denis" initials="F." surname="Denis"> <organization>Fastly Inc.</organization>initials='A' surname='Davidson' fullname='Alex Davidson'> <organization /> </author> <authorfullname="Frederic Jacobs" initials="F." surname="Jacobs"> <organization>Apple Inc.</organization>initials='J' surname='Iyengar' fullname='Jana Iyengar'> <organization /> </author> <authorfullname="Christopherinitials='C. A.' surname='Wood' fullname='Christopher A.Wood" initials="C. A." surname="Wood"> <organization>Cloudflare</organization>Wood'> <organization /> </author> <dateday="10" month="July" year="2023"/> <abstract> <t> This document specifies an RSA-based blind signature protocol. RSA blind signatures were first introduced by Chaum for untraceable payments. A signature that is output from this protocol can be verified as an RSA-PSS signature. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF. Discussion Venues This note is to be removed before publishing as an RFC. Source for this draft and an issue tracker can be found at https://github.com/chris-wood/draft-wood-cfrg-blind-signatures. </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-irtf-cfrg-rsa-blind-signatures-14"/> </reference> <reference anchor="RFC8174"> <front> <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title> <author fullname="B. Leiba" initials="B." surname="Leiba"/> <date month="May" year="2017"/> <abstract> <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="8174"/> <seriesInfo name="DOI" value="10.17487/RFC8174"/> </reference> <reference anchor="TLS13"> <front> <title>The Transport Layer Security (TLS) Protocol Version 1.3</title> <author fullname="E. Rescorla" initials="E." surname="Rescorla"/> <date month="August" year="2018"/> <abstract> <t>This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.</t> <t>This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.</t> </abstract> </front> <seriesInfo name="RFC" value="8446"/> <seriesInfo name="DOI" value="10.17487/RFC8446"/> </reference> <reference anchor="RFC8259"> <front> <title>The JavaScript Object Notation (JSON) Data Interchange Format</title> <author fullname="T. Bray" initials="T." role="editor" surname="Bray"/> <date month="December" year="2017"/> <abstract> <t>JavaScript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format. It was derived from the ECMAScript Programming Language Standard. JSON defines a small set of formatting rules for the portable representation of structured data.</t> <t>This document removes inconsistencies with other specifications of JSON, repairs specification errors, and offers experience-based interoperability guidance.</t> </abstract> </front> <seriesInfo name="STD" value="90"/> <seriesInfo name="RFC" value="8259"/> <seriesInfo name="DOI" value="10.17487/RFC8259"/> </reference> <reference anchor="RFC4648"> <front> <title>The Base16, Base32, and Base64 Data Encodings</title> <author fullname="S. Josefsson" initials="S." surname="Josefsson"/> <date month="October" year="2006"/> <abstract> <t>This document describes the commonly used base 64, base 32, and base 16 encoding schemes. It also discusses the use of line-feeds in encoded data, use of padding in encoded data, use of non-alphabet characters in encoded data, use of different encoding alphabets, and canonical encodings. [STANDARDS-TRACK]</t> </abstract>year='2024' month='May'/> </front> <seriesInfo name="RFC"value="4648"/>value="9576"/> <seriesInfo name="DOI"value="10.17487/RFC4648"/> </reference> <reference anchor="TIMESTAMP"> <front> <title>Guidelines for Defining Packet Timestamps</title> <author fullname="T. Mizrahi" initials="T." surname="Mizrahi"/> <author fullname="J. Fabini" initials="J." surname="Fabini"/> <author fullname="A. Morton" initials="A." surname="Morton"/> <date month="September" year="2020"/> <abstract> <t>Various network protocols make use of binary-encoded timestamps that are incorporated in the protocol packet format, referred to as "packet timestamps" for short. This document specifies guidelines for defining packet timestamp formats in networking protocols at various layers. It also presents three recommended timestamp formats. The target audience of this document includes network protocol designers. It is expected that a new network protocol that requires a packet timestamp will, in most cases, use one of the recommended timestamp formats. If none of the recommended formats fits the protocol requirements, the new protocol specification should specify the format of the packet timestamp according to the guidelines in this document.</t> </abstract> </front> <seriesInfo name="RFC" value="8877"/> <seriesInfo name="DOI" value="10.17487/RFC8877"/>value="10.17487/RFC9576"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9110.xml"/> <!-- draft-irtf-cfrg-voprf (RFC 9497; published) --> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9497.xml"/> <!-- draft-irtf-cfrg-rsa-blind-signatures (RFC 9474; published) --> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9474.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8446.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8259.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4648.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8877.xml"/> <!-- draft-ietf-privacypass-auth-scheme (RFC 9577) --> <referenceanchor="AUTHSCHEME">anchor="RFC9577" target="https://www.rfc-editor.org/info/rfc9577"> <front> <title>The Privacy Pass HTTP Authentication Scheme</title> <authorfullname="Tommy Pauly"initials="T."surname="Pauly">surname="Pauly" fullname="Tommy Pauly"> <organization>Apple Inc.</organization> </author> <authorfullname="Steven Valdez"initials="S."surname="Valdez">surname="Valdez" fullname="Steven Valdez"> <organization>Google LLC</organization> </author> <authorfullname="Christopher A. Wood"initials="C. A."surname="Wood">surname="Wood" fullname="Christopher A. Wood"> <organization>Cloudflare</organization> </author> <dateday="25" month="September" year="2023"/> <abstract> <t> This document defines an HTTP authentication scheme for Privacy Pass, a privacy-preserving authentication mechanism used for authorization. The authentication scheme in this document can be used by clients to redeem Privacy Pass tokens with an origin. It can also be used by origins to challenge clients to present Privacy Pass tokens. </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-privacypass-auth-scheme-14"/> </reference> <reference anchor="RFC5861"> <front> <title>HTTP Cache-Control Extensions for Stale Content</title> <author fullname="M. Nottingham" initials="M." surname="Nottingham"/> <datemonth="May"year="2010"/> <abstract> <t>This document defines two independent HTTP Cache-Control extensions that allow control over the use of stale responses by caches. This document is not an Internet Standards Track specification; it is published for informational purposes.</t> </abstract>year="2024"/> </front> <seriesInfo name="RFC"value="5861"/>value="9577"/> <seriesInfo name="DOI"value="10.17487/RFC5861"/> </reference> <reference anchor="RFC9111"> <front> <title>HTTP Caching</title> <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/> <author fullname="M. Nottingham" initials="M." role="editor" surname="Nottingham"/> <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/> <date month="June" year="2022"/> <abstract> <t>The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document defines HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages.</t> <t>This document obsoletes RFC 7234.</t> </abstract> </front> <seriesInfo name="STD" value="98"/> <seriesInfo name="RFC" value="9111"/> <seriesInfo name="DOI" value="10.17487/RFC9111"/> </reference> <reference anchor="RFC8017"> <front> <title>PKCS #1: RSA Cryptography Specifications Version 2.2</title> <author fullname="K. Moriarty" initials="K." role="editor" surname="Moriarty"/> <author fullname="B. Kaliski" initials="B." surname="Kaliski"/> <author fullname="J. Jonsson" initials="J." surname="Jonsson"/> <author fullname="A. Rusch" initials="A." surname="Rusch"/> <date month="November" year="2016"/> <abstract> <t>This document provides recommendations for the implementation of public-key cryptography based on the RSA algorithm, covering cryptographic primitives, encryption schemes, signature schemes with appendix, and ASN.1 syntax for representing keys and for identifying the schemes.</t> <t>This document represents a republication of PKCS #1 v2.2 from RSA Laboratories' Public-Key Cryptography Standards (PKCS) series. By publishing this RFC, change control is transferred to the IETF.</t> <t>This document also obsoletes RFC 3447.</t> </abstract> </front> <seriesInfo name="RFC" value="8017"/> <seriesInfo name="DOI" value="10.17487/RFC8017"/> </reference> <reference anchor="RFC5756"> <front> <title>Updates for RSAES-OAEP and RSASSA-PSS Algorithm Parameters</title> <author fullname="S. Turner" initials="S." surname="Turner"/> <author fullname="D. Brown" initials="D." surname="Brown"/> <author fullname="K. Yiu" initials="K." surname="Yiu"/> <author fullname="R. Housley" initials="R." surname="Housley"/> <author fullname="T. Polk" initials="T." surname="Polk"/> <date month="January" year="2010"/> <abstract> <t>This document updates RFC 4055. It updates the conventions for using the RSA Encryption Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP) key transport algorithm in the Internet X.509 Public Key Infrastructure (PKI). Specifically, it updates the conventions for algorithm parameters in an X.509 certificate's subjectPublicKeyInfo field. [STANDARDS-TRACK]</t> </abstract> </front> <seriesInfo name="RFC" value="5756"/> <seriesInfo name="DOI" value="10.17487/RFC5756"/>value="10.17487/RFC9577"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5861.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9111.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8017.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5756.xml"/> </references> <references> <name>Informative References</name> <reference anchor="DSS" target="https://doi.org/10.6028/nist.fips.186-5"> <front> <title>Digital Signature Standard (DSS)</title><author fullname="Dustin Moody" surname="Moody"> <organization>National Institute of Standards and Technology</organization> </author><author> <organization>National Institute of Standards and Technology</organization> </author> <date month="February" year="2023"/><abstract> <t><jats:p /></t> </abstract> </front> <seriesInfo name="DOI" value="10.6028/nist.fips.186-5"/> </reference> <reference anchor="RFC5280"> <front> <title>Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile</title> <author fullname="D. Cooper" initials="D." surname="Cooper"/> <author fullname="S. Santesson" initials="S." surname="Santesson"/> <author fullname="S. Farrell" initials="S." surname="Farrell"/> <author fullname="S. Boeyen" initials="S." surname="Boeyen"/> <author fullname="R. Housley" initials="R." surname="Housley"/> <author fullname="W. Polk" initials="W." surname="Polk"/> <date month="May" year="2008"/> <abstract> <t>This memo profiles the X.509 v3 certificate and X.509 v2 certificate revocation list (CRL) for use in the Internet. An overview of this approach and model is provided as an introduction. The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms. Standard certificate extensions are described and two Internet-specific extensions are defined. A set of required certificate extensions is specified. The X.509 v2 CRL format is described in detail along with standard and Internet-specific extensions. An algorithm for X.509 certification path validation is described. An ASN.1 module and examples are provided in the appendices. [STANDARDS-TRACK]</t> </abstract></front> <seriesInfoname="RFC" value="5280"/>name="NIST FIPS Publication" value="186-5"/> <seriesInfo name="DOI"value="10.17487/RFC5280"/> </reference> <reference anchor="CONSISTENCY"> <front> <title>Key Consistency and Discovery</title> <author fullname="Alex Davidson" initials="A." surname="Davidson"> <organization>Brave Software</organization> </author> <author fullname="Matthew Finkel" initials="M." surname="Finkel"> <organization>The Tor Project</organization> </author> <author fullname="Martin Thomson" initials="M." surname="Thomson"> <organization>Mozilla</organization> </author> <author fullname="Christopher A. Wood" initials="C. A." surname="Wood"> <organization>Cloudflare</organization> </author> <date day="10" month="July" year="2023"/> <abstract> <t> This document describes the consistency requirements of protocols such as Privacy Pass, Oblivious DoH, and Oblivious HTTP for user privacy. It presents definitions for consistency and then surveys mechanisms for providing consistency in varying threat models. In concludes with discussion of open problems in this area. </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-privacypass-key-consistency-01"/>value="10.6028/NIST.FIPS.186-5"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5280.xml"/> <!-- draft-ietf-privacypass-key-consistency (Expired) --> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-privacypass-key-consistency.xml"/> </references> </references> <sectionanchor="acknowledgements"> <name>Acknowledgements</name> <t>The authors of this document would like to acknowledge the helpful feedback and discussions from Benjamin Schwartz, Joseph Salowey, and Tara Whalen.</t> </section> <sectionanchor="test-vectors"> <name>Test Vectors</name> <t>This section includes test vectors for the two basic issuance protocols specified in this document. <xref target="test-vectors-poprf"/> contains test vectors for token issuance protocol 1 (0x0001), and <xref target="test-vectors-rsa"/> contains test vectors for token issuance protocol 2 (0x0002).</t> <section anchor="test-vectors-poprf"> <name>Issuance Protocol 1 - VOPRF(P-384, SHA-384)</name> <t>The testvectorvectors belowlistslist the following values:</t><ul<dl spacing="normal"><li>skS: The<dt>skI:</dt><dd>The Issuer Private Key, serialized using SerializeScalarfrom <xref(<xref section="2.1"sectionFormat="of" target="OPRF"/>sectionFormat="comma" target="RFC9497"/>) and represented as a hexadecimalstring.</li> <li>pkS: Thestring.</dd> <dt>pkI:</dt><dd>The Issuer Public Key, serialized according to the encoding in <xreftarget="private-token-type"/>.</li> <li>token_challenge: Atarget="private-token-type"/>.</dd> <dt>token_challenge:</dt><dd>A randomly generated TokenChallenge structure, represented as a hexadecimalstring.</li> <li>nonce: Thestring.</dd> <dt>nonce:</dt><dd>The 32-byteclientClient nonce generated according to <xref target="private-request"/>, represented as a hexadecimalstring.</li> <li>blind: Thestring.</dd> <dt>blind:</dt><dd>The blind used when computing the OPRF blinded message, serialized using SerializeScalarfrom <xref(<xref section="2.1"sectionFormat="of" target="OPRF"/>sectionFormat="comma" target="RFC9497"/>) and represented as a hexadecimalstring.</li> <li>token_request: Thestring.</dd> <dt>token_request:</dt><dd>The TokenRequest message constructed according to <xref target="private-request"/>, represented as a hexadecimalstring.</li> <li>token_response: Thestring.</dd> <dt>token_response:</dt><dd>The TokenResponse message constructed according to <xref target="private-response"/>, represented as a hexadecimalstring.</li> <li>token: Thestring.</dd> <dt>token:</dt><dd>The outputTokentoken from the protocol, represented as a hexadecimalstring.</li> </ul> <artwork><![CDATA[string.</dd> </dl> <sourcecode name="" type="test-vectors"><![CDATA[ // Test vector 1skS:skI: 39b0d04d3732459288fc5edb89bb02c2aa42e06709f201d6c518871d5181 14910bee3c919bed1bbffe3fc1b87d53240apkS:pkI: 02d45bf522425cdd2227d3f27d245d9d563008829252172d34e48469290c 21da1a46d42ca38f7beabdf05c074aee1455bf token_challenge: 0001000e6973737565722e6578616d706c65205de58a52fc daef25ca3f65448d04e040fb1924e8264acfccfc6c5ad451d582b3000e6f72696 7696e2e6578616d706c65 nonce: 6aa422c41b59d3e44a136dd439df2454e3587ee5f3697798cdc05fafe73073b8 blind: 8e7fd80970b8a00b0931b801a2e22d9903d83bd5597c6a4dc1496ed2b1 7ef820445ef3bd223f3ab2c4f54c5d1c956909 token_request: 0001f4030ab3e23181d1e213f24315f5775983c678ce22eff9 427610832ab3900f2cd12d6829a07ec8a6813cf0b5b886f4cc4979 token_response: 036bb3c5c397d88c3527cf9f08f1fe63687b867e85c930c49 ee2c222408d4903722a19ff272ac97e3725b947c972784ebfe86eb9ea54336e43 34ea9660212c0c85fbadfbf491a1ce2446fc3379337fccd45c1059b2bc760110e e1ec227d8e01c9f482c00c47ffa0dbe2fb58c32dde2b1dbe69fff920a528e68dd 9b3c2483848e57c30542b8984fa6bfecd6d71d54d53eda token: 00016aa422c41b59d3e44a136dd439df2454e3587ee5f3697798cdc05f afe73073b8501370b494089dc462802af545e63809581ee6ef57890a12105c283 68169514bf260d0792bf7f46c9866a6d37c3032d8714415f87f5f6903d7fb071e 253be2f4e0a835d76528b8444f73789ee7dc90715b01c17902fd87375c00a7a9d 3d92540437f470773be20f71e721da3af40edeb // Test vector 2skS:skI: 39efed331527cc4ddff9722ab5cd35aeafe7c27520b0cfa2eedbdc298dc3 b12bc8298afcc46558af1e2eeacc5307d865pkS:pkI: 038017e005904c6146b37109d6c2a72b95a183aaa9ed951b8d8fb1ed9033 f68033284d175e7df89849475cd67a86bfbf4e token_challenge: 0001000e6973737565722e6578616d706c6500000e6f7269 67696e2e6578616d706c65 nonce: 7617bc802cfdb5d74722ef7418bdbb4f2c88403820e55fe7ec07d3190c29d665 blind: 6492ee50072fa18d035d69c4246362dffe2621afb95a10c033bb0109e0 f705b0437c425553272e0aa5266ec379e7015e token_request: 000133033a5fe04a39da1bbfb68ccdeecd1917474dd525462e 5a90a6ba53b42aaa1486fe443a2e1c7f3fd5ff028a1c7cf1aeac5d token_response: 023bf8cd624880d669c5cc6c88b056355c6e8e1bcbf3746cf b9ab9248a4c056f23a4876ef998a8b6b281d50f852c6fa868fc4fa135c79ccb5f bdf8bf3c926e10c7c12f934a887d86da4a4e5be70f5a169aa75720887bb690536 92a8f11f9cda7a72f281e4e3568e848225367946c70db09e718e3cba16193987b c10bede3ef54c4d036c17cd4015bb113be60d7aa927e0d token: 00017617bc802cfdb5d74722ef7418bdbb4f2c88403820e55fe7ec07d3 190c29d665c994f7d5cdc2fb970b13d4e8eb6e6d8f9dcdaa65851fb091025dfe1 34bd5a62a116477bc9e1a205cca95d0c92335ca7a3e71063b2ac020bdd231c660 97f12333ef438d00801bca5ace0fab8eb483dc04cd62578b95b5652921cd2698c 45ea74f6c8827b4e19f01140fa5bd039866f562 // Test vector 3skS:skI: 2b7709595b62b784f14946ae828f65e6caeba6eefe732c86e9ae50e818c0 55b3d7ca3a5f2beecaa859a62ff7199d35ccpkS:pkI: 03a0de1bf3fd0a73384283b648884ba9fa5dee190f9d7ad4292c2fd49d8b 4d64db674059df67f5bd7e626475c78934ae8d token_challenge: 0001000e6973737565722e6578616d706c65000017666f6f 2e6578616d706c652c6261722e6578616d706c65 nonce: 87499b5930918d2d83ecebf92d25ca0722aa11b80dbbfd950537c28aa7d3a9df blind: 1f659584626ba15f44f3d887b2e5fe4c27315b185dfbfaea4253ebba30 610c4d9b73c78714c142360e85a00942c0fcff token_request: 0001c8024610a9f3aac21090f3079d6809437a2b94b4403c7e 645f849bc6c505dade154c258c8ecd4d2bdcf574daca65db671908 token_response: 03c2ab925d03e7793b4a4df6eb505210139f620359e142449 1b8143c06a3e5298b25b662c33256411be7277233e1a34570f7a4d142d931e4b5 ff8829e27aaf7eb2cc7f9ab655477d71c01d5da5aef44dd076b5820b4710ef025 a9e6c6b50a95af6105c5987c1b834d615008cf6370556ed00c6671e69776c09a9 2b5ac84804750dd867c78817bdf69f1443002b18ae7a52 token: 000187499b5930918d2d83ecebf92d25ca0722aa11b80dbbfd950537c2 8aa7d3a9df1949fd455872478ba87e2e6c513c3261cddbe57220581245e4c9c91 1dd1c0bb865785bff8f3cfe08cccbb3a7b8e41d23a172871be4828cc54582d87b c7cfc5c8bcedc1868ebc845b000c317ed75312274a42b10be6db23bd8a168fd2f 021c23925d72c4d14cd7588c03845da0d41a326 // Test vector 4skS:skI: 22e237b7b983d77474e4495aff2fc1e10422b1d955192e0fbf2b7b618fba 625fcb94b599da9113da49c495a48fbf7f7fpkS:pkI: 028cd68715caa20d19b2b20d017d6a0a42b9f2b0a47db65e5e763e23744f e14d74e374bbc93a2ec3970eb53c8aa765ee21 token_challenge: 0001000e6973737565722e6578616d706c65000000 nonce: 02f0a206752d555a24924f2da5942a1bb4cb2d83ff473aa8b2bc3a89e820cd43 blind: af91d1dbcf6b46baecde70eb305b8fe75629199cca19c7f9344b8607b9 0def27bc53e0345ade32c9fd0a1efda056d1c0 token_request: 0001a503632ebb003ed15b6de4557c047c7f81a58688143331 2ad3ad7f9416f2dfc940d3f439ad1e8cd677d94ae7c05bc958d134 token_response: 032018bc3f180d9650e27f72de76a90b47e336ae9cb058548 d851c7046fa0875d96346c15cb39d8083cc6fb57216544c6a815c37d792769e12 9c0513ce2034c3286cb212548f4aed1b0f71b28e219a71874a93e53ab2f473282 71d1e9cbefc197a4f599a6825051fa1c6e55450042f04182b86c9cf12477a9f16 849396c051fa27012e81a86e6c4a9204a063f1e1722dd7 token: 000102f0a206752d555a24924f2da5942a1bb4cb2d83ff473aa8b2bc3a 89e820cd43085cb06952044c7655b412ab7d484c97b97c48c79c568140b8d49a0 2ca47a9cfb0a5cfb861290c4dbd8fd9b60ee9b1a1a54cf47c98531fe253f1ed6d 875de5a58f42db12b540b0d11bc5d6b42e6d17c2b73e98631e54d40fd2901ebec 4268668535b03cbf76f7f15a29d623a64cab0c4 // Test vector 5skS:skI: 46f3d4f562002b85ffcfdb4d06835fb9b2e24372861ecaa11357fd1f29f9 ed26e44715549ccedeb39257f095110f0159pkS:pkI: 02fbe9da0b7cabe3ec51c36c8487b10909142b59af030c728a5e87bb3b30 f54c06415d22e03d9212bd3d9a17d5520d4d0f token_challenge: 0001000e6973737565722e6578616d706c65205de58a52fc daef25ca3f65448d04e040fb1924e8264acfccfc6c5ad451d582b30000 nonce: 9ee54942d8a1604452a76856b1bfaf1cd608e1e3fa38acfd9f13e84483c90e89 blind: 76e0938e824b6cda6c163ff55d0298d539e222ed3984f4e31bbb654a8c 59671d4e0a7e264ca758cd0f4b533e0f60c5aa token_request: 0001e10202bc92ac516c867f39399d71976018db52fcab5403 f8534a65677ba9e1e7d9b1d01767d137884c86cf5fe698c2f5d8e9 token_response: 0322ea3856a71533796393229b33d33c02cd714e40d5aa4e0 71f056276f32f89c09947eca8ff119d940d9d57c2fcbd83d2da494ddeb37dc1f6 78e5661a8e7bcc96b3477eb89d708b0ce10e0ea1b5ce0001f9332f743c0cc3d47 48233fea6d3152fae7844821268eb96ba491f60b1a3a848849310a39e9ef59121 669aa5d5dbb4b4deb532d2f907a01c5b39efaf23985080 token: 00019ee54942d8a1604452a76856b1bfaf1cd608e1e3fa38acfd9f13e8 4483c90e89d4380df12a1727f4e2ca1ee0d7abea0d0fb1e9506507a4dd618f9b8 7e79f9f3521a7c9134d6722925bf622a994041cdb1b082cdf1309af32f0ce00ca 1dab63e1b603747a8a5c3b46c7c2853de5ec7af8cac7cf3e089cecdc9ed3ff05c d24504fe4f6c52d24ac901471267d8b63b61e6b]]></artwork>]]></sourcecode> </section> <section anchor="test-vectors-rsa"> <name>Issuance Protocol 2 - BlindRSA, 2048</name>RSA (2048-bit)</name> <t>The testvectorvectors belowlistslist the following values:</t><ul<dl spacing="normal"><li>skS: The<dt>skI:</dt><dd>The PEM-encodedPKCS#8PKCS #8 RSA Issuer Private Key used for signing tokens, represented as a hexadecimalstring.</li> <li>pkS: Thestring.</dd> <dt>pkI:</dt><dd>The Issuer Public Key, serialized according to the encoding in <xreftarget="public-token-type"/>.</li> <li>token_challenge: Atarget="public-token-type"/>.</dd> <dt>token_challenge:</dt><dd>A randomly generated TokenChallenge structure, represented as a hexadecimalstring.</li> <li>nonce: Thestring.</dd> <dt>nonce:</dt><dd>The 32-byteclientClient nonce generated according to <xref target="public-request"/>, represented as a hexadecimalstring.</li> <li>blind: Thestring.</dd> <dt>blind:</dt><dd>The blind used when computing the blind RSA blinded message, represented as a hexadecimalstring.</li> <li>salt: Thestring.</dd> <dt>salt:</dt><dd>The randomly generated 48-byte salt used when encoding the blindedtoken requestTokenRequest message, represented as a hexadecimalstring.</li> <li>token_request: Thestring.</dd> <dt>token_request:</dt><dd>The TokenRequest message constructed according to <xref target="public-request"/>, represented as a hexadecimalstring.</li> <li>token_request: Thestring.</dd> <dt>token_response:</dt><dd>The TokenResponse message constructed according to <xref target="public-response"/>, represented as a hexadecimalstring.</li> <li>token: Thestring.</dd> <dt>token:</dt><dd>The outputTokentoken from the protocol, represented as a hexadecimalstring.</li> </ul> <artwork><![CDATA[string.</dd> </dl> <sourcecode name="" type="test-vectors"><![CDATA[ // Test vector 1skS:skI: 2d2d2d2d2d424547494e2050524956415445204b45592d2d2d2d2d0a4d49 4945765149424144414e42676b71686b6947397730424151454641415343424b6 3776767536a41674541416f49424151444c4775317261705831736334420a4f6b 7a38717957355379356b6f6a41303543554b66717444774e38366a424b5a4f764 57245526b49314c527876734d6453327961326333616b4745714c756b440a556a 35743561496b3172417643655844644e44503442325055707851436e6969396e6 b492b6d67725769744444494871386139793137586e6c5079596f784f530a646f 6558563835464f314a752b62397336356d586d34516a755139455961497138337 1724450567a50335758712b524e4d636379323269686763624c766d42390a6a41 355334475666325a6c74785954736f4c364872377a58696a4e394637486271656 76f753967654b524d584645352f2b4a3956595a634a734a624c756570480a544f 72535a4d4948502b5358514d4166414f454a4547426d6d4430683566672f43473 475676a79486e4e51383733414e4b6a55716d3676574574413872514c620a4530 742b496c706641674d4241414543676745414c7a4362647a69316a506435384d6 b562b434c6679665351322b7266486e7266724665502f566344787275690a3270 316153584a596962653645532b4d622f4d4655646c485067414c7731785134576 57266366336444373686c6c784c57535638477342737663386f364750320a6359 366f777042447763626168474b556b5030456b62395330584c4a5763475347356 1556e484a585237696e7834635a6c666f4c6e7245516536685578734d710a6230 644878644844424d644766565777674b6f6a4f6a70532f39386d4555793756422 f3661326c7265676c766a632f326e4b434b7459373744376454716c47460a787a 414261577538364d435a342f5131334c762b426566627174493973715a5a776a7 264556851483856437872793251564d515751696e57684174364d7154340a5342 5354726f6c5a7a7772716a65384d504a393175614e4d6458474c63484c4932367 3587a76374b53514b42675144766377735055557641395a325a583958350a6d49 784d54424e6445467a56625550754b4b413179576e31554d444e63556a71682b7 a652f376b337946786b68305146333162713630654c393047495369414f0a354b 4f574d39454b6f2b7841513262614b314d664f5931472b386a7a4258557042733 9346b353353383879586d4b366e796467763730424a385a6835666b55710a5732 306f5362686b686a5264537a48326b52476972672b5553774b426751445a4a4d6 e7279324578612f3345713750626f737841504d69596e6b354a415053470a7932 7a305a375455622b7548514f2f2b78504d376e433075794c494d44396c61544d4 8776e3673372f4c62476f455031575267706f59482f4231346b2f526e360a6675 77524e3632496f397463392b41434c745542377674476179332b6752775974534 33262356564386c4969656774546b6561306830754453527841745673330a6e35 6b796132513976514b4267464a75467a4f5a742b7467596e576e5155456757385 0304f494a45484d45345554644f637743784b7248527239334a6a7546320a4533 77644b6f546969375072774f59496f614a5468706a50634a62626462664b792b6 e735170315947763977644a724d6156774a6376497077563676315570660a5674 4c61646d316c6b6c7670717336474e4d386a6e4d30587833616a6d6d6e6665573 9794758453570684d727a4c4a6c394630396349324c416f4742414e58760a7567 5658727032627354316f6b6436755361427367704a6a5065774e526433635a4b3 97a306153503144544131504e6b7065517748672f2b36665361564f487a0a7941 7844733968355272627852614e6673542b7241554837783153594456565159564 d68555262546f5a6536472f6a716e544333664e6648563178745a666f740a306c 6f4d4867776570362b53494d436f6565325a6374755a5633326c6349616639726 2484f633764416f47416551386b3853494c4e4736444f413331544535500a6d30 31414a49597737416c5233756f2f524e61432b78596450553354736b75414c787 86944522f57734c455142436a6b46576d6d4a41576e51554474626e594e0a5363 77523847324a36466e72454374627479733733574156476f6f465a6e636d504c5 0386c784c79626c534244454c79615a762f624173506c4d4f39624435630a4a2b 4e534261612b6f694c6c31776d4361354d43666c633d0a2d2d2d2d2d454e44205 0524956415445204b45592d2d2d2d2d0apkS:pkI: 30820152303d06092a864886f70d01010a3030a00d300b06096086480165 03040202a11a301806092a864886f70d010108300b0609608648016503040202a 2030201300382010f003082010a0282010100cb1aed6b6a95f5b1ce013a4cfcab 25b94b2e64a23034e4250a7eab43c0df3a8c12993af12b111908d4b471bec31d4 b6c9ad9cdda90612a2ee903523e6de5a224d6b02f09e5c374d0cfe01d8f529c50 0a78a2f67908fa682b5a2b430c81eaf1af72d7b5e794fc98a3139276879757ce4 53b526ef9bf6ceb99979b8423b90f4461a22af37aab0cf5733f7597abe44d31c7 32db68a181c6cbbe607d8c0e52e0655fd9996dc584eca0be87afbcd78a337d17b 1dba9e828bbd81e291317144e7ff89f55619709b096cbb9ea474cead264c2073f e49740c01f00e109106066983d21e5f83f086e2e823c879cd43cef700d2a352a9 babd612d03cad02db134b7e225a5f0203010001 token_challenge: 0002000e6973737565722e6578616d706c65208e7acc900e 393381e8810b7c9e4a68b5163f1f880ab6688a6ffe780923609e88000e6f72696 7696e2e6578616d706c65 nonce: aa72019d1f951df197021ce63876fe8b0a02dc1c31a12b0a2dd1508d07827f05 blind: 425421de54c7381864ce36473abfb988c454fe6c27de863de702a6a2ad ca153fa2de47bd8fcd62734caa8ce1f920b77d980ab58c32d16dde54873f28ca9 68e8c125b8363514be68972f553655bcc7f80a284cc327e47e804a47333c5b3cd f773312cc7ad9fda748aed0baa7e19c5a2d1dafda718f086d7fc0a4bc02d488e0 f20812daee335af7177b7a8369bd617066aed7a58f659f295c36b418827f67972 5b81ca14ea16fb82df21ad76da1ac38dcf24bf6252f8510e2308608ac9197f6cb 54fdcb19db17837302a2b87d659c5605f35f3709a130f0c3d50e172f0cae36cbc 9467f9914895a215a9e32443bcafff795273ccf8965a7eaa8c0b2184763e3e5c salt: 3d980852fa570c064204feb8d107098db976ef8c2137e8641d234bbd88a 986fdb306a7af220cfadede08f51e1ef61766 token_request: 0002086a95be84b63cfed0993bb579194a72a95057e1548ac4 63a9a5b33b011f2b2011d59487f01862f1d8e4d5ea42e73a660fbc3d010b944a5 4da3a4e0942f8894c0884589b438cb902e9a34278970f33c16f351f7dae58d273 c3ab66ef368da36f785e89e24d1d983d5c34311cd21f290f9e89e8646ab0d0a48 988fcd46230de5e7603cd12cc95c7ec5002e5e26737aa7eb69c626476e6c8d465 10ee404a3d7daf3a23b7c66735d363ca13676925c6ed0117f60d165ce1f8ba616 d041b6384baf6da3e2f757cb18e879a4f8595c2dc895ddf1f4279c75768d108b5 c47f95f94e81e2d8b9c8b74476924ab3b7c45243fc99ac5466e8a3680ad37fa15 c96010b274094 token_response: 675d84b751d9e593330ec4b6d7ab69c9a61517e98971f4b73 6150508174b4335761464f237be2d72bbae4b94dffc6143413f6351f1aa4efde6 c32d4d6d9392a008290d56d1222f9b77a1336213e01934f7d972f3bf9ea5a5786 c321352f103b3667e605379a55f0fb925fbb09b8a9f85e7dd4b388a3b49d06fd7 0ba28f6a780e3bc8f6421554fd6c38b63ef19f84ccfcf14709dd0b4d72213c1f0 60893854eba0ea1a147e275da320db5e9849882d5f9179efa8a2d8d3b803f9d14 45ef5c1f660be08883ce9b29a0a992fc035d2938cbb61c440044438dbb8b3ce71 58a8f9827d230482f622d291406ab236b32b122627ae0fd36bd0d6b7607b8044a ce404d44 token: 0002aa72019d1f951df197021ce63876fe8b0a02dc1c31a12b0a2dd150 8d07827f055969f643b4cfda5196d4aa86aeb5368834f4f06de46950ed435b3b8 1bd036d44ca572f8982a9ca248a3056186322d93ca147266121ddeb5632c07f1f 71cd2708bc6a21b533d07294b5e900faf5537dd3eb33cee4e08c9670d1e5358fd 184b0e00c637174f5206b14c7bb0e724ebf6b56271e5aa2ed94c051c4a433d302 b23bc52460810d489fb050f9de5c868c6c1b06e3849fd087629f704cc724bc0d0 984d5c339686fcdd75f9a9cdd25f37f855f6f4c584d84f716864f546b696d620c 5bd41a811498de84ff9740ba3003ba2422d26b91eb745c084758974642a420782 01543246ddb58030ea8e722376aa82484dca9610a8fb7e018e396165462e17a03 e40ea7e128c090a911ecc708066cb201833010c1ebd4e910fc8e27a1be467f786 71836a508257123a45e4e0ae2180a434bd1037713466347a8ebe46439d3da1970 // Test vector 2skS:skI: 2d2d2d2d2d424547494e2050524956415445204b45592d2d2d2d2d0a4d49 4945765149424144414e42676b71686b6947397730424151454641415343424b6 3776767536a41674541416f49424151444c4775317261705831736334420a4f6b 7a38717957355379356b6f6a41303543554b66717444774e38366a424b5a4f764 57245526b49314c527876734d6453327961326333616b4745714c756b440a556a 35743561496b3172417643655844644e44503442325055707851436e6969396e6 b492b6d67725769744444494871386139793137586e6c5079596f784f530a646f 6558563835464f314a752b62397336356d586d34516a755139455961497138337 1724450567a50335758712b524e4d636379323269686763624c766d42390a6a41 355334475666325a6c74785954736f4c364872377a58696a4e394637486271656 76f753967654b524d584645352f2b4a3956595a634a734a624c756570480a544f 72535a4d4948502b5358514d4166414f454a4547426d6d4430683566672f43473 475676a79486e4e51383733414e4b6a55716d3676574574413872514c620a4530 742b496c706641674d4241414543676745414c7a4362647a69316a506435384d6 b562b434c6679665351322b7266486e7266724665502f566344787275690a3270 316153584a596962653645532b4d622f4d4655646c485067414c7731785134576 57266366336444373686c6c784c57535638477342737663386f364750320a6359 366f777042447763626168474b556b5030456b62395330584c4a5763475347356 1556e484a585237696e7834635a6c666f4c6e7245516536685578734d710a6230 644878644844424d644766565777674b6f6a4f6a70532f39386d4555793756422 f3661326c7265676c766a632f326e4b434b7459373744376454716c47460a787a 414261577538364d435a342f5131334c762b426566627174493973715a5a776a7 264556851483856437872793251564d515751696e57684174364d7154340a5342 5354726f6c5a7a7772716a65384d504a393175614e4d6458474c63484c4932367 3587a76374b53514b42675144766377735055557641395a325a583958350a6d49 784d54424e6445467a56625550754b4b413179576e31554d444e63556a71682b7 a652f376b337946786b68305146333162713630654c393047495369414f0a354b 4f574d39454b6f2b7841513262614b314d664f5931472b386a7a4258557042733 9346b353353383879586d4b366e796467763730424a385a6835666b55710a5732 306f5362686b686a5264537a48326b52476972672b5553774b426751445a4a4d6 e7279324578612f3345713750626f737841504d69596e6b354a415053470a7932 7a305a375455622b7548514f2f2b78504d376e433075794c494d44396c61544d4 8776e3673372f4c62476f455031575267706f59482f4231346b2f526e360a6675 77524e3632496f397463392b41434c745542377674476179332b6752775974534 33262356564386c4969656774546b6561306830754453527841745673330a6e35 6b796132513976514b4267464a75467a4f5a742b7467596e576e5155456757385 0304f494a45484d45345554644f637743784b7248527239334a6a7546320a4533 77644b6f546969375072774f59496f614a5468706a50634a62626462664b792b6 e735170315947763977644a724d6156774a6376497077563676315570660a5674 4c61646d316c6b6c7670717336474e4d386a6e4d30587833616a6d6d6e6665573 9794758453570684d727a4c4a6c394630396349324c416f4742414e58760a7567 5658727032627354316f6b6436755361427367704a6a5065774e526433635a4b3 97a306153503144544131504e6b7065517748672f2b36665361564f487a0a7941 7844733968355272627852614e6673542b7241554837783153594456565159564 d68555262546f5a6536472f6a716e544333664e6648563178745a666f740a306c 6f4d4867776570362b53494d436f6565325a6374755a5633326c6349616639726 2484f633764416f47416551386b3853494c4e4736444f413331544535500a6d30 31414a49597737416c5233756f2f524e61432b78596450553354736b75414c787 86944522f57734c455142436a6b46576d6d4a41576e51554474626e594e0a5363 77523847324a36466e72454374627479733733574156476f6f465a6e636d504c5 0386c784c79626c534244454c79615a762f624173506c4d4f39624435630a4a2b 4e534261612b6f694c6c31776d4361354d43666c633d0a2d2d2d2d2d454e44205 0524956415445204b45592d2d2d2d2d0apkS:pkI: 30820152303d06092a864886f70d01010a3030a00d300b06096086480165 03040202a11a301806092a864886f70d010108300b0609608648016503040202a 2030201300382010f003082010a0282010100cb1aed6b6a95f5b1ce013a4cfcab 25b94b2e64a23034e4250a7eab43c0df3a8c12993af12b111908d4b471bec31d4 b6c9ad9cdda90612a2ee903523e6de5a224d6b02f09e5c374d0cfe01d8f529c50 0a78a2f67908fa682b5a2b430c81eaf1af72d7b5e794fc98a3139276879757ce4 53b526ef9bf6ceb99979b8423b90f4461a22af37aab0cf5733f7597abe44d31c7 32db68a181c6cbbe607d8c0e52e0655fd9996dc584eca0be87afbcd78a337d17b 1dba9e828bbd81e291317144e7ff89f55619709b096cbb9ea474cead264c2073f e49740c01f00e109106066983d21e5f83f086e2e823c879cd43cef700d2a352a9 babd612d03cad02db134b7e225a5f0203010001 token_challenge: 0002000e6973737565722e6578616d706c6500000e6f7269 67696e2e6578616d706c65 nonce: 98c1345ff38a554b429b428b0f206cfe4f3892f8041995f2c24873d90e84488d blind: 7bb85f89c9b83a0e2b02938b3396f06f8f3df0018a91f1a2cc5416aaa5 52994d063f634d50bea13bffe8d5e01431e646e2e384549cefd695ac3affff665 a1ebf0113df2520006bd66e468d37a58266daa8a3a75692535e1fc46d0c1d6fb6 f37c949808172e20c0b77a48570a1fcb474325bdd23cdbce52b5d6a9e39f7aec7 3b09004eae8c8bfff2b4b533ea63bcf467a4cd95ccfb0cb4e43bc4992c1fd0be7 a77a4475dbf8094cf25125ece901abbcea607a9050ad9f8ec3d0d66341f6eab40 ee9c9c22c0b560b8377f8543d8878c7458885fd285c7556cc88fc6021617075b4 2c83a86005169a6f13352e789b28fdbbe3d0288e1dd7c801497573893146aea3 salt: b6b4378421ab0ea677ce3f4036fd0489dee458ad81ea519c3e8bde3fcd5 ec1505d28e110d7b44dcac5e04ecedd54d11a token_request: 00020892d26a271c0104657ba10c0b5cb2827bb209d86e8002 7f96bfb861e0f40cb897f0fc426498433141ce9bc8b4a95914fefe4e40bdd3802 a121cb0b59a4ae7e03255275c4abf071d991c82ead402606c0ef912178b0a0f68 d303e06a966079230592827b84979dbcb5f21ab8904e9908638ddf705c4f8af8a 053c19a66090726b60c6b4063976e4c66eab33522dd3f9d64828441db4aa82d55 adcc3d3920592884cd1e5a3f490d5c81f1306705dcc5c61d82373f1dbd7d2ae4b 2fea0f7339f5d868415f59312766e3074ee4a7305f5f053da82673ee6747a727a 26d8d10ea1b1a3491d26b0c38b962c02a774ac78932153aae9dcc98a9b1db1f53 89644682f7727 token_response: 113a5124c1aef6fc230d9fc42b789226f45ca941aad4da3f4 8cf37c7744a8d7fd1dcfd71cd39d09e9324760180ea0bade3360efaf7322a1fa1 5f41247be3857fde8c5c92ec6d67a7ee33be8fdadf8b27bb0db706117448e55bc e9927cb6bfb1f87f9edb054181a4558af0c0d3973d7033b9599e674c20cf08a7b bcf0da815a2edaab7c4fb80dee4ea2cc53576a9691e857da931c6c592d2c69dd2 1afda8ea653dd90157adfe80e2375c08e75beb497df8b7b73192fbbd4e80359d9 bbaecea14e0acebdda92596f71ec1d57e26b6497b3152976bc07a4409148cb843 89eb207fb8e841106012408c6e19b4f964008b6a909aaab767a661a061c97da16 43040455 token: 000298c1345ff38a554b429b428b0f206cfe4f3892f8041995f2c24873 d90e84488d11e15c91a7c2ad02abd66645802373db1d823bea80f08d452541fb2 b62b5898bca572f8982a9ca248a3056186322d93ca147266121ddeb5632c07f1f 71cd27083350a206c5e9b7c0898f97611ce0bb8d74d310bb194ab67e094e32ff6 da90886924b1b9e7b569402c1101d896d2fc3a7371ef77f02310db1dc9f81c853 5828c2d0e9d9051720d182cd54e1c2c3bf417da2fc7aa72bb70ccc834ef274a2e 809c9821b3d395d6535423f7428b3f29175d6eb840b4b7685336e57e2b6afeaab c0c17ea4f557e8a9cc2f624e245c6ccd7cbdd6c32c97c5c6974e802f688e2d25f 0aba4215f609f692244517d5d3407e0172273982c001c158f5fcbe1b5d2447c26 a87e89f5a9e72b498b0c59ce749823d2cf253d3cf6cd4e64fa0e434d95e488789 247a9ceed756ff4ff33a8d2402c0db381236d331092838b608a42002552092897 // Test vector 3skS:skI: 2d2d2d2d2d424547494e2050524956415445204b45592d2d2d2d2d0a4d49 4945765149424144414e42676b71686b6947397730424151454641415343424b6 3776767536a41674541416f49424151444c4775317261705831736334420a4f6b 7a38717957355379356b6f6a41303543554b66717444774e38366a424b5a4f764 57245526b49314c527876734d6453327961326333616b4745714c756b440a556a 35743561496b3172417643655844644e44503442325055707851436e6969396e6 b492b6d67725769744444494871386139793137586e6c5079596f784f530a646f 6558563835464f314a752b62397336356d586d34516a755139455961497138337 1724450567a50335758712b524e4d636379323269686763624c766d42390a6a41 355334475666325a6c74785954736f4c364872377a58696a4e394637486271656 76f753967654b524d584645352f2b4a3956595a634a734a624c756570480a544f 72535a4d4948502b5358514d4166414f454a4547426d6d4430683566672f43473 475676a79486e4e51383733414e4b6a55716d3676574574413872514c620a4530 742b496c706641674d4241414543676745414c7a4362647a69316a506435384d6 b562b434c6679665351322b7266486e7266724665502f566344787275690a3270 316153584a596962653645532b4d622f4d4655646c485067414c7731785134576 57266366336444373686c6c784c57535638477342737663386f364750320a6359 366f777042447763626168474b556b5030456b62395330584c4a5763475347356 1556e484a585237696e7834635a6c666f4c6e7245516536685578734d710a6230 644878644844424d644766565777674b6f6a4f6a70532f39386d4555793756422 f3661326c7265676c766a632f326e4b434b7459373744376454716c47460a787a 414261577538364d435a342f5131334c762b426566627174493973715a5a776a7 264556851483856437872793251564d515751696e57684174364d7154340a5342 5354726f6c5a7a7772716a65384d504a393175614e4d6458474c63484c4932367 3587a76374b53514b42675144766377735055557641395a325a583958350a6d49 784d54424e6445467a56625550754b4b413179576e31554d444e63556a71682b7 a652f376b337946786b68305146333162713630654c393047495369414f0a354b 4f574d39454b6f2b7841513262614b314d664f5931472b386a7a4258557042733 9346b353353383879586d4b366e796467763730424a385a6835666b55710a5732 306f5362686b686a5264537a48326b52476972672b5553774b426751445a4a4d6 e7279324578612f3345713750626f737841504d69596e6b354a415053470a7932 7a305a375455622b7548514f2f2b78504d376e433075794c494d44396c61544d4 8776e3673372f4c62476f455031575267706f59482f4231346b2f526e360a6675 77524e3632496f397463392b41434c745542377674476179332b6752775974534 33262356564386c4969656774546b6561306830754453527841745673330a6e35 6b796132513976514b4267464a75467a4f5a742b7467596e576e5155456757385 0304f494a45484d45345554644f637743784b7248527239334a6a7546320a4533 77644b6f546969375072774f59496f614a5468706a50634a62626462664b792b6 e735170315947763977644a724d6156774a6376497077563676315570660a5674 4c61646d316c6b6c7670717336474e4d386a6e4d30587833616a6d6d6e6665573 9794758453570684d727a4c4a6c394630396349324c416f4742414e58760a7567 5658727032627354316f6b6436755361427367704a6a5065774e526433635a4b3 97a306153503144544131504e6b7065517748672f2b36665361564f487a0a7941 7844733968355272627852614e6673542b7241554837783153594456565159564 d68555262546f5a6536472f6a716e544333664e6648563178745a666f740a306c 6f4d4867776570362b53494d436f6565325a6374755a5633326c6349616639726 2484f633764416f47416551386b3853494c4e4736444f413331544535500a6d30 31414a49597737416c5233756f2f524e61432b78596450553354736b75414c787 86944522f57734c455142436a6b46576d6d4a41576e51554474626e594e0a5363 77523847324a36466e72454374627479733733574156476f6f465a6e636d504c5 0386c784c79626c534244454c79615a762f624173506c4d4f39624435630a4a2b 4e534261612b6f694c6c31776d4361354d43666c633d0a2d2d2d2d2d454e44205 0524956415445204b45592d2d2d2d2d0apkS:pkI: 30820152303d06092a864886f70d01010a3030a00d300b06096086480165 03040202a11a301806092a864886f70d010108300b0609608648016503040202a 2030201300382010f003082010a0282010100cb1aed6b6a95f5b1ce013a4cfcab 25b94b2e64a23034e4250a7eab43c0df3a8c12993af12b111908d4b471bec31d4 b6c9ad9cdda90612a2ee903523e6de5a224d6b02f09e5c374d0cfe01d8f529c50 0a78a2f67908fa682b5a2b430c81eaf1af72d7b5e794fc98a3139276879757ce4 53b526ef9bf6ceb99979b8423b90f4461a22af37aab0cf5733f7597abe44d31c7 32db68a181c6cbbe607d8c0e52e0655fd9996dc584eca0be87afbcd78a337d17b 1dba9e828bbd81e291317144e7ff89f55619709b096cbb9ea474cead264c2073f e49740c01f00e109106066983d21e5f83f086e2e823c879cd43cef700d2a352a9 babd612d03cad02db134b7e225a5f0203010001 token_challenge: 0002000e6973737565722e6578616d706c65000017666f6f 2e6578616d706c652c6261722e6578616d706c65 nonce: 9e7a22bdc5d715682434cebc07eb5fa53f622f776a17a6d91757af1592df0e71 blind: c52cabc5e4e131e0f5860cc4c486c5ee8a5fa8ae59484446121f87b0d8 ccd037f161a99ebcc57f79d05a2ffc852656ad2d0894fab8d1b0f998e6e678254 ed5778da98b137371320314d06c24276e35435bccffa49d257687f270f9ce1792 6a074737546d5415a4bb9e624a6302562b395856632efb6992f6593a4f95fb342 002efebc3046ca96bbc26edb2f1a1454a24ce7b9a7ec8e44fb9e99c8144d409d8 cd8a5903c0a3c0acbd9f82573ed1fc4a296e3eaf4867ade30110794678f422d36 bd103ea4617d2472cf58da3381e52e5be60f4acbf685e280648cef21211a796ec d005ecbdaa1046c40950afca4c4e7dd4b8c19e504088489a15667b45895b6e92 salt: c847b5d0fa9101a1e09954ac9f3eed6600af58936295ad2e54274e13e64 0d59f732d07530c94c19c20668f03470c77ac token_request: 0002080f6bd84fba1822c577c8cd670f1136cca107f84ddd9d 405d5ed22ad15da975538f031433bad4a2688999732927efe2928d4c132389a12 2f40b639b083d6fcbbed7a55fb18db536d2dcbaefe6dc0a70730e6565b08a7dfd 783913a59f37d798de0cfc262c9e90a7ee884a3ec355eacbd44e5f6779fea6a78 5b05ac352fdd51a116cf2be1d8e38b0bfacd6a3d53a88c99f747cce908f86b335 62691f540e3e88562092cd17cc2f78ce0fb53312a5f2dc918bdb1dc90d9d65091 c7ba9080ccc1755cb5437989364dc92f0e8fea18f66d631451feb02a3d68af41d e1a3f9be925dda5c4ca0706fc4ca28b3317e939f6573442c6d03be17cd141fa82 60d382d134c6b token_response: 2dd08ce89cf4f62bc236ab7b75266e13c57c750345e328e0b ea107537c4cbeea5bfc990716950440628ea2e37dbc5c9c6d84f9a965cbf0cbff fb89516b1fd19a90d69cc52a28890bbdcf782f56aefadad85b6e861a74170ce91 0891c89e4293f37978dbd41cc8b5c68802de3d86d9f0326b9c22b809512245896 6a6ddd1aeb3828d239c3b359efc9b375390eb19050d5656c2b084304d9bd8a816 14f631bf82a7e4588413b44a0cb6d94e942fa134790b396cb71e3ed33b557b5bd 0734e726fa79abdca8694703b81d0e289b749801d4383e0d4f825dcde0dd98c43 d3ba81c028dd8833a4fc24961f60e118d4421dce5b611d53e9ca96156a52509bf a9afeb7e token: 00029e7a22bdc5d715682434cebc07eb5fa53f622f776a17a6d91757af 1592df0e710042eee45ac4dd5acb8f6e65c4d8dd47504f73f7463507ef96a4d72 27d2774f3ca572f8982a9ca248a3056186322d93ca147266121ddeb5632c07f1f 71cd270815b010bbc0d5f55e9c856d2e9ffaefba007d33c2d5452fbeb0b15919b 973e0dc9180aaeb18242043758d9fb0ac9ac5e04da9ff74ec93644ae6cdb7068e a76ce2295b9b95e383ed3a9856e9f618dafdf4cec5d2b53ea4297c2f3990babca 71e3ccd6c07a437daae7ed27b6b81178fb7ce5fa5dd63781cc64ac1e410f441c0 34b0a5cc873a2ce875e8b38c92bab563635c4f8f4fa35d1f582ef19edf7da75aa 11a503a82e32a12bd4da41e0ca7ec7f451caf586f5b910003fcbbb9ff5ffa2408 c28d6807737d03da651ea9bfafcc2747a6830e19a1d160fcd5c25d2f79dad86a8 b3de8e926e08ca1addced72977f7b56398ef59c26e725df0a976a08f2a936ca42 // Test vector 4skS:skI: 2d2d2d2d2d424547494e2050524956415445204b45592d2d2d2d2d0a4d49 4945765149424144414e42676b71686b6947397730424151454641415343424b6 3776767536a41674541416f49424151444c4775317261705831736334420a4f6b 7a38717957355379356b6f6a41303543554b66717444774e38366a424b5a4f764 57245526b49314c527876734d6453327961326333616b4745714c756b440a556a 35743561496b3172417643655844644e44503442325055707851436e6969396e6 b492b6d67725769744444494871386139793137586e6c5079596f784f530a646f 6558563835464f314a752b62397336356d586d34516a755139455961497138337 1724450567a50335758712b524e4d636379323269686763624c766d42390a6a41 355334475666325a6c74785954736f4c364872377a58696a4e394637486271656 76f753967654b524d584645352f2b4a3956595a634a734a624c756570480a544f 72535a4d4948502b5358514d4166414f454a4547426d6d4430683566672f43473 475676a79486e4e51383733414e4b6a55716d3676574574413872514c620a4530 742b496c706641674d4241414543676745414c7a4362647a69316a506435384d6 b562b434c6679665351322b7266486e7266724665502f566344787275690a3270 316153584a596962653645532b4d622f4d4655646c485067414c7731785134576 57266366336444373686c6c784c57535638477342737663386f364750320a6359 366f777042447763626168474b556b5030456b62395330584c4a5763475347356 1556e484a585237696e7834635a6c666f4c6e7245516536685578734d710a6230 644878644844424d644766565777674b6f6a4f6a70532f39386d4555793756422 f3661326c7265676c766a632f326e4b434b7459373744376454716c47460a787a 414261577538364d435a342f5131334c762b426566627174493973715a5a776a7 264556851483856437872793251564d515751696e57684174364d7154340a5342 5354726f6c5a7a7772716a65384d504a393175614e4d6458474c63484c4932367 3587a76374b53514b42675144766377735055557641395a325a583958350a6d49 784d54424e6445467a56625550754b4b413179576e31554d444e63556a71682b7 a652f376b337946786b68305146333162713630654c393047495369414f0a354b 4f574d39454b6f2b7841513262614b314d664f5931472b386a7a4258557042733 9346b353353383879586d4b366e796467763730424a385a6835666b55710a5732 306f5362686b686a5264537a48326b52476972672b5553774b426751445a4a4d6 e7279324578612f3345713750626f737841504d69596e6b354a415053470a7932 7a305a375455622b7548514f2f2b78504d376e433075794c494d44396c61544d4 8776e3673372f4c62476f455031575267706f59482f4231346b2f526e360a6675 77524e3632496f397463392b41434c745542377674476179332b6752775974534 33262356564386c4969656774546b6561306830754453527841745673330a6e35 6b796132513976514b4267464a75467a4f5a742b7467596e576e5155456757385 0304f494a45484d45345554644f637743784b7248527239334a6a7546320a4533 77644b6f546969375072774f59496f614a5468706a50634a62626462664b792b6 e735170315947763977644a724d6156774a6376497077563676315570660a5674 4c61646d316c6b6c7670717336474e4d386a6e4d30587833616a6d6d6e6665573 9794758453570684d727a4c4a6c394630396349324c416f4742414e58760a7567 5658727032627354316f6b6436755361427367704a6a5065774e526433635a4b3 97a306153503144544131504e6b7065517748672f2b36665361564f487a0a7941 7844733968355272627852614e6673542b7241554837783153594456565159564 d68555262546f5a6536472f6a716e544333664e6648563178745a666f740a306c 6f4d4867776570362b53494d436f6565325a6374755a5633326c6349616639726 2484f633764416f47416551386b3853494c4e4736444f413331544535500a6d30 31414a49597737416c5233756f2f524e61432b78596450553354736b75414c787 86944522f57734c455142436a6b46576d6d4a41576e51554474626e594e0a5363 77523847324a36466e72454374627479733733574156476f6f465a6e636d504c5 0386c784c79626c534244454c79615a762f624173506c4d4f39624435630a4a2b 4e534261612b6f694c6c31776d4361354d43666c633d0a2d2d2d2d2d454e44205 0524956415445204b45592d2d2d2d2d0apkS:pkI: 30820152303d06092a864886f70d01010a3030a00d300b06096086480165 03040202a11a301806092a864886f70d010108300b0609608648016503040202a 2030201300382010f003082010a0282010100cb1aed6b6a95f5b1ce013a4cfcab 25b94b2e64a23034e4250a7eab43c0df3a8c12993af12b111908d4b471bec31d4 b6c9ad9cdda90612a2ee903523e6de5a224d6b02f09e5c374d0cfe01d8f529c50 0a78a2f67908fa682b5a2b430c81eaf1af72d7b5e794fc98a3139276879757ce4 53b526ef9bf6ceb99979b8423b90f4461a22af37aab0cf5733f7597abe44d31c7 32db68a181c6cbbe607d8c0e52e0655fd9996dc584eca0be87afbcd78a337d17b 1dba9e828bbd81e291317144e7ff89f55619709b096cbb9ea474cead264c2073f e49740c01f00e109106066983d21e5f83f086e2e823c879cd43cef700d2a352a9 babd612d03cad02db134b7e225a5f0203010001 token_challenge: 0002000e6973737565722e6578616d706c65000000 nonce: 494dae41fc7e300c2d09990afcd5d5e1fc95305337dc12f78942c45340bfe8e6 blind: 097cb17bcedecfe058dff5c4e517d1e36d7ab8f46252b1ac1933ba378c 32625c0dbc69f5655c2003bf39e75810796cd63675b223cf3162c57108d56e058 4cfce6cad829e74369ada38a095eb3012c912b31ccde7425f93464e353fb17552 be3a8df2913daca61543a33ae45058f218c471dfbc12fb304158e29b6ed35bc07 9e23f1e6173c5dec4545840bbe58e5ad37cbea0a10dca5d9df2781589d27c3410 8477b52c0d32a1370c17f703941fbb1a007a6794e7de2758709c9bbf80f21eec7 922b9bb491eb6aac8c1a14764e648e6be4fff0ae913797067aa0826f366c3103e 103b05653c73b52d7f825a185dccfb806da700db9f53abb848554b7d4f7c28f3 salt: 49912979f1bf528e5b8228ab1328df74319dce7bdaf45821ceb1100dcf0 42a2dfe852fc9db59b64a5f6493c282504240 token_request: 000208244840027ca8c620f8b14caded9a198ba388ccd8541e 962f68a0071535d958d18494afd0bc11da4da8c8b33864f5a8f623b697cd56348 594e11a75479048a72c0ed179b070506c09a7eb6ed3582f572df38cf60fcde11a 52c5ce6d7b23435b60200ad9f66d21f40f323c9aa54307d0b966d4457c37542b6 6bb183ddeafca914fc74831698b5d52f498ee3d165685f49a8d86e39fe6c4b7ec 678f5250908d25e5b873c69b422368121aa4210cadd6fc640907d3cb9a7a3e827 a0e742470f00c2f49dc6c0e8cc9470dbfd73df0ccbb96c10b02af0dd7dee719ec a11ff8e1b4929e59f3cf319de9bda29a6d968b43083b5d4242f3448d76ada08b8 014f70b97e719 token_response: c2746ff644cffb28a2c19395fa19dfb61fd135daa837844fb f9fbe06c253e64e69f53aefddc0fb4833b1b5e58f571134a34f245499c3e73419 549c2c9111cf94f2f68fea3996d47f71e8d8d6fc5b1c074bf74fa59de4cbf32f5 f08d45ea45492f0279c3b1a8d852698edbe1651eb8e09eb223a27386c0feb2f6a 8260235edb36cf433da518100829b63166284b325d87fc941ea3bafe7b6761b70 82e09397837f74b4f0fc838bce8af7242089dd5561f57735926bcbad219fc9fee 85ae49a8e8951f63ca194b7ff018c06ee02267e7267bb996432dc76973819da80 e3e86947b0a4b36d3a972dafaaa3db0e1044b325f02c679996d9bcd3ce51390d5 4bc10b8c token: 0002494dae41fc7e300c2d09990afcd5d5e1fc95305337dc12f78942c4 5340bfe8e6b741ec1b6fd05f1e95f8982906aec1612896d9ca97d53eef94ad3c9 fe023f7a4ca572f8982a9ca248a3056186322d93ca147266121ddeb5632c07f1f 71cd2708a55c83dc04292b5d92add1a87b37e54f22f61c58840586f390c50b231 824423378ddcf50e69dc817d45bfad06c7f2a0ac35d2acd7f26b0bc9954c192b0 a0ef28a2a5650e390098dd3cb1166a7cb1716d3dd2d19dc5ca3b1ea6206359de0 002d82bc4fa7e69fb07214b06addcbd2203d1e17f57fc580bcc5a13e0ac15cf94 2182cc2b5d6eaa737a712704114e357e2ec2f10047463ded02a1a0766dc346dd7 212b9711e03ac95eb258ac1164104dc9a0d3e738ae742ab5ed8c5139fc07145a7 88b9f891741ee68f0a66782b7b84a9bb4cb4b3d1b26b67106f397b35b641d882d 7b0185168946de898ef72349a44a47dbdd6d46e9ba9ba543d5701b65c63d645c2 // Test vector 5skS:skI: 2d2d2d2d2d424547494e2050524956415445204b45592d2d2d2d2d0a4d49 4945765149424144414e42676b71686b6947397730424151454641415343424b6 3776767536a41674541416f49424151444c4775317261705831736334420a4f6b 7a38717957355379356b6f6a41303543554b66717444774e38366a424b5a4f764 57245526b49314c527876734d6453327961326333616b4745714c756b440a556a 35743561496b3172417643655844644e44503442325055707851436e6969396e6 b492b6d67725769744444494871386139793137586e6c5079596f784f530a646f 6558563835464f314a752b62397336356d586d34516a755139455961497138337 1724450567a50335758712b524e4d636379323269686763624c766d42390a6a41 355334475666325a6c74785954736f4c364872377a58696a4e394637486271656 76f753967654b524d584645352f2b4a3956595a634a734a624c756570480a544f 72535a4d4948502b5358514d4166414f454a4547426d6d4430683566672f43473 475676a79486e4e51383733414e4b6a55716d3676574574413872514c620a4530 742b496c706641674d4241414543676745414c7a4362647a69316a506435384d6 b562b434c6679665351322b7266486e7266724665502f566344787275690a3270 316153584a596962653645532b4d622f4d4655646c485067414c7731785134576 57266366336444373686c6c784c57535638477342737663386f364750320a6359 366f777042447763626168474b556b5030456b62395330584c4a5763475347356 1556e484a585237696e7834635a6c666f4c6e7245516536685578734d710a6230 644878644844424d644766565777674b6f6a4f6a70532f39386d4555793756422 f3661326c7265676c766a632f326e4b434b7459373744376454716c47460a787a 414261577538364d435a342f5131334c762b426566627174493973715a5a776a7 264556851483856437872793251564d515751696e57684174364d7154340a5342 5354726f6c5a7a7772716a65384d504a393175614e4d6458474c63484c4932367 3587a76374b53514b42675144766377735055557641395a325a583958350a6d49 784d54424e6445467a56625550754b4b413179576e31554d444e63556a71682b7 a652f376b337946786b68305146333162713630654c393047495369414f0a354b 4f574d39454b6f2b7841513262614b314d664f5931472b386a7a4258557042733 9346b353353383879586d4b366e796467763730424a385a6835666b55710a5732 306f5362686b686a5264537a48326b52476972672b5553774b426751445a4a4d6 e7279324578612f3345713750626f737841504d69596e6b354a415053470a7932 7a305a375455622b7548514f2f2b78504d376e433075794c494d44396c61544d4 8776e3673372f4c62476f455031575267706f59482f4231346b2f526e360a6675 77524e3632496f397463392b41434c745542377674476179332b6752775974534 33262356564386c4969656774546b6561306830754453527841745673330a6e35 6b796132513976514b4267464a75467a4f5a742b7467596e576e5155456757385 0304f494a45484d45345554644f637743784b7248527239334a6a7546320a4533 77644b6f546969375072774f59496f614a5468706a50634a62626462664b792b6 e735170315947763977644a724d6156774a6376497077563676315570660a5674 4c61646d316c6b6c7670717336474e4d386a6e4d30587833616a6d6d6e6665573 9794758453570684d727a4c4a6c394630396349324c416f4742414e58760a7567 5658727032627354316f6b6436755361427367704a6a5065774e526433635a4b3 97a306153503144544131504e6b7065517748672f2b36665361564f487a0a7941 7844733968355272627852614e6673542b7241554837783153594456565159564 d68555262546f5a6536472f6a716e544333664e6648563178745a666f740a306c 6f4d4867776570362b53494d436f6565325a6374755a5633326c6349616639726 2484f633764416f47416551386b3853494c4e4736444f413331544535500a6d30 31414a49597737416c5233756f2f524e61432b78596450553354736b75414c787 86944522f57734c455142436a6b46576d6d4a41576e51554474626e594e0a5363 77523847324a36466e72454374627479733733574156476f6f465a6e636d504c5 0386c784c79626c534244454c79615a762f624173506c4d4f39624435630a4a2b 4e534261612b6f694c6c31776d4361354d43666c633d0a2d2d2d2d2d454e44205 0524956415445204b45592d2d2d2d2d0apkS:pkI: 30820152303d06092a864886f70d01010a3030a00d300b06096086480165 03040202a11a301806092a864886f70d010108300b0609608648016503040202a 2030201300382010f003082010a0282010100cb1aed6b6a95f5b1ce013a4cfcab 25b94b2e64a23034e4250a7eab43c0df3a8c12993af12b111908d4b471bec31d4 b6c9ad9cdda90612a2ee903523e6de5a224d6b02f09e5c374d0cfe01d8f529c50 0a78a2f67908fa682b5a2b430c81eaf1af72d7b5e794fc98a3139276879757ce4 53b526ef9bf6ceb99979b8423b90f4461a22af37aab0cf5733f7597abe44d31c7 32db68a181c6cbbe607d8c0e52e0655fd9996dc584eca0be87afbcd78a337d17b 1dba9e828bbd81e291317144e7ff89f55619709b096cbb9ea474cead264c2073f e49740c01f00e109106066983d21e5f83f086e2e823c879cd43cef700d2a352a9 babd612d03cad02db134b7e225a5f0203010001 token_challenge: 0002000e6973737565722e6578616d706c65208e7acc900e 393381e8810b7c9e4a68b5163f1f880ab6688a6ffe780923609e880000 nonce: a1aa8b371c37c9a8ddbd7342ab4f9dd5227d5b1600dca6517b60f63143cd43a3 blind: ad7a32e1ac31b91daefd7042cc23d5621ab3e870d87297bbfe1ee8a518 ffc5b84770d3b77775c485b2d219954834868842d2f11877ac4bceb5da88944cc a043a9afa52f9c9998a5dea7ab7c1f82662d0d327e29705a269ad221ae74a7c11 72ff89c48997a9fda08886d3998bb538868396c0ace71d260cc71f768001939b2 4d80d88979f0244a3dbc004eadfac81e138d430b9fa51c1aad21b957ff96b3123 c91c2fff362a386f0f99a3f9fc906ca626fd9107648f87532b44c4fe3856ecae1 f46d8ebf5d2f46e52034478e5e883015666574dd80bd5c036c4b55ebcc8b66068 8d23944cc1932d075b559dcdc269fae3511761f71c113634e60d67accc8875fb salt: 35c04710ce866d879447b6230ce098a49e81be5c067881cce7bd5f92c1e 5bd9b3c7d4d795cfad134fdfe916d735a624a token_request: 0002083d6495c72529bbc4f5c0b49e94e4561baec1ca638a93 b2940ea9e37b838db7b1a91ec1f257d49b45c4f75119c2ab9eb5578541ad2b9ba c1bd627abc709097f503f83d98fed6dbeb615c3be9bf09cbf8ea25ea8026c1b8b a1c704ff516ed87c3d7d85342fd00111d8a80492d4b8fdbb092a282f74f13901e 5edc1b3b02cfe24c950affe6130fbb57c1482d674db3c6944812ba081c2235a16 d01eeec0932a8619d85732fc3e36179f0b50377bf9cb7a50ce3abeb3f31ed5f0f 3deec7aae7290f5397cec61318357d652b029a0fda0f100a78e36c4ef56ba3779 963e8745fdf4e347763c63d825836878e249833a0f4bd315392cc06ccca2c955e 921efbc4f941d token_response: 8db727000018a98a2fe9fda8bbde5b8e9cedc31efbcaed695 0eb1e0f8d9af9db632def52f74f07cdab304bbde40519080dd0388fb2b8900528 b4791d2bca40aa2c2a6d1b92f010c1849bfb781cc813cc204855dd05e8a2dd31e a5220981b8ab6b008e153083dc8f594206440d66286fea9c21b56807be8655506 ab7818bb9c8c69489dda56fe6390a5397268c8b5711f9d2df6f2584740cccf034 5fd67f93f345426f33c078a0aceb90845df9eef74f6248d06c36d19e191da325b 721ddc12ea78ed37b0c3b6170590536e3aee7eb0efc7d11a2c9d072a394f12ffa 67ecf316c49efd8f31723b11fe46740636bd89ad4f7ef96bc38b2cb4916d9dc04 ba1b2fc6 token: 0002a1aa8b371c37c9a8ddbd7342ab4f9dd5227d5b1600dca6517b60f6 3143cd43a3bb8a8cf1c59e7a251358ed76fe0ccff61044bc79dd261f16020324d 22f2d434cca572f8982a9ca248a3056186322d93ca147266121ddeb5632c07f1f 71cd27082899f4bc385b4147a650a3e7efc7d23a743cb944bb53e2ed8b88ee03a 9c0b1cf1f73fd7f15c1bd1f850a5a96a34d4ee9f295543f30ac920825e9a0ce26 e924f2c145583019dd14408c565b660e8b702fbea559908b1a8c8f9d21ef22f7c c6a4641c57c146e6c5497d2890ca230a6749f5f83a8fdd79eba0722f10dff9e81 a2fb2d05fa4d989acc2e93f595ae69c98c3daa3b169efcdd6e59596b2f049f16b a49528761f661032da65a3ee0fe8a22409766e90daf8c60323c16522818c49273 c795f26bbab306dc63cfc16fe1702af2464028cf819cc647d6f9b8a8f54d7d658 5a268fdb8c75f76618c64aba266836a3b2db7cdd739815a021d7ff2b36ef91f23]]></artwork>]]></sourcecode> </section> </section> <section anchor="acknowledgements" numbered="false"> <name>Acknowledgements</name> <t>The authors of this document would like to acknowledge the helpful feedback and discussions from <contact fullname="Benjamin Schwartz"/>, <contact fullname="Joseph Salowey"/>, and <contact fullname="Tara Whalen"/>.</t> </section> </back><!-- ##markdown-source: H4sIAAAAAAAAA+y963Ycx7Wl+z+foprqMUxuA1DeL7Tl3iRFSbTEi0lK3rbb Q4qMiCTKBFBwVYEUZaufpV/gvMQ5L3a+GZlZlVUAKUqyu727QVskUJUZGZe1 5prrEpGHh4fRer4+8bdnN54s56+MfTN7Ylar2YPV6sKcWT97slysF3ZxciMy bbv0r27Prrwucgt7Zk5pxy1Ntz6c+3V3eN5fec6F/Ny3c5iUkTNrfzuy/P1i sXxze7Zauyiany9vz9bLi9U6jeMmTqOX/s3rxdLdnj04W/vlmV8ffqymo2i1 Nmfua3OyOONxb/wqOp/fnv2J1g9mq8VyvfTdip/enOqHP0eRuVgfL5a3o9lh NOPP/Gx1e/bsaHbPn8zDB323ny26/+//MdtPF8sXt2d3l+aV11fr12bpw+d2 vqbHX8xX7eKs/2BxcbbWKJ7w7IsX5iR86k/N/OT2zB77pT97uXj178v5yl+c HzGMnY7cOZp9bF7N3Wpore/MnRP/7e7n/5juGNo9ckO7TfrvL/TxkV2c7k/O V+bE+e+m07P2r/zZ9PPQo08XixcnfvbFF/emj1m9Cpf9uz1eLk7nF6dHXLvz hHtHGvjvFws3ecS9Y+ZovThnyna+DQ+6d7K4cN3JOOwVq+zXt2dJnMyeL16f rfyZo4+TKXlmzmafLBHN+coudmfmy7P52utyBHA1W3SzO6d+ObdmZ+HM638/ 9uZ8fvaina9XYd2is8Xy1KznrxDe2ezpJ/fSJGn04+/9ycnnZ3Tjy6cPVrdD M4NS6ZvD8NVM3/VfmeUL9f14vT5f3f7ww9evXx/NzZnRLH2IqsxfnJ36s/Xq w9e6+aVuPrxgavZ/P/r2eH16EkWHh4cz0zIjxtLH58fz1QxlvFAbs9W5t/Nu zjDXrxezV2bJg9ZhzOtjr88OT/1qZV742XxU+FFRo26x3NX19eKl1+qhd9xu 1rrUXVg/ftN/yBLNguKv/cmb6BUz281Ni5BcrJjM8NzJs8J1M1T9YIZS899i rfW/qvlo2/xFezK3J29mP9B6uEyNH/WzdDp37sRH0QeClND4eo7aMGd+d6Tj HOgHlIUumNkAZgCZX/nlKz2tR5b5dyY0c+rtsTmbr06PaH7GtHo6cRC6tGnP nJwsXq9m9mSuFWZg4xNmdvnmfL14sTTnx3MbTSdUV/iZJkbP3MzPWf8tv76Z HQsXWo+C2qU3Eu72DV1+gaieReott8zP+q6Y1Xr2t7/9lztP73324Pn9e8+/ fHr/oweHHx9dQmyztMcoil1fLP333x/tixazYpfzVstzfIX4zC6JT3sxP1kj PBFP/+z58ycfoUFNksS0PXvwNlGdSNt8tZWrycpH75arWWtWzMeiH/0CiXg1 X1zQFHDsFgCEW5zOuouzIAqzDsBS/x4/efpJPytLZsV2yxeHrxbny+7773s5 3enUu6QxukIad7vEpzT49NmdmTTfaLZnK+zGqVdH7n7x4NHHfLnXmeXKHIYb Dzc3ra5aowXTieSAfa+C1OzJ+XSJD5AQe3Lh6HhkjxfzoHijxp15K5xYvgnL 6vz5yeJNeEJQ2vNzRhaUYFxFOxuaCCgimeAhmpJe8kdlOpqF/s7Puh5ZaYBf Q2eZICT2b3+bymkY4Qez5355Oj9bnCxevOl1V3MqqrCa3Xj45bPnNw76f2eP Hoefn97/3ZcPnt7/WD8/++zOF19sfoiGK5599vjLLz7e/rS9897jhw/vP/q4 v5lPZzsfRTce3vnDjV4kbjx+8vzB40d3vrjRq9p0HTSF6HqLiIrLACHSUbOK RiUKg71778n/+z+TXNo5GJfvvx9+qZMq55fXx/5sFEAErv9VCBCxBt4EJQdi sF7n87U5gQaZ1Wx1LPMjIsLs7QnIxWrQX3p1upo9Xs5fzGnyXlilg8Du/LJ/ 4nNBktpzvpufhR4joM98rzhpsKO7azV7uFh6rWUPgt1C4Bdw07m57jInw3Nl 1i+kE2sYw8WL48XFencGBeBDb2ZPekX63GPKtfoTxbop/R2xeu0PJ1+dm/ny 1iw8pH2DHVaPhgYlolLT0DVGGvT4jX4LY14dTZ49AMv24ROk+Wc9Pfry7ATt 66H/NTxyg5XuYE/QMDkLmasNCg/mXTo2e/7FMyjM2myQbrZdv0zr91+4IsmE y3Wel7srGMRqcSbuvQ4LpvWHFaF3LxkTU4AC+mVQ0NFnmD1+JUvpX/dqeslG TGVpfyCn7cK9CfNk6YN6N0Wuo+jeYEKXIBNmrp+se8d005+JzpydX/BtGKUa AU/86XkY6obg3ARdvnz+2bN7n91/eP9gthHlo+T772+FtWDBrrZuo+kWP4no IPB7vjhzm1XDfp1cMOtvfUTKI45mV85KtLWsaO5sHKj604vMqkcR6J56AXtn qB65C6RhMD1GJuoQZTpz0UYYtH5Q7EAjOi4JXX3q/0pP19up6h+41fmnYWzM RDCOW8ndgHfflwG8e7RpPaqOLPyP//E/ZsasXr2Ifnk4/PnlbPLnik83H+nD 7ffR3wd0mv192sDfx+7+ffLRnTXEnl7x499HNft76MEvr+zBL6/owS8nPeg/ iPrGr/pz1afTz/7e3/vr0OZsnPEr5uOt99KFfRE/PPzNez736j7/+qOPhpnq EeGjj37z3vf+jOdu13dX/oYPf/PuPu/fO4jmRkrGq8ZJ/mWvju89zz91vAh6 9Lfbsw+6+YvDjUYHJ/CjG5tYygiHN77vAfFqzEKn34I5O2xBeBlt8NKasw29 kDK+Eh5D/c4OJx/1hvzcLw8XvSpxiV0u4Pr970c/HqdlCIRAiJB47+v5+piH vIkmFPEUi3QybWFrdfKrWIO64PwaN1yOamQmIqqnwQ1Wcpg0R7j25370Zi91 +1ezlffRO5/WW98J/TStuIdwd/pcZjfS7J6en3iNqR+HN/Z4fPjSn/hXJrhF uwNfvctxusInvzSKHQ8ousoDkpUZOUcH7sp6vadTFL2vUzR7P6coepdTpG6G j9/Zyw1piv6JbtIHs3uLM3T1Ytkv8N8+WPn1xTl6OZrY4ECMzrkW6twszSm8 ne8kNHZ6/+0oSo5GSzMC2pdPv7g9uzNY5eX2w3D7C3/mda9MtZVvNQQ5joRC n3CB/9ZI2jSzY8O693T+4niNpuuyMYA0783xcIdCVR8OjzuK0qPLtHkgJ+rc CXRAknfpmn6Q05XRE0eZHIBiuGsyMwMMLVrUV9reM+LNCF7NDbTDzSFt6wXO 5KL9Cz8dRK+P56jSXGGW3z57/Gj4XAITnJ+0aLbcKZfgvD5egPoDyQqoEMIi ujnaUq9L92a6dxzYtts95rCia7/RRDoTWhu6omfsQNhmEIf984JY/X32ydyf uNkjGt4xFV/pmitNyzv//D36++3Dq/685eMf/kOLs15eDgcZUSwx9PGy+PYT PLtpxD4VY1yciGnyzYFMhwnXgHwhJjrarf3VvSWf0cjqWGb3sPdQXLh1tV6i AAc0EYJqZ71TPApB/+2V61hpHTWUoDSHLyWv0+n+4m1iPYjMQY/de8+diN7V 4pP3j5Wd31/+qa3nifuTMIB+cEBk/e/r8Te2vb+xI/eSRPSn98w7SVRP/3cd jaV5PQwn2pHM0KoafYdk/uMk8mdJYj8B6zfnfZ+U6HkhmAh9GwxiT+Cec83B bvRhHGq4XzboajE6uzhtafOq9SwviVEvPkIDGZ8yv1iebCS2B6O8zGt4w0Sk hCdyFAP3uToWGvq9DmGrPjYbQi7bwYc1ngTgwCbnfpZqSEb3BWFPRn+xFb9f XCGmv/hhOT01b2bmZLUYBbYPsZ4PoZ0wqNmNs8X6sPVMkr9xFKzGZHUB2f6q eS/rXz568B/08lTE6/R8dnNYO65deZ6BGkAYMEW/NWcXCkYmB7OkqeKD2ZfP 78Hxxfem7PIIV76Pazx4eP/Z8zsPQ8y5rqswSRCVYHcCB9LaD8ZLURqs5n7/ hnU42Djk21BhWP7B/44CvQrj7RvYDKcX34UWTlPGw068cYLNjcB0kF5xlGCQ ovOL5bnM3OWpWsyUJwLjmHORIHdxgnzoycshviPaede/Yc4QFvNCDw0ouRHS 6br0S3KwCS88vPOHmXEwt7WCTacXJ+s5xCLakYPRiq4EKBNRpm+dsfOT+Xrk mmOXQlokDMSiWwfRNpjhFD2WuvhO6VJNBK33pKCnT2qHljXPu/F8xZzkJYTB DRIoUnPQj3TSZEiGqJFwqTdLlnE5veVoXNloWNkx+tPNl0y1ujBcvTMRgUIF 2uvngYRsgu4hK2OiyzMt43kctPmK7yZ5moNe3CedWF0wJaEnQWGi0wUfnsxf yiHoA8w0MndjI8OYkUCmA1L/+mgIovRMTS7O6fk6GmYWv+0HRrkYopMDWT2Q bC0Did3IlXoU9dO+HGRyZ46f4+6cDF7BkDNQ/0fBUKD65Bwc4qLQZr8mkT1Z 2Jez1UuvqNKdk/XihddkH0wiqb9YTcyuXVygKyeLxcux+WkA+ubY3YlM39hY 2lDnMFca7dbtEMKKZn8LwYEbl5nTjduzGz/Mw28c9PdPZvT27E9Rb1L/Fo3G 9cZWj/g+Pdj/Qr3keQ8fHB0d3bl7Y/L9RIxuz5KyLpskq5NkvOL7g5/3rN9t nvV9+PfPET9oYjZh2KAAvcLMp+sAmC0uYH4jJG77JrHY4P3sdVivQeOiHu3f KYwHyn4sPVr0Q10wHZY3eq8Hv4eqS/xCxOMEgz6drBFER7pAz+brofl2o9b7 /BDf592SivfK5DHQl2PUfQUu+2A3Oj1grrxwDxmIpi6P7LFRxIfnnMxP5+vV KMb/debt8WL28MGDu1/+5U5z98XLvx6/nH/avI7v3vnd4vXDz+88enhn9em9 39/79NmdT07uvP7dvTt/vW8e3n3x6b1nf/302YM2+/h39+/e+/jOF7P/Hs3u vjh5cfzyxd0//u7h/TsvPp/fef3g7sM7j+/d+V19R8+49+Jzfr5/5/Tzzz69 8/CNX/x2nZz/JTurvn2+/uudJ8uvPz7+450nx799WKm1J7a+/+hpevc798fX T54//6T6/JPPT1fF6/Xh6RdxYtbxs3uH1t29ePCX8vd/+Lx+/Oq7+M4bc/fi 1fNXvy+ffX7vuPrjk/+4/9d7nz5Va6u/Fg/is/Xx0/vr5R9efrpIkmzx8Ksn X51nqzf5V589efGdqz933z3/4tPvHi//Mv/y8erZJ79v/9Klydx89Zf/+G36 lXvtnh3Wjw/VWp7Fr19e2D/85VP/+Lev5/Xy999+/ceX9rO1eRU/K6vfff3s 5P63v/Un5dmbp9+dX1w8+Lh5/LvT5OzbbpX8MX9y/Pu7362b7Hm6+E6tPT9z Jnv88uST4iw+f/AfH5ften363L988Prr+j++Tb94OF/Ff+l+m/zui6Yxdw5P L/7j6SeP8j9++frx0+Unlb1j73358deHRfl1qda642aV5Z+c/vXup68ffHzn d3fu6tO/z2QlVx8efvjLD19sfvv6w//+3z8Mvy/Owe/VyUBzZ4euv2n82KzO EvxjRVbdBUzssI+RzT6+/zQAQHzbfRTPZscnH+Wzk49mWVaH5MLt2bP7v/vy /qN798NVOVcl4apUV83K5KqrSq5KJ1fNGoWqTm/PHt/97f17z6fex+3lCuJj nqxCJU1S7d2ZX9WLpOGqbHJVkg1XibXO/jSLBWezWZpwXT697qrephlXFe/Z 29Wxyepct2X5XifScrcTSd+JrNzrRJpf0Yms/hGdOH3RJbopb/ZuunJ8hWah /NHjK9O98c32Jjntx1fme+Nj4H3zDx49v//p/afT5rM43FJtpCjIWlqNt9x9 8Hz27PnTB48+1XXYKZUPntlQ/zKttnijMi++7i3WJQ99NFGrnrAFEuPdHD6P bYxuTKobPhyjrD3qD2xg09KNvhoCkIashF709TmzbeFW/42qhT482n76A+3+ avBrgKDlHPLxYohb93HnF3OVfoU2p4Hs/gIM4eThXz590Ie6ZDcXmwKi+Wpr pvl56Hyk0o+9u3vayRcjd5+GxVRypJRCyCyopC/knHdSHBFdvQjVJqtf7Tlr g6u2zZYO5SyXTeYkEzpZu4GzY2nNK7yoEHAenITgogwZDvy6aBuPfG2GKqxQ 0WW3vg5P64LjsN5//LwvmHjTB4j7cqvo4mwOz4Odt25xGiI3mv4QY1ottlGM barn6hqKwVvdzsFbCrMu1seHfewbSei91mjT4UBc+1CRXZ+o9G1crIlbo/or 7rSbeB2OQp/TVpBiHb4a0sQ78hH1QZCiLpMxVdO3cjLvfOBTzmNCYNGLs11q PvUENz7rUfTUv7g4McvtV3ri6PKtZuHRsK1T2uw5z+n8DE7zXa+ny/nqpe5Q tkCcTOWmwZFxwZmBBp12Fyczz9TYkSEeq1TmbOYu/OAMzrZ3TiZL0yrsWipv vjvEja9zT58f3huuOsabD5USq4G/rUbvYffC27NT8+2heeE/qss8jgceDVhe nOrBQ9jrrTA1LmP/jHDtxeoCd2mzpqrg6tepSRLWCek+RdDndhUqhhSWUsah T71MFvdo9sVCJVo7o10pyhNxCZohhb7oAxI4fiebTu7kQqbptC1JXx0vluto p9HZtlHnpUjiKMhfuPtM3fn9sd88cKO00e7T+kZ63z/IzaVgCpT86MXRAUpi zehgDB2XEz4/Cy5z0Bq48jt8F33rvz2fD2gbZEGitnni4O2tNnmtUMw27a3w 8oKVDikfRPMg2g2Zb1GMiZKShAfgjo5dPNpW5r+e9yU5+N8XPgpxl/kJra/5 eyJBe4tD5877lkId7H6Z/7ZsMyQZv9pm7/pqpNnfPthJNfYQfWVW8oowaF/9 em+n+lUlNH3jY+YmqOkQaNhmCC9XYA0FKJvm+TkEh6IfUez57rzmBA/GVKDZ 74gWaBsNPkCWccZZuG9WLx98E7795lw/KXLfA+0JXl9f7badgKHgN8jj+cV6 TKZsEm6zZ8FaDtRgZ02//z4UWR73YLDyPXJK0oYkY1jrcdI3Kc3diry9517O Qk8K8PYSnMrk0CJy15ethVjPQHPU3pjc21MSYFF9VEx1WMgh/tqnlYBSpspt y5KuCr7shMxo8IpA0KjEIWM13xRKjIXm/bRsJrRPTPWGLbRNo6MN3OQL923c UIG0p+ks/H4tgJK7O7ndwXH/xW8Xc64Z6pu29OYXl1qYxru0B2GSq+szw9sU 0biUfe9+sUUixjgWSPV5+37uNkVT851LaUUZvjdbcBvaHYrAtmIxbF05G4Vh PhQ3Xq4YW4law6lPTlSlfqwYZuCLUnx6MonD9wVuZz1t7C3cD/ZjWh8aVG+I BZs+rrPt3DdB6b7m06/n7puxkC7U5c52a23epnh66pbUBYHhmXb85JuQvV+c G5HDUCPZJ26OdqUgSFdYPp7b+lFFN4miK2oXh9roXbL8aR/tvcLq9Iu8GkuM eilSUcOmPNR/q80LL3pKut6B1Z7jj7PRV/b1C7kaiGuoIt5Ulk5nDh4idN1J oU7zXM+8wsHQuft9YU3o6sfaYLHz8UG0ufAZYgNf3Luu//Rg+FjIwfI/MfPl 4ENsK1e/eeQHVH60+iaMbT+peKnDkuJIn958coi/y3ef3dEPtzZ1A6FtWnwp WdvUMigzhrCqynnBl8ffTB4VXf2oA904cai2hT3TVKdM9wcjdK0Xh3u4vDXR g64MVnrAqT7G2XsuykGEuodv15d5a1+r//X4/Ud0dH1x/pU63Td188YTpuGQ 6eCfGwczlO1WT2c/89pQsPP1mOObKOBuPrvX5ysnembn2ha2upiv/XaR5IHs dymav3M1MxXeHu1Mx/p4s20mlDnsG6pRRwKWmdlAIrL0MCh0b4C+OVtwxzfR NgUcjOkGCKYu6x4ImdW+cg2zH5pk0vsH3szSW9Gmva/d/IW69pFmKC3Km5tv bvVbh77uO/CRFhdLfDP+No7j5GD24YdDPn2bdta6pEOQ5AT+H82u+hN6c3D1 d/vdestlU7S9FYWyrIO+rMu7r/2g/x/NdqXu6K4uuDkZ1CBhWsHw3ZbP/dDS D4v/oHew9m4WeR6AcSyAbnFZVrs0bCo4K/jFsHtiWP8eV/an45uxTkmkCJMX bQoGJHn0Vwh2RbXeAL8TkjimmG+a1b592pDyvjmv8vJ3iPlu6e0mKuMug8Bg epU4uoCkJOXX62Elgwh9NOtF61ezD/8tFGnMvrpSgf/tw6GBWvePYbqvpzLx q8kVo1icrl786ZH/86+i73d6/KutDGz6vknfTUJSO6M5HLI1oeM3+mqz9HBh 134d6mZfiA/16I33ivM17IzRoAaitlnao765K8exQboTr712qjwMuU4Wod8n 0cvfLvtg7DffxjJu6fGXt1rMbqqCN7DYsPmpF94TPbMWkZj3pWy7z7k1mO6B OK8mIdMQqZrE9uixsthIKq3tcaWQvH4NK+QBffDr5M2OEzC4G2OUD6YAX1+/ +V75w96lHfLybrYftTxdLDcFwP08T6RhM7mP/LB0w5cbmN6sfbtQxfMuq/tm n3Dc3AOgW98MajPo7DcT5Bn0e++OnkQEMHCjio+bR1x0Ytb7IP8Wfe3JxFRb R/ctmCVx3+jJ42fPN3YphC23PP+yc3awjVTtqLvpaweGesf+uduI9zZyPD5o vnpXFHxMcR+J+g+cdnPrLv+fdi56n7T5lRtK+lkYrwkT82FylESf4Ufcnl1u LbpjrT/nq3eNod9HoDCc5uRQSPbuG8LDN9d/ASisj2/Pft3/ILWYTvlvoujX d4OFHSqlRrjfvSiA2gcfDLMlZjeIw2afw5Ta9R/B7b48D3Ew6+fn6209emhz 6i/OxiDSas/5V6497MfrUfL5vrxsyhHNbHVxfr4Y0s8jlB5dcc/R1dA4YXwb /20LQGJGDz7uPW4zrbBDALbe0Nbfu/TQCU5IcoapGELhAPF3IcDbhdhw/+XK T0ave4R4OPk78xYi/UuI5vJs1MRZnqbRzS/PhlBqiHcNsnBr5pdLiX0/vJ7O 9M+99EAhx/7Tguqv+zzDQrAxIlb01rH2QbLLbtO4nXkvwdBz54PZGxlM3XkJ 0iblbxtaFL17NmbvMxuDS3E0e7wetjLi8OzEu5Wwmp+cDP7AHvHZDWkcTPai bSoy9najK0YpwemtQL8xbjQYowbJMuxxnrBj/krH51n4at/xWcnxUZD2AkEe Z/FA3We6P0Kid1vsSe394fqb3B18p0tseKC6+0//QaILzQ0WaOcxgvH3oMez 53uieIkzDlD5nqRxQ+k207PhdFd9GabsT49Wv3y0mrK+/pk/lfZNH32ZQIzf bijED5OG/aUOrGH6oDCMzaNuhvHcGp630VLXC8g0ZBA2CquecTYbAh1jwfpe lwa/bi8scrOfvvjPtw5mV3+V/PnWhuIMq3yJZmw1I/AHbYK6kOVyfpbG8bD3 YmAP0bCndDUxef3NE/YxXNvTi5UXA3k3o+hbuDHY+9HCh6c//vxHGOk9q/52 K91f+ENmerxqtNOf9ORt3EJ0idPtmuYd5/IY/TwZ0GoLRPKIwcNJfmhqAFbR dDIHgrrTtaOppF/ewXu0K58H0dYCbJRgQmtD6kIX9vZg25NNpnaoeO0j5e/n QU+hf3LpYDr6GYkm0LyHLMp9y8tgwbEql6IFw4r4acBggNW3RCWu+HNpLt7/ 1j0Af/8bwzxPQhvjQH5sdGM03FGQIe92F6QH9DGevsH0/zVef4iR/ClL/zx1 9PeDJfvfT9nj/nc7svCnRy+3BmNiKMLvR30wbev0Ho/F/zixq82hOTue2Rg7 3UaMLq/JewaNhBX9RH81qXuOoq82Rz2MC6GHzhVVCl3qvwlTu4nSvi0hGoko 7+ciB0ke7+hJ1LjP7WDYU3R6bpbjFX02PTIvxPfXk5t29a7PdPwcstSv606r Y8xSGaDeuvVrt5W7iTpNlvXSp++IR05bHCORV3TlKs62oWtv7fqtqC++/2h2 1TWzjz4aHr/z8a09r293Y+o2/9xvtN6k5YJtfWcmetzktpOPjjb56IPdhPTs 6oR0oINjSnk8U0c5qqUP4Y1NBGqzVfxodmd6Ro7cm+OF29/zOhb3XEG9vdsG vSFN0YYe3+LzndzOTV18sDm4UOeC3JhA6M61PwZHVdq0OVdoL5lpppWFw0Ru ZngnRnbQJ1J71hZdQtgdt3gTx7/ENDXu0Q0Ie0E2xROD27wfmRv3pX8z9Ra/ 2e7t6StMItb2YunHCsCpFx7qfLHtZ/714JFr19JwihSemRtoYVj3aN97D4U4 2x0/93THKvi6oaBqLMDZeBhh50ngNa+XKj66XOWxOSDHhOPUBtRW7YuCsvJC t2U9PXz1zmN/gNpw6FJQzCDMS9+7+bO+qHEMTAarqMnSHMO/tzD7rr5J2M8X q1U4+8B/qzDTUPQwZmFVm4m5ijb7AMwwi4MWzMYN86v1MKSwx+livdkH1BMj rUjrVdkVJlc7oMRsuKifEG2pGrj2MONj/Lav9cQnf9MXRy761LKeELJl/luh QK/8rQTBQOj7kMVb64PGzf1XlgdNtvgPRx+MeeLtyQdmPPfgrcce7IVJw4EB 42FiAFTYJHnFGQPDum+Xb7e98ZyAYNXPVNIBDF+E1PG6D4v/QK8Ug9/sjY9o 6e6zZ3cG23b45Nmzw4+HfZ46Z8cGSL580R/vP328e2G0Pd5g86jNyRB7oeMR qgr1cjqgvhTrikm5PIy+WnRyPtJkmqL9ae9FcQAKxK6vE+rrld5yGmOoBX6j AyE2TuCl6owhE3HqjRo6ezPWvwgoVhBo7bofdrBt0CLaNU+h2FJJyyGmPTZx PPw6HlCwgezeKWUMEWLPZyoIWiyWaOPg0yz7CtjValMgdlX5yqSUcCzG2ez6 O/FmeTbtTJi6gU2GI85GTuUulm9N+223bw67mbohXzIcKPleqzxKM+7AmTY8 jtbM9iUJ6/ev3Bta0hbOaKo0l6rjzt5NSrbGEqven0aDdY/eh4q8uzYu2pwt cnUObXZdIrf+T10i9wx1XW8OKNwWsL2zUm4z3p9fKTfkLXXddaXcuyrl3qmG /zcXzO1Viu1Wem3x68cVevX3vE+d10+qbIrGypbJSU0/prRp1+f5x5c0pf9y JU19Sm6IOdLnVyGW0FcxhRzPk6UHJv2DME/rNzulTRPvde+ybT5n48mu9g4l mp501if6tuQw3L5zMsbu97vRgLeVOfXrF6JG+8u2W+I0nokS/dQSp9lOiVM0 BZb/TRVO6TbWeXfD1W+mcV4ftvP1zytwevl/TYHTO43Dj6lzorm+0un/+Dqn l8MKjqC9U990hQZcTue9f9VQ9INVQ2P0+AerhhRa+MdUDUVT7nZdNfTTqoZG nvB/YtGQWP7HO3sEp1GG/yyFQvfeVhozFt78mNKYqfr8vNKYPWPZ0xogH7sY 7OAz0L8P0b9thvcLtnXH28PxW4qS7ce3nm8SVLprc86KwExBy9P5eghjrjd1 V6Nd28jtWEQ1jG9jXK/mAhtLrRHv2elLJSnX5RT/4HKKPb73j6im2C0zGCfy h6oMFJMYCwsCh+9dh61oTOj+j8rhb4U93xP2n5zH3/PGpx7vFdm2fzz1/dfN 8q+Cbf/XyvIfe/uy1wq6ekV2uCfxwQZH23OPNy9zWeptVWf9EXiTwHLvKV+u FJgYRU3aZoDfsKDKUCh/8dX9pw8++cM3bxXV+ijpncdwMm+cVDiPQ7ZsKPsY meJnZnW8ecbB7OGnnyQ9hu1dx1PxR1YvozE/vJiYh5vcdmt4N9RMAheCQuZE cfYAOjdXoM+to2lS9V+iqmAsBbg0tQFB3lEX9NYxvOumH11YsMXXK32xf2Dd wRDojwJwvl/NQTh1VMGk8JIeRfg2YfooeFjh7m4bEgyvuRnfiSJ5/eTBk2ez pC4PC0T3v3387NlHHz9+cJTER2Wc1h8+evDs+ZEuOQqXDNzi7WUOsyvKHKK3 Vgj8QApkti1oOIjeo3RAYxtCYgPl0WW3hqM1ZpPPogAWH99/ujmy9tlFOKi1 fzjPfoALqgnRES5pHWMSbj578vmDW5uDh81yGZCK3kVmvzVEedPSgLJDW1VR jmnCcArOzkOjELfA0du89Uerpyv17PHRYdY371txh1u9Ga6IJvM8PMmcvFjg bR+fDmG/yVl4k6aHjNnk+HZdHPXn9wwH15qpnoZLV+N5flq9cG2/a7nv4DHY dmd8+kEk+PrUn20/CXcJpgZq1IfHeqd58nFoN8RiJrnVSP7HCOjHUxDVqa8L 2x/ws2GDk3qUQIU3sVCdVLj1rSfFDZfmXgGWO88eQQn7CMWEaxrYsTnZOZU/ MLqNA3ZriB6PdGA8nXS6lfW/Ilh6wdvL+VEbXuDy7bdudricHZ5fHzl3feTc //lHzl1Xbl1Xbv2vrtx6Np0ebuyJ3Sq86WSIUe+/mIZ+6fjY/rVjOpa8z1bK 3mxWfvdNZTtncfd1ypdqK4fk0xUFTjupq6nve4f5XL2l/3vvQBofu/OIzWuR hkM4FNPYnOi78wJMluxQCyB533lMeKtFmNqoXS50sNv4zsretE96Z/3yLCiP 6Y8PHMOvuq7/YAjErfy6j7P1CZz+gOwhXDV9E+d2RS69/nK//mb6ciM9b6c2 bO9VR26+sheYsc2risYB7c0wdvfkok9ZDPn0nSnbFlpEQ6HFbm6xfPuj/ept zwz1DP0yLf0Ls3Qng+Zcqg+ZPUKLpLSXej2yM4XTzv1yE3BaRJf83+1xg30J fIi5MeQ3I6uefNSXKe8nI//bvcePnuFGYMT+cPUpjUDE4aSZ8SVJQ1/6Ajch bSizvPPozt6A9konN+H0vWELYnV3H36YvG76F+8+U/QX4TjPv32wPVP00qtB z7dh/xt777G+MXvanzuqE2p23n6tl5SOZ6tvkwUD/dVrSPTYZxddN/82vLwv 1FDMhpMRT5gYPny6ObP/7+El3Rer8OHJsEdjm0XbfxnJle8imX64+fnqt5bo VSDvnja9pOT+80/4508770H7M5+ocNCc+fAuwkd6Z1f/Fg6doBosliZ690Uc P7hGu9OuF3JsYkwhHLdZhS+HxfrbB5PykXeu6I5Ob5ucrOwV60gr2pgchG2n Iz0IX9r/s90Tt9Otf+vfPnN72EXE749CRdTVrfB1/6Rnm2D97M5bolNpH5ua Rj03t0vv78uVZSS3t9sj3RAou3QU1d4bUnc2T4+NbmuZ3qtzl464pZ0BlcZS ar05483t2aPtNw/92rBwZvhw4DC7nz56eRtXRD/M3e1ZlvLTRotuX66j/jeh qN4AJjm9tJhXBnk38aJ3rGS6Wcmrmvinr+OlgMWV4Y/diMeWLU4CDo8ffDy8 7aePbPzTV/sPP36106J8x3JPX7O3Xe3n/TB/sGRdJwu+R9H6tkI9VKmOWd4A Ug9DZYDEadVHyi6BiFL0I7N2bsuEgi28sa0sWN2IhkOu3/Q1Lj/iQO53Xz7W C/zQVUP6rB+H3phyEmB0qFJY+c2IwtHf81DlHcIfm9MVt2+h2Q462A9EbADT H3XO+OR88iiobKgojaKd9B1+50W73vn23e1GodJiLla6jZaF+x59eCeKHo8v drrqy1Eh9/hJuOBGOz8zWo3oLU5JuGosoNFrGBV/1mtLF9jUQUmuuiU8OejN Skflju+eH1/JeLuf452Po+jOdob23xmyndZw97P+UPDhqs3LPy9T4n4iIZUn Q7ywTz6rBOjSwzavbt55XdikAHh469OqPwVAX4aDuJehqtWfbl1kvc39k6V5 Efq0c6re1RO1jb9OSVT4/tcOh+vcaFfNRzfCjlC7vvEbHv9rt/7NQ/MCXe9f xXVzdev2rz/kw1879xta5Wc3XvexXlU2nHt/MgeMJXarbWFQmNe33fzJPPjh UGV5wO96zEN1c71QWFT3BAEX3L/1ng/dyW8QE8R14PtKmp0IdJb9ezd7cm37 uqPuYhki/ftTJPG8c4F3sVz9QqHsZZ9GHvh5L6+hduJCJbXhFm2CfPxIWqUq 5qFmMxyXOV7Rr0to9b0eMtBlu6HL4S4xUlHNSyv4/Q9Cy6Zk6h+DKGOB078E kGwq8f4VsOTylXr3wPjyt/BGsMlr0zZFOnuvvR+3PQkYNmeoXgVFe7jjT/E3 XwXifo0Y14jx8xBjoEP/MMgYqoquMeMaM64x4z8nZhweHs5aY18qlnnHKtp1 4t2LwJYH98/0z9vsFNwEpYbX34U33y1mZntzn/72J+fdxUnUee/0gH7PYB9N 7uOfCtLc9Wd/MTDj2TN7/Nos198dzH4LhT4/nj0zuGH+zUE49+I50DH7PT68 76Ouz1Wn/FXwffbDrUM0mXULm1v6azYUXRvBWrNCXi/tZVlFO3UoO2M90huL tS9zaO/wvH/LxDa4O31a2Ow+1HNd2jGTzIYjnW+N4fedhpcrM2k2ujyItzSb Ds2mt442lUO72/+T2eFbzvr52wdXjG30mTfPHxzjk1DjultRPryVXj7+6uWz 29OD6CaJu4Pp+Wl7kbvhyLRw6uHsbaG7YVvG3muVj/23xrFwp+DWsOeQfpzv 92OykXnSDWNt2EM+nmHeF+Xo951aw92dfYdDpdemrkwbhfudcSdvtgVP+5Gn TcXyzruh5Wq+fRihoK0fyLi7byiP7ismtw/bGckVVZKyIu85dyEb1z+0T8yF SqrXfeXqWHKuyQpB371TfKfTq1rQt67zj1plWrq6r/1KDKO8fXkzw7hRclNy uzdVQdouT9b7TtX4+J4J7Tx/qGX+kR0Ydnn8yB70Dx4OeOhjrZfOh3h3izo1 aWgzVD5ob+ZE95MoKHbWtLGLc5dVWZoXTVrXnS3A97pp2zi1qTF56uOyipsu jRNX2iKp6ypx/JNESd4kcet9Zpukab1L2rbrfNbZpK0rV9BibKKgt3Hq8qLt ijTN08I6l6Zp5bKOv3iqa1xRZnFc12mTFmlSpS7LfV7nZZM2sY3SxJnE5KXL U2uyuqtab1rXxYWNq9x4n+QFbUeXVFiYzH++bCqGVxVlUaWp5++6TEpXxaUt izQunC9qU6SdjZzxHd0zWVcWeV4zLz7O465NmjT3dVrmxnaW/zMLhvEwC3Xa ZuERXZWWTRlV/OX3n9Hvtb0dlZrM1OZJWzQu83lukqx0Ls8a1zENuc+KuvK+ 6DJ6XDW1dTYuOtP5KourrK2jQY1rX3WujpsqbmsTx23cZEx4nJjUp6lrmjhz dda6omgqW5rcWdap9C5tk6jyXZ3GeV74jivSNOsy09Klrsht4RLbFGUTN9Ge DmoiuzzOYtNmPs1Yepf4NGH98iwpuqKqiqbObFnVlh74rmuiPK3KJK6zlFua OO5S65LUlaywiStva1PWSWa7uC3aui673Nq8qbYPHrUvzsq2zWxhs6ZydW2z Iq1s13Rx3SWdL7Oyrtq6rHxd2CaLaSPyHqlFzOLa5cwEK26SpkPSUmObyvNB 0TZ5xc9pVee+7Xxd+rbxpsizrPR5FiF7pinLOE1SG9u66FrjurZD1k3C+PK8 7GyWVQ3/IQ3IgU3iomnT1lZlnCSxj3zirQS89jFT2uU1DdG5qutM7Fqfdm3B UFLnPGvCByUd7Jo0RgprX9bORQ2DTvMaY177orJZXOQpOlnnnSnpsnXIFuKX o2TemWiADK3TTxOyaCtlRZxkSFbeMIWNs3mZ1nFqEJCC+UbqijrxvvSset3E JkkZvE3rLGJBy6ZI8rZLSyClatK2q7q8tE1dlqYEYRgGgwY98hypqauu6EoJ a9W1cZX4KC0yTQ5KZ+qscBXaWbd1nucd2ls33lfONlxZtExrUjVxihpIsZld U5nGRZkDQPI4Z2XyKq4qtRd3tF0JQzKDEHvn22gfDNMRDH3nXYZMI2U2d45V kQC1QFZWGK9JsmkFaLSx7VA3gNLZtKmdzaI2QQKQ79ogFXlZACodWuI9tqFg al0NEvRgmKlW38dITZzbMsnLNquSuAFdU1OlbVOYpM6MMY13zGhbuxoM4uc4 y6KurPknrXOXVAUz0kkqEGi6WFamRjoQVf/TwDCOt1gWle/EMrS7YriYiM61 rFWu1roqT+rWtW2Ovtc1iAHY+KJg2jxY7bIEOE8ZJ+0MWFbmDVPEk6u0Y9Qu ZuHLxuZpjnKnLIBPyzQxXZiU2DJ07BJz5eOoq2IkgbXm6qLA2lRYKoMOlaW3 6Kev4qTwV2FZhiBmhm7FuUEvjOxWW9Yos0e1kiZhOKx+gSyVqY8Kg6CXrUE8 cwyiSXIQC83KkIDEVl3WuaLr4rQGH0CnBEEBTC9jWZq1HfpWoth1zCQ04Bq2 pK7bGPtXFLb0tU9a23ZZhd50UduYFtNTmxwdLbs0M3ldoXoNQla3ZZsCxEXc 1UVqy461x3YDEElW2KqxtkWtMZM1zdkmLT3TV9kk7ZosN9hw5NGZ3OS+aJmp juktG2MqxAJDXLUtqllkZdSkBqxNusY6dIxV4qFeKFLWHnRKUdqyauhuBbSx LlVSwwdaWkuarKGhyIojOJ95GZmcFS5RXnCT1WnbJEFHwYsKaU/RCTfFsp8m ZNFWymzTAB4O3bCArgxmkjlMuW9LX6JV4JszpizqIgGDIDNp4TqfYAIwn6bE dCRlXtGHxmNdATprmsLFTGfGJDMfGeONy6zFuMSgAsQmSyy2I2qqLuEiBp1n SHWMxrfWFMb6uDMtHQDcQd5c4oCCId4tKgn/SaxD+2obgbemyjvJR1q1uceK YV2gI6ZomUShaleU6SUsy3osS9sK0lbQbsmPGA5IQF4aaEwNu/GlNb41pffC feax9I1BDX2d1DaO4FPAMkQIJUkheNaYumiYkA4wbbArzMSIZZg0hFZKAAhn WCyMQVsi4nXemobeolSsCHNdQZoYIUuBaXZ1G+WuzF1bVjlI6LoSg9C6ypcQ LeAMxEdQfe1+OpYhQExS2UWXWJ/lIcnlm0Z0q6u8aTCgGTJRO2xW5i1UoUmd 6GEsm4BowLkQww6MRlMwDDXq4zLsUDeiW8JUYzBBEeADm4cpg5uhFCkG2OfY EmxNm9SFCAawAZBlvm1NFkewJ5SlaauMmcBkQuLSrGSBCihfAxOOO9t1V6Gb FCbndiYfI2Ix0Mw+BgiNwHyDlwYTk7c5mmMrH5U5tjhvWrFayDDuQ4KepjCU GjDMoY3OYuxzZyyaouViNesrmBrGC7RCPVAK2FELtrCovqVV+pBkTVemwDuq BLrD1Ji/JM9sXKJFSH7dwszKMoVbpUWZM71Y7apCidC9LC/AqIoWudnBd33e FlHXyWXwKeDRVR4eCxgDmdhelBaCZPFYGBGWm5l3cJIS4oWa5iitB7CLCBPL utNF9Np0pbgMVLaSA5MhnQliVNuuhBAVBRQaFlcyfgleVdq4MU2Utig1QBgj s7EDVCvWqwa3GHuD0uX4B7C82vgK0zRFt58mZNFWypImb1AlmEaV5mCIgdgh 0bhoGeyyBEngllKNGM4G90PgGjy1KHEw/biFOCP8eE5djYXAGGIALWzbQKl9 ngBlBhVB9lp8sZQvoYC1+BuQjpnDeNWt9XgXGB4PTOPgMSybQW1cVWQJDBgR YOzAf+larJ/DQmKkXNpFsGubZhKXCrLKqlrugeCD5jiEYErOoqflJXTLB3TD 1cmqtmrxO1wlc4091hJ2+HEJpg4ODLVuigLfDciFlHJxmUCkTATidlYqUABl psEEYQjhHNyfcwGstepGt1X2milgQcB/qAE0n39BFleaWKPDL275oUIxCg8h K+UhVSg6XkCOycLjyFsMiMiCvJgYhcisFpHrcaJ+BlOLR7iCCMd0r4SZ4vUV JoVUYR2RfIBC7Ca3reSrgxUDCbV8lczAqFEGVDwb4cp0DZ6da5H4FlJq0H+v DuN+tDWGAnODow+1wKWSqmV5jhDFrEKEEcDHamG6PkZZQRGsSiObkPiO9SxK ydxVcGUKGEGWAnsxyOHAw9J5hLrCOqJLXc0VSJiwAmYepQbhx2Vo8gRG5DqL n+IyrGxjcEq1XKh+g+Hg/oJ5L2qXZPkVcJWigUxDl6BgDTMKjEB8GXAJ3QMi PO6g8Y2FnNVFXkcOkgDJwfszcV0V3JPBepAMHFy8cfxfSFjLWiUKHuB413yX AUPwmhLQS6OGHqGauCRZjoLWJauSwDHrju66pJWnAqdDKBpTCR5MAzLKQde6 pXUaVXK86ZJHyBvQsEOC8aRTsCGB+EEggT6EI0cgYEm4jLhfMFLgAf+oS8oI pM+a0obrUwhyisWHOYIaPC2FD8NmcFtkG52rpnD104Qs2kpZjJPexviICkDg K0My8gSbUbm8BpmQIph8LeoKt4TotPLgTRylFvUyDAM9K/gbNVBYCOYAg8NC YhR90+Kc48LbTq59DfrgOBQaCZ5ypOXyBWLUYTzkp+EjtmgzlAxvA1IPPkFJ gYjMw6uwLnjWMC3HcxLfeshYWsK3aBeMg912FU5SlzAJGFVwssytwSXML8FV 0cMVQgPvFF2TMajxFsRo4cIlji7EFD6QYpgRiURcC0Qqqs4lXdp0TeQhhKAb IFSAUlYOrICz6qB3SRLDCotmhKuu9UBa3MLdWhg3psBCtzFPVSsa0GA9QT3T xRnOAISl8KL6GRoeiZ3H2N3CgTaxPGkmyvEvVoAFB/Xo7//WKNsG7xo8Rths GuyJolm4zSxO2cJDcbrBgBhHymedyWoac0h+hrMC5bYNDKoZ8Q5fKm4y/Jg0 b0s8AdQZ6e8KOIyc+iKDWzAWlynwApIj5KA83pONigYe4BSqwOZq+bFelvnB qEBY4q6M6b25Cu8wTilCgA+Bl5iwOPDeDKWEH6PTJaiEr8M8GUkp/j5Cl0O8 gDXoNKMC3bBs4rYVyAbXyGkChtZ5uQ1pV7jaXxVIYyBMR1ECLYXCVyUPTdOm zTKXwcJSDHCCFY1xfHAKY7CmA7XBri5LuxrswpfCw8IbxB1snGC3caA0XUUR MwgMRhSWhXRWkIKujKraF2UJvHgMg23KNgOGfFsz0hif1zITPvZAR4FXpBBj A/XDvaM31qIvVQTvyLLOK3qUMCeAulYRwRTjoEGeyIPw6vBUEHKBG7yXZWtw NpsE61rKqS1ggeATCifjC7/qmrgyMGXcHK40eNZgBj7aFO9+mpBFWykD8jAt gK9oVIX8AGSJ9/J1Ww/Dkch7aB22R8TWiZ00bR1VvkLtuwzWbACzREQUlULl Wxh0algHwN0CZG1cs2w8FyaqVYo1j9ZA8CDB0GagEfZRGRTPwsfx0XFSigxV 9LYyXW2NiBziyvJi6/FysaSKq0cKy8c5Lgr+J3ifopNAIRiUInU1jcOlfNnu HGuwm5xMZ4fbyvODsCV5Py2pzOjPTUo+uf9wU2L+5PN7zz6oQ6X7FRsgQ8pL CddwRt6mcvNHZNH+QRnIq44W/U+RgNw93/Sfkn/c7kzcT0K+/8O0p79/1hUT uHNsybYXmyXadCJM43pzRMwk8/ijU4k/L5O5P+s//+k/Ko+5d1jdv2gaE4ga /pcryYFnDdzGijzg1YnUCL9jLEBRNNtr8dugmBEXF9BRBcjSHI89lx0E6Mq2 wl0t2xLDh+dWZbG+57oip0l+yvIsF3WIsgprDDPGY8AtqbggkXvSN1ioSYvp g5VWCjvhUPATTg/+U0of8LaiCitSJVVTVFlRKLmEoSk7NZfFWZHzIc+BcuBZ 0hJcpM5KvuXpOK3Q0TyCdjG6FDqLEcxB7aqmSzIeOfY+xeAnONT4UNAy3BuG zFXQNQWCTAEviCCdPKhUtrBVV3M4Rp4pk5EzYHnYuGp0OZO/UVRxhUfE9/CO Uk6FLyOeneK+wVXgpxDCPPxpoJ9JBh1kEukbHDE4HJi9BhrVKThZZDEkuuwi Pa0oGZ3muGMgECuaxEBX9JzewQZhA9BCiAzefdZoSdVnPQJeE6njdBTCJM+S MRU8HdYLuWQuaIM+MAQ6DfNSkkG+iHLLmaL8THikFWCczE2JY1pACzGiddEg V5lSlVnJgHDyKzmmDbd4ekG7eQ1dwvtTGrhjtaGIsEU92SkGyDLAYdJWOYdC cUGDB2kqsbs0rARTmteshYIHTGBWBPHMYSZ0P1OQmt+TUrLXIWImCHrKdDtF meRK0OEKZxGelUXqP75sRQO4D77Q9DCHQbjbkhWnqy5TFyULCD0CmPIIW0om WZCIxllQRfb1TMTaBf2Q/Ou+XswhEvymkK1BClgVCA1SlNVMdtRCIFu6o6hZ U5YMAhnEzUppkF7pX1aLLxgi3lGpWacXlbLQBpmNI1pMNPYcN5O5TmmDiYTE QeYgQx194m5Ex2qe6JN6VCG9zJaChqX0gob5PzcyTywhdJlBwZuRjUzChkah yDgvuqqG8CoArQgBK4Rvxc1dVVXSfq6UyKBC3MTSFoodggvSVgQIuUG5UXbD k1mFQiuBPCSKHuYaRF0gOEqsVXWGzEi4FKNmhnzQ30QDhGbiPkl3K+gsDccR fa/xqPibQaRS6pzeSmYEPXmPFfwHuEAEofZoCc0VCDuzqYMvGVVAAPw+eROl pJ7xcbHcS61Sy4o28uE0TaWkC/eEYZY4OXVlIuaWkSvbL/Rh5uk+89Yx0wmC RYOsihovpQe00khrcTdMYSqJYpRq7UoJci1XhMdotdHHIuE3x98VM8DsMH01 8JPrMTRA59ALnhWxYDkDEC1VOgqgoZO4R5K3IqTzWHthmA/Ap1WyrITWRGpf VpHy3zB5heUkj7m6XAmjtfo0mAncmDhEngU1AgDwuuG/grWQvaj0LK2CZxXA KXCAEXNPXKHu/I/5EJKXeIyFIglgp/J7cr1KfNkqosPMOwZGjhgNyMjUiE6S C6ATTR9AhWcA2DSIF/YMsWik+OgFD4nyEJIX+mntQ4YnkXJJNnPQm9GXCg/x U4X3XPNsZRckWLFEPYuaTHlnJJb/sxp0WCLTIiX4HyiUJL03eXIbzQAvrXCD taiyNKKDAHeZBhvJEwotb8Zzavoh2JMJYHJBL9m0ajvVhRKP4IPvVz8PwQJm RBor+xDTaEj6M6iYC2UnvHrLbYkC4XmFTHKn7GbMIjHxzK+gpcglXl0a5qQI lU2q6shYG6baykVFvEG1UqTA5VFdaaGwlJmgE/Sj28Arai1ppMOVhgmK8m2K oDNriHyqe5AHxhOhEMiCgpigJbpXaRUxhCyXtIK28jQwBMlYosIRLBr3qGyG b7M8yrRwzK9UAnTKBXXy+CVdLT8lAd4lXsGIVEE3CvVZdtNnRQRXCQZeFjFw mTDXGB2spCQUWTDCcz6qil7BMAmKFvJ7xQJHgjExFpkVBFz9Ytlk+JX/qKSr IETK9KYYPwaB3QqNZ729yJgHLkYa+UyMgGVUAkdSqHlBLjFtZc10ykYEsye7 UcoYtCoXkTygkZVmvglI24QmTZWGXIwmBMTio0bFHSC3DHgikS5ZC77PI9VT 0KZDiSxTByZxaSLuEHIETppQ6l9wGggWGTKyoIiXzBB2E44CcNeaaNplJhiE EaSXNpj5OFPkV1JrA8erglH0NCecpBMR6yhYi7Wolcgbl9EXGU30gHngU4mV JlDuv/icdCcQHIMK0gfEOhg+5kIYI0hBmNEB+oSVqEQ2lIyXvspkCD87TISR XsBhFChh1I3UVgtGT1g44SIim6maSPyO9YUUMA96VMODZFGYfBqLnKwQt6gI AuEJhpcnBhDz9EhMslRzuQgbBheJNLJlFVhN721UyjrTzUocIwYoANygf7Ao PShwKwUoCiBWwIdx0tSyJlr6tIyQNkmflnyY60SjZxGBtNCYZVGrYNk75kil O0FFilhYnYk/sDgG+BR/1+0Q40wmsZMS0310NCAFkCfgz7LA8oQjYhJ1FUHx 5DykKnNDnWWjWXGYvnIkqJHol1BpVCgZTNCB6fSyWWUW8EEkIxOUIpy9qc9V 5JEyejHbSkQ11yJWSljTMFKKfMumWelm3TOWShTIyhLmEgv9jnnF8Hal6Dry Ano4iDPX5SLz4ENuUuyF103MLFSYJzBxpTJ1dJ+hJFkRVqXU/Ge4RRN3qhDv x5WKftCX6mPQWVynccKAYxoqY5WPqBgAsVDaLFZ4ToWEcczqxK2uKGNdEbOy AYMUHTVJwmVJfWUD9eUbN/dFKT/yfC5RWYii43HfIx6Zhn+TOLZtYrxDJU1T dEWbWM8d6LiCrlGoD2xTbLvRIOQKForymlaBSddlprZJ2jSZ6ZjLJFE2HLuZ K0/KlGJRgJ3GuMY6Zxq0OFWhWIMXl2a+VB4iFZy1yqc0Ximi3MVKvyauRiQb /KJIhMuwphVtd0rw4OWJSMe2TjzPNcpUVW2Bpc4729QGu6Q0E1YcNLcebzBr ZaO6poUq+bZpgLW2xg61TdzhziX0wkBBjPIWiHaWdbJGpmW1AU8LT0odVt0k dYKotCrSqVxtY5DKC4I6R5ulsyCltyZuPdjTtdbRccTZJVUbJU4R6zqt29bR 77QRLwLOfNV1ddNhsBOAvGlZSR7QeCOy5o1TPD2Nq6yLPEifxzZOWEafqECn BOqV800TX3R11iECPuUZmWXsyjJZj6DELoUmpaaJWtNiOhDPzBoXK/sjnutT sboulrQk4diTq9Ia6Q+nNWpfGWsbrotkEhllXSdKvzQedK/bQgmFpKtx63Df 69qUXQf1R6phD8xN/d7FwwYrGCeNS7qmSJT7r5RCV0kmiOHrVvLtbIIEmkQZ 6dQ5LEbt8NLTqos3BXdIc54miCHgQX/RIOuF7Jlpu7apawAu7/DO08r5usyU AE6xU6lxkTWYiY6WgVzl3lS7JEg0aIRPVMDaKveqsfb1rQxCD8KT6dLashqq GUN5iraWqYOk+LIG6DuZxaJoVb/B3SlAx+0Vj/E1VlKGLFOs3roIRwyQV6UH GtY5OE2NKsct0+MTdIfeJc7oi6SWcLiqs0Bga1WBXtcqG2TVEAjjPZiLIgGC bWXoUCNJEZWgQbn2qt3p0gYNBekTVWFJISt8kBadMJhSg01q69R1aWIcUGoS Y7Pa2S7NFaqH48NFYw+M1GCVUZU8bdg2YoodINQgjpW8cqY4Vck8T7RFGRdd xv9RDQOQdbHNMANKyfKjYbFsayN5DV3T4Ejho6TYgMZnQvzWmq7rIPOsjLWo GZYE7GKF4jZNMEJl5jNQJ+qjpJmWq1ZqBQut9F+qqH9buyTm8bVrG9Ub1jaF lSMOoSoklzrXJmrAZNdi6XEtujRVRazzzoNYReITD+HDo7oiA8b8C3hBDMii Ck9cDJq2Lfw8aUT2jGpdKpUhMWd5VGamMax+1sZJ0qn+IkmcCDlijfymHcAJ oytUPgWBhIPEAFEmYwGSQzqjXLW/mOMGZ7WusX1xDb+rGxC1tgBi6hs5shWy GOOEWJYV6ewqhKSoHTMZ2Uz66/Gha9pSzKrwdeMB8sQJjhASaJ5q95S0jbtG 3zJfpdH2CjwiZksKk8uZd6FOBERyEmQErPKAPr0oPJxdmFz5tmxsiKooUlYr yBEhST6Xi+voGGYILK9sYHMObbKq8wZBUpWRMvYESYvRwEKqWbcGRIlcnCet 4h2t6ZDWzKedzEWboJZVg4+gIJcFRhAqB8bg8ACqlZxxBAI0i1TEjs2E2wjQ Xd02tm6DX9NAblr1CHKQZxilxthCXAd7UKLU+GEd+BFZzDYLA/FhOS6lKWHI Tm4GEIdtbOTfeIuYKGfGjDQMA/LrG1aK3rWsjGq0wLlE3qVIlMqpcf+yqqV/ uJ6t8Tli4LpOldYZJLET9GBDkYjO+TISUmGQXYMJhZfUrJ9TuUoK52tANCYW 7ppkWGh8ZqRCiJW1nfYMGGG1WkgU20viTHy8wlYqhmuwkogiS9K1GLm2Ng0z 7CsnNxsNytq8gSN1rooAMNVlYvZjjw7zIyBdCCagacq3eRC/Ey52tsOljxsH 6Mk34ckW8xgBMA2cOPetUU4VeMLKMZsG98zBFFQlDoY5Fg8X1HcGguFql7V1 nHWYlVwFp12hxG2JNUdDamxp02rDhmmaFBhF0NJGGtOWic3zOFY8DYxoa6DZ V0lU1Kbumlq7eiBktUgp1BCQAiNaLF4L1WZasRrGxx1S27oYJlSphAigz01k JeE46JNEbPrTLF+0NX2KHDKhTLfFMBRJI8YOqzTKBmOUWdS8i1V1VII8XnGt VtttEtXZKrhqWWblwGugyRoVZOM+lmBPpv02Uj3FpKAZidLfkO7UxhXqE1VC BCW7LRY0UWkAnUpVeea1KcbI8CEOmQfdLNqtGrwGj9XBbjIskIuA7DZWVhdH KZEvncZlK88EiZIb4TE0irJW3GEgmk7oVrA8JldiP04jFd7h9OQISBJjA5uu RWFYcqxAXdaQuwQ27UEFlWsxp2kDg0LSaB2z6WKgKxfAyZkswTBXIUNG9DaV lUKkC7ksYoLobhdyJtpQpMQJ3hGGAYuper46SZBBaEWufRV5rDpXNIYJlZiU bZN4hSBBZzngCqPkKZiuZYxiBQEZhEOWkVhEHOqVKpbKSspNdPALFb3WHfQu VhG6/MhQwJ/gFWdwSW7CqsBE4iZW2Z9njDE+huqwuCMTF7T0weUeptnZWpWl qn7E1ErNoRSZPPY6LapExfiFVsx47CoQr5pxAKCqFCJS8Jce6l7tvMmgBojt 2/adXGevrrNX19mr6+zVdfbqOnt1nb26zl5dZ6+us1fX2avr7NV19uo6e3Wd vbrOXv1zslc/4rSHBqHBoHZdVhv58nna8F/dxl3KddomkNVN2tVxnjQIZaqz S6rMaRsEnL92mw03rTY/1Y1lNTMT+xQ5guy3gvoOolJ3meu0NdY0itCm2nOq E01MESFbjTZMKXwrstx6k2Q6bqh2BdKHmULmNQJtIM0bJlLEy9hM+ZBOJ06Y xLfaQs8j0kKzUzK5WNOyhmXBkrHkzhgEQHawkQfrk85ijWObuLLDwCNxFjZQ K9yc+pSlVXgYCwKf41LFJbAK4RQA61qLsLWFK5WaabrKeIkl4hJjCY2vbU3v 5VCHHUOYktZ2getY1xRWu91o0CujkzdNapPOMWbIt56I0XFtp93clrEkaeEt OpqYlocaRB3NRetd09VeiRAn3zTpSqFAHKHOtrFpSu+LMm5lQrsaQNfG9FqE r65ZJJfWBW59UVqrzIWOw1HwpyraPEotq1eXcSx3x5Qdpgu9quqmTevOoW08 M61rnzhXWSAubwJLE50vjTfZkHxqsUHiZSkdj+l3he5nOmeoZKx53Tjv6YyR 9ilqazNft07HS7ki8lZMmk76JIkBk1wBQIskoM/e6WQcQPjq5JNgvzRp2B4e ywi24WSRtrB0P0VE07hxKGatlyhUXaMjVbQxD+RhSeqm6mLEAjVvamgEFlph clYzB48byLtHH3yuwyCymhZ0RI5tY227065UD7ESpyngZIhjlYBEia1TkAMj AEAAUp22LlUhst2VdYStyUCtcCgRTBPy14SO1joyCTlrCyUg6RmDb8DcMqud 0+koNu9qw/+xfplNGmXGGlgtpiOGXuaxeAoKgA+PZGgNU/rcNbiewB6cxbWK k2u7Z2SctmQB0+Hh2HKFqA2rpWQJuK5NSJDVgssKSKwD04BAWnAVaIaHHqWd ZzhiddqiJge5CB4ewI8PEMMiveJJMZ929NfxYLie96V2MInF4n875aG0Y0wn AjSJgsax8iPwBYv9FMMO50akMEJjfENvMC/aL9cmOHtRDU9C39NOnvel5BPQ gJzBjLGv0BirVF2jpYZhNWkqv8oa6KlhqZzGHtVWkMBjc1M77dh0ttO5A0yU wzyKZocdffQ5brUnWic4dNi/TMdSdSaJCogfF6EytbZ8AguFbVJvFYbEbHMH tqlzRue4SDZjJw6dKD5Re6XMI5Y8rWwrKU10qFLjXRsDm3Vi8nAIEbLtFMoA 02kNGW00p1YJ27g2WDqAJ3barqz8ASa1Qm507IASEgGDlVZD+prE00logc44 sYE+2bIB7aJEGffai2Y7UB86SYdRIG2FVzzfAxu+RVw1jKqtsgRr0SrQXutE CIel025zr6R6bLD4Ih9pCK8maLortMmylefUaiMgUttabZrLtaO1Rilzra1H cyt6jtFJZGsTnQJmS59grFDjPI5rkaa4MRok86vNiUympV8mKaNcPIw5myaf fprli7amL0l8wpJqK18qGy6LXiq2E0tDkEupCsashuzBxHTmUNK1aaRjW4q6 qdufnXzKFPpRbwtwqmI1mrpjBhMRR+yxUyQm4Scl3/HslSb3WYrNjMQA4a5N mrcJDAfKBvWOsUWJ6B78Ke2wrwqSQVuAxZR2NCKL4QHTULhCB0fAX1BFTBJW M3aJ9izCyxObWgw4vN9BFq2y3mmLcFsMDry10+kRqY8wcuhwmrRCH6ypQmgp dE+LkHWwMkxh6ZGAGEuqDZo6xU3ywlKDOFBii/2GAOPJ8zFoYG3wNzxeDGIM 57OIG/5EihwIvCBtiCXXYMF0FkcHoW2N8rEd+In3kSpEr03RLstjJZvgVlXW hFPeEuwSRBgy4BOMv2KuFldQR3OINMIFKoWltf21gKRU/JjCB2XGGaCF7joF 5jrIUQ7PaQqfyyw3OJPaA+91tEbZdTkCiQmmfZaDOc/qJMXfwhzhctTKGKPa uXaba+c2HzXVWw8Kuk4+XSefrpNP18mn6+TTdfLpOvl0nXy6Tj5dJ5+uk0/X yafr5NN18uk6+XSdfPqnJZ9+8vG8ja9Yg5YZFMNljUUWvEKCvi06kEOF5514 c4Jr5RQjYoYT6VwXq1B9SEcBaIitVRkv8+vjDh4XWwtS1YqW+ZqBmtoIkOQ7 KMbW1VUbuzqylnmpOkDBNA2PxiHqqsZBqNKus7IXcFbpdo2YGW2oaWOd2+3B pqrGMETegYo1cl4zseL6kAGRT0aa6u0JPsQuaLnrAGGnqEBdddjGrrEeKpRG pYnBQBE4wA5wwf4hCqAXpiFO5T+Ke8s3TH3Xlirix3dGW7WFo5VLoE0nHb0H A0rVT7etRfIdLE0bCKCMWGpftY3RKxsQ7472mwZNEv1TliSyjklCQy3gxH+2 VdKJvuokzw7Ln0KYMvROxkwBcL0goeftnaq+MxxdVU0jwCy4g0CmqJT22Ggv HfpSSHu6nIY7jKpPwbW8RlBT1iLBXpfeRi6OC8+TjVE+x9IxUAdAkoULmy1A HeACnKvrvG4MIlNWrTYAFW3pmcg+HWWxM23h4s6gLIzfx01T6OCzLvNAXold pGsNxhjfxtE1VkmCA9xFsSsaRfUdRBOowUYkDYqIO9rFYtw41sZenY6KITiq m2/BizRFjiobTjGNuwRPRmetxlUHl3KucVEeF67wDgBySYHsiBXpEToctTVY UzyKWoiVpTpOvQM5UiDWIlyZRp5GUPG4LfXaF6Cg7ARP2u2GQISDB7GbqbOt 4VYQCjAFTNBkdLhVssB1Dn6UNcqUMC863bR2HhhEblKLcAjuPdNsMhC9KLwk AtgqAOSq0Ul+wHNEW8rM4sg5HFcdsm51zLj2cWV1G7edYQJM5goMRm0bZjav rDKcdSf6Is6elk0CW44RrrrWuZqN3jBSKbart5DEnbKq2I+iYzhNODBecWmd WQj4NElkdZwis2+tBR4K24pVNFrenOswML6mu0ndldAU5rdIUBTMJJNWI86J i3QsNUbC6xBjZwpgA33E4dEPCk7rIORGp16jDfAAW4IYDLKin3kCrqDAWPI6 1fm0EO5L6ajUgR7W143tYHIpqglzUvYkvOEgyRAVq1hLXvgsrX3cRl6yolOi c9t6b4pW27Dg8NrWkud4hrXHoLJqrbJMdAixa1B7Rt9h2bsu6lqUIinbpHMJ 38R6FwMoyXjqJm51Ejjg1QFtvjPOuFoKBEDjH+F7sEJJBOAltm4w/U2GgDRA nDZ/WFu3hUU4MSQ+07sHmk4sv1UmutVrRRJsO+pVRvIqnINmQFQRXhwmm7U6 N5zRtJmCg7FvE2W4nUi3TZFMpW5cowOm66SMEjHfpAWIkEbls+G3Lc4QY+S5 udc+QMOswxFa+bNtlSBHDhXCjWmL1kVIfa4YWwfEYAatEZWFiLd14mJQqGkV uYd34HRmPoY2AnrOogqoaW3zLHLoI/Yf5uRcjbcE6lo5uTqv0ifoWq5tuBaA K7WdMfNN2MBSKBaAgLZdZBqDyFV+Jx31kyxftDV9OhvYK69u9H4T/m6RcPSb 3+ioYnd620onPxwfFBKkFwhVwAbgLIc0+9npqPD6FmQJQgiDLBg3+gucNtg5 zBT0ttKBpCkmrdB5tuAB3U+aFtdOUy1tjg3SAVxqu6pi4k6bmkDqvgIAXOwY gbdS5tz40oakae0j6L7eUATuN21TKBPgdZQ6HeDxDEI7hzsmlOmVx6UdpY1O OM1QI+iQNZEkBdtfhvQjmmSU0mdcbYlo4Ml1LRxSK+FAjQoBsDrPNvF5Iu6o I7AhUTrHGNKVmRT1rgoPWABzKU+QY56FvD06Dw/DiBZ1qs1/3mk/aqVDZZNw ZjYAgt5ry5uy0TnmyspMVx1QZWWpcD3bRhQtE8q3zEnBFCsnGlmksqz1gpwK UHJ4qHDjRueaAqDKtytk4kGAxCWYX+sKi3inYjgofWnqqM2cr71eKwJGmcQ4 RBk5wVXslCbMYDpd0YhNVHqnRoypgq7UHVKDUWNe33qy+3U66joddZ2Ouk5H XaejrtNR1+mo63TUdTrqOh11nY66Tkddp6Ou01HX6ajrdNQ/by/U5v1Cgjbj 86SzlUf+VMDMFCmn4BR+53NIXKy36Di9ULWq9T5GmdlYr5OW99znl+JGh2tV ekuel1wUteu6wsqFY17hGTrWqgYjUjzjxNikURQf82wjWZxClb22ZH5ZJeYx zlrgwGPSlEMprXzgqmhTpqwT1bQidLXDQeFJkZRAr/l0ekWi+DeSrFfVxE2h N7olqW2QegREL3lDM/Q6t1Ivds26VhHxNGq9SoxVY52Flz+KvSMSzAz4Wndp UuNTJA5ZYRJoEkCpkY229E6Jq7iKGp/qHVxQpcwWzEGuVwgySy1GFvXRO6H1 KhyTxM4avQe+w7jRSuPSyuLgxpE8OuRfWxjAkqxSLTdigf1OupY5i2O8VXTH V07HXcFJtLlMe6Pon9eWqwYuySe5ThcqjbHovGKUMng5a4WadB1c3DNKdA7H 0xhgRq6jcDXOfKRjvWJZOVtJF12lYK/RWzu1TQtoc0aC2rJQmWnRzVoxngrw 1vt2unG7U94w4Shvl7SdXvRdtHWa1gY5TpllVihpnLJtznR60SJYBibRru3i KAd6tKNCL4ZqXFswyXCwDv6U8QhgDTNy1dv1UoYiT5OfKgvclWnc1To/Skf1 NSZpauSt1puPa8ykjxrZH71UXi+JYkH09jy9Xtpo95lNEgfZN9q6Ju9aTLTG XGUtqoVqyDuLZC2VmSsUXc9rGB9IA4gADni0cXhrpo63k4wolQD8dZnesakw o+6MWO0CyQUV00wZ0FLqq81sZanj9fIYPzezeq1Trtdqx22joE+u16RXokMl FLpNQBbnlQXUliyoO8wIuGnRX9h/U3uf6XA8mBG/IeWAT9bo3EthCoSnEoIX sSxCWmipkOBSWz/wPOsk1elxaRIzjcqhlbn2VbnMKlNqMkAMxzCWVuHddAIQ HuKstnYx1UokuLZzlfY66o2bqHISK7fUxc4hx75KGvqA6QRdfaJQnA7D64Ka N843iEjaKLxf1jIlNVKpgA5ul96nhn/uEOG2jmKGXjE/lVq8lF9SpLfskCGQ omuRxFQAhB1FLFDqUjkgZMCYWg5D3rVR13StV366UNJTr61H4H3nnI07vdA4 axMsmfY/VAnobLI8vHK+0dY9GBd90M5MAU+S2K6Rb1cqy5bJ/uSVNvuwEppR mfIYNxO16EzBmHO9FRtxifpdMl6+jbJ0OqCQx2oFC7032bvWJwpnt7WPtSMo zQwkHdIVd/wG6Y1Q7hgXjSuz0nY6Js0U2MZw8l8L/y3LFP8ISuvqSq+XxE6D yh2aiZOSQNtpQe+Na3R0ZydfWBsCtenC+lr2PNcmQ+dkFQPVhFyVrW0xh0lD g533EW64l9x5pdu6cHojVAVrGuv9y6X3cYrTp7BahXzAaLHhVk54VrM4po4j JT4VztbLR1tt/TDwbKDDGJO5VjY2D4NgiiwAqRluMOpYVTmWsSuivJXY1Xaa X/ppli/amj7cUu3YarWFs+j0frOQK4I9GT7GfmvbkFJdlXJesJocK2CbCOuo XT3m55+1Z7CV/bu100b7b6GdyibWVZtVeDsd/L9MrJKCsXIkzAU8DahJIkGl XIra6Y3HIgwOlgaOF21nVJdRdSnGyuocRAM/6rT9sLWqEkBz0jaW0ndSJJwg 7qdpnaEqXEiQKhPIgEK1DpYtsNdLEFvEC1RWeNL5WBUZGOxW73GvpGCgZprk kGRlWFqXwnOcXs+JYKEldazKE6OzKY1eRcp0Rqk2WNmw89gbbc7CzWNe8iSR cdcbgq1OqlQoSsf7aksaZlSBcyxuqZd+6sWPDRrs48xYsYW0qGkebxyhciAv xhh91iuNsUtoPGxSQtWxEgmuI55WjTGsm0TC4FUDofCK4mUYR9OEV4UinC5p tatPb1BXrKUV1udw5zp1EXKNgU1KBAymXSudVGEOGpPn4WW7Ts5aCRTSnAyB wy9F6grcHkUL7eX8UnGdX7rOL13nl67zS9f5pev80nV+6Tq/dJ1fus4vXeeX rvNL1/ml6/zSdX7pOr/0r/+mqE2CyiTG1C2E2epEOlM7nbOVKRiTd4o8pmnl kNZS2QMV91ZtGasknkE75XDGBJVxmI/U67VFSdskTsFcsT5r08zBkhLTZixX 7GqV9rZt55OwKyqpo05BWvlDqGcLcOtAs7poUwU5GxkL8LxGjFzaJUmt7S95 i3gVzugNPLm1kYlzvdmngw12jUVGaNh52CeTwkRg7FkMp/dA8WxtrFIGK6VP HuPOJZiuVOLBc5FZo7dB6a0lgDlNtVgQfq7F33SiVKXDwmJrq6RD+GO9yqVp 0yh3NYOrlZWJgUGFTm04n891RhqEAWHC4rahl4nVyV8pE1UgliHykWaRbRJL N/CZECSwR7u8tC8EZWPlxVyQ/yTGLtVdXQV3FNPQ6byvEnXwSQSGu9q3nQqs c8xBGgfn1hcsOkInLi0GT09bV1iso5U7qT1nNZIC8YjCJgnNKaMKW5D4vnHW WaasM5C+JIFOdoiLthQBVGWs48V00hJd6trxZVC0DjjF1tclXQIx8krOKh/E LE6OFIJcXIQbosp25aqKTmcTer3ho2n//9LOJMluHAaie52GgwbyOByPUWfv 99gLhzt6ZW8roiSRBDITxAeQxzdRQfVxFBTus+deVR8weoXS/j9B5YWdQ5AS kNa9+eQNnZdBi8iMaGOwyEbm0iqGm6pzPOrKXy8On/lA6OqV804Pb6+QDY8g drAAq4EVxiEmtzi6Xnu7RuzOLWt9gCihfhtOAB9mLRukn311iHLkvgDEUEff Fs08NuhKjkopHe/jX+9NNPsutmk4kEmNkfbEsGK0CiXcMN7dTztEmSnZdO7e Xr27W2vyqAyyA+fIw1OwtpfqfTsIaxD2puk9SjftRCwPgWDdmBriv51RTnji GoEDh/Vi5QNQDXtkoouoNXvb8H0dz+peb42VQeyed45rOpboytP0qPULDqx6 kFFjIYlzRAc6iez05mxBr/K6GJ5x9Ni99vOao/7qhbpdajlrJlY+Mtzr10Lw mCGYwsqqlS/QSJ8KR0wF48HsWmLJz7oq4Lw98mpB1X8TVJ4u4jj82xBUmls6 uSRhRm7VwTbm8wRJuqIKVreMs0xgpUJKeAPfe3Y+fGM2k9T+900AbfHXBO1L 2T3ZPBHZUi7Y2b6CPBFtymcmxCEeDwM7G6ZgX7ufso4SMygZzPXyFHzVuUN8 zAWcJdwFSwHIewD4WblWPorxTQpIUDtyJsACQx7OBbIWA158vRl4r+YbWGUd xcM3l4TqxTy8d3yO3jUFa5KNVaaJDEzn/sJiNusNL47E8XCcNqrMXDZ6BLo9 rfVY9/3MXddyW3DLYmoDARnrinKALUyB1jhN8SzPncjYPov93EhXgmoCybbW t3pYG5+PtmqtjjZq4BBiZ+92vd86P0sgRoVVyvaeOKOCtvN07D1p2SOIjrNa ZtTt45iGefp3VtM3MHIkgB7vb8Og/oj5rl/U1zmXMnYcz6mlIkR4WKCTpIKl tu/Jm6GWJ3wRdzT5jBqfF7Ieh0bW/3WCKkFXeATrfQz8Pz4TqctuupUpE3yb SOYrrEBKIEwvZZmLuSrAGPl2K7Qmz3zEMqiS/39afVtGmyMgHVpI0LCzJVH+ AuBZOPJYhEmrpnsD2HaGzA7VmqisUIb1nXDJKkSNFl01CARDMbGK2VZFlImz b1zjbeY0xgGpczlvW0fWFIYquHG2CLZtg9g94QLnkaGHgJC5HYsXL/wYmRCe 3W5At0JDaWGqXnMvZ7wVALWZGHst+ZvTCImgC1MAVDkRABi+SEVKY585HguY 2EE8XzdMN6hO6FTDbBsPCv5cAOmfUvEXK/XM8/ts1vj2LiSgTZ1D6Ni/FR13 uRNLJAgYu8Aig1Brvtv5bXgw/AY4lks9IrqXAYPyOh5NHND56+uUqMwS0THs QK521gyYw7dPFG57141y+Pn5uf4Be1fRwvQ5AQA= --></rfc>