| < draft-ietf-lamps-samples-02.txt | draft-ietf-lamps-samples-03.txt > | |||
|---|---|---|---|---|
| lamps D.K. Gillmor, Ed. | lamps D.K. Gillmor, Ed. | |||
| Internet-Draft ACLU | Internet-Draft ACLU | |||
| Intended status: Informational 12 May 2021 | Intended status: Informational 14 May 2021 | |||
| Expires: 13 November 2021 | Expires: 15 November 2021 | |||
| S/MIME Example Keys and Certificates | S/MIME Example Keys and Certificates | |||
| draft-ietf-lamps-samples-02 | draft-ietf-lamps-samples-03 | |||
| Abstract | Abstract | |||
| The S/MIME development community benefits from sharing samples of | The S/MIME development community benefits from sharing samples of | |||
| signed or encrypted data. This document facilitates such | signed or encrypted data. This document facilitates such | |||
| collaboration by defining a small set of X.509v3 certificates and | collaboration by defining a small set of X.509v3 certificates and | |||
| keys for use when generating such samples. | keys for use when generating such samples. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 33 ¶ | skipping to change at page 1, line 33 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 13 November 2021. | This Internet-Draft will expire on 15 November 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 2, line 12 ¶ | skipping to change at page 2, line 12 ¶ | |||
| as described in Section 4.e of the Trust Legal Provisions and are | as described in Section 4.e of the Trust Legal Provisions and are | |||
| provided without warranty as described in the Simplified BSD License. | provided without warranty as described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 | 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 | |||
| 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 | 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 1.3. Prior Work . . . . . . . . . . . . . . . . . . . . . . . 4 | 1.3. Prior Work . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 2. Background . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 2. Background . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 2.1. Certificate Usage . . . . . . . . . . . . . . . . . . . . 4 | 2.1. Certificate Usage . . . . . . . . . . . . . . . . . . . . 5 | |||
| 2.2. Certificate Expiration . . . . . . . . . . . . . . . . . 5 | 2.2. Certificate Expiration . . . . . . . . . . . . . . . . . 5 | |||
| 2.3. Certificate Revocation . . . . . . . . . . . . . . . . . 5 | 2.3. Certificate Revocation . . . . . . . . . . . . . . . . . 5 | |||
| 2.4. Using the CA in Test Suites . . . . . . . . . . . . . . . 5 | 2.4. Using the CA in Test Suites . . . . . . . . . . . . . . . 5 | |||
| 2.5. Certificate Chains . . . . . . . . . . . . . . . . . . . 5 | 2.5. Certificate Chains . . . . . . . . . . . . . . . . . . . 6 | |||
| 2.6. Passwords . . . . . . . . . . . . . . . . . . . . . . . . 6 | 2.6. Passwords . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 2.7. Secret key origins . . . . . . . . . . . . . . . . . . . 6 | 2.7. Secret key origins . . . . . . . . . . . . . . . . . . . 7 | |||
| 3. Example RSA Certificate Authority . . . . . . . . . . . . . . 7 | 3. Example RSA Certification Authority . . . . . . . . . . . . . 7 | |||
| 3.1. RSA Certificate Authority Root Certificate . . . . . . . 7 | 3.1. RSA Certification Authority Root Certificate . . . . . . 7 | |||
| 3.2. RSA Certificate Authority Secret Key . . . . . . . . . . 7 | 3.2. RSA Certification Authority Secret Key . . . . . . . . . 8 | |||
| 3.3. RSA Certificate Authority Cross-signed Certificate . . . 8 | 3.3. RSA Certification Authority Cross-signed Certificate . . 9 | |||
| 4. Alice's Sample Certificates . . . . . . . . . . . . . . . . . 9 | 4. Alice's Sample Certificates . . . . . . . . . . . . . . . . . 10 | |||
| 4.1. Alice's Signature Verification End-Entity Certificate . . 9 | 4.1. Alice's Signature Verification End-Entity Certificate . . 10 | |||
| 4.2. Alice's Signing Private Key Material . . . . . . . . . . 10 | 4.2. Alice's Signing Private Key Material . . . . . . . . . . 11 | |||
| 4.3. Alice's Encryption End-Entity Certificate . . . . . . . . 11 | 4.3. Alice's Encryption End-Entity Certificate . . . . . . . . 12 | |||
| 4.4. Alice's Decryption Private Key Material . . . . . . . . . 12 | 4.4. Alice's Decryption Private Key Material . . . . . . . . . 13 | |||
| 4.5. PKCS12 Object for Alice . . . . . . . . . . . . . . . . . 13 | 4.5. PKCS12 Object for Alice . . . . . . . . . . . . . . . . . 14 | |||
| 5. Bob's Sample . . . . . . . . . . . . . . . . . . . . . . . . 16 | 5. Bob's Sample . . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 5.1. Bob's Signature Verification End-Entity Certificate . . . 16 | 5.1. Bob's Signature Verification End-Entity Certificate . . . 18 | |||
| 5.2. Bob's Signing Private Key Material . . . . . . . . . . . 17 | 5.2. Bob's Signing Private Key Material . . . . . . . . . . . 18 | |||
| 5.3. Bob's Encryption End-Entity Certificate . . . . . . . . . 18 | 5.3. Bob's Encryption End-Entity Certificate . . . . . . . . . 19 | |||
| 5.4. Bob's Decryption Private Key Material . . . . . . . . . . 19 | 5.4. Bob's Decryption Private Key Material . . . . . . . . . . 20 | |||
| 5.5. PKCS12 Object for Bob . . . . . . . . . . . . . . . . . . 20 | 5.5. PKCS12 Object for Bob . . . . . . . . . . . . . . . . . . 21 | |||
| 6. Example Ed25519 Certificate Authority . . . . . . . . . . . . 23 | 6. Example Ed25519 Certification Authority . . . . . . . . . . . 24 | |||
| 6.1. Ed25519 Certificate Authority Root Certificate . . . . . 23 | 6.1. Ed25519 Certification Authority Root Certificate . . . . 25 | |||
| 6.2. Ed25519 Certificate Authority Secret Key . . . . . . . . 24 | 6.2. Ed25519 Certification Authority Secret Key . . . . . . . 25 | |||
| 6.3. Ed25519 Certificate Authority Cross-signed Certificate . 24 | 6.3. Ed25519 Certification Authority Cross-signed | |||
| 7. Carlos's Sample Certificates . . . . . . . . . . . . . . . . 25 | Certificate . . . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 7.1. Carlos's Signature Verification End-Entity Certificate . 25 | 7. Carlos's Sample Certificates . . . . . . . . . . . . . . . . 26 | |||
| 7.2. Carlos's Signing Private Key Material . . . . . . . . . . 25 | 7.1. Carlos's Signature Verification End-Entity Certificate . 26 | |||
| 7.3. Carlos's Encryption End-Entity Certificate . . . . . . . 25 | 7.2. Carlos's Signing Private Key Material . . . . . . . . . . 27 | |||
| 7.4. Carlos's Decryption Private Key Material . . . . . . . . 26 | 7.3. Carlos's Encryption End-Entity Certificate . . . . . . . 27 | |||
| 7.5. PKCS12 Object for Carlos . . . . . . . . . . . . . . . . 26 | 7.4. Carlos's Decryption Private Key Material . . . . . . . . 27 | |||
| 8. Dana's Sample Certificates . . . . . . . . . . . . . . . . . 27 | 7.5. PKCS12 Object for Carlos . . . . . . . . . . . . . . . . 28 | |||
| 8.1. Dana's Signature Verification End-Entity Certificate . . 27 | 8. Dana's Sample Certificates . . . . . . . . . . . . . . . . . 29 | |||
| 8.2. Dana's Signing Private Key Material . . . . . . . . . . . 28 | 8.1. Dana's Signature Verification End-Entity Certificate . . 29 | |||
| 8.3. Dana's Encryption End-Entity Certificate . . . . . . . . 28 | 8.2. Dana's Signing Private Key Material . . . . . . . . . . . 29 | |||
| 8.4. Dana's Decryption Private Key Material . . . . . . . . . 28 | 8.3. Dana's Encryption End-Entity Certificate . . . . . . . . 30 | |||
| 8.5. PKCS12 Object for Dana . . . . . . . . . . . . . . . . . 29 | 8.4. Dana's Decryption Private Key Material . . . . . . . . . 30 | |||
| 9. Security Considerations . . . . . . . . . . . . . . . . . . . 30 | 8.5. PKCS12 Object for Dana . . . . . . . . . . . . . . . . . 30 | |||
| 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 | 9. Security Considerations . . . . . . . . . . . . . . . . . . . 32 | |||
| 11. Document Considerations . . . . . . . . . . . . . . . . . . . 30 | 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 | |||
| 11.1. Document History . . . . . . . . . . . . . . . . . . . . 30 | 11. Document Considerations . . . . . . . . . . . . . . . . . . . 32 | |||
| 11.1.1. Substantive Changes from draft-ietf-*-01 to | 11.1. Document History . . . . . . . . . . . . . . . . . . . . 32 | |||
| draft-ietf-*-02 . . . . . . . . . . . . . . . . . . . 30 | 11.1.1. Substantive Changes from draft-ietf-*-02 to | |||
| 11.1.2. Substantive Changes from draft-ietf-*-00 to | draft-ietf-*-03 . . . . . . . . . . . . . . . . . . . 32 | |||
| draft-ietf-*-01 . . . . . . . . . . . . . . . . . . . 31 | 11.1.2. Substantive Changes from draft-ietf-*-01 to | |||
| 11.1.3. Substantive Changes from draft-dkg-*-05 to | draft-ietf-*-02 . . . . . . . . . . . . . . . . . . . 32 | |||
| draft-ietf-*-00 . . . . . . . . . . . . . . . . . . . 31 | 11.1.3. Substantive Changes from draft-ietf-*-00 to | |||
| 11.1.4. Substantive Changes from draft-dkg-*-04 to | draft-ietf-*-01 . . . . . . . . . . . . . . . . . . . 33 | |||
| draft-dkg-*-05 . . . . . . . . . . . . . . . . . . . 31 | 11.1.4. Substantive Changes from draft-dkg-*-05 to | |||
| 11.1.5. Substantive Changes from draft-dkg-*-03 to | draft-ietf-*-00 . . . . . . . . . . . . . . . . . . . 33 | |||
| draft-dkg-*-04 . . . . . . . . . . . . . . . . . . . 31 | 11.1.5. Substantive Changes from draft-dkg-*-04 to | |||
| 11.1.6. Substantive Changes from draft-dkg-*-02 to | draft-dkg-*-05 . . . . . . . . . . . . . . . . . . . 33 | |||
| draft-dkg-*-03 . . . . . . . . . . . . . . . . . . . 31 | 11.1.6. Substantive Changes from draft-dkg-*-03 to | |||
| 11.1.7. Substantive Changes from draft-dkg-*-01 to | draft-dkg-*-04 . . . . . . . . . . . . . . . . . . . 33 | |||
| draft-dkg-*-02 . . . . . . . . . . . . . . . . . . . 31 | 11.1.7. Substantive Changes from draft-dkg-*-02 to | |||
| 11.1.8. Substantive Changes from draft-dkg-*-00 to | draft-dkg-*-03 . . . . . . . . . . . . . . . . . . . 33 | |||
| draft-dkg-*-01 . . . . . . . . . . . . . . . . . . . 31 | 11.1.8. Substantive Changes from draft-dkg-*-01 to | |||
| 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31 | draft-dkg-*-02 . . . . . . . . . . . . . . . . . . . 33 | |||
| 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 32 | 11.1.9. Substantive Changes from draft-dkg-*-00 to | |||
| 13.1. Normative References . . . . . . . . . . . . . . . . . . 32 | draft-dkg-*-01 . . . . . . . . . . . . . . . . . . . 33 | |||
| 13.2. Informative References . . . . . . . . . . . . . . . . . 33 | 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 33 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 33 | 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 13.1. Normative References . . . . . . . . . . . . . . . . . . 34 | ||||
| 13.2. Informative References . . . . . . . . . . . . . . . . . 35 | ||||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 36 | ||||
| 1. Introduction | 1. Introduction | |||
| The S/MIME ([RFC8551]) development community, in particular the | The S/MIME ([RFC8551]) development community, in particular the | |||
| e-mail development community, benefits from sharing samples of signed | e-mail development community, benefits from sharing samples of signed | |||
| and/or encrypted data. Often the exact key material used does not | and/or encrypted data. Often the exact key material used does not | |||
| matter because the properties being tested pertain to implementation | matter because the properties being tested pertain to implementation | |||
| correctness, completeness or interoperability of the overall system. | correctness, completeness or interoperability of the overall system. | |||
| However, without access to the relevant secret key material, a sample | However, without access to the relevant secret key material, a sample | |||
| is useless. | is useless. | |||
| This document defines a small set of X.509v3 certificates ([RFC5280]) | This document defines a small set of X.509v3 certificates ([RFC5280]) | |||
| and secret keys for use when generating or operating on such samples. | and secret keys for use when generating or operating on such samples. | |||
| An example RSA certificate authority is supplied, and sample RSA | An example RSA certification authority is supplied, and sample RSA | |||
| certificates are provided for two "personas", Alice and Bob. | certificates are provided for two "personas", Alice and Bob. | |||
| Additionally, an Ed25519 ([RFC8032]) certificate authority is | Additionally, an Ed25519 ([RFC8032]) certification authority is | |||
| supplied, along with sample Ed25519 certificates for two more | supplied, along with sample Ed25519 certificates for two more | |||
| "personas", Carlos and Dana. | "personas", Carlos and Dana. | |||
| This document focuses narrowly on functional, well-formed identity | This document focuses narrowly on functional, well-formed identity | |||
| and key material. It is a starting point that other documents can | and key material. It is a starting point that other documents can | |||
| use to develop sample signed or encrypted messages, test vectors, or | use to develop sample signed or encrypted messages, test vectors, or | |||
| other artifacts for improved interoperability. | other artifacts for improved interoperability. | |||
| 1.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 1.2. Terminology | 1.2. Terminology | |||
| * "Certificate Authority" (or "CA") is a party capable of issuing | * "Certification Authority" (or "CA") is a party capable of issuing | |||
| X.509 certificates | X.509 certificates | |||
| * "End-Entity" is a party that is capable of using X.509 | * "End-Entity" is a party that is capable of using X.509 | |||
| certificates (and their corresponding secret key material) | certificates (and their corresponding secret key material) | |||
| * "Mail User Agent" (or "MUA") is a program that generates or | * "Mail User Agent" (or "MUA") is a program that generates or | |||
| handles [RFC5322] e-mail messages. | handles [RFC5322] e-mail messages. | |||
| 1.3. Prior Work | 1.3. Prior Work | |||
| skipping to change at page 4, line 44 ¶ | skipping to change at page 5, line 4 ¶ | |||
| extract them from the document. | extract them from the document. | |||
| It also includes examples of messages and other structures which are | It also includes examples of messages and other structures which are | |||
| greater in ambition than this document intends to be. | greater in ambition than this document intends to be. | |||
| [RFC8410] includes an example X25519 certificate that is certified | [RFC8410] includes an example X25519 certificate that is certified | |||
| with Ed25519, but it appears to be self-issued, and it is not | with Ed25519, but it appears to be self-issued, and it is not | |||
| directly useful in testing an S/MIME-capable MUA. | directly useful in testing an S/MIME-capable MUA. | |||
| 2. Background | 2. Background | |||
| 2.1. Certificate Usage | 2.1. Certificate Usage | |||
| These X.509 certificates ([RFC5280]) are designed for use with S/MIME | These X.509 certificates ([RFC5280]) are designed for use with S/MIME | |||
| protections ([RFC8551]) for e-mail ([RFC5322]). | protections ([RFC8551]) for e-mail ([RFC5322]). | |||
| In particular, they should be usable with signed and encrypted | In particular, they should be usable with signed and encrypted | |||
| messages. | messages, as part of test suites and interoperability frameworks. | |||
| All end-entity and intermediate CA certificates are marked with | ||||
| Certificate Policies from [TEST-POLICY] indicating that they are | ||||
| intended only for use in testing environments. End-entity | ||||
| certificates are marked with policy 2.16.840.1.101.3.2.1.48.1 and | ||||
| intermediate CAs are marked with policy 2.16.840.1.101.3.2.1.48.2. | ||||
| 2.2. Certificate Expiration | 2.2. Certificate Expiration | |||
| The certificates included in this draft expire in 2052. This should | The certificates included in this draft expire in 2052. This should | |||
| be sufficiently far in the future that they will be useful for a few | be sufficiently far in the future that they will be useful for a few | |||
| decades. However, when testing tools in the far future (or when | decades. However, when testing tools in the far future (or when | |||
| playing with clock skew scenarios), care should be taken to consider | playing with clock skew scenarios), care should be taken to consider | |||
| the certificate validity window. | the certificate validity window. | |||
| Due to this lengthy expiration window, these certificates will not be | Due to this lengthy expiration window, these certificates will not be | |||
| skipping to change at page 6, line 11 ¶ | skipping to change at page 6, line 30 ¶ | |||
| typically a long-lived root CA that users' software knows about upon | typically a long-lived root CA that users' software knows about upon | |||
| installation, and the end-entity certificate is issued by an | installation, and the end-entity certificate is issued by an | |||
| intermediate CA, which is in turn issued by the root CA. | intermediate CA, which is in turn issued by the root CA. | |||
| The example end-entity certificates in this document can be used with | The example end-entity certificates in this document can be used with | |||
| either a simple two-link certificate chain (they are directly | either a simple two-link certificate chain (they are directly | |||
| certified by their corresponding root CA), or in a three-link chain. | certified by their corresponding root CA), or in a three-link chain. | |||
| For example, Alice's encryption certificate (Section 4.3, | For example, Alice's encryption certificate (Section 4.3, | |||
| "alice.encrypt.crt") can be validated by a peer that directly trusts | "alice.encrypt.crt") can be validated by a peer that directly trusts | |||
| the Example RSA CA's root cert (Section 3.1, "ca.crt"): | the Example RSA CA's root cert (Section 3.1, "ca.rsa.crt"): | |||
| ╔════════╗ ┌───────────────────┐ | ╔════════════╗ ┌───────────────────┐ | |||
| ║ ca.crt ╟─→│ alice.encrypt.crt │ | ║ ca.rsa.crt ╟─→│ alice.encrypt.crt │ | |||
| ╚════════╝ └───────────────────┘ | ╚════════════╝ └───────────────────┘ | |||
| And it can also be validated by a peer that only directly trusts the | And it can also be validated by a peer that only directly trusts the | |||
| Example Ed25519 CA's root cert (Section 6.1, "ca.25519.crt"), via an | Example Ed25519 CA's root cert (Section 6.1, "ca.25519.crt"), via an | |||
| intermediate cross-signed CA cert (Section 3.3, "ca.cross.crt"): | intermediate cross-signed CA cert (Section 3.3, "ca.rsa.cross.crt"): | |||
| ╔══════════════╗ ┌──────────────┐ ┌───────────────────┐ | ╔══════════════╗ ┌──────────────────┐ ┌───────────────────┐ | |||
| ║ ca.25519.crt ╟─→│ ca.cross.crt ├─→│ alice.encrypt.crt │ | ║ ca.25519.crt ╟─→│ ca.rsa.cross.crt ├─→│ alice.encrypt.crt │ | |||
| ╚══════════════╝ └──────────────┘ └───────────────────┘ | ╚══════════════╝ └──────────────────┘ └───────────────────┘ | |||
| By omitting the cross-signed CA certs, it should be possible to test | By omitting the cross-signed CA certs, it should be possible to test | |||
| a "transvalid" certificate (an end-entity certificate that is | a "transvalid" certificate (an end-entity certificate that is | |||
| supplied without its intermediate certificate) in some | supplied without its intermediate certificate) in some | |||
| configurations. | configurations. | |||
| 2.6. Passwords | 2.6. Passwords | |||
| Each secret key presented in this draft is unprotected (it has no | Each secret key presented in this draft is unprotected (it has no | |||
| password). | password). | |||
| skipping to change at page 7, line 9 ¶ | skipping to change at page 7, line 26 ¶ | |||
| based on known seeds derived via [SHA256] from simple strings. The | based on known seeds derived via [SHA256] from simple strings. The | |||
| secret Ed25519 and X25519 keys in this document are all derived by | secret Ed25519 and X25519 keys in this document are all derived by | |||
| hashing a simple string. The seeds and their derivation are included | hashing a simple string. The seeds and their derivation are included | |||
| in the document for informational purposes, and to allow re-creation | in the document for informational purposes, and to allow re-creation | |||
| of the objects from appropriate tooling. | of the objects from appropriate tooling. | |||
| All RSA seeds used are 224 bits long (the first 224 bits of the | All RSA seeds used are 224 bits long (the first 224 bits of the | |||
| SHA-256 digest of the origin string), and are represented in | SHA-256 digest of the origin string), and are represented in | |||
| hexadecimal. | hexadecimal. | |||
| 3. Example RSA Certificate Authority | 3. Example RSA Certification Authority | |||
| The example RSA Certificate Authority has the following information: | The example RSA Certification Authority has the following | |||
| information: | ||||
| * Name: "Sample LAMPS Certificate Authority" | * Name: "Sample LAMPS RSA Certification Authority" | |||
| 3.1. RSA Certificate Authority Root Certificate | 3.1. RSA Certification Authority Root Certificate | |||
| This cerificate is used to verify certificates issued by the example | This cerificate is used to verify certificates issued by the example | |||
| RSA Certificate Authority. | RSA Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDKzCCAhOgAwIBAgITD5FARp09T2LXr/FPQiI+8ZsGAjANBgkqhkiG9w0BAQ0F | MIIDezCCAmOgAwIBAgITcBn0xb/zdaeCQlqp6yZUAGZUCDANBgkqhkiG9w0BAQ0F | |||
| ADAtMSswKQYDVQQDEyJTYW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 | |||
| MCAXDTE5MTEyMDA2NTQxOFoYDzIwNTIwOTI3MDY1NDE4WjAtMSswKQYDVQQDEyJT | aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx | |||
| YW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowVTExMC8GA1UEAxMoU2FtcGxlIExB | |||
| AQEFAAOCAQ8AMIIBCgKCAQEAnFB71AsptFyqxG4qPtbt2VLJVctHyNXtlIUWve4q | TVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UECxMITEFNUFMg | |||
| PSo/+Oi9s3sf+t7krrosxlv626L+Wm05t99ZVKWKn7y2uYyO7/IToRpTwHN1sXga | V0cxDTALBgNVBAoTBElFVEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB | |||
| Uz/u2gjPfS69R20ZNSKL9EiB78hgCr1UvY5elQoW2Y4zqQGR729pQYI5obT15V8n | AQC2GGPTEFVNdi0LsiQ79A0Mz2G+LRJlbX2vNo8STibAnyQ9VzFrGJHjUhRX/Omr | |||
| wdyHCTvecvvvMGBiaAk66VlMQCZLG+nVU8wYVCl6fE37Z1qAs12XlUJr3DGgVKGf | OP3rDCB2SYfBPVwd0CdC6z9qfJkcVxDc1hK+VS9vKncL0IPUYlkJwWuMpXa1Ielz | |||
| ZpMz55xiV8q11Aobhmx4aPPyE4GWshDDt4DbtYJMGLEeik1AmNHBsmyaQCLBxVE3 | +zCuV+gjV83Uvn6wTn39MCmymu7nFPzihcuOnbMYOCdMmUbi1Dm8TX9P6itFR3hi | |||
| 3ZW1UrhK5Pb9qSL4gizDZ7ZaGZNudwjJu20HHVIGQT7nDwIDAQABo0IwQDAPBgNV | IHpSKMbkoXlM1837WaFfx57kBIoIuNjKEyPIuK9wGUAeppc5QAHJg95PPEHNHlmM | |||
| HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUeF8OWnjYa+RU | yhBzClmgkyozRSeSrkxq9XeJKU94lWGaZ0zb4karCur/eiMoCk3YNV8L3styvcMG | |||
| cD2z3ez38fL6wEcwDQYJKoZIhvcNAQENBQADggEBAC6D3qI26uy9yKEqxoBLkNLQ | 1qUDCAaKx6FZEf7hE9RN6L3bAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD | |||
| lpRTKzBn/78v4ejj5HyyNwxkMe2nSRUuLEo65537NwAa9XuOaSRDKRl+SH8ArvGd | VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSRMI58BxcMp/EJKGU2GmccaHb0WTANBgkq | |||
| C2XhEfKm2GwW1eyV2ZLFzwWinZMKce3NgraQWYxFndI12ewbUUQr5R4b4AO69lSE | hkiG9w0BAQ0FAAOCAQEAY02+M6kP215ji21w/fGQ6qZ0FlbgL3VS/zmoHZ4Jd82Y | |||
| iOJ2bTWJGHpuCrLKfx98pnarJxFp6hOS6V3wxny5ksQ5NGfqNWnovZRSSvGfyu7H | 5A/Hh/bCaDHI8Cb0tMkF7tU+Ly4LX2ruH5VQLjgntCGsaD+pYAH4eGd7Nleras++ | |||
| HKLp7T1dNHmF1n4bJtnx7/6yks+Eu8jQp9vhhEXdeAq3ZAPJGahY8AIndg01ZGNG | IGnhfdfLQHAIzqAZFNjb0xQ6QjRFQrBRfCJKnvYx5NFmLeTuIjSGEqJhADF7EpVQ | |||
| vAIzxiHzjEWWcjbwtIkINZAPZHgq1u1cjhy7mDfq9GfCoE4/6q55N6Etbuesh5c= | X3kYQ52RfeY9EbcaNG0jHlrz9A3XDmpliyZ6ASh+RqVHoNht302WymkZvZMHgBpC | |||
| RptVcy0EbkILYL3CG0ollTPkuI2Lo7nCZJGplT8HZTbCab/ssCf1YFpqK2SOGchC | ||||
| BUw2pCMnWMNMFQjvFc4QwNNFrRaGOeO4allo52D6eA== | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 3.2. RSA Certificate Authority Secret Key | 3.2. RSA Certification Authority Secret Key | |||
| This secret key material is used by the example Certificate Authority | This secret key material is used by the example RSA Certification | |||
| to issue new certificates. | Authority to issue new certificates. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MIIE/AIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCcUHvUCym0XKrE | MIIE+wIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC2GGPTEFVNdi0L | |||
| bio+1u3ZUslVy0fI1e2UhRa97io9Kj/46L2zex/63uSuuizGW/rbov5abTm331lU | siQ79A0Mz2G+LRJlbX2vNo8STibAnyQ9VzFrGJHjUhRX/OmrOP3rDCB2SYfBPVwd | |||
| pYqfvLa5jI7v8hOhGlPAc3WxeBpTP+7aCM99Lr1HbRk1Iov0SIHvyGAKvVS9jl6V | 0CdC6z9qfJkcVxDc1hK+VS9vKncL0IPUYlkJwWuMpXa1Ielz+zCuV+gjV83Uvn6w | |||
| ChbZjjOpAZHvb2lBgjmhtPXlXyfB3IcJO95y++8wYGJoCTrpWUxAJksb6dVTzBhU | Tn39MCmymu7nFPzihcuOnbMYOCdMmUbi1Dm8TX9P6itFR3hiIHpSKMbkoXlM1837 | |||
| KXp8TftnWoCzXZeVQmvcMaBUoZ9mkzPnnGJXyrXUChuGbHho8/ITgZayEMO3gNu1 | WaFfx57kBIoIuNjKEyPIuK9wGUAeppc5QAHJg95PPEHNHlmMyhBzClmgkyozRSeS | |||
| gkwYsR6KTUCY0cGybJpAIsHFUTfdlbVSuErk9v2pIviCLMNntloZk253CMm7bQcd | rkxq9XeJKU94lWGaZ0zb4karCur/eiMoCk3YNV8L3styvcMG1qUDCAaKx6FZEf7h | |||
| UgZBPucPAgMBAAECggEAJ56StD0cFfYC5oTRulm5sYK1O0Sp7jKi5CkTiZJrLFOg | E9RN6L3bAgMBAAECggEAE3tFhsm7DpgDlro+1Sk1kjbHssR4sOBHb4zrPp6c18PO | |||
| IVPEeVB0255RMiRIIwK/Q5o9g+f5YCyBNN48k54+ZitFM3YVGZlVrwrUwuWhLoae | 6T8gWuBcj1DzOzykNTzaMaDxAia4vuxVJB1mberkNHzTFqyb8bx3ceSEOCT3aoyq | |||
| 4K6pAJ6vJQJ3CCu4c3NJU+Biz3YLm3wRZw9GmV/cojKeraR8djkuqFj4lmmW5yC7 | 5fiFpR0L6Ba1vgg8RTvNCAIApHNa4pVk0XD8Wq+h7mlUAOYGbie5UO8/P2qWjcOz | |||
| mj8XLnl1snOAEZEHhi/10zibru5GoCjwFrmJT8qbmYX89gbua24wcVlmqImzV48z | +zcheyYXJS/iuu0t2/F0ihEWGcXBmoc8D++n7mKst2jkAHD4wlPN2MgVqnmagpBz | |||
| lQJ0nJDJ8VPNjwvyX27DjefBw2FgUiT8J/iEmS7BZ+1laF/UyEsxqsZ4odJIVfPT | gobFNmCZyZpDS+PPTtQZ1XvdGF5Sodc+Fz+jpWun1kqxDHE4UIZzDA/HAaBgORbm | |||
| /JbGl+VkAoM1R2Qrv6ZFisDVfGZkIpWtSaBlknh+CQKBgQC82Y7gYnG3wiotvTKC | aEZaVsOs9ZExeqOtqu2fPB7zF/1JKdRk4UJOUxS0OQKBgQDJwonP5RwvO0sYoCiw | |||
| L5BWMWoknCM4LTM5AqYSZjfpnMsOEfOgzpyABUyK+3zKrzoqxokVfuvHlj2Hzw8Y | zuFcYTmN/hI3R3viKuxr19CH6+mvuIU85ooIHF6TiouZwhk+6+Vk7rcXdS554DT4 | |||
| EUQ2gqJdU5iObl3dH0C7K5J/9Kua12VEcv5NFiBs5paMXTub6SdG0CyeUUfDW133 | 2RbVrX/5i/MOzx8c8IIwoZJIasLz+vx8F4n6hyhV65bXN7AIBojMh2dt8tP2MZ/R | |||
| UfdW0rgCuPvPpya7lQa4k2T8XQKBgQDT5VHzRJMXRKTaI6nHw5RI2F88b89nvkib | VEfsk4mNmO6yKuzyAfjJziCnCQKBgQDnDH9UYUIPkq0PSvViKQFJFCB9BJPFhld2 | |||
| BRvnDm2N7bxVfLiKSf2hQUhdLppIm0J8it/ksjJ/zQ197UA6DfilAjQB+mKi/fB8 | pIgoziw/JZzM3W3IWU0KWG7UxS0T3xmn3IX6xmWW4vX1/088ybObZWYP0edb61GM | |||
| h7pmElFElhy71/93T/uv2CA1RaIGSWhTMu+7Z9+/5cb1zRsorgrB2s0tTpDkDnuX | I9DoI5igndLgDwyOL2PFuZh5pqqc09DE+cpJW4nNoudqTNmCrjhmxNCGKgGjlD8z | |||
| A1wRbBraWwKBgQCyNUsSi1NsaJmM2AEVwPSfobncGktR87Vmkw1MR5FzrjYfbOlO | /OkSccvywwKBgDd0ReajRUziEjDxjF2UbzKx8lzJsX4KIs22GIdHqSRCvlcy80Qa | |||
| Uip01ItKi89TJM/rFba+xiqRCUG/KrG/sGuCVPwKvZw0rAl/ZMKc3Z09ihF16NTz | 5WN3ULNiyB350HCP69wDFMXYym5rJoQjPvh6GIuhYKv4V8fffxkYv5kx5uWiXZVJ | |||
| JuC6taqbmW1vv3tEwVwDAudX7rOdslaV0I9rKyXhy9Y0OjPex96zxsOBMQKBgQCt | 7v2x+m8rMqlyv+pkyWLV8KKytHmdiBzD+oTWxF7r4ueLjtaxngzxn93pAoGBAKpR | |||
| Wj7hNojf0FjN3b9YnrkBn4LKfu6/gP0FVfit3y/hnU0m4xJWkJHfCvmYwjeWju6l | rR9PnroKHubSE/drUNZFLvnZwPDv6lO8T978tONL372pUT9KjR8eN31DaMpoQOpc | |||
| 1Te2cdK+m5MeIqsY07VHybWiqKVpkzbbqm7kcrfp1KVNSDjH87eE9NvkuUMEwamH | BqvpSoQjBLt1nDysV2krI0RwMIOzAWc0E9C8RMvJ6+RdU50Q1BSyjvLGaKi5AAHk | |||
| 53QZbbGv3NwY2+QMM9a5IbgaCNygtviFY0o/NqIBYQKBgQCyki2Y/sKDolNBbjwf | PTk8cGYVO1BCHGlX8p3XYfw0xQaHxtuVCV8eYgCvAoGBAIZeiVhc0YTJOjUadz+0 | |||
| nFMsdYb+nRmbJMSvLHbJSVhypB6aX3qjHhBlPrTW6WT5KIjumCtSadsDceUtr9tT | vSOzA1arg5k2YCPCGf7z+ijM5rbMk7jrYixD6WMjTOkVLHDsVxMBpbA7GhL7TKy5 | |||
| 2ofP0ZOXP9IDIF2v1X3165LPsieGZv4VzhLivJrfMYfI4p4GkiK44RSUWcxrBAmq | cepBH1PVwxEIl8dqN+UoeJeBpnHo/cjJ0iCR9/aMJzI+qiUo3OMDR+UH99NIddKN | |||
| 9SGCNQ8nx1AsXLZn57U52Oji8KA7MDkGCisGAQQBkggSCAExKzApBglghkgBZQME | i75GRVLAeW0Izgt09EMEiD9joDswOQYKKwYBBAGSCBIIATErMCkGCWCGSAFlAwQC | |||
| AgIEHPBUYbjdNRelyUPep86pkRfIdEPM9N+yPctTfB0= | AgQcpcG3hHYU7WYaawUiNRQotLfwnYzMotmTAt1i6Q== | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key was generated using provable prime generation found | This secret key was generated using provable prime generation found | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| "f05461b8dd3517a5c943dea7cea99117c87443ccf4dfb23dcb537c1d". This | "a5c1b7847614ed661a6b0522351428b4b7f09d8ccca2d99302dd62e9". This | |||
| seed is the first 224 bits of the [SHA256] digest of the string | seed is the first 224 bits of the [SHA256] digest of the string | |||
| "draft-lamps-sample-certs-keygen.ca.seed". | "draft-lamps-sample-certs-keygen.ca.rsa.seed". | |||
| 3.3. RSA Certificate Authority Cross-signed Certificate | 3.3. RSA Certification Authority Cross-signed Certificate | |||
| If an e-mail client only trusts the Ed25519 Certificate Authority | If an e-mail client only trusts the Ed25519 Certification Authority | |||
| Root Certificate found in Section 6.1, they can use this intermediate | Root Certificate found in Section 6.1, they can use this intermediate | |||
| CA certificate to verify any end entity certificate issued by the | CA certificate to verify any end entity certificate issued by the | |||
| example RSA Certificate Authority. | example RSA Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIICgjCCAjSgAwIBAgITB2Y8zXRHikdU9jKPM22+7kcZXTAFBgMrZXAwNTEzMDEG | MIIC5zCCApmgAwIBAgITcTQnnf8DUsvAdvkX7mUemYos7DAFBgMrZXAwWTE1MDMG | |||
| A1UEAxMqU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp | |||
| MCAXDTIwMTIxNTIxMzU0NFoYDzIwNTIwOTI3MDY1NDE4WjAtMSswKQYDVQQDEyJT | dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx | |||
| YW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B | MzU0NFoYDzIwNTIwOTI3MDY1NDE4WjBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMg | |||
| AQEFAAOCAQ8AMIIBCgKCAQEAnFB71AsptFyqxG4qPtbt2VLJVctHyNXtlIUWve4q | UlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzEN | |||
| PSo/+Oi9s3sf+t7krrosxlv626L+Wm05t99ZVKWKn7y2uYyO7/IToRpTwHN1sXga | MAsGA1UEChMESUVURjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALYY | |||
| Uz/u2gjPfS69R20ZNSKL9EiB78hgCr1UvY5elQoW2Y4zqQGR729pQYI5obT15V8n | Y9MQVU12LQuyJDv0DQzPYb4tEmVtfa82jxJOJsCfJD1XMWsYkeNSFFf86as4/esM | |||
| wdyHCTvecvvvMGBiaAk66VlMQCZLG+nVU8wYVCl6fE37Z1qAs12XlUJr3DGgVKGf | IHZJh8E9XB3QJ0LrP2p8mRxXENzWEr5VL28qdwvQg9RiWQnBa4yldrUh6XP7MK5X | |||
| ZpMz55xiV8q11Aobhmx4aPPyE4GWshDDt4DbtYJMGLEeik1AmNHBsmyaQCLBxVE3 | 6CNXzdS+frBOff0wKbKa7ucU/OKFy46dsxg4J0yZRuLUObxNf0/qK0VHeGIgelIo | |||
| 3ZW1UrhK5Pb9qSL4gizDZ7ZaGZNudwjJu20HHVIGQT7nDwIDAQABo2MwYTAPBgNV | xuSheUzXzftZoV/HnuQEigi42MoTI8i4r3AZQB6mlzlAAcmD3k88Qc0eWYzKEHMK | |||
| HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUeF8OWnjYa+RU | WaCTKjNFJ5KuTGr1d4kpT3iVYZpnTNviRqsK6v96IygKTdg1Xwvey3K9wwbWpQMI | |||
| cD2z3ez38fL6wEcwHwYDVR0jBBgwFoAUa6KVfboUm+QtBNEHpNGC5C5rjLUwBQYD | BorHoVkR/uET1E3ovdsCAwEAAaN8MHowDwYDVR0TAQH/BAUwAwEB/zAXBgNVHSAE | |||
| K2VwA0EA+Zb/X/6jcMIBDyy3UbV+8JMfYgSZRNyyyaW8Oz1dqQGtWsW2Rl0FZfw5 | EDAOMAwGCmCGSAFlAwIBMAIwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSRMI58 | |||
| fUMzFTd/jLQdU/g3LCtyIhuTHPSdAQ== | BxcMp/EJKGU2GmccaHb0WTAfBgNVHSMEGDAWgBRropV9uhSb5C0E0Qek0YLkLmuM | |||
| tTAFBgMrZXADQQAXVKenodj2S7ct9xaQhUZQhpbvFPX7G1fUNH+7hBthwYBQm1gy | ||||
| rSI/zpJ4I9seDTN4e2cWf2BbOhYE4WOgdoUB | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 4. Alice's Sample Certificates | 4. Alice's Sample Certificates | |||
| Alice has the following information: | Alice has the following information: | |||
| * Name: "Alice Lovelace" | * Name: "Alice Lovelace" | |||
| * E-mail Address: "alice@smime.example" | * E-mail Address: "alice@smime.example" | |||
| 4.1. Alice's Signature Verification End-Entity Certificate | 4.1. Alice's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by | This certificate is used for verification of signatures made by | |||
| Alice. | Alice. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDbDCCAlSgAwIBAgITITV4Z0iuK08vZP20oTh//hC8BDANBgkqhkiG9w0BAQ0F | MIIDzzCCAregAwIBAgITN0EFee11f0Kpolw69Phqzpqp1zANBgkqhkiG9w0BAQ0F | |||
| ADAtMSswKQYDVQQDEyJTYW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 | |||
| MCAXDTE5MTEyMDA2NTQxOFoYDzIwNTIwOTI3MDY1NDE4WjAZMRcwFQYDVQQDEw5B | aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx | |||
| bGljZSBMb3ZlbGFjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALT0 | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzEXMBUGA1UEAxMOQWxpY2UgTG92 | |||
| iehYOBY+TZp/T5K2KNI05Hwr+E3wP6XTvyi6WWyTgBK9LCOwI2juwdRrjFBSXkk7 | ZWxhY2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkq | |||
| pWpjXwsA3A5GOtz0FpfgyC7OxsVcF7q4WHWZWleYXFKlQHJD73nQwXP968+A/3rB | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPSJ6Fg4Fj5Nmn9PkrYo0jTkfCv4TfA/ | |||
| X7PhO0DBbZnfitOLPgPEwjTtdg0VQQ6Wz+CRQ/YbHPKaw7aRphZO63dKvIKp4cQV | pdO/KLpZbJOAEr0sI7AjaO7B1GuMUFJeSTulamNfCwDcDkY63PQWl+DILs7GxVwX | |||
| tkWQHi6syTjGsgkLcLNau5LZDQUdsGV+SAo3nBdWCRYV+I65x8Kf4hCxqqmjV3d/ | urhYdZlaV5hcUqVAckPvedDBc/3rz4D/esFfs+E7QMFtmd+K04s+A8TCNO12DRVB | |||
| 2NKRu0BXnDe/N+iDz3X0zEoj0fqXgq4SWcC0nsG1lyyXt1TL270I6ATKRGJWiQVC | DpbP4JFD9hsc8prDtpGmFk7rd0q8gqnhxBW2RZAeLqzJOMayCQtws1q7ktkNBR2w | |||
| CpDtc0NT6vdJ45bCSzsCAwEAAaOBljCBkzAMBgNVHRMBAf8EAjAAMB4GA1UdEQQX | ZX5ICjecF1YJFhX4jrnHwp/iELGqqaNXd3/Y0pG7QFecN7836IPPdfTMSiPR+peC | |||
| MBWBE2FsaWNlQHNtaW1lLmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQwDgYD | rhJZwLSewbWXLJe3VMvbvQjoBMpEYlaJBUIKkO1zQ1Pq90njlsJLOwIDAQABo4Gv | |||
| VR0PAQH/BAQDAgbAMB0GA1UdDgQWBBS79syyLR0GEhyXrilqkBDTIGZmczAfBgNV | MIGsMAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB4GA1Ud | |||
| HSMEGDAWgBR4Xw5aeNhr5FRwPbPd7Pfx8vrARzANBgkqhkiG9w0BAQ0FAAOCAQEA | EQQXMBWBE2FsaWNlQHNtaW1lLmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQw | |||
| ee6To0QC32Z7njIGt8b6AI/YY2PzmhKakIwc7V/9zCuXwcvYGEDWtmAGXEUKkvHL | DgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBS79syyLR0GEhyXrilqkBDTIGZmczAf | |||
| 1p0DtQqD3YQ8n1/PjwW3hsVB5Az65E3gFTvRbKXmI8Z4UAYWMJBmuxX3oUd0kZAW | BgNVHSMEGDAWgBSRMI58BxcMp/EJKGU2GmccaHb0WTANBgkqhkiG9w0BAQ0FAAOC | |||
| WRkeQBe3LBATG0/I4tHkpH6WF/lVRf5jw6xwsXFL27xjQ3T1Jqo1GV+Mekzcc7Z4 | AQEAfJC5d/T2BRJqtvOfdUe005rRzp4oY9mNdSOIGBTWBOMLEXqtzGrJyNW6QbpA | |||
| y+7/8y4+BxZ0AG8H8UcgLj9CFicysCV/fTUHpY4yh0VXBhH9WUw16XGJUfxpx6ZV | A4k2pA9wm2xj0NocJyONKKKmivMV7YUnxpRSN9uUM23g3DfeSWwoo0ZT7YKO5MWp | |||
| TszxfaNpxbfeM5GVrgF42n0ztJB9D/6nJO8flXEP62JBO1xD1oziJDnPuMDwE2pK | cv9Ifq0S70T2mympzRMhe1W3uR9AbS0saLQHPEJ5sxRSDSsla3AIQ+mFzUkxK37X | |||
| KFlEI+TjQEUy5DKiSWjd1w== | 0Y1B5kz1v7h7Oty4ADrV+Ye4HJlfKV+9h0ilG01/QPFcaOV69Ax9X5vxhK9/FsUt | |||
| TGKH6kCtvnbDI3H5oyB87x5MnvU/HENdUeIoM+FMXtRD0qDm4JNj1XxfnYR6eTyl | ||||
| XjCWOO/3PQUnQvDBPuEMITvAAw== | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 4.2. Alice's Signing Private Key Material | 4.2. Alice's Signing Private Key Material | |||
| This private key material is used by Alice to create signatures. | This private key material is used by Alice to create signatures. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MIIE+gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC09InoWDgWPk2a | MIIE+gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC09InoWDgWPk2a | |||
| f0+StijSNOR8K/hN8D+l078oullsk4ASvSwjsCNo7sHUa4xQUl5JO6VqY18LANwO | f0+StijSNOR8K/hN8D+l078oullsk4ASvSwjsCNo7sHUa4xQUl5JO6VqY18LANwO | |||
| Rjrc9BaX4MguzsbFXBe6uFh1mVpXmFxSpUByQ+950MFz/evPgP96wV+z4TtAwW2Z | Rjrc9BaX4MguzsbFXBe6uFh1mVpXmFxSpUByQ+950MFz/evPgP96wV+z4TtAwW2Z | |||
| skipping to change at page 12, line 6 ¶ | skipping to change at page 13, line 6 ¶ | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| "92c89d4330d3d8e31d4fde9b9d0fe6e9fc142141dd65a45e5b436f05". This | "92c89d4330d3d8e31d4fde9b9d0fe6e9fc142141dd65a45e5b436f05". This | |||
| seed is the first 224 bits of the [SHA256] digest of the string | seed is the first 224 bits of the [SHA256] digest of the string | |||
| "draft-lamps-sample-certs-keygen.alice.sign.seed". | "draft-lamps-sample-certs-keygen.alice.sign.seed". | |||
| 4.3. Alice's Encryption End-Entity Certificate | 4.3. Alice's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Alice. | This certificate is used to encrypt messages to Alice. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDbDCCAlSgAwIBAgITXr7MRJB7qx35ms1tFWj7th3y5jANBgkqhkiG9w0BAQ0F | MIIDzzCCAregAwIBAgITDy0lvRE5l0rOQlSHoe49NAaKtDANBgkqhkiG9w0BAQ0F | |||
| ADAtMSswKQYDVQQDEyJTYW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 | |||
| MCAXDTE5MTEyMDA2NTQxOFoYDzIwNTIwOTI3MDY1NDE4WjAZMRcwFQYDVQQDEw5B | aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx | |||
| bGljZSBMb3ZlbGFjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJqV | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzEXMBUGA1UEAxMOQWxpY2UgTG92 | |||
| KfqLwaLjj+gBUCfkacKTg8cc2OtJ9ZSed6U3jUoiZVpMLcP3MUKtLeLg9r1mAfID | ZWxhY2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkq | |||
| lB/wlbdmadXPmrszyidmbuZmOpB5voVQfiLYYy3iOx7YOqzXrl6udP07k0sV+UdS | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpUp+ovBouOP6AFQJ+RpwpODxxzY60n1 | |||
| NRFxrfKeoQEFXgOaGdmnx4OG/e3p1fIKM0dPzZLoOAJF5m5O0xzXPL74zFCWp2f1 | lJ53pTeNSiJlWkwtw/cxQq0t4uD2vWYB8gOUH/CVt2Zp1c+auzPKJ2Zu5mY6kHm+ | |||
| ZkuE4A6l41koaZXCN5XL7wWTLMLeNf9Byb5ksKqUuqEHAMd1nmoNMgjY9VfVfcrv | hVB+IthjLeI7Htg6rNeuXq50/TuTSxX5R1I1EXGt8p6hAQVeA5oZ2afHg4b97enV | |||
| 9w43GG8FtpSX+TWzB2zNS2OF+XIVnzRG5DeoULq8v88Z5bLpIJ/nx26r8A4SSwIB | 8gozR0/Nkug4AkXmbk7THNc8vvjMUJanZ/VmS4TgDqXjWShplcI3lcvvBZMswt41 | |||
| aVv4wPxAf1iPsIVKarUCAwEAAaOBljCBkzAMBgNVHRMBAf8EAjAAMB4GA1UdEQQX | /0HJvmSwqpS6oQcAx3Weag0yCNj1V9V9yu/3DjcYbwW2lJf5NbMHbM1LY4X5chWf | |||
| MBWBE2FsaWNlQHNtaW1lLmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQwDgYD | NEbkN6hQury/zxnlsukgn+fHbqvwDhJLAgFpW/jA/EB/WI+whUpqtQIDAQABo4Gv | |||
| VR0PAQH/BAQDAgUgMB0GA1UdDgQWBBSiU0HVRDyAKRV8ASPw546vzfN3DzAfBgNV | MIGsMAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB4GA1Ud | |||
| HSMEGDAWgBR4Xw5aeNhr5FRwPbPd7Pfx8vrARzANBgkqhkiG9w0BAQ0FAAOCAQEA | EQQXMBWBE2FsaWNlQHNtaW1lLmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQw | |||
| kxjgvL3tIH8ZIeI9rLd16aftGuo3uKRl2aU6Hek7vFfwJESn6oNTPrJUQYigoYVS | DgYDVR0PAQH/BAQDAgUgMB0GA1UdDgQWBBSiU0HVRDyAKRV8ASPw546vzfN3DzAf | |||
| Sm/9yvGXmNEON21j83IgbeUfZgcIpgcXkwwfVsrhxnj0bcXLnuAOzvlzZfDgz/YO | BgNVHSMEGDAWgBSRMI58BxcMp/EJKGU2GmccaHb0WTANBgkqhkiG9w0BAQ0FAAOC | |||
| uRSa2m9oaQg1um7CLDWiE/Zqe6XzLD6JKhHzYHYILajnFgoKBkL57GFVJlXFkgJc | AQEALQ1vufCQBX+6OfmdNhnVy491UaTRaVhjDteUIu6S4PYSi/ow+E8TYGNOw6R3 | |||
| bW2880QchGj6XDdXcJzYiBuQD+pGz+t2phgW6E/8vTUvATZ1s1SC4UN19AyqJyAl | Itm1XP511BF2Zfwu4FHuoQwtOodokuIdJXUVKtRRRLEemqgJUuJz9MRF4jPD0PMc | |||
| RQWGJpJdsHN8bBiRenio1NajPMbFnCjz1pf5bNoF10yWJkFcG6A+EWjAMlWgl/tu | fjhMTBNNI2ll0vuV0t9kUW5uonCdUKvddUcltCp6ojcpUVp6rvXUbkRdsR3KUJw3 | |||
| QapHLcsaIPscn6mnqbFNyA== | wxk0BgvwLhEHOg1yu6DUunCdb62QTbxhXec9i6zi6szDk87zOL23qejFtvhjGJi2 | |||
| RdFHV1NMYtzJdDsCpM7nc8C04+5zepj9PHU3TkwHuIUxBJ5FQA1ReLNrfx7uIYBX | ||||
| S3wwgDct4A/f28UPnT3+AXmUhw== | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 4.4. Alice's Decryption Private Key Material | 4.4. Alice's Decryption Private Key Material | |||
| This private key material is used by Alice to decrypt messages. | This private key material is used by Alice to decrypt messages. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MIIE+gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCalSn6i8Gi44/o | MIIE+gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCalSn6i8Gi44/o | |||
| AVAn5GnCk4PHHNjrSfWUnnelN41KImVaTC3D9zFCrS3i4Pa9ZgHyA5Qf8JW3ZmnV | AVAn5GnCk4PHHNjrSfWUnnelN41KImVaTC3D9zFCrS3i4Pa9ZgHyA5Qf8JW3ZmnV | |||
| z5q7M8onZm7mZjqQeb6FUH4i2GMt4jse2Dqs165ernT9O5NLFflHUjURca3ynqEB | z5q7M8onZm7mZjqQeb6FUH4i2GMt4jse2Dqs165ernT9O5NLFflHUjURca3ynqEB | |||
| skipping to change at page 14, line 6 ¶ | skipping to change at page 15, line 6 ¶ | |||
| 4.5. PKCS12 Object for Alice | 4.5. PKCS12 Object for Alice | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS12 ([RFC7292]) object contains the same information as | |||
| presented in Section 4.1, Section 4.2, Section 4.3, Section 4.4, and | presented in Section 4.1, Section 4.2, Section 4.3, Section 4.4, and | |||
| Section 3.1. | Section 3.1. | |||
| It is locked with the simple five-letter password "alice". | It is locked with the simple five-letter password "alice". | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIIXsAIBAzCCF0gGCSqGSIb3DQEHAaCCFzkEghc1MIIXMTCCBC8GCSqGSIb3DQEH | MIIYwAIBAzCCGFgGCSqGSIb3DQEHAaCCGEkEghhFMIIYQTCCBI8GCSqGSIb3DQEH | |||
| BqCCBCAwggQcAgEAMIIEFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIWQKs | BqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIWQKs | |||
| PyUaB9YCAhTCgIID6OG+E29xPAn+g9mtERq3M50uFGqQjP2tx5uyldS+xlSUYk8a | PyUaB9YCAhTCgIIESCsrTOUTY394FyrjkeCBSV1dw7I3o9oZN7N6Ux2KyIamsWiJ | |||
| HCsBfrLFfh2EDZHuGFxwHVwbc5dhOZlJAKyT0jRnZ0jnMEuD01Zxb8V8/LaiBGs7 | 77t7RL1/VSxSBLjVV8Sn5+/o3mFjr5NkyQbWuky33ySVy3HZUdZc2RTooyFEdRi8 | |||
| j6UGToFIsCSofsLbYWD8rN5wlSt4RzBf3JaiFQ+7CkeTkmC+RQ8eMLN7SxfoToro | x82dzEaVmab7pW4zpt9PTNtjiCMDLs8WQJbco+pKfzP5O5kztKF2TpmHPOqZea2Z | |||
| lMEzUHrvVb+0KuD9/6UldmWXzxpzuSFxgQBKPlou88gPqeqFmelBqyWdn1ATkjhB | 5sfr/RUNeMwdM7KqCCa38Uu0EXuY4YDmoc3grLAKfGx3C+GXn0kkonHNdo00CPwe | |||
| /yv1oQNm+Qd/A4fCKL/oQrO4/KvU1zZgsQ6vBWUgUM4CHZRvdfZhMQNJpIJ5lQrR | ulnTbVqDB76u1UUSPHr3OU6Q2plIbyLdRGKTQvW7hj0YcbQilGu6j0PXZA4NfQSm | |||
| Og6/6d2CJqTD6WmsZ3XD0mozIC67VRHm4BZsKjZMa5C9H5J0PgUuN4S5N7fCRE5U | KtVo7sU+udAoL3FM9GxGjpiJul4ATP+4JaqtCGjJAXyI6+xDg4HUmL8yF6IMk99R | |||
| RKzSHJwFmoAtLbe7qlUT+98iYMdmB3unWwsiUIsrODH2OOMykvjcPvyyjbc2SEGX | uHwAOq8kZuxhldLl7jSUBhrDs42OWsYaHtlQTZTiIFfAP1IQeMOkW7GjE0Hx0K2E | |||
| z8iLWdDoxJQz/3hNTDSp7S84G1pd/tOtBD4r9VlCfu1f4yy+ivX4znG0sFK/VEzK | zXm/peGG0ITKgphQB4FfXYRETjhD7FUvQwVy2DfjapqGsc0yDwg/UDYlz2XSK0hv | |||
| I6MuP37T2WCHphibX4CAXGjQD7fbIjg+qyF+G8Cyd+L6DgH2/7rbZNa2RSLjGKSh | 7EOuS/SL9Dpbth0DlUAmrVG+XifCT6Ev59XfZRhP72v5T0m1e3/BuX+ZhTdvIapQ | |||
| j7+lRyafY6E5Ge02H1dhdgL6AYtxRBjuBxsI2qymR5ioJ7zR0TKOcwisTjeTVGMf | Gdjz05KwekTsSc8RaCQ9BlTvpl1eVMsHTPeQOWDw4Bfb8vLd2C3uSUACvzbSBZR0 | |||
| 2D35OsbSbJTnE/iOMChj0oxHDWsBbVJ4JMCAVNWEZGUHRdCKQvH38V0nvCdgK/L1 | QzGs7XvSO02EsmvP/J3V4M0b/jvhczSQQUsA2SBuefIHKNwPxGa2Wdn8XW8mJgJH | |||
| B/qigxG+Xs4tS7SzO5ayeKQoARPvMif+KKUVsFNVhkZAso+0hEjudwZb52eE8DMq | uQda6RpL6jBi5nusGGqEeD6OLhKIwx97QGRi5ZW3q7z9aTAWUp4/DPQk0QVdIA6u | |||
| goTF1VkTLNA+YhjrIqUyW0726o84yuAi2z2JWO+g4oYQqTmdaWbDhFGNIVmopxIe | PUyKtrZhQTkzp2kkgHJdHxUz1SzdCe6PYRqZMn+eAFuFDHKu3fKWNTNlBxE+hbU1 | |||
| SMLUh9yH+JjjUVImL0pdjSY9Dyhx9hjbITktinfl+QADjd/GmtxCbBTXa6vChDJN | F6NKmIJ4QtjBr2NkkFdxa66vZzA62ZR1uTVYRFs2P+STUS3RgTsk/dNIehJQRRfX | |||
| uv4BiNqL5FL7BAu899dD37ZL2dLpyI5VnC/4t2MjowTlr7DVhJKDicW+4Ax4iyKa | XaFE4lmtFrmQZBAExWTPTFgKeJkqymCeRuOceJX5ej4nEC0ouaxNAkb07FlUrajm | |||
| KS6VICYTlPbJcKn9/q7SBKKYXkNBfCDm/VwYHzJxGashBCAwAg8vXNLx4BBitzr0 | WA7y9k5/8J3T1w2uYVcdyVlv129HNvdlqKJzUasLdsyg5+yOWZGJZzRX5tPp/jID | |||
| 0ySaT7fXb7GwP9NCAfSN1F04BCLfOcs5ZYbRWvjVJP6v9dOdEp3XYRN1Jjnr3ssk | vAWD8/8Eo2rGElb8BxJIZEX46To7nkuODbDUcRDjswQ7UB+S+cCcI/qEjnEgyFKP | |||
| 3viGWyfOGsSNj/w/2dbTqXirOsWu6dn/zXZHNFANjVdfHunySvwMuORnwxipX0Q5 | ehxGaTJgxiFof2aKHuRZM207IIvoUAfincgdNBKK/KiTxg63Fb2gHspTqH0w2n7q | |||
| 6XIBGLUeJkPhbgiwgtRwdHzcQ1YhZUTdoiGjfLPWZif2ROqNNsqXH8CHzcxX6nas | so4D3rrH8yla1wfMxOnx47EAOwYPSiVDyEBiQmqBm8gbhwMoBueMXu7wKzctC+xG | |||
| oEpDcCpW4qZ6rH5OAXrZoPxuOdGcRObqvWXq7fN9VKYsKSjgDZGS+Jw9FN2U9FFW | IaaQ4VLzxQfFn5Thxb3Y0yBMLDXVP5ZCye3TCX3JlgjzzkailiTDhvE8sbeKdEJk | |||
| B1mrABED/pVD1GT6IMRqFTMbnrLgbnwNmHBo231yA/+tu6hwLnTtFk2YZkeinOrt | 0Ui8pGEO+zQR7npzFFK/axe0Al/4lwnyrWX9R9rxDSDr2kLDxPtfbNQLpgPXfEpO | |||
| 6JUS2GQwggQXBgkqhkiG9w0BBwagggQIMIIEBAIBADCCA/0GCSqGSIb3DQEHATAc | SN3kLkEWqC6jSko55f5+wP1i3b8NT5gfGjW5Kp42a0zoq/5huFdVqhrmw5lVlrc2 | |||
| BgoqhkiG9w0BDAEDMA4ECPoEFEHQGB9dAgIU5oCCA9ACIR/7QLUcUI1XjLtVNP9P | oSipVTtaeWXeEQJeq6uA6xiqnH0uhBJQh4IQEBmpStIpxbKD8i1F1kqIFHv7WpEh | |||
| JzjfAjV9GSb/Liw/FRPIZ3b8QujOCQwNqJG9QWf049+am6ZWFH6tzyk4go66d6Lq | MKE8qq4wggR3BgkqhkiG9w0BBwagggRoMIIEZAIBADCCBF0GCSqGSIb3DQEHATAc | |||
| AbsVcRWHAgz8UcxOdLTXOmF2ZJJIstNHsIFDiHlwKWQ4XA+uZQ0gk7Lzvj6sp0nU | BgoqhkiG9w0BDAEDMA4ECPoEFEHQGB9dAgIU5oCCBDAOrGHyN47xktt1J1VvWQZN | |||
| nPaeYXS3nKQUiHSFnKlKdmsn5Iti1k29TEbWfVdOi2xLRecC5tIF5aErds4wREah | BYIMFzLN6p2/zKotGf7EMdgSdwlxkhKTWxunfoP/gfRD6boXTAA7ukJDsHXZrfXF | |||
| rkBVtWJ72uhcQjFAX0s505h3QSqk04lVl8Z4ktbo7p+YWZZc4t9z7says0XpF5wS | KjI4HI2oa/NihwqctphcLonBJXcofuHv+loP9MPLtwtzPrLxQIC2neas5QW6ygLM | |||
| i7Z/k6OtbZ7pGItUH9PcbNfuIep+uvl+Sxitfmc85BZgj3G+Z3pqDm3YSgosHQBO | h4gyvWSQXU7f8ZscbiVH3g8R5dcHOzFuEdjnlkDEfvhrchYsP2o4gVoj43VVk6tk | |||
| hzllK294R/BLSI4qP2l3dhqxfaJfhdmF17APUCxwirT9yduEwpQnC+ieMVAPJx8a | UV+6mIeDGqMB8T+CDWjzcWHabN/2ZDXSuh65fPOSfmIbxsvRtuJMU+ODsziUAK7L | |||
| 2j/Bb/oohiNWwNHVeGmp7+SrGfJBiLpHIFSsGhUacSNSUIMBUPczGboGlIS8+YEw | nnLPmnk1M5mEwJNL3W93CHZTqf6fXxyEjlyE9OIPEBvHyYHg7yQ77+D08KJJ1dVG | |||
| BbLau1yRPti0V4aU2Aa41IgLeiogqQ6cF0pQVzVyO8i8ZLRRTLVkuuFxWUTKVMcx | kPC1yjwoIci2uXJpTMvu8F6Nw/MLKKUpkEqKKwj9k3u86x7wHsP+aqtCZRQxZfgw | |||
| LLZ0EJx2WSX8cNCExhx/0A6VjbxIQuWZ0eDAwljC2uTiYvYqjVfiUEV8JHpCUQTZ | RlroNuvBl3RZnPRYsv0gYXhIJLf+TPqTxEqZvcz0GcbFdaIonPs7BmI3yQDXo53f | |||
| NcMvOecNgqRMth7IVAwjm6+iGTz6dTv71Jtm0zE2XbKBQriwjPXXZiLwmtTJjkVn | rKkf4Fx6xcrLC7Lk4GRFkaB9oYSz30Mxvvj5KMUt4uvdKgynT0aw2uKTF9ocQMqN | |||
| tNH6TC05CfZS8m7w16C2d58WYruiR9+QPhXNgnV4ealwk8l1Va9QeM5KUzQVchkW | O1s+tMeXlFEVkPqKZey9aJLewdwGvBDMZx3Qp9CDMmPvBMIYBmEHXE1Hi8VCPiE7 | |||
| 5qFLyvDPZG49UbxMMPWfUXdsb+ENU7JIM3739SUz+ubOzOyQCykmjtIyg1Tt4wfZ | sjrx0s3zI9LmJfswVcOOV/xmOyF7XM0Hn3+m8/pP1v7bIPl8od4BYN9RE67fKanv | |||
| 1rWPsgQo7d0zQW+26g8B8aNU25UNYbXikmYi8rmQwqMYng1yTPjGHKrNOurjMwwz | /3H18VUvaFXXwRSfIN3a5p0083XwkkgzJqFGxHppppWwZNAfXqP2n0JhfWqur6+f | |||
| VQOJIduThstQcjBMorHprA6O+IIOPvCJCIOAiHbktGEbrOaZutYLMZcfMUgZT26e | N/tXF3MV7r//8nkKWGfDyOJo3hn601BMZlsLBqCbYchtY3iGbnLmTcgzGNdLSnSE | |||
| 1t3BFPVS4OQnEvM8yIrryvCXQu2g1ef4RPsKDQLblXyeCo1bSrXA8fwB0Td3+xYL | GWPIyWh512QA69wxguGLCQzd8Jqf+0+Bc4ZPVPZ/jfbSbR6dsYHoi6Yr7ngW720N | |||
| V3O8h1wJUp2ZllpZQU980ACbn7tmQLrP16XpLSpi/7S6rTYWUfNV84iItJJ9bCab | PxXn3I1k0h3w94DIa3dp7jz5NUpmb1qeBt06ueYiZoAxgKs8hpo4KiuCYYPAikD5 | |||
| 18iUlUXqprCka2jbCLExCdjYzhE3nWeREGB6AtVj09psL8LqhlwojbfnzmJzV5wz | 3SPV4kQXBOBMWMBCVEDaf/fjAYJ0Wyl6z3gb0vIdQXuVWQTMNHyvfKJJ7bt95pKw | |||
| +KiBONT4pSjI7XwTBee8q5rKa8+sTr6rVWoIHJ/5a6uILZEJm46ERIzvRM+A1jKm | tfadAxAQk1qTZjK47GFOHynqCD0blo3rSUWYpwKkqOYEhauBT/JUW5KvsZQwMvDf | |||
| 6ZybUxEkHDGR91y8JCEex7fUHzUa75liVQygu24wk/4Ssi4DbwqXCmEA6XsBQ0St | FKFDdUR5Xhgz5DaGTY4QdHAdnjIuUG0niHqSuGGgKwUQ33uBtHifaEFLFMWitujP | |||
| FiTfMkIuRJeZ4Z50ZcmM9bwMsCw6gO6+GYqZJ0pu8woN97gBe4qxygj2CehenxNS | NPO3niZEHTt/uUup3lXeDBVXl+FKYG2Z4lBXjJ/tXrJ+fhr7aMvHSBBG57YhhlDt | |||
| MIIDrwYJKoZIhvcNAQcGoIIDoDCCA5wCAQAwggOVBgkqhkiG9w0BBwEwHAYKKoZI | oqoah138a49jiaY5I0l0tRxTZ+8dDwKOuWfQJoPDsOl0qXcIT8WAHEmnLsLo8TE+ | |||
| hvcNAQwBAzAOBAidIqBxZFwvagICFCKAggNor23OUC45pysZrDfScxyAOWuCHXIH | /yCIAYtgrYonbKhEYTliQCSeXXKVLjiPwBnw655i3jUt4PbQpQg+v9uM5sACJs3V | |||
| tDG0yFq18osxZH35us0vb72zhU1Bx9hqQaNq3s8EHnbQpQvJiqUQK0OnOyGKcmFw | A30fa9DSAx299MFicKN2c2L75CmOLhOe/9qke6END49P1898uYmPg9DQ7MwSBN6S | |||
| 9jXnAH25Qb4oJqzVp3wliuZXZ7Tp+wmQu0Zab+/i1zKK2lisE55IEzlT0U2ofIVP | P98bbF4CKzgYHQpo1nLKLkpv91brjlJPP6CS63A5YyIJ6yKHksO3LfWu73bHqXRn | |||
| DSXjCS8SqZg4pYNXpV3onsBgJUE0lPIpridcEOK6kz9G/eAidQ25/gA3tQvb+dHS | MIID/wYJKoZIhvcNAQcGoIID8DCCA+wCAQAwggPlBgkqhkiG9w0BBwEwHAYKKoZI | |||
| lrtnHMGwIbYYvwBw7sVHPorbjWN2RR44urD26bdqiA/5CmkT/S1qkwqIoJ44yz4N | hvcNAQwBAzAOBAidIqBxZFwvagICFCKAggO4foBE9nhZu0eKb/b/1iebuyBbEh0W | |||
| fsrPGK0TQSqgDw0HaN6USBck5f86LapWY/tHCPYrTGb525L7BDGotjzzdVU67a5K | QD8kz4dK8r9UmWzGuv6HEldGqyv2dmdMtKonDaF/+70EcPiH38BzFsu/CastRnR8 | |||
| AgBFYvyr617md+6kQkhRC25xXkI1SQtLkgfZ7NgSDrctil00740bxqV3En4zUQJR | 4Cinf+ttgOnE07OjIsszsPMA7967LOw00DABH9DkGs0v4Jo86T9NdT2OOzyytji7 | |||
| h2WGLuKmknmdeVCDDVlHR1DWXZBpn3pNOMGTh7hFJiw/vpgyYLfWlFakk0iN6U+7 | Ibe716O7weJIVOdi623dV6Wx3Zy8gQn+WvIU03QcLErGGvkt3RHl3IztWRFNbZte | |||
| UIT7WCTMQcMuSPyz1X3ADv0OQrRYBUoOuA2j/Q0F+QGezzo5+nNn6dt0pZKpVyh+ | 5iGI+eARoS2z+Dg/HtzUhSbnDUZI2TL8L5OnXZnfCq4vLDaM3s5vCWHNKTZscxZu | |||
| Fx+UYzMyPJaxtYQkHH0EXQFXeZ39JBPxukhol2v8mJ+I1KYm2toIxIoyArZ4IEZp | fQ8StiE6lXX+5idtV975r7ZR5HGiafbUb9t0mYjksV4W+l0IjIubZIcK1fqK/gZD | |||
| M1c7ZH0RHJ4G/cGOA29+VDglZQ0RsPKfuLIZvuLjO9p8ns4Bahzz26Dt4HIwKpZG | HQRNmsulxluli9Lkx5XB2fg+T/IJd5ookeuof/OU23N7F5qXgg8xVXs/eJtAmn8B | |||
| XlzKGWgGV/XhCZM8+fV9mij6TUC74IMAT7C05rE+KqvNDMl/ZIHCrb94lvHPVyCQ | b5uGD27TkA6/q7+2I9GVnpT8IAKSLss4nKMfu3IMgDvouvtEvSmzmOAXGW9NqP4x | |||
| zClY7MuWNILO2ZJNgCTPM3HFLnpYPjWkIm2wm2vnwbWyfec2+iqWJUzRfQ3Dn65X | cGkruV+vm9pK7Tf0RMf3nqOdArF+Rzh+IFBhvbUBQe59xrsQesvQ0nFQCK70WYzU | |||
| dhgGqBRe3R/WP6AKOw6x4jNY09RUJ2uX4ksybr7lAGaV5ufyO35zCMTVyrR1o5F4 | LILeucMGapqu1tmpUyqUTYKaKLabEX0PZFe5a46fOV9UFBRlTeOQykzV7Y3QQStm | |||
| iinE1f1NSfEozUqedh2P/RCZ7tPXv9sMu/8gvYCJkZkz9qJxEA72cH7xKtPhYj61 | 0hi6uI3oqkho+6TZwZMuoqEEcF7+yBgU1OLYEGdxRXOPAOPTl/A3UK9Kn/MPmW5d | |||
| oj7O8B4XA1fq/3KFOhZyuSLR9A1vJtaLA5EGuCFWrS+x61G4y82yNUJ4chci2vY1 | mhCHX20UgXIOJMlqHBS0cGT0qAx60Oqr8EHar0kEHb5ASoMNUY7mLK8MvjY5IX+4 | |||
| ESkbNeiaWswj2UbPSvoPIiW7X/cal0I7nOWrlvx9n1rICWO1SPa0Psx+1bX9LwMC | 7s2GdmruNaFMf653OTgvuzlfdzTmJX79VFuh/6eoklRb5MtxngPtn33Oi2i7rDG3 | |||
| jMK7ed0U3Z+OBSfQnHYUHQRYx42lXbgum4kI41fxDNLLXXRLUxUwj4FSmGaDoTAB | JrcjFAQPavK4YuYef9J1jUEGpKFNQIARf30WM0w8KqWx2Ye1K4QlUvsb2niARTPC | |||
| pCEqs41XvECWdCgTTBU1zC0C/9uSRH7pXtbQK7t86VxG4jYwggWUBgkqhkiG9w0B | uLITkxqlC5VN8C385kmzS7Je9ScGbXtPF48Z5UpdWEFIl9MYHdzgkYVE4i3cg/Zl | |||
| BwGgggWFBIIFgTCCBX0wggV5BgsqhkiG9w0BDAoBAqCCBSYwggUiMBwGCiqGSIb3 | Ocggjyhu/+NmJ4AhZ6kQ/PhR1SrDHb1kaYZ39n+TKS8gRGDXFCsPPQiUub7KRou1 | |||
| DQEMAQMwDgQIehcRLmVUApMCAhQOBIIFAHb5dXZKzCeRUo2ZSj0oyuFS3zQ5HhKy | ptga7v5BK5bZcZpUA9DFoZDN37QBJD4k/wPfykenHgNQDzPDzBc0Ae0QmBAn1Z6O | |||
| fapsyCqbYCKv/lSzNYWvuda7xfa+uOM7/wCB9sWdz0MTpaBMHWx9hvibZIY65oM+ | xqEz3V5n7YdP07yLlPV767MuKa6X7iwquZ9JCx5oto2TQZ4bpGZ8zakPpMr0ifCh | |||
| ry4tTuKKqOJl37OsnjB0dSNTKszsI3faPUjslxqIH3aC1shD7OqhIRGZzRjK44PJ | fiUn4A6d6S5Kvab5WrcTVFThq2wYiXgJCI8ZBItrLR48b7hd8wP3pLxz+dCDeGq7 | |||
| yWv626oQrgVtTYR9NYTdee+SbBZbkEt/EpWipwftWXGR6tSYJQn99eO9Vih8HyQv | l21HgQ/9xXvRKm16XBp/AIMH6zXhzneyhlYfwbiyXPRwgYJLzvvA5Wus1GPK+Idh | |||
| wIpidUh3pCFOlow4VZyAqIWOHcw9TAjBXNv+qfdH7fiX9wM5/GvnQReIsqjXCUoc | a77RkO7XOKsiDUWaFbVpiI0cFTCCBZQGCSqGSIb3DQEHAaCCBYUEggWBMIIFfTCC | |||
| 6pSQIAqD/f+I/d1F2ZmqM7KwX0LGRER9OWZGyF734pN9GLbNetWm6rKxmlSI/5m6 | BXkGCyqGSIb3DQEMCgECoIIFJjCCBSIwHAYKKoZIhvcNAQwBAzAOBAh6FxEuZVQC | |||
| +2Jxxfann16P+vBSEgWJ/I8GnJAdzIbBTyfjog4Gi2+lmrPzK7+C79ntM9nfsr4x | kwICFA4EggUAdvl1dkrMJ5FSjZlKPSjK4VLfNDkeErJ9qmzIKptgIq/+VLM1ha+5 | |||
| Vzy/BknwZIaJksd4VvOGkS9nfM6shtBJB9uR+GJfthtsvIVUHN0kz2r/lVzMSRbO | 1rvF9r644zv/AIH2xZ3PQxOloEwdbH2G+Jtkhjrmgz6vLi1O4oqo4mXfs6yeMHR1 | |||
| g9yR53hv1H/nXCmUjWz/BvobmoaVBcCmmOnnYZTHMNarIVYdLQFif5ZLH7WV/XVE | I1MqzOwjd9o9SOyXGogfdoLWyEPs6qEhEZnNGMrjg8nJa/rbqhCuBW1NhH01hN15 | |||
| VIoRntNRiKsK96VAHm5XboWQGCqL0hehIX3Nily1genGm1aFlSQNMvLDko1ILDTK | 75JsFluQS38SlaKnB+1ZcZHq1JglCf31471WKHwfJC/AimJ1SHekIU6WjDhVnICo | |||
| rINvPmjG/WFoLntpJFPtYZsooT1jjXLw3VTSodtgKQNdPYOEidSJqwIS87fzrCB2 | hY4dzD1MCMFc2/6p90ft+Jf3Azn8a+dBF4iyqNcJShzqlJAgCoP9/4j93UXZmaoz | |||
| Wmwys0iGfdsuNhSaqNqa0dMO6FiW2fkux7H+w7SX1/n9YeZUNLOcewLcC7E8IA1I | srBfQsZERH05ZkbIXvfik30Yts161abqsrGaVIj/mbr7YnHF9qefXo/68FISBYn8 | |||
| arjglZE1L6Yb2ldXxV9q3PPOwKuGnah0TKnD6mLn5BIGOGTzF1VspXRrJhFrcLe+ | jwackB3MhsFPJ+OiDgaLb6Was/Mrv4Lv2e0z2d+yvjFXPL8GSfBkhomSx3hW84aR | |||
| xsJR1r6niI3bcMWXXy7gbm1X/CRE902IynxE1oDR+xZ6rjPWDJP7kVf4GvA8trCG | L2d8zqyG0EkH25H4Yl+2G2y8hVQc3STPav+VXMxJFs6D3JHneG/Uf+dcKZSNbP8G | |||
| rot4pbJbmwlBeMIylScdQoHEnyqrenOnRMmXZaKzl3njtq7Wk78qoJq0a6Vh/sde | +huahpUFwKaY6edhlMcw1qshVh0tAWJ/lksftZX9dURUihGe01GIqwr3pUAebldu | |||
| 0KcOPFkyTZdMBlTztm0K2VJU3jUVzPlM0WY2fyGDoA89ol+/MiNsgiaEghGybXBY | hZAYKovSF6Ehfc2KXLWB6cabVoWVJA0y8sOSjUgsNMqsg28+aMb9YWgue2kkU+1h | |||
| ipOex+p7j1GIRN/CKmpWsqjZnB78kyXmZ6AE1vC6neD/7zANInDkzXiun6ic72Lo | myihPWONcvDdVNKh22ApA109g4SJ1ImrAhLzt/OsIHZabDKzSIZ92y42FJqo2prR | |||
| BX3JGiCSuM6hIPJ0AcDwlzTDu0H2rCQNw+tivJ2v4KbgeKoc6beQb5fZHs7VsWHi | 0w7oWJbZ+S7Hsf7DtJfX+f1h5lQ0s5x7AtwLsTwgDUhquOCVkTUvphvaV1fFX2rc | |||
| kIcpwqB5ngwt34wHgFG0nTS4lZmvzSJ7FMRVGmsDYkDTpZzgNOaxiUBQMcEvxNIe | 887Aq4adqHRMqcPqYufkEgY4ZPMXVWyldGsmEWtwt77GwlHWvqeIjdtwxZdfLuBu | |||
| 3nAmA+dvB7w6XRQVSUsL+vBFhHiWGZ7hk5sCeHElewXK0SyJADgfFlYq3EfEgZ13 | bVf8JET3TYjKfETWgNH7FnquM9YMk/uRV/ga8Dy2sIaui3ilslubCUF4wjKVJx1C | |||
| h4wtoSfbBVtzbbyg2LNegUCLfIJkc7fmT7X7JSxbjOgndMHEeMdVb+NFxbgsXYrY | gcSfKqt6c6dEyZdlorOXeeO2rtaTvyqgmrRrpWH+x17Qpw48WTJNl0wGVPO2bQrZ | |||
| D8rC2A8l5cQzZrsxb1bvgybEJz+NU/52UgGrPmdjJKuGBK/V2zor6qPvKyId1Gb4 | UlTeNRXM+UzRZjZ/IYOgDz2iX78yI2yCJoSCEbJtcFiKk57H6nuPUYhE38Iqalay | |||
| QQuIoyClwhZ+qk9nE4Eft84y7ISgMywH+lw87HrSHKfpqzQhCxlrLu53IYK/4PhE | qNmcHvyTJeZnoATW8Lqd4P/vMA0icOTNeK6fqJzvYugFfckaIJK4zqEg8nQBwPCX | |||
| 7BYC9Q4tvIsZXSGZ+nju4tyzERSlaNe5njUeIENr4B/+kXULwVDcvMFHqUFJMkFa | NMO7QfasJA3D62K8na/gpuB4qhzpt5Bvl9keztWxYeKQhynCoHmeDC3fjAeAUbSd | |||
| i8FUga7gyipZ+654clGgJjnNBO1va8JcdtdPRRW4gwdrVn8u8J78KBzt6ChkrpKR | NLiVma/NInsUxFUaawNiQNOlnOA05rGJQFAxwS/E0h7ecCYD528HvDpdFBVJSwv6 | |||
| V8VeWKBk9lhcT0ZNpJnNqhDrkfzHBqP0Uo133I7P7C+h9sNDI153W6IOIodyQE0A | 8EWEeJYZnuGTmwJ4cSV7BcrRLIkAOB8WVircR8SBnXeHjC2hJ9sFW3NtvKDYs16B | |||
| v1WxHo4y/1d1VeGDaB7hOSDq9ZMpm9n1En7F6/1/s4IUZHja/qRrK9hD4M0Xq0Lh | QIt8gmRzt+ZPtfslLFuM6Cd0wcR4x1Vv40XFuCxditgPysLYDyXlxDNmuzFvVu+D | |||
| FXuUzuipo49OMUAwGQYJKoZIhvcNAQkUMQweCgBhAGwAaQBjAGUwIwYJKoZIhvcN | JsQnP41T/nZSAas+Z2Mkq4YEr9XbOivqo+8rIh3UZvhBC4ijIKXCFn6qT2cTgR+3 | |||
| AQkVMRYEFKJTQdVEPIApFXwBI/Dnjq/N83cPMIIFlAYJKoZIhvcNAQcBoIIFhQSC | zjLshKAzLAf6XDzsetIcp+mrNCELGWsu7nchgr/g+ETsFgL1Di28ixldIZn6eO7i | |||
| BYEwggV9MIIFeQYLKoZIhvcNAQwKAQKgggUmMIIFIjAcBgoqhkiG9w0BDAEDMA4E | 3LMRFKVo17meNR4gQ2vgH/6RdQvBUNy8wUepQUkyQVqLwVSBruDKKln7rnhyUaAm | |||
| CKq4DtyiayOyAgIUpQSCBQAKQtkPOS4sLE6Os7nP4RaJWBuyXl27V/o6TusBRBgQ | Oc0E7W9rwlx2109FFbiDB2tWfy7wnvwoHO3oKGSukpFXxV5YoGT2WFxPRk2kmc2q | |||
| oPzP+aC+O99wgisEKedyB47bAzcO4sba4q8UkERAsYHcEhdD2hGRCL7ou9jTtrr4 | EOuR/McGo/RSjXfcjs/sL6H2w0MjXndbog4ih3JATQC/VbEejjL/V3VV4YNoHuE5 | |||
| RgZpa5V9CJcBO0t4bqy2lUefOpm6no+RX840uyM4q5Q+cfH1rTQ1a/a+gLglbpto | IOr1kymb2fUSfsXr/X+zghRkeNr+pGsr2EPgzRerQuEVe5TO6Kmjj04xQDAZBgkq | |||
| EkH/4dfR3ELYiXcM5UrBYTJOHcyME8c+TXbpf7kiplTtlsrlZyU5zrWcxngrBxwF | hkiG9w0BCRQxDB4KAGEAbABpAGMAZTAjBgkqhkiG9w0BCRUxFgQUolNB1UQ8gCkV | |||
| A+O85W/uVR3QZSW+EGx/VCYwGruZlNytBvBYjsYsnC+yKYXbqL81DgOePy+eh6VX | fAEj8OeOr83zdw8wggWUBgkqhkiG9w0BBwGgggWFBIIFgTCCBX0wggV5BgsqhkiG | |||
| 64SwBLXcWcY+NK2EZrhzrUFjl+PXFKY3IVVPJhTE9o7gJA0hzvAanOluWXozD3/W | 9w0BDAoBAqCCBSYwggUiMBwGCiqGSIb3DQEMAQMwDgQIqrgO3KJrI7ICAhSlBIIF | |||
| PQaXhyIJDwM2MjznjL2MBydpy9K8Cio7XaV6PX8DszIZkfI4DAz5f7G7WbwUq3Ij | AApC2Q85LiwsTo6zuc/hFolYG7JeXbtX+jpO6wFEGBCg/M/5oL4733CCKwQp53IH | |||
| PPPWiUv+JsR+dnqzWDJ22SXc+AdQP2sKqMvP8gOpHOsVlXXE76c5rUcZCZD+gGv1 | jtsDNw7ixtrirxSQRECxgdwSF0PaEZEIvui72NO2uvhGBmlrlX0IlwE7S3hurLaV | |||
| avO7YttWqbDqLj6oQEIJ8LX0Qvwd0YEhetE0bJ5uv2njhQDhLkH/JIbmFSgJZeM8 | R586mbqej5FfzjS7IzirlD5x8fWtNDVr9r6AuCVum2gSQf/h19HcQtiJdwzlSsFh | |||
| dtKHb8f5wZc2B+nXGB+TFboGzSuP7gaWu1vKsJNqT/J/FYEqcamI2F+td7z1sGfb | Mk4dzIwTxz5Ndul/uSKmVO2WyuVnJTnOtZzGeCsHHAUD47zlb+5VHdBlJb4QbH9U | |||
| R9ckAcxXeb2uPVbCJ1a50gRlz9qVm5Hb5f53X7aoQQp3F3LDGQmJ+GFQ/oXXwabq | JjAau5mU3K0G8FiOxiycL7IphduovzUOA54/L56HpVfrhLAEtdxZxj40rYRmuHOt | |||
| n4TvNO9KDhxpGcMMU9RnugUfNU9GBec0vfrzmVKZdmJ36HOmMnLvgRakRhCV3kGA | QWOX49cUpjchVU8mFMT2juAkDSHO8Bqc6W5ZejMPf9Y9BpeHIgkPAzYyPOeMvYwH | |||
| BXY83hwUv17E1qASLKcAWIachkCCGpBGyGtP2IOZTn7PsLJR1BzKnePa7MgFcgoC | J2nL0rwKKjtdpXo9fwOzMhmR8jgMDPl/sbtZvBSrciM889aJS/4mxH52erNYMnbZ | |||
| ToIpdQnCTtAsalmBm1s480LN3GB5ojeGbQvNf9TAviA0tg5VuT4/O48V6uYSJsIZ | Jdz4B1A/awqoy8/yA6kc6xWVdcTvpzmtRxkJkP6Aa/Vq87ti21apsOouPqhAQgnw | |||
| sawm3tGA/LjxyfV1aLddQT5Zf5ZX9BX+K/PB4oYAFxtUpMK/aL5G1MvppUJ9CjqA | tfRC/B3RgSF60TRsnm6/aeOFAOEuQf8khuYVKAll4zx20odvx/nBlzYH6dcYH5MV | |||
| tnoKE+EkdQmyZ1VoDO9ih44zuRx6XV4AEYafNB8ygjRHGsvPW0/M0Es0w16wzJHT | ugbNK4/uBpa7W8qwk2pP8n8VgSpxqYjYX613vPWwZ9tH1yQBzFd5va49VsInVrnS | |||
| uf/15fD/nH7Xh5MzhCF0CtvLn8v+S1Poi2/40O6pS2byjUFRbeCpzEpRxdv90LCb | BGXP2pWbkdvl/ndftqhBCncXcsMZCYn4YVD+hdfBpuqfhO8070oOHGkZwwxT1Ge6 | |||
| 9ALdy0yG9u41W3yInKNFnaWBulfOPFCeZT92M1BgwJA8ZcydtiiunRNAH5iWLSPl | BR81T0YF5zS9+vOZUpl2Ynfoc6Yycu+BFqRGEJXeQYAFdjzeHBS/XsTWoBIspwBY | |||
| oUpOD1v6En+rat+PoyRXIy2fLHBL25awLhABoZPgRsCiLsiNiohfyngksrQKeRgO | hpyGQIIakEbIa0/Yg5lOfs+wslHUHMqd49rsyAVyCgJOgil1CcJO0CxqWYGbWzjz | |||
| laBMT92J8r1E4sUKirQlcOdiWBE6vmBSXzyN/twvfgPNIXgR0rw6c7VhhS+hNTrs | Qs3cYHmiN4ZtC81/1MC+IDS2DlW5Pj87jxXq5hImwhmxrCbe0YD8uPHJ9XVot11B | |||
| ttg/xcfvJ/bftDbKm+RZL+yQoOkkAf9R5tizyMdMBlaMrpfrBxvNtMiykbZ88SYo | Pll/llf0Ff4r88HihgAXG1Skwr9ovkbUy+mlQn0KOoC2egoT4SR1CbJnVWgM72KH | |||
| A70Trwab2aHQluVhs8OjXGBEOqmSudcSdV1EhBpo9HBsDZZi0IwOp5/B9fCHdnTh | jjO5HHpdXgARhp80HzKCNEcay89bT8zQSzTDXrDMkdO5//Xl8P+cfteHkzOEIXQK | |||
| CTiUm80eQ6mX2/DB9LlNh7gHOyLL3azTm12D0ZpZNaXyxLzdiRiAdwpWZmmegOOG | 28ufy/5LU+iLb/jQ7qlLZvKNQVFt4KnMSlHF2/3QsJv0At3LTIb27jVbfIico0Wd | |||
| 70yi0D5eIxh6cbnbuU6Ygdp+pFFVYHfAvc5Czpne2OPhXX2k0Okbwawr9AfrFjIf | pYG6V848UJ5lP3YzUGDAkDxlzJ22KK6dE0AfmJYtI+WhSk4PW/oSf6tq34+jJFcj | |||
| AEmBFx5GBGr/lSiUQSkbUC/s209YgaOgWTYt3KXPzrThJJGZnnXZRTGfIi6vp8Rs | LZ8scEvblrAuEAGhk+BGwKIuyI2KiF/KeCSytAp5GA6VoExP3YnyvUTixQqKtCVw | |||
| nPX35+Dxe/Lp3gXDdIJeWG6XVA8t3fspcoTqPkm/XGNMmOZ81KX/ReVdP+dC93so | 52JYETq+YFJfPI3+3C9+A80heBHSvDpztWGFL6E1Ouy22D/Fx+8n9t+0Nsqb5Fkv | |||
| v2DuDZbYGPmHlD47bOOiA68GD64DEuNtQ8MhWk8VRR1FqcuwB0T0bc+SIKEINkvY | 7JCg6SQB/1Hm2LPIx0wGVoyul+sHG820yLKRtnzxJigDvROvBpvZodCW5WGzw6Nc | |||
| mDFAMBkGCSqGSIb3DQEJFDEMHgoAYQBsAGkAYwBlMCMGCSqGSIb3DQEJFTEWBBS7 | YEQ6qZK51xJ1XUSEGmj0cGwNlmLQjA6nn8H18Id2dOEJOJSbzR5DqZfb8MH0uU2H | |||
| 9syyLR0GEhyXrilqkBDTIGZmczBfME8wCwYJYIZIAWUDBAIDBEB4eSY7MGIcB30C | uAc7IsvdrNObXYPRmlk1pfLEvN2JGIB3ClZmaZ6A44bvTKLQPl4jGHpxudu5TpiB | |||
| HRiJ2xJ8z8hPuqCScCdxvKtva5ASZJKf3B9NdAS8Y1ctgKu0JMdyIu41RFJYCkIa | 2n6kUVVgd8C9zkLOmd7Y4+FdfaTQ6RvBrCv0B+sWMh8ASYEXHkYEav+VKJRBKRtQ | |||
| CsL6vLfKBAj1OQCGvaJQwQICKAA= | L+zbT1iBo6BZNi3cpc/OtOEkkZmeddlFMZ8iLq+nxGyc9ffn4PF78uneBcN0gl5Y | |||
| bpdUDy3d+ylyhOo+Sb9cY0yY5nzUpf9F5V0/50L3eyi/YO4NltgY+YeUPjts46ID | ||||
| rwYPrgMS421DwyFaTxVFHUWpy7AHRPRtz5IgoQg2S9iYMUAwGQYJKoZIhvcNAQkU | ||||
| MQweCgBhAGwAaQBjAGUwIwYJKoZIhvcNAQkVMRYEFLv2zLItHQYSHJeuKWqQENMg | ||||
| ZmZzMF8wTzALBglghkgBZQMEAgMEQDlL+RWzXUXKOK3W0+XKpnhzbSgygDPAhmlC | ||||
| fzBpa2Ou3onz/fc+TPyyoXdaGpz+wocWA3g5jBWg3x8Q5ON23EMECPU5AIa9olDB | ||||
| AgIoAA== | ||||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 5. Bob's Sample | 5. Bob's Sample | |||
| Bob has the following information: | Bob has the following information: | |||
| * Name: "Bob Babbage" | * Name: "Bob Babbage" | |||
| * E-mail Address: "bob@smime.example" | * E-mail Address: "bob@smime.example" | |||
| 5.1. Bob's Signature Verification End-Entity Certificate | 5.1. Bob's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by Bob. | This certificate is used for verification of signatures made by Bob. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDZzCCAk+gAwIBAgITWeEgizhkG2crS8Kgl56AnNft6zANBgkqhkiG9w0BAQ0F | MIIDyjCCArKgAwIBAgITaqOkD33fBy/kGaVsmPv8LghbwzANBgkqhkiG9w0BAQ0F | |||
| ADAtMSswKQYDVQQDEyJTYW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 | |||
| MCAXDTE5MTEyMDA2NTQxOFoYDzIwNTIwOTI3MDY1NDE4WjAWMRQwEgYDVQQDEwtC | aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx | |||
| b2IgQmFiYmFnZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZwBdIJ | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODEUMBIGA1UEAxMLQm9iIEJhYmJh | |||
| UaH/TYwSpHuoPu0S6zoEX8EI3B/ts5tAH+uxSUTaxME7jrrZVmplAN6ffsG+16os | Z2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkqhkiG | |||
| 1RzkIVXrI8IKfDyaaPAHZvGq/OHdrbXstTlXcWgibjXu0iY368EoQejbwJu0vAgx | 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nAF0glRof9NjBKke6g+7RLrOgRfwQjcH+2z | |||
| t/hGqZDvX859qVsGkREOrcFrR4tUE+dT3bkbYkNaKrLiZPCwQ4FDGZSlLGl3xfBi | m0Af67FJRNrEwTuOutlWamUA3p9+wb7XqizVHOQhVesjwgp8PJpo8Adm8ar84d2t | |||
| syZRrmi0Zef9yn6/fm+lZAg7sU2WC2cbevmt/0JGgtyPZtsoD7m7RxSQeT+frPG6 | tey1OVdxaCJuNe7SJjfrwShB6NvAm7S8CDG3+EapkO9fzn2pWwaREQ6twWtHi1QT | |||
| ETkiptTgdYLC6MPHhfUuzrXBhnqKGSYiVEAkdeDWlOWyMnyhGVdmErV8Hc7aBCSd | 51PduRtiQ1oqsuJk8LBDgUMZlKUsaXfF8GKzJlGuaLRl5/3Kfr9+b6VkCDuxTZYL | |||
| n0VESCvvGJ8JQd0CAwEAAaOBlDCBkTAMBgNVHRMBAf8EAjAAMBwGA1UdEQQVMBOB | Zxt6+a3/QkaC3I9m2ygPubtHFJB5P5+s8boROSKm1OB1gsLow8eF9S7OtcGGeooZ | |||
| EWJvYkBzbWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1UdDwEB | JiJUQCR14NaU5bIyfKEZV2YStXwdztoEJJ2fRURIK+8YnwlB3QIDAQABo4GtMIGq | |||
| /wQEAwIGwDAdBgNVHQ4EFgQUF8WEe9Cn73aQOLizbwi8krWeK5QwHwYDVR0jBBgw | MAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMBwGA1UdEQQV | |||
| FoAUeF8OWnjYa+RUcD2z3ez38fL6wEcwDQYJKoZIhvcNAQENBQADggEBAD0SptDc | MBOBEWJvYkBzbWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1Ud | |||
| YKfCH3W3J5whIYabPA3uiIfSQs7bP1tSs4i9bPrFry7m72ArhJtyVIts5TD+AZ1x | DwEB/wQEAwIGwDAdBgNVHQ4EFgQUF8WEe9Cn73aQOLizbwi8krWeK5QwHwYDVR0j | |||
| +EZG/9/kvEddBnUmGPUTv1Btur7C9DiTTEu9ekw5ea+nRfypxTmwBFfl01Atd+BW | BBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29FkwDQYJKoZIhvcNAQENBQADggEBAAuI | |||
| +Un5xUSHlHvd7udm9TQZ2qKRR8BxkUIr/AXrfpBtcdj6K8VdJmX+ZTmOMzOynfl8 | HBlSzjFLhh85KHCq/fBLkaaR8Qbc9gnpj2WqMgwWQfIBqWAFBet3qduR6i0fV5At | |||
| TdMJqsvSFbfqXBnc/2bORn9s7f36VyRQkdM5wxVR/GGrendD+xZ3J5ELNpGR2qO/ | Ekc7GS67T7k3WOt2WxkvB+9sy5kmk7TZ+BtBfO93Bm1zrgRiiVxuU5Fc9EJp5BJh | |||
| DHa27GFSYFjU1nS+RR4fxbGc7dTmxs5adKejod2Vc/YFS3T9EvWXiWNtnNvVVT1E | Cgu3et97Zt8cbuHeUfoE1pp/0ERUlP+e1M4f2W9NpmPZG1bXSViMIIhcZ8DwM7CP | |||
| lcbF+c7MhV/OtKQ= | s47VHveVD6y6T9tA4gSnzGMZ3O0PpuBclNjqcllmUeYup5vWtCXQZDLMGI/2aTPr | |||
| 5kwic53yJvma7phSLb0tXCYLkP2PZUKGTKSOTBi2fv2S68TFtcV+/E9oqdYYFkSF | ||||
| sQuJdp+NGywuXUbKXBY= | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 5.2. Bob's Signing Private Key Material | 5.2. Bob's Signing Private Key Material | |||
| This private key material is used by Bob to create signatures. | This private key material is used by Bob to create signatures. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MIIE+wIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDmcAXSCVGh/02M | MIIE+wIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDmcAXSCVGh/02M | |||
| EqR7qD7tEus6BF/BCNwf7bObQB/rsUlE2sTBO4662VZqZQDen37BvteqLNUc5CFV | EqR7qD7tEus6BF/BCNwf7bObQB/rsUlE2sTBO4662VZqZQDen37BvteqLNUc5CFV | |||
| 6yPCCnw8mmjwB2bxqvzh3a217LU5V3FoIm417tImN+vBKEHo28CbtLwIMbf4RqmQ | 6yPCCnw8mmjwB2bxqvzh3a217LU5V3FoIm417tImN+vBKEHo28CbtLwIMbf4RqmQ | |||
| skipping to change at page 19, line 6 ¶ | skipping to change at page 20, line 6 ¶ | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| "f4afaacbb5473f360e06ac32e00188fe4173ae15c99bcf043a8b8f6e". This | "f4afaacbb5473f360e06ac32e00188fe4173ae15c99bcf043a8b8f6e". This | |||
| seed is the first 224 bits of the [SHA256] digest of the string | seed is the first 224 bits of the [SHA256] digest of the string | |||
| "draft-lamps-sample-certs-keygen.bob.sign.seed". | "draft-lamps-sample-certs-keygen.bob.sign.seed". | |||
| 5.3. Bob's Encryption End-Entity Certificate | 5.3. Bob's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Bob. | This certificate is used to encrypt messages to Bob. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDZzCCAk+gAwIBAgITO17BWkcdhfwmHN7ueuPziuUW1DANBgkqhkiG9w0BAQ0F | MIIDyjCCArKgAwIBAgITMHxHQA+GJjocYtLrgy+WwNeGlDANBgkqhkiG9w0BAQ0F | |||
| ADAtMSswKQYDVQQDEyJTYW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 | |||
| MCAXDTE5MTEyMDA2NTQxOFoYDzIwNTIwOTI3MDY1NDE4WjAWMRQwEgYDVQQDEwtC | aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx | |||
| b2IgQmFiYmFnZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrRwJQT | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODEUMBIGA1UEAxMLQm9iIEJhYmJh | |||
| TIgSJPIiasB5P8g6BVsI/D/WdbmHatWqiLqH746AMo3QPE27AURnZr2iDkkDnqbD | Z2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkqhkiG | |||
| Y1tZKO5RPB5Q7PSR59RPrcx95in5/htnq2PmpZDCU1z7zAFHQgPPntTie5PdYGFw | 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtHAlBNMiBIk8iJqwHk/yDoFWwj8P9Z1uYdq | |||
| 6cyFqz9ynNMU5bCfLRiepocnSV98D9Px7sh6XykEHw7rDx/EuconT3Ilrge1o9F+ | 1aqIuofvjoAyjdA8TbsBRGdmvaIOSQOepsNjW1ko7lE8HlDs9JHn1E+tzH3mKfn+ | |||
| MWNaVAM9q0kgJZxr4RMyhW1uNwT42Fz1J0VjLVxcmtXY6uhG/TP5JW4XWYXgyy7I | G2erY+alkMJTXPvMAUdCA8+e1OJ7k91gYXDpzIWrP3Kc0xTlsJ8tGJ6mhydJX3wP | |||
| y1El2FO9K/VVxjP6nI3fzYVmKYQngXKrMGjOZly2HZtJhZqqHnBetplBNA4jXYcC | 0/HuyHpfKQQfDusPH8S5yidPciWuB7Wj0X4xY1pUAz2rSSAlnGvhEzKFbW43BPjY | |||
| k7Z3n3dHJZfg9xUCAwEAAaOBlDCBkTAMBgNVHRMBAf8EAjAAMBwGA1UdEQQVMBOB | XPUnRWMtXFya1djq6Eb9M/klbhdZheDLLsjLUSXYU70r9VXGM/qcjd/NhWYphCeB | |||
| EWJvYkBzbWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1UdDwEB | cqswaM5mXLYdm0mFmqoecF62mUE0DiNdhwKTtnefd0cll+D3FQIDAQABo4GtMIGq | |||
| /wQEAwIFIDAdBgNVHQ4EFgQUSrOsMVMCSZxN42554CVhlT6IYiUwHwYDVR0jBBgw | MAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMBwGA1UdEQQV | |||
| FoAUeF8OWnjYa+RUcD2z3ez38fL6wEcwDQYJKoZIhvcNAQENBQADggEBAIeexc8w | MBOBEWJvYkBzbWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1Ud | |||
| hwtXqn/ptLV/dcKt+gsSOrMcZz36YuqxpMpuzCvoOa2tFFvi2AvTvGfvyK7Oa7ux | DwEB/wQEAwIFIDAdBgNVHQ4EFgQUSrOsMVMCSZxN42554CVhlT6IYiUwHwYDVR0j | |||
| L4sJjVc81RxtyJJLkbdkHw3Wod4BeH7Wn4Ll1LusU1g6SeiuJo4uVLnWmEH6PXQv | BBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29FkwDQYJKoZIhvcNAQENBQADggEBAGZa | |||
| +pEzsf1NTZxrga3SsEdrBq9GztHkKkY4vrTrZaq5uZIN+upV8doLMXGTt+1L0/mp | Xm87evc/aRDWHNaO0pw12MtMnLJKmlaRna4O9oVEl2vWHYBLzHq/JBmP9mg20XK6 | |||
| 2ukafqeW4W2kn3JCYi859PfJmGxayp4Cvw6xoF0ElHfgsTkKp0TxfUfVNzEYnZTc | VPdx/DXNJUXaT/ipPPZxcaK45G6SfLv3O+LicylqVEFwr974kCEUHSRimAOHf36K | |||
| ELVUVBO8bMV75SBBoZC1HpAwL752e9a613BFpdFbH/RMsRn4fs7S0I/SKLXD9ruQ | 0YY0aBMPuxqrIONVBejYvP+JrCJ5jvv8y/HFkKXJKNT3QFK/kdNiojFMgE2K7JFb | |||
| kDDPaMYBPo0ftuw= | /GATsodsBlks+ZreTXldn9kurQT5w6SvPBYyV12+/uW57wHuAIMGmaPxo7YgLTAL | |||
| kgBaLuyXlJ6t4h68syk0gBoynd7j6XWX5N7M8rvn0bcBOByLc9t83vlz4vhhM+Zs | ||||
| rC90rHyWKmwwzOYKXww= | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 5.4. Bob's Decryption Private Key Material | 5.4. Bob's Decryption Private Key Material | |||
| This private key material is used by Bob to decrypt messages. | This private key material is used by Bob to decrypt messages. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MIIE/AIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCq0cCUE0yIEiTy | MIIE/AIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCq0cCUE0yIEiTy | |||
| ImrAeT/IOgVbCPw/1nW5h2rVqoi6h++OgDKN0DxNuwFEZ2a9og5JA56mw2NbWSju | ImrAeT/IOgVbCPw/1nW5h2rVqoi6h++OgDKN0DxNuwFEZ2a9og5JA56mw2NbWSju | |||
| UTweUOz0kefUT63MfeYp+f4bZ6tj5qWQwlNc+8wBR0IDz57U4nuT3WBhcOnMhas/ | UTweUOz0kefUT63MfeYp+f4bZ6tj5qWQwlNc+8wBR0IDz57U4nuT3WBhcOnMhas/ | |||
| skipping to change at page 21, line 6 ¶ | skipping to change at page 22, line 6 ¶ | |||
| 5.5. PKCS12 Object for Bob | 5.5. PKCS12 Object for Bob | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS12 ([RFC7292]) object contains the same information as | |||
| presented in Section 5.1, Section 5.2, Section 5.3, Section 5.4, and | presented in Section 5.1, Section 5.2, Section 5.3, Section 5.4, and | |||
| Section 3.1. | Section 3.1. | |||
| It is locked with the simple three-letter password "bob". | It is locked with the simple three-letter password "bob". | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIIXoAIBAzCCFzgGCSqGSIb3DQEHAaCCFykEghclMIIXITCCBCcGCSqGSIb3DQEH | MIIYsAIBAzCCGEgGCSqGSIb3DQEHAaCCGDkEghg1MIIYMTCCBIcGCSqGSIb3DQEH | |||
| BqCCBBgwggQUAgEAMIIEDQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIe/d6 | BqCCBHgwggR0AgEAMIIEbQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIe/d6 | |||
| qDQ/28QCAhQGgIID4HU6LzRSQpvpE9vk66QO5SwtHDR5cxPrr0a8GoNDS0qB0vzZ | qDQ/28QCAhQGgIIEQJKA5kzRVm9d6rEwC/0RyBSgpPuSROUQTjspt6EhBZlgHc3u | |||
| 6qCUZsa8MBghT5JdWC5WmUK7LXSge9ZQYyutasw5aB74js4C5l+sQfHZ/Qpg98Us | FTCPaO5P/vpeWaCnBRarGFn3DmqA3JT+59bmRpGdiP3Zrlk2EbHi0yrd2P3UFDnX | |||
| n4kyQQDNUJSvA0dkEgi5G/XNeEl0OGaAY57Uus0dYFXYu3b04nvrm2UjFnayT4AW | qRkkI+7pf6eOHWJRniS1APVXnfNqNyqgdbaTq+jPJF8C2oQVWhddDKphCLtw2WFD | |||
| PNrzs9pnuELccSg8FQDHPTa3xv3kwmtlS4fVLgicL1Vsq3uqtMYb8kiy0MRmU6JB | 87Exe6LcdcON0T3jIR+GA4hESmgBJrYRqcYmUH1ycbiJLaN2mzB5XYZay7yzB7id | |||
| xculAl9ncpUH7CNWvHDR5GsZ2LLhaUewBsHZq4PV0WoSzoSyobcsx10tnsoH9pGV | sFUvVg1rsxHtadFsKVsu3socdJzkE1sq4dFbuwtOe7VwWeWN8Q0O5vJY9cnao94j | |||
| 5fYLcgSKTmVz/5mDUdTjzCfB9euvLgPAMkwWoQFRNHxb9vbL9PVc+8tc5CgSMWcY | X5ylNcl1DkrD9vuyXxDlvXciqVwLj54SO+MplCak0motOeMDv+W/h8fWRFm9HFVy | |||
| 0i5UQws6+vfhGynJuQAY4CcJIIa4N6Vtufr2KHWWBd9AbZcRlVIdU3lLTtRhYoJO | dXiIS3iIzUMjjQR238260aRZph+KM+KDIRtBtDJ6sMqYqoyulviw1uk1lMlUOEzf | |||
| uiQ6FYCt8V+ntUB1CZyH1hmvw+QAenGoFK0vEa+u0/6QhrlrdlBVx+YOZjtYz8A2 | NZosWGrOsSEd0KQnIDMIz0P3j0E4WzLDih43LVedYIQCtZ3qiDX/qzBZenHr43Pj | |||
| BlebHx4rUuJDX/ayVSXn9XxZN2uS5vRNjG0NllUBy5D9CL4LR3wEasfKRLTVISNl | f1DzUqrB9ODH+FhA7i1yfLfckMPn8i0Q/DnCJvgNDhOEqDdGeccuF+HbTHENKv/Q | |||
| TtZcBTkqvsclBWWQANyQJukavoDJMZ187RbB0Xds8HAGzXjZoXJPnFhjyEkQioWq | 5XmulWIb8IwLXFMgvLFej31M5Evtgq4tct7Kz/W4ABCMbyUs2KUhjILGwNm0eqUW | |||
| /VXDbONWz7jeqknaDZVz5RKC25y1BHH38+0atldF42/k0Xx4iii/fga3hrJEnLnF | xJXhlWVtAevnNHCMHUHeCTdPgdLWmlKCIezyvsx5u+pM4D74hZXMu6mtRT2WoijH | |||
| gMkVipU6lwGbNOC80OAfNatJMws4kxpph02FZp9A0hkEeJ+eeDmYlIE8jFm9gSD4 | enxuadehCL2McCYkLeapyhPJw8oxNQcbqZi29nBVyW6cOdokaLkg/CH/aCdLkV6L | |||
| MgqznsdOAp0ispDqO0t7Z1YCM0IssO3j4edp8C8tBCdwJ/hOQZ1qCasEM4znG/CO | zMRHuKtbgXYZiAdM9A+GYJ/bOC3NARnG8GWLeccGhUJsYdAouqNfQgXp9yd9VOsE | |||
| nESlEAdCJZHNz+2/N8LzVB8NpP1qiyqW2nJKXXaOMDQwi9qFDUG0n3yUpggF029C | muiJDcunL0qS8a+np0roTdo16aDwCFcHvy9N+bmlgOF6qtA2xAips2tzXFi+cS3W | |||
| c98g05SY3e8f/3V9cgtg2HXjtjeEHsln1SWdmfBB7mOnUdkDh+pmXZ4zB9BUuS7t | T/pKtwjcB0s/MeMtvFBXzdArN6GWGx/IPHIrOYTJH/H6qAX12s1otCsEqi0mua44 | |||
| H0UTpL0WxUlfgIoz/uk2hi/vXAX5Q66SUqVFifMQtOlf44oYOb/JYOG9wSWnj2pU | JmnlJXUzMuO7X7yS/CF15VkkUMPJbCRfor7pjXfQuOIYPSo9pMhHndBPnBLq9AzB | |||
| Fih7Y66TYWnX2dEdUyIiPut7WNrBCHuAXmHoR8qZjGIxRobphKAgXu5nWg8vhm0T | X3l2TNM4SIklZOzaSDzqj5bvDACn/O6Yhr+w2NATB0TV4p1vGI3aHHNuZPV3BPsU | |||
| woRq8pdO3uOGHIOOJGyxG4feVHRG/GstW+M6qdYO8/hLaZ4/ZShLxEojyrS9htXo | SmDHe+8fuFX2ipzo5tjoh86lNdIi0q/ouWup/k/1ySOUrcJVHP+i9nPtNOwgPIiv | |||
| oFBwQCmMooC4smAvSFqhbrY9j5ueB3jCECI0sn72bH1nXNbkwonxGWEvRBBjvmFA | z41RohJx5dnGnYIvcjEdsTfVOfe+SOS8cGZqGvO3nRWnUVwcIC9RTt3/6S5UXPbJ | |||
| ev5xoJh9Jo0JydKWuI6yXXCImWVvofxbMsnrSY9XWd1gV1JSw0DlN2a5R12zqHaD | ATLk8SR6ALFI+J/SlNBbVxiYNm+xEoRIqkGormxFjay3h3+G7KGpQ7uN1L4k/AT5 | |||
| 6E2VkcOWOP6pnH1peQAjkFtfWByU4xAx1Jr91TN4r1L2DeVTV5nz6b4spl5ZMIIE | 0J7AkYoU4rziF8Ze00UGuzMB47y0ZaIM7U/xfUNAALH8ucmLYQI9TcJUCXPOSD63 | |||
| DwYJKoZIhvcNAQcGoIIEADCCA/wCAQAwggP1BgkqhkiG9w0BBwEwHAYKKoZIhvcN | q41tXO/LyGeJgy8QC3vWOqbCBRLHscGvAJz/NDBh4+z2r9XMT+1UXmWcJ02LQg9O | |||
| AQwBAzAOBAjiGuDSkfG4UwICFLWAggPIECUZsKFZWi4pn4njlMf8F8r2T6iaGOjO | qZYBAxKOOsNpdwxSul5V2JRDRVtj0ps6Ac2SsXznnJFMRRMaXtnNH7JXqXB7MIIE | |||
| 4xVOkPFV8nC1gb/kKeZP6oSyEVahfb5/bzyrd7qzntTaSNdoVPf9aCGjIaxUAhd9 | bwYJKoZIhvcNAQcGoIIEYDCCBFwCAQAwggRVBgkqhkiG9w0BBwEwHAYKKoZIhvcN | |||
| wczQ91Efp5SJTGAzJmCiYlss3dmnKgwgc8XEnhp3VDjit3j6vzR+EEf23Qxgk0Hf | AQwBAzAOBAjiGuDSkfG4UwICFLWAggQogyL08hPtUl52dkO+BVimcGXW3FmDrT0D | |||
| jt9N+oKD8otUr4kH1HJ/6qQEOModxiRi4kDbLfuRl0O17tyMPQhQjzntmy8eRBfu | gU3Drd0P76KzYzd2lLuGb9dx84wx0XnFIXeBM4F3QSDbCK4tOuJ6JRaEeUoCAyZd | |||
| 7JQrnnRvyuv/a/qgYbf0OVa+tcIHttAd+Vko39h0K0Y3A3TnwZkb+1mmi4XvMtWX | XyHtLjVeuozt2xHBDUgQVEO1dZHtk1VUbRX0LGmGnaBj/d9AQs55CH+IveZc10hC | |||
| buOwrvQmvH3E/tMyQKlesJf0Pnk3tmKC5wCFZ4xiaf884nF+2QfqLZC7qD2yM8ui | gDVi767NiMeje4PvFQy2l4GBgkM18d3zS55SmhM7EkTpbkxWD33pZZKzM56RoRXD | |||
| 2KVsq+TMF+THJKYBqfAZZui8r30KlkXQClLkSkHwsUfJxKQsRjodS51UEPU0afgl | LB9oL44NzghfRwz4m4dqS3M2+u6gr21yC7vztnLZChU6F8+huVa1FZy7vs5BPIKV | |||
| FEqGZEfRQgInuVhqyYxZodVK0JlGZP1a0n3u8EqmJ2Z8B/f4jBb9XFH7v64P0YHz | 7jzoo8GKXicKiu0IFolgBbVJ3qDrT5HQ996EPdVFex86GTOpXo0FtK3D3I1yA3gi | |||
| 1UH8smmQhmboi30XJwB6QDZCKR8xxXb5esQmAbUY0cTJld4nPZAmRqP38n0f4bC1 | ihrW8QOzf9ASjDsnjzSJgg2WyvQcBYPXsWb8uI9ryL2xJpdwMuuYR7Fnq9e8HyHd | |||
| 5bYVpUcAVcd+UMaO2acRTtIvjgFjSSO2Hou6/Ex7LVBzoe2mtAyguhOwD59nLxrn | Gyp0CkXW52oPPjuUIOwuJH2Amucwba9Y25OgVdT3ScVMCMkVAcwNA2fA7cRR5z1O | |||
| FChSZCoUlNplU7akJCWQkrtT1tEIEdivZMHOfuluUhgzyzkWxKuppHJiFxki8vZ3 | V4fq/Kgy/dxfE/6s2XMhK4Ff2lLZv8W+3yVqczJEI2VNrLpbS/nTJzNQ0LNIuA87 | |||
| YgKyVg/K+Tt/4W87c/hEiSWjDd1TEvYK/iDBiDiIuPgFxjUp/2Wmo4u26GskeOvU | zyTRTRp3NixJVEOrMm5A1TI0MHOg8SHO061iLOMxSN3AoniUFWOCkSbujLRf82ju | |||
| v3PIvmmJoOskp2lOa0jNAd57eXcn2s92c0qqxIfWuEuOUBagfPIfyHTpyKNxi7qI | iXENwYgIHx2nz6MHiSgR0DDytDN+vhy0NZ9cJuvWnr9S6hqBEH6AsDJ/5mBs40ek | |||
| JKR20UtgiPSs9tvywg2h/Y451xXFNJuv4R1wxmSgKlv2lKf9OA6aq9kNIafHbhwz | 4lZYErGQtscjhHypRB7y9BJfKnKBHDkkpqja273rv+2lZEnXOWApTKXNJ8ixWuBT | |||
| Ilw/xl98xoncENpQzJkKAgySvtiX51Tq/A5lm9p23sUK8JdL+JtA/8yEa5g8eCj0 | 19dKx+ui5DsA5a5Dqi5uXtxpBHZhdRUsivKfvJN3/f8GxhTINgsq6fUgQXrs/aL7 | |||
| MfcmNx1TlYCfHrGx1/ZdW1DGl4GHJIpllSLkHYxXBQ6sixc7GNJ0qkpRTeDRLiDt | ZznlKBMOFA0eaY5LYlkdOdOVsHskKcn+yevBvm3XPjPXyzvwSPjBIhMM2Sf1UQOr | |||
| 35yAsv7ESpp5w3/WjLAsPbPsaMVgQjOOhBwjkV9dOwFc2k44XcBjCtVTtTEuhN/a | HnOey0IMNK4yz3faol8juOtPEEMdDCMRpgw4xqFTY+HOU5FUyOUb9hJaBUCU2O5K | |||
| LVmwgdH5LFV3Uyp5442Y8aWODlG0i4YDP7oXY3mBu4WrL6NlMlJOQNfz+e077+to | 8jcOcPm7PRWGmCKxvNFFI9O+SvTQ2P0TN4845C/pFbefambcODf2q5WG730QMXC3 | |||
| c1Bw4Fag9f8X+AiBl95HPG/sx8YKnVaID4rcxpyKOO/ONy0oShrkAmbQyM7hRe/v | ArXHk3NrBs43djkHk8A+21uTlVfoNLBbuASzxdek/m8YQU4li4+5/nsQFB2tBy/y | |||
| fRL4lNB+fyK75vPGsp/shquhF9K5wZCulixVBQwze7q1CcGro2D030YdP/EDWexC | b1q3yiaxxCQ8zPWCdcQJir56qpIj5jYzD4IZDITPlF1G9Vt/2ykmEUerRhxD/uar | |||
| 1xoidBkqssem1oDx+OpsavtdMCDrft0/lO9g4TNnnB8wggOvBgkqhkiG9w0BBwag | MHnxQRySYCK5/EBeil4MWl5T/PlZ9EWjgRGdwwk/XY0DPSuaAwgixbApuillyxHq | |||
| ggOgMIIDnAIBADCCA5UGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECEyHXPVs | dPWViQbhs4Z1dNbhhiW30brcQeJ8UJy0h16yaBXHGoLaeZW2C+6BJMu1Lwgvgfjs | |||
| ncxTAgIUQ4CCA2jGt/qN+nxrXgh0JNk53ykzmi76tkL8Rwu1OfRyalJElUvfdDTu | zjd68X4hWvxwEhtLPRw9YYVqBf90wmI2N/bOc77YWuRGmyWSYtB6kHBBEWD7jzIy | |||
| O+nEpGRq0rCvD5nUL75s9opbRwlGs4MK5oj9dgMFa8zUiA7Ef6eDjb/Ak3xDoXLN | DUyF6xTYl+LGT/Hii/wYypsYyF/weCSnYVGFipKDrEl8wwHldK5yfgsiwqrQcyAG | |||
| a91AgT/Z5x68AxPQVpU5lPOXxqm+JD7NsfVKVASB7wDx9sx8AlsxbmkRcfme1dBO | R3Gsm/fJbIBFgqCkBSz2OKZofvkT52ZJo+o2LdvA3wkwggP/BgkqhkiG9w0BBwag | |||
| p/iY9mim7y3wmd+t6D7KPjiaWxwsCALS8O1Kit3zmIGvB2GnB2ijFommyqydbBM5 | ggPwMIID7AIBADCCA+UGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECEyHXPVs | |||
| Vg7nXYqeogBN/wY/vr8u7g+rwdroEOqAvflqZXBDecDoCbNpI+uFl8VeufiAKNQ3 | ncxTAgIUQ4CCA7j7eVyD9inewNbLNe/S00qi9VdBtXZrqiNNg3yxJ7Vuitpy7G/T | |||
| TEPsO9EO7OU39aQyO/oMEqY1hDidzF0CHUaFUB/GMNONSulhFCZT7RIUsQ8L2BBw | uCBfqZ2D9A1YHVvL+8ECumxTKMnC21vxPlMVGRhHAi0O/XYIW/bzBT76Cf5AFXFx | |||
| E+Nd5N/XOwtKY/PWzRbBXqSR1QTEOmOzQ6ilPLboxn33ngy5n/6aN6HgUAyPqJ3M | sjXgd5n0QQLf3uyMbCUNYB9GLN1sqZ4os+VeG5/icL4CDEpeVdKggR2UywvpQV4q | |||
| lijNnrzyDTl8emk1KeEmny4pBRkYGj8WZfszzxnccZput4rGlhggQPjx/sjiIdPP | CcTnABwekbTvBWbwpwme7miK2o+fNKIaxmMnVimqQLw8fB66WBqIJSaTcZhnnPuQ | |||
| R0bj0CU+b3TFHMUCX9g6AzSqpkAiAFYb2ChGyRGbitdAilc71GnsIBxSULHj7EoI | 9S4BMq0dSPrk4XRHuBkgYoo5sOvImGzgPQkIkjOpxsOliKpbn/3K4TQwPGh1dSgC | |||
| s//uIPguDcDS/tdlkcE5MeUA5LJ2OtmFAEZFtYOM079MM7p5YJlmnmmq3olvf8BH | OizzfMGj9Xf5dG2GxCH3/qdmVw0hszIo+KOG/ULmHwAjI4jY6/najq26bzblYRki | |||
| 4Q3aZhQ72hZFI+Ug8ZSFMWqj8tsV8d409b+ykvYTHpZTScDXqGDmKFFlqXx/pSRn | k+cPy29AWHfYVFEuu5Q+sVwE1gwAyC4N3sK2k8ImesVldAAxu6q3RJ8m++CGlTW6 | |||
| Jxo3A3feSEEPlKGJugx83o38v1o3ZpU9NYZsueUp8+6Dkb7dwLhcfyORKd6TSfxq | Df337ADOj6u01Ox5zEKlZ5vDudajdcktuqgRkIgB2vabF4M4B++nnHfQs0bJ5T9y | |||
| ePYtMz7XjZkrQcCKBeiXtyNoWgsFw/yIAi27c5O8nAd3aUjQc9p4noOHL2qFKa+C | uZwtWabXSMdaparAutRYPrhHz9EiyKmwDAMV++OL1NqMyloDeXb+1h2Z/DqdpDTJ | |||
| DM0xgQqyLWDAVJEuWFM/gX+FZCzXpaSGcKt2DDmrsEPyhv32ay3FQpj86S7WjVw9 | 8zB2OIMoA6tEbhosiF8FKxzB0uBDWWGPbABKlilM+7ZRHGkw7fp14hKIluywaehh | |||
| MbkLe3USnRo6HaoLVh6oQNAkkE3DByvbEaAgAIIHUc7sG9G7Ma1tDF6zqHEs/hPc | hmmC7uznApUqT1ZvQuH5eGKnLZxn/BpVh+NnV5q9tGrFJ4KAgbu1AP6om2CsloDg | |||
| 9B9yzw87ysdpuCTLxANryf2rODY/kRGxbo9plwQYO2qEmEIWNZiBCrs8L6f2GEDM | pc7DJ4cyyx3AckJvVaOVx4KGl+iN7DxzgRG8MzgR+w2bRzHTd7QuopWRRn3oWqzX | |||
| fpPBc++q2cs6VKNuG8V9f6oBFrUBrCKpXItNus69+fHlsdjDcrx1cK75R4boyEcy | I/6YrPNjW+bvVchMfeddo5hLD58JvNaK//QtfHQb1DrXCXA7Fs/wG6Ta9gOrbklj | |||
| G7YhyMoHw7wrxFRPTp1ZCVqShPepiMilgxerst39aEgpflmSusZEEbMTxei/9gKY | GbB8ClspBraxYp3MiUPIDkzw3YYmTf/P9zGhw/nwucR6sguC165NWkMYcOASjcyd | |||
| euKDZiqVlw8IggZ54p4GWJGi3jCCBZgGCSqGSIb3DQEHAaCCBYkEggWFMIIFgTCC | +7A/Ni+O7DZ4T0wF1SPH9Arbls4SNCKGPKAQhBWhZDN1nldrWboJEy/sMHAg7pyM | |||
| BX0GCyqGSIb3DQEMCgECoIIFLjCCBSowHAYKKoZIhvcNAQwBAzAOBAiO/0ICbTbZ | rhI7BF2c4DicIVcYUZ+dK36vRJ7a0V0zlAnKFAAyClw9k7mRml61z5RthyK55Nkv | |||
| LQICFOwEggUIFwT/JI8UjJQPfYTFonJEo8zEbpYWXKboqw6/zZsMGmAnUPgQNQDx | uXH5UCJZMgv7SAU3+ExQ75pmV8mM9XKrkHorkrXmGcDYvt7oRry9UcWHc8h8srVM | |||
| yuLVprs5jUc437kVB2M3F0x8DjmEppebtHfIoyjoXF7jdnA4EF38tsso0K1nMPmS | CZQKoCSv8C2L/E8/7pjXl1sn6YL+kQ2ACkV8Jw7UXHWyEf0XWf/R7CV4+jeJVizQ | |||
| gl02iYZtOqsOvBpfeO5Hj4Ovhi26J9PzTwPcgl3QQPqfWv7CwgGVn4/hntBAriPS | cGLsX29O0lGeJjDyHMJA1JUFyc0Uc0F9lRsTPGgrrTTo74zMoLzstSDIGw5k2d1n | |||
| E4gAlfAcqkxtJBm01QwDoAdsOKOMsYntgWajpr1J3Hm+34NPL04Usf1OpcesPUJ4 | Mka0MWXO4B8JDDVDdAckUwz29cuzLg7m2AbU3dPqnVdO4ALEgjokzVETnTH2/odf | |||
| CBxNyLXxjjsOzD78WVvKY+N+j89xTsytz5Y0fEkFqrcl8pgBQxH72jBwSCm5YwHz | s/ymMIIFmAYJKoZIhvcNAQcBoIIFiQSCBYUwggWBMIIFfQYLKoZIhvcNAQwKAQKg | |||
| 3BhWQgr2bpWJ1f2LWcVsnrN9tx6RhQtAAkcyNgX/ksp5EW4JTo+o6oXLRhXIYauR | ggUuMIIFKjAcBgoqhkiG9w0BDAEDMA4ECI7/QgJtNtktAgIU7ASCBQgXBP8kjxSM | |||
| rUrisMY++b8ZJTp6C1t0RW2QdqgMZghSZgaW6FSC6Dy2Dd/ezdkYUCgiEtq8eSxF | lA99hMWickSjzMRulhZcpuirDr/NmwwaYCdQ+BA1APHK4tWmuzmNRzjfuRUHYzcX | |||
| /8WDw6Va2iGVSNt4/p/OJ97yN5yOJ0K1g0hATebU+I3E74PQ9RK84FfJvyHDBC6f | THwOOYSml5u0d8ijKOhcXuN2cDgQXfy2yyjQrWcw+ZKCXTaJhm06qw68Gl947keP | |||
| vYZW/ouMcgp3YmAF+dTm74Hq88X4daV+/UPYf/cVpyiwcBTg6H3jrkrs0yKoWLIf | g6+GLbon0/NPA9yCXdBA+p9a/sLCAZWfj+Ge0ECuI9ITiACV8ByqTG0kGbTVDAOg | |||
| rIvMNBeeKZ+fl2Enw1MFzkLI4VGD/UeRwrbhN0SHkh5lIGtu0yRTfq6msYQpkw+j | B2w4o4yxie2BZqOmvUnceb7fg08vThSx/U6lx6w9QngIHE3ItfGOOw7MPvxZW8pj | |||
| r7QwJIdQyrAoaaVaRotVyvgTOLlHw8r6o7v36yoNov3kDPW7DfbSVTWX5lIyQn8N | 436Pz3FOzK3PljR8SQWqtyXymAFDEfvaMHBIKbljAfPcGFZCCvZulYnV/YtZxWye | |||
| qMwa4N1clWT8ukfZXSaYykFSqF3w5zala4iIhu03GjDcfiWLMUlYVAUcvSmcIULE | s323HpGFC0ACRzI2Bf+SynkRbglOj6jqhctGFchhq5GtSuKwxj75vxklOnoLW3RF | |||
| 1oW7FKiJc8OadeIu0JBySRSEvf7B3w8leYUs+u/h1ptrZZKhe1JdAtlszvHJ0DD0 | bZB2qAxmCFJmBpboVILoPLYN397N2RhQKCIS2rx5LEX/xYPDpVraIZVI23j+n84n | |||
| kMqA6Ig4yomscGSol/sRUqpecIQwVZTCRRq9dJOFJkKhKD5Eo9E0Z2snp01fpUF5 | 3vI3nI4nQrWDSEBN5tT4jcTvg9D1ErzgV8m/IcMELp+9hlb+i4xyCndiYAX51Obv | |||
| qlMeBjpYgkX7jhyFyvq+qDqBAY8izvkcruE69WooBVyorqKHURjWtY+rhzcB4+HL | gerzxfh1pX79Q9h/9xWnKLBwFODofeOuSuzTIqhYsh+si8w0F54pn5+XYSfDUwXO | |||
| 72wZKzLnY3iUjJ1UANxM8mC9fpD1NJt/7epqzPyZ2Kd4GJVYi8sQpFKf4tRHDr0t | QsjhUYP9R5HCtuE3RIeSHmUga27TJFN+rqaxhCmTD6OvtDAkh1DKsChppVpGi1XK | |||
| I5iUB78qj1EBp1w4qvRn/jC4ii7+Bas8mz/AJ25QeviC44Vj+eT2YYXafDivrmoe | +BM4uUfDyvqju/frKg2i/eQM9bsN9tJVNZfmUjJCfw2ozBrg3VyVZPy6R9ldJpjK | |||
| BuVMIBbD066YnuBC2CeKydNWdiARzc3IfhcuhVwq7riotYfyDqd4e0Jy7Y57pbwv | QVKoXfDnNqVriIiG7TcaMNx+JYsxSVhUBRy9KZwhQsTWhbsUqIlzw5p14i7QkHJJ | |||
| 4Qwz1yCxRjSwiFQ7/fRa2Cx8xtxKcC/A4LGnXAKISy+uNbDWA7AYaP6RmGgMCaNi | FIS9/sHfDyV5hSz67+HWm2tlkqF7Ul0C2WzO8cnQMPSQyoDoiDjKiaxwZKiX+xFS | |||
| Xy3F1zvxnE3bv68tXRF9vjuEChUq56N6992qhoBuHP0J/mRItw+JoI4m/OFnEUGT | ql5whDBVlMJFGr10k4UmQqEoPkSj0TRnayenTV+lQXmqUx4GOliCRfuOHIXK+r6o | |||
| 3bNyxpEFyA7aXBE91aQdSXl4a97nC0/RSFH/fRwPFYgxr3XdCIf3Cw5PDs25YNsX | OoEBjyLO+Ryu4Tr1aigFXKiuoodRGNa1j6uHNwHj4cvvbBkrMudjeJSMnVQA3Ezy | |||
| WCsDCVejWMFrwOzmDwa8sBkY270+rGv76qXvb/uGD3M2C+DySVy55Zd42wjghSez | YL1+kPU0m3/t6mrM/JnYp3gYlViLyxCkUp/i1EcOvS0jmJQHvyqPUQGnXDiq9Gf+ | |||
| gY6taT0tqKfLOS6Vl4ELU78Q6va2o8MlcUdi343tOi60MZgCDUwPP8TjKZINh8u1 | MLiKLv4FqzybP8AnblB6+ILjhWP55PZhhdp8OK+uah4G5UwgFsPTrpie4ELYJ4rJ | |||
| KNhzgpwNLz1gE0dd200l3bbzdZ6uio3R52WQWRCk17Z9lUesCJavytcAi0mMefMx | 01Z2IBHNzch+Fy6FXCruuKi1h/IOp3h7QnLtjnulvC/hDDPXILFGNLCIVDv99FrY | |||
| BPMOdnUi6O8TPDRA0mcohbE5rybwDXAoB/VUbwgM0/qCpZ7VcSKN1lUuoe9+Kho0 | LHzG3EpwL8DgsadcAohLL641sNYDsBho/pGYaAwJo2JfLcXXO/GcTdu/ry1dEX2+ | |||
| NK/gyMEvntMxGNNI8arV8UkeFollPhrtumvdwqbVCeN8TBj5vXo6Hu+eKB7AVwjB | O4QKFSrno3r33aqGgG4c/Qn+ZEi3D4mgjib84WcRQZPds3LGkQXIDtpcET3VpB1J | |||
| k/rRHpZxnnVGXbm8HzM+kjib2cY1diusVRJ/1+Q9GXuo135tQbobgcMzAmqAqZp9 | eXhr3ucLT9FIUf99HA8ViDGvdd0Ih/cLDk8Ozblg2xdYKwMJV6NYwWvA7OYPBryw | |||
| kDE8MBUGCSqGSIb3DQEJFDEIHgYAYgBvAGIwIwYJKoZIhvcNAQkVMRYEFEqzrDFT | GRjbvT6sa/vqpe9v+4YPczYL4PJJXLnll3jbCOCFJ7OBjq1pPS2op8s5LpWXgQtT | |||
| AkmcTeNueeAlYZU+iGIlMIIFkAYJKoZIhvcNAQcBoIIFgQSCBX0wggV5MIIFdQYL | vxDq9rajwyVxR2Lfje06LrQxmAINTA8/xOMpkg2Hy7Uo2HOCnA0vPWATR13bTSXd | |||
| KoZIhvcNAQwKAQKgggUmMIIFIjAcBgoqhkiG9w0BDAEDMA4ECCNi2K1bMEiBAgIU | tvN1nq6KjdHnZZBZEKTXtn2VR6wIlq/K1wCLSYx58zEE8w52dSLo7xM8NEDSZyiF | |||
| dgSCBQDLIXo4ExcyE8+4aiZIj/Wnh/SVVVR0n7s4PGCbXt+VrOHd9YzTuUicAqIc | sTmvJvANcCgH9VRvCAzT+oKlntVxIo3WVS6h734qGjQ0r+DIwS+e0zEY00jxqtXx | |||
| HH62dv7NSy+fgqZG7SmVR1IodadFe+5usAzXoyyhhEe2c+ToeVbr5rs+vBvQUyh6 | SR4WiWU+Gu26a93CptUJ43xMGPm9ejoe754oHsBXCMGT+tEelnGedUZdubwfMz6S | |||
| X5XTV5QVOAkwSyKGjyfdy86x1Q8cL2D2BM+Rpkm1cFtjgWcB46U6S6w50sG7XOKS | OJvZxjV2K6xVEn/X5D0Ze6jXfm1BuhuBwzMCaoCpmn2QMTwwFQYJKoZIhvcNAQkU | |||
| CMI4a6rnHPVgPPdXMrj3VSPJY8bhBqEDPVTnfSHf/wKZrIi54O3F33B5jt6Cm9+9 | MQgeBgBiAG8AYjAjBgkqhkiG9w0BCRUxFgQUSrOsMVMCSZxN42554CVhlT6IYiUw | |||
| m9Fed8n+81w59rRom72CY9Xii/ULER9THwjxOZOQ+dIml23KauwexuOGjii0UR8M | ggWQBgkqhkiG9w0BBwGgggWBBIIFfTCCBXkwggV1BgsqhkiG9w0BDAoBAqCCBSYw | |||
| eM/A0n7UNys+bZTulgdpWW/mDhJ+eLATnhJw5ro/AWa6YVXG+t5k9LjdJ1ZmqS4b | ggUiMBwGCiqGSIb3DQEMAQMwDgQII2LYrVswSIECAhR2BIIFAMshejgTFzITz7hq | |||
| JxvBwilpEGoh0MM6Yp0dr1XM4mT/E0JMWD458Ngs05CuCpwAUXGdQmgrVsFrrV0H | JkiP9aeH9JVVVHSfuzg8YJte35Ws4d31jNO5SJwCohwcfrZ2/s1LL5+CpkbtKZVH | |||
| TyHeVLDhe43J3GI6HCWJVOeDQzzmaO3AM+IooRDkTHnJMaxUXphKTag5+f/smNYE | Uih1p0V77m6wDNejLKGER7Zz5Oh5Vuvmuz68G9BTKHpfldNXlBU4CTBLIoaPJ93L | |||
| hzVjZeIc8GFZ36eSI4BNGHSXFACwLu2ThkzpXMmg50JAUhBYxqE/fVevLUH4JPLg | zrHVDxwvYPYEz5GmSbVwW2OBZwHjpTpLrDnSwbtc4pIIwjhrqucc9WA891cyuPdV | |||
| z869wk8gRlUBo6ihQGrnsx7ZO5IsYahEYjz0N05PVPJYMLSyMovG9i+LpzQ49gIB | I8ljxuEGoQM9VOd9Id//ApmsiLng7cXfcHmO3oKb372b0V53yf7zXDn2tGibvYJj | |||
| zPu2fdLR41u5n5O5mG1Y4aJ7OCJxMORYhWHuctHdGdpJsgiq8+1iiUwmfyCfb0ZL | 1eKL9QsRH1MfCPE5k5D50iaXbcpq7B7G44aOKLRRHwx4z8DSftQ3Kz5tlO6WB2lZ | |||
| 3ePMU+W0zkAsyn22aK8jDBLLVZlvOZIVqR3Gx4QFPSk6qCMQ0E58VkMUMxYvClzT | b+YOEn54sBOeEnDmuj8BZrphVcb63mT0uN0nVmapLhsnG8HCKWkQaiHQwzpinR2v | |||
| wSeEMu66eND/AKTE+XXV/d9bmSmWGk7Y8XrDKLKfmRdrlIeondVJv5mk12YKxBPQ | VcziZP8TQkxYPjnw2CzTkK4KnABRcZ1CaCtWwWutXQdPId5UsOF7jcncYjocJYlU | |||
| GeUqK5XJUa2dzH9zvfEX8iYzdt4281QCiXJ3qwmbT+8RoOLBt4KyOs2e2ZSZnjrL | 54NDPOZo7cAz4iihEORMeckxrFRemEpNqDn5/+yY1gSHNWNl4hzwYVnfp5IjgE0Y | |||
| 9OO4oUsHIOyEfjwnWoLhKbkmun8GJxoB2yCzTawVQf9/qIUXaSzcp23AV6Lf1k9O | dJcUALAu7ZOGTOlcyaDnQkBSEFjGoT99V68tQfgk8uDPzr3CTyBGVQGjqKFAauez | |||
| f79HYPW3cQJAtjf6XBVE1xVZPkfTuC3yVLufljs2ed/ctpHg9nuId/xHFH7t4Hbm | Htk7kixhqERiPPQ3Tk9U8lgwtLIyi8b2L4unNDj2AgHM+7Z90tHjW7mfk7mYbVjh | |||
| U3/ZufE1GHnsRQ3kbnqA5WXerd9UzeoDaVDjFXGrITp8env08GXYvwWGXLL150l0 | ons4InEw5FiFYe5y0d0Z2kmyCKrz7WKJTCZ/IJ9vRkvd48xT5bTOQCzKfbZoryMM | |||
| DuJSv1E+1yww86SNjBYUTx0r0CJjjTk27vIUhAYUEA+J71IeifqqPDKYXnrCdUEa | EstVmW85khWpHcbHhAU9KTqoIxDQTnxWQxQzFi8KXNPBJ4Qy7rp40P8ApMT5ddX9 | |||
| jbfEdek30WiLR+ChEvEp48Mla6UVTLm/mjziwbsxm5QlGccmz13e32RiyrfseB+R | 31uZKZYaTtjxesMosp+ZF2uUh6id1Um/maTXZgrEE9AZ5SorlclRrZ3Mf3O98Rfy | |||
| yllmzeJtydP2IHkWK7pww9yOlPK0QtZs66IGZKqeXrWBk9QFYDX42gAy/xTfglco | JjN23jbzVAKJcnerCZtP7xGg4sG3grI6zZ7ZlJmeOsv047ihSwcg7IR+PCdaguEp | |||
| 4KO7akhp3UzTIQyTXnt+OsOScc+ArVm/dwClm+ZxybtOcVyadjpKWydyfAr3aTkG | uSa6fwYnGgHbILNNrBVB/3+ohRdpLNynbcBXot/WT05/v0dg9bdxAkC2N/pcFUTX | |||
| xX6RmHrEWr1R9BnMGPYesDs+yeVNs1QdDhff/bQLwCLXdGLWwLe6kitUiyi8F3bd | FVk+R9O4LfJUu5+WOzZ539y2keD2e4h3/EcUfu3gduZTf9m58TUYeexFDeRueoDl | |||
| fPjR7R61lEUvJrBm7YLmgdxRCJ02LFLGn09iSMNe5vmiNaKiuzfb4Dp9dqEMhmJf | Zd6t31TN6gNpUOMVcashOnx6e/TwZdi/BYZcsvXnSXQO4lK/UT7XLDDzpI2MFhRP | |||
| dsTURagfJIyqULoe08EIIozahivbzoWVA6oPAkk2D8DnTiMegX4IZ/Zb3LPxJKAe | HSvQImONOTbu8hSEBhQQD4nvUh6J+qo8MpheesJ1QRqNt8R16TfRaItH4KES8Snj | |||
| XO3Ys1YQrNSNZ3B2ZISBapzGzhFZfRVzPOmXhN53pDhlxkw0btkKblYA9CvP+kzg | wyVrpRVMub+aPOLBuzGblCUZxybPXd7fZGLKt+x4H5HKWWbN4m3J0/YgeRYrunDD | |||
| wekzCy/Mlq/HbO38CV1NKzay3yg4ntehJ+v9/k7gaqKmo3ZWMGk0WGBv/GFxYhme | 3I6U8rRC1mzrogZkqp5etYGT1AVgNfjaADL/FN+CVyjgo7tqSGndTNMhDJNee346 | |||
| Nd14Y65D9TlypM/zrXSyGoOqZgSA6HlAgogzwwSaGwx9n/o6czE8MBUGCSqGSIb3 | w5Jxz4CtWb93AKWb5nHJu05xXJp2OkpbJ3J8CvdpOQbFfpGYesRavVH0GcwY9h6w | |||
| DQEJFDEIHgYAYgBvAGIwIwYJKoZIhvcNAQkVMRYEFBfFhHvQp+92kDi4s28IvJK1 | Oz7J5U2zVB0OF9/9tAvAItd0YtbAt7qSK1SLKLwXdt18+NHtHrWURS8msGbtguaB | |||
| niuUMF8wTzALBglghkgBZQMEAgMEQBS7n+ELEEn4DxvxQtrFdK1yyK4ib8dvtnLQ | 3FEInTYsUsafT2JIw17m+aI1oqK7N9vgOn12oQyGYl92xNRFqB8kjKpQuh7TwQgi | |||
| leuH3hK8w9YNLhkfnVb5+oJiDceNqHIRBkrqZXzGf5yRd5TnxgsECJ1vqXe6ro0F | jNqGK9vOhZUDqg8CSTYPwOdOIx6Bfghn9lvcs/EkoB5c7dizVhCs1I1ncHZkhIFq | |||
| AgIoAA== | nMbOEVl9FXM86ZeE3nekOGXGTDRu2QpuVgD0K8/6TODB6TMLL8yWr8ds7fwJXU0r | |||
| NrLfKDie16En6/3+TuBqoqajdlYwaTRYYG/8YXFiGZ413XhjrkP1OXKkz/OtdLIa | ||||
| g6pmBIDoeUCCiDPDBJobDH2f+jpzMTwwFQYJKoZIhvcNAQkUMQgeBgBiAG8AYjAj | ||||
| BgkqhkiG9w0BCRUxFgQUF8WEe9Cn73aQOLizbwi8krWeK5QwXzBPMAsGCWCGSAFl | ||||
| AwQCAwRAfOXgg9B0m7kIxySptHcG/y4B6QwUH80E7GdroberTesDhYKYf0BCxSwN | ||||
| wr0+uHwOtaa3iuPcHpIygAtHAOvdDgQInW+pd7qujQUCAigA | ||||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 6. Example Ed25519 Certificate Authority | 6. Example Ed25519 Certification Authority | |||
| The example Ed25519 Certificate Authority has the following | The example Ed25519 Certification Authority has the following | |||
| information: | information: | |||
| * Name: "Sample LAMPS Ed25519 Certificate Authority" | * Name: "Sample LAMPS Ed25519 Certification Authority" | |||
| 6.1. Ed25519 Certificate Authority Root Certificate | 6.1. Ed25519 Certification Authority Root Certificate | |||
| This cerificate is used to verify certificates issued by the example | This certificate is used to verify certificates issued by the example | |||
| Ed25519 Certificate Authority. | Ed25519 Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIBbzCCASGgAwIBAgITGz6zL8fCL93bElmwkKaEVA49zzAFBgMrZXAwNTEzMDEG | MIIBtzCCAWmgAwIBAgITH59R65FuWGNFHoyc0N3iWesrXzAFBgMrZXAwWTE1MDMG | |||
| A1UEAxMqU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp | |||
| MCAXDTIwMTIxNTIxMzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA1MTMwMQYDVQQDEypT | dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx | |||
| YW1wbGUgTEFNUFMgRWQyNTUxOSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwKjAFBgMr | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjBZMTUwMwYDVQQDEyxTYW1wbGUgTEFNUFMg | |||
| ZXADIQCEgUZ9yI/rkX/82DihqzVIZQZ+RKE3URyp+eN2TxJDBKNCMEAwDwYDVR0T | RWQyNTUxOSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UECxMITEFNUFMg | |||
| AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFGuilX26FJvkLQTR | V0cxDTALBgNVBAoTBElFVEYwKjAFBgMrZXADIQCEgUZ9yI/rkX/82DihqzVIZQZ+ | |||
| B6TRguQua4y1MAUGAytlcANBAMI9vFSXNfqh5gHVsKHmvMOW1pK2DcDr1GVcmX07 | RKE3URyp+eN2TxJDBKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC | |||
| Hnzi32c/0QVbF3NoHdkpGmjY0P5fpT+SyWfOXwW+93fMvwA= | AQYwHQYDVR0OBBYEFGuilX26FJvkLQTRB6TRguQua4y1MAUGAytlcANBAAT3T+Jj | |||
| w5uooVELMI2DzCYtjU9rnxFE9NaMp5elOelf/Wxc3Wd89UJTvqN3JZmXrv4Fg0jB | ||||
| SHqS/mTcQIFaHgI= | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 6.2. Ed25519 Certificate Authority Secret Key | 6.2. Ed25519 Certification Authority Secret Key | |||
| This secret key material is used by the example Ed25519 Certificate | This secret key material is used by the example Ed25519 Certification | |||
| Authority to issue new certificates. | Authority to issue new certificates. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VwBCIEIAt889xRDvxNT8ak53T7tzKuSn6CQDe8fIdjrCiSFRcp | MC4CAQAwBQYDK2VwBCIEIAt889xRDvxNT8ak53T7tzKuSn6CQDe8fIdjrCiSFRcp | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key is the [SHA256] digest of the ASCII string "draft- | This secret key is the [SHA256] digest of the ASCII string "draft- | |||
| lamps-sample-certs-keygen.ca.25519.seed". | lamps-sample-certs-keygen.ca.25519.seed". | |||
| 6.3. Ed25519 Certificate Authority Cross-signed Certificate | 6.3. Ed25519 Certification Authority Cross-signed Certificate | |||
| If an e-mail client only trusts the RSA Certificate Authority Root | If an e-mail client only trusts the RSA Certification Authority Root | |||
| Certificate found in Section 3.1, they can use this intermediate CA | Certificate found in Section 3.1, they can use this intermediate CA | |||
| certificate to verify any end entity certificate issued by the | certificate to verify any end entity certificate issued by the | |||
| example Ed25519 Certificate Authority. | example Ed25519 Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIICWjCCAUKgAwIBAgITDkECFedCINX+zN0f/pVkUiFMXDANBgkqhkiG9w0BAQsF | MIICvzCCAaegAwIBAgITR49T5oAgYhF5+eBYQ3ZBZIMuujANBgkqhkiG9w0BAQsF | |||
| ADAtMSswKQYDVQQDEyJTYW1wbGUgTEFNUFMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 | |||
| MCAXDTIwMTIxNTIxMzU0NFoYDzIwNTIwOTI3MDY1NDE4WjA1MTMwMQYDVQQDEypT | aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0yMDEy | |||
| YW1wbGUgTEFNUFMgRWQyNTUxOSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwKjAFBgMr | MTUyMTM1NDRaGA8yMDUyMDkyNzA2NTQxOFowWTE1MDMGA1UEAxMsU2FtcGxlIExB | |||
| ZXADIQCEgUZ9yI/rkX/82DihqzVIZQZ+RKE3URyp+eN2TxJDBKNjMGEwDwYDVR0T | TVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxETAPBgNVBAsTCExB | |||
| AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFGuilX26FJvkLQTR | TVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCowBQYDK2VwAyEAhIFGfciP65F//Ng4oas1 | |||
| B6TRguQua4y1MB8GA1UdIwQYMBaAFHhfDlp42GvkVHA9s93s9/Hy+sBHMA0GCSqG | SGUGfkShN1Ecqfnjdk8SQwSjfDB6MA8GA1UdEwEB/wQFMAMBAf8wFwYDVR0gBBAw | |||
| SIb3DQEBCwUAA4IBAQCTvPF9jV7E18mX2ps6jgSz8QizMKiSkd4Yayyc30jx6etl | DjAMBgpghkgBZQMCATACMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa6KVfboU | |||
| BMC6VoUYbN+aLgD9SxJOFVnj8+Rk648nHc5Bgd1myng8b/oBYis7SIdveJazdsPD | m+QtBNEHpNGC5C5rjLUwHwYDVR0jBBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29Fkw | |||
| 4lG4yzsUItDxs12HYSlVlGK0ce75CTus+6DgVxZgcaCdeO0SnVL+QXBQLzvyUgtJ | DQYJKoZIhvcNAQELBQADggEBAHdUlo6cO0/YS6gMtuj7iNJjI5PaZ3F6muSjl+Ai | |||
| jFrPA6f2C1jtIfjGwqmKYK5ZaJxmloqUR45YdUiuWbLsc1dvc3n7hvpIrMk/626M | MCPHGJaeVTzhcEnSNlvjXnM77Npxk2Z20342+sveBxfd80ZbTmVTek2IzaVdhxUi | |||
| U+rfkoKOf/gSRxR3nc1rxpVcvdT2esjnF6Qn7K37wL461jWJmDbISwjVQJbZVyxI | kEX4pCh28u+b+87BLQjb5Jmhph7105zqC0vxOtJS2y8zSdK2l8SwI/U6jlgEZJGv | |||
| GDpwg8nWGPe9iagwV3MJMEPVNBzc1fIHQ1Hsz4Q7 | pcH5x9eLtrgmDGGqbHDv5BaAGGkM6pIwuw5xdukxKTMt6rXLLLqAX3xenDaY0rxo | |||
| SkbeHUYO19MQ7LZmoKYe4Y/J7v4P+62cdjJi1Ob9qpGbvbQwh43GgkYZdTFY2qlY | ||||
| Uj0cLXSzdaBIXllPGCscqC058bGO+gdYJ241EclbB5nm88Q= | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 7. Carlos's Sample Certificates | 7. Carlos's Sample Certificates | |||
| Carlos has the following information: | Carlos has the following information: | |||
| * Name: "Carlos Turing" | * Name: "Carlos Turing" | |||
| * E-mail Address: "carlos@smime.example" | * E-mail Address: "carlos@smime.example" | |||
| 7.1. Carlos's Signature Verification End-Entity Certificate | 7.1. Carlos's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by | This certificate is used for verification of signatures made by | |||
| Carlos. | Carlos. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIBqDCCAVqgAwIBAgITfTA2/ZV2DbKUTmbWgsuSzBMGCTAFBgMrZXAwNTEzMDEG | MIICBzCCAbmgAwIBAgITP14fVCTRtAFDeA9zwYoXhR52ljAFBgMrZXAwWTE1MDMG | |||
| A1UEAxMqU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp | |||
| MCAXDTIwMTIxNTIxMzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjAYMRYwFAYDVQQDEw1D | dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx | |||
| YXJsb3MgVHVyaW5nMCowBQYDK2VwAyEAws6AMizeYchNhE1g75Gc552urn8e5Add | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MRYwFAYDVQQDEw1DYXJsb3MgVHVyaW5n | |||
| I/IAppL3yK2jgZcwgZQwDAYDVR0TAQH/BAIwADAfBgNVHREEGDAWgRRjYXJsb3NA | MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAqMAUGAytlcAMhAMLO | |||
| c21pbWUuZXhhbXBsZTATBgNVHSUEDDAKBggrBgEFBQcDBDAOBgNVHQ8BAf8EBAMC | gDIs3mHITYRNYO+RnOedrq5/HuQHXSPyAKaS98ito4GwMIGtMAwGA1UdEwEB/wQC | |||
| BsAwHQYDVR0OBBYEFGSF4zucHVrN5gu6Gn8IvsSczIQ/MB8GA1UdIwQYMBaAFGui | MAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB8GA1UdEQQYMBaBFGNhcmxvc0Bz | |||
| lX26FJvkLQTRB6TRguQua4y1MAUGAytlcANBAAqOV3znya6m6uHwPVPLzcj7UHwV | bWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1UdDwEB/wQEAwIG | |||
| GuFHnMt23KCQchRicDJjRWZuTVw4oQqq5G9deVqJee8T2cspxkmFdVGWxQM= | wDAdBgNVHQ4EFgQUZIXjO5wdWs3mC7oafwi+xJzMhD8wHwYDVR0jBBgwFoAUa6KV | |||
| fboUm+QtBNEHpNGC5C5rjLUwBQYDK2VwA0EASWxvdJhtfO7zjO9wypAto3Fga8ik | ||||
| 9EsAvl8MCUCBw91Rmrj01P8jiAmCwxsb9VR4PPcq6GIjXCnjB5UrV/4XBw== | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 7.2. Carlos's Signing Private Key Material | 7.2. Carlos's Signing Private Key Material | |||
| This private key material is used by Carlos to create signatures. | This private key material is used by Carlos to create signatures. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VwBCIEILvvxL741LfX+Ep3Iyye3Cjr4JmONIVYhZPM4M9N1IHY | MC4CAQAwBQYDK2VwBCIEILvvxL741LfX+Ep3Iyye3Cjr4JmONIVYhZPM4M9N1IHY | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| skipping to change at page 26, line 6 ¶ | skipping to change at page 27, line 24 ¶ | |||
| lamps-sample-certs-keygen.carlos.sign.25519.seed". | lamps-sample-certs-keygen.carlos.sign.25519.seed". | |||
| 7.3. Carlos's Encryption End-Entity Certificate | 7.3. Carlos's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Carlos. It contains | This certificate is used to encrypt messages to Carlos. It contains | |||
| an SMIMECapabilities extension to indicate that Carlos's MUA expects | an SMIMECapabilities extension to indicate that Carlos's MUA expects | |||
| ECDH with HKDF using SHA-256; uses AES-128 key wrap, as indicated in | ECDH with HKDF using SHA-256; uses AES-128 key wrap, as indicated in | |||
| [RFC8418]. | [RFC8418]. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIB0zCCAYWgAwIBAgITazo1UrK0irBqUo9n7eep3mSynjAFBgMrZXAwNTEzMDEG | MIICNDCCAeagAwIBAgITfz0Bv+b1OMAT79aCh3arViNvhDAFBgMrZXAwWTE1MDMG | |||
| A1UEAxMqU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp | |||
| MCAXDTIwMTIxNTIxMzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjAYMRYwFAYDVQQDEw1D | dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx | |||
| YXJsb3MgVHVyaW5nMCowBQYDK2VuAyEALmgxzNMgyJ11NRhNz9bKYSpfDyFmbVBs | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MRYwFAYDVQQDEw1DYXJsb3MgVHVyaW5n | |||
| jPbFfaAUPHSjgcIwgb8wKQYJKoZIhvcNAQkPBBwwGgYLKoZIhvcNAQkQAxMwCwYJ | MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAqMAUGAytlbgMhAC5o | |||
| YIZIAWUDBAEFMAwGA1UdEwEB/wQCMAAwHwYDVR0RBBgwFoEUY2FybG9zQHNtaW1l | MczTIMiddTUYTc/WymEqXw8hZm1QbIz2xX2gFDx0o4HdMIHaMCsGCSqGSIb3DQEJ | |||
| LmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgMIMB0G | DwQeMBwwGgYLKoZIhvcNAQkQAxMwCwYJYIZIAWUDBAEFMAwGA1UdEwEB/wQCMAAw | |||
| A1UdDgQWBBSBKaD6I6BLIIwNeADe7doWyzQluTAfBgNVHSMEGDAWgBRropV9uhSb | FwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB8GA1UdEQQYMBaBFGNhcmxvc0BzbWlt | |||
| 5C0E0Qek0YLkLmuMtTAFBgMrZXADQQB2O4eB2hfCrKfP5yIwwRVXSFBUKqE97Twt | ZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1UdDwEB/wQEAwIDCDAd | |||
| xXgQ8/YSpsjVm81NC1vwOCP+X/W7ERF1NVTY4WGHYsK2r5rz62oN | BgNVHQ4EFgQUgSmg+iOgSyCMDXgA3u3aFss0JbkwHwYDVR0jBBgwFoAUa6KVfboU | |||
| m+QtBNEHpNGC5C5rjLUwBQYDK2VwA0EA3jEXyWtu/jK7ZZrnc89k3gzfai2As+ZV | ||||
| NRfRCcYIQbvSRShV3x4WXtZd07hLSOtWL7sg6oBdTMUEFgDAJRRGBg== | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 7.4. Carlos's Decryption Private Key Material | 7.4. Carlos's Decryption Private Key Material | |||
| This private key material is used by Carlos to decrypt messages. | This private key material is used by Carlos to decrypt messages. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VuBCIEIIH5782H/otrhLy9Dtvzt79ffsvpcVXgdUczTdUvSQsK | MC4CAQAwBQYDK2VuBCIEIIH5782H/otrhLy9Dtvzt79ffsvpcVXgdUczTdUvSQsK | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| skipping to change at page 26, line 38 ¶ | skipping to change at page 28, line 14 ¶ | |||
| 7.5. PKCS12 Object for Carlos | 7.5. PKCS12 Object for Carlos | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS12 ([RFC7292]) object contains the same information as | |||
| presented in Section 7.1, Section 7.2, Section 7.3, Section 7.4, and | presented in Section 7.1, Section 7.2, Section 7.3, Section 7.4, and | |||
| Section 6.1. | Section 6.1. | |||
| It is locked with the simple five-letter password "carlos". | It is locked with the simple five-letter password "carlos". | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIII7gIBAzCCCIYGCSqGSIb3DQEHAaCCCHcEgghzMIIIbzCCApcGCSqGSIb3DQEH | MIIJ9gIBAzCCCY4GCSqGSIb3DQEHAaCCCX8Eggl7MIIJdzCCAvcGCSqGSIb3DQEH | |||
| BqCCAogwggKEAgEAMIICfQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIwS3R | BqCCAugwggLkAgEAMIIC3QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIwS3R | |||
| pT1mkyMCAhS7gIICUDFhZmrEWCDBUJidtT/9T8JVj1+gBWH+LyGcyCoK6R6HK8hl | pT1mkyMCAhS7gIICsGKkBm0nci9VHfqxOTWy/lkKyQeF5bwsF/9gZrqUym1KtHZF | |||
| Ee+qT8jI+cIQ2J4FCz+ZZyHZLvp5EznQk02h97rTkXod3yrrSuBnfK54VlPLZSwN | a4rSJIPUctmzqVnhGmfW9m+LEi7Em9rRmUIQbDZt4kQDG5eDk7AdhyDnB3uZDG1W | |||
| hfEc8b4CX8VeQwMdLu/b8G6GFzmtK9Dhnb3UF+3PCc9YSBqyBdGLPghhYthxyUit | 4cAeUVUiojGLgHFGe2/iIhW+JQTCbGDsAXqowalvoZZ5mJx98Rzb77JXyiKgY/a6 | |||
| WLy5GhtoLhjrkgxriMUQurH6Gyh36o0wZdoVXLXUyUYjNZlHgZzITf6g0h5rX125 | uiolRqr27yj0e9CGkA385Hp9n4gcqyGuZ5OYUa0zKRtZB+Zdqcu/365uTP3MUgud | |||
| 50UjF+HU25YOoDuE5GEMcT732wWCKPajNKqQSP6WBOYifKtZ2OnNYG6/x6xEyLgg | 3kK/ESRMRjdRGERlaD84fuhKvI9Elf6yoUkpwW7yHuDTVsLPWeuoPcpOIe/oT7cm | |||
| vrmFJF9lVfqkHHhdiQ1yZ3GYF9oEYRVZsw283kXMP4Gb9avdSu5AGhWEsF2Z5K9v | HIoQNb2dTY0+HmSCNe3vbHiELsOzUSUat6JhE/uTHiJUVtL01NMcACdvXKqT1eXG | |||
| WoNOYNQy9Q0RJFDV2mu6CAe/ExToSp6Zq99o0hH+3pDUSuWAmZk6xOa/HUYyDxw+ | DdD+Em9N0Di93m2qmXrP1N/AoKGTheB28XwsRicnoBvn4TKULQHaMx/UreYrX3AK | |||
| dJHCaFTNZu/BpmCOH+jF+1hbkJsA9KxYzgrbMowdQQec232saG25I1IUo9zM5MMw | yJJ4/8ENKQ+UipGt5xBKs/aLnWI9L75Cy3JP5v5myc4T1mvqjlVlay42o5nQYycF | |||
| SQ9n21ISXbY01rqPOpTY23pbbKe8uSLFZlrWmMMOBidhVvqrJXhy/rL0+C+SvTjx | tOVjtI/TaBDi5lMBS+r4RPqAp2LfApjrBy6Z0hNLahEO7jsCfyDuxu/UBmncjueG | |||
| OA5L/phGXa2HmXD/xnaZYg7EzNLtlaEwASlwyfo2NTDuNdmIBmWeVrWZbH4ETGVJ | T9OTzN0HwxhwpqfVWVbZzqo2k/7Tu1HVR4LoGQR/+Z6+v3DnLugRVahleObk7ZjX | |||
| Qk/dnkUnCX1yimeYek+N3H4826AC2dQy6MvPzoI7XznzT2j3CoNAjANwVbQwtMSh | HPaO/EunXeokrJouz94jKgo1nTpRKfQ40AnXtKpbrY/457hI+fiODYh6JVdkUgXP | |||
| DRBM5jk+RMJDeFVn/l9+obwXW/w2ucwxfDi0PWDnIt19Cd27oEzk5QKcAWxm7s44 | 4f5vuwqiPPY0b/MCr9b+TPNLM1kVpkE1nFsrItNtD9XvktnKBHmSzRXxqeNowQKW | |||
| FN2fr0cz8VQ10ozXVp3xLKfh1BOiThGIocO1sgcwggJPBgkqhkiG9w0BBwagggJA | nKyUnvV5iUjxdbiE4xX8/fl4TLSL4+Z4SlJZn376LWpAN82PtgfI6uYJkacvBkxz | |||
| MIICPAIBADCCAjUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECOMzXMste/8a | Eulxbw96hRbEraIwRkwijOfUV7UjoCPjMYA8Zh1x5JTiE4UWWLs8aq9tM0Z16sVz | |||
| AgIUlICCAgjGICz00XOzEF6f/F8s7SlV8KM+WLuelXUIjGMSsX9Xd9l9aQemTh8y | C1GhT9snSmeWuTtIqOSqJ+lnAbEZzfj4DSRcdUYwggKvBgkqhkiG9w0BBwagggKg | |||
| n5+XyoNKXfrUn9UfEfpoKr7Y3Xz4L88/fsuLALbLUpDRMW/C+sPp5H/63aI+szyk | MIICnAIBADCCApUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECOMzXMste/8a | |||
| lnKpJIxLpMjlfXDSEafPszf+2ckBgyImQ8+Wqf3J2WryXobhrvXFR7FidtQ0GpDk | AgIUlICCAmgXa+q2JhTLvWsj5SKLdMninTk5uB6HhOsDKYR9GDg/cABqUFxycROG | |||
| WND6DY6Vdx5pdIV8sLLvRiawV9cx0rAoMItPe8FbSXVCP7JJ5+LyABnPHlfUySQS | JeJuewIRkJhsfdXJi+TSRtnQOqpyVM9oRUdxcbGuCI98fEbLmVyr7KF8GudTgC+b | |||
| EPOkEc5XUyHigwkvhHweIDe0jiE987esjPsnn6hgepYZjx/YGilFUVrShblj2TMV | y+76DSmhfyPgFn02rHwnMb88Zu1SpvrEAY/sifQy957dbRA8oAUvfGhR5sVL7Mrz | |||
| YYfu4FMxaeFR3/kGITVXgWyMJumBS3WfzdmJ1wV2qFl3uk/ONOpCqnwA+yj8y+Kq | 6GtTtYgPNkKvjnNS3Tv1tOxHLwWWsxzW5/6AKY9hc4XuPJSY0jdEUW2PSIggoZQW | |||
| tX5Qz4qPkFqjs/9yQmDYQbRvLuTdcZwp5bYd8oQACDCek+OoaR4EWhbYAet3xA13 | jwlfb97H4Vvn/p8S/qKTUcsGXzFEn1WGXX+yp6acRABooK9Kg+qtNmPJl/nXgVib | |||
| cULY2g3H+p8pVBQC6ANDAY4hVbqoEla3O6i6ZUv2galjze4bTz38Z58vd43Q796k | GuCffGVC4IGxxqJaCaGHIUEfBmNRSW/p6JbIASKUshw7iFeZVAfRcwN8mbMsJShk | |||
| Kw3NMdUgkfyU6rhRimMH/GUjyTihEVyLokc9NPJS8mhXblr0WAvY24KhBxq/plf+ | qgNy/KQGBSnbrzTZhoNPrUlMArU/Egccf6LpuMZP8PdeSueG3tM/xOt8D4tZmEyK | |||
| N9Dp2XHLAPK2N672KGGbZTPf/x1RPprsKF0lcyueLE4pVLpX/GEHmm0H++XYMLzW | pmcuQqXenFZIXdbleUB96OKXqrn4Nf77rMd5VL/R263jDCh9hw5IZIWzyN3HsxrR | |||
| uc0icZQt7pERKa5zPKhp3I756pat2gvjMPeL1hl8zHnK+Yi9NbYj2kAO3K1bgz2K | Qa0PjHFbQudoOEcfYwEmU9t5Av4o1flRLLV4m75ZZjKEtBZ0P4P8+7sYiaBf+9lk | |||
| MIIB7wYJKoZIhvcNAQcGoIIB4DCCAdwCAQAwggHVBgkqhkiG9w0BBwEwHAYKKoZI | SL38WglKJ7EfGm7T0+L1fciDEyYH/L7B9OcIGlUsSBBYeOjsmY8gnw9sgt3UcK3g | |||
| hvcNAQwBAzAOBAho9g0tQyYTvwICFIGAggGoKzdhPK62x2hQseNPvFp4RUVsAToT | ZX+xiXIHV18yBY10EDaWy/ipv2lmYdw2EoPVwrS3jZ0gGLu8hNDkn1W6l2mJvZMa | |||
| zZLU7WKZr5JnbsUt6wnc/QrrTDYuED252Tr0XP1tn1dEx6Yk3QqN5011tpjupiDb | cKN/cuOL3m/EDpdXEDe9NEmufm5C3QwATW8NjoV4vUkZ9V+jQOCghq4rwot4+dHY | |||
| 821DGT8OwwrYTWOKZpoLiQ17bI35l5Bz/pY03ZHgy8TIH3hJAsUdxnAHs4ASr/ZG | 1GAAUfhchjfJgwR1ISzy8ZpO6KTGDuer5Vu1acpB3Mq/GZPqM8SucAl8P1fK6pwL | |||
| SkCI0aJosqKTbbA4Y6dBNPClqjG+b2sBncIwedKTXgHO/B+HHJoXtRbl+YZ1CNyq | MIICNwYJKoZIhvcNAQcGoIICKDCCAiQCAQAwggIdBgkqhkiG9w0BBwEwHAYKKoZI | |||
| lZaIeWouRCccrv6XnPdpjtv3QRxRlvCGg40bHhpqnXiDcLCk32Oqxux64skF6Wt9 | hvcNAQwBAzAOBAho9g0tQyYTvwICFIGAggHwqGucSvjuG1dKf42hcgjkAUEv5NW5 | |||
| m9Ij05qtGBU4bXCTVSUaUEOf0kpxII0drg+B/eZbOfDwFmgmvOh3zTdmOQhh01CP | pX3C+Qfe6Nb4gxPw8yIu8vCdymupa3bBI7Qxd/ickCQAo7E2JGr5qjc6ftx6Us/H | |||
| zbeoOdBm3K/L4XJhTV3kh2UKURoQ7+E67nNeiLtbdT8CIhy32oS/IG2gmGsIOeuR | 5ySspVi9cz5qOVRTVwSQn+jttPCmtBq17PPyBlqT4U0dNeSDT87+ea3W/u/QQdwa | |||
| 0quFD+Kpq7rzIobE1JEhlzJV2pGBHEOwKL/FAo5HJ2TS6hw1w675DtjaqqBYwjfp | Q3jdV9U5Li7Ni5F4ZDFIkmtUPEfrr0p4cgSAUDv6ZZBjpesM5WOIrEcNNHtkWjS4 | |||
| vgket8WDrfD8eYH4GJ3GSoM9YgNVmYjHrO/c95GOBeoe9k0u/+DitqVPa2/ljw// | jVvNMS64s1/rg1CA3FKjyQ/R8mNi7+FlPV2CKT1FD1iXgU6MLM1SS7JFR05maI/t | |||
| vg4OHw9HymnWgTlwkFPkpHRE9jCBxAYJKoZIhvcNAQcBoIG2BIGzMIGwMIGtBgsq | HQtxFBFZkbYcKCGokz47e53MYvbtYR8nobZLJ5EJh9jHPZUjrNIl7hXxh7iOsZ36 | |||
| hkiG9w0BDAoBAqBaMFgwHAYKKoZIhvcNAQwBAzAOBAgNhfODEdzSrQICFF0EOCEq | N+3hn/2OM2uuB0fviJFwOoHu+c7HCaBUzSekpVGnEfxTEUXq9FT9utqhzuixEE+L | |||
| Fie1peicS9OSXNQjLwbN3kO8lYM2HqeSZoEKJ4JSFlV1kWW3xwfu5aZKrGEYBfGM | KQ3+19d5TXgYKpWsS3B54+uZee11QZ3ejDh1NvdkWj0EuQ7C1hf2zEi7q35OdllW | |||
| d8renRijMUIwGwYJKoZIhvcNAQkUMQ4eDABjAGEAcgBsAG8AczAjBgkqhkiG9w0B | tCNzIuf1Ls5mO+ezjXBtkAYByaykiUjubfFPNKowGhKOiZpq9IG2mWaXCJe1BWha | |||
| CRUxFgQUgSmg+iOgSyCMDXgA3u3aFss0JbkwgcQGCSqGSIb3DQEHAaCBtgSBszCB | iFpTET+HehLSK9OYvHj39jvx/Cpmtq3j1OFsy7l3n7n7OhmFaNrPmra/vgKFRUbV | |||
| sDCBrQYLKoZIhvcNAQwKAQKgWjBYMBwGCiqGSIb3DQEMAQMwDgQINFcqIEMfd9UC | brijCLOemLbbg7JfKQpe4VXBpT9OAj6t38LCtV2IAoxKr9Ctxueq/AdINDCBxAYJ | |||
| AhS1BDgZruEsSaBY+Cm9WKR8HhH3JXh+AoMSrwkDCKytWt+MNIXB0jY2QZHDbN3u | KoZIhvcNAQcBoIG2BIGzMIGwMIGtBgsqhkiG9w0BDAoBAqBaMFgwHAYKKoZIhvcN | |||
| Fn7qHw06MDthnKniazFCMBsGCSqGSIb3DQEJFDEOHgwAYwBhAHIAbABvAHMwIwYJ | AQwBAzAOBAgNhfODEdzSrQICFF0EOCEqFie1peicS9OSXNQjLwbN3kO8lYM2HqeS | |||
| KoZIhvcNAQkVMRYEFGSF4zucHVrN5gu6Gn8IvsSczIQ/MF8wTzALBglghkgBZQME | ZoEKJ4JSFlV1kWW3xwfu5aZKrGEYBfGMd8renRijMUIwGwYJKoZIhvcNAQkUMQ4e | |||
| AgMEQOSgOktGopSxl70faInHLRayV1vh25vqmy1fdnFkgJRwJVNWL14k6e17jAUO | DABjAGEAcgBsAG8AczAjBgkqhkiG9w0BCRUxFgQUgSmg+iOgSyCMDXgA3u3aFss0 | |||
| Rmu50E9sjz9BDZTUCoftLEstD5AECJDjaZkfy4FnAgIoAA== | JbkwgcQGCSqGSIb3DQEHAaCBtgSBszCBsDCBrQYLKoZIhvcNAQwKAQKgWjBYMBwG | |||
| CiqGSIb3DQEMAQMwDgQINFcqIEMfd9UCAhS1BDgZruEsSaBY+Cm9WKR8HhH3JXh+ | ||||
| AoMSrwkDCKytWt+MNIXB0jY2QZHDbN3uFn7qHw06MDthnKniazFCMBsGCSqGSIb3 | ||||
| DQEJFDEOHgwAYwBhAHIAbABvAHMwIwYJKoZIhvcNAQkVMRYEFGSF4zucHVrN5gu6 | ||||
| Gn8IvsSczIQ/MF8wTzALBglghkgBZQMEAgMEQEy0qwQQs3QR/VwU7MgIK6ZCWGF9 | ||||
| 0SgeIWjctI024YVnsTg1i8dbFW8rPanAovq3K+gwPqtRoYsjE6KPCycGzX0ECJDj | ||||
| aZkfy4FnAgIoAA== | ||||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 8. Dana's Sample Certificates | 8. Dana's Sample Certificates | |||
| Dana has the following information: | Dana has the following information: | |||
| * Name: "Dana Hopper" | * Name: "Dana Hopper" | |||
| * E-mail Address: "dna@smime.example" | * E-mail Address: "dna@smime.example" | |||
| 8.1. Dana's Signature Verification End-Entity Certificate | 8.1. Dana's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by Dana. | This certificate is used for verification of signatures made by Dana. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIBpDCCAVagAwIBAgITJJvJ/RfYIwaHOq+JHuYw2w0HKzAFBgMrZXAwNTEzMDEG | MIICAzCCAbWgAwIBAgITaWZI+hVtn8pQZviAmPmBXzWfnjAFBgMrZXAwWTE1MDMG | |||
| A1UEAxMqU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp | |||
| MCAXDTIwMTIxNTIxMzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjAWMRQwEgYDVQQDEwtE | dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx | |||
| YW5hIEhvcHBlcjAqMAUGAytlcAMhALLaHeGGRooNjrs+4K40ueetCId1JZik+WAW | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MRQwEgYDVQQDEwtEYW5hIEhvcHBlcjER | |||
| w6J/zm+uo4GVMIGSMAwGA1UdEwEB/wQCMAAwHQYDVR0RBBYwFIESZGFuYUBzbWlt | MA8GA1UECxMITEFNUFMgV0cxDTALBgNVBAoTBElFVEYwKjAFBgMrZXADIQCy2h3h | |||
| ZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1UdDwEB/wQEAwIGwDAd | hkaKDY67PuCuNLnnrQiHdSWYpPlgFsOif85vrqOBrjCBqzAMBgNVHRMBAf8EAjAA | |||
| BgNVHQ4EFgQUSAOGwWm4eG2u3vPMBrAzrFcy3ZYwHwYDVR0jBBgwFoAUa6KVfboU | MBcGA1UdIAQQMA4wDAYKYIZIAWUDAgEwATAdBgNVHREEFjAUgRJkYW5hQHNtaW1l | |||
| m+QtBNEHpNGC5C5rjLUwBQYDK2VwA0EAbT5OedGDjT2UNivGqR7NVb4UVd6cRPM/ | LmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgbAMB0G | |||
| yEuJ6P2k69jq6tIutanF1HAskHIOi3dt5IENbgCmdOrCqDYay9rdAA== | A1UdDgQWBBRIA4bBabh4ba7e88wGsDOsVzLdljAfBgNVHSMEGDAWgBRropV9uhSb | |||
| 5C0E0Qek0YLkLmuMtTAFBgMrZXADQQAqTjekfJCBctK5gm1kAnOvxPCe/xGTU9bm | ||||
| E42ScgS/GIPMyPgdeIn67Y9WkY715VgkZdw/PPlnSakKL+zj3zAO | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 8.2. Dana's Signing Private Key Material | 8.2. Dana's Signing Private Key Material | |||
| This private key material is used by Dana to create signatures. | This private key material is used by Dana to create signatures. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VwBCIEINZ8GPfmQh2AMp+uNIsZMbzvyTOltwvEt13usjnUaW4N | MC4CAQAwBQYDK2VwBCIEINZ8GPfmQh2AMp+uNIsZMbzvyTOltwvEt13usjnUaW4N | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| skipping to change at page 28, line 36 ¶ | skipping to change at page 30, line 20 ¶ | |||
| lamps-sample-certs-keygen.dana.sign.25519.seed". | lamps-sample-certs-keygen.dana.sign.25519.seed". | |||
| 8.3. Dana's Encryption End-Entity Certificate | 8.3. Dana's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Dana. It contains an | This certificate is used to encrypt messages to Dana. It contains an | |||
| SMIMECapabilities extension to indicate that Dana's MUA expects ECDH | SMIMECapabilities extension to indicate that Dana's MUA expects ECDH | |||
| with HKDF using SHA-256; uses AES-128 key wrap, as indicated in | with HKDF using SHA-256; uses AES-128 key wrap, as indicated in | |||
| [RFC8418]. | [RFC8418]. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIBzzCCAYGgAwIBAgITblJdPFwwrKiKmpHj0REce7n5NTAFBgMrZXAwNTEzMDEG | MIICMDCCAeKgAwIBAgITDksKNqnvupyaO2gkjlIdwN7zpzAFBgMrZXAwWTE1MDMG | |||
| A1UEAxMqU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 | A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp | |||
| MCAXDTIwMTIxNTIxMzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjAWMRQwEgYDVQQDEwtE | dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx | |||
| YW5hIEhvcHBlcjAqMAUGAytlbgMhAOAxojYBaRT0sbwK9pEeANIRj13vZjwQ1l4z | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MRQwEgYDVQQDEwtEYW5hIEhvcHBlcjER | |||
| CJs+6CRUo4HAMIG9MCkGCSqGSIb3DQEJDwQcMBoGCyqGSIb3DQEJEAMTMAsGCWCG | MA8GA1UECxMITEFNUFMgV0cxDTALBgNVBAoTBElFVEYwKjAFBgMrZW4DIQDgMaI2 | |||
| SAFlAwQBBTAMBgNVHRMBAf8EAjAAMB0GA1UdEQQWMBSBEmRhbmFAc21pbWUuZXhh | AWkU9LG8CvaRHgDSEY9d72Y8ENZeMwibPugkVKOB2zCB2DArBgkqhkiG9w0BCQ8E | |||
| bXBsZTATBgNVHSUEDDAKBggrBgEFBQcDBDAOBgNVHQ8BAf8EBAMCAwgwHQYDVR0O | HjAcMBoGCyqGSIb3DQEJEAMTMAsGCWCGSAFlAwQBBTAMBgNVHRMBAf8EAjAAMBcG | |||
| BBYEFJ3fTdQF75rsYIa8J20E6c5a3I+kMB8GA1UdIwQYMBaAFGuilX26FJvkLQTR | A1UdIAQQMA4wDAYKYIZIAWUDAgEwATAdBgNVHREEFjAUgRJkYW5hQHNtaW1lLmV4 | |||
| B6TRguQua4y1MAUGAytlcANBAIip5JgJkZjKvC3pHKckgOnBxZbIfzNgJ8c65/Bq | YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgMIMB0GA1Ud | |||
| ce91uhvjbdiBeJPAz6a/GB3LRlrV6Q/TEtruGKDC7yYNLgc= | DgQWBBSd303UBe+a7GCGvCdtBOnOWtyPpDAfBgNVHSMEGDAWgBRropV9uhSb5C0E | |||
| 0Qek0YLkLmuMtTAFBgMrZXADQQC9eaCofJkXN6GbED+J2ZLcQvah8kBwLIcDzxpP | ||||
| ZYQkN5IIWwXW7D9PEMTGdWlhe9h8IvluIuzIqTpyXKaWiY4K | ||||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 8.4. Dana's Decryption Private Key Material | 8.4. Dana's Decryption Private Key Material | |||
| This private key material is used by Dana to decrypt messages. | This private key material is used by Dana to decrypt messages. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VuBCIEIGxZt8L7lY48OEq4gs/smQ4weDhRNMlYHG21StivPfz3 | MC4CAQAwBQYDK2VuBCIEIGxZt8L7lY48OEq4gs/smQ4weDhRNMlYHG21StivPfz3 | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| skipping to change at page 29, line 21 ¶ | skipping to change at page 31, line 6 ¶ | |||
| 8.5. PKCS12 Object for Dana | 8.5. PKCS12 Object for Dana | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS12 ([RFC7292]) object contains the same information as | |||
| presented in Section 8.1, Section 8.2, Section 8.3, Section 8.4, and | presented in Section 8.1, Section 8.2, Section 8.3, Section 8.4, and | |||
| Section 6.1. | Section 6.1. | |||
| It is locked with the simple four-letter password "dana". | It is locked with the simple four-letter password "dana". | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIII3gIBAzCCCHYGCSqGSIb3DQEHAaCCCGcEgghjMIIIXzCCAo8GCSqGSIb3DQEH | MIIJ3gIBAzCCCXYGCSqGSIb3DQEHAaCCCWcEggljMIIJXzCCAu8GCSqGSIb3DQEH | |||
| BqCCAoAwggJ8AgEAMIICdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIZNqH | BqCCAuAwggLcAgEAMIIC1QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIZNqH | |||
| TA2APx0CAhQXgIICSPQnI0u1rbDuFE7RHOmB8gaSF2Sy8Rbz5yMH9Ecek09CKiuc | TA2APx0CAhQXgIICqK+HFHF6dF5qwlWM6MRCXw11VKrcYBff65iLABPyGvWENnVM | |||
| 4ZcQ1weWYXHAxMqRKdOBH//kvkbQq3z8tbrrMEIsqpa0KnbceCSAeBoSa6tfaDQh | TTPpDLqbGm6Yd2eLntPZvJoVe5Sf2+DW4q3BZ9aKuEdneBBk8mDJ6/Lq1+wFxY5k | |||
| WpHoQpXNLxwK3Fmvan0njS3EEQafvSV3eu0KFpZUutMJXceXAFlLWytNtP1b85jy | WaBHTA68eH9ovHvrGaK8MkxBSoK7x05uD95di3m5y9XQFU1YsBB6miqD3mUsaPVE | |||
| ije23fbzq1IeplZbWUjgFFAsC9PQf+3p+KE57HfhQ3pKPyQuGOCg54XuOVJVNOMX | FeSrFr9aaylqcG9vP9uohbSe19szDmY41/cuKx7C1Qq6hd06TK8rw8aRg0pfrYCu | |||
| fGQxdFywK8L5F+KKqzvNwtzn3lEsLLedxzTLjspI0lz6EIKCvlpykkKZIbyZlakl | WuXHQ9pTNf0gNWaLI0vJgo5DrkZzSX+2imCTTjgjbarBCKbRHesA1oXNpFHT8wl6 | |||
| rjvSN/VXiLwpzlFJTVAg1Cue0kGmDZIV22LGOqkkvnJ0R+h/3bnWVP/8OuFQGowb | npErKI6tknS9TYimz/Laidjs431+HWlBll4pDxfSb+gasoGgH8kANnxrlNpm36i7 | |||
| 40IeclSsbxG0JIDcES4uX04m4bvb7Brx79FUHnGr5sXz45AqnbO1rMT8Vl12Qq9U | EmfFcRfloucJFovOjLijAPb8zUfmT0XSLYKQLIHgwShY2A+b+tmZgx/JU/6/eIxw | |||
| Pn7u1CeLpNXl/hjU+zbcZzHcRYz2k+PqSxwHDyCbyJpINDY+LWfy8OOC2JUEhYze | z76wCYQ3n1HTFu+DpmIDF7hlkJAc7OFEoo3hhXSe41vJtTz2dw1Dq5kiR7i6MAXe | |||
| y6/vL7i0efHTf0CRNV9664Z9RdfxCPXRJEUVSZINSSydASkSWl+OABkAsYA2Fg7y | GiI5ZpUpuTf5ICO9ZHmbQPOnf/fTN17KhvoJnc0dCGj3L9KPzeeKo/xOBY6DUVkx | |||
| PipJm+GdwKNP67aIlhiDatwSEZ2eT/TayNmCwXLlV83G7OSfw8UQjBYNIMmFuvLs | nc/KdEDuajISt1MSZWO/j2lEhlYalOU6x9xvPOG61hue1lesEcAnnMFYArcn6gH+ | |||
| TR5PLi3E2llcC9geKUHVDdEAGOB0ixgmfv2TqGFTE3sHdDVbLFn5OD3DtfV74YsA | MDp6zrXbhemPTwITwiwgUWWYAQEuXIEvoYv1qC0izF8yqfB7EEaO1GRwNdUl3HS6 | |||
| QqxOnN1OKleljMlJgN1w33jYzx90RqOJHt5ve4/Qj6CRK+TjU+xH0GvTSi6wcEmE | FjR2/hGXaZnqFyEkDPv8U0MYY0tXknuA/XNpqW0NaXwUf4DEZzG3Negjqa9irXSr | |||
| UPD3az7ZGRrEVGRo7nWh2nNwiJLRMIICTwYJKoZIhvcNAQcGoIICQDCCAjwCAQAw | bze5aTl7CshrxTy77ff4XgsZzbHbJANY+1Z82k9L9d2kYd7PJtn4F/q6YUvHNTB8 | |||
| ggI1BgkqhkiG9w0BBwEwHAYKKoZIhvcNAQwBAzAOBAjxuoiaSZDbnwICFH+AggII | JoHvlLU+gP+QYYCHl3v/lsNYtkFe7CzCjJchr9X8Ru+2A6wdDDCskQmUHLXEWOtD | |||
| UmezlzXbcjLVmLiRmNAKNqzwefymnj/ykUx+3s9jACknIhEZ4nkNOdLffUvcMk0b | pjLHGfOI9lqKGUcZbQd8pTsMuiL6MIICpwYJKoZIhvcNAQcGoIICmDCCApQCAQAw | |||
| DpzZGevsxLXBAc15x5cpaPJ13nbM/+9lQSnhqd7+wjkERRuRuyWj2Pe6yDauEgF4 | ggKNBgkqhkiG9w0BBwEwHAYKKoZIhvcNAQwBAzAOBAjxuoiaSZDbnwICFH+AggJg | |||
| lrkaq+tQJmfSlFJFwlVVh7ZzpFTQlbPLJ0cVEtpGwkpeoLb1wJ0tH0u0/HS3CI/q | k2hcNYtO0+15uLqXdiNhr5Q0JkYcrHdo0wR6G5AgLmwI+TYi+P8EZUjDIJ4TJ3b4 | |||
| aQ6QtEIIbsBvHG3Wx0gvYeQN+sTnfVS+nimMQSPN8u+ZTx/SsTad2LJqkWSo+mXm | 6xv7+3pT8cbEFf6PXcfS8/sCfM7FaV3SpLACLZbBJV52OKE0CAgALX++E7UyqHju | |||
| xG/pjYr7PKezppt4b5djGepPlIKwR+xeKYJdzFNteUUinEdOxEyxzutb0eZv5Fvt | Ty6WnTIE3k+m9dH0dBMAhV/xGcXT91WBVDr9XkAa6dqhrbHS2VMUMfSdl6nJLwGc | |||
| IfyhaAEMO3J1zN9kmihxKJRopGRjqSk96FqVNZE934JjR4mysGT/aEvGhYHD5kRL | y5zVBZzzkV3LhejJRCqY3l+5quwabzumcDwtsVMz8/3j4TwGZzkvRP1+EbYLuAKp | |||
| XX1Pea+aGlB9leBgC21QobStZLIB7OF/NMUXUJtCLuUx47v9hmbS0BjdihVRdf9b | 94rfXAgzGt6f1WwRx7OsGKzcQpSjISw6x51tOaWZK/QnrhdOMt415a9t79HrJ3h7 | |||
| vouw52jnkbLtxWyFussZX3/SD57thiRroGcjO+j+LKwzjFTsec1TntKsDbuQY4P9 | 8hqC+HfMTnCNtHEkEntGrlVqKF+isCoHBP/s1k+ZZ6WuASfgJcJMvFgyQ2LMyBVs | |||
| YEBnNjo92xmnoXht95EcNanlLe7TdPqcKiSriYagpaBvKcuED25Lj0gvZCywJsFE | AEelovX94Pz1c9PNzgNPSth0CQA1CJJcbLjueZNU4fNmgYuv/OOvTYZZklDQjjAk | |||
| UH6QIXoLyawV52Owjxl1PvkwPV5MBKTIAFsspipYDr7mrJBGWKKlOkpDEPj9qsR5 | wZXlkNM70wsR0QFHZm5CpOQKEPxJUoIuSN77Q5wxP+VJYMYKfPhUYIQd3TQsqGXl | |||
| iDgJjG56IaCLaR0xNhfpJSejC1PUQIw12x4tWf9f9+o+qt+2r4T2iDCCAe8GCSqG | wXbGLvtrz/anmPJFEy0qIPPjwsR9vtN/xYU09t6QHX2bTGN/eWmoqaUrXHCzlW8j | |||
| SIb3DQEHBqCCAeAwggHcAgEAMIIB1QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMw | lobS4CgeofaObNYse8dzsfd1BxjhDQ+cvewdDtVBmmm4Z9GG9Mn/Cxm5GI+twH/R | |||
| DgQI58n+zdh/luACAhSdgIIBqDm3P6jekAlPi1HmdPOG+jbWocN/FQRP5tMLXjMK | W/tTMCny9EiQV0e+PtAj2rpnsuQbOZka06jEykg6/Ydv9kTjFT8SBSQxtAse2nbY | |||
| oZZ7Xc7XXgLEZUX6Y7lwD4tsxBuUmskPdroF7GDXosp+NwnBKa1l46ABS2kJ5e5k | shdZE/BhkCHyd+Mlj6AFiChsB0htP2dZLFLB8EkKCdB2DdEG/EcJcA5jVx54LG6w | |||
| ZAGaXouPHDc57kapBa3ZZ05CmexJKA48Gv4wje42bhQXrhuw0xXoKFUYiXY5z1YN | ZVGRr452XJTcn3zTUXFj63D13pHBTuwBvJvO5pVRFh8wggI3BgkqhkiG9w0BBwag | |||
| kWm52m7RLN17toCOSzrcEiMr/vbU9Lm1yuJzqmDylJhafQqdujMr3vwA/aegT7RJ | ggIoMIICJAIBADCCAh0GCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECOfJ/s3Y | |||
| 757BFtPORkhaMGwHCBkNo07whqWU3CmUk4HLP8nSw0o5Y+YsGY6sxoCI0IXNjei0 | f5bgAgIUnYCCAfDRW6wHeNExBEJGRcj9eGUoBcXpSJCKCckJSh2ZLMepS0YBgtPk | |||
| tbrElwTrxOfT4p2t2GcLNRViLsiYB+sdw5z0sSZakF5G1khu2IiWAWNoW3tjd+PE | VDmQheb/A+1CgATSdG2qkNr3f4ACTZYJtyjBlOn6Z2oV/In0nyFXyPTKW+SeTM6N | |||
| aD/AgsyQN7hKkpjSn62Z/iYd9pG6WqSZoC+sABKuVvR3fmfg8r0z3os6//Bdl6SI | 1jfcKq2GIgL1687t+PNbYgH/+9QgDvcKiHEFqaQjpzYpyk2CuRdVEbq4r7c/K9h/ | |||
| GgBFLWxm7tPhrb5D14nzmnlyomL0ED6Q/uu44TijOWl4b98F0Seals4xmlqy2rm8 | 2NO44aUq/Covon04rk/RG+HnJauQVC+iwuWcVpcoePF1XyP2onx6y8D7dxflKRhP | |||
| fxs/uvBdSv2xDNOq0zzb1i/BF5ALoeGkZfkhLGSQyrAbUzU6lkMAhABkc7L4SRQb | u6HmD9f68ZwacQzaIodR9q8BJ5bOnabHfYZZuA4KIp7C2zUqEwCMbFkQRJmNfm1D | |||
| pTminYCcp27XsnMwgcAGCSqGSIb3DQEHAaCBsgSBrzCBrDCBqQYLKoZIhvcNAQwK | G/huDK9Bdox436RGm3kP/XuJ8qNCYNS+8GblnX4gV3bO2MpBr+M+Q7Jk5v1xE2Su | |||
| AQKgWjBYMBwGCiqGSIb3DQEMAQMwDgQIvYHPW9b5hmQCAhS6BDhg7ISOR7nc0O8I | /9YHKaI6ok5cI3obozU6PuQzPSN7Yfi/MGC342ZXV5zjnCzGCK/VKRsvdk0f18w5 | |||
| VHRyJQdnut5/3/A/HlOBXerMaF9Hhs/at2mI632EAdUrlyZQBHv7CMAmJh0tRDE+ | oKgibwGPMUXwvY/nVuWMNwkqQUXPsXSU80eTzkvx/oInldp5sHf0lxzaG+quxFwr | |||
| MBcGCSqGSIb3DQEJFDEKHggAZABhAG4AYTAjBgkqhkiG9w0BCRUxFgQUnd9N1AXv | GZ8v8i61YJis33pievIe9wwptrscGxQ7CahFtgIEUxzTc1usZOEGF/eQp9hciIZD | |||
| muxghrwnbQTpzlrcj6QwgcAGCSqGSIb3DQEHAaCBsgSBrzCBrDCBqQYLKoZIhvcN | MXUCs38nEe7N01QcKRgmuqIYHNt+6OUcljXuoJdLGcMEdXTqi2yVW7peopBTRvPz | |||
| AQwKAQKgWjBYMBwGCiqGSIb3DQEMAQMwDgQIXDvxSTwrri4CAhT6BDiJ3SNFvcnI | z0tJpPZlxtAmw/Hl2zTBiZ0h6zsuRcRcx6ieMIHABgkqhkiG9w0BBwGggbIEga8w | |||
| Qzl92lp5BH5gR4yf5jkpq+mVUPke2BBBj2GGmltCobhp/spj4xPrG6zqg0RB4kAT | gawwgakGCyqGSIb3DQEMCgECoFowWDAcBgoqhkiG9w0BDAEDMA4ECL2Bz1vW+YZk | |||
| nDE+MBcGCSqGSIb3DQEJFDEKHggAZABhAG4AYTAjBgkqhkiG9w0BCRUxFgQUSAOG | AgIUugQ4YOyEjke53NDvCFR0ciUHZ7ref9/wPx5TgV3qzGhfR4bP2rdpiOt9hAHV | |||
| wWm4eG2u3vPMBrAzrFcy3ZYwXzBPMAsGCWCGSAFlAwQCAwRAb7hp2ueeypwrQVGb | K5cmUAR7+wjAJiYdLUQxPjAXBgkqhkiG9w0BCRQxCh4IAGQAYQBuAGEwIwYJKoZI | |||
| B4g0cM1U9WV+3ku23y/LXhnkFeTqO+MDE5/KBjbU4ykjN2GZyiXPKQF3y+KCdEtH | hvcNAQkVMRYEFJ3fTdQF75rsYIa8J20E6c5a3I+kMIHABgkqhkiG9w0BBwGggbIE | |||
| VcLNbwQILkOSTOXYyW0CAigA | ga8wgawwgakGCyqGSIb3DQEMCgECoFowWDAcBgoqhkiG9w0BDAEDMA4ECFw78Uk8 | |||
| K64uAgIU+gQ4id0jRb3JyEM5fdpaeQR+YEeMn+Y5KavplVD5HtgQQY9hhppbQqG4 | ||||
| af7KY+MT6xus6oNEQeJAE5wxPjAXBgkqhkiG9w0BCRQxCh4IAGQAYQBuAGEwIwYJ | ||||
| KoZIhvcNAQkVMRYEFEgDhsFpuHhtrt7zzAawM6xXMt2WMF8wTzALBglghkgBZQME | ||||
| AgMEQNHejohTj3Ewlp/2L19mtFcwBM/tTp7REjcOo+n9jtpzeFVve9dkr76JVAHh | ||||
| naFM+2tfOF7j5tW5Pn13nEEr0skECC5Dkkzl2MltAgIoAA== | ||||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 9. Security Considerations | 9. Security Considerations | |||
| The keys presented in this document should be considered compromised | The keys presented in this document should be considered compromised | |||
| and insecure, because the secret key material is published and | and insecure, because the secret key material is published and | |||
| therefore not secret. | therefore not secret. | |||
| Applications which maintain blacklists of invalid key material SHOULD | Applications which maintain blacklists of invalid key material SHOULD | |||
| include these keys in their lists. | include these keys in their lists. | |||
| skipping to change at page 30, line 47 ¶ | skipping to change at page 32, line 37 ¶ | |||
| [ RFC Editor: please remove this section before publication ] | [ RFC Editor: please remove this section before publication ] | |||
| This document is currently edited as markdown. Minor editorial | This document is currently edited as markdown. Minor editorial | |||
| changes can be suggested via merge requests at | changes can be suggested via merge requests at | |||
| https://gitlab.com/dkg/lamps-samples or by e-mail to the author. | https://gitlab.com/dkg/lamps-samples or by e-mail to the author. | |||
| Please direct all significant commentary to the public IETF LAMPS | Please direct all significant commentary to the public IETF LAMPS | |||
| mailing list: "spasm@ietf.org" | mailing list: "spasm@ietf.org" | |||
| 11.1. Document History | 11.1. Document History | |||
| 11.1.1. Substantive Changes from draft-ietf-*-01 to draft-ietf-*-02 | 11.1.1. Substantive Changes from draft-ietf-*-02 to draft-ietf-*-03 | |||
| * Correct encoding of S/MIME Capabilities extension. | ||||
| * Change "Certificate Authority" to "Certification Authority". | ||||
| * Add CertificatePolicies to all intermediate and end-entity | ||||
| certificates. | ||||
| * Add organization and organizational unit to all certificates. | ||||
| 11.1.2. Substantive Changes from draft-ietf-*-01 to draft-ietf-*-02 | ||||
| * Added cross-signed certificates for both CAs | * Added cross-signed certificates for both CAs | |||
| * Added S/MIME Capabilities extension for Carlos and Dana's | * Added S/MIME Capabilities extension for Carlos and Dana's | |||
| encryption keys, indicating preferred ECDH parameters. | encryption keys, indicating preferred ECDH parameters. | |||
| * Ensure no serial numbers are negative. | * Ensure no serial numbers are negative. | |||
| * Encode keyUsage extensions in minimum-length BIT STRINGs. | * Encode keyUsage extensions in minimum-length BIT STRINGs. | |||
| 11.1.2. Substantive Changes from draft-ietf-*-00 to draft-ietf-*-01 | 11.1.3. Substantive Changes from draft-ietf-*-00 to draft-ietf-*-01 | |||
| * Added Curve25519 sample certificates (new CA, Carlos, and Dana) | * Added Curve25519 sample certificates (new CA, Carlos, and Dana) | |||
| 11.1.3. Substantive Changes from draft-dkg-*-05 to draft-ietf-*-00 | 11.1.4. Substantive Changes from draft-dkg-*-05 to draft-ietf-*-00 | |||
| * WG adoption (dkg moves from Author to Editor) | * WG adoption (dkg moves from Author to Editor) | |||
| 11.1.4. Substantive Changes from draft-dkg-*-04 to draft-dkg-*-05 | 11.1.5. Substantive Changes from draft-dkg-*-04 to draft-dkg-*-05 | |||
| * PEM blobs are now "sourcecode", not "artwork" | * PEM blobs are now "sourcecode", not "artwork" | |||
| 11.1.5. Substantive Changes from draft-dkg-*-03 to draft-dkg-*-04 | 11.1.6. Substantive Changes from draft-dkg-*-03 to draft-dkg-*-04 | |||
| * Describe deterministic key generation | * Describe deterministic key generation | |||
| * label PEM blobs with filenames in XML | * label PEM blobs with filenames in XML | |||
| 11.1.6. Substantive Changes from draft-dkg-*-02 to draft-dkg-*-03 | 11.1.7. Substantive Changes from draft-dkg-*-02 to draft-dkg-*-03 | |||
| * Alice and Bob now each have two distinct certificates: one for | * Alice and Bob now each have two distinct certificates: one for | |||
| signing, one for encryption, and public keys to match. | signing, one for encryption, and public keys to match. | |||
| 11.1.7. Substantive Changes from draft-dkg-*-01 to draft-dkg-*-02 | 11.1.8. Substantive Changes from draft-dkg-*-01 to draft-dkg-*-02 | |||
| * PKCS#12 objects are deliberately locked with simple passphrases | * PKCS#12 objects are deliberately locked with simple passphrases | |||
| 11.1.8. Substantive Changes from draft-dkg-*-00 to draft-dkg-*-01 | 11.1.9. Substantive Changes from draft-dkg-*-00 to draft-dkg-*-01 | |||
| * changed all three keys to use RSA instead of RSA-PSS | * changed all three keys to use RSA instead of RSA-PSS | |||
| * set keyEncipherment keyUsage flag instead of dataEncipherment in | * set keyEncipherment keyUsage flag instead of dataEncipherment in | |||
| EE certs | EE certs | |||
| 12. Acknowledgements | 12. Acknowledgements | |||
| This draft was inspired by similar work in the OpenPGP space by | This draft was inspired by similar work in the OpenPGP space by | |||
| Bjarni Runar and juga at [I-D.bre-openpgp-samples]. | Bjarni Runar and juga at [I-D.bre-openpgp-samples]. | |||
| skipping to change at page 32, line 19 ¶ | skipping to change at page 34, line 19 ¶ | |||
| Wolfgang Hommel helped to build reproducible encrypted PKCS#12 | Wolfgang Hommel helped to build reproducible encrypted PKCS#12 | |||
| objects. | objects. | |||
| Carsten Bormann got the XML "sourcecode" markup working for this | Carsten Bormann got the XML "sourcecode" markup working for this | |||
| draft. | draft. | |||
| David A. Cooper identified problems with the certificates and | David A. Cooper identified problems with the certificates and | |||
| suggested corrections. | suggested corrections. | |||
| Lijun Liao helped get the terminology right. | ||||
| 13. References | 13. References | |||
| 13.1. Normative References | 13.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| skipping to change at page 33, line 50 ¶ | skipping to change at page 36, line 5 ¶ | |||
| Agreement Algorithm with X25519 and X448 in the | Agreement Algorithm with X25519 and X448 in the | |||
| Cryptographic Message Syntax (CMS)", RFC 8418, | Cryptographic Message Syntax (CMS)", RFC 8418, | |||
| DOI 10.17487/RFC8418, August 2018, | DOI 10.17487/RFC8418, August 2018, | |||
| <https://www.rfc-editor.org/info/rfc8418>. | <https://www.rfc-editor.org/info/rfc8418>. | |||
| [SHA256] Dang, Q., "Secure Hash Standard", National Institute of | [SHA256] Dang, Q., "Secure Hash Standard", National Institute of | |||
| Standards and Technology report, | Standards and Technology report, | |||
| DOI 10.6028/nist.fips.180-4, July 2015, | DOI 10.6028/nist.fips.180-4, July 2015, | |||
| <https://doi.org/10.6028/nist.fips.180-4>. | <https://doi.org/10.6028/nist.fips.180-4>. | |||
| [TEST-POLICY] | ||||
| NIST - Computer Security Divisiion (CSD), "Test | ||||
| Certificate Policy to Support PKI Pilots and Testing", May | ||||
| 2012, <https://csrc.nist.gov/CSRC/media/Projects/Computer- | ||||
| Security-Objects-Register/documents/test_policy.pdf>. | ||||
| Author's Address | Author's Address | |||
| Daniel Kahn Gillmor (editor) | Daniel Kahn Gillmor (editor) | |||
| American Civil Liberties Union | American Civil Liberties Union | |||
| 125 Broad St. | 125 Broad St. | |||
| New York, NY, 10004 | New York, NY, 10004 | |||
| United States of America | United States of America | |||
| Email: dkg@fifthhorseman.net | Email: dkg@fifthhorseman.net | |||
| End of changes. 65 change blocks. | ||||
| 652 lines changed or deleted | 727 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||