<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.4.9) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-mcguinness-oauth-actor-receipts-00" category="std" consensus="true" submissionType="IETF" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="OAuth Actor Receipts">OAuth Actor Receipts for Delegation Provenance</title>
    <seriesInfo name="Internet-Draft" value="draft-mcguinness-oauth-actor-receipts-00"/>
    <author fullname="Karl McGuinness">
      <organization>Independent</organization>
      <address>
        <email>public@karlmcguinness.com</email>
      </address>
    </author>
    <date year="2026" month="July" day="04"/>
    <area>Security</area>
    <workgroup>Web Authorization Protocol</workgroup>
    <keyword>oauth</keyword>
    <keyword>delegation</keyword>
    <keyword>actor</keyword>
    <keyword>provenance</keyword>
    <keyword>receipt</keyword>
    <abstract>
      <?line 60?>

<t>This document defines OAuth Actor Receipts, an optional companion provenance profile for delegated OAuth tokens that conform to the OAuth Actor Profile for Delegation.  It introduces the <tt>actor_receipts</tt> claim, a signed per-hop receipt chain that records which issuer added each visible actor hop, optionally preserves the historical top-level <tt>cnf</tt> value associated with that hop subject to deployment disclosure policy, and links receipts together so recipients can validate prior-hop provenance without relying solely on the current outer token issuer.  This document also defines metadata and introspection parameters for advertising and consuming actor-receipt support.</t>
    </abstract>
    <note removeInRFC="true">
      <name>About This Document</name>
      <t>
        The latest revision of this draft can be found at <eref target="https://mcguinness.github.io/draft-mcguinness-oauth-actor-profile/draft-mcguinness-oauth-actor-receipts.html"/>.
        Status information for this document may be found at <eref target="https://datatracker.ietf.org/doc/draft-mcguinness-oauth-actor-receipts/"/>.
      </t>
      <t>
        Discussion of this document takes place on the
        Web Authorization Protocol Working Group mailing list (<eref target="mailto:oauth@ietf.org"/>),
        which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/oauth/"/>.
        Subscribe at <eref target="https://www.ietf.org/mailman/listinfo/oauth/"/>.
      </t>
      <t>Source for this draft and an issue tracker can be found at
        <eref target="https://github.com/mcguinness/draft-mcguinness-oauth-actor-profile"/>.</t>
    </note>
  </front>
  <middle>
    <?line 64?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>The OAuth Actor Profile for Delegation <xref target="I-D.mcguinness-oauth-actor-profile"/> makes actor identity visible in delegated tokens through a common <tt>act</tt> claim.  A relying party can read that chain but cannot, on the basis of the outer token alone, verify prior hops independently of the current token issuer.</t>
      <t>This document defines OAuth Actor Receipts, an optional companion profile that adds independently signed per-hop provenance.  Each issuer that adds an actor hop signs a receipt for that hop; receipts travel with the token, are linked into a hash chain, and are validated against each issuer's published keys.  The design center is:</t>
      <ul spacing="normal">
        <li>
          <t>keep the visible actor chain in <tt>act</tt>;</t>
        </li>
        <li>
          <t>keep active presenter proof of possession in the token's top-level <tt>cnf</tt>;</t>
        </li>
        <li>
          <t>carry prior-hop provenance, including historical top-level <tt>cnf</tt> values, in separately signed hop receipts.</t>
        </li>
      </ul>
      <t>Receipts add a top-level JWT claim and a small set of metadata signals on top of the existing OAuth (<xref target="RFC6749"/>, <xref target="RFC8693"/>) and core-actor-profile trust model; deployments opt in per resource server or per trust domain.  Scope is detailed in <xref target="design-goals-and-non-goals">Design Goals and Non-Goals</xref>.</t>
    </section>
    <section anchor="conventions-and-definitions">
      <name>Conventions and Definitions</name>
      <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
      <?line -18?>

<t>Unless otherwise specified, OAuth terms such as client, authorization server, resource server, access token, refresh token, grant, <tt>subject_token</tt>, and <tt>actor_token</tt> are used as defined in <xref target="RFC6749"/> and <xref target="RFC8693"/>.  Transaction Token and Transaction Token Service (TTS) are used as defined in <xref target="I-D.ietf-oauth-transaction-tokens"/>.</t>
      <t>The following terms are used in this document:</t>
      <dl>
        <dt>Actor Receipt:</dt>
        <dd>
          <t>A signed JWT that attests one visible actor hop in a delegated token chain.</t>
        </dd>
        <dt>Outer Token:</dt>
        <dd>
          <t>The access token or Transaction Token (JWT-formatted or opaque) with which a receipt chain is associated.  JWT outputs carry the <tt>actor_receipts</tt> claim inline; opaque tokens have their receipts returned via introspection (see <xref target="consumer-introspection"/>).  Distinguished from the receipt JWTs nested within it.</t>
        </dd>
        <dt>Receipt Chain:</dt>
        <dd>
          <t>The ordered <tt>actor_receipts</tt> array carried in a token or introspection response.</t>
        </dd>
        <dt>Historical Presenter Binding:</dt>
        <dd>
          <t>The presenter-binding state of a hop at the time the hop was created.  When recorded, it appears as the receipt's <tt>cnf</tt> claim, equal to the top-level <tt>cnf</tt> value of the token issued at that hop.  Historical presenter binding is informational provenance; it does not create an active proof-of-possession obligation for the current request.</t>
        </dd>
        <dt>Complete Receipt Coverage:</dt>
        <dd>
          <t>A condition in which the number of receipts in <tt>actor_receipts</tt> equals the number of visible actor hops in the token's <tt>act</tt> chain, and every receipt aligns with the corresponding visible hop.</t>
        </dd>
      </dl>
      <t>Examples in this document are illustrative and omit unrelated claims, signatures, and validation steps that a complete deployment would need.</t>
    </section>
    <section anchor="relationship-to-the-core-actor-profile">
      <name>Relationship to the Core Actor Profile</name>
      <t>This document is an extension of <xref target="I-D.mcguinness-oauth-actor-profile"/>.  A token that uses the <tt>actor_receipts</tt> claim defined here:</t>
      <ul spacing="normal">
        <li>
          <t><bcp14>MUST</bcp14> conform to the actor-chain representation rules of the core actor profile;</t>
        </li>
        <li>
          <t><bcp14>MUST</bcp14> use the top-level <tt>cnf</tt> claim, when present, only for the current token presenter;</t>
        </li>
        <li>
          <t><bcp14>MUST NOT</bcp14> use nested <tt>act</tt> objects to carry independently trusted prior-hop key history.</t>
        </li>
      </ul>
      <t>Actor receipts do not replace the visible <tt>act</tt> chain.  The <tt>act</tt> chain remains the interoperable representation of current delegated identity.  Receipts are an additional provenance layer that can be validated by issuers and recipients that support this profile.</t>
      <t>This document also does not redefine the request semantics of <xref target="RFC8693"/> or any Transaction Token request semantics.  It defines only:</t>
      <ul spacing="normal">
        <li>
          <t>the <tt>actor_receipts</tt> claim;</t>
        </li>
        <li>
          <t>the signed JWT format of each receipt;</t>
        </li>
        <li>
          <t>issuer and consumer processing for those receipts;</t>
        </li>
        <li>
          <t>associated metadata and introspection parameters.</t>
        </li>
      </ul>
      <section anchor="relationship-to-token-introspection">
        <name>Relationship to Token Introspection</name>
        <t>Receipt-based provenance and OAuth Token Introspection (<xref target="RFC7662"/>) address overlapping but distinct needs:</t>
        <ul spacing="normal">
          <li>
            <t><strong>Introspection</strong> returns the current AS-controlled state of a token at the time of the introspection call.  It tells the resource server whether the token is currently active and reflects the AS's current view of the token's claims.</t>
          </li>
          <li>
            <t><strong>Receipts</strong> preserve signed cross-hop provenance that travels with the token, survives across trust boundaries, may remain useful after intermediate systems become unreachable or are decommissioned, and supports detached verification by parties that do not have access to the issuing AS's introspection endpoint.</t>
          </li>
        </ul>
        <t>A deployment may use either, both, or neither:</t>
        <ul spacing="normal">
          <li>
            <t>Receipts <bcp14>MAY</bcp14> be returned via introspection, providing both signals in a single response (see <xref target="consumer-introspection"/>).</t>
          </li>
          <li>
            <t>Receipts <bcp14>MAY</bcp14> be carried inline in JWT tokens for deployments where introspection is not available or where detached verification is required.</t>
          </li>
          <li>
            <t>Introspection <bcp14>MAY</bcp14> be used for active-status checks even when receipts are not in use.</t>
          </li>
        </ul>
        <t>This document does not standardize the choice between receipts, introspection, and inline-only receipt-bearing tokens; that choice is a deployment decision driven by the recipient's trust framework, the network availability of introspection endpoints, and the audit and verification requirements of the deployment.</t>
      </section>
      <section anchor="relationship-to-other-delegation-evidence-work">
        <name>Relationship to Other Delegation-Evidence Work</name>
        <t>Several contemporaneous efforts record delegation evidence for OAuth tokens; they differ from this profile chiefly in where evidence lives and who can verify it.  This section is informative.</t>
        <t><xref target="I-D.mw-oauth-actor-chain"/> carries an issuer-signed cumulative commitment in the token while retaining the underlying per-hop evidence at the authorization server; recipients verify commitment continuity but depend on issuer retention and out-of-band access for the evidence itself.  Receipts under this profile are the evidence: each hop's attestation travels with the token and is validated by recipients directly against the attesting issuer's keys, with no retention or retrieval dependency, at the cost of per-hop token growth.</t>
        <t><xref target="I-D.liu-oauth-authorization-evidence"/> records a single authorization-server-signed consent event inline using Rich Authorization Requests machinery, and <xref target="I-D.liu-oauth-chain-delegation"/> extends the same approach to per-hop delegation records.  Those records are not chained to one another and are re-signed at trust-domain boundaries, whereas receipts are byte-preserved standalone JWTs linked by <tt>prh</tt>, so recipients verify each hop against the issuer that created it rather than against the most recent re-signing issuer.  These designs address overlapping needs; convergence is a working-group discussion this document aims to inform rather than preempt.</t>
      </section>
    </section>
    <section anchor="design-goals-and-non-goals">
      <name>Design Goals and Non-Goals</name>
      <t>The goals of this document are:</t>
      <ul spacing="normal">
        <li>
          <t>preserve independently signed provenance for each visible actor hop;</t>
        </li>
        <li>
          <t>preserve historical top-level <tt>cnf</tt> values without putting them back into the core <tt>act</tt> claim;</t>
        </li>
        <li>
          <t>allow downstream recipients to validate prior-hop provenance against the issuers that created those hops;</t>
        </li>
        <li>
          <t>defer to OAuth (<xref target="RFC6749"/>, <xref target="RFC8693"/>) and the core actor profile for current-token trust establishment, authorization, audience scoping, and sender-constraint validation;</t>
        </li>
        <li>
          <t>add provenance through additive top-level claims and metadata signals, with no required changes to client request flows;</t>
        </li>
        <li>
          <t>support progressive deployment, including tokens with partial receipt coverage.</t>
        </li>
      </ul>
      <t>The non-goals of this document are:</t>
      <ul spacing="normal">
        <li>
          <t>replacing the outer token's own signature or issuer trust model;</t>
        </li>
        <li>
          <t>redefining OAuth audience semantics, scope evaluation, or AS-to-RS trust establishment;</t>
        </li>
        <li>
          <t>redefining sender-constrained token validation for the current presenter;</t>
        </li>
        <li>
          <t>requiring clients to change request flows, or requiring resource servers that do not consume receipts to change resource-protection logic;</t>
        </li>
        <li>
          <t>proving that a particular historical scope, audience, or token lifetime was in force when a receipt was created;</t>
        </li>
        <li>
          <t>reconciling subject identifiers that differ across receipts (see <xref target="subject-re-expression-across-hops"/>);</t>
        </li>
        <li>
          <t>defining a workflow or delegation-flow correlation identifier across tokens; cross-token correlation uses receipt <tt>jti</tt> and <tt>origin_jti</tt> values together with deployment audit infrastructure;</t>
        </li>
        <li>
          <t>defining transparency logs, non-repudiation systems, or public audit infrastructure.</t>
        </li>
      </ul>
      <section anchor="deployment-fit">
        <name>Deployment Fit</name>
        <t>This profile's value scales with the number of distinct issuers in the trust set.  In federated or cross-domain deployments where multiple authorization servers and Transaction Token Services each contribute hops, receipts let recipients validate each hop against its own issuer rather than relying on the current outer token issuer's faithful preservation of the chain.  In single-domain deployments where the outer token issuer is the only trusted source for delegation state, the outer token's signature already conveys that attestation; receipts add overhead without meaningful additional provenance and <bcp14>SHOULD</bcp14> be weighed before adoption.  The trust-configuration cost scales with the same issuer count that drives the value: every receipt issuer must be within the recipient's pre-configured trusted-issuer set (<xref target="trust-in-receipt-issuers"/>), so deployments beyond bilaterally negotiated or federation-managed scale require trust-distribution infrastructure outside the scope of this document.</t>
        <t>Authorization servers that mint refresh tokens for receipt-bearing access tokens incur additional issuer-side cost: receipts must be retained in issuer-controlled storage across refresh (<xref target="reissuance-without-a-new-actor-hop"/>).  Fully stateless JWT issuance does not satisfy this unless the receipts are embedded in the refresh-token state itself, for example in a self-contained refresh token that carries the receipt array.</t>
        <t>Receipts mitigate a compromised or dishonest <em>downstream</em> issuer fabricating prior-hop provenance (see <xref target="trust-in-receipt-issuers"/> and <xref target="compromised-outer-issuer"/>).  They do not mitigate a compromised current outer token issuer and do not provide actor non-repudiation; those properties require mechanisms outside this document.</t>
      </section>
    </section>
    <section anchor="actor-receipts-overview">
      <name>Actor Receipts Overview</name>
      <t>An actor receipt records one actor hop.  The issuer that adds a new outermost actor hop signs a receipt describing that hop and, when the issued token is sender-constrained, may copy the token's top-level <tt>cnf</tt> value into the receipt as historical presenter-binding context subject to the disclosure considerations in <xref target="receipt-claims"/>.</t>
      <t>The token then carries an <tt>actor_receipts</tt> array:</t>
      <ul spacing="normal">
        <li>
          <t>one array entry per covered actor hop;</t>
        </li>
        <li>
          <t>newest receipt first;</t>
        </li>
        <li>
          <t>older receipts preserved unchanged.</t>
        </li>
      </ul>
      <t>This ordering aligns directly with the visible <tt>act</tt> chain in the outer token.  <tt>actor_receipts[0]</tt> corresponds to the outermost <tt>act</tt> object, <tt>actor_receipts[1]</tt> corresponds to <tt>act.act</tt>, and so on.</t>
      <t>Receipts can cover either:</t>
      <ul spacing="normal">
        <li>
          <t>the full visible chain; or</t>
        </li>
        <li>
          <t>a contiguous outermost prefix of the visible chain.</t>
        </li>
      </ul>
      <t>When a deployment requires full provenance, local policy or resource requirements enforce complete receipt coverage.</t>
      <t>Receipts are historical provenance, not authority transfer.  A valid receipt chain documents prior delegation state but does not by itself convey authority, authorization, entitlement, or delegation rights.  Validation of a receipt does not imply that the represented delegation remains active, authorized, or acceptable under current policy; current authorization decisions <bcp14>MUST</bcp14> evaluate the current outer token, current policy, and current state, not the receipt chain alone.</t>
    </section>
    <section anchor="actor-receipts-claim">
      <name>The <tt>actor_receipts</tt> Claim</name>
      <t><tt>actor_receipts</tt> is a new top-level JWT claim for tokens that conform to the core actor profile and this companion provenance profile.</t>
      <dl>
        <dt><tt>actor_receipts</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>.  An array of strings.  Each string <bcp14>MUST</bcp14> be the compact serialization of a signed JWT receipt as defined in <xref target="actor-receipt-jwt-format"/>.  When present, the array:
</t>
          <ul spacing="normal">
            <li>
              <t><bcp14>MUST NOT</bcp14> be empty; issuers <bcp14>MUST</bcp14> omit the claim rather than including an empty array;</t>
            </li>
            <li>
              <t><bcp14>MUST</bcp14> be ordered from newest covered hop to oldest covered hop;</t>
            </li>
            <li>
              <t><bcp14>MUST NOT</bcp14> contain more entries than the visible actor-chain depth of the token's <tt>act</tt> claim;</t>
            </li>
            <li>
              <t><bcp14>MUST</bcp14> represent a contiguous outermost prefix of the visible <tt>act</tt> chain.</t>
            </li>
          </ul>
        </dd>
      </dl>
      <t>If a token carries <tt>actor_receipts</tt>, it <bcp14>MUST</bcp14> also carry an <tt>act</tt> claim conforming to the core actor profile.</t>
      <dl>
        <dt><tt>actor_receipts_complete</tt>:</dt>
        <dd>
          <t><bcp14>OPTIONAL</bcp14>.  A boolean JWT claim in the outer token.  When <tt>true</tt>, the issuer attests that <tt>actor_receipts</tt> covers every visible hop in the token's <tt>act</tt> chain.
</t>
          <t>The attestation is relative to the visible chain at issuance time; it does not attest that the visible chain is itself unfiltered (see <tt>chain_complete</tt> in the core actor profile <xref target="I-D.mcguinness-oauth-actor-profile"/>).  Consumer enforcement, including the count-equality check, is defined in step 4 of <xref target="consumer-processing"/>.</t>
          <t>Issuers <bcp14>SHOULD</bcp14> set <tt>actor_receipts_complete: true</tt> when they emit complete coverage, to enable consumers to detect chain truncation.  Issuers <bcp14>SHOULD</bcp14> set <tt>actor_receipts_complete: false</tt> when they emit partial coverage.  Omitting the claim is observationally equivalent to <tt>false</tt> for consumers that test only for the literal value <tt>true</tt>, but does not provide a positive attestation that coverage is partial.</t>
        </dd>
      </dl>
      <t>This document does not require every delegated token to carry <tt>actor_receipts</tt>.  A deployment that requires provenance receipts uses local policy or the metadata defined in <xref target="discovery-capability-signaling"/> to express that requirement.</t>
    </section>
    <section anchor="actor-receipt-jwt-format">
      <name>Actor Receipt JWT Format</name>
      <t>Each element of <tt>actor_receipts</tt> is a signed JWT represented using JWS compact serialization <xref target="RFC7515"/>.</t>
      <section anchor="jose-header">
        <name>JOSE Header</name>
        <t>The JOSE header of an actor receipt:</t>
        <ul spacing="normal">
          <li>
            <t><bcp14>MUST</bcp14> include an asymmetric digital-signature <tt>alg</tt> value;</t>
          </li>
          <li>
            <t><bcp14>MUST NOT</bcp14> use <tt>alg: none</tt> or a MAC-based symmetric algorithm;</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> include <tt>typ</tt> with the value <tt>actor-receipt+jwt</tt>;</t>
          </li>
          <li>
            <t><bcp14>SHOULD</bcp14> include <tt>kid</tt> when the issuer publishes multiple verification keys;</t>
          </li>
          <li>
            <t><bcp14>MAY</bcp14> include <tt>crit</tt> per <xref target="RFC7515"/>; consumers <bcp14>MUST</bcp14> reject a receipt whose <tt>crit</tt> header lists an extension header the consumer does not understand.</t>
          </li>
        </ul>
        <t>Receipt issuers and consumers <bcp14>MUST</bcp14> apply the JWT best practices in <xref target="RFC8725"/>.</t>
      </section>
      <section anchor="receipt-claims">
        <name>Receipt Claims</name>
        <t>The JWT payload of an actor receipt uses the claims defined below, grouped by purpose.</t>
        <section anchor="identity-claims">
          <name>Identity Claims</name>
          <dl>
            <dt><tt>iss</tt>:</dt>
            <dd>
              <t><bcp14>REQUIRED</bcp14>.  The issuer that created and signed the receipt for the corresponding actor hop.  This value identifies the receipt signer.
</t>
              <t>The <tt>act.iss</tt> value inside the receipt identifies the namespace authority for <tt>act.sub</tt>, using the meaning defined by the core actor profile.  These two values <bcp14>MAY</bcp14> be the same entity or different entities.  When they differ, consumers <bcp14>MUST</bcp14> evaluate two distinct trust questions:</t>
              <ul spacing="normal">
                <li>
                  <t>trust in <tt>iss</tt> as a receipt signer: whether this issuer's signature attests receipts under local policy;</t>
                </li>
                <li>
                  <t>trust in <tt>act.iss</tt> as the namespace authority for <tt>act.sub</tt>: whether this issuer's namespace produces actor identifiers the recipient accepts.</t>
                </li>
              </ul>
              <t>These evaluations are independent even when the same entity holds both roles.  The difference between <tt>iss</tt> and <tt>act.iss</tt> alone does not make the receipt invalid under this profile.</t>
            </dd>
            <dt><tt>sub</tt>:</dt>
            <dd>
              <t><bcp14>REQUIRED</bcp14>.  The top-level <tt>sub</tt> value that was present in the token issued at this hop.
</t>
              <t>Receipt <tt>iss</tt> is the receipt signer; it is NOT the namespace authority for receipt <tt>sub</tt>.  Receipt <tt>sub</tt> records the subject identifier as it appeared in the token at the represented hop, interpreted under the namespace authority that governed that token.  That namespace authority is contextual to the represented hop and <bcp14>MAY</bcp14> differ across receipts in the same chain (see <xref target="subject-re-expression-across-hops"/>).  Recipients reconciling differing <tt>sub</tt> values across receipts apply trusted local mapping rules; this profile does not define an in-band mechanism for cross-namespace subject reconciliation.</t>
            </dd>
            <dt><tt>sub_iss</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>.  The namespace authority under which the receipt <tt>sub</tt> value is interpreted.
</t>
              <t>When present, <tt>sub_iss</tt> identifies the issuer or namespace authority for receipt <tt>sub</tt> in the same way that <tt>act.iss</tt> identifies the namespace authority for <tt>act.sub</tt> under the core actor profile.  When absent, the subject namespace authority is not independently expressed by this profile and <bcp14>MUST</bcp14> be determined, if needed, from trusted local context for the represented hop.  This profile deliberately uses a flat issuer-plus-subject claim pair, mirroring the (<tt>act.iss</tt>, <tt>act.sub</tt>) convention of the core actor profile, rather than the structured Subject Identifier formats of <xref target="RFC9493"/>: receipt claims record token claim values as issued, and the represented token carries its subject as a flat <tt>sub</tt> claim.</t>
              <t>This profile and the core actor profile <xref target="I-D.mcguinness-oauth-actor-profile"/> do not define a top-level claim on the outer token that names the namespace authority for the outer token's <tt>sub</tt>.  Recipients reconciling <tt>receipt[0].sub_iss</tt> with the outer token's top-level <tt>sub</tt> therefore obtain the outer-token subject namespace authority from trusted local context, an inbound subject token's claims, or another deployment-defined source.</t>
            </dd>
            <dt><tt>sub_profile</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>.  The top-level <tt>sub_profile</tt> value, when the token issued at this hop carried one.</t>
            </dd>
            <dt><tt>act</tt>:</dt>
            <dd>
              <t><bcp14>REQUIRED</bcp14>.  A single-hop actor object.  This object:
</t>
              <ul spacing="normal">
                <li>
                  <t><bcp14>MUST</bcp14> conform to the core actor profile's actor-object rules;</t>
                </li>
                <li>
                  <t><bcp14>MUST</bcp14> include <tt>act.sub</tt> and <tt>act.iss</tt>;</t>
                </li>
                <li>
                  <t><bcp14>MAY</bcp14> include <tt>act.sub_profile</tt>;</t>
                </li>
                <li>
                  <t><bcp14>MUST NOT</bcp14> contain <tt>cnf</tt>;</t>
                </li>
                <li>
                  <t><bcp14>MUST NOT</bcp14> contain a nested <tt>act</tt>.</t>
                </li>
              </ul>
              <t><tt>act.cnf</tt> is prohibited to avoid ambiguity between historical key binding and a current PoP requirement on the actor; historical presenter binding belongs at the receipt's top level (the <tt>cnf</tt> claim), where its role as provenance-only is unambiguous.  Additional claims permitted by the core actor profile in <tt>act</tt> objects <bcp14>MAY</bcp14> appear in receipt <tt>act</tt> objects unless explicitly prohibited here.  A receipt that carries <tt>act.cnf</tt> is invalid under this profile.</t>
            </dd>
          </dl>
        </section>
        <section anchor="historical-presenter-binding">
          <name>Historical Presenter Binding</name>
          <dl>
            <dt><tt>cnf</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>.  A confirmation claim as defined in <xref target="RFC7800"/>.  When present, it <bcp14>MUST</bcp14> equal the top-level <tt>cnf</tt> claim of the token issued at this hop.
</t>
              <t>Receipt <tt>cnf</tt> records historical presenter-binding information for the hop represented by the receipt.  It does not create a current proof-of-possession obligation for the current request.</t>
              <t>Issuers <bcp14>SHOULD NOT</bcp14> include <tt>cnf</tt> in a receipt unless the relying parties that will receive the token have been evaluated for the associated disclosure risk; omitting <tt>cnf</tt> does not invalidate the receipt.</t>
            </dd>
          </dl>
        </section>
        <section anchor="chain-linkage">
          <name>Chain Linkage</name>
          <dl>
            <dt><tt>prh</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>.  Previous receipt hash.  When present, <tt>prh</tt> <bcp14>MUST</bcp14> be the base64url encoding without padding (<xref target="RFC7515"/>) of the hash of the ASCII octets of the complete compact serialization of the next older receipt in the chain, computed using the algorithm identified by <tt>prh_alg</tt> (defaulting to SHA-256 when <tt>prh_alg</tt> is absent).  The oldest receipt in the chain, including a single-element chain in which the sole receipt is both newest and oldest, <bcp14>MUST</bcp14> omit <tt>prh</tt>.</t>
            </dd>
            <dt><tt>prh_alg</tt>:</dt>
            <dd>
              <t><bcp14>OPTIONAL</bcp14>.  Hash algorithm identifier naming the algorithm used to compute <tt>prh</tt>.
</t>
              <ul spacing="normal">
                <li>
                  <t>Values <bcp14>MUST</bcp14> be drawn from the IANA "Named Information Hash Algorithm Registry" <xref target="RFC6920"/>, which uses lowercase forms such as <tt>sha-256</tt>, <tt>sha-384</tt>, and <tt>sha-512</tt>.</t>
                </li>
                <li>
                  <t>When absent, the default is <tt>sha-256</tt>.</t>
                </li>
                <li>
                  <t>When present, the value <bcp14>MUST</bcp14> identify a hash algorithm whose collision and preimage resistance is at least equivalent to <tt>sha-256</tt>.</t>
                </li>
                <li>
                  <t>All receipts in a single <tt>actor_receipts</tt> array <bcp14>MUST</bcp14> use the same <tt>prh_alg</tt> value, so that recipients can validate the chain without per-receipt algorithm negotiation.  This uniformity rule is deliberately syntactic: a chain in which some receipts omit <tt>prh_alg</tt> and others carry an explicit <tt>sha-256</tt> is rejected even though the algorithm is the same, so that consumers never reconcile explicit values against defaults.  A chain that omits <tt>prh_alg</tt> from every receipt uses the SHA-256 default for every <tt>prh</tt> value.  A single-element chain <bcp14>MAY</bcp14> carry <tt>prh_alg</tt>, but the value has no effect unless a later receipt links to it.</t>
                </li>
                <li>
                  <t>An issuer extending an inbound chain <bcp14>MUST</bcp14> either preserve the inbound <tt>prh_alg</tt> or reject the chain.</t>
                </li>
              </ul>
            </dd>
          </dl>
        </section>
        <section anchor="time-and-uniqueness">
          <name>Time and Uniqueness</name>
          <dl>
            <dt><tt>iat</tt>:</dt>
            <dd>
              <t><bcp14>REQUIRED</bcp14>.  The time at which the receipt was created, as defined in <xref target="RFC7519"/>.</t>
            </dd>
            <dt><tt>exp</tt>:</dt>
            <dd>
              <t><bcp14>REQUIRED</bcp14>.  Expiration time for the receipt, as defined in <xref target="RFC7519"/>.
</t>
              <ul spacing="normal">
                <li>
                  <t><tt>exp</tt> <bcp14>MUST</bcp14> be set to a value that covers the expected maximum token lifetime of any token that will carry or inherit this receipt, so that consumer validation of older receipts in a valid chain is not prematurely rejected.</t>
                </li>
                <li>
                  <t>Issuers <bcp14>SHOULD</bcp14> set <tt>exp</tt> to the maximum delegated-token lifetime permitted under local policy for tokens that may inherit this receipt.</t>
                </li>
              </ul>
              <t>Downstream issuers reject inbound receipts whose <tt>exp</tt> precedes the issued outer token's <tt>exp</tt> (<xref target="extending-an-existing-receipt-chain"/>), so an under-set <tt>exp</tt> causes propagation failure rather than mid-token-lifetime consumer rejection.  Short <tt>exp</tt> values on receipts limit the window during which a compromised receipt signing key can be exploited.  Because the originating issuer cannot enumerate every downstream issuer that may inherit a receipt, deployments typically derive the originating <tt>exp</tt> from a bounded delegated-session lifetime (<xref target="reissuance-without-a-new-actor-hop"/>) coordinated across the trust set.</t>
            </dd>
            <dt><tt>jti</tt>:</dt>
            <dd>
              <t><bcp14>REQUIRED</bcp14>.  A unique identifier for the receipt, as defined in <xref target="RFC7519"/>.</t>
            </dd>
          </dl>
        </section>
        <section anchor="outer-token-binding">
          <name>Outer-Token Binding</name>
          <dl>
            <dt><tt>origin_jti</tt>:</dt>
            <dd>
              <t><bcp14>RECOMMENDED</bcp14>.  The <tt>jti</tt> of the outer token at the time this receipt was created (the receipt's origin outer token).  This value is fixed at receipt creation; after reissuance the current outer token's <tt>jti</tt> may differ.
</t>
              <t>This value is a historical record of which outer token the receipt was originally issued with.  It does not bind the receipt to the current outer token.</t>
              <t>There is one exception.  When <tt>receipt[0].iss</tt> equals the outer token's <tt>iss</tt> and <tt>receipt[0].origin_jti</tt> equals the outer token's <tt>jti</tt>, the value binds <tt>receipt[0]</tt> to the current outer-token instance.  This is the originating-issuance case.</t>
              <t>Issuers <bcp14>SHOULD</bcp14> include <tt>origin_jti</tt> whenever the token they are issuing carries a <tt>jti</tt> claim.  Recipients that require current-token-instance binding in strict mode <bcp14>MUST</bcp14> require <tt>origin_jti</tt> on <tt>receipt[0]</tt> when the outer token carries <tt>jti</tt>; otherwise the receipt chain is valid only as issuer-signed provenance and lacks the <tt>origin_jti</tt> binding property described in <xref target="receipt-to-token-binding-limits"/>.</t>
              <t>Consumer verification of <tt>origin_jti</tt> is defined in step 5 of <xref target="consumer-processing"/>, with strict-mode rejection of <tt>receipt[0]</tt> divergence in <xref target="strict-mode-validation"/>.</t>
            </dd>
          </dl>
        </section>
        <section anchor="excluded-standard-claims">
          <name>Excluded Standard Claims</name>
          <dl>
            <dt><tt>aud</tt>:</dt>
            <dd>
              <t><bcp14>NOT RECOMMENDED</bcp14>.  Issuers <bcp14>SHOULD</bcp14> omit <tt>aud</tt> from receipts.
</t>
              <t>Receipts are validated as part of outer-token processing, not as independent JWTs against an audience; the outer token carries the audience scoping for the request.  This profile diverges from the audience-validation guidance in <xref target="RFC8725"/> Section 3.9 on those grounds.  Including <tt>aud</tt> in a receipt has no defined meaning under this profile and would create ambiguity about whether the receipt asserts an independent audience constraint, which it does not.</t>
            </dd>
          </dl>
        </section>
        <section anchor="extension-claims">
          <name>Extension Claims</name>
          <t>A receipt <bcp14>MAY</bcp14> contain additional claims defined by another specification or by deployment policy.  Consumers <bcp14>MUST</bcp14> ignore unrecognized claims unless another specification or local agreement defines their meaning.</t>
        </section>
      </section>
      <section anchor="receipt-chain-linkage">
        <name>Receipt-Chain Linkage</name>
        <t>When the issuer creates a new receipt and prepends it to an inherited receipt chain:</t>
        <ul spacing="normal">
          <li>
            <t>if there is an older receipt immediately following it in the array, the new receipt <bcp14>MUST</bcp14> include <tt>prh</tt>, and that value <bcp14>MUST</bcp14> be the base64url encoding without padding of the hash of the ASCII octets of the exact compact JWT string of that next receipt;</t>
          </li>
          <li>
            <t>if the new receipt is the only receipt in the array, it <bcp14>MUST</bcp14> omit <tt>prh</tt>.</t>
          </li>
        </ul>
        <t>No JSON <xref target="RFC8259"/> canonicalization is applied.  <tt>prh</tt> hashes the ASCII octets of the exact compact-serialized JWS string of the next older receipt as carried in the array, and the hash output is base64url-encoded without padding.  Systems that carry, store, or forward <tt>actor_receipts</tt> arrays <bcp14>MUST</bcp14> preserve each compact JWT string byte-for-byte; any modification, including semantically equivalent re-encoding, invalidates <tt>prh</tt> for any receipt that references it.</t>
      </section>
    </section>
    <section anchor="issuer-processing">
      <name>Issuer Processing</name>
      <t>This section defines how an authorization server or Transaction Token Service creates, preserves, and extends <tt>actor_receipts</tt>.</t>
      <t>When an issuer adds a new outermost actor hop and creates the corresponding receipt, that issuer is the same entity that signs the outer token.  Consequently <tt>receipt[0].iss</tt> equals the outer token's <tt>iss</tt> for tokens emitted under <xref target="creating-the-first-receipt"/> or <xref target="extending-an-existing-receipt-chain"/>.  When the issuer includes <tt>origin_jti</tt>, <tt>receipt[0].origin_jti</tt> equals the outer token's <tt>jti</tt> in those originating-issuance cases.</t>
      <t>Reissuance without a new actor hop (<xref target="reissuance-without-a-new-actor-hop"/>) is the only case in which <tt>receipt[0]</tt> may legitimately diverge from the current outer-token instance, either by <tt>receipt[0].iss</tt> differing from <tt>outer.iss</tt> or by <tt>receipt[0].iss</tt> matching but <tt>receipt[0].origin_jti</tt> differing from <tt>outer.jti</tt>.  Consumer rules in <xref target="consumer-processing"/> use this property to scope the bind-to-current checks for <tt>receipt[0]</tt>.</t>
      <section anchor="creating-the-first-receipt">
        <name>Creating the First Receipt</name>
        <t>When an issuer creates a delegated token with a new outermost actor hop and no inbound <tt>actor_receipts</tt> are being preserved, the issuer <bcp14>MAY</bcp14> create a new one-element <tt>actor_receipts</tt> array.</t>
        <t>If it does so, the new receipt:</t>
        <ul spacing="normal">
          <li>
            <t><bcp14>MUST</bcp14> describe the new outermost actor hop;</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> set <tt>sub</tt> to the issued token's top-level <tt>sub</tt>;</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> set <tt>act.sub</tt> and <tt>act.iss</tt> to the new outermost actor;</t>
          </li>
          <li>
            <t><bcp14>MAY</bcp14> copy the issued token's top-level <tt>cnf</tt>, if any, into the receipt <tt>cnf</tt>, subject to the disclosure considerations in <xref target="receipt-claims"/>; when copied, the receipt <tt>cnf</tt> <bcp14>MUST</bcp14> equal the outer token's <tt>cnf</tt> value;</t>
          </li>
          <li>
            <t><bcp14>SHOULD</bcp14> set <tt>origin_jti</tt> to the issued token's <tt>jti</tt>, if the issued token carries a <tt>jti</tt>;</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> omit <tt>prh</tt>.</t>
          </li>
        </ul>
        <t>When the one-element array covers every visible hop (a visible <tt>act</tt> chain of depth 1), the issuer <bcp14>SHOULD</bcp14> set <tt>actor_receipts_complete: true</tt>; when inner visible hops remain uncovered, it <bcp14>SHOULD</bcp14> set <tt>actor_receipts_complete: false</tt>, per <xref target="actor-receipts-claim"/>.</t>
      </section>
      <section anchor="extending-an-existing-receipt-chain">
        <name>Extending an Existing Receipt Chain</name>
        <t>When an issuer adds a new outermost actor hop and also preserves an inbound <tt>actor_receipts</tt> array, it:</t>
        <ol spacing="normal" type="1"><li>
            <t><bcp14>MUST</bcp14> validate the inbound receipt chain by applying the consumer processing rules in <xref target="consumer-processing"/> before relying on it or carrying it forward.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> verify that each inbound receipt's <tt>exp</tt> is no earlier than the issued outer token's <tt>exp</tt>.  Carrying a receipt forward whose <tt>exp</tt> precedes the outer token's <tt>exp</tt> would cause consumers to reject the chain mid-token-lifetime under <xref target="consumer-processing"/>; an inbound receipt that fails this check is treated as failing validation under step 1.  Issuers <bcp14>MAY</bcp14> apply a small clock-skew margin to this comparison, consistent with the consumer-side skew tolerance in <xref target="consumer-processing"/>, but <bcp14>MUST NOT</bcp14> broadly accept inbound receipts whose <tt>exp</tt> precedes the issued outer token's <tt>exp</tt> by more than a deployment-defined skew bound.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> preserve each inbound receipt byte-for-byte unchanged.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> create exactly one new receipt for the new outermost actor hop.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> prepend that new receipt to the inherited array.</t>
          </li>
          <li>
            <t>When the inherited array is non-empty, <bcp14>MUST</bcp14> set the new receipt's <tt>prh</tt> to the hash of the exact compact serialization of the receipt now at the next array index, computed using the algorithm named by <tt>prh_alg</tt> (defaulting to SHA-256 when <tt>prh_alg</tt> is absent).</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> set the new receipt's <tt>prh_alg</tt> to the inherited value, or omit <tt>prh_alg</tt> if the inherited chain omits it (preserving the SHA-256 default for the chain).  An issuer that does not support the inbound <tt>prh_alg</tt> value <bcp14>MUST</bcp14> reject the chain rather than rehash; rehashing would invalidate prior issuers' signatures.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> set the issued outer token's <tt>actor_receipts_complete</tt> to <tt>true</tt> when the validated inbound chain carried <tt>actor_receipts_complete: true</tt> and the new receipt covers the new outermost actor hop; downgrading to absent or <tt>false</tt> in that case would falsely signal a coverage reduction to recipients that test for the literal value <tt>true</tt>.  When the issuer cannot attest complete coverage for the issued chain (for example, the inbound chain was partial or carried no completeness attestation), it <bcp14>MUST NOT</bcp14> set <tt>actor_receipts_complete: true</tt> and <bcp14>SHOULD</bcp14> set <tt>actor_receipts_complete: false</tt>, per <xref target="actor-receipts-claim"/>.</t>
          </li>
        </ol>
        <t>An issuer <bcp14>MUST NOT</bcp14> reserialize, resign, normalize, trim, or otherwise alter a prior receipt.</t>
        <t>If inbound receipts fail validation, the issuer <bcp14>MUST NOT</bcp14> propagate them.  It <bcp14>MAY</bcp14> continue without <tt>actor_receipts</tt> only when local policy permits partial coverage; otherwise it <bcp14>MUST</bcp14> fail the request under the error model of the underlying protocol.</t>
      </section>
      <section anchor="reissuance-without-a-new-actor-hop">
        <name>Reissuance Without a New Actor Hop</name>
        <t>An issuer that reissues, translates, or introspects and re-emits a token without adding a new outermost actor hop:</t>
        <ul spacing="normal">
          <li>
            <t><bcp14>MAY</bcp14> carry an inbound <tt>actor_receipts</tt> array forward unchanged;</t>
          </li>
          <li>
            <t><bcp14>MUST NOT</bcp14> create a new receipt;</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> carry the inbound <tt>actor_receipts_complete</tt> value forward unchanged when the inbound array is carried forward unchanged; an issuer that cannot continue to attest the inbound coverage value <bcp14>MUST</bcp14> drop the inbound array entirely rather than keep the array and silently downgrade <tt>actor_receipts_complete</tt>.  Receipt disclosure is all-or-nothing for a given token: a strict subset of an inherited array cannot validate under <xref target="consumer-processing"/> (see <xref target="consumer-introspection"/>);</t>
          </li>
          <li>
            <t><bcp14>MUST NOT</bcp14> continue to carry an inherited <tt>actor_receipts</tt> array if it cannot preserve the visible hop alignment required by <xref target="consumer-processing"/>;</t>
          </li>
          <li>
            <t><bcp14>MUST NOT</bcp14> change the outer token's top-level <tt>sub</tt> while carrying inherited receipts forward; a <tt>sub</tt> change re-expresses subject identity and breaks the alignment between <tt>receipt[0].sub</tt> and the outer token's top-level <tt>sub</tt> that consumers verify under <xref target="consumer-processing"/>.  A reissuing issuer that re-expresses <tt>sub</tt> into another namespace (for example, a token translator at a domain boundary) therefore drops inherited receipts; receipt-based provenance does not survive subject re-expression at reissuance.</t>
          </li>
        </ul>
        <t>If such an issuer changes the visible outermost actor, it has added a new hop and <bcp14>MUST</bcp14> follow <xref target="extending-an-existing-receipt-chain"/>.</t>
        <t>A change in the outer token's top-level <tt>cnf</tt> value, by itself, does not invalidate carried-forward receipts.  Receipt <tt>cnf</tt> records the historical presenter binding in effect when that hop was created.  The current token's top-level <tt>cnf</tt> can later change, for example because of key rotation or token reissuance, without requiring a new receipt so long as the visible actor hop itself is unchanged.</t>
        <t>Reissuance <bcp14>MAY</bcp14> change the outer token's <tt>aud</tt>, <tt>scope</tt>, <tt>cnf</tt>, <tt>exp</tt>, and other claims that bind the current request without requiring updates to inherited receipts.  Receipts attest hop history at the time of original issuance and are unaffected by later mutations of current-request bindings.  Only <tt>sub</tt> is structurally constrained, because changing <tt>sub</tt> while carrying inherited receipts would break the alignment between <tt>receipt[0].sub</tt> and the outer token's top-level <tt>sub</tt> that consumers verify under <xref target="consumer-processing"/>.</t>
        <t>Reissuance under this section is the only case in which <tt>receipt[0]</tt> may legitimately diverge from the current outer-token instance.  Two patterns of divergence are possible:</t>
        <ul spacing="normal">
          <li>
            <t><strong>Different-issuer reissuance</strong>: <tt>receipt[0].iss</tt> differs from the outer token's <tt>iss</tt>.  For example, an introspection endpoint operated as a separate trust principal re-emits the token, or a token translator at a domain boundary re-issues under its own issuer identity.</t>
          </li>
          <li>
            <t><strong>Same-issuer reissuance</strong>: <tt>receipt[0].iss</tt> matches the outer token's <tt>iss</tt>, but <tt>receipt[0].origin_jti</tt> differs from the outer token's <tt>jti</tt>.  For example, an authorization server refreshes its own access token: the refreshed token is signed by the same AS but carries a new <tt>jti</tt>, while inherited receipts (carried forward unchanged) retain the original outer-token <tt>jti</tt> in <tt>origin_jti</tt>.</t>
          </li>
        </ul>
        <t>Consumer rules in <xref target="consumer-processing"/> treat <tt>receipt[0].origin_jti</tt> as historical provenance, not as a current-token binding, in both reissuance patterns.  Recipients distinguish legitimate reissuance from a re-wrapping attack through local policy or out-of-band trust framework, as described in <xref target="receipt-to-token-binding-limits"/>.</t>
        <t>Refresh-token reissuance is a special case of reissuance under this section.  Receipt-bearing refresh is interoperable only when local policy defines a bounded maximum delegated-session lifetime for tokens that may inherit the receipts.</t>
        <t>An AS that supports refresh tokens for delegated access tokens:</t>
        <ul spacing="normal">
          <li>
            <t><bcp14>MUST</bcp14> retain the <tt>actor_receipts</tt> array associated with the original access token in issuer-controlled state across refresh, either in durable storage (for example, a token-state database or refresh-token state) or embedded in a self-contained refresh token, so each refreshed access token can carry the receipts forward unchanged.</t>
          </li>
          <li>
            <t><bcp14>MUST</bcp14> set receipt <tt>exp</tt> values under <xref target="receipt-claims"/> to accommodate the bounded maximum delegated-session lifetime.  Otherwise downstream issuers reject inbound chains under <xref target="extending-an-existing-receipt-chain"/> as receipts approach expiry, and refresh loses receipt-based provenance.</t>
          </li>
          <li>
            <t>When that bounded lifetime would be exceeded, <bcp14>MUST</bcp14> either obtain fresh delegation state and start a new receipt chain or stop emitting <tt>actor_receipts</tt>, unless local policy permits partial or absent receipt coverage.</t>
          </li>
        </ul>
      </section>
      <section anchor="partial-coverage-and-full-coverage">
        <name>Partial Coverage and Full Coverage</name>
        <t>This document permits partial receipt coverage for progressive deployment.  An issuer <bcp14>MAY</bcp14> begin a new receipt chain even when older inner actor hops remain visible but uncovered.</t>
        <t>However:</t>
        <ul spacing="normal">
          <li>
            <t>a partial chain <bcp14>MUST</bcp14> still cover a contiguous outermost prefix of the visible actor chain;</t>
          </li>
          <li>
            <t>an issuer <bcp14>MUST NOT</bcp14> skip an outer visible hop and receipt only an inner visible hop;</t>
          </li>
          <li>
            <t>when local policy or resource requirements require full provenance, the issuer <bcp14>MUST</bcp14> either emit complete receipt coverage or fail the request under the error model of the underlying protocol.</t>
          </li>
        </ul>
        <t>Because coverage is a contiguous outermost prefix, partial coverage always omits the innermost (oldest) hops first.  In many delegation chains the innermost hop is the original subject-to-actor delegation, the hop with the greatest audit and accountability value.  Deployments that value evidence for that originating hop <bcp14>SHOULD</bcp14> deploy receipt support at the origin issuer first: once the origin issuer emits the first receipt, every downstream issuer that supports this profile extends the chain, and coverage is complete by construction.  Resource servers that require evidence for the originating hop enforce it through <tt>actor_receipts_complete_required</tt> (<xref target="discovery-capability-signaling"/>) or equivalent local policy.</t>
        <t>When the issuer also filters the visible <tt>act</tt> chain (see the <tt>chain_complete</tt> introspection member defined in the core actor profile <xref target="I-D.mcguinness-oauth-actor-profile"/>), <tt>actor_receipts</tt> covers only the visible filtered chain.  In that case <tt>actor_receipts_complete</tt> describes coverage relative to the visible filtered chain, not the unfiltered delegation chain; recipients that need true-chain completeness <bcp14>MUST</bcp14> evaluate <tt>chain_complete</tt> separately.</t>
        <t>For inline JWT tokens, this document defines no <tt>chain_complete</tt> JWT claim.  A recipient that needs true-chain completeness for inline JWT tokens <bcp14>MUST</bcp14> obtain that signal from trusted deployment context, introspection, or another profile; <tt>actor_receipts_complete: true</tt> alone attests only complete receipt coverage for the visible <tt>act</tt> chain.</t>
      </section>
      <section anchor="transaction-token-service-rebinding">
        <name>Transaction Token Service Rebinding</name>
        <t>A Transaction Token Service that establishes a new presenter and makes that presenter the new outermost actor follows the same receipt rules as any other issuer that adds a new outermost actor hop, as defined in <xref target="extending-an-existing-receipt-chain"/> (or <xref target="creating-the-first-receipt"/> when no inbound <tt>actor_receipts</tt> exist).  TTS presenter rebinding inherently changes the outer token's top-level <tt>cnf</tt>; the new receipt records the new presenter's <tt>cnf</tt> when included (subject to <xref target="receipt-claims"/>), and inherited receipts retain their historical <tt>cnf</tt> values unchanged.  This profile does not define additional receipt claims specific to Transaction Tokens; any transaction-specific semantics remain governed by the Transaction Token itself and its deployment profile.</t>
      </section>
    </section>
    <section anchor="consumer-processing">
      <name>Consumer Processing</name>
      <t>An issuer, resource server, or other recipient that relies on <tt>actor_receipts</tt> <bcp14>MUST</bcp14> perform the following steps.</t>
      <ol spacing="normal" type="1"><li>
          <t>Validate the outer token according to its token type and the core actor profile.</t>
        </li>
        <li>
          <t>If <tt>actor_receipts</tt> is absent, treat the token as lacking receipt-based provenance.  Whether that is acceptable is determined by local policy or by Protected Resource Metadata signals such as <tt>actor_receipts_required</tt> and <tt>actor_receipts_complete_required</tt> defined in <xref target="discovery-capability-signaling"/>.  If <tt>actor_receipts_complete</tt> is present with the value <tt>true</tt> while <tt>actor_receipts</tt> is absent, the combination is malformed; the recipient <bcp14>MUST</bcp14> treat this as a failed required check and apply the rejection rule following step 11.</t>
        </li>
        <li>
          <t>Verify that <tt>actor_receipts</tt>, if present, is a non-empty JSON array of strings.  Verify that <tt>actor_receipts_complete</tt>, if present, is a JSON boolean.</t>
        </li>
        <li>
          <t>Verify that the number of receipts does not exceed the visible actor-chain depth of the outer token.  If the outer token carries <tt>actor_receipts_complete: true</tt>, verify that the receipt count exactly equals the visible actor-chain depth; if it does not, reject the token.</t>
        </li>
        <li>
          <t>For each receipt, in array order:
          </t>
          <ul spacing="normal">
            <li>
              <t>parse the string as a compact JWT;</t>
            </li>
            <li>
              <t>verify that the receipt issuer is within the recipient's pre-configured trusted-issuer set before performing any network retrieval for that issuer's metadata or keys;</t>
            </li>
            <li>
              <t>resolve the signing key from the receipt issuer's authorization server metadata <tt>jwks_uri</tt> <xref target="RFC8414"/> (where the receipt issuer is identified by the receipt's <tt>iss</tt> claim, which may differ from the outer token's issuer) or from local configuration;</t>
            </li>
            <li>
              <t>validate the JWT signature;</t>
            </li>
            <li>
              <t>verify that the JOSE header uses an asymmetric digital-signature <tt>alg</tt> value accepted for that receipt issuer, and reject receipts that use <tt>alg: none</tt> or a MAC-based symmetric algorithm;</t>
            </li>
            <li>
              <t>verify that <tt>typ</tt> equals <tt>actor-receipt+jwt</tt>;</t>
            </li>
            <li>
              <t>reject a receipt whose <tt>crit</tt> header lists an extension header the consumer does not understand;</t>
            </li>
            <li>
              <t>verify that all <bcp14>REQUIRED</bcp14> receipt claims are present and have the expected JSON types, including <tt>iss</tt>, <tt>sub</tt>, <tt>act</tt>, <tt>iat</tt>, <tt>exp</tt>, and <tt>jti</tt>;</t>
            </li>
            <li>
              <t>verify that <bcp14>OPTIONAL</bcp14> claims used by this profile have the expected JSON types when present, including <tt>sub_iss</tt>, <tt>sub_profile</tt>, <tt>cnf</tt>, <tt>prh</tt>, <tt>prh_alg</tt>, and <tt>origin_jti</tt>;</t>
            </li>
            <li>
              <t>verify that the receipt <tt>act</tt> object is single-hop, contains no nested <tt>act</tt>, and contains no <tt>cnf</tt>;</t>
            </li>
            <li>
              <t>enforce <tt>exp</tt>, <tt>iat</tt>, and other JWT validity rules.  Because <tt>exp</tt> is <bcp14>REQUIRED</bcp14> on receipts and <bcp14>MUST</bcp14> cover the expected outer token lifetime, an expired receipt <bcp14>SHOULD</bcp14> be treated as invalid even for older hops.  Local policy <bcp14>MAY</bcp14> permit continued use of a receipt that is expired by a small clock-skew margin, but <bcp14>MUST NOT</bcp14> relax <tt>exp</tt> enforcement broadly as a workaround for issuers that failed to set adequate <tt>exp</tt> values.</t>
            </li>
            <li>
              <t>for <tt>receipt[0]</tt>: anchor it to the current outer-token instance when <tt>receipt[0].iss</tt> equals the outer token's <tt>iss</tt> and <tt>receipt[0].origin_jti</tt> is present and equals the outer token's <tt>jti</tt> (the originating-issuance case).  When <tt>receipt[0].iss</tt> equals the outer token's <tt>iss</tt> and the outer token carries no <tt>jti</tt>, accept the chain as issuer-signed provenance without current-token-instance binding; any <tt>receipt[0].origin_jti</tt> value is then informational only.  If <tt>receipt[0].iss</tt> equals the outer token's <tt>iss</tt> but <tt>origin_jti</tt> is absent while the outer token carries <tt>jti</tt>, the recipient <bcp14>MAY</bcp14> accept the chain as issuer-signed provenance under local policy, but <bcp14>MUST NOT</bcp14> treat it as bound to the current outer-token instance.  Otherwise, the recipient <bcp14>MUST</bcp14> reject the chain unless local policy designates the current outer token issuer (<tt>outer.iss</tt>) as a trusted reissuing issuer for receipt chains whose leading receipt issuer is <tt>receipt[0].iss</tt>, per <xref target="receipt-to-token-binding-limits"/>.  For receipts other than <tt>receipt[0]</tt>, <tt>origin_jti</tt> is informational provenance only.</t>
            </li>
          </ul>
        </li>
        <li>
          <t>Verify receipt-chain linkage:
          </t>
          <ul spacing="normal">
            <li>
              <t>each receipt other than the oldest <bcp14>MUST</bcp14> include <tt>prh</tt>;</t>
            </li>
            <li>
              <t>each non-oldest receipt's <tt>prh</tt> <bcp14>MUST</bcp14> hash the next older receipt using the algorithm named by <tt>prh_alg</tt>, defaulting to <tt>sha-256</tt> when <tt>prh_alg</tt> is absent;</t>
            </li>
            <li>
              <t>all receipts in the chain <bcp14>MUST</bcp14> carry the same <tt>prh_alg</tt> value (or all omit it); a mixed-algorithm chain <bcp14>MUST</bcp14> be rejected;</t>
            </li>
            <li>
              <t>the named algorithm <bcp14>MUST</bcp14> be one the recipient supports; a chain naming an unsupported algorithm <bcp14>MUST</bcp14> be rejected;</t>
            </li>
            <li>
              <t>the oldest receipt <bcp14>MUST</bcp14> omit <tt>prh</tt>.</t>
            </li>
          </ul>
        </li>
        <li>
          <t>Verify visible-hop alignment:
          </t>
          <ul spacing="normal">
            <li>
              <t><tt>receipt[0].act.sub</tt> <bcp14>MUST</bcp14> equal the outer token's <tt>act.sub</tt>, and <tt>receipt[0].act.iss</tt> <bcp14>MUST</bcp14> equal the outer token's <tt>act.iss</tt>;</t>
            </li>
            <li>
              <t><tt>receipt[1].act.sub</tt> <bcp14>MUST</bcp14> equal the outer token's <tt>act.act.sub</tt>, and <tt>receipt[1].act.iss</tt> <bcp14>MUST</bcp14> equal the outer token's <tt>act.act.iss</tt>;</t>
            </li>
            <li>
              <t>and so on for the number of receipts present;</t>
            </li>
            <li>
              <t>when <tt>act.sub_profile</tt> is present in the receipt <tt>act</tt> object, the corresponding visible <tt>act</tt> object <bcp14>MUST</bcp14> contain <tt>act.sub_profile</tt> with the same value;</t>
            </li>
            <li>
              <t>when <tt>act.sub_profile</tt> is present only in the visible <tt>act</tt> object, the receipt remains aligned for this profile.  The visible value is not independently attested by that receipt, and recipients that require receipt coverage for actor classification <bcp14>MUST</bcp14> reject the receipt chain or apply explicit local mapping rules.</t>
            </li>
          </ul>
        </li>
        <li>
          <t>Verify subject alignment:
          </t>
          <ul spacing="normal">
            <li>
              <t><tt>receipt[0].sub</tt> <bcp14>MUST</bcp14> equal the outer token's top-level <tt>sub</tt>;</t>
            </li>
            <li>
              <t>when <tt>receipt[0].sub_iss</tt> is present and the recipient has a top-level subject namespace authority for the outer token's <tt>sub</tt> from local configuration, an inbound subject token's claims, or another deployment-defined source, the two <bcp14>MUST</bcp14> identify the same namespace authority, evaluated by case-sensitive string comparison; treating lexically distinct identifiers as the same authority requires explicit trusted local mapping rules;</t>
            </li>
            <li>
              <t>when <tt>receipt[0].sub_profile</tt> is present and the outer token contains top-level <tt>sub_profile</tt>, the values <bcp14>MUST</bcp14> match;</t>
            </li>
            <li>
              <t>when <tt>receipt[0].sub_profile</tt> is present but the outer token does not contain top-level <tt>sub_profile</tt>, recipients that require receipt coverage for subject classification <bcp14>MUST</bcp14> reject the receipt chain or apply explicit local mapping rules;</t>
            </li>
            <li>
              <t>when <tt>receipt[0].sub_profile</tt> is absent but the outer token contains top-level <tt>sub_profile</tt>, the receipt remains aligned for this profile.  The visible value is not independently attested by that receipt, and recipients that require receipt coverage for subject classification <bcp14>MUST</bcp14> reject the receipt chain or apply explicit local mapping rules;</t>
            </li>
            <li>
              <t>older receipts <bcp14>MAY</bcp14> carry differing <tt>sub</tt>, <tt>sub_iss</tt>, or <tt>sub_profile</tt> values; see <xref target="subject-re-expression-across-hops"/>.</t>
            </li>
          </ul>
        </li>
        <li>
          <t>Treat each receipt <tt>cnf</tt> value, if present, only as historical provenance for that hop.  A mismatch between the current outer token's top-level <tt>cnf</tt> and the outermost receipt <tt>cnf</tt> <bcp14>MUST NOT</bcp14> by itself invalidate the receipt chain under this profile.</t>
        </li>
        <li>
          <t>Receipt <tt>cnf</tt> values <bcp14>MUST NOT</bcp14> replace validation of the current request against the outer token's top-level <tt>cnf</tt>.</t>
        </li>
        <li>
          <t>Apply any additional consumer-processing rules defined by companion profiles whose claims appear in the receipt or outer token (see <xref target="extensibility"/>).  Companion-profile rules <bcp14>MUST NOT</bcp14> relax any requirement in steps 1 through 10; they <bcp14>MAY</bcp14> add additional rejection conditions.</t>
        </li>
      </ol>
      <t>If any required check fails, the recipient <bcp14>MUST</bcp14> reject the receipt chain for the purposes of this profile and <bcp14>MUST</bcp14> apply the underlying protocol's error handling for the stage at which the failure occurred.</t>
      <t>A recipient that has rejected a receipt chain under this profile <bcp14>MAY</bcp14>, under explicit local policy, extract structural information from the chain for use by companion profiles (for example, applying a companion's verification rules to the trusted prefix of an otherwise-invalid chain).  The recipient <bcp14>MUST NOT</bcp14> treat such partial validation as conformance with this profile, and <bcp14>MUST NOT</bcp14> relax the rejection requirements defined above.  Companion profiles defining partial-validation modes <bcp14>MUST</bcp14> do so under their own normative scope.</t>
      <section anchor="subject-re-expression-across-hops">
        <name>Subject Re-Expression Across Hops</name>
        <t>Older receipts can carry a different <tt>sub</tt> value from the current outer token when the subject has been re-expressed across issuer namespaces.  This document does not define a universal subject-mapping algorithm.</t>
        <t>Accordingly:</t>
        <ul spacing="normal">
          <li>
            <t>only <tt>receipt[0].sub</tt> is required to equal the current outer token <tt>sub</tt>;</t>
          </li>
          <li>
            <t>older receipt <tt>sub</tt> values <bcp14>MAY</bcp14> differ;</t>
          </li>
          <li>
            <t>a recipient that applies stronger continuity requirements across older <tt>sub</tt> values <bcp14>MUST</bcp14> do so under explicit trusted local mapping rules.</t>
          </li>
        </ul>
        <t>Recipients <bcp14>MUST</bcp14> be aware that permitting differing <tt>sub</tt> values across receipts creates a cross-subject insertion risk: a receipt from an unrelated subject chain that happens to share the same actor identity could satisfy the structural hop-alignment check.</t>
        <t>This risk is not merely accidental.  An attacker who compromises any single upstream issuer can deliberately mint receipts for any subject in that issuer's namespace and graft them onto a downstream chain whose re-expressed <tt>sub</tt> points to a target subject; the graft satisfies structural hop-alignment because the actor identity at the grafted hop matches a hop that legitimately occurred for the target.</t>
        <t>This profile provides no in-band mechanism for cross-namespace subject reconciliation.</t>
        <t>Deployments where subject continuity is a security requirement <bcp14>SHOULD</bcp14> adopt one of the following:</t>
        <ul spacing="normal">
          <li>
            <t>require consistent <tt>sub</tt> values across all receipts in the chain, rejecting re-expressed chains; or</t>
          </li>
          <li>
            <t>enforce explicit trusted subject-mapping rules that can positively confirm each distinct <tt>sub</tt> value refers to the same underlying entity.</t>
          </li>
        </ul>
        <t>When neither condition is met, the recipient <bcp14>MUST</bcp14> treat the differing <tt>sub</tt> values as unverified subject continuity and <bcp14>MUST NOT</bcp14> rely on those older receipts for authorization decisions.</t>
      </section>
      <section anchor="complete-receipt-coverage">
        <name>Complete Receipt Coverage</name>
        <t>A recipient can infer structural complete receipt coverage by comparing receipt count with visible actor depth.  If the number of receipts equals the visible actor depth and all validation rules above succeed, the token has structurally complete receipt coverage for the visible chain.</t>
        <t>When local policy only needs structural completeness, that inferred count match is sufficient.  When Protected Resource Metadata declares <tt>actor_receipts_complete_required: true</tt>, the token or introspection response <bcp14>MUST</bcp14> also carry <tt>actor_receipts_complete: true</tt>; a count match without that explicit issuer attestation does not satisfy the metadata-declared requirement.</t>
        <t>If local policy or resource requirements require full provenance, the recipient <bcp14>MUST</bcp14> reject tokens that do not satisfy the applicable complete-coverage requirement.  For <tt>actor_receipts_complete_required: true</tt>, this requires both structurally complete receipt coverage and <tt>actor_receipts_complete: true</tt>.</t>
      </section>
      <section anchor="use-by-resource-servers">
        <name>Use by Resource Servers</name>
        <t>Resource servers can use validated actor receipts as provenance input for authorization, diagnostics, and audit.  However, a valid receipt chain:</t>
        <ul spacing="normal">
          <li>
            <t>proves only that trusted issuers attested specific visible actor hops;</t>
          </li>
          <li>
            <t>does not prove that the current token's audience, scope, or expiration were in force when older receipts were created;</t>
          </li>
          <li>
            <t>does not replace the need to authorize the current token itself;</t>
          </li>
          <li>
            <t>does not convey authority, authorization, entitlement, or delegation rights;</t>
          </li>
          <li>
            <t>does not imply the represented delegation remains active or acceptable under current policy.</t>
          </li>
        </ul>
        <t>A resource server that bases an authorization decision on receipt content alone, without re-evaluating the current outer token and current policy, mis-uses this profile.</t>
      </section>
      <section anchor="consumer-introspection">
        <name>Introspection</name>
        <t>When an authorization server returns actor-receipt information in an OAuth Token Introspection response <xref target="RFC7662"/>, it:</t>
        <ul spacing="normal">
          <li>
            <t><bcp14>MAY</bcp14> return <tt>actor_receipts</tt> using the same array format defined in <xref target="actor-receipts-claim"/>;</t>
          </li>
          <li>
            <t><bcp14>MAY</bcp14> return <tt>actor_receipts_complete</tt> to indicate whether the returned array provides complete coverage for the visible chain as known to the introspection server.</t>
          </li>
        </ul>
        <t>The registered introspection response members are defined in <xref target="introspection-response-members"/>; introspection-server failure handling is addressed in <xref target="introspection-errors"/>.</t>
        <t>Introspection is the primary delivery mechanism for receipts associated with opaque (non-JWT) outer tokens.  Such tokens cannot carry an inline <tt>actor_receipts</tt> claim; the issuer instead retains the receipts in its token store and surfaces them to authorized resource servers via introspection.  The receipt format and consumer processing rules above apply unchanged in this case, with the introspection response substituting for the outer token's claim set.</t>
        <t>An introspection response that includes <tt>actor_receipts</tt> <bcp14>MUST</bcp14> include the members needed to perform the consumer processing in <xref target="consumer-processing"/>: the token's top-level <tt>sub</tt>, the visible <tt>act</tt> chain, and the token's <tt>iss</tt>, which the <tt>receipt[0]</tt> anchoring check in step 5 compares against <tt>receipt[0].iss</tt>.  When the introspection server maintains a <tt>jti</tt> for the token, the response <bcp14>SHOULD</bcp14> include it so that recipients can evaluate <tt>origin_jti</tt> anchoring; when <tt>jti</tt> is absent from the response, recipients apply the no-<tt>jti</tt> branch of step 5.  If <tt>actor_receipts_complete</tt> is present, it <bcp14>MUST</bcp14> be a JSON boolean.  A resource server that receives both inline receipts in a JWT token and receipts in an introspection response <bcp14>MUST</bcp14> apply local policy to choose the authoritative source; if both sources are consumed together, mismatched <tt>actor_receipts</tt> or <tt>actor_receipts_complete</tt> values <bcp14>MUST</bcp14> cause the resource server to reject receipt-based provenance for the token.</t>
        <t>Receipt disclosure through introspection is all-or-nothing for a given token: a strict subset of the stored array cannot validate under <xref target="consumer-processing"/>, because removing an older receipt leaves the next newer receipt's <tt>prh</tt> without a target and removing the newest receipt breaks visible-hop alignment.  An introspection server that cannot disclose the full stored array for privacy or policy reasons <bcp14>MUST</bcp14> omit <tt>actor_receipts</tt> from the response entirely.  A stored array that itself has partial coverage is returned in full, with <tt>actor_receipts_complete: false</tt>.</t>
        <t>When the introspected token is revoked or otherwise inactive, the introspection response follows the core actor profile's suppression rule for delegation claims: an introspection server <bcp14>MUST NOT</bcp14> return <tt>actor_receipts</tt> or <tt>actor_receipts_complete</tt> for a token it reports as inactive.</t>
        <t>The core actor profile <xref target="I-D.mcguinness-oauth-actor-profile"/> defines a separate <tt>chain_complete</tt> introspection member that indicates whether the visible <tt>act</tt> chain itself has been filtered.  These two completeness signals are distinct: <tt>chain_complete: false</tt> means the introspection server has suppressed inner <tt>act</tt> hops from the chain representation, while <tt>actor_receipts_complete: false</tt> means receipt coverage of the visible chain is partial.  A token can have <tt>chain_complete: true</tt> and <tt>actor_receipts_complete: false</tt>, or vice versa.</t>
        <t>Consumers that rely on both signals <bcp14>MUST</bcp14> evaluate them independently.  When <tt>chain_complete: false</tt>, the receipt array may cover only part of the true delegation chain even when <tt>actor_receipts_complete: true</tt>; receipt coverage is then complete only for the visible filtered chain, not the full chain.</t>
      </section>
    </section>
    <section anchor="discovery-capability-signaling">
      <name>Discovery and Capability Signaling</name>
      <t>This section defines metadata for advertising support for actor receipts.</t>
      <section anchor="authorization-server-metadata">
        <name>Authorization Server Metadata</name>
        <t>The following parameter is defined for use in Authorization Server Metadata <xref target="RFC8414"/>:</t>
        <dl>
          <dt><tt>actor_receipts_supported</tt>:</dt>
          <dd>
            <t><bcp14>OPTIONAL</bcp14>.  A boolean.  When <tt>true</tt>, the authorization server advertises that it can validate inbound actor receipts and can originate, preserve, or extend receipt chains according to this document.  This value does not guarantee complete historical coverage for every visible hop in every resulting token.  When <tt>false</tt> or absent, clients and relying parties <bcp14>MUST NOT</bcp14> assume such support.</t>
          </dd>
        </dl>
        <t>This parameter applies equally to an authorization server that issues delegated JWT outputs and to a Transaction Token Service publishing metadata through the same framework.</t>
      </section>
      <section anchor="protected-resource-metadata">
        <name>Protected Resource Metadata</name>
        <t>The following parameters are defined for use in Protected Resource Metadata <xref target="RFC9728"/>:</t>
        <dl>
          <dt><tt>actor_receipts_required</tt>:</dt>
          <dd>
            <t><bcp14>OPTIONAL</bcp14>.  A boolean.  When <tt>true</tt>, the resource server indicates that delegated requests are expected to carry valid actor receipts covering at minimum the outermost visible actor hop.  When <tt>false</tt> or absent, the resource server makes no metadata declaration about receipt-based provenance requirements.
</t>
            <t>This parameter is a policy declaration for deployment coordination, not a request-time protocol signal: this document defines no parameter by which a client requests receipt issuance, so the declaration is satisfied by configuring receipt issuance at the authorization servers that serve the resource.  Clients <bcp14>MAY</bcp14> use it, together with <tt>actor_receipts_supported</tt>, to select an authorization server that can issue receipt-bearing tokens.</t>
          </dd>
          <dt><tt>actor_receipts_complete_required</tt>:</dt>
          <dd>
            <t><bcp14>OPTIONAL</bcp14>.  A boolean.  When <tt>true</tt>, the resource server indicates that it requires complete receipt coverage: the receipt count must equal the visible actor-chain depth and <tt>actor_receipts_complete</tt> must be <tt>true</tt> in the outer token or the introspection response.  This parameter refines <tt>actor_receipts_required</tt>; a resource server <bcp14>SHOULD NOT</bcp14> set <tt>actor_receipts_complete_required: true</tt> without also setting <tt>actor_receipts_required: true</tt>.  When <tt>false</tt> or absent, partial receipt coverage is acceptable to the resource server, subject to any further local policy.</t>
          </dd>
        </dl>
      </section>
      <section anchor="introspection-response-members">
        <name>Introspection Response Members</name>
        <t>The following members are defined for use in OAuth Token Introspection responses <xref target="RFC7662"/>:</t>
        <dl>
          <dt><tt>actor_receipts</tt>:</dt>
          <dd>
            <t><bcp14>OPTIONAL</bcp14>.  An array of strings using the same syntax as the JWT claim of the same name.</t>
          </dd>
          <dt><tt>actor_receipts_complete</tt>:</dt>
          <dd>
            <t><bcp14>OPTIONAL</bcp14>.  A boolean.  When <tt>true</tt>, the introspection response indicates that the returned <tt>actor_receipts</tt> cover every visible hop in the token chain as known to the introspection server.  When <tt>false</tt>, the response indicates that the returned receipts provide only partial coverage of the visible chain.</t>
          </dd>
        </dl>
        <t>Consumer use of these members is described in <xref target="consumer-introspection"/>; introspection-server failure handling is addressed in <xref target="introspection-errors"/>.</t>
      </section>
      <section anchor="out-of-scope-discovery-signals">
        <name>Out-of-Scope Discovery Signals</name>
        <t>This document does not define a metadata signal for "this resource server requires <tt>cnf</tt> to be present in receipts."  Issuers default to omitting receipt <tt>cnf</tt> for privacy reasons (see <xref target="receipt-claims"/> and <xref target="historical-cnf-disclosure"/>); resource servers that need historical sender-constraint provenance <bcp14>MUST</bcp14> coordinate that requirement with issuers through deployment policy or a future companion profile, rather than through metadata defined here.</t>
      </section>
      <section anchor="claim-pair-convention-for-sibling-profiles">
        <name>Claim-Pair Convention for Sibling Profiles</name>
        <t>This document defines the per-hop artifact array <tt>actor_receipts</tt> together with the coverage attestation <tt>actor_receipts_complete</tt>, and the discovery triple (<tt>actor_receipts_supported</tt>, <tt>actor_receipts_required</tt>, <tt>actor_receipts_complete_required</tt>).  Companion profiles that define their own per-hop signed artifacts (for example, actor-signed proofs or recipient acknowledgments) <bcp14>SHOULD</bcp14> follow the same <tt>&lt;name&gt;</tt> plus <tt>&lt;name&gt;_complete</tt> claim-pair convention, advertise support with <tt>&lt;name&gt;_supported</tt> in Authorization Server Metadata <xref target="RFC8414"/>, and advertise resource-side requirements with <tt>&lt;name&gt;_required</tt> and (if applicable) <tt>&lt;name&gt;_complete_required</tt> in Protected Resource Metadata <xref target="RFC9728"/>.  Following this convention lets recipients evaluate independent companions through the same coverage and capability machinery defined here.</t>
        <t>Companion profiles add per-hop signal in two distinct patterns, and <bcp14>SHOULD</bcp14> pick the one that matches their signer:</t>
        <ul spacing="normal">
          <li>
            <t><strong>Parallel artifact arrays</strong>: a companion outer-token claim parallel to <tt>actor_receipts</tt>, following the <tt>&lt;name&gt;</tt> plus <tt>&lt;name&gt;_complete</tt> convention above.  Each entry is a separately signed JWT.  Use this pattern when the artifact needs its own signer trust independent of the receipt issuer (for example, actor-signed proofs whose threat model differs from AS-signed receipts, or recipient-signed acknowledgments).</t>
          </li>
          <li>
            <t><strong>Per-receipt extension claims</strong>: a claim added to each receipt JWT and verified as part of the receipt's signature.  Use this pattern when the assertion is something the receipt issuer is already attesting (for example, per-hop authority bounds, delegation-flow correlation, or lifecycle-state snapshots).  Recognized per the unrecognized-claims rule in <xref target="receipt-claims"/>; cross-receipt verification follows <xref target="extensibility"/>.</t>
          </li>
        </ul>
        <t>The two patterns serve different threat models and have different completeness semantics: parallel-array companions inherit the claim-pair coverage machinery defined here; per-receipt-claim companions define their own completeness rules over the set of receipts that carry the claim.</t>
      </section>
    </section>
    <section anchor="error-handling">
      <name>Error Handling</name>
      <t>This section defines how receipt-related processing failures map to OAuth error responses.  Receipt validation extends the underlying OAuth or Transaction Token validation rather than replacing it; failures should be reported through the error-response mechanism applicable to the stage at which validation occurred.</t>
      <section anchor="authorization-server-and-transaction-token-service-errors">
        <name>Authorization Server and Transaction Token Service Errors</name>
        <t>When an authorization server or Transaction Token Service rejects a token-exchange request because inbound <tt>actor_receipts</tt> cannot be validated under <xref target="extending-an-existing-receipt-chain"/> (signature failure, expired receipt, unsupported <tt>prh_alg</tt>, broken <tt>prh</tt> chain, hop or subject misalignment, or untrusted receipt issuer), it <bcp14>SHOULD</bcp14> return <tt>invalid_grant</tt>, constructed per <xref target="RFC8693"/> Section 2.2.2 and <xref target="RFC6749"/> Section 5.2, consistent with the core actor profile's error mapping for actor information that fails validation.</t>
        <t>When the failure reflects an actor-authorization decision rather than a structural validation failure, an issuer <bcp14>MAY</bcp14> use <tt>actor_unauthorized</tt> as defined in the core actor profile <xref target="I-D.mcguinness-oauth-actor-profile"/> where applicable.</t>
      </section>
      <section anchor="resource-server-errors">
        <name>Resource Server Errors</name>
        <t>When a resource server rejects a request because <tt>actor_receipts</tt> validation fails under <xref target="consumer-processing"/>, it <bcp14>SHOULD</bcp14> return <tt>invalid_token</tt> per the bearer-token error model in <xref target="RFC6750"/> Section 3.1.</t>
        <t>When the failure is specifically that required receipts are absent or coverage is incomplete (per <tt>actor_receipts_required</tt> or <tt>actor_receipts_complete_required</tt>), the resource server <bcp14>SHOULD</bcp14> include an <tt>error_description</tt> value identifying receipt-coverage failure so that clients and operators can distinguish it from generic token-validation failures.</t>
      </section>
      <section anchor="introspection-errors">
        <name>Introspection Server Behavior</name>
        <t>When an introspection server cannot return receipts that the requesting resource server requires, it returns the introspection response per <xref target="RFC7662"/> with <tt>actor_receipts</tt> absent or with <tt>actor_receipts_complete: false</tt>; the resource server then applies its local policy to decide whether to accept the token.</t>
        <t>The introspection server itself does not return an OAuth error for missing receipts; receipt presence is a property of the introspection response, not a precondition for it.</t>
        <t>Consumer use of introspection-returned receipts is described in <xref target="consumer-introspection"/>; the registered introspection response members are defined in <xref target="introspection-response-members"/>.</t>
      </section>
      <section anchor="no-new-error-codes">
        <name>No New Error Codes</name>
        <t>This document does not define new OAuth error codes.  The mapping above reuses existing codes from <xref target="RFC6749"/>, <xref target="RFC6750"/>, and the core actor profile.</t>
      </section>
    </section>
    <section anchor="extensibility">
      <name>Extensibility</name>
      <t>This profile is designed to compose with sibling companion profiles that build on the OAuth Actor Profile for Delegation <xref target="I-D.mcguinness-oauth-actor-profile"/>.  Companion profiles have five standard extension surfaces:</t>
      <ul spacing="normal">
        <li>
          <t><strong>New claims inside a receipt JWT</strong> for additional per-hop attributes (for example, historical scope, additional binding data, or extension-specific provenance).  Consumers ignore unrecognized claims under <xref target="receipt-claims"/> unless another specification or local agreement defines their meaning, so additive claims do not break the validation rules of this document.</t>
        </li>
        <li>
          <t><strong>New top-level claims on the outer token, parallel to <tt>actor_receipts</tt></strong>, for per-hop artifacts that need their own signature semantics (for example, actor-signed proofs whose threat model differs from AS-signed receipts, or recipient-signed acknowledgments).  Profiles that define such claims <bcp14>SHOULD</bcp14> follow the <tt>&lt;name&gt;</tt> plus <tt>&lt;name&gt;_complete</tt> claim-pair convention described in <xref target="discovery-capability-signaling"/>.</t>
        </li>
        <li>
          <t><strong>New JOSE <tt>typ</tt> values</strong> for receipt-shaped artifacts that are not AS-signed receipts conforming to this document.  The <tt>typ</tt> value <tt>actor-receipt+jwt</tt> defined here is reserved for receipts conforming to this document and <bcp14>MUST NOT</bcp14> be used by other artifacts.</t>
        </li>
        <li>
          <t><strong>New outer-token binding claims</strong>, analogous to <tt>origin_jti</tt>, that record an outer-token field other than <tt>jti</tt> (for example, a workflow correlation identifier).  Such claims are independently verifiable as current-token bindings only on the same terms as <tt>origin_jti</tt>; see <xref target="receipt-to-token-binding-limits"/>.</t>
        </li>
        <li>
          <t><strong>Non-hop event artifacts</strong> for signal that is not tied to the introduction of a new visible actor hop, including re-authorization events without a hop change, lifecycle-state changes on a governing authority object, receiver acknowledgments, and sender-constraint rotations.  Companion profiles defining such artifacts <bcp14>SHOULD</bcp14>: use a signed JWT with a <tt>typ</tt> value distinct from <tt>actor-receipt+jwt</tt>; carry the events in a top-level outer-token claim parallel to <tt>actor_receipts</tt> (for example, <tt>&lt;companion&gt;_events</tt>); anchor each event either to a specific receipt by carrying that receipt's <tt>jti</tt> in a claim the companion profile defines, or to the delegation flow by a correlation identifier the companion profile specifies (for example, the <tt>txn</tt> claim of <xref target="I-D.ietf-oauth-transaction-tokens"/> in Transaction Token deployments); OPTIONALLY chain events among themselves via <tt>prh</tt> / <tt>prh_alg</tt> using the linkage construction in <xref target="receipt-claims"/>; OPTIONALLY follow the <tt>&lt;name&gt;</tt> plus <tt>&lt;name&gt;_complete</tt> claim-pair convention from <xref target="discovery-capability-signaling"/>.  Companion profiles <bcp14>MUST NOT</bcp14> add event-shaped entries to <tt>actor_receipts</tt>; that array is reserved for per-hop AS-signed attestations defined by this document, and its byte-preservation invariant cannot accommodate entries added after the chain was formed.</t>
        </li>
      </ul>
      <t>Companion profile authoring rules:</t>
      <ul spacing="normal">
        <li>
          <t>Companion profiles <bcp14>MAY</bcp14> extend consumer processing under <xref target="consumer-processing"/> by adding rejection conditions; they <bcp14>MUST NOT</bcp14> relax any rejection condition defined here.</t>
        </li>
        <li>
          <t>Companion-profile claims and discovery metadata <bcp14>MUST</bcp14> be registered with IANA in the registries used by this document.</t>
        </li>
        <li>
          <t>Companion profiles <bcp14>MAY</bcp14> reuse the <tt>prh</tt> and <tt>prh_alg</tt> chain-linkage construction defined in <xref target="receipt-claims"/> when their per-hop signed artifacts form a similar chain structure, so that recipients can apply a single chain-validation routine across companions.</t>
        </li>
        <li>
          <t>Companions whose artifacts do not form a chain (for example, independent per-hop attestations or recipient acknowledgments that are not linked to one another) <bcp14>MAY</bcp14> define their own integrity structure.</t>
        </li>
        <li>
          <t>Companion profiles <bcp14>MAY</bcp14> define cross-receipt verification rules (for example, monotonicity rules over per-hop authority bounds, alignment rules between per-hop attestations, or aggregation rules over per-hop assertions) that compare claims across receipts in the chain.  The chain structure preserved by <tt>prh</tt> and the byte-for-byte preservation requirement make such cross-receipt verification possible.  Companion profiles defining cross-receipt rules <bcp14>MUST</bcp14> tolerate sparse coverage (not every receipt is required to carry the companion's claims) unless they explicitly require completeness.</t>
        </li>
      </ul>
      <t>Cross-companion alignment: companion artifacts that need to reference a specific receipt (for example, an actor-signed proof at hop N referencing the corresponding AS-signed receipt at hop N) <bcp14>SHOULD</bcp14> do so by the receipt's <tt>jti</tt>, which is <bcp14>REQUIRED</bcp14> on receipts and unique within the issuer's namespace.  This profile does not define a hop-index claim; cross-companion alignment is established through <tt>jti</tt> reference plus the <tt>prh</tt> chain's structural integrity, not through array-position metadata.</t>
      <t>Conflict resolution: when a recipient implements multiple companion profiles whose rules conflict, local policy determines precedence.  Companion profiles <bcp14>SHOULD</bcp14> be designed to add, not contradict, other profiles' rejection conditions, so that conflicts arise only between profiles whose threat models are genuinely incompatible.</t>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <t>Actor receipts strengthen provenance for visible actor hops, but they do not replace ordinary token validation.  The general OAuth 2.0 Security Best Current Practice <xref target="RFC9700"/> and the JWT best practices in <xref target="RFC8725"/> apply to systems implementing this profile.</t>
      <section anchor="threat-model">
        <name>Threat Model</name>
        <t>This section indexes the adversary classes addressed (and not addressed) by this profile.  Detailed mitigations live in <xref target="trust-in-receipt-issuers"/>, <xref target="receipt-to-token-binding-limits"/>, <xref target="compromised-outer-issuer"/>, and <xref target="subject-re-expression-across-hops"/>.</t>
        <section anchor="adversaries-mitigated-by-this-profile">
          <name>Adversaries Mitigated by This Profile</name>
          <ul spacing="normal">
            <li>
              <t><strong>Compromised downstream issuer fabricating prior-hop provenance.</strong>  Cannot forge prior issuers' receipt signatures; <tt>prh</tt> chain prevents dropping or reordering inner receipts.  Primary value proposition.</t>
            </li>
            <li>
              <t><strong>Token mutation in transit.</strong>  Each receipt is independently signed; modification invalidates the receipt's signature and any newer receipt's <tt>prh</tt>.</t>
            </li>
            <li>
              <t><strong>Receipt transplantation between tokens with matching visible <tt>act</tt> chains.</strong>  Outer-token signature prevents non-issuer parties from constructing a substitute outer token to host transplanted receipts.  <tt>receipt[0].origin_jti</tt> provides diagnostic confirmation in the originating-issuance case (see <xref target="receipt-to-token-binding-limits"/>); it does not extend the threat model beyond the outer-token-signature defense, since outer-token issuer compromise is out of scope (<xref target="compromised-outer-issuer"/>).</t>
            </li>
            <li>
              <t><strong>Partial-coverage misclaim.</strong>  An issuer cannot drop an inner receipt without breaking the <tt>prh</tt> chain; <tt>actor_receipts_complete: true</tt> cannot be claimed without a count matching visible chain depth.</t>
            </li>
          </ul>
        </section>
        <section anchor="adversaries-not-mitigated">
          <name>Adversaries NOT Mitigated</name>
          <ul spacing="normal">
            <li>
              <t><strong>Compromised current outer token issuer.</strong>  Can assemble a new outer token wrapping previously harvested valid receipts for the same visible chain prefix.  Defense requires external transparency, transaction binding, or replay detection.</t>
            </li>
            <li>
              <t><strong>Compromised receipt signing key for any one issuer.</strong>  Forged receipts indistinguishable from legitimate ones cannot be revoked individually.  Remediation: remove the compromised issuer from the trusted-issuer set; short receipt <tt>exp</tt> bounds the exposure window.</t>
            </li>
            <li>
              <t><strong>Compromised actor at a hop.</strong>  Receipts attest issuer assertions, not actor non-repudiation.  Companion profiles (<xref target="extensibility"/>) can address this with actor-signed proofs.</t>
            </li>
            <li>
              <t><strong>Cross-namespace subject graft with a compromised upstream issuer.</strong>  An attacker who compromises one upstream issuer can mint receipts for any subject in that issuer's namespace and graft them onto a re-expressed downstream chain.  Mitigation: consistent <tt>sub</tt> across the chain or trusted out-of-band subject mapping (<xref target="subject-re-expression-across-hops"/>).</t>
            </li>
            <li>
              <t><strong>Replay of an entire token plus its receipts.</strong>  This profile does not define replay detection; receipts inherit the outer token's replay characteristics.</t>
            </li>
          </ul>
        </section>
        <section anchor="trust-model-summary">
          <name>Trust Model Summary</name>
          <t>Trust is per-issuer and per-deployment, and not transitive across the chain.  A receipt chain breaks at the first inner receipt whose issuer is not trusted, even when the outer token's issuer and earlier receipts are trusted.  Companion profiles (<xref target="extensibility"/>) can extend the addressed adversary set; for example, an actor-signed-proofs companion can mitigate the compromised-current-outer-token-issuer adversary.</t>
        </section>
      </section>
      <section anchor="current-presenter-validation">
        <name>Current Presenter Validation</name>
        <t>The current request is always validated against the outer token's top-level <tt>cnf</tt> (<xref target="RFC7800"/>), when present, using the proof mechanism appropriate to the token type and deployment, such as DPoP <xref target="RFC9449"/> or mutual-TLS <xref target="RFC8705"/>.</t>
        <t>Receipt <tt>cnf</tt> values are historical only:</t>
        <ul spacing="normal">
          <li>
            <t>A recipient <bcp14>MUST NOT</bcp14> treat an older receipt <tt>cnf</tt> value as sufficient proof for the current request, regardless of which proof mechanism the historical <tt>cnf</tt> was bound to.</t>
          </li>
          <li>
            <t>Recipients <bcp14>MUST</bcp14> distinguish receipt JWTs (identified by <tt>typ</tt> value <tt>actor-receipt+jwt</tt>) from outer tokens that carry <tt>cnf</tt> for current-request proof-of-possession; receipt <tt>cnf</tt> records historical binding and never satisfies a current-request PoP requirement under <xref target="RFC7800"/>, <xref target="RFC9449"/>, or <xref target="RFC8705"/>.</t>
          </li>
        </ul>
        <t>The current top-level <tt>cnf</tt> can differ from the outermost receipt <tt>cnf</tt> after a later reissuance or key rotation that does not add a new actor hop.  That difference does not by itself invalidate the receipt chain under this profile.</t>
      </section>
      <section anchor="trust-in-receipt-issuers">
        <name>Trust in Receipt Issuers</name>
        <t>Receipt validation is meaningful only if the recipient trusts the issuers that signed the receipts.</t>
        <t>Trust establishment requirements:</t>
        <ul spacing="normal">
          <li>
            <t>A recipient <bcp14>MUST</bcp14> establish which issuers it trusts for receipt validation before relying on <tt>actor_receipts</tt>.</t>
          </li>
          <li>
            <t>Trust <bcp14>MUST</bcp14> be established through explicit pre-configuration, bilateral agreement, federation policy, or another explicit trust framework.</t>
          </li>
          <li>
            <t>A recipient <bcp14>MUST NOT</bcp14> treat the presence of a syntactically valid signed receipt as sufficient grounds to trust its issuer.</t>
          </li>
          <li>
            <t>Authorization servers that support this document <bcp14>SHOULD</bcp14> advertise <tt>actor_receipts_supported: true</tt> in their AS metadata <xref target="RFC8414"/>.</t>
          </li>
          <li>
            <t>Consumers <bcp14>SHOULD</bcp14> use that metadata signal as one input to trust establishment, but <bcp14>MUST NOT</bcp14> treat metadata advertisement alone as sufficient grounds to trust a receipt issuer; the issuer must also be within the recipient's configured trust boundary.</t>
          </li>
        </ul>
        <t>Key resolution requirements:</t>
        <ul spacing="normal">
          <li>
            <t>To avoid attacker-controlled key resolution, a recipient <bcp14>MUST</bcp14> determine whether a receipt <tt>iss</tt> is within its trusted-issuer set before performing any network retrieval for that issuer's metadata or keys.</t>
          </li>
          <li>
            <t>A recipient that uses dynamic discovery for receipt validation <bcp14>MUST</bcp14> do so only within an existing trust framework or equivalent local policy that defines which issuers are permitted.</t>
          </li>
        </ul>
        <t>Trust is per-issuer and not transitive: each receipt is validated against the recipient's own trusted-issuer set, independent of the outer token's issuer or neighboring receipts.  If any receipt in the presented <tt>actor_receipts</tt> array is signed by an issuer that is not trusted for receipt validation, the recipient <bcp14>MUST</bcp14> reject the receipt chain for the purposes of this profile.  This document does not define trusted-prefix validation across an untrusted inner receipt.  Deployments needing uniform trust across an extended chain <bcp14>MUST</bcp14> establish trust explicitly with every receipt issuer that may appear in tokens they accept.</t>
        <t>The trust evaluation in this section covers receipt signers (the <tt>iss</tt> claim of each receipt).  Recipients separately evaluate trust in each receipt's <tt>act.iss</tt> as the namespace authority for <tt>act.sub</tt> as described in <xref target="receipt-claims"/>; that evaluation is independent of receipt-signer trust, even when the same entity holds both roles.</t>
      </section>
      <section anchor="receipt-to-token-binding-limits">
        <name>Receipt-to-Token Binding Limits</name>
        <t>Receipts prove that trusted issuers attested particular actor hops and, optionally, historical presenter bindings.  They do not prove that the current outer token's audience, scope, expiration, or other authorization details were in force when older receipts were created.  A recipient <bcp14>MUST NOT</bcp14> treat a valid receipt chain as evidence of historical authorization scope or audience beyond what the current outer token authorizes.</t>
        <t>In the originating-issuance case, receipt-chain integrity rests on two anchors when the outer token carries <tt>jti</tt> and <tt>receipt[0].origin_jti</tt> is present:</t>
        <ul spacing="normal">
          <li>
            <t><tt>receipt[0].origin_jti</tt>, when present, signed by the same issuer that signed the outer token, and equal to the outer token's <tt>jti</tt>, binds <tt>receipt[0]</tt> to the specific outer-token instance and prevents transplantation from a different token whose visible <tt>act</tt> structure happens to match.</t>
          </li>
          <li>
            <t><tt>prh</tt> chains each receipt cryptographically to its older neighbor, so all inner receipts inherit the originating-issuance binding from <tt>receipt[0]</tt> through the hash chain.</t>
          </li>
        </ul>
        <t>Inner receipts' <tt>origin_jti</tt> values are not independently verifiable (see <xref target="consumer-processing"/>); deployments depending on current-token-instance binding <bcp14>MUST</bcp14> rely on <tt>prh</tt> plus a verifiable <tt>receipt[0].origin_jti</tt> in the originating-issuance case, not on inner <tt>origin_jti</tt> values.  If <tt>receipt[0].origin_jti</tt> is absent, the chain can still provide issuer-signed hop provenance, but it does not provide the current-token-instance binding property.  An inner receipt has no independent binding to the current request, audience, scope, or token instance; it is bound only to its older neighbor through <tt>prh</tt> and ultimately to the current outer token through the chain's single anchor when that anchor is verifiable.</t>
        <t>This construction makes coverage tamper-evident at the structural level:</t>
        <ul spacing="normal">
          <li>
            <t>An issuer cannot drop an inner receipt without breaking the <tt>prh</tt> chain: the next-newer receipt's <tt>prh</tt> value would no longer match the receipt now in the next array position, and consumer step 6 of <xref target="consumer-processing"/> rejects the chain.</t>
          </li>
          <li>
            <t>An issuer can withhold coverage only from the innermost (oldest) end of the chain, and only by beginning a new chain under <xref target="creating-the-first-receipt"/> rather than trimming an inherited one; a trimmed chain leaves the surviving oldest receipt carrying a <tt>prh</tt> with no target, which step 6 also rejects.  The result is partial coverage that <tt>actor_receipts_complete: true</tt> then forbids the issuer from claiming.</t>
          </li>
        </ul>
        <t>Coverage is therefore truthful within the limits of the trusted-issuer set: a compromised issuer can omit some or all of its own receipts and any outermost receipts from issuers it controls, but it cannot fabricate, reorder, or selectively drop receipts signed by other trusted issuers.</t>
        <t>When <tt>receipt[0]</tt> diverges from the current outer-token instance (either <tt>receipt[0].iss</tt> differs from <tt>outer.iss</tt>, or <tt>receipt[0].iss</tt> matches but <tt>receipt[0].origin_jti</tt> differs from <tt>outer.jti</tt>), <tt>receipt[0].origin_jti</tt> becomes historical provenance only and does not bind the receipt chain to the current outer-token instance.  Per step 5 of <xref target="consumer-processing"/> and <xref target="strict-mode-validation"/>, consumers reject divergent chains by default and accept them only when local policy designates the current outer token issuer (<tt>outer.iss</tt>) as a trusted reissuing issuer for chains whose leading receipt issuer is <tt>receipt[0].iss</tt>.</t>
        <t>This profile provides no in-band signal distinguishing legitimate reissuance from a re-wrapping attack by a compromised issuer.  Recipients that opt into accepting reissued tokens <bcp14>MUST</bcp14> establish that policy through local configuration or an out-of-band trust framework, and <bcp14>SHOULD</bcp14> treat unexpected reissuance divergence as cause for additional scrutiny.</t>
        <t>The <tt>origin_jti</tt> strict-equality check therefore provides binding only in the originating-issuance case (same-issuer, same-<tt>jti</tt>).  In all other cases, transplantation defense rests on the outer token's signature: a non-issuer party cannot construct a substitute outer token to host transplanted receipts.  Compromise of the outer-token issuer falls under <xref target="compromised-outer-issuer"/> and is out of scope.</t>
        <t>Companion profiles <bcp14>MAY</bcp14> define additional outer-token binding claims following the <tt>origin_jti</tt> pattern: each records an identifier from the outer token at receipt creation, with consumer verifiability conditioned on issuer alignment and equality with the current outer-token field.  Such claims provide parallel anchors against other outer-token fields and do not weaken the <tt>origin_jti</tt> anchor.</t>
        <section anchor="strict-mode-validation">
          <name>Strict-Mode Validation</name>
          <t>Recipients that have not explicitly configured a set of trusted reissuing issuers operate in <em>strict-mode validation</em> by default: per step 5 of <xref target="consumer-processing"/>, any divergence between <tt>receipt[0]</tt> and the current outer-token instance (whether by differing <tt>iss</tt> or differing <tt>origin_jti</tt>) causes the recipient to reject the receipt chain.  When the outer token carries <tt>jti</tt>, strict-mode recipients that require current-token-instance binding also reject same-issuer chains whose leading receipt omits <tt>origin_jti</tt>.</t>
          <t>Strict mode is the conservative default and the recommended posture absent specific deployment requirements.  Deployments that need to accept reissued tokens (refresh-token reissuance, introspection-and-re-emission, or token translation across trust principals) <bcp14>MUST</bcp14> configure permissive validation with an explicit set of trusted reissuing issuers, established through local policy or out-of-band trust framework.  Without such configuration, receipts on reissued tokens will be rejected.</t>
        </section>
      </section>
      <section anchor="hash-algorithm-agility">
        <name>Hash Algorithm Agility</name>
        <t><tt>prh</tt> defaults to a base64url-encoded <tt>sha-256</tt> hash of the next older receipt.  The <tt>prh_alg</tt> claim (<xref target="receipt-claims"/>) signals an alternative hash algorithm by reference to the IANA Named Information Hash Algorithm Registry <xref target="RFC6920"/>, without requiring a successor specification.</t>
        <t>Algorithm coordination requirements:</t>
        <ul spacing="normal">
          <li>
            <t>All receipts in a single chain <bcp14>MUST</bcp14> use the same algorithm.</t>
          </li>
          <li>
            <t>Consumers <bcp14>MUST</bcp14> reject chains that mix algorithms or that name an algorithm the recipient does not support.</t>
          </li>
          <li>
            <t>An issuer extending an inbound chain <bcp14>MUST</bcp14> preserve the inbound <tt>prh_alg</tt>.</t>
          </li>
        </ul>
        <t>Migration is whole-chain, not partial: chains begun under one algorithm remain on that algorithm for their lifetime; new chains can adopt a different algorithm independently.  This profile does not define rehashing of inbound receipts, because rehashing would invalidate prior signers' <tt>prh</tt> values and require re-signing receipts the extending issuer did not originate.</t>
        <t>Deployments <bcp14>SHOULD</bcp14> begin issuing new chains under the target algorithm well before any indication that the legacy algorithm is reaching end of life, so legacy chains expire naturally.</t>
      </section>
      <section anchor="compromised-outer-issuer">
        <name>Compromised Outer Issuer</name>
        <t>Receipts mitigate a compromised or dishonest <em>downstream</em> issuer attempting to fabricate prior-hop provenance: that issuer cannot forge prior issuers' receipt signatures.</t>
        <t>A compromised current outer token issuer is a different threat.  Such an issuer can assemble a new outer token wrapping previously harvested valid receipts for the same visible chain prefix.  This document does not solve that class of attack; deployments needing stronger guarantees can combine this profile with transparency, transaction binding, or replay-detection mechanisms outside the scope of this document.</t>
      </section>
      <section anchor="receipt-freshness">
        <name>Receipt Freshness and Replay</name>
        <t>Receipts are historical attestations of past delegation state.  They <bcp14>MAY</bcp14> outlive the validity period of the outer token they were originally issued for, and <bcp14>MAY</bcp14> be carried forward across reissuance and refresh as long as their <tt>exp</tt> permits (<xref target="receipt-claims"/>).</t>
        <t>This profile takes a deliberately limited view of receipt freshness:</t>
        <ul spacing="normal">
          <li>
            <t>Receipts attest hop history at the time of original issuance; they do not assert that the represented delegation is still active.</t>
          </li>
          <li>
            <t>Runtime policy evaluation, including current authorization, current scope, and current revocation state, is separate from receipt validation.  A valid receipt does not guarantee that the represented delegation has not been revoked since.</t>
          </li>
          <li>
            <t>Receipt <tt>exp</tt> bounds the window during which the receipt is structurally usable; it does not bound the lifetime of the underlying delegation.</t>
          </li>
          <li>
            <t>Replay of a receipt within its <tt>exp</tt> window is not in itself an attack.  Receipts are designed to be carried by tokens that themselves have replay-detection or sender-constraint properties; replay of an entire token plus its receipts is governed by the outer token's replay characteristics, not by the receipt chain.</t>
          </li>
        </ul>
        <t>Deployments needing freshness signals beyond receipt <tt>exp</tt>, such as active delegation status, fresh authorization confirmation, or current revocation state, <bcp14>MUST</bcp14> obtain those signals from the AS via introspection (<xref target="RFC7662"/>), fresh token issuance, or another mechanism outside the scope of this profile.</t>
      </section>
      <section anchor="receipt-signing-key-compromise">
        <name>Receipt Signing Key Compromise</name>
        <t>If a receipt issuer's signing key is compromised, previously issued receipts signed with that key cannot be individually revoked.  The primary remediation is to remove the compromised issuer from the trusted-issuer set; once removed, consumers will reject all receipts signed by that issuer regardless of their content.</t>
        <t>Deployments <bcp14>SHOULD</bcp14> set short <tt>exp</tt> values on receipts, consistent with the <bcp14>REQUIRED</bcp14> <tt>exp</tt> defined in <xref target="receipt-claims"/>, to limit the window during which receipts signed with a compromised key remain valid.  When a key compromise is detected, deployments <bcp14>SHOULD</bcp14> treat all tokens carrying receipts from the affected issuer as lacking trusted provenance for those hops and <bcp14>SHOULD</bcp14> require re-issuance through a trusted issuer.</t>
      </section>
      <section anchor="receipt-chain-size">
        <name>Receipt Chain Size</name>
        <t>Each receipt is a full signed JWT, and the chain grows linearly with delegation depth.  A typical signed receipt is 400 to 800 bytes after JWS compact serialization and base64url encoding (the upper end when <tt>cnf</tt> or larger <tt>act</tt> objects are present).  Chains beyond approximately 10 hops therefore approach the 8 KB Authorization header budget common in HTTP infrastructure; chains beyond approximately 20 hops approach a 16 KB practical ceiling.  Figures are illustrative and depend on the deployment.</t>
        <t>Deployments <bcp14>SHOULD</bcp14> verify that the outer token plus its <tt>actor_receipts</tt> array fits within the header-size budget of every component on the request path.  When introspection is available, deployments <bcp14>MAY</bcp14> return receipts via introspection rather than embedding them, to avoid header pressure for bearer-token clients.</t>
      </section>
      <section anchor="historical-cnf-disclosure">
        <name>Historical <tt>cnf</tt> Disclosure</name>
        <t>Receipt <tt>cnf</tt> values reveal prior-hop public-key identifiers or certificate thumbprints to any party that receives the token or introspection response.  These are stable identifiers that enable cross-request and cross-service correlation of actors and services over time.  Issuers <bcp14>SHOULD NOT</bcp14> include <tt>cnf</tt> in receipts unless the relying parties that will receive the token have been evaluated for that disclosure risk and the risk is acceptable.  Omitting <tt>cnf</tt> does not invalidate the receipt; it means that hop lacks independently attested historical presenter binding, which is acceptable for many deployments.</t>
      </section>
    </section>
    <section anchor="privacy-considerations">
      <name>Privacy Considerations</name>
      <t>Actor receipts materially increase delegation transparency and observability.  This is useful for audit and provenance, but it is privacy-sensitive: receipts disclose information that a non-receipt-bearing token does not, and the disclosure can be hard to retract once the token has reached recipients.</t>
      <section anchor="what-receipts-disclose">
        <name>What Receipts Disclose</name>
        <t>Receipts can expose, to any party that receives the token or introspection response:</t>
        <ul spacing="normal">
          <li>
            <t>the set of issuers that participated in the delegation chain (receipt <tt>iss</tt> values);</t>
          </li>
          <li>
            <t>historical presenter-key identifiers across requests, enabling cross-session correlation of actors and services;</t>
          </li>
          <li>
            <t>internal service identities and intermediary actors that a deployment might otherwise have kept visible only to intermediate issuers;</t>
          </li>
          <li>
            <t>workload identifiers (e.g., <tt>act.sub</tt> values) that may reveal organizational structure or orchestration topology;</t>
          </li>
          <li>
            <t>subject re-expression patterns across namespaces, which can reveal cross-domain identity mappings.</t>
          </li>
        </ul>
      </section>
      <section anchor="minimization">
        <name>Minimization</name>
        <t>Deployments <bcp14>SHOULD</bcp14> minimize receipt disclosure when full provenance is not required:</t>
        <ul spacing="normal">
          <li>
            <t>Issuers and introspection servers <bcp14>MAY</bcp14> suppress <tt>actor_receipts</tt> entirely when policy does not permit disclosure.</t>
          </li>
          <li>
            <t>Introspection servers returning a stored partial-coverage chain <bcp14>SHOULD</bcp14> set <tt>actor_receipts_complete</tt> to <tt>false</tt>; disclosure of a stored chain is otherwise all-or-nothing (see <xref target="consumer-introspection"/>).</t>
          </li>
          <li>
            <t>Resource servers <bcp14>SHOULD</bcp14> request or require actor receipts only when they materially improve authorization, audit, or risk controls.</t>
          </li>
          <li>
            <t>Issuers <bcp14>SHOULD</bcp14> omit <tt>cnf</tt> from receipts by default when relying parties have not been evaluated for historical presenter-key disclosure risk (see <xref target="historical-cnf-disclosure"/>).</t>
          </li>
          <li>
            <t>Deployments <bcp14>SHOULD</bcp14> prefer per-resource-server policy on receipt requirements over blanket inclusion in every token.</t>
          </li>
        </ul>
      </section>
      <section anchor="selective-disclosure">
        <name>Selective Disclosure</name>
        <t>This profile does not define a per-claim selective-disclosure mechanism for receipts: chain integrity requires byte-for-byte preservation of each receipt JWT, so selective omission of individual claims within a receipt would break the chain.  Selective disclosure is therefore coarse-grained:</t>
        <ul spacing="normal">
          <li>
            <t>Issuers <bcp14>MAY</bcp14> emit partial-coverage chains that cover only the outermost hops (see <xref target="partial-coverage-and-full-coverage"/>); this is the only mechanism for omitting individual hops, and it operates at issuance time.</t>
          </li>
          <li>
            <t>Issuers and introspection servers <bcp14>MAY</bcp14> withhold the <tt>actor_receipts</tt> array entirely; a strict subset of an existing array cannot validate under <xref target="consumer-processing"/> (see <xref target="consumer-introspection"/>).</t>
          </li>
        </ul>
        <t>Deployments needing finer-grained selective disclosure require a future companion profile.  Such a companion must alter the chain-linkage construction (for example, by linking against a stable hash that survives claim redaction); a companion that only adds a selective-disclosure claim cannot achieve per-claim disclosure within the current <tt>prh</tt> construction.</t>
      </section>
      <section anchor="audience-restriction">
        <name>Audience Restriction</name>
        <t>A receipt travels with the outer token to whichever audiences the outer token serves; receipts have no independent audience scoping (<xref target="receipt-claims"/>).  Deployments needing audience-specific disclosure constraints <bcp14>SHOULD</bcp14> partition receipt issuance by audience at issuance time (for example, issue receipt-bearing tokens only to audiences with adequate disclosure agreements) rather than relying on receipt-level audience restriction, which this profile does not provide.</t>
      </section>
      <section anchor="unnecessary-hop-disclosure">
        <name>Unnecessary Hop Disclosure</name>
        <t>Receipts expose every hop the issuer chose to include.  Some hops may be deployment-internal (orchestration layers, internal workload-identity services) that the deployment would not otherwise expose to relying parties.  Issuers <bcp14>SHOULD</bcp14> evaluate, at issuance time, which hops are appropriate to expose to which audiences.  Where inner hops are not appropriate to expose, issuers <bcp14>SHOULD</bcp14> use partial coverage (omitting the inner-hop receipts) rather than fabricating, suppressing, or rewriting visible <tt>act</tt> chain entries; the latter would violate the core actor profile.</t>
      </section>
      <section anchor="cross-service-correlation">
        <name>Cross-Service Correlation</name>
        <t>Stable identifiers in receipts (<tt>iss</tt>, <tt>act.sub</tt>, <tt>cnf</tt>, and any companion correlation claim such as a delegation-flow identifier) enable cross-service correlation of actors, subjects, and workflows over time.  Deployments operating in privacy-sensitive contexts <bcp14>SHOULD</bcp14> evaluate the correlation risk before enabling receipts:</t>
        <ul spacing="normal">
          <li>
            <t>An audit pipeline that aggregates receipts across services builds a graph of who delegated to whom and when, across organizational boundaries.</t>
          </li>
          <li>
            <t>Receipts from a single workflow are tied together via <tt>prh</tt> chain hashes, exposing the delegation graph even when individual hops are routed through privacy-preserving infrastructure.</t>
          </li>
          <li>
            <t>Receipts persist longer than the outer tokens they were issued for and may be retained in audit logs indefinitely; correlation risk is not bounded by token lifetime.</t>
          </li>
        </ul>
        <t>Companion profiles defining per-receipt extension claims (per the patterns in <xref target="discovery-capability-signaling"/>) may introduce additional stable identifiers or correlation surfaces beyond those listed above.  Examples include per-hop authority-bounds content (which exposes per-hop scope, audience, and resource detail), references to a governing authority object, and lifecycle-state snapshots.  The privacy considerations of this section (cross-service correlation, retention beyond token lifetime, detached-verification disclosure) apply to such companion claims wherever they share these properties.  Companion profiles defining extension claims <bcp14>SHOULD</bcp14> evaluate the correlation and disclosure characteristics specific to their claims and document any deployment guidance their claims warrant.</t>
      </section>
      <section anchor="detached-verification-privacy">
        <name>Detached Verification Privacy</name>
        <t>Receipts support detached verification (validation by parties that do not have access to the issuing AS's introspection endpoint).  This is a feature for auditability but a risk for privacy: any party with the token plus the receipt issuer's published verification keys can validate the chain, including parties the issuer did not anticipate.  Deployments <bcp14>SHOULD</bcp14> treat receipt-bearing tokens as carrying their full provenance to anywhere the token reaches, and <bcp14>SHOULD</bcp14> scope token distribution accordingly.</t>
      </section>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <section anchor="media-type-registration">
        <name>Media Type Registration</name>
        <t>This document requests registration of the following media type in the "Media Types" registry <xref target="RFC6838"/>:</t>
        <ul spacing="normal">
          <li>
            <t>Type name: <tt>application</tt></t>
          </li>
          <li>
            <t>Subtype name: <tt>actor-receipt+jwt</tt></t>
          </li>
          <li>
            <t>Required parameters: N/A</t>
          </li>
          <li>
            <t>Optional parameters: N/A</t>
          </li>
          <li>
            <t>Encoding considerations: 8bit; an actor receipt is a JWS compact-serialized JWT <xref target="RFC7515"/> <xref target="RFC7519"/> consisting of base64url-encoded segments separated by period (<tt>.</tt>) characters.</t>
          </li>
          <li>
            <t>Security considerations: See <xref target="security-considerations"/> of this document and <xref target="RFC8725"/>.</t>
          </li>
          <li>
            <t>Interoperability considerations: N/A</t>
          </li>
          <li>
            <t>Published specification: This document</t>
          </li>
          <li>
            <t>Applications that use this media type: Applications that issue, exchange, or validate OAuth Actor Receipts.</t>
          </li>
          <li>
            <t>Fragment identifier considerations: N/A</t>
          </li>
          <li>
            <t>Additional information:
            </t>
            <ul spacing="normal">
              <li>
                <t>Deprecated alias names for this type: N/A</t>
              </li>
              <li>
                <t>Magic number(s): N/A</t>
              </li>
              <li>
                <t>File extension(s): N/A</t>
              </li>
              <li>
                <t>Macintosh file type code(s): N/A</t>
              </li>
            </ul>
          </li>
          <li>
            <t>Person &amp; email address to contact for further information: Karl McGuinness, public@karlmcguinness.com</t>
          </li>
          <li>
            <t>Intended usage: COMMON</t>
          </li>
          <li>
            <t>Restrictions on usage: None</t>
          </li>
          <li>
            <t>Author: Karl McGuinness, public@karlmcguinness.com</t>
          </li>
          <li>
            <t>Change controller: IETF</t>
          </li>
        </ul>
        <t>The JOSE <tt>typ</tt> value <tt>actor-receipt+jwt</tt> used by this document is the media type subtype name without the <tt>application/</tt> prefix, following common JWT typing practice.</t>
      </section>
      <section anchor="json-web-token-claims-registration">
        <name>JSON Web Token Claims Registration</name>
        <t>This document requests registration of the following JWT Claims in the "JSON Web Token Claims" registry <xref target="RFC7519"/>:</t>
        <ul spacing="normal">
          <li>
            <t>Claim Name: <tt>actor_receipts</tt></t>
          </li>
          <li>
            <t>Claim Description: Array of signed actor-hop receipts providing delegation provenance</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
          <li>
            <t>Claim Name: <tt>actor_receipts_complete</tt></t>
          </li>
          <li>
            <t>Claim Description: Boolean indicating whether actor_receipts covers every visible hop in the token's act chain</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
          <li>
            <t>Claim Name: <tt>sub_iss</tt></t>
          </li>
          <li>
            <t>Claim Description: Issuer or namespace authority for the subject in an Actor Receipt JWT</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
          <li>
            <t>Claim Name: <tt>prh</tt></t>
          </li>
          <li>
            <t>Claim Description: Base64url-encoded hash of the immediately preceding (older) receipt in an Actor Receipt JWT chain</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
          <li>
            <t>Claim Name: <tt>prh_alg</tt></t>
          </li>
          <li>
            <t>Claim Description: Hash algorithm identifier (from the IANA Named Information Hash Algorithm Registry) naming the algorithm used to compute prh in an Actor Receipt JWT</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
          <li>
            <t>Claim Name: <tt>origin_jti</tt></t>
          </li>
          <li>
            <t>Claim Description: The jti of the outer token at the time an Actor Receipt JWT was created (the receipt's origin outer token)</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
        </ul>
      </section>
      <section anchor="oauth-authorization-server-metadata-registration">
        <name>OAuth Authorization Server Metadata Registration</name>
        <t>This document requests registration of the following metadata name in the "OAuth Authorization Server Metadata" registry <xref target="RFC8414"/>:</t>
        <ul spacing="normal">
          <li>
            <t>Metadata Name: <tt>actor_receipts_supported</tt></t>
          </li>
          <li>
            <t>Metadata Description: Indicates support for validating, originating, preserving, or extending actor-receipt chains</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
        </ul>
      </section>
      <section anchor="oauth-protected-resource-metadata-registration">
        <name>OAuth Protected Resource Metadata Registration</name>
        <t>This document requests registration of the following metadata names in the "OAuth Protected Resource Metadata" registry <xref target="RFC9728"/>:</t>
        <ul spacing="normal">
          <li>
            <t>Metadata Name: <tt>actor_receipts_required</tt></t>
          </li>
          <li>
            <t>Metadata Description: Indicates that the resource expects delegated requests to carry valid actor receipts covering at minimum the outermost visible actor hop</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
          <li>
            <t>Metadata Name: <tt>actor_receipts_complete_required</tt></t>
          </li>
          <li>
            <t>Metadata Description: Indicates that the resource requires complete receipt coverage for all visible actor hops</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
        </ul>
      </section>
      <section anchor="oauth-token-introspection-response-registration">
        <name>OAuth Token Introspection Response Registration</name>
        <t>This document requests registration of the following names in the "OAuth Token Introspection Response" registry <xref target="RFC7662"/>:</t>
        <ul spacing="normal">
          <li>
            <t>Name: <tt>actor_receipts</tt></t>
          </li>
          <li>
            <t>Description: Array of signed actor-hop receipts returned by introspection</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
          <li>
            <t>Name: <tt>actor_receipts_complete</tt></t>
          </li>
          <li>
            <t>Description: Indicates whether the returned actor receipts provide complete visible-hop coverage</t>
          </li>
          <li>
            <t>Change Controller: IESG</t>
          </li>
          <li>
            <t>Specification Document(s): This document</t>
          </li>
        </ul>
      </section>
    </section>
    <section anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>This document builds on the OAuth Actor Profile for Delegation <xref target="I-D.mcguinness-oauth-actor-profile"/>, on the OAuth 2.0 Token Exchange specification <xref target="RFC8693"/>, on the OAuth 2.0 Transaction Tokens work <xref target="I-D.ietf-oauth-transaction-tokens"/>, and on prior OAuth Working Group discussion of delegation transparency, sender-constrained tokens, and proof-of-possession mechanisms (<xref target="RFC7800"/>, <xref target="RFC8705"/>, <xref target="RFC9449"/>).  The author thanks the working group for that foundation.</t>
      <t>Individual contributors and reviewers will be acknowledged in subsequent revisions of this document as feedback accumulates.</t>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <reference anchor="RFC6749" target="https://www.rfc-editor.org/info/rfc6749" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6749.xml">
          <front>
            <title>The OAuth 2.0 Authorization Framework</title>
            <author fullname="D. Hardt" initials="D." role="editor" surname="Hardt"/>
            <date month="October" year="2012"/>
            <abstract>
              <t>The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This specification replaces and obsoletes the OAuth 1.0 protocol described in RFC 5849. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6749"/>
          <seriesInfo name="DOI" value="10.17487/RFC6749"/>
        </reference>
        <reference anchor="RFC6750" target="https://www.rfc-editor.org/info/rfc6750" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6750.xml">
          <front>
            <title>The OAuth 2.0 Authorization Framework: Bearer Token Usage</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="D. Hardt" initials="D." surname="Hardt"/>
            <date month="October" year="2012"/>
            <abstract>
              <t>This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6750"/>
          <seriesInfo name="DOI" value="10.17487/RFC6750"/>
        </reference>
        <reference anchor="RFC6838" target="https://www.rfc-editor.org/info/rfc6838" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6838.xml">
          <front>
            <title>Media Type Specifications and Registration Procedures</title>
            <author fullname="N. Freed" initials="N." surname="Freed"/>
            <author fullname="J. Klensin" initials="J." surname="Klensin"/>
            <author fullname="T. Hansen" initials="T." surname="Hansen"/>
            <date month="January" year="2013"/>
            <abstract>
              <t>This document defines procedures for the specification and registration of media types for use in HTTP, MIME, and other Internet protocols. This memo documents an Internet Best Current Practice.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="13"/>
          <seriesInfo name="RFC" value="6838"/>
          <seriesInfo name="DOI" value="10.17487/RFC6838"/>
        </reference>
        <reference anchor="RFC6920" target="https://www.rfc-editor.org/info/rfc6920" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6920.xml">
          <front>
            <title>Naming Things with Hashes</title>
            <author fullname="S. Farrell" initials="S." surname="Farrell"/>
            <author fullname="D. Kutscher" initials="D." surname="Kutscher"/>
            <author fullname="C. Dannewitz" initials="C." surname="Dannewitz"/>
            <author fullname="B. Ohlman" initials="B." surname="Ohlman"/>
            <author fullname="A. Keranen" initials="A." surname="Keranen"/>
            <author fullname="P. Hallam-Baker" initials="P." surname="Hallam-Baker"/>
            <date month="April" year="2013"/>
            <abstract>
              <t>This document defines a set of ways to identify a thing (a digital object in this case) using the output from a hash function. It specifies a new URI scheme for this purpose, a way to map these to HTTP URLs, and binary and human-speakable formats for these names. The various formats are designed to support, but not require, a strong link to the referenced object, such that the referenced object may be authenticated to the same degree as the reference to it. The reason for this work is to standardise current uses of hash outputs in URLs and to support new information-centric applications and other uses of hash outputs in protocols.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6920"/>
          <seriesInfo name="DOI" value="10.17487/RFC6920"/>
        </reference>
        <reference anchor="RFC7515" target="https://www.rfc-editor.org/info/rfc7515" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7515.xml">
          <front>
            <title>JSON Web Signature (JWS)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <date month="May" year="2015"/>
            <abstract>
              <t>JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification and an IANA registry defined by that specification. Related encryption capabilities are described in the separate JSON Web Encryption (JWE) specification.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7515"/>
          <seriesInfo name="DOI" value="10.17487/RFC7515"/>
        </reference>
        <reference anchor="RFC7519" target="https://www.rfc-editor.org/info/rfc7519" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7519.xml">
          <front>
            <title>JSON Web Token (JWT)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <date month="May" year="2015"/>
            <abstract>
              <t>JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7519"/>
          <seriesInfo name="DOI" value="10.17487/RFC7519"/>
        </reference>
        <reference anchor="RFC7662" target="https://www.rfc-editor.org/info/rfc7662" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7662.xml">
          <front>
            <title>OAuth 2.0 Token Introspection</title>
            <author fullname="J. Richer" initials="J." role="editor" surname="Richer"/>
            <date month="October" year="2015"/>
            <abstract>
              <t>This specification defines a method for a protected resource to query an OAuth 2.0 authorization server to determine the active state of an OAuth 2.0 token and to determine meta-information about this token. OAuth 2.0 deployments can use this method to convey information about the authorization context of the token from the authorization server to the protected resource.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7662"/>
          <seriesInfo name="DOI" value="10.17487/RFC7662"/>
        </reference>
        <reference anchor="RFC7800" target="https://www.rfc-editor.org/info/rfc7800" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7800.xml">
          <front>
            <title>Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="H. Tschofenig" initials="H." surname="Tschofenig"/>
            <date month="April" year="2016"/>
            <abstract>
              <t>This specification describes how to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of- possession key and how the recipient can cryptographically confirm proof of possession of the key by the presenter. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7800"/>
          <seriesInfo name="DOI" value="10.17487/RFC7800"/>
        </reference>
        <reference anchor="RFC8259" target="https://www.rfc-editor.org/info/rfc8259" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8259.xml">
          <front>
            <title>The JavaScript Object Notation (JSON) Data Interchange Format</title>
            <author fullname="T. Bray" initials="T." role="editor" surname="Bray"/>
            <date month="December" year="2017"/>
            <abstract>
              <t>JavaScript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format. It was derived from the ECMAScript Programming Language Standard. JSON defines a small set of formatting rules for the portable representation of structured data.</t>
              <t>This document removes inconsistencies with other specifications of JSON, repairs specification errors, and offers experience-based interoperability guidance.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="90"/>
          <seriesInfo name="RFC" value="8259"/>
          <seriesInfo name="DOI" value="10.17487/RFC8259"/>
        </reference>
        <reference anchor="RFC8414" target="https://www.rfc-editor.org/info/rfc8414" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8414.xml">
          <front>
            <title>OAuth 2.0 Authorization Server Metadata</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <date month="June" year="2018"/>
            <abstract>
              <t>This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server, including its endpoint locations and authorization server capabilities.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8414"/>
          <seriesInfo name="DOI" value="10.17487/RFC8414"/>
        </reference>
        <reference anchor="RFC8693" target="https://www.rfc-editor.org/info/rfc8693" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8693.xml">
          <front>
            <title>OAuth 2.0 Token Exchange</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="A. Nadalin" initials="A." surname="Nadalin"/>
            <author fullname="B. Campbell" initials="B." role="editor" surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="C. Mortimore" initials="C." surname="Mortimore"/>
            <date month="January" year="2020"/>
            <abstract>
              <t>This specification defines a protocol for an HTTP- and JSON-based Security Token Service (STS) by defining how to request and obtain security tokens from OAuth 2.0 authorization servers, including security tokens employing impersonation and delegation.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8693"/>
          <seriesInfo name="DOI" value="10.17487/RFC8693"/>
        </reference>
        <reference anchor="RFC8705" target="https://www.rfc-editor.org/info/rfc8705" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8705.xml">
          <front>
            <title>OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens</title>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <date month="February" year="2020"/>
            <abstract>
              <t>This document describes OAuth client authentication and certificate-bound access and refresh tokens using mutual Transport Layer Security (TLS) authentication with X.509 certificates. OAuth clients are provided a mechanism for authentication to the authorization server using mutual TLS, based on either self-signed certificates or public key infrastructure (PKI). OAuth authorization servers are provided a mechanism for binding access tokens to a client's mutual-TLS certificate, and OAuth protected resources are provided a method for ensuring that such an access token presented to it was issued to the client presenting the token.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8705"/>
          <seriesInfo name="DOI" value="10.17487/RFC8705"/>
        </reference>
        <reference anchor="RFC8725" target="https://www.rfc-editor.org/info/rfc8725" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8725.xml">
          <front>
            <title>JSON Web Token Best Current Practices</title>
            <author fullname="Y. Sheffer" initials="Y." surname="Sheffer"/>
            <author fullname="D. Hardt" initials="D." surname="Hardt"/>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <date month="February" year="2020"/>
            <abstract>
              <t>JSON Web Tokens, also known as JWTs, are URL-safe JSON-based security tokens that contain a set of claims that can be signed and/or encrypted. JWTs are being widely used and deployed as a simple security token format in numerous protocols and applications, both in the area of digital identity and in other application areas. This Best Current Practices document updates RFC 7519 to provide actionable guidance leading to secure implementation and deployment of JWTs.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="225"/>
          <seriesInfo name="RFC" value="8725"/>
          <seriesInfo name="DOI" value="10.17487/RFC8725"/>
        </reference>
        <reference anchor="RFC9449" target="https://www.rfc-editor.org/info/rfc9449" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9449.xml">
          <front>
            <title>OAuth 2.0 Demonstrating Proof of Possession (DPoP)</title>
            <author fullname="D. Fett" initials="D." surname="Fett"/>
            <author fullname="B. Campbell" initials="B." surname="Campbell"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <author fullname="D. Waite" initials="D." surname="Waite"/>
            <date month="September" year="2023"/>
            <abstract>
              <t>This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks with access and refresh tokens.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9449"/>
          <seriesInfo name="DOI" value="10.17487/RFC9449"/>
        </reference>
        <reference anchor="RFC9728" target="https://www.rfc-editor.org/info/rfc9728" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9728.xml">
          <front>
            <title>OAuth 2.0 Protected Resource Metadata</title>
            <author fullname="M.B. Jones" initials="M.B." surname="Jones"/>
            <author fullname="P. Hunt" initials="P." surname="Hunt"/>
            <author fullname="A. Parecki" initials="A." surname="Parecki"/>
            <date month="April" year="2025"/>
            <abstract>
              <t>This specification defines a metadata format that an OAuth 2.0 client or authorization server can use to obtain the information needed to interact with an OAuth 2.0 protected resource.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9728"/>
          <seriesInfo name="DOI" value="10.17487/RFC9728"/>
        </reference>
        <reference anchor="I-D.ietf-oauth-transaction-tokens" target="https://datatracker.ietf.org/doc/html/draft-ietf-oauth-transaction-tokens-08" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-oauth-transaction-tokens.xml">
          <front>
            <title>Transaction Tokens</title>
            <author fullname="Atul Tulshibagwale" initials="A." surname="Tulshibagwale">
              <organization>CrowdStrike</organization>
            </author>
            <author fullname="George Fletcher" initials="G." surname="Fletcher">
              <organization>Practical Identity LLC</organization>
            </author>
            <author fullname="Pieter Kasselman" initials="P." surname="Kasselman">
              <organization>Defakto Security</organization>
            </author>
            <date day="2" month="March" year="2026"/>
            <abstract>
              <t>Transaction Tokens (Txn-Tokens) are designed to maintain and propagate user identity, workload identity and authorization context throughout the Call Chain within a trusted domain during the processing of external requests (e.g. such as API calls) or requests initiated internally within the trust domain. Txn-Tokens ensure that this context is preserved throughout the Call Chain thereby enhancing security and consistency in complex, multi-service architectures.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-oauth-transaction-tokens-08"/>
        </reference>
        <reference anchor="I-D.mcguinness-oauth-actor-profile" target="https://datatracker.ietf.org/doc/html/draft-mcguinness-oauth-actor-profile-00" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.mcguinness-oauth-actor-profile.xml">
          <front>
            <title>OAuth Actor Profile for Delegation</title>
            <author fullname="Karl McGuinness" initials="K." surname="McGuinness">
              <organization>Independent</organization>
            </author>
            <date day="30" month="April" year="2026"/>
            <abstract>
              <t>OAuth deployments increasingly involve agents and workloads acting on behalf of human users across organizational boundaries. Existing specifications provide relevant building blocks (notably the act claim from RFC 8693 Token Exchange) but do not define a consistent profile for representing delegated actor relationships across JWT assertion grants (RFC 7523), JWT access tokens (RFC 9068), and Transaction Tokens, nor for classifying actor entity types or signaling support between authorization servers and resource servers. The result is inconsistent actor representation and actor- representation interoperability gaps that force deployments to rely on proprietary conventions. This document defines the OAuth Actor Profile for Delegation. It specifies a common act claim structure extended with sub_profile for entity-type classification, processing rules for authorization servers and resource servers across the three token families and their Token Exchange inputs, and OAuth discovery metadata parameters for advertising actor-profile support. The profile applies uniformly across token types and integrates with existing sender-constraint mechanisms (DPoP, mTLS). It does not standardize the policies by which systems determine whether a given actor is permitted to act for a subject; those decisions remain deployment-specific.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-mcguinness-oauth-actor-profile-00"/>
        </reference>
        <reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2119" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8174" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="RFC9493" target="https://www.rfc-editor.org/info/rfc9493" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9493.xml">
          <front>
            <title>Subject Identifiers for Security Event Tokens</title>
            <author fullname="A. Backman" initials="A." role="editor" surname="Backman"/>
            <author fullname="M. Scurtescu" initials="M." surname="Scurtescu"/>
            <author fullname="P. Jain" initials="P." surname="Jain"/>
            <date month="December" year="2023"/>
            <abstract>
              <t>Security events communicated within Security Event Tokens may support a variety of identifiers to identify subjects related to the event. This specification formalizes the notion of Subject Identifiers as structured information that describes a subject and named formats that define the syntax and semantics for encoding Subject Identifiers as JSON objects. It also establishes a registry for defining and allocating names for such formats as well as the JSON Web Token (JWT) "sub_id" Claim.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9493"/>
          <seriesInfo name="DOI" value="10.17487/RFC9493"/>
        </reference>
        <reference anchor="RFC9700" target="https://www.rfc-editor.org/info/rfc9700" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9700.xml">
          <front>
            <title>Best Current Practice for OAuth 2.0 Security</title>
            <author fullname="T. Lodderstedt" initials="T." surname="Lodderstedt"/>
            <author fullname="J. Bradley" initials="J." surname="Bradley"/>
            <author fullname="A. Labunets" initials="A." surname="Labunets"/>
            <author fullname="D. Fett" initials="D." surname="Fett"/>
            <date month="January" year="2025"/>
            <abstract>
              <t>This document describes best current security practice for OAuth 2.0. It updates and extends the threat model and security advice given in RFCs 6749, 6750, and 6819 to incorporate practical experiences gathered since OAuth 2.0 was published and covers new threats relevant due to the broader application of OAuth 2.0. Further, it deprecates some modes of operation that are deemed less secure or even insecure.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="240"/>
          <seriesInfo name="RFC" value="9700"/>
          <seriesInfo name="DOI" value="10.17487/RFC9700"/>
        </reference>
        <reference anchor="I-D.mw-oauth-actor-chain" target="https://datatracker.ietf.org/doc/html/draft-mw-oauth-actor-chain-01" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.mw-oauth-actor-chain.xml">
          <front>
            <title>Cryptographically Verifiable Actor Chains for OAuth 2.0 Token Exchange</title>
            <author fullname="A Prasad" initials="A." surname="Prasad">
              <organization>Oracle</organization>
            </author>
            <author fullname="Ramki Krishnan" initials="R." surname="Krishnan"/>
            <author fullname="Diego Lopez" initials="D." surname="Lopez">
              <organization>Telefonica</organization>
            </author>
            <author fullname="Srinivasa Addepalli" initials="S." surname="Addepalli">
              <organization>Aryaka</organization>
            </author>
            <date day="15" month="June" year="2026"/>
            <abstract>
              <t>Multi-hop service-to-service and agentic workflows often exchange OAuth access tokens across a sequence of actors. OAuth 2.0 Token Exchange permits an act claim, including nested prior actors, but it does not define interoperable rules for preserving, extending, disclosing, and validating a delegation path across successive exchanges. This document defines six actor-chain profiles for OAuth 2.0 Token Exchange: Declared Full Disclosure, Declared Subset Disclosure, Declared Actor-Only Disclosure, Verified Full Disclosure, Verified Subset Disclosure, and Verified Actor-Only Disclosure. The profiles preserve the existing meanings of sub, act, and may_act. They add explicit profile selection, a stable workflow actor-chain identifier, profile-controlled actor disclosure, and, for verified profiles, actor-signed step proofs with cumulative commitment state.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-mw-oauth-actor-chain-01"/>
        </reference>
        <reference anchor="I-D.liu-oauth-chain-delegation" target="https://datatracker.ietf.org/doc/html/draft-liu-oauth-chain-delegation-00" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.liu-oauth-chain-delegation.xml">
          <front>
            <title>Delegation Chain for OAuth 2.0</title>
            <author fullname="Dapeng Liu" initials="D." surname="Liu">
              <organization>Alibaba Group</organization>
            </author>
            <author fullname="Judy Zhu" initials="J." surname="Zhu">
              <organization>Alibaba Group</organization>
            </author>
            <author fullname="Suresh Krishnan" initials="S." surname="Krishnan">
              <organization>Cisco</organization>
            </author>
            <author fullname="Aaron Parecki" initials="A." surname="Parecki">
              <organization>Okta</organization>
            </author>
            <date day="7" month="June" year="2026"/>
            <abstract>
              <t>RFC 8693 defines the act claim for expressing delegation semantics in JWTs, including nested multi-hop actor identification. However, act captures only the identity of each actor in the chain, not the authorization constraints applied at each hop, and is constructed unilaterally by the Authorization Server without cryptographic confirmation from the delegating agent. This specification defines the delegation_chain JWT claim as a structured delegation record companion to act: an ordered array of delegation records, each capturing the Authorization Server's attestation and, when present, the delegated policy constraints, and optionally carrying the delegator's cryptographic confirmation. Together, act and delegation_chain provide both runtime authorization and verifiable delegation lineage for multi-hop agent delegation. The specification supports cross-domain delegation by composing with the identity chaining transport pattern, and integrates a user interaction mechanism for explicit consent when required by policy or regulation.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-liu-oauth-chain-delegation-00"/>
        </reference>
        <reference anchor="I-D.liu-oauth-authorization-evidence" target="https://datatracker.ietf.org/doc/html/draft-liu-oauth-authorization-evidence-01" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.liu-oauth-authorization-evidence.xml">
          <front>
            <title>Authorization Evidence and Audit Trail for OAuth 2.0 Access Tokens</title>
            <author fullname="Dapeng Liu" initials="D." surname="Liu">
              <organization>Alibaba Group</organization>
            </author>
            <author fullname="Judy Zhu" initials="J." surname="Zhu">
              <organization>Alibaba Group</organization>
            </author>
            <author fullname="Suresh Krishnan" initials="S." surname="Krishnan">
              <organization>Cisco</organization>
            </author>
            <author fullname="Aaron Parecki" initials="A." surname="Parecki">
              <organization>Okta</organization>
            </author>
            <date day="22" month="June" year="2026"/>
            <abstract>
              <t>This specification defines an authorization details type for including authorization evidence and audit trail information in OAuth 2.0 access tokens using the Rich Authorization Requests (RAR) framework. When an Authorization Server processes user consent, it enriches the authorization details with cryptographic proof of user confirmation, supporting accountability, compliance, and dispute resolution in scenarios where autonomous agents act on behalf of users.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-liu-oauth-authorization-evidence-01"/>
        </reference>
      </references>
    </references>
    <?line 971?>

<section anchor="examples">
      <name>Examples</name>
      <t>The examples in this appendix show decoded receipt contents.  Real receipts are compact-signed JWT strings carried in the <tt>actor_receipts</tt> array.  The <tt>iat</tt> and <tt>exp</tt> values shown are illustrative only; in deployments, receipt <tt>exp</tt> is set per <xref target="receipt-claims"/> and <xref target="extending-an-existing-receipt-chain"/> so that no inbound receipt expires before the outer token that carries it.</t>
      <t>Both examples below illustrate the explicit-disclosure pattern: receipts include <tt>cnf</tt> to demonstrate historical sender-constraint provenance.  Per <xref target="receipt-claims"/>, issuers <bcp14>SHOULD</bcp14> omit <tt>cnf</tt> from receipts unless the relying parties that will receive the token have been evaluated for the associated disclosure risk.  Privacy-conservative deployments produce receipts that are structurally identical to those shown but with the <tt>cnf</tt> claim omitted.</t>
      <section anchor="example-two-hop-delegation-chain">
        <name>Example: Two-Hop Delegation Chain</name>
        <t>The outer token carries the following visible actor chain:</t>
        <sourcecode type="json"><![CDATA[
{
  "jti": "d3a1b2c0-9f4e-4a1d-b8e7-12345678abcd",
  "iss": "https://as.travel-provider.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "act": {
    "sub": "https://tools.example.com/booking-tool",
    "iss": "https://as.travel-provider.example",
    "sub_profile": "service",
    "act": {
      "sub": "https://agents.example.com/travel-assistant",
      "iss": "https://as.enterprise.example",
      "sub_profile": "ai_agent"
    }
  },
  "cnf": {
    "jkt": "ToolJKT"
  },
  "actor_receipts": [
    "<receipt-0>",
    "<receipt-1>"
  ],
  "actor_receipts_complete": true
}
]]></sourcecode>
        <t><tt>actor_receipts[0]</tt> is the newest receipt, created by the travel-provider AS when it added the booking tool as the new outermost actor:</t>
        <sourcecode type="json"><![CDATA[
{
  "iss": "https://as.travel-provider.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "act": {
    "sub": "https://tools.example.com/booking-tool",
    "iss": "https://as.travel-provider.example",
    "sub_profile": "service"
  },
  "cnf": {
    "jkt": "ToolJKT"
  },
  "prh": "0QvKZr5A4XW7N9LQW0u4e7z8k2Kqz6I7xL4V4Vh2nRc",
  "iat": 1776745200,
  "exp": 1776832000,
  "jti": "c8e29c11-0c3a-4e6f-a0a6-30a52c4a8149",
  "origin_jti": "d3a1b2c0-9f4e-4a1d-b8e7-12345678abcd"
}
]]></sourcecode>
        <t><tt>actor_receipts[1]</tt> is the older receipt, created by the enterprise AS when it first added the AI agent:</t>
        <sourcecode type="json"><![CDATA[
{
  "iss": "https://as.enterprise.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "sub_iss": "https://idp.enterprise.example",
  "act": {
    "sub": "https://agents.example.com/travel-assistant",
    "iss": "https://as.enterprise.example",
    "sub_profile": "ai_agent"
  },
  "cnf": {
    "jkt": "AgentJKT"
  },
  "iat": 1776741600,
  "exp": 1776832000,
  "jti": "1d4c4d30-fb6d-4172-b7eb-775b6b9c2b85",
  "origin_jti": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
}
]]></sourcecode>
        <t>This example shows the key provenance property of this profile: the current token is bound to <tt>ToolJKT</tt>, while the older receipt preserves that the earlier actor hop was bound to <tt>AgentJKT</tt> when it was created.  The <tt>sub_iss</tt> claim on <tt>receipt[1]</tt> records that the subject identifier <tt>https://idp.enterprise.example/users/alice</tt> is interpreted under the enterprise IdP's namespace authority, distinct from the receipt's signer (<tt>https://as.enterprise.example</tt>, the enterprise AS).</t>
      </section>
      <section anchor="example-transaction-token-service-rebinding">
        <name>Example: Transaction Token Service Rebinding</name>
        <t>Suppose the booking tool exchanges the access token above at a TTS, and the TTS rebinds the issued Transaction Token to an internal workload identified as <tt>https://wimse.travel-provider.example/payments</tt>.</t>
        <t>The resulting Transaction Token can carry:</t>
        <sourcecode type="json"><![CDATA[
{
  "jti": "f0e1d2c3-b4a5-6789-cdef-012345678901",
  "iss": "https://tts.travel-provider.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "act": {
    "sub": "https://wimse.travel-provider.example/payments",
    "iss": "https://tts.travel-provider.example",
    "sub_profile": "service",
    "act": {
      "sub": "https://tools.example.com/booking-tool",
      "iss": "https://as.travel-provider.example",
      "sub_profile": "service",
      "act": {
        "sub": "https://agents.example.com/travel-assistant",
        "iss": "https://as.enterprise.example",
        "sub_profile": "ai_agent"
      }
    }
  },
  "cnf": {
    "jkt": "PaymentsJKT"
  },
  "actor_receipts": [
    "<receipt-tts>",
    "<receipt-0>",
    "<receipt-1>"
  ],
  "actor_receipts_complete": true
}
]]></sourcecode>
        <t>The new leading receipt created by the TTS is:</t>
        <sourcecode type="json"><![CDATA[
{
  "iss": "https://tts.travel-provider.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "act": {
    "sub": "https://wimse.travel-provider.example/payments",
    "iss": "https://tts.travel-provider.example",
    "sub_profile": "service"
  },
  "cnf": {
    "jkt": "PaymentsJKT"
  },
  "prh": "C4zv2FK0kPjxzJz8F7G3mslmbb0TQmVQvls0gA1lV3Q",
  "iat": 1776747000,
  "exp": 1776832000,
  "jti": "8b1ab6d1-c345-4bd3-8af2-f302d54444b7",
  "origin_jti": "f0e1d2c3-b4a5-6789-cdef-012345678901"
}
]]></sourcecode>
        <t>The inherited receipts for the booking tool and the AI agent are carried forward unchanged.</t>
      </section>
      <section anchor="example-partial-receipt-coverage">
        <name>Example: Partial Receipt Coverage</name>
        <t>When receipt support is rolled out progressively across issuers, downstream tokens may carry coverage for only the outermost hops.  Suppose the enterprise AS has not yet deployed receipt support, and the travel-provider AS has.  The enterprise AS issues a delegated token introducing the AI agent without a receipt.  The travel-provider AS exchanges that token, adds the booking tool as the new outermost actor, and creates a single receipt for that hop.</t>
        <t>The resulting access token carries:</t>
        <sourcecode type="json"><![CDATA[
{
  "jti": "b6d94f2a-3c81-47e5-9a0d-5f6e7a8b9c0d",
  "iss": "https://as.travel-provider.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "act": {
    "sub": "https://tools.example.com/booking-tool",
    "iss": "https://as.travel-provider.example",
    "sub_profile": "service",
    "act": {
      "sub": "https://agents.example.com/travel-assistant",
      "iss": "https://as.enterprise.example",
      "sub_profile": "ai_agent"
    }
  },
  "cnf": {
    "jkt": "ToolJKT"
  },
  "actor_receipts": [
    "<receipt-0>"
  ],
  "actor_receipts_complete": false
}
]]></sourcecode>
        <t>The single receipt covers the outermost hop:</t>
        <sourcecode type="json"><![CDATA[
{
  "iss": "https://as.travel-provider.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "act": {
    "sub": "https://tools.example.com/booking-tool",
    "iss": "https://as.travel-provider.example",
    "sub_profile": "service"
  },
  "cnf": {
    "jkt": "ToolJKT"
  },
  "iat": 1776745200,
  "exp": 1776832000,
  "jti": "9b7a4e30-2c1f-4d8a-9b5e-f0e8a3c4b6d2",
  "origin_jti": "b6d94f2a-3c81-47e5-9a0d-5f6e7a8b9c0d"
}
]]></sourcecode>
        <t><tt>prh</tt> is omitted because this is a single-element chain.  <tt>actor_receipts_complete: false</tt> signals to recipients that the inner AI-agent hop is uncovered.  Resource servers that set <tt>actor_receipts_complete_required: true</tt> in their Protected Resource Metadata reject this token; resource servers that accept partial coverage validate the receipt-attested outermost hop and treat the inner hop as carried solely by the visible <tt>act</tt> chain, with no independent receipt-level provenance.</t>
      </section>
      <section anchor="example-reissuance-without-a-new-actor-hop">
        <name>Example: Reissuance Without a New Actor Hop</name>
        <t>Suppose the access token from the Two-Hop Delegation Chain example is introspected by an introspection endpoint operated as a separate trust principal from the originating travel-provider AS, and re-emitted as a JWT for an internal service.  Re-emission does not add a new outermost actor hop; the visible <tt>act</tt> chain is unchanged.  Per <xref target="reissuance-without-a-new-actor-hop"/>, the re-emitting issuer carries the inbound <tt>actor_receipts</tt> array forward unchanged and does not create a new receipt.</t>
        <t>The re-emitted token's claims:</t>
        <sourcecode type="json"><![CDATA[
{
  "jti": "f4a7b9c2-1d3e-4f5a-8b6c-7d8e9f0a1b2c",
  "iss": "https://introspection.travel-provider.example",
  "sub": "https://idp.enterprise.example/users/alice",
  "act": {
    "sub": "https://tools.example.com/booking-tool",
    "iss": "https://as.travel-provider.example",
    "sub_profile": "service",
    "act": {
      "sub": "https://agents.example.com/travel-assistant",
      "iss": "https://as.enterprise.example",
      "sub_profile": "ai_agent"
    }
  },
  "cnf": {
    "jkt": "ToolJKT"
  },
  "actor_receipts": [
    "<receipt-0>",
    "<receipt-1>"
  ],
  "actor_receipts_complete": true
}
]]></sourcecode>
        <t>The receipts are bit-identical to those in the Two-Hop Delegation Chain example.  Two divergences from the originating-issuance pattern are visible at the outer-token level:</t>
        <ul spacing="normal">
          <li>
            <t><tt>outer.iss</tt> is <tt>https://introspection.travel-provider.example</tt>, while <tt>receipt[0].iss</tt> remains <tt>https://as.travel-provider.example</tt>.  This divergence is legitimate under <xref target="reissuance-without-a-new-actor-hop"/>.</t>
          </li>
          <li>
            <t><tt>outer.jti</tt> is <tt>f4a7b9c2-1d3e-4f5a-8b6c-7d8e9f0a1b2c</tt>, while <tt>receipt[0].origin_jti</tt> remains <tt>d3a1b2c0-9f4e-4a1d-b8e7-12345678abcd</tt> (the original outer token's <tt>jti</tt>).  This divergence is also legitimate.</t>
          </li>
        </ul>
        <t>Per consumer step 5 of <xref target="consumer-processing"/>, the consumer treats <tt>receipt[0].origin_jti</tt> as historical provenance rather than a current-token binding because <tt>receipt[0]</tt> diverges from the current outer-token instance.  This example illustrates the different-issuer pattern (<tt>receipt[0].iss</tt> differs from <tt>outer.iss</tt>); the same treatment applies to the same-issuer pattern, in which an authorization server refreshes its own token and the new outer-token <tt>jti</tt> differs from <tt>receipt[0].origin_jti</tt> while <tt>iss</tt> matches.  In both patterns, trust that the divergence reflects legitimate reissuance rather than a re-wrapping attack rests on the recipient's local policy regarding which issuers in its trust set perform reissuance under this profile, as described in <xref target="receipt-to-token-binding-limits"/>.</t>
      </section>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA+297XLcRpY2+J9XgZUj1qS3QJMS9UVO9Dts2W6ru21rRHV7
ZycmTFQVikSrqlADoEixHZ5r2WvZK9vznScTQJGy1fNu7LwzHd1iVQFIZJ48
eT6e85w8z/e6qluWp9mjH8633XV2PuvqJntbzspq07XZAv74qlyWV0VX1evs
TVPflOtiPSsf7RXTaVPejFz4aG9WdOVV3dydZm0335vXs3WxgsfMm2LR5avZ
1bZar8u2zesCrs4LvDpv5Or86Giv3U5XVdvCU7u7DVz4+ut33+ytt6tp2Zzu
zeHmp9njo8fP8qPn+dHJXrVpYCRds227x0dHL48ew/iasoDPLsrZtqm6u0d7
t3Xz/qqptxv49MdymuGw66b6u71aV8/q5aO99+Ud/HR+upflGY0O/zG3ScC/
aLj4j41NCP4l49+Dj7YlXJ895HFZxi/46EcYX7W+yv6AF+Hnq6Jawuc0hn+u
ym5xWDdX+EXRzK7hi+uu27SnX36Jv8OPqpvyUH/2JX7w5bSpb9vyS7rDl3jl
VdVdb6dwbViBL3cuCbzgolqWeO0SJr3t/HPtkkO+72FVP+huu3+kUnB43a1g
fvYKmjhcDhhEli22yyXL0p+KZpl9N/uD3IS+hVcv1jLJIDTrebkp4b/WHX1b
8pRuttNlNfvn93C9e4dZvdrbW9fNCi6+oeV7+82rZ89PXto/nx7pP188eaH/
fPlYP33+9Php+Kde9vzZs8f6zxdH+tsXj5/qD16cHJ/oP5+9fKL/fH701P75
WP/58sSG8/L5YxrD6/wrWnWZw64p1i1MJLx/3tXvy3WrP9q9Jqd7e9V6kbz9
yxMbz8vnPHa60210h9l1Ua31u2W1lS/p4zxsnP4vCr8l8vKmgoWa4UgODw/3
9vIcNtq0hReadXt7766rNgM1sl3BYsJ2XFTwJtmQ7plkxTqrN3jPYpnBqm5A
ImDLhb2ayTuTepMBlnO5GU9a1l0XHVxMUwKfwd9l9LQ37hZBQx7CK3ZZte6a
er6dlS1ddknT9JPK9WU2WxbVCoaZtdXVGh68KZv8ut6o/sho5ngE8BHooja7
va5m1xkoxG3ZZMV8DleVBXxyU7XVFIZBj8jgJhN79eUdvGfZls2NjANmEH5U
zWBWunqTL8ubcpldztaLy+ymWG7hJm1bzyqai9sKpwJHgAMDZfy3ctbhPMCG
WtZ3vAhVO1vW7baBCa1hQ93hzM+zZbV+3+q7wJPrqxKe3mRtjR9WmwqubbMZ
LBI8tUJVDuOsap4Ct0g4hHqLU7C8Q73Y1kv4V1av6WVAqzc4CPgF3JsWTaYH
1iAWlmLZ1iYxq7Ir4JkFDZUWqt2UtF2yTdGAXoHb8blXzG/KpoP5hWfjj0EY
2u2K/vJ6CiZns6mbTiR2Vc3ny3Jv7zNQPiwFdGiA/D5EfrKff75/q/7yCxwN
7+FdeNFx18AhfmeyALIThNrEGU6Vq2uQOdgQK3gQCqVIIkzYuc0yTALcClcH
zs+5bAOSxymsBXy+rruJLsK0aGGi6wX94VeiWNbrcpLBBFaLO15eFKQWxmYa
GddyEa1ltIqfaMvTJNNbwK5Jn5/svyB8MCVfF2HDhevhObbV6HL4yPYtrqXu
mTO3A5oCd5psqZJfE4YM+wb3SklyWMN9rov2miebdxL+QvcI/HUFX7Qd73se
2Octn2XtNXwPdktLsl/CXOHQshm8JYy+giNg74sMflBuaACx0uDVrUQkzuyX
eIjclKxD6D4wPbBg8J9N3bYl2WZZtQ6v9Hmb6hW62axomrvBLT6By2fL7Rzl
7j7l1OKPs7bETdqVYe2c3mxBZsxyhdWCGQ23+uOP71jaeWazdgUaEu7X4QuZ
UsCbgrog+YYbi3yWH2BwOEiWvf2ffxbL4JdfJhn9gQf3L78ciJ5oynjDZmSY
ZqsatuWZ06Atyiy+FgggvERbbxvQe6SxG7Bk6GO+dF6D5YKny8Ws3sAOh30B
Q4Zbo+xk//YVr/cfahw7juF7OE/pr3/f/4yFIb/CP3P4Ml/X8tfBIeqpV/X6
BjVIveZrv8KNVtHfrLZAsLJbOoUeffeXi3ePJvy/2fc/0L/ffv0vf3n99uuv
8N8X357/+c/2jz35xcW3P/zlz1+Ff4UrX/3w3Xdff/8VXwyfZtFHe4++O//X
R7wXHv3w5t3rH74///MjlrlIwTcogdkUVR8IKkgs7Zd2D1591lRTnqXfv3rz
//zfxyewYP8brNjj42NYPvnjxfHzE/jj9rqUnVevQcL4TxCAu71isymLBu+C
UjMrNlUH8we/bbP2ur5dZ3DAlTCbX/wbzsy/n2b/NJ1tjk9+Jx/gC0cf6pxF
H9Kc9T/pXcyTOPDRwGNsNqPPk5mOx3v+r9HfOu/uw3/6H6C3yiw/fvE/fre3
t/eX9RK0QVbjKX9btSDBcKJWi6qcT9SmKpsVzNQWFBfM2GyJJgBMXuQRsdhP
0n0AP5vN8PaiNZtyAb+41j+vwNyFW12KhfITfXzJiyh2F39EQrJtSS7kLCGp
cHuZLnLbGZVpsKazd3yywW/6n17AWCsY8/67dxcH44+611aHh/KeW9TLZX2L
Oofnzm6ZCj+o9ugsPN07hdNclCMqPT67OvTdUK+l2h/1J4p1ajLwsQCj+YGO
dXpNvDcOzq8I6qn+fOzDk3P2JvCO8Jt6U/zHtjzgU5Ct2SIxeOGtggUKk4+j
B6NisyVzEQ+RcWsa3gFl8kyeo2bPNZy8eFXVhOMYtMO2wdm5qYrEAtxvyxKW
iS09MAqib0G/w6C+4qNgy2fuoqlXNCp9Exhzm4GZojY0vlYXzqXsFftKPI+g
U0FtzPuvBC9b3NE7V7zkRZjseMSwFzYwWtQ934YT9I2d2b8HgweGq0+0wzyf
8hdZ26EBDgddQaIAskLnebUq2WeAz25xz4I1yKvyI2hFcUtwg1cgXKQccfH8
VIA1wMe3eDvlf2zpbBd7Ycj/kOPWmYFzHhCbVPBw947BLtFXqdC8ExeWDMFg
aZzhOOc1mI9gvsrLiC3HNg5YNjn8x1k2NdhVYpSzXRfs1AbeBZYY5vwVmJpL
OG0yW194YlNclbwNQZDmdJLiGrLQ4304jIWva0Ip5lckBTRjbXJFb/e2qQ0m
ln0wI2GeYe+ohII9iVarWaOwkCxENId6e5zuvb2vPxT4fu3wkVstl1t0z2kK
6dRcwSxv1+BKkB6hhYdDkowq2HNly+MRk5aUflduxNcmz4Qn0/mYt/V2OYcN
BaKHtspbvDVaJtfVRmXpFdhbsVOVug4V2e3lhw5UAi3t4oF+FnlGLI40RtDA
u1x6U/ZoDbDNTad/EkZwURNYFZFjno9mi7OtbhG+GK+zjOjMbgkjGdxIstnQ
dNEdMmFrJhVifi3bReHWaBzg7UWLsTjVdLyizhdVHDtSZKWiJ2VWPhqNbNPf
HeoRZdI+r2kfwssvi1kZ+SROesWZcZ/AFWgH8xqQrQfWcFPgdclEwhTqi4aD
TT1luHHwExpWBHPeqJHWyJbFnXp/6BFPvTs2vRMnjK1mF9qg30tUgLeNLF/P
p+XIhKolOApIfkSLko4BK2gFFk41a1lqzTjBo6BY3w2cvb0rOSil/jMKA8vm
uCCf6dfOjmDFiqMgB1SuoF9qWMqCJOwsopGAOoUlr27taGjpKhdtelBQBhVA
XwPwO7/219hpm0+LloTSFhTvzybpwHXi2GHAlny5+bwhuxbU5xLOOHwVjIHM
yQKYdaSVxLX+4ovoTl98IVZGG22584sc5gd+t0THzZ28EjRxZ6+ogHgu4Nhb
8mKCB7zU0zZ2G2HnU7TNH6Q6ANiocuCxxC6WvKfhp+cXn9vPYC+Wt9FhjN+R
Mj/kl9XdA++pIUYVlRmMt01DebQjOAzS9uIg7RZs5xsKZ+G14vFO6+16XoD9
A4fGqriTnY+KabFdZsWCAhuoAVblHIUoa+9AA4GlPAXTBCYQjyGQU9INuFUa
PFYw9sVJJTRdcBJkm7I/PUOTjmJWYGHQjMMmx4BYVcquFsVFZqVZwbxSsAdQ
Qmgi42UDLbmp4SPUg/5sw9dCRVtWuGITeOXueoKDXfMnLFqmqcAxQw00br5O
aMorOsfxXhbNIAMStyLpSTYY77d1hx4eTFLyAOHG5GKwsc3R9BDcuMVjMJmL
ilVdcYM5K1kb/t3wAlQt6bOqQQMABhRvWBkVOUYUsiXpznFnbUFkr8vZ+xbN
nzUfiI1X+jgMFqh+qFE1MtwIhXBe/Z2V8uy6Ri9vWna3pbvfJF0HVmM4RTmd
vY3qI7CTyaejCTvT6CrdFI2UKLoOBwpZK/OmwjeY3ql1zefM57pTFqggMbk5
YVMRBgd/6BRXSwwNw2Yelkkxycgs2c7RmF8nKyDTL/EqVgphmMNK+QdSQSGs
nX8tuZ0Mk5x7exdoklKkFnbwCjZgsS5rWLFysaDNyO6FS7pmmhyiZfaJmjMK
0IBSXizgkeKPhSMXZrcCPXfHBjjKmd1pyUoH3vf2uuZ8BIerwWGTFEIbpNYl
x+CdxXwcyIPBycybhGxOPhlz1Y3b1XbJ5jJpoo6tU2e+o5NAm7SDW5GkXKMq
AzdRovMSqbaXkDNjKJRy5m0SeTX3WJz7ar1F6aBTjay5rNYx4xg4Ksim/bZD
/2hKwVNWfGpQ2liqri2XC29c0cjj9aBYnbvqlM0JeCkQaA5T8EsMHxe8tdrY
DnPvOQdRndFBJ9Fymh26LbuIEjbHYPmE772u3buSldrB8sEDMrVwKbPViU3e
kg2kC8GDumrq2+7a5OK+DCfIiOb1TC/Hv+QVNLlBhQ1LhpqsU927JdvqLfqU
MbTgLdt/LZwvIPxr8P0mEtnanZ+FUZGLNGeLoAWtgq59U+P6wKbWV3a7Ut6C
tovYd/xWol/pERRRoshTsaYYoeU2mlLfkMwDUGY5B7qj05+2bdHG2nt615W5
2h5zUdSYdOIIjORVQDYuN8315SRJPspuUMmLhMWnfCTqgcEDcHPZrEJnwf18
hQKBQ6O4AL1PEDT2YFpNyLSDNiWZkWe4yPDhFe8kFIxbxoPkBCKhZOuWIxOJ
Jw5mGU4wK6honDA/oF1JR2fjKQIOOFJCgPV74uezGWJ23nAGLdh6qBaGU9Nn
0X3uTfhYAniz7TrRhatsWszec77MXGSXymTHAkOn8Aq3sEawgKvIN6vvyTr3
RaGNZYE9GQy80MPAraKs58NyQ8NuPc2ZGN+5hBvoaEdlSOm9VT9gPqEDm8Sl
ndUoSWLR4to06GhgbKZCc97iLTw983lsm0tmmDzgGx9SYJuf7ppmyLzuZPMM
N/v6quQQAUX4zRNdwHrwbKlXDM+/wo2AzwvGhM8Hik1JTyETHOTEwsUSZJNY
ueWzdogvhxr0RHWpajgLMH9jMSoKsYoKcFk7vgf50CERGBZAXe0JrQWebiDC
skxwQ3D8ujp/ezG0rOmt0/WzgLwLm6WxnDiKwyuC9+J14CWh1YmXZMLHnf46
cSVjl0f8BI/rCPfk6zBu1onFtKyvqplsePBJaN4pyEdrOQMzqPEagGYtSDQN
jN96WS1K8ogxCl3RqyM2BM35kD9wEWqZARjuDExfnE/BrnDwZ1GFF2OTUbxO
ey/xi+SyHHR6+WHTcFA4L8y9bWFLqwLghWONjRObBVgRXkQfUZh1KU6NDcV8
XrFl+faSgHFXUOBR3/byb111yRkumL6rav0TfSBa0/A2tHWcQ8H2PRwTTQGS
tZ2htMdvQPkoWCC0eHAFQUBwb8He2aKPTaYle9m0QAyjG7wvuwVfhYd/UymG
S3Te560E/VtY/9KZeSHUbYEW1cNqKdMmaks001+DRMDeaQpJM/EEihXRd0bB
/u6qTWpumcDvTO61fKxRBKcCk5kPgUmQnGXZRUaGnjM9M6PqWOmope2ObIXh
3ItygvlbFDBnGA2RM9Uin+yqcgT19VoszPFJScE7MqyK7UByYDW+KwpiEQk4
R7ImA5o1aNViiXCiO7Zy7jTkH8x9B5fB8wkV/DXij9QGWJUFiijFfgZDtbh0
kgWfgn4oqyuMJUzLBZ22cwYHSUSZTU2MyldX24bfgQz7VBbJBpbpmIFJKrko
8sh5dkiGT5MUi1yxojhWqXnA1HuHVbMxoJLnKc7lYkSmgDHBQ63WijaTr1H7
kFHrV3Na3tUwC+Dyw3I0BABcl1d1V+nmkJ2COgnOKzhA5/zGeoarDQ77jiSc
E1d+X+P6tqC+eHboqEvPXIxyDW4umrpVRXaBy+GzI5lGSHyKGTc+bAS/8OZX
z9klOw3io7POPjSnT+XnUfC1RgsiaH8eEcx4U+KvUaZyEb68yNflrTj5sI85
EfzNFieYRJ/gDxgI0ytdBAnmoF3c8RRtGSjhkqTszJSg8QjSaVJCo5FzgOPE
7FxP2LzmtJzE9eBjejN+22huNXXB8Qifp6YMs8dLrWBqrygrSnm4pl5VLUsN
iMN1jcmg7ItgU3+hQr4opg2FijA6MWRQy3k6LsjinLqn5qRF5Bc82+8oyMOm
yMhQx3UlPUEu5hCpGuDJ8XYm1v2G8koU9tWtsSrR2qlasIfDHojF/rO0euKH
Gzw5ylvYEQob1PlXT5ncYnWQRD31QYewj2/5vcjdHEcgCuDJ7C06ddZzSQia
TzO36RkwNzneDnv7bhe0T05v88RMsFpv1/XxBhTy+9B5SDFFFAOWGIdSqaJq
GTijQsMeiaFkVMjRWgpBt2E4BfsBNN+EroBhISyRNPsNwTBiRxWmvBTXnrCd
VdOyrV4v56XLZYYgxHbNBvFcA8qE7yBtxjl3C07ZATOQ9VQl4MQY5CJ5p387
+vdLl7m3LESQEZ+2nfQuP+5fjj85xIvEjcSQjVcQGCClmcp8dgIfihUZ9ib0
Dmfw6uRqcpTxaovB3TA2mLJF9UEtlehKeOKPbNs7y1X2YMtP8vjRZU1SRuhz
dmbEQomi1uWavQYDGAw4klFCOJLg8DTKXPDZ1t2xtbygIM85G3sJnklVQysA
6NRi4rirnhSYTyYdLzZSeFLP8acs9rJklzm+MfgD1x0G5P4avEVKMZqG0OdV
MBd3kpm7dvnzch5H+DjhzpmVMBJUE5RwmZWbjhI5HOs1j5SW5Mz+ju1tzW20
jDgQb7kcM3knyW1ZQvUzsT7xnbwi4jWgmCDpZoUSRJrhFcE2fv4sqT8jNfPL
3l7v95Uq4yFg8UKd1uHqkYG4D4eEMEG7o0rlsD8ORBcpLhPFby06DVYaTbf1
VasAdv6Tp3kqE4zPmqED1VQgJH93QuLS/U6fRxDGaKbyv912AvMjsMyPEeyE
Qu+ierPMw0umaPNsOpAPde3oK8IP0RBpPr1fFAJDiOTBa/nWZ+7O04CoozyQ
aHBV7xyuJ/Udf3qWjE6MqWyFC4bHhKR/15G68ige0FWg0JOMeRSWDE+wjfZx
2tHjYvb2XgfUgB58qYwQNI+eSCgTRu0UUeGHSijH20aEtC9+P6ke7clhNq3r
JXhqblMMnmYkJ5dgEpaXEx90V5gqbZ8+NKUmP4J9LQdU2wGAO0TJe2cpIJdT
ljycvHZ0BmE2wix5jD3F6EG+VdCc8bWYKmQ1vgXXbtmRkJENfEk/CJOnwx7Q
Cw9Dp6Fd/ErxNnLG9cKo9ADwXHNCE+K5RWnxCdcQ2MZGIF52whgjgwQEDA9Z
XFn2WnarONroo47JxmlGy2uGJxhcuLvtCNajd4JLAAqPZlAe3HKhGcYStRau
AePKKuw+ZhQLkP7+MDSibAZAlv0An3c2ZSy7sC2nFlkhhxrNCjitGECXXcrd
KX4fBk+SgTISAe9g8inpzYazSn9kA5hzgiU2HI2PUqJ8qvCQcXTyGuMABvVe
eM+kEG8D86VbjfayM8CkFFGsMHdEmRVMAcrUGqP8mCYOolMEzX18j7t8VmwE
pJBzaoGkjYSCw67Rw4c9LVI33zA+LTnL/Qm1t0dHYsmWE8r68PkenYLBKuKE
6x9/vBg5QRk89vT4KW2Wzz7L/vjDxdfZt2UBRxK7K/TBNX1A523iFDrEKG9g
Ria2d6sVpqRn4D9cYd1JHsJql8XySlyxPoATvzxFFxckFG217LvzVwKJC/eE
36CReb066z38srvbXDpfheU2mt7/A6aXq7xkM9q176v5ZeJ1Nlas1oZAbIQ1
waw8j+P8X8OtwKMFfY6empviM7fh5Fwlf9IlBciVl6tl1uHpXQIGlm9YUYoy
tf1DRi0llx2G38M+k0EUGzaqKQ0NBgkd52g7z8rWqk2wnltlxHDj5NiKmMCl
m+JuWRfzITEJKGTJz+nOmpbL+nbCpAOc/N5sG1AkHI3/LHuthaL6sEt4EzrD
tRxpIAChaU/yCXljeCvbMlERijyOaFQa6re8RxyLots2dlSTI4ojsxCDRRwt
wBrfCOkA2g0iiYN3hgOjO7XbKahZ3ryskCiSHGbtbszw0eR9d1trckUAZxYb
lgmlKBlmkwilgZ/B0NTOcfikSSovwfOBZ1i+gxMclKhDJ0nNZ/4YKwVodgof
+OE5PHXwTzRENFPg4vBiYQXFTW6b19xn6dNsPYoHTvfYMMKFG62P9yXMmptz
YXJxMFsVjtanVtlXd3gEB/VLV+gazP6WUZENmKhWKCur5kB9MrlSPyYvTsgS
0wpYfR3L45r9/z7eCa1nmpL+LnMBNfyFSDttOsxnqpcQwcN8UQw8hKs0DHAl
Y6+GthfZsPANHg67FtGSjDimQ3drGqOGLWl6e4lVFBCrBwrh7Ajd7E9Uoivw
JZs6f8PDo6m5QrOBtVDRmUPxDv8YuoZ8a4o4uuqjZAy02LizRzLClRMnNkc/
IkfMU6g5QZ+Y5qfhv9z6t72ny5EiCTjeqCuBDlG5yFkkcEFKpZiAnGcG7lkM
mw1WGmaYNF1PGyPb2yzAP+lR4dy9dyPrxKsYyp0ikVKl3vqFJyGOgwf20FTZ
y+GEwfuHiHC0erfFXfAtD4fufq9uczI6eGRw9HIaIiA6rSPSyTBkD6kSUdKj
yWMnUU4l0oHuEXruVIO3IBAZ/pMBsJGwaMRdj+pE+vWINvkpl9W0lCJ7MjWK
bLEs1OzJN8ttm+tLsZ+0KSo42lZV09SNHrP7NsWTMHkHHNtcR4nq3ixOosgP
zaHmH+fZhTz5ddA6bN6HAhlkrfnll9MQCWQzSUDFEjWhgeuWkzNqHsDQfpLi
OAsm7/X1C5scljWm0+CzKlm33+Tpa/JKt3SK0VK4gE99daYSdwp2P2nvNP+Q
2rqUaf23o38/tD1qTkJ8q/SIw1XljHw97QofGtJc547NMi7aE1ZyBBp1iSVf
uMLRasGfBs82VyuQ0waq7GTihxRe/Er2SxYll2cbO6+thILj0hSrSoyDc0Vs
0NlE4sJ5HN2q/FcUVb031vy52Fp5LVqejg53B3O3TNNFNpD+1Dtm8kubhLFA
qnCBDH9ZRIWGtHnoxpRk5E10XU0r3ohZcVODnVWsptUVQ9fFanMZG6w81Gwj
c31opuBN/cYHEnTX0LycDaYt7UboW62v2mDFaI0z0oSwPOzjF64K82CiFTC4
g2rUAz52wpUhhArg16m3aJWeB5CD6K0N6vmu2+WqGHuL1WniOgXSCjsRo98I
HAHOGzD7q474omyuidCCiYH42ghKEK3QTusXHc9dlemwBfA+vUgyIWOklFuJ
W/rEDcioNpB50Mi31JzH2zas0HjB+ZBtTdepAbwzx+2q0E3HMk9NOFRCOQ/e
XUo00wJ1B/D8lQXqvWgpbr0QWaEV9EjKCKISGKGsAO62WgoO96Z0c0cFcVPc
iOrRzm1Qrs7TZfmbqn1/RhkfCrryUEJycm3oOT9LLE7EoZD9uVq/L65KkB9E
+CfyA2J2U2FaRd8LqZV6YkJXRrkxjI49O9k2S/AbZzUtpqHQEX4Ef++7INSB
ShAxN8m/zy9evX6d1bOu7Fwpt4W9R5JvdEajmRbBCyxHwNX8ePU2xCJpdjV+
FyxZq3v4iaKD+7BpCgy3cZbn4tvz/PHTZ3xShV9h5JOsVkHbaJ5seCAuHaeH
lYZVDcQQHABkbnPgOHbDJTtHxUX0qIlLAtLKHPLa0viS9f0W53vg1ckp6E8N
FQhitJvnz25PJ9JfJbSjhnVT3K4Dscfr8+/Ps0ffgz0yz167fU0jOLcnvC2v
EDV390gIZV4+PsICAJ4DCY7fls0M5Ivs1cCGc9leF7ggaCfjP5+8OFH+Gvzz
6fFjGCkNtOdayMLilNpd/G+jTCz7XXzU83TdKeVYmCiOmc7q5ZJrD3EYcJdq
VTDOu8JYqBSodHDuFYhmj1MiyUDOl8vIk7aCpxHSk4jdgJy2IKNiY7W15gSG
2QRNTsPeLQNdX3hZBUcqMJTO4ooSomBZoIHESTLnD7V3YLRgOPcUlXMs6W3t
4fEmxjx0EnM0PtuQidWDN8wZpybxdC7nHMzC8V9dpzs9VGiF2QiRxTVme8xm
L8Nz1N0RGLKIT8vnbeCcxKG3buy0F2KEq4WgVZuoKBI8kX7KypUe6W3aWE2g
mSIpKH0cp8SCxIKEYplJuVig2SrnU0FstEFNMuckVkF1KncG/uOiNoEOqJcg
jycjgeBMoTCJggzyszAJFFdgx+I6YJXwOHqH1Qm4vn9ZV3DsEhXt3iXI1WDQ
j37cDURHXA3DZNDUeYqEZagTYT3TW3/9YVMJkJmeEHx9uvnuG9J80V1NCWJO
lSgJXVBS0u94W/gty+iq+FCttqu0VoOyFnfeESW7gVeaOIxgxisxtGyMqST7
ihckHoxxd6RL2PC0zDvnUMsVxbqp7pr3ksjEUOKYXlu8Jn0by5PmyXsFU7wf
Nu/BfxBFOfSiNONfheo0TSeJeKno2YtKHosGusFP5z4SNk+9d/odGCkm9nmx
zpXB0NKiUqvMIHLYF/Q+eZiRWUFbHIGwhRqZRbUky80FZ1aVzFFuc2Srx+/D
yvXiGqu++NaihWpXj7+sFPlzCyY0Fu9tKZCkPGEe5uvD2vgbdPeEnAUVXV0x
TdXvS3oFjjBQlUzhKoCFyBSsPBwqFWlwhjxdlv5SFkFgPfi+u9ugN7DELHuj
xrF/ML886dKC61sD0g4kTa16m8eHQtFhcsAjwacQhJXLia59lQyoDCwQ6kUZ
tqSvvPH0UWoDdR+Rw+VcJhMcOleVxA81pkGl9KGCpSHe2Ih+LOwZrx3Z0Q4e
OD/N3+YgSTu22aL6wK6dxQTxXoT4ZiqRMNWRI5XsLRo2CgPH7kOkzx5UeM9Q
Io7wnizIcXguVv0iKsvlne5rXPLEL0QHM7pSwz394WrGrKFhYfqq/ICpNN6P
DMBykTyK4jnCseTFQ07MXeOLz8Yvxa+9BYrv0Pr7XA6+haheNFSEkPcd5xLT
jZXbwqFxPeTymrvrB4zuD9lJwYmlRC2lFIXLxTDlsvLKlvw24XpSlE1Uwpvr
0AM/3ZrgmDOuKVXUAl8aja1ex/NjQUUvQBaKwUvOHPumlw87GfmgpJCTRruN
XiCpoloWyJpCwSw/KH0LqY24yyJy1QDR72p5f7kgJ+XeiqVheLUI94FQHP+s
AWza0x3YNClG5snNaXLt8KF7+8mcV6HMHsftrsqDwWEa7usPJDzz7EK4YAJ6
otjOSb8lbKp9hBr7Avhz1v967vn4UpuyPTO6iwwftx/CawscPaK0ZvIDte8R
OCIFtWej4kOeRVJI7s4BjiOlKSKewjZ4yXoHN4PZ1Rb+ZdNsuJfsQhbmyeFL
jsCieYOglTUxSby20ALPWBSeEmdAhUOxHEM8I8jrQuSBGkyzmHExRZ/QE2UF
sDO4AAwQ8rNq8xOK6tW1d8BQExhFFqmghBgquTsa9+4Feh0iRTMVwqSr26TB
7xwujy1PBwOVMAbsa4wRIwfWrAYz6e/GxmgO1NgD2KQtrpA6onS06x2RqMqE
R9ilPInH/ZiAvnj+FThvU82RhQ3xjVTsbazVyCqTUgpGxlULTiAJn2MSKFsJ
ERghLpU8t7LAFUUXlCEpDCNOfTBXCKfris6HTB4eH3xgRLD8gGFADQci5Eug
+vQ9pu4wGCjDPAuvH43el+gmgTp5X42ER1G17+vsjxc/fC+78vHTl0RatK7X
aLVoTLJi6EFF1jQ78/hOZfuwV8o1wklIyovo7QYjnUXrCW/dK2j2lGeU+IAp
iKhLkdNSlPN0JdDtEE44y13A7dA6Y4IB0HK3qNCHI1GylSwsIMXfvfUiJhq4
VY7/OCO/F84S21M+Vqo0ESmSGPEjIk4TF/puZdoXQvUYZWKaUoBLLRMMfyaH
DnKgygkhqGAlsdKdfA3+FR0N/SLdYTJnJbeWjTwJbUWEX1ZYg3ooYq3lCnWY
u6sZCVAp2qLrgQrNKaH3j4vUPdSL6Tep4C459ERR4qFGSIuPNYCdh19GcQCw
S8ifAGsHrs2pVlBdbabqfKA/7jCD9oasnNrIQpr8SkOctxYeuKMWNHdRsI90
U/GqhbV6sHvqdRSFvy1gGpll6FWBLwxH4oqVuBgZwcbY5R5MNIo3HVjVALSi
e13SDfirevgKGAJSZzHf59hMD98Wv/J1GczoSybQoO0qsW62XNiwhqOQS+vp
xAFDBG1qfXshNSRMkps/PpFfiRTSld+gFOoh3duK4VROqwLIlt69Sdd1iJD2
lSdmAtlTkMrYqMaHbCDNb9JD1iEqPKyKueBJTa227h3jDjmvXon9ZOAdAtSd
Al4MTQk0njoTfQBLcuEwUkJvNfBww7ZbdfX48zAhStAuUP2Tfp21fP/byqjP
2LVEq19XKbp/mkVPNEqoA/clADQ1fqMMT60EBsSqicrSE787zHpkxZii9AIk
zPljlWL7xWDJNZLNUAnf8UEkqw+vc5KZRBBX45/YZkpcu5aKQ7LJPqJ0aSKV
D4MlqlJF8LVPcXyt3WqstgDf8decxVQ4GHqIufTJ8D7FV4OteHwoyxVl5JK4
tjaVumOAa6hV6/NH36tCheXFcefAFCPCFS0+cQPE2Dvce2yjYxJAMhe4p1I8
QgumV5yAKppl5UGJ4+F31P/66Kg7FJmbo/H8oUC+uLAUyo7K49Jk1FAo3oyT
oVk78+sZmZYY6G/5TKLTho5wLQMh2iECAjpXnx9EcZpjF/4QEBLGnKTfEiin
2fu8fQ9CtyoaDNuSctAK6KZq6zUXSYAM4352bQrkHagYhO7Q1UtQbxZhGAkN
4REeCo+bupgTDTbGQj9NrmV6x5XCTA05CC7E0dKTDveeqPjFjkW6EJFX4Zkl
TvR6OUPJ6aK2eLFrqCGckf19uPfUDYSoX8XrDLdQvW0+uRzGzyIrNf6WNwsY
uFiiPQlnZXJgf66+jTzDe8uxZzwIlNERrtGV0Zt/UO2PoZsP94Bl1gTo+G04
mb3nh9l9b8gX9WZSkAyI7IxxAnoc2i/lgKKUPPxyX8RG32go/2464eDQ58GF
zU+Jiaw/wVC220U+eoompivDlTuT/6VwCCksh99i7gtJcn7umoEc7r1I5294
l41VnxPcJK4ydgHUONOvoYX7ypU12OD3gUt8jxmUlDi8agqhrhQRwfXVEmEF
V5ALxJNE3wiHKsbcQmkvmAncN5I1fZxtoMriXUXFA06kpDuldL1XhG23kwWQ
KhfHNTWJBEXQNYVVIOtpi1O8ru0Bawo1hgrmgxCQQm38kPpxx+v2SaylsB9s
GLSjOFZF7cdgOTC43qzko67Bliq4Vy3HUmBhP5Zpk3CHxD66KemZguelOyxj
Z0jHoIl2spVWnPbTaHG13gY/vGd5Wau6GI3AUIW2V+nuM0W6FjRCF+93NS4l
1nQwB6oqX09HLl2sNR5sUYMfLWrwPewYLtb+tt746ZcoFv3VTphNZ8nxpajL
lbZXyUt6n8J5qfSEucAQR7amuIaGM7rXiDU7zQ7duLI68l19fJZPZetTNvIU
p754z/Ye56qm5RZ2suoW6w/RGfbarkZYW1l8UCcpb4Xbx7r/nb6fN/Vm4OkY
XGNMjVP/1lGUf8M1wksOrqlG7CH9wgy48kLnuOIJu1zmsH0xR6HpqCK7ojYI
tPqIvpNUKjjA0sQzSh9oBzWaBTuLdhrE93bESOTATa0TLR3AiHBVFMeQcUWQ
M++mEl+Yp74iU2XMkI+HxZy8fX8ircXhTgPBRUozL61K2Rn64VzepHy/Wu5Y
tkkVaMdCMIU9Ijnk8CpWYBsXEIUz977aoQjkKN7bzhWV+gVN58eKx72DFgpS
DorzYqEAKT4FVf2oukLJRDUX89bfHXCmitxS3FDtwPwa5Wm/TZGz0qg3jqvN
dJWmmSlQQkjQ6cOo4hDlU05uJ2CJkqQjGfOq3FWc9ZpVxdLxQOm0B4ewMeEp
ktIn/xkjEpwE/rPJYBmAqL5cVZ/l0McqNMit2NkucK2gUlG4wpcYtzt85yLP
Y2+A8DPGo/J7xyydU0GigYpCrBocmZZs7aRhl67hxDU9V1buOG3a1hkWImkp
/kAvTyYfIixzoCN0RzMdhWNKglLuCETH+DP+g6OM5OhOAohZk8k0ZwZKSqpP
Bt5lu+G8FrUrSPdD1JWNzyp8IWkil3bHUrxUYGrSrhLbdUHLykqT12W17SQO
GhrD5TpOEQgcwA9oTIk6aK3slPJ1EUOmrilNZCjhvl+nsuVP+vF/vnqM5MJh
KFzbm3986gb32G0NdiosecML5CA6uKBY84RSrq3WvlKqDeVKDhvoiy9Ox/I/
Dq0ykNtDQt9Iz6+z4YZJGXUclFBYYQ3JBW4J/sAavDXC/onBavgyLkF92PmB
l7NlLOuSUIZbJ0OekQs4rR44GZTaGg44crH2/Smv8ZmU5Fc6k4OpZiEqlopq
fDfP+Xwq/gj/xvPVMmZNyuco73t+QYMOWQNUmJJe4B05sBH3R23pg4ypozMH
NFxGomupVJ/moG6wD036UTh1dJpTDt2EgbQNhYEyINFgmCYSjpOwr3VjxbjF
eWhj7Pauv06QyiCIt43QTcCdsPuKdgxJ6b58j6heazJCEn80YPBtxITtRsdE
XQheQt+24OO12aXNwvFiJOPKla1kFNZMdMSnVgRFwG/3KwZ6OO7dZQGhYohj
EyDLvn1oYCaPeuxpwjZiSXdJUCfAI36IK8oMtfsq61F/7xH6dPKBI/J0y8Ej
IeaWJ1Jp1geN6JzvguxwU1pBUwqe+fwAP/cM6bspz6mgQTqUqvKI3od4jM1L
T50dbzX5XK+lRX0Jg56uaVqVvO0Z9lqrLf31cIlBM8RCNL2ChF6dCJndYSwP
stGzIiaY4R5fJRYRCeBK5xR88tB5pOeo0Bz9aNazvmPo2cLWDmPPmaDEl1wJ
CQQ/qceOTNGEDjGwsQksEXHMN2EnPKsg7vGfCtRxZ1gMz1+O1UbRXuaE/uyz
7I38Tvt606iQ+t8+SbkX0yek96UtPNz/KArXM9XYlTAkpK8fmK4YRceJZ3MD
LO2sDgIekJaCxmbx9S1mx1lnFCFKGMriQHCWEjb8OKZaHgTzgNPd+xHX9n21
IQgnmQ9R5MPlwBitPpBUp9v21fMo/7eC7Hv04WkkVuQyZirtLSBCBz9BxFQr
lDyh586JnvSCueA+3CJSsTZLk+aKrtnnquoDFgeCpHE7mBViCd1uEwUSX02u
ZBsfC0p3BQc2r3G4CU8lec96mlwxwEj7DknjSKSi1aakWhv6lS+jCrjbqOUn
F6a6cip8luQFeAMFF1kyW+IwSnmQtqvAeTgF0ZqVA98Gi51+FyCHO6vD7KyO
AOi+l6JUzRc+5Co5bxKxqbqX22CqDPXiCnSu0dSUvZlRxnuyMdhaG4vC/qQh
RqoavI+YlU/jAF31G/Cwj/0mBAnTIMcBC4++obgr2Sp9hmTvgq1K6gzlKkME
JPor6ZN7bRGMYpp7HrnhGpOza6sU0nnjIX41eVuf2xumno4fEfjsHY10ummj
Dq+Svi/J9i6FmDxKxMWMk73JVld2iQv5DeVgqNFo6PA8yeLuemoPr+v+3YwB
XElkhNDRhtmOjnMx9GwBgCltlEB8QfYiWihXG2HcUElvZscDJaJwdn8Skvgf
lTuT4yGjx4PuyWHmdiwYH0VYvy2nWkR5vuNnDFnSJoLm8oYQJ5H9Fe+VtCV8
MZbD5hCvw1LrW7Eniy4nHBo8aw9vT9OvH32Ydbpf3wupptN/FwyVbk6FoO8u
3AQ0ZQj/XlMQCdfSRcl3xqrPetgAH22O1sDwkYILlCqyfQfY7DsOB9o6vBeu
CB5dFTVOjBqmBt8lLdhKOSFD7ZGJL0d0tR4Ix9cTwJbLG7rweW6/txaYanka
UaeEavriLKFqemMMSbi6pkAfFZDUobAh+/mzobCKyy5PgiXIB2jI36e6CPRx
xeXoPRlieFTZMLMaWgVWWIRYN3TZj0OrlX4jPbR3GoWEkGXBsb+7zS5OQIYo
vh5hJ1f6FwogWWwRNxrWbbo6ib6zRq6aJm+phsa1b6GSS6WUpMB5YlrDR2+4
vyd8b+bJd0lf2EBrk6jUYGUUO5Li7mcfxRc/OGHekAh8uimfuQKIqiFOGj/j
tFirKZlZHBxfFUsUDUy/SyxBBIsER5eoaoUnEnwG2tLWLxexlWQXG2t4KFsl
+plY3rLjY8YP/tUhVwfafiwcERppZ8XjcdXXQKuYHTcMkzhwZ7qf9PxgaKK/
E+lE6+ZpqsyUEQcF+r7jUFOVuIrndZ85YKQNSnqUTyLYr8cScn9HhVO6MprR
sZ1JNl9faOKxclKE/1TD4RyREneisoY92K/mdC/LiJ8E7C8lPuLaMg71hpqz
M/3l2EuEqqhf3XRSwNSi9hhTjo0kO4zj4jkE03yDdldtekTova3VA3zDTP4y
WtTFS4E5eNoOSyPEw0eqyqGMgd3/8m+379uftk11KSWMJ8cnaDaEdqb9+YjZ
0dxvrLqLTkCt6w0kD2PJDr41+UP0C2MkDU1Fw3L5E4JqBxUFObqivlcEs/A+
vBWE6HXj4HO8F3o8cpxF+Z55Y9IPf03jiIFX4N4RsosGe0aYbPxD2zYMDg6R
6MqEkhpAlHDUBk0wScRsSHEd5TwipYdneOtrOyV7dsntBsjmh/9BFqgofS4F
LQODUnY7K9QeYoDeNRq2NIOCDkNTmt5JzFkb0vtc9+wouNLm0vcqHs8symk6
ZbCdaMU7+Yme61UDIuFbI4qlZ2kQQ6ZPJjOAEHAj0c5SurbW8f5Y6YYttCcc
MmwLxzejGfWnikayJ8LXRge3vnNoN+yqI5QMlQK0uP04PotBOBjdn71RhRFe
jhYbmGyeCVIk7Ae11fTp0x3VFEm1A4YaPshMuP5QoQqilablBbEvsOMtWQar
BGHmRDwZYMP9B4cOXBLkUFcrrUg8hSmbXeMdh2lqEhiA4OzTdPVvoKRxNh9V
Ke8ujN1PwmhxUezBb+HMGTNVUOA5Sy3lKBYq3MnRorCa3Wwz7KqNzY3xFXXs
nRqvJaZE1ss7sac/8mUJOpAsgWRX2L4eNdoCSZAzorF66GMmps/JluwHtsgr
SqFz2OBhzEOWjusNcbBAYijvNC/5pNbK9vFexfuuPvmAt6hGt3pQRt/tQML4
fHyCQe5r5p0dlK6pAubvz8azIWsqtA4wYL/tJz0JiKXLrRcJGlUTidcQxYGI
07G4Ks069ia0fzoJFZPV9tk8zqKr0ROKeW2tEIkupTIkDuX0+CkeVkU0yeIq
okDtOVZHZCMsEqbUIFAJsnyIFZViZngHqiequgNE7a6Q9SwPw3V3m6qvWQYT
iV6c3ihcYo0112Ui+5r1ODMmVKHeJTZB+XbwXoMPTuiGe+W+z4OYiEOWR0hp
ExMv4FagvbuOObSJSs8Tq+m+/wZKkh8P4vijBjEykOOPGkhvMNbOORQF9r1y
OSrtIhbXlOHfH6rBu+xZgBot8fQdcThcLEXtXcBtAnpPs1gNibxUmj94gEyw
H3dt7Y8yRHKl0/GSDxaeK8dlz1hgvZGdoP0GLpwnUOu9cGlEyW4PkscN5hEk
l74s2jawNKWnTg8YwfEko/0d6BnEtXeyn6ybyc69dL8I98gSopWKb/WTdqry
JlqsYK757LOb7uwNMt7JZNQ7/2RdQ1iOsINbzK5tgjsw4okjyp8yujZv0bWl
1KCEf0JN9BnbLvjhsvygRKPaL863TytcEifMj/XuNKHY1VBq58IN7bRBK1f9
upGOKY4TUpJ7BE39+IcrXbR/eOikILpldBAftR1d26NPvCEf/tpiUA+99cOm
/P/TCu+/YIYTHulQGpg0ZJv4wAk6t/1+P2D8PLgT3OHeS5xRckEiUzaqgvEh
dmXrHMQCh9Ae9/A6B2uvpR1klQQjjsZAAUu0fymHGw8u8CfcWYHJYIcO84D6
nWCOj3qlOn7zc7xis0QtGfN++9dQuJVSXN6bsYXnYorunFkowCP2tIv9HKLk
ux0TI+ngNQ5F3kRdLI0XWpMdPw2MhraNKZWFEr3k9JX275bbKy5FRpDEcJj+
LXQuElbUNjvOFN9zfERZKA4rwVvGSV5NK83QGqNKGOkiH26sGSmi/7jP043X
W49f6TcrjIBDnetCqmsAFAfLx+g5cOvmS09ECq74VcKbr3Tk9YyEY34oRJs+
t3tduH4Kxb1CilM3kc8TVaLxBFjChmgprDQo7vZjFS82LxjQG5ajBBStNDhF
+O3nbcyTy7IhQQs9wQMKExGVGqrINRBpTBDv+gsagiKUtlV4odt/RautxSz2
FE3ZJCxtkNYkk+mhmLqziikoMi//YVroJ5U2HiqWnlMWYZWyOeY1OjWGu6wa
qiFZ81LcMJetgHi1Z+DbMv86VE+eM3r9W4RH/vzZ/Rp8b++H+OQISPLCtf/1
XS6HC6C0gt361MrwUFqph5IrTjVKd4ngmCnZKsaj3/TdugRu11hI1Tropp6I
5pTjrlGUwvKO4cB07vRM/6oNigK7s5sTMPRugS0tDqJEnU5Dy1XGCae7l+lH
qQyvXl9h1SFHyZ1By0IlU8SPih+RSspD7F9u9a02i0YtituiEeiVtIGoHt7E
NbDtsUBZ1fQaCYdpl1Tt+1PPFkXlN2vi8F2Sm2CmUejUco2nD9l7WXtdNK5p
ju+r3KH2QSB+CzujVcckKDCQ7jzUIdIhcCiodhyV2nxwUpZMnUS3LZYMV+ei
oBIbvtauUQMjxqTXz3YTw2Zx50R9dVbV2iUilfA0zFKSaXYOFWifq6ZY0KmE
fTCpa4kD6gpVCR3Z0b7i9aKaPppAcDWL5qrs9KmM6eB788SJLA5P29T1m0gm
X1JldKuSOw5rFV5Bf9HLRRWUeqjZAchj02XR8wrNwWrOqYTf2OTXg7A5j27y
FnYdV12VMLZkD2ourJjXBNwv1XAzBAurFmPKDwxfQ/tmNBSqEAuObbvV5Oj3
GRheey5z2NvtqR6UA1UYM7DSlBxwLvfF/oNsqpun7ZU7MfDaaUy7ztk0Wp/J
kOi1VBaY+UXwobIbNLMCtmtMuyDUjw0DrxfCOqVn8l0gWk+8H9pqEdhiDoNp
xUBESlHFuarpHupevLk1o1gKwiXcDhnHyKpB1PgkBSNwyMSIa0kIbRNgPwPR
yzG4joCImMwwMmwE2IpmCBo/iESSOI40NOyVfz8U76tI3x/7BSp4sDL2eWCW
EPus5MY4k2SR05SwW4dZ9e0CbMGKS4Xo/rsgebCSy6LZgYkytJ2Bo8IERBw8
bMZhKLcVlhgC9kvnrvuYMYvoNTR9ySBm3aBaLxC4ohwJhju2FAOUy8vNvRZi
l+YT1ASN+D2uilMaMvuhkbkyIzClTkHuUP9hlJxI+5hFCbaXNE98oGjuglrK
7XmX/4WdFJOhC646QUMoqUPBjY7nnOtUQRstQCt8k1uQIaRr72mZCai24mpd
t4gYZh+CyoSwtSNXpk2su1fktfExQg+wMo0i6HdFL1hEyvDJPaaMloxOEzK6
ZcC1pJQf2gJiwn4FBYTK0HTtltoSkMOnUIZE0dIvhFYkfrJGPTjvyNa1TlbZ
H4wEYOJ7UFv1Ox9eTqabjiPmyKWxu1KSprq67pLZqFYBkRp61vqLNHg4I2eL
UhWGJWZT23rXanHQeZaAsnm6EVjW9mkC9BxyuB2u6cB4M9ZjeLKUXKLpRiM7
4JMQ2CgaE/asb3PpZZh0Lc5eR9rPIc5jWqjAqzvCcgC7dK29ty0d70IGFV38
wzlcLbj418N6l7tvPXv2GFlNqy4Qm/Ez+uDlkLFml0DZzVZFF6Orh8nyznbf
P+ZhRLDADIOBcVsVvNDYuMxaHecfjM5QVCXv1+jVG3+mnxieYTKJ8VHYf5Wq
pEaOLa4eY4Bf9PbR73P9fS6/R6Lc+Beyshp/slhVRRRKYo8O3JlCW0xrEK+w
1FluGrD+GyrNrKjcMLbknYKNS/frTYFt3PYR3PDHH98deKHHKMEFhnbk7FJa
uMBXRmVW/To4FAH2gKwNAUxvgdq4s3JRb6KH8gZqsMFJ522zwFAF+2Zerc1T
VdDC0hfxRIeQFTvELLgCGRwhiWZ7joOMgVCPPAiiz2tFawyIkwkKMsqBstx2
PgAZB5m5ezj31jtPmWLsRmLKafuGweoSBauwbcMSuqZSeZwvX3sy9NLjDCOn
wZTrZ2YnAylxV6LqrxRYawi7eqyPIPwoVclE0dasi61712w2xR3FHML9fZ3h
+cKipu3XzBdmngeWQJnrpNVb1Y11CQ71jxHjir6I8LhfJvA1h1TnB0aJwxDU
Xtc5XzpFYuprrrLACXl4gUqgSMWgU1xiwaWUA2co3fFGrUPZ1X57FqGU0tfY
t3L87DT16e0iqxopD6/rWsMdYnVI3JVGR7URbKrS36x3RVRRtq/omJhY1mqI
MnGHlRxH+ELopTc7xpSu4LIe2V4kVhz7I4XjKCk1x1KlevtXEVVy+K1ufh1N
ZSAfAxusvhHEVRxmBWG5KbUo8QOxeodvDfIWWrtI5IsFQ27KF996UJbQOg7i
r4S7Ymgne0JSmVReLPK9oplgbozqpmDXTcQNHtvWVgLMzfQSUeltUCMs5ebT
/iGslzmNeV30KXI51C2mCxr1MEw5Nu6jH45K4G0uPH9VU97AP+cxnXC1Zjt6
sutc8jW6/arBz1tC5GlyQ8rHIkOfM5an/f0u6+QiRsMG5c79uHDsZhV5NcSJ
QJB4fjsx1X51wb7jXzLatYdRBshJzCZqG9moQ4QETjYoH6MF+GyRtIz1iUrW
tfqRjEsJFp6mg1MhoS567fjJR7EnWUuSQKQ/4fExl0ecZDQPTVy9wVLGsUH0
QgYJmYs1EJVNQrspEClRPUrvNQNz9/103TUyu2DOHxNVjkPNwCIcvOSjRGY5
JjIg4zICpBhYf3j+YxgM64SVdo3hoIK23pQ8a9mjXnAEPPfGv3pzrLh784Po
makPNEYIQVrT6ASyr7Q0lib8lZXHZhdaHgvO6z31syOd4qzgjvb2/AZTVWR3
KsVKgCjq27PvfB65wheiXuRurAVCaSvu5BWWHvu2r5o5h5neeTNfAHiKPVnj
tTAYMjVq1RIrEuJgU7GsuAjooCev76/5AqZxDoe20WUn4TD0V/CAltKSMrTP
kyASMiLEQa42rhyPSDfi1tYWsLnawiyuuzLEHj1sKPKz+12RWJyJdbI16DpX
2vLciMowsqwJnCVi+tLYBcaBKsJjV8BThTEztkBWwjJYtuia5aUQ/pJsy7Fg
SkgCto4EDw1bbgvJw6Fc3jh5xmZLrBk4YJNvte8sVmLEhcICNh5lH5XmONLg
5HlXyJ6k+eXzxy8GpdmK4z9GmFOLOByDHMi2eRRsFY/bquGM3ZyDsYl0k2Ax
NSTmcInZLgaS9eKuO4RqaLhMY7Kuw2Jx5F/gKVOO/42Y9j7iH5q1RwqnCBU6
4bZsODkqGdqMcr4SB6fOVk48dwpgkhPqNBvlyQnPnt6JV13IZgoL4Kt2OCnR
Sns3N0bU15KWFqAaY5vTsh/mRu5GFZvIQSCi1xVAdI7scowCkvTiIonrNmwQ
B4U74bLBJSHLd23omRLEhXUUfk4JYfU3Qp8u4hPuiMogqu14auU0siEkv4WU
pwEXM85psMsyuuTbTI2Zos+hnomhMOwnHPakvBHxG1UnZyTP8aRIQOW+Ni1p
tio4lZgghCuHuBnTi3aohFEWxZi9xJojJqQvjm0HASWLbUOim7CW9aL9by0A
IiG5nz+7J0qcHgND0WZ3Btwf7m99vL9/FvQEft3j9Ujj/+0duAgftEDA+Lks
IqGVCjv220dtsxE3NtltUZ5gmI9t2GIJqeqPSBbEgpbEEHeNzNVJURIjuAlR
5GDIe/LE0FLd3ZEXqTJS9aiRx1qQ/ANSESD7PzBv8wX1nA3uBPsPbcpv2ocZ
rmIOIJLzR5K0jpWK6VXGf8NKTQPbQhXq8w8fhSaC2tkMflwr6i5Gp/ugkYaK
BHGtJ4ox86Lq/fnnYBrncIc8RPqwy0s/NRGo9ZxN3aK3SaTI3Bag84aH1LWJ
2VBmvvBhZSxEodaezU/PgGXwBfC+th03dE2gspOoF4/exNlJrHYQzCVYHpyF
/E1RNciqdYMRMjF2LkBccWLfCAi3t+hyhFCeqmw49Aeyv0AsNCue3t6NDQWO
WikuwcE8dvANaTLCvFdsxYUtNfZ3mR2jx1z/q74dEWHyAyZZTGUS+AA21pmQ
UnSdkB6ymwyAUK9eL1rGpSjIpJih5lqW8yuyVA/08JXGK6adL/8J9fPvLrPN
ctvqX85yICnPN7i+M1vfSfBczW9n002uD3P3Ud62oDbs3rpruEFnhLWJHhcT
ge1jg2MDzhz0Xsr9/OGuEyFs9CSW7qIm7nDX1idvLI7kQkhhr4XNaasQoWtC
OAU8FewZTjyx8c4bkCesz/DSQ2UEFFY0qKHy9k98C7xNNeO+IVyPXXS+nwMs
OwlZo40y3hQIECqXyVZtsTGEqzKIaA/YJtjolVjC3mMYW7jJfYBUhrlX1P/X
RDcOR5JBSpV6VPcSmCfwu79Yb3SejICZtzdiOJ22kOD3l+4DfkGTxqHKtXDv
PmXgMMgAQjKZ1DlqgnF+oRfo/Eyiva3fpltcGne8KQMoJHAb8Wklq0Trwb2Z
ujquHEMbDoXDoKCSzEje9vM28E3tntRW0ejoXNZwklzrIicTR6kvmJO5Fv/h
7+LZtGPCilApPtZOXCw1X6B+ozrxZWH0rEi6M7ubLUtpENCui017XeOsUQVZ
fbUmCMFGQvgIkdcP5aTn/MdIz3PGROsbRQU2mmPp1WpJ7qLznWrYZQ6VH15K
2kAeFX4QpwyUMPPUdluu3ctN+fhGEZF2FxU0rHPOaPKjF/c37Z1j0bgYSGG0
SJKzNPtXXHblomCKX4xDf02VW9+qCfrzZ2Rk5mqTjsWYr2sjU8210sEhHMS0
Ra7FDco/O05cJWaukissdAhfT8DtgNl8B7i8HyL08OCoyS0C9Miu7s7CiEAk
pbsB57qIyjCcFfz6Dn6kYB6HE1XseFzd5ssfQ3HbWFgd5Ww82kmr0t4DUhuc
DL0Dp8+t8WZefrA2gNI+S9LRo1S8kvqdetDox7Wr2A80dzL9k5SNaxKRjjg+
lmnDFUmU8pZUCuolV2y8qlrLY5MG2q4D5Y7Xe9y/Vs5izZJKod1PVxiAv5wE
JndRUWwzPXv5BF7kQqT/8SH8vzgj8O2z5ycv3bdPDx+PNUEfSPtKwwGpaAgp
GQ8ydH3dg3T5ZLW6kE25WErTVTkPR1CZfoMUHs7upNfWyrWAkEiiCMl2HSBh
lwlb9PALPzRXzDUsYa9pi9oI4JxsjwF/VWU/FfaekCev3d4H4hiXI9pml3a6
YTDUrDPfXIJONxKep0dOeJ4cHg8tbBW4nTnN4jxSF97AeFVoXu2jbWCUajB0
f1P2kQDBUH8IuP3yYDgWm+C4kFyK3vknjpBs8BWNvkyINjzpcch0yXsrDMwn
rLiFWy1odt8KqxKo1xWchQ2xYKPK64t0OxQ1FJn6fQnHPraFToOGEnUJyngw
+y/aUqQiPnd5xkgS+aWHwysTjmEz8nhHKM60E0cZByP6l04cHgSBORtcV8p3
a6oPrfUUT4aKZe7gw7XnflNo1rsxyIQgNhymnmbPgNW8b1A3gq5vncCELqwS
h9LeYhvqBtbdqS09PIWaDdpQPZ2UdhGNYjcQ9ktjyGls8WMCgd0/FvTM8v19
Tf272bR7hbXX90UDkQPfT/kMLxIkrxUfE0i3KQl4r2c+/5J3nzsTJ17HhYjQ
EGs62qDeaEcTNDLik+JJnm12zzrG86CvR0LeSjxsoGqfaxa2FZh+NatYft9z
Go0E0EgGvgqYkYcdWsOxJ3IiFkwLVGB3yLlzFRVirS4/Lpe4QNWaIjGhpBjc
xS++ECyHUUOYm9Z1IHfbrsdL4EOeXPrirtZmChiBCXAGKp23ypsQFuXgmuJ7
YObrJvbejPt2rLGaUCsqJZOdaGwsa2KnuGrKMo1bVg1BnqhNIhwK/BI3xuMh
BV2hM2uvVlA5LQyJEWY84KvlbnUvaTfZGVP54gvuGZzGVqO2LuavBWs4dF34
nxjKyCxsHMVJCfYh89EPaP6qWGaqHu9tCxCWiPi0mZWakcOyFVTE2utiE8Vw
mYKgKUks+nOjtBijGJ3SP22IAjty2RkaSqfZPC732PGcuM4X/CvljObdYe/i
psGH+nTzargJ1WuxrK+w9xjKqAPIT9ReRFiSdW6T+yyqcjmP+ECZUTfp+Yhw
mjTe46jLDrRUxRFxxzRTHKkhxxlpSYY6oEpNoGw/CtciEIVgqBGfdRbnh3b0
IOWpA4VGfbVuaNp1YkWGJIKrTM0E1KvKeZSJnHNrL+Z2xlOyB4zxlN1Nmfhd
9ODWQbZxNNptPA2YaT8bjLhKHxY6dy0Sp/yHUjbQpHuaD9p+hkt7l7f3MLdw
ExDbSrz7T8kMKlyEl8/aItooFv8mnTTEHO+iTzIrVN8QdPDHhbMTOb38Jzvz
f/cT3/8SyVSZy5rCrywEUtFPaDM76wwpfxe6gHtGNKObpiHz4NieSSZTT64J
t4kX9I/ZE7SPiAl8eDON3FTG2TvjSSF3H9aXARLAFktVdguxVXzXHwbmwHkM
r9GPHIU0Zgszp3CBP/+rQ86iI7aqOba8AtMdqxWwAIyjNF86dtsAYhA+4KhT
3liI1z30N585YpI+oAXNwJYIWMg5c8LbSYPpj4rZnFKRPNPDB6PB6cGgJkI4
klw2NaIui86KifVZmt51ZS4YVC1BvSmaqlhblYZvXqvj5BQEUpiIdDGxSkEc
EisKUfbeX1WO1uexlTo0Tef/qkjYoTq3nbEU2gdzUZt9njNlRRsiVOv9Oknd
fTFE0KbnE4w1JKYt6x5Ijs03Iy33+vz788ASh9/RrEZdHiLLcmSWyG1iaaa9
Qlgy2y20KPngToncv55hrTmgqhnPalMpIurvVbUspMOrRf4UpNivuOP6sUK5
gHiI3rqusdTSukmHREU8DWrAhvGIyS7Dkl6SkV7zGUDn6ITdsisNH1uAOKd8
pFMrQHZADpjDKs2nYDPxKzpobXZ2LalcvyMtxQ5I/G6gPuuuXiN7xp1P2ozn
3QJZEf9ceSKHZoaZb6/AkbqKfKDoCZoubA8kxsZFn7ZDEhIsT+QjJnIiQwaN
N1L1wE1JagtmIMd/ZJH+8sAaxAuL6zE+n+Dok/F1jxkT38ERM3b1kpir4ECl
lk0WddynvlaCpdfMQQizGpg6Op6NbvhA/VvSWMqNsjSmpShRh/qWxheO+UDg
7M7+QVcSqyIpKTkrh8yXxHRfD/iTGTOPZt/bnYx7IaL97nlOdqHBXJifrd+V
iR0PzontauSyXVdYAO86XvWJwu7tiEh0XqgvPmjx+2xsdqkbi3XfDFk/tuzC
xJKVETQ1yfrnbUwdKYpCq3v4RnTw50xGRUVsfLZwRHGxrKiata2XW/z6lHW3
Z89D9g6B3qywnmOzHDAGVZ+yWM/kxpO0bYW0BKTy5FlJXYeHd03ohuOjanAw
T4yIuSnm9Iio+2r7+eCxHY4THRq6hAg0Ig/PdFf8MkkKHrbMVbnewviJCZ7m
oKskG4QZEyYyw5gU2M4MrG+RETEqckAmufVVx92VorLhPqnMRImZ7/R4UnoX
xgLi3k9yzaIKKeUAM8/RxMeHR2F8v8fM0yuhLnmD/KOYmBXA09GRwBoV1Tst
qWM4/6q1NNGL54+f4i+5Vh223B2YJxgmVGExsFREg/KOZ/Q7ihf9/BlPcE4T
nKb0afcISJBwYS2+LjE5lx6Quo+jJTNTPzpIG11RV/COuw+BI15dyXmNzBj8
RpSghQ1ruWIBU3LI+F6/fkLWpJIVznP2GfkeGmh+IK0zzNJn2bm8L9U/8YD5
EKMZkviYxGhfhecOtBRfFNOGzikixq1qPmtdG88v0JJgOx1k8KrkXymY9HPT
sxYlBBPYaSDcyOyBzZuaA/Ik7NSKkEkl1o64iKJ7TEzCDjomRkQzSXCEvb7V
tjNCG/IVq46G+rVHLFEe0cd0WFOc4Y4Nx3Pglm6TMyFEPgl8SI0JB0rbZWAK
CqHhwC6UEtlAkM2kKGSfE46u36eC6/HoRX5wYYUwDptNpF+RJdRCOPIcgxFO
3L7GLhKXdMCGvMZyqTBUF2s8zEYbORmnTuDTUurCsBrXOzpbpUjp0R0Drrzr
daneGmXnfEh5Wt7Vnk1c7hYmDA7ckjJn4A/MyrjlkrCD2v5AecFwFxY1EDp9
f9euNVCd8AYHlBTiuxGnhMt4Hp4jlAQN2rLrWO4t0kYJAYM6hm10f9PwAHuh
h4sjyNE7R4jnZc4VCQ3oFfReTbcM6JLxplKqM8hkX9GJFXp2Kx1xI+k5lOiq
3rawO68LsMUJBxNRsbWBl5v6skSjZzpqUuC00AH0jyLTUKCUhLxAK+lu4ttJ
axhXEg+wD9gEmTlt49/YqzprKirkseimubf/BlVlxHvi8v4UU+Y+IcbCijdo
3SIqcQNeCFuOilUJeAYryyyqpxmRZ5Rm3eswVbNr3X6/6+oZoskaR7tPHfbY
ceNI54cNU5HcwvPr24G5YBukkNgwvfNbs5LJszOSRfPbJH1NV64pD7zZyssM
G3n7fRJ79vH5JOcznKO6/QyUDnqEkpapdiUk7KcvYQ/WXTxKPIwrP8Q4/IlJ
hiP+2ZRxGKbvO7NbTvt8t+Ibh0Ba3RiJYc31ONPC9aXR3Pn+g4ySAzsAaQsx
NTwToshuJ9+kCrWmfMTtdJHS/XjmN1OAqcZMWXIRvCMapPAjYnwU5faOYNps
Wl5sV2hkgEnJ2O2WwgwqsWuGy4fIMlto5DSxrYGGYTqpwpfkKuuVwkawNHBM
Ek48UvzkSAScMz+DVmbiWB/6r+rGWhbNsvLsj8TNzTf5uI3ljtlgQAfjmlTH
Lmc9l+RvcP94J/ApkmqqXJNq/ujW99KHSi2RuSPMDtlkfzWPRnhekp4dhBm/
Le5azx360D4eOEEIVHqB7s7BJOl1G5IEHJuIwLZwvDcVvWwdwETUMpdjuE6m
tHn9V2/qN+JfnRAyE4FD2w50fv7uzxfqTx09JfNfrcyopwkuuENOoM/KwW9P
mpz0YOjROLk7ZoVn/5XX1FM4mWnM610VzZxCSfAzjqCkM4MXuhHys25dZ0zS
IW8TInwPlnO4EhDguMH2PbnvAz4MPVOhR5aHuj4VSBUiegvUjhjCY9V3lswX
J6mjtjma6SadgeE5x+he9J6Bi+9Dipp9MPmbeNkgWyWWCC/9qRwz4nCgsfhA
2x1OthQZouJRKsxwr6nBuqVjBXah+pqav5B950kX3tFvpBZh5tT7b+jps2dK
vFobBF8LN3/+bNRHD5vG5QGIEZ0AOovtUpr3WR2L9oXAO7YuxqfsBRJwCqPG
M4aHZqG6le4RLUwb2ZF2gcUe+UmVPd/3XXVvMC0XNWGoudKgX9zIjqkce5Io
GookGi02aLg8aVoH5wOKg4c5TbJFqeEro7atQ+e6mAbfk5vsVkisUAUVScAF
qiHHwBJhiNkpSMO7kaK6asSGrbUoq9OTkp++g5FCihVjyIs1GtC6w9FSUPXD
Kk1snV+ENJ0rZJTUjMLS5AFbJfBMq5sLNjCZ2NpeKxKywbbDdh8b+sqojO+b
tIDh46mLmFmJL4LoFqZRENyW9fPWyEFQxuiOpOT5MP9TeefCyQMb5B1Yuzd1
NTeLO6dgbr3E6Nz76OpJFIfmE0NDyIbtDW9zqV0gZdhEIttzjnRfCRsqK3KM
/HQoxIj1Bff4RgrPYxveJp01ZtuTePo5AVHnd9i/duZyuiO73PWUISUlYydj
TbCsyT4jYCTMKtwEnxlDnwNirk30TcHvjEXvlF4fs4xjK/g0rhGsxswtLx5E
m9Cb9zh/KjjoQZsX3ceyurqe1p5+pmXSU061y2jWTql0Q4wPBnoQtTK9c9Uj
EcJKvKXhVfq0/cvu7bWkkye9uHwDLelosnZFRZHDQZGS0HsF83MMeaiY+pcV
gN2FHQJlhUsPLFFGIXNI7nSakAxzibR3roOdGmLlnaDvteyRbysc6xpVdKF/
2jGBuIjLcMEopKAZbXIDFnnplIJOtTBdGXBg91Pzwl/ney4roclYW1jr7szl
RRF+tA8c4q4U7kXbdBMYYNSVGqeOIYXFSu7+cw02vfDygsrUypG3IdzK4fPf
i4n6Zwq3gvF0X0DWbKg26l0w1giBYtKzLQI3QrYK1QdYChtGcy/vJnGvSfXs
FFzJmSrLbI20TIg1RK9xQuiaMDES1B71f0clVB/XVeFwt3M11E0CRaLE+LkY
OO7tk0JJij5TFwt+HY1z3+54+0B3Ts0W7wnET0INE3NuGoikIVKwmvkBGIjY
DgYhyHtCn+ZSSK3no3mDwDfNZ/zI71JHOyhlE3OvTpwZHkHfKSbCxFj1wCki
mX4UszYmGNcCWQUoRNmCNdZDSHjO0jBprof7qPkqbWm+h1GeONcTYCiurxrF
6MlscMH/Nj5jZ83dpquvmmJzrdV1NVMSkLTq0ch1B8tlkmGLo2dD4qHuK0Ni
o/lxBcfXBRwAyjj0OnrE5zHbuYtR9Jv5OpS1pIYGUXcHZx7nmfEdxOuJoNm5
rZO+hpzFjNPmWaVwZOGfPSq4924jfKVa0zkD7y1U7OMbw9MR8l5Epx0sO+kU
hFU1LPUa344ztGz++2SZXuUUxdjkaN2Z8mn70CQSA1Ont3Ag6WWyUXqRoKG+
NfH2obRepWEfbqkzJL0B5mKwLMSWSMO65PlRatPJqGFgGAsoqGrRZRQCow+q
1omCUoZGaEamhbQMX1es0ChmXd5peNchbSgEI/7+p0kAMgMg0qvnw/TqHPy6
JZIAWLUl97DkJljeBF3XtyrVRNYuzVIkxz6JO15QN4FnDNAeRsNqzXKIgvde
mt4N7RJHXEYMxBqQopmggNQ+CkHbHWQYhdZmzKFVBGNxEI4DG4iLDCjw5ENG
MFDpXZ/D1TnF3DUihOP1HFZNtRL/TrUi5kPWJTIU0pdm+DqK+3bb3FTEWc+D
DXpZIfiFY7zHtWC+e8WWyZySCy2zZ71HkA/X0V87iUNxvS8FTJghsF6m1dwH
rQQYgEYnjI5gXREzdMP+Ltyju8ZYmHPq2fhz1NSJz3aa5M7cohNxPrK6kB0D
ugwrUoU3J8LTUfY0DUkKmsHFwiQI0Jq6k+2kABayaAhVQlqHqUC5uSLtuICv
MqNCaohiG1ar2aODb45lK1dlO9JiNzUR9qVaw2t9ch6iCrhLuvYwdHxPf61k
S/jCYwfI0B3xi4PJ6CXTEpasHGv0zm3gMVNhEdtqHcU6tSXsgA5OJgLRPKpF
nu7SIoJ/otYVhPZyiG2Mec8sXiZOtSzI2iisp3dG3UdCZdXcKwmb9NojMm7Q
UD/jcIZs363UARrxhQkNR8mZBJH3Wt3okNjoA80xT0lyOdWXrvdD2q1KVNDl
RfDeDkbgwvZiizZlbmALDqlpKU+6b2P3mFROTVEUK4/nF6Ffz9V/T2MC1LJY
o018FvO8R5FlDhhHyeckjBUxkbFXtV0bUbR7T5WFGRfqEWFGUnYMbjii/u8k
wBCZaSJ15DBQ82LqLRT0oi2DGj+cK7gf6ATvIapyQr4L9+rBIMTrNWtEUhL4
63bS8yTmhmdRd6znyBjKCdVwAgizNi9mx/x6NFjAfURhuRhGtYA38jQkY7Ap
LgyKgVbDrHWuWMEt5XhJaUoUFwHXmEUrRCspZ1dERWxxgkydane+k11BPS/w
YDcjSW1HpgEwTDGZEpamNzS3Oaf440C1M6BFqdA1KVNV095KDNVB11gry1Tv
NlJAxJGUWzAxxZ0faEslaIkL3hYIl3C5dmxdP6yloy7m0i78phTwngUIXWag
ULKvMV3aCnMKBWW+cI91Ac8vnOI/JYaRew+bCVkcTmkoPjM68Y36Yec5rzkG
HERonkyHN3K6h4/cNB+wijKsqaYGrHVU76j1zctG4y+TzM9Qk6yFlXTsdged
UZo5/bX7RKvJRvSvCCLE4kMoTe04iKvBRTQ3ZXRYywvXYG9TrBmcEQbdMhWM
hWMcYW1EtR+HtKO6E7ED0jNrH3Q7KNZrWdBwmEwS1hQYHiGfiMdFYoiiNFFZ
LqOoOx9gG1hxmHyYygMl5hWZ5/QK3Ogm4ntgDNo65E3v2xeTwSxu2oh4x9GK
AiX+JtcuxTlfM5XrdW/mbjEsMVWeNqWK+xaDQefLK4yDX6+y8yvShXt77AfJ
Wkvfe2yb8Oxk2yxz2H01rvdle13kj58+u+Sgkpwx5J1GAVglOgj1hxTl3+9H
1g9CiyQ8agkISmJHDyhsoFMMdypEQQxaKp38vkDf77XjNEte8S0XVd4JYczL
xwTUCC1iUTwVgj1D3VMn/CHYy9Hu5ls+DGEGkgb1cXUjS5nWaXLzVb1zkm32
eSnZ05yYqT6Ea9pME5trutfaTViss0LPbG23Evn+xrbHDjaHfNyQtfxOggDC
56erCxP0XXUV2k+A8lmWuetOJE7yqbkA5dVWowCU5bZRc/vgTKEr4QvJxFXM
AorNNc5CQEHqSedoA/uQbrg8bQN1D6ARhY8MyIW9ra6qb7OnP+NYjkPJcOWF
ZLs+93Ef7YzDSr4pc4Uom9QwqlfXQxZoXnE617oFwZx7VWpFVlcVLype6+ZH
QTqltfSzqbktSU8suDnrnbLdG3yIogvlFZKou/lE/65gkLpEgHBdKJItP9aA
ONExZmT+EjSaUYLOpaH6CUEHUT/lEYPUJbYMpxg7R3SSt9cI0O6yLwL09gvf
Rn61kUZGISAxWE9z6iEDFsN4WGENNbWePQiCz6xiKVmsGpNFFJ77r0Tpj+S1
23qpuT0q4CL4D/mqcdxf09WwABzftEZUvFlhcqZcHO02IhvZH1EEkBvoOAAY
yWFpNaouCboeRZPLtWbfoIGxZv4oZBAnZHJItC70ay+BCY4zLh5fgMZrrYUS
5QmRf0XTpOguwRipZq1TRil0MsDqqOr5AKKCU++U1BQNgMkkOe8XmEEixh+4
L1aVkLFJn98iKZiVW4euP6SC6L3QEccItGTLQb9yiQHjS9rBIzsNf3QUcy+o
QfW0lEQ9BSRR9CqUVEuPZzabfGCmpQi4B3le7zRaT52U4A765ta9SBgcxFfi
6oWgs0Ya1CM4gTI22nsSB7Fdc7smNslCmt9T7+gWjhLAE/tYOdBcM3msDJm5
9Z/Qw7VDJTmxfYAKZavjlPRAM7f73pIzQh23qdQKFSqsOnSz3i8n4SqSbM7t
okJ3Z4caCskT7KXdYiYmrgATnDAFpfmoVol2bMthrDIgK0iIEi2C/eJxyuAE
5xP6cRZa83Ho5amJC47dxpjeRdDiLlDNkCPcUy0UpB5o6oH5uKokpsgHl1Pg
6Jl5KaTLH1IZMVFIbt/njC0BVby2z8zAFmRCVEoUoO28HVKdtYUHi56IcA++
lJD08bjMc3PeaUeRaHJLdUAWxjm/6Hd5V2A/MZAe6CjCyck+oAOzBgT7uP6P
AMq6CS7EAkO8Y7BL9vZeL3r4SgnlaUlZ1fpDfuLPXtHNaS5DwkggdXh9KCLz
xWO6X8WJ2kiVbRMKyshPR/f/V1eV1dwFD6+f+6A9OY3idhTel/EAj2AVxfUE
fH5g+oeP2AEDFR1mrmjjLS02sWNuGCa4No4HvmwnZw01mKPjZ1SlDS5LbEsy
fpW8EdLGGtopeOWiUlRWFTiT8/4rC8xouVSlY9nHOINGpTxgBc5CiosOZ9Br
Bh0tBxqU445SzFagjjb/wg59I5FI8mjxZnhFVuBF9XfYAGmFdiGNuY2nzfGu
0mVXDfZIwB7zRaMYQ6dQuH6VGgXfbZg4NIaIwzNOjo5w+V7A/yCfSyu1Dn/8
8YJLlWbUkRCcSdVEOAILVGQUqKB6ODpvNhhnLAmORW1/sXgC2UDRB9LWycx5
J6haPkuJj1RdVVKaVC70QUENx0c84yH1QN8Xcli+yP70+wTAfl0W6IBNt3N0
vohEi8CS37579wYJ2ZvCQEZnwUseePRjebQ9sMiOn+HzhNgBszdlhcxj2OyG
gllCmbiEo6hrOLgi9U3kuXG0Mgju8Mal0PldsDu8cWqH3Ahod1F1rc9V82SA
5/v3UmcE8Z8ERiW23TW5SopWlwKfgmSH9mB8UKBk3hTVEi2ReAcyL1bMl90/
aDzQAGmOmTIMrQLSJAxxlwWkskpqNwBiFDGwC4+4RNnS+qmvrJMYOBbjXcZG
isYQw0a5X/NSsVftLKczyNIiFA2aoU2yYK+2u96uphjklIDe+k4SToF5UKES
1j9yR+/Ikki2iG0Y/UX/YEbHrulzJUfiZSN7mD5ppW+EJyZEi2lGhOvMK0m/
0CYjYDgehnZvru+kksDzHLn2cI4mKUubD9MQ5XijF3fvTWYfmcoKL56HmoGw
PBnYYu9DHBz/iLpNwmh/0E50PDaziYcrqMhu1qbvQn+E+j4lwzCw7i4UrmNE
cg0widqc0ihhXxDJzRtpjHcPxw2qHVS3zJODXfQiG9E76wz8mVLmgFNsGkao
iM8OESsLgcp2As7sQePISKORgcBY5YINRxaj7DexKKRQnW2BqFOsLUPcOU4W
FaMRU4w3N8J/1aEmZQvJi4hEvPi4kpQN7/Yf8fnmeMhWL12wgAt2sYJg8hs3
IjvNZNiy1oyq3RjLXW2KLnTK6DWo34+LbFjFHJzhfYfEq6dkLJzATYknvO8D
LZpUXz5gn9MzEc5M5A+qH/hZtGcpAY3fk+WLEQG+iSy4yzKtqqtrSaneolFG
O/o9JpQ0vGUARrtfZ7WCNBBMtyzrYh697H55eHU4cbUCMl2ZVUmIbq6bK3A+
+LTHlzHIMOZ3GgQHdRIg7+pNvayv7uihWsYf1eyHTlIy11bC0Oomn1H7IXoy
z/q8JlNVJu9OeQFEQr/DFtwyusHjfcU/CK6l2yBkO5Hl52zPSvspSMNekkvV
1bJuvXYMfCJjCoJIIXrmArvOigFS9I+BZSkk5UZGkYPXg8/hU1/SOvAQLXTw
7C+8HZxjMt56GblYtYuFmxkufeTbCzi/dUIIWjOHAxv9UzJJE9R00rrhQAIh
SY9RZ9HjeVpbN4+05XoAT1FUzCvuFVdkJJEr0sMcTMWjTGF7h34l5ekEEZTi
axe2isBc9Oj01DVkwcDpOqpt0hNXJm5Xc1Ya9IBcbyhpKG3PtA8ltwbR/KuZ
D1E6j22Q6bJYvy87tjhaKXBiQ1VbjyAAQxGMzsxLQqR9WkEcEmdFDQDpXslF
Mzzp+6mKmasBERKdHTSYSXEVe25tHR6M68uahxJeGopQKIsWMobIHDc4s5YI
in0IE+HeJIKuzmrkxcyvMIaWag3i+kVBG96pSgRAC8PaPCqRJ7dIRCW9A6ED
UIXZJ1So0IlxQjfCO8azbm2F3ZQwlx9TJivqhWhDgp+NduvDtaFBrgnkM+xA
qV48445aCNdAgBhbAL6+VPoEcljJLM7dLMn3q6Xh+CK2F9SFdKLkN68qqtFO
xZbmcl9J2XJEJz3MXByzkU7viIuXpkEgVoX6KgQmkOJxxISXwqwKQ5xzcgmp
3N0gGFJJANv5nDuRDmxS6aCo3NjXFagGt7H9GRq8X42USsmAeyFt5ieVZG9L
Xms6swNfDdgRN0hiabGxBCBIBgJxWWiNR9v7GQlg64h6RE9HJSRW0oYxVOEY
6ueChqtU9drQ7cVPm0XRg57GDSuWbgi4MuLpLowk3WcprTPuuGzQB2jNAAyz
wlG/OWL8ukhwjUABDL244aMROOhDmMLDBtiENZtY+mToHBB4IC/5X9brEjck
mrjfgg/ojxFzItiBkNMHPUVXNzBjktNaXWPcVwjoJ52IVurUR3hys7n3Y9N0
WdwRaMm+V5s4N7tSbfeDEApyZrgWtXhTXMZNrlVkHPSde7UPJr2F1snk2JcG
3AJ/T3gI/84WmUNGjZSuhOtpxw7dY2IulSN86FV57NvZYGUxFJjRDRXLjaPu
nJj5GzLZt3CSjzBMKss+EzssyS+QWb6p6mWgahpqe/VZxpRq2rHzVfDIEPbX
i+L4SMr+JVc7mOczYftvYpUgjjnKeXpi0mhSqdfT1/V1iQNGO8NDE3WU5OzV
ljFxqMgrIj6a+fDuRxQ4SfGh60mezqYNgQxQQceYo2vmmNaNcUhjU23KZaUN
uJUkvXTJP/HnLNBF7cJwmqhGlDmZap0zzlvCByt+52uqmOU7JO6msHbgpoqS
6lJYIBg0a7RDrGPciOaKYbGhxwaLHR6Y6G3SnlAxd6EEHm8obk8sJHoC8vc7
1KMugpimvDQ+8B0PHdYPs0BaHsdlYPEx1jpYRMBC0GSJzmuwYFwSRbxG4Hlz
dA2p3DuyqXrLXbk8tksXWzp7GARv7PCux3Kvdze3yMT3MB//QQ2rDuiNtGFQ
BLMfCMdSf73wUtoLLnCwEji4opCitV7nQ7S16GqvX0AuOAFJ8CGmGlUtq802
tIcQIIQVmDLaRNxaLuE/mAQ0p4BNd7UjwjuMNv8OaVKKZ86ieKZlfpWQYn9U
2+CQ8L2YsIknKlr2CQ0eI4B51DQgGA4HjkWb0bqmIsWTwqNI2l7CWXpNG5EC
6wFOcE/vgZ5E3afBtB+JGl8xriBgthlUiwlc18ckNBTzEeTsaguehQRIwxW3
6H4ouOormavsr36uJOrszBplc9K5jRsy7HsWrbs4mC+4HzJdC0LuWmMtAUCe
XyAVTeR6gW27qStO8WlsGvyTUppIa3haa0SmxMpLWoF67PDwT10I18xwlwuL
ETMCHKCcTdt7Q2QfonBelCAQ8GxAH4U3N6NPMaHU6I+CvoeDMRBOQI9YxYXL
R/NippE+Dlhz2+TwnhwLb6PSL8ZaSMidGtlMt4K6nxFq+orhnwzcThMPGKbE
sGz2DhkYBbVttJEejKih56xxP1KMUSgtoiAv8zmK6/UoPKB9pFcrMPzFkxe/
/CLEVngNBl1Pwf7hTtH4iEv87mI77fzXPQpDPsWksQdivVZIdNWeZt9/eY7f
/SCsKkPffa3p61iLnWYvpthiXjk846S8y43nmhuXPmoMoXl6jAT/+m+krRSI
hUCc+zj/tpRWN4pWo1NQ4In7l4dYGqN6hE0O60mQjvyCogutfJ3HXyODZgLN
DM3PuTGBBnlLUpCudit6iszfG9tjEYL/NEazktEWllXUCcPyiWxQ5eZ04Ge0
+dAw0iZ72O5Bt67v+Koajl7gG/AauEVIqGIbeYfzcLS7JNfpXpZlHOOExWfS
rmVVSG5AspUYyqJh4634998VV6Db11ts37vfHvivvkGH1I6T5MvvihlWk7bX
GUM8UeRRNuxnX1DFcAsb73/PECazDFzPNZkImETDYS22DZmY/mWyPxXNMvtu
9gdpezuRjPY/v4fPQzfcQxBrXX4yxbYtOF+n2asfvvvuh+8lXK7+NqGI5Aff
1+sysAh+7ONe0cpqQHxZwg1ef/3uG65ITfuFDnbwHOzepZFGp5dap0ysJIUD
gUHwvrwUVPbEKTeBkOAmRzANAb+5swcfv3+8+OH77MdyKq33XvEJ/Qm0Kj7x
lTYSZq06+KxUv7LmkUZv5CR+7zRoCHmG778Knd1hI1JkE8tQtdlsV8cut4RU
YnCpO8jcyr6KVvbiD6TAopbBX8mskLjHyuOeFwhZo5E3+X1dL8tibXUWBEoT
AsToTkqexhEfDQ7gK8vEG5WW1gj9w14R5PQnjAeMvNLrwPY3QrZGGetAqA6v
HylJlKp/2ODRrR1bi97J5+vaiFakYtwVdzmiKChVuh2EM3j4df7BK6K1VyMv
9m1cPedOnX0DG35c+dwBrq1GAsKdSdNJl/QtJZ6u/8sX2NWzjkwHKm74eqiy
whcZDK4jUl8LkxyjCgOfDz/Y3+7gk70k6HCxJiIg4QUnL79T/tJPYifLvegU
UqX+gIenKp5pc1nF2wCHlaSR8V5GP461CivIMviIi2BrSfTUOB0mWYgrhYbz
nIvw57PkEj/9Mr1pagYBhxT+P2yR2mSVdjw7XaOXzx+/eOAaKbbjQUvkClJk
BEwA0rpopr2qtTvkOpcEyEDHHnOgMC5lm7Kh99qrfUrVcs+s6PH+W6fHEvd6
w1DVoUmGhfAx9bvJfXrxZdMtBtO8FdDZp5DfIbHd9cye+Uh1ICy344bjx5qM
DBNiWz2KE31KgXqAmTgiNWoXsuDIUJPdojwjJkYiLfSiKkqfTl7ggIya4abi
IBkNAW97f1h63ZFUfxUMdO4nHpww6SrOiyXhT2qm4O+IXRBZer4WPzx2+OU8
evbyyfClaWvylnIjD+ttrgR3UgXMd/0RLkcx/0NTbzcUbt0aoGYELjvpFZUZ
d8NE0bFpSwtf5brfbzzBjSaiLhQHEh5nc5zSKO+l1E+GfEVDNrjzglJJAkd4
7bBAKDcY0FMUJ9Y6Ib9hYJoIfZI540IYFdAOXBZWtVFAPsR72mxRlvMp0l0V
M/hwi2lNBC7meZ7hxyh2mp5gJ7wMyQq+G/GyzqsPWFx0CzPOxnzQqJSxaKk+
sHBVTYWCUmZdHspaCGOzvmqtYFDU1jA6R7kuwFEQal1f2YTjWfcLMBCMcJZx
TzeN1xqdh9yBshYEexxqzM1hMrNy8mKdKwzIUNBk68BvtWMqATwiOgMpz281
xdmvO5beKxh7rjC0/3skrLb5n5aU1NVX4xsoPYqHyhitk2PH8Cj+DtOeK94J
XVRaPVh6qT0vmbZuqAaseiCC8ZOXDCC3WVvPKvoogTJy00xKgyYcOyFqv5EU
nyOEkHbjUeUtu3QzpU6mukqSNUxZWFJCesswx7o1DPjM9hMo+Ns6J8xJ0FJU
+sQbbYjEKD7YY+OEGVD39v7zP//zby0coz/vZdkj8LwenWaP5k+K4+nj2VH+
cnFS5ifF8Tyfviif58ePn5w8ffb8RTGdzR9N8AJYO7zguus27emXXxbtIYOe
cjnsmkMRQP456Bn/82q+OSQw6QbbAutPvwRPtWm/BINzJpfBiOEyHGH/Hl2N
SFi5FOOCX07r+j1RlcI3dP1Hj5Of8pOcaXihZCH1Wz+g/pCKK1JhfkzyNJC3
CumhOrnR4Mj6MxJ+nQyrqH6ihz2i73+B//6FJgxkKUzY397jYB+9g+n445/e
PbIfxToSfvJv/Pt/0i169Dt9X/vo+Hd4/b8PXG9m0iOmTt37BUVrby9RxUQE
JuFVJN0N9KQT892ldjpZIaw9ZgQD9UcSknJZ7AwX2/oIKOMGuSD0/FTQ/7vJ
7cdJxqa5xs+P/uXmT/9X8/T85P/88fn3L//8Lz8ebU/K539/8f7xn/7j789e
P//w55O/nvz1+vH67Uy0QYH3O37+/Nnzk6ePj47oQzhj5MMXT+Az/lAUzexF
+fjl7Pg4P5o9KfKT8tkiL46KZ/mTo+Lp49lJ8eL45CXfOkSOHqygxiTwOEhg
RIXVE8CwxF72uONgkMDz1xntwftFbGRj/1rpklDv/ZfeL4wP11gfo692aatx
aTzHn0Ti6MXq+NkDxOp4fjI7mT85yhfTZ/P85Pj543z6vJzmz58/nT6bvpw9
nr54OiRWJFRP5id5+XTxLH/+4uVRjpKUlwsVrJdHJlbkTckL04HOIoVlES4n
r2TwKbHBaYQwVrIE69yXXcqmpP4NlNdLxdWovlzMQrtWWvwhageYXercXpo0
u5ipmseaQlBjxLE44tZphOjTHmrZghC6vny4LF9ygxb6SYmbLxBguf33ev4m
7ueqOYuJ8PZiClPD5SHsKx1e9i93iuvlpL/dD1LjK3VEM8Vqvi2lrHNv7wKj
n8IZFx1MmoNmETEIDEW1p1Twg+CVd+8uQt0j/AEvwg01DEoyHxgHoT76QOCw
HHM8F20GbsHqLsdOkS83Bdu2l8Lqy/Tp+B79BxM5FAYHR6zIxVF5PIf9lE9P
iqc5bp58Ni8X+VHYTMeDVmTX/dcfxw+blhEleN+Af6M9+SBT4VcYC/cNqzew
32bqfqyxe5+5ywbvfWbvG1m6jzN9YUX7xu8nsYffiYGaMr4mtgdu/6q9x6b4
b7RRPn6NxYh9dfL3m8ff/Ono/Zu/ffj7H//+4pvnf3iyaper6fTo3b+s/vov
N8v26Or8ePnXJ//SN2KfHz3A2ngxPS7AzjjOZ6DW8pPp/En+olg8zhdPjh7P
n57A/02fD1kbD9KPXmxCP40eP2DsBq1jy5SDZwnX3HbNR1IaZXgjBRRGM6OB
aW7hYAyKkuhDekluI4mAGFi4K6qYoB4RgoA3hl3XYV0wjSuqgWuITcSlUkZq
BqkGLZywsXmuPGp3ZSdBGhdWlNGG03XAt4QbiAUU35iG7wokNPZrGG9Ntdt0
KzzIyjDlvgMP9YZB0Vmzrbkc+g/0boXMjjRIG6oIjMhPI8bYRjg91yNjRAJH
Iwc6CPnLk8XjIn8ye3Gcnzwvn+Yvi6N5DsZy+bx4AYb10f8KC/23CAs94Myj
InyvvRKhFMhUb5f/r0jNxyzWR0dcXk6fFycluMaPZ8eL/GT+oshfTp+WORxG
L4onsxPY44+HDqsH7X2LuFB9EjIscCDbiJg7w/GzNOSgUim1pHXp4+2YmNTB
GAmpSDHm47f6PtDEOWtiguBh5oCkjVzcHm0DFxvvIJUw/ECvHfUuJIk1HqhE
uZ4FREH0aKHT7xUuDtEQ5cYvFO0ZPtas4bcVUGrNAJ77bb0sudMX/mSggHFi
vbV8aXFcPevyObHV8DZQ1v5op9/3cFJxRvnbehN7x9GpY477WIbDwiyVLxIJ
rYUH60a05n/O5Y3G5pp0FHAtSgJGaeCo1uoo7FvQ2V0xB8mVbD16HJI163IQ
6onhcPes0OEUxxU7G1sdEWMx2UIyTac9F6MjL7CXXW4ICiJZJAHigTumcp8l
Mqb4EV641GiMu1mx5SFvpTaPGho2YQqC5czfWNDgpHiOEbr8eP6kzE8WT4v8
xfTZLH8+f1G+XBxRhG7QxoiE4P/nZ8R/N3Pj03jdEZZgWnX5QGJW8AP3KSI0
6G9r1/CmHVQjgdJTkur0aMvDOn5GoSZ0PS5dfzRqbPZRcm5RY4vcav87Jkp1
9xsXwkvjlg99feAv1xhN6UoeooYO3Utpm9bLh+z2wXfxLZbslR6SFbpkZLAx
lA+0MT4Yfm/q4xNeHvTbGykNCm09d/dI4npP+T0d1+3oSxVjvQQ9W0ER9x6y
lkNqbrmbf2y/RZ0DO3kNOMIHhrVBCA3SWML3eyI31qDxgA87am1As8EgIyyn
Ka1A1HdMkkdgsaWSR6zTLt+MexbK/LK19pgSbBf3305feevLgb6PIwsjsuib
SXL3OeoPr7XiEzEzAvVGkCUY3JLwtsMtBuMFHug0GHWvMyP48zbuVsSEz4FI
2dp+Mk87D09QS1hS4IegKZiQrpqgQM4J+zhN2ZzH2tvDlv9/AeN+d3CepgEA

-->

</rfc>
