From nobody Thu Mar 5 06:36:37 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB8151A017F for ; Thu, 5 Mar 2015 06:36:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.779 X-Spam-Level: X-Spam-Status: No, score=0.779 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HTML_MESSAGE=0.001, SPF_NEUTRAL=0.779] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LkCoSjfFX3Pl for ; Thu, 5 Mar 2015 06:36:32 -0800 (PST) Received: from biz131.inmotionhosting.com (biz131.inmotionhosting.com [173.247.247.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D31021A0068 for ; Thu, 5 Mar 2015 06:33:21 -0800 (PST) Received: from cpe-76-183-208-111.tx.res.rr.com ([76.183.208.111]:57982 helo=Steves-MacBook-Air.local) by biz131.inmotionhosting.com with esmtpsa (UNKNOWN:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1YTWpz-0007T7-LF for dime@ietf.org; Thu, 05 Mar 2015 06:33:21 -0800 Message-ID: <54F8692F.6060403@usdonovans.com> Date: Thu, 05 Mar 2015 08:33:19 -0600 From: Steve Donovan User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: "dime@ietf.org" References: <54F681EB.2020003@gmail.com> In-Reply-To: <54F681EB.2020003@gmail.com> X-Forwarded-Message-Id: <54F681EB.2020003@gmail.com> Content-Type: multipart/alternative; boundary="------------000308010806030800070602" X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - biz131.inmotionhosting.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - usdonovans.com X-Get-Message-Sender-Via: biz131.inmotionhosting.com: authenticated_id: srd+usdonovans.com/only user confirmed/virtual account not confirmed Archived-At: Subject: [Dime] Fwd: Fwd: [IANA #810344] Early IANA allocations for draft-ietf-dime-ovli-08 X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Mar 2015 14:36:35 -0000 This is a multi-part message in MIME format. --------------000308010806030800070602 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit FYI -------- Forwarded Message -------- Subject: Fwd: [IANA #810344] Early IANA allocations for draft-ietf-dime-ovli-08 Date: Tue, 03 Mar 2015 19:54:19 -0800 From: Jouni Korhonen To: Jouni , Lionel.morand@orange.com , Ben Campbell , Steve Donovan FYI -------- Välitetty viesti / Fwd.Msg -------- Aihe: [IANA #810344] Early IANA allocations for draft-ietf-dime-ovli-08 Päiväys: Wed, 04 Mar 2015 02:39:36 +0000 Lähettäjä: Amanda Baber via RT Vastausosoite: iana-prot-param@iana.org Vastaanottaja: aland@deployingradius.com, bclaise@cisco.com, dime-chairs@tools.ietf.org, jouni.nospam@gmail.com, kathleen.moriarty.ietf@gmail.com Hi all, These early allocations are complete. If the document hasn't been approved for publication by that time, we'll contact you within roughly 60 days of their expiration date to ask whether you'd like to renew for one more year. A note about registry naming: because all the AVP Code sub-registries (save, I think, for one) use the "OC-Feature-Vector AVP Values (code 622)" and "OC-Report-Type AVP Values (code 626)" naming format, I've gone with that format here too. If you would prefer "Overload Control Feature Vector (code 622)" and "Overload Report Type (code 622)," or other titles, just let me know. If the new registry names are OK, please add them to the IANA Considerations section. IANA has registered the following AVP Codes: 621 OC-Supported-Features (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 622 OC-Feature-Vector (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 623 OC-OLR (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 624 OC-Sequence-Number (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 625 OC-Validity-Duration (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 626 OC-Report-Type (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 627 OC-Reduction-Percentage (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] IANA has created the following sub-registries under the heading "AVP Specific Values": OC-Feature-Vector AVP Values (code 622) (TEMPORARY - registered 2015-03-03, expires 2016-03-03) Registration Procedure(s): Specification Required Reference: [draft-ietf-dime-ovli] AVP Value Attribute Name Reference 0 Reserved [draft-ietf-dime-ovli] 0x0000000000000001 OLR_DEFAULT_ALGO (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 0x0000000000000002-0xFFFFFFFFFFFFFFFF Unassigned OC-Report-Type AVP Values (code 626) (TEMPORARY - registered 2015-03-03, expires 2016-03-03) Registration Procedure(s): Specification Required Reference: [draft-ietf-dime-ovli] AVP Value Attribute Name Reference 0 HOST_REPORT (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] 1 REALM_REPORT (TEMPORARY - registered 2015-03-03, expires 2016-03-03) [draft-ietf-dime-ovli] Please see http://www.iana.org/assignments/aaa-parameters We don't require confirmations for early allocation registrations, but if anything needs to be renamed (or fixed), please let us know. thanks, Amanda Baber IANA Request Specialist ICANN --------------000308010806030800070602 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit FYI


-------- Forwarded Message --------
Subject: Fwd: [IANA #810344] Early IANA allocations for draft-ietf-dime-ovli-08
Date: Tue, 03 Mar 2015 19:54:19 -0800
From: Jouni Korhonen <jouni.nospam@gmail.com>
To: Jouni <jouni.nospam@gmail.com>, Lionel.morand@orange.com <Lionel.morand@orange.com>, Ben Campbell <ben@nostrum.com>, Steve Donovan <srdonovan@usdonovans.com>


FYI


-------- Välitetty viesti / Fwd.Msg --------
Aihe: [IANA #810344] Early IANA allocations for draft-ietf-dime-ovli-08
Päiväys: Wed, 04 Mar 2015 02:39:36 +0000
Lähettäjä: Amanda Baber via RT <iana-prot-param@iana.org>
Vastausosoite: iana-prot-param@iana.org
Vastaanottaja: aland@deployingradius.com, bclaise@cisco.com, 
dime-chairs@tools.ietf.org, jouni.nospam@gmail.com, 
kathleen.moriarty.ietf@gmail.com

Hi all,

These early allocations are complete. If the document hasn't been 
approved for publication by that time, we'll contact you within roughly 
60 days of their expiration date to ask whether you'd like to renew for 
one more year.

A note about registry naming: because all the AVP Code sub-registries 
(save, I think, for one) use the "OC-Feature-Vector AVP Values (code 
622)" and "OC-Report-Type AVP Values (code 626)" naming format, I've 
gone with that format here too. If you would prefer "Overload Control 
Feature Vector (code 622)" and "Overload Report Type (code 622)," or 
other titles, just let me know. If the new registry names are OK, please 
add them to the IANA Considerations section.

IANA has registered the following AVP Codes:

621	OC-Supported-Features (TEMPORARY - registered 2015-03-03, expires 
2016-03-03)	[draft-ietf-dime-ovli]
622	OC-Feature-Vector (TEMPORARY - registered 2015-03-03, expires 
2016-03-03)	[draft-ietf-dime-ovli]
623	OC-OLR (TEMPORARY - registered 2015-03-03, expires 2016-03-03) 
[draft-ietf-dime-ovli]
624	OC-Sequence-Number (TEMPORARY - registered 2015-03-03, expires 
2016-03-03)	[draft-ietf-dime-ovli]
625	OC-Validity-Duration (TEMPORARY - registered 2015-03-03, expires 
2016-03-03)	[draft-ietf-dime-ovli]
626	OC-Report-Type (TEMPORARY - registered 2015-03-03, expires 
2016-03-03)	[draft-ietf-dime-ovli]
627	OC-Reduction-Percentage (TEMPORARY - registered 2015-03-03, 
expires 2016-03-03)	[draft-ietf-dime-ovli]

IANA has created the following sub-registries under the heading "AVP 
Specific Values":

OC-Feature-Vector AVP Values (code 622) (TEMPORARY - registered 
2015-03-03, expires 2016-03-03)
Registration Procedure(s): Specification Required
Reference: [draft-ietf-dime-ovli]

AVP Value 	Attribute Name 	Reference
0	Reserved	[draft-ietf-dime-ovli]
0x0000000000000001	OLR_DEFAULT_ALGO (TEMPORARY - registered 2015-03-03, 
expires 2016-03-03)	[draft-ietf-dime-ovli]
0x0000000000000002-0xFFFFFFFFFFFFFFFF	Unassigned	

OC-Report-Type AVP Values (code 626) (TEMPORARY - registered 2015-03-03, 
expires 2016-03-03)
Registration Procedure(s): Specification Required
Reference: [draft-ietf-dime-ovli]

AVP Value 	Attribute Name 	Reference
0	HOST_REPORT (TEMPORARY - registered 2015-03-03, expires 2016-03-03) 
[draft-ietf-dime-ovli]
1	REALM_REPORT (TEMPORARY - registered 2015-03-03, expires 2016-03-03) 
[draft-ietf-dime-ovli]

Please see
http://www.iana.org/assignments/aaa-parameters

We don't require confirmations for early allocation registrations, but 
if anything needs to be renamed (or fixed), please let us know.

thanks,

Amanda Baber
IANA Request Specialist
ICANN





--------------000308010806030800070602-- From nobody Fri Mar 6 08:46:57 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F57D1A0233; Fri, 6 Mar 2015 08:46:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eiyowlw5lVUZ; Fri, 6 Mar 2015 08:46:54 -0800 (PST) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E9CA21A0107; Fri, 6 Mar 2015 08:46:53 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 5.12.0.p2 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20150306164653.31078.49083.idtracker@ietfa.amsl.com> Date: Fri, 06 Mar 2015 08:46:53 -0800 Archived-At: Cc: dime@ietf.org Subject: [Dime] I-D Action: draft-ietf-dime-agent-overload-01.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Mar 2015 16:46:56 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Diameter Maintenance and Extensions Working Group of the IETF. Title : Diameter Agent Overload Author : Steve Donovan Filename : draft-ietf-dime-agent-overload-01.txt Pages : 19 Date : 2015-03-06 Abstract: This specification documents an extension to the Diameter Overload Indication Conveyance (DOIC) base solution. The extension addresses the handling of occurrences of overload of a Diameter agent, or more generally, a Diameter peer. Requirements The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-dime-agent-overload/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-ietf-dime-agent-overload-01 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-agent-overload-01 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Fri Mar 6 08:48:19 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 250361ACEF9; Fri, 6 Mar 2015 08:48:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2S-T3hMp2s31; Fri, 6 Mar 2015 08:48:15 -0800 (PST) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id EE1B31A0275; Fri, 6 Mar 2015 08:48:14 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 5.12.0.p2 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20150306164814.31078.63200.idtracker@ietfa.amsl.com> Date: Fri, 06 Mar 2015 08:48:14 -0800 Archived-At: Cc: dime@ietf.org Subject: [Dime] I-D Action: draft-ietf-dime-doic-rate-control-01.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Mar 2015 16:48:16 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Diameter Maintenance and Extensions Working Group of the IETF. Title : Diameter Overload Rate Control Authors : Steve Donovan Eric Noel Filename : draft-ietf-dime-doic-rate-control-01.txt Pages : 19 Date : 2015-03-06 Abstract: This specification documents an extension to the Diameter Overload Indication Conveyance (DOIC) base solution. This extension adds a new overload control abatement algorithm. This abatement algorithm allows for a DOIC reporting node to specify a maximum rate at which a DOIC reacting node sends Diameter requests to the DOIC reporting node. Requirements The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-dime-doic-rate-control/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-ietf-dime-doic-rate-control-01 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-doic-rate-control-01 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Fri Mar 6 08:53:07 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B118F1A07BD for ; Fri, 6 Mar 2015 08:53:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.12 X-Spam-Level: X-Spam-Status: No, score=-1.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_NEUTRAL=0.779] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yJ8QoT2Mr2lK for ; Fri, 6 Mar 2015 08:53:04 -0800 (PST) Received: from biz131.inmotionhosting.com (biz131.inmotionhosting.com [173.247.247.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A01E1A0275 for ; Fri, 6 Mar 2015 08:53:04 -0800 (PST) Received: from cpe-76-183-208-111.tx.res.rr.com ([76.183.208.111]:57641 helo=Steves-MacBook-Air.local) by biz131.inmotionhosting.com with esmtpsa (UNKNOWN:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1YTvUg-000CBh-Ix for dime@ietf.org; Fri, 06 Mar 2015 08:53:03 -0800 Message-ID: <54F9DB6A.7080207@usdonovans.com> Date: Fri, 06 Mar 2015 10:52:58 -0600 From: Steve Donovan User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: "dime@ietf.org" References: <20150306164736.31078.67435.idtracker@ietfa.amsl.com> In-Reply-To: <20150306164736.31078.67435.idtracker@ietfa.amsl.com> X-Forwarded-Message-Id: <20150306164736.31078.67435.idtracker@ietfa.amsl.com> Content-Type: multipart/alternative; boundary="------------040202000504090409060909" X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - biz131.inmotionhosting.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - usdonovans.com X-Get-Message-Sender-Via: biz131.inmotionhosting.com: authenticated_id: srd+usdonovans.com/only user confirmed/virtual account not confirmed Archived-At: Subject: [Dime] Fwd: New Version Notification for draft-donovan-dime-drmp-00.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Mar 2015 16:53:05 -0000 This is a multi-part message in MIME format. --------------040202000504090409060909 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit All, I have submitted a draft proposing work on defining Diameter routing message priority. The primary use case for the draft is to give the ability to mark different requests with different priorities, giving Diameter nodes making DOIC throttling decisions additional information on which requests should be throttled first. The draft outlines a number of considerations on the design of the mechanism, should the working group decide to take on the work. I will be requesting adding this as a DIME working group milestone at the Dallas IETF meeting. Regards, Steve -------- Forwarded Message -------- Subject: New Version Notification for draft-donovan-dime-drmp-00.txt Date: Fri, 06 Mar 2015 08:47:36 -0800 From: internet-drafts@ietf.org To: Steve Donovan , Steve Donovan A new version of I-D, draft-donovan-dime-drmp-00.txt has been successfully submitted by Steve Donovan and posted to the IETF repository. Name: draft-donovan-dime-drmp Revision: 00 Title: Diameter Routing Message Priority Document date: 2015-03-06 Group: Individual Submission Pages: 11 URL: http://www.ietf.org/internet-drafts/draft-donovan-dime-drmp-00.txt Status: https://datatracker.ietf.org/doc/draft-donovan-dime-drmp/ Htmlized: http://tools.ietf.org/html/draft-donovan-dime-drmp-00 Abstract: When making routing and resource allocation decisions, Diameter nodes currently have no generic mechanism to determine the relative priority of Diameter requests. This document defines a mechanism to allow Diameter endpoints to indicate the relative priority of Diameter requests/transactions/messages. With this information Diameter nodes can factor the relative priority of requests/transactions/messages into routing, resource allocation and overload abatement decisions. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat --------------040202000504090409060909 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit All,

I have submitted a draft proposing work on defining Diameter routing message priority.  The primary use case for the draft is to give the ability to mark different requests with different priorities, giving Diameter nodes making DOIC throttling decisions additional information on which requests should be throttled first.

The draft outlines a number of considerations on the design of the mechanism, should the working group decide to take on the work.

I will be requesting adding this as a DIME working group milestone at the Dallas IETF meeting.

Regards,

Steve


-------- Forwarded Message --------
Subject: New Version Notification for draft-donovan-dime-drmp-00.txt
Date: Fri, 06 Mar 2015 08:47:36 -0800
From: internet-drafts@ietf.org
To: Steve Donovan <srdonovan@usdonovans.com>, Steve Donovan <srdonovan@usdonovans.com>


A new version of I-D, draft-donovan-dime-drmp-00.txt
has been successfully submitted by Steve Donovan and posted to the
IETF repository.

Name:		draft-donovan-dime-drmp
Revision:	00
Title:		Diameter Routing Message Priority
Document date:	2015-03-06
Group:		Individual Submission
Pages:		11
URL:            http://www.ietf.org/internet-drafts/draft-donovan-dime-drmp-00.txt
Status:         https://datatracker.ietf.org/doc/draft-donovan-dime-drmp/
Htmlized:       http://tools.ietf.org/html/draft-donovan-dime-drmp-00


Abstract:
   When making routing and resource allocation decisions, Diameter nodes
   currently have no generic mechanism to determine the relative
   priority of Diameter requests.  This document defines a mechanism to
   allow Diameter endpoints to indicate the relative priority of
   Diameter requests/transactions/messages.  With this information
   Diameter nodes can factor the relative priority of
   requests/transactions/messages into routing, resource allocation and
   overload abatement decisions.

                                                                                  


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat




--------------040202000504090409060909-- From nobody Mon Mar 9 07:12:33 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D37E1A88A0 for ; Mon, 9 Mar 2015 07:12:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.12 X-Spam-Level: X-Spam-Status: No, score=-1.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_NEUTRAL=0.779] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9_TZi8h3KPTm for ; Mon, 9 Mar 2015 07:12:21 -0700 (PDT) Received: from biz131.inmotionhosting.com (biz131.inmotionhosting.com [173.247.247.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5968C1A88B3 for ; Mon, 9 Mar 2015 07:12:21 -0700 (PDT) Received: from cpe-76-183-208-111.tx.res.rr.com ([76.183.208.111]:52726 helo=Steves-MacBook-Air.local) by biz131.inmotionhosting.com with esmtpsa (UNKNOWN:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1YUyPj-0008dF-Gh for dime@ietf.org; Mon, 09 Mar 2015 07:12:19 -0700 Message-ID: <54FDAA3B.70405@usdonovans.com> Date: Mon, 09 Mar 2015 09:12:11 -0500 From: Steve Donovan User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: "dime@ietf.org" References: <20150309140529.2625.22564.idtracker@ietfa.amsl.com> In-Reply-To: <20150309140529.2625.22564.idtracker@ietfa.amsl.com> X-Forwarded-Message-Id: <20150309140529.2625.22564.idtracker@ietfa.amsl.com> Content-Type: multipart/alternative; boundary="------------050706000907070709030505" X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - biz131.inmotionhosting.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - usdonovans.com X-Get-Message-Sender-Via: biz131.inmotionhosting.com: authenticated_id: srd+usdonovans.com/only user confirmed/virtual account not confirmed Archived-At: Subject: [Dime] Fwd: New Version Notification for draft-campbell-dime-load-considerations-01.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Mar 2015 14:12:25 -0000 This is a multi-part message in MIME format. --------------050706000907070709030505 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit All, FYI on an updated version of the Diameter load considerations draft. Regards, Steve -------- Forwarded Message -------- Subject: New Version Notification for draft-campbell-dime-load-considerations-01.txt Date: Mon, 09 Mar 2015 07:05:29 -0700 From: internet-drafts@ietf.org To: Jean-Jacques Trottin , Ben Campbell , Jean-Jacques Trottin , Steve Donovan , Steve Donovan , Ben Campbell A new version of I-D, draft-campbell-dime-load-considerations-01.txt has been successfully submitted by Steve Donovan and posted to the IETF repository. Name: draft-campbell-dime-load-considerations Revision: 01 Title: Architectural Considerations for Diameter Load Information Document date: 2015-03-06 Group: Individual Submission Pages: 17 URL: http://www.ietf.org/internet-drafts/draft-campbell-dime-load-considerations-01.txt Status: https://datatracker.ietf.org/doc/draft-campbell-dime-load-considerations/ Htmlized: http://tools.ietf.org/html/draft-campbell-dime-load-considerations-01 Diff: http://www.ietf.org/rfcdiff?url2=draft-campbell-dime-load-considerations-01 Abstract: RFC 7068 describes requirements for Overload Control in Diameter. This includes a requirement to allow Diameter nodes to send "load" information, even when the node is not overloaded. The Diameter Overload Information Conveyance (DOIC) solution describes a mechanism meeting most of the requirements, but does not currently include the ability to send load information. This document explores some architectural considerations for a mechanism to send Diameter load information. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat --------------050706000907070709030505 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit All,

FYI on an updated version of the Diameter load considerations draft.

Regards,

Steve

-------- Forwarded Message --------
Subject: New Version Notification for draft-campbell-dime-load-considerations-01.txt
Date: Mon, 09 Mar 2015 07:05:29 -0700
From: internet-drafts@ietf.org
To: Jean-Jacques Trottin <jean-jacques.trottin@alcatel-lucent.com>, Ben Campbell <ben@nostrum.com>, Jean-Jacques Trottin <jean-jacques.trottin@alcatel-lucent.com>, Steve Donovan <srdonovan@usdonovans.com>, Steve Donovan <srdonovan@usdonovans.com>, Ben Campbell <ben@nostrum.com>


A new version of I-D, draft-campbell-dime-load-considerations-01.txt
has been successfully submitted by Steve Donovan and posted to the
IETF repository.

Name:		draft-campbell-dime-load-considerations
Revision:	01
Title:		Architectural Considerations for Diameter Load Information
Document date:	2015-03-06
Group:		Individual Submission
Pages:		17
URL:            http://www.ietf.org/internet-drafts/draft-campbell-dime-load-considerations-01.txt
Status:         https://datatracker.ietf.org/doc/draft-campbell-dime-load-considerations/
Htmlized:       http://tools.ietf.org/html/draft-campbell-dime-load-considerations-01
Diff:           http://www.ietf.org/rfcdiff?url2=draft-campbell-dime-load-considerations-01

Abstract:
   RFC 7068 describes requirements for Overload Control in Diameter.
   This includes a requirement to allow Diameter nodes to send "load"
   information, even when the node is not overloaded.  The Diameter
   Overload Information Conveyance (DOIC) solution describes a mechanism
   meeting most of the requirements, but does not currently include the
   ability to send load information.  This document explores some
   architectural considerations for a mechanism to send Diameter load
   information.

                                                                                  


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat




--------------050706000907070709030505-- From john.basha@ericsson.com Thu Mar 12 01:20:42 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A83E51A8AE5 for ; Thu, 12 Mar 2015 01:20:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.71 X-Spam-Level: X-Spam-Status: No, score=-0.71 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DC_IMAGE_SPAM_HTML=0.81, DC_IMAGE_SPAM_TEXT=0.242, DC_PNG_UNO_LARGO=0.001, HTML_IMAGE_RATIO_02=0.437, HTML_MESSAGE=0.001, J_CHICKENPOX_36=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 68AY95zQbIPv for ; Thu, 12 Mar 2015 01:20:33 -0700 (PDT) Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12D071A8ADD for ; Thu, 12 Mar 2015 01:20:31 -0700 (PDT) X-AuditID: c1b4fb30-f79c86d000000fc0-e5-55014c4e2d61 Received: from ESESSHC012.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 0F.94.04032.E4C41055; Thu, 12 Mar 2015 09:20:30 +0100 (CET) Received: from ESESSMB203.ericsson.se ([169.254.3.218]) by ESESSHC012.ericsson.se ([153.88.183.54]) with mapi id 14.03.0210.002; Thu, 12 Mar 2015 09:20:29 +0100 From: John Basha To: "dime@ietf.org" Thread-Topic: Abort-Session-Request Flow Thread-Index: AdBcnM51WHdI0PEdSByaWLRwtTy29Q== Date: Thu, 12 Mar 2015 08:20:28 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [153.88.183.20] Content-Type: multipart/related; boundary="_004_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_"; type="multipart/alternative" MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrMIsWRmVeSWpSXmKPExsUyM+Jvja6fD2OowaTJohZze1ewOTB6LFny kymAMYrLJiU1J7MstUjfLoErY+q1f6wF194wVXQsO8PcwHj4PlMXIyeHhICJxMaLP1kgbDGJ C/fWs3UxcnEICRxhlDjw9C0rhLOEUeL2xRdsIFVsAloSvZ9OsHcxcnCICChLnP7lABIWBjLv nP7ICGKLCGhIHF57jBnC1pN41X8HbAGLgKrEr9t3WUFsXgFfiZP/z4PVMAIt/n5qDdhBzALi EreezIc6TkTi4cXTbBC2qMTLx/9YIWxFiavTlzOB3MYs0M0oMf/IPxaIoYISJ2c+YZnAKDQL yaxZyOpmIamDKMqX+HO5ixHC1pFYsPsTG4StLbFs4WtmGPvMgcdMmOI6Er+/dUHVK0rcvjqV FWLZMkaJr3fmAA3lACua/LAApmZK90P2BYy8qxhFi1OLk3LTjYz0Uosyk4uL8/P08lJLNjEC Y/Xglt8GOxhfPnc8xCjAwajEw2vAyBgqxJpYVlyZe4hRmoNFSZzXzvhQiJBAemJJanZqakFq UXxRaU5q8SFGJg5OqQZG/hmPt8fvPiUvPUX4169Uxe/3g62vRb35wdD0fdqCrgrd84EO/8OU DvnmKD+wOpkbyHfQ6bdvjuE0afl41ot7JuuoqviJreJtu/s3xbSkQGXm9eVftL58OeCx5U73 ors9Cnfm20g72Yjr/pf7YrR8v+a6BQ12wZYPGTP5V50LTku6EaysuGKzEktxRqKhFnNRcSIA 2PmeK7YCAAA= Archived-At: Subject: [Dime] Abort-Session-Request Flow X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Mar 2015 08:22:30 -0000 --_004_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_ Content-Type: multipart/alternative; boundary="_000_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_" --_000_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Dear Gents, I would like to know the behavior of GGSN when it receives ASR(Abort-Sessio= n-Request) from OCS(Online Charging System). As I have gone through the RFC 3588, it was not explicitly stated that GGSN= should report the usage of existing services(classified based on Rating-Gr= oup/Service-Identifier). Could some explain here what is the expected behavior from GGSN? Will GGSN come back to OCS with CCR-T with USU for all the existing service= s? Please shed some lights on this topic. Can the below behavior be expected from GGSN? [cid:image003.png@01D05C1D.43E6F1C0] Appreciate your response on this topic. Regards, Basha S --_000_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Dear Gents,

 

I would like to know the behavior of GGSN when it re= ceives ASR(Abort-Session-Request) from OCS(Online Charging System).

 

As I have gone through the RFC 3588, it was not expl= icitly stated that GGSN should report the usage of existing services(classi= fied based on Rating-Group/Service-Identifier).

 

Could some explain here what is the expected behavio= r from GGSN?

 

Will GGSN come back to OCS with CCR-T with USU for a= ll the existing services? Please shed some lights on this topic.=

 

Can the below behavior be expected from GGSN?

 

3D"cid:image003.png@01D=

 

Appreciate your response on this topic.

 

Regards,

Basha S

--_000_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_-- --_004_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_ Content-Type: image/png; name="image001.png" Content-Description: image001.png Content-Disposition: inline; filename="image001.png"; size=30139; creation-date="Thu, 12 Mar 2015 08:20:28 GMT"; modification-date="Thu, 12 Mar 2015 08:20:28 GMT" Content-ID: Content-Transfer-Encoding: base64 iVBORw0KGgoAAAANSUhEUgAAAp4AAAHmCAIAAABVjRn1AAAAAXNSR0IArs4c6QAAdXVJREFUeF7t vX18U1Wex38bZhGdUlmEHRJw7Q87Dc5SBFo7O9odQwsJyiD82gEcoS22IzgLDMpCs+XBdQYs9mHq D8FHbKUtOBZIXgVGpYHWMFuYpSaIlhWS7fqqY0mYFRn6MArMNP2d+5Dk5vmhN+lN+rn/KM053/M9 7+/J/Zx7zvfcJAwODlK4QAAEQAAEQAAE4oWAJF46gn6AAAiAAAiAAAjQBCDtGAcgAAIgAAIgEFcE IO1xFU50BgRAAARAAAQg7RgDIAACIAACIBBXBCDtcRVOdAYEQAAEQAAEIO0YAyAAAiAAAiAQVwQg 7XEVTnQGBEAABEAABCDtGAMgAAIgAAIgEFcEIO1xFU50BgRAAARAAAQg7RgDIAACIAACIBBXBCDt Ygpnv7lV+05VYYaq9pJNTH5FzBdbv/GlOQmyOVXt/RFrIwjDvebWI4erCmWyza29IwN8EFAo6pbV +L62Vj1HMCx2zqpasxfM/j8NymMUAgEQYAkELe1WbWFC4Culyvg3YrX/Qm1hWkJCWmHthWG9ZfuL ss1qPEJuW2yfZIVVWqM1mLs6UV9aBEKsxXPEZq5Veb1X2i7V5ily8pZvqrcM0+i0kc7VqlVcmOeo a48QJldbX2r0diMW0Me7/nH8HQKac5rqbVWzkfJ5yVS1H1+q/bk8Z/GSTfXWiDjhxSg9Bjxckqlb e6PlQBDt2Hpbn0/PWJBXXKEPonQQRW6Y/XH2/2kQ5v0UYYY1901PUKlrf2e03uht3VtnvjE0u6gN AiImQH4eJuhroM9QrbD35d5Kw18dNftMLTUl5CP2j381VN7LFnMpFHQ7ES840HdxX4HULSpSReXZ Pr9ND1h0pQpSbUGl4c+Dg382VC4gJqQF+y72DQTt8lctJemkkrLmorc635pqlvj+NOhGvBcc6Pnw 2Ic9vly9aWl5XkFNL6huszBFBiwGTSUDSVljCr5/Q/QxAtXtUUsvafnKxXzfRU3JAi4QPS0lpKvS 0haffAT3zPFtUpZoLvofeIK3HazBgYs1SqmQWFjOPkbUgKlGKfR4Y6MvLdhz1nLTdVgvqTF9GywH lAOBWCMQ9FM7rYOSxPt/vIATbVddTEzNLtp5zFA9jfnzd+TzNxdMp4hObJ4v/4745jW9fzj4waQt Zkav6Ps7fT+hKKu+uqnd33rsVf3/V7pTb6WkM2Z/P4mixqWv2kDuU9b60l+8bghyccJ2+fcHGoyk LV3jmU4viwSjJyWnuE85BOJns7a8uLPd58JE//kD298wleza/exDUmZQSKTpuRv3fqRZEyF/BOpW YDMS6ay5mTIv5RKn5W7ZOH9UYAuRKSFJ/P79mfR8Il01NzUxMm3EllXJpOSZAo+26x8f2LXTtHL/ 7l9kSkc7hvXbH2mKBG4otkjD2/gnEJK0+8LR/4nR/Dci/LMeWTaRMZg4vaiuY3Cwo65ouhjvWUkP FT2rSk1kXZ2W+8zqgmAC3ftpM63KFHXH+DvvYOvK5GnkDmHVb6o6GNTi3o3OZt2EPU2V5NFfpz36 8fVgmhWkjM16ete/b9jZQe+WeL1slgsnyKzF/Ro9efHaHf/PsKmfIH33ZyRJ8WzhNEG+AxF3FQ2E QcB25ZMT5zzrSSY/qt7BPobgAoH4JCDEbc3W/emFv9B4JFNmTL/Nqn3auY3I7b2Tz0hKjraK3oD3 uAprtVX2jTDyYaHWSn2pLUxxlONsuGz2P621/s1mba+jN4bTirVfcA+jzk01GdkpbjUHs3dp67d8 8Ufae2Xp/jWKJJ9A/vY/5zRu2ieZkDyTfRz83NQdxHN775kabWbxYtVj+VkU9V71wXO+/SPb3s0c LpIHcMLsap0kHDXaYaYxaQK3uOFJZxAcJvvlZOP2OscnRfVvz6xIz9pQf4Gy7sy5cxTJLPCVpmdt qKtpd005kCRnPTKJP/ZJCySQ9mSDl044IROftSTnitifo24wWi/rtf9l72CvWbuZibFKXdduvf5f Wv1V2iaXNpjmus1M7Oh95DPwE7tuOEaUrPCVdgcBAb+nPvIqXHbKmbQJ173zpbX0PI/sVW/mNvqH mIbGJ07yV+zh5jWaoW5leDpzC7gQ08NBu1c95yFSwGlGVviSW5T5u9HMN8djNDu/vx60+V9t4l6z uZ+/NkQ+bWBGBUloeaXdEtz2dr/5BDfGnAbdEhTsYyYIztZjdTV/cB3WY1KyHrrL97B2fON4AC87 OuJyC7MH10s4XL8q/mzK1mov27/CAg5gmBrJBELbQXDuoju30ckO2WL+vvvgXy2a1RxSbq/9Zje3 rsvsUg90aYrIcj1FKaoN3C41u8fMXAUaC+0TuydNX879enajjr5Wa0z//aHhvI4tw1Rx2QjvO0s/ GUvXaLqZDTZfl3M/+d4CzR/9o+A2Aklzzh3ZPkOlgvHH19453ySBULJa00W2AThTXnZ2B3paSonf ioKSSnb/ldsv4OcB0Hv89r3DgT6TpoTuaVHNxR4+NOmGGt2Hph56o/FeOocg4KapIyhkG6XyuMlH 9gANWVlUfZZsxzua5iAPdGuKlKUaE3GDxKKtumC6tKSF/scg6fh6sp/M2LxpObunQMpse7Musfi4 knRVOp9DWsA04ej+9IKajr5BFg5boWDnmzX1BsYNJm1CWqTp9pkQwI4l1732AVNTEy+FwHOvnR5C 6fbMgx6TppRE2pFXwQ02fgQ5gC6tkEAv8JOKEdQGP5PSoXi+hd4qZvMheJ1lxzm/a5wbzIB0fl+m F+x8raaeYdrXUUM2y3hfDaYvC7j9fq769CJmoHIx8qTtjBftkpLbybZTcsaC+eJzg5MeMKUbip7w vdc+yDpMj/4mZrRwBh03Ch9pE8zAcN5M3L503I4SGVM6ZnB6uQa6W0qXcLHmvnEMASfA9A01731o +orhv6Dy7H+frfaWhkKXZxNxCLoQbbK1cIGAQASo0Oy4Szt3f3fLlnNLo6Nv+uwtmUufcdyjHYrI mw1w0u5QTZ60O+1ymUeMZeZL6FAm1+o8zfDoKK8vjHOsfvi+uNsoKelIwAlF2omSLdhmz9JixcZ+ A3W2yUm7S5Id1zW2UVb5XKYsHF57ahI3b3C70wWUdrses9JJQlVS0+Iu8LQnCu6mz9y9WK1lIDOT M156FPFqNUlK4+ThXl6PyO2+tJTLaONbYCgwgsprgjTCTgTtzLmO8AgE7pqntPdcrFm9gJ/J6K6y zPzJZbrATk8dI5b1nC/kHn2hmax2z93jj69gpJ0p4xzG7p317JpbJib7T/5IY/9i95zGm85LIGW/ 0fZ4BaJNj717+aPRxR9mKNqljjdgfCZmekmyc8POTovdMl5Jowt8ch6wcDLMTAkV9LB2E3i6iXv5 sXaJC8fTPcfWWz4g7Rv3FQjLZmj3YpQGAX8Ewl+Q/99NGX+XMGqsPK/Cyx6tXSDo/9r6TYYP2KXs SePG0g1K7riTPe1k/d9rfwnmxBnfHPP/tybeM4Xs4ksm59ZYOmpy76E6W96ovUA+uDftnol0gTGy qXK6gYaTBl+Zcd9J32i2GJrepJ966etCffHP1jvW9j2apBJnLt+2WkH//dDWFxovkVVHW/cnJ0xM QdnM5Al+Udr6P9adzn3CvuA/PkNFnlgv1L7R4i2ZzrVtyd1zly+UUm2NbV026lr7wQP6tNnT2Zwg 5pJM/vHy/HRK92oNu8rNXNLM+7/PJhMEfUmkDz37ts6wjz7pQFG6iuIceeqT/L0AGw154kPTv2e3 K0mckpLGh6xr3Ke/zAaUePV4huNI2ze6hkY9t2Y+evLcxzK8u2brbW+q1k/lNUEMsd0/tLXmDG// ImncWHt+JrstYu3suuJ/SdNYkTPRvpR6533FR//qh0zvuYPV59Ie+gGbUchcxO3cfKlVt7VeT48o SVLG3HypsaH5U7ddFeeQs3W1af9BlTE+6Ah4KyhJnCi/N00uG1rOym0Txn3X3hU2VdNyvusq6QYT Uypz9lS7fUliam75h53NRfwUBF+0Se7Iu7X38kdj4hT5VIpisVzV17yqU+Y+NmucvWMstJB42LHb 004lKTmri+5yyXglSTCaGT45S6SZz+41GuqZr7lVTw/rh1x2DWyfN79x/F5+rNkcGquu2XDN7quM h4j5W9KDxTuWuGbM3Ohsa5+pfiyVgA7PZkhgUBgE/BII7e7PN8U8qd+0cN+Z8DBL7x3vuOOEZEE+ VTaGV+Fvf7rQrmP+zUw4yPV3srw36H/7v+OTLPBFT5W3fNRSyibJXyAnuf/k05HR0uzSd+gTYdOt 9SvvG3t/YUXjqQ52zjJVTs80/FzX2jVXFqimOkQxKXPxBjqZ7nhbZ3C7j5S1w2Tpd6TyuTTF3k+5 m3VIHN0LEyCF5S2OY2/W+k1KxcLNJ5h9Slt/d2cHdahYfrtjr3GUvJjGTkOWpKgeL5LqduZMmVJY dZjerJ2gyP1ncpCAkkxVrc6V6p/PkaUXVjXSCRBJ/5yrmODNz2uGZp1HLp99AnG+60pY00B7Qy5P 2H2Gf5/ik5St13CywTOnkLvj2+cQSTNU+elWh1e2L08eHNiwc7FjyNk6z2j/SZHhO3sjqEglZm7k hJZsWv+utnR9MSEUeB4TlG2KImp0nP3ihHX1d5s+p3TFcpK/wV23y4sP0SOCYPmzPe00LNPulTo6 u9ktfHaqZ91Xfph92wIJlv6/Nxf4yZIh0zJpen55i9F+mvNC/ab58oXbW9m5Zr/F1PG/uuL7nJ0Y dR8NOcAXiuzWz1fyM2b4M7kwbQpCCkZAgPmiDA0D/Z3Z+cYO8ujm+5IkyjMeYafqV673MSLxTc+1 b+h/z553/6QheuDeLrcg71ipOFiUyp8EeHNTMjl783ZmzzLgRfqbu5FO/idXx9u5d19hBEBa9Lgq xV8rNvPR8p0786bc5kzAGfvDTfRqh9vDaAAHBq50nffyXhX2OYzR/oA9CKIAc+ytrttydh99LNCq 37lhaxNJVLx1pavT6tyM4K8F0ZAlkxfv0tMb/2Q+sCRHPnbOZi2XYTd6cm6Znt6rJrfUx3Pk0+ao ta6ZVnafbFe7znt5XQ93Jspxcw+iC4GKkNMc8x+7y9fQY3vqcXFZk46USWbpxT45s3XqdZlPPpO7 UMmtr9DPcP+kmkFPboZ6kaxJ8sqVHzxx8P+Sn/yVI0FhqFaHXp+Nl9dD6s1FKV95HatDb1XCTIsp XcMHH9NiT6aD/5eblRz4NmIf1ty6lP75FVt/R5aYbPR3ymuujMV16cLdc0nqY+qSdPsija1X/06j 4ieZzEwubJtDpwMLIMASCPyNCEhKkvJgLnvmzcclmfyTHfvp9B9u/Yo83xw4ZqX3tl98On1cQPuh FeBmD6FVohJ/MGcBvYDPXC75+ZwY03n7bhez3kj/bcGGf82e7A/A9Y+PmpZ5vB+D3RT3t2Xg0qCU rMqO9dctukDYy7Y2c+NLbJa1/SILmYXljcxrediNA3YC4ecsALuWe4l5e5GU0u/MU7xof29rUmpu 2Yfce43IomieYrs+mNMLLt1NS5kS4haDP1qS1EWL6KXT0C/HCg27vMxulJAQf5aZlfydlAeXKSn6 pQV/E2I1njhnu9y6eYl8xWn5a+c+LC/KThX6+0L3P9z1HnauI+SUy3c0+NFPnEGfMdEfONh+jZ40 n8/M8jWxtl2qe8l1pNHrUvQbOBTkq1f7bnPnDWbiGN60mJnbcesH9Axj2WMz2C/gEGyGPh5RAwS8 EQjr5uZmiD7z9l2/eMlS9rZjdHrOuU0Zf58wKnnt3wo1Bt3bgp16l3x33HjuoTvwEvety9q1MnIK S3vJ4xl3etGi9O9Rd+fWdbrnJ9Tluj7U37K2vrK9ghxzD2KCQjZu9XLPuw8763fd0vNKkX2IzFrG KYevZXy6wBDC+ZcWj21j8lqeWY/lsnsV9AuL6J11Y8OB33Pb6XZnbebmI+br5rq9jJAnkbcXcXsc 7G6l4/ZKv9eIrPbTbwfzPqEhB+2WkWOBrFi6XVLlsgdThtC9UL7+7Fqrj9cKKec7Q0mvyctoIb9+ TnNN9VOyPsR2QXf81FHdkFfjySt+32lveWXFzg7ljk0rpwnx/O9Owd5TLoHA8TFJDflPY+DX6TM7 QdZjB05+6RqvG+YjzZ0TmffPDFn4uSdgl+iPSf3p0yVSY0X5O02nWii/A2OgpdUj24Z+A0e+/XQG +3YKa4P2pNvxM5v5yBH/b1i2rx80njF/+fsD/82bYYRvM5RxirIg4JuAIDfLxPvTU/2/dI68Cq1s 3e9/uL+LlUxL3cbcdF6KEsXTZs7XGz1f9QUdOPY7xoovXxjICelP3Nd+6QwX8giuq8jLXkgfvyb7 bbfICfCXq/XSgo2blHcHJkKOq9ZteyLneT2t6799JcAE5brxzTpqA5Nc436xyXTGiu0NRpejwK7l +j892tDGrfmz+9buy/j0FjUVaFMgIMy/Nhw4fMnrs/T0otU5RFbJ8swy8pRSm/fAk7zj7P0X9u37 +j7y2DTwX85bvGSyYiV5fOWugZYmx31TIv2XlfSxfq/XGGbD3pGqxpZhdr6p3NXOTIWAXRlqASZX a7pbZiJFJzrcZFHYL3ZNvvGNnVpqLrv2zorloVV59UNbjSc/nPPOgTvvS/qSzOr8JGmyaRb860Yf u9kV3MXGlLzwYMW6Xc5XFPR/dvDQl2MDr5Gwnb1Qm/eTJ53H2W39lw7tu35Pyt/PXrphgTfhD0nv yXKIVif1iH4SY1y3Pu8/7lH/1O/qy1/frzv8mdeNKvt3ipmNWV/Je+ApXtJo76V92uv3/WOAuwG7 fqAr+0VB7QT+d5yd4YVnM7jAoRQIBCAQygECl3fI+353Ov/8MfNSbvb8kv8XdDuOkNKntr61tFQX KLhX2jpP/jiPmXq+/5k78sv0VlnaQg45k2M8v/c46EK66zwxz0fjfMu0byLkGHzTIfa96uT0bck+ +ly1/4v1in/+h1/ewZOcyWGPfZPTsMxBQWlBpc7kONfugpo+L0tE0/Gyd+bsL3fumRiwv0LAfQeU 7TXtyYDl9/Utf3Tz3H5qn3/mjcuR5J0B8/rufbZ37Bkh++vQWSfZA3jsASqF48i7/ag9TYJ7nwGv CfvRbe6oNHsWawETUOb4FHeQkoeUO5ToeZKQQ20/DO3vcKP9TQPOc1z2k+v8E/YLFKU695B7HoIK fBiPdcwRfY/BzL1ugf476xg3APpMuuoNygfJ+CAfWQz7jpkGOCNcAXLQa9+b1dyLk5kXMFz7nDk6 6P5eBDJ+7cz9xDQY2uQYocc7Wx0HL7nQ2EdFX8e+nWvoc+305fFKfxoJe9DR8WYFZmxzx+Ldv2gc GecJe2/fRO7dCS5n3mhIBBH/BCl71t/lshPjvyfAawvcF9bj1weGYDOUezLKgoB3AkGfa7dovL6N 1eP3X3gn1NmvCinxR+91iTrSZ6ftd2Du7SucaprIAWfHd41uxd0Bz5fMECmi09eZWl4PsNoRkFuk XaDpogWVh5oCqzR3DJ74rNEEUdz+ug9HH7xrLf92Yr/Z2X9rh51A1Hg25nzTDj2PcR5A570EhoXA Px9vVzjvP0YyYHq3mpw1J01rDtgZem+duzOyDRRUajhy35r2vdnSfZH9lSDm7kw+YX+Q4+K+6pZu egeeeYx31HH31qFwvuLImzKyrZfo/uh4iQ33F/YlOfbLORd0cPZMmOK9LskVmgtml7HKb4PMmR50 /bEf2qC/Fyo43lnED77n/3MDxv7aFk7wvmWP1zvmgs73unAF/kLPsehR+p7h4nv2VzyxdEpb/qhz /wv9czhk/mSPDm3kXWZCHDxt/jEZXtxZSM7vGiPY3cQBMmL9fOF6uFwN2mNS8hg3irzcvvweZ+em T2TsfdhDXn3T4pyTezdLgs0d+3QOUedbqrjoeP1FGc8BYPc1fJuQKxAYKoEEYsD/HUaAT8nPlT6S zZwn8bzIw9bv9ubeE3gZXAA/YAIEQCBeCJC36i75ZKlmfXrgjYN46TL6AQJBE4iKpEqmrdxXx/wc qud14YOz/yvIka2gu4yCIAACsU6AOc6+7JFZ0PVYjyT8jwyBaEi77bL2qfTCPyxocn2NK7vJN6Qj W5FhAqsgAAKiJkD/QvH2/w3qOLuo+wHnQCBSBKIg7fYXzX5lMvF/nqu/s/3MZ3+UbypbGt7x4kgR gV0QAAFREmCPrdLXKNmGy/mlSwO+jUqU3YBTIBAFAlGQdklS9vNGw1trJp5cKHO+jk225ui1cY+8 cQxbZVGIMpoAgXggIBk3kX6xFH1+RBPo0Gk89Bd9AIGwCUQljS5s71ARBEAABEAABEAgRAJReGoP 0SMUBwEQAAEQAAEQGAIBSPsQ4KEqCIAACIAACIiPAKRdfDGBRyAAAiAAAiAwBAKQ9iHAQ1UQAAEQ AAEQEB8BSLv4YgKPQAAEQAAEQGAIBCDtQ4CHqiAAAiAAAiAgPgKQdvHFBB6BAAiAAAiAwBAIQNqH AA9VQQAEQAAEQEB8BCDt4osJPAIBEAABEACBIRCAtA8BHqqCAAiAAAiAgPgIQNrFFxN4BAIgAAIg AAJDIABpHwI8VAUBEAABEAAB8RGAtIsvJvAIBEAABEAABIZAANI+BHioCgIgAAIgAALiIwBpF19M 4BEIgAAIgAAIDIEApH0I8FAVBEAABEAABMRHANIuvpjAIxAAARAAARAYAgFI+xDgoSoIgAAIgAAI iI8ApF18MYFHIAACIAACIDAEApD2IcBDVRAAARAAARAQH4GEwcHBUL1KSEgItQrKR4JAGLGLhBti tomxKp7oYLgGjAWGa0BE0SkQB2M1TGmPg55HZ4hErhVyF0AUAuIFpYCIolMAgQiGMygFQynSZeIj CliQj/Q4gX0QAAEQAAEQiCoBSHtUcaMxEAABEAABEIg0AUh7pAnDPgiAAAiAAAhElQCkPaq40RgI gAAIgAAIRJoApD3ShGEfBEAABEAABKJKANIeVdxoDARAAARAAAQiTQDSHmnCsA8CIAACIAACUSUA aY8qbjQGAiAAAiAAApEmAGmPNGHYBwEQAAEQAIGoEoC0RxU3GgMBEAABEACBSBOAtEeaMOyDAAiA AAiAQFQJQNqjihuNgQAIgAAIgECkCUDaI00Y9kEABEAABEAgqgTiRdp7W9Uy8oM95JKpai/ZvDO8 Ya5dyhZKUNWaXQrdshrfP1xVyNmgzRRWHX7faL0V1WigsRgnYLMaj2j3que4jiOt3tzvY0gy/Q21 Fl3eZbCmFVa9c8RodW+D+1LI5lS193sFyxaQbW7t9edejMcE7odOoN/c6jKM6QGmbTV7H0UO8+61 VOpaUqnXe/P0IH6nqjCNuyGzd1wvgzh051GDJUB+GDTUK7xaobYSWvmelhKpPaTKGtOAt9oDF2uU 9kL8MgPdLaVKH+NBWdrS7dVYaO5FoLQYoxCBbg7RZPQoDVgM+0oUvm4r0qKaiz1e+hJyrZuWlud9 tCJVlOos/MHq/FIsqTF966V1toC0tKUn4mM8eoEY4ogZ1uoioHTTcnZPgeNe6jqepQV7zlpueiPU Y9KU+hiW0wtqOvpc6wxYdKUKH20onm/x3kT0AiOCKAjQ2TiT9nSF4l6K8n4jGzDVKCnpg4oH6THl lPab3Zo19F+kBZU6k3MI9plaatg79YJKw58FIC20ifgYf0JTcbcXLUp/NlQuYG6DypKaYwbnvemm xXCspoSZOErXaLrdbosh1xro1hTRg3V6QeVxU59Dj3uYwUqrtKLyrHMM8+a70iKNlykqpD3S4y9E +9Earr7cckwcyQB7t8Vkn4ySCWjTm8wAoygv0mu/hboNfuctdHqRpss5eRzo0hRNZ+641TpHE4MD THHmm6KoNjjHdogEhSg+3FEQog+Dg3Em7Yt3VhKdliprLno8hnxrqllCUWwBnrRzj/Je9ZsbstKS Fm8PXMIEIGwr8TH+wu5+kBWjQmmgz1BNzwJ9PZoPchLuOpDCqMWOYVf9toPgVJ//CM5Ju6KggHjn entla0HagxxG0SoWleHqszP2IVRQfdZl9YerYF/ddJsmMo9Mvga/Y5A757Vcea/6zal+eknLV9FC 7qWd4Y2CUB2Pl712buHo7/7hx/PzpVZd45lOt91DW1dbYxulfDT7/iSuLPuffoupw0pJZ8z+vuvf 6c9GT56bmy+lrA0nDdiMdKGGf/AI2MwHN1fqyerOsd8UTfMcRaTkuPSnn6tUSF0GUji1+rtNn1OU LHP21ESPCEgm/3h5fjpl1TUbrrl+OPHhX/5HpeLr2rWVTZeRO4Kh64vAVf3LZbXW6UV7fr0+U+pF GCSTszdvp4dxbe1vP75ut3JVX/Oqjkwc9zy30svglySm528rIcNS+0bz58wt2dbf3dlBZgKZ938/ 0aMRyd1zly+UUsaG5k99bNEjfMESiDNpJ3fR+1XkBqc73tZ5g8/A1nmmUUcplz2UOsoVTaJMnkbU +9Nz/+NtLCVll1sGBy1l2UlxByrYEYJyAQgwQ8tKKXMfmzXOZ9HE2U8f+5w/kMKqlThFPpWiLO3n PveW0DQhu9wwOGgoz57g7sbYzKerNimsr6x9uQ13TAxo7wR6P21uMFLShcvn3u3zZpeYsWrbSin1 XvXBc9xAClxrfOaqRsuApbloGmNWkjglJY2irO2f/I+X3FJJUnYZfcctz/Y6R0bsgicQf4p1V4aK JMuRR/Qu3nP7jc624zoqa1lWsnuHJVNVq3PJYN2U8S9BZYEGjxYlRwQBdmhJlcseTPH3ZfpOYuIY Ho/wao1JUT1eJLXqN/0wlaQTB0q85zUnSZyVu65ourWi+k2j43lrRIQHnQyOgK3XcLKBLF/mz83w 9xhjF+bzXVfYZ/ArXecD1JIk3nsvfxFAkpKzmuy16zdkpD5JcuJ9ptAH5zdK+SIQf9IuScqY674m z63Gz89K4d9eWSajJ+eWtdaQ5KQL9ZuW5+XIx3In37SBD3tgWIEAxS2Sz0yeEMp3KbxalGTy4l2t +0gCs7V+05K8OfKxoxISmINJAWVecs/iX/+qSPrepo1vG/2exENIQcAPAcmk5JkkWamjs5seRdzq emjEJPfk7vptTcF0ZhAvzpHfab/jQuZDA+m/dCi3IyHbjaStpBlua/L21Xhfz1VJ04r2mk0fag5V cqc+mBsnLfPkrOWJQKc5I9kV2I5ZAryXKDiO7iZkqFuv+u1RwFqSxGmFdWZTi+ZAJbk50hczJaVl /v7CqmY/B+glk3/y6z1rpPrKja8bAhxQjlnocDxcAreudHWSx+80ucwzjcOLTWtn1xWSt8HWCv1K nF5Ud9rU0uR6x6VlXlb40glfR+FDb2ck14hHaafGu67J+16Nd0ZekpiqyP3pxjqyz0Of9NBo2JNv ROOVeeu1X+CNHiP5SyK6viemZuc+sbGuY3CQHK57T6NhDyYRjZ+vWN902edgHT158aY9RXfpN/36 dSzLiy6oMeWQNCV50miy5DkpOcXH+fSA3UlKzV7Eu+MeYk++Wes3KBWbtcj3DMgvUIG4lHZuTb7D ZKGfTvytxnvDI5GmL8rNLSr/cJB9D8OF2rVv6JEhH2gkjdTPudS2811XXSV1TGrRQd45lq9aSJ6w 8wqvlifj0dL0R3Nznyr/sLvPpCECb60te1nve2GALMurn1WSNKhXW33PAEZqJEd0v1mRtnL3zIAo 0lKm0Pnt3NZ7wOL+CzB33J8WlTcP9l3UEIFHvucQgTLV41LaKYpZk2fPGvldjWfXP329mzYpNXcD c3LD80CREOxhIx4IjEnJmk/uRh2nP/N40auf7oVTy2auVXl5RzLbCll2WryFzl4OcHBIkppbVrnA WvsfzzVhLSoexp9AfWAfhwIe9LVn281MnsTmuzNb7/6PBzPjNq3wpdP0F8R2qVZFXm68tNbscoKJ 60XitNwtavKGRJw3HnpY41Ta2TV5WpIv+8yNp+GFOFcdOm9YiDsCkpQHl5Gx5nLYN3Anw6jlmsEU uAkfJdhD9swx925vt9ewDaNiTBNImr10wwLKeuzAyS99bun0G97cvs9KLdiwdDZ3OI1NbPJXi90P vXDiys3v0s/5E5Jnyijqc1M38j0iO1ziVdrZlSJjw3sHtPSbarzmxtOTTm6uWlH+orcVStvl3x+g z3oqVRnjIxsHWI9dApLUpWWbFOT85MJ/q73k/dy4zWr65MpNly6GUYu7je7b/mKLlxUC25cnDxyz Uun5qhkBzgQnZnDH3F9o7I5d7PBcYALjZv2sqEh6oTZv1Vav2zW2y61l2zbprdKiop85X+EwQVH8 r0p61/LX+7wMflv/pcYXth4iL//eUfwgMyzZRChjxfZXWr38+Natyye1QZzBE7jn8WkujNfaERBh 1IpsFe6dmry3xzt/DIb/3tmBnpZS7++Qp9/L7fW1yd7f6xnZ7gRhXYxRCMLtKBeJFqWei/T5SXKR UXSgyeB4Tyed5uZIA/Z4/3bItezvkKd/8eBQi+MnD3hvque/v9PzS+Gk73h9PX4eJspD0l9z0Rqu Ib5DnmQdtbzLncjw8g55xzB2/QEF5zvkXW+h9nfIM4P4Q8dPIdDpy+L42Y7hjoIwAzIckRZjz73c xdgXbpOL/2sxntJOv0rbfl/2nL1JFSUa3u9wCANdECtijIIgHRPUSBQp+fnxK1by+T/o4uhkqLUG +i7S59q9X4pSjfP3NuyviPf1a0ncL81A2gUdcEMzFsXh6lvdw/rlN9+30OkF1W3ur6Tv66DPtXu/ lCWai26/FDc0qCHXFkEUQvbZs0IcS/sg9zsELr/x6lXaCRbyu0O8c+1eHr8EYC2sifgYf8Iy8TK+ o7zCRJ5UnCfOmVuXoqRG8x7vt+C89TjUWh7l6ecf3loB14a/p3ZSxPGbh/hR10gPw2Dti+VLTQ8w +0+92W+GGucqkdfueL2F8tZB3SuRlQDnuXa6EXoQB/qmBAtySOXEEoUhdWIwgVQPdaeBZOmGUSvU VlDePwFEIZgRAkrBUIpCGQQiGMigFAylSJeJjyjEaxpdpKMP+yAAAiAAAiAgUgKQdpEGBm6BAAiA AAiAQHgEIO3hcUMtEAABEAABEBApAUi7SAMDt0AABEAABEAgPAKQ9vC4oRYIgAAIgAAIiJQApF2k gYFbIAACIAACIBAeAUh7eNxQCwRAAARAAARESgDSLtLAwC0QAAEQAAEQCI8ApD08bqgFAiAAAiAA AiIlAGkXaWDgFgiAAAiAAAiERwDSHh431AIBEAABEAABkRKAtIs0MHALBEAABEAABMIjAGkPjxtq gQAIgAAIgIBICUDaRRoYuAUCIAACIAAC4RGAtIfHDbVAAARAAARAQKQEIO0iDQzcAgEQAAEQAIHw CCQMDg6GWpP8Un2oVVA+EgTCiF0k3BCzTYxV8UQHwzVgLDBcAyKKToE4GKvhSHt04Ea0FfIVioPg RRQRjIuEAMaqSAIBN4IhgOEaDKUolMGCfBQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgCAUh7 FCCjCRAAARAAARCIHgFIe/RYoyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAAARAA ARCIAgFIexQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgCAUh7FCCjCRAAARAAARCIHgFIe/RY oyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAAARAAARCIAgFIexQgowkQAAEQAAEQ iB4BSHv0WKMlEAABEAABEIgCAUh7FCCjCRAAARAAARCIHgFIe/RYoyUQAAEQAAEQiAIBSHsUIKMJ EAABEAABEIgeAUh79FijJRAAARAAARCIAgFIexQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgC AUh7FCCjCRAAARAAARCIHgFIe/RYoyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAA ARAAARCIAgFIexQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgCAUh7FCCjCRAAARAAARCIHgFI e/RYoyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAAARAAARCIAgFIexQgowkQAAEQ AAEQiB4BSHv0WAvcUr+59XBVoSyBu+aoa7V6c79N4FZsl2pVMpm6tVcou72talmCF4P032Wq2ktC diASNoXiADsgAAIgEDECkPaIoY2oYdsX2vV5K47dvsZ4c5C+BvreyL52ZJ1iTcMlYdVdMq2o2WIp z06KaHdgHARAAARAQDgCkHbhWEbPkq1X/8ba2vt2bCnOlI5mmpUkpqo2bHk2rX732+3XoucIWgIB EAABEBAfAUi7+GIS2KNbV7o6rR7FJKlFzYOG8uwJ9k9uWY0N6jnskr1KXdtqX66/2qrOSJij3ssu 58s2nzz3liphaa35htMkvZSdoW69SrktyNusxjr1HMairPClE2bnOr3N2l6nVrGfkM2BVt5HgTvk WYJsN9RyDbk6T1E8H0gv6G45q5Mua6sK01j/qj44dyWctlEHBEAABGKbAKQ9FuM3JkX1eJH0ULFi ddXhIz5E9NZl7Yb0hScnlRsHyIJ932/kp9Yr1jdddmxl699vG7/JPHjTol/9zzOzlinPNbZ12T+0 9RpONlBKVcZ4FzpkF+ApZca+UetMPYODPa0PXyhUbNZevkXK2C5rn0ovbp30nIVu7NJr8tMr7B+F xfe68fUNK0794LU+2tyAZeOohlXrDppp9xgfFrb+Y7mF7EQM9L32g1Mr8tZrv2A8t/UbX3ki442v Fh3qI9XMpVPPnaj3nAGF5RAqgQAIgEAsEWB2akfcRSIU430e6DMdryyYbh9qUkXJm5oWEy1p7NXT UiKVKmsu0tro/Et6SctXg4NftZSkU9LSlh7Hh9+aapZQimoDI6VsAWlJCxHwwYGLNUop+/8Dphol xVpwa4IxqKwxORvjWXADTTtGccb5H/Edphu918V5ruRAT0uplFpSY/rWXpX5C9cXj0Y9IcRg1GN/ rMYgdLgcLgEM13DJCVwPT+2xNA/j+Upvrm+s6xiwGJo0mkOV80wVq/Jy5KmFdUwaHfPYbZXNTJ7g DHCiTJ5maWj+1FuuO7MMYDpwkNmnt13+/YGGSRuWznZNnbvR2XZcR02VT0nk3EjKLrdYmoumSXo/ bW4wSmcmT+I1NkU+1dpw0tAbVsK7ZNL986bptr7d1N6qdVlvv2Zo1lmlKcmT2AwDckkSp6SkWXXN hmsU7YYlTS6z+0dRdJfviNEAw20QAAEQCJsApD1sdKKoKJGmL8rN/enGOstgj0lTKq8vXc8uXNOX sSJnov1sXELCqPuKdT6XpyWTf7w8n2KE/0Zn87u1abmPzRoXUg+tFTl3Ohu7XV58KKTqroXHpW98 x7T/h9c15WS+MtZt8966M+fOUY6mRsmLdUxl25Wu81h+HwJ0VAUBEIgbApD2GAyl97PmSamLC/KV lK7xTCen7fyFa261x/cxtvEZKiVFnrOvf97WeE657MGU0IaG6+I/25qlLDvJwwr9JC31hM4IM3+Z ISk1O7eovHmQZAMY9iy48lKO4sVWdg3AZeWfbYlOHpRMSp7pxXAMxhcugwAIgMDQCIR2/x5aW6gt EAFJctayLB/L3XcwqixJypibL714+sKfnAvi/e1Vc1J8vxOGqULp3nvr3Ubd7GVZyR4jY0xK1nwl 9bmp256QzswwElS15sQZqnxZx+nPrM7GrhurfkJ/5Lkezzp/vuuKy0e2/u7ODv5qvxPVaGn64lWF C6XWzq4riWT+Ie04d8FK5+6xz+r9xpfmsOn9SYwbJoszYb7fYur4RiDoMAMCIAACsUNA4L37GDFH 4hMjnvpws6+jpmC6tKBSY2By0uk08rP7SpS8VLib3Zo1UmlB9VmmQN9FjfNTzzQ6tpU/GyoXuD8W 89LoBge6W0pJE8+30NnpNy0tzyuoBZWGP9Otd2uKpNMLqtuYxuitAcdHnh0YsOhKFfcqSjQmLmuP PJfXl5C/VJ7l0gCZNDpnAcZ5aZGmmxgf6NIUkY7vOctmyJs0/IqcGzUdtB22y5S35YThi/3XX38d auMxP1ZD7TDKxzIBDFeRRC/GFS5civEw/ugMujdLFPY1aKLzhz60iyXLpcfUUmMvMJ2ZBrCvrvMl 7WwO/PQiTZcz1Z0v7cwMwrCvRMHOXBUl++wTC0ZlSWNESumLP+fwGiLad+KafQZM+85P72fa0VQW 2PvGd55oNtMt7y3xDw4oSw69W+k90z7ccTPkeps2bVq0aFFdXd2XX34ZpLF4GKtBdhXFYp8AhqtI YphA/IidJQbBPCVJWCOz44IRhKGwCJSUlFRWVrJVicbn5uZmZ2dPmTLFjzGM1bBIo9LwEMBwHR7u Hq1ir10kgYAbI47AkSNHCgsL77777sWLF9fX13d3d484BOgwCIBAZAhA2iPDFVZBIGgC0PigUaEg CIBAUAQg7UFhQiEQiAIBaHwUIKMJEBgJBEboljPZEBoJ0UUfY50A2Y8neo+8kFiP48jxH3vtIon1 yJV23C5FMgRHlBv8NLqAHX/hhRcefvjhrKwsjNWArFBAJAQg7SIJBBbkRRIIuAECHAGi6G1tbd98 883mzZsfeughcAEBEACBUAlA2kMlhvIgEBECbop+++23R6QZGAUBEBgBBCDtIyDI6KKICUDRRRwc uAYCsUoA0h6rkYPfMU0Aih7T4YPzICByAkijE3mA4F5cEdBqtd/73vdmz54d/Ho78pLiagTEe2cw XEUSYUi7SAIBN0DAOwHcKzEyYogAhqtIgoUFeZEEAm6AAAiAAAiAgDAEIO3CcIQVEAABEAABEBAJ AUi7SAIBN0AABEAABEBAGAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAACIAACICAMAUi7MBxhBQRA AARAAAREQgDSLpJAwA0QAAEQAAEQEIYApF0YjrACAiAAAiAAAiIhAGkXSSDgBggIQsDWb9YfriqU kVeH0FdaYVVjq7nX3XS/uZVXSFZYdbjV3O8sdLVVncEZ4P+HlDvBL+bpsK3f+HJhVTtjijEi29za a3Mtx/xdVWt2+3Pg3tt6WzfLEpbWmm8EKksgNFdtfif0JtwMC94FP477x8L2PUPdetXVRPBMbphr l9rDETSf/vYq1TPay7cCAcfnoiMAaRddSOAQCIRLoNes3bpQvvOjiWuMA+RH3gcH+zQrqPdXyJ+o Ml632yS3da164aPbP/reL403mUI9+hWjjq1QLOQk2V5QWtrSw1phrx7TnsnvKfPWa7/wKcq9+u3L zIt+NjMx3A4IVO9ae82WTcaAMwCBWosNM2NSiw4OWsqyk8g9P2g+iRmr1HeUPPe7yyHPw2IDShx7 CWmP4+CiayOKAHlirlmdd2yq5s2dhZlS9pudmDpv465jldSmhRXc03O/4fXVaxumVuzfmZ8uHc0U Skqdt/6VY5uoTf+63f2hkA8wKTV3w7aS22rfaOn0fqO/bnxz9/nNaxdPZs3iigMCkiRFwebu37ys d1stiIOuxXkXIO1xHmB0b8QQuNZ+8IBe+ax68T2u3+pxs5b/qmmPcgr9V1tve1O1PmuH+tHJLoUk ibMer2rappoShCp3dHb3e9F22+XWV6v/bllWcij3FHYV+pXW/3qF20KYo64zWp3WbVajlttdkBVW f3DuMj+avA/JtoFKXUs2FUhVYnN+ToWR0hXLRzlWsG9ZjQ3qOew2haOkUEOj19xaazcum0P74dwB sVnb69Qqpl3PjxydI/smR89duTk0h7jF+b2tenuLxGwzw4RcjgX5//PgQxZySAdYJxMSmA44d2ck U1WrZzWUHx3y7sbQOofaIRII5WsYomkUBwEQiB6B3k+bG4zSmcmTPL7TEmn6olxFaiK9Emto1lml KcmTPCScLrQoOzXJn8O2q13nLVRayhTalNt1o7P53dq0+VkpY0Lusm7titeoNfTuQI9p3ah9GU9V c9sH143VT2XsvrZI3zM4OGDeMvXceyesDuv97dVPrD4yahW79TBg2TiqYdXq1w391ITs8uMtJemU ssY0YCjPnkBRty5rN6QvPDmpnCnb9xv5qfWK9U0CLTIziyUrTstfu8T48dG2UY056w6zQmi7rH0q vbh10nMWuuFLr8lPr1Bs5rauaf+X7f5qkb6PfHZ6y9TO9+ovhIzOS4VDq7brxhYfYphUT35vDcOE f3nwoRdySk7Jf9NHd+CmZdsdDTlbDzoTGkZLp89O0x1v68QGhxDxiZYNSHu0SKMdEIgkAduVrvNW aZpc5m+f2582B3KOPH7u2rlVd1fR6pwUL7eN/m7T514nFoHsUpR0zZ6ypzLp3QF2zf9K9cFz9GNv 77mD1VdKtm3IpSccksTUxVu2rZRy5pjlB5OysPhH7NaDRPovK/Nn609csHguKPS2vbxWm7ajdD27 TZE4vWj3rvwPygRaZL5l+eQP+rSHsthZkWRydlnzYHNRKt3SVf3LZbVpz25Z/xDTcNK0ovL9+f+1 9uW2Xnb5xLR025bFzJSL7Xh6YFaBS6TbiREms+ZmjvPOhGfHZrlwQj/14awUZuSMlmb/x4eDB4tS nVM0yaTkmdK2xrYubLgHxi+aEpB20YQCjoCAqAhYd+bcOcqZID9Ktvh82h6Dbm+u24I/4zQ9abge YGLhq3dps6dzu/608E6RT7U2nDT0/q3XcLLBOlU+xTFXkSROSUnjjEiSsssslh2ZV36vpa/DtepF 8uJD3lqwMXZkM5MnOG92iTJ5mqWh+VOPkwNhBGC07P4fKXSv1jT9Z6tWb1/9Zux4WUdx9O4qvXzi sv5BfxRG836rMDZ9bKA4Kkpk0+cp2rbW/K699XdeDlPQMSG4qA6TxfXpX2hnYU9QApB2QXHCGAgM EwHm0coa4P4rmZA8UxbwXs/1wJkh32PSlCooZX72j380i8vPc+9lv8XU8Y1gXbd2dl3pv9LV6Vx+ 9zTdf6G28P6x8id2n/2aPCyPU1UYapb47pqxImcib5pyX7HOn+1QOiJJTF9/zFT1w+u/2543Rz52 lNtetbUi505nw7dz8w/b1/TWho/LZq6173vTO/Sq2kuRfVxOzNx4TL//h3/WbF+VIyfOCp6LEApO lBWIAKRdIJAwAwLDSyBphio/3Xq+64oXHSBJZM3MA9n4DJVSSgunl5PKJCvtiMvpdkd/yHLx8/s1 329YWfzv+y54f3SjH+zucAXg4zGU2RQIsHRPZwMkTkpOsS+/e5K9YT746+ITD2u6uz4sfyqXXNmT e0yf+47AkhrTt7yDfPT/Wsqz/WYW0I+r3p+k3btANgsUuUXlH9Lb2wbNgitbc56wnzWQKmsu8k8Q Mg2XZY+bSM+xfFyS1KJmp6+W5qJpErIf4Vyx4Fe7RU+AvCZPhDQaE1Ozc58q/9DCdGAe6YBiu16I JY2QnEBhIQlA2oWkCVsgMHwExmcuXa7QvVTe5HbuvPdS7S/SFx67/l2yeypJyly8gay+lr/vmkRm 679U92T6yqPXb3PTZ3t3Rk9eXLq/VFZf/O+vO4/I8/pKrweMc10zGJOSNV/pOY2gn+8pl6V7lxVj Zs8+f25G0neSMubmSz83dTvmErb+7s4Ork26GMVfybf95fpVrxnmEsbOxdMX/uSc85A3scxJCeJp OOgu2EmQZMTcVYX5Usv5rqs2erIl6zj9GS/j/7qx6ifM63qYOZZHx/0MHknKg8uU12mzLoVYDl4T G8MaiXQHVha6zRE9QxaWbVSKKgG3mewI+SdBPEJ6im7GOoFQxmrPxZoiKaUs2XeWSckm2eAmXWUB +UtpS7f92XGg7+K+AqlUUVJvsHCvrDHpqum/lOq4WoNf0Rnm7q+sIdbOViqklKLaQCd1u13fmsh6 OJ2Uzvv7QHdLqZJSlGpMJMWdzWM/u6+E/MVhgWmIIs5oTLRNxn/pGk0369jNbs0aqbSo5iKdId9n 0pSQ1in2+Xugp6XU2S9il/SAkOJ8djjzbV/fX+12CqpZKn0XNS4++B0ggbvAtOXsI7N5Ye/CQLem SDq9oLqNaZjd11hQafgzw6JLUzRdWrDvItNx5iPKHaCLazctLc+TbZESzUUmlZ1ZIthX4jTIMUkv afnKXo/xjc/EG58BU43SaZblnF6k6XJEkingZdnDK7hQhmusfzVF7f8IVTiMP1GPSjjHIxDiWL1p MRyrIdLFXdMLKt9tsSurwyoRhaYaogrcJS2oPNRi4gSDLuRD2om+GqoVRImdkwCeoz0tJVIPAaBb epORZOaiW/qQUXH2YhpSlNQcoicgzOfVOhdve5hpB1NXUXpIs9OpMZywOcy2nNWUSO3TkQGLjggs sWdfD+8xtZAOs4YIE419WkME8mKNkkwSXCcl/BEYoAvsKjznP9tFYt05kaIb5sLh+pFj4kVXIjMt TeViv9JOz3X8Bped7gQj7cRlPh9ilnRgujNGTAdMJlNbW9s331zzMmnz/Q0Ncbjiqx4pAgnEcFRX CcTRGMlOGZkdFwd+eBECgdgZq2S1+cmNVOmxjZlBv2iWeb3M+X81fcCeFhumq7dV/URX8dFh9WGY uu6nWXLwIC8vjxTI/f4/3r72tb1Pzbn99tsDuhk7wzVgV2K7wDB+n2IbHLwHARBwJTAufdW6zNfr dTH2ayK2/v/55Pw/eXnVD+LLEtD+zx8PrF9wxx13lJWVnT59+ttvvwUZ8ROAtIs/RvAQBGKEQFLW M29Kj/z2fEwdgL7W/iGlfiYrULZ8jIQgkm5u2bIlKysLGh9JxoLZHqHr0lg1EmwEwVCECWCsRhgw zHsn4FiQ9wPohRdeePjhh2fPnu1Yq8dwFcl4wlO7SAIBN0AABEAgxgjgOV60AcNTu2hDA8dAgCZA HoMAAgRigsCiRYuOHDmCDGUxBAvSLoYowAcQ8EkAK5wYHMNCIJgFedYxouj0+wCzs6dMmYLhOizB 8mwUC/IiCQTcAAEQAIFYIkAUva6u7ssvv2xqaiooKCC6Hkvex7uvkPZ4jzD6BwIgAALCEYCiC8cy gpYg7RGEC9MgAAIgEB8EoOixFUdIe2zFC96CAAiAQPQIQNGjx1rQlpBGJyhOGAMBoQkgL0loorAX FAGz2UzeThPqDjqGa1BwI18I0h55xmgBBIZAAPfKIcBD1WgTwHCNNnEf7WFBXiSBgBsgAAIgAAIg IAwBSLswHGEFBEAABEAABERCANIukkDADRAAARAAARAQhgCkXRiOsAICIAACIAACIiEAaRdJIOAG CIAACIAACAhDANIuDEdYAQEQAAEQAAGREIC0iyQQcAMEQAAEQAAEhCEAaReGI6yAAAiAAAiAgEgI QNpFEgi4AQIgAAIgAALCEIC0C8MRVkAABEAABEBAJAQg7SIJBNwAARAAARAAAWEIQNqF4QgrIAAC IAACICASApB2kQQCboCACAn0mlsbqwrTyG9+0JessOqw3txvc3e039x6uKpQxivVau737I3tUq2K FMpQt14Noqu2fuPLhVXt/f3tVXMyirVfeLRKUbTBFFXtJS8f8RvgFbOZa1U+Hbjaqs5IUNWaaXM3 zLVLE2SbW3vJP2z95uaqze8wfw/+svW2brYj4cjw/kND8OtM8A25liS4VM9oL98Ktz7qxQkBSHuc BBLdAAGBCfRf0qqXyLefm/hL3cAguQb69E9Qx9bJF+4yOtWdyJ5WvfDR7R9975fGm3SpwR79ilHH VigWElV2dcjWeaaxI7dy590NzZ/2BvS1V799mXnRz2YmJs54LH9q7RstnR7Kyhicv1o1Nfi7mCS1 qHnQUJ49IVD7Y1KLDg5ayrKTiO1r7TVbNhlvBKri9rkkKbvMwhAh6HpaSqVUeknLV9wfGB+CdiaU lhMzVqnvKHnud5dDm4iE0gTKxgKB4L8UsdAb+AgCICAMgevG1zfmNXxfs397YbqUuU1IElNVG1+p qaQqF27Xc9rcb3h99dqGqRX7d+anS0czLSelzlv/yrFN1KZ/3e7ydH5VX/NqR37uz3MXplW8ftjs XymvG9/cfX7z2sWTic0xKarHizqOt3W6VbnR2XacGJxLl8HlICBJUhRs7v7Ny/pglkbALW4JQNrj NrToGAiET6D33MHqc8odrLjyrsSZy6ve2qOawtw4bL3tTdX6rB3qRye73EgkibMer2rapprCq9v7 aXMDla+aMS7lwWXKc41tXX6eKm2XW1+t/rtlWcmsVcnkHy/Pv9xw9FOXZYDeMzVbv9mwdHYS590t q1Hr3DuYo671tingtgZuY+owy+ZphVVHz125ae+qY0H+/1rV83MqjJSuWD4qQ33yY21xmkzdylt1 YBbeuaX70HjznGFX7//fKq2jCyp1Xbu113zC4d5Lp61OZKSzDeo57Hq/iukqD6dkqmr1rIbyoyHu IITmPEqLnACkXeQBgnsgEH0Ctl7DyQarbGbyBI8bxGhp+qO52amJtFPXDM06qzQleZLHc7NEmr5o UXaqXXbJJIAYpJSqjPGUJDlr2Wxd4xnPBXaHrHY2v1ubNj8rZYz9L+Mzl/6Uqm5qp3e+2YsxmJb7 2Kxx7D/7ja88sfDIqDXs3sFNy7Y7GnI2vG687o9df3v1E8t2f7VI30cqnd4ytfO9+gse5Sdklx9v KUmnlDWmAUP53PvnLl9INWhPOjezaQhU/twMeul+iFfTpt2GqVtO0/63PNi+8oeyaS9c+PGL3WQr 5OJGqvLprU1swsGty9oN6QtPTio30p3t+4381HrF+ibeCvxo6fTZaTrPdY4huofqsURg6MMxlnoL X0EABIIgcOtKV6eVmiqfwii4r8t2teu8hUpLmZIY6DZiMx8u32fXvzEpWfOVuldrfK4Y93ebPpfO TJ7ktEqWAR7JTzvVbLhmV/YvTx74wyOrc1K4MtfaDx4w5RcWZ7J7B6OlimX5yksnPrnie22AWXIw Ld22ZXEq7X9Sau6GbUTCA1ySpMzFG+TH32j+nLNsX41wzGICWfDzeXrJtg259HxotDTjXzKlUuWO 0vV0j8hWyA8fTvv6g7P/S69b9La9vFabxn1EUYnTi3bvyv+gjL8CL5mUPFPa5n9pZAh+omoMEAj0 nYyBLsBFEAABUROg8910MrIaz+qfhF6Tt/hMpqNnDNfT5DKXaQWzyKw58Hv22dTW2fLGBz9aPvdu +/2LPFsbLOUZV1qPaOlrrzonu1j3jV8ozJKDy7wkcYp8amCOdFqfY9WBtxoRuKYgJbwtqCTK5Gmu POm/UB0mi5dzCoJ4ASOiJwBpF32I4CAIRJvA6EnJKVLqc1O3X2mQTEieKaM6Ors9j8O5OEznu+ko Y0XORO7016j7inVWa8NJg3OBnVeh32Lq8FTl0ZPn5uZ98G4znUxHDLbc2rA407kGbuu/VFcou1Oe 8+rZ60T8/0H1mrZG6Vfb2CWHcC42rY9ddSDzg1NyxhNm49xxyQIfyfPSdKBlEmcVHkzSJsMznK6g TvwSgLTHb2zRMxAIk4AkKWNuvtRyvuuqt9PkVuMR9nT7+AyVUmrt7Lri5RQ1yVA7wiay0flubcqa i8wuuP3qaSmh9pUf9pbpRT9x3uHF8aTZSzf8lV5k7v/0KMnIe2yG87HeZj64vvTEI5rugebyop/m 5i7Kln1j6vCrduy8JKyLSeuj6FUHejV+MusJc5LNcVmai6ZF8t66pMb0LR8n+X9LebYQmwJhEUEl 8RGI5PATX2/hEQiAQFAEaB2drdu6p8nt5Sf9F2qfVC48eu27d5BbB7PxrGjbWv6+6ylq+hn6yfSV R6/fdgeXQJfrfvo8aYYqX+Y9mY4W3XHeFpPHzXpsIdX4n4Y/NL0+NU/lTLKjKPpBn0p76AfsTju5 bH3XA539YuYlLksO9B5/UHAokta3XN5wsLHxaINLul9wtYdUip11XTx94U/OWRf9Vh/XV/ewQNw2 NYbULirHGAFIe4wFDO6CQFQIjEt/+sWaeafyVmyrM7KnrpiXsq35WfEff7p/x0+4026JGU+/tnPe B2tXlDYYreyzOzmwtWtNdukfV1bvWHyPhMmip7ycPqfVUeE9i5ve87ae7/JMgZOk5Kyeclhd9oe8 5T92OW7HThQaGvWMDzbr6V2b/6M2wBI1Of+9es8jx1asa7hEr0D0mrXV28khNy+XYw/+Rn//35jP 2bS+o6tWHUxb9qA9lS8qYSGNJGX9cs/DH6x9blc7ExfyZqHt2zZRa8qWpjru5rYrXeetWY7Tg9Hy DO2IiACkXUTBgCsgMHQC58+f37NnT1lZ2VBNkdTrt3WGZ1I+25g+it5EHjVW8Q61cLfp2LZs7u00 jMhNK3zbeOwZ+YWNstuYreY7FfsHFu7XHyubR56hbeaj5RWTeKfPHU4x6qhs21pzxuPNdGNSf/p0 iZd31JDW7p67PN1EPbY0c7xr7yYonnl1X+aZHMaHKf/+h7sLX9UETHeX3JO7S1OX1po9lvRv2uqz 962rXOwN2piUR54qvbVVPmpq3kH7kT06rS9XSg2LfI6enFum3//wFTUTl7FLjkxcbXhnTbrznAKT 3KDknx4c6lhA/ZgjkEA2aWLO6aE7TL4RI7PjQ0cHC1EmEORYJYre1tZWX1//0UcfEQ83bdpUUVER ZVeFa+66serJjVTpsY2Zfo/fCddgyJbIO20KFKcf/2hvruvrekI2JHwF8s78R4pN6iNBvE9X+MaD HK7CNwyLrgTw1I4RAQIxTIB9Rs/MzJw1a9a6detYXY/9a1z6qnWZr9frxPozJzbrf+5r+OuGf80W na6T5AZ9fdmUf/ulIuB78mN/mKAHvglA2jE6QCD2CMSpovMCkZT1zJvSI789L7qT2czv142SVQ2s 2/l0+jjRDZ1+w5vl31T82p4MITr/4FCUCIzQdWmsGkVpfKGZIRPgj1W3VXc/tmN8QX7I1GBgmAjg 1jpM4N2bxVO7SAIBN0DAJ4H4f0ZH8EEABAQlgKd2QXHCGAgITYA8BjU3Nx86dOitt94S2jbsgYDw BJChLDzT0C1C2kNnhhogEEUCjhXOa9euGQyGIDUeC/JRDBGachLAgrxIRgMW5EUSCLgBAgEIjB8/ XqlU7t279+uvvybP8T//+c+BDARAAAS8EoC0Y2CAQIwRgMbHWMDgLghEnQCkPerI0SAICEQAGi8Q SJgBgXgjgL32eIso+hNnBELavHTsx//93/99LL+NLs5iOIK6E9JwHUFcot5VSHvUkaNBEAiFAO6V odBC2WEmgOE6zAGwN48FeZEEAm6AAAiAAAiAgDAEIO3CcIQVEAABEAABEBAJAUi7SAIBN0AABEAA BEBAGAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAACIAACICAMAUi7MBxhBQRAAARAAAREQgDSLpJA wA0QAAEQAAEQEIYApF0YjrACAiAAAiAAAiIhAGkXSSDgBgiAAAiAAAgIQwDSLgxHWAEBEAABEAAB kRCAtIskEHADBEAABEAABIQhAGkXhiOsgAAIgAAIgIBICEDaRRIIuAECIAACIAACwhCAtAvDEVZA AARAAARAQCQEIO0iCQTcAAEQAAEQAAFhCEDaheEIKyAAAiAAAiAgEgKQdpEEAm6AAAiAAAiAgDAE IO3CcIQVEAABEAABEBAJAUi7SAIBN0AABEAABEBAGAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAAC IAACICAMAUi7MBxhBQRAAARAAAREQgDSLpJAwA0QAAEQAAEQEIYApF0YjrACAiAAAiAAAiIhAGkX SSDgBgiAAAiAAAgIQwDSLgxHWAEBEAABEAABkRCAtIskEHADBEAABEAABIQhAGkXhiOsgAAIgAAI gIBICEDaRRIIuAECIAACIAACwhCAtAvDEVZAAARAAARAQCQEIO0iCQTcAAEQAAEQAAFhCEDaheEI KyAAAiAAAiAgEgKQdpEEAm6AAAiAAAiAgDAEIO3CcIQVEAABEAABEBAJAUi7SAIBN0AABEAABEBA GAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAACIAACICAMAUi7MBxhBQRAQAwEbOZaVUJCgmxza6/N wx9bv1l/uKpQRgrQl2yOeq+21dzPlbP1tm62f8SVYP6TVljVbO73tCaG7sIHEPBOANKOkQECIBA3 BG50th3v2LBzZ9qpZsM1t17ZLjetV6w7NmqVcWCQuS69Mbf/yIq8NbUX7OpOaqSXtHzFfsxcA32m X01670nF+qbLEPe4GSYjoCOQ9hEQZHQRBEYIgd4zNVs/z1+wPHfZ5Iryo2YXMb6qf7msNu3ZLesf knK3vaTUeb/YsuO++q3vtHt5xGeRSRJTF2/ZtpKqfbe588YIoYhuxgEBSHscBBFdAAEQIARsvYaT DZRSlTE5JWu+Une8jS/Gtqtd5y0emMakFh0ctJRlJwW8E35u6uY924M3CIibQMABLW734R0IgAAI cASuGZp1VP7cjCSJJOXBZcpzjW1dzud2yVTV6lyprljxZNVhrT6UvfNbV7o6rdRU+ZREkAaBWCEA aY+VSMFPEAABfwRs5qPlFVS+akYSvY6enLVstm5rvd650j56cm6ZXlc978SmJXlz5GNHJSSo1LUk i67XL9Zb1vaaF7YekhY9rkoZgwCAQKwQgLTHSqTgJwiAgB8CdAKdTkpW48czhcbQa/JWnWsyHdlc f7bOctNieE+jOVBZYKkozsuRP1TokkZnrMiZyMuPv022uD1tj8G4N3cybpYYgLFDAKM1dmIFT0EA BHwRsHW1NbZR1p05d5LHcfoaJS/WUcaG5k89nspHS9Mfzc19YmNdx2DfRU2JrL741wfNjhQ5R4Y8 yY3XlCjuVeTPnfOjNHvmHQIAArFBANIeG3GClyAAAr4J2Hr19Vt1WTWmb/nn1npaSqmK1w8zss2c d89Qt151MZI4bXHxMiVFZgW8XXmuBMmNz925v2JqQ8HCf//tJZxrx/iLKQKQ9pgKF5wFARDwQoBJ oHPfDpckZczNl3KyzSTWWbw9xBNzWcuykr3eCiWTf7Jj//Py+tJfvG5AfjyGXgwRgLTHULDgKgiA gDcCvZ82N1D5y3/svh2eNHvphtm6xjOdJFFekrp01855DevXVWmN1luMlVtWY0Pp6rJblRuXpvpK kRstzV5fVTlbv+nXrxuvgz4IxAoBSHusRAp+gkBQBL799tvTp09rtdqgSsdDoRvmw69XyJcvzWQT 6PjXuFmP5Sp1r9boyTq8JHFa4dvGfbnjz26U3cZsx9+W/vKfHtj2/rGNmX6PtY1Lf/q5SsW5TRt3 tXJzgnighj7EN4EEsjUV3z302jvytR6ZHR+BsY71Lgc5Vominzt37tSpU1u2bCFd3rRpU0VFRaz3 Hf7HHIEgh2vM9SvmHMZTe8yFDA6DgJMA+4xeVlZ2xx13ZGVlsbqOCwRAYIQTgLSP8AGA7sckASh6 TIYNToNAtAhA2qNFGu2AwJAJQNGHjBAGQGBEEIC0j4gwo5MxTQCKHtPhg/MgEH0CIzSbDLke0R9q aDE8AmSs7t69u76+/qOPPgrPAmqBQDQJIEM5mrR9tQVpF0MU4AMI+CTgmIaeP3++ra0tSI1HhjyG 1LAQwFPTsGD3bBQL8iIJBNwAgQAEZs6cuXbt2vb29o8//pg8xz/wwANABgIgAAJeCUDaMTBAIMYI QONjLGBwFwSiTgDSHnXkaBAEBCIAjRcIJMyAQLwRwF57vEUU/YkzAiFtXjr24xUKBd5GF2cjISa6 E9JwjYkexaiTkPYYDRzcHikEwrtXdnd3T5kyZaQwQj9FQyC84Soa9+PHEUh7/MQSPYlLArhXxmVY 47VTGK4iiSz22kUSCLgBAiAAAiAAAsIQgLQLwxFWQAAEQAAEQEAkBCDtIgkE3AABEAABEAABYQhA 2oXhCCsgAAIgAAIgIBICkHaRBAJugAAIgAAIgIAwBCDtwnCEFRAAARAAARAQCQFIu0gCATdAAARA AARAQBgCkHZhOMIKCIAACIAACIiEAKRdJIGAGyAAAiAAAiAgDAFIuzAcYQUEQAAEQAAEREIA0i6S QMANEAABEAABEBCGAKRdGI6wAgIgAAIgAAIiIQBpF0kg4AYIgIAQBGyXalWyhIQMdetVL+b6za2H qwrJ5+w1R12r1Zv7be4l/RsRwk3YAIGIEoC0RxQvjIMACESVgK3zTGNHbuXOuxuaP+11a9n2hXZ9 3opjt68x3hykr4G+N7KvHVmnWNNwyVXd/RmJam/QGAiESQA/6homOFQDgegQwK9khsL5aqt6/gqq 4rPirmXy48tM9UWpY+zVbb2tW6fldO5w+SNlM9c+In91Zsvx8uwJ9pJ+jITiy4gsi+EqkrDjqV0k gYAbIAACQybQ+2lzA5WvmjEu5cFlynONbV28pfZbV7o6rR4tSFKLmgcNPF2nKH9GhuwhDIBAVAhA 2qOCGY2AAAhEnICt13CygVKqMsZTkuSsZbN1jWc6ndo+JkX1eJH0ULFiddXhI61m99V658O9PyMR 7wMaAAFBCEDaBcEIIyAAAsNNwGY+XL6Pyp+bkURua2NSsuYrda/W6J3JdJLJi3fpj1fOO7dpyeIc +Z0JCbI56r3aVnM/3/FARoa7k2gfBIIiAGkPChMKgQAIiJwAnfumk5HV+CTGUQm9Jm9xTaaTJKaq NtZ1DFgMTRrNocp5popVeTny1MI6RxpdEEZEjgHugQBNAGl0GAcgIGoCyEsKLjw3zLUF8uJD7oWl pS2XdmTTz/Fer16z9sXVeftG17R+UDRNQoVnJDgHR0YpDFeRxBlP7SIJBNwAARAYAoHeMzVb25Q1 FweYY23c1dNSQu0rP2ymN9yZo+oydavrHntS6uKCfCXF7coHNDIEB1EVBKJJANIeTdpoCwRAIBIE 2AS63NWqqS53tKQZqnwZJ9t0Yl2WteGkodfjBTXUHcplD6ZIgjASCd9hEwQiQADSHgGoMAkCIBBV AtcMzToqP3fu5NGuzY7PXLpcoTve1nmDJNalLn2uZt6xFeuqtUYrK+82a3td6friW2vKlqZKqGCM RLVXaAwEwiYAaQ8bHSqCAAiIgoDNfLS8YtKGpbPZBDreJUmc9Ui+sm1rzRl6HT5xetHbumO5d57d mD6Kec/sqPRXvnqg1HRsfXqiJFgjouhxNJzQarVPPfWUTqe7du1aNNpDG4ISQBqdoDhhDASEJoC8 JKGJwl5QBIi05+XlsUV//vOfL1myJCMjY/z48f4rY7gGBTfyhfDUHnnGaAEEQAAEYpnAW2+9pVKp 7rrrLjzHx0oYIe2xEin4CQIgAALDTAAaP8wBCLp5SHvQqFAQBEAABECAIQCNF/lAwF67yAME90Y6 AbJ5OdIRoP+xQIDdjyfr9uSlArHgb5z7iKf2OA8wuhcHBPhvYcH/g0B0CGg0mjj47ozYLkDaR2zo 0XEQAAEQGCoB8rDe3Nz89ddf7927V6lUDtUc6gtEANIuEEiYAQEQAIERQ8BN0QMeihsxYMTSUUi7 WCIBP0AABEBA5ASg6CIPkMM9SHusRAp+ggAIgMDwEICiDw/3IbSKDPkhwENVEIg8AbzeK/KM0YIX AuRtdB988EGQL6Fz1MdwFclggrSLJBBwAwS8E8C9EiMjhghguIokWFiQF0kg4AYIgAAIgAAICEMA 0i4MR1gBARAAARAAAZEQgLSLJBBwAwRAAARAAASEIQBpF4YjrIAACIAACICASAhA2kUSiPDcuGGu XUryVmTq1l4XA8zfVbVmW3hmXWv1m09UvVBnvuHDlq3frD9cVSgjftCXbI56r7bV3C9EyzwbTI9k m1t7BemSwM7BHAiAAAiIigCkXVThCNEZW1db4+UNldvSGk4aIqV5tt72fYWbPhnwJeyXm9Yr1h0b tco4wL7Z+tIbc/uPrMhbU3tBUHUfk1p0cNBSlp2EERviIEFxEACBkUcAN8rYjbmtV1+/tePhBT9/ fFnawfLDwjyih4jjqv7lstq0Z7esf0jKDaWk1Hm/2LLjvvqt77RHarYRoo8oDgIgAAIjjACkPXYD fs3QrKPy52aMm5q1bLau8Uyn+1r1/1048RK7UC4rfOmEmb9m32turVXPYRfRVepasoDOVrb1tm6W kb/sfZGpmPHMb/5tWs5OK3WoWH67x7I/KX6167zFg6D7E7bN2l6nVtmX60ljdk96W9UysoD/clVh Gu1kSd0rqhRV7SVeP662qjOYdt0X5Hk20wqrmu3+E19uWY0N3roWu4GG5yAAAiAQGgFIe2i8RFS6 99PmBipfNSOJGpOSNV+pO97W6bodritd+87oNcabg4M9+kVflcmfqDJeZ/zvvVT7rGLFqUnl9CL6 gOW5SafWyxfuMnLqTgroGtqkpeaBAUvjutWVl1pKpdSSGtO3lvLsJLf+S6aqVudKdcWKJ6sOa/U8 fXWWs13WPpVe3DrpOQu9Yn/pNfnpFYrN2su37CWs+oZPxpeeHhz4k371o/Pc5ijOPro0zNhcvI9a beobGOz77cMdGxXrmy7TM4Jbl7Ub0heeZLs22Pcb+an19o9EFDq4AgIgAAKRJRCdn/4VWyuEqdhc CtGfb001SyhpaUsPs8U9cLFGKZWWtPRwVthP12i6ia6z11ctJelcgZ6WEun0Ik0XtzlOPqT/IlXW XBwYHOihhTy9pOUre0X2L7S0+/Cwx6SrLpA6RqmypEbTYrI7wrRLKWtMzsbcPKF4bg8OmGqU1IJK w5+ZtpimuT7y++vad85nxkNnR+zO0n/hdydEzCIoHvtjVQQQ4UK0CGC4Rot0gHbw1B7ZmVOkrNMJ dG1SshrPppVJkrOWZVndkunSZk+XjrY7kDhFPpUp8Ldew8kG630PTf+eM/aJMnka1WGyhJX4RjbX n62z3LQY3tNoDlQWWCqK83LkDxWyaXT0Y7dROjN5Eq8xuydect0lKTmri76oPniOXrK3fXnygE6+ YXGmW+oc03cqLWVKImtUkpRdZhk8WJQ6mumabGbyBNeuWRqaP3U9QRCpsMAuCIAACIiBAKRdDFEI 2Qdb55lGndVakXMnd+TsdnnxIcqqazZcC2Tr1pWuTqu3QtbzXVfCP1k2Wpr+aG7uExvrOgb7LmpK ZPXFvz5oPy/H85O4y7jq65LcPXf5QoqZo9g6W96onZr/2IzEQF1y/dxYkTORo0L+M+q+Yp3X7oZm FKVBAARAIIYIQNpjKFgOV6/qa17Vuaxys0vuVEX50UCJ8qMnJac4l895vXd9tg4Ki81cq0rIULde dSmdOG1x8TIlRR6tu5ipArvU73r5PMYmScqYm0+ROcrlzrbjOuX8rJQxQbniLORl78BLlkCIRlEc BEAABGKIAKQ9hoJld5Ve5b5ZtDonxSV64zNUSik/ma6js9uZGdffbfqcWcD/Dq2d0ounL/zJ+Yje bzF1UGlyWYjPx5Qk5cFlSl/L3WSLIFmSNEOVL+s4/ZnV2dh1Y9VP/L1Oh65CNbx3QNt4TrnsQdc+ MgSY3QeK1ztmhiEjb+hJ9NK19qo5bln3MRhxuAwCIAACIREQyZ5/lN0giKLconDN8ZPLXK32na1U 3Ms8IjOJZpRUUaKhc8gHey7WFEmdWXXsPwuqzzJJ630dNQXTKUW1gS7pmUbHpraRR+G//KXvL+4P 34MDfRf3FUinF1RqDBY2ZY9suteXKO5VVJ7tY3PhujVFpEB1G9NYj0lTqnAkytE5bi5pdGyNPkO1 gh7E/Odvl9S5AYuulDRRqqNtDnS3lCrt/t/s1qzhdY1sDTg+Ei4C0bUUy2M1uqTQmggIYLiKIAi0 C3hqD3YidP78+WvXAu5kB2st/HI28+Hyg16Sy4jFxBmP5c/Wba3Xs++KUf5yXfYXL6SOSki4M/vU 9Dp9We5kNqsuaVrRS/r9D19Rp5PPEsb+m+nhXaZj69O5rDR31yQpKnVpT7H8u9/Ne9fj6LwkcVrh 28Z9uePPbpTdxuxw35b+8p8e2Pb+sY2Z7BqAZPLiXfpdD1/5tYxu7E7FkfHrDHs3pI/zTUCSOOuR fJLwX/S4ysdqvEQ6b8c776wcqKJtjnpg+8AKwztrGP9HT84t43VtyZGJq+0fhY8cNUEABEAgtggk EHmPLY8F8ZaITJAdJ4re1tZWX1//0UcfmUym1NRUQRyAERAIkkDwYzVIgygGApEjgOEaObYhWQ5W 4UIyKv7CAccfX9Ed3YG0iz+y8edhwLEaf11Gj2KXAIarSGIHaXcJhFdFh7SLZLCOTDdwrxyZcY/R XmO4iiRwkHY6EP4VHdIuksE6Mt3AvXJkxj1Ge43hKpLAjWhpD1LRIe0iGawj0w3cK0dm3GO01xiu IgncyJX2Bx54gGTGiSQMcAME/BAIMuUTDEFg2AlA2oc9BKwDI1fav/nmm3Pnzp06dWrLli1BBgNp dEGCQjEBCeBeKSBMmIo0AQzXSBMO0v7IlXbHk9C3334bpMZD2oMcVSgmIAHcKwWECVORJoDhGmnC QdqHtDtBBdR4SHuQowrFBCSAe6WAMGEq0gQwXCNNOEj7kHYvoHxpPKQ9yFGFYgISwL1SQJgwFWkC GK6RJhykfUi7P1BuGg9pD3JUoZiABHCvFBAmTEWaAIZrpAkHaR/SHhQoVuPvu+++8ePHB1UBhUBA IAK4VwoEEmaiQQDDNRqUg2gD0h4EJBQBgeEjgHvl8LFHyyETwHANGVlkKuCX3yLDFVZBAARAAARA YJgIQNqHCTyaBQEQAAEQAIHIEIC0R4YrrIIACIAACIDAMBGAtA8TeDQLAiAAAiAAApEhAGmPDFdY BQEQAAEQAIFhIgBpHybwaBYEQAAEQAAEIkMA0h4ZrrAKAiAAAiAAAsNEANI+TODRLAiAAAiAAAhE hgCkPTJcYRUEQAAEQAAEhokApH2YwKNZEAABEAABEIgMAUh7ZLjCKgiAAAiAAAgMEwFI+zCBR7Mg AAIgAAIgEBkCkPbIcIVVEAABEAABEBgmApD2YQKPZkEABEAABEAgMgQg7ZHhCqsgAAIgAAIgMEwE IO3DBB7NggAIgAAIgEBkCEDaI8MVVkEABEAABEBgmAhA2ocJPJoFARAAARAAgcgQgLRHhiusggAI gAAIgMAwEYC0DxN4NAsCIAACIAACkSEAaY8MV1gFARAAARAAgWEiAGkfJvBoFgRAAARAAAQiQwDS HhmusAoCIAACIAACw0QA0j5M4NEsCIAACIAACESGAKQ9MlxhFQTERaDX3NpYVZiWwF6ywqrDenO/ zdVHW79Zf7iqUMYVSiusamw19zrL9Laq7Z9xRThjL53gF/PS8evGqmeqjNcpHxY4p9StvMaiic/W 27pZlpChbr3qBoT5+9Ja8w3hvGHb8mVTAE9s5lqVoy/95hNVL9QF9L+/vUr1jPbyLeG6CUvDTADS PswBQPMgEHEC/Ze06iXy7ecm/lI3MEiugT79E9SxdfKFu4xOde81a7culO/8aOIaI1NosE+zgnp/ hfwJWpJ5l7SkpYf5nLv6Lu6ZdFyp2OxbGIhcVSy7+OOfzRpHJWWXW+wVe1pKpBTfmqU8OyniLOK/ AUlqUfOgoTx7AkXZetv3FW76ZCBgpxMzVqnvKHnud5fdJnsBK6KAWAlA2sUaGfgFAsIQuG58fWNe w/c1+7cXpkuZL7wkMVW18ZWaSqpy4XY986Bs6zfWrM47NlXz5s7CTLYQlZg6b+OuY5XUpoUVrb2+ b/mJ03K3qEso7RvNn3sv1G94c/sXm9WPTsbNRpiARsKKJElRsLn7Ny/r3dYtItEWbEaDAL5t0aCM NkBg2Aj0njtYfU65Y+3iyaNdfEicubzqrT2qKcwt4Fr7wQN65bPqxfe43hHGzVr+q6Y9SraQ38va YbL0eylx67Kuvnp0TlbKmEAWHJ/fshob1HPYpX+VurbVvnHALlar1HtfZPYMyPq5qVWdkaB6Udv8 EreLMEddZ7zca27mth5khS+1W4V7ECUbFq21ahW3GTGHcc3htc1qrFPPYT/z/EjL7XPICqs/OHc5 aBQ+CtL7GjLV3hPt9hZJRx17IvYF+f/rbd06LWenlTpULL9dxm52MB3gnHRhS+Z7U1WrZzWUHzUL x2uo3UT9IRAI/JUdgnFUBQEQGF4Ctl7DyQarbGbyBI+v+mhp+qO52amJxMHeT5sbjNKZyZM8Ckmk 6YtyFamJ/m4Utitd563SNLmMNuV22T5vfuN42rIHU4K909y6rN2QvvDkpHJmW6DvN/JT6xXrm3gL xbqGNmmpeWDA0rgq8+/p1nQv7269Z4t5YHCgu+VH51dmTJn2QuePXzQODvZc3PGdysUvNAm1hdxv eH11ySn5b/roLYWblm13NORsPchuY9u+0D6lXNj6j+WWm/R+x2s/OLUib732C0Ylrxurn8rYfW2R nuxjDJi3TD333gmrAIPCqltVpRn75DF6g6V7/+TjytU1vO0V0oAkKXvHpZZSKbWkxvQts9lB1m82 rDj1g9f6aLQDlo2jGlatO+iQ8tHS6bPTdMfbOgVMLBCgnzARHoFgv3DhWUctEACBYSVw60pXp5Wa Kp/iRXYdjvnT5kDe26ynd73wkk6au1o11cvdpN9i6hjnbWLhw25v28trtWk7Stez2wKJ04t278r/ oIy3UJyeX7hgWqJEIr33XnbCIV25bctievIhkWbMTSdKtmNLcaaULFEkpWY9lGb9r7MmYZLzbJYL J/RTH85KYVCOlmb/x4eDB4tSyWqErVf/xtra++ztShKn5e/ev/CDtW/oyUYGvWpypWTbhtxUkkhA tkIWb9m2UhqIajCfS0vUW3Kn0c6wHdf/4ROL3zw425VPTlxKe/iH7ERNIp1X9mFnc9E0R9Qkk5Jn Stsa27rw3B4Mf5GXgbSLPEBwDwTERcBakXMnLz9+lOzp82m/Mhirc90W/BmvmUlDgIkFr3ve1hgS ZfI0S0Pzp8Lo8xBYSmTT5ynattb8rr31dy4HB6hrhmadVZqSPMmx5SFJnJKSZtU1G64yqyZ8AsxH Q3DDW1XW5uembm9bIo4Kkkn3z5um2/p2U3urlr+V4ChAo6Z8bKwI7DHMRZoApD3ShGEfBIaRwOhJ ySnSQDd95nHN12a5u/POnPa+i5oSJaV4NHvOj2bRT8mel62/u7Mj5N4bK3ImOicPo+4r1vldwE5L meJ3vyDk9n1VSMzceEy//4d/1mxflSMn0xt+HgBFWXfm3DnK4fYoebGOtvNXZtXEx2W7VKvinSZU 1UZ4n3tc+sZ3TPt/eF1TnpcjH5sgY1IChn3KJFh8YIhPANKO8QACcUxAkpQxN19qOd911csqK8n8 OsKcbk+aocpPt57vuuKlEElqa/YuACQ3fuebmqnvr1y4dd8lrwoR3hMqvTfMP15H/j/C5+J8+cls Z/AfxxNTs3OfKv/QQnaqDZp5V7bmKLgjBhSlrDGxhwadFzmBJmWmVj4uybSiZsdZwMHB5qJUSdCe hDlmk0gHisqb6VwBw54FV17KUbzo7/hDmK2g2vATgLQPfwzgAQhEkEDS7KUbZuu27nHPJuu/UPuk cuHRa9+9g9wExmcuXa7QvVTexGZ+Oa7eS7W/SF947Pp3feS3S+5ZvKO6VP5B8S/ccrg4C8x6QKCF Ymdz7ETk4ukLf3K6Qd6mMidFVXspohvAkpQHlymve0yA+rtNn1NeVwVIemHuykJuPjQ+Q6WUdpy7 YHVsdZPDhC/Nod9Lc4vpEZ9AgJWMkD0Jc+iQJMrFqwoXSq2dXVfsbtOJEZT3dMgwW0G1YSMAaR82 9GgYBKJCYFz60y/WzDuVt2JbnZE9CUYOcTVXrflZ8R9/un/HT5jj5pLE9OLXajI/yFtVWmc/Lka/ yGxddnH3yv2l7gfneH5LpDmbqzYp9JUbXzd42emlt289JdN3v5Oyfrnn4Q/WPreL9YK8bGf7tk3U mrKlqZG9VUmmPqLOv1W8vlR7iesFfZitcnvFpMqyXLZt5lCZSs0VIAx/39xOFa3OSZGQQ+Gr9zxy au3mve20upOPmrZvfIWq3LiUJNnRPfrnhhXqWnphg/7ohe37/G0wBOFJ0MPGsQZg+6b/Gxu9/p8y R63lDhP2m082G6mix1X2c4lMYkTWsqzkyKIO2nsUHAoBBHEo9FAXBGKBAMkzf1tneCbls43pzG7w qLGKd6iFu03HtmU798iTphW9ZjSsk3+2TcZuGY/N2089ut90qCzb/8tmyLTgyarK2fpN28paPd5m Jkn9qXppR+OZzmAfukdPzi3T73/4ippxdeySIxNXG95Zkz703XR2Y9vnfjbJeC99h3T/7Pqx7Ib5 KOXLX83eZnpnY/o4NsaS1BX7DKsnHlnCFCAMj0xc98YO9k0Akntyd2n2P/xHtew2+0eN72zIZHPp 6R7VTT+VTbbnR41dbXhg3S+V/kZNYE+CH3OSFJW6tKdY/t3v5r3bSU1bua9x3cQjirFMgBm2x7i5 HTF5o7PtuE453/EGArPZfP78+eDbQklREUggG0Oicig6zpCBPTI7Hh28aEVAAjE/VsmK+sKdVNXb Do0UEE5opsibXp7oKj5KtrRDqzciSpOpzyPFJvUR5g219KXVavPy8h544IGCgoKsrKyZM2cGwyHm h2swnYyFMhjjsRAl+AgCsUuAvJ98232vv+r5RB/lLtn6/+eT8//k5bU8UfZDlM2Ro/n1ZVP+7ZcK TtcdTn700Ufr1q2bNWtWZmbmnj178BwvyvB5cQrSHiuRgp8gEKMEyFb0mje/1/rbj68PaweutX9I qZ/Jwi/QeIkCec9/+TcVv2YTL7xf0PhhHb0hNz5C16WxahTySEGFYSKAsTpM4Ed6s+yCvB8KXtfq MVxFMm7w1C6SQMANEAABEIglAniOF3O08NQu5ujANxCgyGMQKIBATBBYtGjRkSNHkKEshmBB2sUQ BfgAAj4JYIUTg2NYCARckHd4xV+Zx3AdlmB5NooFeZEEAm6AAAiAQCwRIIq+e/fujz/+uL29fe3a tUGejoulHsayr5D2WI4efAcBEACB6BKAokeXd5itQdrDBIdqIAACIDByCEDRYyvWkPbYihe8BQEQ AIHoEYCiR4+1oC0hjU5QnDAGAkITQF6S0ERhLygC5B3y33zzTag76BiuQcGNfCFIe+QZowUQGAIB 3CuHAA9Vo00AwzXaxH20hwV5kQQCboAACIAACICAMAQg7cJwhBUQAAEQAAEQEAkBSLtIAgE3QAAE QAAEQEAYApB2YTjCCgiAAAiAAAiIhACkXSSBgBsgAAIgAAIgIAwBSLswHGEFBEAABEAABERCANIu kkDADRAAARAAARAQhgCkXRiOsAICIAACIAACIiEAaRdJIOAGCIAACIAACAhDANIuDEdYAQEQAAEQ AAGREIC0iyQQcAMEQAAEQAAEhCEAaReGI6yAAAiAAAiAgEgIQNpFEgi4AQIgAAIgAALCEIC0C8MR VkAABEAABEBAJAQg7SIJBNwAARAAARAAAWEIQNqF4QgrIAACIAACICASApB2kQQCboAACAyRgK3f rD9cVShLYK+0wqrGVnOvu9F+cyuvkKyw6nCrud+zZdulWhWxlKFuvTpEt1AdBKJPANIefeZoEQRA QHACvWbt1oXynR9NXGMcGKSvPs0K6v0V8ieqjNftjRHt16oXPrr9o+/90niTKdSjXzHq2ArFwqp2 N3W3dZ5p7Mit3Hl3Q/OnHrMDwZ2HQRAQmEACGd0Cm4wFc2RKPzI7HgvBgY8uBDBWgxgQtn7jroUZ tVM1v9ubew/veeW6sWpFRvWMlks7spMkVH971cLF1VP3fLQ3d7KzEFv3QGbL8fLsCfa2rraq56+g Kj4r7lomP77MVF+UOiYIN1CEwnAVySDAU7tIAgE3QAAEwiZwrf3gAb3yWfVivq4Ta+NmLf9V0x7l FPo+Z+ttb6rWZ+1QP8rTdfJ3SeKsx6uatqmmjHY23/tpcwOVr5oxLuXBZcpzjW1dtrBdQ0UQGA4C kPbhoI42QQAEBCRAK7FROjN5ksf9TCJNX5SrSE0kH1wzNOus0pTkSTwJZ32gCy3KTk2ye2TrNZxs oJSqjPGUJDlr2Wxd45lOaLuA8YKpyBOAtEeeMVoAARCIJAHbla7zVmmaXJbopxXb1a7zFiotZQot 834vm/lw+T4qf24GWcOnxqRkzVfqXq3RI5kukiGEbaEJBBrlQrcHeyAAAiAgZgJ0Ap1ORlbj2ad4 Cb0mb0EynZhDBt88CUDaMSpAAARim4BkUvJMqbXDZPFyhs3RM8mE5JkyqqOzu9//2vqNzrbjOspY kTORO0M36r5indXacNLQi0X52B4nI8p7SPuICjc6CwLxSCBphio/3Xq+64oX8b1lNTYzp9vHZ6iU Umtn15VbnghsVuMR9nR775marW3KmovsATru6mkpofaVHzZD2+Nx9MRnnyDt8RlX9AoERhKB8ZlL lyt0L5U3feGqvr2Xan+RvvDY9e+So2uSpMzFGxRtW8vfv+xSyNZ/qe7J9JVHr992B8mipxPocler prrcGempgwzJdCNpRMV8XyHtMR9CdAAERjwBSWJ68Ws1mR/krSqta7eyyt1vPlG1Lru4e+X+0sWT maz4xIynX9s574O1K0objFb22b3XfGLXmuzSP66s3kEfnKOz6Kn83LlseefFTh2Ot3XeGPGoASA2 CEDaYyNO8BIEgiRw7do1nU5XX18fZPl4KZY0reg1o2Gd/LNtslHMLvnYvP3Uo/tNh8qyHefYJYnT Ct82HntGfmGj7Dam0J2K/QML9+uPlc2TSiib+Wh5xaQNS2c7jsHZ4ZCz74/kK9u21pzBm+niZcDE eT9G6EvZ8MqkOB/XcdS9IMcqUXSDwXDo0KG33nqL9H7Tpk0VFRVxhAFdiQ0CQQ7X2OhMLHuJp/ZY jh58H/EE2Gf0p5566q677lKpVKyu4wIBEBjhBCDtI3wAoPsxSQCKHpNhg9MgEC0CkPZokUY7IDBk AlD0ISOEARAYEQQg7SMizOhkTBOAosd0+OA8CESfANLoos8cLYJACARIXtLu3btJxvtHH30UQjUU BYFhIoDfyx4m8C7NQtrFEAX4AAI+CThSjs+fP9/W1hakxiNDHkNqWAggQ35YsHs2igV5kQQCboBA AAIzZ85cu3Zte3v7xx9/TJ7jH3jgASADARAAAa8EIO0YGCAQYwSg8TEWMLgLAlEnAGmPOnI0CAIC EYDGCwQSZkAg3ghgrz3eIor+xBmBkDYvHfvxCoUCb6OLs5EQE90JabjGRI9i1ElIe4wGDm6PFALh 3Su7u7unTJkyUhihn6IhEN5wFY378eMIpD1+YomexCUB3CvjMqzx2ikMV5FEFnvtIgkE3AABEAAB EAABYQhA2oXhCCsgAAIgAAIgIBICkHaRBAJugAAIgAAIgIAwBCDtwnCEFRAAARAAARAQCQFIu0gC ATdAAARAAARAQBgCkHZhOMIKCIAACIAACIiEAKRdJIGAGyAAAiAAAiAgDAFIuzAcYQUEQAAEQAAE REIA0i6SQMANEAABEAABEBCGAKRdGI6wAgIgAAIgAAIiIQBpF0kg4AYIgAAIgAAICEMA0i4MR1gB ARAAARAAAZEQgLSLJBBwAwRAAARAAASEIQBpF4YjrIAACIAACICASAhA2kUSCLgBAiAAAiAAAsIQ gLQLwxFWQAAEQAAEQEAkBCDtIgkE3AABEAABEAABYQhA2oXhCCsgAAIgAAIgIBICkHaRBAJugAAI gAAIgIAwBCDtwnCEFRAAARAAARAQCQFIu0gCATdAAARAAARAQBgCkHZhOMIKCIAACIAACIiEAKRd JIGAGyAAAiAAAiAgDAFIuzAcYQUEQAAEQAAEREIA0i6SQMANEAABEAABEBCGAKRdGI6wAgIgAAIg AAIiIQBpF0kg4AYIgAAIgAAICEMA0i4MR1gBARAAARAAAZEQgLSLJBBwAwRAAARAAASEIQBpF4Yj rIAACIAACICASAhA2kUSCLgBAiAAAiAAAsIQgLQLwxFWQAAEQAAEQEAkBCDtIgkE3AABEAABEAAB YQhA2oXhCCsgAAIgAAIgIBICCYODgyJxBW6AAAiAAAiAAAgMnQCe2ofOEBZAAARAAARAQEQEIO0i CgZcAQEQAAEQAIGhE4C0D50hLIAACIAACICAiAhA2kUUDLgCAiAAAiAAAkMnAGkfOkNYAAEQAAEQ AAEREYC0iygYcAUEQAAEQAAEhk7g/weAUS30C3gQsQAAAABJRU5ErkJggg== --_004_EEF22AB1A43B1F49A1AA33231F387F89175735BAESESSMB203erics_-- From nobody Thu Mar 12 02:19:51 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9F8A1A9053 for ; Thu, 12 Mar 2015 02:19:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.996 X-Spam-Level: X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DC_PNG_UNO_LARGO=0.001, FREEMAIL_FROM=0.001, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_36=0.6, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AczRCJoDnB6x for ; Thu, 12 Mar 2015 02:19:48 -0700 (PDT) Received: from relais-inet.francetelecom.com (relais-ias92.francetelecom.com [193.251.215.92]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2FB811A9050 for ; Thu, 12 Mar 2015 02:19:47 -0700 (PDT) Received: from omfedm08.si.francetelecom.fr (unknown [xx.xx.xx.4]) by omfedm09.si.francetelecom.fr (ESMTP service) with ESMTP id 6B5652DC5AD; Thu, 12 Mar 2015 10:19:45 +0100 (CET) Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.186]) by omfedm08.si.francetelecom.fr (ESMTP service) with ESMTP id 4D7F2238067; Thu, 12 Mar 2015 10:19:45 +0100 (CET) Received: from PEXCVZYM13.corporate.adroot.infra.ftgroup ([fe80::cc7e:e40b:42ef:164e]) by PEXCVZYH01.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0224.002; Thu, 12 Mar 2015 10:19:45 +0100 From: To: John Basha , "dime@ietf.org" Thread-Topic: Abort-Session-Request Flow Thread-Index: AdBcnM51WHdI0PEdSByaWLRwtTy29QABxgzQ Date: Thu, 12 Mar 2015 09:19:44 +0000 Message-ID: <30343_1426151985_55015A31_30343_2462_1_6B7134B31289DC4FAF731D844122B36EDE772B@PEXCVZYM13.corporate.adroot.infra.ftgroup> References: In-Reply-To: Accept-Language: fr-FR, en-US Content-Language: fr-FR X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [10.197.38.4] Content-Type: multipart/related; boundary="_004_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_"; type="multipart/alternative" MIME-Version: 1.0 X-PMX-Version: 6.0.3.2322014, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.3.12.61818 Archived-At: Subject: Re: [Dime] Abort-Session-Request Flow X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Mar 2015 09:19:50 -0000 --_004_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_ Content-Type: multipart/alternative; boundary="_000_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_" --_000_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi, Your question is more related to the behavior of a specific functional enti= ty (GGSN) using the Diameter base protocol and the Credit-Control applicati= on as specified by 3GPP. According the RRFC6733/RFC3588, how to react to an ASR is implementation sp= ecific and in this specific case, this needs to be defined by 3GPP. So please address your question to 3GPP SA5 Working Group, (WG responsible = for the specification of charging protocols). Regards, Lionel De : DiME [mailto:dime-bounces@ietf.org] De la part de John Basha Envoy=E9 : jeudi 12 mars 2015 09:20 =C0 : dime@ietf.org Objet : [Dime] Abort-Session-Request Flow Dear Gents, I would like to know the behavior of GGSN when it receives ASR(Abort-Sessio= n-Request) from OCS(Online Charging System). As I have gone through the RFC 3588, it was not explicitly stated that GGSN= should report the usage of existing services(classified based on Rating-Gr= oup/Service-Identifier). Could some explain here what is the expected behavior from GGSN? Will GGSN come back to OCS with CCR-T with USU for all the existing service= s? Please shed some lights on this topic. Can the below behavior be expected from GGSN? [cid:image003.png@01D05C1D.43E6F1C0] Appreciate your response on this topic. Regards, Basha S ___________________________________________________________________________= ______________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confiden= tielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu= ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el= ectroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou = falsifie. Merci. This message and its attachments may contain confidential or privileged inf= ormation that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and dele= te this message and its attachments. As emails may be altered, Orange is not liable for messages that have been = modified, changed or falsified. Thank you. --_000_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Hi,<= /p>

 

Your qu= estion is more related to the behavior of a specific functional entity (GGS= N) using the Diameter base protocol and the Credit-Control application as s= pecified by 3GPP.

Accordi= ng the RRFC6733/RFC3588, how to react to an ASR is implementation specific = and in this specific case, this needs to be defined by 3GPP.

&n= bsp;

So plea= se address your question to 3GPP SA5 Working Group, (WG responsible for the= specification of charging protocols).

&n= bsp;

Regards= ,

&n= bsp;

Lionel<= o:p>

&n= bsp;

&n= bsp;

De : DiME= [mailto:dime-bounces@ietf.org] De la part de John Basha
Envoy=E9 : jeudi 12 mars 2015 09:20
=C0 : dime@ietf.org
Objet : [Dime] Abort-Session-Request Flow

 

Dear Gents,

 

I would like to know the behavi= or of GGSN when it receives ASR(Abort-Session-Request) from OCS(Online Char= ging System).

 

As I have gone through the RFC = 3588, it was not explicitly stated that GGSN should report the usage of exi= sting services(classified based on Rating-Group/Service-Identifier).

 

Could some explain here what is= the expected behavior from GGSN?

 

Will GGSN come back to OCS with= CCR-T with USU for all the existing services? Please shed some lights on t= his topic.

 

Can the below behavior be expec= ted from GGSN?

 

3D=

 

Appreciate your response on thi= s topic.

 

Regards,

Basha S

______________________________________________________________________=
___________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confiden=
tielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu=
 ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el=
ectroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou =
falsifie. Merci.

This message and its attachments may contain confidential or privileged inf=
ormation that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and dele=
te this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been =
modified, changed or falsified.
Thank you.
--_000_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_-- --_004_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_ Content-Type: image/png; name="image001.png" Content-Description: image001.png Content-Disposition: inline; filename="image001.png"; size=30139; creation-date="Thu, 12 Mar 2015 09:19:43 GMT"; modification-date="Thu, 12 Mar 2015 09:19:43 GMT" Content-ID: Content-Transfer-Encoding: base64 iVBORw0KGgoAAAANSUhEUgAAAp4AAAHmCAIAAABVjRn1AAAAAXNSR0IArs4c6QAAdXVJREFUeF7t vX18U1Wex38bZhGdUlmEHRJw7Q87Dc5SBFo7O9odQwsJyiD82gEcoS22IzgLDMpCs+XBdQYs9mHq D8FHbKUtOBZIXgVGpYHWMFuYpSaIlhWS7fqqY0mYFRn6MArMNP2d+5Dk5vmhN+lN+rn/KM053/M9 7+/J/Zx7zvfcJAwODlK4QAAEQAAEQAAE4oWAJF46gn6AAAiAAAiAAAjQBCDtGAcgAAIgAAIgEFcE IO1xFU50BgRAAARAAAQg7RgDIAACIAACIBBXBCDtcRVOdAYEQAAEQAAEIO0YAyAAAiAAAiAQVwQg 7XEVTnQGBEAABEAABCDtGAMgAAIgAAIgEFcEIO1xFU50BgRAAARAAAQg7RgDIAACIAACIBBXBCDt Ygpnv7lV+05VYYaq9pJNTH5FzBdbv/GlOQmyOVXt/RFrIwjDvebWI4erCmWyza29IwN8EFAo6pbV +L62Vj1HMCx2zqpasxfM/j8NymMUAgEQYAkELe1WbWFC4Culyvg3YrX/Qm1hWkJCWmHthWG9ZfuL ss1qPEJuW2yfZIVVWqM1mLs6UV9aBEKsxXPEZq5Veb1X2i7V5ily8pZvqrcM0+i0kc7VqlVcmOeo a48QJldbX2r0diMW0Me7/nH8HQKac5rqbVWzkfJ5yVS1H1+q/bk8Z/GSTfXWiDjhxSg9Bjxckqlb e6PlQBDt2Hpbn0/PWJBXXKEPonQQRW6Y/XH2/2kQ5v0UYYY1901PUKlrf2e03uht3VtnvjE0u6gN AiImQH4eJuhroM9QrbD35d5Kw18dNftMLTUl5CP2j381VN7LFnMpFHQ7ES840HdxX4HULSpSReXZ Pr9ND1h0pQpSbUGl4c+Dg382VC4gJqQF+y72DQTt8lctJemkkrLmorc635pqlvj+NOhGvBcc6Pnw 2Ic9vly9aWl5XkFNL6huszBFBiwGTSUDSVljCr5/Q/QxAtXtUUsvafnKxXzfRU3JAi4QPS0lpKvS 0haffAT3zPFtUpZoLvofeIK3HazBgYs1SqmQWFjOPkbUgKlGKfR4Y6MvLdhz1nLTdVgvqTF9GywH lAOBWCMQ9FM7rYOSxPt/vIATbVddTEzNLtp5zFA9jfnzd+TzNxdMp4hObJ4v/4745jW9fzj4waQt Zkav6Ps7fT+hKKu+uqnd33rsVf3/V7pTb6WkM2Z/P4mixqWv2kDuU9b60l+8bghyccJ2+fcHGoyk LV3jmU4viwSjJyWnuE85BOJns7a8uLPd58JE//kD298wleza/exDUmZQSKTpuRv3fqRZEyF/BOpW YDMS6ay5mTIv5RKn5W7ZOH9UYAuRKSFJ/P79mfR8Il01NzUxMm3EllXJpOSZAo+26x8f2LXTtHL/ 7l9kSkc7hvXbH2mKBG4otkjD2/gnEJK0+8LR/4nR/Dci/LMeWTaRMZg4vaiuY3Cwo65ouhjvWUkP FT2rSk1kXZ2W+8zqgmAC3ftpM63KFHXH+DvvYOvK5GnkDmHVb6o6GNTi3o3OZt2EPU2V5NFfpz36 8fVgmhWkjM16ete/b9jZQe+WeL1slgsnyKzF/Ro9efHaHf/PsKmfIH33ZyRJ8WzhNEG+AxF3FQ2E QcB25ZMT5zzrSSY/qt7BPobgAoH4JCDEbc3W/emFv9B4JFNmTL/Nqn3auY3I7b2Tz0hKjraK3oD3 uAprtVX2jTDyYaHWSn2pLUxxlONsuGz2P621/s1mba+jN4bTirVfcA+jzk01GdkpbjUHs3dp67d8 8Ufae2Xp/jWKJJ9A/vY/5zRu2ieZkDyTfRz83NQdxHN775kabWbxYtVj+VkU9V71wXO+/SPb3s0c LpIHcMLsap0kHDXaYaYxaQK3uOFJZxAcJvvlZOP2OscnRfVvz6xIz9pQf4Gy7sy5cxTJLPCVpmdt qKtpd005kCRnPTKJP/ZJCySQ9mSDl044IROftSTnitifo24wWi/rtf9l72CvWbuZibFKXdduvf5f Wv1V2iaXNpjmus1M7Oh95DPwE7tuOEaUrPCVdgcBAb+nPvIqXHbKmbQJ173zpbX0PI/sVW/mNvqH mIbGJ07yV+zh5jWaoW5leDpzC7gQ08NBu1c95yFSwGlGVviSW5T5u9HMN8djNDu/vx60+V9t4l6z uZ+/NkQ+bWBGBUloeaXdEtz2dr/5BDfGnAbdEhTsYyYIztZjdTV/cB3WY1KyHrrL97B2fON4AC87 OuJyC7MH10s4XL8q/mzK1mov27/CAg5gmBrJBELbQXDuoju30ckO2WL+vvvgXy2a1RxSbq/9Zje3 rsvsUg90aYrIcj1FKaoN3C41u8fMXAUaC+0TuydNX879enajjr5Wa0z//aHhvI4tw1Rx2QjvO0s/ GUvXaLqZDTZfl3M/+d4CzR/9o+A2Aklzzh3ZPkOlgvHH19453ySBULJa00W2AThTXnZ2B3paSonf ioKSSnb/ldsv4OcB0Hv89r3DgT6TpoTuaVHNxR4+NOmGGt2Hph56o/FeOocg4KapIyhkG6XyuMlH 9gANWVlUfZZsxzua5iAPdGuKlKUaE3GDxKKtumC6tKSF/scg6fh6sp/M2LxpObunQMpse7Musfi4 knRVOp9DWsA04ej+9IKajr5BFg5boWDnmzX1BsYNJm1CWqTp9pkQwI4l1732AVNTEy+FwHOvnR5C 6fbMgx6TppRE2pFXwQ02fgQ5gC6tkEAv8JOKEdQGP5PSoXi+hd4qZvMheJ1lxzm/a5wbzIB0fl+m F+x8raaeYdrXUUM2y3hfDaYvC7j9fq769CJmoHIx8qTtjBftkpLbybZTcsaC+eJzg5MeMKUbip7w vdc+yDpMj/4mZrRwBh03Ch9pE8zAcN5M3L503I4SGVM6ZnB6uQa6W0qXcLHmvnEMASfA9A01731o +orhv6Dy7H+frfaWhkKXZxNxCLoQbbK1cIGAQASo0Oy4Szt3f3fLlnNLo6Nv+uwtmUufcdyjHYrI mw1w0u5QTZ60O+1ymUeMZeZL6FAm1+o8zfDoKK8vjHOsfvi+uNsoKelIwAlF2omSLdhmz9JixcZ+ A3W2yUm7S5Id1zW2UVb5XKYsHF57ahI3b3C70wWUdrses9JJQlVS0+Iu8LQnCu6mz9y9WK1lIDOT M156FPFqNUlK4+ThXl6PyO2+tJTLaONbYCgwgsprgjTCTgTtzLmO8AgE7pqntPdcrFm9gJ/J6K6y zPzJZbrATk8dI5b1nC/kHn2hmax2z93jj69gpJ0p4xzG7p317JpbJib7T/5IY/9i95zGm85LIGW/ 0fZ4BaJNj717+aPRxR9mKNqljjdgfCZmekmyc8POTovdMl5Jowt8ch6wcDLMTAkV9LB2E3i6iXv5 sXaJC8fTPcfWWz4g7Rv3FQjLZmj3YpQGAX8Ewl+Q/99NGX+XMGqsPK/Cyx6tXSDo/9r6TYYP2KXs SePG0g1K7riTPe1k/d9rfwnmxBnfHPP/tybeM4Xs4ksm59ZYOmpy76E6W96ovUA+uDftnol0gTGy qXK6gYaTBl+Zcd9J32i2GJrepJ966etCffHP1jvW9j2apBJnLt+2WkH//dDWFxovkVVHW/cnJ0xM QdnM5Al+Udr6P9adzn3CvuA/PkNFnlgv1L7R4i2ZzrVtyd1zly+UUm2NbV026lr7wQP6tNnT2Zwg 5pJM/vHy/HRK92oNu8rNXNLM+7/PJhMEfUmkDz37ts6wjz7pQFG6iuIceeqT/L0AGw154kPTv2e3 K0mckpLGh6xr3Ke/zAaUePV4huNI2ze6hkY9t2Y+evLcxzK8u2brbW+q1k/lNUEMsd0/tLXmDG// ImncWHt+JrstYu3suuJ/SdNYkTPRvpR6533FR//qh0zvuYPV59Ie+gGbUchcxO3cfKlVt7VeT48o SVLG3HypsaH5U7ddFeeQs3W1af9BlTE+6Ah4KyhJnCi/N00uG1rOym0Txn3X3hU2VdNyvusq6QYT Uypz9lS7fUliam75h53NRfwUBF+0Se7Iu7X38kdj4hT5VIpisVzV17yqU+Y+NmucvWMstJB42LHb 004lKTmri+5yyXglSTCaGT45S6SZz+41GuqZr7lVTw/rh1x2DWyfN79x/F5+rNkcGquu2XDN7quM h4j5W9KDxTuWuGbM3Ohsa5+pfiyVgA7PZkhgUBgE/BII7e7PN8U8qd+0cN+Z8DBL7x3vuOOEZEE+ VTaGV+Fvf7rQrmP+zUw4yPV3srw36H/7v+OTLPBFT5W3fNRSyibJXyAnuf/k05HR0uzSd+gTYdOt 9SvvG3t/YUXjqQ52zjJVTs80/FzX2jVXFqimOkQxKXPxBjqZ7nhbZ3C7j5S1w2Tpd6TyuTTF3k+5 m3VIHN0LEyCF5S2OY2/W+k1KxcLNJ5h9Slt/d2cHdahYfrtjr3GUvJjGTkOWpKgeL5LqduZMmVJY dZjerJ2gyP1ncpCAkkxVrc6V6p/PkaUXVjXSCRBJ/5yrmODNz2uGZp1HLp99AnG+60pY00B7Qy5P 2H2Gf5/ik5St13CywTOnkLvj2+cQSTNU+elWh1e2L08eHNiwc7FjyNk6z2j/SZHhO3sjqEglZm7k hJZsWv+utnR9MSEUeB4TlG2KImp0nP3ihHX1d5s+p3TFcpK/wV23y4sP0SOCYPmzPe00LNPulTo6 u9ktfHaqZ91Xfph92wIJlv6/Nxf4yZIh0zJpen55i9F+mvNC/ab58oXbW9m5Zr/F1PG/uuL7nJ0Y dR8NOcAXiuzWz1fyM2b4M7kwbQpCCkZAgPmiDA0D/Z3Z+cYO8ujm+5IkyjMeYafqV673MSLxTc+1 b+h/z553/6QheuDeLrcg71ipOFiUyp8EeHNTMjl783ZmzzLgRfqbu5FO/idXx9u5d19hBEBa9Lgq xV8rNvPR8p0786bc5kzAGfvDTfRqh9vDaAAHBq50nffyXhX2OYzR/oA9CKIAc+ytrttydh99LNCq 37lhaxNJVLx1pavT6tyM4K8F0ZAlkxfv0tMb/2Q+sCRHPnbOZi2XYTd6cm6Znt6rJrfUx3Pk0+ao ta6ZVnafbFe7znt5XQ93Jspxcw+iC4GKkNMc8x+7y9fQY3vqcXFZk46USWbpxT45s3XqdZlPPpO7 UMmtr9DPcP+kmkFPboZ6kaxJ8sqVHzxx8P+Sn/yVI0FhqFaHXp+Nl9dD6s1FKV95HatDb1XCTIsp XcMHH9NiT6aD/5eblRz4NmIf1ty6lP75FVt/R5aYbPR3ymuujMV16cLdc0nqY+qSdPsija1X/06j 4ieZzEwubJtDpwMLIMASCPyNCEhKkvJgLnvmzcclmfyTHfvp9B9u/Yo83xw4ZqX3tl98On1cQPuh FeBmD6FVohJ/MGcBvYDPXC75+ZwY03n7bhez3kj/bcGGf82e7A/A9Y+PmpZ5vB+D3RT3t2Xg0qCU rMqO9dctukDYy7Y2c+NLbJa1/SILmYXljcxrediNA3YC4ecsALuWe4l5e5GU0u/MU7xof29rUmpu 2Yfce43IomieYrs+mNMLLt1NS5kS4haDP1qS1EWL6KXT0C/HCg27vMxulJAQf5aZlfydlAeXKSn6 pQV/E2I1njhnu9y6eYl8xWn5a+c+LC/KThX6+0L3P9z1HnauI+SUy3c0+NFPnEGfMdEfONh+jZ40 n8/M8jWxtl2qe8l1pNHrUvQbOBTkq1f7bnPnDWbiGN60mJnbcesH9Axj2WMz2C/gEGyGPh5RAwS8 EQjr5uZmiD7z9l2/eMlS9rZjdHrOuU0Zf58wKnnt3wo1Bt3bgp16l3x33HjuoTvwEvety9q1MnIK S3vJ4xl3etGi9O9Rd+fWdbrnJ9Tluj7U37K2vrK9ghxzD2KCQjZu9XLPuw8763fd0vNKkX2IzFrG KYevZXy6wBDC+ZcWj21j8lqeWY/lsnsV9AuL6J11Y8OB33Pb6XZnbebmI+br5rq9jJAnkbcXcXsc 7G6l4/ZKv9eIrPbTbwfzPqEhB+2WkWOBrFi6XVLlsgdThtC9UL7+7Fqrj9cKKec7Q0mvyctoIb9+ TnNN9VOyPsR2QXf81FHdkFfjySt+32lveWXFzg7ljk0rpwnx/O9Owd5TLoHA8TFJDflPY+DX6TM7 QdZjB05+6RqvG+YjzZ0TmffPDFn4uSdgl+iPSf3p0yVSY0X5O02nWii/A2OgpdUj24Z+A0e+/XQG +3YKa4P2pNvxM5v5yBH/b1i2rx80njF/+fsD/82bYYRvM5RxirIg4JuAIDfLxPvTU/2/dI68Cq1s 3e9/uL+LlUxL3cbcdF6KEsXTZs7XGz1f9QUdOPY7xoovXxjICelP3Nd+6QwX8giuq8jLXkgfvyb7 bbfICfCXq/XSgo2blHcHJkKOq9ZteyLneT2t6799JcAE5brxzTpqA5Nc436xyXTGiu0NRpejwK7l +j892tDGrfmz+9buy/j0FjUVaFMgIMy/Nhw4fMnrs/T0otU5RFbJ8swy8pRSm/fAk7zj7P0X9u37 +j7y2DTwX85bvGSyYiV5fOWugZYmx31TIv2XlfSxfq/XGGbD3pGqxpZhdr6p3NXOTIWAXRlqASZX a7pbZiJFJzrcZFHYL3ZNvvGNnVpqLrv2zorloVV59UNbjSc/nPPOgTvvS/qSzOr8JGmyaRb860Yf u9kV3MXGlLzwYMW6Xc5XFPR/dvDQl2MDr5Gwnb1Qm/eTJ53H2W39lw7tu35Pyt/PXrphgTfhD0nv yXKIVif1iH4SY1y3Pu8/7lH/1O/qy1/frzv8mdeNKvt3ipmNWV/Je+ApXtJo76V92uv3/WOAuwG7 fqAr+0VB7QT+d5yd4YVnM7jAoRQIBCAQygECl3fI+353Ov/8MfNSbvb8kv8XdDuOkNKntr61tFQX KLhX2jpP/jiPmXq+/5k78sv0VlnaQg45k2M8v/c46EK66zwxz0fjfMu0byLkGHzTIfa96uT0bck+ +ly1/4v1in/+h1/ewZOcyWGPfZPTsMxBQWlBpc7kONfugpo+L0tE0/Gyd+bsL3fumRiwv0LAfQeU 7TXtyYDl9/Utf3Tz3H5qn3/mjcuR5J0B8/rufbZ37Bkh++vQWSfZA3jsASqF48i7/ag9TYJ7nwGv CfvRbe6oNHsWawETUOb4FHeQkoeUO5ToeZKQQ20/DO3vcKP9TQPOc1z2k+v8E/YLFKU695B7HoIK fBiPdcwRfY/BzL1ugf476xg3APpMuuoNygfJ+CAfWQz7jpkGOCNcAXLQa9+b1dyLk5kXMFz7nDk6 6P5eBDJ+7cz9xDQY2uQYocc7Wx0HL7nQ2EdFX8e+nWvoc+305fFKfxoJe9DR8WYFZmxzx+Ldv2gc GecJe2/fRO7dCS5n3mhIBBH/BCl71t/lshPjvyfAawvcF9bj1weGYDOUezLKgoB3AkGfa7dovL6N 1eP3X3gn1NmvCinxR+91iTrSZ6ftd2Du7SucaprIAWfHd41uxd0Bz5fMECmi09eZWl4PsNoRkFuk XaDpogWVh5oCqzR3DJ74rNEEUdz+ug9HH7xrLf92Yr/Z2X9rh51A1Hg25nzTDj2PcR5A570EhoXA Px9vVzjvP0YyYHq3mpw1J01rDtgZem+duzOyDRRUajhy35r2vdnSfZH9lSDm7kw+YX+Q4+K+6pZu egeeeYx31HH31qFwvuLImzKyrZfo/uh4iQ33F/YlOfbLORd0cPZMmOK9LskVmgtml7HKb4PMmR50 /bEf2qC/Fyo43lnED77n/3MDxv7aFk7wvmWP1zvmgs73unAF/kLPsehR+p7h4nv2VzyxdEpb/qhz /wv9czhk/mSPDm3kXWZCHDxt/jEZXtxZSM7vGiPY3cQBMmL9fOF6uFwN2mNS8hg3irzcvvweZ+em T2TsfdhDXn3T4pyTezdLgs0d+3QOUedbqrjoeP1FGc8BYPc1fJuQKxAYKoEEYsD/HUaAT8nPlT6S zZwn8bzIw9bv9ubeE3gZXAA/YAIEQCBeCJC36i75ZKlmfXrgjYN46TL6AQJBE4iKpEqmrdxXx/wc qud14YOz/yvIka2gu4yCIAACsU6AOc6+7JFZ0PVYjyT8jwyBaEi77bL2qfTCPyxocn2NK7vJN6Qj W5FhAqsgAAKiJkD/QvH2/w3qOLuo+wHnQCBSBKIg7fYXzX5lMvF/nqu/s/3MZ3+UbypbGt7x4kgR gV0QAAFREmCPrdLXKNmGy/mlSwO+jUqU3YBTIBAFAlGQdklS9vNGw1trJp5cKHO+jk225ui1cY+8 cQxbZVGIMpoAgXggIBk3kX6xFH1+RBPo0Gk89Bd9AIGwCUQljS5s71ARBEAABEAABEAgRAJReGoP 0SMUBwEQAAEQAAEQGAIBSPsQ4KEqCIAACIAACIiPAKRdfDGBRyAAAiAAAiAwBAKQ9iHAQ1UQAAEQ AAEQEB8BSLv4YgKPQAAEQAAEQGAIBCDtQ4CHqiAAAiAAAiAgPgKQdvHFBB6BAAiAAAiAwBAIQNqH AA9VQQAEQAAEQEB8BCDt4osJPAIBEAABEACBIRCAtA8BHqqCAAiAAAiAgPgIQNrFFxN4BAIgAAIg AAJDIABpHwI8VAUBEAABEAAB8RGAtIsvJvAIBEAABEAABIZAANI+BHioCgIgAAIgAALiIwBpF19M 4BEIgAAIgAAIDIEApH0I8FAVBEAABEAABMRHANIuvpjAIxAAARAAARAYAgFI+xDgoSoIgAAIgAAI iI8ApF18MYFHIAACIAACIDAEApD2IcBDVRAAARAAARAQH4GEwcHBUL1KSEgItQrKR4JAGLGLhBti tomxKp7oYLgGjAWGa0BE0SkQB2M1TGmPg55HZ4hErhVyF0AUAuIFpYCIolMAgQiGMygFQynSZeIj CliQj/Q4gX0QAAEQAAEQiCoBSHtUcaMxEAABEAABEIg0AUh7pAnDPgiAAAiAAAhElQCkPaq40RgI gAAIgAAIRJoApD3ShGEfBEAABEAABKJKANIeVdxoDARAAARAAAQiTQDSHmnCsA8CIAACIAACUSUA aY8qbjQGAiAAAiAAApEmAGmPNGHYBwEQAAEQAIGoEoC0RxU3GgMBEAABEACBSBOAtEeaMOyDAAiA AAiAQFQJQNqjihuNgQAIgAAIgECkCUDaI00Y9kEABEAABEAgqgTiRdp7W9Uy8oM95JKpai/ZvDO8 Ya5dyhZKUNWaXQrdshrfP1xVyNmgzRRWHX7faL0V1WigsRgnYLMaj2j3que4jiOt3tzvY0gy/Q21 Fl3eZbCmFVa9c8RodW+D+1LI5lS193sFyxaQbW7t9edejMcE7odOoN/c6jKM6QGmbTV7H0UO8+61 VOpaUqnXe/P0IH6nqjCNuyGzd1wvgzh051GDJUB+GDTUK7xaobYSWvmelhKpPaTKGtOAt9oDF2uU 9kL8MgPdLaVKH+NBWdrS7dVYaO5FoLQYoxCBbg7RZPQoDVgM+0oUvm4r0qKaiz1e+hJyrZuWlud9 tCJVlOos/MHq/FIsqTF966V1toC0tKUn4mM8eoEY4ogZ1uoioHTTcnZPgeNe6jqepQV7zlpueiPU Y9KU+hiW0wtqOvpc6wxYdKUKH20onm/x3kT0AiOCKAjQ2TiT9nSF4l6K8n4jGzDVKCnpg4oH6THl lPab3Zo19F+kBZU6k3MI9plaatg79YJKw58FIC20ifgYf0JTcbcXLUp/NlQuYG6DypKaYwbnvemm xXCspoSZOErXaLrdbosh1xro1hTRg3V6QeVxU59Dj3uYwUqrtKLyrHMM8+a70iKNlykqpD3S4y9E +9Earr7cckwcyQB7t8Vkn4ySCWjTm8wAoygv0mu/hboNfuctdHqRpss5eRzo0hRNZ+641TpHE4MD THHmm6KoNjjHdogEhSg+3FEQog+Dg3Em7Yt3VhKdliprLno8hnxrqllCUWwBnrRzj/Je9ZsbstKS Fm8PXMIEIGwr8TH+wu5+kBWjQmmgz1BNzwJ9PZoPchLuOpDCqMWOYVf9toPgVJ//CM5Ju6KggHjn entla0HagxxG0SoWleHqszP2IVRQfdZl9YerYF/ddJsmMo9Mvga/Y5A757Vcea/6zal+eknLV9FC 7qWd4Y2CUB2Pl712buHo7/7hx/PzpVZd45lOt91DW1dbYxulfDT7/iSuLPuffoupw0pJZ8z+vuvf 6c9GT56bmy+lrA0nDdiMdKGGf/AI2MwHN1fqyerOsd8UTfMcRaTkuPSnn6tUSF0GUji1+rtNn1OU LHP21ESPCEgm/3h5fjpl1TUbrrl+OPHhX/5HpeLr2rWVTZeRO4Kh64vAVf3LZbXW6UV7fr0+U+pF GCSTszdvp4dxbe1vP75ut3JVX/Oqjkwc9zy30svglySm528rIcNS+0bz58wt2dbf3dlBZgKZ938/ 0aMRyd1zly+UUsaG5k99bNEjfMESiDNpJ3fR+1XkBqc73tZ5g8/A1nmmUUcplz2UOsoVTaJMnkbU +9Nz/+NtLCVll1sGBy1l2UlxByrYEYJyAQgwQ8tKKXMfmzXOZ9HE2U8f+5w/kMKqlThFPpWiLO3n PveW0DQhu9wwOGgoz57g7sbYzKerNimsr6x9uQ13TAxo7wR6P21uMFLShcvn3u3zZpeYsWrbSin1 XvXBc9xAClxrfOaqRsuApbloGmNWkjglJY2irO2f/I+X3FJJUnYZfcctz/Y6R0bsgicQf4p1V4aK JMuRR/Qu3nP7jc624zoqa1lWsnuHJVNVq3PJYN2U8S9BZYEGjxYlRwQBdmhJlcseTPH3ZfpOYuIY Ho/wao1JUT1eJLXqN/0wlaQTB0q85zUnSZyVu65ourWi+k2j43lrRIQHnQyOgK3XcLKBLF/mz83w 9xhjF+bzXVfYZ/ArXecD1JIk3nsvfxFAkpKzmuy16zdkpD5JcuJ9ptAH5zdK+SIQf9IuScqY674m z63Gz89K4d9eWSajJ+eWtdaQ5KQL9ZuW5+XIx3In37SBD3tgWIEAxS2Sz0yeEMp3KbxalGTy4l2t +0gCs7V+05K8OfKxoxISmINJAWVecs/iX/+qSPrepo1vG/2exENIQcAPAcmk5JkkWamjs5seRdzq emjEJPfk7vptTcF0ZhAvzpHfab/jQuZDA+m/dCi3IyHbjaStpBlua/L21Xhfz1VJ04r2mk0fag5V cqc+mBsnLfPkrOWJQKc5I9kV2I5ZAryXKDiO7iZkqFuv+u1RwFqSxGmFdWZTi+ZAJbk50hczJaVl /v7CqmY/B+glk3/y6z1rpPrKja8bAhxQjlnocDxcAreudHWSx+80ucwzjcOLTWtn1xWSt8HWCv1K nF5Ud9rU0uR6x6VlXlb40glfR+FDb2ck14hHaafGu67J+16Nd0ZekpiqyP3pxjqyz0Of9NBo2JNv ROOVeeu1X+CNHiP5SyK6viemZuc+sbGuY3CQHK57T6NhDyYRjZ+vWN902edgHT158aY9RXfpN/36 dSzLiy6oMeWQNCV50miy5DkpOcXH+fSA3UlKzV7Eu+MeYk++Wes3KBWbtcj3DMgvUIG4lHZuTb7D ZKGfTvytxnvDI5GmL8rNLSr/cJB9D8OF2rVv6JEhH2gkjdTPudS2811XXSV1TGrRQd45lq9aSJ6w 8wqvlifj0dL0R3Nznyr/sLvPpCECb60te1nve2GALMurn1WSNKhXW33PAEZqJEd0v1mRtnL3zIAo 0lKm0Pnt3NZ7wOL+CzB33J8WlTcP9l3UEIFHvucQgTLV41LaKYpZk2fPGvldjWfXP329mzYpNXcD c3LD80CREOxhIx4IjEnJmk/uRh2nP/N40auf7oVTy2auVXl5RzLbCll2WryFzl4OcHBIkppbVrnA WvsfzzVhLSoexp9AfWAfhwIe9LVn281MnsTmuzNb7/6PBzPjNq3wpdP0F8R2qVZFXm68tNbscoKJ 60XitNwtavKGRJw3HnpY41Ta2TV5WpIv+8yNp+GFOFcdOm9YiDsCkpQHl5Gx5nLYN3Anw6jlmsEU uAkfJdhD9swx925vt9ewDaNiTBNImr10wwLKeuzAyS99bun0G97cvs9KLdiwdDZ3OI1NbPJXi90P vXDiys3v0s/5E5Jnyijqc1M38j0iO1ziVdrZlSJjw3sHtPSbarzmxtOTTm6uWlH+orcVStvl3x+g z3oqVRnjIxsHWI9dApLUpWWbFOT85MJ/q73k/dy4zWr65MpNly6GUYu7je7b/mKLlxUC25cnDxyz Uun5qhkBzgQnZnDH3F9o7I5d7PBcYALjZv2sqEh6oTZv1Vav2zW2y61l2zbprdKiop85X+EwQVH8 r0p61/LX+7wMflv/pcYXth4iL//eUfwgMyzZRChjxfZXWr38+Natyye1QZzBE7jn8WkujNfaERBh 1IpsFe6dmry3xzt/DIb/3tmBnpZS7++Qp9/L7fW1yd7f6xnZ7gRhXYxRCMLtKBeJFqWei/T5SXKR UXSgyeB4Tyed5uZIA/Z4/3bItezvkKd/8eBQi+MnD3hvque/v9PzS+Gk73h9PX4eJspD0l9z0Rqu Ib5DnmQdtbzLncjw8g55xzB2/QEF5zvkXW+h9nfIM4P4Q8dPIdDpy+L42Y7hjoIwAzIckRZjz73c xdgXbpOL/2sxntJOv0rbfl/2nL1JFSUa3u9wCANdECtijIIgHRPUSBQp+fnxK1by+T/o4uhkqLUG +i7S59q9X4pSjfP3NuyviPf1a0ncL81A2gUdcEMzFsXh6lvdw/rlN9+30OkF1W3ur6Tv66DPtXu/ lCWai26/FDc0qCHXFkEUQvbZs0IcS/sg9zsELr/x6lXaCRbyu0O8c+1eHr8EYC2sifgYf8Iy8TK+ o7zCRJ5UnCfOmVuXoqRG8x7vt+C89TjUWh7l6ecf3loB14a/p3ZSxPGbh/hR10gPw2Dti+VLTQ8w +0+92W+GGucqkdfueL2F8tZB3SuRlQDnuXa6EXoQB/qmBAtySOXEEoUhdWIwgVQPdaeBZOmGUSvU VlDePwFEIZgRAkrBUIpCGQQiGMigFAylSJeJjyjEaxpdpKMP+yAAAiAAAiAgUgKQdpEGBm6BAAiA AAiAQHgEIO3hcUMtEAABEAABEBApAUi7SAMDt0AABEAABEAgPAKQ9vC4oRYIgAAIgAAIiJQApF2k gYFbIAACIAACIBAeAUh7eNxQCwRAAARAAARESgDSLtLAwC0QAAEQAAEQCI8ApD08bqgFAiAAAiAA AiIlAGkXaWDgFgiAAAiAAAiERwDSHh431AIBEAABEAABkRKAtIs0MHALBEAABEAABMIjAGkPjxtq gQAIgAAIgIBICUDaRRoYuAUCIAACIAAC4RGAtIfHDbVAAARAAARAQKQEIO0iDQzcAgEQAAEQAIHw CCQMDg6GWpP8Un2oVVA+EgTCiF0k3BCzTYxV8UQHwzVgLDBcAyKKToE4GKvhSHt04Ea0FfIVioPg RRQRjIuEAMaqSAIBN4IhgOEaDKUolMGCfBQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgCAUh7 FCCjCRAAARAAARCIHgFIe/RYoyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAAARAA ARCIAgFIexQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgCAUh7FCCjCRAAARAAARCIHgFIe/RY oyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAAARAAARCIAgFIexQgowkQAAEQAAEQ iB4BSHv0WKMlEAABEAABEIgCAUh7FCCjCRAAARAAARCIHgFIe/RYoyUQAAEQAAEQiAIBSHsUIKMJ EAABEAABEIgeAUh79FijJRAAARAAARCIAgFIexQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgC AUh7FCCjCRAAARAAARCIHgFIe/RYoyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAA ARAAARCIAgFIexQgowkQAAEQAAEQiB4BSHv0WKMlEAABEAABEIgCAUh7FCCjCRAAARAAARCIHgFI e/RYoyUQAAEQAAEQiAIBSHsUIKMJEAABEAABEIgeAUh79FijJRAAARAAARCIAgFIexQgowkQAAEQ AAEQiB4BSHv0WAvcUr+59XBVoSyBu+aoa7V6c79N4FZsl2pVMpm6tVcou72talmCF4P032Wq2ktC diASNoXiADsgAAIgEDECkPaIoY2oYdsX2vV5K47dvsZ4c5C+BvreyL52ZJ1iTcMlYdVdMq2o2WIp z06KaHdgHARAAARAQDgCkHbhWEbPkq1X/8ba2vt2bCnOlI5mmpUkpqo2bHk2rX732+3XoucIWgIB EAABEBAfAUi7+GIS2KNbV7o6rR7FJKlFzYOG8uwJ9k9uWY0N6jnskr1KXdtqX66/2qrOSJij3ssu 58s2nzz3liphaa35htMkvZSdoW69SrktyNusxjr1HMairPClE2bnOr3N2l6nVrGfkM2BVt5HgTvk WYJsN9RyDbk6T1E8H0gv6G45q5Mua6sK01j/qj44dyWctlEHBEAABGKbAKQ9FuM3JkX1eJH0ULFi ddXhIz5E9NZl7Yb0hScnlRsHyIJ932/kp9Yr1jdddmxl699vG7/JPHjTol/9zzOzlinPNbZ12T+0 9RpONlBKVcZ4FzpkF+ApZca+UetMPYODPa0PXyhUbNZevkXK2C5rn0ovbp30nIVu7NJr8tMr7B+F xfe68fUNK0794LU+2tyAZeOohlXrDppp9xgfFrb+Y7mF7EQM9L32g1Mr8tZrv2A8t/UbX3ki442v Fh3qI9XMpVPPnaj3nAGF5RAqgQAIgEAsEWB2akfcRSIU430e6DMdryyYbh9qUkXJm5oWEy1p7NXT UiKVKmsu0tro/Et6SctXg4NftZSkU9LSlh7Hh9+aapZQimoDI6VsAWlJCxHwwYGLNUop+/8Dphol xVpwa4IxqKwxORvjWXADTTtGccb5H/Edphu918V5ruRAT0uplFpSY/rWXpX5C9cXj0Y9IcRg1GN/ rMYgdLgcLgEM13DJCVwPT+2xNA/j+Upvrm+s6xiwGJo0mkOV80wVq/Jy5KmFdUwaHfPYbZXNTJ7g DHCiTJ5maWj+1FuuO7MMYDpwkNmnt13+/YGGSRuWznZNnbvR2XZcR02VT0nk3EjKLrdYmoumSXo/ bW4wSmcmT+I1NkU+1dpw0tAbVsK7ZNL986bptr7d1N6qdVlvv2Zo1lmlKcmT2AwDckkSp6SkWXXN hmsU7YYlTS6z+0dRdJfviNEAw20QAAEQCJsApD1sdKKoKJGmL8rN/enGOstgj0lTKq8vXc8uXNOX sSJnov1sXELCqPuKdT6XpyWTf7w8n2KE/0Zn87u1abmPzRoXUg+tFTl3Ohu7XV58KKTqroXHpW98 x7T/h9c15WS+MtZt8966M+fOUY6mRsmLdUxl25Wu81h+HwJ0VAUBEIgbApD2GAyl97PmSamLC/KV lK7xTCen7fyFa261x/cxtvEZKiVFnrOvf97WeE657MGU0IaG6+I/25qlLDvJwwr9JC31hM4IM3+Z ISk1O7eovHmQZAMY9iy48lKO4sVWdg3AZeWfbYlOHpRMSp7pxXAMxhcugwAIgMDQCIR2/x5aW6gt EAFJctayLB/L3XcwqixJypibL714+sKfnAvi/e1Vc1J8vxOGqULp3nvr3Ubd7GVZyR4jY0xK1nwl 9bmp256QzswwElS15sQZqnxZx+nPrM7GrhurfkJ/5Lkezzp/vuuKy0e2/u7ODv5qvxPVaGn64lWF C6XWzq4riWT+Ie04d8FK5+6xz+r9xpfmsOn9SYwbJoszYb7fYur4RiDoMAMCIAACsUNA4L37GDFH 4hMjnvpws6+jpmC6tKBSY2By0uk08rP7SpS8VLib3Zo1UmlB9VmmQN9FjfNTzzQ6tpU/GyoXuD8W 89LoBge6W0pJE8+30NnpNy0tzyuoBZWGP9Otd2uKpNMLqtuYxuitAcdHnh0YsOhKFfcqSjQmLmuP PJfXl5C/VJ7l0gCZNDpnAcZ5aZGmmxgf6NIUkY7vOctmyJs0/IqcGzUdtB22y5S35YThi/3XX38d auMxP1ZD7TDKxzIBDFeRRC/GFS5civEw/ugMujdLFPY1aKLzhz60iyXLpcfUUmMvMJ2ZBrCvrvMl 7WwO/PQiTZcz1Z0v7cwMwrCvRMHOXBUl++wTC0ZlSWNESumLP+fwGiLad+KafQZM+85P72fa0VQW 2PvGd55oNtMt7y3xDw4oSw69W+k90z7ccTPkeps2bVq0aFFdXd2XX34ZpLF4GKtBdhXFYp8AhqtI YphA/IidJQbBPCVJWCOz44IRhKGwCJSUlFRWVrJVicbn5uZmZ2dPmTLFjzGM1bBIo9LwEMBwHR7u Hq1ir10kgYAbI47AkSNHCgsL77777sWLF9fX13d3d484BOgwCIBAZAhA2iPDFVZBIGgC0PigUaEg CIBAUAQg7UFhQiEQiAIBaHwUIKMJEBgJBEboljPZEBoJ0UUfY50A2Y8neo+8kFiP48jxH3vtIon1 yJV23C5FMgRHlBv8NLqAHX/hhRcefvjhrKwsjNWArFBAJAQg7SIJBBbkRRIIuAECHAGi6G1tbd98 883mzZsfeughcAEBEACBUAlA2kMlhvIgEBECbop+++23R6QZGAUBEBgBBCDtIyDI6KKICUDRRRwc uAYCsUoA0h6rkYPfMU0Aih7T4YPzICByAkijE3mA4F5cEdBqtd/73vdmz54d/Ho78pLiagTEe2cw XEUSYUi7SAIBN0DAOwHcKzEyYogAhqtIgoUFeZEEAm6AAAiAAAiAgDAEIO3CcIQVEAABEAABEBAJ AUi7SAIBN0AABEAABEBAGAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAACIAACICAMAUi7MBxhBQRA AARAAAREQgDSLpJAwA0QAAEQAAEQEIYApF0YjrACAiAAAiAAAiIhAGkXSSDgBggIQsDWb9YfriqU kVeH0FdaYVVjq7nX3XS/uZVXSFZYdbjV3O8sdLVVncEZ4P+HlDvBL+bpsK3f+HJhVTtjijEi29za a3Mtx/xdVWt2+3Pg3tt6WzfLEpbWmm8EKksgNFdtfif0JtwMC94FP477x8L2PUPdetXVRPBMbphr l9rDETSf/vYq1TPay7cCAcfnoiMAaRddSOAQCIRLoNes3bpQvvOjiWuMA+RH3gcH+zQrqPdXyJ+o Ml632yS3da164aPbP/reL403mUI9+hWjjq1QLOQk2V5QWtrSw1phrx7TnsnvKfPWa7/wKcq9+u3L zIt+NjMx3A4IVO9ae82WTcaAMwCBWosNM2NSiw4OWsqyk8g9P2g+iRmr1HeUPPe7yyHPw2IDShx7 CWmP4+CiayOKAHlirlmdd2yq5s2dhZlS9pudmDpv465jldSmhRXc03O/4fXVaxumVuzfmZ8uHc0U Skqdt/6VY5uoTf+63f2hkA8wKTV3w7aS22rfaOn0fqO/bnxz9/nNaxdPZs3iigMCkiRFwebu37ys d1stiIOuxXkXIO1xHmB0b8QQuNZ+8IBe+ax68T2u3+pxs5b/qmmPcgr9V1tve1O1PmuH+tHJLoUk ibMer2rappoShCp3dHb3e9F22+XWV6v/bllWcij3FHYV+pXW/3qF20KYo64zWp3WbVajlttdkBVW f3DuMj+avA/JtoFKXUs2FUhVYnN+ToWR0hXLRzlWsG9ZjQ3qOew2haOkUEOj19xaazcum0P74dwB sVnb69Qqpl3PjxydI/smR89duTk0h7jF+b2tenuLxGwzw4RcjgX5//PgQxZySAdYJxMSmA44d2ck U1WrZzWUHx3y7sbQOofaIRII5WsYomkUBwEQiB6B3k+bG4zSmcmTPL7TEmn6olxFaiK9Emto1lml KcmTPCScLrQoOzXJn8O2q13nLVRayhTalNt1o7P53dq0+VkpY0Lusm7titeoNfTuQI9p3ah9GU9V c9sH143VT2XsvrZI3zM4OGDeMvXceyesDuv97dVPrD4yahW79TBg2TiqYdXq1w391ITs8uMtJemU ssY0YCjPnkBRty5rN6QvPDmpnCnb9xv5qfWK9U0CLTIziyUrTstfu8T48dG2UY056w6zQmi7rH0q vbh10nMWuuFLr8lPr1Bs5rauaf+X7f5qkb6PfHZ6y9TO9+ovhIzOS4VDq7brxhYfYphUT35vDcOE f3nwoRdySk7Jf9NHd+CmZdsdDTlbDzoTGkZLp89O0x1v68QGhxDxiZYNSHu0SKMdEIgkAduVrvNW aZpc5m+f2582B3KOPH7u2rlVd1fR6pwUL7eN/m7T514nFoHsUpR0zZ6ypzLp3QF2zf9K9cFz9GNv 77mD1VdKtm3IpSccksTUxVu2rZRy5pjlB5OysPhH7NaDRPovK/Nn609csHguKPS2vbxWm7ajdD27 TZE4vWj3rvwPygRaZL5l+eQP+rSHsthZkWRydlnzYHNRKt3SVf3LZbVpz25Z/xDTcNK0ovL9+f+1 9uW2Xnb5xLR025bFzJSL7Xh6YFaBS6TbiREms+ZmjvPOhGfHZrlwQj/14awUZuSMlmb/x4eDB4tS nVM0yaTkmdK2xrYubLgHxi+aEpB20YQCjoCAqAhYd+bcOcqZID9Ktvh82h6Dbm+u24I/4zQ9abge YGLhq3dps6dzu/608E6RT7U2nDT0/q3XcLLBOlU+xTFXkSROSUnjjEiSsssslh2ZV36vpa/DtepF 8uJD3lqwMXZkM5MnOG92iTJ5mqWh+VOPkwNhBGC07P4fKXSv1jT9Z6tWb1/9Zux4WUdx9O4qvXzi sv5BfxRG836rMDZ9bKA4Kkpk0+cp2rbW/K699XdeDlPQMSG4qA6TxfXpX2hnYU9QApB2QXHCGAgM EwHm0coa4P4rmZA8UxbwXs/1wJkh32PSlCooZX72j380i8vPc+9lv8XU8Y1gXbd2dl3pv9LV6Vx+ 9zTdf6G28P6x8id2n/2aPCyPU1UYapb47pqxImcib5pyX7HOn+1QOiJJTF9/zFT1w+u/2543Rz52 lNtetbUi505nw7dz8w/b1/TWho/LZq6173vTO/Sq2kuRfVxOzNx4TL//h3/WbF+VIyfOCp6LEApO lBWIAKRdIJAwAwLDSyBphio/3Xq+64oXHSBJZM3MA9n4DJVSSgunl5PKJCvtiMvpdkd/yHLx8/s1 329YWfzv+y54f3SjH+zucAXg4zGU2RQIsHRPZwMkTkpOsS+/e5K9YT746+ITD2u6uz4sfyqXXNmT e0yf+47AkhrTt7yDfPT/Wsqz/WYW0I+r3p+k3btANgsUuUXlH9Lb2wbNgitbc56wnzWQKmsu8k8Q Mg2XZY+bSM+xfFyS1KJmp6+W5qJpErIf4Vyx4Fe7RU+AvCZPhDQaE1Ozc58q/9DCdGAe6YBiu16I JY2QnEBhIQlA2oWkCVsgMHwExmcuXa7QvVTe5HbuvPdS7S/SFx67/l2yeypJyly8gay+lr/vmkRm 679U92T6yqPXb3PTZ3t3Rk9eXLq/VFZf/O+vO4/I8/pKrweMc10zGJOSNV/pOY2gn+8pl6V7lxVj Zs8+f25G0neSMubmSz83dTvmErb+7s4Ork26GMVfybf95fpVrxnmEsbOxdMX/uSc85A3scxJCeJp OOgu2EmQZMTcVYX5Usv5rqs2erIl6zj9GS/j/7qx6ifM63qYOZZHx/0MHknKg8uU12mzLoVYDl4T G8MaiXQHVha6zRE9QxaWbVSKKgG3mewI+SdBPEJ6im7GOoFQxmrPxZoiKaUs2XeWSckm2eAmXWUB +UtpS7f92XGg7+K+AqlUUVJvsHCvrDHpqum/lOq4WoNf0Rnm7q+sIdbOViqklKLaQCd1u13fmsh6 OJ2Uzvv7QHdLqZJSlGpMJMWdzWM/u6+E/MVhgWmIIs5oTLRNxn/pGk0369jNbs0aqbSo5iKdId9n 0pSQ1in2+Xugp6XU2S9il/SAkOJ8djjzbV/fX+12CqpZKn0XNS4++B0ggbvAtOXsI7N5Ye/CQLem SDq9oLqNaZjd11hQafgzw6JLUzRdWrDvItNx5iPKHaCLazctLc+TbZESzUUmlZ1ZIthX4jTIMUkv afnKXo/xjc/EG58BU43SaZblnF6k6XJEkingZdnDK7hQhmusfzVF7f8IVTiMP1GPSjjHIxDiWL1p MRyrIdLFXdMLKt9tsSurwyoRhaYaogrcJS2oPNRi4gSDLuRD2om+GqoVRImdkwCeoz0tJVIPAaBb epORZOaiW/qQUXH2YhpSlNQcoicgzOfVOhdve5hpB1NXUXpIs9OpMZywOcy2nNWUSO3TkQGLjggs sWdfD+8xtZAOs4YIE419WkME8mKNkkwSXCcl/BEYoAvsKjznP9tFYt05kaIb5sLh+pFj4kVXIjMt TeViv9JOz3X8Bped7gQj7cRlPh9ilnRgujNGTAdMJlNbW9s331zzMmnz/Q0Ncbjiqx4pAgnEcFRX CcTRGMlOGZkdFwd+eBECgdgZq2S1+cmNVOmxjZlBv2iWeb3M+X81fcCeFhumq7dV/URX8dFh9WGY uu6nWXLwIC8vjxTI/f4/3r72tb1Pzbn99tsDuhk7wzVgV2K7wDB+n2IbHLwHARBwJTAufdW6zNfr dTH2ayK2/v/55Pw/eXnVD+LLEtD+zx8PrF9wxx13lJWVnT59+ttvvwUZ8ROAtIs/RvAQBGKEQFLW M29Kj/z2fEwdgL7W/iGlfiYrULZ8jIQgkm5u2bIlKysLGh9JxoLZHqHr0lg1EmwEwVCECWCsRhgw zHsn4FiQ9wPohRdeePjhh2fPnu1Yq8dwFcl4wlO7SAIBN0AABEAgxgjgOV60AcNTu2hDA8dAgCZA HoMAAgRigsCiRYuOHDmCDGUxBAvSLoYowAcQ8EkAK5wYHMNCIJgFedYxouj0+wCzs6dMmYLhOizB 8mwUC/IiCQTcAAEQAIFYIkAUva6u7ssvv2xqaiooKCC6Hkvex7uvkPZ4jzD6BwIgAALCEYCiC8cy gpYg7RGEC9MgAAIgEB8EoOixFUdIe2zFC96CAAiAQPQIQNGjx1rQlpBGJyhOGAMBoQkgL0loorAX FAGz2UzeThPqDjqGa1BwI18I0h55xmgBBIZAAPfKIcBD1WgTwHCNNnEf7WFBXiSBgBsgAAIgAAIg IAwBSLswHGEFBEAABEAABERCANIukkDADRAAARAAARAQhgCkXRiOsAICIAACIAACIiEAaRdJIOAG CIAACIAACAhDANIuDEdYAQEQAAEQAAGREIC0iyQQcAMEQAAEQAAEhCEAaReGI6yAAAiAAAiAgEgI QNpFEgi4AQIgAAIgAALCEIC0C8MRVkAABEAABEBAJAQg7SIJBNwAARAAARAAAWEIQNqF4QgrIAAC IAACICASApB2kQQCboCACAn0mlsbqwrTyG9+0JessOqw3txvc3e039x6uKpQxivVau737I3tUq2K FMpQt14Noqu2fuPLhVXt/f3tVXMyirVfeLRKUbTBFFXtJS8f8RvgFbOZa1U+Hbjaqs5IUNWaaXM3 zLVLE2SbW3vJP2z95uaqze8wfw/+svW2brYj4cjw/kND8OtM8A25liS4VM9oL98Ktz7qxQkBSHuc BBLdAAGBCfRf0qqXyLefm/hL3cAguQb69E9Qx9bJF+4yOtWdyJ5WvfDR7R9975fGm3SpwR79ilHH VigWElV2dcjWeaaxI7dy590NzZ/2BvS1V799mXnRz2YmJs54LH9q7RstnR7Kyhicv1o1Nfi7mCS1 qHnQUJ49IVD7Y1KLDg5ayrKTiO1r7TVbNhlvBKri9rkkKbvMwhAh6HpaSqVUeknLV9wfGB+CdiaU lhMzVqnvKHnud5dDm4iE0gTKxgKB4L8UsdAb+AgCICAMgevG1zfmNXxfs397YbqUuU1IElNVG1+p qaQqF27Xc9rcb3h99dqGqRX7d+anS0czLSelzlv/yrFN1KZ/3e7ydH5VX/NqR37uz3MXplW8ftjs XymvG9/cfX7z2sWTic0xKarHizqOt3W6VbnR2XacGJxLl8HlICBJUhRs7v7Ny/pglkbALW4JQNrj NrToGAiET6D33MHqc8odrLjyrsSZy6ve2qOawtw4bL3tTdX6rB3qRye73EgkibMer2rapprCq9v7 aXMDla+aMS7lwWXKc41tXX6eKm2XW1+t/rtlWcmsVcnkHy/Pv9xw9FOXZYDeMzVbv9mwdHYS590t q1Hr3DuYo671tingtgZuY+owy+ZphVVHz125ae+qY0H+/1rV83MqjJSuWD4qQ33yY21xmkzdylt1 YBbeuaX70HjznGFX7//fKq2jCyp1Xbu113zC4d5Lp61OZKSzDeo57Hq/iukqD6dkqmr1rIbyoyHu IITmPEqLnACkXeQBgnsgEH0Ctl7DyQarbGbyBI8bxGhp+qO52amJtFPXDM06qzQleZLHc7NEmr5o UXaqXXbJJIAYpJSqjPGUJDlr2Wxd4xnPBXaHrHY2v1ubNj8rZYz9L+Mzl/6Uqm5qp3e+2YsxmJb7 2Kxx7D/7ja88sfDIqDXs3sFNy7Y7GnI2vG687o9df3v1E8t2f7VI30cqnd4ytfO9+gse5Sdklx9v KUmnlDWmAUP53PvnLl9INWhPOjezaQhU/twMeul+iFfTpt2GqVtO0/63PNi+8oeyaS9c+PGL3WQr 5OJGqvLprU1swsGty9oN6QtPTio30p3t+4381HrF+ibeCvxo6fTZaTrPdY4huofqsURg6MMxlnoL X0EABIIgcOtKV6eVmiqfwii4r8t2teu8hUpLmZIY6DZiMx8u32fXvzEpWfOVuldrfK4Y93ebPpfO TJ7ktEqWAR7JTzvVbLhmV/YvTx74wyOrc1K4MtfaDx4w5RcWZ7J7B6OlimX5yksnPrnie22AWXIw Ld22ZXEq7X9Sau6GbUTCA1ySpMzFG+TH32j+nLNsX41wzGICWfDzeXrJtg259HxotDTjXzKlUuWO 0vV0j8hWyA8fTvv6g7P/S69b9La9vFabxn1EUYnTi3bvyv+gjL8CL5mUPFPa5n9pZAh+omoMEAj0 nYyBLsBFEAABUROg8910MrIaz+qfhF6Tt/hMpqNnDNfT5DKXaQWzyKw58Hv22dTW2fLGBz9aPvdu +/2LPFsbLOUZV1qPaOlrrzonu1j3jV8ozJKDy7wkcYp8amCOdFqfY9WBtxoRuKYgJbwtqCTK5Gmu POm/UB0mi5dzCoJ4ASOiJwBpF32I4CAIRJvA6EnJKVLqc1O3X2mQTEieKaM6Ors9j8O5OEznu+ko Y0XORO7016j7inVWa8NJg3OBnVeh32Lq8FTl0ZPn5uZ98G4znUxHDLbc2rA407kGbuu/VFcou1Oe 8+rZ60T8/0H1mrZG6Vfb2CWHcC42rY9ddSDzg1NyxhNm49xxyQIfyfPSdKBlEmcVHkzSJsMznK6g TvwSgLTHb2zRMxAIk4AkKWNuvtRyvuuqt9PkVuMR9nT7+AyVUmrt7Lri5RQ1yVA7wiay0flubcqa i8wuuP3qaSmh9pUf9pbpRT9x3uHF8aTZSzf8lV5k7v/0KMnIe2yG87HeZj64vvTEI5rugebyop/m 5i7Kln1j6vCrduy8JKyLSeuj6FUHejV+MusJc5LNcVmai6ZF8t66pMb0LR8n+X9LebYQmwJhEUEl 8RGI5PATX2/hEQiAQFAEaB2drdu6p8nt5Sf9F2qfVC48eu27d5BbB7PxrGjbWv6+6ylq+hn6yfSV R6/fdgeXQJfrfvo8aYYqX+Y9mY4W3XHeFpPHzXpsIdX4n4Y/NL0+NU/lTLKjKPpBn0p76AfsTju5 bH3XA539YuYlLksO9B5/UHAokta3XN5wsLHxaINLul9wtYdUip11XTx94U/OWRf9Vh/XV/ewQNw2 NYbULirHGAFIe4wFDO6CQFQIjEt/+sWaeafyVmyrM7KnrpiXsq35WfEff7p/x0+4026JGU+/tnPe B2tXlDYYreyzOzmwtWtNdukfV1bvWHyPhMmip7ycPqfVUeE9i5ve87ae7/JMgZOk5Kyeclhd9oe8 5T92OW7HThQaGvWMDzbr6V2b/6M2wBI1Of+9es8jx1asa7hEr0D0mrXV28khNy+XYw/+Rn//35jP 2bS+o6tWHUxb9qA9lS8qYSGNJGX9cs/DH6x9blc7ExfyZqHt2zZRa8qWpjru5rYrXeetWY7Tg9Hy DO2IiACkXUTBgCsgMHQC58+f37NnT1lZ2VBNkdTrt3WGZ1I+25g+it5EHjVW8Q61cLfp2LZs7u00 jMhNK3zbeOwZ+YWNstuYreY7FfsHFu7XHyubR56hbeaj5RWTeKfPHU4x6qhs21pzxuPNdGNSf/p0 iZd31JDW7p67PN1EPbY0c7xr7yYonnl1X+aZHMaHKf/+h7sLX9UETHeX3JO7S1OX1po9lvRv2uqz 962rXOwN2piUR54qvbVVPmpq3kH7kT06rS9XSg2LfI6enFum3//wFTUTl7FLjkxcbXhnTbrznAKT 3KDknx4c6lhA/ZgjkEA2aWLO6aE7TL4RI7PjQ0cHC1EmEORYJYre1tZWX1//0UcfEQ83bdpUUVER ZVeFa+66serJjVTpsY2Zfo/fCddgyJbIO20KFKcf/2hvruvrekI2JHwF8s78R4pN6iNBvE9X+MaD HK7CNwyLrgTw1I4RAQIxTIB9Rs/MzJw1a9a6detYXY/9a1z6qnWZr9frxPozJzbrf+5r+OuGf80W na6T5AZ9fdmUf/ulIuB78mN/mKAHvglA2jE6QCD2CMSpovMCkZT1zJvSI789L7qT2czv142SVQ2s 2/l0+jjRDZ1+w5vl31T82p4MITr/4FCUCIzQdWmsGkVpfKGZIRPgj1W3VXc/tmN8QX7I1GBgmAjg 1jpM4N2bxVO7SAIBN0DAJ4H4f0ZH8EEABAQlgKd2QXHCGAgITYA8BjU3Nx86dOitt94S2jbsgYDw BJChLDzT0C1C2kNnhhogEEUCjhXOa9euGQyGIDUeC/JRDBGachLAgrxIRgMW5EUSCLgBAgEIjB8/ XqlU7t279+uvvybP8T//+c+BDARAAAS8EoC0Y2CAQIwRgMbHWMDgLghEnQCkPerI0SAICEQAGi8Q SJgBgXgjgL32eIso+hNnBELavHTsx//93/99LL+NLs5iOIK6E9JwHUFcot5VSHvUkaNBEAiFAO6V odBC2WEmgOE6zAGwN48FeZEEAm6AAAiAAAiAgDAEIO3CcIQVEAABEAABEBAJAUi7SAIBN0AABEAA BEBAGAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAACIAACICAMAUi7MBxhBQRAAARAAAREQgDSLpJA wA0QAAEQAAEQEIYApF0YjrACAiAAAiAAAiIhAGkXSSDgBgiAAAiAAAgIQwDSLgxHWAEBEAABEAAB kRCAtIskEHADBEAABEAABIQhAGkXhiOsgAAIgAAIgIBICEDaRRIIuAECIAACIAACwhCAtAvDEVZA AARAAARAQCQEIO0iCQTcAAEQAAEQAAFhCEDaheEIKyAAAiAAAiAgEgKQdpEEAm6AAAiAAAiAgDAE IO3CcIQVEAABEAABEBAJAUi7SAIBN0AABEAABEBAGAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAAC IAACICAMAUi7MBxhBQRAAARAAAREQgDSLpJAwA0QAAEQAAEQEIYApF0YjrACAiAAAiAAAiIhAGkX SSDgBgiAAAiAAAgIQwDSLgxHWAEBEAABEAABkRCAtIskEHADBEAABEAABIQhAGkXhiOsgAAIgAAI gIBICEDaRRIIuAECIAACIAACwhCAtAvDEVZAAARAAARAQCQEIO0iCQTcAAEQAAEQAAFhCEDaheEI KyAAAiAAAiAgEgKQdpEEAm6AAAiAAAiAgDAEIO3CcIQVEAABEAABEBAJAUi7SAIBN0AABEAABEBA GAKQdmE4wgoIgAAIgAAIiIQApF0kgYAbIAACIAACICAMAUi7MBxhBQRAQAwEbOZaVUJCgmxza6/N wx9bv1l/uKpQRgrQl2yOeq+21dzPlbP1tm62f8SVYP6TVljVbO73tCaG7sIHEPBOANKOkQECIBA3 BG50th3v2LBzZ9qpZsM1t17ZLjetV6w7NmqVcWCQuS69Mbf/yIq8NbUX7OpOaqSXtHzFfsxcA32m X01670nF+qbLEPe4GSYjoCOQ9hEQZHQRBEYIgd4zNVs/z1+wPHfZ5Iryo2YXMb6qf7msNu3ZLesf knK3vaTUeb/YsuO++q3vtHt5xGeRSRJTF2/ZtpKqfbe588YIoYhuxgEBSHscBBFdAAEQIARsvYaT DZRSlTE5JWu+Une8jS/Gtqtd5y0emMakFh0ctJRlJwW8E35u6uY924M3CIibQMABLW734R0IgAAI cASuGZp1VP7cjCSJJOXBZcpzjW1dzud2yVTV6lyprljxZNVhrT6UvfNbV7o6rdRU+ZREkAaBWCEA aY+VSMFPEAABfwRs5qPlFVS+akYSvY6enLVstm5rvd650j56cm6ZXlc978SmJXlz5GNHJSSo1LUk i67XL9Zb1vaaF7YekhY9rkoZgwCAQKwQgLTHSqTgJwiAgB8CdAKdTkpW48czhcbQa/JWnWsyHdlc f7bOctNieE+jOVBZYKkozsuRP1TokkZnrMiZyMuPv022uD1tj8G4N3cybpYYgLFDAKM1dmIFT0EA BHwRsHW1NbZR1p05d5LHcfoaJS/WUcaG5k89nspHS9Mfzc19YmNdx2DfRU2JrL741wfNjhQ5R4Y8 yY3XlCjuVeTPnfOjNHvmHQIAArFBANIeG3GClyAAAr4J2Hr19Vt1WTWmb/nn1npaSqmK1w8zss2c d89Qt151MZI4bXHxMiVFZgW8XXmuBMmNz925v2JqQ8HCf//tJZxrx/iLKQKQ9pgKF5wFARDwQoBJ oHPfDpckZczNl3KyzSTWWbw9xBNzWcuykr3eCiWTf7Jj//Py+tJfvG5AfjyGXgwRgLTHULDgKgiA gDcCvZ82N1D5y3/svh2eNHvphtm6xjOdJFFekrp01855DevXVWmN1luMlVtWY0Pp6rJblRuXpvpK kRstzV5fVTlbv+nXrxuvgz4IxAoBSHusRAp+gkBQBL799tvTp09rtdqgSsdDoRvmw69XyJcvzWQT 6PjXuFmP5Sp1r9boyTq8JHFa4dvGfbnjz26U3cZsx9+W/vKfHtj2/rGNmX6PtY1Lf/q5SsW5TRt3 tXJzgnighj7EN4EEsjUV3z302jvytR6ZHR+BsY71Lgc5Vominzt37tSpU1u2bCFd3rRpU0VFRaz3 Hf7HHIEgh2vM9SvmHMZTe8yFDA6DgJMA+4xeVlZ2xx13ZGVlsbqOCwRAYIQTgLSP8AGA7sckASh6 TIYNToNAtAhA2qNFGu2AwJAJQNGHjBAGQGBEEIC0j4gwo5MxTQCKHtPhg/MgEH0CIzSbDLke0R9q aDE8AmSs7t69u76+/qOPPgrPAmqBQDQJIEM5mrR9tQVpF0MU4AMI+CTgmIaeP3++ra0tSI1HhjyG 1LAQwFPTsGD3bBQL8iIJBNwAgQAEZs6cuXbt2vb29o8//pg8xz/wwANABgIgAAJeCUDaMTBAIMYI QONjLGBwFwSiTgDSHnXkaBAEBCIAjRcIJMyAQLwRwF57vEUU/YkzAiFtXjr24xUKBd5GF2cjISa6 E9JwjYkexaiTkPYYDRzcHikEwrtXdnd3T5kyZaQwQj9FQyC84Soa9+PHEUh7/MQSPYlLArhXxmVY 47VTGK4iiSz22kUSCLgBAiAAAiAAAsIQgLQLwxFWQAAEQAAEQEAkBCDtIgkE3AABEAABEAABYQhA 2oXhCCsgAAIgAAIgIBICkHaRBAJugAAIgAAIgIAwBCDtwnCEFRAAARAAARAQCQFIu0gCATdAAARA AARAQBgCkHZhOMIKCIAACIAACIiEAKRdJIGAGyAAAiAAAiAgDAFIuzAcYQUEQAAEQAAEREIA0i6S QMANEAABEAABEBCGAKRdGI6wAgIgAAIgAAIiIQBpF0kg4AYIgIAQBGyXalWyhIQMdetVL+b6za2H qwrJ5+w1R12r1Zv7be4l/RsRwk3YAIGIEoC0RxQvjIMACESVgK3zTGNHbuXOuxuaP+11a9n2hXZ9 3opjt68x3hykr4G+N7KvHVmnWNNwyVXd/RmJam/QGAiESQA/6homOFQDgegQwK9khsL5aqt6/gqq 4rPirmXy48tM9UWpY+zVbb2tW6fldO5w+SNlM9c+In91Zsvx8uwJ9pJ+jITiy4gsi+EqkrDjqV0k gYAbIAACQybQ+2lzA5WvmjEu5cFlynONbV28pfZbV7o6rR4tSFKLmgcNPF2nKH9GhuwhDIBAVAhA 2qOCGY2AAAhEnICt13CygVKqMsZTkuSsZbN1jWc6ndo+JkX1eJH0ULFiddXhI61m99V658O9PyMR 7wMaAAFBCEDaBcEIIyAAAsNNwGY+XL6Pyp+bkURua2NSsuYrda/W6J3JdJLJi3fpj1fOO7dpyeIc +Z0JCbI56r3aVnM/3/FARoa7k2gfBIIiAGkPChMKgQAIiJwAnfumk5HV+CTGUQm9Jm9xTaaTJKaq NtZ1DFgMTRrNocp5popVeTny1MI6RxpdEEZEjgHugQBNAGl0GAcgIGoCyEsKLjw3zLUF8uJD7oWl pS2XdmTTz/Fer16z9sXVeftG17R+UDRNQoVnJDgHR0YpDFeRxBlP7SIJBNwAARAYAoHeMzVb25Q1 FweYY23c1dNSQu0rP2ymN9yZo+oydavrHntS6uKCfCXF7coHNDIEB1EVBKJJANIeTdpoCwRAIBIE 2AS63NWqqS53tKQZqnwZJ9t0Yl2WteGkodfjBTXUHcplD6ZIgjASCd9hEwQiQADSHgGoMAkCIBBV AtcMzToqP3fu5NGuzY7PXLpcoTve1nmDJNalLn2uZt6xFeuqtUYrK+82a3td6friW2vKlqZKqGCM RLVXaAwEwiYAaQ8bHSqCAAiIgoDNfLS8YtKGpbPZBDreJUmc9Ui+sm1rzRl6HT5xetHbumO5d57d mD6Kec/sqPRXvnqg1HRsfXqiJFgjouhxNJzQarVPPfWUTqe7du1aNNpDG4ISQBqdoDhhDASEJoC8 JKGJwl5QBIi05+XlsUV//vOfL1myJCMjY/z48f4rY7gGBTfyhfDUHnnGaAEEQAAEYpnAW2+9pVKp 7rrrLjzHx0oYIe2xEin4CQIgAALDTAAaP8wBCLp5SHvQqFAQBEAABECAIQCNF/lAwF67yAME90Y6 AbJ5OdIRoP+xQIDdjyfr9uSlArHgb5z7iKf2OA8wuhcHBPhvYcH/g0B0CGg0mjj47ozYLkDaR2zo 0XEQAAEQGCoB8rDe3Nz89ddf7927V6lUDtUc6gtEANIuEEiYAQEQAIERQ8BN0QMeihsxYMTSUUi7 WCIBP0AABEBA5ASg6CIPkMM9SHusRAp+ggAIgMDwEICiDw/3IbSKDPkhwENVEIg8AbzeK/KM0YIX AuRtdB988EGQL6Fz1MdwFclggrSLJBBwAwS8E8C9EiMjhghguIokWFiQF0kg4AYIgAAIgAAICEMA 0i4MR1gBARAAARAAAZEQgLSLJBBwAwRAAARAAASEIQBpF4YjrIAACIAACICASAhA2kUSiPDcuGGu XUryVmTq1l4XA8zfVbVmW3hmXWv1m09UvVBnvuHDlq3frD9cVSgjftCXbI56r7bV3C9EyzwbTI9k m1t7BemSwM7BHAiAAAiIigCkXVThCNEZW1db4+UNldvSGk4aIqV5tt72fYWbPhnwJeyXm9Yr1h0b tco4wL7Z+tIbc/uPrMhbU3tBUHUfk1p0cNBSlp2EERviIEFxEACBkUcAN8rYjbmtV1+/tePhBT9/ fFnawfLDwjyih4jjqv7lstq0Z7esf0jKDaWk1Hm/2LLjvvqt77RHarYRoo8oDgIgAAIjjACkPXYD fs3QrKPy52aMm5q1bLau8Uyn+1r1/1048RK7UC4rfOmEmb9m32turVXPYRfRVepasoDOVrb1tm6W kb/sfZGpmPHMb/5tWs5OK3WoWH67x7I/KX6167zFg6D7E7bN2l6nVtmX60ljdk96W9UysoD/clVh Gu1kSd0rqhRV7SVeP662qjOYdt0X5Hk20wqrmu3+E19uWY0N3roWu4GG5yAAAiAQGgFIe2i8RFS6 99PmBipfNSOJGpOSNV+pO97W6bodritd+87oNcabg4M9+kVflcmfqDJeZ/zvvVT7rGLFqUnl9CL6 gOW5SafWyxfuMnLqTgroGtqkpeaBAUvjutWVl1pKpdSSGtO3lvLsJLf+S6aqVudKdcWKJ6sOa/U8 fXWWs13WPpVe3DrpOQu9Yn/pNfnpFYrN2su37CWs+oZPxpeeHhz4k371o/Pc5ijOPro0zNhcvI9a beobGOz77cMdGxXrmy7TM4Jbl7Ub0heeZLs22Pcb+an19o9EFDq4AgIgAAKRJRCdn/4VWyuEqdhc CtGfb001SyhpaUsPs8U9cLFGKZWWtPRwVthP12i6ia6z11ctJelcgZ6WEun0Ik0XtzlOPqT/IlXW XBwYHOihhTy9pOUre0X2L7S0+/Cwx6SrLpA6RqmypEbTYrI7wrRLKWtMzsbcPKF4bg8OmGqU1IJK w5+ZtpimuT7y++vad85nxkNnR+zO0n/hdydEzCIoHvtjVQQQ4UK0CGC4Rot0gHbw1B7ZmVOkrNMJ dG1SshrPppVJkrOWZVndkunSZk+XjrY7kDhFPpUp8Ldew8kG630PTf+eM/aJMnka1WGyhJX4RjbX n62z3LQY3tNoDlQWWCqK83LkDxWyaXT0Y7dROjN5Eq8xuydect0lKTmri76oPniOXrK3fXnygE6+ YXGmW+oc03cqLWVKImtUkpRdZhk8WJQ6mumabGbyBNeuWRqaP3U9QRCpsMAuCIAACIiBAKRdDFEI 2Qdb55lGndVakXMnd+TsdnnxIcqqazZcC2Tr1pWuTqu3QtbzXVfCP1k2Wpr+aG7uExvrOgb7LmpK ZPXFvz5oPy/H85O4y7jq65LcPXf5QoqZo9g6W96onZr/2IzEQF1y/dxYkTORo0L+M+q+Yp3X7oZm FKVBAARAIIYIQNpjKFgOV6/qa17Vuaxys0vuVEX50UCJ8qMnJac4l895vXd9tg4Ki81cq0rIULde dSmdOG1x8TIlRR6tu5ipArvU73r5PMYmScqYm0+ROcrlzrbjOuX8rJQxQbniLORl78BLlkCIRlEc BEAABGKIAKQ9hoJld5Ve5b5ZtDonxSV64zNUSik/ma6js9uZGdffbfqcWcD/Dq2d0ounL/zJ+Yje bzF1UGlyWYjPx5Qk5cFlSl/L3WSLIFmSNEOVL+s4/ZnV2dh1Y9VP/L1Oh65CNbx3QNt4TrnsQdc+ MgSY3QeK1ztmhiEjb+hJ9NK19qo5bln3MRhxuAwCIAACIREQyZ5/lN0giKLconDN8ZPLXK32na1U 3Ms8IjOJZpRUUaKhc8gHey7WFEmdWXXsPwuqzzJJ630dNQXTKUW1gS7pmUbHpraRR+G//KXvL+4P 34MDfRf3FUinF1RqDBY2ZY9suteXKO5VVJ7tY3PhujVFpEB1G9NYj0lTqnAkytE5bi5pdGyNPkO1 gh7E/Odvl9S5AYuulDRRqqNtDnS3lCrt/t/s1qzhdY1sDTg+Ei4C0bUUy2M1uqTQmggIYLiKIAi0 C3hqD3YidP78+WvXAu5kB2st/HI28+Hyg16Sy4jFxBmP5c/Wba3Xs++KUf5yXfYXL6SOSki4M/vU 9Dp9We5kNqsuaVrRS/r9D19Rp5PPEsb+m+nhXaZj69O5rDR31yQpKnVpT7H8u9/Ne9fj6LwkcVrh 28Z9uePPbpTdxuxw35b+8p8e2Pb+sY2Z7BqAZPLiXfpdD1/5tYxu7E7FkfHrDHs3pI/zTUCSOOuR fJLwX/S4ysdqvEQ6b8c776wcqKJtjnpg+8AKwztrGP9HT84t43VtyZGJq+0fhY8cNUEABEAgtggk EHmPLY8F8ZaITJAdJ4re1tZWX1//0UcfmUym1NRUQRyAERAIkkDwYzVIgygGApEjgOEaObYhWQ5W 4UIyKv7CAccfX9Ed3YG0iz+y8edhwLEaf11Gj2KXAIarSGIHaXcJhFdFh7SLZLCOTDdwrxyZcY/R XmO4iiRwkHY6EP4VHdIuksE6Mt3AvXJkxj1Ge43hKpLAjWhpD1LRIe0iGawj0w3cK0dm3GO01xiu IgncyJX2Bx54gGTGiSQMcAME/BAIMuUTDEFg2AlA2oc9BKwDI1fav/nmm3Pnzp06dWrLli1BBgNp dEGCQjEBCeBeKSBMmIo0AQzXSBMO0v7IlXbHk9C3334bpMZD2oMcVSgmIAHcKwWECVORJoDhGmnC QdqHtDtBBdR4SHuQowrFBCSAe6WAMGEq0gQwXCNNOEj7kHYvoHxpPKQ9yFGFYgISwL1SQJgwFWkC GK6RJhykfUi7P1BuGg9pD3JUoZiABHCvFBAmTEWaAIZrpAkHaR/SHhQoVuPvu+++8ePHB1UBhUBA IAK4VwoEEmaiQQDDNRqUg2gD0h4EJBQBgeEjgHvl8LFHyyETwHANGVlkKuCX3yLDFVZBAARAAARA YJgIQNqHCTyaBQEQAAEQAIHIEIC0R4YrrIIACIAACIDAMBGAtA8TeDQLAiAAAiAAApEhAGmPDFdY BQEQAAEQAIFhIgBpHybwaBYEQAAEQAAEIkMA0h4ZrrAKAiAAAiAAAsNEANI+TODRLAiAAAiAAAhE hgCkPTJcYRUEQAAEQAAEhokApH2YwKNZEAABEAABEIgMAUh7ZLjCKgiAAAiAAAgMEwFI+zCBR7Mg AAIgAAIgEBkCkPbIcIVVEAABEAABEBgmApD2YQKPZkEABEAABEAgMgQg7ZHhCqsgAAIgAAIgMEwE IO3DBB7NggAIgAAIgEBkCEDaI8MVVkEABEAABEBgmAhA2ocJPJoFARAAARAAgcgQgLRHhiusggAI gAAIgMAwEYC0DxN4NAsCIAACIAACkSEAaY8MV1gFARAAARAAgWEiAGkfJvBoFgRAAARAAAQiQwDS HhmusAoCIAACIAACw0QA0j5M4NEsCIAACIAACESGAKQ9MlxhFQTERaDX3NpYVZiWwF6ywqrDenO/ zdVHW79Zf7iqUMYVSiusamw19zrL9Laq7Z9xRThjL53gF/PS8evGqmeqjNcpHxY4p9StvMaiic/W 27pZlpChbr3qBoT5+9Ja8w3hvGHb8mVTAE9s5lqVoy/95hNVL9QF9L+/vUr1jPbyLeG6CUvDTADS PswBQPMgEHEC/Ze06iXy7ecm/lI3MEiugT79E9SxdfKFu4xOde81a7culO/8aOIaI1NosE+zgnp/ hfwJWpJ5l7SkpYf5nLv6Lu6ZdFyp2OxbGIhcVSy7+OOfzRpHJWWXW+wVe1pKpBTfmqU8OyniLOK/ AUlqUfOgoTx7AkXZetv3FW76ZCBgpxMzVqnvKHnud5fdJnsBK6KAWAlA2sUaGfgFAsIQuG58fWNe w/c1+7cXpkuZL7wkMVW18ZWaSqpy4XY986Bs6zfWrM47NlXz5s7CTLYQlZg6b+OuY5XUpoUVrb2+ b/mJ03K3qEso7RvNn3sv1G94c/sXm9WPTsbNRpiARsKKJElRsLn7Ny/r3dYtItEWbEaDAL5t0aCM NkBg2Aj0njtYfU65Y+3iyaNdfEicubzqrT2qKcwt4Fr7wQN65bPqxfe43hHGzVr+q6Y9SraQ38va YbL0eylx67Kuvnp0TlbKmEAWHJ/fshob1HPYpX+VurbVvnHALlar1HtfZPYMyPq5qVWdkaB6Udv8 EreLMEddZ7zca27mth5khS+1W4V7ECUbFq21ahW3GTGHcc3htc1qrFPPYT/z/EjL7XPICqs/OHc5 aBQ+CtL7GjLV3hPt9hZJRx17IvYF+f/rbd06LWenlTpULL9dxm52MB3gnHRhS+Z7U1WrZzWUHzUL x2uo3UT9IRAI/JUdgnFUBQEQGF4Ctl7DyQarbGbyBI+v+mhp+qO52amJxMHeT5sbjNKZyZM8Ckmk 6YtyFamJ/m4Utitd563SNLmMNuV22T5vfuN42rIHU4K909y6rN2QvvDkpHJmW6DvN/JT6xXrm3gL xbqGNmmpeWDA0rgq8+/p1nQv7269Z4t5YHCgu+VH51dmTJn2QuePXzQODvZc3PGdysUvNAm1hdxv eH11ySn5b/roLYWblm13NORsPchuY9u+0D6lXNj6j+WWm/R+x2s/OLUib732C0Ylrxurn8rYfW2R nuxjDJi3TD333gmrAIPCqltVpRn75DF6g6V7/+TjytU1vO0V0oAkKXvHpZZSKbWkxvQts9lB1m82 rDj1g9f6aLQDlo2jGlatO+iQ8tHS6bPTdMfbOgVMLBCgnzARHoFgv3DhWUctEACBYSVw60pXp5Wa Kp/iRXYdjvnT5kDe26ynd73wkk6au1o11cvdpN9i6hjnbWLhw25v28trtWk7Stez2wKJ04t278r/ oIy3UJyeX7hgWqJEIr33XnbCIV25bctievIhkWbMTSdKtmNLcaaULFEkpWY9lGb9r7MmYZLzbJYL J/RTH85KYVCOlmb/x4eDB4tSyWqErVf/xtra++ztShKn5e/ev/CDtW/oyUYGvWpypWTbhtxUkkhA tkIWb9m2UhqIajCfS0vUW3Kn0c6wHdf/4ROL3zw425VPTlxKe/iH7ERNIp1X9mFnc9E0R9Qkk5Jn Stsa27rw3B4Mf5GXgbSLPEBwDwTERcBakXMnLz9+lOzp82m/Mhirc90W/BmvmUlDgIkFr3ve1hgS ZfI0S0Pzp8Lo8xBYSmTT5ynattb8rr31dy4HB6hrhmadVZqSPMmx5SFJnJKSZtU1G64yqyZ8AsxH Q3DDW1XW5uembm9bIo4Kkkn3z5um2/p2U3urlr+V4ChAo6Z8bKwI7DHMRZoApD3ShGEfBIaRwOhJ ySnSQDd95nHN12a5u/POnPa+i5oSJaV4NHvOj2bRT8mel62/u7Mj5N4bK3ImOicPo+4r1vldwE5L meJ3vyDk9n1VSMzceEy//4d/1mxflSMn0xt+HgBFWXfm3DnK4fYoebGOtvNXZtXEx2W7VKvinSZU 1UZ4n3tc+sZ3TPt/eF1TnpcjH5sgY1IChn3KJFh8YIhPANKO8QACcUxAkpQxN19qOd911csqK8n8 OsKcbk+aocpPt57vuuKlEElqa/YuACQ3fuebmqnvr1y4dd8lrwoR3hMqvTfMP15H/j/C5+J8+cls Z/AfxxNTs3OfKv/QQnaqDZp5V7bmKLgjBhSlrDGxhwadFzmBJmWmVj4uybSiZsdZwMHB5qJUSdCe hDlmk0gHisqb6VwBw54FV17KUbzo7/hDmK2g2vATgLQPfwzgAQhEkEDS7KUbZuu27nHPJuu/UPuk cuHRa9+9g9wExmcuXa7QvVTexGZ+Oa7eS7W/SF947Pp3feS3S+5ZvKO6VP5B8S/ccrg4C8x6QKCF Ymdz7ETk4ukLf3K6Qd6mMidFVXspohvAkpQHlymve0yA+rtNn1NeVwVIemHuykJuPjQ+Q6WUdpy7 YHVsdZPDhC/Nod9Lc4vpEZ9AgJWMkD0Jc+iQJMrFqwoXSq2dXVfsbtOJEZT3dMgwW0G1YSMAaR82 9GgYBKJCYFz60y/WzDuVt2JbnZE9CUYOcTVXrflZ8R9/un/HT5jj5pLE9OLXajI/yFtVWmc/Lka/ yGxddnH3yv2l7gfneH5LpDmbqzYp9JUbXzd42emlt289JdN3v5Oyfrnn4Q/WPreL9YK8bGf7tk3U mrKlqZG9VUmmPqLOv1W8vlR7iesFfZitcnvFpMqyXLZt5lCZSs0VIAx/39xOFa3OSZGQQ+Gr9zxy au3mve20upOPmrZvfIWq3LiUJNnRPfrnhhXqWnphg/7ohe37/G0wBOFJ0MPGsQZg+6b/Gxu9/p8y R63lDhP2m082G6mix1X2c4lMYkTWsqzkyKIO2nsUHAoBBHEo9FAXBGKBAMkzf1tneCbls43pzG7w qLGKd6iFu03HtmU798iTphW9ZjSsk3+2TcZuGY/N2089ut90qCzb/8tmyLTgyarK2fpN28paPd5m Jkn9qXppR+OZzmAfukdPzi3T73/4ippxdeySIxNXG95Zkz703XR2Y9vnfjbJeC99h3T/7Pqx7Ib5 KOXLX83eZnpnY/o4NsaS1BX7DKsnHlnCFCAMj0xc98YO9k0Akntyd2n2P/xHtew2+0eN72zIZHPp 6R7VTT+VTbbnR41dbXhg3S+V/kZNYE+CH3OSFJW6tKdY/t3v5r3bSU1bua9x3cQjirFMgBm2x7i5 HTF5o7PtuE453/EGArPZfP78+eDbQklREUggG0Oicig6zpCBPTI7Hh28aEVAAjE/VsmK+sKdVNXb Do0UEE5opsibXp7oKj5KtrRDqzciSpOpzyPFJvUR5g219KXVavPy8h544IGCgoKsrKyZM2cGwyHm h2swnYyFMhjjsRAl+AgCsUuAvJ98232vv+r5RB/lLtn6/+eT8//k5bU8UfZDlM2Ro/n1ZVP+7ZcK TtcdTn700Ufr1q2bNWtWZmbmnj178BwvyvB5cQrSHiuRgp8gEKMEyFb0mje/1/rbj68PaweutX9I qZ/Jwi/QeIkCec9/+TcVv2YTL7xf0PhhHb0hNz5C16WxahTySEGFYSKAsTpM4Ed6s+yCvB8KXtfq MVxFMm7w1C6SQMANEAABEIglAniOF3O08NQu5ujANxCgyGMQKIBATBBYtGjRkSNHkKEshmBB2sUQ BfgAAj4JYIUTg2NYCARckHd4xV+Zx3AdlmB5NooFeZEEAm6AAAiAQCwRIIq+e/fujz/+uL29fe3a tUGejoulHsayr5D2WI4efAcBEACB6BKAokeXd5itQdrDBIdqIAACIDByCEDRYyvWkPbYihe8BQEQ AIHoEYCiR4+1oC0hjU5QnDAGAkITQF6S0ERhLygC5B3y33zzTag76BiuQcGNfCFIe+QZowUQGAIB 3CuHAA9Vo00AwzXaxH20hwV5kQQCboAACIAACICAMAQg7cJwhBUQAAEQAAEQEAkBSLtIAgE3QAAE QAAEQEAYApB2YTjCCgiAAAiAAAiIhACkXSSBgBsgAAIgAAIgIAwBSLswHGEFBEAABEAABERCANIu kkDADRAAARAAARAQhgCkXRiOsAICIAACIAACIiEAaRdJIOAGCIAACIAACAhDANIuDEdYAQEQAAEQ AAGREIC0iyQQcAMEQAAEQAAEhCEAaReGI6yAAAiAAAiAgEgIQNpFEgi4AQIgAAIgAALCEIC0C8MR VkAABEAABEBAJAQg7SIJBNwAARAAARAAAWEIQNqF4QgrIAACIAACICASApB2kQQCboAACAyRgK3f rD9cVShLYK+0wqrGVnOvu9F+cyuvkKyw6nCrud+zZdulWhWxlKFuvTpEt1AdBKJPANIefeZoEQRA QHACvWbt1oXynR9NXGMcGKSvPs0K6v0V8ieqjNftjRHt16oXPrr9o+/90niTKdSjXzHq2ArFwqp2 N3W3dZ5p7Mit3Hl3Q/OnHrMDwZ2HQRAQmEACGd0Cm4wFc2RKPzI7HgvBgY8uBDBWgxgQtn7jroUZ tVM1v9ubew/veeW6sWpFRvWMlks7spMkVH971cLF1VP3fLQ3d7KzEFv3QGbL8fLsCfa2rraq56+g Kj4r7lomP77MVF+UOiYIN1CEwnAVySDAU7tIAgE3QAAEwiZwrf3gAb3yWfVivq4Ta+NmLf9V0x7l FPo+Z+ttb6rWZ+1QP8rTdfJ3SeKsx6uatqmmjHY23/tpcwOVr5oxLuXBZcpzjW1dtrBdQ0UQGA4C kPbhoI42QQAEBCRAK7FROjN5ksf9TCJNX5SrSE0kH1wzNOus0pTkSTwJZ32gCy3KTk2ye2TrNZxs oJSqjPGUJDlr2Wxd45lOaLuA8YKpyBOAtEeeMVoAARCIJAHbla7zVmmaXJbopxXb1a7zFiotZQot 834vm/lw+T4qf24GWcOnxqRkzVfqXq3RI5kukiGEbaEJBBrlQrcHeyAAAiAgZgJ0Ap1ORlbj2ad4 Cb0mb0EynZhDBt88CUDaMSpAAARim4BkUvJMqbXDZPFyhs3RM8mE5JkyqqOzu9//2vqNzrbjOspY kTORO0M36r5indXacNLQi0X52B4nI8p7SPuICjc6CwLxSCBphio/3Xq+64oX8b1lNTYzp9vHZ6iU Umtn15VbnghsVuMR9nR775marW3KmovsATru6mkpofaVHzZD2+Nx9MRnnyDt8RlX9AoERhKB8ZlL lyt0L5U3feGqvr2Xan+RvvDY9e+So2uSpMzFGxRtW8vfv+xSyNZ/qe7J9JVHr992B8mipxPocler prrcGempgwzJdCNpRMV8XyHtMR9CdAAERjwBSWJ68Ws1mR/krSqta7eyyt1vPlG1Lru4e+X+0sWT maz4xIynX9s574O1K0objFb22b3XfGLXmuzSP66s3kEfnKOz6Kn83LlseefFTh2Ot3XeGPGoASA2 CEDaYyNO8BIEgiRw7do1nU5XX18fZPl4KZY0reg1o2Gd/LNtslHMLvnYvP3Uo/tNh8qyHefYJYnT Ct82HntGfmGj7Dam0J2K/QML9+uPlc2TSiib+Wh5xaQNS2c7jsHZ4ZCz74/kK9u21pzBm+niZcDE eT9G6EvZ8MqkOB/XcdS9IMcqUXSDwXDo0KG33nqL9H7Tpk0VFRVxhAFdiQ0CQQ7X2OhMLHuJp/ZY jh58H/EE2Gf0p5566q677lKpVKyu4wIBEBjhBCDtI3wAoPsxSQCKHpNhg9MgEC0CkPZokUY7IDBk AlD0ISOEARAYEQQg7SMizOhkTBOAosd0+OA8CESfANLoos8cLYJACARIXtLu3btJxvtHH30UQjUU BYFhIoDfyx4m8C7NQtrFEAX4AAI+CThSjs+fP9/W1hakxiNDHkNqWAggQ35YsHs2igV5kQQCboBA AAIzZ85cu3Zte3v7xx9/TJ7jH3jgASADARAAAa8EIO0YGCAQYwSg8TEWMLgLAlEnAGmPOnI0CAIC EYDGCwQSZkAg3ghgrz3eIor+xBmBkDYvHfvxCoUCb6OLs5EQE90JabjGRI9i1ElIe4wGDm6PFALh 3Su7u7unTJkyUhihn6IhEN5wFY378eMIpD1+YomexCUB3CvjMqzx2ikMV5FEFnvtIgkE3AABEAAB EAABYQhA2oXhCCsgAAIgAAIgIBICkHaRBAJugAAIgAAIgIAwBCDtwnCEFRAAARAAARAQCQFIu0gC ATdAAARAAARAQBgCkHZhOMIKCIAACIAACIiEAKRdJIGAGyAAAiAAAiAgDAFIuzAcYQUEQAAEQAAE REIA0i6SQMANEAABEAABEBCGAKRdGI6wAgIgAAIgAAIiIQBpF0kg4AYIgAAIgAAICEMA0i4MR1gB ARAAARAAAZEQgLSLJBBwAwRAAARAAASEIQBpF4YjrIAACIAACICASAhA2kUSCLgBAiAAAiAAAsIQ gLQLwxFWQAAEQAAEQEAkBCDtIgkE3AABEAABEAABYQhA2oXhCCsgAAIgAAIgIBICkHaRBAJugAAI gAAIgIAwBCDtwnCEFRAAARAAARAQCQFIu0gCATdAAARAAARAQBgCkHZhOMIKCIAACIAACIiEAKRd JIGAGyAAAiAAAiAgDAFIuzAcYQUEQAAEQAAEREIA0i6SQMANEAABEAABEBCGAKRdGI6wAgIgAAIg AAIiIQBpF0kg4AYIgAAIgAAICEMA0i4MR1gBARAAARAAAZEQgLSLJBBwAwRAAARAAASEIQBpF4Yj rIAACIAACICASAhA2kUSCLgBAiAAAiAAAsIQgLQLwxFWQAAEQAAEQEAkBCDtIgkE3AABEAABEAAB YQhA2oXhCCsgAAIgAAIgIBICCYODgyJxBW6AAAiAAAiAAAgMnQCe2ofOEBZAAARAAARAQEQEIO0i CgZcAQEQAAEQAIGhE4C0D50hLIAACIAACICAiAhA2kUUDLgCAiAAAiAAAkMnAGkfOkNYAAEQAAEQ AAEREYC0iygYcAUEQAAEQAAEhk7g/weAUS30C3gQsQAAAABJRU5ErkJggg== --_004_6B7134B31289DC4FAF731D844122B36EDE772BPEXCVZYM13corpora_-- From ljlillehovde@gmail.com Sun Mar 15 04:53:58 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB2C11A0372 for ; Sun, 15 Mar 2015 04:53:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TszWe9iPRwHD for ; Sun, 15 Mar 2015 04:53:57 -0700 (PDT) Received: from mail-la0-x233.google.com (mail-la0-x233.google.com [IPv6:2a00:1450:4010:c03::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 623731A036B for ; Sun, 15 Mar 2015 04:53:57 -0700 (PDT) Received: by lamx15 with SMTP id x15so19748009lam.3 for ; Sun, 15 Mar 2015 04:53:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=vq94kvaypylK5WSURRJXvdBpnWmPavRDbKmXJ1+1vDU=; b=vWIujGQW8RF28+67Evbl30xBduCZKxUiNLZJ7ap5Df7w/xBHsd3HH0YMS2+aLj30NK ySnpjVZSSMK5083XISpRDBgY7Ko7ui3QINC8i3/LMtAhFIHXfLSOjByS3fUW8vDUUYQ8 TAymMNUub0x0lorRzcPcsLxiXmZhEGPM9VbRfKc9zViXcZYwJmg24cuEhZQSaikx4jeQ j0BE9KyNfkCv45SDk38DWyjnT9RFIkeg/PVlq7yuIqyuHqhSPqX48AWHadD3upOVnFTE REEE3V3RJUJ2S1r08kcffmNzLFnXHSz3J+0c//rbNbbHch+5GJjOK2e74kG56NxEq61U /qsA== MIME-Version: 1.0 X-Received: by 10.152.3.42 with SMTP id 10mr50299699laz.84.1426420434817; Sun, 15 Mar 2015 04:53:54 -0700 (PDT) Received: by 10.152.110.201 with HTTP; Sun, 15 Mar 2015 04:53:54 -0700 (PDT) Date: Sun, 15 Mar 2015 12:53:54 +0100 Message-ID: From: =?UTF-8?Q?Lars_J=C3=B8rgen_Lillehovde?= To: dime@ietf.org Content-Type: multipart/alternative; boundary=089e013d14b2515a1805115263ce Archived-At: Subject: [Dime] Allowed host and realm naming for a diameter node X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Mar 2015 11:55:49 -0000 --089e013d14b2515a1805115263ce Content-Type: text/plain; charset=UTF-8 Hi, I'm trying to clarify the allowed naming convension for the host and realm of a diameter node. This relates to the values used in the Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296). I've reviewed the Diameter RFCs and cannot find a definitive answer to this issue. The reason for asking this question is that I'm in discussion with a vendor of a Diameter Routing Agent (DRA) which claims that the host of a diameter node has to be in the format host.realm. (1) Example of the only allowed format according to the vendor: Origin-Realm: example.com Origin-Host: node.example.com I want to clarify if multiple subdomains are allowed to be added in the host without being present in the realm. (2) Example: Origin-Realm: example.com Origin-Host: node.site1.example.com According to the vendor, the example 2 is not allowed. To have the host as in example 2, the realm will have to be site1.example.com. Could someone please clarify this naming issue or point me to the standard where this is defined. Thank you. Best regards, Lars J. Lillehovde --089e013d14b2515a1805115263ce Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi,

I'm trying to clarify the allow= ed naming convension for the host and realm of a diameter node. This relate= s to the values used in the=C2=A0Origin-Host AVP (AVP Code 264) and=C2=A0Origin-Realm AVP (AVP Code 296).=C2=A0I'= ve reviewed the Diameter RFCs and cannot find a definitive answer to this i= ssue.

The reason for asking this question is that = I'm in discussion with a vendor of a Diameter Routing Agent (DRA) which= claims that the host of a diameter node has to be in the format host.realm= .

(1) Example of the only allowed format according= to the vendor:
O= rigin-Realm: example.com
Origin-Host: node.example.com

I want to clarify if multiple subdomains are allowed to be ad= ded in the host without being present in the realm.
(2) Example:
Origin-Realm: example.com

According to the vendor, the example 2 is n= ot allowed. To have the host as in example 2, the realm will have to be=C2= =A0site1.example.com.

Could someone please clarify this naming issue = or point me to the standard where this is defined.

Thank you.


= Best regards,
Lars J. Lillehovde
--089e013d14b2515a1805115263ce-- From nobody Mon Mar 16 01:45:29 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBEEA1A1B19 for ; Mon, 16 Mar 2015 01:45:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.698 X-Spam-Level: X-Spam-Status: No, score=-1.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qc_qjiDECK1M for ; Mon, 16 Mar 2015 01:45:22 -0700 (PDT) Received: from relais-inet.francetelecom.com (relais-ias92.francetelecom.com [193.251.215.92]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EA8F1A7030 for ; Mon, 16 Mar 2015 01:45:22 -0700 (PDT) Received: from omfedm05.si.francetelecom.fr (unknown [xx.xx.xx.1]) by omfedm12.si.francetelecom.fr (ESMTP service) with ESMTP id 3F6AC18C284; Mon, 16 Mar 2015 09:45:20 +0100 (CET) Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.183]) by omfedm05.si.francetelecom.fr (ESMTP service) with ESMTP id 2190935C04E; Mon, 16 Mar 2015 09:45:20 +0100 (CET) Received: from PEXCVZYM13.corporate.adroot.infra.ftgroup ([fe80::cc7e:e40b:42ef:164e]) by PEXCVZYH02.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0224.002; Mon, 16 Mar 2015 09:45:19 +0100 From: To: =?utf-8?B?TGFycyBKw7hyZ2VuIExpbGxlaG92ZGU=?= , "dime@ietf.org" Thread-Topic: [Dime] Allowed host and realm naming for a diameter node Thread-Index: AQHQXxb92qvb9nXEVUu+Lnemnxk22p0exO/w Date: Mon, 16 Mar 2015 08:45:19 +0000 Message-ID: <6511_1426495520_55069820_6511_1813_1_6B7134B31289DC4FAF731D844122B36EE180A9@PEXCVZYM13.corporate.adroot.infra.ftgroup> References: In-Reply-To: Accept-Language: fr-FR, en-US Content-Language: fr-FR X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.197.38.4] Content-Type: multipart/alternative; boundary="_000_6B7134B31289DC4FAF731D844122B36EE180A9PEXCVZYM13corpora_" MIME-Version: 1.0 X-PMX-Version: 6.0.3.2322014, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2014.12.16.112421 Archived-At: Subject: Re: [Dime] Allowed host and realm naming for a diameter node X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Mar 2015 08:45:27 -0000 --_000_6B7134B31289DC4FAF731D844122B36EE180A9PEXCVZYM13corpora_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgTGFycywNCg0KQWNjb3JkaW5nIHRvIHRoZSBiYXNlIHByb3RvY29sLCB0aGVyZSBpcyBubyBz dWNoIHJlc3RyaWN0aW9uLiBXaGVuIHRoZSBEaWFtZXRlcklkZW50aXR5IGZvcm1hdCBpcyB1c2Vk IHRvIGlkZW50aWZ5IGEgRGlhbWV0ZXIgbm9kZSwgdGhlIG9ubHkgcmVxdWlyZW1lbnQgaXMgdGhh dDoNCiogdGhlIERpYW1ldGVySWRlbnRpdHkgdmFsdWUgaW4gT3JpZ2luL0Rlc3RpbmF0aW9uLUhv c3QgQVZQIGlzIGFuIEZRRE4uDQoqIHRoZXJlIGlzIGF0IGxlYXN0IG9uZSBwZWVyIHRhYmxlIGlu IHRoZSByZWFsbSBpZGVudGlmaWVkIGJ5IHRoZSBPcmlnaW4vRGVzdGluYXRpb24tUmVhbG0gIEFW UCB0aGF0IGNvbnRhaW5zIHRoZSBob3N0IGlkZW50aWZpZWQgYnkgdGhlIEZRRE4uDQoNClNvIEV4 YW1wbGUgMiBpcyBwZXJmZWN0bHkgdmFsaWQgZnJvbSBhIGJhc2UgcHJvdG9jb2wgcG9pbnQgb2Yg dmlldywgYXMgbG9uZyBhcyB0aGVyZSBpcyBhdCBsZWFzdCBvbmUgbm9kZSBpbiAiZXhhbXBsZS5j b20iIHdpdGggYSB0cmFuc3BvcnQgY29ubmVjdGlvbiB3aXRoIHRoZSBwZWVyICJub2RlLnNpdGUx LmV4YW1wbGUuY29tIi4NCg0KTm93LCBzb21lIERpYW1ldGVyIGFwcGxpY2F0aW9ucyBtYXkgaGF2 ZSBkZWZpbmVkIHNwZWNpZmljIHJ1bGVzIHJlZ2FyZGluZyB0aGUgZm9ybWF0IG9mIHJlYWxtL2hv c3QgaWRlbnRpdHksIHdpdGggZXhwbGljaXQgcmVzdHJpY3Rpb25zL2xpbWl0YXRpb25zLiBJdCBp cyB0aGVuIHJlcXVpcmVkIHRvIGNoZWNrIGlmIHRoZXJlIGlzIGFueSBvZiB0aGVzZSByZXN0cmlj dGlvbnMgZGVmaW5lZCBpbiB0aGUgcmVsYXRlZCBzcGVjaWZpY2F0aW9uLg0KDQpSZWdhcmRzLA0K DQpMaW9uZWwNCg0KRGUgOiBEaU1FIFttYWlsdG86ZGltZS1ib3VuY2VzQGlldGYub3JnXSBEZSBs YSBwYXJ0IGRlIExhcnMgSsO4cmdlbiBMaWxsZWhvdmRlDQpFbnZvecOpIDogZGltYW5jaGUgMTUg bWFycyAyMDE1IDEyOjU0DQrDgCA6IGRpbWVAaWV0Zi5vcmcNCk9iamV0IDogW0RpbWVdIEFsbG93 ZWQgaG9zdCBhbmQgcmVhbG0gbmFtaW5nIGZvciBhIGRpYW1ldGVyIG5vZGUNCg0KSGksDQoNCkkn bSB0cnlpbmcgdG8gY2xhcmlmeSB0aGUgYWxsb3dlZCBuYW1pbmcgY29udmVuc2lvbiBmb3IgdGhl IGhvc3QgYW5kIHJlYWxtIG9mIGEgZGlhbWV0ZXIgbm9kZS4gVGhpcyByZWxhdGVzIHRvIHRoZSB2 YWx1ZXMgdXNlZCBpbiB0aGUgT3JpZ2luLUhvc3QgQVZQIChBVlAgQ29kZSAyNjQpIGFuZCBPcmln aW4tUmVhbG0gQVZQIChBVlAgQ29kZSAyOTYpLiBJJ3ZlIHJldmlld2VkIHRoZSBEaWFtZXRlciBS RkNzIGFuZCBjYW5ub3QgZmluZCBhIGRlZmluaXRpdmUgYW5zd2VyIHRvIHRoaXMgaXNzdWUuDQoN ClRoZSByZWFzb24gZm9yIGFza2luZyB0aGlzIHF1ZXN0aW9uIGlzIHRoYXQgSSdtIGluIGRpc2N1 c3Npb24gd2l0aCBhIHZlbmRvciBvZiBhIERpYW1ldGVyIFJvdXRpbmcgQWdlbnQgKERSQSkgd2hp Y2ggY2xhaW1zIHRoYXQgdGhlIGhvc3Qgb2YgYSBkaWFtZXRlciBub2RlIGhhcyB0byBiZSBpbiB0 aGUgZm9ybWF0IGhvc3QucmVhbG0uDQoNCigxKSBFeGFtcGxlIG9mIHRoZSBvbmx5IGFsbG93ZWQg Zm9ybWF0IGFjY29yZGluZyB0byB0aGUgdmVuZG9yOg0KT3JpZ2luLVJlYWxtOiBleGFtcGxlLmNv bTxodHRwOi8vZXhhbXBsZS5jb20+DQpPcmlnaW4tSG9zdDogbm9kZS5leGFtcGxlLmNvbTxodHRw Oi8vbm9kZS5leGFtcGxlLmNvbT4NCg0KSSB3YW50IHRvIGNsYXJpZnkgaWYgbXVsdGlwbGUgc3Vi ZG9tYWlucyBhcmUgYWxsb3dlZCB0byBiZSBhZGRlZCBpbiB0aGUgaG9zdCB3aXRob3V0IGJlaW5n IHByZXNlbnQgaW4gdGhlIHJlYWxtLg0KKDIpIEV4YW1wbGU6DQpPcmlnaW4tUmVhbG06IGV4YW1w bGUuY29tPGh0dHA6Ly9leGFtcGxlLmNvbT4NCk9yaWdpbi1Ib3N0OiBub2RlLnNpdGUxLmV4YW1w bGUuY29tPGh0dHA6Ly9ub2RlLnNpdGUxLmV4YW1wbGUuY29tPg0KDQpBY2NvcmRpbmcgdG8gdGhl IHZlbmRvciwgdGhlIGV4YW1wbGUgMiBpcyBub3QgYWxsb3dlZC4gVG8gaGF2ZSB0aGUgaG9zdCBh cyBpbiBleGFtcGxlIDIsIHRoZSByZWFsbSB3aWxsIGhhdmUgdG8gYmUgc2l0ZTEuZXhhbXBsZS5j b208aHR0cDovL3NpdGUxLmV4YW1wbGUuY29tPi4NCg0KQ291bGQgc29tZW9uZSBwbGVhc2UgY2xh cmlmeSB0aGlzIG5hbWluZyBpc3N1ZSBvciBwb2ludCBtZSB0byB0aGUgc3RhbmRhcmQgd2hlcmUg dGhpcyBpcyBkZWZpbmVkLg0KDQpUaGFuayB5b3UuDQoNCg0KQmVzdCByZWdhcmRzLA0KTGFycyBK LiBMaWxsZWhvdmRlDQoKX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fXwoKQ2UgbWVzc2FnZSBldCBzZXMgcGllY2VzIGpvaW50ZXMg cGV1dmVudCBjb250ZW5pciBkZXMgaW5mb3JtYXRpb25zIGNvbmZpZGVudGllbGxlcyBvdSBwcml2 aWxlZ2llZXMgZXQgbmUgZG9pdmVudCBkb25jCnBhcyBldHJlIGRpZmZ1c2VzLCBleHBsb2l0ZXMg b3UgY29waWVzIHNhbnMgYXV0b3Jpc2F0aW9uLiBTaSB2b3VzIGF2ZXogcmVjdSBjZSBtZXNzYWdl IHBhciBlcnJldXIsIHZldWlsbGV6IGxlIHNpZ25hbGVyCmEgbCdleHBlZGl0ZXVyIGV0IGxlIGRl dHJ1aXJlIGFpbnNpIHF1ZSBsZXMgcGllY2VzIGpvaW50ZXMuIExlcyBtZXNzYWdlcyBlbGVjdHJv bmlxdWVzIGV0YW50IHN1c2NlcHRpYmxlcyBkJ2FsdGVyYXRpb24sCk9yYW5nZSBkZWNsaW5lIHRv dXRlIHJlc3BvbnNhYmlsaXRlIHNpIGNlIG1lc3NhZ2UgYSBldGUgYWx0ZXJlLCBkZWZvcm1lIG91 IGZhbHNpZmllLiBNZXJjaS4KClRoaXMgbWVzc2FnZSBhbmQgaXRzIGF0dGFjaG1lbnRzIG1heSBj b250YWluIGNvbmZpZGVudGlhbCBvciBwcml2aWxlZ2VkIGluZm9ybWF0aW9uIHRoYXQgbWF5IGJl IHByb3RlY3RlZCBieSBsYXc7CnRoZXkgc2hvdWxkIG5vdCBiZSBkaXN0cmlidXRlZCwgdXNlZCBv ciBjb3BpZWQgd2l0aG91dCBhdXRob3Jpc2F0aW9uLgpJZiB5b3UgaGF2ZSByZWNlaXZlZCB0aGlz IGVtYWlsIGluIGVycm9yLCBwbGVhc2Ugbm90aWZ5IHRoZSBzZW5kZXIgYW5kIGRlbGV0ZSB0aGlz IG1lc3NhZ2UgYW5kIGl0cyBhdHRhY2htZW50cy4KQXMgZW1haWxzIG1heSBiZSBhbHRlcmVkLCBP cmFuZ2UgaXMgbm90IGxpYWJsZSBmb3IgbWVzc2FnZXMgdGhhdCBoYXZlIGJlZW4gbW9kaWZpZWQs IGNoYW5nZWQgb3IgZmFsc2lmaWVkLgpUaGFuayB5b3UuCgo= --_000_6B7134B31289DC4FAF731D844122B36EE180A9PEXCVZYM13corpora_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTQgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJ e2ZvbnQtZmFtaWx5OlRhaG9tYTsNCglwYW5vc2UtMToyIDExIDYgNCAzIDUgNCA0IDIgNDt9DQov KiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1z b05vcm1hbA0KCXttYXJnaW46MGNtOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNp emU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLCJzZXJpZiI7fQ0KYTps aW5rLCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6 Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6dmlzaXRlZCwgc3Bhbi5Nc29I eXBlcmxpbmtGb2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6cHVycGxl Ow0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcC5Nc29MaXN0UGFyYWdyYXBoLCBsaS5N c29MaXN0UGFyYWdyYXBoLCBkaXYuTXNvTGlzdFBhcmFncmFwaA0KCXttc28tc3R5bGUtcHJpb3Jp dHk6MzQ7DQoJbWFyZ2luLXRvcDowY207DQoJbWFyZ2luLXJpZ2h0OjBjbTsNCgltYXJnaW4tYm90 dG9tOjBjbTsNCgltYXJnaW4tbGVmdDozNi4wcHQ7DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0K CWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBSb21hbiIsInNlcmlm Ijt9DQpzcGFuLkVtYWlsU3R5bGUxNw0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25hbC1yZXBseTsN Cglmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0K Lk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJbXNvLWZhcmVh c3QtbGFuZ3VhZ2U6RU4tVVM7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJe3NpemU6NjEyLjBwdCA3 OTIuMHB0Ow0KCW1hcmdpbjo3MC44NXB0IDcwLjg1cHQgNzAuODVwdCA3MC44NXB0O30NCmRpdi5X b3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLS0+PC9zdHlsZT48IS0tW2lmIGd0 ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQiIHNwaWRtYXg9IjEw MjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNo YXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0IiBkYXRhPSIxIiAv Pg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPg0KPC9oZWFkPg0KPGJvZHkgbGFu Zz0iRlIiIGxpbms9ImJsdWUiIHZsaW5rPSJwdXJwbGUiPg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rp b24xIj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztj b2xvcjojMUY0OTdEIj5IaSBMYXJzLDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90 O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0OTdEIj48bzpw PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5n PSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJy aSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPkFjY29yZGluZyB0 byB0aGUgYmFzZSBwcm90b2NvbCwgdGhlcmUgaXMgbm8gc3VjaCByZXN0cmljdGlvbi4gV2hlbiB0 aGUgRGlhbWV0ZXJJZGVudGl0eSBmb3JtYXQgaXMgdXNlZCB0byBpZGVudGlmeSBhIERpYW1ldGVy IG5vZGUsIHRoZSBvbmx5IHJlcXVpcmVtZW50DQogaXMgdGhhdDo8bzpwPjwvbzpwPjwvc3Bhbj48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQt c2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNl cmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPiogdGhlIERpYW1ldGVySWRlbnRpdHkgdmFsdWUgaW4g T3JpZ2luL0Rlc3RpbmF0aW9uLUhvc3QgQVZQIGlzIGFuIEZRRE4uPG86cD48L286cD48L3NwYW4+ PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250 LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1z ZXJpZiZxdW90Oztjb2xvcjojMUY0OTdEIj4qIHRoZXJlIGlzIGF0IGxlYXN0IG9uZSBwZWVyIHRh YmxlIGluIHRoZSByZWFsbSBpZGVudGlmaWVkIGJ5IHRoZSBPcmlnaW4vRGVzdGluYXRpb24tUmVh bG0mbmJzcDsgQVZQIHRoYXQgY29udGFpbnMgdGhlIGhvc3QgaWRlbnRpZmllZCBieSB0aGUgRlFE Ti48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5n PSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJy aSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7 PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVT IiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7 LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+U28gRXhhbXBsZSAyIGlzIHBl cmZlY3RseSB2YWxpZCBmcm9tIGEgYmFzZSBwcm90b2NvbCBwb2ludCBvZiB2aWV3LCBhcyBsb25n IGFzIHRoZXJlIGlzIGF0IGxlYXN0IG9uZSBub2RlIGluICZxdW90O2V4YW1wbGUuY29tJnF1b3Q7 IHdpdGggYSB0cmFuc3BvcnQgY29ubmVjdGlvbg0KIHdpdGggdGhlIHBlZXIgJnF1b3Q7bm9kZS5z aXRlMS5leGFtcGxlLmNvbSZxdW90Oy48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9y OiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWls eTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3 RCI+Tm93LCBzb21lIERpYW1ldGVyIGFwcGxpY2F0aW9ucyBtYXkgaGF2ZSBkZWZpbmVkIHNwZWNp ZmljIHJ1bGVzIHJlZ2FyZGluZyB0aGUgZm9ybWF0IG9mIHJlYWxtL2hvc3QgaWRlbnRpdHksIHdp dGggZXhwbGljaXQgcmVzdHJpY3Rpb25zL2xpbWl0YXRpb25zLg0KIEl0IGlzIHRoZW4gcmVxdWly ZWQgdG8gY2hlY2sgaWYgdGhlcmUgaXMgYW55IG9mIHRoZXNlIHJlc3RyaWN0aW9ucyBkZWZpbmVk IGluIHRoZSByZWxhdGVkIHNwZWNpZmljYXRpb24uPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTEu MHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90 Oztjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9y OiMxRjQ5N0QiPlJlZ2FyZHMsPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFt aWx5OiZxdW90O0NhbGlicmkmcXVvdDssJnF1b3Q7c2Fucy1zZXJpZiZxdW90Oztjb2xvcjojMUY0 OTdEIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1 b3Q7Q2FsaWJyaSZxdW90OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPkxp b25lbDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxh bmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxp YnJpJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDs7Y29sb3I6IzFGNDk3RCI+PG86cD4mbmJz cDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9 ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3Nh bnMtc2VyaWYmcXVvdDsiPkRlJm5ic3A7Ojwvc3Bhbj48L2I+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYm cXVvdDsiPiBEaU1FIFttYWlsdG86ZGltZS1ib3VuY2VzQGlldGYub3JnXQ0KPGI+RGUgbGEgcGFy dCBkZTwvYj4gTGFycyBKw7hyZ2VuIExpbGxlaG92ZGU8YnI+DQo8Yj5FbnZvecOpJm5ic3A7Ojwv Yj4gZGltYW5jaGUgMTUgbWFycyAyMDE1IDEyOjU0PGJyPg0KPGI+w4AmbmJzcDs6PC9iPiBkaW1l QGlldGYub3JnPGJyPg0KPGI+T2JqZXQmbmJzcDs6PC9iPiBbRGltZV0gQWxsb3dlZCBob3N0IGFu ZCByZWFsbSBuYW1pbmcgZm9yIGEgZGlhbWV0ZXIgbm9kZTxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPkhpLDxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+SSdtIHRyeWluZyB0byBjbGFyaWZ5IHRoZSBhbGxvd2VkIG5hbWluZyBjb252ZW5z aW9uIGZvciB0aGUgaG9zdCBhbmQgcmVhbG0gb2YgYSBkaWFtZXRlciBub2RlLiBUaGlzIHJlbGF0 ZXMgdG8gdGhlIHZhbHVlcyB1c2VkIGluIHRoZSZuYnNwOzxzcGFuIHN0eWxlPSJjb2xvcjpibGFj ayI+T3JpZ2luLUhvc3QgQVZQIChBVlAgQ29kZSAyNjQpIGFuZCZuYnNwO09yaWdpbi1SZWFsbSBB VlAgKEFWUCBDb2RlIDI5NikuPC9zcGFuPiZuYnNwO0kndmUNCiByZXZpZXdlZCB0aGUgRGlhbWV0 ZXIgUkZDcyBhbmQgY2Fubm90IGZpbmQgYSBkZWZpbml0aXZlIGFuc3dlciB0byB0aGlzIGlzc3Vl LjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86 cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5U aGUgcmVhc29uIGZvciBhc2tpbmcgdGhpcyBxdWVzdGlvbiBpcyB0aGF0IEknbSBpbiBkaXNjdXNz aW9uIHdpdGggYSB2ZW5kb3Igb2YgYSBEaWFtZXRlciBSb3V0aW5nIEFnZW50IChEUkEpIHdoaWNo IGNsYWltcyB0aGF0IHRoZSBob3N0IG9mIGEgZGlhbWV0ZXIgbm9kZSBoYXMgdG8gYmUgaW4gdGhl IGZvcm1hdCBob3N0LnJlYWxtLjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj4oMSkgRXhhbXBsZSBvZiB0aGUgb25seSBhbGxvd2VkIGZvcm1hdCBh Y2NvcmRpbmcgdG8gdGhlIHZlbmRvcjo8bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2NvbG9yOmJs YWNrIj5PcmlnaW4tUmVhbG06IDxhIGhyZWY9Imh0dHA6Ly9leGFtcGxlLmNvbSI+DQpleGFtcGxl LmNvbTwvYT48L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtjb2xvcjpibGFjayI+T3Jp Z2luLUhvc3Q6IDxhIGhyZWY9Imh0dHA6Ly9ub2RlLmV4YW1wbGUuY29tIj4NCm5vZGUuZXhhbXBs ZS5jb208L2E+PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtjb2xvcjpibGFjayI+ SSB3YW50IHRvIGNsYXJpZnkgaWYgbXVsdGlwbGUgc3ViZG9tYWlucyBhcmUgYWxsb3dlZCB0byBi ZSBhZGRlZCBpbiB0aGUgaG9zdCB3aXRob3V0IGJlaW5nIHByZXNlbnQgaW4gdGhlIHJlYWxtLjwv c3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2NvbG9yOmJsYWNrIj4oMikgRXhhbXBsZTo8 L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtjb2xvcjpibGFjayI+T3JpZ2luLVJlYWxt OiA8YSBocmVmPSJodHRwOi8vZXhhbXBsZS5jb20iPg0KZXhhbXBsZS5jb208L2E+PC9zcGFuPjxv OnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g c3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Y29sb3I6YmxhY2siPk9yaWdpbi1Ib3N0OiA8YSBocmVm PSJodHRwOi8vbm9kZS5zaXRlMS5leGFtcGxlLmNvbSI+DQpub2RlLnNpdGUxLmV4YW1wbGUuY29t PC9hPjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj5BY2NvcmRpbmcgdG8gdGhlIHZlbmRv ciwgdGhlIGV4YW1wbGUgMiBpcyBub3QgYWxsb3dlZC4gVG8gaGF2ZSB0aGUgaG9zdCBhcyBpbiBl eGFtcGxlIDIsIHRoZSByZWFsbSB3aWxsIGhhdmUgdG8gYmUmbmJzcDs8L3NwYW4+PHNwYW4gc3R5 bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Y29sb3I6YmxhY2siPjxhIGhyZWY9Imh0dHA6Ly9zaXRlMS5l eGFtcGxlLmNvbSI+c2l0ZTEuZXhhbXBsZS5jb208L2E+Ljwvc3Bhbj48bzpwPjwvbzpwPjwvcD4N CjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZToxMC4wcHQ7Y29sb3I6YmxhY2siPkNvdWxkIHNvbWVvbmUgcGxlYXNlIGNsYXJpZnkgdGhp cyBuYW1pbmcgaXNzdWUgb3IgcG9pbnQgbWUgdG8gdGhlIHN0YW5kYXJkIHdoZXJlIHRoaXMgaXMg ZGVmaW5lZC48L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2NvbG9yOmJsYWNrIj5U aGFuayB5b3UuPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjpibGFjayI+QmVzdCByZWdhcmRzLDwv c3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIHN0eWxlPSJjb2xvcjpibGFjayI+TGFycyBKLiBMaWxsZWhvdmRlPC9zcGFuPjxvOnA+ PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPFBSRT5fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCgpDZSBtZXNz YWdlIGV0IHNlcyBwaWVjZXMgam9pbnRlcyBwZXV2ZW50IGNvbnRlbmlyIGRlcyBpbmZvcm1hdGlv bnMgY29uZmlkZW50aWVsbGVzIG91IHByaXZpbGVnaWVlcyBldCBuZSBkb2l2ZW50IGRvbmMKcGFz IGV0cmUgZGlmZnVzZXMsIGV4cGxvaXRlcyBvdSBjb3BpZXMgc2FucyBhdXRvcmlzYXRpb24uIFNp IHZvdXMgYXZleiByZWN1IGNlIG1lc3NhZ2UgcGFyIGVycmV1ciwgdmV1aWxsZXogbGUgc2lnbmFs ZXIKYSBsJ2V4cGVkaXRldXIgZXQgbGUgZGV0cnVpcmUgYWluc2kgcXVlIGxlcyBwaWVjZXMgam9p bnRlcy4gTGVzIG1lc3NhZ2VzIGVsZWN0cm9uaXF1ZXMgZXRhbnQgc3VzY2VwdGlibGVzIGQnYWx0 ZXJhdGlvbiwKT3JhbmdlIGRlY2xpbmUgdG91dGUgcmVzcG9uc2FiaWxpdGUgc2kgY2UgbWVzc2Fn ZSBhIGV0ZSBhbHRlcmUsIGRlZm9ybWUgb3UgZmFsc2lmaWUuIE1lcmNpLgoKVGhpcyBtZXNzYWdl IGFuZCBpdHMgYXR0YWNobWVudHMgbWF5IGNvbnRhaW4gY29uZmlkZW50aWFsIG9yIHByaXZpbGVn ZWQgaW5mb3JtYXRpb24gdGhhdCBtYXkgYmUgcHJvdGVjdGVkIGJ5IGxhdzsKdGhleSBzaG91bGQg bm90IGJlIGRpc3RyaWJ1dGVkLCB1c2VkIG9yIGNvcGllZCB3aXRob3V0IGF1dGhvcmlzYXRpb24u CklmIHlvdSBoYXZlIHJlY2VpdmVkIHRoaXMgZW1haWwgaW4gZXJyb3IsIHBsZWFzZSBub3RpZnkg dGhlIHNlbmRlciBhbmQgZGVsZXRlIHRoaXMgbWVzc2FnZSBhbmQgaXRzIGF0dGFjaG1lbnRzLgpB cyBlbWFpbHMgbWF5IGJlIGFsdGVyZWQsIE9yYW5nZSBpcyBub3QgbGlhYmxlIGZvciBtZXNzYWdl cyB0aGF0IGhhdmUgYmVlbiBtb2RpZmllZCwgY2hhbmdlZCBvciBmYWxzaWZpZWQuClRoYW5rIHlv dS4KPC9QUkU+PC9ib2R5Pg0KPC9odG1sPg0K --_000_6B7134B31289DC4FAF731D844122B36EE180A9PEXCVZYM13corpora_-- From nobody Mon Mar 23 10:19:20 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 612B91ACE5B; Mon, 23 Mar 2015 10:19:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4cqxL_NrzyAT; Mon, 23 Mar 2015 10:19:14 -0700 (PDT) Received: from relais-inet.francetelecom.com (relais-ias92.francetelecom.com [193.251.215.92]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB8761ACE21; Mon, 23 Mar 2015 10:19:13 -0700 (PDT) Received: from omfedm08.si.francetelecom.fr (unknown [xx.xx.xx.4]) by omfedm13.si.francetelecom.fr (ESMTP service) with ESMTP id 244E4324129; Mon, 23 Mar 2015 18:19:12 +0100 (CET) Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.186]) by omfedm08.si.francetelecom.fr (ESMTP service) with ESMTP id F30E6238061; Mon, 23 Mar 2015 18:19:11 +0100 (CET) Received: from PEXCVZYM13.corporate.adroot.infra.ftgroup ([fe80::cc7e:e40b:42ef:164e]) by PEXCVZYH01.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0224.002; Mon, 23 Mar 2015 18:19:08 +0100 From: To: Egbert Terlinde Thread-Topic: Question about draft-ietf-dime-congestion-flow-attributes Thread-Index: AdBljDpQ91i7gQUbTAaTTaYWYnLh8gAAPC5Q Date: Mon, 23 Mar 2015 17:19:07 +0000 Message-ID: <27206_1427131152_55104B10_27206_708_3_6B7134B31289DC4FAF731D844122B36EE8572D@PEXCVZYM13.corporate.adroot.infra.ftgroup> References: <401CFFB955AB574BA5BD6563106B2DE8475AB6@EX10MBOX1I.hosting.inetserver.de> In-Reply-To: <401CFFB955AB574BA5BD6563106B2DE8475AB6@EX10MBOX1I.hosting.inetserver.de> Accept-Language: fr-FR, en-US Content-Language: fr-FR X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.197.38.2] Content-Type: multipart/alternative; boundary="_000_6B7134B31289DC4FAF731D844122B36EE8572DPEXCVZYM13corpora_" MIME-Version: 1.0 X-PMX-Version: 6.2.1.2478543, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.2.12.3031 Archived-At: Cc: "dime-chairs@ietf.org" , "dime@ietf.org" Subject: Re: [Dime] Question about draft-ietf-dime-congestion-flow-attributes X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Mar 2015 17:19:18 -0000 --_000_6B7134B31289DC4FAF731D844122B36EE8572DPEXCVZYM13corpora_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi Egbert, In general, a draft will expire at the exact date indicated at the top. For this one, it is not an issue as it will move forward to be published as= RFC soon. Regards, Lionel De : Egbert Terlinde [mailto:egbert.terlinde@adiccon.de] Envoy=E9 : lundi 23 mars 2015 18:16 =C0 : MORAND Lionel IMT/OLN Cc : dime-chairs@ietf.org; dime@ietf.org Objet : Question about draft-ietf-dime-congestion-flow-attributes Hi Lionel, I found your name on the ETSI page. Currently I am looking at DIAMETER RFC,= proposals or other documents. I am not deeply involved in ETSI processes. = Just a question for my understanding. Assuming the expiration date of the b= elow document is April THIS year (and not last year). Is it end of April or= beginning? http://datatracker.ietf.org/doc/draft-ietf-dime-congestion-flow-attributes/ Diameter Maintenance and Extensions (DIME) L. Bertz Internet-Draft S. Manning Intended Status: Proposed Standard Sprint Expires: April 30, 2014 B. Hirschman October 2014 Regards, Egbert __________________________________________________________________ i.A. Egbert Terlinde Adiccon GmbH Advanced IT & Communications Consulting Landwehrstra=DFe 54 64293 Darmstadt Telefon: +49 (6151) 500 777 - 25 [IN EINRICHTUNG] Fax: +49 (6151) 500 777 - 99 Mobil: +49 (160) 54 20 869 E-Mail: egbert.terlinde@adiccon.de Gesch=E4ftsf=FChrer: J=F6rg Dannenberg Prokurist: Dr. Joachim Bl=F6del, Ingo Beckert Sitz der Gesellschaft: Darmstadt, Amtsgericht Darmstadt HRB 9390 Steuernummer: 07 228 0778 7 Adiccon ist ein nach ISO 27001 zertifiziertes Unternehmen. __________________________________________________________________ ___________________________________________________________________________= ______________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confiden= tielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu= ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el= ectroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou = falsifie. Merci. This message and its attachments may contain confidential or privileged inf= ormation that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and dele= te this message and its attachments. As emails may be altered, Orange is not liable for messages that have been = modified, changed or falsified. Thank you. --_000_6B7134B31289DC4FAF731D844122B36EE8572DPEXCVZYM13corpora_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Hi Egbert,<= /span>

 

In gene= ral, a draft will expire at the exact date indicated at the top.=

For thi= s one, it is not an issue as it will move forward to be published as RFC so= on.

&n= bsp;

Regards= ,

&n= bsp;

Lionel<= o:p>

&n= bsp;

De : Egbert Terlinde [mailto:egbert.= terlinde@adiccon.de]
Envoy=E9 : lundi 23 mars 2015 18:16
=C0 : MORAND Lionel IMT/OLN
Cc : dime-chairs@ietf.org; dime@ietf.org
Objet : Question about draft-ietf-dime-congestion-flow-attribut= es

 

Hi Lionel,

I found your name on the ETSI p= age. Currently I am looking at DIAMETER RFC, proposals or other documents. = I am not deeply involved in ETSI processes. Just a question for my understa= nding. Assuming the expiration date of the below document is April THIS year (and not last year). Is it end of= April or beginning?

 

http://datatracker.ietf.org/doc/draft-ietf-dime-cong= estion-flow-attributes/

Diameter Maintenance and Extensions (DIME)    = ;            &n= bsp;     L. Bertz

Internet-Draft        &nb= sp;            =             &nb= sp;            =   S. Manning

Intended Status: Proposed Standard     &= nbsp;           &nbs= p;            &= nbsp; Sprint

Expires: April 30, 2014       =              &n= bsp;            = ;    B. Hirschman

           = ;            &n= bsp;            = ;            &n= bsp;           October 2014

Regards,<= /o:p>

Egbert 

=  
_____________________________________________= _____________________
i.A. Egbert Terlinde

 

Adiccon GmbH
Advanced IT & Communications Consulting
Landwehrstra=DFe 54
64293 Darmstadt

Tel= efon: +49 (6151) 500 777 – 25 [IN EINRICHTUNG]
Fax:      +49 (6151) 500 777 - 99
Mobil:    +49 (160) 54 20 869
E-Mail: egbert.terlinde@adiccon.de
 
Gesch=E4ftsf=FChrer: J=F6rg Dannenberg
Prokurist: Dr. Joachim Bl=F6del, Ingo Beckert
Sitz der Gesellschaft: Darmstadt, Amtsgericht Darmstadt HRB 9390
Steuernummer: 07 228 0778 7

= Adiccon ist ein nach ISO 27001 zertifiziertes Unternehmen.
_= _________________________________________________________________

 

 

______________________________________________________________________=
___________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confiden=
tielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu=
 ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el=
ectroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou =
falsifie. Merci.

This message and its attachments may contain confidential or privileged inf=
ormation that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and dele=
te this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been =
modified, changed or falsified.
Thank you.
--_000_6B7134B31289DC4FAF731D844122B36EE8572DPEXCVZYM13corpora_-- From nobody Mon Mar 23 14:49:40 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B042F1B2AAD for ; Mon, 23 Mar 2015 14:49:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.909 X-Spam-Level: X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yFXi2tby1iOI for ; Mon, 23 Mar 2015 14:49:38 -0700 (PDT) Received: from smtp-fr.alcatel-lucent.com (fr-hpgre-esg-01.alcatel-lucent.com [135.245.210.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2404C1B2A9B for ; Mon, 23 Mar 2015 14:49:38 -0700 (PDT) Received: from fr711usmtp1.zeu.alcatel-lucent.com (unknown [135.239.2.122]) by Websense Email Security Gateway with ESMTPS id 1F3E42E3112F3 for ; Mon, 23 Mar 2015 21:49:33 +0000 (GMT) Received: from FR711WXCHHUB02.zeu.alcatel-lucent.com (fr711wxchhub02.zeu.alcatel-lucent.com [135.239.2.112]) by fr711usmtp1.zeu.alcatel-lucent.com (GMO) with ESMTP id t2NLnYHT000356 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for ; Mon, 23 Mar 2015 22:49:36 +0100 Received: from FR712WXCHMBA12.zeu.alcatel-lucent.com ([169.254.8.211]) by FR711WXCHHUB02.zeu.alcatel-lucent.com ([135.239.2.112]) with mapi id 14.03.0195.001; Mon, 23 Mar 2015 22:49:35 +0100 From: "TROTTIN, JEAN-JACQUES (JEAN-JACQUES)" To: "dime@ietf.org" Thread-Topic: Diameter load control, offline discussion Thread-Index: AdBlqG0uNaN/3b6ySYyVBWVJKnWtPAAChysA Date: Mon, 23 Mar 2015 21:49:33 +0000 Message-ID: Accept-Language: fr-FR, en-US Content-Language: fr-FR X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [135.239.27.38] Content-Type: multipart/alternative; boundary="_000_E194C2E18676714DACA9C3A2516265D202C08AE0FR712WXCHMBA12z_" MIME-Version: 1.0 Archived-At: Subject: [Dime] Diameter load control, offline discussion X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Mar 2015 21:49:39 -0000 --_000_E194C2E18676714DACA9C3A2516265D202C08AE0FR712WXCHMBA12z_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi As we usually did for overload control, Lionel, Steve and I propose to hav= e an offline discussion about Diameter load control, after the Dime session= on Wednesday. We can meet at the registration desk Wednesday at 15 20 after beverage wit= h Dime people interested. We will then find a place to discuss Please let us know if it is possible for you to attend, Best regards JJacques --_000_E194C2E18676714DACA9C3A2516265D202C08AE0FR712WXCHMBA12z_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi

 

As we usually did for overload control, Lionel, Steve  and I propose to have an offline discussion about Diameter loa= d control, after the Dime session on Wednesday.

 

We can meet at the registration desk Wednesday at 15 20 after beverage  with Dime people interested. We will then find a place to disc= uss

 

Please let us know if it is possible for you to attend,

 

 

Best regards

JJacques

--_000_E194C2E18676714DACA9C3A2516265D202C08AE0FR712WXCHMBA12z_-- From nobody Mon Mar 23 20:19:26 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8AF71B2C2C for ; Mon, 23 Mar 2015 20:19:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.209 X-Spam-Level: X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e1NrJIvwktFM for ; Mon, 23 Mar 2015 20:19:23 -0700 (PDT) Received: from nbfkord-smmo07.seg.att.com (nbfkord-smmo07.seg.att.com [209.65.160.93]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA2E21B2C2A for ; Mon, 23 Mar 2015 20:19:22 -0700 (PDT) Received: from unknown [144.160.229.24] (EHLO alpi155.enaf.aldc.att.com) by nbfkord-smmo07.seg.att.com(mxl_mta-7.2.4-5) with ESMTP id ab7d0155.2ac6ec606940.3119038.00-2445.8742963.nbfkord-smmo07.seg.att.com (envelope-from ); Tue, 24 Mar 2015 03:19:22 +0000 (UTC) X-MXL-Hash: 5510d7ba2c9c697e-acf9902748a38aafe8f57799813fb0d627dd4746 Received: from unknown [144.160.229.24] (EHLO alpi155.enaf.aldc.att.com) by nbfkord-smmo07.seg.att.com(mxl_mta-7.2.4-5) over TLS secured channel with ESMTP id ea7d0155.0.3119008.00-2205.8742870.nbfkord-smmo07.seg.att.com (envelope-from ); Tue, 24 Mar 2015 03:19:11 +0000 (UTC) X-MXL-Hash: 5510d7af265b1d39-1837593611fd9ad3027c81a435d02050968f96b4 Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id t2O3J9Bu006603; Mon, 23 Mar 2015 23:19:09 -0400 Received: from mlpi409.sfdc.sbc.com (mlpi409.sfdc.sbc.com [130.9.128.241]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id t2O3IuOl006514 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 23 Mar 2015 23:19:05 -0400 Received: from MISOUT7MSGHUBAB.ITServices.sbc.com (MISOUT7MSGHUBAB.itservices.sbc.com [130.9.129.146]) by mlpi409.sfdc.sbc.com (RSA Interceptor); Tue, 24 Mar 2015 03:18:52 GMT Received: from MISOUT7MSGUSRDB.ITServices.sbc.com ([169.254.2.147]) by MISOUT7MSGHUBAB.ITServices.sbc.com ([130.9.129.146]) with mapi id 14.03.0224.002; Mon, 23 Mar 2015 23:18:51 -0400 From: "DOLLY, MARTIN C" To: "TROTTIN, JEAN-JACQUES (JEAN-JACQUES)" Thread-Topic: [Dime] Diameter load control, offline discussion Thread-Index: AQHQZeE/VKlU070Yqk6CX6CXbL3ctQ== Date: Tue, 24 Mar 2015 03:18:50 +0000 Message-ID: <0160BB38-DA8D-4BB0-933C-D27ADADFCC23@att.com> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: Content-Type: multipart/alternative; boundary="_000_0160BB38DA8D4BB0933CD27ADADFCC23attcom_" MIME-Version: 1.0 X-RSA-Inspected: yes X-RSA-Classifications: public X-AnalysisOut: [v=2.0 cv=VY5AyiV9 c=1 sm=1 a=dhB6nF3YHL5t/Ixux6cINA==:17 a] X-AnalysisOut: [=BLceEmwcHowA:10 a=zQP7CpKOAAAA:8 a=emO1SXQWCLwA:10 a=gxZv] X-AnalysisOut: [rgisAAAA:8 a=48vgC7mUAAAA:8 a=XlaFKW1u_yc9dbf7Hj0A:9 a=Cju] X-AnalysisOut: [IK1q_8ugA:10 a=qM39cor4HRgA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Y] X-AnalysisOut: [k6K0A:10 a=_W_S_7VecoQA:10 a=frz4AuCg-hUA:10 a=xbwGDyAlkBi] X-AnalysisOut: [BBwP0:21] X-Spam: [F=0.2000000000; CM=0.500; S=0.200(2014051901)] X-MAIL-FROM: X-SOURCE-IP: [144.160.229.24] Archived-At: Cc: "dime@ietf.org" Subject: Re: [Dime] Diameter load control, offline discussion X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Mar 2015 03:19:24 -0000 --_000_0160BB38DA8D4BB0933CD27ADADFCC23attcom_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable JJ I am good with a hard stop at 16:45. Regards Martin Dolly Lead Member of Technical Staff Core & Gov't/Regulatory Standards AT&T Standards and Industry Alliances +1-609-903-3360 Sent from my iPhone On Mar 23, 2015, at 5:49 PM, TROTTIN, JEAN-JACQUES (JEAN-JACQUES) > wrote: Hi As we usually did for overload control, Lionel, Steve and I propose to hav= e an offline discussion about Diameter load control, after the Dime session= on Wednesday. We can meet at the registration desk Wednesday at 15 20 after beverage wit= h Dime people interested. We will then find a place to discuss Please let us know if it is possible for you to attend, Best regards JJacques _______________________________________________ DiME mailing list DiME@ietf.org https://www.ietf.org/mailman/listinfo/dime --_000_0160BB38DA8D4BB0933CD27ADADFCC23attcom_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
JJ

I am good with a hard stop at 16:45.

Regards

Martin Dolly
Lead Member of Technical Staff
Core & Gov't/Regulatory Standards
AT&T Standards and 
Industry Alliances
+1-609-903-3360
Sent from my iPhone

On Mar 23, 2015, at 5:49 PM, TROTTIN, JEAN-JACQUES (JEAN-JACQUES) <jean-jacques.trottin@= alcatel-lucent.com> wrote:

Hi

 

As we usually did for overload control, Lionel, Steve  and I propose to have an offline discussion about Diameter loa= d control, after the Dime session on Wednesday.

 

We can meet at the registration desk Wednesday at 15 20 after beverage  with Dime people interested. We will then find a place to disc= uss

 

Please let us know if it is possible for you to attend,

 

 

Best regards

JJacques

_______________________________________________
DiME mailing list
DiME@ietf.org
https://www.ie= tf.org/mailman/listinfo/dime
--_000_0160BB38DA8D4BB0933CD27ADADFCC23attcom_-- From nobody Tue Mar 24 09:12:31 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DC3A1A8A43 for ; Tue, 24 Mar 2015 09:12:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.699 X-Spam-Level: X-Spam-Status: No, score=-0.699 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iaLi60-DLMlP for ; Tue, 24 Mar 2015 09:12:22 -0700 (PDT) Received: from relais-inet.francetelecom.com (relais-ias245.francetelecom.com [80.12.204.245]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 978C81A8FD6 for ; Tue, 24 Mar 2015 09:11:52 -0700 (PDT) Received: from omfeda07.si.francetelecom.fr (unknown [xx.xx.xx.200]) by omfeda13.si.francetelecom.fr (ESMTP service) with ESMTP id DA5341903D3; Tue, 24 Mar 2015 17:11:50 +0100 (CET) Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.183]) by omfeda07.si.francetelecom.fr (ESMTP service) with ESMTP id A1C96158079; Tue, 24 Mar 2015 17:11:50 +0100 (CET) Received: from PEXCVZYM13.corporate.adroot.infra.ftgroup ([fe80::cc7e:e40b:42ef:164e]) by PEXCVZYH02.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0224.002; Tue, 24 Mar 2015 17:11:46 +0100 From: To: MORAND Lionel IMT/OLN , "dime@ietf.org" Thread-Topic: Call for WG adoption: draft-zhou-dime-4over6-provisioning Thread-Index: AdAvS9l1tdi+TFbqRGW1EQiL3sUgVg3APm8Q Date: Tue, 24 Mar 2015 16:11:44 +0000 Message-ID: <15319_1427213510_55118CC6_15319_257_1_2254fd96-5784-451a-82d5-2a4d7c4c3259@PEXCVZYH02.corporate.adroot.infra.ftgroup> References: <8849_1421165884_54B5453C_8849_19891_1_6B7134B31289DC4FAF731D844122B36EB00A1D@PEXCVZYM13.corporate.adroot.infra.ftgroup> In-Reply-To: <8849_1421165884_54B5453C_8849_19891_1_6B7134B31289DC4FAF731D844122B36EB00A1D@PEXCVZYM13.corporate.adroot.infra.ftgroup> Accept-Language: fr-FR, en-US Content-Language: fr-FR X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [10.197.38.4] Content-Type: multipart/related; boundary="_004_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_"; type="multipart/alternative" MIME-Version: 1.0 X-PMX-Version: 6.2.1.2478543, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.2.12.3031 Archived-At: Cc: "dime-chairs@tools.ietf.org" Subject: Re: [Dime] Call for WG adoption: draft-zhou-dime-4over6-provisioning X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Mar 2015 16:12:29 -0000 --_004_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_ Content-Type: multipart/alternative; boundary="_000_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_" --_000_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Folks, I think that we can say that the period for comments is over :) No concern has been raised concerning the adoption of this draft as WG docu= ment during this period and clear support has been expressed during last IE= TF meetings. This document is then adopted as WG document. Regards, Lionel and Jouni De : DiME [mailto:dime-bounces@ietf.org] De la part de lionel.morand@orange= .com Envoy=E9 : mardi 13 janvier 2015 17:18 =C0 : dime@ietf.org Cc : dime-chairs@tools.ietf.org Objet : [Dime] Call for WG adoption: draft-zhou-dime-4over6-provisioning Folks, As we discussed and agreed during the last IETF meeting, we ask for the WG = adoption for draft-zhou-dime-4over6-provisioning, which was considered as s= table enough to become a WG document and almost ready for a WGLC. This mail officially starts a two week adoption call for draft-zhou-dime-4o= ver6-provisioning as a WG Item. Express your support or disagreement on the mailing list. The call will end= on January, 27th EOB (CET). - Jouni & Lionel ________________________________ [http://www.orange.com/sirius/logos_mail/orange_logo.gif] Lionel Morand Orange/IMT/OLN/CNC/NCA/A2M Senior Architect IMS/4G core network and Diameter expert t=E9l. +33 1 45 29 62 57 mob. +33 6 07 75 89 36 lionel.morand@orange.com ___________________________________________________________________________= ______________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confiden= tielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu= ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el= ectroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou = falsifie. Merci. This message and its attachments may contain confidential or privileged inf= ormation that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and dele= te this message and its attachments. As emails may be altered, Orange is not liable for messages that have been = modified, changed or falsified. Thank you. ___________________________________________________________________________= ______________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confiden= tielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu= ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el= ectroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou = falsifie. Merci. This message and its attachments may contain confidential or privileged inf= ormation that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and dele= te this message and its attachments. As emails may be altered, Orange is not liable for messages that have been = modified, changed or falsified. Thank you. --_000_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Folks,<= o:p>

&n= bsp;

I think= that we can say that the period for comments is over J=

No conc= ern has been raised concerning the adoption of this draft as WG document du= ring this period and clear support has been expressed during last IETF meet= ings.

This do= cument is then adopted as WG document.


Regards,

&n= bsp;

Lionel = and Jouni

&n= bsp;

De : DiME [mailto:dime-bounces@ietf.= org] De la part de lionel.morand@orange.com
Envoy=E9 : mardi 13 janvier 2015 17:18
=C0 : dime@ietf.org
Cc : dime-chairs@tools.ietf.org
Objet : [Dime] Call for WG adoption: draft-zhou-dime-4over6-pro= visioning

 

Folks,

 

As we discussed and agreed d= uring the last IETF meeting, we ask for the WG adoption for draft-zhou-dime= -4over6-provisioning, which was considered as stable enough to become a WG = document and almost ready for a WGLC.

 

This mail officially starts = a two week adoption call for draft-zhou-dime-4over6-provisioning as a WG It= em.

 

Express your support or disa= greement on the mailing list. The call will end on January, 27th= EOB (CET).

 

- Jouni & Lionel

 

 


3D"==

Lion= el Morand
Orange/IMT/OLN/CNC/NCA/A2M
Senior Architect IMS/4G core network and Diameter expert
=

t=E9l. +33 1 45 29 62 57
mob. +33 6 07 75 89 36
lionel.morand@orange.com

 

______________________________________________________________________=
___________________________________________________
 
Ce message et ses pieces jointes peuvent contenir des informations con=
fidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez=
 recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messag=
es electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deform=
e ou falsifie. Merci.
 
This message and its attachments may contain confidential or privilege=
d information that may be protected by law;
they should not be distributed, used or copied without authorisation.<=
o:p>
If you have received this email in error, please notify the sender and=
 delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have =
been modified, changed or falsified.
Thank you.
______________________________________________________________________=
___________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confiden=
tielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu=
 ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el=
ectroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou =
falsifie. Merci.

This message and its attachments may contain confidential or privileged inf=
ormation that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and dele=
te this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been =
modified, changed or falsified.
Thank you.
--_000_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_-- --_004_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_ Content-Type: image/gif; name="image001.gif" Content-Description: image001.gif Content-Disposition: inline; filename="image001.gif"; size=1264; creation-date="Tue, 24 Mar 2015 16:11:44 GMT"; modification-date="Tue, 24 Mar 2015 16:11:44 GMT" Content-ID: Content-Transfer-Encoding: base64 R0lGODlhKAAoAPcAAP9mAP9lAP////9jAP9kAP9gAP9eAP9dAP9iAP9fAP/x5/9cAP9YAP9ZAP/6 9v+3i/9yGf9lBP+ygv/n1/+IQf/Xvf/fyf+kbP+3if/LrP9jAv9oBv+7kP9oCP91Hf/UuP9xF/+/ lv/awP9mB/+JPf+XV/+EPP+KPf/y6f+HQf+HQv9pC/+PRf/s4f/59f9/Mv9kAv9lAv+cXf/IpP/8 +v/8+P+4jf/Stf9VAP/Ttv/Bmf/Lq/9sDv9vEP9sC/+JPv+2hv9xFv+VUP+ALf9zGv+1h//w5v/u 4v9kBf/JqP/Vuv+3h/+KQv+IQv+2h/9kC/+9k//t4v92G//dyf9bAP9vEv+zhf9aAP91JP/07P/D nf/awf+UT/9pCP/dxv/Nrv+pc//p2v9hAP+GPf9pBv+GP/9iA/9iCv+ocv+QSv/Zwv/AmP+8j/+d Xv/Mqv+lbf/Psf+IOv/7+P/Orv9nCP+SU/96Lv96J//j0f9nA/9eBP/bw//aw//k1P+STf/r3f/n 1v/Ipf+6jf+gZ/+eYv/Lqv/Mrf/gzP9zG/+xgP+ygf/XvP/gzf+JQf/Cm/+VVf+FOP/fzP+QTP/h zv/Xvv+LRv/Gn//s3/+4iv9kAf9rFP+tdv9rCP9lAf9yFv+pcf94KP+xe//Yv/94If9pCv+COf+Z Vf+ue/+7kf9XAP9nCv/q3f9iAf+9lP9uEf9oA//l1P+FN////f+ncv+OR//v5f/y5/+aX/+hY/9+ K/9hAf/59P+hZ/+IPv+fYv90Gv/Qs/+XVf9wE/+VVP9+Lf+YWP/eyf+mbv9+Mf96Jv91HP/HpP+8 kQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAAAAAAALAAAAAAoACgA AAj/AAEIHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuQ AQYQCEBAZABOUnqM8FEQwQCBNGkKHPATQICjMoEimBlgaIFfYNAk2lTAKREIBQa86sKqigZdiEAU INBpABIPqmSaUbYiAhkCCUBAeNKIVihTPwnwWFZDjpYBvQBROvSigi0FIRBgEKXExR5XGgI5sIBn yQIMClA4ikAgUwyBB04JuDBLwJsxAiK1IWbFjgQBpZLIenRLQJphAiT5EsDGj4A6JhzIOECwwBY+ DK5MmtNEgAkcHS4AYyQgRYYJDbAIEBKiz4IztaA4zRFwA44DZsQHJqgwpQEVWG4oCIjDYE0WUCUE lMkQpkAyAVxwEIUemuzCARA0QDJKLp40NdABxwjwACoCECLfCal80UIlHwiggiF/FHCHAMEwIcAO OQggCAkSlmABCVUNFAAdRaCggAQFxCLCEAv8YIwXrSyCjCIzIOCBCCw0gIsaNhhhCQO8THCJDsIU NRABBmywgQFINSWGTAYMQNNPMSVwwgfFDCLAJwcYAEMeBtR00EwyytjUnQ7GFEQhR6yCSQc1HeUR XKSMEKdCAQEAOw== --_004_2254fd965784451a82d52a4d7c4c3259PEXCVZYH02corporateadro_-- From nobody Tue Mar 24 09:30:31 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E7D51A90B2; Tue, 24 Mar 2015 09:30:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.399 X-Spam-Level: X-Spam-Status: No, score=-0.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, IXHASH_X1=1.5] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iCu-pALXqWz1; Tue, 24 Mar 2015 09:30:27 -0700 (PDT) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A8D361A9041; Tue, 24 Mar 2015 09:30:27 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "Lionel Morand" To: X-Test-IDTracker: no X-IETF-IDTracker: 5.12.3 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20150324163027.9041.66158.idtracker@ietfa.amsl.com> Date: Tue, 24 Mar 2015 09:30:27 -0700 Archived-At: Cc: dime@ietf.org, dime-chairs@ietf.org, iesg-secretary@ietf.org, dime-chairs@tools.ietf.org Subject: [Dime] Publication has been requested for draft-ietf-dime-congestion-flow-attributes-01 X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Mar 2015 16:30:28 -0000 Lionel Morand has requested publication of draft-ietf-dime-congestion-flow-attributes-01 as Proposed Standard on behalf of the DIME working group. Please verify the document's state at http://datatracker.ietf.org/doc/draft-ietf-dime-congestion-flow-attributes/ From balint.uveges@nokia.com Tue Mar 24 10:16:51 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5EE51A9026 for ; Tue, 24 Mar 2015 10:16:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.901 X-Spam-Level: X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TZrQOnXfNkXr for ; Tue, 24 Mar 2015 10:16:50 -0700 (PDT) Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net [93.183.12.32]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE1A91A8AE2 for ; Tue, 24 Mar 2015 10:16:49 -0700 (PDT) Received: from demuprx017.emea.nsn-intra.net ([10.150.129.56]) by demumfd001.nsn-inter.net (8.14.3/8.14.3) with ESMTP id t2OHGk0S006129 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 24 Mar 2015 17:16:46 GMT Received: from DEMUHTC001.nsn-intra.net ([10.159.42.32]) by demuprx017.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id t2OHGkig004132 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 24 Mar 2015 18:16:46 +0100 Received: from DEMUHTC007.nsn-intra.net (10.159.42.38) by DEMUHTC001.nsn-intra.net (10.159.42.32) with Microsoft SMTP Server (TLS) id 14.3.224.2; Tue, 24 Mar 2015 18:16:45 +0100 Received: from DEMUMBX006.nsn-intra.net ([169.254.6.224]) by DEMUHTC007.nsn-intra.net ([10.159.42.38]) with mapi id 14.03.0224.002; Tue, 24 Mar 2015 18:16:45 +0100 From: "Uveges, Balint (Nokia - HU/Budapest)" To: "ext TROTTIN, JEAN-JACQUES (JEAN-JACQUES)" , "dime@ietf.org" Thread-Topic: Diameter load control, offline discussion Thread-Index: AdBlqG0uNaN/3b6ySYyVBWVJKnWtPAAChysAACi0mjA= Date: Tue, 24 Mar 2015 17:16:45 +0000 Message-ID: <28B876C36C5AA84CBAB912BA734FAC3501530825@DEMUMBX006.nsn-intra.net> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.159.42.156] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-purgate-type: clean X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de X-purgate: clean X-purgate: This mail is considered clean (visit http://www.eleven.de for further information) X-purgate-size: 713 X-purgate-ID: 151667::1427217406-00005972-0713DB14/0/0 Archived-At: Subject: Re: [Dime] Diameter load control, offline discussion X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Mar 2015 17:18:58 -0000 Hi, I'm also interested and will attend. Br, -Balint Uveges From: DiME [mailto:dime-bounces@ietf.org] On Behalf Of ext TROTTIN, JEAN-JA= CQUES (JEAN-JACQUES) Sent: Monday, March 23, 2015 10:50 PM To: dime@ietf.org Subject: [Dime] Diameter load control, offline discussion Hi As we usually did for overload control, Lionel, Steve =A0and I propose to h= ave an offline discussion about Diameter load control, after the Dime sessi= on on Wednesday.=20 We can meet at the registration desk Wednesday at 15 20 after beverage =A0w= ith Dime people interested. We will then find a place to discuss Please let us know if it is possible for you to attend,=20 Best regards JJacques=20 From nobody Tue Mar 24 14:05:54 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80F3C1A1A13 for ; Tue, 24 Mar 2015 14:05:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.12 X-Spam-Level: X-Spam-Status: No, score=-1.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_NEUTRAL=0.779] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zIiwwLEQEMTV for ; Tue, 24 Mar 2015 14:05:52 -0700 (PDT) Received: from biz131.inmotionhosting.com (biz131.inmotionhosting.com [173.247.247.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 357731A0419 for ; Tue, 24 Mar 2015 14:05:52 -0700 (PDT) Received: from dhcp-b5c1.meeting.ietf.org ([31.133.181.193]:62393) by biz131.inmotionhosting.com with esmtpsa (UNKNOWN:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1YaW1E-000A42-1H for dime@ietf.org; Tue, 24 Mar 2015 14:05:50 -0700 Message-ID: <5511D1AA.40804@usdonovans.com> Date: Tue, 24 Mar 2015 16:05:46 -0500 From: Steve Donovan User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: dime@ietf.org References: <20150126150303.15610.1562.idtracker@ietfa.amsl.com> In-Reply-To: <20150126150303.15610.1562.idtracker@ietfa.amsl.com> Content-Type: multipart/alternative; boundary="------------070402090300090206000404" X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - biz131.inmotionhosting.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - usdonovans.com X-Get-Message-Sender-Via: biz131.inmotionhosting.com: authenticated_id: srd+usdonovans.com/only user confirmed/virtual account not confirmed Archived-At: Subject: Re: [Dime] I-D Action: draft-ietf-dime-e2e-sec-req-02.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Mar 2015 21:05:53 -0000 This is a multi-part message in MIME format. --------------070402090300090206000404 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit A few comments on this document. I would suggest adding the following requirement -- The solution MUST ensure that routing AVPs are always sent in the clear. Requirement 5 does indicate that not all AVPs are covered by the " cryptographic protection". I think it would be better to be clear that there is a set of AVPs that MUST NOT be encrypted. In addition, the following requirement might be useful -- The solution MUST support the ability to identify other non routing AVPs that must always be sent in the clear. This would be to cover overload, load, message priority and other AVPs that need to be accessible by all nodes in the path of a transaction. Regards, Steve On 1/26/15 9:03 AM, internet-drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Diameter Maintenance and Extensions Working Group of the IETF. > > Title : Diameter AVP Level Security End-to-End Security: Scenarios and Requirements > Authors : Hannes Tschofenig > Jouni Korhonen > Glen Zorn > Kervin Pillay > Filename : draft-ietf-dime-e2e-sec-req-02.txt > Pages : 9 > Date : 2015-01-26 > > Abstract: > This specification discusses requirements for providing Diameter > security at the level of individual Attribute Value Pairs. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dime-e2e-sec-req/ > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-ietf-dime-e2e-sec-req-02 > > A diff from the previous version is available at: > http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-e2e-sec-req-02 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime > --------------070402090300090206000404 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit A few comments on this document.

I would suggest adding the following requirement -- The solution MUST ensure that routing AVPs are always sent in the clear.

Requirement 5 does indicate that not all AVPs are covered by the " cryptographic protection". I think it would be better to be clear that there is a set of AVPs that MUST NOT be encrypted.

In addition, the following requirement might be useful -- The solution MUST support the ability to identify other non routing AVPs that must always be sent in the clear.

This would be to cover overload, load, message priority and other AVPs that need to be accessible by all nodes in the path of a transaction.

Regards,

Steve

On 1/26/15 9:03 AM, internet-drafts@ietf.org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Diameter Maintenance and Extensions Working Group of the IETF.

        Title           : Diameter AVP Level Security End-to-End Security: Scenarios and Requirements
        Authors         : Hannes Tschofenig
                          Jouni Korhonen
                          Glen Zorn
                          Kervin Pillay
	Filename        : draft-ietf-dime-e2e-sec-req-02.txt
	Pages           : 9
	Date            : 2015-01-26

Abstract:
   This specification discusses requirements for providing Diameter
   security at the level of individual Attribute Value Pairs.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dime-e2e-sec-req/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-dime-e2e-sec-req-02

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-e2e-sec-req-02


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
DiME mailing list
DiME@ietf.org
https://www.ietf.org/mailman/listinfo/dime


--------------070402090300090206000404-- From nobody Tue Mar 24 22:12:21 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E88E1ACDB1; Tue, 24 Mar 2015 22:12:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BEDsudIMU9dz; Tue, 24 Mar 2015 22:12:17 -0700 (PDT) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C90161ACDAB; Tue, 24 Mar 2015 22:12:17 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 5.12.3 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20150325051217.30647.9922.idtracker@ietfa.amsl.com> Date: Tue, 24 Mar 2015 22:12:17 -0700 Archived-At: Cc: dime@ietf.org Subject: [Dime] I-D Action: draft-ietf-dime-4over6-provisioning-00.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Mar 2015 05:12:19 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Diameter Maintenance and Extensions Working Group of the IETF. Title : Attribute-Value Pairs For Provisioning Customer Equipment Supporting IPv4-Over-IPv6 Transitional Solutions Authors : Cathy Zhou T. Taylor Qiong Sun M. Boucadair Filename : draft-ietf-dime-4over6-provisioning-00.txt Pages : 19 Date : 2015-03-24 Abstract: During the transition from IPv4 to IPv6, customer equipment may have to support one of the various transition methods that have been defined for carrying IPv4 packets over IPv6. This document enumerates the information that needs to be provisioned on a customer edge router to support a list of transition techniques based on tunneling IPv4 in IPv6, with a view to defining reusable components for a reasonable transition path between these techniques. To the extent that the provisioning is done dynamically, AAA support is needed to provide the information to the network server responsible for passing the information to the customer equipment. This document specifies Diameter (RFC 6733) attribute-value pairs to be used for that purpose. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-dime-4over6-provisioning/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-ietf-dime-4over6-provisioning-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From hvillfor@gmail.com Wed Mar 25 01:18:38 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B51DD1ACE09 for ; Wed, 25 Mar 2015 01:18:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VNM73APBBdr3 for ; Wed, 25 Mar 2015 01:18:36 -0700 (PDT) Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88DFF1ACE12 for ; Wed, 25 Mar 2015 01:18:36 -0700 (PDT) Received: by oifl3 with SMTP id l3so15315499oif.0 for ; Wed, 25 Mar 2015 01:18:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=IpkHeEVAwhUivOJAG60X3zHjl9yYbn3djA+v/gOoRk4=; b=cT2qsq66VGWMNJMjT49XTGqgUZ0dEWz6XAlUBF27LoVE0YJxGCORFIG+KM4BLNxR+q IEh3b0feomwuPEMEVht5B1Ie8FAuCFJfR6TFxnkwKvnZbti4eurUcTza5WjZSXgzGF0r h3OAkZaUQFlcrrp3DruPINTr90K/64qVx8EPltoHv/kpx7s1WVR9cgB+loN1PcnFm9iw zK2YEdi0wyxNGD+MbdpOh58Li1+wh8skixhULcqBl4HTBUeHcd8ZZRf62Rp58Sfy5/h0 DJyRSbj2XCNlkOk+UJAgw+oG0Td/B9CFjNZmsU8WCGQEWKA1AnhMNf1ASA4LopGIGjNV 8aMQ== MIME-Version: 1.0 X-Received: by 10.60.103.234 with SMTP id fz10mr6462383oeb.11.1427271516054; Wed, 25 Mar 2015 01:18:36 -0700 (PDT) Received: by 10.182.116.234 with HTTP; Wed, 25 Mar 2015 01:18:35 -0700 (PDT) Date: Wed, 25 Mar 2015 09:18:35 +0100 Message-ID: From: =?UTF-8?Q?Henrik_Villf=C3=B6r?= To: dime@ietf.org Content-Type: multipart/alternative; boundary=089e0115e868b66a560512188bb2 Archived-At: Subject: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Mar 2015 08:26:03 -0000 --089e0115e868b66a560512188bb2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi, a follow up on the question below. Is there anything in the base specification requiring the realm in the Origin-Realm AVP to be the same as the domain part of the Origin-Host AVP? Would the following be allowed? Origin-Realm: realmexample.com Origin-Host: node.domainexample.com Also, although none of the examples of Diameter host identities in rfc 6733 show an FQDN with a trailing dot it should be allowed, but a realm may not end in a dot. So, this should be allowed: Origin-Host: node.domainexample.com. This should not be allowed: Origin-Realm: realmexample.com. (Sorry about the ugly cut'n'paste. Just joined the list and found the recent post below in the archive.) Best Regards, Henrik Villf=C3=B6r --------- Hi Lars, According to the base protocol, there is no such restriction. When the DiameterIdentity format is used to identify a Diameter node, the only requirement is that: * the DiameterIdentity value in Origin/Destination-Host AVP is an FQDN. * there is at least one peer table in the realm identified by the Origin/Destination-Realm AVP that contains the host identified by the FQDN= . So Example 2 is perfectly valid from a base protocol point of view, as long as there is at least one node in "example.com" with a transport connection with the peer "node.site1.example.com". Now, some Diameter applications may have defined specific rules regarding the format of realm/host identity, with explicit restrictions/limitations. It is then required to check if there is any of these restrictions defined in the related specification. Regards, Lionel De : DiME [mailto:dime-bounces at ietf.org] De la part de Lars J=C3=B8rgen Lillehovde Envoy=C3=A9 : dimanche 15 mars 2015 12:54 =C3=80 : dime at ietf.= org Objet : [Dime] Allowed host and realm naming for a diameter node Hi, I'm trying to clarify the allowed naming convension for the host and realm of a diameter node. This relates to the values used in the Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296). I've reviewed the Diameter RFCs and cannot find a definitive answer to this issue. The reason for asking this question is that I'm in discussion with a vendor of a Diameter Routing Agent (DRA) which claims that the host of a diameter node has to be in the format host.realm. (1) Example of the only allowed format according to the vendor: Origin-Realm: example.com Origin-Host: node.example.com I want to clarify if multiple subdomains are allowed to be added in the host without being present in the realm. (2) Example: Origin-Realm: example.com Origin-Host: node.site1.example.com According to the vendor, the example 2 is not allowed. To have the host as in example 2, the realm will have to be site1.example.com. Could someone please clarify this naming issue or point me to the standard where this is defined. Thank you. Best regards, Lars J. Lillehovde ___________________________________________________________________________= ______________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. --089e0115e868b66a560512188bb2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

Hi,

=C2=A0 a follow up on t= he question below.

Is there anything in the base specifica= tion requiring the realm in the Origin-Realm AVP to be the same as the domain part of the Origin-Host AVP?

Would the following be allowed?

Origin-Realm: realmexam= ple.com

Origin-Host: node.domainexample.com

=C2=A0=C2=A0

Also, although none of the examples of Diameter host identities in rfc 6733 show an FQDN with a trailing dot it should be allowe= d, but a realm may not end in a dot.

So, this should be allo= wed:

Origin-Host: node.domainexample.com.

=C2=A0

This should not be allowed:

Origin-Realm: realmexample.com.

=C2=A0=

(Sorry about the ugly cut'n'paste. Just joined th= e list and found the recent post below in the archive.)

=C2=A0

Best Regards,

Henrik Villf=C3=B6r

=C2=A0

=C2=A0

---------

=C2=A0

Hi Lars,

=C2=A0

= =C2=A0

=C2=A0

According to the base protocol, there is no such restriction. When the DiameterIdentity format is used to identify a Diamete= r node, the only requirement is that:

=C2=A0

* the DiameterIdentity value in Origin/Destination-Host AVP is an FQDN.

=C2=A0

* there is at leas= t one peer table in the realm identified by the Origin/Destination-Realm=C2=A0 AVP that contains the host identified by the FQDN.

=C2=A0

=C2=A0

=

=C2=A0

So Example 2 is perfectly valid from = a base protocol point of view, as long as there is at least one node in "example.com" with a transport connection with the peer "node.site1.example.com".

=C2=A0

=C2=A0

=C2=A0

Now, some Di= ameter applications may have defined specific rules regarding the format of realm/host identity, with explicit restrictions/limitations. It is then required to check if there is any of t= hese restrictions defined in the related specification.

=C2=A0<= /p>

=C2=A0

=C2=A0

Regards,

=C2=A0

=C2=A0

=C2=A0

<= p class=3D"">Lionel

=C2=A0

=C2=A0

=C2=A0

De : DiME [mailto:dime-bounces at ietf.org] De la part de Lars J=C3=B8rgen Lillehovde Envoy= =C3=A9 : dimanche 15 mars 2015 12:54 =C3=80 : dime at ie= tf.org Objet : [Dime] Allowed host and realm naming for a diameter node

=C2=A0

=C2=A0

=C2=A0

Hi,

=C2= =A0

=C2=A0

I'm trying to clarify the = allowed naming convension for the host and realm of a diameter node. This relates to the values used in t= he Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296). I'v= e reviewed the Diameter RFCs and cannot find a definitive answer to this issu= e.

=C2=A0

=C2=A0

The rea= son for asking this question is that I'm in discussion with a vendor of a Diameter Routing Agent (DRA) which claims tha= t the host of a diameter node has to be in the format host.realm.

=C2=A0

=C2=A0

=C2=A0

(1) Example of the only allowed format according to the vendor:

=C2=A0

Origin-Realm: example.com

=C2=A0

Origin-Host: node.example.com

<= p class=3D"">=C2=A0

=C2=A0

=C2=A0

I want to clarify if multiple subdomains are allowed to be added in the host without being present in the realm.

= =C2=A0

(2) Example:

=C2=A0

Origin-Realm: example.com

=C2=A0

Origin-Host: node.site1.example.com

=C2=A0

=C2=A0

=C2=A0

According to the vendor,= the example 2 is not allowed. To have the host as in example 2, the realm will have to be site1.example.com.

=C2=A0

=C2=A0

=C2=A0

Could someone pleas= e clarify this naming issue or point me to the standard where this is defined.

=C2=A0

=C2=A0

=C2=A0

Thank you.

=C2=A0

=C2=A0

=C2=A0

=C2=A0

=C2=A0

Best regards,

=C2=A0

Lars J. Lillehovde

=C2= =A0

______________________________________________________= ___________________________________________________________________

=C2=A0

Ce message et ses pieces jointes peuvent = contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce messa= ge par erreur, veuillez le signaler a l'expediteur et le detruire ainsi qu= e les pieces jointes. Les messages electroniques etant susceptibles d'alterat= ion, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

=C2=A0

This message and = its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation.

If you = have received this email in error, please notify the sender and delete this message and its attachments.

As= emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Th= ank you.

=C2=A0

--089e0115e868b66a560512188bb2-- From nobody Wed Mar 25 21:33:19 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9734E1A8A07 for ; Wed, 25 Mar 2015 21:33:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mM6ry5DrfnDN for ; Wed, 25 Mar 2015 21:33:17 -0700 (PDT) Received: from mail-wi0-x236.google.com (mail-wi0-x236.google.com [IPv6:2a00:1450:400c:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A0381A7023 for ; Wed, 25 Mar 2015 21:33:16 -0700 (PDT) Received: by wibgn9 with SMTP id gn9so68235075wib.1 for ; Wed, 25 Mar 2015 21:33:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=4U+m2IfPEIiG/ac7qtt0cEt7ZmbEPc6AuvljlL5Z8NE=; b=YThhyMMZMebWaKOYTl9NkOl+Ak9YzytMTjyGlAz975CVWZdRx1aKo8wtYiVAFME906 fq7ptG1xA7kF6DJTaZ+RkjsIUEdNtSZQEIkCBQJG6aFXGy9LYYU2yP+1oM99FU309TcP cjUqCHiojAnWJoQsJHxLY7ZUxsT0Sxub7aCl/4c7Sp2dKG1b+tYzjKaYiKUKtdpRJdpF tQ00ugWOsS5k70xULEeK0ks1teQLNA2Zy108R4iIdw/S5Nd+Wqjrk+aKtKaWyfZszLEr hbItJz7wPWzyD6FnwaaeA52oBfAQ7WN9ZzD+kbZqDzVTKpQ6kwDfOA0Yv0vu8mrKj6SA Ul4Q== X-Received: by 10.180.81.7 with SMTP id v7mr44349567wix.27.1427344395424; Wed, 25 Mar 2015 21:33:15 -0700 (PDT) Received: from ?IPv6:2001:67c:370:136:e852:f487:438c:7085? ([2001:67c:370:136:e852:f487:438c:7085]) by mx.google.com with ESMTPSA id fy2sm23430716wic.15.2015.03.25.21.33.13 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 Mar 2015 21:33:14 -0700 (PDT) Message-ID: <55138C07.2070007@gmail.com> Date: Wed, 25 Mar 2015 21:33:11 -0700 From: Jouni Korhonen User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Steve Donovan , dime@ietf.org References: <20150126150303.15610.1562.idtracker@ietfa.amsl.com> <5511D1AA.40804@usdonovans.com> In-Reply-To: <5511D1AA.40804@usdonovans.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [Dime] I-D Action: draft-ietf-dime-e2e-sec-req-02.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Mar 2015 04:33:18 -0000 Steve, See inline.. 3/24/2015, 2:05 PM, Steve Donovan kirjoitti: > A few comments on this document. > > I would suggest adding the following requirement -- The solution MUST > ensure that routing AVPs are always sent in the clear. By routing AVPs you refer to Router-Record and Proxy-Info as per RFC6733, right? In that case I do not see a reason for the "are always sent in the clear". > Requirement 5 does indicate that not all AVPs are covered by the " > cryptographic protection". I think it would be better to be clear that > there is a set of AVPs that MUST NOT be encrypted. OK. > In addition, the following requirement might be useful -- The solution > MUST support the ability to identify other non routing AVPs that must > always be sent in the clear. I would assume the knowledge which AVPs are ciphered is up to a local policy. If the policy is wrong, the receiver or intermediates will reply with an error. - Jouni > This would be to cover overload, load, message priority and other AVPs > that need to be accessible by all nodes in the path of a transaction. > > Regards, > > Steve > > On 1/26/15 9:03 AM, internet-drafts@ietf.org wrote: >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> This draft is a work item of the Diameter Maintenance and Extensions Working Group of the IETF. >> >> Title : Diameter AVP Level Security End-to-End Security: Scenarios and Requirements >> Authors : Hannes Tschofenig >> Jouni Korhonen >> Glen Zorn >> Kervin Pillay >> Filename : draft-ietf-dime-e2e-sec-req-02.txt >> Pages : 9 >> Date : 2015-01-26 >> >> Abstract: >> This specification discusses requirements for providing Diameter >> security at the level of individual Attribute Value Pairs. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-dime-e2e-sec-req/ >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-ietf-dime-e2e-sec-req-02 >> >> A diff from the previous version is available at: >> http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-e2e-sec-req-02 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> DiME mailing list >> DiME@ietf.org >> https://www.ietf.org/mailman/listinfo/dime >> > > > > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime > From nobody Wed Mar 25 22:07:18 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2AC31ACD0A for ; Wed, 25 Mar 2015 22:07:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.1 X-Spam-Level: X-Spam-Status: No, score=-1.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4_aHrnKkB7ri for ; Wed, 25 Mar 2015 22:07:16 -0700 (PDT) Received: from mail-wg0-x233.google.com (mail-wg0-x233.google.com [IPv6:2a00:1450:400c:c00::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C16371ACD08 for ; Wed, 25 Mar 2015 22:07:15 -0700 (PDT) Received: by wgra20 with SMTP id a20so51188466wgr.3 for ; Wed, 25 Mar 2015 22:07:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=cfP8gx7VDtHzy3GJUfHGK2xGY7T0n9AxhvFc44cTFtw=; b=rQBGgMU9cxBIBan95SPl/6VXTsuPdgzUnZckaLFfXfqcpaBG1YoTm8aggAjuWA0UGd MwkdBUhJUo3qcLx33A4TXm1YnXeYM8iQt4iu+7UZllsKeymnVBzKvVGoCQcAfFWdMgwF kXuMHDevX8Z9u2RgtcjlRO/zfPoXqHfraKAIdnCI7KgW1tuu+w3P9/mln/EKfSd1oM2+ TeeLAydWieItA8BoiWnNHimrItkNlFkD5JPzaD9GJVHzjOGgb3cabCTUvFLvPDTHRxGC ZeJuG5bMTCz3eWYOIi92HqJk95sM9XzfVlo8KGmXZ7+yvWhekmRJLwYsdsU3PWE+QmZs HnOQ== X-Received: by 10.180.87.165 with SMTP id az5mr34530921wib.29.1427346434523; Wed, 25 Mar 2015 22:07:14 -0700 (PDT) Received: from ?IPv6:2001:67c:370:136:e852:f487:438c:7085? ([2001:67c:370:136:e852:f487:438c:7085]) by mx.google.com with ESMTPSA id hd10sm23525690wib.7.2015.03.25.22.07.12 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 Mar 2015 22:07:13 -0700 (PDT) Message-ID: <551393FF.1090700@gmail.com> Date: Wed, 25 Mar 2015 22:07:11 -0700 From: Jouni Korhonen User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: =?windows-1252?Q?Henrik_Villf=F6r?= , dime@ietf.org References: In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Mar 2015 05:07:17 -0000 Hi, 3/25/2015, 1:18 AM, Henrik Villfr kirjoitti: > Hi, > > a follow up on the question below. > > Is there anything in the base specification requiring the realm in the > Origin-Realm AVP to be the same as the domain part of the Origin-Host AVP? > > Would the following be allowed? > > Origin-Realm: realmexample.com > > Origin-Host: node.domainexample.com Based on my reading of RFC6733 yes.. but when reading RFC3588 no'ish. The subttle change between these two was: OLD: DiameterIdentity = FQDN NEW: DiameterIdentity = FQDN/Realm And when reading the text on a DiameterIdentity a Diameter node _should_ (ok.. the should is not must..) only use one DiameterIdentity which means the FQDN in Origin-Host and Origin-Realm should be the same.. > Also, although none of the examples of Diameter host identities in rfc > 6733 show an FQDN with a trailing dot it should be allowed, but a realm > may not end in a dot. AFAIR the FQDN first appeared in RFC1206.. none of the FQDN examples use the trailing ".". Anyway, referring to RFC1034 and the "relative names" it is stated that: -- Relative names are either taken relative to a well known origin, or to a list of domains used as a search list. Relative names appear mostly at the user interface, where their interpretation varies from implementation to implementation, and in master files, where they are relative to a single origin domain name. The most common interpretation uses the root "." as either the single origin or as one of the members of the search list, so a multi-label relative name is often one where the trailing dot has been omitted to save typing. -- Thus it is expected that the resolver library (or equivalent) knows when to add the missing "." e.g. when the domain name is supposed to be a DiameterIdentity. > So, this should be allowed: > > Origin-Host: node.domainexample.com. Irrespective of my above rant, I agree. > This should not be allowed: > > Origin-Realm: realmexample.com. Agree (since the example shows a realm). - Jouni > (Sorry about the ugly cut'n'paste. Just joined the list and found the > recent post below in the archive.) > > Best Regards, > > Henrik Villfr > > --------- > > Hi Lars, > > According to the base protocol, there is no such restriction. When the > DiameterIdentity format is used to identify a Diameter node, the only > requirement is that: > > * the DiameterIdentity value in Origin/Destination-Host AVP is an FQDN. > > * there is at least one peer table in the realm identified by the > Origin/Destination-Realm AVP that contains the host identified by the FQDN. > > So Example 2 is perfectly valid from a base protocol point of view, as > long as there is at least one node in "example.com " > with a transport connection with the peer "node.site1.example.com > ". > > Now, some Diameter applications may have defined specific rules > regarding the format of realm/host identity, with explicit > restrictions/limitations. It is then required to check if there is any > of these restrictions defined in the related specification. > > Regards, > > Lionel > > De : DiME [mailto:dime-bounces at ietf.org > ] De la part de Lars Jrgen Lillehovde Envoy : > dimanche 15 mars 2015 12:54 : dime at ietf.org Objet > : [Dime] Allowed host and realm naming for a diameter node > > Hi, > > I'm trying to clarify the allowed naming convension for the host and > realm of a diameter node. This relates to the values used in the > Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296). I've > reviewed the Diameter RFCs and cannot find a definitive answer to this > issue. > > The reason for asking this question is that I'm in discussion with a > vendor of a Diameter Routing Agent (DRA) which claims that the host of a > diameter node has to be in the format host.realm. > > (1) Example of the only allowed format according to the vendor: > > Origin-Realm: example.com > > Origin-Host: node.example.com > > I want to clarify if multiple subdomains are allowed to be added in the > host without being present in the realm. > > (2) Example: > > Origin-Realm: example.com > > Origin-Host: node.site1.example.com > > According to the vendor, the example 2 is not allowed. To have the host > as in example 2, the realm will have to be site1.example.com > . > > Could someone please clarify this naming issue or point me to the > standard where this is defined. > > Thank you. > > Best regards, > > Lars J. Lillehovde > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc pas etre diffuses, > exploites ou copies sans autorisation. Si vous avez recu ce message par > erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les > pieces jointes. Les messages electroniques etant susceptibles > d'alteration, Orange decline toute responsabilite si ce message a ete > altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged > information that may be protected by law; they should not be > distributed, used or copied without authorisation. > > If you have received this email in error, please notify the sender and > delete this message and its attachments. > > As emails may be altered, Orange is not liable for messages that have > been modified, changed or falsified. > > Thank you. > > > > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime > From nobody Fri Mar 27 01:02:13 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10E561A9128 for ; Fri, 27 Mar 2015 01:02:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7U4j_mfW6hFA for ; Fri, 27 Mar 2015 01:02:06 -0700 (PDT) Received: from mail-oi0-x233.google.com (mail-oi0-x233.google.com [IPv6:2607:f8b0:4003:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 403351A9108 for ; Fri, 27 Mar 2015 01:02:06 -0700 (PDT) Received: by oifl3 with SMTP id l3so69981919oif.0 for ; Fri, 27 Mar 2015 01:02:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=eq1lq//ZaU+Vdy9TcBh06hyGMTCSPEMJA955SNgbD8E=; b=WmYBA/EDbQ5diBecHMnZlPS+d+OqnQbJgE7DZ0L3UXOSnLDppcCPREvzMYy1jjZIyC Vx5ZZJaenQj0BGITKNGUlxqNz1IpMbSFdornsKn00vsH0hiclQqT5FHr+16VMb9MWJKf 9gB138YppX+V70Rdeaje+sMQWq6e/gMFMLYI0vEsE8lWq0NQwu9XbjdJtu0XZigsRI67 20DuHV+cGGPQavEhiXspZ40CzU8KEGOm+Iw2fR2TjxbsY7b3V2uHfvbudrqB8CZ8m3s1 Vws++n+mpEpI11aI54EDBlafywZELXVAaW/E5KOz8tYEFIEOZXL0j8qZqGtrgaSwIVU7 r7bw== MIME-Version: 1.0 X-Received: by 10.182.210.197 with SMTP id mw5mr15568106obc.26.1427443325756; Fri, 27 Mar 2015 01:02:05 -0700 (PDT) Received: by 10.182.116.234 with HTTP; Fri, 27 Mar 2015 01:02:05 -0700 (PDT) In-Reply-To: <551393FF.1090700@gmail.com> References: <551393FF.1090700@gmail.com> Date: Fri, 27 Mar 2015 09:02:05 +0100 Message-ID: From: =?UTF-8?Q?Henrik_Villf=C3=B6r?= To: Jouni Korhonen Content-Type: multipart/alternative; boundary=001a11c29be85e68870512408c55 Archived-At: Cc: dime@ietf.org Subject: Re: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Mar 2015 08:02:12 -0000 --001a11c29be85e68870512408c55 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Thank you Jouni, I interpret your answer to say that from a standards and functional point of view the Origin-realm and the domain part of the Origin-host may differ but for (backward) compatibility reasons it is a good idea to keep them the same. Correct? Regards, Henrik 2015-03-26 6:07 GMT+01:00 Jouni Korhonen : > Hi, > > 3/25/2015, 1:18 AM, Henrik Villf=C3=B6r kirjoitti: > >> Hi, >> >> a follow up on the question below. >> >> Is there anything in the base specification requiring the realm in the >> Origin-Realm AVP to be the same as the domain part of the Origin-Host AV= P? >> >> Would the following be allowed? >> >> Origin-Realm: realmexample.com >> >> Origin-Host: node.domainexample.com >> > > Based on my reading of RFC6733 yes.. but when reading RFC3588 no'ish. The > subttle change between these two was: > > OLD: > DiameterIdentity =3D FQDN > NEW: > DiameterIdentity =3D FQDN/Realm > > And when reading the text on a DiameterIdentity a Diameter node _should_ > (ok.. the should is not must..) only use one DiameterIdentity which means > the FQDN in Origin-Host and Origin-Realm should be the same.. > > Also, although none of the examples of Diameter host identities in rfc >> 6733 show an FQDN with a trailing dot it should be allowed, but a realm >> may not end in a dot. >> > > AFAIR the FQDN first appeared in RFC1206.. none of the FQDN examples use > the trailing ".". Anyway, referring to RFC1034 and the "relative names" i= t > is stated that: > > -- > Relative names are either taken relative to a well known origin, or to a > list of domains used as a search list. Relative names appear mostly at > the user interface, where their interpretation varies from > implementation to implementation, and in master files, where they are > relative to a single origin domain name. The most common interpretation > uses the root "." as either the single origin or as one of the members > of the search list, so a multi-label relative name is often one where > the trailing dot has been omitted to save typing. > -- > > Thus it is expected that the resolver library (or equivalent) knows when > to add the missing "." e.g. when the domain name is supposed to be a > DiameterIdentity. > > So, this should be allowed: >> >> Origin-Host: node.domainexample.com. >> > > Irrespective of my above rant, I agree. > > This should not be allowed: >> >> Origin-Realm: realmexample.com. >> > > Agree (since the example shows a realm). > > - Jouni > > (Sorry about the ugly cut'n'paste. Just joined the list and found the >> recent post below in the archive.) >> >> Best Regards, >> >> Henrik Villf=C3=B6r >> >> --------- >> >> Hi Lars, >> >> According to the base protocol, there is no such restriction. When the >> DiameterIdentity format is used to identify a Diameter node, the only >> requirement is that: >> >> * the DiameterIdentity value in Origin/Destination-Host AVP is an FQDN. >> >> * there is at least one peer table in the realm identified by the >> Origin/Destination-Realm AVP that contains the host identified by the >> FQDN. >> >> So Example 2 is perfectly valid from a base protocol point of view, as >> long as there is at least one node in "example.com " >> with a transport connection with the peer "node.site1.example.com >> ". >> >> Now, some Diameter applications may have defined specific rules >> regarding the format of realm/host identity, with explicit >> restrictions/limitations. It is then required to check if there is any >> of these restrictions defined in the related specification. >> >> Regards, >> >> Lionel >> >> De : DiME [mailto:dime-bounces at ietf.org >> ] De la part de Lars J=C3=B8rgen Lillehovde Envoy=C3=A9= : >> dimanche 15 mars 2015 12:54 =C3=80 : dime at ietf.org = Objet >> : [Dime] Allowed host and realm naming for a diameter node >> >> Hi, >> >> I'm trying to clarify the allowed naming convension for the host and >> realm of a diameter node. This relates to the values used in the >> Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296). I've >> reviewed the Diameter RFCs and cannot find a definitive answer to this >> issue. >> >> The reason for asking this question is that I'm in discussion with a >> vendor of a Diameter Routing Agent (DRA) which claims that the host of a >> diameter node has to be in the format host.realm. >> >> (1) Example of the only allowed format according to the vendor: >> >> Origin-Realm: example.com >> >> Origin-Host: node.example.com >> >> I want to clarify if multiple subdomains are allowed to be added in the >> host without being present in the realm. >> >> (2) Example: >> >> Origin-Realm: example.com >> >> Origin-Host: node.site1.example.com >> >> According to the vendor, the example 2 is not allowed. To have the host >> as in example 2, the realm will have to be site1.example.com >> . >> >> Could someone please clarify this naming issue or point me to the >> standard where this is defined. >> >> Thank you. >> >> Best regards, >> >> Lars J. Lillehovde >> >> ____________________________________________________________ >> _____________________________________________________________ >> >> Ce message et ses pieces jointes peuvent contenir des informations >> confidentielles ou privilegiees et ne doivent donc pas etre diffuses, >> exploites ou copies sans autorisation. Si vous avez recu ce message par >> erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les >> pieces jointes. Les messages electroniques etant susceptibles >> d'alteration, Orange decline toute responsabilite si ce message a ete >> altere, deforme ou falsifie. Merci. >> >> This message and its attachments may contain confidential or privileged >> information that may be protected by law; they should not be >> distributed, used or copied without authorisation. >> >> If you have received this email in error, please notify the sender and >> delete this message and its attachments. >> >> As emails may be altered, Orange is not liable for messages that have >> been modified, changed or falsified. >> >> Thank you. >> >> >> >> _______________________________________________ >> DiME mailing list >> DiME@ietf.org >> https://www.ietf.org/mailman/listinfo/dime >> >> --001a11c29be85e68870512408c55 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Thank you Jouni,
I interpret your answer to say that f= rom a standards and functional point of view the Origin-realm and the domai= n part of the Origin-host may differ but for (backward) compatibility reaso= ns it is a good idea to keep them the same.=C2=A0

= Correct?

Regards,
Henrik

<= /div>

=C2=A0

<= div class=3D"gmail_quote">2015-03-26 6:07 GMT+01:00 Jouni Korhonen <j= ouni.nospam@gmail.com>:
Hi,=

3/25/2015, 1:18 AM, Henrik Villf=C3=B6r kirjoitti:
Hi,

=C2=A0 =C2=A0a follow up on the question below.

Is there anything in the base specification requiring the realm in the
Origin-Realm AVP to be the same as the domain part of the Origin-Host AVP?<= br>
Would the following be allowed?

Origin-Realm: realmex= ample.com

Origin-Host: no= de.domainexample.com

Based on my reading of RFC6733 yes.. but when reading RFC3588 no'ish. T= he subttle change between these two was:

OLD:
=C2=A0 DiameterIdentity=C2=A0 =3D FQDN
NEW:
=C2=A0 DiameterIdentity=C2=A0 =3D FQDN/Realm

And when reading the text on a DiameterIdentity a Diameter node _should_ (o= k.. the should is not must..) only use one DiameterIdentity which means the= FQDN in Origin-Host and Origin-Realm should be the same..=

Also, although none of the examples of Diameter host identities in rfc
6733 show an FQDN with a trailing dot it should be allowed, but a realm
may not end in a dot.

AFAIR the FQDN first appeared in RFC1206.. none of the FQDN examples use th= e trailing ".". Anyway, referring to RFC1034 and the "relati= ve names" it is stated that:

--
Relative names are either taken relative to a well known origin, or to a list of domains used as a search list.=C2=A0 Relative names appear mostly a= t
the user interface, where their interpretation varies from
implementation to implementation, and in master files, where they are
relative to a single origin domain name.=C2=A0 The most common interpretati= on
uses the root "." as either the single origin or as one of the me= mbers
of the search list, so a multi-label relative name is often one where
the trailing dot has been omitted to save typing.
--

Thus it is expected that the resolver library (or equivalent) knows when to= add the missing "." e.g. when the domain name is supposed to be = a DiameterIdentity.

So, this should be allowed:

Origin-Host: no= de.domainexample.com.

Irrespective of my above rant, I agree.

This should not be allowed:

Origin-Realm: realmex= ample.com.

Agree (since the example shows a realm).

- Jouni

(Sorry about the ugly cut'n'paste. Just joined the list and found t= he
recent post below in the archive.)

Best Regards,

Henrik Villf=C3=B6r

---------

Hi Lars,

According to the base protocol, there is no such restriction. When the
DiameterIdentity format is used to identify a Diameter node, the only
requirement is that:

* the DiameterIdentity value in Origin/Destination-Host AVP is an FQDN.

* there is at least one peer table in the realm identified by the
Origin/Destination-Realm=C2=A0 AVP that contains the host identified by the= FQDN.

So Example 2 is perfectly valid from a base protocol point of view, as
<= /span> long as there is at least one node in "example.com <http://example.com>"
with a transport connection with the peer "node.site1.example.com
<http://node= .site1.example.com>".

Now, some Diameter applications may have defined specific rules
regarding the format of realm/host identity, with explicit
restrictions/limitations. It is then required to check if there is any
of these restrictions defined in the related specification.

Regards,

Lionel

De : DiME [mailto:dime-bo= unces <mailto:dime= -bounces> at ietf.org<= /a>
<
http://ietf.org>] = De la part de Lars J=C3=B8rgen Lillehovde Envoy=C3=A9 :
dimanche 15 mars 2015 12:54 =C3=80 : dime at ietf.org <http://ietf.org> Objet
: [Dime] Allowed host and realm naming for a diameter node

Hi,

I'm trying to clarify the allowed naming convension for the host and realm of a diameter node. This relates to the values used in the
Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296). I'v= e
reviewed the Diameter RFCs and cannot find a definitive answer to this
issue.

The reason for asking this question is that I'm in discussion with a vendor of a Diameter Routing Agent (DRA) which claims that the host of a diameter node has to be in the format host.realm.

(1) Example of the only allowed format according to the vendor:

Origin-Realm: example.com<= /a> <http://example.com= >

Origin-Host: node.exa= mple.com <http= ://node.example.com>

I want to clarify if multiple subdomains are allowed to be added in the
host without being present in the realm.

(2) Example:

Origin-Realm: example.com<= /a> <http://example.com= >

Origin-Host: no= de.site1.example.com <http://node.site1.example.com>=

According to the vendor, the example 2 is not allowed. To have the host
as in example 2, the realm will have to be site1.example.com
<http://site1.exa= mple.com>.

Could someone please clarify this naming issue or point me to the
standard where this is defined.

Thank you.

Best regards,

Lars J. Lillehovde

_____________________________________________________________= ____________________________________________________________<= br>
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc pas etre diffuses,
exploites ou copies sans autorisation. Si vous avez recu ce message par
erreur, veuillez le signaler a l'expediteur et le detruire ainsi que le= s
pieces jointes. Les messages electroniques etant susceptibles
d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged
information that may be protected by law; they should not be
distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and
delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have
been modified, changed or falsified.

Thank you.



_______________________________________________
DiME mailing list
DiME@ietf.org
ht= tps://www.ietf.org/mailman/listinfo/dime


--001a11c29be85e68870512408c55-- From nobody Fri Mar 27 11:26:11 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E3E51A88CF for ; Fri, 27 Mar 2015 11:26:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.1 X-Spam-Level: X-Spam-Status: No, score=-1.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yvaZ4xgkWJyN for ; Fri, 27 Mar 2015 11:26:08 -0700 (PDT) Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55BC01ACE81 for ; Fri, 27 Mar 2015 11:25:12 -0700 (PDT) Received: by wibbg6 with SMTP id bg6so36419859wib.0 for ; Fri, 27 Mar 2015 11:25:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=4ZYWEYMBRARfiFROyCmbfe3w51J3cYkwcb3J1mBAS3k=; b=RykgL49vzHhexDc9xstL/8yu65HO5puFHgX62wrkB+SbAUHhoppvwuQoqMRY21sHkl 4GSKRa7fQ5PamPAjorCSVGdU4c6SKApTOCXGNQyWSBuC63C6k2PhdlsG4d7vy+mpUIUy yVN6U9p381ZV0Tp2/P2ezMSFtVbdWyBbxtIipH6crVwTCgAKJpHzYqn+vQSRLy1zCVVy otTuPEp/aRgpnQ8Aw+AFMzeMj5nn3KCe8G3MlMowpxt394W6kxwBH9WwWINCSraJUV8p Pj/6F1u+ZlAPuohxkBNHGXjw1EgvO9xMysWeqVyJaAXVptR0oqTkhd3APm5INEFACsUF 5GWA== X-Received: by 10.180.160.226 with SMTP id xn2mr207088wib.43.1427480711055; Fri, 27 Mar 2015 11:25:11 -0700 (PDT) Received: from ?IPv6:2001:67c:370:160:f930:19ba:e7a2:81ec? ([2001:67c:370:160:f930:19ba:e7a2:81ec]) by mx.google.com with ESMTPSA id gj16sm3876464wic.24.2015.03.27.11.25.09 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 27 Mar 2015 11:25:10 -0700 (PDT) Message-ID: <5515A083.2030106@gmail.com> Date: Fri, 27 Mar 2015 11:25:07 -0700 From: Jouni Korhonen User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: =?UTF-8?B?SGVucmlrIFZpbGxmw7Zy?= References: <551393FF.1090700@gmail.com> In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Archived-At: Cc: dime@ietf.org Subject: Re: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Mar 2015 18:26:10 -0000 Hi, 3/27/2015, 1:02 AM, Henrik Villför kirjoitti: > Thank you Jouni, > I interpret your answer to say that from a standards and functional > point of view the Origin-realm and the domain part of the Origin-host > may differ but for (backward) compatibility reasons it is a good idea to > keep them the same. > > Correct? Yes'ish.. and to my best collective memory of Diameter it was never intended that these two would have non-overlapping domain parts. - Jouni > > Regards, > Henrik > > > > 2015-03-26 6:07 GMT+01:00 Jouni Korhonen >: > > Hi, > > 3/25/2015, 1:18 AM, Henrik Villför kirjoitti: > > Hi, > > a follow up on the question below. > > Is there anything in the base specification requiring the realm > in the > Origin-Realm AVP to be the same as the domain part of the > Origin-Host AVP? > > Would the following be allowed? > > Origin-Realm: realmexample.com > > Origin-Host: node.domainexample.com > > > Based on my reading of RFC6733 yes.. but when reading RFC3588 > no'ish. The subttle change between these two was: > > OLD: > DiameterIdentity = FQDN > NEW: > DiameterIdentity = FQDN/Realm > > And when reading the text on a DiameterIdentity a Diameter node > _should_ (ok.. the should is not must..) only use one > DiameterIdentity which means the FQDN in Origin-Host and > Origin-Realm should be the same.. > > Also, although none of the examples of Diameter host identities > in rfc > 6733 show an FQDN with a trailing dot it should be allowed, but > a realm > may not end in a dot. > > > AFAIR the FQDN first appeared in RFC1206.. none of the FQDN examples > use the trailing ".". Anyway, referring to RFC1034 and the "relative > names" it is stated that: > > -- > Relative names are either taken relative to a well known origin, or to a > list of domains used as a search list. Relative names appear mostly at > the user interface, where their interpretation varies from > implementation to implementation, and in master files, where they are > relative to a single origin domain name. The most common interpretation > uses the root "." as either the single origin or as one of the members > of the search list, so a multi-label relative name is often one where > the trailing dot has been omitted to save typing. > -- > > Thus it is expected that the resolver library (or equivalent) knows > when to add the missing "." e.g. when the domain name is supposed to > be a DiameterIdentity. > > So, this should be allowed: > > Origin-Host: node.domainexample.com . > > > Irrespective of my above rant, I agree. > > This should not be allowed: > > Origin-Realm: realmexample.com . > > > Agree (since the example shows a realm). > > - Jouni > > (Sorry about the ugly cut'n'paste. Just joined the list and > found the > recent post below in the archive.) > > Best Regards, > > Henrik Villför > > --------- > > Hi Lars, > > According to the base protocol, there is no such restriction. > When the > DiameterIdentity format is used to identify a Diameter node, the > only > requirement is that: > > * the DiameterIdentity value in Origin/Destination-Host AVP is > an FQDN. > > * there is at least one peer table in the realm identified by the > Origin/Destination-Realm AVP that contains the host identified > by the FQDN. > > So Example 2 is perfectly valid from a base protocol point of > view, as > long as there is at least one node in "example.com > " > with a transport connection with the peer > "node.site1.example.com > ". > > Now, some Diameter applications may have defined specific rules > regarding the format of realm/host identity, with explicit > restrictions/limitations. It is then required to check if there > is any > of these restrictions defined in the related specification. > > Regards, > > Lionel > > De : DiME [mailto:dime-bounces > > at ietf.org > > ] De la part de Lars Jørgen Lillehovde Envoyé : > dimanche 15 mars 2015 12:54 À : dime at ietf.org > Objet > : [Dime] Allowed host and realm naming for a diameter node > > Hi, > > I'm trying to clarify the allowed naming convension for the host and > realm of a diameter node. This relates to the values used in the > Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code > 296). I've > reviewed the Diameter RFCs and cannot find a definitive answer > to this > issue. > > The reason for asking this question is that I'm in discussion with a > vendor of a Diameter Routing Agent (DRA) which claims that the > host of a > diameter node has to be in the format host.realm. > > (1) Example of the only allowed format according to the vendor: > > Origin-Realm: example.com > > Origin-Host: node.example.com > > > I want to clarify if multiple subdomains are allowed to be added > in the > host without being present in the realm. > > (2) Example: > > Origin-Realm: example.com > > Origin-Host: node.site1.example.com > > > According to the vendor, the example 2 is not allowed. To have > the host > as in example 2, the realm will have to be site1.example.com > > . > > Could someone please clarify this naming issue or point me to the > standard where this is defined. > > Thank you. > > Best regards, > > Lars J. Lillehovde > > _________________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc pas etre > diffuses, > exploites ou copies sans autorisation. Si vous avez recu ce > message par > erreur, veuillez le signaler a l'expediteur et le detruire ainsi > que les > pieces jointes. Les messages electroniques etant susceptibles > d'alteration, Orange decline toute responsabilite si ce message > a ete > altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or > privileged > information that may be protected by law; they should not be > distributed, used or copied without authorisation. > > If you have received this email in error, please notify the > sender and > delete this message and its attachments. > > As emails may be altered, Orange is not liable for messages that > have > been modified, changed or falsified. > > Thank you. > > > > _________________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/__listinfo/dime > > > From nobody Fri Mar 27 12:09:44 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BF221A88FA for ; Fri, 27 Mar 2015 12:09:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.121 X-Spam-Level: X-Spam-Status: No, score=-1.121 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6XPJ2jNd-k3y for ; Fri, 27 Mar 2015 12:09:40 -0700 (PDT) Received: from biz131.inmotionhosting.com (biz131.inmotionhosting.com [173.247.247.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E30DA1A88EC for ; Fri, 27 Mar 2015 12:09:40 -0700 (PDT) Received: from cpe-76-183-208-111.tx.res.rr.com ([76.183.208.111]:50813 helo=Steves-MacBook-Air.local) by biz131.inmotionhosting.com with esmtpsa (UNKNOWN:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1YbZdR-0003Kx-R7; Fri, 27 Mar 2015 12:09:39 -0700 Message-ID: <5515AAF0.8020502@usdonovans.com> Date: Fri, 27 Mar 2015 14:09:36 -0500 From: Steve Donovan User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Jouni Korhonen , dime@ietf.org References: <20150126150303.15610.1562.idtracker@ietfa.amsl.com> <5511D1AA.40804@usdonovans.com> <55138C07.2070007@gmail.com> In-Reply-To: <55138C07.2070007@gmail.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - biz131.inmotionhosting.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - usdonovans.com X-Get-Message-Sender-Via: biz131.inmotionhosting.com: authenticated_id: srd+usdonovans.com/only user confirmed/virtual account not confirmed Archived-At: Subject: Re: [Dime] I-D Action: draft-ietf-dime-e2e-sec-req-02.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Mar 2015 19:09:42 -0000 On 3/25/15 11:33 PM, Jouni Korhonen wrote: > Steve, > > See inline.. > > 3/24/2015, 2:05 PM, Steve Donovan kirjoitti: >> A few comments on this document. >> >> I would suggest adding the following requirement -- The solution MUST >> ensure that routing AVPs are always sent in the clear. > > By routing AVPs you refer to Router-Record and Proxy-Info as per > RFC6733, right? In that case I do not see a reason for the "are always > sent in the clear". SRD> No, I mean Destination-Host, Destination-Realm, Origin-Host and Origin-Realm. > >> Requirement 5 does indicate that not all AVPs are covered by the " >> cryptographic protection". I think it would be better to be clear that >> there is a set of AVPs that MUST NOT be encrypted. > > OK. > >> In addition, the following requirement might be useful -- The solution >> MUST support the ability to identify other non routing AVPs that must >> always be sent in the clear. > > I would assume the knowledge which AVPs are ciphered is up to a local > policy. If the policy is wrong, the receiver or intermediates will > reply with an error. SRD> That makes sense. My reason for bringing this up is to make sure that the solution allows for these AVPs being sent in the clear. It won't work to arbitrarily encrypt all AVPs or even chunks of AVPs. > > - Jouni > >> This would be to cover overload, load, message priority and other AVPs >> that need to be accessible by all nodes in the path of a transaction. >> >> Regards, >> >> Steve >> >> On 1/26/15 9:03 AM, internet-drafts@ietf.org wrote: >>> A New Internet-Draft is available from the on-line Internet-Drafts >>> directories. >>> This draft is a work item of the Diameter Maintenance and >>> Extensions Working Group of the IETF. >>> >>> Title : Diameter AVP Level Security End-to-End >>> Security: Scenarios and Requirements >>> Authors : Hannes Tschofenig >>> Jouni Korhonen >>> Glen Zorn >>> Kervin Pillay >>> Filename : draft-ietf-dime-e2e-sec-req-02.txt >>> Pages : 9 >>> Date : 2015-01-26 >>> >>> Abstract: >>> This specification discusses requirements for providing Diameter >>> security at the level of individual Attribute Value Pairs. >>> >>> >>> The IETF datatracker status page for this draft is: >>> https://datatracker.ietf.org/doc/draft-ietf-dime-e2e-sec-req/ >>> >>> There's also a htmlized version available at: >>> http://tools.ietf.org/html/draft-ietf-dime-e2e-sec-req-02 >>> >>> A diff from the previous version is available at: >>> http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-e2e-sec-req-02 >>> >>> >>> Please note that it may take a couple of minutes from the time of >>> submission >>> until the htmlized version and diff are available at tools.ietf.org. >>> >>> Internet-Drafts are also available by anonymous FTP at: >>> ftp://ftp.ietf.org/internet-drafts/ >>> >>> _______________________________________________ >>> DiME mailing list >>> DiME@ietf.org >>> https://www.ietf.org/mailman/listinfo/dime >>> >> >> >> >> _______________________________________________ >> DiME mailing list >> DiME@ietf.org >> https://www.ietf.org/mailman/listinfo/dime >> > From nobody Fri Mar 27 14:40:27 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E41E91B2B0D for ; Fri, 27 Mar 2015 14:40:26 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ah93WaY53m5j for ; Fri, 27 Mar 2015 14:40:25 -0700 (PDT) Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com [IPv6:2607:f8b0:4003:c06::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EED1F1B2B0B for ; Fri, 27 Mar 2015 14:40:24 -0700 (PDT) Received: by oicf142 with SMTP id f142so77911988oic.3 for ; Fri, 27 Mar 2015 14:40:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=1ELrXvv/sZXT6F9A8dv7fjPZIT6BpsjfYN2fSjCzhXc=; b=P71/ErHs8Z+zDwy09FZdpu2XuyBkdP4IoDVcjbq2yrZ8LHEAF/efrMiEqlCSeRGueZ jq+uOiVWXG9GoGvYJQuIFafpDQ2xK2tH2XHtpha1ycIgLLrEQwPunZg3WIlfW9/qg1dz a/xaWVf84mu59p/wIB60civRqGfHAvugd4T+chkwZ18OVi2L9Vxn/Pw4bBkmTFOwBjam ibjd5mxYBFgwYmVUSOck26R4y2C3bKCHnhiX1DHGA1rL3jT6yePQF/kE3ELUlr9k7Acn WLWzB7FRxSWaEUcDrmpn0cbImZJH2RZC9I1hS8JWRUNwBuDHNTWX5pJ5en6C6mDVgUE2 oRow== X-Received: by 10.202.64.9 with SMTP id n9mr16783775oia.20.1427492424436; Fri, 27 Mar 2015 14:40:24 -0700 (PDT) Received: from [10.127.115.218] ([166.177.122.97]) by mx.google.com with ESMTPSA id s206sm1708452oia.27.2015.03.27.14.40.22 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 27 Mar 2015 14:40:23 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) From: "Jouni.nosmap" X-Mailer: iPhone Mail (12D508) In-Reply-To: <5515AAF0.8020502@usdonovans.com> Date: Fri, 27 Mar 2015 16:40:21 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <40F74E87-BC08-4822-A29E-3D2BE026BF6C@gmail.com> References: <20150126150303.15610.1562.idtracker@ietfa.amsl.com> <5511D1AA.40804@usdonovans.com> <55138C07.2070007@gmail.com> <5515AAF0.8020502@usdonovans.com> To: Steve Donovan Archived-At: Cc: "dime@ietf.org" Subject: Re: [Dime] I-D Action: draft-ietf-dime-e2e-sec-req-02.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Mar 2015 21:40:27 -0000 Hi Steve, Inline.. Sent from a smart phone.. Mind the typos.. > Steve Donovan kirjoitti 27.3.2015 kello 14.09: >=20 >=20 >=20 >> On 3/25/15 11:33 PM, Jouni Korhonen wrote: >> Steve, >>=20 >> See inline.. >>=20 >> 3/24/2015, 2:05 PM, Steve Donovan kirjoitti: >>> A few comments on this document. >>>=20 >>> I would suggest adding the following requirement -- The solution MUST >>> ensure that routing AVPs are always sent in the clear. >>=20 >> By routing AVPs you refer to Router-Record and Proxy-Info as per RFC6733,= right? In that case I do not see a reason for the "are always sent in the c= lear". > SRD> No, I mean Destination-Host, Destination-Realm, Origin-Host and Origi= n-Realm. Ok. Makes sense. However, integrity protecting above AVP should still be fin= e and allowed. At least the Origin-* AVPs.=20 >>=20 >>> Requirement 5 does indicate that not all AVPs are covered by the " >>> cryptographic protection". I think it would be better to be clear that >>> there is a set of AVPs that MUST NOT be encrypted. >>=20 >> OK. >>=20 >>> In addition, the following requirement might be useful -- The solution >>> MUST support the ability to identify other non routing AVPs that must >>> always be sent in the clear. >>=20 >> I would assume the knowledge which AVPs are ciphered is up to a local pol= icy. If the policy is wrong, the receiver or intermediates will reply with a= n error. > SRD> That makes sense. My reason for bringing this up is to make sure tha= t the solution allows for these AVPs being sent in the clear. It won't work= to arbitrarily encrypt all AVPs or even chunks of AVPs. That was never the intention. We better clarify it if the text was not clear= about that... Or there was no such text at all.=20 - jouni >>=20 >> - Jouni >>=20 >>> This would be to cover overload, load, message priority and other AVPs >>> that need to be accessible by all nodes in the path of a transaction. >>>=20 >>> Regards, >>>=20 >>> Steve >>>=20 >>>> On 1/26/15 9:03 AM, internet-drafts@ietf.org wrote: >>>> A New Internet-Draft is available from the on-line Internet-Drafts dire= ctories. >>>> This draft is a work item of the Diameter Maintenance and Extensions W= orking Group of the IETF. >>>>=20 >>>> Title : Diameter AVP Level Security End-to-End Securi= ty: Scenarios and Requirements >>>> Authors : Hannes Tschofenig >>>> Jouni Korhonen >>>> Glen Zorn >>>> Kervin Pillay >>>> Filename : draft-ietf-dime-e2e-sec-req-02.txt >>>> Pages : 9 >>>> Date : 2015-01-26 >>>>=20 >>>> Abstract: >>>> This specification discusses requirements for providing Diameter >>>> security at the level of individual Attribute Value Pairs. >>>>=20 >>>>=20 >>>> The IETF datatracker status page for this draft is: >>>> https://datatracker.ietf.org/doc/draft-ietf-dime-e2e-sec-req/ >>>>=20 >>>> There's also a htmlized version available at: >>>> http://tools.ietf.org/html/draft-ietf-dime-e2e-sec-req-02 >>>>=20 >>>> A diff from the previous version is available at: >>>> http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-dime-e2e-sec-req-02 >>>>=20 >>>>=20 >>>> Please note that it may take a couple of minutes from the time of submi= ssion >>>> until the htmlized version and diff are available at tools.ietf.org. >>>>=20 >>>> Internet-Drafts are also available by anonymous FTP at: >>>> ftp://ftp.ietf.org/internet-drafts/ >>>>=20 >>>> _______________________________________________ >>>> DiME mailing list >>>> DiME@ietf.org >>>> https://www.ietf.org/mailman/listinfo/dime >>>=20 >>>=20 >>>=20 >>> _______________________________________________ >>> DiME mailing list >>> DiME@ietf.org >>> https://www.ietf.org/mailman/listinfo/dime >=20 From nobody Mon Mar 30 00:08:59 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 497BA1A90F7 for ; Mon, 30 Mar 2015 00:08:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.268 X-Spam-Level: ** X-Spam-Status: No, score=2.268 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JrZGHenPy1CB for ; Mon, 30 Mar 2015 00:08:56 -0700 (PDT) Received: from mx1.cboss.ru (mx1.cboss.ru [195.245.232.31]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0DDBE1A90F5 for ; Mon, 30 Mar 2015 00:08:55 -0700 (PDT) Received: from z102737.int.cboss.ru (z102737.int.cboss.ru [10.1.200.15]) by mx1.cboss.ru (8.13.8/8.13.8) with ESMTP id t2U78qaS000461 for ; Mon, 30 Mar 2015 10:08:52 +0300 Received: from MAILSRV3.int.cboss.ru (unverified) by z102737.int.cboss.ru (Content Technologies SMTPRS 4.3.12) with ESMTP id for ; Mon, 30 Mar 2015 11:08:52 +0300 Received: from [127.0.0.1] ([10.3.35.4]) by MAILSRV3.int.cboss.ru with Microsoft SMTPSVC(6.0.3790.4675); Mon, 30 Mar 2015 10:08:51 +0300 Message-ID: <5518F682.7020505@cboss.ru> Date: Mon, 30 Mar 2015 10:08:50 +0300 From: Iliya Peregoudov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: dime@ietf.org References: <551393FF.1090700@gmail.com> <5515A083.2030106@gmail.com> In-Reply-To: <5515A083.2030106@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-OriginalArrivalTime: 30 Mar 2015 07:08:51.0876 (UTC) FILETIME=[60782E40:01D06AB8] X-Antivirus: Dr.Web (R) for Mail Servers on mx1.cboss.ru host X-Antivirus-Code: 100000 Archived-At: Subject: Re: [Dime] realm vs domain X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Mar 2015 07:08:58 -0000 On 27.03.2015 21:25, Jouni Korhonen wrote: > Hi, > > 3/27/2015, 1:02 AM, Henrik Villför kirjoitti: >> Thank you Jouni, >> I interpret your answer to say that from a standards and functional >> point of view the Origin-realm and the domain part of the Origin-host >> may differ but for (backward) compatibility reasons it is a good idea to >> keep them the same. >> >> Correct? > > Yes'ish.. and to my best collective memory of Diameter it was never > intended that these two would have non-overlapping domain parts. According to Base Diameter requests are routed by Destination-Realm and application. Destination-Host is not used in routing. Destination-Host is only used in "last hop" forwarding, when peer is selected by Destination-Host. So I think for Destination-Host it is sufficient to be unique within destination realm. What do you think about "loopback host identity" technique? I mean identity that is not announced in capability exchange with peers, but used by Diameter applications. For example two Diameter nodes that announce "ocs1" and "ocs2" host identities to peers, but use single "ocs" host identity in credit-control application. (Of course such Diameter nodes should use shared backend database that will store all session-level application state.) Does it contradicts with Base Diameter and/or credit-control application? I don't think so. What do you think? This technique can be directly compared with IP anycast technique. From nobody Tue Mar 31 10:41:11 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72C241A3B9C for ; Tue, 31 Mar 2015 10:41:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.699 X-Spam-Level: X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gi3KM-Zxh95T for ; Tue, 31 Mar 2015 10:41:08 -0700 (PDT) Received: from relais-inet.francetelecom.com (relais-ias91.francetelecom.com [193.251.215.91]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6EDD1A1F02 for ; Tue, 31 Mar 2015 10:41:07 -0700 (PDT) Received: from omfedm07.si.francetelecom.fr (unknown [xx.xx.xx.3]) by omfedm12.si.francetelecom.fr (ESMTP service) with ESMTP id A1B4118C216; Tue, 31 Mar 2015 19:41:06 +0200 (CEST) Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.183]) by omfedm07.si.francetelecom.fr (ESMTP service) with ESMTP id 80D084C09E; Tue, 31 Mar 2015 19:41:06 +0200 (CEST) Received: from PEXCVZYM13.corporate.adroot.infra.ftgroup ([fe80::cc7e:e40b:42ef:164e]) by PEXCVZYH02.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0224.002; Tue, 31 Mar 2015 19:41:06 +0200 From: To: Jouni Korhonen , =?iso-8859-1?Q?Henrik_Villf=F6r?= , "dime@ietf.org" Thread-Topic: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) Thread-Index: AQHQZtVXo3E0+Y3Toky225tf8HpvuZ0uJwCAgAi7fKA= Date: Tue, 31 Mar 2015 17:41:05 +0000 Message-ID: <25531_1427823666_551ADC32_25531_3828_1_6B7134B31289DC4FAF731D844122B36EEF739B@PEXCVZYM13.corporate.adroot.infra.ftgroup> References: <551393FF.1090700@gmail.com> In-Reply-To: <551393FF.1090700@gmail.com> Accept-Language: fr-FR, en-US Content-Language: fr-FR X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.197.38.6] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-PMX-Version: 6.2.1.2478543, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.3.31.153318 Archived-At: Subject: Re: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2015 17:41:10 -0000 Hi, Please see below. Lionel -----Message d'origine----- De=A0: DiME [mailto:dime-bounces@ietf.org] De la part de Jouni Korhonen Envoy=E9=A0: jeudi 26 mars 2015 06:07 =C0=A0: Henrik Villf=F6r; dime@ietf.org Objet=A0: Re: [Dime] realm vs domain (was: Allowed host and realm naming fo= r a diameter node) Hi, 3/25/2015, 1:18 AM, Henrik Villf=F6r kirjoitti: > Hi, > > a follow up on the question below. > > Is there anything in the base specification requiring the realm in the=20 > Origin-Realm AVP to be the same as the domain part of the Origin-Host AVP? > > Would the following be allowed? > > Origin-Realm: realmexample.com > > Origin-Host: node.domainexample.com Based on my reading of RFC6733 yes.. but when reading RFC3588 no'ish.=20 The subttle change between these two was: OLD: DiameterIdentity =3D FQDN NEW: DiameterIdentity =3D FQDN/Realm And when reading the text on a DiameterIdentity a Diameter node _should_ (o= k.. the should is not must..) only use one DiameterIdentity which means the= FQDN in Origin-Host and Origin-Realm should be the same.. =20 [LM]> not sure to understand what the text above means. In RFC3588, the def= inition in sect 4.3 was clearly an error as the text in sect 6.4 sect 6.6 w= as already saying that: The Origin-Realm AVP (AVP Code 296) is of type DiameterIdentity. This AVP contains the Realm of the originator of any Diameter message and MUST be present in all messages. The Destination-Realm AVP (AVP Code 283) is of type DiameterIdentity, and contains the realm the message is to be routed to. [LM]> So a DiameterIdentity was meant to be either an FQDN or a Realm, depe= nding of its use as x-Host or x-Realm AVP value. If someone was implementin= g the Diameter identity of a realm as an FQDN, it would be an error. And th= is was fixed with RFC6733. > Also, although none of the examples of Diameter host identities in rfc > 6733 show an FQDN with a trailing dot it should be allowed, but a=20 > realm may not end in a dot. AFAIR the FQDN first appeared in RFC1206.. none of the FQDN examples use th= e trailing ".". Anyway, referring to RFC1034 and the "relative names"=20 it is stated that: -- Relative names are either taken relative to a well known origin, or to a li= st of domains used as a search list. Relative names appear mostly at the u= ser interface, where their interpretation varies from implementation to imp= lementation, and in master files, where they are relative to a single origi= n domain name. The most common interpretation uses the root "." as either = the single origin or as one of the members of the search list, so a multi-l= abel relative name is often one where the trailing dot has been omitted to = save typing. -- Thus it is expected that the resolver library (or equivalent) knows when to= add the missing "." e.g. when the domain name is supposed to be a Diameter= Identity. > So, this should be allowed: > > Origin-Host: node.domainexample.com. Irrespective of my above rant, I agree. > This should not be allowed: > > Origin-Realm: realmexample.com. Agree (since the example shows a realm). - Jouni > (Sorry about the ugly cut'n'paste. Just joined the list and found the=20 > recent post below in the archive.) > > Best Regards, > > Henrik Villf=F6r > > --------- > > Hi Lars, > > According to the base protocol, there is no such restriction. When the=20 > DiameterIdentity format is used to identify a Diameter node, the only=20 > requirement is that: > > * the DiameterIdentity value in Origin/Destination-Host AVP is an FQDN. > > * there is at least one peer table in the realm identified by the=20 > Origin/Destination-Realm AVP that contains the host identified by the FQ= DN. > > So Example 2 is perfectly valid from a base protocol point of view, as=20 > long as there is at least one node in "example.com " > with a transport connection with the peer "node.site1.example.com=20 > ". > > Now, some Diameter applications may have defined specific rules=20 > regarding the format of realm/host identity, with explicit=20 > restrictions/limitations. It is then required to check if there is any=20 > of these restrictions defined in the related specification. > > Regards, > > Lionel > > De : DiME [mailto:dime-bounces at ietf.org=20 > ] De la part de Lars J=F8rgen Lillehovde Envoy=E9 : > dimanche 15 mars 2015 12:54 =C0 : dime at ietf.org =20 > Objet > : [Dime] Allowed host and realm naming for a diameter node > > Hi, > > I'm trying to clarify the allowed naming convension for the host and=20 > realm of a diameter node. This relates to the values used in the=20 > Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296).=20 > I've reviewed the Diameter RFCs and cannot find a definitive answer to=20 > this issue. > > The reason for asking this question is that I'm in discussion with a=20 > vendor of a Diameter Routing Agent (DRA) which claims that the host of=20 > a diameter node has to be in the format host.realm. > > (1) Example of the only allowed format according to the vendor: > > Origin-Realm: example.com > > Origin-Host: node.example.com > > I want to clarify if multiple subdomains are allowed to be added in=20 > the host without being present in the realm. > > (2) Example: > > Origin-Realm: example.com > > Origin-Host: node.site1.example.com > > According to the vendor, the example 2 is not allowed. To have the=20 > host as in example 2, the realm will have to be site1.example.com=20 > . > > Could someone please clarify this naming issue or point me to the=20 > standard where this is defined. > > Thank you. > > Best regards, > > Lars J. Lillehovde > > ______________________________________________________________________ > ___________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations=20 > confidentielles ou privilegiees et ne doivent donc pas etre diffuses,=20 > exploites ou copies sans autorisation. Si vous avez recu ce message=20 > par erreur, veuillez le signaler a l'expediteur et le detruire ainsi=20 > que les pieces jointes. Les messages electroniques etant susceptibles=20 > d'alteration, Orange decline toute responsabilite si ce message a ete=20 > altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or=20 > privileged information that may be protected by law; they should not=20 > be distributed, used or copied without authorisation. > > If you have received this email in error, please notify the sender and=20 > delete this message and its attachments. > > As emails may be altered, Orange is not liable for messages that have=20 > been modified, changed or falsified. > > Thank you. > > > > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime > _______________________________________________ DiME mailing list DiME@ietf.org https://www.ietf.org/mailman/listinfo/dime ___________________________________________________________________________= ______________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confiden= tielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu= ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages el= ectroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou = falsifie. Merci. This message and its attachments may contain confidential or privileged inf= ormation that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and dele= te this message and its attachments. As emails may be altered, Orange is not liable for messages that have been = modified, changed or falsified. Thank you. From nobody Tue Mar 31 10:49:22 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CFBA1A7028 for ; Tue, 31 Mar 2015 10:49:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.699 X-Spam-Level: X-Spam-Status: No, score=-0.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, J_CHICKENPOX_45=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UsDAireS5vmO for ; Tue, 31 Mar 2015 10:49:19 -0700 (PDT) Received: from relais-inet.francetelecom.com (relais-ias243.francetelecom.com [80.12.204.243]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1C011A7004 for ; Tue, 31 Mar 2015 10:49:15 -0700 (PDT) Received: from omfeda05.si.francetelecom.fr (unknown [xx.xx.xx.198]) by omfeda10.si.francetelecom.fr (ESMTP service) with ESMTP id 786E937432F; Tue, 31 Mar 2015 19:49:14 +0200 (CEST) Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.186]) by omfeda05.si.francetelecom.fr (ESMTP service) with ESMTP id 5C9DE1800CD; Tue, 31 Mar 2015 19:49:14 +0200 (CEST) Received: from PEXCVZYM13.corporate.adroot.infra.ftgroup ([fe80::cc7e:e40b:42ef:164e]) by PEXCVZYH01.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0224.002; Tue, 31 Mar 2015 19:49:14 +0200 From: To: Jouni Korhonen , =?utf-8?B?SGVucmlrIFZpbGxmw7Zy?= Thread-Topic: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) Thread-Index: AQHQZtVXo3E0+Y3Toky225tf8HpvuZ0uJwCAgAHDMoCAAK4TgIAGTdVw Date: Tue, 31 Mar 2015 17:49:13 +0000 Message-ID: <5082_1427824154_551ADE1A_5082_12514_1_6B7134B31289DC4FAF731D844122B36EEF7464@PEXCVZYM13.corporate.adroot.infra.ftgroup> References: <551393FF.1090700@gmail.com> <5515A083.2030106@gmail.com> In-Reply-To: <5515A083.2030106@gmail.com> Accept-Language: fr-FR, en-US Content-Language: fr-FR X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.197.38.6] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-PMX-Version: 6.2.1.2478543, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.3.31.173618 Archived-At: Cc: "dime@ietf.org" Subject: Re: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2015 17:49:21 -0000 SGksDQoNCkFzIHNhaWQgaW4gYW5vdGhlciBtYWlsLCBmcm9tIG15IHVuZGVyc3RhbmRpbmcsIGF0 IHRoZSBwcm90b2NvbCBsZXZlbCwgdGhlIG9ubHkgcmVzdHJpY3Rpb24gaXMgdGhhdCB0aGUgeC1I b3N0IEFWUCB1bmlxdWVseSBpZGVudGlmaWVzIGEgcGVlciBpbiB0aGUgcGVlciB0YWJsZSBvZiBh IG5vZGUgb2YgdGhlIHJlYWxtIGlkZW50aWZpZWQgYnkgdGhlIHgtUmVhbG0gQVZQLg0KRnJvbSBh biBvcGVyYXRpb25hbCBwb2ludCBvZiB2aWV3LCBpdCBpcyBtb3JlIHRoYW4gbGlrZWx5IHRoYXQg dGhlIEZRRE4gd2lsbCBiZSBwYXJ0IG9mIHRoZSByZWFsbSBpZGVudGlmaWVkIGluIHRoZSB4LVJl YWxtIEFWUC4gQnV0IHRoaXMgaXMgbm90IGRlZW1lZCBtYW5kYXRvcnkgdG8gZW5zdXJlIGEgc3Vj Y2Vzc2Z1bCByZXF1ZXN0IHJvdXRpbmcsIGFzIGxvbmcgYXMgdGhlcmUgaXMgYXQgbGVhc3Qgb25l IHBlZXIgaW4gdGhlIGdpdmVuIHJlYWxtIGFzIHRyYW5zcG9ydCBjb25uZWN0aW9uIG9wZW4gd2l0 aCB0aGUgcGVlciBpZGVudGlmaWVkIGluIHRoZSB4LUhvc3QgQVZQIHdoYXRldmVyIHRoZSByZWFs bSBpdCBiZWxvbmdzIHRvLg0KDQpBbmQgdGhlcmUgaXMgbm8gY29tcGF0aWJsZSBpc3N1ZSBoZXJl IGZyb20gbXkgcG9pbnQgb2Ygdmlldy4NCg0KcmVnYXJkcywNCg0KTGlvbmVsDQoNCi0tLS0tTWVz c2FnZSBkJ29yaWdpbmUtLS0tLQ0KRGXCoDogRGlNRSBbbWFpbHRvOmRpbWUtYm91bmNlc0BpZXRm Lm9yZ10gRGUgbGEgcGFydCBkZSBKb3VuaSBLb3Job25lbg0KRW52b3nDqcKgOiB2ZW5kcmVkaSAy NyBtYXJzIDIwMTUgMTk6MjUNCsOAwqA6IEhlbnJpayBWaWxsZsO2cg0KQ2PCoDogZGltZUBpZXRm Lm9yZw0KT2JqZXTCoDogUmU6IFtEaW1lXSByZWFsbSB2cyBkb21haW4gKHdhczogQWxsb3dlZCBo b3N0IGFuZCByZWFsbSBuYW1pbmcgZm9yIGEgZGlhbWV0ZXIgbm9kZSkNCg0KSGksDQoNCjMvMjcv MjAxNSwgMTowMiBBTSwgSGVucmlrIFZpbGxmw7ZyIGtpcmpvaXR0aToNCj4gVGhhbmsgeW91IEpv dW5pLA0KPiBJIGludGVycHJldCB5b3VyIGFuc3dlciB0byBzYXkgdGhhdCBmcm9tIGEgc3RhbmRh cmRzIGFuZCBmdW5jdGlvbmFsIA0KPiBwb2ludCBvZiB2aWV3IHRoZSBPcmlnaW4tcmVhbG0gYW5k IHRoZSBkb21haW4gcGFydCBvZiB0aGUgT3JpZ2luLWhvc3QgDQo+IG1heSBkaWZmZXIgYnV0IGZv ciAoYmFja3dhcmQpIGNvbXBhdGliaWxpdHkgcmVhc29ucyBpdCBpcyBhIGdvb2QgaWRlYSANCj4g dG8ga2VlcCB0aGVtIHRoZSBzYW1lLg0KPg0KPiBDb3JyZWN0Pw0KDQpZZXMnaXNoLi4gYW5kIHRv IG15IGJlc3QgY29sbGVjdGl2ZSBtZW1vcnkgb2YgRGlhbWV0ZXIgaXQgd2FzIG5ldmVyIGludGVu ZGVkIHRoYXQgdGhlc2UgdHdvIHdvdWxkIGhhdmUgbm9uLW92ZXJsYXBwaW5nIGRvbWFpbiBwYXJ0 cy4NCg0KLSBKb3VuaQ0KDQo+DQo+IFJlZ2FyZHMsDQo+IEhlbnJpaw0KPg0KPg0KPg0KPiAyMDE1 LTAzLTI2IDY6MDcgR01UKzAxOjAwIEpvdW5pIEtvcmhvbmVuIDxqb3VuaS5ub3NwYW1AZ21haWwu Y29tDQo+IDxtYWlsdG86am91bmkubm9zcGFtQGdtYWlsLmNvbT4+Og0KPg0KPiAgICAgSGksDQo+ DQo+ICAgICAzLzI1LzIwMTUsIDE6MTggQU0sIEhlbnJpayBWaWxsZsO2ciBraXJqb2l0dGk6DQo+ DQo+ICAgICAgICAgSGksDQo+DQo+ICAgICAgICAgICAgIGEgZm9sbG93IHVwIG9uIHRoZSBxdWVz dGlvbiBiZWxvdy4NCj4NCj4gICAgICAgICBJcyB0aGVyZSBhbnl0aGluZyBpbiB0aGUgYmFzZSBz cGVjaWZpY2F0aW9uIHJlcXVpcmluZyB0aGUgcmVhbG0NCj4gICAgICAgICBpbiB0aGUNCj4gICAg ICAgICBPcmlnaW4tUmVhbG0gQVZQIHRvIGJlIHRoZSBzYW1lIGFzIHRoZSBkb21haW4gcGFydCBv ZiB0aGUNCj4gICAgICAgICBPcmlnaW4tSG9zdCBBVlA/DQo+DQo+ICAgICAgICAgV291bGQgdGhl IGZvbGxvd2luZyBiZSBhbGxvd2VkPw0KPg0KPiAgICAgICAgIE9yaWdpbi1SZWFsbTogcmVhbG1l eGFtcGxlLmNvbSA8aHR0cDovL3JlYWxtZXhhbXBsZS5jb20+DQo+DQo+ICAgICAgICAgT3JpZ2lu LUhvc3Q6IG5vZGUuZG9tYWluZXhhbXBsZS5jb20gDQo+IDxodHRwOi8vbm9kZS5kb21haW5leGFt cGxlLmNvbT4NCj4NCj4NCj4gICAgIEJhc2VkIG9uIG15IHJlYWRpbmcgb2YgUkZDNjczMyB5ZXMu LiBidXQgd2hlbiByZWFkaW5nIFJGQzM1ODgNCj4gICAgIG5vJ2lzaC4gVGhlIHN1YnR0bGUgY2hh bmdlIGJldHdlZW4gdGhlc2UgdHdvIHdhczoNCj4NCj4gICAgIE9MRDoNCj4gICAgICAgIERpYW1l dGVySWRlbnRpdHkgID0gRlFETg0KPiAgICAgTkVXOg0KPiAgICAgICAgRGlhbWV0ZXJJZGVudGl0 eSAgPSBGUUROL1JlYWxtDQo+DQo+ICAgICBBbmQgd2hlbiByZWFkaW5nIHRoZSB0ZXh0IG9uIGEg RGlhbWV0ZXJJZGVudGl0eSBhIERpYW1ldGVyIG5vZGUNCj4gICAgIF9zaG91bGRfIChvay4uIHRo ZSBzaG91bGQgaXMgbm90IG11c3QuLikgb25seSB1c2Ugb25lDQo+ICAgICBEaWFtZXRlcklkZW50 aXR5IHdoaWNoIG1lYW5zIHRoZSBGUUROIGluIE9yaWdpbi1Ib3N0IGFuZA0KPiAgICAgT3JpZ2lu LVJlYWxtIHNob3VsZCBiZSB0aGUgc2FtZS4uDQo+DQo+ICAgICAgICAgQWxzbywgYWx0aG91Z2gg bm9uZSBvZiB0aGUgZXhhbXBsZXMgb2YgRGlhbWV0ZXIgaG9zdCBpZGVudGl0aWVzDQo+ICAgICAg ICAgaW4gcmZjDQo+ICAgICAgICAgNjczMyBzaG93IGFuIEZRRE4gd2l0aCBhIHRyYWlsaW5nIGRv dCBpdCBzaG91bGQgYmUgYWxsb3dlZCwgYnV0DQo+ICAgICAgICAgYSByZWFsbQ0KPiAgICAgICAg IG1heSBub3QgZW5kIGluIGEgZG90Lg0KPg0KPg0KPiAgICAgQUZBSVIgdGhlIEZRRE4gZmlyc3Qg YXBwZWFyZWQgaW4gUkZDMTIwNi4uIG5vbmUgb2YgdGhlIEZRRE4gZXhhbXBsZXMNCj4gICAgIHVz ZSB0aGUgdHJhaWxpbmcgIi4iLiBBbnl3YXksIHJlZmVycmluZyB0byBSRkMxMDM0IGFuZCB0aGUg InJlbGF0aXZlDQo+ICAgICBuYW1lcyIgaXQgaXMgc3RhdGVkIHRoYXQ6DQo+DQo+ICAgICAtLQ0K PiAgICAgUmVsYXRpdmUgbmFtZXMgYXJlIGVpdGhlciB0YWtlbiByZWxhdGl2ZSB0byBhIHdlbGwg a25vd24gb3JpZ2luLCBvciB0byBhDQo+ICAgICBsaXN0IG9mIGRvbWFpbnMgdXNlZCBhcyBhIHNl YXJjaCBsaXN0LiAgUmVsYXRpdmUgbmFtZXMgYXBwZWFyIG1vc3RseSBhdA0KPiAgICAgdGhlIHVz ZXIgaW50ZXJmYWNlLCB3aGVyZSB0aGVpciBpbnRlcnByZXRhdGlvbiB2YXJpZXMgZnJvbQ0KPiAg ICAgaW1wbGVtZW50YXRpb24gdG8gaW1wbGVtZW50YXRpb24sIGFuZCBpbiBtYXN0ZXIgZmlsZXMs IHdoZXJlIHRoZXkgYXJlDQo+ICAgICByZWxhdGl2ZSB0byBhIHNpbmdsZSBvcmlnaW4gZG9tYWlu IG5hbWUuICBUaGUgbW9zdCBjb21tb24gaW50ZXJwcmV0YXRpb24NCj4gICAgIHVzZXMgdGhlIHJv b3QgIi4iIGFzIGVpdGhlciB0aGUgc2luZ2xlIG9yaWdpbiBvciBhcyBvbmUgb2YgdGhlIG1lbWJl cnMNCj4gICAgIG9mIHRoZSBzZWFyY2ggbGlzdCwgc28gYSBtdWx0aS1sYWJlbCByZWxhdGl2ZSBu YW1lIGlzIG9mdGVuIG9uZSB3aGVyZQ0KPiAgICAgdGhlIHRyYWlsaW5nIGRvdCBoYXMgYmVlbiBv bWl0dGVkIHRvIHNhdmUgdHlwaW5nLg0KPiAgICAgLS0NCj4NCj4gICAgIFRodXMgaXQgaXMgZXhw ZWN0ZWQgdGhhdCB0aGUgcmVzb2x2ZXIgbGlicmFyeSAob3IgZXF1aXZhbGVudCkga25vd3MNCj4g ICAgIHdoZW4gdG8gYWRkIHRoZSBtaXNzaW5nICIuIiBlLmcuIHdoZW4gdGhlIGRvbWFpbiBuYW1l IGlzIHN1cHBvc2VkIHRvDQo+ICAgICBiZSBhIERpYW1ldGVySWRlbnRpdHkuDQo+DQo+ICAgICAg ICAgU28sIHRoaXMgc2hvdWxkIGJlIGFsbG93ZWQ6DQo+DQo+ICAgICAgICAgT3JpZ2luLUhvc3Q6 IG5vZGUuZG9tYWluZXhhbXBsZS5jb20gPGh0dHA6Ly9ub2RlLmRvbWFpbmV4YW1wbGUuY29tPi4N Cj4NCj4NCj4gICAgIElycmVzcGVjdGl2ZSBvZiBteSBhYm92ZSByYW50LCBJIGFncmVlLg0KPg0K PiAgICAgICAgIFRoaXMgc2hvdWxkIG5vdCBiZSBhbGxvd2VkOg0KPg0KPiAgICAgICAgIE9yaWdp bi1SZWFsbTogcmVhbG1leGFtcGxlLmNvbSA8aHR0cDovL3JlYWxtZXhhbXBsZS5jb20+Lg0KPg0K Pg0KPiAgICAgQWdyZWUgKHNpbmNlIHRoZSBleGFtcGxlIHNob3dzIGEgcmVhbG0pLg0KPg0KPiAg ICAgLSBKb3VuaQ0KPg0KPiAgICAgICAgIChTb3JyeSBhYm91dCB0aGUgdWdseSBjdXQnbidwYXN0 ZS4gSnVzdCBqb2luZWQgdGhlIGxpc3QgYW5kDQo+ICAgICAgICAgZm91bmQgdGhlDQo+ICAgICAg ICAgcmVjZW50IHBvc3QgYmVsb3cgaW4gdGhlIGFyY2hpdmUuKQ0KPg0KPiAgICAgICAgIEJlc3Qg UmVnYXJkcywNCj4NCj4gICAgICAgICBIZW5yaWsgVmlsbGbDtnINCj4NCj4gICAgICAgICAtLS0t LS0tLS0NCj4NCj4gICAgICAgICBIaSBMYXJzLA0KPg0KPiAgICAgICAgIEFjY29yZGluZyB0byB0 aGUgYmFzZSBwcm90b2NvbCwgdGhlcmUgaXMgbm8gc3VjaCByZXN0cmljdGlvbi4NCj4gICAgICAg ICBXaGVuIHRoZQ0KPiAgICAgICAgIERpYW1ldGVySWRlbnRpdHkgZm9ybWF0IGlzIHVzZWQgdG8g aWRlbnRpZnkgYSBEaWFtZXRlciBub2RlLCB0aGUNCj4gICAgICAgICBvbmx5DQo+ICAgICAgICAg cmVxdWlyZW1lbnQgaXMgdGhhdDoNCj4NCj4gICAgICAgICAqIHRoZSBEaWFtZXRlcklkZW50aXR5 IHZhbHVlIGluIE9yaWdpbi9EZXN0aW5hdGlvbi1Ib3N0IEFWUCBpcw0KPiAgICAgICAgIGFuIEZR RE4uDQo+DQo+ICAgICAgICAgKiB0aGVyZSBpcyBhdCBsZWFzdCBvbmUgcGVlciB0YWJsZSBpbiB0 aGUgcmVhbG0gaWRlbnRpZmllZCBieSB0aGUNCj4gICAgICAgICBPcmlnaW4vRGVzdGluYXRpb24t UmVhbG0gIEFWUCB0aGF0IGNvbnRhaW5zIHRoZSBob3N0IGlkZW50aWZpZWQNCj4gICAgICAgICBi eSB0aGUgRlFETi4NCj4NCj4gICAgICAgICBTbyBFeGFtcGxlIDIgaXMgcGVyZmVjdGx5IHZhbGlk IGZyb20gYSBiYXNlIHByb3RvY29sIHBvaW50IG9mDQo+ICAgICAgICAgdmlldywgYXMNCj4gICAg ICAgICBsb25nIGFzIHRoZXJlIGlzIGF0IGxlYXN0IG9uZSBub2RlIGluICJleGFtcGxlLmNvbQ0K PiAgICAgICAgIDxodHRwOi8vZXhhbXBsZS5jb20+IDxodHRwOi8vZXhhbXBsZS5jb20+Ig0KPiAg ICAgICAgIHdpdGggYSB0cmFuc3BvcnQgY29ubmVjdGlvbiB3aXRoIHRoZSBwZWVyDQo+ICAgICAg ICAgIm5vZGUuc2l0ZTEuZXhhbXBsZS5jb20gPGh0dHA6Ly9ub2RlLnNpdGUxLmV4YW1wbGUuY29t Pg0KPiAgICAgICAgIDxodHRwOi8vbm9kZS5zaXRlMS5leGFtcGxlLmNvbV9fPiIuDQo+DQo+ICAg ICAgICAgTm93LCBzb21lIERpYW1ldGVyIGFwcGxpY2F0aW9ucyBtYXkgaGF2ZSBkZWZpbmVkIHNw ZWNpZmljIHJ1bGVzDQo+ICAgICAgICAgcmVnYXJkaW5nIHRoZSBmb3JtYXQgb2YgcmVhbG0vaG9z dCBpZGVudGl0eSwgd2l0aCBleHBsaWNpdA0KPiAgICAgICAgIHJlc3RyaWN0aW9ucy9saW1pdGF0 aW9ucy4gSXQgaXMgdGhlbiByZXF1aXJlZCB0byBjaGVjayBpZiB0aGVyZQ0KPiAgICAgICAgIGlz IGFueQ0KPiAgICAgICAgIG9mIHRoZXNlIHJlc3RyaWN0aW9ucyBkZWZpbmVkIGluIHRoZSByZWxh dGVkIHNwZWNpZmljYXRpb24uDQo+DQo+ICAgICAgICAgUmVnYXJkcywNCj4NCj4gICAgICAgICBM aW9uZWwNCj4NCj4gICAgICAgICBEZSA6IERpTUUgW21haWx0bzpkaW1lLWJvdW5jZXMgPG1haWx0 bzpkaW1lLWJvdW5jZXM+DQo+ICAgICAgICAgPG1haWx0bzpkaW1lLWJvdW5jZXMgPG1haWx0bzpk aW1lLWJvdW5jZXM+PiBhdCBpZXRmLm9yZw0KPiAgICAgICAgIDxodHRwOi8vaWV0Zi5vcmc+DQo+ ICAgICAgICAgPGh0dHA6Ly9pZXRmLm9yZz5dIERlIGxhIHBhcnQgZGUgTGFycyBKw7hyZ2VuIExp bGxlaG92ZGUgRW52b3nDqSA6DQo+ICAgICAgICAgZGltYW5jaGUgMTUgbWFycyAyMDE1IDEyOjU0 IMOAIDogZGltZSBhdCBpZXRmLm9yZw0KPiAgICAgICAgIDxodHRwOi8vaWV0Zi5vcmc+IDxodHRw Oi8vaWV0Zi5vcmc+IE9iamV0DQo+ICAgICAgICAgOiBbRGltZV0gQWxsb3dlZCBob3N0IGFuZCBy ZWFsbSBuYW1pbmcgZm9yIGEgZGlhbWV0ZXIgbm9kZQ0KPg0KPiAgICAgICAgIEhpLA0KPg0KPiAg ICAgICAgIEknbSB0cnlpbmcgdG8gY2xhcmlmeSB0aGUgYWxsb3dlZCBuYW1pbmcgY29udmVuc2lv biBmb3IgdGhlIGhvc3QgYW5kDQo+ICAgICAgICAgcmVhbG0gb2YgYSBkaWFtZXRlciBub2RlLiBU aGlzIHJlbGF0ZXMgdG8gdGhlIHZhbHVlcyB1c2VkIGluIHRoZQ0KPiAgICAgICAgIE9yaWdpbi1I b3N0IEFWUCAoQVZQIENvZGUgMjY0KSBhbmQgT3JpZ2luLVJlYWxtIEFWUCAoQVZQIENvZGUNCj4g ICAgICAgICAyOTYpLiBJJ3ZlDQo+ICAgICAgICAgcmV2aWV3ZWQgdGhlIERpYW1ldGVyIFJGQ3Mg YW5kIGNhbm5vdCBmaW5kIGEgZGVmaW5pdGl2ZSBhbnN3ZXINCj4gICAgICAgICB0byB0aGlzDQo+ ICAgICAgICAgaXNzdWUuDQo+DQo+ICAgICAgICAgVGhlIHJlYXNvbiBmb3IgYXNraW5nIHRoaXMg cXVlc3Rpb24gaXMgdGhhdCBJJ20gaW4gZGlzY3Vzc2lvbiB3aXRoIGENCj4gICAgICAgICB2ZW5k b3Igb2YgYSBEaWFtZXRlciBSb3V0aW5nIEFnZW50IChEUkEpIHdoaWNoIGNsYWltcyB0aGF0IHRo ZQ0KPiAgICAgICAgIGhvc3Qgb2YgYQ0KPiAgICAgICAgIGRpYW1ldGVyIG5vZGUgaGFzIHRvIGJl IGluIHRoZSBmb3JtYXQgaG9zdC5yZWFsbS4NCj4NCj4gICAgICAgICAoMSkgRXhhbXBsZSBvZiB0 aGUgb25seSBhbGxvd2VkIGZvcm1hdCBhY2NvcmRpbmcgdG8gdGhlIHZlbmRvcjoNCj4NCj4gICAg ICAgICBPcmlnaW4tUmVhbG06IGV4YW1wbGUuY29tIDxodHRwOi8vZXhhbXBsZS5jb20+IA0KPiA8 aHR0cDovL2V4YW1wbGUuY29tPg0KPg0KPiAgICAgICAgIE9yaWdpbi1Ib3N0OiBub2RlLmV4YW1w bGUuY29tIDxodHRwOi8vbm9kZS5leGFtcGxlLmNvbT4NCj4gICAgICAgICA8aHR0cDovL25vZGUu ZXhhbXBsZS5jb20+DQo+DQo+ICAgICAgICAgSSB3YW50IHRvIGNsYXJpZnkgaWYgbXVsdGlwbGUg c3ViZG9tYWlucyBhcmUgYWxsb3dlZCB0byBiZSBhZGRlZA0KPiAgICAgICAgIGluIHRoZQ0KPiAg ICAgICAgIGhvc3Qgd2l0aG91dCBiZWluZyBwcmVzZW50IGluIHRoZSByZWFsbS4NCj4NCj4gICAg ICAgICAoMikgRXhhbXBsZToNCj4NCj4gICAgICAgICBPcmlnaW4tUmVhbG06IGV4YW1wbGUuY29t IDxodHRwOi8vZXhhbXBsZS5jb20+IA0KPiA8aHR0cDovL2V4YW1wbGUuY29tPg0KPg0KPiAgICAg ICAgIE9yaWdpbi1Ib3N0OiBub2RlLnNpdGUxLmV4YW1wbGUuY29tDQo+ICAgICAgICAgPGh0dHA6 Ly9ub2RlLnNpdGUxLmV4YW1wbGUuY29tPiANCj4gPGh0dHA6Ly9ub2RlLnNpdGUxLmV4YW1wbGUu Y29tX18+DQo+DQo+ICAgICAgICAgQWNjb3JkaW5nIHRvIHRoZSB2ZW5kb3IsIHRoZSBleGFtcGxl IDIgaXMgbm90IGFsbG93ZWQuIFRvIGhhdmUNCj4gICAgICAgICB0aGUgaG9zdA0KPiAgICAgICAg IGFzIGluIGV4YW1wbGUgMiwgdGhlIHJlYWxtIHdpbGwgaGF2ZSB0byBiZSBzaXRlMS5leGFtcGxl LmNvbQ0KPiAgICAgICAgIDxodHRwOi8vc2l0ZTEuZXhhbXBsZS5jb20+DQo+ICAgICAgICAgPGh0 dHA6Ly9zaXRlMS5leGFtcGxlLmNvbT4uDQo+DQo+ICAgICAgICAgQ291bGQgc29tZW9uZSBwbGVh c2UgY2xhcmlmeSB0aGlzIG5hbWluZyBpc3N1ZSBvciBwb2ludCBtZSB0byB0aGUNCj4gICAgICAg ICBzdGFuZGFyZCB3aGVyZSB0aGlzIGlzIGRlZmluZWQuDQo+DQo+ICAgICAgICAgVGhhbmsgeW91 Lg0KPg0KPiAgICAgICAgIEJlc3QgcmVnYXJkcywNCj4NCj4gICAgICAgICBMYXJzIEouIExpbGxl aG92ZGUNCj4NCj4gICAgICAgICANCj4gX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiBfX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPg0KPiAgICAgICAg IENlIG1lc3NhZ2UgZXQgc2VzIHBpZWNlcyBqb2ludGVzIHBldXZlbnQgY29udGVuaXIgZGVzIGlu Zm9ybWF0aW9ucw0KPiAgICAgICAgIGNvbmZpZGVudGllbGxlcyBvdSBwcml2aWxlZ2llZXMgZXQg bmUgZG9pdmVudCBkb25jIHBhcyBldHJlDQo+ICAgICAgICAgZGlmZnVzZXMsDQo+ICAgICAgICAg ZXhwbG9pdGVzIG91IGNvcGllcyBzYW5zIGF1dG9yaXNhdGlvbi4gU2kgdm91cyBhdmV6IHJlY3Ug Y2UNCj4gICAgICAgICBtZXNzYWdlIHBhcg0KPiAgICAgICAgIGVycmV1ciwgdmV1aWxsZXogbGUg c2lnbmFsZXIgYSBsJ2V4cGVkaXRldXIgZXQgbGUgZGV0cnVpcmUgYWluc2kNCj4gICAgICAgICBx dWUgbGVzDQo+ICAgICAgICAgcGllY2VzIGpvaW50ZXMuIExlcyBtZXNzYWdlcyBlbGVjdHJvbmlx dWVzIGV0YW50IHN1c2NlcHRpYmxlcw0KPiAgICAgICAgIGQnYWx0ZXJhdGlvbiwgT3JhbmdlIGRl Y2xpbmUgdG91dGUgcmVzcG9uc2FiaWxpdGUgc2kgY2UgbWVzc2FnZQ0KPiAgICAgICAgIGEgZXRl DQo+ICAgICAgICAgYWx0ZXJlLCBkZWZvcm1lIG91IGZhbHNpZmllLiBNZXJjaS4NCj4NCj4gICAg ICAgICBUaGlzIG1lc3NhZ2UgYW5kIGl0cyBhdHRhY2htZW50cyBtYXkgY29udGFpbiBjb25maWRl bnRpYWwgb3INCj4gICAgICAgICBwcml2aWxlZ2VkDQo+ICAgICAgICAgaW5mb3JtYXRpb24gdGhh dCBtYXkgYmUgcHJvdGVjdGVkIGJ5IGxhdzsgdGhleSBzaG91bGQgbm90IGJlDQo+ICAgICAgICAg ZGlzdHJpYnV0ZWQsIHVzZWQgb3IgY29waWVkIHdpdGhvdXQgYXV0aG9yaXNhdGlvbi4NCj4NCj4g ICAgICAgICBJZiB5b3UgaGF2ZSByZWNlaXZlZCB0aGlzIGVtYWlsIGluIGVycm9yLCBwbGVhc2Ug bm90aWZ5IHRoZQ0KPiAgICAgICAgIHNlbmRlciBhbmQNCj4gICAgICAgICBkZWxldGUgdGhpcyBt ZXNzYWdlIGFuZCBpdHMgYXR0YWNobWVudHMuDQo+DQo+ICAgICAgICAgQXMgZW1haWxzIG1heSBi ZSBhbHRlcmVkLCBPcmFuZ2UgaXMgbm90IGxpYWJsZSBmb3IgbWVzc2FnZXMgdGhhdA0KPiAgICAg ICAgIGhhdmUNCj4gICAgICAgICBiZWVuIG1vZGlmaWVkLCBjaGFuZ2VkIG9yIGZhbHNpZmllZC4N Cj4NCj4gICAgICAgICBUaGFuayB5b3UuDQo+DQo+DQo+DQo+ICAgICAgICAgX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiAgICAgICAgIERpTUUgbWFp bGluZyBsaXN0DQo+ICAgICAgICAgRGlNRUBpZXRmLm9yZyA8bWFpbHRvOkRpTUVAaWV0Zi5vcmc+ DQo+ICAgICAgICAgaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9fX2xpc3RpbmZvL2RpbWUN Cj4gICAgICAgICA8aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9kaW1lPg0K Pg0KPg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0K RGlNRSBtYWlsaW5nIGxpc3QNCkRpTUVAaWV0Zi5vcmcNCmh0dHBzOi8vd3d3LmlldGYub3JnL21h aWxtYW4vbGlzdGluZm8vZGltZQ0KCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX18KCkNlIG1lc3NhZ2UgZXQgc2VzIHBpZWNlcyBq b2ludGVzIHBldXZlbnQgY29udGVuaXIgZGVzIGluZm9ybWF0aW9ucyBjb25maWRlbnRpZWxsZXMg b3UgcHJpdmlsZWdpZWVzIGV0IG5lIGRvaXZlbnQgZG9uYwpwYXMgZXRyZSBkaWZmdXNlcywgZXhw bG9pdGVzIG91IGNvcGllcyBzYW5zIGF1dG9yaXNhdGlvbi4gU2kgdm91cyBhdmV6IHJlY3UgY2Ug bWVzc2FnZSBwYXIgZXJyZXVyLCB2ZXVpbGxleiBsZSBzaWduYWxlcgphIGwnZXhwZWRpdGV1ciBl dCBsZSBkZXRydWlyZSBhaW5zaSBxdWUgbGVzIHBpZWNlcyBqb2ludGVzLiBMZXMgbWVzc2FnZXMg ZWxlY3Ryb25pcXVlcyBldGFudCBzdXNjZXB0aWJsZXMgZCdhbHRlcmF0aW9uLApPcmFuZ2UgZGVj bGluZSB0b3V0ZSByZXNwb25zYWJpbGl0ZSBzaSBjZSBtZXNzYWdlIGEgZXRlIGFsdGVyZSwgZGVm b3JtZSBvdSBmYWxzaWZpZS4gTWVyY2kuCgpUaGlzIG1lc3NhZ2UgYW5kIGl0cyBhdHRhY2htZW50 cyBtYXkgY29udGFpbiBjb25maWRlbnRpYWwgb3IgcHJpdmlsZWdlZCBpbmZvcm1hdGlvbiB0aGF0 IG1heSBiZSBwcm90ZWN0ZWQgYnkgbGF3Owp0aGV5IHNob3VsZCBub3QgYmUgZGlzdHJpYnV0ZWQs IHVzZWQgb3IgY29waWVkIHdpdGhvdXQgYXV0aG9yaXNhdGlvbi4KSWYgeW91IGhhdmUgcmVjZWl2 ZWQgdGhpcyBlbWFpbCBpbiBlcnJvciwgcGxlYXNlIG5vdGlmeSB0aGUgc2VuZGVyIGFuZCBkZWxl dGUgdGhpcyBtZXNzYWdlIGFuZCBpdHMgYXR0YWNobWVudHMuCkFzIGVtYWlscyBtYXkgYmUgYWx0 ZXJlZCwgT3JhbmdlIGlzIG5vdCBsaWFibGUgZm9yIG1lc3NhZ2VzIHRoYXQgaGF2ZSBiZWVuIG1v ZGlmaWVkLCBjaGFuZ2VkIG9yIGZhbHNpZmllZC4KVGhhbmsgeW91LgoK From nobody Tue Mar 31 12:06:12 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C17E1A92BB for ; Tue, 31 Mar 2015 12:06:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.4 X-Spam-Level: X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_45=0.6, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PB5cMJA4Jc-A for ; Tue, 31 Mar 2015 12:06:09 -0700 (PDT) Received: from mail-pa0-x235.google.com (mail-pa0-x235.google.com [IPv6:2607:f8b0:400e:c03::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08FD21ACF03 for ; Tue, 31 Mar 2015 12:06:09 -0700 (PDT) Received: by pactp5 with SMTP id tp5so28078563pac.1 for ; Tue, 31 Mar 2015 12:06:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=W6L9JFuQJi/uJqSSNri3l6zsPyLl27B0zO0kAWEdV2E=; b=I86NzS6myWs16OGe4DK5433KnM5TzA/2RRWmQsnWoQ5EGVXzn/CvdXB7oobqlx9FNk TImeCfnFCblAIscdTa46FETlgJ8JLEtFrPxPgGZ37cZVmyk6Tqfk8Zmx2oe20+6R9hBC C7F6Uyy7h3I4YFmIY/Yl0kWnxrjz9le3SxXSAIx9xqcYdqFWGzLJIYIe69v9fAtUCKoX df45qiS9K51ixy6MnH0UNiBSR3nqOmFqqHiJ9kSxITKxKWyUW/9zxQALaamoci1Jt3EP w6BduvTmrf9uf9T9DWk/AORBxgsuEKNixXUh6y3iQBXcbzHI29lEAefaCqz08bO9kAfX s1hg== X-Received: by 10.66.100.138 with SMTP id ey10mr69989944pab.142.1427828768491; Tue, 31 Mar 2015 12:06:08 -0700 (PDT) Received: from [10.16.11.44] ([216.31.219.19]) by mx.google.com with ESMTPSA id tg14sm14083081pac.15.2015.03.31.12.06.06 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 31 Mar 2015 12:06:06 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) From: "Jouni.nosmap" X-Mailer: iPhone Mail (12D508) In-Reply-To: <25531_1427823666_551ADC32_25531_3828_1_6B7134B31289DC4FAF731D844122B36EEF739B@PEXCVZYM13.corporate.adroot.infra.ftgroup> Date: Tue, 31 Mar 2015 12:06:04 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: <551393FF.1090700@gmail.com> <25531_1427823666_551ADC32_25531_3828_1_6B7134B31289DC4FAF731D844122B36EEF739B@PEXCVZYM13.corporate.adroot.infra.ftgroup> To: "" Archived-At: Cc: "dime@ietf.org" Subject: Re: [Dime] realm vs domain (was: Allowed host and realm naming for a diameter node) X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2015 19:06:11 -0000 Sent from a smart phone.. Mind the typos.. > kirjoitti 31.3.2015 k= ello 10.41: >=20 > Hi, >=20 > Please see below. >=20 > Lionel >=20 > -----Message d'origine----- > De : DiME [mailto:dime-bounces@ietf.org] De la part de Jouni Korhonen > Envoy=C3=A9 : jeudi 26 mars 2015 06:07 > =C3=80 : Henrik Villf=C3=B6r; dime@ietf.org > Objet : Re: [Dime] realm vs domain (was: Allowed host and realm naming for= a diameter node) >=20 > Hi, >=20 > 3/25/2015, 1:18 AM, Henrik Villf=C3=B6r kirjoitti: >> Hi, >>=20 >> a follow up on the question below. >>=20 >> Is there anything in the base specification requiring the realm in the=20= >> Origin-Realm AVP to be the same as the domain part of the Origin-Host AVP= ? >>=20 >> Would the following be allowed? >>=20 >> Origin-Realm: realmexample.com >>=20 >> Origin-Host: node.domainexample.com >=20 > Based on my reading of RFC6733 yes.. but when reading RFC3588 no'ish.=20 > The subttle change between these two was: >=20 > OLD: > DiameterIdentity =3D FQDN > NEW: > DiameterIdentity =3D FQDN/Realm >=20 > And when reading the text on a DiameterIdentity a Diameter node _should_ (= ok.. the should is not must..) only use one DiameterIdentity which means the= FQDN in Origin-Host and Origin-Realm should be the same.. >=20 > [LM]> not sure to understand what the text above means. In RFC3588, the de= finition in sect 4.3 was clearly an error as the text in sect 6.4 sect 6.6 w= as already saying that: >=20 > The Origin-Realm AVP (AVP Code 296) is of type DiameterIdentity. > This AVP contains the Realm of the originator of any Diameter message > and MUST be present in all messages. We need to remembet that with Diameter realm is piggybacked in DNS. So if yo= ur Origin-Realm is an FQDN and you just extract the domain part of it when u= sing it, you achieved the same as realm. This to work properly requires some= magic sauce.. which e.g. for certain deployments is described in system spe= cific specs.=20 >=20 > The Destination-Realm AVP (AVP Code 283) is of type DiameterIdentity, > and contains the realm the message is to be routed to. >=20 > [LM]> So a DiameterIdentity was meant to be either an FQDN or a Realm, dep= ending of its use as x-Host or x-Realm AVP value. If someone was implementin= g the Diameter identity of a realm as an FQDN, it would be an error. And thi= s was fixed with RFC6733. I would bet there is stuff out there..=20 - jouni >=20 >> Also, although none of the examples of Diameter host identities in rfc >> 6733 show an FQDN with a trailing dot it should be allowed, but a=20 >> realm may not end in a dot. >=20 > AFAIR the FQDN first appeared in RFC1206.. none of the FQDN examples use t= he trailing ".". Anyway, referring to RFC1034 and the "relative names"=20 > it is stated that: >=20 > -- > Relative names are either taken relative to a well known origin, or to a l= ist of domains used as a search list. Relative names appear mostly at the u= ser interface, where their interpretation varies from implementation to impl= ementation, and in master files, where they are relative to a single origin d= omain name. The most common interpretation uses the root "." as either the s= ingle origin or as one of the members of the search list, so a multi-label r= elative name is often one where the trailing dot has been omitted to save ty= ping. > -- >=20 > Thus it is expected that the resolver library (or equivalent) knows when t= o add the missing "." e.g. when the domain name is supposed to be a Diameter= Identity. >=20 >> So, this should be allowed: >>=20 >> Origin-Host: node.domainexample.com. >=20 > Irrespective of my above rant, I agree. >=20 >> This should not be allowed: >>=20 >> Origin-Realm: realmexample.com. >=20 > Agree (since the example shows a realm). >=20 > - Jouni >=20 >> (Sorry about the ugly cut'n'paste. Just joined the list and found the=20 >> recent post below in the archive.) >>=20 >> Best Regards, >>=20 >> Henrik Villf=C3=B6r >>=20 >> --------- >>=20 >> Hi Lars, >>=20 >> According to the base protocol, there is no such restriction. When the=20= >> DiameterIdentity format is used to identify a Diameter node, the only=20 >> requirement is that: >>=20 >> * the DiameterIdentity value in Origin/Destination-Host AVP is an FQDN. >>=20 >> * there is at least one peer table in the realm identified by the=20 >> Origin/Destination-Realm AVP that contains the host identified by the FQ= DN. >>=20 >> So Example 2 is perfectly valid from a base protocol point of view, as=20= >> long as there is at least one node in "example.com " >> with a transport connection with the peer "node.site1.example.com=20 >> ". >>=20 >> Now, some Diameter applications may have defined specific rules=20 >> regarding the format of realm/host identity, with explicit=20 >> restrictions/limitations. It is then required to check if there is any=20= >> of these restrictions defined in the related specification. >>=20 >> Regards, >>=20 >> Lionel >>=20 >> De : DiME [mailto:dime-bounces at ietf.org=20 >> ] De la part de Lars J=C3=B8rgen Lillehovde Envoy=C3=A9 := >> dimanche 15 mars 2015 12:54 =C3=80 : dime at ietf.org =20= >> Objet >> : [Dime] Allowed host and realm naming for a diameter node >>=20 >> Hi, >>=20 >> I'm trying to clarify the allowed naming convension for the host and=20 >> realm of a diameter node. This relates to the values used in the=20 >> Origin-Host AVP (AVP Code 264) and Origin-Realm AVP (AVP Code 296).=20 >> I've reviewed the Diameter RFCs and cannot find a definitive answer to=20= >> this issue. >>=20 >> The reason for asking this question is that I'm in discussion with a=20 >> vendor of a Diameter Routing Agent (DRA) which claims that the host of=20= >> a diameter node has to be in the format host.realm. >>=20 >> (1) Example of the only allowed format according to the vendor: >>=20 >> Origin-Realm: example.com >>=20 >> Origin-Host: node.example.com >>=20 >> I want to clarify if multiple subdomains are allowed to be added in=20 >> the host without being present in the realm. >>=20 >> (2) Example: >>=20 >> Origin-Realm: example.com >>=20 >> Origin-Host: node.site1.example.com >>=20 >> According to the vendor, the example 2 is not allowed. To have the=20 >> host as in example 2, the realm will have to be site1.example.com=20 >> . >>=20 >> Could someone please clarify this naming issue or point me to the=20 >> standard where this is defined. >>=20 >> Thank you. >>=20 >> Best regards, >>=20 >> Lars J. Lillehovde >>=20 >> ______________________________________________________________________ >> ___________________________________________________ >>=20 >> Ce message et ses pieces jointes peuvent contenir des informations=20 >> confidentielles ou privilegiees et ne doivent donc pas etre diffuses,=20 >> exploites ou copies sans autorisation. Si vous avez recu ce message=20 >> par erreur, veuillez le signaler a l'expediteur et le detruire ainsi=20 >> que les pieces jointes. Les messages electroniques etant susceptibles=20 >> d'alteration, Orange decline toute responsabilite si ce message a ete=20 >> altere, deforme ou falsifie. Merci. >>=20 >> This message and its attachments may contain confidential or=20 >> privileged information that may be protected by law; they should not=20 >> be distributed, used or copied without authorisation. >>=20 >> If you have received this email in error, please notify the sender and=20= >> delete this message and its attachments. >>=20 >> As emails may be altered, Orange is not liable for messages that have=20 >> been modified, changed or falsified. >>=20 >> Thank you. >>=20 >>=20 >>=20 >> _______________________________________________ >> DiME mailing list >> DiME@ietf.org >> https://www.ietf.org/mailman/listinfo/dime >=20 > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime >=20 > __________________________________________________________________________= _______________________________________________ >=20 > Ce message et ses pieces jointes peuvent contenir des informations confide= ntielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez rec= u ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages e= lectroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou= falsifie. Merci. >=20 > This message and its attachments may contain confidential or privileged in= formation that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and del= ete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been= modified, changed or falsified. > Thank you. >=20 From nobody Tue Mar 31 17:38:53 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0F4F1ACCF9 for ; Tue, 31 Mar 2015 17:38:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.521 X-Spam-Level: X-Spam-Status: No, score=-0.521 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_56=0.6, SPF_NEUTRAL=0.779] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qSQdJaxGvAeS for ; Tue, 31 Mar 2015 17:38:50 -0700 (PDT) Received: from biz131.inmotionhosting.com (biz131.inmotionhosting.com [173.247.247.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 511C41B2B8A for ; Tue, 31 Mar 2015 17:38:50 -0700 (PDT) Received: from cpe-76-183-208-111.tx.res.rr.com ([76.183.208.111]:64097 helo=Steves-MacBook-Air.local) by biz131.inmotionhosting.com with esmtpsa (UNKNOWN:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1Yd6gB-0004F1-Mb; Tue, 31 Mar 2015 17:38:48 -0700 Message-ID: <551B3E18.1020907@usdonovans.com> Date: Tue, 31 Mar 2015 19:38:48 -0500 From: Steve Donovan User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: "Jouni.nosmap" References: <20150126150303.15610.1562.idtracker@ietfa.amsl.com> <5511D1AA.40804@usdonovans.com> <55138C07.2070007@gmail.com> <5515AAF0.8020502@usdonovans.com> <40F74E87-BC08-4822-A29E-3D2BE026BF6C@gmail.com> In-Reply-To: <40F74E87-BC08-4822-A29E-3D2BE026BF6C@gmail.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - biz131.inmotionhosting.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - usdonovans.com X-Get-Message-Sender-Via: biz131.inmotionhosting.com: authenticated_id: srd+usdonovans.com/only user confirmed/virtual account not confirmed Archived-At: Cc: "dime@ietf.org" Subject: Re: [Dime] I-D Action: draft-ietf-dime-e2e-sec-req-02.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Apr 2015 00:38:51 -0000 inline On 3/27/15 4:40 PM, Jouni.nosmap wrote: > Hi Steve, > > Inline.. > > Sent from a smart phone.. Mind the typos.. > >> Steve Donovan kirjoitti 27.3.2015 kello 14.09: >> >> >> >>> On 3/25/15 11:33 PM, Jouni Korhonen wrote: >>> Steve, >>> >>> See inline.. >>> >>> 3/24/2015, 2:05 PM, Steve Donovan kirjoitti: >>>> A few comments on this document. >>>> >>>> I would suggest adding the following requirement -- The solution MUST >>>> ensure that routing AVPs are always sent in the clear. >>> By routing AVPs you refer to Router-Record and Proxy-Info as per RFC6733, right? In that case I do not see a reason for the "are always sent in the clear". >> SRD> No, I mean Destination-Host, Destination-Realm, Origin-Host and Origin-Realm. > Ok. Makes sense. However, integrity protecting above AVP should still be fine and allowed. At least the Origin-* AVPs. SRD2> Origin-Host and Origin-Realm are also used for making routing decisions. What is the value in integrity protecting these AVPs? Any agent based scenario would require that all agents in the path be able to decrypt the AVPs to make routing decisions. Why isn't it better to just say that these AVPs MUST NOT be integrity protected? > >>>> Requirement 5 does indicate that not all AVPs are covered by the " >>>> cryptographic protection". I think it would be better to be clear that >>>> there is a set of AVPs that MUST NOT be encrypted. >>> OK. >>> >>>> In addition, the following requirement might be useful -- The solution >>>> MUST support the ability to identify other non routing AVPs that must >>>> always be sent in the clear. >>> I would assume the knowledge which AVPs are ciphered is up to a local policy. If the policy is wrong, the receiver or intermediates will reply with an error. >> SRD> That makes sense. My reason for bringing this up is to make sure that the solution allows for these AVPs being sent in the clear. It won't work to arbitrarily encrypt all AVPs or even chunks of AVPs. > That was never the intention. We better clarify it if the text was not clear about that... Or there was no such text at all. SRD2> The text does say that a subset of the AVPs can be integrity protected. I'm suggesting that we need wording that any solution MUST NOT assume/require integrity protecting the entire message. > > - jouni > > >>> - Jouni >>> >>>> This would be to cover overload, load, message priority and other AVPs >>>> that need to be accessible by all nodes in the path of a transaction. >>>> >>>> Regards, >>>> >>>> Steve >>>> >>>>> On 1/26/15 9:03 AM, internet-drafts@ietf.org wrote: >>>>> A New Internet-Draft is available from the on-line Internet-Drafts directories. >>>>> This draft is a work item of the Diameter Maintenance and Extensions Working Group of the IETF. >>>>> >>>>> Title : Diameter AVP Level Security End-to-End Security: Scenarios and Requirements >>>>> Authors : Hannes Tschofenig >>>>> Jouni Korhonen >>>>> Glen Zorn >>>>> Kervin Pillay >>>>> Filename : draft-ietf-dime-e2e-sec-req-02.txt >>>>> Pages : 9 >>>>> Date : 2015-01-26 >>>>> >>>>> Abstract: >>>>> This specification discusses requirements for providing Diameter >>>>> security at the level of individual Attribute Value Pairs. >>>>> >>>>> >>>>> The IETF datatracker status page for this draft is: >>>>> https://datatracker.ietf.org/doc/draft-ietf-dime-e2e-sec-req/ >>>>> >>>>> There's also a htmlized version available at: >>>>> http://tools.ietf.org/html/draft-ietf-dime-e2e-sec-req-02 >>>>> >>>>> A diff from the previous version is available at: >>>>> http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-e2e-sec-req-02 >>>>> >>>>> >>>>> Please note that it may take a couple of minutes from the time of submission >>>>> until the htmlized version and diff are available at tools.ietf.org. >>>>> >>>>> Internet-Drafts are also available by anonymous FTP at: >>>>> ftp://ftp.ietf.org/internet-drafts/ >>>>> >>>>> _______________________________________________ >>>>> DiME mailing list >>>>> DiME@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/dime >>>> >>>> >>>> _______________________________________________ >>>> DiME mailing list >>>> DiME@ietf.org >>>> https://www.ietf.org/mailman/listinfo/dime From nobody Tue Mar 31 22:09:43 2015 Return-Path: X-Original-To: dime@ietfa.amsl.com Delivered-To: dime@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6FF71A6FEE for ; Tue, 31 Mar 2015 22:09:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.4 X-Spam-Level: X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_56=0.6, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 73UTkGhMR3cC for ; Tue, 31 Mar 2015 22:09:41 -0700 (PDT) Received: from mail-ob0-x230.google.com (mail-ob0-x230.google.com [IPv6:2607:f8b0:4003:c01::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04EA61A1AB9 for ; Tue, 31 Mar 2015 22:09:40 -0700 (PDT) Received: by obbec2 with SMTP id ec2so61436066obb.3 for ; Tue, 31 Mar 2015 22:09:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=XajHiwuwP74L04P755T/LULrMDk1g9YDatGtt0GmO8c=; b=dcf9YdFc53lx9dum17gCUsq6FVPzCJPUbkfJk6Grk90oPAdhz8MQRi7SDIclc9XIMj zUdLg2QnSKXHkJ3RPpCUJ5kEmKlYRYd3E55jKsoB3HkvebaCmQrHZ4TY9rhlRhMfEZT9 rUiSICLkzyieT75preOgy/DRmC/2f+It2htNLMAdS0azxHAp4gwxITu+dnBaxtu1vGiH 3j8UsifIFq1cYAQaphbQF1kbCtstjzd+PsleP7JuQ3STHcIDMrh4O5qn7H6z5Rds0q4n g43EsLOgOSU0FMh21Auh/FKLkV3A9RPOiDVmUiYdlyI4NIQe/uTmPI+frBg4jNmvbcMB +0bA== X-Received: by 10.60.63.99 with SMTP id f3mr18302574oes.9.1427864980466; Tue, 31 Mar 2015 22:09:40 -0700 (PDT) Received: from [198.18.119.64] ([12.190.128.2]) by mx.google.com with ESMTPSA id mu10sm923421obb.5.2015.03.31.22.09.38 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 31 Mar 2015 22:09:39 -0700 (PDT) Message-ID: <551B7D90.7040109@gmail.com> Date: Tue, 31 Mar 2015 22:09:36 -0700 From: Jouni Korhonen User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Steve Donovan References: <20150126150303.15610.1562.idtracker@ietfa.amsl.com> <5511D1AA.40804@usdonovans.com> <55138C07.2070007@gmail.com> <5515AAF0.8020502@usdonovans.com> <40F74E87-BC08-4822-A29E-3D2BE026BF6C@gmail.com> <551B3E18.1020907@usdonovans.com> In-Reply-To: <551B3E18.1020907@usdonovans.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Cc: "dime@ietf.org" Subject: Re: [Dime] I-D Action: draft-ietf-dime-e2e-sec-req-02.txt X-BeenThere: dime@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Diameter Maintanence and Extentions Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Apr 2015 05:09:42 -0000 Steve, Inline. 3/31/2015, 5:38 PM, Steve Donovan kirjoitti: > inline > > On 3/27/15 4:40 PM, Jouni.nosmap wrote: >> Hi Steve, >> >> Inline.. >> >> Sent from a smart phone.. Mind the typos.. >> >>> Steve Donovan kirjoitti 27.3.2015 kello >>> 14.09: >>> >>> >>> >>>> On 3/25/15 11:33 PM, Jouni Korhonen wrote: >>>> Steve, >>>> >>>> See inline.. >>>> >>>> 3/24/2015, 2:05 PM, Steve Donovan kirjoitti: >>>>> A few comments on this document. >>>>> >>>>> I would suggest adding the following requirement -- The solution MUST >>>>> ensure that routing AVPs are always sent in the clear. >>>> By routing AVPs you refer to Router-Record and Proxy-Info as per >>>> RFC6733, right? In that case I do not see a reason for the "are >>>> always sent in the clear". >>> SRD> No, I mean Destination-Host, Destination-Realm, Origin-Host and >>> Origin-Realm. >> Ok. Makes sense. However, integrity protecting above AVP should still >> be fine and allowed. At least the Origin-* AVPs. > SRD2> Origin-Host and Origin-Realm are also used for making routing > decisions. What is the value in integrity protecting these AVPs? Any > agent based scenario would require that all agents in the path be able > to decrypt the AVPs to make routing decisions. Why isn't it better to > just say that these AVPs MUST NOT be integrity protected? Integrity protection does not hide the content from intermediates. It only makes the end points to detect if those AVPs have been altered. I do want to know if someone tampered my AVPs that I care about (what those AVPs are depends on the policy). >> >>>>> Requirement 5 does indicate that not all AVPs are covered by the " >>>>> cryptographic protection". I think it would be better to be clear >>>>> that >>>>> there is a set of AVPs that MUST NOT be encrypted. >>>> OK. >>>> >>>>> In addition, the following requirement might be useful -- The solution >>>>> MUST support the ability to identify other non routing AVPs that must >>>>> always be sent in the clear. >>>> I would assume the knowledge which AVPs are ciphered is up to a >>>> local policy. If the policy is wrong, the receiver or intermediates >>>> will reply with an error. >>> SRD> That makes sense. My reason for bringing this up is to make >>> sure that the solution allows for these AVPs being sent in the >>> clear. It won't work to arbitrarily encrypt all AVPs or even chunks >>> of AVPs. >> That was never the intention. We better clarify it if the text was not >> clear about that... Or there was no such text at all. > SRD2> The text does say that a subset of the AVPs can be integrity > protected. I'm suggesting that we need wording that any solution MUST > NOT assume/require integrity protecting the entire message. That is OK. - Jouni >> >> - jouni >> >> >>>> - Jouni >>>> >>>>> This would be to cover overload, load, message priority and other AVPs >>>>> that need to be accessible by all nodes in the path of a transaction. >>>>> >>>>> Regards, >>>>> >>>>> Steve >>>>> >>>>>> On 1/26/15 9:03 AM, internet-drafts@ietf.org wrote: >>>>>> A New Internet-Draft is available from the on-line Internet-Drafts >>>>>> directories. >>>>>> This draft is a work item of the Diameter Maintenance and >>>>>> Extensions Working Group of the IETF. >>>>>> >>>>>> Title : Diameter AVP Level Security End-to-End >>>>>> Security: Scenarios and Requirements >>>>>> Authors : Hannes Tschofenig >>>>>> Jouni Korhonen >>>>>> Glen Zorn >>>>>> Kervin Pillay >>>>>> Filename : draft-ietf-dime-e2e-sec-req-02.txt >>>>>> Pages : 9 >>>>>> Date : 2015-01-26 >>>>>> >>>>>> Abstract: >>>>>> This specification discusses requirements for providing Diameter >>>>>> security at the level of individual Attribute Value Pairs. >>>>>> >>>>>> >>>>>> The IETF datatracker status page for this draft is: >>>>>> https://datatracker.ietf.org/doc/draft-ietf-dime-e2e-sec-req/ >>>>>> >>>>>> There's also a htmlized version available at: >>>>>> http://tools.ietf.org/html/draft-ietf-dime-e2e-sec-req-02 >>>>>> >>>>>> A diff from the previous version is available at: >>>>>> http://www.ietf.org/rfcdiff?url2=draft-ietf-dime-e2e-sec-req-02 >>>>>> >>>>>> >>>>>> Please note that it may take a couple of minutes from the time of >>>>>> submission >>>>>> until the htmlized version and diff are available at tools.ietf.org. >>>>>> >>>>>> Internet-Drafts are also available by anonymous FTP at: >>>>>> ftp://ftp.ietf.org/internet-drafts/ >>>>>> >>>>>> _______________________________________________ >>>>>> DiME mailing list >>>>>> DiME@ietf.org >>>>>> https://www.ietf.org/mailman/listinfo/dime >>>>> >>>>> >>>>> _______________________________________________ >>>>> DiME mailing list >>>>> DiME@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/dime >