<?xml version='1.0' encoding='utf-8'?> <!DOCTYPE rfc [ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]> <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> <!-- generated by https://github.com/cabo/kramdown-rfc version1.7.291.7.30 (Ruby3.4.4)2.5.9) --> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-core-coap-dtls-alpn-05" category="info" consensus="true" submissionType="IETF" number="9952" tocInclude="true" sortRefs="true" symRefs="true" version="3"> <!-- xml2rfc v2v3 conversion3.30.03.32.0 --> <link href="https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn-05" rel="prev"/> <front> <titleabbrev="CoRE ALPN">ALPNabbrev="ALPN ID for CoAP over DTLS">Application-Layer Protocol Negotiation (ALPN) IDSpecificationfor CoAP over DTLS</title> <seriesInfoname="Internet-Draft" value="draft-ietf-core-coap-dtls-alpn-05"/>name="RFC" value="9952"/> <author fullname="Martine Sophie Lenders"> <organization abbrev="TU Dresden">TUD Dresden University of Technology</organization> <address> <postal> <street>Helmholtzstr. 10</street> <city>Dresden</city> <code>D-01069</code> <country>Germany</country> </postal> <email>martine.lenders@tu-dresden.de</email> </address> </author> <author initials="C." surname="Amsüss" fullname="Christian Amsüss"> <organization/> <address> <email>christian@amsuess.com</email> </address> </author> <author fullname="Thomas C. Schmidt"> <organization>HAW Hamburg</organization> <address> <postal> <street>Berliner Tor 7</street> <city>Hamburg</city> <code>D-20099</code> <country>Germany</country> </postal> <email>t.schmidt@haw-hamburg.de</email> </address> </author> <author initials="M." surname="Wählisch" fullname="Matthias Wählisch"> <organization abbrev="TU Dresden & Barkhausen Institut">TUD Dresden University of Technology & Barkhausen Institut</organization> <address> <postal> <street>Helmholtzstr. 10</street> <city>Dresden</city> <code>D-01069</code> <country>Germany</country> </postal> <email>m.waehlisch@tu-dresden.de</email> </address> </author> <dateyear="2025" month="August" day="11"/> <area>Web and Internet Transport</area> <workgroup>Constrained RESTful Environments</workgroup>year="2026" month="March"/> <area>WIT</area> <workgroup>core</workgroup> <keyword>CoRE</keyword> <keyword>CoAP</keyword> <keyword>SVCB</keyword> <keyword>DTLS</keyword> <keyword>ALPN</keyword> <abstract> <?line68?> <t>This87?> <!-- [rfced] FYI - We updated [I-D.ietf-core-dns-over-coap] to [PRE-RFC9953] for now. We will make the final updates in RFCXML (i.e., remove "PRE-"). --> <!-- [I-D.ietf-core-dns-over-coap] - RFC 9953 draft-ietf-core-dns-over-coap-20 Companion documentspecifies an(C554) --> <!--[rfced] Document Title a) Please note that the document title has been updated as follows. Abbreviations have been expanded per Section 3.6 of RFC 7322 ("RFC Style Guide"). In addition, is "Specification" essential to the title or may it be removed for conciseness? Original (document title): ALPN ID Specification for CoAP over DTLS Current: The Application-Layer Protocol Negotiation (ALPN) ID Specification fortransport-layer-securedthe Constrained Application Protocol (CoAP)services.</t> </abstract> <note removeInRFC="true"> <name>About This Document</name> <t> The latest revision of this draft can be found at <eref target="https://core-wg.github.io/coap-dtls-alpn/draft-ietf-core-coap-dtls-alpn.html"/>. Status informationover DTLS Perhaps: Application-Layer Protocol Negotiation (ALPN) ID forthis document may be found at <eref target="https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn/"/>. </t> <t> Discussion of this document takes place onthe ConstrainedRESTful Environments Working Group mailing list (<eref target="mailto:core@ietf.org"/>), which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/core/"/>. Subscribe at <eref target="https://www.ietf.org/mailman/listinfo/core/"/>. </t> <t>Source for this draft andApplication Protocol (CoAP) over DTLS --> <t>This document specifies anissue tracker can be found at <eref target="https://github.com/core-wg/coap-dtls-alpn"/>.</t> </note>Application-Layer Protocol Negotiation (ALPN) ID for Constrained Application Protocol (CoAP) services that are secured by DTLS.</t> </abstract> </front> <middle> <?line73?>122?> <section anchor="introduction"> <name>Introduction</name> <t>Application-Layer Protocol Negotiation (ALPN) enables communicating parties to agree on an application-layer protocol during a Transport Layer Security (TLS) handshake using an ALPN ID <xref target="RFC7301"/>. This ALPN ID can be discovered for services as part of Service Bindings(SVCB)(SVCBs) via the DNS, using SVCB resource records with the "alpn" Service Parameter Keys <xref target="RFC9460"/>. As an example, applications that use the Constrained Application Protocol (CoAP) <xref target="RFC7252"/> can obtain this information as part of the discovery of DNS over CoAP (DoC) servers (see <xref section="3.2" sectionFormat="of"target="I-D.ietf-core-dns-over-coap"/>)target="PRE-RFC9953"/>) that deploy TLS 1.3 <xref target="RFC8446"/> as well as Datagram Transport Layer Security (DTLS) 1.2 or 1.3 <xref target="RFC6347"/> <xref target="RFC9147"/> to secure their messages. This document specifies an ALPN ID for CoAP services that are secured bytransport layer security usingDTLS. An ALPN ID for CoAP services secured by TLS has already been specified in <xref target="RFC8323"/>.</t> </section> <section anchor="application-layer-protocol-negotiation-alpn-ids"> <name>Application-Layer Protocol Negotiation (ALPN) IDs</name> <t>For CoAP over TLS, an ALPN IDwasis defined as "coap" in <xref target="RFC8323"/>. As it is not advisable tore-usereuse the same ALPN ID for a different transport layer, an ALPN for CoAP over DTLS is registered in <xreftarget="iana-coap-alpn"/>.</t>target="iana"/>.</t> <t>ALPN ID values have variable length. For CoAP over DTLS, a short value ("co") is allocated, as this can avoid fragmentation of Client Hello and Server Hello messages in constrained networks with link-layer fragmentation, such as 6LoWPAN <xref target="RFC4944"/>.</t> <t>To discover CoAP services that secure their messages with TLS or DTLS, the ALPN IDs "coap" and "co" can be used, respectively, in the same manner as for any other service secured withtransport layer security,TLS, as described in <xref target="RFC9460"/>. The discovery of CoAP services that rely on other security mechanisms is out of the scope of this document.</t> </section> <section anchor="security-considerations"> <name>Security Considerations</name> <t>Any security considerationsonfor ALPN (see <xref target="RFC7301"/>) and SVCB resource records (see <xref target="RFC9460"/>) also apply to this document.</t> </section> <section anchor="iana"> <name>IANA Considerations</name><t><cref anchor="replace-xxxx">RFC Ed.: throughout this section, please replace RFC-XXXX with the RFC number of this specification and remove this note.</cref></t> <t>This document<t>IANA has added the followingactions for IANA.</t> <section anchor="iana-coap-alpn"> <name>TLS ALPN for CoAP</name> <t>The followingentryhas been addedto the "TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs"registry, which is part ofregistry in the "Transport Layer Security (TLS) Extensions" registry group.</t><ul spacing="normal"> <li> <t>Protocol: CoAP<table anchor="table1"> <name>TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs Registry</name> <thead> <tr> <th align="left">Protocol</th> <th align="left">Identification Sequence</th> <th align="left">Reference</th> </tr> </thead> <tbody> <tr> <td align="left">CoAP (overDTLS)</t> </li> <li> <t>Identification sequence: 0x63DTLS)</td> <td align="left">0x63 0x6f("co")</t> </li> <li> <t>Reference:("co")</td> <td align="left"> <xreftarget="RFC7252"/> and [RFC-XXXX]</t> </li> </ul>target="RFC7252"/>, RFC 9952</td> </tr> </tbody> </table> <t>Note that <xref target="RFC7252"/> does not define the use of the ALPN TLS extension during the DTLS connection handshake. This document does not change thisbehavior,behavior and thus does not establish any rules like those in <xref section="8.2" sectionFormat="of" target="RFC8323"/>.</t> </section></section></middle> <back> <references anchor="sec-combined-references"> <name>References</name> <references anchor="sec-normative-references"> <name>Normative References</name><reference anchor="RFC6347"> <front> <title>Datagram Transport Layer Security Version 1.2</title> <author fullname="E. Rescorla" initials="E." surname="Rescorla"/> <author fullname="N. Modadugu" initials="N." surname="Modadugu"/> <date month="January" year="2012"/> <abstract> <t>This document specifies version 1.2 of the Datagram Transport Layer Security (DTLS) protocol. The DTLS protocol provides communications privacy for datagram protocols. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the Transport Layer Security (TLS) protocol and provides equivalent security guarantees. Datagram semantics of the underlying transport are preserved by the DTLS protocol. This document updates DTLS 1.0 to work with TLS version 1.2. [STANDARDS-TRACK]</t> </abstract> </front> <seriesInfo name="RFC" value="6347"/> <seriesInfo name="DOI" value="10.17487/RFC6347"/> </reference> <reference anchor="RFC7252"> <front> <title>The Constrained Application Protocol (CoAP)</title> <author fullname="Z. Shelby" initials="Z." surname="Shelby"/> <author fullname="K. Hartke" initials="K." surname="Hartke"/> <author fullname="C. Bormann" initials="C." surname="Bormann"/> <date month="June" year="2014"/> <abstract> <t>The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained (e.g., low-power, lossy) networks. The nodes often have 8-bit microcontrollers with small amounts of ROM and RAM, while constrained networks such as IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs) often have high packet error rates and a typical throughput of 10s of kbit/s. The protocol is designed for machine- to-machine (M2M) applications such as smart energy and building automation.</t> <t>CoAP provides a request/response interaction model between application endpoints, supports built-in discovery of services and resources, and includes key concepts of the Web such as URIs and Internet media types. CoAP is designed to easily interface with HTTP for integration with the Web while meeting specialized requirements such as multicast support, very low overhead, and simplicity for constrained environments.</t> </abstract> </front> <seriesInfo name="RFC" value="7252"/> <seriesInfo name="DOI" value="10.17487/RFC7252"/> </reference> <reference anchor="RFC7301"> <front> <title>Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension</title> <author fullname="S. Friedl" initials="S." surname="Friedl"/> <author fullname="A. Popov" initials="A." surname="Popov"/> <author fullname="A. Langley" initials="A." surname="Langley"/> <author fullname="E. Stephan" initials="E." surname="Stephan"/> <date month="July" year="2014"/> <abstract> <t>This document describes a Transport Layer Security (TLS) extension for application-layer protocol negotiation within the TLS handshake. For instances in which multiple application protocols are supported on the same TCP or UDP port, this extension allows the application layer to negotiate which protocol will be used within the TLS connection.</t> </abstract> </front> <seriesInfo name="RFC" value="7301"/> <seriesInfo name="DOI" value="10.17487/RFC7301"/> </reference> <reference anchor="RFC9147"> <front> <title>The Datagram Transport Layer Security (DTLS) Protocol Version 1.3</title> <author fullname="E. Rescorla" initials="E." surname="Rescorla"/> <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/> <author fullname="N. Modadugu" initials="N." surname="Modadugu"/> <date month="April" year="2022"/> <abstract> <t>This document specifies version 1.3 of the Datagram Transport Layer Security (DTLS) protocol. DTLS 1.3 allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.</t> <t>The DTLS 1.3 protocol is based on the Transport Layer Security (TLS) 1.3 protocol and provides equivalent security guarantees with the exception of order protection / non-replayability. Datagram semantics of the underlying transport are preserved by the DTLS protocol.</t> <t>This document obsoletes RFC 6347.</t> </abstract> </front> <seriesInfo name="RFC" value="9147"/> <seriesInfo name="DOI" value="10.17487/RFC9147"/> </reference> <reference anchor="RFC9460"> <front> <title>Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records)</title> <author fullname="B. Schwartz" initials="B." surname="Schwartz"/> <author fullname="M. Bishop" initials="M." surname="Bishop"/> <author fullname="E. Nygren" initials="E." surname="Nygren"/> <date month="November" year="2023"/> <abstract> <t>This document specifies the "SVCB" ("Service Binding") and "HTTPS" DNS resource record (RR) types to facilitate the lookup of information needed to make connections to network services, such as for HTTP origins. SVCB records allow a service to be provided from multiple alternative endpoints, each with associated parameters (such as transport protocol configuration), and are extensible to support future uses (such as keys for encrypting the TLS ClientHello). They also enable aliasing of apex domains, which is not possible with CNAME. The HTTPS RR is a variation of SVCB for use with HTTP (see RFC 9110, "HTTP Semantics"). By providing more information to the client before it attempts to establish a connection, these records offer potential benefits to both performance and privacy.</t> </abstract> </front> <seriesInfo name="RFC" value="9460"/> <seriesInfo name="DOI" value="10.17487/RFC9460"/> </reference><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6347.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7252.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7301.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9147.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9460.xml"/> </references> <references anchor="sec-informative-references"> <name>Informative References</name> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8323.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8446.xml"/> <referenceanchor="RFC8323">anchor="PRE-RFC9953" target="https://www.rfc-editor.org/info/rfc9953"> <front><title>CoAP (Constrained Application Protocol)<title>DNS overTCP, TLS, and WebSockets</title> <author fullname="C. Bormann" initials="C." surname="Bormann"/> <author fullname="S. Lemay" initials="S." surname="Lemay"/> <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/> <author fullname="K. Hartke" initials="K." surname="Hartke"/> <author fullname="B. Silverajan" initials="B." surname="Silverajan"/> <author fullname="B. Raymor" initials="B." role="editor" surname="Raymor"/> <date month="February" year="2018"/> <abstract> <t>Thethe Constrained Application Protocol(CoAP), although inspired by HTTP, was designed to use UDP instead of TCP. The message layer of CoAP over UDP includes support for reliable delivery, simple congestion control, and flow control.</t> <t>Some environments benefit from the availability of CoAP carried over reliable transports such as TCP or Transport Layer Security (TLS). This document outlines the changes required to use CoAP over TCP, TLS, and WebSockets transports. It also formally updates RFC 7641 for use with these transports and RFC 7959 to enable the use of larger messages over a reliable transport.</t> </abstract> </front> <seriesInfo name="RFC" value="8323"/> <seriesInfo name="DOI" value="10.17487/RFC8323"/> </reference> <reference anchor="RFC8446"> <front> <title>The Transport Layer Security (TLS) Protocol Version 1.3</title> <author fullname="E. Rescorla" initials="E." surname="Rescorla"/> <date month="August" year="2018"/> <abstract> <t>This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.</t> <t>This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.</t> </abstract> </front> <seriesInfo name="RFC" value="8446"/> <seriesInfo name="DOI" value="10.17487/RFC8446"/> </reference> <reference anchor="I-D.ietf-core-dns-over-coap"> <front> <title>DNS over CoAP(DoC)</title> <author fullname="Martine SophieLenders" initials="M. S." surname="Lenders"> <organization>TUD Dresden University of Technology</organization>Lenders"> <organization/> </author> <author fullname="ChristianAmsüss" initials="C." surname="Amsüss">Amsüss"> <organization/> </author> <author fullname="CenkGündoğan" initials="C." surname="Gündoğan"> <organization>NeuralAgent GmbH</organization>Gündoğan"> <organization/> </author> <author fullname="Thomas C.Schmidt" initials="T. C." surname="Schmidt"> <organization>HAW Hamburg</organization>Schmidt"> <organization/> </author> <author fullname="MatthiasWählisch" initials="M." surname="Wählisch"> <organization>TUD Dresden University of Technology & Barkhausen Institut</organization>Wählisch"> <organization/> </author> <dateday="24" month="July" year="2025"/> <abstract> <t> This document defines a protocol for exchanging DNS messages over the Constrained Application Protocol (CoAP). These CoAP messages can be protected by (D)TLS-Secured CoAP (CoAPS) or Object Security for Constrained RESTful Environments (OSCORE) to provide encrypted DNS message exchange for constrained devices in the Internet of Things (IoT). </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-core-dns-over-coap-17"/> </reference> <reference anchor="RFC4944"> <front> <title>Transmission of IPv6 Packets over IEEE 802.15.4 Networks</title> <author fullname="G. Montenegro" initials="G." surname="Montenegro"/> <author fullname="N. Kushalnagar" initials="N." surname="Kushalnagar"/> <author fullname="J. Hui" initials="J." surname="Hui"/> <author fullname="D. Culler" initials="D." surname="Culler"/> <date month="September" year="2007"/> <abstract> <t>This document describes the frame format for transmission of IPv6 packets and the method of forming IPv6 link-local addresses and statelessly autoconfigured addresses on IEEE 802.15.4 networks. Additional specifications include a simple header compression scheme using shared context and provisions for packet delivery in IEEE 802.15.4 meshes. [STANDARDS-TRACK]</t> </abstract>year="2026" month="March"/> </front> <seriesInfo name="RFC"value="4944"/>value="PRE-9953"/> <seriesInfo name="DOI"value="10.17487/RFC4944"/>value="10.17487/PRE-RFC9953"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4944.xml"/> </references> </references> <?line123?> <section anchor="change-log"> <name>Change Log</name> <section anchor="since-draft-ietf-core-coap-dtls-alpn-04"> <name>Since <eref target="https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn/04/">draft-ietf-core-coap-dtls-alpn-04</eref></name> <ul spacing="normal"> <li> <t>Address Deb Cooley's IESG ballot COMMENT</t> </li> </ul> </section> <section anchor="since-draft-ietf-core-coap-dtls-alpn-03"> <name>Since <eref target="https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn/03/">draft-ietf-core-coap-dtls-alpn-03</eref></name> <ul spacing="normal"> <li> <t>Make DTLS references normative</t> </li> </ul> </section> <section anchor="since-draft-ietf-core-coap-dtls-alpn-02"> <name>Since <eref target="https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn/02/">draft-ietf-core-coap-dtls-alpn-02</eref></name> <ul spacing="normal"> <li> <t>Address shepherd review</t> </li> </ul> </section> <section anchor="since-draft-ietf-core-coap-dtls-alpn-01"> <name>Since <eref target="https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn/01/">draft-ietf-core-coap-dtls-alpn-01</eref></name> <ul spacing="normal"> <li> <t>Address review by Esko Dijk</t> </li> <li> <t>Address review by Marco Tiloca</t> </li> </ul> </section> <section anchor="since-draft-ietf-core-coap-dtls-alpn-00"> <name>Since <eref target="https://datatracker.ietf.org/doc/draft-ietf-core-coap-dtls-alpn/00/">draft-ietf-core-coap-dtls-alpn-00</eref></name> <ul spacing="normal"> <li> <t>Fix ALPN ID for CoAP over TLS</t> </li> <li> <t>Change intended status to Informational</t> </li> </ul> </section> </section>162?> <section numbered="false" anchor="acknowledgments"> <name>Acknowledgments</name> <t>We would like to thankRich Salz<contact fullname="Rich Salz"/> for the expert review on the "co" ALPN ID allocation. We would also like to thankMohamed Boucadair and Ben Schwartz<contact fullname="Mohamed Boucadair"/> and <contact fullname="Ben Schwartz"/> for their earlyreviewreviews before WG adoption of thisdraftspecification andEsko Dijk, Thomas Fossati,<contact fullname="Esko Dijk"/>, <contact fullname="Thomas Fossati"/>, andMarco Tiloca<contact fullname="Marco Tiloca"/> for their feedback and comments.</t> <t>This work was supported in parts by the German Federal Ministry of Research, Technology, and Space (BMFTR) under the grant numbers 16KIS1386K (TU Dresden) and 16KIS1387 (HAW Hamburg) within the research project PIVOT and under the grant numbers 16KIS1694K (TU Dresden) and 16KIS1695 (HAW Hamburg) within the research project C-ray4edge.</t> </section> </back> <!-- ##markdown-source:H4sIAAAAAAAAA7VY3W7juBW+11MQHqBNFpHsxNnMjK/GiZPZoEkaxJ6mwGwL 0BJtsZZEL0nZ8QR5m32M3u2L9TukJNuZbH6AqS/8I5Ln9zvfOXQYhoGVNhM9 1upfXF+x8wEbzkUsJzLmVqqCTZRmJ6p/zdRCaDYYXQxZK+DjsRYLnDlRN6eM DrYC7BdTpVc9JouJCoJExQXPITjRfGJDKewkjJUWeOPzMLGZCXk2L8LOz4Ep x7k0Bursao4T56ejM8beMZ4ZBSWySMRc4K2wrT3WEom0Skue0Y/z/jE+YGPr /GZ01gqKMh8L3QsSWNMLYlUYUZjS9JjVpQhgcjfgWnBIvRVjxouEnRdW6EJY NtK8MHOlbStYKj2balXOnYuFsZrLQiTs5nQ4mpQZOy0WUqsih0WmFczECgeS XsBCRgHxn/1r+hz+4+SYPilw9EmxChaiKGEdw+v1Wmi3D0/rFubJYso+02G/ knOZYYUC/IlCHSk99StcxylWUmvnptdu00Z6JBciqje26UF7rNXSiDaJaPuj U2nTclyJDZfT9nbq/KYMkTZ2Q0O1OfKnI6keHWs/D4gotXnWCgJe2lRpF1SG aGQeTJdcWwSJDdU8lYJdECy0cYbAkR4bfRmwgRYGYGFfCjipjbQrpiZsJOK0 UJmarnxYKgiPvtT73WMkQQh484vI8lRl9hseRGy/4xZjiOptbY9VAqMGYWe/ c/SxelIWlqrgs9A5L7wy4dOTe+OjzFv9yZZh4oVFiXCOeidPUi2Nlbxg/dz8 8V9jNoXE9eInnptSGBPFKn8UpVGqcm7YScSGcZrLxNYB4oX85uoaHvZv2S88 H5d6uuX5sdAZjNRshKp6v+H35uba74NO5+PLftvIeDM+pXwZpl7OtsuX3NpU wubbP35PM4n9b8sp+ws75nqW8hIFj5pGhGxp/yTTz2z+/+Y/WnLhvXuU+6BQ 2G3hG9HCzdnJUffwPagTRbF/4J+8P/j5ANlHrVS/u539HqOK8b8/7jcnutWT w6NOj5lFPA4C4uRtDR+6B10vL7RxJfPD4eER0lWJOA8H0bpKk8KE1ANcuUKR iv2Zw4+Hhz12lIHywzBEtInHYhsEo1Qa2lYSgTHju4owjGA9n2dVgwkv+Apg u9bKqlhl7ApNBOh2vWeH2HKXehKMD2zNz2FGR0Ij4lKDLjepc0PwWuQOkfEu M0IvZCxM5A0FHpMMkX9HHUCrpIzpVBC8zTZR8HEGp1CDeVm4cyDmORU6nlrF +BSAYjgAt/mGaOcDm9eik1LTQb7uQswrH5KXBPcddJBdlqJlmZTPBCuNO1Cw um/f3zv+fHiIfOjr5zH2jAVLADvKH6JEPb2OBkPNkblUTkP/jB2j40K4YTvU vnbZQnJmU8EGV8O9Si8tMOBXlRoHtABEEsOWoHy3s+X6QyPwmmtUOfos+5tY GbKUUEmW9h0exB3P55nY24wQopdyC3XCSXxtliGbAPrw4PxWY4sjEIB4NCVA yVg7TcLr2DhSgZd+2HFjz85AnXjsgHbYjkEy7++RFCemGx3QiRAof3jY9QZj VsnUitGgtB91yR5XTzAISpciy+hzwC2AwfNn0j1w+d4nDbqW5PkAourvJBYg 86VArkjNcvQEPiWcP1eBFTia8a7Bg3MCMxKr62u8Yk3pMQ9bU1vpwUCmIpXP Sd0QRpFJEQOeYRBLVsAmSLg2LkGa6hwSLxFGUKJvJQwTBGdbgyuU7m36vYQB iZg4OOFri/S1ntANfErLEMZCISrJQhqqd4o5KLHGpgG4t3znQNRkglpD2B/F bm0FcdqjyRp6tJiivbsyddag0XNvUV3cQa1pwTP0f8RyIfAdEzFZhtliatPo kfsD7z8zKRniDrIdON3aJZ08yxSN78kexcIVCxUPXygJstB8SvjxEQbaTzJJ fqFDZspN0ENXHNWDGn1kfbxRs5iwaaquOAITxqyiwC35e8yUcUpWHF2o2+v+ FeUDvcX5PVJNoT6F2SeLwKuj2Ko6CpSxKoRN4skNCkdNlsgsggF+m1OlL0S2 2oNDQZNsdHYakWCnS3cB4sBaw6oN3D0h/kn1ULSDRJhYy3ED/JoYR49p6QmP Neyi1lLrrooyx1SEQc/khpKryobmIG0u/I8NYnAF1vAO8azEdOo5GGCDb43k eGuRVLtAVqxYIXTXg+LJBlHv9F7uuhueI/0VldT3Zp33r/qPTGL376gmHoLg 6781uJbHIrzD61/fPejReMJOkwgjTYqr0jSlWDglxhP4HkPX4Ybsc+fcsIZD 4T/xWnczEuMvlk3wzNYlmRzWIkeu3KoTA8IQ0eMpKHX1JYAa1MrSNfDYe0U4 Im/J7XcOsDVJ+Mx7rzeYIHAQWQsSNHY6BY5QeZIAUy6oaMdO3ps4tFlDlbQq VtKA7DKVKFC53T9bL0wtp3cW13Dycy3KX33h7k+Nrl7VchvK2sXiOd3716E2 4rdSFDGm7s7dUZfeJhWTYe+NcKRLq+s5gJLz69c6q78CJ1dIja+g9a5ECU/y vis4t4jfKw9dMiiKonalHtncYEQrKI6imguaKe1xD260UIVOPVqQL1C4VK41 IGVpadb7cLUGrUuTOpLRJc2amZzRSQXrHGfU08iHahrZ6p1u1h3zeEbldOK1 XqipQ9lQIlTs60t/0BwiZCHrJ3RfwegixkiTysTqr4adnw4/QzowaNnJ3y8v T69Gb5HcdZIvaZx1IdR1/sj56rryFnkHW5aaVMxBjFSaCymWbxG0vyXIn6fZ 5dTMFBvI/8yeXL3kOlZsJKmbvkVbx2k7k3ffD1D18IL1KnmysPT3QYKrKrel u2OcrydbnoEGX05oj9X/1iSYROnCNhN6/X8Q8PrCvzTtzmH7ZUXdH6Go+wpF Bz9C0cErFO3/CEX7r1DU+RGKOm03PMezQi0zkbg5ywT3vbLw7UwkaCO3omIU 6hW8mLEbYvghz745GBK/ibu50LZGuio86dO8VAO2GiGBwIgEur6+LfVSpZic EnasypgnXGrHdsdoVcM4XaKZNOqwJLjGSFBXlsCCYLef0dTU3N3SmxmGAuAE NZW5V//7daYwAlrpWXWzNDf0TIRIiBzdHrrDU4Ci4H9GVYqFFxcAAA==H4sIAJ+8uWkAA7VY3XLbuBW+51OgykzHmjEZWbLlWNNuI1txVhPb8VjKpp1M LiASkrCmCC4AWlEcP0tv+hh7lz5YvwOQtORV3Did+sKSQOCc7/x954BhGAZW 2lT0WKOf56mMuZUqC8/4Smh2qZVVsUrZhZgpK90jttM/u7xosuGATZVmJ6p/ ydQNNg/GZ6NGwCcTLW5IGnZ9axOUQKBe9ZjMpioIEhVnfAEMieZTG0php2Gs tMA/noeJTU3I0zwLWweBKSYLaQyA2FWOE8NX49MgKxYToXvs6OigHRR5AvGm F6iJUalwX2OVGZGZwvSY1YUIZK7dN2PbrdZRqx3kssc+wNZdZlYLLaYGX5S2 9O1jQPJ6rN1qd8NWJ4BxnYBrwXvs/XAcLJW+nmlV5D1GkINrscJS0gtYCLuv XvnP/iV9jn45OaZP8gJ9ko+CIOCFnSvtTrBpkabeF+dcW5kJNlL5XAp2JrJE aBMw/Ck967HxuwEbaGESkbF3mYR3jbQrpqZsLOJ5plI1W7ndVUjG76r9btnA OmF77GeRLuYqtZ+xELG9lnsYQ1RvY3usEoAahK29VveoXCkyS0F8LfSCZ16Z WHCZ9tjCg49Sj/qlLcLEC4sS4Qz1Rp7MtTTIrIz1F+br78asC4mrhy/5whTC mChWiwdeGs/Vght2ErFRPF/IxFYO4pn87BIWFvbfs5/5YlLo2Yblx0KnAKnZ GDl6uGb3+ubKbkqU/263jYyH8XLOl+Hcy9k0+ZxbO5fA/P7rv+apxP6nxZT9 mR1zfT3nBVKaDTN4yBb2G5F+ZPP/N/7Rkgtv3YPYB5nCbgvbkPDs6vSk29k/ ROWjyPfafuWwfdCmauJ5+bvT2usxYgD/+2ivPtEpV/a7rR4zN/EkCIhSNjW8 6LQ7Xl5o41Lmi/39LsLlRDxjbBgOonvaSTITEl05/oEmFePQ5dWrkFQdHXR6 ztSwesJYSaE/uR/0N7gYecKzc4Hyh981R6olbI1k7+l1Z6BOml4Q1zMKytza 3PSeP18ul5GexqFIpFU6QpI8J/ueY42A+EAKLYWh5V6tH0B7DnG9y6F6O+wh wtHe4f6Lw+drBrkdnuZAO/HckZ1PqYqbyOBa0Hex1Lbt2+t9606RXbPXX3/P EvXvf/Lsm/u2E8B2qFsKDw7YP9rf77FuikYUhGGIKqJoxTYI/vIn/PwAX4vk Izv9xxBF/F4w32AS9uGRpPnIrGIf1jz8MaBGmKllRCKWMk3BkdfC5cdUZjwt xRq0RAL19/MztiMjEe0yLRaQyxokrdGMgPGnCtqjCEKSw1x4H/bVjZ2gtuBE LXIwJpISKV0sRGbZzsnBwX7zXlvlh0G1YUxJj+7VZJep4EbAOksGceusqgW5 4mBzOH4iQEKV+/B7qtJULU0U9B1x+QHDYCvMdXvFJ6BKsDlHKY1E7MqmE3WJ Ecm4w067zXYa9HVkV0DzupCJICcFw4zxBFWDE7tMGtYY5SKW07L2GgztBOAk HI9IEV4PE0Fa8BWTFgBKzycudBghYokjOPe3IHir5cxFbWfTzKarlGr22VC5 ZRIKgpNCaxx2p8YA8eQZ7A8qSNL3kQ5haa6DuRR6zkE7zoQfGAZ/XLVLsvEc YardabxhKAgiix9B870wwJ83MoYil7qY7LASFxqnJisHL/K8AHJJKOGfoY9a rZLCpWMQPA2cyPgkhTKMMosic+eyGcuJRgmCYnyGvsxwAHbzNdGpE51XopNC 00HOxppnJsewyrzyEYGnqWEH0Jsopiwxc6KawrgDWZ2et7durL67i7zvq/UY e5D9CSiSQgRHUOrWbkLhElyqwZFfY8cySyDcsB0acU2ToZZdKqAP7paK6Qkq yqhCx1RaIKLEgAnt3O1sEJRGLfGSa5C2hT1vxMoQVOruBLXvMkJ84os8Fbvr LiojiFHnSWkI2USDd3fOcDWxOAIB0rB6lKBo3Fvt2K10jhvO6m7vytt1c+cu dEK2YxDN29t78mrTiRB5fnfX9IATkadqxRAuthd1CI+bSwAISpcCrQKfA26R GXzxSLwHLuB7pEFXkvxcBVHVdxKLLPMpTqZIMB5Ijc+EiR6twYcXuu+om/5j x9Z2k+nUIHiKe1Wy8uRfaU+oJZZBogGOkgBF+FROMEFwusHAULq7bhhZLqYu XQClQeoaW1Qj/9AdsBntDi3mRhoqaPKpFlXqGeTuhuUcCTOdCu0aRR1AV9L3 GDxprTcIUqPFDCOTK0MHBsMTdy6o5N/wFJcj3zVvuJYODi5eMzuPHpg88DYz Myf17iDaZ6waTdLE0Y3pap7skgNcBVBF8BslQQGazygpvFeRwiepJGtwfUhB WlniShc6/EKVUoQ5XivETFi6MZeFj+vXdUlsG/Jx+y4whQJF90y9v+xfUBAw oTm7x6quvm2JuDWzvTryqKq8QHEqXVhHm8wgd1QUiHgmNIBRKtKFIl1hlsiC OsS49tD90Y0y+MjABnhWc2Wd4pV2cmyQCBNrOanzuiK28UNa2WKcBgTqDZWa svQXuB1ifDMLQ3FURU1TkJYL/2OtsF391LxBPImpSXsORV7BjFpyvPHQmemc VtJa2UCaPgG2Mny105uJnalRjrVXfvJ6iGvYv+g/wMRun7msx1RHDx1TJDQW uunZDZHUYQRdR6txrkHBfhpH1M+QEY2y7iDQdQMS+HijffXJioxeTK2fdW+G YNaXe+Ff2DChybMe2kbit0Jk8NgXdiUcR9B3HPHdpC7cJja0PnU79G9ale2X +/a1W837bZy+7fmB9K//ox8AyZvSYM8sMcseonBRD/r3vTNRwlOi51DnMqLD MhFd0hAUUbmpmmDcmEBPkGpZ2SXroeVhR6q1UL7PhE+fiQD3SVeAlBKFud8m DIGWZu6KUxc0eaXS3bsUwLkCrFrzi7I1b/QZN/lNeHztWk58jRtcKhLHVAZO LjL/7lEkcAtd7FSRJqUGykOOS+zt7e2VBJuNePr5Dp6iGiKjcbkRmkr6Rool FbXLMmKfitlLQga46F64q58/aDhXcxBSwo5VEfOES02ayB94doxmisvxEuPL OgDQo+AaZegRkB/xRLD3r1FdKnfDbcUcZuOaUcp9Za4VG8hfr+8o+bBQ3sVP FUjXSrdabqW3Cgo3RrJnE8JUiIT863bSUEyejcrbALUKtoRIU+RUeZ4zaQ4z NDaQw/zLJ3YqiC1Sdi4zX3l0QxRG0NuM3bW3Zx7RKOeosZ3j89PxVZMV9M7C CcOAhSTzITVsr/tmONrrvOi+QYnXr9Q811XPDtnO2uvFpmP6kjB0qZ5m9l+R Y+xy+MvbsTv9uMbu0f43NXaPDp6g8STUfLWPfEUh/Qcsvsbg6xcAAA== --> </rfc>