I'm afraid there were a few timing problems in getting this out. It's
been posted on our Web site for a couple of days. Sorry to send the mail
right before a weekend.
-- J. Bashinski
Cisco Systems
-----BEGIN PGP SIGNED MESSAGE-----
Field Notice:
Cisco Web Cache Control Protocol Router Vulnerability
May 13, 1998
Summary
=======
Cisco's Cisco Cache Engine product provides transparent caching for
world-wide web pages retrieved via HTTP. The Cache Engine uses a Cisco
proprietary protocol called the Web Cache Control Protocol (WCCP) to
communicate with a properly-configured Cisco router and register as a cache
service provider. The router then diverts HTTP traffic to the Cache Engine.
Although this process is not enabled by default, and takes place only if a
user specifically configures the router to enable WCCP, there is no
authentication in WCCP itself. A router configured to support Cache Engines
will treat any host that sends it valid WCCP hello packets as a cache
engine, and may divert HTTP traffic to that host. This means that it is
possible for malicious users to divert web traffic passing through such a
router, even though they may not have either physical or configuration
access to the router.
This attack can be avoided by using access lists to prevent WCCP traffic
from untrusted hosts from reaching the router. Cisco will be modifying WCCP
to include hash-based authentication in a future release.
Who Is Affected
===============
All users of the Cisco Cache Engine and WCCP who have not configured
filtering access lists to prevent WCCP access by unauthorized hosts are
affected by this attack.
Users who have not specifically configured their routers to enable WCCP are
not affected by this attack. If the character string "wccp" does not appear
in your router configuration file, you are not affected.
Impact
======
Attackers can cause a router configured for WCCP to divert some or all HTTP
traffic to any host they choose, anywhere on the Internet. Once having done
this, attackers are able to:
* intercept confidential information, including site access passwords
* substitute data of their own choosing for the actual content of web
pages
* disrupt web service for connections passing through the targeted router
In order to do this, the attacker would either need a Cisco Cache Engine or
software capable of generating WCCP traffic. Cisco sells Cache Engines to
the general public, although a relatively small number have been shipped
thus far. The WCCP protococol specification is unpublished, but the protocol
is not immune to reverse engineering.
Details
=======
This vulnerability has been assigned Cisco bug ID CSCdk07174. If you are a
registered CCO user and you have logged in, you can view bug details.
Affected Software Versions
- ------------------------
This vulnerability affects all versions of Cisco IOS software that support
WCCP that have been released as of the date of this notice. This includes
Cisco IOS 11.2(P) releases beginning with 11.2(10)P, 11.1CA releases
beginning with 11.1(14)CA, and 11.1 releases derived from 11.1(14)CA,
including 11.1CC.
Planned Software Fixes
- --------------------
Cisco plans to release software that supports authentication for WCCP. This
will involve a modification to the WCCP protocol. In order to take advantage
of the authentication features, customers will need to upgrade the software
in both routers and Cache Engines, and will need to make some minor
configuration changes on both devices. Release of the improved software is
tentatively scheduled for September, 1998, but this schedule is subject to
change. Cisco believes that the workaround described below will adequately
protect Cache Engine users until the new software is ready.
Cisco is considering making an interim fix involving an explicit command to
apply an access list to all incoming WCCP traffic. This would be largely
equivalent to the workaround discussed below, but might be easier for some
users to configure. No decision has been made on when or whether to offer
this interim fix. If an interim fix is created, this notice will be updated
to reflect that fact.
Workaround
- --------
WCCP runs over UDP at port 2048. By blocking unauthorized UDP traffic
destined to port 2048 on the router running WCCP, attackers can be prevented
from sending WCCP traffic to the router, and therefore from diverting any
actual traffic. For proper security, it's important to block all traffic
destined for port 2048 at any address assigned to the router, as well as at
all broadcast addresses for networks on which the router may be attached,
and all multicast addresses to which the router may be listening. The
blocking can be configured either using inbound access lists on the WCCP
router itself, or using access lists or other filtering on surrounding
devices.
Exploitation and Public Announcements
=====================================
Cisco has had no reports of malicious exploitation of this vulnerability.
Cisco knows of no public announcements of this vulnerability before the date
of this notice. However, the vulnerability has been independently identified
by several people both inside and outside of Cisco, and should be considered
to be public knowledge.
Status of This Notice
=====================
This is a final field notice. Although Cisco cannot guarantee the accuracy
of all statements in this notice, all the facts have been checked to the
best of our ability. Cisco does not anticipate issuing updated versions of
this notice unless there is some material change in the facts. Should there
be a significant change in the facts, Cisco may update this notice.
Distribution
- ----------
In addition to this CCO version of the field notice, the initial version of
this notice is also being sent via e-mail to the following recipients:
* cust-security-announceat_private
* Identified Cisco Cache Engine customers. Cisco does not guarantee its
ability to identify every person or organization that may be in
possesssion of a Cache Engine, nor to exclude every person or
organization that does not have a Cache Engine.
* bugtraqat_private
* first-teamsat_private (includes CERT/CC)
* Internal Cisco mailing lists
Future updates of this notice, if any, will be documented in this CCO
version of the field notice, but will not be actively announced on mailing
lists or newsgroups. Users concerned about this problem are encouraged to
check this URL for updates.
Revision History
- --------------
Revision 1.0, Initial released version
08:00 AM
US/Pacific,
13-MAY-1998
Cisco Security Procedures
=========================
Please report security issues with Cisco products, and/or sensitive security
intrusion emergencies involving Cisco products, to security-alertat_private
Reports may be encrypted using PGP; public RSA and DSS keys for
"security-alertat_private" are on the public PGP keyservers.
The alias "security-alertat_private" is used only for reports incoming to
Cisco. Mail sent to the list goes only to a very small group of users within
Cisco. Neither outside users nor unauthorized Cisco employees may subscribe
to "security-alertat_private".
Please do not use "security-alertat_private" for configuration questions,
for security intrusions that you do not consider to be sensitive
emergencies, or for general, non-security-related support requests. We do
not have the capacity to handle such requests through this channel, and will
refer them to Cisco's Technical Assistance Center (TAC), delaying response
to your questions. We advise contacting the TAC directly with these
requests:
* (800) 553-24HR
* (408) 526-7209
* e-mail: tacat_private
All formal public security notices generated by Cisco are sent to the public
mailing list "cust-security-announceat_private". For information on
subscribing to this mailing list, send a message containing the single line
"info cust-security-announce" to "majordomoat_private". An analogous list,
"cust-security-discussat_private", is available for public discussion of the
notices and of other Cisco security issues.
This notice is copyright 1998 by Cisco Systems, Inc. This notice may be
redistributed freely provided that redistributed copies are complete and
unmodified, including all date and version information.
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBNVzLPAyPsuGbHvEpAQEdgQf+IqBIee3dogVddsqNduZF17pkuAbCWxt8
HBKJMD3isiIgcIHsnUXPuDzeQPaRf9hoxP2DY/htxqQkAUolfrQbw/bQaYVv1I2g
Txc7B+0ZjGBxGovuOWmMnpKBXvCYusRkmzvLIHGiw+FB//gRAM4RJjcCdKKZVOBm
CVDOPuWgzY5WTQsIt/g/Sqe4KoyR4/9hm3sbzXuqeJZ4xxLrJv6t3n3BUQgv7V0n
KdkUU8SfGMG6py0PBVkPTiA8UdCCfdc9/gDVCHtpo4xwFKheEeBTkTsokYz7/lat
53MYCO5EEvqXpBRrjOz7znLTrugmhBLkS713jqFTe4DLfSlNSo5ehA==
=1LfV
-----END PGP SIGNATURE-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP for Personal Privacy 5.0
mQENAzPvjNgBbQEIANK7KlAHQsajB9t0ddYhrZNmaOnyPL8T5JZRDq7uSf3HfXZ9
gcE+DU3/2/TuCa7l/P0fblpUtxOo2FScjdg6Zd/V+8FH++wfH7GP+M2lJIw1N/UN
hLfqUe7RJZtAvAb2VRpA3pV816ngk0H7tb2RyAsu3H7MvwTDZaZ/dzhM/40uDz2b
OUjkaoxC/cKLsP+ODLydPK3XPzjq9XipC3AX8zDLbjAMSyNTpQP4c2NvIf6X4Q4Q
D+yZJu0dYA8i/QC2F9cb4sT6fKtoRENwVLQhHwkxwKLqmyokLLOZ7QvQw1Rqs8ZU
E4o5OFdf0XvqW2+C1+CWQ5Z987ZHDI+y4Zse8SkABRG0R0Npc2NvIFN5c3RlbXMg
UHJvZHVjdCBTZWN1cml0eSBJbmNpZGVudCBSZXNwb25zZSBUZWFtIDxwc2lydEBj
aXNjby5jb20+iQEVAwUQM++M2AyPsuGbHvEpAQFlYwgAk9yGvvH1Rsz3dQAgbzBR
iA68u5YYX/b8/n5aTrtxK1Z9KltjdDjcU/rv2fqmwhsc9Q2JYE1re/iiUUuxTTXc
xCdnLfZ75w6P7v1XaE8HbaXvUbYmFuKxvhzI6gnZ3OWEqVQ/P1RB7zzSwHtvMAOm
rkty+vFz8g432tDeU/WEif0PAeNassVjIBE3mSFcnoF9PwR7+983oLI+QUTz+KZ3
po7r7ETFXBaie8MY5vMo2a0ds6GUsrMVpFiJ2zruSCJQJvVVoe9VT9pg92fHw6vS
YZBf6jcPd+3kUjAcAZQj5Jkuo5QtDc+JpCs6A4JS+nk2UPYisFOfxHjR2bv396ym
lYkAPwMFEDPvjPSWgad8PVLgfxEC85sAoLW7FY3dWWXLiZD6FbN3G81/SYm2AKC3
EPPlj+zNMt83UlBIR06BWOhPmYkAPwMFEDPvjehhWBbFOs5V/hEChMsAoIHN2sJN
Nso+kYr3G2BZ90KJ++7HAJ9vQkdJRwI7HSyL+iyfQS3YV4ivKYkAlQMFEDPvuil3
prw+JwB2/QEBujkEAKvxs8A5OMk/TD8tuQMATILDxnj0ZGepAV0wbJjJx8bYQ54s
hF6r4OlyWEVPOn9sMn81QyWOeaprpJfYWgqntyJ8aO4Mh2gfI4uKzKn5hJ9n424g
L3cOcJUKmARBGFgL4gB6QZU6k+52qubv08gHYBDUTpxbtYy09/bieET6Tu6NiQB1
AwUQM/DnKABQXdL3LtV5AQEB1gMAntCpluUCoH9Spn+4RBKQU9qVYjZL9ye7Qd9z
8uKIUGM7VFMD/ECavREEd6ggYFCX2t1YV1j6805+oROx/xhxCe4OSG2PX6NQx3Mc
hMWgQSiBKFikfxXcbDTwU4HGk/U8iQCVAwUQM/Dk3Rim+KqOZxohAQFO0AP+PkRZ
AMsuGJ62XOmO27ZwoB1yMB+LahS9zWlVUuCrBs0NloC0Uc9aydw+tWqr5PU8972O
ZmMI1mPnjsAao7hJeVFEKmNpJ+nPFx56fmO138D6h+1eYYsXMEkx4FNHYmr/hP9R
T7JuqFChB4eHAtL37GDo6pUqIpRdbI6imU+TGWSJAJUDBRAz8OmMetUtBpz0lbkB
AZnqA/9Vcjr5qpxELEwYmJhBih4Eha0bPebxDpT/wDQlWF8KQVT+dVa4/kXDZDSQ
EOcV+Q+Z0YAxqFFaWHI1CYr2pR+jDqzxxdsxvwLPaJ2Yq2vnb/UozPzCYXaRr8dK
E2LaRpUIe/frpaKggGfT+HP35WWSAkS4yP91I+9xw2xAHC7F/IkAPwMFEDPw8Uu4
sEdhxJFDBxECSu4An0Vs1WvZhg1+F9gXVAdWeZeQwjPjAJ9kiB4mUt6PeE1Yafo0
y9h1h25z44kAlQMFEDPw6arUWbxRv7Y9YQEBrGYD/AyYF/uH6EJVZww/oASl5pxt
2Q9YR5Kb60f7RsMOi48SgIV0lrUCk8rEN7HiEMlMSzjqtCuAPbxc85ltYA2V8GMB
uz16DZ+LshmN2Bdo5HvlJ7oONRfTznAaeKVH40MYI+4oj0Z+mXbhIT48OkQUaWAx
+XxdzLufxNNU8oForJ/FiQEVAwUQM/NXXx9quvkcD7cJAQHDZwgAkh5R/OS8SzEV
WOOlnUPSaI/PNPSeKdEOOvU5K6u8DMsb/M5775fg9paCGi+UngRiL3xWjykJzfrp
94F/0d4PpdkcQUEao6+uZBgIbDK9S/W0bDAFCgCnwy20JPXxJgdikQb0GLBzP+31
WHl4JSMXTuNAFJ8z7Uc/a2JWe3QZ+w8uZP5IyASimYYLu+19Hxo4fYT/bOOQ975z
arCgaDO6b4HU68GG3WqytmuBj6Vpu1x5Ia9cNpxgPmtM4wg83zmx06fDTGN89EYH
rt7dluxCBesxPhUsmZn071Xdq1zMYIzHns4jxwCREp5kNMtPsUKA8dSA4UO2BdkO
q5IX6scTOokAPwMFEDPyrMUi3EpiOkv3cBECgNEAn0dTtLw0NDPHn/XPgxz8jcnR
szjkAJ0bHBmB26616zdcrgPZrYtvac9gVYkAlQMFEDPxEE1/tdR0mmHbCQEBO2YE
APGeRsytUHeL7tUbdDgLmz6fcroNkJk6sjQLAw0HYqnHbwhfXCvFQmAb00Whw4xQ
cSXej3JUJSwXDyEJ5AhOD3IdTkKJnJA81xJzYJXhp8kJTF09M5voB5eZg1Fp0bcE
w3a2MXy3SWRWfJ7SSA2De7dBpf2oOZeI9AuRltHfVmKPiQCVAwUQND7fLiFQYTN/
zSo9AQGwMQQAog5OyeA3+SkPl0l89fUH/ZBs9abyK7KM7DMyb4ERWzAhoikImk7F
BCofLz0o3KeeTa/0gzYVD8RviunRmbwbT8GldHElW6bnxs9Uh5EQTmrX0vPi3q1L
1zM+RQ1BPR2GJ41DFpEGG/HCoIqrouoWsM6Xn8sujXFnFmInWu3Fc4mJARUDBRA0
lwTIK3xv9F14VdcBASbBCADjdN/dK/bTAKJLW+a3aL5S2+FbhUkBC+o8OTAYgkXy
bp9uWSH9Y/d0+ac+T6ZLThQgPwgRUmNbpasbsQPz5I5YYyoepeGoKztZZLnKBRCy
AF+sV4LyE1oU+67QikwVMjMraP6eJesOTdFg2+YI0DqJZmbdeY9IRdduwV2AuZMt
04YxYTrUeP+dGj4vXLQv+FVVUSKeCE3rsrwYRFi+GFE8PJw2rSD8CCIe7mMZv1fX
P1EJs3umgtv2eECBQ83hEahSrM/vizRjlri2XvpOqa6xoeUbpuzSOdgHOYpaPHjK
yd7orHpBcew143UJ8G/Gjo+SgY4GWtncPgNGgX1NFtrxiQEVAwUQND7WmkZi51gg
Ebh5AQHEFwf/VmrG6IvjIZ4IKbc1aqvEU8YRoIlkb0OosGVOU1DsRy/mkGHizLE7
icEPH7/uhW7L6S0AdbKxFJG1lAxC26ykqNC+g7o/Nssae9B/wE721e36FjxmOpEi
ZcvesOCtB6/GnOlxblvAtm0vwK4QV9LI/oqiqNwQhgSZLLDuk5Vzm1lnRA0/nTsX
nlUKaAgfMkj2oAJhLAlR4rqxnJCyb+xR1YDCt77no2ll9RDXQMqzosSUU83kCC4b
fXhnHXADK7Tz9FhN6ihNW9pOjbEsQ41DT+wnE3nkehbcUmZyjskNFdQXRVSHEWYe
32woo5UV+ZQ2qjdkLV8QUgDyn/ylFtrBN4kBFQMFEDQ+8CtLxxlDRSxB+QEB4p4I
AKunmSfnZkti5wXwH97urNKsFNps4o0EHCrMbDfzvps3+7CCjYb9qmlo06bcCuT5
CzdsHfjEUKKQ+jJ1gBZSt52Nc1DlCjM+voz2XKogrI6BfKZpTos5ZUq9S0Of9OM5
tEhgXAVqo+MQ+5nSY4uT8YwJf+iANMktC1OkDR4Zj+6uGAWMLX69kDSBF75DnONN
NknGzDYcP4KwTisZwDDtqR5Qmu+/LtnV94pXRLiro+dCkU2S5hCT0nTAG9+UkQXy
xSyIn88aYicljnReNVqDXwhX4Sev/Cdb7cfj+h/iKXpDFuZ1UUUyAJy5XMCcxxge
juDXgcz/A1sVL6/YtHSsr1uJARUDBRA0R9vD1FlcL7UofrEBAfKCB/96WqTVvWrO
H8C3q1NLt5KleAv2gRRNgeQIqGxkRcuRoJTjbganKjezK2oS3VyBqN67HDKaJ5di
TfuG2i87y1Flbxh4rnlo5Ppse2Sisp/hfJ/cD5ZEem1IlMCUHL7/XOknc4fv/bqn
8vFhCIUpdsC8akKTPa82fc09J/vNDBBJm9UBIZUMcXhUHmpOWI7BvQJuyGRUPNm6
1mYqwTdn+nba5SE73t9/37ZJvg+L11uN3BbsyEiH9hq9Xv7s9+I9f0SqwmDuGxNX
X5NQRLlUidiCbR/njpib3BAKo27NudC185tL1tqY7cTjSD4A3ayJgK8urSVdso+G
D6sS6mLGmoigiQA/AwUQNDqzpN6/Lw5WBJ4PEQJBMQCffp1SLf282PdNyGCHWRRQ
ufkFoYYAn2lLhfXQQKccZh/cef3dflJZ9RH7tFBDaXNjbyBTeXN0ZW1zIHByb2R1
Y3Qgc2VjdXJpdHkgaW5jaWRlbnQvYnVnIHJlcG9ydGluZyA8c2VjdXJpdHktYWxl
cnRAY2lzY28uY29tPokBFQMFEDPvjV0Mj7Lhmx7xKQEBCCsH/3i8JxEVxwj+F/ff
f2lCRDD83fJTGhYNYvOACxYaRSs1hwZ1pAWSLUzN+cc3Iqub+dT9zgbubrHFP8kY
B5oPxEh92myV7d0ijLI82RNc7yrql9MI2H9yIYdgrT2aP98KbGulxri3U9HQ1AnV
PE43eu8F96fgiOggRqDKi7lWP9ADvcaKO3a1aDk/X2EO1I0jSJMTfZ1cyMlpmrnT
s3i5x2lX+42GHjpgA3tWGlTN6DFWa5k2dU7TzE3dKL1qz5Zdu81WMdT4xDbk2Q6Z
8rGu2oKA+YXprSlF0dBsG3qFTKSFgnHijTT4fJI2+gebEzpe8vGUf4FJXQmjZ+bG
2dTdUKyJAD8DBRAz7410loGnfD1S4H8RAqdjAJ9VVM6GixYnpOpZMvvpuKk3OHow
KACfQxP/Dcmqg5KtDPnd6hHMaVbEBAaJAD8DBRAz7435YVgWxTrOVf4RAhkwAKDW
gIbBaQ/qoR9F/CMhmpYztcsMBwCg2DThE7h3j5HGvsiwy8MsZZmLq5mJAJUDBRAz
77opd6a8PicAdv0BAXKbA/9uZcSak/u41uFuow5uwkydjkfHz7XRFK49HX7ozwoJ
bVydzlURMIOvbwpf6ws/bFTyhM1RRG3b5E5o4psXoNWowXG+uNkmTLhXIBOtH4Tc
jbLXspLWUiNtBNlJ2dDKxit9ye1Z/9cTwpfaNyAmtb0aPBN4sZ8r6Bmgd44Vx0nS
L4kAlQMFEDPw5OoYpviqjmcaIQEBJ/UEALXebkpbO3GE/jGb41qzMcoTVXt3kqh1
mY1yJloPEllXstP1yO83uczLfPhhKUKAGg/WZS5eFrYTRvIqu2HZ7F0PfTqqReKU
Ur7GFb+QUTzt178DQzfIyTHT+43CIMF6NPGbdWFkwzMaUjXBewEX2eTNg1fRSoYC
64rPvSEXFnnpiQCVAwUQM/Dpk3rVLQac9JW5AQHcZgQAqveziPJciVrzdanmUHGt
8La2rl1qXoYtYAcS51gVD2Dxle/J1SIvyRWysTE0+s8X+zgw71zQXm54KUKdoFTv
Eyerc65NnVVCgPUpNN8/H0XUpNd1oZ2KKIzz3mxQbVwa50sRKvYBFUo9mUfbv+al
FK4yrWaqAF3Dx38KiQrqOa2JAD8DBRAz8PHwuLBHYcSRQwcRAu+bAJoDEDaxddtU
35mekCglNjbHLmOR+gCgiYpy0fB8JtNJE0k3xQDuW0H8uG2JAJUDBRAz8Om31Fm8
Ub+2PWEBASbZA/9wYDYTmvtoSuvI0yOITGgmh8kSCOMAmXikhI6ASZy8GhkPX7OY
2ybX2Iw7XXApL0mcuDr13Fm+xrt9TymyYAbRnmPjbPn1GoYVM/orN+R/t/mblfdb
+eklvMKnChA7eNFfYNUz+V+lRPkH156EnBXYwmzlYsKEerGjxJLoyQErsokAPwMF
EDPyrNgi3EpiOkv3cBECoIcAnjmNq8NznK0HYgwicWYUjDAmte6QAKCK6txKW+VH
WRJ2cSf2maRkf0TmmokAlQMFEDPxEHR/tdR0mmHbCQEBigQD/i0ZA1QsFjQqQABT
moOqLt0phX8Q9fakXyz245Zt5y5OsGL20lwVadVVzESZHZgl0sTHtL6Na8QjKC+u
qlbrch60oInzzzegGDTyk0zVMeaNApOcV3+D1qMvHH78qyibXf8A4uEcn1jrGTWC
lQH9SLW2bHtuNyArIDAHbs2S4MoKiQEVAwUQM/TlIB9quvkcD7cJAQEmFggAvkXG
VGoNGrK1NO8hhf4R/oIeCahsc5v9i06xVSiRhZRJ9of3PC4JjzAxjNtG5EZi31YR
Zy1+Ja2JFDOA/MPlKv4AURZiULAwS5DRQ94dTCk7kvXpKr3Q5TOOpFWQJ81yotc3
8UGi87PlrxZqsWD2iHTp5lzfaoRuKCoL1ao87ppE3l4KiU5lRJ/uZxn/vyrEv619
4Q5dzelkPC1cQbi4tX0+phtvSV4/KZbv0J1kkCKkQFQBA70IdfkcNu41JqcsRjML
DJB+rbSQa0UozWx3Scl8TFzcVbRQG5YEd/fwBkWeRLbm+2nHTkiddYHmsLiNXFcX
jPWhBYyp+4B/f+bjYokBFQMFEDSXBPArfG/0XXhV1wEBKGAH/iNvdhvOPUHEHReh
pBiYeBslxdvWClm2zYfPDwJnBwMRSjD67IS5tLjDWvkE4/g5Qk8dDPkKmDp02Ycz
LKFqFvUYcfxrNJgxWVLFYJ3dB6QsCeR6Fq+qs1y8v3jYYWpUM4dUUWDMF66FUqO0
hAQGjjoQ1Nm92q71nglm647B9Z50QZBrJRHWS4Q6q48tkr4Cg+6BHKT/pg/SluYm
6wUMAB4shZ58S/Brba8Hzz+YT39KFwOJ1J3O+t36xPeGrazc3EyAcr081xpa/9p6
OdEhdUhhz9KHD/gOarlH7PTPYGITP3ZmhZ/SfCYDEeR0Kw7aKXFkAZUvNu9/5Cxv
4IO3zmOJARUDBRA0PtalRmLnWCARuHkBAU5hB/9HAIi89liNnkaSspn35i9hHSLR
c1eRUz5e5RdjpdF2WWwONRmNrJh1LkRe+2oYVPw1hTx1Jb2tDwDTDIoaxsUkVsL3
4/b2NOZsmOsiKt/P7Y17ygbTSFIgicaP/eR/swXYOEv9RSu2yAdqUbTi7XIvjioz
jCxVBAAyhW9fyoIg94JpDK047gfd8kS5smyVJA8Vmg1Ll3qOqhUENXecqSvKlx67
pbLSvyvmTA+RqKVgaEDYOHJuSeacexu2EKHBJwGrVGhtYVwtFRONInxePdb1uYsd
tVLQOZUKDMLQYnBVjAwi65yXbstkArzZ2sYctIMTUBNbgfKheWWpG1uGmIT8iQEV
AwUQND8Qe0vHGUNFLEH5AQF6tgf/SGAuL/bSaUMd1Ia+Vh4q+KGj015cPXHiJgv5
YltjvoZUcOe2l5c8flKlyrgTekmX2l63xzRsOOK9LMxt4bJwuIbr1yb81UBnbqtz
OoAHI83ucJBiuGTf+ffcYCP4KWg2blASEJpwBXGEaxIMBVAPzZIQUnyg4FaKjLwY
Mu2sp0Gg/nNI/QogoYeNzT03m55Ng6hpGK3v6RrLdy/Cpi2bPxKNrBB5as3u7WmA
8XRiOaHiu5LIJnRYjhXrmpSytr4J8NVr81PkK4eWKxpTOEg/v/Zk1/f34Eh2K/B8
VfGUalIAygEmBqhiW/zJFZTX2+IwVvPwVocb/Qk9DSfMCbGYc4kBFQMFEDRH28LU
WVwvtSh+sQEBfzcIAKfPLrf18fhKivjwURU8hNmMyr9GQ1HVoyE/d1L5dFjXZHl9
B1g8VKodL8Hh71UHS0kN22CsGpDuOzGh/E82BLVuO1POrDQ1Jipe0JC5UBOMTqcX
hZ6qut4C1fZ4urXDalqusdKIHvLO1VdQL96TTuvrsIVoh5gc5k0jw65SPM7FT5mo
uJmt7+8D1id2SILbnAcH+Cy7iVbV0tkTeU8/ETFnKkDgv3OGUBrxsTn4/7drGg0k
7gKeRR9RcJduX7L+Zyxo2DuJ/lJhUEpmNwqM2ZeTWY26ugEBKsNhwmIHzFXa0s5f
bAJZ1egubigLQnNYVHOB5I0jxO07/rOqOo7mN56JAD8DBRA0OrOk3r8vDlYEng8R
Agl6AKDlMjVFv3gKMloyxLEZEQT/QggmowCfVqd3eHVSyoRRa8VZIuoFsRDRpSmZ
AaEEM++MMBEEAPzZFczUTJVISkvqakMzLEjxJxzbbJWpFgv4KS/RJccQ9pk0iBBu
VXHfaPJ+eYYhl5VgrawNFMHq9cm3WT5HkdFGFMbt8HR/fT2BP9mCaTrjMLsvictC
np80RUkt/FF2vBcI498F/npjy8oEVlK/Arios0e6sw/YxVS5h8KXZSkfAKD/pbMV
Mdbfge8MqAP7eTRqnSUyrwQAwT2LkgR3BOcY7bOzLJz+DDpAqhIY0SRsaZyJm6QB
BO6VUpClgy/WMibpTL3UduxHSZRbE/MIE8K8nO9k5bQ74Amrib+HV1APaR0ge36d
gB19mNjbphSkHqB8WZC5waEf+jwZ+GSY3ovDbX6DHiVy1+Jrb/jqmhqwI2j3rXIr
K5AD8gPqqkdquAGg6Taf9q/2NXVGjHy+FhUbBCGZWlhVQzN3DyV2jcJ6NqrJb3sj
I5Tu1mjhZTMnZnewbQMd2Kb5Wh4ONvmGx3fgzOgYvsqNEUaV1s2vYf8OGYi0vLPE
nlheAxc0bLciF86MLBmwaFnV5N13FsPutvv5U39E6FOkJJe0R0Npc2NvIFN5c3Rl
bXMgUHJvZHVjdCBTZWN1cml0eSBJbmNpZGVudCBSZXNwb25zZSBUZWFtIDxwc2ly
dEBjaXNjby5jb20+iQEVAwUQM++NIAyPsuGbHvEpAQHkeAf/ZT4+h6m1GTw0lmzV
HKL3OJNHQ7p5O8Fw/6r9t/SjqP3vtxN/e8xmfb6N6punAjwzu/qg6F6w87qUOiYf
xRdjS3rYL5xXxY+/GcIaJMyrl12uP6LvFlyG1HRIw25H5oYjeELm2N3NTJELa53U
Iv4rbMWvUvNY7lzfkr+OtdiBd+vp6rrLUshTfKZrhBoUlM7X0eCwFHcJQStBTJc8
2+jMdSM5aBeKowl7z6XRipjnH1Xvif6SmdNl5F+ZXqiFfUDS9/a1pVaLHdIRm1dN
JoQpbOXhT71LMC+rnDJLZUJF8S2ZxVUYNloiIxke19RxJXERbpAMV43HOqCdVmBp
chZkCYkAlQMFEDPw5LgYpviqjmcaIQEBbqkD/jYM7jLeiSSZ8utyl9QzV7EO02EI
CRclnZo9ovycZQVrWVCOYr2mvANAz4d42t4S+NdbBoWJ4WvVFpd8H/4B2O5GAPdH
zNRon5My9RwCpRO0+fQw4CxrsEJOKw8jQiyv0WdUya2ZCcBKK+zXp65quTgrV6vQ
N1NAx7zY6MJK7832iQA/AwUQM/EFSiLcSmI6S/dwEQJLWwCeLR52wEM303q4s6AB
UUpWkl9137YAoIq/KrjbCmOnNptaDiS33E5G8tYxiQEVAwUQND7WZEZi51ggEbh5
AQGIMQf/YpWT/wwwnwzCUVQbwsX/fIqIXc/q5PEh487iZruuB+9nM1vH0e3gezY3
i8CH3Z0BzQQwkc4t5xxgEWZa10POhvJ52/ma5MFPKMOLcoJ89E46mnwDC+HOgjPE
qJCUqDK8cdrpZ4zD2+X4Fp++z7Otp+H5JH7KWEswtfhHibejn38twmkmrkYxXcaR
AA9+S1XnobAIM97FZWdcIFV6mi+ajXygV+qozgaP2cEvJoHMbOkd5ry3Ts7vXmHl
NZBxWQUjKltknrfaRzkwvSVxZxN4SktcJdLQwHpL24qABi5qJFghb0dPcrzQSm4c
sX//kWlKvOUWfW986mdxYvResYLGrIkBFQMFEDQ+7+tLxxlDRSxB+QEBuSwH/iWl
90sSSiU+6AJHAJRxckF19fidRf8nRuKJP/HNlyL91Bhepy3JkCy35IFIVx0B8a6C
lQYauPf4kY/2OT2FFtL5f+OOy1aAkg2JRvlQd7RyRVm+GUAZa6o8vXSJf+EBplpP
nY4aKELcI95DoM69PfDkCAilH1/N8LMAI05FKEFCKk9Kc6qPoWDMdPXtpo9XAY4X
mT6n9C/o++ER6xWtVXx0VbCdpSHtG4GPDFx5txqWVjJR5ut1D1rCNRkLmEOGkRgh
DTtks0ZK/TkgEKxDL0sFxQ5MXOl8K0xPxHEYqjWHwkZGl3d+gE3lTpGscccCI1/g
JSbp+xnb9t4z4p8Nj1eJAD8DBRAz744dYVgWxTrOVf4RAkj+AKCOeM+A7YFF1li0
wDd/26EhmTPtxgCcDcmhKQrfza+KHn9YySmLDhkIhl2JAJUDBRAz77opd6a8PicA
dv0BAdGGBACTpnFJfSI1OpbDXzOxCWu50REdRqf1JtHOQOKz9d5gsc9GoZNlGkjQ
dvcGDm7B1FTTJV7n1AhRhgKoB/PuIB6MIrbCmoVmYQa66dlZZ4alFAwEtJRscFo0
lkLxXSYBu0R4oPgL0qMoTlEzeNOsBoFJ8ICpoXwwnzRjmWXAcQBquYkAlQMFEDPw
5xp61S0GnPSVuQEB4vUD/0W98yG6mzUxb+f3V5FcT24nvaE8IxgfcLn/Z/6K0+Vl
bV47x7EbFbbGiUGG/DdCTdvhQd6y3or3fB6L+TjAJ9lOhl/k74yeMvG+XWk0sNd5
ngKY/Znm5NhcoTJLhxw+ZZzkzQeO47BPRIXBk4v5aRHfIbAcux6RUQ9Ds2dzF1or
iQBRBBARAgARBQIz74wwBQkB4TOABAsDAQIACgkQloGnfD1S4H8PbwCg3ytkBFVx
2LoeRUfZIjLEhT5OUfQAoOtN+OeqNGgtJT3uRh0tX418XTJOiQA/AwUQM/Dw77iw
R2HEkUMHEQLdSQCdG1N6u+S8+Mcu7tZbInqlSJBnor4An3HYydE65r4wWbInG5ry
ohHxE+OSiQEVAwUQNEfcBdRZXC+1KH6xAQF2Uwf+O3uWcAhVvLmLMUA4kLQnlahX
4pMLZMWGuhTY4T9Qab8ngSpCwoNBBCJ69Ofrb6ChYEeYbGGB4e3iiVyAXKPc+qtn
Zq2baW7ND6NgbN1qsx3aYDsrPXy6RcvmG9DL328xcEjduOniIy3YLX3YnmLOJpzs
cmh3I2jInBrGyVE+CDbdZFSmY+slOLddrdT9G0te+uGEvoMNb2j5dki5jjM/IJTW
qtsCWzqmbJD4KYU6lL1YMpV7sIWcths16mcfoq2nayF2hUP3vGgn6cPeHWNPJbHH
YR3DJaelln33OKkJttIz2+XTpHJINSRoINPA+xC5UVDNyhjB2c2c+BAjYOYaeIkA
lQMFEDPw5zrUWbxRv7Y9YQEB9sMEAI/GCqiLtXAEWzSJvCb+eIUmZtDcRqcpyPFV
o1yjB0QJpZiJ0Al3epRU7IVdLUpjqIJFAU/WNbJTRI07nxIISmz8Upqq52sGInvF
rklLYnsklNSDKEN1NFLj9c+DOqs8TdfEUl17wNag5450CMaXzmksplbwZ1ilGpU1
X1OGtM9jiQA/AwUQNDqzkN6/Lw5WBJ4PEQLzYgCfdwbsX7GdHQeOZqIU+XcgHIwb
TmQAnj/+EGDx5WFCl0gNu3oMu1Nx3d/ytFBDaXNjbyBTeXN0ZW1zIHByb2R1Y3Qg
c2VjdXJpdHkgaW5jaWRlbnQvYnVnIHJlcG9ydGluZyA8c2VjdXJpdHktYWxlcnRA
Y2lzY28uY29tPokBFQMFEDPvjR8Mj7Lhmx7xKQEB74QIAIHywUKBb0eswIQkFoWo
yjEVwoZZ8StI57ElqPxyXzDbddisb1tnQTqlOWL/x1QZBaR+l28yvv5l4G+VgR3w
MFXAixN5ZXYtYxYl9NX7bKQryf2Nydq6RBeLPevWUcnLDUMVcF7FM01ebraR6HOD
UUcClyoykItwcNIkAih4UCXrmAx33RH8rssDVRuJB/ZItWudUbuqKi4Pyt2h6LNR
kOrbNwjBuhZUScUUrzum4HD/4hh4k2gPuA20KoEf6LrWvZUs7Td3w9KIYY3A1Tsw
hVfGVdQ7tSu/8lVhakvrYtrL8HSpeqL4GudQg1MTk0TXnJ/36gpbghxaD+Vz+6XR
GySJAJUDBRAz8OTGGKb4qo5nGiEBAUoLA/wNoSVGTzVzNIlapKiFTLRELngk+yf0
xERuY7uHMDf4ystZrW9NpVoDd9r+HNI12Kxof6DyLyT4sl9hMoCYu3+TA2TtHtS0
p//0SI6VQzvW6hz6gyHGe9rlExX3mhkv8epXsbhK1XLpBDtos4Cn11alSIN3XHsd
1xcTylh20NHYiIkAPwMFEDPxBZ8i3EpiOkv3cBECzo8AnRy+sT+IxLF7vwDswxJU
P+D6OHYYAKChCzpKDM/X1c7jCqY/xFhcr9wuzYkBFQMFEDQ+1m9GYudYIBG4eQEB
CwoH/AjPKpDr2ikP9Hi/08m14rVsKbypOAGcoUZonTrxs4oFz0umrzwMhUaxbYlj
rnQpjK16qaPU2PqpRxuljXCgvRfKE41wpu8eqYSOnisGkERn4xquaHSQ22W2YO14
olveORMIUmhg9uKIx173UB+yUZkATlkfpaJafk43YVh5lcSl83s2YI4MRl7rOLTx
rypvdBz1FY2Pk+YfmZXuPtGVW6CUDRtJ1/+w/Htg08hFRhanzHzS/4/q9M8u66+4
o+jpesRmD/EYkr5AZPgKKUjVaGyB5jNfq26ZyK4LbcDqhHFKkNT4DyF4zbf8LAOl
u0s5XNaRDQH/TGtwzC842IuziY2JARUDBRA0PxA0S8cZQ0UsQfkBAfbLCACWyn6v
n/7caRMJxqmDFmaE+RVMAQnzyIB3nh24DsNCiReDWoi7/DPp8U9KwPOe8fkxujvs
eSefEakNRRZmQTEVHM5RJ+nLnWterQ6iQiTk+Fl1++xc1tt7xQcuwmBnmBHV9j58
t5MLxF8CgdGPdA/iirA8roSwkBtUN4l5D4SH9pJ1bpob/4DN8EIgs1+qW52OU/Af
pM73oLyt2f9xkn5dEwVG+Q/9GuxeObjBEqo5ES79mhg5JXehFAp6X+m5nh/dAYdM
XrPg5BLBDNXVuFzSn8h9xu1c4PkWWKUb2JDG2HoH8FT/d+rgq6DLPrTG/yKU6Z2m
qWf9tS0sZJGnd88MiQA/AwUQM++OQWFYFsU6zlX+EQL15QCdH/0xpxvC7pliBqA1
C8paUQBjgO8AoMvHDb4XSYmPKv4YGafCQcWBqWj0iQA/AwUQND8N0nVnqW5Zuj/U
EQIiSgCg6snJ1ScKLUxYL+Opmd2FaS5E2vcAoO7le5OjBERvjre3FGo2viR6oBFe
iQCVAwUQM++6KHemvD4nAHb9AQGqIQQAjH4eqUgCQ7dvNqtohZjRhyz4eG/Npt/Y
g5ipiJhMiGTM4T0l6BPJdrMGtUnCumD6I4GR9JrleeECaVpVY0dYGCuzkqUf+173
OlKP+SfEB4Ryyk9teIkAn2+u6o3TAGP3+CjLkppO977qQOp7xeL14KkwepfUY34R
YVOfojOJ5iiJAJUDBRAz8OcketUtBpz0lbkBAeEOA/9XZ8xP9SY8AIO3QNjOlGVS
xAzZBDBIkgwo5vyJh1ts20TdBq+uvHkXR7aAo/rLJ6hDEEBGaoEHk6m2N7x3yxNm
knKIY+d9vEiA8Mydg3Lhe5c5Tl+k+w4Z+CAb/81FQ01Rpg7sYpp59uVzl4626w4A
7g5ON3C7Ms4ihrPYI6geTIkAUQQQEQIAEQUCM++MjQUJAeEzgAQLAwECAAoJEJaB
p3w9UuB/TgoAoNwYPRsLnWYvv8aru3VzhaDFaxCFAKDuDrzaRwMRkrlaHy5+DRKl
I4z5BYkAPwMFEDPw8X64sEdhxJFDBxECCOoAoPU3irk5mKfHp6FnIphpAH7Mw9US
AJ4qJW9yfFssD1eQWhOEL+JJFnSgtokBFQMFEDRH3ATUWVwvtSh+sQEBRVwH/jsn
VnpcEbQMRd63Oah+MjziiFZgzbA0VsuyqwNrS7HbZPEv1sjAzPliLpNXQHIEf8wR
4Ret+mssuQRGsf7O1wfgi9Mzm37ke5R8yp5MozOgnjJhwqi9Gx7lHsTb8QHzJxyx
n51UM+CdOP/IDmoXVPXQSDkB1KyrJAW2mvjFvDUJ4txTL9WqD2R1gmphFAd16hJ0
WGl4YR5Mr5XhO9zeRBYgrtlLKidOlCIb4RZo/53NED/DbmvSSAPpQrzTHP+D2xB4
Vm4kpFjtXqO7pMR+qP/NsWQw16W6jJcJUyeiLa2O7RZ8S6xz5WcrgNRTb1jdUihf
tOzN0yK4KOelMYrYH/KJAJUDBRAz8Odf1Fm8Ub+2PWEBATcAA/wIXWNXs7dxqS9x
SMy76D0Ucl3lOuprp/ikqVptI3rAvogRs4oeConNyAWGRUEQhVhcTvOxXrOtpmxd
gsMFL1qdM/Nu8LnkNsRwsjIv6AxBc9FnUiy6TDtdLaSMJAaGu3mxYMHRx1xwVFJH
IUbH7Bb7bKih1vu4MkXjc0w621GJaYkAPwMFEDQ6s5Devy8OVgSeDxECyTgAoI6S
ef4dTttm352EpKx3rgcMK67HAJ45/2VQ7MiQNI+am+48sAMtTV6NZrkCDQQz74xP
EAgA1+cS+JXoZKoX/tIx62xoKQpR79OZwS2hhF0T1miu8uWu69JoUcyBcKDhKrIL
rz0EkkFoo3YxNghXRPeJ2VseniZccPJTby1MQV6cD2bgRHQ/EQ7/AhMjdeg47tIL
FSfHK/E/Lwmf09gEcykX6JapRvMuxfi1kjssmPveLS+L7m0Y1oEEW7hwPZQmKzuV
v8JIrttvhEnqUdhVYe1twUCnBJGF566y83RjAqk+DmHLqDBpRIq110kNp1wlxD8b
YjzbSieyqBhF8OdwQFi4tq+67aHkK5H5DPqOvA1QBfV/pTELZZhju2yn7DNAn1W5
OcpAQU9zoYiiJJJ7JXcqJvNVnwACAggAoMF1MWLqRBIHX7HtdCBDxI0vQcWO2vbl
Mwmv955TqbU2Su0JWDeWUD6WFOamiuTpkO7cZen8hbTajbjobntnbekdTVWQTCOx
aXWx1RjlAf7AhXq5km5tlbVOugMjzqXSbtZ5YL6apBefoa6+Rf5ikXmpTU4Jj0+d
6fqxaRheKoTktbdRLJjGCVNpzwRCpyzclh69XX8zqhNZd0xIQNXb8Gp32DmpkFhA
WSR+11bpiwk8waCfYQjK7iRPJrOTdRp8f/Kp6YJsZfpLmPeSsKggzB9Sl44c8HU7
EAIsHSWgDZzAKmrmntaFdQLJG6p1dg3nQ1SuYoOjz6Gwv97z0+h9BYkATAQYEQIA
DAUCM++MTwUJAeEzgAAKCRCWgad8PVLgf8iNAJ9gpFxJH7WRmgEdhvAnKIeotKOy
kgCgzgB+61bgcthrbTQD9E41tx+LZv4=
=wtkK
-----END PGP PUBLIC KEY BLOCK-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:53:48 PDT