<?xmlversion='1.0' encoding='utf-8'?>version="1.0" encoding="UTF-8"?> <!-- [CS] updated by Chris 07/20/22 --> <!-- draft submitted in xml v3 --> <!DOCTYPE rfc [ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]><?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?><!-- generated by https://github.com/cabo/kramdown-rfc version 1.6.10 (Ruby 3.1.2) --> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-quic-bit-grease-04" number="9287" submissionType="IETF" category="std" consensus="true" tocInclude="true" sortRefs="true" symRefs="true" xml:lang="en" updates="" obsoletes="" version="3"> <!-- xml2rfc v2v3 conversion 3.12.10 --> <front> <title>Greasing the QUIC Bit</title> <seriesInfoname="Internet-Draft" value="draft-ietf-quic-bit-grease-04"/>name="RFC" value="9287"/> <author initials="M." surname="Thomson" fullname="Martin Thomson"> <organization>Mozilla</organization> <address> <email>mt@lowentropy.net</email> </address> </author> <date year="2022"month="June" day="09"/> <area>TSV</area>month="July"/> <area>tsv</area> <workgroup>quic</workgroup><keyword>Internet-Draft</keyword><keyword>Header</keyword> <keyword>Path signal</keyword> <abstract> <t>This document describes a method for negotiating the ability to send an arbitrary value for thesecond-to-mostsecond-most significant bit in QUIC packets.</t> </abstract><note removeInRFC="true"> <name>Discussion Venues</name> <t>Discussion of this document takes place on the QUIC Working Group mailing list (quic@ietf.org), which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/quic/">https://mailarchive.ietf.org/arch/browse/quic/</eref>.</t> <t>Source for this draft and an issue tracker can be found at <eref target="https://github.com/quicwg/quic-bit-grease">https://github.com/quicwg/quic-bit-grease</eref>.</t> </note></front> <middle> <section anchor="introduction"> <name>Introduction</name><t>QUIC<t>The version-independent definition of QUIC <xreftarget="QUIC"/>target="RFC8999"/> intentionally describes a very narrow set of fields that are visible to entities other than endpoints. Beyond those characteristics that aredefined as invariant <xref target="QUIC-INVARIANTS"/>,invariant, very little about the "wire image" <xref target="RFC8546"/> of QUIC is visible.</t> <t>Thesecond-to-mostsecond-most significant bit of the first byte in every QUIC packet is defined as having a fixed value in QUIC version 1 <xreftarget="QUIC"/>.target="RFC9000"/>. The purpose of having a fixed value is to allowQUICendpoints tobeefficientlydistinguisheddistinguish QUIC from other protocols; see <xreftarget="DEMUX"/>target="I-D.ietf-avtcore-rfc7983bis"/> for a description of a system that might use this property. As this bit can identify a packet as QUIC, it is sometimes referred to as the "QUIC Bit".</t> <t>Where endpoints and the intermediaries that support them do not depend on the QUIC Bit having a fixed value, sending the same value in every packet is more of a liability than an asset. If systems come to depend on a fixed value, then it might become infeasible to define a version of QUIC that attributes semantics to this bit.</t> <t>In order to safeguard future use of this bit, this document defines a QUIC transport parameter that indicates that an endpoint is willing to receive QUIC packets containing any value for this bit. By sending different values for this bit, the hope is that the value will remain available for future use <xreftarget="USE-IT"/>.</t>target="RFC9170"/>.</t> </section> <section anchor="conventions-and-definitions"> <name>Conventions and Definitions</name><t>The<t> The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shownhere.</t>here. </t> <t>This document uses terms and notational conventions from <xreftarget="QUIC"/>.</t>target="RFC9000"/>.</t> </section> <section anchor="the-grease-quic-bit-transport-parameter"> <name>The Grease QUIC Bit Transport Parameter</name> <t>The grease_quic_bit transport parameter (0x2ab2) is defined for QUIC version 1 <xref target="RFC9000"/>. This transport parameter can be sent by both client and server. The transport parameter is sent with an empty value; an endpoint that understands this transport parameterMUST<bcp14>MUST</bcp14> treat receipt of a non-empty value of the transport parameter as a connection error of type TRANSPORT_PARAMETER_ERROR.</t> <t>An endpoint that advertises the grease_quic_bit transport parameterMUST<bcp14>MUST</bcp14> accept packets with the QUIC Bit set to a value of 0. The QUIC Bit is defined as thesecond-to-mostsecond-most significant bit of the first byte of QUIC packets (that is, the value 0x40).</t> <section anchor="clearing-the-quic-bit"> <name>Clearing the QUIC Bit</name> <t>Endpoints that receive the grease_quic_bit transport parameter from a peerSHOULD<bcp14>SHOULD</bcp14> set the QUIC Bit to an unpredictable value unless another extension assigns specific meaning to the value of the bit.</t> <t>Endpoints can set the QUIC Bit to 0 on all packets that are sent after receiving and processing transport parameters. This could include Initial, Handshake, and Retry packets.</t> <t>A clientMAY<bcp14>MAY</bcp14> also set the QUIC Bit to 0 in Initial, Handshake, or 0-RTT packets that are sent prior to receiving transport parameters from the server. However, a clientMUST NOT<bcp14>MUST NOT</bcp14> set the QUIC Bit to 0 unless the Initial packets it sends include a token provided by the server in a NEW_TOKEN frame (<xref section="19.7" sectionFormat="of"target="QUIC"/>),target="RFC9000"/>), received less than 604800 seconds (7 days) prior on a connection where the server also included the grease_quic_bit transport parameter.</t> <aside> <t>This7 day7-day limit allows for changes in server configuration. If server configuration changes and a client does not set the QUIC Bit, then it is possible that a server will drop packets, resulting in connection failures.</t> </aside> <t>A serverMUST<bcp14>MUST</bcp14> set the QUICbitBit to 0 only after processing transport parameters from a client. A serverMUST NOT<bcp14>MUST NOT</bcp14> remember that a client negotiated the extension in a previous connection and set the QUIC Bit to 0 based on that information.</t> <t>An endpointMUST NOT<bcp14>MUST NOT</bcp14> set the QUIC Bit to 0 without knowing whether the peer supports the extension. As Stateless Reset packets (<xref section="10.3" sectionFormat="of"target="QUIC"/>)target="RFC9000"/>) are only used after a loss of connection state, endpoints are unlikely to be able to set the QUIC Bit to 0 on Stateless Reset packets.</t> </section> <section anchor="using-the-quic-bit"> <name>Using the QUIC Bit</name> <t>The purpose of this extension is to allow for the use of the QUIC Bit by later extensions.</t> <t>Extensions to QUIC that define semantics for the QUIC Bit can be negotiated at the same time as the grease_quic_bit transport parameter. In this case, a recipient needs to be able to distinguish a randomized value from a value carrying information according to the extension. Extensions that use the QUIC BitMUST<bcp14>MUST</bcp14> negotiate their use prior to acting on any semantic.</t> <t>For example, an extension might define a transport parameter that is sent in addition to the grease_quic_bit transport parameter. Though the value of the QUIC Bit in packets received by a peer might be set according to rules defined by the extension, they might also be randomized as specified in this document.</t><t>Receiving<t>The receipt of a transport parameter for an extension that uses the QUIC Bit could be used to confirm that a peer supports the semantic defined in the extension. To avoid acting on a randomized signal, the extension can require that endpoints set the QUIC Bit according to the rules of theextension,extension but defer acting on the information conveyed until the transport parameter for the extension is received.</t> <t>Extensions that define semantics for the QUIC Bit can be negotiated without using the grease_quic_bit transport parameter. However, including both extensions allows for the QUIC Bit to be greased even if the alternative use is not supported.</t> </section> </section> <section anchor="security-considerations"> <name>Security Considerations</name> <t>This document introduces no new security considerations for endpoints or entities that can rely on endpoint cooperation. However, this change makes the task of identifying QUIC more difficult without cooperation of endpoints. This sometimes works counter to the security goals of network operators who rely on network classification to identifythreats.</t>threats; see <xref target="I-D.ietf-quic-manageability" section="3.1" sectionFormat="of"></xref> for a more comprehensive treatment of this topic.</t> </section> <section anchor="iana-considerations"> <name>IANA Considerations</name> <t>This document registers the grease_quic_bit transport parameter in the "QUIC Transport Parameters" registry established in <xref section="22.3" sectionFormat="of"target="QUIC"/>.target="RFC9000"/>. The following fields are registered:</t> <dl> <dt>Value:</dt> <dd> <t>0x2ab2</t> </dd> <dt>Parameter Name:</dt> <dd> <t>grease_quic_bit</t> </dd> <dt>Status:</dt> <dd> <t>Permanent</t> </dd> <dt>Specification:</dt> <dd><t>This document.</t><t>RFC 9287</t> </dd> <dt>Date:</dt> <dd><t>Date of registration.</t><t>2022-07-13</t> </dd> <dt>Change Controller:</dt> <dd> <t>IETF (iesg@ietf.org)</t> </dd> <dt>Contact:</dt> <dd> <t>QUIC Working Group (quic@ietf.org)</t> </dd><dt>Change Controller:</dt> <dd> <t>IETF (iesg@ietf.org)</t> </dd><dt>Notes:</dt> <dd> <t>(none)</t> </dd> </dl> </section> </middle> <back> <displayreference target="RFC9000" to="QUIC"/> <displayreference target="RFC8999" to="QUIC-INVARIANTS"/> <displayreference target="I-D.ietf-avtcore-rfc7983bis" to="DEMUX"/> <displayreference target="RFC9170" to="USE-IT"/> <displayreference target="I-D.ietf-quic-manageability" to="MANAGEABILITY"/> <references> <name>References</name> <references> <name>Normative References</name><reference anchor="QUIC"> <front> <title>QUIC: A UDP-Based Multiplexed and Secure Transport</title> <author fullname="J. Iyengar" initials="J." role="editor" surname="Iyengar"> <organization/> </author> <author fullname="M. Thomson" initials="M." role="editor" surname="Thomson"> <organization/> </author> <date month="May" year="2021"/> <abstract> <t>This document defines the core of the QUIC transport protocol. QUIC provides applications with flow-controlled streams for structured communication, low-latency connection establishment, and network path migration. QUIC includes security measures that ensure confidentiality, integrity, and availability in a range of deployment circumstances. Accompanying documents describe the integration of TLS for key negotiation, loss detection, and an exemplary congestion control algorithm.</t> </abstract> </front> <seriesInfo name="RFC" value="9000"/> <seriesInfo name="DOI" value="10.17487/RFC9000"/> </reference> <reference anchor="RFC2119"> <front> <title>Key words for use in RFCs to Indicate Requirement Levels</title> <author fullname="S. Bradner" initials="S." surname="Bradner"> <organization/> </author> <date month="March" year="1997"/> <abstract> <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="2119"/> <seriesInfo name="DOI" value="10.17487/RFC2119"/> </reference> <reference anchor="RFC8174"> <front> <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title> <author fullname="B. Leiba" initials="B." surname="Leiba"> <organization/> </author> <date month="May" year="2017"/> <abstract> <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="8174"/> <seriesInfo name="DOI" value="10.17487/RFC8174"/> </reference><xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9000.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8999.xml"/> </references> <references> <name>Informative References</name><reference anchor="QUIC-INVARIANTS"> <front> <title>Version-Independent Properties of QUIC</title> <author fullname="M. Thomson" initials="M." surname="Thomson"> <organization/> </author> <date month="May" year="2021"/> <abstract> <t>This document defines the properties of the QUIC transport protocol that are common to all versions of the protocol.</t> </abstract> </front> <seriesInfo name="RFC" value="8999"/> <seriesInfo name="DOI" value="10.17487/RFC8999"/> </reference> <reference anchor="RFC8546"> <front> <title>The Wire Image of a Network Protocol</title> <author fullname="B. Trammell" initials="B." surname="Trammell"> <organization/> </author> <author fullname="M. Kuehlewind" initials="M." surname="Kuehlewind"> <organization/> </author> <date month="April" year="2019"/> <abstract> <t>This document defines the wire image, an abstraction of the information available to an on-path non-participant in a networking protocol. This abstraction is intended to shed light on the implications that increased encryption has for network functions that use the wire image.</t> </abstract> </front> <seriesInfo name="RFC" value="8546"/> <seriesInfo name="DOI" value="10.17487/RFC8546"/> </reference> <reference anchor="DEMUX"> <front> <title>Multiplexing Scheme Updates for QUIC</title> <author fullname="Bernard Aboba"> <organization>Microsoft Corporation</organization> </author> <author fullname="Gonzalo Salgueiro"> <organization>Cisco Systems</organization> </author> <author fullname="Colin Perkins"> <organization>University of Glasgow</organization> </author> <date day="12" month="May" year="2022"/> <abstract> <t> This document defines how QUIC, Datagram Transport Layer Security (DTLS), Real-time Transport Protocol (RTP), RTP Control Protocol (RTCP), Session Traversal Utilities for NAT (STUN), Traversal Using Relays around NAT (TURN), and ZRTP packets are multiplexed on a single receiving socket. This document updates RFC 7983 and RFC 5764. </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-avtcore-rfc7983bis-04"/> </reference> <reference anchor="USE-IT"> <front> <title>Long-Term Viability of Protocol Extension Mechanisms</title> <author fullname="M. Thomson" initials="M." surname="Thomson"> <organization/> </author> <author fullname="T. Pauly" initials="T." surname="Pauly"> <organization/> </author> <date month="December" year="2021"/> <abstract> <t>The ability to change protocols depends on exercising the extension and version-negotiation mechanisms that support change. This document explores how regular use of new protocol features can ensure that it remains possible to deploy changes to a protocol. Examples are given where lack of use caused changes to be more difficult or costly.</t> </abstract> </front> <seriesInfo name="RFC" value="9170"/> <seriesInfo name="DOI" value="10.17487/RFC9170"/> </reference><xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8546.xml"/> <!-- [DEMUX] [I-D.ietf-avtcore-rfc7983bis] IESG state I-D Exists --> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-avtcore-rfc7983bis.xml"/> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-quic-manageability.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9170.xml"/> </references> </references> </back><!-- ##markdown-source: H4sIAAAAAAAAA51Zf28buRH9n5+C9f1jA5Yh+3yXWIe7nmIrF6Pxj8py0qIo DGqXkgivlluSa0cx/F36WfrJ+mbIXa0cG3F7OCCSdknOvJl584bu9XoimFDo gdz6w2nlTTmXYaHlX69Pj+U7E7ZEbrNSLfFC7tQs9IwOs96/apP1pib05rRG 9/qHIlNBz61bDaQPuRCmcgMZXO3DQb9/1D8QCm8O5OTqk7i37nbubF0NJO0j bvUKP+UDeVoG7Uodeid0khA+qDK/UYUtcfpKe1GZgfxHsNmu9NYFp2cen1ZL +vBPIVQdFtYNhOwJif9M6QfybE9OFnbpbcm/RUfOlAum3Hhg3VyV5qsKxpZ4 wX41RaH4iV4qUwzkMvxe2HtdBmer1R6MFKK0bokFd3oAd8tZ55vo9XpSTX1w KsOLk4XxEjDWS6yXufaZM1PtpZJLDZNzibWyBHrBYIcUADU1hQkrGaz0usyl KgEhIHfKreSdKmrNy+hVrzNb5r1ge0vrg/RmXpqZyRQOwwIAEaNZqexWB7+X 7FuaPC+0ED8Q7s7mdUbOC8HvPjz8if79dfz++Kjf7z8+YpcA6/GGKorVhhN3 GhaVyjl7D1OCtDM5M7rIPYxTgQIv74w300KTM7RJMFhoYTrZr0r8llcWB/g9 Kd/pFZzB79ZrmS0UQaid8cFknQ1zPTOlBioeht0pZ8jZh4c/k9G90/NPw/Hp 8HxyRfa/PTo6enzcjWYCUiQ7wLV1IOzE1r3Bdmap5nqLNqAFPx3+DIfhBkOB 2CXz9yiU34Ub6ygoM+PwcLoKmgKg+fROGLCt6DixUHcUeIVlX/BLjG8TOKz1 AF7uN2F5fARQZEpVu4pwsjPx/A6eIEfEEBreCt+mWuoZ7DWIBEWSoC3ntfEL LJs5u4yREZWzKDVb+F/gsSZsTkZn13/79bR3ssckoO5CZp3uuVn25ujtj1Pj gRrlpErpUVG6EB5K+JUPesnxQ+LNF0HWMDtQYeCcSruwgktDH38iGIGnNDll y2yFHRNqgIr82BWU1x40gAoyS2QTOEA7Bw/IX88R2Go5DIH7DJf0OtFQTjm/ RGntljo3yCEdE0z6uqrAL/R8ibqVpaWqragK4Q9lTbPzs3Hb5YJt6tiDctbx jHnQpoBcAkCKXmHaeqeCoP89agmYnM5kBM/LDN6Sf2tbnpyL8wBaEBHhqeYF oCbi9VR+Medi1foUnpgZ5LkKAVVdByDhQXxlLDormqgAyFMscTlVLohJzfS8 Vg55U4cantSci20Qd+OnDvXR4cQZdKQAl5Weka5Q5ohk5ANirNxQP0nx6DAE YXYPbmZ0LaKeaVBu3C7xG2AqgzIlx6Xc5MrkBVhm1QYpNzOkDpnHb/r2VZE8 0HKBDOVaImvoh7gnGQIT0CAQiTu0CUUg0/I1HAJ1c3016p1OmEv334BLiYF/ kMe2vIuMGrPxhMAx/D3yDPqipMbo5dbZ9dVkazf+K88v+PN4BK/HoxP6fPVh +PFj+0GkN64+XFx/PFl/Wq88vjg7G52fxMX4VW78JLbOhn/HE7Jq6+Jycnpx Pvy4Rem7GU4i4kgoXEWVQwSJzUTTHXJa8+748j//3j8k7gICB/v7YOP05e3+ m0N8uUfaxtNsCUaKXwHzSqiq0srRLuAwUEJlgirQ9FHhfmHvS0lVTXButljg jmChriOyqF8VOxflRgs6c93DQyJUjgnBzjJoLYDkpM3SyyZLY3yi9rkhDXND jPVcOm/3vxyo6cEO09mUegd1iZWcgmNlVhiGscyF1w4FmVj9uY2I7Ojle4OF VBDLKqTc/mWjQLhF1iUqlOVTYtTntuRkgopCTnMdVdy7FOAqe53tiZ7CC1Yp qmVgWmoWDxIUjOwnBlihYibj4fnV5cV4cnM5HA/PRpPR+GY0Hl+MAfbwiclS 5QAgGI7cK8FlB1SW6Sq0xc/4dAUsSxJqCq03sp9wbl+h3Fn3YiL4/7nHNzTa 2LEdicxzIot4dP/LYX+HEw3VXyCxn4ptIUZtg+L1Db+9FhFOaTRLjRxNNc/u d50lLEpZlyhXsGxgzor21WWhPZVMlGb6CxQf9QiBXgQAkIGVzggG6FZVJgpe 02ECJbaJtSOU+c8Z0ecGhrJuIItp4FKRYAKADREAHCWokCEVMljIJ3/rvSet b4j/64KYJyvqXEPcglNVsSs/UDUs1K1mqhFjHdpOTJp42JQjuA9mefuC0eCi 57ZE2vd748mk2VFselM5Y926Y73kQQxg1PSJED5g6sCnXaFaA1MTeMHAFEV6 kAxtEeZqgMmiAUdhyS00A4C9g9jKiZrWpzPvyvPR55vJxV9G5zCOtMz2w8NV Kvf9o703RA+RQnd2m3zNZTIBof+5f/i230+iGXXxRuZq5XcSIqxhOgRyT4Qu OiZwJJK5+WvrAOF8GEDz5PpR/BaTgo+F/F9iBevh2OcxYJRzTUNEcyCMmZl5 7bhjJP3FT7DTxrN2LWVmG5zc4hcSjE+D06ozUv6/Scj2pMk4T5rTWVLkUMRN zAhTXxc8FsLIDlQzCA6IjJi7aTmnxsbJ03WxobXGovpOGYnEItEjkuUb21Pm QfTo5bSRa63zzQwbIyVaAomJBMK5M7b2XScIu+fTeIogJ72NhtbO14jJZvP4 TjVQP6BZ77a09+QwEizNnTrSZBL7sWBai+MwcgXdoDmVx5q2b8m9UwL9vR8b 8kcJ8HDKUNdkfsRbyQLRprc6nnvae7c7kThmYHOri1WUVUIl0f4ifb5gYOox 19/c5kThsp4aozjoxKkzLza3C62m75wPmigUCaF2KZ05ar/QLuupIs0c64mi 2brdL6mjTv4g5u30RBNeM9S9pvpRtEmqZngXdC/AS6ZKKapzn1RrA29nBEas sGFul+ZrO0SncuAvIlPOrWIxthlJGgQ6vdMQu3nURYXQiINvmlnIec7g1nV6 Zhy/1TYNlXH9c72sWhyB+HtLbVotq4K7WieScQRsp72XR62kKw26fJ7z+NE4 8TqoJyiv+eIbGbAekVH7Td207WG6SipFNqMq5/gGjq5GYje6TKTG1DoYB4S0 nJsE9uiETrVqJU4hG5MLkBu3ffh5cPgeowtoEzv/JHNZbKBWud5hNvcIt2yY kZ3c4JgmfK3kZOs2c2ZihbqzJu9GvusdyTESIBvruIqcRrxcaistuYhvGOSb lI1wp0LvwDytOY2IxhpbRLw4Wec/T1Ur2FXDsUK+NC00Zd/lG9HkxBP++H95 I/E9wtFw3+vSuJFZSWvQYprROgTXlQ1PyXjaHJPTDQ/8ijCqgi60+VaYCxru sjSI6cA+Y+hEK6kdXf0c4xRoligv/NOh1qRbWtYXcJkuW9PCbGMhW7juKxYs 3dy5MqwxTdBkbKeNZpZu4RrR06IRWZSFjlxC6MbpKCh/S6nS3M8RWgwHX2fR hYrJoFna5tvZnJZ1r3vJR7G+xqO/DbCCL0O8Ykr329HPuUWl0w6lDvSmjNta COf7hW2cEs3TrKDBhca2htbaC8WwoLk3Nkp5Ojwffgd8p+doEqTQXzuKparm S0jxzB2C30qbYgrRnsaweAOLdWt1cXDQVRdxbBUzS4lImKdrdlIOjYE6Hwjx iYh4IAYy3j4I0Z4qz+kvIHjyxAUhSErUnh5datR1Ca/xYxr44t9F8GzyhEZP UHT0O/1LhiaXGqF2TFdxWaA3OD8+Iyxk+B/05x+5Taf/TnfJe9bNd/B6TDRa 5eCkdrTwdDR5L7eRvfPuq+c2aLZ2u7Sl3hH/BTdZxNnJGgAA --></rfc>