<?xmlversion="1.0" encoding="us-ascii"?> <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> <!-- generated by https://github.com/cabo/kramdown-rfc2629 version 1.2.12 -->version='1.0' encoding='utf-8'?> <!DOCTYPE rfc SYSTEM"rfc2629.dtd" [ <!ENTITY RFC7554 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7554.xml"> <!ENTITY RFC8180 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8180.xml"> <!ENTITY RFC8613 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8613.xml"> <!ENTITY RFC7252 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7252.xml"> <!ENTITY RFC7049 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7049.xml"> <!ENTITY RFC8152 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8152.xml"> <!ENTITY RFC2119 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"> <!ENTITY RFC8174 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"> <!ENTITY RFC2597 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2597.xml"> <!ENTITY RFC3172 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3172.xml"> <!ENTITY RFC8126 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"> <!ENTITY I-D.ietf-core-stateless SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-core-stateless.xml"> <!ENTITY RFC8505 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8505.xml"> <!ENTITY I-D.ietf-6tisch-architecture SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6tisch-architecture.xml"> <!ENTITY RFC7320 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7320.xml"> <!ENTITY RFC8085 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8085.xml"> <!ENTITY RFC5869 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5869.xml"> <!ENTITY I-D.ietf-6tisch-msf SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6tisch-msf.xml"> <!ENTITY I-D.ietf-cbor-cddl SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-cbor-cddl.xml"> <!ENTITY I-D.ietf-cbor-sequence SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-cbor-sequence.xml"> <!ENTITY RFC8480 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8480.xml"> <!ENTITY RFC5785 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5785.xml"> <!ENTITY RFC7721 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7721.xml"> <!ENTITY RFC4944 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4944.xml"> <!ENTITY RFC6550 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6550.xml"> <!ENTITY RFC4231 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4231.xml"> <!ENTITY RFC8415 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8415.xml"> <!ENTITY I-D.ietf-anima-grasp SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-anima-grasp.xml"> <!ENTITY RFC6762 SYSTEM "https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6762.xml"> ]> <?rfc toc="yes"?> <?rfc sortrefs="yes"?> <?rfc symrefs="yes"?> <?rfc tocdepth="2"?>"rfc2629-xhtml.ent"> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-6tisch-minimal-security-15"category="std">number="9031" category="std" obsoletes="" updates="" submissionType="IETF" consensus="true" xml:lang="en" tocInclude="true" sortRefs="true" symRefs="true" tocDepth="2" version="3"> <!-- xml2rfc v2v3 conversion 2.46.0 --> <front><title>Constrained<title abbrev="CoJP for 6TiSCH">Constrained Join Protocol (CoJP) for 6TiSCH</title> <seriesInfo name="RFC" value="9031"/> <author initials="M."surname="Vucinic" fullname="Malisa Vucinic"surname="Vučinić" fullname="Mališa Vučinić" role="editor"> <organization>Inria</organization> <address> <postal> <street>2 Rue Simone Iff</street> <city>Paris</city> <code>75012</code> <country>France</country> </postal> <email>malisa.vucinic@inria.fr</email> </address> </author> <author initials="J." surname="Simon" fullname="Jonathan Simon"> <organization>Analog Devices</organization> <address> <postal> <street>32990 Alvarado-Niles Road, Suite 910</street> <city>UnionCity, CA</city>City</city> <region>CA</region> <code>94587</code><country>USA</country><country>United States of America</country> </postal> <email>jonathan.simon@analog.com</email> </address> </author> <author initials="K." surname="Pister" fullname="Kris Pister"> <organization>University of California Berkeley</organization> <address> <postal> <street>512 Cory Hall</street><city>Berkeley, CA</city><city>Berkeley</city> <region>CA</region> <code>94720</code><country>USA</country><country>United States of America</country> </postal> <email>pister@eecs.berkeley.edu</email> </address> </author> <author initials="M." surname="Richardson" fullname="Michael Richardson"> <organization>Sandelman Software Works</organization> <address> <postal> <street>470 Dawson Avenue</street><city>Ottawa, ON</city><city>Ottawa</city> <region>ON</region> <code>K1Z5V7</code> <country>Canada</country> </postal> <email>mcr+ietf@sandelman.ca</email> </address> </author> <dateyear="2019" month="December" day="10"/>year="2021" month="May"/> <area>Internet</area><workgroup>6TiSCH Working Group</workgroup> <keyword>Internet-Draft</keyword><workgroup>6TiSCH</workgroup> <keyword>bootstrapping</keyword> <keyword>onboarding</keyword> <keyword>oscore</keyword> <abstract> <t>This document describes the minimal framework required for a new device, called a "pledge", to securely join a 6TiSCH (IPv6 over theTSCHTime-Slotted Channel Hopping mode of IEEE802.15.4e)802.15.4) network. The framework requires that the pledge and the JRC(join registrar/coordinator,(Join Registrar/Coordinator, a central entity), share a symmetric key. How this key is provisioned is out of scope of this document. Through a single CoAP (Constrained Application Protocol) request-response exchange secured by OSCORE (Object Security for Constrained RESTful Environments), the pledge requests admission into thenetworknetwork, and the JRC configures it with link-layer keying material and other parameters. The JRC may at any time update the parameters through another request-response exchange secured by OSCORE. This specification defines the Constrained Join Protocol and its CBOR (Concise Binary Object Representation) data structures, and it describes how to configure the rest of the 6TiSCH communication stack for this join process to occur in a secure manner. Additional security mechanisms may be added on top of this minimal framework.</t> </abstract> </front> <middle><!-- ====================================================================== --><section anchor="introduction"title="Introduction">numbered="true" toc="default"> <name>Introduction</name> <t>This document defines a "secure join" solution for a new device, called a "pledge", to securely join a 6TiSCH network. The term "secure join" refers to network access authentication,authorizationauthorization, and parameterdistribution,distribution as defined in <xreftarget="I-D.ietf-6tisch-architecture"/>.target="RFC9030" format="default"/>. The Constrained Join Protocol (CoJP) defined in this document handles parameter distribution needed for a pledge to become a joined node. Mutual authentication during network access and implicit authorization are achieved through the use of a securechannel,channel as configuredbyaccording to this document. This document also specifies a configuration of different layers of the 6TiSCH protocol stack that reduces the Denial of Service (DoS) attack surface during the join process.</t> <t>This document presumes a 6TiSCH network as described by <xreftarget="RFC7554"/>target="RFC7554" format="default"/> and <xreftarget="RFC8180"/>.target="RFC8180" format="default"/>. By design, nodes in a 6TiSCH network <xreftarget="RFC7554"/>target="RFC7554" format="default"/> have their radio turned off most of thetime,time in order to conserve energy. As a consequence, the link used by a new device for joining the network has limited bandwidth <xreftarget="RFC8180"/>.target="RFC8180" format="default"/>. The secure join solution defined in this document therefore keeps the number of over-the-air exchanges to a minimum.</t> <t>Themicro-controllersmicrocontrollers at the heart of 6TiSCH nodes haveasmallamountamounts of code memory. It is therefore paramount to reuse existing protocols available as part of the 6TiSCH stack. At the application layer, the 6TiSCH stack already relies on CoAP <xreftarget="RFC7252"/>target="RFC7252" format="default"/> for webtransfer,transfer and on OSCORE <xreftarget="RFC8613"/>target="RFC8613" format="default"/> for its end-to-end security. The secure join solution defined in this document therefore reuses those two protocols as its building blocks.</t> <t>CoJP is a generic protocol that can be used as-is in all modes of IEEE Std 802.15.4 <xreftarget="IEEE802.15.4"/>,target="IEEE802.15.4" format="default"/>, including the Time-Slotted Channel Hopping (TSCH) mode on which 6TiSCH isbased on.based. CoJP mayas wellalso be used in other (low-power) networking technologies where efficiency in terms of communication overhead and code footprint is important. In such a case, it may be necessary to define through companion documents the configuration parameters specific to the technology inquestion, through companion documents.question. The overall process is described in <xreftarget="join-process-overview"/>target="join-process-overview" format="default"/>, and the configuration of the stack is specific to 6TiSCH.</t> <t>CoJP assumes the presence of a Join Registrar/Coordinator (JRC), a central entity. The configuration defined in this document assumes that the pledge and the JRC share a unique symmetric cryptographic key, called PSK (pre-shared key). The PSK is used to configure OSCORE to provide a secure channel to CoJP. How the PSK is installed is out of scope of this document: this may happen during the provisioning phase or by a key exchange protocol that may precede the execution of CoJP.</t> <t>When the pledge seeks admission to a 6TiSCH network, it first synchronizes toit,it by initiating the passive scan defined in <xreftarget="IEEE802.15.4"/>.target="IEEE802.15.4" format="default"/>. The pledge then exchanges CoJP messages with the JRC; for this end-to-end communication to happen, the messages are forwarded bynodesnodes, called Join Proxies, that are already part of the 6TiSCHnetwork, called Join Proxies.network. The messages exchanged allow the JRC and the pledge to mutuallyauthenticate,authenticate based on the properties provided by OSCORE. They also allow the JRC to configure the pledge with link-layer keying material, a shortidentifieridentifier, and other parameters. After this secure join process successfully completes, the joined node can interact with its neighbors to request additional bandwidth using the6top6TiSCH Operation Sublayer (6top) Protocol <xreftarget="RFC8480"/>target="RFC8480" format="default"/> and can start sending application traffic.</t><!-- ====================================================================== --></section> <section anchor="terminology"title="Terminology"> <t>Thenumbered="true" toc="default"> <name>Terminology</name> <t> The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shownhere.</t>here. </t> <t>The reader is expected to be familiar with the terms and concepts defined in <xreftarget="I-D.ietf-6tisch-architecture"/>,target="RFC9030" format="default"/>, <xreftarget="RFC7252"/>,target="RFC7252" format="default"/>, <xreftarget="RFC8613"/>,target="RFC8613" format="default"/>, and <xreftarget="RFC8152"/>.</t>target="RFC8152" format="default"/>.</t> <t>The specification also includes a set of informative specifications using the Concisedata definition languageData Definition Language (CDDL) <xreftarget="I-D.ietf-cbor-cddl"/>.</t>target="RFC8610" format="default"/>.</t> <t>The following terms defined in <xreftarget="I-D.ietf-6tisch-architecture"/>target="RFC9030" format="default"/> are used extensively throughout this document:</t><t><list style="symbols"> <t>pledge</t> <t>joined node</t> <t>join proxy (JP)</t> <t>join registrar/coordinator (JRC)</t> <t>enhanced beacon (EB)</t> <t>join protocol</t> <t>join process</t> </list></t><ul spacing="normal"> <li>pledge</li> <li>joined node</li> <li>Join Proxy (JP)</li> <li>Join Registrar/Coordinator (JRC)</li> <li>Enhanced Beacon (EB)</li> <li>join protocol</li> <li>join process</li> </ul> <t>The following terms defined in <xreftarget="RFC8505"/>target="RFC8505" format="default"/> are also used throughout this document:</t><t><list style="symbols"> <t>6LoWPAN<ul spacing="normal"> <li>6LoWPAN Border Router(6LBR)</t> <t>6LoWPAN(6LBR)</li> <li>6LoWPAN Node(6LN)</t> </list></t>(6LN)</li> </ul> <t>The term "6LBR" is used interchangeably with the term "DODAG root" defined in <xreftarget="RFC6550"/>,target="RFC6550" format="default"/> on the assumption that the two entities are co-located, as recommended by <xreftarget="I-D.ietf-6tisch-architecture"/>.</t>target="RFC9030" format="default"/>.</t> <t>The term "pledge", as used throughout the document, explicitly denotes non-6LBR devices attempting to join the network using their IEEE Std 802.15.4 network interface. The device that attempts to join as the 6LBR of the network and does so over another network interface is explicitly denoted as the "6LBR pledge". When the textequallyapplies equally to the pledge and the 6LBR pledge, the "(6LBR) pledge" form is used.</t> <t>In addition, we use generic terms "pledge identifier" and "network identifier". See <xreftarget="provisioning"/>.</t> <!-- ====================================================================== -->target="provisioning" format="default"/>.</t> </section> <section anchor="provisioning"title="Provisioning Phase">numbered="true" toc="default"> <name>Provisioning Phase</name> <t>The (6LBR) pledge is provisioned with certain parameters before attempting to join the network, and the same parameters are provisioned to the JRC. There are many ways by which this provisioning can be done. Physically, the parameters can be written into the (6LBR) pledgeusingwith a number of mechanisms, such as using a JTAG (Joint Test Action Group) interface, using a serial (craft) console interface, pushing buttons simultaneously on different devices, configuring over-the-airconfigurationin a Faraday cage, etc. The provisioning can be done by the vendor, the manufacturer, the integrator, etc.</t> <t>Details of how this provisioning is doneisare out of scope of this document. What is assumed is that there can be a secure, private conversation between the JRC and the (6LBR) pledge, and that the two devices can exchange the parameters.</t> <t>Parameters that are provisioned to the (6LBR) pledge include:</t><t><list style="symbols"> <t>pledge identifier. The<dl spacing="normal"> <dt>pledge identifier:</dt> <dd>The pledge identifier identifies the (6LBR) pledge. The pledge identifierMUST<bcp14>MUST</bcp14> be unique in the set of all pledge identifiers managed by a JRC. The pledge identifier uniqueness is an important security requirement, as discussed in <xreftarget="sec_considerations"/>.target="sec_considerations" format="default"/>. The pledge identifier is typically the globally unique 64-bit Extended Unique Identifier (EUI-64) of the IEEE Std 802.15.4 device, in which case it is provisioned by the hardware manufacturer. The pledge identifier is used to generate the IPv6 addresses of the (6LBR) pledge and to identify it during the execution of the join protocol. Depending on the configuration, the pledge identifier may also be used after the join process to identify the joined node. For privacy reasons (see <xreftarget="privacy_considerations"/>),target="privacy_considerations" format="default"/>), it is possible to use a pledge identifier different from the EUI-64. For example, a pledge identifier may be a random byte string, but care needs to be taken that such a string meets the uniquenessrequirement.</t> <t>Pre-Sharedrequirement.</dd> <dt>Pre-Shared Key(PSK). A(PSK):</dt> <dd>A symmetric cryptographic key shared between the (6LBR) pledge and the JRC. To look up the PSK for a given pledge, the JRC additionally needs to store the corresponding pledge identifier. Each (6LBR) pledgeMUST<bcp14>MUST</bcp14> be provisioned with a unique PSK. The PSKMUST<bcp14>MUST</bcp14> be a cryptographically strong key, with at least 128 bits of entropy, indistinguishable by feasible computation from a random uniform string of the same length. How the PSK is generated and/or provisioned is out of scope of this specification. This could be done during a provisioningstepstep, or companion documents can specify the use of akey agreementkey-agreement protocol. Common pitfalls when generating PSKs are discussed in <xreftarget="sec_considerations"/>.target="sec_considerations" format="default"/>. In the case of recommissioning a devicere-commissioningto a new owner, the PSKMUST<bcp14>MUST</bcp14> be changed. Note that the PSK is different from the link-layer keys K1 and K2 specified in <xreftarget="RFC8180"/>.target="RFC8180" format="default"/>. The PSK is a long-term secret used to protect the execution of the secure join protocol specified in thisdocument whose one output aredocument; the link-layerkeys.</t> <t>Optionally,keys are transported as part of the secure join protocol.</dd> <dt>Optionally, a networkidentifier. Theidentifier:</dt> <dd>The network identifier identifies the 6TiSCH network. The network identifierMUST<bcp14>MUST</bcp14> be carried within Enhanced Beacon (EB) frames. Typically, the 16-bit Personal Area Network Identifier (PAN ID) defined in <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> is used as the network identifier. However, PAN ID is not considered a stable network identifier as it may change during network lifetime if a collision with another network is detected. Companion documents can specify the use of a different network identifier for join purposes, but this is out of scope of this specification. Provisioning the network identifier to a pledge isRECOMMENDED.<bcp14>RECOMMENDED</bcp14>. However, due to operational constraints, the network identifier may not be known at the timewhen the provisioning is done. In caseof provisioning. If this parameter is not provisioned to the pledge, the pledgeattemptswill attempt to join one advertised network at a time, which significantly prolongs the join process. This parameterMUST<bcp14>MUST</bcp14> be provisioned to the 6LBRpledge.</t> <t>Optionally,pledge.</dd> <dt>Optionally, any non-defaultalgorithms. Thealgorithms:</dt> <dd>The default algorithms are specified in <xreftarget="mti_algos"/>.target="mti_algos" format="default"/>. When algorithm identifiers are not provisioned, the use of these default algorithms isimplied.</t> </list></t>implied.</dd> </dl> <t>Additionally, the 6LBR pledge that is not co-located with the JRC needs to be provisionedwith:</t> <t><list style="symbols"> <t>Globalwith the following:</t> <dl spacing="normal"> <dt>Global IPv6 address of theJRC. ThisJRC:</dt> <dd>This address is used by the 6LBR pledge to address the JRC during the join process. The 6LBR pledge may also obtain the IPv6 address of the JRC through other available mechanisms, such as DHCPv6 <xreftarget="RFC8415"/>, GRASPtarget="RFC8415" format="default"/>, Generic Autonomic Signaling Protocol (GRASP) <xreftarget="I-D.ietf-anima-grasp"/>, mDNStarget="RFC8990" format="default"/>, or Multicast DNS (mDNS) <xreftarget="RFC6762"/>,target="RFC6762" format="default"/>; the use ofwhichthese mechanisms is out of scope of this document. Pledges do not need to be provisioned with this address as they discover it dynamically throughCoJP.</t> </list></t> <!-- ====================================================================== -->CoJP.</dd> </dl> </section> <section anchor="join-process-overview"title="Joinnumbered="true" toc="default"> <name>Join ProcessOverview">Overview</name> <t>This section describes the steps taken by a pledge in a 6TiSCH network. When a pledge seeks admission to a 6TiSCH network, the following exchange occurs:</t><t><list style="numbers"> <t>The<ol spacing="normal" type="1"> <li>The pledge listens for an Enhanced Beacon (EB) frame <xreftarget="IEEE802.15.4"/>.target="IEEE802.15.4" format="default"/>. This frame provides network synchronization information,and tellstelling the device when it can send a frame to the node sending the beacons, which acts as a Join Proxy (JP) for the pledge, and when it can expect to receive a frame. TheEnhanced BeaconEB provides the link-layer address of theJPJP, and it may also provide its link-local IPv6address.</t> <t>Theaddress.</li> <li>The pledge configures its link-local IPv6 address and advertises it to the JP using Neighbor Discovery. The advertisement step may be omitted if the link-local address has been derived from a known unique interface identifier, such as an EUI-64address.</t> <t>Theaddress.</li> <li>The pledge sends a Join Request to the JP in order to securely identify itself to the network. The Join Request is forwarded to theJRC.</t> <t>InJRC.</li> <li>In the case of successful processing of the request, the pledge receives a Join Response from the JRC (via the JP). The Join Response contains configuration parameters necessary for the pledge to join thenetwork.</t> </list></t>network.</li> </ol> <t>From the pledge's perspective, joining is a local phenomenon–-- the pledge only interacts with the JP, and it needs not know how far it is from the6LBR,6LBR or how to route to the JRC. Only after establishing one or more link-layer keys does it need to know about the particulars of a 6TiSCH network.</t> <t>The join process is shown as a transaction diagram in <xreftarget="fig_overview_diagram"/>:</t>target="fig_overview_diagram" format="default"/>:</t> <figuretitle="Overviewanchor="fig_overview_diagram"> <name>Overview of a successful joinprocess." anchor="fig_overview_diagram"><artwork align="center"><![CDATA[process.</name> <artwork align="center" name="" type="" alt=""><![CDATA[ +--------+ +-------+ +--------+ | pledge | | JP | | JRC | | | | | | | +--------+ +-------+ +--------+ | | | |<---Enhanced Beacon (1)---| | | | | |<-Neighbor Discovery (2)->| | | | | |-----Join Request (3a)----|----Join Request (3a)---->| \ | | | | CoJP |<----Join Response (3b)---|----Join Response (3b)----| / | | |]]></artwork></figure>]]></artwork> </figure> <t>As for other nodes in the network, the 6LBR node may act as the JP. The 6LBR may in addition be co-located with the JRC.</t> <t>The details of each step are described in the following sections.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="step-eb"title="Stepnumbered="true" toc="default"> <name>Step 1 - EnhancedBeacon">Beacon</name> <t>The pledge synchronizes to the network by listening for, and receiving, anEnhanced Beacon (EB)EB sent by a node already in the network. This process is entirely defined by <xreftarget="IEEE802.15.4"/>,target="IEEE802.15.4" format="default"/> and described in <xreftarget="RFC7554"/>.</t>target="RFC7554" format="default"/>.</t> <t>Once the pledge hears an EB, it synchronizes to the joining schedule using the cells contained in the EB. The pledge can hear multiple EBs; the selection of which EB to use is out of the scope for thisdocument,document and is discussed in <xreftarget="RFC7554"/>.target="RFC7554" format="default"/>. Implementers should make use of information suchas: whatas the following: which network identifier the EB contains, the value of the Join Metric field within EBs, whether the source link-layer address of the EB has been tried before,whatat which signal strength the different EBs werereceived at,received, etc. In addition, the pledge may bepre-configuredpreconfigured to search for EBs with a specific network identifier.</t> <t>If the pledge is not provisioned with the network identifier, it attempts to join one network at a time, as described in <xreftarget="join_request"/>.</t>target="join_request" format="default"/>.</t> <t>Once the pledge selects the EB, it synchronizes to it and transitions into a low-power mode. It follows the schedule information contained in theEBEB, which indicates the slots that the pledge may use for the join process. During the remainder of the join process, the node that has sent the EB to the pledge acts as the JP.</t> <t>At this point, the pledge may either proceed to step2,2 or continue to listen for additional EBs.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> </section> <section anchor="step-nd" title="Step 2</section> <section anchor="step-nd" numbered="true" toc="default"> <name>Step 2 - NeighborDiscovery">Discovery</name> <t>The pledge forms its link-local IPv6 address based on the interfaceidentifier, asidentifier per <xreftarget="RFC4944"/>.target="RFC4944" format="default"/>. The pledgeMAY<bcp14>MAY</bcp14> perform the Neighbor Solicitation / Neighbor Advertisement exchange with theJP, asJP perSection 5.6 of<xreftarget="RFC8505"/>. As pertarget="RFC8505" section="5.6" sectionFormat="of" format="default"/>. Per <xreftarget="RFC8505"/>,target="RFC8505" format="default"/>, there is no need to perform duplicate address detection for the link-local address. The pledge and the JP use their link-local IPv6 addresses for all subsequent communication during the join process.</t> <t>Note that Neighbor Discovery exchanges at this point are not protected with link-layer security as the pledge is not in possession of the keys. How the JP accepts these unprotected frames is discussed in <xreftarget="llreq"/>.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->target="llreq" format="default"/>.</t> </section> <section anchor="step-cojp"title="Stepnumbered="true" toc="default"> <name>Step 3 - Constrained Join Protocol (CoJP)Execution">Execution</name> <t>The pledge triggers the join exchange of the Constrained Join Protocol (CoJP). The join exchange consists of two messages: the Join Request message(Step 3a),(<xref target="step-join-request">Step 3a</xref>) and the Join Responsemessagemessage, conditioned on the successful security processing of the request(Step 3b).</t>(<xref target="step-join-response">Step 3b</xref>).</t> <t>All CoJP messages are exchanged over a secure end-to-end channel that provides confidentiality, dataauthenticityauthenticity, and replay protection. Frames carrying CoJP messages are not protected with link-layer security when exchanged between the pledge and the JP as the pledge is not in possession of the link-layer keys in use. How the JP and pledge accept these unprotected frames is discussed in <xreftarget="llreq"/>.target="llreq" format="default"/>. When frames carrying CoJP messages are exchanged between nodes that have already joined the network, the link-layer security is applied according to the security configuration used in the network.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="step-join-request"title="Stepnumbered="true" toc="default"> <name>Step 3a - JoinRequest">Request</name> <t>The Join Request is a message sent from the pledge to the JP, and which the JP forwards to the JRC. The pledge indicates in the Join Request the role it requests to play in the network, as well as the identifier of the network it requests to join. The JP forwards the Join Request to the JRC on the existing links. How exactly this happens is out of scope of this document; some networks may wish to dedicate specificlink layerlink-layer resources for this join traffic.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> <section anchor="step-join-response"title="Stepnumbered="true" toc="default"> <name>Step 3b - JoinResponse">Response</name> <t>The Join Response is sent by the JRC to the pledge, and it is forwarded through the JP. The packet containing the Join Response travels from the JRC to the JP using the operating routes in the network. The JP delivers it to the pledge. The JP operates as an application-layer proxy, see <xreftarget="join_proxy"/>.</t>target="join_proxy" format="default"/>.</t> <t>The Join Response containsdifferentvarious parameters needed by the pledge to become a fully operational network node. These parameters include the link-layer key(s) currently in use in the network, the short address assigned to the pledge, the IPv6 address of the JRC needed by the pledge to operate as the JP, among others.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> </section> <section anchor="the-special-case-of-the-6lbr-pledge-joining"title="Thenumbered="true" toc="default"> <name>The Special Case of the 6LBR PledgeJoining">Joining</name> <t>The 6LBR pledge performs <xreftarget="step-cojp"/>target="step-cojp" format="default"/> of the join processdescribed above,justaslike any other pledge, albeit over a different network interface. There is no JP intermediating the communication between the 6LBR pledge and the JRC, as described in <xreftarget="netreq"/>.target="netreq" format="default"/>. The other steps of the described join process do not apply to the 6LBR pledge. How the 6LBR pledge obtains an IPv6 address and triggers the execution oftheCoJPprotocolis out of scope of this document.</t><!-- ====================================================================== --></section> </section> <section anchor="llreq"title="Link-layer Configuration">numbered="true" toc="default"> <name>Link-Layer Configuration</name> <t>In an operational 6TiSCH network, all frames use link-layer frame security <xreftarget="RFC8180"/>.target="RFC8180" format="default"/>. The IEEE Std 802.15.4 security attributes include frameauthenticity,authenticity and optionally frame confidentiality(i.e.(i.e., encryption).</t> <t>Any node sending EB framesMUST<bcp14>MUST</bcp14> be prepared to act as a JP for potential pledges.</t> <t>The pledge does not initiallydo anyperform an authenticity check of the EBframes, asframes because it does not possess the link-layer key(s) in use. The pledge is still able to parse the contents of the received EBs and synchronize to the network, as EBs are not encrypted <xreftarget="RFC8180"/>.</t>target="RFC8180" format="default"/>.</t> <t>When sending frames during the join process, the pledge sends unencrypted and unauthenticated frames at the link layer. In order for the join process to be possible, the JP must accept these unsecured frames for the duration of the join process. This behavior may be implemented by setting the "secExempt" attribute in the IEEE Std 802.15.4 security configuration tables. It is expected that the lower layer provides an interface to indicate to the upper layer that unsecured frames are being received from adevice, and that thedevice. The upper layer can use that information tomake a determinationdetermine that a join process is in place and that the unsecured frames should be processed. How the JP makes such a determination and interacts with the lower layer is out of scope of this specification. The JP can additionallymakeuseofinformation such as the value of the join rate parameter (<xreftarget="configuration_object"/>)target="configuration_object" format="default"/>) set by the JRC, physical button press, etc.</t> <t>When the pledge initially synchronizestowith the network, it has no means of verifying the authenticity of EB frames.AsBecause an attacker can craft a frame that looks like a legitimate EBframeframe, this opens up a DoS vector, as discussed in <xreftarget="sec_considerations"/>.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->target="sec_considerations" format="default"/>.</t> <section anchor="timedistribution"title="Distributionnumbered="true" toc="default"> <name>Distribution ofTime">Time</name> <t>Nodes in a 6TiSCH network keep a global notion of time known as theabsolute slot number.Absoluteslot numberSlot Number. The Absolute Slot Number is used in the construction of the link-layer nonce, as defined in <xreftarget="IEEE802.15.4"/>.target="IEEE802.15.4" format="default"/>. The pledge initially synchronizestowith the EB frame sent by theJP,JP and uses the value of theabsolute slot numberAbsolute Slot Number found in the TSCH Synchronization Information Element. At the time of the synchronization, the EB frame can neither be authenticated nor its freshness verified. During the join process, the pledge sends frames that are unprotected at the link-layer and protected end-to-end instead. The pledge does not obtain the time information as the output of the join process as this information is local to the network and may not be known at the JRC.</t> <t>This enables an attack on the pledge where the attacker replays to the pledge legitimate EB frames obtained from the network and acts as a man-in-the-middle between the pledge and the JP. The EB frames will make the pledge believe that the replayedabsolute slot numberAbsolute Slot Number value is the current notion of time in the network. By forwarding the join traffic to the legitimate JP, the attacker enables the pledge to join the network. Under different conditions relating to the reuse of the pledge's short address by the JRC or its attempt to rejoin the network, this may cause the pledge to reuse the link-layer nonce in the first frame it sends protected after the join process is completed.</t> <t>For this reason, all frames originated at the JP and destined to the pledge during the join processMUST<bcp14>MUST</bcp14> be authenticated at thelink-layerlink layer using the key that is normally in use in the network. Link-layer security processing at the pledge for these frames will fail as the pledge is not yet in possession of the key. The pledge acknowledges these frames without link-layer security, and JP accepts the unsecured acknowledgment due to the secExempt attribute set for the pledge. The frames should be passed to the upper layer for processing using the promiscuous mode of <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> or another appropriate mechanism. When theupper layerupper-layer processing on the pledge iscompletedcompleted, and the link-layer keys are configured, the upper layerMUST<bcp14>MUST</bcp14> trigger the security processing of the corresponding frame. Once the security processing of the frame carrying the Join Response message is successful, the currentabsolute slot numberAbsolute Slot Number kept locally at the pledgeSHALL<bcp14>SHALL</bcp14> be declared as valid.</t><!-- ====================================================================== --></section> </section> <section anchor="netreq"title="Network-layer Configuration">numbered="true" toc="default"> <name>Network-Layer Configuration</name> <t>The pledge and the JPSHOULD<bcp14>SHOULD</bcp14> keep a separate neighbor cache for untrusted entries and use it to store each other's information during the join process. Mixing neighbor entries belonging to pledges and nodes that are part of the network opens up the JP to a DoS attack, as the attacker may fill the JP's neighbor table and prevent the discovery of legitimate neighbors.</t> <t>Once the pledge obtains link-layer keys and becomes a joined node, it is able to securely communicate with its neighbors, obtain the network IPv6prefixprefix, and form its global IPv6 address. The joined node then undergoes an independent process to bootstrap its neighbor cache entries, possibly with a node that formerly acted as a JP, following <xreftarget="RFC8505"/>.target="RFC8505" format="default"/>. From the point of view of the JP, there is no relationship between the neighbor cache entry belonging to a pledge and the joined node that formerly acted as a pledge.</t> <t>The pledge does not communicate with the JRC at the network layer. This allows the pledge to join without knowing the IPv6 address of the JRC. Instead, the pledge communicates with the JP at the network layer using link-local addressing, and with the JRC at the application layer, as specified in <xreftarget="join_proxy"/>.</t>target="join_proxy" format="default"/>.</t> <t>The JP communicates with the JRC over global IPv6 addresses. The JP discovers the network IPv6 prefix and configures its global IPv6 address upon successful completion of the join process and the obtention of link-layer keys. The pledge learns the IPv6 address of the JRC from the Join Response, as specified in <xreftarget="join_response"/>;target="join_response" format="default"/>; it uses it once joined in order to operate as a JP.</t> <t>As a special case, the 6LBR pledge may have an additional network interface that it uses in order to obtain the configuration parameters from the JRC and to start advertising the 6TiSCH network. This additional interface needs to be configured with a global IPv6 address, by a mechanism that is out of scope of this document. The 6LBR pledge uses this interface to directly communicate with the JRC using global IPv6 addressing.</t> <t>The JRC can be co-located on the 6LBR. In this special case, the IPv6 address of the JRC can be omitted from the Join Response message for space optimization. The 6LBR thenMUST<bcp14>MUST</bcp14> set the DODAGID field in the RPLDIOsDODAG Information Objects (DIOs) <xreftarget="RFC6550"/>target="RFC6550" format="default"/> to its IPv6 address. The pledge learns the address of the JRC once joined and upon the reception of the first RPL DIO message, and uses it to operate as a JP.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="traffic_join_request"title="Identificationnumbered="true" toc="default"> <name>Identification of UnauthenticatedTraffic">Traffic</name> <t>The traffic that is proxied by theJoin Proxy (JP)JP comes from unauthenticated pledges, and there may be an arbitrary amount of it. In particular, an attacker may send fraudulent traffic in an attempt to overwhelm the network.</t> <t>When operating as part of a<xref target="RFC8180"/>6TiSCH minimal network <xref target="RFC8180" format="default"/> using distributed scheduling algorithms, the traffic from unauthenticated pledges may cause intermediate nodes to request additional bandwidth. An attacker could use this property to cause the network to overcommit bandwidth (and energy) to the join process.</t> <t>TheJoin ProxyJP is aware of what traffic originates from unauthenticated pledges, and so can avoid allocating additional bandwidth itself. TheJoin ProxyJP implements a data cap on outgoing join traffic by implementing the recommendation of 1 packet per 3 seconds inSection 3.1.3 of<xreftarget="RFC8085"/>.target="RFC8085" section="3.1.3" sectionFormat="of" format="default"/>. This can be achieved with the congestion control mechanism specified inSection 4.7 of<xreftarget="RFC7252"/>.target="RFC7252" section="4.7" sectionFormat="of" format="default"/>. This cap will not protect intermediate nodes as theycan notcannot tell join traffic from regular traffic. Despite the data cap implemented separately on eachJoin Proxy,JP, the aggregate join traffic from manyJoin ProxiesJPs may cause intermediate nodes to decide to allocate additional cells. It is undesirable to do so in response to the traffic originatedatfrom unauthenticated pledges. In order to permit the intermediate nodes to avoid this, the traffic needs to be tagged. <xreftarget="RFC2597"/>target="RFC2597" format="default"/> defines a set of per-hop behaviors that may be encoded into the Diffserv Code Points (DSCPs). Based on the DSCP, intermediate nodes can decide whether to act on a given packet.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="traffic-from-jp-to-jrc"title="Trafficnumbered="true" toc="default"> <name>Traffic from JP toJRC">JRC</name> <t>TheJoin Proxy SHOULDJP <bcp14>SHOULD</bcp14> set the DSCP of packets that it produces as part of the forwarding process to AF43 code point (SeeSection 6 of<xreftarget="RFC2597"/>).target="RFC2597" section="6" sectionFormat="of" format="default"/>). AJoin ProxyJP that does not require a specific DSCP value ontrafficforwarded traffic should set it to zero so that it is compressed out.</t> <t>A Scheduling Function (SF) running on 6TiSCH nodesSHOULD NOT<bcp14>SHOULD NOT</bcp14> allocate additional cells as a result of traffic with code point AF43. Companion SF documentsSHOULD<bcp14>SHOULD</bcp14> specify how this recommended behavior isachieved. One example is the 6TiSCH Minimal Scheduling Function <xref target="I-D.ietf-6tisch-msf"/>.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->achieved.</t> </section> <section anchor="traffic-from-jrc-to-jp"title="Trafficnumbered="true" toc="default"> <name>Traffic from JRC toJP">JP</name> <t>The JRCSHOULD<bcp14>SHOULD</bcp14> set the DSCP ofjoin responseJoin Response packets addressed to theJoin ProxyJP to the AF42 code point. AF42 has lower drop probability than AF43, giving this traffic priority in buffers over the traffic going towards the JRC.</t> <t>The 6LBR links are often the most congested within a DODAG, and from that pointdowndown, there is progressively less (or equal) congestion. If the 6LBR paces itself when sendingjoin response trafficJoin Response traffic, then it ought to never exceed the bandwidth allocated to the best effort traffic cells. If the 6LBR has the capacity (if it is notconstrained)constrained), then it should provide some buffers in order to satisfy the Assured Forwarding behavior.</t> <t>Companion SF documentsSHOULD<bcp14>SHOULD</bcp14> specify how traffic with code point AF42 is handled with respect to cell allocation.In caseIf the recommended behavior described in this section is not followed, the network may become prone to the attack discussed in <xreftarget="traffic_join_request"/>.</t> <!-- ====================================================================== -->target="traffic_join_request" format="default"/>.</t> </section> </section> </section> <section anchor="join_proxy"title="Application-level Configuration">numbered="true" toc="default"> <name>Application-Layer Configuration</name> <t>The CoJP join exchange in <xreftarget="fig_overview_diagram"/>target="fig_overview_diagram" format="default"/> is carried over CoAP <xreftarget="RFC7252"/>target="RFC7252" format="default"/> and the secure channel provided by OSCORE <xreftarget="RFC8613"/>.target="RFC8613" format="default"/>. The (6LBR) pledge acts as a CoAP client; the JRC acts as a CoAP server. The JP implements CoAP forward proxy functionality <xreftarget="RFC7252"/>.target="RFC7252" format="default"/>. Because the JP can also be a constrained device, it cannot implement a cache.</t> <t>The pledge designates a JP as a proxy by including the Proxy-Scheme option in the CoAP requests that it sends to the JP. The pledge also includes in the requests the Uri-Host option with its value set to the well-known JRC's alias, as specified in <xreftarget="join_request"/>.</t>target="join_request" format="default"/>.</t> <t>The JP resolves the alias to the IPv6 address of the JRC that it learned when it acted as apledge,pledge and joined the network. This allows the JP to reach the JRC at the network layer and forward the requests on behalf of the pledge.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="statelessness-of-the-jp"title="Statelessnessnumbered="true" toc="default"> <name>Statelessness of theJP">JP</name> <t>The CoAP proxy defined in <xreftarget="RFC7252"/>target="RFC7252" format="default"/> keeps per-client state information in order to forward the response towards the originator of the request. This state information includes at least the CoAP token, the IPv6 address of the client, and the UDP source port number. Since the JP can be a constrained device that acts as a CoAP proxy, memory limitations make it prone to aDenial-of-Service (DoS)DoS attack.</t> <t>This DoS vector on the JP can be mitigated by making the JP act as a stateless CoAP proxy, where "state" encompasses the information related to individual pledges. The JP can wrap the state it needs to keep for a given pledge throughout the network stack in a "state object" and include it as a CoAP token in the forwarded request to the JRC. The JP may use the CoAP token as defined in <xreftarget="RFC7252"/>,target="RFC7252" format="default"/>, if the size of the serialized state object permits, or use the extended CoAP token defined in <xreftarget="I-D.ietf-core-stateless"/>,target="RFC8974" format="default"/> to transport the state object. The JRC and any other potential proxy on theJP - JRCJP-JRC pathMUST<bcp14>MUST</bcp14> support extended token lengths, as defined in <xreftarget="I-D.ietf-core-stateless"/>.target="RFC8974" format="default"/>. Since the CoAP token is echoed back in the response, the JP is able to decode the state object and configure the state needed to forward the response to the pledge. The information that the JP needs to encode in the state object to operate in a fully stateless manner with respect to a given pledge is implementation specific.</t> <t>It isRECOMMENDED<bcp14>RECOMMENDED</bcp14> that the JP operates in a stateless manner and signals the per-pledge state within the CoAPtoken,token for every request that it forwards into the network on behalf of unauthenticated pledges. When the JP is operating in a stateless manner, the security considerations from <xreftarget="I-D.ietf-core-stateless"/> applytarget="RFC8974" format="default"/> apply, and the type of the CoAP message that the JP forwards on behalf of the pledgeMUST<bcp14>MUST</bcp14> be non-confirmable (NON), regardless of the message type received from the pledge. The use of a non-confirmable message by the JP alleviates the JP from keeping CoAP message exchange state. The retransmission burden is then entirely shifted to the pledge. A JP that operates in a stateless manner still needs to keep congestion control state with the JRC, see <xreftarget="sec_considerations"/>.target="sec_considerations" format="default"/>. Recommended values of CoAP settings for use during the join process, both by the pledge and the JP, are given in <xreftarget="parameters"/>.</t>target="parameters" format="default"/>.</t> <t>Note that in some networking stack implementations, a fully (per-pledge) stateless operation of the JP may be challenging from the implementation's point of view. In those cases, the JP may operate as astatefullstateful proxy that stores the per-pledge state until the response is received or timed out, but this comes at a price of a DoS vector.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> <section anchor="parameters"title="Recommended Settings">numbered="true" toc="default"> <name>Recommended Settings</name> <t>This section givesRECOMMENDED<bcp14>RECOMMENDED</bcp14> values of CoAP settings during the join process.</t><texttable title="Recommended CoAP settings."> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Default Value</ttcol> <c>ACK_TIMEOUT</c> <c>10 seconds</c> <c>ACK_RANDOM_FACTOR</c> <c>1.5</c> <c>MAX_RETRANSMIT</c> <c>4</c> <c>NSTART</c> <c>1</c> <c>DEFAULT_LEISURE</c> <c>5 seconds</c> <c>PROBING_RATE</c> <c>1 byte/second</c> </texttable><table align="center"> <name>Recommended CoAP settings.</name> <thead> <tr> <th>Name</th> <th>Default Value</th> </tr> </thead> <tbody> <tr> <td>ACK_TIMEOUT</td> <td>10 seconds</td> </tr> <tr> <td>ACK_RANDOM_FACTOR</td> <td>1.5</td> </tr> <tr> <td>MAX_RETRANSMIT</td> <td>4</td> </tr> <tr> <td>NSTART</td> <td>1</td> </tr> <tr> <td>DEFAULT_LEISURE</td> <td>5 seconds</td> </tr> <tr> <td>PROBING_RATE</td> <td>1 byte/second</td> </tr> </tbody> </table> <t>These values may be configured to values specific to the deployment. The default values have been chosen to accommodate a wide range of deployments, taking into account dense networks.</t> <t>The PROBING_RATE value at the JP is controlled by the join rate parameter, see <xreftarget="configuration_object"/>.target="configuration_object" format="default"/>. Following <xreftarget="RFC7252"/>,target="RFC7252" format="default"/>, the average data rate in sending to the JRC must not exceed PROBING_RATE. For security reasons, the average data rateSHOULD<bcp14>SHOULD</bcp14> be measured over a rather short window,e.g.e.g., ACK_TIMEOUT, see <xreftarget="sec_considerations"/>.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->target="sec_considerations" format="default"/>.</t> </section> <section anchor="oscore_sec_context"title="OSCORE">numbered="true" toc="default"> <name>OSCORE</name> <t>Before the (6LBR) pledge and the JRC start exchanging CoAP messages protected with OSCORE, they need to derive the OSCORE security context from the provisioned parameters, as discussed in <xreftarget="provisioning"/>.</t>target="provisioning" format="default"/>.</t> <t>The OSCORE security contextMUST<bcp14>MUST</bcp14> be derivedasperSection 3 of<xreftarget="RFC8613"/>.</t> <t><list style="symbols"> <t>thetarget="RFC8613" section="3" sectionFormat="of" format="default"/>.</t> <ul spacing="normal"> <li>The Master SecretMUST<bcp14>MUST</bcp14> be thePSK.</t> <t>thePSK.</li> <li>The Master SaltMUST<bcp14>MUST</bcp14> be the empty bytestring.</t> <t>thestring.</li> <li>The ID ContextMUST<bcp14>MUST</bcp14> be set to the pledgeidentifier.</t> <t>theidentifier.</li> <li>The ID of the pledgeMUST<bcp14>MUST</bcp14> be set to the empty byte string. This identifier is used as the OSCORE Sender ID of the pledge in the security context derivation, since the pledge initially acts as a CoAPclient.</t> <t>theclient.</li> <li>The ID of the JRCMUST<bcp14>MUST</bcp14> be set to the byte string 0x4a5243 ("JRC" in ASCII). This identifier is used as the OSCORE Recipient ID of the pledge in the security context derivation, as the JRC initially acts as a CoAPserver.</t> <t>theserver.</li> <li>The AlgorithmMUST<bcp14>MUST</bcp14> be set to the value from <xreftarget="RFC8152"/>,target="RFC8152" format="default"/>, agreed to out-of-band by the same mechanism used to provision the PSK. The default isAES-CCM-16-64-128.</t> <t>the Key Derivation Function MUSTAES-CCM-16-64-128.</li> <li>The key derivation function <bcp14>MUST</bcp14> be agreed out-of-band by the same mechanism used to provision the PSK. Default is HKDF SHA-256 <xreftarget="RFC5869"/>.</t> </list></t>target="RFC5869" format="default"/>.</li> </ul> <t>Since the pledge's OSCORE Sender ID is the empty byte string, when constructing the OSCORE option, the pledge sets thek bit'kid' flag in the OSCORE flagbyte,bits but indicates a 0-lengthkid.'kid'. The pledge transports its pledge identifier within thekid context'kid context' field of the OSCORE option. The derivation in <xreftarget="RFC8613"/>target="RFC8613" format="default"/> results in OSCORE keys and acommon IVCommon Initialization Vector (IV) for each side of the conversation. Nonces are constructed byXOR'ingXORing thecommonCommon IV with the current sequence number. For details on nonce and OSCORE option construction, refer to <xreftarget="RFC8613"/>.</t>target="RFC8613" format="default"/>.</t> <t>ImplementationsMUST<bcp14>MUST</bcp14> ensure that multiple CoAP requests, including to different JRCs, are properly incrementing the sequence numbers, so that the same sequence number is never reused in distinct requests protected under the same PSK. The pledge typically sends requests to different JRCs if it is not provisioned with the network identifier and attempts to join one network at a time. Failure to comply will break the security guarantees of the Authenticated Encryption with Associated Data (AEAD) algorithm because of nonce reuse.</t> <t>This OSCORE security context is used for the initial joining of the (6LBR) pledge, where the (6LBR) pledge acts as a CoAP client, as well as for any later parameter updates, where the JRC acts as a CoAP client and the joined node as a CoAP server, as discussed in <xreftarget="update"/>.target="update" format="default"/>. Note that when the (6LBR) pledge and the JRC change roles between CoAP client and CoAP server, the same OSCORE security context as initially derived remains inuseuse, and the derived parameters are unchanged, forexampleexample, Sender ID when sending and Recipient ID when receiving (seeSection 3.1 of<xreftarget="RFC8613"/>).target="RFC8613" section="3.1" sectionFormat="of" format="default"/>). A (6LBR) pledge is expected to have exactly one OSCORE security context with the JRC.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="persistency"title="Replaynumbered="true" toc="default"> <name>Replay Window andPersistency">Persistency</name> <t>Both the (6LBR) pledge and the JRCMUST<bcp14>MUST</bcp14> implement areplay protectionreplay-protection mechanism. The use of the default OSCOREreplay protectionreplay-protection mechanism specified inSection 3.2.2 of<xreftarget="RFC8613"/>target="RFC8613" section="3.2.2" sectionFormat="of" format="default"/> isRECOMMENDED.</t><bcp14>RECOMMENDED</bcp14>.</t> <t>ImplementationsMUST<bcp14>MUST</bcp14> ensure that mutable OSCORE context parameters (Sender Sequence Number, Replay Window) are stored in persistent memory. A technique detailed inAppendix B.1.1 of<xreftarget="RFC8613"/>target="RFC8613" section="B.1.1" sectionFormat="of" format="default"/> that prevents reuse of sequence numbersMUST<bcp14>MUST</bcp14> be implemented. Each update of the OSCORE Replay WindowMUST<bcp14>MUST</bcp14> be written to persistent memory.</t> <t>This is an important security requirement in order to guarantee nonce uniqueness and resistance to replay attacks across reboots and rejoins. Traffic between the (6LBR) pledge and the JRC is rare, making security outweigh the cost of writing to persistent memory.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> <section anchor="oscore_error_handling"title="OSCOREnumbered="true" toc="default"> <name>OSCORE ErrorHandling">Handling</name> <t>Errors raised by OSCORE during the join processMUST<bcp14>MUST</bcp14> be silently dropped, with no error response being signaled. The pledgeMUST<bcp14>MUST</bcp14> silently discard any response not protected with OSCORE, including error codes.</t> <t>Such errors may happen for a number of reasons, including failed lookup of an appropriate security context(e.g.(e.g., the pledge attempting to join a wrong network), failed decryption, positivereplay windowReplay Window lookup, formatting errors (possibly due to malicious alterations in transit). Silently dropping OSCORE messages prevents a DoS attack on the pledge where the attacker could send bogus error responses, forcing the pledge to attempt joining one network at a time, until all networks have been tried.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> <section anchor="mti_algos"title="Mandatory to Implement Algorithms">numbered="true" toc="default"> <name>Mandatory-to-Implement Algorithms</name> <t>Themandatory to implementmandatory-to-implement AEAD algorithm for use with OSCORE is AES-CCM-16-64-128 from <xreftarget="RFC8152"/>.target="RFC8152" format="default"/>. This is the algorithm used for securing IEEE Std 802.15.4 frames, and hardware acceleration for it is present in virtually all compliant radio chips. With this choice, CoAP messages are protected with an 8-byte CCM authentication tag, and the algorithm uses 13-byte long nonces.</t> <t>Themandatory to implementmandatory-to-implement hash algorithm is SHA-256 <xreftarget="RFC4231"/>.target="RFC4231" format="default"/>. Themandatory to implementmandatory-to-implement key derivation function is HKDF <xreftarget="RFC5869"/>,target="RFC5869" format="default"/>, instantiated with a SHA-256 hash. See <xreftarget="lightweight"/>target="lightweight" format="default"/> for implementation guidance when code footprint is important.</t><!-- ====================================================================== --></section> </section> </section> <section anchor="join_protocol"title="Constrainednumbered="true" toc="default"> <name>Constrained Join Protocol(CoJP)">(CoJP)</name> <t>The Constrained Join Protocol (CoJP) is a lightweight protocol over CoAP <xreftarget="RFC7252"/>target="RFC7252" format="default"/> and a secure channel provided by OSCORE <xreftarget="RFC8613"/>.target="RFC8613" format="default"/>. CoJP allows a (6LBR) pledge to request admission into a network managed by the JRC. It enables the JRC to configure the pledge with the necessary parameters. The JRC may update the parameters at any time, by reaching out to the joined node that formerly acted as a (6LBR) pledge. For example, network-wide rekeying can be implemented by updating the keying material on each node.</t> <t>CoJP relies on the security properties provided by OSCORE. This includes end-to-end confidentiality, data authenticity, replay protection, and a secure binding of responses to requests.</t> <figuretitle="Abstractanchor="fig-stack"> <name>Abstract layering ofCoJP." anchor="fig-stack"><artwork align="center"><![CDATA[CoJP.</name> <artwork align="center" name="" type="" alt=""><![CDATA[ +-----------------------------------+ | Constrained Join Protocol (CoJP) | +-----------------------------------+ +-----------------------------------+ \ | Requests / Responses | | |-----------------------------------| | | OSCORE | | CoAP |-----------------------------------| | | Messaging Layer | | +-----------------------------------+ / +-----------------------------------+ | UDP | +-----------------------------------+]]></artwork></figure>]]></artwork> </figure> <t>When a (6LBR) pledge requests admission to a given network, it undergoes the CoJP join exchange that consists of:</t><t><list style="symbols"> <t>the<ul spacing="normal"> <li>The Join Request message, sent by the (6LBR) pledge to the JRC, potentially proxied by the JP. The Join Request message and its mapping to CoAP is specified in <xreftarget="join_request"/>.</t> <t>thetarget="join_request" format="default"/>.</li> <li>The Join Response message, sent by the JRC to the (6LBR) pledge, if the JRC successfully processes the Join Request using OSCORE and it determines through a mechanism that is out of scope of this specification that the (6LBR) pledge is authorized to join the network. The Join Response message is potentially proxied by the JP. The Join Response message and its mapping to CoAP is specified in <xreftarget="join_response"/>.</t> </list></t>target="join_response" format="default"/>.</li> </ul> <t>When the JRC needs to update the parameters of a joined node that formerly acted as a (6LBR) pledge, it executes the CoJP parameter update exchange that consistsof:</t> <t><list style="symbols"> <t>theof the following:</t> <ul spacing="normal"> <li>The Parameter Update message, sent by the JRC to the joined node that formerly acted as a (6LBR) pledge. The Parameter Update message and its mapping to CoAP is specified in <xreftarget="parameter_update"/>.</t> </list></t>target="parameter_update" format="default"/>.</li> </ul> <t>The payload of CoJP messages is encoded with CBOR <xreftarget="RFC7049"/>.target="RFC8949" format="default"/>. The CBOR data structures that may appear as the payload of different CoJP messages are specified in <xreftarget="cbor_objects"/>.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->target="cbor_objects" format="default"/>.</t> <section anchor="join"title="Join Exchange">numbered="true" toc="default"> <name>Join Exchange</name> <t>This section specifies the messages exchanged when the (6LBR) pledge requests admission and configuration parameters from the JRC.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="join_request"title="Joinnumbered="true" toc="default"> <name>Join RequestMessage">Message</name> <t>The Join Request message that the (6LBR) pledge sendsSHALL<bcp14>SHALL</bcp14> be mapped to a CoAP request:</t><t><list style="symbols"> <t>The<ul spacing="normal"> <li>The request method isPOST.</t> <t>ThePOST.</li> <li>The type is Confirmable(CON).</t> <t>The(CON).</li> <li>The Proxy-Scheme option is set to"coap".</t> <t>The"coap".</li> <li>The Uri-Host option is set to "6tisch.arpa". This is an anycast type of identifier of the JRC that is resolved to its IPv6 address by the JP or the 6LBRpledge.</t> <t>Thepledge.</li> <li>The Uri-Path option is set to"j".</t> <t>The"j".</li> <li>The OSCORE optionSHALL<bcp14>SHALL</bcp14> be set according to <xreftarget="RFC8613"/>.target="RFC8613" format="default"/>. The OSCORE security context used is the one derived in <xreftarget="oscore_sec_context"/>.target="oscore_sec_context" format="default"/>. The OSCOREkid context'kid context' allows the JRC to retrieve the security context for a givenpledge.</t> <t>Thepledge.</li> <li>The payload is a Join_Request CBOR object, as defined in <xreftarget="join_request_object"/>.</t> </list></t>target="join_request_object" format="default"/>.</li> </ul> <t>Since the Join Request is a confirmable message, the transmission at (6LBR) pledge will be controlled by CoAP's retransmission mechanism. The JP, when operating in a stateless manner, forwards this Join Request as a non-confirmable (NON) CoAP message, as specified in <xreftarget="join_proxy"/>.target="join_proxy" format="default"/>. If the CoAP implementation at the (6LBR) pledge declares the message transmissionasa failure, the (6LBR) pledgeSHOULD<bcp14>SHOULD</bcp14> attempt to join a 6TiSCH network advertised with a different network identifier. See <xreftarget="parameters"/>target="parameters" format="default"/> for recommended values of CoAP settings to use during the join exchange.</t> <t>If all join attempts to advertised networks have failed, the (6LBR) pledgeSHOULD<bcp14>SHOULD</bcp14> signal the presence of an error condition, through some out-of-band mechanism.</t><t>BCP190<t>BCP 190 <xreftarget="RFC7320"/>target="RFC8820" format="default"/> provides guidelines on URI design and ownership. It recommends that whenever a third party wants to mandate aURLURI to web authority that itSHOULD<bcp14>SHOULD</bcp14> go under "/.well-known"(as per(per <xreftarget="RFC5785"/>).target="RFC8615" format="default"/>). In the case of CoJP, the Uri-Host option is always set to "6tisch.arpa", and based upon the recommendations inthe Introduction of<xreftarget="RFC7320"/>,target="RFC8820" section="1" sectionFormat="of" format="default"/>, it is asserted that this document is the owner of the CoJP service. As such, the concerns of <xreftarget="RFC7320"/>target="RFC8820" format="default"/> do not apply, and thus the Uri-Path is only"/j".</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->"j".</t> </section> <section anchor="join_response"title="Joinnumbered="true" toc="default"> <name>Join ResponseMessage">Message</name> <t>The Join Response message that the JRC sendsSHALL<bcp14>SHALL</bcp14> be mapped to a CoAP response:</t><t><list style="symbols"> <t>The response<ul spacing="normal"> <li>The Response Code is 2.04(Changed).</t> <t>The(Changed).</li> <li>The payload is a Configuration CBOR object, as defined in <xreftarget="configuration_object"/>.</t> </list></t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->target="configuration_object" format="default"/>.</li> </ul> </section> </section> <section anchor="update"title="Parameternumbered="true" toc="default"> <name>Parameter UpdateExchange">Exchange</name> <t>During the network lifetime, parameters returned as part of the Join Response may need to be updated. One typical example is the update of link-layer keying material for the network, a process known as rekeying. This section specifies a generic mechanism when this parameter update is initiated by the JRC.</t> <t>At the time of the join, the (6LBR) pledge acts as a CoAP client and requests the network parameters through a representation of the "/j"resource,resource exposed by the JRC. In order for the update of these parameters to happen, the JRC needs to asynchronously contact the joined node. The use of the CoAP Observe option for this purpose is not feasible due to the change in the IPv6 address when the pledge becomes the joined node and obtains a global address.</t> <t>Instead, once the (6LBR) pledge receives and successfully validates the Join Response and so becomes a joined node, it becomes a CoAP server. The joined node creates a CoAP service at the Uri-Host value of "6tisch.arpa", and the joined node exposes the "/j" resource that is used by the JRC to update the parameters. Consequently, the JRC operates as a CoAP client when updating the parameters. The request/response exchange between the JRC and the (6LBR) pledge happens over the already-established OSCORE secure channel.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="parameter_update"title="Parameternumbered="true" toc="default"> <name>Parameter UpdateMessage">Message</name> <t>The Parameter Update message that the JRC sends to the joined nodeSHALL<bcp14>SHALL</bcp14> be mapped to a CoAP request:</t><t><list style="symbols"> <t>The<ul spacing="normal"> <li>The request method isPOST.</t> <t>ThePOST.</li> <li>The type is Confirmable(CON).</t> <t>The(CON).</li> <li>The Uri-Host option is set to"6tisch.arpa".</t> <t>The"6tisch.arpa".</li> <li>The Uri-Path option is set to"j".</t> <t>The"j".</li> <li>The OSCORE optionSHALL<bcp14>SHALL</bcp14> be set according to <xreftarget="RFC8613"/>.target="RFC8613" format="default"/>. The OSCORE security context used is the one derived in <xreftarget="oscore_sec_context"/>.target="oscore_sec_context" format="default"/>. When a joined node receives a request with the Sender ID set to 0x4a5243 (ID of the JRC), it is able to correctly retrieve the security context with theJRC.</t> <t>TheJRC.</li> <li>The payload is a Configuration CBOR object, as defined in <xreftarget="configuration_object"/>.</t> </list></t>target="configuration_object" format="default"/>.</li> </ul> <t>The JRC has implicit knowledgeonof the global IPv6 address of the joined node, as it knows the pledge identifier that the joined node used when it acted as apledge,pledge and the IPv6 network prefix. The JRC uses this implicitly derived IPv6 address of the joined node to directly address CoAP messages to it.</t><t>In case<t>If the JRC does not receive a response to a Parameter Update message, it attempts multipleretransmissions,retransmissions as configured by the underlying CoAP retransmission mechanism triggered for confirmable messages. Finally, if the CoAP implementation declares the transmissionasa failure, the JRC may consider this as a hint that the joined node is no longer in the network. How the JRC decides when to stop attempting to contact a previously joined node is out of scope of thisspecificationspecification, but the security considerations on the reuse of assigned resources apply, as discussed in <xreftarget="sec_considerations"/>.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->target="sec_considerations" format="default"/>.</t> </section> </section> <section anchor="error-handling"title="Error Handling"> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->numbered="true" toc="default"> <name>Error Handling</name> <section anchor="cojp_error_handling"title="CoJPnumbered="true" toc="default"> <name>CoJP CBOR ObjectProcessing">Processing</name> <t>CoJP CBOR objects are transported within both CoAP requests and responses. This section describes handling the cases incasewhich certain CoJP CBOR object parameters are not supported by the implementation or their processing fails. See <xreftarget="oscore_error_handling"/>target="oscore_error_handling" format="default"/> for the handling of errors that may be raised by the underlying OSCORE implementation.</t> <t>When such a parameter is detected in a CoAP request (Join Request message, Parameter Update message), a Diagnostic Response messageMUST<bcp14>MUST</bcp14> be returned. A Diagnostic Response message maps to a CoAP response and is specified in <xreftarget="error_response_message"/>.</t>target="error_response_message" format="default"/>.</t> <t>When a parameter that cannot be acted upon is encountered while processing a CoJP object in a CoAP response (Join Response message), a (6LBR) pledgeSHOULD<bcp14>SHOULD</bcp14> reattempt to join. In this case, the (6LBR) pledgeSHOULD<bcp14>SHOULD</bcp14> include the Unsupported Configuration CBOR object within the Join Request object in the following Join Request message. The Unsupported Configuration CBOR object is self-contained and enables the (6LBR) pledge to signal any parameters that the implementation of the networking stack may not support. A (6LBR) pledgeMUST NOT<bcp14>MUST NOT</bcp14> attempt more than COJP_MAX_JOIN_ATTEMPTS number of attempts to join if the processing of the Join Response message fails each time. If the COJP_MAX_JOIN_ATTEMPTS number of attempts is reached without success, the (6LBR) pledgeSHOULD<bcp14>SHOULD</bcp14> signal the presence of an errorcondition,condition through some out-of-band mechanism.</t> <t>Note that COJP_MAX_JOIN_ATTEMPTS relates tothe application-level handling of the CoAP response and is different from CoAP's MAX_RETRANSMIT setting that drives the retransmission mechanism of the underlying CoAP message.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->the application-layer handling of the CoAP response and is different from CoAP's MAX_RETRANSMIT setting, which drives the retransmission mechanism of the underlying CoAP message.</t> </section> <section anchor="error_response_message"title="Diagnosticnumbered="true" toc="default"> <name>Diagnostic ResponseMessage">Message</name> <t>The Diagnostic Response message is returned for any CoJP request when the processing of the payload failed. The Diagnostic Response message is protected by OSCORE as any other CoJPprotocolmessage.</t> <t>The Diagnostic Response messageSHALL<bcp14>SHALL</bcp14> be mapped to a CoAP response:</t><t><list style="symbols"> <t>The response<ul spacing="normal"> <li>The Response Code is 4.00 (BadRequest).</t> <t>TheRequest).</li> <li>The payload is an Unsupported Configuration CBOR object, as defined in <xreftarget="unsupported_configuration_object"/>,target="unsupported_configuration_object" format="default"/>, containing more information about the parameter that triggered the sending of thismessage.</t> </list></t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->message.</li> </ul> </section> <section anchor="failure_handling"title="Failure Handling">numbered="true" toc="default"> <name>Failure Handling</name> <t>TheParameter Updateparameter update exchange may be triggered at any time during the network lifetime, which may span several years. During this period,it may occur thata joined node or the JRC may experience unexpected events such as reboots or complete failures.</t> <t>This document mandates that the mutable parameters in the security context are written to persistent memory (see <xreftarget="persistency"/>)target="persistency" format="default"/>) by both the JRC and pledges (joined nodes). As thejoined node (pledge)pledge (joined node) is typically a constrained device that handles the write operations to persistent memory in a predictable manner, the retrieval of mutablesecurity contextsecurity-context parameters is feasible across reboots such that there is no risk of AEAD nonce reuse due to reinitialized Sender Sequencenumbers,Numbers or of a replay attack due to the reinitializedreplay window.Replay Window. The JRC may be hosted on a generic machine where the write operation to persistent memory may lead to unpredictable delays due to caching.In case ofIf a reboot event occurs at the JRCoccurringbefore the cached data is written to persistent memory, the loss of mutablesecurity contextsecurity-context parameters islikelylikely, which consequently poses the risk of AEAD nonce reuse.</t> <t>In the event of a complete device failure, where the mutablesecurity contextsecurity-context parameters cannot be retrieved, it is expected that a failed joined nodeiswill be replaced with a new physical device, using a new pledge identifier and a PSK. When such a failure event occurs at the JRC, it is possible that the static information on provisioned pledges, like PSKs and pledge identifiers, can be retrieved through available backups. However, it is likely that the information about joined nodes, their assigned short identifiers and mutablesecurity context parameterssecurity-context parameters, is lost. If this is the case,during the process of JRC reinitialization,the network administratorMUST<bcp14>MUST</bcp14> forcethrough out-of-band meansall the networks managed by the failed JRC torejoin,rejoin throughe.g.out-of-band means during thereinitializationprocess of JRC reinitialization, e.g., reinitialize the 6LBR nodes and freshlygeneratedgenerate dynamic cryptographic keys and other parameters thathaveinfluenceonthe security properties of the network.</t> <t>In order to recover from such a failure event, the reinitialized JRC can trigger the renegotiation of the OSCORE security context through the procedure described inAppendix B.2 of<xreftarget="RFC8613"/>.target="RFC8613" section="B.2" sectionFormat="of" format="default"/>. Aware of the failure event, the reinitialized JRC responds to the firstjoin requestJoin Request of each pledge it is managing with a 4.01Unauthorized(Unauthorized) error and a random nonce. The pledge verifies the error response and then initiates the CoJP join exchange using a new OSCORE security context derived from an ID Context consisting of the concatenation of two nonces, one that it received from the JRC and the other that the pledge generates locally. After verifying thejoin requestJoin Request with the new ID Context and the derived OSCORE security context, the JRC should consequentlytake action in mappingmap the new ID Contextwithto the previously used pledge identifier. How the JRC handles this mapping is out of scope of this document.</t> <t>Thedescribeduse of the procedureisspecified inAppendix B.2 of<xreftarget="RFC8613"/> andtarget="RFC8613" section="B.2" sectionFormat="of" format="default"/> isRECOMMENDED<bcp14>RECOMMENDED</bcp14> in order to handle the failure events or any other event that may lead to the loss of mutablesecurity contextsecurity-context parameters. The length of nonces exchanged using this procedureMUST<bcp14>MUST</bcp14> be at least 8 bytes.</t> <t>The proceduredoes requirerequires both the pledge and the JRC to have good sources of randomness. While this is typically not an issue at the JRC side, the constrained device hosting the pledge may pose limitations in this regard. If the procedure outlined inAppendix B.2 of<xreftarget="RFC8613"/>target="RFC8613" section="B.2" sectionFormat="of" format="default"/> is not supported by the pledge, the network administratorMUST take action in reprovisioning<bcp14>MUST</bcp14> reprovision the concerned devices with freshly generatedparameters,parameters through out-of-band means.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> </section> <section anchor="cbor_objects"title="CoJP Objects">numbered="true" toc="default"> <name>CoJP Objects</name> <t>This section specifies the structure of CoJP CBOR objects that may be carried as the payload of CoJP messages. Some of these objects may be received both as part of the CoJP join exchange when the device operates as a (CoJP)pledge,pledge or as part of the parameter updateexchange,exchange when the device operates as a joined (6LBR) node.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="join_request_object"title="Joinnumbered="true" toc="default"> <name>Join RequestObject">Object</name> <t>The Join_Request structure is built on a CBOR map object.</t> <t>The set of parameters that can appear in a Join_Request object is summarized below. The labels can be found in the"CoJP"Constrained Join Protocol (CoJP) Parameters"registryregistry, <xreftarget="iana_cojp_registry"/>.</t> <t><list style="symbols"> <t>role: Thetarget="iana_cojp_registry" format="default"/>.</t> <dl spacing="normal"> <dt>role:</dt> <dd>The identifier of the role that the pledge requests to play in the network once it joins, encoded as an unsigned integer. Possible values are specified in <xreftarget="table_role_values"/>.target="table_role_values" format="default"/>. This parameterMAY<bcp14>MAY</bcp14> be included.In caseIf the parameter is omitted, the default value of 0,i.e.i.e., the role "6TiSCH Node",MUST<bcp14>MUST</bcp14> beassumed.</t> <t>network identifier: Theassumed.</dd> <dt>network identifier:</dt> <dd>The identifier of the network, as discussed in <xreftarget="provisioning"/>,target="provisioning" format="default"/>, encoded as a CBOR byte string. When present in the Join_Request, it hints to the JRCthewhich networkthatthe pledge is requesting to join, enabling the JRC to manage multiple networks. The pledge obtains the value of the network identifier from the received EB frames. This parameterMUST<bcp14>MUST</bcp14> be included in a Join_Request object regardless of the roleparameter value.</t> <t>unsupported configuration: Theparameter value.</dd> <dt>unsupported configuration:</dt> <dd>The identifier of the parameters that are not supported by the implementation, encoded as an Unsupported_Configuration object described in <xreftarget="unsupported_configuration_object"/>.target="unsupported_configuration_object" format="default"/>. This parameterMAY<bcp14>MAY</bcp14> be included. If a (6LBR) pledge previously attempted to join and received a valid Join Response message overOSCORE,OSCORE but failed to act on its payload (Configuration object), itSHOULD<bcp14>SHOULD</bcp14> include this parameter to facilitate the recovery anddebugging.</t> </list></t>debugging.</dd> </dl> <t><xreftarget="table_join_req_params"/>target="table_join_req_params" format="default"/> summarizes the parameters that may appear in a Join_Request object.</t><texttable title="Summary<table anchor="table_join_req_params" align="center"> <name>Summary of Join_Requestparameters." anchor="table_join_req_params"> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Label</ttcol> <ttcol align='right'>CBOR Type</ttcol> <c>role</c> <c>1</c> <c>unsigned integer</c> <c>network identifier</c> <c>5</c> <c>byte string</c> <c>unsupported configuration</c> <c>8</c> <c>array</c> </texttable>parameters.</name> <thead> <tr> <th>Name</th> <th>Label</th> <th>CBOR Type</th> </tr> </thead> <tbody> <tr> <td>role</td> <td>1</td> <td>unsigned integer</td> </tr> <tr> <td>network identifier</td> <td>5</td> <td>byte string</td> </tr> <tr> <td>unsupported configuration</td> <td>8</td> <td>array</td> </tr> </tbody> </table> <t>The CDDL fragment that represents the text above for the Join_Requestfollows.</t> <figure><artwork><![CDATA[follows:</t> <sourcecode type=""><![CDATA[ Join_Request = { ? 1 : uint, ; role 5 : bstr, ; network identifier ? 8 : Unsupported_Configuration ; unsupported configuration }]]></artwork></figure> <texttable title="Role values." anchor="table_role_values"> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Value</ttcol> <ttcol align='right'>Description</ttcol> <ttcol align='left'>Reference</ttcol> <c>6TiSCH Node</c> <c>0</c> <c>The]]></sourcecode> <table anchor="table_role_values" align="center"> <name>Role values.</name> <thead> <tr> <th>Name</th> <th>Value</th> <th>Description</th> <th>Reference</th> </tr> </thead> <tbody> <tr> <td>6TiSCH Node</td> <td>0</td> <td>The pledge requests to play the role of a regular 6TiSCH node,i.e.i.e., non-6LBRnode.</c> <c>[[this document]]</c> <c>6LBR</c> <c>1</c> <c>Thenode.</td> <td>RFC 9031</td> </tr> <tr> <td>6LBR</td> <td>1</td> <td>The pledge requests to play the role of 6LoWPAN Border Router(6LBR).</c> <c>[[this document]]</c> </texttable> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->(6LBR).</td> <td>RFC 9031</td> </tr> </tbody> </table> </section> <section anchor="configuration_object"title="Configuration Object">numbered="true" toc="default"> <name>Configuration Object</name> <t>The Configuration structure is built on a CBOR map object. The set of parameters that can appear in a Configuration object is summarized below. The labels can be found in"CoJP"Constrained Join Protocol (CoJP) Parameters"registryregistry, <xreftarget="iana_cojp_registry"/>.</t> <t><list style="symbols"> <t>link-layertarget="iana_cojp_registry" format="default"/>.</t> <dl spacing="normal"> <dt>link-layer keyset: Anset:</dt> <dd>An array encompassing a set of cryptographic keys and their identifiers that are currently in use in thenetwork,network or that are scheduled to be used in the future. The encoding of individual keys is described in <xreftarget="ll_keys"/>.target="ll_keys" format="default"/>. The link-layer key set parameterMAY<bcp14>MAY</bcp14> be included in a Configuration object. When present, the link-layer key set parameterMUST<bcp14>MUST</bcp14> contain at least one key. This parameter is also used to implement rekeying in the network.How the keys are installedThe installation anduseduse of keys differs for the 6LBR and other (regular) nodes, and this is explained in Sections <xreftarget="keychanging6lbr"/>target="keychanging6lbr" format="counter"/> and <xreftarget="keychanging6lr"/>.</t> <t>shorttarget="keychanging6lr" format="counter"/>.</dd> <dt>short identifier:a</dt> <dd>A compact identifier assigned to the pledge. The short identifier structure is described in <xreftarget="short_identifier"/>.target="short_identifier" format="default"/>. The short identifier parameterMAY<bcp14>MAY</bcp14> be included in a Configurationobject.</t> <t>JRC address: theobject.</dd> <dt>JRC address:</dt> <dd>The IPv6 address of the JRC, encoded as a byte string, with the length of 16 bytes. If the length of the byte string is different from 16, the parameterMUST<bcp14>MUST</bcp14> be discarded. If the JRC is not co-located with the 6LBR and has a different IPv6 address than the 6LBR, this parameterMUST<bcp14>MUST</bcp14> be included. In the special case where the JRC is co-located with the 6LBR and has the same IPv6 address as the 6LBR, this parameterMAY<bcp14>MAY</bcp14> be included. If the JRC address parameter is not present in the Configuration object, this indicates that the JRC has the same IPv6 address as the 6LBR. The joined node can then discover the IPv6 address of the JRC through network control traffic. See <xreftarget="netreq"/>.</t> <t>blacklist: Antarget="netreq" format="default"/>.</dd> <dt>blacklist:</dt> <dd>An array encompassing a list of pledge identifiers that are blacklisted by the JRC, with each pledge identifier encoded as a byte string. The blacklist parameterMAY<bcp14>MAY</bcp14> be included in a Configuration object. When present, the arrayMUST<bcp14>MUST</bcp14> contain zero or more byte strings encoding pledge identifiers. The joined nodeMUST<bcp14>MUST</bcp14> silently drop any link-layer frames originating from the pledge identifiers enclosed in the blacklist parameter. When this parameter is received, its valueMUST<bcp14>MUST</bcp14> overwrite any previously set values. This parameter allows the JRC to configure the node acting as a JP to filter out traffic from misconfigured or malicious pledges before their traffic is forwarded into the network. If the JRC decides to remove a given pledge identifier from a blacklist, it omits the pledge identifier in the blacklist parameter value it sends next. Since the blacklist parameter carries the pledge identifiers, privacy considerations apply. See <xreftarget="privacy_considerations"/>.</t> <t>join rate: Averagetarget="privacy_considerations" format="default"/>.</dd> <dt>join rate:</dt> <dd>The average data rate (in units of bytes/second) of join traffic forwarded into the network that should not be exceeded when a joined node operates as a JP, encoded as an unsigned integer. The join rate parameterMAY<bcp14>MAY</bcp14> be included in a Configuration object. This parameter allows the JRC to configure different nodes in the network to operate asJP,JP and to act in case of an attack by throttling the rate at which JP forwards unauthenticated traffic into the network. When this parameter is present in a Configuration object, the valueMUST<bcp14>MUST</bcp14> be used to set the PROBING_RATE of CoAP at the joined node for communication with the JRC.In caseIf this parameter is set to zero, a joined nodeMUST<bcp14>MUST</bcp14> silently drop any join traffic coming from unauthenticated pledges.In caseIf this parameter is omitted, the value of positive infinitySHOULD<bcp14>SHOULD</bcp14> be assumed.NodeA node operating as a JPMAY<bcp14>MAY</bcp14> use another mechanism that is out of scope of this specification to configure the PROBING_RATE of CoAP in the absence of a join rate parameter from the Configurationobject.</t> </list></t>object.</dd> </dl> <t><xreftarget="table_configuration_params"/>target="table_configuration_params" format="default"/> summarizes the parameters that may appear in a Configuration object.</t><texttable title="Summary<table anchor="table_configuration_params" align="center"> <name>Summary of Configurationparameters." anchor="table_configuration_params"> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Label</ttcol> <ttcol align='right'>CBOR Type</ttcol> <c>link-layer key set</c> <c>2</c> <c>array</c> <c>short identifier</c> <c>3</c> <c>array</c> <c>JRC address</c> <c>4</c> <c>byte string</c> <c>blacklist</c> <c>6</c> <c>array</c> <c>join rate</c> <c>7</c> <c>unsigned integer</c> </texttable>parameters.</name> <thead> <tr> <th>Name</th> <th>Label</th> <th>CBOR Type</th> </tr> </thead> <tbody> <tr> <td>link-layer key set</td> <td>2</td> <td>array</td> </tr> <tr> <td>short identifier</td> <td>3</td> <td>array</td> </tr> <tr> <td>JRC address</td> <td>4</td> <td>byte string</td> </tr> <tr> <td>blacklist</td> <td>6</td> <td>array</td> </tr> <tr> <td>join rate</td> <td>7</td> <td>unsigned integer</td> </tr> </tbody> </table> <t>The CDDL fragment that represents the text above for the Configuration follows.StructuresThe structures Link_Layer_Key and Short_Identifier are specified in Sections <xreftarget="ll_keys"/>target="ll_keys" format="counter"/> and <xreftarget="short_identifier"/>.</t> <figure><artwork><![CDATA[target="short_identifier" format="counter"/>, respectively.</t> <sourcecode type=""><![CDATA[ Configuration = { ? 2 : [ +Link_Layer_Key ], ; link-layer key set ? 3 : Short_Identifier, ; short identifier ? 4 : bstr, ; JRC address ? 6 : [ *bstr ], ; blacklist ? 7 : uint ; join rate }]]></artwork></figure> <texttable title="CoJP]]></sourcecode> <table anchor="table_cojp_parameters_labels" align="center"> <name>CoJP parameters maplabels." anchor="table_cojp_parameters_labels"> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Label</ttcol> <ttcol align='right'>CBOR type</ttcol> <ttcol align='left'>Description</ttcol> <ttcol align='left'>Reference</ttcol> <c>role</c> <c>1</c> <c>unsigned integer</c> <c>Identifieslabels.</name> <thead> <tr> <th>Name</th> <th>Label</th> <th>CBOR type</th> <th>Description</th> <th>Reference</th> </tr> </thead> <tbody> <tr> <td>role</td> <td>1</td> <td>unsigned integer</td> <td>Identifies the roleparameter</c> <c>[[this document]]</c> <c>link-layer key set</c> <c>2</c> <c>array</c> <c>Identifiesparameter</td> <td>RFC 9031</td> </tr> <tr> <td>link-layer key set</td> <td>2</td> <td>array</td> <td>Identifies the array carrying one or morelink-levellink-layer cryptographickeys</c> <c>[[this document]]</c> <c>short identifier</c> <c>3</c> <c>array</c> <c>Identifieskeys</td> <td>RFC 9031</td> </tr> <tr> <td>short identifier</td> <td>3</td> <td>array</td> <td>Identifies the assigned shortidentifier</c> <c>[[this document]]</c> <c>JRC address</c> <c>4</c> <c>byte string</c> <c>Identifiesidentifier</td> <td>RFC 9031</td> </tr> <tr> <td>JRC address</td> <td>4</td> <td>byte string</td> <td>Identifies the IPv6 address of theJRC</c> <c>[[this document]]</c> <c>network identifier</c> <c>5</c> <c>byte string</c> <c>IdentifiesJRC</td> <td>RFC 9031</td> </tr> <tr> <td>network identifier</td> <td>5</td> <td>byte string</td> <td>Identifies the network identifierparameter</c> <c>[[this document]]</c> <c>blacklist</c> <c>6</c> <c>array</c> <c>Identifiesparameter</td> <td>RFC 9031</td> </tr> <tr> <td>blacklist</td> <td>6</td> <td>array</td> <td>Identifies the blacklistparameter</c> <c>[[this document]]</c> <c>join rate</c> <c>7</c> <c>unsigned integer</c> <c>Identifierparameter</td> <td>RFC 9031</td> </tr> <tr> <td>join rate</td> <td>7</td> <td>unsigned integer</td> <td>Identifier the join rateparameter</c> <c>[[this document]]</c> <c>unsupported configuration</c> <c>8</c> <c>array</c> <c>Identifiesparameter</td> <td>RFC 9031</td> </tr> <tr> <td>unsupported configuration</td> <td>8</td> <td>array</td> <td>Identifies the unsupported configurationparameter</c> <c>[[this document]]</c> </texttable> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->parameter</td> <td>RFC 9031</td> </tr> </tbody> </table> </section> <section anchor="ll_keys"title="Link-Layer Key">numbered="true" toc="default"> <name>Link-Layer Key</name> <t>The Link_Layer_Key structure encompasses the parameters needed to configure the link-layer security module: the key identifier; the value of the cryptographic key; the link-layer algorithm identifier and the security level and the frame typesthatwith which it should be usedwith, bothfor both outgoing and incoming security operations; and any additional information that may be needed to configure the key.</t> <t>For encoding compactness, the Link_Layer_Key object is not enclosed in a top-level CBOR object. Rather, it is transported as a sequence of CBOR elements <xreftarget="I-D.ietf-cbor-sequence"/>,target="RFC8742" format="default"/>, some being optional.</t> <t>The set of parameters that can appear in a Link_Layer_Key object is summarized below, in order:</t><t><list style="symbols"> <t>key_id: The<dl spacing="normal"> <dt>key_id:</dt> <dd>The identifier of the key, encoded as a CBOR unsigned integer. This parameterMUST<bcp14>MUST</bcp14> be included. If the decoded CBOR unsigned integer value is larger than the maximum link-layer key identifier, the key is considered invalid.In caseIf the key is considered invalid, the keyMUST<bcp14>MUST</bcp14> bediscardeddiscarded, and the implementationMUST<bcp14>MUST</bcp14> signal the error as specified in <xreftarget="cojp_error_handling"/>.</t> <t>key_usage: Thetarget="cojp_error_handling" format="default"/>.</dd> <dt>key_usage:</dt> <dd>The identifier of the link-layer algorithm, securitylevellevel, and link-layer frame types that can be used with the key, encoded as an integer. This parameterMAY<bcp14>MAY</bcp14> be included. Possible values and the corresponding link-layer settings are specified in the IANA"CoJP"Constrained Join Protocol (CoJP) Key Usage" registry (<xreftarget="iana_cojp_key_usage_registry"/>). In casetarget="iana_cojp_key_usage_registry" format="default"/>). If the parameter is omitted, the default value of 0 (6TiSCH-K1K2-ENC-MIC32) from <xreftarget="table_key_usage_values"/> MUSTtarget="table_key_usage_values" format="default"/> <bcp14>MUST</bcp14> be assumed. This default value has been chosensuch thatbecause it results in byte savings in the most constrainedsettings butsettings; its selection does not imply a recommendation for its generalusage.</t> <t>key_value: Theusage.</dd> <dt>key_value:</dt> <dd>The value of the cryptographic key, encoded as a byte string. This parameterMUST<bcp14>MUST</bcp14> be included. If the length of the byte string is different than the corresponding key length for a given algorithm specified by the key_usage parameter, the keyMUST<bcp14>MUST</bcp14> bediscardeddiscarded, and the implementationMUST<bcp14>MUST</bcp14> signal the error as specified in <xreftarget="cojp_error_handling"/>.</t> <t>key_addinfo: Additionaltarget="cojp_error_handling" format="default"/>.</dd> <dt>key_addinfo:</dt> <dd>Additional information needed to configure the link-layer key, encoded as a byte string. This parameterMAY<bcp14>MAY</bcp14> be included. The processing of this parameter is dependent on the link-layer technology in use and a particular keyingmode.</t> </list></t>mode.</dd> </dl> <t>To be able to decode the keys that are present in the link-layer keyset,set and to identify individual parameters of a single Link_Layer_Key object, the CBOR decoder needs to differentiate between elements based on the CBOR type. For example, a uint that follows a byte string signals to the decoder that a new Link_Layer_Key object is being processed.</t> <t>The CDDL fragment for the Link_Layer_Key that represents the text abovefor the Link_Layer_Key follows.</t> <figure><artwork><![CDATA[follows:</t> <sourcecode type=""><![CDATA[ Link_Layer_Key = ( key_id : uint, ? key_usage : int, key_value : bstr, ? key_addinfo : bstr, )]]></artwork></figure> <texttable title="Key]]></sourcecode> <table anchor="table_key_usage_values" align="center"> <name>Key Usagevalues." anchor="table_key_usage_values"> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Value</ttcol> <ttcol align='right'>Algorithm</ttcol> <ttcol align='left'>Description</ttcol> <ttcol align='left'>Reference</ttcol> <c>6TiSCH-K1K2-ENC-MIC32</c> <c>0</c> <c>IEEE802154-AES-CCM-128</c> <c>Usevalues.</name> <thead> <tr> <th>Name</th> <th>Value</th> <th>Algorithm</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td>6TiSCH-K1K2-ENC-MIC32</td> <td>0</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-32 for EBs, ENC-MIC-32 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K1K2-ENC-MIC64</c> <c>1</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K1K2-ENC-MIC64</td> <td>1</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-64 for EBs, ENC-MIC-64 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K1K2-ENC-MIC128</c> <c>2</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K1K2-ENC-MIC128</td> <td>2</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-128 for EBs, ENC-MIC-128 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K1K2-MIC32</c> <c>3</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K1K2-MIC32</td> <td>3</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-32 for EBs, DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K1K2-MIC64</c> <c>4</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K1K2-MIC64</td> <td>4</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-64 for EBs, DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K1K2-MIC128</c> <c>5</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K1K2-MIC128</td> <td>5</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-128 for EBs, DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K1-MIC32</c> <c>6</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K1-MIC32</td> <td>6</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-32 forEBs.</c> <c>[[this document]]</c> <c>6TiSCH-K1-MIC64</c> <c>7</c> <c>IEEE802154-AES-CCM-128</c> <c>UseEBs.</td> </tr> <tr> <td>6TiSCH-K1-MIC64</td> <td>7</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-64 forEBs.</c> <c>[[this document]]</c> <c>6TiSCH-K1-MIC128</c> <c>8</c> <c>IEEE802154-AES-CCM-128</c> <c>UseEBs.</td> </tr> <tr> <td>6TiSCH-K1-MIC128</td> <td>8</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-128 forEBs.</c> <c>[[this document]]</c> <c>6TiSCH-K2-MIC32</c> <c>9</c> <c>IEEE802154-AES-CCM-128</c> <c>UseEBs.</td> </tr> <tr> <td>6TiSCH-K2-MIC32</td> <td>9</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-32 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K2-MIC64</c> <c>10</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K2-MIC64</td> <td>10</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-64 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K2-MIC128</c> <c>11</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K2-MIC128</td> <td>11</td> <td>IEEE802154-AES-CCM-128</td> <td>Use MIC-128 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K2-ENC-MIC32</c> <c>12</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K2-ENC-MIC32</td> <td>12</td> <td>IEEE802154-AES-CCM-128</td> <td>Use ENC-MIC-32 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K2-ENC-MIC64</c> <c>13</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K2-ENC-MIC64</td> <td>13</td> <td>IEEE802154-AES-CCM-128</td> <td>Use ENC-MIC-64 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> <c>6TiSCH-K2-ENC-MIC128</c> <c>14</c> <c>IEEE802154-AES-CCM-128</c> <c>UseACKNOWLEDGMENT.</td> </tr> <tr> <td>6TiSCH-K2-ENC-MIC128</td> <td>14</td> <td>IEEE802154-AES-CCM-128</td> <td>Use ENC-MIC-128 for DATA andACKNOWLEDGMENT.</c> <c>[[this document]]</c> </texttable> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->ACKNOWLEDGMENT.</td> </tr> </tbody> </table> <section anchor="keychanging6lbr"title="Rekeyingnumbered="true" toc="default"> <name>Rekeying of(6LoWPAN) Border Routers (6LBR)">6LBRs</name> <t>When the6LoWPAN Border Router (6LBR)6LBR receives the Configuration object containing a link-layer key set, itMUST<bcp14>MUST</bcp14> immediately install and start using the new keys for all outgoingtraffic,traffic and remove any old keys it has installed from the previous key set after a delay of COJP_REKEYING_GUARD_TIME has passed. This mechanism is used by the JRC to force the 6LBR to start sending traffic with the new key. The decision istakenmade by the JRC when it has determined that the new key has been made available to all (or some overwhelming majority) of nodes. Any node that the JRC has not yet reached at that point is eithernon-functionalnonfunctional or in extended sleep such that it will not be reached. To get the key update, such a nodeneedswill need to go through the join process anew.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> <section anchor="keychanging6lr"title="Rekeyingnumbered="true" toc="default"> <name>Rekeying ofregular (6LoWPAN) Nodes (6LN)">6LNs</name> <t>When a regular 6LNnodereceives the Configuration object with a link-layer key set, itMUST<bcp14>MUST</bcp14> install the new keys. The 6LN will use both the old and the new keys to decrypt and authenticate any incoming traffic that arrives based upon the key identifier in the packet. ItMUST<bcp14>MUST</bcp14> continue to use the old keys for all outgoing traffic until it has detected that the network has switched to the new key set.</t> <t>The detection of the network switch is based upon the receipt of traffic secured with the new keys. Upon the reception and the successful security processing of a link-layer frame secured with a key from the new key set, a 6LNnode MUST<bcp14>MUST</bcp14> then switch to sending all outgoing traffic using the keys from thenew set for all outgoing traffic.new set. The 6LNnode MUST<bcp14>MUST</bcp14> remove anyoldkeys ithashad installed from the previous key set aftera delay ofwaiting COJP_REKEYING_GUARD_TIMEhas passed aftersince itstartsstarted using the new keyset.</t>set. </t> <t>Sendingoftraffic with the new keys signals to other downstream nodes to switch to their new key,and the effect is that there iscausing a ripple of key updates around each 6LBR.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> <section anchor="use-in-ieee-std-802154"title="Usenumbered="true" toc="default"> <name>Use in IEEE Std802.15.4">802.15.4</name> <t>When Link_Layer_Key is used in the context of <xreftarget="IEEE802.15.4"/>,target="IEEE802.15.4" format="default"/>, the following considerations apply.</t> <t>Signaling of different keying modes of <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> is done based on the parameter values present in a Link_Layer_Key object. For instance, the value of the key_id parameter in combination with key_addinfo denotes which of the four Key ID modes of <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> is used and how.</t><t><list style="symbols"> <t>Key<dl spacing="normal"> <dt>Key ID Mode 0x00 (Implicit,pairwise):pairwise):</dt> <dd>The key_id parameterMUST<bcp14>MUST</bcp14> be set to 0. The key_addinfo parameterMUST<bcp14>MUST</bcp14> be present. The key_addinfo parameterMUST<bcp14>MUST</bcp14> be set to the link-layer address(es) of a single peer with whom the key should be used. Depending on the configuration of the network, key_addinfo may carry the peer's long link-layer address(i.e.(i.e., pledge identifier), short link-layer address, or their concatenation with the long address being encoded first. Which address type(s) is carried is determined from the length of the bytestring.</t> <t>Keystring.</dd> <dt>Key ID Mode 0x01 (KeyIndex):Index):</dt> <dd>The key_id parameterMUST<bcp14>MUST</bcp14> be set to a value differentthanfrom 0. The key_addinfo parameterMUST NOT<bcp14>MUST NOT</bcp14> bepresent.</t> <t>Keypresent.</dd> <dt>Key ID Mode 0x02 (4-byte Explicit KeySource):Source):</dt> <dd>The key_id parameterMUST<bcp14>MUST</bcp14> be set to a value differentthanfrom 0. The key_addinfo parameterMUST<bcp14>MUST</bcp14> be present. The key_addinfo parameterMUST<bcp14>MUST</bcp14> be set to a byte string, exactly 4 bytes long. The key_addinfo parameter carries the Key Source parameter used to configure <xreftarget="IEEE802.15.4"/>.</t> <t>Keytarget="IEEE802.15.4" format="default"/>.</dd> <dt>Key ID Mode 0x03 (8-byte Explicit KeySource):Source):</dt> <dd>The key_id parameterMUST<bcp14>MUST</bcp14> be set to a value differentthanfrom 0. The key_addinfo parameterMUST<bcp14>MUST</bcp14> be present. The key_addinfo parameterMUST<bcp14>MUST</bcp14> be set to a byte string, exactly 8 bytes long. The key_addinfo parameter carries the Key Source parameter used to configure <xreftarget="IEEE802.15.4"/>.</t> </list></t>target="IEEE802.15.4" format="default"/>.</dd> </dl> <t>In all cases, the key_usage parameter determines how a particular key should be usedinwith respect to incoming and outgoing security policies.</t> <t>For Key ID Modes 0x01-through 0x03,parameterthe key_id parameter sets the "secKeyIndex" parameter of <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> that is signaled in all outgoing frames secured with a given key. The maximum value that key_id can have is 254. The value of 255 is reserved in <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> and is therefore considered invalid.</t> <t>Key ID Mode 0x00 (Implicit, pairwise) enables the JRC to act as a trusted third party and assign pairwise keys between nodes in the network. How the JRC learns about the network topology is out of scope of this specification, but it could be done through6LBR - JRC signaling6LBR-JRC signaling, for example. Pairwise keys could also be derived through a key agreement protocol executed between the peers directly, where the authentication is based on the symmetric cryptographic material provided to both peers by the JRC. Such a protocol is out of scope of this specification.</t> <t>ImplementationsMUST<bcp14>MUST</bcp14> use different link-layer keys when using different authentication tag (MIC) lengths, as using the same key with different authentication tag lengths might be unsafe. For example, this prohibits the usage of the same key for both MIC-32 and MIC-64 levels. See Annex B.4.3 of <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> for more information.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --></section> </section> <section anchor="short_identifier"title="Short Identifier">numbered="true" toc="default"> <name>Short Identifier</name> <t>The Short_Identifier object represents an identifier assigned to the pledge. It is encoded as a CBOR arrayobject, containing,object and contains, in order:</t><t><list style="symbols"> <t>identifier: The<dl spacing="normal"> <dt>identifier:</dt> <dd>The short identifier assigned to the pledge, encoded as a byte string. This parameterMUST<bcp14>MUST</bcp14> be included. The identifierMUST<bcp14>MUST</bcp14> be unique in the set of all identifiers assigned in a network that is managed by a JRC.In caseIf the identifier is invalid, the decoderMUST<bcp14>MUST</bcp14> silently ignore the Short_Identifierobject.</t> <t>lease_time: Theobject.</dd> <dt>lease_time:</dt> <dd>The validity of the identifier in hours after the reception of the CBOR object, encoded as a CBOR unsigned integer. This parameterMAY<bcp14>MAY</bcp14> be included. The nodeMUST<bcp14>MUST</bcp14> stop using the assigned short identifier after the expiry of the lease_time interval. It is up to the JRC to renew the lease before the expiry of the previous interval. The JRC updates the lease by executing theParameter Updateparameter update exchange with the node and including the Short_Identifier in the Configuration object, as described in <xreftarget="update"/>. In casetarget="update" format="default"/>. If the lease expires, then the nodeSHOULD<bcp14>SHOULD</bcp14> initiate a new join exchange, as described in <xreftarget="join"/>. In casetarget="join" format="default"/>. If this parameter is omitted, then the value of positive infinityMUST<bcp14>MUST</bcp14> be assumed, meaning that the identifier is valid for as long as the node participates in thenetwork.</t> </list></t>network.</dd> </dl> <t>The CDDL fragment for the Short_Identifier that represents the text abovefor the Short_Identifier follows.</t> <figure><artwork><![CDATA[follows:</t> <sourcecode type=""><![CDATA[ Short_Identifier = [ identifier : bstr, ? lease_time : uint ]]]></artwork></figure> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->]]></sourcecode> <section anchor="use-in-ieee-std-802154-1"title="Usenumbered="true" toc="default"> <name>Use in IEEE Std802.15.4">802.15.4</name> <t>When the Short_Identifier is used in the context of <xreftarget="IEEE802.15.4"/>,target="IEEE802.15.4" format="default"/>, the following considerations apply.</t> <t>The identifierMUST<bcp14>MUST</bcp14> be used to set the short address of the IEEE Std 802.15.4 module. When operating in TSCH mode, the identifierMUST<bcp14>MUST</bcp14> be unique in the set of all identifiers assigned in multiple networks that share link-layer key(s). If the length of the byte string corresponding to the identifier parameter is differentthanfrom 2, the identifier is considered invalid. The values 0xfffe and 0xffff are reserved by <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/>, and their use is considered invalid.</t> <t>The security properties offered by the <xreftarget="IEEE802.15.4"/>target="IEEE802.15.4" format="default"/> link-layer in TSCH mode are conditioned on the uniqueness requirement of the short identifier(i.e.(i.e., short address). The short address is one of the inputs in the construction of the nonce, which is used to protect link-layer frames. If a misconfiguration occurs, and the same short address is assigned twice under the same link-layer key, the loss of security properties is imminent. For this reason, practices where the pledge generates the short identifier locally are not safe and are likely to result in the loss of link-layer security properties.</t> <t>The JRCMUST<bcp14>MUST</bcp14> ensure that at any given time there are never two of the same short identifiers being used under the same link-layer key. If the lease_time parameter of a given Short_Identifier object is set to positive infinity, care needs to be taken that the corresponding identifier is not assigned to another node until the JRC is certain that it is no longer in use, potentially through out-of-band signaling. If the lease_time parameter expires for any reason, the JRC should take into consideration potential ongoing transmissions by the joined node, which may be hanging in the queues, before assigning the same identifier to another node.</t> <t>Care needs to be taken on how the pledge (joined node) configures the expiration of the lease. Since units of the lease_time parameter are in hours after the reception of the CBOR object, the pledge needs to convert the received time to the correspondingabsolute slot numberAbsolute Slot Number in the network. The joined node (pledge)MUST<bcp14>MUST</bcp14> only use theabsolute slot number as the appropriate reference of time to determine whether the assigned short identifier is still valid.</t> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->Absolute Slot Number as the appropriate reference of time to determine whether the assigned short identifier is still valid.</t> </section> </section> <section anchor="unsupported_configuration_object"title="Unsupportednumbered="true" toc="default"> <name>Unsupported ConfigurationObject">Object</name> <t>The Unsupported_Configuration object is encoded as a CBOR array, containing at least one Unsupported_Parameter object. Each Unsupported_Parameter object is a sequence of CBOR elements without an enclosing top-level CBOR object for compactness. The set of parameters that appear in an Unsupported_Parameter object is summarized below, in order:</t><t><list style="symbols"> <t>code: Indicates<dl spacing="normal"> <dt>code:</dt> <dd>Indicates the capability of acting on the parameter signaled by parameter_label, encoded as an integer. This parameterMUST<bcp14>MUST</bcp14> be included. Possible values of this parameter are specified in the IANA"CoJP"Constrained Join Protocol (CoJP) Unsupported ConfigurationCode Registry"Codes" registry (<xreftarget="iana_cojp_unsupported_code_registry"/>).</t> <t>parameter_label: Indicatestarget="iana_cojp_unsupported_code_registry" format="default"/>).</dd> <dt>parameter_label:</dt> <dd>Indicates the parameter. This parameterMUST<bcp14>MUST</bcp14> be included. Possible values of this parameter are specified in the label column of the IANA"CoJP"Constrained Join Protocol (CoJP) Parameters"registryregistry" (<xreftarget="iana_cojp_registry"/>).</t> <t>parameter_addinfo: Additionaltarget="iana_cojp_registry" format="default"/>).</dd> <dt>parameter_addinfo:</dt> <dd>Additional information about the parameter that cannot be acted upon. This parameterMUST<bcp14>MUST</bcp14> be included.In caseIf the code is set to "Unsupported", parameter_addinfo gives additional information to the JRC. If the parameter indicated by parameter_label cannot be acted upon regardless of its value, parameter_addinfoMUST<bcp14>MUST</bcp14> be set to null, signaling to the JRC that itSHOULD NOT<bcp14>SHOULD NOT</bcp14> attempt to configure the parameter again. If the pledge can act on the parameter, but cannot configure the setting indicated by the parameter value, the pledge can hint this to the JRC. In this case, parameter_addinfoMUST<bcp14>MUST</bcp14> be set to the value of the parameter that cannot be acted upon following the normative parameter structure specified in this document. For example, it is possible to include the link-layer key set object, signaling that either a subsetof keys that cannot be acted upon,or the entire key set that wasreceived.received cannot be acted upon. In that case, the value oftheparameter_addinfo follows the link-layer key set structure defined in <xreftarget="configuration_object"/>. In casetarget="configuration_object" format="default"/>. If the code is set to "Malformed", parameter_addinfoMUST<bcp14>MUST</bcp14> be set to null, signaling to the JRC that itSHOULD NOT<bcp14>SHOULD NOT</bcp14> attempt to configure the parameteragain.</t> </list></t>again.</dd> </dl> <t>The CDDL fragmentthat represents the text abovefor the Unsupported_Configuration and Unsupported_Parameter objectsfollows.</t> <figure><artwork><![CDATA[that represents the text above follows:</t> <sourcecode type=""><![CDATA[ Unsupported_Configuration = [ + parameter : Unsupported_Parameter ] Unsupported_Parameter = ( code : int, parameter_label : int, parameter_addinfo : nil / any )]]></artwork></figure> <texttable title="Unsupported]]></sourcecode> <table anchor="table_unsupported_code_values" align="center"> <name>Unsupported Configuration codevalues." anchor="table_unsupported_code_values"> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Value</ttcol> <ttcol align='right'>Description</ttcol> <ttcol align='left'>Reference</ttcol> <c>Unsupported</c> <c>0</c> <c>Thevalues.</name> <thead> <tr> <th>Name</th> <th>Value</th> <th>Description</th> <th>Reference</th> </tr> </thead> <tbody> <tr> <td>Unsupported</td> <td>0</td> <td>The indicated setting is not supported by the networking stackimplementation.</c> <c>[[this document]]</c> <c>Malformed</c> <c>1</c> <c>Theimplementation.</td> <td>RFC 9031</td> </tr> <tr> <td>Malformed</td> <td>1</td> <td>The indicated parameter value ismalformed.</c> <c>[[this document]]</c> </texttable> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->malformed.</td> <td>RFC 9031</td> </tr> </tbody> </table> </section> </section> <section anchor="recommended-settings"title="Recommended Settings">numbered="true" toc="default"> <name>Recommended Settings</name> <t>This section givesRECOMMENDED<bcp14>RECOMMENDED</bcp14> values of CoJP settings.</t><texttable title="Recommended<table align="center"> <name>Recommended CoJPsettings."> <ttcol align='right'>Name</ttcol> <ttcol align='left'>Default Value</ttcol> <c>COJP_MAX_JOIN_ATTEMPTS</c> <c>4</c> <c>COJP_REKEYING_GUARD_TIME</c> <c>12 seconds</c> </texttable>settings.</name> <thead> <tr> <th>Name</th> <th>Default Value</th> </tr> </thead> <tbody> <tr> <td>COJP_MAX_JOIN_ATTEMPTS</td> <td>4</td> </tr> <tr> <td>COJP_REKEYING_GUARD_TIME</td> <td>12 seconds</td> </tr> </tbody> </table> <t>The COJP_REKEYING_GUARD_TIME valueSHOULD<bcp14>SHOULD</bcp14> take into account possible retransmissions at the link layer due to imperfect wireless links.</t><!-- ====================================================================== --></section> </section> <section anchor="sec_considerations"title="Security Considerations">numbered="true" toc="default"> <name>Security Considerations</name> <t>Since this document uses the pledge identifier to set the ID Context parameter of OSCORE, an important security requirement is that the pledge identifier is unique in the set of all pledge identifiers managed by a JRC. The uniqueness of the pledge identifier ensures unique (key, nonce) pairs for the AEAD algorithm used by OSCORE. It also allows the JRC to retrieve the correct securitycontext,context upon the reception of a Join Request message. The management of pledge identifiers is simplified if the globally unique EUI-64 is used, but this comes with privacy risks, as discussed in <xreftarget="privacy_considerations"/>.</t>target="privacy_considerations" format="default"/>.</t> <t>This document further mandates that the (6LBR) pledge and the JRC are provisioned with unique PSKs. While the process of provisioning PSKs to all pledges can result in a substantial operational overhead, it is vital to do so for the security properties of the network. The PSK is used to set the OSCORE Master Secret during security context derivation. This derivation process results in OSCORE keys that are important for mutual authentication of the (6LBR) pledge and the JRC. The resulting security context shared between the pledge (joined node) and the JRC is used for the purpose of joining and is long-lived in that it can be used throughout the lifetime of a joined node for parameter update exchanges. Should an attacker come to know the PSK, then a man-in-the-middle attack is possible.</t> <t>Note that while OSCORE provides replay protection, it does not provide an indication of freshness in the presence of an attacker that candrop/reorderdrop and/or reorder traffic. Since thejoin requestJoin Request contains no randomness, and the sequence number is predictable, the JRC could in principle anticipate ajoin requestJoin Request from a particular pledge and pre-calculate the response. In such a scenario, the JRC does not have to be alive at the timewhenthe request is received. This could be relevant in the case when the JRC was temporarily compromised and control was subsequently regained by the legitimate owner.</t> <t>It is of utmost importance to avoid unsafe practices when generating and provisioning PSKs. The use of a single PSK shared among a group of devices is a common pitfall that results in poor security. In this case, the compromise of a single device is likely to lead to a compromise of the entire batch, with the attacker having the ability to impersonate a legitimate device and join the network, generate bogusdatadata, and disturb the network operation. Additionally, some vendors use methods such as scrambling or hashingofdevice serial numbers or their EUI-64 identifiers to generate "unique" PSKs. Without any secret information involved, the effort that the attacker needs to invest into breaking these unsafe derivation methods is quite low, resulting in the possible impersonation of any device from the batch, without even needing to compromise a single device. The use of cryptographically secure random number generators to generate the PSK isRECOMMENDED,<bcp14>RECOMMENDED</bcp14>, see <xreftarget="NIST800-90A"/>target="NIST800-90A" format="default"/> for different mechanisms using deterministic methods.</t> <t>The JP forwards the unauthenticated join traffic into the network. A data cap on the JP prevents it from forwarding more traffic than the network can handle and enables throttling in case of an attack. Note that this traffic can only be directed at the JRC so that the JRC needs to be prepared to handle such unsanitized inputs. The data cap can be configured by the JRC by including a join rate parameter in the JoinResponseResponse, and it is implemented through the CoAP's PROBING_RATE setting. The use of a data cap at a JP forces attackers to use more than one JP if they wish to overwhelm the network. Marking the join traffic packets with anon-zerononzero DSCP allows the network to carry the traffic if it has capacity, but it encourages the network to drop the extra traffic rather than add bandwidth due to that traffic.</t> <t>The shared nature of the "minimal" cell used for the join traffic makes the network prone to a DoS attack by congesting the JP with bogus traffic. Such an attacker is limited by its maximum transmit power. The redundancy in the number of deployed JPs alleviates the issue and also gives the pledgeathe possibility to use the best available link for joining. How a network node decides to become a JP is out of scope of this specification.</t> <t>At the beginning of the join process, the pledge has no means of verifying the content in theEB,EB and has to accept it at "face value".In caseIf the pledge tries to join an attacker's network, the Join Response message will either fail the security check or time out. The pledge may implement a temporary blacklist in order to filter out undesired EBs and try to join using the next seemingly valid EB. This blacklist alleviates theissue,issue but is effectively limited by the node's available memory. Note that this temporary blacklist is different from the one communicated as part of the CoJP Configuration object as it helps the pledge fight a DoS attack. The bogus beacons prolong the join time of thepledge,pledge and so does the time spent in "minimal"<xref target="RFC8180"/>duty cyclemode.mode <xref target="RFC8180" format="default"/>. The blacklist communicated as part of the CoJP Configuration object helps the JP fight a DoS attack by a malicious pledge.</t> <t>During the network lifetime, the JRC may at any time initiate aParameter Updateparameter update exchange with a joined node. The Parameter Update message uses the same OSCORE security context as is used for the join exchange, except that theserver/clientserver and client roles are interchanged. As a consequence, each Parameter Update message carries the well-known OSCORE Sender ID of the JRC. A passive attacker may use the OSCORE Sender ID to identify the Parameter Update trafficin caseif the link-layer protection does not provide confidentiality. A countermeasure against suchtraffic analysisa traffic-analysis attack is to use encryption at thelink-layer.link layer. Note that the join traffic does not undergo link-layer protection at the first hop, as the pledge is not yet in possession of cryptographic keys. Similarly,enhanced beaconEB traffic in the network is not encrypted. This makes it easy for a passive attacker to identify these types of traffic.</t><!-- ====================================================================== --></section> <section anchor="privacy_considerations"title="Privacy Considerations">numbered="true" toc="default"> <name>Privacy Considerations</name> <t>The join solution specified in this document relies on the uniqueness of the pledge identifier in the set of all pledge identifiers managed by a JRC. This identifier is transferred in the clear as an OSCOREkid context.'kid context'. The use of the globally unique EUI-64 as pledge identifier simplifies the management but comes with certain privacy risks. The implications are thoroughly discussed in <xreftarget="RFC7721"/>target="RFC7721" format="default"/> and comprise correlation of activities over time, location tracking, addressscanningscanning, and device-specific vulnerability exploitation. Since the join process occurs rarely compared to the network lifetime, long-term threats that arise from using EUI-64 as the pledge identifier are minimal. However,the use of EUI-64after the join process completes, the use of EUI-64 in the form of alayer-2Layer 2 orlayer-3 address,Layer 3 address extends the aforementioned privacy threats to the long term.</t> <t>As an optional mitigation technique, the Join Response message may contain a short addresswhichthat is assigned by the JRC to the (6LBR) pledge. The assigned short addressSHOULD<bcp14>SHOULD</bcp14> be uncorrelated with the long-term pledge identifier. The short address is encrypted in the response. Once the join process completes, the new node may use the short addresses for all furtherlayer-2Layer 2 (andlayer-3)Layer 3) operations. This reduces the privacy threats as the shortlayer-2Layer 2 address (visible even when the network is encrypted) does not disclose the manufacturer, as is the case of EUI-64. However, an eavesdropper with access to the radio medium during the join process may be able to correlate the assigned short address with the extended address based on timing information with a non-negligible probability. This probability decreases with an increasing number of pledges joining concurrently.</t><!-- ====================================================================== --></section> <section anchor="iana-considerations"title="IANA Considerations"> <t>Note to RFC Editor: Please replace all occurrences of "[[this document]]" with the RFC number of this specification.</t>numbered="true" toc="default"> <name>IANA Considerations</name> <t>This document allocates a well-known name under the .arpa name space according to the rules given in <xreftarget="RFC3172"/>.target="RFC3172" format="default"/> and <xref target="RFC6761" format="default"/>. The name "6tisch.arpa" is requested. No subdomains are expected, and addition of any such subdomains requires the publication of an IETFstandards-trackStandards Track RFC. No A,AAAAAAAA, or PTR record is requested.</t><!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --><section anchor="iana_cojp_registry"title="CoJP Parameters Registry">numbered="true" toc="default"> <name>Constrained Join Protocol (CoJP) Parameters</name> <t>This section defines asub-registrysubregistry within the "IPv6overOver the TSCHmodeMode of IEEE802.15.4e (6TiSCH) parameters"802.15.4 (6TiSCH)" registry with the name "Constrained Join ProtocolParameters Registry".</t>(CoJP) Parameters".</t> <t>The columns of the registry are:</t><t>Name: This<dl> <dt>Name:</dt> <dd>This is a descriptive name that enables an easier reference to the item. It is not used in theencoding.</t> <t>Label:encoding. The name <bcp14>MUST</bcp14> be unique.</dd> <dt>Label:</dt> <dd>The value to be used to identify this parameter. The label is aninteger.</t> <t>CBOR type: Thisinteger. The label <bcp14>MUST</bcp14> be unique.</dd> <dt>CBOR Type:</dt> <dd>This field contains the CBOR type for thefield.</t> <t>Description: Thisfield.</dd> <dt>Description:</dt> <dd>This field contains a brief description for thefield.</t> <t>Reference: Thisfield. The description <bcp14>MUST</bcp14> be unique.</dd> <dt>Reference:</dt> <dd>This field contains a pointer to the public specification for the field, if oneexists.</t>exists.</dd> </dl> <t>This registryis to beis populated with the values in <xreftarget="table_cojp_parameters_labels"/>.</t>target="table_cojp_parameters_labels" format="default"/>.</t> <t>The amending formula for thissub-registrysubregistry is: Different ranges of values use different registration policies <xreftarget="RFC8126"/>.target="RFC8126" format="default"/>. Integer values from -256 to 255 are designated as Standards Action. Integer values from -65536 to -257 and from 256 to 65535 are designated as Specification Required. Integer values greater than 65535 are designated as Expert Review. Integer values less than -65536 are marked as Private Use.</t> </section> <section anchor="iana_cojp_key_usage_registry"title="CoJPnumbered="true" toc="default"> <name>Constrained Join Protocol (CoJP) KeyUsage Registry">Usage</name> <t>This section defines asub-registrysubregistry within the "IPv6overOver the TSCHmodeMode of IEEE802.15.4e (6TiSCH) parameters"802.15.4 (6TiSCH)" registry with the name "Constrained Join Protocol (CoJP) KeyUsage Registry".</t>Usage".</t> <t>The columns of this registry are:</t><t>Name: This<dl> <dt>Name:</dt> <dd>This is a descriptive name that enables easier reference to the item.The name MUST be unique.It is not used in theencoding.</t> <t>Value: Thisencoding. The name <bcp14>MUST</bcp14> be unique.</dd> <dt>Value:</dt> <dd>This is the value used to identify the key usage setting. These valuesMUST<bcp14>MUST</bcp14> be unique. The value is aninteger.</t> <t>Algorithm: Thisinteger.</dd> <dt>Algorithm:</dt> <dd>This is a descriptive name of the link-layer algorithm in use and uniquely determines the key length. The name is not used in theencoding.</t> <t>Description: Thisencoding. The algorithm <bcp14>MUST</bcp14> be unique.</dd> <dt>Description:</dt> <dd>This field contains a description of the key usage setting. The field should describe in enough detail how the key is to be used with different frame types, specific for the link-layer technology inquestion.</t> <t>Reference: Thisquestion. The description <bcp14>MUST</bcp14> be unique.</dd> <dt>Reference:</dt> <dd>This contains a pointer to the public specification for the field, if oneexists.</t>exists.</dd> </dl> <t>This registry isto bepopulated with the values in <xreftarget="table_key_usage_values"/>.</t>target="table_key_usage_values" format="default"/>.</t> <t>The amending formula for thissub-registrysubregistry is: Different ranges of values use different registration policies <xreftarget="RFC8126"/>.target="RFC8126" format="default"/>. Integer values from -256 to 255 are designated as Standards Action. Integer values from -65536 to -257 and from 256 to 65535 are designated as Specification Required. Integer values greater than 65535 are designated as Expert Review. Integer values less than -65536 are marked as Private Use.</t> </section> <section anchor="iana_cojp_unsupported_code_registry"title="CoJPnumbered="true" toc="default"> <name>Constrained Join Protocol (CoJP) Unsupported ConfigurationCode Registry">Codes</name> <t>This section defines asub-registrysubregistry within the "IPv6overOver the TSCHmodeMode of IEEE802.15.4e (6TiSCH) parameters"802.15.4 (6TiSCH)" registry with the name "Constrained Join Protocol (CoJP) Unsupported ConfigurationCode Registry".</t>Codes".</t> <t>The columns of this registry are:</t><t>Name: This<dl> <dt>Name:</dt> <dd>This is a descriptive name that enables easier reference to the item.The name MUST be unique.It is not used in theencoding.</t> <t>Value: Thisencoding. The name <bcp14>MUST</bcp14> be unique.</dd> <dt>Value:</dt> <dd>This is the value used to identify the diagnostic code. These valuesMUST<bcp14>MUST</bcp14> be unique. The value is aninteger.</t> <t>Description: Thisinteger.</dd> <dt>Description:</dt> <dd>This is a descriptive human-readable name. The descriptionMUST<bcp14>MUST</bcp14> be unique. It is not used in theencoding.</t> <t>Reference: Thisencoding.</dd> <dt>Reference:</dt> <dd>This contains a pointer to the public specification for the field, if oneexists.</t>exists.</dd> </dl> <t>This registry is to be populated with the values in <xreftarget="table_unsupported_code_values"/>.</t>target="table_unsupported_code_values" format="default"/>.</t> <t>The amending formula for thissub-registrysubregistry is: Different ranges of values use different registration policies <xreftarget="RFC8126"/>.target="RFC8126" format="default"/>. Integer values from -256 to 255 are designated as Standards Action. Integer values from -65536 to -257 and from 256 to 65535 are designated as Specification Required. Integer values greater than 65535 are designated as Expert Review. Integer values less than -65536 are marked as PrivateUse.</t> <!-- ====================================================================== --> </section>Use. </t> </section><section anchor="acknowledgments" title="Acknowledgments"> <t>The work on this document has been partially supported by the European Union's H2020 Programme for research, technological development and demonstration under grant agreements: No 644852, project ARMOUR; No 687884, project F-Interop and open-call project SPOTS; No 732638, project Fed4FIRE+ and open-call project SODA.</t> <t>The following individuals provided input to this document (in alphabetic order): Christian Amsuss, Tengfei Chang, Klaus Hartke, Tero Kivinen, Jim Schaad, Goeran Selander, Yasuyuki Tanaka, Pascal Thubert, William Vignat, Xavier Vilajosana, Thomas Watteyne.</t></section> </middle> <back><references title='Normative References'> &RFC7554; &RFC8180; &RFC8613; &RFC7252; &RFC7049; &RFC8152; &RFC2119; &RFC8174; &RFC2597; &RFC3172; &RFC8126;<references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7554.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8180.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8613.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7252.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8949.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8152.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2597.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3172.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"/> <reference anchor="IEEE802.15.4">target="https://ieeexplore.ieee.org/document/7460875"> <front> <title>IEEEStd 802.15.4Standard for Low-Rate Wireless Networks</title><author initials="." surname="IEEE standard<author> <organization>IEEE</organization> </author> <date month="April" year="2016"/> </front> <seriesInfo name="IEEE Standard" value="802.15.4-2015"/> <seriesInfo name="DOI" value="10.1109/IEEESTD.2016.7460875"/> </reference> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8974.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8505.xml"/> <reference anchor="RFC9030" target="https://www.rfc-editor.org/info/rfc9030"> <front> <title>An Architecture forInformation Technology"> <organization></organization>IPv6 over the Time-Slotted Channel Hopping Mode of IEEE 802.15.4 (6TiSCH)</title> <author initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor"> <organization/> </author> <dateyear="n.d."/>month="May" year="2021"/> </front> <seriesInfo name="RFC" value="9030"/> <seriesInfo name="DOI" value="10.17487/RFC9030"/> </reference>&I-D.ietf-core-stateless; &RFC8505; &I-D.ietf-6tisch-architecture; &RFC7320; &RFC8085; &RFC5869;<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8820.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8085.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5869.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6761.xml"/> </references><references title='Informative References'> &I-D.ietf-6tisch-msf; &I-D.ietf-cbor-cddl; &I-D.ietf-cbor-sequence; &RFC8480; &RFC5785; &RFC7721; &RFC4944; &RFC6550; &RFC4231; &RFC8415; &I-D.ietf-anima-grasp; &RFC6762;<references> <name>Informative References</name> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8610.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8742.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8480.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8615.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7721.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4944.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6550.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4231.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8415.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8990.xml"/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6762.xml"/> <referenceanchor="NIST800-90A" >anchor="NIST800-90A"> <front> <title>Recommendation for Random Number Generation Using Deterministic Random Bit Generators</title><author initials="." surname="NIST Special Publication 800-90A, Revision 1"> <organization></organization> </author> <author initials="E." surname="Barker"> <organization></organization> </author> <author initials="J." surname="Kelsey"> <organization></organization><author> <organization>National Institute of Standards and Technology</organization> </author> <date month="June" year="2015"/> </front> <seriesInfo name="DOI" value="10.6028/NIST.SP.800-90Ar1"/> <refcontent>Special Publication 800-90A, Revision 1</refcontent> </reference> </references><!-- ====================================================================== --></references> <section anchor="example"title="Example">numbered="true" toc="default"> <name>Example</name> <t><xreftarget="fig_example"/>target="fig_example" format="default"/> illustrates a successful join protocol exchange. The pledge instantiates the OSCORE context and derives the OSCORE keys and nonces from the PSK. It uses the instantiated context to protect the Join Request addressed with a Proxy-Scheme option, the well-known host name of the JRC in the Uri-Host option, and it uses its EUI-64 as pledge identifier and OSCOREkid context.'kid context'. Triggered by the presence of a Proxy-Scheme option, the JP forwards the request to the JRC and sets the CoAP token to the internally needed state. The JPhaslearned the IPv6 address of the JRC when it acted as a pledge and joined the network. Once the JRC receives the request, it looks up the correct context based on thekid context'kid context' parameter. The OSCORE data authenticity verification ensures that the request has not been modified in transit. In addition, replay protection is ensured through persistent handling of mutable context parameters.</t> <t>Once the JP receives the Join Response, it authenticates the state within the CoAP token before deciding where to forward. The JP sets its internal state to that found in thetoken,token and forwards the Join Response to the correct pledge. Note that the JP does not possess the key to decrypt the CoJP object (configuration) present in the payload.TheAt the pledge, the Join Response is matched to the Join Request and verified for replay protectionat the pledgeusing OSCORE processing rules. In this example, the Join Response does not contain the IPv6 address of the JRC, hence the pledgehenceunderstands that the JRC is co-located with the 6LBR.</t> <figuretitle="Exampleanchor="fig_example"> <name>Example of a successful join protocol exchange. { ... } denotes authenticated encryption, <Tag> denotes the authenticationtag." anchor="fig_example"><artwork align="center"><![CDATA[ <---E2E OSCORE-->tag.</name> <artwork align="center" name="" type="" alt=""><![CDATA[ <-----E2E OSCORE------> Client Proxy Server Pledge JP JRC | | | | Join | | Code: 0.02 (POST) | Request | | Token: - +--------->| | Proxy-Scheme: coap | | | Uri-Host: 6tisch.arpa | | | OSCORE: kid: -, | | | kid_context: EUI-64, | | | Partial IV: 1 | | | Payload: { Code: 0.02 (POST), | | | Uri-Path: "j", | | | join_request, <Tag> } | | | | | Join | Code: 0.02 (POST) | | Request | Token: opaque state | +--------->| OSCORE: kid: -, | | | kid_context: EUI-64, | | | Partial IV: 1 | | | Payload: { Code: 0.02 (POST), | | | Uri-Path: "j", | | | join_request, <Tag> } | | | | | | | | Join | Code: 2.04 (Changed) | | Response | Token: opaque state | |<---------+ OSCORE: - | | | Payload: { Code: 2.04 (Changed), | | | configuration, <Tag> } | | | | | | | Join | | Code: 2.04 (Changed) | Response | | Token: - |<---------+ | OSCORE: - | | | Payload: { Code: 2.04 (Changed), | | | configuration, <Tag> } | | |]]></artwork></figure>]]></artwork> </figure> <t>Where the join_request object is:</t><figure><artwork><![CDATA[<sourcecode type=""><![CDATA[ join_request: { 5 : h'cafe' / PAN ID of the network pledge is attempting to join / }]]></artwork></figure>]]></sourcecode> <t>Since the role parameter is not present, the default role of "6TiSCH Node" is implied.</t> <t>The join_request objectencodesis converted to h'a10542cafe' with a size of 5 bytes.</t> <t>And the configuration objectis:</t> <figure><artwork><![CDATA[is the following:</t> <sourcecode type=""><![CDATA[ configuration: { 2 : [ / link-layer key set / 1, / key_id / h'e6bf4287c2d7618d6a9687445ffd33e6' / key_value / ], 3 : [ / short identifier / h'af93' / assigned short address / ] }]]></artwork></figure>]]></sourcecode> <t>Since the key_usage parameter is not present in the link-layer key set object, the default value of "6TiSCH-K1K2-ENC-MIC32" is implied. Since the key_addinfo parameter is not present and key_id is differentthanfrom 0, Key ID Mode 0x01 (Key Index) is implied. Similarly, since the lease_time parameter is not present in the short identifier object, the default value of positive infinity is implied.</t> <t>The configuration objectencodes to</t>is converted to the following:</t> <t>h'a202820150e6bf4287c2d7618d6a9687445ffd33e6038142af93' with a size of 26 bytes.</t><!-- ====================================================================== --></section> <section anchor="lightweight"title="Lightweightnumbered="true" toc="default"> <name>Lightweight ImplementationOption">Option</name> <t>In environments where optimizing the implementation footprint is important, it is possible to implement this specification without having the implementations of HKDF <xreftarget="RFC5869"/>target="RFC5869" format="default"/> and SHA <xreftarget="RFC4231"/>target="RFC4231" format="default"/> on constrained devices. HKDF and SHA are used during the OSCORE security context derivation phase. This derivation can also be done by the JRC or a provisioningdevice,device on behalf of the (6LBR) pledge during the provisioning phase. In that case, the derived OSCORE security context parameters are written directly into the (6LBR) pledge, without requiring the PSK to be provisioned to the (6LBR) pledge.</t> <t>The use of HKDF to derive OSCORE security context parameters ensures that the resulting OSCORE keys have good securityproperties,properties and are unique as long as the input varies for differentpledges varies.pledges. This specification ensures the uniqueness by mandating unique pledge identifiers and a unique PSK for each (6LBR) pledge. From the AEAD nonce reuse viewpoint, having a unique pledge identifier is a sufficient condition. However, as discussed in <xreftarget="sec_considerations"/>,target="sec_considerations" format="default"/>, the use of a single PSK shared among many devices is a common security pitfall. The compromise of this shared PSK on a single device would lead to the compromise of the entire batch. When using the implementation/deployment scheme outlined above, the PSK does not need to be written to individual pledges. As a consequence, even if a shared PSK is used, the scheme offers acomparablelevel of securityas incomparable to the scenariowherein which each pledge is provisioned with a unique PSK. In this case, there is still a latent risk of the shared PSK being compromisedfromon the provisioning device, which would compromise all devices in the batch.</t> </section> <section anchor="acknowledgments" numbered="false" toc="default"> <name>Acknowledgments</name> <t>The work on this document has been partially supported by the European Union's H2020 Programme for research, technological development and demonstration under grant agreements: No. 644852, project ARMOUR; No. 687884, project F-Interop and open-call project SPOTS; No. 732638, project Fed4FIRE+ and open-call project SODA.</t> <t>The following individuals provided input to this document (in alphabetic order): <contact fullname="Christian Amsüss"/>, <contact fullname="Tengfei Chang"/>, <contact fullname="Roman Danyliw"/>, <contact fullname="Linda Dunbar"/>, <contact fullname="Vijay Gurbani"/>, <contact fullname="Klaus Hartke"/>, <contact fullname="Barry Leiba"/>, <contact fullname="Benjamin Kaduk"/>, <contact fullname="Tero Kivinen"/>, <contact fullname="Mirja Kühlewind"/>, <contact fullname="John Mattsson"/>, <contact fullname="Hilarie Orman"/>, <contact fullname="Alvaro Retana"/>, <contact fullname="Adam Roach"/>, <contact fullname="Jim Schaad"/>, <contact fullname="Göran Selander"/>, <contact fullname="Yasuyuki Tanaka"/>, <contact fullname="Pascal Thubert"/>, <contact fullname="William Vignat"/>, <contact fullname="Xavier Vilajosana"/>, <contact fullname="Éric Vyncke"/>, and <contact fullname="Thomas Watteyne"/>.</t> </section> </back><!-- ##markdown-source: H4sIAMtm710AA+29+1IbWZo4+L+eIpeK2IJuSQUYbBfdPTsYcBflGwu4a2an OxwpKYWyLWVqMlNg2uWNfYd9w32S/a7nfCcvQq4qZn4dMVREGaTMc/3u18Fg 0KvSap4cRSd5VlZFnGbJJPoxT7PoosirfJzPo+2T/MeLnWiaF9HT6/Tq5Ife N1E8GhXJ7VH0tErL8WywSLN0Ec8HZTJeFWl135vk4yxewLCTIp5WgzSppoOO Zwd7hz0YsazibPIhnucZvFUVq6TXS5fFUYQ/8GdZ7e/ufr+734uLJKZPz7Mq KbKk6t3d8FOyuuinvPiYZjfRn4t8tex9vJNv9fnBKS6pN44r/qKsJr3eOJ/A K0fRqhzE5ThNe8v0qEdT52N5n37uk5I+LvOiKpJpeVT7+H5hPnUfwyCTZFnN 9PP9Xi9eVbO84DkGPR0+zdy7b4bRX1ZjOKux+5ZPlL+N52kZN57ICz0L2G6R xu6LIp/rq8kkrfLCfZMs4nTOXy1o0OEtD/qvKY4wnPpHAT6ShE9tP7pcJdFV uoDris6nU/fMGG5UJrqIi7T0X+QTXcGzw929ffPFKqsKeullEWfjpPtMfhzy lG0n8mOexdUszmpPmBM5zgC6bqLT5DYdJ2XbAfxdxhiWOMa/xvTCcJwv2o7g yf733+9Gx/PbuIgn+eBtOk/K6DKPJ/3oapVWSfT93m7bsbzP0jyLTuCDfnRy 3HY+3x8cPn/Wdj7vr467D+fVMLpIS4DxttN5BVdR/9ocDazpNilKWFOUT6MT gAPA9iyNoxdJ8TGZJ/dtp7Wk4f41ScblcCTPDZPJqu2wDvf2gcIU99EP8Xze dio6UfeZPNvf/eozASS6TMezuJiU7VDzBr9N5m1PmeO5AtKUzBcIXPm0ugMS RESmFYYW4+L3SO7+tdSXhuO47UgOnu1Gp/EdTBkd3ybZKmk7lndVFd/F/ejd 27ZDebX3fx3+pRVSTgB2J3Gvl+XFIq7gcpnSXL48eXZ4eHAUfRO9L5FGnp+d nUXPd/eHe4fDgyS6ThfJ4GqeVxVwgRPAhAzO5od8ucRnt6+Buu7A8UbVLHHk FAHmegbfl9H2eX69c4SMYzRPFtFVFVfJIskqnfr53vNdnPoNc4Do/OL2aZQD 4NGAOHr0BjaHI9bWtc2kfQe51DS9WRWwJ7kqHPfp3hMc993o78m4iq6EsRDH smzt8uzqerqaR2fZbVrkGS4NFv3u6uTd5dmOO5/9w30c7BqWZF8+Xi7n6Zjm DVjj8YV/dffge3wVXhunZRK9SLMYQF6WdZksi6SEOXmM7ZMX7y53/NHwrPih 20d6k+G5AxzBksfF/VJefHfll7u/t0dzvkruo7scIJh2vYLZ4Z7g+xKYD9zV BJeewBr+c5UWdCnR6+Q2mZd+Ac8ILI4XIzhfIQTvl8ukGMcw2G0Zvc7v5A8e OcKpad6fcF63oMPvn9FAZbkq4Nxe5gUgDHLX6OKHF8KU5dkne89o128AWm94 VX9epYA1cOJl9L9H72B6Oi0AFrN03iPCzPFkAmda0hFd5quKZgF6vEgAOKNj EBWi0xxwE05tKy6W8ZY58P2nOLWZDwf9CQCHzzw6P357TBAAD/AqSgQtugM5 WxoMQVUh9cjhokhVWwTIV9XEATOiRTaBE6H54FAHl3gzP8He5riVt0l1h7Rl yw1lRYWAxvHgpR3vPJsyxsMir5PxLMuBg93zWOeD0yEJYuO8SAYlYifO6CjD 88PdQzySy+QmRbCnQc4+VQkcAW6exncoiyu/QJDwS78AFkJ3RQcvGwHcfZ3/ dHH8dgc+SW9mIxjlFARBHOQ+XJcIiHExngH/HFcAP0ePSjtenFzsfQ/DIu4+ 2d+NkCxenoOEUALqRe/uMtjQLHXg+nz3OR3Q+9MLIJ8AsQZ69JnD508JH394 c3wyGAG2TPAIi3hcDeCaBmeflgiriDWnSZHe8iG/XGUMV9s/vDp9uQOSr16j Eu76GS3KKc4iEq8eytV4Bvx3jgCsQ9ZuHk5/MJ5M5kctn5eAYQnIX19JwgAp +D1PSw74rmR1DotBLhrN43u4s+2nVb7cMXT0qaeih8/glB1Jfba/h0M5mo6n d4EHN76vI6eDT6UKf04ynfkN4EKcpeXCLfLg+wMieNcgc5aLtEQYJ+jBES7i 8ccE6AwBWABPDj91nKeHh7TZy4vXR/yyI0S6O0V0Rhfcweu8LO8bQx3sP6HN nk/giNNpCtBHT18nZRX9BS4gL3iXBFxXPxwP9vcP+uavw6fmryfP4Tt83X1y KFI3XdEegfLpPQhD6Rh4PEwRIEi4fNrY9ukPJ/DvTgg7McLe4KaIyyXRfT52 GPN4VeVZjqMjJ4vnwZls//ny+Mpf+tNnT5kTrOYVsCpYzOnbK/ry7fnV9fPd 3cH3u8dN6nqZgHAOLGHCS8aVXsKW80X0drUAmdSCAAs8p8gZUAUtYR59+EVa 6ZNwxOso76CFCuMKo6tlMk4BBS8AxFVMkGX3AW9uU4Kvva0HxjobRi9ikISL hx4EVegVsO/k3j8IhwBnsr+L+vRgMAAdvSTC0+uBfFZGoJKviMVOknJcpCPg eEg6RR2Ppsg1iWAXzGmZocRRltzBK6gz9aMxSO/wxdYS/n+TbPVRuCA9Ppnf g/YEbDFWrN9uodCLVgq9A1MQIgx7KHQ1FoLrjCsaheclqMY/f7w8ibZp2kJ4 VvHdOM9R2sCbBPCPxrDjAraHGFXd7/Sjcobie4yqOkgJCKcfQW3p/ZDfwZBw TPBXBP8si5zvDLYLfwJK48KBbS1pB5U9UVw3iDU3MxwWgGyOkuPxBUqH6+XH HdoiYPcAdrmEh5Mo+YSECvbIxzqJRkB9SUIFSfUXyLewY3NwMh2QlYmSvDSD O8RH5BKCwx0LRYA7ABS5S6tZBGj8ccBUHI4KUQr4FOA7nDG+mcOrRbRUGazk O8WxFjFQ7woeugf0XSTRaokAy6tzj8OfcpIZj/QVBzRkOC8RE6d61JNkSsJd VRPnQxMXrjyFYyHxe3sT5reD6BajPrciQaVkWutxa4YAlfsTpBUUSMkJfBLF EyRgq0yXC1LZ+KOIt7AXgm0AxTGyMxgtH8OeI0Iz3j6cKuhoxbAHPC8VSVkN a9HCMT06/BGA/WQCe4d5gP06MG5QgCHTj0UKgkLS6/3xf4M//vSb/ESDwb+g sQ+UxyKfrFjo+fxNav780iRXfINxtCV7xlPZisp8vnJU/xeTqYD0IGuozVIk UwLL3OPHmG4DeQMSFb64vvCK9B98jwgLDqqjCdKmdLSSJ0vZ0wRv8vPndfLv ly+8sgets2bEgDZFAAETtEy1rwZ2lUwcqRcqAZsdIWNFMomnAN9nQLmHvTer aoV4Hmw9mgC0ARmonw+i1AJpHlCO2uEgAYY9ggI6cQiPKIFqK0ClA+4xWyDo yBwiEcY36K/dcjwvcyUDBDjjQLCBGSbpFK4VnyVKVtZwcqmHy+hI7AcmXo2F kJwmGdI7eOkqKRDkQDTKr3aAvNHzoPhOY/hQDgbfsIg8rEM40hX4rWxAJYMK UxTcNrH6z5/FivPlCx6y/wxVJISXF/f4Eohcfbq2MmqB92CUWXxL5CkFchtP UmAHqwIvPZ9OgWV7ioVkuy9ErYSNAzEG2nMD3PNYTllVCGY6yCrwTunGLIYS uOGR6PHoqmaw4Xm6SNH8NILN3aUTYDnB7hAbDIZ6MtCJAchHEpgxAYaVLPkG MxYPYWMooQzgo0EM21fmQggfM2VcLejCUFIaFzkoz0isgL6gcM5SySyJCzok PWM6dTpVAGUgrYAyC7TN4TNovgPKvMgLOLfzCoULv0BCUnoS5i+SFfE7FFXh nBQoYdrbOJ3HIxAzYsLrOkshqIVL4dXFRvAgaO83ngWMAY19cg9TzhFj0D6N AgwDyf7hPgAJXtldMooq1JemOAqx+0ylE76kp3tP5FlkpyCYD6p8AP84pvTr LpCOBA8sh5MBkLGHUtKUo1U6J2PTaJ6PPyKuIX3EU46jG1FMHHoTYo/jDFkj wWlcDlLGF7izBV2jiquBDQeItrH6fPnSh3fG89VE4XkTOyoJw3ILMCnbCvJs yAsmaamEE4eF6OpgXSwUbc9Bm1yiNulkZ5pZDT54h3d4aFEyBUkoBZS8p2MF /lYyEFqhA1EAYHhCN0rwOc3zagnEi8ATqHheVDHS2XO4rtUY5Vw0BPZRKBTJ IkuQtKG4BJDLN1kju0bIUxEtEtHTLZxWSQIfcUrlDbDcZUxuE4UJkStx5XhV KiJ5YkmcFeFrIN8N8NnbNLljsknzNvgCfsgYkYar5HtSaIpLptcku5JQOBbG Rbz50ikjJ14ZibZBCN5pqiS8kXAlnZjgJ+5WiFTBgfuFkzR6DlmQc1DUlzPW epygdHH1KtpeolEQ353gdzu8LvwGFkDgF0izgvVVzprSJGlwbfwOT0t1KzcY KLAVz/uQYnUkAiqA2AzIWJJZluo0NCKOMzRMwykTp0EdzukJIbbjWLDTMUg9 NEryCRat18/L7f0E0o093TJJPlqViXhDyE8JFaZpAcyyvM/GALdZ+g9mI2nV x1UBK6nSuHKrh6tMgUGUSH5CcTCgLHwNKpjhwjyPYkKBaId/kXYmQPAHr0IY GhxiPSyND7Xvx0DImbLBnrk2szJlDy28xu1fQEmF009Ag3jtbnBd+ASpq4AE AqwCr5c+FyRngqxuJE2gNkoi9fqXSVEhqRMIrKmCAAMkCIaTNVQymfUB3Rbt BkAEo9SZ5jq03eNplcjJWyanBAqoJ/4LWjrsDsnaHN4r+05GFFGbmFKKHrZ4 LHo3MrdMDOgliwdEKFGnU83Pi0yrUgENLa1eW2AufYCiFG0AMBF2BQSMWJcV FYBEIe8YPor+d002OKb4n7+p/F9fWNT66LxZW2/eX12DBkf/Rm/f0e+XZ//n +/PLs1P8/eqH49ev3S/6xNUP796/PvW/+TdP3r15c/b2lF+GT6PaR2+O/32L ZZutdxfX5+/eHr/eaiHEhahJfEtAUSoSH0IOhP6FAz5zdJbBmYso+wzFbuDQ mUpRAA38Z0VwC2gZFyqHjONlCgSzJDUIwPAui5C3i1SKmAkQh5j+CRhWxYQa FjaNF+k8hWEcYWD2z0weONaysoqo6BHrldG+0UBILDQfsOzXr+sk+JQsNbTM EHKy2ESqT8m+ZOP6CF8oDVCrhYZsMLSHVOTb7GaFjpntk9PT1zt2P8714ZYz zZEysOCEB/MVSjndPzHFhP1jt2hZEHEFWVrIxnq93wmdgV8MmstfSB0+3YOA cLGjn7TaM1mEgEeSbIaBMkDwkniMjpizFztmLEJ18zdSnA22LC5A2R1dD/P9 ddsS5170AlYJYIi+D/LvvH5xuWO+fotEDT59u9MzlhZ8asvJF4RJzCJAubkP 4TbaOn13evznqADJdKuxbnTCIOwJbyAxib3lTlJCbYEkrlT43DgfgIoA9H1C iFWoK4H5yMNmGbMPZ2eKy5YjS9yJ9RFHySIyRx09y4H2AyBkAzwI0Y1Rq6wS XD3eUs6XaHVkhwVp0aKZ6FN0mGiFYCYsejedhoxfutFjlmRpEcLdrTF4ksOi ABjIlq922cY8QoHC3U10bLpqwYGtoZewKsCfCBgZc3tkPyw0tci2ZgTml1sM ZToqCi4LBSa4HtBVlDX2QY8i45JqgAz9cm+GqW8x4Xeb818Me1dJAlBhpU6C gkfgjhdWsr0gyfbzN8HEDHzB/utOC8KeMUhIGP1gdK8Ra9LrgazvTr2E9+zr iDl2GrkrIEwEaDgyW6UBf+P7ElHpDtSNGZOOQGYXxXsC4wx7F7P7MkUZ8r5f dwnIc3dFCms2Dotw+4wWsbHsePN3X7RW9rSClnYNlMRBbl8+LdmLsT3G+NAd Mmfl86T+3HJVzsi+sKoqZEpluljNQTtO8lUJMIzamzMuCkbzi4GhKdT3yED3 EuMIQTsZxwjgSTUW0b/jyNgKmkS3QLJysenAsa9gpUih5BNc/E3BzjAasnea AETMyQowU59XMAdR+CzZwOv1E1ITtKyQVjphU1Ys9hpdq6qFfZgF4x1I18Vg Q976CAAuEWJglYHgchUcDSlXYomzOFUvBBzY7IV1LMVVF/TWEIllEsO1DSEI 9DGjDbhfy+aIXe+QSIvGHdbUBQVFDiKzRv0V1IUxVEosqop1LWPzmBnqHHhD mbfieP9Q4UOq2CsBfG5VlspX4bkP4yDEoqaO2u3Dtu+XjMC0i5t5PqI/ZHNP DwYjUJEpnAhZ7Hv+2Ic6gBDz/nzw9GBHWVCTt6l7B1bHNIWj0ao66RPMwIDO O6FGDi3WbECNHDccCcDgRF7smANKEucnCAGGgDPX0e5xRcZOEVgYrC+AxLQh IORS1C+RXgLaELhvzXrJPogimjNdiuKZNJyGbl01JXPYewky5VKCaUCPKJGe bZfC5+jjBgDs9PXA87JM0QZdkZjovUdmkZ4STot8QfPzJfPUyacYFeB+67vq sYwKjtEY3Vdom8Nj7SPxhcsvEnJflaLwVPHHRAQ+MVLy48AIMJaHHEweKwzw DxHTL4pkcMXmL4zO2r64erUD6vw6+1kk5jJLw1ogw7HHPJrnOQhwS2cNY7fb DagPWSDaECV0ej1gkdtnWeViuBjnBTvFCXZaCNVZDIcQrkcpTkNQcOZCWJW3 /Onjcbh3WhGcbQ7zkhmRh6iieYKRO3v7z6MRmisA3tHUmS/vEWcn7MdYpXBq CDeApVN4nmAILSEriSojUHHXDssiuU6uUm20KJXMk+ymmjXMi4q+ZM7+jiD8 4VCOQNMUf+I4X80njt0KRschsyyrZIlmxxYLNbEmHvc+9G4i6MQ3RZKI908p wQkoIGgoT6spHDGZ8DPdDomCV69YANuIUIP8S/QR3Z0s/QOEo47DVkyR/Ngt l2OoY9+dot672OuGvbd5lXj+Kwfdgt2hAa2MXu0RCrzad+5Yo2sah56MGAOC ZDcDUqpgUwVwQiXKeEoYhdFKUWuWNvHd2hlD680d+Y/wVgEYAPDoUGtrJ6Lw bqkY2KeTqqsFvPrm53VxoC3YoOUtd+5xUaSCmrD4M1X3X3h1n6M10MSqbJev b+8p8dn2UFzLbVErPz/dWWd7dkxRlLi2/QPyJbcIOzwevgKKX6TgiC+jkRGR vGXD5LQjUi8SXC2WYJ5OEwoWSqfkYJ7POY6OCU5dFUV7RkUmMMKlzRHSQ3LL GtVXDZJ/AUwPrbUjNYVsSE4Cha79JBkXvSpnrJLmkCcr4re5iYsfa2RIJWbk lrHxgPFWALQ+Zmg/VEEaj/bOeTtatABPRlhRcEEkcs8twrTlY8oG6xYHRL14 cov2e4QvZ20ATJQoAxbwMIqBzjFDmwJMhvShbEg5QrD96tr4nCzPmBGaKJ7d kzkGcCIGpQ4ErJscJOXZolQrSv1zohw12rao0g/4BFFhsnS45wNRnuSX8Az7 Fi7h17J1TvbJzlMycxwbMaFf3yHTbIeTavAKfEWBDFUXDEgJ+jPJ8oEorJRX NBCk3fKF0gwRwoPF5O4pnbszROa69q6Td/MRWTTqsrlZkFrfxDvjoyVaDAIR hzSrX2TvEK2IFJpsLYAmxBm/X5y+vRK747OnaAS3t8aA+7DyfEH7wk/ocvAS Ou6A39R9Mi2+JxmALHKobXAUtyhfvHnxZT6CeUpdfKRfvBOvevT5m3ZvuwQ7 lZI5EwYfo/hUiuBOGq1TwVsi9BiVvsopWwU2b2cnoDDKEmB7bxhFRh+cY0aj ZBLE6/hui5sWTTy0U35AfJKlo23eLaw2H5epI+aNBGW+yhtriTCnHKCCHjrY H4+tAbtoU1fXHX7A3oBSiSdovAQusXfKspPBpU9Z64qdjT1J7GQcJynFMdHU us2kcTZuvzUxsI6eFxJr6xFa4wdQY+AXgUiF1GbY2w8vKohL7nyNpnJshkQN NVdeiL2wmZLkt+jeJJmRJH1RSvNFSpE96dRsl6bXmTGQbYQ64QSzfDDAkrUa Zr/O4ONs544teMqEAEjKsj+FJ+Ep4N27670Ud7DfIfJZcsrY6FdjpCiT+dTB kiKZbj4YMy1NVIC1+B4MMdHc6Rneu62E3Ohs4q+uxaMTeJlNSJS30ygoxP82 jWVTO40VygsYlgd8oewOOvIRSiH4t9m/gXC+1BXwU9+CeAGjIF7AgvsuelG0 Frz7JWBQDrAC0/5//8//a2cg/666822kxkVf0YGZMHICBBEyzU7jQmwt7jSQ I/ZR35To8gLdbcGNvMOp2BaUkNydsrmalB2QBPOmpsMOntTzIFpBPFLvFUZ9 pOPVPOY42SZhJmYdWJ1SdVQT+aGQwVjofwqab7xgSQku6oMyig/yzZcvQJf/ b//T+/1Afn4f1X9+/+A3g9/3ftZb+LnxFHwCeBJ1fAOQB7/0fjafNZ964Bt4 /9euv3X85kQtX9Grf4RBGoxsbwc+ffDVXzVrk7JG2/s7g395zFnpxALKtf0k xq0Ofu78Bhb0118xL/yHkpY76kFIlrafjHZq04ffwC1892u2bTHl81H0TRtK cbrcn7acrMYx9p5YB6L31hccCHAekXsQz0EF+9MWxiwmBXyFod5IP0X11vjy wHfo5H6SUIjRjys1IqBU6oR7/C71flqyfbRrKUJlJt57laB5k7gymcRs3E0o 9onoWao0/Nv8J9LwN9EVLmEPPqlj2edvcHWDZCTuWuXatfhAq7ODDMwyKK57 mkuQNXNJMnx3SaWYlyRR9njmGrBX52rX4u1TIo2yAIkFagXiyIdabLNNbPL2 O04egEN9l42DUDoMh2fx5QU5C9o2rOyz5IzlxMT2jEkOFn7u7/PsReC6QTEV J4rQ+5rCh/BA+QexBs5F2XDq2NkLdVN4xYweJeXMxUr6OA3iyg2PmNn1OXou FoQVxOvQVLwAPUbVQCPeq0THeaR3qJG32X9oj06OYZ8xOXjj+Spx8jNi6hv2 R8Brc28jfCGvgBxPqEnby1fFeJ04DhM6SbUikyOHB/T9UkvK3aXCJWhuZwXF 2ctg2uguKZwkB/J2JZ7mIP7CgIfI0EuyRrucHpJRMcSGboOGZb+Ei8Jusz72 zqeBf6xplHI0pPk6AWeraarFHlUP7ePg8g8i1LbiAcNhKQfdigq4AFT9UEBK OciNwhtQpJQIf8oToEwRpmiiOCveWDhrwRk1R0gBEHl5nlfNGHK8FwRelY5D e8ypN9QUWO0mm3CQRf3JvldNaQIEr1KSOAQNrWFQVFRlDJyzQt7FNKsaYENz CLAg1d3vs+8FLjRjyyhTT1bgfVwsgNNjEv99+KRF3BH6n01C+o/3tV5tDeKc 25XEmNQRJklYyaDmmX9z/O/4PXnOcBC3uqucArQYXr7znx8Huq4zlISaCs+p NVAOh08RAEzcIOWBuWXxZ3SHhaCm0zB0bZMVBxwnbu9swde0znbtOtiqc7Fe EPRWFBfXcbJS5AVDK8rViJPVqlpYfHfSnneCtVy2j8qPLQhbIy+7JhqR5i4c Q/AgpGW4ghxXrvUp8BH2T6nfE20qYw7nZZPxKvOzsZuohZfNQUT4Tx/B9hh4 8QQ+eTBx9cw58wRfxvnflyHGAGe6ueEYHrkUb8njA3lolqFXUd2r5KIq2U2N EUWap3DkGa3qCvJVtM3bind8fFwo1OuDY/TKV8yBBI+NuO1uvNNIojONdpAm AriGqR4IVD6bguMy1Qlq8z00EQdh1hnoiOkSKQHZHovQURC1y7TQIitFspwz yRWEHPZeMiyhd5KSI5qL2hDS72weSxg/0cTqzdGibteAh4AkMKKI4dHxHcSX X4QuZIWePngSzd2xriRM8dbL6BKR09Cg2g4OrU0UJDvBLeRcVktYqnsotIBp 5mBo3XoEnFekj+GzAHsEr8k9oPIS43fdyBg7BCqDsAJvqLNWM40rJSgR+2QZ GMMMDfESkJxFaDRF1KNgz8rXyEA+NY/rSlTfpWUKYBoZvhY8XRsMD0DKYdj1 NtbiNqCkw6UAI0gI4U8+gew0l0R4zuPqdkerXvMH0AgWbn2cWHeXljPO2ZQa cU7gpvRtBkBgnqRKlLXSFLUkoccBqJEHKCGzIUTxhyFIyYNp6TRj5xwMvdSi 6BnztqlHoLaKJZWDUvlaxYNwKjgKrKcXWq7r7gb8Q5z38BdZb+vmEwchWFgM 42SN28KGk8ITPFJSirfAZG8J3aC8kn7EEX2kr9AnLnuhw4Tu1bvAfJ5MvFu3 pVIE57TZ0ATFAw42vCZia0aUONsW0r1d7kRAzHAJZDjXeoYNGslJed41ispq eyRCl6+4a1tytl456WMOPzJqlGcfS53AS9FKUiexCwNgYxl7jOnSAHp6DRe5 CNUlRoQ5QepLm5JmVNl4lJM7Y1VWDEb3mtSoCDIfJQCBImS0RMoEiSZO0if/ EwZyAVnxWa+hqG35vt2IiZpsU7xhZuHFeAK8WnYky1b98+Gm2dOOaHLfGg2i ArVdC4cbEH41XIuBXNoISiOZwEWjPRwQ8Biu+tcercLibp+/YYGG02SyAG3r TnRUl0TgQTw0qMruaCd4NML6miHcXtmpuAZN4ukAj2YFUcmOdBE68khNgo22 02EyBMFXS6SS0Jzdhw7ysxe6CR8clCxjsT2JgToW1gzCZcXjCxyUw0AjIY8Z y6GY1Y1LA+hC5Ank6PEsGX80tjZeQF/C3twgIsl2EEKVYq0wA2ytSlEEkQBs 2EepUcFZRcFuTqEQuxya1Cjj15ugatZnWhc9JpK8nCi8HNwsi8B6rnKoHWpz YMJhf/Uq8+PiglaZzfJ2IrgYp7wQQhZFdmi3mag0eEbC0vvKeBdE2UJ5X0uH yVQ63KRWCaIlxGyUgOye5i48PXVmYOIhZVI5Wod1pEC5XSyrLQ/trnpyN2aE 4juFTpZaKcan+Krxbk42QsfuWcXT5HEyG6GZUev/yoWvsK6vvEQjNY4EQQDo PgopCkASwaBJGEFGjh0QLfNsicHQM2OexMR+tJDHZOTBlO/Yp2jGDQcy/jXH DSg7aCxSzO4cMoWvYUCcsYrgbKXmAoRzktjXdMjb09w4VJzmwl0HEfsPOAOa pn3O+8Vb8nGM258/B+DwIadadF++7FCakBdr+9FSEugkMY3qkpSa9FWvaOHJ 1hpvFFms0X6boXEkzoimgBiQTu8VxgNqB986GscloTKpiCVQQYl1PooJrx0T ItAQSmAxT25gWVhywQ3ER56TdrNaRljO+QrWMObqjhumLD2KqHZqq6hhDXSM pf38DXoLbIG1L2g37CrChfWoMP+D4yuB5CrxwbEkUpchJR5RmSS23UuOI5xx y6cmnVoZAhcpbDeUZDmV62rUpOsuQrIedtzFBXqXaOxSvKkG+G17A5q8ytwe qHjoVS2Azpa6PptLIs+xCWxWH1/4Xj9cJsJlBgIuCpGjJApZUSZ1rKaASzPK GiLwp8Db040ZnlArl4Bo7U2Gy6mHDq1U7ntjzcOyOUk8GbbKISYqluPlzeEI CEmqQ5s6QE8QyfVvwZ9sQG8pD9oVT65+evIsE+PyNMDVbZF6K6Qr0PUriWCL Yz39u4UolLJdZUr15fnAx0WcDdKMsm65muV6WyOfrZ/mDmUsIuTm8RHWSLs1 6TC8btKlWgCZQZ2rvKlSW0f1ugXgxb0aJAIQE2uLHpA5GUSw4Cz1+EOlthnm 9p78eF6rc4ZrTJCbx5WxL3I5utw6XL8taxq4sbMI6oh/lWNJm2nmrr7TOBbv jVkuz9hGsFyQB1VcYkxOK8E3g13tOZGU28WldzCC/qWatDgFMlB4clDxUGbw qCqG5AnWKGvYGrrEYJ9JF9CXJvZ7MxEmifno/WJBFLfVFDLsvW4xFRvfQujn FWm3TAIon8bpvN3Ufp90e6FCT9wYiYGEtddmqKgWRotJmxlD6MIykp4fk2vB rhJj7mbp2gjXKBOFwZ2mpHQgL8Zl6e/OSq9TThjUo/P3AR8uUNjIV6WrY91I mMp9gYx4iRWqihTR0yUemMoXdlLrB8pqV+Ag1dGpupuDi5loJEW/MTrBntgq 9Oi6/E9hUqnEfLvAhjUvKjcVh0jVsC6qZT+1RbD6AVVspZ8fUXEjTjS/r0Ey V3zCBM1kPCdNHgAY6G06eRxriqTRdRhUxCzV63BOSx0qEflKND0gaGhJLzi6 8YyRE5v4gNJK3B+DckqVncQSzCnAFP5GoPZtyLg7Hdhv0k+cWycz6ujA0PLs Rii9mDtoSuOxirk4aVV3cTjJXHZJsSsoozMn6jv5VRkT0vopEpwfL771Bc1Y zRXZB5irxItMnHsdpjXsztVBa4m6UYNdA0uyidiqy7CssSa0qy3Fhcp7Y2XS UoKtb2UuPQ4yEcIOpuknmpBL0sBrN80UKu+T1qJvyBrg9oEj3+SqxU+oOoDk CTs7R55X6O9eBksSEJJr7asp5F4jqXxQDi4rKeYUl8lYE5MI4WMmg6gOHwpP IQ2oBUoUqQr3lbH8stwAOD9Ll4G41bLO+xD44jrehKfTsXKXzNcmGDcuUeUT ISUu05RNTJzK5uOsarKTMjJkSopknWlx5yywBxqBWU6QB9C6HOE+zQAYCQWd tO6opd5vXNZzFNucQRddq0NpDs3/LUCsRR7RXyXIWq7FiFrmTsuQQE3YTKLh EsIBOwxzDlYAHVGy4qcaydwGNuZJXGTlurszTjzLwzoP0vkgv/wBiclKko1I UhUQtsk4xrcUS9hbqZGOmNFLpXVx9noCJMcNWENTSx0uFhp1FXZaT686k2QC 76UvEKmpUK6oZCOfnTMUdVV+NTa51IR7Cklquf4+hzE7kckJwQ+24AjPS2wN pNUaU+gkLRJynHcSBka6lpXBx4oq2Bojroer596TRbZqby0MLrUL5mRAzS1r B0EnRqGgUC5xU+geWYhxwxwDMRMS/VAqxoGogN75qcQNCyRcXryOTs/flbaO Hkemli3cqolBLRuxYE+Sy1JOBk3JS4vHrL7JEnRrxlTE8k4TXR7Dnqe1EcbO BfC+5pi4FvX78zeiiH8IQoClIKDq6AK1SyqF6xzM9UxMlkforut+EJHEXKhZ 4UKnkQIUoxTLQ96byvIpF+j26Vr9wAKLL1MaKYjqK4wdRiFLVptm8qjq6kjI 72bJPDCuqCHZRzCY+vOxdRIpgdDWImHtQmcfhV2WvmWZz3BnRNHFrTsdYzsw 7uZERdf1VXKHvWNroSblcOVKHXB9YfIUe+OEbkSOiMqpVKbu7jZeFndF2LG5 DkHvhwAMkHBSlSpKVoj9nTjTwybwUebsgbjNUy6vPJYLaisOzKmfw8ZK1JeF eEZBgWOQMBEXVtVNjqMFVqiRecOHhgf9uGBLexo8g/roExSuc7TRwDgaR/xk uDd84iOJd58fssE5dZX/XK8QR6dhkBsuEh9JPwbDMAIOrbMcDJ+5Obh0rZtj yRYQE7vYBkuad08GY3gU07XDA6FbKpIbRD0fGXUKlDuVYmLuUK3bUFVBLh5I ap2/FDHr3dzAuLiW5oRUatFW3X4QJUBbxnzrKldASSyYUPqN+htRGSnTQlWj SR5Rzd7IdWPSAv51mCXbVgfEGkcuh4IjCuEo7ctlmEacDMlCWPrrhuoUcanl w++fAQnyfYOkoh7MNJjlS+fDFdVWiGqSYeeDiS8veZpOp9jlBBR9OK0LVH3K aPv06uSi3Bn2XtgYffyw37Z8Lu5Ox+3ycjjYAO3yWviLEOSxYuiuLbCwhg5M ukGGxDzhZAXYEZ2ZNEJUoXJJfZoYHaw9wJirjZ56/PLgCTeUYM1xG2uoKkb6 7AG+MKq2ZlZEUzo9Tsq12YQgWqN4kgxSuEg+MffhlliQ+EdSEADrZsS6RnrM BKkcSuJtTTRh4S93omKVZWKiCxq9+Arj3QjFwgv2+ZnzmclquUqrPyE8MVu8 6OqlqV+kdyQljFz5zqB0sQYoIF8RuokWvESr7akr4uHWoS01kBfl9LEcqnVI 5ejJHy+8xN0BolIvWwiSAqzqp75egYEsgsx9c+4AevgBtR+iEIAJcH+E5FE8 SinGiFrL4+30EWuZ3+FJypqXRZpzhDZwrNWUeoa53of6EDPRKjeBvy6xlWR2 iu+NWBioxGpCDZiE3/mSYDFL88z8RVXAIH8Cogm65JxJBnZxQ+oL1SinRr3b aP3Doss7hpMONZmOtah4zCo6Fom4swE/4Xl7eZfLh2DsLCFbhhWrMAw+keB2 L38olri7GaGElkyn6ErSAZUPmTXNxJgIHDQec+DXVPBYa45JEsiOW48QAS0y QvHPekFBgQyQWEqpC9bSulrRijrAbIyc3Ui+H1HYNrZmE7EGT1SKrowpulyE OLoYV4MraUf2WvazqbcjZ8OWPfUOqBTLrI/id+GAMsfOxWNbC65o1XoeqQT2 sY1lxkblDXO7sWD1pEUecLcwxWdNkQki/lJmjxC10fDKVcAOu9o0m43Y9gfD lsLc3h1Nc4znKYXiOytL+DU1ViucVc0I5fS1sDdpGTAVUs1xkIFw+yLxWovG J0m92Niiiq+qS7V/KKhR56Q+T8AYarZVai7HgeeSoBPLeqjPjW2ERQR3gMxl kUggJ94KbcXlRjjPrQuXD/2KQaOIVG0JmlgBf7wv0gF1MJYZnLWepQPiGDw0 Jm4MOGYBzv5btPWmcbnGsOehXC4EUyHmt+Jap7d17O5yZCxukNUk8ZWWGiZs pubNfKCmWZrluIKUhXUGbXVCEMgEx0bh17MYiHvg0X+0dEBpNp8FtaAUcY8v BH7qfR0EFblvH8rvjDwRNa8Pw1UMLQ837DQVz3ZVTcldyo6ci7aQbRle+5RI lVuXnk+rr/KPSeZT9tsggVfu26MQ3J5eaI4+Fud2cV1XqTq1BHM7kFZ8cyEB kaQPbjHI3RSlfwpFsrAQz7Q+lk6Wg3w6aOtkqcE8PuhONR6/Lhg+vYkl/hVm cN7fCx9UXer1ByvkEKAt+nKL9K8F+eUlrcqcPrmUWFzAUFagvysbmX3tF3SH TjGi2nyFlVcTyfPaLLgc1Xp1uHpt3AYuo76zNBjHXm5J7CjHrKeVOXmCAl9/ RPWQopHY5ZasOfchIDWi8Xy7HS05VmL4tqt+i30L4INJZBcqmnVJOfI6SaL1 181s7X1vxjn2g9OLo0TunAsVEKj6M+bZfJ9nisDyaSQ+kJ4w3MPPgJ5exkCq 2Uy9WtLIbom8Oq7yXK5pm1tfqcUfey9llIxnOQKq3KylDy5e3HiCQXMXt2x4 sIEfy3wtuUTdFCggtNc1IHfxZLAIB7RslXCtAewqjGWcoJTzrzyqcWfohnBZ g36pJUrsXgKURb/G6hpVrRRtsEiXfkbTNyYmsyQVDxFXKpBvjYus1OsiGzNE lFA0Iae/Ik5a+XTJRrvygJF1Wpxc2A3fsLdgt6697wU/icg3EcWsbq2BP8kw Uvmxul+aPPVjlyccnKXbXwdfdgFkWJ6WYA/ABsF0++27tzt9NDvC63PDb9ws OH0YxF+HQlcHuT64juHCeFEGAc7jKongynFEpK2cB2325zu149kMpVsZkRAt 2jlaAYXMxCSR+XJE5SydGv1QF3tMgg8e2wOwx9kxIelvsRl7OFTKrMmS7YHk l0b3ItGy5K6RJLZT5gcnk+CBdibEjIAw1vINfZhQn7R/xlCict43S0Kor0GR ZkEyLxejJ8IWoDMSTiEN2x4Dd8yRudQvU6NTbKJwf3OkvxwLJpATjv9tGUaF iOcT66ujylr27ZCBJ49WgCsTzsCNGzC2qYNerAA65iFJZeMXgzZGEWHwPRry TIluifipSEdJtU+rl2geSeK1oHKlsPH5G3OdtcK4N1QH09LaLgjrrlDyc/QW o/A6qsidSiXpv5BS5EvI/Rwdn7z6cH3+5uzd++vGW3u7zmkTFJ7jty6P356+ e/Ph5fHJ9btL+9bwsLVc3c/Rm+N/+3B5dg0vXr05D6b7OTroKHIH+7q6Pr6s L07n6nzr9Ozl8fvX1x9en51fvQdF3b512LYteuvi8t2L87d/hr1dn9XGhLmw D8l3/Kp56/MRVqcv/7RVRPMtrbdnYSC4QqyxJ/nQcsmKcEFBLPmu3i15kizn +b2PetAK4fI4BYlQRa8xoiFXRh7jSvIJIR8QPBApCq2f4odDZGUBnotQwUsr 6mKFqKZFA0QTDg6J1WzPzdJSSezcu75b8puU2rbnOGGTmCAeTWVg0ryx8/ON uNRUCHLFkH0JBUr/o2RGtkTadXMXGtMOiTrgdI0vBj5UeeBBuiNJioavKQeZ QuFhuZP8rh8lw5uhRaz1nOVRaJCap77JS5RRPsjU2HMP4O8FN4KrmvYq20ya wn+Ek9c5vA21JybKE0oTU631xBWQaURZkBWsqAGgl0pM5TZPKtsyvRp9+K7X jK/CkxZjrlWyMt5nMeL1fkfLeQOKPj+HrUh0FLJrYZuc8KF4Hj6CoRT3tm2R vnB+isbMYGHGQtXSyMe91i4Smpdb5iQm09LoSmzpcmRXCSWCNOZQxaN+onSS kk9VprUQXJ8h1mr6bG4IIa1lN2Yf0e6ng/hw/+BJtL0FT1NH3uOrk/PznU13 CMQ4XZLx6BdtMnYOm+7tqemWt3fsmj60bI0ppmgSrk9un9sCkQiDNpkRBS0z +aSWRz7IwfTFYTzwYGl5ApzF8dnV4OTkzWDv6eDpwWBv/7kuENtcnboteref y1X5DdZy6tfxw6vTlxiyP9g/lH4Lh8+ffk/YdlWDIBAqG3ApbssGhPfZnurT HEU0kgHYIlzLyhOz8UdsU6W3L89P5/ENDc8ipC8bFEe7A7ZFRB/TMAvPWUU4 prWBwVbThXc92aNAPIHFYL16ie5y1AzEBEocyaT9yHsuxj2myEbMj/wLq9JU JjedOB3Utl/Ezk7Z2DXElSNknv1v7y6/tXU7eEgfgiNJG1xFDyM9xXj5kvxR UqY3k3wtXFmwwyAvFfXXKdtuQzJ8HuoyDJogjrDdBYM3tPpr4FHoWy9EbtLb AH3LvnaBXFIgOTxZBDFMtQ1hr5Dc6+ol57YGj5CTjdydlLFGHIq7nY1NBSjP KynE34/mkFbByTVSZK+IrSEVbiUK/J8blj1lKNmo7ClcJlzjinudUxj2PcdK jUBW+hgSzZsV8GuAa98k8TgwxZy58hy8uOOyzMcpfXWKMtb28dnx6Y5plTMS BxaMxjBEh6sm6S5Wr8QfQJ/M7EKsXcHhtgaOfZONuoHrTvrF+ipg3C7kPkIj dWGy91dLFLhLO3yLw09cGm0pD3XW0iYI8SSILd424Fo6dQt2YprBomely9Ko ryeY2sFr19FjVRNfDkVELS4Wq7X43BL061pnYWBBXDVPzIASsuK5QBCJgIMF bJ2+ddWyuZWlCTOsiXkUcNTooexLbOSsSmmlNcSQrq3XKpU/SnjMJRdk/In0 C9o7NnmjerdjLDa79H+hdI9Wpu7rJ0Jq/byNco82adEYCSsjXMhprHm1PRbz yXB/uF+7jEbPs01oP2eNyTL0LgxIbQvgXCm9fkv0uh+e5Q438ULLEy3THWQl TjSEE9jajLu2MG/jR4+X1Lv1U/RiuNeAr0jqblI+W+nzp+sMxglcJipUuncy ctdEhBAQ9GVtj80hlfUNiJC8QSfgwJPqiLqQYNM/lWuE4jxxNpZ0bVoXuw4x +qzIqc8qZavJ80jd0GOnMcSbdE4lK1+MHaTFveiWDaLpHSaViYxSkhUSD0KT GVsO4lFwU27mrCiAav2AYT1ktFDFO8HPP8zkc8BOehB3lZZBJMlD6eNlOuea eBiftkQySZQnyyOawhtGuXYPu1+SUFplZ5sbCLgJeqqQf7m3W8q4qmrvBSue Ed1TaBO6wrI2CW+LU5UQNcTf6nuyOxuLG4eY6ZQxCqvBrJZkoc2CBOoGwd0m 84o1oTf72ccACrlvJrnTt1NNEhVHpK17jgXYb7Wag5hxZEXyJrnqKrd3oC8u xVIS0xcxltfGFPF4XjmHEYdsY4X3HfRN2ivEweTujVFFKIbNpH24fMZYol1R TctvYAkhSJTEUscund235JOsDychtRfAZ+t7PHfJHNbSSL0DHgu53sSYT4DB DLBaxxW8fo12dd9zkS1BC/uO53MoYxoRU301BsJbNeaGoj509JSuwA2ooqcA LJxms9CXKwIHF+ValGP1g7n6Yaa5Nn7C2GShybdpUa3Y6jCXnMgUaXgRT1IQ zmfpEt2crl3geJZTVFdorxPNxyI2YNrzAenTsGVbn4Krj934UtfBNsto7wm/ NiccIzVyuPbwZ3E5s60wy9AacLD/ZE8D6DpGwJoYRinW6DdnXTBWhT7Vy4kx 9MBv1U2ISwFUJIPsHBgIs5EKeDadfegQv1mlE+JxYmjAUoXA0oA0ZZX4z5mf Pk4o5IMV1H0sJH3swiEfeI07l/nN+1qV3fGQrsr4ptGQFJQpgWtxjcUH2Vnq EZb2Fz5CNYtvTPoc5VVXQXkbiRQPAzKUTHo1WJu/efHQh6xQGA6LWvSyUUoq 4oxMAkf3HHJHVHLlbHkbJakHW2cjiWg3fd3sgP0yCUA5ziDxVbUKg7RMUyOG +tuj3olKruYPccFdPvwCyxWVrgq9qeCB6W0pG/Frd6jkTYPebE35B6vH95sK QT8EnlHK+hvJA8KdDDQgGWltALfmB9u8PQzyP2841kZPRdFffW84rd5dRt+5 XN1SnYboVdxgxJ+DbnPyI0hVc0NS17Hji1827BviBngBrylG1A676da/2/xW wh8Meaz9bHorLa3OBhzyIP7W4xFe/7ji2FeBMOqDu9Xdz0y6yoakyZncav1l OTDD1kf05To4vqcRg04UwfSaOFLnUluHiX5QNq9BLl2Qiouq467YQYbxhUns rDew4GaTKKGz6AljEp1PHw5/DhYdJqOHqzZ1z2tWttR7e3x5h7mrJqT03C6c E4YFCaRVplbypOe5WPvG9QKC4p3eqtuwAiFBAznlH2wHatZNu+46C5LaNr6d 2rtffT1adsKW+AxaerdzNQqB+Xq2RQDPda4tvNcNnhvA/oV75T2/8hAk/RIe e71moq84are9D97UKl0B7ud5PFEi46VsKn/I2aQkgJy8eHcpotTuwfcq49Kn xD3ZD7IqtNgSdUwE9TkuXEU2P5X3ADSbjtRWPh7lhURTPF6QAUHymd44y6L1 2CZdF2/GLdn3SOkwWLeQYRt7u7Z6yWNpowF5eiPQJCL4mu4mjaDPcKfs6XEF zRAqmfTEgWeLEAjHLtywQKeog8XFu6vroXxLMZ9pyTlTGih68u7tjj7QmpZT qoN6a5zHyy19tp5cY57jrNBhXCzjraE1MYLMPI4x5F1iX5s9UnxiTKkpNZO2 uiMm9lQK+wUl+/0SLzCQvLnEv7t9hO5Hd9T4YNBLJ9BfUD4xLzfsUOzuk6yS zPs1CP9awm6aQ1qHsM3wYdqH8bJSbbTFCtbMZtDNKsFItbX2BwVEIjtMFJox 9RaKTRyWTUhptOxpCRh2ifo+0hduOoR49iMmtUAxBPZvy3qYcM0VgWGyd2Eh ko4wbtNlB9YarJ04Rms0dWAzebh41rkJ7a5ZDhqblkKFAR2snVNJFspVIYcY vi8xaKZQi1g6a4WlXet6Z/loadxhIozYEmJjjQm2ig3inau8NdxZaTv36Iy1 Vob1O5tFhiZFNtGu2b/0JCXOSBYyCevNnFE6841HWUKkWGkbymJgqvfi5GLv +11h0U/2sYCNq6WP1h9QoTPWod9fnkv+I7emuAMww0J3ZJVwx1V6N2zCIYIA fwV5O7H7WZzxAbCVCyMy31++xg/ukpFKnpVWf6100ze5BA5sfTf0aYxb0bbt BXn4DMun7EgUNsdgq4DCB9pCzuP5HdZdbqPqrLlzQ0pbx8lUeXEpmeeIyBNf adwcp6uxCFJ+YfoXmApejorikQY9VErOTKOS8lg9v69hLOOk4KL09uJslxe1 Xa58miixCdQOMpAdt75D9vCocoJI+A1BYU3TqmZ+CCpMDwoI/LaREGQ4Kl8C O94f7h6AFMAS104rowhzrNdyiq6Q3UeRMRtSvJE3RSjv2YLsLgc2nSZsujNC IvCWFeXh1kqY1C4h9hGso0Q0G6mkIQE69Yoa3lkbVh8MTHRantj3XHFOPlfw X02Awy4pGng+1phKx0btFRE6LZv6WKqBGVXNktpWLh/hs430dketBKnYevTm wL2SXiTi0AjyTRALXYe5PgZg5GXd5Fvv/BI4xsO2YhS3gc7HflMdjrUZQL4q 5yxHob2opmE2Ah5ox+9GFAmjdNM1wluuClywq7SQxNSAxtaq9uUIiE5a8dZp Pq66PCesNEKBkNtoLyqtTuhq8/lao7kKanVNirJkpAWQNb5QvWSf0BUggVQW 6y6b679p1C6wix8XicRQuscwE0fIm+NIritECwuqnwdDSdkEIKdVrEIg6rSG oJMik17A83sPNEF3vQDo6c4CQ3zdqSAo8Z0jws4kYiMeNFu2eV3a0NGVkJFm oQMYFATVtJwlk0AncR6Zx2JnDRLsOVrDQNJbb3pp4WstVp7/Ml14Y/32n1TX FAO3PVtPDdzhOU+Zj7WTbfnI+yBgf6deN5tKx1Ok3HqlNYyVeyQpRD17WDII lTL0TEWuPYF6w9qqDxs26Cgd92vD18MGCd6q4WDaHjNd2APVPhxDcIyTaiV7 36SpYyv7MNGVD6w8KHirj4URAWRyIQbiSwzhtKbwGsEKVy9ziezxGhNuWnk1 z8Vnhxo9p/SYbDeh06TgzO9dolGXHUDbGUi0RYsJAgjxy5Q6cTm/Q5uGHijk axVx9RNr7hbfCd3nLKV69S0QwBXRMUICo8RrPgTXqQyPm4oEqjhANf6XtZgm FVZiChBKWYKpTbaBzwOzGroy251+pxnh2lDV9/9Vveq/s/VWGGb3SAyPVE8i Pu+43sKF73nx+RvsrdoM6/PviNWdrPIuPSRx5dsoBzwsgiTxlOw5rkn+Wt5L SoaJwYvwFXRgqupdn7oeWY2oLBU2PLrVkIFl6zToR4I4UKqBqD2c8YuTyt3q AHYkRM6W2PThjjVc19CrYDmu0ST37/NaDRoNEglhIuOXPchou92v2kWudlAD O03jmwxEAFCoGlq4hl6q2ojBwOueB3GlbNHLtdF0zZTIR6kPfZBBvEPP7pu9 aVyii6riVmqUEYfTCn3axHLSeWIvMWbwEMiwZyaL2261QNDZtBrgUJ4PTJC+ 4LkvdN76pm36/D7zENnJ9G3yVHC1fjf4lW9d0Xb/zE43m4/wbo5lPTJpMsY1 nX3EUcMvL/ZIjBQK9F7hCHU0C1qo+MIN2lVNFtnMTiBQpDKjcvgLTuCNYQPv frz4gKn1P747f/vh+Pr67M3F9ZUJvG0k/AhTbHby6ag3T/lcXHCMMoPOp18x KTfXwhKjroWGKKH/hVZenx/TsXAuM+W0kbhRg9DSNydR1DHcW9rJHSkejVrZ A98oFovcFqkWlOsUeGTGuoCk8B09Ehdso3Re8+ugXix+ryOSqTHDafaURKuJ OuLMIg34VF2BvQTDTebyIa8+TDFodh726nZE48Gxf4099mC4uxttv4gnSqxa bbLZZlSrqRqt/Gsf2tWkfiQkjgyUSEqCrpEjrYhW40Be9Gb1zsXycS8/d3aP Ao+aj2hyLERKt3JYq/nBmWBEGvH7MEGe1o/VtCIDYwX6R40UljHmoWGRiHl0 n8Ro+HEG6JQcMmk+IV2ICt+MQeCOTKNjldlFcEIVABPPQG3mNBuXhSapANo1 WLNpiPxxYzhVU0rN8nEeFfEvGU6kKVOGS3Ulv6PQuC6niLPrPn+2aWdfdhDB SLi19i3t1bBtdo411I+bZs5trU+Edg6XB9td+5BL6PI4uNrElzMq25dN0g/w k0k65rOwJb/EcoGhtFN3WI2jsadXeoNvLeGJrkxP3nfHSkvqCE+ZCCavVc3F RSI5lBR7Vs9fcynJXLnSpe1pwV5vcg7HCZJahj3VZQELZnkpvWuMU4FinG2S Se1o208WR5wnMVFB7HHrj3iSUGNXWd6YQ6h9WWPZCR4bwztiJJlgEW0Krr/s ipWMWY6gyCk403Uwypc6z9k4suF9YjNqzHMmXB8b03DkLc5dt8iGFHyC90E7 c4gqgOvMCv58N1mal/zVvjZRE1zYFj7WHKeacYCAYOxDArLkzncN1yrAK1EY 6MuGmYvDuClh3epmsiPdNN5aaXoC6zIlW8pYgDFig9rPeL5DrctNFRjtckI9 wmHm0pAUszR4QgLm3el4x9MtrI/OFys/rjBR5of8LqGsZl6Z3LmX2BuM0JKu vqjJzjzClX/MYrhL8obwlmPd2XPhn6mWOEctyjAjdRICRCFmGPQ2Xa19+Ac2 3kGCiSVbSW3A3C9X67QmImNrd4zQMEOU9cwLASkXlqRuQh7PZePV16VCGwVt SSMVqliflDM4cKI45Jac3GfxAsu+Y1ZeflPES8A/X9VCionWlCuKFoG7mjN1 XJPjEOpcjKYuyxXjGdDRQvJ6G0j3W0iqtuyyjVVB6k9ucnS0mq13mfP17Nzt TnC+oJK7SS+u50sD99SuQXo9Dy5XOrs6BYfbb0k9f1Gqp6zjKX4RdhAoICAK 4QDJdU+6Y0mMNCtkTB1Af5nAORJVDBJPpXe61HEJ81XFFJ45R3VnPL0lUF1H q+ZxulC4I1NxSaKRg5a3GVaoyPyl3eWSz9YnP4vG4TSLaFoHHkOooyCyZwXw UlvYwr1RU2o6DNcqN7gDk7R0Z5der53QsXtvrpbeBwEPq7AGdDzWojIu/Lk5 nVuGMTeTR6OlQhWastndouJY6kOru+zSvnefVLtRyPfYUDeYrUEIVb9tBUWb ys5LayJLGYn+yReozWfFaqnyzFfKEQz3Ui5IC5jYgGftK83KqezWFV6SGuPR c6pEpGmVhkigc0Y74jhxuyVzXmtY3OT5JFITPqZdEY5mFDvwE1kLHfNxQjdF UaFtsTS1/RCq0kniQrDqQjmKk7UUYzxGCpCwpci1TQXXrXVBlH6LADFzVWbX 3bpEXTRM2+pje4At1tABA1R8XTlHHpLCb1EaozY5mK1X18lnH8kjQnTynfgc Pn8TBP6vjcV3qQcuiyFwX1jrvXbLaKYkBIkIw95VvjCROTqU+gCUiBLY1kKw Wsi9MwQJgIVRGZLXp5etrd+7ElL6DwwnQp5YIyWL8vGzCMTBFCYRqJnGRwi6 EG5/aXCvo1U6l3ZidHUL7NknJdnpVe1+VpOdxlxiAZNMSCXGGf76oW5cRzV2 sYiZy2Ov5jshbTH84Rr0TfNV5jqKbtEtOvNLiaE5N4h12KAkBVHiAznP9ENJ LsNCREdk/WrmCuB3Dc5qq2KRchu6VzkQKmXxBjBSE3LI7AfqqUju2LPtBjnY heomEufckk5DVP8DLuYDP+TqAHiAe3P875S0y16OSdi6J3BhSZ/XvkCjKeGK 294FzWSYDP32tyTC+y3sYqvvWQVQ5wWVXvhdS2B314H64MMH6mqG58YAFlSX JC3QVCmoarBKCtYslYBnx5bMPdXvNXUFz0wtjz77X1xvCWZtrKL4GANfotZI nRo0h++547ULMMfjBDtHpc5eSL2G5k1r0R65ao9FdSRq1manG/VD0bLoCo3R Nsxy6rrJOlZv6Oqt44OxMX8Ibcyyh0At2cS4vAFmTBveRSNpiuvI5F+yg1zu Jea4xQ5nFWlzWrEGAx5Ee61c70Wq0ygcbLttxxze1HBaBlvCRg/xGPvDaVSh aJJc/H+SjFY3N9w1WqmHUvgPNArmWTj6WrZeqMkF7CTTD1b+fo3UGnPGEX+v MSDOpV7/zMDY8eKe/Funl/RiCwK5Fw/lX1vC1c3YCeXwwnN5EYQN2HmQJY45 362n6EtvR4Urvn1F53pPBhOLlEZI39JSGaenrxHNbxZO9neRyhIZRPrXKL9N XKxDMCh7n+uFC4JH/hR9pnC8/wMO9Shapaimt//8ga6kx38cwsOY1t79cPMa ZJ7n8Go3YuOrnRfR+xJspAZeP0sJeSwpj2RhKQP+Jj8/AzqT/3QcQiUCjuGB 8NyuPH+9Rihw1FZszNyc17TvFD6LiWDORjWEQf/6H3/9j0BL/evf/vo3XgQ+ 5ha795WLePo6/+ni+G30ghXTS9AQ4B8mg8P6SXQtwmOCkUYsFtgi9LkTagjg HylYyoKWk2dbWYMrT2Pe2Fii/QqBtpWPfa1A+8uE2TD/Axd8FGGrcaJprtEV 27FkNx12TzY0W8uyY/NSgJdK2Ebc7TkU7vLCPyxt1n0+iwh8ZA5Z4cnzMZBY IMYx02qL1kNxV4EYMJ9/wG80o7257W7+331HoVApLpy1I6MkJq5sbztByx08 25BDKN+tzF3Ral9dylXe6QrU5FshP3lZxZSyindEI3HUR+nYA1EJb7neFtKz ox4Evly2uSSfgEx4zz1Mo+X2n85HhZi2ap8XAmp118OROJxQzrGOG3VVtDSh qg8RYmPtyunhD/5hvfvGIL/o5mFDZFPlUOUjWmpHW8WaahJWBFfTpbfA7T1V W5qYmvxX+JeVU5oxPHtP+zUFznUU4PKJiTdhScFKbkg70Ea3bkUOLma0bD9R sE2K6dLH+3W5s656uGxPUlix5TRqnGHRYYzMe2g5NATy+WAt8kX7SlqEemcY l/cD1OPKkoG62AYJMpGvvh7kjGy01pYsJD5Tqs09dpk13V072YSn4pX2jJIu uBoSC18DvxdkHM3j8cc5cIJuco/fEvdqODA9sXbDBAlMAtaBe8ajWxcy8DG4 EX8rgsx7CygvdVcH6keRRGYFpWcqzU03b6lWnhT7cFNtbc8BWCF3TTyD5lQt xwqzz3PD7lrOwvWHq3MK1Tf7ppssLRDBh4MiKOjT663ImkTaqnOeZnWHsGYd 5/lxB4NYeuuiipliKVEuOGc7pC8Qil0CBR68Kz6qATc+agKECH05LU1vyno7 vQCDNSmBXKSLnJJAwuaBNdNJ7A+X1Ge0cXVlzHTfhpyz6wqcgfJlezq2vcLG 6Y65gN0usWjkuJHwQNkMrvwBP9OWxfA7370IULvRGmgbJbAspRpHzGakQ9SO a1Dvrq7z6Bn/xWcnkR7ctEiziGqhY4HpGtP7H7JxKqrVujB9DSX4CpA2FSdy 07jZ7Ta37eCo8x26jzmi24UFZRraRHSwyKvKGQH51UoCdWwPxXoXSAf5DWDv QHvDodoPom/MicqNVaCktLlZrUOWls1oyRHiBKbFAgBIUnTCDDlvQa4vUxL0 kPD2a8DRQUUDUIRJHe3sbJzZPXtgwHaWVVdHOYVTy9A76vtmOWP1Ww+/ltgh HHKTABaaf1lNNwuDrXcggBiPfEh5K1o4ptIhq6pNL9Ryf6lhr2OSX2HYa1Ga 3Iv78m+Lme3npixvZnyy7kUr9tWXeiD/tloEPUlv7vHpuhn9vTVffCb/thgv vQGl7fIesieGV/VbGRTDUZ1F8coXh3sNF/qBanZ+wN5NSC+vSB07N4pe02/l tHTRI9tUuMDcF67EGy73o6PoP6Lf15bxNzRN/qEF2uStJ/BWfZlizfxDA9Tk nYNuq+cfLJTJ409pYb/DN3g59nEHW/LwMzG/NoeGhx08rbeAeiALMLCyGPib GUfXWUTbjPfrzPaRu4OyzRP1NYvqtpC2EZ51JKe+KH4CRbp7LUivegUPTck4 LRazdYtqI2rryFljUV3Bnr/mpNoI5jpSWV9Ul/L6q66vza+zzqNTX1TL+5tB 2LpFtXGIdbyhvqg2pWGjn3WLauM+6/hOZAh11SGM/+pFfaV3rXFS3e8/sMhN /BVkLfcc84Oa3a3rwjgvwvqyFFIolvrH82UgextwZWxkb5+/Uf7JvL3G/byt 1Bl6mgJfxkpcQ+M3hNIFEy5ytNMfEbMSo7PBpD+4z4NYhgYt9M+ZOUzvhTCk n4xpugCmrvoxGVuIsYncmjodVXUeVFekrTnKMiCj3+TanivNRMvwPXtcfg6v kbS+jMpTUDJnPA+i720EWtcxkpmfS+qrpUlM4JnLMK1dm3cHUW9gYyKKYfyl sBgTCzfsXVKXX80YsEn93M5cc3RQQMT3EnYrlCBxnQ9Oh2lSTQcYmDfQJzG8 hhJWuVkPF4uJ518XttW5r7qbq++iYSklEc4MRMCusBL4ti30p82k8JBlWluG 8Vitw6jBpwTcLjiWXszfi/hTulgt6hJFagRJhyOlM+7QyBQfEsZfdT7mR2nY 9R0i1JK4RcF2GcoSAd9I8G8rFMEWJbyBFYardF1CG+b22/C0bhu16CoOTYeo 7debdd9o3cLfCJST86HyP5RfgMAcUDapFNpQTc6P3x6LhxVh9z0ehnGwblsP qzst42vd+eXhddE2xwAMXu292h+cvT0ZvDk/ebK/o51+mFv5STXgrxl4xymX wQTon7AN2H0mIGURuNatLErFt3Q6YpVYYCUqG1jtjg/jmFxVnpR6cca1UpzS OaiUqOR5tJJcXIY2Wh1D23ru0e1b2xzjN/SvOVQP4QdxUUawRY49B/OAJB4S d1e2vfx/E1ojLwMedhQdtzO1DeSBr7yFOpZSOEotdb5uwJskGFZPGXtZfXpq d5jP8xsXXcDJPRitnY4piEYrW3KU9DWFFWgtMCb33mnuXFs1319TUxTPeK70 8N6GIdRbGODe5h28nS+fi+zTagpfBtKBHzWX05J8jmFzuVs5FKfY15r2xGxE kGYE2uHIwjmDkQt81VVIjiZm23Qyb5YItC/GZPgrzEq1Odoj1WoP/SnalvAz FhMCMV+C18Sa4tHOPOC+jzzdsd+TaccMIPhSf2BnExNMZOPRfM/12gO/zhbz cExajY9EJjwNO8A9393fOzwYuMZy+8/hi/dYS+P8ZACP42WdvQBRVUbQz06P r48JIY5PXr1999Prs9M/vzl7ez2M1quALWt6emANQw+uCR5vrEk+++3WxFPu b7omasRXX5R+2LmqTdck98ZrefJL7m7NwTTgaeM1PT3QVw42XZO9u0dZE07H rxxuuqbg7jZe1EZrsjdnbUJfcXctx9H5s/Ga9OasSegr7u5R1qQ3Fxlb0Nfc 3VcsapM17dfv7vtN1/QwffxVa7J3t7f7dXf3WGuyd7e395V393WL2mxNhtvR mvY3WNPm/O1XrYnvD9b05CvW9PX391Vr4vuDNR18xZq+/v42scLW9dqO0HGn lD92/Dg2txd1AuT6bYmR3wmD5EtNFvr8TT1C1nQ/Wxdf7+sed3n1bUWsuFU7 AQ2edMQUtO4Jqg8Uf03hwFwuvcJ8Vk3v5qR6UoFIjYWHnHlUwjD6ktjE8VWY hz6fSLx1xeWLXbCxj3KTeDPnXouppkDMhXbIAokV7i7PXp39O4Y//Pn98eXp h+vzN2c0Ihmp1XThgyzS1prpWjhEYkWpNi1uUQt/aTRJULVAAq9J6UlLKZON udaZHV1LI8/i0jf1c71B3EjenrKIMULOVXPBdC440W3st0w5xxiUN0vmC+64 8Hdqo7LD+ffUpfw4uzct5Gw4KdpU7pPKVSmMRb9a5tLkN0kpJAXzRLTtMFaJ IissKF3cI6ecJ8kyNPdQmyNXt4cGH6KyfCNRQrg/zlLu84u0Pqep3uSRrRMS NIWP4XweKT85REhNm/GI+ZYiuuDvtw10LHxPTZdu8/ptre54J/5JhZG1mCfY ZrGLgQ3nofNGe4Uri4D4pNYeh41so0C7Fxs2TPATIaHzWyh4iwWDKzXW+uGE Jmm1bSyxLXtFjYFcnGyacQmslZgsHa53UQdpu26QxNd5sr5W/LaEwyPgdVFu d3p6rsSGNOQlnJBX+TWyOjTa/CSgMpPxSFbDvQYmDWSHC3iPr+ErrGSHfSaC mjzGKBU3bdfBFDFtwNE9syM0wDi44lIOVJCKN0NheFKYsHGijjbzydvBkZZ2 XYWHMT/nfwPZlpfQDYd0uGzyGrnwK1OZsYNGl9ZGxTF3k/wObc9JvJCwTTxK d6gcSSxv+wL2yXQqhquw3h2QgHS55MQ3T+jQE0D5VRTKzrH6j0TF3nNaFIpa 0VU1iUDeGu4dDg+ERNXMXsoAU7VIc1kXqjgi0hq9jY478o26msPtYcW9Kzpd uQRv8zaW07JtdDLOYtRLYIisxUfXolRbTYlssiRIzMZJLVJTjebpxJqFscH9 YpRmJhLVWuiAyuUV1anHoFstPpWv2Fd+frp+U3S6lG2CaXe93+lLbxChdj9h PdRzaXKALZvS4i4tk52jXmOZas/XFhXDnl1k8zk5qocek+HqzjeOr9lOyp3A 7LxM4Es6obuZYDhhX+AdH/ZOyczOgUwKV5bx1Uoy2BUuNAyKAQDm+7akbgIt y4u2KZG1Efy+05eIpeYrfV/xPSyC5fOncC7XiZOM0uqToOJhVD0I66Vp3tL9 MtkuqXqnlotJA9nO0cJO91AbXOxF2/QJCFmfNgCHWIC85mVaDyVYV9tCSnMV +9H2wYBWevZJOorgE1dUVumxlvXVwFtLhUs+xdT944DzEuhGu0aySRR+Z7ac Tln3WtWxvO3cnkTbz/9pz+35f9m5nWckdqA7u+y3uTNt43MgoA1vXD0uh+pZ od+S9uckWkpKVdnGy2U53gzVGkOeYa6wZAwc0FWaTnrKPOD8pA0XDAbvEZZu mefamIEG9LP8IZE3VuiSJK+aNMheYKddangIw4esByMeuDBkGe0fHvCTjuvt Hx5Ky2HsVSbe3NripJIciTGUQNUWWNLbiHcFfQNEo6YmLigcVcWqZGneNwcl bYRCTd0gLKmpl7ItmcYX4JsnMfbE9MW7fbrNUty5m2RRcNWUsYLThMsgsh5K ZoCBlIJT+WbqXaPD3kWwcB6Fcq5HvnihbwqIkBvfFAknYbsi7NJnfhJ0TEMW WLqWRraCrtHgxNwQCE/l/WKBdWHrBUZdX0bp98r58ag68lS2CeGVNCLRFW50 kojYQYhByYSHSj47ghbqu9IGiAV7/1Bti1V8E22/OT/ZEV7KPZW8NkDZsXi4 hDtrh5EBokV6MyNLxSor42nd463VCmfpSNP6mEIJE3cTIjDQGYqlF2FaDKwU tCT9ZI6zLMGafgfDJ600YqpB3yZ04rHqsVGCgg3P/fxNI02CdehGxoWr8uQ8 8RhO9XDq/XmlfVvCIDuOzdUgBm+QrAXw1at8NcLS2+f9VaE9tTg1l/mWpf+5 cvUnJHARqXlQEbl0QX8U/WByHtOg2nBcT3sL00bLMGhPoyrChDeYScuFd9wX 1+lIYIYPWNvfRUWlEwpSnTbmBaaSU1nraZVotV81dmj5QtuP4ZdET7ZF8Zh0 PuwJ5vG7OyHBLzH5tEwLtx2/XVpCcYvBpgyGq2VQny2nUsZ3/i1bgD0c1Bk1 /JDXMoyq+2aUe6HruonuLg3eVqHtT/lc9M3Gva4tJxA3CllIr8ovIaTxMmmH Uudbu1FKITCuTizxO0GpyrZJ8IFwil+aRVmLO+xTOVHXQaaJJFwebcrBa6zG lX47LDimS7qeuizxy2ONGnfSHm3UeOxP0X9IuFAzrSaMFjIg7L7HcKTe38JY of8Wc1ITJH9rg1IXAa6lHjNFMHlBjRVLmoFkQPtUXFjpNZbGWuRa5Pe3oPeN Co2R5LrHRT0GcBsbgzwYQhoGiwrlas03agab7jf21RE67vQG1ICmMAZRIfp1 SsGMTokY3bcrEWxbWXFz6FYlgjh3a736aWL6YjZGN4dmr4wLQ2lfLC/+8o1h NoSWjSa0VsGtzkDYlBRA0Y4t86OQhfQrc/Jfmi1XVWmAnXNjrJErJzMkGw8V ObBKGvdnahb5kCqRptSFkHVqMeEN0CR6NtbmJaC7dCy9s/zj9WBbtncxvrRd CUoeC9S+M7GrSgHruER9aVlg5Y4xt/AURtmoAd962FIY3pfujAXSGDm4MUUu ceMucFYW2pZB5NdsGuES7iZZyaHGcaVNj1ijJoLKZntaRkLVce5ye7AWudkU SNe39lQNKju6HRgGVKXvkqp9lYMGS8SGH4VxlWJLJ/IwO44YUokQ4am6uZGQ teYAN+4lp5tKQ4i70mVTvbppra/rCrt1LPOKQorn8/uorQC405bXn4oIH64v mkKYLkesPFS5nCpaBLzCrwJQ0/mvfONdpShBf2Pf12pETTxvTBU0oBsrFIVE AOQzC3RM2wY5PEiAv5P2O8ozMmEZLLHNoXa8paz0ImdgL6ej06owrvZK56Fy 1bavFOHN6twOYGGAG5V7m40ZhD55C9DFozKfr5BxzQHgpDNiXeC6nnU0weJS Qxk3XmChv208kexASADML0g+LVy8Mm5Mlufsh0ijqpmcQbcegchXoT9dudWj qN7d/e1cHckHyw336v0926sYd+vbQS+8oIagHdRrK6pEnqELc90j7AbtTg7U dpjY1ZKyEFmgaclA1EIxmte4thimSRHMHlzfA6mCeGBH6HxxtdiwltoyHmHl Y9IDpWhVw1HprLsj0xiVc343zj9rGCHqCWjN3JZGohmuyiSbremoiOh3KQlm W2EGWgiEk1oiGpxTbYf1IzPVxh5rjzQvBvOtFo6imX23ljHdbq9jWt/SQylN ne0i2xoWb5JFZpTysTQwE0lgy9zfVr+5RhIpys6EYmfm8F1HjPt7IgWQmhDb 3no5LO7uqsS1LavmcMpWc8ACb0IP6uOzmCFWB9vyt5EzZkDiJqZGzFPLuChf eFw1cFMs/LylcETtTRscRjiV7LE2z4wTotIyPOSgMfSDxxLYQTaEJ6M4s5pB l30bkCKXp1/DGhMnW7N315vW5ZFtXt1S5ETlBn+nQPlXIyHRPhGubQuueQly 3yJxY9ILd7EvRSgHSsOUbTEdzRPW9LSOZfujCRrIdtX1X4eZb+I5YloHXv4X IcAvs191Cw8ou69joWWHmat7RG/vin7fWlXjqH3C3t96vfaV+Iw9+KFbqf0E SXnwUydu65/xCXpHUQaq0XeomTyQn/ffViXesvdamXhP0hyR6+gf1ejOHiYK D2XQ7vh/hwr84F7rKho1L9ETIu9tnGuzScR/Q3hZG/jfLSARaD1uNgDcrOS0 J9gAl7Pfa02smMPbVm9eUCJRR7Pm11fQQ9DkxH0BVXi4oze8z8CzoNYZr0np MFwDtOSH4S7cYfvi/Gar4bpdKbmuGRhghEB6Y0A8Hucr9KMr2wo7yru2rMgH IuYD0pYXADwpphyEXSQk0eBDrmXZn36TH7lluFixVp2Elu7P38Cp1Uuw9lz1 VwPjqBN3FZc1tnDT0TCwPGl7GNQ9FgjrcVZ5G5q1kpqw1rY6tmW3PbylGnHT 0Xkd2mfzacdEbLxzs22T0ZIsqjsUKsIWI+pI7MskaEIH75a8fRSJ0Szcqm1z vRFjbM7D9ZYMosOd6SQOG5q5JvC4N96x2ptbjoTCgDB0hoUy3v/NPB+RJU22 e/b+HOMHxGjM0iuLlflCe/JpkV/szly2N7fqrPAbdk6frgqyjzQ7qIcNi2yv RS5v4DsX05Jk9di32HdaDLr5Bg0Hqb+xpLVoEWeUrL3xlyVKBFYy8WkxJfz9 NilmSeyaQt+mFRaxyGFXUZk7H90m3XHx2mAp1kSv6CRNR9/EJeIRYDHAjfYp bu/DKnEbUidFP3BHYOqhyNhhxQiPnBQPsqqwEEQthkXW33k3vCOeqXWh5Imq hRq1mSXtfevh6MEuVwW1uZSKz64CFrtfB/P0VlUOlm1tZR4xF6sKDaiQkNHO 1aZNTLFgE1cY+swxroaNw65uckImI6LvHzMxuMLNktqAwAQAPkizAfw1WKQT bJAq9ZaN5gPY8TavxG1wRzAsNyVBU6X2lxc/DgWQpaZajTzHdp6JuTXqoklk T5NmSEIfh8WfjepHpYy/KxJp6+pq8bvi4EEnXbHpkbHetzw1biM1y6lhloLq tW29N7lzCBulXsFE5MlEBGQHuqserL2guBK6ic00AAnDD8bxHD93LcO4eRkp VtJ8uhwnWVykuV+BO0qKbGRLeowgpfycwMV1t9S1pFZvvGZyKTF9yOJv48yX 29apUNlEVSsvYAnzezI5wpZSjd3XRgik2WpbYTSDEJSK+DxPblJYEm4yv8vQ 5iWBJnCvq4qKHClijzmR7zZPJxJ3FjrTMnWgKUY1KKbwUCkZruH5SMAEr+MF BUBEN4BlS8rFkFauZJxFEQwJUlpNOa8sDqo0LfPcO9fq5gxmlnpAwfzSYTQt jRNP2wnHtZeM4j+Kq/HMtDBxKDCjQlHiBWDTq0ptJTAAAkRz7DI9HhhX/Z6Z JAN1SUaj/GZVciV7almXltWqGNmHPY8Z9rztD4MvKefyFoTXvCBSCGy/muWT UqAY/h0DoeKujTmuv5xpKgyvreTQS0a+0icjCK/H9Edd5xYz0i3lpM5qjiYM 4kHWxpdmt/n8VqNqkuk0LyrPwt2JOqcOPE/YggL0qEjij3LQpUZCWsalu4SL BRmxQl/sXd8wF6VkKoD7G1JhCRYtJ+DSIcyt476wCzUtT+wiBlpq8BXAfhDb StITx0+7nuxM5uRU8drsGVee6xvNCivOYQDC2/Or6+e7u4Pvd48lNtPHVbgc Yo0/VU8Tdlof64mpN9pU6q9I9g1Lzwc16psl+48ZWsfYFEz6jV5QEBoZdlKh vzIDp1mhocincYZtCDhanFqDIwL4cG3Xa6CtHcHQcEQ2eGpN/Thjhx0VGys4 W9M2z849HOLf1jMKm1gSufLdygmTEAQx7uwfJD9gjIXkVus5iCRhuoGYJOvR vQmcay90b/q2+l6aJLtUHPUglg8Ttk2+0vz44tsyrLEv+muNIruVUuUrBgAk v4qJpebE8l3N6BDpYlkbwBjmkhIQXYp3CBRv4kJxNoQfTsItNX8A07epT83p 1cmFVYJMVwqfcOWAcKpJnej2GlPsAeof6MFaYSuQxhjUcIEd1zCIG6iIxeuK gDSBa4JDvksnGJ69EgdyXHmpRiJuCCaAfEiXbhx2C3FrEc+3onHC+c5eDg32 v4g/1lYHdCRjjhud5lemvcYYoxl893Y4fDo05hBe0iLabiQz4m+LVExnKXX6 5qwMsTugLeJO24/AVlagUmVj36+ZaRJxheU8v4dxfrzAHm0gnqTOeSZd6DNJ JLhxWeQqWwm9dXxRHeYjJOy+ZACZPfCkRETnzAkfj0xCtul7M0pIfCag3TTe /7iSmW/SLHPV98Lk/cB3wgUIuEE8Pgwwnk7v9SJIR/El885e9H3DLrL3gBqO 8AmQszWNx2Ke26rVxuSZKs5Tch113TV+W3rhoEkLtK8uJddLJQRsqRsqlONZ ApCEUEiqy6oK+jBjdInvtRc7EfPelOZWt3Ot7RGGGJUpYsHZCyk4Wty7Xdj8 Z1TlkgTTnIAEcwjs2QuRfP00bbDFGI0BApTLDPA1v7eAzX6lSQIH5aFpkQDB um8yg7atNZrK4YiIir73CzvDUXFw4ShoE2wNZYg50TyZL7XdE5wYZm9YtJbm X4TBoyRGswcCIIUDe1IhiqYHEwawMveKBYA4Q6AnPJ8/X748eb73fBekgckK r/9+jEdCYT80rdv7L9sh7w2ZRWNfbD2r97sC1DtlQ4Sld6pLe12KOq+w7Cix 8C6o+4Fw9EAXFzNJ/Q3FFWedpBgpUZgbhoe4bNgRakHl2AJqaaRXCjktvhvP U7wS7N+gPSlhEfwS6HrHrNhkquH2Odm+c7U2hfEOWMoArQXOIoOlBOCd81PT YwAlMWprd2skajxapbyNd21Rz6rt6LzQZwLyvb/SWxealgWSfSYc+EZq2nFE dnCQQpOYgh7JOVhWUp1FZopBlbkv09JYPYR3wKGhME3+v6q2khDhaxzXLY0C I2/yjh3Iq5RFHc3yZV+juNRA6mvSkA6KZeVLUSCanS/QArIAolTMqWrsDLXq iaC8PVaLGKmrfY7D+XpAJDEAbYFzu5fiu417rl1lqSWnfa2Jx/EaXIiFt+E0 6LDs9nzPM4qbo17Dnf5/tImQObQRNN1plP/FNn+UqwMnAklLwB84PjwaYyan xEapXTSdKN0I5Os15vK4bFmzM7YzwBn7PCd9Onu6Rr0GdnXJAqNUV81OIKE9 J80Au42FRndgE8+e7e9JSDxpsqjHkoth7pVi5LkpW6Mp+JhINvUrTRmGxx8p CU7ju0uMolCTEOvCA5XEotvVHJVaEQexv26eiuO2bit0pngKKQcRvUjE6KW6 WDs3IaMu0hfUiZK4ciZr3Bz3VCPBxN9EOwTh4QlTJWEUQ6+ZV8n16gAuaDVY Ni50DkS07CssohlEausg0Rnso0jGvz7xlR+4ZpUEjmJkLwIAOy70ut2+ONI5 ws2ieEswqd0KYO1VeiOXhEWjEfzWyZBU00KbNddi9l1igItJDWuRNYz8DIy1 CFYdzTeeW2UKbbZ2kb/Bxq10JDs4Wqln7Y2371qBytwOQ9EdaxiWTwazJL4U lPqg9Ba3qdQ/3+OOaaMh1AQ1q7EqRbUb1H65XAdExnN1Q9CYitIsGZ2cCdmw CbftHc/dEMmxZ4aSkBWoHqihFn2RaUh1iS0IG/DGaNcYVDjUk2EjIl1RtSi9 5yKepKgTTVJQJSdergvOV0LWtRqcu2UG63awcPfvyra5AicuYzxdsOXHmxSN ASFLbubpDR0ZrGMkVEZjGv0nVGEMg9HV/ICGSfoEB/d6rzr61GuEtVi0t/vj sFGKCQ15qPp48gjodXQ2Sau8OIouOB+S3DtoTMYKDWNe3JjZ/VZr7MmWP2Uc zu+1VWEOfa9oleGo2diKohmK0T7ZZBgXy5g/LJe0tjHcvk0HK1YoGnN6iTKi J3vP9rVjOb279bQCQJ7RaFvsLiHPCXepRB/HJF+QCwnpNDASsuhJr1KxhqtN lyRL84bEEAhKrkZz4/iKMYvw+iXGFmUTNIUOiMPhadHEx/3oGH6QdF9cX1Kb h2JSW9+jBN/UAoVdMDTIWC1hwrWwHI4fLNlJPXAhxggLQjC3qGOZa77tE9c0 SVFz3BLt0LFjYttN2LJPD6ZrPDEdM4jvXGiVhpa9bIlpjQOlnXTnxoarPgJ8 iDktPBU30USj2G5lUuL3ajAmilYiQ/epF5qXWCULzbMmxcCkhGrDIljRaw4a x4VxbA9bhdUBb+RtGzrNsMwxfGkYSd9zrQtkG8DZ5hPvFCX127UtVPWTHkJV 2gfttb8eRyNQGaf+XKT/iB3EBel1DUH1NVmh8FhS6+gaDNpHayyaTZJPcFml Ug93d6mzpufLVY3hS4wYEYN17cgkIARoykIqdyEfgNFkKZQyYeA7LY+iU2fc KcgVT3Y8ni8s9SFvabIWV91Ra8r+U46wNW2RpELhYP/wKe4M69fEFKpLgbNi UblSMhIdj5moto7x9PDwCY0Coz0jGkafy9D4bevgwW1cMlWbNKa4QVlDrdtd Y519wpgTGOQ2xeKltSEo6Izel6WScBwXH/ll0v6ASb1HgcsRK1+luJVWtTQO +iegWs1NtRItC/mWam1MttbTLMcmw8zvDYjZX7jVkFuHQ782eiZVcGm71oFU OpStz++JZJ3muQ4ga0n3mg5btt8NT4cqra+8pcvl5HRzRusPJCCnHcTQUlJf oLHlYORVyQTVmhNUijgj9xysF83zmmIpjc8MQ6nVBDJtw/qO+jrC29kXiEQR luEMpY8k0OR/FSLf7OL1P+T9n4e8b5isF9D87lS9fwLSv2l24tfwg38ydjBJ 45ssp9iRsXpafgkzaCG6jUOYrTAGEoB7QlYE3J+WrvfU+Ks3/L8wOexIBfkf qvjPQBUfwRh0PEYDC9qgKCOdgYAj/+r+EdeIgYJbOcCsnjh1tsK4cso6h5P7 tox+2N/d30XydgNUccGKJkb5xgVGvDmBAgPW0I6fzPMl24HIrr9gOkm3wNYf GAa/1YqRAIZv4RoPDp4f7mMZlpycx8eXb969v/wDffX82fPnB/6rlwO8AAzQ oUqoyyTDiNy5+/7q4t31Fb357Mn+0yfPzZvJ5ODl+eXZ77vefHd6LEjkE1J9 +8LSF5mkMC4mAPZ8t6kK6nIGWijSPoqF2DnqncwKDKSDMz1elKuy7PeuQfic Jml0gv7efu/VPF7BQcOlfEzwyyKPXsGkWZL1ez+mi+hqPIvjSb/35zyBw4uu knmMR9nv/Xtcru5XH9PoGnjnx7jfu4hLvIfr2WoEINvv/ZTO52m8iP5C4Nzv /Vt8iwziL+k8/ntewksw3SxfAFz8hAma9xkC6QBgdBSPPz4KuJ5xem6v9/kz sMYPkq2L9cXn8xWBivBz13tALcZaV5Sd5EFwCpdIr3xMiLjcnJueYLFwUUc2 UwG/ozQc00vg4uoVMQkXBGAmcE48W/nI+Es4clv9AUzKuVM2ItGn+wHcZoI6 DLGmvmv0bWylM4yvtooO5Sswk3pfpIMf8Ht5H9dPY2Do1jq3Ie6z1RNZpDc3 tlhVEMPfumZeUy0OVGPWTRowhaFoeWEMN4QvqcKPSCWIxxSMrB1V4ZAruVkY HskVFcRNONyfRDlTFU2n0T40nI1NlUFMyL6EfBifiPH24OtBVxPZBeU/zPP8 I5dWnPmUKr38oDytOdC6aU+OnEO0NVAWvQsUJaYMSpPDXEyCnqY2t+H+OSCe OM83+pvTisLE1JLdbyZysP+npKhSDf7EeGYgSMwRuPktHudiRQJGcyMosfgT uwgPLPAS0rHZcGBxXOG1WqncwILUJaKYPVyIlN/KFbgcNBAgpVXpwEaG1bDL KfWkkAlobDbzB0Aa+jRtyR+4WvVJhtEhMLUPV+E4DqeUmzY0vC14WMKftoP8 +51659xlfD/PY91dsCoK4gg6wYSUBfbEsCNBR807D5Md2Y/tU360fws5WHxC hKkTXF+R2786ftdgYxgZmWRauI08JT5jkUTqAXuKjLgr3URsXnoU/REY0tn+ mWwB+cgJR0/RDxEo+u2KQqt6Fzw3/8CF6G+XJz3MAjbZwyYXmP6kXUddD0Wk wB1Fu0NsJXDx7up6p8eZ7HwxXa9dIyweRQN4+PcD/fmX+sOWzmKqcbzsXq3+ orzgKDJusIdfi+Qkj5BuwcL6m7yiP/DKB6EQR8Jvvur9CxY9o/O/HEV7G7x4 wYhyFH1uHv9XTczHdRFXs6No6+9bX/kucpEPjjn88Tq++Zfoy0PwZL5pAa0u eDKvtYGWwlO+jDFSiIhg+F47lP3Pnf9X33n3N2ugYX+4exBtn3AgaAtACEn+ KoD4+Y8OIn7vP1WAGPySGwmX+ZUHG7DG3+BkN6PbLSfbdpwdpLv9DFvw65/g OC17xRojRhHTyhaipklG5IPKGGxkOBxGf/3iOkyFSWE+HFfXp89RpE+jpcFw CzYASwPCgRL7IJ6DAvunrTFmMRVb3KKw8AFbiqW+KN5RKETYh456n0lhOoyO otm343iafBt9F2HTUR8g7bJtXDSv1C+SABU6hu96X8IKOj40EeO6wyrGHO1M MqBWvufSJfQoRuKw+Zl6M25p3laaaJXhtm1yCT6yHs6+jfd2Dw/2eTsS7VSm /6ChD7kJDrrXJHN63F5esXZqwVN6bPtwbP9hoO+7tppU3/kqRNFe3z8qPV7s 17Nvk6ej6cH+82fj/cmzp3vPJ0/j758+f3ZwcDidTp48SZ5+Ky+ykdi/+zdW np80FtSohBnOF0+/f/ItPdgRYmam6L7itg4/4T27sn7dpcYsILgqYFu2X7vr 0hzCBK+jvZ9RbRWoMMi5p41q2rv9tc26anO6GPXSHUNrudb2c2hcy9pTaNbQ b+BEKxR7pOj14K73d/ef7+/uHe4+BGW7T57vHewzbNTwZ/+pQ6BHsIi9xvyY u4SyZMJeM9E7dl98/mbun/lCraaS7DYt8kyKkBIxROPMIv2HBlqGBa9AU8wr LH+gKaFclKO1Sp7L8mpG+7kMZ5PNntb648CB/fDq9CW7Bw6fP/1eQsevfjjm zw72n2A4OZWj8l40yekf9uhlfQGN6eSjMSGkXck4tjrJjMoL14uWUDVF7WRE HRp9fDJnStjaBLyiPi50lMzi+bS9UIlZWfC6rKFZ7k97KHXtwxSDxe3fFdhi InNtk3xSdbAOn33OgYuuRcfVK85O9qVt2kOxbU4C3QFZN3Cpm6y0xYKlGfXW 2kr1L27yfNJWyKbv6qZLGkSt9wWb3cPcdY2+vY0Lqph+3YRZv7QgKQTunusD wRqJ4MukzQwQNt/i0kxBIO6ZhVlZtXN8qVZkquVEpmU4DDxY9B+R97Cv+BN3 TiqFh1eYjEPGDtcWwMZhN0oktVTf+hKkI3TX11j4wgZhZQ1/U1xiYyjEN6yA gcfOw+HIedaopHFH0S5aQqNqGSIsoiHNLXx+aEhovuN8YyJUpZinV5jyjxvC spB9B/7OfoVmZvG1KlZR+Qh18Sg0tSbgUSAyHaDfpqtnRfxNVoGgKceHCEJ5 y1QN2nYmiF3NHK0WI2ScQMrLnY2SVBYGW8qZcOdervuNKSRk5sXMH98twq2e 2wDYAjGm13ELIeT8Dr5HW9JiPvdww3uSC+z9/9dELDWhogEA --></rfc>