wowana.me
website source
commit 69bb7559d3dbb8a430be4fc43879e7a6c5570673 parent 1e72c1b7ef9842dc8576581dece2d853e1c9ff56 Author: opal hart <opal@wowana.me> Date: Mon, 6 May 2019 09:31:13 +0000 add static assets first committing these first in case makefile unintentionally removes any of it from ./out/ Diffstat:
| A | out/files/UNCRC.eml | | | 188 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | out/files/UNCRC.txt | | | 140 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | out/files/cloudflare-email-template.txt | | | 103 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | out/files/mozilla.cfg | | | 1142 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | out/files/pgp/wowaname-current.asc | | | 178 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | out/pgp/0x41CE277C721A889E.asc | | | 305 | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | out/pgp/0xFB02FDAFD6C05FE4.asc | | | 25 | +++++++++++++++++++++++++ |
7 files changed, 2081 insertions(+), 0 deletions(-)
diff --git a/out/files/UNCRC.eml b/out/files/UNCRC.eml @@ -0,0 +1,188 @@ +AF: +NF:0 +PS:10 +SRH:1 +SFN: +DSR: +MID: +CFG: +PT:0 +S:opal@wowana.me +RQ: +SSV:mail.volatile.bz +NSV: +SSH: +R:<crc@ohchr.org> +MAID:1 +X-Claws-Privacy-System:pgpmime +X-Claws-Sign:1 +SCF:#imap/opal@wowana.me/Sent +X-Claws-Auto-Wrapping:1 +X-Claws-Auto-Indent:1 +X-Claws-End-Special-Headers: 1 +Date: Tue, 26 Feb 2019 03:57:27 +0000 +From: opal hart <opal@wowana.me> +To: crc@ohchr.org +Subject: Concerning UN CRC draft (child trafficking and fictional + pornography) +Message-ID: <20190226035727.664ef4ec@clamav.local> +Organization: Volatile +X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-alpine-linux-musl) +MIME-Version: 1.0 +Content-Type: multipart/signed; micalg=pgp-sha256; + boundary="Sig_/84UlIYH6Rb8h_NhZKzMl6qq"; protocol="application/pgp-signature" + +--Sig_/84UlIYH6Rb8h_NhZKzMl6qq +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +[This document is in plain-text format. I do not have access to a word +processor compatible with Microsoft Word document formats. I hope my +input will still be considered. If I must, I can find someone to +convert and redistribute this into a doc, docx, odt, pdf, or any other +format suitable for the convention's consumption.] + + +My comment focuses on paragraph 63 in the "DRAFT Guidelines on the +implementation of the Optional Protocol to the Convention on the Rights +of the Child on the sale of children, child prostitution and child +pornography", quoted below: + +> The Committee is of the view that =E2=80=9Csimulated explicit sexual +> activities=E2=80=9D should be interpreted as including any material, onli= +ne +> or offline, that depicts or otherwise represents any person appearing +> to be a child engaged in real or simulated sexually explicit conduct +> and realistic and/or virtual depictions of a child engaged in +> sexually explicit conduct. Such depictions contribute to normalising +> the sexualisation of children and fuels the demand of child sexual +> abuse material. + +While I appreciate the efforts to combat abusive behaviour on a global +scale, I am sceptical of some of the approaches that would be taken, as +described in this draft. I will bullet point my concerns below, as a +summary, and go into detail shortly thereafter. + +My concerns: + 1. I am troubled by the implications of treating "simulated explicit + sexual activities" equally to real acts of sexual abuse, + molestation, rape, manufacture of pornography involving + unconsenting human parties, and the like. + 2. Further, I would like to see this draft revised in order to promise + action against sexual abuse against parties of any age, not just + children. + + +To expand on my first concern, I realise there is a fear of negative +effect concerning society's exposure to simulated sexual content +involving fictional minors. I believe this fear is best addressed by +analogy: there are numerous fictional works addressing themes that are +unpleasant to many -- themes such as sex, violence, and any other +manner of activity that is seen as taboo if acted upon in a +nonfictional setting. While these themes are largely distasteful, they +serve purpose by being published in fictional works: + - Audiences can derive educational benefit from these works, as to + learn from history and "not repeat the past". Education is powerful + only when the student is exposed to all the sides of an issue, + including being exposed to the negative feelings associated with an + issue so one may understand just why an action is considered taboo. + - Audiences may channel their negative thoughts and emotions through + fictional works so as not to act on them in real life. I personally + find value in video games such as Grand Theft Auto that allow me to + explore the alluring aspects of a "thug life" without endangering + anyone in the real world. + - And for one counterpoint, of course audiences may derive outright + pleasure and wish to emulate the acts they see in fictional works. + However, this can be combated largely with education and medical + (psychological) assistance. These cases are generally isolated and + triggered by preexisting circumstances (e.g. a person who is + predisposed to be a criminal, loosely speaking). + +These three major purposes arise equally from any artistic or +pornographic work involving fictional minors. As I have said publicly +on my blog in 2018 [1], I am against rape and abuse toward any human or +other sentient being, but even then am I reluctant to believe that +fictional works have any overall negative effect on society. Works such +as Lolita are infamous for addressing themes of sexuality toward +minors, but such works are nonetheless held in deep regard for their +artistic value, and dare I say they are also respected for being brave +enough to cover subjects seen by many as "touchy". By proposing any +action against simulated explicit content, the world would be robbed of +these literary and artistic masterpieces, we would have a narrower view +of the world, a lesser understanding of taboos, and a greater +difficulty learning more about the human psyche and the motivations +people have for engaging in distasteful behaviour. + +As for simulated child pornography (including -- and perhaps whereupon +the largest debate lies on the Internet about this draft -- lolicon and +shotacon), many of these pornographic works still hold artistic value. +Many people use this type of pornography as an outlet of sexual +frustration rather than a gateway to committing crimes against +real-life people. I believe if anyone wants to place the blame on +fictional child pornography for causing sexual crimes, that there +should be a study investigating whether fictional works are the cause +or the effect, because I am under the impression that few people +(including myself) actually know the answer to this. To me it seems +like a knee-jerk reaction to believe that fictional works are the +cause, and it is a fair reaction because this is such a heavy subject +to debate, but I believe it is one that must be debated fairly. + + +As for my second concern, I have also mentioned in my blog post (albeit +in casual and blunt terms; if I were to rewrite it today I would reword +and restructure some of what I said, but I believe the general point +carries) [1] that there should be no difference in severity of sexual +abuse cases, based on the age of the victim alone. Sexual abuse is a +scarring event no matter the victim's age. Furthermore, I do not +believe this fits well within the scope of the United Nations to +decide; individual nations have long had varying ages of consent. By no +means do people unanimously agree what objectively defines a child and +when that child becomes an adult. To me, the word "child" is only +brought into play so that it may convince more people to be on board +with this drafted legislation. It seems irrelevant to the core goal of +this draft, which -- to my interpretation -- is to address sexual abuse +and trafficking. + + +I hope I have brought up some useful considerations and opinions in +response to this draft, and that the Convention on the Rights of the +Child may take these points into consideration before arriving to a +conclusion. I hope to see this draft revised into something beneficial +for all and controversial to none, something that may be passed into +legislation easily if not unanimously. I am willing to continue +participating toward this issue in any manner I can, whether this +involves direct input or additional resources I can follow so that I +know the future status of this draft. + + +All parties involved have permission to redistribute my message, +verbatim, either with or without attribution. See the terms of the CC0 +licence [2] for full details. I have published a copy of this message +on my website [3] and would be happy to release any replies to this +message with the writer's permission. + +[1]<https://wowana.me/blog/the-grey-area-of-paedophilia.html> +[2]<https://creativecommons.org/share-your-work/public-domain/cc0> +[3]<https://wowana.me/files/UNCRC.eml> + + +Thanks for your consideration, +opal hart +-- +wowaname <https://wowana.me/pgp> +Please use detailed subject lines and reply below quoted text +whenever possible. + +--Sig_/84UlIYH6Rb8h_NhZKzMl6qq +Content-Type: application/pgp-signature +Content-Description: OpenPGP digital signature + +-----BEGIN PGP SIGNATURE----- + +iHUEARYIAB0WIQTKtVOWZDRJsK7bsTs29tgqTNgkBwUCXHS5JwAKCRA29tgqTNgk +B4sOAQC5gpD0sp/Sm4roTcPPHPcpNVekn0C3kA9QTuSsYu4c3AEA6Fv4SNwJ0V88 +IAVnKW6Roq2SX8aEYGR80R4ZI1Hc0g8= +=D8c0 +-----END PGP SIGNATURE----- + +--Sig_/84UlIYH6Rb8h_NhZKzMl6qq-- diff --git a/out/files/UNCRC.txt b/out/files/UNCRC.txt @@ -0,0 +1,140 @@ +Original, PGP-signed E-mail message can be found at +<https://wowana.me/files/UNCRC.eml>. This plaintext version below is for +convenience only. + + +[This document is in plain-text format. I do not have access to a word +processor compatible with Microsoft Word document formats. I hope my +input will still be considered. If I must, I can find someone to +convert and redistribute this into a doc, docx, odt, pdf, or any other +format suitable for the convention's consumption.] + + +My comment focuses on paragraph 63 in the "DRAFT Guidelines on the +implementation of the Optional Protocol to the Convention on the Rights +of the Child on the sale of children, child prostitution and child +pornography", quoted below: + +> The Committee is of the view that “simulated explicit sexual +> activities” should be interpreted as including any material, online +> or offline, that depicts or otherwise represents any person appearing +> to be a child engaged in real or simulated sexually explicit conduct +> and realistic and/or virtual depictions of a child engaged in +> sexually explicit conduct. Such depictions contribute to normalising +> the sexualisation of children and fuels the demand of child sexual +> abuse material. + +While I appreciate the efforts to combat abusive behaviour on a global +scale, I am sceptical of some of the approaches that would be taken, as +described in this draft. I will bullet point my concerns below, as a +summary, and go into detail shortly thereafter. + +My concerns: + 1. I am troubled by the implications of treating "simulated explicit + sexual activities" equally to real acts of sexual abuse, + molestation, rape, manufacture of pornography involving + unconsenting human parties, and the like. + 2. Further, I would like to see this draft revised in order to promise + action against sexual abuse against parties of any age, not just + children. + + +To expand on my first concern, I realise there is a fear of negative +effect concerning society's exposure to simulated sexual content +involving fictional minors. I believe this fear is best addressed by +analogy: there are numerous fictional works addressing themes that are +unpleasant to many -- themes such as sex, violence, and any other +manner of activity that is seen as taboo if acted upon in a +nonfictional setting. While these themes are largely distasteful, they +serve purpose by being published in fictional works: + - Audiences can derive educational benefit from these works, as to + learn from history and "not repeat the past". Education is powerful + only when the student is exposed to all the sides of an issue, + including being exposed to the negative feelings associated with an + issue so one may understand just why an action is considered taboo. + - Audiences may channel their negative thoughts and emotions through + fictional works so as not to act on them in real life. I personally + find value in video games such as Grand Theft Auto that allow me to + explore the alluring aspects of a "thug life" without endangering + anyone in the real world. + - And for one counterpoint, of course audiences may derive outright + pleasure and wish to emulate the acts they see in fictional works. + However, this can be combated largely with education and medical + (psychological) assistance. These cases are generally isolated and + triggered by preexisting circumstances (e.g. a person who is + predisposed to be a criminal, loosely speaking). + +These three major purposes arise equally from any artistic or +pornographic work involving fictional minors. As I have said publicly +on my blog in 2018 [1], I am against rape and abuse toward any human or +other sentient being, but even then am I reluctant to believe that +fictional works have any overall negative effect on society. Works such +as Lolita are infamous for addressing themes of sexuality toward +minors, but such works are nonetheless held in deep regard for their +artistic value, and dare I say they are also respected for being brave +enough to cover subjects seen by many as "touchy". By proposing any +action against simulated explicit content, the world would be robbed of +these literary and artistic masterpieces, we would have a narrower view +of the world, a lesser understanding of taboos, and a greater +difficulty learning more about the human psyche and the motivations +people have for engaging in distasteful behaviour. + +As for simulated child pornography (including -- and perhaps whereupon +the largest debate lies on the Internet about this draft -- lolicon and +shotacon), many of these pornographic works still hold artistic value. +Many people use this type of pornography as an outlet of sexual +frustration rather than a gateway to committing crimes against +real-life people. I believe if anyone wants to place the blame on +fictional child pornography for causing sexual crimes, that there +should be a study investigating whether fictional works are the cause +or the effect, because I am under the impression that few people +(including myself) actually know the answer to this. To me it seems +like a knee-jerk reaction to believe that fictional works are the +cause, and it is a fair reaction because this is such a heavy subject +to debate, but I believe it is one that must be debated fairly. + + +As for my second concern, I have also mentioned in my blog post (albeit +in casual and blunt terms; if I were to rewrite it today I would reword +and restructure some of what I said, but I believe the general point +carries) [1] that there should be no difference in severity of sexual +abuse cases, based on the age of the victim alone. Sexual abuse is a +scarring event no matter the victim's age. Furthermore, I do not +believe this fits well within the scope of the United Nations to +decide; individual nations have long had varying ages of consent. By no +means do people unanimously agree what objectively defines a child and +when that child becomes an adult. To me, the word "child" is only +brought into play so that it may convince more people to be on board +with this drafted legislation. It seems irrelevant to the core goal of +this draft, which -- to my interpretation -- is to address sexual abuse +and trafficking. + + +I hope I have brought up some useful considerations and opinions in +response to this draft, and that the Convention on the Rights of the +Child may take these points into consideration before arriving to a +conclusion. I hope to see this draft revised into something beneficial +for all and controversial to none, something that may be passed into +legislation easily if not unanimously. I am willing to continue +participating toward this issue in any manner I can, whether this +involves direct input or additional resources I can follow so that I +know the future status of this draft. + + +All parties involved have permission to redistribute my message, +verbatim, either with or without attribution. See the terms of the CC0 +licence [2] for full details. I have published a copy of this message +on my website [3] and would be happy to release any replies to this +message with the writer's permission. + +[1]<https://wowana.me/blog/the-grey-area-of-paedophilia.html> +[2]<https://creativecommons.org/share-your-work/public-domain/cc0> +[3]<https://wowana.me/files/UNCRC.eml> + + +Thanks for your consideration, +opal hart +-- +wowaname <https://wowana.me/pgp> +Please use detailed subject lines and reply below quoted text +whenever possible. diff --git a/out/files/cloudflare-email-template.txt b/out/files/cloudflare-email-template.txt @@ -0,0 +1,103 @@ +<<This template is specifically for my own use, but it should be easily +adaptable for yours as well if you wish to take up the cause of +informing Cloudflare users about exactly what product they are using in +front of their websites. I encourage anyone interested to join; I +encourage feedback for improvements on this template as well, so feel +free to contact me <https://wowana.me/contact> if you have any +suggestions or simply if you are making use of this yourself. As with +most of my site's content, I release this template into the public +domain under the Creative Commons Zero licence.>> + + +Hi, + +May I ask what influenced your decision to place your website behind +Cloudflare? <<Information about how I discovered your site>> + +While Cloudflare is easy and free to use and set up (I made an account +a while back to test it out) it is not without issue. Along with the +fact it seems to discriminate against legitimate Tor and other +VPN/proxy users, despite claims that Cloudflare is doing its best not +to impede upon Tor traffic, there are other problems with its current +implementation and its design. It is a central entity, which means any +attacks on Cloudflare affect many or all of its users, regardless of +website; as long as it's behind Cloudflare it is affected, and it could +cause anywhere from downtime [1] to security vulnerabilities and +personal information leaks [2]. + +In addition, people using your website must not only agree to your +and your hosting provider's terms of service, but also Cloudflare's +terms, and Google's terms as well if they get served a reCAPTCHA from +the "One more step" page. ReCAPTCHA is difficult to solve on a good day +and impossible to solve behind an IP address with a "bad reputation" +such as with Tor's exit nodes. The solution to reCAPTCHA (and Google +designed it this way) is to keep one's browser logged into Google +across all sites, which requires a trade-off on privacy that Tor and +other VPN users do not want to risk -- if they did, then they would +likely not be behind a proxy anyway. + +You might be wondering why Tor is important: not only is it good for +privacy-conscious people, but it helps people access websites otherwise +censored by ISPs and governments. My choice to use Tor is thankfully +just that, a choice, but it is one I make because I believe in the +power of privacy and in strengthening the anonymity set of the network. +With my normal browsing traffic mixed into the network, it becomes more +difficult for adversaries to track the browsing habits of people who +"shouldn't" have unbridled access to the Internet. While it's true that +Tor is also used by criminals and spammers, it is a vocal minority, and +websites such as your own are more likely to attract undesired traffic +coming from people with access to thousands of open proxies and botnet +computers. I personally have much experience dealing with Tor traffic +because I help administrate Tor-only as well as Tor-friendly websites, +and with proper caching and security, I am able to keep my websites +maintainable and moderatable. + +There is also the fact that Cloudflare is, simply put, a +man-in-the-middle service. It's their business; it's the only +technically possible way they can achieve layer-7 DDoS mitigation. +Thankfully, layer-7 mitigation can be done from your own server; like I +said, caching web pages for logged-out users does wonders and you most +likely do not have to worry about any other server configuration other +than keeping all your software up to date. Lower layer mitigation is +offered by many providers and tunnel services; just do a search for +DDoS-mitigated providers if this is a concern of yours. + +Again, the MITM trait of Cloudflare matters because user data has +another terms-of-service to transport through, another security weak +point to transport through, and potentially the eyes of several +three-letter agencies to worry about, should any of them decide to +reach out to Cloudflare in request of any information or metadata. +Also, it means Cloudflare can terminate anyone and do anything they +want with customer and end-user information, which they had +demonstrated in the past [3]. Thankfully the CEO of Cloudflare learned +from his mistake and promises his business will not make any similar +rash choices again, but next time it may not be up to him but by +another disgruntled employee. This final concern might not affect you, +but it is a concern nonetheless, and it demonstrates the power +Cloudflare has over its business due to its MITM nature of a majority +of the Internet. I have a strong desire to see decentralisation on the +Internet, given it is a naturally-decentralised network that spans +across nations and websites. If all websites with their own interests +and policies tunnel through Cloudflare, are they our websites anymore? I +have similar concerns with other large hosts such as Google, Amazon AWS, +and Github, but I believe that simply addressing my concerns to sites +behind Cloudflare is a large enough goal to focus on. These other +companies I have a watchful eye for, and I personally do not host my +content with any of them because again, I believe I must avoid placing +all my eggs in one basket. + +I have used a public template [4] as a base for this message, as I only +wish for Cloudflare users to be aware of the product they are using. It +is ultimately your choice as a website administrator to use Cloudflare, +but be aware of its impact on all of your users, and if you wish to at +least be indiscriminate toward Tor users, you should look into lowering +your site's protection settings and only have the reCAPTCHA page served +when your site is actively under attack. Again, there are a lot of +legitimate users who simply wish to read the content published online. + +[1]<https://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet/> +[2]<https://en.wikipedia.org/wiki/Cloudbleed> +[3]<https://blog.cloudflare.com/why-we-terminated-daily-stormer/> +[4]<https://wowana.me/files/cloudflare-email-template.txt> + +Thanks, diff --git a/out/files/mozilla.cfg b/out/files/mozilla.cfg @@ -0,0 +1,1142 @@ +// +/****************************************************************************** + * user.js * + * https://github.com/pyllyukko/user.js * + ******************************************************************************/ + +//I don't want this pref +///This pref doesn't exist + +/****************************************************************************** + * SECTION: HTML5 / APIs / DOM * + ******************************************************************************/ + +// PREF: Disable Service Workers +// https://developer.mozilla.org/en-US/docs/Web/API/Worker +// https://developer.mozilla.org/en-US/docs/Web/API/ServiceWorker_API +// https://wiki.mozilla.org/Firefox/Push_Notifications#Service_Workers +// NOTICE: Disabling ServiceWorkers breaks functionality on some sites (Google Street View...) +// Unknown security implications +// CVE-2016-5259, CVE-2016-2812, CVE-2016-1949, CVE-2016-5287 (fixed) +defaultPref("dom.serviceWorkers.enabled", false); + +// PREF: Disable Web Workers +// https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API/Using_web_workers +// https://www.w3schools.com/html/html5_webworkers.asp +// NOTICE: Disabling Web Workers breaks "Download as ZIP" functionality on https://mega.nz/, WhatsApp Web and probably others +///defaultPref("dom.workers.enabled", false); + +// PREF: Disable web notifications +// https://support.mozilla.org/en-US/questions/1140439 +//defaultPref("dom.webnotifications.enabled", false); + +// PREF: Disable DOM timing API +// https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI +// https://www.w3.org/TR/navigation-timing/#privacy +lockPref("dom.enable_performance", false); + +// PREF: Make sure the User Timing API does not provide a new high resolution timestamp +// https://trac.torproject.org/projects/tor/ticket/16336 +// https://www.w3.org/TR/2013/REC-user-timing-20131212/#privacy-security +///defaultPref("dom.enable_user_timing", false); + +// PREF: Disable Web Audio API +// https://bugzilla.mozilla.org/show_bug.cgi?id=1288359 +defaultPref("dom.webaudio.enabled", false); + +// PREF: Disable Location-Aware Browsing (geolocation) +// https://www.mozilla.org/en-US/firefox/geolocation/ +defaultPref("geo.enabled", false); + +// PREF: When geolocation is enabled, use Mozilla geolocation service instead of Google +// https://bugzilla.mozilla.org/show_bug.cgi?id=689252 +lockPref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); + +// PREF: When geolocation is enabled, don't log geolocation requests to the console +///defaultPref("geo.wifi.logging.enabled", false); + +// PREF: Disable raw TCP socket support (mozTCPSocket) +// https://trac.torproject.org/projects/tor/ticket/18863 +// https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/ +// https://developer.mozilla.org/docs/Mozilla/B2G_OS/API/TCPSocket +///defaultPref("dom.mozTCPSocket.enabled", false); + +// PREF: Disable DOM storage (disabled) +// http://kb.mozillazine.org/Dom.storage.enabled +// https://html.spec.whatwg.org/multipage/webstorage.html +// NOTICE-DISABLED: Disabling DOM storage is known to cause`TypeError: localStorage is null` errors +//defaultPref("dom.storage.enabled", false); + +// PREF: Disable leaking network/browser connection information via Javascript +// Network Information API provides general information about the system's connection type (WiFi, cellular, etc.) +// https://developer.mozilla.org/en-US/docs/Web/API/Network_Information_API +// https://wicg.github.io/netinfo/#privacy-considerations +// https://bugzilla.mozilla.org/show_bug.cgi?id=960426 +defaultPref("dom.netinfo.enabled", false); + +// PREF: Disable network API (Firefox < 32) +// https://developer.mozilla.org/en-US/docs/Web/API/Connection/onchange +// https://www.torproject.org/projects/torbrowser/design/#fingerprinting-defenses +///defaultPref("dom.network.enabled", false); + +// PREF: Disable WebRTC entirely to prevent leaking internal IP addresses (Firefox < 42) +// NOTICE: Disabling WebRTC breaks peer-to-peer file sharing tools (reep.io ...) +defaultPref("media.peerconnection.enabled", false); + +// PREF: Don't reveal your internal IP when WebRTC is enabled (Firefox >= 42) +// https://wiki.mozilla.org/Media/WebRTC/Privacy +// https://github.com/beefproject/beef/wiki/Module%3A-Get-Internal-IP-WebRTC +lockPref("media.peerconnection.ice.default_address_only", true); // Firefox 42-51 +lockPref("media.peerconnection.ice.no_host", true); // Firefox >= 52 + +// PREF: Disable WebRTC getUserMedia, screen sharing, audio capture, video capture +// https://wiki.mozilla.org/Media/getUserMedia +// https://blog.mozilla.org/futurereleases/2013/01/12/capture-local-camera-and-microphone-streams-with-getusermedia-now-enabled-in-firefox/ +// https://developer.mozilla.org/en-US/docs/Web/API/Navigator +defaultPref("media.navigator.enabled", false); +defaultPref("media.navigator.video.enabled", false); +defaultPref("media.getusermedia.screensharing.enabled", false); +defaultPref("media.getusermedia.audiocapture.enabled", false); + +// PREF: Disable battery API (Firefox < 52) +// https://developer.mozilla.org/en-US/docs/Web/API/BatteryManager +// https://bugzilla.mozilla.org/show_bug.cgi?id=1313580 +defaultPref("dom.battery.enabled", false); + +// PREF: Disable telephony API +// https://wiki.mozilla.org/WebAPI/Security/WebTelephony +///defaultPref("dom.telephony.enabled", false); + +// PREF: Disable "beacon" asynchronous HTTP transfers (used for analytics) +// https://developer.mozilla.org/en-US/docs/Web/API/navigator.sendBeacon +lockPref("beacon.enabled", false); + +// PREF: Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript +// NOTICE: Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in JS-based web applications (Google Docs...) +// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled +//defaultPref("dom.event.clipboardevents.enabled", false); + +// PREF: Disable "copy to clipboard" functionality via Javascript (Firefox >= 41) +// NOTICE: Disabling clipboard operations will break legitimate JS-based "copy to clipboard" functionality +// https://hg.mozilla.org/mozilla-central/rev/2f9f8ea4b9c3 +///defaultPref("dom.allow_cut_copy", false); + +// PREF: Disable speech recognition +// https://dvcs.w3.org/hg/speech-api/raw-file/tip/speechapi.html +// https://developer.mozilla.org/en-US/docs/Web/API/SpeechRecognition +// https://wiki.mozilla.org/HTML5_Speech_API +defaultPref("media.webspeech.recognition.enable", false); + +// PREF: Disable speech synthesis +// https://developer.mozilla.org/en-US/docs/Web/API/SpeechSynthesis +defaultPref("media.webspeech.synth.enabled", false); + +// PREF: Disable sensor API +// https://wiki.mozilla.org/Sensor_API +defaultPref("device.sensors.enabled", false); + +// PREF: Disable pinging URIs specified in HTML <a> ping= attributes +// http://kb.mozillazine.org/Browser.send_pings +lockPref("browser.send_pings", false); + +// PREF: When browser pings are enabled, only allow pinging the same host as the origin page +// http://kb.mozillazine.org/Browser.send_pings.require_same_host +lockPref("browser.send_pings.require_same_host", true); + +// PREF: Disable IndexedDB (disabled) +// https://developer.mozilla.org/en-US/docs/IndexedDB +// https://en.wikipedia.org/wiki/Indexed_Database_API +// https://wiki.mozilla.org/Security/Reviews/Firefox4/IndexedDB_Security_Review +// http://forums.mozillazine.org/viewtopic.php?p=13842047 +// https://github.com/pyllyukko/user.js/issues/8 +// NOTICE-DISABLED: IndexedDB could be used for tracking purposes, but is required for some add-ons to work (notably uBlock), so is left enabled +//defaultPref("dom.indexedDB.enabled", false); + +// TODO: "Access Your Location" "Maintain Offline Storage" "Show Notifications" + +// PREF: Disable gamepad API to prevent USB device enumeration +// https://www.w3.org/TR/gamepad/ +// https://trac.torproject.org/projects/tor/ticket/13023 +//defaultPref("dom.gamepad.enabled", false); + +// PREF: Disable virtual reality devices APIs +// https://developer.mozilla.org/en-US/Firefox/Releases/36#Interfaces.2FAPIs.2FDOM +// https://developer.mozilla.org/en-US/docs/Web/API/WebVR_API +defaultPref("dom.vr.enabled", false); + +// PREF: Disable vibrator API +//defaultPref("dom.vibrator.enabled", false); + +// PREF: Disable resource timing API +// https://www.w3.org/TR/resource-timing/#privacy-security +lockPref("dom.enable_resource_timing", false); + +// PREF: Disable Archive API (Firefox < 54) +// https://wiki.mozilla.org/WebAPI/ArchiveAPI +// https://bugzilla.mozilla.org/show_bug.cgi?id=1342361 +///defaultPref("dom.archivereader.enabled", false); + +// PREF: Disable webGL +// https://en.wikipedia.org/wiki/WebGL +// https://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/ +//defaultPref("webgl.disabled", true); +// PREF: When webGL is enabled, use the minimum capability mode +defaultPref("webgl.min_capability_mode", true); +// PREF: When webGL is enabled, disable webGL extensions +// https://developer.mozilla.org/en-US/docs/Web/API/WebGL_API#WebGL_debugging_and_testing +defaultPref("webgl.disable-extensions", true); +// PREF: When webGL is enabled, force enabling it even when layer acceleration is not supported +// https://trac.torproject.org/projects/tor/ticket/18603 +defaultPref("webgl.disable-fail-if-major-performance-caveat", true); +// PREF: When webGL is enabled, do not expose information about the graphics driver +// https://bugzilla.mozilla.org/show_bug.cgi?id=1171228 +// https://developer.mozilla.org/en-US/docs/Web/API/WEBGL_debug_renderer_info +defaultPref("webgl.enable-debug-renderer-info", false); +// somewhat related... +//defaultPref("pdfjs.enableWebGL", false); + +// PREF: Spoof dual-core CPU +// https://trac.torproject.org/projects/tor/ticket/21675 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1360039 +defaultPref("dom.maxHardwareConcurrency", 2); + +/****************************************************************************** + * SECTION: Misc * + ******************************************************************************/ + +// PREF: Disable face detection +///defaultPref("camera.control.face_detection.enabled", false); + +// PREF: Set the default search engine to DuckDuckGo (disabled) +// https://support.mozilla.org/en-US/questions/948134 +//defaultPref("browser.search.defaultenginename", "DuckDuckGo"); +//defaultPref("browser.search.order.1", "DuckDuckGo"); +//defaultPref("keyword.URL", "https://duckduckgo.com/html/?q=!+"); + +// PREF: Disable GeoIP lookup on your address to set default search engine region +// https://trac.torproject.org/projects/tor/ticket/16254 +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine +//defaultPref("browser.search.countryCode", "US"); +//defaultPref("browser.search.region", "US"); +defaultPref("browser.search.geoip.url", ""); + +// PREF: Set Accept-Language HTTP header to en-US regardless of Firefox localization +// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language +//defaultPref("intl.accept_languages", "en-US, en"); + +// PREF: Don't use OS values to determine locale, force using Firefox locale setting +// http://kb.mozillazine.org/Intl.locale.matchOS +defaultPref("intl.locale.matchOS", false); + +// PREF: Don't use Mozilla-provided location-specific search engines +defaultPref("browser.search.geoSpecificDefaults", false); + +// PREF: Do not automatically send selection to clipboard on some Linux platforms +// http://kb.mozillazine.org/Clipboard.autocopy +//defaultPref("clipboard.autocopy", false); + +// PREF: Prevent leaking application locale/date format using JavaScript +// https://bugzilla.mozilla.org/show_bug.cgi?id=867501 +// https://hg.mozilla.org/mozilla-central/rev/52d635f2b33d +//defaultPref("javascript.use_us_english_locale", true); + +// PREF: Do not submit invalid URIs entered in the address bar to the default search engine +// http://kb.mozillazine.org/Keyword.enabled +defaultPref("keyword.enabled", false); + +// PREF: Don't trim HTTP off of URLs in the address bar. +// https://bugzilla.mozilla.org/show_bug.cgi?id=665580 +lockPref("browser.urlbar.trimURLs", false); + +// PREF: Don't try to guess domain names when entering an invalid domain name in URL bar +// http://www-archive.mozilla.org/docs/end-user/domain-guessing.html +lockPref("browser.fixup.alternate.enabled", false); + +// PREF: When browser.fixup.alternate.enabled is enabled, strip password from 'user:password@...' URLs +// https://github.com/pyllyukko/user.js/issues/290#issuecomment-303560851 +defaultPref("browser.fixup.hide_user_pass", false); + +// PREF: Send DNS request through SOCKS when SOCKS proxying is in use +// https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers +defaultPref("network.proxy.socks_remote_dns", true); + +// PREF: Don't monitor OS online/offline connection state +// https://trac.torproject.org/projects/tor/ticket/18945 +defaultPref("network.manage-offline-status", false); + +// PREF: Enforce Mixed Active Content Blocking +// https://support.mozilla.org/t5/Protect-your-privacy/Mixed-content-blocking-in-Firefox/ta-p/10990 +// https://developer.mozilla.org/en-US/docs/Site_Compatibility_for_Firefox_23#Non-SSL_contents_on_SSL_pages_are_blocked_by_default +// https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/ +defaultPref("security.mixed_content.block_active_content", true); + +// PREF: Enforce Mixed Passive Content blocking (a.k.a. Mixed Display Content) +// NOTICE: Enabling Mixed Display Content blocking can prevent images/styles... from loading properly when connection to the website is only partially secured +defaultPref("security.mixed_content.block_display_content", true); + +// PREF: Disable JAR from opening Unsafe File Types +// http://kb.mozillazine.org/Network.jar.open-unsafe-types +// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.7 +defaultPref("network.jar.open-unsafe-types", false); + +// CIS 2.7.4 Disable Scripting of Plugins by JavaScript +// http://forums.mozillazine.org/viewtopic.php?f=7&t=153889 +///defaultPref("security.xpconnect.plugin.unrestricted", false); + +// PREF: Set File URI Origin Policy +// http://kb.mozillazine.org/Security.fileuri.strict_origin_policy +// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.8 +defaultPref("security.fileuri.strict_origin_policy", true); + +// PREF: Disable Displaying Javascript in History URLs +// http://kb.mozillazine.org/Browser.urlbar.filter.javascript +// CIS 2.3.6 +defaultPref("browser.urlbar.filter.javascript", true); + +// PREF: Disable asm.js +// http://asmjs.org/ +// https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ +// https://www.mozilla.org/en-US/security/advisories/mfsa2015-50/ +// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712 +defaultPref("javascript.options.asmjs", false); + +// PREF: Disable SVG in OpenType fonts +// https://wiki.mozilla.org/SVGOpenTypeFonts +// https://github.com/iSECPartners/publications/tree/master/reports/Tor%20Browser%20Bundle +defaultPref("gfx.font_rendering.opentype_svg.enabled", false); + +// PREF: Disable in-content SVG rendering (Firefox >= 53) +// NOTICE: Disabling SVG support breaks many UI elements on many sites +// https://bugzilla.mozilla.org/show_bug.cgi?id=1216893 +// https://github.com/iSECPartners/publications/raw/master/reports/Tor%20Browser%20Bundle/Tor%20Browser%20Bundle%20-%20iSEC%20Deliverable%201.3.pdf#16 +//defaultPref("svg.disabled", true); + + +// PREF: Disable video stats to reduce fingerprinting threat +// https://bugzilla.mozilla.org/show_bug.cgi?id=654550 +// https://github.com/pyllyukko/user.js/issues/9#issuecomment-100468785 +// https://github.com/pyllyukko/user.js/issues/9#issuecomment-148922065 +//defaultPref("media.video_stats.enabled", false); + +// PREF: Don't reveal build ID +// Value taken from Tor Browser +// https://bugzilla.mozilla.org/show_bug.cgi?id=583181 +///defaultPref("general.buildID.override", "20100101"); +///defaultPref("browser.startup.homepage_override.buildID", "20100101"); + +// PREF: Prevent font fingerprinting +// https://browserleaks.com/fonts +// https://github.com/pyllyukko/user.js/issues/120 +//defaultPref("browser.display.use_document_fonts", 0); + +// PREF: Enable only whitelisted URL protocol handlers +// http://kb.mozillazine.org/Network.protocol-handler.external-default +// http://kb.mozillazine.org/Network.protocol-handler.warn-external-default +// http://kb.mozillazine.org/Network.protocol-handler.expose.%28protocol%29 +// https://news.ycombinator.com/item?id=13047883 +// https://bugzilla.mozilla.org/show_bug.cgi?id=167475 +// https://github.com/pyllyukko/user.js/pull/285#issuecomment-298124005 +// NOTICE: Disabling nonessential protocols breaks all interaction with custom protocols such as mailto:, irc:, magnet: ... and breaks opening third-party mail/messaging/torrent/... clients when clicking on links with these protocols +// TODO: Add externally-handled protocols from Windows 8.1 and Windows 10 (currently contains protocols only from Linux and Windows 7) that might pose a similar threat (see e.g. https://news.ycombinator.com/item?id=13044991) +// TODO: Add externally-handled protocols from Mac OS X that might pose a similar threat (see e.g. https://news.ycombinator.com/item?id=13044991) +// If you want to enable a protocol, set network.protocol-handler.expose.(protocol) to true and network.protocol-handler.external.(protocol) to: +// * true, if the protocol should be handled by an external application +// * false, if the protocol should be handled internally by Firefox +//defaultPref("network.protocol-handler.warn-external-default", true); +///defaultPref("network.protocol-handler.external.http", false); +///defaultPref("network.protocol-handler.external.https", false); +//defaultPref("network.protocol-handler.external.javascript", false); +///defaultPref("network.protocol-handler.external.moz-extension", false); +///defaultPref("network.protocol-handler.external.ftp", false); +///defaultPref("network.protocol-handler.external.file", false); +///defaultPref("network.protocol-handler.external.about", false); +///defaultPref("network.protocol-handler.external.chrome", false); +///defaultPref("network.protocol-handler.external.blob", false); +//defaultPref("network.protocol-handler.external.data", false); +//defaultPref("network.protocol-handler.expose-all", false); +///defaultPref("network.protocol-handler.expose.http", true); +///defaultPref("network.protocol-handler.expose.https", true); +///defaultPref("network.protocol-handler.expose.javascript", true); +///defaultPref("network.protocol-handler.expose.moz-extension", true); +///defaultPref("network.protocol-handler.expose.ftp", true); +///defaultPref("network.protocol-handler.expose.file", true); +///defaultPref("network.protocol-handler.expose.about", true); +///defaultPref("network.protocol-handler.expose.chrome", true); +///defaultPref("network.protocol-handler.expose.blob", true); +///defaultPref("network.protocol-handler.expose.data", true); + +/****************************************************************************** + * SECTION: Extensions / plugins * + ******************************************************************************/ + +// PREF: Ensure you have a security delay when installing add-ons (milliseconds) +// http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox +// http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ +lockPref("security.dialog_enable_delay", 3000); + +// PREF: Require signatures +// https://wiki.mozilla.org/Addons/Extension_Signing +//defaultPref("xpinstall.signatures.required", true); + +// PREF: Opt-out of add-on metadata updates +// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ +defaultPref("extensions.getAddons.cache.enabled", false); + +// PREF: Opt-out of themes (Persona) updates +// https://support.mozilla.org/t5/Firefox/how-do-I-prevent-autoamtic-updates-in-a-50-user-environment/td-p/144287 +defaultPref("lightweightThemes.update.enabled", false); + +// PREF: Disable Flash Player NPAPI plugin +// http://kb.mozillazine.org/Flash_plugin +defaultPref("plugin.state.flash", 0); + +// PREF: Disable Java NPAPI plugin +defaultPref("plugin.state.java", 0); + +// PREF: Disable sending Flash Player crash reports +defaultPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); + +// PREF: When Flash crash reports are enabled, don't send the visited URL in the crash report +defaultPref("dom.ipc.plugins.reportCrashURL", false); + +// PREF: When Flash is enabled, download and use Mozilla SWF URIs blocklist +// https://bugzilla.mozilla.org/show_bug.cgi?id=1237198 +// https://github.com/mozilla-services/shavar-plugin-blocklist +defaultPref("browser.safebrowsing.blockedURIs.enabled", true); + +// PREF: Disable Shumway (Mozilla Flash renderer) +// https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Shumway +///defaultPref("shumway.disabled", true); + +// PREF: Disable Gnome Shell Integration NPAPI plugin +defaultPref("plugin.state.libgnome-shell-browser-plugin", 0); + +// PREF: Disable the bundled OpenH264 video codec (disabled) +// http://forums.mozillazine.org/viewtopic.php?p=13845077&sid=28af2622e8bd8497b9113851676846b1#p13845077 +//defaultPref("media.gmp-provider.enabled", false); + +// PREF: Enable plugins click-to-play +// https://wiki.mozilla.org/Firefox/Click_To_Play +// https://blog.mozilla.org/security/2012/10/11/click-to-play-plugins-blocklist-style/ +defaultPref("plugins.click_to_play", true); + +// PREF: Updates addons automatically +// https://blog.mozilla.org/addons/how-to-turn-off-add-on-updates/ +defaultPref("extensions.update.enabled", false); + +// PREF: Enable add-on and certificate blocklists (OneCRL) from Mozilla +// https://wiki.mozilla.org/Blocklisting +// https://blocked.cdn.mozilla.net/ +// http://kb.mozillazine.org/Extensions.blocklist.enabled +// http://kb.mozillazine.org/Extensions.blocklist.url +// https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ +// Updated at interval defined in extensions.blocklist.interval (default: 86400) +//defaultPref("extensions.blocklist.enabled", true); +defaultPref("services.blocklist.update_enabled", false); + +// PREF: Decrease system information leakage to Mozilla blocklist update servers +// https://trac.torproject.org/projects/tor/ticket/16931 +defaultPref("extensions.blocklist.url", "https://blocklist.addons.mozilla.org/blocklist/3/%APP_ID%/%APP_VERSION%/"); + +/****************************************************************************** + * SECTION: Firefox (anti-)features / components * * + ******************************************************************************/ + +// PREF: Disable WebIDE +// https://trac.torproject.org/projects/tor/ticket/16222 +// https://developer.mozilla.org/docs/Tools/WebIDE +defaultPref("devtools.webide.enabled", false); +defaultPref("devtools.webide.autoinstallADBHelper", false); +///defaultPref("devtools.webide.autoinstallFxdtAdapters", false); + +// PREF: Disable remote debugging +// https://developer.mozilla.org/en-US/docs/Tools/Remote_Debugging/Debugging_Firefox_Desktop +// https://developer.mozilla.org/en-US/docs/Tools/Tools_Toolbox#Advanced_settings +defaultPref("devtools.debugger.remote-enabled", false); +defaultPref("devtools.chrome.enabled", false); +defaultPref("devtools.debugger.force-local", true); + +// PREF: Disable Mozilla telemetry/experiments +// https://wiki.mozilla.org/Platform/Features/Telemetry +// https://wiki.mozilla.org/Privacy/Reviews/Telemetry +// https://wiki.mozilla.org/Telemetry +// https://www.mozilla.org/en-US/legal/privacy/firefox.html#telemetry +// https://support.mozilla.org/t5/Firefox-crashes/Mozilla-Crash-Reporter/ta-p/1715 +// https://wiki.mozilla.org/Security/Reviews/Firefox6/ReviewNotes/telemetry +// https://gecko.readthedocs.io/en/latest/browser/experiments/experiments/manifest.html +// https://wiki.mozilla.org/Telemetry/Experiments +lockPref("toolkit.telemetry.enabled", false); +defaultPref("toolkit.telemetry.unified", false); +defaultPref("experiments.supported", false); +defaultPref("experiments.enabled", false); +defaultPref("experiments.manifest.uri", ""); + +// PREF: Disallow Necko to do A/B testing +// https://trac.torproject.org/projects/tor/ticket/13170 +defaultPref("network.allow-experiments", false); + +// PREF: Disable sending Firefox crash reports to Mozilla servers +// https://wiki.mozilla.org/Breakpad +// http://kb.mozillazine.org/Breakpad +// https://dxr.mozilla.org/mozilla-central/source/toolkit/crashreporter +// https://bugzilla.mozilla.org/show_bug.cgi?id=411490 +// A list of submitted crash reports can be found at about:crashes +defaultPref("breakpad.reportURL", ""); + +// PREF: Disable sending reports of tab crashes to Mozilla (about:tabcrashed), don't nag user about unsent crash reports +// https://hg.mozilla.org/mozilla-central/file/tip/browser/app/profile/firefox.js +defaultPref("browser.tabs.crashReporting.sendReport", false); +defaultPref("browser.crashReports.unsubmittedCheck.enabled", false); + +// PREF: Disable FlyWeb (discovery of LAN/proximity IoT devices that expose a Web interface) +// https://wiki.mozilla.org/FlyWeb +// https://wiki.mozilla.org/FlyWeb/Security_scenarios +// https://docs.google.com/document/d/1eqLb6cGjDL9XooSYEEo7mE-zKQ-o-AuDTcEyNhfBMBM/edit +// http://www.ghacks.net/2016/07/26/firefox-flyweb +///defaultPref("dom.flyweb.enabled", false); + +// PREF: Disable the UITour backend +// https://trac.torproject.org/projects/tor/ticket/19047#comment:3 +defaultPref("browser.uitour.enabled", false); + +// PREF: Enable Firefox Tracking Protection +// https://wiki.mozilla.org/Security/Tracking_protection +// https://support.mozilla.org/en-US/kb/tracking-protection-firefox +// https://support.mozilla.org/en-US/kb/tracking-protection-pbm +// https://kontaxis.github.io/trackingprotectionfirefox/ +// https://feeding.cloud.geek.nz/posts/how-tracking-protection-works-in-firefox/ +//defaultPref("privacy.trackingprotection.enabled", true); +//defaultPref("privacy.trackingprotection.pbmode.enabled", true); + +// PREF: Enable contextual identity Containers feature (Firefox >= 52) +// NOTICE: Containers are not available in Private Browsing mode +// https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers +lockPref("privacy.userContext.enabled", true); + +// PREF: Enable hardening against various fingerprinting vectors (Tor Uplift project) +// https://wiki.mozilla.org/Security/Tor_Uplift/Tracking +// https://bugzilla.mozilla.org/show_bug.cgi?id=1333933 +//defaultPref("privacy.resistFingerprinting", true); + +// PREF: Disable the built-in PDF viewer +// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2743 +// https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/ +// https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/ +lockPref("pdfjs.disabled", true); + +// PREF: Disable collection/sending of the health report (healthreport.sqlite*) +// https://support.mozilla.org/en-US/kb/firefox-health-report-understand-your-browser-perf +// https://gecko.readthedocs.org/en/latest/toolkit/components/telemetry/telemetry/preferences.html +lockPref("datareporting.healthreport.uploadEnabled", false); +///defaultPref("datareporting.healthreport.service.enabled", false); +lockPref("datareporting.policy.dataSubmissionEnabled", false); + +// PREF: Disable Heartbeat (Mozilla user rating telemetry) +// https://wiki.mozilla.org/Advocacy/heartbeat +// https://trac.torproject.org/projects/tor/ticket/19047 +///defaultPref("browser.selfsupport.url", ""); + +// PREF: Disable Firefox Hello (disabled) (Firefox < 49) +// https://wiki.mozilla.org/Loop +// https://support.mozilla.org/t5/Chat-and-share/Support-for-Hello-discontinued-in-Firefox-49/ta-p/37946 +// NOTICE-DISABLED: Firefox Hello requires setting `media.peerconnection.enabled` and `media.getusermedia.screensharing.enabled` to true, `security.OCSP.require` to false to work. +///defaultPref("loop.enabled", false); + +// PREF: Disable Firefox Hello metrics collection +// https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion +///defaultPref("loop.logDomains", false); + +// PREF: Enable Auto Update (disabled) +// NOTICE: Fully automatic updates are disabled and left to package management systems on Linux. Windows users may want to change this setting. +// CIS 2.1.1 +defaultPref("app.update.auto", false); + +// PREF: Enforce checking for Firefox updates +// http://kb.mozillazine.org/App.update.enabled +// NOTICE: Update check page might incorrectly report Firefox ESR as out-of-date +defaultPref("app.update.enabled", false); + +// PREF: Enable blocking reported web forgeries +// https://wiki.mozilla.org/Security/Safe_Browsing +// http://kb.mozillazine.org/Safe_browsing +// https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work +// http://forums.mozillazine.org/viewtopic.php?f=39&t=2711237&p=12896849#p12896849 +// CIS 2.3.4 +///defaultPref("browser.safebrowsing.enabled", true); // Firefox < 50 +defaultPref("browser.safebrowsing.phishing.enabled", false); // firefox >= 50 + +// PREF: Enable blocking reported attack sites +// http://kb.mozillazine.org/Browser.safebrowsing.malware.enabled +// CIS 2.3.5 +defaultPref("browser.safebrowsing.malware.enabled", false); + +// PREF: Disable querying Google Application Reputation database for downloaded binary files +// https://www.mozilla.org/en-US/firefox/39.0/releasenotes/ +// https://wiki.mozilla.org/Security/Application_Reputation +defaultPref("browser.safebrowsing.downloads.remote.enabled", false); + +// PREF: Disable Pocket +// https://support.mozilla.org/en-US/kb/save-web-pages-later-pocket-firefox +// https://github.com/pyllyukko/user.js/issues/143 +///defaultPref("browser.pocket.enabled", false); +lockPref("extensions.pocket.enabled", false); + +// PREF: Disable SHIELD +// https://support.mozilla.org/en-US/kb/shield +// https://bugzilla.mozilla.org/show_bug.cgi?id=1370801 +///defaultPref("extensions.shield-recipe-client.enabled", false); +lockPref("app.shield.optoutstudies.enabled", false); + +// PREF: Disable "Recommended by Pocket" in Firefox Quantum +lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false); + +/****************************************************************************** + * SECTION: Automatic connections * + ******************************************************************************/ + +// PREF: Disable prefetching of <link rel="next"> URLs +// http://kb.mozillazine.org/Network.prefetch-next +// https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F +lockPref("network.prefetch-next", false); + +// PREF: Disable DNS prefetching +// http://kb.mozillazine.org/Network.dns.disablePrefetch +// https://developer.mozilla.org/en-US/docs/Web/HTTP/Controlling_DNS_prefetching +lockPref("network.dns.disablePrefetch", true); +///defaultPref("network.dns.disablePrefetchFromHTTPS", true); + +// PREF: Disable the predictive service (Necko) +// https://wiki.mozilla.org/Privacy/Reviews/Necko +lockPref("network.predictor.enabled", false); + +// PREF: Reject .onion hostnames before passing the to DNS +// https://bugzilla.mozilla.org/show_bug.cgi?id=1228457 +// RFC 7686 +defaultPref("network.dns.blockDotOnion", true); + +// PREF: Disable search suggestions in the search bar +// http://kb.mozillazine.org/Browser.search.suggest.enabled +defaultPref("browser.search.suggest.enabled", false); + +// PREF: Disable "Show search suggestions in location bar results" +//defaultPref("browser.urlbar.suggest.searches", false); +// PREF: When using the location bar, don't suggest URLs from browsing history +//defaultPref("browser.urlbar.suggest.history", false); + +// PREF: Disable SSDP +// https://bugzilla.mozilla.org/show_bug.cgi?id=1111967 +///defaultPref("browser.casting.enabled", false); + +// PREF: Disable automatic downloading of OpenH264 codec +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_media-capabilities +// https://andreasgal.com/2014/10/14/openh264-now-in-firefox/ +///defaultPref("media.gmp-gmpopenh264.enabled", false); +defaultPref("media.gmp-manager.url", ""); + +// PREF: Disable speculative pre-connections +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections +// https://bugzilla.mozilla.org/show_bug.cgi?id=814169 +lockPref("network.http.speculative-parallel-limit", 0); + +// PREF: Disable downloading homepage snippets/messages from Mozilla +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_mozilla-content +// https://wiki.mozilla.org/Firefox/Projects/Firefox_Start/Snippet_Service +lockPref("browser.aboutHomeSnippets.updateUrl", ""); + +// PREF: Never check updates for search engines +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking +defaultPref("browser.search.update", false); + +// PREF: Disable automatic captive portal detection (Firefox >= 52.0) +// https://support.mozilla.org/en-US/questions/1157121 +lockPref("network.captive-portal-service.enabled", false); + +/****************************************************************************** + * SECTION: HTTP * + ******************************************************************************/ + +// PREF: Disallow NTLMv1 +// https://bugzilla.mozilla.org/show_bug.cgi?id=828183 +///defaultPref("network.negotiate-auth.allow-insecure-ntlm-v1", false); +// it is still allowed through HTTPS. uncomment the following to disable it completely. +///defaultPref("network.negotiate-auth.allow-insecure-ntlm-v1-https", false); + +// PREF: Enable CSP 1.1 script-nonce directive support +// https://bugzilla.mozilla.org/show_bug.cgi?id=855326 +defaultPref("security.csp.experimentalEnabled", true); + +// PREF: Enable Content Security Policy (CSP) +// https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy +// https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP +defaultPref("security.csp.enable", true); + +// PREF: Enable Subresource Integrity +// https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity +// https://wiki.mozilla.org/Security/Subresource_Integrity +defaultPref("security.sri.enable", true); + +// PREF: DNT HTTP header (disabled) +// https://www.mozilla.org/en-US/firefox/dnt/ +// https://en.wikipedia.org/wiki/Do_not_track_header +// https://dnt-dashboard.mozilla.org +// https://github.com/pyllyukko/user.js/issues/11 +// NOTICE: Do No Track must be enabled manually +defaultPref("privacy.donottrackheader.enabled", true); + +// PREF: Send a referer header with the target URI as the source +// https://bugzilla.mozilla.org/show_bug.cgi?id=822869 +// https://github.com/pyllyukko/user.js/issues/227 +// NOTICE: Spoofing referers breaks functionality on websites relying on authentic referer headers +// NOTICE: Spoofing referers breaks visualisation of 3rd-party sites on the Lightbeam addon +// NOTICE: Spoofing referers disables CSRF protection on some login pages not implementing origin-header/cookie+token based CSRF protection +// TODO: https://github.com/pyllyukko/user.js/issues/94, commented-out XOriginPolicy/XOriginTrimmingPolicy = 2 prefs +//defaultPref("network.http.referer.spoofSource", true); + +// PREF: Don't send referer headers when following links across different domains (disabled) +// https://github.com/pyllyukko/user.js/issues/227 +defaultPref("network.http.referer.XOriginPolicy", 2); + +// PREF: Accept Only 1st Party Cookies +// http://kb.mozillazine.org/Network.cookie.cookieBehavior#1 +// NOTICE: Blocking 3rd-party cookies breaks a number of payment gateways +// CIS 2.5.1 +//defaultPref("network.cookie.cookieBehavior", 1); + +// PREF: Enable first-party isolation +// https://bugzilla.mozilla.org/show_bug.cgi?id=1299996 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1260931 +// https://wiki.mozilla.org/Security/FirstPartyIsolation +//defaultPref("privacy.firstparty.isolate", true); + +// PREF: Make sure that third-party cookies (if enabled) never persist beyond the session. +// https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/ +// http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly +// https://developer.mozilla.org/en-US/docs/Cookies_Preferences_in_Mozilla#network.cookie.thirdparty.sessionOnly +//defaultPref("network.cookie.thirdparty.sessionOnly", true); + +// PREF: Spoof User-agent (disabled) +//defaultPref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0"); +//defaultPref("general.appname.override", "Netscape"); +//defaultPref("general.appversion.override", "5.0 (Windows)"); +//defaultPref("general.platform.override", "Win32"); +//defaultPref("general.oscpu.override", "Windows NT 6.1"); + +/******************************************************************************* + * SECTION: Caching * + ******************************************************************************/ + +// PREF: Permanently enable private browsing mode +// https://support.mozilla.org/en-US/kb/Private-Browsing +// https://wiki.mozilla.org/PrivateBrowsing +// NOTICE: You can not view or inspect cookies when in private browsing: https://bugzilla.mozilla.org/show_bug.cgi?id=823941 +// NOTICE: When Javascript is enabled, Websites can detect use of Private Browsing mode +// NOTICE: Private browsing breaks Kerberos authentication +// NOTICE: Disables "Containers" functionality (see below) +// NOTICE: "Always use private browsing mode" (browser.privatebrowsing.autostart) disables the possibility to use password manager: https://support.mozilla.org/en-US/kb/usernames-and-passwords-are-not-saved#w_private-browsing +//defaultPref("browser.privatebrowsing.autostart", true); + +// PREF: Do not download URLs for the offline cache +// http://kb.mozillazine.org/Browser.cache.offline.enable +//defaultPref("browser.cache.offline.enable", false); + +// PREF: Clear history when Firefox closes +// https://support.mozilla.org/en-US/kb/Clear%20Recent%20History#w_how-do-i-make-firefox-clear-my-history-automatically +// NOTICE: Installing user.js will remove your browsing history, caches and local storage. +// NOTICE: Installing user.js **will remove your saved passwords** (https://github.com/pyllyukko/user.js/issues/27) +// NOTICE: Clearing open windows on Firefox exit causes 2 windows to open when Firefox starts https://bugzilla.mozilla.org/show_bug.cgi?id=1334945 +//defaultPref("privacy.sanitize.sanitizeOnShutdown", true); +//defaultPref("privacy.clearOnShutdown.cache", true); +//defaultPref("privacy.clearOnShutdown.cookies", true); +//defaultPref("privacy.clearOnShutdown.downloads", true); +//defaultPref("privacy.clearOnShutdown.formdata", true); +//defaultPref("privacy.clearOnShutdown.history", true); +//defaultPref("privacy.clearOnShutdown.offlineApps", true); +//defaultPref("privacy.clearOnShutdown.sessions", true); +//defaultPref("privacy.clearOnShutdown.openWindows", true); + +// PREF: Set time range to "Everything" as default in "Clear Recent History" +defaultPref("privacy.sanitize.timeSpan", 0); + +// PREF: Clear everything but "Site Preferences" in "Clear Recent History" +//defaultPref("privacy.cpd.offlineApps", true); +//defaultPref("privacy.cpd.cache", true); +//defaultPref("privacy.cpd.cookies", true); +//defaultPref("privacy.cpd.downloads", true); +//defaultPref("privacy.cpd.formdata", true); +//defaultPref("privacy.cpd.history", true); +//defaultPref("privacy.cpd.sessions", true); + +// PREF: Don't remember browsing history +//defaultPref("places.history.enabled", false); + +// PREF: Disable disk cache +// http://kb.mozillazine.org/Browser.cache.disk.enable +//defaultPref("browser.cache.disk.enable", false); + +// PREF: Disable memory cache (disabled) +// http://kb.mozillazine.org/Browser.cache.memory.enable +//defaultPref("browser.cache.memory.enable", false); + +// PREF: Disable Caching of SSL Pages +// CIS Version 1.2.0 October 21st, 2011 2.5.8 +// http://kb.mozillazine.org/Browser.cache.disk_cache_ssl +//defaultPref("browser.cache.disk_cache_ssl", false); + +// PREF: Disable download history +// CIS Version 1.2.0 October 21st, 2011 2.5.5 +///defaultPref("browser.download.manager.retention", 0); + +// PREF: Disable password manager +// CIS Version 1.2.0 October 21st, 2011 2.5.2 +defaultPref("signon.rememberSignons", false); + +// PREF: Disable form autofill, don't save information entered in web page forms and the Search Bar +//defaultPref("browser.formfill.enable", false); + +// PREF: Cookies expires at the end of the session (when the browser closes) +// http://kb.mozillazine.org/Network.cookie.lifetimePolicy#2 +//defaultPref("network.cookie.lifetimePolicy", 2); + +// PREF: Require manual intervention to autofill known username/passwords sign-in forms +// http://kb.mozillazine.org/Signon.autofillForms +// https://www.torproject.org/projects/torbrowser/design/#identifier-linkability +//defaultPref("signon.autofillForms", false); + +// PREF: Disable formless login capture +// https://bugzilla.mozilla.org/show_bug.cgi?id=1166947 +//defaultPref("signon.formlessCapture.enabled", false); + +// PREF: When username/password autofill is enabled, still disable it on non-HTTPS sites +// https://hg.mozilla.org/integration/mozilla-inbound/rev/f0d146fe7317 +//defaultPref("signon.autofillForms.http", false); + +// PREF: Show in-content login form warning UI for insecure login fields +// https://hg.mozilla.org/integration/mozilla-inbound/rev/f0d146fe7317 +defaultPref("security.insecure_field_warning.contextual.enabled", true); + +// PREF: Disable the password manager for pages with autocomplete=off (disabled) +// https://bugzilla.mozilla.org/show_bug.cgi?id=956906 +// OWASP ASVS V9.1 +// Does not prevent any kind of auto-completion (see browser.formfill.enable, signon.autofillForms) +//defaultPref("signon.storeWhenAutocompleteOff", false); + +// PREF: Delete Search and Form History +// CIS Version 1.2.0 October 21st, 2011 2.5.6 +//defaultPref("browser.formfill.expire_days", 0); + +// PREF: Clear SSL Form Session Data +// http://kb.mozillazine.org/Browser.sessionstore.privacy_level#2 +// Store extra session data for unencrypted (non-HTTPS) sites only. +// CIS Version 1.2.0 October 21st, 2011 2.5.7 +// NOTE: CIS says 1, we use 2 +//defaultPref("browser.sessionstore.privacy_level", 2); + +// PREF: Delete temporary files on exit +// https://bugzilla.mozilla.org/show_bug.cgi?id=238789 +//defaultPref("browser.helperApps.deleteTempFileOnExit", true); + +// PREF: Do not create screenshots of visited pages (relates to the "new tab page" feature) +// https://support.mozilla.org/en-US/questions/973320 +// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/browser.pagethumbnails.capturing_disabled +///defaultPref("browser.pagethumbnails.capturing_disabled", true); + +// PREF: Don't fetch and permanently store favicons for Windows .URL shortcuts created by drag and drop +// NOTICE: .URL shortcut files will be created with a generic icon +// Favicons are stored as .ico files in $profile_dir\shortcutCache +//defaultPref("browser.shell.shortcutFavicons", false); + +// PREF: Disable bookmarks backups (default: 15) +// http://kb.mozillazine.org/Browser.bookmarks.max_backups +//defaultPref("browser.bookmarks.max_backups", 0); + +/******************************************************************************* + * SECTION: UI related * + *******************************************************************************/ + +// PREF: Enable insecure password warnings (login forms in non-HTTPS pages) +// https://blog.mozilla.org/tanvi/2016/01/28/no-more-passwords-over-http-please/ +// https://bugzilla.mozilla.org/show_bug.cgi?id=1319119 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1217156 +//defaultPref("security.insecure_password.ui.enabled", true); + +// PREF: Disable right-click menu manipulation via JavaScript (disabled) +//defaultPref("dom.event.contextmenu.enabled", false); + +// PREF: Disable "Are you sure you want to leave this page?" popups on page close +// https://support.mozilla.org/en-US/questions/1043508 +// Does not prevent JS leaks of the page close event. +// https://developer.mozilla.org/en-US/docs/Web/Events/beforeunload +//defaultPref("dom.disable_beforeunload", true); + +// PREF: Disable Downloading on Desktop +// CIS 2.3.2 +//defaultPref("browser.download.folderList", 2); + +// PREF: Always ask the user where to download +// https://developer.mozilla.org/en/Download_Manager_preferences (obsolete) +//defaultPref("browser.download.useDownloadDir", false); + +// PREF: Disable the "new tab page" feature and show a blank tab instead +// https://wiki.mozilla.org/Privacy/Reviews/New_Tab +// https://support.mozilla.org/en-US/kb/new-tab-page-show-hide-and-customize-top-sites#w_how-do-i-turn-the-new-tab-page-off +defaultPref("browser.newtabpage.enabled", false); +//defaultPref("browser.newtab.url", "about:blank"); + +// PREF: Disable Activity Stream +// https://wiki.mozilla.org/Firefox/Activity_Stream +///defaultPref("browser.newtabpage.activity-stream.enabled", false); + +// PREF: Disable new tab tile ads & preload +// http://www.thewindowsclub.com/disable-remove-ad-tiles-from-firefox +// http://forums.mozillazine.org/viewtopic.php?p=13876331#p13876331 +// https://wiki.mozilla.org/Tiles/Technical_Documentation#Ping +// https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-source +// https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-ping +// TODO: deprecated? not in DXR, some dead links +//defaultPref("browser.newtabpage.enhanced", false); +defaultPref("browser.newtab.preload", false); +//defaultPref("browser.newtabpage.directory.ping", ""); +//defaultPref("browser.newtabpage.directory.source", "data:text/plain,{}"); + +// PREF: Enable Auto Notification of Outdated Plugins (Firefox < 50) +// https://wiki.mozilla.org/Firefox3.6/Plugin_Update_Awareness_Security_Review +// CIS Version 1.2.0 October 21st, 2011 2.1.2 +// https://hg.mozilla.org/mozilla-central/rev/304560 +///defaultPref("plugins.update.notifyUser", true); + + +// PREF: Force Punycode for Internationalized Domain Names +// http://kb.mozillazine.org/Network.IDN_show_punycode +// https://www.xudongz.com/blog/2017/idn-phishing/ +// https://wiki.mozilla.org/IDN_Display_Algorithm +// https://en.wikipedia.org/wiki/IDN_homograph_attack +// https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/ +// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.6 +defaultPref("network.IDN_show_punycode", true); + +// PREF: Disable inline autocomplete in URL bar +// http://kb.mozillazine.org/Inline_autocomplete +//defaultPref("browser.urlbar.autoFill", false); +//defaultPref("browser.urlbar.autoFill.typed", false); + +// PREF: Disable CSS :visited selectors +// https://blog.mozilla.org/security/2010/03/31/plugging-the-css-history-leak/ +// https://dbaron.org/mozilla/visited-privacy +defaultPref("layout.css.visited_links_enabled", false); + +// PREF: Disable URL bar autocomplete and history/bookmarks suggestions dropdown +// http://kb.mozillazine.org/Disabling_autocomplete_-_Firefox#Firefox_3.5 +//defaultPref("browser.urlbar.autocomplete.enabled", false); + +// PREF: Do not check if Firefox is the default browser +lockPref("browser.shell.checkDefaultBrowser", false); + +// PREF: When password manager is enabled, lock the password storage periodically +// CIS Version 1.2.0 October 21st, 2011 2.5.3 Disable Prompting for Credential Storage +//defaultPref("security.ask_for_password", 2); + +// PREF: Lock the password storage every 1 minutes (default: 30) +//defaultPref("security.password_lifetime", 1); + +// PREF: Display a notification bar when websites offer data for offline use +// http://kb.mozillazine.org/Browser.offline-apps.notify +//defaultPref("browser.offline-apps.notify", true); + +/****************************************************************************** + * SECTION: Cryptography * + ******************************************************************************/ + +// PREF: Enable HSTS preload list (pre-set HSTS sites list provided by Mozilla) +// https://blog.mozilla.org/security/2012/11/01/preloading-hsts/ +// https://wiki.mozilla.org/Privacy/Features/HSTS_Preload_List +// https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security +//defaultPref("network.stricttransportsecurity.preloadlist", true); + +// PREF: Enable Online Certificate Status Protocol +// https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol +// https://www.imperialviolet.org/2014/04/19/revchecking.html +// https://www.maikel.pro/blog/current-state-certificate-revocation-crls-ocsp/ +// https://wiki.mozilla.org/CA:RevocationPlan +// https://wiki.mozilla.org/CA:ImprovingRevocation +// https://wiki.mozilla.org/CA:OCSP-HardFail +// https://news.netcraft.com/archives/2014/04/24/certificate-revocation-why-browsers-remain-affected-by-heartbleed.html +// https://news.netcraft.com/archives/2013/04/16/certificate-revocation-and-the-performance-of-ocsp.html +// NOTICE: OCSP leaks your IP and domains you visit to the CA when OCSP Stapling is not available on visited host +// NOTICE: OCSP is vulnerable to replay attacks when nonce is not configured on the OCSP responder +// NOTICE: OCSP adds latency (performance) +// NOTICE: Short-lived certificates are not checked for revocation (security.pki.cert_short_lifetime_in_days, default:10) +// CIS Version 1.2.0 October 21st, 2011 2.2.4 +defaultPref("security.OCSP.enabled", 0); + +// PREF: Enable OCSP Stapling support +// https://en.wikipedia.org/wiki/OCSP_stapling +// https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ +// https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx +//defaultPref("security.ssl.enable_ocsp_stapling", true); + +// PREF: Enable OCSP Must-Staple support (Firefox >= 45) +// https://blog.mozilla.org/security/2015/11/23/improving-revocation-ocsp-must-staple-and-short-lived-certificates/ +// https://www.entrust.com/ocsp-must-staple/ +// https://github.com/schomery/privacy-settings/issues/40 +// NOTICE: Firefox falls back on plain OCSP when must-staple is not configured on the host certificate +//defaultPref("security.ssl.enable_ocsp_must_staple", true); + +// PREF: Require a valid OCSP response for OCSP enabled certificates +// https://groups.google.com/forum/#!topic/mozilla.dev.security/n1G-N2-HTVA +// Disabling this will make OCSP bypassable by MitM attacks suppressing OCSP responses +// NOTICE: `security.OCSP.require` will make the connection fail when the OCSP responder is unavailable +// NOTICE: `security.OCSP.require` is known to break browsing on some [captive portals](https://en.wikipedia.org/wiki/Captive_portal) +defaultPref("security.OCSP.require", true); + +// PREF: Disable TLS Session Tickets +// https://www.blackhat.com/us-13/briefings.html#NextGen +// https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf +// https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-WP.pdf +// https://bugzilla.mozilla.org/show_bug.cgi?id=917049 +// https://bugzilla.mozilla.org/show_bug.cgi?id=967977 +///defaultPref("security.ssl.disable_session_identifiers", true); + +// PREF: Only allow TLS 1.[0-3] +// http://kb.mozillazine.org/Security.tls.version.* +// 1 = TLS 1.0 is the minimum required / maximum supported encryption protocol. (This is the current default for the maximum supported version.) +// 2 = TLS 1.1 is the minimum required / maximum supported encryption protocol. +defaultPref("security.tls.version.min", 2); +//defaultPref("security.tls.version.max", 4); + +// PREF: Disable insecure TLS version fallback +// https://bugzilla.mozilla.org/show_bug.cgi?id=1084025 +// https://github.com/pyllyukko/user.js/pull/206#issuecomment-280229645 +//defaultPref("security.tls.version.fallback-limit", 3); + +// PREF: Enfore Public Key Pinning +// https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning +// https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning +// "2. Strict. Pinning is always enforced." +defaultPref("security.cert_pinning.enforcement_level", 2); + +// PREF: Disallow SHA-1 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1302140 +// https://shattered.io/ +defaultPref("security.pki.sha1_enforcement_level", 1); + +// PREF: Warn the user when server doesn't support RFC 5746 ("safe" renegotiation) +// https://wiki.mozilla.org/Security:Renegotiation#security.ssl.treat_unsafe_negotiation_as_broken +// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555 +defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); + +// PREF: Disallow connection to servers not supporting safe renegotiation (disabled) +// https://wiki.mozilla.org/Security:Renegotiation#security.ssl.require_safe_negotiation +// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555 +// TODO: `security.ssl.require_safe_negotiation` is more secure but makes browsing next to impossible (2012-2014-... - `ssl_error_unsafe_negotiation` errors), so is left disabled +//defaultPref("security.ssl.require_safe_negotiation", true); + +// PREF: Disable automatic reporting of TLS connection errors +// https://support.mozilla.org/en-US/kb/certificate-pinning-reports +// we could also disable security.ssl.errorReporting.enabled, but I think it's +// good to leave the option to report potentially malicious sites if the user +// chooses to do so. +// you can test this at https://pinningtest.appspot.com/ +defaultPref("security.ssl.errorReporting.automatic", false); + +// PREF: Pre-populate the current URL but do not pre-fetch the certificate in the "Add Security Exception" dialog +// http://kb.mozillazine.org/Browser.ssl_override_behavior +// https://github.com/pyllyukko/user.js/issues/210 +defaultPref("browser.ssl_override_behavior", 1); + +/****************************************************************************** + * SECTION: Cipher suites * + ******************************************************************************/ + +// PREF: Disable null ciphers +///defaultPref("security.ssl3.rsa_null_sha", false); +///defaultPref("security.ssl3.rsa_null_md5", false); +///defaultPref("security.ssl3.ecdhe_rsa_null_sha", false); +///defaultPref("security.ssl3.ecdhe_ecdsa_null_sha", false); +///defaultPref("security.ssl3.ecdh_rsa_null_sha", false); +///defaultPref("security.ssl3.ecdh_ecdsa_null_sha", false); + +// PREF: Disable SEED cipher +// https://en.wikipedia.org/wiki/SEED +///defaultPref("security.ssl3.rsa_seed_sha", false); + +// PREF: Disable 40/56/128-bit ciphers +// 40-bit ciphers +///defaultPref("security.ssl3.rsa_rc4_40_md5", false); +///defaultPref("security.ssl3.rsa_rc2_40_md5", false); +// 56-bit ciphers +///defaultPref("security.ssl3.rsa_1024_rc4_56_sha", false); +// 128-bit ciphers +///defaultPref("security.ssl3.rsa_camellia_128_sha", false); +///defaultPref("security.ssl3.ecdhe_rsa_aes_128_sha", false); +///defaultPref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +///defaultPref("security.ssl3.ecdh_rsa_aes_128_sha", false); +///defaultPref("security.ssl3.ecdh_ecdsa_aes_128_sha", false); +///defaultPref("security.ssl3.dhe_rsa_camellia_128_sha", false); +///defaultPref("security.ssl3.dhe_rsa_aes_128_sha", false); + +// PREF: Disable RC4 +// https://developer.mozilla.org/en-US/Firefox/Releases/38#Security +// https://bugzilla.mozilla.org/show_bug.cgi?id=1138882 +// https://rc4.io/ +// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566 +///defaultPref("security.ssl3.ecdh_ecdsa_rc4_128_sha", false); +///defaultPref("security.ssl3.ecdh_rsa_rc4_128_sha", false); +///defaultPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); +///defaultPref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); +///defaultPref("security.ssl3.rsa_rc4_128_md5", false); +///defaultPref("security.ssl3.rsa_rc4_128_sha", false); +///defaultPref("security.tls.unrestricted_rc4_fallback", false); + +// PREF: Disable 3DES (effective key size is < 128) +// https://en.wikipedia.org/wiki/3des#Security +// http://en.citizendium.org/wiki/Meet-in-the-middle_attack +// http://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html +///defaultPref("security.ssl3.dhe_dss_des_ede3_sha", false); +///defaultPref("security.ssl3.dhe_rsa_des_ede3_sha", false); +///defaultPref("security.ssl3.ecdh_ecdsa_des_ede3_sha", false); +///defaultPref("security.ssl3.ecdh_rsa_des_ede3_sha", false); +///defaultPref("security.ssl3.ecdhe_ecdsa_des_ede3_sha", false); +///defaultPref("security.ssl3.ecdhe_rsa_des_ede3_sha", false); +defaultPref("security.ssl3.rsa_des_ede3_sha", false); +///defaultPref("security.ssl3.rsa_fips_des_ede3_sha", false); + +// PREF: Disable ciphers with ECDH (non-ephemeral) +///defaultPref("security.ssl3.ecdh_rsa_aes_256_sha", false); +///defaultPref("security.ssl3.ecdh_ecdsa_aes_256_sha", false); + +// PREF: Disable 256 bits ciphers without PFS +///defaultPref("security.ssl3.rsa_camellia_256_sha", false); + +// PREF: Enable ciphers with ECDHE and key size > 128bits +//defaultPref("security.ssl3.ecdhe_rsa_aes_256_sha", true); // 0xc014 +//defaultPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true); // 0xc00a + +// PREF: Enable GCM ciphers (TLSv1.2 only) +// https://en.wikipedia.org/wiki/Galois/Counter_Mode +//defaultPref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true); // 0xc02b +//defaultPref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true); // 0xc02f + +// PREF: Enable ChaCha20 and Poly1305 (Firefox >= 47) +// https://www.mozilla.org/en-US/firefox/47.0/releasenotes/ +// https://tools.ietf.org/html/rfc7905 +// https://bugzilla.mozilla.org/show_bug.cgi?id=917571 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1247860 +// https://cr.yp.to/chacha.html +//defaultPref("security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256", true); +//defaultPref("security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256", true); + +// PREF: Disable ciphers susceptible to the logjam attack +// https://weakdh.org/ +///defaultPref("security.ssl3.dhe_rsa_camellia_256_sha", false); +defaultPref("security.ssl3.dhe_rsa_aes_256_sha", false); + +// PREF: Disable ciphers with DSA (max 1024 bits) +///defaultPref("security.ssl3.dhe_dss_aes_128_sha", false); +///defaultPref("security.ssl3.dhe_dss_aes_256_sha", false); +///defaultPref("security.ssl3.dhe_dss_camellia_128_sha", false); +///defaultPref("security.ssl3.dhe_dss_camellia_256_sha", false); + +// PREF: Fallbacks due compatibility reasons +//defaultPref("security.ssl3.rsa_aes_256_sha", true); // 0x35 +//defaultPref("security.ssl3.rsa_aes_128_sha", true); // 0x2f + diff --git a/out/files/pgp/wowaname-current.asc b/out/files/pgp/wowaname-current.asc @@ -0,0 +1,178 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFo1m64BEADm485/EMvgcOVhau4RBzfY+4L8TqcmMq/w83fG55aZ9zFZG/2W +mDBpPEAZcDFlGZNkTKEq9omkiSzN4qcRJOyWn9hsn9CiPIZv5TWDNiswqpRJ2/YG +1toswBYxxWrwI9GUY1vxFk8brNVTepZE0BuOGyFoy9OXxjwVEjdmNj2FgkuYD+AM +fYpXtqDNHiTgdzvbuXPhftWJvRsbbN6yD8MtLHLgpeyaeKayOHO2gpSnVC6dDHqN +KFQbeV6iGh7yS335AcS3FumCy2kAbUSIEn2oslOwp/1Wei/DVxlNJnWTgMkZf1zZ +fY2xiGPc9dP44TaFqCPyO/LkdoVWMeT0wyNJXCKL9KKVZOJrgpTwHRoLbu2LZ2Jn +vduKHAegWoqp28gtZE4fM7Ql6C2huljEcsK8BgN1XJW3uxcZYz/ucYCYi8bTzlgd +frgP2nMuOI2zcn17qxQll0wmbmLM5LisN3xvau03MyOd/kC9qsV5E3CVXJHlcl9C +cIFfHy9Plx3CYSr2O7PC8/nR37Y3dijK0Uenn7MNTfydOXyFPklRDf//5jPxfOny +4S4AfP8goX6FYIxpli2xV6Zv9tgOlc2OvM0AfV8MvaYE7p04wKWXiAvzsQW8jny9 +f/0KZw49UvhlpqKy8ZVMgQ/oX/jUnrEyFsCm6Med84QNAq248D8AgcV8KQARAQAB +tDJvcGFsIGhhcnQgKGh0dHBzOi8vd293YW5hLm1lL3BncCkgPG9wYWxAd293YW5h +Lm1lPokCVwQTAQgAQQIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAIZARYhBHxt +jJbeHsOgiuO1pEHOJ3xyGoieBQJbSkl/BQkCAfvRAAoJEEHOJ3xyGoien3cQAJir +phtL7cBTNWqXZmDuEtv9ul0T8YSWE6MiiriiksIQt6RMoIKxdPotNlBDEWGA2FGL +ByLyYxdb3oKHDzpcdkSYp8K6ahDrc0/wQcLLGzWBHPWLeZtBh+t6j8pEC2JRSDCl +7GVLzUYk/oy5hOuRpmR9beyoAF6lDQw/mDMzHac41rkMOVpInqTnQDb7IVVtiL8c +yT/4j+AeUhWpGybY2GljoOK9jEXzk8UUxI8q0Gpa9v2WuQ09tcJP+dYDnyNO7Ez+ +PX5BUZO6azWblOfWRkVz7+FAjK27FxlmZv+IU0Vd/9KZPOsvTceAA6n+7anUG9Da +2FzcM1AX+rRMNv337PrK8WZYLDako3Pp0ExpkYwkVzYQZ39MXPCfL5ALjlf4hc72 +IzDJOibDg/NnPV51zy97eZgyS50a4ModNAfdv1W6xhcA/5kCz0DNMvNoIXXwE0HT +I2glZ9fyPTBt3EBkoeSf50a/nm1fFhHQsFB6LCWT80ATiTGme/woAo6EAZ/Pob4r +pIL0TGNYk70pJld0UgY+aqV92dtXAEzP9obAmDAGpGnxma682vyi++8+11KmA5mu +4XY4qr3tUVs4htAUoJA9cHZZQjojs+HU8lnUnalC4o4zFLtZtWLSpCLRuKhd3j+H +EeqLLdcBo/yskUNX6R33tMYTx5d3S5UIq1BBDL6wiQIzBBABCAAdFiEEfxtRz8Iy +3J+5ld/k5WHJhlGVh1kFAlo2BfUACgkQ5WHJhlGVh1nSIg/9HyH0I44eeuqmbE+P +BdyHExcriSkm0sPsirvu3K1wIjfW7hMFqe/yypB+7U9Er2unj5vAq4YNjTtRRlNG +xZ1fkDVz3E8r4dXlXbYwbmZGlomRWVKAVIZCays3KPpbzvyCsJoGpuQlGYh/M/9g +ZHmnS7FGz+ze3+gQ5sabkKMDr7WL/wVKXANlPwMZUqNxQ1XSZl0UorHIlILLagr/ +VTUQXw2IZQNnqZmVZNK+GIdG1vjuu6Ibh+a0IpVluesKqTVwZyHUuWV4E6kQcoSs +3tHJFWgWlzj5ZXnPNgWMPljs3SnioYuWVYtMavTgFXGWmvDoKDWNWE5bLEqZldDk +yVqkAoSgpfThjexN5dJpRhUPn7pBGFf4FW3Oupd/2wdqdAxA+mrj6aujK/tSzSPS +mMzhsGtYTQZEzgQfpflRWnyr7SCARovvySEYDvYITkMQXv8p+HY03mPTaox9UG2C +wXk3x9fxpvPvC/FrpVu0xAPaxthsvUAbWSHibsCIRt+GnjeqU8MI7FCuhtcg1AIq +xwebXIxK4E7v0qSCeBLVZD1YNdqaVVfYvHflUHni17gqtOlpXq1JLU3FoY/AdpPh +oFospf1eI0bQ6UanYq8b7Ioq9FI08fu6yEalhNbYMGE3YvWy+i/YVW+LlF3tLgPA +KPoKa0ArLB4fELwARAufwd4HkbW0Nm9wYWwgaGFydCAoVm9sYXRpbGUpIDx3b3dh +bmFtZUB2b2xhN2lsZWlheDR1ZW93Lm9uaW9uPokCVAQTAQgAPgIbAwULCQgHAgYV +CAkKCwIEFgIDAQIeAQIXgBYhBHxtjJbeHsOgiuO1pEHOJ3xyGoieBQJbSkmIBQkC +AfvRAAoJEEHOJ3xyGoiejSwQANBsSEfwE5MT2eJqD7cZmZDDP99csVg+XUwUHj6J +LI0XHEazjzN2L5o44+DmqK6brZMwHYzfrqeCUdXdo7eVvJEgewGy71JLl/4zdduF +N7eHD+GDzJHO11cAls0Elu3zxMDkB36fuor7PVPWYStIu/S5iiysc/nRBZrxaH0I +sUBheTczalJBICNqco+0TjyJt67wnWmnDKiR1YgIYoP/OnxvkRCcLxaGlsNCouGm +Hfn+X053XIJUJRtA8ck4q9L1IkO2zvAKA+2Joske8JNUXI0RWur5yE2AtotA27H/ +MO5CFd96u62K7NTRYDN39sufCLgUpmT1ZFoGBZfYNWFhOdFiP1QIQkXSvhCKb0SC +1KeiQbrZJAe5oh9naMNbji3c8OW6snfv+PAMy91VQudNCbWN5VmHuCDCutQjulBc +wNWEGNpw0d5mFedf0Iv0lIvr+wq9aGfStNxaTR/CMhjn9z52r7JxW/LIzsirpISb +ntl5cMmAC+1ZAUPNfaFjI4oAYRSXlp+yE78H5TUeRbLiz46P5/uvh3onlw3gw8Ke +L8lYtaTnFWcdWUUHkCZA580hCsHPTwoah5iCC4rCfDgLT89ByJ3ppt/FoTXx8yaF +OCf0+TkU7nD+VjERKmPGYUBM4mS5I016RkAyXuScwmauiBM4G/5irpITTv3jFuRs +wAEEiQIzBBABCAAdFiEEfxtRz8Iy3J+5ld/k5WHJhlGVh1kFAlo2BfwACgkQ5WHJ +hlGVh1l2OQ/+OyJkOQpEhtDWMHuybt685V4XJZau7lwGE84c3FzTEeCNT5kGMPGL +/7IFtuwQMhXlJtG6rn9ojexO2IIfyksmGJUWX5GIZhYVQJ5u+r3uCZ7JY7xlBpsE +iKyATb/aLrFxrd29EH2Yr72NfOfTpe9NsvijG6BjZWj5WJ/15WCwulQrW0OcyK7x +RyLeqikS/NkIb5uxLDIpA0DRiOt2NG39R9mwnjP3mtOj7aevDXsVwZcZoZDcVxFD +kcz9f9bCm8DXIVOj6zM8eq5Yu107G2NxteSSgYzNi4qdrjj97Mi+/Si9SXWvhXz/ +U9unU0i3mzJqbaljlBQShp/SR1arB4NY9cDzdnjyHY354pX1zrUHdUjXtNQQ/iiJ +1Bg2xCbm7ES7Ds0FmtZuygAvTNtOo6sGKIkITyUuy1DvGzjiVFPkFJizkopX3RAc +QcxUoRfwl0QEsLoVo4Pzyg938Qaa/jQZEErRt/AO1XWb0iggV2GzUN2mD9FhhNe2 +z+W11QuBXxIgZLnj9B1ktx7XrE2pcsSZbYzzWNIX/tymxHnHDRU3zncre/0AO7eJ +hGWzsQdW1dp0ySGfuELYr+h+Qh24FGQFJp0Lfeyxr/vz4qUaNdWwmeVIWIQse6Wz +YXRDkaQ+rX/NcyubpCW3yL0WpzLZMC1UKRQcP2Yo0+0gW0ccKrNSRtG0K29wYWwg +aGFydCAoVm9sYXRpbGUpIDx3b3dhbmFtZUB2b2xhdGlsZS5iej6JAlQEEwEIAD4C +GwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AWIQR8bYyW3h7DoIrjtaRBzid8chqI +ngUCW0pJiAUJAgH70QAKCRBBzid8chqInlKSEACUqx2pL9Pt9WJQO4uPUbSwsCKH +ic/2kKyl+2vmR+j/MDwLUcxC3YiFCQiu8a6f4US7olcoglc+Jd9gLMd9M2e9iB4b +oRofWFaaJUs42CHC/bWwXW41EeC+25NhlR2hRSYqEHTqqpguatMyy2WjlzFoozt3 +XodwfUeUf/Nfx4wzzz1P7A7EXadiNSoR4fWOLHyaBNXBKQyhRFCPEL3zDJHUauiZ +olUmZLurtrCE45s0UU2l5XsnpD7pc6VVZNqZ9UT+W4aGIbHE8jNIUNbio7d8Yzoj +9PkZ50M2pevHMpF39I2rcvYQ8EEAvJRHloVJQc68ZyF1UZFk5wCQzYcHvsSqLKya +AF8SRdGFKw3jpkzZSIyxi98Fd9NqU+bLfG5fC6TB6FzGDug2gDH97j9H+v+0/snq +3oX8uIrVLsAmMVnkQMsxopoOsttfkmNW8P/CWNPgF20O8i5tMNV4TgTqwJXbK1qs +gLuTf1/ztWMzp4hbms4v4RMpiTNlM52rcpsllFZozpgapQT920Ztd4xz+6oKnvIK +hIGMh27fkwj6AgyxbLA393ab7PBUhNII7U8ZbFL/JNs110bIyB6WbLFrXdxSPdmj +UUICOa/sbZs4cSJ7X38h6qy5Vqjk/xzVvYNG+mbUXOyMqdUH+7lPjo5PbcMWSgTc +FXQTyz/cdo07DbS/cYkCMwQQAQgAHRYhBH8bUc/CMtyfuZXf5OVhyYZRlYdZBQJa +NgX8AAoJEOVhyYZRlYdZyIcP/3B898dzB0AyeMgIAtn0JuVVPUZiuKcbjxdybAyA +IVGdpLaS0rPhP53qwD4xU2FdRr3M5VWNlbwZ0PRc6nVIov0QdLqEYyR6Q9TLq8vY +20yJhjl3w4EP6M+qe/4BXMKED7oUo3sVZgyL+/lLUcMafpgxKne97l2kEMdRu3Pe +rfOQd5MvKkH2uHRULYeWuu6o1j0fZVbMI4lQrb3MrVJhCHKrujdeDPQoT8WJlMUO +dliaRCSdFqJjqTBmoG/rTRuVD93q1/Zk7PCBfgoc8jEQiy7G3zqMPwP6U80/ANCZ +6qMU46QmQ2VnQXXDcLea1INKgUtFfEjGNo1h0Fypid1ea3ZsYinwV2RmqlHlHcy/ +i2qonfmhxwJu3NpljTKVftULFPHlqCqNuHr+RyMIH7nbAsmG8xRaJmn0QnCMDlsL +uHrtoa1l0eG2qBFicMr2ptKYPBUBW0/GrcWh/Z4SZPscUw/mHyq0BusNVZgCYbZi +mUS7UKosj7VzhioSgOzwXzZ+98Hi3YNPSTqL6mhpLT63N5JEWaTzVtLbPRVtPpHo +KcoZbQaOENz8ARplLqyUS2wvxwc5WkwEHGc7ChfRkhLSYHZvmYTsK0MfKzNC0VBK +lU3aKYf2hkRUJcSECd7xqRECW2k4mRnbNg7hYxy6mxQ6H3pHsFSOnefp0BM5GczG +MA0guDgEWjYVIBIKKwYBBAGXVQEFAQEHQLoK0i/mCXkaKQqRlmE8bdDBjOoH9Cg3 +FBs50SgJdE84AwEIB4kCPAQYAQgAJgIbDBYhBHxtjJbeHsOgiuO1pEHOJ3xyGoie +BQJbSkyrBQkCAYWLAAoJEEHOJ3xyGoie2gAQANhxWWdjO1rvpj5d2Db9fk4sQ0B3 +Aw+6coyxY+800f1uZ6uhxMUyZY/oOmSf+KF7NnACiVLCZeYC+s6elud1+e5Lzg2H +pbquRQyc7VS36KHNL6yUeJa0stYK5qhDeex22vAu4Z1k4BSY3slSaBbhrEeiwLTw +FXae5ecvsCUQpspAT2wWegT559n9X/hfKKV0nFEt3ET7+lJwpbgc+2NKhDykt+CL +ioB/YGSkydJz2MbRBmGgyuVIJ2Nq9qOYQEH4CN/Wqr8mhqExa6eQjGYyJjoxtRmh +CkX+J/oIwg/5Eb3wFxjNIgrGHOz6VQrRC8QwLlUdqQQoBmLxlR5gFt4LvzmLFebr +1tmPY0eMJNVz9xAtadHYPtIRPpVkQb7JOx59IMPm97BtYU1XisiWyeEBvlDljNM/ +P0anctMiDAZgVlqFqYKISa0M5YDD0TiE23XWYz3JcVCPMa770GGz9aiCqRyD95yN +4KawsUeCwKgUZTohk5Js9HyRzIgwzTD2dA06BK9GpsXfgozAtJ7bgacbmHfv4o0D +QU2n/PIbYOr3gJItPtdWgRk00kHDgwjtue2ISAEnCuOY7XJK16oXWj6eeqOdGRbi +NQPwKhIg9mLf13RCdzKXEJGpRD9gMp0mDSuG3DMAQyGrlUY6MUvzF8TrPYnEgZk8 +SXN4EwZ3uiDV3d0DuQINBFo1m64BEACtZMy+puLppnn5W9R4gJPuzIHrTMkkeeYt +9Tz6je7oAK9Y5DpVlgRKRzS9r44eP7/Q3nvGl8FU6T+AbeFa6BPD62ayiDD0iJdF +Vy1G7P2NdFGzpDKnX8uwxJcxI4r0qh7/A1zBbBRfsxjEWhU+UPrGMVDombiPzDqw +wPV7Lg38TMiDW97na43yVR2XJp+Qv8i94LrGZuIIVMwrqJyJFpbMsR97/v6/k7mY +X1/YTh3jibMpCEaNVDGTX7yTEIHu+0Q/R16b+7m/t7wvmWKXZ8uVrygnMyymsOGQ +2lgBE3Bc1KNiuCfV3xcha0e/nDHdzRWGlPAB93wElLmAWoAzBVpeDml/lkazOfy5 +O0OR0TZbsffdGfTW6JG4iWfQI7/0bZFZUM9rROp/Iyc8KAPIEAPvO7NsZNVBOOB9 +UHEpd0w19GE1mhMUiGO9GM1Xtcsefu4ELxFW9Fr0ABcKIrUmGT/u9EEbwPeW0ziM +mDoyBxq1X/u+r+GXMvhw3wROwSy64wnJmxl6/jDebLRmsdySP6ndS6jnvG2SQogG +oACv1JBiljyOEAbdktDdd1VG5MrodPo43Qo+6dDXYQYbYtb3h52buWCvG6SnAlwb +3a1tCxQHt5wrJKNf3LlOwd8wNQ2/OA/RIbinZ7LReosevF+/88C9bqON4MXk5HlR +EA4sHIZREQARAQABiQI8BBgBCAAmAhsMFiEEfG2Mlt4ew6CK47WkQc4nfHIaiJ4F +AltKSc4FCQIB/CAACgkQQc4nfHIaiJ5LVhAApoF8i1wTpIZHl/IdsBvW1Avx/l1/ +tZrB+JjRpbYPx1OefiElB2fxXAy64gFdpEOgytcL2QX8mHueQbNYijvkbTjU5HhG +2nh/50aOcxL3ptkXjYrHVcYdOsjz/K4MvwGdDA3qatiH245aSo9nL6dCVM8QY6H8 +4WqhXLI7ITFFgkkwWF72d7BYArvxxSu5dAW9j6wR7E1E2V4ZA0fhk8mLGw0/pGKb +jueOJ3yXajJ4sc03Uli4f9wxmSQJGIcHUj9NSW3/IRMltX1pyJ76BUFzh5iumDNZ +uGrmBqVgCTxRB/7BFsTDkzvQa9AX+PqeysC467gPyqtujPXMuWc+x9j4dZh1A86n +ZKKBYgFY1wEE4TJG/c6QlAUppU7n/XHyDGkHqSC5tF4YGBZO+kklFn5jYIrlDCKA +cLSsLQAwXG06Ef1o3VUMGcOICrJgBV+oZpCwGSRBnS1l7IEgFeTdvGy3N3ZQ1SyT +p63dq0GEEcuOBo0rk8sNNb9LMaY7Yow+cxZkWjuB2qmIvNi49zXro20Jzm7MlJvn +NAOvzp9SXV6f9Mdu7mERW2bVX45N17uZby7q8z15yXwX3XB2ya/0pOlX3EUfFfx9 +MSvnFdAyDC10SAstBfplvdg0JwHldZXv+ODRVL3lWGuzRfo+AINJZ/ubSrDRcHmj +cYhVe1UFHgnisQi4MwRaNfu7FgkrBgEEAdpHDwEBB0D0qDrid0sw7q/x/62uMO+1 +8OEuVF2G2S5XLci6xopvqYkCswQYAQgAJgIbAhYhBHxtjJbeHsOgiuO1pEHOJ3xy +GoieBQJbSknOBQkCAZwTAIF2IAQZFggAHRYhBNNprfADv62prFJ9QDDOfWbeaUkQ +BQJaNfu7AAoJEDDOfWbeaUkQ6ycA/i0sEZRBgF3FBN0vWh6H65hljArvqHegLNOX +zGkynXmuAPwMZERiJf6HiiTS5cdgO5lK2uDalDzHys2zJr/ehIopDgkQQc4nfHIa +iJ5vmA//aH88uhFORqPCplqPtYPq4aEQaWu/FCO1RiZgyBh1qJ5d7saXpv9zTAi5 +1zN4w43sC/XzGwnDc6BUn3eHIDWkPI4HFqp8LOPPy6Wjuwk2Qh8oJpYrq8SoOqe4 +421JcM/MadeyLaNQIhijjq6M2qvCCK1zDxrpwjA7ey1NDOjRup6eDqwKjOUMUL1E +MBkcwv065Civ62LvaATBIcT0vfMGfGYXPjn3Er7NIwv24SM3wmyH2/mIW4Al107F +fAaimVLPyPqZlBK4mIDwMkPg/aFsU2bvfkM5WaZ1Quk4yAIOg7ZFpQXq0Zw6lQkK +dmfQdbNX6EmrzFeQIK7D988mq4w+q6scBpORRFYWS2u3OJqSVNWhj3TZ0BpkGsdV +PPL19gY6PfBDhjUzdJnhZ44ydBjfcddL1af7Ueu8zRYSUf6brLTrbrIifsk0pUDr +9MYsPApTQHvAPBrBOazw8ws7pwIFibJaBWQmd8uLRaoeBYzgQUtsPrQp6rGgxXeI +hr7iAf0prKzjNHT+1idjA/5YBNcyynNs6BEyJ3cbaS+INFQgqrYhdhBTHneaGlHP +wf95NHeBFnwXsp4twOeLf5HCLzkLVERQNrqh8Dm3QLiqyFthG/GY1KUgJHLQHOdh +PjiEDFZ0aBDVgOs5f9evTV71btPyMHiazqGiVz9K8POrVxs1nfG5Ag0EWjXn3AEQ +AM1ggF82nFDR0SRU/3jJyJotaLJsWe9KIbYtceK3BmzlhSZoBwUzCN9VP2DMCG5g ++nASiwHLzXdA5bnaFvTAeL/5u1JBxCKNZTx4QDpTvPw4UPj2eTjjJ4bQV5RJf4zj +J24//XnfesjmoPphlIWBl2scXGAmJhLEN1TgDCB8wb5dv7IEawgbQI00/Hxc82bu +8sN5S4uAWAaM8VCcJJ2ThyFwI7gvXTL2slhahEC4glm6GthZywDdPh9HkR3+/Fem +bKVXkcrvShFyn6tSp49NpbFD69poPKOaeaeSA38NhTEMiM7bg3WxuyHfXZghJEuq +TRm9DxvorkRnJnHj0YchnbaUyRT9lpMJcdppYWACE1IZ7uS6fDWekqXyd6kkKh8C +E/vS46Z1cjqAcdhiEdlI/YYaCfwkxpxL3B8INYP9ALunp58ZNq6m7+mX6PrCDVah +Z6FbyrGoq1KRTiBdaFN3h5R+aUIlBZDglLZ4qJ0xUvAoT9cJHdI/L1+B9i9fhJHt +LnY+PQeiNAY9PilkS988YbwuWGzNLTKgs4U5dgz7i5jZP9c2Oooxnrki+9bScPQS +baj0XnIXByITSKBrro3IfM1qiA4PNgiLDJxsBqsNiVeRlj3yt2apgCO6cwPl7atH +6Xx//cJjnciSUgXwrNm7sPED27XDd0H8Ch5lTXWCyG5TABEBAAGJBHIEGAEIACYC +GwIWIQR8bYyW3h7DoIrjtaRBzid8chqIngUCW0pJrwUJAgGv0wJAwXQgBBkBCAAd +FiEE/fYKlEn7DgXQ2PnGmjS1B8nEGWcFAlo159wACgkQmjS1B8nEGWe3aRAAxY7L +9ehBX+1Nw90+ZEpFBfacGp0c07Y3qdOpWQZhMF5pBY36T5inyGO6o25MFiAwf68z +a8D23GzKhCiRCrztkLnxzhXcX7zZ4/TQFWDeJie9b/WKBpHPm8NUVz+lWZtYNoE5 +xxMRwlP5JJXdU01U2GcajpHga+c0zyhsJ3XsGD7NycSppRL6pK5t6LUSHCcAYIHS +9gGBceVmj6j8WiB3ibRTAb9Ip5VMmoJBGTul9vPakZzNvz6nA9cZj5nODnEckaa6 +eLa1xPEg5Q1EXdX3u8PZksJLoIEWwEGkJOP9Aw99nXRJ+9bZw0Y5YpjVjML+Ire0 +tEa1SjCOOnoZFl+g6Qki+hbbOeSLXdpFxTeqPRrSVJv4qx4iQIOzrebfwrC10w5W +h1nsWff1C1yuQ2Xq4cRs4oUv8zkuHtF+0vgx/QaXKAKjxYaPz2dObZ8iGahkg6h/ +KUIZ8XiVIwJBU+bjePXKmn78GXwtCP4ob0f60g/oPpr2as0XhIYLZSnVboKEm0PH +DSqtuOxFsXbLrlnvm4o8u6DSxqAl8olyM6rU8K1P3ienA03BIGmRdDtuKnbKujU/ +lV2u/hpDK54KZF2Xqn3ZJpfMrAu2W7tloDwvffQX/lu4v9h5HFytwkPJkGMzxuGA +El4h5kEmOMssNoy0rW3NSiH79rXX7zwShQ0wowkJEEHOJ3xyGoieN68P/iP3kWEa +b3QMFM9K5KCKkF+tjMf/eeiAPuU+KeI+gtGj50qjwlkFNupTucQyzC8ee25z9Tnw +Gt5lgd1c00Us0K1Hu0rF3iJRj85gaDTohgW8LHLJ6QkJ9RC1xe9u4vTHd3N8o9l5 +8RBameweyVZJ7jbs6xGJO9VD4723df296pK4WshvXwt3EJN3TWBXbB0ijU0LZRGK +tbSjBqGpb9MFVes+ugMPNMoqQvKFoxzo6C+3eZja7RJokp/Tsc6eLjOQqCYI/ARV +z2USN4j3dfjhqF6Ej3rWIkiAHHem1EkVlbmh79g9LXSRvcsDIheKHbdnwI3y+M1t +DBN9h7RsNNsged1knno19U5DkCKqKJbxQQwvJE55Acng4y5KEQhNAJufAwWg7QRz +g74ND3kWP3ot9gVmyPy/fw3s+7XQwm2bxTwO+lPqwKDhOYf0ECVo54xxuNZa6k73 +sgMQHQpJxUzn/AY9lUpl8x7SiDfJC6L9yNjDcRDmn68eINeHHIFOJigy6+z3mb6y +5I3U54u4SoOZ9lBhSjEIqZyLs0Wo8lj1kq1nnUQeS20ckpCNPsFYoyCEf73p0E/0 +uOKZB7jbIo5zvfBgTFpo1Bfyx/GistgH3gHptE+N3V9PfERQ3NUew4lfkRseS/xI +rM4kaRByZrUrSLFpNzh5v8v4zpMZxqBrDUdu +=YtSu +-----END PGP PUBLIC KEY BLOCK----- diff --git a/out/pgp/0x41CE277C721A889E.asc b/out/pgp/0x41CE277C721A889E.asc @@ -0,0 +1,305 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFo1m64BEADm485/EMvgcOVhau4RBzfY+4L8TqcmMq/w83fG55aZ9zFZG/2W +mDBpPEAZcDFlGZNkTKEq9omkiSzN4qcRJOyWn9hsn9CiPIZv5TWDNiswqpRJ2/YG +1toswBYxxWrwI9GUY1vxFk8brNVTepZE0BuOGyFoy9OXxjwVEjdmNj2FgkuYD+AM +fYpXtqDNHiTgdzvbuXPhftWJvRsbbN6yD8MtLHLgpeyaeKayOHO2gpSnVC6dDHqN +KFQbeV6iGh7yS335AcS3FumCy2kAbUSIEn2oslOwp/1Wei/DVxlNJnWTgMkZf1zZ +fY2xiGPc9dP44TaFqCPyO/LkdoVWMeT0wyNJXCKL9KKVZOJrgpTwHRoLbu2LZ2Jn +vduKHAegWoqp28gtZE4fM7Ql6C2huljEcsK8BgN1XJW3uxcZYz/ucYCYi8bTzlgd +frgP2nMuOI2zcn17qxQll0wmbmLM5LisN3xvau03MyOd/kC9qsV5E3CVXJHlcl9C +cIFfHy9Plx3CYSr2O7PC8/nR37Y3dijK0Uenn7MNTfydOXyFPklRDf//5jPxfOny +4S4AfP8goX6FYIxpli2xV6Zv9tgOlc2OvM0AfV8MvaYE7p04wKWXiAvzsQW8jny9 +f/0KZw49UvhlpqKy8ZVMgQ/oX/jUnrEyFsCm6Med84QNAq248D8AgcV8KQARAQAB +iQMhBCABCAELFiEEfG2Mlt4ew6CK47WkQc4nfHIaiJ4FAlvPhezALB0BUGxlYXNl +IHJlZmVyIHRvIDxodHRwczovL3dvd2FuYS5tZS9wZ3A+IGZvciB1cGRhdGVkIGtl +eS4KSSBhbSBub3cgc29sZWx5IHVzaW5nIEVDQyBrZXlzLCB3aGljaCByZXF1aXJl +cyBHbnVQRyAyLjAgb3IgbGF0ZXIsCm9yIGFub3RoZXIgc29mdHdhcmUgdGhhdCBh +Y2NlcHRzIEVDQyBrZXlzLiBUaGlzIHJlc3VsdHMgaW4gc21hbGxlcgprZXlzaXpl +IGFuZCBmYXN0ZXIgY3J5cHRvZ3JhcGh5IG9wZXJhdGlvbnMuAAoJEEHOJ3xyGoie +07YP/j4WEtmi8nnu4zCCuUOD99txTZwcHcudvadPLkRKI+BxwXm4O4wgmwJbNNwu +l2vM4vBRI9r58WL73qjiM85uzwkXmRHcVrVrsPq7ibpk4IGPZ1ez9QAaYICexfCi +BdER0swa1RdRDIBQFpNAhcTMPhnpBOzIDo2FHDmzzdowg94WhoGA6vm6m57wcLjv +eSx0N+ig72ago47RwMBP+zZvwsarYbAg1vcWOBGlyMdiW7QGZhDg40cjDeWYMYq/ +Jid19w2MjufT29z8zS5qLsaw7lzXqE/qwuRChEzEazElL8xRKdWjfoW5PmvQXxNA +L0c6QmTSi3R1P7TB3lhMv+vxwoVVLV0AbO4fG6zKPTZDtgZtkpbC4fXGE/Ifb5YE +Uoy0fX+OVhWxiHK7qdgZI04hs9gieL23HX9iTG/g0+4b1+6f3H7g5WOvISeECgni +gsXsvXeShgUY71JDKGl79Nr3bNkLIe802oXwStoZS7L0kxEhYaGVBO4+7F6z/5H5 +2x+EpcZAPgPqYNK0qVTnkE+s0Jh3eXy4nuLWK20bPmk1B+b24RtHzpASZSvIVlNR +tUV9CGABbQzmRW4R9k7P3UlSct2yWm3nHOETyVlq5L901Uct1I0Ur+uGd9y9cv91 +vHiJc5rVzEEeqyil3eBJeK5xE+IQT0eRdtrXAT5EeAm+NFLWtDJvcGFsIGhhcnQg +KGh0dHBzOi8vd293YW5hLm1lL3BncCkgPG9wYWxAd293YW5hLm1lPokCVwQTAQgA +QQIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAIZARYhBHxtjJbeHsOgiuO1pEHO +J3xyGoieBQJbSkl/BQkCAfvRAAoJEEHOJ3xyGoien3cQAJirphtL7cBTNWqXZmDu +Etv9ul0T8YSWE6MiiriiksIQt6RMoIKxdPotNlBDEWGA2FGLByLyYxdb3oKHDzpc +dkSYp8K6ahDrc0/wQcLLGzWBHPWLeZtBh+t6j8pEC2JRSDCl7GVLzUYk/oy5hOuR +pmR9beyoAF6lDQw/mDMzHac41rkMOVpInqTnQDb7IVVtiL8cyT/4j+AeUhWpGybY +2GljoOK9jEXzk8UUxI8q0Gpa9v2WuQ09tcJP+dYDnyNO7Ez+PX5BUZO6azWblOfW +RkVz7+FAjK27FxlmZv+IU0Vd/9KZPOsvTceAA6n+7anUG9Da2FzcM1AX+rRMNv33 +7PrK8WZYLDako3Pp0ExpkYwkVzYQZ39MXPCfL5ALjlf4hc72IzDJOibDg/NnPV51 +zy97eZgyS50a4ModNAfdv1W6xhcA/5kCz0DNMvNoIXXwE0HTI2glZ9fyPTBt3EBk +oeSf50a/nm1fFhHQsFB6LCWT80ATiTGme/woAo6EAZ/Pob4rpIL0TGNYk70pJld0 +UgY+aqV92dtXAEzP9obAmDAGpGnxma682vyi++8+11KmA5mu4XY4qr3tUVs4htAU +oJA9cHZZQjojs+HU8lnUnalC4o4zFLtZtWLSpCLRuKhd3j+HEeqLLdcBo/yskUNX +6R33tMYTx5d3S5UIq1BBDL6wiQIzBBABCAAdFiEEfxtRz8Iy3J+5ld/k5WHJhlGV +h1kFAlo2BfUACgkQ5WHJhlGVh1nSIg/9HyH0I44eeuqmbE+PBdyHExcriSkm0sPs +irvu3K1wIjfW7hMFqe/yypB+7U9Er2unj5vAq4YNjTtRRlNGxZ1fkDVz3E8r4dXl +XbYwbmZGlomRWVKAVIZCays3KPpbzvyCsJoGpuQlGYh/M/9gZHmnS7FGz+ze3+gQ +5sabkKMDr7WL/wVKXANlPwMZUqNxQ1XSZl0UorHIlILLagr/VTUQXw2IZQNnqZmV +ZNK+GIdG1vjuu6Ibh+a0IpVluesKqTVwZyHUuWV4E6kQcoSs3tHJFWgWlzj5ZXnP +NgWMPljs3SnioYuWVYtMavTgFXGWmvDoKDWNWE5bLEqZldDkyVqkAoSgpfThjexN +5dJpRhUPn7pBGFf4FW3Oupd/2wdqdAxA+mrj6aujK/tSzSPSmMzhsGtYTQZEzgQf +pflRWnyr7SCARovvySEYDvYITkMQXv8p+HY03mPTaox9UG2CwXk3x9fxpvPvC/Fr +pVu0xAPaxthsvUAbWSHibsCIRt+GnjeqU8MI7FCuhtcg1AIqxwebXIxK4E7v0qSC +eBLVZD1YNdqaVVfYvHflUHni17gqtOlpXq1JLU3FoY/AdpPhoFospf1eI0bQ6Uan +Yq8b7Ioq9FI08fu6yEalhNbYMGE3YvWy+i/YVW+LlF3tLgPAKPoKa0ArLB4fELwA +RAufwd4HkbWJAlEEEwEIADsCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AWIQR8 +bYyW3h7DoIrjtaRBzid8chqIngUCWjYE9QIZAQAKCRBBzid8chqInvUtEACEOG/p +itXV/aph1W4uwfYeWSEzLcQaIj2OQ1sMAfssKD6SLixpJTP4lnjhqw86+r4c8DNr +Z5jRw1q26UAFuimigbDKYw77PQp+Gq2e0M0dO3EuS7SI0Bgq5c5sWuzjUrqk/ZB7 +aDo2o8cL2xnR6zruoZ+cMnWh7zOdbeqq5isSDX4rrmGb8QyuegypzBpmA3sJCdBl +6/h5tClj0DzSrJXI0n6jsMjgvUH5rmOTIwua+i85QVcvknMN2vKbblBzKoV3nU+v +kIcS+qQpZCZBHJ1yx1CWptTp5nvxfqo/ESsNayuiXQRXlk3FWMsgWojX/yP77bls +IbKW6kU53XAvh91PekT8ORLsyyI+O+2aye6Q7vYbh/oJokdTQKwGsct/cOUF5gQW +uOvBh8xvMra7VXGOZnfi8qdsYDnuQgzaIHnuKLZdVbwIaHfqRWa/Zn5jDvJINn64 +5oksNTyZ/bGjoyeHK2XxxvcbO3TGs6ZJ6cKT2UWpjfFHcalr/G57QFxRsRyE4AbK +iMGFoBngH60Frqbvd668ebwe2aPDpSvvcuYmZrs9YIFGtH5dMMRZgb7HBBeqtMxN +CKl5XrmYz4TLJ1cVPgdq+X0DjGaCKhYVZ+a/qjMvyHMI/s80MRNgelx2l49owN1q +6mLQIWOdi7tkVbdV3ZVxJygUcKNNQ2uLutNl5rQ2b3BhbCBoYXJ0IChWb2xhdGls +ZSkgPHdvd2FuYW1lQHZvbGE3aWxlaWF4NHVlb3cub25pb24+iQJUBBMBCAA+AhsD +BQsJCAcCBhUICQoLAgQWAgMBAh4BAheAFiEEfG2Mlt4ew6CK47WkQc4nfHIaiJ4F +AltKSYgFCQIB+9EACgkQQc4nfHIaiJ6NLBAA0GxIR/ATkxPZ4moPtxmZkMM/31yx +WD5dTBQePoksjRccRrOPM3Yvmjjj4OaorputkzAdjN+up4JR1d2jt5W8kSB7AbLv +UkuX/jN124U3t4cP4YPMkc7XVwCWzQSW7fPEwOQHfp+6ivs9U9ZhK0i79LmKLKxz ++dEFmvFofQixQGF5NzNqUkEgI2pyj7ROPIm3rvCdaacMqJHViAhig/86fG+REJwv +FoaWw0Ki4aYd+f5fTndcglQlG0DxyTir0vUiQ7bO8AoD7YmiyR7wk1RcjRFa6vnI +TYC2i0Dbsf8w7kIV33q7rYrs1NFgM3f2y58IuBSmZPVkWgYFl9g1YWE50WI/VAhC +RdK+EIpvRILUp6JButkkB7miH2dow1uOLdzw5bqyd+/48AzL3VVC500JtY3lWYe4 +IMK61CO6UFzA1YQY2nDR3mYV51/Qi/SUi+v7Cr1oZ9K03FpNH8IyGOf3PnavsnFb +8sjOyKukhJue2XlwyYAL7VkBQ819oWMjigBhFJeWn7ITvwflNR5FsuLPjo/n+6+H +eieXDeDDwp4vyVi1pOcVZx1ZRQeQJkDnzSEKwc9PChqHmIILisJ8OAtPz0HInemm +38WhNfHzJoU4J/T5ORTucP5WMREqY8ZhQEziZLkjTXpGQDJe5JzCZq6IEzgb/mKu +khNO/eMW5GzAAQSJAjMEEAEIAB0WIQR/G1HPwjLcn7mV3+TlYcmGUZWHWQUCWjYF +/AAKCRDlYcmGUZWHWXY5D/47ImQ5CkSG0NYwe7Ju3rzlXhcllq7uXAYTzhzcXNMR +4I1PmQYw8Yv/sgW27BAyFeUm0bquf2iN7E7Ygh/KSyYYlRZfkYhmFhVAnm76ve4J +nsljvGUGmwSIrIBNv9ousXGt3b0QfZivvY1859Ol702y+KMboGNlaPlYn/XlYLC6 +VCtbQ5zIrvFHIt6qKRL82Qhvm7EsMikDQNGI63Y0bf1H2bCeM/ea06Ptp68NexXB +lxmhkNxXEUORzP1/1sKbwNchU6PrMzx6rli7XTsbY3G15JKBjM2Lip2uOP3syL79 +KL1Jda+FfP9T26dTSLebMmptqWOUFBKGn9JHVqsHg1j1wPN2ePIdjfnilfXOtQd1 +SNe01BD+KInUGDbEJubsRLsOzQWa1m7KAC9M206jqwYoiQhPJS7LUO8bOOJUU+QU +mLOSilfdEBxBzFShF/CXRASwuhWjg/PKD3fxBpr+NBkQStG38A7VdZvSKCBXYbNQ +3aYP0WGE17bP5bXVC4FfEiBkueP0HWS3HtesTalyxJltjPNY0hf+3KbEeccNFTfO +dyt7/QA7t4mEZbOxB1bV2nTJIZ+4Qtiv6H5CHbgUZAUmnQt97LGv+/PipRo11bCZ +5UhYhCx7pbNhdEORpD6tf81zK5ukJbfIvRanMtkwLVQpFBw/ZijT7SBbRxwqs1JG +0YkCTgQTAQgAOBYhBHxtjJbeHsOgiuO1pEHOJ3xyGoieBQJaNgSKAhsDBQsJCAcC +BhUICQoLAgQWAgMBAh4BAheAAAoJEEHOJ3xyGoie6lkP/05N1ZPhSzOUUwVXc13N +1AQeFOUwx/qTgoRAiphF+vkDQv7z5/7xadBhFdkVkKKb3r2fZRGonPV163HAfCto +WToIk4zZOtOPKnbIFQIL6XtL93fkRp+p0Awwg1RgiK8iQL/bp5iOeZqWV3XiTOk9 +1SDs+Z7fU6eJferO1oNRjMYcl9x2wUDFVQSM+64fhvLxmGv08ZBkG8JU/Db6cMHr +z9eYSKhmjlXr3XcZGNcIydJKfjlToc8M8c8VLxPwYrvP6guRpYokBvMxMFbarkPk +gQUwmwobyrO9htcbodz3FF02OQYJq6XRoOhscNixzqQl1VeN/cLMltcU4KYIfDy8 +bnzy1I4XZxHRuDc0RBr/YnDCkSBSYiYYcZ5Wkn4vYOp580eB9p/iuZm7CfErsz4l +jQ4k0ZYOOS6dcP8Qjplm2jE8i8gxdteHD5fdKaz8s+eWnC5QW/x3QzZzOIDSLThi +JDLHM2BYN0N2UgpCiHZGk9k9MMNmuhCRsY1KKihTZJeQmFNO/vG7X/uVQy6IMJYQ +RHb3r7vCd7YFI6AahfqaM/XWbid2jh88pYcytZuPs3CdzK4BqoMzVNtTv6IFRH6Q +Jd9MZ/4IpSWkO/t6r2ryMVmAnhNiF1FRzG6CTNLMTuSD1/oyQXbtoBgcDOs926T7 +UnjBzTgU01xAs3ppcwvF7DG0tCtvcGFsIGhhcnQgKFZvbGF0aWxlKSA8d293YW5h +bWVAdm9sYXRpbGUuYno+iQJUBBMBCAA+AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4B +AheAFiEEfG2Mlt4ew6CK47WkQc4nfHIaiJ4FAltKSYgFCQIB+9EACgkQQc4nfHIa +iJ5SkhAAlKsdqS/T7fViUDuLj1G0sLAih4nP9pCspftr5kfo/zA8C1HMQt2IhQkI +rvGun+FEu6JXKIJXPiXfYCzHfTNnvYgeG6EaH1hWmiVLONghwv21sF1uNRHgvtuT +YZUdoUUmKhB06qqYLmrTMstlo5cxaKM7d16HcH1HlH/zX8eMM889T+wOxF2nYjUq +EeH1jix8mgTVwSkMoURQjxC98wyR1GromaJVJmS7q7awhOObNFFNpeV7J6Q+6XOl +VWTamfVE/luGhiGxxPIzSFDW4qO3fGM6I/T5GedDNqXrxzKRd/SNq3L2EPBBALyU +R5aFSUHOvGchdVGRZOcAkM2HB77EqiysmgBfEkXRhSsN46ZM2UiMsYvfBXfTalPm +y3xuXwukwehcxg7oNoAx/e4/R/r/tP7J6t6F/LiK1S7AJjFZ5EDLMaKaDrLbX5Jj +VvD/wljT4BdtDvIubTDVeE4E6sCV2ytarIC7k39f87VjM6eIW5rOL+ETKYkzZTOd +q3KbJZRWaM6YGqUE/dtGbXeMc/uqCp7yCoSBjIdu35MI+gIMsWywN/d2m+zwVITS +CO1PGWxS/yTbNddGyMgelmyxa13cUj3Zo1FCAjmv7G2bOHEie19/IeqsuVao5P8c +1b2DRvpm1FzsjKnVB/u5T46OT23DFkoE3BV0E8s/3HaNOw20v3GJAjMEEAEIAB0W +IQR/G1HPwjLcn7mV3+TlYcmGUZWHWQUCWjYF/AAKCRDlYcmGUZWHWciHD/9wfPfH +cwdAMnjICALZ9CblVT1GYrinG48XcmwMgCFRnaS2ktKz4T+d6sA+MVNhXUa9zOVV +jZW8GdD0XOp1SKL9EHS6hGMkekPUy6vL2NtMiYY5d8OBD+jPqnv+AVzChA+6FKN7 +FWYMi/v5S1HDGn6YMSp3ve5dpBDHUbtz3q3zkHeTLypB9rh0VC2HlrruqNY9H2VW +zCOJUK29zK1SYQhyq7o3Xgz0KE/FiZTFDnZYmkQknRaiY6kwZqBv600blQ/d6tf2 +ZOzwgX4KHPIxEIsuxt86jD8D+lPNPwDQmeqjFOOkJkNlZ0F1w3C3mtSDSoFLRXxI +xjaNYdBcqYndXmt2bGIp8FdkZqpR5R3Mv4tqqJ35occCbtzaZY0ylX7VCxTx5agq +jbh6/kcjCB+52wLJhvMUWiZp9EJwjA5bC7h67aGtZdHhtqgRYnDK9qbSmDwVAVtP +xq3Fof2eEmT7HFMP5h8qtAbrDVWYAmG2YplEu1CqLI+1c4YqEoDs8F82fvfB4t2D +T0k6i+poaS0+tzeSRFmk81bS2z0VbT6R6CnKGW0GjhDc/AEaZS6slEtsL8cHOVpM +BBxnOwoX0ZIS0mB2b5mE7CtDHyszQtFQSpVN2imH9oZEVCXEhAne8akRAltpOJkZ +2zYO4WMcupsUOh96R7BUjp3n6dATORnMxjANIIkCTgQTAQgAOBYhBHxtjJbeHsOg +iuO1pEHOJ3xyGoieBQJaNgQsAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJ +EEHOJ3xyGoiedlsQAJDZFWb4S/LU5VVghQNbFcoY1HpkfNnSWL+ak3gyiK2wWoLd +Cih3xsgsDdXDx9nSumBUANuxo6a/22oUXPCpZmnKeQK1JVHNKCk3csT1aF01NUlM +XodmBaZc5VrCKEUSiq2+9bXN/qu69xWxam6WedODj1sHjhLL5v+72fmmM8K837+m +VI/40B2Oe32MUYVCRAexBj4NNarXDxZBbrnLq5XizxG9PrrEoAdIBNihfVtyAWlJ +4nOAfnB881Wk+13Z7LqV0XyPx61fd/J/jpSQKlPGza/9zMHXcw6XM8FB5t6q31Ih +Bg/JDC6yzmVV0yZ9k/B14agVW8ffsssXr3251owF7x7dJEPgyV2HbGhFdFYHpizs +x1xBOvR6PrKbZJ7/qnWsw+IldfFSInmLy3xqCW5Sdq3UZ41ZJD/WIMIpzXYk40bt +kuOuc//tt1NPix3VJqWRSpz6R5aH6eCxzgrrtyAT5T1MOREJ4HJU0CTpR3CfZ+ZK +1hl3IUIVRTLWnCAgrw2MazDV7IZz4gqWBZhnSKNe7PwUpmhRy4Xdkzg9oZ7Na6Pt +Wgm4jjRfMG6okNJQfaxdQgHJALqrPF+cE4YywQOLOFFJZnNJgeiQ8Mz035G4qgxE +5x1mONPR3kl6ulEc6izdZdXwesTPgVnK47ixkH9Hj9MfPPtrlL+7W2srIUbHuDgE +WjYVIBIKKwYBBAGXVQEFAQEHQLoK0i/mCXkaKQqRlmE8bdDBjOoH9Cg3FBs50SgJ +dE84AwEIB4kCPAQYAQgAJgIbDBYhBHxtjJbeHsOgiuO1pEHOJ3xyGoieBQJbSkyr +BQkCAYWLAAoJEEHOJ3xyGoie2gAQANhxWWdjO1rvpj5d2Db9fk4sQ0B3Aw+6coyx +Y+800f1uZ6uhxMUyZY/oOmSf+KF7NnACiVLCZeYC+s6elud1+e5Lzg2HpbquRQyc +7VS36KHNL6yUeJa0stYK5qhDeex22vAu4Z1k4BSY3slSaBbhrEeiwLTwFXae5ecv +sCUQpspAT2wWegT559n9X/hfKKV0nFEt3ET7+lJwpbgc+2NKhDykt+CLioB/YGSk +ydJz2MbRBmGgyuVIJ2Nq9qOYQEH4CN/Wqr8mhqExa6eQjGYyJjoxtRmhCkX+J/oI +wg/5Eb3wFxjNIgrGHOz6VQrRC8QwLlUdqQQoBmLxlR5gFt4LvzmLFebr1tmPY0eM +JNVz9xAtadHYPtIRPpVkQb7JOx59IMPm97BtYU1XisiWyeEBvlDljNM/P0anctMi +DAZgVlqFqYKISa0M5YDD0TiE23XWYz3JcVCPMa770GGz9aiCqRyD95yN4KawsUeC +wKgUZTohk5Js9HyRzIgwzTD2dA06BK9GpsXfgozAtJ7bgacbmHfv4o0DQU2n/PIb +YOr3gJItPtdWgRk00kHDgwjtue2ISAEnCuOY7XJK16oXWj6eeqOdGRbiNQPwKhIg +9mLf13RCdzKXEJGpRD9gMp0mDSuG3DMAQyGrlUY6MUvzF8TrPYnEgZk8SXN4EwZ3 +uiDV3d0DuQINBFo1m64BEACtZMy+puLppnn5W9R4gJPuzIHrTMkkeeYt9Tz6je7o +AK9Y5DpVlgRKRzS9r44eP7/Q3nvGl8FU6T+AbeFa6BPD62ayiDD0iJdFVy1G7P2N +dFGzpDKnX8uwxJcxI4r0qh7/A1zBbBRfsxjEWhU+UPrGMVDombiPzDqwwPV7Lg38 +TMiDW97na43yVR2XJp+Qv8i94LrGZuIIVMwrqJyJFpbMsR97/v6/k7mYX1/YTh3j +ibMpCEaNVDGTX7yTEIHu+0Q/R16b+7m/t7wvmWKXZ8uVrygnMyymsOGQ2lgBE3Bc +1KNiuCfV3xcha0e/nDHdzRWGlPAB93wElLmAWoAzBVpeDml/lkazOfy5O0OR0TZb +sffdGfTW6JG4iWfQI7/0bZFZUM9rROp/Iyc8KAPIEAPvO7NsZNVBOOB9UHEpd0w1 +9GE1mhMUiGO9GM1Xtcsefu4ELxFW9Fr0ABcKIrUmGT/u9EEbwPeW0ziMmDoyBxq1 +X/u+r+GXMvhw3wROwSy64wnJmxl6/jDebLRmsdySP6ndS6jnvG2SQogGoACv1JBi +ljyOEAbdktDdd1VG5MrodPo43Qo+6dDXYQYbYtb3h52buWCvG6SnAlwb3a1tCxQH +t5wrJKNf3LlOwd8wNQ2/OA/RIbinZ7LReosevF+/88C9bqON4MXk5HlREA4sHIZR +EQARAQABiQI8BBgBCAAmAhsMFiEEfG2Mlt4ew6CK47WkQc4nfHIaiJ4FAltKSc4F +CQIB/CAACgkQQc4nfHIaiJ5LVhAApoF8i1wTpIZHl/IdsBvW1Avx/l1/tZrB+JjR +pbYPx1OefiElB2fxXAy64gFdpEOgytcL2QX8mHueQbNYijvkbTjU5HhG2nh/50aO +cxL3ptkXjYrHVcYdOsjz/K4MvwGdDA3qatiH245aSo9nL6dCVM8QY6H84WqhXLI7 +ITFFgkkwWF72d7BYArvxxSu5dAW9j6wR7E1E2V4ZA0fhk8mLGw0/pGKbjueOJ3yX +ajJ4sc03Uli4f9wxmSQJGIcHUj9NSW3/IRMltX1pyJ76BUFzh5iumDNZuGrmBqVg +CTxRB/7BFsTDkzvQa9AX+PqeysC467gPyqtujPXMuWc+x9j4dZh1A86nZKKBYgFY +1wEE4TJG/c6QlAUppU7n/XHyDGkHqSC5tF4YGBZO+kklFn5jYIrlDCKAcLSsLQAw +XG06Ef1o3VUMGcOICrJgBV+oZpCwGSRBnS1l7IEgFeTdvGy3N3ZQ1SyTp63dq0GE +EcuOBo0rk8sNNb9LMaY7Yow+cxZkWjuB2qmIvNi49zXro20Jzm7MlJvnNAOvzp9S +XV6f9Mdu7mERW2bVX45N17uZby7q8z15yXwX3XB2ya/0pOlX3EUfFfx9MSvnFdAy +DC10SAstBfplvdg0JwHldZXv+ODRVL3lWGuzRfo+AINJZ/ubSrDRcHmjcYhVe1UF +HgnisQi4MwRaNfu7FgkrBgEEAdpHDwEBB0D0qDrid0sw7q/x/62uMO+18OEuVF2G +2S5XLci6xopvqYkCswQYAQgAJgIbAhYhBHxtjJbeHsOgiuO1pEHOJ3xyGoieBQJb +SknOBQkCAZwTAIF2IAQZFggAHRYhBNNprfADv62prFJ9QDDOfWbeaUkQBQJaNfu7 +AAoJEDDOfWbeaUkQ6ycA/i0sEZRBgF3FBN0vWh6H65hljArvqHegLNOXzGkynXmu +APwMZERiJf6HiiTS5cdgO5lK2uDalDzHys2zJr/ehIopDgkQQc4nfHIaiJ5vmA// +aH88uhFORqPCplqPtYPq4aEQaWu/FCO1RiZgyBh1qJ5d7saXpv9zTAi51zN4w43s +C/XzGwnDc6BUn3eHIDWkPI4HFqp8LOPPy6Wjuwk2Qh8oJpYrq8SoOqe4421JcM/M +adeyLaNQIhijjq6M2qvCCK1zDxrpwjA7ey1NDOjRup6eDqwKjOUMUL1EMBkcwv06 +5Civ62LvaATBIcT0vfMGfGYXPjn3Er7NIwv24SM3wmyH2/mIW4Al107FfAaimVLP +yPqZlBK4mIDwMkPg/aFsU2bvfkM5WaZ1Quk4yAIOg7ZFpQXq0Zw6lQkKdmfQdbNX +6EmrzFeQIK7D988mq4w+q6scBpORRFYWS2u3OJqSVNWhj3TZ0BpkGsdVPPL19gY6 +PfBDhjUzdJnhZ44ydBjfcddL1af7Ueu8zRYSUf6brLTrbrIifsk0pUDr9MYsPApT +QHvAPBrBOazw8ws7pwIFibJaBWQmd8uLRaoeBYzgQUtsPrQp6rGgxXeIhr7iAf0p +rKzjNHT+1idjA/5YBNcyynNs6BEyJ3cbaS+INFQgqrYhdhBTHneaGlHPwf95NHeB +FnwXsp4twOeLf5HCLzkLVERQNrqh8Dm3QLiqyFthG/GY1KUgJHLQHOdhPjiEDFZ0 +aBDVgOs5f9evTV71btPyMHiazqGiVz9K8POrVxs1nfG5Ag0EWjXn3AEQAM1ggF82 +nFDR0SRU/3jJyJotaLJsWe9KIbYtceK3BmzlhSZoBwUzCN9VP2DMCG5g+nASiwHL +zXdA5bnaFvTAeL/5u1JBxCKNZTx4QDpTvPw4UPj2eTjjJ4bQV5RJf4zjJ24//Xnf +esjmoPphlIWBl2scXGAmJhLEN1TgDCB8wb5dv7IEawgbQI00/Hxc82bu8sN5S4uA +WAaM8VCcJJ2ThyFwI7gvXTL2slhahEC4glm6GthZywDdPh9HkR3+/FembKVXkcrv +ShFyn6tSp49NpbFD69poPKOaeaeSA38NhTEMiM7bg3WxuyHfXZghJEuqTRm9Dxvo +rkRnJnHj0YchnbaUyRT9lpMJcdppYWACE1IZ7uS6fDWekqXyd6kkKh8CE/vS46Z1 +cjqAcdhiEdlI/YYaCfwkxpxL3B8INYP9ALunp58ZNq6m7+mX6PrCDVahZ6FbyrGo +q1KRTiBdaFN3h5R+aUIlBZDglLZ4qJ0xUvAoT9cJHdI/L1+B9i9fhJHtLnY+PQei +NAY9PilkS988YbwuWGzNLTKgs4U5dgz7i5jZP9c2Oooxnrki+9bScPQSbaj0XnIX +ByITSKBrro3IfM1qiA4PNgiLDJxsBqsNiVeRlj3yt2apgCO6cwPl7atH6Xx//cJj +nciSUgXwrNm7sPED27XDd0H8Ch5lTXWCyG5TABEBAAGJBHIEGAEIACYCGwIWIQR8 +bYyW3h7DoIrjtaRBzid8chqIngUCW0pJrwUJAgGv0wJAwXQgBBkBCAAdFiEE/fYK +lEn7DgXQ2PnGmjS1B8nEGWcFAlo159wACgkQmjS1B8nEGWe3aRAAxY7L9ehBX+1N +w90+ZEpFBfacGp0c07Y3qdOpWQZhMF5pBY36T5inyGO6o25MFiAwf68za8D23GzK +hCiRCrztkLnxzhXcX7zZ4/TQFWDeJie9b/WKBpHPm8NUVz+lWZtYNoE5xxMRwlP5 +JJXdU01U2GcajpHga+c0zyhsJ3XsGD7NycSppRL6pK5t6LUSHCcAYIHS9gGBceVm +j6j8WiB3ibRTAb9Ip5VMmoJBGTul9vPakZzNvz6nA9cZj5nODnEckaa6eLa1xPEg +5Q1EXdX3u8PZksJLoIEWwEGkJOP9Aw99nXRJ+9bZw0Y5YpjVjML+Ire0tEa1SjCO +OnoZFl+g6Qki+hbbOeSLXdpFxTeqPRrSVJv4qx4iQIOzrebfwrC10w5Wh1nsWff1 +C1yuQ2Xq4cRs4oUv8zkuHtF+0vgx/QaXKAKjxYaPz2dObZ8iGahkg6h/KUIZ8XiV +IwJBU+bjePXKmn78GXwtCP4ob0f60g/oPpr2as0XhIYLZSnVboKEm0PHDSqtuOxF +sXbLrlnvm4o8u6DSxqAl8olyM6rU8K1P3ienA03BIGmRdDtuKnbKujU/lV2u/hpD +K54KZF2Xqn3ZJpfMrAu2W7tloDwvffQX/lu4v9h5HFytwkPJkGMzxuGAEl4h5kEm +OMssNoy0rW3NSiH79rXX7zwShQ0wowkJEEHOJ3xyGoieN68P/iP3kWEab3QMFM9K +5KCKkF+tjMf/eeiAPuU+KeI+gtGj50qjwlkFNupTucQyzC8ee25z9TnwGt5lgd1c +00Us0K1Hu0rF3iJRj85gaDTohgW8LHLJ6QkJ9RC1xe9u4vTHd3N8o9l58RBamewe +yVZJ7jbs6xGJO9VD4723df296pK4WshvXwt3EJN3TWBXbB0ijU0LZRGKtbSjBqGp +b9MFVes+ugMPNMoqQvKFoxzo6C+3eZja7RJokp/Tsc6eLjOQqCYI/ARVz2USN4j3 +dfjhqF6Ej3rWIkiAHHem1EkVlbmh79g9LXSRvcsDIheKHbdnwI3y+M1tDBN9h7Rs +NNsged1knno19U5DkCKqKJbxQQwvJE55Acng4y5KEQhNAJufAwWg7QRzg74ND3kW +P3ot9gVmyPy/fw3s+7XQwm2bxTwO+lPqwKDhOYf0ECVo54xxuNZa6k73sgMQHQpJ +xUzn/AY9lUpl8x7SiDfJC6L9yNjDcRDmn68eINeHHIFOJigy6+z3mb6y5I3U54u4 +SoOZ9lBhSjEIqZyLs0Wo8lj1kq1nnUQeS20ckpCNPsFYoyCEf73p0E/0uOKZB7jb +Io5zvfBgTFpo1Bfyx/GistgH3gHptE+N3V9PfERQ3NUew4lfkRseS/xIrM4kaRBy +ZrUrSLFpNzh5v8v4zpMZxqBrDUduuDMEWjYVThYJKwYBBAHaRw8BAQdAM6jDL7Jb +k/ch0G+Ww6b9hZXuzlvoKmxeryr+EguSErOJArMEGAEIACYWIQR8bYyW3h7DoIrj +taRBzid8chqIngUCWjYVTgIbAgUJAO1OAACBCRBBzid8chqInnYgBBkWCAAdFiEE +XD2ZlbeVVsC7Ni6mU6bt8I1yxfYFAlo2FU4ACgkQU6bt8I1yxfZibgEAsKuSUXLV +PHgzRw09dK9zPla6smaCHnTLCoVnEssCd+MBAK24hkBdRPaoTxpA5eEDw2tIT2bA +MUMO0d+mrQi8CqQMu8kQAJNXRwxbtZaxFnczRG+XAfMCLsDVq6UEDbSnoszFzxot +GHfE4gEn0FrTmloljS/gL6PJWHjiavzRtzJQ9t8TL8S/l/hTiZ4sJU0NXepU8Cj7 +6WAmxJGiFNN1FuWhIAbdTkoWK/VPlFUsxKisobcAjnSq2Cun0YChr+/sjlgSBIrQ +b7lGIhfB+wVbrH61A6G26HICRKJC4toCeNKSIi3qjY7BVMxQkJjQclUsAim4+aWw +2PYATIMNXPY1dfQTADzDlsFAhe/bdRUbAOV49h2D3uB8ymC9MU1YSbhpZXqrWLfq +8wRT3cfSME5hGaORhQzsL+2vHPU6HbqYuCQk26HP8DMe+9BYGEOCtt1B+ABX8n9d +/aYeqmk7IDKx/Vtizqg1xpVYQdEoTfhfHryyYX84lugBKPfJxbrA/Wl8LVGUoZle +BmewdBH0LzeuOu+ApMsnpIo5PQBao6uvAo8bubS1zdK+z+6jyh0xkbMiTQwnsmZS +ZDI0Y8Q3MYTKur+qZEDAhwUxoadRVgIByozsq6L1aXSJwroKn6H1KXNxN1YSaLhp +VJl83sdX90Uio4IoTLabV1zPKekEDED2TvsB0pTg4JqCAd80nq4qFRxAjawm+Ll5 +OBM/IIfIDZZP4k97TncA+lSk0rCz1RWbduxN0OcKEpbpKrw3tD7RNdlhWMgO8aqv +uQINBFo2FPkBEADjD1v//vRgg+3g7GgaV+lFnwoViEJBINq5dXmN3xblrmi7Q78V +3rzwnHm7dBaKjAYYULncmRV/PBNBQGk5W8D0cqGN/qCMbAdGkI8Awo3xo+ey7J8g +ZYAIINpraAVGbjRLpPeNgybQWPbTeL8iqnqY+PF/ZbYpBCg63VDVtQXYC3VfoIOE +e1S/l+utFUiyJcl7N5kt88hlutqsYeqE/909HikC3gTRmXBDsuUipGDn7RQMpRJe +hlmpFP+ndi00VYG0urpDrshj1nKNt7IVerU3Lrj2YtWFfbslvARmVdy/0xhApZzn +9LF4dT7ZsLwN6IBf6RHpBjtJplMwwSMtGrRuK6ezjkLaNKoOIQM++g3a5mASgd2q +gHz4FBIk02uHjoK7KsFC3NfbO2/cvmi3MbEMzbcF6kmsKzNzGflvKBSqTITU9ASm +km0KjPrqWxxSqn/RNaA5diIMF+XirgZMhRZ2ACXrfa9qes9LNPsJzpTTqcJKqhm0 +YUWkYLrAeVNG1hwn8JpZnAl3KM23/4uPb3t5K/PLe8cX8bMPGHV5cGi+TGnlVxPi +TZjirfhwOGI+E706R6R9n/GmJfW7WCRQVg19B9qiPV82V/NrbW5z1jplmzatqeZx +OVMJHKjkSps7wi6WoaNXhzrWvvao5dM5xcrdWmODg9DQ3sa/2LxwGgDCwQARAQAB +iQI8BBgBCAAmFiEEfG2Mlt4ew6CK47WkQc4nfHIaiJ4FAlo2FPkCGwwFCQDtTgAA +CgkQQc4nfHIaiJ6GXQ/6A8JK048XMdjiPygWBkus8pGhLJNp3CifvHr6xjCQ4mLE +l0iA2VI5R1AvyJlChZmu9WmUbmRLs1yaUSCywGT1DvoZ6lSXZfDT6z0+KFK1fh0t +rD9jumIpJEaDvSNDcISZ7tN6ZLm1OwuvvnL6ch0yGIbEZHo7WuQ83QhthcFF9ifN +vzSCaGOgJ1FFtLaGSihh4LC0cOYF+bEJs+wOyRS8UaNYUqI5A975j3MiL7H+N8gz +NaaN7cP5PAYlUGyGpJg43CFhlQr9rxLeaqebj0MZPRdD77nU32TFh2p4LE/ua8BR +J22QlIfHLwzt+yvgJ+gy6RnT/X9VOuJfRvu++YKEYmASiwujNQ94/7hJStjOp1Fs +FPm2OJ48NDwH1BeQNZQwk3ZKtqor2dA+8pjAUV/EbV6JJ7yc7Cddy21qSoDEyD4/ +V+oBO5xeE01hY+YDUhoML3xFIVGxP447p1Ta4cadxS4ImXT/MiEBmBpKglrYXAp2 +qmmHUSCRpKLsqiLYozDuo7CbCxGUbEDUignzl+yzsC4Fdw1LD0ZjFl+dnm9fYkGx +sPGgU/HC7bfhufC6LmEx5bFMLbP4Q7NScy7AAHOLPEuSfS28569XwNhqkS9s4BRd +eqyWZuwBpZpuPzEcPo1a1OtGetYp+XQElQ5kkH3nd0MpYIOJS7thbYD5v8onV8q5 +Ag0EWjYVMQEQAMAQG3NDQXtBASe2E9k+yvZ01pXEPf/NIaQ8vgPPyDYv8INnbY0L +DbUSmzL2Ybqf8+oGusNsc9AXpYMLJJw2vPpEnSFAOjuqkaQcef5lomKHCj9sD96N +OMvHemoNDbsT35inBI5WWTD5u0QzxwqSDo9IEpkQ93fUB7aoUKT7035EtDgZM6JT +Kd1IFZu48fcf+dmUxThPvpHL7w7oE4XczNV84mxUz++92DxeiBDvXgw4nBGie5ul +2OgHEO0T5K7oUzR0SnGiPlTBaCr+5rUNbyxAnn/sd75hRs8vhhwHw984P208Siqc +lMFgurlzwivY1BBv5OlKNH6RxnctS41afm6qJd+ucJz4zslQedWEauv/NP9WSDmR +Ia0vhSH3pDB2zLGBZN5Lupupi6UazJDiX/GKXAihq6I6zs44YggdryzEzJp9IS1E +YKCbqRFmX2TPoVnwmlR86YIYTbWHvfKqOgQxJ2+Ulf6NqXMhV6GlAhe0zW0+aQZZ +RQdsS1cwfoBRPSa2IisX+qNPW+k+tTWS5wQUv1Vm/y66FS0NRflO0TZ0142Pn2q6 +zR8x3q7xwFBp03ZqWlQmC74et+lE7r0GJQ4Mjh4KhzAW9CRFiPqEWMSU2fwyJ/8y +XIFww/rbnA94zBQ/8ISy2QA5wpWoSFMdl63FiNCI8LaAvHVf01abCsk3ABEBAAGJ +BHIEGAEIACYWIQR8bYyW3h7DoIrjtaRBzid8chqIngUCWjYVMQIbAgUJAO1OAAJA +CRBBzid8chqInsF0IAQZAQgAHRYhBP7SHgwwIDGEhD1QVDHlX8xC+YyQBQJaNhUx +AAoJEDHlX8xC+YyQSZEQAIekpr7uGdLrE+CJnGHewJr2eaWgt4i1gjP3FezkcQb0 +sWJDMJqUeWCRQdJZp55mVz/eiS9ReltTrWvicfE0CWxS/I8232Jl+KIzG4iMYE9B +iEZYmc+ZwMZjbwdgk22iw6u6XAcvgEewCScf/QGSIxTr+E3umChOeWbD027c00OU +GdHODeVdvVbPfIb7fPY/zre7TEYJlYGC9d8kAHgzVLaDxhKwLdUxV6I/RV6iSok4 +NfW9owQc8ZfUVDQiqOShMnnew4fXCSmn+anikVVM/bqBH83wytk/ypkWzxr1Bdlp +b6hi7GRZKyLEMQvspUvnncLeaEIRGneTa2BsQapKqpSCNbmkdXjppLRBNZfeqjb7 +x3GyOia1W4xeZeGS5aXD8qKZD9uNFYmcD7t5V3WneEOO5pDXgt1B/TY5NlECSgD7 +JYx2QdA4DuDphz56XPo5Tt2QPw6DVLrW7NjhA2LW4DNqUgEscJ/mGTFSYjTh3hkH +RTXcNBExlqWxXMKmgbD6T6e3dd1Y/hMPdepgeYHbep1cTbRUdMVTdbxjXbGP25Y/ +36l7M1WQoTaUK1RidAWWMcni6GdPJTpNm6TaV/2zosjn86f13m3NOM+3hraCdK5c +FN/JkNcYW4L0MKnBveEfroMQWVVSlqdUw1Ur901LRMfYkQK3hnOwVbTvrHg5zXFo +ZDMQAMfEqvIMimQevCDJckiboJzjtfGMa9axNlIaQFaru1TG9DtsM3JxG+xk+4MR +ckmQh2iU1Jt+nJ+hgwlWRdD6HeCyWMLN/3XKUhg684zu4INzjJ3LLI4Gga/CZknf +iVoohAMZNpmf2PVoVO5okZ+MpPjbgq4hAp4/hsIuK8sIMydUWNgqT4J4eBEt6Fyc +V0URMHjcbdyFbzItZz4jtQ8fmv7lkMAH6dzK55IThHtmOGKAkxNma1KleUTcI6R1 +HVYTrSw9d3nKAzIj9jNaOr4WsWjvBfN33VyT31uAq54sFGEeyCZiehMFvPIuBDdj +VJusb2z2aBjh4XxrKNqRyYpTi7lAlXfD0FVLt4effwO2GLMOCuH8OxhEvTVFJKKy +z3cvTyGyZXXkjbnewwZK3M9EGbR1O0bUvpWcz8U/+TsaafDjKBdoNkgnvmdRqumo +0ymlWxYFbtdxZVjJDnjS7zvx9RDIRAGb+Vr1IilCy3xFnB1ZiuNZP9LVXO3BEYiH +HNIhCXO9magJNAvo8pdjxny5BJgo9jggxPXVN92/2A/3kbpewdPdkihnzb2ivR+K ++CkncgDUFjaNXlh6ZsKtBFlYAy5tBjgqiz69uutFq+kBTc5/exmP9dFsDK/ghpFI +j2HaO9sYpuaO7sSz4SRkhrpYp4A9qMKVn49uLbnj2F68RjHu +=68e3 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/out/pgp/0xFB02FDAFD6C05FE4.asc b/out/pgp/0xFB02FDAFD6C05FE4.asc @@ -0,0 +1,25 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEW8+MdxYJKwYBBAHaRw8BAQdAnUbKUFwGSJ5YyPToLcbGSJ6Z5vJvJxQyatkfqo/exsK0 +K29wYWwgaGFydCAoVm9sYXRpbGUpIDx3b3dhbmFtZUB2b2xhdGlsZS5iej6IkAQTFggAOBYh +BOkTHcD5K19veqH/uPsC/a/WwF/kBQJbz5LIAhsBBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA +AAoJEPsC/a/WwF/kNk8A/RGxYVNoDGjo0v2VWmcDjurOC7O65UijYJzSkXcf6d2SAQDI+ZS8 +mZXO54WQUEXHbv+7ozdgpQbc5osohtjM3auoCLQyb3BhbCBoYXJ0IChodHRwczovL3dvd2Fu +YS5tZS9wZ3ApIDxvcGFsQHdvd2FuYS5tZT6IkAQTFggAOBYhBOkTHcD5K19veqH/uPsC/a/W +wF/kBQJbz4x3AhsBBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEPsC/a/WwF/kpmIBAPlS +BqnBT3nepQ0FXtxMOvOgjaT+K7KeNsDkLj51OY1XAQC21/jlB8g9pHdsZrnWyDSKByCxQvOl +PlGU/T+/FwScCbQ2b3BhbCBoYXJ0IChWb2xhdGlsZSkgPHdvd2FuYW1lQHZvbGE3aWxlaWF4 +NHVlb3cub25pb24+iJAEExYIADgWIQTpEx3A+Stfb3qh/7j7Av2v1sBf5AUCW8+S0wIbAQUL +CQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRD7Av2v1sBf5IyqAP97K892UoZGCiGWu7SLxFOy +irAZzqNTQ73eVp2FtlYkGAD6AnCWQ5MqRLaZjVp6GK3i7VbOGi5qtEW4mg65DnYbJA+4MwRb +z44zFgkrBgEEAdpHDwEBB0D0PpJSdabaFySmEgjrOJY/5Bf5eQYado2PH/4g23ZP04jvBBgW +CAAgFiEE6RMdwPkrX296of+4+wL9r9bAX+QFAlvPjjMCGwIAgQkQ+wL9r9bAX+R2IAQZFggA +HRYhBMq1U5ZkNEmwrtuxOzb22CpM2CQHBQJbz44zAAoJEDb22CpM2CQHWZcA/A82i7ukEU/v +KcbYiM0cpW1h5rdhySQFYGCVdaKsKc+HAP4//7kBSih8M845u+RHWf/FL7gqxZJcEvyyUXgq +uO/HCbziAP0ZxLE5D8x/l6fKi9OQ7WCUWoFS1bSiCCRJAFqvBE9y4QEArzVX7hYqVZysy+6X +xBH9tB0Ja1aOEoQ0gKPr5MHIUAW4OARbz45SEgorBgEEAZdVAQUBAQdASJ6sDtpC7J1v0gPO +w+ygTp19wU8tJ+EqfnU0zZl+qQcDAQgHiHgEGBYIACACGwwWIQTpEx3A+Stfb3qh/7j7Av2v +1sBf5AUCW8+OkQAKCRD7Av2v1sBf5MFYAQCqLVxnz29SISlYzDDQCoZ55E40SH6uNP852RSd +kZkTsgEAw31rnSDiLgLGH54lx8YV0aBP5MQQ2bYapVNoQdS1aQM= +=onM2 +-----END PGP PUBLIC KEY BLOCK-----