I'm afraid there were a few timing problems in getting this out. It's been posted on our Web site for a couple of days. Sorry to send the mail right before a weekend. -- J. Bashinski Cisco Systems -----BEGIN PGP SIGNED MESSAGE----- Field Notice: Cisco Web Cache Control Protocol Router Vulnerability May 13, 1998 Summary ======= Cisco's Cisco Cache Engine product provides transparent caching for world-wide web pages retrieved via HTTP. The Cache Engine uses a Cisco proprietary protocol called the Web Cache Control Protocol (WCCP) to communicate with a properly-configured Cisco router and register as a cache service provider. The router then diverts HTTP traffic to the Cache Engine. Although this process is not enabled by default, and takes place only if a user specifically configures the router to enable WCCP, there is no authentication in WCCP itself. A router configured to support Cache Engines will treat any host that sends it valid WCCP hello packets as a cache engine, and may divert HTTP traffic to that host. This means that it is possible for malicious users to divert web traffic passing through such a router, even though they may not have either physical or configuration access to the router. This attack can be avoided by using access lists to prevent WCCP traffic from untrusted hosts from reaching the router. Cisco will be modifying WCCP to include hash-based authentication in a future release. Who Is Affected =============== All users of the Cisco Cache Engine and WCCP who have not configured filtering access lists to prevent WCCP access by unauthorized hosts are affected by this attack. Users who have not specifically configured their routers to enable WCCP are not affected by this attack. If the character string "wccp" does not appear in your router configuration file, you are not affected. Impact ====== Attackers can cause a router configured for WCCP to divert some or all HTTP traffic to any host they choose, anywhere on the Internet. Once having done this, attackers are able to: * intercept confidential information, including site access passwords * substitute data of their own choosing for the actual content of web pages * disrupt web service for connections passing through the targeted router In order to do this, the attacker would either need a Cisco Cache Engine or software capable of generating WCCP traffic. Cisco sells Cache Engines to the general public, although a relatively small number have been shipped thus far. The WCCP protococol specification is unpublished, but the protocol is not immune to reverse engineering. Details ======= This vulnerability has been assigned Cisco bug ID CSCdk07174. If you are a registered CCO user and you have logged in, you can view bug details. Affected Software Versions - ------------------------ This vulnerability affects all versions of Cisco IOS software that support WCCP that have been released as of the date of this notice. This includes Cisco IOS 11.2(P) releases beginning with 11.2(10)P, 11.1CA releases beginning with 11.1(14)CA, and 11.1 releases derived from 11.1(14)CA, including 11.1CC. Planned Software Fixes - -------------------- Cisco plans to release software that supports authentication for WCCP. This will involve a modification to the WCCP protocol. In order to take advantage of the authentication features, customers will need to upgrade the software in both routers and Cache Engines, and will need to make some minor configuration changes on both devices. Release of the improved software is tentatively scheduled for September, 1998, but this schedule is subject to change. Cisco believes that the workaround described below will adequately protect Cache Engine users until the new software is ready. Cisco is considering making an interim fix involving an explicit command to apply an access list to all incoming WCCP traffic. This would be largely equivalent to the workaround discussed below, but might be easier for some users to configure. No decision has been made on when or whether to offer this interim fix. If an interim fix is created, this notice will be updated to reflect that fact. Workaround - -------- WCCP runs over UDP at port 2048. By blocking unauthorized UDP traffic destined to port 2048 on the router running WCCP, attackers can be prevented from sending WCCP traffic to the router, and therefore from diverting any actual traffic. For proper security, it's important to block all traffic destined for port 2048 at any address assigned to the router, as well as at all broadcast addresses for networks on which the router may be attached, and all multicast addresses to which the router may be listening. The blocking can be configured either using inbound access lists on the WCCP router itself, or using access lists or other filtering on surrounding devices. Exploitation and Public Announcements ===================================== Cisco has had no reports of malicious exploitation of this vulnerability. Cisco knows of no public announcements of this vulnerability before the date of this notice. However, the vulnerability has been independently identified by several people both inside and outside of Cisco, and should be considered to be public knowledge. Status of This Notice ===================== This is a final field notice. Although Cisco cannot guarantee the accuracy of all statements in this notice, all the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this notice unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this notice. Distribution - ---------- In addition to this CCO version of the field notice, the initial version of this notice is also being sent via e-mail to the following recipients: * cust-security-announceat_private * Identified Cisco Cache Engine customers. Cisco does not guarantee its ability to identify every person or organization that may be in possesssion of a Cache Engine, nor to exclude every person or organization that does not have a Cache Engine. * bugtraqat_private * first-teamsat_private (includes CERT/CC) * Internal Cisco mailing lists Future updates of this notice, if any, will be documented in this CCO version of the field notice, but will not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check this URL for updates. Revision History - -------------- Revision 1.0, Initial released version 08:00 AM US/Pacific, 13-MAY-1998 Cisco Security Procedures ========================= Please report security issues with Cisco products, and/or sensitive security intrusion emergencies involving Cisco products, to security-alertat_private Reports may be encrypted using PGP; public RSA and DSS keys for "security-alertat_private" are on the public PGP keyservers. The alias "security-alertat_private" is used only for reports incoming to Cisco. Mail sent to the list goes only to a very small group of users within Cisco. Neither outside users nor unauthorized Cisco employees may subscribe to "security-alertat_private". Please do not use "security-alertat_private" for configuration questions, for security intrusions that you do not consider to be sensitive emergencies, or for general, non-security-related support requests. We do not have the capacity to handle such requests through this channel, and will refer them to Cisco's Technical Assistance Center (TAC), delaying response to your questions. We advise contacting the TAC directly with these requests: * (800) 553-24HR * (408) 526-7209 * e-mail: tacat_private All formal public security notices generated by Cisco are sent to the public mailing list "cust-security-announceat_private". For information on subscribing to this mailing list, send a message containing the single line "info cust-security-announce" to "majordomoat_private". An analogous list, "cust-security-discussat_private", is available for public discussion of the notices and of other Cisco security issues. This notice is copyright 1998 by Cisco Systems, Inc. This notice may be redistributed freely provided that redistributed copies are complete and unmodified, including all date and version information. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQEVAwUBNVzLPAyPsuGbHvEpAQEdgQf+IqBIee3dogVddsqNduZF17pkuAbCWxt8 HBKJMD3isiIgcIHsnUXPuDzeQPaRf9hoxP2DY/htxqQkAUolfrQbw/bQaYVv1I2g Txc7B+0ZjGBxGovuOWmMnpKBXvCYusRkmzvLIHGiw+FB//gRAM4RJjcCdKKZVOBm CVDOPuWgzY5WTQsIt/g/Sqe4KoyR4/9hm3sbzXuqeJZ4xxLrJv6t3n3BUQgv7V0n KdkUU8SfGMG6py0PBVkPTiA8UdCCfdc9/gDVCHtpo4xwFKheEeBTkTsokYz7/lat 53MYCO5EEvqXpBRrjOz7znLTrugmhBLkS713jqFTe4DLfSlNSo5ehA== =1LfV -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP for Personal Privacy 5.0 mQENAzPvjNgBbQEIANK7KlAHQsajB9t0ddYhrZNmaOnyPL8T5JZRDq7uSf3HfXZ9 gcE+DU3/2/TuCa7l/P0fblpUtxOo2FScjdg6Zd/V+8FH++wfH7GP+M2lJIw1N/UN hLfqUe7RJZtAvAb2VRpA3pV816ngk0H7tb2RyAsu3H7MvwTDZaZ/dzhM/40uDz2b OUjkaoxC/cKLsP+ODLydPK3XPzjq9XipC3AX8zDLbjAMSyNTpQP4c2NvIf6X4Q4Q D+yZJu0dYA8i/QC2F9cb4sT6fKtoRENwVLQhHwkxwKLqmyokLLOZ7QvQw1Rqs8ZU E4o5OFdf0XvqW2+C1+CWQ5Z987ZHDI+y4Zse8SkABRG0R0Npc2NvIFN5c3RlbXMg UHJvZHVjdCBTZWN1cml0eSBJbmNpZGVudCBSZXNwb25zZSBUZWFtIDxwc2lydEBj aXNjby5jb20+iQEVAwUQM++M2AyPsuGbHvEpAQFlYwgAk9yGvvH1Rsz3dQAgbzBR iA68u5YYX/b8/n5aTrtxK1Z9KltjdDjcU/rv2fqmwhsc9Q2JYE1re/iiUUuxTTXc xCdnLfZ75w6P7v1XaE8HbaXvUbYmFuKxvhzI6gnZ3OWEqVQ/P1RB7zzSwHtvMAOm rkty+vFz8g432tDeU/WEif0PAeNassVjIBE3mSFcnoF9PwR7+983oLI+QUTz+KZ3 po7r7ETFXBaie8MY5vMo2a0ds6GUsrMVpFiJ2zruSCJQJvVVoe9VT9pg92fHw6vS YZBf6jcPd+3kUjAcAZQj5Jkuo5QtDc+JpCs6A4JS+nk2UPYisFOfxHjR2bv396ym lYkAPwMFEDPvjPSWgad8PVLgfxEC85sAoLW7FY3dWWXLiZD6FbN3G81/SYm2AKC3 EPPlj+zNMt83UlBIR06BWOhPmYkAPwMFEDPvjehhWBbFOs5V/hEChMsAoIHN2sJN Nso+kYr3G2BZ90KJ++7HAJ9vQkdJRwI7HSyL+iyfQS3YV4ivKYkAlQMFEDPvuil3 prw+JwB2/QEBujkEAKvxs8A5OMk/TD8tuQMATILDxnj0ZGepAV0wbJjJx8bYQ54s hF6r4OlyWEVPOn9sMn81QyWOeaprpJfYWgqntyJ8aO4Mh2gfI4uKzKn5hJ9n424g L3cOcJUKmARBGFgL4gB6QZU6k+52qubv08gHYBDUTpxbtYy09/bieET6Tu6NiQB1 AwUQM/DnKABQXdL3LtV5AQEB1gMAntCpluUCoH9Spn+4RBKQU9qVYjZL9ye7Qd9z 8uKIUGM7VFMD/ECavREEd6ggYFCX2t1YV1j6805+oROx/xhxCe4OSG2PX6NQx3Mc hMWgQSiBKFikfxXcbDTwU4HGk/U8iQCVAwUQM/Dk3Rim+KqOZxohAQFO0AP+PkRZ AMsuGJ62XOmO27ZwoB1yMB+LahS9zWlVUuCrBs0NloC0Uc9aydw+tWqr5PU8972O ZmMI1mPnjsAao7hJeVFEKmNpJ+nPFx56fmO138D6h+1eYYsXMEkx4FNHYmr/hP9R T7JuqFChB4eHAtL37GDo6pUqIpRdbI6imU+TGWSJAJUDBRAz8OmMetUtBpz0lbkB AZnqA/9Vcjr5qpxELEwYmJhBih4Eha0bPebxDpT/wDQlWF8KQVT+dVa4/kXDZDSQ EOcV+Q+Z0YAxqFFaWHI1CYr2pR+jDqzxxdsxvwLPaJ2Yq2vnb/UozPzCYXaRr8dK E2LaRpUIe/frpaKggGfT+HP35WWSAkS4yP91I+9xw2xAHC7F/IkAPwMFEDPw8Uu4 sEdhxJFDBxECSu4An0Vs1WvZhg1+F9gXVAdWeZeQwjPjAJ9kiB4mUt6PeE1Yafo0 y9h1h25z44kAlQMFEDPw6arUWbxRv7Y9YQEBrGYD/AyYF/uH6EJVZww/oASl5pxt 2Q9YR5Kb60f7RsMOi48SgIV0lrUCk8rEN7HiEMlMSzjqtCuAPbxc85ltYA2V8GMB uz16DZ+LshmN2Bdo5HvlJ7oONRfTznAaeKVH40MYI+4oj0Z+mXbhIT48OkQUaWAx +XxdzLufxNNU8oForJ/FiQEVAwUQM/NXXx9quvkcD7cJAQHDZwgAkh5R/OS8SzEV WOOlnUPSaI/PNPSeKdEOOvU5K6u8DMsb/M5775fg9paCGi+UngRiL3xWjykJzfrp 94F/0d4PpdkcQUEao6+uZBgIbDK9S/W0bDAFCgCnwy20JPXxJgdikQb0GLBzP+31 WHl4JSMXTuNAFJ8z7Uc/a2JWe3QZ+w8uZP5IyASimYYLu+19Hxo4fYT/bOOQ975z arCgaDO6b4HU68GG3WqytmuBj6Vpu1x5Ia9cNpxgPmtM4wg83zmx06fDTGN89EYH rt7dluxCBesxPhUsmZn071Xdq1zMYIzHns4jxwCREp5kNMtPsUKA8dSA4UO2BdkO q5IX6scTOokAPwMFEDPyrMUi3EpiOkv3cBECgNEAn0dTtLw0NDPHn/XPgxz8jcnR szjkAJ0bHBmB26616zdcrgPZrYtvac9gVYkAlQMFEDPxEE1/tdR0mmHbCQEBO2YE APGeRsytUHeL7tUbdDgLmz6fcroNkJk6sjQLAw0HYqnHbwhfXCvFQmAb00Whw4xQ cSXej3JUJSwXDyEJ5AhOD3IdTkKJnJA81xJzYJXhp8kJTF09M5voB5eZg1Fp0bcE w3a2MXy3SWRWfJ7SSA2De7dBpf2oOZeI9AuRltHfVmKPiQCVAwUQND7fLiFQYTN/ zSo9AQGwMQQAog5OyeA3+SkPl0l89fUH/ZBs9abyK7KM7DMyb4ERWzAhoikImk7F BCofLz0o3KeeTa/0gzYVD8RviunRmbwbT8GldHElW6bnxs9Uh5EQTmrX0vPi3q1L 1zM+RQ1BPR2GJ41DFpEGG/HCoIqrouoWsM6Xn8sujXFnFmInWu3Fc4mJARUDBRA0 lwTIK3xv9F14VdcBASbBCADjdN/dK/bTAKJLW+a3aL5S2+FbhUkBC+o8OTAYgkXy bp9uWSH9Y/d0+ac+T6ZLThQgPwgRUmNbpasbsQPz5I5YYyoepeGoKztZZLnKBRCy AF+sV4LyE1oU+67QikwVMjMraP6eJesOTdFg2+YI0DqJZmbdeY9IRdduwV2AuZMt 04YxYTrUeP+dGj4vXLQv+FVVUSKeCE3rsrwYRFi+GFE8PJw2rSD8CCIe7mMZv1fX P1EJs3umgtv2eECBQ83hEahSrM/vizRjlri2XvpOqa6xoeUbpuzSOdgHOYpaPHjK yd7orHpBcew143UJ8G/Gjo+SgY4GWtncPgNGgX1NFtrxiQEVAwUQND7WmkZi51gg Ebh5AQHEFwf/VmrG6IvjIZ4IKbc1aqvEU8YRoIlkb0OosGVOU1DsRy/mkGHizLE7 icEPH7/uhW7L6S0AdbKxFJG1lAxC26ykqNC+g7o/Nssae9B/wE721e36FjxmOpEi ZcvesOCtB6/GnOlxblvAtm0vwK4QV9LI/oqiqNwQhgSZLLDuk5Vzm1lnRA0/nTsX nlUKaAgfMkj2oAJhLAlR4rqxnJCyb+xR1YDCt77no2ll9RDXQMqzosSUU83kCC4b fXhnHXADK7Tz9FhN6ihNW9pOjbEsQ41DT+wnE3nkehbcUmZyjskNFdQXRVSHEWYe 32woo5UV+ZQ2qjdkLV8QUgDyn/ylFtrBN4kBFQMFEDQ+8CtLxxlDRSxB+QEB4p4I AKunmSfnZkti5wXwH97urNKsFNps4o0EHCrMbDfzvps3+7CCjYb9qmlo06bcCuT5 CzdsHfjEUKKQ+jJ1gBZSt52Nc1DlCjM+voz2XKogrI6BfKZpTos5ZUq9S0Of9OM5 tEhgXAVqo+MQ+5nSY4uT8YwJf+iANMktC1OkDR4Zj+6uGAWMLX69kDSBF75DnONN NknGzDYcP4KwTisZwDDtqR5Qmu+/LtnV94pXRLiro+dCkU2S5hCT0nTAG9+UkQXy xSyIn88aYicljnReNVqDXwhX4Sev/Cdb7cfj+h/iKXpDFuZ1UUUyAJy5XMCcxxge juDXgcz/A1sVL6/YtHSsr1uJARUDBRA0R9vD1FlcL7UofrEBAfKCB/96WqTVvWrO H8C3q1NLt5KleAv2gRRNgeQIqGxkRcuRoJTjbganKjezK2oS3VyBqN67HDKaJ5di TfuG2i87y1Flbxh4rnlo5Ppse2Sisp/hfJ/cD5ZEem1IlMCUHL7/XOknc4fv/bqn 8vFhCIUpdsC8akKTPa82fc09J/vNDBBJm9UBIZUMcXhUHmpOWI7BvQJuyGRUPNm6 1mYqwTdn+nba5SE73t9/37ZJvg+L11uN3BbsyEiH9hq9Xv7s9+I9f0SqwmDuGxNX X5NQRLlUidiCbR/njpib3BAKo27NudC185tL1tqY7cTjSD4A3ayJgK8urSVdso+G D6sS6mLGmoigiQA/AwUQNDqzpN6/Lw5WBJ4PEQJBMQCffp1SLf282PdNyGCHWRRQ ufkFoYYAn2lLhfXQQKccZh/cef3dflJZ9RH7tFBDaXNjbyBTeXN0ZW1zIHByb2R1 Y3Qgc2VjdXJpdHkgaW5jaWRlbnQvYnVnIHJlcG9ydGluZyA8c2VjdXJpdHktYWxl cnRAY2lzY28uY29tPokBFQMFEDPvjV0Mj7Lhmx7xKQEBCCsH/3i8JxEVxwj+F/ff f2lCRDD83fJTGhYNYvOACxYaRSs1hwZ1pAWSLUzN+cc3Iqub+dT9zgbubrHFP8kY B5oPxEh92myV7d0ijLI82RNc7yrql9MI2H9yIYdgrT2aP98KbGulxri3U9HQ1AnV PE43eu8F96fgiOggRqDKi7lWP9ADvcaKO3a1aDk/X2EO1I0jSJMTfZ1cyMlpmrnT s3i5x2lX+42GHjpgA3tWGlTN6DFWa5k2dU7TzE3dKL1qz5Zdu81WMdT4xDbk2Q6Z 8rGu2oKA+YXprSlF0dBsG3qFTKSFgnHijTT4fJI2+gebEzpe8vGUf4FJXQmjZ+bG 2dTdUKyJAD8DBRAz7410loGnfD1S4H8RAqdjAJ9VVM6GixYnpOpZMvvpuKk3OHow KACfQxP/Dcmqg5KtDPnd6hHMaVbEBAaJAD8DBRAz7435YVgWxTrOVf4RAhkwAKDW gIbBaQ/qoR9F/CMhmpYztcsMBwCg2DThE7h3j5HGvsiwy8MsZZmLq5mJAJUDBRAz 77opd6a8PicAdv0BAXKbA/9uZcSak/u41uFuow5uwkydjkfHz7XRFK49HX7ozwoJ bVydzlURMIOvbwpf6ws/bFTyhM1RRG3b5E5o4psXoNWowXG+uNkmTLhXIBOtH4Tc jbLXspLWUiNtBNlJ2dDKxit9ye1Z/9cTwpfaNyAmtb0aPBN4sZ8r6Bmgd44Vx0nS L4kAlQMFEDPw5OoYpviqjmcaIQEBJ/UEALXebkpbO3GE/jGb41qzMcoTVXt3kqh1 mY1yJloPEllXstP1yO83uczLfPhhKUKAGg/WZS5eFrYTRvIqu2HZ7F0PfTqqReKU Ur7GFb+QUTzt178DQzfIyTHT+43CIMF6NPGbdWFkwzMaUjXBewEX2eTNg1fRSoYC 64rPvSEXFnnpiQCVAwUQM/Dpk3rVLQac9JW5AQHcZgQAqveziPJciVrzdanmUHGt 8La2rl1qXoYtYAcS51gVD2Dxle/J1SIvyRWysTE0+s8X+zgw71zQXm54KUKdoFTv Eyerc65NnVVCgPUpNN8/H0XUpNd1oZ2KKIzz3mxQbVwa50sRKvYBFUo9mUfbv+al FK4yrWaqAF3Dx38KiQrqOa2JAD8DBRAz8PHwuLBHYcSRQwcRAu+bAJoDEDaxddtU 35mekCglNjbHLmOR+gCgiYpy0fB8JtNJE0k3xQDuW0H8uG2JAJUDBRAz8Om31Fm8 Ub+2PWEBASbZA/9wYDYTmvtoSuvI0yOITGgmh8kSCOMAmXikhI6ASZy8GhkPX7OY 2ybX2Iw7XXApL0mcuDr13Fm+xrt9TymyYAbRnmPjbPn1GoYVM/orN+R/t/mblfdb +eklvMKnChA7eNFfYNUz+V+lRPkH156EnBXYwmzlYsKEerGjxJLoyQErsokAPwMF EDPyrNgi3EpiOkv3cBECoIcAnjmNq8NznK0HYgwicWYUjDAmte6QAKCK6txKW+VH WRJ2cSf2maRkf0TmmokAlQMFEDPxEHR/tdR0mmHbCQEBigQD/i0ZA1QsFjQqQABT moOqLt0phX8Q9fakXyz245Zt5y5OsGL20lwVadVVzESZHZgl0sTHtL6Na8QjKC+u qlbrch60oInzzzegGDTyk0zVMeaNApOcV3+D1qMvHH78qyibXf8A4uEcn1jrGTWC lQH9SLW2bHtuNyArIDAHbs2S4MoKiQEVAwUQM/TlIB9quvkcD7cJAQEmFggAvkXG VGoNGrK1NO8hhf4R/oIeCahsc5v9i06xVSiRhZRJ9of3PC4JjzAxjNtG5EZi31YR Zy1+Ja2JFDOA/MPlKv4AURZiULAwS5DRQ94dTCk7kvXpKr3Q5TOOpFWQJ81yotc3 8UGi87PlrxZqsWD2iHTp5lzfaoRuKCoL1ao87ppE3l4KiU5lRJ/uZxn/vyrEv619 4Q5dzelkPC1cQbi4tX0+phtvSV4/KZbv0J1kkCKkQFQBA70IdfkcNu41JqcsRjML DJB+rbSQa0UozWx3Scl8TFzcVbRQG5YEd/fwBkWeRLbm+2nHTkiddYHmsLiNXFcX jPWhBYyp+4B/f+bjYokBFQMFEDSXBPArfG/0XXhV1wEBKGAH/iNvdhvOPUHEHReh pBiYeBslxdvWClm2zYfPDwJnBwMRSjD67IS5tLjDWvkE4/g5Qk8dDPkKmDp02Ycz LKFqFvUYcfxrNJgxWVLFYJ3dB6QsCeR6Fq+qs1y8v3jYYWpUM4dUUWDMF66FUqO0 hAQGjjoQ1Nm92q71nglm647B9Z50QZBrJRHWS4Q6q48tkr4Cg+6BHKT/pg/SluYm 6wUMAB4shZ58S/Brba8Hzz+YT39KFwOJ1J3O+t36xPeGrazc3EyAcr081xpa/9p6 OdEhdUhhz9KHD/gOarlH7PTPYGITP3ZmhZ/SfCYDEeR0Kw7aKXFkAZUvNu9/5Cxv 4IO3zmOJARUDBRA0PtalRmLnWCARuHkBAU5hB/9HAIi89liNnkaSspn35i9hHSLR c1eRUz5e5RdjpdF2WWwONRmNrJh1LkRe+2oYVPw1hTx1Jb2tDwDTDIoaxsUkVsL3 4/b2NOZsmOsiKt/P7Y17ygbTSFIgicaP/eR/swXYOEv9RSu2yAdqUbTi7XIvjioz jCxVBAAyhW9fyoIg94JpDK047gfd8kS5smyVJA8Vmg1Ll3qOqhUENXecqSvKlx67 pbLSvyvmTA+RqKVgaEDYOHJuSeacexu2EKHBJwGrVGhtYVwtFRONInxePdb1uYsd tVLQOZUKDMLQYnBVjAwi65yXbstkArzZ2sYctIMTUBNbgfKheWWpG1uGmIT8iQEV AwUQND8Qe0vHGUNFLEH5AQF6tgf/SGAuL/bSaUMd1Ia+Vh4q+KGj015cPXHiJgv5 YltjvoZUcOe2l5c8flKlyrgTekmX2l63xzRsOOK9LMxt4bJwuIbr1yb81UBnbqtz OoAHI83ucJBiuGTf+ffcYCP4KWg2blASEJpwBXGEaxIMBVAPzZIQUnyg4FaKjLwY Mu2sp0Gg/nNI/QogoYeNzT03m55Ng6hpGK3v6RrLdy/Cpi2bPxKNrBB5as3u7WmA 8XRiOaHiu5LIJnRYjhXrmpSytr4J8NVr81PkK4eWKxpTOEg/v/Zk1/f34Eh2K/B8 VfGUalIAygEmBqhiW/zJFZTX2+IwVvPwVocb/Qk9DSfMCbGYc4kBFQMFEDRH28LU WVwvtSh+sQEBfzcIAKfPLrf18fhKivjwURU8hNmMyr9GQ1HVoyE/d1L5dFjXZHl9 B1g8VKodL8Hh71UHS0kN22CsGpDuOzGh/E82BLVuO1POrDQ1Jipe0JC5UBOMTqcX hZ6qut4C1fZ4urXDalqusdKIHvLO1VdQL96TTuvrsIVoh5gc5k0jw65SPM7FT5mo uJmt7+8D1id2SILbnAcH+Cy7iVbV0tkTeU8/ETFnKkDgv3OGUBrxsTn4/7drGg0k 7gKeRR9RcJduX7L+Zyxo2DuJ/lJhUEpmNwqM2ZeTWY26ugEBKsNhwmIHzFXa0s5f bAJZ1egubigLQnNYVHOB5I0jxO07/rOqOo7mN56JAD8DBRA0OrOk3r8vDlYEng8R Agl6AKDlMjVFv3gKMloyxLEZEQT/QggmowCfVqd3eHVSyoRRa8VZIuoFsRDRpSmZ AaEEM++MMBEEAPzZFczUTJVISkvqakMzLEjxJxzbbJWpFgv4KS/RJccQ9pk0iBBu VXHfaPJ+eYYhl5VgrawNFMHq9cm3WT5HkdFGFMbt8HR/fT2BP9mCaTrjMLsvictC np80RUkt/FF2vBcI498F/npjy8oEVlK/Arios0e6sw/YxVS5h8KXZSkfAKD/pbMV Mdbfge8MqAP7eTRqnSUyrwQAwT2LkgR3BOcY7bOzLJz+DDpAqhIY0SRsaZyJm6QB BO6VUpClgy/WMibpTL3UduxHSZRbE/MIE8K8nO9k5bQ74Amrib+HV1APaR0ge36d gB19mNjbphSkHqB8WZC5waEf+jwZ+GSY3ovDbX6DHiVy1+Jrb/jqmhqwI2j3rXIr K5AD8gPqqkdquAGg6Taf9q/2NXVGjHy+FhUbBCGZWlhVQzN3DyV2jcJ6NqrJb3sj I5Tu1mjhZTMnZnewbQMd2Kb5Wh4ONvmGx3fgzOgYvsqNEUaV1s2vYf8OGYi0vLPE nlheAxc0bLciF86MLBmwaFnV5N13FsPutvv5U39E6FOkJJe0R0Npc2NvIFN5c3Rl bXMgUHJvZHVjdCBTZWN1cml0eSBJbmNpZGVudCBSZXNwb25zZSBUZWFtIDxwc2ly dEBjaXNjby5jb20+iQEVAwUQM++NIAyPsuGbHvEpAQHkeAf/ZT4+h6m1GTw0lmzV HKL3OJNHQ7p5O8Fw/6r9t/SjqP3vtxN/e8xmfb6N6punAjwzu/qg6F6w87qUOiYf xRdjS3rYL5xXxY+/GcIaJMyrl12uP6LvFlyG1HRIw25H5oYjeELm2N3NTJELa53U Iv4rbMWvUvNY7lzfkr+OtdiBd+vp6rrLUshTfKZrhBoUlM7X0eCwFHcJQStBTJc8 2+jMdSM5aBeKowl7z6XRipjnH1Xvif6SmdNl5F+ZXqiFfUDS9/a1pVaLHdIRm1dN JoQpbOXhT71LMC+rnDJLZUJF8S2ZxVUYNloiIxke19RxJXERbpAMV43HOqCdVmBp chZkCYkAlQMFEDPw5LgYpviqjmcaIQEBbqkD/jYM7jLeiSSZ8utyl9QzV7EO02EI CRclnZo9ovycZQVrWVCOYr2mvANAz4d42t4S+NdbBoWJ4WvVFpd8H/4B2O5GAPdH zNRon5My9RwCpRO0+fQw4CxrsEJOKw8jQiyv0WdUya2ZCcBKK+zXp65quTgrV6vQ N1NAx7zY6MJK7832iQA/AwUQM/EFSiLcSmI6S/dwEQJLWwCeLR52wEM303q4s6AB UUpWkl9137YAoIq/KrjbCmOnNptaDiS33E5G8tYxiQEVAwUQND7WZEZi51ggEbh5 AQGIMQf/YpWT/wwwnwzCUVQbwsX/fIqIXc/q5PEh487iZruuB+9nM1vH0e3gezY3 i8CH3Z0BzQQwkc4t5xxgEWZa10POhvJ52/ma5MFPKMOLcoJ89E46mnwDC+HOgjPE qJCUqDK8cdrpZ4zD2+X4Fp++z7Otp+H5JH7KWEswtfhHibejn38twmkmrkYxXcaR AA9+S1XnobAIM97FZWdcIFV6mi+ajXygV+qozgaP2cEvJoHMbOkd5ry3Ts7vXmHl NZBxWQUjKltknrfaRzkwvSVxZxN4SktcJdLQwHpL24qABi5qJFghb0dPcrzQSm4c sX//kWlKvOUWfW986mdxYvResYLGrIkBFQMFEDQ+7+tLxxlDRSxB+QEBuSwH/iWl 90sSSiU+6AJHAJRxckF19fidRf8nRuKJP/HNlyL91Bhepy3JkCy35IFIVx0B8a6C lQYauPf4kY/2OT2FFtL5f+OOy1aAkg2JRvlQd7RyRVm+GUAZa6o8vXSJf+EBplpP nY4aKELcI95DoM69PfDkCAilH1/N8LMAI05FKEFCKk9Kc6qPoWDMdPXtpo9XAY4X mT6n9C/o++ER6xWtVXx0VbCdpSHtG4GPDFx5txqWVjJR5ut1D1rCNRkLmEOGkRgh DTtks0ZK/TkgEKxDL0sFxQ5MXOl8K0xPxHEYqjWHwkZGl3d+gE3lTpGscccCI1/g JSbp+xnb9t4z4p8Nj1eJAD8DBRAz744dYVgWxTrOVf4RAkj+AKCOeM+A7YFF1li0 wDd/26EhmTPtxgCcDcmhKQrfza+KHn9YySmLDhkIhl2JAJUDBRAz77opd6a8PicA dv0BAdGGBACTpnFJfSI1OpbDXzOxCWu50REdRqf1JtHOQOKz9d5gsc9GoZNlGkjQ dvcGDm7B1FTTJV7n1AhRhgKoB/PuIB6MIrbCmoVmYQa66dlZZ4alFAwEtJRscFo0 lkLxXSYBu0R4oPgL0qMoTlEzeNOsBoFJ8ICpoXwwnzRjmWXAcQBquYkAlQMFEDPw 5xp61S0GnPSVuQEB4vUD/0W98yG6mzUxb+f3V5FcT24nvaE8IxgfcLn/Z/6K0+Vl bV47x7EbFbbGiUGG/DdCTdvhQd6y3or3fB6L+TjAJ9lOhl/k74yeMvG+XWk0sNd5 ngKY/Znm5NhcoTJLhxw+ZZzkzQeO47BPRIXBk4v5aRHfIbAcux6RUQ9Ds2dzF1or iQBRBBARAgARBQIz74wwBQkB4TOABAsDAQIACgkQloGnfD1S4H8PbwCg3ytkBFVx 2LoeRUfZIjLEhT5OUfQAoOtN+OeqNGgtJT3uRh0tX418XTJOiQA/AwUQM/Dw77iw R2HEkUMHEQLdSQCdG1N6u+S8+Mcu7tZbInqlSJBnor4An3HYydE65r4wWbInG5ry ohHxE+OSiQEVAwUQNEfcBdRZXC+1KH6xAQF2Uwf+O3uWcAhVvLmLMUA4kLQnlahX 4pMLZMWGuhTY4T9Qab8ngSpCwoNBBCJ69Ofrb6ChYEeYbGGB4e3iiVyAXKPc+qtn Zq2baW7ND6NgbN1qsx3aYDsrPXy6RcvmG9DL328xcEjduOniIy3YLX3YnmLOJpzs cmh3I2jInBrGyVE+CDbdZFSmY+slOLddrdT9G0te+uGEvoMNb2j5dki5jjM/IJTW qtsCWzqmbJD4KYU6lL1YMpV7sIWcths16mcfoq2nayF2hUP3vGgn6cPeHWNPJbHH YR3DJaelln33OKkJttIz2+XTpHJINSRoINPA+xC5UVDNyhjB2c2c+BAjYOYaeIkA lQMFEDPw5zrUWbxRv7Y9YQEB9sMEAI/GCqiLtXAEWzSJvCb+eIUmZtDcRqcpyPFV o1yjB0QJpZiJ0Al3epRU7IVdLUpjqIJFAU/WNbJTRI07nxIISmz8Upqq52sGInvF rklLYnsklNSDKEN1NFLj9c+DOqs8TdfEUl17wNag5450CMaXzmksplbwZ1ilGpU1 X1OGtM9jiQA/AwUQNDqzkN6/Lw5WBJ4PEQLzYgCfdwbsX7GdHQeOZqIU+XcgHIwb TmQAnj/+EGDx5WFCl0gNu3oMu1Nx3d/ytFBDaXNjbyBTeXN0ZW1zIHByb2R1Y3Qg c2VjdXJpdHkgaW5jaWRlbnQvYnVnIHJlcG9ydGluZyA8c2VjdXJpdHktYWxlcnRA Y2lzY28uY29tPokBFQMFEDPvjR8Mj7Lhmx7xKQEB74QIAIHywUKBb0eswIQkFoWo yjEVwoZZ8StI57ElqPxyXzDbddisb1tnQTqlOWL/x1QZBaR+l28yvv5l4G+VgR3w MFXAixN5ZXYtYxYl9NX7bKQryf2Nydq6RBeLPevWUcnLDUMVcF7FM01ebraR6HOD UUcClyoykItwcNIkAih4UCXrmAx33RH8rssDVRuJB/ZItWudUbuqKi4Pyt2h6LNR kOrbNwjBuhZUScUUrzum4HD/4hh4k2gPuA20KoEf6LrWvZUs7Td3w9KIYY3A1Tsw hVfGVdQ7tSu/8lVhakvrYtrL8HSpeqL4GudQg1MTk0TXnJ/36gpbghxaD+Vz+6XR GySJAJUDBRAz8OTGGKb4qo5nGiEBAUoLA/wNoSVGTzVzNIlapKiFTLRELngk+yf0 xERuY7uHMDf4ystZrW9NpVoDd9r+HNI12Kxof6DyLyT4sl9hMoCYu3+TA2TtHtS0 p//0SI6VQzvW6hz6gyHGe9rlExX3mhkv8epXsbhK1XLpBDtos4Cn11alSIN3XHsd 1xcTylh20NHYiIkAPwMFEDPxBZ8i3EpiOkv3cBECzo8AnRy+sT+IxLF7vwDswxJU P+D6OHYYAKChCzpKDM/X1c7jCqY/xFhcr9wuzYkBFQMFEDQ+1m9GYudYIBG4eQEB CwoH/AjPKpDr2ikP9Hi/08m14rVsKbypOAGcoUZonTrxs4oFz0umrzwMhUaxbYlj rnQpjK16qaPU2PqpRxuljXCgvRfKE41wpu8eqYSOnisGkERn4xquaHSQ22W2YO14 olveORMIUmhg9uKIx173UB+yUZkATlkfpaJafk43YVh5lcSl83s2YI4MRl7rOLTx rypvdBz1FY2Pk+YfmZXuPtGVW6CUDRtJ1/+w/Htg08hFRhanzHzS/4/q9M8u66+4 o+jpesRmD/EYkr5AZPgKKUjVaGyB5jNfq26ZyK4LbcDqhHFKkNT4DyF4zbf8LAOl u0s5XNaRDQH/TGtwzC842IuziY2JARUDBRA0PxA0S8cZQ0UsQfkBAfbLCACWyn6v n/7caRMJxqmDFmaE+RVMAQnzyIB3nh24DsNCiReDWoi7/DPp8U9KwPOe8fkxujvs eSefEakNRRZmQTEVHM5RJ+nLnWterQ6iQiTk+Fl1++xc1tt7xQcuwmBnmBHV9j58 t5MLxF8CgdGPdA/iirA8roSwkBtUN4l5D4SH9pJ1bpob/4DN8EIgs1+qW52OU/Af pM73oLyt2f9xkn5dEwVG+Q/9GuxeObjBEqo5ES79mhg5JXehFAp6X+m5nh/dAYdM XrPg5BLBDNXVuFzSn8h9xu1c4PkWWKUb2JDG2HoH8FT/d+rgq6DLPrTG/yKU6Z2m qWf9tS0sZJGnd88MiQA/AwUQM++OQWFYFsU6zlX+EQL15QCdH/0xpxvC7pliBqA1 C8paUQBjgO8AoMvHDb4XSYmPKv4YGafCQcWBqWj0iQA/AwUQND8N0nVnqW5Zuj/U EQIiSgCg6snJ1ScKLUxYL+Opmd2FaS5E2vcAoO7le5OjBERvjre3FGo2viR6oBFe iQCVAwUQM++6KHemvD4nAHb9AQGqIQQAjH4eqUgCQ7dvNqtohZjRhyz4eG/Npt/Y g5ipiJhMiGTM4T0l6BPJdrMGtUnCumD6I4GR9JrleeECaVpVY0dYGCuzkqUf+173 OlKP+SfEB4Ryyk9teIkAn2+u6o3TAGP3+CjLkppO977qQOp7xeL14KkwepfUY34R YVOfojOJ5iiJAJUDBRAz8OcketUtBpz0lbkBAeEOA/9XZ8xP9SY8AIO3QNjOlGVS xAzZBDBIkgwo5vyJh1ts20TdBq+uvHkXR7aAo/rLJ6hDEEBGaoEHk6m2N7x3yxNm knKIY+d9vEiA8Mydg3Lhe5c5Tl+k+w4Z+CAb/81FQ01Rpg7sYpp59uVzl4626w4A 7g5ON3C7Ms4ihrPYI6geTIkAUQQQEQIAEQUCM++MjQUJAeEzgAQLAwECAAoJEJaB p3w9UuB/TgoAoNwYPRsLnWYvv8aru3VzhaDFaxCFAKDuDrzaRwMRkrlaHy5+DRKl I4z5BYkAPwMFEDPw8X64sEdhxJFDBxECCOoAoPU3irk5mKfHp6FnIphpAH7Mw9US AJ4qJW9yfFssD1eQWhOEL+JJFnSgtokBFQMFEDRH3ATUWVwvtSh+sQEBRVwH/jsn VnpcEbQMRd63Oah+MjziiFZgzbA0VsuyqwNrS7HbZPEv1sjAzPliLpNXQHIEf8wR 4Ret+mssuQRGsf7O1wfgi9Mzm37ke5R8yp5MozOgnjJhwqi9Gx7lHsTb8QHzJxyx n51UM+CdOP/IDmoXVPXQSDkB1KyrJAW2mvjFvDUJ4txTL9WqD2R1gmphFAd16hJ0 WGl4YR5Mr5XhO9zeRBYgrtlLKidOlCIb4RZo/53NED/DbmvSSAPpQrzTHP+D2xB4 Vm4kpFjtXqO7pMR+qP/NsWQw16W6jJcJUyeiLa2O7RZ8S6xz5WcrgNRTb1jdUihf tOzN0yK4KOelMYrYH/KJAJUDBRAz8Odf1Fm8Ub+2PWEBATcAA/wIXWNXs7dxqS9x SMy76D0Ucl3lOuprp/ikqVptI3rAvogRs4oeConNyAWGRUEQhVhcTvOxXrOtpmxd gsMFL1qdM/Nu8LnkNsRwsjIv6AxBc9FnUiy6TDtdLaSMJAaGu3mxYMHRx1xwVFJH IUbH7Bb7bKih1vu4MkXjc0w621GJaYkAPwMFEDQ6s5Devy8OVgSeDxECyTgAoI6S ef4dTttm352EpKx3rgcMK67HAJ45/2VQ7MiQNI+am+48sAMtTV6NZrkCDQQz74xP EAgA1+cS+JXoZKoX/tIx62xoKQpR79OZwS2hhF0T1miu8uWu69JoUcyBcKDhKrIL rz0EkkFoo3YxNghXRPeJ2VseniZccPJTby1MQV6cD2bgRHQ/EQ7/AhMjdeg47tIL FSfHK/E/Lwmf09gEcykX6JapRvMuxfi1kjssmPveLS+L7m0Y1oEEW7hwPZQmKzuV v8JIrttvhEnqUdhVYe1twUCnBJGF566y83RjAqk+DmHLqDBpRIq110kNp1wlxD8b YjzbSieyqBhF8OdwQFi4tq+67aHkK5H5DPqOvA1QBfV/pTELZZhju2yn7DNAn1W5 OcpAQU9zoYiiJJJ7JXcqJvNVnwACAggAoMF1MWLqRBIHX7HtdCBDxI0vQcWO2vbl Mwmv955TqbU2Su0JWDeWUD6WFOamiuTpkO7cZen8hbTajbjobntnbekdTVWQTCOx aXWx1RjlAf7AhXq5km5tlbVOugMjzqXSbtZ5YL6apBefoa6+Rf5ikXmpTU4Jj0+d 6fqxaRheKoTktbdRLJjGCVNpzwRCpyzclh69XX8zqhNZd0xIQNXb8Gp32DmpkFhA WSR+11bpiwk8waCfYQjK7iRPJrOTdRp8f/Kp6YJsZfpLmPeSsKggzB9Sl44c8HU7 EAIsHSWgDZzAKmrmntaFdQLJG6p1dg3nQ1SuYoOjz6Gwv97z0+h9BYkATAQYEQIA DAUCM++MTwUJAeEzgAAKCRCWgad8PVLgf8iNAJ9gpFxJH7WRmgEdhvAnKIeotKOy kgCgzgB+61bgcthrbTQD9E41tx+LZv4= =wtkK -----END PGP PUBLIC KEY BLOCK-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:53:48 PDT