<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.4.9) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-mcguinness-oauth-mission-00" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="OAuth Mission">Mission-Bound Authorization for OAuth 2.0</title>
    <seriesInfo name="Internet-Draft" value="draft-mcguinness-oauth-mission-00"/>
    <author fullname="Karl McGuinness">
      <organization>Independent</organization>
      <address>
        <email>public@karlmcguinness.com</email>
      </address>
    </author>
    <date year="2026" month="July" day="06"/>
    <workgroup>Web Authorization Protocol</workgroup>
    <keyword>oauth</keyword>
    <keyword>mission</keyword>
    <keyword>agent</keyword>
    <keyword>authorization</keyword>
    <keyword>rar</keyword>
    <keyword>par</keyword>
    <abstract>
      <?line 147?>

<t>An AI agent is typically given a mission: a task to pursue on a
user's behalf. OAuth 2.0 issues access tokens for individual
resource requests, but it has no durable, approved artifact that
ties those tokens to the one task a user actually authorized. As a
result, an agent's authority is a collection of independently
obtained tokens with no shared, auditable boundary, and a user's
approval is disconnected from what the agent later does.</t>
      <t>This document defines a Mission: a structured, human-approved,
integrity-bound authorization artifact for OAuth 2.0. A client submits
a Mission Intent through Pushed Authorization Requests; the
Authorization Server derives Rich Authorization Requests authorization
details from it, binds the approved task and its derived authority to
the Approver's consent through two integrity anchors, and records a
durable Mission. Every access token derived under the Mission carries
that authority and a "mission" claim, and issuance is gated on the
Mission's lifecycle state. Optional capabilities represent
delegation among agents with the OAuth Actor Profile and, as specified by a
companion, let a single Mission be honored across trust domains. This
is the issuance and governance "mission layer" left unspecified by
agent-identity work for OAuth; runtime enforcement of each action is a
separate, optional layer.</t>
    </abstract>
    <note removeInRFC="true">
      <name>About This Document</name>
      <t>
        The latest revision of this draft can be found at <eref target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-oauth-mission.html"/>.
        Status information for this document may be found at <eref target="https://datatracker.ietf.org/doc/draft-mcguinness-oauth-mission/"/>.
      </t>
      <t>Source for this draft and an issue tracker can be found at
        <eref target="https://github.com/mcguinness/mission-bound-authorization"/>.</t>
    </note>
  </front>
  <middle>
    <?line 172?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>Agent-identity work such as <xref target="I-D.draft-klrc-aiagent-auth"/>
establishes how an AI agent authenticates and how a user delegates
authority to it: the agent is an OAuth 2.0 <xref target="RFC6749"/> client
identified by <tt>client_id</tt>, the delegating user is the access token
<tt>sub</tt>, and the
agent obtains tokens for the resources its task requires. That work
deliberately leaves three things out of scope: how an agent's task
(its "mission") is translated into authorization, how a user's
approval of that task is captured as a durable artifact, and how
later token issuance stays bound to what the user approved.</t>
      <t>Without that layer the gap is invisible to every individual OAuth
component. Each token is individually valid and each request
individually in scope, yet nothing checks whether the task the user
approved is still the one being pursued. A token issued for a task
remains usable after the user's approval has lapsed or been withdrawn,
because no OAuth object ties the token's validity to the task's
authorization: the credential stays secure while the work it
authorizes has quietly become unauthorized.</t>
      <t>This document specifies that missing layer. It defines a
<strong>Mission</strong>: a structured, human-approved, integrity-bound OAuth
authorization artifact. The contribution is a single chain:</t>
      <ol spacing="normal" type="1"><li>
          <t>The client submits a structured <strong>Mission Intent</strong> describing the
task (goal, target resources, constraints) instead of requesting
raw scopes.</t>
        </li>
        <li>
          <t>The Authorization Server (AS) derives <strong>authorization details</strong>
(<xref target="RFC9396"/>), the <strong>Authority Set</strong>: the concrete authority the
task needs.</t>
        </li>
        <li>
          <t>At an <strong>approval event</strong>, the Approver consents to that
authority, and the AS commits the task as an <strong><tt>intent_hash</tt></strong> and
the authority as an <strong><tt>authority_hash</tt></strong> and records a durable
<strong>Mission</strong>.</t>
        </li>
        <li>
          <t>Every access token the agent obtains under the Mission carries the
derived authorization details and a <strong><tt>mission</tt> claim</strong> bearing
the <tt>authority_hash</tt>. A Resource Server enforces statelessly from
the token.</t>
        </li>
        <li>
          <t>Token issuance and refresh are <strong>gated on Mission state</strong>, so
revoking or expiring the Mission stops the agent from obtaining
further authority.</t>
        </li>
      </ol>
      <t>The result is that a user approves a task once, and that approval,
not a per-request scope grant, bounds and outlives every token the
agent derives. Each token carries an <tt>authority_hash</tt> audit anchor back
to the consented authority; a holder of the full Authority Set can
verify it, and a holder of only a narrowed subset (a downstream or
cross-domain party) treats it as an audit anchor it cannot recompute
(<xref target="consent-binding"/>).</t>
      <t>This chain is the first of two deliberate security tiers. It gives
task-bound issuance, auditability, and a revocation gate over future
derivation, which is sufficient for a low-risk workflow whose exposure
is bounded by short token lifetimes and narrow authority. It does not
evaluate individual actions: an agent taking consequential autonomous
actions needs the second tier, the runtime enforcement layer
(<xref target="runtime-boundary"/>), specified separately. A deployment chooses its
tier deliberately, matching the enforcement it runs to the consequence
of what its agents do.</t>
      <section anchor="why-a-new-object">
        <name>Why a New Object</name>
        <t>OAuth already has objects near this need, but none is the approved
task. A <tt>scope</tt> value or an <tt>authorization_details</tt> entry
(<xref target="RFC9396"/>) expresses authority but neither the task it serves nor a
lifecycle of its own. An access token is a short-lived projection; its
<tt>jti</tt> identifies the token, not the task. A refresh token preserves
the ability to obtain further tokens but commits no bounded, approved
authority. A consent record proves that an approval event happened; it
does not govern the resulting work as it continues. The Mission is the
durable object these project from: the approved task that bounds and
outlives them, and that every derived token refers back to.</t>
        <t>Put plainly: Rich Authorization Requests express authority; a Mission
expresses an approved task with a lifecycle. The Mission is a separate
object because that approved-task lifecycle, not a new way to express
authority, is what OAuth lacks. A Mission is therefore not another
<tt>authorization_details</tt> type; it is the durable, approval-backed object
an Authority Set is derived for and gated by.</t>
      </section>
      <section anchor="relationship-to-other-authorization-objects">
        <name>Relationship to Other Authorization Objects</name>
        <t>A grant, in the sense of FAPI Grant Management <xref target="FAPI.GrantManagement"/>,
is a durable, queryable, revocable container of consented authorization
data. It records consent to authority but carries no task, no integrity
commitment, and no derivation gating; a deployment <bcp14>MAY</bcp14> surface Mission
revocation through a grant-management-style API.
<xref target="I-D.draft-klrc-aiagent-auth"/> names the agent's mission and leaves its
translation into authorization out of scope; this document specifies
that translation. Decision-layer access-request and approval workflows,
such as the OpenID AuthZEN Access Request and Approval Profile
<xref target="AuthZEN.ARAP"/>, manage approval tasks but define no issuance binding;
this document supplies the issuance-bound object such workflows
complete into.</t>
        <t>Nearby individual proposals each carry one Mission property without the
others: task-linked Rich Authorization Requests with revocation
webhooks carry a task link, intent-digest admission assertions carry an
intent commitment, and offline capability attenuation
(<xref target="I-D.draft-niyikiza-oauth-attenuating-agent-tokens"/>) carries offline
narrowing. None combines the durable approved object, state-gated
issuance, and integrity anchors this document defines.</t>
      </section>
      <section anchor="the-mission-the-plan-and-execution">
        <name>The Mission, the Plan, and Execution</name>
        <t>The Mission is the durable, AS-held object that commits the approved
authority and owns the task's lifecycle. Two related things an agent
produces around a task are deliberately not the Mission and carry no
authority of their own.</t>
        <t>The agent's <strong>plan</strong>, how it decomposes the task, chooses tools, and
delegates to sub-agents, is the agent's own strategy and is out of
scope for this document. It grants nothing: authority a sub-agent
exercises is carried by the <tt>act</tt> chain (<xref target="delegation"/>), derived from
the Mission and only ever narrowed from it (<xref target="subset"/>), never created
by the plan.</t>
        <t>The agent's <strong>execution</strong>, the tokens it derives, the calls it makes,
and the decisions taken on them, references the Mission but cannot
expand it. Revoking the Mission stops further derivation
(<xref target="lifecycle"/>); it does not undo actions already completed.
Evaluating each action against the Mission at the point of use is the
runtime layer's concern (<xref target="runtime-boundary"/>), not this document's.</t>
        <t>The invariant across all three: the plan and the execution draw on the
Mission's authority; neither enlarges it.</t>
      </section>
      <section anchor="relationship-to-agent-identity-specifications">
        <name>Relationship to Agent-Identity Specifications</name>
        <t>This document is complementary to <xref target="I-D.draft-klrc-aiagent-auth"/>
and reuses its model: the agent is the OAuth client
(<tt>client_id</tt>); the delegating user or system is the token <tt>sub</tt>.
This document does not define agent identity, credentialing, or
posture; it defines the approved-task artifact those identities act
within. An agent authenticated and delegated per that specification
uses the mechanisms here to obtain Mission-bound tokens.</t>
      </section>
      <section anchor="applicability">
        <name>Applicability</name>
        <t>This profile targets OAuth deployments where authority serves a
durable, user-approved task that spans more than one token, request,
or audience: an agent pursuing a multi-step objective on a user's
behalf, or a workflow whose audit must join activity across hops on a
shared task. It is not intended for, and adds cost without benefit to,
single-request user flows, machine-to-machine service credentials, or
short-lived authorizations where the credential's lifetime is the
task's lifetime; those use OAuth unchanged.</t>
        <t>A Mission <bcp14>SHOULD</bcp14> be scoped to a concrete task, not to an agent's whole
lifetime. A deployment <bcp14>SHOULD</bcp14> prefer narrow, per-task Missions, each
separately approved and revocable, over a single broad standing Mission
that accumulates authority across unrelated tasks. The durable object is
the approved task: keeping it task-scoped is what makes its authority
and audit meaningful and bounds the blast radius on compromise to one
task. An agent pursuing many tasks holds many Missions, not one broad
one.</t>
      </section>
      <section anchor="scope-and-future-work">
        <name>Scope and Future Work</name>
        <t>This document is a self-contained, minimum-viable profile: it binds
Missions to OAuth 2.0 and is implementable on its own, depending only
on the OAuth and JOSE specifications it cites.</t>
        <t>One normative dependency is on an in-progress individual draft, so
this document cannot advance ahead of it: the OAuth Actor Profile
(<xref target="I-D.draft-mcguinness-oauth-actor-profile"/>) for the <tt>act</tt> chain. That
dependency is confined to the <bcp14>OPTIONAL</bcp14> Delegation capability, so the mandatory
single-domain core does not depend on it. Cross-domain projection, a
single hop that lets an Authorization Server in another trust domain
honor a Mission, is specified by the companion Mission Cross-Domain
Projection profile <xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>,
which carries the identity-chaining and ID-JAG dependencies with it.</t>
        <t>Separate from this document, and not required to implement it, are
several capabilities now specified as <bcp14>OPTIONAL</bcp14> companion profiles: an
additional integrity anchor over a structured consent disclosure
(<tt>consent_rendering_hash</tt>, <xref target="consent-binding"/>) is defined by Mission
Consent Evidence <xref target="I-D.draft-mcguinness-oauth-mission-consent-evidence"/>;
mission expansion is defined by Mission Expansion
<xref target="I-D.draft-mcguinness-oauth-mission-expansion"/>; and a cross-domain
status or event-distribution mechanism for tighter revocation is defined
by Mission Status <xref target="I-D.draft-mcguinness-oauth-mission-status"/> and
Mission Lifecycle Signals <xref target="I-D.draft-mcguinness-oauth-mission-signals"/>.
A deployment implements this document without any of them. Remaining
future work, not yet specified, includes: a substrate-neutral
generalization of the Mission model across non-OAuth authorization
substrates; the normative carriage of Mission context in Transaction
Tokens (<xref target="I-D.draft-ietf-oauth-transaction-tokens"/>), shown only
illustratively in the companion's end-to-end example; and, for a
community that wants cross-vendor agreement on what a task authorizes
within a vertical, an <bcp14>OPTIONAL</bcp14> derivation profile: a registry of
standard task types mapped to authority templates, so that two
vendors in that profile derive comparable Authority Sets. This document
deliberately does not standardize the derivation algorithm itself
(<xref target="authorization-derivation"/>); a vertical profile is the appropriate
vehicle where portable derivation is genuinely needed.</t>
      </section>
      <section anchor="non-goals">
        <name>Non-Goals</name>
        <t>The following are deliberately out of scope. Each is a recurring
question for agent authorization; naming it here records that it was
considered and where it belongs, not that it was overlooked.</t>
        <ul spacing="normal">
          <li>
            <t><strong>Semantic / intent verification.</strong> This profile binds a token to an
approved authority and task; it does not evaluate whether a given
runtime action serves the Mission's purpose beyond matching the
approved <tt>authorization_details</tt> and <tt>constraints</tt>. Per-action
evaluation is the runtime layer's role (<xref target="runtime-boundary"/>).
Verifying an agent's declared reasoning against the task is a further
attestation problem outside both layers.</t>
          </li>
          <li>
            <t><strong>Approval-free authorization upgrade.</strong> The Authority Set is
committed at approval; this profile defines no mid-stream widening
that bypasses consent. Widening requires a new approval, a successor
Mission, as specified by Mission Expansion
<xref target="I-D.draft-mcguinness-oauth-mission-expansion"/>; a widening that no
consent authorizes remains out of scope.</t>
          </li>
          <li>
            <t><strong>Lifecycle event distribution.</strong> A Resource Server learns Mission
state from the token lifetime or optional introspection
(<xref target="introspection"/>); this profile defines no push-based notification
of Mission state changes. A Shared Signals (<xref target="RFC8935"/>) / CAEP
profile for Mission lifecycle events is specified separately by the
Mission Lifecycle Signals profile
(<xref target="I-D.draft-mcguinness-oauth-mission-signals"/>), not here.</t>
          </li>
          <li>
            <t><strong>Human-in-the-loop suspension.</strong> The base lifecycle here is
<tt>active</tt>, <tt>revoked</tt>, <tt>expired</tt> (<xref target="lifecycle"/>). A <tt>suspended</tt> state
with <tt>resume</tt>/<tt>complete</tt> transitions is defined as an <bcp14>OPTIONAL</bcp14>
extension by the Mission Status and Lifecycle profile
(<xref target="I-D.draft-mcguinness-oauth-mission-status"/>); a
pending-human-approval state and a holding-token pause-and-resume
protocol remain future lifecycle work.</t>
          </li>
          <li>
            <t><strong>Multi-hop cross-domain provenance.</strong> A single cross-domain hop is
specified by the companion
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>); chaining a
Mission across more than one trust-domain boundary, and the
verifiable provenance that would require, are future work.</t>
          </li>
          <li>
            <t><strong>Decentralized agent identity.</strong> Agent identity and credentialing
are out of scope (<xref target="I-D.draft-klrc-aiagent-auth"/>, and workload
identity efforts such as WIMSE); this profile governs the
approved-task artifact those identities act within, not the
identities themselves.</t>
          </li>
          <li>
            <t><strong>Cross-audience unlinkability.</strong> A single canonical Mission
Identifier and the <tt>authority_hash</tt> it shares deliberately let any
party correlate a
Mission's activity across audiences and resources. This is a design
choice, not an omission: a stable, correlatable anchor is what lets a
Resource Server, a cross-domain Resource AS, and an auditor bind
evidence to one approved Mission, which is a core goal of this
document and its companion profiles.
Pairwise or unlinkable presentation of Mission-bound authority works
against that anchor and is therefore future work, not a v1 property
(<xref target="mission-identifier-correlation"/>).</t>
          </li>
        </ul>
      </section>
      <section anchor="conventions-and-terminology">
        <name>Conventions and Terminology</name>
        <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
        <?line -18?>

<t>All JSON shown in this document is non-normative and illustrative; the
member definitions in the surrounding text are authoritative.</t>
        <dl>
          <dt>Agent (Client):</dt>
          <dd>
            <t>The OAuth client acting on a user's behalf, identified by
<tt>client_id</tt>. Agent identity is established per
<xref target="I-D.draft-klrc-aiagent-auth"/> or ordinary OAuth client
authentication.</t>
          </dd>
          <dt>Subject:</dt>
          <dd>
            <t>The user or system on whose behalf the Mission is approved,
identified by an (<tt>iss</tt>, <tt>sub</tt>) pair and carried in derived tokens'
<tt>sub</tt> claim.</t>
          </dd>
          <dt>Approver:</dt>
          <dd>
            <t>The single accountable principal who approves the Mission at the
approval event. Equal to the Subject for self-approval; different
for administrator or delegated approval. This document records one
accountable Approver; multi-party approval and the provenance of
delegated approval authority are deferred (<xref target="multi-party-approval"/>).</t>
          </dd>
          <dt>Mission Issuer (Authorization Server):</dt>
          <dd>
            <t>The OAuth AS that validates a Mission Intent, runs the approval
event, records the Mission, and derives tokens. It is the Mission's
<tt>issuer</tt>. "Mission Issuer", "issuer AS", "originating AS", and "AS" are used
interchangeably in this document.</t>
          </dd>
          <dt>Resource AS:</dt>
          <dd>
            <t>An Authorization Server in another trust domain that honors a
Mission it did not issue, minting its own tokens for its resources;
it is never the Mission Issuer. Cross-domain projection is specified
by the companion Mission Cross-Domain Projection profile
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
          </dd>
          <dt>Mission Intent:</dt>
          <dd>
            <t>The structured description of the task the client submits
(<xref target="mission-intent"/>).</t>
          </dd>
          <dt>Authority Set:</dt>
          <dd>
            <t>The set of <tt>authorization_details</tt> entries the AS derives from a
Mission Intent and the Approver approves
(<xref target="authorization-derivation"/>). "Authority Set" names these concrete
entries; it does not mean an identity authority, a trust authority,
a legal authority, or an issuing authority.</t>
          </dd>
          <dt>Mission:</dt>
          <dd>
            <t>The durable, immutable record created at the approval event
(<xref target="mission-record"/>), identified by a Mission Identifier
(<xref target="mission-id"/>).</t>
          </dd>
          <dt>Derived token:</dt>
          <dd>
            <t>An access token issued under a Mission, carrying its Mission-derived
authority (the full Authority Set or a narrowed subset) as
<tt>authorization_details</tt> and a <tt>mission</tt> claim
(<xref target="mission-bound-tokens"/>).</t>
          </dd>
          <dt>Mission-bound token:</dt>
          <dd>
            <t>An access token or refresh token issued under a Mission, carrying
its authority and the <tt>mission</tt> claim (or bound server-side, for
refresh tokens).</t>
          </dd>
        </dl>
      </section>
    </section>
    <section anchor="conformance">
      <name>Conformance</name>
      <t>An implementation conforms in one of three roles.</t>
      <t>A <strong>Mission Issuer</strong> (the Authorization Server) implements the core
issuance surfaces:</t>
      <ul spacing="normal">
        <li>
          <t>submission of a Mission Intent via PAR (<xref target="mission-intent"/>);</t>
        </li>
        <li>
          <t>derivation of <tt>mission_resource_access</tt> authorization details
(<xref target="authorization-derivation"/>);</t>
        </li>
        <li>
          <t>the approval event with its integrity anchors (<xref target="approval-event"/>);</t>
        </li>
        <li>
          <t>issuance of Mission-bound access tokens carrying the <tt>mission</tt> claim
(<xref target="mission-bound-tokens"/>);</t>
        </li>
        <li>
          <t>the subset rule (<xref target="subset"/>); and</t>
        </li>
        <li>
          <t>gating of issuance on Mission state (<xref target="lifecycle"/>).</t>
        </li>
      </ul>
      <t>A <strong>Mission-aware Resource Server</strong> implements Resource Server
enforcement (<xref target="rs-enforcement"/>).</t>
      <t>A <strong>Mission Client</strong> implements the client surfaces:</t>
      <ul spacing="normal">
        <li>
          <t>submission of the Mission Intent via PAR only
(<xref target="submission-via-par"/>), never sending <tt>authorization_details</tt>
alongside <tt>mission_intent</tt>;</t>
        </li>
        <li>
          <t>reading its granted authority from the token-response
<tt>authorization_details</tt> echo (<xref target="mission-bound-tokens"/>); and</t>
        </li>
        <li>
          <t>obtaining <tt>mission_id</tt> from the <tt>mission_id</tt> token-response parameter
or the <tt>mission</tt> claim's <tt>id</tt> (<xref target="grant-binding"/>), treating it as a
reference, never a credential.</t>
        </li>
      </ul>
      <t>Beyond these mandatory roles, an implementation <bcp14>MAY</bcp14> additionally claim
three <bcp14>OPTIONAL</bcp14> capabilities. Each is independent, and an implementation
that supports none of them is still conformant:</t>
      <ul spacing="normal">
        <li>
          <t><strong>Delegation</strong> (<xref target="delegation"/>): issuing and consuming derived tokens
that carry the <tt>act</tt> delegation chain.</t>
        </li>
        <li>
          <t><strong>Introspection</strong> (<xref target="introspection"/>): reporting Mission state through
the <tt>mission</tt> token introspection response member.</t>
        </li>
        <li>
          <t><strong>Cross-Domain</strong>: projecting a Mission so it is honored by an
Authorization Server in another trust domain. Cross-domain projection
is specified by the companion
<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>; an
implementation claiming this capability conforms to that document.</t>
        </li>
      </ul>
      <t>A conforming implementation names the optional capabilities it supports
(for example, "Mission Issuer with Delegation and Cross-Domain"); each
capability's defining section or document states its detailed
requirements.</t>
      <t>A token carrying a <tt>mission</tt> claim is not, by itself, Mission-bound
authorization. Conformance as a Mission Issuer requires the gates:
authority derived from the approved Intent and committed by the
anchors (<xref target="approval-event"/>), issuance bounded by the subset rule
(<xref target="subset"/>), and derivation gated on Mission state (<xref target="lifecycle"/>).
An implementation that carries Mission metadata without these gates
conforms to no role in this document and <bcp14>MUST NOT</bcp14> be described as
implementing it.</t>
      <t>The <tt>mission_bound_authorization_supported</tt> metadata (<xref target="discovery"/>)
advertises Mission Issuer support only. It makes no assertion about any
Resource Server, which does not advertise through Authorization Server
metadata. The <bcp14>OPTIONAL</bcp14> capabilities are discovered first through
existing OAuth metadata (<xref target="RFC8414"/>): <tt>introspection_endpoint</tt> for
introspection, and <tt>grant_types_supported</tt> containing
<tt>urn:ietf:params:oauth:grant-type:token-exchange</tt> for delegation and
for the companion's cross-domain grant issuance. Absent such a signal,
a capability is discovered out of band or by attempt: a Token
Exchange, a cross-domain grant issuance, or an introspection request
fails if the issuer does not support it.</t>
      <t>The smallest useful conforming deployment, noted here informatively,
is a Mission Issuer that derives in narrowing mode from the Intent's
<tt>proposed_authority</tt> (<xref target="authorization-derivation"/>), emits only the
Common Constraints of <xref target="common-constraints"/>, and implements none of
the <bcp14>OPTIONAL</bcp14> capabilities; a scope-only Resource Server still operates
at the coarse scope level (<xref target="rs-enforcement"/>). This note names a
starting point and creates no new conformance class.</t>
    </section>
    <section anchor="overview">
      <name>Overview</name>
      <section anchor="principal-model">
        <name>Principal Model</name>
        <t>This document maps principals onto native OAuth constructs:</t>
        <ul spacing="normal">
          <li>
            <t>The <strong>Agent</strong> is the OAuth client, referenced by <tt>client_id</tt>. Agent
identity and credentialing are out of scope (see
<xref target="I-D.draft-klrc-aiagent-auth"/>).</t>
          </li>
          <li>
            <t>The <strong>Subject</strong> and <strong>Approver</strong> are each an (<tt>iss</tt>,
<tt>sub</tt>) pair, matching the access token <tt>sub</tt> model of <xref target="RFC9068"/>.</t>
          </li>
        </ul>
        <t>On a derived token the <tt>sub</tt> claim is the Subject's <tt>sub</tt> and the
token <tt>iss</tt> is the AS; within the issuing AS's namespace this
(<tt>iss</tt>, <tt>sub</tt>) pair is authoritative for the Subject, and Resource
Servers authorize against it. The Subject's home issuer is recorded
on the Mission as <tt>subject.iss</tt> for audit and is not carried on the
token; this document defines no runtime lookup of it (there is no
by-Mission status endpoint). Across trust domains, the companion's
cross-domain grant conveys Subject identity to the Resource AS through
its own subject-resolution claims
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>), not through a
Mission lookup.</t>
        <t>Issuer roles obey three invariants: a Mission has exactly one Mission
Issuer, its <tt>issuer</tt>; a Resource AS never creates or alters a Mission;
and a local token minted in another domain preserves the <tt>mission</tt>
claim unchanged (<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
        <t>Principals are recorded at the approval event and are immutable. Two
principals are equal when their <tt>iss</tt> and <tt>sub</tt> are byte-equal.
Dynamic delegation (the actors an agent delegates to during
execution) is carried on derived tokens via the <tt>act</tt> chain
(<xref target="delegation"/>), not on the immutable Mission record. Richer subject
identifier formats (for example, the formats of <xref target="RFC9493"/>) <bcp14>MAY</bcp14> be
layered in future versions and are not required here.</t>
      </section>
      <section anchor="protocol-flow">
        <name>Protocol Flow</name>
        <artwork><![CDATA[
 Agent (client)                       Mission Issuer (AS)
      |                                     |
      | 1. PAR: mission_intent ------------>| derive authority
      |<----------- request_uri ------------| (authz_details)
      |                                     |
      | 2. authorization request ---------->| Approver consents
      |                                     |   -> authority_hash
      |<-------------- code ----------------| -> Mission active
      |                                     |   (bound to the grant)
      |                                     |
      | 3. token request ------------------>| gate: active?
      |<----------- access token -----------| + authz_details
      |                                     |   + mission claim
      v
]]></artwork>
        <t>The flow then leaves the AS: (4) the agent calls the Resource Server
with the token; the RS enforces the <tt>authorization_details</tt>
statelessly and <bcp14>MAY</bcp14> check the <tt>mission</tt> claim, with no callback to the
AS required. (5) A management revoke, or <tt>expires_at</tt> passing,
moves the Mission to <tt>revoked</tt> or <tt>expired</tt>, after which the AS refuses further
issuance and refresh; a deployment <bcp14>MAY</bcp14> additionally compose RFC 7009
<xref target="RFC7009"/> refresh-token revocation (<xref target="revocation"/>). The end-to-end
example (<xref target="e2e-example"/>) walks this flow with concrete messages.</t>
      </section>
    </section>
    <section anchor="mission-intent">
      <name>Mission Intent</name>
      <t>A Mission Intent is the proposal; the Mission is the approval; the
integrity anchors commit the moment of transition. Before the approval
event (<xref target="approval-event"/>) only the Intent exists, as untrusted client
input (<xref target="submission-via-par"/>); after it, only the Mission is
authoritative. A Mission Intent therefore has no protocol identifier
of its own: two submissions of the same Intent produce two distinct
pending requests, and a Mission acquires its Mission
Identifier (<xref target="mission-id"/>) only at activation. The approved Intent is
recorded on the Mission and committed by <tt>intent_hash</tt>
(<xref target="integrity-anchors"/>); it describes the task but commits no
authority, which is committed separately by <tt>authority_hash</tt> over the
derived Authority Set (<xref target="authorization-derivation"/>).</t>
      <t>A Mission Intent is a JSON object describing the task. The client
submits it in place of <tt>scope</tt>, or alongside a narrowed <tt>scope</tt>. It
has the following members:</t>
      <dl>
        <dt><tt>goal</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. A human-readable statement of the task,
for rendering to the Approver. Maximum 4096 characters.</t>
        </dd>
        <dt><tt>resources</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. An array of strings. The target resources the
task needs, each an absolute URI identifying a protected resource
(an OAuth resource per <xref target="RFC8707"/>-style indicators or a Protected
Resource per <xref target="RFC9728"/>).</t>
        </dd>
        <dt><tt>constraints</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. An array of strings. Human-readable bounds on
the task (for example, "read only invoices from 2026"). These
inform derivation and consent rendering.</t>
        </dd>
        <dt><tt>proposed_authority</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. An array of objects, each shaped as an <xref target="RFC9396"/>
            <tt>authorization_details</tt> entry. The client's concrete authority
proposal for the task. It is untrusted input like the rest of the
Intent and is committed by <tt>intent_hash</tt> with it
(<xref target="integrity-anchors"/>). When present, the AS <bcp14>MUST</bcp14> derive each
Authority Set entry as a subset (<xref target="subset"/>) of some
<tt>proposed_authority</tt> entry, and the deterministic-reproducibility
rule for narrowing-mode derivation applies
(<xref target="authorization-derivation"/>); <tt>goal</tt> and <tt>constraints</tt> then serve
as rendering and bounding context over the proposed authority.</t>
        </dd>
        <dt><tt>success_criteria</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. An array of strings. Human-readable
observable outcomes that indicate the task is complete. These are
disclosure and audit material only: they are rendered to the
Approver and committed by <tt>intent_hash</tt> (<xref target="integrity-anchors"/>),
but carry no machine semantics and <bcp14>MUST NOT</bcp14> be used to derive,
widen, or gate authority.</t>
        </dd>
        <dt><tt>purpose</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. A string. A URI identifying the purpose of the
task, recorded for disclosure and audit. Its semantics are
deployment- or registry-defined and opaque to this document; like
<tt>success_criteria</tt> it <bcp14>MUST NOT</bcp14> be used to derive, widen, or gate
authority. A deployment <bcp14>MAY</bcp14> consult it for out-of-band policy or
logging that does not affect the authority derived here.</t>
        </dd>
        <dt><tt>expires_at</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. An RFC 3339 <xref target="RFC3339"/>
date-time after which the AS <bcp14>MUST NOT</bcp14> derive tokens under the
Mission.</t>
        </dd>
        <dt><tt>controls</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. An object of machine-actionable bounds. This
document defines the members below; others <bcp14>MAY</bcp14> be added by
deployments or defined by companion profiles (an extension member
follows the collision-resistant naming and fail-safe rules of
<xref target="extensibility"/>):
</t>
          <dl>
            <dt><tt>acr</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>. A string. An authentication context class for the
approval event: the approval authentication <bcp14>MUST</bcp14> be one the
deployment's policy maps as satisfying the named class. No global
ordering of <tt>acr</tt> values exists; the mapping is deployment policy.</t>
            </dd>
            <dt><tt>max_derivations</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>. A positive integer (1 or greater). A
bound on the number of derivations the issuer AS performs under the
Mission, enforced per <xref target="lifecycle"/>. A value of 0 is invalid (it
would forbid even the initial issuance); to stop a Mission, revoke
it (<xref target="revocation"/>). An AS <bcp14>MUST</bcp14> reject <tt>max_derivations</tt> below 1
with <tt>invalid_request</tt>. This is an issuer-AS
derivation cap, not an end-to-end credential cap: a cross-domain
issuance counts as one derivation, and tokens another domain mints
locally are not counted by the issuer, which cannot observe them
(<xref target="lifecycle"/>; detail in
<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
            </dd>
          </dl>
        </dd>
      </dl>
      <t>This document defines no cumulative consumption bounds (for example, a
budget, call-count, or activity-duration cap): every bound this
document defines is enforced by a party this document names. An
experimental companion defines cumulative consumption bounds as
<tt>controls</tt> extension members together with the runtime metering that
enforces them (<xref target="I-D.draft-mcguinness-mission-metering"/>). The
following table summarizes which party enforces each bound a Mission
carries and what holds when that enforcer is absent:</t>
      <table>
        <thead>
          <tr>
            <th align="left">Bound</th>
            <th align="left">Enforced by</th>
            <th align="left">When that enforcer is absent</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">
              <tt>resource</tt> and <tt>actions</tt></td>
            <td align="left">any Resource Server that enforces <tt>authorization_details</tt> (<xref target="rs-enforcement"/>)</td>
            <td align="left">a scope-only RS enforces only the coarse <tt>scope</tt> projection (<xref target="rs-enforcement"/>)</td>
          </tr>
          <tr>
            <td align="left">per-entry <tt>constraints</tt></td>
            <td align="left">a Resource Server that understands and enforces the key (<xref target="rs-enforcement"/>)</td>
            <td align="left">a Mission-aware RS fails closed; a scope-only RS does not evaluate them</td>
          </tr>
          <tr>
            <td align="left">
              <tt>max_derivations</tt></td>
            <td align="left">the issuer AS at each derivation (<xref target="lifecycle"/>)</td>
            <td align="left">never absent at the issuer; it does not bound another domain's local minting (see the cross-domain companion)</td>
          </tr>
        </tbody>
      </table>
      <t>Example Mission Intent:</t>
      <sourcecode type="json"><![CDATA[
{
  "goal": "Reconcile Q3 invoices and post adjustments under $500.",
  "resources": ["https://erp.example.com"],
  "constraints": [
    "Read only invoices issued in 2026-Q3.",
    "Post journal entries under $500."
  ],
  "success_criteria": [
    "All Q3 invoices reconciled.",
    "Each posted adjustment references a source invoice."
  ],
  "purpose": "urn:example:purpose:reconcile",
  "expires_at": "2026-12-31T23:59:59Z",
  "controls": {
    "acr": "urn:example:acr:mfa",
    "max_derivations": 200
  }
}
]]></sourcecode>
      <section anchor="submission-via-par">
        <name>Submission via PAR</name>
        <t>A client <bcp14>MUST</bcp14> submit a Mission Intent through a Pushed Authorization
Request <xref target="RFC9126"/> using the <tt>mission_intent</tt> request parameter. The
parameter value is the UTF-8 JSON <xref target="RFC8259"/> serialization of the
Mission Intent object, carried as an ordinary OAuth request-parameter
value (form-encoded in the <tt>application/x-www-form-urlencoded</tt> PAR
request body, like other OAuth parameters). The AS returns a
<tt>request_uri</tt> as usual, which the client uses to start authorization.
An AS that cannot parse <tt>mission_intent</tt> as a JSON object, or that
parses it but finds it structurally invalid against this document's
member definitions, <bcp14>MUST</bcp14> refuse the request with <tt>invalid_request</tt>.</t>
        <t>A Mission Intent is closed at the top level: an AS <bcp14>MUST</bcp14> reject with
<tt>invalid_request</tt> a Mission Intent containing a top-level member this
document does not define. The top level is closed because its members
feed approval rendering and the <tt>intent_hash</tt> commitment: an undefined
member would enter what the Approver reads and what the anchor
commits. Extension data belongs under <tt>controls</tt>, so deployment-defined
semantics are explicit and cannot masquerade as core Intent semantics.
This closure also keeps issuer-output members, such as a client-planted
<tt>authority_hash</tt>, from entering through the Intent.</t>
        <t>A different case is an Intent that is well-formed but from which the AS
cannot derive a valid Authority Set (for example, an unsupported
resource, action, or authorization details type, or a policy that bars
the requested authority). In that case the AS <bcp14>SHOULD</bcp14> refuse with
<tt>invalid_authorization_details</tt> (<xref target="RFC9396"/>), even though the client
did not submit <tt>authorization_details</tt> directly. This lets a client
distinguish a syntax error from an authority-derivation failure.</t>
        <t>The Intent <bcp14>MUST</bcp14> arrive through PAR: an AS <bcp14>MUST</bcp14> reject with
<tt>invalid_request</tt> a <tt>mission_intent</tt> presented on a front-channel
authorization request that does not use a PAR-issued <tt>request_uri</tt>; a
stray <tt>mission_intent</tt> on a request that redeems a <tt>request_uri</tt> is
ignored, as specified below. The
prohibition applies regardless of carriage: a <tt>mission_intent</tt> carried
inside a signed request object is equally rejected; only PAR submission
is accepted. PAR
keeps the integrity-sensitive Intent off the untrusted front channel.
Because <tt>mission_intent</tt> is untrusted client input that the AS records,
derives from, and hashes, an AS <bcp14>MUST</bcp14> bound its total size and the
lengths of its arrays, refusing an Intent that exceeds the deployment's
limits with <tt>invalid_request</tt>, so an oversized Intent cannot exhaust the
AS at rendering, derivation, or hashing. The limits are
deployment-defined.</t>
        <t>A client <bcp14>MUST NOT</bcp14> submit <tt>authorization_details</tt> directly together
with <tt>mission_intent</tt>; the AS derives authorization details from the
Intent (<xref target="authorization-derivation"/>). A request carrying both <bcp14>MUST</bcp14>
be refused with <tt>invalid_request</tt>. This prohibition governs the raw
<xref target="RFC9396"/> request parameter; a client proposes concrete authority
inside the Intent, through <tt>proposed_authority</tt>
(<xref target="mission-intent"/>). A client <bcp14>MAY</bcp14> submit <tt>scope</tt> and
<tt>resource</tt> (<xref target="RFC8707"/>) values; the AS treats them as a requested
subset and <bcp14>MUST NOT</bcp14> grant authority beyond what the Mission Intent
yields.</t>
        <t>For a Mission request, the parameters pushed via PAR are authoritative.
The AS <bcp14>MUST</bcp14> ignore any <tt>mission_intent</tt>, <tt>authorization_details</tt>,
<tt>scope</tt>, or <tt>resource</tt> presented on the front-channel authorization
request that redeems the <tt>request_uri</tt>. The AS <bcp14>MUST NOT</bcp14> let such a
front-channel value widen the authority derived from the pushed Intent.</t>
        <t>A Mission Intent is untrusted client input. Trust enters only when the
AS validates it and the Approver consents to the rendered result. The
AS <bcp14>MUST</bcp14> treat the submitted Intent as a proposal, never as authority.
The AS <bcp14>MUST</bcp14> derive authority and bound it by policy regardless of what
the client submitted. How a client produces the Mission Intent (for
example, a "Mission Shaper" that derives it from a natural-language
instruction) is out of scope for this document.</t>
      </section>
    </section>
    <section anchor="authorization-derivation">
      <name>Mission Authority</name>
      <t>From the Mission Intent, the AS derives the <strong>Authority Set</strong>: one or
more <xref target="RFC9396"/> <tt>authorization_details</tt> entries of type
<tt>mission_resource_access</tt> (<xref target="type-registration"/>). The AS <bcp14>MUST</bcp14>:</t>
      <ul spacing="normal">
        <li>
          <t>Produce, for each <tt>resources</tt> entry the deployment recognizes, a
<tt>mission_resource_access</tt> entry whose <tt>resource</tt> is that URI and
whose <tt>actions</tt> are derived from the Intent's <tt>goal</tt>, <tt>constraints</tt>,
and deployment policy.</t>
        </li>
        <li>
          <t>Bound every derived entry by the Mission Intent: each derived entry's
<tt>resource</tt> <bcp14>MUST</bcp14> be one of the Intent's <tt>resources</tt> values, and the
derived authority <bcp14>MUST NOT</bcp14> exceed any machine-actionable <tt>controls</tt>
bound. When the Intent carries <tt>proposed_authority</tt>
(<xref target="mission-intent"/>), each derived entry <bcp14>MUST</bcp14> additionally be a
subset (<xref target="subset"/>) of some <tt>proposed_authority</tt> entry. The AS
<bcp14>SHOULD</bcp14> derive with fidelity to the Intent's <tt>goal</tt> and
<tt>constraints</tt>; the recorded <tt>policy_version</tt> makes that fidelity
auditable.</t>
        </li>
        <li>
          <t>Record the policy version used for derivation as the Mission's
<tt>policy_version</tt>.</t>
        </li>
      </ul>
      <t>A <tt>resources</tt> entry the deployment does not recognize either causes
refusal with <tt>invalid_authorization_details</tt> (<xref target="submission-via-par"/>)
or is omitted from the Authority Set, by deployment policy. When an
entry is omitted, the token-response <tt>authorization_details</tt> echo
(<xref target="mission-bound-tokens"/>) conveys the granted set, and the AS <bcp14>SHOULD</bcp14>
signal to the client that derivation was partial.</t>
      <t>The derived Authority Set, not the Mission Intent, is the authority the
Approver consents to: the AS renders the Authority Set for approval and
commits it as <tt>authority_hash</tt> (<xref target="approval-event"/>). The Intent's
<tt>goal</tt>, <tt>constraints</tt>, and other members describe and bound the task
but grant no authority by themselves (<xref target="mission-intent"/>); they
constrain what the AS <bcp14>MAY</bcp14> derive, never widen it.</t>
      <t>Derivation is governed by local policy and is not a portable algorithm:
different Authorization Servers <bcp14>MAY</bcp14> derive different Authority Sets from
the same Mission Intent, exactly as different deployments grant
different authority for the same <xref target="RFC9396"/> request or the same scope.
That locality is intended, not a gap. It is the resource-owning AS's
policy, and it is not a value a foreign party needs to reproduce. What
this profile makes interoperable is therefore not the derivation step
but its result: the derived Authority Set's structure and vocabulary
(<xref target="authorization-derivation"/>, <xref target="common-constraints"/>) and its
integrity anchors (<xref target="integrity-anchors"/>), which a consumer in any
domain interprets, enforces, and audits identically. A consumer enforces
the derived Authority Set, never the Intent.</t>
      <t>Two rules keep local derivation accountable rather than opaque. First,
reproducibility, scoped to how the AS derives. When the AS derives by
narrowing the Intent's <tt>proposed_authority</tt> entries
(<xref target="mission-intent"/>), the
same Mission Intent and the same <tt>policy_version</tt> <bcp14>MUST</bcp14> yield the same
Authority Set at a given AS, so a derivation can be re-checked and a
divergence detected. When the AS derives generatively, from free text or
with model assistance, that determinism is not achievable; such an AS
<bcp14>SHOULD</bcp14> instead make the derivation reproducible on a best-effort basis,
disclose that it is non-deterministic, and record the <tt>policy_version</tt>
and the inputs so a derivation can still be reviewed after the fact.
Second, an AS <bcp14>SHOULD</bcp14> make the policy identified by a
<tt>policy_version</tt> inspectable to relying parties and auditors that
need to evaluate how it derives authority. Local policy is thus versioned and reviewable, which
is what a cross-domain trust decision actually needs, even though the
policy itself does not travel.</t>
      <t>Where cross-vendor interoperability matters, an AS <bcp14>SHOULD</bcp14> derive the
Authority Set by narrowing the Intent's <tt>proposed_authority</tt> entries
(<xref target="mission-intent"/>) to policy, rather than generating one from free
text. Narrowing is governed by the subset rule (<xref target="subset"/>), which is
interoperable, so the result is verifiable and enforceable in any domain
even though the policy decision of what to narrow to stays local; the
Intent's <tt>goal</tt> and <tt>constraints</tt> then serve as the human-readable
consent-rendering layer over that proposed authority. Generating
authority from free text alone is permitted but is the least portable
and most semantically fraught option, and <bcp14>SHOULD</bcp14> be reserved for
deployments that do not need cross-vendor agreement.</t>
      <t>For an open-ended task whose concrete objects cannot be enumerated at
approval (for example, "reconcile this customer's ledger," where the
individual invoices are not yet known), the AS <bcp14>SHOULD</bcp14> bound the derived
authority primarily by <tt>constraints</tt> that hold as invariants over those
objects (the owning customer, the tenant, an amount ceiling, read-only
except named write actions, a validity window) rather than by an
exhaustive <tt>resource</tt> enumeration. The runtime layer
(<xref target="runtime-boundary"/>) checks each concrete object against the
constraint at the point of use. Constraint-bounding lets a Mission cover
an open-ended task with tight authority even though the specific objects
are unknown at approval, and avoids the over-broad enumeration a
deployment would otherwise need in order to anticipate them.</t>
      <t>A <tt>mission_resource_access</tt> entry is a <xref target="RFC9396"/>
        <tt>authorization_details</tt> object with these members:</t>
      <dl>
        <dt><tt>type</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. <tt>mission_resource_access</tt>.</t>
        </dd>
        <dt><tt>resource</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The single protected resource the
entry applies to, an absolute URI identifying an OAuth protected
resource (<xref target="RFC8707"/>) or a Protected Resource (<xref target="RFC9728"/>). It is
the same kind of identifier as the <xref target="RFC8707"/> <tt>resource</tt> value. The
AS derives the token <tt>aud</tt> from the <tt>resource</tt> values of the carried
entries as described in <xref target="mission-bound-tokens"/>; the <tt>aud</tt> identifies
the Resource Server(s) and need not be byte-equal to a <tt>resource</tt> (it
is typically coarser). <tt>resource</tt> is carried here as a type-specific member of
each
<tt>mission_resource_access</tt> entry, which <xref target="RFC9396"/> permits; carrying
it per entry (rather than once for the request, as the <xref target="RFC8707"/>
            <tt>resource</tt> request parameter does) lets one token scope distinct
authority to distinct resources. Per <xref target="RFC9396"/> Section 3.2, the <tt>resource</tt>
authorization request parameter does not affect how the AS
processes <tt>authorization_details</tt>, and this member is distinct from the
<xref target="RFC9396"/> common <tt>locations</tt> field.</t>
        </dd>
        <dt><tt>resource_match</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. A string: <tt>exact</tt> (the default, and the behavior when the
member is absent) or <tt>prefix</tt>. Under <tt>exact</tt> the entry applies to the
<tt>resource</tt> URI alone. Under <tt>prefix</tt> the entry authorizes the
<tt>resource</tt> itself and any URI beneath it at a path-segment boundary
(the <tt>resource</tt> followed by <tt>/</tt> and further path). These two values
are the only ones defined; a consumer <bcp14>MUST</bcp14> treat an entry whose
<tt>resource_match</tt> value it does not recognize as unenforceable and
fail closed (<xref target="rs-enforcement"/>). Containment between effective
resource sets is compared as defined in <xref target="subset"/>.</t>
        </dd>
        <dt><tt>actions</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. An array of strings. Permitted action
values. Each value is either an action identifier matching
<tt>[A-Za-z0-9_.:-]+</tt> or an action family: an action identifier followed
by <tt>.*</tt>. Like an OAuth scope, an
action value carries meaning only at the <tt>resource</tt> that defines
it; a consumer enforces only the actions it recognizes for that
resource and honors no others, so an action a consumer does not
understand is fail-closed by construction (the action is simply not
within the authority it can enforce). An AS <bcp14>SHOULD</bcp14> draw action
identifiers from a namespace the serving resource documents, so the
set is interpretable cross-vendor rather than ad hoc. An action
family authorizes every action whose dot-separated identifier
extends the family name at a segment boundary (<tt>invoices.*</tt>
authorizes <tt>invoices.read</tt> and <tt>invoices.q3.export</tt>, not
<tt>invoicesx.read</tt>). A consent rendering <bcp14>MUST</bcp14> present a family as the
breadth it is: all actions under the name, not one action. An AS
<bcp14>SHOULD</bcp14> treat deriving a family as high-risk breadth.</t>
        </dd>
        <dt><tt>constraints</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. An object. Machine-actionable per-resource
bounds (for example, <tt>max_amount</tt>). A member name defined as a
Common Constraint (<xref target="common-constraints"/>) has shared semantics
across deployments; any other name is deployment-defined.
</t>
          <ul spacing="normal">
            <li>
              <t>Because a <tt>constraints</tt> member narrows authority, a Resource Server
that cannot enforce one <bcp14>MUST</bcp14> fail closed (<xref target="rs-enforcement"/>).</t>
            </li>
            <li>
              <t>To avoid that failure mode, the AS <bcp14>SHOULD</bcp14> emit for a given
<tt>resource</tt> only <tt>constraints</tt> keys that the Resource Server serving
it is known (by registration or deployment policy) to understand
and enforce.</t>
            </li>
          </ul>
        </dd>
        <dt><tt>delegation</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>. An object. The delegation policy for this
entry (<xref target="delegation-constraints"/>). When absent, this entry's
authority is non-delegable: it <bcp14>MUST NOT</bcp14> appear in a delegated
token. When present, it has these members:
</t>
          <dl>
            <dt><tt>max_depth</tt>:</dt>
            <dd>
              <t><bcp14>REQUIRED</bcp14>. An integer. The maximum delegation depth at
which this entry's authority may be exercised
(<xref target="delegation-constraints"/>).</t>
            </dd>
            <dt><tt>allowed_delegates</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>. An array of objects. The permitted
delegates, each a <tt>may_act</tt>-style matcher
(<xref target="delegation-constraints"/>): <tt>{ "sub": "&lt;client_id&gt;" }</tt> for a
specific delegate, or <tt>{ "sub_profile": "&lt;actor-type&gt;" }</tt> for an
actor-type class. When absent, any actor is permitted (subject to
<tt>max_depth</tt>).</t>
            </dd>
          </dl>
          <t>A companion profile of this document <bcp14>MAY</bcp14> define additional
<tt>delegation</tt> members. Such a member is policy, not authority
(<xref target="delegation-constraints"/>): a derived entry's value for it <bcp14>MUST
NOT</bcp14> be broader than the parent entry's, and a member the AS does not
understand is carried unchanged.</t>
        </dd>
      </dl>
      <t>Example Authority Set (the read entry is delegable to depth 2 and
bounded to a Q3 issuance window by the <tt>resource_issued_after</tt> and
<tt>resource_issued_before</tt> Common Constraints (<xref target="common-constraints"/>);
the write entry carries no <tt>delegation</tt> and so is non-delegable, because
<tt>delegation</tt> is per entry):</t>
      <sourcecode type="json"><![CDATA[
[
  { "type": "mission_resource_access",
    "resource": "https://erp.example.com",
    "actions": ["invoices.read"],
    "constraints": {
      "resource_issued_after": "2026-07-01T00:00:00Z",
      "resource_issued_before": "2026-09-30T23:59:59Z"
    },
    "delegation": {
      "max_depth": 2,
      "allowed_delegates": [{ "sub_profile": "ai_agent" }]
    } },
  { "type": "mission_resource_access",
    "resource": "https://erp.example.com",
    "actions": ["journal-entries.write"],
    "constraints": {
      "max_amount": { "amount": "500.00", "currency": "USD" }
    } }
]
]]></sourcecode>
      <section anchor="subset">
        <name>Subset Rule</name>
        <t>When the AS narrows the Authority Set for a derived token, a derived
<tt>mission_resource_access</tt> entry A is a subset of a Mission entry B
when:</t>
        <ol spacing="normal" type="1"><li>
            <t>A's effective resource set is contained in B's
(<tt>resource_match</tt>, <xref target="authorization-derivation"/>): when neither
entry sets <tt>resource_match: "prefix"</tt>, A.<tt>resource</tt> equals
B.<tt>resource</tt>; when B is a <tt>prefix</tt> entry, A (whether <tt>exact</tt> or
<tt>prefix</tt>) is contained when A.<tt>resource</tt> equals B.<tt>resource</tt> or
extends its path at a path-segment boundary; a <tt>prefix</tt> A is never
contained in an <tt>exact</tt> B.</t>
          </li>
          <li>
            <t>Every A.<tt>actions</tt> value is within some B.<tt>actions</tt> value: a value
is within an equal value; a literal action is within a family whose
name it extends at a segment boundary (<tt>invoices.read</tt> is within
<tt>invoices.*</tt>); a family is within a reference family when its own
name extends the reference's name at a segment boundary
(<tt>invoices.q3.*</tt> is within <tt>invoices.*</tt>). A family is never within
a literal action.</t>
          </li>
          <li>
            <t>For every key K in <strong>B</strong>.<tt>constraints</tt>, K <bcp14>MUST</bcp14> also be present in
A.<tt>constraints</tt>, and A's value <bcp14>MUST</bcp14> be no broader than B's under
K's subset rule: the specification-defined rule when K is a Common
Constraint
(<xref target="common-constraints"/>), the deployment-defined comparison
otherwise. A key present in B but absent from A is treated as the
broadest possible value and therefore fails this test. In short,
constraints <bcp14>MUST NOT</bcp14> be dropped, only added or tightened.</t>
          </li>
        </ol>
        <t>The AS <bcp14>MUST</bcp14> refuse to derive an entry that is not a subset of some
Mission Authority Set entry.</t>
        <t>Authority under a Mission <bcp14>MUST NOT</bcp14> widen after the approval event: a
request that exceeds the Authority Set on any dimension (a new
resource, action, actor, delegation path, longer duration, or
constraint relaxation) is refused under this rule, and broader
authority requires a fresh approval event, either a new Mission or a
successor per the companion
<xref target="I-D.draft-mcguinness-oauth-mission-expansion"/>.</t>
        <t>Resource containment under a <tt>prefix</tt> reference is compared after
RFC 3986 <xref target="RFC3986"/> syntax-based normalization of both URIs: lowercase
the scheme and host, remove a default port, decode percent-encoded
octets of unreserved characters, and remove dot-segments. This
normalization applies to comparison only, never to hashing: anchor
computation (<xref target="integrity-anchors"/>, <xref target="canonicalization"/>) remains
byte-exact over the recorded values and is untouched by this rule.</t>
        <t>The default comparison is deliberately flat: <tt>resource</tt> matches by
exact equality and a literal action by array membership. Hierarchy is
opt-in and closed to the two forms above: <tt>resource_match: "prefix"</tt>
for resource containment and <tt>.*</tt> action families for action
containment (<xref target="authorization-derivation"/>). A deployment that uses
neither retains the flat behavior unchanged.</t>
        <t>The <tt>delegation</tt> member is policy, not authority, and is not part of
this comparison (<xref target="delegation-constraints"/>). A derived entry's
<tt>delegation</tt>, when present, <bcp14>MUST NOT</bcp14> be broader than the parent entry's:
its <tt>max_depth</tt> <bcp14>MUST</bcp14> be no greater and its <tt>allowed_delegates</tt> <bcp14>MUST</bcp14> be
no wider. A derived entry <bcp14>MUST NOT</bcp14> introduce <tt>delegation</tt> where the
parent entry has none.</t>
      </section>
      <section anchor="common-constraints">
        <name>Common Constraints</name>
        <t>A <tt>constraints</tt> member name (<xref target="authorization-derivation"/>) is either a
specification-defined <strong>Common Constraint</strong> or a deployment-defined
key. Common
Constraints give independently developed deployments one vocabulary
they interpret, narrow, and compare identically; further Common
Constraints are defined by specification under the naming convention of
<xref target="iana-common-constraints"/>.</t>
        <t>A Common Constraint definition fixes:</t>
        <ul spacing="normal">
          <li>
            <t><strong>Value syntax</strong>: the JSON <xref target="RFC8259"/> value type and any additional
rules.</t>
          </li>
          <li>
            <t><strong>Subset rule</strong>: how a candidate value is judged no broader than a
reference value, used by the subset comparison of <xref target="subset"/>.</t>
          </li>
          <li>
            <t><strong>Intersection rule</strong>: how two values for the same key combine; the
result <bcp14>MUST</bcp14> be no broader than either operand.</t>
          </li>
        </ul>
        <t>A <tt>constraints</tt> member whose name is a specification-defined Common
Constraint is interpreted per its
definition. Any other member name remains
deployment-defined and is interpreted only within the issuing
deployment; a consumer that does not recognize it <bcp14>MUST</bcp14> fail closed
(<xref target="rs-enforcement"/>).</t>
        <t>This document defines the initial Common Constraints:</t>
        <ul spacing="normal">
          <li>
            <t><tt>max_amount</tt> (object): a per-action ceiling on a monetary amount.
The value is an object with two members: <tt>amount</tt> (<bcp14>REQUIRED</bcp14>, a
string containing a decimal number) and <tt>currency</tt> (<bcp14>REQUIRED</bcp14>, an
ISO 4217 <xref target="ISO4217"/> currency code). Subset: no broader when the <tt>currency</tt>
values are equal and the candidate <tt>amount</tt> is less than or equal
to the reference <tt>amount</tt>, compared in decimal value space;
differing currencies fail the comparison (no conversion is
defined). Intersection: when the <tt>currency</tt> values are equal, the
value with the smaller <tt>amount</tt>; differing currencies have no
intersection and the combination fails.</t>
          </li>
          <li>
            <t><tt>resource_issued_after</tt> (string, an RFC 3339 <xref target="RFC3339"/> date-time):
the action applies only to resources issued at or after this instant.
Subset: no broader when greater than or equal to the reference.
Intersection: the later instant.</t>
          </li>
          <li>
            <t><tt>resource_issued_before</tt> (string, an RFC 3339 <xref target="RFC3339"/> date-time):
the action applies only to resources issued at or before this
instant. Subset: no broader when less than or equal to the reference.
Intersection: the earlier instant. The <tt>resource_</tt> qualifier in both
names marks that the window bounds resource issuance, not token
issuance.</t>
          </li>
          <li>
            <t><tt>tenant</tt> (string): the action applies only to resources of the named
tenant. Subset: no broader when equal to the reference value.
Intersection: the common value when the two are equal; otherwise
there is no intersection and the combination fails.</t>
          </li>
          <li>
            <t><tt>recipient_domain</tt> (string, a DNS name): the action applies only to
recipients within the named domain. Subset: no broader when equal to
the reference or a DNS subdomain of it. Intersection: the narrower
value when one is equal to or a subdomain of the other; otherwise
there is no intersection and the combination fails.</t>
          </li>
        </ul>
        <t>These comparisons are in value space, not lexical: <tt>max_amount</tt>
          <tt>amount</tt> members are compared as the decimal numbers the strings
contain, so <tt>"500"</tt>, <tt>"500.0"</tt>, and <tt>"500.00"</tt> are equal;
<tt>resource_issued_after</tt> and <tt>resource_issued_before</tt> values are
compared as the
instants they denote after normalization to UTC, so two RFC 3339
representations of the same instant that differ only in timezone offset
or trailing subsecond zeros are equal; <tt>recipient_domain</tt> values are
compared as DNS names, case-insensitively and on whole labels, so
<tt>mail.example.com</tt> is within <tt>example.com</tt> and <tt>not-example.net</tt> is
not. A Common Constraint definition
<bcp14>MUST</bcp14> fix its subset and intersection in value-space terms, so that
independent deployments compute the same result for the same values and
the subset rule of <xref target="subset"/> is reproducible.</t>
        <t>A numeric constraint value <bcp14>MUST</bcp14> lie within the range JCS <xref target="RFC8785"/>
serializes exactly. Monetary amounts avoid that hazard by
construction: <tt>max_amount</tt> carries its <tt>amount</tt> as a string containing
a decimal number, paired with an ISO 4217 <xref target="ISO4217"/> <tt>currency</tt> code, and a
future Common Constraint for a monetary value <bcp14>SHOULD</bcp14> reuse this shape
rather than a JSON number.</t>
      </section>
      <section anchor="other-types">
        <name>Other Authorization Details Types</name>
        <t><tt>mission_resource_access</tt> is the only type this document defines, but
the Authority Set <bcp14>MAY</bcp14> include other AS-supported <xref target="RFC9396"/>
          <tt>authorization_details</tt> types when an audience consumes them. ("Supported"
here means the AS recognizes and documents the type, as advertised by
<tt>authorization_details_types_supported</tt> (<xref target="discovery"/>); RFC 9396
establishes no IANA registry of type identifiers.) The Mission apparatus
is type-agnostic toward such entries:</t>
        <ul spacing="normal">
          <li>
            <t>they are committed by <tt>authority_hash</tt> and gated on Mission state
exactly as <tt>mission_resource_access</tt> entries are;</t>
          </li>
          <li>
            <t>narrowing and delegation use the subset semantics the type defines
(<xref target="subset"/>, <xref target="delegation-constraints"/>). A type whose subset and
delegation semantics the AS does not understand <bcp14>MUST NOT</bcp14> be
delegated, audience-projected to a Resource AS, or narrowed: the AS
cannot prove a transformed copy is still a subset of what was
approved. Such an entry <bcp14>MAY</bcp14> be issued only to its original approved
audience, carried exactly as approved, and <bcp14>MUST NOT</bcp14> appear in a
delegated token or in a cross-domain grant
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>);</t>
          </li>
          <li>
            <t>evaluating the entry against a concrete request is the runtime
layer's responsibility (<xref target="runtime-boundary"/>), not the AS's.</t>
          </li>
        </ul>
        <t>This lets policy-language profiles compose without this document
defining them: for example, an entry carrying a Cedar policy set
(<xref target="I-D.draft-cecchetti-oauth-rar-cedar"/>), or an analogous AuthZEN
policy entry, for an audience that evaluates it. The AS derives such
an entry from the Mission Intent and bounds it by the Intent like any
other, but treats the carried policy largely opaquely; the Resource
Server or Policy Decision Point (PDP) evaluates it at request time.</t>
        <t>Example (non-normative): an Authority Set with a Cedar policy entry
for a finance audience that consumes Cedar, alongside a
<tt>mission_resource_access</tt> entry for a calendar audience that does not.
The Cedar <tt>policySet</tt> is abbreviated:</t>
        <sourcecode type="json"><![CDATA[
[
  {
    "type": "account_information",
    "rarFormat": "cedar",
    "policySet": "permit(principal, action, resource) when {...};"
  },
  {
    "type": "mission_resource_access",
    "resource": "https://calendar.example.com",
    "actions": ["events.read"],
    "constraints": { "window_days": 30 }
  }
]
]]></sourcecode>
        <t>Both entries are committed by the one <tt>authority_hash</tt> and bound to
the Mission. The Cedar entry is evaluated by the finance audience's
PDP; the <tt>mission_resource_access</tt> entry is enforced as in
<xref target="mission-bound-tokens"/>. Because the Cedar profile defines no subset
or delegation rule over policy sets, the AS carries the Cedar entry as
approved rather than narrowing it, and it <bcp14>MUST NOT</bcp14> appear in a
delegated token or cross-domain grant. Delegation controls on other
entries, such as the <tt>mission_resource_access</tt> entry, apply to those
entries only.</t>
      </section>
      <section anchor="tools">
        <name>Modeling Tools and Function Calls</name>
        <t>This section is non-normative guidance. A "tool" an agent invokes,
such as a Model Context Protocol (MCP) tool or a function call, is
modeled as a <tt>mission_resource_access</tt> entry. No separate entry type
is needed, and the rules above (derivation, subset, delegation,
<tt>authority_hash</tt>) apply unchanged.</t>
        <t>The mapping is:</t>
        <ul spacing="normal">
          <li>
            <t><tt>resource</tt> is the tool provider. For an MCP tool it is the MCP
server's URL. The MCP authorization model (<xref target="MCP"/>) makes the
server an OAuth
2.0 resource server, so this is the resource identifier a token is
audience-bound to.</t>
          </li>
          <li>
            <t><tt>actions</tt> are the tool names the task needs at that provider.
Authorizing a tool is authorizing its name as an action, which
lines up with MCP filtering its tool list by the caller's granted
authority and routing each tool call for authorization.</t>
          </li>
          <li>
            <t><tt>constraints</tt> carry machine-actionable bounds on a tool's
arguments, for example an amount ceiling or a recipient domain (the
<tt>max_amount</tt> and <tt>recipient_domain</tt> Common Constraints,
<xref target="common-constraints"/>).
Like all <tt>constraints</tt>, they are committed by <tt>authority_hash</tt> and
carried to the point of use, but they are evaluated against the
concrete call arguments by a runtime enforcement layer, not at
issuance (<xref target="runtime-boundary"/>).</t>
          </li>
        </ul>
        <t>For example, a Mission authorized to read invoices and post small
adjustments through a finance MCP server, and to send messages
through a messaging MCP server, derives:</t>
        <sourcecode type="json"><![CDATA[
[
  { "type": "mission_resource_access",
    "resource": "https://finance.example.com/mcp",
    "actions": ["query_invoices", "post_adjustment"],
    "constraints": {
      "max_amount": { "amount": "500.00", "currency": "USD" }
    } },
  { "type": "mission_resource_access",
    "resource": "https://mail.example.com/mcp",
    "actions": ["send_message"],
    "constraints": { "recipient_domain": "example.com" } }
]
]]></sourcecode>
        <t>Delegation to a sub-agent works unchanged: add a <tt>delegation</tt> member
to a tool entry (<xref target="delegation-constraints"/>). For example, an entry a
sub-agent of type <tt>ai_agent</tt> may invoke at depth 1, narrowed to the
read tool only:</t>
        <sourcecode type="json"><![CDATA[
{ "type": "mission_resource_access",
  "resource": "https://finance.example.com/mcp",
  "actions": ["query_invoices"],
  "delegation": {
    "max_depth": 1,
    "allowed_delegates": [{ "sub_profile": "ai_agent" }]
  } }
]]></sourcecode>
        <t>What this profile does not provide for tools is a typed, attenuable
per-argument constraint grammar: narrowing one tool's argument schema
against another (for example, <tt>amount</tt> in a <tt>range</tt>, <tt>recipient</tt> in a
<tt>one_of</tt> set) as the grant is derived or delegated. Argument bounds
here are the same flat, carried <tt>constraints</tt> used for any resource,
evaluated at runtime. Structured per-argument attenuation
(<xref target="I-D.draft-niyikiza-oauth-attenuating-agent-tokens"/>, with object
capability systems such as UCAN as prior art) is a richer primitive
deferred to future work; it would extend the delegation and subset
model of this document (<xref target="delegation-constraints"/>, <xref target="subset"/>)
rather than introduce a new entry type.</t>
      </section>
    </section>
    <section anchor="approval-event">
      <name>Mission Approval</name>
      <t>The approval event is the atomic transition at which the Approver
consents and the AS creates the Mission. It runs as an OAuth 2.0
<xref target="RFC6749"/> authorization-code flow initiated from the PAR-issued
<tt>request_uri</tt> (<xref target="submission-via-par"/>). Because the authorization code
is the artifact the Mission grant binds to (<xref target="grant-binding"/>) and it
travels the front channel, the AS <bcp14>MUST</bcp14> bind the code to the requesting
client with PKCE (<xref target="RFC7636"/>, <tt>S256</tt> challenge method) or,
equivalently, issue a DPoP-bound authorization code (<xref target="RFC9449"/>). The
AS <bcp14>MUST</bcp14> reject a code redemption whose PKCE verifier or DPoP key does
not match the binding established for the request. This prevents
authorization-code injection from yielding the Mission grant.</t>
      <t>At the approval event the AS <bcp14>MUST</bcp14>, in order:</t>
      <ol spacing="normal" type="1"><li>
          <t>Authenticate the Approver. If the Mission Intent's
<tt>controls.acr</tt> is present, the authentication <bcp14>MUST</bcp14> satisfy it.</t>
        </li>
        <li>
          <t>Establish the Subject: the principal the task is for, recorded as
the Mission's <tt>subject</tt> and set as the <tt>sub</tt> of every derived token
(<xref target="mission-bound-tokens"/>). When the Approver is the Subject
(self-approval), this is the authenticated Approver. When the
Approver is a different principal (for example, an administrator or
manager approving on a user's behalf), the AS <bcp14>MUST</bcp14> itself establish
the Subject's (<tt>iss</tt>, <tt>sub</tt>), and <bcp14>MUST</bcp14> authorize the Approver to
approve for that Subject under local policy. The AS <bcp14>MUST NOT</bcp14> take the
Subject from unauthenticated client input. This document defines no
wire parameter for the Subject; how the AS establishes it
(administrative selection, a directory, an authenticated reference)
is a deployment matter.</t>
        </li>
        <li>
          <t>Render for consent the derived Authority Set in human-meaningful
terms, with the <tt>goal</tt>, <tt>constraints</tt>, <tt>expires_at</tt>, and any
<tt>controls</tt> bounds (notably <tt>max_derivations</tt>) as context. The object
the Approver consents to is the <strong>derived Authority Set</strong>, what the
agent may actually do, not the <tt>goal</tt> or Mission Intent: derivation
is local policy, and nothing commits that the derived authority
faithfully reflects the goal the Approver read, so the authority
itself <bcp14>MUST</bcp14> be what is rendered and consented to. An approval surface
that renders only the <tt>goal</tt>, <tt>success_criteria</tt>, or Mission Intent
and not the derived Authority Set does not conform. When the Approver
is not the Subject, the rendering <bcp14>MUST</bcp14> identify the Subject the
authority is granted for. When the Intent carried
<tt>proposed_authority</tt> (<xref target="mission-intent"/>), the rendering <bcp14>MUST</bcp14>
distinguish the entries the client proposed from any narrowing or
restructuring the AS applied.</t>
        </li>
        <li>
          <t>Compute the integrity anchors (<xref target="integrity-anchors"/>):
<tt>authority_hash</tt> over the consented Authority Set and
<tt>intent_hash</tt> over the approved Mission Intent.</t>
        </li>
        <li>
          <t>Create the Mission record (<xref target="mission-record"/>) in the <tt>active</tt>
state, atomically with issuance of the authorization code.</t>
        </li>
      </ol>
      <t>Client-supplied strings (<tt>goal</tt>, <tt>constraints</tt>, <tt>success_criteria</tt>)
<bcp14>MUST</bcp14> be rendered as inert text and <bcp14>MUST NOT</bcp14> be interpreted as markup.
The AS <bcp14>SHOULD</bcp14> mitigate Unicode direction-override and
confusable-character presentation in them. The rendering <bcp14>MUST</bcp14> visually
distinguish the AS-derived Authority Set from client-supplied text, so
crafted client text cannot pass as derived authority.</t>
      <t>A deployment <bcp14>MUST</bcp14> declare a minimum approval-authentication strength
for Missions whose derived Authority Set carries high-risk authority:
irreversible, external-commitment, or privileged-administration
actions under the deployment's classification, or a consumption bound
(<xref target="I-D.draft-mcguinness-mission-metering"/>). The approval
authentication for such a Mission <bcp14>MUST</bcp14> meet that minimum, and
<tt>controls.acr</tt> can raise the required strength but never lower it below
the floor. The material notices of the consent-evidence profile
identify these same high-risk classes
(<xref target="I-D.draft-mcguinness-oauth-mission-consent-evidence"/>).</t>
      <t>An Approver who declines, and an Approver whose authentication cannot
satisfy <tt>controls.acr</tt> or the declared approval-strength floor, yield
<tt>access_denied</tt> on the authorization
response (<xref target="RFC6749"/>). A token-endpoint <tt>resource</tt> value outside the
Authority Set yields <tt>invalid_target</tt> (<xref target="RFC8707"/>).</t>
      <t>Rendering a bound is not the same as enforcing it, and a deployment <bcp14>MUST
NOT</bcp14> let the rendering imply otherwise. Which party enforces each bound,
and what holds when that enforcer is absent, is summarized in the
enforcement table (<xref target="mission-intent"/>). An AS <bcp14>SHOULD</bcp14> make clear
to the Approver which rendered bounds its deployment actually enforces,
so consent is not given to a limit that binds nowhere.</t>
      <t>The <tt>authority_hash</tt> is the <strong>authority commitment</strong>: it binds, by
cryptographic digest, exactly the authority the Approver approved. It
commits the approved authority, not the way that authority was
rendered to the Approver; this profile commits no separate consent
disclosure object (see <xref target="consent-binding"/>). If the derived Authority
Set changes between rendering and consent, the AS <bcp14>MUST</bcp14> recompute and
<bcp14>MUST</bcp14> refuse to activate unless the Approver consents to the changed
set. Every token derived under the
Mission carries this value (<xref target="mission-bound-tokens"/>), so a party
holding the full Authority Set can verify a token's authority against
what was approved. A party holding only a narrowed subset cannot
recompute it and treats it as an audit anchor (see
<xref target="consent-binding"/>).</t>
      <t>The <tt>intent_hash</tt> commits the <strong>approved Mission Intent</strong>: the
task the Approver consented to, as recorded on the Mission. It makes
the recorded task tamper-evident: an auditor can verify the Mission's
<tt>intent</tt> against <tt>intent_hash</tt> and detect any later
alteration. <tt>intent_hash</tt> commits the task; <tt>authority_hash</tt>
commits the authority derived from it.</t>
      <section anchor="grant-binding">
        <name>Binding the Mission to the Grant</name>
        <t>At the approval event the AS binds the Mission to the authorization
grant it issues: the authorization code, and the refresh token
issued from it. The binding is server-side and is what "the
referenced Mission" in <xref target="lifecycle"/> refers to. At each subsequent
derivation the AS resolves the Mission from the grant the client
presents: the authorization code at the token endpoint (the initial
exchange uses <tt>grant_type=authorization_code</tt>), the refresh
token on refresh, or the Mission-bound <tt>subject_token</tt> on Token
Exchange (the <tt>actor_token</tt> identifies the delegate, <xref target="delegation"/>).
It then applies the gating of <xref target="lifecycle"/>. A client does
not supply <tt>mission_id</tt> to obtain a derivation; an AS <bcp14>MUST NOT</bcp14> derive
Mission-bound authority from a client-supplied <tt>mission_id</tt>, because
the grant, not the identifier, determines the Mission. When the
authorization code expires unredeemed, no derivation is possible under
the Mission; the AS <bcp14>SHOULD</bcp14> revoke the Mission or allow it to expire.</t>
        <t>A client learns its <tt>mission_id</tt> from the <tt>mission</tt> claim's <tt>id</tt> on
each issued token (<xref target="mission-claim"/>) or from the token response. This
document defines <tt>mission_id</tt> as an <bcp14>OPTIONAL</bcp14> token-endpoint response
parameter: a string carrying the Mission Identifier, returned
alongside the issued token. It is an informational reference only:
presenting it authorizes nothing (<xref target="lifecycle"/>), and a client <bcp14>MUST
NOT</bcp14> derive authority from it.</t>
      </section>
      <section anchor="multi-party-approval">
        <name>Single Accountable Approver</name>
        <t>This document records exactly one <tt>approver</tt>: the
accountable principal who approved the Mission. Two richer patterns
are deliberately out of scope and deferred:</t>
        <ul spacing="normal">
          <li>
            <t><strong>Multi-party approval</strong> (M-of-N or dual control), where more than
one principal must approve. The number of approvers is orthogonal
to the consent commitment: however many principals approve the same
rendered Authority Set, the <tt>authority_hash</tt> is identical, as is
every token derived from it. Multi-party approval raises the
assurance of <em>how</em> approval was obtained; it does not change the
artifacts this document produces. A deployment requiring dual
control today can obtain the additional approvals out of band and
record one accountable Approver under the same <tt>authority_hash</tt>;
this document simply does not natively represent the co-approvers.</t>
          </li>
          <li>
            <t><strong>Approval-authority provenance</strong> (the standing policy or delegation
an administrator or headless approval traces back to). This is
governance state about who stands behind a delegated approval, not
part of binding tokens to approved authority, and is left to a
governance layer.</t>
          </li>
        </ul>
      </section>
      <section anchor="integrity-anchors">
        <name>Integrity Anchors</name>
        <t>Both anchors are computed the same way over a domain-separated,
issuer-bound envelope:</t>
        <ol spacing="normal" type="1"><li>
            <t>Construct the envelope, where <tt>typ</tt> selects the committed object
and <tt>value</tt> is that object:  </t>
            <artwork><![CDATA[
{
  "typ": "<mission-intent | mission-authority-set>",
  "iss": "<the AS issuer URL>",
  "value": <the committed object>
}
]]></artwork>
            <t>
For <tt>intent_hash</tt>, <tt>typ</tt> is <tt>mission-intent</tt> and <tt>value</tt> is the
approved Mission Intent object. For <tt>authority_hash</tt>, <tt>typ</tt> is
<tt>mission-authority-set</tt> and <tt>value</tt> is the Authority Set as a JSON
array of entries.</t>
          </li>
          <li>
            <t>Canonicalize the envelope with JCS <xref target="RFC8785"/>.</t>
          </li>
          <li>
            <t>Compute SHA-256 <xref target="RFC6234"/> over the canonical bytes.</t>
          </li>
          <li>
            <t>Encode as <tt>sha-256:</tt> followed by the base64url, no-padding,
encoding of the digest.</t>
          </li>
        </ol>
        <t>The <tt>typ</tt> field domain-separates the two anchors so a digest of one
object can never be mistaken for the other. The <tt>iss</tt> binding
prevents a committed object from being transplanted across
Authorization Servers.</t>
        <t>The <tt>typ</tt> value space is an extension point (<xref target="extensibility"/>):
additional committed objects use this same envelope with a new <tt>typ</tt>
and the canonicalization below. This document defines no registry of
<tt>typ</tt> values; each committing specification defines its own and relies
on the <tt>typ</tt> domain separation. To keep that domain separation safe
without a registry, a new <tt>typ</tt> value <bcp14>MUST</bcp14> be a collision-resistant name
(for example, a short name prefixed within a namespace the defining
profile controls, following the Collision-Resistant Name guidance of
<xref target="RFC7519"/> Section 4.2). The <tt>mission-</tt> prefixed values defined by
profiles that extend this document share an author-coordinated
namespace for this reason.</t>
        <t>SHA-256 is the only digest algorithm this document defines; the
<tt>sha-256:</tt> prefix identifies it. Algorithm agility is future work.</t>
        <t>A verifier <bcp14>MUST</bcp14> reject an integrity anchor whose algorithm prefix it
does not recognize. A verifier <bcp14>MUST NOT</bcp14> treat an unrecognized prefix as
<tt>sha-256</tt>. This ensures that adding an algorithm later cannot be
exploited as a downgrade.</t>
      </section>
      <section anchor="canonicalization">
        <name>Canonicalization Rules</name>
        <t>JCS <xref target="RFC8785"/> alone does not make two implementations agree on
every byte. The following rules close the remaining gaps; they apply
to computing an anchor and to comparing committed values:</t>
        <ul spacing="normal">
          <li>
            <t>The committed <tt>value</tt> is exactly the object the AS recorded on the
Mission: the approved <tt>intent</tt> for <tt>intent_hash</tt>, the
<tt>authority_set</tt> for <tt>authority_hash</tt>. An auditor reproduces a
digest from the record alone.</t>
          </li>
          <li>
            <t>The AS <bcp14>MUST</bcp14> reject an input object containing duplicate JSON member
names before canonicalization; such input is invalid.</t>
          </li>
          <li>
            <t>JCS does not reorder array elements, and this document defines no
element sorting, so array order is significant. The AS <bcp14>MUST</bcp14> emit
each array in a fixed, reproducible order; that order is part of
the canonical form.</t>
          </li>
          <li>
            <t>URI-valued members are compared byte-for-byte unless a member's
definition specifies a normalization. The only normalization this
document defines is the RFC 3986 <xref target="RFC3986"/> comparison of the
resource-containment test (<xref target="subset"/>), which applies to that
comparison alone: the default <tt>resource</tt> equality test of <xref target="subset"/>
remains an exact match, and anchor computation is always byte-exact
over the recorded values.</t>
          </li>
        </ul>
        <t>Test vectors for both anchors are provided in <xref target="test-vectors"/>.</t>
      </section>
    </section>
    <section anchor="mission-record">
      <name>Mission Record</name>
      <t>A Mission is the durable record created at the approval event. Its
members are immutable after creation except for its <tt>state</tt>, and it is
identified by a Mission Identifier (<xref target="mission-id"/>). Its members do
not repeat the <tt>mission</tt> prefix: the record is the Mission, and
prefixed names belong to surfaces that reference a Mission from
outside it, such as the <tt>mission_intent</tt> request parameter and the
<tt>mission_id</tt> response parameter. Member names are spelled out
(<tt>issuer</tt>, <tt>expires_at</tt>, <tt>created_at</tt>) and are spelled identically on every
surface that carries Mission facts; the compact JWT names (<tt>iss</tt>,
<tt>exp</tt>, <tt>iat</tt>) describe a signed artifact's own envelope, or identify
a party in an <tt>{iss, sub}</tt> object, never the
Mission. Operational issuance bookkeeping, such as
the derivation count gated under <xref target="lifecycle"/>, is AS-side state about
the Mission, not a member of the immutable record. Like the <tt>mission</tt>
claim (<xref target="mission-claim"/>), the record is open (<xref target="extensibility"/>): a
companion profile of this document <bcp14>MAY</bcp14> record additional members set at
creation using short names coordinated with it (for example, a lineage
member linking the Mission to a predecessor or parent); any other
extension <bcp14>MUST</bcp14> use collision-resistant names. The members below are the
ones this profile defines:</t>
      <dl>
        <dt><tt>id</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The canonical Mission Identifier
(<xref target="mission-id"/>).</t>
        </dd>
        <dt><tt>issuer</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The issuer URL of the Mission Issuer
that approved the Mission. Equals the <tt>iss</tt> of tokens that AS
derives; for cross-domain tokens it remains the originating AS even
though the issuing <tt>iss</tt> differs
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
        </dd>
        <dt><tt>state</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The current lifecycle state: <tt>active</tt>, <tt>revoked</tt>,
or <tt>expired</tt> in this profile, or an additional state defined by a
companion profile, subject to the forward-compatibility rule of
<xref target="lifecycle"/>.</t>
        </dd>
        <dt><tt>intent</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. An object. The approved Mission Intent.</t>
        </dd>
        <dt><tt>authority_set</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. An array. The consented Authority Set.</t>
        </dd>
        <dt><tt>authority_hash</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The consent commitment over
the Authority Set (<xref target="integrity-anchors"/>).</t>
        </dd>
        <dt><tt>intent_hash</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The integrity commitment over
the approved Mission Intent (<xref target="integrity-anchors"/>), making the
recorded task tamper-evident.</t>
        </dd>
        <dt><tt>subject</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. An object. The Subject, an object with <tt>iss</tt> and
<tt>sub</tt>.</t>
        </dd>
        <dt><tt>approver</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. An object. The Approver,
an object with <tt>iss</tt> and <tt>sub</tt>. <bcp14>MAY</bcp14> equal <tt>subject</tt>.</t>
        </dd>
        <dt><tt>client_id</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The Agent (OAuth client) that
submitted the Mission Intent.</t>
        </dd>
        <dt><tt>policy_version</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. The derivation policy version
in effect at the approval event.</t>
        </dd>
        <dt><tt>approval_event_id</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. A unique identifier of the
approval event, used as the approval idempotency key.</t>
        </dd>
        <dt><tt>created_at</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. RFC 3339 timestamp of creation.</t>
        </dd>
        <dt><tt>expires_at</tt>:</dt>
        <dd>
          <t><bcp14>REQUIRED</bcp14>. A string. Mirrors
<tt>intent.expires_at</tt>.</t>
        </dd>
      </dl>
      <t>The <strong>audit horizon</strong> is the deployment-declared retention window for
the Mission record and its evidence: at least the Mission's lifetime
plus a declared post-expiry period. After the Mission reaches a
terminal state (<tt>revoked</tt> or <tt>expired</tt>), the record <bcp14>MUST</bcp14> be retained
for the audit horizon.</t>
      <section anchor="mission-id">
        <name>Mission Identifier Format</name>
        <t>A Mission Identifier is an opaque URL-safe ASCII string of
<tt>[A-Za-z0-9_-]</tt> characters, with at least 128 bits of entropy, carrying no
semantic content. It <bcp14>MUST NOT</bcp14> be reused. The record and the <tt>mission</tt>
claim carry it as <tt>id</tt>; a surface that references a Mission from
outside carries it as <tt>mission_id</tt>, as in the token-response parameter
(<xref target="grant-binding"/>).</t>
      </section>
      <section anchor="worked-example">
        <name>Worked Example</name>
        <sourcecode type="json"><![CDATA[
{
  "id": "msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-",
  "issuer": "https://as.example.com",
  "state": "active",
  "intent": { "goal": "Reconcile Q3 invoices ...",
    "resources": ["https://erp.example.com"],
    "expires_at": "2026-12-31T23:59:59Z" },
  "authority_set": [
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["invoices.read"],
      "constraints": {
        "resource_issued_after": "2026-07-01T00:00:00Z",
        "resource_issued_before": "2026-09-30T23:59:59Z"
      },
      "delegation": {
        "max_depth": 2,
        "allowed_delegates": [{ "sub_profile": "ai_agent" }]
      } },
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["journal-entries.write"],
      "constraints": {
        "max_amount": { "amount": "500.00", "currency": "USD" }
      } }
  ],
  "authority_hash":
    "sha-256:l3KvZ4mP5x0wQrR6tY2nD9bM7sX1cF8gH2vJ4kE5pNQ",
  "intent_hash":
    "sha-256:wQ7p4LHnX9Md0LqJ6sZJ8b8mZ3rN2xT5pV4lE6sQqYY",
  "subject": { "iss": "https://idp.example.com",
    "sub": "user_3p2q8mN1a0kV7tR" },
  "approver": { "iss": "https://idp.example.com",
    "sub": "user_3p2q8mN1a0kV7tR" },
  "client_id": "s6BhdRkqt3",
  "policy_version": "deploy-policy:v17",
  "approval_event_id": "ape_8K2nP4qV9rL3tY6sB1z",
  "created_at": "2026-10-15T14:32:11Z",
  "expires_at": "2026-12-31T23:59:59Z"
}
]]></sourcecode>
      </section>
    </section>
    <section anchor="mission-bound-tokens">
      <name>Mission-Bound Access Tokens</name>
      <t>Access tokens issued under a Mission are JWTs per <xref target="RFC9068"/>, which
fixes the required claims (including <tt>jti</tt>) and the <tt>at+jwt</tt> JOSE
header <tt>typ</tt> (<xref target="RFC9068"/> Sections 2.1 and 2.2); a Resource Server
<bcp14>MUST</bcp14> verify the <tt>typ</tt> per <xref target="RFC9068"/>. In addition to what that
profile requires, a derived token:</t>
      <ul spacing="normal">
        <li>
          <t>carries the token's Mission-derived authority as
<tt>authorization_details</tt> (<xref target="RFC9396"/>); this <bcp14>MAY</bcp14> be the full Authority
Set or a narrowed subset (<xref target="subset"/>);</t>
        </li>
        <li>
          <t>carries a <tt>mission</tt> claim (<xref target="mission-claim"/>);</t>
        </li>
        <li>
          <t>sets <tt>sub</tt> to the Mission's Subject <tt>sub</tt> and <tt>client_id</tt> to the
Mission's <tt>client_id</tt>;</t>
        </li>
        <li>
          <t><bcp14>MUST</bcp14> set <tt>aud</tt> to identify the Resource Server(s) authorized to
consume the carried <tt>authorization_details</tt>, and <bcp14>MUST NOT</bcp14> include an
audience unrelated to that carried authority (see below);</t>
        </li>
        <li>
          <t><bcp14>MAY</bcp14> carry an <tt>act</tt> claim when the agent has delegated execution
(<xref target="delegation"/>);</t>
        </li>
        <li>
          <t><bcp14>MAY</bcp14> carry a <tt>scope</tt> claim, subject to the rule below;</t>
        </li>
        <li>
          <t><bcp14>SHOULD</bcp14> be sender-constrained, via a <tt>cnf</tt> claim <xref target="RFC7800"/>:
DPoP <xref target="RFC9449"/> (<tt>cnf.jkt</tt>) or mTLS <xref target="RFC8705"/> (<tt>cnf.x5t#S256</tt>).</t>
        </li>
      </ul>
      <t>The AS <bcp14>MUST NOT</bcp14> include <tt>authorization_details</tt> exceeding the
Mission's Authority Set. On any issuance that narrows authority (for
example, a single-audience token), each emitted entry <bcp14>MUST</bcp14> be a
subset of a Mission Authority Set entry under <xref target="subset"/>.</t>
      <t>The <tt>aud</tt> <bcp14>SHOULD</bcp14> be derived from the resource indicators
(<xref target="RFC8707"/>), Protected Resource metadata (<xref target="RFC9728"/>), or the
deployment's resource-to-RS mapping. It identifies the Resource
Server(s) and need not be byte-equal to the <tt>resource</tt> values of the
<tt>authorization_details</tt> entries: an <tt>aud</tt> typically names an RS, API,
or security domain, while RAR entries may name resources, accounts,
tools, or locations beneath it. Bounding <tt>aud</tt> to the consuming
Resource Server(s) prevents a confused-deputy or token-redirection
attack: a multi-resource Authority Set otherwise yields a token an
unrelated Resource Server would accept even though it was obtained to
act elsewhere. A deployment <bcp14>SHOULD</bcp14> prefer per-RS (single-audience)
tokens, narrowed under <xref target="subset"/>. A client requests such a token at
the token endpoint with the <xref target="RFC8707"/> <tt>resource</tt> parameter (and <bcp14>MAY</bcp14>
further narrow with <tt>scope</tt>); the AS narrows the Authority Set under
<xref target="subset"/> to the requested resource(s) and sets <tt>aud</tt> to the
corresponding Resource Server(s). This is the within-domain
counterpart of the audience-scoping the Mission Issuer applies when
projecting authority to a Resource AS
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
      <t>Sender-constraining is a <bcp14>SHOULD</bcp14> for this primary token, aligned with
<xref target="RFC9700"/>. It is stronger (<bcp14>MUST</bcp14>) for delegated tokens, which face
higher replay exposure in the hands of a less-trusted delegate
(<xref target="delegation"/>); the companion sets the same <bcp14>MUST</bcp14> for the credentials
that cross a trust domain
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>). A deployment
<bcp14>SHOULD</bcp14> sender-constrain the primary token as well where its threat
model warrants.</t>
      <t>The token-endpoint response conveys the granted authority to the
client. Because the client submits <tt>mission_intent</tt> rather than
<tt>authorization_details</tt>, the access token is otherwise the only place
the granted authority appears, and a client is not expected to parse
the access token for authority. The AS therefore <bcp14>MUST</bcp14> return the granted
<tt>authorization_details</tt> in the token-endpoint response, per
<xref target="RFC9396"/> Section 7, reflecting exactly the (possibly narrowed) set
assigned to the issued token. (A client does read the <tt>mission</tt> claim's
<tt>id</tt> from the token to learn its <tt>mission_id</tt>, per <xref target="grant-binding"/>;
"not expected to parse for authority" refers only to the
<tt>authorization_details</tt>, which the response echoes.) The same applies to refresh and Token
Exchange responses.</t>
      <t>For example, the agent narrows the canonical ERP Mission (the worked
example of <xref target="mission-record"/>) to a read-only token, presenting the
Mission's refresh token with the <xref target="RFC8707"/> <tt>resource</tt> parameter and
narrowing further with <tt>scope</tt>:</t>
      <artwork><![CDATA[
POST /token HTTP/1.1
Host: as.example.com
Content-Type: application/x-www-form-urlencoded

DPoP: eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2Iiwi...

grant_type=refresh_token
&refresh_token=rt_4mN8qV2xP7sL1tY9zB3k
&resource=https%3A%2F%2Ferp.example.com
&scope=invoices.read
]]></artwork>
      <t>The issuance is a derivation, gated on the Mission being <tt>active</tt>
(<xref target="lifecycle"/>). The response echoes the narrowed grant and the
<tt>mission_id</tt> reference (<xref target="grant-binding"/>); the emitted entry is a
subset (<xref target="subset"/>) of the Mission's read entry, its <tt>constraints</tt>
carried intact:</t>
      <sourcecode type="json"><![CDATA[
{
  "access_token": "eyJhbGciOiJFUzI1NiIsInR5cCI6ImF0K2p3dCJ9...",
  "token_type": "DPoP",
  "expires_in": 300,
  "mission_id": "msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-",
  "authorization_details": [
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["invoices.read"],
      "constraints": {
        "resource_issued_after": "2026-07-01T00:00:00Z",
        "resource_issued_before": "2026-09-30T23:59:59Z"
      },
      "delegation": {
        "max_depth": 2,
        "allowed_delegates": [{ "sub_profile": "ai_agent" }]
      } }
  ]
}
]]></sourcecode>
      <t>Mission-bound refresh tokens <bcp14>MUST</bcp14> be sender-constrained or use refresh
token rotation. This matters most for a public client, since
Mission-state gating bounds a stolen refresh token's usefulness over
time but not while the Mission is still <tt>active</tt>. This strengthens
the refresh-token guidance of <xref target="RFC9700"/> Section 2.2.2, whose <bcp14>MUST</bcp14>
applies to public clients, to all Mission-bound refresh tokens.</t>
      <t>The authentication context of the approval event (<tt>controls.acr</tt>,
<xref target="mission-intent"/>) describes the Approver at approval time and is
recorded on the Mission, not on derived tokens; a derived token's
authority comes from the Mission, not from a fresh authentication, so
this document requires no <tt>acr</tt> or <tt>auth_time</tt> claim on it. An AS <bcp14>MAY</bcp14>
include <tt>acr</tt> and <tt>auth_time</tt> per <xref target="RFC9068"/> to convey the approval
context, but a consumer <bcp14>MUST NOT</bcp14> treat their absence as an
authentication downgrade.</t>
      <t><tt>authorization_details</tt> is the authoritative expression of a
Mission-bound token's authority. Any <tt>scope</tt> the token carries <bcp14>MUST</bcp14> be
derived from, and no broader than, the Authority Set. Specifically:</t>
      <ul spacing="normal">
        <li>
          <t>every scope value <bcp14>MUST</bcp14> correspond to authority already present in
<tt>authorization_details</tt>; and</t>
        </li>
        <li>
          <t>a scope value <bcp14>MUST NOT</bcp14> convey authority, or relaxation of a
constraint, that the Authority Set does not grant.</t>
        </li>
      </ul>
      <t>Because <tt>scope</tt> is a coarse string list, it cannot carry the per-entry
<tt>constraints</tt>; it is a compatibility projection, never the
authoritative form of the Mission's authority. The AS <bcp14>MUST NOT</bcp14> issue a
Mission-bound token whose <tt>scope</tt> exceeds the Authority Set.</t>
      <t>A credential the Mission Issuer derives <bcp14>MUST</bcp14> have an <tt>exp</tt> that does
not exceed the Mission's <tt>expires_at</tt>, so that no credential outlives
the approved Mission (not merely that none is issued after expiry). How
this bound extends transitively to tokens minted in another trust
domain is specified by the companion
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
      <section anchor="mission-claim">
        <name>The Mission Claim</name>
        <t>The <tt>mission</tt> claim is a JSON object:</t>
        <dl>
          <dt><tt>id</tt>:</dt>
          <dd>
            <t><bcp14>REQUIRED</bcp14>. A string. The Mission Identifier (<xref target="mission-id"/>).</t>
          </dd>
          <dt><tt>issuer</tt>:</dt>
          <dd>
            <t><bcp14>REQUIRED</bcp14>. A string. The Mission's <tt>issuer</tt> (<xref target="mission-record"/>). A
credential's <tt>iss</tt> names the party that minted it; <tt>mission.issuer</tt>
names the party that approved and serves the Mission, and the two
deliberately differ for tokens minted in another trust domain
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
          </dd>
          <dt><tt>authority_hash</tt>:</dt>
          <dd>
            <t><bcp14>REQUIRED</bcp14>. A string. The Mission's
<tt>authority_hash</tt>, binding the token to the consented authority.</t>
          </dd>
        </dl>
        <t>The <tt>mission</tt> claim is an open object (<xref target="extensibility"/>): additional
members <bcp14>MAY</bcp14> appear alongside the three above. This document defines no
registry of <tt>mission</tt> members. A companion profile of this document <bcp14>MAY</bcp14>
use short member names coordinated with it; any other extension member
<bcp14>MUST</bcp14> use a collision-resistant name (for example, a name in a namespace
the extension controls, per the Collision-Resistant Name guidance of
<xref target="RFC7519"/> Section 4.2) and is defined by the profile that introduces
it. A consumer <bcp14>MUST</bcp14> ignore members it does not understand and <bcp14>MUST NOT</bcp14>
use any additional member to grant or widen authority; the three
members above remain authoritative.</t>
        <t>Example decoded token payload:</t>
        <sourcecode type="json"><![CDATA[
{
  "iss": "https://as.example.com",
  "sub": "user_3p2q8mN1a0kV7tR",
  "aud": "https://erp.example.com",
  "client_id": "s6BhdRkqt3",
  "iat": 1797840000,
  "exp": 1797840300,
  "jti": "at_9Kp2vN7sR1tY8mZ3qX5b",
  "authorization_details": [
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["invoices.read"],
      "constraints": {
        "resource_issued_after": "2026-07-01T00:00:00Z",
        "resource_issued_before": "2026-09-30T23:59:59Z"
      },
      "delegation": {
        "max_depth": 2,
        "allowed_delegates": [{ "sub_profile": "ai_agent" }]
      } },
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["journal-entries.write"],
      "constraints": {
        "max_amount": { "amount": "500.00", "currency": "USD" }
      } }
  ],
  "cnf": { "jkt": "0ZcOCORZNYy-DWpqq30jZyJGHTN0d2HglBV3uiguA4I" },
  "mission": {
    "id": "msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-",
    "issuer": "https://as.example.com",
    "authority_hash":
      "sha-256:l3KvZ4mP5x0wQrR6tY2nD9bM7sX1cF8gH2vJ4kE5pNQ"
  }
}
]]></sourcecode>
      </section>
      <section anchor="rs-enforcement">
        <name>Resource Server Enforcement</name>
        <t>A Resource Server enforces from the token alone; no call to the AS is
required. A Resource Server:</t>
        <ul spacing="normal">
          <li>
            <t><bcp14>MUST</bcp14> validate the JWT per <xref target="RFC9068"/> and verify any
sender-constraint binding (<tt>cnf</tt>).</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> treat <tt>authorization_details</tt> as the authoritative expression
of authority and enforce the entries whose <tt>resource</tt> it serves,
permitting only the listed <tt>actions</tt> subject to <tt>constraints</tt>.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> fail closed on any <tt>constraints</tt> key it does not understand, or
understands but cannot enforce, in an entry whose <tt>resource</tt> it
serves: it <bcp14>MUST</bcp14> refuse the request (for example, a <tt>403</tt> with
<tt>insufficient_scope</tt> <xref target="RFC6750"/>, or the deployment's usual
insufficient-authority error) rather than grant access while ignoring
the key. A <tt>constraints</tt> member narrows authority, so treating an
unenforceable key as absent would silently widen the grant; an RS
<bcp14>MUST NOT</bcp14> reduce a constraint to disclosure-only.</t>
          </li>
          <li>
            <t><bcp14>MUST NOT</bcp14>, when a token also carries <tt>scope</tt>, grant on the basis of a
scope value any access broader than the corresponding
<tt>authorization_details</tt> entry permits; in particular, <tt>scope</tt> <bcp14>MUST
NOT</bcp14> be used to bypass a constraint carried only in
<tt>authorization_details</tt>.</t>
          </li>
          <li>
            <t><bcp14>MUST NOT</bcp14> treat <tt>client_id</tt> as the identity of the acting party on a
delegated token. This profile keeps <tt>client_id</tt> equal to the
Mission's approved agent on every derived token (<xref target="delegation"/>); the
immediate actor is the outermost <tt>act</tt>. An RS that authorizes or logs
the caller <bcp14>MUST</bcp14> process the <tt>act</tt> chain to identify the acting party,
or it will attribute a delegate's action to the approved agent.</t>
          </li>
          <li>
            <t>This <tt>act</tt>-processing requirement binds a Mission-aware RS. Because a
Mission-unaware <xref target="RFC9068"/> RS reads <tt>client_id</tt> as the immediate
client and would misattribute, a deployment <bcp14>SHOULD NOT</bcp14> route
delegated tokens to an RS that authorizes or logs on <tt>client_id</tt>
without processing <tt>act</tt>.</t>
          </li>
          <li>
            <t><bcp14>MAY</bcp14>, for a Mission-governed resource, be configured to require the
<tt>mission</tt> claim, and <bcp14>MUST</bcp14> then reject a token that lacks it with
<tt>invalid_token</tt>. This prevents downgrade by omission: where the same
AS also issues ordinary tokens, a token bearing equivalent
<tt>authorization_details</tt> but no <tt>mission</tt> claim is governed by no
Mission state, revocation, or consent commitment, and <bcp14>MUST NOT</bcp14> be
accepted where Mission governance is required. A protected resource
<bcp14>MAY</bcp14> advertise this requirement through the
<tt>mission_bound_authorization_required</tt> protected resource metadata
member (<xref target="protected-resource-metadata"/>).</t>
          </li>
          <li>
            <t><bcp14>MAY</bcp14> treat the <tt>mission</tt> claim as audit and correlation context.</t>
          </li>
          <li>
            <t><bcp14>SHOULD</bcp14>, when serving Mission-bound requests, log the <tt>mission</tt>
claim's <tt>id</tt> and the token <tt>jti</tt> with each served request, so its
access logs join to Mission evidence.</t>
          </li>
          <li>
            <t><bcp14>MAY</bcp14> recompute <tt>authority_hash</tt> (<xref target="integrity-anchors"/>). A Resource
Server that performs it recomputes the anchor
over the full Authority Set it independently holds, compares the
result to <tt>mission.authority_hash</tt>, and <bcp14>MUST</bcp14> reject on mismatch. It
additionally verifies that each carried <tt>authorization_details</tt> entry
is a subset (<xref target="subset"/>) of that held set. A narrowed token matches by
the subset test, never by hashing its carried entries: the anchor is
computed only over the full Authority Set, so a Resource Server <bcp14>MUST
NOT</bcp14> recompute it from a token's carried subset.</t>
          </li>
          <li>
            <t><bcp14>MAY</bcp14>, where the AS offers it, introspect the token (<xref target="introspection"/>)
to observe the Mission's current state per request rather than
relying on the token lifetime to bound revocation latency. An RS that
introspects <bcp14>MUST</bcp14> still verify the token's sender-constraint (<tt>cnf</tt>)
locally and <bcp14>MUST NOT</bcp14> treat an <tt>active: true</tt> result as proof the
caller holds the bound key; the AS does not check possession at
introspection (<xref target="introspection"/>).</t>
          </li>
        </ul>
        <t>A Mission-unaware Resource Server that authorizes only from <tt>scope</tt>
still operates within the Mission at the coarse scope level, because
the AS derived and bounded that scope by the Authority Set
(<xref target="mission-bound-tokens"/>); but it does not enforce the per-entry
<tt>constraints</tt>, which <tt>scope</tt> cannot carry. A deployment that relies on
those constraints <bcp14>MUST</bcp14> route the protected operation through a
Resource Server that enforces <tt>authorization_details</tt> (or the runtime
layer that evaluates them).</t>
      </section>
    </section>
    <section anchor="lifecycle">
      <name>Mission Lifecycle and Gating</name>
      <t>A Mission is in one of three states:</t>
      <ul spacing="normal">
        <li>
          <t><tt>active</tt>: tokens <bcp14>MAY</bcp14> be derived. The only state from which issuance
proceeds.</t>
        </li>
        <li>
          <t><tt>revoked</tt>: terminated by the Subject, Approver, or
policy. Terminal.</t>
        </li>
        <li>
          <t><tt>expired</tt>: <tt>expires_at</tt> has passed. Terminal.</t>
        </li>
      </ul>
      <t>The transitions are:</t>
      <table>
        <thead>
          <tr>
            <th align="left">From</th>
            <th align="left">Event</th>
            <th align="left">To</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">(none)</td>
            <td align="left">approval event</td>
            <td align="left">
              <tt>active</tt></td>
          </tr>
          <tr>
            <td align="left">
              <tt>active</tt></td>
            <td align="left">revoke</td>
            <td align="left">
              <tt>revoked</tt></td>
          </tr>
          <tr>
            <td align="left">
              <tt>active</tt></td>
            <td align="left">
              <tt>expires_at</tt> reached</td>
            <td align="left">
              <tt>expired</tt></td>
          </tr>
        </tbody>
      </table>
      <t>These three states are the mandatory core of the Mission lifecycle
state space. This profile owns that state space; an <bcp14>OPTIONAL</bcp14> companion
profile <bcp14>MAY</bcp14> define an additional state for a lifecycle it introduces
(for example, a paused or a superseded state), but only <tt>active</tt> ever
permits issuance. To keep the state space extensible without a registry,
a consumer <bcp14>MUST</bcp14> apply this forward-compatibility rule wherever a Mission
state is reported, including the Mission record and the introspection
<tt>mission</tt> member: only the exact value <tt>active</tt> permits
derivation or continued reliance, and every other value, including a
value the consumer does not recognize, <bcp14>MUST</bcp14> be treated as non-active and
non-deriving. A consumer <bcp14>MUST NOT</bcp14> fail open on an unrecognized state.
This makes a state added by a companion profile fail safe for a consumer
that predates it.</t>
      <section anchor="issuance-gating">
        <name>Issuance Gating</name>
        <t>The AS <bcp14>MUST</bcp14> refuse to derive a token, at the token endpoint, on
refresh, and on Token Exchange (<xref target="RFC8693"/>), unless the
referenced Mission is <tt>active</tt>. Issuance against a <tt>revoked</tt> or
<tt>expired</tt> Mission <bcp14>MUST</bcp14> fail with <tt>invalid_grant</tt>. Because derivation
is gated on Mission state, revoking or expiring a Mission stops all
further authority for the task, including refresh. The <tt>active</tt> check
<bcp14>MUST</bcp14> be evaluated atomically with issuance, as the derivation-count
check already is, so a revocation serialized before an issuance is
honored by that issuance.</t>
        <t>When the Mission Intent sets <tt>controls.max_derivations</tt>, the AS <bcp14>MUST</bcp14>
maintain a per-Mission count of <strong>derivations</strong> and <bcp14>MUST</bcp14> refuse with
<tt>invalid_grant</tt> any derivation that would exceed the bound. A
derivation is one issuance operation the issuer AS performs for a
single request: the initial authorization-code exchange, a refresh, a
Token Exchange, or a cross-domain grant issuance
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>). Each counts
as exactly one, regardless of how many artifacts it emits: a code
exchange that returns both an access token and a refresh token is one
derivation, and a refresh that rotates both is one. The exact rules:</t>
        <ul spacing="normal">
          <li>
            <t>A derivation that fails, including one refused for exceeding the
bound, <bcp14>MUST NOT</bcp14> be counted.</t>
          </li>
          <li>
            <t>The check and increment <bcp14>MUST</bcp14> be atomic with issuance, so concurrent
derivations cannot collectively exceed the bound.</t>
          </li>
          <li>
            <t>The count covers only derivations the issuer AS performs. Tokens
another domain mints locally under the Mission are not counted by
the issuer, which cannot observe them; the cross-domain issuance
that authorized them was counted once, and the local issuer bounds
its own minting by its policy
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
          </li>
        </ul>
        <t>The AS maintains this count as internal bookkeeping; it is operational
state, not part of the immutable Mission record.</t>
        <t>Derived tokens <bcp14>SHOULD</bcp14> be short-lived so that a transition to
<tt>revoked</tt> or <tt>expired</tt> takes effect promptly without per-request
revocation checks.</t>
      </section>
      <section anchor="revocation">
        <name>Revocation</name>
        <t>A Mission is revoked when the AS receives an authorized revocation
for it. A deployment <bcp14>MUST</bcp14> provide an authenticated means for the
Subject, the Approver, or an administrator to revoke a Mission by
<tt>mission_id</tt>, independent of possession of any token (so a Mission
can be stopped even when no refresh token is held).</t>
        <t>This document does not define the wire shape of that operation.
Revocation is a management-plane action by a party in the AS's own
trust domain, not a cross-party protocol exchange, and the lifecycle
gate that makes it effective (<xref target="lifecycle"/>, <xref target="introspection"/>)
already rides on existing endpoints, so no standardized endpoint is
required for interoperability. A standardized Mission management API,
with <tt>suspend</tt>/<tt>resume</tt>/<tt>complete</tt> operations, is specified separately
by Mission Status <xref target="I-D.draft-mcguinness-oauth-mission-status"/>; this
document does not require it.</t>
        <t>A deployment <bcp14>MAY</bcp14> additionally treat <xref target="RFC7009"/> revocation of a
Mission's refresh token as revoking the Mission. A deployment <bcp14>MUST NOT</bcp14>
couple routine token revocation to Mission revocation unless it
documents that behavior. Already-issued access tokens remain valid
until they expire; a deployment requiring lower cutoff latency <bcp14>SHOULD</bcp14>
use short token lifetimes.</t>
        <t>The stateless baseline needs no status surface: a token is a
self-contained authorization and verification is stateless. A
deployment <bcp14>MAY</bcp14> additionally offer token introspection
(<xref target="introspection"/>) so a Resource Server can observe Mission state
per request and cut off a revoked Mission without waiting out the
token lifetime. A canonical Mission Status surface (keyed by
<tt>mission_id</tt>) and signed status responses are specified separately as
an <bcp14>OPTIONAL</bcp14> companion profile by Mission Status
<xref target="I-D.draft-mcguinness-oauth-mission-status"/>; this document does not
require them.</t>
        <t>Token validity and Mission validity are distinct: a token can outlive
a transition of its Mission, by at most the token lifetime. A
deployment whose consumers rely on Mission state beyond a token's
lifetime <bcp14>SHOULD</bcp14> offer introspection (<xref target="introspection"/>) or the Mission
Status companion, so an authorized party can determine the Mission's
current state rather than inferring it from token validity.</t>
      </section>
    </section>
    <section anchor="introspection">
      <name>Mission State via Token Introspection</name>
      <t>This section is <bcp14>OPTIONAL</bcp14>. The stateless baseline
(<xref target="mission-bound-tokens"/>) needs no introspection; an AS that does not
offer it, and a Resource Server that does not use it, are unaffected.
It lets a Mission-state-aware Resource Server observe a Mission's
current state per request instead of waiting out a token's lifetime.
Because it can report Mission state for a token whose Mission is no
longer <tt>active</tt>, this section deviates from the <bcp14>SHOULD NOT</bcp14> of
<xref target="RFC7662"/> Sections 2.2 and 4 against including additional
information about an inactive token; that deviation is justified and
governed by the caller-authorization and minimization
rules below (<xref target="caller-authorization-and-minimization"/>).</t>
      <t>An AS <bcp14>MAY</bcp14> support OAuth 2.0 Token Introspection <xref target="RFC7662"/> for
Mission-bound access tokens. When it does, the response for such a
token carries, in addition to the standard members, a <tt>mission</tt>
member: <tt>id</tt>, <tt>issuer</tt>, and <tt>authority_hash</tt> (as in the <tt>mission</tt>
claim, <xref target="mission-claim"/>) plus, when the responding AS is the Mission
<tt>issuer</tt>, the current lifecycle <tt>state</tt> (string). The core states are <tt>active</tt>, <tt>revoked</tt>,
and <tt>expired</tt> (<xref target="lifecycle"/>); a deployment that runs a companion
profile defining an additional state reports that state here, and a
consumer applies the forward-compatibility rule of <xref target="lifecycle"/> (only
<tt>active</tt> permits reliance; any other value, recognized or not, is
non-active). Only the issuer reports <tt>state</tt>
(<xref target="only-issuer-reports-state"/>).</t>
      <t>The AS includes the <tt>mission</tt> member only when it has authenticated the
caller, the caller is authorized for the token
(<xref target="caller-authorization-and-minimization"/>), and the presented token
resolves to a Mission. For a malformed, unknown, individually expired, or
otherwise unresolvable token, the AS responds per <xref target="RFC7662"/>
(<tt>active: false</tt>) with no <tt>mission</tt> member; it does not reveal Mission
state for a token it cannot bind to a Mission. The case below
(<tt>active: false</tt> with <tt>mission.state</tt>) applies only to a token that is
itself valid but whose Mission is no longer <tt>active</tt>.</t>
      <t>The composite-active rule (<xref target="composite-active"/>) and the <tt>mission</tt>
member apply equally when a Mission-bound refresh token is introspected.</t>
      <section anchor="caller-authorization-and-minimization">
        <name>Caller Authorization and Minimization</name>
        <t>The introspection endpoint is protected per <xref target="RFC7662"/>. The AS:</t>
        <ul spacing="normal">
          <li>
            <t><bcp14>MUST</bcp14> authenticate the calling party.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> return Mission data only to a caller authorized to receive
it, in particular a Resource Server that is an audience of the
token.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> audience-filter the response, returning the
<tt>authorization_details</tt> entries and Mission data relevant to the
caller's audience and not disclosing entries addressed to other
audiences (<xref target="mission-bound-tokens"/>).</t>
          </li>
        </ul>
        <t>Because this profile returns the <tt>mission</tt> member and <tt>mission.state</tt>
even when <tt>active</tt> is <tt>false</tt> (diverging from the <xref target="RFC7662"/>
          <bcp14>SHOULD NOT</bcp14> against disclosing detail for inactive tokens), the AS
<bcp14>MUST</bcp14> apply this same
authorization and minimization to that data and <bcp14>MUST NOT</bcp14> reveal
Mission detail to an unauthorized introspection caller.</t>
      </section>
      <section anchor="composite-active">
        <name>Composite Active State</name>
        <t>The introspection <tt>active</tt> member reflects the composite
authorization, not the token in isolation. The AS <bcp14>MUST</bcp14> return
<tt>active: true</tt> only when the access token is itself valid (valid
signature, unexpired, and not individually revoked) AND the Mission
is <tt>active</tt>. The AS does not verify the token's sender-constraint
(<tt>cnf</tt>) at introspection: proof of possession is checked by the
Resource Server when the token is presented, not by the AS over an
introspection call, so <tt>active: true</tt> is not by itself evidence the
caller holds the bound key.</t>
        <t>When the token is otherwise valid but the Mission is <tt>revoked</tt> or
<tt>expired</tt>, the AS <bcp14>MUST</bcp14> return <tt>active: false</tt> and include
<tt>mission.state</tt> giving the reason, so a Resource Server can
distinguish a dead Mission from a bad token. (This deviates from the
<xref target="RFC7662"/> <bcp14>SHOULD NOT</bcp14> against including members when <tt>active</tt> is
<tt>false</tt>.) A
Mission transition does not by itself revoke the token as an
individual credential; introspection reports the composite
authorization as inactive.</t>
      </section>
      <section anchor="only-issuer-reports-state">
        <name>Only the Issuer Reports Mission State</name>
        <t>An AS <bcp14>MUST NOT</bcp14> include <tt>mission.state</tt> in an introspection response
unless it holds the Mission, that is, unless it is the Mission
<tt>issuer</tt>. Introspection at a non-issuer Resource AS, which returns the
claim-shape members only and never <tt>state</tt>, is specified by the
companion (<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
        <t>This is token introspection: it answers "is this token's
authorization still good," keyed by the token presented. The
canonical Mission Status surface (keyed by <tt>mission_id</tt>) remains out of scope
(<xref target="revocation"/>).</t>
      </section>
      <section anchor="examples">
        <name>Examples</name>
        <t>While the Mission is <tt>active</tt>, the response is the standard
<xref target="RFC7662"/> body plus the <tt>mission</tt> member. The canonical ERP token
(<xref target="mission-claim"/>), introspected at the issuer AS:</t>
        <sourcecode type="json"><![CDATA[
{
  "active": true,
  "iss": "https://as.example.com",
  "sub": "user_3p2q8mN1a0kV7tR",
  "client_id": "s6BhdRkqt3",
  "aud": "https://erp.example.com",
  "exp": 1797840300,
  "authorization_details": [
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["invoices.read"],
      "constraints": {
        "resource_issued_after": "2026-07-01T00:00:00Z",
        "resource_issued_before": "2026-09-30T23:59:59Z"
      },
      "delegation": {
        "max_depth": 2,
        "allowed_delegates": [{ "sub_profile": "ai_agent" }]
      } },
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["journal-entries.write"],
      "constraints": {
        "max_amount": { "amount": "500.00", "currency": "USD" }
      } }
  ],
  "mission": {
    "id": "msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-",
    "issuer": "https://as.example.com",
    "authority_hash":
      "sha-256:l3KvZ4mP5x0wQrR6tY2nD9bM7sX1cF8gH2vJ4kE5pNQ",
    "state": "active"
  }
}
]]></sourcecode>
        <t>The same token after the Mission is revoked, reported per the
composite-active rule (<xref target="composite-active"/>):</t>
        <sourcecode type="json"><![CDATA[
{
  "active": false,
  "mission": {
    "id": "msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-",
    "issuer": "https://as.example.com",
    "authority_hash":
      "sha-256:l3KvZ4mP5x0wQrR6tY2nD9bM7sX1cF8gH2vJ4kE5pNQ",
    "state": "revoked"
  }
}
]]></sourcecode>
      </section>
    </section>
    <section anchor="delegation">
      <name>Delegation Within a Mission</name>
      <t>This section is <bcp14>OPTIONAL</bcp14>. A deployment whose agents never delegate, and
a Resource Server that sees no delegated tokens, are unaffected.</t>
      <t>An agent may delegate execution to downstream actors (a sub-agent,
service, or tool that is itself an OAuth client) within a Mission.
Delegation is represented with the OAuth Actor Profile
<xref target="I-D.draft-mcguinness-oauth-actor-profile"/>, which profiles the
RFC 8693 <xref target="RFC8693"/> <tt>act</tt> (actor) claim.</t>
      <t>A delegate obtains a delegated token by Token Exchange
(<xref target="RFC8693"/>). The AS issues the delegated token subject to all of
the following:</t>
      <ul spacing="normal">
        <li>
          <t><strong>The exchange is explicit.</strong> The delegating Mission-bound access
token is the <tt>subject_token</tt>, with <tt>subject_token_type</tt> of
<tt>urn:ietf:params:oauth:token-type:access_token</tt>. The delegate is
identified by an <tt>actor_token</tt> (with its <tt>actor_token_type</tt>) or by
its own client authentication, and the AS asserts the actor itself
(<xref target="delegation-constraints"/>); a <tt>requested_token_type</tt> of
<tt>urn:ietf:params:oauth:token-type:access_token</tt> is used. The
response carries the matching <tt>issued_token_type</tt> and a <tt>token_type</tt>
for the issued access token, per <xref target="RFC8693"/> Section 2.2.1.</t>
        </li>
        <li>
          <t><strong>Subject is stable.</strong> <tt>sub</tt> remains the Mission's Subject. The
delegate is an actor, not the subject.</t>
        </li>
        <li>
          <t><strong>The approved agent stays <tt>client_id</tt>.</strong> This profile keeps
<tt>client_id</tt> equal to the Mission's approved agent on every derived
token (<xref target="mission-bound-tokens"/>), so the approved party is
verifiable everywhere. Downstream delegates are carried in the
<tt>act</tt> chain, not in <tt>client_id</tt>. For delegated tokens this
deliberately overrides the <tt>client_id</tt> definition of <xref target="RFC8693"/>
Section 4.3, which <xref target="RFC9068"/> Section 2.2 incorporates (the client
that requested the token); here the immediate delegate is the
outermost <tt>act</tt>.</t>
        </li>
        <li>
          <t><strong>The <tt>act</tt> chain identifies the delegates.</strong> The delegated token
carries an <tt>act</tt> claim per the Actor Profile
<xref target="I-D.draft-mcguinness-oauth-actor-profile"/>: the outermost <tt>act</tt> is
the immediate delegate, with prior delegates nested inward, back
toward the approved agent. Each actor object
carries the members that profile defines (<tt>sub</tt>, <tt>iss</tt>, and the
<bcp14>RECOMMENDED</bcp14> <tt>sub_profile</tt> actor-type classification, e.g.
<tt>ai_agent</tt>). This document does not re-specify the <tt>act</tt> structure.</t>
        </li>
        <li>
          <t><strong>Authority only narrows.</strong> The delegated token's
<tt>authorization_details</tt> <bcp14>MUST</bcp14> be a subset (<xref target="subset"/>) of the
delegating token's authority, hence of the Mission Authority Set.
Delegation <bcp14>MUST NOT</bcp14> add authority.</t>
        </li>
        <li>
          <t><strong>The Mission binding rides unchanged.</strong> The delegated token
carries the same <tt>mission</tt> claim (<xref target="mission-claim"/>), its
<tt>id</tt>, <tt>issuer</tt>, and <tt>authority_hash</tt>, so every actor in
the chain operates under the one consented authority.</t>
        </li>
        <li>
          <t><strong>Each delegate is bound to its own key.</strong> The delegated token <bcp14>MUST</bcp14>
be sender-constrained (<xref target="mission-bound-tokens"/>) to the <strong>delegate's
own</strong> key: its <tt>cnf</tt> is the delegate's DPoP or mTLS key, not the
delegating party's. The delegate proves possession of that key in
the Token Exchange. A compromised delegate key therefore cannot be
replayed as the agent or as another actor in the chain, and each
actor's credential is independently revocable by key.</t>
        </li>
        <li>
          <t><strong>Each delegation is gated.</strong> Issuing a delegated token is a
derivation event; the AS <bcp14>MUST</bcp14> refuse it unless the Mission is
<tt>active</tt> (<xref target="lifecycle"/>).</t>
        </li>
      </ul>
      <t>Where a deployment authenticates client instances
(<xref target="I-D.draft-mcguinness-oauth-client-instance-assertion"/>; for AI
agents, its agent profile
<xref target="I-D.draft-mcguinness-oauth-ai-agent-instance"/>), the delegate
identified by the outermost <tt>act</tt> is the concrete instance: <tt>act.sub</tt>
is the instance identifier and <tt>act.cnf</tt> is the instance-specific
key. This profile's requirement that a delegated token be
sender-constrained to the delegate's own key then lands on an
instance-possessed key by construction. An <tt>allowed_delegates</tt>
matcher can select instance-grade actors
(<xref target="delegation-constraints"/>), for example
<tt>{ "sub_profile": "client_instance" }</tt>. The <tt>sub_profile</tt> values
used here (<tt>ai_agent</tt>, <tt>client_instance</tt>) are drawn from the
entity-profiles vocabulary those instance profiles use; the Actor
Profile <xref target="I-D.draft-mcguinness-oauth-actor-profile"/> remains the
structural reference for the actor object.</t>
      <section anchor="client-id-rebinding">
        <name>Design Alternative: Rebinding client_id to the Delegate</name>
        <t>A rejected alternative rebinds <tt>client_id</tt> to the immediate delegate
on each hop, the plain <xref target="RFC9068"/> reading in which <tt>client_id</tt> names
the immediate client. Rebinding loses the stable approved-agent
binding that every consumer of a derived token can verify: each
downstream token presents as a new client rather than an actor
executing within the approved Mission, and joining who was approved to
who executed requires reconstructing the hop history from issuance
records rather than reading both from the token. Rebinding is also
safe only where every Resource Server processes <tt>act</tt> anyway, since
the delegation history lives nowhere else; that is exactly the
discipline this profile's chosen design requires, so rebinding buys no
relaxation. The operational rule of <xref target="rs-enforcement"/> therefore holds
regardless of the binding choice: a Resource Server that authorizes or
logs the caller <bcp14>MUST</bcp14> process the <tt>act</tt> chain, and a deployment <bcp14>SHOULD
NOT</bcp14> route delegated tokens to a Resource Server that authorizes or
logs on <tt>client_id</tt> without processing <tt>act</tt>.</t>
      </section>
      <section anchor="self-exchange">
        <name>Self-Exchange Down-Scoping</name>
        <t>An agent <bcp14>MAY</bcp14> present its own Mission-bound access token as the
<tt>subject_token</tt> of a Token Exchange (<xref target="RFC8693"/>) with no actor, to
obtain a narrowed token (for example, a single-audience one). The
result <bcp14>MUST</bcp14> be a subset (<xref target="subset"/>) of the presented token's
authority, carries the same <tt>mission</tt> claim (<xref target="mission-claim"/>), and
adds no <tt>act</tt> chain. It is a derivation and is gated on the Mission
being <tt>active</tt> (<xref target="lifecycle"/>). Because it names no actor, it does not
delegate: it re-scopes the agent's own authority downward.</t>
      </section>
      <section anchor="delegation-constraints">
        <name>Delegation Constraints</name>
        <t>What may be delegated, how far, and to whom is governed per
Authority Set entry by the entry's optional <tt>delegation</tt> member
(<xref target="authorization-derivation"/>). Because the policy lives in the
entry, it is committed by <tt>authority_hash</tt> with the rest of the
Authority Set and travels with the entries wherever they are carried,
including across a cross-domain projection
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>), needing no
separate mechanism.</t>
        <t><strong>Delegation depth.</strong> The delegation depth of a token is the number
of actors in its <tt>act</tt> chain (the nesting depth of the <tt>act</tt> claim),
counted from the approved agent: the agent's own non-delegated token
is depth 0, the first delegate is depth 1, and each further delegate
adds 1. The depth checked against <tt>max_depth</tt> is that of the token
being issued, computed after appending the new outermost actor, not
the depth of the delegating token. A credential projected across a
trust domain carries no <tt>act</tt> chain and enters the target domain at
depth 0 (<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
        <t><strong>Per-entry enforcement.</strong> When the AS issues a token to a delegate
(the actor that becomes the outermost <tt>act</tt>) at delegation depth
<tt>d</tt>, it includes a Mission Authority Set entry in the delegated
token's <tt>authorization_details</tt> only if all of the following hold:</t>
        <ol spacing="normal" type="1"><li>
            <t>the entry carries a <tt>delegation</tt> member (otherwise it is
non-delegable, which is the default);</t>
          </li>
          <li>
            <t><tt>d</tt> is less than or equal to the entry's <tt>delegation.max_depth</tt>;
and</t>
          </li>
          <li>
            <t>the delegate is permitted by <tt>delegation.allowed_delegates</tt>, or
that member is absent.</t>
          </li>
        </ol>
        <t>An entry failing any of these narrows out of the delegated token,
consistent with the subset rule (<xref target="subset"/>). The <tt>delegation</tt>
member is policy, not authority, and is not part of the subset
comparison; surviving entries are carried with their <tt>delegation</tt>
member intact so the next hop is evaluated the same way.</t>
        <t><strong>Matching <tt>allowed_delegates</tt>.</strong> Each entry is a matcher object
modeled on the RFC 8693 <tt>may_act</tt> actor object (<xref target="RFC8693"/> Section
4.4): where <tt>may_act</tt> names a single party eligible to act on a token,
<tt>allowed_delegates</tt> is a per-Authority-Set-entry <em>list</em> of such
matchers, generalized to actor-type classes. A <tt>{ "sub": ... }</tt>
matcher permits a specific delegate by client identifier; a
<tt>{ "sub_profile": ... }</tt> matcher permits any actor of that type (for
example, <tt>ai_agent</tt>). An actor's <tt>sub_profile</tt> <bcp14>MAY</bcp14> carry multiple
space-separated values; a <tt>{ "sub_profile": ... }</tt> matcher is
satisfied when its value is among the actor's values. A deployment
can thus permit a specific client,
a class of actors, or both, and a delegate is permitted if it matches
any entry. The AS <bcp14>MUST</bcp14> authenticate the delegate at the Token Exchange
and assert the actor's <tt>sub</tt> and <tt>sub_profile</tt> itself. A self-asserted
<tt>sub_profile</tt> <bcp14>MUST NOT</bcp14> satisfy a matcher; otherwise a client could
claim any actor type to bypass the constraint.</t>
        <t>A <tt>{ "sub": ... }</tt> matcher is a client identifier in the issuing AS's
namespace and is not portable across a trust domain; how a Resource AS
evaluates conveyed matchers, failing closed and narrowing out any
<tt>sub</tt> matcher it cannot resolve, is specified by the companion
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
        <t><strong>Empty result.</strong> If narrowing leaves no entries for the delegate,
the AS <bcp14>MUST</bcp14> refuse with <tt>invalid_target</tt> (<xref target="RFC8693"/> Section 2.2.2)
rather than issue a token with empty authority: the requested
delegation has no authority to carry, while the subject grant itself
remains valid for other exchanges.</t>
        <t><strong>The Resource Server enforces none of this.</strong> Delegation
constraints are applied by the AS at issuance; a Resource Server sees
only the already-narrowed <tt>authorization_details</tt> and enforces those
as usual (<xref target="mission-bound-tokens"/>).</t>
      </section>
      <section anchor="worked-example-delegated-token">
        <name>Worked Example: Delegated Token</name>
        <t>Suppose the Mission's Authority Set has two entries on the ERP:
<tt>invoices.read</tt>, delegable to <tt>ai_agent</tt> actors through depth 2; and
<tt>journal-entries.write</tt>, which carries no <tt>delegation</tt> member and is
therefore non-delegable. The approved agent <tt>s6BhdRkqt3</tt> delegates to
sub-agent <tt>tool-runner-7</tt>, an <tt>ai_agent</tt>, at depth 1. The read entry
is permitted (depth 1 &lt;= 2, <tt>ai_agent</tt> allowed) and the write entry
narrows out. The decoded delegated access token:</t>
        <sourcecode type="json"><![CDATA[
{
  "iss": "https://as.example.com",
  "sub": "user_3p2q8mN1a0kV7tR",
  "aud": "https://erp.example.com",
  "client_id": "s6BhdRkqt3",
  "iat": 1797840600,
  "exp": 1797840900,
  "jti": "at_3qX5bN7sR1tY8mZ9Kp2v",
  "authorization_details": [
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["invoices.read"],
      "constraints": {
        "resource_issued_after": "2026-07-01T00:00:00Z",
        "resource_issued_before": "2026-09-30T23:59:59Z"
      },
      "delegation": {
        "max_depth": 2,
        "allowed_delegates": [{ "sub_profile": "ai_agent" }]
      } }
  ],
  "act": {
    "sub": "tool-runner-7",
    "iss": "https://as.example.com",
    "sub_profile": "ai_agent"
  },
  "cnf": { "jkt": "qVx7y2N0p4Lq9Md3sZJ8b8mZ3rN2xT5pV4lE6sQqYY" },
  "mission": {
    "id": "msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-",
    "issuer": "https://as.example.com",
    "authority_hash":
      "sha-256:l3KvZ4mP5x0wQrR6tY2nD9bM7sX1cF8gH2vJ4kE5pNQ"
  }
}
]]></sourcecode>
        <t><tt>sub</tt> is still the user and <tt>client_id</tt> is still the approved agent;
<tt>tool-runner-7</tt> appears only as the actor. The <tt>cnf</tt> is
<tt>tool-runner-7</tt>'s own key, not the agent's, so this token cannot be
replayed as the agent. The non-delegable write entry was dropped; the
read entry survives, carrying its <tt>delegation</tt> member so a further hop
can be evaluated: a depth-3 delegate, or a non-<tt>ai_agent</tt> one, would
narrow it out too. The <tt>mission</tt> claim is unchanged.</t>
      </section>
    </section>
    <section anchor="extensibility">
      <name>Extensibility</name>
      <t>This profile is a base layer that other agent-authorization work is
expected to extend. Extensions build alongside the stable interface
below; they <bcp14>MUST NOT</bcp14> redefine it. An extension <bcp14>MAY</bcp14> rely on these
remaining stable across revisions of this profile:</t>
      <ul spacing="normal">
        <li>
          <t>the <tt>mission</tt> claim members <tt>id</tt>, <tt>issuer</tt>, and <tt>authority_hash</tt>
(<xref target="mission-claim"/>);</t>
        </li>
        <li>
          <t>the <tt>mission_resource_access</tt> authorization details shape
(<xref target="authorization-derivation"/>); and</t>
        </li>
        <li>
          <t>the <tt>act</tt> delegation chain (<xref target="delegation"/>).</t>
        </li>
      </ul>
      <t>The profile offers four extension points, each a declared seam rather
than new machinery:</t>
      <ul spacing="normal">
        <li>
          <t><strong>Authority types.</strong> The Authority Set is open to other AS-supported
<tt>authorization_details</tt> types (<xref target="other-types"/>); the Mission
apparatus (commitment, gating, delegation) is type-agnostic toward
them, subject to the delegation and projection limits in
<xref target="other-types"/>.</t>
        </li>
        <li>
          <t><strong>Integrity anchors.</strong> Additional committed objects use the same
domain-separated, issuer-bound envelope with a new <tt>typ</tt>
(<xref target="integrity-anchors"/>). A consent-disclosure commitment, an
instruction-text attestation, or a delegation receipt can be
committed this way without changing this profile. A profile that
commits an evidence or disclosure object <bcp14>MUST</bcp14> commit it with this
envelope and a collision-resistant <tt>typ</tt>, not by hashing the bare
object, so the domain separation and issuer binding hold uniformly. A
<tt>mission</tt> descriptor embedded in such an object uses the <tt>mission</tt>
claim shape (<xref target="mission-claim"/>), optionally extended with
collision-resistantly named members (for example, an <tt>intent_hash</tt>
for audit), and is never authority-bearing on its own.</t>
        </li>
        <li>
          <t><strong>The <tt>mission</tt> claim.</strong> It is an open object (<xref target="mission-claim"/>):
additional, collision-resistantly named members ride the mission
binding (for example, a runtime decision reference, a delegation
receipt, or an attestation reference), and consumers ignore unknown
members and never derive authority from them.</t>
        </li>
        <li>
          <t><strong>Lifecycle state.</strong> The lifecycle state space (<xref target="lifecycle"/>) is open
to additional states defined by companion profiles for lifecycles they
introduce. The forward-compatibility rule in <xref target="lifecycle"/> keeps this
safe without a registry: only <tt>active</tt> permits issuance, and a consumer
treats every other state, recognized or not, as non-active.</t>
        </li>
      </ul>
      <t>This document defines no extension registry, capability-negotiation
mechanism, or profile-version field; an extension declares its own
identifiers and, where it needs discovery, its own metadata. The
extensibility of the <tt>typ</tt> value space, the <tt>mission</tt> claim, and the
lifecycle state space rests on collision-resistant naming and the
fail-safe rules above rather than on central registration.</t>
    </section>
    <section anchor="discovery">
      <name>Authorization Server Metadata</name>
      <t>An AS <bcp14>MAY</bcp14> advertise support for this specification in its
authorization server metadata <xref target="RFC8414"/>:</t>
      <dl>
        <dt><tt>mission_bound_authorization_supported</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14> boolean. When <tt>true</tt>, the AS supports the core Mission
Issuer surfaces of this profile (<xref target="conformance"/>): the
<tt>mission_intent</tt> authorization request parameter through PAR
(<xref target="mission-intent"/>), derivation of <tt>mission_resource_access</tt>
authorization details (<xref target="authorization-derivation"/>), Mission-bound
access tokens (<xref target="mission-bound-tokens"/>), and the <tt>mission</tt> JWT claim
(<xref target="mission-claim"/>). It asserts Mission Issuer support only; it makes
no claim about any Resource Server, nor about the <bcp14>OPTIONAL</bcp14>
capabilities (delegation, introspection, cross-domain projection),
which are discovered out of band or by attempt (<xref target="conformance"/>).</t>
        </dd>
      </dl>
      <t>An AS that advertises this profile <bcp14>SHOULD</bcp14> also include
<tt>mission_resource_access</tt> in its <tt>authorization_details_types_supported</tt>
metadata (<xref target="RFC9396"/>), so that RFC 9396-aware clients
discover the authorization details type through the standard mechanism.
A client <bcp14>MAY</bcp14> use the RFC 9396 client metadata <tt>authorization_details_types</tt>
at registration to declare the types it understands.</t>
      <t>Discovery is <bcp14>OPTIONAL</bcp14>: a deployment <bcp14>MAY</bcp14> arrange Mission-bound
authorization out of band, and this member only lets an AS advertise
it. When the member is absent or <tt>false</tt>, a client <bcp14>MUST NOT</bcp14> infer
that the AS supports this specification.</t>
      <t>An AS that advertises <tt>mission_bound_authorization_supported: true</tt>
        <bcp14>MUST</bcp14> also publish <tt>pushed_authorization_request_endpoint</tt>
(<xref target="RFC9126"/>), since a Mission Intent is accepted only through PAR
(<xref target="submission-via-par"/>).</t>
      <t>This member and the <tt>mission_bound_authorization_required</tt> member of
<xref target="protected-resource-metadata"/> are unauthenticated discovery data:
their integrity rests on the metadata retrieval protections of
<xref target="RFC8414"/> and <xref target="RFC9728"/>, whose security considerations apply.</t>
    </section>
    <section anchor="protected-resource-metadata">
      <name>Protected Resource Metadata</name>
      <t>A protected resource <bcp14>MAY</bcp14> advertise, in its protected resource metadata
<xref target="RFC9728"/>:</t>
      <dl>
        <dt><tt>mission_bound_authorization_required</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14> boolean. When <tt>true</tt>, the protected resource accepts only
Mission-bound tokens: a token that lacks the <tt>mission</tt> claim
(<xref target="mission-claim"/>) is rejected (<xref target="rs-enforcement"/>). When absent or
<tt>false</tt>, the resource makes no such requirement.</t>
        </dd>
      </dl>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <section anchor="consent-binding">
        <name>Consent Binding</name>
        <t>The security goal of this document is that a user's approval of a
task bounds every token derived for it. The <tt>authority_hash</tt> is the
mechanism: it commits the exact Authority Set the Approver
consented to, and every derived token carries it in the <tt>mission</tt>
claim. An AS <bcp14>MUST</bcp14> compute <tt>authority_hash</tt> over the same Authority
Set it rendered for consent, and <bcp14>MUST</bcp14> re-render and re-consent if that
set changes (<xref target="approval-event"/>). <tt>authority_hash</tt> commits the full
Authority Set, while a derived token may carry a narrowed subset, so a
Resource Server cannot in general recompute it from the token alone.
Recomputation is <bcp14>OPTIONAL</bcp14>. A Resource Server that performs it
recomputes the anchor over the full Authority Set it independently
holds, compares the result to <tt>mission.authority_hash</tt>, and <bcp14>MUST</bcp14> reject
on mismatch; it additionally verifies that each carried
<tt>authorization_details</tt> entry is a subset (<xref target="subset"/>) of that held
set. A narrowed token matches by that subset test, never by hashing
its carried entries: the anchor is defined only over the full set. A
Resource Server that does not hold the full Authority Set treats
<tt>authority_hash</tt> as a whole-Mission audit and correlation anchor
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>) and enforces the
token's <tt>authorization_details</tt> directly (<xref target="mission-bound-tokens"/>).</t>
        <t><tt>intent_hash</tt> extends the same protection to the task itself: it
commits the approved Mission Intent, so an auditor can detect any
later alteration of the recorded task, independently of the authority
derived from it. The two anchors are domain-separated
(<xref target="integrity-anchors"/>); neither is a substitute for the other.</t>
        <t>The task and the authority are committed separately, rather than folded
into one hash over the whole Mission, because they are distinct objects
with distinct uses. <tt>authority_hash</tt> commits what a Resource Server
enforces and what a cross-domain projection carries, so it <bcp14>MUST</bcp14> be
verifiable from a token that conveys only the authority, without the
Intent. <tt>intent_hash</tt> commits the task as audit material, tamper-evident
even where the authority is projected without the Intent traveling with
it. One combined hash could not serve both a token that carries
authority alone and an auditor that holds the task alone.</t>
        <t>Neither anchor proves the Approver understood the rendered task, nor
that the AS rendered it faithfully; they commit what the AS
recorded, and make post-hoc tampering of those records detectable.</t>
        <t>This profile commits the task (<tt>intent_hash</tt>) and the authority
(<tt>authority_hash</tt>) the Approver consented to, but deliberately does
not commit the <strong>rendered consent disclosure</strong> itself: the locale,
disclosure-template version, and material notices the Approver was
shown are not bound by any anchor here. Because of this gap, a buggy or
malicious rendering layer could mislead the Approver, showing a
narrower or different task than the Authority Set actually committed,
without leaving any committed trace. A deployment whose Missions carry
high-risk authority <bcp14>SHOULD</bcp14> therefore record presentation-level audit
evidence: for example, a hash over the exact consent disclosure
rendered to the Approver, retained so the disclosure shown can be
reconstructed and audited after the fact. Binding this on the wire (a
<tt>consent_rendering_hash</tt> over a structured consent-disclosure object)
is specified as an <bcp14>OPTIONAL</bcp14> companion profile by Mission Consent
Evidence <xref target="I-D.draft-mcguinness-oauth-mission-consent-evidence"/>; an AS
that does not implement it <bcp14>MAY</bcp14> record equivalent evidence out of band.
As that profile makes explicit, such a commitment binds the structured
disclosure the AS records, not the pixels actually presented; it
narrows this gap for audit but does not close it.</t>
      </section>
      <section anchor="mission-drift">
        <name>Mission Drift</name>
        <t>Because issuance is gated on Mission state and bounded by the
Authority Set, an agent cannot escalate beyond the approved task by
acquiring additional tokens: every derived token is a subset of the
approved authority (<xref target="subset"/>), and no token can be derived once the
Mission is <tt>revoked</tt> or <tt>expired</tt>. Deployments <bcp14>SHOULD</bcp14> keep derived
token lifetimes short so state transitions take effect promptly.</t>
      </section>
      <section anchor="downgrade-by-omission">
        <name>Downgrade by Omission</name>
        <t>A token bearing equivalent <tt>authorization_details</tt> but no <tt>mission</tt>
claim is governed by no Mission state, revocation, or consent
commitment. A deployment that designates a resource Mission-governed
<bcp14>MUST NOT</bcp14> issue tokens for that resource outside a Mission, except under
documented policy exceptions. On the enforcement side, a Resource
Server for such a resource rejects a token lacking the <tt>mission</tt> claim
(<xref target="rs-enforcement"/>), and <bcp14>MAY</bcp14> advertise the requirement through
<tt>mission_bound_authorization_required</tt>
(<xref target="protected-resource-metadata"/>).</t>
      </section>
      <section anchor="prompt-injection">
        <name>Prompt Injection and the Exfiltration Leg</name>
        <t>An agent that reads attacker-influenceable content can be prompt-injected;
this profile assumes that and does not try to make the agent immune.
Injection is dangerous when one agent combines access to private data,
exposure to untrusted content, and the ability to communicate
externally; the robust defense is architectural, constraining one of
those, not making the model resistant.</t>
        <t>This profile constrains the data-access leg: a Mission narrows authority
from everything the agent's standing credentials allow to the resources
the approved task needs, and per-task Missions (<xref target="applicability"/>) shrink
the blast radius further. It contributes one thing against the
untrusted-content leg: <tt>purpose</tt> and <tt>success_criteria</tt> are inert,
granting, widening, and gating no authority, and <tt>goal</tt> shapes
authority only through the pre-approval derivation whose result the
Approver reads and consents to (<xref target="mission-intent"/>,
<xref target="authorization-derivation"/>); authority is fixed at the approval
event, so injected text cannot talk an approved Mission into
expanding itself.</t>
        <t>This profile does not constrain the external-communication leg and
provides no information-flow control. It models authority over resources
and actions, not how an agent uses authority it holds: within an
approved Authority Set, an injected agent can read what the Mission
permits and write to a sink the Mission permits, and the flat subset and
constraint model cannot express "may read secrets, may write documents,
but not write secrets into documents." Constraining exfiltration by a
compromised agent is the runtime enforcement layer's role
(<xref target="runtime-boundary"/>), and even there it is bounded, not closed
(see that profile's security considerations). Closing within-scope data
laundering needs a separate taint or information-flow layer this profile
does not define.</t>
      </section>
      <section anchor="runtime-boundary">
        <name>Issuance Scope, Not Runtime Enforcement</name>
        <t>This profile governs the issuance and derivation of authority: it
bounds what authority a Mission yields, binds it to the Approver's
consent, and gates derivation on Mission state. It does not evaluate
individual runtime actions. In particular, it does not:</t>
        <ul spacing="normal">
          <li>
            <t>evaluate a request's parameters against the Mission at the point of
use;</t>
          </li>
          <li>
            <t>produce runtime enforcement evidence for each consequential action;</t>
          </li>
          <li>
            <t>bind tool or function identities to the Mission; or</t>
          </li>
          <li>
            <t>re-evaluate at execution time to close the
approval-to-execution (time-of-check to time-of-use) gap.</t>
          </li>
        </ul>
        <t>Mission governance is necessary but not sufficient. An active Mission
still bounds a set of authority an agent may exercise freely within a
token's lifetime, so an active Mission can become ambient authority
for individual consequential actions. Preventing that requires a
runtime enforcement layer that evaluates each consequential action
against the Mission and records evidence; such a layer composes with
this profile and is out of scope here. Which party enforces each
Mission-carried bound is summarized in the enforcement table
(<xref target="mission-intent"/>). Short token lifetimes and
narrow authority bound, but do not eliminate, this exposure.</t>
      </section>
      <section anchor="token-theft">
        <name>Token Theft</name>
        <t>Derived tokens are sender-constrained (DPoP <xref target="RFC9449"/> or mTLS
<xref target="RFC8705"/>) at the levels set in <xref target="mission-bound-tokens"/> and
<xref target="delegation"/>: <bcp14>SHOULD</bcp14> for the primary access token, <bcp14>MUST</bcp14> for
delegated tokens; the companion sets the same <bcp14>MUST</bcp14> for its
cross-domain credentials
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>). A stolen token
is bounded by the Authority Set and the Mission lifetime regardless,
but sender-constraint prevents replay by a different party.</t>
      </section>
      <section anchor="delegation-and-chain-compromise">
        <name>Delegation and Chain Compromise</name>
        <t>Delegation (<xref target="delegation"/>) widens the set of parties holding
Mission-derived authority. Because authority only narrows down the
chain, a compromised actor can act only within the authority it was
delegated, for the lifetime of the token it holds: the exposure of
any actor is bounded by its narrowed <tt>authorization_details</tt> times
its token lifetime. The per-entry delegation constraints
(<xref target="delegation-constraints"/>) bound this exposure at approval time:
non-delegable entries never reach a delegate at all, <tt>max_depth</tt>
caps how far an entry can propagate, and <tt>allowed_delegates</tt>
restricts who may receive it. Note that <tt>max_depth</tt> bounds the
<em>length</em> of a delegation chain, not its <em>breadth</em>: fan-out to many
distinct depth-1 delegates is bounded only by <tt>allowed_delegates</tt>, so
a deployment that needs to limit breadth <bcp14>MUST</bcp14> constrain
<tt>allowed_delegates</tt> (and <bcp14>MAY</bcp14> use <tt>max_derivations</tt> to cap total
derivations). Because each delegated token is bound
to the delegate's own key (<xref target="delegation"/>), a compromised delegate is
confined to its own narrowed credential: it cannot replay as the
agent or another actor, and its credential can be revoked by key
without revoking the rest of the chain. Deployments <bcp14>SHOULD</bcp14> keep
delegated token lifetimes short and <bcp14>SHOULD</bcp14> make only the entries that
need delegation delegable.</t>
      </section>
      <section anchor="signing-and-key-rotation">
        <name>Signing and Key Rotation</name>
        <t>The <tt>mission</tt> claim and <tt>authorization_details</tt> are carried inside
the <xref target="RFC9068"/> JWT and are covered by the AS's token signature; their
integrity reduces to the AS's signing key. An AS <bcp14>MUST</bcp14> publish its
verification keys (for example, via <xref target="RFC8414"/> <tt>jwks_uri</tt>) and
<bcp14>SHOULD</bcp14> retain the verification key for each key identifier it has
signed under long enough to verify tokens issued before a rotation.</t>
      </section>
      <section anchor="compromised-or-over-broad-derivation">
        <name>Compromised or Over-Broad Derivation</name>
        <t>The AS is trusted to derive authority no broader than the Mission
Intent. Deployments <bcp14>SHOULD</bcp14> constrain derivation with explicit
resource and action mappings rather than free-form inference, and
<bcp14>SHOULD</bcp14> record <tt>policy_version</tt> so a derivation can be audited and
reproduced. General OAuth security guidance <xref target="RFC9700"/> applies.</t>
      </section>
      <section anchor="authority-hash-is-not-a-mission-identifier">
        <name>Authority Hash Is Not a Mission Identifier</name>
        <t><tt>authority_hash</tt> commits the approved Authority Set, not the Mission.
Two distinct Missions that approve byte-identical authority carry the
same <tt>authority_hash</tt>: a successor Mission that re-approves the same
Authority Set, or an unrelated Mission with the same derived authority,
differs in its <tt>intent_hash</tt>, <tt>approver</tt>, and <tt>id</tt> while sharing the
<tt>authority_hash</tt>. It is therefore not globally unique to a Mission and
<bcp14>MUST NOT</bcp14> be used as a Mission Identifier or as a replay or idempotency
key for a Mission. The canonical Mission Identifier names the
Mission; <tt>authority_hash</tt> names the authority the Mission
approved. A consumer that needs to bind to or correlate a specific
Mission uses the Mission Identifier, and <tt>intent_hash</tt> and <tt>approver</tt>
distinguish Missions that share an Authority Set.</t>
      </section>
    </section>
    <section anchor="privacy-considerations">
      <name>Privacy Considerations</name>
      <t>A Mission Identifier is a correlation handle: a deployment limits
exposure by giving stable Mission Identifiers only to parties that
enforce, audit, or observe that Mission, preferring audience-scoped
projections of authority where possible, and minimizing status and
introspection disclosures to authorized callers. The subsections that follow and the
introspection minimization rules
(<xref target="caller-authorization-and-minimization"/>) give the specific rules.</t>
      <section anchor="mission-identifier-correlation">
        <name>Mission Identifier Correlation</name>
        <t>This document carries a single canonical Mission Identifier on every
derived token; the companion's cross-domain projection carries it
across trust domains unchanged
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>). Any party that
observes credentials for the
same Mission, whether a Resource Server, a Resource AS, or an auditor
spanning audiences, can correlate that activity by the Mission
Identifier, and <tt>mission.issuer</tt> further identifies the issuing AS.
This is intentional:
a stable, correlatable Mission anchor is what lets a Resource Server, a
cross-domain Resource AS, and an auditor bind credentials and evidence
to one approved Mission, which the governance and audit properties of
this document and its companion profiles depend on. The cost is that
this profile does not provide
cross-audience unlinkability, and that is a deliberate non-goal for this
version (<xref target="non-goals"/>), not an unfinished feature. Audience-pairwise
(or request-pairwise) Mission references, in which the issuer projects a
distinct opaque identifier per audience and resolves them server-side,
are the fuller mechanism for unlinkability; because they work against
the stable anchor, they are future work rather than a v1 property. A
deployment that carries the canonical Mission Identifier on the wire
<bcp14>SHOULD</bcp14> document this correlation property.</t>
      </section>
      <section anchor="token-payload-disclosure">
        <name>Token Payload Disclosure</name>
        <t>The carried <tt>constraints</tt> and a multi-resource Authority Set disclose
the shape of the task and its business bounds (for example, an amount
ceiling) to every holder and every audience of a derived token.
Per-RS single-audience tokens are the minimization measure: they carry
only the entries the consuming Resource Server needs, and this
document recommends them (<xref target="mission-bound-tokens"/>). The privacy
considerations of <xref target="RFC9396"/> apply to the carried
<tt>authorization_details</tt>.</t>
      </section>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <section anchor="oauth-parameters-registration">
        <name>OAuth Parameters Registration</name>
        <t>This document registers the following in the "OAuth Parameters"
registry:</t>
        <ul spacing="normal">
          <li>
            <t>Name: <tt>mission_intent</tt></t>
          </li>
          <li>
            <t>Parameter Usage Location: authorization request</t>
          </li>
          <li>
            <t>Change Controller: IETF</t>
          </li>
          <li>
            <t>Specification Document(s): this document, <xref target="mission-intent"/></t>
          </li>
          <li>
            <t>Name: <tt>mission_id</tt></t>
          </li>
          <li>
            <t>Parameter Usage Location: token response</t>
          </li>
          <li>
            <t>Change Controller: IETF</t>
          </li>
          <li>
            <t>Specification Document(s): this document, <xref target="grant-binding"/></t>
          </li>
        </ul>
        <t>PAR <xref target="RFC9126"/> carries authorization-request parameters without a
distinct usage location, so the pushed submission of <tt>mission_intent</tt>
needs no separate registration.</t>
      </section>
      <section anchor="type-registration">
        <name>The Mission Resource Access Authorization Details Type</name>
        <t><tt>mission_resource_access</tt> is an <tt>authorization_details</tt> type per
<xref target="RFC9396"/> Section 2, defined by this document in
<xref target="authorization-derivation"/>. RFC 9396 does not establish an IANA
registry of authorization details types (type identifiers are
interpreted by the Authorization Server), so this document creates no
registry entry for it and requires no IANA action here. If a registry
of authorization details types is established in the future, this type
<bcp14>SHOULD</bcp14> be registered in it.</t>
      </section>
      <section anchor="json-web-token-claims-registration">
        <name>JSON Web Token Claims Registration</name>
        <t>This document registers the following in the "JSON Web Token Claims"
registry:</t>
        <ul spacing="normal">
          <li>
            <t>Claim Name: <tt>mission</tt></t>
          </li>
          <li>
            <t>Claim Description: Reference to the Mission a token was derived
under, with the consent-commitment <tt>authority_hash</tt>. An open object;
additional members may be present and are ignored if unknown.</t>
          </li>
          <li>
            <t>Change Controller: IETF</t>
          </li>
          <li>
            <t>Specification Document(s): this document, <xref target="mission-claim"/></t>
          </li>
        </ul>
      </section>
      <section anchor="oauth-token-introspection-response-registration">
        <name>OAuth Token Introspection Response Registration</name>
        <t>This document registers the following in the "OAuth Token
Introspection Response" registry (<xref target="RFC7662"/>):</t>
        <ul spacing="normal">
          <li>
            <t>Name: <tt>mission</tt></t>
          </li>
          <li>
            <t>Description: The Mission a token was derived under. Same object shape
as the <tt>mission</tt> JWT claim (<xref target="mission-claim"/>); a response from the
Mission's issuer additionally carries a <tt>state</tt> member giving the
current lifecycle state (<xref target="introspection"/>).</t>
          </li>
          <li>
            <t>Change Controller: IETF</t>
          </li>
          <li>
            <t>Specification Document(s): this document, <xref target="introspection"/></t>
          </li>
        </ul>
      </section>
      <section anchor="oauth-authorization-server-metadata-registration">
        <name>OAuth Authorization Server Metadata Registration</name>
        <t>This document registers the following in the "OAuth Authorization
Server Metadata" registry (<xref target="RFC8414"/>):</t>
        <ul spacing="normal">
          <li>
            <t>Metadata Name: <tt>mission_bound_authorization_supported</tt></t>
          </li>
          <li>
            <t>Metadata Description: Boolean indicating that the Authorization
Server supports the Mission Issuer core surfaces of this document.</t>
          </li>
          <li>
            <t>Change Controller: IETF</t>
          </li>
          <li>
            <t>Specification Document(s): this document, <xref target="discovery"/></t>
          </li>
        </ul>
      </section>
      <section anchor="oauth-protected-resource-metadata-registration">
        <name>OAuth Protected Resource Metadata Registration</name>
        <t>This document registers the following in the "OAuth Protected Resource
Metadata" registry (<xref target="RFC9728"/>):</t>
        <ul spacing="normal">
          <li>
            <t>Metadata Name: <tt>mission_bound_authorization_required</tt></t>
          </li>
          <li>
            <t>Metadata Description: Boolean indicating that the protected resource
accepts only Mission-bound tokens.</t>
          </li>
          <li>
            <t>Change Controller: IETF</t>
          </li>
          <li>
            <t>Specification Document(s): this document, <xref target="protected-resource-metadata"/></t>
          </li>
        </ul>
      </section>
      <section anchor="iana-common-constraints">
        <name>Common Constraints</name>
        <t>This document creates no Common Constraints registry. The Common
Constraints it defines (<tt>max_amount</tt>, <tt>resource_issued_after</tt>,
<tt>resource_issued_before</tt>, <tt>tenant</tt>, <tt>recipient_domain</tt>) are specified in
<xref target="common-constraints"/>, and a further
Common Constraint is defined by specification: it fixes a name matching
<tt>^[A-Za-z0-9_.:-]+$</tt>, its JSON <xref target="RFC8259"/> value syntax, its subset
rule, and its intersection rule, in value-space terms
(<xref target="common-constraints"/>). Names are kept collision-free by the same
convention the rest of this document uses: a specification-defined name
is coordinated within this document family, and any other name is
collision-resistant or remains deployment-defined
(<xref target="common-constraints"/>).</t>
        <t>Should the set of interoperable Common Constraints grow beyond what
specification coordination bears, a future revision can create a
"Mission Common Constraints" registry with a Specification Required
<xref target="RFC8126"/> policy, seeded with the entries then defined; this document
does not create it.</t>
      </section>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <reference anchor="RFC3339">
          <front>
            <title>Date and Time on the Internet: Timestamps</title>
            <author fullname="G. Klyne" initials="G." surname="Klyne"/>
            <author fullname="C. Newman" initials="C." surname="Newman"/>
            <date month="July" year="2002"/>
            <abstract>
              <t>This document defines a date and time format for use in Internet protocols that is a profile of the ISO 8601 standard for representation of dates and times using the Gregorian calendar.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="3339"/>
          <seriesInfo name="DOI" value="10.17487/RFC3339"/>
        </reference>
        <reference anchor="RFC3986">
          <front>
            <title>Uniform Resource Identifier (URI): Generic Syntax</title>
            <author fullname="T. Berners-Lee" initials="T." surname="Berners-Lee"/>
            <author fullname="R. Fielding" initials="R." surname="Fielding"/>
            <author fullname="L. Masinter" initials="L." surname="Masinter"/>
            <date month="January" year="2005"/>
            <abstract>
              <t>A Uniform Resource Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every possible identifier. This specification does not define a generative grammar for URIs; that task is performed by the individual specifications of each URI scheme. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="66"/>
          <seriesInfo name="RFC" value="3986"/>
          <seriesInfo name="DOI" value="10.17487/RFC3986"/>
        </reference>
        <reference anchor="RFC6234">
          <front>
            <title>US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)</title>
            <author fullname="D. Eastlake 3rd" initials="D." surname="Eastlake 3rd"/>
            <author fullname="T. Hansen" initials="T." surname="Hansen"/>
            <date month="May" year="2011"/>
            <abstract>
              <t>Federal Information Processing Standard, FIPS</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6234"/>
          <seriesInfo name="DOI" value="10.17487/RFC6234"/>
        </reference>
        <reference anchor="RFC6749">
          <front>
            <title>The OAuth 2.0 Authorization Framework</title>
            <author fullname="D. Hardt" initials="D." role="editor" surname="Hardt"/>
            <date month="October" year="2012"/>
            <abstract>
              <t>The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This specification replaces and obsoletes the OAuth 1.0 protocol described in RFC 5849. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6749"/>
          <seriesInfo name="DOI" value="10.17487/RFC6749"/>
        </reference>
        <reference anchor="RFC7636">
          <front>
            <title>Proof Key for Code Exchange by OAuth Public Clients</title>
            <author fullname="N. Sakimura" initials="N." role="editor" surname="Sakimura"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Agarwal" initials="N." surname="Agarwal"/>
            <date month="September" year="2015"/>
            <abstract>
              <t>OAuth 2.0 public clients utilizing the Authorization Code Grant are susceptible to the authorization code interception attack. This specification describes the attack as well as a technique to mitigate against the threat through the use of Proof Key for Code Exchange (PKCE, pronounced "pixy").</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7636"/>
          <seriesInfo name="DOI" value="10.17487/RFC7636"/>
        </reference>
        <reference anchor="RFC7800">
          <front>
            <title>Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/>
            <date month="April" year="2016"/>
            <abstract>
              <t>This specification describes how to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of- possession key and how the recipient can cryptographically confirm proof of possession of the key by the presenter. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7800"/>
          <seriesInfo name="DOI" value="10.17487/RFC7800"/>
        </reference>
        <reference anchor="RFC8259">
          <front>
            <title>The JavaScript Object Notation (JSON) Data Interchange Format</title>
            <author fullname="T. Bray" initials="T." role="editor" surname="Bray"/>
            <date month="December" year="2017"/>
            <abstract>
              <t>JavaScript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format. It was derived from the ECMAScript Programming Language Standard. JSON defines a small set of formatting rules for the portable representation of structured data.</t>
              <t>This document removes inconsistencies with other specifications of JSON, repairs specification errors, and offers experience-based interoperability guidance.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="90"/>
          <seriesInfo name="RFC" value="8259"/>
          <seriesInfo name="DOI" value="10.17487/RFC8259"/>
        </reference>
        <reference anchor="RFC8693">
          <front>
            <title>OAuth 2.0 Token Exchange</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="A. Nadalin" initials="A." surname="Nadalin"/>
            <author fullname="B. Campbell" initials="B." role="editor" surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="C. Mortimore" initials="C." surname="Mortimore"/>
            <date month="January" year="2020"/>
            <abstract>
              <t>This specification defines a protocol for an HTTP- and JSON-based Security Token Service (STS) by defining how to request and obtain security tokens from OAuth 2.0 authorization servers, including security tokens employing impersonation and delegation.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8693"/>
          <seriesInfo name="DOI" value="10.17487/RFC8693"/>
        </reference>
        <reference anchor="RFC8785">
          <front>
            <title>JSON Canonicalization Scheme (JCS)</title>
            <author fullname="A. Rundgren" initials="A." surname="Rundgren"/>
            <author fullname="B. Jordan" initials="B." surname="Jordan"/>
            <author fullname="S. Erdtman" initials="S." surname="Erdtman"/>
            <date month="June" year="2020"/>
            <abstract>
              <t>Cryptographic operations like hashing and signing need the data to be expressed in an invariant format so that the operations are reliably repeatable. One way to address this is to create a canonical representation of the data. Canonicalization also permits data to be exchanged in its original form on the "wire" while cryptographic operations performed on the canonicalized counterpart of the data in the producer and consumer endpoints generate consistent results.</t>
              <t>This document describes the JSON Canonicalization Scheme (JCS). This specification defines how to create a canonical representation of JSON data by building on the strict serialization methods for JSON primitives defined by ECMAScript, constraining JSON data to the Internet JSON (I-JSON) subset, and by using deterministic property sorting.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8785"/>
          <seriesInfo name="DOI" value="10.17487/RFC8785"/>
        </reference>
        <reference anchor="RFC8705">
          <front>
            <title>OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens</title>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <date month="February" year="2020"/>
            <abstract>
              <t>This document describes OAuth client authentication and certificate-bound access and refresh tokens using mutual Transport Layer Security (TLS) authentication with X.509 certificates. OAuth clients are provided a mechanism for authentication to the authorization server using mutual TLS, based on either self-signed certificates or public key infrastructure (PKI). OAuth authorization servers are provided a mechanism for binding access tokens to a client's mutual-TLS certificate, and OAuth protected resources are provided a method for ensuring that such an access token presented to it was issued to the client presenting the token.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8705"/>
          <seriesInfo name="DOI" value="10.17487/RFC8705"/>
        </reference>
        <reference anchor="RFC8707">
          <front>
            <title>Resource Indicators for OAuth 2.0</title>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/>
            <date month="February" year="2020"/>
            <abstract>
              <t>This document specifies an extension to the OAuth 2.0 Authorization Framework defining request parameters that enable a client to explicitly signal to an authorization server about the identity of the protected resource(s) to which it is requesting access.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8707"/>
          <seriesInfo name="DOI" value="10.17487/RFC8707"/>
        </reference>
        <reference anchor="RFC9068">
          <front>
            <title>JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens</title>
            <author fullname="V. Bertocci" initials="V." surname="Bertocci"/>
            <date month="October" year="2021"/>
            <abstract>
              <t>This specification defines a profile for issuing OAuth 2.0 access tokens in JSON Web Token (JWT) format. Authorization servers and resource servers from different vendors can leverage this profile to issue and consume access tokens in an interoperable manner.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9068"/>
          <seriesInfo name="DOI" value="10.17487/RFC9068"/>
        </reference>
        <reference anchor="RFC9126">
          <front>
            <title>OAuth 2.0 Pushed Authorization Requests</title>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <author fullname="D. Tonge" initials="D." surname="Tonge"/>
            <author fullname="F. Skokan" initials="F." surname="Skokan"/>
            <date month="September" year="2021"/>
            <abstract>
              <t>This document defines the pushed authorization request (PAR) endpoint, which allows clients to push the payload of an OAuth 2.0 authorization request to the authorization server via a direct request and provides them with a request URI that is used as reference to the data in a subsequent call to the authorization endpoint.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9126"/>
          <seriesInfo name="DOI" value="10.17487/RFC9126"/>
        </reference>
        <reference anchor="RFC9396">
          <front>
            <title>OAuth 2.0 Rich Authorization Requests</title>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="J. Richer" initials="J." surname="Richer"/>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <date month="May" year="2023"/>
            <abstract>
              <t>This document specifies a new parameter authorization_details that is used to carry fine-grained authorization data in OAuth messages.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9396"/>
          <seriesInfo name="DOI" value="10.17487/RFC9396"/>
        </reference>
        <reference anchor="RFC9449">
          <front>
            <title>OAuth 2.0 Demonstrating Proof of Possession (DPoP)</title>
            <author fullname="D. Fett" initials="D." surname="Fett"/>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="D. Waite" initials="D." surname="Waite"/>
            <date month="September" year="2023"/>
            <abstract>
              <t>This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks with access and refresh tokens.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9449"/>
          <seriesInfo name="DOI" value="10.17487/RFC9449"/>
        </reference>
        <reference anchor="RFC7662">
          <front>
            <title>OAuth 2.0 Token Introspection</title>
            <author fullname="J. Richer" initials="J." role="editor" surname="Richer"/>
            <date month="October" year="2015"/>
            <abstract>
              <t>This specification defines a method for a protected resource to query an OAuth 2.0 authorization server to determine the active state of an OAuth 2.0 token and to determine meta-information about this token. OAuth 2.0 deployments can use this method to convey information about the authorization context of the token from the authorization server to the protected resource.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7662"/>
          <seriesInfo name="DOI" value="10.17487/RFC7662"/>
        </reference>
        <reference anchor="RFC8414">
          <front>
            <title>OAuth 2.0 Authorization Server Metadata</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <date month="June" year="2018"/>
            <abstract>
              <t>This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server, including its endpoint locations and authorization server capabilities.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8414"/>
          <seriesInfo name="DOI" value="10.17487/RFC8414"/>
        </reference>
        <reference anchor="RFC7519">
          <front>
            <title>JSON Web Token (JWT)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <date month="May" year="2015"/>
            <abstract>
              <t>JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7519"/>
          <seriesInfo name="DOI" value="10.17487/RFC7519"/>
        </reference>
        <reference anchor="RFC9728">
          <front>
            <title>OAuth 2.0 Protected Resource Metadata</title>
            <author fullname="M.B. Jones" initials="M.B." surname="Jones"/>
            <author fullname="P. Hunt" initials="P." surname="Hunt"/>
            <author fullname="A. Parecki" initials="A." surname="Parecki"/>
            <date month="April" year="2025"/>
            <abstract>
              <t>This specification defines a metadata format that an OAuth 2.0 client or authorization server can use to obtain the information needed to interact with an OAuth 2.0 protected resource.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9728"/>
          <seriesInfo name="DOI" value="10.17487/RFC9728"/>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-actor-profile">
          <front>
            <title>OAuth Actor Profile for Delegation</title>
            <author fullname="Karl McGuinness" initials="K." surname="McGuinness">
              <organization>Independent</organization>
            </author>
            <date day="30" month="April" year="2026"/>
            <abstract>
              <t>   OAuth deployments increasingly involve agents and workloads acting on
   behalf of human users across organizational boundaries.  Existing
   specifications provide relevant building blocks (notably the act
   claim from RFC 8693 Token Exchange) but do not define a consistent
   profile for representing delegated actor relationships across JWT
   assertion grants (RFC 7523), JWT access tokens (RFC 9068), and
   Transaction Tokens, nor for classifying actor entity types or
   signaling support between authorization servers and resource servers.
   The result is inconsistent actor representation and actor-
   representation interoperability gaps that force deployments to rely
   on proprietary conventions.

   This document defines the OAuth Actor Profile for Delegation.  It
   specifies a common act claim structure extended with sub_profile for
   entity-type classification, processing rules for authorization
   servers and resource servers across the three token families and
   their Token Exchange inputs, and OAuth discovery metadata parameters
   for advertising actor-profile support.  The profile applies uniformly
   across token types and integrates with existing sender-constraint
   mechanisms (DPoP, mTLS).  It does not standardize the policies by
   which systems determine whether a given actor is permitted to act for
   a subject; those decisions remain deployment-specific.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-mcguinness-oauth-actor-profile-00"/>
        </reference>
        <reference anchor="ISO4217">
          <front>
            <title>ISO 4217:2015, Codes for the representation of currencies and funds</title>
            <author>
              <organization>International Organization for Standardization</organization>
            </author>
            <date year="2015" month="August"/>
          </front>
          <seriesInfo name="ISO" value="4217:2015"/>
        </reference>
        <reference anchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="RFC8126">
          <front>
            <title>Guidelines for Writing an IANA Considerations Section in RFCs</title>
            <author fullname="M. Cotton" initials="M." surname="Cotton"/>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <author fullname="T. Narten" initials="T." surname="Narten"/>
            <date month="June" year="2017"/>
            <abstract>
              <t>Many protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).</t>
              <t>To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.</t>
              <t>This is the third edition of this document; it obsoletes RFC 5226.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="26"/>
          <seriesInfo name="RFC" value="8126"/>
          <seriesInfo name="DOI" value="10.17487/RFC8126"/>
        </reference>
        <reference anchor="RFC6750">
          <front>
            <title>The OAuth 2.0 Authorization Framework: Bearer Token Usage</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="D. Hardt" initials="D." surname="Hardt"/>
            <date month="October" year="2012"/>
            <abstract>
              <t>This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6750"/>
          <seriesInfo name="DOI" value="10.17487/RFC6750"/>
        </reference>
        <reference anchor="RFC7009">
          <front>
            <title>OAuth 2.0 Token Revocation</title>
            <author fullname="T. Lodderstedt" initials="T." role="editor" surname="Lodderstedt"/>
            <author fullname="S. Dronia" initials="S." surname="Dronia"/>
            <author fullname="M. Scurtescu" initials="M." surname="Scurtescu"/>
            <date month="August" year="2013"/>
            <abstract>
              <t>This document proposes an additional endpoint for OAuth authorization servers, which allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed. This allows the authorization server to clean up security credentials. A revocation request will invalidate the actual token and, if applicable, other tokens based on the same authorization grant.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7009"/>
          <seriesInfo name="DOI" value="10.17487/RFC7009"/>
        </reference>
        <reference anchor="RFC8935">
          <front>
            <title>Push-Based Security Event Token (SET) Delivery Using HTTP</title>
            <author fullname="A. Backman" initials="A." role="editor" surname="Backman"/>
            <author fullname="M. Jones" initials="M." role="editor" surname="Jones"/>
            <author fullname="M. Scurtescu" initials="M." surname="Scurtescu"/>
            <author fullname="M. Ansari" initials="M." surname="Ansari"/>
            <author fullname="A. Nadalin" initials="A." surname="Nadalin"/>
            <date month="November" year="2020"/>
            <abstract>
              <t>This specification defines how a Security Event Token (SET) can be delivered to an intended recipient using HTTP POST over TLS. The SET is transmitted in the body of an HTTP POST request to an endpoint operated by the recipient, and the recipient indicates successful or failed transmission via the HTTP response.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8935"/>
          <seriesInfo name="DOI" value="10.17487/RFC8935"/>
        </reference>
        <reference anchor="RFC9493">
          <front>
            <title>Subject Identifiers for Security Event Tokens</title>
            <author fullname="A. Backman" initials="A." role="editor" surname="Backman"/>
            <author fullname="M. Scurtescu" initials="M." surname="Scurtescu"/>
            <author fullname="P. Jain" initials="P." surname="Jain"/>
            <date month="December" year="2023"/>
            <abstract>
              <t>Security events communicated within Security Event Tokens may support a variety of identifiers to identify subjects related to the event. This specification formalizes the notion of Subject Identifiers as structured information that describes a subject and named formats that define the syntax and semantics for encoding Subject Identifiers as JSON objects. It also establishes a registry for defining and allocating names for such formats as well as the JSON Web Token (JWT) "sub_id" Claim.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9493"/>
          <seriesInfo name="DOI" value="10.17487/RFC9493"/>
        </reference>
        <reference anchor="RFC9700">
          <front>
            <title>Best Current Practice for OAuth 2.0 Security</title>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="A. Labunets" initials="A." surname="Labunets"/>
            <author fullname="D. Fett" initials="D." surname="Fett"/>
            <date month="January" year="2025"/>
            <abstract>
              <t>This document describes best current security practice for OAuth 2.0. It updates and extends the threat model and security advice given in RFCs 6749, 6750, and 6819 to incorporate practical experiences gathered since OAuth 2.0 was published and covers new threats relevant due to the broader application of OAuth 2.0. Further, it deprecates some modes of operation that are deemed less secure or even insecure.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="240"/>
          <seriesInfo name="RFC" value="9700"/>
          <seriesInfo name="DOI" value="10.17487/RFC9700"/>
        </reference>
        <reference anchor="FAPI.GrantManagement" target="https://openid.net/specs/fapi-grant-management-01.html">
          <front>
            <title>Grant Management for OAuth 2.0</title>
            <author>
              <organization>OpenID Foundation</organization>
            </author>
            <date year="2022"/>
          </front>
        </reference>
        <reference anchor="MCP" target="https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization">
          <front>
            <title>Model Context Protocol: Authorization</title>
            <author>
              <organization>Model Context Protocol Project</organization>
            </author>
            <date year="2025"/>
          </front>
        </reference>
        <reference anchor="AuthZEN.ARAP" target="https://openid.github.io/authzen/authzen-access-request-approval-profile-1_0.html">
          <front>
            <title>OpenID AuthZEN Access Request and Approval Profile 1.0</title>
            <author>
              <organization>OpenID Foundation</organization>
            </author>
            <date year="2025"/>
          </front>
        </reference>
        <reference anchor="I-D.draft-klrc-aiagent-auth">
          <front>
            <title>AI Agent Authentication and Authorization</title>
            <author fullname="Pieter Kasselman" initials="P." surname="Kasselman">
              <organization>Defakto Security</organization>
            </author>
            <author fullname="Jeff Lombardo" initials="J." surname="Lombardo">
              <organization>AWS</organization>
            </author>
            <author fullname="Yaroslav Rosomakho" initials="Y." surname="Rosomakho">
              <organization>Zscaler</organization>
            </author>
            <author fullname="Brian Campbell" initials="B." surname="Campbell">
              <organization>Ping Identity</organization>
            </author>
            <author fullname="Nick Steele" initials="N." surname="Steele">
              <organization>OpenAI</organization>
            </author>
            <author fullname="Aaron Parecki" initials="A." surname="Parecki">
              <organization>Okta</organization>
            </author>
            <date day="1" month="June" year="2026"/>
            <abstract>
              <t>   This document proposes best practices for authentication and
   authorization of AI agent interactions.  It leverages existing
   standards such as the Workload Identity in Multi-System Environments
   (WIMSE) architecture and OAuth 2.0 family of specifications.  Rather
   than defining new protocols, this document describes how existing and
   widely deployed standards can be applied or extended to establish
   agent authentication and authorization.  By doing so, it aims to
   provide a framework within which to use existing standards, identify
   gaps and guide future standardization efforts for agent
   authentication and authorization.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-klrc-aiagent-auth-02"/>
        </reference>
        <reference anchor="I-D.draft-ietf-oauth-transaction-tokens">
          <front>
            <title>Transaction Tokens</title>
            <author fullname="Atul Tulshibagwale" initials="A." surname="Tulshibagwale">
              <organization>CrowdStrike</organization>
            </author>
            <author fullname="George Fletcher" initials="G." surname="Fletcher">
              <organization>Practical Identity LLC</organization>
            </author>
            <author fullname="Pieter Kasselman" initials="P." surname="Kasselman">
              <organization>Defakto Security</organization>
            </author>
            <date day="6" month="July" year="2026"/>
            <abstract>
              <t>   Transaction Tokens (Txn-Tokens) are designed to maintain and
   propagate user identity, workload identity and authorization context
   throughout the Call Chain within a trusted domain during the
   processing of external requests (e.g. such as API calls) or requests
   initiated internally within the Trust Domain.  Txn-Tokens ensure that
   this context is preserved throughout the Call Chain thereby enhancing
   security and consistency in complex, multi-service architectures.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-oauth-transaction-tokens-09"/>
        </reference>
        <reference anchor="I-D.draft-niyikiza-oauth-attenuating-agent-tokens">
          <front>
            <title>Attenuating Authorization Tokens for Agentic Delegation Chains</title>
            <author fullname="Niki Aimable" initials="N." surname="Aimable">
              <organization>Tenuo</organization>
            </author>
            <date day="15" month="June" year="2026"/>
            <abstract>
              <t>   This document defines Attenuating Authorization Tokens (AATs), a
   signed credential format for task-scoped delegation in AI agent
   systems.  An AAT encodes the tools an agent may invoke and the
   argument constraints that apply to those invocations.  A token holder
   authorized to delegate can derive a token offline with equal or
   narrower authority, subject to the parent token's depth and lifetime
   limits.  The resulting delegation chain is verifiable offline by any
   enforcement point that has the root issuer's trust anchor key.

   This specification profiles the OAuth Rich Authorization Requests
   format (RFC 9396) for tool-level capability claims, adds delegation-
   chain claims, and defines a core constraint vocabulary for argument
   restrictions.  The chain verification algorithm authenticates each
   delegation step and enforces monotonic attenuation without network
   contact with the root issuer.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-niyikiza-oauth-attenuating-agent-tokens-01"/>
        </reference>
        <reference anchor="I-D.draft-cecchetti-oauth-rar-cedar">
          <front>
            <title>Cedar Profile for OAuth 2.0 Rich Authorization Requests</title>
            <author fullname="Sarah Cecchetti" initials="S." surname="Cecchetti">
              <organization>Amazon</organization>
            </author>
            <date day="21" month="February" year="2024"/>
            <abstract>
              <t>   This specification defines a profile of OAuth 2.0 Rich Authorization
   Requests in Cedar policy format within the authorization_details JSON
   object.  Authorization servers and resource servers from different
   vendors can leverage this profile to distribute and recieve relevant
   Cedar policy sets in an interoperable manner.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-cecchetti-oauth-rar-cedar-02"/>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-client-instance-assertion">
          <front>
            <title>OAuth 2.0 Client Instance Assertion</title>
            <author fullname="Karl McGuinness" initials="K." surname="McGuinness">
              <organization>Independent</organization>
            </author>
            <date day="24" month="June" year="2026"/>
            <abstract>
              <t>   This specification defines the Client Instance Assertion: a signed
   JWT identifying a concrete runtime instance of an OAuth 2.0 client.
   It registers the client_instance_assertion request parameter for
   carrying the assertion at the OAuth 2.0 token endpoint on the
   authorization_code, client_credentials, refresh_token, and JWT bearer
   (RFC 7523) grants; on the token-exchange grant (RFC 8693), the same
   assertion is presented as actor_token with actor_token_type set to
   urn:ietf:params:oauth:token-type:client-instance-jwt, also registered
   by this specification.

   This specification does not introduce a new client_instance
   identifier in protocol messages.  Instead, it defines client metadata
   parameters (applicable to clients identified by a Client ID Metadata
   Document (CIMD) or registered via OAuth Dynamic Client Registration
   (RFC 7591)) that let a client_id identify a logical client whose
   concrete runtime instances are authenticated by one or more trusted
   instance issuers (for example, workload identity systems).

   The Authorization Server validates the instance assertion and
   represents the instance either as an act claim, when another
   principal is present (e.g., a user delegating to the instance), or as
   the access token's sub, when the instance itself is the principal
   (e.g., a client credentials grant).  The issued access token is
   sender-constrained to a key the instance possesses.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-mcguinness-oauth-client-instance-assertion-01"/>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-ai-agent-instance">
          <front>
            <title>OAuth 2.0 AI Agent Instance Profile</title>
            <author fullname="Karl McGuinness" initials="K." surname="McGuinness">
              <organization>Independent</organization>
            </author>
            <date day="4" month="July" year="2026"/>
            <abstract>
              <t>   This specification profiles the OAuth 2.0 Client Instance Assertion
   for AI agent deployments, where a single OAuth client identifier
   represents an agent platform running many concurrent agent instances.
   It defines claims that convey an attested agent instance identifier
   and agent provenance (platform, model, runtime environment) from an
   agent attester to the authorization server, rules for surfacing that
   identity in issued access tokens, and delegation-chain semantics for
   agents that spawn sub-agents.  The claims are carrier-independent:
   they may be conveyed in a Client Instance Assertion or in a Client
   Attestation defined by OAuth 2.0 Attestation-Based Client
   Authentication.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-mcguinness-oauth-ai-agent-instance-00"/>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-mission-status" target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-oauth-mission-status.html">
          <front>
            <title>Mission Status and Lifecycle for OAuth 2.0</title>
            <author initials="K." surname="McGuinness" fullname="Karl McGuinness">
              <organization/>
            </author>
            <date year="2026"/>
          </front>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-mission-signals" target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-oauth-mission-signals.html">
          <front>
            <title>Mission Lifecycle Signals for OAuth 2.0</title>
            <author initials="K." surname="McGuinness" fullname="Karl McGuinness">
              <organization/>
            </author>
            <date year="2026"/>
          </front>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-mission-cross-domain" target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-oauth-mission-cross-domain.html">
          <front>
            <title>Mission Cross-Domain Projection for OAuth 2.0</title>
            <author initials="K." surname="McGuinness" fullname="Karl McGuinness">
              <organization/>
            </author>
            <date year="2026"/>
          </front>
        </reference>
        <reference anchor="I-D.draft-mcguinness-mission-runtime" target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-mission-runtime.html">
          <front>
            <title>Mission-Bound Runtime Enforcement</title>
            <author initials="K." surname="McGuinness" fullname="Karl McGuinness">
              <organization/>
            </author>
            <date year="2026"/>
          </front>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-mission-expansion" target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-oauth-mission-expansion.html">
          <front>
            <title>Mission Expansion for OAuth 2.0</title>
            <author initials="K." surname="McGuinness" fullname="Karl McGuinness">
              <organization/>
            </author>
            <date year="2026"/>
          </front>
        </reference>
        <reference anchor="I-D.draft-mcguinness-mission-metering" target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-mission-metering.html">
          <front>
            <title>Mission Consumption Metering</title>
            <author initials="K." surname="McGuinness" fullname="Karl McGuinness">
              <organization/>
            </author>
            <date year="2026"/>
          </front>
        </reference>
        <reference anchor="I-D.draft-mcguinness-oauth-mission-consent-evidence" target="https://mcguinness.github.io/mission-bound-authorization/draft-mcguinness-oauth-mission-consent-evidence.html">
          <front>
            <title>Mission Consent Evidence for OAuth 2.0</title>
            <author initials="K." surname="McGuinness" fullname="Karl McGuinness">
              <organization/>
            </author>
            <date year="2026"/>
          </front>
        </reference>
      </references>
    </references>
    <?line 2979?>

<section anchor="e2e-example">
      <name>End-to-End Example (Non-Normative)</name>
      <t>This appendix walks one Mission from an agent through Mission
creation, token issuance, and Resource Server enforcement in a single
trust domain. It is illustrative and adds no normative requirements.
The OAuth pieces use the rules in this document; the identity setup is
by reference to <xref target="I-D.draft-klrc-aiagent-auth"/>. Identifiers and hash
values are illustrative and are not computed from the displayed JSON.</t>
      <t>This walkthrough is the baseline issuance path: stateless enforcement
bounded only by token lifetime. No stage calls back to the AS for
Mission state; each party enforces from the credential it holds.
Stage 3 notes where the <bcp14>OPTIONAL</bcp14> runtime layer adds a point-of-use
check.</t>
      <t>Scenario: agent <tt>s6BhdRkqt3</tt>, acting for <tt>alice</tt>
(<tt>user_3p2q8mN1a0kV7tR</tt>), reconciles Q3 invoices in the home ERP
under Mission <tt>msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-</tt>.</t>
      <section anchor="stage-0-agent-identity-by-reference">
        <name>Stage 0: Agent Identity (by Reference)</name>
        <t>The agent is an OAuth client with a workload identity (for example a
WIMSE or SPIFFE identity), and <tt>alice</tt> has delegated to it through an
ordinary authorization-code flow, per
<xref target="I-D.draft-klrc-aiagent-auth"/>: <tt>client_id</tt> is the agent and the
token <tt>sub</tt> is <tt>alice</tt>. This document adds the Mission layer on top of
that identity; Stage 0 is otherwise unchanged from that specification.</t>
      </section>
      <section anchor="stage-1-mission-creation">
        <name>Stage 1: Mission Creation</name>
        <t>The agent submits this Mission Intent through PAR (<xref target="mission-intent"/>):</t>
        <sourcecode type="json"><![CDATA[
{
  "goal": "Reconcile Q3 invoices and post adjustments under $500.",
  "resources": ["https://erp.example.com"],
  "constraints": [
    "Read only invoices issued in 2026-Q3.",
    "Post journal entries under $500."
  ],
  "success_criteria": [
    "All Q3 invoices reconciled.",
    "Each posted adjustment references a source invoice."
  ],
  "purpose": "urn:example:purpose:reconcile",
  "expires_at": "2026-12-31T23:59:59Z",
  "controls": {
    "acr": "urn:example:acr:mfa",
    "max_derivations": 200
  }
}
]]></sourcecode>
        <t>The AS (<tt>as.example.com</tt>) validates it, derives this Authority Set,
and renders it for <tt>alice</tt>'s consent:</t>
        <sourcecode type="json"><![CDATA[
[
  { "type": "mission_resource_access",
    "resource": "https://erp.example.com",
    "actions": ["invoices.read"],
    "constraints": {
      "resource_issued_after": "2026-07-01T00:00:00Z",
      "resource_issued_before": "2026-09-30T23:59:59Z"
    },
    "delegation": {
      "max_depth": 2,
      "allowed_delegates": [{ "sub_profile": "ai_agent" }]
    } },
  { "type": "mission_resource_access",
    "resource": "https://erp.example.com",
    "actions": ["journal-entries.write"],
    "constraints": {
      "max_amount": { "amount": "500.00", "currency": "USD" }
    } }
]
]]></sourcecode>
        <t>After approval, the AS records Mission
<tt>msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-</tt> in the <tt>active</tt> state with
<tt>authority_hash</tt>
          <tt>sha-256:l3KvZ4mP5x0wQrR6tY2nD9bM7sX1cF8gH2vJ4kE5pNQ</tt> and
<tt>intent_hash</tt>
          <tt>sha-256:wQ7p4LHnX9Md0LqJ6sZJ8b8mZ3rN2xT5pV4lE6sQqYY</tt>.</t>
      </section>
      <section anchor="stage-2-mission-bound-token-issuance">
        <name>Stage 2: Mission-Bound Token Issuance</name>
        <t>The agent redeems the authorization code at the token endpoint. The
AS resolves the Mission from the grant (<xref target="grant-binding"/>), gates on
it being <tt>active</tt> (<xref target="lifecycle"/>), and issues a Mission-bound access
token for the ERP, echoing the granted <tt>authorization_details</tt> in the
token response (<xref target="mission-bound-tokens"/>). The decoded token:</t>
        <sourcecode type="json"><![CDATA[
{
  "iss": "https://as.example.com",
  "sub": "user_3p2q8mN1a0kV7tR",
  "aud": "https://erp.example.com",
  "client_id": "s6BhdRkqt3",
  "iat": 1797840000,
  "exp": 1797840300,
  "jti": "at_9Kp2vN7sR1tY8mZ3qX5b",
  "authorization_details": [
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["invoices.read"],
      "constraints": {
        "resource_issued_after": "2026-07-01T00:00:00Z",
        "resource_issued_before": "2026-09-30T23:59:59Z"
      },
      "delegation": {
        "max_depth": 2,
        "allowed_delegates": [{ "sub_profile": "ai_agent" }]
      } },
    { "type": "mission_resource_access",
      "resource": "https://erp.example.com",
      "actions": ["journal-entries.write"],
      "constraints": {
        "max_amount": { "amount": "500.00", "currency": "USD" }
      } }
  ],
  "cnf": { "jkt": "0ZcOCORZNYy-DWpqq30jZyJGHTN0d2HglBV3uiguA4I" },
  "mission": {
    "id": "msn_8RfX2Lqv9TqMv4z7sA2bN1k0YpEdHc9-",
    "issuer": "https://as.example.com",
    "authority_hash":
      "sha-256:l3KvZ4mP5x0wQrR6tY2nD9bM7sX1cF8gH2vJ4kE5pNQ"
  }
}
]]></sourcecode>
        <t>Everything enforcement needs is in the token: the audience, the
sender-constraint (<tt>cnf</tt>), the authority with its constraints, and the
<tt>mission</tt> claim carrying the <tt>authority_hash</tt> consent anchor. The
token is short-lived (300 s) and its <tt>exp</tt> is far below
<tt>expires_at</tt>; revoking the Mission stops further derivation, and
this token dies at its own expiry (<xref target="revocation"/>).</t>
      </section>
      <section anchor="stage-3-the-resource-server-enforces">
        <name>Stage 3: The Resource Server Enforces</name>
        <t>The agent calls the ERP Resource Server (<tt>erp.example.com</tt>) with that
token. The Resource Server validates the JWT and the <tt>cnf</tt> binding and
enforces the <tt>authorization_details</tt> whose <tt>resource</tt> it serves,
permitting <tt>invoices.read</tt> within the Q3 issuance window and
<tt>journal-entries.write</tt> up to the <tt>max_amount</tt> ceiling of 500.00 USD
(<xref target="rs-enforcement"/>). It treats the <tt>mission</tt> claim as audit and
correlation context and makes no call to the AS.</t>
        <t>This is stateless enforcement from the token alone.
<tt>journal-entries.write</tt> is a consequential write, so where the
deployment runs the runtime profile
(<xref target="I-D.draft-mcguinness-mission-runtime"/>) it also obtains a
point-of-use PDP permit against current Mission state before
executing. The baseline bounds the write only by token lifetime and
the carried constraints.</t>
        <t>The cross-domain continuation of this same Mission, projected to a
partner ERP in another trust domain and enforced there, is walked
through in the companion's end-to-end example
(<xref target="I-D.draft-mcguinness-oauth-mission-cross-domain"/>).</t>
      </section>
    </section>
    <section anchor="test-vectors">
      <name>Integrity Anchor Test Vectors</name>
      <t>These non-normative vectors let an implementation verify its anchor
computation (<xref target="integrity-anchors"/>, <xref target="canonicalization"/>) byte for byte.
Both use the issuer <tt>https://as.example.com</tt>. Each canonical-bytes block
is the exact JCS <xref target="RFC8785"/> output: a single line, UTF-8, with no
whitespace outside string values.
It is shown here wrapped only for layout; remove the layout line breaks,
adding no characters, to recover the canonical form. Note that JCS sorts
object member names (so <tt>iss</tt> precedes <tt>typ</tt> precedes <tt>value</tt>, within
an entry <tt>actions</tt> precedes <tt>constraints</tt> precedes <tt>resource</tt> precedes
<tt>type</tt>, and within <tt>max_amount</tt> <tt>amount</tt> precedes <tt>currency</tt>) and
preserves array order.</t>
      <t><tt>intent_hash</tt>, over this Mission Intent as the envelope <tt>value</tt> with
<tt>typ</tt> <tt>mission-intent</tt>:</t>
      <sourcecode type="json"><![CDATA[
{
  "goal": "Reconcile Q3 invoices",
  "resources": ["https://erp.example.com"],
  "expires_at": "2026-12-31T23:59:59Z"
}
]]></sourcecode>
      <t>Canonical bytes of the envelope:</t>
      <sourcecode type="text"><![CDATA[
{"iss":"https://as.example.com","typ":"mission-intent","value":{"e
xpires_at":"2026-12-31T23:59:59Z","goal":"Reconcile Q3 invoices","
resources":["https://erp.example.com"]}}
]]></sourcecode>
      <sourcecode type="text"><![CDATA[
intent_hash = sha-256:6mIFoCz79uCHNzKLfBpBwqFjoFXdpmpuc65486IqimQ
]]></sourcecode>
      <t><tt>authority_hash</tt>, over this Authority Set as the envelope <tt>value</tt> with
<tt>typ</tt> <tt>mission-authority-set</tt>:</t>
      <sourcecode type="json"><![CDATA[
[
  { "type": "mission_resource_access",
    "resource": "https://erp.example.com",
    "actions": ["invoices.read"] },
  { "type": "mission_resource_access",
    "resource": "https://erp.example.com",
    "actions": ["journal-entries.write"],
    "constraints": {
      "max_amount": { "amount": "500.00", "currency": "USD" }
    } }
]
]]></sourcecode>
      <t>Canonical bytes of the envelope:</t>
      <sourcecode type="text"><![CDATA[
{"iss":"https://as.example.com","typ":"mission-authority-set","val
ue":[{"actions":["invoices.read"],"resource":"https://erp.example.
com","type":"mission_resource_access"},{"actions":["journal-entrie
s.write"],"constraints":{"max_amount":{"amount":"500.00","currency
":"USD"}},"resource":"https://erp.example.com","type":"mission_res
ource_access"}]}
]]></sourcecode>
      <sourcecode type="text"><![CDATA[
authority_hash = sha-256:vUCCfjGulit9u0qJ0Z6pQSNerZtXMqRlfJNCr4PzLro
]]></sourcecode>
      <t>An implementation that canonicalizes the same <tt>value</tt> under the same
<tt>typ</tt> and <tt>iss</tt>, computes SHA-256, and encodes as <tt>sha-256:</tt> followed by
base64url with no padding (<xref target="integrity-anchors"/>) reproduces these
anchors exactly. A divergence indicates a JCS or encoding difference to
resolve before interoperating.</t>
    </section>
    <section numbered="false" anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>This work builds on the OAuth 2.0 Rich Authorization Requests, Pushed
Authorization Requests, and JWT access token specifications, and is
intended to complement agent-identity work including
<xref target="I-D.draft-klrc-aiagent-auth"/>.</t>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA+y9+3rbVpYv+D+eAiPPOZHUJCPJd6m6+iiOU3EqvpTlVDrp
rz4LJCEJMQkwAGiZcdzPMs8yTzbrty77AoCyk+o6Xd83J9NnSiaJjX1Ze93X
b43H46Qt2kV+nO48LZqmqMrxF9W6nKen6/aqqotfspY+Sy+qOn2Oj9KjycFO
kk2ndf6WnpHP9MmdZJa1+WVVb47Tpp0nybyaldmSxp7X2UU7Xs4u10VZ5k0z
rjJ6brzUNx4cJM16qv9qNyt64snjV18l11X95rKu1qvj9Pt82pnSi7pqq1m1
SMr1cprXx8mcXn6czKqyyctm3Rynbb3OE5rl7eRNvqGx5sdJOk751fhD34c/
s8u8bPmP8BX4oM5q/M+K/udtXq7pBWl6WbRX6ymt3i/oc1vKFJs3jobZoUcW
NLempUeu2nbVHH/+uX90IsNNiuqmQT6/eQsnV+1ysZMk8gzWSS9N04v1YiEn
8OesXqRPZ3/Sp/nbqr7MSh2fdryc56uc/n/YCfovX2bF4jhdraeLYva/3tDz
wZxn1TJJyqpe0sNveVNefvXo9u3bD+3Phw/u6Z/3jm7fsT/v37Ef3L93235w
/8HBgf754Oiu/eDBvYe37c/7D+66Pw+CP+/rnw8P7j2wPw+PbNyHtx+6P+8E
L753ZCPcObSZ3b97aD94eP+IB3sy/nKyZdOzWVvV41VdXRQLXvyTs+d3jg55
Omlq94k+TPnTo4PDu6P0UTXPG75I7VWe1vmqzolQWyHm6iKdres6L2cF/Sij
+3dBJNDs8IDuUFM9NRxWm9clP5st0ufBQfIbzloaIqvnjpDpP74eKeYyPnjA
nzR5TW8ryovKxqYp08TdpImg8G18yg/8Dt+7f9dO7v7BgTu5h7fvun13h/jw
vpzyV6cvnkz+VGdl+zQr6d4taQ/ifeMvU/9tl/nwb7P6Mqf7ZNepIsot5pMy
bz9vVvms+fwiWxXjS4w0XrqRxgeHfFEGdnUs+/qcxnnyZfoVLmB/646O6J9P
H72I5/uUDnZBx0tH8q51bOk4ZlfD017i0Zk8udIHwQiwhuKimMnVpxfTmd0b
Hz74fJo1xezzDpfatpjhieGPn/JZG6/sLv0TE/7x8bPJ6cvTzhJ1W/QH6els
RpchfZn/vCauxuR6uqL5v814dNyK9PAjR+W5Hub+S17a/9LtwujjWkYfZzqy
3bfx4euDv+8U70a3+82ino2zgkUA89z48hd5e6HXviVyaujug0W31RuSMvFP
y2JTvKFTMS7RtiQx6P3l5VhGH3pols9mV3nbFvoUCRz6jC7vR3jQbFFgyKJs
6K7P8nHW0HVmTv4R3lXoZOzJj/zeZBL9uF03HcqX78Bu6Dumg2+Li3y2mREB
fMKt/S8WgjrHrcSh/5umtHSSiJOuPMR/26WlI597n7hhxSXx5i075rfpTH72
37Jd8up/kv2a1RV9Nq9I7SiHN+0R/+JL/oVxsQHl9H/H1oWT/W/bP5tMvS7b
YpkPbppq8y/lJ+ljiPMZC8N/1EZ1ZvVPQl35uxUxb2WPfdJ6bF//dxCTm9t/
OyUtc1IrSV5tuX9kWq2XK75zT/WX/2gqshn9k5CRWJftOH9bkKE0G75zvFFQ
XB/rr/5bOFRnpv/4DUzGYzKgpw2pSaRdJqdlevpELOu0aFIy60mfXSw2ZD6T
JZ1mZn8f059t1rxJ24qMzbpZ5yltYZasSZ/5rEmn+VW2uJj47aPB6DekbYgS
KjoV73BRzgta7TpbJGRbVWtidKlqkc0ona5pHm16lTVpWaXzdZ1NF/koFfUy
n6cZaU8XNHMyz7I2aWGH0T41ub2BpgfDrSpzmW6WYoY0jXbNy7LTyeeT9JSm
hzmsFy29oZRdoMXob9oNdiRLSRtfqAwjA7DwBvhik1TTlmQLzUtff01EgYk3
V1mdz2nU9bxosYSUiSOrNyNWwGRanzWJ6c141bxoiB5KehcNeFFXy/SaFsnr
kQOCf6JO51XeTJLk1RUeqWZrtr7m+QXNA9N96g+MDnlNC+eZXK3JwhrbPo7I
ZGzzSyxSyDb2qfhtju4EbVkqGm3KnqCW5m/vY2O3xGzran15lb5YN1d510Gl
tkhzgkUl8Xdnef0WqyNG8pYW8rKYXW15uuP/med0BtDNsGMFHeWUzqiRbTOy
EVqgZdKc9RXz4JzbKsHPxTxigtaL6ZbTXlep2zIaaUZPNnKWdT6r6jloScnV
tmRCrCWvN9EdcC+nPc/FyWAbOMtqWPoJKDuYm5DLjt7DHTqArFjKm3HHYByA
eC4zUA0Ng53VIWkdC6fCQu3O6Yau1B0xy1bZtFgUfIeco4N2c5FfKhEsq/JS
SE8pG9MVajiFc8WZkTQZmlGTqkVME5nSxJNZtSSZSUON0kXegiBJRvj9Ia6R
XlVlVeMsWFeDM5BMVdHYmkkKGk8KOUu3WKz8EsdU8j9tZ+h2bPJ6h9500dLu
hlNJ1JbCpcWWwmPpKfskVSUozb3ehaueZ0SCYkkyJ0iafJXVtIujtLJd5JdO
hKsui/l8kSfJLdyFupqv+VHisQNvb9YYu0nfv7/Bxv3wISF6J5Iq6C41tFfX
YFOOX+MnGBP+XLHr+BfC8fQciZ5CMif6Pw4YClZVBkz7/Xv1/334oBc9kWnb
mZ7Lp6+L+fmIxzFyIULh1+phhSSfnBOzOBeKBXHKq4VzRpJBPG4iEhq+qXxt
IRwK+hzkQDcD2wcqLaY5zoJ4+iLP3rIcqHPi+lc0lyat1nyExFDhp9adMwaP
YZNdvMBdqz2eOVwHC75IdNermM+Mgt0NGTe9hW8sz5UGoXvFLBenm5kEcwx1
ZOeUCDMXpuBom05704iswGk5/i9CTLkZkdv3dBuxRH4z0yD/7DJbYQpF+bZo
CryWxsiZB3mpK8fNd5OkZNkSlwKd20SCX9LW0gKLOU+ZL4PK6ST6DZl5vM2j
dEOXvKz4BNLZVT57Q2zjKqeJyexEf9DVJI430zubtlgsnOCe5hhAtAyI6WCT
IBiJUkQXIdnNfILGkz2+aPVNqpW4M4I6schWDThkTePTaOBndO2uy1EyzWcZ
PQG5LVehmsJoTVW7UN2CxuPd0ItkC/rMXTBz0eObGREA7g29W460yWdEFLQd
YJf4BXOBonUP437TLInUc1IsaI50QLSQMlBYujLfWFwjZMCkTBsnLCl9EigF
yf6+8tz9/Y8oBmlXMRByGVYPcCVzyMq2LkhzM0ZpfH52xV6C5FB/F6kO0TRS
N0HVI/b3afbNjIbFksA2WBsnAtq9rLLFSDVzzy9GLLLpBtP8mz2oyW2ezXE7
lWhpHIxBRy7kSjrUkcxrUA/ZPT3bc8rI/n68flU59vcx4i5zTcQxPnzYE664
v3/qmO5Z3mLTW9koIow2DzWPYGVlns9pVreJ5OGuxVuNgOkSY09kdFNTTElR
rTdjZ7Eb2jHc9PSMfrnkPXfXMGvkDecFb/dror2rc9p0eobncxVO0v3YfRT+
3itAxu0wQkBxk+TOoCrk5ZAJg61Kke1TR3WLj0NVJZqncvVzUZZomtM8q5UA
MHp3IWAyL80YUQJQZaARxWlB06ZrCR3TBuFFTJK7REQxE5c9uSDSJBFfgxqc
cmbL4jFxnk3FRJm/rd6A0Ik75e9WRa1EH/y+WjXBhrGuK7umy7pY18xo3cqY
XbBAJftG5DL0ykiUNGbVEWHmRjD4ldLdKCF2Tr9Z5bV5+uXypBy0GYmkko0n
cbTgyyICxx2xynu9SpG0scMl4uqeiFhOqmin02z2JlGmq0Qf6u8nNMWragHa
YWmcc0g1je4gvaxMaGbFxYaNBKEV/1RVwjokG7quq2sanLhUQ0/tElFX12As
eUY7XiehTxEB53azl+LLFhqL3pRo7gW/GvuIe7Jcrds8IZZhlj+MFTpCYh3G
35lrmiJ1UdQNazIwQLzWI/KEGUiR1w1ze1jsZD3QcSrnNoJ0Zii0fWeAguYk
dMW2Q8oc5WINdpzwYanWQyKLDgxCen1xUcwKi/Vl6aK6HtcFUQ9k2QX9i34L
U5wouGowTKGqjOiODe1GqycPswQqt5CObHpAuiy8yMyFNpHkRIhrzDDQYUQr
b46dVkdkzBeIt5UIVWQvjUj2xbJak5CWJ4TJ8tbSFlYgeNpA4atDZgALU5yX
fjk2O555vTcyzDRYbMBL5vlqUW14AKIB2hNWZ+GuqNNQdR2ly6ydXdltD19M
ZEOvdA4Nt65ZnhA1sGLIQlSss3lF1HPrVvr9FYj4WX6dPmcdJklEo8kWRKLz
DasYot1gJzLw2kL2RFwvJfSvIjaemaSwqnO++udQg+D+qcN7K5z4tXLic1pK
W2+SSDSCLogbYTO8aOGX5kWsI9LaGzBhnD+9JfFGLBwwNHW6kTShMhYnonmA
yMYLFhIrF3w44e0//6ktzlNn0AS63QiE5t6PtRr/lqHZOK75emFj5CLhaIQF
O+arxgwWZRKXlEq9A96LlQSUfupcDSJGU2XMwofLNFYB6ABXq7zM51hRYldE
zWEzoIjfg6JYw8yYLUFDK8q12FBeqshBO7eFqb1ka+a2eSxpjgecKTw/z/4T
x/7pp8tAlIg0MLkt20mbS0yLuTp9QpT7gjZsRaKaePDxjZ4fJaGY9etykoC+
ys5s2XuReW9Ibx8yd4MT3QazCgKBmM/HPJobRuiGpAZduOuMKUInkQR6WNHI
fZWruKBVNzj3+BRoT6o6l/FgQxHX2Xa3kHuF87eL2vGSZosxdhYKh/AA+Awi
UVh4HxhzcjhUWEOZboSNvMwX/M7mqlhhUc+ZuuMzEQbTJMmpKQNFqXyV6Bk3
FUkkaS9P5P37oeSSDx9GSRGokCOyhIhw5E8RVSBREDIcriyye5qAOQSzNmMR
Yoqpc+ZVHc5jCghdUhwsjtPbP4lcYcxO6BkOaScYU/F6gP4Cbv/09AeSkzXZ
Ro66kkDQmjcxS3tJL027ofVhZ5KP+ITYzx8og2SYmgsMs1RvCMsb9WcwlfUc
GpGP5EQkQd+2FHdkMNIk/ZK+4uiFOB7iTBDRLoxpmWbQjBLzeLEP8TdnqtCm
hIkvRC6pbJ5/F05QeK/YvXyYppOrmnWSdJa5Xq0WJgrsx6o+KR/gebt1sN9k
kbM2wqzrGUnRaeRfoemQ/oNsAfaZgMY27NewC48f5DU8gc6LQ1wHVwzpkNDf
FkWJ+3sTJ2SO5kkruc6npGm8afR9qtdjIDHpiXzmxSVv79yRi2WjuKfKRH6b
dmm/urhYYE+d15h+bJkz9PbdkGY/McMGKoFdQB0+EU0QkcT0GbaMpjFlF0bA
5zxrlxMaiTU1ZhaWBEpvOe+77Dtkrh4S4XqBSBCF8MUiK2Wcx+9I3xZvbl+A
ep51eja+yhdzL0mzNjK9+wqAbO516U3z0GlPYorU/joXn6S6Nk3lTVbsY4a4
qyWEo6Z9nUdKptNtngZcQs67rIKZiOlU1KxdyTqNv+zvk3QuYa/CB1pg39h/
2OR+3iOn6rZVtZDYSOK80OC9ZFIJATQjp2PqC+iV8AYhMXmjoQ1lT4nYm+If
Do5OTB5w0cZ8jsehy8K/jfSCvCaOBabYKMWxQSKegFl7riYXEbGPfrB+76Qk
zP7uFrLFCPXGG40agsJIYj/yKCX/aAYjkY5eX4wN7e1ybmRmrh5VKAtnP8vH
CNHyp8vsDX2WmKdnrpwZLm4oWhIOWo5E44Lx0ESUIDKwZCsL6Q2Ij02Ix6g3
ou+BMEXXy0FcfUevtFxWTJxiSmRZmbHmjBBjofNJ8lhsO7wsjLZkl3AHdahW
/rmqConOQDdTBdYMN5ZHErybQR/eZrbJhQiI6bNGj6Io32Z1AY1FA1IZ+6Xr
PD92p+b8au60kDl/3Y+9BUqqmTh5uYDfEmc3rGlJrOiJxYrOwhTTpusABjnz
XuJfGTtdPhpQEufUWk3SlHNbOyEhH+XTGNBuEPbZOxmM+9D1bDZNmy9tANH0
OfQz6caqjTpUTuuLdc2jwHlOw4/gdCFOA7+E0JY6tUN+OlbG53ID4IbQAdnB
RFowBGahZmMvfCYxDuNWczi8hHtHOb7J2hjeMieWURbNskmhugemoGV0WQwH
91eO+hSqxsyk5/tbWfjvD3q2mj6r7u1Gz8FrmBxRqUPnrFrKLvo84gMZD1hr
DRKY6MRrNmpKSZIQ81eVt1ECc2A9LzhrxjtXOBaDs87SJaxL0lbzlUo54kqc
CmKBMUkFGbF/oOsZEsfYEjHen+ge83V/y+xabtsVeAznlUgChZrjT5gsQTGs
nczFblFH1pwVfBrRtKkp2ccXBbR9Ujo5EOF0UyZV0UeJdcLxkpMyMtY/eSuL
WRi9aZj8QqdCpELbacQhH5XgzJKUQwWCHR+fKImCh8kJr0sQ1CVHebxpePb1
8+++/RJxcpaCHBPMfBjBbBaxbHx8kzabNGZ7WcchpWOuWCSo6Bqxh5cpRV9N
CwdDTrxfK8jBYRaiJtlIHIcu5jOtq2wOjYz1bWcEiRU9Iw6wXki42otqOft1
6fQcKPJioXdcE4U6YELaPk7f5PkK7yokCDvWvTKzm2WkOMvsncwFlRjzDC70
i/WC16UeDbxlusiIZOpsXqyZKMFqSb4XjVz3MjfHWO+WkGWyUXMEDuZGPvA7
ixPjQCf2KqG/hEGcsaaDWXzFbtj0e4S6+zwfvorFxdhs4TnRclEWy/Vy/Lbg
3bKaF+wIJ8OYUGI1zIf7VdEqnAjhrS7NxQb9B6lOHJgoke1UBrIBD3/z/Oxx
zCLF3VS0rFM/ZyNMC1NSy5uacV4VK1F0n1EwcMk+ncCEYvHFwZFYXVdHejZ/
K4GWKw3xWVbDQG5KbJrcXCQEi8QSEQLFUBIPknj+tPsXmvklr37x6snzZ6ff
knXsEmi8sYS1iOBAyQ+9cmOsSSMJM3DlQDDiVXIUE82otpCDc2qOwCbl0hHf
1FQAyAzv74lDmmC44lqK8mwSzsHxfjRWzqNMHnFAay6PY05honcSJHqbCLtx
34dStOEDkmhDEPVzesGYz4KFEG3Nky/H35z+ydMUfs0mMStWZ8q1RCGPaMhc
Oa3llfAJuisgsaE6J8ZHW9ZNkypJkvmdyRp/6n57dPkcm0hIOhWaKdQ1RR3f
9EFw81MhEXAhIRRSveTD1zUWisCgBMhG6VAMSVx7QphTx3KSXqrrp51NJzn1
w4eTxFwHLht6+I0+VTv5pFe54egdGp8KKSORmhEOj74VV0bjUw6cMiaXt7i8
Qh5I4HbzU0yCKWo9zCfNT97/4QMbtdvLQz5tLPnxhw+TJBLMjga7TgpTbCBE
xEhfwkhbavBXYnasaoloQRqOo1J4f2aL9ZwJkqOabGaPy3xNfywSklygc+cT
vIiMLjYPTEKXNHnl/ZG/1Q0qeZ0By+d7DCcdDesi+lrpRtzolS/VSl6JpRtx
6xuruiQAdwXPAQunYrFY8zToxZKVFLEtUovoAkHbA2fN32XY7RPJXGQnOLt7
16UkZSDPjF0LQoVEc3P8hgSVZgeWoluYy8Ul8aiZQV+8hWtthlQVpNgZnwgc
yE5KIxZ7CYLesL9Dq0JVcd+scugPK9P+fOZITivApqtsgX18XSUy1UbWT58Z
Nxb/geyH6FRRTECTLR3RxRl2TjA1rmQ1VzPQLSdbXGK0KzhAoJ9A8EZ0MvY/
Zj+B3yI3yTDyuCLKaXNaD0mERa6K9ooUcZ588GIkv+Yl3TX2deWkhc9Fn3pG
7/xTxffyFmgXiUPNBzH0L6rFgh2NfXdZ6BbXdAVWumqE3DmLRPKJtAzFG5Nu
pSdw0atGytO2QEQrYVuirYZL4Imv1qpQy/qgsOWLqrxszEvhHmB5saiI9rG8
cbq/f0YsAPZr+rl6eFPOb1BNbLK/n0YmpaRFZ5aZAYshSQOtPnJJgvhiV44L
w1tKXyY1AjSG+V/Ue6MWacBH6PKRcgx/IS1vg6h7GPcOZ7Et5oU5nQcZXueT
9AWs3JkWjursAqds1ylUk020xSM0oQH+yqkhol44Q2qezxZsh9Z51lSifASu
KUv5zMwvhpW0wBBwN5xodQmKwlGTccHxvw0yNvgELcoxvkDqahydWa8uyfbI
5RjzXgSPXiWeZXZe+JQdDeT4ay/ekrJCevJY81iuIdAlcUjiuJtVxoFTFfmT
9Hv9hcu+1SinywxiYcJxmwrLdrpjNwu8rxCknyYmY5XATVkmXFa8ftFqghRK
ywiN7jBvtRfWEkgPNQjscT8BbJFnNQ1lOlQqYQZTKfNOJgt0E5cVXiD/G9ug
1ElkF33E/G/bOa3WzdV4miFZle6ddz6loRSVuYjPgKPJZ+IwMU1EMi9Q5A+t
8PP00enjFzSCvQ6My4ZaxDvTxOp/4ACYWrridgVIx5cl/xZdSL2yYIJyXl9z
WirZh/TKMbG9FZEbzUoq8PROYJOC6QsHxc04Z8dSTkryOafW5UhXP+fMOvoz
7bisJbeFR5/ja95bGoXtiXMkVCzz88/PzW19LtHQQs1dr/5K8peJejCld61M
2IyoG0uxf/PeqU4KUYqjFUt9HObzSvpxmwfZbviJJrUgvWFM34xliUIegj4g
90jTwYIthpIp5/OU/YAwPGcd85SICNa5XCrLBA5/g4f4mLYbmZ+8CbH9SFvh
rcSAUFWB7bg+YQPbnOLyLCFzkabmUdFlqXJYrRdz441sMKaBGi479GU+QxYU
dGsQR+Tk5s2JPpGoXOj5hjChAUNWFm/KgHtfpo85LOBaSv3w+QXd+bZxhSff
P3l69rjLhSSPqOkI5U/wrqei9ro8Kv9mNeOXpBIi/ZN3RjwH5mdO1yXC1Oop
ickmI72NNUTPhZ9Y/lbtAjG95FEkkIEfNmmnUISNKBA6EjfhdBGfY0gsnzU9
t7TNtFHXp6acq8osaSs5WBmE0lVVzCwxiAgtqJ/kUp585F4rwWzNElVnpThw
aJyONBp1LGL//emZOsI17xTpsgVncZvdru5Kr2Q5Ye1yOzNxQEFDFhOQ76ez
QK1yru/lgOr0Iivqa7hF6dV2lnxnYuicODLi1U1QK97mNavMJc+qh9LnR/WM
XbIiDl1GhbAN4w0u068e25aL7BXz4FFVQt5JaJLe8yqvSWmvFtXlRmyENzlP
jpTmnaffnb3aGcn/ps+e898vH//luycvH3+Jv8++Pv32W/dHor8QV7v/yz/5
6PnTp4+ffSkP06dp9FGy8/T0hx051h2TJzti0oWOgUwiT1NORsnrFYICEEOJ
lk5wHVP6xaMX/+//c3iHtK7/i1SCo8NDVHfJPx4c3r9D/yCNXvMcOKYt/6Q9
36BIB1miMGgX7AsrWg6KQMtj01sEdrL/H9iZvx2nf5jOVod3/qgfYMHRh7Zn
0Ye8Z/1Peg/LJg58NPAat5vR552djud7+kP0b9v34MM//BvnwIwPH/zbH5Mk
OaUt+ebs+TPdit7xFOIy8e4QpubATSFlsMscyGiiRZhSoZl0ZG/isrDaC59J
FkT+eISJVhemu484Qrt3nByzahTGb5mfsQ/fRelSi9JF5X3QnHykd9KVULQe
X47IMdKOLj+UrAa1uKYVIDwdBZXTMAALpS5JztYc5rE1dALL7HMRExJzjxSq
onHcbeRkjytELdPdc/ohdEDEo/eI/Re1S4Mp5JpEKarNZ9gL/FhKSLDPWnVj
s1MRlc1mdEStcryinBUr5L1dVb7Gop/F4ISr5fVO0sc/I/ChwQTdCFbTOdbj
rbt5ccGpHNhAdj/MEfxhiuKtDoLY9lDHteO8EQhhpdECbI0nGuYVMemmavI2
0IaqC8iJ3itDbwL7V2jOME/Anf3IblnCk10FGAr9UIE1EMToEPjpmYgLrsyT
uGKnIH2kafRXPlOQRaN85fwyQeaXZAJI4ZfG7zUCHXk0QCBckljTTdmJ5w6u
Lt/RDPEPWsZlUUq+BH/CrJ3+4u0hQmddDUxcTDo6jU2PodAWBVIfG3H62yI9
slcc7mki/Rh+nkKiIjxtjii24sGS5KwQwKFtvA50gnkLq+Msp5DWZS+2xq8i
O5OG+aRAU4go9FsNpo6tEFIck4q72T4iI4J0FbrGXRVrBwkhVj14QHlJ5Llx
78hZq7+pfMICYETjRo7sewgPTkEXXKWfVQYa75FZ3eCGJdKN5rfjs4sbX7CI
GyMzin2CCJ5zGNcZMUH1oZKe/wjMJgWnWIS/kzoSkB1bbUH5miFZ6Ja5/JZi
uVwLv9KSCU2tsxSxmLXGByNPsL+hIyT8njq1satOynl+GQoKvYWdQhQuVJZi
xiCsyjmXdqlMG1axkwSVm+luO1zCxlHaToXaHvS99Ea/aZZ2CiLjdQlsjQuq
+I0Pc5iG1lnVnTKZjy2ceUXT9TTDgIvnl+7CiOGXsy+5HsN9ynEaeJvDdzas
zEOXZwRMjm3emvl/fWCIG5/h0GoICt+zngXDiG82PLDwETecgRPUIzMXI6uU
T2VQJsWhu5xtKZeIbPUAzTG89h5BF2/toae8LbL0xenLQVZyQo8HYQ9wD/3N
a2PHr+V8zofrYz/KDPCG/gWyuHozkE2N8cyHzT/WUdzi+3ZfBAjkrsQAFdxI
pTZVLdOs1+Lcd1m3HNmj32iOInJE3JQ6Zbg9d2B0/uPsGiK6Y44TOQRn3vky
Cev4EHFoxsEnvTekorrHQ0YCZiv9RNI2piCOiaa6J7aJ9CU0ryArudH8ni38
A2yJw1EIXzhyE5I8xxkgo9dYGmdjR5Gk2FcOP+MKPvsb+FVOdHXTseuxutLn
YFLzc/++6NP45fD9ZAxYBo96PUR5ZB+dF+Inljodn2AxkmJfDe5loka57Grb
1Szw5NFhfyExL5GpLgNIuA2Hhzv8CVVEPnOENEG5D8KjfMpJkJni45QBPpXz
C8XDSy4eKl/YIVg6DijJu4LF4Vhoe5yoN9PSmsAKO5nyx15+l5LGsub4Z2xT
WbRJag98klUAOST5VvzCJ2HARN7ZjaEcA7eIFhEkGuqV1kKrJO0cr8qpcJzU
EYYY4qGLUnROwDeY2so5sO5dleq+hmLExmaS/ialfKt+DGl5UyLWpwbSYrX3
RGbYlYggMOHDAmFjacpOVCrERGiMnNq3fBviAX2NWjUIOFV4Ckx2Lxj2gDMy
Rl1TSqRPkFQHCgtPZ4eYAqeq+ll/pjEZzKsx6LY6qPpq2VQULDAwHtK/1JfP
3JfX5iEKJCrcU1IkJXmEc5GMh1Es6mLMlEmko2SRoSoLdZFW7BoXzRwH1Tlh
KUqU+x7aAD4irLG6m+T0KKiO81X6HaGaxKUszjb2wAF9XIu+QO2rYI4RgBhc
thEdBoo3w8K4RvciCSmxrCSc3/eI0vzM8Qi/qHeEkpbspiDcW0s+nKjgTXgd
yyWlUUQF3eTA/IDUh8JmWl2SzTmPpQkWoieqT7MsZh+CpCLT7F3lXZpNNbUr
6Xn8xTvvjC33HuNug2wmsXlKAvWgtBCfjK4BNMUgE8Yz83cFo+WoiyVct8Lx
M+s9j7joaxI5XJpzzlp69J2QzTmL0tec0BTuq6Yxwzw4X9flMZK+jllGN8fM
yI5FBnPHCRHl+TvxkvC7QvEB5cASeMPMryhywsM52p+kp9NG1CwExlKJSI+S
LOSCBs4o26URuSk7zGtm+i2ysVoEeTiPLXmsM+yFbeKXO+u3I5AEZeuCQW0K
UfPUneQzsZS2HB03S1IVtMgB2ewBb/ZJhhwzoSVIqNx3DVhstPy6Q8HC8tX7
UJSpq8/kzEDPjIQHfdYk51L9mruL1G7OP2J1jNKcCyQ59gCm9Yi4WCX4rJrt
g+1Guis+HwdZQBbwDBRnVWeSdhvxI5mEg6ljfmE360PUH4STBDyvVWLK6kar
MNIFcdDFsGIvnlbssUrADPl8oqFI5ZqGeVkAESNATk1grkK0NFwvlD5/i2qU
/JpjVS+cZ5nbBXSLApbZqvHeZ2wlmKQEHdTpzpu2nrViRoBg9vfZvw+7o1/z
FZQMdoH/NC4QBpd7seuByHWT5x8PF+xN3OTUB64YU5YrxaYXBpdyQefZN3e9
+PY7uCqR10K8+pLYymSlrUmQj5s8LzmWG4JVsALpIwG2WTo9mAr8paUN6Esw
Kfvp6dmJxsfdTRY/MD3MVLLKOK+gIFVoIE5RNHHMx5Uo6BTkChgdJ0LHHiQ1
d4HVQvHa/NSvqqXjLEWj7rR8boUeLmghi8RDE17YhZaJtRagBUeyWIrWQfJG
dGEFgjQnl59XVW/WK6niYB8LJ/Egw2u6GYd6xZozePkWIWVnADB01GX8yQDv
nSHsu2lcjMURscZeAhe7E4nmBddNgC1ZLdZec24+UmWyxQNt6RIKCuHc0bIl
RI6mGcJQJJs336ifypWpclK3PQZwH1KjZ8APDPAGdJQR67sWsgAXDFca1ihz
nn22aJmKbJQTqZmiuc04TgUqR5BAgmdm2DgjJg+SQJ3inMgNcrVuv9tv/8Kz
usyl125zAIsVDKoyvzGX1SereJCcA3CIfWMMundyh1l1kRtOP5pu2nzMv5wk
X26Q5TsL9Y9d4TYtx1esLCyqgZ+vOYPYlQ7vhTXpVTcKyd6cTjVS0i9Tl3oy
YS7ON25UIZszYTAJ1kkFFMYnR6SiBZCRENlh7IPWbxyfvPPwNvIJ4aCY5gmn
sgoBaF4GOI9LqMgUz8YV2miyAMszTTT7alGRhPvP//zPRKPNuyJo9tLh/3ox
wrM9xT//dcsT8X+/ul8fTuAnO05jp1Y6Dv7746+WNu8rB/XxPwQ/M4XtNZ1t
9Pyv6S4e/MXcW793qkeTjkPX6lmjqfZgIX/b2+j/jf/oF8qZVEOrxYJnUP7G
nf9+xfM+4w6i6jfPYNdB37IRDIb9ezft9sShTXU3K9i0S0bGl9n+2+DhRspD
tNx/SaPT/c2L/ReH22P+bvz3lm+DFCmgcho5Eh7imCO/6e6dPWF0l1IVCTSI
SHapLehAu50wpt+ceWjLMHmu6/kNYS/ZrKY7z6C+Qx7TkUO+x2QU2IvVAJIt
dv8n6e7dvfQ09ahHAnwpZpCm5zavM+J0SEdH8X+y7GVQ0LguqTd4Dhm+AgAs
ZrNGTkmL5aJ9S9B3Lo8ApHMAwyn2vgrUCfqjpeigljAvxF8fPtgYY6M1V3QG
+8D9S22DPKhBSpTT4of5EUkV+SfY63W2eKNFYFI8X4gGL1XfpDA22aWA1nS9
/+9vdcJGYTW5/ka1UoMpOukm0oQSVDKU+nEfcTTxT5eV4aX7tOhJ+oWk60Vp
FyKNh1xRzvazObIPQvLMSE2EjofySEUkL1frdmtg40SpAHWcblS/uiRSpUMY
Nte/wFINtQeFy4n2EjPxMITHDMzpZ9JYWKYhxd7GVKAewfBk5woJYKus9r0v
RMHyHFTdgUG0OAmSX7uRaUUwlWyvt+pzfDXgKKRNcApTV9Hv+hAjeOBEXPCK
Dq2k4CBf1NMWYAzHMIghIp7LO/Uvi+sMehm9lSaXJKYgxZHxjyQ5DN+CTLL3
FFsghptW5IlXLgyXGGx1waWLq0Um0U0FxRRPjguVBWF6/QH8f8mV4p/56jOJ
OcAoP0fy7Tni7JYkCepEkQrQsE4VpxvxNlbvmD27m6cTHmlSmKsVNklqusEk
fZq9A1RAeufg4T0olGgDw/VIyblL6unOAoDfdcbFpzIfRWfoYnBrapsHsx45
Mz2bssWUp9+9fGI3Sf3quGDS88QGQtzS9SVwTWKAySIuyPsH9z98UMQ8ROZm
GWvcnB7xwkYLc6jdo2gbKgQRFZNhveYs2rLer+PtV5wIjsI4gu8EMmpGJyg5
k+stssI1gQd9eHZEHnAsVPxwUS1l6YvB3Vli0gPete1zV6BXPYTmKlu5IpUA
l/WmYCxAXMNLoNhKMYa51I2wLHGuiRC3xTNw4dyL4o0IhjpvjHqR1+/DGBFj
6HIhS0dwZVU9fjRJv78y0FZ4slQV4LiA6vMcMEo7TISXK6EZQ38Ogh9MDRWX
yQw6OflpD7o+R4RZUjOL2Rj9VSADCnEoc82klmE5l+qYXaohFQg24cfTNlLh
Hf0iSVEe2RRHJL8JGIMDO1HUZM4vNi6b2gKjfKxzLfh7TXwS/b6y335vEHKf
Yj4CNbJu0eXA6mLlJuf+Pjl8qzbX28LQDGkAkJAGSC4ZT2rBV47xQDbqHSil
zFY10jRIk7tR3m2jL3BZQw/dcGWlww+SgtymF4dChieb/0x+Iy4umyPLngiA
0bejfdZa2e72BsKgy0X5zLTC1t0ogQdysp5jJQMbh3vahHOXLXYK8VgSvaRC
feyK3RD8WGWku8i+Bl6+E77i4pHtEAyk5w370tmVMCmug2LE1gjyDBZcH421
ETWNq4sxh2VW1aKYbVLOF1tUl5eucNRH0y4uFOw4yFcx5UIdFaFJslUwl2wX
oKu2cFX8xVwV+chjqYvu2yVuE5Qhqb/HNUDwOZ4qq9q6WgwIKlVe6MwNz0pK
ogMhpW2U0r4XltV3UUC47Pz6JBUYUnXwwAyywoAQgqyqQ8iPflEQS29f/Civ
YNUEao/lyC0WhaZkNgVwBVqrmufG2iSBxk12kTOjbCTPnAwlGVQx0z7skd7E
1Z71OTrlbbktZafSwLE7DraYzGLzO/YchrjXmrQajMJHONVec/q83yWUvAsR
cnAGBTP0WOOvKzz/c433pM+q9HJRTTPp/Yf7WmvaGi9OINcbNYvEYgMmBAey
m/BeyDsnvC3L7N1rLyiagS0iflFwSIHZHIyKQ7577Aau4WXn+SgertgK5ZrL
VWhqwdhhiJKom/QtidWH9BwUiasDYq6KWZAsgFkpvvxFeqDNjLgJ0W4hzbCl
9JKen9KHOCZ5N0pnuI2e2PeobKwYtDJMRBW/AQ8jKJ0dCx359Ho365wvVm8T
5aKkhzIXrhDWGb5WS+48qAvUnNh6fHqm9OGk+yxbuSrBAJkk6BxEvzjuAuHw
1M2HwYUbTFugwbBpQ+awB7uuefjsxVXFnvzFxrlpeTSfBFJo1MAQmRh5S4Q3
07v4q+JUjxPNp0l1pr/TvT/c2hDOJYGPEyAT3+ZUlfFY/c6S6XpO5smIXVJj
Xp1YaVrdOUZCuR3F3rEi1asDEhyzNwMUQBnlcsq41MfEIS6O6IGUAKlKR8I5
L4uAS9poNy8mawK232Om8EdeCgyH8/FZQM2asbLAS0Jf33JrwMXOwp41f1Xi
LVWJKtA0l5lgLQhhyBa4t7CpoZm+zmvh+7zMpcpVUPE01oImAfK4xDo5HYMY
+6+pdEX+1foh86b/Ksr9lsfSX5Nf4Zu1/0eDOLNW9WNFoz2nkQCo1I3/hwM3
Wy2joeA/BowyCwJHq/NEaSKBtdIIqmGGh6QFAJpRTJNYt/81DOGFs2emy0g9
suWRuxdFrVtn38l5PkslBQUqI1pOdJfXx4ZhIuNd7/HNXzsyAtsMYglYYidv
jB7RdFo5W43uyRBxIYpSXMTqgLfJwUqrZUIKghxCGBV2FxO7nTxWp2y3MghO
+fSnBnhmxNl2YG/tHKc7L9FDZobS+b/c9la+aKAMtf4TWb6iNIko/L/vHhxM
dmAA7Di3CQ30HzvWYTivVxPlYROa2s7f+LfBwePXzFzp5T3/glZg0LLgZBj/
5ba8i378omLQ1XWNVEwrLwrnRD+Td3WVdv9CFLyG66xt9XP3Gk5DxtphIrjV
h/jTRERCsjpM8Ga1YLCxyATTbTjWj4/d62T/vHKOB3i9h0fj24evjm4f331I
//fjju0dc1H61XuZJKlU3XfQR8fLi8yW0aHeHTRPPqCvPiQfJDwDuE6fim9J
9+9vDfikOVFWUvlZsxBHYr/2wzeHGOqdm1h3BHHdHB7d+/CBzKdu7YTl5ruo
l8t2F37u/qlalvr7v3v11fiBuEPFxXZ0F8GNhg3qGBuuUzTnQPgtiC0Opk7N
r85m7HPv5fUQ2UviRAgozq3s+VyRkfHSz9+Nr6+vx/yzdb3QX55jtxNb4rSa
b0biVpL7L+9072o09sLhoHYNgIsM3k4XtD3nOAMpVYtRYKXpmQnmM3RJknRx
HJYTW60EVTWklfD37nFkHXfzSEoPSEDzA+xWhk/hgkG6kB2tRYjaYlMbcTqI
hAi8fKCEfGRa7IX0sHE9trfprMMucuH8xnmhTXPyG0NDdzRljJv0xu2Tuc/3
ZCyy1VjS6XQJHcUrRgpXr7PNIpigNethSHPRkJKLPCxIjj1fTGaRr8c3vODF
gTMKYqROTMyOvBRLXjfEOZLg3wr0GzYb2V+kTWRQoOFUOM6mVZg3ZcFe1WM0
v8D5YtOI/DOA36QbovlXSnnLrEHPnGzO6eWM56Fb7p5VJHbnAlrQu4Ce3JiZ
Uq1buGh1C0cOLSbT2zAGAD6c690AzUhc27w/wpO0b7aL6TGFuep1mrTg92cB
/8uY5q5zUtdx4XGu69Y6oXvnSaILttwM7VLbiQjFxgBO1CUdu8bzI4WsE7tg
qGaOARgVzFzteUFMo1ubBNcqdJUSu3niMtz19tFlUawKvZLxddmuZoatRdXa
dRurkSkr3VbBsk1nnZO0RG6YmqeCNOPH4JzvddFwEvSG7ui7NK9rWrgUHZd+
fYH3mRXENTvLXvnoLbMFiIO3Pledc21+A9focVB150vQMsOsiByRSFbmi057
WmN1sccPu85ieqxaUiQCTjhVF97r3pv5fdGYsNHzJbYvFiPoVn7JpUBdIDw4
DVQC19VVMS1CDz+8q1k9R7IF97VS1NTjoW1QMZsUpQYakbCez938HFK6JLSR
8JCdhv7OuiL0FK+lcNY36XsrtONgqSr8QHwq5vtGSy9xFJnQv5Cgo4/t8Hmk
eh6T5AtlyL35F/2IvsaFWsdVzwyYYZSEle/aOztDM/RRSEva7pIb4cLWbjjr
VRNySWe4bK8aax3IEYpmJNdQ4R5DBpS/m7kOkaE3L1kUHP4dFp/MtaH2cALc
Lz7Yrqwqf3eVrQU1MhHbx8mjUeS4ofuGBbLjEjdK35pxU86uUJh0VUs4lD+R
CzgHgiQJ9Wo77STsAIa5oxUAJLrcj4ENnDo6dYVVDIqJ2SfTXJnj/GbHWniD
AsQytHZOAobZV4FPHL+zANdgPFOvlhddI8fFhiJ/ySDuQ+pPhnvCyaGo2Y86
lcAvsRuEtffU1+sOQJvLsmWdNZ4TQSeQKGUUbJIkZx/SULxVp5bE2liyKfIF
mk4nX4UQ8K4fiASWnCLN2JR0PGbvDOARvQriG8IL2c3Spa/RNgIdJWFGRbBJ
Ef/nJIpQAnQgqQe5NSt9Ib92ZoHbPSDEic6TxMOLucLhqS0xI1cLo3sUaD19
vXqYBdJ8OJ2dtajGg3EZ2/AoN8UA5kfcDTyIe0pLUJE+tlimKklUYtJsg0LC
RpIyOKLvKpqbMEQZbls3Q9ZHltmm2ZjaFMs40GMSWFluFpP0a7QCDu6p9Djr
0y6reIlX8Xzl6BlSHeqdNK5eUk0SqTlsV41Jlb1ck5zFhWdry/Kxo8KVfuex
MO/OK53vb23lfHS7jDi64EQdLtteDTaP55qmOmH8ypDDfQw+BhY76a/JdqAI
Yj34xVjju3Gyoh4xVwy9kIMQsHR23AX5Qpo6EctMFuKXJXzFIy6T3z4LeVzQ
vYIrb03LEe2WxvT6E+fDFXCpzgW0YjRNixjFflOGoeEy1l7QbKwe57hnrUyu
g+CqfsHAhWm/FGQov4gwTKipWn6CwRYK2w/xRzvN7okcHJ8SLYU560Dc11uT
iQbvJuY1z71iIj75QYk2jGU0Glit6vphuuxU4DRvSKG5IYHGCI8GUHtJ+Qtr
BBcF8Dx9rU7npJVIouM+UV6oSRDnctavtVDhXEtymcxsdE474IbpCwYjfiko
Q8zbhZfp05K+IDWoPmtnACes81IWCh+9Ps5wcfco1S5yrFoji5OUJdSsRMrS
dlNyMF82EfDRSmWAu0QRD+Ii9/6FEaLKykTm74cJmhd63I2bID9CHaoD+eEK
tlqrCOBs0danWjnbOpHiXdczXUSIlwJyQMDSR9RKsDleXXkO0llzt2+m8WzL
kfatGCBYB8TwsTdnOCTT31ippAvw9cxfpOgivTzYoexpuTO+BHeQ60nCDpOP
hRAtZTeQ2JZ6lcDxIqpkGTVN5sUqmO8wShEnXiXu3YGz7IxVYUv1Eb1CNCou
Yv4ybunAir3E/CSMo3cvqDjMfD8I133iOPE+pqH6+CaYRNr7qTbD8A0/OY27
SwBWZJc1wQhhggzvXDCRABFHEyR53CFjJfxe4etfMTAw9kBr0a0LniHgXmar
EKLQGMu4ui6t0DSR3dNy6dbvoCi2GSaW0+3ReG4pNjB6z6oGhsvOKlsAF62d
1aCtcsH01LXwCLqZt1dRUiM6BzJ1KYwgaabH/jfdS/hZ49H4eOrcdW69yOrN
zf1FRlvqxfcMy3igqGFbup86HzMN0xuUyybRCKID321cZotl80OMNJqpx9kW
bBfaMPbjZOv6RwGsojMouCcwZ0XBV6O3I5RAAaInaXRXEhcuNV1vkn4FuIdR
0slJHQU9Bq+k7ijQTAMFIlBXpxvfsbkjkLdJeCS0DisX4KID182xef6uJ79Z
/2Ar1v0oRlzkkghpVcJY2XDUxHk4ZcqehzFXN2lqY0a3l95xyfjZyOWdsW0y
tAnSQUlRFESAcjsPyahV/4o2Umok1W3G9ZUslixLeOmuJKlzOefHnqgpinkn
qg3BVEHYF1eve7X8gS60JecUMTdBfkezhAIONckAVRz7wqEUR/nKIy2PcnpP
d9tdx2G2W5vBTRUkBd5a4BhgYzkPkm13YqCT5AwB3bm58nSFbmXK7zswjUmP
AmhLgJzB5M4ca8F+JRbxGoxXYHTR8xIwN/zSZS24ptaRqws5p9+GkodZ27ox
7S93nTBpdYJMyYwiMSz3DvSHlqpri2ZEHsQ/a5USsXM/sZcytJBXBomTvYWD
NfmeK+Wj/lQBJxbckiWASeqms8OWcnrVvSm0v/9V1xn7ayIn5EF2WRiOOve3
JcFtmaTP3Os7KoB6Kgax/nw9URLJItd0UcQMhgxaOgSZMSK4mKdbT8RuqEVP
w52eujAYjIjnrCHijSadnARe0cg+2Zqgb4ZDXOeTWBM+H7/kqmtL1c/aoVz9
9E9umwMIqQ5rQrUSy+sVLr5kwK+dErHI0f3U9Cu+70ukkFgskUn3os5og1rF
+BKu4XvWKggAW0hJqB5pXIbpmS/jcJc180pCcgH1hyGquDBA3ADOdauFLuZs
n6LMEgJWQWETp2D3CnQse0dgz+h+knUKePRFPr/M69GO7++bBO1JfaKP6jjo
uPemJHVrz3l0bBucWm1Ar/48VnWBXDqteOuQhWbJgSo82oOdOq0+sUUz5oBq
erYCtb+A0c12UpotoRGks7yQntogL07jSuBJWLWajXyNlB/r1z6yyCo3aaDl
V9d70V0WtDsNbYCjBF4PO4DCqhCjdlzJcB8uqS/WJMLO6YaNt7x10Q61hZ8E
0EFjV+Oi8U5TLhjMKRmiLc6nRBPJQG3vsgPreWuklzCMd8k0EHbjUjWQyEVD
SnjrWHokB1sEdcNb15JqwLYat9XgK1KUkhYujdvoAhYrS7gTd8JHnGtc7xiW
fW0zx3W7La3U4SJyjSJ8hVtLIbZOISwu3Po0iEQx9fsVgeoRk6VY1LStRjeX
FloJ4SqoCXQjxkGXuHbQ51XuRmWDYmRpyR/ro2+KUjoQB11p5KSD4cOLwfaW
+OLTrudXsYNIWwmhTDvPugpjiwQ7bG62R8POH9t8KuITk/e4iduyOimlu42Y
TEyEyl09Coo0JA9DWZylX3DehAoJSXlFNUHs2rWEMelnz50J4Yl2V0sTb7jy
Q+v1PkLkpgiEdrUIt+YkBqHmwgOhpt3IRIK6bza6C4L1TzR28fYCjayu7QnL
4fIQPliJJ7gC8BDxu/WF4WF/oReublUWc6a5wrcnR6MOcfjhOkkQ8aTC2idv
5UkJJ3Zye86z+dsKy7BSVDyZtAsEp9GExQRPzxdaZQHsKNhqIUd4zVhdW4rd
joHvwOA3uyJELzJS5bzvD71A3hZV7eNkaTA9SRzm232OhvfFu/NJ+p1kXOmw
GKTLVnSc4IQ5AgF9yT2uw4XPG+BW039etXjB493wcFNS0TKuZBULldj51bjJ
L1kEmFCEJ77DBCQjX8sVPxedUtEteAwrLGa0AeEYiXQSY/lTCjiU61p3Evo1
gtAgV6W4qEy4Gj0vSyAddFQzbkOoXYtnHtlClrI3jJ/3SLIDZRPy9jqnU82Z
XAVOxrHvJpdOhdLQVvJOrSiNWZ+ZByA1ixd9Ql37C6cMu96isokKsezSZtUX
n5XW9jQQAYY+h237j9Pxj9n4l4Pxw9eT4/Hf/uVcMR/1qYtsWaBcdXAcO+uE
u2OcT/aJfL9FnqsTbcxTRoLpq8/LDC2+gxYNYm0JOkSHmtQLwRUpzBkjeujX
L+hO4th9eE85ZtaGB8S5OtJqpKy0rtDSZHSmwZuMhmgEX76AbeZCQMvy3Hgc
wyKA21KXcQMYyI2OEgDueTZbcEKOLcsVfJldXGfX/tT9MTQ+cOzB+nK22gTA
Q1dsAWLryAx6bbhZq3cR8mWIzJ1Q/GTYsplQps1DCCTkLhKe1HWLKTSv2rEh
aMxDpBJtQqnap46FdQjT6fIbwCmqcUPEFsgUyAX3DawHNWbdZz/fnuTvYC6e
j/QE3Hfv5IE9833mIaqB8BxN7oAfWpdrTHSKZ4VNFkC7WywcDbriQl6QwaAZ
Rejh+kCi8DXWtyT52L/qitT9cV0As0Re91GACNGSAafRi76iXidAshgsTuPy
GDHKZF9UZvHJhP1EaYAeHCpY57Bv+4r7sjE7dDm/zBgYKzEwwU9YDEk4iN8Z
VZEG+WVpOk4tly/rGKluzvB/BG6zUb8wiasqwjR5vYKCUwgK+Kho4Km8qsSY
0oCtJJ+yc7VreANTVqJrrk11JJGZo8XreSNRRmWSPWBYue5WPEobJtbe7nST
htkTUh3dCZWyP8wzNqk19g4okJvH9NtObRKsdHCD6pSyDBVnIEUIgR0asaDt
1LAxuKjR8hYCVmluYYwzRZv6sHQ/6Avou3/BgICi28XfQBf0zFoKeWPSVSiv
2iutTY5ks9Yky6qXClsTrJ4fTDOtCtb8cL+aYC3LjLMS8nd5PSuk11Z68yZJ
WbkI39cOwLFfQd1HW5HpOpeaVv3qAIaHg5VvXkP/VBQbVhj0mtw0MVKH36NC
a4r6pT84TN4/7qQfFJWVh3A2lL1Zkunk0dcavuMhGKySsbWDMeSy+K+sSj2i
HDAQ/knsQtxVgEkiBbly/oxlW0/7gAHWctQX0UqMFkwoyC3BmQS3xEhpkp4J
dLfX+83zzMZOgFNz89Z65F8jIVGlpOmZ5KimhlzBPhyT261kSWLm+qihebmy
FgkZbdNyzBZ20KgTX4rYqWsQyzSbe7+Ou6OCpIFbccQKt8H6s5GOwj0rHBdv
nvnVvWYvifGvOU7TyVK176Yc2T3vS6Vmq1g64fim+BZl0qackmIYnSh2A001
OrxnZPU9EZdUupMh98ISTZQrEq2DdEHkW5wGVutnH+On26owR1Y4aOWA/7ET
aUNSptkr1JR6w+Ad0Q67ssWD++ODw1cHB8f8fz/q2wYek833zz0c3z4Iyh35
sQ86E79T4UTcbURJo3tPj9NhhX1ukRWvGXGSOMXf5F3ytn/4Xmvd6lgdXROm
pY/tuVex8CkNaH/voN714AB9GWfrGmWpG3z63dmXtDBbV/K3sNATavxLxJ24
whN2JQfgXCzYdKAtCT4xrO/If3BDZqbclFNx3GroK2oZJj/4IoHng6j/kMQR
sSxnLEemsljKbFqLffwFi3tS9ztWPfImbsjgPxY/SynGL0aQWbA13hmLtlSc
JDs06ukkDA7Adcjv/yL4+ETG/kJW7Bws6tk7TXfpa1ZYzXXD6D7uh3vxGnms
gbdGr9QhzERCrgZcKDc4ZE7CqZ26vpcYJdpfEgo2zS8mydEkfcxGG03I5a46
T4KaqpwZ+UX3B8eWo5Mw8of9GFYsO2D5O8xqgWrtbBHYw/ZTM3TMk6Maf+vW
/VFTUAw+NyRve2AnAnTTXhK+11V9+xlwshcjZ7qJhAaqe0Kh8YenJpQbmp77
weziqcG48lOzpDNbRXfbJsntSYqgo9jYAEv4M45zf/+L/f1JJ6Puz5r8iirK
qet3rtgnp91fQ7adOp3CsoJJAkaaBN1LUQ0wxp+R/uSD3sdR6Mlup9iKHBTn
7f2z3B+RzxjFi+hEtMtBIT3qpJ+6kcXBVjQymItKYV+xPX7VdHMRP1awBnaZ
8AVprTunmfS6Yg4vEyuD4qJZaOLUtVbvUn8JvZAkUstFlQ0xpnakt80pHlHH
n7oi22Su4K8CYAX7CAG9XGzaV0H1ghVIGwSZ93taOaqkyXkGzBiA/fR/ByAY
dXzttML0M5W8R58Q0wWeyuISlrAqrdMTVNMWgDPDr9jN0FRkoMSVlfVRZD8S
hxulqEOGB07RcGAqhAHWOl9k7zJXG2EVWuZ8wUdrKbGdGykHMW7X1AoVm+ja
GS905Nyo3AnFtokNGcWhoL9XeaelT/JJwEL5u1XGe8JOYGfPzwIXs52PY+me
ZUW+ZZxTwjhvDx/cU5w3+gsQCVwqO55mDcfH6mWEl8DFbd+9fNIcp9CwatQD
S14pmXtLc5I23G4FUNesGXCIg1MvcFqMtU47MMOlVPyDpJq1ueDyr0uXZuHR
XC1/i4cU3+CldDYTLLh4nkHgw192vj8u/bCyqsTjoK59tW4dbstA4iSnYGak
yCMOqO+Ck4qmhUh+IlFEyEiPO+ny9DXUqeYR6W0V2XiWCqQ057K3ZcOCuYtR
VExzRRS+WGR0pwK5L/Y2JzDKDFiYWvVST5gi04HtfDU5r4rVJP26oJ/UsysI
lqRateNCgVvFiaVJ6IjCCBZaNqVlHt+gJSUC3TtApuxqhZALgwaFOt7VUxz+
/uNlmIGHSjCDUFCgah1QMnBC4jJeoNrdomyhfYq9H7DHt9rfozB1G9l50qbJ
3TM+uZtdV6e9UptwAiMRgM7vFIqFj5jrx9ziJfBVhAJa4fAsc3jIMWQ/p5vF
rL3uzdXPhpt9MR54tHs+0yicmqKQl9o3Y8DqRrvjnjznjJBhZ+0y/wh5hMGt
ZFjb2N/vTWR/P1VLpwddQWrCxPSRcOaXgjzo+pUukF/3Nl9wFnKEN1nmYeI3
Cgx8RGWkxtfI0FxX3OvFp1yfuPDowBykgMxhWUbLjQMMipMLqSXMnYRQkZXZ
eEid4pScvuPeA7SkdOO1pe/+/l9Z+xFJgnI/vLGHxSMqErvjLIwcucY4I1ya
l555nRHDXUlBJT3F1aPe8PgJAHnzng4atbSVX4+k1ClOxAyFxUUUcdX+rcQp
raVdMBUfl46rIaBN0pBTOosT1RQ1cXObsqxUyvmepVTDDxK9xMgszpFtUaF7
1BEF7hSsEpUD/hThAd5EVTXyFhNxA+q08sBwXKnz7TUIC56OgrIxqoWPuZt/
PoikJFu6Tw8DLEo+t+Bo9hkN02oYt0p3xeXNnlMEvVQ4aZKhZKDTICRMEK7k
hxDFgdxwJJiVccIZ0YZFCIjP2ossLiB1pBKrj4GEkJhLKo2ik+5ppq16d+IR
YMc8OXue3jk6vA+EyrPn+AvJKvpzbm+zN1G/z3FIdpZlEoztEgSCLlKWneLv
nFsLI680jaYb1fIAR05iA9g9MfJqaFG6dcoGcjD6BKWiXGokKaA8L1YOQAhO
b1b5ChRNcLHaGmKkxv8Ytsbf2eOhxfaWOtKbavXxikUpzShrt4iT4RmSVoFb
jWh7yC3c9jE38EAzzN62eat3hSw4JXAIkdnjMe8da6qbpSGo/itJDpVPwDI4
vYzLssxY49vLgMWg5m1EYkpDdM69U8YI8aZz7jU/6V4ysGbzwv/DFz21Pi5M
KTalravuk/YnLjnP6kURLJq5hF/2ecr6+YX8hM2qJNUWm8usfhPEbS22IWF3
p077lqtcRcFdWj2ULm+y5Eu7Td07/rT90nRMzqDGHvMo27doeFc0L3RwbzSJ
Tq+YXUqwSncNT7xjRo7Zmij+tos1K1YcUZQiiJC80i+fnfESb9wVFtk6SBOK
NEkvt4bnH9sapVS/OaxZYgakYmg1DcP5dDmWvIobr9SeKWFoLXVwm88jRqNx
dhx27u/fy0QS8DzbFYZZlCHbFkJc5O+gpR5HkjVx0sJKdfF4mOkmvrpQ5Mln
msZmxiAnIp0j3gEf/LkEPnbUGXlucZDzgI76AT8fDNzOhrxUSDqzTPRC8z+g
33NvXGGlsReCDuW7V48kdYpI27gZlymyQadI42F/JR1cVSKWMAaImoLp/SKg
CxdEbahzhybDqglrqqg9S3/J66oJ79HALdiyOrsRzYhh3sj8dzBZ2jJN0rMW
YOjTfMFpYQmdc7EI412R5zr6nLec9stag01IlWKMMfoM9uVN9kUiqmDxji3W
ACgoomGjyLFmteX10pLXMjTacqZZZI6J6yf3x6BqeqTNewdOEpgM7KaOjAXx
KfrCRdbiuTKimAVO3tBtThwn5C01HBLpN4/OLEH7wd0PHxKDLs1dT9RJ+jRW
Rpswl+gq+yWruddBmGIY30sXtxYvgH4oDWO6OmnS1UlH3M3XsK2AOjakgwaq
1oyzmqQYVdtr9k9cwotOy5ZdckiDgv1ZNNL8J4lSDcXClLmJc+E5fxsXzX+p
QF+v0LY9fX+LWSMnhcDJsD16qVVkIhdgsw72AR4hYpD0ndpI/yjK2WI9N0jX
07Oxg2/8pDIWnqLwfsYunBe5QOazFSV4WpN0d+fMRt1JmNMjX9YaLYYprgwZ
YwmeIoAZGRKnPyd1ui3EQN4yoX7fe3i6tKf8hnETwPGwqCRvkCZaAOYOUufJ
6bNTyzDbGKRPmJ462WNtyTVxW3Ee6LpJpAwjH2eXZYWyXuKx1yByLivWWDqb
da31yomb4XTBJ7AHnOkFzha2ZubaHA+KcHNQuxBeekLv9dWmgsjjIhMGWqts
w4Of2sYHOctBKShczje6D/lRcQd4npik4avjdwVJO2HKTuBa9E8z6qMS2liR
3S37Jui1zLlY1h7OIEJoFAMQriUOwN0UFQZ1Vq04fCkl1WE0iotQrzPO3dM+
f5YPZYEs7eWiar3prxyFrYvLAoAp9miSugV4QOfgYO13oxhzLsgGDHdDy14q
zRPs9+KWw/vtLSJAOlq8bZXKWoKhNYKZrx60MJphY0jVIb2ZCxE/YwsB+DSK
gpAOVyZ6MBiAaZgHhet7xNftwMR8ExxrGwp+X607oM3qRJLZL4/TLlqtz5PS
LnmPcpqKZXxCn4l2bpbPZld52xa6cXVW02dzRvgZWcEBnXR1Wa0bZrY/Pn5m
JeaaYXGhPzNWKYFHrZFvXPf4oGYNfCRxk70Yxjjz6DKNAsK1rrJcQLsBpcFc
nsVBAHjoSFAnukC/QdSvMJAFPLthom6iibq0jBfy+y+tWvsFV4fuvvjyxV60
IgHi1DgrHXmQdbeLDDTWUKHQ7Ql2bSSkRI7HB8M7kYhQpvOVTrPRhjoBxM+N
wp6RH00GknHJXMhBl52BjU0JOp/MSrESzkRvTLPpFGgFuJu9dDlJpbI0LoUQ
eS2tCSWLzFK4svor/gy/Yxqzb9zL8I1khO66Jus+Dm2L2xPp/H4ymXw4Qe6a
5JLFE/kd+WS2Px9LKuMA9M3pe+mOeBNez7MNPrh9wAliLjnsC4R3A5kWy09R
gPJhOWqNrpPgxsgFk6Nz2Z1Gr27ILl191iRE2FrT+fEqYNfBhivLk201ohOX
9t+6OVm6btCRRyRRwjnvToSKlo+76PlV4xL0TYluO2slIeZa1YaaqlcSitbh
Fw3KngHJ0xc6E2ILbqYGlAeFhllQoqfpoc8/YVtH7AdRVDrkWBlJQNiKbv0U
+C9Yw6sKr8MqvlqXYoU94v7d72+1+OqDyhZnokkurONEKYnIObusSJ3ZwSM7
zLUvJQkH/a2aUeJx2/nFXFYHzIcX1sx49+mjFyhKoD+FWdlkEDIDxFnCiDVa
hfKxDeAGZlZ/ZPkzAJ7klKt8bhqDSGAIRw6Gp7sh9LGQUpigMurBzO/pTnfj
0L4ZmoQpOhiSuawUxCXBWcWVoE2QbwqnINBHXLYFUULawXcvv5VbiZ/GBbYC
6UNimL5C2NSQBHP3vCvTo0+OJgdhRia+VktbWoWJw8uclUE1udJy0QTK2di4
B/vtIjRMt1hxjvI/XT9eKQAUzBDZicQ1Qf3FOjJU3FghCz7lBs6cjdf46j1D
uyFNipnBeiUSERtFXEL7AAgoNw1J9owT/jMODnzWGJxfVHjCmSukL+Fprpbg
x/GIyL+4Ace4E/GTnpxbeyFKUAojSrlLfWkVe4EC1gfMkDviPEPWS21XDjty
EaifrOtD6sfTWNgN5+LhVKTMkxbdSSP8dFONTQrRn9TbHIJkqK5lo3kpE+Js
pF6P5gNw+yXtzwzTI4gvilqtmR9t4GHfolgrxkuA4uvMWKs8nIu7PZsPNFji
OFMStlnyXXRMToIg7cJJXzz6J+BsiH8R2wT6mj0iH3FVYvCQqrv/tRUGOrtQ
Sfl8OVsNKSro6rF5bYtH2jrW/tqv+h+bCf/3Z/h3XZ7bFopjea3Hsl0l614u
vClU9cLs/UDUsxlOMmYsovK6QtTIyZFjJFNA0PUTmhJ+krnQp5TXfTVoySGd
0V5tLpxzq6c45wo1Ed4p16iihudw5LwEhknAt0CENnoch13JPu2AfjMp3kSI
0rRroM4kqjI5tIP+XTUmOEs+ye8lvhegTzq/jAoz8T+zelUYmgj0DuKR5ZpB
rDhJQVlY6FsmMYSuhseBqimoHRATjulJzmaWOCeDdpvrVPa6QH/JyCigLsRe
HNXKN8k5veF1dXEO3XjP9ExBXOXsRUkd83o1/DqnNhMRZuKwNKHPXndk63nP
TSwaHVgxUodcenAScP7WOPokPTPUzXka7ZruJocYIg9EWWyKNySW1QHhflde
CtU7w2IkaoJkfSSzbGVgdc2maQHTb7rrd49On+F/yYTEpOt2T861LmaMdVGj
NQZQIeaIE2qDb3WU43Zzh0Bt28QlBho1cxyBq83EfhFdrleGeMNNHwUxjL3I
s+7z+ySp2avDMXK8JUK/v9VB9BWVNk6UdqDDbbWEIxfOQe0h04bNkRSF2GDj
mhAkecYpCRE8NSMa0aE3qtoJqATpqtJI4979O0giiJMFOSH5Ak1wJVkogo32
7XU6Hda24U/HdmasYeNNiS28JoU4m8WIzHJfptwzjQ6f3sGfjPGJdDFVezER
2ERNaQ1b1TizVJLMChfVnec+SM/rQFBHIaWZgl/8+dFjxYe6f+/2PZDE+dnR
3XvnGHqBtjPci/WqmgOAhi7az2uydRac6DgSdyyi2i+qF6rO9xdv8FN3cAx7
cQcHbaCUyQ/R40IbyIp7m2cncIfiE8OLOMcOfDORhmGtko3uV+ojD/MuCpLr
vSJuk2SAJorSepkyOTAoq/lnoxNDjE+bpMVEHhzFyCGeaW2bb76dR6ROJHwx
4HaU+jaHhD/hNtqyAKt8zwc7emubbsakRt2WbQk/cCbFzeK1d74tb2UVnNM4
8nns7JkPpwcwSC2R1nrXvHVuBvriHFwobkBgySoh3nYHJD1EpjUgcr04OmV+
HiBEY9vzvVFkfAZ7ARRit7vfe2ClaOwswL72O9Fru5bNBVSWOGRVa73dMisz
lJzITFyuIDEBGIVINl9c7MUXUwGUHIHarurq6LHdc9oaSFps4l4QoXCGRLw9
Up+uHieHYGMDau5viDze7xbTKlQtBrLnmPTXZbybnSYvW9pbY5jrog4a7rhL
qKOfhMjMYZhQeqPvBpsNVxFtWW7FP9r4qWJvVdk5bZdps6dVhmEet6LIcmnc
S4Zt4WkZkosI1QHsalxgATNVDKKLNbe31ywDlyu4Ba/+3Pd31YQVxAnCO33u
sFWIm9FWbPpdh/ekFWIp6LI4v8rdhogawuY5hfVhGVzW/v7IYdozBV3KHm08
ou+88vEiRX6lDeu2DvHz1E0PiU1WDA1T0gqkKYBLcuu1BsEQFxltKW0y93y7
WDA6KGuVlbKoqF2lQ8eNxtB7ZhnX11oE53oJSY59qZ2Y2kowMIyLN+uaZHQu
u+uanAXwUe6su02Gpd1TpzlVmtou3EBlzgygaSFYMcAKdX9tHL1MIxVvERCR
4UeGP3QnHYKjWCcKeuW25ipzLU/uIydvBUDvTAcDhJ0ZLdJp7vO4mdncWjWG
MM7CcekeqUJvAhld6Dh5bz5J7nB5hsvp+WRk/GNeYNf15Iq5PJ10ANkFACfu
v+qecjGAmBgmyV2aJWuwkbRXkPJgR+UTLmSxfsJcEI9MbclWGKkazZeV+ZDz
Uml2WV8VI53lkbRARQ4H9s2S7UjybOFgPSLfS+xi+QuFKExet4rJHOcWRGUC
maS6rleu/5YhppMWDgsx/a4sWBETVo+9wK7WHFzk1iIlGsaQJTx2pYJpmFyn
G7ZUxN74ZrwtGuZuSZcgT8/GwzeTqXHW2TQskxPhZjAbvWzk5bseyo2CmXa4
nPSQ9ZJJG5DNFtyIDo3eGSTI2VMd/Y7OhptBcoBWCagxBLXBJVisygOEubkc
J0UNZbjmCuYR25gMUuE7CTNPWwFvjGzIfD4OxTNx/T6OWdhwUkB3XJmK9qCV
8LEo+iz9km0ZFHYdWJEQY0jO1XYn6ewONkVs77hceZnnGjXQ/R0JMkysWgNX
jyg/aDbNyW625extlmJSLoTlVAA0ReX4J1mTlQN64quyALcugvRqw0HP4erB
TVU3UBJy7EbdIP64eBMFo/5T8kw6LxEH9WnpJScRCxOcZK+JVhJ92/SsCiHq
xOyKzr5VdvJMxL5h9djtHG/OSMwpQFkyS6HpFcgiq8o+v0pcy6XdwIqX/Cdu
yUQXW0IBXWxhdL6z3ped3gDSKNK3mWqRi9F2eldymbXrs21dAL3kbTSIJAGD
MKSbda91Yu0YY6koEI8BCsH37PuQrjUOrpLjRvz2UeKacgNOvbH8+cxB0AVA
sdzaia4XUNl/ya0ffRKGNwTAcUvHz14bi9kiz9h/HGlf4q5xEsDlxoQQfF6Z
dB1lkqZySrfuqXQ1Yf80N4qVhYk/pKy4otQKdbtS2im5XqvxjAuleoUONOKc
2HqzaivSeVZXQBUrLhkX2TLDIi0yXqtPSnvSJl6NDcR8UB9sZHKdKfyCHxQp
bm7HOht6EvuF7S1lEJLWfbPuJ3ARatkZ2cQ5x+Hk5nvPkfMr9CRDwpKB4waN
A6mN+8vrcLENC8VEtCzwzw78BOsomOq61CKaG1p7atAiafLWkGUkSmxzdSLF
IVX4rIvCMEi2uxO0Sw7fqgT3xrRGWBc9EVmKn2ljseoIe0+95YklKgYUcarX
1l4giB0+6GFlpsI//e5Z81PJE5NGaZq41qrKyseaDB6r3odI+QwJk27EsAaq
lbkJO3qGjocpkzOCnftH2XPobeU0AW0dr7+SEbMlPO0ietpjtyKY2n6LI09S
oqs4d0HbeFmSVNuym7DcSFlZkiE0r40Ztu8CpnTS4xrxDR5ugcu93G7dSr9Q
n2KorCv5/ondtu9vxc7ajzgF1cvbHy2WfRpCacXB2hxvUeeDfJRcgEnEy6ZZ
srYSVknMO8pZOQgJjxtVqVNr9bPTcnROvSiOcnYEinpRXOSzDQkD7vN2wcU6
sJxbEVRM5z+vJSvUtVDSZUNCL97GXnvvbpfVelMwUXV+67oNAlrYhVMEdsXu
49pftARh/sKgEGSy4x2cv/6vcWo7xjt3divvYqKJV6V9MDIF52nIaZwL9DX/
ntWYV7z/j+3du2a5VbX9yLcqCCM5eZz0zVf8CS8yQDbBVmnXoYv4QIJG3c4x
zsZK2LOaFC3UjE1R2xE1ujpJgzb00FjkKiTxajsteLKeURS+yYMdugP2ktEn
Bo1c77BuRMc5bAdOX31qjBqDptjSQzDs3MXoHYrKJEBUweCuKbmrMOGQdUia
sFIWC2mohR5b/MKwUT1UolJLaMIN9g0v9NNzKO/FEg7zgjXdhG+L3lAhtECE
8Y+1lYcbS35l+rCi3/Rcr9E8NBCmGK9djdmGSpyP9jio/rF07SgcERwZGfJr
dLRKfNYvn2qwJGvkyIFEl3xLzDCohuTYv950UaJDnG5zGu5GdL5nerZ1pTcd
u9e/O+LiZ9KR5TRoKejE3vtby/WiLcYsxV1Y4UMXXkDEnCvD0pRYHeRcZGrY
stAHE2BsOWEc0Ti3QNQ4MHunS2nBE6H+RG28RRZKoFhhN5762TuZs7+f7j4d
VxfjZxx7R7Wo2mvcZowrhKQgmnEEsBY/3yUavOmERXRIeRXjNuqCOd5S1bTZ
lwrcYTqdqvZeC2e4DDaZlxDf7j1Oh3I2FdfdqnLc6R/ZblH+HUAKKywCHj2g
SDpBOLRZYvBbziMZ2uvanGj7NPV9/0MofsI+0XEi7Bmh7F6H0CCvqqmOhKwL
fAe5SLwMoPW5gCjoUdEa5tmG1Sbl2SwMHVqKm5dr9T4VS14aBLFDUYDkB6je
e2ukIWVnb0+4ZjicvLYlcCsutVdk6ipb9fzHjkYEQeU0dGNZyzD6nrN1QKg8
CdQjcb9DSbWOMrGxpf0QXHqVZ3M2Mtz50Hewm6fZjBTRak9jVEwV0oWPz5Wd
p0jdXbd8N/ndHLAr1IS3/Gvf/0rQjhXuyalSYmmw3TNgB6pmtcgvWIZk8Sw4
w1C40xPnqT5VT/X7W31HtebpmzPbaqnXbR40FoXNKRarZnf6fgoj0QprleZ5
KRhFEpd+ZNWi6pyX74xXoGHWucbh1GXv0jZ9JIpzRtkm8z3v5VuGSU+RAJVa
aQQnejF2d+yCSH9N7QO3lbSG9o8GJ7xD3/JzKsNlUchw9j/hSdCP/jA01T/i
Rx9sQvhf5LpFNsRIV1x4oTp2Nkp3lXkQgO0aWw7ynl/RuWP+LRxHGFz20Pu6
cYhGq2B5HobjrvEVIrAjOl2PX5dHByxhg07RMYdILZJy9vXp+OiuggXeO7p9
h5R/HxqxcbmXVsMhmMelKOhIELjK8Oxx3O0HDwJn8N6ddc03i9jxHNeJT4+h
AVXDZfWYnTRm7vJ+ceulLnmrvQc0Cb0g0syVH2dg+9KaDTJHFSfuNAe1IQBe
uiA1e+UUuQOxeLvtiSWNsP86pikRMNOcmQKSmlYLiatJzwpzQsYtvKNFBZAK
qjdxthfTkho379/rR5JpxpGrQBp059Skvm6aAWqjM5ekLn6364LbhTkU1/b2
SH9YzpsEy2hOrPchz4ihCiJEMhtCMXQV5hE2TqImo4ymCep6xqIyVdIuWovF
Ot/TSi/yxEoVMzfBUbjeDnYtTnOxKDToJp2NpZNk0kkDEdxWqSEQtEOtg2dz
Km6rY4WRiffnib98pJfBFOxH7uUv3cuf4Q1WISMYbUjPunv4MOiedmdypKEQ
xzrO/bQUuMCDwtlElDG7XMJIxl9xBMqy1sezinQIoIKQru+XZ406EH9vUL2Q
GJMIy+X15rmO9ulg6bxApAWcQhYQGslQ207dKNllYf3jgyRJtsxcmliUWFb2
AsEW33Bj2jvbpI9HBl0tHphTZqy5GCxQ/eXcxskat6BzvTx0a9e1bb1wO95m
NwXBSnKdXxMyOBdV0Vrh0pxuCdnQc8NP7F7Ul1yN9P5WD6g0STrMXfvluoVK
n2pim1DvODigACXcv5bNVdanweCF2jz5Sg2U9eE2vDh8c5mt5GilH90mUVBW
qYfhKl4+CS1kUIgZlyLSOgJmG+dVJMUDYRh67iuX5GCQB4HrkiSLCubj2G3v
XI8XfR1AngukNsvjiwFJLukj6uY0GJBc+h7pPXC2vCrm0oZPF9dNhiwlx8rW
FEDEzderhSQPMu6FpvYbhpTCXHWpQDuwy5iFdOJdFHO8HdQREL30ZhUlIhdy
aIKOicPZXvpDErh1yzBLkLyih/Bw3NOMrgjYf9nG+Wfob5Sk2k+GnxGod/Cw
URq3gsdgJ6pW2sAGwJp29BFOoaH1fffyyZjpZT4MQsTovfTjMf6woIX1O/nM
wcpJjrIKMYaBjlB/NCer5LZtERqQAI719k0Z5SAUc4xH2V6F/QLHITwu4MQH
O4hHLSC5fCkYkwnv2GQUQw53uwtw+EvVJj88T4MBIUU7QRYz595aAJlvdAio
DD1mcY1m4h4kGd6GLTDJ0Ifw1rec4CewmtOuyaNVEtodEbMc6+8ZrtQnpr+U
e/b+ViehBpLCfqPHAMxwUJhezZkhvQ/58eHYapKQlorlci3GteBB8eMYXXtS
S98dqMOwO89d7S/6vJuUm0slWt/ZFsVo59q8t3G0PK8Subir3JoiOrejSKPj
kOkUkY9VEiCcxmAsBD49ri6TLDgVWt5vl0X++8Ri7QiBDxYbG4ftd3JVvTOJ
HJcu6u9+N0mfelBS2XO6iQtU9dLLE86YJROwl2x5rgeJf0kGffhoAK0LIcFS
LtE1p9rjTWKNbrlw6ZyY+bsC/X/z/SudlebtJpgC3l3wS62PMXRHYoEgKvUN
fSaar7e0QSWaA5JozNI6cLynobmw+IP1tXaI5j40OkmfrzQiht7ulgk2rao3
UJiFMcv5JC4ebD51FImKy0P8QpHPlfMJgFyEYw6cJ0lES9JgwHU7Fo+wuxpC
gNr2M6LThD3eQy7wUYd00eJ80AoiOfuJzbhM+HqryW4S56+3ibu864bNFqfw
I//WKcOabdd288S5hji7zJU/4J9vBoKHGe7mPNe2AEiuYqjsvaCdYeKtP5aT
awbiGzZTtFmbrYSNNqunSqrSouUd2AP0Qaf7dlMfcy9O+4wpSfusCSPKVbxp
VO+wMTJxo/M3iWbdDrvMH0v7m9ZZ5xhD3XB4ijGItNT1RDK8Q+wE/Sn3fV06
dHhFEGLlFCnp0mgRRuTllQtt4Et5pVQMNL8X9wf7JLLgxs3nSlZgy+hFlKt3
7PJAuRoPgav5OTwnVW3sb34uKT/+zB12jqd7uccBZnhmakJ4i5jraB88yZyo
amBvjfmXraENKR4el4KHQcnEhfZ7LYvDXpBbc2WTjvI93PhY92s4TTcehLX1
G3e9F75INfW673jbkk7sV/3x13nTdPiF29yKW149gjmnDMfFAIYzM5gItYDn
xsNxaeYdjGu5ChJs4GIV3mkXD7tpSAtCjMSxPziqjslcW+BO3XS5q631jLxx
e0+5qGFXygHlkT1TibmMr21j/hJQngQiXivE9I2vCUSphi/0KQAHWOPvLeqk
27Rs8Zo/uWlNpySei5/XEbKGsxG6LWm4UDZr4pcWqK+rWsYHR0MDbKXXkra9
12Eyo6q2ASHhtSYrMUigeG0b5GlR1xVzTb0ek+Ah9YUijw/pT+wsrcr9faei
hxD0mmOKfHLpYqBgycScQp3ESXtteGHpsMc4ikWeNVEVJilkYF0Mq7ZarKV4
SN8EoIIxz3aDOuKiQtqXa3rkX5dxN5YskYwGx2V3HaOOuHSs4PiUeokvJuaP
jnZEYXj6doKAWQXmThGbOsFPFa+e0ccghsdwmpLce/TkiaUAwJ8bdHwf/+08
assjHmTbxMOjB+m0kD4+CDtUq83IJxGUVWJYhFLCJDZUVB/AEJ9zy9d3hzak
JwoyimTLQX85YTiEQGt3hkqzzVLx8KcRyiMnrXAdg8+5GPetkWSgPFdO5fuq
pjNOFXotRDUAwEAxZ1SDpnz94OXFvx99+/Pbh69+fvr2zi/3m9Oj6bPDNwc/
rB7Pv549HAtigahJIcBB1vSwwHaYwATqDEqBPsq7LDATqOnA9zCHyxn0P3RQ
NQSSyWTSRbwQjIRtXS0NzsJfXdfG8/BofPswaOMpkBs7kQTH2DzAJyNx/KZu
m5/S23Qrvsjv7m/6Ozucuh6n27qcbutz+nd0OnVIKP+bTuDGjqc3ncTfgfUi
aBtp+rcO+UEZ2zkW8rV4w+L2n9/+eGf54u67g+u/1C/vtT8clV8+nD693/z7
4eyrB5dfH7395s6bx3dXz/4SXq3Bsa7/cn9159uvy39/+HR+8O3P39xrfvzm
wfTB8sfb9bOjd6/urv56Z/H4XvOXn3/4Qe+u6DOyQI1q2+4W88FustoyGyXG
r2+vjn5+sHx2mB28+ev99qW7b6pc/RcP6xQu/LC598XV/OWbn9vbspJYV8Iv
RF6P5Yvjt4f3d4LJBaoOU+kqf/3gz0flizs///Vh/e3t9od7zReHv8gTXjvx
jOZgfHj31eGd49tHx4eHcg8/hSElisHi5Of4C86EOGVql8zNJpCgUTY5yVL5
mVmQkuzW7YwIs/ub719JS2dBPTi494DhQhhmjPslqdjX2iKWa026K0jRbGX+
1BbqsZK8p/Zffrpuz9Nvnp89TpD1gpYkHMncDV5hgcEmPZoc8sNHkyPuaepQ
eyXwLDn7QSa2jNWZMTeqNIMR5p9WC2etC2laV8SgE7BsD0dtQoBES6i3je+V
xAnCwDYU7N0AKntP6yQUD5iN0iidn8bhjpL1QBJ+6C0/CeaYddM1h/xReEA6
BDPAgVrEXn20Olv5Wlr3ODPFsI/S4IHga4wtuA00S9oGeSAq4+2c4m6zF4OL
SeIYUFk1FqLoOcN72sE+NphyTgd0iKyIbi4UiTL0iYYHx5Un7HPiDcKxiI4G
zyV3DpYNdR0/pNL8KmuCRKv8XT5ba6rXbicPujMqbS8yIXXYnoOCXRE8HTyn
Cb7TnLHS8tqD3yC89LbIMN6svLBJSpz9wcHBhw/g7gw2EmCXkCZPP5789Aa+
XSKw5atvXXD14K77/t3d9hZDqFiZRphabTu9jdalR6oZ8Z5YYq9G+lwapjo/
L5+O9e8OTgc2UZjBwImwY4+5i4tJhggH4HI1iHPf6Q+u62SobfdAy1jnO/Yd
1Kxoi8jZH0WUlCms0AAjSaGeIb2PKx19Qd6IET8Fh9xdA9LGs3nWZsYd7h89
MJho7FxUhOriZ201fnlmOJuSpByn43dgmPmWoXg/z6WCH00YOZgV9r/pFiBa
uedWWH/Vh47lkvBt36w0GKFRjjJ9eTZKT188GQGWtqH7IUUq7EVkcUKE/vL0
paukB3aDtm1TTX5kqZ/NKGFEMd4c4DOInJjmZZ6xI3uSsihk4WPMx7J51+gZ
mAxwnygfquR+usTYV+uW0zfNfnJV3EnWttnsDRLNJeHaHXunFXCrVZFWrGnY
ocSbPEPqzEcRsqC4rlr2gJj7tmijtF0wSu6UumhyqSyMk3GVTFdsRjJoGNHL
bufa7EmBSBNA2/Vo3xdkaODLIMFsNRI/6VSwODiRgPxD8vLBs13m36c/JNYW
UqaibjThkXuu0sE4Q9+LKdURQSeTGC6K/SzydrsLIgMDMknIYhdDmSmoTyou
EZdHlowp9YcnTKBkTGhqrXk8GB8Wq+gVIkj4wGLcECuJding3BJfwNlpWPCp
xdM9Z/1ZR3RoEVVmtOLyoYDlllnuOTDRJeSH9SbKoyBZrDaCRpOe1btgtXs8
Tgf7ubGQPuORoB6cYU9WC+RnvFtJCag6LK44i5mZNLIYxm295uOzIZOeYPWh
TPb587m6TGLpvKM+qBniVSXKqhA8hB6AXeL2DigW0KP8fRsc3b9E97QrrnkW
0f7CVXOdLxaaoizlfDAWFAXvGrEBIKOLENpSACNdBDcBbmGk3Bh980WOMd70
cosbuRkId3ssvW1iQNG7AruCw5yO/7lcOjrvWVBIFSvOjBzedOpitLKaaMR1
76AbptVY0RsDNOLWg0O1rn+9Jiah4ifcpK2iLXKf9fZ7BJaaBOq8S2e8PzK4
H4ZwCzK7drWSa+O47R63jgCuxGXpC6nj+qPdqCBOkHfjBAmty+IwaLfWiobk
Cq9egddI7aSOC/Ak2Rnc73h7d6xu0tqX3KAjjAI8REet+eyKFqOdcgSGwOf6
WAkoCKFThmgDNF2gYq+QhxLCB34fv3zhOC8Xalyzk9NUSskQ6kPWMO/Flo91
pcwQg1qvWLeNild/gwxE9MljBJkgDCWggMsmL54TEX8uw3/96tWLzw8nh8nX
VYMC5cirmjwSF/UYnaKOZXdFXfr83fj6+hq5Ysvxul5YC/sENsJxmm++Ocj/
/bR4XnzzZvanh9d/Plrdnj960jxZftX8uHly78mbv756+tN3R0+K62IyoVMI
ylF19VIfmvzP6J//Wrev7yyfPfj5r0fvXtxvvj1sf3j4yxe33+Bnsh//yr6d
/3H79H8cfUX/13HLJf+T9+FfI1eouEEsFs/mg4KleRh71yAplL2S4O6AiDql
eea/j2iVn3dakhT6bsn7sQSjAQe7iKrYPsGUkwG7vpNV8Jne/VxaHPB9DgGO
EjNp6V8Zl6rEfntFKuHTYIzmzTdX0z/NcNJffffLk8NnBZ1y+fLu7BGd8vKr
Azn5bx6aa32Hn3xtvlaQS+yxYujn2wcH/KHfkd8WLRjkIf/H2/5P4G2HJ9o8
j3E9dcT1Gmdv9z0VMKegdsTV6WQRu+TTolF4Q/pfAMpLi53VerpA1I3F4Ai2
/8zXdEtoUsvJFbwFJcDVIi/jqX3GlSQX6wWUOclOYLx8xkKqWjVFQz7henwZ
q9A5GhgQLVehI/g14mMNCx7SQF12GsLRhP6/kWbvc+FvIPyitaJLS8VtB27a
cdUMuzhH2mPEbJEYxWE3xj0aJQMQOi7rrwN/4nKa4DjABkqBYLIFZkNS6qoy
dq02J11n62cOxVbSSNAyu9PDSobSqn1VEqJVM5RZ26l3Fucu6nzODeOJdZXX
mLx5zHDarYEGwRz1/q2Z9VsNHuo4mSX5Hxp4tNmJHoJ0dwiaxncKMOiZohbU
o5m29ejCgYWVE1tV1hgJRFBHiT3T6gUMgGyqzt3tIcRgCzbON+kVSZdEKrc7
CZ1fho7p2gfDWBj1bfRJemblUwvGyx9rkbPUhAflTN4Q5wvgjYQFmPLGNDB0
TNrqbT9htWoMZtAdHjuvxxXUuXLNwyJ7JxvOm5UGuPSj1OF9boG8NDRlM69s
FwtxLbEerYkJ6L8CIW6lMuIUZuMQuU3ctywS7yfaFCdL45Q1cxnw5XC5tDEJ
QNfraxN9Y8n7dgUNe4hWlG3Z0sTLO+CPEYwJZ24PuT6sbx2/lnvPZ9xzd3We
uhZqiVgjeEln+nGOtDbJBREGL63W7QKvSAZz0Ha5boiUtcXGHpa21GqASRq8
pMuQUvg1o+PR11p3zIVnjcN+5xpymEIiBZcF27ec+SyNCdjFkGj+JoSIVmG4
YlLnwfjdHp5bt6LWo48kFuACgRIAUmd2J05UWPWtL3X+WFrtp2T5f1oqbXCq
+utBBFF6DDfSna/+/jxoriT55gaPyCfQnrjFTnR0V2jUecRXv7N7sO4A/XiU
ova64vTcAN5C+11fmMt4KwmYl+nvyLr9DYmgHp2qjw078gAAocPAHOZ57KGZ
bCecUnLaDcNtMLXdpey6ohMEw7RfXAzAAv9XLj3JboDnDnvw+knp4Oy2/qRc
+gScWvLjl2F5xkCafJDXHlQ1a+2aS2/fXofbS7MvpWt6WHTLrMoP7qttV5ql
93fV2RqWQ5AvLQ5J2R++BK5hRpOwRtTRWorLsqp9ln4IHhJ05A2DsrzD2Lle
uQKoTUxpVLMiguXJ7cSTgi9T4jZ1kvEeqzlBq9B5zh4NpedVtlmQUtIzhzsJ
JYM5aTdkk6ixOv+YdXlzvknBWR6H9x/ef3Dn4EBNZxI4/kOzp39qCzbN2tcP
/7w6evvsfvPysP0BSTk///vd6f+xnf+5bef/X2WqzcoLGeGnN/z4wY+z54+e
v/zx2Q+b8Zffr37++fbBTz9uvvnT16+eHcyPvr5cfPHX2+vicn1654klaen2
+A5Wv9GN9Klpp9vy6n5nZl0CPBZLzrrVC+0+DoBr39+qm3GAZMs5zt0HHIBu
x6nPpa8nrOvCN2D4q2dihEs6Fhh3Zzw2uCRnCmXTBt2O2r+uOQv2bSii3Oah
68xpnerAqSLIENGxxaLdZqJmN5uoqP+56HSf1F0Qz6nmCKgREvQVbVVfw7FK
s+PWgZjiSRhcnEVk3TmDfJvI0HILuaAZCygAezQgwOIOXujeMyz+RoLz7z9o
2AGgtp4uaKRlkeIFHlhRoo1Lm2PXYtcAan1cu6dTnJPQOJdYLVcoNOsLMrhZ
CKnNpijUdw+QzlcNQJ2vG8HvCh8OUK9y1D/sRU2B1R8u8Tjxo7GegIwLqQBC
kQaRZLyDTuHqpPuIPcdlGQyzwHup28ZlmNj6zHCiNWeiKaSZkyoSLsZ3Ijko
yFgz+5buhzQEC+iZ6MDDEY+lVfDYPTKSvC+X9LAA+rO6RNQWHpkqI++eZk3R
mBch9ECwJiQ7FfpLVO0OEhBuSCQUmhE6b05ASLBiitl6gSbmZpxrzwotTuA6
GlrldCOA/uHiLXbA1+Ump0q4J3bVg+RAvd6Si9RunPNRgqFiaeEuifEUZgi4
hlaiiaLUN0osTMNEpSj70Btt0s6xHOrX1M/G03GK5TKfF1wLjOp7B/2yRu0L
XNCc+8eOwZdnaQiDDXBHTkO6bBKDbUAjXdkfmtPMgKM1ffBKCjfjbMhwa7T8
EZk+cDpnLTG7KQNUu93CemeWyRp5NXj1AsQBuC+8cqyTYIwTkQvSr7AQJ7m5
d7JrpPu+PPOJAZnf4fG6lO9D+fDyjINRzeDh247CVpfINYO+8yUlye6WNYph
5jVjgu8ntr9PI4JQd9NB4PSDKSVpahhKwVbIiUo25khDDLZYAbYLkoWA/8pp
YaShKNi5bqUSUMceDvJR4b/1feHUvMa8F9nsTSPHbFxaUfwZWbfT2827fmGu
Vfq6Y80XsTwXGgY9ZMCXWPXBlsB8tTQTTm6WOUxzwajxHfBu4DQSHBmy+t1W
TTeCn2L+IG3qglqxoFlGvyK1k7o75eI/TnyDyc2rsyEDvEHGa/I6zsolVNqJ
YSbwLMzpkbYw6LCQ/q3DcHyAr9mv9zreB3vV+cCLXOYmDaKSjLiM+53LCxzb
79h7I0nAzu/f21mINYVOn4s8WEQBnYlLB1aZBB2B28J0QkSSrDfCvYhfxPcy
gPJ1Ti2mDk7aF4+HwGFDBXHjsWQmmaNH1TRy7X6qhLXZeVmJoi3Xo8X3wE+3
VR8H+itnwtfi20a39LyGR1ur33Vg1Sv5+STAZhmAyIcjnTSzFVRaVhi4FcXI
wHQMC5H+AqhM64l/0vOfOQLWaw53UNEwmgy3WEgDn8diYwBcBl3G2HI3p7eL
pE+0C9zWLAH00wCYIHcgOA0bFeNIeT7ARNmooNJxWj5QRRDcIJX9yprE27Rc
gq/fXcF5dJCdrDLcsN3avKBr2wS6SdRKQIN7FpeyeciMHdP2vI+YXsUoBgzc
wr4rONZDWHWhMP1cpH+SCoI4E3cnsGCABRJYXnGioqjaYSoc6GOx0WaJ/l1W
esuKll5EY4MMjlbONqEywVq2zU1DIRJyDupabDP6RpgaXzQKd6tbbGKW6uDd
NH59DA90fm6kzd18K1d4reqLNGZhFZYXQLq2S78NcILz2RuGJtfYYmcpHF/p
7/skKOV1ikWXNHqyHRTGdKGKbSI7VDFODKxBgS4MQ0yZofhK0I3V7wUR+iLG
c8eSrISn1N4vHGnKWn1IPaQRSSfbW3WcsMAMrcLQfN0S27MUOVcREsQEO2nd
WhrM2QJkLrdsNQZjKTeqrHmcl1qVoeo48Zd1k+HTsBFPs72KyVrRSnfqhBGA
9VntXs30s9yLgKy+dQAg2Oo/iW33/pbPvOogWqHhbKk+e8QD+D4KkJ6lYxy7
nBMpotKzDGDM5BIz8cgeW6YY3ARQCfM5wzu7yvbjVIveW+8ed9ARDvBB7HvX
iFTL5Hkgq4r//9r71u42jmPb7/0rZklnLZM8AC8tyXIE3nygJTmWjy3LkhIn
PivXGBJDEhYIUBhANC3rv9+uXY+u7hlAtOxzb5KVD1mxQGAe/aiux669R1mF
En1CFHfh6ez7DOk19WiQQsU3/KX6nJ74FxKTAZXwy0X1S/hlOBza/+J3dqhe
uRv/WmA7frHxoR+5f6hAwC/pdctvZM/MRACT9DG+T8/cNtmkmOr5RZxa6nsh
AMeyKXlxbKoDTwsKHkXgF31dOR7ddw4zDYBUJ9Uf0fRzSaOXHYZd/ERAM82K
HGUC5bJGpIzftOu4a+K/6ASiS+0ykgNLy0aNzs8gsbitL8/w2vh30eIOpTF6
CF5DiRIB7yT7sFtIa3AgvvEtnDLGcH0vF0sizq5Sa6afloKpILPZoaysjVJK
janzOKlhgyHj4KVT2PmP233dMD0ujQ/7Thypc0UNF/LPWAe+ttYjMSZdZtOB
Ic5WSnhH34hhLR6JwbXaqyn0I10gDrJ9XMWcdwhRMZT7QfBprxpGmCFpMJko
6V233IhrgpTi1KkFQsOD3Ni4n7B5VNzhiYJY2TbmLXdJmkoVIqw9o09CZlBB
eE5EX2ioVdOlSpoujEu+/+Au+s2S0lWPdE4lOQUGwdmTqtBR7SxKNI3JXOjP
U0ZV6HEk4kXKbJwSD06Fl0JMBe/2hJavWE6V8RkscJe+tbgkysaZ9RQ5OQ05
vIhKyC82GSshItbVDDfHVEL1dJtsFCwdaBIkvccQjUGBHSbFL01bcYudd9hC
aBHrTfhPiT81AZvD+YIqr3Iq1atkakIwxduCX4lbnAzqV+oxZ4JogaqqIqlD
jopeiln1SERiz/12b88HP1ibyGYUM4tsZyajVGu+1qF64EQRuiNXvmE4jkrB
Ov/FyNfio1s0iD0WuMNNXfaRWDQoKeX6S0NR4OHNMMBc6HYJ+U5RsU9PwCbC
VupNfGDL0GOmF6fWxlBnmiy0yM+isceejINPSuPQHUmiHPEYIyQ5dV9CTigp
RYmXSL0urVKP5t0y3GST9yvwiAePni++hssu+MjHZfknvGn4OACXMpy0o868
0/5v/aajCebFA+Xmome4Es3IjGKH2+wmyjgs24pQDfMTSe9Ywy82ablBWbZR
grxQuYdszfFezNC/A0hXZ5kakfMa2aw31gfjr9S/RveFnIHyAgIJkuV0Aedd
g7gkauL5GPjR8PoplOebaAQhL+AC2wvpjvNr1/nAeayF17xAn6neaGFnNapo
0ESXF2OwdaiM/p5eAijsa3zE7vFvwDnJ+ad2SfgfeeBBcMQSv54bVGGSi8Qh
GuTQYCnj1J2ZSD1zRyje+FGGVPbd94QTGs7wR4Uc1s6Bp67cfpKsagW/QTjU
oodwcbmS0wPp6WhwxWYFdyZgebf7Uk62j9/eTt8pwya5e+IpYBbxBlBLo8TH
ZKeLBCb3LYJNLWS8YX09j7UGD3V8az1PQ6bi7uOkruQNUugIRNKRHddz3p3m
MnQ0YS7TQCW1uTZP7uAUVZeXBDFoluL5f9lMuH0a4zBfdG0dJcx4lWUAM/Uv
JZ6g17mibH97Xl82lm2z9bUf3LwgSRetdH0GSzQk9YxGCzZwEo0Pl2eG2XOD
xwUqAy1vB/4+RfGLaJX8caU70mKqMy7o16JpieMBq428xZ2CCbcnJaa+CQmU
o5DS/MTS4uZUstMyF6WheDhhFVlvpEMfMFk07U8MFEcqDE10v9TJTyPGPAHS
+LZuaQGM/xcVxePkxP8gF3vWrKJjZuPfDnIsreqozK5DHHC9w4toAtZtdSM7
1OK7794xP0vorgyt/0xXHQF01B1cwpcTcIzGOzh4AMFJWy0ejt9pHqzb5OW6
g6BvhxLELhpFwr5R4gerVoT27F4uN+8+FZcfghH8lhJ7Hzfn9ZspiYAf8aoY
KiY6Iw8SJB4cvkDZIOC8r0Vm8DCv7yV5MJYcP1mvFqenmhQVI+vQmHlCVbtc
YMzx1KS9QzzF4LRoZVnSLAuN3sgKXtxh18xOlXY+wVqF397wLtO0k+1O7Jhu
nmTkn/VWWfDckwHtz4azNhof2lmsE3z+GRUhKKSdSujwyu0iPUqu6ilDX9YI
DEM+joh+O3zIL7KRq3ZeNdfsZHijLKwJ3KssY20NucpJ3tmGxIjUm72xMLmz
T8MH7NOuBQ+uTntBqwfjgLWq0CK9bfqQRAth9U5Waf1gdriVIGSnfdzB5OgY
PJxM/Io717olgWIZXVnqllICLcoJnVA3bsTrBXxwbZGyAoM4Jbz43pt4L3Rf
g0y4TQaHo5l3wEcPvbtJm+aVkpBXSjweaDonaUcRw2T0Wjb6WWL4BX5OJEY8
RU+yl4GEnHsXObBb+XP8T11aHIZ0DcSWdH2yHdlNVEfW2lCwnmSoVxoW9WbP
ExqsZS0BWlLreY2TmOKWJ0Q3uvLwCzzxsL8Wokah3jjs3kBQLoZ6hOO69FYg
ldNsLVqPErcgSY6wWHyctfJtP87PnC/CjGk/EpH3ys/MpHkzRaRo6EWH8DCM
+v37d3LKtzsY3XuWWnL5wNRC4LRYRQARi04yfnhiUVjhp5Bn/jG6WWyfKCno
AQwJvjPsngzkvF6oojWLBTE5fVxYfT8axh8N/Y+k8qW9hVA0puFmQuc7+wf9
K98NENFf5QX+7CQWmWGpOykfrzSw0zQyZU/IevkYgOiY8SRTDQdNAf4DzykX
NAc8ho+eBCusPTKr7CcS2oL9dlD1CAUTWfEghS2OiAfI1sx8pTtj4joU88JL
H8MDtMLsKin6MqtY9DLQ41UsaiuoAQqXhhMi63nr079WlVDptN6aBG+4rNRB
KXyxLcES1F4zeytpfSFsvkMpiVCm5S397ltZJPHu8t1xwUQTRp51SIn0XSJr
k9S/ZAD0JWS4ydDSbdlZpIAWf2YDl4X00lybK6wYHhTZlCtZ0Od1WwSe5NTw
tht42N209aeX5XlBRvErNmoKraTJVPMAIWm/u5iTJTEp6puRSaIqy3r+ah6j
OsSw0xg7r+ElypJC6TBR41CZga6KPIQk9C1oxwZwFJxsC8KOVfNP61nbRL8M
AVOG0uKRzLV9qUCUfL7QtfGpHZUQgsVrYgPFE5VNX+chJK+vSBleELu2fJUo
JsPBkXLQivxy9gtQWus5Z6rinJFlRLtgER2xRgs92Ag008UfyLh0abhlrXF5
DeBSXXTpZO7ptufKtJppOtBZyA5L8KhzdHztFhd07W6yCIXTJDsMXJTtivrF
0tBO3oT09zvHNosBTg3NK7xIOuygI0xTJhssY+nUnBLSf4McgbzJN5pKAko4
Gw14wgDg9MjCmhaNqFLTJ9olftKUIn4PM2Hm5uO1ogVs3tRzJdo03MtHbXoy
bmdfKSCccyByvcmEehV4DFjiJhGNttVmV9P1hWcyNpqm77WEOIzyPRVSVsus
OxXnZBvuRJPTLM/AI6R+lzcezgdTD8u9JQ+fZG+8N9Xuql0KZVUa6NPtTpPR
rmIGMogSG6VgU8QPwDjf6DanJZdvB54z2Xy636sjfmIOKOJuKw1B38ayQZQh
F/Iuk4fmK+QvyDm6FOIhp76YOQ29VLal2Q0F/iodcIDVFcRpmU3c4eQKRd01
yYTS8WJHia7T7KARV2a3Onr6KHOashLuywLQdRO4WRC4WaVdojqII8GR5Yla
ytVT/to87A7eyIbA3t3OXB5iRV+9EDHw+BKdZYDQtRhgoY3jQgQNpgJSnfPQ
B3TzpdQeIrt0TPnaDI1rb/U7K6+qjS3PTaldkTsUiq1enQGwIBaQNGo3gCnj
qR04bXG2nhIpStxHdbJ7gqk8rhOpHCe9ywgtj8m6liLFYtqRW9qhIHZoPy4/
29QuY2LrLU2N1ALSkDP/SVrTruP/sNi8yYveuFe5UsRPyPbCvNgn7MU+l4vk
+Yi3tze7shbLdciQiwnkDq/ymfksC5Z9dSvRUklyYA5SjnZTDLRfhI0oSZHb
PtXXM+pQLRO6M4cDsiFXN3RWYZ+YLpiWlyk+9rBWOMW6Dy/zCadqN4OKzre4
eK7oqW5NpQJY0AXJPDMo9GyxmAxuVZrAdMvKTAuMX7h5ErTKk6AquLZAJpZh
ohRguJKcknFIS3pLVqWHW8onTly8LvOskXi2KY8XxH5Dsj59/kIpd0eshxYA
lQH3IPNjFUZkReseAjkos7CJVWmX39xDv7U//iYN9r3t8v9uhf93K/w/QCv8
P2kfu6qpFJpMvr39pbSd6ZHdERFLSISBAVCVwyT8mtB9sx2Cp/GvNM4yYDmP
QPXItmf1HTc6JNjE29uuqXVbZSSrGnOOBZuzlSNe9zJrKW+I39uGafS65N5l
kYP8I27HJTZ//X6SxwCOlaDeVCC/4NbbGDyjw2mIHw4C+tpOGHxHrP+WQxC/
kYqKmSDiVTE6+8ENHeOgLaNn3Lx8iSP0/j5j47W9/IhnHYqdM0EcDefZpyKd
QcLVVg5hK13AO/j9LnfgCX5ARoep/VvX7asNXNEHyRGJIcPuWjQ35c5PBqDm
l3B0B8QZsTgNnFEmWx4demSM9vYYxycowikBEok3eLra39sThUge0E67IRtt
zeWoC6NSl9LYOlBKY/8pGGXHrLo6jgZ7NG1WpyNwI7cjDPmIObjpeyPPYjve
98/UcF9aIUXOwcliKb+odoTKqc0+52dAkRTAOgW0aftywTGpyURquI3RrgYg
0kCO1RkK/RcXRbdSRxibMsFvHggab1Me5NZFYYV32kXoAlTx33VxV65ojt1H
8TKaQ+/BfgxS6lGWt2c3/Xgfq0mFhBhMcRwNaVxGrCrkVYsTBEZ+oK/hZpYB
rHF8U+pFVtG+LdyCCCDe8jprUOdFXJIM0GhvoBm4OcmALfzN+T/hKHSPKVgw
egLGnqAIgOuKosejZCLN2YKtTVzPlgY1ioGBpISyV0eVottOf467Zzx2lGhh
CBh2sBsarmcp8MHNPfpzlWTsrlrEHkkvlHdjrLxYRocALwMudr6HolGTYIfF
bnG/WMNnImzwy4NHoWRtsKXhGRgKoRwb2MLGWdmnSupauRKUMrLlh0e1HWVW
HB8MUC+em9dE/8uKDb1cTt2E0ineMtcgFQgH1XF98gprkv6ZrzrmiWDkOVss
pu1z7wlrIakAaVXJJNerHWxiLgCPzR7GKzx//PCbr79+/PTR40fY6BoPjPlW
MF00enGHnJo5bfbP9rGEJWAY73ZY/1IJa8gJCBF8w2jFHbI+odwoz3dq1UQa
Q8hlNszuR9vk2gxIvrnx2pkpZOpKOt1BXLip1tGvOkUv7zwVSyrVk4x9Udey
QWaFgIk363rOp/bk/ct4pb77DbTiBtLsf5OCPywcm0U5CudKjIKNZ/26Cd5O
DQC9VJP0sliifpMrDa2dz5Sx7X9d7S/v5yHfAggSy0+9Lsq4QoblijSc4+1G
QrxPUmvT3IDEaYfOmuqpxW/bYZWvEhj+j9rCfcH+bAukM7YfiKZ0LHNHUHku
l8QL4kRy8JuViZ9oWZedA5LdaZKmNp9oS867MiRA5y/NnvTrxSkB9UP8M7XK
J6pdlEU9qQKnw44Z34fUejmn4pZj1mgaKR3LjVzlZALA6Vs1uNPV2tJ9F9J0
5TrZXDgqhyTy1KXgA7L+yyYHd/jSaWt6NHNKy6FtdKuZ568P9etD9hORGzyE
X3X0JHAAxlIOPAmXNwpAphwh2cWxTf1KDLkT3H/CSM6cumZod8m1Rvj7Ppn3
IN/RP3mxdt7+8Yt+I9jLSo74JID0y7tcH5VELEhWd8KdJvRsWtmZbruJCaCP
iVwBslFzrh3Ik8hmalDcobHgC65PuFJ3RAd6mc0aB+bLYFRudObhwuoVmYiH
A9awzcUfVK6vOIy7+TH1rOTKt6p3EtDkBycL8QX0SGGR7qSDcpD8M7kKFecI
w7qsr+aprMNsXEOLUbEzqVJPY0e5AJtj+0q832HyboJ4N7/Kt/FOftBDOpqK
pJBi0vDOD+HM+aOGKp7V0QwtPlwwe97okWdOqS6KR2r23t7WnUf8Oyq8QmE2
M7SQ2UvXrPgrbY/AaY/rFcjukP06X1zyhouGdDrPHF1K9gL2OldOB3dlkPyG
/OIqyZVejhgHrQJA9lNdN972IXE2g3ChWV6ndmaopuXEZ7SIubg7YvPt8i5Z
YaTFARA9ySsT/HOIXo2/guRw4gM42o2SW51PC2IFwhfPF+gps2+tFoE+40sJ
uRA0GgiDphtUCp9xsKtoQUAqgAVt3WvcrtVmj6njj+7EnDbTjzEdKLN2EdCc
rdX4pQRfneSXcIc1QqtG0Lmr+lqFSJxRopNGnxXE8/H8lwvPeD9xBsupglHd
9mR6OWN0dWYpT2hrEiQCWyGJFLeLypZ2dby+FjZsVS4Q9ovUAOcQggXp6Dvn
IqAGGfKmU9TGdc+dUzljtAnbk3GxBZBCrc5vRImncOoOFVwwKrh+IrgbP0hO
CreFEo4szwvqE7EeeYrAhy9EvvHtbTSRaILsnUtzEqrXRCnEO92M1xXXKxT5
Md6+27r0DeknuZC4kThr6DWiJRNR0FqUirnEHcKJFmEDukm0U2IivWbL4AMD
DCScJxMVaNFloeqSXs5L6cv7RL1CLurV8fEqh3hnhvc0jA4lGXSpjZheDNqd
jfOUxe9IjAJkTynM1oPLLMFDR8vjE/WZo0CuZ81p8mO3zgdo+D4lNs+aY55o
MHPaPRIg7FMvFo8P/6CHvRQrME5PoPVicmByLGIa62zMMPVo5xW7JomnRsXI
APYBs5/w5nTQ4JZxX1KnggTP+fPjTZf1m2gs09cT5a8wnKyow8wlwQbBtQio
nmfW75w0Uj6sT3+ANhG6fjS02tkUh5B26LSlLP7enpt31EzLjLl+zns8y5LP
15gL+gPXQaZzy1Br0gp5MkryMEpPLuQsKW2n3UHQtm07+vK8z6izjpkZJU8V
ABpEtzhgN+d0uiSYoIvE+c8fp6DQRAvNWcKW/lhjXPq6gsEUTTS2ArOEELX1
ZvNz8I7m7PMgMc5xsZGUI5J4BXktKcZJmWI5nd14ldkaRNApjpW1gnQ3r6Ws
O9dsXG6shKh6xRkzYhdZnjX2m5qsCsbzgzEye3vPlDuscic4rbLvXKO3FIAM
Zb1w0VXYSa62NHmyylZPfAiIX7l0wxiN2QoDa1wPU6+MuviGtrqCZsc25duY
ffhUClRVVqCCfzIKIa4os24pMdtn3KqdBNyDgaJqa1rux3QsKieYPOhpHQ/C
3cNwZz9eEItSEgk1WIyy2oDaV3fn/bSgD+lmdLLd3c8GARhHpicXO+l+3g1F
hWiM50tea6q811xm5ZEgag1uNVHS5bYxXm1BKvWUBQdoNCFqdK/ZLee/FuXN
CZDw1A11SM/Ex4N0ryefQE7sknyBr8ngseW0pZa7dr18w3hHw1q7Soc+3HTZ
/wAQvdQSy5yE7yhwIF/bSHvMLYnOO7bU11YR64487SwkqxoT6aw0LyAJc+gz
Jz/Eir7Rrl3/wIGCi2szR04LIuHe/r1dpfJNv2P/RH02KRQ1s+nZlNtE6MJI
degs9rwAPzLxStjeHMa9KTZkj/jw94BfW8eYUN4sBhfxaIiBw0xR/mXavoGy
jmQzbo2q/f396l3KmGibUa04wZO08in7Ikk0SyQdRvPaTY3wRavOReeaWNbE
KJ6LHN1gjm5WRTiaW6oyT6qQu86Saxdxx08pQwNytqGe7hPJu6BQ+74HjKal
jcuxRcJN+pZaIUajWbhYyCmlD8PXLhTDT8ABv1b74MdQlC+JG44moTJXAeAI
inVTENVnZ6bUp6w0sIHGEasgh6p3WkXsWgINLCAIuCHSmtm7cX0XCcJsyLku
Dg4ICqL4l6S/nU+MFj94QK/Trjt0OGyTBz8hJqkgxMm2PLAsEtO9JDrF5Qbm
olzAbiqd9njKd04T6xQ3JMbAxySbMhu3WErSpk9Z/hBefe0huSFRZrIiITGr
2G5Usy4yFIDkmk40t71eBx5xewNr4pJ+tV7Y7u8gNre39/jikvoPET4igX/q
nm7W1JwAMXOu2T4rZSoFa0ki5gjR4UeNe20n66juhqzvnIULtWcZJNZ4SDuR
RhKDSI05+MxNzTGhuTIr1ni4HjhpWMXRCP8Xgz000cn9AfSeKhLGe6XFcNFm
2yjxMjeu0ylqlSmeCJ7elY5E7qmbuOYIRwZ32JMXIdxWMNpG4XkZWr5go1ZL
El9pOU9MHGUQB9ne5xTD4O8gr64A6JElaFXRPbygFui25F7O3UiakNVVWkBy
0D5+/mwEnrmEr42Oknl1YOy2U0BjKiW9ZUf8DouDjnshouPEppV8/R7/UmRv
Uwotcy7ZuBa4kXFCOI9d9X61CAZ8IxDOYjZcruMuXA4/Ra218il/eOYIv1So
XFXBQ2b0d+Rb1f/+Y3VnkA0JOwupKxKvLddwTqMGb6ynllxHn8r6JxBWu98n
rPagI6wGJbUkrAadtX8Lq/1jo8kNaR3HKqF/ZX1l+8jhfN8P8t107yAv2tE4
e/2Xnz69vvP04PLeV68ffD25237/5R+OSZ1v+fTOTy8/ufzLvdnj++23r//2
t38hiTP2O0wjnQwJbWn2/Vy+PftGbhAPQ2HtRBBUW5AcsFKCTyk4l79L1eAE
EJQ0lwDvrMEoYSF6kRB8n8yUe/uIQtZkCYI51hBK9ldCWKrRwG9QMYW+wwN9
fJo0i6GqctdZuDrikkh0we468Be69enhnDkHWyg4VcV4kw8I9qfFQkatq96S
8EKEMX/s9Vqrt7dz/VYBlisKDD4yketUjvldcCMAJuR9WVfRFaAZi+aXE2ur
hYgn7+t9ifnleD2dTQohWCmAgkiOerICuAcOOQXs1byYq08E3JN6KkuPMK8S
UiLiqdHEtJmfvmzeTPk5VCNW3hbA6FXPGCpA7ibIKEYDl6WPw+LK5bExLkjK
5OBhJkK+5Jbkvcqfpxyxc3UlqVxoYgmxQlLLha7GaXwmN6bKBIisLy3R+DpL
MH7VF1KKDfDFKSV7UVOCpVleC748+Xd0ZBoor9BnaZmIWxvso4c7FMYcIG03
+au4JL0UfoWkRatKX1YlqsjCUIgfA+0dr0XEOeGBG6VdJAbjVaJjNl9EE3Yi
gEpGYl0MPKi+qALTKkhlh2o2ZXL4OeCh2fMxLuqJSuCIyAqG5iiRxqTaCmeT
ANCwjBZhoxCZpfzFQDr5pPrYxNByRnoWiIm4yj+OTyBLc5MCj2DzhkkZr9Bv
ClAJVETNkASKSLesoZ6WqSg/1X5gQBtxyaRTgKOlN8O2u6oTKSosFGf404YU
0SfTK7ZLAJ9rfd6Ejk0PLSk4mAz+tspvVYKBtgHiPEqfhDPGy/rSVS0HNfK4
AwglKBSokoWU7L9MSSpfMnmulNUprR2N8ZTIY2bXrHCeTM2kaU+Wcbgo+RzN
Dcjm6ZJgczLB7bUCRjoST8Ja2lt31cIguGnIHEuWFQPaeXsgaS8a44Uq68tz
CtopjWwWD8wypGS1m7LALFFg+UhVIlvMtWjuINu5vUV+QSlECrXx8t3Iw0mE
S4Mbvc5Sz5wLMxSmcFpU0kX3hEzfVBg1BdA0yNY6sJZY7caDm3ZG+pEMT2IC
FIVtoREKlT1j6shWDYBEay/1vgsewKS1wtIFYmdn+cciSFFUytX+Aj/eIa7K
tMM7XI6c5LGrYVWioUblNtgf2UJkBTyVJ7JiJUjZpcDrdFUzRoUiRynGMbBd
LQIMFTOztpkAhYkLdHiwMkGJLmWwadK7Y9IEPaKluxQC3OG8OVusmI4uWPkY
i0PGb0hs4vTz02kzm4CGMF1SjtpW90qCefLaUFksAjiA1pAMIKEFrgeJoluk
6Bj5kbl5VlAmMyfZayyQQZ//k1D//YuKqvzI2PRZ0rj1uFjFV6As5xBTy+R6
IvPu8np0HXKxgR48YyZpdPhF3zUnXVJ5MXlPAl7oKLzzFHxJHlDJ+Dg9mXKl
ygQL21RyDfBdLuwuSE/e+/jeu3fR09mqKGiezHgURokW9TiGM009FyK/MWhM
jD9EfqOp7KV3Z4TEQlgLOv4rd9UyXSJjhZEBdafMD2y3S29TOSXRgNZwey+n
0J4dPc8dWr4ADhUv+3K62bMlA93r2273aQc5pipUVc5HvK37qsMABuFrrOV+
9xwAJO3vM10NHW1eM2R2Drm28qohA0Wa3FyNEFbKDpqQHIil/JmeR1cAGjTE
UlDScScdJJ6pAf/cgG7ZpYCfU5dCZIuFT4aMK8DHEIJZMk/tijLj3eVhRJWM
ptNt0uarSshhWG+0YK/pxjEGaOlz3NFu2Lp9EWxbcdr/wd0H91MDXXwoqrTS
h8KZyqmGNuj7cizfu7y4MpTkPz3dpaF5jrQARHZC3Wy9p/7NnnHbS40D+tmS
wWL9HphxxokgZJl67XCqFTxSk+WbuEc5RhJGbLkERjDfFfmru6nXTUAqRo5p
keloMec23YFiaUOWlMgDKBsw0c8g1cscG86pihx1DVhpYDeut5tZUWF8ElYy
Wo6X6+MZkSCNL9ftedMn6BrN2g/KpzeWVuoHH9+RRTYFA1yppEPvrtq0UkpJ
1pBBEmpA3kxr4u135DauYJAF/NsVZ3WOiCp3q6qstt9nLJl27IF0bRQYO2GB
XjqgeYJlNS8bKoS8YSDUSll5la2XTzi8Bw/ap3f+wC3wVMppm5M1Lg1MyUQJ
+pkrDkf1MyMuNKPoDupt70hF2x4F3uwkH6id2SbV6577fSe1zcQND+qe2/KS
4WxmqApEMB9OiWbcaUP3OFz9hxTzGghibacL8N6V57R9Swe/7lxBY8oIQTSC
WPTXYIiyLh3M3Aud24fZ3Ar/His7fybxEhHvcdog9V+Q12/r42xRz8xPMTda
IYA1ssjWc81frQMJdonkjHjtPGra7aAKJogdS/CpdAibkQe4V9MGQHNBvCjP
Q8F2iZJJSF2Kq4XXriubLbhiCJBcEZJzGFs55rCNmsh2igGuZE8VRL14ieYo
eWd5sEyLeMjfwEfxXyq9PWXYTCBwlxSm4XDJOA/RVIc103kiP1ak8Zsjd7VA
XvaeEKqZYTYOns7QL2ay6zACSnKeBLYYiFR11YENIIpscUMKLPwVayn0vCe9
TQJOQjr0Skj/KgHp0CMgXX2AfDQ1GF2IfDS8yhuKR4et4tHVjaSjw/uko/mr
W5Wjw/uVoy170CMbzU/QL0prHeDIl22YF47pQ2fxoq8pnlExvtZTvV9iXeTD
PwgRU8IlmvfCXSfRwKINaCuYIkurSabOtVikY1qz0DCUDEwhMxf81i37tMS7
SeoPcVQWSxN9OGGAEUm0LLlvzkI7XuLUgEVrRcQUff+vfMfmIpihRhOXWGqC
d0jKmWOWIo0dNiSnD+Pim64MsUXLcjVdrVeppxA5HVXYpSFR7yslzWpLZ68y
yZJBlns4jSsuPkh8igX61Wki0srFsnIKIKlhIlcT0bw9ixvZp2sgKjea2ys+
EIstEWyZ0TvJdzbEhInsnyI16/IJjnHES67zbmMkmrJ2+zEbWPaNVjivnv08
9ZudFTzyrey3C1pIU0rJruoLiGEjXb8yTmMJi9IUccgp/o27tbrl3C6i3YiI
Wr4Bp8DFMcwMJgsoQVgPFtNgRcTshXmQglsbdLRw2jDtC7aWRtbJL8dnUHgq
61FMnXTzex9Cg7zFYiLbR45x3j7zRR4z2Z+nUE5cnZPFu5bipxQxrtL3g+5G
PlbInSMugdXwfHEiw41U+ylDuSrtnuR9DsRSUeftzONONs+73R1FrPD5St7N
RyD3oohIN+OeISsfWOYQr0e/3duzgVA/JhV29vbM0tF3IU/YDEL6wpCyHDPo
y3BmVUeHFyItiulJOU9XdRvac3R5iewiO+wglNIKXcUUPdohpe7sWX1JIfHx
+uzsmtzti5oItBaQSqLXADQSZXNeldHwzwhA4B9gQApYVyyBLOfxkgtap6gZ
rHg6YJ1WnfJpdGSZCNpMGyuq0c4hUKa2CbjC2xI63D0ccWLX+FSPfs707Hy4
nNKqT7fkTFBCwYmctHQKchZvFjf4jLdR0BLdqCrqKrlhZY+8O+UhbZtFMWrL
RsS9tACXCoA8nVJ0dF3GAqrFk1lrEdwLYjewkAZTK7Ey1AB36jCWZ/vBJtZ7
73WipbGFO+xUJHdDhs0FA8cNpbIk6gqPteJ5M6dFnkQngegokPoJuZs1pUnh
sGwlMArMKoWFMVSgP6RSa8ow7YejgjKIw0rlkRtI6dJVkSvuwOdknI6Y28HJ
HMJeJXjP5fQnahS05W6tqeQ6G4xRN2UqR7LZ0RcFstokuHVwH8XDcZUI+7WO
lPWe5lpJtIpgJRIzchEi1dorLDFO00Zj5TS+Mv+Mo93rUJ+oaJ4rxGnioC8C
9c6+NFkmyJU9kA8DlEbe8QUcN3bVhZKmb2A7T1o5+9UjMx+mmUrVOyNJKxT9
ROevXcgQJprwFmqppViqNNjGjcwkHHGYv7lIRJj6+fD4eriQz5E3UlIRrjW7
FbzJMacF4tVUgqGmvGTUfJEvgYFTVhxUKTIPaa0XNlYEqpjbHw0/KbEl+1Vv
GFJyFRB3KXicqlNiP4ybEfCpOvmkpGB8KSlmE3qkBmJu6OU/06iT78S2N6WQ
KrrawPmgQcKypCqVbs5hbOo/pGSWYiTKdFZfskoi4qw8txK4fuKMQd71hqk7
us3W3Kng1Z9hjUWvUt1m9W0e/0QyJBL3fNWccZ4yfnc41e96HgCZjDpatHq1
iq8fndzp/HS2JksJb5skKMUK0D7LLhZtV8jKLHVL9WpNjMVHMru1QgKM3TzD
LkLTmLzR9B4UclOmZ0kuCHqT4NeyIWIvuU1VNOKVewPOkzg4A4LsiQ1exOWD
ThY+zVaWccK9pYBM/RILegKkoFFdXiJ3wRCs5eIYrTDNaSM05/Xy5HxKc0O8
MIPUpKPa4GApXbQi3hzfVRcTWu8qKyh3PVe5kDR2xpcZyjvOmrORy+7rMZFc
WERDsKwrw/dowzQKNOjHsYbhltH06ozoCmOal9ycoyjPo0axDz4zB4vzcHFD
ymBCKvQ8WqxXuNLxrG6JkGUyjdMosFEUKGkyltNjpK8WzCFCh4W0WJPhtokb
6tLDGIwv10vqwLBeLSYUPSGoa3SNx/B9Cbu3GgQ0uwAdd0VnPv6LfiV91L5p
RgCQlOIdM/rIR1VZ5YRz5s3Q8ryueHwlMQrn0OgwVedcNtfcvCqs255q9CC8
Dx/po8zT6E0YCb4+EeJSzo7oBq0AcZMjfFXPXuFcL9MqlCyg3SPLRXrfilWa
fBBdruL48rYZpr0ECGEDwEQQPW4RrTQZxOEprUKshsUMKwN7xK3sSoZPFyj8
Xi7wDCS1dpWcFGDK3AhJ3DsyluV58iu6jo6Nlnk83KZi8ariF1Jv50RQ1uhZ
b+O6999TRE+yOaezlI2kYUmNEGIc1Mv6ifzClvoPrvkZ2oYoz+Kl6BO+p6kf
DwKf/Sv5g3wX85m+tX8rcXvApfBnBAWJwVPyiWWWrLBgx/wJi3CQmNEWMxaS
4O9wLrBeXtvBiCzJSjE+SoioWjncIxh22qbJXHAo+fRW5nb3q4ci/MSzymQn
sJdhVq81XmU0UW0ZsmqFcQZDYLEAFRGelnkoFNX5vH2iHjVx60T7/jT+/bmM
zWM3Nm9vd0aj2EXsIQkDnV4VR2UGRXENgDE6kDrSlSMMopyPLbdrgl/FJcKx
yXRVxpqkwurrLmeCjEt3LOID7EgbCQX5e5EbXRmyJUnVxUmqZRw1AFPrNeB/
oaYdJ9rAOq0/AuxRZPOxkByIponmLV7sktF5vcvT4jyE6yg70KvHWzJjBj8w
XUVUAxczWhqn67l4IDgpgWnJaZUPKT8ypAJVepeV54ifQl9AQjQGLVmtarUY
pm/uYIUsToegGMFt5IP4frsU/sVVp4PAC0bDuXlDxx4x4enOb9enpzFWZXcd
DeTTpModuJNF1g9tiVW2upIBJesSn3B5Qk7s6bKh/JbaTisNaCxkCfjsZuIj
EktHVUdXrZmvvKOC/ZdEknomJa6iZ0ucYUYYZ1Rrddhoi6TCZI3JGyc99C4y
FB05uahr51BDBU19kcxDwyw/hcfLSGEvriOZtu+YZ5+5EDQBDkY7DZa09MTZ
OsqsrC8uapWP60Q2SHqGPhzbfvWiT4IeB4202KQZx90kmbng7U1w/zlCQryb
utFs+riN/uV5QxmGRz54FxH1Hr5aEMsydOHevQfv3inJrMAyPj34BBUonggk
21osTaBp+2tLeJm8AWSkUbvWUGI0cFGDztczvyMUJdKFkpWN3fyUtWqblatU
6c8Ap8yqFc6b/sBudGIVWMXjc54YjPJkTJkjFS9C16ypqif+O3YFOhp45LG+
gdfJ3WM4711mVnQ1Cyowut9D9Nw8NM8geHmKshWHHW0ZPbYxOAziIiQ/jIqt
uuo1U5PYky0pXTjeGuxQqgT2VPn3Mgph5lA4YWsk5IiO6dG7hJQod5Rlumxs
ND2bk3Mh2cuV0DIeQ4m5IZ83cgzf26WOnYnKc75bub54aaxJvvspNc1upXBV
wmm/hyGvpgEL3WcU8l5BbVbn4vjS2qQSlwY0Cx35VTipL1vlewPkW8iNkPe9
rE2XpZeslnBcy+kJioWLir1cKLOixhr9KvEGPduWHF+0BPbipjlbne8pdWje
IiZaAvHie8fkPMcvku7OfMjthfF28+tgxUxuV/zYNba7+cRCAjFcD8tRuwhd
YW12O+Nd0D1VyQModEYmqpf6ZkfTSLQJ5MXVNWvHzOtwGf8vxm/B/cUR3jWe
e9zlVhlhuZmKuNzH5ebyYiWEu1VmY8Xn23JPNnGUUXrA5gh9ZGLu9rTd0m2z
yui5JdskiVuh5LayED5OSpPGz6dMjBsSu+UB0Ent0oPI95GosnqybhLAkWie
c7IxpVBgQs7p2Vy7Bf4rDvHzBReVuLRftmX69ssOoUWmnEGBEHIrnr+XMOEI
jAENYPC08Wx8pDbG1Fhx4k2XwcMqyZE2Vxc/auUNQIft8F+KVKUDkevxEuu/
ouJ73nb0Zpp1GVTjH69etT/EqI7rsKrryyUw3Lq8YvLfwSfvyG3AtAGJ2WYi
5PzUhhtnifM0C1OHZS9F9GCYGYDiD5mRJMeryz3e8Zv42+Fny0WMvB/ZVktC
8G2laUVAo4u2pvkibvv4U8Vi+NSBgg96FmdKqPiUEthgpBAVEkTT0iBxjV4S
z2vOKEyu+5CiXIY1N9pOlEYchbExZ9N/kDLzmBu83e1lB1qlMV6BBKkQd032
qz8J3I31qBJUcj2d1FzdA2714IA8NxZV5+FOjs0XVD990iKWdvhlm+jQRUb1
YoOKdI7W20xV6+XVIgFYLIHJKWq+Rtwyq2bIS4x0KNOEMhqQjBcTxBYPNELx
Ct5mXDr6ChK4SKLQEcyWJTbuslvPAehy6bjEbFdfpNJWylkG9t8S86bHORB1
ioT92t4NFmEgHttzrirRG5Uvowy2K0cQs6rOZotj1CvX8+nrteS7XOyUKj3H
4FPgqnDPdKpkgx4K5D5NmhhYrUiXMOiOT3JohThozxWZd85V+w670CT7jidK
cttSl5G2D4OXPD/PJU/ANTJG3zWO7swidetr7T6qToTHHbHp16nKBJHzVUqT
1qDsncuwAKEe9+tJF+Z81DdcTBbm8IPRXkxmTdGowb3fqZYSjxPRdRYKgu6V
FXm1MKcfB6UErwM2Iljui2OGNOG9rOJ3ieZSLhsL3zOn9pA+/jHB+t0cMvqK
BBOmxzPxN0XDXZ6VWuZpgeZyxqlSz6zcSr89Ee5vkTlBqlbui4dlZk/rAcwv
monHoymQHHW+YE4vMYwXGPqvk99+Bt16uqsy6OEaeY3fTeRDN4dvb1s6wL4w
dJP8rmz/TCSkQte4dYupcljIyvZF5Axpla1wPkpiCnWFJ5hzvB4fHEnHYIyT
LFhzssDarOQlgR7bcFt1cQWxF9ptecso76wbmlF1xLw4n/u1Cv6UubMNfLZQ
bgwJl9zgdIyCwq2FksNYVgrhr0Tmt28S1GxPgLIYhVo26MCeJNuuCdOMNDJ3
UfW8ep7ryMahgBfCLmalRST9OYUWBH7alVrgjj96JZfaNFQTYsiGrQjqqX7t
WqTQbeRmLG9l5wZxA0uLRp6xs6y2VKbkfY1ofj2fTeevpKypBZzauN0V/ocO
a3SGaCNu0GbouJL1j9zLCY5ZOuhJkI6avKrTBv54XL5q7y7rKcgiw85iqRly
+3DXZtHa8NtBEu3Q5cHaD4JpSHFujMnp5HYu9GWztNUrCVBwL2KlXUi78BBQ
iqC9fwTnRA+x9KTgvbPBOszhxCDSkYxrYLwUU9hgIQ4qwxyfrmks+PuZhkf1
5mNdDqCaKCNuT+D/PiumUDj1g21NYXH4U9Hu6NKfz+rrGUKChOsL7J5weDZ2
mRhVpwRVq2E4ioyeHEMc0THrhWafFPxNC/143RLiodUUSIfFgrWew0kD4k3o
gTHMinJX0lIjGmempNARXdkPxNb9/EVHdMGleQFj8MfcRVPTOIx4Hhlw2RMw
N+JVkekqWyUcwgAbyOYEPS4X2jlwsa3jgNNm7AaFopNPZR+5I5cb+zTSfU8v
CryrJ0dPj/o6yDjoeZaKV89dz2x53nI/rTKtJ4JwCXtvlRe7FYwmgupmT+PH
o07ze/yD/aL6c1ufNdVXguUa9TfGx188ZIWOh1x0j5t5VD15/PLz+JcXGYXA
I3n0nRbN9+5lBlW3+tD3kJPtD8hZCVV9/d2eDLAPa+KLD/bs6HnlumWT65N5
ZB3mgDZRdgTX+UDvMDPAnGB2uWm3Su20GY+AzhaHEtSsqCXpkhbiNtaxmq50
6nIlI+eMeCTd4S+pO/ztbVA++eu9C9t620UXdDMnFZQ6/L4xAtuBJ1MpuiHn
W+Er+6khPVWVcR5QuBMfiLaaLXzn6fc0xJMKKz1mRieyhEveLC9JHq6somRc
G7uJYC/5xNSJ1YgwkTwDZ7W5ACRnpJQi4zzCMkgahst9T04dwUt4zwtQgl7f
PhX7+ByUIhx9Uc+q48asCH9b8b9fvvjmafVdcyyn1ENKKf42a9R7xcIk4cNi
z4/t80fCAYWd/ty00/JaeuI8rlvD21aczBuk/IfCvx38upu1OMoIlg4zMiXj
IhLBGtU80pwpcxeBcVz4i/Z/d0Mpvc/u5OCxfZKFkM9VA/u3nyVMWdx/+Vu2
RoWt4tP79++Ag6pjxmlKs8l8uX3+ePb2qxcUZQnblXL/1WWPuJGZ9DINMkiX
x8NUAa0f/aNWvd2s4dSpawDDYowEkr7ga5ysl0tOc+Q0QNy4l0YMUNvfaykU
V3ZLYTsb0G9fC9n1Q3H9zmLgZD0vBnuI4nDfThLkf5gtns+YhwAQkJM6ATw6
Zhrq3MwD7mmECkYbsAp1SIR0cH6/mUtsTH7WthFD/A6+YOfqYeOMMTXEr5+x
hDj/kAnrUkcIt5GSR/RSR/x+s7IVIq9VnYtFqWk2rec1zpKOqNnLDe5A33V0
Bjj04C8E/4Vp4ljbQTWXgzTKzPfSXI8HofMHLlbRT6IHWeuPT6aXoCnm5IyI
p6Z+LDhhPe/3TgnlJLUUOm/lW92j75Qx3qCgS3hjyG2Scb8QIZow/j//fTT8
vh7+fDB88MP+aPj3//yPMZO3wY9gm3LnE0IACUHb9XxV/8RfEU0dSnWmGjCc
OMm8VvynuDnw4yEztZHwE6dXe140xoNPWYxmSZrSRNxpfG5UGVPHENUYtA3P
GbuXFZL9WqCk/shl+9W35bGi4QjIHyyWE2CoJgl94i9zWl9MZ9eaQlMKP4wm
Sutd0jmkgThJmvIeeuPN7x/Ci3N0ajooDgYVCpuUf+lZ0mcEEZO+ritQbmSb
0d6O/kGNSRS0a9pGqYg5B4qdE+OmW6nvr7ybs2HC7ppv/edimgQsxqGbyjW1
MZJqJl25vdU5uFUwOIf52CdErzwdvOfhcFgd1yevQCeNjMIw/p8qQFQ7T+PQ
PmWw8Jtmlzim7zRDybyowRBNt5+iFzR7xf0M+trcpJ7abLiFQHPAeBCEkYrU
8MSPG0Q3JM6yxH0m9KbFu+lstubT540kVUWqcq7v4ruT2n1ksfjYiablpElE
vcxtWC5kzvwLRvaaFtiaZKvC8bXTSY6+vk/mv5otT4b1NJFtUzzoq0f0nOTM
BxYaYs+88yJSkDRdPSNXiWe0EKOT1dG2BZoTHXdBsxMJOJRrDXh9Wa/OR+wB
QjrNDXUokUAlXuspGgHPWDS2xWJKMAoADjNI9SGDGQpAqL2E16YX5Nl+eIHr
36X3VklJfNlabhUTyzhVzHXNeGlBEwdAjMkqnMRzZDldjHqkPQYIZeMBT9Hu
mDrAm3HYGfcJXox3mXF0foKs+7d3K5V6UCfmnOC/j58/C4zM0DEY30QqQDVt
8doHo+oIj/pEV9vO8XWKKHc5A2vtCtSJjHUs9G5iWyirjNStrVmfQ42W6rsn
X794TNb2xbMnn3/+2L63axg2Gg6Iu3j8EFD2srzqeWADubwuckskRVJRp8FA
sipbd8Wo1CFY2Qtq3ZEXoUkZyNOJan2qk0wmudfM6wOkK5dcVqlX9qaHOuBA
Mq9UtcpKc7pIqRRdUOHZZH08Sp3eYtz8/CA/pnx6BVWdY6brZensSLZQYYVk
JJ7rOsyWIfrVoKo5+TFaEAba8Fr8j08ODvZZI8X6iiBXsknbhMU6ctESVlGJ
N6/FNKQNwDijuA8gPfLt3X2VtHhGzyPiPXZk+WcyYZCyry3d8Gg2y97TduHE
bgMBQHp3QmHY27uaEZ0dfLTIZdydpb8OSjfL+UiGYSQfj+x2t1SchnJhP0C4
hqVWPr4zvPuxk1rRsSNHP6m93KpPluU94keji9NaX6MAQJIAy8GBV/IQMNbO
OBcQif4wFK0YyrkSdlelAs2xN4EzemA4gX+bLN9Hread/MqjWbixdM6vEM55
v2zOBtGcD5TM+SDBHJHL6RfL6ZfK+WChnHd8t//xse7V0nrfmKdojvV07L9v
0TY+OLg1iD9Fhunkmj7984tHtyD7w/I/f+f1e6SKwIBlG22ydqGol3izI9OY
+5RNnPNZaFXpCHuMP0BEB/XMnNcrXefq208v7331xfyvD76eHHz1+sv7m6WE
ssP9jp0Xw8+QIpCcqDhm/uwgx6i5yDBcP2tcMjG1Rz4YlSaV+cIxpqmwnTvn
ACBAFW+nUzraHUiLXJwFgnJvlWpXuQCRMs4zH7xU5djWhoPoHQ2q5uR8oRhm
3H5L04DIl+d1s/dWRVUJ7Z9F+OygT/jsbkf4DEpnSfgMOmj/Fj77xxY+G/y/
m4Gtdn3bTPwG256Lu5Vqawffn3zz8Jvn3z/92/Xw0XeXr1/fPfjx++sv//TF
y6cHkztfnM0++8vd9fRsfXTvyb+Q3NrjxEnhExhcCp9auMjGSYw7w04GDNbr
tLLtQE1td1CgeRHoMSrMZjbJPZQNF6Z0xmdmB2A+l/ogYZT4FLFmGjSJDGeo
de1Eu1S1u5a3JFohRGTUEwXZrzBOPvL4MO9ZSYmBxaXxYzj0PSP2nQjcBIWt
lfXd4NKoASQSHyOHkawBF+zKZJJ0q7f+hOUEhpxMnV/sjIt9N97V/Bth6wAg
6r1Vcsbp0tqqgnGHLJ4K1tC7eibSjccgs2xYrpxEmhmr1g6EmQFZjEJr1bcD
UgCluZ+reHtG9G4SVq3Wl5rR8Xn8StBWlFpl01BFW9DLEIS0nGi35AVQaf9R
qknmhEggNHCf/LQybkTk8GieUopJE13QK+xJYG1gH970roIO913T+AvgEpZ6
8hi85Xqes0QohcImKK96K/J98IGvmAV/cbxCqrsOPntVPXv0zPTFpXdbC7g5
nxmffkF67OdnvCIt4Zc6CIUpoz+pJ9su4fqcSRFu1rwTeEGt6mvHMkuTkaGM
Ex0ooc0Dpf/mtA3jRgMtCRcCfCrXM/NiuyxZE5sSmsRKpjnNeQeE3XAem3Cw
sl0/WC37dpUk3o4YOfyS6iN/aVif+O1t4lQevuF/MmN6y6DYlGmWvxLWGCwr
StLH4yVNWkynAiJjT4vdT6RLxT9DejoEPTXwwL2m/9gPnxFjqiayBSsw7j8G
x/vVY+amlqsO6RJtdTxbnLwKU0+3/uXDF1LS+vQPn1BT+3oVH3eUkPS01AbV
n19+PvyDgFjmi3BFlFFculKyM+qAjeaDs937gTP3TPmIfXa1pMqCpJegUFVf
x9/SIXKxkFYB/qji1R0NzKtoAwkOwfxGJ+f1Mj4yRNnjuqPIUokqE1CWusR8
yy29X0sF9yDoDcFPcAvNTtylJBs5JhBNXJkkeQHppfRPvNB4IAY3WGvwWPwz
/90MMJs+TrZdPwt0l0ZamcSUZ9Z4rP/hLi5umjQbAvWDrgBSIKHWowm4lou+
KRmiboZS0CumuScvKjE2BmGcpy3Hvy5p+etzkjfIv6kj9tAmnFe24Iz1beRJ
6bQJbzkq3Ogxkvse/5y/a/wY43Fr9PZWE9xzbUgLylBsGolbwY3DlmF4J69n
D+8ms/pjpe7r/Ysnny8e/vzpg/XDL57+/F9fnX52+dnV689/XHz+18llNDcn
9z+594f7T15PL74VmeAO7X1aFwUrw69YFklEsG3y1fH/I7H4r59i+59b9NlM
8toPtPj/+216924ewA1h7wgGu1WT7tWZjneD7Cb5+IY0wPnYvs3G9K2NqA2o
jWeIH9J4xoP2fQ+86XlD/sB/L3dpvrvcRn3z54cPT3/803o2XT1YH7z+8uD7
+5ffvnjaLL9f/fXr189np18+fbi89+znr5YLyaJ2PAppCjH3wLXe2ubkqoth
QHibcnNmS9QOJq7x4osjei6hMptTKq2lLW+pz7EAuACZCeRq3r+3Xs704K8u
5TjeIAlQWTs1nrJtggoLwNuAuGqM+6LtOUNRXXBYyDHSSU1FTHoquoXyuaD2
HiTnqQ3vCf0BxxgahCeEdZ01kzOUx8Lb0XxNR30z+eMtqO3cUogDmnKgdW2E
0lxlvbN/UD2n5qMcwficwfTR7XgGZHzY9GcaVYSEjqsnLy+2mlhly86ZTMyP
UD1z6dTquizcDXE3wia9D4EQ/i+iVqEMGEsCAA==

-->

</rfc>
