Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha256; boundary="B_3745835631_2531125173" --B_3745835631_2531125173 Content-type: multipart/alternative; boundary="B_3745835631_2873281489" --B_3745835631_2873281489 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable Note that there are much more constrained networks than Uri's use case.=20 =20 Please note that I=E2=80=99ve only listed my use case constraints, fully un= derstanding that there are other more constrained applications. =20 The world "constrained" can refer to systems with several orders of magnitu= re difference in capabilities. While constrained devices has gotten quite a= lot of attention, the radio is often the most constrained part.=20 =20 Yes. =20 Constrained radio networks are characterized by very small frame sizes on t= he order of tens of bytes transmitted a few times per day at ultra-low spee= ds, high latency, and severe duty cycles constraints. The number of differe= nt constrained radio network technologies is large and growing. Some exampl= es of constrained network technologies are LoRaWAN, NB-IoT, Sigfox, Wi-SUN = FAN, Bluetooth Low Energy, and IEEE 802.15.4. IEEE 802.15.4 is used in Zigb= ee, ISA100.11a, WirelessHART, MiWi, 6LoWPAN, 6TiSCH, Thread and SNAP. Low P= ower Wide Area Networks (LPWANs) is a huge and very quickly growing market = expected to reach over 1000 billion USD globally by 2027.=20 =20 To work well in constrained radio networks, the message sizes need to align= with the tens of bytes transmitted a few times per day that the networks a= re designed for. Infrequently sending a few hundred bytes is acceptable in = many constrained networks but sending a thousand bytes is not feasible in m= ore constrained networks.=20 =20 I concur, and wonder what would be the PQ solution for those. =20 Note that static keys often do not need to be sent over constrained links, = as they can be provisioned or accessed over non-constrained links.=20 =20 I disagree. In some cases the above is true. In others, like mine =E2=80=93= decidedly not so. The only reasonable pre-provisioning in my case is for t= he known-in-advance CA certs.=20 =20 I understand that there are others who can pre-provision static keys, in wh= ich case McEliece doesn=E2=80=99t sound all that bad. =F0=9F=98=89 \ Just don=E2=80=99t start thinking that it=E2=80=99s the =E2=80=9Cusual=E2= =80=9D case. =20 Moreover, signatures can in many cases be replaced by a symmetrical MAC fro= m an Ephemeral-Static or Static-Static key exchange by changing the archite= cture and protocols, as long as the proving node is online. =20 Yes. Tradeoff between how much to send, how often, and who to (including ho= w many entities to talk with during this process). =20 As several people asked me offline, here is a copy of the paper we submitte= d to NIST.=20 https://drive.google.com/file/d/1Vky_uA8DhJMGM-keHH-ujF23xG6stUXq =20 Thank you! Let me read it and get back with questions, if any. =20 TNX =20 From: 'Edoardo Persichetti' via pqc-forum Date: Thursday, 8 September 2022 at 23:49 To: Blumenthal, Uri - 0553 - MITLL Cc: pqc-forum Subject: Re: [Ext] [pqc-forum] Call for Additional Signatures is released Thanks Uri, this is very accurate :) Best, Edoardo =20 On Sep 8, 2022, at 5:46 PM, Blumenthal, Uri - 0553 - MITLL = wrote: =20 Hi all! I guess, for us designers, it would be great to have a more precise= understanding of what are the ballparks and sizes discussed here, with ref= erence for the various use cases, since the terms =E2=80=9Clarge=E2=80=9D, = =E2=80=9Cshort=E2=80=9D, =E2=80=9Cslightly larger=E2=80=9D and similar are = very vague. =20 OK, for you designers: my =E2=80=9Cconstrained=E2=80=9D use case prefers=20 =20 =C2=B7 signatures in ballpark of 1 Kbyte or less,=20 =C2=B7 public keys for KEM =E2=80=93 in ballpark of 1.5 KB or less,= =20 =C2=B7 public keys for signature =E2=80=93 within a couple of KB, i= f over-the-air exchange of intermediate CA certificates required =E2=80=93 = less than 2 KB. =20 Performance for signature:=20 =C2=B7 fast verification is a-must, =C2=B7 fast signing is preferred, =C2=B7 fast keygen is not that critical. =20 Performance for KEM: everything must be fast. =20 Hope this helps. =20 TNX On Sep 7, 2022, at 5:42 PM, Bo Lin wrote: =20 =20 =20 EXTERNAL EMAIL : Exercise caution when responding, opening links, or openin= g attachments. =20 =20 Yes, totally agree! There are many applications that key size overweighs pe= rformance=20 =20 Get Outlook for iOS =20 From: pqc-forum@list.nist.gov on behalf of Blumen= thal, Uri - 0553 - MITLL Sent: Wednesday, September 7, 2022 12:49 pm To: pqc-forum Subject: Re: [Ext] [pqc-forum] Call for Additional Signatures is released =20 Having a small-signature && fast-verification is crucial for constrained en= vironments (that I=E2=80=99m often dealing with).=20 I agree that a smaller signature at the cost of slightly larger public key = would be a good compromise, at least for my use cases. =20 Thanks! -- V/R, Uri =20 There are two ways to design a system. One is to make it so simple there ar= e obviously no deficiencies. The other is to make it so complex there are no obvious deficiencies. = - C. A. R. Hoare =20 =20 From: 'Bas Westerbaan' via pqc-forum Reply-To: Bas Westerbaan Date: Wednesday, September 7, 2022 at 07:25 To: Mike Ounsworth Cc: Paul Hoffman , pqc-forum Subject: Re: [Ext] [pqc-forum] Call for Additional Signatures is released =20 =20 On Wed, Sep 7, 2022 at 12:22 AM 'Mike Ounsworth' via pqc-forum wrote: crt.sh shows that we're in the single-digit-billion certs in the index. If = you were to download and integrity-check the entire thing on a regular basi= s, then I could see short signatures and fast verifications being a big dea= l. =20 I'd say having a small-signature&fast-verification scheme is a much bigger = deal for the 2+ SCTs that are in every single leaf certificate on the web. = Also it's nice for the signature in the intermediate certificate. There are= not that many root CAs and CT logs, so having slightly larger public keys = for those keypairs could be a worthwhile trade-off. =20 Best, =20 Bas =20 --=20 You received this message because you are subscribed to the Google Groups "= pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.n= ist.gov/d/msgid/pqc-forum/CAMjbhoW%2B2EOTBfcLF0ERATw9GgmkQd-EPJh_-Y0uPnsSat= iphA%40mail.gmail.com. =20 --=20 You received this message because you are subscribed to the Google Groups "= pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.n= ist.gov/d/msgid/pqc-forum/3139A267-51A2-402C-BE3D-65FED31B6E89%40ll.mit.edu= . =20 --=20 You received this message because you are subscribed to the Google Groups "= pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.n= ist.gov/d/msgid/pqc-forum/LO2P123MB36612BE22406EE5C8F3385A484419%40LO2P123M= B3661.GBRP123.PROD.OUTLOOK.COM. =20 --=20 You received this message because you are subscribed to the Google Groups "= pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.n= ist.gov/d/msgid/pqc-forum/3199409D-8CFA-4CD3-B27A-511BC647ACA0%40fau.edu. --=20 You received this message because you are subscribed to the Google Groups "= pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.n= ist.gov/d/msgid/pqc-forum/HE1PR0701MB30509C8666E8BABB0DC9B89489449%40HE1PR0= 701MB3050.eurprd07.prod.outlook.com. --=20 You received this message because you are subscribed to the Google Groups "= pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.n= ist.gov/d/msgid/pqc-forum/551AC068-433F-4916-B8A8-024B39DC63AA%40ll.mit.edu= . --B_3745835631_2873281489 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable

Note that there are = much more constrained networks than Uri's use case.

<= p class=3DMsoNormal> 

P= lease note that I=E2=80=99ve only listed my use case constraints, fu= lly understanding that there are other more constrained applications.<= /o:p>

=  

The world "constrained" can refer to= systems with several orders of magniture difference in capabilities. While= constrained devices has gotten quite a lot of attention, the radio is ofte= n the most constrained part.

 

Yes.

 

Constrained radio networks are characterized by very small f= rame sizes on the order of tens of bytes transmitted a few times per day at= ultra-low speeds, high latency, and severe duty cycles constraints. The nu= mber of different constrained radio network technologies is large and growi= ng. Some examples of constrained network technologies are LoRaWAN, NB-IoT, = Sigfox, Wi-SUN FAN, Bluetooth Low Energy, and IEEE 802.15.4. IEEE 802.15.4 = is used in Zigbee, ISA100.11a, WirelessHART, MiWi, 6LoWPAN, 6TiSCH, Thread = and SNAP. Low Power Wide Area Networks (LPWANs) is a huge and very quickly = growing market expected to reach over 1000 billion USD globally by 2027.

 

To work well in= constrained radio networks, the message sizes need to align with the tens = of bytes transmitted a few times per day that the networks are designed for= . Infrequently sending a few hundred bytes is acceptable in many constraine= d networks but sending a thousand bytes is not feasible in more constrained= networks.

 

I concur, and w= onder what would be the PQ solution for those.

 

Note that static keys often d= o not need to be sent over constrained links, as they can be provisioned or= accessed over non-constrained links.

&nbs= p;

I disagree. In some cases the above is true. In others, = like mine =E2=80=93 decidedly not so. The only reasonable pre-provisioning = in my case is for the known-in-advance CA certs. <= /p>

 

I understand that there are others who can pre-provision s= tatic keys, in which case McEliece doesn=E2=80=99t sound all that bad. 😉 \

Just don=E2=80=99t start thinking that it=E2=80=99s the =E2= =80=9Cusual=E2=80=9D case.

 

Moreover, = signatures can in many cases be replaced by a symmetrical MAC from an Ephem= eral-Static or Static-Static key exchange by changing the architecture and = protocols, as long as the proving node is online.

 <= /p>

Yes.= Tradeoff between how much to send, how often, and who to (including how ma= ny entities to talk with during this process).

<= o:p> 

= As several people asked me offline, here i= s a copy of the paper we submitted to NIST.

https://drive.google.com/file/d/1Vky_uA8DhJMGM-keHH-ujF23xG6stUXq=

 

Thank you! Let me read it and get back with questions, if = any.

 

TNX

 <= /span>

From: 'Edoardo Persichetti' via pqc-forum <pqc-forum@list.nist.go= v>
Date: Thursday, 8 September 2022 at 23:49
To: Blu= menthal, Uri - 0553 - MITLL <uri@ll.mit.edu>
Cc: pqc-forum = <pqc-forum@list.nist.gov>
Subject: Re: [Ext] [pqc-forum] Ca= ll for Additional Signatures is released

T= hanks Uri, this is very accurate :)


Best,
Edoardo

 

<= div>

On Sep 8, 2022, at 5:46 PM, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> wrote:

 

Hi all! I guess, for us designers, it would be great to h= ave a more precise understanding of what are the ballparks and sizes discus= sed here, with reference for the various use cases, since the terms =E2=80= =9Clarge=E2=80=9D, =E2=80=9Cshort=E2=80=9D, =E2=80=9Cslightly larger=E2=80= =9D and similar are very vague.

 = ;

<= p class=3DMsoNormal style=3D'margin-left:.5in'>OK, for you designers: my =E2=80=9Cconstrained=E2=80=9D = use case prefers 

 

=C2=B7       = ;  signatures in ballpark of 1 Kbyte or le= ss, 

=C2=B7  =        public keys = for KEM =E2=80=93 in ballpark of 1.5 KB or less, 

=C2=B7         = public keys for signature =E2=80=93 within a couple of K= B, if over-the-air exchange of intermediate CA certificates required =E2=80= =93 less than 2 KB.

 

Performance for signature:&= nbsp;

<= /div>

=C2=B7       = ;  fast verification is a-must,

<= span style=3D'mso-list:Ignore'>=C2=B7         fast signi= ng is preferred,

= =C2=B7    =      fast keygen is not that critical.<= o:p>

 

Performance for KEM: everything must be fast.

 =

Hope this helps.

 

=

TNX

On Sep 7, 2022, at 5:42 PM, Bo Lin <crypto.sec@outlook.com> wrot= e:

&= nbsp;

=

 

=

Yes, totally agree! There are many applications that key size overweighs p= erformance <= /p>

 

Get&nbs= p;Outlook for iOS

 

From: pqc-forum@list.nist.gov <pqc-forum@list.nist.gov> on behalf of Blumenthal, Uri - 0553 - M= ITLL <uri@ll.mit.edu>
Sen= t: Wednesday, September= 7, 2022 12:49 pm
To: pqc-forum <pqc-forum@lis= t.nist.gov>
Subject:&n= bsp;Re: [Ext] [pqc-forum] Call for Additional Signatures is released=

 

Having a small-signature && fast-verification is crucial for constrained environments (that I=E2=80= =99m often dealing with). <= /span>

I agree that a smaller signature a= t the cost of slightly larger public key would be a good compromise, at lea= st for my use cases.

 

Thanks!

--

V/R,

Uri

 

= There are two ways to design a system. One= is to make it so simple there are obviously no deficiencies.

<= i>The other is to make it so complex there= are no obvious deficiencies.

            =               &= nbsp;           &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;      -  C. A. R. Hoare<= span style=3D'font-size:11.0pt'>

 

 

=

From: <= span style=3D'font-size:12.0pt'>'Bas Westerbaan' via pqc-forum <pqc-forum@list.nist.gov>
R= eply-To: Bas Westerbaan= <bas@cloudflare.com>
Date: Wednesday, Septe= mber 7, 2022 at 07:25
To: Mike Ounsworth <M= ike.Ounsworth@entrust.com>
Cc: Paul Hoffman <paul.hoffman@icann.org>, pqc-forum <pqc-forum@list.nist.gov>
Subject: Re: [Ext] [pqc-forum] Call for A= dditional Signatures is released

=

 

 

On Wed, = Sep 7, 2022 at 12:22 AM 'Mike Ounsworth' via pqc-forum <pqc-forum@list.nist.gov> wrote:

crt.sh shows that we're in the single-digit-billion certs in t= he index. If you were to download and integrity-check the entire thing on a= regular basis, then I could see short signatures and fast verifications be= ing a big deal.

 

I'= d say having a small-signature&fast-verification scheme is a much = bigger deal for the 2+ SCTs that are in every single leaf certificate on th= e web. Also it's nice for the signature in the intermediate certificate. Th= ere are not that many root CAs and CT logs, so having slightly larger publi= c keys for those keypairs could be a worthwhile trade-off.

 

<= span style=3D'font-size:11.0pt'>Best,

 

<= /div>

 Bas

 

=

-- =
You received this message because you are subscribed to the Goog= le Groups "pqc-forum" group.
To unsubscribe from this group an= d stop receiving emails from it, send an email to pqc-forum+unsubscribe@list.nist.gov.
To view this discussion on t= he web visit https://groups.google= .com/a/list.nist.gov/d/msgid/pqc-forum/CAMjbhoW%2B2EOTBfcLF0ERATw9GgmkQd-EP= Jh_-Y0uPnsSatiphA%40mail.gmail.com.

 

-- 
You received this message because you are subscrib= ed to the Google Groups "pqc-forum" group.
To unsubscribe from= this group and stop receiving emails from it, send an email to pqc-forum+unsubscribe@list.nist.gov.
To view this = discussion on the web visit https://groups.google.com/a/l= ist.nist.gov/d/msgid/pqc-forum/3139A267-51A2-402C-BE3D-65FED31B6E89%40ll.mi= t.edu.

 

-- 
You received this message b= ecause you are subscribed to the Google Groups "pqc-forum" group.=
To unsubscribe from this group and stop receiving emails from it, send = an email to pqc-forum+unsubs= cribe@list.nist.gov.
To view this discussion on the web visit = = https://groups.google= .com/a/list.nist.gov/d/msgid/pqc-forum/LO2P123MB36612BE22406EE5C8F3385A4844= 19%40LO2P123MB3661.GBRP123.PROD.OUTLOOK.COM.

 

--
You received= this message because you are subscribed to the Google Groups "pqc-for= um" group.
To unsubscribe from this group and stop receiving emails= from it, send an email to pqc-forum+unsubscribe@list.nist.gov.
To view this discussion = on the web visit https://groups.g= oogle.com/a/list.nist.gov/d/msgid/pqc-forum/3199409D-8CFA-4CD3-B27A-511BC64= 7ACA0%40fau.edu.

--
You received this me= ssage because you are subscribed to the Google Groups "pqc-forum"= group.
To unsubscribe from this group and stop receiving emails from it= , send an email to p= qc-forum+unsubscribe@list.nist.gov.
To view this discussion on the w= eb visit https://groups.g= oogle.com/a/list.nist.gov/d/msgid/pqc-forum/HE1PR0701MB30509C8666E8BABB0DC9= B89489449%40HE1PR0701MB3050.eurprd07.prod.outlook.com.

--
You received this message because you are subscribed to the Google Groups &= quot;pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to pqc-forum+un= subscribe@list.nist.gov.
To view this discussion on the web visit https://groups.google.c= om/a/list.nist.gov/d/msgid/pqc-forum/551AC068-433F-4916-B8A8-024B39DC63AA%4= 0ll.mit.edu.
--B_3745835631_2873281489-- --B_3745835631_2531125173 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUfQYJKoZIhvcNAQcCoIIUbjCCFGoCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0B BwGgghJDMIIE8zCCA9ugAwIBAgITJgAABVq3kr35c1qYVgAAAAAFWjANBgkqhkiG9w0BAQsF ADBRMQswCQYDVQQGEwJVUzEfMB0GA1UECgwWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECwwDUEtJMRMwEQYDVQQDDApNSVRMTCBDQS04MB4XDTIyMDQwNDEzNTM1NVoXDTI3MDQw MzEzNTM1NVowYTELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRv cnkxDzANBgNVBAsTBlBlb3BsZTEgMB4GA1UEAxMXQmx1bWVudGhhbC5VcmkuNTAwMTA1ODQw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9NYdvY08CoRve6q3AKBgfzmsefk5M zgm1mGRyvBE44NBXZx5FGTzX98vLsn9ZditfBfYtn9qOydXWmFh06/mKZlJN0Bg4nRs466vX cyKyiY1PGgRPSl64CMdpuwt2/Mf1/+6fZta3Ffroz4GSx9sqxQYGB8QLCR1wxNbYcCghhfyW YUb7BBmhkVYEGFzWk5nBQh9Npo6U1qh5+8zQvTbXSv14xlWenQ2FUHxKHbVVYkle6WuKjbrz it+HhcIWf+E77iVw4nh2avF2o3J4U2VBWM53aITRTfKepHA6edHrxYmSNajSsu9TbEAqYZW+ Gfohw9ji4Q74UcWpdwAcug65AgMBAAGjggGyMIIBrjAdBgNVHQ4EFgQUwcUrH0niWJCqOR90 PBc5IX0RWYowDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFAepY/eqZM/S+hvIfQE1id5I FbRrMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXRjcmwvbGxj YTgwZgYIKwYBBQUHAQEEWjBYMC0GCCsGAQUFBzAChiFodHRwOi8vY3JsLmxsLm1pdC5lZHUv Z2V0dG8vbGxjYTgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmxsLm1pdC5lZHUvb2NzcDA9 BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+K cwIBZAIBCjAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAZBgNVHREEEjAQ gQ51cmlAbGwubWl0LmVkdTAYBgNVHSAEETAPMA0GCyqGSIb3EgIBAwEIMCcGCSsGAQQBgjcU AgQaHhgATABMAFUAcwBlAHIAUwBpAGcALQBTAFcwDQYJKoZIhvcNAQELBQADggEBAJ+zQ365 LelAZV/UiO5ekekrpdjdQJ2pjlicGLhlQ1nBVgk3nLMFfi+MX5MUagzqCxZLXnU4eCbPjrZC MZRrN6/iSGVxEt4zclP82KUbFLxcHTEpglBARmze2eaurPPV5R1qKdVZQDbJE2pt9gyHYKM7 vpXtv+7MalLDzWUVIbeC8bHGr5SOn417R0XANNptDAhI+Y84rXjINWb6Qyc3pCTv2KheGePR ztfOlzJ8yxKwVW8CfqD9GhUr1lBJPu+CMxn7337BlpjRgfOi5FYBsbOPeo+fGosBK+bxDbbK aS5R+4K+irSppZUQL6rbkFs98efVDnNsl/mX7edtERHXnB4wggTAMIIDqKADAgECAgEaMA0G CSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJv cmF0b3J5MQwwCgYDVQQLEwNQS0kxGDAWBgNVBAMTD01JVExMIFJvb3QgQ0EtMjAeFw0yMTA0 MTQxMTAwMDBaFw0zMjA0MTQxMTAwMDBaMFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQg TGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTgw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC20qJRmL57N3pdHf9QGwW079emEfyo 8IvWXtCOr13el7DfD2ZEbn7Xr5Ubg6RJ1uDX8L/0btB/gT5vVQFylFPt0xZDj5zMyPmHMkxf xEvu0y/CArI0a8iDpZwubXU1jSvXSx6wFphXB6s1CuQTro8F9N0WrjHravsI7UYeuemTOEim f0aCGwDF5jlXZn42uSCU1dNpJ9SuyvUOJ3oDoVo4epR9fTbNd3lGKnm+8srrLx4mVhxmlFlg Ow/rDA+5KC/yUNr9z/bzLl6CTUQQbfAgFd52C/6adnxkigAiSGt4Jm9asCnw8ui0wFjZijJZ Uqamh5t9e5pQEHXRtUenj3XDAgMBAAGjggGcMIIBmDASBgNVHRMBAf8ECDAGAQH/AgEAMB0G A1UdDgQWBBQHqWP3qmTP0vobyH0BNYneSBW0azAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGu girH7vgy+zAOBgNVHQ8BAf8EBAMCAYYwZwYIKwYBBQUHAQEEWzBZMC4GCCsGAQUFBzAChiJo dHRwOi8vY3JsLmxsLm1pdC5lZHUvZ2V0dG8vTExSQ0EyMCcGCCsGAQUFBzABhhtodHRwOi8v b2NzcC5sbC5taXQuZWR1L29jc3AwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5sbC5t aXQuZWR1L2dldGNybC9MTFJDQTIwgZIGA1UdIASBijCBhzANBgsqhkiG9xICAQMBBjANBgsq hkiG9xICAQMBCDANBgsqhkiG9xICAQMBBzANBgsqhkiG9xICAQMBCTANBgsqhkiG9xICAQMB CjANBgsqhkiG9xICAQMBCzANBgsqhkiG9xICAQMBDjANBgsqhkiG9xICAQMBDzANBgsqhkiG 9xICAQMBEDANBgkqhkiG9w0BAQsFAAOCAQEAk5J8nagkqLkBH8OEa/Xljh61/LR9xNWVyICG YF6au84DtRVPKf+FJMVH4LVpkszkD1jzXvdghP8kTTpxv52zPFY4u7d6DVMhT9uGSQTpnVa8 MrV+H9PWpy/zQFdMbndsagZXLef4OOnbD9QlFLn+uivTbFb2lzDJLBXhhyCaVO1XISZ8LB/G L4EE6cQtkZRYTc7TVrjjN3zVcZL90yAvnThzWUtXVWzbliYu9mEB7ikWMX4VIEF3DPzOEh1q prgEy4TcklpQW1F02zyctHymFSXGGy1RpzvRKG/oUTw+sgXHCSiQDnPLFVbQsPd2lYUu3HXw ZZ+ldq2pGt4yylMZ7jCCA4owggJyoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UE BhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTEY MBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMB4XDTE2MDQyMDEyMDAwMFoXDTM1MDQxOTIzNTk1 OVowVjELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAK BgNVBAsTA1BLSTEYMBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAv3WoBEGOOJtm4ucvaf6vKIFPs8watCd6Smwq/XeRNo7P3jPIxNPw F398RGDUmPJIXA7idzD6j0opFIW+kLqYye9e788PV0dqaJlX8818fNDbSE+8B6hieqKTR7Vf OI74UVQEUKVRFuRFw6uVYuvgew2Tj/C2dEee37eruQl5nHkbV2OsWnZ7O+yt+etd6HRcaXLl P9q8WKgA3B7vkOVIMCKoAuaWj+BFq7K+WNkiyi/KdOH9JmOpbyRK4jcA7xbLnF8JFUSNg5c4 Y1BJrFaZtkCeG6Nm9p524GllkRFzPgpj8VicV+AK+9rY07dTx02kYotTnKuy0YxBAwsUXxAQ EwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT/ycllTFOA8akMPCGugirH 7vgy+zAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGugirH7vgy+zAOBgNVHQ8BAf8EBAMCAYYw DQYJKoZIhvcNAQELBQADggEBAHqYfEf/3J5aMKhlYQ0PnUAbMB8jZSr9/HvjfOF00crFUCfS rqG8JQwo+S/iq66gcp62FEgJ0fQkDgVg6m+C2ETo1LoWiSxhYCfcSIQECljlXwR8wFSayF82 2S69IqvHhdq4d58jU6gYi6ssjU4vwsvsVLRJKk/m/Cg/w8gW6YHM5ahBD6/5Ccel2fI7oSms kO991+otrC11YfDwCFvz7Am0r+K9iVhSWta4hmIuV0YBia07eZKSO02LPgQ8YOz3ku0Yt+mh 8VWRKux2CcYjMpk+WDV0BMp75tqb6pqBFkcKvEBXqxg+8+G/umjii4H0c5kvJhaQyykbmOKm xO9IcJIwggT2MIID3qADAgECAhNZAAUW1xDL1n3IkFBHAAAABRbXMA0GCSqGSIb3DQEBCwUA MFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYD VQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTUwHhcNMjEwNzA2MjM0ODI1WhcNMjYwMzAy MjM1OTU5WjBhMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9y eTEPMA0GA1UECxMGUGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMRXUPN5Fz28jb9GOca2/6HDq5EE4Hu T1enB0TiMEnOTipW88pgPmSZ/AAFyJF7AWX7PYPw94Ed/Bbs7yCCa6WZS7cQzdHOWppx9gRZ AxkR8+TgosxPcHoCMXmI/hXtVdZ7mwZlpBGJvyBe6YRmxOWLl3WiCRi/gBThwEWsiQZOfhEN 7hC2GhgCKetpNlTRPxslLmkStNlnjNAxhet8Vm/KSYJFVPOx3qytdLwnO6sz4AfIJJQkFX26 6oP0F/4bjRGlIZrZpdUPGiydpJl1r5SRcYs1ZE7JHErULWSyiAIzBDHUCTcN2GnFoR+9fz92 q2VIHvNHx7bV1hd0E0zlC9UCAwEAAaOCAbUwggGxMB0GA1UdDgQWBBSQ5IixU+wo9uUYNUB4 G/ea7vuWEjAOBgNVHQ8BAf8EBAMCBSAwHwYDVR0jBBgwFoAUL++7xg0du+lq/qxn8wc7CHb2 S1kwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9sbGNh NTBmBggrBgEFBQcBAQRaMFgwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9n ZXR0by9sbGNhNTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AubGwubWl0LmVkdS9vY3NwMD0G CSsGAQQBgjcVBwQwMC4GJisGAQQBgjcVCIOD5R2H7Kdmhq2HFYPq8EWFtqEfHYXr0HCD6+0g AgFkAgELMCUGA1UdJQQeMBwGBFUdJQAGCCsGAQUFBwMEBgorBgEEAYI3CgMEMBkGA1UdEQQS MBCBDnVyaUBsbC5taXQuZWR1MBgGA1UdIAQRMA8wDQYLKoZIhvcSAgEDAQgwJwYJKwYBBAGC NxQCBBoeGABMAEwAVQBzAGUAcgBFAG4AYwAtAFMAVzANBgkqhkiG9w0BAQsFAAOCAQEAICZO a7qQQMDGZzRUaX+Mm/3meVo0nTEdNby178MGq6uYGUS4keIkljEoI+KiEMbT8rtCOBZwomnO HdJmLuRUEgrVAos27V4yjvoic8QKsz+qEhxslFg/2EYMAbTsyLqg34R+wG5o6K95ohUrgLud fPxAmcLOFBtIZBr/3DUIlzw4xHKiX2ruex7YOrQccgXb2qGtNB7tG6jAaXqFb+NZTJhj+3pd OiZiZanzpZvPLIH6Xe4awqDrok7q9ImwwSSQorNrJxKKtA3vLUW3DGvom3XDiOjDqpzhmqXC u6Wf7JfrSJRaudU2WyvYfPk7NQlkLR/1G6Xz+zKqO/cBt2aNATGCAf4wggH6AgEBMGgwUTEL MAkGA1UEBhMCVVMxHzAdBgNVBAoMFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsM A1BLSTETMBEGA1UEAwwKTUlUTEwgQ0EtOAITJgAABVq3kr35c1qYVgAAAAAFWjANBglghkgB ZQMEAgEFAKBpMC8GCSqGSIb3DQEJBDEiBCCwvyPk83qlARLxpJxhL7Jz55JyvzXNaMqQidXb VInZIjAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMjA5MTIx NzUzNTFaMA0GCSqGSIb3DQEBAQUABIIBAJ1tcVypJtCGQtD9GLSBnVzHKFr8Fv1HTVszrzBj rqdh9mZ/SQduzZWNV1uI7Ok23ZMgXCzQv3eDfggV4JntPRbSdMv/JY6C3swu8A1/872eU/6a PKmn5/fgRHFR8Ha+/9Vcmfpy4npCNQIhngc4PKGeIEVFACmSULXNWApLNekChnRCOexT3UjC ydf6nTfgRA8BQI7BQ+GRtQ0ACfduMJ9jpqx8tDoFYRpYqR9bRtSKLpzWKfuX/tcZTRxGkjX4 kB6kI4V4lyAz5a/ZyqrwtGbCZzwRyvWfX4i/Lmioyq854P9ymxd8hSqHJ6LoU2hyQ3COLx0F Tmqk3ewgesvhuO0= --B_3745835631_2531125173--

 

 

EXTE= RNAL EMAIL : = Exercise caution when responding, opening links, or opening attachments.