<?xml version='1.0'encoding='utf-8'?>encoding='UTF-8'?> <!DOCTYPE rfc [ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]><?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> <!-- generated by https://github.com/cabo/kramdown-rfc version (Ruby 3.1.2) --><rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-core-oscore-edhoc-11" number="9668" updates="" obsoletes="" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true"version="3"> <!-- xml2rfc v2v3 conversion 3.18.0 -->version="3" xml:lang="en"> <front> <title abbrev="Using EDHOC with CoAP and OSCORE">Using Ephemeral Diffie-Hellman Over COSE (EDHOC) with the Constrained Application Protocol (CoAP) and Object Security for Constrained RESTful Environments (OSCORE)</title> <seriesInfoname="Internet-Draft" value="draft-ietf-core-oscore-edhoc-11"/>name="RFC" value="9668"/> <author initials="F." surname="Palombini" fullname="Francesca Palombini"><organization>Ericsson</organization><organization>Ericsson AB</organization> <address> <postal> <street>Torshamnsgatan 23</street> <city>Kista</city> <code>164 40</code> <country>Sweden</country> </postal> <email>francesca.palombini@ericsson.com</email> </address> </author> <author initials="M." surname="Tiloca" fullname="Marco Tiloca"> <organization>RISE AB</organization> <address> <postal> <street>Isafjordsgatan 22</street> <city>Kista</city><code>16440 Stockholm</code><code>164 40</code> <country>Sweden</country> </postal> <email>marco.tiloca@ri.se</email> </address> </author> <author initials="R." surname="Höglund" fullname="Rikard Höglund"> <organization>RISE AB</organization> <address> <postal> <street>Isafjordsgatan 22</street> <city>Kista</city><code>16440 Stockholm</code><code>164 40</code> <country>Sweden</country> </postal> <email>rikard.hoglund@ri.se</email> </address> </author> <author initials="S." surname="Hristozov" fullname="Stefan Hristozov"><organization>Fraunhofer AISEC</organization><organization>Eriptic</organization> <address> <email>stefan.hristozov@eriptic.com</email> </address> </author> <author initials="G." surname="Selander" fullname="Göran Selander"> <organization>Ericsson</organization> <address> <email>goran.selander@ericsson.com</email> </address> </author> <date year="2024"month="April" day="09"/> <area>Internet</area> <workgroup>CoRE Working Group</workgroup> <keyword>Internet-Draft</keyword>month="November"/> <area>WIT</area> <workgroup>core</workgroup> <keyword>Security</keyword> <keyword>Key agreement; Secure communication</keyword> <keyword>Constrained enviornments</keyword> <keyword>AKE</keyword> <keyword>lightweight authenticated key exchange</keyword> <keyword>IoT security</keyword> <abstract> <t>The lightweight authenticated key exchange protocol Ephemeral Diffie-Hellman Over COSE (EDHOC) can be run over the Constrained Application Protocol (CoAP) and used by two peers to establish a Security Context for the security protocol Object Security for Constrained RESTful Environments (OSCORE). This document details this use of the EDHOCprotocol,protocol by specifying a number of additional and optionalmechanisms. These especially includemechanisms, including an optimization approach for combining the execution of EDHOC with the first OSCORE transaction. This combination reduces the number of round trips required to set up an OSCORE Security Context and to complete an OSCORE transaction using that Security Context.</t> </abstract><note removeInRFC="true"> <name>Discussion Venues</name> <t>Discussion of this document takes place on the Constrained RESTful Environments Working Group mailing list (core@ietf.org), which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/core/"/>.</t> <t>Source for this draft and an issue tracker can be found at <eref target="https://github.com/core-wg/oscore-edhoc"/>.</t> </note></front> <middle> <section anchor="introduction"> <name>Introduction</name> <t>Ephemeral Diffie-Hellman Over COSE (EDHOC) <xref target="RFC9528"/> is a lightweight authenticated key exchangeprotocol, especiallyprotocol that is specifically intended for use in constrained scenarios. In particular, EDHOC messages can be transported over the Constrained Application Protocol (CoAP) <xref target="RFC7252"/> and used for establishing a Security Context for Object Security for Constrained RESTful Environments (OSCORE) <xref target="RFC8613"/>.</t> <t>This document details the use of the EDHOC protocol with CoAP andOSCORE,OSCORE and specifies a number of additional and optional mechanisms. Theseespeciallyinclude an optimization approach that combines the EDHOC execution with the first OSCORE transaction (see <xref target="edhoc-in-oscore"/>). This allows for a minimum number of two round trips necessary tosetupset up the OSCORE Security Context and complete an OSCORE transaction, e.g., when anIoTInternet of Things (IoT) device gets configured in a network for the first time.</t> <t>This optimization isdesirable,desirable since the number of message exchanges can have a substantial impact on the latency of conveying the first OSCORErequest,request when using certain radio technologies.</t> <t>Without this optimization, it is not possible to achieve the minimum number of two round trips. This optimization makes itpossible,possible since the message_3 of the EDHOC protocol can be made relatively small (see <xref section="1.2" sectionFormat="of" target="RFC9528"/>), thus allowing additional OSCORE-protected CoAP data within target MTU sizes.</t> <t>The minimum number of two round trips can be achieved only if thedefault,default forward message flow of EDHOC is used, i.e., when a CoAP client acts as EDHOC Initiator and a CoAP server acts as EDHOC Responder. The performance advantage of using this optimization can be lost when used in combination with Block-wise transfers <xref target="RFC7959"/> that rely on specific parameter values and block sizes.</t> <t>Furthermore, this document defines a number of parameters corresponding to different information elements of an EDHOC application profile (see <xref target="web-linking"/>). These parameters can be specified as target attributes in the link to an EDHOC resource associated with that application profile, thus enabling an enhanced discovery of such a resource for CoAPclients.</t>clients. </t> <section anchor="terminology"> <name>Terminology</name> <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here.</t> <t>The reader is expected to be familiar with terms and concepts defined in CoAP <xref target="RFC7252"/>,CBORConcise Binary Object Representation (CBOR) <xref target="RFC8949"/>, OSCORE <xref target="RFC8613"/>, and EDHOC <xref target="RFC9528"/>.</t> </section> </section> <section anchor="overview"> <name>EDHOC Overview</name> <t>This section is not normative and summarizes what is specified in <xreftarget="RFC9528"/>, in particular its Appendix A.2.target="RFC9528"/> (specifically <xref target="RFC9528" sectionFormat="of" section="A.2"></xref>). Thus, it provides a baseline for the enhancements in the subsequent sections.</t> <t>The EDHOC protocol specified in <xref target="RFC9528"/> allows two peers to agree on a cryptographicsecret,secret in a mutually-authenticated way and achieves forward secrecy by using Diffie-Hellman ephemeralkeys to achieve forward secrecy.keys. The two peers are denoted asInitiatorthe "Initiator" andResponder,"Responder", as the one sending or receiving the initial EDHOC message_1, respectively.</t> <t>After successful processing of EDHOC message_3, both peers agree on a cryptographic secret that can be used to derive further securitymaterial,material andespecially toestablish an OSCORE Security Context <xref target="RFC8613"/>. The Responder can also send an optional EDHOC message_4 in order for the Initiator to achieve key confirmation, e.g., in deployments where no protected application message is sent from the Responder to the Initiator.</t> <t><xref section="A.2" sectionFormat="of" target="RFC9528"/> specifies how to transfer EDHOC over CoAP. That is, the EDHOC data (i.e., the EDHOC message possibly with a prepended connection identifier)areis transported in the payload of CoAP requests and responses. Thedefault,default forward message flow of EDHOC consists in the CoAP client acting as Initiator and the CoAP server acting as Responder (see <xref section="A.2.1" sectionFormat="of" target="RFC9528"/>). Alternatively, the two roles can bereversed,reversed as per the reverse message flow of EDHOC (see <xref section="A.2.2" sectionFormat="of" target="RFC9528"/>). In the rest of this document, EDHOC messages are considered to be transferred over CoAP.</t> <t><xref target="fig-non-combined"/> shows a successful execution of EDHOC, with a CoAP client and a CoAP server running EDHOC as Initiator and Responder, respectively. In particular, it extends Figure 10 from <xref section="A.2.1" sectionFormat="of"target="RFC9528"/>,target="RFC9528"/> by highlighting when the two peers perform EDHOC verification and establish the OSCORE Security Context, and by adding an exchange of OSCORE-protected CoAP messages after completing the EDHOC execution.</t> <t>That is, the client sends a POST request to a reserved<em>EDHOC resource</em>EDHOC resource at the server, by default at the Uri-Path "/.well-known/edhoc". The request payload consists of the CBOR simple value <tt>true</tt> (0xf5) concatenated with EDHOC message_1, which also includes the EDHOC connection identifier C_I of the client encoded as per <xref section="3.3" sectionFormat="of" target="RFC9528"/>. The request has Content-Format application/cid-edhoc+cbor-seq.</t> <t>This triggers the EDHOC execution at the server, which replies with a 2.04 (Changed) response. The response payload consists of EDHOC message_2, which also includes the EDHOC connection identifier C_R of the server encoded as per <xref section="3.3" sectionFormat="of" target="RFC9528"/>. The response has Content-Format application/edhoc+cbor-seq.</t> <t>Finally, the client sends a POST request to the same EDHOC resource used earlier when it sent EDHOC message_1. The request payload consists of the EDHOC connection identifier C_R encoded as per <xref section="3.3" sectionFormat="of"target="RFC9528"/>,target="RFC9528"/> concatenated with EDHOC message_3. The request has Content-Format application/cid-edhoc+cbor-seq.</t> <t>After this exchange takes place, and after successful verifications as specified in the EDHOC protocol, the client and server can derive an OSCORE SecurityContext,Context as defined in <xref section="A.1" sectionFormat="of" target="RFC9528"/>. After that,theythe client and server can use OSCORE to protect their communications as per <xref target="RFC8613"/>. Note that the EDHOCConnection Identifierconnection identifier C_R is used as the OSCORE Sender ID of the client (see <xref section="A.1" sectionFormat="of" target="RFC9528"/>). Therefore, C_R is transported in the 'kid' field of the OSCOREOptionoption of the OSCORE Request (see <xref section="6.1" sectionFormat="of" target="RFC8613"/>).</t> <t>The client and server are required to agree in advance on certain information and parameters describing how they should use EDHOC. These are specified in an application profile associated with the EDHOC resource addressed (see <xref section="3.9" sectionFormat="of"target="RFC9528"/>.</t>target="RFC9528"/>).</t> <figure anchor="fig-non-combined"><name>EDHOC<name>Sequential Flow of EDHOC and OSCORErun sequentially. The optionalwith the Optional message_4is included in this example.</name>Included</name> <artset> <artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="768" width="544" viewBox="0 0 544 768" class="diagram" text-anchor="middle" font-family="monospace" font-size="13px"> <path d="M 64,64 L 64,256" fill="none" stroke="black"/> <path d="M 64,288 L 64,544" fill="none" stroke="black"/> <path d="M 64,592 L 64,752" fill="none" stroke="black"/> <path d="M 488,64 L 488,384" fill="none" stroke="black"/> <path d="M 488,464 L 488,752" fill="none" stroke="black"/> <path d="M 80,96 L 208,96" fill="none" stroke="black"/> <path d="M 336,96 L 472,96" fill="none" stroke="black"/> <path d="M 80,192 L 208,192" fill="none" stroke="black"/> <path d="M 336,192 L 472,192" fill="none" stroke="black"/> <path d="M 80,304 L 208,304" fill="none" stroke="black"/> <path d="M 336,304 L 472,304" fill="none" stroke="black"/> <path d="M 80,480 L 208,480" fill="none" stroke="black"/> <path d="M 336,480 L 472,480" fill="none" stroke="black"/> <path d="M 80,608 L 200,608" fill="none" stroke="black"/> <path d="M 336,608 L 472,608" fill="none" stroke="black"/> <path d="M 80,688 L 200,688" fill="none" stroke="black"/> <path d="M 344,688 L 472,688" fill="none" stroke="black"/> <polygon class="arrowhead" points="480,608 468,602.4 468,613.6" fill="black" transform="rotate(0,472,608)"/> <polygon class="arrowhead" points="480,304 468,298.4 468,309.6" fill="black" transform="rotate(0,472,304)"/> <polygon class="arrowhead" points="480,96 468,90.4 468,101.6" fill="black" transform="rotate(0,472,96)"/> <polygon class="arrowhead" points="88,688 76,682.4 76,693.6" fill="black" transform="rotate(180,80,688)"/> <polygon class="arrowhead" points="88,480 76,474.4 76,485.6" fill="black" transform="rotate(180,80,480)"/> <polygon class="arrowhead" points="88,192 76,186.4 76,197.6" fill="black" transform="rotate(180,80,192)"/> <g class="text"> <text x="36" y="36">CoAP</text> <text x="84" y="36">client</text> <text x="452" y="36">CoAP</text> <text x="500" y="36">server</text> <text x="28" y="52">(EDHOC</text> <text x="100" y="52">Initiator)</text> <text x="428" y="52">(EDHOC</text> <text x="500" y="52">Responder)</text> <text x="240" y="100">EDHOC</text> <text x="296" y="100">Request</text> <text x="120" y="116">Header:</text> <text x="172" y="116">0.02</text> <text x="220" y="116">(POST)</text> <text x="128" y="132">Uri-Path:</text> <text x="252" y="132">"/.well-known/edhoc"</text> <text x="152" y="148">Content-Format:</text> <text x="340" y="148">application/cid-edhoc+cbor-seq</text> <text x="124" y="164">Payload:</text> <text x="184" y="164">true,</text> <text x="232" y="164">EDHOC</text> <text x="296" y="164">message_1</text> <text x="240" y="196">EDHOC</text> <text x="300" y="196">Response</text> <text x="152" y="212">Header:</text> <text x="204" y="212">2.04</text> <text x="264" y="212">(Changed)</text> <text x="184" y="228">Content-Format:</text> <text x="356" y="228">application/edhoc+cbor-seq</text> <text x="156" y="244">Payload:</text> <text x="216" y="244">EDHOC</text> <text x="280" y="244">message_2</text> <text x="24" y="276">EDHOC</text> <text x="100" y="276">verification</text> <text x="240" y="308">EDHOC</text> <text x="296" y="308">Request</text> <text x="120" y="324">Header:</text> <text x="172" y="324">0.02</text> <text x="220" y="324">(POST)</text> <text x="128" y="340">Uri-Path:</text> <text x="252" y="340">"/.well-known/edhoc"</text> <text x="152" y="356">Content-Format:</text> <text x="340" y="356">application/cid-edhoc+cbor-seq</text> <text x="124" y="372">Payload:</text> <text x="180" y="372">C_R,</text> <text x="224" y="372">EDHOC</text> <text x="288" y="372">message_3</text> <text x="416" y="404">EDHOC</text> <text x="492" y="404">verification</text> <text x="488" y="420">+</text> <text x="444" y="436">OSCORE</text> <text x="488" y="436">Sec</text> <text x="520" y="436">Ctx</text> <text x="468" y="452">Derivation</text> <text x="240" y="484">EDHOC</text> <text x="300" y="484">Response</text> <text x="152" y="500">Header:</text> <text x="204" y="500">2.04</text> <text x="264" y="500">(Changed)</text> <text x="184" y="516">Content-Format:</text> <text x="356" y="516">application/edhoc+cbor-seq</text> <text x="156" y="532">Payload:</text> <text x="216" y="532">EDHOC</text> <text x="280" y="532">message_4</text> <text x="28" y="564">OSCORE</text> <text x="72" y="564">Sec</text> <text x="104" y="564">Ctx</text> <text x="52" y="580">Derivation</text> <text x="236" y="612">OSCORE</text> <text x="296" y="612">Request</text> <text x="120" y="628">Header:</text> <text x="172" y="628">0.02</text> <text x="220" y="628">(POST)</text> <text x="120" y="644">OSCORE:</text> <text x="160" y="644">{</text> <text x="184" y="644">...</text> <text x="208" y="644">;</text> <text x="236" y="644">kid:</text> <text x="272" y="644">C_R</text> <text x="296" y="644">}</text> <text x="124" y="660">Payload:</text> <text x="228" y="660">OSCORE-protected</text> <text x="316" y="660">data</text> <text x="236" y="692">OSCORE</text> <text x="300" y="692">Response</text> <text x="232" y="708">Header:</text> <text x="284" y="708">2.04</text> <text x="344" y="708">(Changed)</text> <text x="232" y="724">OSCORE:</text> <text x="272" y="724">{</text> <text x="296" y="724">...</text> <text x="320" y="724">}</text> <text x="236" y="740">Payload:</text> <text x="340" y="740">OSCORE-protected</text> <text x="428" y="740">data</text> </g> </svg> </artwork> <artwork type="ascii-art" align="center"><![CDATA[ CoAP client CoAP server (EDHOC Initiator) (EDHOC Responder) | | | | | ----------------- EDHOC Request -----------------> | | Header: 0.02 (POST) | | Uri-Path: "/.well-known/edhoc" | | Content-Format: application/cid-edhoc+cbor-seq | | Payload: true, EDHOC message_1 | | | | <---------------- EDHOC Response------------------ | | Header: 2.04 (Changed) | | Content-Format: application/edhoc+cbor-seq | | Payload: EDHOC message_2 | | | EDHOC verification | | | | ----------------- EDHOC Request -----------------> | | Header: 0.02 (POST) | | Uri-Path: "/.well-known/edhoc" | | Content-Format: application/cid-edhoc+cbor-seq | | Payload: C_R, EDHOC message_3 | | | | EDHOC verification | + | OSCORE Sec Ctx | Derivation | | | <---------------- EDHOC Response------------------ | | Header: 2.04 (Changed) | | Content-Format: application/edhoc+cbor-seq | | Payload: EDHOC message_4 | | | OSCORE Sec Ctx | Derivation | | | | ---------------- OSCORE Request -----------------> | | Header: 0.02 (POST) | | OSCORE: { ... ; kid: C_R } | | Payload: OSCORE-protected data | | | | <--------------- OSCORE Response ----------------- | | Header: 2.04 (Changed) | | OSCORE: { ... } | | Payload: OSCORE-protected data | | | ]]></artwork> </artset> </figure><t>As shown in <xref target="fig-non-combined"/>, this<t> The sequential flowwhereof EDHOCis runand OSCORE (where EDHOC runs first andthenOSCORE is used after) takes three round trips tocomplete.</t>complete, as shown in <xref target="fig-non-combined"/>.</t> <t><xref target="edhoc-in-oscore"/> defines an optimization for combining EDHOC with the first OSCORE transaction. This reduces the number of round trips required to set up an OSCORE Security Context andtocomplete an OSCORE transaction using that Security Context.</t> </section> <section anchor="edhoc-in-oscore"> <name>EDHOC Combined with OSCORE</name> <t>This section defines an optimization for combining the EDHOC message exchange with the first OSCORE transaction, thus minimizing the number of round trips between the two peers to the absolute possible minimum of two round trips.</t> <t>To this end, this approach can be used only if thedefault,default forward message flow of EDHOC is used, i.e., when the client acts as Initiator and the server acts as Responder. The same is not possible in the case with reversed roles as per the reverse message flow of EDHOC.</t> <t>When running the sequential flow of <xref target="overview"/>, the client has all the information to derive the OSCORE Security Context already after receiving EDHOC message_2 and before sending EDHOC message_3.</t> <t>Hence, the client can potentially send both EDHOC message_3 and the subsequent OSCORE Request at the same time. On a semantic level, this requires sending two REST requests atonce,once as shown in <xref target="fig-combined"/>.</t> <figure anchor="fig-combined"> <name>EDHOC and OSCOREcombined.</name>Combined</name> <artset> <artwork type="svg" align="center"><svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="576" width="552" viewBox="0 0 552 576" class="diagram" text-anchor="middle" font-family="monospace" font-size="13px"> <path d="M 64,64 L 64,240" fill="none" stroke="black"/> <path d="M 64,320 L 64,560" fill="none" stroke="black"/> <path d="M 496,64 L 496,400" fill="none" stroke="black"/> <path d="M 496,480 L 496,560" fill="none" stroke="black"/> <path d="M 80,80 L 216,80" fill="none" stroke="black"/> <path d="M 344,80 L 480,80" fill="none" stroke="black"/> <path d="M 80,176 L 216,176" fill="none" stroke="black"/> <path d="M 344,176 L 480,176" fill="none" stroke="black"/> <path d="M 80,336 L 184,336" fill="none" stroke="black"/> <path d="M 384,336 L 480,336" fill="none" stroke="black"/> <path d="M 80,496 L 200,496" fill="none" stroke="black"/> <path d="M 344,496 L 480,496" fill="none" stroke="black"/> <polygon class="arrowhead" points="488,336 476,330.4 476,341.6" fill="black" transform="rotate(0,480,336)"/> <polygon class="arrowhead" points="488,80 476,74.4 476,85.6" fill="black" transform="rotate(0,480,80)"/> <polygon class="arrowhead" points="88,496 76,490.4 76,501.6" fill="black" transform="rotate(180,80,496)"/> <polygon class="arrowhead" points="88,176 76,170.4 76,181.6" fill="black" transform="rotate(180,80,176)"/> <g class="text"> <text x="36" y="36">CoAP</text> <text x="84" y="36">client</text> <text x="460" y="36">CoAP</text> <text x="508" y="36">server</text> <text x="28" y="52">(EDHOC</text> <text x="100" y="52">Initiator)</text> <text x="436" y="52">(EDHOC</text> <text x="508" y="52">Responder)</text> <text x="248" y="84">EDHOC</text> <text x="304" y="84">Request</text> <text x="120" y="100">Header:</text> <text x="172" y="100">0.02</text> <text x="220" y="100">(POST)</text> <text x="128" y="116">Uri-Path:</text> <text x="252" y="116">"/.well-known/edhoc"</text> <text x="152" y="132">Content-Format:</text> <text x="340" y="132">application/cid-edhoc+cbor-seq</text> <text x="124" y="148">Payload:</text> <text x="184" y="148">true,</text> <text x="232" y="148">EDHOC</text> <text x="296" y="148">message_1</text> <text x="248" y="180">EDHOC</text> <text x="308" y="180">Response</text> <text x="160" y="196">Header:</text> <text x="224"y="196">Changed</text>y="196">2.04</text> <text x="284"y="196">(2.04)</text>y="196">(Changed)</text> <text x="192" y="212">Content-Format:</text> <text x="364" y="212">application/edhoc+cbor-seq</text> <text x="164" y="228">Payload:</text> <text x="224" y="228">EDHOC</text> <text x="288" y="228">message_2</text> <text x="24" y="260">EDHOC</text> <text x="100" y="260">verification</text> <text x="64" y="276">+</text> <text x="36" y="292">OSCORE</text> <text x="80" y="292">Sec</text> <text x="112" y="292">Ctx</text> <text x="68" y="308">Derivation</text> <text x="216" y="340">EDHOC</text> <text x="248" y="340">+</text> <text x="284" y="340">OSCORE</text> <text x="344" y="340">Request</text> <text x="120" y="356">Header:</text> <text x="172" y="356">0.02</text> <text x="220" y="356">(POST)</text> <text x="120" y="372">OSCORE:</text> <text x="160" y="372">{</text> <text x="184" y="372">...</text> <text x="208" y="372">;</text> <text x="236" y="372">kid:</text> <text x="272" y="372">C_R</text> <text x="296" y="372">}</text> <text x="124" y="388">Payload:</text> <text x="184" y="388">EDHOC</text> <text x="248" y="388">message_3</text> <text x="296" y="388">+</text> <text x="372" y="388">OSCORE-protected</text> <text x="460" y="388">data</text> <text x="424" y="420">EDHOC</text> <text x="500" y="420">verification</text> <text x="496" y="436">+</text> <text x="444" y="452">OSCORE</text> <text x="488" y="452">Sec</text> <text x="520" y="452">Ctx</text> <text x="484" y="468">Derivation</text> <text x="236" y="500">OSCORE</text> <text x="300" y="500">Response</text> <text x="256" y="516">Header:</text> <text x="308" y="516">2.04</text> <text x="368" y="516">(Changed)</text> <text x="256" y="532">OSCORE:</text> <text x="296" y="532">{</text> <text x="320" y="532">...</text> <text x="344" y="532">}</text> <text x="260" y="548">Payload:</text> <text x="364" y="548">OSCORE-protected</text> <text x="452" y="548">data</text> </g> </svg> </artwork> <artwork type="ascii-art" align="center"><![CDATA[ CoAP client CoAP server (EDHOC Initiator) (EDHOC Responder) | | | ------------------ EDHOC Request -----------------> | | Header: 0.02 (POST) | | Uri-Path: "/.well-known/edhoc" | | Content-Format: application/cid-edhoc+cbor-seq | | Payload: true, EDHOC message_1 | | | | <----------------- EDHOC Response------------------ | | Header:Changed (2.04)2.04 (Changed) | | Content-Format: application/edhoc+cbor-seq | | Payload: EDHOC message_2 | | | EDHOC verification | + | OSCORE Sec Ctx | Derivation | | | | -------------- EDHOC + OSCORE Request ------------> | | Header: 0.02 (POST) | | OSCORE: { ... ; kid: C_R } | | Payload: EDHOC message_3 + OSCORE-protected data | | | | EDHOC verification | + | OSCORE Sec Ctx | Derivation | | | <--------------- OSCORE Response ------------------ | | Header: 2.04 (Changed) | | OSCORE: { ... } | | Payload: OSCORE-protected data | | | ]]></artwork> </artset> </figure> <t>To this end, the specific approach defined in this section consists of sending a single EDHOC + OSCORE request, which conveys the pair (C_R, EDHOC message_3) within an OSCORE-protected CoAP message.</t> <t>That is, the EDHOC + OSCORE request is composed of the following two parts combined together in a single CoAP message. The steps for processing the EDHOC + OSCORE request and the two parts combined intherethe request itself are defined in Sections <xreftarget="client-processing"/>target="client-processing" format="counter"/> and <xreftarget="server-processing"/>.</t>target="server-processing" format="counter"/>.</t> <ul spacing="normal"> <li>The OSCORE Request from <xref target="fig-non-combined"/>,which is alsowhich, in thiscasecase, is also sent to a protectedresource,resource with the correct CoAP method and options intended for accessing that resource.</li> <li> <t>EDHOC data consisting of the pair (C_R, EDHOC message_3) required for completing the EDHOCsession,session transported as follows: </t> <ul spacing="normal"> <li>C_R is the OSCORE Sender ID of theclient and henceclient; hence, it is transported in the 'kid' field of the OSCOREOptionoption (see <xref section="6.1" sectionFormat="of" target="RFC8613"/>). Unlikeinthe sequential workflow shown in <xref target="fig-non-combined"/>, C_R isthusnot transported in the payload of the EDHOC + OSCORE request.</li> <li>EDHOC message_3 is transported in the payload of the EDHOC + OSCORErequest,request and prepended to the payload of the OSCORE Request. This is because EDHOC message_3 may be too large to be included in a CoAPOption,option, e.g., when conveying a large public key certificate chainasin the ID_CRED_I field (see <xref section="3.5.3" sectionFormat="of"target="RFC9528"/>)target="RFC9528"/>), or when conveying large External Authorization Dataasin the EAD_3 field (see <xref section="3.8" sectionFormat="of" target="RFC9528"/>).</li> </ul> </li> </ul> <t>The rest of this section specifies how to transport the data in the EDHOC + OSCORE request and their processing order. In particular, the use of this approach is explicitly signalled by including an EDHOCOption (see <xrefoption (<xref target="edhoc-option"/>) in the EDHOC + OSCORE request. The processing of the EDHOC + OSCORE request is specified in <xref target="client-processing-intro"/> for the client side and in <xref target="server-processing-intro"/> for the server side.</t> <section anchor="edhoc-option"> <name>EDHOC Option</name> <t>This section defines the EDHOCOption. Theoption. This option is used in a CoAPrequest,request to signal that the request payload conveys both an EDHOC message_3 and OSCORE-protecteddata,data combined together.</t> <t>The EDHOCOptionoption has the properties summarized in <xref target="fig-edhoc-option"/>, which extends Table 4 of <xref target="RFC7252"/>. The option is Critical, Safe-to-Forward, and part of the Cache-Key. The option <bcp14>MUST</bcp14> occur at most once and <bcp14>MUST</bcp14> be empty. If any value is sent, the recipient <bcp14>MUST</bcp14> ignore it. (Future documents may update the definition of theoption,option by expanding its semantics and specifying admitted values.) The option is intended only for CoAP requests and is of Class U for OSCORE <xref target="RFC8613"/>.</t> <table align="center" anchor="fig-edhoc-option"> <name>The EDHOC Option. C=Critical, U=Unsafe, N=NoCacheKey, R=Repeatable</name> <thead> <tr> <th align="left">No.</th> <th align="left">C</th> <th align="left">U</th> <th align="left">N</th> <th align="left">R</th> <th align="left">Name</th> <th align="left">Format</th> <th align="left">Length</th> <th align="left">Default</th> </tr> </thead> <tbody> <tr> <td align="left">21</td> <td align="left">x</td> <tdalign="left"> </td>align="left"> </td> <tdalign="left"> </td>align="left"> </td> <tdalign="left"> </td>align="left"> </td> <td align="left">EDHOC</td> <td align="left">Empty</td> <td align="left">0</td> <td align="left">(none)</td> </tr> </tbody> </table> <t>The presence of this option means that the message payload also contains EDHOCdata, whichdata that must be extracted and processed as defined in <xreftarget="server-processing-intro"/>,target="server-processing-intro"/> before the rest of the message can be processed.</t> <t><xref target="fig-edhoc-opt"/> shows an example of a CoAP message that is transported over UDP andcontainingthat contains both the EDHOC data and the OSCOREciphertext,ciphertext using the newly defined EDHOC option for signalling.</t> <figure anchor="fig-edhoc-opt"> <name>Example of a CoAPmessage transported over UDP, combiningMessage Containing the Combined EDHOCdataand OSCOREdata as signalled withData, Signalled by the EDHOCOption.</name>Option and Transported over UDP</name> <artwork align="center"><![CDATA[ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Ver| T | TKL | Code | Message ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Token (if any, TKL bytes) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Observe Option| OSCORE Option ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | EDHOC Option | Other Options (if any) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |1 1 1 1 1 1 1 1| Payload ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ]]></artwork> </figure> </section> <section anchor="client-processing-intro"> <name>Client Processing</name> <t>This section describes the processing on the client side.</t> <section anchor="client-processing"> <name>Processing of the EDHOC + OSCORE Request</name> <t>The client prepares an EDHOC + OSCORE request as follows.</t> <ol spacing="normal"type="1"><li>Composetype="Step %d." indent="9"> <li anchor="L1S1">Compose EDHOC message_3 intoEDHOC_MSG_3,EDHOC_MSG_3 as per <xref section="5.4.2" sectionFormat="of" target="RFC9528"/>.</li><li><li anchor="L1S2"> <t>Establish the new OSCORE Security Context and use it to encrypt the original CoAP request as per <xref section="8.1" sectionFormat="of" target="RFC8613"/>. </t> <t> Note that the OSCORE ciphertext is not computed over EDHOC message_3, which is not protected by OSCORE. That is, the result of this step is the OSCORE Request as in <xref target="fig-non-combined"/>.</t> </li><li><li anchor="L1S3"> <t>Build COMB_PAYLOAD as the concatenation of EDHOC_MSG_3 and OSCORE_PAYLOAD inthis order:the order of COMB_PAYLOAD = EDHOC_MSG_3 | OSCORE_PAYLOAD, where | denotes byte string concatenation and: </t> <ul spacing="normal"> <li>EDHOC_MSG_3 is the binary encoding of EDHOC message_3 resulting fromstep 1.<xref target="L1S1" format="none">Step 1</xref>. As per <xref section="5.4.1" sectionFormat="of" target="RFC9528"/>, EDHOC message_3 consists of one CBOR data item CIPHERTEXT_3, which is a CBOR byte string. Therefore, EDHOC_MSG_3 is the binary encoding of CIPHERTEXT_3.</li> <li>OSCORE_PAYLOAD is the OSCORE ciphertext of the OSCORE-protected CoAP request resulting fromstep 2.</li><xref target="L1S2" format="none">Step 2</xref>.</li> </ul> </li><li><li anchor="L1S4"> <t>Compose the EDHOC + OSCORE request, as the OSCORE-protected CoAP request resulting fromstep 2,<xref target="L1S2" format="none">Step 2</xref>, where the payload is replaced with COMB_PAYLOAD built atstep 3. </t><xref target="L1S3" format="none">Step 3</xref>.</t> <t> Note that the new payload includes EDHOC message_3, but it does not include the EDHOC connection identifier C_R. As the client is the EDHOC Initiator, C_R is the OSCORE Sender ID of the client, which is already specified as the value of the 'kid' field in the OSCOREOptionoption of the request fromstep 2, hence<xref target="L1S2" format="none">Step 2</xref>; hence, C_R is specified as the value of the 'kid' field of the EDHOC + OSCORE request.</t> </li><li><li anchor="L1S5"> <t>Include the new EDHOCOptionoption defined in <xref target="edhoc-option"/> into the EDHOC + OSCORE request. </t> <t> The application/cid-edhoc+cbor-seq media type does not apply to this message, whose media type is unnamed.</t> </li><li>Send<li anchor="L1S6">Send the EDHOC + OSCORE request to the server.</li> </ol> <t>With the same server, the client <bcp14>SHOULD NOT</bcp14> have multiple simultaneous outstanding interactions (see <xref section="4.7" sectionFormat="of"target="RFC7252"/>)target="RFC7252"/>), suchthat:that they consist of an EDHOC + OSCORErequest;request and their EDHOC datapertainpertains to the EDHOC session with the same connection identifier C_R.</t><t>(An<t>An exception might apply for clients that operate under particular time constraints over particularly unreliable networks, thus raising the chances to promptly complete the EDHOC execution with the server throughmultiple,multiple simultaneous EDHOC + OSCORE requests. As discussed in <xref target="security-considerations"/>, this does not have any impact in terms ofsecurity.)</t>security.</t> </section> <section anchor="client-blockwise"> <name>SupportingBlock-wise</name>Block-Wise Transfers</name> <t>If Block-wise transfers <xref target="RFC7959"/>isare supported, the client may fragment the firstapplicationCoAP application request before protecting it as an original message withOSCORE,OSCORE as defined in <xref section="4.1.3.4.1" sectionFormat="of" target="RFC8613"/>.</t> <t>In such a case, the OSCORE processing instep 2<xref target="L1S2" format="none">Step 2</xref> of <xref target="client-processing"/> is performed on each inner block of the firstapplicationCoAPrequest, and theapplication request. The following also applies.</t> <ul spacing="normal"> <li> <t>The client takes theadditionalfollowing additional step betweensteps 2Steps <xref target="L1S2" format="none">2</xref> and3<xref target="L1S3" format="none">3</xref> of <xref target="client-processing"/>. </t><t> A. If<ol spacing='normal' type='Step 2.%d.' indent="10"> <li>If the OSCORE-protected request fromstep 2<xref target="L1S2" format="none">Step 2</xref> conveys a non-first inner block of the firstapplicationCoAP application request (i.e., the Block1Optionoption processed atstepStep 2 had NUM different than 0), then the client skips the following steps and sends the OSCORE-protected request to the server. In particular, the client <bcp14>MUST NOT</bcp14> include the EDHOCOptionoption in the OSCORE-protectedrequest.</t>request.</li></ol> </li> <li> <t>The client takes theadditionalfollowing additional step betweensteps 3Steps <xref target="L1S3" format="none">3</xref> and4<xref target="L1S4" format="none">4</xref> of <xref target="client-processing"/>. </t><t> B.<ol spacing='normal' type='Step 3.%d.' indent="10"><li> If the size of COMB_PAYLOAD exceeds MAX_UNFRAGMENTED_SIZE (see <xref section="4.1.3.4.2" sectionFormat="of" target="RFC8613"/>), the client <bcp14>MUST</bcp14> stop processing the request and <bcp14>MUST</bcp14> abandon the Block-wise transfer. Then, the client can continue by switching to the sequential workflow shown in <xref target="fig-non-combined"/>. That is, the client first sends EDHOC message_3 prepended by the EDHOCConnection Identifierconnection identifier C_R encoded as per <xref section="3.3" sectionFormat="of"target="RFC9528"/>, and thentarget="RFC9528"/>. Then, the client sends the OSCORE-protected CoAP request once the EDHOC execution iscompleted.</t>completed. </li> </ol> </li> </ul> <t>The performance advantage of using the EDHOC + OSCORE request can be lost when used in combination with Block-wise transfers that rely on specific parameter values and block sizes. Application policies at the CoAP client can define when and how to detect whether the performance advantage islost, and, iflost. If that is the case, they can also define whether to appropriately adjust the parameter values and blocksizes,sizes orinsteadto fall back on the sequential workflow of EDHOC.</t> </section> </section> <section anchor="server-processing-intro"> <name>Server Processing</name> <t>This section describes the processing on the server side.</t> <section anchor="server-processing"> <name>Processing of the EDHOC + OSCORE Request</name> <t>In order to process a request containing the EDHOC option, i.e., an EDHOC + OSCORE request, the server <bcp14>MUST</bcp14> perform the following steps.</t> <ol spacing="normal"type="1"><li>Checktype="Step %d." indent="9"> <li anchor="L2S1">Check that the EDHOC + OSCORE request includes the OSCORE option and that the request payload has the format defined atstep 3<xref target="L1S3" format="none">Step 3</xref> of <xref target="client-processing"/> for COMB_PAYLOAD. If this is not the case, the server <bcp14>MUST</bcp14> stop processing the request and <bcp14>MUST</bcp14> reply with a 4.00 (Bad Request) error response.</li><li>Extract<li anchor="L2S2">Extract EDHOC message_3 from the payload COMB_PAYLOAD of the EDHOC + OSCORErequest,request as the first element EDHOC_MSG_3 (seestep 3<xref target="L1S3" format="none">Step 3</xref> of <xref target="client-processing"/>).</li><li>Take<li anchor="L2S3">Take the value of the 'kid' field from the OSCORE option of the EDHOC + OSCORE request (i.e., the OSCORE Sender ID of the client), and use it as the EDHOC connection identifier C_R.</li><li><li anchor="L2S4"> <t>Retrieve the correct EDHOC session by using the connection identifier C_R fromstep 3.<xref target="L2S3" format="none">Step 3</xref>. </t> <t> If the application profile used in the EDHOC session specifies that EDHOC message_4 shall be sent, the server <bcp14>MUST</bcp14> stop the EDHOC processing and consider itfailed, asfailed due to a client error. </t> <t> Otherwise, perform the EDHOC processing on the EDHOC message_3 extracted atstep 2<xref target="L2S2" format="none">Step 2</xref> as per <xref section="5.4.3" sectionFormat="of"target="RFC9528"/>,target="RFC9528"/> based on the protocol state of the retrieved EDHOC session. </t> <t> The application profile used in the EDHOC session is the same one associated with the EDHOC resource where the server received the request conveying EDHOC message_1 that started the session. This is relevant in case the server provides multiple EDHOCresources, whichresources that may generally refer to different application profiles.</t> </li><li>Establish<li anchor="L2S5">Establish a new OSCORE Security Context associated with the client as per <xref section="A.1" sectionFormat="of"target="RFC9528"/>,target="RFC9528"/> using the EDHOC output fromstep 4.</li> <li>Extract<xref target="L2S4" format="none">Step 4</xref>.</li> <li anchor="L2S6">Extract the OSCORE ciphertext from the payload COMB_PAYLOAD of the EDHOC + OSCORErequest,request as the second element OSCORE_PAYLOAD (seestep 3<xref target="L1S3" format="none">Step 3</xref> of <xref target="client-processing"/>).</li><li>Rebuild<li anchor="L2S7">Rebuild the OSCORE-protected CoAPrequest,request as the EDHOC + OSCORErequestrequest, where the payload is replaced with the OSCORE ciphertext extracted atstep 6.<xref target="L2S6" format="none">Step 6</xref>. Then, remove the EDHOC option.</li><li><li anchor="L2S8"> <t>Decrypt and verify the OSCORE-protected CoAP request rebuilt atstep 7,<xref target="L2S7" format="none">Step 7</xref> as per <xref section="8.2" sectionFormat="of"target="RFC8613"/>,target="RFC8613"/> by using the OSCORE Security Context established atstep 5. </t><xref target="L2S5" format="none">Step 5.</xref></t> <t> When the decrypted request is checked for any critical CoAP options (as it is during regular CoAP processing), the presence of an EDHOC option <bcp14>MUST</bcp14> be regarded as an unprocessed criticaloption,option unless it is processed by some further mechanism.</t> </li><li>Deliver<li anchor="L2S9">Deliver the CoAP request resulting fromstep 8<xref target="L2S8" format="none">Step 8</xref> to the application.</li> </ol> <t>Ifsteps 4Steps <xref target="L2S4" format="none">4</xref> (EDHOC processing) and8<xref target="L2S8" format="none">8</xref> (OSCORE processing) are both successfully completed, the server <bcp14>MUST</bcp14> reply with an OSCORE-protected response (see <xref section="5.4.3" sectionFormat="of" target="RFC9528"/>). The usage of EDHOC message_4 as defined in <xref section="5.5" sectionFormat="of" target="RFC9528"/> is not applicable to the approach defined in this document.</t> <t>Ifstep 4<xref target="L2S4" format="none">Step 4</xref> (EDHOC processing) fails, the server aborts the session as per <xref section="5.4.3" sectionFormat="of" target="RFC9528"/> and responds with an EDHOC error message with error code 1, which is formatted as defined in <xref section="6.2" sectionFormat="of" target="RFC9528"/>. The server <bcp14>MUST NOT</bcp14> establish a new OSCORE Security Context from the present EDHOC session with the client. The CoAP response conveying the EDHOC error message is not protected with OSCORE. As per <xref section="9.5" sectionFormat="of" target="RFC9528"/>, the server has to make sure that the error message does not reveal sensitive information. The CoAP response conveying the EDHOC error message <bcp14>MUST</bcp14> have Content-Format set to application/edhoc+cbor-seq registered in <xref section="10.9" sectionFormat="of" target="RFC9528"/>.</t> <t>Ifstep 4<xref target="L2S4" format="none">Step 4</xref> (EDHOC processing) is successfully completed butstep 8<xref target="L2S8" format="none">Step 8</xref> (OSCORE processing) fails, the same OSCORE error handling as defined in <xref section="8.2" sectionFormat="of" target="RFC8613"/> applies.</t> </section> <section anchor="server-blockwise"> <name>SupportingBlock-wise</name>Block-Wise Transfers</name> <t>If Block-wise transfers <xref target="RFC7959"/>isare supported, the server takes the additional following step before any other in <xref target="server-processing"/>.</t><t>A. If Block-wise<ol spacing='normal' type='Step %d.' start='0' indent="9"> <li>If a Block option is present in the request, then process the Outer Block options according to <xreftarget="RFC7959"/>,target="RFC7959"/> until all blocks of the request have been received (see <xref section="4.1.3.4" sectionFormat="of"target="RFC8613"/>).</t>target="RFC8613"/>).</li></ol> </section> </section> <section anchor="example"> <name>Example of the EDHOC + OSCORE Request</name> <t><xref target="fig-edhoc-opt-2"/> shows an example of an EDHOC + OSCORERequestrequest transported over UDP. In particular, the example assumes that:</t> <ul spacing="normal"> <li>The OSCORE Partial IV in use is0,0 consistently with the first request protected with the new OSCORE Security Context.</li> <li> <t>The OSCORE Sender ID of the client is 0x01. </t> <t> As per <xref section="3.3.3" sectionFormat="of" target="RFC9528"/>, this straightforwardly corresponds to the EDHOC connection identifier C_R 0x01. </t> <t> As per <xref section="3.3.2" sectionFormat="of" target="RFC9528"/>, when using the sequential flow shown in <xref target="fig-non-combined"/>, the same C_R with a value of 0x01 would be encoded on the wire as the CBOR integer 1 (0x01 in CBORencoding),encoding) and prepended to EDHOC message_3 in the payload of the second EDHOC request.</t> </li><li>The EDHOC option is registered with CoAP option number 21.</li></ul><t>Note to RFC Editor: Please delete the last bullet point in the previous list, since, at the time of publication, the CoAP option number will be in fact registered.</t><t>This results in the following components shown in <xref target="fig-edhoc-opt-2"/>:</t><ul<dl spacing="normal"><li>OSCORE<dt>OSCORE optionvalue: 0x090001value:</dt><dd>0x090001 (3bytes)</li> <li>EDHOCbytes)</dd> <dt>EDHOC optionvalue: -value:</dt><dd>- (0bytes)</li> <li>EDHOC message_3: 0x52d5535f3147e85f1cfacd9e78abf9e0a81bbfbytes)</dd> <dt>EDHOC message_3:</dt><dd>0x52d5535f3147e85f1cfacd9e78abf9e0a81bbf (19bytes)</li> <li>OSCORE ciphertext: 0x612f1092f1776f1c1668b3825ebytes)</dd> <dt>OSCORE ciphertext:</dt><dd>0x612f1092f1776f1c1668b3825e (13bytes)</li> </ul>bytes)</dd></dl> <figure anchor="fig-edhoc-opt-2"> <name>Example of a Protected CoAPmessage transported over UDP, combiningRequest Combining EDHOCdataand OSCOREdata as signalled with the EDHOC Option.</name> <artwork type="~" align="center"><![CDATA[ Protected CoAP request (OSCORE message):Data</name> <sourcecode type="coap"><![CDATA[ 0x44025d1f ; CoAP 4-byteheaderHeader 00003974 ; Token 93 090001 ; OSCORE Option c0 ; EDHOC Option ff 52d5535f3147e85f1cfacd9e78abf9e0a81bbf 612f1092f1776f1c1668b3825e (46 bytes)]]></artwork>]]></sourcecode> </figure> </section> </section> <section anchor="use-of-ids"> <name>Use of EDHOC Connection Identifiers with OSCORE</name> <t>The OSCORE Sender/Recipient IDs are the EDHOC connection identifiers (see <xref section="3.3.3" sectionFormat="of" target="RFC9528"/>). This applies also to the optimized workflow defined in <xref target="edhoc-in-oscore"/> of this document.</t> <t>Notethat, at step 3 of <xref target="server-processing"/>,that the value of the 'kid' field in the OSCOREOptionoption of the EDHOC + OSCORE request is both the server's Recipient ID (i.e., the client's Sender ID) and the EDHOCConnection Identifierconnection identifier C_R of theserver.</t>server at <xref target="L2S3" format="none">Step 3</xref> of <xref target="server-processing"/>.</t> <section anchor="oscore-edhoc-message-processing"> <name>Additional Processing of EDHOC Messages</name> <t>When using EDHOC to establish an OSCORE Security Context, the client and server <bcp14>MUST</bcp14> perform the following additional steps during an EDHOC execution, thus extending <xref section="5" sectionFormat="of" target="RFC9528"/>.</t> <section anchor="initiator-processing-of-message-1"> <name>Initiator Processing of Message 1</name> <t>The Initiator selects an EDHOCConnection Identifierconnection identifier C_I as follows.</t> <t>The Initiator <bcp14>MUST</bcp14> choose a C_I that is neither used in any current EDHOC session as this peer's EDHOCConnection Identifier,connection identifier nor the Recipient ID in a current OSCORE Security Context where the ID Context is not present.</t> <t>The chosen C_I <bcp14>SHOULD NOT</bcp14> be the Recipient ID of any current OSCORE Security Context. Note that, unless the two peers concurrently use alternative methods to establish OSCORE Security Contexts, this allows the Responder to always omit the 'kid context' in the OSCOREOptionoption of its messages sent to theInitiator,Initiator when protecting those with an OSCORE Security Context where C_I is the Responder's OSCORE Sender ID (see <xref section="6.1" sectionFormat="of" target="RFC8613"/>).</t> </section> <section anchor="responder-processing-of-message-2"> <name>Responder Processing of Message 2</name> <t>The Responder selects an EDHOCConnection Identifierconnection identifier C_R as follows.</t> <t>The Responder <bcp14>MUST</bcp14> choose a C_R that isneither usednone of the following:</t> <ul><li>used in any current EDHOC session as this peer's EDHOCConnection Identifier, nor is equalconnection identifier,</li> <li>equal to the EDHOCConnection Identifierconnection identifier C_I specified in the EDHOC message_1 of the present EDHOC session,nor is theor</li> <li>the Recipient ID in a current OSCORE Security Context where the ID Context is notpresent.</t>present.</li></ul> <t>The chosen C_R <bcp14>SHOULD NOT</bcp14> be the Recipient ID of any current OSCORE Security Context. Note that, for a reason analogous to the one givenabovein <xref target="initiator-processing-of-message-1"/> with C_I, this allows the Initiator to always omit the 'kid context' in the OSCOREOptionoption of its messages sent to theResponder,Responder when protecting those with an OSCORE Security Context where C_R is the Initiator's OSCORE Sender ID (see <xref section="6.1" sectionFormat="of" target="RFC8613"/>).</t> </section> <section anchor="initiator-processing-of-message-2"> <name>Initiator Processing of Message 2</name> <t>If the EDHOCConnection Identifierconnection identifier C_I is equal to the EDHOCConnection Identifierconnection identifier C_R specified in EDHOC message_2, then the Initiator <bcp14>MUST</bcp14> abort the session and reply with an EDHOC error message with error code1,1 formatted as defined in <xref section="6.2" sectionFormat="of" target="RFC9528"/>.</t> </section> </section> </section> <section anchor="app-statements"> <name>Extension and Consistency of Application Profiles</name> <t>It is possible to include the information below in the application profile referred by the client andserver,server according to the specified consistency rules.</t> <t>If the server supports the EDHOC + OSCORE request within an EDHOC execution started at a certain EDHOC resource, then the application profile associated with that resource <bcp14>SHOULD</bcp14> explicitly specify support for the EDHOC + OSCORE request.</t> <t>In the case where the application profile indicates that the server supports the optional EDHOC message_4 (see <xref section="5.5" sectionFormat="of" target="RFC9528"/>), it is still possible to use the optimized workflow based on the EDHOC + OSCORE request. However, this means that the server is not going to send EDHOCmessage_4,message_4 since it is not applicable to the optimized workflow (see <xref target="server-processing"/>).</t> <t>Also, in the case where the application profile indicates that the server shall send EDHOC message_4,thenthe application profile <bcp14>MUST NOT</bcp14> specify support for the EDHOC + OSCORErequest, and thererequest. There is no point for the client to use the optimizedworkflow, whichworkflow that is bound to fail (see <xref target="server-processing"/>).</t> </section> <section anchor="web-linking"> <name>Web Linking</name> <t><xref section="10.10" sectionFormat="of" target="RFC9528"/> registers the resource type "core.edhoc", which can be used as target attribute in a web link <xref target="RFC8288"/> to an EDHOC resource, e.g., using a link-format document <xref target="RFC6690"/>. This enables clients to discover the presence of EDHOC resources at a server, possibly using the resource type as a filter criterion.</t> <t>At the same time, the application profile associated with an EDHOC resource provides information describing how the EDHOC protocol can be used through that resource. A client may become aware of the application profile, e.g., by obtaining its information elements upon discovering the EDHOC resources at the server. This allows the client to discoverespeciallythe EDHOC resources whose associated application profile denotes a way of using EDHOCwhichthat is most suitable to the client, e.g., with EDHOC cipher suites or authentication methods that the client also supports or prefers.</t> <t>That is, while discovering an EDHOC resource, a client can contextually obtain relevant pieces of information from the application profile associated with that resource. The resource discovery can occur by means of a direct interaction with theserver,server orinsteadby means of the CoRE Resource Directory <xreftarget="RFC9176"/>,target="RFC9176"/> where the server may have registered the links to its resources.</t> <t>In order to enable the above, this section defines a number of parameters, each of which can be optionally specified as a target attribute with the same name in the link to the respective EDHOCresource,resource or as filtercriteriacriterion in a discovery request from the client. When specifying these parameters in a link to an EDHOC resource, the target attribute rt="core.edhoc" <bcp14>MUST</bcp14> beincluded,included and the same consistency rules defined in <xref target="app-statements"/> for the corresponding information elements of an application profile <bcp14>MUST</bcp14> be followed.</t> <t>The following parameters are defined.</t><ul<dl spacing="normal"><li>'ed-i', specifying, if<dt>'ed-i':</dt><dd>If present, specifies that the server supports the EDHOC Initiator role, hence the reverse message flow of EDHOC. A value <bcp14>MUST NOT</bcp14> be given to this parameter and any present value <bcp14>MUST</bcp14> be ignored by therecipient.</li> <li>'ed-r', specifying, ifrecipient.</dd> <dt>'ed-r':</dt><dd>If present, specifies that the server supports the EDHOC Responder role, hence the forward message flow of EDHOC. A value <bcp14>MUST NOT</bcp14> be given to this parameter and any present value <bcp14>MUST</bcp14> be ignored by therecipient.</li> <li>'ed-method', specifyingrecipient.</dd> <dt>'ed-method':</dt><dd>Specifies an authentication method supported by the server. This parameter <bcp14>MUST</bcp14> specify a single value, which is taken from the 'Value' column of the "EDHOC Method Type" registry defined in <xref section="10.3" sectionFormat="of" target="RFC9528"/>. This parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence specifying an authenticationmethod.</li> <li>'ed-csuite', specifyingmethod.</dd> <dt>'ed-csuite':</dt><dd>Specifies an EDHOC cipher suite supported by the server. This parameter <bcp14>MUST</bcp14> specify a single value, which is taken from the 'Value' column of the "EDHOC Cipher Suites" registry defined in <xref section="10.2" sectionFormat="of" target="RFC9528"/>. This parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence specifying a ciphersuite.</li> <li>'ed-cred-t', specifyingsuite.</dd> <dt>'ed-cred-t':</dt><dd>Specifies a type of authentication credential supported by the server. This parameter <bcp14>MUST</bcp14> specify a single value, which is taken from the 'Value' column of the "EDHOC Authentication Credential Types" Registry defined in <xref target="iana-edhoc-auth-cred-types"/> of this document. This parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence specifying a type of authenticationcredential.</li> <li> <t>'ed-idcred-t', specifyingcredential.</dd> <dt>'ed-idcred-t':</dt><dd><t>Specifies a type of identifier supported by the server for identifying authentication credentials. This parameter <bcp14>MUST</bcp14> specify a single value, which is taken from the 'Label' column of the "COSE Header Parameters" registry <xref target="COSE.Header.Parameters"/>. This parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence specifying a type of identifier for authenticationcredentials. </t>credentials.</t> <t> Note that the values in the 'Label' column of the "COSE Header Parameters" registry are strongly typed. On the contrary, CoRE Link Format is weaklytyped and thustyped; thus, it does not distinguish between, for instance, the string value "-10" and the integer value -10.Thus,Therefore, if responses in CoRE Link Format are returned, string valueswhichthat look like an integer are not supported.Therefore,Thus, such values <bcp14>MUST NOT</bcp14> be used in the 'ed-idcred-t' parameter.</t></li> <li>'ed-ead', specifying</dd> <dt>'ed-ead':</dt><dd>Specifies the support of the server for an External Authorization Data (EAD) item (see <xref section="3.8" sectionFormat="of" target="RFC9528"/>). This parameter <bcp14>MUST</bcp14> specify a single value, which is taken from the 'Label' column of the "EDHOC External Authorization Data" registry defined in <xref section="10.5" sectionFormat="of" target="RFC9528"/>. This parameter <bcp14>MAY</bcp14> occur multiple times, with each occurrence specifying the ead_label of an EAD item that the serversupports.</li> <li>'ed-comb-req', specifying, ifsupports.</dd> <dt>'ed-comb-req':</dt><dd>If present, specifies that the server supports the EDHOC + OSCORE request defined in <xref target="edhoc-in-oscore"/>. A value <bcp14>MUST NOT</bcp14> be given to this parameter and any present value <bcp14>MUST</bcp14> be ignored by therecipient.</li> </ul> <t>(Futurerecipient.</dd> </dl> <t>Future documents may update the definition of the parameters 'ed-i', 'ed-r', and'ed-comb-req','ed-comb-req' by expanding their semantics and specifying what they can take asvalue.)</t>value.</t> <t>The example in <xref target="fig-web-link-example"/> shows how a client discovers one EDHOC resource at aserver, obtainingserver and obtains information elements from the respective application profile. The CoRE Link Format notation from <xref section="5" sectionFormat="of" target="RFC6690"/> is used.</t> <figure anchor="fig-web-link-example"> <name>The WebLink.</name>Link</name> <artwork align="center"><![CDATA[ REQ: GET /.well-known/core RES: 2.05 Content </sensors/temp>;osc, </sensors/light>;if=sensor, </.well-known/edhoc>;rt=core.edhoc;ed-csuite=0;ed-csuite=2;ed-method=0;ed-cred-t=1;ed-cred-t=3;ed-idcred-t=4;ed-method=0;ed-cred-t=0;ed-cred-t=1;ed-idcred-t=4; ed-i;ed-r;ed-comb-req ]]></artwork> </figure> </section> <section anchor="security-considerations"> <name>Security Considerations</name> <t>The same security considerations from OSCORE <xref target="RFC8613"/> and EDHOC <xref target="RFC9528"/> hold for this document. In addition, the following considerationsalsoapply.</t> <t><xref target="client-processing"/> specifies that a client <bcp14>SHOULD NOT</bcp14> have multiple outstanding EDHOC + OSCORE requests pertaining to the same EDHOC session. Even if a client did not fulfill this requirement, it would not have any impact in terms of security. That is, the server would still not process different instances of the same EDHOC message_3 more than once in the same EDHOC session (see <xref section="5.1" sectionFormat="of"target="RFC9528"/>),target="RFC9528"/>) and would still enforce replay protection of the OSCORE-protected request (see Sections <xref target="RFC8613" section="7.4" sectionFormat="bare"/> and <xref target="RFC8613" section="8.2" sectionFormat="bare"/> of <xref target="RFC8613"/>).</t> <t>When using the optimized workflow in <xref target="fig-combined"/>, a minimum of 128-bit security against onlinebrute forcebrute-force attacks is achieved after the client receives and successfully verifies the first OSCORE-protected response (see Sections <xref target="RFC9528" section="9.1" sectionFormat="bare"/> and <xref target="RFC9528" section="9.4" sectionFormat="bare"/> of <xref target="RFC9528"/>). As an example, if EDHOC is used with method 3 (see <xref section="3.2" sectionFormat="of" target="RFC9528"/>) and cipher suite 2 (see <xref section="3.6" sectionFormat="of" target="RFC9528"/>), then the followingholds.</t>holds:</t> <ul spacing="normal"> <li>The Initiator is authenticated with 128-bit security against online attacks. As per <xref section="9.1" sectionFormat="of" target="RFC9528"/>, this results from the combination of the strength of the 64-bitMACMessage Authentication Code (MAC) in EDHOC message_3 and of the 64-bit MAC in theAEADAuthenticated Encryption with Associated Data (AEAD) of the first OSCORE-protected CoAPrequest,request as rebuilt atstep 7<xref target="L2S7" format="none">Step 7</xref> of <xref target="server-processing"/>.</li> <li>The Responder is authenticated with 128-bit security against online attacks. As per <xref section="9.1" sectionFormat="of" target="RFC9528"/>, this results from the combination of the strength of the 64-bit MAC in EDHOC message_2 and of the 64-bit MAC in the AEAD of the first OSCORE-protected CoAP response.</li> </ul> <t>With reference to the sequential workflow in <xref target="fig-non-combined"/>, the OSCORE request might have to undergoaccess controlaccess-control checks at theserver,server before being actually executed for accessing the target protected resource. The same <bcp14>MUST</bcp14> hold when the optimized workflow in <xref target="fig-combined"/> is used, i.e., when using the EDHOC + OSCORE request.</t> <t>That is, the rebuilt OSCORE-protected application request fromstep 7<xref target="L2S7" format="none">Step 7</xref> in <xref target="server-processing"/> <bcp14>MUST</bcp14> undergo the sameaccess controlaccess-control checks that would be performed on a traditional OSCORE-protected application request sent individually as shown in <xref target="fig-non-combined"/>.</t> <t>To this end, validated information to performaccess controlaccess-control checks (e.g., an access token issued by a trusted party) has to be available at the server before starting to process the rebuilt OSCORE-protected application request. Such information may have been provided to the server separately before starting the EDHOC execution altogether, or instead as External Authorization Data during the EDHOC execution (see <xref section="3.8" sectionFormat="of" target="RFC9528"/>).</t> <t>Thus, a successful completion of the EDHOC protocol and the following derivation of the OSCORE Security Context at the server do not play a role in determining whether the rebuilt OSCORE-protected request is authorized to access the target protected resource at the server.</t> </section> <section anchor="iana-considerations"> <name>IANA Considerations</name> <t>This document has the following actions for IANA.</t><t>Note to RFC Editor: Please replace all occurrences of "[RFC-XXXX]" with the RFC number of this specification and delete this paragraph.</t><section anchor="iana-coap-options"> <name>CoAP Option Numbers Registry</name> <t>IANAis asked to enterhas registered the following option numbertoin the "CoAP Option Numbers" registry within the"CoRE"Constrained RESTful Environments (CoRE) Parameters" registry group.</t> <table align="center"><name>Registrations<name>Registration inCoAPthe "CoAP OptionNumbersNumbers" Registry</name> <thead> <tr> <th align="left">Number</th> <th align="left">Name</th> <th align="left">Reference</th> </tr> </thead> <tbody> <tr> <td align="left">21</td> <td align="left">EDHOC</td> <tdalign="left">[RFC-XXXX]</td>align="left">RFC 9668</td> </tr> </tbody> </table><t>Note to RFC Editor: Please delete this paragraph and all the following text within the present <xref target="iana-coap-options"/>.</t> <t>[</t> <t>The CoAP option number 21 is consistent with the properties of the EDHOC Option defined in <xref target="edhoc-option"/>, and it allows the EDHOC Option to always result in an overall size of 1 byte. This is because:</t> <ul spacing="normal"> <li>The EDHOC option is always empty, i.e., with zero-length value; and</li> <li>Since the OSCORE Option with option number 9 is always present in the EDHOC + OSCORE request, the EDHOC Option is encoded with a delta equal to at most 12.</li> </ul> <t>Although the currently unassigned option number 13 would also work well for the same reasons in the use case in question, different use cases or protocols may make a better use of the option number 13. Hence the preference for the option number 21, and why it is <em>not</em> necessary to register additional option numbers than 21.</t> <t>]</t></section> <section anchor="iana-target-attributes"> <name>Target Attributes Registry</name> <t>IANAis asked to registerhas registered the following entries in the "Target Attributes" registry <xref target="CORE.Target.Attributes"/> within the "Constrained RESTful Environments (CoRE) Parameters" registrygroup,group as per <xreftarget="I-D.ietf-core-target-attr"/>.target="RFC9423"/>. For all entries, the Change Controller isIETF,"IETF" and the reference is[RFC-XXXX].</t>"[RFC 9668]".</t> <table align="center"> <name>Registrations inTarget Attributesthe "Target Attributes" Registry</name> <thead> <tr> <th align="left">AttributeName:</th>Name</th> <th align="left">BriefDescription:</th>Description</th> </tr> </thead> <tbody> <tr> <td align="left">ed-i</td> <td align="left">Hint: support for the EDHOC Initiator role</td> </tr> <tr> <td align="left">ed-r</td> <td align="left">Hint: support for the EDHOC Responder role</td> </tr> <tr> <td align="left">ed-method</td> <td align="left">A supported authentication method for EDHOC</td> </tr> <tr> <td align="left">ed-csuite</td> <td align="left">A supported cipher suite for EDHOC</td> </tr> <tr> <td align="left">ed-cred-t</td> <td align="left">A supported type of authentication credential for EDHOC</td> </tr> <tr> <td align="left">ed-idcred-t</td> <td align="left">A supported type of authentication credential identifier for EDHOC</td> </tr> <tr> <td align="left">ed-ead</td> <td align="left">A supported External Authorization Data (EAD) item for EDHOC</td> </tr> <tr> <td align="left">ed-comb-req</td> <td align="left">Hint: support for theEDHOC+OSCOREEDHOC + OSCORE request</td> </tr> </tbody> </table> </section> <section anchor="iana-edhoc-auth-cred-types"> <name>EDHOC Authentication Credential Types Registry</name> <t>IANAis requested to create a newhas created the "EDHOC Authentication Credential Types" registry within the "Ephemeral Diffie-Hellman Over COSE (EDHOC)" registry group defined in <xref target="RFC9528"/>.</t><t>As<t>The registrationpolicy, the registry usespolicy is either "Private Use", "Standards Action with Expert Review", or "Specification Required" per <xrefsection="4.6" sectionFormat="of"target="RFC8126"/>.Expert Review"Expert Review" guidelines are provided in <xref target="review"/>.</t> <t>All assignments according to "Standards Action with Expert Review" are made on a "Standards Action" basis per <xref section="4.9" sectionFormat="of"target="RFC8126"/>,target="RFC8126"/> withExpert Review"Expert Review" additionally required per <xref section="4.5" sectionFormat="of" target="RFC8126"/>. The procedure for early IANA allocation ofStandards Track"standards track codepointspoints" defined in <xref target="RFC7120"/> also applies. When such a procedure is used,review and approval byIANA will ask the designatedexpert are also required, in order for the WG chairsexpert(s) todetermine thatapprove theconditions forearly allocation before registration. In addition, working group chairs aremet (see step 2encouraged to consult the expert(s) early during the process outlined in <xref section="3.1" sectionFormat="of"target="RFC7120"/>).</t>target="RFC7120"/>.</t> <t>The columns of this registry are:</t><ul<dl spacing="normal"><li> <t>Value: This<dt>Value:</dt><dd><t>This field contains the value used to identify the type of authentication credential. These values <bcp14>MUST</bcp14> be unique. The value can be an unsigned integer or a negativeinteger, in the range from -65536 to 65535.integer. Different ranges of values use different registrationpolicies <xref target="RFC8126"/>: </t>policies:</t> <ul spacing="normal"> <li>Integer values from -24 to 23 are designated as "Standards Action With Expert Review".</li> <li>Integer values from -65536 to -25 and from 24 to 65535 are designated as "Specification Required".</li> <li>Integer values smaller than -65536 and greater than 65535 are marked as "Private Use".</li> </ul></li> <li>Description: This</dd> <dt>Description:</dt><dd>This field contains a short description of the type of authenticationcredential.</li> <li>Reference: Thiscredential.</dd> <dt>Reference:</dt><dd>This field contains a pointer to the public specification for the type of authenticationcredential.</li> </ul> <t>Initial entries in this registry are as listed in <xref target="pre-reg"/>.</t>credential.</dd> </dl> <table align="center" anchor="pre-reg"> <name>Initial Entries in the "EDHOC Authentication Credential Types" Registry</name> <thead> <tr> <th align="left">Value</th> <th align="left">Description</th> <th align="left">Reference</th> </tr> </thead> <tbody> <tr> <td align="left">0</td> <td align="left">CBOR Web Token (CWT) containing a COSE_Key in a 'cnf' claim and possibly other claims. CWT is defined in RFC 8392.</td> <td align="left"> <xref target="RFC8392"/></td> </tr> <tr> <td align="left">1</td> <td align="left">CWT Claims Set (CCS) containing a COSE_Key in a 'cnf' claim and possibly other claims. CCS is defined in RFC 8392.</td> <td align="left"> <xref target="RFC8392"/></td> </tr> <tr> <td align="left">2</td> <td align="left">X.509 certificate</td> <td align="left"> <xref target="RFC5280"/></td> </tr> </tbody> </table> </section> <section anchor="review"> <name>Expert Review Instructions</name><t>The IANA registry established in this document is defined as "Standards<t>"Standards Action with Expert Review"orand "SpecificationRequired", depending on the rangeRequired" are two ofvaluesthe registration policies defined forwhich an assignment is requested.the IANA registry established in <xref target="iana-edhoc-auth-cred-types"/>. This section gives some general guidelines for what the experts should be looking for;buthowever, they are being designated as experts for a reason, so they should be given substantial latitude.</t> <t>Expert reviewers should take into consideration the following points:</t> <ul spacing="normal"> <li>Clarity and correctness of registrations. Experts are expected to check the clarity of purpose and use of the requested entries. Experts need to make sure that registered identifiers indicate a type of authentication credential whose format and encoding is clearly defined in the corresponding specification. Identifiers of types of authentication credentials that do not meet theseobjectiveobjectives of clarity and completeness must not be registered.</li> <li>Point squatting should be discouraged. Reviewers are encouraged to get sufficient information for registration requests to ensure that the usage is not going to duplicate one that is already registered and that the point is likely to be used in deployments. The zones tagged as "Private Use" are intended for testing purposes and closed environments. Code points in other ranges should not be assigned for testing.</li> <li>Specifications are required for the "Standards Action With Expert Review" range of point assignment. Specifications should exist for "Specification Required" ranges, but early assignment before a specification is available is considered to be permissible. When specifications are not provided, the description provided needs to have sufficient information to identify what the point is being used for.</li> <li>Experts should take into account the expected usage of fields when approving point assignment.The fact that there is a range for Standards Track documents does not mean that aDocuments published via StandardsTrack document cannot haveAction can also register pointsassignedoutsideof thatthe Standards Action range. The length of the encoded value should be weighed against how many code points of that length are left, the size of device it will be used on, and the number of code points left that encode to that size.</li> </ul> </section> </section> </middle> <back> <references> <name>References</name> <references> <name>Normative References</name><reference anchor="RFC5280"> <front> <title>Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile</title> <author fullname="D. Cooper" initials="D." surname="Cooper"/> <author fullname="S. Santesson" initials="S." surname="Santesson"/> <author fullname="S. Farrell" initials="S." surname="Farrell"/> <author fullname="S. Boeyen" initials="S." surname="Boeyen"/> <author fullname="R. Housley" initials="R." surname="Housley"/> <author fullname="W. Polk" initials="W." surname="Polk"/> <date month="May" year="2008"/> <abstract> <t>This memo profiles the X.509 v3 certificate and X.509 v2 certificate revocation list (CRL) for use in the Internet. An overview of this approach and model is provided as an introduction. The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms. Standard certificate extensions are described and two Internet-specific extensions are defined. A set of required certificate extensions is specified. The X.509 v2 CRL format is described in detail along with standard and Internet-specific extensions. An algorithm for X.509 certification path validation is described. An ASN.1 module and examples are provided in the appendices. [STANDARDS-TRACK]</t> </abstract> </front> <seriesInfo name="RFC" value="5280"/> <seriesInfo name="DOI" value="10.17487/RFC5280"/> </reference> <reference anchor="RFC6690"> <front> <title>Constrained RESTful Environments (CoRE) Link Format</title> <author fullname="Z. Shelby" initials="Z." surname="Shelby"/> <date month="August" year="2012"/> <abstract> <t>This specification defines Web Linking using a link format for use by constrained web servers to describe hosted resources, their attributes, and other relationships between links. Based on the HTTP Link Header field defined in RFC 5988, the Constrained RESTful Environments (CoRE) Link Format is carried as a payload and is assigned an Internet media type. "RESTful" refers to the Representational State Transfer (REST) architecture. A well-known URI is defined as a default entry point for requesting the links hosted by a server. [STANDARDS-TRACK]</t> </abstract> </front> <seriesInfo name="RFC" value="6690"/> <seriesInfo name="DOI" value="10.17487/RFC6690"/> </reference> <reference anchor="RFC7120"> <front> <title>Early IANA Allocation of Standards Track Code Points</title> <author fullname="M. Cotton" initials="M." surname="Cotton"/> <date month="January" year="2014"/> <abstract> <t>This memo describes the process for early allocation of code points by IANA from registries for which "Specification Required", "RFC Required", "IETF Review", or "Standards Action" policies apply. This process can be used to alleviate the problem where code point allocation is needed to facilitate desired or required implementation and deployment experience prior to publication of an RFC, which would normally trigger code point allocation. The procedures in this document are intended to apply only to IETF Stream documents.</t> </abstract> </front> <seriesInfo name="BCP" value="100"/> <seriesInfo name="RFC" value="7120"/> <seriesInfo name="DOI" value="10.17487/RFC7120"/> </reference> <reference anchor="RFC7252"> <front> <title>The Constrained Application Protocol (CoAP)</title> <author fullname="Z. Shelby" initials="Z." surname="Shelby"/> <author fullname="K. Hartke" initials="K." surname="Hartke"/> <author fullname="C. Bormann" initials="C." surname="Bormann"/> <date month="June" year="2014"/> <abstract> <t>The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained (e.g., low-power, lossy) networks. The nodes often have 8-bit microcontrollers with small amounts of ROM and RAM, while constrained networks such as IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs) often have high packet error rates and a typical throughput of 10s of kbit/s. The protocol is designed for machine- to-machine (M2M) applications such as smart energy and building automation.</t> <t>CoAP provides a request/response interaction model between application endpoints, supports built-in discovery of services and resources, and includes key concepts of the Web such as URIs and Internet media types. CoAP is designed to easily interface with HTTP for integration with the Web while meeting specialized requirements such as multicast support, very low overhead, and simplicity for constrained environments.</t> </abstract> </front> <seriesInfo name="RFC" value="7252"/> <seriesInfo name="DOI" value="10.17487/RFC7252"/> </reference> <reference anchor="RFC7959"> <front> <title>Block-Wise Transfers in the Constrained Application Protocol (CoAP)</title> <author fullname="C. Bormann" initials="C." surname="Bormann"/> <author fullname="Z. Shelby" initials="Z." role="editor" surname="Shelby"/> <date month="August" year="2016"/> <abstract> <t>The Constrained Application Protocol (CoAP) is a RESTful transfer protocol for constrained nodes and networks. Basic CoAP messages work well for small payloads from sensors and actuators; however, applications will need to transfer larger payloads occasionally -- for instance, for firmware updates. In contrast to HTTP, where TCP does the grunt work of segmenting and resequencing, CoAP is based on datagram transports such as UDP or Datagram Transport Layer Security (DTLS). These transports only offer fragmentation, which is even more problematic in constrained nodes and networks, limiting the maximum size of resource representations that can practically be transferred.</t> <t>Instead of relying on IP fragmentation, this specification extends basic CoAP with a pair of "Block" options for transferring multiple blocks of information from a resource representation in multiple request-response pairs. In many important cases, the Block options enable a server to be truly stateless: the server can handle each block transfer separately, with no need for a connection setup or other server-side memory of previous block transfers. Essentially, the Block options provide a minimal way to transfer larger representations in a block-wise fashion.</t> <t>A CoAP implementation that does not support these options generally is limited in the size of the representations that can be exchanged, so there is an expectation that the Block options will be widely used in CoAP implementations. Therefore, this specification updates RFC 7252.</t> </abstract> </front> <seriesInfo name="RFC" value="7959"/> <seriesInfo name="DOI" value="10.17487/RFC7959"/> </reference> <reference anchor="RFC8126"> <front> <title>Guidelines for Writing an IANA Considerations Section in RFCs</title> <author fullname="M. Cotton" initials="M." surname="Cotton"/> <author fullname="B. Leiba" initials="B." surname="Leiba"/> <author fullname="T. Narten" initials="T." surname="Narten"/> <date month="June" year="2017"/> <abstract> <t>Many protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).</t> <t>To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.</t> <t>This is the third edition of this document; it obsoletes RFC 5226.</t> </abstract> </front> <seriesInfo name="BCP" value="26"/> <seriesInfo name="RFC" value="8126"/> <seriesInfo name="DOI" value="10.17487/RFC8126"/> </reference> <reference anchor="RFC8288"> <front> <title>Web Linking</title> <author fullname="M. Nottingham" initials="M." surname="Nottingham"/> <date month="October" year="2017"/> <abstract> <t>This specification defines a model for the relationships between resources on the Web ("links") and the type of those relationships ("link relation types").</t> <t>It also defines the serialisation of such links in HTTP headers with the Link header field.</t> </abstract> </front> <seriesInfo name="RFC" value="8288"/> <seriesInfo name="DOI" value="10.17487/RFC8288"/> </reference> <reference anchor="RFC8392"> <front> <title>CBOR Web Token (CWT)</title> <author fullname="M. Jones" initials="M." surname="Jones"/> <author fullname="E. Wahlstroem" initials="E." surname="Wahlstroem"/> <author fullname="S. Erdtman" initials="S." surname="Erdtman"/> <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/> <date month="May" year="2018"/> <abstract> <t>CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR), and CBOR Object Signing and Encryption (COSE) is used for added application-layer security protection. A claim is a piece of information asserted about a subject and is represented as a name/value pair consisting of a claim name and a claim value. CWT is derived from JSON Web Token (JWT) but uses CBOR rather than JSON.</t> </abstract> </front> <seriesInfo name="RFC" value="8392"/> <seriesInfo name="DOI" value="10.17487/RFC8392"/> </reference> <reference anchor="RFC8613"> <front> <title>Object Security for Constrained RESTful Environments (OSCORE)</title> <author fullname="G. Selander" initials="G." surname="Selander"/> <author fullname="J. Mattsson" initials="J." surname="Mattsson"/> <author fullname="F. Palombini" initials="F." surname="Palombini"/> <author fullname="L. Seitz" initials="L." surname="Seitz"/> <date month="July" year="2019"/> <abstract> <t>This document defines Object Security for Constrained RESTful Environments (OSCORE), a method for application-layer protection of the Constrained Application Protocol (CoAP), using CBOR Object Signing and Encryption (COSE). OSCORE provides end-to-end protection between endpoints communicating using CoAP or CoAP-mappable HTTP. OSCORE is designed for constrained nodes and networks supporting a range of proxy operations, including translation between different transport protocols.</t> <t>Although an optional functionality of CoAP, OSCORE alters CoAP options processing and IANA registration. Therefore, this document updates RFC 7252.</t> </abstract> </front> <seriesInfo name="RFC" value="8613"/> <seriesInfo name="DOI" value="10.17487/RFC8613"/> </reference> <reference anchor="RFC8949"> <front> <title>Concise Binary Object Representation (CBOR)</title> <author fullname="C. Bormann" initials="C." surname="Bormann"/> <author fullname="P. Hoffman" initials="P." surname="Hoffman"/> <date month="December" year="2020"/> <abstract> <t>The Concise Binary Object Representation (CBOR) is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation. These design goals make it different from earlier binary serializations such as ASN.1 and MessagePack.</t> <t>This document obsoletes RFC 7049, providing editorial improvements, new details, and errata fixes while keeping full compatibility with the interchange format of RFC 7049. It does not create a new version of the format.</t> </abstract> </front> <seriesInfo name="STD" value="94"/> <seriesInfo name="RFC" value="8949"/> <seriesInfo name="DOI" value="10.17487/RFC8949"/> </reference> <reference anchor="RFC9176"> <front> <title>Constrained RESTful Environments (CoRE) Resource Directory</title> <author fullname="C. Amsüss" initials="C." role="editor" surname="Amsüss"/> <author fullname="Z. Shelby" initials="Z." surname="Shelby"/> <author fullname="M. Koster" initials="M." surname="Koster"/> <author fullname="C. Bormann" initials="C." surname="Bormann"/> <author fullname="P. van der Stok" initials="P." surname="van der Stok"/> <date month="April" year="2022"/> <abstract> <t>In many Internet of Things (IoT) applications, direct discovery of resources is not practical due to sleeping nodes or networks where multicast traffic is inefficient. These problems can be solved by employing an entity called a Resource Directory (RD), which contains information about resources held on other servers, allowing lookups to be performed for those resources. The input to an RD is composed of links, and the output is composed of links constructed from the information stored in the RD. This document specifies the web interfaces that an RD supports for web servers to discover the RD and to register, maintain, look up, and remove information on resources. Furthermore, new target attributes useful in conjunction with an RD are defined.</t> </abstract> </front> <seriesInfo name="RFC" value="9176"/> <seriesInfo name="DOI" value="10.17487/RFC9176"/> </reference> <reference anchor="RFC9528"> <front> <title>Ephemeral Diffie-Hellman Over COSE (EDHOC)</title> <author fullname="G. Selander" initials="G." surname="Selander"/> <author fullname="J. Preuß Mattsson" initials="J." surname="Preuß Mattsson"/> <author fullname="F. Palombini" initials="F." surname="Palombini"/> <date month="March" year="2024"/> <abstract> <t>This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys. EDHOC provides mutual authentication, forward secrecy, and identity protection. EDHOC is intended for usage in constrained scenarios, and a main use case is to establish an Object Security for Constrained RESTful Environments (OSCORE) security context. By reusing CBOR Object Signing and Encryption (COSE) for cryptography, Concise Binary Object Representation (CBOR) for encoding, and Constrained Application Protocol (CoAP) for transport, the additional code size can be kept very low.</t> </abstract> </front> <seriesInfo name="RFC" value="9528"/> <seriesInfo name="DOI" value="10.17487/RFC9528"/> </reference><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5280.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6690.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7120.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7252.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7959.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8288.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8392.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8613.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8949.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9176.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9528.xml"/> <reference anchor="COSE.Header.Parameters"target="https://www.iana.org/assignments/cose/cose.xhtml#header-parameters">target="https://www.iana.org/assignments/cose"> <front> <title>COSE Header Parameters</title> <author> <organization>IANA</organization> </author> <date/> </front> </reference> <reference anchor="CORE.Target.Attributes"target="https://www.iana.org/assignments/core-parameters/core-parameters.xhtml#target-attributes">target="https://www.iana.org/assignments/core-parameters"> <front> <title>Target Attributes</title> <author> <organization>IANA</organization> </author> <date/> </front> </reference><reference anchor="RFC2119"> <front> <title>Key words for use in RFCs to Indicate Requirement Levels</title> <author fullname="S. Bradner" initials="S." surname="Bradner"/> <date month="March" year="1997"/> <abstract> <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="2119"/> <seriesInfo name="DOI" value="10.17487/RFC2119"/> </reference> <reference anchor="RFC8174"> <front> <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title> <author fullname="B. Leiba" initials="B." surname="Leiba"/> <date month="May" year="2017"/> <abstract> <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t> </abstract> </front> <seriesInfo name="BCP" value="14"/> <seriesInfo name="RFC" value="8174"/> <seriesInfo name="DOI" value="10.17487/RFC8174"/> </reference><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> </references> <references> <name>Informative References</name><reference anchor="I-D.ietf-core-target-attr"> <front> <title>CoRE Target Attributes Registry</title> <author fullname="Carsten Bormann" initials="C." surname="Bormann"> <organization>Universität Bremen TZI</organization> </author> <date day="11" month="October" year="2023"/> <abstract> <t> The Constrained RESTful Environments (CoRE) specifications apply Web technologies to constrained environments. One important such technology is Web Linking (RFC 8288), which CoRE specifications use as the basis for a number of discovery protocols, such as the Link Format (RFC 6690) in CoAP's Resource Discovery Protocol (Section 7.2 of RFC7252) and the Resource Directory (RD, RFC 9176). Web Links can have target attributes, the names of which are not generally coordinated by the Web Linking specification (Section 2.2 of RFC 8288). This document introduces an IANA registry for coordinating names of target attributes when used in CoRE. It updates the RD Parameters IANA Registry created by RFC 9176 to coordinate with this registry. </t> </abstract> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-core-target-attr-06"/> </reference><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9423.xml"/> </references> </references> <sectionanchor="sec-document-updates" removeInRFC="true"> <name>Document Updates</name> <section anchor="sec-10-11"> <name>Version -10 to -11</name> <ul spacing="normal"> <li>Avoid using quotation marks for CBOR Simple Values.</li> <li>Early mentioning of the optimization properties.</li> <li>Less entries of new IANA registry; made their references normative.</li> <li>Clarified meaning of "Standards Action with Expert Review" policy.</li> <li>Clarifications, simplified phrasing, and editorial improvements.</li> <li>Updated references.</li> </ul> </section> <section anchor="sec-09-10"> <name>Version -09 to -10</name> <ul spacing="normal"> <li>Expanded acronyms in the document title.</li> <li>Clarified transport of EDHOC C_R and EDHOC message_3.</li> <li>Simplified text on the use of EDHOC Connection Identifiers as OSCORE Identifiers.</li> <li>Added the CoAP OSCORE Option in the figures of the EDHOC message flows.</li> <li>Added more pointers to the message processing, now defined in dedicated subsections.</li> <li>Detecting and preventing a loss of performance advantage when using Block-wise transfers is for application policies to specifiy.</li> <li>Clarified use of EDHOC application profiles.</li> <li>Clarified security considerations on the achieved security level.</li> <li>Fixes and editorial improvements.</li> </ul> </section> <section anchor="sec-08-09"> <name>Version -08 to -09</name> <ul spacing="normal"> <li>Clarified meaning of "EDHOC data".</li> <li>Improved description of entries for the new IANA registry.</li> <li>Change Controller changed from "IESG" to "IETF".</li> <li>Editorial: EDHOC Option number denoted as "21" instead of "TBD21".</li> <li>Fixed references to sections of draft-ietf-lake-edhoc</li> <li>Clarifications and editorial improvements.</li> </ul> </section> <section anchor="sec-07-08"> <name>Version -07 to -08</name> <ul spacing="normal"> <li>Fixes and clarifications from the Shepherd's review.</li> </ul> </section> <section anchor="sec-06-07"> <name>Version -06 to -07</name> <ul spacing="normal"> <li>Changed document title.</li> <li>The client creates the OSCORE Security Context after creating EDHOC message_3.</li> <li>Revised selection of EDHOC connection identifiers.</li> <li>Use of "forward message flow" and "reverse message flow".</li> <li>The payload of the combined request is not a CBOR sequence anymore.</li> <li>EDHOC error messages from the server are not protected with OSCORE.</li> <li>More future-proof error handling on the server side.</li> <li>Target attribute names prefixed by "ed-".</li> <li>Defined new target attributes "ed-i" and "ed-r".</li> <li>Defined single target attribute "ed-ead" signaling supported EAD items.</li> <li>Security consideration on the minimally achieved 128-bit security.</li> <li>Defined and used the "EDHOC Authentication Credential Types" Registry.</li> <li>High-level sentence replacing the appendix on Block-wise performance.</li> <li>Revised examples.</li> <li>Editorial improvements.</li> </ul> </section> <section anchor="sec-05-06"> <name>Version -05 to -06</name> <ul spacing="normal"> <li>Extended figure on EDHOC sequential workflow.</li> <li>Revised naming of target attributes.</li> <li>Clarified semantics of target attributes 'eadx'.</li> <li>Registration of target attributes.</li> </ul> </section> <section anchor="sec-04-05"> <name>Version -04 to -05</name> <ul spacing="normal"> <li>Clarifications on Web Linking parameters.</li> <li>Added security considerations.</li> <li>Revised IANA considerations to focus on the CoAP option number 21.</li> <li>Guidelines on using Block-wise moved to an appendix.</li> <li>Editorial improvements.</li> </ul> </section> <section anchor="sec-03-04"> <name>Version -03 to -04</name> <ul spacing="normal"> <li>Renamed "applicability statement" to "application profile".</li> <li>Use the latest Content-Formats.</li> <li>Use of <bcp14>SHOULD NOT</bcp14> for multiple simultaneous outstanding interactions.</li> <li>No more special conversion from OSCORE ID to EDHOC ID.</li> <li>Considerations on using Block-wise.</li> <li>Wed Linking signaling of multiple supported EAD labels.</li> <li>Added security considerations.</li> <li>Editorial improvements.</li> </ul> </section> <section anchor="sec-02-03"> <name>Version -02 to -03</name> <ul spacing="normal"> <li>Clarifications on transporting EDHOC message_3 in the CoAP payload.</li> <li>At most one simultaneous outstanding interaction as an EDHOC + OSCORE request with the same server for the same session with connection identifier C_R.</li> <li>The EDHOC option is removed from the EDHOC + OSCORE request after processing the EDHOC data.</li> <li>Added explicit constraints when selecting a Recipient ID as C_X.</li> <li>Added processing steps for when Block-wise is used.</li> <li>Improved error handling on the server.</li> <li>Improved section on Web Linking.</li> <li>Updated figures; editorial improvements.</li> </ul> </section> <section anchor="sec-01-02"> <name>Version -01 to -02</name> <ul spacing="normal"> <li>New title, abstract and introduction.</li> <li>Restructured table of content.</li> <li>Alignment with latest format of EDHOC messages.</li> <li>Guideline on ID conversions based on application profile.</li> <li>Clarifications, extension and consistency on application profile.</li> <li>Section on web-linking.</li> <li>RFC8126 terminology in IANA considerations.</li> <li>Revised Appendix "Checking CBOR Encoding of Numeric Values".</li> </ul> </section> <section anchor="sec-00-01"> <name>Version -00 to -01</name> <ul spacing="normal"> <li>Improved background overview of EDHOC.</li> <li>Added explicit rules for converting OSCORE Sender/Recipient IDs to EDHOC connection identifiers following the removal of bstr_identifier from EDHOC.</li> <li>Revised section organization.</li> <li>Recommended number for EDHOC option changed to 21.</li> <li>Editorial improvements.</li> </ul> </section> </section> <sectionnumbered="false" anchor="acknowledgments"> <name>Acknowledgments</name> <t>The authors sincerely thank <contact fullname="Christian Amsüss"/>, <contact fullname="Emmanuel Baccelli"/>, <contact fullname="Carsten Bormann"/>, <contact fullname="Roman Danyliw"/>, <contact fullname="Esko Dijk"/>, <contact fullname="Joel Halpern"/>, <contact fullname="Wes Hardaker"/>, <contact fullname="Klaus Hartke"/>, <contact fullname="John Preuß Mattsson"/>, <contact fullname="David Navarro"/>, <contact fullname="Shuping Peng"/>, <contact fullname="Jim Schaad"/>, <contact fullname="Jürgen Schönwälder"/>, <contact fullname="John Scudder"/>, <contact fullname="Orie Steele"/>, <contact fullname="Gunter Van de Velde"/>, <contact fullname="Mališa Vučinić"/>, and <contact fullname="Paul Wouters"/> for their feedback and comments.</t> <t>The work on this document has been partly supported by the Sweden's Innovation Agency VINNOVA and the Celtic-Next projectCRITISEC;CRITISEC, and by the H2020 project SIFIS-Home (Grant agreement 952652).</t> </section> </back><!-- ##markdown-source: H4sIAAAAAAAAA+1923IbWZLYO76iTEVY4jSAJkBSEqnVxFIk1aKndVmS6u7x 9IS2gDoAalSowtSFFFvSvvrJ32A7wt8wT/vkXv+X83ZuVYULRc3M2mF2dDcJ VJ1LZp68Z55er9e5Ogx2O50yLhN1GGy9LeJ0GpwuZmqu8jAJTuLJJFa9FypJ 5mEavL5SeXD8+uI0eHB68uL18XZwHZezoJyp4DhLizIP41RFwdFikcTjsIyz NHiTZ2U2zpLgwXF29GY7CNMoeD36kxqXwYUaV3lc3gSTLPfePz+9uJxUSXCa XsV5ls5VWhbBg9cXx6/PT7e3OuFolKsru1pcCS8Ep+AZ6NmtTpSN03AOO4vy cFL2YlVOeuMsV72soP+paJaNe0lYqqLswIoPg6KMOkU1msdFAcsvbxbw8tnp 5fNOJ17kh0GZV0U53Nk52Bl2wlyF8GVaqjxVZec6y99P86xaHMI6zk+DH+Fv XN93+FnnvbqBByL7fO8El9TpjLMInjoMKlja404nrMpZlh92gl4Q8NKf52E6 VsU4DN6ESTYfxWncCeAny6dhGv9CYD4MTvN4XBRZSl+peRgnh8FEv9lf6Df/ Uclz/XE2dyZ5GebjLLiMk2wc6tEPg/MzQPXRM/oAsKMUAOisCCd/gp0U07AE khgO6dsx4PEw+F1clPw67ApGvTjtDR7u7e0EF0AD72dZMpcvq7TM4fmLaxUp b8lzXEe/pHX8Yx73C+Us8jx+H+ZR8OLXv0yTKo3+nuvMaSn9WUYraaz0olQT mPRFDhNlv2RXLQgDtFbpLJvAiTqC5R+7oxf0en+mX0esLcp4XEPad7/+BTAM 5ygBmlf5hlQxzeAlWC6/5BNEJ83yObx7pYACg/Pnx/vDxzvy68OHB/rXR4Oh +XW4P9S/HuwfyK+PB8OH+tfh48f6190D/ezjh4Nd/evBnn7tYPBIv3YAM+Ov yG36L1QIS+2/CXPYNxyf4pA2ZM5KYCjh7OjVEf0dwZmGExAmiBf4EQ5HzIuH C+xw/ESYT5FwZmW5KA6//fb6+rofh2nYh4G/DYEdTJkTfTvOCkX/6X+YlfPk 3oyG6y3c4ZD99C9pxP5RWebxqAIe88XL5pECO9JtVwy8zq6v/rfsg4frhXaS TpxOXII46530LQ91nj/sdGAiPFvw1MXp98+BO/8BsNj7CX7+uNXp9Hq9IBwh hx8Dz7sEgZHE01l5rfC/BBF8HzgwsH9glYH6MJ6F6VQFCy0/biGUxvDpSAV5 lQYZfnlb+VQV8NDoJiivs2ChAEBBmQUgIcJREhezILSSC0Yt1YeSJBjOUugv zLLvJOv6weUsLgKQYhV+EUSqhCMMy8FPYZVBNqFpWQTqObu49mKhxvHkBgVQ GKTVfARwgKfDKIpx3wBG3Gm2kD/mCuEdF/MC51QwtKIRwiS5CeJ0nFSRgjfo hbmwlyBcwJTheEabGrOAgflwReoDbJgegkkdCY3fTeK8KEVEg0AN0wKIAh6V 3fJAPEOuogokGL1mNwECFdYOVLoo4Ik/VzE8higq4IhUC1ymDN7AE+4ZHoQp FgmQvvOosw6ALG8jLBsj9JmU53EUJarTuYfiPM9gkfhip3MLIv34Ubjc588B 7Dq87YHo+hgqFXDziDCBhBGnsElLZcVYpWEeZ4DdszSAkw9DV0mYdwU3c1UU 4RQALUeHoLHIcpz91keIdoZyAXZmjhMuzBwhpsrWU3Sn88JTo2z5/LmPbKb9 8KjlZ6dVj+zS73yiYlX8DQ4U0R4fBKF+XqY9VmtPU/CgUAoAwipunIrK+/mz 5iqwkuy6IACHQNBpPK/mzsaQ+bkHLVVjJJL8Rk4aHDScftVJW33MgID70343 uAZKxyfOskvA0VU8VgGIFeQD6SSeVni2gZoB5qpEFdvwWt44QE9pVHuwRNSr Is6B4lQ3gBMN4/psRIjeHC2m/ll4BQsOwAYAaoUjCLiM5wtYcgCD4gBoLaTj GxwBlnilbjTP8zCBfAnoXbbHHGWsciBB4GphFGdBCRSSZkk2BZKCHfwICM2q knm7u5NuEJe4mzQrg0UGUh02hDgAOonVFW9qLfoE5x6E5uF72HNsR3XBJMB5 t7vknAijmIPqA3tNSEUAyi7mQFaa9IAoaKJBf4ijGH633YURK6FA4gX2EDH4 ejgPvA24p7MIalFIJA/QY7UjeHn5Fpb7C8HuchMQ6CUL3OCspngUeXcRKNxV AugC6rpGI0MTxwSWaGUYi90IUNJXhnR5ieMkRi4DhAIbK+T5sxT2FZZ4xGAZ 8mShcmSp/pPnwB4yVMiJXYDakZPmhegIoysgRFwMrEPLpjoyZXNJBiQoJMcH xxWnxDSegW31vncdF8LmJ6jgMM8GBR54NjGfHLEJrwjXGwdGXQyuwqRCLgg7 GuFYBg3Pqxxgmc+BzXR5iQ7znRArc1mnVUBhkXnOAKDdZUEE4lPl+KZRQWEx KlHM8JHxpgK50BFFQDaTGI6HEOC1GvWSOEUzXPgeMmIBlebnESJBiMrqvgg6 Ou3wOp02PR2sM6tyRAtYTcDPkUaFGQPYWhYjxA4CGGQfEjvsI50hZiPYJjBl IAbiJkU1RuXSTMCiz5AWQvjeveASABwT37hhwkftAF0LRbD18u3F5VaX/x+8 ek2/n5/+09uz89MT/P3ixdH335tfOvLExYvXb78/sb/ZN49fv3x5+uqEX4ZP A++jztbLo99vsXDcev3m8uz1q6PvtxhwLu7DnPjVSJGaki9yVRLQO8CfxwBu ptNnx2/+138f7AHW/gOQ4nAwQFLkPx4PHu3BH0jWPBudXP4TcHTTAairMCcx kSBrWsQlWFBdRGwxy66BqQMtAfh+8weEzB8Pg38YjReDvd/KB7hh70MNM+9D glnzk8bLDMSWj1qmMdD0Pq9B2l/v0e+9vzXcnQ+ZLHI2cgER6sOCWSkjYRLO 4yQGcDHVAjkVIq2BJBdlIWeVkELk5+hz3eD42etzUbPAbsdPROA5qhcjiY+L o+Yi/cqnqA5fxeo6+Hgvk18/ixAvRGiIxDMOCdbBqvkc9FhgN4D+kMSiPcaw Xme2Lv5tNV2QcwVqraAmxx+Co/4QuUFVkHCFg3oVR8SdRmGh4JQqo2XIUWW2 IzwBdQMU70DbslothGpCctnatO7lGZjhNAemhVpgMM5vFmU2zcPFDDgvzAFH psta0LwqK9Qhe76JcB3eMEO+EQlRsz+UMUyAXRSu+qAFHs0yvmHxYxeGhzdS gAnmk75AM0KLjhqCJkvRCGY2Dg/BiCq+0gpSTC8nvs3xbtBFlockSioEQPJo gmIG2CFqnKjsA0DxVxp0Unt9F8zdDAhZlrsaiKJYswAgCYmyRuVIXxOWXtaG B7qDb8KEydlR331vwHJr07VGCKwGXrQEYFEZAUvbAaQA+bvbc1GFnJ60YpGH WoMGwojUIslumEqvkdvBwQmsEuWKJa3Z0FkDEp7k2ZzQY1cHc+IHBtmAE6vN HdW0OccwAl5L74paIXshAxI5CQKBDm3X0ShJtXvA+pT9VC9SVNMbZlYhbEkt 2NIFQKSaVUR4EGAF+TYLG8d6lSO7CG+SLIxw4cTTRD1nzseqR6HYVNtUF0T7 Oi4sV6hpgSTq6wfGPGd1QHnOAr+mPCOrGvjqcz84SjCIIEo3w4213cTa8DmQ TE7KKgy/EBtePlyypZaph/Wpz1IZCBRNMg0cUd9wJyA2CE6wMSOANHnk2rlA tIEkBvZeL83Snli+ERLXDBll6HKDpm+pq8nDw0FD486rNLURo1XczGNIdZcJ SAw43UCFRfCcDNRgsMOnaBXWyCs3i6cz8vPgMkhNLz1uK2q/rBDWjKq3+AaI B2mus8L07mpBgFaV6JvaeQQLajewLMaI94rlrhl3zflAws45yALwgkASBm9e g0olB4zYF4ITMRAFv/F16N+Awi1+U0QQgUhOn/7mbR733oSA3K1v+9cgzHrv U1DoviWvxhafVz2VPuPmYIrlSipLEeOO2HYJ/rnMK/XPwYOdD5P9bVJ80Ka3 qnxDQF2DCJkxwxbfjeuVaWVFwfG7M70CAZBKMdwU6fNoqWW3v+vRir+vGTxP uE3L3nNSh1x+/u04jjiO+c14lOU90Ey0PwRsmemUtIsWB1IN8rxD4K4JMnI5 TsP+zl7w4JhoJ9o2fFIvj/9qhbsPweGXQvBcQ1BO8K0hKEtcA8IG+J6DxZxo zrqGvGl5YMjW7UNSL8AsSXArdNbjkiVujbw2o+J1gNoYNN21BL97d/pjFY6E g2E+JfmbFkk4Vsyjwrqe5zI88o14CnRbpMPBD9kHTCYoAUWrW66ekVx0bB2X eQ9qxKS3E5ZscdIM6ETWbk2jbOHXMTHQeZW6W2GkOArhK3ie9VG7sWOL3jMf veJ50nq22ROpDGcnNU7TEOQNDeISlcQJeWpk+Bat6f77OLofwBqSSE8gE79e aAHsfHguBFOb/aGZnbe+LcZSE2+oLrgBHdbm0e5BF9iYFHvtRHX9QjiE400S vwJKL9JIEWGgR1QJxSIY1NoZhFN6VBamrR6lprenceBB3sLviKQaAHb7Bz49 dTr/Uv8JwrC4mmLk2FFhNv1xlJzOg5rncXvt2w9qHshtiUwHnzZegPPz6Wu9 3av/GE8pU1nj+9/6c3OU/zDY6e8MgwfItdeAwntb6x2HrYrHurd9dnm4hl/W 337DIoCyjVS3Li7WzX3rH+ftf1gKcxakDZj3mnNruNeUh7Vz888qyK2GGv4Y yNX0j83mvtXPp06Lkn6Lt+82t3n7/58SlF/1Q7K7duW3/vmCt5sEcqcVfPNF b1vtJzguP3zZAk5Ql7r7Bv7fZzR7m819q59PHR+Ft33bwd4XzK1/ufWrwUo2 VVcZ/7psiic7DD4G/X4/eBKAWktsI/i8ydsG1w3XCfku17x9658Vp8RCTeza DU6J/dngvKx424dhK+BWvL0BDO8KtYZK3fl4GNyruxQ5o/LplvgATY4PZQtK VIe8/GwDO/k8+oTHhfZgRCbWqT6E6F7qb4E9QVkqvTCJp+nTrbHCkOfWZ7CI dSySTM2mp1Mi5nYJ7JtlZ77JPsBVcp6JuJONeasNRLayyxlaTm72g5P2Rr7W Rl6QjdHXspL87L7bJfP9e0zgu2eMbSEJ2owOY96rA6YWl9wMSs1IhnGDrAWd JAxQQkv8ix6tHXojVV6rhhtZvFLhqMiSqlQ2bUgnybQkCME2MyHmNBJiNPlo bsTsK6XNuJ4byYRpxkpqqTK1JBnyutUzo8R1MQ4LAbWOg0h0ZNNgCKZk4Tp1 0ICX4x9OePbjRxPA/uy5o9BrhtkIHPi0vgobcFyZPpdg/P5GXGQ2jFq3a8jV T34cE3at+/I6nRcqHStvcYjPRVZqXsdRSAqj1vVogwkb866Jbu1IRmRQNl7w GsOvhZpj+tw4SADKiRCUHPbCLBapEFM6nYAcJtqRh7CwrNKyya/uO7mj8+Qr e09WmnZ/ddvujsbdHa27OzpB7qhArLROvsQ8MeAXTSt4gIrXxvbJHQ2Uv6Ur 5I6+EDv7N184e3BHCym4g4309aiuleK+WWUpfd3zfmsracmBrYuQb5Yp/V8P dBv/fGWXzN/RJ/PVvDJ3MzhXWpzBBkbn6tfXWp2rX19rdt6ZBJdbnWstTv3A KquxppMrm49tdHMnhFm6hoobQNbqVogZ/tNE1ZmLU62AYXquaygkcyrOAXEt PtZtnZFvjLAlWSX1fJH2yQOu/QJFXplo4yTTJQJk3ACYisDCNZsqytijxEjZ mDcvWwmlWnCZi5NGuGIZWuNtmZFti1xJVqQTOmals2dnkNqnjx9Zs/S+wUxk WlqNtUsOUZtvgPFCVTuUQcGoJiOHUgoozcZCX8cku9bapBT7cakBVM6yyKlY KvwSsnBsAUXFADwcLdxJ2xMSk7zMddRiLH0xlZsZRoWiqvuuF4sOCyGD4rCD p/U3JmC9Pg6OG5wpqmn5guj22jh28DZN4vfG5nTMQzzNZCKu8fmYrVRsxq5O XVxOtX0BTV32tsf1Nxqy6yRbikOh9p5PvuLxidEpMQ5NoN1ZzDy8ofy/LAsS rLcwVQHWmyYJe4wAr0LM1lqF8vaiGoFCzFmxKi9ZogPqZ5gegO6Ek3fH56cn 786a8fj9Wk7MNiYr16bhSU4/UKZlEhxR1bb29pwg+WPxztEJbKwx/uNauoVO yXdyJjWbbs+eRXyxhwUn8pJfljGs2GNwWU5uklrqYunWProOHi4TAHCCrLoJ sHI8TBKugmb0SCahpO9754MdZsxHEJQrVyvlTV5C92qZUEuib3DaXowluMBv dcq+zteKIy4aoNcabLjxmvia8DWutPH2qv2Css0lTkG7E37NdSIbD60lc3PS 0PdJMLcJQS35YCSTyUtjMOE7alq1nG5TYnrVCrLBmWQWwcsLPE3opNHVFpFl YD6ytWDS+bCXWG0Z7LFjzFSN1KFwnMdYt5B0g4twonplhjYuug+7OpOnNLmb QJyq9zvlueMDKtrJxuMqR3fRHGveMqqUg7fpO+Aqar4oMXcXK8VuJO9TUt67 AuBxvCBKoVcA/OhFi4FCHzyvSkzr1WnNBXGuaoHNGbTbk2oZbAZUJgxrhJXa i5C1LSw50W6wwqkhZi4WzeMSccTldP3tGpCMPCZ/q6kF8xLXY1LujpOwKIK3 XD7dKMYBXH8KXmV90HCP4d+38O8r+Pcc/48uO/i/JPV9Cr5X6RSo6xOYFpyE +wneHQ7wmQ+kIdt/mXbg/whm/nCH9egHIOPUNurGWhN2aUZrw3X6g2UeP7WE 8fbp27QA4ugGr56+yogKgAi6wfnTc5BJIaZBK1Cb6+pyh5mLKkjmay4nM88V MFZ7wEyJgRww0qzglGF2WeFoOZrG5xWQGRLWB+pioVh9EobCeoqnEi7lOF3t sfXz6O2KxNtuhja58QaQNjE+1bEnqon01N9mFf/bkze61At3iWRI7KRWjaE1 YG2nxAvgGZwyWRntOVXXyY3ZsVR6LEwoREQIPA2rb7GSmFpqP21uvTaH1S6+ PoCvdoHX7AcPg0fB4+DgNp91vund8Z/Opx9U/im4RNK//N33xoI8zkDs1CzK l4IQ0E9d2/ErrCG4zN6D1vIgJjbXpZWMbkpVbKPB/FVmeD0iSpZz+qmmI3+t WTxZBLB7TZbdazFOZH9fbVODwPvnk3YUfKXxlzsFzAk2XgF7etee3W4jDGuO qyAlErXUKnC1ZFVhtis8DqD4HLMC9cYqaR/vLVO7GooQl/QaXcKoeWldNyMl 6547S7sqqK3jljV89hKJ0VwJcw7NLlOVjS0Jsw/6GAJGf0PTbEpBI6MP3728 +A5rDBtp9fv9vVpxFAw57AenXo0OcMmVsWzq1ULmO0gsLFhkbSKPp1iB4In8 5hIe1wxSNgL9vPIGD9cBUzTAK0NdjZpK43Cg4KpRKEG/4RFrtXwAdtQXjHFT qkXNRD+3u1hiDcPyd/vBsyoGe/z49ctn794c/f7710cnOufdli24tV+MIOcQ mNe0l4RMoUN/yKfeyz9/qr3blbwL+IKLXwviqthcjhp5eCuBqQ9d81sGle1j 84X8hssz2gtYBXj4JXmACHhAnEdtJFcvKquP5Xr9sBiXip/YiCzVPDg+e/Pi 9Pzy9KdLD8khP+fs0asQ2Gxb7tjaH1FHSbGEKD2PQt2NqA9AG5yGMNOePcir 3Ble6cSt5tDk4PpAKJpNxSzCZD36GgEVU2icBthtO5nIGsxguiSqWdtclcgg okzxUdStgzYoCSIKcphu7NqnJsTd3dyd5rkhOT/Ba6LBDjUx/1sLRXLX06lh O7PK+gr31j46M+zeEXqezuDp3r6Vyux8nfMMJcmaGPVcRXEYYFNQixB85YYd ZAAXwRxCKqPMEvMCWv8p9m1Edf5hn2C8yvOhK8vIipD+QDbRQpftOei1TSa4 h9Ec6RhViyLGX8NUZRWwharEvkZsn6LM55yjou7D2us/Ek7DNvw2tydB6j3k ihrhNF4vlvounjjOKUdjWUgNj4cVcf5ajYU2upy6O50HR1TaqsS8485phA7y MHPXFD5w6NNA670iwnbaQmDGim2VhnzzynsABqvSXCUxeTakB1UhKVrwirGH xtQnopBSMLCKkxubpmZ32dLBSxxP5SzPqunM4K3rI64dwAUdcmwjUxWFtTxZ 0+jp0muuQjM5hoZ2uddVeqM7XCFKqB8IhYx4kP4262kX1QLVUdyu00HIKGXU CQg/Ap3sbOI94rQWQtWAx1GRR7zoYJnk4ZQaxtjkOLcSy2PTYkELE2dnC7Ig zMrTypNWpZ30vuU1fyBZ+7uOfDUa1VmqG/NgtKXr8jZHvYWxmJ2x66stHBSb 8m5y6gSK/K5A3bm0UdIxr5U77xrr3MbGyHNBL1AbJo4tCWB1Oqhym2zZV2nR OomQI2WcVLa7dCPMLY/ItdYqT1uYvPFehgHqfLzFW+/dbRNBBDbQzN/xwpR6 yhnI1VdvXzqtpIATpMEOdR/zExCL95Qh6wGVgcHFiejaXLlVn1m3ed1lJt1u qEWOy1Y88dmc6u74ZV15bw1+nxn8YncvUu9c/QbZrgKovDz66d3bV8/Pj757 efrq8vTk3cXZfz5tyhI+W0PvbG03AVOU2aIepXWjHPRQOIJfxZxs6WVGimva yHZEl1ecVop6owJHGM+k09gXBe5q1o/Mw9TL5FLXy20sDRvLztYX/N6intuk gq+gVO8cZbrLX10mSQgeZVYkQYK1neiWajB3bEn3hW3ovNakiwxDWqrQSapu gigXiaMo0C0oIx2CixSVcsPH5IUql4IB4IXbIxR0OSk6NIo2ywszSMbRtkWO VcQJtuf4E3qU2aZYvakuhidj0FFA58aBJphYPAqRby6PPDuJzCi+WcnwfDrL PNS39OnUA2e38uk00yNI5JLNLroUfkFNRISsrPPajqzjLywgluqjXXfBxE10 x5UW5i8uopkCONfq9JtxSrenhXwn3nA+nUuiejrqxvnhRjUxhuNydYIiQg5L Fn7NEXhKJTAkWN/zRmwWjVvTdmmvv7MTPHgWRhpz24HKc2rwJS1B2PfFoZEG 8zMtpvS2PVmyJgtBQ4iYq3SA9DwSJG3WgGubnUuXIC1pNI4HwtOSBKIX6KNu dWza0UZW283bXdfXF27U+ITdGueqzE2TV53B45tLpuObuMiWtAexypg4I0S6 t/U60Hy6aZvZZAWi6HrxYzEjxqScKGuD7uygDgVKUIqMFYTRJIR1cOeqqOJu t6aJDtIdb4FiBCg1ut4xboyeuVuxVOkE8ozS2OrmrctbbBIY6VFts78SDUzj 6GDERT4AWz0NG8BdJApZxOjV26AbhfVY6e5XVESiIu+423SXeoI9IRj2RBEI Hoa3YNJ8QDYrFIQk0sPCm8y0VDReCH95hYmqguE3VSm2JgR2k6sJs32rtLcA qmB30KnTkX+ln70FWDo/rI7ueqeUbkPNyapyUbnGzR77czTva/dvfg0OCPI4 wyZgwgJrrtVNueAj5CojcrKvVRS7PrNqcMANvKLt4GgevYdab8/VPLtytdNM 5wc87gcnioMkyC8oiftmI5eu74191BLNeVwzTro+X11GWqYhm7OTfT7kP2ob M+I1O9YiatmoVehky/QmGEvmA69c52Q+CAtp/h1VFHjI1ZS8VvSUxayYUm7i g1GB3JQZ6go4DXOxK7CHUWpNZ7MGrUxVaYKqF6/APocWVDa3DTNNq3vY+AHi KIntlQFrXOuPTa2iPeZ98iCxsbqn66uczRL2H+um//43QI6U0WCbSjluuKgp klwtpyWL2TQQq1m0TanALZWAZMQ6qovGZX6n/f6+300ztm5lgIf0ehcItSd8 6zQlC7d2sKFQLTwQhKMsLwuXu28iAJ2emVFhYCemJGmFnueNP0JjNhh0RdEt W/JlbJptLazKWdwO0tB/ojZk/pbx0uGoa081gcBzCdUK6v0m/23bbERJHY9j SxjvoIZyDyVkEGTUmx+IOHfiRf6cxoeLRaxwZmFvRUx9kp1i0y/bDsGYXMO1 rm9Ynl1mqwrRgLvEQIB5HaeDnWYLrJW0So7itiNMATFhHW0cwCVy1JbkEd4h sKkokYarrbRXFwOOV3WVD1yM2C/1gesAwEauPPJ7o8jISql9WFZjwC5aZxXE xfkUxLqLqzWLjReVJV6F7ohn7JwVcRSOwQTRHfqdLaGkKOOEyp0JBoVVg3UL QaCmEfogjRba7iNsNIrDPFybIrPEjXAP03P5qc+NXLnecEm23JLB2jJvWl26 eijQL4H/skl0WCvteIPvABrPfkCQV4yEna4OngEqtPixNq7xEfj8pJytTCep F5UsK4nA+T/sDMSL3+JcbJg7ktGRhxhgk0J/OpK5EQJeIG+5Ebpm4mFtYufq lJqTa5PSCsMCcGaCIBv9uIjgmroBYjanuFnFmruO8XTxEaCUCIyRTmGlA+wW Cy9iU3z8XCc+iG3vlUo0s4k8Hdm0NCV1XttFvnff091IqTaM1d5QJF9LZ4gh gpZTDDKEYnAKTCTLD4M3iULrLFImFJmEGEIDxqqwcUJs+QFs4yrGaCNI1lKu g+lq5ymFSvHeDqq7CHWrCtW2mOuYHQEw7gStIrt+3ZyWtUHTPdvyOaoBSyl0 W8Owd6TppPnuGsLvISL4YGcHcPVgV3IhbdmS/2QPkNp4xOANR9ofRvv7u/uT 3cHeI/V4fzIYw3aiA/XocTiaHKid8PFgNJoEDwYHzjgNewdHejgYTgY7B/Cf R48ewjiDhw8fj3YfD/dBuRzYhTZSB/+l86bdrNHST9a7zTlIOx/29naG+9Fg UsuZfcJv7/UoyYfvLOTiR4DVzu7Bo3rvqiecW8rPHOwGAtTaM16aBz87bkvt xWfdOBc/OpkEm0FYl2kGy8GIjzzYe6ghuUEOZm/47zcLM3hbOEKqNUxUeI1r UAaCfOllk14cFZIZ6cmCb89NxcPZCfdmX8O0G1khTfFgbhNjRYlj0SIOpD8O 7l8HJVqydNwWRPWG8oajUefdmle8Revptjl3VyUkLS87MonxPM197D5jwec6 f1mwwgNG5G6bIP26KJ/X3prVnSOr/PlxFB7rpe7U/vGed4mxkKwfSfnRSlB+ e8OrK5Y1Vl4RMnF0VjbdxWVhTUMdZdQXIlHNEEWirLFZNxJQ67ZtgXx46Kz6 AdO6fawASUcdg9I18D/zE4L9UWiv41mGeVwhPayDe6mKSfc21VzowKnyvGle hnJXJ7Zlul+sWk0Xb7ohkHpkRrVieuxlNq51w8Eb+kNjlJLCr1suY1ZaSptx 0sVGqjlxNvG2tUzpDJzjKe4iUhVMKypMleUxMJMKQWmvrpAy5Nr1qkumKnRP Krk6Z1a7sCRMrsMbMDzmMWsrePYpVgjvLucBWKJl7j7QldSlSweihjqZRiWl 9vk+o2VIQUjHtdUCITR09A1aZuNRsDtuPwpDRrN9bOOjcN48CnaU+lE4/xsc BaxI/XOFFZHZBpz0bFmreBvQ0BXqbX4gM+Xf7ACe/xUOIF/lmYO2T2HnMMmm qMtraZyqYAqnLkW335UQMECuea4sD/z658q5ZOVu58rkLJvV3uFcrRMxQ3Lo bEKGtyPbc59sa62anES1mlgix63vtyWfrOvM/us5ZKmFIkpvM/Oxdmfwvai1 24EpZkcKKmiJPYqTUlktusk4tuBca+omxrl980YK9Ueht7boKcUOc5tg1dBe ur4Di6BnoD92dpBXHGM8c5Uz7bRbHRAzDVHqmVU6koqXZ5g7DPyYqIPuzW4g cDpzaG7iFvFzrbFet6lzX5oDf+aEcdsWEIO2hmUvTg1tG2iW3mTWiKH42t62 vui2KNF54NJEJatqMSi8WPyylgMvsmsl6fKUo891wGb5wqmnmVAGdUOsrV7f jWvv4m1GaFqWJ3tuMVWQ9RyBsdT1wue3hDvlW7QvdyUtmTDK7YjEpBrmEvQQ 71Gt88JKjDlFJCNuP5qR034NqO4FP6pR8D1f5kq8xL3c1b2fbrDTH+z4ASvt fSrEKS1nhuoyttCG6nNPQ9P/yGl32nI5LCsFMD/fDsvF9sPHOFPbTbG6jQnb YSG91NMJX/qSVBrk4cODHQ54xXJhLF7npusYMnNdbCPaW0uuYC6juZ65Q69y sr1cEKDmFyd07xeIWpVzDPao1tezuzFnat6Va9JBXI7evKbFpu54l0xzX2Mp j/AbEgVHbgXBSI0xMB1eo28jW5rgpBECgiIb6VzCuPRXZ+4arha4VoG8Hzfz AO7Y8d4F6/7BMCh075NsGZDrhxzItgFe1yaGdP+nycnlscwxo/4YRRWXLq/S FV3SYcdeAsVeS3peYe1k4Fw0SmU22mbTvEjLWbrNUgsC6raFArlwm3/BknDV DixbDktYT9sGrY+uPBVk2bwj0JURVKhuOogzEd9bC1FzaRgTrb2cGVfC7UaA ZFh8ULeFKKaEPKeOql7V42Xuui+z35xb6/F0JzRYBtPxTbGDRw8lCOLncSGh UzzNiQmQUx/YCnEJpGRDSH0/nZaZCoMHrQDTdbzW3Lr1mu4u16zAZx6b1AI/ qZUDhk3G6dd2pdS/2b9nW7iT3L7YIA6kxzq3CpkfW3R5BSiWRPuck+P0YCnp Cijn5igaaOmV33LRZn1TefnUFSIm1UY02ciW7OiKNl/T9LXumorstDXy7khf cS36UoE/0v46k9xv3XcOEJzmdhSPuq+iXny/6wCOUt3FsO2u1gZr1abUhFuX fDKuV/XgBvbOzlyjsIy0EasrLm3uPF0pByaztvCdNxEb1N/HWAem+4/ZYn63 LVpvSX2LK3uj/023yLzb2ycRTBuHt0kKejxPuNk1cWqv6JGmDyOtzNH1MLnB 4c33f8Dv7wNRJ9XceOO3tIubFnAJusmWcLn8pt02BWWvefGjv7yj3wvvNqmo qM0UIvSYo43ZzTJWm0DGgHNMQrIBzqYc/TvC8piXcUHifANoNnOvvhY0PYhY GALB9soaDFktRW7mwx8flgyAvx9Ej/w1Hds1IcECjM9bYRyHaSihGtyVbBzf aIt7fU24rwWm5fLRanQ46RxL4E/SSh7jl5dNWnwlVH0fjlTSQNXx64tT6T2M OTgi2hz6//gRH+nzI337yFem+RbITZo6tQuVlk4RUhSm25Z+4Y7ppssyzwCq N7SuiG5qYNUiLfMwv+mSga37wQEQrlX4Xj8tWkzl1I9H3Py1wrCNFJmyFxo1 3tBcOiFdU1hYbfUGO1tGI9LpNfwdfIXQrwqSvuZadty5uzC+JrSs8hSVK3f0 QugkybL3AbVmDVMzB76Gqzak6/U4oSJvGcQVxW5RhndGLIWY8wPQ948O7V5c K16oVxK/V7YXfXB6dLLNbVvWNhj9a54lZnsrVrqBWNn/a4kVXCGA/V2CS9eJ 79hpBsG2TG2z0iebj3pgLtxN9Wu4gVdnOfyNVL4v6GLpGAFa6deaMS6jBjGv 12VJPT6Wdru8FiiyLY10h3Yc7QUbTKAtotMpTbqXdvD1dGqnTuNEb5HxEmiz r6AAV83v5PnBHF9Pm/FkjoFjfraYUuwkcNkR8BTH89BMZmCvnm7/2naBTef8 9J8Og+9OLwPvohUklw58d0Ht8/d1OjblQv3Dt5jxneXFt0Doi98+AeLq1r5I MF/zt0/iyVP+RH/fuMvlt0/AhLUW7BOj2j7dcX4fPjFJWMaUkAeIIT4dOL/v PnFY5dM979UYv8ufOMS0IlmrTgRu/1DtEV6dSOVGEJ1uKORDXtYphSlSOu3I 6/4jjOxmu1UifKZCduOwB3qWJZFY8p6ad5aaxJmuGIs2D9KbzzT5uKF2oG0l wbXqzHBtZyC3GdCS/jK6V48bNLOX3ZuawFNkXtik0R7LiITtpEomMV2DZa9/ mhNjjUvJwt24E43fdEH4MY/BMSOpwqAkdltBqJUR43dzNuA0J+eOrOjpozhP umSvzTBW7W515pXushSym7HiyrgbE/LOavent/QV8ecqgkf9Pa5+qvfS6Hu5 XkuCUS3XaaG71bkUbjB83BvFpSX6cIrdcLFjRIKNEkY5Orx4N2FZhpjqj57u 8YyLXfm6MscrLOn+Ig/cig6+g0W5xd2bll8VwQEAHUc8MBUDRhE6ctP8SZQz +nT3bVIoxMXR0rndt385kc8z5YfNdx7WCcDE3uxpRgZgm/NYfxhCzxoDen3r 8CCwby0uqhewlm62tXWJOj049LEoc+7/LH8/3KM1vDw6buYmcBOZ1gfxk6NT W9W6BLeNOtNGmebSLE8DRutz+78UjMOvBUbTheFHvvKQWN/YRHva+oOsLJyo KbTcW42YNAZ3EeTTTG4JYesRo3VY01oLhZle1yNFBvFYQjmcGNFy24jxrzcv M3EufeQSNZSp5i7Jzfhd61WU6zrZ1O+v0ZTaQIarLja7YD1aWqzF+9FgNXKn Hb4k2039itdSLMSEdZOGu9HypBosiq/iiFETrrmotn5TKCjxcRTy7SLeNZc6 T7h9Gw848ohOVv6+pE7WcVFUbM/gZqoCx8XCq5ttXRoJmw6vwjihQJZvm+mb MDHXRhQWt6btNnjrBxcV9WezWzKBNypkk5B2ZI8Ym4fYg5gb/DRWYwjMpgWF ib6TwYsU4s0iKzwDklrdNuBGV5GggyV0xLG5jaeeGG8i8c2mc5G9Mc/TYlr6 L3g4ijJW01ATCilWgoSGHZfyOauZbtulpShzMvVDARDjQlPTKk5SC9ejlXB2 9OqoZiFIoZJJ0bC9ekzOu6gjyMRwgNUFWNIYgcokrTODtNKtjx//48Xp988/ f96yMVIcwoZhOU4rbbBM42Fb1SVOg2keLmZcSODcpBO8onEK65u+h+YP+aTH WbiQVqmUkYeAQKgW7xmgZErVNu4Xe8kJ2GqZ0HENSW6cPMm1kU0v5TTPqgXf WcGD22sqzo1UM/dSBO5VFH8AgPV+gp8/8t0Tvi2oDUeBgFhVcboSTGhBblJS 5wKfPTZy869zgRklr1oYaH+ORAY8LCCP/fkPbIS2VvpxozZdQmpJxrm8xTvH 63vkstWC7Yls1or3rk0Fll7fnOeIrhdKQpMugQOqv2rcBXW4rLBRxqTbWoxQ xu38ovKsl7AmRX4i6iWLw1zEOrLqpx3Taz6kDpwpaqXPqxqE+Q0ZC1MkKt2w AO3AhE2ar76CZjCklD5gRpynpAKn8iENCywHU1FthYNdkeVk36PqEqB7xt5K hMTPKd0mAoDJdZQxCH/Tqsl7YA1e/b2k4TALZ/cf9RUI0Vlfcta+ppP6qvrB CxPAXlh9Ui+rTpBi9M5uJEHyHfD4d0GK+TkF9gkHMOl0FbdSyBumYPOb6lh/ /iOxsEvm4Ec616KVgTGb75mEjFYuZmb3TyWAK49tbGWrMWEtZHR+2udH+vYR 0N983ibNhGFivNoa5etpehXnWcqOxgfI/bZXsD+nP81Z76Qfq3LSo0ovZ6fI I56j7kz+BdqEFOPyLfPHrG0lbBudnV4+t2koFp3w1c+WbRLbNfsivnsIfPUZ DD4JTihbj/B12FrfueoH+TV6/rzPghdxWh4uST31M0bWDZxvPrCfp7FuYHEU 6IGPnLhne9YETsYTrR6YnaqtA3vuhrXjNQYml2vrwOuj6q2zaeRFztC3HbgW /xSRzQOjwusgzx14w/BYfdkaFOJeXk8V39Ts3eUw3lyvWM676KYqc8HcmnyC No7XnkZguZ5sgzkfPIERH26Ts2kOQ6vWdgp0OUdxH5yArIlV7wVIqjnW6qBi TwFobuWyXedovubhVpIc6d4GudOx9Ubb2TJGhbJMKs22LtBjHeZRERw5KZen H1DxAWBdxep6i4yprQtPWz6X60e3aq6ePeO/ezwYPsTwnDdWMK2AeBNOi8yV tftoKzk9wzsBTsxCntm8V2yy0app/HkYKbblG+9sYbVDXHdV7ZnWOrz+bsvQ jsxNbrQbPmoMtF8DxOVM+r1GGEjEE6OoIz7RGSqKY2MA2rVe5tiYlsqLqDqg aCD/0WCIATGvbbnkZnKndTuncdfkso804kZYoBLqoGekqNAeyV3xphGONLre KRVZcBKsPvc/fkc3heaFbviL5qeTdIHNOWJr3vHGnT0TrlTp9N0b+lHvXeNC 5P3qW0A5ul4Ym85N0CA1+QduTkEaNN9Oa26lM9kgkhOfmVwbNnjXZvogSgvl 5TlgjkMaA8NgfPPwktpLHeJEb9VpFFRkmKppKN2m6NOu6ShE2gc5vXoP9/d3 H+Ii8Zf9PnEN1lDpKQKBrAQ1UavANjkC6mgcZSPS1PftnLnpI+KW7Q33cM7h riSyGuIApap5DH9sHsP+irHNlnrDfSJG+phnpF22TtrOh9rnKeYhaW2kC8t8 ONGU2Lh8bqeah/l7meYNOWQUdo7YIhe5p7K1kVOInr68lEoMrzHCZkljxiRf Nj5xAOsikCt7fTeGPpGbTMlqYeLr7bVDhMDA/jWa44D5AlrAVK7CpNNFV1za Pd/2x/NFLFUV+ALAHbx4EzsGYbRabus7/vFy2+1jHZLwfPc7dcMZ6PfH6eR+ ME7CeM7dhXQFD/f8oi+AZcIw1BvSslf0UTzePRj2xR2Cv/9x7RIHuEQY65jG DS6Qqx0fX3yVJR5ffJUlDuHpn/r7OwfeVc+3wRjOBUrHzqq5MOlAqEWrdZrg Tn1D8efNFKmfbTZoy22l1NvMldJnaDlW4lQkdU/0C+lNgWLXULrbe7TeCtKF eSvba9M+VqhMXRhtId06MpfRWw4+oRu0MbEMXfpGD/LUUXEL6WqTKUWGqZeo tAB2lS0eUDc/pKVSZEICH5jiR71Es/wJNQWk7KLQhJp8Hqzfd0vku0GR8Vt2 VM7CKqoRpgwQHhMARVlRa3uBF+ME/RXyHqUz0R1TXs5GzdXAyhBJeDhoHI6k ttfU1TtFp3U28URfoVVR1jxxD2Ot1EtXegy081jUmCunS9B0s3G/CR+qR0zE dthU8XC1dpNuG0enGZAuRN0oQZsL2KTMEVdkropD32XC+pTXyrRe4uJJib7X +Ah3RsbRqiVIqEwCDnOliEYQLqM/SX4XvD72cMFdJgkZdN8vvjlyS61I7L2h qtfiz1VYUmTH0g9lo1V5OEViPzeEQuhL9TcIcTQNiwqsqDF35XML2KivvqMB mVwc8sb7XUErtwOpqWCOKg5ocdcH3axDX9rmoNe7nEBawRWUOcuXmjkJsMAB kuyGbBvWFH/J6MrzcDptUUBoy+YOaxLxipKFNZVySsg4yQoiTOsf6/MVumI7 oN5OEkVURgG14MU4VZ0JCEMeHyskY1isHq1vbKQMWj7H0LGcrV+fRJamPuCt aJNVBijvhS/3E8PCMkzd4rOmJSH+TNhTu/8jrv7LJBI8j7lm3qt084AgGVJk wXa19WT0IGPbpnS5D4xL8c4ldOpaH9cNGmIuTMQzyThF+tRn4pZtoqlcpZbT E5czrZRJqSzkkhay/Qw79dCBNDnhFuy8GLYfQ22TAEbqVqrNjTU57VihqfPn lj2O5pHJWhNCtf79qkTEMPcNxdbh1SVeYoiOKrDFZXnItYqn1FBcklUw3XVO vWCcc6FHlyERt4ma6EsXJBgTAQ1zzwLdj7HibgnWF2wDjO7oOBSPz4tk/R0z c2BkwGWv16P7ZzByeqKB8pZSi01iZU9Dq8c5x8Vn0K+4u3uc5pMxK0A/AHtE YuoNdsisGgxY8cEBBjvw52eknKOrLI4kT+PPlc63RduHRTop2BcxJYiSgs+p Vqd0tnAN8LhzG43kipi8XomZ0TvfI+/X5gU8j14zT/F6wi6akhKejSsdiYcO xhXXNpGIp0pYJCiZezM9jF1g7ihygulGQGDsNOxilocFZauTcKXAJHla53hC OKeZxmC0RM5S+z7kQakmyO9YyO8cwJ+f5cyGxMLDMTDom7nRgM1ZIEW5tmfT N9FpYYgtphqNKnaZW9tt8W2wNs61rgViaJr+OJ/SoEdRJJXRHOH1YoW662g8 rfJ6sNSt03SHogxRMWhNVyX9sE3nwV5SXqNDeFeS0lCvlBRGMdB17yPpIXuF W+AmERnrg+33TjlpS613Z8Wi6bZdhYUNTlgw3NSw5sF7yb0b7vPLUqMFfSYr 1DyXwJ/sOHgefxANYCnleiRK9wQgpVoSfQx/fl5+1GxrTnaGnPHoUd3ZoY+6 1goa55033YiqjekTcQBtnZ1efLdFjl4MtfGMp3pnh35AWVguN29gzWk42DK5 P7j4y2cn8JGBlHt4uUGN2IjI4/NwUvYoRpiAQOXYQJN33ALWjxjWjx1YP4I/ P/t4G/vDm4zIi5nC8FV0vxBDqT48u89gFjv8Q/jzswVz1MZcLm1SMUc0ajcW 15OOJtwhAJ5s3m6zK86rq7gg8kxsOvaqbqjMTvmQbLVVdXNd21ZbTfuW2USt DbROrHMzmqi9EAs1ztwcU3I8MqC+bVTstfZyMKAvd7DqXsu1BDjMS2RoE6oS wswqPAx+m/ys7YK33+jIlu2AgI0cKMFiQsQ6ugm2VNTTTkhmhHiu6q0TCnou FrBhHNd/R8rWGh0XtjhquCUddskEszFDqf5idF208ii9M0p956xHzazqOcPe gsSyjiQedrt6YBrpBeh2PeKDlHpJqOXEMJ3RB4wXPS0fcI0Oc3cEgUe9kule +Cxn5QHf5xP40DmB+/CnyHttspFoxEXo8odGCrG3DqABrWHVsdwQG7pIrO3h 4D5g9sN9GduxgpeM7O1sj3e27+xsD/783MIP0dxzOkrZ0jdH4i8RcN6+SVbU BCC2tAIOZiThsm7tvwm+s/6urEWiz0licS8STRe3QPQug2PPAccu/PmZ10+X kQdbuo9ZnOBOTesRlmYtWsCWYYO4tQQ5cVm7KcTjlE71EcrY211LTgO9ylj3 ko5JfIUJ79Gtwjo7sc33z06Y6BqKSR3E9NiPAAdNCJalwNrtYj32QsWmmxLK ZqgaMqp2HVQN4c8llGv06xbZpnVbviOKhQ0vVfLU0CW0CfDliqgVrQ5thppT 1ex85tyxs+qiw2VXHjD1G7m2ZCEs6WvXWVrtz8GSbo7o3fd+zRfnJloR97uw AgiO3/3kjOHMw22u2U2t0tpFK1Lq6eidq2Sr/6T2j/ssyjPmxHB5sqFKN2Dq GjrUNYA/ibpeoWBGNQssyVHBl9hRLiiquhFHI4TjcXSiIp8T+aHIbUAnn0GU aCcW4Vx4g/iAs9qlWIXPAHG3AHB7tgvb27GtDLfNPFZeU1K30dKKQS4stJ2W grxjjjcHnByQJdmUol8tLN8TCUdagm/R5bGIbdLlTrUHHEDxCvTbPB6Lt2Kr jjB2huw4zpCdHfjzs0cn6IHB9JqULyegEFJmb/1tkD13m5pQ81eEMhH8qisC DDtdcjuAk91McYY5pWXAEpCO3rk5X3iG7bqs5i2gz6dguP0SOqQGavGcFRER mDbHS1iENsAw1j9Yw2mDozHWOycqmtJnnY+HPKyKnm5NwqRQWxJj42KCgrt9 0u3TGHDHJo8fj2c59rsAlng0L37916L4jMk28MXpHBSaCjS6Z1h8kCSx/uI4 zJH+gmekuKX64/MMk6ZOQKNP4mszSPE+C07iP73XH/ynDEZ8ESag+Jk3fwT8 vQCrAwy9XH/2uySs6NPyvbLvzrDzrqp+/W/BS1CXiiIzY5yEV3EUvAqvQmBI +sOLWbVAPL5RWI8kg8Tz4AKgHEbmk1//FRSwFD/99S/p9a//M4nsOmjOi3EV OZ+9BtM6uCiVSszSvqsoIeAHun0bKB6G0F+9BLn7v/9HGPxQ/dt/BcX83/7L Z52XDl++Cask+DGruEmLaYsWA2UoFdFl2BLC0VhHdFJCdVaPjmIlBxfxANSS G7+ZzQ9nr169/uHIeEiPFegA494rtCqBqjB0FByfn12eXZweP+Gbujn75sVw Z7hjHrk4e3520XuBwc0H3+XYrjCc5oqv7jzYHz7cH273O/8H6St0QoLbAAA= --></rfc>