<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.4.9) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ritz-idpop-01" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="IDPoP">Interactive DPoP</title>
    <seriesInfo name="Internet-Draft" value="draft-ritz-idpop-01"/>
    <author fullname="Nathanael Ritz">
      <organization>Independent</organization>
      <address>
        <email>ietf@nritz.com</email>
      </address>
    </author>
    <date year="2026" month="July" day="06"/>
    <keyword>OAuth</keyword>
    <keyword>DPoP</keyword>
    <keyword>RATS</keyword>
    <keyword>HPKE</keyword>
    <abstract>
      <?line 37?>

<t>This document describes IDPoP, an extension to DPoP <xref target="RFC9449"/> that uses a key derivation scheme to separate access control from identity. It mitigates credential exfiltration risks by requiring fresh hardware attestation to unseal identity keys via an interactive challenge.</t>
    </abstract>
  </front>
  <middle>
    <?line 41?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>Standard DPoP binds tokens to keys but recent events have increased risks to exfiltration attacks where autonomous systems (such as agentic AI) leak valid credentials via prompt injection. Likewise, when malware compromises a device filesystem, attackers steal credentials and impersonate users until explicit revocation.</t>
      <t>This proposal introduces a derivation scheme separating <strong>access control</strong> (encapsulate/decapsulate) from <strong>identity</strong> (signing).</t>
    </section>
    <section anchor="key-material">
      <name>Key Material</name>
      <t><strong>seed:</strong> High-entropy secret, encapsulated by the client's KEM Encapsulation Key (<tt>keK</tt>) and delivered to the client as <tt>sealed_seed</tt>.</t>
      <t>All HPKE seal/unseal and HKDF operations below are bound to a <tt>binding</tt> string carrying authorization intent (<tt>client_id</tt> + scope + audience), passed as the HPKE/HKDF <tt>info</tt> parameter.</t>
      <t><strong>Two-Stage Derivation:</strong></t>
      <ol spacing="normal" type="1"><li>
          <t>Access gating: <tt>keK</tt> is a KEM key pair generated natively inside the client's Target Environment, gated on producing valid Evidence (see Algorithm 1).</t>
        </li>
        <li>
          <t>Identity derivation: <tt>K_attest = HKDF(salt=binding, ikm=seed, info="dpop")</tt></t>
        </li>
      </ol>
      <artwork><![CDATA[
        .-------------------.
        | AS-A (Verifier)   | 2. AS-A (RATS Verifier)
        | RATS Notary as    |    Appraises Evidence
        | OAuth AS          |    Derive keK, K_dpop
        '----+----+---------'    Seal id seed → sealed_seed
             ^    |
1. Evidence  |    | 3. Attestation Result (AR)
   conveyed  |    |    as JWT OAuth grant with:
   (as commitment)|    - requested_cnf {jkt, keK_pub}
             |    |    - sealed_seed
             |    v
        .----+--------.              .-------------------.
        |             |------------->|   AS-B (OAuth)    |
        |   Client    | 4. Present   |   Token Issuer    |
        | (Attester)  |    AR grant  '---+------+--------'
        |             |<-|               |      ^
        '------+------.  +---------------+      |
               |                     5. Validate AR
               | 6. Present token       Issue access token
               |    + DPoP proof                |
               |    (signed with K_dpop_priv)   |
               v                                |
        .------+-------.              7. Validate token cnf
        |  RS-B        +------------>    DPoP signature
        | (Resource    |                 with K_dpop_pub
        |  Server)     |
        '--------------'
]]></artwork>
      <t>Figure 1: OAuth Identity Chaining Flow with RATS Verifier as AS-A and "IDPoP"-aware OAuth AS-B as delegated notary</t>
      <t><em>NOTE: keK controls access to seed (identity key seed material). K_attest <strong>is</strong> the identity. Compromise of the identity key alone is insufficient—attacker needs to demonstrate access to notarized Evidence to derive keK and unseal.</em></t>
    </section>
    <section anchor="algorithms">
      <name>Algorithms</name>
      <section anchor="algorithm-1-derivekem-client">
        <name>Algorithm 1: DeriveKEM (Client)</name>
        <artwork><![CDATA[
Input:  Evidence (attested by the Target Environment)
Output: (keK_priv, keK_pub)

(keK_priv, keK_pub) = X25519.KeyGen()   // generated inside the Target Environment
The Target Environment binds keK_pub via attestation, e.g.:
Evidence = Attest(claims={ keK_pub }, signing_key=aeK)
]]></artwork>
        <t><tt>keK_priv</tt> never leaves the Target Environment and is not derived by feeding Evidence into an external HKDF call; this keeps the scheme compatible with TPMs and Secure Enclaves, which do not expose internal seeds for software-side key derivation.</t>
      </section>
      <section anchor="algorithm-2-encapsulatesecret-as-a">
        <name>Algorithm 2: EncapsulateSecret (AS-A)</name>
        <artwork><![CDATA[
Input:  binding (client_id + scope + audience), keK_pub (from client attestation)
Output: (sealed_seed, K_dpop_pub)

seed = Random(32)
sealed_seed = HPKE.Seal(recipient_pk=keK_pub, info=binding, plaintext=seed)

K_dpop_priv = HKDF(salt=binding, ikm=seed, info="dpop")
K_dpop_pub  = Ed25519.Public(K_dpop_priv)
]]></artwork>
      </section>
      <section anchor="algorithm-3-deriveidentity-client">
        <name>Algorithm 3: DeriveIdentity (Client)</name>
        <artwork><![CDATA[
Input:  binding (client_id + scope + audience), keK_priv, sealed_seed
Output: K_dpop_priv

seed = HPKE.Unseal(recipient_sk=keK_priv, info=binding, ciphertext=sealed_seed)
K_dpop_priv = HKDF(salt=binding, ikm=seed, info="dpop")
]]></artwork>
        <t><strong>Convergence:</strong> Client derives K_dpop_priv from (binding, seed) only after unsealing the encapsulated seed.</t>
      </section>
    </section>
    <section anchor="oauth-identity-chaining-flow">
      <name>OAuth Identity Chaining Flow</name>
      <t><strong>Setup (Client → AS-A):</strong></t>
      <ol spacing="normal" type="1"><li>
          <t>Client generates attestation Evidence</t>
        </li>
        <li>
          <t>Client: <tt>(keK_priv, keK_pub) = DeriveKEM(Evidence)</tt></t>
        </li>
        <li>
          <t>Client sends attestation to AS-A with <tt>keK_pub</tt></t>
        </li>
      </ol>
      <t><strong>Notarization (RATS Verifier as AS-A):</strong></t>
      <ol spacing="normal" type="1"><li>
          <t>AS-A Appraises attestation Evidence</t>
        </li>
        <li>
          <t>AS-A: <tt>(sealed_seed, K_dpop_pub) = EncapsulateSeed(binding, keK_pub)</tt></t>
        </li>
        <li>
          <t>AS-A creates JWT grant to AS-B:</t>
        </li>
      </ol>
      <sourcecode type="json"><![CDATA[
   {
     "iss": "https://as-a.example",
     "sub": "client_id",
     "aud": "https://as-b.example",
     "iat": 1706745600,
     "exp": 1706745660,
     "jti": "grant-7f3a9c",
     "requested_cnf": {
       "jkt": "0ZcOCORZNYy-DWpqq30jZyJGHTN0d2HglBV3uiguA4I",
       "idpop_managed_keysets": {
         "kem-encapsulation-keys": [
           {
             "kty": "OKP",
             "crv": "X25519",
             "use": "enc",
             "kid": "keK_public_01",
             "x": "l8tFrhx-34tV3hRICRDY9zCkDlpBhF42UQUfWVAWBFs"
           }
         ]
       }
     }
   }
]]></sourcecode>
      <t><strong>Token Issuance (AS-B):</strong></t>
      <ol spacing="normal" type="1"><li>
          <t>AS-B validates grant, issues DPoP-bound access token:</t>
        </li>
      </ol>
      <sourcecode type="json"><![CDATA[
   {
     "access_token": "eyJ...(JWT with cnf.jkt inside)...",
     "token_type": "DPoP",
     "expires_in": 3600
   }
]]></sourcecode>
      <t>The access token JWT contains:</t>
      <sourcecode type="json"><![CDATA[
   {
     "iss": "https://as-b.example",
     "sub": "client_id",
     "aud": "https://rs-b.example",
     "iat": 1706745600,
     "exp": 1706749200,
     "cnf": {
       "jkt": "0ZcOCORZNYy-DWpqq30jZyJGHTN0d2HglBV3uiguA4I",
       "idpop_managed_keysets": {
         "kem-encapsulation-keys": [
           {
             "kty": "OKP",
             "crv": "X25519",
             "use": "enc",
             "kid": "keK_public_01",
             "x": "l8tFrhx-34tV3hRICRDY9zCkDlpBhF42UQUfWVAWBFs"
           }
         ]
       }
     }
   }
]]></sourcecode>
      <t>Here, <tt>jkt</tt> validates the DPoP signature (standard DPoP), and <tt>idpop_managed_keysets</tt> enables the IDPoP liveness challenge.</t>
    </section>
    <section anchor="interactive-challenge-proofs">
      <name>Interactive Challenge &amp; Proofs</name>
      <t><strong>Interactive Challenge (AS-B → Client):</strong></t>
      <ol spacing="normal" type="1"><li>
          <t>Client sends request with DPoP proof (no nonce or cached nonce)</t>
        </li>
        <li>
          <t>AS-B decides: "I need hardware liveness proof"</t>
        </li>
        <li>
          <t>AS-B → 401 Unauthorized</t>
        </li>
      </ol>
      <artwork><![CDATA[
    WWW-Authenticate: DPoP error="use_dpop_nonce"
    DPoP-Nonce: <Base64Url(HPKE.AuthSeal(nonce, keK_pub, AS_B_privkey))>
]]></artwork>
      <t><strong>Client Proof:</strong></t>
      <ol spacing="normal" type="1"><li>
          <t><tt>seed = HPKE.Unseal(keK_priv, sealed_seed)</tt> (proves fresh Evidence)</t>
        </li>
        <li>
          <t>Client extracts sealed nonce from header</t>
        </li>
        <li>
          <t>Client: nonce = HPKE.AuthUnseal(nonce_sealed, keK_priv, AS_B_pubkey)</t>
        </li>
        <li>
          <t>Client: <tt>K_dpop_priv = HKDF(binding, seed, "dpop")</tt></t>
        </li>
        <li>
          <t>Client creates new DPoP proof with unsealed nonce and retries:</t>
        </li>
      </ol>
      <t>The DPoP proof JWT uses a proposed new type, <tt>idpop+jwt</tt>, and carries the public Identity Key (<tt>K_dpop</tt>) in its header:</t>
      <sourcecode type="json"><![CDATA[
    {
      "typ": "idpop+jwt",
      "alg": "EdDSA",
      "jwk": {
        "kty": "OKP",
        "crv": "Ed25519",
        "x": "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo"
      }
    }
]]></sourcecode>
      <t>The corresponding payload:</t>
      <sourcecode type="json"><![CDATA[
    {
      "jti": "e1j3V_bKic8-LAEB",
      "htm": "POST",
      "htu": "https://rs-b.example/api",
      "iat": 1706745600,
      "ath": "fUHyO2r2Z3DZ53EsNrWBb0xWXoaNy59IiKCAqksmQEo",
      "nonce": "kH8Ws3xYnE2f7d9pQ1vR5jL4mT6oU0aC8bN3gZ7yXsA"
    }
]]></sourcecode>
      <t><strong>Verification (AS-B or RS-B):</strong></t>
      <ol spacing="normal" type="1"><li>
          <t>Verify DPoP signature with K_dpop_pub (from token's <tt>cnf.jkt</tt>)</t>
        </li>
        <li>
          <t>Verify <tt>proof.nonce == SHA256(expected_nonce)</tt></t>
        </li>
        <li>
          <t>Accept request</t>
        </li>
      </ol>
      <t><em>Note: The interactive challenge (Steps 8-10) introduces a round-trip. To mitigate latency, this challenge MAY be performed once per session or upon detecting high-risk context. The resulting <tt>nonce</tt> acts as a session binding signal for subsequent DPoP proofs, reducing overhead for high-frequency API calls.</em></t>
    </section>
    <section anchor="security-properties">
      <name>Security Properties</name>
      <ol spacing="normal" type="1"><li>
          <t><strong>No durable secrets at AS-A.</strong> Post-issuance compromise of AS-A yields no client key material. RATS Verifier (AS-A) computes <tt>K_dpop_priv</tt> transiently, extracts <tt>K_dpop_pub</tt>, discards both <tt>K_dpop_priv</tt> and secret seed material (<tt>seed</tt>).</t>
        </li>
        <li>
          <t><strong>Sealed grant confidentiality.</strong> Interception without <tt>keK_priv</tt> yields nothing. <tt>sealed_seed</tt> is HPKE-encrypted to <tt>keK_pub</tt>.</t>
        </li>
        <li>
          <t><strong>Attestation-bound unsealing.</strong> Stolen <tt>sealed_seed</tt> without device access is unusable. <tt>keK_priv</tt> is generated and retained solely inside the Target Environment, gated on producing valid Evidence. Unsealing <tt>seed</tt> requires fresh hardware attestation.</t>
        </li>
        <li>
          <t><strong>Key separation.</strong> <tt>keK</tt> controls access. <tt>K_dpop</tt> asserts identity. Compromise of signing key doesn't grant unsealing; compromise of unsealing requires live Evidence.</t>
        </li>
        <li>
          <t><strong>Convergent derivation.</strong> No key transport. Client derives <tt>K_dpop</tt> from (binding, seed) independently.</t>
        </li>
      </ol>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <section anchor="authorization-server-as-root-of-trust">
        <name>Authorization Server as Root of Trust</name>
        <t>The architecture described in this document leverages the Authorization Server (AS-A in the RATS flow, or the OAuth AS) as a Trusted Third Party (TTP). This aligns with the standard OAuth 2.0 threat model <xref target="RFC6819"/>, where the AS is already trusted to generate access tokens, sign ID tokens, and manage client credentials.</t>
        <t>While IDPoP introduces the generation and sealing of the Identity Key seed by the AS, this does not introduce a new root of trust. An AS capable of issuing a valid <tt>access_token</tt> can already impersonate the user to the Resource Server. Therefore, entrusting the AS with the transient generation of the seed is consistent with its existing role. The security goal of IDPoP is not to protect the client <em>from</em> the AS, but to protect the client's credentials from exfiltration <em>after</em> issuance.</t>
      </section>
      <section anchor="encapsulated-secret-transport">
        <name>Encapsulated Secret Transport</name>
        <t>This specification utilizes a Key Transport pattern where the Identity Key material (seed) is generated by the server and transmitted to the client in an HPKE-sealed envelope (sealed_seed). While Key Transport is sometimes disfavored in comparison to Key Agreement, it is necessary here to bind the identity to the specific hardware attestation presented by the client. Unlike a KEM shared secret consumed once for a transient liveness proof, <tt>seed</tt> is re-unsealed on each interactive challenge to re-derive the persistent signing key <tt>K_dpop</tt>, which remains valid for the life of the access token.</t>
        <t>The security of this transport relies on hardware binding: the seed is sealed to <tt>keK_pub</tt>, which is generated and retained inside the client's hardware-bound Target Environment. Even if <tt>sealed_seed</tt> is intercepted, it remains inert without the corresponding hardware-bound private key <tt>keK_priv</tt>.</t>
      </section>
      <section anchor="harvest-now-decrypt-later-and-forward-secrecy">
        <name>"Harvest Now, Decrypt Later" and Forward Secrecy</name>
        <t>Encrypted transport of secrets is subject to "Harvest Now, Decrypt Later" (HNDL): an adversary records encrypted traffic today to decrypt it once quantum computing breaks current asymmetric primitives (e.g., X25519). The impact of HNDL on IDPoP is limited by the short lifetime of the identity key it protects. <tt>seed</tt> is used solely to derive the DPoP signing key (<tt>K_dpop</tt>), which is only useful for signing DPoP proofs during the validity period of the associated access token (defined by <tt>exp</tt>). If an adversary breaks the KEM years in the future and recovers a historical <tt>seed</tt>, the associated access token will have long since expired; unlike confidentiality keys protecting persistent data, recovering an authentication key after the session window has closed yields no advantage, provided the AS enforces standard expiration (<tt>exp</tt>) and replay protection (<tt>jti</tt>).</t>
        <section anchor="post-quantum-agility">
          <name>Post-Quantum Agility</name>
          <t>To further mitigate HNDL risks and ensure long-term resistance, implementations SHOULD support cryptographic agility in the HPKE configuration. Implementations can adopt hybrid KEMs such as X-Wing (combining X25519 and ML-KEM-768) for post-quantum resistance alongside classical security guarantees. The <tt>alg</tt> parameter in the attestation request or metadata allows the client and AS to negotiate Quantum-Resistant KEMs (e.g., ML-KEM) as they become standardized, keeping <tt>sealed_seed</tt> secure against future quantum cryptanalysis.</t>
        </section>
      </section>
      <section anchor="dpop-proof-replay-and-pre-computation">
        <name>DPoP Proof Replay and Pre-Computation</name>
        <t>To prevent an attacker with temporary access to the signing key (or the ability to predict nonces) from pre-computing proofs, this specification mandates the use of HPKE-sealed nonces. Sealing the nonce to the client's <tt>keK_pub</tt> ensures that only a client with active access to the hardware-bound <tt>keK_priv</tt> can recover the nonce and sign the proof. This also limits the impact of a stolen cached <tt>K_dpop</tt>: malware holding it cannot pre-generate valid proofs for future requests, since it cannot decrypt future nonces without invoking the hardware anchor.</t>
      </section>
    </section>
  </middle>
  <back>
    <references anchor="sec-normative-references">
      <name>Normative References</name>
      <reference anchor="RFC9180">
        <front>
          <title>Hybrid Public Key Encryption</title>
          <author fullname="R. Barnes" initials="R." surname="Barnes"/>
          <author fullname="K. Bhargavan" initials="K." surname="Bhargavan"/>
          <author fullname="B. Lipp" initials="B." surname="Lipp"/>
          <author fullname="C. Wood" initials="C." surname="Wood"/>
          <date month="February" year="2022"/>
          <abstract>
            <t>This document describes a scheme for hybrid public key encryption (HPKE). This scheme provides a variant of public key encryption of arbitrary-sized plaintexts for a recipient public key. It also includes three authenticated variants, including one that authenticates possession of a pre-shared key and two optional ones that authenticate possession of a key encapsulation mechanism (KEM) private key. HPKE works for any combination of an asymmetric KEM, key derivation function (KDF), and authenticated encryption with additional data (AEAD) encryption function. Some authenticated variants may not be supported by all KEMs. We provide instantiations of the scheme using widely used and efficient primitives, such as Elliptic Curve Diffie-Hellman (ECDH) key agreement, HMAC-based key derivation function (HKDF), and SHA2.</t>
            <t>This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.</t>
          </abstract>
        </front>
        <seriesInfo name="RFC" value="9180"/>
        <seriesInfo name="DOI" value="10.17487/RFC9180"/>
      </reference>
      <reference anchor="RFC9449">
        <front>
          <title>OAuth 2.0 Demonstrating Proof of Possession (DPoP)</title>
          <author fullname="D. Fett" initials="D." surname="Fett"/>
          <author fullname="B. Campbell" initials="B." surname="Campbell"/>
          <author fullname="J. Bradley" initials="J." surname="Bradley"/>
          <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
          <author fullname="M. Jones" initials="M." surname="Jones"/>
          <author fullname="D. Waite" initials="D." surname="Waite"/>
          <date month="September" year="2023"/>
          <abstract>
            <t>This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks with access and refresh tokens.</t>
          </abstract>
        </front>
        <seriesInfo name="RFC" value="9449"/>
        <seriesInfo name="DOI" value="10.17487/RFC9449"/>
      </reference>
      <reference anchor="RFC6819">
        <front>
          <title>OAuth 2.0 Threat Model and Security Considerations</title>
          <author fullname="T. Lodderstedt" initials="T." role="editor" surname="Lodderstedt"/>
          <author fullname="M. McGloin" initials="M." surname="McGloin"/>
          <author fullname="P. Hunt" initials="P." surname="Hunt"/>
          <date month="January" year="2013"/>
          <abstract>
            <t>This document gives additional security considerations for OAuth, beyond those in the OAuth 2.0 specification, based on a comprehensive threat model for the OAuth 2.0 protocol. This document is not an Internet Standards Track specification; it is published for informational purposes.</t>
          </abstract>
        </front>
        <seriesInfo name="RFC" value="6819"/>
        <seriesInfo name="DOI" value="10.17487/RFC6819"/>
      </reference>
      <reference anchor="I-D.ietf-oauth-identity-chaining">
        <front>
          <title>OAuth Identity and Authorization Chaining Across Domains</title>
          <author fullname="Arndt Schwenkschuster" initials="A." surname="Schwenkschuster">
            <organization>Defakto Security</organization>
          </author>
          <author fullname="Pieter Kasselman" initials="P." surname="Kasselman">
            <organization>Defakto Security</organization>
          </author>
          <author fullname="Kelley Burgin" initials="K." surname="Burgin">
            <organization>MITRE</organization>
          </author>
          <author fullname="Michael J. Jenkins" initials="M. J." surname="Jenkins">
            <organization>NSA-CCSS</organization>
          </author>
          <author fullname="Brian Campbell" initials="B." surname="Campbell">
            <organization>Ping Identity</organization>
          </author>
          <author fullname="Aaron Parecki" initials="A." surname="Parecki">
            <organization>Okta</organization>
          </author>
          <date day="26" month="June" year="2026"/>
          <abstract>
            <t>   This specification describes a mechanism for preserving identity and
   authorization information across trust domains that use the OAuth 2.0
   Framework.  A JSON Web Token (JWT) authorization grant, obtained
   through an intra-domain OAuth 2.0 Token Exchange, facilitates the
   cross-domain acquisition of an access token.  The relevant identity
   and authorization information is chained throughout the flow by being
   conveyed in the respective artifacts exchanged at each step of the
   process.  Chaining across multiple domains is achieved by using the
   same protocol every time a trust domain boundary is crossed.

            </t>
          </abstract>
        </front>
        <seriesInfo name="Internet-Draft" value="draft-ietf-oauth-identity-chaining-16"/>
      </reference>
    </references>
    <?line 306?>

<section anchor="changelog">
      <name>Changelog</name>
      <section anchor="section">
        <name>01</name>
        <ul spacing="normal">
          <li>
            <t>restructured draft</t>
          </li>
          <li>
            <t>updated key and key input material names</t>
          </li>
        </ul>
      </section>
    </section>
    <section numbered="false" anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>TODO</t>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA+1b3VbbyJa+11PUotea2MRWMJA/96HXOEAamgQIkNDJrDlY
lsp2gSwpKgnizkmvuZoHmDVPeJ5kvr2rJJXA6Tmnb+ZmfJHYUlXtn9o/395V
9Pt9r1BFLIdi7TApZB6EhbqVYu80PV3zgskkl7f0yvwOg0LO0nw5FLqIPC9K
wyRYYGqUB9Oin6vit76KsjTrbww8XU4WSmuVJsUyw5jD/YvXXlIuJjIfehEW
GnphmmiZ6FIPRZGX0gOlLe8HEeQyGIpzGZZYcYkHd2l+M8vTMhuKk1FZzMUl
HqhkJn6mh96NXGJENPRE37ynL8Qw/X82ujin/w9Oj/a9W5mUoPuDEO5y9Nvw
2F7XC/AyzWldT+AzLePYyHscFPMgCWQsziAzv0zzWZCo34ICAkPYJJKZxD9J
wW/lIlDxUChZTP81IT35YbrwvCTNFwHpGzTE2evdl4MXG9XX7e2X9uuzFwP+
etjf82mFfkqMQdNYHQrqh/NAJWB76HkqmTZLev1+XwQTXdCmet7FXGmBLSsX
mCciqcNcTaQWvLc9ESRCfimwHRBAFCkrUHz9aln59k1A5EKUGjMCAZVjhVzd
srxCh3O5kDRLyyzIsbkiCEOptcAWF3kai2meLkTFsS8OC7FQhZphJMbkkl8E
MTiYqhj88qq50jdaTJYil59LldPGTHOp52Ie5NEdrEQEBeYXZjSIlzAnLFKR
IS61uFUByaYc44bC4lgmM+kbHS1UFMXSgx0cErdRGdKKnndeBEkEWkYXE5VE
GmRuoCOixqtPygLshaRRCesqNJgDBZVAqEDLyAqB4S3RwHgQ4vndXJIYZZEm
6SIttdBLXciFFh1dhnMRQNczEiYUo8OuiGVwI26DWEWOzoyEGfSbFaB7LZl5
X7xRN/JOadkjIolYBDGrDHZHY5XZx0jeqlAKcCYN5Z5lTebgpSBtupSgDqEW
GV6mCW0yrAHjSrylrctiFSpSx20aspi+NToQzFJNO2PVa2nftx9rPLTR6+tt
A1pfFx2ZhEGmyxiUn0Sy/t41xrW+Xu07jdVqRi7R9WlXj2CtbzEyhxCet76u
pYyGGHWgZvO+pPWzJYhD0qInHCoRGV8xh9JihWGPtDjafyv26wHEOq3dGd/I
o3GX1RPJGCYGndGeN3NpK8dknTK6IvJjMDaKYw5Lgp4/scZLaxwc7b0WKdTM
JGBkMk7vKCyKSVomvHIgxmSPEHGMfWLfCIM8X9IXE7ZsLGLDB/3O2DBypaKx
eAyNY338H5QRnoay2xNZoMlgwSixTYw9YUbGFFTGgrZmIaFEn1R4cZf24R4z
ZIp6G6FSzxv4YmR2bsY7ORSsHKFoy0l9FDqyQOUChk0SgmTCAStegleNTWyr
/CLIZ7KA1m9VniYUu3q0NKZBuIzNiYQ2brF/S0YAi+5AyWIUI1mpYr4QAxjC
JsJOFRka2wN/R1cmjogd1nwHllrsWO32hLpZ7NCO4Rv0sLNG+W2tO/a833//
nWM7ffz+w49fv/2bGJ33R6LzAVSnSuZdfgZ+zGNKUaJ+58ziF8dpEeRL2hZ+
hs8oy/KAHbgS15ljEuToXIjmGT68SxLKP+qJoyuSoZ7ziJh9XP/Dn0f04twE
U0HSi7//538Jx3494X7+ynRo7+sNMGT/JrYgpROlzyQ8B9Y4OmNB4d23conl
q+H4QNJfLi+sILM8gPHeYRMpA4pOQBFhgdxBhtDl8X3OD6AA1sJkKr5e38BE
IOlVVk6+tRltqPS/Lw2/v23vba0avzX0f9341rqtUT/RSxjAK9FhUbtGh+7U
XRM6+Ne2L06R/MxvenlBiUgcal3K/P7UjlE5W5oxmTOrSd5tK0wt06PvMfyX
fvtBPeCvbeup14J2Hvfbn8d2ord6pXufp774QJ5M2WV09nDOs0YNnIntC1ZD
hTn4xUpyj00mR9RIp/cpr2aQEwnskyzQOs5VBlfqrppxu1KklTT89hbcs6rn
jhaMmDBsd5POyG7sp6Xwn+gJC0mMB0WZu8GhA/dLy5zcc9UGtIQsJy7Bc5nf
msDlSvGovdWPOCa+VjNQFYMKrNdBd9fiVPGa0hkTa4U+8nyOiJQDbcnRDxi1
VFENUmMQcqw0KSDh4IiEdHxysT8kp68Ag26swQSwjgsLzaOFxQRdX9Q5ADBC
AxpQCmrg6m4NmgQMx33HiwVxmkjKcMhf5XQKFISXf/+P/66glEhAjTmJ5AIJ
vXARMp6yFOo36eQvHluFbFaIwQf+OgGaOrFp/PrBzXNDG+kp03ZM/OiaVHWY
ZGUxFE6KNBI3KOdhpu16J2XB0zocT7FyHVmx7IqHyKG/bj59OnjpAxj9LJMO
mcyTJ06yd3L8Q4LAi6seW+xtiRhI3yQVYDZ/5g+9WrIdm3I6YRyohd75Ws/8
1hMWGV5h43YCedRl5XjjSpQxNguWTlj7VurvsGmAsKaNs9vESpxim8m+a0aA
vdKqsMoTZFMGVCGqjx+xsiKJZGaIWAhM8BxCTWJpHOTi9K2B3VwOSwKfMTFG
qF6hQojYegh8p1qaIofoaDY41IJCp9OCXKjPWm/Xbf4969kcOuBWnjMgRi6B
S96zIQuORKfGlKshZaX2DiP0Cgk3O+fYl5ONe04MAmF21R1xBi2ki87WZtdz
xhJmA1L1Cat0UIipjBnKbnYsbQvbajiXwSSgpS8Fgzos7wT1fwYAeg2PAvP2
I2P1p+UEVVDHzRTGwFqK3qrctI6Nq331n9Iz+6ELairdOszU2mSlveeQ4qhN
W7XxUm29YQhqVau4mkb3T6uPlbK+vksAEO4FOagis4jH+JR2OTdFXqdelqmj
BEDVEExh9TY+krbInVpVHI3lQvCPEhJxcy6LMqv2giEvG39V2NjnVSzTrf5D
jcU3q4EoLVZHyDpEd6pJqCe26vWBbiJ9v7fBiZFDwtiuNCaOj03qMMM6K9Op
YX/bVhtN8bCS+admGLH+PY8ka3ejhIyaXamEHHvPLD3qg5CqCNIbCGqEeTVk
U7/WKUO1rwZTrCmt14ZibV4UmR4+eRLofuDLL8Eii+Vaz47R5YTG1D5Rv4BH
3Js8eTBZBQXGDJ5vPHu+/fTZxkb1HBHUef6sfn5dKFqTWe8/n24FL8N6rVbd
gVFfK2C0hhKEZm18Ck92T84+HX9c9vcus8+ftzauPy1/+fng4ngj2jyYxa8+
bJWAS6Ptw2pRYpFVvQgSlNcR5SktC+0ujzE3ctGXbiOiT+Mw6N9cUPq1jVDX
boolsXVydNqQs6/C/JZemeT94G2pJb0FxQevbhQr3e48gt/VxuDBoC80JH5R
vM7nX/pb28WHrfnZ4e7Z3seXv+3e7MXZq/nr7c33795PLz+MLl+91mvufKeG
+3ev/Yz/+1YFk6YkChjgkJkZ63/uG/B4a1G1NraImESFg2bE3DfNFbeIWG2j
ZsQVj2CtLH/xfb9DFs4OCmPwYQAW6XTxrrYYnnNFzWaayAjXMUCFyuZK0Zpb
sExHNHwjYOSyxg5FWBchTP+jvvTQHf5RX8r/rC+93Gye/7+X/N97Cb4dyFz2
xBjaHzsOQVmzXTgClLkN8G6Pgeh4peLHyLgBUKtZh2s3QY3QhHu4Tr+de+x1
J363eiP+BXU9qnJNfrx6BLszJ2WLldizX9xLmzYmG090qv1OQkiZwgJAcRgA
bUfmd9d7aYNDBBwUSU3HXVyxNecMtSS81po32LBTiJvtjYF4n1RNV+CuujN4
eXnZJ8TBHXw68TIMyTxP8x2yFpNUmQ2zlxyHjun3UPzlVaDls+33edxhtEYr
Mczl8XWu7YGTq1cMMrAX3e5PNbQyamG1GgQDCDNegf9WosfuWHQgLaEwc+hS
QxVvUCMcKmxoo7SdaTXMUG0uA8A4b7DVwCHz1hIncSwD/PzKLOGCWSNYOSG5
vMG2g6tWoM4WMuyJuk87eFpzW2GRRN65psGmYuBjLQJZOqqfXEkKrsLEX2cO
RV97FmZON2gmlqXQ3rM+8vj6rhgbp6HevLLOYfy/QaHmBMFINO4iawhFx0is
vnZgryPVGshQrKjJ1KFkLYhn9GY/2jsfNU+v725aoXF1jKvCmy1m3DccmgaD
zx9HH4++7ObTD+dXzy+Wl+8OTmbP5+HtaZCpt3F+dxgEp+HB+7O0Ck0mArXT
WJjmsKgsNbVNFizjNIi+J6nFX3JwvfXhanKkwhf9N6P9V41o82JBA05Pzi/c
h+X3stcTsNoM/E4Kgx6LOa0wfX+wPNnMNz9t7X16urWvj/PLV5ONL5e/psHx
8unLQ3W0O/p8oxfv9tNmUePQFO4PXlzqrS8fk/3N6fPoZfZucHv29PrN9uLi
Wfp+I9h9MTnemn16vvxVj9ZcRa2vGxAfWlzPsQZx66wGNAPgax6zvB+07zXx
bO3NmOGRFmMLTsZwqOf1EmM2at/65444PxhtPn3WQR6XIcFbEyjhSy/M6U5W
VHGWWm8pRTba2JVnrKJzXlCT40V/sNFtnwDmBLj6cLLMFxdpfSIsqK5IwmXP
9Eiald6OPooJHEjmdMrNJ0Ah/4TP800D0lEJw0IoL+gcFOY1pzM+OoRlsIR4
5TOrOZ9D0IAxCzcWHMbowLVerKq+Wbex6aaUE02CI5g0wUD3sJw9hkLAzMl1
eTTTnrKmII4YnR5y70ebJl51wYEiNGQoEB+4yqSiTkRlTunUnkpSscbllI8a
+TTVRV9VIDdstSa55FoqGUfUnKo6LtT1qXqd/r2eq2nv8DIlxUY3tI4FojtA
LNaIsRt1sB835oX4FimN8AaCk5Sq09Z8in1GhHbHFQGPT0HpfHaTRD43wddU
iNipqbKHztR/hdAMCcjwaGPIxNOyEE7TrpYZJpPM/PZZK7XqKOcQFsyXWWEO
Z+s6GjxsEQ/OOZWtBeqeArFwXqQww3srV6zYg3SL0BUdipeadtB3ucTzphFq
UwzwO7UosHb7APRPnXv64n3dBjEatpcn6jS+6u6Ez+2B9fUjboybM3g8hczm
7PZeS92vNhn7qzUsV3+3VW6brabvmEqdPCrsHteq/fGeCTd9nJpzgl+NiB41
KZzOUeF2NMHzMV/NMKabpXnh3+8q1dyvbCmp5upOvPRbjgqStD32WN709Fpn
7eaUhKLIWZoWJM1FXmq+ewOF5+FcUViiKF1dv6F+uAlz9c2cmPrPwNYGLawk
wE5rZkrjz9M4vetR+KMn1WlJ18Qz5gGULuYKUP40yKnfeHFx2qVQSOfyMXZJ
m8TBregK9Zt1Nv0NPCboJBZpJGNzKYguJX371rM3WJjTcz7kjzEyIvUbonC0
yuRb9as2nXiUCvVvcghTVlSBy7l7gp24nKu4qi2cPEK0LQm+WsMhx1iQPaxp
QS2OQ/bEY3Teq5QvTTe/Xhd6IzyX231kcZD8EhITBSUHZzynOMx3Lqwjjt3m
ADwnSGqNuBdniDhdnqkuidTncmaDOUflEjlE0oUUJl51NkG/3qk6PLsKsEKz
nIov0Gil+Q4IzyNwKb8osyC8WpqEqCsjn6UIz1jD6tmoBWzCRcl43Tst6+RA
67Um6S7UyoGPdOsWEbtd6zrUOrdw10WV1czBxL7bw7WnEReVV9urRRoIpQFK
ZaFilGB81QRbXQ8GyCzoZMSx1pZNNGnJxgA3Tltb0da36f4NrQu0Ujy45aPI
/kyuseWERJSKqWHv9lPhecaY21ySPOlCFmoBEZBWp8FtmpsQwedCgDGmGUzT
RrNcSpMWFE9NJFke3RUxQqYMYNqnlZbbSmurb9Jl5oD9/vUnyi2xupH2Ho/G
XFlnd7KysoZkBH4Cxzrb9XOvSk2KyvV+XXmBtERh/h0YCdYx2B6Kch0Fb7KG
7aaZKrpXJ2Q53b1EeDP+ObUhMlbT+izXDUu+idW1N/AQ8FlnE6wXUyUHZmvl
2QwybPmdFcoFGhVL34cBqy5AVWQsJnmIC+jWDYCJmj5EPaqCTXz+UtTKALG8
qMFL8aAou0cz4/xqjg8bOGO8dO0ggGPoAnkXGWhPMsISb8ij1li412l+R9mE
PThcet5+g8JqrRJWsFCXdFdOrjmEpH+8fOfgeO9Nd0g+F0TwTrZ+EEkJjkqX
DJ3KY7koWJqjdbMMNML2+hlRpygXFgWTAiaI2TcIWyW0wrf3losFtQNC0gUV
KgQkOnTu3LMH3l0TRxHlYbokD/FGZlIH0pgmOgFlToKTIZLDr7xYAP5sNNW+
4zSlbhBjc1Gg1cCrvKFpLDjGx6dmWGRa2qrGTnBKGipAqozDnkMsweNUGtVu
o3UaKmPDbmO6E8kpGzPkHKOEBMgXh9P2Hln10jIUS5YyyHWFZ6YlIyTjFyEV
VBTP4YQFcBDqJ6uI3h8ycafi2FzFjVMu4WibTYs9+hEYkwPZvTrD3Oi1CufW
RBNhoqAIehU/nPATvmdpW3sUNvkmCB9FmjBgisg7xIb0DqzAmGJuEzXlGfQB
uwPe6RFVwrdRleIlXeQmdFODMWbe9gOMWq2KshhGXXHNb68LxZXVD3BPrhbf
WfsezRQJihiXQs05aOVN1c32aq4r08J0MT836utDqAWVzIq4od6jok4KxR57
Q/X84OT9mz34bcbezN6VAuhnMDkRGKrV/vKVV1b9rLSVhji8tx7jpiiFi86X
kxxxG1ZCYcHcif61f2lOxdPFxBzgGhdkvt++6WNw//mzF1027owUUDl4IwNf
2plxtA1jWBFbVgOCyoCqFCm18epxEM+cK7CVKG7WrBrPIIkxARkMaACW69Y1
YHCI7aVLP3KWFmS5wu5O/8wyVxhpbXQx8nTtvVy4Dmxw0YB06jj3+B6Jrfmc
BKDNnZFgRjG/qByrDna0SYDb8RJkTSznAMANYyBStivi9xR5YJcjY2DuxV8Q
yOPr7uwG1S0nA0vlAibAN1br+03sD25Qskk4mBjDYNAoI4W4yc0Yba9042G/
CclVr6V4iPsWpIvqEKM0daQLwsyqPt9oraKaaXa14Bv1x6pcbe1fmz97MPcM
qk1kQS1AaUt5L286pT9ZtA0fDnkuVqgMYkDDTbiqJtOpSRhGqCatBNh6bkTY
Q4wqwA/rK/7zNOYkjuwBqgTfSZF1FWaAkA3z5CHWLqwBc2HGl5fq6VW6tAON
Nmv0oJLb9KbSagMokxD5zf6BxQQGQpX07jwAlIvTGVvbxgBvySVR33BVHJk/
JMLDMos4pnNMTcz/ii7FNFCd/hJH82W48CZJ77DNMwog2vs6NH9lJKOdtSn0
KNe+wWRP9k68/wGaUMWM7TQAAA==

-->

</rfc>
