A key technical underpinning of the Cloud are Application Programming Interfaces (API) - consistent methods for applications to interface with services in the cloud. More and more it will be through APIs that cloud data moves. The security of consumer APIs was threatened by the so-called 'password anti-pattern' – a model in which a client would collect and replay the password for a user at an API in order to access information on behalf of that user. OAuth not only defeats the password anti-pattern, but does much more. OAuth 2.0 defines a consistent, flexible identity and policy architecture for web applications, web services, devices, and desktop clients attempting to communicate with Cloud APIs. We'll discuss what OAuth provides, where it came from, and where its going. About Paul Madsen Paul Madsen is a Senior Technical Architect within the Office of the CTO at Ping Identity. He has served in various design, chairing, editing, and education roles for a number of federation standards, including OASIS Security Assertion Markup Language (SAML), OASIS Service Provisioning Markup Language (SPML), and Liberty Identity Web Services Framework (ID-WSF). He participates in a number of the Kantara Initiative's activities, as well as various other cloud identity initiatives. He holds an M.Sc. in Applied Mathematics and a Ph.D. in Theoretical Physics from Carleton University and the University of Western About Brian Campbell As Principal Architect for Ping Identity, Brian Campbell aspires to one day know what a Principal Architect actually does for a living. In the meantime, he tries to make himself useful by ideating, designing and building software systems such as Ping’s flagship product PingFederate. When not making himself useful, he contributes to various identity and security standards including a two-year stint as co-chair of the OASIS Security Services Technical Committee and a current focus on OAuth 2.0 within the IETF. He holds a B.A., magna cum laude, in Computer Science from Amherst College in Massachusetts. Despite spending four years in the state, he has to look up how to spell "Massachusetts" every time he writes it.

1. !"#$%&'&(#$%)*+,(+-*&.&(#$%-/01(+-*&
2/(3)4-/5&2-/&6789&":;<&
=/0(*&>(3?@)AA&.&:(#A&B(C<)*&
:0*D&;C)*+$E&

2. F-D0<+,<&
• 9%)&(??/-?/0($)&2-/3&-2&(CC/)<<&2-/&$%)&<?)(5)/<&0<&G80/G&
• "@<$/(,$&$%0*50*D&($&)A)H(+-*&,(*&@)&C(*D)/-#<I&J/0*5&?A)*$E&-2&
4($)/I&&
• 6)A($)C&$-&?/)H0-#<K&$%)/)&40AA&@)&*-&@0-&@/)(5<K&?A)(<)&3(5)&*-$)&-2&
A-,(+-*&-2&@#,5)$&0*&@(,5&-2&/--3I&&
• ;2&E-#&40<%&$-&(<5&(&L#)<+-*K&?A)(<)&$4))$&0$&40$%&$%)&$(D&
GM?(#A(*C@/0(*<(4)<-3)-(#$%4-/5<%-?G&
• N)&40AA&@)&C-0*D&(&/-A)O?A(E0*D&)P)/,0<)&$-&<03#A($)&$%)&!"#$%&Q-4I&
8$(/$&$%0*50*D&(@-#$&4%-&E-#&4(*$&0*&E-#/&D/-#?<&-2&R&(*CK&
03?-/$(*$AEK&4%-&40AA&?A(E&$%)&/-A)&-2&$%)&GC#3@G&,A0)*$I&
• 9%)/)&40AA&@)&(*&!"#$%&L#01&($&$%)&)*CI&9%)&%0D%)<$&<,-/)&40AA&/),)0H)&
(&S--DA)T&0*H0$)I&9%)&U*C&%0D%)<$&<,-/)&40AA&/),)0H)&U&0*H0$)<&)$,&
• V-/&B-*C(E&C0**)/K&&
– 850&90?&/)<$(#/(*$&O&W-$&($&$-?&-2&3-#*$(0*&
– =#<)<&,-AA),$&($&XIYZ&
– W-&<?-#<)<&$-*0$)&'&<?(,)&,-*<$/(0*)C&

3. " 8)*0-/&9),%*0,(A&"/,%0$),$&40$%0*&$%)&![,)&-2&
$%)&>9!&($&:0*D&;C)*+$E&
" ?3(C<)*?0*D0C)*+$EI,-3&
" %]?^__444IA0*5)C0*I,-3_0*_?(#A3(C<)*&
" 8)/H)C&0*&H(/0-#<&C)<0D*K&,%(0/0*DK&)C0+*DK&(*C&
)C#,(+-*&/-A)<&2-/&(&*#3@)/&-2&2)C)/(+-*&
<$(*C(/C<K&0*,A#C0*D&8:BFK&;JON8V&.&
;*2-/3(+-*&>(/C<&
" N-/5)C&40$%&<#,,)<<2#A&<$(*C(/C<&$--K&A05)&
8"BF&.&`%-?)2#AAEa&!"#$%&.&8>;B&
" b-AC<&(*&BI8,I&0*&"??A0)C&B($%)3(+,<&(*C&(&:%IJI&0*&9%)-/)+,(A&:%E<0,<&2/-3&>(/A)$-*&
c*0H)/<0$E&(*C&$%)&c*0H)/<0$E&-2&N)<$)/*&!*$(/0-&/)<?),+H)AEI&
" ;&5*-4K&3E&@-EG<&40,5)C&<3(%$I&
" d)$K&?/-2)<<0-*(AAEK&%)&0<&)e),+H)AE&3E&?))/I&
" 8-&4%-f<&<-&<3(/$&*-4K&)%g&
" 8)A2&(<<)/$)C&B-<$&;*$)/)<+*D&B(*&0*&;C)*+$E&&
" J-)<*f$&(A4(E<&C/0*5&@)2-/)&*--*K&@#$&4%)*&%)&C-)<&`E-#&5*-4K&02&$%)/)&4(<&(&A-*D&
3))+*D&-/&<-3)$%0*DaK&%)&?/)2)/<&(&S.9&
" !/&<0P&
" :/-A0h,&$4))$)/&40$%&4)AA&-H)/&%(A2&(&$%-#<(*C&2-AA-4)/<&O&?(#A3(C<)*&
" 8+AA&@A-D<&`%-4&L#(0*$a&($&,-**),+CI@A-D<?-$I,-3&.&?(#A3(C<)*I?-<$)/-#<I,-3&
" 8+AA&4(0+*D&2-/&(&S--DA)T&0*H0$)&

4. =/0(*&>(3?@)AA&
• F)(C<&:0*D&7*D0*))/0*D&$)(3&(CC0*D&!"#$%&$-&
?/-C#,$&A0*)&
• =),(3)&<-i4(/)&C)H)A-?)/&(i)/&/)(A010*D&,%-<)*&
,(/))/&-2&A02)&,-(,%&0*H-AH)C&$(A50*D&$-&?)-?A)&
• N0$%0*&<$(*C(/C<&4-/AC&'&%(<&(,%0)H)C&*-$-/0)$E&
2-/&%(@0$&-2&4-/50*D&?/-2(*0$E&0*$-&*(3)<?(,)&
c6;<&
• N%0A)&,%(0/0*D&!"8;8&8"BF&9>K&9>&/)H)*#)<&
0*,/)(<)C&2/-3&jZ&$-&jkIXZ&C#)&$-&%0<&0C)(&2-/&(&
GS0H)&3)&jkllG&,(3?(0D*&
• N0$%0*&:0*DK&/#*<&N)A,-3)&N(D-*&2-/&*)4&
)3?A-E))<&
• "H0C&?%-$-D/(?%)/&'&?%-$-<&%(H)&D/(,)C&$%)&2/0D<&
-2&3(*E&-2&%0<&2(30AE&
• >#//)*$AE&,-O)C0+*D&$%)&8"BF&"<<)/+-*&?/-hA)&
2-/&!"#$%I&;*&$%($&,-*$)P$K&?/-?-<0*D&(&G6)(C&$%)&
mjM.n&<?),G&)//-/&/)<?-*<)&,-C)&
• b(<&(A3-<$&-@<)<<0H)&0*$)/)<$&0*&>(*(C(&
• 4))#*L#0)$30*C&

5. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

8. "#$%)*+,(+-*&2-/&8!":&
• 9%)&8!":&4-/AC&%(<&A-*D&%(C&<$(*C(/C<&/)A($)C&$-&
(#$%)*+,(+-*&.&(#$%-/01(+-*&-2&4)@&<)/H0,)<&
• N8O9/#<$&C)h*)<&(&?/-$-,-A&@E&4%0,%&(&8!":&,A0)*$&
,(*&-@$(0*&(&<),#/0$E&$-5)*&`$E?0,(AAE&(&8"BF&
(<<)/+-*a&
• N8O8),#/0$E&<+?#A($)<&%-4&$-&(](,%&$%)&$-5)*&
`8"BF&(<<)/+-*a&$-&(&8!":&/)L#)<$&

9. =#$&pII&

10. ka&6789&(#$%)*+,(+-*&
• 6789&4-/AC&%(<&*-$&%(C&,-3?(/(@A)&<$(*C(/C<&
• W-$%0*D&,-3?(/(@A)&$-&N8O8),#/0$E&O&30<%3(<%&-2&
b99:&=(<0,K&b99:&J0D)<$K&?/-?/0)$(/E&3),%(*0<3<K&
(*C&3#$#(A&88F&2-/&,A0)*$&(#$%)*+,(+-*&&
• W-$%0*D&,-3?(/(@A)&$-&N8O9/#<$&'&,-*<)L#)*$AE&
,A0)*$&@)(/<&@#/C)*&-2&3(*(D0*D&,/)C)*+(A<&.&$/#<$&

11. Ua&:(<<4-/C&(*+O?(])/*&&
80$)<&(<5<&d!c&2-/&E-#/&S!!SF7&?(<<4-/C&<-&0$&
,(*&(,,)<<&E-#/&S--DA)&<$#eI&

12. 9<5&$<5l&
• >A0)*$&3#<$&<$-/)&?(<<4-/C<&
• 9)(,%)<&#<)/<&$-&@)&0*C0<,/030*($)&
40$%&$%)0/&?(<<4-/C<&
• B-/)&C0[,#A$&$-&3-H)&$-&3#A+O2(,$-/&
(*C&2)C)/($)C&(#$%)*+,(+-*&
• J-)<*f$&<#??-/$&D/(*#A(/&?)/30<<0-*<K&
)IDI&q&,(*&/)(C&@#$&*-$&4/0$)&
• J-)<*f$&<#??-/$&5*-4A)CD)_
C0e)/)*+(+-*&-2&$%)&(,,)<<&D/(*$)C&
• J-)<*f$&<#??-/$&`)(<Ea&/)H-,(+-*&'&$-&
@)&<#/)&-2&$#/*0*D&-e&(,,)<<&#<)/<&
3#<$&,%(*D)&?(<<4-/C&&

13. ;3?-/$(*,)&-2&/)H-,(+-*&
9%0<&0<&<%0*Elllll&
;&<%-#AC&#<)&$%($&3-/)&
N9V&0<&$%0<&$%0*Dg&

14. Ya&>A-#C&":;<&
• N0$%0*&3-H)&$-4(/C<&8((8&'&$/)*C&$-4(/C<&":;&(,,)<<&
$-&C($(_<)/H0,)<&$-&<#??A)3)*$_/)?A(,)&@/-4<)/&
(,,)<<&
• Salesforce.com expects that within the next year –
only 1/3 of access will be via browser&
• ":;<&-2&:((8&-e)/0*D<&(AA-4&$%)&,#<$-3)/&$-&)P?-<)&0$<&
-4*&,A-#C&<)/H0,)<&
• >A)(/&$/)*C&2-/&$%)<)&":;<&0<&$-4(/C<&6789&

15. >A-#C&,#/)<&)H)/E$%0*D&

16. Ra&W(+H)&3-@0A)&(??<&
?(#A3(C<)*& 4))c*L#0)$B0*C&

17. "<0C)&O&W(+H)&H<&4)@&
• W-$&D-0*D&$-&$/E&$-&?/)C0,$&40**)/&'&)P?),$&@-$%&
• W(+H)G<&,#//)*$&?-?#A(/0$E&A05)AE&@(A(*,)C&@E&
b9BFX&2)($#/)<&
• "#$%)*+,(+-*&.&(#$%-/01(+-*&<%-#AC&@)&,-*<0<$)*$&
(,/-<<&@-$%&3-C)A<K&<-&$%($&
– c<)/<&(/)&*-$&,-*2#<)CK&)D&#<)&C0e)/)*$&
,/)C)*+(A<&(*C_-/&(#$%)*+,(+-*&,)/)3-*E&2-/&
$%)&$4-&3-C)A<K&)H)*&02&(,,)<<0*D&$%)&<(3)&
(??A0,(+-*&
– 8)/H0,)&:/-H0C)/<&(/)*f$&2-/,)C&$-&03?A)3)*$&
C#?A0,($)&.&0*,-3?(+@A)&<),#/0$E&2/(3)4-/5<&
2-/&$%)&$4-&3-C)A<&

18. J/0H)/<&
:(<<4-/C&
F(,5&-2& (*+O
<$(*C(/C<& ?(])/*&
!"#$%&
&
W(+H)&
&
3-@0A)&
>A-#C&":;<&
"??A0,(+-*<&

19. 7*$)/&!"#$%l&
• "*&-?)*&?/-$-,-A&$-&(AA-4&<),#/)&":;&(#$%-/01(+-*&0*&(&
<03?A)&(*C&<$(*C(/C&3)$%-C&2/-3&C)<5$-?K&3-@0A)&(*C&
4)@&(??A0,(+-*<I&
• J)h*)<&(#$%-/01(+-*&.&(#$%)*+,(+-*&2/(3)4-/5&2-/&
67892#A&":;<&
• "??A0)C&$-&C)A)D($)C&(#$%-/01(+-*&'&30+D($)<&?(<<4-/C&
(*+O?(])/*&O&(/,%)$E?0,(A&#<)&,(<)&
• :/-H0C)<&(&<$(*C(/C&4(E&$-&D0H)&(&r5)Ef&$-&(&$%0/CO?(/$E&
4%0,%&(AA-4<&-*AE&A030$)C&(,,)<<&$-&?)/2-/3&<?),0h,&
2#*,+-*<&
– N0$%-#$&C0H#AD0*D&E-#/&,/)C)*+(A<&&

20. "*&!H)/#<)C&"*(A-DE&
OAuth is your valet key to the Interwebs
It’s going happen one way or the other so may
as well tax and regulate!

21. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

22. Real World Demo ->
brizzly.com accesses the twitters &

23. Real World Demo ->
brizzly.com accesses the twitters &

24. Real World Demo ->
brizzly.com accesses the twitters &

25. Real World Demo ->
brizzly.com accesses the twitters &

26. Real World Demo ->
brizzly.com accesses the twitters &

27. Real World Demo ->
brizzly.com accesses the twitters &

28. Real World Demo ->
brizzly.com accesses the twitters &

29. Real World Demo ->
brizzly.com accesses the twitters &

30. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

31. A [confusing] Little History&
• First was the Emergence of Proprietary Solutions
– Google AuthSub, AOL OpenAuth, Yahoo BBAuth,
Upcoming API, Flickr API, AWS API, and more
• OAuth Core 1.0 [Oct 2007]
– Open protocol to standardize what was already being
done
• OAuth Core 1.0 Revision A [June 2009]
– Addresses a session fixation attack
• The OAuth 1.0 Protocol / RFC 5849 [April 2010]
– Move to the IETF as informational documentation of
1.0a with editorial clarifications and errata

32. !"#$%&903)A0*)&
N6":&
vN9&
;79V& !"#$%&UIZ&
;*2-&6V>&XtRs&
&
!"#$%&kIZ(&
>-33#*0$E& !"#$%&kIZ&
UZZu& UZZt& UZZs& UZkZ& UZkk&

33. B-/)&b0<$-/EK&8+AA&>-*2#<0*D&
• !"#$%&N6":&`N)@&6)<-#/,)&"#$%-/01(+-*&
:/-hA)<a [v(*&UZkZ]
– Better Support for non-web applications
– Simplify the Client
– Short lived, opaque, bearer access tokens with
long lived refresh tokens
– Cleaner separation of roles
• Server handling authorization requests
• Server handling protected resource access
• Client
– Simple Web Token (SWT)
• Attempt to standardize an access token format
• Oauth 2.0 [in progress]

34. b-*)<$AE&8(AAEll&;&,(*G$&@)A0)H)&E-#&2)AA&2-/&
$%)&G;&C-*f$&%(H)&3E&$-5)*x<),/)$&40$%&3)G&
A0*)ll&>A0)*$<&%(H)&@))*&$)AA0*D&#<&68<&$%($&
-*)&2-/&E)(/<ll&
=#$&%)&)P?A(0*)C&$%($&%)&%(C&2-/D-])*&0$&($&%-3)I&
"*C&(*E4(E<K&dH-**)&($&$%)&<(A-*&$-AC&3)&$%($&
!"#$%&N6":&C-)<*f$&)H)*&/)L#0/)&,A0)*$&
<0D*($#/)<&<-&;&C-*G$&5*-4&4%E&E-#&(/)&@)0*D&<-&
w#CD)3)*$(A&p&&

35. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

36. OAuth 2.0
• >-*,)?$#(AAE&<030A(/&$-&N6":&
• N0$%&@#0A$&0*&)P$)*<0@0A0$E&
• >A)(/&<)?(/(+-*&-2&D)y*D&(&$-5)*&(*C&#<0*D&(&$-5)*&
– 7(/AE&C/(i<&%(C&(*&-?+-*&2-/&$-5)*&<0D*($#/)<&@#$&$%($&4(<&
C/-??)C&
– z!"#$%&UIZ&0<&=(C&2-/&$%)&N)@{&'&<?),&(#$%-/_)C0$-/&
– =)(/)/&$-5)*<&
– 6)$#/*&-2&$%)&B">&
• "??/-(,%0*D&h*(A&<$(*C(/C01(+-*&0*&;79V&
– 6)(AAEg&&
– >#//)*$AE&($&C/(i&Okt&&
• "??A0,(@A)&$-&3(*E&-$%)/&<,)*(/0-<&'&)H)*&$%-<)&40$%&*-&#<)/<&
• W-$(@A)&2-/&0$<&-?+301(+-*<&2-/&3-@0A)&
– !%&E)(%g&

37. !"#$%&UIZ&9)/30*-A-DE^&6-A)<&
• !"#$%!&"'$()"!^&(*&)*+$E&
`#<#(AAE&(*&)*CO#<)/_?)/<-*a
,(?(@A)&-2&D/(*+*D&(,,)<<&$-&(&
?/-$),$)C&/)<-#/,)&I&
• &*+"),^&(*&(??A0,(+-*&-@$(0*0*D&
(#$%-/01(+-*&(*C&3(50*D&
?/-$),$)C&/)<-#/,)&/)L#)<$<&
`-*&@)%(A2&-2&$%)&/)<-#/,)&
-4*)/aI&&
• !"#$%!&"'#"!-"!'`./a^&$%)&
<)/H)/&%-<+*D&?/-$),$)C&
/)<-#/,)<&
• 0%,1$!+203$)'#"!-"!'`4/a^&(&
<)/H)/&,(?(@A)&-2&0<<#0*D&
$-5)*<K&-@$(0*0*D&
(#$%-/01(+-*K&(*C&
(#$%)*+,(+*D&/)<-#/,)&
-4*)/<I&

38. B-/)&9)/30*-A-DE^&9-5)*<&
• ",,)<<&9-5)*&
– ,/)C)*+(A&#<)C&@E&,A0)*$&$-&(,,)<<&?/-$),$)C&/)<-#/,)<&($&$%)&68&
– ?)/30<<0-*<&(e-/C)C&@E&$%)&$-5)*&,(*&@)&<,-?)C&
– 0<<#)C&@E&$%)&"8&&
– <$/#,$#/)&0<&#*C)h*)C&@E&$%)&<?),`<a&
– #<#(AAE&-?(L#)&$-&$%)&,A0)*$&
– D)*)/(AAE&<%-/$&A0H)C&
– ,(*&@)&<)A2&,-*$(0*)C&-/&(&/)2)/)*,)&
– <%0i<&,-3?A)P0$E&2/-3&$%)&68&$-&$%)&"8&
• 6)2/)<%&9-5)*&
– #<)C&@E&,A0)*$&$-&-@$(0*&(&*)4&(,,)<<&$-5)*&4%)*&$%)&-AC&-*)&
)P?0/)<&
– ,A0)*$&-*AE&<)*C<&$-&"8K&*)H)/&$-&68&
– D)*)/(AAE&A-*D&A0H)C&&

39. ",,)<<&9-5)*&9E?)<&
• ",,)<<&$-5)*<&,(*&%(H)&C0e)/)*$&
– 2-/3($<&
– <$/#,$#/)<&
– 3)$%-C<&-2&#+A01(+-*&`)IDI&,/E?$-D/(?%0,&?/-?)/+)<a&
• ",,)<<&$-5)*<&3#<$&@)&C)h*)C&@E&,-3?(*0-*&
<?),0h,(+-*<&
– $-5)*x$E?)&&
– (CC0+-*(A&?(/(3)$)/<&(<&*))C)C&
– %-4&$-&#<)&($&68&

40. =)(/)/&",,)<<&9-5)*<&
• "*E&?(/$E&0*&?-<<)<<0-*&-2&$%)&$-5)*&`(&
z@)(/)/za&,(*&#<)&$%)&$-5)*&0*&(*E&4(E&$%($&
(*E&-$%)/&?(/$E&0*&?-<<)<<0-*&-2&0$&,(*I&
• $-5)*x$E?)^&=)(/)/&&
• 9-5)*&,(*&@)&?/)<)*$)C&$-&$%)&68&0*&b99:&
"#$%-/01(+-*&b)(C)/K&&=-CE&:(/(3)$)/K&-/&
|#)/E&:(/(3)$)/&
• 6)L#0/)<&9F8&
• 9-5)*&<$/#,$#/)&<+AA&#*C)h*)C&

41. B">&",,)<<&9-5)*<&
• "I5I(I&:/--2&-2&?-<<)<<0-*&$-5)*K&?/--2&$-5)*K&b-o&$-5)*&
• J)h*)<&(*&b99:&B">&(,,)<<&(#$%)*+,(+-*&<,%)3)&`5)E&0CK&
B">&5)E&.&(AD-/0$%3K&(*C&0<<#)&+3)a&
– ;C&0<&<)*$&40$%&/)L#)<$&&
– o)E&0<&<%(/)C&<E33)$/0,&<),/)$&@)$4))*&$%)&,A0)*$&(*C&$%)&<)/H)/&
#<)C&$-&r<0D*f&/)L#)<$<&`$%)/)@E&?/-H0*D&?-<<)<<0-*&-2&$%)&<),/)$a&
• !"#$%&UIZ&@0*C0*D&2-/&#<)&(<&(*&(,,)<<O$-5)*&$E?)&&
– $-5)*x$E?)^&3(,&
– o)E&0C&0<&$%)&(,,)<<x$-5)*&
• V-/3($&.&<$/#,$#/)&0<&<+AA&#*C)h*)C&
– 3(,x5)E&.&3(,x(AD-/0$%3&(<&(CC0+-*(A&?(/(3)$)/<&
• :/-$),$<&(D(0*<$&$-5)*&A)(5(D)&
• o0*C(&<+AA&*))C<&9F8&0*&<-3)&,(<)<&

42. B-/)&9)/30*-A-DE^&7*C?-0*$<&
• "8&7*C?-0*$<&
– 4%,1$!+203$)'")56$+),&
• #<)CK&H0(&#<)/O(D)*$&/)C0/),+-*K&$-&(#$%)*+,($)&(*C&-@$(0*&
(#$%-/01(+-*&2/-3&$%)&/)<-#/,)&-4*)/I&&
• 7*C&#<)/&-*&$%)&2/-*$&,%(**)AI&
– 7$8")'")56$+),'
• c<)C&$-&)P,%(*D)&(*&(#$%-/01(+-*&D/(*$&2-/&(*&(,,)<<&$-5)*I&
• >A0)*$&-*&$%)&@(,5&,%(**)AI&
• >A0)*$&7*C?-0*$&
– ."5+!"&3$)'9.:'
• "i)/&,-3?A)+*D&0$<&0*$)/(,+-*&40$%&$%)&/)<-#/,)&-4*)/K&$%)&"8&
C0/),$<&$%)&/)<-#/,)&-4*)/G<&#<)/O(D)*$&@(,5&$-&$%)&,A0)*$&($&$%)&
,A0)*$f<&/)C0/),+-*&c6;I&
• V/-*$&,%(**)A&,(AA@(,5&&

43. 9)/30*-A-DE^&"#$%-/01(+-*&S/(*$&
• S)*)/(A&$)/3&#<)C&$-&C)<,/0@)&$%)&0*$)/3)C0($)&
,/)C)*+(A<&/)?/)<)*+*D&$%)&/)<-#/,)&-4*)/&
(#$%-/01(+-*&
• 8)/H)<&(<&(*&(@<$/(,+-*&A(E)/&
– *-$&$%)&,A)(*)<$&(@<$/(,+-*&
• c<)C&@E&$%)&,A0)*$&$-&-@$(0*&(*&(,,)<<&$-5)*&
• "AA&$-5)*&)*C?-0*$&,(AA<&0*H-AH)&)P,%(*D0*D&<-3)&
D/(*$&2-/&(*&(,,)<<&$-5)*&
• 8?),&C)h*)<&<)H)/(A&$E?)<&(<&4)AA&(<&(*&
)P$)*<0@0A0$E&3),%(*0<3&

44. 9)/30*-A-DE^&8,-?)&
• 9%)&C)h*0+-*&-2&<,-?)&0<&`3-<$AEa&-#$&-2&<,-?)&
– 8))&4%($&;&C0C&$%)/)g&
– 9%)&<,-?)&-2&$%)&(,,)<<&/)L#)<$&0<&)P?/)<<)C&(<&(&A0<$&-2&
<?(,)OC)A030$)CK&,(<)&<)*<0+H)&<$/0*D<I&
– !/C)/&C-)<*f$&3(])/I&
– 9%)&H(A#)&(*C&3)(*0*D&-2&<,-?)&<$/0*D<&(/)&C)h*)C&@E&$%)&
(#$%-/01(+-*&<)/H)/I&
• 6)L#)<+*D_D/(*+*D&<?),0h,&<,-?)`<a&(AA-4<&$%)&(,,)<<&
/0D%$<&(<<-,0($)C&40$%&(&$-5)*&$-&@)&A030$)C&
– 7*(@A)<&$%)&?/0*,0?A)&-2&A)(<$&?/0H0A)D)&`-/&A)<<&?/0H0A)D)&
(*E4(Ea&
– !*AE&(<5&2-/&4%($&0<&*))C)C&

45. "@<$/(,$&VA-4&
• >A0)*$&-@$(0*<&(#$%-/01(+-*&D/(*$&2/-3&/)<-#/,)&
-4*)/n&
• >A0)*$&,(AA<&$%)&(#$%-/01(+-*&<)/H)/&$-&)P,%(*D)&
$%)&D/(*$&2-/&(*&(,,)<<&$-5)*nn&
• >A0)*$&#<)<&$%)&(,,)<<&$-5)*&$-&(,,)<<&?/-$),$)C&
/),-#/<)<&($&$%)&/)<-#/,)&<)/H)/nnn&
n<-3)+3)<&
nn#<#(AAE&
nnn?/-@(@AE&

46. "#$%-/01(+-*&S/(*$&9E?)<&
• (#$%-/01(+-*&,-C)&
• 03?A0,0$n&
• /)<-#/,)&-4*)/&?(<<4-/C&,/)C)*+(A<&
• ,A0)*$&,/)C)*+(A<&
• /)2/)<%&$-5)*&
• 7P$)*<0-*<&
n&-*)&-2&$%)<)&$%0*D<&0<&*-$&A05)&$%)&-$%)/<p&

47. S/(*$&9E?)^&"#$%-/01(+-*&>-C)&
• >A0)*$&<)*C<&/)<-#/,)&-4*)/K&H0(&@/-4<)/K&$-&$%)&
(#$%-/01(+-*&)*C?-0*$&($&$%)&"8&&
– 7*CO#<)/&(#$%)*+,($)<&
– 7*CO#<)/&(??/-H)<&/)L#)<$)C&(,,)<<&
• "8&<)*C<&$%)&)*CO#<)/&$-&$%)&,A0)*$f<&/)C0/),$&c6;&(*C&
0*,A#C)<&$%)&,-C)&(<&(&L#)/E&?(/(3)$)/&
• >A0)*$&/),)0H)<&$%)&/)C0/),+-*&,(AA@(,5K&)P$/(,$<&$%)&,-C)K&
(*C&<)*C<&0$&$-&$%)&"8&0*&)P,%(*D)&2-/&(*&(,,)<<&$-5)*&(*C&
?/-@(@AE&(&/)2/)<%&$-5)*&
• S/)($&2-/&4)@&(??&,A0)*$<&
– >A0)*$&(#$%)*+,(+-*&
– 7(<E&$-&%(*CA)&$%)&/)C0/),$&
• !5(E&2-/&3-@0A)&,A0)*$<&
– N0$%-#$&,A0)*$&(#$%)*+,(+-*&
– W))C&$/0,5<&$-&%(*CA)&$%)&/)C0/),$&

48. S)y*D&(*&"#$%-/01(+-*&>-C)&
4%,1$!+203$)'.";%"#,'
S79&_(<_(#$%-/01(+-*I-(#$%Ug,A0)*$x0C}(,A0)*$.&
&/)C0/),$x#/0}%]?<mY"__,A0)*$I)P(3?A)I,-3_,@.&
/%6"!<%$%#'=0)050'>0#1+)?@'A+!#,''
&&&&&&&&&/)<?-*<)x$E?)},-C).<,-?)}@))/T%-,5)ETC-*#$<&b99:_kIk&&
$B'C0)D'
b-<$^&<)/H)/I)P(3?A)I,-3&&
4%,1$!+203$)'."#6$)#"'
b99:_kIk&YZU&V-#*C&
F-,(+-*^&%]?<^__,A0)*$I)P(3?A)I,-3_,@g,-C)}S),B7C0P8o6v!tP2?>qbDsVDUb1)&

49. 7P,%(*D)&"#$%-/01(+-*&>-C)&2-/&",,)<<&9-5)*&
4&&"##'7$8")'.";%"#,'
:!89&_(<_$-5)*I-(#$%U&b99:_kIk&
b-<$^&(<I)P(3?A)I,-3&
>-*$)*$O9E?)^&(??A0,(+-*_PO444O2-/3O#/A)*,-C)C~,%(/<)$}c9VOt&
&
,A0)*$x0C}(,A0)*$.,A0)*$x<),/)$}%-<)/./)C0/),$x#/0}%]?<mY"__,A0)*$I)P(3?A)I,-3_
,@.D/(*$x$E?)}(#$%-/01(+-*x,-C).,-C)}S),B7C0P8o6v!tP2?>qbDsVDUb1)&
4&&"##'7$8")'."#6$)#"'
b99:_kIk&UZZ&!o&
>(,%)O>-*$/-A^&*-O<$-/)&
:/(D3(^&*-O,(,%)&
>-*$)*$O9E?)^&(??A0,(+-*_w<-*~&,%(/<)$}c9VOt&
&&
&
&z$-5)*x$E?)z^z=)(/)/zK&
&z(,,)<<x$-5)*z^z(ZÄ#1JYW2J<w><9cÅ=XF3q<uN:|kPZuJ>b6{K&&
&z)P?0/)<x0*z^YÇZZK
&z/)2/)<%x$-5)*z^z389=?L|,8567>W2J,A26Jw67*3L)NÄ(?ZJ<)BÇ(q50P;q{&
É&

50. =/0)2&;*$)/A#C)^&c<0*D&$%)&",,)<<&9-5)*&
E!$,"&,"5'."#$%!&"'.";%"#,'(+,1'0'F"0!"!'7$8")'
S79&_C-#@A)_<),/)$_?/-@(+-*_/)<-#/,)&b99:_kIk&&
b-<$^&/<I)P(3?A)I,-3&&
"#$%-/01(+-*^&=)(/)/&(ZÄ#1JYW2J<w><9cÅ=XF3q<uN:|kPZuJ>b6&
G4='7$8")'0'F+,'G$!"'=$C6*+&0,"5'
&
&&&&&:!89&_$(5)_-e_)%&b99:_kIk&
&&&&&b-<$^&/<I)P(3?A)I,-3&
&&&&&>-*$)*$O9E?)^&(??A0,(+-*_PO444O2-/3O#/A)*,-C)C&
&&&&&"#$%-/01(+-*^&B">&0C}zwCsYC%sC%YsJzK&
&&&&&&&&&&&&&&&&&&&&&&&&*-*,)}zUuYkXÇ^C0Y%HC2tzK&
&&&&&&&&&&&&&&&&&&&&&&&&@-CE%(<%}z5s5@$>;EZ>5;Y_V72?8_-;Jw5Ç5}zK&
&&&&&&&&&&&&&&&&&&&&&&&&3(,}zNu@CBÅ@HscN!9(C"8;|b(DÅE0/"}z&

51. S/(*$&9E?)^&;3?A0,0$&
• 8030A(/&$-&$%)&(#$%-/01(+-*&,-C)&Q-4&)P,)?$p&&
• "i)/&/)<-#/,)&-4*)/&(#$%)*+,(+-*&(*C&
(#$%-/01(+-*K&$%)&"8&<)*C<&$%)&)*CO#<)/&$-&$%)&
,A0)*$f<&/)C0/),$&c6;&(*C&0*,A#C)<&$%)&(,,)<<&
$-5)*&-*&2/(D3)*$&&
• W-&$-5)*&)*C?-0*$&,(AA&<-&*-$&n/)(AAEn&(&D/(*$&
$E?)&
• !?+301)C&2-/&r40CD)$f&,A0)*$<&-/&0*O@/-4<)/&
v(H(8,/0?$&(??A0,(+-*<&
• >-#AC&(A<-&4-/5&2-/&*(+H)_3-@0A)&,A0)*$<&

52. S)y*D&(&9-5)*&40$%&;3?A0,0$&
4%,1$!+203$)'.";%"#,'
S79&_(<_(#$%-/01(+-*I-(#$%Ug,A0)*$x0C}(,A0)*$.&
&/)C0/),$x#/0}%]?<mY"__,A0)*$I)P(3?A)I,-3_,@./)<?-*<)x$E?)}$-5)*&b99:_kIk&&
b-<$^&<)/H)/I)P(3?A)I,-3&&
4%,1$!+203$)'."#6$)#"'
b99:_kIk&YZU&V-#*C&
F-,(+-*^&%]?<^__,A0)*$I)P(3?A)I,-3_,@M)P?0/)<x0*}YÇZZ &
&.$-5)*x$E?)}=)(/)/.(,,)<<x$-5)*}D=w""2u;-ZV;24Å(qJ96|DZCuS94"!FuSÇ)&
E!$,"&,"5'."#$%!&"'.";%"#,'
S79&_C-#@A)_<),/)$_?/-@(+-*_/)<-#/,)&b99:_kIk&&
b-<$^&/<I)P(3?A)I,-3&&
"#$%-/01(+-*^&=)(/)/&D=w""2u;-ZV;24Å(qJ96|DZCuS94"!FuSÇ)&

53. S/(*$&9E?)^&&
6)<-#/,)&!4*)/&:(<<4-/C&>/)C)*+(A<&
• >A0)*$&-@$(0*<&/)<-#/,)&-4*)/f<&#<)/*(3)&(*C&
?(<<4-/C&C0/),$AE&2/-3&$%)&/)<-#/,)&-4*)/&(*C&
<)*C<&$%)3&C0/),$AE&$-&$%)&"8&(<&(&D/(*$I&
• 6)L#0/)<&$/#<$&0*&$%)&,A0)*$I&
• 6)2/)<%&$-5)*&)A030*($)<&$%)&*))C&2-/&$%)&,A0)*$&$-&
<$-/)&$%)&?(<<4-/CI&
• ;*$)*C)C&(<&(&30D/(+-*&3),%(*0<3&&

54. 7P,%(*D)&6!&>/)C<&2-/&",,)<<&9-5)*&
4&&"##'7$8")'.";%"#,'
:!89&_(<_$-5)*I-(#$%U&b99:_kIk&
b-<$^&(<I)P(3?A)I,-3&
"#$%-/01(+-*^&=(<0,&,Us$ÅNW<(NÄ#CJ?=@NÄE(NW%vYW;dq|}&
>-*$)*$O9E?)^&(??A0,(+-*_PO444O2-/3O#/A)*,-C)C~,%(/<)$}c9VOt&
&
,A0)*$x0C}<-3),A0)*$.D/(*$x$E?)}?(<<4-/C.#<)/*(3)}3(C<)*.?(<<4-/C}#<)A)<<$(P-*-3E&
4&&"##'7$8")'."#6$)#"'
b99:_kIk&UZZ&!o& /%6"!<%$%#'=0)05+0)'>0#1+)?@'
>(,%)O>-*$/-A^&*-O<$-/)&
:/(D3(^&*-O,(,%)&
>-*$)*$O9E?)^&(??A0,(+-*_w<-*~&,%(/<)$}c9VOt&
&&
&
&z$-5)*x$E?)z^z=)(/)/zK&
&z(,,)<<x$-5)*z^z(ZÄ#1JYW2J<w><9cÅ=XF3q<uN:|kPZuJ>b6{K&&
&z)P?0/)<x0*z^YÇZZK
&z/)2/)<%x$-5)*z^z389=?L|,8567>W2J,A26Jw67*3L)NÄ(?ZJ<)BÇ(q50P;q{&
É&

55. S/(*$&9E?)^&>A0)*$&>/)C)*+(A<&
• >A0)*$&,(*&/)L#)<$&(*&(,,)<<&$-5)*&#<0*D&-*AE&0$<&-4*&
,/)C)*+(A<&
• V-/&/)<-#/,)<&#*C)/&$%)&,A0)*$f<&,-*$/-A&-/&-$%)/&
/)<-#/,)<&(<&?-A0,E&C0,$($)<&
• Bc89&-*AE&@)&#<)C&@E&Ñ?/0H($){&,A0)*$<&`,A0)*$<&$%($&,(*&
(#$%)*+,($)&<),#/)AEa&
• W-&/)2/)<%&$-5)*&
• >A0)*$&"#$%)*+,(+-*&B),%(*0<3<&
– ,A0)*$x0C&.&,A0)*$x<),/)$&?(/(3)$)/<&&
– b99:&=(<0,&
– Ñ9%)&(#$%-/01(+-*&<)/H)/&B"d&<#??-/$&(*E&<#0$(@A)&b99:&
(#$%)*+,(+-*&<,%)3)&3($,%0*D&0$<&<),#/0$E&/)L#0/)3)*$<{&
– B#$#(A&9F8&
– ,A0)*$x(<<)/+-*&.&,A0)*$x(<<)/+-*x$E?)&?(/(3)$)/<&

56. S/(*$&9E?)^&6)2/)<%&9-5)*&
• ;2&(&/)2/)<%&$-5)*&4(<&0<<#)C&$-&$%)&,A0)*$&C#/0*D&$%)&
)P,%(*D)&-2&(&?/0-/&D/(*$K&0$&,(*&@)&#<)C&(<&(*&
(#$%-/01(+-*&D/(*$&$-&D)$&(&*)4&(,,)<<&$-5)*&
– c*A)<<&/)H-5)C&-/&-$%)/40<)&0*H(A0C&
• 6)2/)<%&(*&)P?0/)C&(,,)<<&$-5)*&40$%-#$&0*H-AH0*D&
#<)/&(#$%-/01(+-*&
• 9%)&"8&3(E&0<<#)&(&*)4&/)2/)<%&$-5)*&
– S--C&<),#/0$E&%ED0)*)&

57. 6)2/)<%0*D&(*&",,)<<&9-5)*&
4&&"##'7$8")'.";%"#,'
:!89&_(<_$-5)*I-(#$%U&b99:_kIk&
b-<$^&(<I)P(3?A)I,-3&
"#$%-/01(+-*^&=(<0,&,Us$ÅNW<(NÄ#CJ?=@NÄE(NW%vYW;dq|}&
>-*$)*$O9E?)^&(??A0,(+-*_PO444O2-/3O#/A)*,-C)C~,%(/<)$}c9VOt&
&
,A0)*$x0C}<-3),A0)*$.D/(*$x$E?)}/)2/)<%x$-5)*./)2/)<%x$-5)*}389=?L|,8567>W2J,A26Jw
67*3L)NÄ(?ZJ<)BÇ(q50P;q&
4&&"##'7$8")'."#6$)#"'
b99:_kIk&UZZ&!o&
>(,%)O>-*$/-A^&*-O<$-/)&
:/(D3(^&*-O,(,%)&
>-*$)*$O9E?)^&(??A0,(+-*_w<-*~&,%(/<)$}c9VOt&
&&
&
&z$-5)*x$E?)z^z=)(/)/zK&
&z(,,)<<x$-5)*z^zBCL=#)PqdAB8-D@/"40::Ru)SPSLÅ(w#vW({K&&
&z)P?0/)<x0*z^YÇZZK
&z/)2/)<%x$-5)*z^z%AE7!!s:qD3H:0d;tDÇto87<Ub|%D/50c|S<,sqP<5C{&
É&

58. 7P$)*<0-*&S/(*$&9E?)<&
• 7P$)*<0-*&(#$%-/01(+-*&D/(*$&$E?)<&,(*&@)&
C)h*)C&@E&(<<0D*0*D&$%)3&(&#*0L#)&(@<-A#$)&c6;&
2-/&#<)&40$%&$%)&zD/(*$x$E?)z&?(/(3)$)/I&
• 7P$)*<0-*<&,(*&C)h*)&(CC0+-*(A&?(/(3)$)/<&
*))C)CI&
• 7*(@A)<&@/0CD0*D&@)$4))*&!"#$%&(*C&-$%)/&
?/-$-,-A<I&
– 8"BF&UIZ&
– vN9&kIZ&
• 7*(@A)<&-$%)/&<$#e&$--&
– =)(/)/&(,,)<<&$-5)*&H(A0C(+-*&
– 898&<$EA)&$-5)*&)P,%(*D)&

59. :(/+(A&8?),0h,(+-*&F(*C<,(?)&
H"I)?'0'7$8")' 9#+)?'0'7$8")'
9%)&!"#$%&UIZ&"#$%-/01(+-*&:/-$-,-A& 9%)&!"#$%&UIZ&:/-$-,-A^&=)(/)/&9-5)*<&
C/(iO0)ÖO-(#$%OHU& C/(iO0)ÖO-(#$%OHUO@)(/)/&
b99:&"#$%)*+,(+-*^&B">&",,)<<&"#$%)*+,(+-*&
C/(iO0)ÖO-(#$%OHUO%]?O3(,&
7P$)*<0-*&S/(*$<&&
.& !"#$%&UIZ&"<<)/+-*&:/-hA)&&&&&&&&&&&&&&&&&&&&&&
&>A0)*$&"#$%)*+,(+-*& C/(iO0)ÖO-(#$%O(<<)/+-*<&
7$8")#' "<<)/+-*<&(*C&:/-$-,-A<&2-/&8"BF&ÄUIZ&
<(3AO,-/)OUIZO-<&
8"BF&UIZ&=)(/)/&"<<)/+-*&S/(*$&&
9E?)&:/-hA)&2-/&!"#$%&UIZ&
C/(iO0)ÖO-(#$%O<(3AUO@)(/)/& JKLMN'
v8!W&N)@&9-5)*&`vN9a&&
v8!W&N)@&9-5)*&`vN9a&=)(/)/& C/(iOw-*)<Ow<-*O4)@O$-5)*&
:/-hA)&2-/&!"#$%&UIZ&
&C/(iOw-*)<O-(#$%Ow4$O@)(/)/&
v8!W&N)@&80D*($#/)&`vN8a&
C/(iOw-*)<Ow<-*O4)@O<0D*($#/)&
O,1"!'E!$,$&$*#'
c<)/OB(*(D)C&",,)<<&`cB"a& v8!W&N)@&80D*($#/)&`vN7a&
>-/)&:/-$-,-A& C/(iOw-*)<Ow<-*O4)@O)*,/E?+-*&
!?)*;J&>-**),$&>-/)&kIZ& C/(iO%(/Cw-*-O-(#$%O#3(,-/)&

60. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

61. >-*$/(<$&.&>-3?-<)&

62. d";Ä&`d)$&"*-$%)/&;C)*+$E&Ä)**a&
!"#$%&
8"BF&
• 88!&?/-hA)&
• ;>"B&
• "#$%*&2-/&8!":&":;<& • "#$%*&2-/&6789&":;<&
• 9-5)*&2-/3($& • "]/0@#$)&<%(/0*D&
&
• >A-#C&"#$%1&
• "#$%1&C),0<0-*<&
• "#$%1&|#)/En&
• :-A0,E&<E*$(P&
q">BF&

63. !"#$%&/)A(+-*<%0?&$-&!?)*;J&
• ;*&-*)&<)*<)K&!"#$%&.&!?)*;J&(/)&-/$%-D-*(AK&
0)&!?)*;J&,-#AC&@)&#<)C&$-&(#$%)*+,($)&#<)/&
($&"8&2-/&-@$(0*0*D&,-*<)*$&
• =#$&$%)&<030A(/0+)<&@)$4))*&!?)*;J&UIZ&(*C&
$%)&!"#$%&UIZ&(,,)<<&$-5)*&/)$/0)H(A&?0),)&
%(H)&3-+H($)C&?/-?-<(A<&2-/&@(<0*D&*)P$&
H)/<0-*&-2&!?)*;J&r-*&$-?&-2f&!"#$%&'&!?)*;J&
>-**),$&

64. :/-@A)3<&40$%&!?)*;J&UIZ&
• F-*D&c6F&A030$(+-*<&
– B(*E&3-@0A)&@/-4<)/&(*C&<-3)&:>&@/-4<)/<&,%-5)&($&
A-*D&c6F<&,(#<)C&@E&"qK&:":7K&(*C&-$%)/&)P$)*<0-*<I&
• F!"&,)0A0*D&
– ,(**-$&(](0*&F!"U&@),(#<)&-2&(<<)/+-*&C0<,A-<#/)&($&
@/-4<)/&
• ;3?A)3)*$(+-*&,-3?A)P0$E&
– J0[)Ob)A3(*&5)E&)P,%(*D)K&>(*-*0,(A01(+-*&(*C&
80D*($#/)&%(/C&$-&03?A)3)*$&
• J($(&8%(/0*D&F030$(+-*<&
– !*AE&?(0/O40<)&C($(&<%(/0*D&@)$4))*&$%)&!:&(*C&6:&0<&
?-<<0@A)I&

65. !?)*;J&>-**),$&
• J)<0D*)C&$-&(CC/)<<&?/)H0-#<AE&<$($)C&
A030$(+-*<&-2&!?)*;J&UIZ&
• 6)Q),$<&(&%(/3-*01(+-*&-2&3#A+?A)&
,-3?)+*D&H0<0-*<&2-/&)H-A#+-*&-2&!?)*;J&UIZ&
• "CC<&(&$%0*&G0C)*+$E&A(E)/G&-*$-&!"#$%&UIZ&
• J)<0D*)C&$-&<#??-/$&%0D%)/&F!"&

66. !?)*;J&>-**),$&V(30AE&$/))&
V(,)=--5&>-**),$&
vN9&

67. Z&

68. !?)*;J&>-**),$&/)A(+-*&$-&!"#$%&
• N%)/)(<&!"#$%&0<&(&D)*)/(A&3),%(*0<3&$-&
(#$%-/01)&":;&(,,)<<K&!?)*;J&>-**),$&?/-hA)<&
$%)&D)*)/0,&2-/&?#/?-<)<&-2&<%(/0*D&?/-hA)&
0*2-/3(+-*&
• c<)<&$%)&(#$%1&,-C)&.&03?A0,0$&D/(*$&$E?)<&'&$%)&
?0),)<&-2&!"#$%&-?+301)C&2-/&#<)/O,-*<)*$&
<,)*(/0-<&
• F)H)/(D)<&$%)&(#$%-/01(+-*&.&$-5)*&)*C?-0*$<&.&
(CC<&0C)*+$EO@(<)C&?(/(3<&$-&,-/)&!"#$%&
3)<<(D)<&

69. 8"BF&.&!"#$%&
8"BF& GbE@/0CG&'&,(//E&!"#$%&$-5)*&
!"#$%&
& 0*&8"BF&88!&3)<<(D)<&
G"<<)/+-*&?/-hA)G&#<)&
!"#$%& 8"BF&(<<)/+-*<&40$%0*&&
8"BF&
!"#$%&Q-4&
8"BF& !"#$%& G8)L#)*,0*DG&'&#<)&8"BF&88!&
$-&(#$%)*+,($)&#<)/&$-&"8&

70. 8)L#)*,0*D&
;C)*+$E&?/-H0C)/& 8)/H0,)&?/-H0C)/&
8"BF&
& "??A0,(+-*&
!"#$%&
:4C& 9-5)*&
9-5)*&
J)H0,)&
=/-4<)/& v8!W_qBF&
"??A0,(+-*&

71. 9/(C0*D&
Use SAML assertion( or JWT) for
OAuth client authentication and/or OAuth grant type
:!89&_$-5)*&b99:_kIk&
b-<$^&<)/H)/I)P(3?A)I,-3&
>-*$)*$O9E?)^&(??A0,(+-*_PO444O2-/3O#/A)*,-C)C&
&
D/(*$x$E?)}(#$%-/01(+-*x,-C).&,-C)}0kN<6*k#=k.&,A0)*$x0C}<Ç=%C65L$Y.&
,A0)*$x(<<)/+-*x$E?)}#/*mY"-(<0<mY"*(3)<m<"$,mY"8"BF
mY"UIZmY"(<<)/+-*.&,A0)*$x(<<)/+-*}:bW%@NP4!AIIIÜ-30])C&2-/&
@/)H0$EáIIIÅ9&
&
&
&
&
&

72. 9/(C0*D&
&
8"BF& vN9& :/-hA)<&(<<)/+-*&?/-hA)&
V-/&<?),0h,&(<<)/+-*&
V-/3($<&ÜUá&.&ÜYá&
"<<)/+-*&?/-hA)& b-4&$-&#<)&(<<)/+-*<&&
2-/&,A0)*$&(#$%)*+,(+-*&&
(*C&(<&(&D/(*$&$E?)&Üká&&
!"#$%& >-/)&?/-$-,-A&
Üká&O&%]?^__$--A<I0)ÖI-/D_%$3A_C/(iO0)ÖO-(#$%O(<<)/+-*<&
ÜUá&O&C/(iO0)ÖO-(#$%O<(3AUO@)(/)/&
ÜYáO&C/(iO0)ÖO-(#$%Ow4$O@)(/)/&
&
&

73. !"#$%&/)A(+-*<%0?&$-&q">BF&
9%-#D%&@-$%&2-,#<)C&-*&
r(#$%-/01(+-*fK&!"#$%&.&
q">BF&(/)&*0,)AE&
,-3?-<)(@A)&

74. !"#$%&0<&(#$%-/01(+-*g&
• J)?)*C<&-*&4%($&?(/$&-2&$%)&
(#$%1&)A)?%(*$&E-#&(/)&
A--50*D&($&
– :-A0,E&`q">BFa&
– |#)/E&`q">BF_8"BF&?/-hA)a&
– >A(03<&`8"BF&.&N8OV)C&88!a&
– c<)/&,-*<)*$&`!"#$%a&
– :)/30<<0-*<&`!"#$%a&
F%,'+B'D$%!'%#"'&0#"#'5$)P,'
+)-$*-"'%#"!Q&$)#"),R',1")'
O4%,1'#,0!,#',$'*$$8'C$!"'
*+8"'0%,1")3&03$)'
&

75. cB"&.&!"#$%&
• User Managed Access extends OAuth 2.0 to allow for a user to manage
access to multiple (and distributed) resources through centralized
Authorization Manager
• Leverages separation between AS & RS introduced by WRAP
&
O4%,1' 9G4'
9%)&/)<-#/,)&<)/H)/&/)<?),$<&(,,)<<&$-5)*<& 9%)&%-<$&-#$<-#/,)<&(#$%-/01(+-*&w-@<&$-&
2/-3&Ñ0$<{&(#$%-/01(+-*&<)/H)/& (*&(#$%-/01(+-*&3(*(D)/&,%-<)*&@E&$%)&
#<)/&
9%)&(#$%-/01(+-*&<)/H)/&0<<#)<&$-5)*<& 9%)&(#$%-/01(+-*&3(*(D)/&0<<#)<&$-5)*<&
@(<)C&-*&$%)&,A0)*$f<&(@0A0$E&$-&(#$%)*+,($)I& @(<)C&-*&#<)/&?-A0,E&(*C&Ñ,A(03<{&,-*H)E)C&
@E&$%)&/)L#)<$)/I&
9%)&/)<-#/,)&<)/H)/&H(A0C($)<&$-5)*<&0*&(*& 9%)&%-<$&,(*&(<5&$%)&(#$%-/01(+-*&3(*(D)/&
#*<?),0h)C&3(**)/K&(<<#3)C&A-,(AAE& $-&H(A0C($)&$-5)*<&0*&/)(A&+3)I&
8$(+,&,A0)*$&/)D0<$/(+-*&<$)?&& B-/)&CE*(30,&3-C)A&

76. cB"&.&!"#$%&
ST'9#"!'+),!$5%&"#'
U$#,',$'4G'
WT'U$#,'-"!+X"#',$8")'
0,'4G'
VT'.";%"#,$!'$>,0+)#''
,$8")'B!$C'4G',$'%#"'
'0,'U$#,'

77. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

78. !"#$%&c<)&,(<)<&

79. c<)&,(<)&$(P-*-3E&
>A-#C& B-@0A)&
J0e)/)*$& @#<0*)<<& 4-/52-/,)&
C-3(0*&
4/Y9#"!'
!"*03$)#1+6'
;*$)/*(A& B-@0A)&
,-*<#3)/&
8(3)&
C-3(0*&
8)/H)/& B-@0A)&
=*+"),'

80. J0<+*D#0<%0*D&2)($#/)<&
• W($#/)&-2&$%)&,A0)*$K&0)&3-@0A)&-/&4)@&(??&
• N%)$%)/K&(*C&%-4K&#<)/&(#$%)*+,($)<&$-&"8&
• N%)$%)/K&(*C&%-4K&,A0)*$&(#$%)*+,($)<&$-&"8&
• N%)$%)/K&(*C&%-4K&#<)/&*))C<&$-&D0H)&,-*<)*$&
• 9/#<$&3-C)A&@)$4))*&>A0)*$&.&"8&
• 9/#<$&3-C)A&@)$4))*&68&.&"8&

81. !"#$%&c<)&>(<)^&B-@0A)&>-*<#3)/&
• "&>-*<#3)/&>A-#C&=#<0*)<<&`)IDI&B(//0-]a&@#0AC0*D&
B-@0A)&"??<&
• :/-H0C)&88!&(,,)<<&H0(&0:(CK&0:%-*)K&"*C/-0CK&)$,&
• 9/#<$&/)A(+-*<%0?&0<&@)$4))*&)*$)/?/0<)&.&
,-*<#3)/&

82. B-@0A)&>-*<#3)/^&&8?),0h,<&
ka&B-@0A)&(??A0,(+-*&A(#*,%)<&
S' "#$%Å& @/-4<)/K&0*&4%0,%&#<)/&
V'
7*C?-0*$& (#$%)*+,($)<&$-&:0*DV)C)/($)&
`(*C&D/(*$<&,-*<)*$a&&&
9-5)*&
7*C?-0*$& Ua&:0*DV)C)/($)&/)$#/*<&,-C)&$-&
3-@0A)&(??A0,(+-*&$%/-#D%&
Ä(A0C(+-*&
@/-4<)/&
W' 7*C?-0*$&
Ya&B-@0A)&(??A0,(+-*&)P,%(*D)<&,-C)&
2-/&(,,)<<&$-5)*&
Ra&B-@0A)&(??A0,(+-*&(CC<&(,,)<<&
['
$-5)*&$-&0$<&6789&/)L#)<$&-2&
6)<-#/,)&8)/H)/&`":;a&
' Xa&68&0*$)/(,$<&40$%&:0*DV)C)/($)&$-&
H)/02E&$-5)*K&(*C&/)$/0)H)&C)<0/)C&
68& (]/0@#$)<&
Ça&"<<#30*D&!oK&68&/)$#/*<&
/)L#)<$)C&C($(&$-&3-@0A)&
(??A0,(+-*&
Z'

83. B-@0A)&>-*<#3)/<^&;*A0*)&-?+-*&
ka&B-@0A)&(??A0,(+-*&,-AA),$<&#<)/&
?(<<4-/C&(*C&<)*C<&$-&
"#$%Å& :0*DV)C)/($)&0*&/)L#)<$&2-/&
7*C?-0*$&
(,,)<<&$-5)*a&&&
S' 9-5)*& Ua&:0*DV)C)/($)&/)$#/*<&(,,)<<&$-5)*&
7*C?-0*$& $-&3-@0A)&(??A0,(+-*&
V'
Ya&B-@0A)&(??A0,(+-*&(CC<&(,,)<<&
Ä(A0C(+-*&
7*C?-0*$& $-5)*&$-&0$<&6789&/)L#)<$&-2&
6)<-#/,)&8)/H)/&`":;a&
Ra&68&0*$)/(,$<&40$%&:0*DV)C)/($)&$-&
W'
Z' H)/02E&$-5)*K&(*C&/)$/0)H)&
C)<0/)C&(]/0@#$)<&
Xa&"<<#30*D&!oK&68&/)$#/*<&
/)L#)<$)C&C($(&$-&3-@0A)&
(??A0,(+-*&
['
68&

84. J0<,#<<0-*&
• B-@0A)&,A0)*$<&(/)&D)*)/(AAE&*-$&0<<#)C&#*0L#)&,A0)*$&
,/)C)*+(A<&'&/($%)/&(AA&,-?0)<&<%(/)&$%)&<(3)&
– :/-H0C)<&-*AE&,-(/<)&r(#$%)*+,(+-*f&`-/&H(A0C(+-*a&
• J0e)/)*$&#<)/&(#$%)*+,(+-*&3),%(*0<3<&%(H)&?/-<_
,-*<&
– =/-4<)/O@(<)C&3),%(*0<3<&3(E&@)&(CH(*$(D)-#<&2/-3&
<),#/0$E&:-ÄI&"A<-&(AA-4<&2-/&h*)OD/(0*)C&,-*<)*$&
?-<<0@0A0+)<I&=/-4<)/&3(E&@)&)3@)CC)C&
– ;*A0*)&3),%(*0<3&3(E&-e)/&#<(@0A0$E&(CH(*$(D)<K&@#$&($&(&
,-<$&
• S/(*#A(/0$E&-H)/&,-*<)*$&
• 6)A0(*,)&-*&?(<<4-/C<&

85. !"#$%&c<)&>(<)^&B-@0A)&>A-#C_8((<&&
• "&>A-#C&=#<0*)<<_8((8&@#0AC0*D&B-@0A)&"??A0,(+-*<&
• 8#??-/$<&4-/52-/,)&(,,)<<&H0(&H0(&0:(CK&0:%-*)K&
"*C/-0CK&)$,&$-&>A-#CO%-<$)C&":;<&
• 9/#<$&/)A(+-*<%0?&0<&@)$4))*&$%)&)*$)/?/0<)&(*C&
>A-#C&=#<0*)<<_8((8&

86. B-@0A)&>A-#C&
ka&B-@0A)&(??A0,(+-*&A(#*,%)<&
;C:& @/-4<)/&$-&:0*DV)C)/($)&(#$%*&
V'
?(D)&
"#$%Å&
V'
7*C?-0*$& &Ua&:0*DV)C)/($)&<)*C<&)3?A-E))&
S'
@/-4<)/&$-&)*$)/?/0<)&;C:&2-/&88!K&
9-5)*& /),)0H)<&8"BF&(<<)/+-*&
7*C?-0*$&
W' Ya&:0*DV)C)/($)&/)$#/*<&,-C)&$-&
Ä(A0C(+-*& 3-@0A)&(??A0,(+-*&$%/-#D%&
W' Z' 7*C?-0*$& @/-4<)/&
Ra&B-@0A)&(??A0,(+-*&)P,%(*D)<&,-C)&
2-/&(,,)<<&$-5)*&
'
Xa&B-@0A)&(??A0,(+-*&(CC<&(,,)<<&
$-5)*&$-&0$<&6789&/)L#)<$&-2&
]' 6)<-#/,)&8)/H)/&`":;a&
Ça&68&0*$)/(,$<&40$%&:0*DV)C)/($)&$-&
68& H)/02E&$-5)*K&(*C&/)$/0)H)&C)<0/)C&
(]/0@#$)<&
ua&"<<#30*D&!oK&68&/)$#/*<&
/)L#)<$)C&C($(&$-&3-@0A)&
[' (??A0,(+-*&

87. c>&'&;*$)/*(A&8)/H)/&>A0)*$<&
• 7*$)/?/0<)&,-**),$<&0*$)/*(A&(??A0,(+-*<&
$%/-#D%&6789&":;<&2-/&0*$)D/(+-*&
• >A0)*$<&3(E&(,$&(#$-*-3-#<AEK&-/&(A$)/*(+H)AE&
-*&@)%(A2&-2&(*&)3?A-E))&-/&/-A)&

88. ;*$)/*(A&":;<^&O&"#$-*-3-#<&
kI ;*$)/*(A&,A0)*$&(#$%)*+,($)<&$-&
:0*DV)C)/($)&-*&/)L#)<$&2-/&
"#$%Å& (,,)<<&$-5)*&
7*C?-0*$&
UI :0*DV)C)/($)&/)$#/*<&(,,)<<&
S' 9-5)*& $-5)*&$-&,A0)*$&
7*C?-0*$&
YI B-@0A)&(??A0,(+-*&(CC<&(,,)<<&
V'
$-5)*&$-&0$<&6789&/)L#)<$&-2&
Ä(A0C(+-*&
7*C?-0*$& 6)<-#/,)&8)/H)/&`":;a&
RI 68&0*$)/(,$<&40$%&:0*DV)C)/($)&
$-&H)/02E&$-5)*K&(*C&/)$/0)H)&
W'
Z' (??/-?/0($)&,A0)*$&(]/0@#$)<&
XI "<<#30*D&!oK&68&/)$#/*<&
/)L#)<$)C&C($(&$-&,A0)*$&
(??A0,(+-*&
['
68&

89. ;*$)/*(A&":;<^&&O&J)A)D($)C&
kI >A0)*$&(??A0,(+-*&A(#*,%)<&
S' @/-4<)/&$-&:0*DV)C)/($)&(#$%*&
"#$%Å& ?(D)&
7*C?-0*$&
UI &"i)/&A-D0*K&:0*DV)C)/($)&
V' 9-5)*& /)$#/*<&,-C)&$-&,A0)*$&
7*C?-0*$& (??A0,(+-*&$%/-#D%&@/-4<)/&
V'
YI >A0)*$&(??A0,(+-*&)P,%(*D)<&
Ä(A0C(+-*&
7*C?-0*$& ,-C)&2-/&(,,)<<&$-5)*&
RI >A0)*$&(??A0,(+-*&(CC<&(,,)<<&
$-5)*&$-&0$<&6789&/)L#)<$&-2&
[' 6)<-#/,)&8)/H)/&`":;a&
W'
XI 68&0*$)/(,$<&40$%&:0*DV)C)/($)&
$-&H)/02E&$-5)*K&(*C&/)$/0)H)&
C)<0/)C&(]/0@#$)<&
Z'
68& ÇI "<<#30*D&!oK&68&/)$#/*<&
/)L#)<$)C&C($(&$-&,A0)*$&
(??A0,(+-*&
'

90. >A-#C&=#<0*)<<_8((8&
• "&>A-#C&=#<0*)<<_8((8&?/-H0C)<&C($(&(,,)<<&$%/-#D%&6789&":;<&
• ":;&,A0)*$<&(/)&4)@&(??A0,(+-*<&`0I)I&-*&(&<)/H)/a&
• F(/D)&*#3@)/&-2&,A0)*$<&(,,)<<0*D&":;<&'&)(<0)/&$-&3(*(D)&$/#<$&($&$%)&
?(/$*)/_,#<$-3)/&A)H)A&$%(*&0*C0H0C#(A&,A0)*$<&
• "#$%)*+,($)&,A0)*$&.&#<)/<&$%/-#D%&2)C)/(+-*K&/($%)/&$%(*&C0/),$AE&0<<#)C&
,/)C)*+(A<&

91. VA-4&
kI >A0)*$&(??A0,(+-*&/)$/0)H)<&8"BF&
(<<)/+-*&2/-3&A-,(A&;C:&
UI >A0)*$&<)*C<&8"BF&(<<)/+-*&$-&
:0*DV)C)/($)&($&8((8&:/-H0C)/_
?(/$*)/&)$,&
YI :0*DV)C)/($)&/)$#/*<&(,,)<<&
$-5)*&$-&,A0)*$&
RI >A0)*$&(??A0,(+-*&(CC<&(,,)<<&
$-5)*&$-&0$<&6789&/)L#)<$&-2&
6)<-#/,)&8)/H)/&`":;a&
XI 8((8&68&0*$)/(,$<&40$%&
:0*DV)C)/($)&$-&H)/02E&$-5)*K&
(*C&/)$/0)H)&C)<0/)C&(]/0@#$)<&
ÇI "<<#30*D&!oK&8((8&68&/)$#/*<&
/)L#)<$)C&C($(&$-&,A0)*$&
(??A0,(+-*&

92. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

93. !"#$%&U&8),#/0$E&B-C)A&
• N)AAK&0$&<-/$&-2&C)?)*C<p&
– 9-5)*&$E?)&
– S/(*$&$E?)&
– >A0)*$&$E?)&
• "A<-K&0$f<&50*C&-2&,-3?A0,($)Cp&

94. 8)<<0-*&>--50)&"*(A-DE&&
• !"#$%&#<0*D&@)(/)/&$-5)*<&0<&<-/$&-2&A05)&<)<<0-*&
,--50)<&2-/&":;_/)<-#/,)&(,,)<<&&
• S)*)/(AAE&E-#&A-D0*&$-&(&4)@<0$)&(*C&(/)&0<<#)C&(&
<)<<0-*&,--50)&2-/&<#@<)L#)*$&/)L#)<$<&
• S/(*$&0<&A05)&$%)&A-D0*&(*C&(,,)<<&$-5)*&0<&A05)&$%)&
<)<<0-*&,--50)&&
• 9F8&0<&/)L#0/)C&($&)H)/E&<$)?&
• >--50)<&/)AE&-*&<(3)&-/0D0*&?-A0,E&
• ",,)<<&$-5)*<&/)AE&-*&<$(+,&-/&4)AA&5*-4&<)/H)/<&
• W)0$%)/&0<&?)/2),$&
• J0<,-H)/E&,(**-$&@)&<(2)AE&C-*)&40$%&@)(/)/&$-5)*<&

95. N%($&(@-#$&B">g&
• b)A?<&40$%&$%)&C0<,-H)/E&?/-@A)3&
• 8+AA&50*C&-2&<030A(/&$-&<)<<0-*&,--50)<&
– ;*&2(,$K&$%)&B">&<?),&C)h*)<&(*&)P$)*<0-*&$-&$%)&
b99:&z8)$O>--50)&z&/)<?-*<)&%)(C)/&h)AC&
• :/)H)*$<&,/)C)*+(A&A)(5(D)&
• >(*&@)&#<)C&-H)/&0*<),#/)&,%(**)A<&
– "CC<&,-3?A)P0$E&`*-/3(A01(+-*K&,/E?$-D/(?%EK&
<$($)&3(*(D)3)*$a&
– W-&,-*hC)*+(A0$E&`<+AA&*))C&9F8&2-/&$%($a&

96. 9-5)*<&.&80D*0*D&&
• 80D*)C&9-5)*<&
– 9-5)*&0<&<0D*)C&@E&$%)&0<<#)/&`"8a&
– vN9K&8N9K&8"BFK&)$,I&
– 9-5)*&0<&<)A2O,-*$(0*)C&
• 80D*0*D&40$%&9-5)*<&&
– >A0)*$&<0D*<&$%)&/)L#)<$&40$%&<-3)&<),/)$&0<<#)C&
(A-*D&<0C)&$%)&$-5)*&
– B">&
– 9-5)*&,(*&@)&<)A2O,-*$(0*)C&-/&/)2)/)*,)&&

97. N%E&(/)*f$&9-5)*<&J)h*)Cg&
• ;$f<&-5(EK&0$&/)(AAE&0<&
• ;&C-*f$&5*-4&4%E&)P(,$AEK&@#$&;fH)&D/-4*&$-&
(,,)?$&(*C&)H)*&A05)&0$&
• ;$&C-)<&03?AE&<-3)&A)H)A&-2&,--/C0*(+-*&
@)$4))*&$%)&"8&.&68&
• 903)&40AA&$)AAp&

98. !$%)/&8),#/0$E&8$#e&
• 6)2)/)*,)&<$EA)&$-5)*<&*))C&(&A-$&-2&)*$/-?E&
• 6)H-,(+-*&0<&D--C&$-&?/-H0C)&
• 9F8&
• >A0)*$&"#$%)*+,(+-*&(*C&@0*C0*D&$-&$-5)*<_,-C)<&
• =/#$)&2-/,)&,-#*$)/3)(<#/)<&
• 9-5)*&<$-/(D)&
• 9-5)*_,-C)&A)(5(D)&
• :%0<%0*D&
• J0C&;&3)*+-*&9F8g&
• 8,-?)&

99. "D)*C(&
• !"#$%&C/0H)/<&
• 8,/))*<%-$&C)3-&
• !"#$%&%0<$-/E&
• !"#$%&U&
• !"#$%&0*&,-*$)P$&
• o)E&#<)&,(<)<&
• !"#$%&<),#/0$E&3-C)A&
• "AA&$%)&@)AA<&.&4%0<$A)<&4(A5&$%/-#D%&

100. N(A5&$%/-#D%&
• N(A5&$%/-#D%&<,)*(/0-&-2&(*&)3?A-E))&#<0*D&(&
*(+H)&(??&-*&$%)0/&?%-*)_$(@A)$&$-&0*$)/(,$&
40$%&(&8((8&?/-H0C)/&
• 8"BF&?/-H0C)<&
– "#$%)*+,(+-*&-2&)3?A-E))&$-&8((8&?/-H0C)/&
• !"#$%&?/-H0C)<&
– (#$%-/01(+-*&-2&*(+H)&(??&$-&(,,)<<&8((8&":;<&
– ;<<#(*,)&-2&$-5)*<&2/-3&8((8&$-&*(+H)&(??&

101. N(A5&$%/-#D%&
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&!"#$%&
&
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&8"BF&
&
&
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&!"#$%&

102. F-(C&(#$%1&?(D)&

103. F-(C&(#$%1&?(D)&

104. F-(C&(#$%1&?(D)&
S79&_(<_(#$%-/01(+-*I-(#$%Ug
,A0)*$x0C}3-@0A)(??.<$($)}%-<)/./)C0/),$x#/0}3-@0A)(??^__
/)C0/),$x%)/)./)<?-*<)x$E?)},-C)&b99:_kIk&
^$,"'
O O&W-&,A0)*$&?4C&
O O&,#<$-3&<,%)3)&-*&/)C0/),$&c6F&
O O&/)<?-*<)&$E?)&-2&r,-C)f&

105. ;C:&J0<,-H)/E&

106. ;C:&J0<,-H)/E&

107. ;C:&C0<,-H)/E&

108. 88!&6)L#)<$&

109. 88!&/)L#)<$&

110. 88!&6)L#)<$&
à2-/3&3)$%-C}z?-<$z&(,+-*}z%]?<^__0C?I)P(3?A)I-/D_8"BFU_88!_:!89z&â&
à0*?#$&$E?)}z%0CC)*z&*(3)}z8"BF6)L#)<$z&H(A#)}z!"#$"%&z&_â&
à0*?#$&$E?)}z<#@30$z&H(A#)}z8#@30$z&_â&
à_2-/3â&&
à<(3A?^"#$%*6)L#)<$&
&P3A*<^<(3A?}z#/*^-(<0<^*(3)<^$,^8"BF^UIZ^?/-$-,-Az&
P3A*<^<(3A}z#/*^-(<0<^*(3)<^$,^8"BF^UIZ^(<<)/+-*z&;J}z((2UYksÇOkuuYOUkkYORuR(O
2)kkRRkU(@uUz&Ä)/<0-*}zUIZz&;<<#);*<$(*$}zUZZROkUOZX9Zs^Uk^XsÅ{â&
& &à<(3A^;<<#)/â%]?<^__<?I)P(3?A)I,-3_8"BFUà_<(3A^;<<#)/â&&à<(3A?^W(3);J:-A0,E&
"AA-4>/)($)}z$/#)z& &V-/3($}z#/*^-(<0<^*(3)<^$,^8"BF^
UIZ^*(3)0C^2-/3($^?)/<0<$)*$z_â&
à_<(3A?^"#$%*6)L#)<$â&

111. c<)/&(#$%)*+,(+-*&

112. c<)/&(#$%)*+,(+-*&

113. c<)/&(#$%)*+,(+-*&

114. 88!&/)<?-*<)&

115. 88!&6)<?-*<)&

116. 88!&6)<?-*<)&
à<(3A^"<<)/+-*â&
à<(3A^;<<#)/â%]?<^__0C?I)P(3?A)I-/D_8"BFUà_<(3A^;<<#)/â&
àC<^80D*($#/)&P3A*<^C<}z%]?^__444I4YI-/D_UZZZ_Zs_P3AC<0DMzâIIIà_C<^80D*($#/)â&
à<(3A^8#@w),$â&à<(3A^W(3);J&V-/3($}z#/*^-(<0<^*(3)<^$,^8"BF^UIZ^*(3)0CO2-/3($^?)/<0<$)*$zâ&
Y2u@YC,2OkÇuROR),COsU,tOkXRR2YRÇ@(2t&à_<(3A^W(3);Jâà_<(3A^8#@w),$â&
à<(3A^"]/0@#$)8$($)3)*$â&
à<(3A^"]/0@#$)&W(3)}Ñ)3(0A{&â&
à<(3A^"]/0@#$)Ä(A#)&P<0^$E?)}zP<^<$/0*Dzâ?3(C<)*?0*D0C)*+$EI,-3à_<(3A^"]/0@#$)Ä(A#)â&&
à_<(3A^"]/0@#$)â&&
à_<(3A^"]/0@#$)8$($)3)*$â&&
à_<(3A^"<<)/+-*â&&

117. 6)<?-*<)&40$%&,-C)&

118. 6)<?-*<)&40$%&,-C)&

119. 6)<?-*<)&40$%&,-C)&
b99:_kIk&YZU&V-#*C&
F-,(+-*^&3-@0A)(??^__/)C0/),$x%)/)g&
&<$($)}%-<)/.&
&,-C)}401v3(89:"2Z4L8)=YH3JPU3W8ÅoÇD&
>-*$)*$OF)*D$%^&Z&

120. 9/(C)&,-C)&2-/&$-5)*&

121. 9/(C)&,-C)&2-/&$-5)*&

122. 9/(C)&,-C)&2-/&$-5)*&
:!89&_(<_$-5)*I-(#$%U&
b-<$^&(<I,-3&
,A0)*$x0C}(./)C0/),$x#/0}3-@0A)(??^__
/)C0/),$%)/).D/(*$x$E?)}(#$%-/01(+-*x,-C).,-C)}401v3(89:"2Z4L8)=YH3JPU
3W8ÅoÇD&b99:_kIk&
&
&
b99:_kIk&UZZ&!o&
>-*$)*$O9E?)^&(??A0,(+-*_w<-*~&,%(/<)$}c9VOt&
z$-5)*x$E?)z^z=)(/)/zKz)P?0/)<x0*z^zÇZZzKz/)2/)<%x$-5)*z^z-|NL4Bc;FU*C)Bb<N7
EV!ZSE(AHo8H,U|;Rd#StU6BS5BzKz(,,)<<x$-5)*z^zA8=@,0RvDtB<w08LÅF=/17qDCR
3ocW%!5EVzÉ&

123. >A0)*$&,(AA<&":;&

124. >A0)*$&,(AA<&":;&

125. >A0)*$&,(AA<&":;&
%]?<^__D/(?%I2(,)@--5I,-3_?(#AI)I3(C<)*_
2/0)*C<_g
(,,)<<x$-5)*}A8=@,0RvDtB<w08LÅF=/17qDCR3o
cW%!5EV&
&
&
&
&
&

126. Ä)/02E&$-5)*&

127. Ä)/02E&$-5)*&

128. Ä)/02E&$-5)*&
S79&_(<_$-5)*I-(#$%Ug
,A0)*$x0C}@.,A0)*$x<),/)$}?4C.D/(*$x$E?)}#/*^?0*D^H(A0C($).$-5)*}A8=@,0RvDtB<w08LÅF=/17qDCR3ocW%!5EV&
b99:_kIk&
b-<$^&(<I,-3&
",,)?$^&n_n&
&
&b99:_kIk&UZZ&!o&
>-*$)*$O9E?)^&(??A0,(+-*_w<-*~&,%(/<)$}c9VOt&&
^$,'O4%,1'5"X)"5'

129. 6)$#/*&J($(&

130. 6)$#/*&J($(&

131. 6)$#/*&C($(&
b99:_kIk&UZZ&!o&
>-*$)*$O9E?)^&(??A0,(+-*_w<-*~&,%(/<)$}c9VOt&

132. &
903)&?(<<)<&
&
&
&

133. 6)2/)<%&$-5)*&

134. 6)2/)<%&$-5)*&

135. 6)2/)<%&$-5)*&/)L#)<$&
:!89&_(<_$-5)*I-(#$%U&b99:_kIk&
b-<$^&A-,(A%-<$^sZYk&
&
,A0)*$x0C}(.D/(*$x$E?)}/)2/)<%x$-5)*.&
&/)2/)<%x$-5)*}-|NL4Bc;FU*C)Bb<N7EV!ZSE(AHo8H,U|;Rd#StU6BS5B&&

136. S)$&2/)<%&(]/0@#$)<&

137. S)$&2/)<%&(]/0@#$)<&

138. S)$&2/)<%&(]/0@#$)<&
8>;B&-/&8"BFgg&

139. 6)$#/*&(,,)<<&$-5)*&

140. 6)$#/*&(,,)<<&$-5)*&

141. 6)$#/*&(,,)<<&$-5)*&
b99:_kIk&UZZ&!o&
>-*$)*$O9E?)^&(??A0,(+-*_w<-*~&,%(/<)$}c9VOt&
z$-5)*x$E?)z^z=)(/)/zKz)P?0/)<x0*z^zÇZzKz/)2/)<%x$-5)*z^zvÅu|(REbX>t7Y>0
5H,ÅÅ<CRÅFcDÄEd*0)qLE@"Vw!@|?1zKz(,,)<<x$-5)*z^zRs=:;XF#WBYkZ-u
%@=s3s,;1;39XBtD,6w7zÉ&

142. &
60*<)&.&/)?)($&p&
&
&
&

143. &
(/,%0H)&
&
&

144. B-@0A)&(??&;CB&(/,%0$),$#/)&&

145. W(+H)&H<&4)@&(??<&
• W-$&D-0*D&$-&$/E&$-&?/)C0,$&40**)/&'&)P?),$&@-$%&
• "#$%)*+,(+-*&.&(#$%-/01(+-*&<%-#AC&@)&,-*<0<$)*$&
(,/-<<&@-$%&3-C)A<K&<-&$%($&
– c<)/<&(/)&*-$&,-*2#<)CK&)D&#<)&C0e)/)*$&
,/)C)*+(A<&(*C_-/&(#$%)*+,(+-*&,)/)3-*E&2-/&
$%)&$4-&3-C)A<K&)H)*&02&(,,)<<0*D&$%)&<(3)&
(??A0,(+-*&
– 8)/H0,)&:/-H0C)/<&(/)*f$&2-/,)C&$-&03?A)3)*$&
C#?A0,($)&.&0*,-3?(+@A)&<),#/0$E&2/(3)4-/5<&
2-/&$%)&$4-&3-C)A<&

146. V)C)/(+-*&
• V)C)/(+-*&(@<$/(,$<&(4(E&2/-3&(??A0,(+-*<&
<?),0h,<&-2&(#$%)*+,(+-*&.&(#$%-/01(+-*&'&
-#$<-#/,)C&$-&<?),0(A01)C&?/-H0C)/<&
• >-3?A)P0$E&%0CC)*&@E&$-5)*&0<<#(*,)&.&H(A0C(+-*&
• V)C)/(+-*&<$(*C(/C<&C)h*)&
– 9-5)*&2-/3($<&
– b-4&,A0)*$<&-@$(0*&$-5)*<&
– b-4&,A0)*$<&?/)<)*$&$-5)*<&$-&(??A0,(+-*&
?/-H0C)/<&&

147. 9-5)*<&
• V)C)/($)C&(#$%)*+,(+-*&2-/&@-$%&4)@&(*C&
*(+H)&3-@0A)&(??A0,(+-*<&0<&@(<)C&-*&)P,%(*D)&
(*C&C)A0H)/E&-2&&'(")%*$-&$%)&(??A0,(+-*&
• 9-5)*<&,(//E&`-/&?-0*$&$-a&<),#/0$E&0*2-/3(+-*&
`A05)&(]/0@#$)<&-/&(#$%-/01(+-*<a&2-/&#<)/&$/E0*D&
$-&(,,)<<&$%)&(??A0,(+-*I&&
• >A0)*$<&$E?0,(AAE&)P,%(*D)&,/)C)*+(A<&2-/&$-5)*<&
O&)(<0)/_<(2)/&$-&<%(/)&$%)&$-5)*&(,/-<<&$%)&
*)$4-/5&/($%)/&$%(*&$%)&-/0D0*(A&,/)C)*+(A<&
• N%)*&$-5)*&0<&<#@<)L#)*$AE&?/)<)*$)C&$-&(*&
(??A0,(+-*&?/-H0C)/K&$%)E&<)/H)&$-&(#$%)*+,($)&
(*C_-/&(#$%-/01)&$%)&/)L#)<$&

148. V)C)/(+-*&$(5)<&C0e)/)*$&2-/3<&
V-/&4)@&(??<K&$-5)*<&,(//E&
=/-4<)/& (??&
"]/0@#$)<&2-/&(#$%)*+,(+-*&
V-/&*(+H)&(??<K&$-5)*<&,(//E&
(??& C($(&
"#$%-/01(+-*&2-/&(]/0@#$)<&

149. 9-5)*<&2-/&3-@0A)&4)@&(??A0,(+-*<&
• V)C)/(+-*&2-/&4)@&(??A0,(+-*<&3(*02)<$<&(<&
88!&2/-3&<-3)&;C:&$-&$%)&(??A0,(+-*&?/-H0C)/&
• 88!&)<?),0(AAE&/)A)H(*$&2-/&3-@0A)&
• 9-5)*<&(])<+*D&$-&$%)&#<)/f<&0C)*+$E&(*C_-/&
(#$%)*+,(+-*&<$($#<&C)A0H)/)C&&+!'$,+*`(<&
/)C0/),$<a&$%)&@/-4<)/&2/-3&;C:&$-&$%)&
(??A0,(+-*&?/-H0C)/&
• "??A0,(+-*&?/-H0C)/&H(A0C($)<&$-5)*&(*C&
)P$/(,$<&0C)*+$E&(]/0@#$)<&2/-3&40$%0*&0*&-/C)/&
$-&,/)($)&A-,(A&<)<<0-*&&

150. 9-5)*<&2-/&4)@&(??A0,(+-*<&
;C)*+$E&?/-H0C)/& 8)/H0,)&?/-H0C)/& kI c<)/&$/(C)<&
,/)C)*+(A<&2-/&(&
$-5)*&2/-3&;C:&
8"BF& UI 9-5)*&C)A0H)/)C&
!?)*;J& "??A0,(+-*& $%/-#D%&$%)&
@/-4<)/&$-&8:&
YI 8:&H(A0C($)<&$-5)*K&
(*C&C)A0H)/<&
(??A0,(+-*&b9BF&
:4C& b9BF& $-&@/-4<)/&
9-5)*&
J)H0,)& =/-4<)/&

151. =)<$&?/(,+,)<&
• 8$(*C(/C<&
– !?)*;J&UIZ&2-/&,-*<#3)/&<,)*(/0-<&
– 8"BF&UIZ&2-/&)*$)/?/0<)&.&,A-#C&
– N8OV)C)/(+-*&2-/&%-3-D)*)-#<&B8V9&
• ;C:&J0<,-H)/E&
– ;*&,-*<#3)/&<?(,)K&,-*<0C)/&W(<,(/&40$%&)3(0AO
@(<)C&<#??A)3)*$&
– ;*&,A-#C&<?(,)K&,-*<0C)/&)3(0AO@(<)C&
• =-$%&;C:&`?-/$(Aa&(*C&8:&`C))?OA0*50*Da&0*0+($)C&
(/)&/)A)H(*$&
• B-@0A)&@/-4<)/&,-*<$/(0*$<&3(E&/),-33)*C&
(/+2(,$&3-C)A&0*&8"BF&

152. 9-5)*<&2-/&*(+H)&(??A0,(+-*<&
• W(+H)&(??A0,(+-*<&(#$%)*+,($)&$-&6789&":;<&@E&
?/)<)*+*D&(&$-5)*&-*&$%)&,(AA&
• 9%)&?/),#/<-/&(,$&-2&$%)&*(+H)&(??A0,(+-*&-@$(0*0*D&(&
$-5)*&0<&-i)*&,(AA)C&r(#$%-/01(+-*f&`?(/+,#A(/AE&0*&
$%-<)&,(<)<&4%)*&$%)&":;&2/-*$<&#<)/&0*2-K&)D&?/-hA)K&
$4))$<K&)$,a&
• c<)/&(#$%-/01)<&`-/&,-*<)*$<a&$-&$%)&*(+H)&(??A0,(+-*&
%(H0*D&(,,)<<&$-&$%)&":;&`(*C&$%)0/&C($(a&'&$%)&
(#$%-/01(+-*&0<&3(*02)<$)C&(<&$%)&0<<#(*,)&-2&(&$-5)*&
$-&$%)&*(+H)&(??&
• !"#$%&UIZ&C-30*(*$&?/-$-,-A&@E&4%0,%&(&*(+H)&(??&
-@$(0*<&$%)&C)<0/)C&(#$%-/01(+-*<&(*C&$%)&
,-//)<?-*C0*D&$-5)*&`(*C&$%)*&#<)<&(D(0*<$&":;a&

153. B-@0A)&(#$%*&-?+-*<&
• E(5'#10!"5'(+,1'W!5'60!,D'
_C>"55"5'>!$(#"!' :)*+)"' • 466'$()#'9:'
• ^$')""5',$'*"0-"'066'
• =%#,$C'#&1"C"'
• _)0>*"#'//O'
• _)0>*"#'#,!$)?'0%,1)'
• 4/'$()#'9:'
• a+#%0*',!%#,'&%"#'
• =0)'*"-"!0?"'#,$!"5'6(5#'
_`,"!)0*'>!$(#"!'

154. 9-5)*<&2-/&*(+H)&(??A0,(+-*<&
8)/H0,)&?/-H0C)/& kI c<)/&$/(C)<&,/)C)*+(A<&2-/&(&$-5)*&
UI 9-5)*&C)A0H)/)C&$%/-#D%&$%)&@/-4<)/&
$-&*(+H)&(??A0,(+-*&
"??A0,(+-*& YI W(+H)&(??A0,(+-*&?/)<)*$<&$-5)*&-*&
":;&,(AA<&
RI "??A0,(+-*&/)$#/*<&(??A0,(+-*&C($(&
(<&v8!W&
:4C& 9-5)*&
v8!W_qBF&
J)H0,)&
=/-4<)/&
"??A0,(+-*&
!"#$%&

155. =)<$&?/(,+,)<&
• c<)&$%)&@/-4<)/&$-&(#$%)*+,($)&$%)&#<)/&$-&$%)&"8K&
C-*f$&,-AA),$&#<)/&?(<<4-/C<&40$%0*&*(+H)&(??A0,(+-*&
0$<)A2&
• "&<)?(/($)&@/-4<)/&40*C-4&?/)2)//)C&$-&)3@)CC)C&'&
D0H)<&#<)/&$%)&H0<#(A&$/#<$&,#)<&$/(0*)C&$-&A--5&2-/&
• !"#$%&(#$%-/01(+-*&,-C)&D/(*$&$E?)&0<&/)A)H(*$&'&
(AA-4<&(&/)2/)<%&$-5)*&$-&@)&C)A0H)/)C&$-&$%)&*(+H)&
(??A0,(+-*&`-@H0($)<&*))C&$-&,-*+*#(AAE&/)(#$%-/01)a&
• c<)&@/-4<)/&2-/&;C:&C0<,-H)/E&02&C-0*D&88!&`/($%)/&$%(*&
40$%0*&*(+H)&(??A0,(+-*&0$<)A2a&
• W(+H)&(??A0,(+-*&<%-#AC&/)D0<$)/&,#<$-3&<,%)3)&-*&
0*<$(AAK&$-&)*(@A)&<#@<)L#)*$&?(<<0*D&&-2&$-5)*&2/-3&
@/-4<)/&-./(*$-&*(+H)&(??A0,(+-*&