<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.2.3) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-cui-nmop-agent-sketch-com-00" category="info" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="agent-state-req">Operational Requirements for Network State Exchange in Agent-Assisted Network Operations</title>
    <seriesInfo name="Internet-Draft" value="draft-cui-nmop-agent-sketch-com-00"/>
    <author initials="Y." surname="Cui" fullname="Yong Cui">
      <organization>Tsinghua University</organization>
      <address>
        <postal>
          <region>Beijing</region>
          <code>100084</code>
          <country>China</country>
        </postal>
        <email>cuiyong@tsinghua.edu.cn</email>
        <uri>http://www.cuiyong.net/</uri>
      </address>
    </author>
    <author initials="M." surname="Xing" fullname="Mingzhe Xing">
      <organization>Zhongguancun Laboratory</organization>
      <address>
        <postal>
          <region>Beijing</region>
          <code>100094</code>
          <country>China</country>
        </postal>
        <email>xingmz@zgclab.edu.cn</email>
      </address>
    </author>
    <author initials="L." surname="Zhang" fullname="Lei Zhang">
      <organization>Zhongguancun Laboratory</organization>
      <address>
        <postal>
          <region>Beijing</region>
          <code>100094</code>
          <country>China</country>
        </postal>
        <email>zhanglei@zgclab.edu.cn</email>
      </address>
    </author>
    <date year="2026" month="July" day="04"/>
    <area>Operations and Management</area>
    <workgroup>Network Management Operations</workgroup>
    <keyword>Agent</keyword>
    <keyword>Network State Exchange</keyword>
    <keyword>Sketch</keyword>
    <keyword>Network Management</keyword>
    <abstract>
      <?line 117?>

<t>This document describes operational requirements for exchanging network state in agent-assisted network operations. In this document, an agent-assisted system is any automation or decision-support system that consumes operational state to support tasks such as anomaly triage, incident correlation, configuration verification, traffic engineering analysis, or attack mitigation support. Such a system may use a large language model (LLM), a rule engine, a statistical model, or conventional software.</t>
      <t>The document focuses on operational problems created by high-volume telemetry, cross-domain state sharing, privacy constraints, approximate state summaries, and auditability of state used by automated workflows. It identifies requirements for compact, scoped, mergeable, bounded-error, incrementally synchronized, and auditable network state artifacts. The document complements existing NMOP work on anomaly detection, incident management, and YANG Push/message broker integration. It does not define a new network management protocol, a new agent communication protocol, or a wire format.</t>
    </abstract>
    <note removeInRFC="true">
      <name>About This Document</name>
      <t>
        The latest revision of this draft can be found at <eref target="https://xmzzyo.github.io/nmop-agent-sketch-com/draft-cui-nmop-agent-sketch-com.html"/>.
        Status information for this document may be found at <eref target="https://datatracker.ietf.org/doc/draft-cui-nmop-agent-sketch-com/"/>.
      </t>
      <t>
        Discussion of this document takes place on the
        Network Management Operations Working Group mailing list (<eref target="mailto:nmop@ietf.org"/>),
        which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/nmop/"/>.
        Subscribe at <eref target="https://www.ietf.org/mailman/listinfo/nmop/"/>.
      </t>
      <t>Source for this draft and an issue tracker can be found at
        <eref target="https://github.com/xmzzyo/nmop-agent-sketch-com"/>.</t>
    </note>
  </front>
  <middle>
    <?line 123?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>The operational complexity of modern networks has grown substantially. Networks now span multiple autonomous systems (ASes), administrative domains, and technology layers. Network management tasks such as anomaly triage, incident correlation, fault localization, configuration consistency checking, and traffic engineering analysis require timely collection, synthesis, and interpretation of large amounts of network state.</t>
      <t>Operators increasingly use automation and decision-support systems to reduce the time required to diagnose and respond to operational events. Some deployments may include agent-assisted components, including LLM-based agents, to help correlate alerts, summarize evidence, generate hypotheses, or prepare recommendations for human review. These components do not remove the need for existing management systems, telemetry pipelines, operator policy, or human accountability.</t>
      <t>Agent-assisted operations introduce a practical state exchange problem. An analysis component may need to compare flow behavior across many routers, estimate the number of affected sources, identify configuration drift, or correlate symptoms across domains. Supplying raw telemetry to each component is often impractical because of data volume, privacy constraints, management-plane limits, and the latency of downstream analysis.</t>
      <t>This document therefore focuses on requirements for network state artifacts consumed by agent-assisted or automated workflows. These artifacts can be generated downstream of existing telemetry mechanisms, including NETCONF <xref target="RFC6241"/>, RESTCONF <xref target="RFC8040"/>, YANG data models <xref target="RFC7950"/>, IPFIX <xref target="RFC7011"/>, gNMI <xref target="GNMI"/>, YANG Push/message broker pipelines <xref target="I-D.ietf-nmop-yang-message-broker-integration"/>, and telemetry message schemas <xref target="I-D.ietf-nmop-message-broker-telemetry-message"/>.</t>
      <section anchor="scope">
        <name>Scope</name>
        <t>This document is scoped to the exchange of network state consumed by agent-assisted operational workflows. In this document, "network state" includes telemetry-derived measurements, traffic summaries, topology-related observations, configuration-derived summaries, incident evidence, and other operational facts used to support analysis or recommendations.</t>
        <t>The requirements apply to systems in which state may be exchanged between devices, collectors, controllers, domain-level automation components, incident management systems, and agent-assisted analysis components. The requirements are independent of whether the consuming component is implemented using an LLM, a rule engine, a statistical model, or a conventional application.</t>
      </section>
      <section anchor="non-goals">
        <name>Non-Goals</name>
        <t>This document does not define a new network management protocol.</t>
        <t>This document does not update NETCONF, RESTCONF, IPFIX, CoAP, YANG Push, gNMI, or other existing management and telemetry protocols.</t>
        <t>This document does not standardize bindings for any agent communication protocol. Such protocols may be used by particular agent-assisted systems, but the requirements in this document do not depend on them.</t>
        <t>This document does not specify autonomous mitigation behavior. High-impact operational actions, such as configuration changes, filtering rules, route policy changes, or rollback operations, remain subject to the authorization, validation, approval, and audit procedures of the deployed network management environment.</t>
        <t>This document discusses sketch-based summaries as a candidate technique. It does not require the use of sketches in all deployments and does not define a wire format for sketch exchange.</t>
      </section>
    </section>
    <section anchor="conventions-and-terminology">
      <name>Conventions and Terminology</name>
      <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
      <?line -18?>

<t>The following terms are used throughout this document:</t>
      <dl>
        <dt>Agent:</dt>
        <dd>
          <t>A software entity that assists a network management workflow by collecting context, correlating evidence, generating recommendations, or coordinating with other components. An agent may be driven by an LLM, a rule engine, a statistical model, or a combination of methods.</t>
        </dd>
        <dt>State Artifact:</dt>
        <dd>
          <t>A structured representation of network state exchanged between systems. A state artifact can contain raw state, derived state, or a compact summary, together with metadata describing its scope and provenance.</t>
        </dd>
        <dt>Sketch:</dt>
        <dd>
          <t>A probabilistic data structure that provides a compact, bounded-error summary of a multiset or set of network observations. Examples include Count-Min Sketch, HyperLogLog, DDSketch, MinHash, and Bloom Filter.</t>
        </dd>
        <dt>Sketch Merge:</dt>
        <dd>
          <t>The operation of combining two Sketch structures of the same type into a single structure whose estimates reflect the union of the underlying observation sets.</t>
        </dd>
      </dl>
    </section>
    <section anchor="conceptual-model-and-workflow">
      <name>Conceptual Model and Workflow</name>
      <t>The following figure shows a conceptual model for network state exchange
in an agent-assisted operational workflow.  Existing management and
telemetry systems remain the sources of operational data.  A generation
function produces a state artifact that contains payload, scope,
quality, provenance, and policy/audit information.  The artifact can
then be consumed locally, exchanged with another domain, merged with
other artifacts, or referenced as evidence by an assisted workflow.</t>
      <figure anchor="fig-state-artifact-workflow">
        <name>Conceptual state artifact model and workflow</name>
        <artwork><![CDATA[
        Existing Management and Telemetry Systems
   +------------------------------------------------+
   | NETCONF | RESTCONF | YANG Push | IPFIX | gNMI |
   +------------------------+-----------------------+
                            |
                            v
                  +-------------------+
                  | State Artifact    |
                  | Generation        |
                  +---------+---------+
                            |
                            v
   +------------------------------------------------+
   | State Artifact                                 |
   |                                                |
   | +------------+  +------------+  +------------+ |
   | | Payload    |  | Scope      |  | Quality    | |
   | | raw,       |  | query,     |  | error,     | |
   | | derived,   |  | source,    |  | freshness, | |
   | | compact    |  | domain,    |  | confidence | |
   | | state      |  | time       |  |            | |
   | +------------+  +------------+  +------------+ |
   |                                                |
   | +------------+  +------------+                 |
   | | Provenance |  | Policy and |                 |
   | | source,    |  | Audit      |                 |
   | | method     |  | controls   |                 |
   | +------------+  +------------+                 |
   +--------------+------------------+--------------+
                  |                  |
                  v                  v
         +----------------+  +----------------+
         | Local Consumer |  | Peer or Domain |
         | agent, NMS,    |  | Artifact       |
         | incident tool  |  | Exchange       |
         +--------+-------+  +--------+-------+
                  |                   |
                  +---------+---------+
                            |
                            v
                  +-------------------+
                  | Merge and Time    |
                  | Alignment         |
                  +---------+---------+
                            |
                            v
                  +-------------------+
                  | Assisted Workflow |
                  | triage,           |
                  | correlation,      |
                  | recommendation    |
                  +---------+---------+
                            |
                            v
                  +-------------------+
                  | Operator Review   |
                  | and Existing      |
                  | Action Path       |
                  +-------------------+
]]></artwork>
      </figure>
      <t>The requirements in this document describe the expected properties of
the state artifact and of the workflow steps that generate, exchange,
merge, and consume it.  The figure is illustrative and does not define a
protocol architecture or a required deployment topology.</t>
    </section>
    <section anchor="problem-statement">
      <name>Problem Statement</name>
      <t>Agent-assisted operational workflows may require broad network context across many devices and time windows. For example, incident triage may need recent interface counters, flow records, routing changes, topology information, device health indicators, and configuration differences. Sending raw telemetry to each analysis component can create excessive storage, transport, and processing overhead.</t>
      <t>Operational workflows often need answers to specific questions rather than full raw records. Examples include:</t>
      <ul spacing="normal">
        <li>
          <t>Which source prefixes are likely to be heavy hitters during an attack?</t>
        </li>
        <li>
          <t>How many distinct sources are observed across a domain?</t>
        </li>
        <li>
          <t>Which links show latency distributions that differ from a baseline?</t>
        </li>
        <li>
          <t>Which devices have configuration sets that are inconsistent with their peers?</t>
        </li>
        <li>
          <t>Which flows are likely affected by a reported incident?</t>
        </li>
      </ul>
      <t>Raw telemetry can answer these questions, but it may be unnecessarily expensive to exchange. Conversely, a summary that is too lossy, lacks error metadata, or cannot be audited can mislead an automated workflow. The challenge is to represent state at the right granularity for the operational question.</t>
      <t>Some incidents cross administrative boundaries. Examples include distributed denial-of-service attacks, inter-domain reachability failures, and multi-provider service incidents. In such cases, operators may need to share selected state with peers or with a coordinating system. However, raw flow records, customer identifiers, topology details, and configuration fragments may be sensitive or subject to policy restrictions.</t>
      <t>Compact or approximate state summaries can reduce data movement, but they introduce uncertainty. If an agent-assisted workflow consumes approximate state without understanding error bounds, time coverage, source scope, or freshness, it may generate incorrect conclusions or overconfident recommendations.</t>
      <t>Existing telemetry and management mechanisms provide important capabilities, including schema-driven configuration and state access, streaming telemetry, flow export, and message-broker integration. However, deployments that introduce agent-assisted analysis still need guidance on what properties exchanged state artifacts should have so that they are compact, mergeable, bounded in error, privacy-aware, and auditable.</t>
    </section>
    <section anchor="requirements">
      <name>Requirements</name>
      <t>This section defines initial operational requirements for network state exchange in agent-assisted network operations. The list is intended as a starting point for discussion.</t>
      <section anchor="compact-state-representation-req-1">
        <name>Compact State Representation (REQ-1)</name>
        <t>Solutions <bcp14>SHOULD</bcp14> support network state representations that are substantially smaller than the raw telemetry, logs, flow records, or configuration data from which they are derived, when the operational query does not require full-fidelity raw data.</t>
        <t>The compact representation <bcp14>MUST</bcp14> preserve enough information to answer the intended operational query within the accuracy, freshness, and confidence requirements of the workflow.</t>
      </section>
      <section anchor="query-and-scope-metadata-req-2">
        <name>Query and Scope Metadata (REQ-2)</name>
        <t>An exchanged state artifact <bcp14>MUST</bcp14> identify the operational query or query class that it is intended to support.</t>
        <t>An exchanged state artifact <bcp14>MUST</bcp14> identify its scope, including the source device set or domain, observation time interval, collection method, sampling policy if any, and relevant aggregation parameters.</t>
        <t>An exchanged state artifact <bcp14>SHOULD</bcp14> include provenance metadata sufficient for an operator or an incident management system to trace the artifact back to the telemetry source, collector, or generation process. This is aligned with the provenance needs described by telemetry message work in NMOP <xref target="I-D.ietf-nmop-message-broker-telemetry-message"/>.</t>
      </section>
      <section anchor="bounded-and-reportable-error-req-3">
        <name>Bounded and Reportable Error (REQ-3)</name>
        <t>If a state artifact is approximate, the artifact <bcp14>MUST</bcp14> include the parameters needed to interpret its error behavior.</t>
        <t>For probabilistic summaries, the artifact <bcp14>MUST</bcp14> report the applicable error parameters, such as relative error, false-positive probability, confidence level, or other algorithm-specific bounds.</t>
        <t>Consumers of approximate state <bcp14>SHOULD</bcp14> treat the error metadata as part of the input to their reasoning and <bcp14>SHOULD</bcp14> expose uncertainty in any generated recommendation, incident report, or operator-facing explanation.</t>
      </section>
      <section anchor="mergeability-across-devices-and-domains-req-4">
        <name>Mergeability Across Devices and Domains (REQ-4)</name>
        <t>Solutions <bcp14>SHOULD</bcp14> support merging of state artifacts from multiple devices, collectors, or administrative domains when the operational query requires aggregate visibility.</t>
        <t>A merge operation <bcp14>MUST</bcp14> preserve or update the scope metadata of the resulting artifact so that the combined device set, domain set, and time interval are explicit.</t>
        <t>When merging approximate artifacts, the resulting artifact <bcp14>MUST</bcp14> include updated error metadata or indicate that the error behavior is unknown.</t>
      </section>
      <section anchor="freshness-and-time-alignment-req-5">
        <name>Freshness and Time Alignment (REQ-5)</name>
        <t>An exchanged state artifact <bcp14>MUST</bcp14> include timestamp information sufficient to determine its freshness.</t>
        <t>When a workflow combines artifacts from multiple sources, the system <bcp14>SHOULD</bcp14> make the observation windows visible to the consumer so that time skew and stale inputs can be detected.</t>
      </section>
      <section anchor="incremental-synchronization-req-6">
        <name>Incremental Synchronization (REQ-6)</name>
        <t>Solutions <bcp14>SHOULD</bcp14> support incremental updates when only a subset of the represented state changes between synchronization points.</t>
        <t>Solutions <bcp14>MUST</bcp14> provide a way to detect stale, missing, or inconsistent updates when incremental synchronization is used.</t>
        <t>Solutions <bcp14>MUST</bcp14> support full resynchronization when incremental updates are incomplete or when the receiver cannot reconstruct the current state.</t>
      </section>
      <section anchor="privacy-preserving-exchange-req-7">
        <name>Privacy-Preserving Exchange (REQ-7)</name>
        <t>Solutions <bcp14>SHOULD</bcp14> support cross-domain state exchange without requiring disclosure of raw flow records, customer identifiers, full topology details, or other sensitive operational data when aggregate state is sufficient.</t>
        <t>Solutions <bcp14>MUST</bcp14> make clear whether a state artifact may still leak sensitive information through keys, labels, repeated queries, low-cardinality sets, or correlations with external data.</t>
        <t>Operators <bcp14>SHOULD</bcp14> be able to apply policy controls to determine which state artifacts may be shared, with whom, and at what granularity.</t>
      </section>
      <section anchor="auditability-and-reproducibility-req-8">
        <name>Auditability and Reproducibility (REQ-8)</name>
        <t>State artifacts used by agent-assisted workflows <bcp14>SHOULD</bcp14> be logged or referenced in a way that allows later audit of the evidence used by the workflow.</t>
        <t>The audit record <bcp14>SHOULD</bcp14> include artifact identifiers, generation parameters, source scope, time interval, software or model version where applicable, and consumer identity.</t>
        <t>When an operator-facing recommendation is generated from approximate state, the recommendation <bcp14>SHOULD</bcp14> identify the input artifacts and their uncertainty metadata.</t>
      </section>
      <section anchor="interoperability-with-existing-management-systems-req-9">
        <name>Interoperability with Existing Management Systems (REQ-9)</name>
        <t>Solutions <bcp14>SHOULD</bcp14> integrate with existing network management and telemetry systems rather than requiring a parallel data collection infrastructure.</t>
        <t>Solutions <bcp14>SHOULD</bcp14> be able to consume state derived from existing mechanisms such as NETCONF <xref target="RFC6241"/>, RESTCONF <xref target="RFC8040"/>, YANG-modeled data <xref target="RFC7950"/>, IPFIX <xref target="RFC7011"/>, message brokers, time-series databases, and controller APIs.</t>
        <t>Compact state artifacts generated downstream of YANG Push/message broker pipelines <bcp14>SHOULD</bcp14> preserve useful source and schema metadata from those pipelines <xref target="I-D.ietf-nmop-yang-message-broker-integration"/>.</t>
      </section>
      <section anchor="separation-from-operational-action-req-10">
        <name>Separation from Operational Action (REQ-10)</name>
        <t>State exchange mechanisms <bcp14>MUST NOT</bcp14> by themselves imply authorization to perform operational actions.</t>
        <t>High-impact actions that are influenced by exchanged state, such as filtering, routing changes, configuration updates, or rollback operations, <bcp14>MUST</bcp14> remain subject to the authorization, validation, approval, and audit procedures of the deployment.</t>
        <t>Approximate state <bcp14>SHOULD NOT</bcp14> be the sole basis for unattended high-impact action unless the operator has explicitly defined the applicable policy, risk threshold, validation process, and rollback procedure.</t>
      </section>
    </section>
    <section anchor="relationship-to-nmop-work">
      <name>Relationship to NMOP Work</name>
      <t>This document is intended to complement existing NMOP work, rather than replace it.</t>
      <t>The network anomaly architecture <xref target="I-D.ietf-nmop-network-anomaly-architecture"/>, anomaly lifecycle <xref target="I-D.ietf-nmop-network-anomaly-lifecycle"/>, and anomaly semantics <xref target="I-D.ietf-nmop-network-anomaly-semantics"/> describe how operational evidence can be collected, annotated, validated, and used in anomaly detection workflows. The requirements in this document focus on the properties of state artifacts that may feed such workflows.</t>
      <t>The network incident YANG model <xref target="I-D.ietf-nmop-network-incident-yang"/> provides a structure for incident management. Compact state artifacts can be referenced as incident evidence or diagnostic inputs.</t>
      <t>The YANG Push/message broker integration work <xref target="I-D.ietf-nmop-yang-message-broker-integration"/> and telemetry message model <xref target="I-D.ietf-nmop-message-broker-telemetry-message"/> address telemetry transport, schema, and provenance. Compact state artifacts can be generated downstream of such pipelines and should preserve relevant provenance and scope metadata.</t>
    </section>
    <section anchor="example-candidate-sketch-based-state-summaries">
      <name>Example Candidate: Sketch-Based State Summaries</name>
      <t>Sketch structures are one candidate representation for compact state artifacts exchanged by agent-assisted workflows. Rather than transmitting raw flow records, routing tables, or interface statistics for every query, a deployment can exchange Sketch summaries that answer specific questions about network state with bounded or measurable error.</t>
      <t>A Sketch is not a detection tool or anomaly detector. It is a candidate summary artifact that may be consumed by operational systems. Its usefulness depends on the operational query, selected parameters, acceptable error bounds, and audit requirements.</t>
      <t>The appropriate Sketch type depends on the nature of the network state being represented and the queries agents need to answer:</t>
      <table>
        <thead>
          <tr>
            <th align="left">Operational Task</th>
            <th align="left">Query Type</th>
            <th align="left">Candidate Summary</th>
            <th align="left">Key Property Used</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">Flow rate analysis</td>
            <td align="left">"What is the traffic rate from prefix X?"</td>
            <td align="left">Count-Min Sketch (CMS)</td>
            <td align="left">Frequency estimation with epsilon-delta bounds</td>
          </tr>
          <tr>
            <td align="left">Source diversity analysis</td>
            <td align="left">"How many unique source IPs are there?"</td>
            <td align="left">HyperLogLog (HLL)</td>
            <td align="left">Cardinality estimation, cross-domain mergeable</td>
          </tr>
          <tr>
            <td align="left">Latency / jitter analysis</td>
            <td align="left">"What is the p99 latency on path P?"</td>
            <td align="left">DDSketch</td>
            <td align="left">Quantile estimation with relative error bounds</td>
          </tr>
          <tr>
            <td align="left">Configuration consistency</td>
            <td align="left">"Is device A's config consistent with peers?"</td>
            <td align="left">MinHash</td>
            <td align="left">Set similarity estimation (Jaccard index)</td>
          </tr>
          <tr>
            <td align="left">Affected flow marking</td>
            <td align="left">"Is flow F affected by fault X?"</td>
            <td align="left">Bloom Filter</td>
            <td align="left">Set membership with configurable false positive rate</td>
          </tr>
        </tbody>
      </table>
      <t>If Sketches are used, their artifacts need to carry scope, freshness, provenance, and error metadata as described in the requirements above.</t>
    </section>
    <section anchor="initial-use-cases">
      <name>Initial Use Cases</name>
      <t>This section lists initial use cases. More detailed operator use cases are expected in future revisions.</t>
      <dl>
        <dt>DDoS evidence exchange:</dt>
        <dd>
          <t>A domain can publish a compact heavy-hitter or cardinality summary as evidence for an incident workflow. A peer or coordinating system can use the artifact to assess whether an attack appears distributed without requiring raw flow records. Mitigation, if any, is performed through existing mechanisms such as FlowSpec <xref target="RFC8955"/> or local filtering procedures.</t>
        </dd>
        <dt>Multi-domain fault localization:</dt>
        <dd>
          <t>Domains can exchange latency or loss distribution summaries for aligned time windows. A coordinating workflow can identify where behavior deviates from baseline and request additional evidence from the relevant domain.</t>
        </dd>
        <dt>Configuration consistency verification:</dt>
        <dd>
          <t>A collector can publish compact configuration-set similarity artifacts. An audit workflow can identify devices that appear inconsistent and hand them to existing configuration management systems for operator review.</t>
        </dd>
        <dt>Traffic engineering analysis:</dt>
        <dd>
          <t>A traffic engineering workflow can consume summarized traffic matrix and latency artifacts to prepare recommendations. Any approved routing or policy change is applied through existing operational procedures.</t>
        </dd>
      </dl>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <t>State artifacts exchanged over untrusted networks need authentication, integrity protection, and confidentiality appropriate to the sensitivity of the represented state.</t>
      <t>Credential management should bind a consuming component to an operational role, administrative domain, and permitted state scope.</t>
      <t>Sketch structures or other compact state artifacts could be tampered with to influence agent-assisted analysis. Transport security can prevent eavesdropping and impersonation, but deployments should also consider artifact-level integrity protection where artifacts are stored, forwarded, or consumed asynchronously.</t>
      <t>An adversary with write access to a summary generation function could manipulate summaries to cause incorrect analysis or recommendations. Defenses include using keyed hash functions such as SipHash <xref target="SIPHASH"/> for Sketch index computation, cross-validating estimates from multiple independent sources, and monitoring for statistically anomalous summary patterns.</t>
      <t>State generation and exchange functions can be targets for denial-of-service attacks. Implementations should enforce rate limits, quotas, back pressure, and admission control for artifact generation and retrieval.</t>
      <t>Approximate state summaries can also leak information through repeated queries, low-cardinality sets, or correlation with external data. Sharing policies need to account for such leakage risks.</t>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <t>This document has no IANA actions.</t>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <reference anchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="RFC6241">
          <front>
            <title>Network Configuration Protocol (NETCONF)</title>
            <author initials="R." surname="Enns" fullname="R. Enns">
              <organization/>
            </author>
            <author initials="M." surname="Bjorklund" fullname="M. Bjorklund">
              <organization/>
            </author>
            <author initials="J." surname="Schoenwaelder" fullname="J. Schoenwaelder">
              <organization/>
            </author>
            <author initials="A." surname="Bierman" fullname="A. Bierman">
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
        <reference anchor="RFC7011">
          <front>
            <title>Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information</title>
            <author initials="B." surname="Claise" fullname="B. Claise">
              <organization/>
            </author>
            <author initials="B." surname="Trammell" fullname="B. Trammell">
              <organization/>
            </author>
            <author initials="P." surname="Aitken" fullname="P. Aitken">
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
        <reference anchor="RFC7950">
          <front>
            <title>The YANG 1.1 Data Modeling Language</title>
            <author fullname="M. Bjorklund" initials="M." role="editor" surname="Bjorklund"/>
            <date month="August" year="2016"/>
            <abstract>
              <t>YANG is a data modeling language used to model configuration data, state data, Remote Procedure Calls, and notifications for network management protocols. This document describes the syntax and semantics of version 1.1 of the YANG language. YANG version 1.1 is a maintenance release of the YANG language, addressing ambiguities and defects in the original specification. There are a small number of backward incompatibilities from YANG version 1. This document also specifies the YANG mappings to the Network Configuration Protocol (NETCONF).</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7950"/>
          <seriesInfo name="DOI" value="10.17487/RFC7950"/>
        </reference>
        <reference anchor="RFC8040">
          <front>
            <title>RESTCONF Protocol</title>
            <author initials="A." surname="Bierman" fullname="A. Bierman">
              <organization/>
            </author>
            <author initials="M." surname="Bjorklund" fullname="M. Bjorklund">
              <organization/>
            </author>
            <author initials="K." surname="Watsen" fullname="K. Watsen">
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
        <reference anchor="RFC8955">
          <front>
            <title>Dissemination of Flow Specification Rules</title>
            <author initials="C." surname="Loibl" fullname="C. Loibl">
              <organization/>
            </author>
            <author initials="S." surname="Hares" fullname="S. Hares">
              <organization/>
            </author>
            <author initials="R." surname="Raszuk" fullname="R. Raszuk">
              <organization/>
            </author>
            <author initials="D." surname="McPherson" fullname="D. McPherson">
              <organization/>
            </author>
            <author initials="M." surname="Bacher" fullname="M. Bacher">
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
        <reference anchor="GNMI" target="https://datatracker.ietf.org/doc/html/draft-openconfig-rtgwg-gnmi-spec">
          <front>
            <title>gRPC Network Management Interface (gNMI)</title>
            <author>
              <organization/>
            </author>
            <date year="2018"/>
          </front>
        </reference>
        <reference anchor="I-D.ietf-nmop-network-anomaly-architecture">
          <front>
            <title>A Framework for a Network Anomaly Detection Architecture</title>
            <author fullname="Thomas Graf" initials="T." surname="Graf">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Wanting Du" initials="W." surname="Du">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Pierre Francois" initials="P." surname="Francois">
              <organization>INSA-Lyon</organization>
            </author>
            <author fullname="Alex Huang Feng" initials="A. H." surname="Feng">
              <organization>INSA-Lyon</organization>
            </author>
            <date day="18" month="January" year="2026"/>
            <abstract>
              <t>   This document describes the motivation and architecture of a Network
   Anomaly Detection Framework and the relationship to other documents
   describing network Symptom semantics and network incident lifecycle.

   The described architecture for detecting IP network service
   interruption is designed to be generic applicable and extensible.
   Different applications are described and examples are referenced with
   open-source running code.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-network-anomaly-architecture-07"/>
        </reference>
        <reference anchor="I-D.ietf-nmop-network-anomaly-lifecycle">
          <front>
            <title>An Experiment: Network Anomaly Detection Lifecycle</title>
            <author fullname="Vincenzo Riccobene" initials="V." surname="Riccobene">
              <organization>Huawei</organization>
            </author>
            <author fullname="Thomas Graf" initials="T." surname="Graf">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Wanting Du" initials="W." surname="Du">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Alex Huang Feng" initials="A. H." surname="Feng">
              <organization>INSA-Lyon</organization>
            </author>
            <date day="12" month="February" year="2026"/>
            <abstract>
              <t>   Network Anomaly Detection is the act of detecting problems in the
   network.  Accurately detecting problems is very challenging for
   network operators in production networks.  Good results require a lot
   of expertise and knowledge around both the implied network
   technologies and the connectivity services provided to customers,
   apart from a proper monitoring infrastructure.  In order to
   facilitate network anomaly detection, novel techniques are being
   introduced, including programmatical, rule-based and AI-based, with
   the promise of improving scalability and the hope to keep a high
   detection accuracy.  To guarantee acceptable results, the process
   needs to be properly designed, adopting well-defined stages to
   accurately collect evidence of anomalies, validate their relevancy
   and improve the detection systems over time, iteratively.

   This document describes a well-defined approach on managing the
   lifecycle process of a network anomaly detection system, spanning
   across the recording of its output and its iterative refinement, in
   order to facilitate network engineers to interact with the network
   anomaly detection system, enable the "human-in-the-loop" paradigm and
   refine the detection abilities over time.  The major contributions of
   this document are: the definition of three key stages of the
   lifecycle process, the definition of a state machine for each anomaly
   annotation on the system and the definition of YANG data models
   describing a comprehensive format for the anomaly labels, allowing a
   well-structured exchange of those between all the interested actors.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-network-anomaly-lifecycle-05"/>
        </reference>
        <reference anchor="I-D.ietf-nmop-network-anomaly-semantics">
          <front>
            <title>Semantic Metadata Annotation for Network Anomaly Detection</title>
            <author fullname="Thomas Graf" initials="T." surname="Graf">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Wanting Du" initials="W." surname="Du">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Alex Huang Feng" initials="A. H." surname="Feng">
              <organization>INSA-Lyon</organization>
            </author>
            <author fullname="Vincenzo Riccobene" initials="V." surname="Riccobene">
              <organization>Huawei</organization>
            </author>
            <date day="19" month="January" year="2026"/>
            <abstract>
              <t>   This document explains the motivation for defining semantic metadata
   annotations to help testing, validating and comparing Outlier and
   Symptom detection systems.  These semantic annotations can be
   supported by supervised and semi-supervised machine learning
   algorithms and enable data exchange among network operators, vendors
   and academia, making anomalies apprehensible for humans.  The
   proposed semantics uniforms the network anomaly data exchange between
   operators and vendors to improve their Service Disruption Detection
   Systems.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-network-anomaly-semantics-05"/>
        </reference>
        <reference anchor="I-D.ietf-nmop-network-incident-yang">
          <front>
            <title>A YANG Data Model for Network Incident Management</title>
            <author fullname="Tong Hu" initials="T." surname="Hu">
              <organization>CMCC</organization>
            </author>
            <author fullname="Luis M. Contreras" initials="L. M." surname="Contreras">
              <organization>Telefonica</organization>
            </author>
            <author fullname="Qin Wu" initials="Q." surname="Wu">
              <organization>Huawei</organization>
            </author>
            <author fullname="Nigel Davis" initials="N." surname="Davis">
              <organization>Ciena</organization>
            </author>
            <author fullname="Chong Feng" initials="C." surname="Feng">
         </author>
            <date day="28" month="June" year="2026"/>
            <abstract>
              <t>   This document defines a YANG Module for the network incident
   lifecycle management.  This YANG module is meant to provide a
   standard way to report, diagnose, and help reduce troubleshooting
   tickets and resolve network incidents for the sake of network service
   health and probable cause analysis.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-network-incident-yang-09"/>
        </reference>
        <reference anchor="I-D.ietf-nmop-yang-message-broker-integration">
          <front>
            <title>An Architecture for YANG-Push to Message Broker Integration</title>
            <author fullname="Thomas Graf" initials="T." surname="Graf">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Ahmed Elhassany" initials="A." surname="Elhassany">
              <organization>Swisscom</organization>
            </author>
            <date day="2" month="July" year="2026"/>
            <abstract>
              <t>   This document describes the motivation and architecture of a native
   YANG-Push notifications and YANG Schema integration into a Message
   Broker and YANG Schema Registry.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-yang-message-broker-integration-13"/>
        </reference>
        <reference anchor="I-D.ietf-nmop-message-broker-telemetry-message">
          <front>
            <title>Extensible YANG Model for Network Telemetry Messages</title>
            <author fullname="Ahmed Elhassany" initials="A." surname="Elhassany">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Thomas Graf" initials="T." surname="Graf">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Paolo Lucente" initials="P." surname="Lucente">
              <organization>NTT</organization>
            </author>
            <date day="18" month="January" year="2026"/>
            <abstract>
              <t>   This document defines an extensible message schema in YANG to be used
   at data collection to transform Network Telemetry messages into
   external systems such as Message Brokers.  The extensible message
   schema enables data collectors to add metadata for the provenance of
   the operational network data.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-message-broker-telemetry-message-04"/>
        </reference>
        <reference anchor="CORMODE">
          <front>
            <title>An Improved Data Stream Summary The Count-Min Sketch and its Applications</title>
            <author initials="G." surname="Cormode" fullname="G. Cormode">
              <organization/>
            </author>
            <author initials="S." surname="Muthukrishnan" fullname="S. Muthukrishnan">
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
        <reference anchor="SIPHASH">
          <front>
            <title>SipHash A Fast Short-Input PRF</title>
            <author initials="J.-P." surname="Aumasson" fullname="J.-P. Aumasson">
              <organization/>
            </author>
            <author initials="D. J." surname="Bernstein" fullname="D. J. Bernstein">
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
      </references>
    </references>
    <?line 429?>

<section numbered="false" anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>TODO acknowledge.</t>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA9U963bbxpn/+RSzyo+1NyRtp04b67RNaUmOlUq2Ijknye7Z
HyA4JCcCAQYDSKYj91n2WfbJ9rvNDQBlO93uRSenJkHMzDff/TbTyWQyakxT
6EN18Hqr66wxVZkV6lL/0ppab3TZWLWsavVKN7dVfa2umqzR6uRtvs7KlVam
VLMVvDSZWWtsoxf+RT+bPRhl83mtb2CJjN61OMek1r8cjHL4tKrq3SHMtKxG
o0WVl9kGoFnU2bKZ5K2ZlJtqO5GB17rJ15O82kwePx7Zdr4xsGxVNrstDDk9
efNiVLabua4PRwuY+HCUw/K6tK09VE3d6hHA8LtRVuss3q5VWblQ51kJi+CG
D0a4gVVdtVt4ze0n/J5s7Vrv4OfF4UhNGBP4YRhZ+MsV7SB+J8w7utFlC0Ar
9ZFrK8UbP/gBXjLlSn2D4/D5JjMFPEfU/cXoZjmt6hU+z+p8Dc/XTbO1h48e
4Wv4yNzoqXvtET54NK+rW6sf4QSPcODKNOt2DkPfbt6921WPBomCLxawY9tE
a/CAKU8wNXuGPvoAvafrZlMcjEZZ26wrIO9E1VVBuDIlEPenqTpqDXxj5vmp
AmTwA9jRoXpjATvrNlPfl7DV2ppmBz/Zpta6wTlyeID/1noFmD1Uz7X5GUbg
L9UC5nvy+PHjr57S17ZskFuP1qbM4MF2XZUEhmaUwwZ2sPhfGllxqhftNC/h
hbY2hwqRAji5vb2dypvTUjePuts5n6ofeX3ezzl8ebfW7iHt6V9h5dWqzcq8
LdVZNq+ALUCQPnlfzz5qX29h2ObdX96t8iKbu011oD6bAlBZBPaZNv7J/wLM
73DpQpsO1KOyqjcgQjf07uWLoy+ePHkmH7968oenh6MR6qL0nd9/8fQJfgSR
Y23pRPOoKpdm1bJMqou6aqq8KtSDVydvjl6/evGQxjiuxc8TQc7lVJ2UpU2e
Ad2f/wyzFm25SH74dqqu8nWly9tMFwtdJz/OYJTRAG/JsP7h8ZMU1qutzs3S
5AxjtVQN8NLphXpRVLfq1O0Vfjp5u63qRj04vXhx+uPDsBs0ADjGq32Yozt4
70afg2wWmbG6+/RNnW02uiiS5xdTNTPNtXZ7efblY0ebx08fJ9u6PLkiHHs4
94KQYOgj0P3Xqfoha6wD4qtnX36ZrHwMZkdvgOscQgkZKZov20LbvRAdTdVZ
Zebp3q+m6iUYJ9vlk8vMvmuvk6fHU3WeX6xBl1X9PWX5mljkm1fnpwncq8uL
owHDA2RsdL3Mcq0erGAMM22T1SsQSeUUOVjUrKmz/FrXwViAvX6Eqln0d7XV
ZU4SMamb1e1qsio3ZmIBMTQlGWX1xeMnX8HX08kxzcMKv2SoJllZbbJiNyGz
1Oi8aWuSwfvfLsxS57u8+IhXgXBZ2Zjc7n/VlLlZoP3ZAbP3X8Onk422FtA3
AUMJCIEh4MewEugP6Lzb6ALQDqrL/YAjjl5fnr8+PknINSvV6WZbVzfgVh0D
9sGfANdlo67azSard+oNiOQRasEJGAhxLciXMeC0zbbbQnhxPxt+A7IJAgyK
tcuI5/B2e10buy5Jaq5OL17Orl6mesVsX2Z2rWbqRWYbdQXTN5PTcts26uLy
xd5Fv51OUMrbTWa73AtsDaruua5L8CUN6OrJZKKyuUW+a0ajN2tjFbBcS1y7
0DavzVxbVUWea931XDUrLfSPhMCKHFD0XdnNyJzv6n7389kpyAaovmjZMWC4
O87u4J+NMuhJ7nDPlShUWH4BSgF91Iltt6Rd5eVmnTUK/VOYNd0BQ9dUyo1o
Mntt4RtSF5cgRgaH1gAYY+W4FSara13QLGOVJ3YJnB6vmcYwMlvCN6URKxp+
AtSAMih2sJ0xwpw1Dci52pjGrHgCAQXMEEHhNrHJdqq1Gh4UqC3gf0sw7/AB
WQqs4NnZ+UNAmKpBGcpy+BV3CJgDgAp+k1YFkMEDdkiols0tKMMpUl0Hoi/h
g0WElQnOQErmIFVW5SAhSJL5Tq3Naj25qQoYqLzMAWbqytrJApAIDMC4tusM
kTCGacxNlu+ILoAlkGpASLaF2d+aDb3J75MAGo0/grhl7cI02dwU4LqgNeCX
AEwCQ9gBviBvLcFSIFc1iogGVIHN9HgWPN4tcPxY2Rx2uRirjQb0ZrDFsZqD
xC/0YqLruqqJ/DwyK4Ap7K7M13VVmnc4KgIO8J9yf1bD4rAGAJMgGJcuBBT9
FqkE3PHq/PWFYtEoPQMuNOpn4ijPgxtvVHj1n2avvlEXrV0/El2nWAmqSGES
NhYV4KGsUKqXwCXAJKW+9SCHaZHSZOzH8gqJIkK9aUtne8M7yMzqFnCr2FGZ
skrZmMWi0KPRZ2j66mrR0j6Y1WK2YmS8Fboiq9alA8qqNUgjhGq3KB6go9Cs
IBGmzsTihm6V3YLC2LRFY2Aq4gbAX9VakSGrHsyutEUxWYBLYZDv0PFUzKHC
YoDpdVkV1WoHMrYDs+8XiXHzWxTFMgPQVFGBLJp3g8oDhQH1XImCsdb5NYkK
QXWPInFMDcYCnDwUqaJw7AJcCu4kaRsyV+h+bGvdeH+KtUm2QeNm8UHCu0BE
DoOr2jL/ZxhuFaKLgvrFyffoX4sKtoaQAJwedG0RSgfyAn9bANLKCueDScAp
21YlPY/ZQ6O+AlJcVTB4obdFtWPBQb0IgBXtQndtBbIUxCmkWfgVxBooysk8
Q41Br8NvsNRaF1tPLJio0DX+ItrnHWjUGyRoDrSFQQiWVuvdtkLcatbkgNUt
aFHYAEqILheS8UAlswYLXMIvN0bfkhKAzQbogP9IHkG5gANCOAISL8Skil6I
eE/QOg6qVm3NVhfAGAiK0EttK/BKdgQbr5/lFMiJ+gTSzlJ8BVuMfEKyitph
ix4BGRBWZ9qFJmIJpug9eV702yLK0D4Av6RlUTWg9z7X6+zGoL4gA4Fb20F8
2wJrAvwa9ksGgPBAOSZkS2B/4Gn0AKq2znGjotV3HRlagP1txMo5etrdZgus
at2KIvBoY8F32yF+6+w2wieArMG3j3ZjUDhAMpXZBITMdZ6hIAB86LMrNoF7
jFug4GQL1htMuAGz77TOWlNCByUfZwNVZ9kFdZiddp0yGFJr4BEdW+qefdtj
ipw/xHazwwf1sCVlvo2mAJ6aay8Qixhq2INn3YDWjUbWMXaTSKQE8OrXXyX8
f/9+HEJOeooRKT4lI0eoJmfG8q8YuuKvFEzLI4jM8REGWfAE4zM/fshIegGC
lz8pBsFZ2WyETfLMFjQ4ON69CT8Uo7x/D6T+7DN1hQ5Jl+jwmR0VZFFkGh0l
ClJa30fhSLPGrlLPAT9IpjxwmtaG7U7AUBsMmzZgGlrhvOD4Rv5bU23JrE5Y
KAGKudX1DWucjiX0s0bjvVENuhgRjzq4TnbE3ElOYeTaew0F7N3R0eL5JrKT
oWKg8WLEwIW9XRvQCYxd1G7zgH7AMmBKg35YAHikn8QMVzVvDhQqfMcvrH0m
Bdi0IrahHXvVdfOC3idnM6VoX/+Kt5luqsZYDMwnbB1nBJ65XWtCIPIScwyK
ZKL3jHNTYZ3WsueBZvSjw40sDTiyEC8zp78Cgn9TZYXtxZ2f6qr2lKSfod1i
SsTpmqBfRGuMITqfXUQKglUHgc8cNmSJU8F3QPRVtYcCXddFVi/QpZgDJWA+
VtMUzd7jX0s46Jdw/OdCny2q5bwFb244YgaumbdkM1KOMB2Rd74I8whaFBiy
uWdDlInbxc52FMs6Sz9VLzFCNBRqJbKa5SL+zpXuOMQkXPDz0hQNe73IcfCA
/AXxccJrKNsgZnOMqYM7M0bXimLQdv4ziKTTnZwy8b74DfjlC/lMkSg8iCI7
RH4ObmytrcvssiMapTMi3tDljYHwED/30WcsWGw02VJ3YYfUKzuKKdC+Lgxx
LcUk5pdWpwGc9/vXxAgUENN8mggLEVLiKpOP3pOoKGQjTuQZvGJDCcXUu4gv
z/JG16AmSJuz6rzWOzQkC6sOzr+/enMw5n/Vq9f0+fLku+9PL0+O8fPVy9nZ
mf8wkjeuXr7+/uw4fAojj16fn5+8OubB8FQlj0YH57OfDphKB68v3py+fjU7
O+izNWo+oPpchxAItaYdudQWxkbq+dHFf/7Hk6dgsv9JqhXv38sXrFfAF1CX
pdidEuwDfwX870bAMTqrHd7zbGsa0GhjJKVdY+SK7hpg81/+DTHz74fqj/N8
++Tpn+UBbjh56HCWPCSc9Z/0BjMSBx4NLOOxmTzvYDqFd/ZT8t3hPXr4x6/R
m1KTJ199/ecR88gSBLO6ZYew3rAxYiO9BmFerSvSTxHRDiVCORwdqplPUylk
xGbHWT3WcpYMQ08CnWeD+tHFxGTbgAPeNuMQnMPDXnxHqiZ1EySoADanegS8
cGuatZiH2O7OJG3plPQCfZmS/LBPN5ybeVT9AEOzrhZoYLjgPRNnXFDU1C2l
8TGMBha3mKtyQ1PnsO+3iJ2Y0jxxrEB+PiINNSiGSfQzuDHOReOvDlxS8azJ
duj0rdi/IFQB+Bl57yJ1iEPMoJNLS1JFOfgyA0rgHkkV8d4w2KTIFZHEIYDf
LvMCDjXom3owOhk8BxWFk5wnsrpBwOmfgKLYMZ2qk7cZOkDWpxm6hYCxerkD
W3NWreC/sTo+do/hFczas754XlTVRr0gO+b3ps4x24g7TPJhCAxTnsTltnIl
B79lb4JshjlXWB8VW4WchPkZHSHndo25FRdWY7ZoWZARRKtRRnVKRFXN0XCE
AUSOdVYg19umBRY9p6QzbusHEbKujJMR16T6mCJ+LCes+7GpY8kRqtBe4n8o
ZJkqIM6gVzYKXpnz38UFIJxxCgH3HU+LTAVTzrwKqMrRsi1z54hhPsSKrEbi
4coLKB8WHLFdUWULySePR7/AlkFdjSPOZn5g1+URuxYmVHcBAsRkLH0jAJpC
bR/SURKxgFmDHJOAZSVrIw4xJJnNv434Fx++s7Okl2CVACa0hV4JiqbyuPf4
Ho3+9re/URkJ/zzuz1OP+I3H/RXjHkd8PvnEv89x1J1PDtyFjMBd8NLhMwf9
dxzp39271L4fPvdbGvq7u/fXm4Ffh9YZWuNOpVp832p36hvPkfdBFdb9/L9v
b7+VcP2t3ft3x6M+8U9GJTB+rj70XUbdqQsWVsVL33HKRWbG/75j4eXvfhTY
wLGK3gK/HE2d/y7los4oMZdj9xYrobEftQSlvi61BcGMRjmD6t5ygu2+U7jE
QhuNYg0VIKKUe/Q9xuDfh8N/DL2GR91h+4noUN7HBYd/qHT6oARsdDA9I5Xr
sLFvFLtaAWeSwrH3jfot++rI14C4dd8Y1BDDk3f+bgYehdd6S3d30Fn9Tp2h
GUK/AK1SLTTRmI6r1TGXfe/i98mmj9Wr86uIGqmGSN73WbCmqgp533dG9d73
sH4+AP/nffjvw97/nH7du8aHKE6uIxtcEe9h2zErzIrSEP+P9uZ7nJ17uWdv
ruB6P1R3aR32nvfSiG/fe/+3cOUKtOqS6ot794ac4l22vVAB7tnhvcjAn9z/
3jB86B7+eqg+w7Y07j13/ubER+PU0vSngyia6DjUGx9cuDEH7wcy9P3UpaRy
pC6y5Xoh+N2AoMaQvz8i9z9djpI5HAF5GIH3tpY9e1feCr72eERuNbvx4pJD
GCuOuwQ+mDcvitb3GAwm30Yun6viJjwOpX2FPKTwfAmFwrELLr+yo0Vd7XsL
unGZh5ISLnM4r9H9cXGYZEaSuqyUMzjVjXoGorsFVYteUHmaYuOoXsESGYq/
IFFURvB9j1SDpjoIYRolrl5IQpfSMy6X6zYbB0djgUetdVYAf2IKPc+4xiLU
iEvBZinhDZZ6NaXb9xR6B+rXlPagHiekPDhmSEYLa5HGAbqWFgtLY5e3oFcw
dr7RNYC38L0TXQJwHZmwA3PcAi6oziQ9rehOWk61wlguzQAky7YoCHZBWD8v
cTgaTdQPXKIijwdbEpbmreZUW2GuNVe05oS+G2zbapASatFKP4m0o30NE70E
2jADkMbAnI5EzTgZ5wdwA8wqmTimX3sQClNec+bT17VxJpDPljdHwsUUAt+3
2sAcmAXHtGGYxXHfOrvRHeJiWkKSgFTV8r0zDYfCgDpTqy14IzbMxwSI0OHb
CjDkxawZUJRywczOX49Glwm/IFMw0RT1fgRqcYHF+KRfW5YaWSKrDayD6qgk
DkKOc7l1TqzXsOsdJQElP0W7MsgVFUT61sKPBZDFcmThs2icj8xK1ChzzUUK
bHvBJihjC2BBImmvlM+FQQChKDSdLJIOHckYOv0o1SKzWoMSBG7H4hIGQ65F
PdYuDguY2MIOHYc/q4Q/0oYrSstRpWMgvebZhHRfabJiUi0nyG8o+MyhVCEF
3nXNhTUKsesLXGamwBQZSybl+SaSHMRUH8/jIaSyN1Wf8szGDTQ26WDBxkUQ
f11IFwrhiBiNWAxJwRmYNEPM2acpipMGSo9JhFPFl4ORqNB99m2Kdaz9FkBt
UwzqtyWootAFNUfwgMcIw5Tt9MUuKZMBTgCzuat5H0lsieZmf+Ml8ZO0b0nn
xY20HUpFcRe1C7WgbGvMhDU7QOxyIJHnbazvyO0vjpjEcgBlJKlmSjl64n7i
HUQQGqMclS3pY1F5nHXDLUXxtAil79xCZQH+YE5pO2A6SwoJK70wm4uom4Eu
gZN+SwuxWMh/hQ4Xl4/G8jkolYwsypZ51PUzSAMMd4pMpEyQ0hjnF4HMc9oN
d9gkUIgt1W+DQUq7TNImUM+McXWQlU7o+9rTXwD7B0NEUrFqzYJi8QpbIzgD
71ytkJfsNh6BSWiLBWt0W/GyxEQoXz5x3+/CRX9PMivSXjXJsB7U6b0l1yg+
Uym1V8sdkeJ6obYx2EN6f0P7cIL6I9vZUcliuYJcQUA/bSKTBHJNbLStTMlV
V6kI+5YIJ5ucRbtMqzkPLk++mzx5iLq2EGsq1T3X7JICnhaDIquZNNMqu0GL
IP4G6f7Y9IENqlY9r42byWOfC1UE2XPulvGk9fkvrJkOGRAQpl5lG72eCYoj
KXaEh5L0HA243Fin1kXVVHoCHorSJdYWYx8SFWIw4YE0fXBQDUnJAIQPdojt
lJFe8RqZE3AJ+3QiCqbqdzQtDuNM47mrhxFFvwCKzsq9osMb812PwxgEevCH
vADmFKFOWTD0RE0/ZT1fp4s1V6imOMdcKmouTxkXkkhjk9mmxorQpiy5tjEW
s7YFCwYZLIMGZDeWxuBC36AWzVarWkuDyTarMxiMXdr370Xkw/kYoRgTapK2
xY41o0UiszK00vLX/T1Z1FBSZ9Lg7BelNhTpNYkKUpKO9P1hJEWh5uRiCdQg
SDfQGJjBcSUenCwCHzWxVaGLAfzYfisi6QLgZDpc8Fv7EZ+LHkZiXJKjTGcd
TsgqEwP/DhgYbX4X+Sax8eMUScxlQhfanKcpbY451ndtEB+KJ+C6i0ajF9SA
HVeI48bD3nLs5/MP3IyGO+FZw/KhKYlzRzfaGaBlVlg92VbibPmVsc4XKQTq
8ItayLJiVYELvd5MfLDH3gw5Y5xEJc3R94iEf9H0M9xpKIBAYguYUzuGjoYx
6xks82W2KjnGW7i50FuwicdGhq3cRR29qQsUhfmMQd6bSMkE8Etu2ltsb47a
+87ZlrNzPuOA4DhKK3Cm2DIPPb3PrKFXQCH2sudWkMnxZz8GmzBRigcPftxn
kkSpW692tLox1oQeenZVotp9an9gUWk9JF1Jat9TTagF7yLgSB7HppFnJJ0A
FA05FeuaSPmzz8045UoGF+kA+gy1/A+4P4e8mLmiavAeQBLx5J0susxX1S4R
owPUqYyiDmjL67K6FaZ44cxoyGCHRDVxwpcfZQ6d4oAJ4PfNNrH0kUrHcyYo
1RtMvBliGAHA4SeLQxPCuN3LX/4QAhGVbYDw6ia7ZlrHpk+SZsw6hXZGIXeV
E09uxIO9xsNW7PcXIsu+256PgukFY/E0HElTV/5AWuQl/v4+cYoOtAlpRRSo
ty0j91A3gUvFzfKkkFRd1EKUQkDuLTUreQhEODgyAoxnO0eZvOH9jhVdNYIH
n4ivorxOAmMMfHdhw+3f/ZXdzjmbprvjehO7FV2KCTMVDQm1VxmY4MSrLlwm
BlVmyd03TOMWQk2XVWGqXUj8csFKAuXNV7WIan+4j2oDpyp9ZOICZ9ZaODEG
FkVlKa28/OjsA+Gnn4LwlixKNHQaaBgxQVnKAWAbyWKfLCQzeYH9k64fvedE
YATPwSe8dx1BkLj23EqI/agWk2ZzXVD375aPqqJKJ5cAUDDJM0rTkFXCZGJy
ZohgI39LvwWt4duD4vNwQhdMvYlM86EB15TsCsaJ6onPEATt4vI3mGTCEAkX
vl1XGwluG46voywcM9IsPg4rfhnF72KfmJu+eujaBcOC/sjscHIm3hywwIpP
BUXdQqZ00kuxZEFjMNFbS7O0KA3fUuQW7ARF1OpEA5gju4568CFj9oyd5dhd
S3JAnXDD94+i5aIKE91Pw1Jfx45gUthxgkEoZztR9lyeTtkQuD24UJzb7jp0
zt4m49ze4xCPPblAODksBk5d7Lg5U+ysAmyaYBQ2IH4aate6cgdjkU+eDWkd
lzjSThpkkoF+2/Q0hO+7i4oYQS1lRDjwzURrRMEgyHOd+fbF6QBMkcS58hsL
lGtJJZyHAxshJ+cc+k88cjYhhkEPDGH90Jmz9GiZpCoxgY2JMZxhzolm4TI5
GKRmF6dxVrarIvYds/uII22CNu+TgiyCgnfiQp4GZSCDR0cIbKhx9O84GSfn
2PBcrEtYw7RxUUxqzZzQeuz1lLdnEelck7wokY3VxY3mw0m79CQHZbx1jVZh
6KwJQBWfRpGncSlpWbSs5ea7rvsZYkJ/ImWgdJmmxMSJ2H86RWLSf+ARFTmF
MtsXVxJeJUSpQLKAQw2nQFuI5CRxtO5hDX4tNKWZdEiW4Fl9F3vQ3QVLCl46
wbY7nVwbe41mG5zxqljEO3R5EEn/OMT5LUqmV4z12mwRZ5ThwKaRgYOTcQYs
3L0wcPXCuKO0IJ7NqcLP9sqpPnfqP6ndd4Xkvtt2+OwoT+Lv1fngDP5Nd/TU
TeHv2/ngFP7N9+9D1wSWatMj92K6JfIQFc23XYCnm9FHoZe7A4PMvBm4uaJz
kPgDrRx0ollOn6UdHD29SHKL/tNS0xEqkM6wVEown70gnclOwD5UJTcTAZqi
0wWhtX7JEUo3KzhV+5S4oDJtu+4dbKUEKl+KgKksDgBlLx9zzQfn+z5ZXe85
xzyMpw9nDVW2WNSkHUK3RWiaYIvjmyfcoY8PYW6fFSS6B1NFNo0LTd7q+QRy
lD1l2xfnZEirSE1aHbkTeIdyAGPynA7qsZW6cilGf5ojOp5Bnmapo0N8nTJF
dPlMb7PR6Zz9LjreVha0FKF2Y5rG9bgMd9dQztZKaO1acvzhI7nG6QYTX9LV
nMX9R0gEb5vdnn2hmC0oV1YGulmyOUamaWWKfEpX4KOUEh4iD9lYSrDJQoZL
Q1mkU6gtlJLzsbbB86annHWO0O+aK9JzGxJ4xWflkwui3KGoU46ZwG2inBUf
j/Uaqpc2HIdOgThAwRLutomSza6YHSx4rBddfIRWe1sb4jnGBR346QABhlqi
/GbdvYJorjlMCRkcd+mEhMRyGYpvd2AyHo5Gd4m/9iYDax31CnJB683Odc3f
/3cXBMrfrCY//FXvsKEN9fxOfY8y9jHzAXQDbYj8p+757ZPe/9SJ/DCAjm4r
pOjJF9A9Lg5+cG0+WB6S+xLoXXKTuXlL/fj1gcNd9/65B0fnVw/hhxfIM9Rh
JYe8OOOI0drWmoJuUyjAqWdmi3B3JZU7d1NrABKg8w1gLZ08dtHC6QXrNrp9
RGBD6KIjcOrBy7Ozh4HkIc0S4OtcDubL/RF0Z9I29kj9TH1qCXQx7rbPnoW7
UzAjADu/8KAREO5MXo8hv2vRESp0D3VpyaePu6O9FzcBdKfW5epn/+yOtKtu
gxq3ph1gJzefE+yLy5UG22A2RjqvIhgffAu6BDBL1zm8fdiViplrayMrAIJ2
7Zp+GTp6/CLpfuPbqX6M8cbvxwcXe9BtNF7QQ943bcpHPkhLKpMpXyYj3r6j
EuGVO6buDgGPJakRbKC/OiirMZvAOZ2o+N49T9cviCVHu3s3H4A5uuEY4lRa
QUDtALda3W0ZKeiIsWsYwYP21Ck2VecV9TVgctT3D2DI5N5wZRjGscEmTlLR
eBGUlVD0+Li6Co6fM6585lWEA63utp0DGOvoiC21cE64hZMbAaN0prN10Zm+
ZaeIHboBZ8SKvcPNUtbA1XFHSRUVLQTeX2BDvtY1jyo+CG+TPr5+XrrrogA2
/b0RY1/4BypIJB/Oid+b2EGFi7fDSg7n2ZdfgiMKO6MDk9EtEiFQBhqcU4ug
YLt/SxsSw9UoEw/IK52a2jSTBtfILyLMSwk/baGedY6T+/oTEsplATk96Qtp
qFioJkFWwrXMSosEeVvoeJtuECcZncgN5v1y6XmPKosvs2SW9PXUhCsdT6Z3
+NhUe0XXIOIBefJ2hnfsun7ZoXT3KkT6Eze7Fg9mwx21whJp5qV/eQ4Rw0uq
3MgG8n7P9Xq88aEL+BLofSbS3RkXLu0DnV2DKUeAHctE8Wu17+o4xNNO0jxY
ixcX3l/tplw7Gt9WZIZEpHNzZ+B5zMvlLREGWw+wN5ZX7dcKQjSC/ZEK7wJv
46430dWYqkICurtPObbEBfCUg7uQMO6ZQn1KnBE5uJL3cuUduQ9ysP6IrFtr
mSehNUd+eMEOHz3v3WpEHm7a+1dR4n+oP0CCVCzgNKH4SRZpOhT6+SrZvvAu
Z/BgsxBm6tp39lQh97iv/5Lu8uYYGu0TE5BEsaYrEhVYBW0XgM6ta/cwuIat
SiELNu3GfZ+CLDDVnE2nLml/aocvqRoipSubhMpEzccj0JiDlN2CPcKP3CHI
0VXmCq5Va4sdt2xlC/Q+M2m3U7ewjOt1VXyhgRizqOjjT+UzJoH0ZtsWadsy
uQ5ouEK3731XgKljvQSei/rQ+aqra433+6zRPXOrBmvjrmX+9Ve5tBmMDSoY
F7Gib0Zc0DaJ1+uSnNgt4+9lSDsM4mu6fLcBNfZW4IhUpH/oup5wcQimIikQ
pitPBWtbTN/WZbgyJEIjuU3OmIXdSaqFbyVnjbm3D3+K92ZzIlWKpsJPGquy
uTh97qbDX9qqyfCkBCdygcStb+BdyP/DiCuJsNl0DkcH6lqDRgUzVgwmtdPe
deJsqhkPVYp/W214qDSsrvhuY9bOuLoPpvniTaYXsg5Cg6k1TH6zMj6dvZr1
FHGawca8elnxm6GUgZEmohMnmeXYYAO+KJ8KGP16yPdn6sWfDsgXp3N0r49f
w3j3Jqiw/wInKG+lmmYAAA==

-->

</rfc>
