Merged revision(s) 1925-2226 from branches/STF484_VALIDATION

data/gencerts.bat

+@echo off
+
+REM Output path
+REM Path where certificates must be stored
+SET OUTPATH=certificates
+
+REM IUT public key file
+REM Set it for IUTs which store private keys internally
+REM SET IUT_PUBLIC_KEY=<path>
+
+REM Certificate generator path
+REM Visual studio
+SET CERTGEN=..\tools\itscertgen\build\msvc\Debug\itscertgen.exe 
+REM MINGW32
+REM SET CERTGEN=..\tools\itscertgen\build\mingw32-d\itscertgen.exe
+REM ---------------------------------------------------------------
+
+if DEFINED IUT_PUBLIC_KEY (
+	IF NOT EXIST %IUT_PUBLIC_KEY% (^
+		echo %IUT_PUBLIC_KEY%: IUT public key file not found 
+		exit 1
+	)
+)
+
+if not exist %OUTPATH% md %OUTPATH%
+
+REM Generate Generic TS certificates
+for  %%f in ( profiles\CERT_*_ROOT.xml ^
+	profiles\CERT_TS_?_EA.xml profiles\CERT_TS_??_EA.xml ^
+	profiles\CERT_TS_?_AA.xml profiles\CERT_TS_??_AA.xml ^
+	profiles\CERT_TS_?_EC.xml profiles\CERT_TS_??_EC.xml ^
+	profiles\CERT_TS_?_AT.xml profiles\CERT_TS_??_AT.xml  ) DO (
+	echo %%f:
+	%CERTGEN% -C gencerts.cfg -o %OUTPATH% %%f
+)
+
+REM Generate various valid or invalid TS certificates
+for  %%f in ( profiles\CERT_*_BO_CA.xml profiles\CERT_*_BV_CA.xml ^
+	profiles\CERT_*_BO_AA.xml profiles\CERT_*_BV_AA.xml ^
+	profiles\CERT_*_BO_EA.xml profiles\CERT_*_BV_EA.xml ^
+	profiles\CERT_*_BO_EC.xml profiles\CERT_*_BV_EC.xml ^
+	profiles\CERT_*_BO_AT.xml profiles\CERT_*_BV_AT.xml ) DO (
+	echo %%f:
+	%CERTGEN% -C gencerts.cfg -o %OUTPATH% %%f
+)
+
+REM Generate IUT certificates
+for  %%f in (profiles\CERT_IUT_*.xml) DO (
+	echo %%f:
+        if DEFINED IUT_PUBLIC_KEY (
+		%CERTGEN% -C gencerts.cfg -o %OUTPATH% -v %IUT_PUBLIC_KEY% %%f
+	) ELSE (
+		%CERTGEN% -C gencerts.cfg -o %OUTPATH% %%f
+	)
+)

data/gencerts.cfg

+# Reuse already existing private and public keys if exists
+reuse=yes
+
+# Certificates and keys are provided as hexadecimal streams
+format=hex
+
+# Reference time point. The begining of the current year is used by default
+#reftime=2015-01-01
+
+# location of the IUT position
+reflocation=51.4744200:5.6240500

data/gencerts.sh

+#!/bin/sh
+
+# Output path
+# Path where certificates must be stored
+OUTPATH=certificates
+
+# IUT public key file
+# Set it for IUTs which store private keys internally
+# IUT_PUBLIC_KEY=<path>
+
+# Certificate generator path
+CERTGEN=../tools/itscertgen/build/itscertgen
+#CERTGEN=../tools/itscertgen/build/msvc/Debug/itscertgen.exe 
+# ---------------------------------------------------------------
+
+if ! [ -x "$CERTGEN" ]; then 
+  echo "$CERTGEN: generator not found"
+  exit 1
+fi
+
+IUT_PARAMS=
+if [ "x" !=  "x$IUT_PUBLIC_KEY" ]; then
+	 [ -f "$IUT_PUBLIC_KEY" ] || ( echo "$IUT_PUBLIC_KEY: public key file not found" ; exit 1 )
+	 IUT_PARAMS="-v \"$IUT_PUBLIC_KEY\""
+fi
+
+mkdir -p "$OUTPATH"
+
+function generate()
+{
+	echo "$1:"
+	"${CERTGEN}" -C gencerts.cfg -o "$OUTPATH" $IUT_PARAMS "$1" || exit 1
+}
+
+# Generate Generic Root certificates
+ls -1 profiles/CERT_*_ROOT.xml 2>/dev/null | while read F; do generate "$F"; done
+
+# Generate Generic authority certificates
+ls -1	profiles/CERT_TS_?_CA.xml profiles/CERT_TS_??_CA.xml \
+	profiles/CERT_TS_?_EA.xml profiles/CERT_TS_??_EA.xml \
+	profiles/CERT_TS_?_AA.xml profiles/CERT_TS_??_AA.xml 2>/dev/null | while read F; do generate "$F"; done
+
+# Generate Generic authorization tickets
+ls -1	profiles/CERT_TS_?_AT.xml profiles/CERT_TS_??_AT.xml 2>/dev/null | while read F; do generate "$F"; done
+
+# Generate various valid or invalid authority certificates
+ls -1	profiles/CERT_*_BO_CA.xml profiles/CERT_*_BV_CA.xml 2>/dev/null | while read F; do generate "$F"; done
+ls -1	profiles/CERT_*_BO_AA.xml profiles/CERT_*_BV_AA.xml 2>/dev/null | while read F; do generate "$F"; done
+ls -1	profiles/CERT_*_BO_EA.xml profiles/CERT_*_BV_EA.xml 2>/dev/null | while read F; do generate "$F"; done
+ls -1	profiles/CERT_*_BO_EC.xml profiles/CERT_*_BV_EC.xml 2>/dev/null | while read F; do generate "$F"; done
+ls -1	profiles/CERT_*_BO_AT.xml profiles/CERT_*_BV_AT.xml 2>/dev/null | while read F; do generate "$F"; done
+
+# Generate IUT certificates
+[ -n "$IUT_PUBLIC_KEY" ] && IUT_PARAMS="-v \"$IUT_PUBLIC_KEY\""
+ls -1 profiles/CERT_IUT_*.xml 2>/dev/null | while read F; do generate "$F" ; done

data/profiles/CERT_IUT_A_AT.xml

+<certificate name="CERT_IUT_A_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_A_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="0">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_IUT_B_AT.xml

+<certificate name="CERT_IUT_B_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_B_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="0">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<circle latitude="0.0" longitude="0.0" radius="5000"/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_IUT_C_AT.xml

+<!-- Authorization ticket certificate with a rectangular region restriction
+     centered in ETSI coordinates and having a side length of 10 km
+-->
+<certificate name="CERT_IUT_C_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_C_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="0">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<rectangle>
+				<location latitude="0.044949"  longitude="-0.062157"/>
+				<location latitude="-0.044983" longitude="0.062064" />
+			</rectangle>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_IUT_D_AT.xml

+<!-- Authorization ticket certificate with a polygonal region restriction
+     representing a square centered at ETSI coordinates and having a side length of 10km
+-->
+<certificate name="CERT_IUT_D_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_D_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="0">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<polygon>
+				<location latitude="0.044949"  longitude="-0.062157"/>
+				<location latitude="0.044949"  longitude="0.062064"/>
+				<location latitude="-0.044983" longitude="0.062064"/>
+				<location latitude="-0.044983" longitude="-0.062157"/>
+			</polygon>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_IUT_E_AT.xml

+<certificate name="CERT_IUT_E_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_E_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="0">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<id dictionary="iso_3166_1" id="528" local="0"/> <!-- NL -->
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TEST_ROOT.xml

+<certificate name="CERT_TEST_ROOT" keep-existing="yes">
+	<version>2</version>
+	<signer type="self"></signer>
+	<subject type="ROOT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="6" confidence="0"/>
+		</attribute>
+		<!-- its_aid_list -->
+		<attribute type="its_aid_list">
+			<aid value="36"/> <!-- CAM -->
+			<aid value="37"/> <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2016-01-01"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_01_01_BO_AT.xml

+<certificate name="CERT_TS_01_01_BO_AT">
+	<version>3</version>
+	<signer type="digest" name="CERT_TS_A_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_01_02_BO_AT.xml

+<certificate name="CERT_TS_01_02_BO_AT">
+	<version>1</version>
+	<signer type="digest" name="CERT_TS_A_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_01_03_BO_AA.xml

+<!-- Authorization authority certificate with version = 3 -->
+<certificate name="CERT_TS_01_03_BO_AA">
+	<version>3</version>
+	<signer type="digest" name="CERT_TEST_ROOT"/>
+	<subject type="AA" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="4" confidence="0"/>
+		</attribute>
+		<!-- its_aid_list -->
+		<attribute type="its_aid_list">
+			<aid value="36"/> <!-- CAM -->
+			<aid value="37"/> <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_01_03_BO_AT.xml

+<certificate name="CERT_TS_01_03_BO_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_01_03_BO_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_01_04_BO_AA.xml

+<!-- Authorization authority certificate with version = 1 -->
+<certificate name="CERT_TS_01_04_BO_AA">
+	<version>1</version>
+	<signer type="digest" name="CERT_TEST_ROOT"/>
+	<subject type="AA" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="4" confidence="0"/>
+		</attribute>
+		<!-- its_aid_list -->
+		<attribute type="its_aid_list">
+			<aid value="36"/> <!-- CAM -->
+			<aid value="37"/> <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_01_04_BO_AT.xml

+<certificate name="CERT_TS_01_04_BO_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_01_04_BO_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_02_01_BO_AT.xml

+<!-- AT certificate signed by EA cert -->
+<certificate name="CERT_TS_02_01_BO_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_A_EA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_02_02_BO_AA.xml

+<!-- AA certificate signed by EA cert -->
+<certificate name="CERT_TS_02_02_BO_AA">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_A_EA"/>
+	<subject type="AA" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="4" confidence="0"/>
+		</attribute>
+		<!-- its_aid_list -->
+		<attribute type="its_aid_list">
+			<aid value="36"/> <!-- CAM -->
+			<aid value="37"/> <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_02_02_BO_AT.xml

+<!-- AT certificate signed by AA which is signed by EA -->
+<certificate name="CERT_TS_02_02_BO_AT">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_02_02_BO_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>

data/profiles/CERT_TS_03_01_BO_AA.xml

+<!-- AT certificate used to sign other AT cert -->
+<certificate name="CERT_TS_03_01_BO_AA">
+	<version>2</version>
+	<signer type="digest" name="CERT_TS_A_AA"/>
+	<subject type="AT" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorythm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="uncompressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="36">&#01;&#xFF;&#xFF;</ssp>  <!-- CAM -->
+			<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp>  <!-- DENM -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="2015-01-01" end="2015-04-30"/>
+		<restriction type="region">