WebProNews Ad Rates Click Now!
Read WebProNews
With Friends!

Google’s Open Web Advocate Talks White House Web ID Plan

Chris Messina Aims to Clarify Misconceptions of NSTIC

Get the WebProNews Newsletter!
By · January 18, 2011 · 53 Comments

As previously reported, the White House is working on a "National Strategy for Trusted Identities in Cyberspace" or NSTIC, in which it has placed the Commerce Department in charge of an "Identity Ecosystem". The initiative has drawn a mixture of praise and criticism, and judging by our own readers’ comments, there is a whole lot of criticism. More on this here.

Share your thoughts on the White House’s strategy.

 We had a discussion on the subject with Chris Messina, Google’s Open Web advocate. Messina was there when the plan was revealed, and is rather knowledgeable in the subject of online identity (besides working for Google, he’s on the board of the OpenID Foundation, and has worked with Mozilla to produce a concept on implementing identity in the browser called "The Social Agent") , which is why we felt he would be a good person to share his views on the strategy.   

"As it stands, I can see why people are angry or confused, but, while vague, the NSTIC isn’t as bad as people seem to think — the fact that it’s being run out of commerce means that the government is looking for innovation and competition — not to own these identities," Messina tells WebProNews. "Of course I can’t say what this means about surveillance and security, but anyone who uses a cell phone or hosted email should already understand that they’re susceptible to government wiretaps and data seizure — oftentimes without needing to be informed (Twitter is the rare exception recently). Anyway — if you can pick an identity provider that’s certified to meet certain criteria and that you also trust — that seems win-win to me."

What the government has suggested appears to be the use of platforms like OpenID. " We need a vibrant marketplace that provides people with choices among multiple accredited identity providers – both private and public – and choices among multiple credentials," said Cybersecurity Coordinator and Special Assistant to President Obama, Howard A. Schmidt, upon the announcement of the plan. "For example, imagine that a student could get a digital credential from her cell phone provider and another one from her university and use either of them to log-in to her bank, her e-mail, her social networking site, and so on, all without having to remember dozens of passwords. Such a marketplace will ensure that no single credential or centralized database can emerge."

Chris Messina Talks White House Web ID Strategy"The government’s NSTIC plan is designed to promote OpenID and other existing (and not-even-invented) initiatives," explains Messina. "In fact, the NSTIC was written with input from many of these groups including the OpenID Foundation. It went through an open comment period as well — so it’s not as if many of these concerns weren’t raised before. Since the final draft of the NSTIC hasn’t been released yet, I expect many of them will be reflected in the final draft."

"The NSTIC calls explicitly for the creation of an ‘identity ecosystem’ — fancy words for saying ‘we don’t want a system where there’s only one identity provider’ (least of all the government!),’ Messina continues. "Now, one of the challenges with creating an ‘ecosystem’ is that you end up with potentially non-interoperable solutions, leading to consumer confusion and frustration (think: ‘Sorry, we don’t accept American Express here’). So while the government intends to rely on private industry to develop the technologies and protocols — such as OpenID — that will enable this ecosystem, I believe that the government has a role in placing pressure on the industry to eventually select a set of standards we can all live with."

"I, for one, would prefer to avoid a government-developed identity standard at a time when industry is rapidly innovating in this space and wants to solve this problem as much as — if not more than — government does," he adds. "But I also know that there are a lot of vested interests that would love to have their pet protocol selected as the gold standard here (pun intended) and that’s going to require leadership, persistence, and an open process so that the best solution(s) to the problem eventually shake out from several years of competition and experimentation."

A common concern expressed by the public has been along the lines of: a single username and password for all sites is a bad idea, and is not secure, compared to having many usernames and passwords.

"The user’s concern is valid," says Messina. "One username and password for everything is actually very bad ‘security hygiene’, especially as you replay the same credentials across many different applications and contexts (your mobile phone, your computer, that seemingly harmless iMac at the Apple store, etc). However, nothing in NSTIC advocates for a particular solution to the identity challenge — least of all supporting or advocating for a single username and password per person."

"In reality, different applications requiring different levels of security, and different behaviors require different kinds of protections," he says. "As Howard A. Schmidt pointed out, for many people, you don’t necessarily want to use the same password that you use for Facebook that you do for your bank. For someone like me, however, where my social media presence is both very important and valuable to me, I want to protect all of my accounts — financial and social networking — equally. So there’s no one-size-fits-all solution, but that’s closer to the reality today — where I as a user often DON’T have a choice about how strong the security deployed to protect my accounts is — versus the future, where we’ll have an ecosystem of identity providers all offering different kinds of protections."

"To restate this point: when I sign up for an account today, why can’t I choose to login in everywhere with my Google account and then rely on Google’s anti-fraud and second factor authentication features to protect my account? Or, if I’d prefer to use someone other than Google, why can’t I use them instead, and rely on, say, their biometric security features?"

"Until a competitive marketplace and proper standards are adopted across industry, we actually continue to have fewer options in terms of how we secure our accounts than more," he says. "And that means that the majority of Americans will continue using the same set of credentials over and over again, increasing their risk and exposure to possible leaks (see: Gawker)."

In the comments section of our previous article, one reader asked who would be responsible "WHEN (not if)" the systems proposed get hacked. 

"Going back to my previous point, if we truly arrive at a user-centric ecosystem, then the party that you choose to represent you as your identity provider will be responsible should anything happen to your account," says Messina. "And I hope that people actually choose their identity provider carefully, and based on the steps that they take to secure your account and keep it safe."

"A user-centric model demands that users be in charge of selecting their identity provider, and that this free choice creates a competitive marketplace where identity providers compete for customers," he adds. "If one provider has lax security or onerous identity proofing requirements, the market will ideally reflect that situation by rewarding or punishing them economically, leading to user-positive improvements. Some of this does depend on users having some understanding of what’s at stake when it comes to their online identities and profiles, but just as people safeguard their cell phones today, I think people will feel similarly protective of their online accounts in the future (if they don’t already) and will look for ways to keep those accounts safe and secure."

As we reported before, there doesn’t appear to be anything in the NSTIC indicating that people will be required to use ID systems spawned by the initiative – a point that some people may have overlooked.  

"The last thing that I’ll add — which itself is controversial — is that this whole system, at least at the outset, will be voluntary and opt-in," Messina says. "That means that if you don’t want the convenience of not having to use passwords anymore, you won’t have to. If you’re okay rotating your passwords and maintaining numerous discreet accounts across the web, that’s cool too. I don’t think a mandatory system would succeed — at least not without proving its security, stability, convenience, and utility over several years."

"Furthermore, the fact that this initiative is being run out of the Commerce Department, which has an interest in stimulating growth, business, and innovation, means that we hopefully won’t end up with a set of technologies designed only by security wonks that are completely unusable by regular folks, but that the market will see the exploration of a number of different competitive solutions, and from them, a few will stand out as leading the way forward."

"I am hopeful that NSTIC, at the very least, is raising these issues at a critical time on the web — where the future of competition for who owns your identity online is in question," Messina concludes. "My hope is that we arrive at a place where people have a choice, and they can go it alone as steadfast libertarians might prefer, or they can choose to get some assistance from the Googles and Facebooks of the web in dealing with this increasingly important issue."

Speaking of Facebook, any system – existing or spawned from NSTIC – will have a hell of a time competing with Facebook for "owning" users’ online IDs. Facebook has nearly 600 million users worldwide, according to recent estimates, and has a pretty big competitive advantage with its Open Graph and Facebook Log-in features already implanted firmly across many sites around the web.

Comments welcome

 

RELATED ARTICLES:

Jury Voted 9-3 in Favor of Google in Oracle Case

Jury Voted 9-3 in Favor of Google in Oracle Case

It was recently reported that the jury in the Android/Java patent infringement case sided with Google, and Joe Mullin at Ars Technica reports that the 12 were split 9-3 in the search giant's favor. J...
Google Glasses: Google Lets Photographers Try Them Out

Google Glasses: Google Lets Photographers Try Them Out

Photos are clearly an important part of Google's larger strategy, and Google+ has been an impressive offering into the photography world. Google is working on what could be an even more impressive of...
Google Wants a Deeper Relationship With You, Photos A Major Part Of That

Google Wants a Deeper Relationship With You, Photos A Major Part Of That

Google held its first Google+ Photographer's Conference this week in San Francisco, and emphasized the social network's role in the photography world. Of course, the thing about that is that everyone...
Top Rated White Papers and Resources
There are 53 Comments. Add Yours.

  1. There is a new W3C WebID Incubator Group:

    “The mission of the WebID Incubator Group, is to further advance for full standardization the WebID protocol, an authentication protocol that uses the SSL/TLS layer for user identification by tying the client to a profile document on the Web through placing a URI in a certificate. It is a first step to a fully standard-based browser authentication experience, but not limited to browser based authentication: peer to peer server authentication will work just as well. The Incubator Group intends to pursue work that has been evolving since 2008, grow the number of interested parties from the Social Web, security and browser communities, and integrate their feedback.”

    http://www.w3.org/2005/Incubator/webid/

  2. Sounds good to me… Maybe we can all be roving avatars in cyber space someday?

  3. MyCloudKey requires you to register just one number or paraphrase and then use that to generate unique passwords or identities for all the websites without the user having to remember each of them.

    The unique feature of this solution is that the MyCloudKey ID is registered and locked to a device owned by the user such as their cellphone. So no one can use the key even if they know what it is from their device or cellphone.

    The user can also add a second or third device to access the MyCloudKey ID so in case they loose on, there is another backup available.

    • The First thing that comes to my mind is cloning and i’m sure he hackers love that you left the door open for them to simply clone your device and then wipe you out . this all just makes easy for them to take everything you own before you know what happened and can put a stop to it
      Please don’t say they cant do it after all the bank said their ATM cards were secure to but yet hackers are cloning cards every day and wiping people out before they know what hit them
      Face it All one ID systems are a bad idea

  5. It all sounds good and innocent, but like anything the Goverment gets involved with, ends up costing us money and frustration. There is nothing necessarily wrong with it or the people in the government, it is the history of the mechanism that smells like a rat.

    Once the program were implimented, then they will need to hire staffing for something, which will then result in a mandatory registration and a fee. Since you are registered and accountable to them, they can impose fees based on some thug/pig in another country, so we have to charge you with this fee..oh, and the paperwork takes three weeks to process, and on and on.

    I fly Internationally, and there is always some “crap” that they keep adding to the list of hoops, not in the name of security, but because of the beauracracy they end up with.

    The answer is NO!

  6. Freedom
    Reply

    NO! Not a good idea! Obama wants more Government Control in your life just like his buddy Hugo Chavez! First: is the networks, CBS, ABC, NBC Second: is Health Care Third: is the internet then talk radio, guns will be next! The Constitution is the law of the land! DEMS do not like the Constitution! If you do not like Freedom then move out of our country!

  7. Guest
    Reply

    The government has no authority over the web!! It’s a collection of privately (and publicly) owned servers and computers. The communication between those computers is a digital form of verbal communication between individuals… which the government has no authority over: Freedom of speech, Freedom of association..

    The government claiming authority where it has none is Tyranny!! And them claiming they have authority over the web does not make it so.

    Freedom of speech and speaking the truth is dangerous ~ but only to governments doing evil things and trying to hide the facts. Pushing this kind of system through just shows what the government is all about: control/enslavement/tyranny etc. They have no business messing with the Internet. Even if they create an event that scares people (release a virus, make false claims that hackers got into pentagon computers, or any other false flag scenario). My message to the White House staff planning this takeover: PISS OFF!

    Resistance to tyrants is obedience to GOD!

  8. I would be in favor of a biometric identity system that could be developed and employed to either eliminate the username/password combination.

    Each person could decide for themselves which accounts would be okay to use a universal userid/password and which would require further security, such as biometrics.

    For example, I may decide that usual browsing would only require my log-in with a username/password, but logging in to facebook would require a second level of security, such as facial recognition and logging in to my bank records may require a third level of security, such as a thumb print.

  9. If it ain’t broken, don’t fix it !
    If it is broken the government will waste a lot of taxpayer money and
    make the problem worse !
    The best govenrment is the smallest possible government ! !

  10. My only comment here is that we all need to be very careful about how much larger we want our government to grow. “Big Brother” will get here unless we reign in this out of control, bloated behemoth. I see nowhere in our Constitution where the federal government is given the power to even care about my online ID’s.

  11. Guest
    Reply

    Would you stick your hand into a rattlesnake cage just because our government said it was safe to do so? I trust our government – and not just this administration – like I trust a rattlesnake! NO

  12. On the surface, this whole ID thing sounds very innocuous. What could possibly go wrong?

    For clarity on this subject, just read George Orwell’s “1984″.

    There is NO constitutional authority for this power grab. Just say NO.

    • Butch
      Reply

      I totally agree! Please keep in mind that the government should work according to our Constitution and Bill of Rights combined. They do not have authority over the Net in any way!

      Also keep in mind that our government has continued to reach further into the lives of our citizens since inception; and although I love my country, fought for my country in Vietnam and served my country for over 40 years as a law enforcement officer prior to retirement; I will not allow the continued intrusiveness displayed the past few years. As a conservative I do not agree with the current administrations attempt to remove our Constitutional Protections and/or the socialist direction of their policies. But more than that I do not trust any government, be it Liberal or Conservative in taking over the internet, our free speech protections and/or our personal weapons.

      Everything our government gets involved in becomes a Cash Cow for them which never ceases to grow in size and cost. Look at how they have ruined Social Security from it’s original design. Look at the EPA, FCC, the new attempt to enslave us with Obama Care, Education control which has turned out a continual flow of idiots because education has become a government and union controlled entity which cares nothing about true education; just secure lifetime employment for educational union members.

      Hell no to another take over by our government!

  13. jonathan
    Reply

    I recall years ago the US Postal Service tried to spearhead an initiative like this. Seems to me an ID system would belong under the USPS more than the Commerce Dept. Cyber ID’s are not just for commerce, they’re for authentication in general.

  14. Guest
    Reply

    I can’t remember a time when the government acted for the good of the people, so I suspect it is more a control, or a Big Brother issue. Since, as the article pointed out, the government already has contol over what you may have thougt was your Internet privacy rights under The Patriot Act, why make their job any easier for them. Let them earn their snooping money.

  15. A bad plan, proven to fail before it started.
    Who is protecting who and at what cost? – I find
    -
    First of all the honest and general – vast majority I might add -public has no need beyond simple protective measures.
    Secondly, the criminals and other groups of more insane propositions will usually use the technology advancements to their own benefits. Just as our ex-superpowers engaged into a weapons buildup game and it has been evidenced it can never be won, the one who looses out is the general public as funding gets put into a bottomless pit of no-return.
    -
    Thirdly, just because the government does channel this ID idea through the commerce department doesn’t mean once it is useful and up and running that it can’t be integrated into a database “that saves life and protects the innocents.” Again the majority suffers for the few insane ones; why do we all have to pay with less freedom because of the few. Let’s just find them. Yes, we can without this “ecosystem!” More technology in officials hands has as yet show any benefit, I realize this is a very general statement; police has not resolved crime despite its technologies.
    Most importantly the perhaps biggest issue is the possibility of even better filtering of “unwanted” individuals or in plain English, the opinions we don’t want to hear about. The stress here is on unwanted as it leaves room for personal judgement and I hate the idea someone might not like my nose or smell…
    -
    While I agree there is a need of change, the first step should be proper education and training of the individuals to be entitled to call themselves citizen. Education not just in what your rights are but what your responsibilities are and most importantly how lack of responsibility affects us all.
    Goodwill, doing the right thing, is NOT enforceable and this is where the whole system eventually will fail. this is why force and penalties never work because people do the right thing because they want to. Evidence: Criminals don’t stop because of penalties. Good ones don’t need any.
    -
    It is the simple study of our history that shows clearly that int he name of protecting the innocent (a good PR line and nothing more) we allow a complete on-slaughter of our freedoms.
    If it is free to join, I find it acceptable, but we are already doing this and one uniform platform will only open the door to abuse.
    -
    People only change through education in the basics of life, citizenship and never by force.
    There is no citizenship education only a “don’t get caught as penalties are severe.” What a humane approach!

    So it is a strong no because the misuse is so plain obvious and not just by the government.

    On my blog I have a few articles on law, problems, etc. that should be forwarded to the “creators” of the new system. (today it may be voluntary and tomorrow it ll be mandatory…)

    Personal Website: http://www.ottjo.wordpress.com

    P.S. All these systems are are a simple reflection of the attitude and mentality of the creators. It it those we should be worrying about.

  16. Spydyr on the Web
    Reply

    Any attempt to corral, classify, or monitor is simply an attempt to control, dictate, and punish those who would step out of the status quo. Those who think otherwise are blind, dumb, or both.

    Those Who Sacrifice Liberty For Security Deserve Neither.

  17. Lee
    Reply

    I am not typically a conspiracy theorist, but this sounds like just another invasive attempt by the government to track and monitor people under the guise of “protecting us”.

    The reality is that any type of program that can be developed for protection can also be counter-developed/hacked and we are no safer than we are right now. A more educated internet user that takes proper precautions and doesn’t do things like using passwords like “abc123″ and doesn’t click on every little thing that looks “cute” is normally unaffected by the scammers, hackers etc…

    The OpenID option should be an commercial, non-government involvement option that people have the right to opt in but under no circumstances should be required as a basis of being able to utilize the internet under normal usage conditions.

  18. While I agree with almost everything being stated, I find it hilarious that this discussion is becoming a political hunting ground and the target is Obama; The article clearly stated that this initiative started in 2008 under the Bush/Cheney administration, the same administration I might add that single handedly stripped more rights from the US citizen and shredded the constitution for their own personal agendas under the guise of protection.

    This issue isn’t red vs blue, Democrat vs Republican it a an overall government vs the people and both sides have their fair share of blame.

    So the overbearing, intelligence insulting, lets blame it on the socialist Obama so all go drink some tea and soak their heads and leave this discussion to the grownups.

    PS: No, I did not vote for Obama.

    • Actually, this idea started a LONG time ago, Al Gore was involved in plans to impliment a micro chip to track, buy, and sell, ten or more years ago. If you want to know whos idea it was though, you’ll need to go back much further.

  19. Guest
    Reply

    nothing more than surveillance. It’s no secret that they do not want free speech on the internet!

  20. NO!!! Why would people want to go back to one # opens all? If that one is compermised you are compermised with ALL.

    And don’t tell me the Government will keep it safe. Just look at the SSN and how safe that number is. Also how about the No Call List!

    And look how places like China and Iran and see what could happen here. “Oh, number 1111112 is going to lots of auto parts sites looking at lots of different car parts for different kinds of cars. He should be blocked from going to too many sites like that”.

  21. Whenever one advances the idea of ‘making things simpler’ by using any type of ID system, the population is justifiably concerned because they are no longer assured of their unique situations being given full merit & consideration because it is easier for those in charge to implement a “one size fits all” policy.
    Not to mention the ability of any one individual or entity to corall the data of selected individuals for whatever purpose it intends.

    Here’s my prediction: All of this is leading towards an Internet system controlled by Goverments (plural); where there will be a heirachy of Users ranging from High to medium to low. The “High” would have data protection and maybe pay a price or just be ‘uncled-in’, while the middle will be the ones who drives the system and do what we are doing now (web commerce, blogs, SEO and etc.) while the designated “low”, will have no protection and limited access to the Internet at large. I am hoping I am wrong but I am known to be correct more that 90% of the times on matters of forecasting.

  22. Guest
    Reply

    The governemnt does not need to know when I spend five dollars in a five and dime store, why do they insist on knowing who I am when I purchase anything on the net…

    Too much government, sticking their noses in my business… They need to get out of my life and get a real job.

  23. It won’t be a matter of WILL YOU, it will be more like, USE IT or else. Eventually, this will be required to buy a car, home, and even groceries.

  24. Guest
    Reply

    We are so close to the “Big Brother” conspiracy theory manifesting that it’s unbelievable. Every year there is something new related to all these new technologies (e.g. internet, email, cell phone, etc.) that brings the world closer to the one-world government theory. Our privacy is literally to the point where it is extinct – there is none. I guess we can all say goodbye to the free world and hello to the new world filled with constant monitoring, an overbearing and pushy government, and nosy companies watching what we do online so they can pump us up with millions of marketing messages.

    This initiative was started before Obama’s time in office but he should try to avoid being the scapegoat for its activation. I have the utmost respect and honor for Obama as I voted for him, but it is a shame that he is allowing himself to be the scapegoat for a secretive elite powerhouse initiative toward accomplishing the one-world government. He needs to wake up!!!

  25. Guest
    Reply

    Is this a joke? No its not, this is very ugly serious I dont care what the case the government makes is.. Next thing you know, the cops will be at your door, knock you to the ground and arrest if you say you like guns in a passing statement. This is all for GOVERNMENT CONTROL. ENOUGH ALREADY! Leave me and the internet alone! We cannot allow this to happen, and if it does, THERE IS NO TURNING BACK, EVER! The next step is to pay fees for the id’s. and then if you dont pay a parking ticket, your internet access will be stopped or very limited. GOVERNMENT CONTROL! Government has not fixed anything, all government does is cause MORE PROBLEMS!

  26. As a website owner and marketer, of course you want to be intrusive to a degree, that’s what Google Analytics is for and users aren’t even aware of the depth of detail we have access to already; now the government wants to promote a single ID/Password system that will drive people through a proverbial “Turnstile”. If that “turnstile” has to be regulated or surrender data to a government agency as a condition of being an “ID Facilitator”, that really smacks of a “Big Brother Franchise” and would seem to be the greatest risk to personal privacy to date.

  27. Having anlysed the pros and cons of this debate it is clear that any initiative to have a single I’d is flawed. A single logon opens the user up to hacking. If on the other hand the provider accepts the liability for the compromise of an account it opens them up to fraud. This is a lose lose situation for business and consumers. The greatest beneficiaries are goveernments who would be priviy to the actities of the user so it is no surprise that they have taken the leadership role in such a venture. Make no mistake this I not about the user but about governments exploring more ways to spy on itheir citizens. As such I would never support a plan. The arguments in favour is an insult to my intelligence.

    • What alternatives might you propose?

      Do you believe that spam, fraud, and identity thefts are problems on the web that need to be addressed, or are you okay with the status quo?

  28. Guest
    Reply

    Are they jumping in bed with the fairness doctrine too?
    Is it ok as long a “you’re part of the inner circle?

  29. Already the individual’s constitutionally enshrined rights to privacy have been gradually eroded n the name of national and global security. The fight against terrorism in an effort to preserve democracy, has visited upon the citizenry the growing powers of the state to increase its surveillance and consequently giving rise to the curtailing of freedom of expression, wire taps, closed circuit television, data seizure, mandatory financial disclosure requirements, Anti-Terrorism legislation and the Patriot Act (giving the state almost unlimited powers), passenger tracking and watch list…and the list continues.

    Now the last remaining rights to enjoy whatever rights to privacy are still left, including the right to preserve your online identity, is now under threat. So that very soon that which seeks to preserve the rights of the citizen is the very thing that erodes it.

    And as the constitutionally enshrined rights of the citizen stand collectively for the protection of the individual and consequently the state collectively, all of these rights being important and none secure in the absence of the others; then the erosion of one such right unchecked opens the flood gates to the gradual erosion of all such rights.

    The preservation of the individual’s right to security by the state, as fundamental as it may be, simply cannot exist as envisioned under the constitution if the individual’s right to privacy is in the process trumped or eroded. The collective rights of the citizenry can best be protected when each fundamental right is preserved to each citizen, individually.

    So where will the line be drawn if we are to preserve the democracies enshrined in the constitution and bestowed upon each citizen, individually for the collective good? To sacrifice privacy for security, is to preserve neither!

    Eldonna Lendor
    @lendorlaw

  30. JD
    Reply

    It is a tremendous mistake and disservice to free enterprise to set a one ID/Password system. It is my direct experience that, no matter how perfectly designed, it is subject to failure.

    Like the recommended watch dock/protector such as and I am quoting “rely on Google’s anti-fraud and second factor authentication features to protect my account” has not, and if the past is a predictor of the future, will fail.

    Identity theft is running rampant and so are my internet accounts, as featured on the Google search engine, have been compromised more than ones is presently again. Even the CAPTCHA which we recently installed did not prevent the recent compromise. PayPal accounts are being compromised daily and so are credit card accounts.

    Please think hard before (big brother) does or supports an intrusion in the free enterprise system. We need change but maybe not the way it has been going (change that is).

What do you think? Respond.

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

WebProNews Videos | Advertise | About Us | Newsletter | Archive | News Feeds | Terms & Conditions | Contact Us

WebProNews is an iEntry Network ® publication - © 1998-2012 All Rights Reserved.