rfc9909.original.xml   rfc9909.xml 
<?xml version='1.0' encoding='utf-8'?> <?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE rfc [ <!DOCTYPE rfc [
<!ENTITY nbsp "&#160;"> <!ENTITY nbsp "&#160;">
<!ENTITY zwsp "&#8203;"> <!ENTITY zwsp "&#8203;">
<!ENTITY nbhy "&#8209;"> <!ENTITY nbhy "&#8209;">
<!ENTITY wj "&#8288;"> <!ENTITY wj "&#8288;">
]> ]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.29 (Ruby 3.4. <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft
4) --> -ietf-lamps-x509-slhdsa-09" number="9909" updates="" obsoletes="" xml:lang="en"
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs
-ietf-lamps-x509-slhdsa-09" category="std" consensus="true" submissionType="IETF ="true" symRefs="true" version="3">
" tocInclude="true" sortRefs="true" symRefs="true" version="3">
<!-- xml2rfc v2v3 conversion 3.29.0 -->
<front> <front>
<title abbrev="SLH-DSA for X.509">Internet X.509 Public Key Infrastructure:
Algorithm Identifiers for SLH-DSA</title> <title abbrev="SLH-DSA for X.509">Internet X.509 Public Key Infrastructure:
<seriesInfo name="Internet-Draft" value="draft-ietf-lamps-x509-slhdsa-09"/> Algorithm Identifiers for SLH&nbhy;DSA</title>
<seriesInfo name="RFC" value="9909"/>
<author initials="K." surname="Bashiri" fullname="Kaveh Bashiri"> <author initials="K." surname="Bashiri" fullname="Kaveh Bashiri">
<organization>BSI</organization> <organization>BSI</organization>
<address> <address>
<email>kaveh.bashiri.ietf@gmail.com</email> <email>kaveh.bashiri.ietf@gmail.com</email>
</address> </address>
</author> </author>
<author initials="S." surname="Fluhrer" fullname="Scott Fluhrer"> <author initials="S." surname="Fluhrer" fullname="Scott Fluhrer">
<organization>Cisco Systems</organization> <organization>Cisco Systems</organization>
<address> <address>
<email>sfluhrer@cisco.com</email> <email>sfluhrer@cisco.com</email>
skipping to change at line 45 skipping to change at line 46
<address> <address>
<email>daniel.vangeest@cryptonext-security.com</email> <email>daniel.vangeest@cryptonext-security.com</email>
</address> </address>
</author> </author>
<author initials="S." surname="Kousidis" fullname="Stavros Kousidis"> <author initials="S." surname="Kousidis" fullname="Stavros Kousidis">
<organization>BSI</organization> <organization>BSI</organization>
<address> <address>
<email>kousidis.ietf@gmail.com</email> <email>kousidis.ietf@gmail.com</email>
</address> </address>
</author> </author>
<date year="2025" month="June" day="30"/> <date year="2025" month="December"/>
<area>sec</area> <area>SEC</area>
<workgroup>LAMPS - Limited Additional Mechanisms for PKIX and SMIME</workgro <workgroup>lamps</workgroup>
up>
<keyword>SLH-DSA</keyword> <keyword>SLH-DSA</keyword>
<keyword>SPHINCS+</keyword> <keyword>SPHINCS+</keyword>
<keyword>PQ Signatures</keyword> <keyword>PQ Signatures</keyword>
<keyword>post-quantum X.509</keyword> <keyword>post-quantum X.509</keyword>
<abstract> <abstract>
<?line 128?>
<t>Digital signatures are used within X.509 Public Key Infrastructure such as X. <!--[rfced] For clarity, may we update this sentence?
509 certificates, Certificate Revocation Lists (CRLs), and to sign messages. Th
is document specifies the conventions for using the Stateless Hash-Based Digital Original:
Signature Algorithm (SLH-DSA) in X.509 Public Key Infrastructure. The conventi Digital signatures are used within X.509 Public Key Infrastructure
ons for the associated signatures, subject public keys, and private keys are als such as X.509 certificates, Certificate Revocation Lists (CRLs), and
o specified.</t> to sign messages.
Perhaps:
Digital signatures are used within the X.509 Public Key Infrastructure,
such as X.509 certificates and Certificate Revocation Lists (CRLs), as well a
s
to sign messages.
-->
<t>Digital signatures are used within the X.509 Public Key Infrastructure such a
s X.509 certificates, Certificate Revocation Lists (CRLs), and to sign messages.
This document specifies the conventions for using the Stateless Hash-Based Dig
ital Signature Algorithm (SLH-DSA) in the X.509 Public Key Infrastructure. The
conventions for the associated signatures, subject public keys, and private keys
are also specified.</t>
<!-- End of Abstract --> <!-- End of Abstract -->
</abstract> </abstract>
<note removeInRFC="true">
<name>About This Document</name>
<t>
Status information for this document may be found at <eref target="https
://datatracker.ietf.org/doc/draft-ietf-lamps-x509-slhdsa/"/>.
</t>
<t>
Discussion of this document takes place on the
LAMPS Working Group mailing list (<eref target="mailto:spasm@ietf.org"/>
),
which is archived at <eref target="https://mailarchive.ietf.org/arch/bro
wse/spasm/"/>.
Subscribe at <eref target="https://www.ietf.org/mailman/listinfo/spasm/"
/>.
</t>
<t>Source for this draft and an issue tracker can be found at
<eref target="https://github.com/x509-hbs/draft-x509-slhdsa"/>.</t>
</note>
</front> </front>
<middle> <middle>
<?line 134?>
<section anchor="introduction"> <section anchor="introduction">
<name>Introduction</name> <name>Introduction</name>
<t>The Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) is a qua <t>The Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) is a qua
ntum-resistant digital signature scheme standardized in <xref target="FIPS205"/> ntum-resistant digital signature scheme standardized in <xref target="FIPS205"/>
by the US National Institute of Standards and Technology (NIST) PQC project <xr by the US National Institute of Standards and Technology (NIST) Post-Quantum Cr
ef target="NIST-PQC"/>. Prior to standardization, the algorithm was known as SPH yptography (PQC) project <xref target="NIST-PQC"/>. Prior to standardization, th
INCS+. SLH-DSA and SPHINCS+ are not compatible. This document defines the ASN.1 e algorithm was known as SPHINCS+. SLH-DSA and SPHINCS+ are not compatible. This
Object Identifiers (OIDs) and conventions for the encoding of SLH-DSA digital si document defines the ASN.1 Object Identifiers (OIDs) and conventions for the en
gnatures, public keys and private keys in the X.509 Public Key Infrastructure.</ coding of SLH-DSA digital signatures, public keys, and private keys in the X.509
t> Public Key Infrastructure.</t>
<t>SLH-DSA offers three security levels. The parameters for each of the s <t>SLH-DSA offers three security levels. The parameters for each of the s
ecurity levels were chosen to be at least as secure as a generic block cipher of ecurity levels were chosen to be at least as secure as a generic block cipher of
128, 192, or 256 bits. There are small (s) and fast (f) versions of the algorit 128, 192, or 256 bits. There are small (s) and fast (f) versions of the algorit
hm, and the option to use the SHA2 algorithm family <xref target="FIPS180"/> or hm, and there is also the option to use the SHA-2 algorithm family <xref target=
SHAKE256 <xref target="FIPS202"/> as internal functions. While the fast versions "FIPS180"/> or SHAKE256 <xref target="FIPS202"/> as internal functions. While th
are optimized for key generation and signing speed, they are actually slower at e fast versions are optimized for key generation and signing speed, they are act
verification than the SLH-DSA small parameter sets. The small versions are opti ually slower at verification than the SLH-DSA small parameter sets. The small ve
mized for signature size, see <xref target="tab-strengths"/>. As an example, id- rsions are optimized for signature size; see <xref target="tab-strengths"/>. As
slh-dsa-shake-256s represents the 256-bit security level, the small version of t an example, id-slh-dsa-shake-256s represents the 256-bit security level, the sma
he algorithm, and the use of SHAKE256.</t> ll version of the algorithm, and the use of SHAKE256.</t>
<t>NIST <xref target="CSOR"/> has assigned separate algorithm identifiers for SLH-DSA for <t>NIST <xref target="CSOR"/> has assigned separate algorithm identifiers for SLH-DSA for
each combination of these security levels, fast vs small, SHA2 vs each combination of these security levels: fast vs. small, SHA-2 vs.
SHAKE256, and pure mode vs pre-hash mode.</t> SHAKE256, and pure mode vs. pre-hash mode.</t>
<t>SLH-DSA signature operations include as input an optional context strin <t>SLH-DSA signature operations include an optional context string (ctx) a
g (ctx), defined in Section 10.2 of <xref target="FIPS205"/>. The context strin s input, defined in Section 10.2 of <xref target="FIPS205"/>. The context strin
g has a maximum length of 255 bytes. By default, the context string is the empt g has a maximum length of 255 bytes. By default, the context string is the empt
y string. This document only specifies the use of the empty context string for u y string. This document only specifies the use of the empty context string for u
se in the X.509 Public Key Infrastructure.</t> se in the X.509 Public Key Infrastructure.</t>
<t>SLH-DSA offers two signature modes: pure mode, where the entire content is signed directly, and pre-hash mode, where a digest of the content is signed. This document uses the term SLH-DSA to refer to the algorithm in general. Whe n a pure or pre-hash mode needs to be differentiated, the terms Pure SLH-DSA and HashSLH-DSA are used. <t>SLH-DSA offers two signature modes: pure mode, where the entire content is signed directly, and pre-hash mode, where a digest of the content is signed. This document uses the term SLH-DSA to refer to the algorithm in general. Whe n a pure or pre-hash mode needs to be differentiated, the terms Pure SLH-DSA and HashSLH-DSA are used.
This document specifies the use of both Pure SLH-DSA and HashSLH-DSA in Public K ey Infrastructure X.509 (PKIX) certificates and Certificate Revocation Lists (CR Ls).</t> This document specifies the use of both Pure SLH-DSA and HashSLH-DSA in Public K ey Infrastructure X.509 (PKIX) certificates and Certificate Revocation Lists (CR Ls).</t>
<section anchor="notation"> <section anchor="notation">
<name>Notation</name> <name>Notation</name>
<t>The following notation is used in this document:</t> <t>The following notation is used in this document:</t>
<ul spacing="normal"> <dl spacing="normal" newline="false">
<li> <dt>a || b:</dt><dd>Concatenation of a and b.</dd>
<t>a || b: concatenation of a and b</t> <dt>id-slh-dsa-*:</dt><dd>A shorthand to refer to all 12 OIDs used to
</li> specify the different parameter combinations for Pure SLH-DSA.</dd>
<li> <dt>id-hash-slh-dsa-*:</dt><dd>A shorthand to refer to all 12 OIDs use
<t>id-slh-dsa-*: A shorthand to refer to all 12 OIDs used to specify d to specify the different parameter combinations for HashSLH-DSA.</dd>
the different parameter combinations for Pure SLH-DSA.</t> </dl>
</li>
<li>
<t>id-hash-slh-dsa-*: A shorthand to refer to all 12 OIDs used to sp
ecify the different parameter combinations for HashSLH-DSA.</t>
</li>
</ul>
<!-- End of introduction section -->
</section> </section>
</section>
<section anchor="conventions">
<name>Conventions</name>
<t>
The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>",
"<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>",
"<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are
to be interpreted as described in BCP&nbsp;14 <xref target="RFC2119"/>
<xref target="RFC8174"/> when, and only when, they appear in all capitals,
as shown here.
</t>
</section> </section>
<section anchor="conventions-and-definitions">
<name>Conventions and Definitions</name>
<t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14
>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECO
MMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be i
nterpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and
only when, they
appear in all capitals, as shown here.</t>
<?line -18?>
</section>
<section anchor="sec-alg-ids"> <section anchor="sec-alg-ids">
<name>Algorithm Identifiers</name> <name>Algorithm Identifiers</name>
<t>The AlgorithmIdentifier type is defined in <xref target="RFC5912"/> as follows:</t> <t>The AlgorithmIdentifier type is defined in <xref target="RFC5912"/> as follows:</t>
<sourcecode type="asn.1"><![CDATA[ <sourcecode type="asn.1"><![CDATA[
AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::= AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::=
SEQUENCE { SEQUENCE {
algorithm ALGORITHM-TYPE.&id({AlgorithmSet}), algorithm ALGORITHM-TYPE.&id({AlgorithmSet}),
parameters ALGORITHM-TYPE. parameters ALGORITHM-TYPE.
&Params({AlgorithmSet}{@algorithm}) OPTIONAL &Params({AlgorithmSet}{@algorithm}) OPTIONAL
} }
]]></sourcecode> ]]></sourcecode>
<aside> <aside>
<t>NOTE: The above syntax is from <xref target="RFC5912"/> and is compat ible with the 2021 ASN.1 syntax <xref target="X680"/>. <t>NOTE: The above syntax is from <xref target="RFC5912"/> and is compat ible with the 2021 ASN.1 syntax <xref target="X680"/>.
See <xref target="RFC5280"/> for the 1988 ASN.1 syntax.</t> See <xref target="RFC5280"/> for the 1988 ASN.1 syntax.</t>
</aside> </aside>
<t>The fields in AlgorithmIdentifier have the following meanings:</t> <t>The fields in AlgorithmIdentifier have the following meanings:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>algorithm identifies the cryptographic algorithm with an object ide ntifier.</t> <t>algorithm identifies the cryptographic algorithm with an object ide ntifier.</t>
</li> </li>
<!--[rfced] To clarify that the first "parameters" refers to the field rather
than parameters in general, may we clarify this text as follows>
Original:
* parameters, which are optional, are the associated parameters for
the algorithm identifier in the algorithm field.
Perhaps:
* parameters, which is optional, identifies the associated parameters for
the algorithm identifier in the algorithm field.
-->
<li> <li>
<t>parameters, which are optional, are the associated parameters for t he algorithm identifier in the algorithm field.</t> <t>parameters, which are optional, are the associated parameters for t he algorithm identifier in the algorithm field.</t>
</li> </li>
</ul> </ul>
<t>The object identifiers for SLH-DSA are defined in the NIST Computer Sec urity Objects Register <xref target="CSOR"/>, and are reproduced here for conven ience. <t>The object identifiers for SLH-DSA are defined in the NIST Computer Sec urity Objects Register <xref target="CSOR"/> and are reproduced here for conveni ence.
The same algorithm identifiers are used for identifying a public key, a private key, and a signature.</t> The same algorithm identifiers are used for identifying a public key, a private key, and a signature.</t>
<t>The Pure SLH-DSA OIDs are defined in <xref target="I-D.ietf-lamps-cms-s phincs-plus"/>'s ASN.1 module and reproduced here for convenience:</t> <t>The Pure SLH-DSA OIDs are defined in the ASN.1 module in <xref target=" RFC9814"/> and reproduced here for convenience:</t>
<sourcecode type="asn.1"><![CDATA[ <sourcecode type="asn.1"><![CDATA[
nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
country(16) us(840) organization(1) gov(101) csor(3) 4 } country(16) us(840) organization(1) gov(101) csor(3) 4 }
sigAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 3 } sigAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 3 }
id-slh-dsa-sha2-128s OBJECT IDENTIFIER ::= { sigAlgs 20 } id-slh-dsa-sha2-128s OBJECT IDENTIFIER ::= { sigAlgs 20 }
id-slh-dsa-sha2-128f OBJECT IDENTIFIER ::= { sigAlgs 21 } id-slh-dsa-sha2-128f OBJECT IDENTIFIER ::= { sigAlgs 21 }
skipping to change at line 221 skipping to change at line 229
id-hash-slh-dsa-shake-256f-with-shake256 OBJECT IDENTIFIER ::= { id-hash-slh-dsa-shake-256f-with-shake256 OBJECT IDENTIFIER ::= {
sigAlgs 46 } sigAlgs 46 }
]]></sourcecode> ]]></sourcecode>
<t>The contents of the parameters component for each algorithm <bcp14>MUST </bcp14> be absent.</t> <t>The contents of the parameters component for each algorithm <bcp14>MUST </bcp14> be absent.</t>
</section> </section>
<section anchor="slh-dsa-signatures"> <section anchor="slh-dsa-signatures">
<name>SLH-DSA Signatures</name> <name>SLH-DSA Signatures</name>
<t>SLH-DSA is a digital signature scheme built upon hash functions. The se curity of SLH-DSA relies on the security properties of the underlying hash funct ions, such as the presumed difficulty of finding preimages.</t> <t>SLH-DSA is a digital signature scheme built upon hash functions. The se curity of SLH-DSA relies on the security properties of the underlying hash funct ions, such as the presumed difficulty of finding preimages.</t>
<t>Signatures can be placed in a number of different ASN.1 structures. <t>Signatures can be placed in a number of different ASN.1 structures.
The top level structure for a certificate is given below as being The top-level structure for a certificate is given below as being
illustrative of how signatures are frequently encoded with an illustrative of how signatures are frequently encoded with an
algorithm identifier and a location for the signature.</t> algorithm identifier and a location for the signature.</t>
<sourcecode type="asn.1"><![CDATA[ <sourcecode type="asn.1"><![CDATA[
Certificate ::= SIGNED{ TBSCertificate } Certificate ::= SIGNED{ TBSCertificate }
SIGNED{ToBeSigned} ::= SEQUENCE { SIGNED{ToBeSigned} ::= SEQUENCE {
toBeSigned ToBeSigned, toBeSigned ToBeSigned,
algorithmIdentifier SEQUENCE { algorithmIdentifier SEQUENCE {
algorithm SIGNATURE-ALGORITHM. algorithm SIGNATURE-ALGORITHM.
&id({SignatureAlgorithms}), &id({SignatureAlgorithms}),
skipping to change at line 243 skipping to change at line 251
&Params({SignatureAlgorithms} &Params({SignatureAlgorithms}
{@algorithmIdentifier.algorithm}) {@algorithmIdentifier.algorithm})
OPTIONAL OPTIONAL
}, },
signature BIT STRING (CONTAINING SIGNATURE-ALGORITHM.&Value( signature BIT STRING (CONTAINING SIGNATURE-ALGORITHM.&Value(
{SignatureAlgorithms} {SignatureAlgorithms}
{@algorithmIdentifier.algorithm})) {@algorithmIdentifier.algorithm}))
} }
]]></sourcecode> ]]></sourcecode>
<aside> <aside>
<t>The above syntax is from <xref target="RFC5912"/> and is compatible w ith the 2021 ASN.1 syntax <xref target="X680"/>. <t>NOTE: The above syntax is from <xref target="RFC5912"/> and is compat ible with the 2021 ASN.1 syntax <xref target="X680"/>.
See <xref target="RFC5280"/> for the 1988 ASN.1 syntax.</t> See <xref target="RFC5280"/> for the 1988 ASN.1 syntax.</t>
</aside> </aside>
<!--[rfced] May we update this sentence for clarity?
Original:
The same algorithm identifiers are used for signatures as are used
for public keys.
Perhaps:
The algorithm identifiers used for signatures are the same as those used
for public keys.
-->
<t>The same algorithm identifiers are used for signatures as are used <t>The same algorithm identifiers are used for signatures as are used
for public keys. When used to identify signature algorithms, the for public keys. When used to identify signature algorithms, the
parameters <bcp14>MUST</bcp14> be absent.</t> parameters <bcp14>MUST</bcp14> be absent.</t>
<t>The data to be signed is prepared for SLH-DSA. Then, a private key <t>The data to be signed is prepared for SLH-DSA. Then, a private key
operation is performed to generate the raw signature value.</t> operation is performed to generate the raw signature value.</t>
<t>When signing data using the Pure SLH-DSA signature algorithm, Algorithm 22 (slh_sign) from <t>When signing data using the Pure SLH-DSA signature algorithm, Algorithm 22 (slh_sign) from
Section 10.2.1 of <xref target="FIPS205"/> is used. When verifying Pure SLH-DSA signed data, Section 10.2.1 of <xref target="FIPS205"/> is used. When verifying Pure SLH-DSA signed data,
Algorithm 24 (slh_verify) from Section 10.3 of <xref target="FIPS205"/> is used. Algorithm 24 (slh_verify) from Section 10.3 of <xref target="FIPS205"/> is used.
When signing data using the HashSLH-DSA signature algorithm, Algorithm 23 (hash_ slh_sign) from When signing data using the HashSLH-DSA signature algorithm, Algorithm 23 (hash_ slh_sign) from
Section 10.2.2 of <xref target="FIPS205"/> is used. When verifying HashSLH-DSA s igned data, Section 10.2.2 of <xref target="FIPS205"/> is used. When verifying HashSLH-DSA s igned data,
Algorithm 25 (hash_slh_verify) from Section 10.3 of <xref target="FIPS205"/> is used. Algorithm 25 (hash_slh_verify) from Section 10.3 of <xref target="FIPS205"/> is used.
All four of these algorithms create a message, M', from the message to be signed along with other data, All four of these algorithms create a message, M', from the message to be signed along with other data,
and M' is operated on by internal SLH-DSA algorithms. M' may be constructed out side the and M' is operated on by internal SLH-DSA algorithms. M' may be constructed out side the
module that performs the internal SLH-DSA algorithms.</t> module that performs the internal SLH-DSA algorithms.</t>
<!--[rfced] Is "M'" part of the expansion of "PH_M"? Should the abbreviation
be moved after "M'"?
Original:
In the case of HashSLH-DSA, there is a pre-hash component (PH_M) of
M'.
Perhaps:
In the case of HashSLH-DSA, there is a pre-hash component of
M' (PH_M).
Or:
In the case of HashSLH-DSA, there is a pre-hash component of
M' referred to as PH_M.
-->
<t>In the case of HashSLH-DSA, there is a pre-hash component (PH_M) of M'. PH_M may be computed <t>In the case of HashSLH-DSA, there is a pre-hash component (PH_M) of M'. PH_M may be computed
in the signing/verifying module, in which case the entire message to be signed i s sent to the in the signing/verifying module; in which case, the entire message to be signed is sent to the
module. Alternatively, PH_M may be computed in a different module. In this case , either PH_M module. Alternatively, PH_M may be computed in a different module. In this case , either PH_M
is sent to the signing/verifying module, which creates M', or M' is created outs ide the is sent to the signing/verifying module, which creates M', or M' is created outs ide the
signing/verifying module and is sent to the module. HashSLH-DSA allows this impl ementation signing/verifying module and is sent to the module. HashSLH-DSA allows this impl ementation
flexibility in order to reduce, and make consistent, the amount of data transfer red to flexibility in order to reduce, and make consistent, the amount of data transfer red to
signing/verifying modules. The hash algorithm or XOF used to generate the pre-h ash when signing and verifying with signing/verifying modules. The hash algorithm or extendable-output function (XO F) used to generate the pre-hash when signing and verifying with
HashSLH-DSA is specified after the "-with-" component of the signature algorithm name. For example, when signing with HashSLH-DSA is specified after the "-with-" component of the signature algorithm name. For example, when signing with
id-hash-slh-dsa-sha2-128s-with-sha256, SHA-256 is used as the pre-hash algorithm . When pre-hashing id-hash-slh-dsa-sha2-128s-with-sha256, SHA-256 is used as the pre-hash algorithm . When pre-hashing
is performed using SHAKE128, the output length is 256 bits. When pre-hashing is performed using is performed using SHAKE128, the output length is 256 bits. When pre-hashing is performed using
SHAKE256, the output length is 512 bits.</t> SHAKE256, the output length is 512 bits.</t>
<t>Section 9.2 of <xref target="FIPS205"/> defines an SLH-DSA signature as <t>Section 9.2 of <xref target="FIPS205"/> defines an SLH-DSA signature as
three elements, three elements:
R, SIG_FORS and SIG_HT. The raw octet string encoding of an SLH-DSA R, SIG_FORS, and SIG_HT. The raw octet string encoding of an SLH-DSA
signature is the concatenation of these three elements, i.e. R || SIG_FORS || SI signature is the concatenation of these three elements, i.e., R || SIG_FORS || S
G_HT. IG_HT.
The raw octet string representing the signature is encoded The raw octet string representing the signature is encoded
directly in the BIT STRING without adding any additional ASN.1 directly in the BIT STRING without adding any additional ASN.1
wrapping. For example, in the Certificate structure, the raw signature wrapping. For example, in the Certificate structure, the raw signature
value is encoded in the "signature" BIT STRING field.</t> value is encoded in the "signature" BIT STRING field.</t>
</section> </section>
<section anchor="sec-pub-keys"> <section anchor="sec-pub-keys">
<name>Subject Public Key Fields</name> <name>Subject Public Key Fields</name>
<t>In the X.509 certificate, the subjectPublicKeyInfo field has the Subjec tPublicKeyInfo type, which has the following ASN.1 syntax:</t> <t>In the X.509 certificate, the subjectPublicKeyInfo field has the Subjec tPublicKeyInfo type, which has the following ASN.1 syntax:</t>
<sourcecode type="asn.1"><![CDATA[ <sourcecode type="asn.1"><![CDATA[
SubjectPublicKeyInfo {PUBLIC-KEY: IOSet} ::= SEQUENCE { SubjectPublicKeyInfo {PUBLIC-KEY: IOSet} ::= SEQUENCE {
algorithm AlgorithmIdentifier {PUBLIC-KEY, {IOSet}}, algorithm AlgorithmIdentifier {PUBLIC-KEY, {IOSet}},
subjectPublicKey BIT STRING } subjectPublicKey BIT STRING }
]]></sourcecode> ]]></sourcecode>
<aside> <aside>
<t>The above syntax is from <xref target="RFC5912"/> and is compatible w ith the 2021 ASN.1 syntax <xref target="X680"/>. <t>NOTE: The above syntax is from <xref target="RFC5912"/> and is compat ible with the 2021 ASN.1 syntax <xref target="X680"/>.
See <xref target="RFC5280"/> for the 1988 ASN.1 syntax.</t> See <xref target="RFC5280"/> for the 1988 ASN.1 syntax.</t>
</aside> </aside>
<t>The fields in SubjectPublicKeyInfo have the following meanings:</t> <t>The fields in SubjectPublicKeyInfo have the following meanings:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>algorithm is the algorithm identifier and parameters for the public key (see above).</t> <t>algorithm is the algorithm identifier and parameters for the public key (see above).</t>
</li> </li>
<li> <li>
<t>subjectPublicKey contains the byte stream of the public key.</t> <t>subjectPublicKey contains the byte stream of the public key.</t>
</li> </li>
</ul> </ul>
<t><xref target="I-D.ietf-lamps-cms-sphincs-plus"/> defines the following public key identifiers for Pure SLH-DSA:</t> <t><xref target="RFC9814"/> defines the following public key identifiers f or Pure SLH-DSA:</t>
<sourcecode type="asn.1"><![CDATA[ <sourcecode type="asn.1"><![CDATA[
pk-slh-dsa-sha2-128s PUBLIC-KEY ::= { pk-slh-dsa-sha2-128s PUBLIC-KEY ::= {
IDENTIFIER id-slh-dsa-sha2-128s IDENTIFIER id-slh-dsa-sha2-128s
-- KEY no ASN.1 wrapping -- -- KEY no ASN.1 wrapping --
CERT-KEY-USAGE CERT-KEY-USAGE
{ digitalSignature, nonRepudiation, keyCertSign, cRLSign } { digitalSignature, nonRepudiation, keyCertSign, cRLSign }
-- PRIVATE-KEY no ASN.1 wrapping -- } -- PRIVATE-KEY no ASN.1 wrapping -- }
pk-slh-dsa-sha2-128f PUBLIC-KEY ::= { pk-slh-dsa-sha2-128f PUBLIC-KEY ::= {
IDENTIFIER id-slh-dsa-sha2-128f IDENTIFIER id-slh-dsa-sha2-128f
skipping to change at line 476 skipping to change at line 513
{ digitalSignature, nonRepudiation, keyCertSign, cRLSign } { digitalSignature, nonRepudiation, keyCertSign, cRLSign }
-- PRIVATE-KEY no ASN.1 wrapping -- } -- PRIVATE-KEY no ASN.1 wrapping -- }
pk-hash-slh-dsa-shake-256f-with-shake256 PUBLIC-KEY ::= { pk-hash-slh-dsa-shake-256f-with-shake256 PUBLIC-KEY ::= {
IDENTIFIER id-hash-slh-dsa-shake-256f-with-shake256 IDENTIFIER id-hash-slh-dsa-shake-256f-with-shake256
-- KEY no ASN.1 wrapping -- -- KEY no ASN.1 wrapping --
CERT-KEY-USAGE CERT-KEY-USAGE
{ digitalSignature, nonRepudiation, keyCertSign, cRLSign } { digitalSignature, nonRepudiation, keyCertSign, cRLSign }
-- PRIVATE-KEY no ASN.1 wrapping -- } -- PRIVATE-KEY no ASN.1 wrapping -- }
]]></sourcecode> ]]></sourcecode>
<t>Section 9.1 of <xref target="FIPS205"/> defines an SLH-DSA public key a s two n-byte elements, <t>Section 9.1 of <xref target="FIPS205"/> defines an SLH-DSA public key a s two n-byte elements:
PK.seed and PK.root. The raw octet string encoding of an SLH-DSA PK.seed and PK.root. The raw octet string encoding of an SLH-DSA
public key is the concatenation of these two elements, i.e. PK.seed || PK.root. The octet public key is the concatenation of these two elements, i.e., PK.seed || PK.root. The octet
string length is 2*n bytes, where n is 16, 24, or 32, depending on the SLH-DSA p arameter string length is 2*n bytes, where n is 16, 24, or 32, depending on the SLH-DSA p arameter
set. When used in a SubjectPublicKeyInfo type, the subjectPublicKey BIT STRING set. When used in a SubjectPublicKeyInfo type, the subjectPublicKey BIT STRING
contains the raw octet string encoding of the public key.</t> contains the raw octet string encoding of the public key.</t>
<t><xref target="I-D.ietf-lamps-cms-sphincs-plus"/> defines the SLH-DSA-Pu blicKey and SLH-DSA-PrivateKey ASN.1 <t><xref target="RFC9814"/> defines the SLH-DSA-PublicKey and SLH-DSA-Priv ateKey ASN.1
OCTET STRING types to provide an option for encoding a Pure SLH-DSA public or pr ivate key in an OCTET STRING types to provide an option for encoding a Pure SLH-DSA public or pr ivate key in an
environment that uses ASN.1 encoding but doesn't define its own mapping of an environment that uses ASN.1 encoding but doesn't define its own mapping of an
SLH-DSA raw octet string to ASN.1. HashSLH-DSA public and private keys can use S LH-DSA-PublicKey SLH-DSA raw octet string to ASN.1. HashSLH-DSA public and private keys can use S LH-DSA-PublicKey
and SLH-DSA-PrivateKey in the same way. To map an SLH-DSA-PublicKey OCTET STRIN G to and SLH-DSA-PrivateKey in the same way. To map an SLH-DSA-PublicKey OCTET STRIN G to
a SubjectPublicKeyInfo, the OCTET STRING is mapped to the subjectPublicKey a SubjectPublicKeyInfo, the OCTET STRING is mapped to the subjectPublicKey
field (a value of type BIT STRING) as follows: the most significant field (a value of type BIT STRING) as follows: The most significant
bit of the OCTET STRING value becomes the most significant bit of the BIT bit of the OCTET STRING value becomes the most significant bit of the BIT
STRING value, and so on; the least significant bit of the OCTET STRING STRING value, and so on; the least significant bit of the OCTET STRING
becomes the least significant bit of the BIT STRING.</t> becomes the least significant bit of the BIT STRING.</t>
<t>The AlgorithmIdentifier for an SLH-DSA public key <bcp14>MUST</bcp14> u se one of the id-slh-dsa-* or id-hash-slh-dsa-* object identifiers from <xref ta rget="sec-alg-ids"/>. The parameters field of the AlgorithmIdentifier for the SL H-DSA public key <bcp14>MUST</bcp14> be absent.</t> <t>The AlgorithmIdentifier for an SLH-DSA public key <bcp14>MUST</bcp14> u se one of the id-slh-dsa-* or id-hash-slh-dsa-* object identifiers from <xref ta rget="sec-alg-ids"/>. The parameters field of the AlgorithmIdentifier for the SL H-DSA public key <bcp14>MUST</bcp14> be absent.</t>
<t><xref target="example-public"/> contains an example of an id-slh-dsa-sh a2-128s public <t><xref target="example-public"/> contains an example of an id-slh-dsa-sh a2-128s public
key encoded using the textual encoding defined in <xref target="RFC7468"/>.</t> key encoded using the textual encoding defined in <xref target="RFC7468"/>.</t>
</section> </section>
<section anchor="key-usage-bits"> <section anchor="key-usage-bits">
<name>Key Usage Bits</name> <name>Key Usage Bits</name>
<t>The intended application for the key is indicated in the keyUsage certi ficate extension; see <xref section="4.2.1.3" sectionFormat="of" target="RFC5280 "/>. If the keyUsage extension is present in a certificate that indicates an id -slh-dsa-* (Pure SLH-DSA) or id-hash-slh-dsa-* (HashSLH-DSA) identifier in the S ubjectPublicKeyInfo, then at least one of the following <bcp14>MUST</bcp14> be p resent:</t> <t>The intended application for the key is indicated in the keyUsage certi ficate extension; see <xref section="4.2.1.3" sectionFormat="of" target="RFC5280 "/>. If the keyUsage extension is present in a certificate that indicates an id -slh-dsa-* (Pure SLH-DSA) or id-hash-slh-dsa-* (HashSLH-DSA) identifier in the S ubjectPublicKeyInfo, then at least one of the following <bcp14>MUST</bcp14> be p resent:</t>
<artwork><![CDATA[ <ul spacing="normal">
digitalSignature <li>digitalSignature</li>
nonRepudiation <li>nonRepudiation</li>
keyCertSign <li>keyCertSign</li>
cRLSign <li>cRLSign</li>
]]></artwork> </ul>
<t>If the keyUsage extension is present in a certificate that indicates an id-slh-dsa-* (Pure SLH-DSA) or id-hash-slh-dsa-* (HashSLH-DSA) identifier in th e SubjectPublicKeyInfo, then the following <bcp14>MUST NOT</bcp14> be present:</ t> <t>If the keyUsage extension is present in a certificate that indicates an id-slh-dsa-* (Pure SLH-DSA) or id-hash-slh-dsa-* (HashSLH-DSA) identifier in th e SubjectPublicKeyInfo, then the following <bcp14>MUST NOT</bcp14> be present:</ t>
<artwork><![CDATA[ <ul spacing="normal">
keyEncipherment, <li>keyEncipherment</li>
dataEncipherment, <li>dataEncipherment</li>
keyAgreement, <li>keyAgreement</li>
encipherOnly, and <li>encipherOnly</li>
decipherOnly. <li>decipherOnly</li>
]]></artwork> </ul>
<t>Requirements about the keyUsage extension bits defined in <xref target= "RFC5280"/> still apply.</t> <t>Requirements about the keyUsage extension bits defined in <xref target= "RFC5280"/> still apply.</t>
</section> </section>
<section anchor="private-key-format"> <section anchor="private-key-format">
<name>Private Key Format</name> <name>Private Key Format</name>
<t>"Asymmetric Key Packages" <xref target="RFC5958"/> describes how to enc ode a private <t>"Asymmetric Key Packages" <xref target="RFC5958"/> describes how to enc ode a private
key in a structure that both identifies what algorithm the private key in a structure that both identifies what algorithm the private
key is for and optionally allows for the public key and additional attributes key is for and optionally allows for the public key and additional attributes
about the key to be included as well. For illustration, the ASN.1 about the key to be included as well. For illustration, the ASN.1
structure OneAsymmetricKey is replicated below.</t> structure OneAsymmetricKey is replicated below.</t>
<sourcecode type="asn.1"><![CDATA[ <sourcecode type="asn.1"><![CDATA[
skipping to change at line 538 skipping to change at line 575
..., ...,
[[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]], [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
... ...
} }
PrivateKey ::= OCTET STRING PrivateKey ::= OCTET STRING
PublicKey ::= BIT STRING PublicKey ::= BIT STRING
]]></sourcecode> ]]></sourcecode>
<aside> <aside>
<t>The above syntax is from <xref target="RFC5958"/> and is compatible w ith the 2021 ASN.1 syntax <xref target="X680"/>.</t> <t>NOTE: The above syntax is from <xref target="RFC5958"/> and is compat ible with the 2021 ASN.1 syntax <xref target="X680"/>.</t>
</aside> </aside>
<t>Section 9.1 of <xref target="FIPS205"/> defines an SLH-DSA private key as four n-byte <t>Section 9.1 of <xref target="FIPS205"/> defines an SLH-DSA private key as four n-byte
elements, SK.seed, SK.prf, PK.seed and PK.root. The raw octet string elements: SK.seed, SK.prf, PK.seed, and PK.root. The raw octet string
encoding of an SLH-DSA private key is the concatenation of these four encoding of an SLH-DSA private key is the concatenation of these four
elements, i.e. SK.seed || SK.prf || PK.seed || PK.root. The octet string elements, i.e., SK.seed || SK.prf || PK.seed || PK.root. The octet string
length is 4*n bytes, where n is 16, 24, or 32, depending on the SLH-DSA paramete r length is 4*n bytes, where n is 16, 24, or 32, depending on the SLH-DSA paramete r
set. When used in a OneAsymmetricKey type, the privateKey set. When used in a OneAsymmetricKey type, the privateKey
OCTET STRING contains the raw octet string encoding of the private key.</t> OCTET STRING contains the raw octet string encoding of the private key.</t>
<t>When an SLH-DSA public key is included in a OneAsymmetricKey type, it i s <t>When an SLH-DSA public key is included in a OneAsymmetricKey type, it i s
encoded in the same manner as in a SubjectPublicKeyInfo type. That is, the encoded in the same manner as in a SubjectPublicKeyInfo type. That is, the
publicKey BIT STRING contains the raw octet string encoding of the public publicKey BIT STRING contains the raw octet string encoding of the public
key.</t> key.</t>
<t><xref target="example-private"/> contains an example of an id-slh-dsa-s ha2-128s private <t><xref target="example-private"/> contains an example of an id-slh-dsa-s ha2-128s private
key encoded using the textual encoding defined in <xref target="RFC7468"/>.</t> key encoded using the textual encoding defined in <xref target="RFC7468"/>
.</t>
<!--[rfced] Is "new" accurate in this sentence, as RFC 5958 was
published in August 2010? If not, may it be removed?
Original:
NOTE: There exist some private key import functions that have not
picked up the new ASN.1 structure OneAsymmetricKey that is defined in
[RFC5958].
Perhaps:
NOTE: There exist some private key import functions that have not
picked up the ASN.1 structure OneAsymmetricKey that is defined in
[RFC5958].
-->
<aside>
<t>NOTE: There exist some private key import functions that have not <t>NOTE: There exist some private key import functions that have not
picked up the new ASN.1 structure OneAsymmetricKey that is defined in picked up the new ASN.1 structure OneAsymmetricKey, which is defined in
<xref target="RFC5958"/>. This means that they will not accept a private key <xref target="RFC5958"/>. This means that they will not accept a private key
structure that contains the public key field. This means a balancing structure that contains the public key field. This means a balancing
act needs to be done between being able to do a consistency check on act needs to be done between being able to do a consistency check on
the key pair and widest ability to import the key.</t> the key pair and widest ability to import the key.</t>
</aside>
</section> </section>
<section anchor="operational-considerations"> <section anchor="operational-considerations">
<name>Operational Considerations</name> <name>Operational Considerations</name>
<t>SLH-DSA uses the same OID to identify a public key and a <t>SLH-DSA uses the same OID to identify a public key and a
signature algorithm. The implication of this is that, despite being signature algorithm. The implication of this is that, despite being
mathematically possible, an SLH-DSA key identified by a Pure SLH-DSA OID mathematically possible, an SLH-DSA key identified by a Pure SLH-DSA OID
is not permitted to be used to generate or verify a signature identified by is not permitted to be used to generate or verify a signature identified by
an HashSLH-DSA OID, and vice-versa.</t> a HashSLH-DSA OID, and vice versa.</t>
<t>CA operators will need to decide in advance whether their CA certificat <t>Certification authority (CA) operators will need to decide in advance w
es hether their CA certificates
will use Pure SLH-DSA or HashSLH-DSA and assign the appropriate OID to will use Pure SLH-DSA or HashSLH-DSA and assign the appropriate OID to
the public and private keys when generating their certificate. Some of the foll owing the public and private keys when generating their certificate. Some of the foll owing
considerations may affect this decision.</t> considerations may affect this decision.</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>When using an external signing module, such as an HSM, the size of data that <t>When using an external signing module, such as a Hardware Security Module (HSM), the size of data that
can be transferred to and processed by the signature module may be limited. can be transferred to and processed by the signature module may be limited.
SLH-DSA performs two passes on the internal M' message, so it must be held SLH-DSA performs two passes on the internal M' message, so it must be held
in memory. Using HashSLH-DSA reduces the size of M'.</t> in memory. Using HashSLH-DSA reduces the size of M'.</t>
</li> </li>
<li> <li>
<t>Large CRLs might also exceed the size limits of HSM signing operati ons when using <t>Large CRLs might also exceed the size limits of HSM signing operati ons when using
Pure SLH-DSA. One way to limit the size of CRLs is to make use of CRL Distributi on Pure SLH-DSA. One way to limit the size of CRLs is to make use of CRL Distributi on
Points and Issuing Distribution Points to create partitioned CRLs in accordance with Points and Issuing Distribution Points to create partitioned CRLs in accordance with
<xref section="5.2.5" sectionFormat="of" target="RFC5280"/>.</t> <xref section="5.2.5" sectionFormat="of" target="RFC5280"/>.</t>
</li> </li>
<li> <li>
<t>EE certificates with many SANs might also exceed the size limits of HSM signing operations.</t> <t>End Entity (EE) certificates with many subject alternative names (S ANs) might also exceed the size limits of HSM signing operations.</t>
</li> </li>
<li> <li>
<t>Potential verifiers' environments might need to be considered. The entire certificate or <t>Potential verifiers' environments might need to be considered. The entire certificate or
CRL needs to be held in memory during SLH-DSA signature verification, it cannot CRL needs to be held in memory during SLH-DSA signature verification; it cannot
be be
streamed. In particular, there is a randomizer (R) which is extracted from the S streamed. In particular, there is a randomizer (R) that is extracted from the SL
LH-DSA signature and H-DSA signature and
fed to a digest function before M' is. Thus, to stream a message for SLH-DSA ver fed to a digest function before M' is. Thus, to stream a message for SLH-DSA ver
ification the ification, the
signature must come before the message. This is not the case for certificates an d CRLs. Using signature must come before the message. This is not the case for certificates an d CRLs. Using
HashSLH-DSA reduces the size of the M' being held in memory.</t> HashSLH-DSA reduces the size of the M' being held in memory.</t>
</li> </li>
</ul> </ul>
<t>An SLH-DSA private key has a very large (2^64) number of signatures it can <t>An SLH-DSA private key has a very large (2<sup>64</sup>) number of sign atures it can
safely generate (see <xref target="sec-cons"/>). If an operator might conceivab ly generate a safely generate (see <xref target="sec-cons"/>). If an operator might conceivab ly generate a
number of signatures approaching this limit, they should mitigate potential harm by number of signatures approaching this limit, they should mitigate potential harm by
tracking the number of signatures generated and destroying the private key once tracking the number of signatures generated and destroying the private key once
an appropriate limit is reached, or by setting the "Not After" (expiration) date an appropriate limit is reached or by setting the "Not After" (expiration) date
of of
the certificate such that the the limit couldn't possibly be surpassed given the the certificate such that the limit couldn't possibly be surpassed given the
rate of signing.</t> rate of signing.</t>
</section> </section>
<section anchor="sec-cons"> <section anchor="sec-cons">
<name>Security Considerations</name> <name>Security Considerations</name>
<t>The security considerations of <xref target="RFC5280"/> apply according ly. Moreover, the security aspects <t>The security considerations of <xref target="RFC5280"/> apply according ly. Moreover, the security aspects
mentioned throughout <xref target="FIPS205"/> should be taken into account; see for instance Sections 3.1 mentioned throughout <xref target="FIPS205"/> should be taken into account; for instance, see Sections 3.1
and 3.2 or the beginning of Section 11.</t> and 3.2 or the beginning of Section 11.</t>
<t>The security of SLH-DSA relies on the security properties of the intern al hash and XOF <t>The security of SLH-DSA relies on the security properties of the intern al hash and XOF
functions. In particular, it relies on these functions being preimage resistant, but it functions. In particular, it relies on these functions being preimage resistant, but it
does not rely on them being collision resistant. Since HashSLH-DSA performs a pr e-hash does not rely on them being collision resistant. Since HashSLH-DSA performs a pr e-hash
before signing, it relies on both preimage resistance and collision resistance o f the before signing, it relies on both preimage resistance and collision resistance o f the
pre-hash function. In order to achieve an appropriate level of collision resista nce, pre-hash function. In order to achieve an appropriate level of collision resista nce,
the output length of the pre-hash functions used for HashSLH-DSA is twice the le ngth of the output length of the pre-hash functions used for HashSLH-DSA is twice the le ngth of
the internal hash and XOF functions.</t> the internal hash and XOF functions.</t>
<t>Implementations <bcp14>MUST</bcp14> protect the private keys. Compromi se of the <t>Implementations <bcp14>MUST</bcp14> protect the private keys. Compromi se of the
private keys may result in the ability to forge signatures.</t> private keys may result in the ability to forge signatures.</t>
<t>When generating an SLH-DSA key pair, an implementation <bcp14>MUST</bcp 14> generate <t>When generating an SLH-DSA key pair, an implementation <bcp14>MUST</bcp 14> generate
each key pair independently of all other key pairs in the SLH-DSA each key pair independently of all other key pairs in the SLH-DSA
hypertree.</t> hypertree.</t>
<t>An SLH-DSA tree <bcp14>MUST NOT</bcp14> be used for more than 2^64 sign ing <t>An SLH-DSA tree <bcp14>MUST NOT</bcp14> be used for more than 2<sup>64< /sup> signing
operations.</t> operations.</t>
<t>The generation of private keys relies on random numbers. The use of <t>The generation of private keys relies on random numbers. The use of
inadequate pseudo-random number generators (PRNGs) to generate these inadequate pseudorandom number generators (PRNGs) to generate these
values can result in little or no security. An attacker may find it values can result in little or no security. An attacker may find it
much easier to reproduce the PRNG environment that produced the keys, much easier to reproduce the PRNG environment that produced the keys,
searching the resulting small set of possibilities, rather than brute searching the resulting small set of possibilities, rather than brute
force searching the whole key space. The generation of quality force searching the whole key space. The generation of quality
random numbers is difficult; see Section 3.1 of <xref target="FIPS205"/> for som e random numbers is difficult; see Section 3.1 of <xref target="FIPS205"/> for som e
additional information.</t> additional information.</t>
<t>Fault attacks can lead to forgeries of message signatures <xref target= "CMP2018"/> and <xref target="Ge2023"/>. <t>Fault attacks can lead to forgeries of message signatures; see <xref ta rget="CMP2018"/> and <xref target="Ge2023"/>.
Verifying a signature before releasing the signature value Verifying a signature before releasing the signature value
is a typical fault attack countermeasure; however, this is a typical fault attack countermeasure; however, this
countermeasure is not effective for SLH-DSA <xref target="Ge2023"/>. Redundancy by countermeasure is not effective for SLH-DSA <xref target="Ge2023"/>. Redundancy by
replicating the signature generation process can be used as an replicating the signature generation process can be used as an
effective fault attack countermeasure for SLH-DSA <xref target="Ge2023"/>; howev er, effective fault attack countermeasure for SLH-DSA <xref target="Ge2023"/>; howev er,
the SLH-DSA signature generation is already considered slow.</t> the SLH-DSA signature generation is already considered slow.</t>
<t>Likewise, passive power and emissions side-channel attacks can leak the SLH-DSA <t>Likewise, passive power and emissions side-channel attacks can leak the SLH-DSA
private signing key, and countermeasures can be taken against these attacks <xre f target="SLotH"/>.</t> private signing key, and countermeasures can be taken against these attacks <xre f target="SLotH"/>.</t>
</section> </section>
<section anchor="iana-considerations"> <section anchor="iana-considerations">
<name>IANA Considerations</name> <name>IANA Considerations</name>
<t>For the ASN.1 Module in <xref target="sec-asn1"/> of this document, IAN <!--[rfced] Regarding the IANA-registered description:
A is
requested to assign an object identifier (OID) for the module 120 id-mod-x509-slh-dsa-2024
identifier (TBD1) with a Description of "id-mod-x509-slh-dsa-2024". The
OID for the module should be allocated in the "SMI Security for PKIX Please confirm that "2024" should remain, i.e., the year should not be updated
to "2025" (or "2026") to match the publication date of the reference (this RFC).
-->
<t>For the ASN.1 module in <xref target="sec-asn1"/> of this document, IAN
A has assigned an object identifier (OID) for the module
identifier (120) with a Description of "id-mod-x509-slh-dsa-2024". The
OID for the module has been allocated in the "SMI Security for PKIX
Module Identifier" registry (1.3.6.1.5.5.7.0).</t> Module Identifier" registry (1.3.6.1.5.5.7.0).</t>
</section> </section>
</middle> </middle>
<back> <back>
<references anchor="sec-combined-references"> <references anchor="sec-combined-references">
<name>References</name> <name>References</name>
<references anchor="sec-normative-references"> <references anchor="sec-normative-references">
<name>Normative References</name> <name>Normative References</name>
<reference anchor="FIPS205" target="https://doi.org/10.6028/NIST.FIPS.20 5"> <reference anchor="FIPS205" target="https://nvlpubs.nist.gov/nistpubs/FI PS/NIST.FIPS.205.pdf">
<front> <front>
<title>Stateless Hash-Based Digital Signature Standard</title> <title>Stateless Hash-Based Digital Signature Standard</title>
<author> <author>
<organization>National Institute of Standards and Technology (NIST )</organization> <organization abbrev="NIST">National Institute of Standards and Te chnology (NIST)</organization>
</author> </author>
<date year="2024" month="August" day="13"/> <date year="2024" month="August" day="13"/>
</front> </front>
<seriesInfo name="FIPS PUB" value="205"/> <seriesInfo name="NIST FIPS" value="205"/>
<seriesInfo name="DOI" value="10.6028/NIST.FIPS.205"/>
</reference> </reference>
<reference anchor="X680" target="https://www.itu.int/rec/T-REC-X.680"> <reference anchor="X680" target="https://www.itu.int/rec/T-REC-X.680">
<front> <front>
<title>Information technology - Abstract Syntax Notation One (ASN.1) : Specification of basic notation</title> <title>Information technology - Abstract Syntax Notation One (ASN.1) : Specification of basic notation</title>
<author> <author>
<organization>ITU-T</organization> <organization>ITU-T</organization>
</author> </author>
<date year="2021" month="February"/> <date year="2021" month="February"/>
</front> </front>
<seriesInfo name="ITU-T Recommendation" value="X.680"/> <seriesInfo name="ITU-T Recommendation" value="X.680"/>
<seriesInfo name="ISO/IEC" value="8824-1:2021"/> <seriesInfo name="ISO/IEC" value="8824-1:2021"/>
</reference> </reference>
<reference anchor="X690" target="https://www.itu.int/rec/T-REC-X.690"> <reference anchor="X690" target="https://www.itu.int/rec/T-REC-X.690">
<front> <front>
<title>Information technology - Abstract Syntax Notation One (ASN.1) : ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical E ncoding Rules (CER) and Distinguished Encoding Rules (DER)</title> <title>Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)</title>
<author> <author>
<organization>ITU-T</organization> <organization>ITU-T</organization>
</author> </author>
<date year="2021" month="February"/> <date year="2021" month="February"/>
</front> </front>
<seriesInfo name="ITU-T Recommendation" value="X.690"/> <seriesInfo name="ITU-T Recommendation" value="X.690"/>
<seriesInfo name="ISO/IEC" value="8825-1:2021"/> <seriesInfo name="ISO/IEC" value="8825-1:2021"/>
</reference> </reference>
<reference anchor="CSOR" target="https://csrc.nist.gov/projects/computer -security-objects-register/algorithm-registration"> <reference anchor="CSOR" target="https://csrc.nist.gov/projects/computer -security-objects-register/algorithm-registration">
<front> <front>
<title>Computer Security Objects Register</title> <title>Computer Security Objects Register (CSOR)</title>
<author initials="" surname="NIST" fullname="National Institute of S <author>
tandards and Technology"> <organization abbrev="NIST">National Institute of Standards and Te
<organization/> chnology (NIST)</organization>
</author> </author>
<date year="2024" month="August" day="20"/> <date year="2025" month="June" day="13"/>
</front>
</reference>
<reference anchor="RFC2119">
<front>
<title>Key words for use in RFCs to Indicate Requirement Levels</tit
le>
<author fullname="S. Bradner" initials="S." surname="Bradner"/>
<date month="March" year="1997"/>
<abstract>
<t>In many standards track documents several words are used to sig
nify the requirements in the specification. These words are often capitalized. T
his document defines these words as they should be interpreted in IETF documents
. This document specifies an Internet Best Current Practices for the Internet Co
mmunity, and requests discussion and suggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC8174">
<front>
<title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</ti
tle>
<author fullname="B. Leiba" initials="B." surname="Leiba"/>
<date month="May" year="2017"/>
<abstract>
<t>RFC 2119 specifies common key words that may be used in protoco
l specifications. This document aims to reduce the ambiguity by clarifying that
only UPPERCASE usage of the key words have the defined special meanings.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="8174"/>
<seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>
<reference anchor="RFC5912">
<front>
<title>New ASN.1 Modules for the Public Key Infrastructure Using X.5
09 (PKIX)</title>
<author fullname="P. Hoffman" initials="P." surname="Hoffman"/>
<author fullname="J. Schaad" initials="J." surname="Schaad"/>
<date month="June" year="2010"/>
<abstract>
<t>The Public Key Infrastructure using X.509 (PKIX) certificate fo
rmat, and many associated formats, are expressed using ASN.1. The current ASN.1
modules conform to the 1988 version of ASN.1. This document updates those ASN.1
modules to conform to the 2002 version of ASN.1. There are no bits-on-the-wire c
hanges to any of the formats; this is simply a change to the syntax. This docume
nt is not an Internet Standards Track specification; it is published for informa
tional purposes.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5912"/>
<seriesInfo name="DOI" value="10.17487/RFC5912"/>
</reference>
<reference anchor="RFC5280">
<front>
<title>Internet X.509 Public Key Infrastructure Certificate and Cert
ificate Revocation List (CRL) Profile</title>
<author fullname="D. Cooper" initials="D." surname="Cooper"/>
<author fullname="S. Santesson" initials="S." surname="Santesson"/>
<author fullname="S. Farrell" initials="S." surname="Farrell"/>
<author fullname="S. Boeyen" initials="S." surname="Boeyen"/>
<author fullname="R. Housley" initials="R." surname="Housley"/>
<author fullname="W. Polk" initials="W." surname="Polk"/>
<date month="May" year="2008"/>
<abstract>
<t>This memo profiles the X.509 v3 certificate and X.509 v2 certif
icate revocation list (CRL) for use in the Internet. An overview of this approac
h and model is provided as an introduction. The X.509 v3 certificate format is d
escribed in detail, with additional information regarding the format and semanti
cs of Internet name forms. Standard certificate extensions are described and two
Internet-specific extensions are defined. A set of required certificate extensi
ons is specified. The X.509 v2 CRL format is described in detail along with stan
dard and Internet-specific extensions. An algorithm for X.509 certification path
validation is described. An ASN.1 module and examples are provided in the appen
dices. [STANDARDS-TRACK]</t>
</abstract>
</front> </front>
<seriesInfo name="RFC" value="5280"/>
<seriesInfo name="DOI" value="10.17487/RFC5280"/>
</reference> </reference>
<reference anchor="I-D.ietf-lamps-cms-sphincs-plus"> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2
<front> 119.xml"/>
<title>Use of the SLH-DSA Signature Algorithm in the Cryptographic M <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8
essage Syntax (CMS)</title> 174.xml"/>
<author fullname="Russ Housley" initials="R." surname="Housley"> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5
<organization>Vigil Security, LLC</organization> 912.xml"/>
</author> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5
<author fullname="Scott Fluhrer" initials="S." surname="Fluhrer"> 280.xml"/>
<organization>Cisco Systems</organization>
</author>
<author fullname="Panos Kampanakis" initials="P." surname="Kampanaki
s">
<organization>Amazon Web Services</organization>
</author>
<author fullname="Bas Westerbaan" initials="B." surname="Westerbaan"
>
<organization>Cloudflare</organization>
</author>
<date day="13" month="January" year="2025"/>
<abstract>
<t> SLH-DSA is a stateless hash-based signature scheme. This do
cument
specifies the conventions for using the SLH-DSA signature algorithm
with the Cryptographic Message Syntax (CMS). In addition, the
algorithm identifier and public key syntax are provided.
</t> <!-- [I-D.ietf-lamps-cms-sphincs-plus] [RFC9814]
</abstract> Published 7/19/2025
</front> -->
<seriesInfo name="Internet-Draft" value="draft-ietf-lamps-cms-sphincs- <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9
plus-19"/> 814.xml"/>
</reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5
<reference anchor="RFC5958"> 958.xml"/>
<front>
<title>Asymmetric Key Packages</title>
<author fullname="S. Turner" initials="S." surname="Turner"/>
<date month="August" year="2010"/>
<abstract>
<t>This document defines the syntax for private-key information an
d a content type for it. Private-key information includes a private key for a sp
ecified public-key algorithm and a set of attributes. The Cryptographic Message
Syntax (CMS), as defined in RFC 5652, can be used to digitally sign, digest, aut
henticate, or encrypt the asymmetric key format content type. This document obso
letes RFC 5208. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5958"/>
<seriesInfo name="DOI" value="10.17487/RFC5958"/>
</reference>
</references> </references>
<references anchor="sec-informative-references"> <references anchor="sec-informative-references">
<name>Informative References</name> <name>Informative References</name>
<reference anchor="NIST-PQC" target="https://csrc.nist.gov/projects/post -quantum-cryptography"> <reference anchor="NIST-PQC" target="https://csrc.nist.gov/projects/post -quantum-cryptography">
<front> <front>
<title>Post-Quantum Cryptography Project</title> <title>Post-Quantum Cryptography (PQC)</title>
<author> <author>
<organization>National Institute of Standards and Technology</orga nization> <organization abbrev="NIST">National Institute of Standards and Te chnology</organization>
</author> </author>
<date year="2016" month="December" day="20"/> <date year="2025" month="July" day="28"/>
</front> </front>
</reference> </reference>
<reference anchor="CMP2018" target="https://link.springer.com/chapter/10 .1007/978-3-319-79063-3_8"> <reference anchor="CMP2018" target="https://link.springer.com/chapter/10 .1007/978-3-319-79063-3_8">
<front> <front>
<title>Grafting Trees: A Fault Attack Against the SPHINCS Framework< /title> <title>Grafting Trees: A Fault Attack Against the SPHINCS Framework< /title>
<author initials="L." surname="Castelnovi" fullname="Laurent Casteln ovi"> <author initials="L." surname="Castelnovi" fullname="Laurent Casteln ovi">
<organization/> <organization/>
</author> </author>
<author initials="" surname="A, Martinelli" fullname="Ange Martinell i"> <author initials="A" surname="Martinelli" fullname="Ange Martinelli" >
<organization/> <organization/>
</author> </author>
<author initials="T." surname="Prest" fullname="Thomas Prest"> <author initials="T." surname="Prest" fullname="Thomas Prest">
<organization/> <organization/>
</author> </author>
<date year="2018"/> <date year="2018"/>
</front> </front>
<seriesInfo name="Lecture Notes in Computer Science" value="vol 10786" <refcontent>Post-Quantum Cryptography (PQCrpyto 2018), Lecture Notes i
/> n Computer Science, vol. 10786, pp. 165-184</refcontent>
<seriesInfo name="PQCrypto" value="2018"/>
<seriesInfo name="Post-Quantum Cryptography" value="pp. 165-184"/>
</reference> </reference>
<reference anchor="SLotH" target="https://eprint.iacr.org/2024/367.pdf"> <reference anchor="SLotH" target="https://eprint.iacr.org/2024/367.pdf">
<front> <front>
<title>Accelerating SLH-DSA by Two Orders of Magnitude with a Single Hash Unit</title> <title>Accelerating SLH-DSA by Two Orders of Magnitude with a Single Hash Unit</title>
<author initials="M-J." surname="Saarinen" fullname="M-J. Saarinen"> <author initials="M-J." surname="Saarinen" fullname="M-J. Saarinen">
<organization/> <organization/>
</author> </author>
<date year="2024"/> <date year="2024"/>
</front> </front>
<refcontent>Cryptology ePrint Archive, Paper 2024/367</refcontent>
<seriesInfo name="DOI" value="10.1007/978-3-031-68376-3_9"/>
</reference> </reference>
<reference anchor="Ge2023" target="https://doi.org/10.46586/tches.v2023. i2.80-114"> <reference anchor="Ge2023" >
<front> <front>
<title>On Protecting SPHINCS+ Against Fault Attacks</title> <title>On Protecting SPHINCS+ Against Fault Attacks</title>
<author initials="A." surname="Genêt" fullname="Aymeric Genêt"> <author initials="A." surname="Genêt" fullname="Aymeric Genêt">
<organization/> <organization/>
</author> </author>
<date>n.d.</date> <date month="3" year="2023"/>
</front> </front>
<seriesInfo name="TCHES" value="2023/02"/> <refcontent>TCHES, vol. 2023, no. 2, pp. 80-114</refcontent>
<seriesInfo name="DOI" value="10.46586/tches.v2023.i2.80-114"/>
</reference> </reference>
<reference anchor="FIPS180" target="https://nvlpubs.nist.gov/nistpubs/FI PS/NIST.FIPS.180-4.pdf"> <reference anchor="FIPS180" target="https://nvlpubs.nist.gov/nistpubs/FI PS/NIST.FIPS.180-4.pdf">
<front> <front>
<title>Secure Hash Standard</title> <title>Secure Hash Standard (SHS)</title>
<author fullname="Quynh H. Dang" surname="Dang">
<organization>Information Technology Laboratory</organization>
</author>
<author> <author>
<organization abbrev="NIST">National Institute of Standards and Te chnology</organization> <organization abbrev="NIST">National Institute of Standards and Te chnology</organization>
<address>
<postal>
<country>US</country>
<city>Gaithersburg</city>
</postal>
</address>
</author> </author>
<date month="July" year="2015"/> <date month="August" year="2015"/>
</front> </front>
<seriesInfo name="NIST Federal Information Processing Standards Public ations" value="180-4"/> <seriesInfo name="NIST FIPS" value="180-4"/>
<seriesInfo name="DOI" value="10.6028/NIST.FIPS.180-4"/> <seriesInfo name="DOI" value="10.6028/NIST.FIPS.180-4"/>
</reference> </reference>
<reference anchor="FIPS202" target="http://nvlpubs.nist.gov/nistpubs/FIP S/NIST.FIPS.202.pdf"> <reference anchor="FIPS202" target="http://nvlpubs.nist.gov/nistpubs/FIP S/NIST.FIPS.202.pdf">
<front> <front>
<title>SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions</title> <title>SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions</title>
<author fullname="Morris J. Dworkin" initials="M." surname="Dworkin"
>
<organization>National Institute of Standards and Technology</orga
nization>
</author>
<author fullname="Morris J. Dworkin" surname="Dworkin">
<organization>Information Technology Laboratory</organization>
</author>
<author> <author>
<organization abbrev="NIST">National Institute of Standards and Te chnology</organization> <organization abbrev="NIST">National Institute of Standards and Te chnology</organization>
<address>
<postal>
<country>US</country>
<city>Gaithersburg</city>
</postal>
</address>
</author> </author>
<date month="August" year="2015"/> <date month="August" year="2015"/>
</front> </front>
<seriesInfo name="FIPS" value="PUB 202"/> <seriesInfo name="NIST FIPS" value="202"/>
<seriesInfo name="NIST Federal Information Processing Standards Public
ations" value="202"/>
<seriesInfo name="DOI" value="10.6028/nist.fips.202"/>
<seriesInfo name="DOI" value="10.6028/NIST.FIPS.202"/> <seriesInfo name="DOI" value="10.6028/NIST.FIPS.202"/>
</reference> </reference>
<reference anchor="RFC7468"> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7
<front> 468.xml"/>
<title>Textual Encodings of PKIX, PKCS, and CMS Structures</title> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8
<author fullname="S. Josefsson" initials="S." surname="Josefsson"/> 410.xml"/>
<author fullname="S. Leonard" initials="S." surname="Leonard"/> <!-- [I-D.ietf-lamps-dilithium-certificates-12] [RFC9881]
<date month="April" year="2015"/> Published 10/29/2025
<abstract> -->
<t>This document describes and discusses the textual encodings of <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9
the Public-Key Infrastructure X.509 (PKIX), Public-Key Cryptography Standards (P 881.xml"/>
KCS), and Cryptographic Message Syntax (CMS). The textual encodings are well-kno <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8
wn, are implemented by several applications and libraries, and are widely deploy 411.xml"/>
ed. This document articulates the de facto rules by which existing implementatio
ns operate and defines them so that future implementations can interoperate.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="7468"/>
<seriesInfo name="DOI" value="10.17487/RFC7468"/>
</reference>
<reference anchor="RFC8410">
<front>
<title>Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 fo
r Use in the Internet X.509 Public Key Infrastructure</title>
<author fullname="S. Josefsson" initials="S." surname="Josefsson"/>
<author fullname="J. Schaad" initials="J." surname="Schaad"/>
<date month="August" year="2018"/>
<abstract>
<t>This document specifies algorithm identifiers and ASN.1 encodin
g formats for elliptic curve constructs using the curve25519 and curve448 curves
. The signature algorithms covered are Ed25519 and Ed448. The key agreement algo
rithms covered are X25519 and X448. The encoding for public key, private key, an
d Edwards-curve Digital Signature Algorithm (EdDSA) structures is provided.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8410"/>
<seriesInfo name="DOI" value="10.17487/RFC8410"/>
</reference>
<reference anchor="I-D.ietf-lamps-dilithium-certificates">
<front>
<title>Internet X.509 Public Key Infrastructure - Algorithm Identifi
ers for the Module-Lattice-Based Digital Signature Algorithm (ML-DSA)</title>
<author fullname="Jake Massimo" initials="J." surname="Massimo">
<organization>AWS</organization>
</author>
<author fullname="Panos Kampanakis" initials="P." surname="Kampanaki
s">
<organization>AWS</organization>
</author>
<author fullname="Sean Turner" initials="S." surname="Turner">
<organization>sn3rd</organization>
</author>
<author fullname="Bas Westerbaan" initials="B." surname="Westerbaan"
>
<organization>Cloudflare</organization>
</author>
<date day="26" month="June" year="2025"/>
<abstract>
<t> Digital signatures are used within X.509 certificates, Certi
ficate
Revocation Lists (CRLs), and to sign messages. This document
specifies the conventions for using FIPS 204, the Module-Lattice-
Based Digital Signature Algorithm (ML-DSA) in Internet X.509
certificates and certificate revocation lists. The conventions for
the associated signatures, subject public keys, and private key are
also described.
</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-ietf-lamps-dilithium-ce
rtificates-12"/>
</reference>
<reference anchor="RFC8411">
<front>
<title>IANA Registration for the Cryptographic Algorithm Object Iden
tifier Range</title>
<author fullname="J. Schaad" initials="J." surname="Schaad"/>
<author fullname="R. Andrews" initials="R." surname="Andrews"/>
<date month="August" year="2018"/>
<abstract>
<t>When the Curdle Security Working Group was chartered, a range o
f object identifiers was donated by DigiCert, Inc. for the purpose of registerin
g the Edwards Elliptic Curve key agreement and signature algorithms. This donate
d set of OIDs allowed for shorter values than would be possible using the existi
ng S/MIME or PKIX arcs. This document describes the donated range and the identi
fiers that were assigned from that range, transfers control of that range to IAN
A, and establishes IANA allocation policies for any future assignments within th
at range.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8411"/>
<seriesInfo name="DOI" value="10.17487/RFC8411"/>
</reference>
</references> </references>
</references> </references>
<?line 752?> <?line 752?>
<section anchor="sec-asn1"> <section anchor="sec-asn1">
<name>ASN.1 Module</name> <name>ASN.1 Module</name>
<t>This appendix includes the ASN.1 module <xref target="X680"/> for SLH-D SA. Note that <t>This appendix includes the ASN.1 module <xref target="X680"/> for SLH-D SA. Note that
as per <xref target="RFC5280"/>, certificates use the Distinguished Encoding Rul es; see as per <xref target="RFC5280"/>, certificates use the Distinguished Encoding Rul es; see
<xref target="X690"/>. This module imports objects from <xref target="RFC5912"/> <xref target="X690"/>. This module imports objects from <xref target="RFC5912"/>
and <xref target="I-D.ietf-lamps-cms-sphincs-plus"/>.</t> and <xref target="RFC9814"/>.</t>
<aside> <sourcecode type="asn.1" markers="true"><![CDATA[
<t>RFC EDITOR: Please replace <xref target="I-D.ietf-lamps-cms-sphincs-p
lus"/> throughout this document with a reference to the published RFC.</t>
</aside>
<sourcecode type="asn.1"><![CDATA[
<CODE BEGINS>
X509-SLH-DSA-Module-2024 X509-SLH-DSA-Module-2024
{ iso(1) identified-organization(3) dod(6) internet(1) security(5) { iso(1) identified-organization(3) dod(6) internet(1) security(5)
mechanisms(5) pkix(7) id-mod(0) id-mod-x509-slh-dsa-2024(TBD1) } mechanisms(5) pkix(7) id-mod(0) id-mod-x509-slh-dsa-2024(120) }
DEFINITIONS IMPLICIT TAGS ::= BEGIN DEFINITIONS IMPLICIT TAGS ::= BEGIN
EXPORTS ALL; EXPORTS ALL;
IMPORTS IMPORTS
PUBLIC-KEY, SIGNATURE-ALGORITHM, SMIME-CAPS PUBLIC-KEY, SIGNATURE-ALGORITHM, SMIME-CAPS
FROM AlgorithmInformation-2009 -- in [RFC5912] FROM AlgorithmInformation-2009 -- in [RFC5912]
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
skipping to change at line 995 skipping to change at line 883
pk-slh-dsa-sha2-256s, pk-slh-dsa-sha2-256f, pk-slh-dsa-sha2-256s, pk-slh-dsa-sha2-256f,
pk-slh-dsa-shake-128s, pk-slh-dsa-shake-128f, pk-slh-dsa-shake-128s, pk-slh-dsa-shake-128f,
pk-slh-dsa-shake-192s, pk-slh-dsa-shake-192f, pk-slh-dsa-shake-192s, pk-slh-dsa-shake-192f,
pk-slh-dsa-shake-256s, pk-slh-dsa-shake-256f, pk-slh-dsa-shake-256s, pk-slh-dsa-shake-256f,
sa-slh-dsa-sha2-128s, sa-slh-dsa-sha2-128f, sa-slh-dsa-sha2-128s, sa-slh-dsa-sha2-128f,
sa-slh-dsa-sha2-192s, sa-slh-dsa-sha2-192f, sa-slh-dsa-sha2-192s, sa-slh-dsa-sha2-192f,
sa-slh-dsa-sha2-256s, sa-slh-dsa-sha2-256f, sa-slh-dsa-sha2-256s, sa-slh-dsa-sha2-256f,
sa-slh-dsa-shake-128s, sa-slh-dsa-shake-128f, sa-slh-dsa-shake-128s, sa-slh-dsa-shake-128f,
sa-slh-dsa-shake-192s, sa-slh-dsa-shake-192f, sa-slh-dsa-shake-192s, sa-slh-dsa-shake-192f,
sa-slh-dsa-shake-256s, sa-slh-dsa-shake-256f sa-slh-dsa-shake-256s, sa-slh-dsa-shake-256f
FROM SLH-DSA-Module-2024 -- in [I-D.ietf-lamps-cms-sphincs-plus] FROM SLH-DSA-Module-2024 -- in [RFC9814]
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
id-smime(16) id-mod(0) id-mod-slh-dsa-2024(81) } ; id-smime(16) id-mod(0) id-mod-slh-dsa-2024(81) } ;
-- --
-- HashSLH-DSA object identifiers from [CSOR] -- HashSLH-DSA object identifiers from [CSOR]
-- --
nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
country(16) us(840) organization(1) gov(101) csor(3) 4 } country(16) us(840) organization(1) gov(101) csor(3) 4 }
skipping to change at line 1308 skipping to change at line 1196
pk-hash-slh-dsa-sha2-256f-with-sha512 | pk-hash-slh-dsa-sha2-256f-with-sha512 |
pk-hash-slh-dsa-shake-128s-with-shake128 | pk-hash-slh-dsa-shake-128s-with-shake128 |
pk-hash-slh-dsa-shake-128f-with-shake128 | pk-hash-slh-dsa-shake-128f-with-shake128 |
pk-hash-slh-dsa-shake-192s-with-shake256 | pk-hash-slh-dsa-shake-192s-with-shake256 |
pk-hash-slh-dsa-shake-192f-with-shake256 | pk-hash-slh-dsa-shake-192f-with-shake256 |
pk-hash-slh-dsa-shake-256s-with-shake256 | pk-hash-slh-dsa-shake-256s-with-shake256 |
pk-hash-slh-dsa-shake-256f-with-shake256, pk-hash-slh-dsa-shake-256f-with-shake256,
... } ... }
END END
<CODE ENDS>
]]></sourcecode> ]]></sourcecode>
</section> </section>
<section anchor="security-strengths"> <section anchor="security-strengths">
<name>Security Strengths</name> <name>Security Strengths</name>
<t>Instead of defining the strength of a quantum algorithm in a traditiona
l manner using precise estimates of the number of bits of security, NIST defined <!--[rfced] FYI - To improve readability, we have changed this list to
a collection of broad security strength categories. Each category is defined b a bulleted list. Please review and let us know if you prefer otherwise.
y a comparatively easy-to-analyze reference primitive that cover a range of secu
rity strengths offered by existing NIST standards in symmetric cryptography, whi Original:
ch NIST expects to offer significant resistance to quantum cryptanalysis. These These categories describe any attack that breaks the
categories describe any attack that breaks the relevant security definition tha relevant security definition that must require computational
t must require computational resources comparable to or greater than those requi resources comparable to or greater than those required for: Level 1 -
red for: Level 1 - key search on a block cipher with a 128-bit key (e.g., AES128 key search on a block cipher with a 128-bit key (e.g., AES128), Level
), Level 2 - collision search on a 256-bit hash function (e.g., SHA256/ SHA3-256 2 - collision search on a 256-bit hash function (e.g., SHA256/
), Level 3 - key search on a block cipher with a 192-bit key (e.g., AES192), Lev SHA3-256), Level 3 - key search on a block cipher with a 192-bit key
el 4 - collision search on a 384-bit hash function (e.g. SHA384/SHA3-384), Leve (e.g., AES192), Level 4 - collision search on a 384-bit hash function
l 5 - key search on a block cipher with a 256-bit key (e.g., AES 256).</t> (e.g. SHA384/SHA3-384), Level 5 - key search on a block cipher with
<t>The SLH-DSA parameter sets defined for NIST security levels 1, 3 and 5 a 256-bit key (e.g., AES 256).
are listed in <xref target="tab-strengths"/>, along with the resulting signature
size, public key, and private key sizes in bytes. The HashSLH-DSA parameter se Current:
ts have the same values as the Pure SLH-DSA equivalents.</t> These categories describe any attack that breaks the
relevant security definition that must require computational
resources comparable to or greater than those required for:
* Level 1 - key search on a block cipher with a 128-bit key (e.g.,
AES128),
* Level 2 - collision search on a 256-bit hash function (e.g.,
SHA256/ SHA3-256),
* Level 3 - key search on a block cipher with a 192-bit key (e.g.,
AES192),
* Level 4 - collision search on a 384-bit hash function (e.g.
SHA384/SHA3-384), and
* Level 5 - key search on a block cipher with a 256-bit key (e.g.,
AES 256).
-->
<t>Instead of defining the strength of a quantum algorithm in a traditiona
l manner using precise estimates of the number of bits of security, NIST defined
a collection of broad security strength categories. Each category is defined b
y a comparatively easy-to-analyze reference primitive that covers a range of sec
urity strengths offered by existing NIST standards in symmetric cryptography, wh
ich NIST expects to offer significant resistance to quantum cryptanalysis. Thes
e categories describe any attack that breaks the relevant security definition th
at must require computational resources comparable to or greater than those requ
ired for:</t>
<ul spacing="normal">
<li>Level 1 - key search on a block cipher with a 128-bit key (e.g., AES128),<
/li>
<li>Level 2 - collision search on a 256-bit hash function (e.g., SHA256/ SHA3-
256),</li>
<li>Level 3 - key search on a block cipher with a 192-bit key (e.g., AES192),<
/li>
<li>Level 4 - collision search on a 384-bit hash function (e.g., SHA384/SHA3-
384), and</li>
<li>Level 5 - key search on a block cipher with a 256-bit key (e.g., AES 256).
</li>
</ul>
<t>The SLH-DSA parameter sets defined for NIST security levels 1, 3, and 5
are listed in <xref target="tab-strengths"/>, along with the resulting signatur
e, public key, and private key sizes in bytes. The HashSLH-DSA parameter sets h
ave the same values as the Pure SLH-DSA equivalents.</t>
<!--[rfced] FYI, in Table 1, we added "Size (in bytes)" to the column title.
If you prefer the original, please let us know.
Original:
+==============================+============+=======+======+=======+
| OID | NIST Level | Sig. | Pub. | Priv. |
| | | | Key | Key |
+==============================+============+=======+======+=======+
| id-(hash-)slh-dsa-sha2-128s | 1 | 7856 | 32 | 64 |
[...]
Current:
+==============================+============+======================+
| OID | NIST Level | Size (in bytes) |
| | +=======+======+=======+
| | | Sig. | Pub. | Priv. |
| | | | Key | Key |
+==============================+============+=======+======+=======+
| id-(hash-)slh-dsa-sha2-128s | 1 | 7856 | 32 | 64 |
[...]
-->
<table anchor="tab-strengths"> <table anchor="tab-strengths">
<name>SLH-DSA security strengths</name> <name>SLH-DSA Security Strengths</name>
<thead> <thead>
<tr> <tr>
<th align="left">OID</th> <th rowspan="2" align="left">OID</th>
<th align="left">NIST Level</th> <th rowspan="2" align="left">NIST Level</th>
<th colspan="3" align="center">Size (in bytes)</th>
</tr>
<tr>
<th align="left">Sig.</th> <th align="left">Sig.</th>
<th align="left">Pub. Key</th> <th align="left">Pub. Key</th>
<th align="left">Priv. Key</th> <th align="left">Priv. Key</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">id-(hash-)slh-dsa-sha2-128s</td> <td align="left">id-(hash-)slh-dsa-sha2-128s</td>
<td align="left">1</td> <td align="left">1</td>
<td align="left">7856</td> <td align="left">7856</td>
skipping to change at line 1416 skipping to change at line 1371
<td align="left">5</td> <td align="left">5</td>
<td align="left">49856</td> <td align="left">49856</td>
<td align="left">64</td> <td align="left">64</td>
<td align="left">128</td> <td align="left">128</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</section> </section>
<section anchor="examples"> <section anchor="examples">
<name>Examples</name> <name>Examples</name>
<t>This appendix contains examples of SLH-DSA public keys, private keys an d certificates.</t> <t>This appendix contains examples of SLH-DSA public keys, private keys, a nd certificates.</t>
<section anchor="example-public"> <section anchor="example-public">
<name>Example Public Key</name> <name>Example Public Key</name>
<t>An example of an SLH-DSA public key using id-slh-dsa-sha2-128s:</t> <t>An example of an SLH-DSA public key using id-slh-dsa-sha2-128s:</t>
<artwork><![CDATA[ <artwork><![CDATA[
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MDAwCwYJYIZIAWUDBAMUAyEAK4EJ7Hd8qk4fAkzPz5SX2ZGAUJKA9CVq8rB6+AKJ MDAwCwYJYIZIAWUDBAMUAyEAK4EJ7Hd8qk4fAkzPz5SX2ZGAUJKA9CVq8rB6+AKJ
tJQ= tJQ=
]]></artwork> -----END PUBLIC KEY-----]]></artwork>
<artwork><![CDATA[
<sourcecode type=""><![CDATA[
0 48: SEQUENCE { 0 48: SEQUENCE {
2 11: SEQUENCE { 2 11: SEQUENCE {
4 9: OBJECT IDENTIFIER '2 16 840 1 101 3 4 3 20' 4 9: OBJECT IDENTIFIER '2 16 840 1 101 3 4 3 20'
: } : }
15 33: BIT STRING 15 33: BIT STRING
: 2B 81 09 EC 77 7C AA 4E 1F 02 4C CF CF 94 97 D9 : 2B 81 09 EC 77 7C AA 4E 1F 02 4C CF CF 94 97 D9
: 91 80 50 92 80 F4 25 6A F2 B0 7A F8 02 89 B4 94 : 91 80 50 92 80 F4 25 6A F2 B0 7A F8 02 89 B4 94
: } : }]]></sourcecode>
]]></artwork>
</section> </section>
<section anchor="example-private"> <section anchor="example-private">
<name>Example Private Key</name> <name>Example Private Key</name>
<t>An example of an SLH-DSA private key without the public key using id- slh-dsa-sha2-128s:</t> <t>An example of an SLH-DSA private key without the public key using id- slh-dsa-sha2-128s:</t>
<artwork><![CDATA[ <artwork><![CDATA[
-----BEGIN PRIVATE KEY----- -----BEGIN PRIVATE KEY-----
MFICAQAwCwYJYIZIAWUDBAMUBECiJjvKRYYINlIxYASVI9YhZ3+tkNUetgZ6Mn4N MFICAQAwCwYJYIZIAWUDBAMUBECiJjvKRYYINlIxYASVI9YhZ3+tkNUetgZ6Mn4N
HmSlASuBCex3fKpOHwJMz8+Ul9mRgFCSgPQlavKwevgCibSU HmSlASuBCex3fKpOHwJMz8+Ul9mRgFCSgPQlavKwevgCibSU
]]></artwork> -----END PRIVATE KEY-----]]></artwork>
<artwork><![CDATA[
<sourcecode type=""><![CDATA[
0 82: SEQUENCE { 0 82: SEQUENCE {
2 1: INTEGER 0 2 1: INTEGER 0
5 11: SEQUENCE { 5 11: SEQUENCE {
7 9: OBJECT IDENTIFIER '2 16 840 1 101 3 4 3 20' 7 9: OBJECT IDENTIFIER '2 16 840 1 101 3 4 3 20'
: } : }
18 64: OCTET STRING 18 64: OCTET STRING
: A2 26 3B CA 45 86 08 36 52 31 60 04 95 23 D6 21 : A2 26 3B CA 45 86 08 36 52 31 60 04 95 23 D6 21
: 67 7F AD 90 D5 1E B6 06 7A 32 7E 0D 1E 64 A5 01 : 67 7F AD 90 D5 1E B6 06 7A 32 7E 0D 1E 64 A5 01
: 2B 81 09 EC 77 7C AA 4E 1F 02 4C CF CF 94 97 D9 : 2B 81 09 EC 77 7C AA 4E 1F 02 4C CF CF 94 97 D9
: 91 80 50 92 80 F4 25 6A F2 B0 7A F8 02 89 B4 94 : 91 80 50 92 80 F4 25 6A F2 B0 7A F8 02 89 B4 94
: } : }]]></sourcecode>
]]></artwork>
</section> </section>
<section anchor="example-certificate"> <section anchor="example-certificate">
<name>Example Certificate</name> <name>Example Certificate</name>
<t>An example of a self-signed SLH-DSA certificate using id-slh-dsa-sha2 -128s:</t> <t>An example of a self-signed SLH-DSA certificate using id-slh-dsa-sha2 -128s:</t>
<artwork><![CDATA[ <artwork><![CDATA[
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: Serial Number:
43:85:63:a2:69:01:99:2c:39:cf:bc:40:57:1b:5f:a3: 43:85:63:a2:69:01:99:2c:39:cf:bc:40:57:1b:5f:a3:
skipping to change at line 1932 skipping to change at line 1886
e0:05:95:e0:fa:9d:80:07:58:b4:12:5e:34:43:04:ad:90:9f: e0:05:95:e0:fa:9d:80:07:58:b4:12:5e:34:43:04:ad:90:9f:
3f:be:31:ca:3d:d3:c9:d0:b7:91:c7:5c:d0:2b:81:73:34:bf: 3f:be:31:ca:3d:d3:c9:d0:b7:91:c7:5c:d0:2b:81:73:34:bf:
ca:a5:6e:23:4f:b3:f3:b4:bf:03:f4:bd:af:fd:d7:09:8b:65: ca:a5:6e:23:4f:b3:f3:b4:bf:03:f4:bd:af:fd:d7:09:8b:65:
a3:0c:76:dc:1e:7c:97:d2:be:85:d4:65:6d:f9:3d:6e:ae:6c: a3:0c:76:dc:1e:7c:97:d2:be:85:d4:65:6d:f9:3d:6e:ae:6c:
57:f4:10:40:21:d6:04:2d:9b:9b:e5:95:90:9c:52:a8:ad:61: 57:f4:10:40:21:d6:04:2d:9b:9b:e5:95:90:9c:52:a8:ad:61:
8b:cd:b0:12:c1:13:26:c3:4d:8e:22:82:82:9b:fe:6d:01:e7: 8b:cd:b0:12:c1:13:26:c3:4d:8e:22:82:82:9b:fe:6d:01:e7:
3c:65:79:b4:79:9f:9e:b0:10:dd:5e:6a:57:43:8c:6b:41:d5: 3c:65:79:b4:79:9f:9e:b0:10:dd:5e:6a:57:43:8c:6b:41:d5:
e6:ab:94:ba:c7:67:a5:b4:41:d8:10:0c:fd:29:77:e2:0b:cd: e6:ab:94:ba:c7:67:a5:b4:41:d8:10:0c:fd:29:77:e2:0b:cd:
29:80:2e:ae:5e:a5:85:a3:a2:09:31:51:82:98:0b:2c:7a:6b: 29:80:2e:ae:5e:a5:85:a3:a2:09:31:51:82:98:0b:2c:7a:6b:
96:ef:8d:c0:f5:1f:98:b4:f6:22:b6:21:6e:36:e3:bb:18:da: 96:ef:8d:c0:f5:1f:98:b4:f6:22:b6:21:6e:36:e3:bb:18:da:
1d:24:46:0d:65:28:b6:6a 1d:24:46:0d:65:28:b6:6a]]></artwork>
]]></artwork>
<artwork><![CDATA[ <artwork><![CDATA[
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIgLTCCAWegAwIBAgIUQ4VjomkBmSw5z7xAVxtfo8zHiEUwCwYJYIZIAWUDBAMU MIIgLTCCAWegAwIBAgIUQ4VjomkBmSw5z7xAVxtfo8zHiEUwCwYJYIZIAWUDBAMU
MEIxCzAJBgNVBAYTAkZSMQ4wDAYDVQQHDAVQYXJpczEjMCEGA1UECgwaQm9ndXMg MEIxCzAJBgNVBAYTAkZSMQ4wDAYDVQQHDAVQYXJpczEjMCEGA1UECgwaQm9ndXMg
U0xILURTQS1TSEEyLTEyOHMgQ0EwHhcNMjQxMDE2MTM0MjEyWhcNMzQxMDE0MTM0 U0xILURTQS1TSEEyLTEyOHMgQ0EwHhcNMjQxMDE2MTM0MjEyWhcNMzQxMDE0MTM0
MjEyWjBCMQswCQYDVQQGEwJGUjEOMAwGA1UEBwwFUGFyaXMxIzAhBgNVBAoMGkJv MjEyWjBCMQswCQYDVQQGEwJGUjEOMAwGA1UEBwwFUGFyaXMxIzAhBgNVBAoMGkJv
Z3VzIFNMSC1EU0EtU0hBMi0xMjhzIENBMDAwCwYJYIZIAWUDBAMUAyEAK4EJ7Hd8 Z3VzIFNMSC1EU0EtU0hBMi0xMjhzIENBMDAwCwYJYIZIAWUDBAMUAyEAK4EJ7Hd8
qk4fAkzPz5SX2ZGAUJKA9CVq8rB6+AKJtJSjYzBhMB0GA1UdDgQWBBTNWTaq/sQR qk4fAkzPz5SX2ZGAUJKA9CVq8rB6+AKJtJSjYzBhMB0GA1UdDgQWBBTNWTaq/sQR
x6RyaT8L6LOLIXsZ7TAfBgNVHSMEGDAWgBTNWTaq/sQRx6RyaT8L6LOLIXsZ7TAP x6RyaT8L6LOLIXsZ7TAfBgNVHSMEGDAWgBTNWTaq/sQRx6RyaT8L6LOLIXsZ7TAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjALBglghkgBZQMEAxQDgh6x BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjALBglghkgBZQMEAxQDgh6x
skipping to change at line 2108 skipping to change at line 2062
cI4jjWHXjUsxb3lIjLC+AUjyTj0qT+BVkHI+0wxc9/gVReQQ362c0CPDu6NScAji cI4jjWHXjUsxb3lIjLC+AUjyTj0qT+BVkHI+0wxc9/gVReQQ362c0CPDu6NScAji
+q66sHQ13aZL+5q3PCgXhwhwR0JeWDqmhKyUNEFcPNGsCrS/ocbawlmjIsym4+nV +q66sHQ13aZL+5q3PCgXhwhwR0JeWDqmhKyUNEFcPNGsCrS/ocbawlmjIsym4+nV
khWAuy4kkdOKAhPlUQX1VUp4QdXnYh231R/lNPexrsYP7DjCqCOO/122h4pPv3fW khWAuy4kkdOKAhPlUQX1VUp4QdXnYh231R/lNPexrsYP7DjCqCOO/122h4pPv3fW
wa6hyIjVZuF3BsqRENsUIEygj9iLG3FmuJYJCGrs38FL1pEDjGbiyB3JDvOZPgq0 wa6hyIjVZuF3BsqRENsUIEygj9iLG3FmuJYJCGrs38FL1pEDjGbiyB3JDvOZPgq0
YIOKvD3KGQCz/bBehGG3IwTbZDUGmqtKA0eieWzYC57Jd7tHXttm5PMz64ziSaTW YIOKvD3KGQCz/bBehGG3IwTbZDUGmqtKA0eieWzYC57Jd7tHXttm5PMz64ziSaTW
oclhl0rmOqsWZLPfFlre5fm6XX3rBPX08PB95Bp0/H0DFqTK9uAFleD6nYAHWLQS oclhl0rmOqsWZLPfFlre5fm6XX3rBPX08PB95Bp0/H0DFqTK9uAFleD6nYAHWLQS
XjRDBK2Qnz++Mco908nQt5HHXNArgXM0v8qlbiNPs/O0vwP0va/91wmLZaMMdtwe XjRDBK2Qnz++Mco908nQt5HHXNArgXM0v8qlbiNPs/O0vwP0va/91wmLZaMMdtwe
fJfSvoXUZW35PW6ubFf0EEAh1gQtm5vllZCcUqitYYvNsBLBEybDTY4igoKb/m0B fJfSvoXUZW35PW6ubFf0EEAh1gQtm5vllZCcUqitYYvNsBLBEybDTY4igoKb/m0B
5zxlebR5n56wEN1ealdDjGtB1earlLrHZ6W0QdgQDP0pd+ILzSmALq5epYWjogkx 5zxlebR5n56wEN1ealdDjGtB1earlLrHZ6W0QdgQDP0pd+ILzSmALq5epYWjogkx
UYKYCyx6a5bvjcD1H5i09iK2IW4247sY2h0kRg1lKLZq UYKYCyx6a5bvjcD1H5i09iK2IW4247sY2h0kRg1lKLZq
]]></artwork> -----END CERTIFICATE-----]]></artwork>
</section> </section>
</section> </section>
<section numbered="false" anchor="acknowledgments"> <section numbered="false" anchor="acknowledgments">
<name>Acknowledgments</name> <name>Acknowledgments</name>
<t>Much of the structure and text of this document is based on <xref targe t="RFC8410"/> and <xref target="I-D.ietf-lamps-dilithium-certificates"/>. The re mainder comes from <xref target="I-D.ietf-lamps-cms-sphincs-plus"/>. Thanks to t hose authors, and the ones they based their work on, for making our work easier. "Copying always makes things easier and less error prone" - <xref target="RFC84 11"/>. Thanks to Sean Turner for helpful text and to Markku-Juhani O. Saarinen f or side-channel clarifications.</t> <t>Much of the structure and text of this document is based on <xref targe t="RFC8410"/> and <xref target="RFC9881"/>. The remainder comes from <xref targe t="RFC9814"/>. Thanks to the authors of those documents, and the ones they based their work on, for making our work easier. "Copying always makes things easier and less error prone" <xref target="RFC8411"/>. Thanks to <contact fullname="Sea n Turner"/> for helpful text and to <contact fullname="Markku-Juhani O. Saarinen "/> for side-channel clarifications.</t>
</section> </section>
</back> </back>
<!-- ##markdown-source:
H4sIAAAAAAAAA9y96XYTW5o2+F9XEUWuVQfq2CbmQVmZlfIAGPCAbcb8snPF
aAtkySjkCc6pa+nffRndN9bP++wd0g5JNj6G6v5IkuTYUuzp3e88xerqamfS
nwzKrvVgezgpx8NyYr1bC+zE2j/PBv3celFeW9vDapzWk/F5Pjkf49He4Hg0
7k9OTq3tohxO+lW/HNdWNRpbhy+frW4e9h500iwblxeYVX/Cbznxg06eTkpM
cN216knRqSfpsPhnOhgNMTPWKK0/WUcn/doalJPaOq+tYmRV6TC/ttLzyWj1
uByW43TSHw2tUWWNy6ocl8O8rDv9szHH1xPXthPb7XSKUT5MTzFrMU6ryWq/
nFSrg/T0rF69wj5W68FJUaerdtKpz7PTfl1jzsn1GZ7f3jp60sHmvU46LlNs
s8w7l6Pxp+Px6Pysa73s7ewfWqvWy/5pf1IWVq8o+rKhdGDtlPlJOuzXpwoc
+y+231k4nnW4s72z1flUXmOaotvBYA0X/rj/bHt34/BX+Xn/lXXYPx6mAuha
Pjgb1ZPVz+fpcHJ+qgDYuSiH5yUmscz94Fe1+bfYaH94bD2VL/Hpadof4Ahn
aX36NwHB2mh8jI/TcX6C6zmZTM7q7uPH8pR81L8o15qnHssHj7Px6LIuH3OC
xw9kVdz8eYaxhOJJVj9W8DWA+qDTwWWdjMbdzipGWFZ/WHetF2vWelqf9Md9
fqbu5kV6UZ60PsfKXWv9cJu/lGr7n+SptUw9xQ3+7Vi+WctHp+YSh2vWk8H5
ybgcG0sc5qPJpPU5l9jo1/nIOryuJ+VpbS5WV+rRv+XyxJIlnqZfivTYXGFS
AkVXX55/SmvzW64DjD1Praen2TNzEXUGPrpWlOYCm2vWm3RoPS3LemKssQm8
KgdzX6mDjK/PJqPd8mpiHZb5OSjz2lyp4MC1i3R4LOP+lvPxIR5frfXjS874
YnRe94t+3TplejEe1e2vlt6WfmD+ojrD0fgUtHtB7H2yvX/o2kGXIyfp+Lic
dK0GH4tRnyjo2Guh7caPd7cPj9ZkxBqGqBGabWFXk3JQ1rX1DOixCkwCSW72
gaWgxyktyeaHRTouHnBwg53y86o6w26qaXh7WGPu80kpDKYZVpOMj0Dew9Fg
dHxtPZQdPeIEBTbQtVzb9VfteNXx+GFdjvtl3R9WI7WKZT2Q7Vv7r9cfYNc4
hezkXRjbywFweXm5hl2s9YeTx+Myf3y0erC1sfpuDQPM4/9VTw4WrWALvjiZ
7XLV6mVg3GkO1LgeTtIra3c0UU/tDUvrYe9wd8151Ozw8KzMwczzKXsFwUEE
DPWQ9mGdVfDYRVgqYG4fvV49ugEO/M46KIERpyWAK1N3rdnJ8MTh3uPtrY2u
FceAqdOV1Qis5I8CK/mfAxZ/syB7RoWw2/E5cLC7CMJ1gnCreexAHrMerm8d
PFrRE22kw9EQIwYLT23gKeLdZh8oOTw+79cnQO75xzbx2P/03STL7iaY3c3G
4d7B8rvJ63G+BpE4WTseXTw+G48+lvmkfowVzkBj4ykPWh1l/GZ1XB7j6XL8
OG3UDP3ReIaF+kI39CRTvmftqUlwBDXJAhQaZvbHyF0PJXMUwl9C967d6fQb
xFIcTp5c3X+18YcAYwr8VcWrj8fp2cm1efB9eeiV1go2jIesfTXPknPfi8+1
DuqEq44rB8V97+zj97i7BMsIpJdrwGtcwGA4uui3AP8yBTseTua/1uN6K9ZO
Ogayl4NBe1wP4mv+Oz3oaA3HbkRi8/zRyegU0nj2hTrFL7LtX25A/5clNVyh
exBWf2ggWN4XNbNrXYwGlmNHcaiH4HoJ/tbM1s0X1LXOztYsJwTtxP5SvBj0
h5/W6rMxKLwci9x8DJ3yTAgCwtCx7ehxEsWr3qrnJKtRYof46Z+xiRy/PBV9
TBjE0bgUptSznqTng4nVm0zS/JPVO04Btok1OSkb3dN6MgbQRMeVAxy+HE2e
LbtaBdmd1edr1mGaYoflsA1a1/9l6ZlKOc5krZ/mY4p1efKxF0ZrZ0XV2nov
zyHMhdKx/cZ2yK6to8uRtTcuxM4Atu6kx0OgblFal+APVgo5PzwelNQArNf4
SnbxtMQq3s3H6F2fAgFyPDf8f/6vybe0ED8M4vDxJD8p67ULmXit767F9qrj
+OYB9oZCgRAq6gBas5+C3LyH+gYkPNp4tnVIvuI9FjNmdXXVSrVg6nQazaae
WglQ5UvYSRAMAgwg7TfsN6s+zwGzWj+Xl+OJklhlvWJtzH4DD70YaUH2EmxK
BNLBy/rRClnEZMQtWKfQvNJjAMVSVhuMrvNToe9aSULsT/AsHw0vxFQcDZVl
BAUR8CEG3k1/m9mcDzVaPLK+fVbuanF1WTet61HeT8WAm8FyBcChBLHO1JQw
2Wp1YGDwhUBFPiHI00E9mp6yWOt0/vPfcFNbeBQYOtUkVlf/qq7wtF8Ug7LT
+RO2OBmPCmxQpFnn6DthgM1YjbjACfpiT0+sYh5NrBqoe4r/aEbf/4IlAMCv
X7Ue/vvvQmcCmdeH91OGhRdaWo5h3kb6/f67sOe+gH1kLM8VVtRVTM91CbT8
NBxdDgU/G+pZmzICmtINTckdQDW1RJPAZNkAt91GwaKswKIUAip1TakHLbfF
w73tzVqpWcvQZKrgyfn1NhaACxQx8GURXQBnmetbyNrpNCuMqkr2NoEZWlqN
hmQNyotyUGucPkuFZU8az0uZgqixR1lnboB1WQJU+cmoLodyBxkgPsF3WFnA
zKeFHoBI9K5gc9lgBEGR989OIPswq+PGK5aTuCvQISw3CK2sP6kF3DKzXER9
mg4G1kMNyEqmflg9si6wPYJT72x605qJ4KPRmdLDR8LDFEd41nMNnKjS0/7g
Ggj1X4KpTmz/ZWYM4rdVH5grrqdnvRdbsjX9IPjnX0yr0cVjqVyFeLlwedX5
kBSIY7w96Q/U0tz4dNNyMNneKYlFoIzbtAwPlJxBkEDwA5ygLIjP14o94E4B
k2urHoxwAQJyTDyzDSYnqcKK5s4VCKfXinvRINbf3LItg8rxGZgYsObr10ma
rQK5yuHx5KQWKuwJalrlVXp6NsBT/ULcNaviBKtP0k/lKqBXW2PI6hKYMlF0
g89WcdlzOKXotrWvW65YLlbIR98Q8FwuBjsUqwHXciK4V8shhBmXAoKJyRX6
y72M8nOHeA8WkPWHU5sLa9YLVLCiL7dW215RaHZRd5ptaTYvUDwdQbXAk4DE
6onoFPKBQZ4zeI/ONC4IZuUDUUmIZNAaBdYKuYFtYC0TcdDgPgRZHuaTKwhS
xaDIhw9LYiN0yzVXzmDw5ZkQM6cg0KzT9Kp/ChVzwFuWgW4QgJFPKJHXr2UJ
0TlWGilsTtFXV1yengFK6rN5FjoaCga3RLm+zdnIuVmVeC/vz/QuRwaABfJQ
YafXsmJdkuko3jzpj/WpsFfsW+NQgY/zyeC6kdzGLTbjU+HiMA2aoyxMsqDQ
4EwKACDO0ykOgm/RCS0/tGUZzq9YxQBTvT0B703VMQCf1pasIThHrTlz0a/o
0p5QNVmZLghLhm4sQxKKrjD9XeuAa53btDB9ddkIqHLrdNj7zfqjutGH4tx+
1FIfOc0dNEjc+Z/+NHWuKBWoGg3AJwV/GneTXAXVWiKScahup/MfgOX/+u1/
/WZlXbk5WWxG/in3kclTBov7D7GDalgBwniL1r0JF3NcSxQBteKkUeyUQjS9
E4M7GyxH+/oNeK7pteWK/z/bgHF/c8po31A4hS3yv1RM/wQLd6bz0NUkLInh
jFpdjIg8iVrU1oOd14dHD1bUf63dPf58sPXq9fbB1qb8DE768uX0h45+4vDZ
3uuXm7OfZiM39nZ2tnY31WB8arU+6jzY6b1/oEj4wd7+0fbebu/lgwVsIOor
2qFsB2mJTp/WHTCOfNzPFAatb+z/3/+n44Ov/tvBkw3XcRIIHvVL7ESiQ4Av
DNVqZHrqVxHnnfTsrEzHMotcVJ6eifYnZkEt9wllVTiK3PnfBTL/6Fr/meVn
jv9X/YEcuPVhA7PWh4TZ4icLgxUQl3y0ZJkpNFufz0G6vd/e+9bvDdyND//z
vwYQWtaqE/8XMAgotDwc+PVPwLRVsMPVflH/rnBp+uTsQUathNQNWfh3XEqQ
OO4/BMKKMdQg+v/+7//GB8M1p7Nknq+9l0/3DraPnu2sHr3f31qx2r93p0MO
y8nvVrf7F21tW9YhbmNrd2PL+jr9iC6D6amsubnW/r1fPPzamnDqzFV/DN18
fmzrOf3n3/fl+Xpuzq9/m27h90dWcxHT8b8LPEDnaQ31CHrA+FMBVPzLA6ru
D/4q1LfVpeKQZqMLqEPKpQ1IV+PRqUZ9gbLoxUB6fDGzpJRfhfqf7TraeNIz
fP0qUQuoJZ1Dqpmcx5VPpkaTk8Rxa9Ba5z8fc6N/1dy+Xw4K2kXLUOIkvdDq
+FQonJapaNm14v2LmqH2MswcbRBdhllJLxGEgzL/ZvokGfXstkQ56ItzZFxO
VbcVxWDaHoM542tO8M9OonUgw5iRg68pICzspq3dyrIGUcg8VJu/7fSeataK
nclEotWLCMBcVH9kIWXu0q+5xg3VONMNavfUxyQD9RfXcjGpYfmuyG8zu1ev
PlPm9Llbmgdl3txR/769urlmhOvz03q1xpUO83r1bHBe/+OXWmMX1KdzYKus
840TtviHOIkBqSnu1dbe+vOtjSNre3Nr92j7yfbWgbAI66v1cQShstqvR6v9
yfnq5KGrIi2Y+RxC9fqhEz4CXB7Gvv1I3OtAUuXYeOg8so5HFw8dGz/k9Wj8
0Htk+SBaGQ6AYOmbF53bm6eHte01dxVG+c1zNGu49s2jq2+Pdm4anbh3WNu9
efQd1r7p3DRTvznav3n0HdYOlo6GjXw3oIe3DL/D6tGNw+8E9viW4XdYPblp
+J0A7y1HODX826t7TiPZhFWYNknDKf41KLllGkzJeVUkFX8Nwpsm1RrAFGDB
Nyat7jNpeOukwMLppIEYLnebNPrGpNV9Jo1vm1Qw9j6TJt+Y9D479e2bJ9WM
ZTrrpxK/3nVe51vzVveb1719XhMJPpV3xy3/FirQPOp+8/q3zttChT807y0E
prna/eYNTU6n/U9TT7mhYYpaPhqKqTt19M+UNBqY4tHPxGcrnpWpamUkEk59
bAwX3Rgcys77g4l1jtUseqcMH/mRGVcwYiHjciDa92jYjjxAFzsTR1A5PdD5
sCjHg2vtujTmXpkGJHlubBd2fUGfRz8/H6jloBsyCoOv+6eMN+JMsxBoDuUe
QDgbpLlSIVNreH6aqeDFzHuiTZLGk1UrtXcyOlM+4tk3hHRqOrcEcsd9aJNY
BzaJbDcrsaNOfwCNlLkpF3SuneDLueBsNS4/n2P9wbUKJ+lQLdTWzlKrQanN
g8Z11lgYph5tSkDT40ZMsw63n+5ubX61jtYPzS+Jxvq7o9F6eUhHJ63hBSt4
Mv3eMFRng7S9my6x3pYa1KY1zT+yjd7R64Ot1amBvNQ2nv6h0T298plQbdne
puF9z2UaW3zZUreOtCzDYp/BY82w4r8x3pqz8n/XJ5vR6fr2kXV4dLC9+9R6
uLG3e9Tb3pWfl53y39+kg/Py4be2/D9xTDnnt9wTtzgm/usHOSbu4Ze4qwVs
Evjsq458ZQSCG79/49Jt7GbjQqdr1fQ1dgwEXuDsssEinaTa26ljHX2GqTBO
b61xATNoNJwzyTvTeBXHlWPJV1Ob02FN5eoYpwYTsy4Ek7ABHqaJd3InszSO
llG/5HwrhpsQduFDCNF/ymOPeOsdM/yF22kHwJpIwJoCJ8OoFCQLi4rcwL5W
OsZivlpMjVLLmdE276bFbj2uaZh867Se9VAk3j9vO/J8zO/GI88vvOzEgbHg
Hz92bzAAIp2PZ5HUGZJa+bhkbLbJ+1mxdn5ZUZMLWPSnbQyV2o5jRbijiSQU
qA0Lbe/8IusqpCzF8S45KNMQ/dQTNl0fWI0hp+m1TA+VSQlsGXk+IaMRGtJO
oclJOmlQXOkWt03c6WwrFSZPVZDMADRJc1wq5WkaupupZQ/3n/1z5xET035Z
s+SX2Rbpqys62oGnsenx7D7VZldEZ1G+R65vRDeXglSilLKyCjrqE68B6XhA
UUUk+LlsJ0o5mqlEzVBrW8dVZP0Vq+zzpmSGTnuxW86gD0AUqYkY4EfqitWH
7Xu6aaKG65uLNttsxTwZGFC77ktKg4SDVEixGpRX/aw/EFUUBx5J5qCKuImH
UDkmT6GtE4fEZzrUEfL0VNwB1BrJacfpsAakxuSRN+64yckhXszEh5Q87T2Z
sv8Wh52i0aXJZWRfs8mFZDqtsGw9Sziz0kpcvTLXA2V/PDBQsskEWmRNzH5c
s56IKdFkgrT2wFXv5KFgDoUYQNNQ7UyJX23DQvOx5gsqzqYAUpyVqRjMNWJm
0PlE0ih0akO/NhKP5iezFicz8jqWTiaGOyfrTDlxssiGmxQy2BdL2H2ToVUq
3KtXOgcrooz988newaHKVsMvz46U+SRCdQRuNc2UMHPLZgt0Zgv0p8mT7Qi3
Ystza1v9NdzrgfXbb7Mt6J+xg87SHUyTfRq51lpbGyudJp2iCUMYWqhgw0hy
XYpC4e81f9RZL1S1Opfj9OyMuSVtrNOzmRbK1ABbWVRDOlRDjH01EzyYPvLA
3FoTaoFBrHM6jZSGJyoApYKUUNlWRV/7fSoEFlJjdcKTmkjNg2mkkEStw3Qc
ZnMte0RinA17bB6cxbZMhXTOubl0tq/7r9dfbm+svth637W295qA5qLdtWB0
LQu2GbOtWF/VdI3hsXBgE74/p4Y/izwuhe0fCD3WN4f9mHW0GCKcmQZQSUsN
nUeMQS4AWvxBkjPOgZLPJbRRpqdT/9B0Loz/+vXfvhEyM1hZ+3TGnuYDkaZ2
Pe90P/u0JBY1w6SWw8vwgy0LYTXlKauWDByO9PU1XANfNIVSWwdHMvnq68Pe
062Zkfq1cWhNbdkVTDM8KM/Oi75OM8b5hM/IEytWfvBSfrB+ny29f7D9pne0
tXrTFrQLcMmxq/sdu/qpjy1hqHscG8N+8mPf67Yx7Gc+NsN+f/zYMuwnP/Z9
bluG/bzHbiLcf/TcetzPfvA/fuF63M998Puwcz3uZz/4/W78p+boTSbHPQ7+
c/P0Jgflfgf/qW5cq+2rM4NCTrq3cbTV2G/tx1SIYOlz0xD1LabCfClCk8wn
btMlpsMdkl/udEffnudnurObAFP9IMBU/1qAmU9Cui9g5ub5VwBM9YMAU/1L
AWYhGeyegJmf518BMD8EY+bn+ckBszwp716wWTrVvwR45nMLvwM81b8ceBZT
JO8NnoWp/iXAM585+R3gqf7VwLMkYfW+4Fmc6l8CPD8Kexan+lnAQ9tsFr5e
SJxaEr42rLhUFdsPVxlfmgWx91+s1aVE84eFhZ/Ho9Hkj0WwTUvx9hA2lp8L
YDeL//Zbe22u29HrGjkB/zFU7Q6awn5mtjnhiuX6zD/xXOmzcFaq/OFRu+fG
NEjXqcvJmpGtxyyZW2K5y6LBRnC00wrf3Qq27w/mLdr6zDxYNO1VON407nka
th44G48uJI47bVqhks2bjabtXDu9YXYymCYXEmjDTjm86I9HQ9ZmMweLjRPm
2iVm5xOrGJX18JemTY/Vl+T3y6F1qhGcKDVNXF+A4URTRDsnSG9soQOPJIhL
94MFWHVugFWTsCUJoZfptST4jGRrBpobAG/DdNRZjjsKbVrPAlflvCpBaBlS
dVR6wcNUZWESY6RieoZrj8wqaZ0sVU9UOo8kLwwnHWngolGttbqaMpN2jxqX
5odaxlAs2TEHqjSqegSi+jMfUC2Fbhjd8imZS946anbMtZtLyJmsv5TDMYeW
XS+G06YlZk8Ii9Wsc30alhbmqsQFs6T997WFPky8Kr3MTRttsZ+5nZrZvl+/
6kSZVfUUiH7KVGZdfDTjXVoaqsZJ1+lpxswsgVU6tpyngxlFGvW3KkEj8sNY
Ui06f2LGzGtmIa6DStVFSDLlUOYE+g76c6UKmvNL0UaeTmapOvhczWNWVmAn
5VBaCP1ZNy5qBJovucAqU3Wa6SGZilV7rul4nQvNvEEycHMVsqJmQ/Uc0P7D
emjyt0fL8eKhwWkeLSnzvpHmh7OGWwYizpIwmsvXm1ceUyoC81oEP2wrEvzI
0CX4u1YnlILwMwJsCYCkb8VSIOFgW0PVrEykjkpekvzNxU/xaO94XJazT0r9
zN5Q9wtSo8vZp2sKigfl5/P+WOkqkrpzPrkJqpJW2KanWaJSPekPBqSZa5KW
FjkqKY3NYzudB736+hQ8ZayT1fbT/JPUPD2Ydm0IYuoAqr9JzZojyA9F5bOM
/04jlI3CJt4qGwAZvRMu5cNZJpNK4TSmqDWLLaZdEQbXTfrtkuQm1i/NsgDT
CU4CgV/WnRbYpl1b2DeLyaOX5WCg0wRndVVNm0ClvsyOsjcsZ4B6ofY5LhUz
wnSs05orlVocszRxrmlp9kb9t8mGO5uqB7Nk+/3Fz2YMf3Gg8Xzz5Qw81t/t
f1jbO/swYiD2erPPm7KgZsja2lrz49//7nY17GX6vzvGDIZ+oiew/vEPYw75
SZlYt8V/+H0rjGToud+ZAkg8vmcK4Cyv7w8aQIbGSs3pfKxNoM7MFDlUVgh/
OBtXK9ZSm2ipUdRZbhS1NeVbrSLZUmfOLDqcmUVqS9pAWrCVZsZSs5+ZseT/
SGNp3lpaIK2ZpTTD/7b18QetpBkAm2Kk5Vpfv54xldu21pd2b525bGJq/Kfp
cCh5nPU3DEFRAUVKNtVby/Jk72MKdhpTcKoDqrPfQwk0+Ph3aYHTfkJjEXV9
Udmhwrex+vRsNJ7MKnuVsGFK7XA06Zz180+y+hmXHpaX8/W4S+5JQdfYVkcJ
U3KOpkWfZOjqxSbSfvNSRKy0hk3zvDybzJXAzcnC1vUYSKTSx1srpFaWDlLo
CyAq6e3b6tsnil1WTi5LlgjTZhZWhm+LkWhWTaFJfm3lJ2X+CdTVaQThWdpX
4vUSDE26surSFakZVDDVT1Jl2Gtq+HBxGzJt0fSgnNV5T5sVEp33tjdb9Yfp
grQ2ig6Mmg3yEimtMV5ooMptFLiFWdRn/Umpa6GhvZyU0v8+p4ZwNqpr4ecr
Jp220gcKqfdKFzoCSW2I3B8OetqfTJR1nJWLlTRgWapcxmwz1J4eBv58GxFl
uF7083JVJH0KqG70dBXaCHacwp9SrSWaYMFulmlxgcsvhXWyOAr/4Now0uyB
2OFgMTlbh5rPkRCYs+OpSiI/k3r5sfSW0nfVMbBxwZnBcp2mDa2iZGzE2AVu
7lCIc97Q6OQtdGFtWFpVYuyqnno4qyg8TEnX7F2VdVC7Ze1cUybUFH01xfsC
5sMd7RnrfylnNVRAlI4u0G/XU+mTjfKyrhUqtEtQdDmYrmAbqNctrU1xfFbb
dzkCCdX1rA/BtNJPqgWbSsV6JBz/FFqlTHcC8payvNPydDQW/87rer6+UlWL
1a0j7fxC4LyUTvGWdLO0TvvHJxPVDby8yok1zfPcMjsgADRTyBk9Yy+nMO60
+kfyhSOXKTkAJ2ntgcv2yXlYxKbbeuJjvimEWqMYhvvS8ka1ddyu63NZ2/ze
0t9jGl3WeSavV5CvcAi1yFB46GhcKMSXyrCZeR7APA/axrmAZmur3RSUytyp
VAYd9na/C1ycfn80YXfUgW6nDAL+xTJ8js0KDf3qQlHBeimnPZpVVprG7mjc
EfCZHF0QxJoiiFWcU14vVoGZXZ2pUwDXhXllZUeVbMiy20MF3Px8kI5b9aSg
iGIkrZzH1sODR7pISIqcrthAXqq6m+raJRVoMFcrTUtNQ9tG/GIDII9SFWDK
wc9FSxk1dSTTEt5W07m5FtWlIRdIOOK2ayY2Cn5122DNtqdltOzBttAgFoi1
pqit8y1qk5+xfyVP2xcCZOgtV65VZ2Sc5NoakEwfuv9H6D8yOoIY5fvqvjp1
WpWD65lgeag8UeLvE+z5/fdHyvFE97iSExrPRIcvsXhmDk87Sxcjn0/zE8W0
5R13gvG6aXh9MjrHAfFB/5jEOEX0k3R8KpJMEOJTo7otXaDZgLJTRJcYj66b
ESaMZNMiGU3JoxgNjWjsUYwfHBJMGdr+tD7wwS7utyeVpw+sh+XVWV+R5iO+
AgSbodwyCYvioVHNlL+Xy+RyWPH+ayWBLL4+H5OPF7rViiCgkvNVww5UQV/T
Zqat/uhyPl6Y7ufQPDgn+GglzpwydMdoToc1BhAHO8BwGK5jLdCaeVKpv53U
nVPVM5fcazw6P2YRpGl46tsUmQcWPRSJNOIK58OJ8nOyk+JQXogA1qp5am15
aw5DEp7UoirPSlYe94dDbSNMS/idtbkj3qcpz1ROqmpdrPtu70nHaPszx7dw
ca25hcan2r6i0qZDjzV9GcUKoz39SUcCPmQQY6E1NcOpHpZDR6HuMRu3Jq91
ydu9FqYyf1aI39HsSCPI3Cbp6lrYU17qFz7ML5o3bKczrWFuDkhgTCvJhYrL
C8bLWjTEPkKYYtnUK6SOdiXy1LadW62eNRuZqwCfXEJx1ZETPUXnxrs0Wjh1
OtutInndYeRMva5mnkNISbt0GoXs6dcGUAw1VPQy6dY0mEz7nM7sFmz82NDl
6sZiN9TWOaNAjCBaCu1afrXLhrGpfv9Tm6k/VN4K1VxJzGAo36rJRPPM9O0b
TXD65FqIYFyWbQkin7T8zFP4nyphh52JHGnwrNPSS4QS268mbYFqho9K3Gvu
3fQNUAoctNG0KD+fk/nX5XkxWm093SwgJsrD/YPdp/Wj+bYCta6SVgHP2eXg
ViYDmkvD0ZQfYPGeRCbkZUSYXa5T2mwJpZ4K1y7Tut+0TdC9VQlIWdpaiPJO
u69qU7Ve6dQlXymqRYfajfym3hsBsUI4kf8L3vTFLzVOtW0lBsP4HDeOK8iF
iZlzXZ6MBkqQ1Wdp3rzmp30BAKQgY6cNcXoTmtZiihE3LNVbdB+y1w9Uno7h
zu7P3h6Ii1dvdFJAVFAflGkxpYCxZraNrmXI6q9f9UvUtAv061f1xipRo99M
e0CYdq1mdEAmuZqFin3efIdK5eT6jG8UrIzdqU6XEgxJIWfLP0vUoNQSrl93
2t82qlxJ61Bam5laorFVyzqA3jYs+IZe6CiNA35xe8btaJuvadvWtI6Q5IHZ
ejdv/Ya9zE7UWa4tGzsQKA2g5xTXhnXAV7XgTl/2P5WXfWmDItqIbOZMvcIF
t1TqNwXLayKKclVe9zssB/MI8KnFcRpW0Fg0097I7WNN4aE0hnT2mjbpwaMX
gPklb2fTgdnt3m5vwQf0ROsNyru2o4xoOvQYvq6HjrwxR3tymjb6K2ouIAKb
1dXa6aKdFMt6Z/PNSY+m8R9lrHfM74/WN51HzSvaNhmtOmuo80G/WMWQ6VuD
6baU18I9oI3WETdIe2pDpZLQUyuu/OBwZ3umFTavXu7os88CMg8s/SrJa+uh
s+athWvOWoD/RWu21OHLe7oygJld7U3o6Wb2ArqOesOGJG0Mi/5V42k23zKl
99uEKubacsnLBZVTJGXTElMTXWmbS80bkW57/yd5WEfWSmyVkyD+Sn3pdB7W
+u6msZd294WvX7+ZbrS2GONhiOevHUxlbW1uH+0ddK19YUtsNS5tGL/dxdtU
nduvdNAoM327d5McQ4cYYYB1zQjQLMb3nxt7m1vW+tbT7d3Dv3beCXY16Trq
LolkHcnQ69cjae478xautvr+ejBqRsXD8JHWrMqJPN0Iz4eB6uZ3On3jNz6x
zj71rx5GMqcg90O7+WkRzTVxAJ02t55s725LfO5wFro76j09VLE2OUmns/Vu
f+/g6NDqvXz5ZyhyO/wNGzCbdyzpArii3jy+utHjG8It68nB3o6RmjITZavy
1nSmHZovYOioXMb7QEqHGQ14fQtWeoSGWLpsk7b7MIgfqaDlshYUK0s7NKws
ezpxlz2duEuflgTaxaclb3TxaZ3rP/+4znFf/vySzeis5qXPL9uOzmOV5+WD
Rcgs+XT509zMkk+XPq22suTTJU9PIbPs4xueX7IZAzILXyzbjlm+SfxfwhCm
mP8tptWmiNNSlMrVbFRcP3Rn/cPHdVrU/YeO4wV+Ipie1/K0/Dd5mBiIXp/2
T0u2Hl/gGC1mEQursP4sEgp/WxbhTclqf5dXQPxDBnS+p0P6/duj1/fojf69
jdHrVlP07+2IXre6oX9vK/S61Qb9e3ug163+59/b/LxuNT7/3q7ndavj+Q9o
d163Wp3/gD7ndavH+Q9ocF63mpv/gM7mdaur+Q9oaV632pn/gF7mtdnHfAlj
Wl4uToZ07xLwe5R/317DsbR+47uKN+5Y13LvYu97FHr/VCC4Q1n3PUq6fzIQ
fLMc9x7F2z8TCO5Sqn2PMu2fDATfjQVLCrJ/HhDcufz6fqXXPxsg7lBofb8i
658LEHcqqb5fOfXPBog7lL/er3D6pwLE3cqk71ci/bMB4kdgxNJi6P9NAbFo
dCxJY12wPnDUO1gfS7yp32OG7PcOejuHVu9gS5f4tZy3hwDX3Ywigc7Mp6sr
Vqb72bTW39/x7XK/00dzAyiqHwmKeXPk/qCofhQoqruCYt4a+S5QLJol9wXF
/LbuDYqFiW4DRfUjQTGvmN4fFNWPAkV1R1AsWCffA4olZso9QbGwrfuCYnGi
20Dx47Biiblyf1D8GKxYnOgGUCy3Vu4PjZvMlnsBZPnm7geTG+a6FSzztsv3
gmXRiPkOsMxv7nvAsjDXLWBZtGS+DyzLTJp7g2Vxc/cHy5K5bgXLvBb7vWBZ
VGe/Ayzzm/sesCzMdTNYllg53wWWpebOfcGyZHP3BsuyuW4Fyw/FlqXGz3eA
5Ydhy7K5ZhbQ1tUZ29g0xo8RVmUsWLJ0JJ9DHl/20G0wW5ZMYP22/Itq+RfS
XvyGL5aPYHvqG75YNqLpWn/TNzeNWb6xpjH40m9u2FrTWlp/cwf767Ynqzs+
Oa+93/ZkdbcnF3S/256805zLFYZbH54Xo7c8vChcbn14nohufngJI7r14bmZ
JTtlbW1NaPRwp39abqRntUn6t5HX2r8zL4RDbqK0bz4DwNzhmW/OI2C4wzPf
mEfjwF0eusNM3zyavutvPvTtw+m7XfLQt0n8roOqPz5ojvDvOqj6w4Pm2cFd
B/3RlZYyiTuPq+41boF13HlcdZ9xiwzlzuNuXs9gMy1VYNqq4jZVYNlDS1zG
S9/19dvyL6rlXzSCdukblZZ9MRWzS9/Ks/iFqQEsf7HL8m+Wb8zUAJa/O+Om
b6Zj7qgB3M3TefOTyzSAu/nJbnxyqQZwNy/LDU/erAHc2Si/5eHlGsCdDbib
H75BA7irss9GS5o2t3Y3dWY6fjr8q2qbZNSxHk7GrOWr5Q2U9UQqiKR9gnQ9
mRbS6EdY5SbFTcPJ+akZ5ZBGNZNxOq1T0j1sVAeHs7G0diitsp70T1lboAsP
Z2XEma69bzK2V6zd7cOjaeuVlCWNulRKHh+PsMtpbel0e1K5IHviS3G30nz6
ybXZyIVtP9jxaaxfVyzlZterk9Fqis1ffymN7P+zsZQM9y+mHVsupBhHSumO
S3PH003IOSpW9GAdNqsRGPA4UolZpGP1CshZm7V8fH02GR2P07OT6+ZNnXy+
vGLBr1QgcM5Wo0qjahTfN3fCuXiKuq8r/OrSgMu0cZt6XaqqcFJ92cZl+kk3
CioH5YWsMT2cwgZdmJ/qRhZj1ZROv9656QqDfY3Ox1JMr0GsO9GMxtYxOz3o
ArvJyYgFG5yDxY5d6yUrWB1rVZXXsexOChdTiyUfluqL15RogDZXpV0n32lZ
rh2vrVi9rUN8+mhFz+RiplkxrDkfaIRjW3WvzSyHz3r4/rH81xPims7n3XVn
ibtsZ4k7ncm/cWde7N+0M4s7iv3H3Bh+mE4X3HFjzbHbG5OPH+lC0oWGW1Ir
OaMdKSdSuNygBquOa8tZAXRE+gd8Cc+gX0+aVk6TNFudUofUGRkvZZ8rzpxG
UKUJw4qRxrky34mGT5CQ2FRMV2G2ckDbJ5i+XZVdiXSlqn4fbqtdjmAkvpZ2
HoDJb2yKc+Of3xQ01C38Jl6QNfkQ2s2aJU2kfmN7O/1z5zcp8rplMvPr5hfj
Q/N7TCbumocUB48WdSSs7JjbjGKIEPzXc6cfhf7dJqsWJnMiO47vM5moPDKu
NVnouj7+68fTj5LwbpNVC5N5QRjeZzIqVng4MCdzkyhxzbP9JjznTpNVC5P5
idzAH51sqlv+iNucqqM/4janGuyPuM2p0vsjbnOqJ/+I25yq1n/oNr92rT+1
2J416U8G5V8eTHNFFtSGB7+LVraluurV85We005xuu1ebbbcmLFJqcwya/9Z
6GtUdUrh7nQR853kX/801/GZ/QnaPf6WJNcrBW9Z8z/dIndV/rCOUFt3ksvD
Dzs7m73Ljcv3z99vf9juvX29ud7bed273uq98LeeR8+K+PMnv+p9+rL/JTh8
53542nv9/EUv2XjzOR6vh7/2XjzvTJ6/+otaAIrtwvRUc1WXXtsCBnXbrVaB
647TxWW1PpXbTLq8xMXig19cYLcV+zbIx7EdoKqP/7v2Lx1972rg7x3LAa54
nvxqtCttPeSuW7Fj2Ym1tWFFkRVtWL2e5W9ZzhPLdi1/w9p4In8T30oiazNp
D04cK7atwLaAz/jhiQ8BboU964lrrdtWhB9imSVOrHWM983B+rUNJhIYTYAN
LNA9H29DA0MYiyxvuuveFz1UzpWBH0+2N3qvFnFkfWuj//zjxYuD9++3dwfb
V+97h2+2k/cnH7xfJ592X5eT4w/hztDf7Tw7PRz0Ds/XN8orr3pxtvfs8vnO
l/jX14Pk9OD4ycbh8f6rQXrx4rK8ON7oZ4evDVya30sbmWJ3EZksItP27tHW
U6CKjQ+DpRgW/SAMA68Jffm11S+39VjPtdzQ8talTaAfWHFo2bHUkwWu5TlW
aFs2sCOwXM/aDC3XaQ8OgZRPrN6mldjWZmA5W9Y6xoeCXZAT0ZZlb8qH4H+9
wLKd/12xe2PG/BZQGUx4UK2KzllOX8PQ6h/1TfQ1Zu9yH5vpJO02O2paOHdx
hw/tK/fR9IvDciy9tXZp/86elz++142Dbuh1U7cbJl3b6SZJ1827XtLNq26W
d327G0RdJ+sGVTf12oPzvJtH3Tju+sFsralOPfW0dS0cCOf5p5znn8a7ky32
6sOWrI2/PDmAcfGX/XQsDWb3/rI+Oj6vp9WrYiEpxWSjNztuOugX0vXE3JL0
7Fpn75CutZdPBL8dr+u7Xce1WPz6dOdoYQCbfFl6gG8O8NoDdHPc++1XDzbF
oNR7t0FqfHkX+DV/5h8wuGJ34eH9V+SW4hsRvFh8QP64WTd2unbSLfNuFHWj
vJumXb/sOlXXdrt+LuiBv4nfTaLlMxRJN3G6MfDH7iau/FD5XRfIlnYrt5vZ
3Qg/xDJbnCyfIcPkU4KzpMHBhTfrPV+3B+mvGygTvNNs2MX5Nza7QdL1wm6v
132y1d3wu+CeG1G353cjkoL3pGuvd7fi7jpIZH1xAtfpRutdJ+lubS7bR+8c
Iooq1//fO1lPa2CCdE6ZjFPpgtm1cmxMmuYs7qXXPTp4vbVsmumLMW4bbnAz
leksnSanb2q4O2+YPflGLOfZmYGEKTDK6RaloFDudR2/W+CHoltloNmuHwor
85yuiw+BvUU3zWbDvapb5MLQ0kCe9/Fv2K3srpd1o6pbet0g7cZ5Nwu6MZie
wnZjuBN0k0oIIQi7Idie143Kbpl2Xa9rB13cQ+F0oYjloB2/GzrdIJAHZqsn
3Qi3G3e9XEbFpfDb1O/GRTdJZT9eIA/gyrHz0OWv1Wy4XXY9X4Y4eTexu74j
pAdmVYESA5knxL+YE3wbhInZ3G7hzoa7qTB2DInDrlt0fQAn62apDMHqkd0t
I1kxxL84dSo79wzpUhQCijAUJlAJy+9mbrcMu0UsYwFk7F/w1ZZpY+4kNFbH
kbFDbAw/gPDLoIsJfWzJ75auzIlLBNhxEbjTFPCBGApnw7FiCJ6TygOlI7fs
EDgAJs4OUEBOASaR180SIQVItNgYjgvCWbBhGeLKzxBnGddybJkZG8C32HBZ
yhJ+JtNOh5ekQ2wVt+PhXKXwRvkQcMAG4q4bCWeDuMQk2HwBqMYG0pbdKBDU
CnLhqK4rN5gB7IHAGVANcGv4KpZL8bk9uzA2T9wGk8TGMk8ODuTHPnFfWC4g
lqZEY8AT+Aw0yJ3Z8KDg/IGAPSy6QAMMzF05O2jEw8+lXB/QJiRaAvc8gyFX
eCwWxMYRcGpQFmBo8/g4C84OWsDnYPIQB4IbQGzj3p1UUAJAA0Hh9kEUOUkY
9wWgAQL4UNAJcwI9nG5VyHGmw7EWtucmMi0ODgCWSuikmnIBN9lPQvoFVEPh
pDPQYW+e3B1oFmDEDwnAFQkoMBs+BJmAmYCQATHBn1yOPx0uzDeVi8PGAHDI
QXwLaACAQuxxN/HkBiHagHJJLnDODGkoHKASBgXAYsO2LVcvYrToZrHgp+2R
1XhycUD4ivxndvawCw0LSpfgvC+UjoNXkQA8CeVfsBoQEZaGqPUKYSOBgbS4
U+hyIDRZlwPBKCCCcRDBtEiex8GBUfIhCaQwhoNMSl4KhidkR6kjBwSnxaHA
BgEubBiIBD4GvgFIxsbmQaG4jsCnzkBMg5DDQBAmdgvIZESh3Jf7ApvCPl0D
dDgd0CDwZBQAK1wiF80hAvzB5wutRQD+XiwXAZ4TGatjk0Uk+wF+JnjAF/ST
RSuZASwIVAB7BrQGtA8yQQYoG9PhWdHNbdFtsT3QGjYPhQfsAgvZxGG3lHsE
qwQvSglYk2CBA8ItA6EIYCzEAbAUAAE2lrYcX5gGpQ+u2KUGHRgECyZQVLKi
Q1qGPAIRQaDEpDjAvOAlYm84BZA5BfIbQgo7B6LKjRckK1sgILdZCK8D6mLb
oP2okNuJeKLcYFb4NiKeVNTZBNoZ5U4uNIgbxLqYDRweTAy/QgTEBuiAVCBY
WS4SEVAFgkW4HcHYSrAorOQugGxK1oAbFCarLIQigMbgigCpHYoOWQDzCwEC
JgHkMQpDgD8QiDEOGLXkO0BRgDOUMg/AixVBICCximgGzPcoZYDAwCIQb2UM
F13ClXsBN4NQw91h9Zz6AKAEoVASf/AvtgT0AJ7YBq8ThRY3lclywECwSuwN
WkpFVMRAgA4iQwiWoh98L/LarLIg0kZyNbgUrAi+ISaYJxTqkw9gUWFKLlmu
weswJ/7K5JFwOQigmKK5ciigQ1ErAVjsB6gIQvbJ/GdI6wpFqyMDblgFaA8Q
AZEKEBcVG/D5jKyjJLM1dRsgEkAHIehSeopw5BkxpCDCgEawIv4VEohkLdfg
tEAnIBtwSURYICQJ7QVsE6RkE9NcyouSyAz9LSYmz9DGFcUGNCX3VQqJgZ+D
cwbU90RwV7LzihIE0lkMEwPyJdUVEBrIDTciylsqexBRWMnMIE/QCzBBFMhQ
5GNpECyAAyAHVOTAtUB0gBVgjueBAGLj8NeMS4jmgIcNdhEp6UOVAALIo5zK
OTzipYCNYGMeURdrgS2kBuRxR4A27temKiL4T/bl0eDKyCVE0c0FkoCwQxk6
A11FuePJJt2KVx/IJDiRMJZClsNxQG74HNzep245Y9R8GKQK0VZxD7h9bFW0
qYh6XSIQwGw4ApYA9EwZB3DhL0gGd4d7ARZhn5gQ6A0VvaDnwaOqmZMbAOWc
9tkxNqQ6IXjryxEEBxIhDcXAhdAC+RzcD/sv05aIxF2LIkHGUtHUxV0AGyHl
AXnsAVQDFALzxFVie7lJ777cGlaHKMeVCUHlwpBF96aKW8ZyakAmp+YJUMQG
r8N1Q/4C0zzqHhC+oqZG5JZEGCH2XHgv5D7AjptKDU6LfYa8O1w0oITzljxp
Rc0EMEwpfEGG2Jvgnis69ozibGERovxj576MFbZJVBGdIZCz4xbAIYGrOKMT
tcwB3AIgBkzDv8AxQEBksUONqBKuDtKzOYOoB45I2NI4O24N2wY0RIeJNEni
YQVDufdYzg78B03FCp0M5QTKOTi8GCm5sEHsP1KGT0jG6AlWuMQlUDEOhV0F
BuigcmCHOLLAkKafGBQe2XIgOA9wCbsrBIcxYUbObJKMsDjyN8ipnCqZ62hi
yQotcYRyY1H/wD1ig2QqJSAcgTC2gdsJaIUJpVCdAL6JmueJkAJmgo/5BrMS
JZAkFlNHAnWLDkMugQ0LwoSyItggII+tiuPFIJmMnLZS1qsn5CCKXyRWsxho
oXyolF5ABooK9uMZvA6bKTxtpAC8Ls1wcPKC9A7hBYEFYwGqjlg3MW1Gpy2g
qUuDn0Cag0FB27F54xDKOAUeBtt3CBmP5gagMTOBC1kU6C3eSK6CzYj9SIGL
GwRnhgTBPKLt+yIpMtOCdgXnA6WXpiKYQG7CG5VmVVBh8+QguEEo5InbprhC
CE2pYTClocbj4ILGttymS6zDtsFgcTs5BW5ctYSUaJ40WMQGD4RN4WoAUofA
xMzgSCGXFls4EiiZ5j9gC2p16O7AvShsB5II7fsUuOS0CR8A4mUGxQnrs4Wl
B7HcGm4KGiaGQ9UE5yn5SUBjENsQD0nY8ssBx4S7UhMWA5aaD/YPAyGgISys
m+q68F6PXNEgWEASxAJYwYpM6SJwqcmHIXWSSDBNbqQSiGX8wbSggdWiNisD
MJNF8W1OgwhAyGgRiJ5A1RrsV6S5QbAwOoAPMi0RBspPSXMY3AbDbXpdgE7K
Jynae9QyB0ThDOUvTPuKvDEknmA/gBJEQ0k7FJYU/oXekrdBJ44mVxiyQwmV
0AsKrAZAIpoV4NI+1YaEih8YV2a3h8cCKKU2g4eDWwp7pCfK4aIQIkojhaHt
OC3PCUgDjFdO6sm1Auw2lVv8C+YQcK2IRiiUxiwRzhaYHjMyJWAsKBeHEg2H
jiCHwhokUNJCgV5h07MUUYrNxEQmeAg2JeLbl+cTOhPEXxfIkWU2W3AAxwRT
whESQ8JWxEyxOgPBLihykNcuvTQ4pty1ww071LEjwYrEYBfANNGfKUogAjCb
CGgqrkCnlHwGv2J7uPQqkeOHBugSZS8HAiXRSxMZGFAJTGmqi1Xri7AAYCN6
h0whBbYg/MoXtAfd4WdR40NhgCAZNRu+BR25XEVUNZPeM9m22M40eQClTPE0
nyaGK8/jVwAtoNsTIrIyHW6RCG5gIxgsSDujaQBMcylicnok8IlLghV6T1ti
Ajq/OCWoroM0oHo5lOkCCnoRxbgrCcOQFO3JtDOSsWWs0CYFUEjXYk4nXsW7
wyjBYWIF+BX2mRmQBxaF9HgE1P0AAdAUeILLm8JUooTnFJcZLeVSiMLkdUCt
ipq/eAlcYWuYEOqKWHAkc+zfJdKCDCF0EoNRl0obLIWpekRvxSEhaABGiAmI
qpiGsDiTlQZiYJ0gBv0DwHzRP2mKQu1XxynIGGNCwKOxDK24MugdXBH8AXQH
gABJ8IA4eG3SSyEKqlI4RV0P5CscKjAgD0UaOxTlh3YBdABwGPAZYSOJ4ElC
GaScycBYiDzTS5wp1y6PKUKNaoCocDa9Frxl3yFC0nsAzp8YnDamdxpAA2In
pBExiCK5JjH5fRqeJf3PnvD/iuLD5PNAMI8firvPE2XGIYqCTWV03eMs4jak
g1eccgbSymYqOoEpo2XP9C6KJl8K14pJj/gLFuTTuDCVUnxoMx4KhHFpiYf0
bHv0dImfn4azqOiJzJnRkT5jVjR/HIZNK2ojOD5+SEllEkHL5HQOXUAhsch0
eQHnoe1UvBTwsTJuuLQnTjOgugQmGG4DAwToCmpxM6S1qSQrUUJXCZBWQhuF
YLJoeo4QYMZAg/DJsK0aOWKkhLQ7oDADqbBQSRUlphNJBH0hX4lpmci9ZwbF
lZRowHmIOawo3gP6V32qZ7ZyHkaybeAMDhi3Nw9yBnihIPk01R16FIGrQGYo
1aB6iKeCgQOXoZnSboFOTH469h0KsoyuNpccW5DNZZiAmjZmA6cK41Z0wKZ8
VLYPUAJqudjgnuw5JZPEWEzr0diBuJEAsXHvolDR0VTRZQq+FPIZ4bGJ4KpL
2EK0gYQhc7FcywC35QFwV7EpEkEAh7olji/mTyz7B8PHTjICuWKEwmRWovYn
tDIKarO+XKLDY6ZEFRhKCdVL8Sj6whhnYoKqvstjpvSbAfk9CjLx4XAgAJJQ
+GKfmd9i1GB94BjADXF2Ma5RUJPJKIjFG58xHMMbSRXyGOoBqCNh5EiEIP2Q
okVQIovCo5z8nkh/EK8wK0ZSZvdObcojOoX0koFl+Uo/L2S3FXkp9iws1BE0
9kzNihSRkgmHVNsc+o0xp7hu6Et06bcHPxQ/udfylEINEOUnljsNafSJIHNE
vidUF2Oanx71cHAVXJ9v6jYuQ5aRSE9B2kygDUkUM65R0jECKSwCwqZbwxYA
zu69FFiJxpgwBBPIog5Fc0gzBNZNxMAiiFFpmyanlcBBLpwqZghJYv3UpjxO
JfoevbghVXqsazNSNmPUyl9UCPQknlJQhtKHAD4DbASlgEuINkurEGZUYug2
EgxKBROUuit+BiJ8pRzUntCjgJQuXPFbOvKYqVUGDAOJ9WqLNi436wsCwzb0
VVjBFcCK+MjoTzb0eUASG4jpwRClNBLu6lI/wY0AbqDoiCF5CHecRYSaaUlR
7Irak9HPHNMPQL7q09XgEavxmLhcAkoEg97BEITXpTJ/ydBtxRCGzEZ/eM44
IK5M5A7xZ07CgjAhTaBKiUOM4jLlHfmUHZCAPr1nmDmhYuM7LZIRfZ7KJ2Au
bmpKChALIAYOjz1LfMrrKvU1ov/c9JgJRdDVXFEVB36Kgs1YpE9ttmISUdZE
Wwpj82LsZ4wCM4gM2GKfJSOM4uehiYGlC6Wx06PrGvJdDARbHgOeKCtYkUZB
mQsKwvZKhj8KavjYj2OICdy4SDdbCAdYCqjmgc4ESOiUwMWVPFdCrUb8AAbO
C5dLySRd6my5yGibWkqpiJShpZjcRqlAhXnvHgUfmXBJPQco59OpDvzJaERD
E0vpbS6V/DVABwkiSnjJ8HohbBCam0ObWoUYbLI4zJDTHY2ZTSezWKCUcfJt
wihwRp+PEu7KeU5JlzPoELTt95xKSETzOS10WAeUUjHLImL6AeRXrNy/rhwq
N/g8NpPQFZPSI4RLDJg1kZH8QfjQn22KLeE/MZVt02MWiPiQCEXCsBolrE08
xFls+qxEX/XouItE1JomMO4FgAKHL+jBEGudlxhSoYVaUhAnY7rHRQzR+21S
XBLqYIoEVigWfWo14jEm24ecUjpqxRh9aKasBFyIMTugqIQAIiHemDkqEoaO
qfMwGQP36DIVYXb2SKfeAWjAOp9CEBwAfFXwUGW/UPdTfkvJEDCDiaUoFSqD
S5zA9JkIM/doqisrxhcWLU4nhpsrQ8qACQd0w+JDAFBcjpGsDoglDFyKWpXL
9QErcEwoGy1jpBJUgRqQ0Iiz+a9wRYeRpoqWFHcokrQQBIsM5QRKSELrpmRc
CdSUE0UzKsMgIjEBIhH3CZMiIq+1upw9p3R2hclLvJVxAaCKWAeusAgI6IiO
X4lW+K3MB2Bmyuwah6wJvA4yTuRFTBrPmHHhM0TOjAhRHc0oMKPkwgp8MbiU
AllQvIJLJDThSxpHOe0j4FVp3HtC41qcpQxoQkanjHsKf0toGdGsAP6ACsCU
MqoBpt8GDAesJmIyD/ZsU6SCvmzqexBVwJOS5jl0HvGgGiKyIo1IXIkOBDCE
ksaOSCtKalCERBjpBANkJDZkhu+pqebKa+Qz04mOTVyuBFOohjmpTlyRqGvY
Uo0KBhGUbyekvwWICkoP6TrLGAaNmerjU/cTijPQJidpQMQEvEHcmuR7pHJT
IYMjOJTgD09dMOBStdUDnzYjNimnUGFTTx6T/cSCPAqpIgZbxe4zk0YcSjGq
YR49cjbNkILxrJKpYhmPJtoO1YPQdLiV8jk+KSlqlcNNnC10AAJ7hY27Ikok
rkHPj2NgXcEYWUHlxKFXsKC/BYiUcWYYNWoPMdOuRKIZ7EJiOjQZRLV2iVo0
CSEHPcrZnLpxwHgrWJMQvmkO0ADMKRmxQ/wqVrZL/yfFOsjNpu7hMbwYxi1z
ICIwJdfIlb9Y2iVRiL2sfIA5b5bBspgajhmPC0gaDoPdEt9nHN9TKXZ06qog
Y8ZEFC/S+ttsdeYRuYx/SWJYKXy1oIoFRq3MNJegCGnlFfTIzbiNyjogJxRX
FRNalMNBMhlo02XcfMaIfFy29HmXuYWCzInYMsAfnCVjSB0XJ8HQimKxENRN
KUTmU5UqUSxLKgZYS1wcvoAd50oZik1IgyHVEsDBTNcJGG9ymFMRMHUkZRQP
9xvSv41DqZyciCqrTYekGc6TYKUnAMQ8KlJZMFUP2JUzvKiBaVMKF23Hi8pq
iGl5RVShuc+IeWXYgJjktgi4ivFfoWJjdRUJUgYUVESPZovNAEpIduFS/bAZ
48tpmvkG0qoULBxZ8kwywbpEpRvRRkioWCYMpdmUQdi5aYyUyujmkWPGKcCp
SoZlCyZRCMbSUIJdXPB+XTOnlHpRweS9mM5A4AwYlEMTo6JXNiaP8pT7q2h5
TiTsQms3UnLcJZV5zJRwRPJK/ht9YhFFZ8F/ZxfnEaN8UQYcqkYBU/hS6pMA
rOCMynajLz1jmqU5PGQ6qzg6IgbBXQYgclFiBZOZASX6RiWiX/x1ZliHEQ2H
qFJQ5XY4CRYCuADz2NZssyi138M0xEoKPjFyqUgIVdLVrKI5FfXwihwbs5W8
07idWxjQ8+DTewMUEtJOGW6mkxxsHEQUE9XFgA1amU6QgAlj38q+qxiODxmV
8xhTA2sK6MqA/aWtFQPrUgbEK+pyQGlwVEk/Zp5YxkwhKEU4bMo4C+7Fz1qg
w0Xj15TpIgFjl64vVrPPhAfh/wU9t0xSchQZGnweHwItwYFzqoVpqYP14N74
SvIZmKohByzkcwlcGuZAobJ5qTuB49nU3vFXfCzM3QW7VlFgUbBt2WdibL6i
JIVeAU4SMkkbty+MkZ7qgm7MguZG0ES4zJxSUF/ObKKAfmyQiQRQYroymOBa
KQM/IeEr6jC9xCnzkx0hz5RQFT9wKHNK9gs9bMrcEJ9VIJhgZvuAygBkpRm6
ZIwx2SxwSY3ymFya8xKBXQnTd2eQV+K1EpWpooyLmINR0JYpqLZJMCujnehR
4TSQNmdOiE/jVPJMGC2VAyYMaNKVUTKnzuOJAJCWJRUJl06ZbwykEqdlzOwX
ijNXlWwwjS1khNG1Wxq1yn8TtwDtKcyWMvMZTDuKtF0M3Qn7SZhJFWUtL7GK
YoQKzZoEv0zZVj4xiokcvvIMhML5zWig+DoKuVlJa4nlFoSTM+CYMwfSJsAx
A/YD9BDBZzArkKEKCcWM/0L3c+huDRljEnqMZM+Q2jYt04D6z+zemRPiqCzx
QradM4Qh/uFCFgrp3ICOEXo6B97MMUtV4haZf0QjvaQ6FyoB7TOqwiAdpJtH
tDRBV1C6OcxeqJgpHVAsBlQ2PIZ7AuoPqjAHJJCYGexMuM2UC72U666a5N6A
4BLFKWdqn00XBFmu6XArmeMkZiOT8HPCFmgmH9KaBq/waUFnjubJJtb5xBOg
t8NkFdggIdOHoIcoaeWTzyQqzzBqKScetTXBPXotJBE0ZhlIIAMrGo8K9zA5
2CmeKY2ze8zwFwUs054KxT1i5h1JkEhpffQBVtRDcuPsvnIa0F6OKp3iqLLs
MjoBClrEYrCEmivmZmCFLnGHhmpARxM4vOdoKpYYKJORPIYbAsI5MpA2Ydac
T80WyOOQaTs0YMHxJPk50p5eic3Rp9QyhZhwbisuR2vXYVQlZuWFOOpdgaoE
OCKGRYJWdp+ETiK5rzLVUcWUt1xRzAE/xSNUkpOXLI2hdTzjdY5AAxwpo2IG
MgfpST5AKQady4C4aLmV6Gw2E/BMZ6NLVRljHfpqAqq+BfUNUb9JOzHxWemf
kB1mdMCmBi6htISKTUYHCDlVoQKIZDviYyftBEnL3ScOirxJjSOEZZ/03Ump
i62LF1KGESWdgG4rM7QhoQSHQVtXDqLsGlEnqHUEjOy4LBfK+JVZuaD80oIV
TDeFgPBo8UXMGNQ+dkfXMkhsLmvlXYRkawk1EwBcBYl8+j8darMObVjcNUhJ
SloqIW3TDPToGk3IDXJKWMkiCEVM2LQZVaWPT4YTtetlbJJwSWdmxDiOQ/j7
DN+A9WFFyE2PNVYVs+8C08lMBSxkijtkcchwecigsyRIe6JbJnTIBIy3iufE
zDGjz1mSu+hxdVUOLZMqM2bSptQrYgqXgtBITJeXLbtS+eqS+kirIWN2U6xC
NgzsSuiBqo5TtRytKndIlSbJrcWiyTikEezcpdsEKJQzQpcweJQaMi4nXSj/
jK+KsOhmdFkeBU0jVx7vkAyNflTT6eQRnytmLMiGWZOSs2rDCbQyDMjgjCoz
oUpbCTMSGqCvBnwjoSEJwCoHBZhnxsyTiFlwIC7wgbhsZbyEtD4UY5Hcaeaj
CrIx+l8wSc9nRnfSWChmopTE7kmhgUqYYUhUio8qnSNkMxMpoMainJamez9n
9ZnD6jwBICtHYmq/LgvxfFYlhDRhXPrMPVPG0daOVIJfwBAMHaQxtU1xXzS+
C5vavrBcU5+nG7BQCjnFBD5xaQJH5B6RuiyGI0N6gM1co4i5IpLXQZd+qrLy
WPeEnQhziEXs2rZ2dVZZe3XaVnks5JmSq4PqYewklLAS2ankInD8mDE1ESJm
qVEutwNRHiuDiMYmCDOgKpIyxRHfKqXCpjljpqCDRScMQgUUBCkhnDIfFQhQ
sNRFTPJMECNmpCwxKxeoOQMa4pyJWRZETADGineUKRMiBBlR9eirN+13EAIU
15KWIPapclNzZg5LIrqvNVIpfgyFcYHtRAa7EDKki1viIK425CGVqkq7sDzK
IOHDFJp23ArngQR8R68SqpJ55pB4xJCM5ja0XGAdwC6pF5EIgtnFKW9JwYuj
h0pcKyxUyZiLqKvzWPDlUgia6bgRM1EBQGGwrtCIzyqGgOHanN4SycSmxgt4
iq5u2LDiTGZxkEezS+wsVhiF9F1Uyj+c6VqPmOVyrpnpxGRLh/wfuFGwHs2n
q82nkw2kBwSGtgwhFTE9wLSgVQTTptnlq6QXxl8AZIemTUhHjZdrVVmV6M7u
XcV2WTRR0qsjWUmMh8oR6HUXdc4mFRCvTPXAoUWf0LNhs96qaDDcZ4ZzxnyS
gkjrkX/mWUtMhEyFrRg1LslRxaagJRUxvIgrkPSGUA6Ys25rBvlYJ+qDZ2as
wotVtiFLTVMqoiWrC10mDSr33ezslTyDA6Ys0reZ7+0y7CWUyPoaSAoJUDLg
ksStHHKfHlHs0GOOdMQ6RJVZJ84f4qSQHj2iPutbI4NRF3SjOTS4RP0gi05D
XU0WUiWTTN1AHhMPP1NnZ6vTPxnS+lMWXEGDzmOFMjR5QNVjtEVllhZ2S58P
qQP7zJ0GjcT0deTkhxlrRSU4qGp4CyY50/1uuj4cst+EBT6S2UsLTlV221wU
n6dE5pSyLzCTAxPhaQ7FnNinNkWkL9xV0jBCgYlLV1VKv7frtPx1uNBSVRkw
uT0ImopO0kvEVKWYKV4Vs0oAq6itz+cETsx0LEl9VDYUTYNI5cTG9HzGOt/S
MavzmJMjWjQT70vWv7ss/pWcaookR+UhMLCIzZiFDyVjyg4zBBTy5AzdKldD
wqkCRisK5q6LUDMToemeypjmkfPePcYgJP2bsAJeVUx9z6njBX5LQGfMwpWk
OKK0yjCRCjtuO6XvImGtRMVyG6n9N7mNQ08sMVx0Dybh24xfxzTNQhWYYB5y
oRiXmZ4Xa1T0WbNZsIyiYPaRrbLWK9ap0dQNGS4xE2IzMt6SmRU5GYvEhuiN
AYMt6J1TpoTP4k0pCjPO7jLiU1B04lo9+mZDlRGasCKSfhtVqSdhKb9dYlYw
ma3Uqpc4UhxmYrMuUlUZ+yynFWRmuq9ZkerS4PJzHdUKWAxVscgdtB+xH0jC
9EjQHUgGcsoxkDai8gZ8AK7msWZHXtHoQkR1GGU2uxkAsTO7ZYhJmrQnyrxH
R7TP8tuc+ZMFe5KU9JOLQcEQSUXnv2kOSCFPICof1LOEmI8NlHSx6tgBa14k
HTehQ8OkdxZ5uYnWexPmuUXMPxRlOKJ1HzMznK1OIBNNN69Dbdwj3CTJgaKh
JBOICbdSZfeRacfkFbEZSCVYAqaMSuyAMiKmw00V4omKzgqjkh5XlRfR0i4i
7TqI+GRIF0rMtK6YwqsMdM1CSBPJdPcJ+dNPFTOfpyJKVywIwp4DZv0V9Lrn
zOtwq5ajNVAujoJ16KzgC9mzImN5ncPSb482tU1HOkDqmXlWXD2k9ztheoBL
ZaBg8BdImDDMJ4pZRHstEfyfbZ5O+6DSmbq+SnwqmXrBXyX9hsZsxYpIsKzA
QNqEKWoOby2hFVOyRCJhBEfZ7x4rZFW0LvHbuYUBPXi0AsRUjATaEYtbI0ar
bcabYvZDEH9gLmx5dnZ6G6S+L2XELWO4P6J1w/hIxKS4gmZpRgdRYch30EXI
0I+q4xaVICCPYvVNREEjooStDOSMTsv5UNG+EFvb0ZlpMT1UvqMLT3zW/jiM
IbpMDjGjAwIrwsRnEm9JDdZjZgioDNuAbpaQw0SpTvU0fZUQAQHNT5+pXHgs
pMwNGYzwmBiWUMXFXdgq68ZUSitKcHYzkDxzpnBLmQNlsceWRNADM9adqdoH
05pQdRklfcUJzZacmY2pUudo17iM0IEMbarcLX2expG4xTJh4ylpH0ji0VkE
cNlM25BMWrofi6CVqhQypS1krwmPgCpZJhnS9lSZ54psJWmE5X4mrwOmOYV2
cgJ7lc4p0RZPV3q61LIcBoxEhWBR+Uw9UE4eRl5SBtcKpq9nDJRDS8mZZQTK
tenG99KWhAVkIrLlnIZYzoILka0x8zwdIR+XUji0tcRJ2wXsAe0mmFQ5c0Vs
yqyKk6hKTGlYkbJ8g/lUpssrIb3YLI0vWCApigoxNmfE2WfcJybbCRhfaA0v
WVNZsnZS5V0rOy4VqREq8ypkuleihVRqdttg4qKkAFEHyGmp+UynjIm0qmFL
zAC3yqs0VeLY1pIxYMDapiPCYcShYrDJZk828fJlWrGpDNDlNAcc0riUdNEG
l7A1q6dd1vtEdAKnqaZH2/TPp6KBS4Z5Rl7HukjNMyu5MpBDyAhFRDPcZUrG
TLexRUBIWwxGcKSWnCmgULPF5c56xoJZBB5bLuRsVzK790CnjvtU1DPyeQmE
ZQJkj5peSD6TqYYGQcv1AWhICxeK/pQ9DVxmJIIxOqoGKmBeJXPRIyZGmtW4
IR2JiapoYxwnp04eUZa5NHAS1oRmjO/4czYs8bmgOSPxX1vgLFnTIQ2okJ63
nNVGtBrSpBUdcFlikNFfFzHvKGKlf8rU04D5JBmtPFXy4Fct976j/BssppB8
XarcDkufcOSYQipjZldFy1QsetOSCtmQh5asJF0r70rYZEwx+y6jz9ZnrySb
9VBz2oVNpT1nGVTIGnOPfvVcNXhhMMWnWRG1s7xS9t2qmCHgMYKc0xT1GJYF
kWa+blYASKogqWmE2rm2YQNaGSJrmD+P28cVe+ye5ismxt5Nbt4S0BFzHjyW
bMd01OMgAZ3hEVstSaMV6jkh3ddx1Mo9SFT1K+sfpRUME+FsVgzFqisOFWkv
1oHCvJ22kVEPVOl8Ae1oYJ0UyKTkgXTpSO4cY9CSAZi1cswyBhFUCmvC1PeM
2/bp6kwIloK6ls3EFT9v+et85jKF7OdTMWlWAtA0/GNXmwYioDN6bEKW/Zot
YqjkJ6wdllZI9PLZzFhWmfY+i4BCtlzA3SWMEs64jScacky/YsJ0C2H1LP+J
2UNDiJTFhq5y4JetROiMPmHV3MzjRafUw33WDlT0bzsqF4sNwaR1kimkAl0H
6pFdVEx68VnRLJFTT/5KajodcYFyJtstAS0+TCZnhrSePHqZKtYpuEyLdQm0
kH9VqeOMWWVavrjMW5bicUpqSWgk2FVnOWEFbKcA9mVmuKleOrB3JF2WgTww
rpKWUVzq3N2U+Zk5K5gEDUyKc4RNqZBxSPd+pFp9MntEiqZDVgqrZD9PoOq0
C51U4bzD8FPEIq+c+onKhPTYcyOlG6eglWoq5Jg8pq0nOdvkugVd4pGjK2Uy
hsPKVGehS760mVvoMGLIphkFw5EOE3F9eksSag4lPUUh/b04YNj2mGHdhNyy
ZJGjT9ovmGyZMrfKZbunUkXnmQ8/u3dVTFGyixqLL0LGzVUaocuqxph+cpv5
e0XQrh3gvSeZ7kXjNgnbEa2hklHvVBW6sjo1dFtJI0pGpPQJ2wyFu3TRqEYx
Pg3hShVoM64Uuy0bFtcUkKf5NIEdJkcJGpS6c2DKDYvAYiszaRVlZj5Q/PnM
/lKabUzVWpV6AVAhm6pJkk/J5Pyo1Q4r8nX1UMACAZWSmjPTwGavJ58VNJlq
gMP2caaTuaKPV8oYWR0jjRdcRuQLkTgVUzFdUmtO7lE4rVCmKm126RwGZxZN
gzpJHGuuW1Y6G0HKf2KmBxibVxZxxtIej9XxckYGXkNW6ycsHAhKbcU7VDxm
OO/o/JyYFc0pY4IlKchWSeAee6QwwOGwvMWkuIhpFeKZZ11STJ8qrtJmCmJK
Esa6PiuJlGnQas7DAg3VqU8aEFENrpTZ7jSZQmz7IFXwzMkxsz4yKsCSU+QT
K1Q5MzPYY9WpgJaCtA10WB0Zt3LMJFLJ7nMZuXRBn17KNjgS0ePOM9rIIf1C
0BvNdNyYiW2SOcCsVJvYIvphpUlJxesD+gClBUrVqgmVjETyt5ApnQ4JX6SG
YrZ0CmXUJLExj95CM7igkiqlOiMXWOHiHOV6YiApYqcOyXFVlc659nnOm0L0
ezhMO8QMFeueEhK+pCuEjA4zxp26bW5T0rGgWkYw+URCfvS7OpXuupAzOcGn
tPLdVmViwoIXidonultCxdSdgi1ZHDqfK+bO5SS3pN1pxGHhpBS+0ZbxVIqg
z1QTtmr06L7wcp1xl1ct1chmSMJlbQhOUTHSmik+z5wBqfJIRdcq6bPN2tW4
kaMDKEB76eiivI7MzsqVPUIflFQEuCwN8Ft9C1WjgJBRmILmRslqNZ+pLyKU
K/rGSzYPYTGUqZwI78rZ4y5hzzHl+mObhVTl+dhNIrHCkKKVnidHI7tTZU0R
CwFicnsx9l26rFNtHQTUN2ID8gl36yh1lD1aK1KZ8pIVmeaWuAWcxWcKomkO
KH+RNNhkH6qcGl1ItJEICxMmS2prkuTMvl6mPh+wyNdmMCKmW69QGU0sy5Xi
OEfnD9tMPgz8VqqS6kdnk1/59CUmbIAmPZHYks4hjfgsvlBlOK3KxEK3mK7Y
oMBhTXRIwi/Yk8SlCwjbloarVPJNCzqk2ZvTD6b81Q55ZqY6HrDpaEKXqcOW
Sm7aqkwsVS0h6z2hNSV0kKrMEzGN6UHNqBWnuY70mdaE1Ec7NKAonoRJ0squ
Uu2cjJS3TTXPSdhHyOzZSPM2oiquomlhqouRS2bm2I0Pp6KJWoStqg0xT1g7
FrDZZsm0wJTN90Q9oz/fI4cs6d6RnIQ2u6go0KWjY6iz3KUCotAdvyuW57tK
GLFko5UsRMFRsgAho2TM2QHPVhpRoKs5BAJMl1WSyBSRCdO/g0jjm5RNsQ+M
w+LQiIpiyUL+lH0bzPY4CdljxRhcRtStaP/mTKzySIwVq58iurMkbcNYXTmo
cyYN+uzH6BdNP2EifEyq8ehCCZkMHJr58yolnt0sCwZk8RgUgFTlujCVt4x0
XnfExC0zmJixSDlhFZKEolKBsMofljg+25vgLJJxytq0iPFKMyrkMqU/YidM
1QLaYSmf1Kwx1zRpnNuKh5ieUkWhJZWKlA3cclbMeczD9MnBMnrIM2ane14r
Pa9gEKrKdIFMSawI2LYFEKjoNA5SnRqasfuHmaZVscYziHUb2JTtYpTnxGM0
MGe4P1JFZ1RQQ9NnxVYGAV3fTqTNkMrWbRgT+kVjlbvOdtBh3HL3xYzVSrqp
8pAzob1gaDhTjT7oeI+UEUTPW2JqlVREY+oeSvHwmReaMh6tMlTFmmOlrU+W
FZsGeEXnA7VxT/X+ZXGNao+gNFKHHCbgdfhBq3Ogk+jmisDVlIkE0neUnvCS
UR6f5W8u005iIpjZWSjKdJVBxdbEWal7iEX812e7FWmyzfbOLoN9ZnQgYaaQ
w07mJS9aii+oVHtNn6KKKXlSGReyi4LZwy1i8/NQFz5IS1gmz/hkuardhypn
kOYM9Owlpv2ucrpKOqKZxu+xt5jUSaVEcnYHApNXBp0btzylIbtoFixvd9nc
ddrvVHUUT9lBQjW9UQmQZnPdiu0QbUfnUduu7onhqapqpuTFTEGJmCiVZ60k
cI+c32ODuJQhGPFPsrlrzO5AESV4xZLMnEl0oVlyUpGTsy7MYejHJ5MPaQdJ
8JE2keTzRDpKnhusEhqIW+kiqYqNm1QXdJfuiFgpyeTANsNSqi+BGQWOaBuq
9GmPcZOULdAjBnFwI7ZyqrBg045aq6d0r5UU7pLpEemDi2CiM1zaelOld9mQ
OfZbhcxSxUxx5jE9QBK0VNN11b+UPdZ8lif7tG1zp8XnpXUbAwoha3yk6WKh
WbpNL5ynKtQy9jYv2KbG2LzDIpGEiTEVtWXpocTcp4wOB2mnE2tlMmFjkNKs
xmXuUMZ8p1D1tnKEoaVUUUraIBETJlUbutJthfNiW7ceVUWgkerXTapJqUgE
bNAkgQ96uW1KW1Oz8qjAV/Ty5exmWdCPoawnkSx0qthkoQWbcM6wruiqkFzs
6fZTIWM6CcudHLr9HcYpFFONi3ZrX5b5+HQuifKjqsgd1qGz2ULO5jAe8yql
Ai5s9e4LVAN57ipllnXGhDGvagiNH6rmsQ49/GbpgWQMqmA3y3DCTGeq+Ow+
l7HaUaXGKUswYYKrGVBT7coD5v8ntHNz+nYiBgED6o05o0sRZYeZ2RiyDk5c
EOz8HDG1TPoYE3l8Nqv0C90KUhVx5GZzHkaUCia9ZGwRoCJ6AeMpEkwMdHlg
zlzcIGk7G6mGqbYMDtteSSMvuv58lqiUNBCSXLdVLPKWMVIwtyFiQySHskYi
hrluba3bOjH4Ll4IMurMjALTXo7ZKAy6XMVAqiRU080VsE9IHOpWjQ5zs013
n+qqqnqkgECSSLdqzOmxLAi9lCt6VFrytNXO2iXCB7SCi0g3q8npiPaodVQ0
skomisdMkzMToW3FitmxWfInc762w9EuoLTQBXE+Y1UuBa5vnp21ewUTL1P2
HvTpsVepQQF9HSGL3G0GucKoFUy0WTSdqzR7laZC08BhtUUV6vJhV7Woddjr
3qxEzmSrIWu1pFlBzuZpbFeLXytV962SzNnfLwhaRZ0RlYeCMceArWgrOg2k
usdn+zImrCaqZIwO8yxr83lmyNhU7Sq22suU85DxI4kph6x/Z6eRLGpxG8kM
YS9HW7nBaTAGrOVX3VdiXwsLjxFJFTyaIa0j34rKyreNpAoBmA8cJLqiPGfR
OlhoyRxvs8TMYVpXRo+u6+vm80JobmNYOSQ65bdUPTBNkqGbImQ0IYt08x9J
sPG11EjZydBm+3SPLN1scyoXyoKIgPVlqgzKZ2pZROMo5wwp+1aJKzVo5ZCL
Wccy55ztlB2KM6fp2pqycw4EepxpPhmGrQ6xCfsYAOySI8SqpZxtCopQR8di
JtqpoJ7DXCmzPq5iraVXauCrQFhMx7XwTGYdKGcguFzG4OZcIBUQcxlklGI3
oor4IlL2eGQHKp9tiiXhjfEF89U8icoZUK5aGsIFu8uWvk4eK9l6pWQ7i9Sf
t6DzROcm+ex04XFR1S1N+hGxgCtglFxyJumWnMuvU21pK/oDK8aVlJdPwsps
uSbaETtyiIc5bSmlyhOeqHK2VAzPmD15AoZ3HeK/R5+DZGky6dSUcR4FmUed
zWNaUa6yxcjicpqfBdWqmBF8z29lsOesSgjJTwTZaL4p8rEp1jPmwaqCJps1
AmE7CiwvYQkZWWAyNsBYsFUmbP+CNmlIFUJigqw1Nn1WgXIvqzfCsHLZpps6
UbEtgkXOy6YTKUu5zYbSMbNNMiq9OT3/quhYpBU9BrGrveJSSUTV3czq9FTP
/4Q1O9TcklLnHxYMNoV0j/sK+ZkoZTobS/bZSFSyTaTZeEa+VKiyBQYHXWJm
STe+GVxwGa9xCZOA5kZM11yq2lcyxUtlS9q0oaK0FdJKKBzjQncHBatJiDAV
Fa2MPckBcI+8LmPtvNklVb3cATqzrdIjGaoO09nbJ43XZW5sHchLIzd6R1v6
dZnb28cvjzY2em/L497l9nrvePv1K//Nx9Hpp/XTw8vgS3TVe3M1qUbxl2f9
rdcLr9Xs7GxtX2186T1fP959s957f9T79OFw55V/udl7v/nm1atnm703r96/
e36Wf9n6uLOx9bTnvN7aOL5MX50mw+LdznHntX21/fL1wdGrQ+focGvr+uXR
1vXes53jV/bW5bOTfHfn46urnc0td+dox975uHX9Vj77ws9s+azDDz+ub+y8
qi83XnHVp1uXz5++/ri1t9O75Irrl5dPXj99cp2+27na/tI7Ubsd7Tz99Pyi
88F782X7ye7O4Yaz9dremry2T9Z3+vbVzseTL9tbu+vfeuVs51vvnJ08P/z4
/sv6yc66LbspNo9fvV1fP9p9e5R+fly/OuhchQfX6VH8Mny593L7Xf0hOupV
ssVnhztbTzd7b4+Nh5c8u9/hwwc7670q3lo/6m32Xj17vNPz1WqXW+uPL19t
yfWuf+y9XD8eHJ98Ol7/8Gpnq3f1avP4JLzq9F58Pn5dhJeXV0evvlT14cHn
7avtneHk85fH+ZvwXXRQZZd73uOPb0fXzsmVX21cva0+Dz6MXnnR5+3L1ycd
+2j/5cnTJ2+qjwP76eaXzx+Pn376+GEc7b47OLt+u+1Ul77dO7h+9epDfvQ4
fvvpQ+rvXwT1td0f1QP//aRzWJ6H47MzoNyb4f7l2a97E/vlh0+Rf5C9PHWf
bYx/9Z4fh/7b8/cfrz9dfLkKg8J58Xzv+Z798nV0GX456zy/OKmvP16cHJy8
efx05836q+frX84PBh9P+jthPYwP9wa/RpdX6/XR+Hk/+jh5eVU+P3v+7NWv
2ehZP936uN15fv02rj9/ST+/CJy3g8vn2yfXvw5ejV6+O77cPny9HW4eelH/
6PzLkyI6D6Ln5bMwuzy8+DC4fOOU6+/OJp0X59XG5XXP+/K53s/2xs/3qp2R
/e7t+s67eN0/Hm6/GT159cWOwuOTs+P9Ufn4ff75+NVG+ebi8cn++stnSeeZ
93jvRTV6827v19enF9nl5rP4efXrtbvbTzfTdDRJP/jvypO3n0+dJ5uXH9bj
67efwrfjZ+dF/GkUXD973/l0+bn39MNVOXGfVE+eXqe9jRefj7L+0170dvPw
fPjl7TDbGX25+LQVHHlvzj683UnsD+6Ru/smPf8QvOp96iSPH9vR8cmzj6/3
viR7O6Fz8PJivbfx4f3nJ+WXN79Wn/b3Nz5+fJv1P2X1my0fzGRQvU8GJ3X5
cmt38nLQee68r147p/nzvavP5WFdpBcvjvZ2P47L2nvXr/vvne3i5ML7FL84
PdjYdOo3k5de7yo+Kre3riO3l5x0Xn4+G/pp9Xgzq4r1PMmvL6+ePj/fBFeZ
PCn65fbr18PqaP3D4OP6563j4+EXZy/aenFSnpXxuvd839nv9J4fH0YHm8MP
8W7y5tnx/vXT4nGy/6L34qq2N/fPqqv1F0+ePXl8erLt7W2dl+dJ+Xg8GCT9
zM/D3bfVi477wnXevKp318+eHQ0PPr99eVq9r1+F++tfksi5CJ3idPvD8ePs
cGPzdTS8sl8kV0eHB2/WL989f7YzeZW87ETe8MKOy6Q3HId9f39351V5mfhn
wdXT4w/e8TM/vzqb9Ovi9fXWefrqyf7Hw18Pk73B81dXk6h8WpRl5/P2yWX8
buN0683by4NB0NuNXrx69/yJe3HYK57vTq52/Kf+wa+P62r48fD54eSlf+qv
HxevDh/bm4/93fJV58X7t73g09h5++V5Pbl8nW9vVMenT8peEL54dx0823Pz
px/fJZefquij827388Hxr2/PPz598+Xk6Vl2ffTru87rd97OfvI+8N89u3qz
bVdHX3Yvv/Qqv+dt/Ppx+9nJu3f768OXQbz/dtj78uzFqy/ua3/33dbb8YnX
PzsGMZX/b5lmtsMsk63nc67iS+fQ+2/AzJGiiHkwYObBZ8zzPLPV9x66e0tR
kiNjyrWqKGq963mtohBaM2zo0zybPwsTAgdv99D2dPYIMmopof6ea6IYHewR
nK2+WX5Bly79vvP6/JmGD/glmVfkHmXGSbhTEIi3f93m7yWVbzXkWStlX9aV
xNJJS7B6ciw+bTy1hxso5UxpVyYwWlJCmCl69HbySPdockfQ3XOLi2519OCv
UjEuqkUTtjUEx/QDUw+o5V/7qAk7edMxcG4STKYlMfLYFsU4C8nsMI8tj6Yx
bmWuMHryJ/Dp4FuiG2LjUDlqZ3OAn+Dw7LrmPQCXl6PijOA9CrbJ3YGonlcd
VtcvCV5sf5qWhBprqzjVVZM+ODkeF3/QRJhzKHSQwqOAvf7qP/iDxxGlEgWv
nnBY5lZEieHXvBjLqsCNO6LgE3nT9s7FHjFSpwej2sQc4iuHOfApKPNG36Te
St96etHg7NMvXr/xeg6GyX4n9xhFUNVrkeGY9UyqMz1CXfbpVr5rzUIFQoc6
iVn0Kb7R4Hs1Q//wrpo/ERoh38KrVFajMknI+bqjqfpWsB+fIRCsD8ylAln0
FHDDei9mnT1qUFwUzeLYzVFofF2RQ/LVQqvGZVKVXqKS9K/hnMliWkc8dpEn
4aLO4nRgJH52T8ZNXNRno0HupqnF5BVb1Zw2QgVb1ebfos26yqQgmT8qyVQV
RlCGzNB/V6IXQPmTGU3yC/xq5l/rIzY/5zUx55N6/yzvnplPzbVqREim+7OV
bat9bd3W2Ak2DzfVUADSj3hkcx6sYu7D0w0zPuVYUbyi9HVznCpW+cpmpwC1
bJDQwUU4DWW0sDksxir/hgQHIH0Id3xwOHF2zhu1lMYYTFUPPiZz0B8qXCSf
6+dW9e/+zO+XUluQKvaljoV3x6A/GJDPxZVIiHd+tXXnniGZjPcCa6nZgy1Y
gluRzYooBblxV4tCs6H/sJGtXg7lHEm+dgsgWEe+gh32G0EI88rPK8ASA9cj
WbBfHmJBv5DWKY4dOc/oEk/F8t1kla8PyeZG8hfWA7QKN568savooG4TXWSd
plrTffay/cpRrnVlM15eNoHr+iFebMmUY+7zVzDv+CJMXA2Mb25f5xf9uwM5
NlBLKCuKUehr7b2Gh/1LXeJcJRIYru9zgo7svSgGyDpXs2ANklEHkE1oxxxC
2b+eHN9MuNaDDZ0J6ouCPCKcpiMM21Q6PDf7DA8HZhnyvpGgHMku7TeOMeDe
QZpyYSSUQ07JwdQjd+pjIFU9r+QLasWePb665BjQXAr7jjCfbvs+G5UbIaFn
pHIA+pBP9Nx2/JKSpvup7A26mtcOufMZ6oLsuXf4u2KW9JDLW9B4y7sqTwhZ
0XgQbT6oCtS5A0FuEuM6zz27cq06dtYMY1JaFMF/7FvNQ1kiboqHZ2qyW3KC
C/PtQ4SCuCcl2QOASzQ9vI2zVu1Arnbz9WWvuKE+7RocRo7daFLhL7zy90Ni
Q4TDkV/eXiFJMwKCH1w7ANsWJFO/ULvtT+br0TMvmTPJpl96PA2NBUq1J14I
tBfUiSthXigkkfOlz61VOL1ctAJEbRzzTB/KoqRfjRuPDlwP0fC7Bo1Sn+x2
vKILd3U3xMW5lc6Tk4drIlImcLoUm30EKObUrf4jy8/bWtP79X1F+uaJupVb
B/+uqs8xJUX5a0BujD5l14GjDP0yZeo/vqOwIgSsLYsyHM9KOmVsyvX+nm2n
TDOtge/4dcj7RWea9I4+1G4ILOJ808R2dZkpXFJgWRsqgdflQyDJP9VJkucE
q84SCVrtMLJroPfZuC8ObKsPtYo/+kx+sV8LC7TJPmzuKiHgLAds77Esd26X
qP1Lsy9z2lCphVu//IVJ+94/8DP8nh6Mu0LJLitZYVaWPnigUSq1Hw0cwKsa
p0ZQkPuiBW8iptatq6BT04QZrj3C4RawSH7T2hQhLy0fNWXWvP0OR3zQ0LiW
LHByn0IvV49RWKmuUN4C+fYydteXmnegdoyoBaAw7a+N5j8vaHKM3y4Uq5vv
WDBNdbwDZ16HE5h/Lr5PNGOB+lCqcvEQM84ep8aCeujTnj8xNxPnzAJUv53Y
kx0lLZr3XdDwBYjRMnErAckLJq+EwtO7+FtiCkPcRt1vAt2ioP7Ib6OKjXBX
clXda7oGafM26R0hLgKYXgyCrC0voNhB0nnZJ377wqTNyAioU+Cep0183GUO
/BaC+0Lpj3Px4B1ACKZDRRkvgM96j496GFf/9G72DohEFqVt09OEtDSVQzhS
so9c4AJXOV6LhH22rZoPWnrU7HNhowk8PrJO1+/68J9Lai088pts3x/mgL7B
jhfqIQz1ypaiQ1uHPtQbDrrdMjbCLS4fbm9EIAERbq9zSakaK1zNAqXjK9L0
4E28BKwCVTIU/Upis6EbWXo/scaIlcXY7njyhvOLE0Atp0th094kkfG2J9uy
p4/RpjlLIyoFlB9/y155jN+8S4wpcr0KzOR4xN1P3X6Y4KqBVwcnyT5WZZlX
byyTr+7UZr+YPRKE11He6OqhFu/KvygxYiH8IIKfei93Rsj+s4T3ApRborTp
Y7kgYpnfimQFvQiazfX21hvpUv5rVzV4vg2543lbdgiSN/nHT8Zz/MrB21yA
4kb80rniYqOkE98qdMSXJNv9YMrDJyucr9143BRhXt05Qk9+bJpZ9eJBj1La
Cz3lgNOgRXRSlG4L1zOHxXaqOMv+wCccJPf94utiHXP9LjRmyMfS8c1VM54y
txgXiP1YnwAw+YtZMnvHWn4ZbVWHwRAxohQOw92bVD5TCiM3HJccnn/j0Dqw
EVVlaf5mfVFZ3wsCGEX7hdO8ZmJBJb9uHt3EEb2WqbbeGzXkYmIo0GtURCn9
veBpiSAKtZKYOIZME4oGxYHBJuwPadvcpB88B+andtotmGpjOxL3t4T8JrHN
3njQqX1pUTtoSP6GAuUaLrV6+4QAgIZ8wGEgHC2D8Z8oFzz6HOU8uKgJC+5s
BntSUbKAkxbOz1i2kG3ajO/b3N34tX+QHFDsTKdoSHNi+VgC9jtVfl6obbEi
3aXEeIu8iLX+XNLjF0F8CwwnFfgEefXOuI4/HYyAqk0d3sRcMAI/jog8OyjM
c9KVaHlvlqN1ZtyJ0Uji0YTzE91ccf1xLIojNXfbJB6zAqPDUGCJldCH77b3
jGqdJujPw8lYIvJk7Fuzz4HpNx4wZ/mheLJh+M5S4PD5wgKI2xrwfryM9qQ2
Wb9Xh2Kxz5mBED99afRdSWeMg0M+G0JKvaQaUwPHLdbSQRXxXbypO0vmH3AN
xlpKrokKBD4er7J7JyWkTEcj64OhdEHkypYqiFgMP7b6IrZMTXBB38PeSsdu
emdAoQcBsqOE+MW7/EcS8c306UeCQHAd5sxZaoSK6eZXKSUzVQ+fVako0R/b
K5UoW5kXCJA+1a816B3tkZsPujJTMICbnLmbnlhzz+NWNWVfRs1kBZ05+Afa
Fm3Rkj/7m7RbYgkcMXJNyfWaC8/OiLcYUlG2ezKppFezIV+So03+MO8xfuj8
gNmlM1bVTryRSItjQ24biNdnzUtNK6raMIXjK1TOULTQRMqZImPNmneTMKTv
OWP27kYiEqyiS5n8Hk0tfgDJAphD67FZ0fUtA+WkP+mLkOebCK7h4RNk75+y
nKnCpvEOaZOOn8UGMaxZMEpkNof6QqUADmb3XNxFuNdvVafHJpzxSCUL70Vh
XCBUFJ60J5JfNFSsbaAT28LBYb8RnBk979lugFXC5C36rU1fUCWEDZb+E2Sy
JRhaeZ0QAw68RCoy0ZpnD/3iT4shWk8Tls2t6M136gqsizaLybuInnodvjah
wHl/stfryHIxRF6N6aO/0FnRbV0nUbihxXu3QUqioPeibxI8gDYTz10aNtV4
IEEgpMw6JfSTBki5d5Gl41/yVbzFxidHTMBmgerBVFLSJnfpcUPS0QFQHrYb
5ytVNYkQyDyLY1V4GYdhucxJL3XGHGbh+BUeNYouqeGw7aBUcgi9m6eGIB74
pPNKILHMwi/ZaCebuI87F7Y0btzw3HkoXJfhHry9SxSXM6Vu5KcmZbMChSmL
OvCiBWLtM7FI8fPPWK0qy1j6+VO+K6G75MD9ztTngwkUEeHpiin3+GpsVSTI
eEYrGXWlilwBF+lArSBI0WbPrVSGILxDg7v9EB226mWRqen207cvfAKXUsq/
K8mJb4/68cKVWF/JBfKYfBPGerTxqxepbiB2JGhc+FpS4SqPhfVZub4I4dIL
S9LwEOscB0/ec7nZfJAVVgzIb6vtCdLFBvibMFsmRq+447Cdv1B4/D3uubI/
60p/Bp+bTY0iTvMroVP6rkomdvqAAYwJQqSdEv2oOuPFef1Cofy935z7Iyuf
eVWo06cwp0PyyKkNQbVjO+nNumVdR2dt+2zlX/lFSVQlHhqfjG+TB2kG5Wf1
++paZodaN31vmseqfVjI9dOMn7xWSVn1+YMFfY5nImB2nBjUg7sWiO9tBUSk
W8VJE3hvCC+W/HhPdcsjaIMqBIoZ1//+fDVUeFDRcj8T79kBbjcRmhdrVT/q
VcLsyDbLgByMRwdUSK32RyCVQmzDyf5dOm97L3N7AI3lEKOU2wyVBcBO3b3S
qPv9VB4OFKhzMg2Eg3MlMmc0sKhEmNpVTJdf7/BlwR8zFTy7ob2+3EK3KUEA
50Rsl87uS2kbfTpcAUb0ZRCNYn87Ubiw9n2DrrMVhdgfrcmb8zy5k9d/B4V9
yCiIAcvXVOexae26dL91QtGFegluLvO0LtbcBlrFMWL9mzbrma2dCrJZaGkn
Hnl2UZIUNAuAuIWBiBVp8dR9K1PeUYxZ+XLf+a+gBW/sKn5Fum89FH33OWX7
60hYVp3++R+s6FVlCmhBs7xPxvbcs3VP7iu15AMMbnt+GZSvb5uT+zvUkZNA
9yUfplgVqlhC9gOiYAmG2hzg83nNejkpHz7mkN9Tkx6iZRbw14QkRv5A9Ajj
oL87uEtk3dAb1YCOPq2r1LK9JqUNwNGfxXF1dimD2LkfHnszi7zXBKpZnKQz
Z2+xMdXHHPytz7f4uRcUhNCua8FM+8iv3xfojlerfniFTtBeGe2+0biBGz6h
CdlS71hBQviInk/1DOUG6xZ9lhqieFg4q7+6jKYmQG3v9pxCf+YpPTafapxi
w7e6L7lWyvobm5j/Ge0cx8sJUc8ZHaNjVW/3/DkzFMTKrgDw2us9PjC11tVI
RM3Bq4dF1lqbL+/2bSQyLEoMjVy+6HljAv708tTvPOoS5aQC37AB5JrKaoOV
OgwS+ZZy2kqBRFq5CPL1rnVLwfJw5g57+ZU7cup0GGd6yjfvVNd+mr68fOAD
vzeYEKArZ/h150TLUb4rpLAQ2MEHLLjGXH4SGmfVupF2MRqbn86RPbiOonTp
+VwAPRrSV5jGUYASL13CMaTuID7s4ZBzdfpl7OfRW28aHImAJ2KDFZwEWdDd
OqIkti7rBu5Kgd77Lhu40DpB20PhHCdB7wbBu5wL38k4MYTAWBugj4NavOja
B+mo6RyYOT7R5QU4ytCxODlIEuMtFiIXY0GNsVWBSPKQlX3wj/fX7qQ0bUL/
UuMX26fVeBE343T6z+YSoOW7EPt2pTJruJG0o/Syk08AxY2pHAq6IshZvlyB
CZlyJ/X3qtGSNBGDoj2i3YyohAIlnEiu3ps7aAsn9Irvl2URqzCzj5ZnUQti
4jwXcMe+vu51dpvjnWWJod0J4jmihasLaCl5XPSy5+2pS7++un0xWO3C1Wvy
/ehw/9XKMvqyXm2HJCzraTu+Oh37/d4n2wQY+wasR/ti+ccrLv0Bv2AQKBku
QpfXb9+sURvW5+g0VDNXMzx0jZxJRxWcCvSFS7/M1asaUGtvMAZH8LqbXmy7
KPGkkCR0GqLGrgCdq/34xhoxYLKoMnaujL4TRBxK4YQOt/msNWAuTVRVKq78
iGKFPJGYFsK7J+On/KyspLo2b+3WZRDX7+F4hsgW85yG7g5QeGnX6q6A+VnG
o+LPQvIxTmsDa29faH55ISlas8Wa8/UUIVPxoIg303VpZi5J9fj1Ye2mXKnZ
A5QOouM+AX9fVo6OBsFDFT3xN8lkQ5pGNn5QDmHi+O/DDT8wtBwbtT8LEm3j
+h43EPOBo4dcxpfx8UNRX/JNn/pb8gWz7CvpCj86O66Yp4WEktPiBoZp7zZf
PJucTcaonW3VGPgyCiNq5moPPq+3XSdjKFq3EluxX+G7noXb/rAutI8x6m4R
P/pLgB/TBpEPNfPn8dj/WebkovUJJlgyDbRrjmvjz+vdUMurFUIq3CeW6G63
v6UVnTZ85sA5m+bNa7nsbRlkCaC+xSRQWL1jVgltG3IP8SdAK4anSGGYs2Kk
Livx7Xe3419H0JfaDdUmcfC5wZbzwgtAv1qYPNNUTz/dFxG46k1W3TlSgxYg
OYI22aj322MWyyf/ER/eQ2mtvSYXb+vaFKsagfsSp133Dlty0fFksl29SpRN
jZipINOoaPrJW1D/sL5q8OR5n5j/Kw/xrB1uez8e0wP6GINtUuP16NvTYK+5
ovowiMOgS/21yvVtTjQBwgfJaOltRMt7Ze7dejg6My+p9xwFsNyx/LgalDR4
97bNRZMs2LAiqTH10OgbgqRENSpZSVRUhcv8KYTcTygbbGHx6GOAdeClMuf7
y8SM5gWf1iXf94tVtj1m40Qlu8rUVQwzbT/oUzHgJkqbG7oMPeLexz4aUPkE
OuUXS3JY2OK2NyvYq7mrt7DL2ze883wWRrkmVjgbVdLxGQZbT9wxlxFzI+Jl
0Fb5BvTPipjfHIWZ+LVIRiN8Atjg8IL8MqyUgNwBVgQDj74swkY9nTVV3xRV
8nN7XeKvCy1A2FbrqBpRk20ck8XQ68rH4QjpsYEztvnihe21juL1a4LF2/+m
0CSsQUq1N3Jgt21vQNmwh0HpiOSVrl2KWG4HdCX1j2Rkk6oX4BuNWBBsDHll
oiR8SLAypmvZt7Xl16AxIgC0Kt66Pp6WcW3Ewm10gFjLc4PlQj4kbot3ORm6
SHPn+1bfj0ssEpKOL5szsPQjVx7A06vVXRYoqwqVEkGp4fJ2SGP1widyUgeJ
uHI+Shj1vb+Ugvmy0uX9vhCX8LmVIovfAIPuSQfTr9Kq9/bMvN+ouyIQOMdl
tvTL2XOByfHCJkMUIaG059m0SO79xKrGmhl5/gFUXi4IjwMNdpFOGbF4OJuU
LuPocsUq2hGIY9wuo2runx5s0IDZGMEI79TtUS+rcNMDSFTE1dBrJqWfePOK
C/hD02dNS8Eng4rdrb/ej2Wr9kZXkXh1bAc7B1q0x8oikJZKJ4CvYyAx2+N2
voIFmj9MM8UyTF0Z+S2oAw1HQre0qkEQLO7vlDQqooLjpHTAAf5tD8oBNO19
d1h80IT5MQeVK1iX5+JWCzx9vTdbqeNAhG5wRcFmFaLbmhiBUe3zmnDHo5Rr
A2D80cJMTmq8Bo1RoTApRGEDrzofTaNTOFCKuByL0rHk5E2wZC+lsc6qqYi9
cWCz8IAkP77X8AkWSyK28OgNFW9gqjQMGiKLFjFEmlc+2vBMPsOTkJvTfgzx
n4iWvWQmqewAhpq2GOmACpjsZE02cBLnsc6l7EZk9vnr4nf9bVUJi/xEO5mm
UNkWen3yR2lC57KhFHCQH0RfpZjFGb2ss/01R9+CQa74zZuA8bqdm7Vxx7Hn
1qHQGGAsgvg1HcE16ZWTYgUQfBF4wMJb97SGGTtD06NmoxMKTfsPg62Pm+BE
blXUBjskYc4yaU3ZWospM3lPzn4sAG+NG62vseLj/sW23CxWr0PXFoPZ3XU8
pkF5xcKkTUgG0arapQ3ctkWKj1Nc+fNDs4CmaKXDnSwz4POrzvxkqRe5bOKK
HKqEQGXkPaTwi3RY6LuBEecPFvuhYNTBvHdZJCwDMDWV47NRZkoPq9bpsxTI
PQKdU9tQ9Wtx89dG4M7rFEjy5gZWSHrlOj7wscpi/BZyHxgVEGnKoE5WbpMn
QVoUriYt+93lIHmQC0SDBZ2uMHXy0CMyq5xAMGMqSFkIB3KLfg9Ew3R0deCp
2n0PJMxRrzSx+rkMiE/RUAl9jSguuGc5gWeFcS0GV/L0DnBjFN0It94K8MHu
Hb7JN6h8E+Lrdw1JLNooyNZMf5ZNu8X0Vb6QokBP3eVBg6ja+ernAUJzYva/
Kg/MxK/2aoW9Xzp15pwXP1bDhejgkOvDk98JE8L219cHGY3ExnGu/uOkAjF0
fk/d6dnGQAMPS2WmuQK58zSEUaeUv08Ty3VDwZp+4Hge5gdn7GypHQGnCBXT
9k7zHsh8UpYv2ABmjXahzDpysIpbbi37CIo5+VOuTFAuFpL0UR8Fpq5f9zpn
TkLvuVpSxY9Q6XwqNzkDws6STbilVBBqro9gtJ9Ll3rIGxyZUeIB1NPQ9y5z
oLoChlC6vP95uMHywMFV5nryTSADx5QOho2uREjLm8WUCyg1JbW4m9jgqupo
oRtFdS8H5wMmQeWnkOI3lkMSEpnQoEwg8Gj7eVT20Ic92mtSaF+EXHWcwEcN
nczomz0xIqFoHYoGW6K63MQL8CKfQqeHBHvggHIbtQF/llZpzM/pP+WwPQ8u
4LI8aXfwsVFNGFgCwpyfm6R9Zoo8RPuZdaElXExnMAokTBE3OIgs9qFKhDe0
c41FP7DF6kDd6V/7YyRvopwOQppziLkKQhn02CMp/WqQ/dlUIKgZG64XNlmg
12j00dUhUSw00jcwItbgTENBMHfQkVBMw/6dWApjQOUQ6Z+wF5whrAB+CK2W
JqCzCl8cioq1Nxbag4eTSr0NtICyqI4yZj179Lj9ECEi8uVb7uvlfV3vXL8x
kGfzL/R0uHEQgZfe1VOIdLvP8LY7LQ+3htTVeoJeFbuB2supqZvT4nfPgiJp
uH76/gBMjktniP2EjbxttHApGQV/j1fDp28SfPekSPM8w93MCa3kdqSKnkLk
RgVj/QlMedg2QJJCGlaYTYbRVltfcF1SX9/AriVC4eb62I5esLHdH/3CGzeJ
A/pC5MhZw0f/V1guvkBPeyA4PGnEFOfX3VaD9XSlsljrse/IgS8NlKjWmwnd
t2awBNOPZmJfk9Dg0fclrMQbSGS0rn0pqN3ljJFWrlX2Rbv187jQ5LwYr5Hk
F3ScCQUWnpWZJoK/E+h5PRuu2wldV8BrwvFFMmEk+qkvbEIegAvKozwsSMl8
burKz+XqvJAYuriwsw0OSRwdbVfLy9Whr94DmtKntwttmvT7oUujdc0A9twR
NdOgD8s3AltgqxvZOS+hQXA1O7HfLwi/3yU6GjvyaOIR4eXj9b3f9uzXZbJ4
fXFl/ipqqlJFROg2JVRYcV4QUlDhkedqMa4uBlG4/fszigkCQvn72TnkI5rs
DcZMVooiIh9O/ONcsZvWDw1lVebfIYsRSkqsUrCuHWZoN47elR05PjAkbdlC
c/edFv+nGrnQzhmWd3gQIDNjBBBpMBTGjBAoQZwwOR9qo4U24/A+pCVfNe0n
FyyO+bzN/n69tGSgILI3V0ySAp2ei0CDdnJq40o3FvAL7YcB7RFIwUen/iJN
S9cjA3Ilt/chcH8+ghk+vsVCDvE8XcKF+cx1b9sfm7hTtYbhri+MyvBXzDkh
WhXDJwY7iAGw+2yz2MJ6DD94HX7scvos1Mo8V3OrztIP9yEzLUzOgMb0Jau3
3dHqhGVj6NdD0ZyAG35C9jrxCIv3OuFgCasgqvq8ZR99o8QSvkuosQq4/ai/
6d9ndnmd+/9P7P7rWO9//0MnTT8cbZYWXdavC/Cf/6Pfujibs/R//i2P2iX7
2z8AQNuS8s+Q/1nL7M9DFFuybnP2J+rTP2t2rv9uqZY/6ZBs/4zy57mOoyVL
/wz9n//8z/9lCSyJwtA//vGvLs8N+S/u71W25n+1UTcuf6VVWz0Btu6vJJvX
Kq+SaM2Wf/zj73+cZ8A566KqT7P5TzJ02fInn4fuCfLf/p8gSbf8tYxl1SfL
X2O7/Vf3qG+WP+vwzG9Ynhlvz+e8/Me/p/7EHvon4HNx/dd8n8tq/nMMc/M0
/ceffJj/dFFT9cWfYfuv+1m0VNn89z9/Y4fx+mdL1B7Rtfzzd/+K9dxa/utH
/xqmzZbn+zw/ocb5Ge9vf/76P2sC/9+ztLOo/+Nsc//0/efYZdaO+db+e5X/
NefhjxbNTbP9pWxPr+rP9+9/7Ciaqz7r/9VjqdLsr+Rp6rP2T9I+Lf9azWro
l78D/xvkJAbG9FgBAA==
<!-- [rfced] Please review the "type" attribute of each sourcecode element
in the XML file to ensure correctness. If the current list of preferred
values for "type"
(https://www.rfc-editor.org/rpc/wiki/doku.php?id=sourcecode-types)
does not contain an applicable type, then feel free to let us know.
Also, it is acceptable to leave the "type" attribute not set.
In addition, review each artwork element. Specifically, should any artwork
element be tagged as sourcecode or another element?
-->
<!--[rfced] Abbreviations
a) FYI - We have added expansions for the following abbreviations
per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review each
expansion in the document carefully to ensure correctness.
certification authority (CA)
End Entity (EE)
extendable-output function (XOF)
Hardware Security Module (HSM)
Post-Quantum Cryptography (PQC)
subject alternative name (SAN)
b) Both the expansion and the acronym for the following terms are used
throughout the document. Would you like to update to using the expansion upon
first usage and the acronym for the rest of the document?
Object Identifier (OID)
-->
<!-- [rfced] Please review the "Inclusive Language" portion of the online
Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language>
and let us know if any changes are needed. Updates of this nature typically
result in more precise language, which is helpful for readers.
In addition, please consider whether "traditional" should be updated for clarity
.
While the NIST website
<https://web.archive.org/web/20250214092458/https://www.nist.gov/
nist-research-library/nist-technical-series-publications-author-instructions#tab
le1>
indicates that this term is potentially biased, it is also ambiguous.
Original:
Instead of defining the strength of a quantum algorithm in a
traditional manner using precise estimates ...
--> -->
</rfc> </rfc>
 End of changes. 92 change blocks. 
1213 lines changed or deleted 416 lines changed or added

This html diff was produced by rfcdiff 1.48.