<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.4.9) -->
<?rfc tocindent="yes"?>
<?rfc strict="yes"?>
<?rfc compact="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc docmapping="yes"?>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-richer-oauth-httpsig-01" category="std" consensus="true" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title>OAuth Proof of Possession Tokens with HTTP Message Signatures</title>
    <seriesInfo name="Internet-Draft" value="draft-richer-oauth-httpsig-01"/>
    <author initials="J." surname="Richer" fullname="Justin Richer" role="editor">
      <organization>MongoDB</organization>
      <address>
        <email>ietf@justin.richer.org</email>
      </address>
    </author>
    <date year="2026" month="July" day="01"/>
    <area>Security</area>
    <workgroup>OAUTH</workgroup>
    <keyword>Internet-Draft</keyword>
    <abstract>
      <?line 42?>

<t>This extension to the OAuth 2.0 authorization framework defines a method for using
HTTP Message Signatures to bind access tokens to keys held by OAuth 2.0 clients.</t>
    </abstract>
    <note removeInRFC="true">
      <name>Discussion Venues</name>
      <t>Discussion of this document takes place on the
    Web Authorization Protocol Working Group mailing list (oauth@ietf.org),
    which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/oauth/"/>.</t>
      <t>Source for this draft and an issue tracker can be found at
    <eref target="https://github.com/jricher/draft-richer-oauth-httpsig"/>.</t>
    </note>
  </front>
  <middle>
    <?line 47?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>The OAuth 2.0 framework provides methods for clients to get delegated access tokens from an
authorization server for accessing protected resources. The access tokens at the center
of OAuth 2.0 can be bound to a variety of different mechanisms, including bearer tokens,
mutual TLS, or other presentation mechanisms.</t>
      <t>Bearer tokens are simple to implement but also have the significant security downside of
allowing anyone who sees the access token to use that token. <xref target="HTTPSIG"/> defines a generic
mechanism that is used to sign HTTP requests and responses.</t>
      <t>This specification defines means to bind access tokens to a key held by the client, a token type
value and token response for indicating that a token is meant to be used with <xref target="HTTPSIG"/>
presentation, and a method for presenting bound access tokens in HTTP requests using
<xref target="HTTPSIG"/>.</t>
      <t>This work complements and builds on experience with <xref target="DPOP"/> and <xref target="MTLS"/>, as well as
implementations of <xref target="I-D.ietf-oauth-signed-http-request"/>, a spiritual predecessor to this
specification and other forms of OAuth proof-of-possession work.</t>
      <t>[[ Editor's note: we want to give developers clear guidance on when to use HTTPSig vs. DPoP vs. mTLS vs. Bearer vs. whatever else ]]</t>
      <section anchor="terminology">
        <name>Terminology</name>
        <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.
<?line -6?>
        </t>
        <t>This document contains non-normative examples of partial and complete HTTP messages, JSON structures, URLs, query components, keys, and other elements. Some examples use a single trailing backslash '' to indicate line wrapping for long values, as per <xref target="RFC8792"/>. The <tt>\</tt> character and leading spaces on wrapped lines are not part of the value.</t>
      </section>
    </section>
    <section anchor="binding">
      <name>Requesting an HTTP Message Signature Bound Access Token</name>
      <t>To bind an access token to a key, the AS needs to know which key to bind to which token. This specification defines two common methods depending on the needs of the client:</t>
      <ul spacing="normal">
        <li>
          <t>A static method that depends on key material available as part of the client registration</t>
        </li>
        <li>
          <t>A runtime method that allows a client to introduce key material during the token request phase of <xref target="OAUTH"/></t>
        </li>
      </ul>
      <t>As part of its registration, a client MUST indicate which method it will use.</t>
      <t>[[ Editor's note: do we want to add a client metadata parameter to signal this, as well as an AS/RS metadata parmaeter to signal support for each type? ]]</t>
      <t>[[ Editor's note: Are there any other patterns of key introduction we should cover? I put PAR in the appendix as a note. ]]</t>
      <section anchor="preregister">
        <name>Pre-Registration of Keys</name>
        <t>A client pre-registering its keys for <xref target="HTTPSIG"/> binding MUST include the key in its registered <tt>jwks</tt> value or make it available from its <tt>jwks_uri</tt> endpoint. The JWK MUST have a <tt>kid</tt> field and MUST indicate a signing algorithm in its <tt>alg</tt> field. The key ID for the public used for HTTP Message Signature bound access tokens MUST be identified using the <tt>httpsig_bound_access_token_kid</tt> field in the client's metadata.</t>
        <t>[[ Editor's note: do we want to have a client field for the signing alg or just leave that to the key all the time? I prefer to keep it in the key. ]]</t>
        <t>A pre-registered key MAY be a shared secret (such as for use in an HMAC signature), but public key cryptography is RECOMMENDED.</t>
        <t>Note that pre-registration can occur statically or dynamically (such as by using <xref target="DYNREG"/>), as long as the key is associated with the client's <tt>client_id</tt> before the token request is made.</t>
      </section>
      <section anchor="runtime">
        <name>Token Request Key Introduction</name>
        <t>Instead of pre-registering a key, a client can introduce its key during the token request in the same fashion as <xref target="DPOP"/>.</t>
        <t>The client MUST present its public key in the Signature-Key header field. The field is an HTTP Structured Field consisting of a Binary value containing the bytes of the <xref target="JSON"/> serialized <xref target="JWK"/> form of the key material.</t>
        <t>The JWK MUST have a <tt>kid</tt> field. The key MUST be a public key (and neither a private key nor a shared secret key). The JWK MUST have an <tt>alg</tt> value that indicates a signature algorithm.</t>
        <t>For example, the following JWK public key:</t>
        <sourcecode type="json"><![CDATA[
{
    "kty": "OKP",
    "use": "sig",
    "crv": "Ed25519",
    "kid": "j-0Ny45NWmqGq6GQ",
    "x": "iuemcj_GhRHmY_yCsMlDNp3BQgPZDdG00VRsg_BgU3s",
    "alg": "EdDSA"
}
]]></sourcecode>
        <t>Can be encoded to the following Signature-Key field value (this example uses a compact JSON serialization that removes whitespace):</t>
        <artwork><![CDATA[
NOTE: '\' line wrapping per RFC 8792

Signature-Key: :eyJrdHkiOiJPS1AiLCJ1c2UiOiJzaWciLCJjcnYiOiJFZDI1NTE5I\
  iwia2lkIjoiai0wTnk0NU5XbXFHcTZHNFV4TGpHak51bG9rdHVndE9XNGpmR0NDZ2Vm\
  USIsIngiOiJpdWVtY2pfR2hSSG1ZX3lDc01sRE5wM0JRZ1BaRGRHMDBWUnNnX0JnVTN\
  zIiwiYWxnIjoiRWREU0EifQ==:
]]></artwork>
        <t>[[ Editor's note: this is a really awkward way to encode a JWK. We could try to break apart the JSON but there's not a 1:1 map to HTTP Structured Fields we can rely on. We could just put the minified JSON into a string but the double quotes would need to be escaped. This is the least bad version I could come up with right now. ]]</t>
      </section>
      <section anchor="request">
        <name>Token Request</name>
        <t>The presence of an HTTP Message Signature with the tag "httpsig-oauth-token-request" indicates that the client is requesting a bound token. The client MUST include a message signature of the indicated key.</t>
        <t>Additionally, the client MUST calculate and include the digest of the request body and include it as the Content-Digest header defined in <xref target="DIGEST"/>.</t>
        <t>For example, a form-encoded request body consisting of:</t>
        <artwork><![CDATA[
NOTE: '\' line wrapping per RFC 8792

grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA\
&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
]]></artwork>
        <t>Would create the following Content-Digest header:</t>
        <artwork><![CDATA[
Content-Digest: sha-256=:4fEzRVTGqfZg7lqf/d3oxXu837pvb3L0GN24+F1VkZk=:
]]></artwork>
        <t>A client using this method MUST sign the token endpoint request using <xref target="HTTPSIG"/> with the appropriate key. The covered components MUST include:</t>
        <ul spacing="normal">
          <li>
            <t><tt>@method</tt> the HTTP method of the request</t>
          </li>
          <li>
            <t><tt>@target-uri</tt> the full request URI of the request (note that this includes the scheme, authority, path, and query)</t>
          </li>
          <li>
            <t><tt>content-digest</tt> the digest of the request body</t>
          </li>
        </ul>
        <t>If a signature key is presented at runtime as described in <xref target="runtime"/>, the covered components MUST include:</t>
        <ul spacing="normal">
          <li>
            <t><tt>signature-key</tt> the encoded public key used to sign this request</t>
          </li>
        </ul>
        <t>The covered components MUST include the client's authentication, if available. If using HTTP Basic, this means including the <tt>authorization</tt> field.</t>
        <t>The signature MUST include the following parameters:</t>
        <ul spacing="normal">
          <li>
            <t><tt>created</tt> a timestamp for signature creation; this MUST be within a small number of seconds of issuance (e.g. 30 seconds to account for clock skew)</t>
          </li>
          <li>
            <t><tt>nonce</tt> a random unique value that the AS can use to prevent signature replay within the small validity time window</t>
          </li>
          <li>
            <t><tt>tag</tt> a string indicating that this is being used for requesting a bound token, MUST be the value "httpsig-oauth-token-request"</t>
          </li>
          <li>
            <t><tt>keyid</tt> the <tt>kid</tt> value for the key to be used for binding the token; if client uses pre-registered keys as in <xref target="preregister"/>, the value MUST match the <tt>httpsig_bound_access_token_kid</tt> value; if the key is presented at runtime as in <xref target="runtime"/>, the value MUST match the <tt>kid</tt> of the JWK in the Signature-Key field</t>
          </li>
        </ul>
        <t>The signature algorithm MUST be derived from the indicated key. The <tt>alg</tt> signature parameter MUST NOT be used.</t>
        <t>An example request to the token endpoint (using a runtime-provided key here) can look like the following:</t>
        <sourcecode type="http-message"><![CDATA[
POST /token HTTP/1.1
Host: server.example.com
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded
Signature-Key: :eyJrdHkiOiJPS1AiLCJ1c2UiOiJzaWciLCJjcnYiOiJFZDI1NTE5I\
  iwia2lkIjoiai0wTnk0NU5XbXFHcTZHNFV4TGpHak51bG9rdHVndE9XNGpmR0NDZ2Vm\
  USIsIngiOiJpdWVtY2pfR2hSSG1ZX3lDc01sRE5wM0JRZ1BaRGRHMDBWUnNnX0JnVTN\
  zIiwiYWxnIjoiRWREU0EifQ==:
Content-Digest: sha-256=:4fEzRVTGqfZg7lqf/d3oxXu837pvb3L0GN24+F1VkZk=:
Signature-Input: sig1=("@method" "@target-uri" "content-digest" \
  "signature-key" "authorization");created=1618884473\
  ;keyid="j-0Ny45NWmqGq6G4UxLjGjNuloktugtOW4jfGCCgefQ"\
  ;nonce="b3k2pp5k7z-50gnX1b06";tag="httpsig-oauth-token-request"
Signature: sig1=:AWyxebrJ6u8CMi0B3TyX9G1G3XT45UW5zIn8mhsyXdmjTUtGS+1M\
  XiydKv5z0GLCrMhVSFe691jF98DRNNSPAg==:

grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA&\
redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
]]></sourcecode>
      </section>
    </section>
    <section anchor="issuing">
      <name>Issuing an HTTP Message Signature Bound Access Token</name>
      <t>The AS MUST validate the signature of the token request sent in <xref target="request"/> against the identified key and the algorithm associated with that key.</t>
      <t>The request MUST fail with an error if any of the following occur:</t>
      <ul spacing="normal">
        <li>
          <t>The key named in <tt>kid</tt> cannot be found or is not associated with the requesting client</t>
        </li>
        <li>
          <t>There is more than one signature with the tag "httpsig-oauth-token-request"</t>
        </li>
        <li>
          <t>The <tt>created</tt> value of the signature is too far in the past</t>
        </li>
        <li>
          <t>The <tt>nonce</tt> value is used more than once within the validity window of the signature</t>
        </li>
      </ul>
      <t>When issuing an access token bound to a key using HTTP Message Signatures, the AS associates the granted token with the key used in the requesting signature. All presentations of this token at any RS MUST contain an HTTP message signature as described in <xref target="presenting"/>.</t>
      <t>An HTTP Message Signature bound access token MUST have a <tt>token_type</tt> value of <tt>httpsig</tt>.</t>
      <artwork><![CDATA[
HTTP 200 OK
Content-Type: application/json

{
    "access_token": "2340897.34j123-134uh2345n",
    "token_type": "httpsig"
}
]]></artwork>
      <t>The client MUST associate this returned access token with the key used to make the requst.</t>
      <t>[[ Editor's note: we should define confirmation methods for access tokens here, including JWT values and introspection response values to allow the RS to verify the signature w/o the client's registration information. Leaving the following sections as placeholders. ]]</t>
      <section anchor="encoding-confirmation-in-a-jwt">
        <name>Encoding Confirmation in a JWT</name>
      </section>
      <section anchor="returning-confirmation-in-token-introspection">
        <name>Returning Confirmation in Token Introspection</name>
      </section>
    </section>
    <section anchor="presenting">
      <name>Presenting an HTTP Message Signature Bound Access Token</name>
      <t>HTTP Message Signature bound access token MUST be presented in an HTTP Authorization field using the <tt>HTTPSig</tt> authorization scheme.</t>
      <artwork><![CDATA[
Authorization: HTTPSig 2340897.34j123-134uh2345n
]]></artwork>
      <t>Note that HTTP authorization schemes defined in <xref target="HTTPAUTH"/> are case-insensitive, and so all the following are equivalent:</t>
      <artwork><![CDATA[
Authorization: HTTPSig 2340897.34j123-134uh2345n
Authorization: httpsig 2340897.34j123-134uh2345n
Authorization: HTTPSIG 2340897.34j123-134uh2345n
Authorization: Httpsig 2340897.34j123-134uh2345n
Authorization: hTpTsIg 2340897.34j123-134uh2345n
]]></artwork>
      <t>When presenting an HTTP Message Signature bound access token to an RS, the client MUST include a signature compliant with <xref target="HTTPSIG"/>. The covered components MUST include:</t>
      <ul spacing="normal">
        <li>
          <t><tt>@method</tt> the HTTP method of the request</t>
        </li>
        <li>
          <t><tt>@target-uri</tt> the full request URI of the request (note that this includes the scheme, authority, path, and query)</t>
        </li>
        <li>
          <t><tt>authorization</tt> the access token value being presented</t>
        </li>
      </ul>
      <t>The RS MAY require additional components to be covered by the signature, and the client MUST include any additional fields or components of the HTTP request that are relevant to the security of the RS. For example, if the API being served by the RS declares that incoming content type makes a material difference, the RS SHOULD require signing of the Content-Type header in addition to the above.</t>
      <t>The request MAY include multiple signatures to serve different needs.</t>
      <t>If the request includes an entity body (such as a POST, PUT, or QUERY), the client SHOULD calculate the digest as per <xref target="DIGEST"/> and also sign the digest header (such as Content-Digest).</t>
      <t>The signature MUST include the following parameters:</t>
      <ul spacing="normal">
        <li>
          <t><tt>created</tt> a timestamp for signature creation; this MUST be within a small number of seconds of issuance (e.g. 30 seconds to account for clock skew)</t>
        </li>
        <li>
          <t><tt>nonce</tt> a random unique value that the AS can use to prevent signature replay within the small validity time window</t>
        </li>
        <li>
          <t><tt>tag</tt> a string indicating that this is being used for requesting a bound token, MUST be the value "httpsig-oauth"</t>
        </li>
        <li>
          <t><tt>keyid</tt> the <tt>kid</tt> value for the key used to sign the request</t>
        </li>
      </ul>
      <t>The client MUST NOT include an <tt>alg</tt> signature parameter.</t>
      <t>For example, the following signed request includes a signature with the needed parameters:</t>
      <sourcecode type="http-message"><![CDATA[
NOTE: '\' line wrapping per RFC 8792

GET /foo HTTP/1.1
Host: example.com
Date: Mon, 20 Apr 2026 02:07:55 GMT
Authorization: HTTPSig 2340897.34j123-134uh2345n
Signature-Input: sig1=("@method" "@target-uri" "authorization")\
  ;created=1776650875;keyid="j-0Ny45NWmqGq6G4UxLjGjNuloktugtOW4jfGCCg\
  efQ";nonce="k9Jyxempel2305Nmx7Rk";tag="httpsig-oauth"
Signature: sig1=:kFJC2WoBbrQc8tsKiowIb8oeIA533qmKvzdKf8kndJ7kaLxGmm2v\
  9+IPB8kLE0WUea8KryJGSV7ji1apLkeKBg==:
]]></sourcecode>
    </section>
    <section anchor="validating">
      <name>Validating an HTTP Message Signature Bound Access Token Request</name>
      <t>In order for a request protected by an HTTP Message Signature bound access token to be considered valid, the RS MUST perform the following checks:</t>
      <ul spacing="normal">
        <li>
          <t>The presented signature validates using the key associated with the token</t>
        </li>
        <li>
          <t>The signature validates using the algorithm associated with the key</t>
        </li>
        <li>
          <t>The <tt>created</tt> value is not too far in the past (e.g. 30 seconds to account for clock skew and network delays)</t>
        </li>
        <li>
          <t>The <tt>nonce</tt> value has not been previously used within the time validity window of this request</t>
        </li>
        <li>
          <t>The <tt>tag</tt> value is "httpsig-oauth"</t>
        </li>
        <li>
          <t>The covered components and parameters include all items enumerated in <xref target="presenting"/></t>
        </li>
      </ul>
      <t>If the request includes an entity body (such as a POST, PUT, or QUERY) and a digest as per <xref target="DIGEST"/>, the RS MUST validate the digest.</t>
      <t>If the request includes multiple signatures tagged "httpsig-oauth", all signatures MUST be validated.</t>
      <t>For example, to validate the request:</t>
      <sourcecode type="http-message"><![CDATA[
NOTE: '\' line wrapping per RFC 8792

GET /foo HTTP/1.1
Host: example.com
Date: Mon, 20 Apr 2026 02:07:55 GMT
Authorization: HTTPSig 2340897.34j123-134uh2345n
Signature-Input: sig1=("@method" "@target-uri" "authorization")\
  ;created=1776650875;keyid="j-0Ny45NWmqGq6G4UxLjGjNuloktugtOW4jfGCCg\
  efQ";nonce="k9Jyxempel2305Nmx7Rk";tag="httpsig-oauth"
Signature: sig1=:kFJC2WoBbrQc8tsKiowIb8oeIA533qmKvzdKf8kndJ7kaLxGmm2v\
  9+IPB8kLE0WUea8KryJGSV7ji1apLkeKBg==:
]]></sourcecode>
      <t>The RS determines the key bound to the token and validates the <tt>kid</tt> value against that key. The RS determines the algorithm from the key and performs signature validation per <xref target="HTTPSIG"/> on the</t>
      <t>In this example, the client has a key with the <tt>kid</tt> value of <tt>test-key-rsa-pss</tt> which uses the JWA <tt>alg</tt> value of <tt>PS512</tt>. The signature input string is:</t>
      <artwork><![CDATA[
"@request-target": get /foo
"host": example.org
"authorization": HTTPSig 2340897.34j123-134uh2345n
"@signature-params": ("@request-target" "host" "authorization")\
  ;created=1618884475;keyid="test-key-rsa-pss"
]]></artwork>
      <t>This results in the following signed HTTP message, including the access token.</t>
      <sourcecode type="http-message"><![CDATA[
NOTE: '\' line wrapping per RFC 8792

GET /foo HTTP/1.1
Host: example.com
Date: Tue, 20 Apr 2021 02:07:55 GMT
Authorization: HTTPSig 2340897.34j123-134uh2345n
Signature-Input: sig1=("@request-target" "host" "authorization")\
  ;created=1618884475;keyid="test-key-rsa-pss"
Signature: sig1=:o+Fy/a6IIWhHwnMFhsHqfXEpheWGBMOU3pheT50zA8rL5F8Nur\
  xBKAPylMGBWYCKH5Bd+TB0Co6vqANlXyOCM9Zr5c/UmR5WGex5/OgJJmfN7gOVOH5\
  pB2Zxa233xsohfwo9liBlctukN5//E3F04rKjIkoeTFJiS+hMcOzn29esgFSEl4Jy\
  oO5Q8snMIsC56ZAPYwU7rJis1Wvl6Y9/9tpW6gIn/SHwArhPQSAb0zZy6mCiw654n\
  CaKw5NYJ9S0DZlnV4T7nJtdZsHOkddF6kH4WVka3ev0xONI5kYkEdR1Gw0VAE9thi\
  p+3/aFoUVTJ/1J6JfehZpXqehwv3KNoQ==:
]]></sourcecode>
      <t>An RS receiving such a signed message and a bound access token MUST verify the HTTP Message Signature as described in <xref target="HTTPSIG"/>. The RS MUST verify that all required portions of the HTTP request are covered by the signature by examining the contents of the signature parameters.</t>
    </section>
    <section anchor="Acknowledgements">
      <name>Acknowledgements</name>
    </section>
    <section anchor="IANA">
      <name>IANA Considerations</name>
      <t>[[ TBD: register the token type and new parameters into their appropriate registries, as well as the JWT and introspection parameters needed for confirmation methods. ]]</t>
    </section>
    <section anchor="Security">
      <name>Security Considerations</name>
      <t>[[ TBD. ]]</t>
      <ul spacing="normal">
        <li>
          <t>All requests have to be over TLS or equivalent as per <xref target="BCP195"/>.</t>
        </li>
        <li>
          <t>Leakage of a private key alongside a token allows for re-presentation of that token.</t>
        </li>
        <li>
          <t>Insufficient coverage of a message allows a signature to be attached to a different message.</t>
        </li>
        <li>
          <t>Failure to check derived attributes allows a signature to be replayed.</t>
        </li>
        <li>
          <t>Signatures could be replayed outside of their vailidty window if not checked.</t>
        </li>
      </ul>
    </section>
    <section anchor="Privacy">
      <name>Privacy Considerations</name>
      <t>[[ TBD. ]]</t>
      <ul spacing="normal">
        <li>
          <t>Re-use of a public-key for tokens at multiple RS's can allow tracking of a client/user combination based on the key identity.</t>
        </li>
      </ul>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <referencegroup anchor="BCP195" target="https://www.rfc-editor.org/info/bcp195">
          <reference anchor="RFC8996" target="https://www.rfc-editor.org/info/rfc8996">
            <front>
              <title>Deprecating TLS 1.0 and TLS 1.1</title>
              <author fullname="K. Moriarty" initials="K." surname="Moriarty"/>
              <author fullname="S. Farrell" initials="S." surname="Farrell"/>
              <date month="March" year="2021"/>
              <abstract>
                <t>This document formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Accordingly, those documents have been moved to Historic status. These versions lack support for current and recommended cryptographic algorithms and mechanisms, and various government and industry profiles of applications using TLS now mandate avoiding these old TLS versions. TLS version 1.2 became the recommended version for IETF protocols in 2008 (subsequently being obsoleted by TLS version 1.3 in 2018), providing sufficient time to transition away from older versions. Removing support for older versions from implementations reduces the attack surface, reduces opportunity for misconfiguration, and streamlines library and product maintenance.</t>
                <t>This document also deprecates Datagram TLS (DTLS) version 1.0 (RFC 4347) but not DTLS version 1.2, and there is no DTLS version 1.1.</t>
                <t>This document updates many RFCs that normatively refer to TLS version 1.0 or TLS version 1.1, as described herein. This document also updates the best practices for TLS usage in RFC 7525; hence, it is part of BCP 195.</t>
              </abstract>
            </front>
            <seriesInfo name="BCP" value="195"/>
            <seriesInfo name="RFC" value="8996"/>
            <seriesInfo name="DOI" value="10.17487/RFC8996"/>
          </reference>
          <reference anchor="RFC9325" target="https://www.rfc-editor.org/info/rfc9325">
            <front>
              <title>Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)</title>
              <author fullname="Y. Sheffer" initials="Y." surname="Sheffer"/>
              <author fullname="P. Saint-Andre" initials="P." surname="Saint-Andre"/>
              <author fullname="T. Fossati" initials="T." surname="Fossati"/>
              <date month="November" year="2022"/>
              <abstract>
                <t>Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) are used to protect data exchanged over a wide range of application protocols and can also form the basis for secure transport protocols. Over the years, the industry has witnessed several serious attacks on TLS and DTLS, including attacks on the most commonly used cipher suites and their modes of operation. This document provides the latest recommendations for ensuring the security of deployed services that use TLS and DTLS. These recommendations are applicable to the majority of use cases.</t>
                <t>RFC 7525, an earlier version of the TLS recommendations, was published when the industry was transitioning to TLS 1.2. Years later, this transition is largely complete, and TLS 1.3 is widely available. This document updates the guidance given the new environment and obsoletes RFC 7525. In addition, this document updates RFCs 5288 and 6066 in view of recent attacks.</t>
              </abstract>
            </front>
            <seriesInfo name="BCP" value="195"/>
            <seriesInfo name="RFC" value="9325"/>
            <seriesInfo name="DOI" value="10.17487/RFC9325"/>
          </reference>
        </referencegroup>
        <reference anchor="DIGEST">
          <front>
            <title>Digest Fields</title>
            <author fullname="R. Polli" initials="R." surname="Polli"/>
            <author fullname="L. Pardue" initials="L." surname="Pardue"/>
            <date month="February" year="2024"/>
            <abstract>
              <t>This document defines HTTP fields that support integrity digests. The Content-Digest field can be used for the integrity of HTTP message content. The Repr-Digest field can be used for the integrity of HTTP representations. Want-Content-Digest and Want-Repr-Digest can be used to indicate a sender's interest and preferences for receiving the respective Integrity fields.</t>
              <t>This document obsoletes RFC 3230 and the Digest and Want-Digest HTTP fields.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9530"/>
          <seriesInfo name="DOI" value="10.17487/RFC9530"/>
        </reference>
        <reference anchor="HTTP">
          <front>
            <title>HTTP Caching</title>
            <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/>
            <author fullname="M. Nottingham" initials="M." role="editor" surname="Nottingham"/>
            <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/>
            <date month="June" year="2022"/>
            <abstract>
              <t>The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document defines HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages.</t>
              <t>This document obsoletes RFC 7234.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="98"/>
          <seriesInfo name="RFC" value="9111"/>
          <seriesInfo name="DOI" value="10.17487/RFC9111"/>
        </reference>
        <reference anchor="JWK">
          <front>
            <title>JSON Web Key (JWK)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <date month="May" year="2015"/>
            <abstract>
              <t>A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. This specification also defines a JWK Set JSON data structure that represents a set of JWKs. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification and IANA registries established by that specification.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7517"/>
          <seriesInfo name="DOI" value="10.17487/RFC7517"/>
        </reference>
        <reference anchor="OAUTH">
          <front>
            <title>The OAuth 2.0 Authorization Framework</title>
            <author fullname="D. Hardt" initials="D." role="editor" surname="Hardt"/>
            <date month="October" year="2012"/>
            <abstract>
              <t>The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This specification replaces and obsoletes the OAuth 1.0 protocol described in RFC 5849. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6749"/>
          <seriesInfo name="DOI" value="10.17487/RFC6749"/>
        </reference>
        <reference anchor="OAUTH-BEARER">
          <front>
            <title>The OAuth 2.0 Authorization Framework: Bearer Token Usage</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="D. Hardt" initials="D." surname="Hardt"/>
            <date month="October" year="2012"/>
            <abstract>
              <t>This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6750"/>
          <seriesInfo name="DOI" value="10.17487/RFC6750"/>
        </reference>
        <reference anchor="STRUCTURED">
          <front>
            <title>Structured Field Values for HTTP</title>
            <author fullname="M. Nottingham" initials="M." surname="Nottingham"/>
            <author fullname="P-H. Kamp" surname="P-H. Kamp"/>
            <date month="September" year="2024"/>
            <abstract>
              <t>This document describes a set of data types and associated algorithms that are intended to make it easier and safer to define and handle HTTP header and trailer fields, known as "Structured Fields", "Structured Headers", or "Structured Trailers". It is intended for use by specifications of new HTTP fields.</t>
              <t>This document obsoletes RFC 8941.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9651"/>
          <seriesInfo name="DOI" value="10.17487/RFC9651"/>
        </reference>
        <reference anchor="MTLS">
          <front>
            <title>OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens</title>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <date month="February" year="2020"/>
            <abstract>
              <t>This document describes OAuth client authentication and certificate-bound access and refresh tokens using mutual Transport Layer Security (TLS) authentication with X.509 certificates. OAuth clients are provided a mechanism for authentication to the authorization server using mutual TLS, based on either self-signed certificates or public key infrastructure (PKI). OAuth authorization servers are provided a mechanism for binding access tokens to a client's mutual-TLS certificate, and OAuth protected resources are provided a method for ensuring that such an access token presented to it was issued to the client presenting the token.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8705"/>
          <seriesInfo name="DOI" value="10.17487/RFC8705"/>
        </reference>
        <reference anchor="HTTPSIG">
          <front>
            <title>HTTP Message Signatures</title>
            <author fullname="A. Backman" initials="A." role="editor" surname="Backman"/>
            <author fullname="J. Richer" initials="J." role="editor" surname="Richer"/>
            <author fullname="M. Sporny" initials="M." surname="Sporny"/>
            <date month="February" year="2024"/>
            <abstract>
              <t>This document describes a mechanism for creating, encoding, and verifying digital signatures or message authentication codes over components of an HTTP message. This mechanism supports use cases where the full HTTP message may not be known to the signer and where the message may be transformed (e.g., by intermediaries) before reaching the verifier. This document also describes a means for requesting that a signature be applied to a subsequent HTTP message in an ongoing HTTP exchange.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9421"/>
          <seriesInfo name="DOI" value="10.17487/RFC9421"/>
        </reference>
        <reference anchor="DPOP">
          <front>
            <title>OAuth 2.0 Demonstrating Proof of Possession (DPoP)</title>
            <author fullname="D. Fett" initials="D." surname="Fett"/>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="D. Waite" initials="D." surname="Waite"/>
            <date month="September" year="2023"/>
            <abstract>
              <t>This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks with access and refresh tokens.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9449"/>
          <seriesInfo name="DOI" value="10.17487/RFC9449"/>
        </reference>
        <reference anchor="RAR">
          <front>
            <title>The Time Zone Information Format (TZif)</title>
            <author fullname="A. Olson" initials="A." surname="Olson"/>
            <author fullname="P. Eggert" initials="P." surname="Eggert"/>
            <author fullname="K. Murchison" initials="K." surname="Murchison"/>
            <date month="October" year="2024"/>
            <abstract>
              <t>This document specifies the Time Zone Information Format (TZif) for representing and exchanging time zone information, independent of any particular service or protocol. Two media types for this format are also defined.</t>
              <t>This document replaces and obsoletes RFC 8536.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9636"/>
          <seriesInfo name="DOI" value="10.17487/RFC9636"/>
        </reference>
        <reference anchor="PAR">
          <front>
            <title>OAuth 2.0 Pushed Authorization Requests</title>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <author fullname="D. Tonge" initials="D." surname="Tonge"/>
            <author fullname="F. Skokan" initials="F." surname="Skokan"/>
            <date month="September" year="2021"/>
            <abstract>
              <t>This document defines the pushed authorization request (PAR) endpoint, which allows clients to push the payload of an OAuth 2.0 authorization request to the authorization server via a direct request and provides them with a request URI that is used as reference to the data in a subsequent call to the authorization endpoint.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9126"/>
          <seriesInfo name="DOI" value="10.17487/RFC9126"/>
        </reference>
        <reference anchor="DYNREG">
          <front>
            <title>OAuth 2.0 Dynamic Client Registration Protocol</title>
            <author fullname="J. Richer" initials="J." role="editor" surname="Richer"/>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="M. Machulak" initials="M." surname="Machulak"/>
            <author fullname="P. Hunt" initials="P." surname="Hunt"/>
            <date month="July" year="2015"/>
            <abstract>
              <t>This specification defines mechanisms for dynamically registering OAuth 2.0 clients with authorization servers. Registration requests send a set of desired client metadata values to the authorization server. The resulting registration responses return a client identifier to use at the authorization server and the client metadata values registered for the client. The client can then use this registration information to communicate with the authorization server using the OAuth 2.0 protocol. This specification also defines a set of common client metadata fields and values for clients to use during registration.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7591"/>
          <seriesInfo name="DOI" value="10.17487/RFC7591"/>
        </reference>
        <reference anchor="JSON">
          <front>
            <title>The JavaScript Object Notation (JSON) Data Interchange Format</title>
            <author fullname="T. Bray" initials="T." role="editor" surname="Bray"/>
            <date month="December" year="2017"/>
            <abstract>
              <t>JavaScript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format. It was derived from the ECMAScript Programming Language Standard. JSON defines a small set of formatting rules for the portable representation of structured data.</t>
              <t>This document removes inconsistencies with other specifications of JSON, repairs specification errors, and offers experience-based interoperability guidance.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="90"/>
          <seriesInfo name="RFC" value="8259"/>
          <seriesInfo name="DOI" value="10.17487/RFC8259"/>
        </reference>
        <reference anchor="HTTPAUTH">
          <front>
            <title>Hypertext Transfer Protocol (HTTP/1.1): Authentication</title>
            <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/>
            <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/>
            <date month="June" year="2014"/>
            <abstract>
              <t>The Hypertext Transfer Protocol (HTTP) is a stateless application- level protocol for distributed, collaborative, hypermedia information systems. This document defines the HTTP Authentication framework.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7235"/>
          <seriesInfo name="DOI" value="10.17487/RFC7235"/>
        </reference>
        <reference anchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
        <reference anchor="RFC8792">
          <front>
            <title>Handling Long Lines in Content of Internet-Drafts and RFCs</title>
            <author fullname="K. Watsen" initials="K." surname="Watsen"/>
            <author fullname="E. Auerswald" initials="E." surname="Auerswald"/>
            <author fullname="A. Farrel" initials="A." surname="Farrel"/>
            <author fullname="Q. Wu" initials="Q." surname="Wu"/>
            <date month="June" year="2020"/>
            <abstract>
              <t>This document defines two strategies for handling long lines in width-bounded text content. One strategy, called the "single backslash" strategy, is based on the historical use of a single backslash ('\') character to indicate where line-folding has occurred, with the continuation occurring with the first character that is not a space character (' ') on the next line. The second strategy, called the "double backslash" strategy, extends the first strategy by adding a second backslash character to identify where the continuation begins and is thereby able to handle cases not supported by the first strategy. Both strategies use a self-describing header enabling automated reconstitution of the original content.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8792"/>
          <seriesInfo name="DOI" value="10.17487/RFC8792"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="I-D.ietf-oauth-signed-http-request">
          <front>
            <title>A Method for Signing HTTP Requests for OAuth</title>
            <author fullname="Justin Richer" initials="J." surname="Richer">
         </author>
            <author fullname="John Bradley" initials="J." surname="Bradley">
              <organization>Ping Identity</organization>
            </author>
            <author fullname="Hannes Tschofenig" initials="H." surname="Tschofenig">
              <organization>ARM Limited</organization>
            </author>
            <date day="8" month="August" year="2016"/>
            <abstract>
              <t>   This document a method for offering data origin authentication and
   integrity protection of HTTP requests.  To convey the relevant data
   items in the request a JSON-based encapsulation is used and the JSON
   Web Signature (JWS) technique is re-used.  JWS offers integrity
   protection using symmetric as well as asymmetric cryptography.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-oauth-signed-http-request-03"/>
        </reference>
        <reference anchor="SIGNED-INTROSPECTION">
          <front>
            <title>JSON Web Token (JWT) Response for OAuth Token Introspection</title>
            <author fullname="T. Lodderstedt" initials="T." role="editor" surname="Lodderstedt"/>
            <author fullname="V. Dzhuvinov" initials="V." surname="Dzhuvinov"/>
            <date month="January" year="2025"/>
            <abstract>
              <t>This specification proposes an additional response secured by JSON Web Token (JWT) for OAuth 2.0 Token Introspection.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9701"/>
          <seriesInfo name="DOI" value="10.17487/RFC9701"/>
        </reference>
      </references>
    </references>
    <?line 380?>

<section anchor="history">
      <name>Document History</name>
      <ul spacing="normal">
        <li>
          <t>-01
          </t>
          <ul spacing="normal">
            <li>
              <t>Added key binding semantics</t>
            </li>
            <li>
              <t>Updated references</t>
            </li>
            <li>
              <t>Updated presentation requirements</t>
            </li>
            <li>
              <t>Added appendix for potential future work</t>
            </li>
            <li>
              <t>Added some basic security and privacy considerations, to be expanded upon group discussion</t>
            </li>
          </ul>
        </li>
        <li>
          <t>-00
          </t>
          <ul spacing="normal">
            <li>
              <t>Initial individual draft.</t>
            </li>
          </ul>
        </li>
      </ul>
    </section>
    <section anchor="potential-other-work">
      <name>Potential Other Work</name>
      <t><xref target="HTTPSIG"/> provides a generic mechanism for signing arbitrary HTTP messages, both requests and responses. While this specification is focused solely on OAuth access token issuance and usage, <xref target="HTTPSIG"/> could be used in other places in the OAuth ecosystem and this appendix exists to capture some of those ideas.</t>
      <section anchor="client-authentication">
        <name>Client Authentication</name>
        <t>Similarly to <xref target="MTLS"/>, <xref target="HTTPSIG"/> could be used as a generic client authentication mechanism for the client calling the AS for any authenticated call, including token PAR, the token endpoint. Since <xref target="HTTPSIG"/> allows for multiple signatures with different usage parameters (including <tt>tag</tt>), this could be layered on top of even the runtime token request key binding, allowing a client to use one key for authentication and another for token use.</t>
      </section>
      <section anchor="as-responses">
        <name>AS Responses</name>
        <t>Since <xref target="HTTPSIG"/> can be used to sign responses, an AS could sign its responses from backend endpoints (including the token endpoint, revocation endpoint, discovery endpoint, introspection endpoint, etc) with an issuer-based key, providing a layer of protection in addition to the TLS transport. Signed response mechanisms like <xref target="SIGNED-INTROSPECTION"/> could be replaced with this method in many use cases.</t>
      </section>
      <section anchor="non-repudiation-of-requests">
        <name>Non-Repudiation of Requests</name>
        <t>Since <xref target="HTTPSIG"/> allows a signed response to contain elements of the request that triggered the response, an AS or RS could use this mechanism to provide non-repudiation of a response to bind it to a particular request parameter set.</t>
      </section>
      <section anchor="par-key-introduction">
        <name>PAR Key Introduction</name>
        <t>Keys for this purpose could be introduced during a <xref target="PAR"/> request phase, as part of the call to the PAR endpoint.</t>
      </section>
      <section anchor="accept-signature-support">
        <name>Accept-Signature Support</name>
        <t>The <tt>Accept-Signature</tt> mechanism in <xref target="HTTPSIG"/> allows for runtime discovery of not only the applicability of signatures but also the expected coverage, for particular uses.</t>
      </section>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA+1c6XLbSJL+z6eolWPGdlikeIg62OvtpiSKog5KJqlzPGGB
QJGECAIwAJKiFO5n2WfZJ9s8qnBQlNuendmI3ZmIjjaFoyorK/PLL7OqkM/n
c5EdObIm3p7Xp9FIXASeNxDw34UXhjIMbc8VPW8s3VDMbbh/1OtdiDO4YQyl
6NpD14imgQzf5izPdI0JNGQFxiDKB7Y5kkHeM6DR/CiK/NAe5oulnGlEcugF
i5oIIyuXs/2gJqJgGkblYnG3WM4ZgTRqoivNaWBHi9zcC8bDwJv6NXFev+wd
5cZyAdesmmi5kQxcGeUPsL9cLowM1/piOJ4LMixkmPPtmvhL5JnrAv5nu5Z0
o3URekEUyEEIvxYT9SMCWeGW6U18Q/2YwMNwy3Yd25XrAsY2MXzfdod/zeVw
RF5QywmRhwfCmjguiA6NFi4JwUo4hhHZbvq6FwwN134yItBoTZx57tA72KM7
cmLYTk3YMhr89kDvFVh7BXiHngg8nCFp2ZEX5HKuF0ygmZms0c29/YvSbpV/
H7SajW6vJjqH+7vVSpGu4YzxlVKpRFeOr0/owna1tE0XSLV0aWt7cze5lN9r
1DuNjrpT5fa6vc7lfu+y0zjgVreq3OpZ77RLV3a2i9W4526ryY9tlvmxg4tz
Jc6m6qpT76iWKlt04UJfKJX5wsFtu9NoKpl31SC6523urlzdjbuLB7JdrlTB
vNxBVlmt/EEBFa0ME4zSlRbZZz6QX6cyjPg5ELvdOMi32r3Oefeisd9rqd52
t8GIc/l8Xhh9sBwwmFyuN7JDIR8jcBJ0l8gT0UgK9qdyoSjYYtTci0EAFoJ2
LSw5APMKhSEmEp6wBAgrpiGYWe4VN8O2+2DLwjBNuAl/kmfCVfCLUIykY4n+
ItW16dhoygUWeWJbliNzuTfoPYFnTU2UCAeQFjcR0A+8mW1BtyxfSAKqJrHT
oYxgEI4cglMvyzQIvIkw3Fx28KEMZjKgdvhxGCx2E0kTm4AhetMArhcEypRt
0YhIr6ZEz88BRKWGabiiL0Xfm4JuQDBDzIwA5nmBSGbZg4EM4C0YhjkCJwwn
5NumM7Ww+74E0AlUL+u5yTSaGo4Aa14HpxUe9BmAiDKEFngQSTOg17302wJ+
i9Ce+I5EMegHYonoTyNhOKEnRsZM0jDQ9OyBDZJHoBWGOwCaOdiQJUHsnOE4
3hzlM9wFgJqYjzx4EG1gSTPY0zTEVlFDeKUgnp+V8337ljKzoXQlQEsuHgC/
A9YL75PiUCrGeOUO8JpL8+J7LsSDgrL20JcmSU8K0T1MpOF+x0YNtNLYSGku
yZbW4Y4aycKXuZnhTCV1yxd152Q10DD1Cnoh2fWbNvceUe+Sx0MBK6WJXHoW
16mHjOup22QTZEnZEdjLmmFXTXWgtUPOg/GEZ5912J/aDrgQqEs++jAN0jWl
FhFBEWYKH3t+RiD99g3kg4ak48C/udiQSPQQrfr5+Y+xjFqBubLBuNCmYYCW
xCF5AaOUHeayM4kSsMUjcFJH7GU+8oI8/OcnvACHCUP+/JfPfxENCk5vQ+GC
L9dAcDFXszEE8AULmUnHg2GHMOfgMWI4tS0DNYDtjBIjJl3aQzEDCDi48C7o
xwQ0Qj+Us+HPOcy+RCyRDrz2+a+fITS/eSN6MpjYrud4wwXjGpocMoZQrJ1d
dntr6/yvaJ/T707j02ULYhn+7h7VT0/jHzn1RPfo/PL0IPmVvLl/fnbWaB/w
y3BVZC7l1s7qt2tsZmvnFxhB6qdraEWod+QUU4IGhAw2WhuBDeaIwDTMAfCa
gd2HP+AdiPL/9Z+lTZj2f4MoVC6VdsFe+I+d0vYm/IFa5N4811moP2EqFzmg
LqhyaAUwBbDStyPAIjKwcASIAy4ZyELu339FtiPyW7/+R04Zciyk6YHtAduB
6XXzMQEBSzbQMslOfCOIbDAylIBtP+LpBBejOAY9YtBGwgWBB8PZurjsnML/
wViDBb0EQEfMC8PZesoapfKkguh6k1S/aDJg4eCHiLgBECnyXsMch44RjsTb
z28JiBk1pKARzgMmc+T0QBjB2hByWCNgo1qv27tl8GmKRPef7wVgJsZ7uI9y
gRVT9AiBNEpya2oWZsthtIVpBV8gtaB6EO6omwLG3w47KMP7K6Ra7BEI1RmE
iISL5zcIrfDaN5ghjbPui3BASEuzL+pd4UppMUlwvTkYBpBLcgsN1PAvX1TB
4zsIH8094scUBZkTWNKXJBLqAHvk7tSQGeFrwD9EHWYeWjM15BJ+89ukPxQJ
7AqgEa1oBnNp9GFWcU5SOuQGAYSHNvIvIjDYdjAF5AbTSDdOIRQDn3qJLIGJ
j8x2Z0H8pZAi46BDEyT8kRFKxluixBBFcvVEIhvAPS3KetIZoUxseKxgJZwd
AfCDK4L1voKflpeGUMOyknahDcMyIgNlAKIWEfmgwA3jQGhJRw40jnp3o9PN
vDYxll4Lp74PmRE5hDTQEiAQ/6pQdZV89YBYTIBxeqE5khFhSkZTj8q1UxwT
RwNYM3UQGwC1fxUt4QMnAqrPiAgN+WRHjyQ1dVNIYP0ikPlOSs/YxwlS3uc3
AJg8AzLAudFqgst5fR2nFmeKSDKOMU2PlEPp+UJWyAyNx5CaYujHEvcP83F4
z66M/HBijCVOaGKwxHzxLXr0C1jWvYCR+R4ohNEEEjDujtigIe7HtnUvBjYy
I8SWrOkYzBURKhxInYExTLRc93BFvcgto8ytAxojDsGf9h1wOGJDeO0VoFnF
dkgGDEqYOAMQQAvEd6jde5XRf6E3v/CbX+jNL6mxqJnlGXkbxjb4Q0avdKOm
kxvU40opBOcAs2YE5FlMguMJxIhHXg3YQEYHST+b/lhKHydOCQkPa3urZ4wH
Bo4NQTBHdcBkQBiAa8DZIVKLd+EU3MUIVe4mKcoCop/V99m5UMHv1ykBULOB
rZnBwo+8IUSM0QK5a4o5gHLaoA4eSSKIsnvMdDwT0gUFpjC+BarAWrjGRP0Z
ywQsm+cMGCal0N++vSd0oKBnhImZg8sBKzRtSuSIlGYm7p5/fcGp7UsYqlwB
lUjBDYvi2xsVrlSYQ1fNpJzgtgqvwWVbLqjZsIhDLDmtimOxFeDoEwRXLv06
eKupDQEmxQDoADHcMObbBWaIabxWKQA1nZou1VDsMfkTSmRgtEHa+5TVh3FM
72qqY4lDugc8KrQ57sNwDbFnuwZQH0YTRbL0WPqLSMZx9PkZuRPAVUgBy36S
mCoAkMAlpOr6uXRUU+P7DtokoKHd3UgP+x2CkSttgne4E9gzBCS85WIGv+QL
cP39SoBzFVDxMDnnVOgWKnhjIIoBDkQ/xFjEPI+ZzMDTGTE2n4gJ5OL3338X
DyEwgWeq3qyNo8VaDVj3yQXwcLoCrolXoCt9xQxmeKVhlavV0q6+CrrBqw/5
YnuxWW1fT742v241P+nbj3jTnsqJ+fClOeocTW6/LPbDM+eg7Vf2Pg0v7g6s
ZrF41QmHX/aGl5VQvwcD484OuvW13DcUOJfb56oFJIKexel3dphZc2PjYhW+
i7jkRNpB2CGSwwVMRbKVmTBqkMoDOYHQGyIVAb0jbX3PqsNMp1Ejrpzlx8iF
gQgLZMK5XEacmqjJxXFgHY3tc/v4oluq26f7xyWzfIl/PxnXJv79YLq3+Pfh
3UGr1O41qq3PoA97bhtlZ9x68GzDLs577rjYvqze9G8Oj8ze3VH78Gqz1/SP
jHG11G/uQh9XrtXYvWk3/Umn2D64K19NsJnLbitsuUNs37eur6Lbsj/olEfd
brN0d1NxDsxiKew0qvOz4nHnrrRndJqdo7ODvetLt+3eFI/dq14bm3lqgTy3
148uytO57jQuiw178OnjxxrP0qpIRepHPwelEuQa8/HcCAA6DaLVPKVwGyy1
IK7RtZH6RAGTbnhpDHwHOSTOOE0YBghiVNwJvFuqlcCVfXxjJZggySNEDCTG
ADfVEQVEn1sUkA9z/KZ+AD4xP8CqN2ZK6hnLmyJ1+Tr10CXn1AjyeJWZQiZq
QGqjUgObAwcEXOilD8gNhI4KAi3VvYk52tTnQBLYw1EEQ5qn6Fw2OkAwUPUK
BiwGYZNo9+vZURylImMo1vQSA9dCKAzoKshaCmyYHiSgb4c6WHC40RVElQfJ
JTLP5NDQGW0KuRT86p6IMwCI1S0wHFANGsl6umNqEMK1OXWI47lWhnta9hA1
o1rV8azvWYvMo8g7eTL2IXZAu/kDflHFJk7biIhB0KPFAQp7GWw1KIDkNQxl
OsvEq59CC+A2QBgwj/iYKQF/wV7+jP/72PWdR+d8T959+nTbv+1uXT92+636
59yfwcTtQJoRcuePNLN/qtT/VD6E/1h9fyo3lPjwC6wNb/TZXa/ZAsHFIrmE
pyt1pAaVvVfDyJYvV7c+1jYHjafOVa/5dXA33Ha+Djasivd4M92pbPuzfuW0
2GyXNz8clq7Gd2ONGHEOogmzrSvoPO1UZE3Yis4NYs1rzpbkKLGtg6oDD+Kw
CsPKRjGjklaqgJKxV0q+739jCe6pGVWWIZGyNkaPRkYwlFGeMhdS4RRYtJbu
stNatst3bkxYGRm5Y7bM0BzJCZoZW0EEfgCZ4oirO1T5eY+dmmoC2PLv/8AL
gDUOMsxBsVjF37CAFsUlAQOLFKla2vOzJp/flE/+iALjvvLQF8unXSZFmTKF
dFKGVmzuB6Yqy7pRY5h8maq0YA+SLLMgQAFsKDSZe0Zo41LnyNZl+GSBgzK2
jBNq+sdCJVp8IUviPHG1IWR1sIeBPRmUW0E2MvEpCUpao0egt19YLE0x0Zgx
SxLhBLMzdzrpA3LAJAON9FwuHdlhOKXy8DtZGBZEpRjfxOhlQphxI7Ua5Zlj
EY7lnKzI9eAllAnQx4I0fOraoP008VQ1MYybtGjioc3M0FsTwQPpOxDIlaBk
xCQqNGNbuE5DZgVqsbw59goR6D6JqctLFJos9CVeinPx1+LOeqyouGT4/fCG
EoDp2cq3md7zezpf1tU+mXSvyx4xDv2C9hUDlwxXJMGYJbIDpYsuyom4R5Id
EhBz9GOFAnqLuk7loq958SrfXd0tta1wA7OFlQkc+cCyCyQ1Fj0NECTsGWoN
6zovgzzXhym/SVpJanN6sUErH0mBG1N3jWmK+y8FhHfs4IbWQV4tyFpqIS2Q
78mQHc8bQzAeL/msSoxoRUgxltzFOYizwf0gcGyUCqXckUchj9ZmC0q0AkBU
rp4GjRqDjDCf7vaNZqdrVA6LZ0++e31wOPk0gd/l4+s4jvYg8NcwXDkKvjYe
8/P5PE9UYxo4Cjr/CZOKvxPTSBTXcoHp19D4Sh/frak4vybWUmEc/srG1zWB
Uq5lYho8lAkSa+9/USD/sbRV2tnZ2dzcruBrvxDafFxOkjcvH08fmg/tqeON
o+kwOr/efBg09/eHcvBpjd4jdP641q+My75fHW8/5avFoXtT6he31n4BEP34
fZyLh6wGW6tfLx5lPzjemu7sn9nFvUpvcbPbLDUrN73N6uV19anl7kxG4eLG
mjz0LqNm90PpDAW5sRfWyaz6VGye7gdno6vuodzaLT0c7u4cdNrt7kV9iBP1
t1PYP3/O/U8o7BvRgvD3N6wN2fyaSqMgyhH4UNTSbPhFxpKtmHHxi2BWLyEL
Y4grfxw5U9Vgqq5i0BqlQfNlGdGIVC7US3E4EmwAXIafgnHKIMDl/QEvKAyW
2AeVPIl46IIV7rMiNsdYDzCIWXMfX0LNYFsqkV5R2EzFXp4Nbhi0gvSJy5tY
aHXTCvvxhFOJmXAktVowWJoCTKQ9D/QQ6ADlG2Gk31Zcht/VezTSwpkyTVFi
csK85EVvkBqNaKNEbFqZVcPU3hnmsTG1fLkNKV5ZjHXLVJ8cRup9G7G+Yl6s
JE1pP5auIOqOk9lmo0qfthYQ1/PANDrKqlWxNHaRlyn5S9qfbPCgLLj+qne9
XBDJVlCZwCAypOZWc537AqeU1Ha5WBTnJ98Ji1S21HXLND/CemG5slnc2d0u
VDYfSuVKvlTZnI7gWtXVdcVEEHxcCRAXGJcLGPF06cwEBusu7dxaMW1gFLTK
pecujF7f9aEW+bjwgJM0sGmzQGrBONn8pdea0PPSO7KOr3tqSV5VO6LAw/Vo
aibeDqSeQJNFmCDxwDrgb6Ax9mCx5GzzDS+bXmXWVeKdglhHO5XGTHPjBINC
FoBIMOQHphx5DnDDMFXXaiCrUaWGZOCU7MCY6JEOKX3VM4zirfRgMRZcJLuS
fjIcpMw998qOwlctvS9TLDzlZvXsXkaqSafWBdX2nfulPY9cA1B+sUQq9Y6f
V22dbTlZEyM5VrUfZutdej8ohjDMRo1Q5iGQ4S5N3LzCBYjQi5cIk5nGx8HO
bbAw3rzwN4m99IJyzh9/QZV/fuKFn+1h1PN7YesPVU9xw/8RM1xhTeieLvjl
y+pnUk5NlQxw45CNK8DLm/f+H5W6lkox0fJ+To4oXC6InZDRHKNf/ZaksTHE
xeXltEY409eq6i8B4XrM2lZOBoTYVKsDXmjAQkvSvlJJejOk2m9DtRNHztQS
PvWr97aqtzrdgsiUn1XqX79oqSFTHhrLDSO2pOkYga7eg6TehJgbx1Taq0IB
inZSxzt61K5fU60eQjtq/55Wnt5EoARLh2hdP0fgU8rQ4zH6oNdlNgtTohU4
mTqRjal9rHCaEBpUaisybZIqUBkzbV6xOSEjBm8DvVEdPl7SNwRm8Ovi4rJH
25M/XTY6t+8zzqWGmSwupEqp8QY3vRjAu2BxZ3JclbYySwhxz9m89f2/aof/
J2uHP1otXKpjy6Uydgo5sLaVoMfrlbDvL+nz7uUVfrAqAUPnwbJ72qxeVLp+
bJmq2eiJjYHnLRfD0lWwAwPJ7RmW4MtFUfcD+Ke8JYrlWnG7Vq2K5lnv59nB
z9ZvlkozVE+JyzPb21tb1eLOdvVnSzPYDJZndGlmvHu8eJQTXzrlSrHanjxu
d8arSjMrijHjw+P98rW31w8+mTtReGJ781Z/x5OterVS+To5mT1ZJ4OdsWsd
b4+N08fmZFKeYfe7H1oXezvj00bx+lIaOyfB4rjZvdp+sEuGfzqWJ3vDeCn+
jbjiWsZPk+FkqXkWt0BbjwBDLX0gJdn0GR9I6S9+mu1Q6KVTHBh9qbs4AvEe
IxnQjp2sAwB1MMdhXOJIyHdi/7qQE6YYN1VhVlQ4SBzV1vdb+F7thtp/pZqh
yisrChg/AbyCdxhF6jwUIGf4fmX9Y2Rwd33JXHRme9PQWSQHPVT/hK4rSyGp
pTjVAUFvPJiXOPkK4USRE+hJsA9A3o7kJITAPZ3IwIhWlR3+XhFfnV55Laxn
LS5TAeRXvkM9VjIYYziE4SzpaJ0GnXpMRx/dofUC9L2sMPGhu3/h9z8Bfvc0
n4/olI5MNqDG1cekJI0GnuDVMldJitKqvixWN56gW7x8pwvXCofDl/iIdJ/9
KdmCwYcbKGSkN99lmPeI3JVOHGn8TMuMNUIYS4SLLfkgNPJ+GN6rkwG04sqr
lfXMbkl86aJbLZXvC0tgbqPdxcRRcaDc2m/Kp/Jsfms1OqaJPpJbG4FvrCXO
geeLlwzzR0x/7bdk3YiAMITX3r3oWHB3f2D6emUpNv1lDa1p2yEADwGcQh1s
XtDHdCU4XVBcTrEL/wt405vKNN6U/lF484/S+guA8D4cLjaMrVbrenQ0d88O
R+HR18FNwx/J6+be2fllBX71qsWn+k5wWj3caU8D7PNx76R+sXDOmnvXt/sn
R9U960Nvr7jvbc2+1tvOzeJ8/2z3LqiaG5eTTvW6KR+rG+fD4+PJoL09PL86
P6piI/5e+e7RKFcqj6E3Gsy9Xcfec8xoOm5XNzYalcPiZnDy0Bp7snd4bHc/
jM7M8ye3vCvD4WG34WweL7AR77z6aSd0z1rhfnXrrn5xO7/cDo7tsHQ9c7Zu
dzd2I/96a9hyN7pH83owuvjUrfeLT3eLrcm+Pd+qbrrYyL5xMq+2b493u8WD
O8e92uxtu8eRdRcenY8t63BrfLR5fTU2KnJWfDxvt6rj23HD6pSa8+JVvbEL
yEHD+VDZMA69y6ve8UbpeOt4IEd3/s1XOZrPKidtL9l7WsfKGVi9KW0qSDMn
0NaulzyYCrxWyU0Vw1/hsS8XSpaqbjGP0E3x2SpdSQEo9YLUks1SaYiKr68U
o/ACuk6y611VdcKXq2UJ5wL3hVygbuJ5NkdaQ3XK9vnN8qVvtJhab9exekGU
XC0tPb/Bq9/UMkZv76AWn/FJhSCqLDFDnWcpH0cqO8hsyFMLCrbMHsFiVO+t
WMpINalSWmLHKxZN4jWG+NMYL0ek76RGpV/L0+pafHCZD6FTqoLzgmfdkVkm
Je+EUPLXJXC5LI/LImO0HDq5kD4MgF/dGNK5dX0cW52841pFPnN6nuY1PqkO
zbbccDoY2Caf8ECB4k5iC9cH+RJrYPGNKDIgc1ILl+mT/vQiNn9o2I56gXKs
eD8PvAsmP6UzCK+1z9Uc5LH59GcYeJtz6r7wppE6uK8MAzfq2VaSg9gDyl9I
BOLFuLIDKjRXzKS6sXIiOzI/DfUc0L5DhG2u3cTfSYgpfKf7NqR6lVoiCwxz
HB8+YdayAc1RebdvuzxDfQOTKi8+F6VW/aOF+owEHq9F+Q/06eAjMHsvWIDk
I/71DSXFz73gIiUYn6X3LOldZ6GcGLizMVRPXPqULgg6nYVF2+UbGRNSuEMu
nukiPkNIx/k9BBKsBQ+mXD+CJDPzeIj71Pu0qSkuUxMzVBNjZiZmXW+Gf/Th
ITwPBxmhoK/TgOWF5pROxfPIi6qflmuTBDjsmW3hIXz6Pg7PfyzgeYQnbK5R
vvT3BJIPcMTfbkg+PhEXTHnFqm/D5MIcLJ247nu4BX/1txzE9ch21Fpw9riv
ja5rUm4deg4fL1AfAsgEmLjUig1PmXWl5Y/9RC//q5OiDp2ZViyO25WmFy4A
fydqeQJPV+jZlI92yOsapuHTVNLMka95Ie1KMUI+d7bPTLye2TqLZ1cmtmME
Dm2DTD6x8LqsRlrnit5n9+MuzUQqDcBTeDqc1btcW8JlleR1LCjAQxmKSgq9
qHfWV+wELAD4oJrT8qYgdlXGThlIAog0OemA8y7pmgoh79Xm4VgNiGuBwgHP
R2VjqZuzdrUlM7t3KOXf6yL5eknq8DUBl8uYQlrJKpR4jBt/fkI1z4ekYWpB
lR1tuzijywpRH4HJVK5jY1/nk9BqeHSPD/aq+5weIrKBzmO9Z9T0clrW4f2Z
p6RPLiIYYBhbpK5lA39yXUbm+3gPFLqTDPKMv3TykQGA9UgTwqckqTyptxYs
LVBhMAcocEMkZQWKWjLx+tTHa3jH6PPzqm8dpf2BYpyZFAWT0wzQ+wQtG+cV
l9eVD7Y9N9+RPmgtjviq/rpy3jLBNy0q+rva5aO//7C8HMtMIrCHQ7JVvsWv
6xkHQ+roeefP5NAA4i/geBpl6dsWQVZuIyMNfS3B5iP5/L0LXGELkrpxvOs3
lBHrAg+4L59+zeVO9EF0EsafBj7CWKzx+Iirpc+2GqAxaAq0lfkwwfqLryPQ
ZgY2BOw6BhD2IMBuP8onzL/L5/65MnO/fPs+paZsWpDhdwoMEqv3mOrQZ0go
8+btTn0gRLwOnIKp+MNI+CB+GIfK7poFrnMgTzQ9JSP7byLARA+3TgAA

-->

</rfc>
