<?xml version="1.0" encoding="UTF-8"?>
  <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
  <!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.17 (Ruby 2.6.10) -->


<!DOCTYPE rfc  [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">

]>


<rfc ipr="trust200902" docName="draft-pelov-bounded-agent-capabilities-00" category="info" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true">
  <front>
    <title abbrev="Bounded Capabilities PS">Bounded Capabilities for Agent Tool Interfaces: Problem Statement</title>

    <author initials="A." surname="Pelov" fullname="Alexander Pelov">
      <organization>IMT Atlantique</organization>
      <address>
        <email>alexander.pelov@imt-atlantique.fr</email>
      </address>
    </author>

    <date year="2026" month="July" day="03"/>

    <area>ART</area>
    
    <keyword>AI agents</keyword> <keyword>tool interfaces</keyword> <keyword>authorization</keyword> <keyword>capability contracts</keyword> <keyword>MCP</keyword>

    <abstract>


<?line 38?>

<t>Deployed agent tool-interface protocols carry JSON Schema type
declarations for tools, but a type declaration is not a contract:
nothing signals that a tool is fully schema-bounded, conformance to
declared schemas is self-certified by the declaring party,
declarations are not pinned between discovery time and invocation
time, and error channels are untyped by design.  As a consequence,
any decision made about a tool call — authorization, discovery,
audit, or composition — requires a language model to interpret what
the call means, even for the large class of tools that are not
intrinsically open-ended.  This document states that problem and poses
questions for the community.  It deliberately proposes no mechanism.</t>



    </abstract>



  </front>

  <middle>


<?line 52?>

<section anchor="introduction"><name>Introduction</name>

<t>Software agents driven by language models invoke external
capabilities — tools — through interface protocols such as the Model
Context Protocol <xref target="MCP"/>.  These protocols were designed for
model-mediated use: a model reads a tool's name, prose description,
and type declarations, decides whether and how to call it, and
interprets the result.  For that purpose they work well, and their
flexibility is a design goal, not a defect.</t>

<t>A different set of actors, however, must also make decisions about
tool calls: authorization policies, discovery and matching systems,
audit pipelines, and composition frameworks that connect one
capability's output to another's input.  For these actors the
question is not "what does this call probably mean?" but "is this
call permitted, well-formed, and consistent with what was reviewed?"
— a question that should have a decidable answer wherever the
underlying tool's interface boundary is complete.</t>

<t>Today it does not have one.  This document examines why
(<xref target="gap-analysis"/>), distinguishes two classes of capabilities with
fundamentally different properties (<xref target="taxonomy"/>), traces the
consequences (<xref target="consequences"/>), and poses open questions
(<xref target="questions"/>).  It makes no protocol proposal.  The author believes
that at this stage the question, not any particular design, is the
contribution.</t>

</section>
<section anchor="terminology"><name>Conventions and Terminology</name>

<t>This document is informational and makes no normative statements.
The key words "MUST" and "SHOULD" appear only inside direct
quotations from other documents.</t>

<dl newline="true">
  <dt>Capability:</dt>
  <dd>
    <t>A discrete operation an agent can invoke over a protocol: a tool,
function, or API endpoint, together with its interface description.</t>
  </dd>
  <dt>Declaration:</dt>
  <dd>
    <t>Machine-readable interface metadata published by the party offering
a capability (for example, a JSON Schema <xref target="I-D.bhutton-json-schema"/>
for the capability's input).</t>
  </dd>
  <dt>Contract:</dt>
  <dd>
    <t>A declaration plus commitments: a stable identity for the declared
interface, a defined conformance relationship between declaration
and observed behavior, and defined consequences when behavior
diverges.</t>
  </dd>
  <dt>Bounded capability:</dt>
  <dd>
    <t>A capability whose input, output, and error surfaces are fully
described by schemas under a contract, such that whether a given
invocation or result conforms is decidable without interpretation.
Boundedness is a property of the declared interface, not of the
external system: it does not imply that the operation or its side
effects are deterministic, only that the declared input, success
output, error outcomes, and relevant operational properties form a
complete, versioned boundary that can be checked at runtime.</t>
  </dd>
  <dt>Dynamic capability:</dt>
  <dd>
    <t>A capability whose interface is intentionally open-ended (for
example, natural-language input or output), such that interpreting
an invocation inherently requires a model or a human.</t>
  </dd>
  <dt>Drift:</dt>
  <dd>
    <t>Divergence between a capability's observed behavior and its
declared interface, or a change to the declaration itself after a
relying party has made decisions based on it.</t>
  </dd>
</dl>

</section>
<section anchor="gap-analysis"><name>What Deployed Protocols Declare Today</name>

<t>This section uses MCP <xref target="MCP"/> as the concrete example because it is
the most widely deployed agent tool-interface protocol at the time of
writing.  The observations are not criticisms of MCP relative to its
own goals; they identify what a relying party can and cannot conclude
from a conformant implementation.</t>

<section anchor="type-declarations-exist"><name>Type Declarations Exist</name>

<t>Every MCP tool carries a required <spanx style="verb">inputSchema</spanx> (a JSON Schema
object), and since the 2025-06-18 revision a tool may carry an
optional <spanx style="verb">outputSchema</spanx> describing structured results.  When an
output schema is present, the specification states that "Servers MUST
provide structured results that conform to this schema" and that
"Clients SHOULD validate structured results against this schema"
<xref target="MCP"/>.  The type-declaration slot therefore exists.  The gaps are
in everything a contract would add on top of a declaration.</t>

</section>
<section anchor="gap-1-boundedness-is-unsignaled"><name>Gap 1: Boundedness Is Unsignaled</name>

<t>A tool whose <spanx style="verb">inputSchema</spanx> is <spanx style="verb">{"type": "object"}</spanx> — a form the
specification explicitly sanctions — with no <spanx style="verb">outputSchema</spanx> and
prose-only semantics is fully conformant.  So is a tool with strict,
closed schemas on both sides.  Nothing in the protocol distinguishes
them: there is no way for a provider to declare, or a client to
require, that a capability is fully schema-bounded.  A client can
inspect what is present, but it cannot tell whether missing
information means "not applicable" or simply "unspecified".  A policy
engine inspecting a tool list must therefore assume the lax case for
every tool, which forces a model into the judgment loop even where
the underlying operation is predictable.</t>

</section>
<section anchor="gap-2-conformance-is-self-certified"><name>Gap 2: Conformance Is Self-Certified</name>

<t>The party that declares the schemas is the party whose behavior the
schemas describe.  Validation of results against the declared output
schema is an optional, client-side, runtime activity ("Clients
SHOULD validate").  No third party attests that a capability behaves
as declared, no evidence of conformance is accumulated or carried
anywhere, and a relying party has no basis for trusting a declaration
beyond trusting the declarer.</t>

</section>
<section anchor="gap-3-declarations-are-not-pinned"><name>Gap 3: Declarations Are Not Pinned</name>

<t>The tool list — schemas included — may change at any time during a
session; servers that declare the <spanx style="verb">listChanged</spanx> capability "SHOULD"
notify clients when it does <xref target="MCP"/>.  Declarations carry no version
identifier or digest.  There is consequently no artifact linking the
schema a client (or a human reviewer, or a policy engine) authorized
against at discovery time to the schema in force at call time.  This
is a time-of-check to time-of-use gap at the protocol level: an
authorization decision cannot be bound to the interface it was made
about.</t>

</section>
<section anchor="gap-4-errors-are-untyped-by-design"><name>Gap 4: Errors Are Untyped by Design</name>

<t>Tool execution errors are reported as a result flagged <spanx style="verb">isError:
true</spanx> whose content is text — in the specification's words,
"actionable feedback that language models can use to self-correct"
<xref target="MCP"/>.  There is no error schema field, and no place to declare
stable error codes, retryability, partial success, or side effects
already performed — the operational properties that failure-handling
policy actually needs.  The failure path — where authorization, retry
policy, and audit matter most — is thus exactly the path where
machine interpretation is mandatory for every tool, with no opt-out
even for capabilities whose failure modes are enumerable.</t>

</section>
</section>
<section anchor="taxonomy"><name>Two Classes of Capabilities</name>

<t>A large fraction of the tools agents call in practice are not
intrinsically open-ended: they accept structured input, perform a
predictable operation (an HTTP API call, a database query, a
computation), and return structured output.  Their descriptions are
translations of interfaces that were fully typed in their original
setting.  For these, the open-endedness of the agent tool interface
is an artifact of the transport, not a property of the capability:
the dynamism lives in the calling agent, not in the tool.</t>

<t>To be precise about the claim: calling such a capability <em>bounded</em>
does not mean the external system or its side effects become
deterministic.  It means the declared input, success output, error
outcomes, and relevant operational properties form a complete,
versioned boundary that can be checked at runtime (<xref target="terminology"/>).
The effort then splits naturally into design-time bindings (which
capability, under which contract revision, reviewed and authorized by
whom) and runtime bindings (whether this call and this result conform
to what was authorized) — a split for which current protocols provide
no vocabulary, since nothing carries a decision from the first phase
into the second.</t>

<t>Other capabilities are genuinely dynamic — search over unstructured
corpora, natural-language question answering, generation — and for
these, prose semantics and model interpretation are essential, not
incidental.</t>

<t>Current protocols conflate the two classes.  The cost of the
conflation is asymmetric: dynamic capabilities lose nothing, while capabilities
with completable boundaries lose the decidability they would
otherwise support.  Every relying party inherits the worst case.</t>

<t>The question this document poses is whether the classes should be
distinguishable: whether there is value in a declared <em>bounded</em>
capability class — capabilities that commit to complete,
machine-checkable contracts covering input, output, and error
surfaces — coexisting with the dynamic class rather than replacing
it.</t>

</section>
<section anchor="consequences"><name>Consequences of the Conflation</name>

<dl>
  <dt>Authorization:</dt>
  <dd>
    <t>A policy cannot be written over opaque strings.  Where the
interface carries no enforceable structure, an authorization
decision requires a model to interpret the call, making the
decision probabilistic and non-reproducible: two independent policy
enforcement points can legitimately reach different conclusions
about the same call.  This runs opposite to the direction of
authorization work elsewhere, such as Rich Authorization Requests
<xref target="RFC9396"/>, which moves authorization data toward typed,
structured objects precisely so that decisions are explicit and
reviewable.</t>
  </dd>
  <dt>Discovery:</dt>
  <dd>
    <t>Matching a need to a capability by prose description requires
semantic interpretation, with the associated failure modes
(including adversarial ones: a description is an untrusted input to
the model that reads it).  Typed contracts would allow a
compatibility relation between capabilities to be computed rather
than guessed.</t>
  </dd>
  <dt>Audit:</dt>
  <dd>
    <t>An audit trail of prose requests and prose results can only be
re-interpreted, not re-validated.  Schema-valid records with stable
contract identities can be checked mechanically, long after the
fact, against the contract that was in force.</t>
  </dd>
  <dt>Composition:</dt>
  <dd>
    <t>Connecting one capability's output to another's input is the basic
operation of multi-step agent workflows.  Without typed edges,
every handoff is mediated by a model; with them, a large subclass
of handoffs becomes a verifiable transformation.</t>
  </dd>
</dl>

</section>
<section anchor="questions"><name>Open Questions</name>

<t>This document poses the following questions without proposing answers.</t>

<t><list style="numbers" type="1">
  <t>Class declaration: Is there community interest in a declared
bounded-capability class — schemas for input, output, and errors,
with a defined conformance relationship — as an opt-in stratum
within existing agent tool-interface protocols?</t>
  <t>Contract identity: Should capability declarations carry stable
identities (for example, digests over a canonical form such as JCS
<xref target="RFC8785"/> applied to I-JSON <xref target="RFC7493"/> documents), so that a
decision made at discovery time can be bound to the declaration it
was made about and remain checkable at call time?</t>
  <t>Attestation: Who attests that a capability conforms to its
declared contract, on what evidence, and in what format?  Are
transparency mechanisms such as SCITT <xref target="RFC9943"/> an appropriate
carriage for such statements?</t>
  <t>Drift: How is post-deployment divergence between declared and
observed behavior detected, reported, and acted upon — and should
fail-closed handling be the default for capabilities that claimed
the bounded class?</t>
  <t>Composition boundary: What happens at the seam where bounded and
dynamic components compose?  Which guarantees survive the
crossing, and how is the crossing itself made visible to policy?</t>
  <t>Venue: Are these questions in scope for prospective agent-protocol
work in the IETF, for existing authorization and identity work
(OAuth, WIMSE), for a research group, or do they fall between
venues — which would itself be a finding worth establishing?</t>
</list></t>

</section>
<section anchor="relationship-to-existing-work"><name>Relationship to Existing Work</name>

<t>The Semantic Definition Format <xref target="RFC9880"/> addresses an adjacent
problem for the Internet of Things: giving Things typed, reusable
interaction descriptions.  It demonstrates that the IETF has found
typed capability description worth standardizing in a neighboring
domain, but it does not address the agent-specific gaps described in
<xref target="gap-analysis"/>: class signaling, attestation, pinning between
discovery and invocation, and typed error surfaces in a
model-mediated call path.</t>

<t>Rich Authorization Requests <xref target="RFC9396"/> and the SCITT architecture
<xref target="RFC9943"/> are cited above as evidence that structured authorization
data and supply-chain-style attestation, respectively, are live
directions in the IETF that a bounded-capability class could build
on.</t>

<t>The author has prototyped a governance layer along the lines sketched
by the questions above — digest-pinned capability contracts over
<xref target="RFC7493"/>/<xref target="RFC8785"/> canonical records, schema validation on both
sides of an invocation, a restricted deterministic transformation
language between capabilities, and fail-closed handling of contract
drift — and can report that the bounded class is implementable with
existing building blocks.  Details are available from the author; the
prototype is mentioned here only as an existence argument, not as a
proposal.</t>

</section>
<section anchor="security-considerations"><name>Security Considerations</name>

<t>This entire document describes a security problem, summarized here.</t>

<t>Authorization decisions that depend on model interpretation of
unstructured interface data are probabilistic and non-reproducible;
they cannot serve as the basis of an auditable policy regime.  The
absence of pinned declarations (<xref target="gap-analysis"/>, Gap 3) creates a
time-of-check to time-of-use exposure in every current deployment:
the interface a human or policy engine approved is not verifiably the
interface later invoked.  Untyped error channels (Gap 4) route the
highest-stakes control decisions — failure handling — through
mandatory interpretation of attacker-influenceable text.</t>

<t>A bounded-capability class would narrow, not eliminate, the attack
surface: it addresses interface-level decidability only.
Content-level attacks (for example, injection through data a
capability legitimately returns) and the behavior of the models
themselves are out of scope for the questions posed here.</t>

</section>
<section anchor="iana-considerations"><name>IANA Considerations</name>

<t>This document has no IANA actions.</t>

</section>


  </middle>

  <back>



    <references title='Informative References' anchor="sec-informative-references">



<reference anchor="RFC7493">
  <front>
    <title>The I-JSON Message Format</title>
    <author fullname="T. Bray" initials="T." role="editor" surname="Bray"/>
    <date month="March" year="2015"/>
    <abstract>
      <t>I-JSON (short for "Internet JSON") is a restricted profile of JSON designed to maximize interoperability and increase confidence that software can process it successfully with predictable results.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="7493"/>
  <seriesInfo name="DOI" value="10.17487/RFC7493"/>
</reference>
<reference anchor="RFC8785">
  <front>
    <title>JSON Canonicalization Scheme (JCS)</title>
    <author fullname="A. Rundgren" initials="A." surname="Rundgren"/>
    <author fullname="B. Jordan" initials="B." surname="Jordan"/>
    <author fullname="S. Erdtman" initials="S." surname="Erdtman"/>
    <date month="June" year="2020"/>
    <abstract>
      <t>Cryptographic operations like hashing and signing need the data to be expressed in an invariant format so that the operations are reliably repeatable. One way to address this is to create a canonical representation of the data. Canonicalization also permits data to be exchanged in its original form on the "wire" while cryptographic operations performed on the canonicalized counterpart of the data in the producer and consumer endpoints generate consistent results.</t>
      <t>This document describes the JSON Canonicalization Scheme (JCS). This specification defines how to create a canonical representation of JSON data by building on the strict serialization methods for JSON primitives defined by ECMAScript, constraining JSON data to the Internet JSON (I-JSON) subset, and by using deterministic property sorting.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="8785"/>
  <seriesInfo name="DOI" value="10.17487/RFC8785"/>
</reference>
<reference anchor="RFC9396">
  <front>
    <title>OAuth 2.0 Rich Authorization Requests</title>
    <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
    <author fullname="J. Richer" initials="J." surname="Richer"/>
    <author fullname="B. Campbell" initials="B." surname="Campbell"/>
    <date month="May" year="2023"/>
    <abstract>
      <t>This document specifies a new parameter authorization_details that is used to carry fine-grained authorization data in OAuth messages.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9396"/>
  <seriesInfo name="DOI" value="10.17487/RFC9396"/>
</reference>
<reference anchor="RFC9880">
  <front>
    <title>Semantic Definition Format (SDF) for Data and Interactions of Things</title>
    <author fullname="M. Koster" initials="M." role="editor" surname="Koster"/>
    <author fullname="C. Bormann" initials="C." role="editor" surname="Bormann"/>
    <author fullname="A. Keränen" initials="A." surname="Keränen"/>
    <date month="January" year="2026"/>
    <abstract>
      <t>The Semantic Definition Format (SDF) is a format for domain experts to use in the creation and maintenance of data and interaction models that describe Things, i.e., physical objects that are available for interaction over a network. An SDF specification describes definitions of SDF Objects/SDF Things and their associated interactions (Events, Actions, and Properties), as well as the Data types for the information exchanged in those interactions. Tools convert this format to database formats and other serializations as needed.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9880"/>
  <seriesInfo name="DOI" value="10.17487/RFC9880"/>
</reference>
<reference anchor="RFC9943">
  <front>
    <title>An Architecture for Trustworthy and Transparent Digital Supply Chains</title>
    <author fullname="H. Birkholz" initials="H." surname="Birkholz"/>
    <author fullname="A. Delignat-Lavaud" initials="A." surname="Delignat-Lavaud"/>
    <author fullname="C. Fournet" initials="C." surname="Fournet"/>
    <author fullname="Y. Deshpande" initials="Y." surname="Deshpande"/>
    <author fullname="S. Lasker" initials="S." surname="Lasker"/>
    <date month="June" year="2026"/>
    <abstract>
      <t>Traceability in supply chains is a growing security concern. While Verifiable Data Structures (VDSs) have addressed specific issues, such as equivocation over digital certificates, they lack a universal architecture for all supply chains. This document defines such an architecture for single-issuer signed statement transparency. It ensures extensibility and interoperability between different transparency services as well as compliance with various auditing procedures and regulatory requirements.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9943"/>
  <seriesInfo name="DOI" value="10.17487/RFC9943"/>
</reference>

<reference anchor="I-D.bhutton-json-schema">
   <front>
      <title>JSON Schema: A Media Type for Describing JSON Documents</title>
      <author fullname="Austin Wright" initials="A." surname="Wright">
         </author>
      <author fullname="Henry Andrews" initials="H." surname="Andrews">
         </author>
      <author fullname="Ben Hutton" initials="B." surname="Hutton">
         <organization>Postman</organization>
      </author>
      <author fullname="Greg Dennis" initials="G." surname="Dennis">
         </author>
      <date day="10" month="June" year="2022"/>
      <abstract>
	 <t>   JSON Schema defines the media type &quot;application/schema+json&quot;, a JSON-
   based format for describing the structure of JSON data.  JSON Schema
   asserts what a JSON document must look like, ways to extract
   information from it, and how to interact with it.  The &quot;application/
   schema-instance+json&quot; media type provides additional feature-rich
   integration with &quot;application/schema+json&quot; beyond what can be offered
   for &quot;application/json&quot; documents.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-bhutton-json-schema-01"/>
   
</reference>

<reference anchor="MCP" target="https://modelcontextprotocol.io/specification/2025-11-25">
  <front>
    <title>Model Context Protocol Specification, revision 2025-11-25</title>
    <author >
      <organization>Model Context Protocol contributors</organization>
    </author>
    <date year="2025" month="November"/>
  </front>
</reference>


    </references>


<?line 350?>

<section numbered="false" anchor="acknowledgments"><name>Acknowledgments</name>

<t>Thanks to the participants of the agent2agent mailing list discussions
that prompted this write-up.</t>

</section>


  </back>

<!-- ##markdown-source:
H4sIAOeYR2oAA51b25LbRpJ9x1dUUA8jTZBtWb6MTMeEt7cljzWxtrXu9vhh
Y2NVBIpkWSDAQQHd4nQoYj9iv3C/ZM/JrCoAVMvrXT841CRQl6zMkydPFler
VdH7vnZrs/jndmgqV5kre7QbX/veu2C2bWcud67pzU3b1uZV07tua0sX1uZ1
125qdzDXve3dAY8sCrvZdO72Y2O9vl4UVVs29oDpqs5u+9XR1e3taqNPrywn
WpWTd1ZPnxYlht+13WltfLNtizBsDj4E3zb96YiBXr28+bbwx25t+m4I/bOn
T796+qywnbNrc/nTTfHWne7arloXxqzM5SsjkwT5q+eWfN6SfGaHft92/h+2
xwzySV7PyZSYtLNlfP37q9dF6G1T/Yet2wZLOWGMo1+bf+vbcmlC2/Wd2wb8
63TgP/69KHR0XYtvYMTLC/OaNsAnxqhlLmv3DoO6bvJN2+2w0+9vzGVf26b3
fx+cfO4O1tdrY9MrF2LQf/KHfmXzkxfbrihou+6AXd06Tv/Tt1d/+vyrz+I/
n//p+Rfxn1999tWX6Z/Pnz9N//zqc3n21erFxWY/9H3brH4N+F8o91gDv4I1
1rKm5E/ft5WrzRVM5t719BZYBfa+PrrSb30pBl4a+IvnYZpnT599sfr009Wz
LxY6jO12rl+bfd8fw/qTTw4crtTRjnGwC99+EqbjfTKOIoNU8J11Glo+GU+A
/63Ush9Zqhy33wx924WiWK3gHZsgDlAUL9yxbk9wcfEncaVVdiWTFhjgPV13
Mn+9/vEHcy22MnTbonJlbTtZswYZB4CrYDKjj5jJI8YH07T8JnngusDfe9/s
TPC7xmKifm/lVfFpjDnU9cno8aQAW/J1cYMGa+zbuApsQp8LfDG4ersqXdfD
qPhmc8LIaTGc72i7/rScbwBjyPqOvmn4juvvnGtM5UPZ3jrsv/cHZ+ChcPrb
Vo+q4GdL+dB1HSxQ7i3ernW0QaJbpq8ct3hhzGVQAwQHp8YOloVt+HWpDnSw
FebAVrMZSlvX5r//87/mQb0c14URhsr3S8Pp28OxDV7MzXc6zOI7xzkRSLsB
52zEBzG2gsaxc725g9kLWkgmOzjb4BTdLXYvp4ovajqygbVCMO1WDzqelpoN
sQk3a4LnECfTHl2zcjwv7PlmjyMBaA4EWBMItfHlY4RfGhALB/TAKmHiUFxT
ezgMDZALI73qYarabxwOzWEavC+vYQVYNo3vw+FC3fzgq6p2RfGIgN+11VDK
iRXX7ba/46oVRAHinjvFIc1NFOSc3zqDcHId3LOYgrqYV80g/9p37bDbm4ei
Jwzl3tggm5EgLT4I0vt7IM/792IrF6Yv37nORe+BJ8EmhSxudXCVhw0qMwSA
g42nioRRheg5fwiCxUsOFmSMsvNHcZ6C9j6PTxw53RDPwR8cFtvJsezbOzqL
eAa9DJ8V2XN0U3Cwoe6x+G/lyHiuQ8dz4bcng8z1Fvuoaw0UfOa7Ygu09zEj
eS5Z92h2rcVzihOV27qyx3Fewtu3W1iC7gN/hQcCPgBoSy4PjtotzQF5Ezkk
wBHsW5cjKmg0FTmWkK9mkQS/q32JE52ElKwTeaZUcDoFcIMQ4wz4gPzkG77A
x6Yht+1gcG43ujfivMEODBLr6DwnHAxWdBwIuBiipan/QG/DR9mI9ALdI//I
YZFAdMGQRUxJIPmgx8NoshuEBSP4m4Xg8MLrE4U+4bqD73uiKA9kRRzlH7oR
RC92Chvf+X4voGDu4LfMbu7OVd8sCsEhkxcjmwz7dqjhJ/bWyZnBhbAIImWA
89KXOp6QbIMI3tUnWjW66Bgwgu+2E3egUWvXO5z9TVtZfBY3y73LTDDpB8gC
/nDgwWDOU/H4/n5njyuLwD1hX+/fP5ED7jH34MOehrtrFdGcYNosummBYssF
cWSBtNEFiTrMLXgOs/T2Xdu0h5PMwLzm9MgmIC/PTf+WZzPoCVpmqwYuPf+B
JxX36NWCcwkbIvjZWlEjejXyVu1h71AoOvfqHwDdnYRjniYGGZIPk6EvB+BA
DMKl8XkLyh3w/AWRFMAFrIz5Esu/oT81bd3uTub+UT/+9R4HNzsbH0xmby3O
JIZY3FOTaJ1mB74RLgru6q0CCFBt8f3P1zcLeW9x/d2PP//LC/xxPDosu21w
Pkw+SJ4V8h24zd+Htk/MpGsPRqIsLweDF/drcxuOOK4/L54u3heZ5Z/WBfir
gAEQzvFwIoGxTSRKJf4VkwPxAm6fDmUdwXcJbgb3KdXSrD9evzLIh8cWDg83
aXeKsBJpvp/GwQSoL0jRMkBzXd9bYpJbEeglysb3Dq7HZz3WMmxqenjmPcJ2
4OJwX3g/Vman9cBjJlqGDiIOTjmjeff3HyHL799zgylDT6FNYOwJVn6VWZ6Y
c0IEj/UgIQ4oksOg0XDusp2K7oVVpbETu8N0eatLzQ2eGXFKBjtX65Hv/XHk
b+PE3Dm8p90E190KxQOU+LbTUJyMOMYt0KvJz+H9Cj4KJkT/SeVheeY4E9Pe
7ZkExSLLiPlTshgGrdmEQwnX5Qxy/Bs9vURpBTcnzHmppEJCPCdrsyOREUMl
fkrP0+ycDCX0eARp+h/JZs7oVv3OmLg9wGnQBB1R7yT8b3Iy03MhpOjXGCHx
pphA1zMQ93C3k26Ag41BhhUzHhjLHGNLCqAWqpwCDEEcpakEfR5gshqxMuwD
y7LGTXZXm+MveF5K3vAYd4sKc5zf1lN4p8WMxSApIS0Nzp+8gueTEpbmektH
QQHgyresqHrTgf+jPGAQn8DEfPl7XCVFs1dIaHRNM0YtESv2jTHb2H7obL3K
/FVsYHS3jMapu+STjlDQTN3FN3tJcZhvUjoot2zpYvsBocYddX4rkf1CA4Lh
lyLOzgHhg3DTGkr0h4d8SOYhlWfCaieHG5fYs7gzdtvT5zEGzvCUazqQg6BF
1EgANzZgBnlVktgvNEMufV9nqq1Q64wyjvtHM/oQ81lwAulk3YFqQWLuid8j
yjRrxMPBpks78GSZAqXGOrSBDKti/VL9rgLcRB+XArTdFned5+nFvK/2PSti
Sz4CAxyE2nChCo63YlMav71Tsh2+VpauyLs9Ke+zZ2aldwtJRHnbCpiU9YAI
ldxqRxTWwJYEbhNreGRuWGq8mBbbL98hiovipbBtLi/y867z4nLR+yrzRnxZ
09Eb83iWnop28yvOI1Kp4EUQgEVEKnn65erT56MyE6vpgz1FNcM2RXuMEf9G
4yTNEiFYuH/foW4cuBLF0QCr/8KkwPeVxStIM2IRVsFJfscqZprOrOpdXDMg
wOzJaAqc8i2Jy4dT5SJCYEhigS4o0y1iLYXCfXEFxsdKVlmRubW1p2b00Ih2
Z8GT+tlIxaz6lLpwNY24ULfif53DOujZOLoQH0aMiNOhJKRg0J1UzxkzFcgb
qwNbSQT27VGKt2lEq4v8xR7Np+tZ1nkVzM+NKkPI/ygC5QQVKOdugb28uV9w
4Yu1WahXLN6/UdlEQZwpaX4i7t2RhR+xLlhlalrLCycDKT3zCha+UkqvJPME
R3f3ZRiFqjEKYJ3rVtOmLppD4jg8UndR1m2YyFVYyqbl1yy98eIPURPzjZK3
BAKz4oVIgowqp6I1IUo1ZU2SqelR1OMSwiZYFU+hahYDbJkkt0kq+ojwRvEq
DQAYwInTnioezZyfZafvE1T0qDMzRxHRG3lnUgqo3GQWUo0ceSQkJguuNyhJ
WAxNPDlXLWQVUrKfCtfswNhMXIj6nZgb9LdXQWB0W9R5oP5RzHqH1cGLmEed
anvk7FimR5rEp+Uk7wGPNQv9OlQ7qWXqFm4s8pgUt4Lqk8p25DJqlQqnzj2N
jv5szUoq81Y4+jUFy6skWBZS+ijyyvnEU9QcM9E5R3avYZFTrLh7fC4xSpju
bwoNwrO2D4DChEep8xcjuCEDJMBcRj9Y0WeXiehQr/C3UlIkSCrOIGnxRByc
8NNVceW2BzD24QFHlN3A12UPuixSTJieyap0UrVP7MhFlijwUMpSGaMeKgml
osYqR6WZ4jy5kTNgWPAEH2VHNmHUn6blw8adWoJu+nZir2483M/W81R3CedD
TJvXoivr0Y5eSsDJB6pJtZIPJVMpC7Jap4uNq0EEbFuAgDCxfW1CTCZTR5Gl
veEEVzJE9WZq11Q+U35nxi9j/pBiJ5H0MSnMdqPJE9aKPLiIvMEjumG5yqM4
6jU5KDLlcopAi/coNmyZGGrfvI1WTF6WAerxSDaT/NRFCNPYNxr7T7KWx0OO
bkwzzEX7GMDJlxsNcSOsHegkLF3FpEIxGx+s2u1KyLy8HT8gk0PKS4QsYzOq
CMfavynm2mLW9SMYbqLMlVY04fuqtZG6FqJYjg71+dq8ZO2irvTz2FR4IWoN
JTIswb1z5aCJTR+mG3Tu2HaMBaukSirBbW13O6FWQcZdF/Bo9yZCiHSnVLAR
jZq+GFPRLH+C2YsusywWVpKn1JNb56qNpdHojeeCOlkkTYjda4em7SjWnDGQ
nNFilaynBg+ro1JJEay20v1JDl9E/SB2YTBdYFuu707R6Zcqc7Ea1cpwqRkG
xCvWmIWtqaqcKJKqLhqVffex6lD2uLW+BsVaIc6qmrktOiiMMkjh1sAkiS7F
h7EWJHzhGrLds9aOrDuOExFLlOcDobLTAkKOhUsYAmuNsq+T1iPSLdPSQbWi
s9qebyGsgMZtp4RhlgEj9wHSryib5ybQXB0VT0mb4eGqu7kGKbZLuc7c3LXm
ahRYZ330+0dZNyW10/7StlNXShKD9ldin0Y7EA0OgA8xfP+XztNaCxukBHfs
p2Q4SgTxnIGlkyQ9yd6P4a3f3dy8Fu2Og4vuZPEYuQMgrePpFJQGBrXtk6Qq
YJ5mOqMmU3UC300lPmXPoMpNiOIVNz/286PG45JCZDT6NSI9MdcDCG2NfNDH
ojA3EJbJeaNBhFVH044F5zhZoVk+I3Q6BS6OOJL6MudK0FTWkJwockc4AOKR
vhN60IKSunbCEkUEavIxi9JPfMRZADNTE1RerK0H103vazttms/+GBnqH4ss
L5FUystnItRUXsriEmr09sB29kRfiqK7cNPf0Jfm6lLx/1GXRm2p+D9rS9J/
mKju75+oao6d4by4cLghOHUfkkgkQrngJnPHSgZBpVvBssE8FgI8aVUto/Ko
xDjXdKmqXubeUESplIuRnQqAxOGJ2iEudjqP1gNj70qrWR/O5MoCS82NqHH8
J7G0k70JPsUVDl3q0ERRJ9ZCBRlLi9KCbQ5sS8WCdP1g1B1ywhZhgwe/9R3g
9giOyCI3MQl4TFPBZ3+UbczAkbAEFx8AvVR4ovQnPM/ZDouUlgFqmgwPgJAO
8WUfUPJyq027aVjskoMniBIrNNoXjiGv3d6xOpU+SypkpnlAADuwZPOx5Yr9
lULnLMPx6gNb8kxIrTVox+5ZTG4l81JUf+OjMd/YcDocHMvfdTbIzGasiNNp
SBlWu9kDheSlGCgC0zFA8ssxRilrKyjE1vNQV4X0fu4IKmE4EsiwYFWe5nWA
qJ8+NrVBbkIvZeKFcvZJ13Pa2NIOnh+b5hGyJOvF3ugG4DJW71z/evq4Eh7U
SAOTdS46EEYjsk0vcMktDB79zIZRLGJXRRr2GVUiD1A2K8bLV8CMsGRVGx5u
UhS5SSETtqL+8AU5kRHty7gsOKbuSpg7aZrU+31qH46tlZg8rkZPuX8065GC
F0x5kUrmkV2NfJpiKAirRlV7tHhblBbgjEp1Wg1N+0c53skxG6kFxCw5IpeS
Bs8u0WVo+EAZn92lSaluye5mqm8mb2uT3teSZSKdbVYwlVxR8eIbjC1gpTsy
bYuPid5h0mqj43mlRQ3Kjx184KB3YkBiATJjt1q1WpHCqffntBrsQVea+uiA
abai5TbDKL1LO1U5WWHOrk7IzQ4QexeL63TT5Sdi8ezwzE9O4odLuL+PV/Te
v0+Sy6ElUTirndjL7Ns72+ldlYo91SmnEpkvJMJAvarNRXC6+yF6pep8IuCZ
mLEiR32R6kTtrcYLH1Y4u9zOmMkRpw+v0mRn4Noi5p4B7XIMFQRIW+q1nRl5
xsuPtfiX6SvyAGAb2ALIgLRHp1MqS0NOpQ6RGAk1PWO0vyA+SUPodSDfU3W5
Ed44Rn7UZeu6vcsdLqw37jW1UnNTZw41wtSU+FJclpiX6bGw3cCswuR4yapF
wraJFQzm9jUjXw3ZRafQqxDxI9Wk6Nais26cHNoqG1VFIG5ulWQlapMq0+pH
+K6UOwNRd+VpyxYjf4ldZm7ljFrFS2RSSiyRWXgc0mnSKN5K73Wql+Ux+8RS
krwgLfB8N4hmuNLrQKIRNmdt84/eCEoyH9Wpku3MsVO6NQfYyq/gBcdI6BmR
WxypYF/s7WrF4KodeCkxRDIfy9V2u5VqMF0lg4NHSPs6++xhKXcHWZ2FYSMY
z0Vs0wCJPRMNmUq2XqBUaoas8Qr4/8hLLv+ar/fdPxrvuJxfFtGcKuyrpYPS
YuPFwNSz1vsvEjFCjtiU//RCK86pbremwKppNt8l1BjFiPOEyxu16SL3gxk3
SXWknB9LmWJlNeDvuKcgFC6pq/ByQhxY4CGNwcZKyrm/fU33m6J4dmGuzpz8
tDbXykImG6o+lPRylEyjY343RMW9kO68IHRaCRUtZBL4//XqmqMIyvNONpuj
1PUVUV+tpIEn3/LyNr7Nl3LYp44QTkQ6vxX7gawXY3emqM1bxWLE1BGO12ql
MDsggs1IiKZKIMz42YW5FFU6+s8v+/Y3ZOp8syJ2Vs2krz1e2GC65KtJvF7G
q8T6qYbKN4YSHwfQmhtDNOVpvNk63iW9vnp1cxMz6Vef04pkLEeGRMdg5hjC
clhEbOWuSbmfXK7CJj+/MNrFN98hBbBVAf6+0o60RGH1YWs/70tz6QO9fRbR
pWB00h6jglXKZdXjpGhRcsxhmAxXsS2WdDSerB7o1opqeS5CKd+lNqBxKyCZ
7uQwYLHHLxgP4/3MVFWv9Q7AntfHyBIiIXL2EAW5NE7cZqa4HKtRNUqGdd+Q
YpLBoFzDkfWOpH/obqXRvtdjQF4LUtek67QR0dMX6UqDOCkLawHQNrI+7OLL
C/M3FJT8WYWS2eAmcEjIKJEVxEJMotIMu40SzyrBg4QC+VoUXfiTk6Xqfxle
ZvxL3DNdx+KbHOHxj6R1S/PLq++vXz5ZxoYjO39S2u66djiKslq1WoFtGVbR
fTjALTcS+6xiOOUh0QQbXiHdqkzAOQGhToAJZRM++oZ55KcpesJML9Pyf+Ea
pVS7TkzsBdFXz/5bibAYMs+fP2XIVFXnpE5j8FS/Ak2bvkh30tMNNPm5UKO3
jm+4ChCynb/ljPpnZKewwhAEQwWbo5I5lfrSBfZD2wjIJydOxyGNqC1dr9Cc
PUPskQCqYeRXOyDH/h+xW0za6nf7TSu3/KqWGJe7sVkZi5seRcBVkvW1mT/e
P/NNcX6Hdh1ToXbl1alHoFzKbyc0dvXA5zeqx4tG8Sa4EpP5XThu5PyOu95d
BstEhv+N2mJaWaSr5hEp6Z2eyATOXcxgk6zAS4tk0zJowthe1OvNY8Uxrwil
PhEcG5DeTiivYW9wsZPkk4lRYO4YkuSUnJC6aJErqzANyZRfPspCSlUUBk9h
o4naRLz7S/+ReFfLWrOj8RshHbU9MWsLpZUmuNyUDm8dih4AaLwqOsKKmoNx
qml/FX8X89AvyYQRFJOc/sk0+488IdLyZerp3E7a0XoLopBbEHJHpJn7C80o
FyhcNb8JeMY1i6ydPVS6qOM9mG+0may/jKqYGHOiKlXLUEU1xuss08htvXzv
Kd2rLDKwymnJP+q2fBukp9pjDVqg2lv8U7tnSXTU85SbWUU+UOXqciOQ62ae
kgpJ2aNMJm4Lsi58Ksr1QRoc8ao4AfTalUPH86Mcw3siCqeRhHMCXrZMXDzh
AQl+SG9GjGTFfzhYlXy5oIszzWZSisfKnJIGD/tBSbLdFlNddHopWoKtc79D
Pvm6kMQTFSLhJ+l2nnb41bmkIBWrR0mpc7vUB2YLNqQbBtHvZ5T5gx8XLLX1
/wRJ3Qmw2+I3m8juHc6D9X+6N5Wl65GAaTNltEFqiDPNT5vgyvvIwuKPQ3Id
JjFdjCNQvO3izXXWzKmXfPbbtcfSdX5ikMxV7C32yCvEAGAab+xLnPBKUj5d
hkqSNHJETX4YVYwtxw/OnGhpUX13KGq2tYh/WkO6d/rjn49ioXKHBjy3vVNv
d7UHLtg+9r505KRhyg3kMelnu6ykfT+XjxlZF/pDLaRIfUBHO6+KfPNrVMjS
j8DUWaeS7ZlAx/ZgeJJTVCbPURLVbrlc8QIruo09BRYveGDkenO8PiqaaRA+
Mq8uf7h8OMBzZMdrL/KkspUQfzrHDj4HuSzfNu1d7fTeUyju181w2GCK6s8L
ELvgFlK62+ZtSPWX/pjEHy1J8rTX+EyLV/7Wl74hl19ID4ag0mT6PeDhSIQX
jZ3SrlsNx4vifwCbQbr04z0AAA==

-->

</rfc>

