summaryrefslogtreecommitdiff
path: root/fe/607c07738af59683c8e7877962abf459394f50
blob: 06676e1226f080bb73243722e753ce48d7142514 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <brian.erdelyi@gmail.com>) id 1YIOlU-0006Kh-Hw
	for bitcoin-development@lists.sourceforge.net;
	Mon, 02 Feb 2015 21:42:40 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.216.51 as permitted sender)
	client-ip=209.85.216.51; envelope-from=brian.erdelyi@gmail.com;
	helo=mail-qa0-f51.google.com; 
Received: from mail-qa0-f51.google.com ([209.85.216.51])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1YIOlT-0004TO-7c
	for bitcoin-development@lists.sourceforge.net;
	Mon, 02 Feb 2015 21:42:40 +0000
Received: by mail-qa0-f51.google.com with SMTP id f12so31093333qad.10
	for <bitcoin-development@lists.sourceforge.net>;
	Mon, 02 Feb 2015 13:42:33 -0800 (PST)
X-Received: by 10.224.19.137 with SMTP id a9mr46125826qab.83.1422913353761;
	Mon, 02 Feb 2015 13:42:33 -0800 (PST)
Received: from [192.168.1.38] ([64.147.83.112])
	by mx.google.com with ESMTPSA id
	b109sm19396607qgf.40.2015.02.02.13.42.32
	(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
	Mon, 02 Feb 2015 13:42:33 -0800 (PST)
Content-Type: multipart/signed;
	boundary=Apple-Mail-DE0273E6-EDD9-49D1-9B53-1A112ADA3D33;
	protocol="application/pkcs7-signature"; micalg=sha1
Mime-Version: 1.0 (1.0)
From: Brian Erdelyi <brian.erdelyi@gmail.com>
X-Mailer: iPhone Mail (12B466)
In-Reply-To: <54CFE780.1040400@worcel.com>
Date: Mon, 2 Feb 2015 17:42:34 -0400
Content-Transfer-Encoding: 7bit
Message-Id: <49715A29-522A-4718-948D-8E4923EB2FF9@gmail.com>
References: <27395C55-CF59-4E65-83CA-73F903272C5F@gmail.com>
	<54CE3816.6020505@bitwatch.co>
	<68C03646-02E7-43C6-9B73-E4697F3AA5FD@gmail.com>
	<CALkkCJbk0czFj5mdMB6_0+Umw5V-fo-4tdBHgvg92zhyRZWiYQ@mail.gmail.com>
	<CANEZrP0QjPm+TTgV9Fh84vt2zLaGp0R2Wt2ZL2ZXYhxzOFPHVA@mail.gmail.com>
	<CALkkCJYuM_T=_nfBOCF4S8XhVecUZA0ug==Y_n+qdFpb-F628g@mail.gmail.com>
	<CANEZrP1QZqP6wSxcNJt81c4=xXLJsEsPF-CN71NZzwdOFSpB2A@mail.gmail.com>
	<57186618-F010-42E6-A757-B617C4001B5B@gmail.com>
	<F4C9E954-6A29-4A31-B09B-7F0B62270EF8@voskuil.org>
	<4B53C1B0-A677-4460-8A69-C45506424D7F@gmail.com>
	<CAGKSKfW8seFosxzdSL-t8MJ4ewXPUpNh4BJQVVhMn4qPf_BtqQ@mail.gmail.com>
	<CB45FC36-3B3E-486D-95FE-596D7380C3D2@gmail.com>
	<54CFE780.1040400@worcel.com>
To: Pedro Worcel <pedro@worcel.com>
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(brian.erdelyi[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	1.0 HTML_MESSAGE           BODY: HTML included in message
	0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
	-0.0 AWL AWL: Adjusted score from AWL reputation of From: address
X-Headers-End: 1YIOlT-0004TO-7c
Cc: "bitcoin-development@lists.sourceforge.net"
	<bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal to address Bitcoin malware
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 02 Feb 2015 21:42:40 -0000


--Apple-Mail-DE0273E6-EDD9-49D1-9B53-1A112ADA3D33
Content-Type: multipart/alternative;
	boundary=Apple-Mail-80AFB902-E20B-42AF-BC1F-4DB1B16179B9
Content-Transfer-Encoding: 7bit


--Apple-Mail-80AFB902-E20B-42AF-BC1F-4DB1B16179B9
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

Transaction initiated and signed on device #1.  Transaction is sent to devic=
e #2.  On device #2 you verify the transaction and if authorized you provide=
 the second signature.

Brian Erdelyi

Sent from my iPhone

> On Feb 2, 2015, at 5:09 PM, Pedro Worcel <pedro@worcel.com> wrote:
>=20
> Where would you verify that?
>=20
>> On 2/3/2015 10:03 AM, Brian Erdelyi wrote:
>> Joel,
>>=20
>> The mobile device should show you the details of the transaction (i.e. am=
ount and bitcoin address).  Once you verify this is the intended recipient a=
nd amount you approve it on the mobile device.  If the address was replaced,=
 you should see this on the mobile device as it won=E2=80=99t match where yo=
u were intending to send it.  You can then not provide the second signature.=

>>=20
>> Brian Erdelyi
>>=20
>>> On Feb 2, 2015, at 4:57 PM, Joel Joonatan Kaartinen <joel.kaartinen@gmai=
l.com> wrote:
>>>=20
>>> If the attacker has your desktop computer but not the mobile that's acti=
ng as an independent second factor, how are you then supposed to be able to t=
ell you're not signing the correct transaction on the mobile? If the address=
 was replaced with the attacker's address, it'll look like everything is ok.=

>>>=20
>>> - Joel
>>>=20
>>> On Mon, Feb 2, 2015 at 9:58 PM, Brian Erdelyi <brian.erdelyi@gmail.com> w=
rote:
>>>>=20
>>>> > Confusing or not, the reliance on multiple signatures as offering gre=
ater security than single relies on the independence of multiple secrets. If=
 the secrets cannot be shown to retain independence in the envisioned threat=
 scenario (e.g. a user's compromised operating system) then the benefit redu=
ces to making the exploit more difficult to write, which, once written, redu=
ces to no benefit. Yet the user still                           suffers the r=
educed utility arising from greater complexity, while being led to believe i=
n a false promise.
>>>>=20
>>>> Just trying to make sure I understand what you=E2=80=99re saying.  Are y=
ou eluding to that if two of the three private keys get compromised there is=
 no gain in security?  Although the likelihood of this occurring is lower, i=
t is possible.
>>>>=20
>>>> As more malware targets bitcoins I think the utility is evident.  Given=
 how final Bitcoin transactions are, I think it=E2=80=99s worth trying to fi=
nd methods to help verify those transactions (if a user deems it to be high-=
risk enough) before the transaction is completed.  The balance is trying to d=
evise something that users do not find too burdensome.
>>>>=20
>>>> Brian Erdelyi
>>>> -----------------------------------------------------------------------=
-------
>>>> Dive into the World of Parallel Programming. The Go Parallel Website,
>>>> sponsored by Intel and developed in partnership with Slashdot Media, is=
 your
>>>> hub for all things parallel software development, from weekly thought
>>>> leadership blogs to news, videos, case                             stud=
ies, tutorials and more. Take a
>>>> look and join the conversation now. http://goparallel.sourceforge.net/
>>>> _______________________________________________
>>>> Bitcoin-development mailing list
>>>> Bitcoin-development@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>=20
>>=20
>>=20
>> -------------------------------------------------------------------------=
-----
>> Dive into the World of Parallel Programming. The Go Parallel Website,
>> sponsored by Intel and developed in partnership with Slashdot Media, is y=
our
>> hub for all things parallel software development, from weekly thought
>> leadership blogs to news, videos, case studies, tutorials and more. Take a=

>> look and join the conversation now. http://goparallel.sourceforge.net/
>>=20
>>=20
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>=20
> --------------------------------------------------------------------------=
----
> Dive into the World of Parallel Programming. The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media, is yo=
ur
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a=

> look and join the conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development

--Apple-Mail-80AFB902-E20B-42AF-BC1F-4DB1B16179B9
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D=
utf-8"></head><body dir=3D"auto"><div>Transaction initiated and signed on de=
vice #1. &nbsp;Transaction is sent to device #2. &nbsp;On device #2 you veri=
fy the transaction and if authorized you provide the second signature.</div>=
<div><br></div><div>Brian Erdelyi<br><br>Sent from my iPhone</div><div><br>O=
n Feb 2, 2015, at 5:09 PM, Pedro Worcel &lt;<a href=3D"mailto:pedro@worcel.c=
om">pedro@worcel.com</a>&gt; wrote:<br><br></div><blockquote type=3D"cite"><=
div>
 =20
    <meta content=3D"text/html; charset=3Dwindows-1252" http-equiv=3D"Conten=
t-Type">
 =20
 =20
    Where would you verify that?<br>
    <br>
    <div class=3D"moz-cite-prefix">On 2/3/2015 10:03 AM, Brian Erdelyi
      wrote:<br>
    </div>
    <blockquote cite=3D"mid:CB45FC36-3B3E-486D-95FE-596D7380C3D2@gmail.com" t=
ype=3D"cite">
      <meta http-equiv=3D"Content-Type" content=3D"text/html;
        charset=3Dwindows-1252">
      Joel,
      <div class=3D""><br class=3D"">
      </div>
      <div class=3D"">The mobile device should show you the details of the
        transaction (i.e. amount and bitcoin address). &nbsp;Once you verify=

        this is the intended recipient and amount you approve it on the
        mobile device. &nbsp;If the address was replaced, you should see thi=
s
        on the mobile device as it won=E2=80=99t match where you were intend=
ing
        to send it. &nbsp;You can then not provide the second signature.</di=
v>
      <div class=3D""><br class=3D"">
      </div>
      <div class=3D"">Brian Erdelyi</div>
      <div class=3D""><br class=3D"">
        <div>
          <blockquote type=3D"cite" class=3D"">
            <div class=3D"">On Feb 2, 2015, at 4:57 PM, Joel Joonatan
              Kaartinen &lt;<a moz-do-not-send=3D"true" href=3D"mailto:joel.=
kaartinen@gmail.com" class=3D"">joel.kaartinen@gmail.com</a>&gt;
              wrote:</div>
            <br class=3D"Apple-interchange-newline">
            <div class=3D"">
              <div dir=3D"ltr" class=3D"">If the attacker has your desktop
                computer but not the mobile that's acting as an
                independent second factor, how are you then supposed to
                be able to tell you're not signing the correct
                transaction on the mobile? If the address was replaced
                with the attacker's address, it'll look like everything
                is ok.
                <div class=3D""><br class=3D"">
                </div>
                <div class=3D"">- Joel<br class=3D"">
                  <div class=3D"gmail_extra"><br class=3D"">
                    <div class=3D"gmail_quote">On Mon, Feb 2, 2015 at 9:58
                      PM, Brian Erdelyi <span dir=3D"ltr" class=3D"">&lt;<a m=
oz-do-not-send=3D"true" href=3D"mailto:brian.erdelyi@gmail.com" target=3D"_b=
lank" class=3D"">brian.erdelyi@gmail.com</a>&gt;</span>
                      wrote:<br class=3D"">
                      <blockquote class=3D"gmail_quote" style=3D"margin:0 0
                        0 .8ex;border-left:1px #ccc
                        solid;padding-left:1ex"><span class=3D""><br class=3D=
"">
                          &gt; Confusing or not, the reliance on
                          multiple signatures as offering greater
                          security than single relies on the
                          independence of multiple secrets. If the
                          secrets cannot be shown to retain independence
                          in the envisioned threat scenario (e.g. a
                          user's compromised operating system) then the
                          benefit reduces to making the exploit more
                          difficult to write, which, once written,
                          reduces to no benefit. Yet the user still
                          suffers the reduced utility arising from
                          greater complexity, while being led to believe
                          in a false promise.<br class=3D"">
                          <br class=3D"">
                        </span>Just trying to make sure I understand
                        what you=E2=80=99re saying.&nbsp; Are you eluding to=
 that if
                        two of the three private keys get compromised
                        there is no gain in security?&nbsp; Although the
                        likelihood of this occurring is lower, it is
                        possible.<br class=3D"">
                        <br class=3D"">
                        As more malware targets bitcoins I think the
                        utility is evident.&nbsp; Given how final Bitcoin
                        transactions are, I think it=E2=80=99s worth trying t=
o
                        find methods to help verify those transactions
                        (if a user deems it to be high-risk enough)
                        before the transaction is completed.&nbsp; The
                        balance is trying to devise something that users
                        do not find too burdensome.<br class=3D"">
                        <div class=3D"HOEnZb">
                          <div class=3D"h5"><br class=3D"">
                            Brian Erdelyi<br class=3D"">
----------------------------------------------------------------------------=
--<br class=3D"">
                            Dive into the World of Parallel Programming.
                            The Go Parallel Website,<br class=3D"">
                            sponsored by Intel and developed in
                            partnership with Slashdot Media, is your<br clas=
s=3D"">
                            hub for all things parallel software
                            development, from weekly thought<br class=3D"">
                            leadership blogs to news, videos, case
                            studies, tutorials and more. Take a<br class=3D"=
">
                            look and join the conversation now. <a moz-do-no=
t-send=3D"true" href=3D"http://goparallel.sourceforge.net/" target=3D"_blank=
" class=3D"">http://goparallel.sourceforge.net/</a><br class=3D"">
_______________________________________________<br class=3D"">
                            Bitcoin-development mailing list<br class=3D"">
                            <a moz-do-not-send=3D"true" href=3D"mailto:Bitco=
in-development@lists.sourceforge.net" class=3D"">Bitcoin-development@lists.s=
ourceforge.net</a><br class=3D"">
                            <a moz-do-not-send=3D"true" href=3D"https://list=
s.sourceforge.net/lists/listinfo/bitcoin-development" target=3D"_blank" clas=
s=3D"">https://lists.sourceforge.net/lists/listinfo/bitcoin-development</a><=
br class=3D"">
                          </div>
                        </div>
                      </blockquote>
                    </div>
                    <br class=3D"">
                  </div>
                </div>
              </div>
            </div>
          </blockquote>
        </div>
        <br class=3D"">
      </div>
      <br>
      <fieldset class=3D"mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap=3D"">-------------------------------------------------------=
-----------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your=

hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. <a class=3D"moz-txt-link-freetext" href=3D=
"http://goparallel.sourceforge.net/">http://goparallel.sourceforge.net/</a><=
/pre>
      <br>
      <fieldset class=3D"mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap=3D"">_______________________________________________
Bitcoin-development mailing list
<a class=3D"moz-txt-link-abbreviated" href=3D"mailto:Bitcoin-development@lis=
ts.sourceforge.net">Bitcoin-development@lists.sourceforge.net</a>
<a class=3D"moz-txt-link-freetext" href=3D"https://lists.sourceforge.net/lis=
ts/listinfo/bitcoin-development">https://lists.sourceforge.net/lists/listinf=
o/bitcoin-development</a>
</pre>
    </blockquote>
    <br>
 =20

</div></blockquote><blockquote type=3D"cite"><div><span>--------------------=
----------------------------------------------------------</span><br><span>D=
ive into the World of Parallel Programming. The Go Parallel Website,</span><=
br><span>sponsored by Intel and developed in partnership with Slashdot Media=
, is your</span><br><span>hub for all things parallel software development, f=
rom weekly thought</span><br><span>leadership blogs to news, videos, case st=
udies, tutorials and more. Take a</span><br><span>look and join the conversa=
tion now. <a href=3D"http://goparallel.sourceforge.net/">http://goparallel.s=
ourceforge.net/</a></span></div></blockquote><blockquote type=3D"cite"><div>=
<span>_______________________________________________</span><br><span>Bitcoi=
n-development mailing list</span><br><span><a href=3D"mailto:Bitcoin-develop=
ment@lists.sourceforge.net">Bitcoin-development@lists.sourceforge.net</a></s=
pan><br><span><a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoi=
n-development">https://lists.sourceforge.net/lists/listinfo/bitcoin-developm=
ent</a></span><br></div></blockquote></body></html>=

--Apple-Mail-80AFB902-E20B-42AF-BC1F-4DB1B16179B9--

--Apple-Mail-DE0273E6-EDD9-49D1-9B53-1A112ADA3D33
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Disposition: attachment;
	filename=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIFPjCCBTow
ggQioAMCAQICEQD+CeXsAo3TQnv+qeGjfUyhMA0GCSqGSIb3DQEBCwUAMIGXMQswCQYDVQQGEwJH
QjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQK
ExFDT01PRE8gQ0EgTGltaXRlZDE9MDsGA1UEAxM0Q09NT0RPIFJTQSBDbGllbnQgQXV0aGVudGlj
YXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQTAeFw0xNDExMjUwMDAwMDBaFw0xNTExMjUyMzU5NTla
MCgxJjAkBgkqhkiG9w0BCQEWF2JyaWFuLmVyZGVseWlAZ21haWwuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAvQDj388L/vsgxUA15mA0zQi5ni5Eow63o4RJRIKnjGfkmLTVMKh8
CNIqZuO/+i1mq4Uwh01OhNBGccaSllmNCb5a306RzUmyVAY71q8hsYJn6WY7gFO7d3f5F4CTykfg
+Kd2PzC7V3Yh1QYMIxtkgu+CGTzt7vj2/tIHCEyPnRTeIUVym2XmGDcsKV1Ni/0gsqmYE6PMisOz
pdl/UDMsKTUPtb/QMS9ltDSmJwqWUslIgwC2aLG6x2Bqg0iGcu/jqZvyZtSh03pw7JYnqHhO/fQu
IGwh8d+l+DufANLJVKYrq35v+84KkZEyoMnJOdu3L6DxNYbalbGqdn9X7aAcKwIDAQABo4IB7TCC
AekwHwYDVR0jBBgwFoAUgq9sjPjF/pZhfOgfPStxSF7Ei8AwHQYDVR0OBBYEFGUCqwwaYBCs53zY
8pdIG3PIrB84MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMCAGA1UdJQQZMBcGCCsGAQUF
BwMEBgsrBgEEAbIxAQMFAjARBglghkgBhvhCAQEEBAMCBSAwRgYDVR0gBD8wPTA7BgwrBgEEAbIx
AQIBAQEwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLm5ldC9DUFMwWgYDVR0f
BFMwUTBPoE2gS4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVu
dGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAC
hklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFu
ZFNlY3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w
IgYDVR0RBBswGYEXYnJpYW4uZXJkZWx5aUBnbWFpbC5jb20wDQYJKoZIhvcNAQELBQADggEBAIIR
lJpXUq0nEAWjpOnaB24TDlsW3R+/8MB/oEh6I+SJaJkwBswWCTKF8BPfvrFGde71X8Rii34c6lki
NTLj+EM+L0uJuJzXt0hh5ZNWMNlFWKaW2QRi79c6i76N5xGH2hE9vyul/lTOOZzMdxSN9HoYtr6H
PuKkcNRO0STUyj8zHlrhmz2QnUqsMIPAI233tfvRhFIn+0vreVQZ9Ff6PjYuWOOsFQ2ltJt7NbsY
DhOYR31j+N3gWESkExYdcmqn6Svx2wYtv+SSeRIQJ7sX48sqUOuhqIlcCJBC5SljjQf7JWIFDjpV
wN0AdidkfHwMengP7FywRQ3ngLFNVAvFH2ExggO6MIIDtgIBATCBrTCBlzELMAkGA1UEBhMCR0Ix
GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
Q09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0
aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEQD+CeXsAo3TQnv+qeGjfUyhMAkGBSsOAwIaBQCgggHh
MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE1MDIwMjIxNDIzNFow
IwYJKoZIhvcNAQkEMRYEFLQ0V8lOdsDTuEyaVOrappLP0WIpMIG+BgkrBgEEAYI3EAQxgbAwga0w
gZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1Nh
bGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8gUlNBIENs
aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhEA/gnl7AKN00J7/qnho31M
oTCBwAYLKoZIhvcNAQkQAgsxgbCgga0wgZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVy
IE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVk
MT0wOwYDVQQDEzRDT01PRE8gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVt
YWlsIENBAhEA/gnl7AKN00J7/qnho31MoTANBgkqhkiG9w0BAQEFAASCAQAZMUVvv5AxObAJiJk4
XElH3x3T3h4A3uzDAil1nw0UjGAYUiF8+N8Tiz6W9if9sMYvdxYn9jxo5Aia5ahvwuAY8HT/s/Gw
Slj2NMtGVYCiy2gPTu46vZeQgiJmpMIhJCRyLa+bJt2lrNayec3bTmwM4o6JtmVNqQqGRMC2dSA8
A7M2CTINANMzBBNtAbhGNUlbCIcBgyYHAluQmPmHwJTfB/qeghgteHyobOCcubAhNGMAgcKZResf
v5kmSgFsz9HlWMszpXRys1fsCK1H4bPXKl7LjZssI/uAXhloE/RuzkYK70p8LLErxQJCQIro0U9Y
aCpNpkJzTK3LfOqyPgiUAAAAAAAA
--Apple-Mail-DE0273E6-EDD9-49D1-9B53-1A112ADA3D33--