<?xml version="1.0" encoding="UTF-8"?>
  <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
  <!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.2.3) -->


<!DOCTYPE rfc  [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">

]>


<rfc ipr="trust200902" docName="draft-sabey-succession-receipts-00" category="info" submissionType="independent" tocInclude="true" sortRefs="true" symRefs="true">
  <front>
    <title abbrev="Succession Receipts">Succession Receipts: Portable Signed Evidence of Authority Succession Between Autonomous Agents</title>

    <author initials="J." surname="Sabey" fullname="Jaryn Mervin Sabey">
      <organization>Continuity Laboratories</organization>
      <address>
        <email>hello@continuitylaboratories.com</email>
      </address>
    </author>

    <date year="2026" month="July" day="18"/>

    <area>Security</area>
    <workgroup>Individual Submission</workgroup>
    <keyword>authority succession</keyword> <keyword>signed receipts</keyword> <keyword>AI agents</keyword> <keyword>offline verification</keyword> <keyword>Ed25519</keyword> <keyword>JSON canonicalization</keyword>

    <abstract>


<?line 58?>

<t>Autonomous agents are upgraded, replaced, suspended, and restored while
holding real operational authority. A Succession Receipt is a portable,
signed JSON document that proves one completed, policy-gated transfer of
authority between two agents: which agent held the authority, which agent
holds it now, under what legitimacy determination the transfer ran, and
which obligations carried forward, with every claim grounded in signed
evidence events embedded in the receipt itself. Receipts are verifiable
offline by parties who do not operate the issuing system, using only the
issuer's public key. This document specifies the receipt wire format, its
canonicalization and signature scheme (JSON Canonicalization Scheme with
Ed25519), and the verification algorithm, including bidirectional claim
grounding. Where decision receipts prove what an agent did, and delegation
receipts prove what an agent may do, Succession Receipts prove that an
agent legitimately became the holder of an authority.</t>



    </abstract>



  </front>

  <middle>


<?line 75?>

<section anchor="introduction"><name>Introduction</name>

<t>Deployed autonomous agents hold credentials, approve transactions, and act
under delegated authority. When such an agent is upgraded, replaced,
suspended, or restored, its successor inherits real power. Existing
identity and authorization infrastructure answers "who is the successor?"
and "may this request proceed?"; it does not produce portable evidence
that authority, obligations, and accountability were legitimately carried
from predecessor to successor.</t>

<t>A <strong>Succession Receipt</strong> closes that gap. It is a self-contained JSON
document, issued by the system of record that governed the transfer,
carrying:</t>

<t><list style="symbols">
  <t>the parties (predecessor and successor agents, called <em>stewards</em>);</t>
  <t>the authorities revoked from the predecessor and derived for the
successor, with their recorded bases;</t>
  <t>the legitimacy evaluation the transfer was approved under;</t>
  <t>the obligation and commitment lineage carried forward; and</t>
  <t>the <strong>evidence</strong>: the signed, hash-chained events the issuing system
recorded, embedded verbatim, so that every claim above is checkable
against them.</t>
</list></t>

<t>A relying party — an auditor, a counterparty, a regulator — verifies a
receipt <strong>offline</strong> with only the issuer's Ed25519 public key: no API
call, no access to the issuing system, no trust in its operator's
infrastructure. Verification recomputes every hash from the document's
own bytes and enforces claim grounding in both directions (<xref target="verification"/>),
so a receipt can neither invent nor conceal an effect of the transfer.</t>

<t>This document is companion to adjacent work on signed agent evidence:
decision receipts <xref target="I-D.farley-acta-signed-receipts"/> attest individual
machine-to-machine authorization decisions, and delegation receipts
<xref target="I-D.nelson-agent-delegation-receipts"/> attest grants of permission to
act. Per-hop delegation-chain identity, as in PEDIGREE
<xref target="I-D.rampalli-pedigree"/>, attests how authority <em>flows downward</em> through
live delegation from a root; Succession Receipts attest a different event
class again — the <em>transfer of the authority of record itself</em> between
agent generations, with obligation lineage — and are complementary to all
three. The formats share primitives (Ed25519 <xref target="RFC8032"/>, JSON
Canonicalization Scheme <xref target="RFC8785"/>) deliberately.</t>

<t>The wire format specified here is implemented and published with a
machine-readable conformance corpus (golden vectors plus tamper cases that
MUST fail at named checks) <xref target="SR-REPO"/>, against which independent verifier
implementations can validate; the format steward additionally maintains a
reference verifier, including a no-install in-browser verifier. The same
repository publishes companion evidence formats under the same corpus
discipline — ledger exports, capability credentials, external anchoring
checkpoints, a refusal-transparency digest attesting transitions an
agent system refused to perform, and selective-disclosure projections of
the receipts specified here (partial views that verify against the one
issuer signature) — which are outside the scope of this document.</t>

</section>
<section anchor="conventions-and-definitions"><name>Conventions and Definitions</name>

<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP 14
<xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals,
as shown here.</t>

<dl>
  <dt>Steward:</dt>
  <dd>
    <t>An agent (or agent generation) that can hold authority and carry
obligations in the issuing system's registry.</t>
  </dd>
  <dt>Succession:</dt>
  <dd>
    <t>The governed process by which authority of record transfers from a
predecessor steward to a successor steward. Only <em>completed</em> successions
yield receipts.</t>
  </dd>
  <dt>Issuer:</dt>
  <dd>
    <t>The system of record that governed the succession, recorded its events,
and signs the receipt.</t>
  </dd>
  <dt>Relying party:</dt>
  <dd>
    <t>Any holder of the receipt verifying it against the issuer's public keys.</t>
  </dd>
  <dt>Evidence event:</dt>
  <dd>
    <t>One event envelope from the issuer's append-only ledger, embedded
verbatim in the receipt.</t>
  </dd>
</dl>

</section>
<section anchor="document"><name>The Receipt Document</name>

<t>A Succession Receipt is a UTF-8 JSON <xref target="RFC8259"/> object shaped after the
W3C Verifiable Credentials data model <xref target="VC-DATA-MODEL"/> as plain JSON:
the <spanx style="verb">@context</spanx> member is carried for interoperability, and JSON-LD
processing is NOT REQUIRED. The complete normative member catalog, with
types and constraints, is the AHR specification <xref target="SR-AHR"/>, which publishes
version 0.1 (frozen) and version 0.2 (current); this section summarizes the
structure a verifier depends on and shows a version 0.2 receipt.</t>

<figure><artwork><![CDATA[
{
  "@context":     ["https://www.w3.org/ns/credentials/v2",
                   "urn:css:ahr:v0.2"],
  "type":         ["VerifiableCredential", "AuthorityHandoffReceipt"],
  "spec_version": "0.2",
  "issuer":       { "id": "urn:css:registry" },
  "validFrom":    "2026-07-04T12:00:14Z",
  "credentialSubject": {
    "id":            "urn:uuid:<succession_id>",
    "succession_id": "<uuid>",
    "predecessor":   { "steward_id": "<uuid>",
                       "revoked_authorities": [ ... ],
                       "replaced": true },
    "successor":     { "steward_id": "<uuid>",
                       "authority_id": "<uuid>",
                       "authority_scope": "...",
                       "accountability_chain_id": "<uuid>",
                       "authority_status": "granted" | "active" },
    "legitimacy":    { "legitimacy_id": "<uuid>" },
    "constitution":  { "genesis_event_hash": "<hex>",
                       "amendments_ratified": <count>,
                       "amendment_head_hash": "<hex>" },
    "ledger_binding": { "height": <int>,
                        "event_hash": "<hex>" },
    "obligations_carried": [ "<uuid>", ... ],
    "commitments_carried": [ "<uuid>", ... ]
  },
  "evidence": [ <event envelope>, ... ],
  "proof": {
    "type":                "CSSEd25519Signature",
    "created":             "<RFC 3339 timestamp>",
    "verification_method": "<key_id>",
    "receipt_hash":        "<hex SHA-256 of the canonical bytes>",
    "signature":           "ed25519:<key_id>:<base64url(signature)>"
  }
}
]]></artwork></figure>

<t>The <spanx style="verb">constitution</spanx> and <spanx style="verb">ledger_binding</spanx> members are <strong>REQUIRED at version
0.2 and absent at version 0.1</strong>. <spanx style="verb">constitution</spanx> records the constitutional
lineage the transfer ran under: <spanx style="verb">genesis_event_hash</spanx> (the hash of the
genesis event that roots the lineage), <spanx style="verb">amendments_ratified</spanx> (the count of
ratified amendments in force at completion), and <spanx style="verb">amendment_head_hash</spanx> (the
hash of the latest such amendment, omitted when the count is zero).
<spanx style="verb">ledger_binding</spanx> records the receipt's evidence horizon: <spanx style="verb">height</spanx> (the
1-based position of the receipt's final evidence event in the issuer's
ordered event stream) and <spanx style="verb">event_hash</spanx> (that event's hash). Both are
grounded in the embedded evidence (<xref target="verification"/>), so a verifier
recomputes them from the receipt alone. A version 0.1 receipt names
<spanx style="verb">urn:css:ahr:v0.1</spanx> in <spanx style="verb">@context</spanx>, sets <spanx style="verb">spec_version</spanx> to <spanx style="verb">0.1</spanx>, and omits
both members; a conforming verifier accepts either version.</t>

<t>Each evidence event envelope carries <spanx style="verb">event_id</spanx>, <spanx style="verb">event_type</spanx>,
<spanx style="verb">aggregate_type</spanx>, <spanx style="verb">aggregate_id</spanx>, optional <spanx style="verb">causation_id</spanx> /
<spanx style="verb">correlation_id</spanx> / <spanx style="verb">previous_event_id</spanx> / <spanx style="verb">actor_id</spanx>, <spanx style="verb">timestamp</spanx>
(<xref target="RFC3339"/>), <spanx style="verb">event_version</spanx>, <spanx style="verb">payload</spanx>, <spanx style="verb">event_hash</spanx>, and an optional
<spanx style="verb">signature</spanx>. Envelopes are embedded exactly as recorded — stored bytes,
not re-derived ones.</t>

</section>
<section anchor="canonical"><name>Canonicalization and Signatures</name>

<section anchor="canonical-form"><name>Canonical Form</name>

<t>The <strong>canonical bytes</strong> of a receipt are its JSON serialization with the
<spanx style="verb">proof</spanx> member absent, object member names sorted lexicographically, no
insignificant whitespace, and no HTML escaping. For the receipt's value
domain (strings, integers, arrays, objects; no floating-point numbers)
this coincides with the JSON Canonicalization Scheme <xref target="RFC8785"/>.</t>

</section>
<section anchor="hash-then-sign"><name>Hash-Then-Sign</name>

<t>The proof signs the lowercase hexadecimal SHA-256 digest of the canonical
bytes (the digest <em>string</em> is the signed message). <spanx style="verb">receipt_hash</spanx> records
that digest; <spanx style="verb">signature</spanx> is the canonical signature string:</t>

<figure><artwork><![CDATA[
<alg> ":" <key_id> ":" base64url(signature-bytes)
]]></artwork></figure>

<t><spanx style="verb">ed25519</spanx> (<xref target="RFC8032"/>, deterministic signatures) is the sole algorithm
registered at spec versions 0.1 and 0.2. <spanx style="verb">key_id</spanx> is an issuer-managed
label, deliberately NOT derived from the key: a verifier holds a map from
<spanx style="verb">key_id</spanx> to public key, so key rotation adds a mapping without invalidating
already-issued receipts. An unrecognized <spanx style="verb">&lt;alg&gt;</spanx> prefix MUST be rejected;
new algorithms (including post-quantum schemes) are additive prefixes
registered by a new spec version, never a mutation of an existing one.</t>

</section>
<section anchor="event-hash"><name>Evidence Event Integrity</name>

<t>Every evidence event's <spanx style="verb">event_hash</spanx> is the lowercase hexadecimal SHA-256
of the concatenation of: <spanx style="verb">event_id</spanx>, <spanx style="verb">event_type</spanx>, <spanx style="verb">aggregate_type</spanx>,
<spanx style="verb">aggregate_id</spanx>, the timestamp in UTC <xref target="RFC3339"/> with trailing
fractional-second zeros omitted, the decimal <spanx style="verb">event_version</spanx>, the
payload's JSON serialization in document member order (the producer's
serialization order, preserved by the receipt), and <spanx style="verb">previous_event_id</spanx>
(empty string when absent). An event's optional <spanx style="verb">signature</spanx> is the
canonical signature string over its <spanx style="verb">event_hash</spanx>.</t>

</section>
</section>
<section anchor="verification"><name>Verification</name>

<t>A verifier is given the receipt document and the issuer's public keys,
pinned out of band. Verification MUST perform, in order:</t>

<t><list style="numbers" type="1">
  <t><strong>Proof.</strong> Recompute the canonical hash (<xref target="canonical"/>) from the
document. It MUST equal <spanx style="verb">proof.receipt_hash</spanx>, and <spanx style="verb">proof.signature</spanx>
MUST verify against it under the key named by its <spanx style="verb">key_id</spanx>. A missing
proof, an unknown <spanx style="verb">key_id</spanx>, a hash mismatch, or a failed signature
check is fatal. Verifying against the <em>recomputed</em> hash ensures any
content tampering — including of <spanx style="verb">receipt_hash</spanx> itself — fails here.</t>
  <t><strong>Evidence integrity.</strong> Every evidence event's hash MUST recompute to
its stored <spanx style="verb">event_hash</spanx> per <xref target="event-hash"/>.</t>
  <t><strong>Evidence authenticity.</strong> Every <em>present</em> evidence signature MUST
verify. An absent signature is reported, not fatal (deployments that
sign no events still produce receipts whose proof covers the evidence
bytes); a present-but-invalid signature is fatal.</t>
  <t><strong>Claim grounding, both directions.</strong> Every <spanx style="verb">credentialSubject</spanx> claim
MUST be supported by a matching evidence event: the completion event
anchors <spanx style="verb">succession_id</spanx> and <spanx style="verb">validFrom</spanx>; the proposal names both
parties; the approval names the legitimacy evaluation; the successor's
authority grant matches steward, scope, and accountability chain and is
correlated with the completion; a claimed <spanx style="verb">replaced</spanx> predecessor has
its replacement event; every claimed revocation has its revocation
event with the claimed basis. Conversely, every lineage effect in
evidence MUST be declared by the claims: an inherited obligation or
commitment absent from the carried lists, or a revocation absent from
<spanx style="verb">revoked_authorities</spanx>, is fatal. A receipt can therefore neither
invent nor conceal an effect of the transfer.  <vspace blankLines='1'/>
For version 0.2 receipts, two further claims are grounded.
<spanx style="verb">constitution</spanx> MUST be supported by exactly one <spanx style="verb">GenesisInitialized</spanx>
event in the evidence whose hash equals <spanx style="verb">genesis_event_hash</spanx>; when
<spanx style="verb">amendments_ratified</spanx> is greater than zero, <spanx style="verb">amendment_head_hash</spanx> MUST
equal the hash of the latest <spanx style="verb">AmendmentRatified</spanx> event in evidence and
the count MUST match. <spanx style="verb">ledger_binding.event_hash</spanx> MUST equal the hash
of the receipt's final evidence event, and <spanx style="verb">height</spanx> states that event's
position in the issuer's ordered stream; against a ledger export or an
anchored checkpoint <xref target="SR-REPO"/> a relying party can additionally confirm
that no event at or below <spanx style="verb">height</spanx> was omitted — a completeness
cross-check a single receipt cannot provide alone.</t>
</list></t>

<t>A conforming verifier MUST accept every golden vector and MUST reject
every tamper case of the published conformance corpus <xref target="SR-CORPUS"/> at
the named check.</t>

</section>
<section anchor="versioning-and-stability"><name>Versioning and Stability</name>

<t><spanx style="verb">spec_version</spanx> identifies the wire format. Published versions are never
mutated: format changes only ever add a new version with new golden
vectors, and verifiers SHOULD continue to verify every published version.
Versions 0.1 (frozen) and 0.2 (current) are drafts on a stated stability
ladder toward a stable 1.0 <xref target="SR-AHR"/>; 0.2 adds the <spanx style="verb">constitution</spanx> and
<spanx style="verb">ledger_binding</spanx> claims additively, and a conforming verifier accepts both
versions.</t>

</section>
<section anchor="security-considerations"><name>Security Considerations</name>

<t><strong>A receipt proves what the issuer recorded, not that the issuer is
honest.</strong> The verification algorithm is designed so that a lying issuer
gains the least possible ground: re-signing altered content with an
untrusted key fails at the proof; altering embedded evidence while
re-signing with a <em>trusted</em> key (the compromised-key case) fails at
evidence integrity; hiding or inventing lineage fails at claim grounding.
The conformance corpus <xref target="SR-CORPUS"/> encodes these attacks as executable
cases.</t>

<t><strong>Key pinning is the trust root.</strong> Verification binds evidence to <em>the
holder of a named key</em>. Relying parties MUST obtain issuer keys through a
channel they trust and SHOULD pin them; fetching keys from the issuer's
own origin proves only self-consistency. Key rotation adds a <spanx style="verb">key_id</spanx>;
it MUST NOT invalidate previously issued receipts.</t>

<t><strong>Omission and rollback are out of a single receipt's scope.</strong> A receipt
proves one completed succession; it cannot prove that no <em>other</em> events
exist. Whole-ledger claims are the companion ledger-export format's job,
and resistance to retroactive truncation or rollback requires externally
anchored commitments to the ledger head (in the style of transparency
logs <xref target="RFC9162"/>), both published alongside this format <xref target="SR-REPO"/>. The
anchoring extension point is designed to register ledger-head commitments
with a SCITT transparency service <xref target="RFC9943"/>, so
anchoring composes with the emerging standard rather than inventing a
parallel witness ecosystem. A version 0.2 <spanx style="verb">ledger_binding</spanx> claim states
the evidence horizon (<spanx style="verb">height</spanx>) at which such a completeness cross-check
applies.</t>

<t><strong>Deterministic serialization is load-bearing.</strong> Implementations MUST
reproduce the canonical form and the payload's document-order
serialization exactly; the corpus exists to make divergence detectable.
Implementations SHOULD reject documents whose numbers fall outside the
integer value domain rather than guess at float formatting.</t>

</section>
<section anchor="iana-considerations"><name>IANA Considerations</name>

<t>This document has no IANA actions. The signature-algorithm registry is
internal to the format's spec-version ladder (<xref target="canonical"/>); a future
version of this specification may propose a formal registry if the format
is adopted for standards-track work.</t>

</section>


  </middle>

  <back>


<references title='References' anchor="sec-combined-references">

    <references title='Normative References' anchor="sec-normative-references">



<reference anchor="RFC2119">
  <front>
    <title>Key words for use in RFCs to Indicate Requirement Levels</title>
    <author fullname="S. Bradner" initials="S." surname="Bradner"/>
    <date month="March" year="1997"/>
    <abstract>
      <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
    </abstract>
  </front>
  <seriesInfo name="BCP" value="14"/>
  <seriesInfo name="RFC" value="2119"/>
  <seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC8174">
  <front>
    <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
    <author fullname="B. Leiba" initials="B." surname="Leiba"/>
    <date month="May" year="2017"/>
    <abstract>
      <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
    </abstract>
  </front>
  <seriesInfo name="BCP" value="14"/>
  <seriesInfo name="RFC" value="8174"/>
  <seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>
<reference anchor="RFC8032">
  <front>
    <title>Edwards-Curve Digital Signature Algorithm (EdDSA)</title>
    <author fullname="S. Josefsson" initials="S." surname="Josefsson"/>
    <author fullname="I. Liusvaara" initials="I." surname="Liusvaara"/>
    <date month="January" year="2017"/>
    <abstract>
      <t>This document describes elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA). The algorithm is instantiated with recommended parameters for the edwards25519 and edwards448 curves. An example implementation and test vectors are provided.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="8032"/>
  <seriesInfo name="DOI" value="10.17487/RFC8032"/>
</reference>
<reference anchor="RFC8259">
  <front>
    <title>The JavaScript Object Notation (JSON) Data Interchange Format</title>
    <author fullname="T. Bray" initials="T." role="editor" surname="Bray"/>
    <date month="December" year="2017"/>
    <abstract>
      <t>JavaScript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format. It was derived from the ECMAScript Programming Language Standard. JSON defines a small set of formatting rules for the portable representation of structured data.</t>
      <t>This document removes inconsistencies with other specifications of JSON, repairs specification errors, and offers experience-based interoperability guidance.</t>
    </abstract>
  </front>
  <seriesInfo name="STD" value="90"/>
  <seriesInfo name="RFC" value="8259"/>
  <seriesInfo name="DOI" value="10.17487/RFC8259"/>
</reference>
<reference anchor="RFC8785">
  <front>
    <title>JSON Canonicalization Scheme (JCS)</title>
    <author fullname="A. Rundgren" initials="A." surname="Rundgren"/>
    <author fullname="B. Jordan" initials="B." surname="Jordan"/>
    <author fullname="S. Erdtman" initials="S." surname="Erdtman"/>
    <date month="June" year="2020"/>
    <abstract>
      <t>Cryptographic operations like hashing and signing need the data to be expressed in an invariant format so that the operations are reliably repeatable. One way to address this is to create a canonical representation of the data. Canonicalization also permits data to be exchanged in its original form on the "wire" while cryptographic operations performed on the canonicalized counterpart of the data in the producer and consumer endpoints generate consistent results.</t>
      <t>This document describes the JSON Canonicalization Scheme (JCS). This specification defines how to create a canonical representation of JSON data by building on the strict serialization methods for JSON primitives defined by ECMAScript, constraining JSON data to the Internet JSON (I-JSON) subset, and by using deterministic property sorting.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="8785"/>
  <seriesInfo name="DOI" value="10.17487/RFC8785"/>
</reference>
<reference anchor="RFC3339">
  <front>
    <title>Date and Time on the Internet: Timestamps</title>
    <author fullname="G. Klyne" initials="G." surname="Klyne"/>
    <author fullname="C. Newman" initials="C." surname="Newman"/>
    <date month="July" year="2002"/>
    <abstract>
      <t>This document defines a date and time format for use in Internet protocols that is a profile of the ISO 8601 standard for representation of dates and times using the Gregorian calendar.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="3339"/>
  <seriesInfo name="DOI" value="10.17487/RFC3339"/>
</reference>



    </references>

    <references title='Informative References' anchor="sec-informative-references">



<reference anchor="RFC9162">
  <front>
    <title>Certificate Transparency Version 2.0</title>
    <author fullname="B. Laurie" initials="B." surname="Laurie"/>
    <author fullname="E. Messeri" initials="E." surname="Messeri"/>
    <author fullname="R. Stradling" initials="R." surname="Stradling"/>
    <date month="December" year="2021"/>
    <abstract>
      <t>This document describes version 2.0 of the Certificate Transparency (CT) protocol for publicly logging the existence of Transport Layer Security (TLS) server certificates as they are issued or observed, in a manner that allows anyone to audit certification authority (CA) activity and notice the issuance of suspect certificates as well as to audit the certificate logs themselves. The intent is that eventually clients would refuse to honor certificates that do not appear in a log, effectively forcing CAs to add all issued certificates to the logs.</t>
      <t>This document obsoletes RFC 6962. It also specifies a new TLS extension that is used to send various CT log artifacts.</t>
      <t>Logs are network services that implement the protocol operations for submissions and queries that are defined in this document.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9162"/>
  <seriesInfo name="DOI" value="10.17487/RFC9162"/>
</reference>

<reference anchor="SR-REPO" target="https://github.com/jsabes24/css-succession-receipts">
  <front>
    <title>Succession Receipts: specifications and conformance corpus</title>
    <author >
      <organization></organization>
    </author>
    <date year="2026"/>
  </front>
</reference>
<reference anchor="SR-AHR" target="https://github.com/jsabes24/css-succession-receipts/blob/main/spec/authority-handoff-receipts.md">
  <front>
    <title>CSS Authority-Handoff Receipts (AHR)</title>
    <author >
      <organization></organization>
    </author>
    <date year="2026"/>
  </front>
</reference>
<reference anchor="SR-CORPUS" target="https://github.com/jsabes24/css-succession-receipts/tree/main/corpus">
  <front>
    <title>Succession Receipts conformance corpus</title>
    <author >
      <organization></organization>
    </author>
    <date year="2026"/>
  </front>
</reference>
<reference anchor="VC-DATA-MODEL" target="https://www.w3.org/TR/vc-data-model-2.0/">
  <front>
    <title>Verifiable Credentials Data Model v2.0</title>
    <author >
      <organization></organization>
    </author>
    <date year="2025"/>
  </front>
</reference>



<reference anchor="I-D.farley-acta-signed-receipts">
   <front>
      <title>Signed Decision Receipts for Machine-to-Machine Access Control</title>
      <author fullname="Tom Farley" initials="T." surname="Farley">
         <organization>ScopeBlind (Veritas Acta)</organization>
      </author>
      <date day="28" month="June" year="2026"/>
      <abstract>
	 <t>   This document defines a portable, cryptographically signed receipt
   format for recording machine-to-machine access control decisions.
   Each receipt captures the identity of the decision maker, the tool or
   resource being accessed, the policy evaluation result, and a
   timestamp — all signed with Ed25519 [RFC8032] and serialized using
   deterministic JSON canonicalization [RFC8785].

   The format is designed for environments where AI agents invoke tools
   on behalf of human operators, particularly the Model Context Protocol
   (MCP) ecosystem.  Receipts are independently verifiable without
   contacting the issuer, enabling offline audit, regulatory compliance,
   and cross-organizational trust federation.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-farley-acta-signed-receipts-02"/>
   
</reference>

<reference anchor="I-D.nelson-agent-delegation-receipts">
   <front>
      <title>Delegation Receipt Protocol for AI Agent Authorization</title>
      <author fullname="Ryan Nelson" initials="R." surname="Nelson">
         <organization>Authproof</organization>
      </author>
      <date day="13" month="June" year="2026"/>
      <abstract>
	 <t>   This document defines the Delegation Receipt Protocol (DRP), a
   cryptographic authorization primitive for AI agent deployments.
   Before any agent action executes, the authorizing user signs an
   Authorization Object containing scope boundaries, time window,
   operator instruction hash, and model state commitment.  This signed
   receipt is published to an append-only log before the agent runtime
   receives control.  The protocol reduces reliance on the operator as a
   trusted intermediary by making the user&#x27;s private key the sole
   signing authority over the delegation record.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-nelson-agent-delegation-receipts-10"/>
   
</reference>

<reference anchor="I-D.rampalli-pedigree">
   <front>
      <title>PEDIGREE: Verifiable Delegation Identity for Agentic AI Systems</title>
      <author fullname="KARTHIK RAMPALLI" initials="R." surname="Karthik">
         <organization>Glyphzero Labs Inc.</organization>
      </author>
      <date day="24" month="April" year="2026"/>
      <abstract>
	 <t>   This document defines PEDIGREE (Per-Agent Delegation Identity with
   Governance-Enforced Execution), an identity and delegation framework
   for AI agents that extends the workload-identity model of SPIFFE (RFC
   9542 / draft-ietf-wimse) with cryptographic per-hop delegation,
   monotonic scope attenuation enforced at mint and at verify, and dual-
   layer authority enforcement combining an operator-controlled ceiling
   with per-parent mandate narrowing.

   PEDIGREE complements AAuth (draft-hardt-aauth-protocol) and AIP
   (draft-prakash-aip) by providing: (a) dual-enforcement semantics
   absent from both, (b) Cedar-policy mandates with static-analysis
   proofs of narrowing, (c) strict cryptographic parent-token re-
   verification that catches parent-swap attacks missed by append-only
   token chains, and (d) a native bridge to existing SPIFFE deployments.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-rampalli-pedigree-00"/>
   
</reference>
<reference anchor="RFC9943">
  <front>
    <title>An Architecture for Trustworthy and Transparent Digital Supply Chains</title>
    <author fullname="H. Birkholz" initials="H." surname="Birkholz"/>
    <author fullname="A. Delignat-Lavaud" initials="A." surname="Delignat-Lavaud"/>
    <author fullname="C. Fournet" initials="C." surname="Fournet"/>
    <author fullname="Y. Deshpande" initials="Y." surname="Deshpande"/>
    <author fullname="S. Lasker" initials="S." surname="Lasker"/>
    <date month="June" year="2026"/>
    <abstract>
      <t>Traceability in supply chains is a growing security concern. While Verifiable Data Structures (VDSs) have addressed specific issues, such as equivocation over digital certificates, they lack a universal architecture for all supply chains. This document defines such an architecture for single-issuer signed statement transparency. It ensures extensibility and interoperability between different transparency services as well as compliance with various auditing procedures and regulatory requirements.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9943"/>
  <seriesInfo name="DOI" value="10.17487/RFC9943"/>
</reference>



    </references>

</references>


<?line 370?>

<section numbered="false" anchor="acknowledgments"><name>Acknowledgments</name>

<t>The format was extracted from a production authority-succession system of
record and hardened against its red-team findings; the conformance corpus
packages those findings as executable verification cases.</t>

</section>


  </back>

<!-- ##markdown-source:
H4sIAAAAAAAAA7Vb63bbRpL+30/Rh/kRiYegLraTCeXNrEZWJpqxY6/kZM7u
nDkmCDRJxCDAoEHJjEY5+xD7hPskW19Vd6NB0U6yezY/HAroS3V11VdXJEmi
2qItzUQPbjZZZqwt6kpfm8wU69ZO9Ju6adNZafRNsahMri9vi9xUmdH1XJ9v
2mXdFO1WR1P/ZNo7Yyq8rKt6VW+sPl+YqrUDlc5mjbndv9NA5XVWpSsiJG/S
eZvYdGa2iQ0jk8aNTI6PVZa2ZlE324kuqnmt7Ga2KnhUu10bPMzN2tA/VauK
dTPRbbOx7enx8VfHpyptTDrRNybbgHR1VzfvF029WU/0VZUXdLxNWtKB/Irq
vdnSmHyitE50Go7cUcYvrLDHE8nPzq90ykfnv+r5vCwqo29NU8wLOoGfepmf
Pnt28hX//svN6+90llZ1RSPK4mcZpWybVvm7tKwrOt3WWLUuJvrvbZ2NtKUL
aszc0q/tCj/+oZRQKRQXFd3iX8b6BvykJ1oLl/+SNttKvzLNbVFFL+tmkVZu
34m+II4W1QbnfZnO6iZt6fDG8kizSotyopemLOt/zcLAMho3zuqVUlXdrGi9
WwOCrr+5OD05+cr9/MPJl0/9z+Mnp/7n6bMw4Ms/PHM/nzx5Qk8VLry/3lcn
X/DMm+vk+vLN6wlT90mhtmuThTuwmnir6QC8LkQ7q5v1hiSS10mbhWnpmG27
tpOjo0XRLjczHOzoR4ioPX16lFm7T1B5fk6SOtGnx6dfCIXn3173Cby4uekU
KfmWaCFBCbTqA5pw+H8m5WhW1rMjurDqCGc/CmKcLGXDMHK8yvfSffH6+s33
N7/K2/8PPh6RfBshXlZ8TOAPF8mL87fnyavXLy5f9on8gdWNIeyiMYCEIi2t
fpG2qX5V56bUt6fj4/1E3t3dje+ejEknjt5eH91mCW2aJivMSmjSUZ+QZ/Tn
VfJiPE+bkqArzWiswEI4ysQNqUxp6YSMDgmtZhYsio/GNelqnZZlkaxNXiyI
DV7kv3r6hHQhSQiRZrZtaC+lIsQV2NEEdXqzXjRpbvIRYdO6TDP8shvL8Eg/
IfuNsaSvhF53y6I0almXeVEt6DEBYb02DdNGv4PUjPW5fnz5uqAd9doZjJFy
kMiQRuC+WRFNul2mrV439a2xmtCMZGS1Lk0LUtZ1WWTbhFhBs+hMlZ2bhmBT
daA7c8alvavdGScgOlvKXwAjmro0Hamj+D0fzeqi1VV9N9IbYkFD74kiuoGi
LVZpttU5UdOsiopPzYsFWuj/zDEla9azslg4DMnShhAv1yT8d2lDp7kjAdeG
wH6rszItVhpGBjwnRHbWQhlvTGkc7susZiZ3Q7Bx4xnbWlPOx52W4WJvg2Ar
b1pmW71Om5aQl05VE9PpnK27QsMrkk3b4G7t1rZmRSyw+Kuuyi1eK7w2zedW
rzd0tkyT7Rvrt0u62HCBDjtpi5jCu4IoEmAegVy1a8NY0HDstN3QUJstzcro
AxaOi92xN/IWLFTOOh6KqGLP2IDqtFzgnpd0lqLKyg1L7qzIiZ7MiS2zXwn7
6e1Y/21piISczsHi65VOxFLkIa2cROWFU5JOS9UnJ6xSEqF6tEc//PhWxisZ
7yWvNSXkOyPjzKeEqLL489JB80TpV0We072rz8hnaZs632TiJ7wgFa+3JEDp
IyzAejrrEJBOtXb0QLxTXsHKWQEnohzu1LKiV37iXwX/Z9mdmiRkD9CoCGjq
JuAMS4h3oOh5UdGF4BEjzrq+M81YX34oLLkUC1UwxaT8TJlQ4eSEfIEmJfij
40Oo6Bg01eoBhL8QAQ27/JH8T1pggPtpIdGN+WlDBOFSMmPyPw7OAAx5TZIN
rVkzW03AM+2VVcn9dQATwYBnX0ayRrOKEnTfQdp61+zAQs2bekUb0Z04TrR1
RzBd9bkeDh/L0XBIIl1b1kCiZJGux/rKoS9wIoEzRtbSYa/yqjti7aens62w
hjEAEkYCTR6uW45EosHcGPlGCiRv6TpgdfiVB5qDmH5W8nCvInkjOm5Z0oJD
2g7YaIeHZ24Rz0UsRKFB/R4ICqbwDjsLkzyS08cQy2Clu60c3NLTonGnwTlT
YpLfKkJ4c5uWmz3wfpdarxS5GAc/ubti5yyuVkXLcAjcpXPu4v8ZmwmZPBx6
0RkOJ8J5hv+RXqZ2mWRLuStnAx6jNB3UH2nUmQi6pRlRtEIEIDcXGxtywm+x
jiYkzd6zkdB0H7SThQ02K5auhoQR++Aut/q///O/BGvyogVLU81ibBp+jb8b
s9iU8O15rOAw3VzqEZGO6kwRySjfiLcsOlgWh+eRhZmQvunzN1cKcjLCHylf
K7Rhn82iARzPwUoCNcS+1bS46gPCWP8QmwowcbXetESxsArs78TNqwktU99V
pCQYiNs28GiJoJ4dB0G0/6ymQwZjQ9pwfx+bp4eHQwLBmlknHCK7qCtDrDHA
PVw5naeB25wB/Oitmc9pNahlLJx0X307jLul41CwBjGmLfIfCXPpBQJa4ruP
SAWfvQRO1GOzd3//K17rw4NO29Ywx32ErEiTlnTRSVsn7ucOOPuN7K797IJk
2fnXnOFuezIwUBFizRoumqBiWysieqzfmCZZ1utoI1Et7Q0I0WFxZ28uX1z9
+fry0m3/yMd+eBi5DWE176KYfzgv6zvcwV0FJR/SDZEwLJaqJGCKT8hCRZde
1+3ZXk/AHSgl2aHrbuSK4KGSjFkrmspKxgASOcN97zYCb/ERh95Fdt4F/eP8
d+swMoIyj12i+Dl7leKPQ8JS0hDIVVmSxSO2wBH0Ph5Z7yVGr5uCgLCAM3/g
Ffv+3kXz4CMboI/5dzKSInxSE3CvmLGjWm5Z2E3sVAa3M9fsvJH0F55QCDlR
z4BilwhjcM40SCh5FTlb8MexqT5YwM2qCMsyQhDy0Ep62JJEELOz1NtY9er7
m7d6nhakoC3nT3IBVntIh3B5BxYbh7ASH0RpKA+WjQpkh8CBdifWIIw849v1
JxZrSYpNeMyeLEEpomDYdgFdlpzMhMVjHzglXElADM2jx8msIdGlU/mxcp2W
zkILrWsLzN8GJsbgEqIUf/fiGrZuumOlygubFWuOQyBQZPEXNMp8gAPFTsDa
O0Q9L9R8IAvD0WWVQajJ42PWruuCnQdA53xj0zJhLSBbRLSQi10sWIFYj3Be
flv4hI4Tf+fi8ApwaWoAB44hmEQaA+C+NQmIJ59qwzJd/+jhnILPKMqxu1J4
wE4Q0X5bmDvnjjF/t7GtRZzrIqsuAjpkJrnYlJaqN60lNgtXMzJpousR4o/h
7l/UbDNC2uqFmReVnFp0huwpLABFuQMI7WAk/9ffvebf15f/9v3V9eUL/L75
9vzly/BDRij64/X3L917/OpmXrx+9eryuxcymZ7qnUevzv99IOHx4PWbt1ev
vzt/OZBINrZbOCzdw4x0mH2LxrAC0whjs4YggKPfP1280SdPFSME8oVkAwQt
Tr58Sr/vKAKRK2QHQ/4k1m3hv5kUphXABaErWoiZSgFZsOu4OGLljWjXRE30
uQ9iDrzPGsHmodwqtJQjqA562RGEV0yeVZwJcLF732v5HP7tgiKaBuDWWQTs
j2sLXjdHI2QBZlsvHHuw3tsD6wwNURA7yx45gN6RO+4ej/Vr8GwYMi/DKJeN
3Nq2QBYlJASVumLZ9aT+hrChW2/UeeNw1cTHHcEXdemAXhqB9rqOXVK5nW0U
C8c5B9E0dsTanr7tyWLgGJe9bAvWfl25P8jHuzUltC64g2ERSFSVJyxoAmqd
F04H8X74Ts6GtRXs8smxF14B7j/zuvAAH/xjebTv336T/EGSZyL5p8+gBfUM
4ATzu4bazFtBYvW3Jxf6I6lOJC01Jy1ppV6mFJ4VbB6cDew0YbSbcjafcHmq
Vzhow75mF9+I4rLXLYAumogFkpcvlJNgvherBScEdMTkeLnToS7gtyGfOS3r
hTgqCqWckJtHjlPsgYvrz7+97qfxxRDTY9hhUZ1gzBRdEnP4eHyiD+iKfzak
2Fi6e3GqD7JNA0/s8Ewgy4oVIGlerVJyayXlpaJ8QzCmWgw9Upoi2Uv4iWlv
+U4wfvnlF3VPojPwjB5MkEjWfx/sSTxX9iiyl0e3p4MRp513/htsmmqSWTtJ
l83klvYb/APjBuCiW1626ISkkxGgd6hBuBKEE0a3DFj9zp2GlhtgA34hahJ2
uKcnOQZ4cjzqDfQDj2dX5xtSMpkyQAI/Of4yOX769uR0cnw8OXn6H7Jyd+qb
DQs9zbjno8sWu4ffbIp88ryDnndF/rXj1aD3FOQ9x+jwOgJPXphO4cBy3/B9
3HfJi3dRQoPm/V2Px2P9j09Nk0zZgEuURnjU0Vt7xv5+goLZ+P0T2P3AHCL+
UxN6Wa53HGv9LzYjP3gDXg04uCNW6H9ibeDCIPCjS94IQ+7jR/1NwxxGjaLd
tCKymAOzbgv7jjH/HcJ/nrg0Hz5JLGF1Dry27+ATwP2jac/59F//hmnvlhSA
7OwWnQwW5d2s4JQCRFwPlqZYLCHuz4tP7aAH+84RVo58kncOvVkkw+3Ewjno
UlqfHE2DRY99UMCDnveN6NfR0qRbdT3vVHcHj/xJLm5uXPx44z1kr5yEA0hA
70waPCebqFET1iQFFANQzBb0OU7BvFsZkjWREHIEYlRwiOwZGFYmPmryiZPT
Z194nyOUMyQv1AFLoDYmb2DkLBO/4+Q5cpFfPN005UEXAnyNquODemCDwN77
NBbaKZuSaV9CvE2WGtBw6G2rltCD+xFgbTien1n2uNvIDp0Mh+PdbcRFE7sa
v0lL5VMEu2UwiQEnevpYpab6gOsXSK4J95Qb5Hwt9heRGpEd3RaHIz3do2lu
NVY2hGP+ue7GwvPiDB1O6rwLeO7ilkz36KEsqiISdZlyQkaqGn7GSNekFC1X
Rk2lO0LoLD+TC3Q4Vo+uJ2amE7DPbRdDc4IMrRVT0XJHykkCASH3v5YYdsfX
pRUoziPp61cM41gDvqqCp934XDI5/KQ6K3F0pjsXlLqEE62MZ4dj/SekMkmo
VFyoxOoh5Rw235Pl1JzlDFmOKNeKbHPnVnvnnXtZUEeOXTP/EhkWq6Y7Ls3J
FBR13intaej2p7FvMkXQM8VYFx6uUIzkLK3TmzPOa3MiCC5q8OCQc0aI73Kz
bj2EDWm23OV7CBcEKq1nb5HTvu43kG46UtN0sWi4huae6OgJj6/XrlA5zdKN
FdCiF/pIkZ6SR1pGj/SUfJXbot54jXNPU6Sv3PYBD6fqgEMHoCTfkaPM84oe
rNNtWacR1SwgroxVBdLUNKDWdKwv3ekFgzrx+EBUUJCU2i7oQ5LDNRcwcI4U
amuNSXwxh6TASmZjX8E4GANLYVPAYIqbPosm6G/oLgU/h8MdoB4OuYLaiR1y
h3TLHFdZoqHbz1eQ1JRNVgh+BEVHPvJyT1lEufmKDlGaD0VWkwOzXmLrcosi
haJ4lMhnLak4JUj0rMnbE+5Wtf727auX2lgkKVCW/kbqWpHOo05lVF4j66cP
SJ1pHEIgkn/CHCTHmibdWk8byTatOqcLRUYs4QyarjYs9oeKY5qMnmUkyjYc
V3+yBB+laMfM9W9RsiJWVwnuRrjO/Iqi+RIVXGRPNVnSFHWAFVrqnEV1mbtd
w6qk4MJo74YM5cTDUMuVigYx3sJgkB2LLXiAXinQyhpnOpJcv04nI1FDAm81
keDseVouvtaDyUB7A85/7LHhCVN9KBZ86sz+VB/0kuC+owQF7azb0x6Gg9UU
sodOBiUxEwO5y3x7OLIMkxAfsvF0fqGOD0baKmYgWaUVsSdXZToz5aiXWOdw
PNRRPSZzDS4KZqVLJtWrdM2DVNgHCdSQU2HMR76xqVunsrmfB4lmEas3sFIu
wY3kbloiH79NXC06pJmQhttUuELSmZ/pzZRvYYrM1rz4oDmLOYN2QNRNfqYq
c9cxjSSny32TFW2TnzakdpuVazUhZkP3JZl+a9yqZGUiZs+2yJrTqjHLSZVR
LcSxNu6Y0pNhXIMCIEx0IySYLtlIXEFNOXN3/xmDawIxfUAiCtXHvkn53PZN
dPEbVEl5HaorNMRWnrrJx82RfmSO1K45YlfPmxBY3O/fXujIjjjkaFKK++g+
503qGm0SS5dHognPyHrPSdbzhD8yQMBbZ4M+34vKtH9IHTvoZSdHgMI1acD1
6U/jMSPcMj2/7XoenLh53/CxMVUHZrVGey/jgfh9YgEOWUT9ZXVG+xG+qI/j
i0aWlA1QfNls/3ql6vvPev4V8oRBO2mTBUlwv0OsS6+7Jql9OdCRIrUEgkIp
SXZmNHinRs5aFmokhWMkweLJmIzrGwD9mGzqtXfvdvCUPWoCv85UPxwGnEHE
FIoZ6FjhzcxP6LcWmzvu4Xm4I7zpuIxleOZOpaVoo8IUYEnqdHTxzG8HYXA5
uXJMoqu1mC5sRHPfV6gP+IGoPPFxaPQqbbMltzClXAU0USsbVuGCFS5mjgym
YylnpuO09DA4xflQljaVZd8mrbj5mh1bBEhcf8R0uE8drNGV7Vg8KfryMNBl
fXXjFLcV4KjwQISr+wj4MD3M1qa72xpUca+WuHA9hEKJ9P4+AjZ4CE96GyPN
gxRe1tt7yFpZtcOOik5PQAJ2lctllXNhbDeGm7fW7HqNuFeL2a4Pcu5+W7k2
mrTFOpgFr8h11xBil2Xo7Qp1vbtlbb0fk0FHBX1DyxctJIYe0YMjP5lt2sSZ
tj5xIgVKPQUzLvpNI6PdlpGOL9NHGc+p6130Ej9DaWUtJxdrxZIJ2ehf6MTZ
BR8Lu+YCrV2VFVFTnBJ1qYaQnJ2euQ6smkwpsVa8XVDOSiOtXzJGGqbCmI+2
Wp312/E+5y7urrjF2T85DvxqSXaOpBS6t6tOejvworCiPBIq+fp/nwEc9YGX
kGKfdZ32qmYkw17c3YBVaMs4i5ur2Gu5rR1iLtFU0troEVaRMLEjxM0jD7Ig
V4eruA2pLvlQsrDPs7jmn8It4u7UXz7RWqZNZ814WTth3096KAHuXYNH3Qhn
QreaU6Xg+fmqTkmujHUAF50tGo6Fpnuy3NNRhHvnvTYnxNGGDInxDU/M3t/X
80QzEBbtqaMQuegCn28ajteFFezj+fzFmGnup7r2qpEPXNGPPv2z5KquUFWH
P0Fi0l2oz4j4ixHcECyHHbN7E2Jn7EYwNXszXLDonOSE7SJuwIEafSRx5fFR
zOZOos1nsabnfup12CQcIBCPSj2t1GW1mDmsguPdtOM4Rv7IbnsCsNBvSlk5
o+6TX0j/+0ZWZ4oYYXwabCfBpX2CS1JbZ8G+pv1+E5bkqsM7368jIXHUssPy
HjdBQnB7HTfIFRXNSjiF7h9nSxCa0S4UYtV33XnQQupzhtxWFcqdJBWCU+Qc
20Q8hlTDDylNrDau9xhMc0kyeH/7MlZ8DZK2cijSa2ZiRjuLDmOiZEzU3ORv
rOuc2tMhxcySr3+4EY9LxFELlHdeoZ/s8SBt41GaYuJ+dk568cLnA1GH11i/
CWSEaDdl8KA/FQdfJp/47iiC/2rB35CUWy0BWp678M2jBcMvHghflGvyGvnK
L7PRatfn4j5h4+4U51oKx9a7dI3VD3E43iso9wrJTD9/ziiVYRF3SK/nT0lU
Q+1rafXiNyQPJ+PjqJ59xqtycN3uLRI8zkJ7OHThbulq9J9OfbJ997zne/Vf
ScJioT3JtRIqNRx2WO++5uHPIDpljXqWIdLtzlsy2kvk/lr4P28/+lUHsDE3
LvHjG51J2aXtg5dSDAHO8UjR0E8KVoCLYggmSDdyJg7SWUqo711taRWsFMEf
WorpDSIH8aUdwewVnslM9rQepcPls6loF1kVfZu85pAXPfAeCVnTwpo8wUOo
4WHYr/sgKLjsZ3pZiPPv+4Xxh3cXAqE7rcljJZ0Wv6LNtFWdiypaVE/aNHtv
kb81H+jiWRQVd0GOceN/JXoRQLrODrHU6MNGLQfX2IskIYpR3YOUasg1l+6z
FocixIYhPm3qUBjowMBVz1pu4BWRQQjrO251qoAAlSml7UsIYewRbV6L5SAT
MTfOReb5j/p7uNmbhG1BE8J3aYQp/ksKi+xQlVEo8tc9qS4fLZ6pwtlPZNhC
wovzTJxhoBV3M17g6Wvfxczf4dVlOUthF6QhULjUNxFkA9knBr+DCqp9H9RF
XVj8ZUtkW0wwZcMa3tPQhUeKc1r4wKcuTeIsauRZeQmWvlB5nziLK7hM5P1Y
z0bKfVZY4MNluf3GtE0tdX3cVpV5F7U7Nr7IKRAP+57Qcqs6+90VqP2HAY5A
eEfI/kmA0W5LMWxRt6gq64WVHBY+FuZaCIdhHbTD1C5cByYcWrEykafAzUsq
NKkyjRVfnTgVMVDxcSWt6LnEREZnUA4jbi6u3r7tEYsE2G2Rudw7vvREDtnW
0d64A/4AKAQYFKs0C243xJfisCUE1UvvUHbAkSraBZ/jlJgLn0QTTEtLX78a
d/q48iwgIy6b6vnBrqqpD7wjdAhQki4sKan2/KDYCVIUQJaFg5gX/Ux5PxNo
NdKEycykYAIU4Gqnl5qdYwreXHjfz03hSkN6rMs5+oxUwq7lThrRRQZnTvIZ
QllHWAZX6XvUKohnC+YC8vwZo+ZY7ZLmYElcsbCpzzy4Ig3heVnGrcDKlXqk
EqRdJSi+2sUG/CRmc9nHyW3LJgBfB55/d/7Idve/I0H8SkDAI91HgK41PNQ4
Omvsu7lgvrkLEA6+08YAAPD4Ei9IzsHZyQkiHJ9vOH3mB/p2535TH77WkywE
2u14izKiYh7trFAEyet167oUvSZYNI4TuuC7GPf5JNAG7DnPkPODmItO3k/k
Ikz+LwO6CmsGD1LhcnBwx6aRP7f29ZPUJZPEKITP6jvs7fplleuXhQwuiTAj
n+f47CVSCHnSUliDwAkaZ73c7ZpxUuLsfbpgyw3O+PF90913qZwd/x9e641v
8UMAAA==

-->

</rfc>

