From nobody Thu Feb 16 10:50:58 2023 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PHWvj0fP8z3q1Q8; Thu, 16 Feb 2023 10:51:13 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "plan-b.pwste.edu.pl", Issuer "GEANT OV RSA CA 4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PHWvh34ddz40kd; Thu, 16 Feb 2023 10:51:11 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Authentication-Results: mx1.freebsd.org; none Received: from [IPV6:2a02:22e0:cf00:1ff:5cb6:4eff:d0a2:65e3] (mzar@[IPv6:2a02:22e0:cf00:1ff:5cb6:4eff:d0a2:65e3]) (authenticated bits=0) by plan-b.pwste.edu.pl (8.17.1/8.17.1) with ESMTPSA id 31GAp1iC062349 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Thu, 16 Feb 2023 11:51:01 +0100 (CET) (envelope-from zarychtam@plan-b.pwste.edu.pl) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl; s=plan-b-mailer; t=1676544662; bh=rPj4EXkvG8itWb+YNUON3lII8e2sJYSH1Fj7V9yFtTE=; h=Date:To:References:From:Subject:In-Reply-To; b=QzJ9NCdCF+P10KhVFRYnjjF3oQrGHaMCQ1NT52jkbMng51d4bWu3+odsdD3tQuOyE Ly4efLp1JWRHL4iPEuQBK4T+5fjumhgg4xxEW5VrklPTF9kqIBjOc65b8V1q6x2eB6 ptklJELkaczwBDX7UD66S39Qu5YmPKpszUAyaJRY2nzsHC4fjAmcqKOyGXW5MyFYJb ncj/MtYMOgB/eViZnqDxb8PsoM18/OdXUeZx7Xx5YzS5eZah1QnWH08skhYpndGj69 u0bWgRrl2OUd/NKnyeeOqzPXNhp0C87kEJlwLAV/ujoqJo+YL43aG91dZsQ8S72UkZ Xy6Mmhhgi5C4g== Message-ID: <570a229b-36b5-c359-ded0-acd29d61321c@plan-b.pwste.edu.pl> Date: Thu, 16 Feb 2023 11:50:58 +0100 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.7.1 Content-Language: en-US To: Ruben van Staveren , freebsd-stable@freebsd.org, "freebsd-net@freebsd.org" References: <149E43A9-7C32-4DDD-AA88-6335F3DE2332@verweg.com> From: Marek Zarychta Subject: Re: Set net.inet6.icmp6.nodeinfo default to 0 and disable annoying ip6 logging In-Reply-To: <149E43A9-7C32-4DDD-AA88-6335F3DE2332@verweg.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------MqKAivcw1VYPAd1jMVu4bPtK" X-Rspamd-Queue-Id: 4PHWvh34ddz40kd X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------MqKAivcw1VYPAd1jMVu4bPtK Content-Type: multipart/mixed; boundary="------------MjgtzBbsooVNoqpmmagpPmGi"; protected-headers="v1" From: Marek Zarychta To: Ruben van Staveren , freebsd-stable@freebsd.org, "freebsd-net@freebsd.org" Message-ID: <570a229b-36b5-c359-ded0-acd29d61321c@plan-b.pwste.edu.pl> Subject: Re: Set net.inet6.icmp6.nodeinfo default to 0 and disable annoying ip6 logging References: <149E43A9-7C32-4DDD-AA88-6335F3DE2332@verweg.com> In-Reply-To: <149E43A9-7C32-4DDD-AA88-6335F3DE2332@verweg.com> --------------MjgtzBbsooVNoqpmmagpPmGi Content-Type: multipart/alternative; boundary="------------bA67x3CXUNUlY0OCpvvNtIHm" --------------bA67x3CXUNUlY0OCpvvNtIHm Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 VyBkbml1IDE2LjAyLjIwMjMgb8KgMTA6MjIsIFJ1YmVuIHZhbiBTdGF2ZXJlbiBwaXN6ZToN Cj4gSGkgbGlzdCwNCj4NCj4gR2l2ZW4gMTMuMiBpcyBuZWFyaW5nIHJlbGVhc2UsIHdvdWxk IGl0IGJlIHBvc3NpYmxlIHRvIGhhdmUgYSBsb29rIGF0DQo+DQo+IDI1NzcwOSDigJMgbmV0 aW5ldDY6IFNldCBuZXQuaW5ldDYuaWNtcDYubm9kZWluZm8gZGVmYXVsdCB0byAwIA0KPiA8 aHR0cHM6Ly9idWdzLmZyZWVic2Qub3JnL2J1Z3ppbGxhL3Nob3dfYnVnLmNnaT9pZD0yNTc3 MDk+DQo+IGJ1Z3MuZnJlZWJzZC5vcmcgDQo+IDxodHRwczovL2J1Z3MuZnJlZWJzZC5vcmcv YnVnemlsbGEvc2hvd19idWcuY2dpP2lkPTI1NzcwOT4NCj4gCWZic2RfZmF2aWNvbi5pY28g DQo+IDxodHRwczovL2J1Z3MuZnJlZWJzZC5vcmcvYnVnemlsbGEvc2hvd19idWcuY2dpP2lk PTI1NzcwOT4NCj4NCj4gPGh0dHBzOi8vYnVncy5mcmVlYnNkLm9yZy9idWd6aWxsYS9zaG93 X2J1Zy5jZ2k/aWQ9MjU3NzA5Pg0KPg0KPiBBbmQgaGFyZGVuIEZyZWVCU0TigJlzIGRlZmF1 bHQgSVB2NiBzZWN1cml0eSBhIGJpdD8NCj4NCj4gUmVnYXJkcywNCj4gwqAgwqAgUnViZW4N Cj4NCg0KSGVsbG8sDQoNCnBlcmhhcHMgdGltZSB0byBjaGFuZ2UgdGhlIGRlZmF1bHRzLCBi dXQgc3RpbGwsIGl0IGNhbiBiZSBlYXNpbHkgDQpkaXNhYmxlZCBieSBzZXR0aW5nOg0KDQpz eXNjdGwgbmV0LmluZXQ2LmljbXA2Lm5vZGVpbmZvPTANCg0KTXkgY29uY2VybiBpcyByYXRo ZXIga2VybmVsIG1lc3NhZ2UgYnVmZmVyIG9uIElQdjYgcm91dGVycyBmbG9vZGVkIHdpdGgg DQpodW5kcmVkcyBvZiBlbnRyaWVzOg0KDQpjYW5ub3QgZm9yd2FyZCBzcmMgZmU4MDoxMDo6 NDI2OjgyZmY6ZmUzNjoxZDgsIGRzdCAyMDAxOmRiODpkYjg6OjEwLCBueHQgDQo1OCwgcmN2 aWYgdmxhbjUsIG91dGlmIHZsYW4yDQpjYW5ub3QgZm9yd2FyZCBzcmMgZmU4MDoxMDo6MTAy YTo3OWZmOmZlYzc6NjFjZiwgZHN0IA0KMjAwMTpkYjg6ZGI4OmEwMjg6OjEsIG54dCA1OCwg cmN2aWYgdmxhbjQsIG91dGlmIHZsYW4yDQoNCkl0J3MgZmluZSB0aGF0IHRoZXNlIHBhY2tl dHMgYXJlIG5vdCBiZWluZyBmb3J3YXJkZWQsIGJ1dCBsb2dnaW5nIHRoZW0gDQpjYW4ndCBi ZSBkaXNhYmxlZCwgb25seSBkZWxheWVkIHdpdGggaW5jcmVhc2luZyB0aGUgdmFsdWUgb2Yg dGhlIHN5c2N0bCANCmtub2IgIm5ldC5pbmV0Ni5pcDYubG9nX2ludGVydmFsIiwgd2hpY2gg aXMgbm90IGFsd2F5cyB0aGUgYmVzdCANCnNvbHV0aW9uLiBJdCdzIG5vdCBhbHdheXMgcG9z c2libGUgdG8gaW1wbGVtZW50IEJDUDM4LCBhbmQgZXZlbiBoYXJkZXIgDQp0byBhc2sgdGhl IHVwc3RyZWFtIGZvciB0aGUgaW1wbGVtZW50YXRpb24gb2YgdGhlIEJDUDM4IHBvbGljeSwg c28gDQpzaWxlbnRseSBkaXNjYXJkaW5nIHRob3NlIHBhY2tldHMgd2lsbCBiZSBmaW5lLiBJ IGFtIGNyb3NzcG9zdGluZyBpdCB0byANCmZyZWVic2QtbmV0QCB0byBnYWluIGFuIGV2ZW4g d2lkZXIgYXVkaWVuY2UgYW5kIHN1cHBvcnQuIElzIHRoZSBzdXJ2ZXkgDQpvbiBUd2l0dGVy IHJlcXVpcmVkPw0KDQpDaGVlcnMNCg0KLS0gDQpNYXJlayBaYXJ5Y2h0YQ0KDQo= --------------bA67x3CXUNUlY0OCpvvNtIHm Content-Type: multipart/related; boundary="------------3LcrNfzVPbj0AKjw762ZAjQj" --------------3LcrNfzVPbj0AKjw762ZAjQj Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
W dniu 16.02.2023 o=C2=A010:22, Ruben = van Staveren pisze:
Hi list,

Given 13.2 is nearing release, would it be possible to have a look at=C2=A0

And harden FreeBSD=E2=80=99s default IPv6 security a bit?=C2=A0=

Regards,
=C2=A0 =C2=A0 Ruben


Hello,

perhaps time to change the defaults, but still, it can be easily disabled by setting:

sysctl net.inet6.icmp6.nodeinfo=3D0

My concern is rather kernel message buffer on IPv6 routers flooded with hundreds of entries:

cannot forward src fe80:10::426:82ff:fe36:1d8, dst 2001:db8:db8::10, nxt 58, rcvif vlan5, outif vlan2
cannot forward src fe80:10::102a:79ff:fec7:61cf, dst 2001:db8:db8:a028::1, nxt 58, rcvif vlan4, outif vlan2

It's fine that these packets are not being forwarded, but logging them can't be disabled, only delayed with increasing the value of the sysctl knob "net.inet6.ip6.log_interval", which is not always the best solution. It's not always possible to implement BCP38, and even harder to ask the upstream for the implementation of the BCP38 policy, so silently discarding those packets will be fine. I am crossposting it to freebsd-net@ to gain an even wider audience and support. Is the survey on Twitter required?

Cheers
--=20
Marek Zarychta
--------------3LcrNfzVPbj0AKjw762ZAjQj Content-Type: image/x-icon; name="fbsd_favicon.ico" Content-Disposition: inline; filename="fbsd_favicon.ico" Content-Id: Content-Transfer-Encoding: base64 AAABAAIAEBAAAAEAIABoBAAAJgAAACAgAAABACAAqBAAAI4EAAAoAAAAEAAAACAAAAABACAA AAAAAEAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAADwMC ACMDAQAkAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDAYy KyxGlykrgdMnLJrpJkKo6SBjmdQiS1ebDAoHNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAvLy5uQEKY7xYcz/8EEdz/AhnX/wIl6v8HQPf/G3P+/1eIxfMyMjZ3AAAAAgAAAAAAAAAA AAAAAAAAAAA5OTNrUlOs/gADwf8ADMj/ARvM/wIozf8DM9v/Azrj/wBA7v8UX/7/d5fm/zc2 OHYAAAAAAAAAAAAAAAAQEAksc3Oa5wcKuP8AD8//Ah3T/wIn1P8CH7r/ARO9/wEStv8BHsT/ ATHS/yhV5/+Kk8XuDw0INQAAAAAAAAAAWlpXikVHtf8ACMj/Ah7b/wIl3f8ADMT/AACS/wAA sf8AALD/AACo/wAAk/8EFan/jMn//2FqY5YAAAAAAAAACW9uh8USH8T/ABzd/wIp5f8BDtb/ AADG/wAAoP8AAKP/AAC7/wAAuP8AAJT/AAB1/0Z11f+PrazPAAAADgcGABdqbJ/cAh7e/wAn 6f8CJOf/AADa/wAA1/8AALb/AACm/wAAof8AAK7/AACr/wAAd/8KEpf/gpm75QgGACEEAwAX c3mo3DBn7/84dvT/AB/p/wAA5f8AAOX/AADJ/wAAuP8AAKX/AACR/wAAj/8BAX3/CAt3/258 peQKCQMfAAAAB3+AlsGcv/7/2PH+/0579f8AEvL/AADy/wAA2v8AAML/AACt/wAAmf8MC4P/ JSRx/0dOiP9yeozMAAAADQAAAABWVVeB1t///+bv/v/c7f7/h6H8/z5f/P8hNez/JiXP/ykp vv8/P7H/Jiil/xwdl/+Eh8H/XV5ajwAAAAAAAAAAFBMiU8vM5f/2+///+fz+/+Pl/P/I2vz/ ttL7/7jJ9f/Oz+//p63l/0pY9v8AAL7/Skqv/yUlL10AAAAAAAAAAAsLV6U5PL//5OX9//7/ ///z9v7/6PP9//Dy/P/y+v7/x8/v/7bD7v/6/P//XWfv/wcJsf8eHmGrAAAAAQAABCQAAILn Ji3V/6ay///m6+77///9/////////////////8TE8v+RmeP/4uvy++Xr//9ZX+D/AAGI7AAA BigAAAMiDQ921GRpt987RWqOJCcuTIKCgYzAwMDH2NjX39PT1+C/wMPJk5KPjC0xNkpGTWWK bHC43AsNedkAAAQmAAAAAQEBAxoBAQIWAAAAAAAAAAAFBQUAFhYWCiMjIxslJSQbGxsaCwwM CwABAQEAAAAAAAAAARQAAAMbAAAAAvw////wD///4AP//8AD//+AAf//gAH//wAA//8AAP// AAD//wAA//+AAf//gAH//4AA//8AAP//AAD//xw4//8oAAAAIAAAAEAAAAABACAAAAAAAIAQ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAwAAAAMAAAACAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAcAAAASAAAAIQAAADAAAAA7AAAAOwAA ADMAAAAiAAAAEgAAAAcAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAABEAAAAvCgkDZycm KJwwMVHAMjRo3Dc8deQ9QnjlNEpx3iFJXsUZMjegCwoIbQAAADIAAAARAAAABQAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAoAAAAqFRUNeFNUYtJUWKb8SE7P/zA23P8nMNz/KTTf/ytB7P8faPj/JJb+/zOw9/87osv+ PGd32BoVFIIAAAAwAAAADgAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAIAAAAQAgIAS1FRTr11eLn+MDbS/wcNzf8ABcv/AAjS/wAPzv8AFMn/ ABjg/wAc5P8CKOj/CUDu/xx7+/87u///bKzZ/1FRXcsHBQJYAAAAEwAAAAMAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAFQ0NCGOIiZLmW1/L/wUHtf8AALz/ AAjK/wAQ0f8CFtX/AhzP/wIhzv8CJd//Airh/wIt5P8CMOj/ADHr/wRG8P8sjP3/kbj//3+K pe8UEg9xAAAAGAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAA4LCwhh oaGm61JVwv8AAJ3/AAW8/wEMyP8BEcj/AhbK/wIbzv8CIcj/AibO/wIq2v8DMN3/AzTh/wM6 5f8DP+r/AkDt/wBC8P8tbPL/lbj//4+Zs/QWFRFxAAAAEwAAAAEAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAJAAAAR6KioeFsbsL/AACT/wEHv/8BDMb/ARHH/wIWyf8CHMz/AiDQ/wIl w/8CLM7/AzLY/wM43P8DPuH/A0Pm/wRI6v8ETO3/BE/w/wBH5v8pYOj/orr//5CWquwIBwRW AAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAAACVnZ2CyqKnW/wAAg/8AB8H/AQ3J/wES y/8CF87/AhzQ/wIh0v8CJ9b/Ai7J/wMw0f8DK9L/AifK/wIjxP8CKMn/AzXX/wND4/8IT+z/ DU3g/wc/2v9DZ+X/ucX+/2Zma8UAAAAuAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAOFRUTatPT 1vozM5H/AACq/wEOz/8BEs7/AhfR/wId1P8CIdb/Aina/wIq2v8CHKv/AAil/wAAs/8AAKz/ AACn/wAApP8AAKb/AAKw/wMVw/8LMsL/FULR/xI30/91h+3/wcrg/yQjIX4AAAARAAAAAAAA AAAAAAAAAAAAAQAAACWFhX/AoKDP/wAAiv8ADsj/ARPT/wIY1f8CHdj/AiPb/wIq3v8CItj/ AAe+/wAAh/8AAJP/AAC5/wAAtP8AALH/AACt/wAAqP8AAKb/AACp/wAAiP8HEZ//HDvY/0h8 7f/N8f//hoyL0QAAADAAAAACAAAAAAAAAAAAAAAFBwcFUcfHx/I3OKL/AAWk/wETzP8CGNn/ Ah3a/wIi3f8CK+H/AiDa/wACxv8AALn/AACT/wAAj/8AALH/AAC9/wAAtv8AALP/AACu/wAA qv8AAKX/AAB//wAAgf8KErH/Uanz/7D////H2tr+FRMTZwAAAAcAAAAAAAAAAAAAAAtERD+G xMPf/wUNnP8AErn/AhnU/wIe3v8CI+D/Airk/wIl4f8AA8z/AADL/wAAwf8AAJ3/AACY/wAA m/8AALn/AAC//wAAuP8AALP/AACv/wAAqf8AAHr/AAB5/wAAh/8dPrn/iPT//9r9//9LSUmZ AAAAEQAAAAAAAAAAAAAAFnJya6iXmNX/AAes/wIZ1v8CHuD/AiPi/wIp5f8DLef/AQvV/wAA z/8AANP/AADI/wAAp/8AAKT/AACd/wAAnv8AALn/AADA/wAAuf8AALP/AACw/wAAh/8AAG3/ AACC/wAAjf9Ad9f/zf///3Z1d7wAAAAeAAAAAAAAAAAAAAAhj46Iv36B0f8ADMT/Ah7h/wIj 4/8CKOb/AzDq/wIj5f8AANX/AADY/wAA2f8AAND/AACx/wAArf8AAKj/AACg/wAAnP8AAK// AAC8/wAAuv8AALT/AACg/wAAbP8AAHn/AACG/wgTpv+u4v//mp+e1wAAACwAAAABAAAAAQAA ACecm5fLbXTU/wAY1v8AJ+T/ACrm/wIv6v8DNu7/ARPh/wAA3P8AAN7/AADf/wAA1/8AALz/ AAC3/wAAsf8AAKr/AACh/wAAl/8AAJr/AACq/wAAtf8AALT/AACD/wAAbf8AAHz/AACJ/4Ge 7f+ss6/hAAAANgAAAAIAAAABAAAAJpqYlst5gt3/AC3d/xBM6f8VT+z/Aj3u/wI27/8ABeH/ AADi/wAA5P8AAOX/AADf/wAAxv8AAL//AAC5/wAAsP8AAKj/AACf/wAAlP8AAIr/AACO/wAA nv8AAKH/AQFw/wICbv8AAHX/aoXY/660r98AAAA0AAAAAgAAAAAAAAAfgoGBvKar7P8dX+T/ X570/4u2+P9EhPb/AEPx/wAI5v8AAOj/AADq/wAA6v8AAOj/AADS/wAAx/8AAMD/AAC3/wAA rv8AAKT/AACa/wAAkf8AAIX/AAB8/wIDfv8GB3H/DQxj/wcJcf9yjdH/oaKe0gAAACkAAAAB AAAAAAAAABRnZmajzs32/1qF5/9/vvf/6/f+/8Xh/v88gfb/AB3s/wAI7v8AAvD/AADw/wAA 7v8AAN3/AADO/wAAxv8AALz/AACy/wAAqP8AAJ7/AACU/wEBi/8EBIL/Cwt1/x0dav85OG// LzmB/5On0/95d3S2AAAAHAAAAAAAAAAAAAAACj8/PX7Y1/H/lqju/5S19P/q9v7/8vv//6PN /P9OevX/FDr1/wAS9v8AB/b/AAL0/wEB5/8BAdT/AQHL/wAAwP8AALX/AQGr/wEBof8EBJj/ CgqP/xkYhf8xMH3/QEBz/0NCbP9QW5H/usDX/09OTJQAAAAPAAAAAAAAAAAAAAADCgoISLa1 xOrY3///qb31/9jj/P/r9v7/1e3+/6jI+/+Cnfr/Rm78/xU4/P8AGPf/AAvw/wgJ2/8ICM7/ BwfE/wcHuf8JCa//DQ2m/xkZoP82Npj/OjqP/x0dhP88PJ//S0ui/29+p//Cw8b4HR0cXwAA AAUAAAAAAAAAAAAAAAAAAAAie3t/t/Pz///J2Pr/09/7//b5/v/9////2ev+/8LJ+/+nt/3/ hKr+/2mN+/89Y/f/L0bq/z482P84OM//ODjH/0FBwv9YWMH/fHu+/0lMsv8HDLr/AACe/x8f lf+BgtP/rbDY/5CPicsDAwMvAAAAAQAAAAAAAAAAAAAAAAMDAhIhISF31NPi+/P4///X4/z/ 8fT+///////1+///3uT9/9LP/P/AzPz/sc/8/6vM/P+jw/r/q730/7m57v+6uev/v7/q/8PC 4/9rcMn/P070/w4a6v8ABcP/AACY/zs6ov+ZmNr/Li4yjQYGBRgAAAAAAAAAAAAAAAAAAAAA AAAAGB8fSpZ/f9D/+Pj7//D1///n7f3/9ff+//H5/v/q7v3/4+H7/9Hf/P/S3/z/zt77/8Xg +//D4Pz/zd/5/9rc9f/m5fb/oqXf/4OW7P+aq///QlH9/wAL4f8AA7r/AgOS/2Bgv/8sLF2k AAAAGwAAAAAAAAAAAAAAAAAAAAQBAQI/MzOa4A0OmP+foNj///////L1/v/v8v3/8fb+//L0 /f/r7fz/2+/9/+Lt/P/s6vv/5+v7/+Ds/P/c7fz/3/D8/9vg9f+hs+//9Pr///n7///L0v// V2L4/wAH0/8AAKn/HByY/1BQqegAAAlJAAAABQAAAAAAAAAAAAAADxMTRYkXF6f/AACQ/xQb w/+2ufT///////j5/v/19/3/+Pr+//f5/v/u+P7/7vf+//X1/f/29Pz/9vT8//b2/P////// jY7W/2B51/////////////L2///N0///Y2vw/wQLxP8AAJP/LS2t/xwcUZYAAAASAAAAAAAA AAEAAAAmBwdzxgEClP8AA6T/BA/T/0BN9//V2/3////+///////8/v///f////r+///4/f// +vz+//v7/v/8/P7/+/v9//Pz+v92dc3/AAes/5yt6f/7/////////+To//+wtf7/Tlbi/wEG rP8FBZP/FRV/0QAAAC0AAAABAAAABAAAB0IAAIfqAACR/woSu/9rcuz/tLv//8DR//+4yuv6 5OTl+P////////////////7////9//////7///39/v/g4fb/1tf1/9DS9P+urer/xMf1/7zR 6/nB0uv59vz///b3//+zt/f/MjnK/wABlf8DA4nwAAALSwAAAAMAAAAEAAAKRwABhe8SFqv/ dnvn/9XY//+Rn/L7P1WXwxchNHhHR0V8oaGgxNzc3fD+/v7///////////////////////v8 ///8/f///////+zs5vK3trDFWVhWfBwlNHROYI2+oq7u+djc//+QlfD/Exew/wAAhvUAAAxO AAAAAwAAAAIAAAAjBARIqiYqmOlKT6XYJixvpwEFJGYAAAAnCAcGESMjIhYwMDAzRUVFW3R0 dIiWlparqampwLe4uM25ubnNrq6swZycmq59fXyMVFRTWkNDQy4zMzMTDAwLEAAAACUCBR5g IylpoUBFo9QaHpfpAABMswAAACoAAAACAAAAAAAAAAcAAAAcAAAANQAAAC4AAAAXAAAACAAA AAIAAAAAAwMDABQUFAEeHh4HKioqDjMzMxk0NDQlNjY2Lzg3Ny83NzcmNjY2GjExMQ4oKCgG ISEhAAgICAAAAAAAAAAAAQAAAAcAAAAUAAAAKwAAADYAAAAgAAAACgAAAAEAAAAAAAAAAAAA AAEAAAACAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBAQADQ0NABEREQAQEBAA ERERABISEgAQEBAABgYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAgAA AAEAAAAAAAAAAP/8P///wAP//wAA//4AAD/4AAAf8AAAD+AAAAfgAAAHwAAAA8AAAAOAAAAB gAAAAYAAAAGAAAABgAAAAAAAAAAAAAAAgAAAAIAAAAGAAAABgAAAAcAAAAHAAAADwAAAA4AA AAGAAAABAAAAAAAAAAAAAAAAAAAAAIDABwDH///j --------------3LcrNfzVPbj0AKjw762ZAjQj-- --------------bA67x3CXUNUlY0OCpvvNtIHm-- --------------MjgtzBbsooVNoqpmmagpPmGi-- --------------MqKAivcw1VYPAd1jMVu4bPtK Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEnjwyTmqn2oNX6C8qHZW8vIFppoIFAmPuCpIFAwAAAAAACgkQHZW8vIFppoIn kAf+KiZr+QSw/a/qAiyXfUPN1XEswIYWHyFxwh0GKbNirZ18j388d+WDmZIkTc+MsrPwChi7N3Nc j0JWPaCH8ZgByV7M+NMFaSHmphQ+I2poghq+jGk8yQJuGwokGn66BhS9As9Jktt+tS2mX6qxoNl6 6IrwFntLwz5KlYrrKjIdO1TnrQ7Jgirak3ZA74HUYraOGxDZtiXpplj9kBey0SZdehDEksZ6VoRp 7TTE6qDr1h40EzL5v8qOE/V6SGL9djAbe/oTtWAiVfMt/hb0nUvh9aR0NtsH/xo3qqjiUlgwixgC pAa+TJz6YONVNz3OsjNcy5nj7UMcRYKSE1uxyT7esw== =jb9L -----END PGP SIGNATURE----- --------------MqKAivcw1VYPAd1jMVu4bPtK--