From nobody Thu Sep 13 17:05:09 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F14C3129C6B for ; Thu, 13 Sep 2018 17:05:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o5tm-rpLe8C0 for ; Thu, 13 Sep 2018 17:05:06 -0700 (PDT) Received: from mail-yb1-xb34.google.com (mail-yb1-xb34.google.com [IPv6:2607:f8b0:4864:20::b34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E316712008A for ; Thu, 13 Sep 2018 17:05:02 -0700 (PDT) Received: by mail-yb1-xb34.google.com with SMTP id w184-v6so1645547ybe.11 for ; Thu, 13 Sep 2018 17:05:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:message-id:date:to; bh=DGG4bC87ypSCSIhWRikHMqCKdtP4P61VgCu0mZB2Oro=; b=FHK+nGgMXAa4x+R41Q52J65lmOW0fIPXPlW76Cm3X1rcVgPO/1cuDGp6zculzj7E1E m0xCveZ8A/GGn11yuun8orxIn5r7BfFhnkNUWCuFfA3VIQfW1jFaEnwARVSxtwyLWdLT CGOcFJsLKBR4BcJowQ3GEFVnGxwtxSewg5/5KLpyGloOi6xq7+gFPbaYmoB4RajzIPic iJhwDMWa0VAG2vL/ESZaZYSThxu+r6m7RJsg0G6kR68HNWSMVmuKc41m1FVKt/4UpyOG +dD9THrjG6xNtvxfN+xnkFNGU1BTLfWutnXv0JWDCM3n9Tn/NKUeVw4ecJfZsPZsfM8N 8OqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=DGG4bC87ypSCSIhWRikHMqCKdtP4P61VgCu0mZB2Oro=; b=RAA221b9+DZGSfTZKXJOOH4a0CU4wdT6Ss9OLQ2fQBuUOQAeHMKXq/3gNgtfVQEnGm huK5VK0TMsfFPPG7a3Uol0wCnSeg0zYXQVoLpyzRc0SLP4/adAlL1uf6huptEPy8R5ul Z7CjjbT4ixeNI8UyZTOrAdCICzvlbkne/LNbRUJ9A80XkXaW7CIzWWEpkkLHH5by9qEw voOYDFok4X+A2qevSujHWymRNHOuQ2/eih56LIB3seXqcjlSQQUVTrFu+wjdpz5dEK3q qwemkdFGs2cyE65ZVDgNUpdUpTbLbQbkCZb3np6wj3khkgxYajb6Yfmk/vpVgbyMgy/S T2jg== X-Gm-Message-State: APzg51Drtns8rvgDyY+gF7f2yFGNnXlXeK2d458cx5CSxBKPlShQVGEv OcE0/vpXQrgV5KFzEV5IkuVoUaeb X-Google-Smtp-Source: ANB0VdapXunpsi35VDIGdjHVFVIKSNmLGirb74On+dfSY+PJSCTYn1ggeJqW6/HWnJkghVqg9SEFGA== X-Received: by 2002:a25:4e84:: with SMTP id c126-v6mr4708746ybb.311.1536883501681; Thu, 13 Sep 2018 17:05:01 -0700 (PDT) Received: from ?IPv6:2605:a601:3260:266:64e4:7aa6:af6e:e093? ([2605:a601:3260:266:64e4:7aa6:af6e:e093]) by smtp.gmail.com with ESMTPSA id t193-v6sm1939958ywc.43.2018.09.13.17.05.00 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 13 Sep 2018 17:05:00 -0700 (PDT) From: Bret Jordan Content-Type: multipart/alternative; boundary="Apple-Mail=_77342784-5D44-4356-885A-A3A7E96FAED6" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Message-Id: Date: Thu, 13 Sep 2018 18:04:56 -0600 To: cacao@ietf.org X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: [Cacao] Welcome X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Sep 2018 00:05:08 -0000 --Apple-Mail=_77342784-5D44-4356-885A-A3A7E96FAED6 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 All, Welcome to the CACAO mailing list and thank you for your interest in = this Collaborative Automated Course of Action Operations (CACAO) work = that we would like to get started here in the IETF.=20 I hope by now you have had a chance to review the initial draft that = talks through some of the reasons why this work is needed and what some = of the requirements would be. We welcome any comments and suggestions = you might have, especially with regards to things we need to add or = requirements we are missing. Right now we are trying to gauge interest in moving forward with this = work here at the IETF. If you have thoughts or feelings about this, = please speak up. In the coming week I will be starting a thread to talk about the = individual and atomic problems that we need solve and the order in which = they need to be solved so that this work can be successful. If some of = these are already solved problems, please speak up and help us = understand how they could be used for this use case. One of our goals for this work is to move quickly, develop proof of = concept solutions, and gain market adoption. There are several vendors = and large organizations that have an immediate need for this type of = solution. So we are hopeful that we can follow what ever IETF processes = we need to follow, but also make significant progress in a timely manner = (assuming this community is interested in us doing this work here at the = IETF). A few housekeeping things: =E2=80=A2 We plan to use Google Docs to track and work on all of = the content. All content is currently being written in Kramdown directly = in Google Docs. I will be sending out links to the read-only address = first of next week. If you want comment/suggest rights, please let us = know or request access within the documents themselves. Obviously all = contributions and suggestions are bound by the IETF Note Well = (https://www.ietf.org/about/note-well/) =E2=80=A2 Additionally, we are looking at using Slack for some = day-to-day faster communications. We would be interested in hearing what = this community would think of that. I know QUIC and a few other IETF = groups are also using Slack, so that is not something necessarily new. If you have any comments or concerns at any time, please feel free to = reach out to me or Allan directly.=20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." --Apple-Mail=_77342784-5D44-4356-885A-A3A7E96FAED6 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 All,

Welcome to the CACAO = mailing list and thank you for your interest in this Collaborative = Automated Course of Action Operations (CACAO) work that we = would like to get started here in the IETF. 

I hope by now you have had a chance to review the initial = draft that talks through some of the reasons why this work is needed and = what some of the requirements would be. We welcome any comments and = suggestions you might have, especially with regards to things we need to = add or requirements we are missing.

Right now we are trying to gauge interest in moving forward = with this work here at the IETF. If you have thoughts or feelings about = this, please speak up.

In the coming week I = will be starting a thread to talk about the individual and atomic = problems that we need solve and the order in which they need to be = solved so that this work can be successful. If some of these are = already solved problems, please speak up and help us understand how they = could be used for this use case.

One = of our goals for this work is to move quickly, develop proof of concept = solutions, and gain market adoption. There are several vendors and = large organizations that have an immediate need for this type of = solution. So we are hopeful that we can follow what ever IETF processes = we need to follow, but also make significant progress in a timely = manner (assuming this community is interested in us doing this work here = at the IETF).

A few housekeeping things:

=E2=80=A2 We plan to use Google = Docs to track and work on all of the content. All content is currently = being written in Kramdown directly in Google Docs. I will = be sending out links to the read-only address first of next week. = If you want comment/suggest rights, please let us know or request access = within the documents themselves. Obviously all contributions and = suggestions are bound by the IETF Note Well (https://www.ietf.org/about/note-well/)

=E2=80=A2 = Additionally, we are looking at using Slack for some day-to-day faster = communications. We would be interested in hearing what this community = would think of that. I know QUIC and a few other IETF groups are = also using Slack, so that is not something necessarily new.

If you have any comments or concerns at = any time, please feel free to reach out to me or Allan = directly. 


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

= --Apple-Mail=_77342784-5D44-4356-885A-A3A7E96FAED6-- From nobody Mon Sep 17 09:03:42 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD943130DE9 for ; Mon, 17 Sep 2018 09:03:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zequ_0BxzhC8 for ; Mon, 17 Sep 2018 09:03:37 -0700 (PDT) Received: from mail-yw1-xc2b.google.com (mail-yw1-xc2b.google.com [IPv6:2607:f8b0:4864:20::c2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C11C3127333 for ; Mon, 17 Sep 2018 09:03:37 -0700 (PDT) Received: by mail-yw1-xc2b.google.com with SMTP id n21-v6so5652595ywh.5 for ; Mon, 17 Sep 2018 09:03:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:message-id:date:to; bh=BakzLK58RXtmQJWM7Km19zrdIFZ9EuTF9yKnS82dgPo=; b=PMJvk8RqkMhnxcKOVhmGuC9X0uTOnD9F6xWlGK5YO7r/ZjtSvVOG9MmyzfAYJKFi8K 17yT+P9yHIsulU0/Es3YjGZTvN0DaQ/lCTM6JKJQxQ6sz4XVcfTqzPoXH5LA79sx2Nyk 9HivHQ8jYiNNnbZiGXC6zuHFotgVRfqBhPe70/ot9BpbRPaICbmhZyFfxkTPFdBtzoGm fZGFb8ekcJ/rPsyW2pavZumdXz8wv6mpgJN5r0muCC9IdHTZdjjHpvByAjEz5srY+JUC KUfI5aSZbtXTp9zy7nf1gGdKDUkbpR0EjYOe1+nCSIP0REDaIVcu/kHVRKx1HcfMSygp qAhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=BakzLK58RXtmQJWM7Km19zrdIFZ9EuTF9yKnS82dgPo=; b=MIiP6VdfzYR2gS7bd9Fpw7D4YK+VUPViK8smSz7PufYbXPCJD0JbHoKEqm8379uKL6 fWjrQBYtvYMFk9kPl3zjZRzyfjOjcd05vnQvi8rZfbdV61xe2CUnsl5XY3lrKPpDTEAq 1FeiD0rdC6iKEFRIcJNmyb9IH0+t2pswofG8gv4sUqm2POnPHfb4II34649ZMSHpsQI2 Y+8SSSQKKgUH62uF9Je+v+biwKw0kQ2MfvdhK79veSTE2ZsUsunWbAZ8vEgapPcxXTuJ BB0mq8GrLrJFwYHV7oUdvgpihSUBV4FIE2uriv0yrHhvfSA3rkyBhGw1F5IT+ejB+Q7b D9/g== X-Gm-Message-State: APzg51BNuU7ytJlrUHNr76Q1IeIoTpdNy2Kj1PYuY7WBQQqhRViNpgtY cb6yOCR/n42GV2nXxTNE9TQKIFzX X-Google-Smtp-Source: ANB0VdbMKc2OJ2rdB33YqB8OktVd/IpiMRIReBrj8AwhW1kEwi1Z9VWsHT2lfX5m1t2mkzhVQ8pxJQ== X-Received: by 2002:a81:7d46:: with SMTP id y67-v6mr10894109ywc.457.1537200216281; Mon, 17 Sep 2018 09:03:36 -0700 (PDT) Received: from ?IPv6:2605:a601:3260:266:c28:c7ab:3d58:87ff? ([2605:a601:3260:266:c28:c7ab:3d58:87ff]) by smtp.gmail.com with ESMTPSA id b2-v6sm6147223ywd.48.2018.09.17.09.03.34 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 09:03:35 -0700 (PDT) From: Bret Jordan Content-Type: multipart/alternative; boundary="Apple-Mail=_FB98560B-DE49-460B-9830-690198F540C6" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Message-Id: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> Date: Mon, 17 Sep 2018 10:03:30 -0600 To: cacao@ietf.org X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2018 16:03:41 -0000 --Apple-Mail=_FB98560B-DE49-460B-9830-690198F540C6 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii All, As I mentioned in my Welcome message last week, we plan to use Google = Docs to track all comments and suggestions to this draft and any other = drafts that we write for this work. The read-only link for this work can = be found here: = https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywiU= Sn2tI/edit# = If you want to see comments and suggestions that are being proposed, or = if you want to add your own comments and suggestion, please request = access from within the Google Docs itself.=20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." --Apple-Mail=_FB98560B-DE49-460B-9830-690198F540C6 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
All,

As I mentioned in my Welcome message last week, we plan to = use Google Docs to track all comments and suggestions to this draft and = any other drafts that we write for this work. The read-only link for = this work can be found here:


If you want to see comments and suggestions that are being = proposed, or if you want to add your own comments and suggestion, please = request access from within the Google Docs itself. 



Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

= --Apple-Mail=_FB98560B-DE49-460B-9830-690198F540C6-- From nobody Mon Sep 17 14:46:19 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF012130E7B for ; Mon, 17 Sep 2018 14:46:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zk8P-j6Bn_SH for ; Mon, 17 Sep 2018 14:46:15 -0700 (PDT) Received: from mail-qt0-x22a.google.com (mail-qt0-x22a.google.com [IPv6:2607:f8b0:400d:c0d::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BE60130DC6 for ; Mon, 17 Sep 2018 14:46:15 -0700 (PDT) Received: by mail-qt0-x22a.google.com with SMTP id o15-v6so16813352qtk.6 for ; Mon, 17 Sep 2018 14:46:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=eqVv0XvYYTAoM7EC61/HHM8EwEnkJuxyXiampGqGkfs=; b=MmVb0pW/QDM1tSsjazAGwUT8bm40ONvC0ioVrP4MsHprcNxuwj13V+2BvSf8aq77Fp bClcTjzGNbziCoR9uTJPTdoljMjQFWkGqbj5cwSaLPXWJ3kXr+R1QTzeL14dSp9Fgao3 qkxXytdd+Vx3g0GQwdfW6qeDaHhYM9XlSkOxm8EDg7Efnq6N0NuYgnPXZWstAe/9wYJD Gpcs4WunhmBgKvFtOiJOqvRpIOZ+mDseERXcluRRRR9Zgd56qcjSdbftgAkCiWIHU60A yMWyk1OhL0O2Euua5HnUGtXpIFxh5Hjj14hu3upYaqDd5Josei3EwnkDfLsDP+CsoDzr 4jHA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=eqVv0XvYYTAoM7EC61/HHM8EwEnkJuxyXiampGqGkfs=; b=SJWrm+loc17uJ8uAjrSoNbMur4QuyRpgHRZ6HShdOAG5Tv2J6bv7arqnsimZ8g2XUw FcnCwB3gC8fQ5xCBCu6G7exADhJM+AqjCPfpLW8BC3cYWLSBW5JABZOE44MNvEXBBfTR gPOec4QGl3dscLqgwlFV3tc1vFH3Gq5M+NhJilw6fj+Xe6mIUItKiuy6bSZDDwqZeN2t w4eYaeX1PmfraN02MDzJWNz+UdW3qMqI7Cfc+Pom4n7AsDI5Pp9lej7RQnqb4oH9K51t v10luz3qVcy9IJOo52maM/CRviY8F+FNDJZasuUtK05ohUibGNazHYVhSoLHmM4NqYU3 KGbA== X-Gm-Message-State: APzg51CjK5qW5JBxOoAQL3MD9VjN5iFl3UKnwd489E0kzkNQioJCng96 /ZM8u2Lc4vLe7nN/bRsbzbk= X-Google-Smtp-Source: ANB0Vdbwh9En9tTH8cVMAMfjhIClHIINfIxgmhXIJe/iJWgVT5RqnObKXzc82rfXorcFDl2z0Ra9GA== X-Received: by 2002:ac8:2617:: with SMTP id u23-v6mr19718033qtu.100.1537220773925; Mon, 17 Sep 2018 14:46:13 -0700 (PDT) Received: from ?IPv6:2406:3003:2007:26d4:fc74:6982:f1dc:992a? ([2406:3003:2007:26d4:fc74:6982:f1dc:992a]) by smtp.gmail.com with ESMTPSA id 80-v6sm13069506qka.6.2018.09.17.14.46.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 14:46:11 -0700 (PDT) Content-Type: multipart/alternative; boundary=Apple-Mail-34408A27-2339-47B3-A59B-2690D71831A8 Mime-Version: 1.0 (1.0) From: Barry Greene X-Mailer: iPad Mail (15G77) In-Reply-To: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> Date: Tue, 18 Sep 2018 05:46:07 +0800 Cc: cacao@ietf.org Content-Transfer-Encoding: 7bit Message-Id: <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> To: Bret Jordan Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2018 21:46:18 -0000 --Apple-Mail-34408A27-2339-47B3-A59B-2690D71831A8 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Hello Bret, My first suggestion is background work. What you are doing is not new. Pull i= n all the previous work, describe pros/cons/deployment, then get into the ga= ps which CACAO seeks to fill. For example,=20 - walk through IODEF (IETF) and explain pros, cons, limitations, and how CAC= AO would be different. - Walk through STIX and do the same - Walk through DOTs and explain why we could not use DOTS as it is today (wi= th an update to the schema).=20 Barry > On Sep 18, 2018, at 00:03, Bret Jordan wrote: >=20 > All, >=20 > As I mentioned in my Welcome message last week, we plan to use Google Docs= to track all comments and suggestions to this draft and any other drafts th= at we write for this work. The read-only link for this work can be found her= e: >=20 > https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywiU= Sn2tI/edit# >=20 > If you want to see comments and suggestions that are being proposed, or if= you want to add your own comments and suggestion, please request access fro= m within the Google Docs itself.=20 >=20 >=20 >=20 > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that ca= n not be unscrambled is an egg." >=20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao --Apple-Mail-34408A27-2339-47B3-A59B-2690D71831A8 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
Hello Bret,

<= /div>
My first suggestion is background work. What you are doing is not n= ew. Pull in all the previous work, describe pros/cons/deployment, then get i= nto the gaps which CACAO seeks to fill.

For example= , 

- walk through IODEF (IETF) and explain pro= s, cons, limitations, and how CACAO would be different.
- Walk thr= ough STIX and do the same
- Walk through DOTs and explain why we c= ould not use DOTS as it is today (with an update to the schema). 
=

Barry

On Sep 18, 2018, at 00:03, Bret Jord= an <jordan.ietf@gmail.com>= ; wrote:

All,

As I mentioned in my= Welcome message last week, we plan to use Google Docs to track all comments= and suggestions to this draft and any other drafts that we write for this w= ork. The read-only link for this work can be found here:


If you w= ant to see comments and suggestions that are being proposed, or if you want t= o add your own comments and suggestion, please request access from within th= e Google Docs itself. 



Thanks,
Bret
<= div class=3D"" style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; lin= e-break: after-white-space;">
<= span class=3D"" style=3D"font-size: 11px;">PGP Fingerprint: 63B4 FC53 680A 6B7= D 1447  F2C0 74F8 ACAE 7415 0050
"Without cr= yptography vihv vivc ce xhrnrw, however, the only thing that can not be unsc= rambled is an egg."

= --Apple-Mail-34408A27-2339-47B3-A59B-2690D71831A8-- From nobody Mon Sep 17 15:18:17 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E1FE130DDD for ; Mon, 17 Sep 2018 15:16:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UHjaoAqahdrP for ; Mon, 17 Sep 2018 15:16:43 -0700 (PDT) Received: from mail-qt0-x22d.google.com (mail-qt0-x22d.google.com [IPv6:2607:f8b0:400d:c0d::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C57451294D7 for ; Mon, 17 Sep 2018 15:16:42 -0700 (PDT) Received: by mail-qt0-x22d.google.com with SMTP id o15-v6so16882062qtk.6 for ; Mon, 17 Sep 2018 15:16:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Q4MVVrSPlT4o6BzaRcWLlmdig60X5yj+7hUSJIeLxWc=; b=kz5mzZ6Vp4cpe3o+42MQ+L5T7eelcE/ji9XY9JMg5W4Bjo+zQHVI1+T6TRvDIbq3GS 92MNWSHbs2FpqdQEVE6mon/nCeIPdgH7eXx/ASnRzlMuR88+TWqBJhMYcBTNApbYVcvo vVeXIllnNBiFxFU7IajhgO0g30jO6TQjFnOFCWF79z2M/mX/brH2+VtOPhXlzk1Nyobz yTgQyJ3dslle7cc8QxAGOUlYDJYf6aHXtpoVQ/Xmc0VkKwBVnPCgCZEKesCSiMPSKEdN +eNRYnGoCb/4GDwABr/z4OBbDq1s8OLiKe0v2L2TNC+cEH1lMsPIhabeJ64R2+cB9bCB RupQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Q4MVVrSPlT4o6BzaRcWLlmdig60X5yj+7hUSJIeLxWc=; b=IM0eml0VtzFXRXzebHHPYz5TwvtiS/YCaJC1UoSLifT6HnK6K2AVQk3OUEKWOE7bbw jBDzxhaS2QC3I6gU0b/rbWwtP7dyAXcIz2DzYp3luOBnWeBXlJx91dyCOP1qB+7iF9N5 Dlmy9t+23+of9ef5qLR02DVLUbEyXUQY2W65P9D422OrI5ZXVZhjEDfgskryfib4Jrw8 Yca2ESKxC2hV76dhoTk1SEzYYoBVyxT2yjBXfpOLNjdaxjwh+aD8P0t3JA5xBNVJ73+a +ak+HbaMfsjxrlCUaZscUfCSgTX8TVKQzInrq8lBw4u8YyAsWvSMn30kwxLbnkE2B2WG XzSA== X-Gm-Message-State: APzg51DBAZtxCaFXTDkzZmPFeuEp69gi1BZ75s1iwJs+UaX/+cG52R4A YggU5JmWONFxSK+fwCkX2V+fMgrF X-Google-Smtp-Source: ANB0VdZyDG7rF6Z64lSnMxlmD61e1/bYJdVISmmOFckM5gTQpBGkxxn1GvZalER79fG/3UVtlMRUMA== X-Received: by 2002:ad4:514a:: with SMTP id g10-v6mr18947722qvq.19.1537222601796; Mon, 17 Sep 2018 15:16:41 -0700 (PDT) Received: from [192.168.1.210] (209-6-121-113.s2671.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [209.6.121.113]) by smtp.gmail.com with ESMTPSA id r1-v6sm11687108qkl.85.2018.09.17.15.16.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 15:16:41 -0700 (PDT) Content-Type: multipart/alternative; boundary=Apple-Mail-4DC1D318-AE77-4947-A16D-E10AEE24C09A Mime-Version: 1.0 (1.0) From: Kathleen Moriarty X-Mailer: iPhone Mail (15E216) In-Reply-To: <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> Date: Mon, 17 Sep 2018 18:16:40 -0400 Cc: Bret Jordan , cacao@ietf.org Content-Transfer-Encoding: 7bit Message-Id: <1EB41CB3-96C8-4A43-A70A-137DEB57E7D8@gmail.com> References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> To: Barry Greene Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2018 22:16:46 -0000 --Apple-Mail-4DC1D318-AE77-4947-A16D-E10AEE24C09A Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Barry & Brett, Sent from my mobile device > On Sep 17, 2018, at 5:46 PM, Barry Greene wrote: >=20 > Hello Bret, >=20 > My first suggestion is background work. What you are doing is not new. Pul= l in all the previous work, describe pros/cons/deployment, then get into the= gaps which CACAO seeks to fill. I agree, there=E2=80=99s been a lot of work in this space over a long time a= nd it=E2=80=99s worth the time to review it as much time was spent gathering= requirements and discussing. >=20 > For example,=20 >=20 > - walk through IODEF (IETF) and explain pros, cons, limitations, and how C= ACAO would be different. Much of the COA work and policy for INCH and MILE were in RID (RFC6545). So= me was pulled forward to ROLIE and more may be. > - Walk through STIX and do the same > - Walk through DOTs and explain why we could not use DOTS as it is today (= with an update to the schema).=20 >=20 Earlier versions of DOTS work too. Best regards, Kathleen=20 > Barry >=20 >> On Sep 18, 2018, at 00:03, Bret Jordan wrote: >>=20 >> All, >>=20 >> As I mentioned in my Welcome message last week, we plan to use Google Doc= s to track all comments and suggestions to this draft and any other drafts t= hat we write for this work. The read-only link for this work can be found he= re: >>=20 >> https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywi= USn2tI/edit# >>=20 >> If you want to see comments and suggestions that are being proposed, or i= f you want to add your own comments and suggestion, please request access fr= om within the Google Docs itself.=20 >>=20 >>=20 >>=20 >> Thanks, >> Bret >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that c= an not be unscrambled is an egg." >>=20 >> --=20 >> Cacao mailing list >> Cacao@ietf.org >> https://www.ietf.org/mailman/listinfo/cacao > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao --Apple-Mail-4DC1D318-AE77-4947-A16D-E10AEE24C09A Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Barry & Brett,

Sent from my mobile device

On Sep 17, 2018, a= t 5:46 PM, Barry Greene <barryr= greene@gmail.com> wrote:

=
Hello Bret,

My first suggestion is bac= kground work. What you are doing is not new. Pull in all the previous work, d= escribe pros/cons/deployment, then get into the gaps which CACAO seeks to fi= ll.

I agree, there=E2=80=99s been a l= ot of work in this space over a long time and it=E2=80=99s worth the time to= review it as much time was spent gathering requirements and discussing.
=

For example, 
<= div>
- walk through IODEF (IETF) and explain pros, cons, limit= ations, and how CACAO would be different.

<= /div>Much of the COA work and policy for INCH and MILE were in RID (RFC6545)= .  Some was pulled forward to ROLIE and more may be.

- Walk through STIX and do the same
- Wa= lk through DOTs and explain why we could not use DOTS as it is today (with a= n update to the schema). 

Earlie= r versions of DOTS work too.

Best regards,
Kathleen 

Barry

On Sep 18, 2018, at 00:03, Bret Jordan <jordan.ietf@gmail.com> wrote:

All,

As I mentioned in my Welcome message last week, we p= lan to use Google Docs to track all comments and suggestions to this draft a= nd any other drafts that we write for this work. The read-only link for this= work can be found here:

<= br class=3D"">
If you want to see comments and suggesti= ons that are being proposed, or if you want to add your own comments and sug= gestion, please request access from within the Google Docs itself. 


=
Thanks,
Bret
<= div class=3D"" style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; lin= e-break: after-white-space;">
<= span class=3D"" style=3D"font-size: 11px;">PGP Fingerprint: 63B4 FC53 680A 6B7= D 1447  F2C0 74F8 ACAE 7415 0050
"Without cr= yptography vihv vivc ce xhrnrw, however, the only thing that can not be unsc= rambled is an egg."

= --Apple-Mail-4DC1D318-AE77-4947-A16D-E10AEE24C09A-- From nobody Mon Sep 17 16:23:52 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 154D8130E72 for ; Mon, 17 Sep 2018 16:23:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T9cCKvA5MPgm for ; Mon, 17 Sep 2018 16:23:48 -0700 (PDT) Received: from mail-yw1-xc31.google.com (mail-yw1-xc31.google.com [IPv6:2607:f8b0:4864:20::c31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FE7E128B14 for ; Mon, 17 Sep 2018 16:23:48 -0700 (PDT) Received: by mail-yw1-xc31.google.com with SMTP id 14-v6so29212ywe.2 for ; Mon, 17 Sep 2018 16:23:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=zW1YCE3nKHfelaOeTOFvxp9ZavwCR+zjend/T3MB/CA=; b=UxY1Uc4khGu29FKvHMBZa6Zoqy5XbV/NUeIiNuwbsAd6/IxkISTbMBqo43kXtZxhVA aG9ZpddLk5dD06efObujLbE0v1C0D48Jq38P5i+keprEuBuGRautcRLcIVihwoHrjMAO UjAza8WQTNcw7wLj/v8rrg2eg0n0CYGE5Z8gsxOycYYQMZlLFYbT9A4EYYOLcj5zaL7t 1kFELKV/3AdTLlyJlWrNwiY2iaf80aDjYyejs+tr6fzYawEIPGfGnpLqgJ4i+n2VdjvG CbKYjkwkZaAeJmxwA5kU/Q/KtpHcccXOFjVbwXvZKbNcddKAIOxhIyVDgHpWjWtt90Ef XWOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=zW1YCE3nKHfelaOeTOFvxp9ZavwCR+zjend/T3MB/CA=; b=aT+uTppk2+D5j0z7EXuubOjdN4jpJj6WYvSyzajkVdU+YpiodSly72aoepXlJoMPWg oSG6AQOpNXI+HcDAPhHAqRAoCmJyMuPCUZcWBkE6RQFY1CueercdNSOaNx9K4qgD4Y6O VLkn8aD+Xt91wUH8EvkEOzAx7qfLZ4NFfYY4mB2ZkhQumZ8hb05YYUbTyiygnfWQJOFI oyR8k0uoT8BCv7XV+bHFmiV6VGFHCDYsSmvmaY1qw6hukqpT/qNoXNg4A+J5krTLqJLt 59YjozJUqpaMOa0ncJPx/mwIcoApfH8xU/RFYJhd1GoudmoKKf/IBBuzW/APcBJNa4wT +B8A== X-Gm-Message-State: APzg51BvWFYRuGPkf0+TdnBtit7XfWU/wRJQNyr9UPO2PNIrYpb41aoo 6FjUFlTnAqMSfSgQbqB5oVA= X-Google-Smtp-Source: ANB0VdaJehyCm6AoCfCyfxH3114w31kPifqoAL3As/02tdnnT3O8S/uRVjT6YrCrOTQNeuD3cWbkhg== X-Received: by 2002:a81:2ac4:: with SMTP id q187-v6mr11348649ywq.21.1537226627604; Mon, 17 Sep 2018 16:23:47 -0700 (PDT) Received: from ?IPv6:2605:a601:3260:266:846b:b9bc:502f:2140? ([2605:a601:3260:266:846b:b9bc:502f:2140]) by smtp.gmail.com with ESMTPSA id j70-v6sm212165ywb.69.2018.09.17.16.23.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 16:23:46 -0700 (PDT) From: Bret Jordan Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_DF944B75-81E5-435B-B254-88AFC3AB8463" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Mon, 17 Sep 2018 17:23:41 -0600 In-Reply-To: <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> Cc: cacao@ietf.org To: Barry Greene References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2018 23:23:51 -0000 --Apple-Mail=_DF944B75-81E5-435B-B254-88AFC3AB8463 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Barry, Thanks for the email. As we stated in our initial draft document=E2=80=A6 =E2=80=9CWhile many attempts have been made over the years in the IETF = and other SDOs to address certain elements of this problem space, there = is currently no consolidated and standardized language or means that = would allow cyber actions to be automatically coordinated, sequenced, = processed and shared to enable cyber defenders to respond in machine = relevant time. Some efforts such as BPMN have traditionally focused on = higher-level non-cyber constructs for process definition, and other = efforts like OpenC2 have focused purely on atomic actions, but none have = focused on the overlay processes required for this to be used in a = broader cyber security response use case.=E2=80=9D As we work through and call out the problem spaces that need to be = addressed, I would hope that those of you that are interested in this = work will point us to specific elements and specific parts of existing = work that we can use or reuse. Also as we called out in the draft, it is = critical that this work ties in nicely with STIX and TAXII based Cyber = Threat Intelligence. The reason we are looking to start some work here in the IETF, is we = feel like this venue might be a good place given the problems we need to = solve and how some groups like SUIT have similar problems they are = trying to solve. However, if this community does not agree that this = work should be done here, that information is also valuable. Our high level initial goals are (I would be curious to know if this = community supports these): 1) Identify all of the problem areas that need to be solved for this to = actually work in practice.=20 2) Verify that the IETF is the right SDO in which to do this work a) Do we have critical mass? b) Do we have the right people, vendors, analysts, SOC = engineers? c) What is the temperament of this community for this kind of = work? d) Can we do a Bar BOF in Bangkok to gauge the community? e) If the community is supportive, would a WG forming BOF be an = option in Prague? 3) Ensure we have multiple vendors and industry analysts from large SOCs = involved to help ensure that any specification we produce can be used = and implemented en mass. 4) Systematically work our way down the list of problem spaces and look = for solutions (taking input from existing work where possible). Look to = having our first implementable draft within 6 months of getting a WG = formed. Release iterative draft releases every few months as we flesh = out more of the problem space. 5) Produce a specification and data model for JSON (and CBOR) along with = implementation guides, interoperability guides, proof of concepts, and = other content needed to ensure successful and rapid adopting across the = market. Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > On Sep 17, 2018, at 3:46 PM, Barry Greene = wrote: >=20 > Hello Bret, >=20 > My first suggestion is background work. What you are doing is not new. = Pull in all the previous work, describe pros/cons/deployment, then get = into the gaps which CACAO seeks to fill. >=20 > For example,=20 >=20 > - walk through IODEF (IETF) and explain pros, cons, limitations, and = how CACAO would be different. > - Walk through STIX and do the same > - Walk through DOTs and explain why we could not use DOTS as it is = today (with an update to the schema).=20 >=20 > Barry >=20 > On Sep 18, 2018, at 00:03, Bret Jordan > wrote: >=20 >> All, >>=20 >> As I mentioned in my Welcome message last week, we plan to use Google = Docs to track all comments and suggestions to this draft and any other = drafts that we write for this work. The read-only link for this work can = be found here: >>=20 >> = https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywiU= Sn2tI/edit# = >>=20 >> If you want to see comments and suggestions that are being proposed, = or if you want to add your own comments and suggestion, please request = access from within the Google Docs itself.=20 >>=20 >>=20 >>=20 >> Thanks, >> Bret >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." >>=20 >> --=20 >> Cacao mailing list >> Cacao@ietf.org >> https://www.ietf.org/mailman/listinfo/cacao = --Apple-Mail=_DF944B75-81E5-435B-B254-88AFC3AB8463 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Barry,

Thanks for the email. As we stated in our initial draft = document=E2=80=A6

=E2=80=9CWhile many attempts have been made over the years in = the IETF and other SDOs to address certain elements of this problem = space, there is currently no consolidated and standardized language or = means that would allow cyber actions to be automatically coordinated, = sequenced, processed and shared to enable cyber defenders to respond in = machine relevant time. Some efforts such as BPMN have traditionally = focused on higher-level non-cyber constructs for process definition, and = other efforts like OpenC2 have focused purely on atomic actions, but = none have focused on the overlay processes required for this to be used = in a broader cyber security response use case.=E2=80=9D

As we work through and = call out the problem spaces that need to be addressed, I would hope that = those of you that are interested in this work will point us to specific = elements and specific parts of existing work that we can use or reuse. = Also as we called out in the draft, it is critical that this work ties = in nicely with STIX and TAXII based Cyber Threat Intelligence.

The reason we are = looking to start some work here in the IETF, is we feel like this venue = might be a good place given the problems we need to solve and how some = groups like SUIT have similar problems they are trying to solve. = However, if this community does not agree that this work should be done = here, that information is also valuable.


Our = high level initial goals are (I would be curious to know if this = community supports these):

1) Identify all of the problem areas that need to be solved = for this to actually work in practice. 

2) Verify that the IETF is the right = SDO in which to do this work
a) Do we = have critical mass?
b) Do we = have the right people, vendors, analysts, SOC engineers?
= c) What is the temperament of this community for this kind of = work?
d) Can we do a Bar BOF in Bangkok = to gauge the community?
e) If the = community is supportive, would a WG forming BOF be an option in = Prague?

3) = Ensure we have multiple vendors and industry analysts from large SOCs = involved to help ensure that any specification we produce can be used = and implemented en mass.

4) Systematically work our way down the list of problem = spaces and look for solutions (taking input from existing work where = possible). Look to having our first implementable draft within 6 months = of getting a WG formed. Release iterative draft releases every few = months as we flesh out more of the problem space.
5) Produce a specification and data = model for JSON (and CBOR) along with implementation guides, = interoperability guides, proof of concepts, and other content needed to = ensure successful and rapid adopting across the market.



Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."


Hello Bret,

My first suggestion is background work. What you are doing is = not new. Pull in all the previous work, describe pros/cons/deployment, = then get into the gaps which CACAO seeks to fill.
For example, 

- walk through IODEF = (IETF) and explain pros, cons, limitations, and how CACAO would be = different.
- Walk through STIX and do the = same
- Walk through DOTs and explain why we could = not use DOTS as it is today (with an update to the = schema). 

Barry

On Sep 18, 2018, at = 00:03, Bret Jordan <jordan.ietf@gmail.com> wrote:

All,

As I mentioned in my = Welcome message last week, we plan to use Google Docs to track all = comments and suggestions to this draft and any other drafts that we = write for this work. The read-only link for this work can be found = here:


If you want to see comments and suggestions that are being = proposed, or if you want to add your own comments and suggestion, please = request access from within the Google Docs itself. 



Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."


= --Apple-Mail=_DF944B75-81E5-435B-B254-88AFC3AB8463-- From nobody Mon Sep 17 16:28:04 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D03FC130F03 for ; Mon, 17 Sep 2018 16:28:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.998 X-Spam-Level: X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qI9gzf5xDeu6 for ; Mon, 17 Sep 2018 16:27:58 -0700 (PDT) Received: from mail-yw1-xc2e.google.com (mail-yw1-xc2e.google.com [IPv6:2607:f8b0:4864:20::c2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9AE3130F28 for ; Mon, 17 Sep 2018 16:27:58 -0700 (PDT) Received: by mail-yw1-xc2e.google.com with SMTP id y134-v6so34172ywg.1 for ; Mon, 17 Sep 2018 16:27:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=Tp2QWbIxLG3dzQ3zAq0d6dx6Gr67GmBVk0uUQcbM+7o=; b=E7bH7j9uAgFzeQmAOll/WLXKAlR7fyp/k+DK2K0dXuGqYRqxCakM8tMrNt5qkoCHRB qVys8WMZXhOlONqxAkO/47EinXhNLE5SopHRGFSJAClo/15BOu2bCjCsY2mWAeEhVn9v GrVFVG9V06i8wptANiBsQJobUeER/BNQnyMsjeYQf5KCNIBKsw/zJSXkDoSENYlUqfdv Shym/p1alKpRmEXX81xcst//JJVLHMQSGGWROqyUkQrq/oD9jQSiH8GC1WGIX39KjkY2 BTIM6CnVQSqZykqynEklBLRJKBWeqpEaz5CucC3lB6oeWmETEjiGbQcA+o2++5SVG95W n0gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=Tp2QWbIxLG3dzQ3zAq0d6dx6Gr67GmBVk0uUQcbM+7o=; b=Cb/ftOKwNfroi31y+mlh32kQvhOJHVM+WL3brWB+wt/b2W4TkyHOn0u7zQp/svaSpX Eh6xuCf5FZhlUKuyYdXRMv2x30e7Fn50XtBGBljdv+S6C8lA3yZKcLWhmhyT2MmcktyM d7AmpwMhBHZDRFJyOgyFELO10dHeFGG3emCt9q6B8Z8V2GCtSxIg7sYSAf9q94DKrxJp bNF0iauPUo/bqo9S3siYB+wcUgyr944uBP/SenEaTY3U7PyfTqZIXr7hM7kHL8d77DBQ mTkaszhbf7cdZlVMsagunVJTDsZZ2QFT+QlARqo8tSQ4CIeVkSVVsUQWQe2kQ6lXniTd uq0w== X-Gm-Message-State: APzg51CyIBmVta04STxcgRwZMp18rr+2LFJNvvTR/UcSfhMHkRxntSro t6u3m/zDDe8Zfw341jAVOfl0dPOi X-Google-Smtp-Source: ANB0VdZwkXG46Uy4j7HdHK7Xb2M86iU1FFSoiYidhtzMDvRm/Ayoryw2r8G9152x0PPjyH0ju0kPDw== X-Received: by 2002:a0d:d884:: with SMTP id a126-v6mr10744590ywe.75.1537226877865; Mon, 17 Sep 2018 16:27:57 -0700 (PDT) Received: from ?IPv6:2605:a601:3260:266:846b:b9bc:502f:2140? ([2605:a601:3260:266:846b:b9bc:502f:2140]) by smtp.gmail.com with ESMTPSA id r3-v6sm279783ywr.80.2018.09.17.16.27.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 16:27:56 -0700 (PDT) From: Bret Jordan Message-Id: <17BB8426-C2CA-4F35-BD64-3DC08A0D5A74@gmail.com> Content-Type: multipart/alternative; boundary="Apple-Mail=_B38A7057-4712-41B2-8D7E-42571F7729A3" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Mon, 17 Sep 2018 17:27:52 -0600 In-Reply-To: <1EB41CB3-96C8-4A43-A70A-137DEB57E7D8@gmail.com> Cc: Barry Greene , cacao@ietf.org To: Kathleen Moriarty References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <1EB41CB3-96C8-4A43-A70A-137DEB57E7D8@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2018 23:28:03 -0000 --Apple-Mail=_B38A7057-4712-41B2-8D7E-42571F7729A3 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Thanks Kathleen for the response. I always appreciate your comments and = feedback and welcome specific examples of existing work and how that = work can help us solve the problems we have identified.=20 I hope to start a thread in the coming days on the problems that need to = be addressed and the order in which they need to be solved. This should = give us some concrete point to talk through and discuss.=20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > On Sep 17, 2018, at 4:16 PM, Kathleen Moriarty = wrote: >=20 > Hi Barry & Brett, >=20 > Sent from my mobile device >=20 > On Sep 17, 2018, at 5:46 PM, Barry Greene > wrote: >=20 >> Hello Bret, >>=20 >> My first suggestion is background work. What you are doing is not = new. Pull in all the previous work, describe pros/cons/deployment, then = get into the gaps which CACAO seeks to fill. >=20 > I agree, there=E2=80=99s been a lot of work in this space over a long = time and it=E2=80=99s worth the time to review it as much time was spent = gathering requirements and discussing. >>=20 >> For example,=20 >>=20 >> - walk through IODEF (IETF) and explain pros, cons, limitations, and = how CACAO would be different. >=20 > Much of the COA work and policy for INCH and MILE were in RID = (RFC6545). Some was pulled forward to ROLIE and more may be. >=20 >> - Walk through STIX and do the same >> - Walk through DOTs and explain why we could not use DOTS as it is = today (with an update to the schema).=20 >>=20 > Earlier versions of DOTS work too. >=20 > Best regards, > Kathleen=20 >=20 >> Barry >>=20 >> On Sep 18, 2018, at 00:03, Bret Jordan > wrote: >>=20 >>> All, >>>=20 >>> As I mentioned in my Welcome message last week, we plan to use = Google Docs to track all comments and suggestions to this draft and any = other drafts that we write for this work. The read-only link for this = work can be found here: >>>=20 >>> = https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywiU= Sn2tI/edit# = >>>=20 >>> If you want to see comments and suggestions that are being proposed, = or if you want to add your own comments and suggestion, please request = access from within the Google Docs itself.=20 >>>=20 >>>=20 >>>=20 >>> Thanks, >>> Bret >>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >>> "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." >>>=20 >>> --=20 >>> Cacao mailing list >>> Cacao@ietf.org >>> https://www.ietf.org/mailman/listinfo/cacao = >> --=20 >> Cacao mailing list >> Cacao@ietf.org >> https://www.ietf.org/mailman/listinfo/cacao = --Apple-Mail=_B38A7057-4712-41B2-8D7E-42571F7729A3 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Thanks Kathleen for the response. I always appreciate your = comments and feedback and welcome specific examples of existing work and = how that work can help us solve the problems we have = identified. 

I = hope to start a thread in the coming days on the problems that need to = be addressed and the order in which they need to be solved. This should = give us some concrete point to talk through and discuss. 

Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

On Sep 17, 2018, at 4:16 PM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote:

Hi Barry & Brett,

Sent from my mobile = device

On Sep 17, 2018, at 5:46 PM, = Barry Greene <barryrgreene@gmail.com> wrote:

Hello = Bret,

My first = suggestion is background work. What you are doing is not new. Pull in = all the previous work, describe pros/cons/deployment, then get into the = gaps which CACAO seeks to fill.

I agree, there=E2=80=99s been a lot of = work in this space over a long time and it=E2=80=99s worth the time to = review it as much time was spent gathering requirements and = discussing.

For = example, 

-= walk through IODEF (IETF) and explain pros, cons, limitations, and how = CACAO would be different.

Much of the COA work and policy for INCH and MILE were = in RID (RFC6545).  Some was pulled forward to ROLIE and more may = be.

- Walk through STIX and do = the same
- Walk through DOTs and explain why we = could not use DOTS as it is today (with an update to the = schema). 

Earlier versions of DOTS work = too.

Best = regards,
Kathleen 

Barry

On Sep 18, 2018, at = 00:03, Bret Jordan <jordan.ietf@gmail.com> wrote:

All,

As I mentioned in my = Welcome message last week, we plan to use Google Docs to track all = comments and suggestions to this draft and any other drafts that we = write for this work. The read-only link for this work can be found = here:


If you want to see comments and suggestions that are being = proposed, or if you want to add your own comments and suggestion, please = request access from within the Google Docs itself. 



Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."


= --Apple-Mail=_B38A7057-4712-41B2-8D7E-42571F7729A3-- From nobody Mon Sep 17 16:37:19 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 000E5128CF2 for ; Mon, 17 Sep 2018 16:37:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.997 X-Spam-Level: X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T6duObtXSbiK for ; Mon, 17 Sep 2018 16:37:15 -0700 (PDT) Received: from mail-vk1-xa2b.google.com (mail-vk1-xa2b.google.com [IPv6:2607:f8b0:4864:20::a2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A603130ECD for ; Mon, 17 Sep 2018 16:37:15 -0700 (PDT) Received: by mail-vk1-xa2b.google.com with SMTP id m125-v6so20634vka.0 for ; Mon, 17 Sep 2018 16:37:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9m5EPgf3e/NKqXnJpjKOf2vCH2YAna6YRbsSiyjOv28=; b=AI3PlZzIKQFrwJptlzHSo3nouUmg12bIVJBFz+lLOQPXTsEx/on4t0zAbQuBp3p6BX 06+4vDtXJty9iNwg+V/LzJHUktXf8ef8pKebXCkO1aWcr6/r8UXM+N7BRuGSLzIPA4Up K38aDang8vONpw6Q9BhgHj62gTyLbmHT87wgQjE46p49WU9dXMVuyV/fOLE0N1UihMlE ssMDpnGItzdo23tKpsPAlXQLBfenX+nX4zddRpDSobB+FNTFZRJaShcpQwsuZbW0hMGh uLYni9+xG3AcgYwej5CV1pqRcbU8TmUrdTw/pgp3I7X3KTqn0xW5+JnDS0dU502Vx9cF kOLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9m5EPgf3e/NKqXnJpjKOf2vCH2YAna6YRbsSiyjOv28=; b=L6pZsVoNIuy3JaAKe6MzLt7zBkBOLqa0+MkwFuin9/zsGWUFvFwV8sJIth8IHdXX6E Ou4cXiUwKnqsJtuCSqkfTxMz4bMhpdCAsOmkf9/ecdbc8mMhaMmtRZVH72LVaXg2pkKn FxV4b+uk5swT071DkSlJXN4XjVzijnfXAewX4Py6uFFj9SgAUH9cW194TL/K6gXk/Ml2 MWo+a5/V1wPrTYqcOVFGnhVyNXU3oGuHR96YVtrHQLr9hnuptpoELG7BVBnwBXfzDAVS VYivPLjaxGl5ZzLoWk49UdvtLyCUM4VTNYwhTVs8r/v9R/1poxUosVczhI5OCeQSTY12 O9wA== X-Gm-Message-State: APzg51CiePFZ/QyMVnuWIuml4gn/2SUh/Jm+ThXkT623VLcY6k0GrsCA vSkOripHDwuSYcK9wQF6HcM= X-Google-Smtp-Source: ANB0VdZVf/O+tRmg0lcFM5W5VMbn+KuJsaLjDCZiQ436KHzJ7FBqzvVLnz3MCyy6omI6qqpulluH1Q== X-Received: by 2002:a1f:b60f:: with SMTP id g15-v6mr7633920vkf.27.1537227433828; Mon, 17 Sep 2018 16:37:13 -0700 (PDT) Received: from ?IPv6:2406:3003:2007:26d4:fc74:6982:f1dc:992a? ([2406:3003:2007:26d4:fc74:6982:f1dc:992a]) by smtp.gmail.com with ESMTPSA id s12-v6sm61162vka.38.2018.09.17.16.37.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 16:37:12 -0700 (PDT) Content-Type: multipart/alternative; boundary=Apple-Mail-22993BE7-AD73-4032-BC35-58CBE4119E71 Mime-Version: 1.0 (1.0) From: Barry Greene X-Mailer: iPad Mail (15G77) In-Reply-To: Date: Tue, 18 Sep 2018 07:37:08 +0800 Cc: cacao@ietf.org Content-Transfer-Encoding: 7bit Message-Id: <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> To: Bret Jordan Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2018 23:37:18 -0000 --Apple-Mail-22993BE7-AD73-4032-BC35-58CBE4119E71 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Bret, I read the initial draft. It is an assertion of a gap without a quantitative= review that there is a gap.=20 I hate wasting time in the IETF working on idea that no way to gain operatio= nal traction. This space is overloaded with past efforts. Lets learn why the= y did not deploy, find the gaps, then proceed with new work. Barry > On Sep 18, 2018, at 07:23, Bret Jordan wrote: >=20 > Barry, >=20 > Thanks for the email. As we stated in our initial draft document=E2=80=A6 >=20 > =E2=80=9CWhile many attempts have been made over the years in the IETF and= other SDOs to address certain elements of this problem space, there is curr= ently no consolidated and standardized language or means that would allow cy= ber actions to be automatically coordinated, sequenced, processed and shared= to enable cyber defenders to respond in machine relevant time. Some efforts= such as BPMN have traditionally focused on higher-level non-cyber construct= s for process definition, and other efforts like OpenC2 have focused purely o= n atomic actions, but none have focused on the overlay processes required fo= r this to be used in a broader cyber security response use case.=E2=80=9D >=20 > As we work through and call out the problem spaces that need to be address= ed, I would hope that those of you that are interested in this work will poi= nt us to specific elements and specific parts of existing work that we can u= se or reuse. Also as we called out in the draft, it is critical that this wo= rk ties in nicely with STIX and TAXII based Cyber Threat Intelligence. >=20 > The reason we are looking to start some work here in the IETF, is we feel l= ike this venue might be a good place given the problems we need to solve and= how some groups like SUIT have similar problems they are trying to solve. H= owever, if this community does not agree that this work should be done here,= that information is also valuable. >=20 >=20 > Our high level initial goals are (I would be curious to know if this commu= nity supports these): >=20 > 1) Identify all of the problem areas that need to be solved for this to ac= tually work in practice.=20 >=20 > 2) Verify that the IETF is the right SDO in which to do this work > a) Do we have critical mass? > b) Do we have the right people, vendors, analysts, SOC engineers? > c) What is the temperament of this community for this kind of work?= > d) Can we do a Bar BOF in Bangkok to gauge the community? > e) If the community is supportive, would a WG forming BOF be an opt= ion in Prague? >=20 > 3) Ensure we have multiple vendors and industry analysts from large SOCs i= nvolved to help ensure that any specification we produce can be used and imp= lemented en mass. >=20 > 4) Systematically work our way down the list of problem spaces and look fo= r solutions (taking input from existing work where possible). Look to having= our first implementable draft within 6 months of getting a WG formed. Relea= se iterative draft releases every few months as we flesh out more of the pro= blem space. >=20 > 5) Produce a specification and data model for JSON (and CBOR) along with i= mplementation guides, interoperability guides, proof of concepts, and other c= ontent needed to ensure successful and rapid adopting across the market. >=20 >=20 >=20 > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that ca= n not be unscrambled is an egg." >=20 >> On Sep 17, 2018, at 3:46 PM, Barry Greene wrote:= >>=20 >> Hello Bret, >>=20 >> My first suggestion is background work. What you are doing is not new. Pu= ll in all the previous work, describe pros/cons/deployment, then get into th= e gaps which CACAO seeks to fill. >>=20 >> For example,=20 >>=20 >> - walk through IODEF (IETF) and explain pros, cons, limitations, and how C= ACAO would be different. >> - Walk through STIX and do the same >> - Walk through DOTs and explain why we could not use DOTS as it is today (= with an update to the schema).=20 >>=20 >> Barry >>=20 >>> On Sep 18, 2018, at 00:03, Bret Jordan wrote: >>>=20 >>> All, >>>=20 >>> As I mentioned in my Welcome message last week, we plan to use Google Do= cs to track all comments and suggestions to this draft and any other drafts t= hat we write for this work. The read-only link for this work can be found he= re: >>>=20 >>> https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfyw= iUSn2tI/edit# >>>=20 >>> If you want to see comments and suggestions that are being proposed, or i= f you want to add your own comments and suggestion, please request access fr= om within the Google Docs itself.=20 >>>=20 >>>=20 >>>=20 >>> Thanks, >>> Bret >>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >>> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that c= an not be unscrambled is an egg." >>>=20 >>> --=20 >>> Cacao mailing list >>> Cacao@ietf.org >>> https://www.ietf.org/mailman/listinfo/cacao >=20 --Apple-Mail-22993BE7-AD73-4032-BC35-58CBE4119E71 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
Hi Bret,

I read the initial draft. It is an assertion of a gap without a quant= itative review that there is a gap. 

I hate wa= sting time in the IETF working on idea that no way to gain operational tract= ion. This space is overloaded with past efforts. Lets learn why they did not= deploy, find the gaps, then proceed with new work.

Barry

On Sep 18, 2018, at 07:23, Bret Jordan <jordan.ietf@gmail.com> wrote:

Barry,

Thanks for the email. As we stated in our initial draft document= =E2=80=A6

=E2=80=9C= While many attempts have been made over the years in the IETF and other SDOs= to address certain elements of this problem space, there is currently no co= nsolidated and standardized language or means that would allow cyber actions= to be automatically coordinated, sequenced, processed and shared to enable c= yber defenders to respond in machine relevant time. Some efforts such as BPM= N have traditionally focused on higher-level non-cyber constructs for proces= s definition, and other efforts like OpenC2 have focused purely on atomic ac= tions, but none have focused on the overlay processes required for this to b= e used in a broader cyber security response use case.=E2=80=9D

As we work through and call out= the problem spaces that need to be addressed, I would hope that those of yo= u that are interested in this work will point us to specific elements and sp= ecific parts of existing work that we can use or reuse. Also as we called ou= t in the draft, it is critical that this work ties in nicely with STIX and T= AXII based Cyber Threat Intelligence.

The reason we are looking to start some work here in the= IETF, is we feel like this venue might be a good place given the problems w= e need to solve and how some groups like SUIT have similar problems they are= trying to solve. However, if this community does not agree that this work s= hould be done here, that information is also valuable.
=

Ou= r high level initial goals are (I would be curious to know if this community= supports these):

= 1) Identify all of the problem areas that need to be solved for this to actu= ally work in practice. 

2) Verify that the IETF is the right SDO in which to do this work<= /div>
a) Do we have critical mass?
b) Do we hav= e the right people, vendors, analysts, SOC engineers?
<= span class=3D"Apple-tab-span" style=3D"white-space:pre"> c) W= hat is the temperament of this community for this kind of work?
d) Can we do a Bar BOF in Bangkok to gauge the community?
e) If the community is supportive, would a WG forming BOF be an option i= n Prague?

3) Ensur= e we have multiple vendors and industry analysts from large SOCs involved to= help ensure that any specification we produce can be used and implemented e= n mass.

4) Systema= tically work our way down the list of problem spaces and look for solutions (= taking input from existing work where possible). Look to having our first im= plementable draft within 6 months of getting a WG formed. Release iterative d= raft releases every few months as we flesh out more of the problem space.

5) Produce a specifi= cation and data model for JSON (and CBOR) along with implementation guides, i= nteroperability guides, proof of concepts, and other content needed to ensur= e successful and rapid adopting across the market.



Thanks,
Bret
<= div class=3D"" style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; lin= e-break: after-white-space;">
<= span class=3D"" style=3D"font-size: 11px;">PGP Fingerprint: 63B4 FC53 680A 6B7= D 1447  F2C0 74F8 ACAE 7415 0050
"Without cr= yptography vihv vivc ce xhrnrw, however, the only thing that can not be unsc= rambled is an egg."

On S= ep 17, 2018, at 3:46 PM, Barry Greene <barryrgreene@gmail.com> wrote:

Hello Bret,
My first suggestion is background work. Wh= at you are doing is not new. Pull in all the previous work, describe pros/co= ns/deployment, then get into the gaps which CACAO seeks to fill.

For example, 

- walk through IODEF (IETF) a= nd explain pros, cons, limitations, and how CACAO would be different.
<= div class=3D"">- Walk through STIX and do the same
- Wa= lk through DOTs and explain why we could not use DOTS as it is today (with a= n update to the schema). 

Barry

On Sep 18, 2018, at 0= 0:03, Bret Jordan <jo= rdan.ietf@gmail.com> wrote:

Al= l,

As I mentioned i= n my Welcome message last week, we plan to use Google Docs to track all comm= ents and suggestions to this draft and any other drafts that we write for th= is work. The read-only link for this work can be found here:


If y= ou want to see comments and suggestions that are being proposed, or if you w= ant to add your own comments and suggestion, please request access from with= in the Google Docs itself. 

<= div class=3D"">

Thanks,
Bret
=
<= span class=3D"" style=3D"font-size: 11px;">PGP Fingerprint: 63B4 FC53 680A 6B7= D 1447  F2C0 74F8 ACAE 7415 0050
"Without cr= yptography vihv vivc ce xhrnrw, however, the only thing that can not be unsc= rambled is an egg."


= --Apple-Mail-22993BE7-AD73-4032-BC35-58CBE4119E71-- From nobody Mon Sep 17 16:52:24 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A35F130DF2 for ; Mon, 17 Sep 2018 16:52:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.998 X-Spam-Level: X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YivSE-3q728F for ; Mon, 17 Sep 2018 16:52:18 -0700 (PDT) Received: from mail-yw1-xc2b.google.com (mail-yw1-xc2b.google.com [IPv6:2607:f8b0:4864:20::c2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58442130DCA for ; Mon, 17 Sep 2018 16:52:18 -0700 (PDT) Received: by mail-yw1-xc2b.google.com with SMTP id l9-v6so35415ywc.11 for ; Mon, 17 Sep 2018 16:52:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=jBONTRWWpjbWtt02z37hL5mfUCmts0BXNcsUkkyiims=; b=DxvcuSz6gxVuKg+c5FbJoQ+pQ1jk9rVcAtr8eFenoEnRSfTYO4h9vXIzwGyjw3AJ8+ vSLwK1eW+C3rL0eBtV6atdfhYHxfsrbSNsMMSHyJhaE/SpnbNoL5RTwMMtJQfujXlbTd iReCN3/i9JKi2i779pbLOa6h8Av25MhHDaYOrqi1cFb/1acb8ewHsb2nvrT47m+Cs3Xa J/D7cr8ldnVpkKPMMb3T+ltidL+dGLODbYg55ZPEqZP23jE8SKD9LX/ObvsBXMYIGofC 52CBS0Geu6/2HNZNJ6lf6lTJsGilxGbgeSQIQFlICjK1F+34R2kVqEZcf34/JYkpLO/n V9Yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=jBONTRWWpjbWtt02z37hL5mfUCmts0BXNcsUkkyiims=; b=e6HTQv0u3xmLy0ei8FAPhUTk95l45jxYehJMdxbdD1gv5BKJFO2nhiTS/GmAQ75shq L2IKTZfvT1w8x4r4u5WwZUmZflVUAdO6L0NILC4qSYNp3hxWdKel8sJGCHDDYNVlmuZC 7r8hz3qS4LlVLSAm/CDhJULfwGlxi4KDf9md3sNVdkOFnTpQjDJH6ix5vQ2Wt/H5ZrEu uGwShhbSmlXO15531wZyiNWUsunRjy0iv78TVx2d1pElASst+jOm6+9bhofNnJlze/LU PvG6g4e9+b8ulAJIZeAs8QgN6pdUceapzWWZk9TLiy3jceq3Ov4Lq0OMlWz3WCPKKSBM Je3w== X-Gm-Message-State: APzg51DGaZa86mpJlbzopazPlA+cmdRAvCT4FNNodbkDrqCYZcQw4gFH g943MQfBd0gqoZB4w4N9An+ybjVn X-Google-Smtp-Source: ANB0VdZ47qijNYGRE1Ukrcv6lYZcSljSt/GAAUBsjH6DvnTB7IIgEWJ0g6NF0HOiamix6eE2TzdPJQ== X-Received: by 2002:a81:7484:: with SMTP id p126-v6mr11138188ywc.287.1537228337465; Mon, 17 Sep 2018 16:52:17 -0700 (PDT) Received: from ?IPv6:2605:a601:3260:266:846b:b9bc:502f:2140? ([2605:a601:3260:266:846b:b9bc:502f:2140]) by smtp.gmail.com with ESMTPSA id m3-v6sm214883ywe.50.2018.09.17.16.52.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 16:52:16 -0700 (PDT) From: Bret Jordan Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_4F454D20-EDE0-4CA4-B4D1-3EE668CBD29D" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Mon, 17 Sep 2018 17:52:11 -0600 In-Reply-To: <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> Cc: cacao@ietf.org To: Barry Greene References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2018 23:52:21 -0000 --Apple-Mail=_4F454D20-EDE0-4CA4-B4D1-3EE668CBD29D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Barry, We will be working on a list of problem areas that need to be addressed = and the order in which they need to be solved. If you have specific = examples of how certain areas have been solved already and have design = elements we could reuse, please share them. We would love to reuse as = much as possible.=20 As I stated in goal numbers 2, 3, and 5, we need to ensure that this = community has the right people in it, to ensure wide spread adoption. If = this community does not have the right people, then we need to either = recruit them and bring them in to this community or look for the right = community.=20 I agree that there are far too many standards created that never get = implemented. This is why I also called out the items in goal number 5 = and why we have recruited the authors and contributors that we have.=20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > On Sep 17, 2018, at 5:37 PM, Barry Greene = wrote: >=20 > Hi Bret, >=20 > I read the initial draft. It is an assertion of a gap without a = quantitative review that there is a gap.=20 >=20 > I hate wasting time in the IETF working on idea that no way to gain = operational traction. This space is overloaded with past efforts. Lets = learn why they did not deploy, find the gaps, then proceed with new = work. >=20 > Barry >=20 > On Sep 18, 2018, at 07:23, Bret Jordan > wrote: >=20 >> Barry, >>=20 >> Thanks for the email. As we stated in our initial draft document=E2=80=A6= >>=20 >> =E2=80=9CWhile many attempts have been made over the years in the = IETF and other SDOs to address certain elements of this problem space, = there is currently no consolidated and standardized language or means = that would allow cyber actions to be automatically coordinated, = sequenced, processed and shared to enable cyber defenders to respond in = machine relevant time. Some efforts such as BPMN have traditionally = focused on higher-level non-cyber constructs for process definition, and = other efforts like OpenC2 have focused purely on atomic actions, but = none have focused on the overlay processes required for this to be used = in a broader cyber security response use case.=E2=80=9D >>=20 >> As we work through and call out the problem spaces that need to be = addressed, I would hope that those of you that are interested in this = work will point us to specific elements and specific parts of existing = work that we can use or reuse. Also as we called out in the draft, it is = critical that this work ties in nicely with STIX and TAXII based Cyber = Threat Intelligence. >>=20 >> The reason we are looking to start some work here in the IETF, is we = feel like this venue might be a good place given the problems we need to = solve and how some groups like SUIT have similar problems they are = trying to solve. However, if this community does not agree that this = work should be done here, that information is also valuable. >>=20 >>=20 >> Our high level initial goals are (I would be curious to know if this = community supports these): >>=20 >> 1) Identify all of the problem areas that need to be solved for this = to actually work in practice.=20 >>=20 >> 2) Verify that the IETF is the right SDO in which to do this work >> a) Do we have critical mass? >> b) Do we have the right people, vendors, analysts, SOC = engineers? >> c) What is the temperament of this community for this kind of = work? >> d) Can we do a Bar BOF in Bangkok to gauge the community? >> e) If the community is supportive, would a WG forming BOF be an = option in Prague? >>=20 >> 3) Ensure we have multiple vendors and industry analysts from large = SOCs involved to help ensure that any specification we produce can be = used and implemented en mass. >>=20 >> 4) Systematically work our way down the list of problem spaces and = look for solutions (taking input from existing work where possible). = Look to having our first implementable draft within 6 months of getting = a WG formed. Release iterative draft releases every few months as we = flesh out more of the problem space. >>=20 >> 5) Produce a specification and data model for JSON (and CBOR) along = with implementation guides, interoperability guides, proof of concepts, = and other content needed to ensure successful and rapid adopting across = the market. >>=20 >>=20 >>=20 >> Thanks, >> Bret >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." >>=20 >>> On Sep 17, 2018, at 3:46 PM, Barry Greene > wrote: >>>=20 >>> Hello Bret, >>>=20 >>> My first suggestion is background work. What you are doing is not = new. Pull in all the previous work, describe pros/cons/deployment, then = get into the gaps which CACAO seeks to fill. >>>=20 >>> For example,=20 >>>=20 >>> - walk through IODEF (IETF) and explain pros, cons, limitations, and = how CACAO would be different. >>> - Walk through STIX and do the same >>> - Walk through DOTs and explain why we could not use DOTS as it is = today (with an update to the schema).=20 >>>=20 >>> Barry >>>=20 >>> On Sep 18, 2018, at 00:03, Bret Jordan > wrote: >>>=20 >>>> All, >>>>=20 >>>> As I mentioned in my Welcome message last week, we plan to use = Google Docs to track all comments and suggestions to this draft and any = other drafts that we write for this work. The read-only link for this = work can be found here: >>>>=20 >>>> = https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywiU= Sn2tI/edit# = >>>>=20 >>>> If you want to see comments and suggestions that are being = proposed, or if you want to add your own comments and suggestion, please = request access from within the Google Docs itself.=20 >>>>=20 >>>>=20 >>>>=20 >>>> Thanks, >>>> Bret >>>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >>>> "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." >>>>=20 >>>> --=20 >>>> Cacao mailing list >>>> Cacao@ietf.org >>>> https://www.ietf.org/mailman/listinfo/cacao = >>=20 --Apple-Mail=_4F454D20-EDE0-4CA4-B4D1-3EE668CBD29D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Barry,

We = will be working on a list of problem areas that need to be addressed and = the order in which they need to be solved. If you have specific examples = of how certain areas have been solved already and have design elements = we could reuse, please share them.  We would love to reuse as much = as possible. 

As I stated in goal numbers 2, 3, and 5, we need to ensure = that this community has the right people in it, to ensure wide spread = adoption. If this community does not have the right people, then we need = to either recruit them and bring them in to this community or look for = the right community. 

I agree that there are far too many standards created that = never get implemented. This is why I also called out the items in goal = number 5 and why we have recruited the authors and contributors that we = have. 


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

On Sep 17, 2018, at 5:37 PM, Barry Greene <barryrgreene@gmail.com> wrote:

Hi Bret,

I read the initial draft. It is an assertion of a gap without = a quantitative review that there is a gap. 

I hate wasting time in the IETF working = on idea that no way to gain operational traction. This space is = overloaded with past efforts. Lets learn why they did not deploy, find = the gaps, then proceed with new work.

Barry

On Sep 18, 2018, at 07:23, Bret Jordan <jordan.ietf@gmail.com> wrote:

Barry,

Thanks for the email. As we stated in = our initial draft document=E2=80=A6

=E2=80=9CWhile many attempts have been = made over the years in the IETF and other SDOs to address certain = elements of this problem space, there is currently no consolidated and = standardized language or means that would allow cyber actions to be = automatically coordinated, sequenced, processed and shared to enable = cyber defenders to respond in machine relevant time. Some efforts such = as BPMN have traditionally focused on higher-level non-cyber constructs = for process definition, and other efforts like OpenC2 have focused = purely on atomic actions, but none have focused on the overlay processes = required for this to be used in a broader cyber security response use = case.=E2=80=9D

As we work through and call out the problem spaces that need = to be addressed, I would hope that those of you that are interested in = this work will point us to specific elements and specific parts of = existing work that we can use or reuse. Also as we called out in the = draft, it is critical that this work ties in nicely with STIX and TAXII = based Cyber Threat Intelligence.

The reason we are looking to start some = work here in the IETF, is we feel like this venue might be a good place = given the problems we need to solve and how some groups like SUIT have = similar problems they are trying to solve. However, if this community = does not agree that this work should be done here, that information is = also valuable.


Our high level initial = goals are (I would be curious to know if this community supports = these):

1) = Identify all of the problem areas that need to be solved for this to = actually work in practice. 

2) Verify that the IETF is the right = SDO in which to do this work
a) Do we = have critical mass?
b) Do we = have the right people, vendors, analysts, SOC engineers?
= c) What is the temperament of this community for this kind of = work?
d) Can we do a Bar BOF in Bangkok = to gauge the community?
e) If the = community is supportive, would a WG forming BOF be an option in = Prague?

3) = Ensure we have multiple vendors and industry analysts from large SOCs = involved to help ensure that any specification we produce can be used = and implemented en mass.

4) Systematically work our way down the list of problem = spaces and look for solutions (taking input from existing work where = possible). Look to having our first implementable draft within 6 months = of getting a WG formed. Release iterative draft releases every few = months as we flesh out more of the problem space.
5) Produce a specification and data = model for JSON (and CBOR) along with implementation guides, = interoperability guides, proof of concepts, and other content needed to = ensure successful and rapid adopting across the market.



Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

On Sep 17, 2018, at 3:46 PM, Barry Greene <barryrgreene@gmail.com> wrote:

Hello Bret,

My first suggestion is background work. What you are doing is = not new. Pull in all the previous work, describe pros/cons/deployment, = then get into the gaps which CACAO seeks to fill.
For example, 

- walk through IODEF = (IETF) and explain pros, cons, limitations, and how CACAO would be = different.
- Walk through STIX and do the = same
- Walk through DOTs and explain why we could = not use DOTS as it is today (with an update to the = schema). 

Barry

On Sep 18, 2018, at = 00:03, Bret Jordan <jordan.ietf@gmail.com> wrote:

All,

As I mentioned in my = Welcome message last week, we plan to use Google Docs to track all = comments and suggestions to this draft and any other drafts that we = write for this work. The read-only link for this work can be found = here:


If you want to see comments and suggestions that are being = proposed, or if you want to add your own comments and suggestion, please = request access from within the Google Docs itself. 



Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."



= --Apple-Mail=_4F454D20-EDE0-4CA4-B4D1-3EE668CBD29D-- From nobody Mon Sep 17 17:27:12 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35C39130DF2 for ; Mon, 17 Sep 2018 17:27:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id epOdpvStLH7L for ; Mon, 17 Sep 2018 17:27:09 -0700 (PDT) Received: from mail-yw1-xc34.google.com (mail-yw1-xc34.google.com [IPv6:2607:f8b0:4864:20::c34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 821D4126BED for ; Mon, 17 Sep 2018 17:27:09 -0700 (PDT) Received: by mail-yw1-xc34.google.com with SMTP id 14-v6so81493ywe.2 for ; Mon, 17 Sep 2018 17:27:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:message-id:date:to; bh=XLHhJWdxXPYE5E+hwJjHLQZg/+FvmhEa2XfJOmshYbM=; b=R6PWvz08hAFftwiRUvNM6dz9SyubFYJtrKKB5nljNrFz2NamFzm/LOSrIGsHhNnJ8m uunTAtZ8SXShceaoErtCRfLJleYDwE+7GbvHBjn4KaJ6A9YoPUvdAxw9RyrYY1LrkVqT oG9u7SkBtcFT+UszCF9P914qGFS9ApDhQSfFowI9O/TXVyK246QuBBZY75VZrNpVb6B4 ApT+weFw1mtQaUA/L41tRGwQ7XIT1rTvbKYPz/pG8/Jo5DjDAnQ81CbD1zHkr7EPxITP w9yCKN3GJzOkluxHml/sz8GMkWOhivb9rkkhAqvSngCn1zUjJJismL0Exe/DzDrqXkzh 8Vlw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=XLHhJWdxXPYE5E+hwJjHLQZg/+FvmhEa2XfJOmshYbM=; b=j7Mz8dQjdqocKYfslvj2FChnlPu5o/4O3I0cBQYhvtedxnyJBm8Uuh1vnaSbBMlr24 a44QUeiBPKq7ClFoqvG1YS0nCQOnJY09w5wUdO6LHkg/UUdDOkh5LgVdhxkj6lsBsTd/ tSQuuGkmXyOUnUhLAZ7Tm0ZxveF47PA8xS6n85xrm0ojw3Vb3cWcI7d6J78EzadcjN2k SI5u9J93sPOMMP0Dyqfiyfx65BDEwyEjwURdyUk7DAOt59jAdPBoQf5DYJCjix25F50o YKMocTpQnqswQ5GcK2ydwKMAuWWicS/N59HxmpTSdnS8PGxBGbVC2aJmSI47TOoQAKms BK7A== X-Gm-Message-State: APzg51Cc2IO1LlJfHaax1bMiTiGX15pnyzdRBGqVwKbm+/sQ0Q+Y3Hsx 3K8CZKWpBpfxLRkdyg/QmvEfw/6D X-Google-Smtp-Source: ANB0VdbM+YJ/okCOiqR3C9BMKiNfbwDwVAMVo+HH5js3Tzyx4ZR0c1EZB5T9robeFnEB+FghjyRciw== X-Received: by 2002:a0d:d544:: with SMTP id x65-v6mr11629681ywd.55.1537230428361; Mon, 17 Sep 2018 17:27:08 -0700 (PDT) Received: from ?IPv6:2605:a601:3260:266:846b:b9bc:502f:2140? ([2605:a601:3260:266:846b:b9bc:502f:2140]) by smtp.gmail.com with ESMTPSA id f5-v6sm276989ywd.53.2018.09.17.17.27.06 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Sep 2018 17:27:07 -0700 (PDT) From: Bret Jordan Content-Type: multipart/alternative; boundary="Apple-Mail=_098D20AE-3A69-468A-B87F-107E0E8C56B3" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Message-Id: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> Date: Mon, 17 Sep 2018 18:27:03 -0600 To: cacao@ietf.org X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: [Cacao] Other thoughts X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 00:27:11 -0000 --Apple-Mail=_098D20AE-3A69-468A-B87F-107E0E8C56B3 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii All, I have heard from three people so far, what do others thing about the = draft and this proposed work? Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." --Apple-Mail=_098D20AE-3A69-468A-B87F-107E0E8C56B3 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii All,

I = have heard from three people so far, what do others thing about the = draft and this proposed work?


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

= --Apple-Mail=_098D20AE-3A69-468A-B87F-107E0E8C56B3-- From nobody Mon Sep 17 19:12:53 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90CE2130E05 for ; Mon, 17 Sep 2018 19:12:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s2cqy1_ofjDC for ; Mon, 17 Sep 2018 19:12:48 -0700 (PDT) Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 854EE1277BB for ; Mon, 17 Sep 2018 19:12:47 -0700 (PDT) Received: by mail-ot1-x335.google.com with SMTP id 36-v6so345752oth.11 for ; Mon, 17 Sep 2018 19:12:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ADco0Zh97b+3gWlsJ9TaxBOJrNT/8et3boPtk8uhM3Q=; b=X6haXICID7BDU+y9aiyeFjIhxOcB0GrrJN22Rcy1Mos+mFWcqWavNq9feM+EMeCw6O Ll04M6WDRjv/4/IXd/IVOGYSBpYsG+nFP73daPSff53kue2v4v/gzc0whNCdrvjncV3F kjIudZnBJ7RPhBat32D9W4iqzRgRr2ja3jOBeigot97EOAA6BGmupQpYvkqdFgdMFs3J zO1c1aFG3xTaPcs96fD03/KLvGJovpIhqIcy3ZVxWE1r/sdSjitvr0/9VkitfdH40P0T oEU4S4BZixYp2fpL/GuxIqOupXHfWS63NAMgQGKvnOApNdYWGaqFlsn9197eyv9xynFE GncA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ADco0Zh97b+3gWlsJ9TaxBOJrNT/8et3boPtk8uhM3Q=; b=CHRa/WJHg7XYDloV00jLBbMZE8igfF2IJGfjDI9JsY+aYuM92oX0ZrUqcQbdAHUuAn CS5V+t4i1+AQ/xcAiio+beETDmHlSSCmnJg3Rlo0aQ28zMOKwqkxhNPYpkp8kuj60fUO AAqmTGH5wJ3YtuhI7L0lUMUTgvwZywbGmLcm3JYVB40EA3jbRJDOGuZ8xr0YVPE+maOV korneajS++RzTtY6C6HWnvnhKkWmUVhXUG59v/ENihff9Pfhv2gxhk8L8X3uMhUkrbvO /e9KfcqL7HzlhLiGYQR7lPG7nC7cDdVvAITWp4sTUT1PUniem7/Vk5dvubecfhiDGMNT h/kQ== X-Gm-Message-State: APzg51A+Vw7EC8mx7jX9rxENnIVjIMIiv41vZhxbpVDqc7PjCrnzgKxU 85YFwAgaVGkCF+93hQ+r71Q00GFfXGSJNTwfZKA= X-Google-Smtp-Source: ANB0VdYCr9rXX0/958IdYeG95Z1cLU9B5KbXaE8cHCjc3NbsGHHIBETDBaT1eRxc0Ytv9NRy51bQvTLg8wSuJPCHVwM= X-Received: by 2002:a9d:248:: with SMTP id 66-v6mr14585248otb.386.1537236766303; Mon, 17 Sep 2018 19:12:46 -0700 (PDT) MIME-Version: 1.0 References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> In-Reply-To: From: Kathleen Moriarty Date: Mon, 17 Sep 2018 22:12:09 -0400 Message-ID: To: Bret Jordan Cc: Barry Greene , cacao@ietf.org Content-Type: multipart/alternative; boundary="0000000000006428e305761bd3ab" Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 02:12:52 -0000 --0000000000006428e305761bd3ab Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Brett, I do think the gap analysis Barry suggested is an important step for the authors of this work to pursue. This is important for a few reasons. The first is that it will familiarize you with the prior work. I know for RID, it was extensive with many participants. The document was also republished, so the time span was quite a range as well dating back to 2000/1. On Mon, Sep 17, 2018 at 7:52 PM Bret Jordan wrote: > Barry, > > We will be working on a list of problem areas that need to be addressed > and the order in which they need to be solved. If you have specific > examples of how certain areas have been solved already and have design > elements we could reuse, please share them. We would love to reuse as mu= ch > as possible. > You may discover this through the gap analysis that was suggested. As a result of that gap analysis, it will be easier to get others to engage in your work. For those of us who have done work in this space, having that acknowledged and then you stating the gap will help us all work toward a common output. > > As I stated in goal numbers 2, 3, and 5, we need to ensure that this > community has the right people in it, to ensure wide spread adoption. If > this community does not have the right people, then we need to either > recruit them and bring them in to this community or look for the right > community. > I think through the gap analysis, you'll see the prior work and I think will find the IETF is the right place. It will be easier to engage prior authors rather than asking them to do the analysis against your new effort. It's just the usual pattern we are accustomed to working in. If you look back at the SACM BoF for instance, you'll see a gap analysis was requested against several standards including YANG and NEA among others. I am guessing through that work we may figure out that this belongs in MILE, but could be wrong and the analysis suggested will help with that determination. This work could be very important and I'd like to see the outputs of that analysis. I suspect others who helped on prior efforts would as well. Thank you. Best regards, Kathleen > I agree that there are far too many standards created that never get > implemented. This is why I also called out the items in goal number 5 and > why we have recruited the authors and contributors that we have. > > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > On Sep 17, 2018, at 5:37 PM, Barry Greene wrote: > > Hi Bret, > > I read the initial draft. It is an assertion of a gap without a > quantitative review that there is a gap. > > I hate wasting time in the IETF working on idea that no way to gain > operational traction. This space is overloaded with past efforts. Lets > learn why they did not deploy, find the gaps, then proceed with new work. > > Barry > > On Sep 18, 2018, at 07:23, Bret Jordan wrote: > > Barry, > > Thanks for the email. As we stated in our initial draft document=E2=80=A6 > > =E2=80=9CWhile many attempts have been made over the years in the IETF an= d other > SDOs to address certain elements of this problem space, there is currentl= y > no consolidated and standardized language or means that would allow cyber > actions to be automatically coordinated, sequenced, processed and shared = to > enable cyber defenders to respond in machine relevant time. Some efforts > such as BPMN have traditionally focused on higher-level non-cyber > constructs for process definition, and other efforts like OpenC2 have > focused purely on atomic actions, but none have focused on the overlay > processes required for this to be used in a broader cyber security respon= se > use case.=E2=80=9D > > As we work through and call out the problem spaces that need to be > addressed, I would hope that those of you that are interested in this wor= k > will point us to specific elements and specific parts of existing work th= at > we can use or reuse. Also as we called out in the draft, it is critical > that this work ties in nicely with STIX and TAXII based Cyber Threat > Intelligence. > > The reason we are looking to start some work here in the IETF, is we feel > like this venue might be a good place given the problems we need to solve > and how some groups like SUIT have similar problems they are trying to > solve. However, if this community does not agree that this work should be > done here, that information is also valuable. > > > Our high level initial goals are (I would be curious to know if this > community supports these): > > 1) Identify all of the problem areas that need to be solved for this to > actually work in practice. > > 2) Verify that the IETF is the right SDO in which to do this work > a) Do we have critical mass? > b) Do we have the right people, vendors, analysts, SOC engineers? > c) What is the temperament of this community for this kind of work? > d) Can we do a Bar BOF in Bangkok to gauge the community? > e) If the community is supportive, would a WG forming BOF be an option in > Prague? > > 3) Ensure we have multiple vendors and industry analysts from large SOCs > involved to help ensure that any specification we produce can be used and > implemented en mass. > > 4) Systematically work our way down the list of problem spaces and look > for solutions (taking input from existing work where possible). Look to > having our first implementable draft within 6 months of getting a WG > formed. Release iterative draft releases every few months as we flesh out > more of the problem space. > > 5) Produce a specification and data model for JSON (and CBOR) along with > implementation guides, interoperability guides, proof of concepts, and > other content needed to ensure successful and rapid adopting across the > market. > > > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > On Sep 17, 2018, at 3:46 PM, Barry Greene wrote: > > Hello Bret, > > My first suggestion is background work. What you are doing is not new. > Pull in all the previous work, describe pros/cons/deployment, then get in= to > the gaps which CACAO seeks to fill. > > For example, > > - walk through IODEF (IETF) and explain pros, cons, limitations, and how > CACAO would be different. > - Walk through STIX and do the same > - Walk through DOTs and explain why we could not use DOTS as it is today > (with an update to the schema). > > Barry > > On Sep 18, 2018, at 00:03, Bret Jordan wrote: > > All, > > As I mentioned in my Welcome message last week, we plan to use Google Doc= s > to track all comments and suggestions to this draft and any other drafts > that we write for this work. The read-only link for this work can be foun= d > here: > > > https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywi= USn2tI/edit# > > If you want to see comments and suggestions that are being proposed, or i= f > you want to add your own comments and suggestion, please request access > from within the Google Docs itself. > > > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > --=20 Best regards, Kathleen --0000000000006428e305761bd3ab Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Brett,

I do think the gap analysis B= arry suggested is an important step for the authors of this work to pursue.= =C2=A0 This is important for a few reasons.=C2=A0 The first is that it will= familiarize you with the prior work.=C2=A0 I know for RID, it was extensiv= e with many participants.=C2=A0 The document was also republished, so the t= ime span was quite a range as well dating back to 2000/1.=C2=A0=C2=A0
=
On Mon, Sep 17, 2018 at 7:5= 2 PM Bret Jordan <jordan.ietf@g= mail.com> wrote:
Barry,

We will be working on a list of problem areas that need to be address= ed and the order in which they need to be solved. If you have specific exam= ples of how certain areas have been solved already and have design elements= we could reuse, please share them.=C2=A0 We would love to reuse as much as= possible.=C2=A0

You may discov= er this through the gap analysis that was suggested.=C2=A0 As a result of t= hat gap analysis, it will be easier to get others to engage in your work. F= or those of us who have done work in this space, having that acknowledged a= nd then you stating the gap will help us all work toward a common output.= =C2=A0=C2=A0

As I stated in g= oal numbers 2, 3, and 5, we need to ensure that this community has the righ= t people in it, to ensure wide spread adoption. If this community does not = have the right people, then we need to either recruit them and bring them i= n to this community or look for the right community.=C2=A0

I think through the gap analysis, you'll se= e the prior work and I think will find the IETF is the right place.=C2=A0 I= t will be easier to engage prior authors rather than asking them to do the = analysis against your new effort. It's just the usual pattern we are ac= customed to working in. If you look back at the SACM BoF for instance, you&= #39;ll see a gap analysis was requested against several standards including= YANG and NEA among others.=C2=A0=C2=A0

I am guess= ing through that work we may figure out that this belongs in MILE, but coul= d be wrong and the analysis suggested will help with that determination.

This work could be very important and I'd like t= o see the outputs of that analysis.=C2=A0 I suspect others who helped on pr= ior efforts would as well.=C2=A0 Thank you.

Best r= egards,
Kathleen

I agree that there are far too many standards created that nev= er get implemented. This is why I also called out the items in goal number = 5 and why we have recruited the authors and contributors that we have.=C2= =A0


Thanks,
Bret
<= span class=3D"m_-2422861236762645086Apple-style-span" style=3D"border-colla= pse:separate;text-align:-webkit-auto;border-spacing:0px">
PGP Fingerprint= :=C2=A063B4 FC53 680A 6B7D 1447= =C2=A0F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, h= owever, the only thing that can not be unscrambled is an egg."<= /div>

On Sep 17, 2018, at 5:37 PM, Barry = Greene <barr= yrgreene@gmail.com> wrote:

Hi Bret,

I read the initial draft. It is an assertion of a g= ap without a quantitative review that there is a gap.=C2=A0

<= /div>
I hate wasting time in the IETF working on idea that no way to ga= in operational traction. This space is overloaded with past efforts. Lets l= earn why they did not deploy, find the gaps, then proceed with new work.

Barry

On Sep 18, 2018, at 07:23, Bret = Jordan <jorda= n.ietf@gmail.com> wrote:

Barry,

Thanks for the email. As we stated in our initia= l draft document=E2=80=A6

=E2=80=9CWhile many atte= mpts have been made over the years in the IETF and other SDOs to address ce= rtain elements of this problem space, there is currently no consolidated an= d standardized language or means that would allow cyber actions to be autom= atically coordinated, sequenced, processed and shared to enable cyber defen= ders to respond in machine relevant time. Some efforts such as BPMN have tr= aditionally focused on higher-level non-cyber constructs for process defini= tion, and other efforts like OpenC2 have focused purely on atomic actions, = but none have focused on the overlay processes required for this to be used= in a broader cyber security response use case.=E2=80=9D

As we work through and call out the problem spaces that need to be a= ddressed, I would hope that those of you that are interested in this work w= ill point us to specific elements and specific parts of existing work that = we can use or reuse. Also as we called out in the draft, it is critical tha= t this work ties in nicely with STIX and TAXII based Cyber Threat Intellige= nce.

The reason we are looking to start some work = here in the IETF, is we feel like this venue might be a good place given th= e problems we need to solve and how some groups like SUIT have similar prob= lems they are trying to solve. However, if this community does not agree th= at this work should be done here, that information is also valuable.
<= div>

Our high level initial goals are (I would= be curious to know if this community supports these):

=
1) Identify all of the problem areas that need to be solved for this t= o actually work in practice.=C2=A0

2) Verify that = the IETF is the right SDO in which to do this work
a) Do we have=C2=A0critical mass?
b) Do we ha= ve the right people, vendors, analysts, SOC engineers?
= c) What is the temperament of this community for this kind of work?<= /div>
d) Can we do a Bar BOF in Bangkok to gauge the c= ommunity?
e) If the community is supportive, wou= ld a WG forming BOF be an option in Prague?

3) Ens= ure we have multiple vendors and industry analysts from large SOCs involved= to help ensure that any specification we produce can be used and implement= ed en mass.

4) Systematically work our way down th= e list of problem spaces and look for solutions (taking input from existing= work where possible). Look to having our first implementable draft within = 6 months of getting a WG formed. Release iterative draft releases every few= months as we flesh out more of the problem space.

5) Produce a specification and data model for JSON (and CBOR) along with i= mplementation guides, interoperability guides, proof of concepts, and other= content needed to ensure successful and rapid adopting across the market.<= /div>



Thanks,
Bret
PGP Fingerprint:=C2=A063B4 FC53 680A 6B7D 1447 =C2=A0F2C0 74F8 AC= AE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only th= ing that can not be unscrambled is an egg."
<= /span>

On Sep 17, 2018, at 3:46 PM, Barry = Greene <barr= yrgreene@gmail.com> wrote:

Hello Bret= ,

My first suggestion is background work. What you= are doing is not new. Pull in all the previous work, describe pros/cons/de= ployment, then get into the gaps which CACAO seeks to fill.

<= /div>
For example,=C2=A0

- walk through IODEF = (IETF) and explain pros, cons, limitations, and how CACAO would be differen= t.
- Walk through STIX and do the same
- Walk through D= OTs and explain why we could not use DOTS as it is today (with an update to= the schema).=C2=A0

Barry

On Sep 18,= 2018, at 00:03, Bret Jordan <jordan.ietf@gmail.com> wrote:

All,

As I mentioned in= my Welcome message last week, we plan to use Google Docs to track all comm= ents and suggestions to this draft and any other drafts that we write for t= his work. The read-only link for this work can be found here:

If you want to see comments and suggestions that are bein= g proposed, or if you want to add your own comments and suggestion, please = request access from within the Google Docs itself.=C2=A0



Thanks,
Bret
PGP Fingerprint:=C2=A063B4 FC53 680A 6B7D 1447 =C2=A0F2C0 74F8 AC= AE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only th= ing that can not be unscrambled is an egg."
<= /span>



--
Cacao mailing list
Cacao@ietf.org
https://www.ietf.org/mailman/listinfo/cacao


--

Best regards,
Kathleen
--0000000000006428e305761bd3ab-- From nobody Mon Sep 17 19:21:13 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CFDE130DFD for ; Mon, 17 Sep 2018 19:21:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OC1YfqcAlBzO for ; Mon, 17 Sep 2018 19:21:09 -0700 (PDT) Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A219F130E05 for ; Mon, 17 Sep 2018 19:21:08 -0700 (PDT) Received: from LHREML714-CAH.china.huawei.com (unknown [172.18.7.107]) by Forcepoint Email with ESMTP id 5F338B3804EDF for ; Tue, 18 Sep 2018 03:21:05 +0100 (IST) Received: from NKGEML412-HUB.china.huawei.com (10.98.56.73) by LHREML714-CAH.china.huawei.com (10.201.108.37) with Microsoft SMTP Server (TLS) id 14.3.399.0; Tue, 18 Sep 2018 03:21:06 +0100 Received: from NKGEML513-MBX.china.huawei.com ([169.254.1.200]) by nkgeml412-hub.china.huawei.com ([10.98.56.73]) with mapi id 14.03.0399.000; Tue, 18 Sep 2018 10:21:03 +0800 From: Qin Wu To: Bret Jordan , "cacao@ietf.org" Thread-Topic: [Cacao] Other thoughts Thread-Index: AQHUTuZcJ6TUztyEIkaHEHxez07PnKT1Sjmw Date: Tue, 18 Sep 2018 02:21:02 +0000 Message-ID: References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> In-Reply-To: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.138.33.244] Content-Type: multipart/alternative; boundary="_000_B8F9A780D330094D99AF023C5877DABA9B048DA6nkgeml513mbxchi_" MIME-Version: 1.0 X-CFilter-Loop: Reflected Archived-At: Subject: Re: [Cacao] Other thoughts X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 02:21:11 -0000 --_000_B8F9A780D330094D99AF023C5877DABA9B048DA6nkgeml513mbxchi_ Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: base64 SW50ZXJlc3RpbmcgaWRlYSwgSSBhbSB3b25kZXJpbmcgd2h5IHRoaXMgaWRlYSBpcyByZXN0cmlj dGVkIHRvIGN5YmVyIHNlY3VyaXR5IHNjZW5hcmlvcywgIEkgdGhpbmsgaXQgaXMgYWxzbyBhcHBs aWNhYmxlIHRvIFZQTiBzZXJ2aWNlIGRlbGl2ZXJ5IHNjZW5hcmlvLA0KDQpUaGUgZXNzZW5jZSBv ZiB0aGlzIGlkZWEgaXMgd29yayBmbG93IG1hbmFnZW1lbnQsIHByb2Nlc3MgbWFuYWdlbWVudCwg YWN0aXZpdHkgbWFuYWdlbWVudCwgc28geW91IG9yZ2FuaXplIGEgc2VxdWVuY2Ugb2YgcHJvY2Vz cyBvciB0YXNrcyB1c2luZw0KV29yayBmbG93IHRlbXBsYXRlLCBzbyB5b3UgY2FuIHNldHVwIGl0 IGFzIGEgc2l0dWF0aW9uLCBtb25pdG9yaW5nIGl0LCBvcHRpbWl6ZWQgaXQuDQoNCkluIFZQTiBz ZXJ2aWNlIGRlbGl2ZXJ5IHNjZW5hcmlvLCBJIGNhbiBkZWZpbmUgTmV0d29yayBjb25uZWN0aXZp dHkgc2V0dXAgYXMNCmEgRXZlbnQsIEluIHRoaXMgZXZlbnQsIHRoZSBtYW5hZ2VkIG9iamVjdCBp cyBuZXR3b3JrIGNvbm5lY3Rpdml0eSwgd2hlbiBuZXR3b3JrIGNvbm5lY3Rpdml0eSBnZXRzIHNl dHVwLCBJdCB3aWxsIHRyaWdnZXIgYW5vdGhlciBldmVudCwgaS5lLiwgY29ubmVjdGl2aXR5IHNl cnZpY2UgcGVyZm9ybWFuY2UNCm1vbml0b3JpbmcsIHdoZW4gbmV0d29yayBwZXJmb3JtYW5jZSBw YXJhbWV0ZXIgc3VjaCBhcyBkZWxheSBvciBwYWNrZXQgbG9zcyBleGNlZWQgc29tZSB0aHJlc2hv bGQsIEl0IGNhbiB0cmlnZ2VyIGFub3RoZXIgZXZlbnQgb3IgYWN0aW9uLCB0byBwZXJmb3JtIG5l dHdvcmsgb3B0aW1pemF0aW9uLg0KDQpTbyB3aGF0IEkgbGlrZSB0byBzZWUgYSBjdXJyZW50IGV2 ZW50IHRyaWdnZXJpbmcgYW5vdGhlciBleHRlcm5hbCBldmVudCwgYWN0aW9uIGFuZCBtYW5hZ2Vk IG9iamVjdCBpcyBwYXJ0IG9mIGV2ZW50LCBpbiBWUE4gc2VydmljZSBkZWxpdmVyeSBzY2VuYXJp bywgd2UNCkNhbiBlc3RhYmxpc2ggY29ubmVjdGlvbiBiZXR3ZWVuIG5ldHdvcmsgc2VydmljZSBt b25pdG9yaW5nIGFuZCBuZXR3b3JrIHNlcnZpY2UgcHJvdmlzaW9uIGFuZCB0aGVyZWZvcmUgd2Ug Y2FuIGhhdmUgZnVsbCBsaWZlY3ljbGUgIG1hbmFnZW1lbnQgb24gVlBOIHNlcnZpY2UsIGF1dG9t YXRlDQpOZXR3b3JrIG1hbmFnZW1lbnQuIEkgdGhpbmsgb3BlcmF0aW9uIGFyZWEgZGVmaW5pdGVs eSB0aGlzIGNhcGFiaWxpdHksIGZ1bmN0aW9uLCByaWdodCBub3cgTkVUQ09ORi9ZQU5HIGRvZXNu oa90IHByb3ZpZGUgc3VjaCBjYXBhYmlsaXR5Lg0KDQpPbmUgbGltaXRhdGlvbiBvZiBORVRDT05G IGVkaXQtY29uZmlnIG9wZXJhdGlvbiBpcyBkZXNjcmliZWQgaW4gUkZDNjI0MToNCqGwDQpJZiB0 aGUgPGVkaXQtY29uZmlnPiBvcGVyYXRpb24gY29udGFpbnMgbXVsdGlwbGUgc3ViLW9wZXJhdGlv bnMNCiAgICAgIHRoYXQgYXBwbHkgdG8gdGhlIHNhbWUgY29uY2VwdHVhbCBub2RlIGluIHRoZSB1 bmRlcmx5aW5nIGRhdGENCiAgICAgIG1vZGVsLCB0aGVuIHRoZSByZXN1bHQgb2YgdGhlIG9wZXJh dGlvbiBpcyB1bmRlZmluZWQgKGkuZS4sDQogICAgICBvdXRzaWRlIHRoZSBzY29wZSBvZiB0aGUg TkVUQ09ORiBwcm90b2NvbCkuDQoNCqGxDQpJIHRoaW5rIHRoZSByZWFzb24gaXMgYmVjb3MgTkVU Q09ORiBsYWNrIHByb2Nlc3MgbWFuYWdlbWVudCBjYXBhYmlsaXR5Lg0KDQotUWluDQq3orz+yMs6 IENhY2FvIFttYWlsdG86Y2FjYW8tYm91bmNlc0BpZXRmLm9yZ10gtPqx7SBCcmV0IEpvcmRhbg0K t6LLzcqxvOQ6IDIwMTjE6jnUwjE4yNUgODoyNw0KytW8/sjLOiBjYWNhb0BpZXRmLm9yZw0K1vfM 4jogW0NhY2FvXSBPdGhlciB0aG91Z2h0cw0KDQpBbGwsDQoNCkkgaGF2ZSBoZWFyZCBmcm9tIHRo cmVlIHBlb3BsZSBzbyBmYXIsIHdoYXQgZG8gb3RoZXJzIHRoaW5nIGFib3V0IHRoZSBkcmFmdCBh bmQgdGhpcyBwcm9wb3NlZCB3b3JrPw0KDQoNClRoYW5rcywNCkJyZXQNClBHUCBGaW5nZXJwcmlu dDogNjNCNCBGQzUzIDY4MEEgNkI3RCAxNDQ3ICBGMkMwIDc0RjggQUNBRSA3NDE1IDAwNTANCiJX aXRob3V0IGNyeXB0b2dyYXBoeSB2aWh2IHZpdmMgY2UgeGhybnJ3LCBob3dldmVyLCB0aGUgb25s eSB0aGluZyB0aGF0IGNhbiBub3QgYmUgdW5zY3JhbWJsZWQgaXMgYW4gZWdnLiINCg0K --_000_B8F9A780D330094D99AF023C5877DABA9B048DA6nkgeml513mbxchi_ Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Interestin= g idea, I am wondering why this idea is restricted to cyber security scenar= ios,  I think it is also applicable to VPN service delivery scenario,

 = ;

The essenc= e of this idea is work flow management, process management, activity manage= ment, so you organize a sequence of process or tasks using

Work flow = template, so you can setup it as a situation, monitoring it, optimized it.

 = ;

In VPN ser= vice delivery scenario, I can define Network connectivity setup as

a Event, I= n this event, the managed object is network connectivity, when network conn= ectivity gets setup, It will trigger another event, i.e., connectivity service performance

monitoring= , when network performance parameter such as delay or packet loss exceed so= me threshold, It can trigger another event or action, to perform network optimization.

 = ;

So what I = like to see a current event triggering another external event, action and m= anaged object is part of event, in VPN service delivery scenario, we

Can establ= ish connection between network service monitoring and network service provi= sion and therefore we can have full lifecycle  management on VPN service, automate

Network ma= nagement. I think operation area definitely this capability, function, righ= t now NETCONF/YANG doesn=A1=AFt provide such capability.<= /p>

 = ;

One limita= tion of NETCONF edit-config operation is described in RFC6241:

=A1=B0

If = the <edit-config> operation contains multiple sub-operations

   &nbs= p;  that apply to the same conceptual node in the underlying data=

   &nbs= p;  model, then the result of the operation is undefined (i.e.,

   &nbs= p;  outside the scope of the NETCONF protocol).

 

=A1=B1

I think th= e reason is becos NETCONF lack process management capability.

 = ;

-Qin<= /o:p>

=B7=A2=BC=FE=C8=CB: Cacao [= mailto:cacao-bounces@ietf.org] =B4=FA= =B1=ED Bret Jordan
=B7=A2= =CB=CD=CA=B1=BC=E4: 2018=C4=EA9=D4=C218=C8=D5 8:27
=CA=D5=BC=FE=C8=CB: cacao@ietf.org
=D6=F7=CC=E2: [Cacao] Other thoughts

 

All,

 

I have heard from three people = so far, what do others thing about the draft and this proposed work?

 

 

Thanks,

Bret

PGP Fingerp= rint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

"Witho= ut cryptography vihv vivc ce xhrnrw, however, the only thing that can not b= e unscrambled is an egg."

 

--_000_B8F9A780D330094D99AF023C5877DABA9B048DA6nkgeml513mbxchi_-- From nobody Tue Sep 18 00:49:04 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39E26130DED for ; Tue, 18 Sep 2018 00:49:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IwXn9gnqQxTE for ; Tue, 18 Sep 2018 00:48:59 -0700 (PDT) Received: from svripmail2.coop.ch (mail21.coop.ch [194.11.167.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35C15127AC2 for ; Tue, 18 Sep 2018 00:48:57 -0700 (PDT) Received: from svrm2ex2k13n05.hs.coop.ch ([10.5.39.75]) by svripmail2.coop.ch with ESMTP/TLS/AES256-SHA; 18 Sep 2018 09:48:54 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch (10.5.39.75) by SVRM2EX2K13N05.hs.coop.ch (10.5.39.75) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Tue, 18 Sep 2018 09:48:54 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4]) by SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4%22]) with mapi id 15.00.1365.000; Tue, 18 Sep 2018 09:48:54 +0200 From: To: , CC: , Thread-Topic: [Cacao] CACAO Google Doc Thread-Index: AQHUTqAOSvSIkWIbhEqdmIMTcRkLyKT04OaAgAAbQoCAAAPDAIAABDSAgAAnG4CAAH8GYA== Date: Tue, 18 Sep 2018 07:48:54 +0000 Message-ID: References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> In-Reply-To: Accept-Language: de-DE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.105.10.52] Content-Type: multipart/alternative; boundary="_000_b3672d91906448109433c6c5ef857b51SVRM2EX2K13N05hscoopch_" MIME-Version: 1.0 Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 07:49:03 -0000 --_000_b3672d91906448109433c6c5ef857b51SVRM2EX2K13N05hscoopch_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkNCg0KSSBhZ3JlZSB0aGF0IGEgZ2FwIGFuYWx5c2lzIHdvdWxkIGJlIGdyZWF0LCBidXQgSSBy ZWFkIHRoaXMgZGlzY3Vzc2lvbiBhcyAiaW5jbHVkZSB0aGlzIGluIHRoZSBkb2N1bWVudCB0aGF0 IHByb3Bvc2VzIGEgbmV3IGFwcHJvYWNoIi4gSWYgSSByZWFkIHRoYXQgY29ycmVjdGx5LCBJIHdv dWxkIHByb3Bvc2UgdG8gc3BsaXQgdGhhdCBvdXQgaW50byB0d28gZG9jdW1lbnRzLiBUaGUgcmVh c29uIGlzIHRoYXQgdGhpcyBzb3VuZHMgbGlrZSBhIGh1Z2UgbW9uc3RlciBkb2N1bWVudCwgbm9i b2R5IGNhbiBkaWdlc3QgYW55bW9yZS4gSSB0aGluayBpdCB3b3VsZCBiZSB2YWx1YWJsZSB0byBo YXZlIGEgZ2FwIGFuYWx5c2lzIC8gbW90aXZhdGlvbiB0eXBlIG9mIGRvY3VtZW50IGFuZCB0aGVu IGFub3RoZXIgb25lIChvciBzZXZlcmFsIG90aGVyIG9uZXMpIGRlc2NyaWJpbmcgdGhlIG5ldyBh cHByb2FjaC4NCg0KYmVzdCByZWdhcmRzDQpDYXJvbGluDQoNCkZyb206IENhY2FvIFttYWlsdG86 Y2FjYW8tYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIEthdGhsZWVuIE1vcmlhcnR5DQpT ZW50OiBUdWVzZGF5LCBTZXB0ZW1iZXIgMTgsIDIwMTggNDoxMiBBTQ0KVG86IEJyZXQgSm9yZGFu IDxqb3JkYW4uaWV0ZkBnbWFpbC5jb20+DQpDYzogQmFycnkgR3JlZW5lIDxiYXJyeXJncmVlbmVA Z21haWwuY29tPjsgY2FjYW9AaWV0Zi5vcmcNClN1YmplY3Q6IFJlOiBbQ2FjYW9dIENBQ0FPIEdv b2dsZSBEb2MNCg0KSGkgQnJldHQsDQoNCkkgZG8gdGhpbmsgdGhlIGdhcCBhbmFseXNpcyBCYXJy eSBzdWdnZXN0ZWQgaXMgYW4gaW1wb3J0YW50IHN0ZXAgZm9yIHRoZSBhdXRob3JzIG9mIHRoaXMg d29yayB0byBwdXJzdWUuICBUaGlzIGlzIGltcG9ydGFudCBmb3IgYSBmZXcgcmVhc29ucy4gIFRo ZSBmaXJzdCBpcyB0aGF0IGl0IHdpbGwgZmFtaWxpYXJpemUgeW91IHdpdGggdGhlIHByaW9yIHdv cmsuICBJIGtub3cgZm9yIFJJRCwgaXQgd2FzIGV4dGVuc2l2ZSB3aXRoIG1hbnkgcGFydGljaXBh bnRzLiAgVGhlIGRvY3VtZW50IHdhcyBhbHNvIHJlcHVibGlzaGVkLCBzbyB0aGUgdGltZSBzcGFu IHdhcyBxdWl0ZSBhIHJhbmdlIGFzIHdlbGwgZGF0aW5nIGJhY2sgdG8gMjAwMC8xLg0KDQpPbiBN b24sIFNlcCAxNywgMjAxOCBhdCA3OjUyIFBNIEJyZXQgSm9yZGFuIDxqb3JkYW4uaWV0ZkBnbWFp bC5jb208bWFpbHRvOmpvcmRhbi5pZXRmQGdtYWlsLmNvbT4+IHdyb3RlOg0KQmFycnksDQoNCldl IHdpbGwgYmUgd29ya2luZyBvbiBhIGxpc3Qgb2YgcHJvYmxlbSBhcmVhcyB0aGF0IG5lZWQgdG8g YmUgYWRkcmVzc2VkIGFuZCB0aGUgb3JkZXIgaW4gd2hpY2ggdGhleSBuZWVkIHRvIGJlIHNvbHZl ZC4gSWYgeW91IGhhdmUgc3BlY2lmaWMgZXhhbXBsZXMgb2YgaG93IGNlcnRhaW4gYXJlYXMgaGF2 ZSBiZWVuIHNvbHZlZCBhbHJlYWR5IGFuZCBoYXZlIGRlc2lnbiBlbGVtZW50cyB3ZSBjb3VsZCBy ZXVzZSwgcGxlYXNlIHNoYXJlIHRoZW0uICBXZSB3b3VsZCBsb3ZlIHRvIHJldXNlIGFzIG11Y2gg YXMgcG9zc2libGUuDQoNCllvdSBtYXkgZGlzY292ZXIgdGhpcyB0aHJvdWdoIHRoZSBnYXAgYW5h bHlzaXMgdGhhdCB3YXMgc3VnZ2VzdGVkLiAgQXMgYSByZXN1bHQgb2YgdGhhdCBnYXAgYW5hbHlz aXMsIGl0IHdpbGwgYmUgZWFzaWVyIHRvIGdldCBvdGhlcnMgdG8gZW5nYWdlIGluIHlvdXIgd29y ay4gRm9yIHRob3NlIG9mIHVzIHdobyBoYXZlIGRvbmUgd29yayBpbiB0aGlzIHNwYWNlLCBoYXZp bmcgdGhhdCBhY2tub3dsZWRnZWQgYW5kIHRoZW4geW91IHN0YXRpbmcgdGhlIGdhcCB3aWxsIGhl bHAgdXMgYWxsIHdvcmsgdG93YXJkIGEgY29tbW9uIG91dHB1dC4NCg0KQXMgSSBzdGF0ZWQgaW4g Z29hbCBudW1iZXJzIDIsIDMsIGFuZCA1LCB3ZSBuZWVkIHRvIGVuc3VyZSB0aGF0IHRoaXMgY29t bXVuaXR5IGhhcyB0aGUgcmlnaHQgcGVvcGxlIGluIGl0LCB0byBlbnN1cmUgd2lkZSBzcHJlYWQg YWRvcHRpb24uIElmIHRoaXMgY29tbXVuaXR5IGRvZXMgbm90IGhhdmUgdGhlIHJpZ2h0IHBlb3Bs ZSwgdGhlbiB3ZSBuZWVkIHRvIGVpdGhlciByZWNydWl0IHRoZW0gYW5kIGJyaW5nIHRoZW0gaW4g dG8gdGhpcyBjb21tdW5pdHkgb3IgbG9vayBmb3IgdGhlIHJpZ2h0IGNvbW11bml0eS4NCg0KSSB0 aGluayB0aHJvdWdoIHRoZSBnYXAgYW5hbHlzaXMsIHlvdSdsbCBzZWUgdGhlIHByaW9yIHdvcmsg YW5kIEkgdGhpbmsgd2lsbCBmaW5kIHRoZSBJRVRGIGlzIHRoZSByaWdodCBwbGFjZS4gIEl0IHdp bGwgYmUgZWFzaWVyIHRvIGVuZ2FnZSBwcmlvciBhdXRob3JzIHJhdGhlciB0aGFuIGFza2luZyB0 aGVtIHRvIGRvIHRoZSBhbmFseXNpcyBhZ2FpbnN0IHlvdXIgbmV3IGVmZm9ydC4gSXQncyBqdXN0 IHRoZSB1c3VhbCBwYXR0ZXJuIHdlIGFyZSBhY2N1c3RvbWVkIHRvIHdvcmtpbmcgaW4uIElmIHlv dSBsb29rIGJhY2sgYXQgdGhlIFNBQ00gQm9GIGZvciBpbnN0YW5jZSwgeW91J2xsIHNlZSBhIGdh cCBhbmFseXNpcyB3YXMgcmVxdWVzdGVkIGFnYWluc3Qgc2V2ZXJhbCBzdGFuZGFyZHMgaW5jbHVk aW5nIFlBTkcgYW5kIE5FQSBhbW9uZyBvdGhlcnMuDQoNCkkgYW0gZ3Vlc3NpbmcgdGhyb3VnaCB0 aGF0IHdvcmsgd2UgbWF5IGZpZ3VyZSBvdXQgdGhhdCB0aGlzIGJlbG9uZ3MgaW4gTUlMRSwgYnV0 IGNvdWxkIGJlIHdyb25nIGFuZCB0aGUgYW5hbHlzaXMgc3VnZ2VzdGVkIHdpbGwgaGVscCB3aXRo IHRoYXQgZGV0ZXJtaW5hdGlvbi4NCg0KVGhpcyB3b3JrIGNvdWxkIGJlIHZlcnkgaW1wb3J0YW50 IGFuZCBJJ2QgbGlrZSB0byBzZWUgdGhlIG91dHB1dHMgb2YgdGhhdCBhbmFseXNpcy4gIEkgc3Vz cGVjdCBvdGhlcnMgd2hvIGhlbHBlZCBvbiBwcmlvciBlZmZvcnRzIHdvdWxkIGFzIHdlbGwuICBU aGFuayB5b3UuDQoNCkJlc3QgcmVnYXJkcywNCkthdGhsZWVuDQoNCg0KSSBhZ3JlZSB0aGF0IHRo ZXJlIGFyZSBmYXIgdG9vIG1hbnkgc3RhbmRhcmRzIGNyZWF0ZWQgdGhhdCBuZXZlciBnZXQgaW1w bGVtZW50ZWQuIFRoaXMgaXMgd2h5IEkgYWxzbyBjYWxsZWQgb3V0IHRoZSBpdGVtcyBpbiBnb2Fs IG51bWJlciA1IGFuZCB3aHkgd2UgaGF2ZSByZWNydWl0ZWQgdGhlIGF1dGhvcnMgYW5kIGNvbnRy aWJ1dG9ycyB0aGF0IHdlIGhhdmUuDQoNCg0KVGhhbmtzLA0KQnJldA0KUEdQIEZpbmdlcnByaW50 OiA2M0I0IEZDNTMgNjgwQSA2QjdEIDE0NDcgIEYyQzAgNzRGOCBBQ0FFIDc0MTUgMDA1MA0KIldp dGhvdXQgY3J5cHRvZ3JhcGh5IHZpaHYgdml2YyBjZSB4aHJucncsIGhvd2V2ZXIsIHRoZSBvbmx5 IHRoaW5nIHRoYXQgY2FuIG5vdCBiZSB1bnNjcmFtYmxlZCBpcyBhbiBlZ2cuIg0KDQoNCk9uIFNl cCAxNywgMjAxOCwgYXQgNTozNyBQTSwgQmFycnkgR3JlZW5lIDxiYXJyeXJncmVlbmVAZ21haWwu Y29tPG1haWx0bzpiYXJyeXJncmVlbmVAZ21haWwuY29tPj4gd3JvdGU6DQoNCkhpIEJyZXQsDQoN CkkgcmVhZCB0aGUgaW5pdGlhbCBkcmFmdC4gSXQgaXMgYW4gYXNzZXJ0aW9uIG9mIGEgZ2FwIHdp dGhvdXQgYSBxdWFudGl0YXRpdmUgcmV2aWV3IHRoYXQgdGhlcmUgaXMgYSBnYXAuDQoNCkkgaGF0 ZSB3YXN0aW5nIHRpbWUgaW4gdGhlIElFVEYgd29ya2luZyBvbiBpZGVhIHRoYXQgbm8gd2F5IHRv IGdhaW4gb3BlcmF0aW9uYWwgdHJhY3Rpb24uIFRoaXMgc3BhY2UgaXMgb3ZlcmxvYWRlZCB3aXRo IHBhc3QgZWZmb3J0cy4gTGV0cyBsZWFybiB3aHkgdGhleSBkaWQgbm90IGRlcGxveSwgZmluZCB0 aGUgZ2FwcywgdGhlbiBwcm9jZWVkIHdpdGggbmV3IHdvcmsuDQoNCkJhcnJ5DQoNCk9uIFNlcCAx OCwgMjAxOCwgYXQgMDc6MjMsIEJyZXQgSm9yZGFuIDxqb3JkYW4uaWV0ZkBnbWFpbC5jb208bWFp bHRvOmpvcmRhbi5pZXRmQGdtYWlsLmNvbT4+IHdyb3RlOg0KQmFycnksDQoNClRoYW5rcyBmb3Ig dGhlIGVtYWlsLiBBcyB3ZSBzdGF0ZWQgaW4gb3VyIGluaXRpYWwgZHJhZnQgZG9jdW1lbnTigKYN Cg0K4oCcV2hpbGUgbWFueSBhdHRlbXB0cyBoYXZlIGJlZW4gbWFkZSBvdmVyIHRoZSB5ZWFycyBp biB0aGUgSUVURiBhbmQgb3RoZXIgU0RPcyB0byBhZGRyZXNzIGNlcnRhaW4gZWxlbWVudHMgb2Yg dGhpcyBwcm9ibGVtIHNwYWNlLCB0aGVyZSBpcyBjdXJyZW50bHkgbm8gY29uc29saWRhdGVkIGFu ZCBzdGFuZGFyZGl6ZWQgbGFuZ3VhZ2Ugb3IgbWVhbnMgdGhhdCB3b3VsZCBhbGxvdyBjeWJlciBh Y3Rpb25zIHRvIGJlIGF1dG9tYXRpY2FsbHkgY29vcmRpbmF0ZWQsIHNlcXVlbmNlZCwgcHJvY2Vz c2VkIGFuZCBzaGFyZWQgdG8gZW5hYmxlIGN5YmVyIGRlZmVuZGVycyB0byByZXNwb25kIGluIG1h Y2hpbmUgcmVsZXZhbnQgdGltZS4gU29tZSBlZmZvcnRzIHN1Y2ggYXMgQlBNTiBoYXZlIHRyYWRp dGlvbmFsbHkgZm9jdXNlZCBvbiBoaWdoZXItbGV2ZWwgbm9uLWN5YmVyIGNvbnN0cnVjdHMgZm9y IHByb2Nlc3MgZGVmaW5pdGlvbiwgYW5kIG90aGVyIGVmZm9ydHMgbGlrZSBPcGVuQzIgaGF2ZSBm b2N1c2VkIHB1cmVseSBvbiBhdG9taWMgYWN0aW9ucywgYnV0IG5vbmUgaGF2ZSBmb2N1c2VkIG9u IHRoZSBvdmVybGF5IHByb2Nlc3NlcyByZXF1aXJlZCBmb3IgdGhpcyB0byBiZSB1c2VkIGluIGEg YnJvYWRlciBjeWJlciBzZWN1cml0eSByZXNwb25zZSB1c2UgY2FzZS7igJ0NCg0KQXMgd2Ugd29y ayB0aHJvdWdoIGFuZCBjYWxsIG91dCB0aGUgcHJvYmxlbSBzcGFjZXMgdGhhdCBuZWVkIHRvIGJl IGFkZHJlc3NlZCwgSSB3b3VsZCBob3BlIHRoYXQgdGhvc2Ugb2YgeW91IHRoYXQgYXJlIGludGVy ZXN0ZWQgaW4gdGhpcyB3b3JrIHdpbGwgcG9pbnQgdXMgdG8gc3BlY2lmaWMgZWxlbWVudHMgYW5k IHNwZWNpZmljIHBhcnRzIG9mIGV4aXN0aW5nIHdvcmsgdGhhdCB3ZSBjYW4gdXNlIG9yIHJldXNl LiBBbHNvIGFzIHdlIGNhbGxlZCBvdXQgaW4gdGhlIGRyYWZ0LCBpdCBpcyBjcml0aWNhbCB0aGF0 IHRoaXMgd29yayB0aWVzIGluIG5pY2VseSB3aXRoIFNUSVggYW5kIFRBWElJIGJhc2VkIEN5YmVy IFRocmVhdCBJbnRlbGxpZ2VuY2UuDQoNClRoZSByZWFzb24gd2UgYXJlIGxvb2tpbmcgdG8gc3Rh cnQgc29tZSB3b3JrIGhlcmUgaW4gdGhlIElFVEYsIGlzIHdlIGZlZWwgbGlrZSB0aGlzIHZlbnVl IG1pZ2h0IGJlIGEgZ29vZCBwbGFjZSBnaXZlbiB0aGUgcHJvYmxlbXMgd2UgbmVlZCB0byBzb2x2 ZSBhbmQgaG93IHNvbWUgZ3JvdXBzIGxpa2UgU1VJVCBoYXZlIHNpbWlsYXIgcHJvYmxlbXMgdGhl eSBhcmUgdHJ5aW5nIHRvIHNvbHZlLiBIb3dldmVyLCBpZiB0aGlzIGNvbW11bml0eSBkb2VzIG5v dCBhZ3JlZSB0aGF0IHRoaXMgd29yayBzaG91bGQgYmUgZG9uZSBoZXJlLCB0aGF0IGluZm9ybWF0 aW9uIGlzIGFsc28gdmFsdWFibGUuDQoNCg0KT3VyIGhpZ2ggbGV2ZWwgaW5pdGlhbCBnb2FscyBh cmUgKEkgd291bGQgYmUgY3VyaW91cyB0byBrbm93IGlmIHRoaXMgY29tbXVuaXR5IHN1cHBvcnRz IHRoZXNlKToNCg0KMSkgSWRlbnRpZnkgYWxsIG9mIHRoZSBwcm9ibGVtIGFyZWFzIHRoYXQgbmVl ZCB0byBiZSBzb2x2ZWQgZm9yIHRoaXMgdG8gYWN0dWFsbHkgd29yayBpbiBwcmFjdGljZS4NCg0K MikgVmVyaWZ5IHRoYXQgdGhlIElFVEYgaXMgdGhlIHJpZ2h0IFNETyBpbiB3aGljaCB0byBkbyB0 aGlzIHdvcmsNCmEpIERvIHdlIGhhdmUgY3JpdGljYWwgbWFzcz8NCmIpIERvIHdlIGhhdmUgdGhl IHJpZ2h0IHBlb3BsZSwgdmVuZG9ycywgYW5hbHlzdHMsIFNPQyBlbmdpbmVlcnM/DQpjKSBXaGF0 IGlzIHRoZSB0ZW1wZXJhbWVudCBvZiB0aGlzIGNvbW11bml0eSBmb3IgdGhpcyBraW5kIG9mIHdv cms/DQpkKSBDYW4gd2UgZG8gYSBCYXIgQk9GIGluIEJhbmdrb2sgdG8gZ2F1Z2UgdGhlIGNvbW11 bml0eT8NCmUpIElmIHRoZSBjb21tdW5pdHkgaXMgc3VwcG9ydGl2ZSwgd291bGQgYSBXRyBmb3Jt aW5nIEJPRiBiZSBhbiBvcHRpb24gaW4gUHJhZ3VlPw0KDQozKSBFbnN1cmUgd2UgaGF2ZSBtdWx0 aXBsZSB2ZW5kb3JzIGFuZCBpbmR1c3RyeSBhbmFseXN0cyBmcm9tIGxhcmdlIFNPQ3MgaW52b2x2 ZWQgdG8gaGVscCBlbnN1cmUgdGhhdCBhbnkgc3BlY2lmaWNhdGlvbiB3ZSBwcm9kdWNlIGNhbiBi ZSB1c2VkIGFuZCBpbXBsZW1lbnRlZCBlbiBtYXNzLg0KDQo0KSBTeXN0ZW1hdGljYWxseSB3b3Jr IG91ciB3YXkgZG93biB0aGUgbGlzdCBvZiBwcm9ibGVtIHNwYWNlcyBhbmQgbG9vayBmb3Igc29s dXRpb25zICh0YWtpbmcgaW5wdXQgZnJvbSBleGlzdGluZyB3b3JrIHdoZXJlIHBvc3NpYmxlKS4g TG9vayB0byBoYXZpbmcgb3VyIGZpcnN0IGltcGxlbWVudGFibGUgZHJhZnQgd2l0aGluIDYgbW9u dGhzIG9mIGdldHRpbmcgYSBXRyBmb3JtZWQuIFJlbGVhc2UgaXRlcmF0aXZlIGRyYWZ0IHJlbGVh c2VzIGV2ZXJ5IGZldyBtb250aHMgYXMgd2UgZmxlc2ggb3V0IG1vcmUgb2YgdGhlIHByb2JsZW0g c3BhY2UuDQoNCjUpIFByb2R1Y2UgYSBzcGVjaWZpY2F0aW9uIGFuZCBkYXRhIG1vZGVsIGZvciBK U09OIChhbmQgQ0JPUikgYWxvbmcgd2l0aCBpbXBsZW1lbnRhdGlvbiBndWlkZXMsIGludGVyb3Bl cmFiaWxpdHkgZ3VpZGVzLCBwcm9vZiBvZiBjb25jZXB0cywgYW5kIG90aGVyIGNvbnRlbnQgbmVl ZGVkIHRvIGVuc3VyZSBzdWNjZXNzZnVsIGFuZCByYXBpZCBhZG9wdGluZyBhY3Jvc3MgdGhlIG1h cmtldC4NCg0KDQoNClRoYW5rcywNCkJyZXQNClBHUCBGaW5nZXJwcmludDogNjNCNCBGQzUzIDY4 MEEgNkI3RCAxNDQ3ICBGMkMwIDc0RjggQUNBRSA3NDE1IDAwNTANCiJXaXRob3V0IGNyeXB0b2dy YXBoeSB2aWh2IHZpdmMgY2UgeGhybnJ3LCBob3dldmVyLCB0aGUgb25seSB0aGluZyB0aGF0IGNh biBub3QgYmUgdW5zY3JhbWJsZWQgaXMgYW4gZWdnLiINCg0KDQpPbiBTZXAgMTcsIDIwMTgsIGF0 IDM6NDYgUE0sIEJhcnJ5IEdyZWVuZSA8YmFycnlyZ3JlZW5lQGdtYWlsLmNvbTxtYWlsdG86YmFy cnlyZ3JlZW5lQGdtYWlsLmNvbT4+IHdyb3RlOg0KDQpIZWxsbyBCcmV0LA0KDQpNeSBmaXJzdCBz dWdnZXN0aW9uIGlzIGJhY2tncm91bmQgd29yay4gV2hhdCB5b3UgYXJlIGRvaW5nIGlzIG5vdCBu ZXcuIFB1bGwgaW4gYWxsIHRoZSBwcmV2aW91cyB3b3JrLCBkZXNjcmliZSBwcm9zL2NvbnMvZGVw bG95bWVudCwgdGhlbiBnZXQgaW50byB0aGUgZ2FwcyB3aGljaCBDQUNBTyBzZWVrcyB0byBmaWxs Lg0KDQpGb3IgZXhhbXBsZSwNCg0KLSB3YWxrIHRocm91Z2ggSU9ERUYgKElFVEYpIGFuZCBleHBs YWluIHByb3MsIGNvbnMsIGxpbWl0YXRpb25zLCBhbmQgaG93IENBQ0FPIHdvdWxkIGJlIGRpZmZl cmVudC4NCi0gV2FsayB0aHJvdWdoIFNUSVggYW5kIGRvIHRoZSBzYW1lDQotIFdhbGsgdGhyb3Vn aCBET1RzIGFuZCBleHBsYWluIHdoeSB3ZSBjb3VsZCBub3QgdXNlIERPVFMgYXMgaXQgaXMgdG9k YXkgKHdpdGggYW4gdXBkYXRlIHRvIHRoZSBzY2hlbWEpLg0KDQpCYXJyeQ0KDQpPbiBTZXAgMTgs IDIwMTgsIGF0IDAwOjAzLCBCcmV0IEpvcmRhbiA8am9yZGFuLmlldGZAZ21haWwuY29tPG1haWx0 bzpqb3JkYW4uaWV0ZkBnbWFpbC5jb20+PiB3cm90ZToNCkFsbCwNCg0KQXMgSSBtZW50aW9uZWQg aW4gbXkgV2VsY29tZSBtZXNzYWdlIGxhc3Qgd2Vlaywgd2UgcGxhbiB0byB1c2UgR29vZ2xlIERv Y3MgdG8gdHJhY2sgYWxsIGNvbW1lbnRzIGFuZCBzdWdnZXN0aW9ucyB0byB0aGlzIGRyYWZ0IGFu ZCBhbnkgb3RoZXIgZHJhZnRzIHRoYXQgd2Ugd3JpdGUgZm9yIHRoaXMgd29yay4gVGhlIHJlYWQt b25seSBsaW5rIGZvciB0aGlzIHdvcmsgY2FuIGJlIGZvdW5kIGhlcmU6DQoNCmh0dHBzOi8vZG9j cy5nb29nbGUuY29tL2RvY3VtZW50L2QvMVlsdXVFSXYtU1JFSTFpM0JIQzJXcDh2bnZwVU91T1po YmZ5d2lVU24ydEkvZWRpdCM8aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb20vZG9jdW1lbnQvZC8xWWx1 dUVJdi1TUkVJMWkzQkhDMldwOHZudnBVT3VPWmhiZnl3aVVTbjJ0SS9lZGl0Pg0KDQpJZiB5b3Ug d2FudCB0byBzZWUgY29tbWVudHMgYW5kIHN1Z2dlc3Rpb25zIHRoYXQgYXJlIGJlaW5nIHByb3Bv c2VkLCBvciBpZiB5b3Ugd2FudCB0byBhZGQgeW91ciBvd24gY29tbWVudHMgYW5kIHN1Z2dlc3Rp b24sIHBsZWFzZSByZXF1ZXN0IGFjY2VzcyBmcm9tIHdpdGhpbiB0aGUgR29vZ2xlIERvY3MgaXRz ZWxmLg0KDQoNCg0KVGhhbmtzLA0KQnJldA0KUEdQIEZpbmdlcnByaW50OiA2M0I0IEZDNTMgNjgw QSA2QjdEIDE0NDcgIEYyQzAgNzRGOCBBQ0FFIDc0MTUgMDA1MA0KIldpdGhvdXQgY3J5cHRvZ3Jh cGh5IHZpaHYgdml2YyBjZSB4aHJucncsIGhvd2V2ZXIsIHRoZSBvbmx5IHRoaW5nIHRoYXQgY2Fu IG5vdCBiZSB1bnNjcmFtYmxlZCBpcyBhbiBlZ2cuIg0KDQotLQ0KQ2FjYW8gbWFpbGluZyBsaXN0 DQpDYWNhb0BpZXRmLm9yZzxtYWlsdG86Q2FjYW9AaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRm Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL2NhY2FvDQoNCg0KLS0NCkNhY2FvIG1haWxpbmcgbGlzdA0K Q2FjYW9AaWV0Zi5vcmc8bWFpbHRvOkNhY2FvQGlldGYub3JnPg0KaHR0cHM6Ly93d3cuaWV0Zi5v cmcvbWFpbG1hbi9saXN0aW5mby9jYWNhbw0KDQoNCi0tDQoNCkJlc3QgcmVnYXJkcywNCkthdGhs ZWVuDQo= --_000_b3672d91906448109433c6c5ef857b51SVRM2EX2K13N05hscoopch_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 SGVsdmV0aWNhOw0KCXBhbm9zZS0xOjIgMTEgNiA0IDIgMiAyIDIgMiA0O30NCkBmb250LWZhY2UN Cgl7Zm9udC1mYW1pbHk6IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAz IDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAx NSA1IDIgMiAyIDQgMyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpWZXJkYW5hOw0K CXBhbm9zZS0xOjIgMTEgNiA0IDMgNSA0IDQgMiA0O30NCi8qIFN0eWxlIERlZmluaXRpb25zICov DQpwLk1zb05vcm1hbCwgbGkuTXNvTm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21hcmdpbjowaW47 DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1p bHk6IlRpbWVzIE5ldyBSb21hbiIsc2VyaWY7fQ0KYTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0K CXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246 dW5kZXJsaW5lO30NCmE6dmlzaXRlZCwgc3Bhbi5Nc29IeXBlcmxpbmtGb2xsb3dlZA0KCXttc28t c3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6cHVycGxlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRl cmxpbmU7fQ0Kc3Bhbi5tLTI0MjI4NjEyMzY3NjI2NDUwODZhcHBsZS1zdHlsZS1zcGFuDQoJe21z by1zdHlsZS1uYW1lOm1fLTI0MjI4NjEyMzY3NjI2NDUwODZhcHBsZS1zdHlsZS1zcGFuO30NCnNw YW4ubS0yNDIyODYxMjM2NzYyNjQ1MDg2YXBwbGUtdGFiLXNwYW4NCgl7bXNvLXN0eWxlLW5hbWU6 bV8tMjQyMjg2MTIzNjc2MjY0NTA4NmFwcGxlLXRhYi1zcGFuO30NCnNwYW4uRW1haWxTdHlsZTE5 DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsLXJlcGx5Ow0KCWZvbnQtZmFtaWx5OiJBcmlhbCIs c2Fucy1zZXJpZjsNCgljb2xvcjojMDA3MEMwOw0KCWZvbnQtd2VpZ2h0Om5vcm1hbDsNCglmb250 LXN0eWxlOm5vcm1hbDsNCgl0ZXh0LWRlY29yYXRpb246bm9uZSBub25lO30NCi5Nc29DaHBEZWZh dWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJp IixzYW5zLXNlcmlmOw0KCW1zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTO30NCkBwYWdlIFdvcmRT ZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJnaW46NzAuODVwdCA3MC44NXB0IDU2 LjdwdCA3MC44NXB0O30NCmRpdi5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0K LS0+PC9zdHlsZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpl eHQ9ImVkaXQiIHNwaWRtYXg9IjEwMjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0 ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6 ZXh0PSJlZGl0IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0t Pg0KPC9oZWFkPg0KPGJvZHkgbGFuZz0iREUtQ0giIGxpbms9ImJsdWUiIHZsaW5rPSJwdXJwbGUi Pg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rpb24xIj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu IHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNh bnMtc2VyaWY7Y29sb3I6IzAwNzBDMDttc28tZmFyZWFzdC1sYW5ndWFnZTpFTi1VUyI+SGk8bzpw PjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9u dC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2Nv bG9yOiMwMDcwQzA7bXNvLWZhcmVhc3QtbGFuZ3VhZ2U6RU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHls ZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNl cmlmO2NvbG9yOiMwMDcwQzA7bXNvLWZhcmVhc3QtbGFuZ3VhZ2U6RU4tVVMiPkkgYWdyZWUgdGhh dCBhIGdhcCBhbmFseXNpcyB3b3VsZCBiZSBncmVhdCwgYnV0IEkgcmVhZCB0aGlzIGRpc2N1c3Np b24gYXMgJnF1b3Q7aW5jbHVkZSB0aGlzIGluIHRoZSBkb2N1bWVudCB0aGF0IHByb3Bvc2VzIGEN CiBuZXcgYXBwcm9hY2gmcXVvdDsuIElmIEkgcmVhZCB0aGF0IGNvcnJlY3RseSwgSSB3b3VsZCBw cm9wb3NlIHRvIHNwbGl0IHRoYXQgb3V0IGludG8gdHdvIGRvY3VtZW50cy4gVGhlIHJlYXNvbiBp cyB0aGF0IHRoaXMgc291bmRzIGxpa2UgYSBodWdlIG1vbnN0ZXIgZG9jdW1lbnQsIG5vYm9keSBj YW4gZGlnZXN0IGFueW1vcmUuIEkgdGhpbmsgaXQgd291bGQgYmUgdmFsdWFibGUgdG8gaGF2ZSBh IGdhcCBhbmFseXNpcyAvIG1vdGl2YXRpb24gdHlwZSBvZg0KIGRvY3VtZW50IGFuZCB0aGVuIGFu b3RoZXIgb25lIChvciBzZXZlcmFsIG90aGVyIG9uZXMpIGRlc2NyaWJpbmcgdGhlIG5ldyBhcHBy b2FjaC48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBs YW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJp YWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVO LVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1 b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1 YWdlOkVOLVVTIj5iZXN0IHJlZ2FyZHM8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1m YXJlYXN0LWxhbmd1YWdlOkVOLVVTIj5DYXJvbGluPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTAu MHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzAwNzBD MDttc28tZmFyZWFzdC1sYW5ndWFnZTpFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9w Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250 LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+ RnJvbTo8L3NwYW4+PC9iPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBw dDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWYiPiBDYWNhbyBbbWFp bHRvOmNhY2FvLWJvdW5jZXNAaWV0Zi5vcmddDQo8Yj5PbiBCZWhhbGYgT2YgPC9iPkthdGhsZWVu IE1vcmlhcnR5PGJyPg0KPGI+U2VudDo8L2I+IFR1ZXNkYXksIFNlcHRlbWJlciAxOCwgMjAxOCA0 OjEyIEFNPGJyPg0KPGI+VG86PC9iPiBCcmV0IEpvcmRhbiAmbHQ7am9yZGFuLmlldGZAZ21haWwu Y29tJmd0Ozxicj4NCjxiPkNjOjwvYj4gQmFycnkgR3JlZW5lICZsdDtiYXJyeXJncmVlbmVAZ21h aWwuY29tJmd0OzsgY2FjYW9AaWV0Zi5vcmc8YnI+DQo8Yj5TdWJqZWN0OjwvYj4gUmU6IFtDYWNh b10gQ0FDQU8gR29vZ2xlIERvYzxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PkhpIEJyZXR0LDxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxv OnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ SSBkbyB0aGluayB0aGUgZ2FwIGFuYWx5c2lzIEJhcnJ5IHN1Z2dlc3RlZCBpcyBhbiBpbXBvcnRh bnQgc3RlcCBmb3IgdGhlIGF1dGhvcnMgb2YgdGhpcyB3b3JrIHRvIHB1cnN1ZS4mbmJzcDsgVGhp cyBpcyBpbXBvcnRhbnQgZm9yIGEgZmV3IHJlYXNvbnMuJm5ic3A7IFRoZSBmaXJzdCBpcyB0aGF0 IGl0IHdpbGwgZmFtaWxpYXJpemUgeW91IHdpdGggdGhlIHByaW9yIHdvcmsuJm5ic3A7IEkga25v dyBmb3IgUklELCBpdCB3YXMgZXh0ZW5zaXZlDQogd2l0aCBtYW55IHBhcnRpY2lwYW50cy4mbmJz cDsgVGhlIGRvY3VtZW50IHdhcyBhbHNvIHJlcHVibGlzaGVkLCBzbyB0aGUgdGltZSBzcGFuIHdh cyBxdWl0ZSBhIHJhbmdlIGFzIHdlbGwgZGF0aW5nIGJhY2sgdG8gMjAwMC8xLiZuYnNwOyZuYnNw OzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNw OzwvbzpwPjwvcD4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+T24gTW9uLCBT ZXAgMTcsIDIwMTggYXQgNzo1MiBQTSBCcmV0IEpvcmRhbiAmbHQ7PGEgaHJlZj0ibWFpbHRvOmpv cmRhbi5pZXRmQGdtYWlsLmNvbSI+am9yZGFuLmlldGZAZ21haWwuY29tPC9hPiZndDsgd3JvdGU6 PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJib3JkZXI6bm9uZTti b3JkZXItbGVmdDpzb2xpZCAjQ0NDQ0NDIDEuMHB0O3BhZGRpbmc6MGluIDBpbiAwaW4gNi4wcHQ7 bWFyZ2luLWxlZnQ6NC44cHQ7bWFyZ2luLXJpZ2h0OjBpbiI+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+QmFycnksPG86cD48L286cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj5XZSB3aWxsIGJlIHdvcmtpbmcgb24gYSBsaXN0IG9mIHByb2JsZW0gYXJlYXMgdGhhdCBu ZWVkIHRvIGJlIGFkZHJlc3NlZCBhbmQgdGhlIG9yZGVyIGluIHdoaWNoIHRoZXkgbmVlZCB0byBi ZSBzb2x2ZWQuIElmIHlvdSBoYXZlIHNwZWNpZmljIGV4YW1wbGVzIG9mIGhvdyBjZXJ0YWluIGFy ZWFzIGhhdmUgYmVlbiBzb2x2ZWQgYWxyZWFkeSBhbmQgaGF2ZSBkZXNpZ24gZWxlbWVudHMgd2Ug Y291bGQgcmV1c2UsDQogcGxlYXNlIHNoYXJlIHRoZW0uJm5ic3A7IFdlIHdvdWxkIGxvdmUgdG8g cmV1c2UgYXMgbXVjaCBhcyBwb3NzaWJsZS4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K PC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4m bmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5Zb3Ug bWF5IGRpc2NvdmVyIHRoaXMgdGhyb3VnaCB0aGUgZ2FwIGFuYWx5c2lzIHRoYXQgd2FzIHN1Z2dl c3RlZC4mbmJzcDsgQXMgYSByZXN1bHQgb2YgdGhhdCBnYXAgYW5hbHlzaXMsIGl0IHdpbGwgYmUg ZWFzaWVyIHRvIGdldCBvdGhlcnMgdG8gZW5nYWdlIGluIHlvdXIgd29yay4gRm9yIHRob3NlIG9m IHVzIHdobyBoYXZlIGRvbmUgd29yayBpbiB0aGlzIHNwYWNlLCBoYXZpbmcgdGhhdCBhY2tub3ds ZWRnZWQgYW5kDQogdGhlbiB5b3Ugc3RhdGluZyB0aGUgZ2FwIHdpbGwgaGVscCB1cyBhbGwgd29y ayB0b3dhcmQgYSBjb21tb24gb3V0cHV0LiZuYnNwOyZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9k aXY+DQo8YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0ND Q0NDQyAxLjBwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21h cmdpbi1yaWdodDowaW4iPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpw PiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkFz IEkgc3RhdGVkIGluIGdvYWwgbnVtYmVycyAyLCAzLCBhbmQgNSwgd2UgbmVlZCB0byBlbnN1cmUg dGhhdCB0aGlzIGNvbW11bml0eSBoYXMgdGhlIHJpZ2h0IHBlb3BsZSBpbiBpdCwgdG8gZW5zdXJl IHdpZGUgc3ByZWFkIGFkb3B0aW9uLiBJZiB0aGlzIGNvbW11bml0eSBkb2VzIG5vdCBoYXZlIHRo ZSByaWdodCBwZW9wbGUsIHRoZW4gd2UgbmVlZCB0byBlaXRoZXIgcmVjcnVpdCB0aGVtIGFuZCBi cmluZyB0aGVtDQogaW4gdG8gdGhpcyBjb21tdW5pdHkgb3IgbG9vayBmb3IgdGhlIHJpZ2h0IGNv bW11bml0eS4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVv dGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8 L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5JIHRoaW5rIHRocm91Z2ggdGhlIGdh cCBhbmFseXNpcywgeW91J2xsIHNlZSB0aGUgcHJpb3Igd29yayBhbmQgSSB0aGluayB3aWxsIGZp bmQgdGhlIElFVEYgaXMgdGhlIHJpZ2h0IHBsYWNlLiZuYnNwOyBJdCB3aWxsIGJlIGVhc2llciB0 byBlbmdhZ2UgcHJpb3IgYXV0aG9ycyByYXRoZXIgdGhhbiBhc2tpbmcgdGhlbSB0byBkbyB0aGUg YW5hbHlzaXMgYWdhaW5zdCB5b3VyIG5ldyBlZmZvcnQuIEl0J3MganVzdCB0aGUNCiB1c3VhbCBw YXR0ZXJuIHdlIGFyZSBhY2N1c3RvbWVkIHRvIHdvcmtpbmcgaW4uIElmIHlvdSBsb29rIGJhY2sg YXQgdGhlIFNBQ00gQm9GIGZvciBpbnN0YW5jZSwgeW91J2xsIHNlZSBhIGdhcCBhbmFseXNpcyB3 YXMgcmVxdWVzdGVkIGFnYWluc3Qgc2V2ZXJhbCBzdGFuZGFyZHMgaW5jbHVkaW5nIFlBTkcgYW5k IE5FQSBhbW9uZyBvdGhlcnMuJm5ic3A7Jm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0K PGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkkgYW0gZ3Vlc3NpbmcgdGhyb3VnaCB0aGF0IHdv cmsgd2UgbWF5IGZpZ3VyZSBvdXQgdGhhdCB0aGlzIGJlbG9uZ3MgaW4gTUlMRSwgYnV0IGNvdWxk IGJlIHdyb25nIGFuZCB0aGUgYW5hbHlzaXMgc3VnZ2VzdGVkIHdpbGwgaGVscCB3aXRoIHRoYXQg ZGV0ZXJtaW5hdGlvbi48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+VGhpcyB3b3JrIGNvdWxkIGJlIHZlcnkgaW1wb3J0YW50IGFuZCBJJ2QgbGlr ZSB0byBzZWUgdGhlIG91dHB1dHMgb2YgdGhhdCBhbmFseXNpcy4mbmJzcDsgSSBzdXNwZWN0IG90 aGVycyB3aG8gaGVscGVkIG9uIHByaW9yIGVmZm9ydHMgd291bGQgYXMgd2VsbC4mbmJzcDsgVGhh bmsgeW91LjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj5CZXN0IHJlZ2FyZHMsPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj5LYXRobGVlbjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxibG9ja3F1 b3RlIHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItbGVmdDpzb2xpZCAjQ0NDQ0NDIDEuMHB0O3Bh ZGRpbmc6MGluIDBpbiAwaW4gNi4wcHQ7bWFyZ2luLWxlZnQ6NC44cHQ7bWFyZ2luLXJpZ2h0OjBp biI+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+SSBhZ3JlZSB0aGF0IHRo ZXJlIGFyZSBmYXIgdG9vIG1hbnkgc3RhbmRhcmRzIGNyZWF0ZWQgdGhhdCBuZXZlciBnZXQgaW1w bGVtZW50ZWQuIFRoaXMgaXMgd2h5IEkgYWxzbyBjYWxsZWQgb3V0IHRoZSBpdGVtcyBpbiBnb2Fs IG51bWJlciA1IGFuZCB3aHkgd2UgaGF2ZSByZWNydWl0ZWQgdGhlIGF1dGhvcnMgYW5kIGNvbnRy aWJ1dG9ycyB0aGF0IHdlIGhhdmUuJm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRp dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxk aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gY2xhc3M9Im0tMjQyMjg2MTIz Njc2MjY0NTA4NmFwcGxlLXN0eWxlLXNwYW4iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0 O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNr Ij5UaGFua3MsPC9zcGFuPjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250 LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+PG86 cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PHNwYW4gY2xhc3M9Im0tMjQyMjg2MTIzNjc2MjY0NTA4NmFwcGxlLXN0eWxlLXNwYW4iPjxzcGFu IHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90 OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5CcmV0PC9zcGFuPjwvc3Bhbj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssc2Fucy1z ZXJpZjtjb2xvcjpibGFjayI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0 eWxlPSJmb250LXNpemU6OC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VmVyZGFuYSZxdW90OyxzYW5z LXNlcmlmO2NvbG9yOiM3QzdDN0MiPlBHUCBGaW5nZXJwcmludDombmJzcDs2M0I0IEZDNTMgNjgw QSA2QjdEIDE0NDcgJm5ic3A7RjJDMCA3NEY4IEFDQUUgNzQxNSAwMDUwPC9zcGFuPjxzcGFuIHN0 eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90Oyxz YW5zLXNlcmlmO2NvbG9yOmJsYWNrIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjguMHB0O2Zv bnQtZmFtaWx5OiZxdW90O1ZlcmRhbmEmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojN0M3QzdDIj4m cXVvdDtXaXRob3V0IGNyeXB0b2dyYXBoeSB2aWh2IHZpdmMgY2UgeGhybnJ3LCBob3dldmVyLCB0 aGUgb25seSB0aGluZyB0aGF0IGNhbiBub3QgYmUgdW5zY3JhbWJsZWQgaXMgYW4gZWdnLiZxdW90 Ozwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtI ZWx2ZXRpY2EmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+PG86cD48L286cD48L3NwYW4+ PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGJyPg0KPGJyPg0KPG86cD48L286cD48 L3A+DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9tOjUu MHB0Ij4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5PbiBTZXAgMTcsIDIwMTgsIGF0IDU6 MzcgUE0sIEJhcnJ5IEdyZWVuZSAmbHQ7PGEgaHJlZj0ibWFpbHRvOmJhcnJ5cmdyZWVuZUBnbWFp bC5jb20iIHRhcmdldD0iX2JsYW5rIj5iYXJyeXJncmVlbmVAZ21haWwuY29tPC9hPiZndDsgd3Jv dGU6PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5i c3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ SGkgQnJldCw8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+SSByZWFkIHRoZSBpbml0aWFsIGRyYWZ0LiBJdCBpcyBhbiBhc3NlcnRpb24gb2YgYSBn YXAgd2l0aG91dCBhIHF1YW50aXRhdGl2ZSByZXZpZXcgdGhhdCB0aGVyZSBpcyBhIGdhcC4mbmJz cDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxv OnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ SSBoYXRlIHdhc3RpbmcgdGltZSBpbiB0aGUgSUVURiB3b3JraW5nIG9uIGlkZWEgdGhhdCBubyB3 YXkgdG8gZ2FpbiBvcGVyYXRpb25hbCB0cmFjdGlvbi4gVGhpcyBzcGFjZSBpcyBvdmVybG9hZGVk IHdpdGggcGFzdCBlZmZvcnRzLiBMZXRzIGxlYXJuIHdoeSB0aGV5IGRpZCBub3QgZGVwbG95LCBm aW5kIHRoZSBnYXBzLCB0aGVuIHByb2NlZWQgd2l0aCBuZXcgd29yay48bzpwPjwvbzpwPjwvcD4N CjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+QmFycnk8bzpwPjwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90 dG9tOjEyLjBwdCI+PGJyPg0KT24gU2VwIDE4LCAyMDE4LCBhdCAwNzoyMywgQnJldCBKb3JkYW4g Jmx0OzxhIGhyZWY9Im1haWx0bzpqb3JkYW4uaWV0ZkBnbWFpbC5jb20iIHRhcmdldD0iX2JsYW5r Ij5qb3JkYW4uaWV0ZkBnbWFpbC5jb208L2E+Jmd0OyB3cm90ZTo8bzpwPjwvbzpwPjwvcD4NCjwv ZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9Im1hcmdpbi10b3A6NS4wcHQ7bWFyZ2luLWJvdHRvbTo1 LjBwdCI+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+QmFycnksPG86cD48L286cD48L3A+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rp dj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5UaGFua3MgZm9yIHRoZSBlbWFpbC4gQXMg d2Ugc3RhdGVkIGluIG91ciBpbml0aWFsIGRyYWZ0IGRvY3VtZW504oCmPG86cD48L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPuKAnFdoaWxlIG1hbnkgYXR0 ZW1wdHMgaGF2ZSBiZWVuIG1hZGUgb3ZlciB0aGUgeWVhcnMgaW4gdGhlIElFVEYgYW5kIG90aGVy IFNET3MgdG8gYWRkcmVzcyBjZXJ0YWluIGVsZW1lbnRzIG9mIHRoaXMgcHJvYmxlbSBzcGFjZSwg dGhlcmUgaXMgY3VycmVudGx5IG5vIGNvbnNvbGlkYXRlZCBhbmQgc3RhbmRhcmRpemVkIGxhbmd1 YWdlIG9yIG1lYW5zIHRoYXQgd291bGQgYWxsb3cgY3liZXIgYWN0aW9ucyB0byBiZQ0KIGF1dG9t YXRpY2FsbHkgY29vcmRpbmF0ZWQsIHNlcXVlbmNlZCwgcHJvY2Vzc2VkIGFuZCBzaGFyZWQgdG8g ZW5hYmxlIGN5YmVyIGRlZmVuZGVycyB0byByZXNwb25kIGluIG1hY2hpbmUgcmVsZXZhbnQgdGlt ZS4gU29tZSBlZmZvcnRzIHN1Y2ggYXMgQlBNTiBoYXZlIHRyYWRpdGlvbmFsbHkgZm9jdXNlZCBv biBoaWdoZXItbGV2ZWwgbm9uLWN5YmVyIGNvbnN0cnVjdHMgZm9yIHByb2Nlc3MgZGVmaW5pdGlv biwgYW5kIG90aGVyIGVmZm9ydHMgbGlrZQ0KIE9wZW5DMiBoYXZlIGZvY3VzZWQgcHVyZWx5IG9u IGF0b21pYyBhY3Rpb25zLCBidXQgbm9uZSBoYXZlIGZvY3VzZWQgb24gdGhlIG92ZXJsYXkgcHJv Y2Vzc2VzIHJlcXVpcmVkIGZvciB0aGlzIHRvIGJlIHVzZWQgaW4gYSBicm9hZGVyIGN5YmVyIHNl Y3VyaXR5IHJlc3BvbnNlIHVzZSBjYXNlLuKAnTxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5BcyB3ZSB3b3JrIHRocm91Z2ggYW5kIGNhbGwgb3V0 IHRoZSBwcm9ibGVtIHNwYWNlcyB0aGF0IG5lZWQgdG8gYmUgYWRkcmVzc2VkLCBJIHdvdWxkIGhv cGUgdGhhdCB0aG9zZSBvZiB5b3UgdGhhdCBhcmUgaW50ZXJlc3RlZCBpbiB0aGlzIHdvcmsgd2ls bCBwb2ludCB1cyB0byBzcGVjaWZpYyBlbGVtZW50cyBhbmQgc3BlY2lmaWMgcGFydHMgb2YgZXhp c3Rpbmcgd29yayB0aGF0IHdlIGNhbiB1c2Ugb3IgcmV1c2UuDQogQWxzbyBhcyB3ZSBjYWxsZWQg b3V0IGluIHRoZSBkcmFmdCwgaXQgaXMgY3JpdGljYWwgdGhhdCB0aGlzIHdvcmsgdGllcyBpbiBu aWNlbHkgd2l0aCBTVElYIGFuZCBUQVhJSSBiYXNlZCBDeWJlciBUaHJlYXQgSW50ZWxsaWdlbmNl LjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86 cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5U aGUgcmVhc29uIHdlIGFyZSBsb29raW5nIHRvIHN0YXJ0IHNvbWUgd29yayBoZXJlIGluIHRoZSBJ RVRGLCBpcyB3ZSBmZWVsIGxpa2UgdGhpcyB2ZW51ZSBtaWdodCBiZSBhIGdvb2QgcGxhY2UgZ2l2 ZW4gdGhlIHByb2JsZW1zIHdlIG5lZWQgdG8gc29sdmUgYW5kIGhvdyBzb21lIGdyb3VwcyBsaWtl IFNVSVQgaGF2ZSBzaW1pbGFyIHByb2JsZW1zIHRoZXkgYXJlIHRyeWluZyB0byBzb2x2ZS4gSG93 ZXZlciwgaWYNCiB0aGlzIGNvbW11bml0eSBkb2VzIG5vdCBhZ3JlZSB0aGF0IHRoaXMgd29yayBz aG91bGQgYmUgZG9uZSBoZXJlLCB0aGF0IGluZm9ybWF0aW9uIGlzIGFsc28gdmFsdWFibGUuPG86 cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZu YnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+ Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+T3Vy IGhpZ2ggbGV2ZWwgaW5pdGlhbCBnb2FscyBhcmUgKEkgd291bGQgYmUgY3VyaW91cyB0byBrbm93 IGlmIHRoaXMgY29tbXVuaXR5IHN1cHBvcnRzIHRoZXNlKTo8bzpwPjwvbzpwPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+MSkgSWRlbnRpZnkgYWxsIG9mIHRoZSBw cm9ibGVtIGFyZWFzIHRoYXQgbmVlZCB0byBiZSBzb2x2ZWQgZm9yIHRoaXMgdG8gYWN0dWFsbHkg d29yayBpbiBwcmFjdGljZS4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+MikgVmVyaWZ5IHRoYXQgdGhlIElFVEYgaXMgdGhlIHJpZ2h0 IFNETyBpbiB3aGljaCB0byBkbyB0aGlzIHdvcms8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRp dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPmEpIERvIHdlIGhhdmUmbmJzcDtjcml0aWNhbCBtYXNz PzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Yikg RG8gd2UgaGF2ZSB0aGUgcmlnaHQgcGVvcGxlLCB2ZW5kb3JzLCBhbmFseXN0cywgU09DIGVuZ2lu ZWVycz88bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PmMpIFdoYXQgaXMgdGhlIHRlbXBlcmFtZW50IG9mIHRoaXMgY29tbXVuaXR5IGZvciB0aGlzIGtp bmQgb2Ygd29yaz88bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPmQpIENhbiB3ZSBkbyBhIEJhciBCT0YgaW4gQmFuZ2tvayB0byBnYXVnZSB0aGUgY29t bXVuaXR5PzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+ZSkgSWYgdGhlIGNvbW11bml0eSBpcyBzdXBwb3J0aXZlLCB3b3VsZCBhIFdHIGZvcm1pbmcg Qk9GIGJlIGFuIG9wdGlvbiBpbiBQcmFndWU/PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRp dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjMpIEVuc3VyZSB3ZSBoYXZlIG11bHRpcGxlIHZlbmRv cnMgYW5kIGluZHVzdHJ5IGFuYWx5c3RzIGZyb20gbGFyZ2UgU09DcyBpbnZvbHZlZCB0byBoZWxw IGVuc3VyZSB0aGF0IGFueSBzcGVjaWZpY2F0aW9uIHdlIHByb2R1Y2UgY2FuIGJlIHVzZWQgYW5k IGltcGxlbWVudGVkIGVuIG1hc3MuPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjQpIFN5c3RlbWF0aWNhbGx5IHdvcmsgb3VyIHdheSBkb3duIHRo ZSBsaXN0IG9mIHByb2JsZW0gc3BhY2VzIGFuZCBsb29rIGZvciBzb2x1dGlvbnMgKHRha2luZyBp bnB1dCBmcm9tIGV4aXN0aW5nIHdvcmsgd2hlcmUgcG9zc2libGUpLiBMb29rIHRvIGhhdmluZyBv dXIgZmlyc3QgaW1wbGVtZW50YWJsZSBkcmFmdCB3aXRoaW4gNiBtb250aHMgb2YgZ2V0dGluZyBh IFdHIGZvcm1lZC4gUmVsZWFzZSBpdGVyYXRpdmUNCiBkcmFmdCByZWxlYXNlcyBldmVyeSBmZXcg bW9udGhzIGFzIHdlIGZsZXNoIG91dCBtb3JlIG9mIHRoZSBwcm9ibGVtIHNwYWNlLjxvOnA+PC9v OnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8 L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj41KSBQcm9kdWNl IGEgc3BlY2lmaWNhdGlvbiBhbmQgZGF0YSBtb2RlbCBmb3IgSlNPTiAoYW5kIENCT1IpIGFsb25n IHdpdGggaW1wbGVtZW50YXRpb24gZ3VpZGVzLCBpbnRlcm9wZXJhYmlsaXR5IGd1aWRlcywgcHJv b2Ygb2YgY29uY2VwdHMsIGFuZCBvdGhlciBjb250ZW50IG5lZWRlZCB0byBlbnN1cmUgc3VjY2Vz c2Z1bCBhbmQgcmFwaWQgYWRvcHRpbmcgYWNyb3NzIHRoZSBtYXJrZXQuPG86cD48L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286 cD48L3A+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBj bGFzcz0ibS0yNDIyODYxMjM2NzYyNjQ1MDg2YXBwbGUtc3R5bGUtc3BhbiI+PHNwYW4gc3R5bGU9 ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LHNhbnMt c2VyaWYiPlRoYW5rcyw8L3NwYW4+PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0 O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPjwvbzpw Pjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBj bGFzcz0ibS0yNDIyODYxMjM2NzYyNjQ1MDg2YXBwbGUtc3R5bGUtc3BhbiI+PHNwYW4gc3R5bGU9 ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LHNhbnMt c2VyaWYiPkJyZXQ8L3NwYW4+PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2Zv bnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPjwvbzpwPjwv c3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo4LjVwdDtmb250LWZhbWls eTomcXVvdDtWZXJkYW5hJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzdDN0M3QyI+UEdQIEZpbmdl cnByaW50OiZuYnNwOzYzQjQgRkM1MyA2ODBBIDZCN0QgMTQ0NyAmbmJzcDtGMkMwIDc0RjggQUNB RSA3NDE1IDAwNTA8L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1p bHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+PC9vOnA+PC9zcGFuPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250 LXNpemU6OC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VmVyZGFuYSZxdW90OyxzYW5zLXNlcmlmO2Nv bG9yOiM3QzdDN0MiPiZxdW90O1dpdGhvdXQgY3J5cHRvZ3JhcGh5IHZpaHYgdml2YyBjZSB4aHJu cncsIGhvd2V2ZXIsIHRoZSBvbmx5IHRoaW5nIHRoYXQgY2FuIG5vdCBiZSB1bnNjcmFtYmxlZCBp cyBhbiBlZ2cuJnF1b3Q7PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQt ZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPjwvbzpwPjwvc3Bh bj48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8 L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YnI+DQo8YnI+DQo8bzpwPjwvbzpw PjwvcD4NCjxibG9ja3F1b3RlIHN0eWxlPSJtYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1ib3R0b206 NS4wcHQiPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPk9uIFNlcCAxNywgMjAxOCwgYXQg Mzo0NiBQTSwgQmFycnkgR3JlZW5lICZsdDs8YSBocmVmPSJtYWlsdG86YmFycnlyZ3JlZW5lQGdt YWlsLmNvbSIgdGFyZ2V0PSJfYmxhbmsiPmJhcnJ5cmdyZWVuZUBnbWFpbC5jb208L2E+Jmd0OyB3 cm90ZTo8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4m bmJzcDs8L286cD48L3A+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij5IZWxsbyBCcmV0LDxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj5NeSBmaXJzdCBzdWdnZXN0aW9uIGlzIGJhY2tncm91bmQgd29yay4gV2hhdCB5 b3UgYXJlIGRvaW5nIGlzIG5vdCBuZXcuIFB1bGwgaW4gYWxsIHRoZSBwcmV2aW91cyB3b3JrLCBk ZXNjcmliZSBwcm9zL2NvbnMvZGVwbG95bWVudCwgdGhlbiBnZXQgaW50byB0aGUgZ2FwcyB3aGlj aCBDQUNBTyBzZWVrcyB0byBmaWxsLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj5Gb3IgZXhhbXBsZSwmbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwv ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0K PC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+LSB3YWxrIHRocm91Z2ggSU9ERUYg KElFVEYpIGFuZCBleHBsYWluIHByb3MsIGNvbnMsIGxpbWl0YXRpb25zLCBhbmQgaG93IENBQ0FP IHdvdWxkIGJlIGRpZmZlcmVudC48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPi0gV2FsayB0aHJvdWdoIFNUSVggYW5kIGRvIHRoZSBzYW1lPG86cD48 L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4tIFdhbGsgdGhy b3VnaCBET1RzIGFuZCBleHBsYWluIHdoeSB3ZSBjb3VsZCBub3QgdXNlIERPVFMgYXMgaXQgaXMg dG9kYXkgKHdpdGggYW4gdXBkYXRlIHRvIHRoZSBzY2hlbWEpLiZuYnNwOzxvOnA+PC9vOnA+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48 L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5CYXJyeTxvOnA+PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1i b3R0b206MTIuMHB0Ij48YnI+DQpPbiBTZXAgMTgsIDIwMTgsIGF0IDAwOjAzLCBCcmV0IEpvcmRh biAmbHQ7PGEgaHJlZj0ibWFpbHRvOmpvcmRhbi5pZXRmQGdtYWlsLmNvbSIgdGFyZ2V0PSJfYmxh bmsiPmpvcmRhbi5pZXRmQGdtYWlsLmNvbTwvYT4mZ3Q7IHdyb3RlOjxvOnA+PC9vOnA+PC9wPg0K PC9kaXY+DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9t OjUuMHB0Ij4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+QWxsLDxvOnA+PC9v OnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8 L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5BcyBJIG1lbnRp b25lZCBpbiBteSBXZWxjb21lIG1lc3NhZ2UgbGFzdCB3ZWVrLCB3ZSBwbGFuIHRvIHVzZSBHb29n bGUgRG9jcyB0byB0cmFjayBhbGwgY29tbWVudHMgYW5kIHN1Z2dlc3Rpb25zIHRvIHRoaXMgZHJh ZnQgYW5kIGFueSBvdGhlciBkcmFmdHMgdGhhdCB3ZSB3cml0ZSBmb3IgdGhpcyB3b3JrLiBUaGUg cmVhZC1vbmx5IGxpbmsgZm9yIHRoaXMgd29yayBjYW4gYmUgZm91bmQgaGVyZTo8bzpwPjwvbzpw PjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9v OnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGEgaHJlZj0iaHR0 cHM6Ly9kb2NzLmdvb2dsZS5jb20vZG9jdW1lbnQvZC8xWWx1dUVJdi1TUkVJMWkzQkhDMldwOHZu dnBVT3VPWmhiZnl3aVVTbjJ0SS9lZGl0IiB0YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly9kb2NzLmdv b2dsZS5jb20vZG9jdW1lbnQvZC8xWWx1dUVJdi1TUkVJMWkzQkhDMldwOHZudnBVT3VPWmhiZnl3 aVVTbjJ0SS9lZGl0IzwvYT48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+SWYgeW91IHdhbnQgdG8gc2VlIGNvbW1lbnRzIGFuZCBzdWdnZXN0aW9u cyB0aGF0IGFyZSBiZWluZyBwcm9wb3NlZCwgb3IgaWYgeW91IHdhbnQgdG8gYWRkIHlvdXIgb3du IGNvbW1lbnRzIGFuZCBzdWdnZXN0aW9uLCBwbGVhc2UgcmVxdWVzdCBhY2Nlc3MgZnJvbSB3aXRo aW4gdGhlIEdvb2dsZSBEb2NzIGl0c2VsZi4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K PGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rp dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxk aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gY2xhc3M9Im0tMjQyMjg2MTIz Njc2MjY0NTA4NmFwcGxlLXN0eWxlLXNwYW4iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0 O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OyxzYW5zLXNlcmlmIj5UaGFua3MsPC9z cGFuPjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVv dDtIZWx2ZXRpY2EmcXVvdDssc2Fucy1zZXJpZiI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gY2xhc3M9Im0tMjQyMjg2MTIz Njc2MjY0NTA4NmFwcGxlLXN0eWxlLXNwYW4iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0 O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGljYSZxdW90OyxzYW5zLXNlcmlmIj5CcmV0PC9zcGFu Pjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtI ZWx2ZXRpY2EmcXVvdDssc2Fucy1zZXJpZiI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+ DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIHN0eWxlPSJmb250LXNpemU6OC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VmVyZGFuYSZx dW90OyxzYW5zLXNlcmlmO2NvbG9yOiM3QzdDN0MiPlBHUCBGaW5nZXJwcmludDombmJzcDs2M0I0 IEZDNTMgNjgwQSA2QjdEIDE0NDcgJm5ic3A7RjJDMCA3NEY4IEFDQUUgNzQxNSAwMDUwPC9zcGFu PjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0hlbHZldGlj YSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjguMHB0O2ZvbnQt ZmFtaWx5OiZxdW90O1ZlcmRhbmEmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojN0M3QzdDIj4mcXVv dDtXaXRob3V0IGNyeXB0b2dyYXBoeSB2aWh2IHZpdmMgY2UgeGhybnJ3LCBob3dldmVyLCB0aGUg b25seSB0aGluZyB0aGF0IGNhbiBub3QgYmUgdW5zY3JhbWJsZWQgaXMgYW4gZWdnLiZxdW90Ozwv c3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtIZWx2 ZXRpY2EmcXVvdDssc2Fucy1zZXJpZiI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8 L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0K PGJsb2NrcXVvdGUgc3R5bGU9Im1hcmdpbi10b3A6NS4wcHQ7bWFyZ2luLWJvdHRvbTo1LjBwdCI+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+LS0gPGJyPg0KQ2FjYW8gbWFpbGluZyBsaXN0 PGJyPg0KPGEgaHJlZj0ibWFpbHRvOkNhY2FvQGlldGYub3JnIiB0YXJnZXQ9Il9ibGFuayI+Q2Fj YW9AaWV0Zi5vcmc8L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1h bi9saXN0aW5mby9jYWNhbyIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3LmlldGYub3JnL21h aWxtYW4vbGlzdGluZm8vY2FjYW88L2E+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvYmxvY2tx dW90ZT4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYmxvY2tx dW90ZT4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPi0tIDxicj4NCkNhY2FvIG1haWxpbmcgbGlzdDxicj4NCjxhIGhyZWY9Im1h aWx0bzpDYWNhb0BpZXRmLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPkNhY2FvQGlldGYub3JnPC9hPjxi cj4NCjxhIGhyZWY9Imh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vY2FjYW8i IHRhcmdldD0iX2JsYW5rIj5odHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2Nh Y2FvPC9hPjxvOnA+PC9vOnA+PC9wPg0KPC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48YnIgY2xlYXI9ImFsbCI+DQo8bzpwPjwvbzpwPjwvcD4NCjxkaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+LS0gPG86cD48L286cD48L3A+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPkJlc3QgcmVnYXJkcyw8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPkthdGhsZWVuPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9k aXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_b3672d91906448109433c6c5ef857b51SVRM2EX2K13N05hscoopch_-- From nobody Tue Sep 18 00:50:09 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8731F1286E3 for ; Tue, 18 Sep 2018 00:50:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.898 X-Spam-Level: X-Spam-Status: No, score=-6.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3E7EnZXTI5i4 for ; Tue, 18 Sep 2018 00:50:05 -0700 (PDT) Received: from svripmail1.coop.ch (mail20.coop.ch [194.11.167.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E6F7127AC2 for ; Tue, 18 Sep 2018 00:50:04 -0700 (PDT) Received: from svrm2ex2k13n03.hs.coop.ch ([10.5.39.71]) by svripmail1.coop.ch with ESMTP/TLS/AES256-SHA; 18 Sep 2018 09:50:02 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch (10.5.39.75) by svrm2ex2k13n03.hs.coop.ch (10.5.39.71) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Tue, 18 Sep 2018 09:50:02 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4]) by SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4%22]) with mapi id 15.00.1365.000; Tue, 18 Sep 2018 09:50:02 +0200 From: To: , , Thread-Topic: [Cacao] Other thoughts Thread-Index: AQHUTuZbBXOpkB4BdkiEprW8WtoquaT1LSkAgAB9QXA= Date: Tue, 18 Sep 2018 07:50:02 +0000 Message-ID: <20f05ea185424c159e4422046e5fc6d8@SVRM2EX2K13N05.hs.coop.ch> References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> In-Reply-To: Accept-Language: de-DE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.105.10.52] Content-Type: multipart/alternative; boundary="_000_20f05ea185424c159e4422046e5fc6d8SVRM2EX2K13N05hscoopch_" MIME-Version: 1.0 Archived-At: Subject: Re: [Cacao] Other thoughts X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 07:50:07 -0000 --_000_20f05ea185424c159e4422046e5fc6d8SVRM2EX2K13N05hscoopch_ Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: base64 SGkgUWluDQoNCkkgdGhpbmsgd2Ugc2hvdWxkIG5vdCBtYWtlIHRoaXMgdG9vIGJpZywgb3RoZXJ3 aXNlIGl0IHdpbGwgYmUgaGFyZGVyIHRvIGltcGxlbWVudC4gSnVzdCBteSA1IGNlbnRzDQoNCmJl c3QgcmVnYXJkcw0KQ2Fyb2xpbg0KDQpGcm9tOiBDYWNhbyBbbWFpbHRvOmNhY2FvLWJvdW5jZXNA aWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBRaW4gV3UNClNlbnQ6IFR1ZXNkYXksIFNlcHRlbWJlciAx OCwgMjAxOCA0OjIxIEFNDQpUbzogQnJldCBKb3JkYW4gPGpvcmRhbi5pZXRmQGdtYWlsLmNvbT47 IGNhY2FvQGlldGYub3JnDQpTdWJqZWN0OiBSZTogW0NhY2FvXSBPdGhlciB0aG91Z2h0cw0KDQpJ bnRlcmVzdGluZyBpZGVhLCBJIGFtIHdvbmRlcmluZyB3aHkgdGhpcyBpZGVhIGlzIHJlc3RyaWN0 ZWQgdG8gY3liZXIgc2VjdXJpdHkgc2NlbmFyaW9zLCAgSSB0aGluayBpdCBpcyBhbHNvIGFwcGxp Y2FibGUgdG8gVlBOIHNlcnZpY2UgZGVsaXZlcnkgc2NlbmFyaW8sDQoNClRoZSBlc3NlbmNlIG9m IHRoaXMgaWRlYSBpcyB3b3JrIGZsb3cgbWFuYWdlbWVudCwgcHJvY2VzcyBtYW5hZ2VtZW50LCBh Y3Rpdml0eSBtYW5hZ2VtZW50LCBzbyB5b3Ugb3JnYW5pemUgYSBzZXF1ZW5jZSBvZiBwcm9jZXNz IG9yIHRhc2tzIHVzaW5nDQpXb3JrIGZsb3cgdGVtcGxhdGUsIHNvIHlvdSBjYW4gc2V0dXAgaXQg YXMgYSBzaXR1YXRpb24sIG1vbml0b3JpbmcgaXQsIG9wdGltaXplZCBpdC4NCg0KSW4gVlBOIHNl cnZpY2UgZGVsaXZlcnkgc2NlbmFyaW8sIEkgY2FuIGRlZmluZSBOZXR3b3JrIGNvbm5lY3Rpdml0 eSBzZXR1cCBhcw0KYSBFdmVudCwgSW4gdGhpcyBldmVudCwgdGhlIG1hbmFnZWQgb2JqZWN0IGlz IG5ldHdvcmsgY29ubmVjdGl2aXR5LCB3aGVuIG5ldHdvcmsgY29ubmVjdGl2aXR5IGdldHMgc2V0 dXAsIEl0IHdpbGwgdHJpZ2dlciBhbm90aGVyIGV2ZW50LCBpLmUuLCBjb25uZWN0aXZpdHkgc2Vy dmljZSBwZXJmb3JtYW5jZQ0KbW9uaXRvcmluZywgd2hlbiBuZXR3b3JrIHBlcmZvcm1hbmNlIHBh cmFtZXRlciBzdWNoIGFzIGRlbGF5IG9yIHBhY2tldCBsb3NzIGV4Y2VlZCBzb21lIHRocmVzaG9s ZCwgSXQgY2FuIHRyaWdnZXIgYW5vdGhlciBldmVudCBvciBhY3Rpb24sIHRvIHBlcmZvcm0gbmV0 d29yayBvcHRpbWl6YXRpb24uDQoNClNvIHdoYXQgSSBsaWtlIHRvIHNlZSBhIGN1cnJlbnQgZXZl bnQgdHJpZ2dlcmluZyBhbm90aGVyIGV4dGVybmFsIGV2ZW50LCBhY3Rpb24gYW5kIG1hbmFnZWQg b2JqZWN0IGlzIHBhcnQgb2YgZXZlbnQsIGluIFZQTiBzZXJ2aWNlIGRlbGl2ZXJ5IHNjZW5hcmlv LCB3ZQ0KQ2FuIGVzdGFibGlzaCBjb25uZWN0aW9uIGJldHdlZW4gbmV0d29yayBzZXJ2aWNlIG1v bml0b3JpbmcgYW5kIG5ldHdvcmsgc2VydmljZSBwcm92aXNpb24gYW5kIHRoZXJlZm9yZSB3ZSBj YW4gaGF2ZSBmdWxsIGxpZmVjeWNsZSAgbWFuYWdlbWVudCBvbiBWUE4gc2VydmljZSwgYXV0b21h dGUNCk5ldHdvcmsgbWFuYWdlbWVudC4gSSB0aGluayBvcGVyYXRpb24gYXJlYSBkZWZpbml0ZWx5 IHRoaXMgY2FwYWJpbGl0eSwgZnVuY3Rpb24sIHJpZ2h0IG5vdyBORVRDT05GL1lBTkcgZG9lc26h r3QgcHJvdmlkZSBzdWNoIGNhcGFiaWxpdHkuDQoNCk9uZSBsaW1pdGF0aW9uIG9mIE5FVENPTkYg ZWRpdC1jb25maWcgb3BlcmF0aW9uIGlzIGRlc2NyaWJlZCBpbiBSRkM2MjQxOg0KobANCklmIHRo ZSA8ZWRpdC1jb25maWc+IG9wZXJhdGlvbiBjb250YWlucyBtdWx0aXBsZSBzdWItb3BlcmF0aW9u cw0KICAgICAgdGhhdCBhcHBseSB0byB0aGUgc2FtZSBjb25jZXB0dWFsIG5vZGUgaW4gdGhlIHVu ZGVybHlpbmcgZGF0YQ0KICAgICAgbW9kZWwsIHRoZW4gdGhlIHJlc3VsdCBvZiB0aGUgb3BlcmF0 aW9uIGlzIHVuZGVmaW5lZCAoaS5lLiwNCiAgICAgIG91dHNpZGUgdGhlIHNjb3BlIG9mIHRoZSBO RVRDT05GIHByb3RvY29sKS4NCg0KobENCkkgdGhpbmsgdGhlIHJlYXNvbiBpcyBiZWNvcyBORVRD T05GIGxhY2sgcHJvY2VzcyBtYW5hZ2VtZW50IGNhcGFiaWxpdHkuDQoNCi1RaW4NCreivP7Iyzog Q2FjYW8gW21haWx0bzpjYWNhby1ib3VuY2VzQGlldGYub3JnXSC0+rHtIEJyZXQgSm9yZGFuDQq3 osvNyrG85DogMjAxOMTqOdTCMTjI1SA4OjI3DQrK1bz+yMs6IGNhY2FvQGlldGYub3JnPG1haWx0 bzpjYWNhb0BpZXRmLm9yZz4NCtb3zOI6IFtDYWNhb10gT3RoZXIgdGhvdWdodHMNCg0KQWxsLA0K DQpJIGhhdmUgaGVhcmQgZnJvbSB0aHJlZSBwZW9wbGUgc28gZmFyLCB3aGF0IGRvIG90aGVycyB0 aGluZyBhYm91dCB0aGUgZHJhZnQgYW5kIHRoaXMgcHJvcG9zZWQgd29yaz8NCg0KDQpUaGFua3Ms DQpCcmV0DQpQR1AgRmluZ2VycHJpbnQ6IDYzQjQgRkM1MyA2ODBBIDZCN0QgMTQ0NyAgRjJDMCA3 NEY4IEFDQUUgNzQxNSAwMDUwDQoiV2l0aG91dCBjcnlwdG9ncmFwaHkgdmlodiB2aXZjIGNlIHho cm5ydywgaG93ZXZlciwgdGhlIG9ubHkgdGhpbmcgdGhhdCBjYW4gbm90IGJlIHVuc2NyYW1ibGVk IGlzIGFuIGVnZy4iDQoNCg== --_000_20f05ea185424c159e4422046e5fc6d8SVRM2EX2K13N05hscoopch_ Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Hi Qin<= /o:p>

 <= /o:p>

I think we should not make this too big, otherwise it will be harder to = implement. Just my 5 cents

 

best regards
Carolin

 

From: = Cacao [mailto:cacao-bounces@ietf.org] On Behalf Of Qin Wu
Sent: Tuesday, September 18, 2018 4:21 AM
To: Bret Jordan <jordan.ietf@gmail.com>; cacao@ietf.org
Subject: Re: [Cacao] Other thoughts

 

Interesting idea, I am= wondering why this idea is restricted to cyber security scenarios,  I= think it is also applicable to VPN service delivery scenario,

 

The essence of this id= ea is work flow management, process management, activity management, so you= organize a sequence of process or tasks using

Work flow template, so= you can setup it as a situation, monitoring it, optimized it.

 

In VPN service deliver= y scenario, I can define Network connectivity setup as

a Event, In this event= , the managed object is network connectivity, when network connectivity get= s setup, It will trigger another event, i.e., connectivity service performance

monitoring, when netwo= rk performance parameter such as delay or packet loss exceed some threshold= , It can trigger another event or action, to perform network optimization.

 

So what I like to see = a current event triggering another external event, action and managed objec= t is part of event, in VPN service delivery scenario, we

Can establish connecti= on between network service monitoring and network service provision and the= refore we can have full lifecycle  management on VPN service, automate

Network management. I = think operation area definitely this capability, function, right now NETCON= F/YANG doesn=A1=AFt provide such capability.

 

One limitation of NETC= ONF edit-config operation is described in RFC6241:

=A1=B0

If the &l= t;edit-config> operation contains multiple sub-operations

    &nbs= p; that apply to the same conceptual node in the underlying data=

    &nbs= p; model, then the result of the operation is undefined (i.e.,

    &nbs= p; outside the scope of the NETCONF protocol).

 <= /p>

=A1=B1

I think the reason is = becos NETCONF lack process management capability.

 

-Qin=

=B7=A2=BC=FE=C8=CB: Cacao [mailto:cacao-bounces@ietf.org] =B4=FA=B1=ED Bret= Jordan
=B7=A2=CB=CD=CA=B1=BC=E4: 2018=C4=EA9=D4=C218=C8=D5 8:27
=CA=D5=BC=FE=C8=CB: cacao@ietf.org
=D6=F7=CC=E2: [Cacao] Other thoughts

 

All,

 

I have heard from three people = so far, what do others thing about the draft and this proposed work?

 

 

Thanks,

Bret

PGP Fingerprint: 6= 3B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

"Without cryptogra= phy vihv vivc ce xhrnrw, however, the only thing that can not be unscramble= d is an egg."

 

--_000_20f05ea185424c159e4422046e5fc6d8SVRM2EX2K13N05hscoopch_-- From nobody Tue Sep 18 00:54:13 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B76F130DDE for ; Tue, 18 Sep 2018 00:54:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.901 X-Spam-Level: X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7NUx7PlCmRqt for ; Tue, 18 Sep 2018 00:54:08 -0700 (PDT) Received: from mailext.sit.fraunhofer.de (mailext.sit.fraunhofer.de [141.12.72.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95273127AC2 for ; Tue, 18 Sep 2018 00:54:07 -0700 (PDT) Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id w8I7s3vx005455 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 18 Sep 2018 09:54:04 +0200 Received: from [134.102.164.33] (134.102.164.33) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 18 Sep 2018 09:53:58 +0200 To: Bret Jordan , References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> From: Henk Birkholz Message-ID: Date: Tue, 18 Sep 2018 09:53:57 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [134.102.164.33] Archived-At: Subject: Re: [Cacao] Other thoughts X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 07:54:11 -0000 Hello Bret, Wrt, "action", two question come to mind: 1.) Is the term "action" a superset to the term "corrective action" defined in https://datatracker.ietf.org/doc/draft-ietf-ccamp-alarm-module/ ? If so, it would tie into existing work. Important to note here is that an alarm can only be defined, if a corrective action exists. 2.) Would the term "action" in this domain justify the exploration of the ECA model (Event-Condition-Action) used, for example, in I2NSF or NETCONF? https://datatracker.ietf.org/doc/draft-ietf-i2nsf-capability/ https://datatracker.ietf.org/doc/draft-bryskin-netconf-automation-yang/ Viele Gre, Henk On 09/18/2018 02:27 AM, Bret Jordan wrote: > All, > > I have heard from three people so far, what do others thing about the > draft and this proposed work? > > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > > From nobody Tue Sep 18 02:21:33 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0091130E93 for ; Tue, 18 Sep 2018 02:21:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HHN0PeJzXvTh for ; Tue, 18 Sep 2018 02:21:26 -0700 (PDT) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BF0F12F1A2 for ; Tue, 18 Sep 2018 02:21:25 -0700 (PDT) Received: from smtp.greenhost.nl ([213.108.110.112]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1g2CC9-0006X1-Sa for cacao@ietf.org; Tue, 18 Sep 2018 11:21:23 +0200 To: cacao@ietf.org References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> From: Amelia Andersdotter Openpgp: preference=signencrypt Autocrypt: addr=amelia@article19.org; prefer-encrypt=mutual; keydata= xsFNBFjWlnsBEAC+jUN+LJE+mmxEL8lHSrvg47xSBMb9GdtH1Jr8tRSxXiO6R5E+FydsfqkL sjO0dI3x/VnNBi/kgPFFWiAzDEwGTiR/C9b/Muo+xrY+it6e49N56LTPGezrY2dy5yo6VcLl 7UwGz3fIWiNIj7dvuoPMBoO1uacF073E+dqDM5CmNh6o+OrHW8zhUlC9hKgXCq+8XpZJw90H un1zsHF0sRDiurjfYaCcbdAGK9+th9378ed1ZvLVo5uBVQXdydl3eJkNCOELq7VOS7oxSliA uX5/nj9A4LjeeYXgNbwGfKrMjlffP0FcAcgfzg9seqDd1DEk9EVaUMTr32fbWOQHjinXSC7r Lw4xaNfoBebIe1M6z16Xg7+bXXCTdmJYcL9ugmkvT6tGnR12Pfoca1oBwXPvA0VIRi86kCSU D9qvZ3Vl07MKD2hsvFkGZJOQfEaYv5QLpCWv6RCjfDNC05IyMeSW4H18Fr/BoHX8FXHV3+9H LsbJQ/Zrofd/Cm+TKEmXLAtYc7iXvzV+mw3/u0VYqjEy/CRYa62Ah0NNNVIuswfRVIfx3UZo jX4y8j2Kh0jtUV5A4GGf8H3SzQ/cB0I7wTRHU9mCPVCtH6M26nPumL4Zr4D6uGnAmPf9xnlX lokOn2Qxf/mBldsL41PDbEpYhZvvn5kJ/Z9Qh7Fks/hfTbbJowARAQABzSxBbWVsaWEgQW5k ZXJzZG90dGVyIDxhbWVsaWFAYW5kZXJzZG90dGVyLmNjPsLBlwQTAQgAQQIbIwUJCWYBgAUL CQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBD1dtsq4UrmIBVpqb/7xwpS06AtVBQJY1pdiAhkB AAoJEP7xwpS06AtVI0sP/Al6eUycymdT1R7v0uEQv4coonnOUV6FKj/4wc+wM+A0h7vlqADr j4nS7RRSQRUo8xJ9tvR9J1Eyske5bvakOYv64f9PrNY1Z6ABhJzK34kJxekEfeLmpXAB4wst GhD8dGC/z/b9Oau0AW1GWIP0eNWq4acDf9Qf+j0wqQi25OZUXnu5KeUX7mvPTHKZLyEZlwHV atXmZHWKnQWtEPZTQfv/zESsoBAm1TbaLapgxVG9uLW+I9kj72TB/AZ5hMSKMYWZ2dC+8eEs Xd22tn6907aUmZhFT89jbEyS996WeZ+SQ5G1Okrq02qYXcCi5vm3AuvLlbRYHguh42TLaVq1 er7PiYOYH77FFmnZWW6ChFnf7xsDep2tpNxn+QUZLgO3+5kL7TfO7D2H57kjVVMdkNn+01nz kfcn76K7nuU6Dc4pItPzbDndhdxulnm9cicOEfGQqvta9ffxk4YWyAu9PUNARVRNf6OnoDQQ Zo8l1o37q9PFXJyQwzvxdd9u6uzTny2wp9eig75pD3dYHCRIQeYmkv1kB81mc86cwgvuw1Qy /QwiCBNXSSuIvLO78b+/dB0DLVQC/c6gtyWXRpC4ysF4EaEZophjT60d12YRanR+fWuH+qu2 wsT+z1d4tC5/6UJMPr3bxREh9JHThm5Y3cDBmcn0PGqtDKkwjCkqex5bzsFNBFjWlnsBEADF jusaTo9W8VeWluCK/oJqyyyF1wMvou0ldfuoOpUZrOqsY67TM7yBqsv5COPVgAV+xp+axor5 oHWxibd283w0Ok4dK6tvtNGwUqyDRlHtQ92DG/u4Tg5eOwrHNUn73/rfeBD9KhKAXcNKKPoc cLgR8oQTXpO7eRo+0NI52pXQ6LdZ0wddYeTcHglsNKN1TK+CyYS7xfGolsZXXoBOKcyhfj/c kPFVIHWpGpEtcYWTZWvXgLprzHvpKzkzNyBwejaXE+bqCT2dRl3omI/e2t3Vq33hFUUSAdxr FF29vMX/YsSnYqsFOIoayna+TRsDFAfZvbvHBOMckeJzvA8yBdadw7CM08Uw8wqH7n9BA3oq //QpZJekPfrc2E9nM9H0d51T0uStLMbYDWdwxvfPA3p9z8L91vobt8bM/Jbhl9h+X2Yq9oBC iTI7b2izYd9FVG4BwBIdeh3bh9R9HExgRjF3XQ6uafT3pcVOPASdv9FRUYH1Va7QWQifoha0 B7UXKx1OpX1Z6XR2NQ9KN2MvlwvBKdHtm6tBzUIFzW6D8vUOxiYKBA4fppJt/LJF4jsaCEyI /CVQnkC0yL5DKFOdigxTipwEL9Uc6r7VfR5OAGFd6vzuJFy+j+/WhzaVT1oVYp6eQXh0bBtq qH2Mq9sAMnIjvaNYIKiQKgMa1Pa3OWQbQQARAQABwsF8BBgBCAAmFiEEPV22yrhSuYgFWmpv /vHClLToC1UFAljWlnsCGwwFCQlmAYAACgkQ/vHClLToC1XnRw//W4lzE8FddceKXGRwO/T1 u4uzH9EjPCj+3/eHCrLI+h1m7QPyH1DrFAtZBoA6UoaF0+vIAJXM9/HI1FZ09EUdJr5X/+YR EErFom4DbE1FK8fpK1/Hw2zI+7Xa8bVkmYrKhMGhi1Gq6Dtksn/H4USdJL53ZPt10SVNK7H3 w93Yp1GC4+0zWjfrsKfsHYZZr2SZyb5/gZlngfgaqiQLhIcPYmiU1GQi9QWkGxWRxk0YQXBw hekewvgltATxlRSCwguAi4uck9fAct9GGdpsshSOgAb9YIAnEV3EqaGnf0PknXp3vNHAZWrf M+RyuNdm2L5TjDU0rIrvyqGP3pR33cREGOAil5Sz2uFArmwsPt8VffbEXlf7qZqRBKaYeKt0 qnxKMx1+e1JilVsfb8qtnAWAFDyR0HMlVj/dvGAmq/auPSOAUWRSnDRyT6rv/vXxrbkL4uxW ax46qdpDhR15mS5MTng6b5b3Uox7xlveo/Sx71AdNf4goPvB/ntv0DiMuh+fmLGk3zrxs4Xd 30Sx+qQwVaXR5xc5rgnF81wvfmuAOb2eP9mpD6DoabkpxC8fLk17AK7Q1ZTgcZ+8XLRFnavd PrwCa9RU0BF53lJMSTPzyBcMwZ4sqA6Z5IRFVt7rEbSeeD8REiawo+FvVt9j0fKdNEBeaJ3W Y5hlhNPcUXr4q1U= Organization: ARTICLE19 Message-ID: Date: Tue, 18 Sep 2018 11:21:13 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US-large Content-Transfer-Encoding: quoted-printable X-Virus-Scanned: by clamav at smarthost1.samage.net X-Scan-Signature: a4ac4654eb4a1f48264000a2337963d1 Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 09:21:30 -0000 Hi all, I understand that reporting on cyber threats and proposing mitigating remedies for cyber threats is increasingly a government affair (i.e. has regulatory implications), so this is an aspect that needs to be covered as well. I.e., if there is a regulatory established mechanism for information sharing in any jurisdiction, any organisation doing reporting or mitigation work would have to certainly comply at least with local regulations - would this project aim to facilitate compliance in this regard? And what is required for that? I guess this speaks again to a more robust "gap analysis", and Carolin's point on having two separate documents resonates with me. Generally, I'm uncomfortable with the idea of Globally Unique Identifiers and do not think it constructive for CACAO to propose that. It's anti-thetical to a lot of other developments, and regulatory concern= s. best, Amelia On 2018-09-18 09:48, Carolin.Baumgartner@interdiscount.ch wrote: > > Hi > > =C2=A0 > > I agree that a gap analysis would be great, but I read this discussion > as "include this in the document that proposes a new approach". If I > read that correctly, I would propose to split that out into two > documents. The reason is that this sounds like a huge monster > document, nobody can digest anymore. I think it would be valuable to > have a gap analysis / motivation type of document and then another one > (or several other ones) describing the new approach. > > =C2=A0 > > best regards > > Carolin > > =C2=A0 > > *From:*Cacao [mailto:cacao-bounces@ietf.org] *On Behalf Of *Kathleen > Moriarty > *Sent:* Tuesday, September 18, 2018 4:12 AM > *To:* Bret Jordan > *Cc:* Barry Greene ; cacao@ietf.org > *Subject:* Re: [Cacao] CACAO Google Doc > > =C2=A0 > > Hi Brett, > > =C2=A0 > > I do think the gap analysis Barry suggested is an important step for > the authors of this work to pursue.=C2=A0 This is important for a few > reasons.=C2=A0 The first is that it will familiarize you with the prior > work.=C2=A0 I know for RID, it was extensive with many participants.=C2= =A0 The > document was also republished, so the time span was quite a range as > well dating back to 2000/1.=C2=A0=C2=A0 > > =C2=A0 > > On Mon, Sep 17, 2018 at 7:52 PM Bret Jordan > wrote: > > Barry, > > =C2=A0 > > We will be working on a list of problem areas that need to be > addressed and the order in which they need to be solved. If you > have specific examples of how certain areas have been solved > already and have design elements we could reuse, please share > them.=C2=A0 We would love to reuse as much as possible.=C2=A0 > > =C2=A0 > > You may discover this through the gap analysis that was suggested.=C2=A0= As > a result of that gap analysis, it will be easier to get others to > engage in your work. For those of us who have done work in this space, > having that acknowledged and then you stating the gap will help us all > work toward a common output.=C2=A0=C2=A0 > > =C2=A0 > > As I stated in goal numbers 2, 3, and 5, we need to ensure that > this community has the right people in it, to ensure wide spread > adoption. If this community does not have the right people, then > we need to either recruit them and bring them in to this community > or look for the right community.=C2=A0 > > =C2=A0 > > I think through the gap analysis, you'll see the prior work and I > think will find the IETF is the right place.=C2=A0 It will be easier to > engage prior authors rather than asking them to do the analysis > against your new effort. It's just the usual pattern we are accustomed > to working in. If you look back at the SACM BoF for instance, you'll > see a gap analysis was requested against several standards including > YANG and NEA among others.=C2=A0=C2=A0 > > =C2=A0 > > I am guessing through that work we may figure out that this belongs in > MILE, but could be wrong and the analysis suggested will help with > that determination. > > =C2=A0 > > This work could be very important and I'd like to see the outputs of > that analysis.=C2=A0 I suspect others who helped on prior efforts would= as > well.=C2=A0 Thank you. > > =C2=A0 > > Best regards, > > Kathleen > > =C2=A0 > > =C2=A0 > > I agree that there are far too many standards created that never > get implemented. This is why I also called out the items in goal > number 5 and why we have recruited the authors and contributors > that we have.=C2=A0 > > =C2=A0 > > =C2=A0 > > Thanks, > > Bret > > PGP Fingerprint:=C2=A063B4 FC53 680A 6B7D 1447 =C2=A0F2C0 74F8 ACAE= 7415 0050 > > "Without cryptography vihv vivc ce xhrnrw, however, the only thing > that can not be unscrambled is an egg." > > > > On Sep 17, 2018, at 5:37 PM, Barry Greene > > wrote: > > =C2=A0 > > Hi Bret, > > =C2=A0 > > I read the initial draft. It is an assertion of a gap without > a quantitative review that there is a gap.=C2=A0 > > =C2=A0 > > I hate wasting time in the IETF working on idea that no way to > gain operational traction. This space is overloaded with past > efforts. Lets learn why they did not deploy, find the gaps, > then proceed with new work. > > =C2=A0 > > Barry > > > On Sep 18, 2018, at 07:23, Bret Jordan > wrote: > > Barry, > > =C2=A0 > > Thanks for the email. As we stated in our initial draft > document=E2=80=A6 > > =C2=A0 > > =E2=80=9CWhile many attempts have been made over the years = in the > IETF and other SDOs to address certain elements of this > problem space, there is currently no consolidated and > standardized language or means that would allow cyber > actions to be automatically coordinated, sequenced, > processed and shared to enable cyber defenders to respond > in machine relevant time. Some efforts such as BPMN have > traditionally focused on higher-level non-cyber constructs > for process definition, and other efforts like OpenC2 have > focused purely on atomic actions, but none have focused on > the overlay processes required for this to be used in a > broader cyber security response use case.=E2=80=9D > > =C2=A0 > > As we work through and call out the problem spaces that > need to be addressed, I would hope that those of you that > are interested in this work will point us to specific > elements and specific parts of existing work that we can > use or reuse. Also as we called out in the draft, it is > critical that this work ties in nicely with STIX and TAXII > based Cyber Threat Intelligence. > > =C2=A0 > > The reason we are looking to start some work here in the > IETF, is we feel like this venue might be a good place > given the problems we need to solve and how some groups > like SUIT have similar problems they are trying to solve. > However, if this community does not agree that this work > should be done here, that information is also valuable. > > =C2=A0 > > =C2=A0 > > Our high level initial goals are (I would be curious to > know if this community supports these): > > =C2=A0 > > 1) Identify all of the problem areas that need to be > solved for this to actually work in practice.=C2=A0 > > =C2=A0 > > 2) Verify that the IETF is the right SDO in which to do > this work > > a) Do we have=C2=A0critical mass? > > b) Do we have the right people, vendors, analysts, SOC > engineers? > > c) What is the temperament of this community for this kind > of work? > > d) Can we do a Bar BOF in Bangkok to gauge the community? > > e) If the community is supportive, would a WG forming BOF > be an option in Prague? > > =C2=A0 > > 3) Ensure we have multiple vendors and industry analysts > from large SOCs involved to help ensure that any > specification we produce can be used and implemented en mas= s. > > =C2=A0 > > 4) Systematically work our way down the list of problem > spaces and look for solutions (taking input from existing > work where possible). Look to having our first > implementable draft within 6 months of getting a WG > formed. Release iterative draft releases every few months > as we flesh out more of the problem space. > > =C2=A0 > > 5) Produce a specification and data model for JSON (and > CBOR) along with implementation guides, interoperability > guides, proof of concepts, and other content needed to > ensure successful and rapid adopting across the market. > > =C2=A0 > > =C2=A0 > > =C2=A0 > > Thanks, > > Bret > > PGP Fingerprint:=C2=A063B4 FC53 680A 6B7D 1447 =C2=A0F2C0 7= 4F8 ACAE > 7415 0050 > > "Without cryptography vihv vivc ce xhrnrw, however, the > only thing that can not be unscrambled is an egg." > > > > On Sep 17, 2018, at 3:46 PM, Barry Greene > > wrote: > > =C2=A0 > > Hello Bret, > > =C2=A0 > > My first suggestion is background work. What you are > doing is not new. Pull in all the previous work, > describe pros/cons/deployment, then get into the gaps > which CACAO seeks to fill. > > =C2=A0 > > For example,=C2=A0 > > =C2=A0 > > - walk through IODEF (IETF) and explain pros, cons, > limitations, and how CACAO would be different. > > - Walk through STIX and do the same > > - Walk through DOTs and explain why we could not use > DOTS as it is today (with an update to the schema).=C2=A0 > > =C2=A0 > > Barry > > > On Sep 18, 2018, at 00:03, Bret Jordan > > > wrote: > > All, > > =C2=A0 > > As I mentioned in my Welcome message last week, we > plan to use Google Docs to track all comments and > suggestions to this draft and any other drafts > that we write for this work. The read-only link > for this work can be found here: > > =C2=A0 > > https://docs.google.com/document/d/1YluuEIv-SREI1i3= BHC2Wp8vnvpUOuOZhbfywiUSn2tI/edit# > > > =C2=A0 > > If you want to see comments and suggestions that > are being proposed, or if you want to add your own > comments and suggestion, please request access > from within the Google Docs itself.=C2=A0 > > =C2=A0 > > =C2=A0 > > =C2=A0 > > Thanks, > > Bret > > PGP Fingerprint:=C2=A063B4 FC53 680A 6B7D 1447 =C2=A0= F2C0 > 74F8 ACAE 7415 0050 > > "Without cryptography vihv vivc ce xhrnrw, > however, the only thing that can not be > unscrambled is an egg." > > =C2=A0 > > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > =C2=A0 > > =C2=A0 > > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > > =C2=A0 > > --=20 > > =C2=A0 > > Best regards, > > Kathleen > > --=20 Amelia Andersdotter Technical Consultant, Digital Programme ARTICLE19 www.article19.org PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55 From nobody Tue Sep 18 03:26:49 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C827130DCC for ; Tue, 18 Sep 2018 03:26:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1 X-Spam-Level: X-Spam-Status: No, score=-1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fzp90eKwu9QZ for ; Tue, 18 Sep 2018 03:26:45 -0700 (PDT) Received: from mail-qt0-x22c.google.com (mail-qt0-x22c.google.com [IPv6:2607:f8b0:400d:c0d::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D6D31292AD for ; Tue, 18 Sep 2018 03:26:45 -0700 (PDT) Received: by mail-qt0-x22c.google.com with SMTP id j7-v6so1154454qtp.2 for ; Tue, 18 Sep 2018 03:26:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=R2eRG8DGkjn/7nhA68rz+wNFTLlZoL71KJt0JdgSwIA=; b=XRmSFgtm2FIdKRMMitp1/tnaFLwbjthMdtXaTg/a7LGD1iT+d+tG9zxnzs8ACFtnI2 BT8mZPYbRzidctt36MS1qApocdlcGzUmJXshZVWm9xqULCvbm4+DQONMZgbUZi13m6Hf eAgap15o+82UjO3O5GUoobmQpKBX7hsQYuVLrMDi2WtHQA0BTotJz/RWhmw5+4zYZ/Ru cGPzWSDw/SOQb/+pkkO/KOUHp1Ggxl9o8iGhWEIBcYSf1guQlXXN+DVKgREIXJOPOtSU YPf54WZV8vmMQuMkynnoARrZDKgz9Ef0I5z43vZFWlNWG8LgILOyGTbOnCZFX511kyKl 3QRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=R2eRG8DGkjn/7nhA68rz+wNFTLlZoL71KJt0JdgSwIA=; b=HzxvLMgaMZV2dSjDqj7ar6WIci7rvhBzFZrhZofiS0c7K5lZ7oIhnmFZlPGSPbKpqs A0YJ5NX2ZEFP9pd49m27NJCH9CENvQB9VFmKdpMvyCI2NnB21yXdbq71ZI7YGE1Y0CXL EqOJSpwIQIwPi8fvivl9S2ujklndR0G3jxLx+bzSMvVh0MFvJFgTfV3as3LEKgIzM86k DWUU+YTod6Wnv/KWLBqBZAugISEBQsb5E1TbpDqTlsxgAkf22QltBW71mWFP+UPYY2UO lzheGPt1ZFbaqN182tkWdv0/Vk8eFOxzMz+8Y72RgVa7yqCf1Lm2qB1VU+YGDVpdovl1 togw== X-Gm-Message-State: APzg51CL/JoJaSeoKlB9qPrDZmddysVgCA0fSaJcAe3M0RoQBrnd6pXZ EvHkdqmvYMNZ+vA6lm84rw7E2n3K X-Google-Smtp-Source: ANB0VdbB1Wzt8bG/tek3h3Iq2RYmjMmHt2KAkZnYsjL27DclJG/AzibOqqkz6ToB2o2Xn1RyMcKPUw== X-Received: by 2002:a0c:e74c:: with SMTP id g12-v6mr20821537qvn.118.1537266403935; Tue, 18 Sep 2018 03:26:43 -0700 (PDT) Received: from [192.168.1.210] (209-6-121-113.s2671.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [209.6.121.113]) by smtp.gmail.com with ESMTPSA id l10-v6sm9515201qkk.49.2018.09.18.03.26.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Sep 2018 03:26:43 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) From: Kathleen Moriarty X-Mailer: iPhone Mail (15E216) In-Reply-To: Date: Tue, 18 Sep 2018 06:26:42 -0400 Cc: cacao@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> To: Amelia Andersdotter Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 10:26:48 -0000 Sent from my mobile device > On Sep 18, 2018, at 5:21 AM, Amelia Andersdotter wr= ote: >=20 > Hi all, >=20 > I understand that reporting on cyber threats and proposing mitigating > remedies for cyber threats is increasingly a government affair (i.e. has > regulatory implications), so this is an aspect that needs to be covered > as well. >=20 > I.e., if there is a regulatory established mechanism for information > sharing in any jurisdiction, any organisation doing reporting or > mitigation work would have to certainly comply at least with local > regulations - would this project aim to facilitate compliance in this > regard? And what is required for that? >=20 > I guess this speaks again to a more robust "gap analysis", and Carolin's > point on having two separate documents resonates with me. The gap analysis could be a wiki or some other document that does not get pu= blished, but I think it=E2=80=99s an important exercise. Best regards, Kathleen=20 >=20 > Generally, I'm uncomfortable with the idea of Globally Unique > Identifiers and do not think it constructive for CACAO to propose that. > It's anti-thetical to a lot of other developments, and regulatory concerns= . >=20 > best, >=20 > Amelia >=20 >> On 2018-09-18 09:48, Carolin.Baumgartner@interdiscount.ch wrote: >>=20 >> Hi >>=20 >> =20 >>=20 >> I agree that a gap analysis would be great, but I read this discussion >> as "include this in the document that proposes a new approach". If I >> read that correctly, I would propose to split that out into two >> documents. The reason is that this sounds like a huge monster >> document, nobody can digest anymore. I think it would be valuable to >> have a gap analysis / motivation type of document and then another one >> (or several other ones) describing the new approach. >>=20 >> =20 >>=20 >> best regards >>=20 >> Carolin >>=20 >> =20 >>=20 >> *From:*Cacao [mailto:cacao-bounces@ietf.org] *On Behalf Of *Kathleen >> Moriarty >> *Sent:* Tuesday, September 18, 2018 4:12 AM >> *To:* Bret Jordan >> *Cc:* Barry Greene ; cacao@ietf.org >> *Subject:* Re: [Cacao] CACAO Google Doc >>=20 >> =20 >>=20 >> Hi Brett, >>=20 >> =20 >>=20 >> I do think the gap analysis Barry suggested is an important step for >> the authors of this work to pursue. This is important for a few >> reasons. The first is that it will familiarize you with the prior >> work. I know for RID, it was extensive with many participants. The >> document was also republished, so the time span was quite a range as >> well dating back to 2000/1. =20 >>=20 >> =20 >>=20 >> On Mon, Sep 17, 2018 at 7:52 PM Bret Jordan > > wrote: >>=20 >> Barry, >>=20 >> =20 >>=20 >> We will be working on a list of problem areas that need to be >> addressed and the order in which they need to be solved. If you >> have specific examples of how certain areas have been solved >> already and have design elements we could reuse, please share >> them. We would love to reuse as much as possible.=20 >>=20 >> =20 >>=20 >> You may discover this through the gap analysis that was suggested. As >> a result of that gap analysis, it will be easier to get others to >> engage in your work. For those of us who have done work in this space, >> having that acknowledged and then you stating the gap will help us all >> work toward a common output. =20 >>=20 >> =20 >>=20 >> As I stated in goal numbers 2, 3, and 5, we need to ensure that >> this community has the right people in it, to ensure wide spread >> adoption. If this community does not have the right people, then >> we need to either recruit them and bring them in to this community >> or look for the right community.=20 >>=20 >> =20 >>=20 >> I think through the gap analysis, you'll see the prior work and I >> think will find the IETF is the right place. It will be easier to >> engage prior authors rather than asking them to do the analysis >> against your new effort. It's just the usual pattern we are accustomed >> to working in. If you look back at the SACM BoF for instance, you'll >> see a gap analysis was requested against several standards including >> YANG and NEA among others. =20 >>=20 >> =20 >>=20 >> I am guessing through that work we may figure out that this belongs in >> MILE, but could be wrong and the analysis suggested will help with >> that determination. >>=20 >> =20 >>=20 >> This work could be very important and I'd like to see the outputs of >> that analysis. I suspect others who helped on prior efforts would as >> well. Thank you. >>=20 >> =20 >>=20 >> Best regards, >>=20 >> Kathleen >>=20 >> =20 >>=20 >> =20 >>=20 >> I agree that there are far too many standards created that never >> get implemented. This is why I also called out the items in goal >> number 5 and why we have recruited the authors and contributors >> that we have.=20 >>=20 >> =20 >>=20 >> =20 >>=20 >> Thanks, >>=20 >> Bret >>=20 >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >>=20 >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing >> that can not be unscrambled is an egg." >>=20 >>=20 >>=20 >> On Sep 17, 2018, at 5:37 PM, Barry Greene >> > wrote: >>=20 >> =20 >>=20 >> Hi Bret, >>=20 >> =20 >>=20 >> I read the initial draft. It is an assertion of a gap without >> a quantitative review that there is a gap.=20 >>=20 >> =20 >>=20 >> I hate wasting time in the IETF working on idea that no way to >> gain operational traction. This space is overloaded with past >> efforts. Lets learn why they did not deploy, find the gaps, >> then proceed with new work. >>=20 >> =20 >>=20 >> Barry >>=20 >>=20 >> On Sep 18, 2018, at 07:23, Bret Jordan > > wrote: >>=20 >> Barry, >>=20 >> =20 >>=20 >> Thanks for the email. As we stated in our initial draft >> document=E2=80=A6 >>=20 >> =20 >>=20 >> =E2=80=9CWhile many attempts have been made over the years in t= he >> IETF and other SDOs to address certain elements of this >> problem space, there is currently no consolidated and >> standardized language or means that would allow cyber >> actions to be automatically coordinated, sequenced, >> processed and shared to enable cyber defenders to respond >> in machine relevant time. Some efforts such as BPMN have >> traditionally focused on higher-level non-cyber constructs >> for process definition, and other efforts like OpenC2 have >> focused purely on atomic actions, but none have focused on >> the overlay processes required for this to be used in a >> broader cyber security response use case.=E2=80=9D >>=20 >> =20 >>=20 >> As we work through and call out the problem spaces that >> need to be addressed, I would hope that those of you that >> are interested in this work will point us to specific >> elements and specific parts of existing work that we can >> use or reuse. Also as we called out in the draft, it is >> critical that this work ties in nicely with STIX and TAXII >> based Cyber Threat Intelligence. >>=20 >> =20 >>=20 >> The reason we are looking to start some work here in the >> IETF, is we feel like this venue might be a good place >> given the problems we need to solve and how some groups >> like SUIT have similar problems they are trying to solve. >> However, if this community does not agree that this work >> should be done here, that information is also valuable. >>=20 >> =20 >>=20 >> =20 >>=20 >> Our high level initial goals are (I would be curious to >> know if this community supports these): >>=20 >> =20 >>=20 >> 1) Identify all of the problem areas that need to be >> solved for this to actually work in practice.=20 >>=20 >> =20 >>=20 >> 2) Verify that the IETF is the right SDO in which to do >> this work >>=20 >> a) Do we have critical mass? >>=20 >> b) Do we have the right people, vendors, analysts, SOC >> engineers? >>=20 >> c) What is the temperament of this community for this kind >> of work? >>=20 >> d) Can we do a Bar BOF in Bangkok to gauge the community? >>=20 >> e) If the community is supportive, would a WG forming BOF >> be an option in Prague? >>=20 >> =20 >>=20 >> 3) Ensure we have multiple vendors and industry analysts >> from large SOCs involved to help ensure that any >> specification we produce can be used and implemented en mass. >>=20 >> =20 >>=20 >> 4) Systematically work our way down the list of problem >> spaces and look for solutions (taking input from existing >> work where possible). Look to having our first >> implementable draft within 6 months of getting a WG >> formed. Release iterative draft releases every few months >> as we flesh out more of the problem space. >>=20 >> =20 >>=20 >> 5) Produce a specification and data model for JSON (and >> CBOR) along with implementation guides, interoperability >> guides, proof of concepts, and other content needed to >> ensure successful and rapid adopting across the market. >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> Thanks, >>=20 >> Bret >>=20 >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE >> 7415 0050 >>=20 >> "Without cryptography vihv vivc ce xhrnrw, however, the >> only thing that can not be unscrambled is an egg." >>=20 >>=20 >>=20 >> On Sep 17, 2018, at 3:46 PM, Barry Greene >> > > wrote: >>=20 >> =20 >>=20 >> Hello Bret, >>=20 >> =20 >>=20 >> My first suggestion is background work. What you are >> doing is not new. Pull in all the previous work, >> describe pros/cons/deployment, then get into the gaps >> which CACAO seeks to fill. >>=20 >> =20 >>=20 >> For example,=20 >>=20 >> =20 >>=20 >> - walk through IODEF (IETF) and explain pros, cons, >> limitations, and how CACAO would be different. >>=20 >> - Walk through STIX and do the same >>=20 >> - Walk through DOTs and explain why we could not use >> DOTS as it is today (with an update to the schema).=20 >>=20 >> =20 >>=20 >> Barry >>=20 >>=20 >> On Sep 18, 2018, at 00:03, Bret Jordan >> > >> wrote: >>=20 >> All, >>=20 >> =20 >>=20 >> As I mentioned in my Welcome message last week, we >> plan to use Google Docs to track all comments and >> suggestions to this draft and any other drafts >> that we write for this work. The read-only link >> for this work can be found here: >>=20 >> =20 >>=20 >> https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC= 2Wp8vnvpUOuOZhbfywiUSn2tI/edit# >> >>=20 >> =20 >>=20 >> If you want to see comments and suggestions that >> are being proposed, or if you want to add your own >> comments and suggestion, please request access >> from within the Google Docs itself.=20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> Thanks, >>=20 >> Bret >>=20 >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 >> 74F8 ACAE 7415 0050 >>=20 >> "Without cryptography vihv vivc ce xhrnrw, >> however, the only thing that can not be >> unscrambled is an egg." >>=20 >> =20 >>=20 >> --=20 >> Cacao mailing list >> Cacao@ietf.org >> https://www.ietf.org/mailman/listinfo/cacao >>=20 >> =20 >>=20 >> =20 >>=20 >> --=20 >> Cacao mailing list >> Cacao@ietf.org >> https://www.ietf.org/mailman/listinfo/cacao >>=20 >>=20 >> =20 >>=20 >> --=20 >>=20 >> =20 >>=20 >> Best regards, >>=20 >> Kathleen >>=20 >>=20 >=20 > --=20 > Amelia Andersdotter > Technical Consultant, Digital Programme >=20 > ARTICLE19 > www.article19.org >=20 > PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55 >=20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao From nobody Tue Sep 18 07:20:15 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC658130E42 for ; Tue, 18 Sep 2018 07:20:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.31 X-Spam-Level: X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symantec.com header.b=eoopDcrp; dkim=pass (1024-bit key) header.d=symantec.com header.b=IPCp/MEy Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bLThOP2Xe_II for ; Tue, 18 Sep 2018 07:20:09 -0700 (PDT) Received: from tussmtoutape01.symantec.com (Tussmtoutape01.symantec.com [155.64.38.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 083D9130E27 for ; Tue, 18 Sep 2018 07:20:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; d=Symantec.com; s=1; c=relaxed/simple; q=dns/txt; i=@Symantec.com; t=1537280407; x=2401194007; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=yrGjemLPndvtD/iVM6sT/pe/zIYiQwhck3vbCYOIAaw=; b=eoopDcrpjtJ4LjGa6ZelxhMXwfyZYgvnnohQ9kzlGZ2q0uxZq18HzGoXBRutxoTm 4dsmrsw5lhFPUx+FGf16VMbAqcFaVAtXCF9Dl5rhMdRWtu7A12TQ+V2dggNhxYIg uR0HhLM3x8mYfc9ZtzTpmdvpjgH5fUiWK7AGqZe7L3Q=; Received: from tussmtmtaapi02.symc.symantec.com (tus3-f5-symc-ext-prd-snat1.net.symantec.com [10.44.130.1]) by tussmtoutape01.symantec.com (Symantec Messaging Gateway) with SMTP id 1C.E8.13075.79901AB5; Tue, 18 Sep 2018 14:20:07 +0000 (GMT) X-AuditID: 0a2c7e31-7b0dc9e000003313-2c-5ba10997e406 Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (tus3-f5-symc-ext-prd-snat2.net.symantec.com [10.44.130.2]) by tussmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 9C.81.06107.79901AB5; Tue, 18 Sep 2018 14:20:07 +0000 (GMT) Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 18 Sep 2018 07:20:06 -0700 Received: from NAM04-SN1-obe.outbound.protection.outlook.com (10.44.128.8) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Tue, 18 Sep 2018 07:20:05 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symantec.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9W8sedzOX0ojJ03Rxmqz/wWfP75aChxmwc58JM1+zZQ=; b=IPCp/MEyW2u8O00bJYrL3U69V4jJJJJ+Mx8MyCFXVEwNh/kY9Z44l7gBQAo8STPoUP9+czTJs2zW9dvmEnwY7Ti9H+pYbplJzTfm0EYKklanZ8ChF3535CvMraKVHnEmx70RzegShuFlyaeEFvYE1+u48+GfjrQvER+bbrXyKIU= Received: from MWHPR16MB0093.namprd16.prod.outlook.com (10.172.101.148) by MWHPR16MB0047.namprd16.prod.outlook.com (10.172.101.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.18; Tue, 18 Sep 2018 14:20:04 +0000 Received: from MWHPR16MB0093.namprd16.prod.outlook.com ([fe80::fd13:abfe:ca51:d345]) by MWHPR16MB0093.namprd16.prod.outlook.com ([fe80::fd13:abfe:ca51:d345%5]) with mapi id 15.20.1143.017; Tue, 18 Sep 2018 14:20:04 +0000 From: Bret Jordan To: Qin Wu , Bret Jordan , "cacao@ietf.org" Thread-Topic: [EXT] Re: [Cacao] Other thoughts Thread-Index: AQHUTvZLNfTQNstpJE+kSmX9e+414qT2FZn5 Date: Tue, 18 Sep 2018 14:20:03 +0000 Message-ID: References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com>, In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Bret_Jordan@symantec.com; x-originating-ip: [155.64.38.75] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR16MB0047; 6:G2wEPCRibKOK/ww4pHsI/cgkcCoqN+sr+K+iTCeKnZMx5rY1pPtnQDhxuwYBISYw5OewHHo06FvDzVV9WmaDgWP92LcZWvr4YQJbjS7utNoFUx+06YlZh9wmxdI4KPzAyOSGBfo8j6gr4vkxfRj2q1og8EkpmRUVJ8wMvU3+YY12BaerJw+XPsz8o9LsiY9gwnfzKBe1DMjMgxRIYCLlBhaUL4Xl/2DB8iwXEi/hfD7y7pTqkXOO4uTWMpIrESphyyWgKjH2YQFOMxXaXP7ze3bYeHMSZY0UlanxJyIWeQHXXpeIWqxFNhqV/WU7c4gIqeQxcz6UM670kRlH+gvgGVxW2IJSCRG9u2KA0tz7kv8bqKouArAu++qUWpMq9bi7Rtszi+wmLNPm9zCXdQ3PduDE6PREPqkk4+ONu+3vJegJ/8V+3jK3aL3r4N95dzLuUwteU8si9sLltWryUFqg/Q==; 5:lXFTfCe5IDA8TmQt6qpZ336J3TVJ6h1wM8cBZTftLvB67tCL7yDG5hlUW1qqAOiKNhjJI0LZ9zCVDG4SSjCzsSDDgwG8gt3f4VWWdJL+uLQG9LE/9AkloaL4PAHNlwfDOA5MzC1B6lBnY3eiMacmbJ4DgMao6rRGckXi3M7HH3g=; 7:BMGavGxxc7EF4GNHiTke8LMQm+c/7v+JZiK44gAVbGvwu7Nn5uuAq/lzRYtIitoiyf3m1Ixm67XOTDHBS75yHjkWKi6CZOwZ8Ijed5MIwEueXNFv6vn7P+rdLpnqN7hrr6189nMgp3PLAWAIuNTM77qQiw1uuLMdc4e98nIrtByz15SQWnve97LxMdoE8eoLvKtLxNVOceknRPtf33KKIO3Q7Ule2UNpTXSzCKuIQnw5lhFEg4e6AOwft44jLCES x-ms-exchange-antispam-srfa-diagnostics: SOS; x-ms-office365-filtering-correlation-id: a0239a01-b537-4ce3-8673-08d61d71d3bf x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:MWHPR16MB0047; x-ms-traffictypediagnostic: MWHPR16MB0047: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(72170088055959)(192374486261705)(50582790962513)(269456686620040); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(3231355)(944501410)(52105095)(93006095)(93001095)(10201501046)(3002001)(149027)(150027)(6041310)(20161123564045)(20161123558120)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(201708071742011)(7699050); SRVR:MWHPR16MB0047; BCL:0; PCL:0; RULEID:; SRVR:MWHPR16MB0047; x-forefront-prvs: 0799B1B2D7 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(136003)(376002)(346002)(366004)(189003)(199004)(229853002)(26005)(7696005)(33656002)(478600001)(99286004)(16234385003)(76176011)(10290500003)(186003)(3846002)(53546011)(6506007)(14454004)(19627405001)(102836004)(316002)(72206003)(106356001)(25786009)(81156014)(2900100001)(81166006)(110136005)(6116002)(19627235002)(5660300001)(6436002)(74316002)(8676002)(105586002)(256004)(8936002)(14444005)(18717965001)(53936002)(345774005)(68736007)(66066001)(7736002)(97736004)(55016002)(9686003)(2501003)(2906002)(6606003)(39060400002)(446003)(11346002)(80792005)(486006)(476003)(86362001)(5250100002)(6246003)(54896002)(9010500006); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR16MB0047; H:MWHPR16MB0093.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: Ja6pbx5Mm3FEni3KmHFxxeF4za4JH2FNBqvmIv6OEpg9kL5IHPRr8AFKrPMIGaddTffQ2arhj4bSUnXVR5al6xVtDpFX1NfOmzr/I598ENT2ALx1EJPc1WFODWKFmaPvvQLyoFO2U4KcQNDpd8THA6KIYiBBf+PaLfx8Aqu6GviAe9FwXu0gcQapQOtYhRHh5bmuP8sLW9tWdukffidCihg7BVfmx/4HdjgCwn5qrWrZkcVjJWkzRc/3q4GM5/qv3PQNwU/2S1dfTiGerF8MtxAsNxu+XqQvPR2MR7pXi23ZM7iXgZiAL5VjXaIGu8J7/f+9yMkwBSv+8h7bx3fWXEm8rXEMKk0IIYUrowoNoC8= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_MWHPR16MB0093AF2C1759098B1B1A7EC4ED1D0MWHPR16MB0093namp_" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: a0239a01-b537-4ce3-8673-08d61d71d3bf X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2018 14:20:03.8936 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR16MB0047 X-OriginatorOrg: symantec.com X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrIKsWRmVeSWpSXmKPExsXCpdPEqDudc2G0wedrkhaP5y5gtTh5exab xePdv9gcmD12zrrL7tFy5C2rx5IlP5kCmKO4bFJSczLLUov07RK4MubtecFScLGLsWLr2SVs DYzz67sYOTkkBEwkHs9sYu9i5OIQEvjEKLF9w01WmMTzG+ugEt8ZJZa+/8AK4RxhlJj/dj8L hPOCUaJtzhSwDIvABGaJ7y0NjBCZqUwSX942skE4jxglrq76ywQymU1AR+L8+U5mEFtEIFPi YtssdhBbWEBX4tipd4wQcT2Jc2sesUPYRhL99/aBxVkEVCV2tm0D6+UViJGY8LcH6qg2Rol5 u36Cnc4pECZxsPEFWBGjgJjE91NrwBYzC4hL3HoynwniPQGJJXvOM0PYohIvH/9jhaiPlvi3 qQ8aBAoSn94+YoSwZSUuze+GsvexS8ycBGXrSnyYOhVqjq/E5kUvmUEOkhA4zihx89l0oEEc QI6WxLZXUDXZEteOXGGHsHMkLp9dzzqB0XgWkvMg7HyJe0vmMc4C+1NQ4uTMJywQcS2JeQ2/ oWoUJaZ0P2SHsDUlrkw+BGVrSyxb+Jp5ASP7KkaFktLi4tyS/NKSxIJUA0O94srcZBCRCExW yXrJ+bmbGMEJq85wB+OjDT6HGAU4GJV4eKf/WBAtxJpYBlR5iFGCg1lJhJczByjEm5JYWZVa lB9fVJqTWnyIUZqDRUmcV5a1JFpIID2xJDU7NbUgtQgmy8TBKdXAKLnjl9u+oPNzVHK6brO/ ORwiaXpotcoCk8lfKj3UGU0MvYX3tvCxSy35XhhjX/X3jshVOwfBl8Ub/jCfZeboOa9mrBui Ei0ja+tcvf2ghpXswx+TDfeHv7B2PSOSdcQxcvHvrdftP0su426fuGqX0I3yoI0pm4xvPl5b /P3m0Z+7+JZfbOzZpMRSnJFoqMVcVJwIANC/DK5UAwAA X-Brightmail-Tracker: H4sIAAAAAAAAA02SbUhTYRTHeXbv3e6GwnW9eFIKGxSlzjdC/WCiReCHIi0SdEJNvehw07Hd mUKwKTLyNVGnuHTTmFFDNAwlSyyXlgo6TYtKMpySrlhqCcNMadvdh748/M7//J9zzvNwSEz4 kAghZcUMrSqWykVcAS6IrOSI2/jdkpi5waDE1c4uInFqychNXH3xh5uCpQ0bv/DSqsZdRJrF sstJx7IFSfm0XFZKq6KTbwkKTSMbuHK+BpUNzli4OmTW1iA+CdQ5WP/Yx6tBAlJIuRH0bG4R bDCOwOx6ibPBBgJ9R4svg1ONGLirdIjNGDiw46rgsoEDwXvrPsdbmUtFgt1ejXn5MCWDeb2R 5+VDlBjeTP9ErB4Fs70OHstxcG951Kfj1CkY1g/57gZSOdC4X+cfSo/A9HyX8Cb4VCaMVWz4 TIg6Cu7pXl9jjAqGz2tmDvs8CiwjdozlI+BcPSBYvwQOBhoIVg+DXy4HYvk4vDPX+nmUB+1N fhbDlsHgr3MFnj5wYt6BgHqL4NO3Nk8h0hOEw9B3v6cIPowv8liWw8JMv7/XCbDWr+Ds3ccY TDisqBFFG/+bm+USWLaYkNH3AUEw1b6Gs3o4mHR7fs9JaKld4bF8FhabbX6OgIfdP7AuxLOi MEajVisYBSOVKmUxcVHqckWe95B61iovKq9EMYB8i3Xx2DNk+3vZhigSiQICy3a6JEJCWupx 2lAoiYuCAy/psyRCqkDK0EU0raRVN1UaOa22IQ7JD9EhwdW2r68ZrRYnmMF87HSNcDKj8NXm 4g3D7EBWSsd6Zf39nrpQeju0NbkpoWDz2nnz9aHb2ur0skcyQ4MzMwNzLiRo7S3rZ9ypd5fc EbFJY9lP7uTuGMUaYWq/6vd2vGJP1jd3YbLTGZQUIVSa0pm+1qaF3IA4TU5AeXNv/IQIVxdK Y8MxlVr6D0L18hE5AwAA X-CFilter-Loop: TUS04 Archived-At: Subject: Re: [Cacao] [EXT] Re: Other thoughts X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 14:20:13 -0000 --_000_MWHPR16MB0093AF2C1759098B1B1A7EC4ED1D0MWHPR16MB0093namp_ Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: base64 UWluLA0KDQoNClRoYW5rIHlvdSBmb3IgeW91ciByZXNwb25zZSBhbmQgcXVlc3Rpb24uICBUaGUg cmVhc29uIHdlIGhhdmUgc2VsZWN0ZWQgdGhlIEN5YmVyIFNlY3VyaXR5IFNjZW5hcmlvIGlzIHRo YXQgaXQgaXMgYW4gYXJlYSB0aGF0IHRoZSBhdXRob3JzIGFuZCBjb250cmlidXRvcnMgdW5kZXJz dGFuZCByZWFsbHkgd2VsbCBhbmQgd2hlcmUgd2Uga25vdyB0aGF0IHRoZXJlIGlzIG5vIGV4aXN0 aW5nIHNvbHV0aW9uIHRoYXQgd2lsbCB3b3JrLiAgV2UgYWxzbyBkbyBub3Qgd2FudCB0byBib2ls IHRoZSBvY2Vhbi4gV2Ugd2FudCB0byBnZXQgYSBzb2x1dGlvbiBkb25lIHF1aWNrbHkgYW5kIGdl dCBpdCBhZGFwdGVkIGVuIG1hc3MuIFRoaXMgYWxzbyBtZWFucyB0aGF0IHdlIGRvIG5vdCBwbGFu IG9uIGRvaW5nIGV2ZXJ5dGhpbmcgaW4gdGhlIGZpcnN0IHJlbGVhc2UuIEl0IGlzIG1vcmUgaW1w b3J0YW50IHRoYXQgd2UgZ2FpbiBhZG9wdGlvbiB0aGFuIHByb2R1Y2UgdGhlIG1vc3QgcGVyZmVj dCBzdGFuZGFyZC9zcGVjaWZpY2F0aW9uLg0KDQoNCkEgbG90IG9mIHRoZSBkZXNpZ24gd29yayB0 aGF0IHdlIG5lZWQgdG8gZG8gZm9yIHRoaXMgdG8gYWN0dWFsbHkgd29yayBpbiBwcmFjdGljZSBj b3VsZCBlYXNpbHkgYmUgYWRhcHRlZCBpbiB0byBvdGhlciBhcmVhcy4gIEFuZCBJIGFtIHN1cmUg b3RoZXJzIHdpbGwgdGFrZSB0aGlzIHdvcmsgYW5kIHVzZSBpdCBmb3IgdGhpbmdzIGxpa2Ugb3V0 c2lkZSBvZiB0aGUgQ3liZXIgZG9tYWluLCBhcyB5b3UgaGF2ZSBzdWdnZXN0ZWQuDQoNCg0KSSB3 b3VsZCBsb3ZlIHRvIGhhdmUgeW91IGhlbHAgb3V0LiBQbGVhc2UgbGV0IG1lIGtub3cgaWYgdGhl cmUgaXMgYW55dGhpbmcgSSBjYW4gZG8gdG8gaGVscCBlbmFibGUgeW91IHRvIGNvbnRyaWJ1dGUg dG8gdGhpcyB3b3JrLg0KDQoNClRoYW5rcw0KDQpCcmV0DQoNCg0KX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX18NCkZyb206IENhY2FvIDxjYWNhby1ib3VuY2VzQGlldGYub3JnPiBvbiBi ZWhhbGYgb2YgUWluIFd1IDxiaWxsLnd1QGh1YXdlaS5jb20+DQpTZW50OiBNb25kYXksIFNlcHRl bWJlciAxNywgMjAxOCA4OjIxOjAyIFBNDQpUbzogQnJldCBKb3JkYW47IGNhY2FvQGlldGYub3Jn DQpTdWJqZWN0OiBbRVhUXSBSZTogW0NhY2FvXSBPdGhlciB0aG91Z2h0cw0KDQoNCkludGVyZXN0 aW5nIGlkZWEsIEkgYW0gd29uZGVyaW5nIHdoeSB0aGlzIGlkZWEgaXMgcmVzdHJpY3RlZCB0byBj eWJlciBzZWN1cml0eSBzY2VuYXJpb3MsICBJIHRoaW5rIGl0IGlzIGFsc28gYXBwbGljYWJsZSB0 byBWUE4gc2VydmljZSBkZWxpdmVyeSBzY2VuYXJpbywNCg0KDQoNClRoZSBlc3NlbmNlIG9mIHRo aXMgaWRlYSBpcyB3b3JrIGZsb3cgbWFuYWdlbWVudCwgcHJvY2VzcyBtYW5hZ2VtZW50LCBhY3Rp dml0eSBtYW5hZ2VtZW50LCBzbyB5b3Ugb3JnYW5pemUgYSBzZXF1ZW5jZSBvZiBwcm9jZXNzIG9y IHRhc2tzIHVzaW5nDQoNCldvcmsgZmxvdyB0ZW1wbGF0ZSwgc28geW91IGNhbiBzZXR1cCBpdCBh cyBhIHNpdHVhdGlvbiwgbW9uaXRvcmluZyBpdCwgb3B0aW1pemVkIGl0Lg0KDQoNCg0KSW4gVlBO IHNlcnZpY2UgZGVsaXZlcnkgc2NlbmFyaW8sIEkgY2FuIGRlZmluZSBOZXR3b3JrIGNvbm5lY3Rp dml0eSBzZXR1cCBhcw0KDQphIEV2ZW50LCBJbiB0aGlzIGV2ZW50LCB0aGUgbWFuYWdlZCBvYmpl Y3QgaXMgbmV0d29yayBjb25uZWN0aXZpdHksIHdoZW4gbmV0d29yayBjb25uZWN0aXZpdHkgZ2V0 cyBzZXR1cCwgSXQgd2lsbCB0cmlnZ2VyIGFub3RoZXIgZXZlbnQsIGkuZS4sIGNvbm5lY3Rpdml0 eSBzZXJ2aWNlIHBlcmZvcm1hbmNlDQoNCm1vbml0b3JpbmcsIHdoZW4gbmV0d29yayBwZXJmb3Jt YW5jZSBwYXJhbWV0ZXIgc3VjaCBhcyBkZWxheSBvciBwYWNrZXQgbG9zcyBleGNlZWQgc29tZSB0 aHJlc2hvbGQsIEl0IGNhbiB0cmlnZ2VyIGFub3RoZXIgZXZlbnQgb3IgYWN0aW9uLCB0byBwZXJm b3JtIG5ldHdvcmsgb3B0aW1pemF0aW9uLg0KDQoNCg0KU28gd2hhdCBJIGxpa2UgdG8gc2VlIGEg Y3VycmVudCBldmVudCB0cmlnZ2VyaW5nIGFub3RoZXIgZXh0ZXJuYWwgZXZlbnQsIGFjdGlvbiBh bmQgbWFuYWdlZCBvYmplY3QgaXMgcGFydCBvZiBldmVudCwgaW4gVlBOIHNlcnZpY2UgZGVsaXZl cnkgc2NlbmFyaW8sIHdlDQoNCkNhbiBlc3RhYmxpc2ggY29ubmVjdGlvbiBiZXR3ZWVuIG5ldHdv cmsgc2VydmljZSBtb25pdG9yaW5nIGFuZCBuZXR3b3JrIHNlcnZpY2UgcHJvdmlzaW9uIGFuZCB0 aGVyZWZvcmUgd2UgY2FuIGhhdmUgZnVsbCBsaWZlY3ljbGUgIG1hbmFnZW1lbnQgb24gVlBOIHNl cnZpY2UsIGF1dG9tYXRlDQoNCk5ldHdvcmsgbWFuYWdlbWVudC4gSSB0aGluayBvcGVyYXRpb24g YXJlYSBkZWZpbml0ZWx5IHRoaXMgY2FwYWJpbGl0eSwgZnVuY3Rpb24sIHJpZ2h0IG5vdyBORVRD T05GL1lBTkcgZG9lc26hr3QgcHJvdmlkZSBzdWNoIGNhcGFiaWxpdHkuDQoNCg0KDQpPbmUgbGlt aXRhdGlvbiBvZiBORVRDT05GIGVkaXQtY29uZmlnIG9wZXJhdGlvbiBpcyBkZXNjcmliZWQgaW4g UkZDNjI0MToNCg0KobANCg0KSWYgdGhlIDxlZGl0LWNvbmZpZz4gb3BlcmF0aW9uIGNvbnRhaW5z IG11bHRpcGxlIHN1Yi1vcGVyYXRpb25zDQoNCiAgICAgIHRoYXQgYXBwbHkgdG8gdGhlIHNhbWUg Y29uY2VwdHVhbCBub2RlIGluIHRoZSB1bmRlcmx5aW5nIGRhdGENCg0KICAgICAgbW9kZWwsIHRo ZW4gdGhlIHJlc3VsdCBvZiB0aGUgb3BlcmF0aW9uIGlzIHVuZGVmaW5lZCAoaS5lLiwNCg0KICAg ICAgb3V0c2lkZSB0aGUgc2NvcGUgb2YgdGhlIE5FVENPTkYgcHJvdG9jb2wpLg0KDQoNCg0KobEN Cg0KSSB0aGluayB0aGUgcmVhc29uIGlzIGJlY29zIE5FVENPTkYgbGFjayBwcm9jZXNzIG1hbmFn ZW1lbnQgY2FwYWJpbGl0eS4NCg0KDQoNCi1RaW4NCg0Kt6K8/sjLOiBDYWNhbyBbbWFpbHRvOmNh Y2FvLWJvdW5jZXNAaWV0Zi5vcmddILT6se0gQnJldCBKb3JkYW4NCreiy83KsbzkOiAyMDE4xOo5 1MIxOMjVIDg6MjcNCsrVvP7IyzogY2FjYW9AaWV0Zi5vcmcNCtb3zOI6IFtDYWNhb10gT3RoZXIg dGhvdWdodHMNCg0KDQoNCkFsbCwNCg0KDQoNCkkgaGF2ZSBoZWFyZCBmcm9tIHRocmVlIHBlb3Bs ZSBzbyBmYXIsIHdoYXQgZG8gb3RoZXJzIHRoaW5nIGFib3V0IHRoZSBkcmFmdCBhbmQgdGhpcyBw cm9wb3NlZCB3b3JrPw0KDQoNCg0KDQoNClRoYW5rcywNCg0KQnJldA0KDQpQR1AgRmluZ2VycHJp bnQ6IDYzQjQgRkM1MyA2ODBBIDZCN0QgMTQ0NyAgRjJDMCA3NEY4IEFDQUUgNzQxNSAwMDUwDQoN CiJXaXRob3V0IGNyeXB0b2dyYXBoeSB2aWh2IHZpdmMgY2UgeGhybnJ3LCBob3dldmVyLCB0aGUg b25seSB0aGluZyB0aGF0IGNhbiBub3QgYmUgdW5zY3JhbWJsZWQgaXMgYW4gZWdnLiINCg0KDQo= --_000_MWHPR16MB0093AF2C1759098B1B1A7EC4ED1D0MWHPR16MB0093namp_ Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Qin,


Thank you for your response and q= uestion.  The reason we have selected the Cyber Security Scenario is t= hat it is an area that the authors and contributors understand really = well and where we know that there is no existing solution that will work.  We also do not want to boil the ocean. We w= ant to get a solution done quickly and get it adapted en mass. This also me= ans that we do not plan on doing everything in the first release. It is mor= e important that we gain adoption than produce the most perfect standard/specification. 


A lot of the design work tha= t we need to do for this to actually work in practice could easil= y be adapted in to other areas.  And I am sure others will take this w= ork and use it for things like outside of the Cyber domain, as you have suggested.  


I would love to have you help out= . Please let me know if there is anything I can do to help enable you to co= ntribute to this work.


Thanks

Bret



From: Cacao <cacao-bounc= es@ietf.org> on behalf of Qin Wu <bill.wu@huawei.com>
Sent: Monday, September 17, 2018 8:21:02 PM
To: Bret Jordan; cacao@ietf.org
Subject: [EXT] Re: [Cacao] Other thoughts
 

Intere= sting idea, I am wondering why this idea is restricted to cyber security sc= enarios,  I think it is also applicable to VPN service delivery scenario,

 =

The es= sence of this idea is work flow management, process management, activity ma= nagement, so you organize a sequence of process or tasks using

Work f= low template, so you can setup it as a situation, monitoring it, optimized = it.

 =

In VPN= service delivery scenario, I can define Network connectivity setup as

a Even= t, In this event, the managed object is network connectivity, when network = connectivity gets setup, It will trigger another event, i.e., connectivity service performance

monito= ring, when network performance parameter such as delay or packet loss excee= d some threshold, It can trigger another event or action, to perform network optimization.

 =

So wha= t I like to see a current event triggering another external event, action a= nd managed object is part of event, in VPN service delivery scenario, we

Can es= tablish connection between network service monitoring and network service p= rovision and therefore we can have full lifecycle  management on VPN service, automate

Networ= k management. I think operation area definitely this capability, function, = right now NETCONF/YANG doesn=A1=AFt provide such capability.

 =

One li= mitation of NETCONF edit-config operation is described in RFC6241:

=A1=B0=

If the <edit-config> operation contains multiple sub-operations

   &= nbsp;  that apply to the same conceptual node in the underlying data

   &= nbsp;  model, then the result of the operation is undefined (i.e.,

   &= nbsp;  outside the scope of the NETCONF protocol).

 

=A1=B1=

I thin= k the reason is becos NETCONF lack process management capability.

 =

-Qin

=B7=A2=BC=FE=C8=CB: Cac= ao [mailto:cacao-bounces@ietf.org] =B4=FA= =B1=ED Bret Jordan
=B7=A2= =CB=CD=CA=B1=BC=E4: 2018=C4=EA9=D4=C218=C8=D5 8:27
=CA=D5=BC=FE=C8=CB: cacao@ietf.org
=D6=F7=CC=E2: [Cacao] Other thoughts

 

All,

 

I have heard from three peopl= e so far, what do others thing about the draft and this proposed work?

 

 

Thanks,

Bret

PGP Fin= gerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

"W= ithout cryptography vihv vivc ce xhrnrw, however, the only thing that can n= ot be unscrambled is an egg."

 

--_000_MWHPR16MB0093AF2C1759098B1B1A7EC4ED1D0MWHPR16MB0093namp_-- From nobody Tue Sep 18 07:22:13 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10B9B130E27 for ; Tue, 18 Sep 2018 07:22:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.31 X-Spam-Level: X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symantec.com header.b=GcNzkg7W; dkim=pass (1024-bit key) header.d=symantec.com header.b=cvBIIdTW Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lHw9f5aOfzFS for ; Tue, 18 Sep 2018 07:22:09 -0700 (PDT) Received: from asbsmtoutape01.symantec.com (asbsmtoutape01.symantec.com [155.64.138.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B21B0130DC1 for ; Tue, 18 Sep 2018 07:22:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; d=Symantec.com; s=2; c=relaxed/simple; q=dns/txt; i=@Symantec.com; t=1537280527; x=2401194127; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=zxDBw5RXvhFBxGFHM/K+p8OpC5KSiBW8zPKSYrCuYlk=; b=GcNzkg7Wfdm6/Y9SOr0nIJWUkdjm8bL+zYiYj2Tdi5lAJkMctw4hLHAbYLvqJjT8 zfiBLpNM/Tkh18nH3Vj0Z3hdULVUdf/q1NB/mfSDniXSOVyeDqR2mgPQy1j9rUMw GzlfoUs6yYUOwHlufpelv4MlOyFu7kp9/+wYzqM4vSU=; Received: from asbsmtmtaapi02.symc.symantec.com (asb1-f5-symc-ext-prd-snat9.net.symantec.com [10.90.75.9]) by asbsmtoutape01.symantec.com (Symantec Messaging Gateway) with SMTP id 09.80.18127.F0A01AB5; Tue, 18 Sep 2018 14:22:07 +0000 (GMT) X-AuditID: 0a5af819-7ead29e0000146cf-22-5ba10a0fea5d Received: from TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (asb1-f5-symc-ext-prd-snat6.net.symantec.com [10.90.75.6]) by asbsmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 1B.08.63223.E0A01AB5; Tue, 18 Sep 2018 14:22:07 +0000 (GMT) Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (10.44.91.33) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 18 Sep 2018 07:22:05 -0700 Received: from NAM04-SN1-obe.outbound.protection.outlook.com (10.44.128.1) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Tue, 18 Sep 2018 07:22:05 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symantec.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=coVnO27LGnK2SB+EaLdSq9UUtNWJKcXw/ZzT6vc29Mw=; b=cvBIIdTW6de1goZSc62ad/nlhDbOIkEZkzSs7v5jzwHTXzIlypC2g2Ur8l/K3pdnYJToGNDxfcvpBjwV1o0F3iufgwGpM8rl9sKauwDDkQQu1u5Q5g7/To24ISrb/BpzOwDvR/2kGjzcd38Wh/t9BOyaUu+JOxFQ5kzN/pBTF24= Received: from MWHPR16MB0093.namprd16.prod.outlook.com (10.172.101.148) by MWHPR16MB1760.namprd16.prod.outlook.com (10.172.60.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.18; Tue, 18 Sep 2018 14:22:03 +0000 Received: from MWHPR16MB0093.namprd16.prod.outlook.com ([fe80::fd13:abfe:ca51:d345]) by MWHPR16MB0093.namprd16.prod.outlook.com ([fe80::fd13:abfe:ca51:d345%5]) with mapi id 15.20.1143.017; Tue, 18 Sep 2018 14:22:03 +0000 From: Bret Jordan To: "Carolin.Baumgartner@interdiscount.ch" , "bill.wu@huawei.com" , "jordan.ietf@gmail.com" , "cacao@ietf.org" Thread-Topic: [EXT] Re: [Cacao] Other thoughts Thread-Index: AQHUTvZLNfTQNstpJE+kSmX9e+414qT1qnwAgABtEUc= Date: Tue, 18 Sep 2018 14:22:03 +0000 Message-ID: References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> , <20f05ea185424c159e4422046e5fc6d8@SVRM2EX2K13N05.hs.coop.ch> In-Reply-To: <20f05ea185424c159e4422046e5fc6d8@SVRM2EX2K13N05.hs.coop.ch> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Bret_Jordan@symantec.com; x-originating-ip: [155.64.38.75] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR16MB1760; 6:JZB53uC+B66HPcXd7+BzTweAXAaammrfSdc77MCZWC44sNo3N6+uir1gTSHxMk+DZrP2d0eg+bI0P7jcUnKk+2o0m/Vs1DI76J9Ez0tDvtcmQqJ6Bi5hHZjB77jNRcUA48x3zh6Tz3/NzFfNe5aruIcN8K5F0Vl3Zty/M3ncr2QQo1pAHIjxi2i5M5O5fDxD99dXyRYDY+gsQ9Ko8DHRYFmM+pVYXEb7+RCj0H/+V6lUMUQmKiN8/LpEHTnsghJKnY7spNSN3kjGs0Fje/+jftaY3Q9FtaIh7UWmhMagxeYsxAEI/TJWKDRdyMfUDPnYzibMbOSRvgtLe1wi6hadEc3Ogtip88z31UdD1cRohEZo6YJ2Qld0D87w/kP6HF5m13wzbZNENpT6ld9vhls/tBJLKqhl/cfbc6y4O2ggyE37IcyUcY38nOquika4OGGRaWTqs7lS/wiPOvOic5b9rQ==; 5:1kQ9NjfFAXcukhEgYJTgLM1jffSq0yptkULrb27SSHoo/zp6d8/3sBXAmG/NdYMtRzcmSFtoImCUORAr0OFAA3saN9mC/avnUKsl7ovuYBUY4eleCzJKpUvlGD9aKLv6cK2vgYvddpA862GzRfvYGIrJslXbQOcK/JG66qHUhpA=; 7:7Cke/hpH1atSUK4leX9Wyx7AFKi8rFjj/zPqLap4YS/SUTXLMy8qjerjhue5WXy98mRMunTrPOGkN+d+75RjdG9mixhKIk2I+990QHS0zYSdMhN4vDQbt44prCF42pqZ+Q0prdUiNZsRn7REefzevwK5PxvEfCtwWlhz1/iDvbjZrvdehCuyv6bjvratYP4K8UVzqQsUWe+EgozuG0bDrA0qEK5g69MUJQFrej0gJoD1dFvzC5eyLh7s+IP0VsXQ x-ms-exchange-antispam-srfa-diagnostics: SOS; x-ms-office365-filtering-correlation-id: 68293c24-82df-4c74-75a2-08d61d721b31 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:MWHPR16MB1760; x-ms-traffictypediagnostic: MWHPR16MB1760: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(72170088055959)(192374486261705)(50582790962513)(85827821059158); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3231355)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(149027)(150027)(6041310)(20161123564045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(201708071742011)(7699050); SRVR:MWHPR16MB1760; BCL:0; PCL:0; RULEID:; SRVR:MWHPR16MB1760; x-forefront-prvs: 0799B1B2D7 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(396003)(346002)(366004)(376002)(39860400002)(199004)(189003)(14444005)(68736007)(256004)(6436002)(2501003)(478600001)(11346002)(446003)(66066001)(19627235002)(16234385003)(5250100002)(2900100001)(316002)(19627405001)(10290500003)(33656002)(25786009)(476003)(99286004)(6606003)(7696005)(2906002)(76176011)(486006)(86362001)(80792005)(3846002)(74316002)(106356001)(26005)(7736002)(110136005)(97736004)(105586002)(53936002)(186003)(81166006)(81156014)(39060400002)(8676002)(2201001)(6246003)(102836004)(9686003)(5660300001)(54896002)(6116002)(53546011)(14454004)(6506007)(72206003)(236005)(55016002)(229853002)(8936002)(9010500006); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR16MB1760; H:MWHPR16MB0093.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: +Fx+nL/uS0JUBUzpW2rzxDF06Kuda40vtkFeqrUUNJz1zI3XLPNrCARaNCtVMSiGSnndX9C2a6Qd/4W/2qxfggRuezSJCl512Xq7I48OMdivrAAG+N97DVVJXEh3sJ+g8FLs/PJCQOxTPrUZq2vLwA3SYOMWeUwKYdtmsgfigdky9JLBKqc32JMzdI9XDkiyKhxo6hG7XDKtP9xFqK6JMJiSqPFxWVajO5Ly106Uq8aHdeAf8EWU5jiU3qsqbYlxbOyqJCRlvxtDHHVp4gcKOkOOjUd4DN8MgXpFFH5LPuoHNexJ4n2tgYdWPr/ImTGuWTZLDeOG3wKaltqu/4ig0W962+g/Y6SbyON19JIbw8g= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_MWHPR16MB0093EAE9320000E9B807B9F4ED1D0MWHPR16MB0093namp_" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 68293c24-82df-4c74-75a2-08d61d721b31 X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2018 14:22:03.7826 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR16MB1760 X-OriginatorOrg: symantec.com X-Brightmail-Tracker: H4sIAAAAAAAAA01Sa0hTYRjuO5edbTQ7mumrEtlASktTkpISC6KaaKR/ilyQJ3dQcTrZVDSM lmR5I01n6NDUmiZiUTNK85bDzJk0ZmKaRTgvJaZmhpcUye1M6M/H87zP8z3f+368fNzJRLrz 45NSWGUSIxfzhIQwKkzgu0NYI/Vf7MeDxiurySDjqJYXVJMzgAWNt/7lnSQkLdqvlORW9ywp 0elWMUlX6wAZQUQJg2WsPD6NVR4KiRbGlTXPkMkF91B69tRNTI0+ZqM8JOADHQj5s+14HhLy negFBH0FampLmO59TXHCEoLibwWII90ICrKe28kPBJMNK5iVEHQRDg3lrfYwDQZLbW9IjlgQ 6Ief8qzJPPogmEy5NpczPYTgT6EZtwo7aV/o6Zuz9eVM+8GHRgvF4WNQMr+OWTFBe0HdXL3N L6Ivw8jIY4J74S2CtiYzYRUEdChMjS3aMKJdYLmv0XYZp13h80QVxs1Hg67NhHN4F0yPb5Cc Xwob+rskV/eE37MW+0fthoGqfNvUQHdQkDPcbTf5wq/SUnvQOZjvf4hzpncIbs+U8DjBB3Lb jfakBGiq7SC2sNkwiBWhw9r/GuSwAnqaFpDWNqkjGMsnCK7uAw/Ua3bPXtDkj1Ec9obBEoMd H4C6mhm8GlENyJNRXVUlpihSU5hk1j/AT5WRGGM9mM0li/GLUSTqkW3NVtyaUXdvuAHRfCTe LsparZY6kUzaptOAgI+LnUUC+WZJJGMyrrFKxRVlqpxVGZAHnxC7ivTLKqkTHcuksAksm8wq t1SML3BXo3rLs/B9jnuysAuhGp1AceLi+/Nupx6pM46e/qQpley4P7BfltnTKZB5HdkYvzRU sR7iQL3UGKuuP4l0yfweme5gLKyomvQs7t/mvlZ25vhSvKO2Iro4KVHidgM6Gd2rL6IXZo/R 2NrQn4YIuXdLhvlsYFnUncouWVhrCBW8KJWLCVUcE+CDK1XMP0p7xmdiAwAA X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrMKsWRmVeSWpSXmKPExsXCFeXNpsvPtTDaYLGixeO5C1gtTt6exWax sOMSk8Xj3b/YHFg8ds66y+7RcuQtq8eSJT+ZPA7uvsQawBLFZZOSmpNZllqkb5fAlTFjx2vW gp6JjBWtzxqZGhgvtzJ2MXJySAiYSLw8sYu9i5GLQ0jgG6PEpPs9jBDOEUaJnqaNUM4LRomn q34wgTgsAhOYJVbN3M0MkZnCJPFtzwFWCOcRo8SmG+vYQCazCehInD/fCVYlInCNUeJL/0Vm kISwgK7EsVPvwNaLCOhJnFvziB3CtpKY/P4PE4jNIqAqsezdCrB6XoEYiZs3l7NAbDjKKLFn 80UWkASngKfEs4efwWxGATGJ76fWgDUzC4hL3HoynwniPwGJJXvOM0PYohIvH/9jhaiPlvi3 qY8VIq4g8entI2h4yEpcmt8N9rWEwD52iY4bR6CKdCU+TJ0KNchX4v2ZRcwQRccZJdpeT2aD SGhJdO49CTUpW2Lz0n0sMPbFQ1egLpKTWNX7kAWieSWzxMmPT9kmMOrPQnI5hJ0vcWzzR8ZZ 4CAQlDg58wkLRFxLYl7Db6gaRYkp3Q/ZIWxNiSuTD0HZ2hLLFr5mXsDIvopRIbE4qTi3JLck MbEg08BIr7gyNxlEJALTWLJecn7uJkZwKvstvoPx3B+fQ4wCHIxKPLwXvi2IFmJNLAOqPMQo zcGiJM4rXBQZLSSQnliSmp2aWpBaFF9UmpNafIiRiYNTqoFxebNMiPme/NZfLZ/4L397t03o 7N2ZOUuNjha+EqrMuq99Y20hj82TNvvFG3T4vi6e/OZQ63KBrs8djQdVFJbK2Z2pf7BphUvo 7Mc7173cx/tKl0NY6fzVY5nK4QfdZ+k8qWexOB1qsFDml0N4fLreNaEJYrZ3p6+6sdJpQY98 WMdy+bC/1o/qlFiKMxINtZiLihMBWyp7U0YDAAA= X-CFilter-Loop: ASB04 Archived-At: Subject: Re: [Cacao] [EXT] Re: Other thoughts X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 14:22:11 -0000 --_000_MWHPR16MB0093EAE9320000E9B807B9F4ED1D0MWHPR16MB0093namp_ Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: base64 Q2Fyb2xpbiwNCg0KDQpJIGFncmVlLiAgV2UgbmVlZCB0byBlbnN1cmUgdGhhdCB0aGlzIGlzIHNp bXBsZSB0byB1bmRlcnN0YW5kIGFuZCBlYXN5IHRvIGltcGxlbWVudC4NCg0KDQpCcmV0DQoNCl9f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpGcm9tOiBDYWNhbyA8Y2FjYW8tYm91bmNl c0BpZXRmLm9yZz4gb24gYmVoYWxmIG9mIENhcm9saW4uQmF1bWdhcnRuZXJAaW50ZXJkaXNjb3Vu dC5jaCA8Q2Fyb2xpbi5CYXVtZ2FydG5lckBpbnRlcmRpc2NvdW50LmNoPg0KU2VudDogVHVlc2Rh eSwgU2VwdGVtYmVyIDE4LCAyMDE4IDE6NTA6MDIgQU0NClRvOiBiaWxsLnd1QGh1YXdlaS5jb207 IGpvcmRhbi5pZXRmQGdtYWlsLmNvbTsgY2FjYW9AaWV0Zi5vcmcNClN1YmplY3Q6IFtFWFRdIFJl OiBbQ2FjYW9dIE90aGVyIHRob3VnaHRzDQoNCg0KSGkgUWluDQoNCg0KDQpJIHRoaW5rIHdlIHNo b3VsZCBub3QgbWFrZSB0aGlzIHRvbyBiaWcsIG90aGVyd2lzZSBpdCB3aWxsIGJlIGhhcmRlciB0 byBpbXBsZW1lbnQuIEp1c3QgbXkgNSBjZW50cw0KDQoNCg0KYmVzdCByZWdhcmRzDQpDYXJvbGlu DQoNCg0KDQpGcm9tOiBDYWNhbyBbbWFpbHRvOmNhY2FvLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJl aGFsZiBPZiBRaW4gV3UNClNlbnQ6IFR1ZXNkYXksIFNlcHRlbWJlciAxOCwgMjAxOCA0OjIxIEFN DQpUbzogQnJldCBKb3JkYW4gPGpvcmRhbi5pZXRmQGdtYWlsLmNvbT47IGNhY2FvQGlldGYub3Jn DQpTdWJqZWN0OiBSZTogW0NhY2FvXSBPdGhlciB0aG91Z2h0cw0KDQoNCg0KSW50ZXJlc3Rpbmcg aWRlYSwgSSBhbSB3b25kZXJpbmcgd2h5IHRoaXMgaWRlYSBpcyByZXN0cmljdGVkIHRvIGN5YmVy IHNlY3VyaXR5IHNjZW5hcmlvcywgIEkgdGhpbmsgaXQgaXMgYWxzbyBhcHBsaWNhYmxlIHRvIFZQ TiBzZXJ2aWNlIGRlbGl2ZXJ5IHNjZW5hcmlvLA0KDQoNCg0KVGhlIGVzc2VuY2Ugb2YgdGhpcyBp ZGVhIGlzIHdvcmsgZmxvdyBtYW5hZ2VtZW50LCBwcm9jZXNzIG1hbmFnZW1lbnQsIGFjdGl2aXR5 IG1hbmFnZW1lbnQsIHNvIHlvdSBvcmdhbml6ZSBhIHNlcXVlbmNlIG9mIHByb2Nlc3Mgb3IgdGFz a3MgdXNpbmcNCg0KV29yayBmbG93IHRlbXBsYXRlLCBzbyB5b3UgY2FuIHNldHVwIGl0IGFzIGEg c2l0dWF0aW9uLCBtb25pdG9yaW5nIGl0LCBvcHRpbWl6ZWQgaXQuDQoNCg0KDQpJbiBWUE4gc2Vy dmljZSBkZWxpdmVyeSBzY2VuYXJpbywgSSBjYW4gZGVmaW5lIE5ldHdvcmsgY29ubmVjdGl2aXR5 IHNldHVwIGFzDQoNCmEgRXZlbnQsIEluIHRoaXMgZXZlbnQsIHRoZSBtYW5hZ2VkIG9iamVjdCBp cyBuZXR3b3JrIGNvbm5lY3Rpdml0eSwgd2hlbiBuZXR3b3JrIGNvbm5lY3Rpdml0eSBnZXRzIHNl dHVwLCBJdCB3aWxsIHRyaWdnZXIgYW5vdGhlciBldmVudCwgaS5lLiwgY29ubmVjdGl2aXR5IHNl cnZpY2UgcGVyZm9ybWFuY2UNCg0KbW9uaXRvcmluZywgd2hlbiBuZXR3b3JrIHBlcmZvcm1hbmNl IHBhcmFtZXRlciBzdWNoIGFzIGRlbGF5IG9yIHBhY2tldCBsb3NzIGV4Y2VlZCBzb21lIHRocmVz aG9sZCwgSXQgY2FuIHRyaWdnZXIgYW5vdGhlciBldmVudCBvciBhY3Rpb24sIHRvIHBlcmZvcm0g bmV0d29yayBvcHRpbWl6YXRpb24uDQoNCg0KDQpTbyB3aGF0IEkgbGlrZSB0byBzZWUgYSBjdXJy ZW50IGV2ZW50IHRyaWdnZXJpbmcgYW5vdGhlciBleHRlcm5hbCBldmVudCwgYWN0aW9uIGFuZCBt YW5hZ2VkIG9iamVjdCBpcyBwYXJ0IG9mIGV2ZW50LCBpbiBWUE4gc2VydmljZSBkZWxpdmVyeSBz Y2VuYXJpbywgd2UNCg0KQ2FuIGVzdGFibGlzaCBjb25uZWN0aW9uIGJldHdlZW4gbmV0d29yayBz ZXJ2aWNlIG1vbml0b3JpbmcgYW5kIG5ldHdvcmsgc2VydmljZSBwcm92aXNpb24gYW5kIHRoZXJl Zm9yZSB3ZSBjYW4gaGF2ZSBmdWxsIGxpZmVjeWNsZSAgbWFuYWdlbWVudCBvbiBWUE4gc2Vydmlj ZSwgYXV0b21hdGUNCg0KTmV0d29yayBtYW5hZ2VtZW50LiBJIHRoaW5rIG9wZXJhdGlvbiBhcmVh IGRlZmluaXRlbHkgdGhpcyBjYXBhYmlsaXR5LCBmdW5jdGlvbiwgcmlnaHQgbm93IE5FVENPTkYv WUFORyBkb2VzbqGvdCBwcm92aWRlIHN1Y2ggY2FwYWJpbGl0eS4NCg0KDQoNCk9uZSBsaW1pdGF0 aW9uIG9mIE5FVENPTkYgZWRpdC1jb25maWcgb3BlcmF0aW9uIGlzIGRlc2NyaWJlZCBpbiBSRkM2 MjQxOg0KDQqhsA0KDQpJZiB0aGUgPGVkaXQtY29uZmlnPiBvcGVyYXRpb24gY29udGFpbnMgbXVs dGlwbGUgc3ViLW9wZXJhdGlvbnMNCg0KICAgICAgdGhhdCBhcHBseSB0byB0aGUgc2FtZSBjb25j ZXB0dWFsIG5vZGUgaW4gdGhlIHVuZGVybHlpbmcgZGF0YQ0KDQogICAgICBtb2RlbCwgdGhlbiB0 aGUgcmVzdWx0IG9mIHRoZSBvcGVyYXRpb24gaXMgdW5kZWZpbmVkIChpLmUuLA0KDQogICAgICBv dXRzaWRlIHRoZSBzY29wZSBvZiB0aGUgTkVUQ09ORiBwcm90b2NvbCkuDQoNCg0KDQqhsQ0KDQpJ IHRoaW5rIHRoZSByZWFzb24gaXMgYmVjb3MgTkVUQ09ORiBsYWNrIHByb2Nlc3MgbWFuYWdlbWVu dCBjYXBhYmlsaXR5Lg0KDQoNCg0KLVFpbg0KDQq3orz+yMs6IENhY2FvIFttYWlsdG86Y2FjYW8t Ym91bmNlc0BpZXRmLm9yZ10gtPqx7SBCcmV0IEpvcmRhbg0Kt6LLzcqxvOQ6IDIwMTjE6jnUwjE4 yNUgODoyNw0KytW8/sjLOiBjYWNhb0BpZXRmLm9yZzxtYWlsdG86Y2FjYW9AaWV0Zi5vcmc+DQrW 98ziOiBbQ2FjYW9dIE90aGVyIHRob3VnaHRzDQoNCg0KDQpBbGwsDQoNCg0KDQpJIGhhdmUgaGVh cmQgZnJvbSB0aHJlZSBwZW9wbGUgc28gZmFyLCB3aGF0IGRvIG90aGVycyB0aGluZyBhYm91dCB0 aGUgZHJhZnQgYW5kIHRoaXMgcHJvcG9zZWQgd29yaz8NCg0KDQoNCg0KDQpUaGFua3MsDQoNCkJy ZXQNCg0KUEdQIEZpbmdlcnByaW50OiA2M0I0IEZDNTMgNjgwQSA2QjdEIDE0NDcgIEYyQzAgNzRG OCBBQ0FFIDc0MTUgMDA1MA0KDQoiV2l0aG91dCBjcnlwdG9ncmFwaHkgdmlodiB2aXZjIGNlIHho cm5ydywgaG93ZXZlciwgdGhlIG9ubHkgdGhpbmcgdGhhdCBjYW4gbm90IGJlIHVuc2NyYW1ibGVk IGlzIGFuIGVnZy4iDQoNCg0K --_000_MWHPR16MB0093EAE9320000E9B807B9F4ED1D0MWHPR16MB0093namp_ Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Carolin,


I agree.  We need to ensure = that this is simple to understand and easy to implement. 


Bret


From: Cacao <cacao-bounc= es@ietf.org> on behalf of Carolin.Baumgartner@interdiscount.ch <Carol= in.Baumgartner@interdiscount.ch>
Sent: Tuesday, September 18, 2018 1:50:02 AM
To: bill.wu@huawei.com; jordan.ietf@gmail.com; cacao@ietf.org
Subject: [EXT] Re: [Cacao] Other thoughts
 

Hi Qin

 

I think we should no= t make this too big, otherwise it will be harder to implement. Just my 5 ce= nts

 

best regards
Carolin

 

From: Cacao [mailto:cacao-bounces@ietf.org] On Behalf Of Qin Wu
Sent: Tuesday, September 18, 2018 4:21 AM
To: Bret Jordan <jordan.ietf@gmail.com>; cacao@ietf.org
Subject: Re: [Cacao] Other thoughts

 

Interesting idea, = I am wondering why this idea is restricted to cyber security scenarios,&nbs= p; I think it is also applicable to VPN service delivery scenario,

 

The essence of thi= s idea is work flow management, process management, activity management, so= you organize a sequence of process or tasks using

Work flow template= , so you can setup it as a situation, monitoring it, optimized it.

 

In VPN service del= ivery scenario, I can define Network connectivity setup as

a Event, In this e= vent, the managed object is network connectivity, when network connectivity= gets setup, It will trigger another event, i.e., connectivity service performance

monitoring, when n= etwork performance parameter such as delay or packet loss exceed some thres= hold, It can trigger another event or action, to perform network optimization.

 

So what I like to = see a current event triggering another external event, action and managed o= bject is part of event, in VPN service delivery scenario, we

Can establish conn= ection between network service monitoring and network service provision and= therefore we can have full lifecycle  management on VPN service, automate

Network management= . I think operation area definitely this capability, function, right now NE= TCONF/YANG doesn=A1=AFt provide such capability.

 

One limitation of = NETCONF edit-config operation is described in RFC6241:

=A1=B0

If th= e <edit-config> operation contains multiple sub-operations

    &= nbsp; that apply to the same conceptual node in the underlying data<= /p>

    &= nbsp; model, then the result of the operation is undefined (i.e.,

    &= nbsp; outside the scope of the NETCONF protocol).

 

=A1=B1

I think the reason= is becos NETCONF lack process management capability.

 

-Qin

=B7=A2=BC=FE=C8=CB: Cacao [mailto:cacao-bounces@ietf.org] =B4=FA=B1=ED Bre= t Jordan
=B7=A2=CB=CD=CA=B1=BC=E4: 2018=C4=EA9=D4=C218=C8=D5 8:27
=CA=D5=BC=FE=C8=CB: cacao@ietf.org
=D6=F7=CC=E2: [Cacao] Other thoughts

 

All,

 

I have heard from three peopl= e so far, what do others thing about the draft and this proposed work?

 

 

Thanks,

Bret<= /p>

PGP Fingerprint:&nb= sp;63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

"Without crypt= ography vihv vivc ce xhrnrw, however, the only thing that can not be unscra= mbled is an egg."

 

--_000_MWHPR16MB0093EAE9320000E9B807B9F4ED1D0MWHPR16MB0093namp_-- From nobody Tue Sep 18 07:37:01 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDB5D130E0C for ; Tue, 18 Sep 2018 07:37:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.999 X-Spam-Level: X-Spam-Status: No, score=-0.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2wSDW0KGeKCg for ; Tue, 18 Sep 2018 07:36:58 -0700 (PDT) Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BC9F130DF7 for ; Tue, 18 Sep 2018 07:36:58 -0700 (PDT) Received: by mail-io1-xd32.google.com with SMTP id l7-v6so1728833iok.6 for ; Tue, 18 Sep 2018 07:36:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=pEhMEgAZIdwzXYXjJkrWfs9s9PhHWmYkX1j0FROGx7U=; b=cU+XwqrpwzLoFpgx/ezOC69OuGVccc0HEbvWcwiepvtT4GruLStN3cZoeW2H7T3ZFY D2vl3zWmWwWDV055fvXQXXoLo2rnQc0fpjF99N5xEumytxTDHivjes0wSCWha+uwZb6l OcAQzSuvnUpDAljWbBrOMJr7ZUZcWc51K5sP4+/JX0NFlEBNVSV+dOgho+38f5T2jDC0 PwYRaJQZnkNy8MIfvrwrMOyIVkWAsuX8b8evMePtVxMJ/ev4YgAeqJEtAzY0Lst2DrjL wOOIX2GvWL7Kutu7B/KJkdL/TcnsnjcopWmtdX6IyVBd9vo1Y78I851Dv2jilhlBAvqq 9KQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=pEhMEgAZIdwzXYXjJkrWfs9s9PhHWmYkX1j0FROGx7U=; b=YHJIua8yjTimO8CIiOQac8vQuRsNybDu6gSx0iePgEbOlmIBqHZ2W0lTGXzWuS4kUV cBQr3QVq+RBwo+zgGRmJtMOU/YIEat6cf9VyDRiw5nBROGYCvG7E4sBZQoljx74A0WFt P/vlUqWL8SU89TT5rtMLMww8KaPW6U06oklp+OvoS+S+3MtzOkUqWm8vDQ3Bt4Zfxp9a nI9yi0Kb44PrxBdsCzqPWDPzT56cDL+gEESGfqtIQShBrYLZ7a9EAVbe01mVDrA3N+o6 X/hqhcocW2vXlw/MQTdOfy2IQ/bQfnfLe/C4Sk8uY0ynv1KY98Snluan3/A7pa7x/PVo MT4w== X-Gm-Message-State: APzg51BJ6NMOqWoq/IO7LSSVkZaozxmszp9k0XjAWiQCVRL1A97dIsPQ leBLwgtYBJX0VmK5+Tt5O4laPlPO X-Google-Smtp-Source: ANB0VdZvfQ/1ve6PNHbw6nUDoGrE7ViEJotjg+IhzclsTZwcshrz+/Zhkqp+EKEMHNdok+y9PkXe0w== X-Received: by 2002:a6b:d307:: with SMTP id s7-v6mr23254406iob.190.1537281417630; Tue, 18 Sep 2018 07:36:57 -0700 (PDT) Received: from [172.16.255.50] ([216.194.115.4]) by smtp.gmail.com with ESMTPSA id 14-v6sm4886125itu.20.2018.09.18.07.36.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Sep 2018 07:36:56 -0700 (PDT) From: Bret Jordan Message-Id: <0A62DEC8-812A-40D4-8284-E92B00CE6DB7@gmail.com> Content-Type: multipart/alternative; boundary="Apple-Mail=_78B11AF6-A71A-4BE9-A1AC-EF2B5082E55A" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Tue, 18 Sep 2018 08:36:50 -0600 In-Reply-To: Cc: Kathleen Moriarty , Barry Greene , cacao@ietf.org To: Carolin.Baumgartner@interdiscount.ch References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 14:37:01 -0000 --Apple-Mail=_78B11AF6-A71A-4BE9-A1AC-EF2B5082E55A Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Carolin, That is a great point. If someone wants to do a GAP analysis as a = different document, they are free to do so. We have reviewed the = existing work and there is no single solution today that will solve the = use cases we have and that we need to address for this to work = operationally. No where in the IETF or other SDOs is there a = specification that one could hand to a vendor, organization, or = developer to have them implement and do interoperability with. There are = bits and pieces of lots of standards inside the IETF and outside the = IETF that we will want to use. But in general, we need and want to go = down a different path. Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > On Sep 18, 2018, at 1:48 AM, Carolin.Baumgartner@interdiscount.ch = wrote: >=20 > Hi > =20 > I agree that a gap analysis would be great, but I read this discussion = as "include this in the document that proposes a new approach". If I = read that correctly, I would propose to split that out into two = documents. The reason is that this sounds like a huge monster document, = nobody can digest anymore. I think it would be valuable to have a gap = analysis / motivation type of document and then another one (or several = other ones) describing the new approach. > =20 > best regards > Carolin > =20 > From: Cacao [mailto:cacao-bounces@ietf.org = ] On Behalf Of Kathleen Moriarty > Sent: Tuesday, September 18, 2018 4:12 AM > To: Bret Jordan > > Cc: Barry Greene >; cacao@ietf.org > Subject: Re: [Cacao] CACAO Google Doc > =20 > Hi Brett, > =20 > I do think the gap analysis Barry suggested is an important step for = the authors of this work to pursue. This is important for a few = reasons. The first is that it will familiarize you with the prior work. = I know for RID, it was extensive with many participants. The document = was also republished, so the time span was quite a range as well dating = back to 2000/1. =20 > =20 > On Mon, Sep 17, 2018 at 7:52 PM Bret Jordan > wrote: > Barry, > =20 > We will be working on a list of problem areas that need to be = addressed and the order in which they need to be solved. If you have = specific examples of how certain areas have been solved already and have = design elements we could reuse, please share them. We would love to = reuse as much as possible.=20 > =20 > You may discover this through the gap analysis that was suggested. As = a result of that gap analysis, it will be easier to get others to engage = in your work. For those of us who have done work in this space, having = that acknowledged and then you stating the gap will help us all work = toward a common output. =20 > =20 > As I stated in goal numbers 2, 3, and 5, we need to ensure that this = community has the right people in it, to ensure wide spread adoption. If = this community does not have the right people, then we need to either = recruit them and bring them in to this community or look for the right = community.=20 > =20 > I think through the gap analysis, you'll see the prior work and I = think will find the IETF is the right place. It will be easier to = engage prior authors rather than asking them to do the analysis against = your new effort. It's just the usual pattern we are accustomed to = working in. If you look back at the SACM BoF for instance, you'll see a = gap analysis was requested against several standards including YANG and = NEA among others. =20 > =20 > I am guessing through that work we may figure out that this belongs in = MILE, but could be wrong and the analysis suggested will help with that = determination. > =20 > This work could be very important and I'd like to see the outputs of = that analysis. I suspect others who helped on prior efforts would as = well. Thank you. > =20 > Best regards, > Kathleen > =20 > =20 > I agree that there are far too many standards created that never get = implemented. This is why I also called out the items in goal number 5 = and why we have recruited the authors and contributors that we have.=20 > =20 > =20 > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." >=20 >=20 > On Sep 17, 2018, at 5:37 PM, Barry Greene > wrote: > =20 > Hi Bret, > =20 > I read the initial draft. It is an assertion of a gap without a = quantitative review that there is a gap.=20 > =20 > I hate wasting time in the IETF working on idea that no way to gain = operational traction. This space is overloaded with past efforts. Lets = learn why they did not deploy, find the gaps, then proceed with new = work. > =20 > Barry >=20 > On Sep 18, 2018, at 07:23, Bret Jordan > wrote: >=20 > Barry, > =20 > Thanks for the email. As we stated in our initial draft document=E2=80=A6= > =20 > =E2=80=9CWhile many attempts have been made over the years in the IETF = and other SDOs to address certain elements of this problem space, there = is currently no consolidated and standardized language or means that = would allow cyber actions to be automatically coordinated, sequenced, = processed and shared to enable cyber defenders to respond in machine = relevant time. Some efforts such as BPMN have traditionally focused on = higher-level non-cyber constructs for process definition, and other = efforts like OpenC2 have focused purely on atomic actions, but none have = focused on the overlay processes required for this to be used in a = broader cyber security response use case.=E2=80=9D > =20 > As we work through and call out the problem spaces that need to be = addressed, I would hope that those of you that are interested in this = work will point us to specific elements and specific parts of existing = work that we can use or reuse. Also as we called out in the draft, it is = critical that this work ties in nicely with STIX and TAXII based Cyber = Threat Intelligence. > =20 > The reason we are looking to start some work here in the IETF, is we = feel like this venue might be a good place given the problems we need to = solve and how some groups like SUIT have similar problems they are = trying to solve. However, if this community does not agree that this = work should be done here, that information is also valuable. > =20 > =20 > Our high level initial goals are (I would be curious to know if this = community supports these): > =20 > 1) Identify all of the problem areas that need to be solved for this = to actually work in practice.=20 > =20 > 2) Verify that the IETF is the right SDO in which to do this work > a) Do we have critical mass? > b) Do we have the right people, vendors, analysts, SOC engineers? > c) What is the temperament of this community for this kind of work? > d) Can we do a Bar BOF in Bangkok to gauge the community? > e) If the community is supportive, would a WG forming BOF be an option = in Prague? > =20 > 3) Ensure we have multiple vendors and industry analysts from large = SOCs involved to help ensure that any specification we produce can be = used and implemented en mass. > =20 > 4) Systematically work our way down the list of problem spaces and = look for solutions (taking input from existing work where possible). = Look to having our first implementable draft within 6 months of getting = a WG formed. Release iterative draft releases every few months as we = flesh out more of the problem space. > =20 > 5) Produce a specification and data model for JSON (and CBOR) along = with implementation guides, interoperability guides, proof of concepts, = and other content needed to ensure successful and rapid adopting across = the market. > =20 > =20 > =20 > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." >=20 >=20 > On Sep 17, 2018, at 3:46 PM, Barry Greene > wrote: > =20 > Hello Bret, > =20 > My first suggestion is background work. What you are doing is not new. = Pull in all the previous work, describe pros/cons/deployment, then get = into the gaps which CACAO seeks to fill. > =20 > For example,=20 > =20 > - walk through IODEF (IETF) and explain pros, cons, limitations, and = how CACAO would be different. > - Walk through STIX and do the same > - Walk through DOTs and explain why we could not use DOTS as it is = today (with an update to the schema).=20 > =20 > Barry >=20 > On Sep 18, 2018, at 00:03, Bret Jordan > wrote: >=20 > All, > =20 > As I mentioned in my Welcome message last week, we plan to use Google = Docs to track all comments and suggestions to this draft and any other = drafts that we write for this work. The read-only link for this work can = be found here: > =20 > = https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywiU= Sn2tI/edit# = > =20 > If you want to see comments and suggestions that are being proposed, = or if you want to add your own comments and suggestion, please request = access from within the Google Docs itself.=20 > =20 > =20 > =20 > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." > =20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao = > =20 > =20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao = >=20 > =20 > --=20 > =20 > Best regards, > Kathleen --Apple-Mail=_78B11AF6-A71A-4BE9-A1AC-EF2B5082E55A Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Carolin,

That is a great point.  If someone wants to do a GAP = analysis as a different document, they are free to do so.  We have = reviewed the existing work and there is no single solution today that = will solve the use cases we have and that we need to address for this to = work operationally.  No where in the IETF or other SDOs is there a = specification that one could hand to a vendor, organization, or = developer to have them implement and do interoperability with. There are = bits and pieces of lots of standards inside the IETF and outside the = IETF that we will want to use.  But in general, we need and want to = go down a different path.

Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

On Sep 18, 2018, at 1:48 AM, Carolin.Baumgartner@interdiscount.ch wrote:

Hi
 
I = agree that a gap analysis would be great, but I read this discussion as = "include this in the document that proposes a new approach". If I read = that correctly, I would propose to split that out into two documents. = The reason is that this sounds like a huge monster document, nobody can = digest anymore. I think it would be valuable to have a gap analysis / = motivation type of document and then another one (or several other ones) = describing the new approach.
 
best regards
Carolin
 
From: Cacao [mailto:cacao-bounces@ietf.org] On Behalf = Of Kathleen = Moriarty
Sent: Tuesday, September 18, 2018 = 4:12 AM
To: Bret Jordan <jordan.ietf@gmail.com>
Cc: Barry Greene <barryrgreene@gmail.com>; cacao@ietf.org
Subject: Re: [Cacao] CACAO Google = Doc
 
Hi Brett,
 
I do think = the gap analysis Barry suggested is an important step for the authors of = this work to pursue.  This is important for a few reasons.  = The first is that it will familiarize you with the prior work.  I = know for RID, it was extensive with many participants.  The = document was also republished, so the time span was quite a range as = well dating back to 2000/1.  
 
On Mon, Sep = 17, 2018 at 7:52 PM Bret Jordan <jordan.ietf@gmail.com> = wrote:
Barry,
 
We will be working on a list of problem = areas that need to be addressed and the order in which they need to be = solved. If you have specific examples of how certain areas have been = solved already and have design elements we could reuse, please share = them.  We would love to reuse as much as possible. 
 
You may discover this through the gap = analysis that was suggested.  As a result of that gap analysis, it = will be easier to get others to engage in your work. For those of us who = have done work in this space, having that acknowledged and then you = stating the gap will help us all work toward a common = output.  
 
As I stated in goal numbers 2, 3, and 5, = we need to ensure that this community has the right people in it, to = ensure wide spread adoption. If this community does not have the right = people, then we need to either recruit them and bring them in to this = community or look for the right community. 
 
I think through the gap analysis, you'll = see the prior work and I think will find the IETF is the right = place.  It will be easier to engage prior authors rather than = asking them to do the analysis against your new effort. It's just the = usual pattern we are accustomed to working in. If you look back at the = SACM BoF for instance, you'll see a gap analysis was requested against = several standards including YANG and NEA among others.  
 
I am = guessing through that work we may figure out that this belongs in MILE, = but could be wrong and the analysis suggested will help with that = determination.
 
This work could be very important and = I'd like to see the outputs of that analysis.  I suspect others who = helped on prior efforts would as well.  Thank you.
 
Best = regards,
Kathleen
 
 
I agree that there are far too many = standards created that never get implemented. This is why I also called = out the items in goal number 5 and why we have recruited the authors and = contributors that we have. 
 
 
Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without cryptography vihv vivc ce = xhrnrw, however, the only thing that can not be unscrambled is an = egg."


On Sep 17, = 2018, at 5:37 PM, Barry Greene <barryrgreene@gmail.com> wrote:
 
Hi Bret,
 
I read the initial draft. It is an = assertion of a gap without a quantitative review that there is a = gap. 
 
I hate wasting time in the IETF working = on idea that no way to gain operational traction. This space is = overloaded with past efforts. Lets learn why they did not deploy, find = the gaps, then proceed with new work.
 
Barry


On Sep 18, 2018, at 07:23, Bret = Jordan <jordan.ietf@gmail.com> wrote:

Barry,
 
Thanks for the email. As we stated in = our initial draft document=E2=80=A6
 
=E2=80=9CWhile many attempts have been = made over the years in the IETF and other SDOs to address certain = elements of this problem space, there is currently no consolidated and = standardized language or means that would allow cyber actions to be = automatically coordinated, sequenced, processed and shared to enable = cyber defenders to respond in machine relevant time. Some efforts such = as BPMN have traditionally focused on higher-level non-cyber constructs = for process definition, and other efforts like OpenC2 have focused = purely on atomic actions, but none have focused on the overlay processes = required for this to be used in a broader cyber security response use = case.=E2=80=9D
 
As we work through and call out the = problem spaces that need to be addressed, I would hope that those of you = that are interested in this work will point us to specific elements and = specific parts of existing work that we can use or reuse. Also as we = called out in the draft, it is critical that this work ties in nicely = with STIX and TAXII based Cyber Threat Intelligence.
 
The reason = we are looking to start some work here in the IETF, is we feel like this = venue might be a good place given the problems we need to solve and how = some groups like SUIT have similar problems they are trying to solve. = However, if this community does not agree that this work should be done = here, that information is also valuable.
 
 
Our high level initial goals are (I = would be curious to know if this community supports these):
 
1) Identify = all of the problem areas that need to be solved for this to actually = work in practice. 
 
2) Verify that the IETF is the right SDO = in which to do this work
a) Do we = have critical mass?
b) Do we = have the right people, vendors, analysts, SOC engineers?
c) What is the temperament of this community for this = kind of work?
d) Can we do a Bar BOF = in Bangkok to gauge the community?
e) If the = community is supportive, would a WG forming BOF be an option in = Prague?
 
3) Ensure we have multiple vendors and = industry analysts from large SOCs involved to help ensure that any = specification we produce can be used and implemented en mass.
 
4) = Systematically work our way down the list of problem spaces and look for = solutions (taking input from existing work where possible). Look to = having our first implementable draft within 6 months of getting a WG = formed. Release iterative draft releases every few months as we flesh = out more of the problem space.
 
5) Produce a specification and data = model for JSON (and CBOR) along with implementation guides, = interoperability guides, proof of concepts, and other content needed to = ensure successful and rapid adopting across the market.
 
 
 
Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without cryptography vihv vivc ce = xhrnrw, however, the only thing that can not be unscrambled is an = egg."


On Sep 17, = 2018, at 3:46 PM, Barry Greene <barryrgreene@gmail.com> wrote:
 
Hello Bret,
 
My first suggestion is background work. = What you are doing is not new. Pull in all the previous work, describe = pros/cons/deployment, then get into the gaps which CACAO seeks to = fill.
 
For example, 
 
- walk = through IODEF (IETF) and explain pros, cons, limitations, and how CACAO = would be different.
- Walk through STIX and = do the same
- Walk through DOTs and = explain why we could not use DOTS as it is today (with an update to the = schema). 
 
Barry


On Sep 18, 2018, at 00:03, Bret = Jordan <jordan.ietf@gmail.com> wrote:

All,
 
As I = mentioned in my Welcome message last week, we plan to use Google Docs to = track all comments and suggestions to this draft and any other drafts = that we write for this work. The read-only link for this work can be = found here:
 
 
If you want to see comments and = suggestions that are being proposed, or if you want to add your own = comments and suggestion, please request access from within the Google = Docs itself. 
 
 
 
Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without cryptography vihv vivc ce = xhrnrw, however, the only thing that can not be unscrambled is an = egg."
 
<= div style=3D"margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: = "Times New Roman", serif;" class=3D""> 
 

 
-- 
 
Best regards,
Kathleen
=
= --Apple-Mail=_78B11AF6-A71A-4BE9-A1AC-EF2B5082E55A-- From nobody Tue Sep 18 07:45:33 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9ACD130E42 for ; Tue, 18 Sep 2018 07:45:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.999 X-Spam-Level: X-Spam-Status: No, score=-0.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yuJuPQAE--9D for ; Tue, 18 Sep 2018 07:45:25 -0700 (PDT) Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24D8F130E04 for ; Tue, 18 Sep 2018 07:45:25 -0700 (PDT) Received: by mail-it0-x234.google.com with SMTP id 139-v6so3366956itf.0 for ; Tue, 18 Sep 2018 07:45:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=3SnZQffo/qtWiPqcGuA35Vk19p6urkSyVupVhUFNl6o=; b=CCr/h/YesuYUHS00Z009ASe1uao6Nw/jlkMrjoUTBzPoar193+Fw01Nhk8TXp+vKQo EZk5aDAGScUS1Lx+us/H08cP8SnkNIrx5bOK7Vo82gLe3Q7ome8y1NWrmBBdEmwXsWZZ SgUCQVu7BdWKDOzzoaN/Q7UCHxdy/23dG15BbNKVKWpvc0tqu399SdZt15JK3Zv2MKP9 1mXL/TuyaVIz//RymyUWYaXkRrWZMlPvJE9mPnyDuZS+0oyG51VtjL6fTFgUUVD/PYFd 8R06+8KZsgcMhWoqSSthDjVpcvq0cFsio5tKUMONoV6zD1TCctWeAbyY9W8SF6EA23SX WVIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=3SnZQffo/qtWiPqcGuA35Vk19p6urkSyVupVhUFNl6o=; b=dexiFPjcsvdKtwM5I9wIxyFXv50ByedEDmi/Jyv7GZENs6eObTbGvAl+oibSruN7DF ggADW990MzW7W2dpBKdaofh0V32crEcLpXURIVJQS6jk9z62FoRkaCqjVcxiDRUy/22s 7KOxraK9dEp9eA3Lt3tDO0CY2Ig7oALATYOOeDD2UXDGraeirOWhtSbeAO+Ey2hSNcK7 ZH5U3BmVn2MgM3zf9/tXepZUztLhOc7AJKP3kXYOFv60Ged9ICHUnvgURZJdzhfX1CwA duxWdOIrlFTTLiJw+V20M8ixlf00U2kw3gFhlm0nu6PpwFivzBFkqKgOzsEzIpPKudVe s3tQ== X-Gm-Message-State: APzg51BXdyrVg7yBLmJvsUmyAUCrt4wZGe0mMYVCQ/BpndvR39eC13M9 5MwMmBUpycN5mmaRRHFhUw/QJto8 X-Google-Smtp-Source: ANB0VdbuP7qYTRQyYf8Oc1atIyALyMq35LBdVzSWL9x8AyvKjPhxs2sOQs0uvIzlmv2ww4xOhy3Nwg== X-Received: by 2002:a02:39a:: with SMTP id e26-v6mr27602634jae.135.1537281923861; Tue, 18 Sep 2018 07:45:23 -0700 (PDT) Received: from [172.16.255.50] ([216.194.115.4]) by smtp.gmail.com with ESMTPSA id a186-v6sm4599793itd.2.2018.09.18.07.45.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Sep 2018 07:45:22 -0700 (PDT) From: Bret Jordan Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_7ACAAEBB-9FB3-4E67-A058-FACC29A88124" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Tue, 18 Sep 2018 08:45:20 -0600 In-Reply-To: Cc: cacao@ietf.org To: Amelia Andersdotter References: <1AFBE9EF-1081-470F-8835-2AE2F65B6C80@gmail.com> <7C8A1176-4079-474B-893D-DFAE8B4BA067@gmail.com> <01324152-315F-47AA-9A47-F23009FB258D@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] CACAO Google Doc X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 14:45:30 -0000 --Apple-Mail=_7ACAAEBB-9FB3-4E67-A058-FACC29A88124 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Amelia, I will make some comments in-line.=20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > I understand that reporting on cyber threats and proposing mitigating > remedies for cyber threats is increasingly a government affair (i.e. = has > regulatory implications), so this is an aspect that needs to be = covered > as well. There are regulatory requirements outside of just government that need = to ensure and verify that certain things are done either as preventive = steps or as mitigation / remediation steps. This is why it is so = critical that you can issue commands, get responses from commands, and = be able to tie all of this back to the Indicators, Threat Actors, = Campaigns, Intrusion Sets etc that are documented in STIX. =20 > I.e., if there is a regulatory established mechanism for information > sharing in any jurisdiction, any organisation doing reporting or > mitigation work would have to certainly comply at least with local > regulations - would this project aim to facilitate compliance in this > regard? And what is required for that? This work should enable that to take place. There are many vendors that = are trying to offer these solution in their own proprietary ways. = However, if the eco-system is truly going to gain the upper hand against = Threat Actors and Intrusion Sets, then we need to have solutions that = can work vertical / sector wide in machine relevant time.=20 > I guess this speaks again to a more robust "gap analysis", and = Carolin's > point on having two separate documents resonates with me. >=20 > Generally, I'm uncomfortable with the idea of Globally Unique > Identifiers and do not think it constructive for CACAO to propose = that. > It's anti-thetical to a lot of other developments, and regulatory = concerns. In sharing groups, trust groups, ISAOs, ISACs, etc, you need a way of = being able to tie certain comments and sequences of commands back in to = a graph. The only way this works is if you using UUIDv4 or UUIDv5 like = IDs. Now UUIDv5 can be problematic if you want to enable or allow = versioning of the command itself, since the deterministic ID will change = and thus break your graph. >=20 > best, >=20 > Amelia >=20 > On 2018-09-18 09:48, Carolin.Baumgartner@interdiscount.ch wrote: >>=20 >> Hi >>=20 >> =20 >>=20 >> I agree that a gap analysis would be great, but I read this = discussion >> as "include this in the document that proposes a new approach". If I >> read that correctly, I would propose to split that out into two >> documents. The reason is that this sounds like a huge monster >> document, nobody can digest anymore. I think it would be valuable to >> have a gap analysis / motivation type of document and then another = one >> (or several other ones) describing the new approach. >>=20 >> =20 >>=20 >> best regards >>=20 >> Carolin >>=20 >> =20 >>=20 >> *From:*Cacao [mailto:cacao-bounces@ietf.org] *On Behalf Of *Kathleen >> Moriarty >> *Sent:* Tuesday, September 18, 2018 4:12 AM >> *To:* Bret Jordan >> *Cc:* Barry Greene ; cacao@ietf.org >> *Subject:* Re: [Cacao] CACAO Google Doc >>=20 >> =20 >>=20 >> Hi Brett, >>=20 >> =20 >>=20 >> I do think the gap analysis Barry suggested is an important step for >> the authors of this work to pursue. This is important for a few >> reasons. The first is that it will familiarize you with the prior >> work. I know for RID, it was extensive with many participants. The >> document was also republished, so the time span was quite a range as >> well dating back to 2000/1. =20 >>=20 >> =20 >>=20 >> On Mon, Sep 17, 2018 at 7:52 PM Bret Jordan > > wrote: >>=20 >> Barry, >>=20 >> =20 >>=20 >> We will be working on a list of problem areas that need to be >> addressed and the order in which they need to be solved. If you >> have specific examples of how certain areas have been solved >> already and have design elements we could reuse, please share >> them. We would love to reuse as much as possible.=20 >>=20 >> =20 >>=20 >> You may discover this through the gap analysis that was suggested. = As >> a result of that gap analysis, it will be easier to get others to >> engage in your work. For those of us who have done work in this = space, >> having that acknowledged and then you stating the gap will help us = all >> work toward a common output. =20 >>=20 >> =20 >>=20 >> As I stated in goal numbers 2, 3, and 5, we need to ensure that >> this community has the right people in it, to ensure wide spread >> adoption. If this community does not have the right people, then >> we need to either recruit them and bring them in to this community >> or look for the right community.=20 >>=20 >> =20 >>=20 >> I think through the gap analysis, you'll see the prior work and I >> think will find the IETF is the right place. It will be easier to >> engage prior authors rather than asking them to do the analysis >> against your new effort. It's just the usual pattern we are = accustomed >> to working in. If you look back at the SACM BoF for instance, you'll >> see a gap analysis was requested against several standards including >> YANG and NEA among others. =20 >>=20 >> =20 >>=20 >> I am guessing through that work we may figure out that this belongs = in >> MILE, but could be wrong and the analysis suggested will help with >> that determination. >>=20 >> =20 >>=20 >> This work could be very important and I'd like to see the outputs of >> that analysis. I suspect others who helped on prior efforts would as >> well. Thank you. >>=20 >> =20 >>=20 >> Best regards, >>=20 >> Kathleen >>=20 >> =20 >>=20 >> =20 >>=20 >> I agree that there are far too many standards created that never >> get implemented. This is why I also called out the items in goal >> number 5 and why we have recruited the authors and contributors >> that we have.=20 >>=20 >> =20 >>=20 >> =20 >>=20 >> Thanks, >>=20 >> Bret >>=20 >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 = 0050 >>=20 >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing >> that can not be unscrambled is an egg." >>=20 >>=20 >>=20 >> On Sep 17, 2018, at 5:37 PM, Barry Greene >> > = wrote: >>=20 >> =20 >>=20 >> Hi Bret, >>=20 >> =20 >>=20 >> I read the initial draft. It is an assertion of a gap without >> a quantitative review that there is a gap.=20 >>=20 >> =20 >>=20 >> I hate wasting time in the IETF working on idea that no way to >> gain operational traction. This space is overloaded with past >> efforts. Lets learn why they did not deploy, find the gaps, >> then proceed with new work. >>=20 >> =20 >>=20 >> Barry >>=20 >>=20 >> On Sep 18, 2018, at 07:23, Bret Jordan > > wrote: >>=20 >> Barry, >>=20 >> =20 >>=20 >> Thanks for the email. As we stated in our initial draft >> document=E2=80=A6 >>=20 >> =20 >>=20 >> =E2=80=9CWhile many attempts have been made over the years = in the >> IETF and other SDOs to address certain elements of this >> problem space, there is currently no consolidated and >> standardized language or means that would allow cyber >> actions to be automatically coordinated, sequenced, >> processed and shared to enable cyber defenders to respond >> in machine relevant time. Some efforts such as BPMN have >> traditionally focused on higher-level non-cyber constructs >> for process definition, and other efforts like OpenC2 have >> focused purely on atomic actions, but none have focused on >> the overlay processes required for this to be used in a >> broader cyber security response use case.=E2=80=9D >>=20 >> =20 >>=20 >> As we work through and call out the problem spaces that >> need to be addressed, I would hope that those of you that >> are interested in this work will point us to specific >> elements and specific parts of existing work that we can >> use or reuse. Also as we called out in the draft, it is >> critical that this work ties in nicely with STIX and TAXII >> based Cyber Threat Intelligence. >>=20 >> =20 >>=20 >> The reason we are looking to start some work here in the >> IETF, is we feel like this venue might be a good place >> given the problems we need to solve and how some groups >> like SUIT have similar problems they are trying to solve. >> However, if this community does not agree that this work >> should be done here, that information is also valuable. >>=20 >> =20 >>=20 >> =20 >>=20 >> Our high level initial goals are (I would be curious to >> know if this community supports these): >>=20 >> =20 >>=20 >> 1) Identify all of the problem areas that need to be >> solved for this to actually work in practice.=20 >>=20 >> =20 >>=20 >> 2) Verify that the IETF is the right SDO in which to do >> this work >>=20 >> a) Do we have critical mass? >>=20 >> b) Do we have the right people, vendors, analysts, SOC >> engineers? >>=20 >> c) What is the temperament of this community for this kind >> of work? >>=20 >> d) Can we do a Bar BOF in Bangkok to gauge the community? >>=20 >> e) If the community is supportive, would a WG forming BOF >> be an option in Prague? >>=20 >> =20 >>=20 >> 3) Ensure we have multiple vendors and industry analysts >> from large SOCs involved to help ensure that any >> specification we produce can be used and implemented en = mass. >>=20 >> =20 >>=20 >> 4) Systematically work our way down the list of problem >> spaces and look for solutions (taking input from existing >> work where possible). Look to having our first >> implementable draft within 6 months of getting a WG >> formed. Release iterative draft releases every few months >> as we flesh out more of the problem space. >>=20 >> =20 >>=20 >> 5) Produce a specification and data model for JSON (and >> CBOR) along with implementation guides, interoperability >> guides, proof of concepts, and other content needed to >> ensure successful and rapid adopting across the market. >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> Thanks, >>=20 >> Bret >>=20 >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE >> 7415 0050 >>=20 >> "Without cryptography vihv vivc ce xhrnrw, however, the >> only thing that can not be unscrambled is an egg." >>=20 >>=20 >>=20 >> On Sep 17, 2018, at 3:46 PM, Barry Greene >> > > wrote: >>=20 >> =20 >>=20 >> Hello Bret, >>=20 >> =20 >>=20 >> My first suggestion is background work. What you are >> doing is not new. Pull in all the previous work, >> describe pros/cons/deployment, then get into the gaps >> which CACAO seeks to fill. >>=20 >> =20 >>=20 >> For example,=20 >>=20 >> =20 >>=20 >> - walk through IODEF (IETF) and explain pros, cons, >> limitations, and how CACAO would be different. >>=20 >> - Walk through STIX and do the same >>=20 >> - Walk through DOTs and explain why we could not use >> DOTS as it is today (with an update to the schema).=20 >>=20 >> =20 >>=20 >> Barry >>=20 >>=20 >> On Sep 18, 2018, at 00:03, Bret Jordan >> > >> wrote: >>=20 >> All, >>=20 >> =20 >>=20 >> As I mentioned in my Welcome message last week, we >> plan to use Google Docs to track all comments and >> suggestions to this draft and any other drafts >> that we write for this work. The read-only link >> for this work can be found here: >>=20 >> =20 >>=20 >> = https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpUOuOZhbfywiU= Sn2tI/edit# >> = >>=20 >> =20 >>=20 >> If you want to see comments and suggestions that >> are being proposed, or if you want to add your own >> comments and suggestion, please request access >> from within the Google Docs itself.=20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> Thanks, >>=20 >> Bret >>=20 >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 >> 74F8 ACAE 7415 0050 >>=20 >> "Without cryptography vihv vivc ce xhrnrw, >> however, the only thing that can not be >> unscrambled is an egg." >>=20 >> =20 >>=20 >> --=20 >> Cacao mailing list >> Cacao@ietf.org >> https://www.ietf.org/mailman/listinfo/cacao >>=20 >> =20 >>=20 >> =20 >>=20 >> --=20 >> Cacao mailing list >> Cacao@ietf.org >> https://www.ietf.org/mailman/listinfo/cacao >>=20 >>=20 >> =20 >>=20 >> --=20 >>=20 >> =20 >>=20 >> Best regards, >>=20 >> Kathleen >>=20 >>=20 >=20 > --=20 > Amelia Andersdotter > Technical Consultant, Digital Programme >=20 > ARTICLE19 > www.article19.org >=20 > PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55 >=20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao --Apple-Mail=_7ACAAEBB-9FB3-4E67-A058-FACC29A88124 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Amelia,

I = will make some comments in-line. 


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

I understand that reporting on cyber threats = and proposing mitigating
remedies for cyber threats is = increasingly a government affair (i.e. has
regulatory = implications), so this is an aspect that needs to be covered
as well.

There are regulatory requirements outside of just = government that need to ensure and verify that certain things are done = either as preventive steps or as mitigation / remediation steps. This is = why it is so critical that you can issue commands, get responses from = commands, and be able to tie all of this back to the Indicators, Threat = Actors, Campaigns, Intrusion Sets etc that are documented in STIX. =  


I.e., if there = is a regulatory established mechanism for information
sharing in any jurisdiction, any organisation doing reporting = or
mitigation work would have to certainly comply at least = with local
regulations - would this project aim to = facilitate compliance in this
regard? And what is required = for that?

This work should enable that to take place. There = are many vendors that are trying to offer these solution in their own = proprietary ways.  However, if the eco-system is truly going to = gain the upper hand against Threat Actors and Intrusion Sets, then we = need to have solutions that can work vertical / sector wide in machine = relevant time. 


I guess this speaks again to a more robust "gap analysis", = and Carolin's
point on having two separate documents = resonates with me.

Generally, I'm = uncomfortable with the idea of Globally Unique
Identifiers = and do not think it constructive for CACAO to propose that.
It's anti-thetical to a lot of other developments, and = regulatory concerns.

In sharing groups, trust groups, ISAOs, ISACs, = etc, you need a way of being able to tie certain comments and sequences = of commands back in to a graph.  The only way this works is if you = using UUIDv4 or UUIDv5 like IDs.  Now UUIDv5 can be problematic if = you want to enable or allow versioning of the command itself, since the = deterministic ID will change and thus break your graph.




best,

Amelia

On 2018-09-18 09:48, Carolin.Baumgartner@interdiscount.ch wrote:

Hi

 

I agree = that a gap analysis would be great, but I read this discussion
as "include this in the document that proposes a new = approach". If I
read that correctly, I would propose to = split that out into two
documents. The reason is that this = sounds like a huge monster
document, nobody can digest = anymore. I think it would be valuable to
have a gap = analysis / motivation type of document and then another one
(or several other ones) describing the new approach.

 

best = regards

Carolin

 

*From:*Cacao [mailto:cacao-bounces@ietf.org] *On Behalf Of *Kathleen
Moriarty
*Sent:* Tuesday, September 18, 2018 = 4:12 AM
*To:* Bret Jordan <jordan.ietf@gmail.com>
*Cc:* Barry = Greene <barryrgreene@gmail.com>; cacao@ietf.org
*Subject:* Re: [Cacao] CACAO Google Doc

 

Hi Brett,
 

I do think the gap = analysis Barry suggested is an important step for
the = authors of this work to pursue.  This is important for a few
reasons.  The first is that it will familiarize you with = the prior
work.  I know for RID, it was extensive = with many participants.  The
document was also = republished, so the time span was quite a range as
well = dating back to 2000/1.  

 

On Mon, Sep 17, 2018 at 7:52 PM Bret Jordan = <jordan.ietf@gmail.com
<mailto:jordan.ietf@gmail.com>> wrote:

   Barry,

    

=    We will be working on a list of problem areas that = need to be
   addressed and the order in = which they need to be solved. If you
=    have specific examples of how certain areas have been = solved
   already and have design elements = we could reuse, please share
=    them.  We would love to reuse as much as = possible. 

 

You may discover this through the gap analysis that was = suggested.  As
a result of that gap analysis, it will = be easier to get others to
engage in your work. For those = of us who have done work in this space,
having that = acknowledged and then you stating the gap will help us all
work toward a common output.  

    

=    As I stated in goal numbers 2, 3, and 5, we need to = ensure that
   this community has the = right people in it, to ensure wide spread
=    adoption. If this community does not have the right = people, then
   we need to either recruit = them and bring them in to this community
=    or look for the right community. 
 

I think through the gap = analysis, you'll see the prior work and I
think will find = the IETF is the right place.  It will be easier to
engage prior authors rather than asking them to do the = analysis
against your new effort. It's just the usual = pattern we are accustomed
to working in. If you look back = at the SACM BoF for instance, you'll
see a gap analysis = was requested against several standards including
YANG and = NEA among others.  

 

I am guessing through that work we may figure = out that this belongs in
MILE, but could be wrong and the = analysis suggested will help with
that determination.

 

This work = could be very important and I'd like to see the outputs of
that analysis.  I suspect others who helped on prior = efforts would as
well.  Thank you.

 

Best regards,

Kathleen

 

    

   I agree that there are far too many = standards created that never
   get = implemented. This is why I also called out the items in goal
   number 5 and why we have recruited the = authors and contributors
   that we = have. 

    

    

   Thanks,

=    Bret

=    PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 =  F2C0 74F8 ACAE 7415 0050

=    "Without cryptography vihv vivc ce xhrnrw, however, = the only thing
   that can not be = unscrambled is an egg."



       On Sep 17, 2018, = at 5:37 PM, Barry Greene
=        <barryrgreene@gmail.com <mailto:barryrgreene@gmail.com>> wrote:

=         

       Hi Bret,

=         

       I read the initial = draft. It is an assertion of a gap without
=        a quantitative review that = there is a gap. 

=         

       I hate wasting = time in the IETF working on idea that no way to
=        gain operational traction. = This space is overloaded with past
=        efforts. Lets learn why they = did not deploy, find the gaps,
=        then proceed with new work.

=         

       Barry


=        On Sep 18, 2018, at 07:23, = Bret Jordan <jordan.ietf@gmail.com
=        <mailto:jordan.ietf@gmail.com>> wrote:

=            Barry,
=             
=            Thanks = for the email. As we stated in our initial draft
=            document= =E2=80=A6

=             
=            =E2=80=9C= While many attempts have been made over the years in the
=            IETF = and other SDOs to address certain elements of this
=            problem = space, there is currently no consolidated and
=            standard= ized language or means that would allow cyber
=            actions = to be automatically coordinated, sequenced,
=            processe= d and shared to enable cyber defenders to respond
=            in = machine relevant time. Some efforts such as BPMN have
=            traditio= nally focused on higher-level non-cyber constructs
=            for = process definition, and other efforts like OpenC2 have
=            focused = purely on atomic actions, but none have focused on
=            the = overlay processes required for this to be used in a
=            broader = cyber security response use case.=E2=80=9D

=             
=            As we = work through and call out the problem spaces that
=            need = to be addressed, I would hope that those of you that
=            are = interested in this work will point us to specific
=            elements= and specific parts of existing work that we can
=            use or = reuse. Also as we called out in the draft, it is
=            critical= that this work ties in nicely with STIX and TAXII
=            based = Cyber Threat Intelligence.

=             
=            The = reason we are looking to start some work here in the
=            IETF, = is we feel like this venue might be a good place
=            given = the problems we need to solve and how some groups
=            like = SUIT have similar problems they are trying to solve.
=            However,= if this community does not agree that this work
=            should = be done here, that information is also valuable.

=             
=             
=            Our = high level initial goals are (I would be curious to
=            know = if this community supports these):

=             
=            1) = Identify all of the problem areas that need to be
=            solved = for this to actually work in practice. 

= =             
=            2) = Verify that the IETF is the right SDO in which to do
=            this = work

=            a) Do = we have critical mass?

=            b) Do = we have the right people, vendors, analysts, SOC
=            engineer= s?

=            c) = What is the temperament of this community for this kind
=            of = work?

=            d) Can = we do a Bar BOF in Bangkok to gauge the community?

=            e) If = the community is supportive, would a WG forming BOF
=            be an = option in Prague?

=             
=            3) = Ensure we have multiple vendors and industry analysts
=            from = large SOCs involved to help ensure that any
=            specific= ation we produce can be used and implemented en mass.

=             
=            4) = Systematically work our way down the list of problem
=            spaces = and look for solutions (taking input from existing
=            work = where possible). Look to having our first
=            implemen= table draft within 6 months of getting a WG
=            formed. = Release iterative draft releases every few months
=            as we = flesh out more of the problem space.

=             
=            5) = Produce a specification and data model for JSON (and
=            CBOR) = along with implementation guides, interoperability
=            guides, = proof of concepts, and other content needed to
=            ensure = successful and rapid adopting across the market.

=             
=             
=             
=            Thanks,<= br class=3D"">
=            Bret

=            PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE
=            7415 = 0050

=            "Without= cryptography vihv vivc ce xhrnrw, however, the
=            only = thing that can not be unscrambled is an egg."



=             &n= bsp;  On Sep 17, 2018, at 3:46 PM, Barry Greene
=             &n= bsp;  <barryrgreene@gmail.com
=             &n= bsp;  <mailto:barryrgreene@gmail.com>> wrote:

=             &n= bsp;   

=             &n= bsp;  Hello Bret,

=             &n= bsp;   

=             &n= bsp;  My first suggestion is background work. What you are
=             &n= bsp;  doing is not new. Pull in all the previous work,
=             &n= bsp;  describe pros/cons/deployment, then get into the gaps
=             &n= bsp;  which CACAO seeks to fill.

=             &n= bsp;   

=             &n= bsp;  For example, 

=             &n= bsp;   

=             &n= bsp;  - walk through IODEF (IETF) and explain pros, cons,
=             &n= bsp;  limitations, and how CACAO would be different.

=             &n= bsp;  - Walk through STIX and do the same

=             &n= bsp;  - Walk through DOTs and explain why we could not use
=             &n= bsp;  DOTS as it is today (with an update to the = schema). 

=             &n= bsp;   

=             &n= bsp;  Barry


=             &n= bsp;  On Sep 18, 2018, at 00:03, Bret Jordan
=             &n= bsp;  <jordan.ietf@gmail.com <mailto:jordan.ietf@gmail.com>>
=             &n= bsp;  wrote:

=             &n= bsp;      All,

= =             &n= bsp;       

=             &n= bsp;      As I mentioned in my Welcome = message last week, we
=             &n= bsp;      plan to use Google Docs to track = all comments and
=             &n= bsp;      suggestions to this draft and = any other drafts
=             &n= bsp;      that we write for this work. The = read-only link
=             &n= bsp;      for this work can be found = here:

=             &n= bsp;       

=             &n= bsp;      https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpU= OuOZhbfywiUSn2tI/edit#
=             &n= bsp;      <https://docs.google.com/document/d/1YluuEIv-SREI1i3BHC2Wp8vnvpU= OuOZhbfywiUSn2tI/edit>

=             &n= bsp;       

=             &n= bsp;      If you want to see comments and = suggestions that
=             &n= bsp;      are being proposed, or if you = want to add your own
=             &n= bsp;      comments and suggestion, please = request access
=             &n= bsp;      from within the Google Docs = itself. 

=             &n= bsp;       

=             &n= bsp;       

=             &n= bsp;       

=             &n= bsp;      Thanks,

=             &n= bsp;      Bret

= =             &n= bsp;      PGP Fingerprint: 63B4 FC53 = 680A 6B7D 1447  F2C0
=             &n= bsp;      74F8 ACAE 7415 0050

=             &n= bsp;      "Without cryptography vihv vivc = ce xhrnrw,
=             &n= bsp;      however, the only thing that can = not be
=             &n= bsp;      unscrambled is an egg."

=             &n= bsp;       

=             &n= bsp;      --
=             &n= bsp;      Cacao mailing list
=             &n= bsp;      Cacao@ietf.org <mailto:Cacao@ietf.org>
=             &n= bsp;      https://www.ietf.org/mailman/listinfo/cacao

=             
    

   --
   Cacao = mailing list
   Cacao@ietf.org <mailto:Cacao@ietf.org>    https://www.ietf.org/mailman/listinfo/cacao


 

--

 

Best regards,

Kathleen



-- =
Amelia Andersdotter
Technical Consultant, = Digital Programme

ARTICLE19
www.article19.org

PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 = B4E8 0B55

--
Cacao mailing = list
Cacao@ietf.org
https://www.ietf.org/mailman/listinfo/cacao

= --Apple-Mail=_7ACAAEBB-9FB3-4E67-A058-FACC29A88124-- From nobody Tue Sep 18 07:57:01 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53CBB130E42 for ; Tue, 18 Sep 2018 07:57:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IyQ7qNE30EXD for ; Tue, 18 Sep 2018 07:56:57 -0700 (PDT) Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EB81130E04 for ; Tue, 18 Sep 2018 07:56:57 -0700 (PDT) Received: by mail-io1-xd2e.google.com with SMTP id q4-v6so1789185iob.8 for ; Tue, 18 Sep 2018 07:56:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=rMSOD1/LgwBKPU/2eWZFHMmWFoQ7RIFtYPbUzh8B/4o=; b=MnsV8b6owavUasLdM9iFLtBtDiiQqroffxRpXAav4/0kMxMAGhBedM4ShIzuGauilB qs2LzlXbkvS1E4OxJRhAvqT0C+LXn4gFORmxaHSFHHmk7GcTA0H73y6NORssBovTdlUv p4BY3cvbgd9UhcFBuSIHMCQINJQ1Y4XTidbdNdegcIhqphr5CUX9uGPn0fadtWERt1C4 MEb90FCFhfC0T++rT5oPnRfoDTIli2VxB71MoD7V5KCB/pV4sfm6DXc96j3whRbtW8Wv kjMMAixzTU3xl5fQu3+BWOaabV5K+YQcVOaZyx+laBcbw4GL71RMgIgVc/08/0qKI4Eg n5kA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=rMSOD1/LgwBKPU/2eWZFHMmWFoQ7RIFtYPbUzh8B/4o=; b=uIEvDQvtFopEKxarWXseRsyB6Vz5ejhD2QYZkrwB49/YX74kluDyteu9t3dnRu2L/v lIsDA/iHQDHThMNhV7SQPHOOxX98YQANNZ9ZrCNyJ+kVloDnHjg5rXr+NZO9Gx518g55 WIk+NAbe7qfClKWIBpKfXSRNI4wMaKIe9JclZQt/qDtfpOW4d3vo8qeW7aBUHZY3OsWx d1Gwn+dr+2TzA7rxxjToijm0Uk4YHaQb6Sd39UC9VsuF+7Yji83j/wVmgqFy6A5xiqfR auCuwt/nkuSlPn5gKe0wWYwQWfOnWuQZnnd4MtN9ZwtB3o7RRb3d1xcKJ8E75p6xQu1N iKfA== X-Gm-Message-State: APzg51Dc6smvAxU1puizm3LrOAWqScNpHaTvEAZnHPQX+oa8tHaIbKsB RXsjMRHSedCrznH/8QL4wk38Lqn1 X-Google-Smtp-Source: ANB0VdZDCjoSZnX2wnogA4vRB6ayid51Hq9g7VL+9ds0ZVLW/GZir+hhbsBmxxAetMmJPGn7n2q2gQ== X-Received: by 2002:a5e:9745:: with SMTP id h5-v6mr24837142ioq.257.1537282616728; Tue, 18 Sep 2018 07:56:56 -0700 (PDT) Received: from [172.16.255.50] ([216.194.115.4]) by smtp.gmail.com with ESMTPSA id r139-v6sm5061514ita.14.2018.09.18.07.56.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Sep 2018 07:56:55 -0700 (PDT) From: Bret Jordan Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_0A2C5220-C834-4A1D-9BFC-E79EDCEA8968" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Tue, 18 Sep 2018 08:56:50 -0600 In-Reply-To: Cc: cacao@ietf.org To: Henk Birkholz References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] Other thoughts X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 14:57:00 -0000 --Apple-Mail=_0A2C5220-C834-4A1D-9BFC-E79EDCEA8968 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Henk, Thanks for the email and questions. I looked at the draft you linked = and there are 15 uses of the term =E2=80=9Ccorrective action=E2=80=9D = but it is never defined in the document. So I can not comment completely = on if it is a super set or not. As I have said before, there is a lot = of good work that has been done in the IETF and other SDOs that we would = like to make use of and bring together in to a single specification that = someone could actually implement or perform interoperability tests = against.=20 I believe hooking in to I2NSF and such will be important going forward. = As I have been doing more work in the ITU and other SDOs I can see this = as becoming critical long-term. But we need to start somewhere, but = always keep an eye to where we need to go.=20 My primary objectives is to get something put together rather quickly = and get open-source proof of concept solutions written. Then go to RSA = and BlackHat and talk with all of the CTOs on the show floor and try and = get them to adopt and look at this work. Writing a standard / = specification without doing the PR / Marketing work does not get us to = where we need to be. So this is a long answer, but yes, I hope each of you that have unique = understanding and experience with other work products, can help bring = that knowledge to the table so we can use it as we go forward. Once = again, assuming that this community wants us to do this work here.=20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > On Sep 18, 2018, at 1:53 AM, Henk Birkholz = wrote: >=20 > Hello Bret, >=20 > Wrt, "action", two question come to mind: >=20 > 1.) Is the term "action" a superset to the term "corrective action" = defined in = https://datatracker.ietf.org/doc/draft-ietf-ccamp-alarm-module/ ? If so, = it would tie into existing work. Important to note here is that an alarm = can only be defined, if a corrective action exists. >=20 > 2.) Would the term "action" in this domain justify the exploration of = the ECA model (Event-Condition-Action) used, for example, in I2NSF or = NETCONF? >=20 > https://datatracker.ietf.org/doc/draft-ietf-i2nsf-capability/ > = https://datatracker.ietf.org/doc/draft-bryskin-netconf-automation-yang/ >=20 >=20 > Viele Gr=C3=BC=C3=9Fe, >=20 > Henk >=20 >=20 >=20 > On 09/18/2018 02:27 AM, Bret Jordan wrote: >> All, >> I have heard from three people so far, what do others thing about the = draft and this proposed work? >> Thanks, >> Bret >> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >> "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." --Apple-Mail=_0A2C5220-C834-4A1D-9BFC-E79EDCEA8968 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Henk,

Thanks for the email and questions.  I looked at the = draft you linked and there are 15 uses of the term =E2=80=9Ccorrective = action=E2=80=9D but it is never defined in the document. So I can not = comment completely on if it is a super set or not.  As I have said = before, there is a lot of good work that has been done in the IETF and = other SDOs that we would like to make use of and bring together in to a = single specification that someone could actually implement or perform = interoperability tests against. 

I believe hooking in to I2NSF and such = will be important going forward. As I have been doing more work in the = ITU and other SDOs I can see this as becoming critical long-term. =  But we need to start somewhere, but always keep an eye to where we = need to go. 

My primary objectives is to get something put together rather = quickly and get open-source proof of concept solutions written. Then go = to RSA and BlackHat and talk with all of the CTOs on the show floor and = try and get them to adopt and look at this work. Writing a standard / = specification without doing the PR / Marketing work does not get us to = where we need to be.

So this is a long answer, but yes, I hope each of you that = have unique understanding and experience with other work products, can = help bring that knowledge to the table so we can use it as we go = forward. Once again, assuming that this community wants us to do this = work here. 


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

On Sep 18, 2018, at 1:53 AM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote:

Hello = Bret,

Wrt, "action", two question come to = mind:

1.) Is the term "action" a superset = to the term "corrective action" defined in https://datatracker.ietf.org/doc/draft-ietf-ccamp-alarm-module/= ? If so, it would tie into existing work. Important to note here is = that an alarm can only be defined, if a corrective action exists.

2.) Would the term "action" in this domain = justify the exploration of the ECA model (Event-Condition-Action) used, = for example, in I2NSF or NETCONF?

https://datatracker.ietf.org/doc/draft-ietf-i2nsf-capability/
https://datatracker.ietf.org/doc/draft-bryskin-netconf-automati= on-yang/


Viele Gr=C3=BC=C3=9Fe= ,

Henk



On 09/18/2018 02:27 AM, Bret Jordan wrote:
All,
I = have heard from three people so far, what do others thing about the = draft and this proposed work?
Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 = ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, = however, the only thing that can not be unscrambled is an egg."

= --Apple-Mail=_0A2C5220-C834-4A1D-9BFC-E79EDCEA8968-- From nobody Tue Sep 18 08:41:43 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47DEF130E12 for ; Tue, 18 Sep 2018 08:41:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dr-rxj357p6Z for ; Tue, 18 Sep 2018 08:41:40 -0700 (PDT) Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA068130DF0 for ; Tue, 18 Sep 2018 08:41:40 -0700 (PDT) Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w8IFaLPx094278 for ; Tue, 18 Sep 2018 11:41:40 -0400 Received: from smtp.notes.na.collabserv.com (smtp.notes.na.collabserv.com [192.155.248.82]) by mx0a-001b2d01.pphosted.com with ESMTP id 2mk15fsjns-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 18 Sep 2018 11:41:39 -0400 Received: from localhost by smtp.notes.na.collabserv.com with smtp.notes.na.collabserv.com ESMTP for from ; Tue, 18 Sep 2018 15:41:39 -0000 Received: from us1a3-smtp05.a3.dal06.isc4sb.com (10.146.71.159) by smtp.notes.na.collabserv.com (10.106.227.105) with smtp.notes.na.collabserv.com ESMTP; Tue, 18 Sep 2018 15:41:37 -0000 Received: from us1a3-mail75.a3.dal09.isc4sb.com ([10.142.3.82]) by us1a3-smtp05.a3.dal06.isc4sb.com with ESMTP id 2018091815413687-813757 ; Tue, 18 Sep 2018 15:41:36 +0000 In-Reply-To: To: cacao@ietf.org, "Cacao" From: "Jason Keirstead" Date: Tue, 18 Sep 2018 12:41:36 -0300 References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> MIME-Version: 1.0 X-KeepSent: D852F957:4BE8B10E-8425830C:00544E73; type=4; name=$KeepSent X-Mailer: IBM Notes Release 9.0.1EXT SHF888 April 26, 2018 X-LLNOutbound: False X-Disclaimed: 18671 X-TNEFEvaluated: 1 x-cbid: 18091815-5101-0000-0000-00000C5D17E2 X-IBM-SpamModules-Scores: BY=0; FL=0; FP=0; FZ=0; HX=0; KW=0; PH=0; SC=0.439231; ST=0; TS=0; UL=0; ISC=; MB=0.261295 X-IBM-SpamModules-Versions: BY=3.00009728; HX=3.00000242; KW=3.00000007; PH=3.00000004; SC=3.00000266; SDB=6.01090157; UDB=6.00563165; IPR=6.00870177; BA=6.00006100; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00023369; XFM=3.00000015; UTC=2018-09-18 15:41:38 X-IBM-AV-DETECTION: SAVI=unsuspicious REMOTE=unsuspicious XFE=unused X-IBM-AV-VERSION: SAVI=2018-09-18 15:31:42 - 6.00008981 x-cbparentid: 18091815-5102-0000-0000-000076903377 Message-Id: Content-Type: multipart/alternative; boundary="=_alternative 0056344E8425830C_=" X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-09-18_07:, , signatures=0 X-Proofpoint-Spam-Reason: safe Archived-At: Subject: [Cacao] CACAO & Existing Standards X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 15:41:42 -0000 --=_alternative 0056344E8425830C_= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="US-ASCII" Hello all; I want to offer a point that I think can help clarify some overall themes=20 of the questions being posed thus far. The CACAO effort *does not* have any desire to actually define or=20 communicate the low-level atomic methodology of a singular course of=20 action. OpenC2 is one such standard one may use to that effect, NETCONF=20 may be another, as could YANG, or basic SNMP, or many other existing=20 standards.=20 We are not seeking to tie this effort to any of them, because any of them=20 may actually be referenced inside a CACAO project - it is important for=20 the CACAO effort to be very loosely-coupled to the actual action=20 evaluation mechanisms, since the methods used in the market today are=20 extremely varied and the effort therefore must support many different=20 mechanisms. These courses of action will also very often not solely be=20 executed in the cyber domain - humans often manually perform phases of a=20 response.=20 What we are attempting to define here is a standard way to share the=20 actual high-level procedures and/or workflows (the terminology used in the = cybersecurity realm is the "playbook") with which these actions are=20 executed, not the low-level action operation itself.=20 I hope that can clarify matters somewhat, and also make it more obvious=20 why this work is not covered by any current work in=20 STIX/TAXII/IODEF/DOTS/MILE. All of those standards revolve around a method = of communicating a threat or security incident. We are seeking to=20 communicate the response methodology for that incident. - Jason Keirstead Lead Architect - IBM.Security www.ibm.com/security --=_alternative 0056344E8425830C_= Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="US-ASCII" Hello all;

I want to offer a point that I think can help clarify some overall themes of the questions being posed thus far.

The CACAO effort *doe= s not* have any desire to actually define or communicate the low-level atomic methodology of a singular course of action. OpenC2 is one such standard one may use to that effect, NETCONF may be another, as could YANG, or basic SNMP, or many other existing standards.

We are not seeking to tie this effort to any of them, because any of them may actually be referenced inside a CACAO project - it is important for the CACAO effort to be very loosely-cou= pled to the actual action evaluation mechanisms, since the methods used in the market today are extremely varied and the effort therefore must support many different mechanisms. These courses of action will also very often not solely be executed in the cyber domain - humans often manually perform phases of a response.

Wha= t we are attempting to define here is a standard way to share the actual high-level procedures and/or workflows (the terminology used in the cybersecurity realm is the "playbook"= ;) with which these actions are executed, not the low-level action operation itself.

I hope that can c= larify matters somewhat, and also make it more obvious why this work is not covered by any current work in STIX/TAXII/IODEF/DOTS/MILE. All of those standards revolve around a method of communicating a threat or security incident. We are seeking to communicate the response methodology for that incident.

-
Jason Keirstead
Lead Architect - I= BM.Security
www.ibm.com/security


--=_alternative 0056344E8425830C_=-- From nobody Tue Sep 18 08:49:11 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8ADC130DE6 for ; Tue, 18 Sep 2018 08:49:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Joroc2MNP8xs for ; Tue, 18 Sep 2018 08:49:06 -0700 (PDT) Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D7C9128CFD for ; Tue, 18 Sep 2018 08:49:06 -0700 (PDT) Received: by mail-io1-xd31.google.com with SMTP id l7-v6so1952544iok.6 for ; Tue, 18 Sep 2018 08:49:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:message-id:date:to; bh=gLnSwVj5U3MoP0S/F59xJPreY/Dy9+ngRxMDjwYw+Q0=; b=BuLVfbeO8esObwNuTXdVFTQSv9hGKWQ31MSaBPSyiguPwZVlBMdHQ/QhAF3aLS06MJ nbAggH63LW2Cz/gcBFgavVVz8pLq1SiiBm7/s8KiV+wJQ0H0jz9yXsAD/PfoGHzWrq2E mLp2ByHv/HTEP2Qot06h5J28ZINdqXFCcYoyT79hPfou/QWZgt6+EScTj96PotOYSalW 4tjC1sudFU10AwtsidhgpfBBRwToz94MEPlvQ+8dKlMz8TZgZ1JsoaK4NMgqd2ws2cBd N3l/elsSxNy49tuDBNGI2b/2t4pT3arDI+mf5JMraN/S0O2lZd/XrTMuuatcF/I89Yr3 vqiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=gLnSwVj5U3MoP0S/F59xJPreY/Dy9+ngRxMDjwYw+Q0=; b=LYZYTPmmBhTUnG8Q/5Gf34j9oum4YJWk+9QoDAn4iW6q65kUE5iTmvxCe+gCAJn84Z cBIiVdGsKM2fUK+wQieljbgfCgWdGOYbxaBK63APkNUHwULUKbx2JHESbmrKttuJEIiN k86Y8ITAFqCg57JlCoDx3x8Mz63I1+OtmMACVzC2W9pSgICFphykkFeE/3Rl6BbeCRsf d4qRJfp5pE6RcZ4PyBQigfWZoqyWne/NpbN1sDJAYwzpDvx6iUaVdApJwmMhH379IVs7 O4whwyh6G71D/YlyzpI6jcpJnuqVVIoik1J65ql1uI0gDX5f9iA9egzklH6MGcfxK2oN eVnw== X-Gm-Message-State: APzg51Aaj8c450Z7s3nE9fICJGhUKxgc+TPxz0mt3brrduVKWly6UnSQ ZnQNNO8j+mO04QMJm20bwlZXxmeE X-Google-Smtp-Source: ANB0VdaLFukvuTlRvC6RzFXhQ24Ols6/10/C7vNB5kwX8OwXeQ50m2N+3mzHrjMR828+eWLwg9qtZQ== X-Received: by 2002:a6b:3902:: with SMTP id g2-v6mr25395141ioa.168.1537285745600; Tue, 18 Sep 2018 08:49:05 -0700 (PDT) Received: from [172.16.255.50] ([216.194.115.4]) by smtp.gmail.com with ESMTPSA id s24-v6sm6074693ioj.17.2018.09.18.08.49.04 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Sep 2018 08:49:04 -0700 (PDT) From: Bret Jordan Content-Type: multipart/alternative; boundary="Apple-Mail=_1D029642-EE56-4DA2-ABDE-7A7BB8AB2F85" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Message-Id: Date: Tue, 18 Sep 2018 09:49:02 -0600 To: cacao@ietf.org X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 15:49:09 -0000 --Apple-Mail=_1D029642-EE56-4DA2-ABDE-7A7BB8AB2F85 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii All, I wanted to start some discussion on some of the initial problems (not = all) that we have already identified that need to be solved with this = type of solution. Some of the solutions to these will have elements we = can borrow from other work. Also, keep in mind all of this needs to work = in native JSON. Need the ability to document a single command Human executed commands Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, NETCONF, = YANG, etc) What device or system does the command target (DesktopOS 10 at IP = address 10.0.0.2, Firewall BAR at 192.168.0.2) What class of devices or systems does the command target (DesktopOS 10 = at patch level 4, Firewall FOO ver 10) Need the ability to document a chain of commands Need to know if there is temporal logic or conditional logic associated = between commands Need to know if commands are sequenced or if they can be run in parallel Need to know if there are fall through or fail-to-next commands Need tracking to know how to back out commands that fail and how far up = the tree you need to back out on failure=20 Need ability to provide Digital signatures at the command, the command = chain (tree), and COA Project levels These digital signatures need to be included in the payload themselves Need to be able to sign a section or part of the JSON text data They need to be in parallel and in series. Meaning, a command may = individually be signed by more than one people. The command and a = signature may also be signed multiple times in series. Example: Company X that makes DesktopOS 10 signs a command that says it = will resolve malware Z on DesktopOS 10 patch version 4. Big Bank Foo may = then sign that (command + Company sig) and say they have verified it and = it works. Some ISAC may then sign that (command + Company sig + Big Bank = Foo sig) and then send it out to their eco-system Signatures need ability to identify what assertions someone is making. =20= We need to know what the types of assertions should be (it works, it has = been verified, it has been reviewed, it may work, it seems to work, etc) Need ability to get responses at the individual command level, the chain = of commands level, and the COA Project level.=20 Need to identify the types of responses that can be returned and what = are the types of command codes / response codes that should be returned Need to identify and have negotiation between systems if the responses = should be pushed or pulled. Need to know how the individual response can impact the next steps in = the chain. Things we already know how to do.. We know how to make this work in a = graph, we know how to make this work with versioning, we know how to tie = these to existing Cyber Threat Intelligence. =20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." --Apple-Mail=_1D029642-EE56-4DA2-ABDE-7A7BB8AB2F85 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
All,

I wanted to start some discussion on some of the initial = problems (not all) that we have already identified that need to be = solved with this type of solution. Some of the solutions to these will = have elements we can borrow from other work. Also, keep in mind all of = this needs to work in native JSON.

  1. Need the ability to document a single command
    1. Human executed commands
    2. Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, = SNMP, NETCONF, YANG, etc)
    3. What device or system does = the command target (DesktopOS 10 at IP address 10.0.0.2, Firewall BAR at = 192.168.0.2)
    4. What class of devices or systems does = the command target (DesktopOS 10 at patch level 4, Firewall FOO ver = 10)
  2. Need the ability to document a chain of = commands
    1. Need to know if there is = temporal logic or conditional logic associated between commands
    2. Need to know if commands are sequenced or if they can be run = in parallel
    3. Need to know if there are fall through or = fail-to-next commands
    4. Need tracking to know how to = back out commands that fail and how far up the tree you need to back out = on failure 
  3. Need ability to provide Digital = signatures at the command, the command chain (tree), and COA Project = levels
    1. These digital signatures need = to be included in the payload themselves
    2. Need to be = able to sign a section or part of the JSON text data
    3. They need to be in parallel and in series. Meaning, a command = may individually be signed by more than one people.  The command = and a signature may also be signed multiple times in series.
      1. Example: Company X that makes DesktopOS 10 = signs a command that says it will resolve malware Z on DesktopOS 10 = patch version 4. Big Bank Foo may then sign that (command + Company sig) = and say they have verified it and it works. Some ISAC may then sign that = (command + Company sig + Big Bank Foo sig) and then send it out to their = eco-system
    4. Signatures need ability to identify = what assertions someone is making.  
      1. We need to know what the types of assertions should be (it = works, it has been verified, it has been reviewed, it may work, it seems = to work, etc)
  4. Need ability to get responses = at the individual command level, the chain of commands level, and the = COA Project level. 
    1. Need to = identify the types of responses that can be returned and what are = the types of command codes / response codes that should be = returned
    2. Need to identify and have negotiation = between systems if the responses should be pushed or pulled.
    3. Need to know how the individual response can impact the next = steps in the chain.


Things we already know how to do.. We know how to make this = work in a graph, we know how to make this work with versioning, we know = how to tie these to existing Cyber Threat Intelligence.  


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

= --Apple-Mail=_1D029642-EE56-4DA2-ABDE-7A7BB8AB2F85-- From nobody Tue Sep 18 08:49:44 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E95A130DF4; Tue, 18 Sep 2018 08:49:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a3RoxMJkOLJ1; Tue, 18 Sep 2018 08:49:40 -0700 (PDT) Received: from mail-it0-x22d.google.com (mail-it0-x22d.google.com [IPv6:2607:f8b0:4001:c0b::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98636128CFD; Tue, 18 Sep 2018 08:49:40 -0700 (PDT) Received: by mail-it0-x22d.google.com with SMTP id h23-v6so3620448ita.5; Tue, 18 Sep 2018 08:49:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=cHh786BPXhblGysXSDV5yv3h7Qrmw3pgFS7hlMDrbFA=; b=Hnoca16fVojp+oTXNOsPNJSbEWmm9RXt6kBkhrIWEiP7Z56iKiYIGBVqJ7doW2ECBW IlVLsciF1d4lhD2Uln6aWUNpdqixbXJv0MpvTTCH4TeuyHRl7rHw3VL6oFqSPSsqZB4D fpO0tZkd7uJ0GJamG5hYEe6LfUs4pe8aVRx24YQPLGIbOBhWd0G6pm130tB3BRiF+lop uDeQ9lUXzuNOAW2fVGMH8kkoG+D4zMk4EPl2KQQVJu6grAaLXsU6oJai35WEwGj4+Nnk 4/O5YL7E0ZbkWZVS7WRPwDDHmB1fqgyU+tV3I6AWnEQoeNUEj+W8QxqdDrROA96sM6Jz qAVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=cHh786BPXhblGysXSDV5yv3h7Qrmw3pgFS7hlMDrbFA=; b=Ax6/twyVLQVEiryfAlzp9eLmRaTPbtnlIyq/0Ze/9fh2auFJcBiGMh0Em4cidIUK88 /q37gFxqNj6JzuBBrhXqJDf31B5M+bpefmJqg24QDkCVHRfxlIi5zrD7wTjYXLbwL/4H YX22cGFaz9DohK5tg/J1MSjvU12cxbhiVlDNMg/7rhXdFxmmTS7HmoVW22rFOHD8gH+/ K9jCsUX01eKdolOcGU+H5NE1Wfdrza48eBwAp6Gnw+TUZJnOL0yKJUSA+dNV0hyvV58u hS0Q5uO9gtdbnHFfmCI+z71y9EF+lwTfg5N+GXtlBKs/8CBygVKNVZgVqO7gnSJarCJn AvMw== X-Gm-Message-State: APzg51B8rnUgZKvWbztoyzWvAPxNr11QTZJwYwd85DNgGTJBJVLoXG2y lml9VkV6iW2D0MtAq7VPn3vvSPc4 X-Google-Smtp-Source: ANB0Vdb2u2UTTt8SlzLnCcdrwxdSZoEr4pQyPcpalDfn2Z9tQVvjmc8ghJzo3mcSXYUf9O7LkzXsZw== X-Received: by 2002:a24:a388:: with SMTP id p130-v6mr16741457ite.146.1537285779892; Tue, 18 Sep 2018 08:49:39 -0700 (PDT) Received: from [172.16.255.50] ([216.194.115.4]) by smtp.gmail.com with ESMTPSA id r126-v6sm6871627iod.7.2018.09.18.08.49.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Sep 2018 08:49:38 -0700 (PDT) From: Bret Jordan Message-Id: <0A578432-71E3-4623-9C94-B97109093296@gmail.com> Content-Type: multipart/alternative; boundary="Apple-Mail=_DFF8EFB1-ED9D-436B-A6A6-3E4C51E4B4D0" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Tue, 18 Sep 2018 09:49:33 -0600 In-Reply-To: Cc: cacao@ietf.org, Cacao To: Jason Keirstead References: <9C6CD1F8-8326-48E9-A9BF-509DEE11B32E@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] CACAO & Existing Standards X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 15:49:42 -0000 --Apple-Mail=_DFF8EFB1-ED9D-436B-A6A6-3E4C51E4B4D0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Yes, I completely agree Jason. Well said. Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > On Sep 18, 2018, at 9:41 AM, Jason Keirstead = > wrote: >=20 > Hello all; >=20 > I want to offer a point that I think can help clarify some overall = themes of the questions being posed thus far. >=20 > The CACAO effort *does not* have any desire to actually define or = communicate the low-level atomic methodology of a singular course of = action. OpenC2 is one such standard one may use to that effect, NETCONF = may be another, as could YANG, or basic SNMP, or many other existing = standards.=20 >=20 > We are not seeking to tie this effort to any of them, because any of = them may actually be referenced inside a CACAO project - it is important = for the CACAO effort to be very loosely-coupled to the actual action = evaluation mechanisms, since the methods used in the market today are = extremely varied and the effort therefore must support many different = mechanisms. These courses of action will also very often not solely be = executed in the cyber domain - humans often manually perform phases of a = response.=20 >=20 > What we are attempting to define here is a standard way to share the = actual high-level procedures and/or workflows (the terminology used in = the cybersecurity realm is the "playbook") with which these actions are = executed, not the low-level action operation itself.=20 >=20 > I hope that can clarify matters somewhat, and also make it more = obvious why this work is not covered by any current work in = STIX/TAXII/IODEF/DOTS/MILE. All of those standards revolve around a = method of communicating a threat or security incident. We are seeking to = communicate the response methodology for that incident. >=20 > - > Jason Keirstead > Lead Architect - IBM.Security > www.ibm.com/security >=20 >=20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao --Apple-Mail=_DFF8EFB1-ED9D-436B-A6A6-3E4C51E4B4D0 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
Yes, I completely = agree Jason.  Well said.


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

On Sep 18, 2018, at 9:41 AM, Jason Keirstead = <Jason.Keirstead@ca.ibm.com> wrote:

Hello all;

I want to = offer a point that I think can help clarify some overall themes of the questions being posed thus far.

The CACAO effort *does not* have any desire to actually define or communicate the low-level atomic = methodology of a singular course of action. OpenC2 is one such standard one may use to that effect, NETCONF may be another, as could YANG, or basic SNMP, or many other existing standards.

We are not seeking to tie this = effort to any of them, because any of them may actually be referenced inside a CACAO project - it is important for the CACAO effort to be very = loosely-coupled to the actual action evaluation mechanisms, since the methods used in = the market today are extremely varied and the effort therefore must support many different mechanisms. These courses of action will also very often not solely be executed in the cyber domain - humans often manually = perform phases of a response.

What we are attempting to = define here is a standard way to share the actual high-level procedures and/or = workflows (the terminology used in the cybersecurity realm is the "playbook") with which these actions are executed, not the low-level action = operation itself.

I hope that can clarify matters somewhat, and also make it more obvious why this work is not covered by any = current work in STIX/TAXII/IODEF/DOTS/MILE. All of those standards revolve = around a method of communicating a threat or security incident. We are seeking to communicate the response methodology for that incident.

-
Jason Keirstead
Lead Architect = - IBM.Security
www.ibm.com/security


--
Cacao mailing list
Cacao@ietf.org
https://www.ietf.org/mailman/listinfo/cacao

= --Apple-Mail=_DFF8EFB1-ED9D-436B-A6A6-3E4C51E4B4D0-- From nobody Tue Sep 18 15:35:10 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B4EA130DC6 for ; Tue, 18 Sep 2018 15:35:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fzsjugYfP-pA for ; Tue, 18 Sep 2018 15:35:06 -0700 (PDT) Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECBC9124C04 for ; Tue, 18 Sep 2018 15:35:05 -0700 (PDT) Received: by mail-pg1-x533.google.com with SMTP id s15-v6so1716407pgv.8 for ; Tue, 18 Sep 2018 15:35:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZJGTrwlcKGIRUotGSguCgUbN9SBBV6FeEIt3zj9gb1g=; b=YlsYtMJEhtGTcJMzoKibkgLhdaNH/20zsARBomAGzurhiZEJ/t6vOEci3hmtCRSl3+ Ydde8GekrrW07aF1YDEKzOSd7+0aN2V6CRnKEawkYJCFJBsKzDTw54tLM08Z7NeYkjpA LGfj60XEvbDIGp6VMGCOGRp/LJy3e8BxmOLQ8LvSeLkUEaCVVMNdLJf6ry3IYGI7QDzN DXLUcIZJkNXTaUnOh78bh+3S/hR3zh/bb4goUiUX5I/nt5XNp8p9/77dAY72wl+Np8ht TZOHXZgQIrna703+3BMkbF1lQQeISP/7EAzjum+/0vQ4iCo34RIUbUDFMWbOvx9Rc249 Wbrw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZJGTrwlcKGIRUotGSguCgUbN9SBBV6FeEIt3zj9gb1g=; b=RAXN8YrBgLSucsmIGmc+Nt1OmAn5Lji4yhR61K2a/W6IfDF9jKBsVsalMYGwN+Rfqj 8o9TvYqmu1Hf0L5fxBd412gIQ45f3+ulivyewCrqvUPAJtHSi91TpStB95N5ndGLnosM Z8rNQ/WNf9QmZCJjHyjAX0aznKD5PAKt56SmSf5gFJ8z6JKNwlXsF3tVw8iG8BlZMjOo nZUNMGPTvtgeSG1cVeMcH3+g/IVmhC1ZfBwMna2I8nz/PZogPwQ4UXrCAc1XTDh8Ogyk yBsS1NUdw/V4Fh0NHEEutNKd49KHKn/9aw0jy8sbHxqxvDEhzEzngPFwg0MM18dziFFr STJg== X-Gm-Message-State: APzg51BvET2m6tbrhZmfEIFE712iJ278P9u5jNzr6TaARgCEppPnQs9u KED1DOhkShYGIADBaMO4Md0= X-Google-Smtp-Source: ANB0VdbOIVT7pVaSoKTbJauyHCJt5+GWBbEsE3OWdWevkN93eiV6IU62wYHvnB3AIYosGvsPIArrUQ== X-Received: by 2002:a63:40c7:: with SMTP id n190-v6mr30067915pga.116.1537310105170; Tue, 18 Sep 2018 15:35:05 -0700 (PDT) Received: from ?IPv6:2406:3003:2007:26d4:95bc:1d3f:a567:3997? ([2406:3003:2007:26d4:95bc:1d3f:a567:3997]) by smtp.gmail.com with ESMTPSA id p26-v6sm22314707pgn.64.2018.09.18.15.35.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Sep 2018 15:35:02 -0700 (PDT) Content-Type: multipart/alternative; boundary=Apple-Mail-929B1215-07CA-4CB4-9698-1180EB5C8E94 Mime-Version: 1.0 (1.0) From: Barry Greene X-Mailer: iPad Mail (15G77) In-Reply-To: Date: Wed, 19 Sep 2018 06:34:58 +0800 Cc: cacao@ietf.org Content-Transfer-Encoding: 7bit Message-Id: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> References: To: Bret Jordan Archived-At: Subject: Re: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2018 22:35:09 -0000 --Apple-Mail-929B1215-07CA-4CB4-9698-1180EB5C8E94 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Bret, What you have below was done in Cisco=E2=80=99s TIDP/TMS architecture.=20 Barry > On Sep 18, 2018, at 23:49, Bret Jordan wrote: >=20 > All, >=20 > I wanted to start some discussion on some of the initial problems (not all= ) that we have already identified that need to be solved with this type of s= olution. Some of the solutions to these will have elements we can borrow fro= m other work. Also, keep in mind all of this needs to work in native JSON. >=20 > Need the ability to document a single command > Human executed commands > Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, NETCONF, Y= ANG, etc) > What device or system does the command target (DesktopOS 10 at IP address 1= 0.0.0.2, Firewall BAR at 192.168.0.2) > What class of devices or systems does the command target (DesktopOS 10 at p= atch level 4, Firewall FOO ver 10) > Need the ability to document a chain of commands > Need to know if there is temporal logic or conditional logic associated be= tween commands > Need to know if commands are sequenced or if they can be run in parallel > Need to know if there are fall through or fail-to-next commands > Need tracking to know how to back out commands that fail and how far up th= e tree you need to back out on failure=20 > Need ability to provide Digital signatures at the command, the command cha= in (tree), and COA Project levels > These digital signatures need to be included in the payload themselves > Need to be able to sign a section or part of the JSON text data > They need to be in parallel and in series. Meaning, a command may individu= ally be signed by more than one people. The command and a signature may als= o be signed multiple times in series. > Example: Company X that makes DesktopOS 10 signs a command that says it wi= ll resolve malware Z on DesktopOS 10 patch version 4. Big Bank Foo may then s= ign that (command + Company sig) and say they have verified it and it works.= Some ISAC may then sign that (command + Company sig + Big Bank Foo sig) and= then send it out to their eco-system > Signatures need ability to identify what assertions someone is making. =20= > We need to know what the types of assertions should be (it works, it has b= een verified, it has been reviewed, it may work, it seems to work, etc) > Need ability to get responses at the individual command level, the chain o= f commands level, and the COA Project level.=20 > Need to identify the types of responses that can be returned and what are t= he types of command codes / response codes that should be returned > Need to identify and have negotiation between systems if the responses sho= uld be pushed or pulled. > Need to know how the individual response can impact the next steps in the c= hain. >=20 >=20 > Things we already know how to do.. We know how to make this work in a grap= h, we know how to make this work with versioning, we know how to tie these t= o existing Cyber Threat Intelligence. =20 >=20 >=20 > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that ca= n not be unscrambled is an egg." >=20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao --Apple-Mail-929B1215-07CA-4CB4-9698-1180EB5C8E94 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
Hi Bret,

What you have below was done in Cisco=E2=80=99s TIDP/TMS architecture= . 

Barry

On Sep 18, 2018, at 23:= 49, Bret Jordan <jordan.ietf@gma= il.com> wrote:

All,

I wante= d to start some discussion on some of the initial problems (not all) that we= have already identified that need to be solved with this type of solution. S= ome of the solutions to these will have elements we can borrow from other wo= rk. Also, keep in mind all of this needs to work in native JSON.

    Need the ability to document a single command
    1. Human executed commands
    2. Native Machine co= mmands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, NETCONF, YANG, etc)
    3. What device or system does the command target (DesktopOS 10 at IP a= ddress 10.0.0.2, Firewall BAR at 192.168.0.2)
    4. What class o= f devices or systems does the command target (DesktopOS 10 at patch level 4,= Firewall FOO ver 10)
  1. Need the ability to document a= chain of commands
    1. Need to know if there i= s temporal logic or conditional logic associated between commands
    2. Need to know if commands are sequenced or if they can be run in par= allel
    3. Need to know if there are fall through or fail-to-n= ext commands
    4. Need tracking to know how to back out comman= ds that fail and how far up the tree you need to back out on failure 
  2. Need ability to provide Digital signatures at the com= mand, the command chain (tree), and COA Project levels
    1. These digital signatures need to be included in the payload the= mselves
    2. Need to be able to sign a section or part of the J= SON text data
    3. They need to be in parallel and in series. M= eaning, a command may individually be signed by more than one people.  = The command and a signature may also be signed multiple times in series.
      1. Example: Company X that makes DesktopOS 10 si= gns a command that says it will resolve malware Z on DesktopOS 10 patch vers= ion 4. Big Bank Foo may then sign that (command + Company sig) and say they h= ave verified it and it works. Some ISAC may then sign that (command + Compan= y sig + Big Bank Foo sig) and then send it out to their eco-system
      =
    4. Signatures need ability to identify what assertions someone i= s making.  
      1. We need to know what the t= ypes of assertions should be (it works, it has been verified, it has been re= viewed, it may work, it seems to work, etc)
  3. Nee= d ability to get responses at the individual command level, the chain of com= mands level, and the COA Project level. 
    1. Need to identify the types of responses that can be returned and wha= t are the types of command codes / response codes that should be returned
    2. Need to identify and have negotiation between systems if th= e responses should be pushed or pulled.
    3. Need to know how t= he individual response can impact the next steps in the chain.


<= /div>
Things we already know how to do.. We know how to make t= his work in a graph, we know how to make this work with versioning, we know h= ow to tie these to existing Cyber Threat Intelligence.  


Thanks,
Bret
<= div class=3D"" style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; lin= e-break: after-white-space;">
<= span class=3D"" style=3D"font-size: 11px;">PGP Fingerprint: 63B4 FC53 680A 6B7= D 1447  F2C0 74F8 ACAE 7415 0050
"Without cr= yptography vihv vivc ce xhrnrw, however, the only thing that can not be unsc= rambled is an egg."

= --Apple-Mail-929B1215-07CA-4CB4-9698-1180EB5C8E94-- From nobody Tue Sep 18 19:07:02 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7305C130F08 for ; Tue, 18 Sep 2018 19:07:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X2zj_DxIgWIY for ; Tue, 18 Sep 2018 19:06:57 -0700 (PDT) Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59117130F03 for ; Tue, 18 Sep 2018 19:06:57 -0700 (PDT) Received: by mail-oi0-x22c.google.com with SMTP id r69-v6so3666885oie.3 for ; Tue, 18 Sep 2018 19:06:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1ExRS4Oq+LTVlb10/UU5iNj4A16G1bcXV7jk3Kr2BVo=; b=orAykr31xKObZt6H0zHQLOcp5EtwjLRgVXC9jeAO4SQPU8zJCyPniwsZCpDwBWln0p ORvkWM9SMo2HZTIlLixvK0YEp1U7pCTObGJ5rODYiBYAHFa38bYj7Dl6mApi+HbKsQqQ 5XG7i7AZgyyAtmwDpsWJ0d3oMbPEqU/xV7ZFJ3Gs3RfYoOrY7g5+Z4hHMFGBOYSkwuvG oq9P2pDsdjylpIFC+5uxtCKVedVS+peoc0jl6CpMikdkJHpMfIhu//hoCihBs8+Q2RdS 33VeqmR48QmZmhankEfPUfwJ26pBC+H6B3lIyzEiaN2zeNJHhMDvA+E43alzAyzXMW7G 5Gbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1ExRS4Oq+LTVlb10/UU5iNj4A16G1bcXV7jk3Kr2BVo=; b=dVJlDSutlkhmf7kyPRk117QXwpUft7M/RpyAvur+a0ZNd/ZScPuH/MDpKlvFULUD0C ybTx09ljHnhTY8aQ9h1QAjCqkPoJL9DlitthzWrV/b+Vv07DT1MmOwn+WHZz9aSvOoYP LQTA4jUQBI0XaaFVgAfPUYh6WN7oL6G8ccVbVxLRIgOXz6JQRGKpvxcWmojx7d48wKfz f8c0LtN8Wgc1QigGbWL8TYRlve058GUftKBpLQ6Ia4AX9ZAxKDlA/Si2dVPWgWfudhdu CtFgs5FEroEagJR9lfZxkACluRTywuzVCnNXHKYEpb5PI43DHNwL+BEEngLS1275IgaE lvcQ== X-Gm-Message-State: APzg51DBhvStEAxGSKIzLlLQZ2tnk7ynePWTXpvHlRIleUXaEVfxi0ir pdxp7SghGaX2cDgFstzM276MmTLktvMGjiSjEnM= X-Google-Smtp-Source: ANB0VdZIpiaJBOMQNbQvcyTAnc+WYwQdnrqixs5Qhm1JGYqh0UlhibKsKoZxJVzuZUM1P7aLks0z+Jzwnes4xcpLcks= X-Received: by 2002:aca:e402:: with SMTP id b2-v6mr339904oih.60.1537322816678; Tue, 18 Sep 2018 19:06:56 -0700 (PDT) MIME-Version: 1.0 References: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> In-Reply-To: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> From: Kathleen Moriarty Date: Tue, 18 Sep 2018 22:06:20 -0400 Message-ID: To: Barry Greene Cc: Bret Jordan , cacao@ietf.org Content-Type: multipart/alternative; boundary="00000000000064afd705762fdcc5" Archived-At: Subject: Re: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 02:07:00 -0000 --00000000000064afd705762fdcc5 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Bret, On Tue, Sep 18, 2018 at 6:35 PM Barry Greene wrote= : > Hi Bret, > > What you have below was done in Cisco=E2=80=99s TIDP/TMS architecture.. > > Barry > > On Sep 18, 2018, at 23:49, Bret Jordan wrote: > > All, > > I wanted to start some discussion on some of the initial problems (not > all) that we have already identified that need to be solved with this typ= e > of solution. Some of the solutions to these will have elements we can > borrow from other work. Also, keep in mind all of this needs to work in > native JSON. > > > 1. Need the ability to document a single command > 1. Human executed commands > 2. Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, > NETCONF, YANG, etc) > 3. What device or system does the command target (DesktopOS 10 at > IP address 10.0.0.2, Firewall BAR at 192.168.0.2) > 4. What class of devices or systems does the command target > (DesktopOS 10 at patch level 4, Firewall FOO ver 10) > > Additional data classes of IODEF, also the SCI extension. https://tools.ietf.org/html/rfc7970 > > 1. Need the ability to document a chain of commands > 1. Need to know if there is temporal logic or conditional logic > associated between commands > 2. Need to know if commands are sequenced or if they can be run in > parallel > 3. Need to know if there are fall through or fail-to-next commands > 4. Need tracking to know how to back out commands that fail and how > far up the tree you need to back out on failure > > Take a look at the MILE work more closely, there are lessons learned as much of this has been done. Even if you don't want to use the work, there 's no reason to have us all debate the same things again rather than build from experience. IODEF predicate logic: It's simple and more compact. https://tools.ietf.org/html/rfc8274#page-7 > 1. Need ability to provide Digital signatures at the command, the > command chain (tree), and COA Project levels > 1. These digital signatures need to be included in the payload > themselves > 2. Need to be able to sign a section or part of the JSON text data > 3. They need to be in parallel and in series. Meaning, a command > may individually be signed by more than one people. The command an= d a > signature may also be signed multiple times in series. > 1. Example: Company X that makes DesktopOS 10 signs a command > that says it will resolve malware Z on DesktopOS 10 patch versio= n 4. Big > Bank Foo may then sign that (command + Company sig) and say they= have > verified it and it works. Some ISAC may then sign that (command = + Company > sig + Big Bank Foo sig) and then send it out to their eco-system > 4. Signatures need ability to identify what assertions someone is > making. > 1. We need to know what the types of assertions should be (it > works, it has been verified, it has been reviewed, it may work, = it seems to > work, etc) > > You also need to consider origin authentication and multi-hop authentication. There was a lot of work that went into the requirements analysis across areas of the IETF as not to make RID and other MILE protocols specific to incidents or even XML. https://tools.ietf.org/html/rfc6545 Yes, this is XML and you want JSON, using JOSE, I presume. Still, the gap analysis I think will be quite useful as I think you are missing requirements we already came up against. It will speed your work up to leverage existing work. > > 1. Need ability to get responses at the individual command level, the > chain of commands level, and the COA Project level. > 1. Need to identify the types of responses that can be returned and > what are the types of command codes / response codes that should be= returned > 2. Need to identify and have negotiation between systems if the > responses should be pushed or pulled. > 3. Need to know how the individual response can impact the next > steps in the chain. > > > You also need to consider internationalization, which has already been done in the MILE work. This level of detail helps a lot for interoperability. There were 3 interoperable implementations of RID, so testing was done, lessons can be learned. I'm not sure how may IODEF implementations there were/are, but many more than that. Once again, please do the gap analysis to save us all time. There are other MILE documents that may be useful, they can be found off the documents link of the charter page. ROLIE and XMPP Grid were also designed to work with any format and I believe are more flexible than RID, so there is much that can be gleaned from these efforts as well as the DOTS work. Best regards, Kathleen > > Things we already know how to do.. We know how to make this work in a > graph, we know how to make this work with versioning, we know how to tie > these to existing Cyber Threat Intelligence. > > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > --=20 Best regards, Kathleen --00000000000064afd705762fdcc5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Bret= ,



On Tue, Sep 18, 2018 at 6:35 PM Barry Greene <barryrgreene@gmail.com> wrote:
Hi Bret,

What you have below was done in Cisco=E2= =80=99s TIDP/TMS architecture..=C2=A0

Barry
<= div>
On Sep 18, 2018, at 23:49, Bret Jordan <jordan.ietf@gmail.com> wrote:
=
All,

I wanted to start some discussion on some of the initial problems (not all= ) that we have already identified that need to be solved with this type of = solution. Some of the solutions to these will have elements we can borrow f= rom other work. Also, keep in mind all of this needs to work in native JSON= .

  1. Need the ability to document a single command
    1. Human ex= ecuted commands
    2. Native Machine commands (Cisco IOS, Juniper, SEP, O= penC2, SNMP, NETCONF, YANG, etc)
    3. What device or system does the com= mand target (DesktopOS 10 at IP address 10.0.0.2, Firewall BAR at 192.168.0= .2)
    4. What class of devices or systems does the command target (Deskt= opOS 10 at patch level 4, Firewall FOO ver 10)
Additional data classes of IODEF, also t= he SCI extension.
<= div>
  1. Need the abili= ty to document a chain of commands
    1. Need to know if there is tem= poral logic or conditional logic associated between commands
    2. Need t= o know if commands are sequenced or if they can be run in parallel
    3. = Need to know if there are fall through or fail-to-next commands
    4. Nee= d tracking to know how to back out commands that fail and how far up the tr= ee you need to back out on failure=C2=A0

Take a look at the MILE work mo= re closely, there are lessons learned as much of this has been done.=C2=A0 = Even if you don't want to use the work, there 's no reason to have = us all debate the same things again rather than build from experience.
IODEF predicate logic:=C2=A0 It's simple and more compact.
<= div>https://tools.ie= tf.org/html/rfc8274#page-7

<= div>
  1. Need abil= ity to provide Digital signatures at the command, the command chain (tree),= and COA Project levels
    1. These digital signatures need to be inc= luded in the payload themselves
    2. Need to be able to sign a section o= r part of the JSON text data
    3. They need to be in parallel and in ser= ies. Meaning, a command may individually be signed by more than one people.= =C2=A0 The command and a signature may also be signed multiple times in ser= ies.
      1. Example: Company X that makes DesktopOS 10 signs a command= that says it will resolve malware Z on DesktopOS 10 patch version 4. Big B= ank Foo may then sign that (command + Company sig) and say they have verifi= ed it and it works. Some ISAC may then sign that (command + Company sig + B= ig Bank Foo sig) and then send it out to their eco-system
    4. Sign= atures need ability to identify what assertions someone is making. =C2=A0
      1. We need to know what the types of assertions should be (it works= , it has been verified, it has been reviewed, it may work, it seems to work= , etc)
= You also need to consider origin authentication and multi-hop authenticatio= n.=C2=A0 There was a lot of work that went into the requirements analysis a= cross areas of the IETF as not to make RID and other MILE protocols specifi= c to incidents or even XML.

Yes, this is XML and you want JSON, using JOSE, I presume.=C2=A0 Sti= ll, the gap analysis I think will be quite useful as I think you are missin= g requirements we already came up against.=C2=A0 It will speed your work up= to leverage existing work.
  1. Need ability to get responses a= t the individual command level, the chain of commands level, and the COA Pr= oject level.=C2=A0
    1. Need to identify the types of responses that= can be returned=C2=A0and what are the types of command codes / response co= des that should be returned
    2. Need to identify and have negotiation b= etween systems if the responses should be pushed or pulled.
    3. Need to= know how the individual response can impact the next steps in the chain.

You also need to consider internationalization, which has already been do= ne in the MILE work.=C2=A0 This level of detail helps a lot for interoperab= ility. There were 3 interoperable implementations of RID, so testing was do= ne, lessons can be learned.=C2=A0 I'm not sure how may IODEF implementa= tions there were/are, but many more than that.

Onc= e again, please do the gap analysis to save us all time.=C2=A0 There are ot= her MILE documents that may be useful, they can be found off the documents = link of the charter page.=C2=A0 ROLIE and XMPP Grid were also designed to w= ork with any format and I believe are more flexible than RID, so there is m= uch that can be gleaned from these efforts as well as the DOTS work.
<= div>
Best regards,
Kathleen

Things we already know how to do.. We= know how to make this work in a graph, we know how to make this work with = versioning, we know how to tie these to existing Cyber Threat Intelligence.= =C2=A0


Thanks,
Bret
PGP Fingerprint:=C2=A063B4 FC53 680A 6B7D 1447 =C2=A0F2C0 74F8 ACAE 7415 0050
"Witho= ut cryptography vihv vivc ce xhrnrw, however, the only thing that can not b= e unscrambled is an egg."

--
Cacao mailing list
Cacao@ietf.org
https://www.ietf.org/mailman/listinfo/cacao


--

Best regards,
Kathleen
--00000000000064afd705762fdcc5-- From nobody Wed Sep 19 01:31:10 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80B31130FCB for ; Wed, 19 Sep 2018 01:31:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.897 X-Spam-Level: X-Spam-Status: No, score=-6.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mm7IiljgFGap for ; Wed, 19 Sep 2018 01:31:03 -0700 (PDT) Received: from svripmail1.coop.ch (mail20.coop.ch [194.11.167.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FA14130E58 for ; Wed, 19 Sep 2018 01:31:01 -0700 (PDT) Received: from svrm2ex2k13n04.hs.coop.ch ([10.5.39.72]) by svripmail1.coop.ch with ESMTP/TLS/AES256-SHA; 19 Sep 2018 10:30:58 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch (10.5.39.75) by svrm2ex2k13n04.hs.coop.ch (10.5.39.72) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Wed, 19 Sep 2018 10:30:58 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4]) by SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4%22]) with mapi id 15.00.1365.000; Wed, 19 Sep 2018 10:30:58 +0200 From: To: , CC: , Thread-Topic: [Cacao] Initial Problem Set Thread-Index: AQHUT2cns9tixNvav0+bxuAjo1vmiqT2f1MAgAA7DgCAAIwykA== Date: Wed, 19 Sep 2018 08:30:58 +0000 Message-ID: <7e942ab2e4024d7db4c45e30f39c97bd@SVRM2EX2K13N05.hs.coop.ch> References: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> In-Reply-To: Accept-Language: de-DE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.105.10.52] Content-Type: multipart/alternative; boundary="_000_7e942ab2e4024d7db4c45e30f39c97bdSVRM2EX2K13N05hscoopch_" MIME-Version: 1.0 Archived-At: Subject: Re: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 08:31:09 -0000 --_000_7e942ab2e4024d7db4c45e30f39c97bdSVRM2EX2K13N05hscoopch_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgQnJldCwgS2F0aGxlZW4NCg0Kd291bGQgdGhhdCBiZSBzb21ldGhpbmcgdGhhdCBjb3VsZCB3 b3JrIGFzIHNvbWUga2luZCBvZiBnYXAgYW5hbHlzaXM/IGh0dHBzOi8vZ2l0aHViLmNvbS9jbGF0 emUvaWV0Zi9ibG9iL21hc3Rlci9DQUNBTy1nYXAtRkFRLm1kIC4gSXQgaXMgbm8gcmVhbCBnYXAg YW5hbHlzaXMsIHRoaXMgRkFRIHdvdWxkIHJhdGhlciBoaWdobGlnaHQgdGhlIGRpZmZlcmVuY2Vz LiBJIGp1c3QgdG9vayB0d28gc2FtcGxlcyB0byBzaG93IGhvdyB0aGF0IGNvdWxkIGxvb2sgbGlr ZSBhbmQgaWYgdGhhdCBpcyB3aGF0IGNvdWxkIGJlIGhlbHBmdWwuIFdlIGNvdWxkIGFsc28gaW5j bHVkZSBjb21tZW50cyBoZXJlIGxpa2XigKYgIkNBQ0FPIG1ha2VzIHVzZSBvZiBYWSB0byBhY2hp ZXZlIGl0cyBnb2FsIi4NCg0KYmVzdCByZWdhcmRzDQpDYXJvbGluDQoNCkZyb206IENhY2FvIFtt YWlsdG86Y2FjYW8tYm91bmNlc0BpZXRmLm9yZ10gT24gQmVoYWxmIE9mIEthdGhsZWVuIE1vcmlh cnR5DQpTZW50OiBXZWRuZXNkYXksIFNlcHRlbWJlciAxOSwgMjAxOCA0OjA2IEFNDQpUbzogQmFy cnkgR3JlZW5lIDxiYXJyeXJncmVlbmVAZ21haWwuY29tPg0KQ2M6IGNhY2FvQGlldGYub3JnOyBC cmV0IEpvcmRhbiA8am9yZGFuLmlldGZAZ21haWwuY29tPg0KU3ViamVjdDogUmU6IFtDYWNhb10g SW5pdGlhbCBQcm9ibGVtIFNldA0KDQpIaSBCcmV0LA0KDQoNCg0KT24gVHVlLCBTZXAgMTgsIDIw MTggYXQgNjozNSBQTSBCYXJyeSBHcmVlbmUgPGJhcnJ5cmdyZWVuZUBnbWFpbC5jb208bWFpbHRv OmJhcnJ5cmdyZWVuZUBnbWFpbC5jb20+PiB3cm90ZToNCkhpIEJyZXQsDQoNCldoYXQgeW91IGhh dmUgYmVsb3cgd2FzIGRvbmUgaW4gQ2lzY2/igJlzIFRJRFAvVE1TIGFyY2hpdGVjdHVyZS4uDQoN CkJhcnJ5DQoNCk9uIFNlcCAxOCwgMjAxOCwgYXQgMjM6NDksIEJyZXQgSm9yZGFuIDxqb3JkYW4u aWV0ZkBnbWFpbC5jb208bWFpbHRvOmpvcmRhbi4uaWV0ZkBnbWFpbC5jb20+PiB3cm90ZToNCkFs bCwNCg0KSSB3YW50ZWQgdG8gc3RhcnQgc29tZSBkaXNjdXNzaW9uIG9uIHNvbWUgb2YgdGhlIGlu aXRpYWwgcHJvYmxlbXMgKG5vdCBhbGwpIHRoYXQgd2UgaGF2ZSBhbHJlYWR5IGlkZW50aWZpZWQg dGhhdCBuZWVkIHRvIGJlIHNvbHZlZCB3aXRoIHRoaXMgdHlwZSBvZiBzb2x1dGlvbi4gU29tZSBv ZiB0aGUgc29sdXRpb25zIHRvIHRoZXNlIHdpbGwgaGF2ZSBlbGVtZW50cyB3ZSBjYW4gYm9ycm93 IGZyb20gb3RoZXIgd29yay4gQWxzbywga2VlcCBpbiBtaW5kIGFsbCBvZiB0aGlzIG5lZWRzIHRv IHdvcmsgaW4gbmF0aXZlIEpTT04uLg0KDQoNCiAgMS4gIE5lZWQgdGhlIGFiaWxpdHkgdG8gZG9j dW1lbnQgYSBzaW5nbGUgY29tbWFuZA0KDQogICAgICogICBIdW1hbiBleGVjdXRlZCBjb21tYW5k cw0KICAgICAqICAgTmF0aXZlIE1hY2hpbmUgY29tbWFuZHMgKENpc2NvIElPUywgSnVuaXBlciwg U0VQLCBPcGVuQzIsIFNOTVAsIE5FVENPTkYsIFlBTkcsIGV0YykNCiAgICAgKiAgIFdoYXQgZGV2 aWNlIG9yIHN5c3RlbSBkb2VzIHRoZSBjb21tYW5kIHRhcmdldCAoRGVza3RvcE9TIDEwIGF0IElQ IGFkZHJlc3MgMTAuMC4wLjIsIEZpcmV3YWxsIEJBUiBhdCAxOTIuMTY4LjAuLjIpDQogICAgICog ICBXaGF0IGNsYXNzIG9mIGRldmljZXMgb3Igc3lzdGVtcyBkb2VzIHRoZSBjb21tYW5kIHRhcmdl dCAoRGVza3RvcE9TIDEwIGF0IHBhdGNoIGxldmVsIDQsIEZpcmV3YWxsIEZPTyB2ZXIgMTApDQpB ZGRpdGlvbmFsIGRhdGEgY2xhc3NlcyBvZiBJT0RFRiwgYWxzbyB0aGUgU0NJIGV4dGVuc2lvbi4N Cmh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9yZmM3OTcwDQoNCiAgMS4gIE5lZWQgdGhlIGFi aWxpdHkgdG8gZG9jdW1lbnQgYSBjaGFpbiBvZiBjb21tYW5kcw0KDQogICAgICogICBOZWVkIHRv IGtub3cgaWYgdGhlcmUgaXMgdGVtcG9yYWwgbG9naWMgb3IgY29uZGl0aW9uYWwgbG9naWMgYXNz b2NpYXRlZCBiZXR3ZWVuIGNvbW1hbmRzDQogICAgICogICBOZWVkIHRvIGtub3cgaWYgY29tbWFu ZHMgYXJlIHNlcXVlbmNlZCBvciBpZiB0aGV5IGNhbiBiZSBydW4gaW4gcGFyYWxsZWwNCiAgICAg KiAgIE5lZWQgdG8ga25vdyBpZiB0aGVyZSBhcmUgZmFsbCB0aHJvdWdoIG9yIGZhaWwtdG8tbmV4 dCBjb21tYW5kcw0KICAgICAqICAgTmVlZCB0cmFja2luZyB0byBrbm93IGhvdyB0byBiYWNrIG91 dCBjb21tYW5kcyB0aGF0IGZhaWwgYW5kIGhvdyBmYXIgdXAgdGhlIHRyZWUgeW91IG5lZWQgdG8g YmFjayBvdXQgb24gZmFpbHVyZQ0KDQpUYWtlIGEgbG9vayBhdCB0aGUgTUlMRSB3b3JrIG1vcmUg Y2xvc2VseSwgdGhlcmUgYXJlIGxlc3NvbnMgbGVhcm5lZCBhcyBtdWNoIG9mIHRoaXMgaGFzIGJl ZW4gZG9uZS4gIEV2ZW4gaWYgeW91IGRvbid0IHdhbnQgdG8gdXNlIHRoZSB3b3JrLCB0aGVyZSAn cyBubyByZWFzb24gdG8gaGF2ZSB1cyBhbGwgZGViYXRlIHRoZSBzYW1lIHRoaW5ncyBhZ2FpbiBy YXRoZXIgdGhhbiBidWlsZCBmcm9tIGV4cGVyaWVuY2UuDQpJT0RFRiBwcmVkaWNhdGUgbG9naWM6 ICBJdCdzIHNpbXBsZSBhbmQgbW9yZSBjb21wYWN0Lg0KaHR0cHM6Ly90b29scy5pZXRmLm9yZy9o dG1sL3JmYzgyNzQjcGFnZS03DQoNCg0KICAxLiAgTmVlZCBhYmlsaXR5IHRvIHByb3ZpZGUgRGln aXRhbCBzaWduYXR1cmVzIGF0IHRoZSBjb21tYW5kLCB0aGUgY29tbWFuZCBjaGFpbiAodHJlZSks IGFuZCBDT0EgUHJvamVjdCBsZXZlbHMNCg0KICAgICAqICAgVGhlc2UgZGlnaXRhbCBzaWduYXR1 cmVzIG5lZWQgdG8gYmUgaW5jbHVkZWQgaW4gdGhlIHBheWxvYWQgdGhlbXNlbHZlcw0KICAgICAq ICAgTmVlZCB0byBiZSBhYmxlIHRvIHNpZ24gYSBzZWN0aW9uIG9yIHBhcnQgb2YgdGhlIEpTT04g dGV4dCBkYXRhDQogICAgICogICBUaGV5IG5lZWQgdG8gYmUgaW4gcGFyYWxsZWwgYW5kIGluIHNl cmllcy4gTWVhbmluZywgYSBjb21tYW5kIG1heSBpbmRpdmlkdWFsbHkgYmUgc2lnbmVkIGJ5IG1v cmUgdGhhbiBvbmUgcGVvcGxlLiAgVGhlIGNvbW1hbmQgYW5kIGEgc2lnbmF0dXJlIG1heSBhbHNv IGJlIHNpZ25lZCBtdWx0aXBsZSB0aW1lcyBpbiBzZXJpZXMuDQoNCiAgICAgICAgKiAgIEV4YW1w bGU6IENvbXBhbnkgWCB0aGF0IG1ha2VzIERlc2t0b3BPUyAxMCBzaWducyBhIGNvbW1hbmQgdGhh dCBzYXlzIGl0IHdpbGwgcmVzb2x2ZSBtYWx3YXJlIFogb24gRGVza3RvcE9TIDEwIHBhdGNoIHZl cnNpb24gNC4gQmlnIEJhbmsgRm9vIG1heSB0aGVuIHNpZ24gdGhhdCAoY29tbWFuZCArIENvbXBh bnkgc2lnKSBhbmQgc2F5IHRoZXkgaGF2ZSB2ZXJpZmllZCBpdCBhbmQgaXQgd29ya3MuIFNvbWUg SVNBQyBtYXkgdGhlbiBzaWduIHRoYXQgKGNvbW1hbmQgKyBDb21wYW55IHNpZyArIEJpZyBCYW5r IEZvbyBzaWcpIGFuZCB0aGVuIHNlbmQgaXQgb3V0IHRvIHRoZWlyIGVjby1zeXN0ZW0NCg0KICAg ICAqICAgU2lnbmF0dXJlcyBuZWVkIGFiaWxpdHkgdG8gaWRlbnRpZnkgd2hhdCBhc3NlcnRpb25z IHNvbWVvbmUgaXMgbWFraW5nLg0KDQogICAgICAgICogICBXZSBuZWVkIHRvIGtub3cgd2hhdCB0 aGUgdHlwZXMgb2YgYXNzZXJ0aW9ucyBzaG91bGQgYmUgKGl0IHdvcmtzLCBpdCBoYXMgYmVlbiB2 ZXJpZmllZCwgaXQgaGFzIGJlZW4gcmV2aWV3ZWQsIGl0IG1heSB3b3JrLCBpdCBzZWVtcyB0byB3 b3JrLCBldGMpDQpZb3UgYWxzbyBuZWVkIHRvIGNvbnNpZGVyIG9yaWdpbiBhdXRoZW50aWNhdGlv biBhbmQgbXVsdGktaG9wIGF1dGhlbnRpY2F0aW9uLiAgVGhlcmUgd2FzIGEgbG90IG9mIHdvcmsg dGhhdCB3ZW50IGludG8gdGhlIHJlcXVpcmVtZW50cyBhbmFseXNpcyBhY3Jvc3MgYXJlYXMgb2Yg dGhlIElFVEYgYXMgbm90IHRvIG1ha2UgUklEIGFuZCBvdGhlciBNSUxFIHByb3RvY29scyBzcGVj aWZpYyB0byBpbmNpZGVudHMgb3IgZXZlbiBYTUwuDQpodHRwczovL3Rvb2xzLmlldGYub3JnL2h0 bWwvcmZjNjU0NQ0KDQpZZXMsIHRoaXMgaXMgWE1MIGFuZCB5b3Ugd2FudCBKU09OLCB1c2luZyBK T1NFLCBJIHByZXN1bWUuICBTdGlsbCwgdGhlIGdhcCBhbmFseXNpcyBJIHRoaW5rIHdpbGwgYmUg cXVpdGUgdXNlZnVsIGFzIEkgdGhpbmsgeW91IGFyZSBtaXNzaW5nIHJlcXVpcmVtZW50cyB3ZSBh bHJlYWR5IGNhbWUgdXAgYWdhaW5zdC4gIEl0IHdpbGwgc3BlZWQgeW91ciB3b3JrIHVwIHRvIGxl dmVyYWdlIGV4aXN0aW5nIHdvcmsuDQoNCiAgMS4gIE5lZWQgYWJpbGl0eSB0byBnZXQgcmVzcG9u c2VzIGF0IHRoZSBpbmRpdmlkdWFsIGNvbW1hbmQgbGV2ZWwsIHRoZSBjaGFpbiBvZiBjb21tYW5k cyBsZXZlbCwgYW5kIHRoZSBDT0EgUHJvamVjdCBsZXZlbC4NCg0KICAgICAqICAgTmVlZCB0byBp ZGVudGlmeSB0aGUgdHlwZXMgb2YgcmVzcG9uc2VzIHRoYXQgY2FuIGJlIHJldHVybmVkIGFuZCB3 aGF0IGFyZSB0aGUgdHlwZXMgb2YgY29tbWFuZCBjb2RlcyAvIHJlc3BvbnNlIGNvZGVzIHRoYXQg c2hvdWxkIGJlIHJldHVybmVkDQogICAgICogICBOZWVkIHRvIGlkZW50aWZ5IGFuZCBoYXZlIG5l Z290aWF0aW9uIGJldHdlZW4gc3lzdGVtcyBpZiB0aGUgcmVzcG9uc2VzIHNob3VsZCBiZSBwdXNo ZWQgb3IgcHVsbGVkLg0KICAgICAqICAgTmVlZCB0byBrbm93IGhvdyB0aGUgaW5kaXZpZHVhbCBy ZXNwb25zZSBjYW4gaW1wYWN0IHRoZSBuZXh0IHN0ZXBzIGluIHRoZSBjaGFpbi4NCg0KWW91IGFs c28gbmVlZCB0byBjb25zaWRlciBpbnRlcm5hdGlvbmFsaXphdGlvbiwgd2hpY2ggaGFzIGFscmVh ZHkgYmVlbiBkb25lIGluIHRoZSBNSUxFIHdvcmsuICBUaGlzIGxldmVsIG9mIGRldGFpbCBoZWxw cyBhIGxvdCBmb3IgaW50ZXJvcGVyYWJpbGl0eS4gVGhlcmUgd2VyZSAzIGludGVyb3BlcmFibGUg aW1wbGVtZW50YXRpb25zIG9mIFJJRCwgc28gdGVzdGluZyB3YXMgZG9uZSwgbGVzc29ucyBjYW4g YmUgbGVhcm5lZC4gIEknbSBub3Qgc3VyZSBob3cgbWF5IElPREVGIGltcGxlbWVudGF0aW9ucyB0 aGVyZSB3ZXJlL2FyZSwgYnV0IG1hbnkgbW9yZSB0aGFuIHRoYXQuDQoNCk9uY2UgYWdhaW4sIHBs ZWFzZSBkbyB0aGUgZ2FwIGFuYWx5c2lzIHRvIHNhdmUgdXMgYWxsIHRpbWUuICBUaGVyZSBhcmUg b3RoZXIgTUlMRSBkb2N1bWVudHMgdGhhdCBtYXkgYmUgdXNlZnVsLCB0aGV5IGNhbiBiZSBmb3Vu ZCBvZmYgdGhlIGRvY3VtZW50cyBsaW5rIG9mIHRoZSBjaGFydGVyIHBhZ2UuICBST0xJRSBhbmQg WE1QUCBHcmlkIHdlcmUgYWxzbyBkZXNpZ25lZCB0byB3b3JrIHdpdGggYW55IGZvcm1hdCBhbmQg SSBiZWxpZXZlIGFyZSBtb3JlIGZsZXhpYmxlIHRoYW4gUklELCBzbyB0aGVyZSBpcyBtdWNoIHRo YXQgY2FuIGJlIGdsZWFuZWQgZnJvbSB0aGVzZSBlZmZvcnRzIGFzIHdlbGwgYXMgdGhlIERPVFMg d29yay4NCg0KQmVzdCByZWdhcmRzLA0KS2F0aGxlZW4NCg0KVGhpbmdzIHdlIGFscmVhZHkga25v dyBob3cgdG8gZG8uLiBXZSBrbm93IGhvdyB0byBtYWtlIHRoaXMgd29yayBpbiBhIGdyYXBoLCB3 ZSBrbm93IGhvdyB0byBtYWtlIHRoaXMgd29yayB3aXRoIHZlcnNpb25pbmcsIHdlIGtub3cgaG93 IHRvIHRpZSB0aGVzZSB0byBleGlzdGluZyBDeWJlciBUaHJlYXQgSW50ZWxsaWdlbmNlLg0KDQoN ClRoYW5rcywNCkJyZXQNClBHUCBGaW5nZXJwcmludDogNjNCNCBGQzUzIDY4MEEgNkI3RCAxNDQ3 ICBGMkMwIDc0RjggQUNBRSA3NDE1IDAwNTANCiJXaXRob3V0IGNyeXB0b2dyYXBoeSB2aWh2IHZp dmMgY2UgeGhybnJ3LCBob3dldmVyLCB0aGUgb25seSB0aGluZyB0aGF0IGNhbiBub3QgYmUgdW5z Y3JhbWJsZWQgaXMgYW4gZWdnLiINCg0KLS0NCkNhY2FvIG1haWxpbmcgbGlzdA0KQ2FjYW9AaWV0 Zi5vcmc8bWFpbHRvOkNhY2FvQGlldGYub3JnPg0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1h bi9saXN0aW5mby9jYWNhbw0KLS0NCkNhY2FvIG1haWxpbmcgbGlzdA0KQ2FjYW9AaWV0Zi5vcmc8 bWFpbHRvOkNhY2FvQGlldGYub3JnPg0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0 aW5mby9jYWNhbw0KDQoNCi0tDQoNCkJlc3QgcmVnYXJkcywNCkthdGhsZWVuDQo= --_000_7e942ab2e4024d7db4c45e30f39c97bdSVRM2EX2K13N05hscoopch_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6ZHQ9InV1aWQ6QzJGNDEwMTAtNjVC My0xMWQxLUEyOUYtMDBBQTAwQzE0ODgyIiB4bWxuczptPSJodHRwOi8vc2NoZW1hcy5taWNyb3Nv ZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy9UUi9S RUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250 ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1ldGEgbmFtZT0iR2VuZXJhdG9yIiBj b250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQgbWVkaXVtKSI+DQo8c3R5bGU+PCEt LQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpIZWx2 ZXRpY2E7DQoJcGFub3NlLTE6MiAxMSA2IDQgMiAyIDIgMiAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtm b250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2IDMgMiA0 O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUg MiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OlZlcmRhbmE7DQoJcGFu b3NlLTE6MiAxMSA2IDQgMyA1IDQgNCAyIDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAu TXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCglt YXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjEyLjBwdDsNCglmb250LWZhbWlseToi VGltZXMgTmV3IFJvbWFuIixzZXJpZjt9DQphOmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21z by1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpibHVlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRl cmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1zb0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHls ZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJwbGU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGlu ZTt9DQpzcGFuLmdtYWlsLW0xMjM0MDM0NDA0MjM5MTE0NTIwYXBwbGUtc3R5bGUtc3Bhbg0KCXtt c28tc3R5bGUtbmFtZTpnbWFpbC1tXzEyMzQwMzQ0MDQyMzkxMTQ1MjBhcHBsZS1zdHlsZS1zcGFu O30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsLXJlcGx5Ow0K CWZvbnQtZmFtaWx5OiJBcmlhbCIsc2Fucy1zZXJpZjsNCgljb2xvcjojMDA3MEMwOw0KCWZvbnQt d2VpZ2h0Om5vcm1hbDsNCglmb250LXN0eWxlOm5vcm1hbDsNCgl0ZXh0LWRlY29yYXRpb246bm9u ZSBub25lO30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0K CWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCW1zby1mYXJlYXN0LWxhbmd1YWdl OkVOLVVTO30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJn aW46NzAuODVwdCA3MC44NXB0IDU2LjdwdCA3MC44NXB0O30NCmRpdi5Xb3JkU2VjdGlvbjENCgl7 cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLyogTGlzdCBEZWZpbml0aW9ucyAqLw0KQGxpc3QgbDANCgl7 bXNvLWxpc3QtaWQ6OTk5NTY3ODc7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOi0yMTQ0MTc0Mjc4 O30NCkBsaXN0IGwxDQoJe21zby1saXN0LWlkOjg1MjM3NDcxOTsNCgltc28tbGlzdC10ZW1wbGF0 ZS1pZHM6LTIwODM3MzM4MDI7fQ0KQGxpc3QgbDINCgl7bXNvLWxpc3QtaWQ6OTU4ODc1ODU0Ow0K CW1zby1saXN0LXRlbXBsYXRlLWlkczotMTYxOTEyMTM2Njt9DQpAbGlzdCBsMw0KCXttc28tbGlz dC1pZDoxNzMyOTk4NzQzOw0KCW1zby1saXN0LXRlbXBsYXRlLWlkczoxNDYxOTk5NjI0O30NCm9s DQoJe21hcmdpbi1ib3R0b206MGluO30NCnVsDQoJe21hcmdpbi1ib3R0b206MGluO30NCi0tPjwv c3R5bGU+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWRlZmF1bHRzIHY6ZXh0PSJl ZGl0IiBzcGlkbWF4PSIxMDI2IiAvPg0KPC94bWw+PCFbZW5kaWZdLS0+PCEtLVtpZiBndGUgbXNv IDldPjx4bWw+DQo8bzpzaGFwZWxheW91dCB2OmV4dD0iZWRpdCI+DQo8bzppZG1hcCB2OmV4dD0i ZWRpdCIgZGF0YT0iMSIgLz4NCjwvbzpzaGFwZWxheW91dD48L3htbD48IVtlbmRpZl0tLT4NCjwv aGVhZD4NCjxib2R5IGxhbmc9IkRFLUNIIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIj4NCjxk aXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls ZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNl cmlmO2NvbG9yOiMwMDcwQzA7bXNvLWZhcmVhc3QtbGFuZ3VhZ2U6RU4tVVMiPkhpIEJyZXQsIEth dGhsZWVuPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g c3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fu cy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTIj48bzpwPiZu YnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJF Ti1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVv dDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTIj53 b3VsZCB0aGF0IGJlIHNvbWV0aGluZyB0aGF0IGNvdWxkIHdvcmsgYXMgc29tZSBraW5kIG9mIGdh cCBhbmFseXNpcz8NCjxhIGhyZWY9Imh0dHBzOi8vZ2l0aHViLmNvbS9jbGF0emUvaWV0Zi9ibG9i L21hc3Rlci9DQUNBTy1nYXAtRkFRLm1kIj5odHRwczovL2dpdGh1Yi5jb20vY2xhdHplL2lldGYv YmxvYi9tYXN0ZXIvQ0FDQU8tZ2FwLUZBUS5tZDwvYT4gLiBJdCBpcyBubyByZWFsIGdhcCBhbmFs eXNpcywgdGhpcyBGQVEgd291bGQgcmF0aGVyIGhpZ2hsaWdodCB0aGUgZGlmZmVyZW5jZXMuIEkg anVzdCB0b29rIHR3byBzYW1wbGVzIHRvIHNob3cgaG93IHRoYXQgY291bGQNCiBsb29rIGxpa2Ug YW5kIGlmIHRoYXQgaXMgd2hhdCBjb3VsZCBiZSBoZWxwZnVsLiBXZSBjb3VsZCBhbHNvIGluY2x1 ZGUgY29tbWVudHMgaGVyZSBsaWtl4oCmICZxdW90O0NBQ0FPIG1ha2VzIHVzZSBvZiBYWSB0byBh Y2hpZXZlIGl0cyBnb2FsJnF1b3Q7LjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250 LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMwMDcwQzA7bXNvLWZh cmVhc3QtbGFuZ3VhZ2U6RU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjEwLjBw dDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMwMDcwQzA7 bXNvLWZhcmVhc3QtbGFuZ3VhZ2U6RU4tVVMiPmJlc3QgcmVnYXJkczxicj4NCkNhcm9saW48bzpw PjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1V UyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDss c2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTIj48bzpw PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBs YW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2Fs aWJyaSZxdW90OyxzYW5zLXNlcmlmIj5Gcm9tOjwvc3Bhbj48L2I+PHNwYW4gbGFuZz0iRU4tVVMi IHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDss c2Fucy1zZXJpZiI+IENhY2FvIFttYWlsdG86Y2FjYW8tYm91bmNlc0BpZXRmLm9yZ10NCjxiPk9u IEJlaGFsZiBPZiA8L2I+S2F0aGxlZW4gTW9yaWFydHk8YnI+DQo8Yj5TZW50OjwvYj4gV2VkbmVz ZGF5LCBTZXB0ZW1iZXIgMTksIDIwMTggNDowNiBBTTxicj4NCjxiPlRvOjwvYj4gQmFycnkgR3Jl ZW5lICZsdDtiYXJyeXJncmVlbmVAZ21haWwuY29tJmd0Ozxicj4NCjxiPkNjOjwvYj4gY2FjYW9A aWV0Zi5vcmc7IEJyZXQgSm9yZGFuICZsdDtqb3JkYW4uaWV0ZkBnbWFpbC5jb20mZ3Q7PGJyPg0K PGI+U3ViamVjdDo8L2I+IFJlOiBbQ2FjYW9dIEluaXRpYWwgUHJvYmxlbSBTZXQ8bzpwPjwvbzpw Pjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4N CjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5IaSBCcmV0 LDxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7 PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJz cDs8L286cD48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9v OnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5PbiBUdWUsIFNlcCAx OCwgMjAxOCBhdCA2OjM1IFBNIEJhcnJ5IEdyZWVuZSAmbHQ7PGEgaHJlZj0ibWFpbHRvOmJhcnJ5 cmdyZWVuZUBnbWFpbC5jb20iPmJhcnJ5cmdyZWVuZUBnbWFpbC5jb208L2E+Jmd0OyB3cm90ZTo8 bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2Jv cmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDtt YXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tcmlnaHQ6MGluIj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+SGkgQnJldCw8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+V2hhdCB5b3UgaGF2ZSBiZWxvdyB3YXMgZG9uZSBpbiBDaXNj b+KAmXMgVElEUC9UTVMgYXJjaGl0ZWN0dXJlLi4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+QmFycnk8bzpwPjwvbzpwPjwvcD4NCjwv ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjEy LjBwdCI+PGJyPg0KT24gU2VwIDE4LCAyMDE4LCBhdCAyMzo0OSwgQnJldCBKb3JkYW4gJmx0Ozxh IGhyZWY9Im1haWx0bzpqb3JkYW4uLmlldGZAZ21haWwuY29tIiB0YXJnZXQ9Il9ibGFuayI+am9y ZGFuLmlldGZAZ21haWwuY29tPC9hPiZndDsgd3JvdGU6PG86cD48L286cD48L3A+DQo8L2Rpdj4N CjxibG9ja3F1b3RlIHN0eWxlPSJtYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1ib3R0b206NS4wcHQi Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5BbGwsPG86cD48L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkkgd2FudGVkIHRvIHN0YXJ0 IHNvbWUgZGlzY3Vzc2lvbiBvbiBzb21lIG9mIHRoZSBpbml0aWFsIHByb2JsZW1zIChub3QgYWxs KSB0aGF0IHdlIGhhdmUgYWxyZWFkeSBpZGVudGlmaWVkIHRoYXQgbmVlZCB0byBiZSBzb2x2ZWQg d2l0aCB0aGlzIHR5cGUgb2Ygc29sdXRpb24uIFNvbWUgb2YgdGhlIHNvbHV0aW9ucyB0byB0aGVz ZSB3aWxsIGhhdmUgZWxlbWVudHMgd2UgY2FuIGJvcnJvdyBmcm9tIG90aGVyIHdvcmsuDQogQWxz bywga2VlcCBpbiBtaW5kIGFsbCBvZiB0aGlzIG5lZWRzIHRvIHdvcmsgaW4gbmF0aXZlIEpTT04u LjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86 cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEi Pg0KPGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bztt c28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMiBsZXZlbDEgbGZvMSI+DQpOZWVk IHRoZSBhYmlsaXR5IHRvIGRvY3VtZW50IGEgc2luZ2xlIGNvbW1hbmQ8bzpwPjwvbzpwPjwvbGk+ PC9vbD4NCjxvbCBzdGFydD0iMSIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEiPg0K PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28t bWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMiBsZXZlbDIgbGZvMSI+DQpIdW1hbiBl eGVjdXRlZCBjb21tYW5kczxvOnA+PC9vOnA+PC9saT48bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5 bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21z by1saXN0OmwyIGxldmVsMiBsZm8xIj4NCk5hdGl2ZSBNYWNoaW5lIGNvbW1hbmRzIChDaXNjbyBJ T1MsIEp1bmlwZXIsIFNFUCwgT3BlbkMyLCBTTk1QLCBORVRDT05GLCBZQU5HLCBldGMpPG86cD48 L286cD48L2xpPjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0 OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDIgbGV2ZWwyIGxmbzEi Pg0KV2hhdCBkZXZpY2Ugb3Igc3lzdGVtIGRvZXMgdGhlIGNvbW1hbmQgdGFyZ2V0IChEZXNrdG9w T1MgMTAgYXQgSVAgYWRkcmVzcyAxMC4wLjAuMiwgRmlyZXdhbGwgQkFSIGF0IDE5Mi4xNjguMC4u Mik8bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2lu LXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMiBsZXZl bDIgbGZvMSI+DQpXaGF0IGNsYXNzIG9mIGRldmljZXMgb3Igc3lzdGVtcyBkb2VzIHRoZSBjb21t YW5kIHRhcmdldCAoRGVza3RvcE9TIDEwIGF0IHBhdGNoIGxldmVsIDQsIEZpcmV3YWxsIEZPTyB2 ZXIgMTApPG86cD48L286cD48L2xpPjwvb2w+DQo8L29sPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYmxv Y2txdW90ZT4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPkFkZGl0aW9uYWwgZGF0YSBjbGFzc2VzIG9mIElPREVGLCBhbHNvIHRoZSBTQ0kgZXh0ZW5z aW9uLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PGEgaHJlZj0iaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL3JmYzc5NzAiPmh0dHBzOi8vdG9v bHMuaWV0Zi5vcmcvaHRtbC9yZmM3OTcwPC9hPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8Ymxv Y2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBw dDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi1yaWdo dDowaW4iPg0KPGRpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJtYXJnaW4tdG9wOjUuMHB0O21hcmdp bi1ib3R0b206NS4wcHQiPg0KPGRpdj4NCjxkaXY+DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEiPg0K PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28t bWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMyBsZXZlbDEgbGZvMiI+DQpOZWVkIHRo ZSBhYmlsaXR5IHRvIGRvY3VtZW50IGEgY2hhaW4gb2YgY29tbWFuZHM8bzpwPjwvbzpwPjwvbGk+ PC9vbD4NCjxvbCBzdGFydD0iMSIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEiPg0K PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28t bWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMyBsZXZlbDIgbGZvMiI+DQpOZWVkIHRv IGtub3cgaWYgdGhlcmUgaXMgdGVtcG9yYWwgbG9naWMgb3IgY29uZGl0aW9uYWwgbG9naWMgYXNz b2NpYXRlZCBiZXR3ZWVuIGNvbW1hbmRzPG86cD48L286cD48L2xpPjxsaSBjbGFzcz0iTXNvTm9y bWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0 OmF1dG87bXNvLWxpc3Q6bDMgbGV2ZWwyIGxmbzIiPg0KTmVlZCB0byBrbm93IGlmIGNvbW1hbmRz IGFyZSBzZXF1ZW5jZWQgb3IgaWYgdGhleSBjYW4gYmUgcnVuIGluIHBhcmFsbGVsPG86cD48L286 cD48L2xpPjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1 dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDMgbGV2ZWwyIGxmbzIiPg0K TmVlZCB0byBrbm93IGlmIHRoZXJlIGFyZSBmYWxsIHRocm91Z2ggb3IgZmFpbC10by1uZXh0IGNv bW1hbmRzPG86cD48L286cD48L2xpPjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1h cmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDMg bGV2ZWwyIGxmbzIiPg0KTmVlZCB0cmFja2luZyB0byBrbm93IGhvdyB0byBiYWNrIG91dCBjb21t YW5kcyB0aGF0IGZhaWwgYW5kIGhvdyBmYXIgdXAgdGhlIHRyZWUgeW91IG5lZWQgdG8gYmFjayBv dXQgb24gZmFpbHVyZSZuYnNwOzxvOnA+PC9vOnA+PC9saT48L29sPg0KPC9vbD4NCjwvZGl2Pg0K PC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjxkaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPlRha2UgYSBsb29rIGF0IHRoZSBNSUxFIHdvcmsgbW9yZSBjbG9z ZWx5LCB0aGVyZSBhcmUgbGVzc29ucyBsZWFybmVkIGFzIG11Y2ggb2YgdGhpcyBoYXMgYmVlbiBk b25lLiZuYnNwOyBFdmVuIGlmIHlvdSBkb24ndCB3YW50IHRvIHVzZSB0aGUgd29yaywgdGhlcmUg J3Mgbm8gcmVhc29uIHRvIGhhdmUgdXMgYWxsIGRlYmF0ZSB0aGUgc2FtZSB0aGluZ3MgYWdhaW4g cmF0aGVyIHRoYW4gYnVpbGQgZnJvbSBleHBlcmllbmNlLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+SU9ERUYgcHJlZGljYXRlIGxvZ2ljOiZuYnNw OyBJdCdzIHNpbXBsZSBhbmQgbW9yZSBjb21wYWN0LjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGEgaHJlZj0iaHR0cHM6Ly90b29scy5pZXRmLm9y Zy9odG1sL3JmYzgyNzQjcGFnZS03Ij5odHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjODI3 NCNwYWdlLTc8L2E+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9 ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4g MGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tcmlnaHQ6MGluIj4NCjxkaXY+ DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9tOjUuMHB0 Ij4NCjxkaXY+DQo8ZGl2Pg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNv Tm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20t YWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwxIGxmbzMiPg0KTmVlZCBhYmlsaXR5IHRvIHByb3Zp ZGUgRGlnaXRhbCBzaWduYXR1cmVzIGF0IHRoZSBjb21tYW5kLCB0aGUgY29tbWFuZCBjaGFpbiAo dHJlZSksIGFuZCBDT0EgUHJvamVjdCBsZXZlbHM8bzpwPjwvbzpwPjwvbGk+PC9vbD4NCjxvbCBz dGFydD0iMSIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEiPg0KPGxpIGNsYXNzPSJN c29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRv bS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZlbDIgbGZvMyI+DQpUaGVzZSBkaWdpdGFsIHNpZ25h dHVyZXMgbmVlZCB0byBiZSBpbmNsdWRlZCBpbiB0aGUgcGF5bG9hZCB0aGVtc2VsdmVzPG86cD48 L286cD48L2xpPjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0 OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDAgbGV2ZWwyIGxmbzMi Pg0KTmVlZCB0byBiZSBhYmxlIHRvIHNpZ24gYSBzZWN0aW9uIG9yIHBhcnQgb2YgdGhlIEpTT04g dGV4dCBkYXRhPG86cD48L286cD48L2xpPjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNv LW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6 bDAgbGV2ZWwyIGxmbzMiPg0KVGhleSBuZWVkIHRvIGJlIGluIHBhcmFsbGVsIGFuZCBpbiBzZXJp ZXMuIE1lYW5pbmcsIGEgY29tbWFuZCBtYXkgaW5kaXZpZHVhbGx5IGJlIHNpZ25lZCBieSBtb3Jl IHRoYW4gb25lIHBlb3BsZS4mbmJzcDsgVGhlIGNvbW1hbmQgYW5kIGEgc2lnbmF0dXJlIG1heSBh bHNvIGJlIHNpZ25lZCBtdWx0aXBsZSB0aW1lcyBpbiBzZXJpZXMuPG86cD48L286cD48L2xpPjwv b2w+DQo8L29sPg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxvbCBzdGFydD0iMyIgdHlwZT0i MSI+DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEiPg0KPGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxl PSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28t bGlzdDpsMCBsZXZlbDMgbGZvMyI+DQpFeGFtcGxlOiBDb21wYW55IFggdGhhdCBtYWtlcyBEZXNr dG9wT1MgMTAgc2lnbnMgYSBjb21tYW5kIHRoYXQgc2F5cyBpdCB3aWxsIHJlc29sdmUgbWFsd2Fy ZSBaIG9uIERlc2t0b3BPUyAxMCBwYXRjaCB2ZXJzaW9uIDQuIEJpZyBCYW5rIEZvbyBtYXkgdGhl biBzaWduIHRoYXQgKGNvbW1hbmQgJiM0MzsgQ29tcGFueSBzaWcpIGFuZCBzYXkgdGhleSBoYXZl IHZlcmlmaWVkIGl0IGFuZCBpdCB3b3Jrcy4gU29tZSBJU0FDIG1heSB0aGVuIHNpZ24gdGhhdA0K IChjb21tYW5kICYjNDM7IENvbXBhbnkgc2lnICYjNDM7IEJpZyBCYW5rIEZvbyBzaWcpIGFuZCB0 aGVuIHNlbmQgaXQgb3V0IHRvIHRoZWlyIGVjby1zeXN0ZW08bzpwPjwvbzpwPjwvbGk+PC9vbD4N Cjwvb2w+DQo8L29sPg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxvbCBzdGFydD0iNCIgdHlw ZT0iMSI+DQo8bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDph dXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMiBsZm8zIj4N ClNpZ25hdHVyZXMgbmVlZCBhYmlsaXR5IHRvIGlkZW50aWZ5IHdoYXQgYXNzZXJ0aW9ucyBzb21l b25lIGlzIG1ha2luZy4gJm5ic3A7PG86cD48L286cD48L2xpPjwvb2w+DQo8L29sPg0KPG9sIHN0 YXJ0PSIxIiB0eXBlPSIxIj4NCjxvbCBzdGFydD0iNCIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjEi IHR5cGU9IjEiPg0KPGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1h bHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZlbDMgbGZv MyI+DQpXZSBuZWVkIHRvIGtub3cgd2hhdCB0aGUgdHlwZXMgb2YgYXNzZXJ0aW9ucyBzaG91bGQg YmUgKGl0IHdvcmtzLCBpdCBoYXMgYmVlbiB2ZXJpZmllZCwgaXQgaGFzIGJlZW4gcmV2aWV3ZWQs IGl0IG1heSB3b3JrLCBpdCBzZWVtcyB0byB3b3JrLCBldGMpPG86cD48L286cD48L2xpPjwvb2w+ DQo8L29sPg0KPC9vbD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjwv YmxvY2txdW90ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5Zb3UgYWxzbyBuZWVkIHRv IGNvbnNpZGVyIG9yaWdpbiBhdXRoZW50aWNhdGlvbiBhbmQgbXVsdGktaG9wIGF1dGhlbnRpY2F0 aW9uLiZuYnNwOyBUaGVyZSB3YXMgYSBsb3Qgb2Ygd29yayB0aGF0IHdlbnQgaW50byB0aGUgcmVx dWlyZW1lbnRzIGFuYWx5c2lzIGFjcm9zcyBhcmVhcyBvZiB0aGUgSUVURiBhcyBub3QgdG8gbWFr ZSBSSUQgYW5kIG90aGVyIE1JTEUgcHJvdG9jb2xzIHNwZWNpZmljIHRvIGluY2lkZW50cyBvcg0K IGV2ZW4gWE1MLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PGEgaHJlZj0iaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL3JmYzY1NDUiPmh0dHBz Oi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9yZmM2NTQ1PC9hPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0K PC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5ZZXMsIHRoaXMgaXMgWE1MIGFu ZCB5b3Ugd2FudCBKU09OLCB1c2luZyBKT1NFLCBJIHByZXN1bWUuJm5ic3A7IFN0aWxsLCB0aGUg Z2FwIGFuYWx5c2lzIEkgdGhpbmsgd2lsbCBiZSBxdWl0ZSB1c2VmdWwgYXMgSSB0aGluayB5b3Ug YXJlIG1pc3NpbmcgcmVxdWlyZW1lbnRzIHdlIGFscmVhZHkgY2FtZSB1cCBhZ2FpbnN0LiZuYnNw OyBJdCB3aWxsIHNwZWVkIHlvdXIgd29yayB1cCB0byBsZXZlcmFnZSBleGlzdGluZyB3b3JrLjxv OnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9y ZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21h cmdpbi1sZWZ0OjQuOHB0O21hcmdpbi1yaWdodDowaW4iPg0KPGRpdj4NCjxibG9ja3F1b3RlIHN0 eWxlPSJtYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1ib3R0b206NS4wcHQiPg0KPGRpdj4NCjxkaXY+ DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEiPg0KPGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJt c28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlz dDpsMSBsZXZlbDEgbGZvNCI+DQpOZWVkIGFiaWxpdHkgdG8gZ2V0IHJlc3BvbnNlcyBhdCB0aGUg aW5kaXZpZHVhbCBjb21tYW5kIGxldmVsLCB0aGUgY2hhaW4gb2YgY29tbWFuZHMgbGV2ZWwsIGFu ZCB0aGUgQ09BIFByb2plY3QgbGV2ZWwuJm5ic3A7PG86cD48L286cD48L2xpPjwvb2w+DQo8b2wg c3RhcnQ9IjEiIHR5cGU9IjEiPg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0i TXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0 b20tYWx0OmF1dG87bXNvLWxpc3Q6bDEgbGV2ZWwyIGxmbzQiPg0KTmVlZCB0byBpZGVudGlmeSB0 aGUgdHlwZXMgb2YgcmVzcG9uc2VzIHRoYXQgY2FuIGJlIHJldHVybmVkJm5ic3A7YW5kIHdoYXQg YXJlIHRoZSB0eXBlcyBvZiBjb21tYW5kIGNvZGVzIC8gcmVzcG9uc2UgY29kZXMgdGhhdCBzaG91 bGQgYmUgcmV0dXJuZWQ8bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxl PSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28t bGlzdDpsMSBsZXZlbDIgbGZvNCI+DQpOZWVkIHRvIGlkZW50aWZ5IGFuZCBoYXZlIG5lZ290aWF0 aW9uIGJldHdlZW4gc3lzdGVtcyBpZiB0aGUgcmVzcG9uc2VzIHNob3VsZCBiZSBwdXNoZWQgb3Ig cHVsbGVkLjxvOnA+PC9vOnA+PC9saT48bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1t YXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0Omwx IGxldmVsMiBsZm80Ij4NCk5lZWQgdG8ga25vdyBob3cgdGhlIGluZGl2aWR1YWwgcmVzcG9uc2Ug Y2FuIGltcGFjdCB0aGUgbmV4dCBzdGVwcyBpbiB0aGUgY2hhaW4uPG86cD48L286cD48L2xpPjwv b2w+DQo8L29sPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJz cDs8L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8L2Js b2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+WW91IGFsc28gbmVlZCB0byBj b25zaWRlciBpbnRlcm5hdGlvbmFsaXphdGlvbiwgd2hpY2ggaGFzIGFscmVhZHkgYmVlbiBkb25l IGluIHRoZSBNSUxFIHdvcmsuJm5ic3A7IFRoaXMgbGV2ZWwgb2YgZGV0YWlsIGhlbHBzIGEgbG90 IGZvciBpbnRlcm9wZXJhYmlsaXR5LiBUaGVyZSB3ZXJlIDMgaW50ZXJvcGVyYWJsZSBpbXBsZW1l bnRhdGlvbnMgb2YgUklELCBzbyB0ZXN0aW5nIHdhcyBkb25lLCBsZXNzb25zIGNhbiBiZQ0KIGxl YXJuZWQuJm5ic3A7IEknbSBub3Qgc3VyZSBob3cgbWF5IElPREVGIGltcGxlbWVudGF0aW9ucyB0 aGVyZSB3ZXJlL2FyZSwgYnV0IG1hbnkgbW9yZSB0aGFuIHRoYXQuPG86cD48L286cD48L3A+DQo8 L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4N CjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPk9uY2UgYWdhaW4sIHBsZWFzZSBk byB0aGUgZ2FwIGFuYWx5c2lzIHRvIHNhdmUgdXMgYWxsIHRpbWUuJm5ic3A7IFRoZXJlIGFyZSBv dGhlciBNSUxFIGRvY3VtZW50cyB0aGF0IG1heSBiZSB1c2VmdWwsIHRoZXkgY2FuIGJlIGZvdW5k IG9mZiB0aGUgZG9jdW1lbnRzIGxpbmsgb2YgdGhlIGNoYXJ0ZXIgcGFnZS4mbmJzcDsgUk9MSUUg YW5kIFhNUFAgR3JpZCB3ZXJlIGFsc28gZGVzaWduZWQgdG8gd29yayB3aXRoIGFueSBmb3JtYXQN CiBhbmQgSSBiZWxpZXZlIGFyZSBtb3JlIGZsZXhpYmxlIHRoYW4gUklELCBzbyB0aGVyZSBpcyBt dWNoIHRoYXQgY2FuIGJlIGdsZWFuZWQgZnJvbSB0aGVzZSBlZmZvcnRzIGFzIHdlbGwgYXMgdGhl IERPVFMgd29yay48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+QmVzdCByZWdhcmRzLDxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+S2F0aGxlZW48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2Nr cXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7 cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tcmlnaHQ6 MGluIj4NCjxkaXY+DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4t Ym90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4m bmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5UaGlu Z3Mgd2UgYWxyZWFkeSBrbm93IGhvdyB0byBkby4uIFdlIGtub3cgaG93IHRvIG1ha2UgdGhpcyB3 b3JrIGluIGEgZ3JhcGgsIHdlIGtub3cgaG93IHRvIG1ha2UgdGhpcyB3b3JrIHdpdGggdmVyc2lv bmluZywgd2Uga25vdyBob3cgdG8gdGllIHRoZXNlIHRvIGV4aXN0aW5nIEN5YmVyIFRocmVhdCBJ bnRlbGxpZ2VuY2UuICZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gY2xhc3M9ImdtYWlsLW0xMjM0MDM0NDA0MjM5MTE0NTIw YXBwbGUtc3R5bGUtc3BhbiI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1p bHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPlRoYW5rcyw8 L3NwYW4+PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZx dW90O0hlbHZldGljYSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj48bzpwPjwvbzpwPjwv c3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBjbGFz cz0iZ21haWwtbTEyMzQwMzQ0MDQyMzkxMTQ1MjBhcHBsZS1zdHlsZS1zcGFuIj48c3BhbiBzdHls ZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssc2Fu cy1zZXJpZjtjb2xvcjpibGFjayI+QnJldDwvc3Bhbj48L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0aWNhJnF1b3Q7LHNhbnMtc2VyaWY7 Y29sb3I6YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxkaXY+ DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjguNXB0O2ZvbnQtZmFtaWx5OiZxdW90O1ZlcmRhbmEmcXVvdDssc2Fucy1zZXJp Zjtjb2xvcjojN0M3QzdDIj5QR1AgRmluZ2VycHJpbnQ6Jm5ic3A7NjNCNCBGQzUzIDY4MEEgNkI3 RCAxNDQ3ICZuYnNwO0YyQzAgNzRGOCBBQ0FFIDc0MTUgMDA1MDwvc3Bhbj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDssc2Fucy1z ZXJpZjtjb2xvcjpibGFjayI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo4LjBwdDtmb250LWZh bWlseTomcXVvdDtWZXJkYW5hJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzdDN0M3QyI+JnF1b3Q7 V2l0aG91dCBjcnlwdG9ncmFwaHkgdmlodiB2aXZjIGNlIHhocm5ydywgaG93ZXZlciwgdGhlIG9u bHkgdGhpbmcgdGhhdCBjYW4gbm90IGJlIHVuc2NyYW1ibGVkIGlzIGFuIGVnZy4mcXVvdDs8L3Nw YW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7SGVsdmV0 aWNhJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjwvYmxv Y2txdW90ZT4NCjxibG9ja3F1b3RlIHN0eWxlPSJtYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1ib3R0 b206NS4wcHQiPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPi0tIDxicj4NCkNhY2FvIG1h aWxpbmcgbGlzdDxicj4NCjxhIGhyZWY9Im1haWx0bzpDYWNhb0BpZXRmLm9yZyIgdGFyZ2V0PSJf YmxhbmsiPkNhY2FvQGlldGYub3JnPC9hPjxicj4NCjxhIGhyZWY9Imh0dHBzOi8vd3d3LmlldGYu b3JnL21haWxtYW4vbGlzdGluZm8vY2FjYW8iIHRhcmdldD0iX2JsYW5rIj5odHRwczovL3d3dy5p ZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2NhY2FvPC9hPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+ DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPi0tIDxicj4NCkNh Y2FvIG1haWxpbmcgbGlzdDxicj4NCjxhIGhyZWY9Im1haWx0bzpDYWNhb0BpZXRmLm9yZyIgdGFy Z2V0PSJfYmxhbmsiPkNhY2FvQGlldGYub3JnPC9hPjxicj4NCjxhIGhyZWY9Imh0dHBzOi8vd3d3 LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vY2FjYW8iIHRhcmdldD0iX2JsYW5rIj5odHRwczov L3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2NhY2FvPC9hPjxvOnA+PC9vOnA+PC9wPg0K PC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YnIgY2xlYXI9ImFs bCI+DQo8bzpwPjwvbzpwPjwvcD4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZu YnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+LS0gPG86cD48L286 cD48L3A+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9v OnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkJlc3QgcmVnYXJkcyw8bzpwPjwv bzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkthdGhsZWVuPG86 cD48L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9k aXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_7e942ab2e4024d7db4c45e30f39c97bdSVRM2EX2K13N05hscoopch_-- From nobody Wed Sep 19 07:12:03 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC0C913101F for ; Wed, 19 Sep 2018 07:12:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.998 X-Spam-Level: X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UTw8WpDuKWZY for ; Wed, 19 Sep 2018 07:11:59 -0700 (PDT) Received: from mail-ot1-x329.google.com (mail-ot1-x329.google.com [IPv6:2607:f8b0:4864:20::329]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7232B130DD9 for ; Wed, 19 Sep 2018 07:11:59 -0700 (PDT) Received: by mail-ot1-x329.google.com with SMTP id c12-v6so5887806otl.6 for ; Wed, 19 Sep 2018 07:11:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NAu7/sz7RpT/P/5VJxXI1Qh3GJbjUsgvA6P4QBXcJQ4=; b=YcAb+C72cnSX46/XhDAKOOwZmnpdYiHDiw/bzovKoXvShGpraMPbF3cQx/U/hm3GGt zAddr3KauUZn6ANo0UJq2ZXVse8JCi5P0XRHG8LHcevj2QswghPJI0k8CPQIBnuUM8C4 ylo4DkR4dKZ4/OivItRsg5q47XeinukRd68yqwNov7uFP3gZ27y1UQky4DMvg0U10F6W W38rUKTt8DowuEY4F10k+r8bidmDAR73MBuMbGXOzXEeyi7D4CTd9zTwj1UsaFxuwBNr 1X/jnCJwGagixItj1Po2fF9WnlH7OVXslAoaTZY8OEKrvXMU3hk1Ioz1ZT8DGsBV+2g5 jdLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NAu7/sz7RpT/P/5VJxXI1Qh3GJbjUsgvA6P4QBXcJQ4=; b=LgxaXZapJin/1hH9nLkktzqgugTcU26JAL0r4Y3QyqtFmWzJgGDk2tJfZKpxenqFXO fxNM+na9BlRCEfibq3ZxNYEVciRrJ8qTrqpDm0icZU+jcv+fBJt2WHBX2n6iXPQ3R5QD PuYFQWVwn1RNs/TTxeZmu0mPhTZSo38jxVh5X2OmhuUmyFzVz7XKpK6t2w6T6IaoAZjS pAKZDr/iUKWT1U6UK4pwGlcLRabJV9r7Vibp9BqI9ePGYADgWf82cYcod65vjBWTW1hQ uZxJ75f465Tq6vXk3i3vdkba0mOYVib8x0Q2pG0x8gdc68aTxRydKrwfDjnWj3bzcPOm tlfg== X-Gm-Message-State: APzg51DCT9GYOGodzfN4kRDC/JkQJxfKBXj0IHaPimkgvI8mcSKIPw48 vsR0ktx+HgqS6Zt4O3/kIXQgPlQnP84ziU6bgjo= X-Google-Smtp-Source: ANB0Vdb/mRcNbnahWZnovvI9WnVg329cPR+vqmAh4gMfXiN8DfXXG3yFvTnD65Qf7C7lnmQeWNVzR5cGQTLRRAeysd0= X-Received: by 2002:a9d:542a:: with SMTP id j42-v6mr17712284oth.329.1537366318717; Wed, 19 Sep 2018 07:11:58 -0700 (PDT) MIME-Version: 1.0 References: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> <7e942ab2e4024d7db4c45e30f39c97bd@SVRM2EX2K13N05.hs.coop.ch> In-Reply-To: <7e942ab2e4024d7db4c45e30f39c97bd@SVRM2EX2K13N05.hs.coop.ch> From: Kathleen Moriarty Date: Wed, 19 Sep 2018 10:11:26 -0400 Message-ID: To: Carolin.Baumgartner@interdiscount.ch Cc: Barry Greene , cacao@ietf.org, Bret Jordan Content-Type: multipart/alternative; boundary="000000000000512027057639fdc7" Archived-At: Subject: Re: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 14:12:02 -0000 --000000000000512027057639fdc7 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Carolin, Thanks for starting something to help! I think that could be a good starting point. I'd be interested to see the requirements matched up against what exists and what can be re-used or what can be a lesson learned as well. IODEF carries the CoAs that used to be in RID and IODEF has a nesting capability as well as a way to lay our the format to allow for predicate logic, so analysis on that would be interesting as well. It can be used for chains of connected events/incidents. Understanding what doesn't work for your new effort would help to understand why it's needed and how it is better. Then for RID, there is lots that is met in the requirement list that was sent out and some requirements that I suggested (there are more) that were learned from time and experience on essentially the same problem. Barry - understanding more on your work and the Cisco products mentioned would be helpful too. If standards were used or not and what can be integrated into this effort or what can be a lesson learned to improve for this effort. This will be very helpful for a BoF to be successful. You'll get derailed otherwise. Thank you, Kathleen On Wed, Sep 19, 2018 at 4:31 AM wrote: > Hi Bret, Kathleen > > > > would that be something that could work as some kind of gap analysis? > https://github.com/clatze/ietf/blob/master/CACAO-gap-FAQ.md . It is no > real gap analysis, this FAQ would rather highlight the differences. I jus= t > took two samples to show how that could look like and if that is what cou= ld > be helpful. We could also include comments here like=E2=80=A6 "CACAO make= s use of > XY to achieve its goal". > > > > best regards > Carolin > > > > *From:* Cacao [mailto:cacao-bounces@ietf.org] *On Behalf Of *Kathleen > Moriarty > *Sent:* Wednesday, September 19, 2018 4:06 AM > *To:* Barry Greene > *Cc:* cacao@ietf.org; Bret Jordan > *Subject:* Re: [Cacao] Initial Problem Set > > > > Hi Bret, > > > > > > > > On Tue, Sep 18, 2018 at 6:35 PM Barry Greene > wrote: > > Hi Bret, > > > > What you have below was done in Cisco=E2=80=99s TIDP/TMS architecture.. > > > > Barry > > > On Sep 18, 2018, at 23:49, Bret Jordan > wrote: > > All, > > > > I wanted to start some discussion on some of the initial problems (not > all) that we have already identified that need to be solved with this typ= e > of solution. Some of the solutions to these will have elements we can > borrow from other work. Also, keep in mind all of this needs to work in > native JSON.. > > > > 1. Need the ability to document a single command > > > 1. Human executed commands > 2. Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, > NETCONF, YANG, etc) > 3. What device or system does the command target (DesktopOS 10 at > IP address 10.0.0.2, Firewall BAR at 192.168.0..2) > 4. What class of devices or systems does the command target > (DesktopOS 10 at patch level 4, Firewall FOO ver 10) > > Additional data classes of IODEF, also the SCI extension. > > https://tools.ietf.org/html/rfc7970 > > > 1. Need the ability to document a chain of commands > > > 1. Need to know if there is temporal logic or conditional logic > associated between commands > 2. Need to know if commands are sequenced or if they can be run in > parallel > 3. Need to know if there are fall through or fail-to-next commands > 4. Need tracking to know how to back out commands that fail and how > far up the tree you need to back out on failure > > > > Take a look at the MILE work more closely, there are lessons learned as > much of this has been done. Even if you don't want to use the work, ther= e > 's no reason to have us all debate the same things again rather than buil= d > from experience. > > IODEF predicate logic: It's simple and more compact. > > https://tools.ietf.org/html/rfc8274#page-7 > > > > > 1. Need ability to provide Digital signatures at the command, the > command chain (tree), and COA Project levels > > > 1. These digital signatures need to be included in the payload > themselves > 2. Need to be able to sign a section or part of the JSON text data > 3. They need to be in parallel and in series. Meaning, a command > may individually be signed by more than one people. The command an= d a > signature may also be signed multiple times in series. > > > 1. Example: Company X that makes DesktopOS 10 signs a command that > says it will resolve malware Z on DesktopOS 10 patch version 4. = Big Bank > Foo may then sign that (command + Company sig) and say they have= verified > it and it works. Some ISAC may then sign that (command + Company= sig + Big > Bank Foo sig) and then send it out to their eco-system > > > 1. Signatures need ability to identify what assertions someone is > making. > > > 1. We need to know what the types of assertions should be (it works, > it has been verified, it has been reviewed, it may work, it seem= s to work, > etc) > > You also need to consider origin authentication and multi-hop > authentication. There was a lot of work that went into the requirements > analysis across areas of the IETF as not to make RID and other MILE > protocols specific to incidents or even XML. > > https://tools.ietf.org/html/rfc6545 > > > > Yes, this is XML and you want JSON, using JOSE, I presume. Still, the ga= p > analysis I think will be quite useful as I think you are missing > requirements we already came up against. It will speed your work up to > leverage existing work. > > > 1. Need ability to get responses at the individual command level, the > chain of commands level, and the COA Project level. > > > 1. Need to identify the types of responses that can be returned and > what are the types of command codes / response codes that should be= returned > 2. Need to identify and have negotiation between systems if the > responses should be pushed or pulled. > 3. Need to know how the individual response can impact the next > steps in the chain. > > > > You also need to consider internationalization, which has already been > done in the MILE work. This level of detail helps a lot for > interoperability. There were 3 interoperable implementations of RID, so > testing was done, lessons can be learned. I'm not sure how may IODEF > implementations there were/are, but many more than that. > > > > Once again, please do the gap analysis to save us all time. There are > other MILE documents that may be useful, they can be found off the > documents link of the charter page. ROLIE and XMPP Grid were also design= ed > to work with any format and I believe are more flexible than RID, so ther= e > is much that can be gleaned from these efforts as well as the DOTS work. > > > > Best regards, > > Kathleen > > > > Things we already know how to do.. We know how to make this work in a > graph, we know how to make this work with versioning, we know how to tie > these to existing Cyber Threat Intelligence. > > > > > > Thanks, > > Bret > > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > > > > -- > > > > Best regards, > > Kathleen > --=20 Best regards, Kathleen --000000000000512027057639fdc7 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Carolin,

Thanks for starting somethi= ng to help!=C2=A0 I think that could be a good starting point.=C2=A0 I'= d be interested to see the requirements matched up against what exists and = what can be re-used or what can be a lesson learned as well.=C2=A0 IODEF ca= rries the CoAs that used to be in RID and IODEF has a nesting capability as= well as a way to lay our the format to allow for predicate logic, so analy= sis on that would be interesting as well.=C2=A0 It can be used for chains o= f connected events/incidents.=C2=A0 Understanding what doesn't work for= your new effort would help to understand why it's needed and how it is= better.

Then for RID, there is lots that is met i= n the requirement list that was sent out and some requirements that I sugge= sted (there are more) that were learned from time and experience on essenti= ally the same problem.

Barry - understanding more = on your work and the Cisco products mentioned would be helpful too.=C2=A0 I= f standards were used or not and what can be integrated into this effort or= what can be a lesson learned to improve for this effort.

This will be very helpful for a BoF to be successful.=C2=A0 You'= ;ll get derailed otherwise.

Thank you,
K= athleen

On Wed, = Sep 19, 2018 at 4:31 AM <Carolin.Baumgartner@interdiscount.ch> wrote:

Hi Bret, Kathleen<= /p>

=C2=A0

would that be something = that could work as some kind of gap analysis? https://github.com/clatze/ietf/blob/master/CACAO-gap-FAQ.md<= /a> . It is no real gap analysis, this FAQ would rather highlight the diffe= rences. I just took two samples to show how that could look like and if that is what could be helpful. We could also include comm= ents here like=E2=80=A6 "CACAO makes use of XY to achieve its goal&quo= t;.

=C2=A0

best regards
Carolin

=C2=A0

From: = Cacao [mailto:c= acao-bounces@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Wednesday, September 19, 2018 4:06 AM
To: Barry Greene <barryrgreene@gmail.com>
Cc: cacao@ietf.o= rg; Bret Jordan <jordan.ietf@gmail.com>
Subject: Re: [Cacao] Initial Problem Set

=C2=A0

Hi Bret,

=C2=A0

=C2=A0

=C2=A0

On Tue, Sep 18, 2018 at 6:35 PM Barry Greene <barryrgreene@gmail= .com> wrote:

Hi Bret,

=C2=A0

What you have below was done in Cisco=E2=80=99s TIDP= /TMS architecture..=C2=A0

=C2=A0

Barry


On Sep 18, 2018, at 23:49, Bret Jordan <jordan.ietf@gmail.com> wrote:<= /u>

All,

=C2=A0

I wanted to start some discussion on some of the ini= tial problems (not all) that we have already identified that need to be sol= ved with this type of solution. Some of the solutions to these will have el= ements we can borrow from other work. Also, keep in mind all of this needs to work in native JSON..

=C2=A0

  1. Need the ability to document a single command
    1. Human executed commands
    2. Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, NETCONF, YA= NG, etc)
    3. What device or system does the command target (DesktopOS 10 at IP address 1= 0.0.0.2, Firewall BAR at 192.168.0..2)
    4. What class of devices or systems does the command target (DesktopOS 10 at p= atch level 4, Firewall FOO ver 10)

Additional data classes of IODEF, also the SCI exten= sion.

  1. Need the ability to document a chain of commands
    1. Need to know if there is temporal logic or conditional logic associated bet= ween commands
    2. Need to know if commands are sequenced or if they can be run in parallel=
    3. Need to know if there are fall through or fail-to-next commands
    4. Need tracking to know how to back out commands that fail and how far up the= tree you need to back out on failure=C2=A0

=C2=A0

Take a look at the MILE work more closely, there are= lessons learned as much of this has been done.=C2=A0 Even if you don't= want to use the work, there 's no reason to have us all debate the sam= e things again rather than build from experience.

IODEF predicate logic:=C2=A0 It's simple and mor= e compact.

=C2=A0

  1. Need ability to provide Digital signatures at the command, the command chai= n (tree), and COA Project levels
    1. These digital signatures need to be included in the payload themselves
    2. Need to be able to sign a section or part of the JSON text data
    3. They need to be in parallel and in series. Meaning, a command may individua= lly be signed by more than one people.=C2=A0 The command and a signature ma= y also be signed multiple times in series.
      1. Example: Company X that makes DesktopOS 10 signs a command that says it wil= l resolve malware Z on DesktopOS 10 patch version 4. Big Bank Foo may then = sign that (command + Company sig) and say they have verified it and it work= s. Some ISAC may then sign that (command + Company sig + Big Bank Foo sig) and then send it out to their e= co-system
    1. Signatures need ability to identify what assertions someone is making. =C2= =A0
      1. We need to know what the types of assertions should be (it works, it has be= en verified, it has been reviewed, it may work, it seems to work, etc)

You also need to consider origin authentication and = multi-hop authentication.=C2=A0 There was a lot of work that went into the = requirements analysis across areas of the IETF as not to make RID and other= MILE protocols specific to incidents or even XML.

=C2=A0

Yes, this is XML and you want JSON, using JOSE, I pr= esume.=C2=A0 Still, the gap analysis I think will be quite useful as I thin= k you are missing requirements we already came up against.=C2=A0 It will sp= eed your work up to leverage existing work.

  1. Need ability to get responses at the individual command level, the chain of= commands level, and the COA Project level.=C2=A0
    1. Need to identify the types of responses that can be returned=C2=A0and what = are the types of command codes / response codes that should be returned<= /u>
    2. Need to identify and have negotiation between systems if the responses shou= ld be pushed or pulled.
    3. Need to know how the individual response can impact the next steps in the c= hain.

=C2=A0

You also need to consider internationalization, whic= h has already been done in the MILE work.=C2=A0 This level of detail helps = a lot for interoperability. There were 3 interoperable implementations of R= ID, so testing was done, lessons can be learned.=C2=A0 I'm not sure how may IODEF implementations there were/a= re, but many more than that.

=C2=A0

Once again, please do the gap analysis to save us al= l time.=C2=A0 There are other MILE documents that may be useful, they can b= e found off the documents link of the charter page.=C2=A0 ROLIE and XMPP Gr= id were also designed to work with any format and I believe are more flexible than RID, so there is much that can be gle= aned from these efforts as well as the DOTS work.

=C2=A0

Best regards,

Kathleen

=C2=A0

Things we already know how to do.. We know how to ma= ke this work in a graph, we know how to make this work with versioning, we = know how to tie these to existing Cyber Threat Intelligence. =C2=A0<= u>

=C2=A0

=C2=A0

Thanks,

Bret

PGP Fingerprint:=C2=A063B4 FC53 680A 6= B7D 1447 =C2=A0F2C0 74F8 ACAE 7415 0050=

"Without cryptography vihv vivc c= e xhrnrw, however, the only thing that can not be unscrambled is an egg.&qu= ot;

=C2=A0

--
Cacao mailing list
Cacao@ietf.org
h= ttps://www.ietf.org/mailman/listinfo/cacao


=C2=A0

--

=C2=A0

Best regards,

Kathleen



--

Best regards,
Kathleen
--000000000000512027057639fdc7-- From nobody Wed Sep 19 07:26:39 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD7EB13101F for ; Wed, 19 Sep 2018 07:26:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.897 X-Spam-Level: X-Spam-Status: No, score=-6.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D4vF0jpOqOGv for ; Wed, 19 Sep 2018 07:26:33 -0700 (PDT) Received: from svripmail1.coop.ch (mail20.coop.ch [194.11.167.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1AEB130E10 for ; Wed, 19 Sep 2018 07:26:31 -0700 (PDT) Received: from svrm2ex2k13n55.hs.coop.ch ([10.5.39.207]) by svripmail1.coop.ch with ESMTP/TLS/AES256-SHA; 19 Sep 2018 16:26:01 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch (10.5.39.75) by SVRM2EX2K13N55.hs.coop.ch (10.5.39.207) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Wed, 19 Sep 2018 16:26:00 +0200 Received: from SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4]) by SVRM2EX2K13N05.hs.coop.ch ([fe80::fd30:c1e0:8f0e:e3d4%22]) with mapi id 15.00.1365.000; Wed, 19 Sep 2018 16:26:00 +0200 From: To: CC: , , Thread-Topic: [Cacao] Initial Problem Set Thread-Index: AQHUT2cns9tixNvav0+bxuAjo1vmiqT2f1MAgAA7DgCAAIwykIAAPmUAgAAj0gA= Date: Wed, 19 Sep 2018 14:26:00 +0000 Message-ID: <5f95ad0b6f3f4c54a5f1f32b11724534@SVRM2EX2K13N05.hs.coop.ch> References: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> <7e942ab2e4024d7db4c45e30f39c97bd@SVRM2EX2K13N05.hs.coop.ch> In-Reply-To: Accept-Language: de-DE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.105.10.52] Content-Type: multipart/alternative; boundary="_000_5f95ad0b6f3f4c54a5f1f32b11724534SVRM2EX2K13N05hscoopch_" MIME-Version: 1.0 Archived-At: Subject: Re: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 14:26:38 -0000 --_000_5f95ad0b6f3f4c54a5f1f32b11724534SVRM2EX2K13N05hscoopch_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgS2F0aGxlZW4NCg0Kb2sgdGhhbmtzIGZvciB0aGUgZmVlZGJhY2suIEkgaGF2ZSBhIHF1ZXN0 aW9uIHRvIHVuZGVyc3RhbmQgdGhpcyBwYXJ0IGJldHRlcjogIiBJJ2QgYmUgaW50ZXJlc3RlZCB0 byBzZWUgdGhlIHJlcXVpcmVtZW50cyBtYXRjaGVkIHVwIGFnYWluc3Qgd2hhdCBleGlzdHMgYW5k IHdoYXQgY2FuIGJlIHJlLXVzZWQgb3Igd2hhdCBjYW4gYmUgYSBsZXNzb24gbGVhcm5lZCBhcyB3 ZWxsLiAgSU9ERUYgY2FycmllcyB0aGUgQ29BcyB0aGF0IHVzZWQgdG8gYmUgaW4gUklEIGFuZCBJ T0RFRiBoYXMgYSBuZXN0aW5nIGNhcGFiaWxpdHkgYXMgd2VsbCBhcyBhIHdheSB0byBsYXkgb3Vy IHRoZSBmb3JtYXQgdG8gYWxsb3cgZm9yIHByZWRpY2F0ZSBsb2dpYywgc28gYW5hbHlzaXMgb24g dGhhdCB3b3VsZCBiZSBpbnRlcmVzdGluZyBhcyB3ZWxsLiAgSXQgY2FuIGJlIHVzZWQgZm9yIGNo YWlucyBvZiBjb25uZWN0ZWQgZXZlbnRzL2luY2lkZW50cy4gIFVuZGVyc3RhbmRpbmcgd2hhdCBk b2Vzbid0IHdvcmsgZm9yIHlvdXIgbmV3IGVmZm9ydCB3b3VsZCBoZWxwIHRvIHVuZGVyc3RhbmQg d2h5IGl0J3MgbmVlZGVkIGFuZCBob3cgaXQgaXMgYmV0dGVyLiINCg0KU2luY2UgdGhlIGdvYWxz IG9mIGJvdGggaW5pdGlhdGl2ZXMgYXJlIGRpZmZlcmVudCwgSSBzdHJ1Z2dsZSBhIGJpdC4gVGVj aG5pY2FsbHkgd2Ugc2hvdWxkIGFsd2F5cyBkaXNjdXNzIHdoYXQgY29uY2VwdHMgd29yayBmb3Ig d2hpY2ggdXNlIGNhc2UuIExpa2UgZm9yIGluc3RhbmNlIGRvIHdlIG5lZWQgYW4gYXV0aGVudGlj YXRpb24gc29tZXdoZXJlIG9yIG5vdCwgYW5kIHdlIGRvbid0IHJlLWludmVudCB0aGUgYXV0aGVu dGljYXRpb24uIFdlIGNoZWNrIGhvdyBpdCBpcyB1c3VhbGx5IGRvbmUgdG9kYXkuIElzIHRoYXQg d2hhdCB5b3UgYXJlIHJlZmVycmluZyB0byB3aGVuIHlvdSBtZW50aW9uIHRoZSBwcmVkaWNhdGUg bG9naWMgZXRjPyBTbywgc2luY2UgTUlMRSBhbHJlYWR5IHdvcmtlZCBvbiBleGNoYW5nZSBmb3Jt YXRzIGZvciBpbmNpZGVudHMgZXZlbiBpZiB0aGVpciBnb2FsIHdhcyBkaWZmZXJlbnQsIHdlIG1p Z2h0IGhhdmUgc2ltaWxhciBmb3JtYXR0aW5nIHJlcXVpcmVtZW50cyB3aGVuIHdlIGRpc2N1c3Mg dGhlIHJlYWN0aW9ucyB0byBpbmNpZGVudHM/IChqdXN0IHBpY2tpbmcgdGhlIGZvcm1hdHRpbmcg ZXhhbXBsZSBoZXJlKS4NCg0KYmVzdCByZWdhcmRzDQpDYXJvbGluDQoNCkZyb206IEthdGhsZWVu IE1vcmlhcnR5IFttYWlsdG86a2F0aGxlZW4ubW9yaWFydHkuaWV0ZkBnbWFpbC5jb21dDQpTZW50 OiBXZWRuZXNkYXksIFNlcHRlbWJlciAxOSwgMjAxOCA0OjExIFBNDQpUbzogQmF1bWdhcnRuZXIg Q2Fyb2xpbiA8Q2Fyb2xpbi5CYXVtZ2FydG5lckBpbnRlcmRpc2NvdW50LmNoPg0KQ2M6IEJhcnJ5 IEdyZWVuZSA8YmFycnlyZ3JlZW5lQGdtYWlsLmNvbT47IGNhY2FvQGlldGYub3JnOyBCcmV0IEpv cmRhbiA8am9yZGFuLmlldGZAZ21haWwuY29tPg0KU3ViamVjdDogUmU6IFtDYWNhb10gSW5pdGlh bCBQcm9ibGVtIFNldA0KDQpIaSBDYXJvbGluLA0KDQpUaGFua3MgZm9yIHN0YXJ0aW5nIHNvbWV0 aGluZyB0byBoZWxwISAgSSB0aGluayB0aGF0IGNvdWxkIGJlIGEgZ29vZCBzdGFydGluZyBwb2lu dC4gIEknZCBiZSBpbnRlcmVzdGVkIHRvIHNlZSB0aGUgcmVxdWlyZW1lbnRzIG1hdGNoZWQgdXAg YWdhaW5zdCB3aGF0IGV4aXN0cyBhbmQgd2hhdCBjYW4gYmUgcmUtdXNlZCBvciB3aGF0IGNhbiBi ZSBhIGxlc3NvbiBsZWFybmVkIGFzIHdlbGwuICBJT0RFRiBjYXJyaWVzIHRoZSBDb0FzIHRoYXQg dXNlZCB0byBiZSBpbiBSSUQgYW5kIElPREVGIGhhcyBhIG5lc3RpbmcgY2FwYWJpbGl0eSBhcyB3 ZWxsIGFzIGEgd2F5IHRvIGxheSBvdXIgdGhlIGZvcm1hdCB0byBhbGxvdyBmb3IgcHJlZGljYXRl IGxvZ2ljLCBzbyBhbmFseXNpcyBvbiB0aGF0IHdvdWxkIGJlIGludGVyZXN0aW5nIGFzIHdlbGwu ICBJdCBjYW4gYmUgdXNlZCBmb3IgY2hhaW5zIG9mIGNvbm5lY3RlZCBldmVudHMvaW5jaWRlbnRz LiAgVW5kZXJzdGFuZGluZyB3aGF0IGRvZXNuJ3Qgd29yayBmb3IgeW91ciBuZXcgZWZmb3J0IHdv dWxkIGhlbHAgdG8gdW5kZXJzdGFuZCB3aHkgaXQncyBuZWVkZWQgYW5kIGhvdyBpdCBpcyBiZXR0 ZXIuDQoNClRoZW4gZm9yIFJJRCwgdGhlcmUgaXMgbG90cyB0aGF0IGlzIG1ldCBpbiB0aGUgcmVx dWlyZW1lbnQgbGlzdCB0aGF0IHdhcyBzZW50IG91dCBhbmQgc29tZSByZXF1aXJlbWVudHMgdGhh dCBJIHN1Z2dlc3RlZCAodGhlcmUgYXJlIG1vcmUpIHRoYXQgd2VyZSBsZWFybmVkIGZyb20gdGlt ZSBhbmQgZXhwZXJpZW5jZSBvbiBlc3NlbnRpYWxseSB0aGUgc2FtZSBwcm9ibGVtLg0KDQpCYXJy eSAtIHVuZGVyc3RhbmRpbmcgbW9yZSBvbiB5b3VyIHdvcmsgYW5kIHRoZSBDaXNjbyBwcm9kdWN0 cyBtZW50aW9uZWQgd291bGQgYmUgaGVscGZ1bCB0b28uICBJZiBzdGFuZGFyZHMgd2VyZSB1c2Vk IG9yIG5vdCBhbmQgd2hhdCBjYW4gYmUgaW50ZWdyYXRlZCBpbnRvIHRoaXMgZWZmb3J0IG9yIHdo YXQgY2FuIGJlIGEgbGVzc29uIGxlYXJuZWQgdG8gaW1wcm92ZSBmb3IgdGhpcyBlZmZvcnQuDQoN ClRoaXMgd2lsbCBiZSB2ZXJ5IGhlbHBmdWwgZm9yIGEgQm9GIHRvIGJlIHN1Y2Nlc3NmdWwuICBZ b3UnbGwgZ2V0IGRlcmFpbGVkIG90aGVyd2lzZS4NCg0KVGhhbmsgeW91LA0KS2F0aGxlZW4NCg0K T24gV2VkLCBTZXAgMTksIDIwMTggYXQgNDozMSBBTSA8Q2Fyb2xpbi5CYXVtZ2FydG5lckBpbnRl cmRpc2NvdW50LmNoPG1haWx0bzpDYXJvbGluLkJhdW1nYXJ0bmVyQGludGVyZGlzY291bnQuY2g+ PiB3cm90ZToNCkhpIEJyZXQsIEthdGhsZWVuDQoNCndvdWxkIHRoYXQgYmUgc29tZXRoaW5nIHRo YXQgY291bGQgd29yayBhcyBzb21lIGtpbmQgb2YgZ2FwIGFuYWx5c2lzPyBodHRwczovL2dpdGh1 Yi5jb20vY2xhdHplL2lldGYvYmxvYi9tYXN0ZXIvQ0FDQU8tZ2FwLUZBUS5tZCAuIEl0IGlzIG5v IHJlYWwgZ2FwIGFuYWx5c2lzLCB0aGlzIEZBUSB3b3VsZCByYXRoZXIgaGlnaGxpZ2h0IHRoZSBk aWZmZXJlbmNlcy4gSSBqdXN0IHRvb2sgdHdvIHNhbXBsZXMgdG8gc2hvdyBob3cgdGhhdCBjb3Vs ZCBsb29rIGxpa2UgYW5kIGlmIHRoYXQgaXMgd2hhdCBjb3VsZCBiZSBoZWxwZnVsLiBXZSBjb3Vs ZCBhbHNvIGluY2x1ZGUgY29tbWVudHMgaGVyZSBsaWtl4oCmICJDQUNBTyBtYWtlcyB1c2Ugb2Yg WFkgdG8gYWNoaWV2ZSBpdHMgZ29hbCIuDQoNCmJlc3QgcmVnYXJkcw0KQ2Fyb2xpbg0KDQpGcm9t OiBDYWNhbyBbbWFpbHRvOmNhY2FvLWJvdW5jZXNAaWV0Zi5vcmc8bWFpbHRvOmNhY2FvLWJvdW5j ZXNAaWV0Zi5vcmc+XSBPbiBCZWhhbGYgT2YgS2F0aGxlZW4gTW9yaWFydHkNClNlbnQ6IFdlZG5l c2RheSwgU2VwdGVtYmVyIDE5LCAyMDE4IDQ6MDYgQU0NClRvOiBCYXJyeSBHcmVlbmUgPGJhcnJ5 cmdyZWVuZUBnbWFpbC5jb208bWFpbHRvOmJhcnJ5cmdyZWVuZUBnbWFpbC5jb20+Pg0KQ2M6IGNh Y2FvQGlldGYub3JnPG1haWx0bzpjYWNhb0BpZXRmLm9yZz47IEJyZXQgSm9yZGFuIDxqb3JkYW4u aWV0ZkBnbWFpbC5jb208bWFpbHRvOmpvcmRhbi5pZXRmQGdtYWlsLmNvbT4+DQpTdWJqZWN0OiBS ZTogW0NhY2FvXSBJbml0aWFsIFByb2JsZW0gU2V0DQoNCkhpIEJyZXQsDQoNCg0KDQpPbiBUdWUs IFNlcCAxOCwgMjAxOCBhdCA2OjM1IFBNIEJhcnJ5IEdyZWVuZSA8YmFycnlyZ3JlZW5lQGdtYWls LmNvbTxtYWlsdG86YmFycnlyZ3JlZW5lQGdtYWlsLmNvbT4+IHdyb3RlOg0KSGkgQnJldCwNCg0K V2hhdCB5b3UgaGF2ZSBiZWxvdyB3YXMgZG9uZSBpbiBDaXNjb+KAmXMgVElEUC9UTVMgYXJjaGl0 ZWN0dXJlLi4NCg0KQmFycnkNCg0KT24gU2VwIDE4LCAyMDE4LCBhdCAyMzo0OSwgQnJldCBKb3Jk YW4gPGpvcmRhbi5pZXRmQGdtYWlsLmNvbTxtYWlsdG86am9yZGFuLi5pZXRmQGdtYWlsLmNvbT4+ IHdyb3RlOg0KQWxsLA0KDQpJIHdhbnRlZCB0byBzdGFydCBzb21lIGRpc2N1c3Npb24gb24gc29t ZSBvZiB0aGUgaW5pdGlhbCBwcm9ibGVtcyAobm90IGFsbCkgdGhhdCB3ZSBoYXZlIGFscmVhZHkg aWRlbnRpZmllZCB0aGF0IG5lZWQgdG8gYmUgc29sdmVkIHdpdGggdGhpcyB0eXBlIG9mIHNvbHV0 aW9uLiBTb21lIG9mIHRoZSBzb2x1dGlvbnMgdG8gdGhlc2Ugd2lsbCBoYXZlIGVsZW1lbnRzIHdl IGNhbiBib3Jyb3cgZnJvbSBvdGhlciB3b3JrLiBBbHNvLCBrZWVwIGluIG1pbmQgYWxsIG9mIHRo aXMgbmVlZHMgdG8gd29yayBpbiBuYXRpdmUgSlNPTi4uDQoNCg0KICAxLiAgTmVlZCB0aGUgYWJp bGl0eSB0byBkb2N1bWVudCBhIHNpbmdsZSBjb21tYW5kDQoNCiAgICAgKiAgIEh1bWFuIGV4ZWN1 dGVkIGNvbW1hbmRzDQogICAgICogICBOYXRpdmUgTWFjaGluZSBjb21tYW5kcyAoQ2lzY28gSU9T LCBKdW5pcGVyLCBTRVAsIE9wZW5DMiwgU05NUCwgTkVUQ09ORiwgWUFORywgZXRjKQ0KICAgICAq ICAgV2hhdCBkZXZpY2Ugb3Igc3lzdGVtIGRvZXMgdGhlIGNvbW1hbmQgdGFyZ2V0IChEZXNrdG9w T1MgMTAgYXQgSVAgYWRkcmVzcyAxMC4wLjAuMiwgRmlyZXdhbGwgQkFSIGF0IDE5Mi4xNjguMC4u MikNCiAgICAgKiAgIFdoYXQgY2xhc3Mgb2YgZGV2aWNlcyBvciBzeXN0ZW1zIGRvZXMgdGhlIGNv bW1hbmQgdGFyZ2V0IChEZXNrdG9wT1MgMTAgYXQgcGF0Y2ggbGV2ZWwgNCwgRmlyZXdhbGwgRk9P IHZlciAxMCkNCkFkZGl0aW9uYWwgZGF0YSBjbGFzc2VzIG9mIElPREVGLCBhbHNvIHRoZSBTQ0kg ZXh0ZW5zaW9uLg0KaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL3JmYzc5NzANCg0KICAxLiAg TmVlZCB0aGUgYWJpbGl0eSB0byBkb2N1bWVudCBhIGNoYWluIG9mIGNvbW1hbmRzDQoNCiAgICAg KiAgIE5lZWQgdG8ga25vdyBpZiB0aGVyZSBpcyB0ZW1wb3JhbCBsb2dpYyBvciBjb25kaXRpb25h bCBsb2dpYyBhc3NvY2lhdGVkIGJldHdlZW4gY29tbWFuZHMNCiAgICAgKiAgIE5lZWQgdG8ga25v dyBpZiBjb21tYW5kcyBhcmUgc2VxdWVuY2VkIG9yIGlmIHRoZXkgY2FuIGJlIHJ1biBpbiBwYXJh bGxlbA0KICAgICAqICAgTmVlZCB0byBrbm93IGlmIHRoZXJlIGFyZSBmYWxsIHRocm91Z2ggb3Ig ZmFpbC10by1uZXh0IGNvbW1hbmRzDQogICAgICogICBOZWVkIHRyYWNraW5nIHRvIGtub3cgaG93 IHRvIGJhY2sgb3V0IGNvbW1hbmRzIHRoYXQgZmFpbCBhbmQgaG93IGZhciB1cCB0aGUgdHJlZSB5 b3UgbmVlZCB0byBiYWNrIG91dCBvbiBmYWlsdXJlDQoNClRha2UgYSBsb29rIGF0IHRoZSBNSUxF IHdvcmsgbW9yZSBjbG9zZWx5LCB0aGVyZSBhcmUgbGVzc29ucyBsZWFybmVkIGFzIG11Y2ggb2Yg dGhpcyBoYXMgYmVlbiBkb25lLiAgRXZlbiBpZiB5b3UgZG9uJ3Qgd2FudCB0byB1c2UgdGhlIHdv cmssIHRoZXJlICdzIG5vIHJlYXNvbiB0byBoYXZlIHVzIGFsbCBkZWJhdGUgdGhlIHNhbWUgdGhp bmdzIGFnYWluIHJhdGhlciB0aGFuIGJ1aWxkIGZyb20gZXhwZXJpZW5jZS4NCklPREVGIHByZWRp Y2F0ZSBsb2dpYzogIEl0J3Mgc2ltcGxlIGFuZCBtb3JlIGNvbXBhY3QuDQpodHRwczovL3Rvb2xz LmlldGYub3JnL2h0bWwvcmZjODI3NCNwYWdlLTcNCg0KDQogIDEuICBOZWVkIGFiaWxpdHkgdG8g cHJvdmlkZSBEaWdpdGFsIHNpZ25hdHVyZXMgYXQgdGhlIGNvbW1hbmQsIHRoZSBjb21tYW5kIGNo YWluICh0cmVlKSwgYW5kIENPQSBQcm9qZWN0IGxldmVscw0KDQogICAgICogICBUaGVzZSBkaWdp dGFsIHNpZ25hdHVyZXMgbmVlZCB0byBiZSBpbmNsdWRlZCBpbiB0aGUgcGF5bG9hZCB0aGVtc2Vs dmVzDQogICAgICogICBOZWVkIHRvIGJlIGFibGUgdG8gc2lnbiBhIHNlY3Rpb24gb3IgcGFydCBv ZiB0aGUgSlNPTiB0ZXh0IGRhdGENCiAgICAgKiAgIFRoZXkgbmVlZCB0byBiZSBpbiBwYXJhbGxl bCBhbmQgaW4gc2VyaWVzLiBNZWFuaW5nLCBhIGNvbW1hbmQgbWF5IGluZGl2aWR1YWxseSBiZSBz aWduZWQgYnkgbW9yZSB0aGFuIG9uZSBwZW9wbGUuICBUaGUgY29tbWFuZCBhbmQgYSBzaWduYXR1 cmUgbWF5IGFsc28gYmUgc2lnbmVkIG11bHRpcGxlIHRpbWVzIGluIHNlcmllcy4NCg0KICAgICAg ICAqICAgRXhhbXBsZTogQ29tcGFueSBYIHRoYXQgbWFrZXMgRGVza3RvcE9TIDEwIHNpZ25zIGEg Y29tbWFuZCB0aGF0IHNheXMgaXQgd2lsbCByZXNvbHZlIG1hbHdhcmUgWiBvbiBEZXNrdG9wT1Mg MTAgcGF0Y2ggdmVyc2lvbiA0LiBCaWcgQmFuayBGb28gbWF5IHRoZW4gc2lnbiB0aGF0IChjb21t YW5kICsgQ29tcGFueSBzaWcpIGFuZCBzYXkgdGhleSBoYXZlIHZlcmlmaWVkIGl0IGFuZCBpdCB3 b3Jrcy4gU29tZSBJU0FDIG1heSB0aGVuIHNpZ24gdGhhdCAoY29tbWFuZCArIENvbXBhbnkgc2ln ICsgQmlnIEJhbmsgRm9vIHNpZykgYW5kIHRoZW4gc2VuZCBpdCBvdXQgdG8gdGhlaXIgZWNvLXN5 c3RlbQ0KDQogICAgICogICBTaWduYXR1cmVzIG5lZWQgYWJpbGl0eSB0byBpZGVudGlmeSB3aGF0 IGFzc2VydGlvbnMgc29tZW9uZSBpcyBtYWtpbmcuDQoNCiAgICAgICAgKiAgIFdlIG5lZWQgdG8g a25vdyB3aGF0IHRoZSB0eXBlcyBvZiBhc3NlcnRpb25zIHNob3VsZCBiZSAoaXQgd29ya3MsIGl0 IGhhcyBiZWVuIHZlcmlmaWVkLCBpdCBoYXMgYmVlbiByZXZpZXdlZCwgaXQgbWF5IHdvcmssIGl0 IHNlZW1zIHRvIHdvcmssIGV0YykNCllvdSBhbHNvIG5lZWQgdG8gY29uc2lkZXIgb3JpZ2luIGF1 dGhlbnRpY2F0aW9uIGFuZCBtdWx0aS1ob3AgYXV0aGVudGljYXRpb24uICBUaGVyZSB3YXMgYSBs b3Qgb2Ygd29yayB0aGF0IHdlbnQgaW50byB0aGUgcmVxdWlyZW1lbnRzIGFuYWx5c2lzIGFjcm9z cyBhcmVhcyBvZiB0aGUgSUVURiBhcyBub3QgdG8gbWFrZSBSSUQgYW5kIG90aGVyIE1JTEUgcHJv dG9jb2xzIHNwZWNpZmljIHRvIGluY2lkZW50cyBvciBldmVuIFhNTC4NCmh0dHBzOi8vdG9vbHMu aWV0Zi5vcmcvaHRtbC9yZmM2NTQ1DQoNClllcywgdGhpcyBpcyBYTUwgYW5kIHlvdSB3YW50IEpT T04sIHVzaW5nIEpPU0UsIEkgcHJlc3VtZS4gIFN0aWxsLCB0aGUgZ2FwIGFuYWx5c2lzIEkgdGhp bmsgd2lsbCBiZSBxdWl0ZSB1c2VmdWwgYXMgSSB0aGluayB5b3UgYXJlIG1pc3NpbmcgcmVxdWly ZW1lbnRzIHdlIGFscmVhZHkgY2FtZSB1cCBhZ2FpbnN0LiAgSXQgd2lsbCBzcGVlZCB5b3VyIHdv cmsgdXAgdG8gbGV2ZXJhZ2UgZXhpc3Rpbmcgd29yay4NCg0KICAxLiAgTmVlZCBhYmlsaXR5IHRv IGdldCByZXNwb25zZXMgYXQgdGhlIGluZGl2aWR1YWwgY29tbWFuZCBsZXZlbCwgdGhlIGNoYWlu IG9mIGNvbW1hbmRzIGxldmVsLCBhbmQgdGhlIENPQSBQcm9qZWN0IGxldmVsLg0KDQogICAgICog ICBOZWVkIHRvIGlkZW50aWZ5IHRoZSB0eXBlcyBvZiByZXNwb25zZXMgdGhhdCBjYW4gYmUgcmV0 dXJuZWQgYW5kIHdoYXQgYXJlIHRoZSB0eXBlcyBvZiBjb21tYW5kIGNvZGVzIC8gcmVzcG9uc2Ug Y29kZXMgdGhhdCBzaG91bGQgYmUgcmV0dXJuZWQNCiAgICAgKiAgIE5lZWQgdG8gaWRlbnRpZnkg YW5kIGhhdmUgbmVnb3RpYXRpb24gYmV0d2VlbiBzeXN0ZW1zIGlmIHRoZSByZXNwb25zZXMgc2hv dWxkIGJlIHB1c2hlZCBvciBwdWxsZWQuDQogICAgICogICBOZWVkIHRvIGtub3cgaG93IHRoZSBp bmRpdmlkdWFsIHJlc3BvbnNlIGNhbiBpbXBhY3QgdGhlIG5leHQgc3RlcHMgaW4gdGhlIGNoYWlu Lg0KDQpZb3UgYWxzbyBuZWVkIHRvIGNvbnNpZGVyIGludGVybmF0aW9uYWxpemF0aW9uLCB3aGlj aCBoYXMgYWxyZWFkeSBiZWVuIGRvbmUgaW4gdGhlIE1JTEUgd29yay4gIFRoaXMgbGV2ZWwgb2Yg ZGV0YWlsIGhlbHBzIGEgbG90IGZvciBpbnRlcm9wZXJhYmlsaXR5LiBUaGVyZSB3ZXJlIDMgaW50 ZXJvcGVyYWJsZSBpbXBsZW1lbnRhdGlvbnMgb2YgUklELCBzbyB0ZXN0aW5nIHdhcyBkb25lLCBs ZXNzb25zIGNhbiBiZSBsZWFybmVkLiAgSSdtIG5vdCBzdXJlIGhvdyBtYXkgSU9ERUYgaW1wbGVt ZW50YXRpb25zIHRoZXJlIHdlcmUvYXJlLCBidXQgbWFueSBtb3JlIHRoYW4gdGhhdC4NCg0KT25j ZSBhZ2FpbiwgcGxlYXNlIGRvIHRoZSBnYXAgYW5hbHlzaXMgdG8gc2F2ZSB1cyBhbGwgdGltZS4g IFRoZXJlIGFyZSBvdGhlciBNSUxFIGRvY3VtZW50cyB0aGF0IG1heSBiZSB1c2VmdWwsIHRoZXkg Y2FuIGJlIGZvdW5kIG9mZiB0aGUgZG9jdW1lbnRzIGxpbmsgb2YgdGhlIGNoYXJ0ZXIgcGFnZS4g IFJPTElFIGFuZCBYTVBQIEdyaWQgd2VyZSBhbHNvIGRlc2lnbmVkIHRvIHdvcmsgd2l0aCBhbnkg Zm9ybWF0IGFuZCBJIGJlbGlldmUgYXJlIG1vcmUgZmxleGlibGUgdGhhbiBSSUQsIHNvIHRoZXJl IGlzIG11Y2ggdGhhdCBjYW4gYmUgZ2xlYW5lZCBmcm9tIHRoZXNlIGVmZm9ydHMgYXMgd2VsbCBh cyB0aGUgRE9UUyB3b3JrLg0KDQpCZXN0IHJlZ2FyZHMsDQpLYXRobGVlbg0KDQpUaGluZ3Mgd2Ug YWxyZWFkeSBrbm93IGhvdyB0byBkby4uIFdlIGtub3cgaG93IHRvIG1ha2UgdGhpcyB3b3JrIGlu IGEgZ3JhcGgsIHdlIGtub3cgaG93IHRvIG1ha2UgdGhpcyB3b3JrIHdpdGggdmVyc2lvbmluZywg d2Uga25vdyBob3cgdG8gdGllIHRoZXNlIHRvIGV4aXN0aW5nIEN5YmVyIFRocmVhdCBJbnRlbGxp Z2VuY2UuDQoNCg0KVGhhbmtzLA0KQnJldA0KUEdQIEZpbmdlcnByaW50OiA2M0I0IEZDNTMgNjgw QSA2QjdEIDE0NDcgIEYyQzAgNzRGOCBBQ0FFIDc0MTUgMDA1MA0KIldpdGhvdXQgY3J5cHRvZ3Jh cGh5IHZpaHYgdml2YyBjZSB4aHJucncsIGhvd2V2ZXIsIHRoZSBvbmx5IHRoaW5nIHRoYXQgY2Fu IG5vdCBiZSB1bnNjcmFtYmxlZCBpcyBhbiBlZ2cuIg0KDQotLQ0KQ2FjYW8gbWFpbGluZyBsaXN0 DQpDYWNhb0BpZXRmLm9yZzxtYWlsdG86Q2FjYW9AaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRm Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL2NhY2FvDQotLQ0KQ2FjYW8gbWFpbGluZyBsaXN0DQpDYWNh b0BpZXRmLm9yZzxtYWlsdG86Q2FjYW9AaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRmLm9yZy9t YWlsbWFuL2xpc3RpbmZvL2NhY2FvDQoNCg0KLS0NCg0KQmVzdCByZWdhcmRzLA0KS2F0aGxlZW4N Cg0KDQotLQ0KDQpCZXN0IHJlZ2FyZHMsDQpLYXRobGVlbg0K --_000_5f95ad0b6f3f4c54a5f1f32b11724534SVRM2EX2K13N05hscoopch_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6ZHQ9InV1aWQ6QzJGNDEwMTAtNjVC My0xMWQxLUEyOUYtMDBBQTAwQzE0ODgyIiB4bWxuczptPSJodHRwOi8vc2NoZW1hcy5taWNyb3Nv ZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy9UUi9S RUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250 ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1ldGEgbmFtZT0iR2VuZXJhdG9yIiBj b250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQgbWVkaXVtKSI+DQo8c3R5bGU+PCEt LQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpIZWx2 ZXRpY2E7DQoJcGFub3NlLTE6MiAxMSA2IDQgMiAyIDIgMiAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtm b250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2IDMgMiA0 O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUg MiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OlZlcmRhbmE7DQoJcGFu b3NlLTE6MiAxMSA2IDQgMyA1IDQgNCAyIDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAu TXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCglt YXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjEyLjBwdDsNCglmb250LWZhbWlseToi VGltZXMgTmV3IFJvbWFuIixzZXJpZjt9DQphOmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21z by1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpibHVlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRl cmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1zb0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHls ZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJwbGU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGlu ZTt9DQpzcGFuLm0tNzIwNjc3NDcyODM0MjIyMzAzOGdtYWlsLW0xMjM0MDM0NDA0MjM5MTE0NTIw YXBwbGUtc3R5bGUtc3Bhbg0KCXttc28tc3R5bGUtbmFtZTptXy03MjA2Nzc0NzI4MzQyMjIzMDM4 Z21haWwtbTEyMzQwMzQ0MDQyMzkxMTQ1MjBhcHBsZS1zdHlsZS1zcGFuO30NCnNwYW4uRW1haWxT dHlsZTE4DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsLXJlcGx5Ow0KCWZvbnQtZmFtaWx5OiJB cmlhbCIsc2Fucy1zZXJpZjsNCgljb2xvcjojMDA3MEMwOw0KCWZvbnQtd2VpZ2h0Om5vcm1hbDsN Cglmb250LXN0eWxlOm5vcm1hbDsNCgl0ZXh0LWRlY29yYXRpb246bm9uZSBub25lO30NCi5Nc29D aHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZvbnQtZmFtaWx5OiJD YWxpYnJpIixzYW5zLXNlcmlmOw0KCW1zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTO30NCkBwYWdl IFdvcmRTZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJnaW46NzAuODVwdCA3MC44 NXB0IDU2LjdwdCA3MC44NXB0O30NCmRpdi5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlv bjE7fQ0KLyogTGlzdCBEZWZpbml0aW9ucyAqLw0KQGxpc3QgbDANCgl7bXNvLWxpc3QtaWQ6NDkz MzAzMDEyOw0KCW1zby1saXN0LXRlbXBsYXRlLWlkczotMTQ3NTgxNzcxMjt9DQpAbGlzdCBsMQ0K CXttc28tbGlzdC1pZDo1MjMwNTU0NzM7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOi01NTM4NDgy MjA7fQ0KQGxpc3QgbDINCgl7bXNvLWxpc3QtaWQ6OTE5MDk2MjAzOw0KCW1zby1saXN0LXRlbXBs YXRlLWlkczotOTg5OTMyNTYwO30NCkBsaXN0IGwzDQoJe21zby1saXN0LWlkOjEzMTkzMTA0MjQ7 DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOjE0NDUyMDU1ODA7fQ0KQGxpc3QgbDM6bGV2ZWwyDQoJ e21zby1sZXZlbC1zdGFydC1hdDozOw0KCW1zby1sZXZlbC10YWItc3RvcDoxLjBpbjsNCgltc28t bGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluO30NCkBsaXN0 IGw0DQoJe21zby1saXN0LWlkOjEzNDcwNTE5NDM7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOjQw MzQ4OTY1ODt9DQpAbGlzdCBsNDpsZXZlbDINCgl7bXNvLWxldmVsLXN0YXJ0LWF0OjQ7DQoJbXNv LWxldmVsLXRhYi1zdG9wOjEuMGluOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsN Cgl0ZXh0LWluZGVudDotLjI1aW47fQ0KQGxpc3QgbDUNCgl7bXNvLWxpc3QtaWQ6MTM3MjIyMDUx MDsNCgltc28tbGlzdC10ZW1wbGF0ZS1pZHM6NjI4MzgxNTE2O30NCkBsaXN0IGw2DQoJe21zby1s aXN0LWlkOjE0MDI3NTQ2ODA7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOjYyMjIwOTA5MDt9DQpA bGlzdCBsNjpsZXZlbDINCgl7bXNvLWxldmVsLXN0YXJ0LWF0OjQ7DQoJbXNvLWxldmVsLXRhYi1z dG9wOjEuMGluOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVu dDotLjI1aW47fQ0KQGxpc3QgbDcNCgl7bXNvLWxpc3QtaWQ6MTU2MTg2NDk2OTsNCgltc28tbGlz dC10ZW1wbGF0ZS1pZHM6MjExODc5NTA4NDt9DQpAbGlzdCBsOA0KCXttc28tbGlzdC1pZDoxNzA0 NTk4MTU3Ow0KCW1zby1saXN0LXRlbXBsYXRlLWlkczoyMTQ0NjMwMzQ2O30NCkBsaXN0IGw5DQoJ e21zby1saXN0LWlkOjE4ODY3NDU5Nzc7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOi05MDM3NDYw NDt9DQpAbGlzdCBsMTANCgl7bXNvLWxpc3QtaWQ6MTg5OTQzMzYyMDsNCgltc28tbGlzdC10ZW1w bGF0ZS1pZHM6LTU0Mjc0MjY4Njt9DQpvbA0KCXttYXJnaW4tYm90dG9tOjBpbjt9DQp1bA0KCXtt YXJnaW4tYm90dG9tOjBpbjt9DQotLT48L3N0eWxlPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0K PG86c2hhcGVkZWZhdWx0cyB2OmV4dD0iZWRpdCIgc3BpZG1heD0iMTAyNiIgLz4NCjwveG1sPjwh W2VuZGlmXS0tPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hhcGVsYXlvdXQgdjpleHQ9 ImVkaXQiPg0KPG86aWRtYXAgdjpleHQ9ImVkaXQiIGRhdGE9IjEiIC8+DQo8L286c2hhcGVsYXlv dXQ+PC94bWw+PCFbZW5kaWZdLS0+DQo8L2hlYWQ+DQo8Ym9keSBsYW5nPSJERS1DSCIgbGluaz0i Ymx1ZSIgdmxpbms9InB1cnBsZSI+DQo8ZGl2IGNsYXNzPSJXb3JkU2VjdGlvbjEiPg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6 JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxh bmd1YWdlOkVOLVVTIj5IaSBLYXRobGVlbjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZx dW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzAwNzBDMDttc28tZmFyZWFzdC1sYW5n dWFnZTpFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFt aWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzAwNzBDMDttc28tZmFyZWFz dC1sYW5ndWFnZTpFTi1VUyI+b2sgdGhhbmtzIGZvciB0aGUgZmVlZGJhY2suIEkgaGF2ZSBhIHF1 ZXN0aW9uIHRvIHVuZGVyc3RhbmQgdGhpcyBwYXJ0IGJldHRlcjogJnF1b3Q7PC9zcGFuPjxzcGFu IGxhbmc9IkVOLVVTIj4NCjwvc3Bhbj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6 ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjoj MDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTIj5JJ2QgYmUgaW50ZXJlc3RlZCB0byBz ZWUgdGhlIHJlcXVpcmVtZW50cyBtYXRjaGVkIHVwIGFnYWluc3Qgd2hhdCBleGlzdHMgYW5kIHdo YXQgY2FuIGJlIHJlLXVzZWQgb3Igd2hhdCBjYW4gYmUgYSBsZXNzb24gbGVhcm5lZCBhcyB3ZWxs LiZuYnNwOw0KIElPREVGIGNhcnJpZXMgdGhlIENvQXMgdGhhdCB1c2VkIHRvIGJlIGluIFJJRCBh bmQgSU9ERUYgaGFzIGEgbmVzdGluZyBjYXBhYmlsaXR5IGFzIHdlbGwgYXMgYSB3YXkgdG8gbGF5 IG91ciB0aGUgZm9ybWF0IHRvIGFsbG93IGZvciBwcmVkaWNhdGUgbG9naWMsIHNvIGFuYWx5c2lz IG9uIHRoYXQgd291bGQgYmUgaW50ZXJlc3RpbmcgYXMgd2VsbC4mbmJzcDsgSXQgY2FuIGJlIHVz ZWQgZm9yIGNoYWlucyBvZiBjb25uZWN0ZWQgZXZlbnRzL2luY2lkZW50cy4mbmJzcDsNCiBVbmRl cnN0YW5kaW5nIHdoYXQgZG9lc24ndCB3b3JrIGZvciB5b3VyIG5ldyBlZmZvcnQgd291bGQgaGVs cCB0byB1bmRlcnN0YW5kIHdoeSBpdCdzIG5lZWRlZCBhbmQgaG93IGl0IGlzIGJldHRlci4mcXVv dDs8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5n PSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwm cXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVT Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7 QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdl OkVOLVVTIj5TaW5jZSB0aGUgZ29hbHMgb2YgYm90aCBpbml0aWF0aXZlcyBhcmUgZGlmZmVyZW50 LCBJIHN0cnVnZ2xlIGEgYml0LiBUZWNobmljYWxseSB3ZSBzaG91bGQgYWx3YXlzIGRpc2N1c3Mg d2hhdCBjb25jZXB0cw0KIHdvcmsgZm9yIHdoaWNoIHVzZSBjYXNlLiBMaWtlIGZvciBpbnN0YW5j ZSBkbyB3ZSBuZWVkIGFuIGF1dGhlbnRpY2F0aW9uIHNvbWV3aGVyZSBvciBub3QsIGFuZCB3ZSBk b24ndCByZS1pbnZlbnQgdGhlIGF1dGhlbnRpY2F0aW9uLiBXZSBjaGVjayBob3cgaXQgaXMgdXN1 YWxseSBkb25lIHRvZGF5LiBJcyB0aGF0IHdoYXQgeW91IGFyZSByZWZlcnJpbmcgdG8gd2hlbiB5 b3UgbWVudGlvbiB0aGUgcHJlZGljYXRlIGxvZ2ljIGV0Yz8gU28sIHNpbmNlDQogTUlMRSBhbHJl YWR5IHdvcmtlZCBvbiBleGNoYW5nZSBmb3JtYXRzIGZvciBpbmNpZGVudHMgZXZlbiBpZiB0aGVp ciBnb2FsIHdhcyBkaWZmZXJlbnQsIHdlIG1pZ2h0IGhhdmUgc2ltaWxhciBmb3JtYXR0aW5nIHJl cXVpcmVtZW50cyB3aGVuIHdlIGRpc2N1c3MgdGhlIHJlYWN0aW9ucyB0byBpbmNpZGVudHM/IChq dXN0IHBpY2tpbmcgdGhlIGZvcm1hdHRpbmcgZXhhbXBsZSBoZXJlKS48bzpwPjwvbzpwPjwvc3Bh bj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZv bnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtj b2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTIj48bzpwPiZuYnNwOzwvbzpw Pjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5 bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1z ZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVTIj5iZXN0IHJlZ2Fy ZHM8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5n PSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwm cXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMDA3MEMwO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLVVT Ij5DYXJvbGluPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw YW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90 O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzAwNzBDMDttc28tZmFyZWFzdC1sYW5ndWFn ZTpFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PGI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFt aWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+RnJvbTo8L3NwYW4+PC9iPjxzcGFu IGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtD YWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWYiPiBLYXRobGVlbiBNb3JpYXJ0eSBbbWFpbHRvOmthdGhs ZWVuLm1vcmlhcnR5LmlldGZAZ21haWwuY29tXQ0KPGJyPg0KPGI+U2VudDo8L2I+IFdlZG5lc2Rh eSwgU2VwdGVtYmVyIDE5LCAyMDE4IDQ6MTEgUE08YnI+DQo8Yj5Ubzo8L2I+IEJhdW1nYXJ0bmVy IENhcm9saW4gJmx0O0Nhcm9saW4uQmF1bWdhcnRuZXJAaW50ZXJkaXNjb3VudC5jaCZndDs8YnI+ DQo8Yj5DYzo8L2I+IEJhcnJ5IEdyZWVuZSAmbHQ7YmFycnlyZ3JlZW5lQGdtYWlsLmNvbSZndDs7 IGNhY2FvQGlldGYub3JnOyBCcmV0IEpvcmRhbiAmbHQ7am9yZGFuLmlldGZAZ21haWwuY29tJmd0 Ozxicj4NCjxiPlN1YmplY3Q6PC9iPiBSZTogW0NhY2FvXSBJbml0aWFsIFByb2JsZW0gU2V0PG86 cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286 cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+SGkgQ2Fyb2xpbiw8bzpwPjwvbzpw PjwvcD4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4N CjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlRoYW5rcyBmb3Igc3RhcnRpbmcg c29tZXRoaW5nIHRvIGhlbHAhJm5ic3A7IEkgdGhpbmsgdGhhdCBjb3VsZCBiZSBhIGdvb2Qgc3Rh cnRpbmcgcG9pbnQuJm5ic3A7IEknZCBiZSBpbnRlcmVzdGVkIHRvIHNlZSB0aGUgcmVxdWlyZW1l bnRzIG1hdGNoZWQgdXAgYWdhaW5zdCB3aGF0IGV4aXN0cyBhbmQgd2hhdCBjYW4gYmUgcmUtdXNl ZCBvciB3aGF0IGNhbiBiZSBhIGxlc3NvbiBsZWFybmVkIGFzIHdlbGwuJm5ic3A7IElPREVGIGNh cnJpZXMNCiB0aGUgQ29BcyB0aGF0IHVzZWQgdG8gYmUgaW4gUklEIGFuZCBJT0RFRiBoYXMgYSBu ZXN0aW5nIGNhcGFiaWxpdHkgYXMgd2VsbCBhcyBhIHdheSB0byBsYXkgb3VyIHRoZSBmb3JtYXQg dG8gYWxsb3cgZm9yIHByZWRpY2F0ZSBsb2dpYywgc28gYW5hbHlzaXMgb24gdGhhdCB3b3VsZCBi ZSBpbnRlcmVzdGluZyBhcyB3ZWxsLiZuYnNwOyBJdCBjYW4gYmUgdXNlZCBmb3IgY2hhaW5zIG9m IGNvbm5lY3RlZCBldmVudHMvaW5jaWRlbnRzLiZuYnNwOyBVbmRlcnN0YW5kaW5nDQogd2hhdCBk b2Vzbid0IHdvcmsgZm9yIHlvdXIgbmV3IGVmZm9ydCB3b3VsZCBoZWxwIHRvIHVuZGVyc3RhbmQg d2h5IGl0J3MgbmVlZGVkIGFuZCBob3cgaXQgaXMgYmV0dGVyLjxvOnA+PC9vOnA+PC9wPg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8 L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5UaGVuIGZvciBSSUQsIHRoZXJlIGlz IGxvdHMgdGhhdCBpcyBtZXQgaW4gdGhlIHJlcXVpcmVtZW50IGxpc3QgdGhhdCB3YXMgc2VudCBv dXQgYW5kIHNvbWUgcmVxdWlyZW1lbnRzIHRoYXQgSSBzdWdnZXN0ZWQgKHRoZXJlIGFyZSBtb3Jl KSB0aGF0IHdlcmUgbGVhcm5lZCBmcm9tIHRpbWUgYW5kIGV4cGVyaWVuY2Ugb24gZXNzZW50aWFs bHkgdGhlIHNhbWUgcHJvYmxlbS48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+QmFycnkgLSB1bmRlcnN0YW5kaW5nIG1vcmUgb24geW91ciB3b3Jr IGFuZCB0aGUgQ2lzY28gcHJvZHVjdHMgbWVudGlvbmVkIHdvdWxkIGJlIGhlbHBmdWwgdG9vLiZu YnNwOyBJZiBzdGFuZGFyZHMgd2VyZSB1c2VkIG9yIG5vdCBhbmQgd2hhdCBjYW4gYmUgaW50ZWdy YXRlZCBpbnRvIHRoaXMgZWZmb3J0IG9yIHdoYXQgY2FuIGJlIGEgbGVzc29uIGxlYXJuZWQgdG8g aW1wcm92ZSBmb3IgdGhpcyBlZmZvcnQuPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPlRoaXMgd2lsbCBiZSB2ZXJ5IGhlbHBmdWwgZm9yIGEgQm9G IHRvIGJlIHN1Y2Nlc3NmdWwuJm5ic3A7IFlvdSdsbCBnZXQgZGVyYWlsZWQgb3RoZXJ3aXNlLjxv OnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4m bmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5UaGFu ayB5b3UsPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij5LYXRobGVlbjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj5PbiBXZWQsIFNlcCAxOSwgMjAxOCBhdCA0OjMxIEFNICZsdDs8YSBocmVmPSJtYWls dG86Q2Fyb2xpbi5CYXVtZ2FydG5lckBpbnRlcmRpc2NvdW50LmNoIj5DYXJvbGluLkJhdW1nYXJ0 bmVyQGludGVyZGlzY291bnQuY2g8L2E+Jmd0OyB3cm90ZTo8bzpwPjwvbzpwPjwvcD4NCjwvZGl2 Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0ND Q0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJn aW4tcmlnaHQ6MGluIj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9 Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90Oyxz YW5zLXNlcmlmO2NvbG9yOiMwMDcwQzAiPkhpIEJyZXQsIEthdGhsZWVuPC9zcGFuPjxvOnA+PC9v OnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDph dXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEw LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMwMDcw QzAiPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0 eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+ PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZx dW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzAwNzBDMCI+d291bGQgdGhhdCBiZSBz b21ldGhpbmcgdGhhdCBjb3VsZCB3b3JrIGFzIHNvbWUga2luZCBvZiBnYXAgYW5hbHlzaXM/DQo8 YSBocmVmPSJodHRwczovL2dpdGh1Yi5jb20vY2xhdHplL2lldGYvYmxvYi9tYXN0ZXIvQ0FDQU8t Z2FwLUZBUS5tZCIgdGFyZ2V0PSJfYmxhbmsiPg0KaHR0cHM6Ly9naXRodWIuY29tL2NsYXR6ZS9p ZXRmL2Jsb2IvbWFzdGVyL0NBQ0FPLWdhcC1GQVEubWQ8L2E+IC4gSXQgaXMgbm8gcmVhbCBnYXAg YW5hbHlzaXMsIHRoaXMgRkFRIHdvdWxkIHJhdGhlciBoaWdobGlnaHQgdGhlIGRpZmZlcmVuY2Vz LiBJIGp1c3QgdG9vayB0d28gc2FtcGxlcyB0byBzaG93IGhvdyB0aGF0IGNvdWxkIGxvb2sgbGlr ZSBhbmQgaWYgdGhhdCBpcyB3aGF0IGNvdWxkIGJlIGhlbHBmdWwuIFdlIGNvdWxkIGFsc28gaW5j bHVkZQ0KIGNvbW1lbnRzIGhlcmUgbGlrZeKApiAmcXVvdDtDQUNBTyBtYWtlcyB1c2Ugb2YgWFkg dG8gYWNoaWV2ZSBpdHMgZ29hbCZxdW90Oy48L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1i b3R0b20tYWx0OmF1dG8iPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjEwLjBw dDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMwMDcwQzAi PiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxl PSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+PHNw YW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90 O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzAwNzBDMCI+YmVzdCByZWdhcmRzPGJyPg0K Q2Fyb2xpbjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxl PSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+PHNw YW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90 O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzAwNzBDMCI+Jm5ic3A7PC9zcGFuPjxvOnA+ PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFs dDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48Yj48c3BhbiBsYW5nPSJFTi1VUyIg c3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90Oyxz YW5zLXNlcmlmIj5Gcm9tOjwvc3Bhbj48L2I+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250 LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+ IENhY2FvDQogW21haWx0bzo8YSBocmVmPSJtYWlsdG86Y2FjYW8tYm91bmNlc0BpZXRmLm9yZyIg dGFyZ2V0PSJfYmxhbmsiPmNhY2FvLWJvdW5jZXNAaWV0Zi5vcmc8L2E+XQ0KPGI+T24gQmVoYWxm IE9mIDwvYj5LYXRobGVlbiBNb3JpYXJ0eTxicj4NCjxiPlNlbnQ6PC9iPiBXZWRuZXNkYXksIFNl cHRlbWJlciAxOSwgMjAxOCA0OjA2IEFNPGJyPg0KPGI+VG86PC9iPiBCYXJyeSBHcmVlbmUgJmx0 OzxhIGhyZWY9Im1haWx0bzpiYXJyeXJncmVlbmVAZ21haWwuY29tIiB0YXJnZXQ9Il9ibGFuayI+ YmFycnlyZ3JlZW5lQGdtYWlsLmNvbTwvYT4mZ3Q7PGJyPg0KPGI+Q2M6PC9iPiA8YSBocmVmPSJt YWlsdG86Y2FjYW9AaWV0Zi5vcmciIHRhcmdldD0iX2JsYW5rIj5jYWNhb0BpZXRmLm9yZzwvYT47 IEJyZXQgSm9yZGFuICZsdDs8YSBocmVmPSJtYWlsdG86am9yZGFuLmlldGZAZ21haWwuY29tIiB0 YXJnZXQ9Il9ibGFuayI+am9yZGFuLmlldGZAZ21haWwuY29tPC9hPiZndDs8YnI+DQo8Yj5TdWJq ZWN0OjwvYj4gUmU6IFtDYWNhb10gSW5pdGlhbCBQcm9ibGVtIFNldDwvc3Bhbj48bzpwPjwvbzpw PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0 bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8ZGl2 Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1t YXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj5IaSBCcmV0LDxv OnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFy Z2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+Jm5ic3A7PG86cD48 L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNv LW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxv OnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1h cmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+ PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNv LW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPk9uIFR1ZSwg U2VwIDE4LCAyMDE4IGF0IDY6MzUgUE0gQmFycnkgR3JlZW5lICZsdDs8YSBocmVmPSJtYWlsdG86 YmFycnlyZ3JlZW5lQGdtYWlsLmNvbSIgdGFyZ2V0PSJfYmxhbmsiPmJhcnJ5cmdyZWVuZUBnbWFp bC5jb208L2E+Jmd0OyB3cm90ZTo8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUg c3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGlu ZzowaW4gMGluIDBpbiA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tdG9wOjUuMHB0O21h cmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2lu LWJvdHRvbS1hbHQ6YXV0byI+SGkgQnJldCw8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28t bWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87 bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPldoYXQgeW91IGhhdmUgYmVsb3cgd2FzIGRvbmUg aW4gQ2lzY2/igJlzIFRJRFAvVE1TIGFyY2hpdGVjdHVyZS4uJm5ic3A7PG86cD48L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10 b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJn aW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj5CYXJyeTxvOnA+PC9v OnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1t YXJnaW4tdG9wLWFsdDphdXRvO21hcmdpbi1ib3R0b206MTIuMHB0Ij48YnI+DQpPbiBTZXAgMTgs IDIwMTgsIGF0IDIzOjQ5LCBCcmV0IEpvcmRhbiAmbHQ7PGEgaHJlZj0ibWFpbHRvOmpvcmRhbi4u aWV0ZkBnbWFpbC5jb20iIHRhcmdldD0iX2JsYW5rIj5qb3JkYW4uaWV0ZkBnbWFpbC5jb208L2E+ Jmd0OyB3cm90ZTo8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9Im1h cmdpbi10b3A6NS4wcHQ7bWFyZ2luLWJvdHRvbTo1LjBwdCI+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2lu LWJvdHRvbS1hbHQ6YXV0byI+QWxsLDxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJn aW4tYm90dG9tLWFsdDphdXRvIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28t bWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+SSB3YW50ZWQgdG8gc3RhcnQgc29tZSBkaXNjdXNzaW9u IG9uIHNvbWUgb2YgdGhlIGluaXRpYWwgcHJvYmxlbXMgKG5vdCBhbGwpIHRoYXQgd2UgaGF2ZSBh bHJlYWR5IGlkZW50aWZpZWQgdGhhdCBuZWVkIHRvIGJlIHNvbHZlZCB3aXRoIHRoaXMgdHlwZSBv ZiBzb2x1dGlvbi4gU29tZSBvZiB0aGUgc29sdXRpb25zDQogdG8gdGhlc2Ugd2lsbCBoYXZlIGVs ZW1lbnRzIHdlIGNhbiBib3Jyb3cgZnJvbSBvdGhlciB3b3JrLiBBbHNvLCBrZWVwIGluIG1pbmQg YWxsIG9mIHRoaXMgbmVlZHMgdG8gd29yayBpbiBuYXRpdmUgSlNPTi4uPG86cD48L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10 b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0i TXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0 b20tYWx0OmF1dG87bXNvLWxpc3Q6bDkgbGV2ZWwxIGxmbzEiPg0KTmVlZCB0aGUgYWJpbGl0eSB0 byBkb2N1bWVudCBhIHNpbmdsZSBjb21tYW5kPG86cD48L286cD48L2xpPjwvb2w+DQo8b2wgc3Rh cnQ9IjEiIHR5cGU9IjEiPg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNv Tm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20t YWx0OmF1dG87bXNvLWxpc3Q6bDggbGV2ZWwyIGxmbzIiPg0KSHVtYW4gZXhlY3V0ZWQgY29tbWFu ZHM8bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2lu LXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsOCBsZXZl bDIgbGZvMiI+DQpOYXRpdmUgTWFjaGluZSBjb21tYW5kcyAoQ2lzY28gSU9TLCBKdW5pcGVyLCBT RVAsIE9wZW5DMiwgU05NUCwgTkVUQ09ORiwgWUFORywgZXRjKTxvOnA+PC9vOnA+PC9saT48bGkg Y2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJn aW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0Omw4IGxldmVsMiBsZm8yIj4NCldoYXQgZGV2aWNl IG9yIHN5c3RlbSBkb2VzIHRoZSBjb21tYW5kIHRhcmdldCAoRGVza3RvcE9TIDEwIGF0IElQIGFk ZHJlc3MgMTAuMC4wLjIsIEZpcmV3YWxsIEJBUiBhdCAxOTIuMTY4LjAuLjIpPG86cD48L286cD48 L2xpPjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87 bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDggbGV2ZWwyIGxmbzIiPg0KV2hh dCBjbGFzcyBvZiBkZXZpY2VzIG9yIHN5c3RlbXMgZG9lcyB0aGUgY29tbWFuZCB0YXJnZXQgKERl c2t0b3BPUyAxMCBhdCBwYXRjaCBsZXZlbCA0LCBGaXJld2FsbCBGT08gdmVyIDEwKTxvOnA+PC9v OnA+PC9saT48L29sPg0KPC9vbD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8L2Rp dj4NCjwvYmxvY2txdW90ZT4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNv LW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPkFkZGl0aW9u YWwgZGF0YSBjbGFzc2VzIG9mIElPREVGLCBhbHNvIHRoZSBTQ0kgZXh0ZW5zaW9uLjxvOnA+PC9v OnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1t YXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48YSBocmVmPSJo dHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjNzk3MCIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBz Oi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9yZmM3OTcwPC9hPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+ DQo8YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0ND QyAxLjBwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdp bi10b3A6NS4wcHQ7bWFyZ2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+ DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9tOjUuMHB0 Ij4NCjxkaXY+DQo8ZGl2Pg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNv Tm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20t YWx0OmF1dG87bXNvLWxpc3Q6bDEgbGV2ZWwxIGxmbzMiPg0KTmVlZCB0aGUgYWJpbGl0eSB0byBk b2N1bWVudCBhIGNoYWluIG9mIGNvbW1hbmRzPG86cD48L286cD48L2xpPjwvb2w+DQo8b2wgc3Rh cnQ9IjEiIHR5cGU9IjEiPg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNv Tm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20t YWx0OmF1dG87bXNvLWxpc3Q6bDUgbGV2ZWwyIGxmbzQiPg0KTmVlZCB0byBrbm93IGlmIHRoZXJl IGlzIHRlbXBvcmFsIGxvZ2ljIG9yIGNvbmRpdGlvbmFsIGxvZ2ljIGFzc29jaWF0ZWQgYmV0d2Vl biBjb21tYW5kczxvOnA+PC9vOnA+PC9saT48bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1z by1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0 Omw1IGxldmVsMiBsZm80Ij4NCk5lZWQgdG8ga25vdyBpZiBjb21tYW5kcyBhcmUgc2VxdWVuY2Vk IG9yIGlmIHRoZXkgY2FuIGJlIHJ1biBpbiBwYXJhbGxlbDxvOnA+PC9vOnA+PC9saT48bGkgY2xh c3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4t Ym90dG9tLWFsdDphdXRvO21zby1saXN0Omw1IGxldmVsMiBsZm80Ij4NCk5lZWQgdG8ga25vdyBp ZiB0aGVyZSBhcmUgZmFsbCB0aHJvdWdoIG9yIGZhaWwtdG8tbmV4dCBjb21tYW5kczxvOnA+PC9v OnA+PC9saT48bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDph dXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0Omw1IGxldmVsMiBsZm80Ij4N Ck5lZWQgdHJhY2tpbmcgdG8ga25vdyBob3cgdG8gYmFjayBvdXQgY29tbWFuZHMgdGhhdCBmYWls IGFuZCBob3cgZmFyIHVwIHRoZSB0cmVlIHlvdSBuZWVkIHRvIGJhY2sgb3V0IG9uIGZhaWx1cmUm bmJzcDs8bzpwPjwvbzpwPjwvbGk+PC9vbD4NCjwvb2w+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ibG9j a3F1b3RlPg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDph dXRvIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1h bHQ6YXV0byI+VGFrZSBhIGxvb2sgYXQgdGhlIE1JTEUgd29yayBtb3JlIGNsb3NlbHksIHRoZXJl IGFyZSBsZXNzb25zIGxlYXJuZWQgYXMgbXVjaCBvZiB0aGlzIGhhcyBiZWVuIGRvbmUuJm5ic3A7 IEV2ZW4gaWYgeW91IGRvbid0IHdhbnQgdG8gdXNlIHRoZSB3b3JrLCB0aGVyZSAncyBubyByZWFz b24gdG8gaGF2ZSB1cyBhbGwgZGViYXRlDQogdGhlIHNhbWUgdGhpbmdzIGFnYWluIHJhdGhlciB0 aGFuIGJ1aWxkIGZyb20gZXhwZXJpZW5jZS48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28t bWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+SU9ERUYgcHJlZGljYXRlIGxvZ2ljOiZuYnNwOyBJdCdz IHNpbXBsZSBhbmQgbW9yZSBjb21wYWN0LjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1t YXJnaW4tYm90dG9tLWFsdDphdXRvIj48YSBocmVmPSJodHRwczovL3Rvb2xzLmlldGYub3JnL2h0 bWwvcmZjODI3NCNwYWdlLTciIHRhcmdldD0iX2JsYW5rIj5odHRwczovL3Rvb2xzLmlldGYub3Jn L2h0bWwvcmZjODI3NCNwYWdlLTc8L2E+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1h cmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8Ymxv Y2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBw dDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi10b3A6 NS4wcHQ7bWFyZ2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8Ymxv Y2txdW90ZSBzdHlsZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxk aXY+DQo8ZGl2Pg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNvTm9ybWFs IiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1 dG87bXNvLWxpc3Q6bDEwIGxldmVsMSBsZm81Ij4NCk5lZWQgYWJpbGl0eSB0byBwcm92aWRlIERp Z2l0YWwgc2lnbmF0dXJlcyBhdCB0aGUgY29tbWFuZCwgdGhlIGNvbW1hbmQgY2hhaW4gKHRyZWUp LCBhbmQgQ09BIFByb2plY3QgbGV2ZWxzPG86cD48L286cD48L2xpPjwvb2w+DQo8b2wgc3RhcnQ9 IjEiIHR5cGU9IjEiPg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNvTm9y bWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0 OmF1dG87bXNvLWxpc3Q6bDcgbGV2ZWwyIGxmbzYiPg0KVGhlc2UgZGlnaXRhbCBzaWduYXR1cmVz IG5lZWQgdG8gYmUgaW5jbHVkZWQgaW4gdGhlIHBheWxvYWQgdGhlbXNlbHZlczxvOnA+PC9vOnA+ PC9saT48bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRv O21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0Omw3IGxldmVsMiBsZm82Ij4NCk5l ZWQgdG8gYmUgYWJsZSB0byBzaWduIGEgc2VjdGlvbiBvciBwYXJ0IG9mIHRoZSBKU09OIHRleHQg ZGF0YTxvOnA+PC9vOnA+PC9saT48bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJn aW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0Omw3IGxl dmVsMiBsZm82Ij4NClRoZXkgbmVlZCB0byBiZSBpbiBwYXJhbGxlbCBhbmQgaW4gc2VyaWVzLiBN ZWFuaW5nLCBhIGNvbW1hbmQgbWF5IGluZGl2aWR1YWxseSBiZSBzaWduZWQgYnkgbW9yZSB0aGFu IG9uZSBwZW9wbGUuJm5ic3A7IFRoZSBjb21tYW5kIGFuZCBhIHNpZ25hdHVyZSBtYXkgYWxzbyBi ZSBzaWduZWQgbXVsdGlwbGUgdGltZXMgaW4gc2VyaWVzLjxvOnA+PC9vOnA+PC9saT48L29sPg0K PC9vbD4NCjxvbCBzdGFydD0iMSIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjMiIHR5cGU9IjEiPg0K PG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNv LW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6 bDMgbGV2ZWwzIGxmbzciPg0KRXhhbXBsZTogQ29tcGFueSBYIHRoYXQgbWFrZXMgRGVza3RvcE9T IDEwIHNpZ25zIGEgY29tbWFuZCB0aGF0IHNheXMgaXQgd2lsbCByZXNvbHZlIG1hbHdhcmUgWiBv biBEZXNrdG9wT1MgMTAgcGF0Y2ggdmVyc2lvbiA0LiBCaWcgQmFuayBGb28gbWF5IHRoZW4gc2ln biB0aGF0IChjb21tYW5kICYjNDM7IENvbXBhbnkgc2lnKSBhbmQgc2F5IHRoZXkgaGF2ZSB2ZXJp ZmllZCBpdCBhbmQgaXQgd29ya3MuIFNvbWUgSVNBQyBtYXkgdGhlbiBzaWduIHRoYXQNCiAoY29t bWFuZCAmIzQzOyBDb21wYW55IHNpZyAmIzQzOyBCaWcgQmFuayBGb28gc2lnKSBhbmQgdGhlbiBz ZW5kIGl0IG91dCB0byB0aGVpciBlY28tc3lzdGVtPG86cD48L286cD48L2xpPjwvb2w+DQo8L29s Pg0KPC9vbD4NCjxvbCBzdGFydD0iMSIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjQiIHR5cGU9IjEi Pg0KPGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bztt c28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsNCBsZXZlbDIgbGZvOCI+DQpTaWdu YXR1cmVzIG5lZWQgYWJpbGl0eSB0byBpZGVudGlmeSB3aGF0IGFzc2VydGlvbnMgc29tZW9uZSBp cyBtYWtpbmcuICZuYnNwOzxvOnA+PC9vOnA+PC9saT48L29sPg0KPC9vbD4NCjxvbCBzdGFydD0i MSIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjQiIHR5cGU9IjEiPg0KPG9sIHN0YXJ0PSIxIiB0eXBl PSIxIj4NCjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1 dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxpc3Q6bDYgbGV2ZWwzIGxmbzkiPg0K V2UgbmVlZCB0byBrbm93IHdoYXQgdGhlIHR5cGVzIG9mIGFzc2VydGlvbnMgc2hvdWxkIGJlIChp dCB3b3JrcywgaXQgaGFzIGJlZW4gdmVyaWZpZWQsIGl0IGhhcyBiZWVuIHJldmlld2VkLCBpdCBt YXkgd29yaywgaXQgc2VlbXMgdG8gd29yaywgZXRjKTxvOnA+PC9vOnA+PC9saT48L29sPg0KPC9v bD4NCjwvb2w+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8L2Jsb2Nr cXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9w LWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj5Zb3UgYWxzbyBuZWVkIHRvIGNv bnNpZGVyIG9yaWdpbiBhdXRoZW50aWNhdGlvbiBhbmQgbXVsdGktaG9wIGF1dGhlbnRpY2F0aW9u LiZuYnNwOyBUaGVyZSB3YXMgYSBsb3Qgb2Ygd29yayB0aGF0IHdlbnQgaW50byB0aGUgcmVxdWly ZW1lbnRzIGFuYWx5c2lzIGFjcm9zcyBhcmVhcyBvZiB0aGUgSUVURiBhcyBub3QgdG8NCiBtYWtl IFJJRCBhbmQgb3RoZXIgTUlMRSBwcm90b2NvbHMgc3BlY2lmaWMgdG8gaW5jaWRlbnRzIG9yIGV2 ZW4gWE1MLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDph dXRvIj48YSBocmVmPSJodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjNjU0NSIgdGFyZ2V0 PSJfYmxhbmsiPmh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9yZmM2NTQ1PC9hPiZuYnNwOzxv OnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9 Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj4mbmJz cDs8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0 eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+ WWVzLCB0aGlzIGlzIFhNTCBhbmQgeW91IHdhbnQgSlNPTiwgdXNpbmcgSk9TRSwgSSBwcmVzdW1l LiZuYnNwOyBTdGlsbCwgdGhlIGdhcCBhbmFseXNpcyBJIHRoaW5rIHdpbGwgYmUgcXVpdGUgdXNl ZnVsIGFzIEkgdGhpbmsgeW91IGFyZSBtaXNzaW5nIHJlcXVpcmVtZW50cyB3ZSBhbHJlYWR5IGNh bWUgdXAgYWdhaW5zdC4mbmJzcDsNCiBJdCB3aWxsIHNwZWVkIHlvdXIgd29yayB1cCB0byBsZXZl cmFnZSBleGlzdGluZyB3b3JrLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8YmxvY2txdW90ZSBz dHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBwdDtwYWRkaW5n OjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi10b3A6NS4wcHQ7bWFy Z2luLXJpZ2h0OjBpbjttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8YmxvY2txdW90ZSBz dHlsZT0ibWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8ZGl2 Pg0KPG9sIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0i bXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87bXNvLWxp c3Q6bDIgbGV2ZWwxIGxmbzEwIj4NCk5lZWQgYWJpbGl0eSB0byBnZXQgcmVzcG9uc2VzIGF0IHRo ZSBpbmRpdmlkdWFsIGNvbW1hbmQgbGV2ZWwsIHRoZSBjaGFpbiBvZiBjb21tYW5kcyBsZXZlbCwg YW5kIHRoZSBDT0EgUHJvamVjdCBsZXZlbC4mbmJzcDs8bzpwPjwvbzpwPjwvbGk+PC9vbD4NCjxv bCBzdGFydD0iMSIgdHlwZT0iMSI+DQo8b2wgc3RhcnQ9IjEiIHR5cGU9IjEiPg0KPGxpIGNsYXNz PSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJv dHRvbS1hbHQ6YXV0bzttc28tbGlzdDpsMCBsZXZlbDIgbGZvMTEiPg0KTmVlZCB0byBpZGVudGlm eSB0aGUgdHlwZXMgb2YgcmVzcG9uc2VzIHRoYXQgY2FuIGJlIHJldHVybmVkJm5ic3A7YW5kIHdo YXQgYXJlIHRoZSB0eXBlcyBvZiBjb21tYW5kIGNvZGVzIC8gcmVzcG9uc2UgY29kZXMgdGhhdCBz aG91bGQgYmUgcmV0dXJuZWQ8bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0 eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bztt c28tbGlzdDpsMCBsZXZlbDIgbGZvMTEiPg0KTmVlZCB0byBpZGVudGlmeSBhbmQgaGF2ZSBuZWdv dGlhdGlvbiBiZXR3ZWVuIHN5c3RlbXMgaWYgdGhlIHJlc3BvbnNlcyBzaG91bGQgYmUgcHVzaGVk IG9yIHB1bGxlZC48bzpwPjwvbzpwPjwvbGk+PGxpIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJt c28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzttc28tbGlz dDpsMCBsZXZlbDIgbGZvMTEiPg0KTmVlZCB0byBrbm93IGhvdyB0aGUgaW5kaXZpZHVhbCByZXNw b25zZSBjYW4gaW1wYWN0IHRoZSBuZXh0IHN0ZXBzIGluIHRoZSBjaGFpbi48bzpwPjwvbzpwPjwv bGk+PC9vbD4NCjwvb2w+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHls ZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZu YnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjwvZGl2 Pg0KPC9ibG9ja3F1b3RlPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28t bWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+WW91IGFsc28g bmVlZCB0byBjb25zaWRlciBpbnRlcm5hdGlvbmFsaXphdGlvbiwgd2hpY2ggaGFzIGFscmVhZHkg YmVlbiBkb25lIGluIHRoZSBNSUxFIHdvcmsuJm5ic3A7IFRoaXMgbGV2ZWwgb2YgZGV0YWlsIGhl bHBzIGEgbG90IGZvciBpbnRlcm9wZXJhYmlsaXR5LiBUaGVyZSB3ZXJlIDMgaW50ZXJvcGVyYWJs ZQ0KIGltcGxlbWVudGF0aW9ucyBvZiBSSUQsIHNvIHRlc3Rpbmcgd2FzIGRvbmUsIGxlc3NvbnMg Y2FuIGJlIGxlYXJuZWQuJm5ic3A7IEknbSBub3Qgc3VyZSBob3cgbWF5IElPREVGIGltcGxlbWVu dGF0aW9ucyB0aGVyZSB3ZXJlL2FyZSwgYnV0IG1hbnkgbW9yZSB0aGFuIHRoYXQuPG86cD48L286 cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1h cmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+ PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1z by1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj5PbmNlIGFn YWluLCBwbGVhc2UgZG8gdGhlIGdhcCBhbmFseXNpcyB0byBzYXZlIHVzIGFsbCB0aW1lLiZuYnNw OyBUaGVyZSBhcmUgb3RoZXIgTUlMRSBkb2N1bWVudHMgdGhhdCBtYXkgYmUgdXNlZnVsLCB0aGV5 IGNhbiBiZSBmb3VuZCBvZmYgdGhlIGRvY3VtZW50cyBsaW5rIG9mIHRoZSBjaGFydGVyIHBhZ2Uu Jm5ic3A7IFJPTElFDQogYW5kIFhNUFAgR3JpZCB3ZXJlIGFsc28gZGVzaWduZWQgdG8gd29yayB3 aXRoIGFueSBmb3JtYXQgYW5kIEkgYmVsaWV2ZSBhcmUgbW9yZSBmbGV4aWJsZSB0aGFuIFJJRCwg c28gdGhlcmUgaXMgbXVjaCB0aGF0IGNhbiBiZSBnbGVhbmVkIGZyb20gdGhlc2UgZWZmb3J0cyBh cyB3ZWxsIGFzIHRoZSBET1RTIHdvcmsuPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1h cmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21z by1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj5CZXN0IHJlZ2FyZHMsPG86cD48L286cD48L3A+DQo8 L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3At YWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPkthdGhsZWVuPG86cD48L286cD48 L3A+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItbGVmdDpz b2xpZCAjQ0NDQ0NDIDEuMHB0O3BhZGRpbmc6MGluIDBpbiAwaW4gNi4wcHQ7bWFyZ2luLWxlZnQ6 NC44cHQ7bWFyZ2luLXRvcDo1LjBwdDttYXJnaW4tcmlnaHQ6MGluO21hcmdpbi1ib3R0b206NS4w cHQiPg0KPGRpdj4NCjxibG9ja3F1b3RlIHN0eWxlPSJtYXJnaW4tdG9wOjUuMHB0O21hcmdpbi1i b3R0b206NS4wcHQiPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0i bXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNw OzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5 bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj5U aGluZ3Mgd2UgYWxyZWFkeSBrbm93IGhvdyB0byBkby4uIFdlIGtub3cgaG93IHRvIG1ha2UgdGhp cyB3b3JrIGluIGEgZ3JhcGgsIHdlIGtub3cgaG93IHRvIG1ha2UgdGhpcyB3b3JrIHdpdGggdmVy c2lvbmluZywgd2Uga25vdyBob3cgdG8gdGllIHRoZXNlIHRvIGV4aXN0aW5nIEN5YmVyIFRocmVh dCBJbnRlbGxpZ2VuY2UuDQogJm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1h cmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdp bi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRv O21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48c3BhbiBjbGFzcz0ibS03MjA2Nzc0NzI4MzQy MjIzMDM4Z21haWwtbTEyMzQwMzQ0MDQyMzkxMTQ1MjBhcHBsZS1zdHlsZS1zcGFuIj48c3BhbiBz dHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtIZWx2ZXRpY2EmcXVvdDss c2Fucy1zZXJpZjtjb2xvcjpibGFjayI+VGhhbmtzLDwvc3Bhbj48L3NwYW4+PG86cD48L286cD48 L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdp bi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFuIGNsYXNzPSJt LTcyMDY3NzQ3MjgzNDIyMjMwMzhnbWFpbC1tMTIzNDAzNDQwNDIzOTExNDUyMGFwcGxlLXN0eWxl LXNwYW4iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0hl bHZldGljYSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5CcmV0PC9zcGFuPjwvc3Bhbj48 bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNv LW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OC41cHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7VmVyZGFuYSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM3QzdDN0MiPlBH UCBGaW5nZXJwcmludDombmJzcDs2M0I0IEZDNTMgNjgwQSA2QjdEIDE0NDcgJm5ic3A7RjJDMCA3 NEY4IEFDQUUgNzQxNSAwMDUwPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1t YXJnaW4tYm90dG9tLWFsdDphdXRvIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjguMHB0O2ZvbnQt ZmFtaWx5OiZxdW90O1ZlcmRhbmEmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojN0M3QzdDIj4mcXVv dDtXaXRob3V0IGNyeXB0b2dyYXBoeSB2aWh2IHZpdmMgY2UgeGhybnJ3LCBob3dldmVyLCB0aGUg b25seSB0aGluZyB0aGF0IGNhbiBub3QgYmUgdW5zY3JhbWJsZWQgaXMgYW4NCiBlZ2cuJnF1b3Q7 PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8 L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1h cmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+ PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFy Z2luLXRvcDo1LjBwdDttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20t YWx0OmF1dG8iPi0tDQo8YnI+DQpDYWNhbyBtYWlsaW5nIGxpc3Q8YnI+DQo8YSBocmVmPSJtYWls dG86Q2FjYW9AaWV0Zi5vcmciIHRhcmdldD0iX2JsYW5rIj5DYWNhb0BpZXRmLm9yZzwvYT48YnI+ DQo8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2NhY2FvIiB0 YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9jYWNh bzwvYT48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdp bi1ib3R0b20tYWx0OmF1dG8iPi0tDQo8YnI+DQpDYWNhbyBtYWlsaW5nIGxpc3Q8YnI+DQo8YSBo cmVmPSJtYWlsdG86Q2FjYW9AaWV0Zi5vcmciIHRhcmdldD0iX2JsYW5rIj5DYWNhb0BpZXRmLm9y ZzwvYT48YnI+DQo8YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZv L2NhY2FvIiB0YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0 aW5mby9jYWNhbzwvYT48bzpwPjwvbzpwPjwvcD4NCjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJn aW4tYm90dG9tLWFsdDphdXRvIj48YnIgY2xlYXI9ImFsbCI+DQo8bzpwPjwvbzpwPjwvcD4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87 bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNv LW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPi0tDQo8bzpwPjwvbzpwPjwvcD4NCjxkaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21z by1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1h cmdpbi1ib3R0b20tYWx0OmF1dG8iPkJlc3QgcmVnYXJkcyw8bzpwPjwvbzpwPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6 YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+S2F0aGxlZW48bzpwPjwvbzpwPjwvcD4N CjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0K PC9kaXY+DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PGJyIGNsZWFyPSJhbGwiPg0KPG86cD48L286cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPi0tIDxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5CZXN0 IHJlZ2FyZHMsPG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj5LYXRobGVlbjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9k aXY+DQo8L2JvZHk+DQo8L2h0bWw+DQo= --_000_5f95ad0b6f3f4c54a5f1f32b11724534SVRM2EX2K13N05hscoopch_-- From nobody Wed Sep 19 11:07:10 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89C3D130E0A for ; Wed, 19 Sep 2018 11:07:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.998 X-Spam-Level: X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bLELadYIwBNf for ; Wed, 19 Sep 2018 11:07:06 -0700 (PDT) Received: from mail-oi0-x235.google.com (mail-oi0-x235.google.com [IPv6:2607:f8b0:4003:c06::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DC3712F1AC for ; Wed, 19 Sep 2018 11:07:06 -0700 (PDT) Received: by mail-oi0-x235.google.com with SMTP id r69-v6so5936521oie.3 for ; Wed, 19 Sep 2018 11:07:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4iDUS23dzLDi3kYUE9RArPZrum1PcTDz33aqIPQ+RK8=; b=cPSxDu/cpBOs4eZNFTOvJA1jm0kGKdwye/5igjNqkvL4zQQWG3JUkkRSHknA6xqe11 MzHkU7i59HD/40pC3v3vtuGhJc3BgPCo49VT1D6gF9gt404fyfH/r/PX6s46OKMGs7tv 5DZizbOVtDV5on2bHDjyc8h98nIPO3A5kBoiVKyVC6bbGY66tPCGwkSRBGsJgoBK+9ld O67Be1F2udntDc/1TJNEPnOkf/+5fntFNrnb6b1rWa0tM4X5yTsiZvoVUrtNbWmDE9yV d5N2w/rzUJeSuWrpsJfKhrKd952S6IvEuTsROCSSRTxTrAgh50cQo7bpl/n4Le75F9MM jkag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4iDUS23dzLDi3kYUE9RArPZrum1PcTDz33aqIPQ+RK8=; b=NaSmiTMgY/KueP9nNYiRmJUqkIUsoNezcAnDW2nNap8TATDNuYmKDY+gFt0rHHdXkZ +JgkmpWxeq7aDTts0yOlkC9+9dtUYljVkJ4clpwbls90j0qy8I19ICTU0nUotiY+Wqvj bRbO/sHqcONMKfL5KJDo0Kcv1OcAmeOMpKC2o2a0a0s69h7tKKaRJ+Ty4dKUNp7g7TQT n11Se9i62ISVwc7++TmO/VIT7xZ3Y09dzWrb4Qmd+1U6JOxvhiiBoCK2YhOBQKeMLKCy 3P8V3/FmQHDKRGi6KcSMCkUeR0lkxlx+0EV0TlT4wVHxheKXJyGXfJ6q3YGqPZpSA03h XLXg== X-Gm-Message-State: APzg51AyQNKFepQRpSgeQ5KEpUDezlv2u1ermPBF8sscZfr45F58Qw8G oITqvjyvtuPB/b7UYp3xwSl1oo/D3gbKjgYjGTX5yQ== X-Google-Smtp-Source: ANB0VdYQbZa1SIf4+qdCp4zfa0P5Cbnlu3I8v4pj5OcazW2pEK7obEV10cV33VX5+gXlTZ1bGueQjp9DFj4N6EQFdC4= X-Received: by 2002:aca:f488:: with SMTP id s130-v6mr2472612oih.269.1537380425548; Wed, 19 Sep 2018 11:07:05 -0700 (PDT) MIME-Version: 1.0 References: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> <7e942ab2e4024d7db4c45e30f39c97bd@SVRM2EX2K13N05.hs.coop.ch> <5f95ad0b6f3f4c54a5f1f32b11724534@SVRM2EX2K13N05.hs.coop.ch> In-Reply-To: <5f95ad0b6f3f4c54a5f1f32b11724534@SVRM2EX2K13N05.hs.coop.ch> From: Kathleen Moriarty Date: Wed, 19 Sep 2018 14:06:33 -0400 Message-ID: To: Carolin.Baumgartner@interdiscount.ch Cc: Barry Greene , cacao@ietf.org, Bret Jordan Content-Type: multipart/alternative; boundary="000000000000264b2205763d46ed" Archived-At: Subject: Re: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 18:07:09 -0000 --000000000000264b2205763d46ed Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello Carolin, Thanks for your efforts here. On Wed, Sep 19, 2018 at 10:26 AM wrote: > Hi Kathleen > > > > ok thanks for the feedback. I have a question to understand this part > better: " I'd be interested to see the requirements matched up against > what exists and what can be re-used or what can be a lesson learned as > well. IODEF carries the CoAs that used to be in RID and IODEF has a > nesting capability as well as a way to lay our the format to allow for > predicate logic, so analysis on that would be interesting as well. It ca= n > be used for chains of connected events/incidents. Understanding what > doesn't work for your new effort would help to understand why it's needed > and how it is better." > > > > Since the goals of both initiatives are different, I struggle a bit. > Technically we should always discuss what concepts work for which use cas= e. > Like for instance do we need an authentication somewhere or not, and we > don't re-invent the authentication. We check how it is usually done today= . > Is that what you are referring to when you mention the predicate logic et= c? > So, since MILE already worked on exchange formats for incidents even if > their goal was different, we might have similar formatting requirements > when we discuss the reactions to incidents? (just picking the formatting > example here). > The gap analysis may wind up just showing the gap, but I am hoping that there will be pieces of knowledge that can be gleaned from prior efforts. Your authentication example is good. There may be a need for it and the requirements may guide the selection of a solution that either works for both or that the new work has requirements (or technology evolved) that clearly show the need for something new. MILE protocols all support sharing formatted data, XML, JSON, etc. and are not restricted to IODEF. There are 3 protocols to look at and I would hope that some could be reused, or that similar patterns may be useful. Does that help? Thanks, Kathleen > > best regards > > Carolin > > > > *From:* Kathleen Moriarty [mailto:kathleen.moriarty.ietf@gmail.com] > *Sent:* Wednesday, September 19, 2018 4:11 PM > *To:* Baumgartner Carolin > *Cc:* Barry Greene ; cacao@ietf.org; Bret Jordan = < > jordan.ietf@gmail.com> > *Subject:* Re: [Cacao] Initial Problem Set > > > > Hi Carolin, > > > > Thanks for starting something to help! I think that could be a good > starting point. I'd be interested to see the requirements matched up > against what exists and what can be re-used or what can be a lesson learn= ed > as well. IODEF carries the CoAs that used to be in RID and IODEF has a > nesting capability as well as a way to lay our the format to allow for > predicate logic, so analysis on that would be interesting as well. It ca= n > be used for chains of connected events/incidents. Understanding what > doesn't work for your new effort would help to understand why it's needed > and how it is better. > > > > Then for RID, there is lots that is met in the requirement list that was > sent out and some requirements that I suggested (there are more) that wer= e > learned from time and experience on essentially the same problem. > > > > Barry - understanding more on your work and the Cisco products mentioned > would be helpful too. If standards were used or not and what can be > integrated into this effort or what can be a lesson learned to improve fo= r > this effort. > > > > This will be very helpful for a BoF to be successful. You'll get deraile= d > otherwise. > > > > Thank you, > > Kathleen > > > > On Wed, Sep 19, 2018 at 4:31 AM > wrote: > > Hi Bret, Kathleen > > > > would that be something that could work as some kind of gap analysis? > https://github.com/clatze/ietf/blob/master/CACAO-gap-FAQ.md . It is no > real gap analysis, this FAQ would rather highlight the differences. I jus= t > took two samples to show how that could look like and if that is what cou= ld > be helpful. We could also include comments here like=E2=80=A6 "CACAO make= s use of > XY to achieve its goal". > > > > best regards > Carolin > > > > *From:* Cacao [mailto:cacao-bounces@ietf.org] *On Behalf Of *Kathleen > Moriarty > *Sent:* Wednesday, September 19, 2018 4:06 AM > *To:* Barry Greene > *Cc:* cacao@ietf.org; Bret Jordan > *Subject:* Re: [Cacao] Initial Problem Set > > > > Hi Bret, > > > > > > > > On Tue, Sep 18, 2018 at 6:35 PM Barry Greene > wrote: > > Hi Bret, > > > > What you have below was done in Cisco=E2=80=99s TIDP/TMS architecture.. > > > > Barry > > > On Sep 18, 2018, at 23:49, Bret Jordan > wrote: > > All, > > > > I wanted to start some discussion on some of the initial problems (not > all) that we have already identified that need to be solved with this typ= e > of solution. Some of the solutions to these will have elements we can > borrow from other work. Also, keep in mind all of this needs to work in > native JSON.. > > > > 1. Need the ability to document a single command > > > 1. Human executed commands > 2. Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, > NETCONF, YANG, etc) > 3. What device or system does the command target (DesktopOS 10 at > IP address 10.0.0.2, Firewall BAR at 192.168.0..2) > 4. What class of devices or systems does the command target > (DesktopOS 10 at patch level 4, Firewall FOO ver 10) > > Additional data classes of IODEF, also the SCI extension. > > https://tools.ietf.org/html/rfc7970 > > > 1. Need the ability to document a chain of commands > > > 1. Need to know if there is temporal logic or conditional logic > associated between commands > 2. Need to know if commands are sequenced or if they can be run in > parallel > 3. Need to know if there are fall through or fail-to-next commands > 4. Need tracking to know how to back out commands that fail and how > far up the tree you need to back out on failure > > > > Take a look at the MILE work more closely, there are lessons learned as > much of this has been done. Even if you don't want to use the work, ther= e > 's no reason to have us all debate the same things again rather than buil= d > from experience. > > IODEF predicate logic: It's simple and more compact. > > https://tools.ietf.org/html/rfc8274#page-7 > > > > > 1. Need ability to provide Digital signatures at the command, the > command chain (tree), and COA Project levels > > > 1. These digital signatures need to be included in the payload > themselves > 2. Need to be able to sign a section or part of the JSON text data > 3. They need to be in parallel and in series. Meaning, a command > may individually be signed by more than one people. The command an= d a > signature may also be signed multiple times in series. > > > 1. Example: Company X that makes DesktopOS 10 signs a command that > says it will resolve malware Z on DesktopOS 10 patch version 4. = Big Bank > Foo may then sign that (command + Company sig) and say they have= verified > it and it works. Some ISAC may then sign that (command + Company= sig + Big > Bank Foo sig) and then send it out to their eco-system > > > 1. Signatures need ability to identify what assertions someone is > making. > > > 1. We need to know what the types of assertions should be (it works, > it has been verified, it has been reviewed, it may work, it seem= s to work, > etc) > > You also need to consider origin authentication and multi-hop > authentication. There was a lot of work that went into the requirements > analysis across areas of the IETF as not to make RID and other MILE > protocols specific to incidents or even XML. > > https://tools.ietf.org/html/rfc6545 > > > > Yes, this is XML and you want JSON, using JOSE, I presume. Still, the ga= p > analysis I think will be quite useful as I think you are missing > requirements we already came up against. It will speed your work up to > leverage existing work. > > > 1. Need ability to get responses at the individual command level, the > chain of commands level, and the COA Project level. > > > 1. Need to identify the types of responses that can be returned and > what are the types of command codes / response codes that should be= returned > 2. Need to identify and have negotiation between systems if the > responses should be pushed or pulled. > 3. Need to know how the individual response can impact the next > steps in the chain. > > > > You also need to consider internationalization, which has already been > done in the MILE work. This level of detail helps a lot for > interoperability. There were 3 interoperable implementations of RID, so > testing was done, lessons can be learned. I'm not sure how may IODEF > implementations there were/are, but many more than that. > > > > Once again, please do the gap analysis to save us all time. There are > other MILE documents that may be useful, they can be found off the > documents link of the charter page. ROLIE and XMPP Grid were also design= ed > to work with any format and I believe are more flexible than RID, so ther= e > is much that can be gleaned from these efforts as well as the DOTS work. > > > > Best regards, > > Kathleen > > > > Things we already know how to do.. We know how to make this work in a > graph, we know how to make this work with versioning, we know how to tie > these to existing Cyber Threat Intelligence. > > > > > > Thanks, > > Bret > > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > -- > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao > > > > > -- > > > > Best regards, > > Kathleen > > > > > -- > > > > Best regards, > > Kathleen > --=20 Best regards, Kathleen --000000000000264b2205763d46ed Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello Carolin,

Thanks for your efforts = here.

On Wed, Sep= 19, 2018 at 10:26 AM <Carolin.Baumgartner@interdiscount.ch> wrote:

Hi Kathleen

=C2=A0

ok thanks for the feedba= ck. I have a question to understand this part better: " I'd be interested to see the require= ments matched up against what exists and what can be re-used or what can be= a lesson learned as well.=C2=A0 IODEF carries the CoAs that used to be in RID and IODEF has a nesting capa= bility as well as a way to lay our the format to allow for predicate logic,= so analysis on that would be interesting as well.=C2=A0 It can be used for= chains of connected events/incidents.=C2=A0 Understanding what doesn't work for your new effort would help to unde= rstand why it's needed and how it is better."=

=C2=A0

Since the goals of both = initiatives are different, I struggle a bit. Technically we should always d= iscuss what concepts work for which use case. Like for instance do we need an authentication so= mewhere or not, and we don't re-invent the authentication. We check how= it is usually done today. Is that what you are referring to when you menti= on the predicate logic etc? So, since MILE already worked on exchange formats for incidents even if their goal w= as different, we might have similar formatting requirements when we discuss= the reactions to incidents? (just picking the formatting example here).


The gap analysis may w= ind up just showing the gap, but I am hoping that there will be pieces of k= nowledge that can be gleaned from prior efforts.=C2=A0 =C2=A0Your authentic= ation example is good.=C2=A0 There may be a need for it and the requirement= s may guide the selection of a solution that either works for both or that = the new work has requirements (or technology evolved) that clearly show the= need for something new.=C2=A0=C2=A0

MILE protocol= s all support sharing formatted data, XML, JSON, etc. and are not restricte= d to IODEF.=C2=A0 There are 3 protocols to look at and I would hope that so= me could be reused, or that similar patterns may be useful.

<= /div>
Does that help?

Thanks,
Kathle= en


<= /u>

=C2=A0

best regards

Carolin

=C2=A0

From: = Kathleen Moriarty [mailto:kathleen.moriarty.ietf@gmail.com]
Sent: Wednesday, September 19, 2018 4:11 PM
To: Baumgartner Carolin <Carolin.Baumgartner@interdiscount.ch&= gt;
Cc: Barry Greene <barryrgreene@gmail.com>; cacao@ietf.org; Bret Jordan <jordan.ietf@gmail.com>
Subject: Re: [Cacao] Initial Problem Set

=C2=A0

Hi Carolin,

=C2=A0

Thanks for starting something to help!=C2=A0 I think= that could be a good starting point.=C2=A0 I'd be interested to see th= e requirements matched up against what exists and what can be re-used or wh= at can be a lesson learned as well.=C2=A0 IODEF carries the CoAs that used to be in RID and IODEF has a nesting capability as well= as a way to lay our the format to allow for predicate logic, so analysis o= n that would be interesting as well.=C2=A0 It can be used for chains of con= nected events/incidents.=C2=A0 Understanding what doesn't work for your new effort would help to understand why it&= #39;s needed and how it is better.

=C2=A0

Then for RID, there is lots that is met in the requi= rement list that was sent out and some requirements that I suggested (there= are more) that were learned from time and experience on essentially the sa= me problem.

=C2=A0

Barry - understanding more on your work and the Cisc= o products mentioned would be helpful too.=C2=A0 If standards were used or = not and what can be integrated into this effort or what can be a lesson lea= rned to improve for this effort.

=C2=A0

This will be very helpful for a BoF to be successful= .=C2=A0 You'll get derailed otherwise.

=C2=A0

Thank you,

Kathleen

=C2=A0

On Wed, Sep 19, 2018 at 4:31 AM <Carolin.Baumgartn= er@interdiscount.ch> wrote:

Hi Bret, Kathleen<= /p>

=C2=A0

would that be something = that could work as some kind of gap analysis? https://github.com/clatze/ietf/blob/master/CACAO-gap-FAQ.md . It is no = real gap analysis, this FAQ would rather highlight the differences. I just = took two samples to show how that could look like and if that is what could= be helpful. We could also include comments here like=E2=80=A6 "CACAO makes use of XY to achieve its goa= l".

=C2=A0<= /u>

best regards
Carolin

=C2=A0<= /u>

From: = Cacao [mailto:cacao-= bounces@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Wednesday, September 19, 2018 4:06 AM
To: Barry Greene <barryrgreene@gmail.com>
Cc: cacao@ietf.o= rg; Bret Jordan <jordan.ietf@gmail.com>
Subject: Re: [Cacao] Initial Problem Set

=C2=A0

Hi Bret,

=C2=A0

=C2=A0

=C2=A0

On Tue, Sep 18, 2018 at 6:35 PM Barry Greene <barryrgreene@gmail= .com> wrote:

Hi Bret,

=C2=A0

What you have below was done in Cisco=E2=80=99s TIDP= /TMS architecture..=C2=A0

=C2=A0

Barry


On Sep 18, 2018, at 23:49, Bret Jordan <jordan.ietf@gmail.com> wrote:<= /u>

All,

=C2=A0

I wanted to start some discussion on some of the ini= tial problems (not all) that we have already identified that need to be sol= ved with this type of solution. Some of the solutions to these will have elements we can borrow from other work. Also, keep in m= ind all of this needs to work in native JSON..

=C2=A0

  1. Need the ability to document a single command
    1. Human executed commands
    2. Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, NETCONF, YA= NG, etc)
    3. What device or system does the command target (DesktopOS 10 at IP address 1= 0.0.0.2, Firewall BAR at 192.168.0..2)
    4. What class of devices or systems does the command target (DesktopOS 10 at p= atch level 4, Firewall FOO ver 10)

Additional data classes of IODEF, also the SCI exten= sion.

  1. Need the ability to document a chain of commands
    1. Need to know if there is temporal logic or conditional logic associated bet= ween commands
    2. Need to know if commands are sequenced or if they can be run in parallel=
    3. Need to know if there are fall through or fail-to-next commands
    4. Need tracking to know how to back out commands that fail and how far up the= tree you need to back out on failure=C2=A0

=C2=A0

Take a look at the MILE work more closely, there are= lessons learned as much of this has been done.=C2=A0 Even if you don't= want to use the work, there 's no reason to have us all debate the same things again rather than build from experience.

IODEF predicate logic:=C2=A0 It's simple and mor= e compact.

=C2=A0

  1. Need ability to provide Digital signatures at the command, the command chai= n (tree), and COA Project levels
    1. These digital signatures need to be included in the payload themselves
    2. Need to be able to sign a section or part of the JSON text data
    3. They need to be in parallel and in series. Meaning, a command may individua= lly be signed by more than one people.=C2=A0 The command and a signature ma= y also be signed multiple times in series.
      1. Example: Company X that makes DesktopOS 10 signs a command that says it wil= l resolve malware Z on DesktopOS 10 patch version 4. Big Bank Foo may then = sign that (command + Company sig) and say they have verified it and it work= s. Some ISAC may then sign that (command + Company sig + Big Bank Foo sig) and then send it out to their e= co-system
    1. Signatures need ability to identify what assertions someone is making. =C2= =A0
      1. We need to know what the types of assertions should be (it works, it has be= en verified, it has been reviewed, it may work, it seems to work, etc)

You also need to consider origin authentication and = multi-hop authentication.=C2=A0 There was a lot of work that went into the = requirements analysis across areas of the IETF as not to make RID and other MILE protocols specific to incidents or even XML.

=C2=A0

Yes, this is XML and you want JSON, using JOSE, I pr= esume.=C2=A0 Still, the gap analysis I think will be quite useful as I thin= k you are missing requirements we already came up against.=C2=A0 It will speed your work up to leverage existing work.

  1. Need ability to get responses at the individual command level, the chain of= commands level, and the COA Project level.=C2=A0
    1. Need to identify the types of responses that can be returned=C2=A0and what = are the types of command codes / response codes that should be returned<= /u>
    2. Need to identify and have negotiation between systems if the responses shou= ld be pushed or pulled.
    3. Need to know how the individual response can impact the next steps in the c= hain.

=C2=A0

You also need to consider internationalization, whic= h has already been done in the MILE work.=C2=A0 This level of detail helps = a lot for interoperability. There were 3 interoperable implementations of RID, so testing was done, lessons can be learned.=C2=A0= I'm not sure how may IODEF implementations there were/are, but many mo= re than that.

=C2=A0

Once again, please do the gap analysis to save us al= l time.=C2=A0 There are other MILE documents that may be useful, they can b= e found off the documents link of the charter page.=C2=A0 ROLIE and XMPP Grid were also designed to work with any format and I believe are= more flexible than RID, so there is much that can be gleaned from these ef= forts as well as the DOTS work.

=C2=A0

Best regards,

Kathleen

=C2=A0

Things we already know how to do.. We know how to ma= ke this work in a graph, we know how to make this work with versioning, we = know how to tie these to existing Cyber Threat Intelligence. =C2=A0

=C2=A0

=C2=A0

Thanks,

Bret

PGP Fingerprint:=C2=A063B4 FC53 680A 6= B7D 1447 =C2=A0F2C0 74F8 ACAE 7415 0050

"Without cryptography vihv vivc c= e xhrnrw, however, the only thing that can not be unscrambled is an egg."

=C2=A0

--
Cacao mailing list
Cacao@ietf.org
h= ttps://www.ietf.org/mailman/listinfo/cacao


=C2=A0

--

=C2=A0

Best regards,

Kathleen


=C2=A0

--

=C2=A0

Best regards,

Kathleen



--

Best regards,
Kathleen
--000000000000264b2205763d46ed-- From nobody Wed Sep 19 11:52:24 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F828130E9C for ; Wed, 19 Sep 2018 11:52:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CRDbZeAge47 for ; Wed, 19 Sep 2018 11:52:17 -0700 (PDT) Received: from mail-yb1-xb33.google.com (mail-yb1-xb33.google.com [IPv6:2607:f8b0:4864:20::b33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F567130E95 for ; Wed, 19 Sep 2018 11:52:16 -0700 (PDT) Received: by mail-yb1-xb33.google.com with SMTP id 184-v6so2841913ybg.1 for ; Wed, 19 Sep 2018 11:52:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=qXoetkKyaGTFmHP5ttp1y7ViCIO96oy9ji7nf2KCiUM=; b=Atxsp+WgzVAjNRRaxirPeG6yBHwUq6vbVl7b3zEtuRDT2slxAvSqGlJ65+s6cLhKPZ y8+qjvmIljotTxeMWh8hFq8jy1BuvfktNO8mClWejC+km+LVWwIQYsVL+pjQi1VRadw1 xN7W0JBsOsY2sM6gE+jsOyX750nwezJzam/X+ae5A72iKZlU9ir6MiLUdsYOyq7dClOY /gsJ1arMqWZIAp6l+/zDHwWJA1tvsYN6IvG3LAjkd5ogbcQjRxliiAYQMiqKrL6w3cLX kThSNJknXeZIqcqm/aaod+o+j+O9ZhNW5VH3eLH9OiesXTrSAuFbyXz+rKLK/NUOYOoj pazg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=qXoetkKyaGTFmHP5ttp1y7ViCIO96oy9ji7nf2KCiUM=; b=E+YQnrQEDjO2fTggN+5MD+iXKRS6PCo7vHQoo/x2DZFuPMGXnbLKdH1hrszd6mHIZY w6vbngg2g/F3ubPdODiY8g/2qezI97tRNtTZMOHVceIcxy+grWuLIwdBLn/mHHYx9fLz pZBWqK8BdtkDc8mbvTyW2mtJFM4FvSzDinGKpDElHkRUwLVwVMbD3wBfpcy3cJiR/R2Z biR4GixOjjQ8iA/hZkkZceyNKhyz2EsODLmCxkOZrpfK5NdeSvrotc6Uil6FSmAgBqPm /SONT+SDsWnsD9qoSsJUdIVw0PQhVzKiEoZTna7rg7ib+mOJnTkurRm0OOcc247RKsA7 erRQ== X-Gm-Message-State: APzg51Covj+z5SL0jb0EFQSz8BO8IKXYQdUYNrdTQDQOds7XcgZnIW3V KJh85aavx7c2CZ5IlViQbM4= X-Google-Smtp-Source: ANB0VdZc2IkwL/Ah4zkW2T7tPrFmUP32tqdegJCk9/4TkubsQchzKXiKWAzP2pXckSsY9yvL6mtnzw== X-Received: by 2002:a25:fc21:: with SMTP id v33-v6mr15977589ybd.276.1537383133546; Wed, 19 Sep 2018 11:52:13 -0700 (PDT) Received: from ?IPv6:2605:a601:3260:266:3c65:82e1:b1ec:9705? ([2605:a601:3260:266:3c65:82e1:b1ec:9705]) by smtp.gmail.com with ESMTPSA id y188-v6sm2249425ywe.2.2018.09.19.11.52.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 19 Sep 2018 11:52:12 -0700 (PDT) From: Bret Jordan Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_5695365F-ED48-48A1-9255-DFEF5622B2F4" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Wed, 19 Sep 2018 12:52:09 -0600 In-Reply-To: Cc: Carolin.Baumgartner@interdiscount.ch, Barry Greene , cacao@ietf.org To: Kathleen Moriarty References: <8C378072-1F76-47B5-A526-AD243E57CE6D@gmail.com> <7e942ab2e4024d7db4c45e30f39c97bd@SVRM2EX2K13N05.hs.coop.ch> <5f95ad0b6f3f4c54a5f1f32b11724534@SVRM2EX2K13N05.hs.coop.ch> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: Re: [Cacao] Initial Problem Set X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 18:52:23 -0000 --Apple-Mail=_5695365F-ED48-48A1-9255-DFEF5622B2F4 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 I agree and hope we can borrow elements, concepts, ideas from other = work, not just work here in the IETF. The way I like to approach = problems like this is to break them up in to phases. The first of which = is the concept phase. Its purpose is to iterate out a list of = requirements and problems we need to solve that are tightly scoped to = the project at hand.=20 To this end, I have I sent a very short list of initial problems to the = list a few days ago and a draft last week. The draft contains a few high = level requirements. These lists are not complete and not even the full = list that we have worked through prior to uploading the draft. But it = was meant as a starting point. My hope is that it would foster dialog = and communication like =E2=80=9Cwhy is X a requirement, how do you plan = on solving X, have you thought about problem Y, what about use-case W or = requirement Z=E2=80=9D.=20 Once we have our concept phase done and fleshed out, I would like us to = do a lit-review of prior work (even though most of us have already read = all of these existing work products) to help us understand what has been = done before and what can be reused. Some of us may just be able to point = certain requirements at certain sections of existing work, which will be = fantastic.=20 Doing this will help us do two things: 1) It helps ensure that we do not artificially box ourselves in to a = design just because there was something done similar or tangential in = the past. 2) It helps ensure that we do not forget anything and ensures that we = take advantage of lessons learned or really neat design elements from = other work. After this review phase we would work our way in to design where we will = iron out all of the bumps and ridges and ensure that we are not creating = a Frankenstein. Some really cool designs may not be harmonious with our = direction or other design elements. In those cases we need to pick and = choose or redesign them. There has been a lot of great work done here in the IETF, other SDOs, = and industry in the past. We need to learn from that work and borrow = great design elements from as many of them as we can. But we also need = to keep in mind that a complete solution to the problems identified in = the CACAO Introduction draft is not currently available and there is no = standardized solution used en mass by industry. Several vendors have = their own solutions to this problem, but those only work within the = confines of their products. We need to bridge the divide between treat = hunters, threat defenders, vendor solutions, etc. This is the reason why = we are working on this. =20 Any work like this does require vast vendor adoption and buy-in and a = lot of SMEs from industry. So as this work continues and grows, it is = paramount that we engage with industry to help ensure that this works = meets their requirements and that industry can and will adopt it. If = they can not or will not adopt it, then we need to just stop work. There = is no reason to create something that is not going to get adopted en = mass.=20 Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." > On Sep 19, 2018, at 12:06 PM, Kathleen Moriarty = wrote: >=20 > Hello Carolin, >=20 > Thanks for your efforts here. >=20 > On Wed, Sep 19, 2018 at 10:26 AM > wrote: > Hi Kathleen >=20 > =20 >=20 > ok thanks for the feedback. I have a question to understand this part = better: " I'd be interested to see the requirements matched up against = what exists and what can be re-used or what can be a lesson learned as = well. IODEF carries the CoAs that used to be in RID and IODEF has a = nesting capability as well as a way to lay our the format to allow for = predicate logic, so analysis on that would be interesting as well. It = can be used for chains of connected events/incidents. Understanding = what doesn't work for your new effort would help to understand why it's = needed and how it is better." >=20 > =20 >=20 > Since the goals of both initiatives are different, I struggle a bit. = Technically we should always discuss what concepts work for which use = case. Like for instance do we need an authentication somewhere or not, = and we don't re-invent the authentication. We check how it is usually = done today. Is that what you are referring to when you mention the = predicate logic etc? So, since MILE already worked on exchange formats = for incidents even if their goal was different, we might have similar = formatting requirements when we discuss the reactions to incidents? = (just picking the formatting example here). >=20 >=20 > The gap analysis may wind up just showing the gap, but I am hoping = that there will be pieces of knowledge that can be gleaned from prior = efforts. Your authentication example is good. There may be a need for = it and the requirements may guide the selection of a solution that = either works for both or that the new work has requirements (or = technology evolved) that clearly show the need for something new. =20 >=20 > MILE protocols all support sharing formatted data, XML, JSON, etc. and = are not restricted to IODEF. There are 3 protocols to look at and I = would hope that some could be reused, or that similar patterns may be = useful. >=20 > Does that help? >=20 > Thanks, > Kathleen >=20 >=20 >=20 > =20 >=20 > best regards >=20 > Carolin >=20 > =20 >=20 > From: Kathleen Moriarty [mailto:kathleen.moriarty.ietf@gmail.com = ]=20 > Sent: Wednesday, September 19, 2018 4:11 PM > To: Baumgartner Carolin > > Cc: Barry Greene >; cacao@ietf.org = ; Bret Jordan > > Subject: Re: [Cacao] Initial Problem Set >=20 > =20 >=20 > Hi Carolin, >=20 > =20 >=20 > Thanks for starting something to help! I think that could be a good = starting point. I'd be interested to see the requirements matched up = against what exists and what can be re-used or what can be a lesson = learned as well. IODEF carries the CoAs that used to be in RID and = IODEF has a nesting capability as well as a way to lay our the format to = allow for predicate logic, so analysis on that would be interesting as = well. It can be used for chains of connected events/incidents. = Understanding what doesn't work for your new effort would help to = understand why it's needed and how it is better. >=20 > =20 >=20 > Then for RID, there is lots that is met in the requirement list that = was sent out and some requirements that I suggested (there are more) = that were learned from time and experience on essentially the same = problem. >=20 > =20 >=20 > Barry - understanding more on your work and the Cisco products = mentioned would be helpful too. If standards were used or not and what = can be integrated into this effort or what can be a lesson learned to = improve for this effort. >=20 > =20 >=20 > This will be very helpful for a BoF to be successful. You'll get = derailed otherwise. >=20 > =20 >=20 > Thank you, >=20 > Kathleen >=20 > =20 >=20 > On Wed, Sep 19, 2018 at 4:31 AM > wrote: >=20 > Hi Bret, Kathleen >=20 > =20 >=20 > would that be something that could work as some kind of gap analysis? = https://github.com/clatze/ietf/blob/master/CACAO-gap-FAQ.md = . It is no = real gap analysis, this FAQ would rather highlight the differences. I = just took two samples to show how that could look like and if that is = what could be helpful. We could also include comments here like=E2=80=A6 = "CACAO makes use of XY to achieve its goal". >=20 > =20 >=20 > best regards > Carolin >=20 > =20 >=20 > From: Cacao [mailto:cacao-bounces@ietf.org = ] On Behalf Of Kathleen Moriarty > Sent: Wednesday, September 19, 2018 4:06 AM > To: Barry Greene > > Cc: cacao@ietf.org ; Bret Jordan = > > Subject: Re: [Cacao] Initial Problem Set >=20 > =20 >=20 > Hi Bret, >=20 > =20 >=20 > =20 >=20 > =20 >=20 > On Tue, Sep 18, 2018 at 6:35 PM Barry Greene > wrote: >=20 > Hi Bret, >=20 > =20 >=20 > What you have below was done in Cisco=E2=80=99s TIDP/TMS = architecture..=20 >=20 > =20 >=20 > Barry >=20 >=20 > On Sep 18, 2018, at 23:49, Bret Jordan > wrote: >=20 > All, >=20 > =20 >=20 > I wanted to start some discussion on some of the initial problems (not = all) that we have already identified that need to be solved with this = type of solution. Some of the solutions to these will have elements we = can borrow from other work. Also, keep in mind all of this needs to work = in native JSON.. >=20 > =20 >=20 > Need the ability to document a single command > Human executed commands > Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, = NETCONF, YANG, etc) > What device or system does the command target (DesktopOS 10 at IP = address 10.0.0.2, Firewall BAR at 192.168.0..2) > What class of devices or systems does the command target (DesktopOS 10 = at patch level 4, Firewall FOO ver 10) > Additional data classes of IODEF, also the SCI extension. >=20 > https://tools.ietf.org/html/rfc7970 = > Need the ability to document a chain of commands > Need to know if there is temporal logic or conditional logic = associated between commands > Need to know if commands are sequenced or if they can be run in = parallel > Need to know if there are fall through or fail-to-next commands > Need tracking to know how to back out commands that fail and how far = up the tree you need to back out on failure=20 > =20 >=20 > Take a look at the MILE work more closely, there are lessons learned = as much of this has been done. Even if you don't want to use the work, = there 's no reason to have us all debate the same things again rather = than build from experience. >=20 > IODEF predicate logic: It's simple and more compact. >=20 > https://tools.ietf.org/html/rfc8274#page-7 = > =20 >=20 > Need ability to provide Digital signatures at the command, the command = chain (tree), and COA Project levels > These digital signatures need to be included in the payload themselves > Need to be able to sign a section or part of the JSON text data > They need to be in parallel and in series. Meaning, a command may = individually be signed by more than one people. The command and a = signature may also be signed multiple times in series. > Example: Company X that makes DesktopOS 10 signs a command that says = it will resolve malware Z on DesktopOS 10 patch version 4. Big Bank Foo = may then sign that (command + Company sig) and say they have verified it = and it works. Some ISAC may then sign that (command + Company sig + Big = Bank Foo sig) and then send it out to their eco-system > Signatures need ability to identify what assertions someone is making. = =20 > We need to know what the types of assertions should be (it works, it = has been verified, it has been reviewed, it may work, it seems to work, = etc) > You also need to consider origin authentication and multi-hop = authentication. There was a lot of work that went into the requirements = analysis across areas of the IETF as not to make RID and other MILE = protocols specific to incidents or even XML. >=20 > https://tools.ietf.org/html/rfc6545 = =20 >=20 > =20 >=20 > Yes, this is XML and you want JSON, using JOSE, I presume. Still, the = gap analysis I think will be quite useful as I think you are missing = requirements we already came up against. It will speed your work up to = leverage existing work. >=20 > Need ability to get responses at the individual command level, the = chain of commands level, and the COA Project level.=20 > Need to identify the types of responses that can be returned and what = are the types of command codes / response codes that should be returned > Need to identify and have negotiation between systems if the responses = should be pushed or pulled. > Need to know how the individual response can impact the next steps in = the chain. > =20 >=20 > You also need to consider internationalization, which has already been = done in the MILE work. This level of detail helps a lot for = interoperability. There were 3 interoperable implementations of RID, so = testing was done, lessons can be learned. I'm not sure how may IODEF = implementations there were/are, but many more than that. >=20 > =20 >=20 > Once again, please do the gap analysis to save us all time. There are = other MILE documents that may be useful, they can be found off the = documents link of the charter page. ROLIE and XMPP Grid were also = designed to work with any format and I believe are more flexible than = RID, so there is much that can be gleaned from these efforts as well as = the DOTS work. >=20 > =20 >=20 > Best regards, >=20 > Kathleen >=20 > =20 >=20 > Things we already know how to do.. We know how to make this work in a = graph, we know how to make this work with versioning, we know how to tie = these to existing Cyber Threat Intelligence. =20 >=20 > =20 >=20 > =20 >=20 > Thanks, >=20 > Bret >=20 > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 >=20 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing = that can not be unscrambled is an egg." >=20 > =20 >=20 > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao = > --=20 > Cacao mailing list > Cacao@ietf.org > https://www.ietf.org/mailman/listinfo/cacao = >=20 > =20 >=20 > -- >=20 > =20 >=20 > Best regards, >=20 > Kathleen >=20 >=20 >=20 > =20 >=20 > -- >=20 > =20 >=20 > Best regards, >=20 > Kathleen >=20 >=20 >=20 > --=20 >=20 > Best regards, > Kathleen --Apple-Mail=_5695365F-ED48-48A1-9255-DFEF5622B2F4 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 I = agree and hope we can borrow elements, concepts, ideas from other work, = not just work here in the IETF.  The way I like to approach = problems like this is to break them up in to phases. The first of which = is the concept phase. Its purpose is to iterate out a list of = requirements and problems we need to solve that are tightly scoped to = the project at hand. 

To this end, I have I sent a very short list of initial = problems to the list a few days ago and a draft last week. The draft = contains a few high level requirements. These lists are not complete and = not even the full list that we have worked through prior to uploading = the draft. But it was meant as a starting point. My hope is that it = would foster dialog and communication like =E2=80=9Cwhy is X a = requirement, how do you plan on solving X, have you thought about = problem Y, what about use-case W or requirement Z=E2=80=9D. 

Once we have our concept = phase done and fleshed out, I would like us to do a lit-review of prior = work (even though most of us have already read all of these existing = work products) to help us understand what has been done before and what = can be reused. Some of us may just be able to point certain requirements = at certain sections of existing work, which will be = fantastic. 

Doing this will help us do two things:
1) It helps ensure that we do not = artificially box ourselves in to a design just because there was = something done similar or tangential in the past.
2) It helps ensure that we do not = forget anything and ensures that we take advantage of lessons learned or = really neat design elements from other work.

After this review phase we would work = our way in to design where we will iron out all of the bumps and ridges = and ensure that we are not creating a Frankenstein.  Some really = cool designs may not be harmonious with our direction or other design = elements. In those cases we need to pick and choose or redesign = them.

There = has been a lot of great work done here in the IETF, other SDOs, and = industry in the past. We need to learn from that work and borrow great = design elements from as many of them as we can.  But we also need = to keep in mind that a complete solution to the problems identified in = the CACAO Introduction draft is not currently available and there is no = standardized solution used en mass by industry. Several vendors have = their own solutions to this problem, but those only work within the = confines of their products. We need to bridge the divide between treat = hunters, threat defenders, vendor solutions, etc. This is the reason why = we are working on this.  

Any work like this does require vast = vendor adoption and buy-in and a lot of SMEs from industry. So as this = work continues and grows, it is paramount that we engage with industry = to help ensure that this works meets their requirements and that = industry can and will adopt it. If they can not or will not adopt it, = then we need to just stop work. There is no reason to create something = that is not going to get adopted en mass. 


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

On Sep 19, 2018, at 12:06 PM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote:

Hello Carolin,

Thanks for your efforts here.

On = Wed, Sep 19, 2018 at 10:26 AM <Carolin.Baumgartner@interdiscount.ch> wrote:

Hi Kathleen

 

ok thanks for the feedback. I have a question to = understand this part better: " I'd be interested to see the requirements matched up = against what exists and what can be re-used or what can be a lesson = learned as well.  IODEF carries the CoAs that used to be in RID and IODEF has a nesting = capability as well as a way to lay our the format to allow for predicate = logic, so analysis on that would be interesting as well.  It can be = used for chains of connected events/incidents.  Understanding what doesn't work for your new effort would help to = understand why it's needed and how it is better."

 

Since the goals of both initiatives are different, I = struggle a bit. Technically we should always discuss what concepts work for which use case. Like for instance do we need an authentication = somewhere or not, and we don't re-invent the authentication. We check = how it is usually done today. Is that what you are referring to when you = mention the predicate logic etc? So, since MILE already worked on exchange formats for incidents even if their = goal was different, we might have similar formatting requirements when = we discuss the reactions to incidents? (just picking the formatting = example here).


The gap analysis may wind up just = showing the gap, but I am hoping that there will be pieces of knowledge = that can be gleaned from prior efforts.   Your authentication = example is good.  There may be a need for it and the requirements = may guide the selection of a solution that either works for both or that = the new work has requirements (or technology evolved) that clearly show = the need for something new.  

MILE protocols all support sharing = formatted data, XML, JSON, etc. and are not restricted to IODEF.  = There are 3 protocols to look at and I would hope that some could be = reused, or that similar patterns may be useful.

Does that help?

Thanks,
Kathleen


 

best regards

Carolin

 

From: Kathleen Moriarty [mailto:kathleen.moriarty.ietf@gmail.com]
Sent: Wednesday, September 19, 2018 4:11 PM
To: Baumgartner Carolin <Carolin.Baumgartner@interdiscount.ch>
Cc: Barry Greene <barryrgreene@gmail.com>; cacao@ietf.org; Bret Jordan <jordan.ietf@gmail.com>
Subject: Re: [Cacao] Initial Problem Set

 

Hi Carolin,

 

Thanks for starting something to = help!  I think that could be a good starting point.  I'd be = interested to see the requirements matched up against what exists and = what can be re-used or what can be a lesson learned as well.  IODEF = carries the CoAs that used to be in RID and IODEF has a nesting capability as = well as a way to lay our the format to allow for predicate logic, so = analysis on that would be interesting as well.  It can be used for = chains of connected events/incidents.  Understanding what doesn't work for your new effort would help to understand why it's = needed and how it is better.

 

Then for RID, there is lots that = is met in the requirement list that was sent out and some requirements = that I suggested (there are more) that were learned from time and = experience on essentially the same problem.

 

Barry - understanding more on = your work and the Cisco products mentioned would be helpful too.  = If standards were used or not and what can be integrated into this = effort or what can be a lesson learned to improve for this effort.

 

This will be very helpful for a = BoF to be successful.  You'll get derailed otherwise.

 

Thank you,

Kathleen

 

On Wed, Sep 19, 2018 at 4:31 AM = <Carolin.Baumgartner@interdiscount.ch> = wrote:

Hi Bret, Kathleen

 

would that be something that could work as some kind = of gap analysis? https://github.com/clatze/ietf/blob/master/CACAO-gap-FAQ.md . It is = no real gap analysis, this FAQ would rather highlight the differences. I = just took two samples to show how that could look like and if that is = what could be helpful. We could also include comments here like=E2=80=A6 "CACAO makes use of XY to achieve its = goal".

 

best regards
Carolin

 

From: Cacao [mailto:cacao-bounces@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Wednesday, September 19, 2018 4:06 AM
To: Barry Greene <barryrgreene@gmail.com>
Cc: cacao@ietf.org; Bret Jordan <jordan.ietf@gmail.com>
Subject: Re: [Cacao] Initial Problem Set

 

Hi Bret,

 

 

 

On Tue, Sep 18, 2018 at 6:35 PM = Barry Greene <barryrgreene@gmail.com> wrote:

Hi Bret,

 

What you have below was done in = Cisco=E2=80=99s TIDP/TMS architecture.. 

 

Barry


On Sep 18, 2018, at 23:49, Bret Jordan <jordan.ietf@gmail.com> wrote:

All,

 

I wanted to start some discussion = on some of the initial problems (not all) that we have already = identified that need to be solved with this type of solution. Some of = the solutions to these will have elements we can borrow from other work. Also, keep = in mind all of this needs to work in native JSON..

 

  1. Need the ability to document a single command
    1. Human executed commands
    2. Native Machine commands (Cisco IOS, Juniper, SEP, OpenC2, SNMP, NETCONF, = YANG, etc)
    3. What device or system does the command target (DesktopOS 10 at IP = address 10.0.0.2, Firewall BAR at 192.168.0..2)
    4. What class of devices or systems does the command target (DesktopOS 10 = at patch level 4, Firewall FOO ver 10)

Additional data classes of IODEF, = also the SCI extension.

  1. Need the ability to document a chain of commands
    1. Need to know if there is temporal logic or conditional logic associated = between commands
    2. Need to know if commands are sequenced or if they can be run in = parallel
    3. Need to know if there are fall through or fail-to-next commands
    4. Need tracking to know how to back out commands that fail and how far up = the tree you need to back out on failure 

 

Take a look at the MILE work more = closely, there are lessons learned as much of this has been done.  = Even if you don't want to use the work, there 's no reason to have us = all debate the same things again rather than build from experience.

IODEF predicate logic:  It's = simple and more compact.

 

  1. Need ability to provide Digital signatures at the command, the command = chain (tree), and COA Project levels
    1. These digital signatures need to be included in the payload themselves
    2. Need to be able to sign a section or part of the JSON text data
    3. They need to be in parallel and in series. Meaning, a command may = individually be signed by more than one people.  The command and a = signature may also be signed multiple times in series.
      1. Example: Company X that makes DesktopOS 10 signs a command that says it = will resolve malware Z on DesktopOS 10 patch version 4. Big Bank Foo may = then sign that (command + Company sig) and say they have verified it and = it works. Some ISAC may then sign that (command + Company sig + Big Bank Foo sig) and then send it out to = their eco-system
    1. Signatures need ability to identify what assertions someone is making. =  
      1. We need to know what the types of assertions should be (it works, it has = been verified, it has been reviewed, it may work, it seems to work, = etc)

You also need to consider origin = authentication and multi-hop authentication.  There was a lot of = work that went into the requirements analysis across areas of the IETF = as not to make RID and other MILE protocols specific to incidents or even XML.

 

Yes, this is XML and you want = JSON, using JOSE, I presume.  Still, the gap analysis I think will = be quite useful as I think you are missing requirements we already came = up against.  It will speed your work up to leverage existing work.

  1. Need ability to get responses at the individual command level, the chain = of commands level, and the COA Project level. 
    1. Need to identify the types of responses that can be returned and = what are the types of command codes / response codes that should be = returned
    2. Need to identify and have negotiation between systems if the responses = should be pushed or pulled.
    3. Need to know how the individual response can impact the next steps in = the chain.

 

You also need to consider = internationalization, which has already been done in the MILE = work.  This level of detail helps a lot for interoperability. There = were 3 interoperable implementations of RID, so testing was done, lessons can be = learned.  I'm not sure how may IODEF implementations there = were/are, but many more than that.

=

 

Once again, please do the gap = analysis to save us all time.  There are other MILE documents that = may be useful, they can be found off the documents link of the charter = page.  ROLIE and XMPP Grid were also designed to work with any format and I believe = are more flexible than RID, so there is much that can be gleaned from = these efforts as well as the DOTS work.

 

Best regards,

Kathleen

 

Things we already know how to = do.. We know how to make this work in a graph, we know how to make this = work with versioning, we know how to tie these to existing Cyber Threat = Intelligence.  

 

 

Thanks,

Bret

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 =  F2C0 74F8 ACAE 7415 0050

"Without cryptography vihv vivc ce xhrnrw, however, = the only thing that can not be unscrambled is an egg."

 

--
Cacao mailing list
Cacao@ietf.org
https://www.ietf.org/mailman/listinfo/cacao


 

--

 

Best regards,

Kathleen


 

--

 

Best regards,

Kathleen



--

Best = regards,
Kathleen

= --Apple-Mail=_5695365F-ED48-48A1-9255-DFEF5622B2F4-- From nobody Wed Sep 19 14:05:06 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CA2F130ECE for ; Wed, 19 Sep 2018 14:05:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.31 X-Spam-Level: X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symantec.com header.b=NVr+mkqN; dkim=pass (1024-bit key) header.d=symantec.com header.b=ogywjMOL Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dqjeezjEOZL6 for ; Wed, 19 Sep 2018 14:04:58 -0700 (PDT) Received: from tussmtoutape01.symantec.com (Tussmtoutape01.symantec.com [155.64.38.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77AA0130E65 for ; Wed, 19 Sep 2018 14:04:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; d=Symantec.com; s=1; c=relaxed/simple; q=dns/txt; i=@Symantec.com; t=1537391097; x=2401304697; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=+UGimHI3Anqu9UJL9lM2Ma86dtVNMl2Pmdl4F1gJ81c=; b=NVr+mkqNsHzQp4qhXAgGiBEZ9eUKtybPhjsDqcuV8udbUzf90uWOQewqKL/l+z6V NAJ999r6jPyiqIQxygyPPNSEleI59weez7BiP5iaFItVkJsnrJGR7VEYTTlkFBS4 oHzWnqzHESi6NHhbDlu321sB+EDCHQJD0RL4PzZtk3Y=; Received: from tussmtmtaapi02.symc.symantec.com (tus3-f5-symc-ext-prd-snat9.net.symantec.com [10.44.130.9]) by tussmtoutape01.symantec.com (Symantec Messaging Gateway) with SMTP id 8C.71.13075.9F9B2AB5; Wed, 19 Sep 2018 21:04:57 +0000 (GMT) X-AuditID: 0a2c7e31-7b0dc9e000003313-70-5ba2b9f9ba35 Received: from tus3xchcaspin01.SYMC.SYMANTEC.COM (tus3-f5-symc-ext-prd-snat10.net.symantec.com [10.44.130.10]) by tussmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 84.10.06107.9F9B2AB5; Wed, 19 Sep 2018 21:04:57 +0000 (GMT) Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by tus3xchcaspin01.SYMC.SYMANTEC.COM (10.44.91.13) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 19 Sep 2018 14:04:56 -0700 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (10.44.128.1) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Wed, 19 Sep 2018 14:04:56 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symantec.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+UGimHI3Anqu9UJL9lM2Ma86dtVNMl2Pmdl4F1gJ81c=; b=ogywjMOL4QPXxP+/aS80+WD3Z0UbQQXe/R8B6HMtBpwjYzjbT6QczSPmrj4Ri1gPMPQTQKXt5LxILePkhjd4Th7dNxIqntM0LOZ71dtHyJ7+sfN2YEtym0x+U+FmUPWgE2eATFj+zkeBTTxi0H33qqMR0kysIKGe0yNAWHvLHyQ= Received: from MWHPR16MB0093.namprd16.prod.outlook.com (10.172.101.148) by MWHPR16MB1712.namprd16.prod.outlook.com (10.172.60.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.17; Wed, 19 Sep 2018 21:04:55 +0000 Received: from MWHPR16MB0093.namprd16.prod.outlook.com ([fe80::fd13:abfe:ca51:d345]) by MWHPR16MB0093.namprd16.prod.outlook.com ([fe80::fd13:abfe:ca51:d345%5]) with mapi id 15.20.1143.017; Wed, 19 Sep 2018 21:04:55 +0000 From: Bret Jordan To: "cacao@ietf.org" Thread-Topic: RID Thread-Index: AQHUUFxqVbD/9/SaLkaOr4cJpVyVJg== Date: Wed, 19 Sep 2018 21:04:55 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Bret_Jordan@symantec.com; x-originating-ip: [107.77.231.137] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR16MB1712; 6:uY4LcIFv8pvkbBQ4x7T2AZvM6xVu+qyaGmViC62sWsjHkghaPbaMGxx+4MlDHinKc1Qyx0OqyQVNQ6IC9C0vZE9y6hNVbbXrMPI09dS99yzSl88TEFPVlGbU/XYYzs8P4oATvFH6TnS55qTiVJ4bfbpMerGtB91DQtDTz5eg58/F/dRRwbaHiQu4diMuTPD19udsT1qEfmZTTMNTyNAbILBLpalJBriknErd1hDQCaoSZNWnnnosAYln8yYIMwXze/R3F1V63AR15WM/cmwvA1yBQkGQRCxKqktzs8v1LgpEenpn3t0hRi0BPSCFImZFAL0RyFxKe72HZn5sAqCAWvXgi8zzIrMHpJjMYWfVsj4pSyfDY1wLbXJHFr+Gd2rr5dDlibHktL0GLrYoCdYSq5oLAkyL6TOyko7+KSVgqJQohPHKwx4PgneKz+aD1TyPGs4Qf3srmKUIH1Dg8AlkXQ==; 5:PyXVDH5jEooognWwpxSjbUsXuCR97JAeOo6/vrOO+JpcrOVTTQJEL0BWGQvIBjC07b1ZrxIegkmxq9BRrWNdVpjzNf83EWjcyJCcKtnwqGbXoQBLNU73C19Pe0hPpdXhss9NYFfsYZGbhwBcgrf4jINpSpfYiC+gn7zcCvWkuX0=; 7:unQu4WE+jzCazGWWdLntv12hg7kiZwIExpHyqMnQ8NMK7Psy3psyIjMQE+yych15V/Z2H7NRr/1tTTlGyRy9r8l0n8GG2jA9luNfV6lZrzVeQHRaLbI7FGrMycfmITLSuUrAdcBRBCbN+siHUUs0eBYeYzf8T5qIcW6Vqsqh2mcWj3KuKsTmPT1/wyn3JoZsvItWlOxK2otTDIDM4fQTHDnGMZpSZR/xWjpOEei71XCDNhyHMx0OOthpFua/tMtU x-ms-exchange-antispam-srfa-diagnostics: SOS; x-ms-office365-filtering-correlation-id: 5e50d1c5-16e4-47bb-1e52-08d61e738d0c x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:MWHPR16MB1712; x-ms-traffictypediagnostic: MWHPR16MB1712: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231355)(944501410)(52105095)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(20161123560045)(20161123564045)(201708071742011)(7699051); SRVR:MWHPR16MB1712; BCL:0; PCL:0; RULEID:; SRVR:MWHPR16MB1712; x-forefront-prvs: 0800C0C167 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(39860400002)(366004)(396003)(346002)(376002)(189003)(199004)(36756003)(5250100002)(105586002)(53936002)(2906002)(7736002)(68736007)(2900100001)(9886003)(7116003)(1730700003)(25786009)(8936002)(81166006)(8676002)(81156014)(6916009)(97736004)(221733001)(6512007)(2351001)(86362001)(66066001)(106356001)(83716003)(54896002)(5660300001)(221843001)(2501003)(102836004)(6436002)(2616005)(256004)(80792005)(6116002)(14454004)(3846002)(5640700003)(3480700004)(33656002)(10290500003)(72206003)(82746002)(478600001)(6486002)(316002)(486006)(558084003)(26005)(99286004)(6506007)(476003)(186003)(215093002); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR16MB1712; H:MWHPR16MB0093.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: knkL1Fw26mS2IuF2vz5S18H5brYdIq3I63aQeaRWuQOP/1eabmGNIplPzGh8/xzA9q0iFHMYqUbokqdYTD1Ez+eEtDAmnp06Fv0mpEjZKMZYbFD8Li7+xkQY7iu7JAlBHvj+p6K3TOY2b2ozghsJLX7rlObRyWoDMkQo57QgCd4xL0WnwFkLdSGur0Aqc16rAVq6dI3tyaLnQhDXwUjKXxC3irDPDuw+jw3sirg6PWv4ySjV4E56FsXSIi0x+BdckP2AZL57leXlFxMnQs0ycWSpd5/gRoR4ANQYsttXTSaK4f4DSRcaOZAbaz8tMBHVt5h6ssHVc2bi4Kpob0m4SpeGPE5LQBH5DoPJXZQcMSQ= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_F50534E93E504FDFA4F0995FE652CCFEsymanteccom_" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 5e50d1c5-16e4-47bb-1e52-08d61e738d0c X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Sep 2018 21:04:55.4306 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR16MB1712 X-OriginatorOrg: symantec.com X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrKKsWRmVeSWpSXmKPExsXCpdPEqftz56Jog959nBYnb89ic2D0WLLk J1MAYxSXTUpqTmZZapG+XQJXxpfX/xkL1gpUTPn4iqmB8RF/FyMnh4SAicT22f/YQGwhgU+M Eg3n5GDiy6+fBIpzAcV/MUrMmnOFFcI5yihxa+NuRgjnBaPEm/3H2EEcFoEJzBKPJjWwQGQm M0m8mrUXqucRo8SMS6tYQCazCehInD/fyQxiiwioSlx818EKYgsL8Ejs+HMEaC4HUFxQ4uYJ G4gSPYnv66YygdgsQOW3TpxhAynhFbCX+LhCHiTMKCAm8f3UGrASZgFxiVtP5jNB/CAgsWTP eWYIW1Ti5eN/rBD10RL/NvWxQsSVJPatOgVly0pcmt8N9pmEwD52id3zvkM160p8mDoVyvaV eL3jJztE0XFGib3vt7NBJLQktl46zA5hZ0usO7iTBSbecWQW1EVyEqt6H7JANK9klvi04RTL BEbDWUguh7CTJV4u6WMHsXmBYXFy5hOWWUBPMwtoSqzfpQ9RoigxpfshO4StIdE6Zy47RIkz 0KO2yEoWMHKsYlQoKS0uzi3JLy1JLEg1MNQrrsxNBhGJwKSUrJecn7uJEZyY6gx3MD7a4HOI UYCDUYmHd9OsRdFCrIllQJWHGCU4mJVEeFeWAoV4UxIrq1KL8uOLSnNSiw8xSnOwKInzyrKW RAsJpCeWpGanphakFsFkmTg4pRoYszsVt3uVPl1+3P//Oa2cZMv1S+2PbAr8G3Al99kf1WeR H1mXrLdKvtHs8fRYbbaRk3GZbMz9iJxPvi/83rQI7mqNDNU86sV1Lck09HDNlpK1vw446Z9d +27zWbO/zNOvT18YfZ2hj/d2w88S7RDvJcyd6Vabumc+n7Dg4NVp0dMP8tXHcbc4KbEUZyQa ajEXFScCAPWZ5ZVIAwAA X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprNKsWRmVeSWpSXmKPExsXCpdPEpftz56Jog+tLGS1O3p7F5sDosWTJ T6YAxigum5TUnMyy1CJ9uwSujC+v/zMWrBWomPLxFVMD4yP+LkZODgkBE4nl10+ydTFycQgJ /GKUmDXnCiuEc5RR4tbG3YwQzgtGiTf7j7GDOCwCE5glHk1qYIHITGaSeDVrL1TPI0aJGZdW sYBMZhPQkTh/vpMZxBYRUJW4+K6DFcQWFuCR2PHnCNBcDqC4oMTNEzYQJXoS39dNZQKxWYDK b504wwZSwitgL/FxhTxImFFATOL7qTVgJcwC4hK3nsxngvhBQGLJnvPMELaoxMvH/1gh6qMl /m3qY4WIK0nsW3UKypaVuDS/G+wzCYF97BK7532HataV+DB1KpTtK/F6x092iKLjjBJ7329n g0hoSWy9dJgdws6WWHdwJwtMvOPILKiL5CRW9T5kgWheySzxacMpqCIZiQWzJjBDJKaySezd 08Q0gVF3FpKXIOxkiZdL+thBbF5gIJ2c+YRlFjA0mAU0Jdbv0ocoUZSY0v2QHcLWkGidM5cd osQZGAK2yEoWMHKsYlQoKS0uzi3JLUlMLMg0MNIrrsxNBhGJwLSUrJecn7uJEZyanCV3MB76 43OIUYCDUYmHd0LDomgh1sQyoMpDjNIcLErivGf4gEIC6YklqdmpqQWpRfFFpTmpxYcYmTg4 pRoY017OspiS9jVkxunqNMZlqxvbAnWbd+3PqQ0/kVCWN/VqmDGzjb/ttfsWdyYfTOu2UvqZ 9+XevBkmD9lLL9+feohtc1dNllt9U59Epzf77ndqNu2Xq9Ttwps059xxnBDVeVT0Z9nn4+2n tpcJn7m/U/3U9Nl85nZHuy1n/HVqvrJwc51P6sFeJZbijERDLeai4kQAqqVPwC4DAAA= X-CFilter-Loop: TUS03 Archived-At: Subject: [Cacao] RID X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 21:05:04 -0000 --_000_F50534E93E504FDFA4F0995FE652CCFEsymanteccom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 S2F0aGxlZW4sDQoNCkkgd2lsbCBzdGFydCBhIGdhcCBhbmFseXNpcyBkb2N1bWVudCB0b25pZ2h0 IGFuZCB0cnkgYW5kIGdldCBzb21ldGhpbmcgdG8gdGhlIGxpc3QgaW4gdGhlIGNvbWluZyBkYXlz LiBJIHdpbGwgcHJvYmFibHkgc3RhcnQgd2l0aCBSSUQgYW5kIHNlZSBob3cgdGhpbmdzIGdvLg0K DQpCcmV0DQoNCg0KDQpTZW50IGZyb20gbXkgQ29tbW9kb3JlIDY0DQoNClBHUCBGaW5nZXJwcmlu dDogNjNCNCBGQzUzIDY4MEEgNkI3RCAxNDQ3ICBGMkMwIDc0RjggQUNBRSA3NDE1IDAwNTANCg== --_000_F50534E93E504FDFA4F0995FE652CCFEsymanteccom_ Content-Type: text/html; charset="utf-8" Content-ID: <24596C01E9F55741AC1E4259AAC53656@symc.onmicrosoft.com> Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IGRpcj0iYXV0byI+DQpL YXRobGVlbiwNCjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2Pkkgd2lsbCBzdGFydCBhIGdhcCBhbmFs eXNpcyBkb2N1bWVudCB0b25pZ2h0IGFuZCB0cnkgYW5kIGdldCBzb21ldGhpbmcgdG8gdGhlIGxp c3QgaW4gdGhlIGNvbWluZyBkYXlzLiBJIHdpbGwgcHJvYmFibHkgc3RhcnQgd2l0aCBSSUQgYW5k IHNlZSBob3cgdGhpbmdzIGdvLg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxkaXY+QnJldCZuYnNwOzxi cj4NCjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2Pjxicj4NCjxicj4NCjxkaXYgaWQ9IkFwcGxlTWFp bFNpZ25hdHVyZSI+U2VudCBmcm9tIG15IENvbW1vZG9yZSA2NCZuYnNwOw0KPGRpdj48YnI+DQo8 L2Rpdj4NCjxkaXY+PHNwYW4gc3R5bGU9ImJhY2tncm91bmQtY29sb3I6IHJnYmEoMjU1LCAyNTUs IDI1NSwgMCk7Ij48Zm9udCBjbGFzcz0iIiBzdHlsZT0iZm9udC12YXJpYW50LWxpZ2F0dXJlczog bm9ybWFsOyBmb250LXZhcmlhbnQtcG9zaXRpb246IG5vcm1hbDsgZm9udC12YXJpYW50LW51bWVy aWM6IG5vcm1hbDsgZm9udC12YXJpYW50LWFsdGVybmF0ZXM6IG5vcm1hbDsgZm9udC12YXJpYW50 LWVhc3QtYXNpYW46IG5vcm1hbDsgbGluZS1oZWlnaHQ6IG5vcm1hbDsiPlBHUA0KIEZpbmdlcnBy aW50OiZuYnNwOzwvZm9udD48c3BhbiBjbGFzcz0iIiBzdHlsZT0idGV4dC1hbGlnbjogLXdlYmtp dC1hdXRvOyI+PGZvbnQgY2xhc3M9IiI+NjNCNCBGQzUzIDY4MEEgNkI3RCAxNDQ3ICZuYnNwO0Yy QzAgNzRGOCBBQ0FFIDc0MTUgMDA1MDwvZm9udD48L3NwYW4+PC9zcGFuPjwvZGl2Pg0KPC9kaXY+ DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+DQo= --_000_F50534E93E504FDFA4F0995FE652CCFEsymanteccom_-- From nobody Sun Sep 30 15:03:25 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B043127333 for ; Sun, 30 Sep 2018 15:03:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wXBK8U6wWCn4 for ; Sun, 30 Sep 2018 15:03:22 -0700 (PDT) Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2463D12008A for ; Sun, 30 Sep 2018 15:03:22 -0700 (PDT) Received: by mail-qt1-x836.google.com with SMTP id x23-v6so12118491qtr.1 for ; Sun, 30 Sep 2018 15:03:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=CSsXsenv1b/EAX7s+Xucn2jIWH96WtYZuApkfYNYt5o=; b=GVbkOCnhYqDeL8w8xm+r1J36FLdsrAO+EEvfPfqXCsBHLDFKkCDnjA1LH1JfVzDtRI +AxI6W/XApGBIVRmi5/S6OfmoQQnc9loho7OcFQgJYQL6czDNGKR94PWz8BdiiYtxhap WKV4dAyT6jpxo1RPCRtcUBbAOcHlxcz8DtCmQKdpD/Fv0yQ2brxpOwpJE6KwdoQnyxgA 6C5rV0mW1fPohTNfmuFiIYUsC/VQ8ZdCYosO/8ogV71G7RcYvSsaVdrITKJ3oSg75WhN YL3MKvNZJtDSpZNPWufOwN1V+mDCnPlO67t5CUq2UxjH3ixcDbBNaW4VHjBltcZl011e 9Mxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:to :in-reply-to:message-id; bh=CSsXsenv1b/EAX7s+Xucn2jIWH96WtYZuApkfYNYt5o=; b=YNWKUwUv+zNy4yjNJyuEMj6TZkhH9mjIjDuHWbWw8Eyp4/dUvaya+ArV2FSsuTZaJo VU/UAGnHfvzOpwuP90xBcnGyJuplPokTd7rCqXkoGiUYlC1bG3F8Xi1qJEUJGtyRUmGP GBdCcXa7gUHXIXWl1BvQoDXMRLU0DFpTUv2tIe9xkvfkPhGmu+6tPKtnlqUFf3L1SNBq 5oE6iqtmgABZkuCr6x//P7nL0Oj9QkMaxc+ngjf11AXgc321BGvAKJjvQxwVthEPRw/x CwAL91JdBXGK9Xo+kM0BpPLRqUqJYvfNkQ2ox/F4olYgmE3Hf7eevnx2VtRdpmhGb+LZ rr5w== X-Gm-Message-State: ABuFfohJkFUO0pkAXI+Df7UxkyQkWFzCZDINFGlL2offgptFNvicIE6U creY1+ywIannRRNwvYCHKjAtd+Ze X-Google-Smtp-Source: ACcGV61o2ShS5oywRJN0rNQ4sabkPoGhJkSZ8mteh6oxqD3AUv6nufjJ3eU5w+rg10om5mBz+3Xo5w== X-Received: by 2002:ac8:1889:: with SMTP id s9-v6mr6500552qtj.268.1538345000961; Sun, 30 Sep 2018 15:03:20 -0700 (PDT) Received: from [172.20.0.113] ([63.68.129.61]) by smtp.gmail.com with ESMTPSA id w5-v6sm7073978qkw.69.2018.09.30.15.03.18 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 30 Sep 2018 15:03:19 -0700 (PDT) From: Bret Jordan Content-Type: multipart/alternative; boundary="Apple-Mail=_04EA20F3-3C8D-45F7-9492-EEE18FE86EB2" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Sun, 30 Sep 2018 18:03:29 -0400 References: To: "cacao@ietf.org" In-Reply-To: Message-Id: <4ABF7C61-EB20-44B5-8C78-8679E527F443@gmail.com> X-Mailer: Apple Mail (2.3445.9.1) Archived-At: Subject: [Cacao] GAP Analysis with RID/ROLIE X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Sep 2018 22:03:25 -0000 --Apple-Mail=_04EA20F3-3C8D-45F7-9492-EEE18FE86EB2 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii All, This weekend I re-read the RID and ROLIE RFCs, even though recently I = had became quite familiar with both of them. Yes, the authors of these = documents have done an amazing amount of work. However, they represent = a different set of use cases and problems from what we are trying to do = here.=20 =46rom a comparison / gap stand point with this work, it is important to = note that RID and ROLIE are about how to share the data once it has been = created. Similar to the way TAXII is about sharing STIX data once it has = been created. CACAO on the other hand is primarily about creating the = data in the first place.=20 =46rom a sharing standpoint with CACAO, we may look to AMQP, RabbitMQ, = MQTT, ZeroMQ, MATRIX, TAXII, native HTTP REST etc. However, that work is = a long ways off and represents probably only 3-5% of the problem space = we need to address.=20 RID and ROLIE: RID is a SOAP type interaction that uses XML and is tied at some level = to IODEF. Just like TAXII can transmit content other than STIX, I am = sure RID could be configured to interact with content other than IODEF. = However, nearly all of the examples and namespace requirements call out = IODEF or require IODEF to be imported in to the schema. (Please do not = flame me, but that is how the document reads). =20 ROLIE is an XML based RESTful interface that uses XMPP synchronization = of content by sharing a manifest like resource so the client can go back = and get the actual content it wants. ROLIE does not push or share the = actual content, but rather, enables the clients to know what content is = available and tells it where to go and find it. Summary As I said above, both of these work products represent a lot of good = work by the authors. But CACAO is about the ontology or language for how = one might describe courses of action and allow them to be shared in a = way that allows them to be collaboratively worked on. It is not about = how to transmit data. When it comes time to work on the protocol side of this work, I am = guessing that we will be able to either just pick a preferred set of = solutions and define what it will mean to use them or borrow a lot of = ideas from other work to create something that easily works for this use = case. =20 My goal is to get something working as quickly as possible, get vendor = adoption, and then iterate and add functionality over time. If our = initial spec is too big and complicated, it will never get implemented. = I often say that if the first version of HTML would have looked like the = current HTML5, it probably would have never gained broad market = adoption. Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that = can not be unscrambled is an egg." --Apple-Mail=_04EA20F3-3C8D-45F7-9492-EEE18FE86EB2 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
All,

This weekend I re-read the RID and ROLIE RFCs, even though = recently I had became quite familiar with both of them. Yes, the authors = of these documents have done an amazing amount of work.  However, = they represent a different set of use cases and problems from what we = are trying to do here. 

=46rom a comparison / gap stand point = with this work, it is important to note that RID and ROLIE are about how = to share the data once it has been created. Similar to the way TAXII is = about sharing STIX data once it has been created. CACAO on the other = hand is primarily about creating the data in the first = place. 

=46rom a sharing standpoint with CACAO, we may look to AMQP, = RabbitMQ, MQTT, ZeroMQ, MATRIX, TAXII, native HTTP REST etc. However, = that work is a long ways off and represents probably only 3-5% of the = problem space we need to address. 

RID and = ROLIE:
RID is a SOAP type interaction that uses = XML and is tied at some level to IODEF. Just like TAXII can transmit = content other than STIX, I am sure RID could be configured to interact = with content other than IODEF.  However, nearly all of the examples = and namespace requirements call out IODEF or require IODEF to be = imported in to the schema. (Please do not flame me, but that is how the = document reads).   

ROLIE is an XML based RESTful interface = that uses XMPP synchronization of content by sharing a manifest like = resource so the client can go back and get the actual content it wants. = ROLIE does not push or share the actual content, but rather, enables the = clients to know what content is available and tells it where to go and = find it.

Summary
As I said above, both of = these work products represent a lot of good work by the authors. But = CACAO is about the ontology or language for how one might describe = courses of action and allow them to be shared in a way that allows them = to be collaboratively worked on. It is not about how to transmit = data.

When it = comes time to work on the protocol side of this work, I am guessing that = we will be able to either just pick a preferred set of solutions and = define what it will mean to use them or borrow a lot of ideas from other = work to create something that easily works for this use case. =  

My goal = is to get something working as quickly as possible, get vendor adoption, = and then iterate and add functionality over time. If our initial spec is = too big and complicated, it will never get implemented. I often say that = if the first version of HTML would have looked like the current HTML5, = it probably would have never gained broad market adoption.


Thanks,
Bret
PGP = Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 = 0050
"Without = cryptography vihv vivc ce xhrnrw, however, the only thing that can not = be unscrambled is an = egg."

= --Apple-Mail=_04EA20F3-3C8D-45F7-9492-EEE18FE86EB2-- From nobody Sun Sep 30 23:47:47 2018 Return-Path: X-Original-To: cacao@ietfa.amsl.com Delivered-To: cacao@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9936F130DCF for ; Sun, 30 Sep 2018 23:47:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=lookingglasscyber.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gUSLbano5ki9 for ; Sun, 30 Sep 2018 23:47:42 -0700 (PDT) Received: from NAM04-BN3-obe.outbound.protection.outlook.com (mail-eopbgr680060.outbound.protection.outlook.com [40.107.68.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A7A8130DD8 for ; Sun, 30 Sep 2018 23:47:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lookingglasscyber.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a5ia0NkWTqKtibm1xSqdx2J41Z8PQPpWo6oVcHoaHWw=; b=UTo5vdSEQRO8P3P9Rq/qQowhxikHAUzn0cY45/5jUeyv2KmgDwmWUDy4KxUT9VxAnsPqpqQKG0PZv3CLFLlMICQs6IhxG0EClqEDXY7e3EKO4JGmd8S7Suw41Oh2RRT8shVSnpMXR4P0vBn1eWIhoPeX5j7rhshIp1uDnN2UhF8= Received: from MW2PR18MB2137.namprd18.prod.outlook.com (52.132.182.156) by MW2PR18MB2234.namprd18.prod.outlook.com (52.132.183.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1185.24; Mon, 1 Oct 2018 06:47:38 +0000 Received: from MW2PR18MB2137.namprd18.prod.outlook.com ([fe80::31c5:cb5b:2505:be5b]) by MW2PR18MB2137.namprd18.prod.outlook.com ([fe80::31c5:cb5b:2505:be5b%4]) with mapi id 15.20.1164.029; Mon, 1 Oct 2018 06:47:38 +0000 From: Allan Thomson To: Bret Jordan , "cacao@ietf.org" Thread-Topic: [Cacao] GAP Analysis with RID/ROLIE Thread-Index: AQHUWQltOKNRCH0AwUy/1K0geYNj2KUKFLoA Date: Mon, 1 Oct 2018 06:47:38 +0000 Message-ID: References: <4ABF7C61-EB20-44B5-8C78-8679E527F443@gmail.com> In-Reply-To: <4ABF7C61-EB20-44B5-8C78-8679E527F443@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/10.11.0.180909 authentication-results: spf=none (sender IP is ) smtp.mailfrom=athomson@lookingglasscyber.com; x-originating-ip: [144.202.253.180] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MW2PR18MB2234; 6:+6rLULtFQVoiJpqD66MYiC2i80XkgwBgujdaTrT9UgS/rQ6Ozs3qbr8Io+bhCKt1hfkOkvraTNUvCFlqloF3nAX6INqlSbIlMIf0/noGVuo3msg4rIOPwF3jsUlThEDGLQ7v1k7c8A6JuapRZYpuGGH/8wOXrUmH77ONiQn8AGyv+y4NVYD563xIJKU46JEkXanglrN8RittjSE9j97BcnqrlA21xfeXGMJhRZWXJfp1cmkfnuqz1Z0HKtPSCBK+T0SNMh2cSlODqYnNoH+ditzULtHxBlRuHBzvRdGsgJLYkOUjRj3XPGPTCBIuqtE+ILiPcoKVL60P4KNbsYAYBfGZVoTN3GLAHUjiB5BA8+xUusKfURqtmXMGtF4jKG8kD42gOqevCELA/T87P0Aml4Y/8kdfj1+F5k/ZyhBGQNe0cjWLlQ4c6E0cyWDP0GAS/ms2T3iuc9D/7XQVyUBKBA==; 5:FUXL0SG4NuimvjkgwrhJU7HTzbZEXg6SNieOikkP4Akc1NLv4yAWvMm21lPFpnD12XaMVLoR94zOyBN7m0jMm5j+KRzaZ2Dk0dECVHh7IH6y5PZLjhK2+PiMhlKqN59iMatat++vke1ssQ/hNtsOo/1ifT5ExmMcQAvZxdJoHdk=; 7:IyRw41sVB48o8G+csGcUBVQSpSpkgxtMFfKdkmQHtQcAOEMSgAvkWTrIqUQXG0+MlBB2VcWay4HDW63JEgOxpG0lPcYiri/3gaIZ5skZ1S+9GIksEjhELkEgqYZ91BJapzoR+Sc563mfOU+53sj4HfPihVhgZTv1YE7NxF3p7wGClmNIBZQZcyqydGtCf8gKBntG9jzBhv2S6/p7ugJcuxpD97IqJ3zjjlJt06DJ3ByuCiqu5fcPDCObTFq0yKWd x-ms-exchange-antispam-srfa-diagnostics: SOS; x-ms-office365-filtering-correlation-id: fc2a7235-49a6-43ac-3e30-08d62769c6f9 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:MW2PR18MB2234; x-ms-traffictypediagnostic: MW2PR18MB2234: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(192374486261705)(85827821059158)(35073007944872)(21748063052155)(28532068793085)(190501279198761)(227612066756510); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(3002001)(3231355)(944501410)(4982022)(52105095)(149066)(150057)(6041310)(20161123560045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(201708071742011)(7699051); SRVR:MW2PR18MB2234; BCL:0; PCL:0; RULEID:; SRVR:MW2PR18MB2234; x-forefront-prvs: 0812095267 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(136003)(39850400004)(346002)(396003)(376002)(189003)(199004)(33656002)(86362001)(8676002)(6436002)(36756003)(6246003)(8936002)(14454004)(99286004)(476003)(6486002)(2616005)(486006)(81166006)(316002)(11346002)(446003)(81156014)(34290500001)(26005)(2906002)(71200400001)(71190400001)(68736007)(186003)(6512007)(53936002)(66066001)(83716004)(102836004)(110136005)(58126008)(7736002)(54896002)(6306002)(6116002)(3846002)(2900100001)(256004)(229853002)(105586002)(39060400002)(53546011)(14444005)(6506007)(97736004)(5660300001)(106356001)(76176011)(82746002)(2501003)(25786009)(478600001)(5250100002); DIR:OUT; SFP:1101; SCL:1; SRVR:MW2PR18MB2234; H:MW2PR18MB2137.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: lookingglasscyber.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: Z4YoFLMA8s1bCoB5122fYxmrSDruGqSZYh1gqINid6QCqAPrPPld+gMfXxr+Kw8jIipSfOkwGn9kL3E/a8GHxhs9dvWXdQG9d6Dz68FDOuvrPg49nSlxdlPl5JlSVajNQzPCIDYnb80LZhZ8xib9L5eEivWA+IQSpAaT/Zhx3vsNnmeNkXPvorcbRoOyV8aAPPyGvtzeNqiG+hvx5Sp0oDwpoQaZWJVt/klUhiYLnxjx193EqzYXZkfpYYKGAYO5ySoAvAb2ldPPxbXDHgxPvxaWUZPoEKPexDgwOQDWTyX6m2wtMHQoBnAPeQRB6apWSAbMIC0jOn5KVJPcEvNN/6KXP2AUMuH8dDdh9JNsgHg= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_A32B51C3BF5341A5BD03DAE751B5E8CAlookingglasscybercom_" MIME-Version: 1.0 X-OriginatorOrg: lookingglasscyber.com X-MS-Exchange-CrossTenant-Network-Message-Id: fc2a7235-49a6-43ac-3e30-08d62769c6f9 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Oct 2018 06:47:38.1526 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 11622456-b9ab-4329-8602-bf364508a848 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW2PR18MB2234 Archived-At: Subject: Re: [Cacao] GAP Analysis with RID/ROLIE X-BeenThere: cacao@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Collaborative Automated Course of Action Operations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Oct 2018 06:47:46 -0000 --_000_A32B51C3BF5341A5BD03DAE751B5E8CAlookingglasscybercom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 QnJldCDigJMgdGhhbmtzIGZvciBzZW5kaW5nIHRoaXMgc3VtbWFyeSBvdXQuDQoNClRvIHJlLWVu Zm9yY2UgeW91ciBwb2ludCBhYm91dCBDQUNBTy4gSXRzIG5vdCBmb2N1c2VkIG9uIHRoZSB0cmFu c3BvcnQgYXQgYWxsLiBPdXIgaW50ZW50aW9uIGlzIHRoYXQgdGhlIHRyYW5zcG9ydCBvZiBDQUNB TyBjb250ZW50IGNvdWxkIGJlIGNvbnZleWVkIGJ5IG11bHRpcGxlIHByb3RvY29scyB0aGF0IHNh dGlzZnkgdGhlIHJlcXVpcmVtZW50cyBvZiBzZWN1cml0eSBkZWZpbmVkIGluIHRoZSBkcmFmdC4N Cg0KQXMgeW91IHN0YXRlIHRoZSBmb2N1cyBmb3IgQ0FDQU8gaXMgZW5hYmxpbmcgdGhlIGRlZmlu aXRpb24gb2YgYSBzZXQgb2YgYWN0aW9ucy9yZXNwb25zZXMgZm9yIGN5YmVyc2VjdXJpdHkgcmVz cG9uc2Ugd2hlcmUgb25lIG9yIG1vcmUgc3lzdGVtcyBtYXkgd29yayBpbiBhIGNvb3JkaW5hdGVk IG1hbm5lci4gVGhlIENBQ0FPIHByb2plY3QgYW5kIGl0cyBjb250ZW50IGFyZSB0aGUgcHJpbWFy eSBmb2N1cyBvZiB0aGUgd29yayAocmlnaHQgbm93KS4gRXZlbnR1YWxseSB3ZSB3aWxsIHdhbnQg dG8gZGlzY3VzcyB0cmFuc3BvcnQgbWV0aG9kcyBidXQgdGhhdCBpcyBhIGZ1dHVyZSBzdGVwIG5v dCB0aGUgaW5pdGlhbCBvbmUgKGltbykuDQoNClJlZ2FyZHMNCg0KQWxsYW4gVGhvbXNvbg0KRnJv bTogQ2FjYW8gPGNhY2FvLWJvdW5jZXNAaWV0Zi5vcmc+IG9uIGJlaGFsZiBvZiBCcmV0IEpvcmRh biA8am9yZGFuLmlldGZAZ21haWwuY29tPg0KRGF0ZTogTW9uZGF5LCBPY3RvYmVyIDEsIDIwMTgg YXQgMTI6MDMgQU0NClRvOiAiY2FjYW9AaWV0Zi5vcmciIDxjYWNhb0BpZXRmLm9yZz4NClN1Ympl Y3Q6IFtDYWNhb10gR0FQIEFuYWx5c2lzIHdpdGggUklEL1JPTElFDQoNCkFsbCwNCg0KVGhpcyB3 ZWVrZW5kIEkgcmUtcmVhZCB0aGUgUklEIGFuZCBST0xJRSBSRkNzLCBldmVuIHRob3VnaCByZWNl bnRseSBJIGhhZCBiZWNhbWUgcXVpdGUgZmFtaWxpYXIgd2l0aCBib3RoIG9mIHRoZW0uIFllcywg dGhlIGF1dGhvcnMgb2YgdGhlc2UgZG9jdW1lbnRzIGhhdmUgZG9uZSBhbiBhbWF6aW5nIGFtb3Vu dCBvZiB3b3JrLiAgSG93ZXZlciwgdGhleSByZXByZXNlbnQgYSBkaWZmZXJlbnQgc2V0IG9mIHVz ZSBjYXNlcyBhbmQgcHJvYmxlbXMgZnJvbSB3aGF0IHdlIGFyZSB0cnlpbmcgdG8gZG8gaGVyZS4N Cg0KRnJvbSBhIGNvbXBhcmlzb24gLyBnYXAgc3RhbmQgcG9pbnQgd2l0aCB0aGlzIHdvcmssIGl0 IGlzIGltcG9ydGFudCB0byBub3RlIHRoYXQgUklEIGFuZCBST0xJRSBhcmUgYWJvdXQgaG93IHRv IHNoYXJlIHRoZSBkYXRhIG9uY2UgaXQgaGFzIGJlZW4gY3JlYXRlZC4gU2ltaWxhciB0byB0aGUg d2F5IFRBWElJIGlzIGFib3V0IHNoYXJpbmcgU1RJWCBkYXRhIG9uY2UgaXQgaGFzIGJlZW4gY3Jl YXRlZC4gQ0FDQU8gb24gdGhlIG90aGVyIGhhbmQgaXMgcHJpbWFyaWx5IGFib3V0IGNyZWF0aW5n IHRoZSBkYXRhIGluIHRoZSBmaXJzdCBwbGFjZS4NCg0KRnJvbSBhIHNoYXJpbmcgc3RhbmRwb2lu dCB3aXRoIENBQ0FPLCB3ZSBtYXkgbG9vayB0byBBTVFQLCBSYWJiaXRNUSwgTVFUVCwgWmVyb01R LCBNQVRSSVgsIFRBWElJLCBuYXRpdmUgSFRUUCBSRVNUIGV0Yy4gSG93ZXZlciwgdGhhdCB3b3Jr IGlzIGEgbG9uZyB3YXlzIG9mZiBhbmQgcmVwcmVzZW50cyBwcm9iYWJseSBvbmx5IDMtNSUgb2Yg dGhlIHByb2JsZW0gc3BhY2Ugd2UgbmVlZCB0byBhZGRyZXNzLg0KDQpSSUQgYW5kIFJPTElFOg0K UklEIGlzIGEgU09BUCB0eXBlIGludGVyYWN0aW9uIHRoYXQgdXNlcyBYTUwgYW5kIGlzIHRpZWQg YXQgc29tZSBsZXZlbCB0byBJT0RFRi4gSnVzdCBsaWtlIFRBWElJIGNhbiB0cmFuc21pdCBjb250 ZW50IG90aGVyIHRoYW4gU1RJWCwgSSBhbSBzdXJlIFJJRCBjb3VsZCBiZSBjb25maWd1cmVkIHRv IGludGVyYWN0IHdpdGggY29udGVudCBvdGhlciB0aGFuIElPREVGLiAgSG93ZXZlciwgbmVhcmx5 IGFsbCBvZiB0aGUgZXhhbXBsZXMgYW5kIG5hbWVzcGFjZSByZXF1aXJlbWVudHMgY2FsbCBvdXQg SU9ERUYgb3IgcmVxdWlyZSBJT0RFRiB0byBiZSBpbXBvcnRlZCBpbiB0byB0aGUgc2NoZW1hLiAo UGxlYXNlIGRvIG5vdCBmbGFtZSBtZSwgYnV0IHRoYXQgaXMgaG93IHRoZSBkb2N1bWVudCByZWFk cykuDQoNClJPTElFIGlzIGFuIFhNTCBiYXNlZCBSRVNUZnVsIGludGVyZmFjZSB0aGF0IHVzZXMg WE1QUCBzeW5jaHJvbml6YXRpb24gb2YgY29udGVudCBieSBzaGFyaW5nIGEgbWFuaWZlc3QgbGlr ZSByZXNvdXJjZSBzbyB0aGUgY2xpZW50IGNhbiBnbyBiYWNrIGFuZCBnZXQgdGhlIGFjdHVhbCBj b250ZW50IGl0IHdhbnRzLiBST0xJRSBkb2VzIG5vdCBwdXNoIG9yIHNoYXJlIHRoZSBhY3R1YWwg Y29udGVudCwgYnV0IHJhdGhlciwgZW5hYmxlcyB0aGUgY2xpZW50cyB0byBrbm93IHdoYXQgY29u dGVudCBpcyBhdmFpbGFibGUgYW5kIHRlbGxzIGl0IHdoZXJlIHRvIGdvIGFuZCBmaW5kIGl0Lg0K DQpTdW1tYXJ5DQpBcyBJIHNhaWQgYWJvdmUsIGJvdGggb2YgdGhlc2Ugd29yayBwcm9kdWN0cyBy ZXByZXNlbnQgYSBsb3Qgb2YgZ29vZCB3b3JrIGJ5IHRoZSBhdXRob3JzLiBCdXQgQ0FDQU8gaXMg YWJvdXQgdGhlIG9udG9sb2d5IG9yIGxhbmd1YWdlIGZvciBob3cgb25lIG1pZ2h0IGRlc2NyaWJl IGNvdXJzZXMgb2YgYWN0aW9uIGFuZCBhbGxvdyB0aGVtIHRvIGJlIHNoYXJlZCBpbiBhIHdheSB0 aGF0IGFsbG93cyB0aGVtIHRvIGJlIGNvbGxhYm9yYXRpdmVseSB3b3JrZWQgb24uIEl0IGlzIG5v dCBhYm91dCBob3cgdG8gdHJhbnNtaXQgZGF0YS4NCg0KV2hlbiBpdCBjb21lcyB0aW1lIHRvIHdv cmsgb24gdGhlIHByb3RvY29sIHNpZGUgb2YgdGhpcyB3b3JrLCBJIGFtIGd1ZXNzaW5nIHRoYXQg d2Ugd2lsbCBiZSBhYmxlIHRvIGVpdGhlciBqdXN0IHBpY2sgYSBwcmVmZXJyZWQgc2V0IG9mIHNv bHV0aW9ucyBhbmQgZGVmaW5lIHdoYXQgaXQgd2lsbCBtZWFuIHRvIHVzZSB0aGVtIG9yIGJvcnJv dyBhIGxvdCBvZiBpZGVhcyBmcm9tIG90aGVyIHdvcmsgdG8gY3JlYXRlIHNvbWV0aGluZyB0aGF0 IGVhc2lseSB3b3JrcyBmb3IgdGhpcyB1c2UgY2FzZS4NCg0KTXkgZ29hbCBpcyB0byBnZXQgc29t ZXRoaW5nIHdvcmtpbmcgYXMgcXVpY2tseSBhcyBwb3NzaWJsZSwgZ2V0IHZlbmRvciBhZG9wdGlv biwgYW5kIHRoZW4gaXRlcmF0ZSBhbmQgYWRkIGZ1bmN0aW9uYWxpdHkgb3ZlciB0aW1lLiBJZiBv dXIgaW5pdGlhbCBzcGVjIGlzIHRvbyBiaWcgYW5kIGNvbXBsaWNhdGVkLCBpdCB3aWxsIG5ldmVy IGdldCBpbXBsZW1lbnRlZC4gSSBvZnRlbiBzYXkgdGhhdCBpZiB0aGUgZmlyc3QgdmVyc2lvbiBv ZiBIVE1MIHdvdWxkIGhhdmUgbG9va2VkIGxpa2UgdGhlIGN1cnJlbnQgSFRNTDUsIGl0IHByb2Jh Ymx5IHdvdWxkIGhhdmUgbmV2ZXIgZ2FpbmVkIGJyb2FkIG1hcmtldCBhZG9wdGlvbi4NCg0KDQpU aGFua3MsDQpCcmV0DQpQR1AgRmluZ2VycHJpbnQ6IDYzQjQgRkM1MyA2ODBBIDZCN0QgMTQ0NyAg RjJDMCA3NEY4IEFDQUUgNzQxNSAwMDUwDQoiV2l0aG91dCBjcnlwdG9ncmFwaHkgdmlodiB2aXZj IGNlIHhocm5ydywgaG93ZXZlciwgdGhlIG9ubHkgdGhpbmcgdGhhdCBjYW4gbm90IGJlIHVuc2Ny YW1ibGVkIGlzIGFuIGVnZy4iDQoNCg0K --_000_A32B51C3BF5341A5BD03DAE751B5E8CAlookingglasscybercom_ Content-Type: text/html; charset="utf-8" Content-ID: <9E8815493221DC40B82E11D9BAC43475@namprd18.prod.outlook.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseTpIZWx2ZXRpY2E7DQoJcGFub3NlLTE6MCAwIDAgMCAwIDAgMCAwIDAg MDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJDYW1icmlhIE1hdGgiOw0KCXBhbm9zZS0x OjIgNCA1IDMgNSA0IDYgMyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDYWxpYnJp Ow0KCXBhbm9zZS0xOjIgMTUgNSAyIDIgMiA0IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1m YW1pbHk6VmVyZGFuYTsNCglwYW5vc2UtMToyIDExIDYgNCAzIDUgNCA0IDIgNDt9DQovKiBTdHls ZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1h bA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTEu MHB0Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmO30NCmE6bGluaywgc3Bhbi5N c29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOiMwNTYzQzE7DQoJ dGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQphOnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5r Rm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOiM5NTRGNzI7DQoJdGV4 dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwLm1zb25vcm1hbDAsIGxpLm1zb25vcm1hbDAsIGRp di5tc29ub3JtYWwwDQoJe21zby1zdHlsZS1uYW1lOm1zb25vcm1hbDsNCgltc28tbWFyZ2luLXRv cC1hbHQ6YXV0bzsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1zby1tYXJnaW4tYm90dG9tLWFsdDph dXRvOw0KCW1hcmdpbi1sZWZ0OjBpbjsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5 OiJDYWxpYnJpIixzYW5zLXNlcmlmO30NCnNwYW4uYXBwbGUtc3R5bGUtc3Bhbg0KCXttc28tc3R5 bGUtbmFtZTphcHBsZS1zdHlsZS1zcGFuO30NCnNwYW4uRW1haWxTdHlsZTE5DQoJe21zby1zdHls ZS10eXBlOnBlcnNvbmFsLXJlcGx5Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlm O30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZvbnQt c2l6ZToxMC4wcHQ7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJe3NpemU6OC41aW4gMTEuMGluOw0K CW1hcmdpbjoxLjBpbiAxLjBpbiAxLjBpbiAxLjBpbjt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3Bh Z2U6V29yZFNlY3Rpb24xO30NCi0tPjwvc3R5bGU+DQo8L2hlYWQ+DQo8Ym9keSBsYW5nPSJFTi1V UyIgbGluaz0iIzA1NjNDMSIgdmxpbms9IiM5NTRGNzIiPg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rp b24xIj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkJyZXQg4oCTIHRoYW5rcyBmb3Igc2VuZGluZyB0 aGlzIHN1bW1hcnkgb3V0LiA8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxv OnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+VG8gcmUtZW5mb3JjZSB5 b3VyIHBvaW50IGFib3V0IENBQ0FPLiBJdHMgbm90IGZvY3VzZWQgb24gdGhlIHRyYW5zcG9ydCBh dCBhbGwuIE91ciBpbnRlbnRpb24gaXMgdGhhdCB0aGUgdHJhbnNwb3J0IG9mIENBQ0FPIGNvbnRl bnQgY291bGQgYmUgY29udmV5ZWQgYnkgbXVsdGlwbGUgcHJvdG9jb2xzIHRoYXQgc2F0aXNmeSB0 aGUgcmVxdWlyZW1lbnRzIG9mIHNlY3VyaXR5IGRlZmluZWQgaW4gdGhlIGRyYWZ0LjxvOnA+PC9v OnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj5BcyB5b3Ugc3RhdGUgdGhlIGZvY3VzIGZvciBDQUNBTyBpcyBlbmFi bGluZyB0aGUgZGVmaW5pdGlvbiBvZiBhIHNldCBvZiBhY3Rpb25zL3Jlc3BvbnNlcyBmb3IgY3li ZXJzZWN1cml0eSByZXNwb25zZSB3aGVyZSBvbmUgb3IgbW9yZSBzeXN0ZW1zIG1heSB3b3JrIGlu IGEgY29vcmRpbmF0ZWQgbWFubmVyLiBUaGUgQ0FDQU8gcHJvamVjdCBhbmQgaXRzIGNvbnRlbnQg YXJlIHRoZSBwcmltYXJ5IGZvY3VzIG9mDQogdGhlIHdvcmsgKHJpZ2h0IG5vdykuIEV2ZW50dWFs bHkgd2Ugd2lsbCB3YW50IHRvIGRpc2N1c3MgdHJhbnNwb3J0IG1ldGhvZHMgYnV0IHRoYXQgaXMg YSBmdXR1cmUgc3RlcCBub3QgdGhlIGluaXRpYWwgb25lIChpbW8pLjxvOnA+PC9vOnA+PC9wPg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj5SZWdhcmRzPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpw PiZuYnNwOzwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkFsbGFuIFRob21zb248bzpw PjwvbzpwPjwvcD4NCjxkaXYgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci10b3A6c29saWQgI0I1 QzRERiAxLjBwdDtwYWRkaW5nOjMuMHB0IDBpbiAwaW4gMGluIj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5Gcm9tOiA8 L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5DYWNh byAmbHQ7Y2FjYW8tYm91bmNlc0BpZXRmLm9yZyZndDsgb24gYmVoYWxmIG9mIEJyZXQgSm9yZGFu ICZsdDtqb3JkYW4uaWV0ZkBnbWFpbC5jb20mZ3Q7PGJyPg0KPGI+RGF0ZTogPC9iPk1vbmRheSwg T2N0b2JlciAxLCAyMDE4IGF0IDEyOjAzIEFNPGJyPg0KPGI+VG86IDwvYj4mcXVvdDtjYWNhb0Bp ZXRmLm9yZyZxdW90OyAmbHQ7Y2FjYW9AaWV0Zi5vcmcmZ3Q7PGJyPg0KPGI+U3ViamVjdDogPC9i PltDYWNhb10gR0FQIEFuYWx5c2lzIHdpdGggUklEL1JPTElFPG86cD48L286cD48L3NwYW4+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48 L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5BbGwsPG86cD48L286cD48 L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpw PjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlRoaXMgd2Vla2VuZCBJ IHJlLXJlYWQgdGhlIFJJRCBhbmQgUk9MSUUgUkZDcywgZXZlbiB0aG91Z2ggcmVjZW50bHkgSSBo YWQgYmVjYW1lIHF1aXRlIGZhbWlsaWFyIHdpdGggYm90aCBvZiB0aGVtLiBZZXMsIHRoZSBhdXRo b3JzIG9mIHRoZXNlIGRvY3VtZW50cyBoYXZlIGRvbmUgYW4gYW1hemluZyBhbW91bnQgb2Ygd29y ay4gJm5ic3A7SG93ZXZlciwgdGhleSByZXByZXNlbnQgYSBkaWZmZXJlbnQgc2V0IG9mIHVzZQ0K IGNhc2VzIGFuZCBwcm9ibGVtcyBmcm9tIHdoYXQgd2UgYXJlIHRyeWluZyB0byBkbyBoZXJlLiZu YnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij5Gcm9tIGEgY29tcGFyaXNvbiAvIGdhcCBzdGFuZCBwb2ludCB3aXRoIHRoaXMgd29yaywgaXQg aXMgaW1wb3J0YW50IHRvIG5vdGUgdGhhdCBSSUQgYW5kIFJPTElFIGFyZSBhYm91dCBob3cgdG8g c2hhcmUgdGhlIGRhdGEgb25jZSBpdCBoYXMgYmVlbiBjcmVhdGVkLiBTaW1pbGFyIHRvIHRoZSB3 YXkgVEFYSUkgaXMgYWJvdXQgc2hhcmluZyBTVElYIGRhdGEgb25jZSBpdCBoYXMgYmVlbiBjcmVh dGVkLiBDQUNBTw0KIG9uIHRoZSBvdGhlciBoYW5kIGlzIHByaW1hcmlseSBhYm91dCBjcmVhdGlu ZyB0aGUgZGF0YSBpbiB0aGUgZmlyc3QgcGxhY2UuJm5ic3A7PG86cD48L286cD48L3A+DQo8L2Rp dj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwv ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkZyb20gYSBzaGFyaW5nIHN0YW5kcG9p bnQgd2l0aCBDQUNBTywgd2UgbWF5IGxvb2sgdG8gQU1RUCwgUmFiYml0TVEsIE1RVFQsIFplcm9N USwgTUFUUklYLCBUQVhJSSwgbmF0aXZlIEhUVFAgUkVTVCBldGMuIEhvd2V2ZXIsIHRoYXQgd29y ayBpcyBhIGxvbmcgd2F5cyBvZmYgYW5kIHJlcHJlc2VudHMgcHJvYmFibHkgb25seSAzLTUlIG9m IHRoZSBwcm9ibGVtIHNwYWNlIHdlIG5lZWQgdG8gYWRkcmVzcy4mbmJzcDs8bzpwPjwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+UklEIGFuZCBST0xJ RTo8L2I+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij5SSUQgaXMgYSBTT0FQIHR5cGUgaW50ZXJhY3Rpb24gdGhhdCB1c2VzIFhNTCBhbmQgaXMgdGll ZCBhdCBzb21lIGxldmVsIHRvIElPREVGLiBKdXN0IGxpa2UgVEFYSUkgY2FuIHRyYW5zbWl0IGNv bnRlbnQgb3RoZXIgdGhhbiBTVElYLCBJIGFtIHN1cmUgUklEIGNvdWxkIGJlIGNvbmZpZ3VyZWQg dG8gaW50ZXJhY3Qgd2l0aCBjb250ZW50IG90aGVyIHRoYW4gSU9ERUYuICZuYnNwO0hvd2V2ZXIs IG5lYXJseSBhbGwgb2YNCiB0aGUgZXhhbXBsZXMgYW5kIG5hbWVzcGFjZSByZXF1aXJlbWVudHMg Y2FsbCBvdXQgSU9ERUYgb3IgcmVxdWlyZSBJT0RFRiB0byBiZSBpbXBvcnRlZCBpbiB0byB0aGUg c2NoZW1hLiAoUGxlYXNlIGRvIG5vdCBmbGFtZSBtZSwgYnV0IHRoYXQgaXMgaG93IHRoZSBkb2N1 bWVudCByZWFkcykuICZuYnNwOyZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5ST0xJRSBpcyBhbiBYTUwgYmFzZWQgUkVTVGZ1bCBpbnRl cmZhY2UgdGhhdCB1c2VzIFhNUFAgc3luY2hyb25pemF0aW9uIG9mIGNvbnRlbnQgYnkgc2hhcmlu ZyBhIG1hbmlmZXN0IGxpa2UgcmVzb3VyY2Ugc28gdGhlIGNsaWVudCBjYW4gZ28gYmFjayBhbmQg Z2V0IHRoZSBhY3R1YWwgY29udGVudCBpdCB3YW50cy4gUk9MSUUgZG9lcyBub3QgcHVzaCBvciBz aGFyZSB0aGUgYWN0dWFsIGNvbnRlbnQsIGJ1dCByYXRoZXIsDQogZW5hYmxlcyB0aGUgY2xpZW50 cyB0byBrbm93IHdoYXQgY29udGVudCBpcyBhdmFpbGFibGUgYW5kIHRlbGxzIGl0IHdoZXJlIHRv IGdvIGFuZCBmaW5kIGl0LjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48Yj5TdW1tYXJ5PC9iPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+QXMgSSBzYWlkIGFib3ZlLCBib3RoIG9mIHRoZXNlIHdv cmsgcHJvZHVjdHMgcmVwcmVzZW50IGEgbG90IG9mIGdvb2Qgd29yayBieSB0aGUgYXV0aG9ycy4g QnV0IENBQ0FPIGlzIGFib3V0IHRoZSBvbnRvbG9neSBvciBsYW5ndWFnZSBmb3IgaG93IG9uZSBt aWdodCBkZXNjcmliZSBjb3Vyc2VzIG9mIGFjdGlvbiBhbmQgYWxsb3cgdGhlbSB0byBiZSBzaGFy ZWQgaW4gYSB3YXkgdGhhdCBhbGxvd3MgdGhlbSB0bw0KIGJlIGNvbGxhYm9yYXRpdmVseSB3b3Jr ZWQgb24uIEl0IGlzIG5vdCBhYm91dCBob3cgdG8gdHJhbnNtaXQgZGF0YS48bzpwPjwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+V2hlbiBpdCBjb21lcyB0 aW1lIHRvIHdvcmsgb24gdGhlIHByb3RvY29sIHNpZGUgb2YgdGhpcyB3b3JrLCBJIGFtIGd1ZXNz aW5nIHRoYXQgd2Ugd2lsbCBiZSBhYmxlIHRvIGVpdGhlciBqdXN0IHBpY2sgYSBwcmVmZXJyZWQg c2V0IG9mIHNvbHV0aW9ucyBhbmQgZGVmaW5lIHdoYXQgaXQgd2lsbCBtZWFuIHRvIHVzZSB0aGVt IG9yIGJvcnJvdyBhIGxvdCBvZiBpZGVhcyBmcm9tIG90aGVyIHdvcmsgdG8gY3JlYXRlDQogc29t ZXRoaW5nIHRoYXQgZWFzaWx5IHdvcmtzIGZvciB0aGlzIHVzZSBjYXNlLiAmbmJzcDs8bzpwPjwv bzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7 PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+TXkgZ29hbCBp cyB0byBnZXQgc29tZXRoaW5nIHdvcmtpbmcgYXMgcXVpY2tseSBhcyBwb3NzaWJsZSwgZ2V0IHZl bmRvciBhZG9wdGlvbiwgYW5kIHRoZW4gaXRlcmF0ZSBhbmQgYWRkIGZ1bmN0aW9uYWxpdHkgb3Zl ciB0aW1lLiBJZiBvdXIgaW5pdGlhbCBzcGVjIGlzIHRvbyBiaWcgYW5kIGNvbXBsaWNhdGVkLCBp dCB3aWxsIG5ldmVyIGdldCBpbXBsZW1lbnRlZC4gSSBvZnRlbiBzYXkgdGhhdCBpZiB0aGUgZmly c3QNCiB2ZXJzaW9uIG9mIEhUTUwgd291bGQgaGF2ZSBsb29rZWQgbGlrZSB0aGUgY3VycmVudCBI VE1MNSwgaXQgcHJvYmFibHkgd291bGQgaGF2ZSBuZXZlciBnYWluZWQgYnJvYWQgbWFya2V0IGFk b3B0aW9uLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxv OnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PHNwYW4gY2xhc3M9ImFwcGxlLXN0eWxlLXNwYW4iPjxzcGFuIHN0eWxlPSJmb250LXNp emU6MTAuNXB0O2ZvbnQtZmFtaWx5OkhlbHZldGljYTtjb2xvcjpibGFjayI+VGhhbmtzLDwvc3Bh bj48L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6SGVsdmV0 aWNhO2NvbG9yOmJsYWNrIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBjbGFzcz0iYXBwbGUtc3R5bGUtc3BhbiI+PHNwYW4g c3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6SGVsdmV0aWNhO2NvbG9yOmJsYWNr Ij5CcmV0PC9zcGFuPjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZh bWlseTpIZWx2ZXRpY2E7Y29sb3I6YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0iZm9udC1zaXplOjguNXB0O2ZvbnQtZmFtaWx5OiZxdW90O1ZlcmRhbmEm cXVvdDssc2Fucy1zZXJpZjtjb2xvcjojN0M3QzdDIj5QR1AgRmluZ2VycHJpbnQ6Jm5ic3A7NjNC NCBGQzUzIDY4MEEgNkI3RCAxNDQ3ICZuYnNwO0YyQzAgNzRGOCBBQ0FFIDc0MTUgMDA1MDwvc3Bh bj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTpIZWx2ZXRpY2E7Y29s b3I6YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OC4wcHQ7Zm9udC1mYW1pbHk6JnF1 b3Q7VmVyZGFuYSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM3QzdDN0MiPiZxdW90O1dpdGhvdXQg Y3J5cHRvZ3JhcGh5IHZpaHYgdml2YyBjZSB4aHJucncsIGhvd2V2ZXIsIHRoZSBvbmx5IHRoaW5n IHRoYXQgY2FuIG5vdCBiZSB1bnNjcmFtYmxlZCBpcyBhbiBlZ2cuJnF1b3Q7PC9zcGFuPjxzcGFu IHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OkhlbHZldGljYTtjb2xvcjpibGFj ayI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+ DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YnI+DQo8YnI+ DQo8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_A32B51C3BF5341A5BD03DAE751B5E8CAlookingglasscybercom_--