From owner-freebsd-hubs@FreeBSD.ORG Wed Jun 25 01:10:23 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 13E5037B401 for ; Wed, 25 Jun 2003 01:10:23 -0700 (PDT) Received: from mailout.informatik.tu-muenchen.de (mailout.informatik.tu-muenchen.de [131.159.0.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B64A43FE0 for ; Wed, 25 Jun 2003 01:10:22 -0700 (PDT) (envelope-from langd@informatik.tu-muenchen.de) Date: Wed, 25 Jun 2003 10:10:18 +0200 From: Daniel Lang To: Ken Smith Message-ID: <20030625081018.GC3446@atrbg11.informatik.tu-muenchen.de> References: <20030624173337.GD11784@electra.cse.Buffalo.EDU> <7m7k7b564w.wl@black.imgsrc.co.jp> <20030625011941.GB26111@electra.cse.Buffalo.EDU> <20030625061059.GB3446@atrbg11.informatik.tu-muenchen.de> <20030625071704.GB1478@electra.cse.Buffalo.EDU> Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="3siQDZowHQqNOShm" Content-Disposition: inline In-Reply-To: <20030625071704.GB1478@electra.cse.Buffalo.EDU> X-Geek: GCS/CC d-- s: a- C++$ UBS++++$ P+++$ L- E-(---) W+++(--) N++ o K w--- O? M? V? PS+(++) PE--(+) Y+ PGP+ t++ 5+++ X R+(-) tv+ b+ DI++ D++ G++ e+++ h---(-) r++>+++ y+ User-Agent: Mutt/1.5.1i X-Virus-Scanned: by amavisd-new at informatik.tu-muenchen.de cc: freebsd-hubs@freebsd.org Subject: Re: DRAFT - DNS Admin Guide X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2003 08:10:23 -0000 --3siQDZowHQqNOShm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, Ken Smith wrote on Wed, Jun 25, 2003 at 03:17:05AM -0400: [..] > The proposal's suggestion for that was to "internalize" it inside of > dnsadm@ and they decide strictly based on the *DNS* mechanics of > things. Are the DNS servers overloaded? Are there so many requests > for that it would be convenient to have another set of hands > doing the edits for that? Would we like to have another DNS server > in but perhaps it is sufficient to make it a pure slave > server and still keep master info on the main master site > (thus nameservice queries in may flow better but updates > still happen centrally). Creation of the country code based subdomains > happen automatically and with no "special" authorization as a side-effect > of the Mirror Coordinator (or whatever, that's the question Jun raised) > saying there is a new mirror site in that country. Hmmm... good question. It would certainly simplify some things in some areas and I guess the load to administer the primary may be not that high (though probably it's hard to guess). The bigger problem could be, that it is done by delegation right now. > I think this is one of those things that need to be evaluated on > a cost/benefit basis. What is the benefit to allowing this sort > of delegation to begin with? I'm not completely sure what the answer > is to that - I'm sure I only have a partial picture of it. I have > seen the cost though - it seems to confuse a lot of people and they're > not sure where to ask for stuff. > The current layout seems to be that a "Region" as much as possible is > left to decide issues like how many FTP mirror sites to have, etc. on > their own. That's a really good thing as long as the Regions are well > defined, those Regions have a strong leadership within themselves, etc. I think the "region" _is_ well defined. The region a server is in, is the ccTLD assigned to the country, the server is located in. Fullstop. (This definition is probably what we want, it makes no assumption about the TLD (cc or not) the official hostname of the server contains. Thus for example, making ftp.leo.org a server in the "de" region, regardless of the .org TLD). The well definition of a region is important, since the region is used by users to select a mirror, that is "close" to the client system. IIRC this works reasonably well. Strong leadership is a different issue... > But I'm not sure it's working. Working with an example at hand, we > have a site in Croatia that has been given access to ftp-master and > is ready to join in as ftp.il.freebsd.org. But il.freebsd.org doesn't > exist. It needs to be handled centrally but who is that? The folks Hmm strange, I thought Croatia has '.hr' and '.il' is Israel? Is it really the case, that the croatian server wants to join=20 the "il" region? This seems to be a very strange edge case... Assuming .hr is the croatian ccTLD and the croatian server wants to be in the hr.freebsd.org domain, but it does not exist, yet, I would assume the mirror admin, who actually happens to be the first to establish an official mirror in croatia could get approval from the Mirror-Coordinator, which can act as enough authorization for dnsadm@ to delegate the domain to him/her. Provided he/she can administer the zone. If the subdomain does not exist, but the mirror admin in Croatia can not administer the zone, I would say, it's bad luck. > doing us.freebsd.org by default? Someone needs to realize that they > are the coordinator for anything that doesn't have its own strong > Regional leadership. Things fall through cracks. And, as the delegation IMHO a good solution, to have such a fallback. > changes, all of that becomes a moving target for the people who are > trying to administer the WWW sites for example (now suddenly a new > Region popped up so person X doesn't need to worry about requests > from that region any more, it's person Y). And as you say, what happens Such changes will not happen very frequent, I guess. > if there is a LOT of interest in Croatia for FTP mirror service and > they want to administer that locally but they have zero interest in > CVSup? Then, there will be no cvsup.hr.freebsd.org. If there is actually a cvsup mirror in Croatia but maintained by other people, those who have taken responsibilty for their zone, will have to add an entry for this server, if it is requested. If no one has it, it goes to the fallback maintainers, as before. I don't see the issue here. hostmaster@hr.freebsd.org is a different role than admin at ftp.hr.freebsd.org. It can be assumed by the same people, but the matters need to be handled differently. For certain it would not be acceptable to delegate the hr.freebsd.org subdomain to people, who are not willing to make "cvsup" entries into the zone, just because they run an ftp server and are not interested in cvsup. > All of this is something you need to live with in a truly large > organization. But is the DNS administration such a heavy load that > it can't be handled by a relatively small number of people? I can't > answer that, it's an open question. If it isn't a very heavy load > "end-user frustration" can be avoided by a one-stop-shopping low overhead > setup as I proposed. If it is a heavy load then what I proposed is > inadequate. :-) Don't forget the obstacles you have to cope with, if you want to change the running system. I can imagine people feel stepped on their toes, if you want to take away the responsibility they currenty have. Of course this should not be an issue, if there are good reasons to change, but it should be considered. Best regards, Daniel --=20 IRCnet: Mr-Spock - "Do you love yourself ?" - "Yes!" (Isar 12) - =20 Daniel Lang * dl@leo.org * +49 89 289 18532 * http://www.leo.org/~dl/ --3siQDZowHQqNOShm Content-Type: application/x-pkcs7-signature Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIIXgAYJKoZIhvcNAQcCoIIXcTCCF20CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC FUAwggbMMIIFtKADAgECAgIVezANBgkqhkiG9w0BAQUFADCBpjELMAkGA1UEBhMCREUxETAP BgNVBAcTCE11ZW5jaGVuMSkwJwYDVQQKEyBUZWNobmlzY2hlIFVuaXZlcnNpdGFldCBNdWVu Y2hlbjEiMCAGA1UECxMZRmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRpazEYMBYGA1UEAxMPUkJH LUJlbnV0emVyLUNBMRswGQYJKoZIhvcNAQkBFgxjYUBpbi50dW0uZGUwHhcNMDMwNTIwMTIz MTQyWhcNMDQwNTIxMDAwMDAwWjCBqzELMAkGA1UEBhMCREUxETAPBgNVBAcTCE11ZW5jaGVu MSkwJwYDVQQKEyBUZWNobmlzY2hlIFVuaXZlcnNpdGFldCBNdWVuY2hlbjEiMCAGA1UECxMZ RmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRpazEUMBIGA1UEAxMLRGFuaWVsIExhbmcxJDAiBgkq hkiG9w0BCQEWFWRhbmllbC5sYW5nQGluLnR1bS5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw gYkCgYEAk55VXazdhYUuEJAHmO439gJwKVfvcdF64VyP8tzhYwiIx/9FOsQj8r8Gw2g0MDCa X2mCNiSKz32sUI33SQFhBhwxoF6bpq7d6pfeJ7UL+2T/bkRVF/Y7zPuMMK/wMbiEwyfvdjxk 8XsVtpj500LjW7QYdAHlijHRAY2nFk4f8bcCAwEAAaOCA38wggN7MAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFPMLcu3eegcL6m8ObwlveYDdoYOpMIHKBgNVHSMEgcIwgb+AFK81Ou8wbY/H n0tx1dgCig9IKGPUoYGjpIGgMIGdMQswCQYDVQQGEwJERTERMA8GA1UEBxMITXVlbmNoZW4x KTAnBgNVBAoTIFRlY2huaXNjaGUgVW5pdmVyc2l0YWV0IE11ZW5jaGVuMSIwIAYDVQQLExlG YWt1bHRhZXQgZnVlciBJbmZvcm1hdGlrMQ8wDQYDVQQDEwZSQkctQ0ExGzAZBgkqhkiG9w0B CQEWDGNhQGluLnR1bS5kZYIBAjAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUH AwIGCCsGAQUFBwMEMIGxBgNVHREEgakwgaaBD2xhbmdkQGluLnR1bS5kZYEVZGFuaWVsLmxh bmdAaW4udHVtLmRlgR9sYW5nZEBpbmZvcm1hdGlrLnR1LW11ZW5jaGVuLmRlgSVkYW5pZWwu bGFuZ0BpbmZvcm1hdGlrLnR1LW11ZW5jaGVuLmRlgRBsYW5nZEBjcy50dW0uZWR1gRZkYW5p ZWwubGFuZ0Bjcy50dW0uZWR1gQpkbEBsZW8ub3JnMAkGA1UdEgQCMAAwOAYDVR0fBDEwLzAt oCugKYYnaHR0cDovL2NhLmluLnR1bS5kZS9jcmxzL3VzZXJjYV9jcmwuY3JsMBEGCWCGSAGG +EIBAQQEAwIFoDCBnwYJYIZIAYb4QgENBIGRFoGORGllc2VzIFplcnRpZmlrYXQgd3VyZGUg YXVzZ2VzdGVsbHQgZnVlciBEYW5pZWwgTGFuZyB2b24gZGVyIFJCRy1CZW51dHplci1DQSwg RmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRpayBkZXIgVGVjaG5pc2NoZW4gVW5pdmVyc2l0YWV0 IE11ZW5jaGVuLjA2BglghkgBhvhCAQMEKRYnaHR0cDovL2NhLmluLnR1bS5kZS9jZ2ktYmlu L3VzZXJjYS1yZXY/MDIGCWCGSAGG+EIBBAQlFiNodHRwOi8vY2EuaW4udHVtLmRlL2NnaS1i aW4vY2EtcmV2PzA2BglghkgBhvhCAQgEKRYnaHR0cDovL2NhLmluLnR1bS5kZS9wb2xpY2ll cy9yYmdjYS5odG1sMA0GCSqGSIb3DQEBBQUAA4IBAQAGrfB5rH9D6jl6Tx+hwXpv0a/TuV39 vIQWMCA1hi0V4pI+bMyGTW1k/Ve5C58wRZv7CSTnxTGoqZmqnV37GGQlZBmvsDE+u3FKL/T7 Tk/rlVajExCXGHwjgHp2FfCaVMawKSUrI60aDcUgLUtT2DKpEfKfr/MC7CDtCaYy6TW93cHc uv2oM+1PN+CIcR5PaqEySmeYoXBMXd6sktjyNUWLxsNhtFMVnOiwF3SZYbRbRobuEWM3o+W7 nijECUIKz8rvK3f/c8v9HlVitMbeaTs4J1nZUR9lsvGLik6vsfIgbmuP6MMkrKFYwq5XTR1x JtMcmvnqcWytpYFDVPGuGaj1MIIHKDCCBRCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTEL MAkGA1UEBhMCREUxETAPBgNVBAcTCE11ZW5jaGVuMSkwJwYDVQQKEyBUZWNobmlzY2hlIFVu aXZlcnNpdGFldCBNdWVuY2hlbjEiMCAGA1UECxMZRmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRp azEPMA0GA1UEAxMGUkJHLUNBMRswGQYJKoZIhvcNAQkBFgxjYUBpbi50dW0uZGUwHhcNMDIx MDA5MTY0MTAzWhcNMDQwNTIxMDAwMDAwWjCBpDELMAkGA1UEBhMCREUxETAPBgNVBAcTCE11 ZW5jaGVuMSkwJwYDVQQKEyBUZWNobmlzY2hlIFVuaXZlcnNpdGFldCBNdWVuY2hlbjEiMCAG A1UECxMZRmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRpazEWMBQGA1UEAxMNUkJHLVNlcnZlci1D QTEbMBkGCSqGSIb3DQEJARYMY2FAaW4udHVtLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAzAHBIFy4tKTvbMMg037hc9t2jR5MVpEUIPvrSWC4xpbr6Hw7abQW/lRfFpV8 enf9tSgfcl8kvGjAAD8AYeuDash6TQSUjBdZCe7V297oZ0dsuurZBkM5BwvLWF8vMiY+SD/+ XTqhnU6B/E9C+R5VXjXsXV2u9hDtKVC5hqVgnxRM5rT/LsUhcchgAXk2WuI8r9Llb+voPWwM FmHk2jxUwhvxZfGo15HDrvJUgzYsL36SmeYMI9Eo70uGmAQRPVVq2zn/3AC4z8X1cBd3ItnH YPbx0iUH5kEGq2KH5iCndwNq9oaFhKj+Y34wEv5BYl6sb5C9EBvtGyebNwuvmtC3tQIDAQAB o4ICaDCCAmQwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUH9QPe0VQVF1D2v8Su/itK/4O QMwwgcoGA1UdIwSBwjCBv4AU2WV+TUF/hD+1KtZ7E519yuW0XRqhgaOkgaAwgZ0xCzAJBgNV BAYTAkRFMREwDwYDVQQHEwhNdWVuY2hlbjEpMCcGA1UEChMgVGVjaG5pc2NoZSBVbml2ZXJz aXRhZXQgTXVlbmNoZW4xIjAgBgNVBAsTGUZha3VsdGFldCBmdWVyIEluZm9ybWF0aWsxDzAN BgNVBAMTBlJCRy1DQTEbMBkGCSqGSIb3DQEJARYMY2FAaW4udHVtLmRlggEAMA4GA1UdDwEB /wQEAwIBBjATBgNVHSUEDDAKBggrBgEFBQcDATA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8v Y2EuaW4udHVtLmRlL2NybHMvY2FfY3JsLmNybDARBglghkgBhvhCAQEEBAMCAgQwgYQGCWCG SAGG+EIBDQR3FnVaZXJ0aWZpa2F0IGZ1ZXIgUkJHLVNlcnZlci1DQSBhdXNnZXN0ZWxsdCB2 b24gUkJHLUNBLCBGYWt1bHRhZXQgZnVlciBJbmZvcm1hdGlrIGRlciBUZWNobmlzY2hlbiBV bml2ZXJzaXRhZXQgTXVlbmNoZW4wMgYJYIZIAYb4QgEEBCUWI2h0dHA6Ly9jYS5pbi50dW0u ZGUvY2dpLWJpbi9jYS1yZXY/MDwGCWCGSAGG+EIBCAQvFi1odHRwOi8vY2EuaW4udHVtLmRl L3BvbGljaWVzL3NlcnZlcmNhcG9sLmh0bWwwDQYJKoZIhvcNAQEFBQADggIBAMzKnULQb6Kd hPNmKKmPSJJUOtbHxGH7Qi8paskt7dzDja/X7wz3524LGN2f05c1uAfyAP9Ar0nFthWy0qeM ueOtrOcSCj8AYwYN5H4drMC8GglQwlkD0M/nhPJ5xtAj8JzNYHzG1DK5tVgoJnF+t4KmTpI6 QJ6Dh3XDoZXubWd0jkHxQIzOKhs9PPjEzydmerC7B3Zt8vh7457Sk6wwZFhXc+nkeIIplnlD sBioOSyF7hZOwx4I2Auxss1zsyUQHCX88sOuZC0kYB7yRd1TMRti8josznux8k13sZBezFMP S2yCuKRBEk5Nt57OyGbIF4O7Mhn01mTnol2BDpTKJek45bIpRvSLl/xRPpjnzxLO1rXtXgCs GtkmXj+Zwo5fnL6OvZIiFgMV4ASsFclZexceHxDjpia1IHSFB/4I5fAys8Bw03idI+rfsla1 mW0AJuw260QgoBz+b+LKGosJdNosMfOJmNl0vW3Kq6NfYpZLkG0YJF9Xo6vsATFk9kNq56ye ila80uE2wDO/BGAcBMWQ4uwfrWqVPoW5X/oHcPISApnCBeZ+LyWvnTkgxCUeyqyxNOvaA/j7 jUoBb9l+GWup8EGND16mR/wYWAxYLgis1pn5QmSTbbKSWKcqDo6HBo1Zx9XRf76CZc7RJRp9 EXqYrkmlL9eg7qcnnS1rJbqxMIIHQDCCBSigAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBnTEL MAkGA1UEBhMCREUxETAPBgNVBAcTCE11ZW5jaGVuMSkwJwYDVQQKEyBUZWNobmlzY2hlIFVu aXZlcnNpdGFldCBNdWVuY2hlbjEiMCAGA1UECxMZRmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRp azEPMA0GA1UEAxMGUkJHLUNBMRswGQYJKoZIhvcNAQkBFgxjYUBpbi50dW0uZGUwHhcNMDIx MDA5MTcwMzUyWhcNMDQwNTIxMDAwMDAwWjCBpjELMAkGA1UEBhMCREUxETAPBgNVBAcTCE11 ZW5jaGVuMSkwJwYDVQQKEyBUZWNobmlzY2hlIFVuaXZlcnNpdGFldCBNdWVuY2hlbjEiMCAG A1UECxMZRmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRpazEYMBYGA1UEAxMPUkJHLUJlbnV0emVy LUNBMRswGQYJKoZIhvcNAQkBFgxjYUBpbi50dW0uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtYQ5ycRY6fyrlvJgpeQCNhPxQduU59Kpv6xWId9sHL8NyI7nlmlWzMroD ddIqeg7QvvtPS+xorbQJ9rxh94lXZtwlGPYg4LC/1PHGnDt+8RGiq8GLbHyeJZoQnEGSovyn uR4wZ9qnApFRsXcUZ5W/CSSwjKnQeN39oFj8EC4xtmUuudV65sxGuGToRVoSnjeULJKYBNnC RxVx2MU5exKGQAuvgaVd7Ozb7ziZyWxhVCNrUQOGrSKDgyKLguWTNnD7sSOiOpie3IX8H2DV DvbcKcmMQr8ojwWutNDPadOth+J6qd/modqxB1VbH8wu0lezbhPM5dh7yUFCEqZoXXh9AgMB AAGjggJ+MIICejAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSvNTrvMG2Px59LcdXYAooP SChj1DCBygYDVR0jBIHCMIG/gBTZZX5NQX+EP7Uq1nsTnX3K5bRdGqGBo6SBoDCBnTELMAkG A1UEBhMCREUxETAPBgNVBAcTCE11ZW5jaGVuMSkwJwYDVQQKEyBUZWNobmlzY2hlIFVuaXZl cnNpdGFldCBNdWVuY2hlbjEiMCAGA1UECxMZRmFrdWx0YWV0IGZ1ZXIgSW5mb3JtYXRpazEP MA0GA1UEAxMGUkJHLUNBMRswGQYJKoZIhvcNAQkBFgxjYUBpbi50dW0uZGWCAQAwDgYDVR0P AQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA0BgNVHR8ELTArMCmg J6AlhiNodHRwOi8vY2EuaW4udHVtLmRlL2NybHMvY2FfY3JsLmNybDAJBgNVHRIEAjAAMBEG CWCGSAGG+EIBAQQEAwIBBjCBhwYJYIZIAYb4QgENBHoWeFplcnRpZmlrYXQgZnVlciBSQkct QmVudXR6ZXItQ0EsIGF1c2dlc3RlbGx0IHZvbiBSQkctQ0EsIEZha3VsdGFldCBmdWVyIElu Zm9ybWF0aWsgZGVyIFRlY2huaXNjaGVuIFVuaXZlcnNpdGFldCBNdWVuY2hlbjAyBglghkgB hvhCAQQEJRYjaHR0cDovL2NhLmluLnR1bS5kZS9jZ2ktYmluL2NhLXJldj8wOgYJYIZIAYb4 QgEIBC0WK2h0dHA6Ly9jYS5pbi50dW0uZGUvcG9saWNpZXMvdXNlcmNhcG9sLmh0bWwwDQYJ KoZIhvcNAQEFBQADggIBAJapnE3b+p2nrryUkfTEl5iKTl7o8hLrB4FbLZsdBs16pIb0fIIq yGR0wlv0Qq5OLHm1hQzGkfhqEb2O+oBQJgaykxAB+6rKKOJdL12LSQrYXbDV8t/isyurwkFi fmcWDxVF4reDcz8F61KrVz46k2KtdY39CcuW+x1xQZRgier+jdBLLsbkM21XkufUrwnnO5Vr j0cD48XmcsVuWF0EkGo49jPHk8LG2cMyhQR/ZT4f1kegi9WmoV4NjKJnEU2QaTfbLUb2i509 RYf31oDnhq6oO1wCcRvVeDfyx5aj0y68sL1ySNmTQEELOmOFPqmVqa9BAR4wzuTXJi9UvOwF tQMsKq9AX4cFegDl4D4E5QQ7JladBMvJ0VALdGSGlGHARQGvO8SvapsOTVPC5n+UD6jwhTw0 pCPSypzIIrpT9vjxD7bDvudOfKguVRuX8poWID7yXcB0ApHdoNIMrGJx1Tc6SN6rGKWYre+W y/AsqMNNmR+YrJn/UOs6lKX9TtaHOFbxNPwo7RgdRg/srESEtIQ5IKkPA0Vt9Eh5H3VWBhrU b1gmvyNTwJFRqYmFhr7jFFdgnX3Jsbw81jl1z4jLdeeslLxs8vmnwQvWRz3BEPo+g0mrIuYt QjSdgGF8xHgyeRxfa8o3P/rncBysyNYe/AdWd6UGPmompEBZuFzSN+G8MYICCDCCAgQCAQEw ga0wgaYxCzAJBgNVBAYTAkRFMREwDwYDVQQHEwhNdWVuY2hlbjEpMCcGA1UEChMgVGVjaG5p c2NoZSBVbml2ZXJzaXRhZXQgTXVlbmNoZW4xIjAgBgNVBAsTGUZha3VsdGFldCBmdWVyIElu Zm9ybWF0aWsxGDAWBgNVBAMTD1JCRy1CZW51dHplci1DQTEbMBkGCSqGSIb3DQEJARYMY2FA aW4udHVtLmRlAgIVezAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEw HAYJKoZIhvcNAQkFMQ8XDTAzMDYyNTA4MTAxOFowIwYJKoZIhvcNAQkEMRYEFGw3Wudpl1cn Ms6zkorPgKml0WHoMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwIC AgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEB AQUABIGAMyT7z436iEsaOoVNETquCq8Y13vXPouccvfPAvx86otcBMS978GwpStet+6y1HXy qfk6iK6Em6hzt/as3HnPqRVTzMOTUnjM/+FSzwzsa4+K/1zLhiQ1A2AzWaiVwU3j1zmugUXB kEXuQQq2zIpaI+cd1eQnYQSen4L4N6yz22E= --3siQDZowHQqNOShm--