<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.4.9) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-skyfire-oauth-kyapay-token-exchange-00" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title>KYAPay Token Exchange</title>
    <seriesInfo name="Internet-Draft" value="draft-skyfire-oauth-kyapay-token-exchange-00"/>
    <author initials="A." surname="Agarwal" fullname="Ankit Agarwal">
      <organization>Skyfire Systems Inc.</organization>
      <address>
        <email>ankit_agarwal@yahoo.com</email>
        <uri>https://skyfire.xyz</uri>
      </address>
    </author>
    <author initials="M." surname="Jones" fullname="Michael B. Jones">
      <organization>Self-Issued Consulting</organization>
      <address>
        <email>michael_b_jones@hotmail.com</email>
        <uri>https://self-issued.info/</uri>
      </address>
    </author>
    <date year="2026" month="July" day="06"/>
    <area>Security</area>
    <workgroup>Web Authorization Protocol</workgroup>
    <keyword>agent</keyword>
    <keyword>identity</keyword>
    <keyword>agentic</keyword>
    <keyword>payment</keyword>
    <keyword>commerce</keyword>
    <abstract>
      <?line 61?>

<t>This specification describes how KYAPay tokens can be exchanged for
OAuth access tokens
to dynamically grant agents access to resources they need
to accomplish their mission.</t>
    </abstract>
    <note removeInRFC="true">
      <name>About This Document</name>
      <t>
        The latest revision of this draft can be found at <eref target="https://skyfire-xyz.github.io/draft-skyfire-oauth-kyapay-token-exchange/draft-skyfire-oauth-kyapay-token-exchange.html"/>.
        Status information for this document may be found at <eref target="https://datatracker.ietf.org/doc/draft-skyfire-oauth-kyapay-token-exchange/"/>.
      </t>
      <t>Source for this draft and an issue tracker can be found at
        <eref target="https://github.com/skyfire-xyz/draft-skyfire-oauth-kyapay-token-exchange"/>.</t>
    </note>
  </front>
  <middle>
    <?line 68?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>KYAPay tokens <xref target="I-D.skyfire-oauth-kyapay-token"/>
are used by agents to identify themselves,
the principal they are acting on behalf of,
their payment capabilities,
their authorized scope of action or mission,
and their intended audience.
Agents may need access to resources in order to accomplish their mission.
This specification describes how an agent can present a KYAPay token
to obtain an OAuth access token granting access to a resource
that it needs to accomplish its mission.</t>
      <section anchor="use-cases-for-kyapay-token-exchange">
        <name>Use Cases for KYAPay Token Exchange</name>
        <t>Enabling agents to create accounts and/or log in to accounts
on behalf of their human principals is a design goal.
To achieve this, systems can utilize a token exchange workflow.
In this process, a Security Token Service (STS), Identity Provider (IdP),
or OAuth Authorization Server verifies incoming KYA tokens
and extracts claims associated with the human principal, such as email addresses.
The authorization server then performs a token exchange,
swapping the KYA token for a standard OAuth Access Token,
which the agent subsequently uses to interact with the target service.
Crucially, this architecture allows the service to know
that the agent is acting on behalf of the user,
making it possible to differentiate between
direct, human-present sessions and human-initiated, agentic sessions
for authorization, auditing, and security purposes.</t>
        <t>One example use case is to exchange a KYAPay token for an OAuth access token
for a Model Context Protocol <xref target="MCP"/> service
when the agent needs to use the MCP service to accomplish its goals.</t>
        <t>Early production deployments of KYAPay tokens are described at https://kyapay.org.</t>
      </section>
    </section>
    <section anchor="conventions-and-definitions">
      <name>Conventions and Definitions</name>
      <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
      <?line -18?>

<section anchor="roles">
        <name>Roles</name>
        <t>The roles defined in <xref target="I-D.skyfire-oauth-kyapay-token"/> are incorporated into this specification.</t>
      </section>
    </section>
    <section anchor="kyapay-token-exchange">
      <name>KYAPay Token Exchange</name>
      <t>The KYAPay token contains identifying information for both
the principal on whose behalf the request is being made
(in the Human Identity (<tt>hid</tt>) claim) and
the agent that is authorized to act on behalf on the principal
(in the Agent Platform Identity (<tt>apd</tt>) claim and/or
in the Agent Identity (<tt>aid</tt>) claim).
The token exchange is performed using the
grant type <tt>urn:ietf:params:oauth:grant-type:jwt-bearer</tt> <xref target="RFC7523"/>
at the authorization server's token endpoint.
The KYAPay token is supplied as the <tt>assertion</tt> value.
The protected resource that access is being requested for
is supplied as the <tt>resource</tt> value <xref target="RFC8707"/>.</t>
      <t>Note that OAuth Token Exchange <xref target="RFC8693"/>,
which has a separate <tt>subject_token</tt> and <tt>actor_token</tt> values,
is not used, since the KYAPay token has all the information needed
to describe both parties for delegated authorization.</t>
      <section anchor="kyapay-token-exchange-example">
        <name>KYAPay Token Exchange Example</name>
        <t>The following is a non-normative example of a POST request
to perform a KYAPay token exchange for an access token:</t>
        <artwork><![CDATA[
POST /token HTTP/1.1
Host: as.example.com
Content-Type: application/x-www-form-urlencoded

grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
&assertion=*KYAPay Token*
&resource=https://mcp.acme.example/
]]></artwork>
        <t>An example decoded set of JWT Header Parameters for the KYAPay token is:</t>
        <artwork><![CDATA[
{
  "alg": "ES256",
  "kid": "BEDD-0",
  "typ": "kya+jwt"
}
]]></artwork>
        <t>An example decoded JWT Claims Set for the KYAPay token is:</t>
        <artwork><![CDATA[
{
  "env": "production",
  "ori": "https://app.skyfire.xyz",
  "itg": "cursor-agent",
  "tsi": "886eef79-4d90-4b8d-81f0-ce5c6c7dac13",
  "tdm": "auth101.dev",
  "hid": {
    "email": "example@skyfire.xyz",
    "verifier": "https://app.skyfire.xyz",
    "verified": true
  },
  "aid": {
    "name": "Buyer 1",
    "creation_ip": "12.50.206.98"
  },
  "apd": {
    "id": "a283ced5-95be-4abe-81aa-51552e8876ad",
    "name": "E2E Test Org 1",
    "email": "example@skyfire.xyz",
    "verifier": "https://app.skyfire.xyz",
    "verified": true
  },
  "scope": "",
  "iat": 1782245616,
  "iss": "https://app.skyfire.xyz",
  "jti": "019ef61d-eb8f-759b-9302-d998b294fcc9",
  "aud": "886eef79-4d90-4b8d-81f0-ce5c6c7dac13",
  "sub": "8fa1438f-8dd0-4e91-abb8-888cdbeb6d5d",
  "exp": 1782245916
}
]]></artwork>
        <t>An example decoded set of JWT Header Parameters for the resulting access token is:</t>
        <artwork><![CDATA[
{
  "alg": "ES256",
  "kid": "BEDD-0",
  "typ": "kya+jwt"
}
]]></artwork>
        <t>An example decoded JWT Claims Set for the resulting access token is:</t>
        <artwork><![CDATA[
{
  "iss": "http://127.0.0.1:8788",
  "aud": "http://127.0.0.1:8799/mcp",
  "sub": "example@skyfire.xyz",
  "scope": "openid profile email mcp",
  "iat": 1782256825,
  "exp": 1782260425,
  "jti": "656ab7da-9c28-4dd4-a572-474af7ab47fe",
  "client_metadata": {
    "aid": "Buyer 1",
    "ori": "https://app-qa.skyfire.xyz"
  }
}
]]></artwork>
      </section>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <t>The security considerations defined in <xref target="I-D.skyfire-oauth-kyapay-token"/>
and <xref target="RFC7523"/> apply to this specification.</t>
    </section>
    <section anchor="privacy-considerations">
      <name>Privacy Considerations</name>
      <t>The privacy considerations defined in <xref target="I-D.skyfire-oauth-kyapay-token"/>
and <xref target="RFC7523"/> apply to this specification.</t>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <t>This specification requires no actions by IANA.</t>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <reference anchor="RFC7523">
          <front>
            <title>JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="C. Mortimore" initials="C." surname="Mortimore"/>
            <date month="May" year="2015"/>
            <abstract>
              <t>This specification defines the use of a JSON Web Token (JWT) Bearer Token as a means for requesting an OAuth 2.0 access token as well as for client authentication.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7523"/>
          <seriesInfo name="DOI" value="10.17487/RFC7523"/>
        </reference>
        <reference anchor="RFC8707">
          <front>
            <title>Resource Indicators for OAuth 2.0</title>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/>
            <date month="February" year="2020"/>
            <abstract>
              <t>This document specifies an extension to the OAuth 2.0 Authorization Framework defining request parameters that enable a client to explicitly signal to an authorization server about the identity of the protected resource(s) to which it is requesting access.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8707"/>
          <seriesInfo name="DOI" value="10.17487/RFC8707"/>
        </reference>
        <reference anchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="RFC8693">
          <front>
            <title>OAuth 2.0 Token Exchange</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="A. Nadalin" initials="A." surname="Nadalin"/>
            <author fullname="B. Campbell" initials="B." role="editor" surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="C. Mortimore" initials="C." surname="Mortimore"/>
            <date month="January" year="2020"/>
            <abstract>
              <t>This specification defines a protocol for an HTTP- and JSON-based Security Token Service (STS) by defining how to request and obtain security tokens from OAuth 2.0 authorization servers, including security tokens employing impersonation and delegation.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8693"/>
          <seriesInfo name="DOI" value="10.17487/RFC8693"/>
        </reference>
        <reference anchor="MCP" target="https://modelcontextprotocol.io/specification/2025-11-25">
          <front>
            <title>Model Context Protocol Specification</title>
            <author>
              <organization/>
            </author>
            <date year="2025" month="November"/>
          </front>
        </reference>
        <reference anchor="I-D.skyfire-oauth-kyapay-token">
          <front>
            <title>KYAPay Token</title>
            <author fullname="Ankit Agarwal" initials="A." surname="Agarwal">
              <organization>Skyfire Systems Inc.</organization>
            </author>
            <author fullname="Michael B. Jones" initials="M. B." surname="Jones">
              <organization>Self-Issued Consulting</organization>
            </author>
            <date day="5" month="July" year="2026"/>
            <abstract>
              <t>   This document defines a token format for agent identity and payment
   tokens in JSON Web Token (JWT) format.  Authorization servers and
   resource servers from different vendors can leverage this token
   format to consume identity and payment tokens in an interoperable
   manner.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-skyfire-oauth-kyapay-token-00"/>
        </reference>
      </references>
    </references>
    <?line 247?>

<section numbered="false" anchor="document-history">
      <name>Document History</name>
      <t>[[ to be removed by the RFC Editor before publication as an RFC ]]</t>
      <t>-00</t>
      <ul spacing="normal">
        <li>
          <t>Initial draft.</t>
        </li>
      </ul>
    </section>
    <section anchor="contributors" numbered="false" toc="include" removeInRFC="false">
      <name>Contributors</name>
      <contact initials="A." surname="Safdari" fullname="Ammar Safdari">
        <organization>Skyfire Systems Inc.</organization>
        <address>
      </address>
      </contact>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA8VZ63LbNhb+j6fAKjO7SVeURUX3ado4ttu4jWNv7Eyn0+nE
IAlJiCmCJUgrasbvss+yT7bfAXiTrXTdP9vJRKJA4OA753znAtjzPJarPJZz
3vnx58MLseVX+kYm/ORTuBLJUnbYExEEmbzFhA4LRS6XOtvOuckjxiIdJmKN
tVEmFrlnbrYLlUlPiyJfeTdbkYqtl5M4T5bivH6fmSJYK2OUTvJtisWnJ1ff
cf6Ei9ho7KKSSKYSH0ne6fKOjFSuMyVi+nF6+ApfOsPTu6vvgC0p1oHM5iwC
sDkLdWJkYgoz53lWSAbQz5nIpJjzSxkWmcq3bKOzm2Wmi3TOf5IBPwRUiP9d
5MDDLzKd61DH7EZuMTGaM+5xsQQUelCEiWRUgyqkR2i5LmeEer2WWYidZVIA
EOdLla+KAGpVxvm0/f3g0eaChhBRov2efjiT/QQlVLLk39MrGl4LFdOUl/KT
WKex7AEJjYssXM35Ks9TMz84aL08gDjOY5jN5EBXzWih7DnoPaUfj/fxM3ur
fB13GBPW/nPmAY3j0mFyo3J+uBTZRsQY1dlSJKWD4Ecnml9uTS7Xhp8mYQ+T
pDOAoLUfhFv7citWWltLcA7nN3Yo8fWgpd1YJWDMWY//oBNpaiBnClBlzF81
L+5hkfHCOzWmkBE/AvWKOIdTGjRrJ+BD8OEjrX+50jm92IuIRCkrqqeShT5g
ROY8U0GR3zPPei0yfikWkcjU48wDIhgp671KvxIJQhHog5tMrCO9SbxsER5s
1I06uNwmufg0eOKcY7wWFMNYorM1tru1/H733dFkNHhePk4n/cmcMdJgd850
PLNzzo4u6As8FtlS5o0B1jqSMe0jP+VpGYVEPZPKUC1UaPU7GPQHI8/3vcHI
CXGZ64zWkgdocR3D/LK91M63WYK/1beSsgYfjLqcJDLW68FKnoewDkyeiTBn
7GqlDN/ZnUfShDCDNHylN7xMl5bWhoci4YHkFb0jDguwc8ouXIShNKacyHLN
oy1cCaFxvEVwiyR32cQ0M3kmjS6QSPBjJbc8kTKilZigEcHKrGhcZbxMpCX6
tYqiWJK/T+EwHRWhVZ3tQv38+dtT77j35SC9u6OkyQsDNYJtBQ7buwS42NLm
a1D2VpouwzNPM5WEKhWxg0urYUTKUJrMshLxguuFnQvQZcKEzVIRqFjlqpSD
d6LMx9jahDqVWGZFQY6u1e0ykUSlBRS8jmIRYWWkZBLKHjt0gNfCGW6vWRXJ
i0CCP7Tq/yQBvG7NY/2fQjw9ix1ukN90kAvsiDkPKeEoQLZqcIoaKcwico6E
SJqYe2gVaVkz4MkT/t5IfiQMwIF+fG9BZ+wkEUFs96sdG6JG5tKKLiwRk+gA
AmK9JEOVm9Ib1vZnaa1VsbbKlxSAbSGA7KSWUE6LGHYkCSslbyXWKNPlpsxP
ZLYiBwd+x+6lPaoY4lSqF7He9NhpYtdhE00m6mJuVdBL9S5ldqtCyZ9eXl0+
6/LTslRTNrhV5Oenp9HFsy6DVs4Fu4WflmMS/sPTlh4wMtkINqwilziHBEPp
AcBjoYBfGKNDBdtFfIO0Sha5bw8oW4RwuXFlgYsognPhI6KXrAnvcBiHA2Ig
QWaURs0Dw3SZ2Yg0JXi0Xw3ROl2gNQNSkUWVoo5V1kxdtlmhKNlljrdoxoz8
rcAjklFBzKE4R0yRmo1OLl1beIpC7CgroDYSWNc5hvoMlcswLyj0YzjNZq5q
AQm9SfTGsbnZnVY+zBN2ArBkXbYWts8B/1MNngexFRWpxUJm5GFibSDzjUSc
RchmYd519veqYIRKFB+W0+UrlSi7MupWbVw9i1kTtl3StYmFMHatCFPxLi0y
YCI3svOEMr/trQg3WI0PZU1Zk3k3KThX7UsHDsGXatrnz6igd3eVXeFOmbTs
WScJQkHDmN32wb3cQcFJ+E9EBu+ndcVA8KaxtknakD926wdl9yoLIrnmdQ13
NaSHjsT2HAB/S9atjH8sF9byZGZLfTTZFONA3Dl7f3lFDT5987fn9vndyb/e
n747Oabny9eHb97UD6yccfn6/P2b4+apWXl0fnZ28vbYLcYo3xlinbPDnzvO
n53zi6vT87eHbzo21RGZcawpbIEiTWE11HUbEaAUBbowrFEfa14dXfzn3/4Q
vvkbOp2B78/gIPdj6k+G+EFecrvpBIZ2P6lSMoSxFFTEKGioIKocLulStjCo
Lwlfgeew5le/kGV+nfOvgzD1h9+UA6TwzmBls51Ba7OHIw8WOyPuGdqzTW3N
nfF7lt7Fe/jzzu/K7q3Br79FXZLc86fffsNsQXunY1myJaNHEA8kcnZ/RB9j
PUi5HKGa2SwNR2rn5Z2y3qPtvlQwr1ySbYKX+lTUc1M3RDZHVU2vdtEd6Hx1
rznCm80KOaNKdfQ2o+xrbCoMJMlZi0iyp8qF9WtbS+pq9vR6paLrZ676PCNG
sSb4Xadg2i2UDfm8nVyd2BpSvZHtmfgFDoSkRXtHkdY7ln0B21nTntoC56rb
vYpOJdxVNYArTFnBmGuC6WjLr4ssmSuZL+apwLnEzK1b53aGZw+/Hze5FyBo
ZHYNCpTnD2pZy8Kyp57+o2q10CmmGhToPfQpMaJIkRtthFtR16juMiM51/xW
xIV0y+h4gkKDeVWT5kxfZvHakaVny7PAPvnV+lK8U4fOUHd3IORbbOMkuyqx
S8tyMs5Vd3dVWV8JahaMJNNh7TWK+0cg/WA1vLYJ6Bp80Fk1YrdF7w1wic5t
x492BdyQVWfRGMgKj22Hv8N1qjnudFJlRUt9dPkZNfY2FlDL5NLG3457XNO6
N+rwYOupi76FppbCRhlpmOjEq0+hdeWlkwK/OEdWLC1PmEq63S+/NSPLOtyu
wDjA0mHRSjpw019fXV0c+D3fvnit6cpEmF77roVe2GoNml7ZOxpBzi7PrZ+8
zWbjERCvyGKcUjSZzC6yzP5AzH7xJ6hvl/695ueLr9pG/Mq9rdj1oj5jh2lP
hGtZAT9g7DCpzRdJiwr0ycmUP/x0xV9LQa3zBcFB6cucMx8wQ5nSZJ/tJ+cd
ES87c945uRyMxii35eiNimj01cnxsddvhqEaDSNz/xMKduzw3V5ohOnINd6X
QPlIMDK5JflNe9NsDSZ2WrdfcFmvdTfUzFO51Qedn9GZZ9NtC7+xQqbTsZSL
ycwbRrO+NwymkTf1F30vlKNwHE4iEfrPW4uiNS0iD/t9vxfJ2+bdytqpwk8a
0MGBppcGebkPJOaVx5fsMTo102kze13qhu9qHOI+DrqBsh4stqCF35ZlT5Cw
7QdlnekPeqN+b9Af92bTzkPB6T3BjhhiMH0eymjkzUaB9IYCH1NfCG/kj0YD
OZ1OxiJq71nBORmc8CuqoefZchfVX2Q4e3NBsloMEjkG/Ml0MBiOxv64eWHM
oyj4Mbcs6/szuRj7kSeD6cKbjGaBN3veH3jRbDYNBrPhIgxnzSIcXf48NVE1
7KKF8IfPsck0irBIznxPBMHUm06nYRTIYByNGm/AwGmj38wf/0EUPyrBIHm5
69Tdu5K/OtU8GlbLrfCqP5j0+vjnz6eT6fSBf/bMms0oXT9wyh/xuKEdvhIV
UaOyUNDJ3TvsiGvRcTSeDkb7/DjuD1svSv6NR2MRgDHeLBxMwado6InRZOAN
J0OxmIhgOFnIZpsQ7Q6qG3wrIpGL3aAXpY8eJpOHadn7TeyERRVylQefNPdB
dBNPNz6iddKsD+3hzss/eZqwN0CtltOWeKo7XzxQXGTqVoT7MaXlu/8zpNPD
t4d78Dy456QeCrtSY1hewBq6DKbl5W1zIMIbknhcHZdfK4Pecss+z7n7u5yM
XnQWOM/KDlz0yy/lWTqTa33rrpYppICdn9g/8uEl4gyWKYKqc6JWGe0Zzfn1
V2zb7+MszE/tBU7s/uzYY/8F9eSzHsUcAAA=

-->

</rfc>
