<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.2.3) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-pereira-licet-human-intent-01" category="info" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="LICET Human Intent Protocol">LICET: Multi-Modal Physiological Human-Intent Verification for Autonomous AI Agent Authorization</title>
    <seriesInfo name="Internet-Draft" value="draft-pereira-licet-human-intent-01"/>
    <author fullname="Christian Rodrigues Pereira">
      <organization>eColabs Desenvolvimento de Pessoas e Organizações LTDA.</organization>
      <address>
        <postal>
          <country>Brazil</country>
        </postal>
        <email>contato@ecolabs.com.br</email>
        <uri>https://licet.dev</uri>
      </address>
    </author>
    <date year="2026" month="July" day="02"/>
    <area>Security</area>
    <workgroup>Individual Submission</workgroup>
    <keyword>AI safety</keyword>
    <keyword>human oversight</keyword>
    <keyword>biometric authorization</keyword>
    <keyword>zero-knowledge proof</keyword>
    <keyword>autonomous agents</keyword>
    <keyword>coercion detection</keyword>
    <keyword>heart rate variability</keyword>
    <keyword>electrodermal activity</keyword>
    <keyword>composite attester</keyword>
    <keyword>RATS</keyword>
    <keyword>coercion resistance</keyword>
    <abstract>
      <?line 116?>

<t>Autonomous AI agents executing consequential actions require authorization
mechanisms that verify not only identity but voluntary intent. Existing
mechanisms verify <em>who</em> authorized an action; they cannot verify <em>whether
the authorizing human was uncoerced and cognitively capable</em> at the moment
of authorization.</t>
      <t>This document specifies LICET (Latin: <em>it is permitted</em>), a cryptographic
middleware protocol binding AI agent authorization to real-time multi-modal
physiological state via a three-layer architecture: (1) ECG waveform
morphology matching as a medication-resistant identity and liveness anchor;
(2) electrodermal activity (EDA) as a sympathetic cholinergic liveness signal
immune to beta-adrenergic blockade; and (3) personalized Mahalanobis distance
fusion over five physiological signals to elevate the cost of pharmacological
coercion attacks rather than claim binary detection.</t>
      <t>LICET defines a Biometric Trust Level hierarchy (L0-L3) aligned with the
IETF RATS architecture (RFC 9334), a baseline calibration protocol
establishing individual physiological profiles, per-event HKDF session-key
derivation, HMAC biometric temporal signatures, Schnorr zero-knowledge proofs
over BN128 enabling third-party audit without biometric exposure, and a
SHA-256 hash-chained tamper-evident ledger.</t>
      <t>A reference implementation is publicly deployed at
https://licet.dev/v1/ and available as open source at
https://github.com/christianrp45/licet-protocol.</t>
    </abstract>
  </front>
  <middle>
    <?line 144?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>Artificial intelligence agents are transitioning from passive tools to
autonomous actors capable of executing actions with real, irreversible
consequences. A medical AI agent may adjust medication dosages. A
financial AI may execute wire transfers. An infrastructure AI may
modify power-grid parameters. In each case, the assumed safeguard is
human authorization.</t>
      <section anchor="the-intent-gap">
        <name>The Intent Gap</name>
        <t>Contemporary authorization primitives are designed to answer one
question: <em>is this person who they claim to be?</em> They are silent on a
second, equally critical question: <em>is this person currently in a
state that constitutes genuinely free, conscious, and cognitively
competent intent?</em></t>
        <t>The following table contrasts existing mechanisms against the
authorization properties required for high-stakes AI agent actions:</t>
        <table>
          <thead>
            <tr>
              <th align="left">Mechanism</th>
              <th align="center">Identity</th>
              <th align="center">Liveness</th>
              <th align="center">Coercion-free</th>
              <th align="center">Cognitively intact</th>
              <th align="center">Drug-resistant</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left">Password</td>
              <td align="center">~</td>
              <td align="center">N</td>
              <td align="center">N</td>
              <td align="center">N</td>
              <td align="center">N</td>
            </tr>
            <tr>
              <td align="left">Static biometric</td>
              <td align="center">Y</td>
              <td align="center">Y</td>
              <td align="center">N</td>
              <td align="center">N</td>
              <td align="center">N</td>
            </tr>
            <tr>
              <td align="left">FIDO2 / passkey</td>
              <td align="center">Y</td>
              <td align="center">Y</td>
              <td align="center">N</td>
              <td align="center">N</td>
              <td align="center">N</td>
            </tr>
            <tr>
              <td align="left">Digital signature</td>
              <td align="center">Y</td>
              <td align="center">N</td>
              <td align="center">N</td>
              <td align="center">N</td>
              <td align="center">N</td>
            </tr>
            <tr>
              <td align="left">LICET</td>
              <td align="center">Y</td>
              <td align="center">Y</td>
              <td align="center">Y</td>
              <td align="center">Y</td>
              <td align="center">Y</td>
            </tr>
          </tbody>
        </table>
        <t>This gap is the <em>intent gap</em> — the absence of a cryptographically
verifiable mechanism to attest that a human was genuinely capable of
and free to form the intent they expressed.</t>
      </section>
      <section anchor="motivation">
        <name>Motivation</name>
        <t>The EU AI Act <xref target="EUAIACT"/> mandates human oversight capability for high-risk
AI systems (Articles 9, 12, and 26(5)). Article 9 requires risk management
systems. Article 12 requires logging sufficient to assess compliance.
Article 26(5) requires deployers to ensure human oversight capability.
LICET provides the technical substrate for these operational requirements.</t>
      </section>
      <section anchor="relationship-to-rats-architecture">
        <name>Relationship to RATS Architecture</name>
        <t>LICET maps onto the IETF RATS architecture (RFC 9334 <xref target="RFC9334"/>). In LICET
deployments, the wearable device acts as a Sub-Attester, the mobile
application acts as Lead Attester, and the LICET Server acts as Verifier.
This Composite Attester topology (RFC 9334 Section 3.1.4) is not fully
specified in this document; a separate specification defining the wearable
Sub-Attester role and its chain of trust is designated as a future work
item (see Section 10).</t>
      </section>
      <section anchor="conventions-and-definitions">
        <name>Conventions and Definitions</name>
        <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
        <?line -18?>

<t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>",
"<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and
"<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described in
BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/>.</t>
        <t><strong>Authorizer (H):</strong> The human whose physiological state and intent
are being verified.</t>
        <t><strong>Agent (A):</strong> An autonomous AI system requesting authorization to
perform an action.</t>
        <t><strong>LICET Server (S):</strong> The server that holds the master secret key and
executes the protocol logic.</t>
        <t><strong>Auditor (V):</strong> Any third party who may later verify that a valid
authorization occurred, without accessing biometric data.</t>
        <t><strong>Wearable (W):</strong> A biometric sensing device worn by the Authorizer.</t>
        <t><strong>Intent Hash (h):</strong> A cryptographic binding of an action request to
a specific moment in time.</t>
        <t><strong>Biometric Signature (σ):</strong> An HMAC commitment of biometric state
to the intent hash.</t>
        <t><strong>Coercion Risk:</strong> A categorical assessment (LOW, MEDIUM, HIGH) of
the probability that the Authorizer is under duress.</t>
      </section>
    </section>
    <section anchor="layers">
      <name>Three-Layer Architecture</name>
      <t>LICET authorization requires evidence from three independent physiological
layers. Each layer addresses a distinct attack surface.</t>
      <section anchor="layer1">
        <name>Layer 1: ECG Identity and Liveness Anchor</name>
        <t>Electrocardiogram (ECG) waveform morphology — specifically QRS complex shape
and PR/QT interval ratios — is anatomically determined by cardiac geometry
and conduction pathway structure. These features are stable across sessions
for the same individual and distinct across individuals.</t>
        <t>LICET uses ECG morphology as a medication-resistant identity anchor. The
cosine similarity between the session ECG feature vector and the enrolled
baseline is computed:</t>
        <artwork><![CDATA[
    rho_ECG = cosine_similarity(f(ecg_session), f(ecg_enrolled))
]]></artwork>
        <t>where f() denotes the ECG feature extraction function producing a normalized
vector of QRS morphological features.</t>
        <t>Authorization requires rho_ECG &gt;= theta_ECG (<bcp14>RECOMMENDED</bcp14>: 0.85).</t>
        <t><strong>Drug resistance:</strong> Beta-blockers lengthen PR interval but do not alter
QRS morphology. No common medication class changes ECG morphology
sufficiently to defeat morphology-based matching at this threshold.</t>
        <t><strong>Platform support:</strong> Apple Watch Series 4+ via HealthKit HKElectrocardiogram
(512 Hz sampling). Other ECG-capable wearables <bcp14>MAY</bcp14> be used if equivalent
sampling rate and feature extraction are demonstrated.</t>
      </section>
      <section anchor="layer2">
        <name>Layer 2: EDA Liveness Signal</name>
        <t>Electrodermal activity (EDA) — comprising skin conductance level (SCL) and
skin conductance responses (SCR) — is mediated by sympathetic cholinergic
innervation of eccrine sweat glands. Because the efferent pathway is
cholinergic (not adrenergic), EDA is immune to beta-adrenergic blockade
<xref target="FOWLES1986"/>.</t>
        <t>EDA serves as the liveness signal in LICET: the presence of EDA activity
confirms a biological subject is present and physiologically active.</t>
        <t>Authorization requires:</t>
        <artwork><![CDATA[
    z_EDA_SCL = (SCL_session - mu_SCL) / sigma_SCL > theta_EDA
]]></artwork>
        <t>where mu_SCL and sigma_SCL are derived from the individual's baseline
(Section 9).</t>
        <t><strong>Platform support:</strong> WHOOP 5 (continuous EDA); Samsung Galaxy Watch 7
(spot-check mode). EDA is not available on Apple Watch or most consumer
wearables. Deployments without EDA-capable hardware operate at reduced
liveness assurance (see Section 8).</t>
      </section>
      <section anchor="layer3">
        <name>Layer 3: Mahalanobis Fusion</name>
        <t>Layer 3 replaces population-level threshold comparison with a personalized
multivariate distance measure. The Mahalanobis distance computes how many
standard deviations the current session's signal vector lies from the
individual's enrolled calm-state baseline:</t>
        <artwork><![CDATA[
    D_M = sqrt((z - mu_calm)^T * S^{-1} * (z - mu_calm))
]]></artwork>
        <t>where z is the vector of per-signal z-scores:</t>
        <artwork><![CDATA[
    z_i = (x_i - mu_i^B) / sigma_i^B
]]></artwork>
        <t>with mu_i^B and sigma_i^B derived from the individual's baseline (Section 9),
and S is the covariance matrix of baseline z-scores.</t>
        <t>The five-signal fusion vector is:</t>
        <artwork><![CDATA[
    z = [z_RMSSD, z_EDA_SCL, z_EDA_SCR, z_TEMP, z_TREMOR]
]]></artwork>
        <t>where:</t>
        <ul spacing="normal">
          <li>
            <t>z_RMSSD: RMSSD heart rate variability z-score</t>
          </li>
          <li>
            <t>z_EDA_SCL: skin conductance level z-score</t>
          </li>
          <li>
            <t>z_EDA_SCR: skin conductance response rate z-score</t>
          </li>
          <li>
            <t>z_TEMP: skin temperature delta from resting baseline z-score</t>
          </li>
          <li>
            <t>z_TREMOR: 8-12 Hz physiological tremor power z-score <xref target="LAKIE2019"/></t>
          </li>
        </ul>
        <t>Authorization requires D_M &lt;= theta_DM (<bcp14>RECOMMENDED</bcp14>: 2.5).</t>
        <t><strong>Note on coercion cost elevation:</strong> Layer 3 does not claim to detect
coercion with certainty. It elevates the cost of pharmacological attacks
by requiring that an adversary simultaneously manipulate five independent
physiological signals to remain within the individual's personal baseline
distribution. Each additional signal exponentially increases the required
pharmacological complexity.</t>
      </section>
      <section anchor="pharma">
        <name>Pharmacological Attack Detection</name>
        <t>Three pharmacological attack patterns produce detectable signal combinations
in the fused space:</t>
        <t>Beta-blocker attack (propranolol, metoprolol):</t>
        <artwork><![CDATA[
    DETECTED if: z_TREMOR < -2.0 AND delta_HR_baseline > 15%
]]></artwork>
        <t>Note: beta-blockers do NOT suppress RMSSD. Propranolol blocks sympathetic
(adrenergic) innervation; RMSSD reflects parasympathetic (vagal) withdrawal
under acute stress, which persists under beta-blockade <xref target="BRANTIGAN1982"/>.
The tremor suppression signal (z_TREMOR &lt; -2.0) combined with elevated
baseline-relative HR is the detection indicator.</t>
        <t>Anticholinergic attack (atropine, scopolamine):</t>
        <artwork><![CDATA[
    DETECTED if: z_EDA_SCL < -1.5 AND z_RMSSD > +1.0 AND delta_TEMP > 0
]]></artwork>
        <t>This pattern (EDA flat, HRV paradoxically elevated, skin warm) is the
pharmacological inverse of the coercion signature and is detectable as
a distinct toxidrome.</t>
        <t>Opioid attack (fentanyl, morphine):</t>
        <artwork><![CDATA[
    DETECTED if: z_RESP < -2.0 AND delta_TEMP > 0 AND z_RMSSD < 0
]]></artwork>
        <t>Detection of any pharmacological attack pattern <bcp14>MUST</bcp14> result in
authorization denial with reason code PHARMACOLOGICAL_ANOMALY.</t>
      </section>
    </section>
    <section anchor="protocol-overview">
      <name>Protocol Overview</name>
      <t>The LICET authorization protocol proceeds as follows:</t>
      <ol spacing="normal" type="1"><li>
          <t><strong>Request.</strong> Agent A submits an authorization request to LICET
Server S specifying: action descriptor (a), agent identifier
(id_A), target entity (tgt), and Unix timestamp (ts).</t>
        </li>
        <li>
          <t><strong>Biometric Capture.</strong> Server S instructs Wearable W to capture
physiological data over a minimum window t_c of 60 seconds. RMSSD
computation requires a minimum of 60 seconds of inter-beat interval
data to achieve acceptable statistical reliability.</t>
        </li>
        <li>
          <t><strong>Three-Layer Evaluation.</strong> Server S evaluates the captured signals
according to Sections 3 and 5. If any layer fails, or cognitive
impairment is detected, authorization <bcp14>MUST</bcp14> be denied with the
appropriate reason code.</t>
        </li>
        <li>
          <t><strong>Intent Hash Generation.</strong> Server S computes:  </t>
          <artwork><![CDATA[
 h = SHA-256(a || id_A || tgt || ts)
]]></artwork>
        </li>
        <li>
          <t><strong>Session Key Derivation.</strong> Server S derives a per-event session
key using HKDF <xref target="RFC5869"/>:  </t>
          <artwork><![CDATA[
 k_s = HKDF-SHA256(k_m, h)
]]></artwork>
          <t>
where k_m is the master key held by S.</t>
        </li>
        <li>
          <t><strong>Biometric Signature.</strong> Server S computes:  </t>
          <artwork><![CDATA[
 σ = HMAC-SHA256(h || f_HR || s_O2 || v_RMSSD || ts, k_s)
]]></artwork>
        </li>
        <li>
          <t><strong>Zero-Knowledge Proof.</strong> Server S generates a Schnorr proof π
over BN128 as specified in Section 6.</t>
        </li>
        <li>
          <t><strong>Ledger Append.</strong> Server S appends an entry to the hash-chained
ledger as specified in Section 7.</t>
        </li>
        <li>
          <t><strong>Authorization Token.</strong> Server S returns to Agent A: intent
hash h, biometric signature σ, ZKP proof π, ledger record
identifier, and timestamp.</t>
        </li>
      </ol>
    </section>
    <section anchor="biometric">
      <name>Biometric Capture</name>
      <section anchor="biometric-sources">
        <name>Biometric Sources</name>
        <t>LICET <bcp14>MUST</bcp14> accept biometric input from hardware meeting the trust level
requirements defined in Section 8. The minimum capture window is 60 seconds.</t>
        <t>Supported source types:</t>
        <ul spacing="normal">
          <li>
            <t>ECG: Apple Watch Series 4+ (HealthKit HKElectrocardiogram, 512 Hz)</t>
          </li>
          <li>
            <t>EDA: WHOOP 5 (continuous); Samsung Galaxy Watch 7 (spot-check)</t>
          </li>
          <li>
            <t>HR/HRV: Any BLE GATT Heart Rate Profile device (IEEE 11073)</t>
          </li>
          <li>
            <t>HR/HRV: Android Health Connect API; Apple HealthKit</t>
          </li>
          <li>
            <t>Direct I2C sensor integration (e.g., MAX30102 for HR/SpO2)</t>
          </li>
          <li>
            <t>Software simulation (development environments only; trust level L0)</t>
          </li>
        </ul>
      </section>
      <section anchor="captured-signals">
        <name>Captured Signals</name>
        <t>The following signals <bcp14>MUST</bcp14> be captured where hardware supports them:</t>
        <ul spacing="normal">
          <li>
            <t><strong>f_HR</strong>: Heart rate (BPM) — required</t>
          </li>
          <li>
            <t><strong>v_RMSSD</strong>: RMSSD of RR intervals (ms) — required; minimum 60s window</t>
          </li>
          <li>
            <t><strong>s_O2</strong>: Peripheral oxygen saturation (%) — required</t>
          </li>
          <li>
            <t><strong>v_EDA_SCL</strong>: Skin conductance level (microsiemens) — required for L2+</t>
          </li>
          <li>
            <t><strong>v_EDA_SCR</strong>: Skin conductance response rate (events/min) — required for L2+</t>
          </li>
          <li>
            <t><strong>v_TEMP</strong>: Skin temperature delta from resting baseline (°C) — <bcp14>RECOMMENDED</bcp14></t>
          </li>
          <li>
            <t><strong>v_TREMOR</strong>: 8-12 Hz accelerometer power (m/s²) — <bcp14>RECOMMENDED</bcp14></t>
          </li>
          <li>
            <t><strong>v_RESP</strong>: Respiratory rate (breaths/min) — <bcp14>RECOMMENDED</bcp14></t>
          </li>
        </ul>
      </section>
      <section anchor="layer-execution">
        <name>Layer Execution</name>
        <t>The three layers defined in Section 3 <bcp14>MUST</bcp14> be executed in order:</t>
        <ol spacing="normal" type="1"><li>
            <t>Layer 1 (ECG identity): if rho_ECG &lt; theta_ECG, DENY with IDENTITY_MISMATCH</t>
          </li>
          <li>
            <t>Layer 2 (EDA liveness): if z_EDA_SCL &lt;= theta_EDA, DENY with LIVENESS_FAILED
(if EDA hardware unavailable, log LIVENESS_UNVERIFIED and continue at reduced assurance)</t>
          </li>
          <li>
            <t>Pharmacological pattern check (Section 3.4): if any pattern detected, DENY with PHARMACOLOGICAL_ANOMALY</t>
          </li>
          <li>
            <t>Layer 3 (Mahalanobis fusion): if D_M &gt; theta_DM, DENY with STATE_ANOMALY</t>
          </li>
        </ol>
      </section>
      <section anchor="spo2-cognitive-impairment-check">
        <name>SpO2 Cognitive Impairment Check</name>
        <artwork><![CDATA[
    I(s_O2) = IMPAIRED if s_O2 < 90%, NORMAL otherwise
]]></artwork>
        <t>Authorization <bcp14>MUST</bcp14> be denied if I(s_O2) = IMPAIRED with reason COGNITIVE_IMPAIRMENT.</t>
      </section>
    </section>
    <section anchor="crypto">
      <name>Intent Hash and Cryptographic Binding</name>
      <section anchor="intent-hash">
        <name>Intent Hash</name>
        <t>The intent hash uniquely identifies the requested action:</t>
        <artwork><![CDATA[
    h = SHA-256(a || id_A || tgt || ts)
]]></artwork>
        <t>where || denotes concatenation, a is the UTF-8 encoded action
descriptor, id_A is the UTF-8 encoded agent identifier, tgt is the
UTF-8 encoded target entity, and ts is the Unix timestamp encoded
as a 64-bit big-endian integer.</t>
        <t>The intent hash is the cryptographic anchor binding the biometric
authorization to a specific action at a specific time.</t>
      </section>
      <section anchor="session-key-derivation">
        <name>Session Key Derivation</name>
        <t>A per-event session key <bcp14>SHALL</bcp14> be derived using HKDF <xref target="RFC5869"/>:</t>
        <artwork><![CDATA[
    k_s = HKDF(hash=SHA-256, IKM=k_m, info=h, L=32)
]]></artwork>
        <t>where k_m is the server master key (minimum 256 bits, generated
using a cryptographically secure random number generator) and h
is the intent hash.</t>
        <t>HKDF's extract step <bcp14>MAY</bcp14> use a salt; if omitted, HKDF uses a
zero-length salt as defined in <xref target="RFC5869"/> Section 2.2.</t>
        <t>Session key isolation ensures that compromise of k_s for event i
does not expose k_s for any other event j, nor the master key k_m.</t>
      </section>
      <section anchor="biometric-temporal-signature">
        <name>Biometric Temporal Signature</name>
        <artwork><![CDATA[
    σ = HMAC-SHA256(h || f_HR || s_O2 || v_HRV || ts, k_s)
]]></artwork>
        <t>The biometric values f_HR, s_O2, v_HRV <bcp14>MUST</bcp14> be encoded as IEEE 754
double-precision (64-bit) big-endian floating-point values.</t>
        <t>Properties:</t>
        <ul spacing="normal">
          <li>
            <t><strong>Event-unique:</strong> ts ensures no replay across distinct events.</t>
          </li>
          <li>
            <t><strong>Action-bound:</strong> h is embedded; σ is cryptographically invalid
for any action other than the one specified in h.</t>
          </li>
          <li>
            <t><strong>Non-invertible:</strong> biometric values cannot be recovered from σ
without k_s.</t>
          </li>
        </ul>
      </section>
    </section>
    <section anchor="zkp">
      <name>Zero-Knowledge Proof</name>
      <t>LICET uses a non-interactive Schnorr proof over the BN128 elliptic
curve with the Fiat-Shamir heuristic <xref target="FIAT1987"/>.</t>
      <t>Let G be the BN128 generator point and q the group order.</t>
      <section anchor="proof-generation">
        <name>Proof Generation</name>
        <ol spacing="normal" type="1"><li>
            <t>Compute witness:  </t>
            <artwork><![CDATA[
 w = SHA-256(σ || h) mod q
]]></artwork>
          </li>
          <li>
            <t>Compute public key:  </t>
            <artwork><![CDATA[
 PK = w · G
]]></artwork>
          </li>
          <li>
            <t>Sample random nonce:  </t>
            <artwork><![CDATA[
 r ← Z_q
]]></artwork>
          </li>
          <li>
            <t>Compute commitment:  </t>
            <artwork><![CDATA[
 R = r · G
]]></artwork>
          </li>
          <li>
            <t>Compute challenge (Fiat-Shamir):  </t>
            <artwork><![CDATA[
 c = SHA-256(R || PK || h) mod q
]]></artwork>
          </li>
          <li>
            <t>Compute response:  </t>
            <artwork><![CDATA[
 s = (r - c · w) mod q
]]></artwork>
          </li>
        </ol>
        <t>The proof is π = (R, c, s, PK).</t>
      </section>
      <section anchor="proof-verification">
        <name>Proof Verification</name>
        <t>Given π = (R, c, s, PK) and intent hash h, a verifier V computes:</t>
        <artwork><![CDATA[
    s · G + c · PK =?= R
]]></artwork>
        <t>AND verifies:</t>
        <artwork><![CDATA[
    c =?= SHA-256(R || PK || h) mod q
]]></artwork>
        <t>If both equalities hold, V is convinced that the prover possessed
knowledge of w — and therefore that a valid biometric signature
existed for this intent hash — without learning σ, f_HR, s_O2,
or v_HRV.</t>
      </section>
    </section>
    <section anchor="ledger">
      <name>Tamper-Evident Ledger</name>
      <section anchor="structure">
        <name>Structure</name>
        <t>Every authorization event <bcp14>MUST</bcp14> be appended to a hash-chained
ledger. Each entry contains:</t>
        <ul spacing="normal">
          <li>
            <t>Sequential record identifier</t>
          </li>
          <li>
            <t>Intent hash h</t>
          </li>
          <li>
            <t>Authorization result (authorized: true/false)</t>
          </li>
          <li>
            <t>Coercion risk level</t>
          </li>
          <li>
            <t>Cognitive state</t>
          </li>
          <li>
            <t>ZKP proof π</t>
          </li>
          <li>
            <t>Unix timestamp</t>
          </li>
        </ul>
      </section>
      <section anchor="chaining">
        <name>Chaining</name>
        <artwork><![CDATA[
    L_0 = SHA-256(entry_0 || "LICET-GENESIS")
    L_n = SHA-256(entry_n || L_{n-1}),  n >= 1
]]></artwork>
        <t>Any retroactive modification to entry i invalidates L_i, L_{i+1},
..., L_n, making tampering mathematically detectable by any party
recomputing the chain.</t>
      </section>
      <section anchor="integrity-verification">
        <name>Integrity Verification</name>
        <t>Implementations <bcp14>MUST</bcp14> provide a mechanism to verify the full hash
chain and return a boolean integrity result. This mechanism <bcp14>MUST</bcp14>
be publicly accessible without authentication.</t>
      </section>
    </section>
    <section anchor="api-specification">
      <name>API Specification</name>
      <t>Implementations <bcp14>SHOULD</bcp14> expose the following HTTP endpoints:</t>
      <table>
        <thead>
          <tr>
            <th align="left">Method</th>
            <th align="left">Path</th>
            <th align="left">Description</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">GET</td>
            <td align="left">/v1/health</td>
            <td align="left">Protocol liveness and mode</td>
          </tr>
          <tr>
            <td align="left">POST</td>
            <td align="left">/v1/authorize</td>
            <td align="left">Full biometric authorization</td>
          </tr>
          <tr>
            <td align="left">POST</td>
            <td align="left">/v1/biometric/push</td>
            <td align="left">Receive wearable data</td>
          </tr>
          <tr>
            <td align="left">POST</td>
            <td align="left">/v1/authorize/from-push</td>
            <td align="left">Authorize from push data</td>
          </tr>
          <tr>
            <td align="left">POST</td>
            <td align="left">/v1/verify</td>
            <td align="left">ZKP verification</td>
          </tr>
          <tr>
            <td align="left">GET</td>
            <td align="left">/v1/ledger/integrity</td>
            <td align="left">Chain integrity check</td>
          </tr>
          <tr>
            <td align="left">GET</td>
            <td align="left">/v1/ledger/history</td>
            <td align="left">Authorization history</td>
          </tr>
        </tbody>
      </table>
      <section anchor="authorization-request">
        <name>Authorization Request</name>
        <artwork><![CDATA[
    POST /v1/authorize
    Content-Type: application/json

    {
      "action":          string,
      "agent_id":        string,
      "target":          string,
      "capture_seconds": integer (minimum: 60)
    }
]]></artwork>
      </section>
      <section anchor="authorization-response">
        <name>Authorization Response</name>
        <artwork><![CDATA[
    {
      "authorized":          boolean,
      "intent_hash":         hex string,
      "biometric_signature": hex string,
      "coercion_risk":       "LOW" | "MEDIUM" | "HIGH",
      "cognitive_state":     "NORMAL" | "IMPAIRED",
      "trust_level":         "L0" | "L1" | "L2" | "L3",
      "denial_reason":       string | null,
      "zkp_proof": {
        "commitment": { "x": string, "y": string },
        "challenge":  hex string,
        "response":   hex string,
        "public_key": { "x": string, "y": string }
      },
      "ledger_id":   integer,
      "timestamp":   number
    }
]]></artwork>
      </section>
    </section>
    <section anchor="trustlevels">
      <name>Biometric Trust Levels</name>
      <t>LICET defines four trust levels for wearable evidence, aligned with the
IETF RATS architecture (RFC 9334 <xref target="RFC9334"/>):</t>
      <table>
        <thead>
          <tr>
            <th align="left">Level</th>
            <th align="left">Name</th>
            <th align="left">Description</th>
            <th align="left">Example Hardware</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">L0</td>
            <td align="left">No attestation</td>
            <td align="left">Software simulation; no hardware binding</td>
            <td align="left">Development only</td>
          </tr>
          <tr>
            <td align="left">L1</td>
            <td align="left">Platform attestation</td>
            <td align="left">App-level attestation; OS-signed evidence</td>
            <td align="left">Consumer BLE + HealthKit/Health Connect</td>
          </tr>
          <tr>
            <td align="left">L2</td>
            <td align="left">Hardware attestation</td>
            <td align="left">Device-rooted attestation key; third-party verifiable CA</td>
            <td align="left">Pixel Watch 2 + Titan M2 + Android Key Attestation</td>
          </tr>
          <tr>
            <td align="left">L3</td>
            <td align="left">Sensor-to-TEE direct</td>
            <td align="left">Sensor measurement attested directly within TEE</td>
            <td align="left">Not yet available in consumer hardware</td>
          </tr>
        </tbody>
      </table>
      <t>Deployments <bcp14>MUST</bcp14> declare their trust level in the authorization response.
Verifiers and Relying Parties <bcp14>MUST NOT</bcp14> treat L0 or L1 physiological
evidence as proof of genuine measurement — these levels provide
dimensionality and raise attack complexity but do not constitute
hardware-rooted attestation.</t>
      <t>L3 is specified as a future target. A separate specification defining the
wearable Sub-Attester role, its signing key establishment procedure, and
the chain-of-trust from sensor to Verifier is required before L3 can be
normatively specified.</t>
      <section anchor="rats-composite-attester-mapping">
        <name>RATS Composite Attester Mapping</name>
        <t>In LICET deployments following the RATS Composite Attester topology
(RFC 9334 Section 3.1.4):</t>
        <ul spacing="normal">
          <li>
            <t><strong>Sub-Attester</strong>: Wearable device (physiological signal source)</t>
          </li>
          <li>
            <t><strong>Lead Attester</strong>: Mobile application (Evidence aggregator)</t>
          </li>
          <li>
            <t><strong>Verifier</strong>: LICET Server</t>
          </li>
          <li>
            <t><strong>Endorser</strong>: Hardware manufacturer (for L2: device attestation CA)</t>
          </li>
          <li>
            <t><strong>Relying Party</strong>: AI agent or authorization system</t>
          </li>
        </ul>
        <t>This topology is informative only. Normative specification of the
Composite Attester profile for physiological wearable Attesters is
future work.</t>
      </section>
    </section>
    <section anchor="baseline">
      <name>Baseline Capture Protocol</name>
      <t>The Mahalanobis distance computation (Section 3.3) requires an individual
physiological baseline. Implementations <bcp14>MUST</bcp14> collect baseline data before
enabling Layer 3 authorization.</t>
      <section anchor="baseline-requirements">
        <name>Baseline Requirements</name>
        <ul spacing="normal">
          <li>
            <t>Minimum 5 sessions</t>
          </li>
          <li>
            <t>Minimum 3 minutes per session</t>
          </li>
          <li>
            <t>Sessions collected in calm resting state (no acute stress, no exercise
within 30 minutes, no stimulant intake within 2 hours)</t>
          </li>
          <li>
            <t>Sessions distributed across at least 3 calendar days</t>
          </li>
        </ul>
      </section>
      <section anchor="baseline-data">
        <name>Baseline Data</name>
        <t>For each session, compute and store:</t>
        <ul spacing="normal">
          <li>
            <t>Per-signal mean (mu_i^B) and standard deviation (sigma_i^B) for all
captured signals</t>
          </li>
          <li>
            <t>Covariance matrix S of z-scores across sessions</t>
          </li>
          <li>
            <t>Session timestamp and declared collection conditions</t>
          </li>
        </ul>
      </section>
      <section anchor="baseline-validity">
        <name>Baseline Validity</name>
        <t>Baselines expire after 30 days. Implementations <bcp14>MUST</bcp14> require re-calibration
after expiry.</t>
        <t>Pre-medication anomaly detection: if resting HR deviates more than 15%
from baseline mean, or EDA SCL is below 50% of baseline mean, the
implementation <bcp14>SHOULD</bcp14> flag BASELINE_ANOMALY and require manual confirmation
before accepting the authorization.</t>
      </section>
      <section anchor="baseline-security">
        <name>Baseline Security</name>
        <t>Baseline data <bcp14>MUST</bcp14> be stored with integrity protection (e.g., HMAC under
a key separate from k_m). Baseline tampering <bcp14>MUST</bcp14> be treated as a security
event. The baseline is self-asserted by the Authorizer and <bcp14>MUST NOT</bcp14> be
treated as a trusted Reference Value in the RATS sense — it is
corroborative, not authoritative.</t>
      </section>
    </section>
    <section anchor="security">
      <name>Security Considerations</name>
      <section anchor="replay-attack-prevention">
        <name>Replay Attack Prevention</name>
        <t>Each authorization event produces a unique intent hash h binding
the action, agent identifier, target, and timestamp. An authorization
token for action a at time ts is cryptographically invalid for any
other action or time. Implementations <bcp14>MUST</bcp14> reject authorization
requests with timestamps outside a configurable window
(<bcp14>RECOMMENDED</bcp14>: 60 seconds).</t>
      </section>
      <section anchor="pharmacological-attack-resistance">
        <name>Pharmacological Attack Resistance</name>
        <t>LICET employs three mechanisms to raise the cost of pharmacological attacks:</t>
        <ol spacing="normal" type="1"><li>
            <t><strong>ECG morphology anchor (Layer 1):</strong> No common medication class alters
ECG QRS morphology sufficiently to defeat morphology-based identity
matching. This layer is medication-resistant by anatomical constraint.</t>
          </li>
          <li>
            <t><strong>EDA liveness (Layer 2):</strong> EDA is mediated by sympathetic cholinergic
(not adrenergic) innervation. Beta-adrenergic blockers (propranolol,
metoprolol, atenolol) do not suppress EDA <xref target="FOWLES1986"/>.</t>
          </li>
          <li>
            <t><strong>Mahalanobis fusion (Layer 3):</strong> Personalized distance over five signals
requires simultaneous manipulation of five independent physiological
dimensions. Beta-blockers suppress tremor (detectable as z_TREMOR &lt; -2.0)
but do not suppress RMSSD — parasympathetic vagal withdrawal under acute
stress persists under beta-blockade <xref target="BRANTIGAN1982"/>. Anticholinergic
agents suppress EDA but produce an inverted toxidrome (elevated HRV, warm
skin) detectable as a distinct pattern. No currently known pharmacological
combination simultaneously defeats all five signals while remaining
hemodynamically compatible with cognitive function.</t>
          </li>
        </ol>
        <t>LICET does not claim to make coercion impossible. It elevates the cost and
complexity of coercion attacks to a level that raises the probability of
detection through other channels (behavioral anomaly, medical supervision,
witness observation).</t>
      </section>
      <section anchor="consumer-hardware-accuracy">
        <name>Consumer Hardware Accuracy</name>
        <t>Wrist-based photoplethysmography (PPG) provides HR and SpO2
estimates adequate for the detection thresholds defined in this
document. Clinical deployments <bcp14>SHOULD</bcp14> require medically certified
sensor hardware.</t>
      </section>
      <section anchor="master-key-compromise">
        <name>Master Key Compromise</name>
        <t>Compromise of the master key k_m exposes all session keys computable
from it. Implementations <bcp14>MUST</bcp14> protect k_m using hardware security
modules or equivalent mechanisms. Key rotation procedures <bcp14>MUST</bcp14> be
defined by the deployment.</t>
      </section>
      <section anchor="biometric-privacy">
        <name>Biometric Privacy</name>
        <t>Raw biometric values <bcp14>MUST NOT</bcp14> be stored in the ledger. The ZKP
mechanism defined in Section 6 ensures that auditors can verify
authorization validity without accessing biometric data, satisfying
the data minimization principle of privacy regulations including
<xref target="LGPD"/> and GDPR.</t>
      </section>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <t>This document has no IANA actions at this time.</t>
      <t>Future versions of this protocol may request registration of:</t>
      <ul spacing="normal">
        <li>
          <t>A media type for LICET authorization tokens</t>
        </li>
        <li>
          <t>An OAuth 2.0 token type for LICET tokens <xref target="RFC7519"/></t>
        </li>
        <li>
          <t>A well-known URI for LICET discovery</t>
        </li>
      </ul>
    </section>
    <section anchor="openproblems">
      <name>Open Research Problems</name>
      <t>The following problems are identified for future specification:</t>
      <ol spacing="normal" type="1"><li>
          <t><strong>L3 wearable attestation:</strong> Specification of a sensor-to-TEE direct
attestation mechanism for consumer wearable devices. Requires hardware
vendor cooperation for signing key establishment and CA infrastructure.</t>
        </li>
        <li>
          <t><strong>RATS Composite Attester profile:</strong> Normative definition of the
wearable Sub-Attester role, Evidence format, and Endorser requirements
for physiological Attesters in the RATS architecture (RFC 9334).</t>
        </li>
        <li>
          <t><strong>ECG feature extraction standardization:</strong> Standardization of the
feature vector f(ecg) to enable interoperability across wearable
platforms.</t>
        </li>
        <li>
          <t><strong>Baseline federation:</strong> Secure transfer of baseline profiles across
devices and deployments while preserving the self-asserted (non-trusted)
nature of baseline data.</t>
        </li>
        <li>
          <t><strong>EDA hardware coverage:</strong> Extension of Layer 2 to hardware platforms
beyond WHOOP 5 and Samsung Galaxy Watch 7, or definition of an
equivalent liveness signal achievable on PPG-only hardware.</t>
        </li>
      </ol>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <reference anchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
        <reference anchor="RFC5869">
          <front>
            <title>HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</title>
            <author fullname="H. Krawczyk" initials="H." surname="Krawczyk"/>
            <author fullname="P. Eronen" initials="P." surname="Eronen"/>
            <date month="May" year="2010"/>
            <abstract>
              <t>This document specifies a simple Hashed Message Authentication Code (HMAC)-based key derivation function (HKDF), which can be used as a building block in various protocols and applications. The key derivation function (KDF) is intended to support a wide range of applications and requirements, and is conservative in its use of cryptographic hash functions. This document is not an Internet Standards Track specification; it is published for informational purposes.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="5869"/>
          <seriesInfo name="DOI" value="10.17487/RFC5869"/>
        </reference>
        <reference anchor="RFC2104">
          <front>
            <title>HMAC: Keyed-Hashing for Message Authentication</title>
            <author fullname="H. Krawczyk" initials="H." surname="Krawczyk"/>
            <author fullname="M. Bellare" initials="M." surname="Bellare"/>
            <author fullname="R. Canetti" initials="R." surname="Canetti"/>
            <date month="February" year="1997"/>
            <abstract>
              <t>This document describes HMAC, a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function, e.g., MD5, SHA-1, in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="2104"/>
          <seriesInfo name="DOI" value="10.17487/RFC2104"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="RFC6962">
          <front>
            <title>Certificate Transparency</title>
            <author fullname="B. Laurie" initials="B." surname="Laurie"/>
            <author fullname="A. Langley" initials="A." surname="Langley"/>
            <author fullname="E. Kasper" initials="E." surname="Kasper"/>
            <date month="June" year="2013"/>
            <abstract>
              <t>This document describes an experimental protocol for publicly logging the existence of Transport Layer Security (TLS) certificates as they are issued or observed, in a manner that allows anyone to audit certificate authority (CA) activity and notice the issuance of suspect certificates as well as to audit the certificate logs themselves. The intent is that eventually clients would refuse to honor certificates that do not appear in a log, effectively forcing CAs to add all issued certificates to the logs.</t>
              <t>Logs are network services that implement the protocol operations for submissions and queries that are defined in this document.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6962"/>
          <seriesInfo name="DOI" value="10.17487/RFC6962"/>
        </reference>
        <reference anchor="RFC7519">
          <front>
            <title>JSON Web Token (JWT)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <date month="May" year="2015"/>
            <abstract>
              <t>JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7519"/>
          <seriesInfo name="DOI" value="10.17487/RFC7519"/>
        </reference>
        <reference anchor="RFC9334">
          <front>
            <title>Remote ATtestation procedureS (RATS) Architecture</title>
            <author>
              <organization>IETF</organization>
            </author>
            <date year="2023"/>
          </front>
        </reference>
        <reference anchor="RFC8610">
          <front>
            <title>Concise Data Definition Language (CDDL): A Notational Convention to Express Concise Binary Object Representation (CBOR) and JSON Data Structures</title>
            <author>
              <organization>IETF</organization>
            </author>
            <date year="2019"/>
          </front>
        </reference>
        <reference anchor="SSRN7018458" target="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=7018458">
          <front>
            <title>LICET: A Biometric Intent Authorization Protocol for Autonomous AI Agents</title>
            <author initials="C. R." surname="Pereira" fullname="Christian Rodrigues Pereira">
              <organization/>
            </author>
            <date year="2026" month="June" day="29"/>
          </front>
        </reference>
        <reference anchor="EUAIACT">
          <front>
            <title>Regulation (EU) 2024/1689 on Artificial Intelligence (EU AI Act)</title>
            <author>
              <organization>European Parliament</organization>
            </author>
            <date year="2024"/>
          </front>
        </reference>
        <reference anchor="LGPD">
          <front>
            <title>Lei Geral de Proteção de Dados Pessoais (Lei 13.709/2018)</title>
            <author>
              <organization>Brazil</organization>
            </author>
            <date year="2018"/>
          </front>
        </reference>
        <reference anchor="FIAT1987">
          <front>
            <title>How to Prove Yourself: Practical Solutions to Identification and Signature Problems</title>
            <author initials="A." surname="Fiat" fullname="Amos Fiat">
              <organization/>
            </author>
            <author initials="A." surname="Shamir" fullname="Adi Shamir">
              <organization/>
            </author>
            <date year="1987"/>
          </front>
          <seriesInfo name="CRYPTO '86" value="LNCS vol. 263, pp. 186-194"/>
        </reference>
        <reference anchor="THAYER2012">
          <front>
            <title>A meta-analysis of heart rate variability and neuroimaging studies</title>
            <author initials="J. F." surname="Thayer" fullname="Julian F. Thayer">
              <organization/>
            </author>
            <date year="2012"/>
          </front>
          <seriesInfo name="Neuroscience &amp; Biobehavioral Reviews" value="36(2):747-756"/>
        </reference>
        <reference anchor="WESAD2018">
          <front>
            <title>Introducing WESAD, a Multimodal Dataset for Wearable Stress and Affect Detection</title>
            <author initials="P." surname="Schmidt" fullname="Philip Schmidt">
              <organization/>
            </author>
            <date year="2018"/>
          </front>
          <seriesInfo name="ACM ICMI 2018" value="Proceedings of the 20th ACM International Conference on Multimodal Interaction"/>
        </reference>
        <reference anchor="FOWLES1986">
          <front>
            <title>The eccrine system and electrodermal activity</title>
            <author initials="D. C." surname="Fowles" fullname="Don C. Fowles">
              <organization/>
            </author>
            <date year="1986"/>
          </front>
          <seriesInfo name="Psychophysiology" value="Handbook of Psychophysiology, pp. 51-96"/>
        </reference>
        <reference anchor="BRANTIGAN1982">
          <front>
            <title>Effect of beta blockade and beta stimulation on stage fright</title>
            <author initials="C. O." surname="Brantigan" fullname="C. O. Brantigan">
              <organization/>
            </author>
            <date year="1982"/>
          </front>
          <seriesInfo name="Am J Med" value="72(1):88-94"/>
        </reference>
        <reference anchor="LAKIE2019">
          <front>
            <title>Physiological tremor</title>
            <author initials="M." surname="Lakie" fullname="Martin Lakie">
              <organization/>
            </author>
            <date year="1994"/>
          </front>
          <seriesInfo name="J Neurol Neurosurg Psychiatry" value="57(Suppl):56-60"/>
        </reference>
      </references>
    </references>
    <?line 801?>

<section anchor="protocol-timestamp">
      <name>Protocol Timestamp</name>
      <t>The LICET protocol was first documented and registered on the Bitcoin
blockchain via OpenTimestamps on February 25, 2026. The SHA-256 hash
of the original protocol document is publicly archived as a tamper-
evident timestamp predating this Internet-Draft.</t>
    </section>
    <section anchor="reference-implementation">
      <name>Reference Implementation</name>
      <t>A reference implementation of this protocol is publicly available:</t>
      <ul spacing="normal">
        <li>
          <t><strong>Live API:</strong> https://licet.dev/v1/</t>
        </li>
        <li>
          <t><strong>Source code:</strong> https://github.com/christianrp45/licet-protocol</t>
        </li>
        <li>
          <t><strong>Preprint:</strong> https://papers.ssrn.com/sol3/papers.cfm?abstract_id=7018458</t>
        </li>
      </ul>
    </section>
    <section numbered="false" anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>The author thanks the open-source communities behind FastAPI, py_ecc,
and OpenTimestamps. Protocol design was informed by prior work on
coercion-resistant authentication, affective computing, and
blockchain-based audit trails. The author thanks David Condrey (Linux
Foundation) for technical review identifying the attestation chain gap
and the need for a separate wearable Attester specification.</t>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA6V9224bSZrmfT5FrAq9TbpIWgdLtuk6LC3Rlrp0apJV3urB
tJDMDJLZJjPZmUnJLFuLBhqY67nYB1hgL/Z2scBi73seoN5hnmT/7/8jIiMp
ylXdM5hqi8nIOP6H7z8F2+12UCblXHfVzvnZcX/UVRereZm0L7I4nKvr2bpI
snk2TSL6dLpahGn7LC11WqofdJ5M6HGZZKmaZLnqrcoszRbZqlC9M9WbohE9
m2V58hO32gnC8TjXt3Yo6U+Z/q7zrMyibL4TUJ96muXrrkrSSRYEcRal4YJm
GOfhpGwvda6TPGzPk0iX7RnPKeE+2rt7QbEaL5KCJp2W6yW9c9YfvQnS1WKs
824QU89dtb+7f9Tefd7e3Q+iLC10WqyKrpqE80IHNLmDIAhzHXbVUEerPCnX
wV2Wv5/m2WpJ3aVxcpvEK9qNoRspCN7rNTWKu4FqY/FFONH0Hn3g6ansVudF
Mp2VeDROsoUu8yRSob87+OonnWft92l2N9fxVKtlnmUTPA+rrQ2xrwUeRpnO
I2x+rEsd2S5mOsxLldNC1W2YJ+E4mScyFT2nVnkW63xBsw/pjVvzTZQtllmR
0CthWeqi1DmeDnqjYW2cXBdJUYZppGmHeOpYb6Do/yar+VzO6HiWU6OEFj3I
4jyZrnShruXEuGWWT8PULLmr9HE2D8eFOtF0DLfZ/DZZ0PIyWhK9VBRZWCit
rswr//a//u3/Um/no5Neh/uKslVagk5e5+FPyZyf6UWYzLv0VVqGZfZfdMQD
dGiJnXHOLehMu2pWlsui+/QpE1En1rdBkGa0MbQpmlalBm+O9/f2Xpo/X+w9
f2b+PHxx9NI12KWnAYi0/ubRy6N98+fzQ9fJy4MD7kQpy3ADvcho03sjbLow
Eh15pONVroeqgQNoql4ezRIcMD3c4dfd3iuzoYbK8clR+IGZ+dHebn3Q4yyN
kkKrk7AMad8nSZrwyOdhOl0RdanG8cnJebOreuoyk1kRudBbt3QyaEjH0/+w
JGIolO3rdZKG+Vpdjf9E81QDjW91apbUOH59NWiqMI3V74ZXlzLwsMxXvKTi
169p7yV9HA4Hl8939148O3xRX5eRXj2ajOUvI1lqQsjJmcdk1tYJ/Tra9sXL
UXv/pcwvzKe6rChuGZIAKzpFkaegyqdFNj+wD6PJ4lui1jIn7rxJ4q/NQqmf
/ve9s97xaJN+pqu52eT+902M/Ozp3tGLl4qe9PIS8jmhw8M+zOcJrS7SaMlr
jcrmo1vfX+XZUtM6r8N8noTgyfoCn9HH87fXJxtHoBP1Vuc0IviX9lkTy/5P
5uaTMM4Kw9NJoRpounfQeb778ikd7IvHp+KxtqMDbMibs95o7+WL5/UZnGZ3
oE8a+1arH7NVXuj5pEufIe6gwobZfIUNK9DsLAZJOyUGCh0m0zQEXaKP8Vwv
tpJD2xBEb0GLepOE5ebzOFHDWbhIcm/imC1/LEhzkiglsWH72zke/Hg9ulK/
fXG0g328PB4qkoYdtX900FLLZUftvThq7718hsmMTns/9ge0Dfv1tfcUkX3Y
DoldSWkXKps8ogx4oammM04W4TRJp6ooV3GynRXtkn63moPw33TUaBaudV4/
kf3HFnaJYYooYdL7z+DNsZ6Ft0kGKhno20TfFVjywVFjv9l9/ux5+/nhEebx
rj/sneCs64skUiYVtoowa27SUqEglgUDFgiXQpfM3O9o9SGdIYQNpBWW3ZtM
IKJOrMr83JKvZ7RdSzWMZoskLh+S4NYF944v1NnxxRk3wsquIdF1TBPmIyln
mr4qZ4obEmPmqSdjJyRNsFNEjd6iuFno5vvm6t15f0jkdFTfmxF1raMoT1Kt
ijWp8QUvebve/9zCT2j44456AxxS1Cn46LF1XxfraJYtLV5cY+mnNPw4y95j
3ZvfC1kf7rVf8nG/HvQuR2dve5c0xgZd9+XIqI8x0bcaz7PofUgiBWvjJySS
F1YO0v+TKiUtNsmBtz63SlrhVQfyhWQAAYz6Oh8l6N5C/U5d6Bjre77f2Gt2
X7xoC2Oe974760NN1edfx9BEioss/9y8LohnE+jj94muTerls8cm9TvFfDaX
f4pVPpX9JsmU80kcPm8MV8vlvNk9PGof7e4EQbtNsNKomiCo60HBmEp/IABc
gtMYJv95BWlpSAgSNKdHCUnKOoxd6GhGcK1YkIidhaW6hZ2wVmlGR5jO1yph
oUtSaLwqIeQIwgE7CILvELSAik2nfj+miyd3s+yJG03HRAFmLq/AVmsVhSmG
qZprepwHYDn7FlYjmPyOsOUqZXDLXcW0yimw0K2eo6slRAcNVzLLLjJWgkSE
tdV2gmA0I1lLJsoKDVSx1BFpFMBUNnEa59SOgO6TpFTUjrT8IiGMHT9pQnBF
+XpZZtM8XM6SKCApE8/1HRkfgIECUsZJCtHhTqU+PJQYmSrzNnEAzZENNxYZ
wbJGdECXpAKSkMYsZ7nW7TlkuAo9bNlVRMyqf/yWduZWA9IGRKjLGXOrInxL
TWkitGshKZrYKM22NQrK6mCxl3PaxlSELrF9/iog8f6IJCJEctJrSsfFerEM
ab9JWSt6b06iLKclVN0V0M/zIFksViTlaPlj1nkxiU1pacXDK55G46CJPS8g
X5lkLsJZOA/TbIxDs9bMZFWw7CDCURMaSW3sHo/JiIFWcIutBElEWcFSaTkL
aT2RbR44e4mMqTB6X0D/EhmCG1IVzcNkgVMFzTvDjchIyCUGHtfYiQrFjvIV
DXSuiS7VLCFFQIdGm3a+2z6n1dG6pikt7C4hnULjBIDNbLvVTpesiTfHCiYI
E96YlCQ2l+h8noxzZ3sw0QWwRsbzpOADTyqLt74t1HySkIJoYYfbGuaBOv3u
5A0JKLaK22QUB3TWyS1331KnF71jz/ol/bRkGFBYzEVdkbIlOyzfagkXAZ/Q
68u9/RdKp5giza+cJXncXpLQJMojGFPyVmQkXKqh9IclpKJuMVGEwfC0194/
PFKzsJi1Scwk2MEyXMhCmJAVD5zTyfSIxaxeThZLwoTOtAFHr2ga0RyHuZxn
a4iSMnhgXT693XsqY9+SecqghOidMDapK0KpkfbfmtL8V2M2DiJrceTLZ4fS
XdseU0eEuEiNIPhCWWzEYjjw8H/i438j3CFlSPinBVt/2MhJni3UMqSzuwVn
ZUzxge96iMosL6xoBOlXGsLqBCZDiKSWSvJcs9+DGgdOg0S66KiekSDzSq4t
Qjq++E8g9Uq6kFwt6Gu8ERBjELMm8g5ay+CahrRLmcCGUr0UfqM8LKyJaV4g
cRZDLyyzOzrmaZ7EtNqcVG7Jr52lSofRjJZXEJ2wzigKEuoxe3PINM5jOu9A
lMemEvjiCwX0ZQzOt+EyCAjNGQrP1xtSe5knC1Y0cgyxLoSHScDQKmh2pCl1
QLtViJfkSQJdKuqDRJkiPWgUHksTloLfPsEM1txhQWyZQt0SqReatj5uKdr8
cA7FlidiCT3efbSik0tL6GruoRSJR5oQp0ginna9UHRqK+IbajUhhdLi70js
rYrWpjIN4F/SvDOi5b99ArVJGC2bz7M7ZmKmKDhtcG6AHoIClIcCwinxacHq
ONjcT+IkInftMEnMBsCMIGCbpv9eF54CFUrtBsEnwnGmd/XJGIMkRD6pc6tt
PhEmF2HexiL5c4URaDHUGT08yVdTTxF+Cj4RY37q0v90H/1fGv2aCAxeQ+rh
v9F/l/X/qMEQYiby5Ngn9aP5r97wzdnJ1b56ytxLUvfRdicJyRZf4j5sZVqK
Oqr68f4zkGcaLhUTjiYCErqnR0/Uv//lvwv3jAsxZSabQAd0GDBIS/jY3Rkz
A7AHUsgt9KBaRW6V/AlAaHww9CIQCw9sJsMMosVRpWPh0YusNNpICNC5QtTH
j8bDcn9PsiIF5C42nbcyspjQjrxIPr8P4PJlg6tQDcjdiNSietlSe/vCDPtH
jcNms6PMd+qlpVMiWHofIxJxMsI0/VRt9/arxqR6xV5fTSDaeZkZ5BSIFVwG
Gz3SncC+zANX7xsdlQuWSaESP7PIjgElxF7QiXLWhCdmqcCiFZsPpebNoO8K
DY2WW3PWjIpVFbL9Ay1WGgGLJWbAKMX3b1oYtAiXpB3hCMaQv4Ro6PCMe/X+
vsmCnHsJZLU8vgj0O+sQII2cQBVGUIRAW8PVuN0zvu+WAfy0CSRoyGhy/iHT
/FyHsapa44Dxhkx9qHOAFNtWoiTAEcw0x87Tbt+nfVgKxK7WMxRUqA46e51n
TXAZzBr42NeBNTBiCOfStz1eAT9rqDTq3jSzapTdvAyWql0I/EUrsh7FpE5o
4gyJ2FvB2BODaJEZwDfYsMmKzwCRkSCBp6FREBvaie/tNuXEK7exuF8qf3Mh
HAhpBRlYqJ2L74ejnZb8qy6v+O9B//ffnw36J/ibQNv5ufsjMC2Gp1ffn59U
f1VvHl9dXPQvT+Rleqpqj4Kdi96PO3J6O1fXo7Ory975zoNNFZwEBctyJSdx
IntA1FWQLh3LQbw+vv7b/9gDJf4nEzkgOSIfEDugD2SMpjIaW8HyETIKJEYn
wrp2Pgf7QURDi5K1M8vuUkXGA7F08OSfsDP/3FVfjaPl3rNvzAMsuPbQ7lnt
Ie/ZwycPXpZN3PJoyzBuN2vPN3a6Pt/ej7XPdt+9h199y3ZJe+/Ft98E/0Ea
kRbBP0wjqqKR4B+hEeXTSEA0ovaMsHIU4ggEB/zERiqIHxunze4TxnRWCc6y
4oFlytCMuZaVHgKXNA1wuuhXVnzULyOfRo+77KV+PNGpLpbXWlDXppMhILHO
+tV5XLjbmsRrDN2EC3nCOpyM+Fg0xyJkQUOAlPaHDxX7alC8NHFuD16g2RIy
6Ui/NH4wk1+LxafE4gMUhjFAioX6Np4fAx5uybaNN6BiFjG6JUBsrcQwimCv
0qornEXqP+TRnQu58U6G9xohcIzXjDIhCk3VeM3rqM6RezFmwSlZm6oxMx3V
IJHz8wAt2T22J8JmmJPoxhXFVJgsWDA8qZwFVfyi8fNf7XGz4U3wgIwOfhWu
1GoZoKHAqFqDnWAXc8cW/qoBwRQzb4nOM/0J8uA+G+dX71rqon9y9v0Fmfpn
b0+bQGjmVMcWN/HR1LcI6mWVxvQH4p4FYwUiI3ipztlL5SME9fELdl0V9xYr
1M/XQR0x4yMtZi07veDK0GRys3lfY6RA+uyoPixA4xuLY4aO0HYxWyMEE8Wl
Q9Ann4TAWdBxMsm9LvvOznwnmLMjeuwEs3Pfo7n3xRUWkVWZgAhIgdLrTed7
U57vDYja6XPYcL8fDAXt6Q+kIsKlZiB8PXj6+5FIoFvAL2xIwS8nUL5hmS3M
+/A75Qt2eoyBp2kOYUQIm0liHYj5lhpPgoJD7o5YzNnTCAEB7E20eG3E5hQT
LozyDG46cQEVgYGGZEMvtO9KwhjVrspL1deFc4itcADYWG8/fpULEhvOEyXr
s+CICNnc8zBnz7Mu77ROZWIyUx7DLIjECDwdDtjplMDRXMeB85olgrZJbsVk
Ryrzf/ksu0E3XysZ8qYasjFp6Gh6YwZrtpR8tj03m0FwBzVPz5t0PAT3jET0
p6U/lCYKRPArjazpa6JhoeIEBnZzBmYFxOigFbd3zLT22Drs9t/GO3Yh33yN
OZQhf2h4qrGrdjsvDpssImD8eqkhEBKv4ZNlRyxMjblOp9RNSgRaUSec/3HG
uDacI+GkNs91R11mLLFoWp47KJqHBaPTdPqALILKKCIS5xwSrNRr0cb5xZ4r
uxQ9DuFQQE/xeq5JlTAHFqvlMstLlnpkBWj1Di9C3cHR8OxL9qefapr+7LsE
rs8HPB00Dsl6O/0J1L+Es5Kskyv2BdPU29aOtXi8UIQ2ACJWmGUygcuGrNU5
W4WmA4nlstn7kCjEl7SAjwbNYl887ZN4OulVEon1xNxKpP1KIm13zkOKgOLJ
WmX78z1pHyMicOh0xvBON4bH55zoETxoQDu8hAuwQKNB04olnC0bFSSHHvH9
B0magmZEfU+qCOcdTnc6p+FIcL/WUUj7Jvw6YXdt6SRXUgR+MKHBVOdCBsSN
2BqazS9HFYKPH6voK4M2vMp4h809DL8Rq4CiNrkpogy184vgXZeHRbs1SXL4
uaCcHcJbSU4NvHOSVMOnX9NeRO7ci36Uoz0h9dMNjXpDB0ViCudlZZJqq8Xq
hg/wKWa+CLnRN1YCnPSsiJJmPI2qndBeTpOIrcb15f1vCxdyCBrWSnzZfJTh
3p1eXV2rQ9WASzBJV0CqIMRXahguihWR4NtwHn5YG558HjSIvMp2NNOknRdE
xMRp5lD5sJ3XHYkxHjOTjFwgjAPnJWH5PHDM2CFb1bkPHFikPh3fzojPOVgn
Tg+48GnDieJJ/lbhr4KwAnNAzUB+0fSZ86Bbi0u9kXCU4c0DIB1pRt0v54Q7
iBaypYl4t4X1nAxjNiWdw35iOOPDWgAs4CAhJ4PQjG0EjPgwLKxm3xojs/qu
IEB/B3/VGn7hNIZXHAA4NEk1iIuJ+9hq1t86RjBKaQ7xaWkkqNGI1YcISy3a
Yt1YuvFo+OTmgqi3+HNeNho/CeHiheYfR+qJGv7xY3vvnv6ofeUU7E/WaVmp
SER9zBR/ahdRtskwCVjlA/3D3SV/fF2xCH2gjrHN8o3HFfj06zhCeRzRYvQ1
tJOMMj4qPqKQ4PoHxu72PTvbjnGn01h2ISakaRaZ1BZEy/mnn24GF8PhSauS
B9WfA/w56l9c87+D/sXV4J/N9lE3bWXe7Sr+57EkIzM5bm+G6D6mOB62HWxp
a3WIjOW/g8maFxBzATuuWCDNy1A2PzeW7ebeyeu8xq560RZ1vdySsSFhI/sa
We4u2+P+/lEgBUL9yoKok4sNDLXfMRDqElmggDfW2uLQssSaEaEhgWglQJxp
EWku9CNB5CrqzNQY6bwMCWwRkDqzPWlLUlvD1jZaHZAmlvmLvxCWNEGLGP5h
RLIK5NrQeWgSyXPkBaQJiyIhP9/E2sxBqKLoOZJ0ZaZJ+pAvrLyqVAakUJ6M
OXPPGGlkniXG0WxIHkHeVFJUODgT5STUzKJtWCjYXLUxo9jbDYF8vfF9Tww+
ly9GUlm6uAfPwajcvo/AHsjtKgxC1+acWHOYCdPYSAQQb6jZiAmDv2JJUp54
zQfStuMGol2kUmjAeQspf/QJfzd9Adkf9Y9H/RNCkV1H3+or1d7v7Kre5Ylw
xs3p4Mbxwzdq7/A3QQBS7Ar8cQCecDpcY1DPnEfHbN9BgqSdh+CjwodwQcND
WMrDcK+M2Mj1BIiz4CCsj/0at+E0nDeZPOI8vCPzXNwDIYd7C07ma6m7WUJk
AFpJEDGUJtXEkSH28WMtrQx4DXLSMLRdD07VnEhjY6+a5oxsfoVhpMoSJNtz
zpnf6nRgZbbL6mCqJssl4ywCIkwfhNrTJKmeLelhS5FgWWbzEHb5Z87Sojea
4F7nkA/TyGM6wi/3aucLsUhPd03EzpAkQ3o1oXm3aNY/8P7H2QeDJO0SWyJO
CeAsmmZlD5gnSSEVtE1rdCKoCi+ya7LwaT8sAs+fUtK4MclnQNerZZIlsduY
CbIs0jVoHBbc53dl0B9eP6Rvu/7aLn2F/aj4mR1u61/gYsX+ZiIWEn1w5dZ9
TiTskJZgUx84hJ4hA/q0N7joHV+dX709O+6d3/Qury565z+yf8tloV/RFiIL
VlT4NpeWc4ouJZOUDQ0JnUOt73XUkycD8RR2YKtK4Y3iQhgEodItLjLxKpo4
GW2n8eEOjZ9pTbK/a72Q4sReshM2RPYQD5CY3GnJBG4k8U2PvpNkd2W8MI1y
WjYl6PF9StgF/soCaTb0TQHVt4+5V87L43DJ/iVahZsQQv7wOxVVOu87TD2S
thi8rmfgu5VUrlARL5G6WtDRpDEyw28inPfRrpKsCAL5TBPoRPDthv6ueqi9
hk/syWiPYYNap0YguZohx2SjWULQhr3LSyP10XshyRckNhIXZQ0OsA2+x7NP
va0kt8TfCy2PrSKXHYitZsXwNFyWsyOZ5mBQZUGwAUdwSFhAiF0cnBOyiUiO
0rG6XA10kZAkJjuUz9hyLsRBnYiYIcaaad/PPsMclqyh2MDw2IHW+Qzr9J3h
b6EgHq7T2hoev88ItJqsrUaoPn1SIDj8SyTG/xSE8A/R/9CI9O/0mtS2zT6r
9S+wvBDTyGSuGWsFAyI0sWI/B6ezcZAGZT/3996E3t8UNCU0aNO8MK33N4uW
mjW5idga9MQqBRP8QNczPWd/x5B25KjOAM57/0vb8fNfMTgJFzv4DJswIY2O
f4ubq338e2tEHu9PC1Om2T3HkH9Aet13Lr3uGul1tTGncjK8STYnj5Pw1M9/
wSy8TDzEKf2gtDVmjmh9LzDYOWfSwe4mYFgbJeRHLKM0KrmUCUP4eXkYTXLx
Hh3pOY30EiPVYfgoe6/rB59r2lyp/TBismsjZ6AxkOSs5cdGnCL7+a8t9Yfv
rt0etOyccg2OY8ZxEtHkBFhpxwL/gZQjJOkGumfs6dEB5wQW1gnOzCaSxJtc
khJViHXjXBELrUsb55fYPRtYgZ+LYZJMazv4Qix/K+2MaLFyk2jYk5lBMBRH
DUSPJC+i1LJg27B//Lb7iLu08VlfaUuJr7SJTk7oXLa4gB51/yjP/YMOTgdP
Cdl0OVr4+ryv3vZGI7hqyU4dQCxdS+qqDd01zvr9vtrb231+UH+boAkhEpk3
chlSuOJ612evzBLdiuitE9pf+vZs/5gjg7C6ibKmJre2oTvTTktd9P7rwe7e
7j6nzNA4w+XVPoYcZpPyTlL3XClDI8bRZUsWxTq9TfIslQNEBsEr/3zV+W5T
8i2sThganbCRZ2eNMCu+nQ4RgeXoyLjiWHYt+GCfPIF0efKka/aRbfDG6+sL
8eU6AwstjdxBYxFAxDKDyvlfqMaiqL/2ypHe0W5hyI67gihDP9dERssZ15Zl
H9ZT5M2CMc1O/WbrJAxUxuvDRxzWiwShpwSMsTEjPqHz/S9rfQ229lX3SzRY
nxRPaUGf7RHg1HX3a70Wjb/972Pp1fMk2A7ZckGX1o8BkTHXgNfQPeLAaCye
Fn/7P4/1ARzNx0ZLSnKYLmuzqjGp8nLmLct/uXJl9iUj2CbYSdxVoqvb5M6B
o0STB8DfkkBFtTagrQmucnTUhfeaXYRHbJTqqypI1SK74PJHQSNn9OfobPTj
zcXZ8KI3Oj4F2jTBEDGBrJNWuvNMq68rp7ff4/nZD/3L/nB486Z3dt4/Edwr
XnzHOKvU+ZpbyGKoXvr+8of+4OzNGdksJsAKqeZ7jStncROQcNMVYW0RcXI3
qiSxZ7IANmNMmwq2VdN/xBwBKrPepYbv+hUXovQNR9Y3zo/l9zoc9UZ91xcI
ATKtypNVZxWePMbMKxBz1gB3NwnJnF1c95DCg6EYvHylXu7+pqUur2jG5ypD
zOwuKfSmo20DhdLbW/r07bLjq7eXZyM6khv5muh31DG58w6V4niOa9kZr012
xscvJGtD9LX3jlC7lz1BhJCQmeXqnbgkyHqikHEXG/Pq78W4Iqjpk40SEyEh
JSM1RRahRZzfj960USYB7G0HCypbriW9b2+8YeG1eAbGCVBvWjP4DO4pXK91
o8+8E3D8/uhZe5wAzkzbBAFRWsrqkjNmNvfSOsNrZyIhfpc4gwYOGwUPqqS8
/BkbLS39hyaVBuS71X5AGcgDY4HhvGSajavw199hOjSwvK/NmbfU2XcXX7MV
geK+rwmJnn99sO/O3LMmTIKVZ1Q0rP5EWQttLMF9C+HjQGa0JQsbmA4qh4RO
TOpGrsmwL2a5FO3PAjNqPTkI80fIRuLPZN3qJQewEYWljSVg9AoMmUm9W0s2
hNM5woCreyQvgFtKrpzTDt62OU2x39kH8vQ2Pikyg5Qkk7mwNQoLAumLRPxS
2GvoXTm3JHD+cy4J0u57CE8WM6bln1pIp9g03egIOhtQfWSrmJzt9vdbafDC
1Wy0kU/MyGPDTQN4r8Vvtcw7Tndavi0UI9nnh89ooSvSQe0lgdKEt6whHNf0
WW4yz1CeOG0vMzpcMxCt8NoVVBjs18emtEWmIRyBEg2z6WkmYcm1TeNxzj0B
Qh3uoMen2B5nqzRGB8zUmsgtjoH+aKeQU/OAPpNUkviUOyTDvVlVUoczylJd
Nw1nMuxlhrthbrEW2g0M/GBbTdHoWLMpR01tvO7nv9KwNvBL58J6YpvhTGrh
p/fL+1rKErJx5FqaXGLzG1Z0JgmS2lazzecklUlwETveaudO4bsF2nKTgJrp
FReDRcQf9vYDTkE4JwH8Fguo+nMsrORkwcd/5u/5HhtBWCbiwfOpPDEMu47F
5YCJACF5wuvOU1J0akS2syYi7urP7M6zL0pZHJjGe/f6O3r5Tv3t/6m37PQa
Iqulkj5ZGvlR3lz9+7/8q/rDzZ/ZcWQ7rtIYvaYD6jc3/R56bQnMQMoQfPU2
0ncjR95qmClpirUlHVW9WZjvvQ453shxRw4Gv3NvjWamZBFU/fNf0IpYNyLu
bdEITX/j/WuUguAtIOmWN7wcX+emCG2Ob65+2OYjKnhD1JcyOez9t1+rASmy
yxP7ZlHfim9/YTPOJmqcIQyCWrKE662QctCi8TkjjmzUFDjWJXmicoQtD84T
JU1UVXTS0u/YjjBZdjnSHnUtdXebIybgyjBjTHH2lr8r6M9y7JzMVK55gOvG
k50BvcjiU/JMpeizb4o+javq4xfi3RGc5+6qCQKSgw+q+URhWFksLi1TzFd3
ZJmKUolfir+LrylKUhGzw6rEXrxKvpO9beGmHD993ow5c3CiUZXHd+Eh0E/5
Xiv4GFwuL5cciV+o7QF1SQRu19xc9LEO4sTLgAWhRt8Rz/nNrsdJvDZ6QsQj
1/K038IGOhvuNL030gdvpHjj/OZj2t67b7aUSpGBuIfYGWLSZZ4ZUcqFnDYn
kCuZsJeJ1Rbstjy/SVroK/ly774VdDodfCJ8vAjfS8Ehzp0rDBF3xPVNVW6s
CVWN18amyst1gBMBi1msyYfacXbAlBNL68x8VisWNk4XU0zFGaxe2ZvLXNdc
58OnHEgZDhhEHJdIDcuyubZgmceUg4f/jvPpbJ8YLBjrqj7Z5LlzxqFNfV8h
L7M0E2Z+6F2fkQHn1Q49XIapoTAAqqz5l05Ho2s6jpi1jq2xpMFQ43hNG41i
SWOC4OxMpaT9j1q/5apDlEvPxOv2qQqVeXcKxJzkxZWK11dD+4qjffr8Brv4
yFVrm++5Zk+XqwJDDnSkQWhVwRjCOo+N9hRwoW1edXntpp4aT7e9bQ78E7Pb
rX+XXn0bRGg8rc77k7CfRwHiENj6GtEE+3A+bUgL95wJuP6diSV6ahuzrq3Y
fcVFzoQMR3zXnlcs9/RPBWjHtvvo/lJqx9xk060eIbsjnbZqjWCD3iRx1WxL
I7E+f6En4+O8Mf7rna61NJ3R1FVHu5Vkut+6J6L7H1uRE7r+XAyv1iYj2uoG
7O01nSGR/+HMHV3eOP1HLz3S2EbfbyDeXd8751fvduj4d6Qyg/9EccbOxrtG
CdywEjBv74j7hd+x3pT6e+yCvmFV4q1m53yX3znfk3/25Z+D+rsSNb8Rx4x7
WxZG7VPi31p7gtg3rJaorb/5PH2LCfGd2vlA/5gdUjtr90Hdtzbes/gQw2/f
VmplcR/P8dFWImdvCPD+why812rz2RGWtSRvaLS+3VYLcwux1mtku/3WkILw
DJ8UH1RVOWMvG5lkq9yPJohF7GSfraRp/f13jdQqc1kbyDUmn9Ql6kE2lIHq
fxCD4NR6Uzf0g9ER57vowJaKG6G5LYTyCsapc81aTxFGrQIrXI3Jve5B19hc
5HrfveXS5Nl6z1+pq2Hb3Nzgqo1wQ4CkEnPg6csqRPR0I4zEY+7TC2619TFP
ODbVJopnZ6H3HdHYq9q1J14t/XEPq0g+0FQlNrZPcxglJUGGC/xpY1rwbvX8
8TCbA2wjx67aZdYe9ftky3NQyz62ecJS9Silw7FphKJWSejDizigUq21n3st
YRPZnFl1xIGfaM0YKdbRnGsqZzqpUaYyWXKbCS3CoJ3AVlsLRBjoORJZcIkh
2yq2aBQJYGRlEBkhILO3UQrmjjIsrK0+sbcP1NZvLjootOUaA+2CGJeYFpyb
aCvB8hD+KJNUVOUc+mUw1d0agd2cLYcPc/8A1lbl7fDrsUUh4oKVX1EJ7pLd
1YNK8BaXgYO40RauL3cnEK/dXVMqxbEOELezSVvOi9GPCYQSvrUng6m7gNhY
bD5aUET0OdbVFaxwTdoFmrsDIGW2lM9fEOhgU8SW/Suv7N+/YYSm+FgftgQ/
eKwE33jB/G1ClOzdxn0CjW0ZryZG3uQealcHoIsLvmbAR06q0XcUOJ3mesqe
WH7bbiJe9GtvxUWXxlleyJdOpCzCdDUJWSoT3JEAZNddf+Dx/3FPhvB5Zo2u
3L0p8L/V2E7Khk1uobvFgC1ydyEui1cUc9nPdWqUxMFgy5GYy6VYE9V31RGt
bYtwQ+DdRyDpFjZiarMtnBXx8QsbTb0XR81nyh3MgVTEcOBdphGmXtryRrKz
HaKjthqBEaocSK66uC5bCMIOgbvZykbltlw25JY38BI7QKQXJgxwWJVgVg8P
EGXnIo4lF2JLxlPbhjwKOy9xoaJuwkWgpRajkWYbWbj0QH8A8Cy08ZbSmwe7
diBuYO5nlOt/wvfaNttXM9zQ2vRn4DK9OWbF/uSQfTkkUiAmCK7FYU77tS7q
G4GLP4PgDVz9cK+YxbWsY0wKM4iTpIThuir5WMCcbtjCDmm2WdiiGq6moyme
6Dmy/R5k4MGdslmwMQSV20qNB/WxbulenIxrY0UFxvZIpCogje3dGf7Sf4DT
AyVkgX2EsMySr2acgJnoPLBhjxCjvcaR9I13G1wgr3I/aw4J6LZXiUn8sgjn
3hV2EpI31HI6MHtHM1kYt17KCeasFhzZY+85AxExdITeiQXHBM3u1OHub2ql
LtKSC4bqV7AZb8RkHk7V696wf3526cLRxnUiy4Mo5KR7LrOTNRoFJKlVVkt8
jt3clfBuq4V1rfePKcwA5MpARwavOUOTB8QV+ZyyHoSsXp265g16f7NodqpR
K2eVHYcRjNX9hZ0UeyIlk8svVcYdyG2U6uem0nKj/h675LARaeFa56zNNcCU
vQPvB8RNLBJjlQo1r6Wks+RiyyzPs3GWs8hvSQWeDFeGpk7xC7eVDJhJ4eWG
Jj9+Yddzby4N4uCSKcS4zrW5UCYIpA5kiy/WlFxg+hKyqrvOrSUgF4NGJm7+
MObNWGozl89cn+FdeFoizVCkgoksc2UxbuSUUPijYS0b1AokmmVDW7lEox/j
Vq4HrU/BJBWY6/fcZAuVrcpCvI1M99OVqE6TYFUvR6pS/GyAYnstzMD7GQBB
IXoBxFWYbB//AtjMIN9fUXhkU9k3i/0lzN8wiUB8pcVnasO5mJxTodFPvahc
/doKcZtnhG5stbhxsErqtKlcfnD/AHuM7UULguhzlGHZVHc/68guaZ+XZIpV
f009NE1qs4LZr6/pSPn9ZvEycFKtdIgX56qHiMyJQ7iOyBokrt4Hc3tQ98w5
6w/TheyqDnhV1/7Vqw5bVfesepnrDlb5BWZVeZlBi5s1Zhu2G/XjjK+is3EP
gVuPqf9p1KpSNsuk2B/omWf16icWdpuFS1y35JUtKa9sKRDfFjr4O0uW1Ebl
EKfYyx2etRPCXG2tGUPTW5H3rsSGdI+p7UHZT4tLe3ha75HSV98Mr0THpJTJ
jQzuZkgE8tIHV98q5Re1bdYKCrsVfM2Vf/wo5UIYmKsCIZfZz7bI4nUa2itL
uKq5dNGLqmTBXYVR3aH7oERyAdDpqpMSGBscCHmkOBIWrWejE9k9uNKXg3u2
8hoZfJBy7g4jd9tNNgmqajCSjtlqOjOpC5CRKbwGDe9CfIOqWu56VDphlAcx
lA1MMF5l48Iye3XNmrhVnOHXwz1HYURA5R2SBoxgIzFHDD/XJXHNQjTSWjWu
r982q0v+CLtxCfLyah8XAScLqQKIEfSt7vpTtXVJ6Xkthwex2cDekNVRx0S+
Up7jWecGuzmEJovGaWu+vFbHgfEgWI+IucZRMnLgwzp22T5BcFzL/HmYumNC
VkKAXgqXvcyFL8Vj/JWUj2hfg+S4N8mqqlKmLQojwl3hNg+YIu4GD08rdnji
ebb5iy8uKzuw22igWrVlm8lH10hPwyEPwruHmS0eprPA1KA2G4kGUvzDd9fV
XevbcnSP6vlVoVzIxYkzJmy5kW53a+yRX7xiq4Uk7qTgcjMGY4ylOSjjXZWb
RslSrhteynKJYOzvnsDZEM1XjOY+fsQvktzfM/m+PbkeSGJn77K3ATE372wn
VAgzlVvae4zd3TCSF/hmZS4GysVMZfriOzmMVwF3kNnCOppewlewiNJig1Nu
PA65UkISwbdU+jGShE1IGPMKAF2hnlHw5caL0lT86/iNoft7HuROz+dtkc3f
D8689iTOOblpjT25wr3TBOM0vPbuh04IeeNC6qX5eL9ZO2C/4Ls+HFAWEGvc
LzXvjgV05weVz8ZzOQEfDDe9QaFxGdb9z6zyPGdVRa4Trl4zwm/jek9U91lQ
YbkUPRH8ivk1d1kpd/O4s5PzgXsbl0pbSPeYT9E4sASuWu9XXP3cknF90Xw+
54V1rkDxqIkxYj19tRtW0dNDZ5nnI/PstUcuhreo7pE7p6xbxP54F86v/shb
1MZVWnzdVVNyNUwsgGbFB2B/k0YcI+5yUupjaYIxhS0ddAbxRFtm5llIEqu9
ArzmN7CX1Jv+GSEKdRg3i3fHC6MQvmWHVK5xBtRt5waS+oxFzADRVIf5I5q7
Aw8t3ncKgvmPkBvD/Q+loFS8aosSSi9Y5dbOMFSvySxzFVGsnrfWQbEvpU5k
8sMmniLavJ5IKlXt5TiEBdocEvM0Lm6ZH4fI3PfqlkdVRlBVuOzEIW5sniR5
UTopa35jQ2QjJ1lmQpGvkzLKkjRgCCwZL7hYCzJq5BmyqXqjx/kKV1DsH7b4
R7ZEf/l3+QdG75NInSap/EaBTMgJe//KfuaDW+fpkFSwwP4AQOWQI5qIQ+Mf
ovflV3t02T7B7xGylqm8I3XY8NlfD3igRGpzs2EzE3vAzV3IzuHk2W0/LyAR
CqnHQzqw3/BX/qIAd3Gdayjd0n//H/nNMiQTRTbfT0TUx67ErHX89Q6npe0Y
JSNqkL2E7wVFQxO1C7sa3Msl+YYElsn8U29IENNmtNRyfaOjSG7NqZNMp6JV
ubyYiVJiE4KtaJmIc2f5eyIvd4GKZ87X86NI+PIvEeEgXC6YxL8q2jVAW36I
Asb/vBAyrS/xhBB/DFhCVjp+yyNJVx+CN0iOFlgvMNtdtZ3zD2VZpbt2nkpP
JwrnTMNlYK8tTLVRzt610A+CJ3WV3Qn+P/czn5cQdAAA

-->

</rfc>
