From 849d1c11776ed5492a1f351ad53df047455d4b71 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1=20autouploader?=
 <nabijaczleweli/autouploader@nabijaczleweli.xyz>
Date: Sun, 10 Mar 2024 03:22:22 +0000
Subject: [PATCH] Manpage update by job 1165384

---
 tzpfms.pdf                  | Bin 65712 -> 81690 bytes
 tzpfms.ps                   | 951 +++++++++++++++++++++++++-----------
 zfs-fido2-add-backup.8      | 125 +++++
 zfs-fido2-add-backup.8.html | 153 ++++++
 zfs-fido2-change-key.8      | 188 +++++++
 zfs-fido2-change-key.8.html | 207 ++++++++
 zfs-fido2-clear-key.8       | 121 +++++
 zfs-fido2-clear-key.8.html  | 151 ++++++
 zfs-fido2-load-key.8        |  98 ++++
 zfs-fido2-load-key.8.html   | 117 +++++
 10 files changed, 1822 insertions(+), 289 deletions(-)
 create mode 100644 zfs-fido2-add-backup.8
 create mode 100644 zfs-fido2-add-backup.8.html
 create mode 100644 zfs-fido2-change-key.8
 create mode 100644 zfs-fido2-change-key.8.html
 create mode 100644 zfs-fido2-clear-key.8
 create mode 100644 zfs-fido2-clear-key.8.html
 create mode 100644 zfs-fido2-load-key.8
 create mode 100644 zfs-fido2-load-key.8.html

diff --git a/tzpfms.pdf b/tzpfms.pdf
index 02290565bf5babb7693dcafd8628ae684d292ae8..a11afb952d256ede2e2a8aa4dee12afe87f68703 100644
GIT binary patch
delta 60166
zcmZU)W0NjWmu;E0ZQJHa+qP}%B%icx+qP}nK55(Rx9WD??uh!dcdQ?<*O(*bt`7jq
z`~j<n1qP&OZ8>j=qttX?(3a{}u(Xp$GX-_Mnwdqlrf4>*n|8M(wCWOZp&<tV1x1m4
zxa}$bq<oKE=ML<P)3{GoILjKEdvz-0@$bClXeJ}W{;~navPh%0@xT3skLrrwX?Nq-
z9*dG}2m$GJvCC7@Z`p4JazXLaoD!pT4i+a{kASAQ?LU0HtOg1vefSv|ZsULWVQeop
zF&MHK<D!>1-=+s4r%UCLAT9!isGDqA0DoBgevU6zq3kJ5TWM(<23|AJ6=$!^<D#gd
zZba`<@*FP?^xXyRFhXZwkHtK~Wjym0+C(n2bO}(*+>#Ron6tR~kBNUnH)<MYlw%#T
zbpc^9O|oGF3De}I*Ar`u3SGW<lh^KfQPlig9p=?qli1G-nn_OYgK273wTWi4GnO4}
zm`Xkd4&Df7;Ngb~)@uTVH(YU{J5E-auNbVb-4^Fv{Nld28D)f;XYIJ8Q&lZg;jXw^
zk<cC$X78={@xy_t+!al1akmRCrr2sq)PTwfz=^<f4oE;DaZr{gTRi3LkMH}vwL3p<
z2awN8&DPM?OMv%f&@t{#hdq#k>sYRwg+uLJ-N`8-<4V@g&p=s~G}??*ErOgN-`qm@
zjcnAKk~`(JcLT2dSbNDXxPoVFa308;GMW@9Ua8@gV%ipuBq9jm$MUnS4;Dz`5TJhn
zt1eXXK*%F>vZ#gVHE0J|xxkF|J9np>(%p3BX5`<oA)v0CC;@>|3;iA9XM+R?6|Hf^
zyyhQJ$e|LG9PbmA$*f246Hp@gOSD`wDXh@&yafZi+jgF)cS1m$eRO;6Fv>q_iv3!q
zquzVf2sl4&O7b59Gn7&}aU$WKRDgoJ*6HPHF>cW=9TD;adH^h$TB1ci6%X;CpjSb$
zvj!>`6jb#P!Pk^Vu5T8anH!ur)PttzmR;gb%peBWvUA{Q8-|;&L>Rpi_thu7$wI%C
zk(PU{{}X~9?=tS4c~Dtpxbc&;Y9bvYhf?Ovcq2o9Ao4!8qyD~^x4*)pCBPHtCUrDG
zw4+-G;%@|O1DaNfXhnCf9q177G3Q@H!I?>h@G%N)7^W#%^)PrCBG8VpUoVJVwhRv&
zAOt4)ZRT9#h8j~KecLEgRP-)PEb(YulYT5A7pG>$5m{wDuzldPi4ac;X*X&FwV;;j
zn295rP2JOT6q71{{ls!4cmM`ySOC0LPq5<n@*utpGWz|8`-4a0EIJc?)@Cfk#~~9W
zR*}5KKH^6~QyP>%m|47%pza40w6MgGFa79!*unJk!lfKqR*Ao*x(KB=QgZ*wi0~fX
zP==}EcoBJpOh{{Za#u_R9)!}}4gy$hmAaj%8W}Tp&aCW>*GU&ACIG3aK?`G<-uL{x
ztZL3-wr*FUPEM1pxte@NXNYm?$sGi$eUDUs%8X}T$OQZ-y_?K5|B^$k`B8LNh8YRG
z2DD4Z)TzOy{#n*J3{TPRZr`kpI~>;n@K}uG1Wx^#u4;oq?a)cwGPIf_H^Kl^2~_o{
zfC^CpTW?6Eu59}B4=|oCgHRn+EviDv_$lxH-CD_i-8)aGP1YxNpQidJlFd`iccYer
z+ztf+d|or=O~31h_@aUJa;1?Z0;2*bUG=@ZJZrmw8g{EtN!*GZL)t4%qo^gbj%Sy7
zZcaSvd;b&D;ZiJfIBZ<3&xaL*X}Pr~75<!6f=ZkTQFrDs7tkPI8nfeEwtFyVzp1?6
zq_MMS>T_t%daL6HS|2m_I|@^fDAtS){)U0aB&dR0`>QCe!}L5KNmEpI7kYQ4lp^B0
z<-iiDlB~<3LIj^rw%UjixH~~h)M=+Gs!6_7TwT9@34@p-vKkOFS>mr0#qKe%a~vz4
zL$87aY+B2;0s#N;$Ge_|Kh`mT-R22`qiVRI7sJM!0GX9-L_W@#mol1bVJz$w@d=E{
zc`G(mXOzD8hHpq^L4A--qIOh%q`}}QcQ!*P9Y+DD%a;5*d`5;Em@2XZ!q4}sI+;kt
zB6dZmiu+PAZb>4GVbx1@er6vQJTfKHIarv=qM-5U49GDNqnA<2hZ{P`3_3L{$7!G(
z!O{g8+FW)gjLbdt(0OQW&B{9CRP6Qy2FdvXhHcG9OXzaJMojt)(B&!KfWVrDM`vQG
zKs4H5#;Z(>VuQiBg|t@;bydR?HQu7CBB?z-Q=B%3-iAf9w#21f(L3is4%P<W&i`?E
ziXNqN0sJw;*|*gRM>&ujo5A+L6Km%QD^1Irty{pDw=vo>;hca*`26e1+>?!(am#?W
zc(BFQ!!O|bErfZ9FvM`7)CPM0wN}-J*)*q7*0izmdAYRl^!RxmR(1Z2G~P{XlOMLS
zQFm|M==smke!mrG%~>@j`T}kE86&?z4|Beo3b4}xo<i=_KG+N4ubj^V?0A%cVu1dI
zg)Wo0w$fUAL@O2gtD$~(AuhBQYWt$Y?AW_0v(g{BoA*6p!$O&#YHyjp9##`MxC%=@
zK}0?9rAI0&T$j=4?{3KRGBz>XAUt2&s>J6G^^Zu!$KE50mXm_W1UN-3Cn1asX9tul
z1TeSRdSIGhN_oh##uP25lyn$+ocYB_@Vq=v)JYGh5=LY=D9;j)0Q+Z^)eLEfOH%lE
z2lk)=BN?U};~B4F>J-ogOx;AtkIr^v4|k(otRrco`X|B~n$!^7(RvH%io;Vcv94nA
zO}QC_Be9Z9(kI`$fGastgzJJ*hA?*P6)<!4oY^=Q??^iDPEOq@wQ6=;1l_kkqTY!N
zu70Pwh7et+gP&E|*ccSKI3YslwXzTo0T&So%@1v7zrBK6uWS6PmUN3R+c7K^wMe)D
z6$dYZqY=WSu}-0$&W(*kr}SzIX1N4Ip5X=k7mKN6RCY&?OPT~;U`3XX;B^%73{dAc
zhKK<ATa_zhcFi@#<%n>bJRkRk{a6-(r&AE&6`LT2Yq_)RK!Sco3ZMAC0<J|_*iTVC
zHiW0R4U@5R(68E$gtfsxaD{#4i8Z%s_*p-|IT}@sTg%rgXgRJ0{#E9f95FB)C<1MB
z>K(V$EAws7wkcAUeaJ_#zbl4g26#2$#U7?PTfdYz)#5GcieO2?RZ5hSNxCrG<DydU
z=FGjuQ8)wbuFq+l?B$##K2HWc7OQeog>Ss@-!TVr#&X!ht!LUxL*gMU{${~6Ta}IF
z^C5*$g0`Wz(_JAXevid$e)SOs{!5$G9lWEw7>z{qM?n%H9iqq@2V(j517JP+oq+i4
z3LC8!5p#&5NG0W(c1#{lM*^z9y3RRelwv8)-eb#@Ks?9*NvFr;+C{$vJK4F?7z_uS
zI>wfg#3`-%?yR^L{Lfz+1!^c*E3(YL1LqBX)Qlmh8Op8l`avXucnLAQeVUd1MwzqU
zRcNDY999yG2WP`M^l*-$8jy3PxFo^0JIqXwe{!j(C%Kz2BT|K7A8p0aphWKkaa^qE
zzV#g?%-<QaokDg;<O@7wyXA(PaG^BilxpY=L*6Ba%69p<@$}4iD~=z=>qz5|f(1n*
zO5qW5VtkJt%vhc=608HG`iy@z+{NpPgjNy2fGh^gtmtN^FaZ9I063G4u_#z=dn~x=
zREA9z^lfn0v2dj7b9ODkE{?6U{l$!Z%$JF#sjypM+USqQEgEwJG3%;s(}AkVq>Hvj
zY;){>nKrCQ8R4S@iE%X%xOe@#9#!f!xh!o;j!{T~eKzdsD`<*UE|U*8#(RcMAKx_+
zY8BjOgA2P2=^aCV0!XoDJ`(k0igelcF9_e`ydMQp(qG*tIA=Sr>)~Qya_hI`v1KJT
zRp3}0Bb`!$ZmFL%p$1mfg5cNFSZVcfb8f`LzWtY$?||h{%*|va<?&1s;evCTm2{Gw
z)brG$>&4`4p|QkyT1Ghj^?iOk*EAYxh;@BK3s<e8F)4Ms1xQwS-@gQ6dN|}+^Czw9
zj8A6mG!8GKy!5^aM-Zui9)T<*T(eT`#sMe=e!lC`|K5i0K2sw_Ry}Y0rT;wXJU2&1
ze>GKKnIdESefYpVEGr)_eAV9G0}a7NYT=9b4MRu7e0Q$s3v8h^`>nD%@$!0BVvj($
z9zB+;KRr#m1%!XKTYD#m<?g<vc@%NiKv#kK>?*g7TBR_$Xk(zZS=FC+^1K&hiA{0{
zIO2nbB~n%~PFQQ5n6z4r<p{uqrBhl<KOy4XB|Ac0@p(qTr`+BXlXR5)bK1r=1KDdX
z@`#TbV)WuF!!?w<@!t2|ZEPcDQ@-}#5lJW*s#kG-1@INs<hILI-Ivu`K^RBgF%A5I
z@O2sYDyg_9XrQ2QX&8f#ZZlR|=91X|$NW$5?vASeWtB61+nPt<gYxTLpzFif+sxk7
z#nsu&$PVT|HwR;D7!D#PqW?NsS=iYAXU5F^{|^8BVU#tqw{W#2Vqqd;N-E?e0hDOV
zC2fr&_uST{>x`oT8$s;3`)KM^{YAAZxngnONSp#s93rPf$p?0%zQ|Nj{-FJc^W+P{
z_HiWNk~$}X1v4-0GU)T$IW)*Pbv{|hd$~Qn88mst?9+FAPHq9vdt6<<k0foS6HKpR
zewfV~4;(CeBqh&yU;=x5k6Sz*0!EI;EIekLF3T809%tIpH~~G*KYq_cSyB(?lQ;5i
zq#jG}jF^M4djCE(EqXiCyT>E1^wj~%eeJ|qjErBy&z_mBjLVE?lyQFhZ%p^?Kfn&;
z35s3jBg9*c3O90lyt%ZN5tMCKHj$*l)&4GAe#IP}9akJMj)QE>65WM_fZT28T|b(3
zT!~ym1k8(&*UL?<(<)`IDLM6RnbVp-&sXOi3iG5r7l70q_k^s?>py0R+F`QBRn-&L
z8})59*t#_tce%8GG`tORHJ7$9)q@kBO|;xUH&n`J^c7$x8bz8C#F7}B#B0|NhFMCp
zC)Ay3gx4MyO&{VJkDtok0ecYovOb*h|02ibmiavdw!3}YJbXDHu(N$`YHeGbF*Y8q
zjq3LNrWNWWV8QJ(#d8}j4hz3GIP)^g&)pgp)DbY_3SVOK#PdS^gHAJUb^0znyz=k$
z3`F_7^YnLoUA(`o{k|VcV-#87yev9^j7`uhJSQR<@G34x8g?;^0Con{ReG&6HWNr`
z_d=j)Wx#-|eDfv2=Du0+o2YtVqqWbS0zsdcsWaCEo*m{rd##Q%@TsiK31h9C7dd^5
zYMQCg;}2#Qew~gYP%aWEy}id@D7>%!n8AELR=XMiCWh{~y*-|=V{RbL9|F-NNUfIe
z>%o7c+nhHT<7I+cfaYql{JBY(@VYE%GuSd;w_aepfPhh{&Gm@>=S8CH8jQ-7P=ty;
z)38lZX13TnZVwS;1UzQ4_?u;^c?(Fn3Y+Yf4bzy1`XEj^Dg%YwW3`>>_~EHWsw3qb
zvbqfh9biRrqsp{h$qF(!Rj;{qrzA$snz`yAa785S{%eG10F)h(s6c~{7U9chqqSE*
zI|U^3fho3C(^RTF{l7Q!e!Cu3IXd`pkJVG^az=K947SE{qa61@Lho>IM&7zL6F)^o
zPqGQC&wn@lR#>5<7bfBk?@yBC^u}w)N<FtpHb_{avNXqm>+nXcOj1WJ@!sQ8B0YQ=
zPr$bXkLIkCfHXFUe~wMNAHKc%E5}qD=lQ*!<h1HJm+(&S$s?oI=<okfdiQh=T1XTm
zj0+BvlO&cL6IX)&twdkb>VYkeA7{5k6x%H@`!j`i_xIyuBg5*MBb}qKq}%GSiV?v=
zf7y|1_0~?}<MY<hk@YAFHJUrrcO=zqh~&2PH;1F}13Z?v_==j2)y-EtahwP=DWbj^
z(spGn;BZaFX)N(Ua;1fvUPM+wiEe?J_ROPdZ12;&V2En2-y|wUzEMimB<A0vu^_(M
z!EQ7o=wT_UDy!MryO%Yv9>AIGInrx*92X*cD?Xm`CL08qtB&fzx=9p_gK|<uJr~9=
zj3z700iz4SK8OTNwF2s%L08N^ikyP->NUwx_yqad1vJ<)&HedF2V#oH^4QgnSKPx%
z**{XpV4U3lI)sYt0A=Cj@!FZiPiVs#g`1oG_}<1)*|cB7Ckjzm4{9!(GVX4agW>I0
z`WTJM*5Dioz_cx(3dVTd9^v&fEhS*_R0I2!fNN^Tn+^V|Ow=wv9%JfQv=`C0jcC~M
z*y1TJ^zVL=`_~|b58!rrwIEwc>;q6%Z3|pAi9Y|ym4?~(MARH?9X~>YQme!-2(w;}
z><XqJV@eGJ97q@y&I!G`S_fBcG#u1iT&tTX$LjI^N4BP|e$WV9SMr*aG^kaA^BSyJ
zz<h+NU@up}soV)}rSv<4L2nIk;%%8zWmJN$u5iL4GP=+Cf-l068O$Kp<E~oR0}|8@
z_;i7R#bj)(1r(*0-qd6~?aN(A6Ia2a1{5w=*=(zv&ht7&73Y3d_rh&0)H44B`lZT4
zR8!ppu@ceMKZkj+92Hdgq9TE%U|=I;KzMNw9ORRmf(V`8nV~-IQmk6*9;$oTHBeZk
zlt|ROJNy%<14Ymcb+lZX5r-GwLg|oF2@2f?271IBAX2iJM4G~J$0#nvnp^#MUf14O
zreB6U@OIWZ$%0#`J)v%eUa5A9>Lc<E#In)fLt=?hOZO>+-TIHUR=oDclW*B5fD5bn
zGIAM*KDzbT*WOShDudHI5&8|7r)^7_QYbx;E}V>Je7kZ2*}ob@hQw-WFqycDCa~7%
zy_?|Icv<ldN-wkJ*uX+{+3)4%X_vlH>_?{6r!PgKW2Vn?_javovqVu!POyi^Vq{%o
z=v!DcpH@#DiYw5P^9?ZTq;GQwF#H>;U$i0sM!w%ZfDpRdXpp&DGvzq8*!I3I_;qFS
zROz%gzDx2sWSqrFxBxqN#bqzD0P&J3rU$nZ-dV&?JoYr6|NA`bwnH69f_C%w0rgvi
zIsK>j680~eO5B!8LmsRfi2bW^l0ie63Z+J>uVQt;GRJY~`fK^@q|h=1fb2<Ykt4^!
z8)w;{BA=fe#bo|zxoGX@1nVD_1}Pv!brltq)NY<ij0@ZN&t~#*YO=x2WD~+-Tta@r
z3dIo0j?rpRIEs0X!i?od1BW`56c;Xim~u85vw)7hj(L>?M$`OXS7tP6glD{;f{bvF
zRS;nfY_9c^f}<jrEPx0C02lo#c8=PAL?Zrgt1?-+xJM=Jf(ZyspQTWn8Sp=lj*=s7
zmvx7f7d|v^%_z#>Zr_{b4ei34Wfbhr_0%YBn?%Gj6QTA*7_@I(wJoJ+Gxz2c6-Rhq
zmF4Hxc^PtPEAoZb<#Fhq$!C>KgSM}#Tzy3ZH3uTQO7zdROcP6Y09J~wK=Fe^qVOl_
za+sz*8EB}>={HPD_<FmP<240}sO;sTAfN37M&Q_!DjNyjWo4l$`7`=*x|)joB=tV3
zMU}1KPr0kXgjw&HjOtW4Y_BPmMV4(Ho)Ea53PCIF6KG}(#hf!au;i==g!iO6Fp}%{
zclG(Skch)jZf5}|p!Fqw6F-6sNq+4wpfPKc1Sx#x?^zf{JMK8hnr-?BUW}5dxn)wE
z2~GdI6WfyQewJN_s_+ACjf_N>6BLlW+3SY2q(0%biH2nTe&(p#jE0&!9(oR$V@JWM
zf+Q$Ykp=Mpe83tSrS>Y7hH!~hA&CNdCR#}0nrI9gv8dV@U=t!=7r+g2_H3xdg=*L|
z<nP9TuJ~niuw*)uN=KZp8?uN0XR%zB&$vUEpfYk49F`4Bw)Po`TawZS2fn3<YDaw@
zY9p=)xqX2O*#^CsZ{kTltO5f^;MC1GepxFu#;5wyPA8-Fa%9OUZz^<$4xikSk8dYK
z*G~}S@3kX8;9i8c3wp*M5tomuE?``)Nm4+<t}Gj%+1e8+#l+{Uldb7S1yg*8<)-AY
z2;&dEvzo1e^U{EY*kW0ZEx@uI`4j-5LeC7vlY!UbQnlM`vNPp0ygED0skPMF+50iy
z=s>sVKCW`(E-LtJ)RF8QVi_P$wT~3Fzc!-!mxmz?Al|grfbXo6&?q{e(nghODNYma
z+?gb(R9tUywsq;%S8>-EiG%;|J;eGNxw$u5G~$e9KWU}jg_J)$@T_S9r;CfXO-%*S
zUf6409$ZY}cILrKvW;mRkE?kKk7}gYCL)l-X<w&RT`!IDODa|5w|~3ngF$w{L7iWy
zH0JaJaA%D(wv*WaJQq$~5%20UrQoFV1l9K3&F{W-s%Nem(Aua*f2B&GDk3HpUYm8%
zX1#ni!q1+~gh!rLPI4)7;y0R)Ums?}!$b??nf&BBc?->P`}Y-<GLGkFm9Z)c1YQ9r
zv@x}~5?O>A^i~FTLqu*xqphL%X5mU3(!<^jAW>7Whp8WQ(s?PY8f3KgL1;fjRN}k0
z9MEN}D5Sh54;v1=f+bh!zkZ2m0N=ft*8M_$0o=dI))1r<ss<f0%n4Gav%0P8<ql#=
zxqCcLmi!Q(r8TzB;QFrsYi1aZ%VO*&T7TF)>}J~<Nw^JHRk@iUsvY)vq>J+zE-V=v
zAm~3GKhEGgb{x*+de~ehS>*m!6{-t+jcymyqX|u#+<U~zNjq=YD$7{@H-+smq>^tQ
zO+_Kbvr@dW;jAh^i#y&x7k|vQSzpIMG~SG$%`B|V!u_H<fuT#iB(zk<-AsGjfwdsV
zD5x=kAN~#z(|XK}D3D5=E9T}hlzqqskX>j6X-t4@$dt{SHw0zO*~lr?^LaZ^(s>uw
zM3mF6D*lZAdg!(eZI!uZGre9vavA@2rsm|aVdnQUh5hJ5L)~R_(hMl^b9>x*u89Qo
zP_c32wa=dl$->m&ba~045mV$-?~-G1sAKH&^K;|m$qd>hhaa*J<@mi{X~OgX2=sM!
zcX>ZwUmx$R%<bv(0o>epK}>FqhhT+gP7U(rjmsNDPC(5r1rL{Fm!FnxnSN$e1yXCy
zaEkGFbmY_tGWmjmdlE694777sGH<_wYl-1guXgl3iZ*|K#-@ce4!kOQ4iHqfx)N~;
ziqI?toqkkk)0OE927KLfE3JJ2Kv&8&4zWGjw_QTEst?6Ip1^m@W~+B^<@d~(6s`&w
zp7*A*ueoYr`(!+(Jw}9SMMiL5CG#Zt)LY!F%U(S8M93Jv+++t6A_z`2tW1WO-PnQi
z`UkWHE4wfLz#u73j{=ts=UhHKmZd<pM;LBO>~|ft8Ir?r{AwsWr~^lUW?Dq{&-#?f
zt;)uelV3W^2WgICL@(_*)~u?=E#BJZlWv{Ko?H*J>I$OLauCcN@Uevf)c3RJ(7Sl;
z!N1ywqw)-w?DtLzA}zJULM%`FY#omyM?du{O%R5^uuDgZkR#bxv=r11ytI7n#=B?}
zu@IAT6pW29#8Bq4{mg&mvz<FTa~xYHSH2Di-yRL3g=SIySEl{1u=;;OEhp3e4Ye%n
z|2x!jB;|9G0a7&d9JV;nM)bdF!;J;a`U}M_x)f}1+GMtxwGNEe6OHo8H<d}FY9+_y
z3|==0dt{Uo%_!|Siv<-Ex?i_lZaPf)i4jqc&huV8S_wQY*+1AwPH3$GW;U)YgmR1~
z-$uQ78#7=dXd@MINoX@`MgE2Y4+}n=&Obh$$Gv}e0lo@5n0@?!SL>7BjBlqyGENg$
zH%4@WxKl!jWmx8C-*DDBiCONdjYv*~85o3xKe+GEFH)JUxJMoO4^JQgK@k#HAXm~P
z){Tu`Q#4OA+aF&~iNSX83{u9~KtOA8vY~kqI}4cDTX4D1ehZEs)S2umk*DPtTR3)+
zp;EE#fD#&{Dw<-L*vU<M8nGCRZWNy4%YWmlq7`vnkpXn59-Kl`zGlGkVNzm2t?>a;
z!}F!cmoYpHfuWgVM<~`d`EhIe(?DbnaKqWu{xym-t9a0#F&aKIHX*}{Umku=v5|?K
z)f15cB+GHkWR1wTnBMDNJATJzJ=O&va{VKqfPST5p*n*4U#@+dQ>mFTw&7gN&)FMj
z8umtIk~c`D07T6no1f00ROKsjtHr`~yU^s(PX=RU?G*}1OJR5N`L1$J-_Lwr!K&aZ
zCy2e_33U_LB%bPO_(f$t{6JV`S;(AfFGp$$rA+r|ko!c7!dV><xq?bV7`xuMEji&U
zz~zM=%D>@eL<%Qk?Xzhb?K^AGkJG@ZPIj$g57Qzn+f*=muo1}h1EPB#J%Kdk0$ho(
zM5HQVa}&}0`h2&-S?sLrJQ?yBdO8cMDQs7Tbqf+Ue&c2tH`ZMLZqEtzmiWr)cqKji
zf;=q8BI4yula+oHhG!^wZ$i!2er`tvK<%{&9R}EXRClT!X$%35+A)Ksd(=Y4PVuP}
zkL$k{l|VF;1EV-FWJ}!^dQC)j1ZYjt>nnFg0@knw!=Vhc=iy}|*!fi8YFlC)CU}0b
znG!I|sFy_)Jh6lT`%=8ceLaL>!BZbSJ6u+8S2&{PlEcl66%&DxdF$a0THL5D03ilU
zZnIDLCR`xzP)L{+($lV$bZdG0A9v|}6XC$(w#d-u*Ym5Rp(>GpqC0<8OWAZ`)L|P`
zbhYCH8wRS$cVk(;%g<{VHRF~=Flr;LBp5G$cJ2c?P#j5c*V+bZ%YH4E{V8tt8fhp5
zDaxPT?Jkz3+N!^+3$2jZ2SBpufG4>S6CACpKFn@$?Bdl;E$TiF!+1P#^?a*XyL~++
zbMVBi8HnN(FN3INi#RW6gu~ba;~5rAbHO1sZzrTBT~HLG<oVjEx6=Tfih&C^Ns}nm
zd+m#^@@Ei&E+bhZl1&tv0cX7cp=0HCq#iaNwuD;vQbY$;TyYHJriEH-z&^rs3&R%>
zEp-0Bt%UvU`!QsF-Wk3-kR!`U;h|MfbZ8>JbgLXo4Ll|_WxPqT3E~HCqT4KKQ=Of)
z7vs<fZK{@pxzeRCD4(N&qC?329O-_#lsCUFD%JqjhTK-qQp9Q4xNM0YZ#QOdr<X7K
z%pu(48MP>4?&Zzf5`ULg09nAgU;S`80{wBn>MnYr4QKN<hxtBUO8Q{QQeSSbP7#GI
z2qR9rpWwHxPQ%HDk}udr)N9+jfCOpJ6o|4eTG^Pz1mfJxD(vcZA#KZy4Ds*lyUi(k
z(#Iz6zqU4}etgAip`>p}G>=n~IZu~lfk;S^6KD7PA7zI-(D_MT0GjuI!Vo$Sa}{!_
z)iU_c-Ngk{32Yf^&o1IktwPE;c<KyRt~UX+3M8iW2deDs1L;(+s{0k0(f-w6HTg7y
zNi&2Ou1t1}tE~i9F3XoH#;jxQALRjjMq=n;0s(w-{@7<1zx9OW%T1HU+aa{kn6)ej
z{pjO@l6^bpd0Pr5fbY7~J5h0*6=xMbFAQkAL=c<LxNMjgUTe~8*YdjZb@>7!fYaZs
z^4I^Iu{4$MC`L&C0NCno4LUg_5E?`k*hfABQH*OjIAcblZ(y$PiNww6f3Jl9@tn+T
zTrB_NIa&VOb0Yr7e*S-=la=ZJ>;z3ahiwiN@xBiYB(VTX*eHyOS0M0ND~_72^?T1Y
zzUJA2eQDh~>zd|-=3QHa*YjTd2aOLxhfuU<^Rf;S@I(eN=aURi^W1;D2a4i&UrRqZ
zwhDO89uGIc6$VnD8ja+PsgxF+#6R`Ad1rCh(A>}_Y2wUU_6j~>&U55bfT4)z%c_v?
zi-Tiad%&lcpP$Ju*Y9x+dQVQmNQ3>6d+XPCFfadcE$kTG66&Qg+JU_K+%nAb1Piwl
z=|v-#y+Apm)5HKc1TJaVIXGi+!PrVk;d)fI&xQ52eNf2X!40`>9%C1QLgaL#u7J+d
zi|)QLP|(A1O|G$!Cfw0YKuz`nlOtCHwg#b(=GqI7jEp^H2U?0RV_f@Ci67d94DXX>
zx!*G6ZyQS~b(@x;2}JvanCIDy(XxqrSATg>S>RgAdchnSdQ7>Q$j#PLIuE^T#VJq2
z#!+k5QGzMyA<$AkCkA@gkMgrvR15h<r#gfaW<E3VnH_aiaySV&00wB$XT7G4U1@+w
zX9G$nV^l=Eh=8M6hjeQMOxOq%E<xMi%lY}l%c&tfzpgg}gmH0MKjO%*&!*2E{s1p&
z@|*!IpTdJ>92DSqJ@tODl@)b)Jd#EGZT5C%4C&k3GP@R2Jw6ouo?6}b%uIV@{;T`L
z)Xl%ob|%cp26V^<n1!FagyRbb#wGgjo5xq0;ul6Zs)G(uBU^D=8&Ae-G-nN%hO7j`
zFK~6G=oLG8(1CTz9$}01MAB-M)X9T0tW_Aw&7m1hYRY!M?uhjQJIBR6^GRWdPRyxZ
zH7mKkGbtzRc0+z>C~<2_5bfQvAWdy2cGC+Q4LX|-r;a)RjN4#3Yq1sUDyUF~TK<J#
z9w$h&6?LM7Hz8JLdx^FIBwxGl-R*)eP1~<0rbSpbHolo_q-^Q2c0>zhIOg1`gl*Vk
zDG_|=u?z)3g<JM+0B^ZxNuO!PC363zN$G-Psn4bv);x+;I!!(*kwiZN5{pU^8EOym
z)-cmi!beX79Jl8>mJ{o>@{I%E`2hX7TKPjJMXnMqO!1)NhQ}pQEXh&4OBqppsghU&
zy_-?l#D#{3@l3&Nwj`1&nV2j_+6Zzc#v(^xiI|Qc!lV7{*G5}aI?76^`5E1q8)CVB
zyyFf+@KhfQY(t&tOP;cUtAr|4%UBDw?<<{2ljJA{fL1?kOqdMVRcQ>BWs-Nw<B`Xs
zCX`2yu!T^gFgz@8PgZr-iS37o^&~A0xCDOLq~3O0N&_Vdb#Q(~2E&UDjk$jKJcQH^
zS9|G_<Ue{Kdc5kWg>i+0d6XOcwsFptkn<jPG)Z|&QpLLx0V@0}SlHkZR5kPdd*hA5
z_0KH}KuXqaA54yx1aTO6r@&>>g#`IzvhL0=htCrkgdZF<dnXM(QI<g1_T1($rOsXo
zYs!lB=Lb$t7oFvJ$SED%t|BOQ-lW7v&*QUrw<gS*7^YK?WJ-?0p{Y|G!K!y8KF0~k
z!ySxo&%ZqVwvb3miF1X2fTZlLYeo7pp#)AIaA|uE2cKK-l5c$%h0xn;<p#d!^5=|A
zACqh6JPW1K4zD|3PFW9fR~zogTzv@etY6BLKOm_&PR*<6^&IGse=2@$6ra8Q#6@q9
zj0@Z^oH1DdUe+jIX&Y9*P_YTsFaj5yVeswaR7Ar9`i|)lNDt*Ix~r=<TbFud5kfr-
zs6KsrpBZ_NT6-Kp<19CAxb?ta)Bf@LzHq+ZdVV){`u?7IH~!greOz06%xaJca+bzd
z*!w<!sx6;BFtj(dA4PP%M)}0EHr}htS5;pZt;d(vdtiQ~p;jIz2hj>{X|Ugy0FG?f
z=Irt<;-7%|!Zgi7vqN|O_7B~bER1>vEX#2Qx=*hgxF&fbAN4pWzL;D?6~jtfHWyRD
zLZ4KHdygZ_s<+cV_?qJkTX8&QW38WS&j_Ws>*Wc$gl%6Vt}&T=%Bv@;eg^(AHQvlJ
zmUR|cYf@9smQ#x|k(>mjkG_C^C(Q_FsQxLK*cV?~is6!EbRf|o{==H?D7Y5_=zmqc
zsNIIVS6v_w7EiI@Q85r%2IV`X@9S+zRR~ssL{v?Kc@RHQOi2h+%uu;XS5yG=hjqsO
zAbG7mY~5ZvGO4Xv>P@AQU^&}gm!;kChpT9T*2Okt&=58=ti9Uy%p2ERYHX<RkJh|}
z*@?`+)P%(KOOW;q7j83koLcJvfOCz(FD4AWOHMei8ywc^w<rb@7iRvGzH+{_?*pGg
zhs@0q%9qioeJGh)ty?E!j8W{aEv|7RVkxI0wrb9kUPlG)2>!7M`GKN+ls+lNYwHyx
z>D0ry82ECOhTsFa!&#LDg1e)XzK9;Sb?A)~@pj<<4SsiFLK&<jQ{+tpU>H|<MJ7IW
zY+GB^{&;x$N^xXVi>BB@kRpcJnwPTTY4mJ-(@`=v4hcVw?-TX^b%*Fu!1b~5-8czD
z?OgpQLocoNYWWD2%A8tb#T=H=c8M0YgS0rH$u>TV0?cg+bW4Ld^1Un%(GdAT^OEu^
z#XGVin>A5Tg*mxc?aA?<_ZQTO`7hUb3o)Bf`Y&AJxE^#Nj~%dTEC=pFwB~d0j{DIN
z5|V`PCrAhC1*U%#^7WGPs@P{KYVbt?@F+eOQ75r$dAKlRIFG=dg`3DOP2!rPcI=b=
z&?7-qP^QBesTJNp|NM+ybeIad%?Ac7d&AzWe1n0-K`qrKg^X7RAm18!SC6RY0T|b|
z8p&x6c#I7}t;3%uQlDvrS1(1;Xn-T*^ujF=WoI-WQf%kXZfYXjAQPxm#RZybEys7H
zk&jdCzlMU%2A@c*NI%8!%SJA8uVN9z<vXw^{ekf1$ija*SiLgvWXg;JPq+v;4l+J_
z)KPIBpVBM%CEL6!07sjdsEn#yc&z3W>8)!7d~km2Ka;}f0gxf!z4-18sA?4I9o2+Z
zLRbg|ZXRqxO@7|ofcqs6RO+)h!H{BAl`OjD3bHwMLZP*QO05~gbVaF_zMzV?8wB7$
z3id_H#!4cH&bkGu*^LE7<=$l#oTo2)lCvGP!p_jeG^}+mK#)ncWnr&a&=GXY_3!#P
zh=fc)!&1SQCNTT7DKx$+zR$X;bvc1-U()VS4wQDBRQ!xO8OL4U1!3XW{TaF-_CKLl
zr1zim4RAU5=870PYg<uz?6c_?p_31$Pa4X*1z_KK_%sQ{ZG4VWWG~1T$T2Qo`5tNy
z-Xk?|e8q_{z=Y570C=8vO#4Vf<u2$S7`BkLBCbLbLNzv24lLCCoz-JeN(DLz^5qh>
z3@YgSEtcgaxuvU%Qwxjp;kW*R8;d+;XFMAlukE_V;$o=|KAT%^Z&8D>GKEGDC%)g8
zgD-Y1KY-u!VPOj~jzkw=HQ0BPeBN4QV<@b+F`tAGz)>Q_)wrusc_gbF?R4|`<%0Yc
z?q6^ed;+?l@X}G9s}M$U$9U!a4xl*R*#;?S-|f!6G0WTG+^ZFJQ^1(vpPBq%yzOi8
zLt^LX!F>23kZuQ8@=iAW{ZGdr%`9`$+WGek{J`ArTO2Wp0KPQo;Njqc_d&P@B6%!;
z`>pI2fN@A`w~jyZ&5L%n&Y_USLT{xv<2Y~XXS*Qh@*?)D$aa{IOS;!|H*#kCO{`NU
z7$?=j{22H=@)mL~+sE`xANHd^MDF-<g^i$Y)IWwjfuBTB7WArD&iQR3(>O624PwMH
z$?jJB$@On>Ac9Ge8z0_{`3Xy2_Q%9DdWE$QfY1JehVz(S3X@BMr4r&dpQ-&6&Kh*b
z0x8(Upag+>o9sw+bLTRxdpBr&k^cU0bbEISFg>F-_+Q}7`adp)g^T_Ff;TJc|8g;`
zZ2uW4Gm2Z;x|%r?B~^1`0a7&e91b}!Mtc97!4oi%NfSS^%Vu2v<TNJ@<9fq3XA~OJ
z@u-u^5Jbd|J$5=oebau&c}qp2)R?-rN&1svh~;|Ua-Zs-pu#W-1$<oi)wU)9@yYVb
zh5w+r38?ElnR9dZ$t^=pJrC1SP!&*3V9B#KZ_9TZ?9zXEq&WZ_%76cvcYgVzNTd%o
zn(;@F;6cLCBck3O)chV^oyO^ZI7MQNsYljmOAi7;MrW+-qSw6zS?X6%qDfeGWY(jx
zCYtR8zDV=IEQ5lC6$78o8l{7&<_%TxF)m=CKvN?eBBVr#@jZd|!|LSjnd@cyVIj#j
zLA}$hI_Mg}L52a+8|hl&EiMM$>4|r$lK06V==ck~2GZOv>!P|#{j?sp0caAGJd{mj
z{&CZ}zcdE1Ec3vF4CBERm1-{AQVCU#O0(n+A);}5l4LBFq<EWOnN2}T)pU|f<Um}b
z75c4j?;qy9?Yhw<L8^ZcBTqX3a~g4<Ia)hoB36WRJC=YVBnvIP^~@ion7u24ug#v(
zPDo^VEu{5fkAIo$zI0^d=?m-7C)c+3JJ-iPo}MngUb9FD1A>Smi!EsIUW@3Hj>$?<
zVr(NHnyQGTl5~S~`E$q>PkF1DlSpCT?vS<W%x{v6q+k+GeG0Up52)GX#k75aQf$+`
zH(|o|;uC-vA;p9pX}^t{wri>zS;8vJZO=;gB{&%2!(~)8{%^PUpd>{ID?I5EE04hK
z4URL6oO@t?N1hgkJx@DYoDGr=WXm<Ew?iwKFN8p*N21h~(6nCuT?-^me70gwz-daM
z7m~%<_sWQB2SfzRZI?uO#BTj@$@2L;U?t^0t#*K#Xi>zgYPDg2CcAJhvHr0n^};?7
z)~9l%9Kp<jIwxFx6GO~hmV6gi;b2Pu)lE!A;&V6-<s_e(%^b82MK$-3a-`J3g<`n<
z(zrd&q3vC+P)I!QcnmwHhD?AB{;2PoTM*Y|$dMSd=bTuVbz~0R1x(yZvSM}!LLqKV
zkp*BhexHkA+KA55QFK%|C`d?8CFa-;o~UxO&g0b6MRcZ@M}$_tz&qfDz8|HG1B09k
zSTCzT?`a5%(z<SiEJ)VE%F;?5eTfR%Q98UWwX?F*P}PdP5j<!!4~HCFI;27j+l|U@
z;<E{AUs73THMPqJN;5HLhz@t)vB*4o+zsG&hz8jZWBOucu#RC0BIoo+_04KsV8|3o
z*-EG|*Tt7uShg`8?un^eI^Trc%7Cy9aiC+N9Cd^2Z=H6T&Xa{dgEEHiO83z2^JN<K
z2vz+6``N~`LR#CVYX8-Tx&m8?DuhFAo%x!~QxXH{`iSG($n}3R8e-FkB$*%DJ{=%X
zjbs0q@zFygYVQOyYUJztdc^o;>vJRQ{mNZ*sr(h!Fp&Fm2KlIA^%`iu^u@G=h-C?)
zeGGf^zIDeANAYje-=giBU2DLqGU$*JnV=YWuj#b(U|9ErQcqe}&$3LU^!KW?W~ZIo
zswNufsT~jF+98t`42SG^9$Zpze;<IZQ7e`ORdRuZ{SOtHnjW-&-8*pctnmmC7i~;o
zuU$6!{=hu3%E?4f5p(EJaHEk+(r6)FO0Cf0S;hW;mK7Z3FbCP~S8w_3STll`+DNHF
z8}8GX_3|ppbm6e`nxu%1bvgdD9hqV-^|`kQL;QYKjLI-86$D&4-cuzBt1RFfNG(oe
z2PzfN^O(w*ynu$dVxxByL*>CFD`;#6tQx=Xf$p=GV&%p56uafMR|rTGF4OBGa4h!6
zfWBbJ*TF}2fCsAtULSIUblZ>Q&z_@gNXi+Sf`HR+X@$`y#*-Rc=Y6}2fN_Mk*o?*W
zfPl&@;#eB(iN&Ia43lwORRB=y(Evj^lwL@UmcQ2TfjHL$tnCmn&!<@TKG}Y!M*q!l
zEy>~>3<GM_r2$uCj~^Yj+T?{~sCbK-qyvcqwoh?8HP@pP6kT1KcfB3L*6y;;>BvDw
zfp`yd71@pU8nZ6i=j*>B;QxmC!uAhtqz!i`se8i^M|sSk3YknGp8z=fg>Zye{%zXi
zdIf>8y*b@K{08#Istl>DwqctC8f&PuKuqs}dz<|%J(P%Ny1k1j4BZB@`L}fkMNp;f
zKF<;v)a;-bmXoz;+FrqZRjnqB0ABpsd$e+hMH!%75)|c&>xWJWNXJQEJ`^iSz<5Z3
zWe8U4@1U1%^B$}>X9aXF92&wGvO+HhOv0y8R(b)q<qaYg6y9!OMk7iUQoDMRe0F2l
zt>~GWv>3BX?bB@iC-b8rw39_I@z2hQ(Jn~PKVZ1irgV2b_^6-chy5%u^T{|RhPc}Z
zCn+J2Zna4o2Y)+xm74bl3aGl#Mxif)JG=^#AB$aFNl#R{E(7*y!^R=t!CIXxPeINt
zJwxVMywc{)l<XSmp6QWEm;OVZCEs`3T2jDf>52VsXj~c+eUmi~U>-!7S{3-0X~6}@
zkmB2`OiGzup^<_U;Pnrmoe4W+C(-0+bac+8iAG<V(-wPr`aXhFub68B3_NL45*~!7
zG*-LXfm>apR)DSc3GC&k`U<74y=x$N?OR-U9)TQBR`!Qy&Tz^!#$|l)%N%F4m1h55
zcr+J-hm+^OH!z05_}lw=q=D-y`86|~4r8~8zwf)Y-g8+J&GDbz<y!*ZKRK_U4k@;~
z;bRg+z}szG$RoduXbKu`xl!h>epmXH_7;!0toET?1c15Bsj17`1>A48QCF;z-}~=_
zCrQFx`IScm6jxztkL$}v7p+rv`>YBawH0)9hog4`8b5=tSq%ee7izhpdEW3wE&~Ad
zs;5qzcS#P{pHs1(-R;v~^+1v4|0-bmmWVfznU_Tu2b6@l;Lm}yk1*k)x@I2)I~cND
z1>1U=06wyvI-1CrFrVc;y}IJdGibeXv7@|j+=eCraxu{89=}LH0l*+w1FU1romT~h
z7fF(GQx&iB+nnAAuTq)0#DW-uMXK<V5fV@8O~?Nsq-R0}OU=RmO-TPmKL1t0WMN_B
z{2w*R%1MOsf2RLGHOckgYH~*Nzki|mo@&UJD4S7{3#Je7IYiFT+mKGgj@L-1z6>E@
zMTR>S04u_&eS$OmM*cGMfleC&C2H$z)a)z<kr|eLK3%(V@{?>0j-LqZ+;ZiupZPsF
z1&*jJe@D7JE%`V*VctPLt`ze{D+wwhajRn$c=87b{Mi$F+!=lYobH*Qd|k(Q`m$&B
zu?~7zShm*TrsmB6@{qQg!VmkuJz1FTEro8io`t&`{;<VS%3E@CMRtNd!voA7F|imz
zIqVHY*BgCFniq^^SY7jz_E_zr?y4|7lpuG=^esd3_gsAn_Foz`_CXq{lIKgmMn>>Q
zchmxF`rDvcn2{j?1R5<Hw$7|Fm*PWvUDS^Mq-d{}O4m@v%Ub;nO2mRtHs>?h%RRTN
zA8?MV3%-=11dYbXz^;4IVKSQb?Dx8J^k&4F1{m=F(a1>~FOo5*vHjHVG?%H7K`UWl
zk_y$Li}lij-XA|J;R>mI{(K8-l~44yqN5n(zAMMHcrg9|*joo4d~Yspv=@8akNB{Q
zg6%S&m2_jj>D$j99qASR9n^AYCE$gegzkaZeg3iBh_Ja8(?Y`2R@yHY)ry95q8n?l
zi*QLXuT}@&hJC(9#_-gm@uq6Bn|+g+UWg$%l95a`vx+^VT{&fH4hFF2^mKQ5@%DMS
z@PaLteGRq)LanQnn#?WL%(XnliDE=Bal4w^C9*2F>no+SVkSWvNNQiQC_)6P8f`BK
z=XU3QXRq&y@mn7hg?L5w_iX6<8QHLMtI_BABM}@i)u$IR-p9cR;_FE{x156%<Aaui
zcCn{B+d_Tzw^C8dWq}_^Ni$kYUDe!2%Bn#-A9Dl&#y9KH>Gzo!uhU=sFGXmB_8!e8
zuG9*J#JT7le#=Dzt92sK6cHrh<z?AkXs9<$?L)!8T=0?WJZUhdx3jarcpvsqa{+(O
zhBL>oMdsc^?)6|QP=#*(j#eT?5I-b2=F#|@4Jc|CwbSwMInbs?R|l8}(KD*PfP8fp
z%(VVz8&2SscFPha2?}7;Tmvih@VzHiEk!f1ay)^95nXMqasA0w$J^kGu@mBjYqzN>
zsPnoJsbf`^Ut)iOFdl2m7n1}%be^G6XY0HYd5q>;LgVt+GG8sH%76GKy0Q-d4pzX~
zPjwB^gb`COFxz<O3#ERd%L2>k7kG(N7fL$^+_L#iug995$Jsq=bvN>auIfTbCktcI
zA%I-;BOzI1`)L0dRYLsK-!DZ16F1;|jXbg|T;gzD_+W9QS6=a#i*YAHJA67*cgVO~
z(Raf>!pGas<rbi~U%R@ijWbO&6p5pMw#xx4WS-JVSq&jkN^b%&Y_d6`Nj~6R_n$8U
z9<z<kLs6|q=HlMuQ)~AnBybL;iv^-%r<yqqqZcmfr+w3>(Rc^3RvSny`|2!f%gfUs
zjh?=9#pbDh!fmHsx`+H}cOlv;YG=Vqz_Ico!7$UsQ3)4@>7y0SGh{$$hXWd{*$|-V
z)}Box0|^Djy^wu?czi2RkH7=!Q?3^Pjb(vI=GTH=NzlTqdbkuaI>)8(5`Uc78C)#?
zZjsPh4JNuQw@~Kt3L8mQLsijj-iD&KNtmiU{DnO|PBWu1A_5Rgm0K28RZb_IX>P?>
zs$reYjV$8U6<~|lZ3dWJrQe0JWB|QaF6{m_%n{g5CC<Mh7crbV7gRNrKtvM((0zgC
z+w7ls>Df1dq1*18#Kp;&mdAe%3Cvrnmeh_$_;}LBwyo?FFt+T*oo@Z;!&X!oVU=z|
z?28hF)qqeitszyL&xEDm*Uh_WshzWI73rxxSagGUo==1n<XLLRMOpVj5Q^H}oeI!J
zSE18P_O5c@F5_a9<$1CwLYd10vNX%_6hsf`_8c?=`3sH-$Zg#qR@c{`;X7w=a%IhC
z1VQ!=QMgDfsMLh6`<G|_e6$xs^e<?dK#1ag?1p>Z8cskD3sPIP>&Z9sJmuGvC*Kdc
zD`k(U!HfpvcxEs$l^c6<)A8ZT%jot$?TkQ%u6kW_1IK#(qpxBquYth>Ks0I3a5Nv_
zePozP&FqLHm%T(6gfavO_vf(*9ZR2$Vr5q2BQz16B)JHIYeISKLiFy=x5GA{z&16t
zzHa=TTih|)W**mp!miFK3HKYkz~UjMC)z!hE(w)RU-}qdtF_pS#={E`#toP3616e*
zF`x_~ZNzKoVt`B8fi@8Y@RwR_jaDf&PQL3utIxsMuIOAN&l@?vtfFdOlCn5*`VQ{+
z5F*<XtgUhz7i}K~P5CEuV!Mq?gp5jjKj;GuVVV_T9w2eX|2dyHKZ7~QW7!C(Si5fy
z2do@;lbj6_n*k@g_j5$<m?Fe>IUx;rISvQ=Il-q$#EK|Qy%r<@7~;*@!Y^O;MxKMQ
z15qU8b|UiS#zT7quy?exULjF=k(>mY+oC|LTlEPS2bN>m6RwZ^(#QOuunWN1KYttD
zEouEiYrfOK%AXW}T{*s=A5N~HRo&6+>VVE;ZpSLhZi~nIDy(!8J|wZ4;g4P(%p?6e
zecqe6dwf@3&gBUJ_LLiWWqmUzX^(*E`6<r2GLNM#&n;XZ@(C-6%uscBcEW+ja)XAk
z#WPSl{D7Bg0$3DhjLiHf_GmmwAAbK5;J>I3wnY9-6i5UPhkH>7e)}mmkFz)J-t(B5
z>t(*fVua5LU;Fz4=Y{+sm|rq#qdKL~@crO22-kmW!KW4g9M@h4fqWlNg&U{v;>o|d
zB!3wF=32T6O)6jO%{}7|`u+CaZ`XeX7=qn%M@+#EjNgqwtzHkdh~Sz9jueir4XXRD
z7!{Y7j@NJxTimwS_6y=EbMDmwzG1k_j2~-^2OF@E^XuXZeeaL<4CK-@{jiMKcNjZ2
zzz0;#I+*liGhTBQP_3I-SzQa3xS2Xf=?ofSI!?pa!B9}b<j=H+`$_OiA14^^9x0W~
z5lQ|x?r{BI++pHO3gQ$3q^M3QZ!w|e*ngvM63-cmAqtSGha@Un3NLBypmj2}_CxS;
zw1TR%e&0(+iV)CgkHUJo-gLZfrx5^)gBd=;TWE7*ZF9#VG_)CVEy83=TCl}UhjhEC
zkAjJ!i3Sog_*dh7qXxr`TR{GN;dwiAJX4%DbccRzg5TfPYNXHtZt){QMX{HBGPoTx
z=@NNY2sFXK1xpbQ!;y(0g6yq{Y=H_R@RHDppazLs77|BTs0XsrLpd{}gc>D4W7}gd
z8|LqzVTR@x4>#VH-tWQ28OPELOokqq4k-31jArhk@c*Wg+r--@i-kkb>a7==LFYc=
zxK5Q;Y!PfTZ1HOV=*O4$bJt}<1drH>--`9Wp>xXje}IzRR4T*(P?6x4iLH!_W*N;A
z-tWkI8ar`96kkn&2E47YBrfbz3a=eUdEHKKNzI5vH)&c*9=9h315w2`uF&$!LqRf3
zs&=P8iI}%)_iQyyvMt{CLz1i_OKf(mgmb+!F~E;*b$9lFrsMZxY_0~&@N%fNSU~nj
z7ct+=2?QaT-az+l){Q0G#bvd)-X#R^AQ=+U@%R5j);q9g7OqX&VaK*@+s+f)wmaz9
zd1A9;+qTV)ZFOv;<H>%H*)!kq&7W9xt*ScfJ{cr!r@2aeC{|;9OxO)T%2n5neoZ}U
z(Xp)P6g)6(R={r?-eCRG!qne6#a?gr-u)Fy+NiYwE`968i^ye4%^b<BTe?`{S<hzg
z1zer3(l#D_xa>36WyC2+LwxRbJw}W4LFr<c)M>^$frZBXP&AKch*^_nT2#+JqQOZy
zfvu5y*dL0&W;xq}H2zJY)lT>v5r@sMUS47Up!O0bJW*65$-OUF5U<l~dg`;XW9Uej
zs0@z=&;DP}k&~Gx(NIzZIHe=+{2lRkpKIp%z*zp2Lfdt3;E|fPx|Fy5SzNA$O4AIO
z5=Py}aT0anPpS2meW^VVy87u4B1Fz3eQ8b?MlObG<<jf-(UEVMe(iX)Ahgx1xj~k@
zMfl-0v{YO5wqi4(kRmxVgZ66d>0D%ZM2|xM2aIWI)yW%u$Y2B<*usy`Bb05>Hqp59
z4)r`dvCs9T)waXv*X1-{iPPEUpwphs0OUdSJBT3e<DGa+xaVcM*VP8*=Xjv#*2D%b
z!g-{)GO^d5CMY6t3(EP{5JBW)Ipw=eP5Aa0{|9C2?4h!XI6l^PN7ocDPaQzy3SW|N
zh<%F@)k-TK8G-}~c=%0wK9}zrpuPpRHwhX1^H^xRw4V@atL*IRO1|Rr6yl!g^9}Ty
zul#H|YYhUwbnD^$W|?A#mOV4M8qBXdOn)_7j6>Dj2weJl&aC(Ma0AeFg*4QAbDKpS
zG-Q^W)EQQ)Xtlkma5l^0Hu>lfy2uA3OqtXt^xyv-U9JI#E2AQQ?oQ-u+DE!lZ2EM&
z)!r|4ekk;Qr13FQ!G##44EL~nKA&GX8VPdr&z+kT#`r8AI&OCVyDt{_GQzv^E)Ne`
zJGv;hn>NT&v{lSy=D!K-d!AZ&G3)o}B78Q%<{k-ud9a+h51my6j87H*sqo-lZ4{d%
z4-|o(Ffs=c4LD$8F-;q0GZ=RJE*R4hWX?mWdeE%FRMFFEJZYHc<YHfgCT#JkcTaHv
z$Y5kuWyRtwMfokt*ErD8c5r4!ngSehK5;xi8#zD2Od5@s6jG|J@F*wLeS3exf%Mc=
zq+q;S{!;6CqI~NhjgB`4g0AeAa7X^YJ3k&Ufv^P*4Kf;}j`iZ~o!>LNZBKYT-QVRF
z5_?4WVx><MD)D%#Pjn?$Rjlc7+Eq7XF7)K@K?x7|9Bj(sv7mVQVdCP)WY78xKgGak
znK=%&V?~&`yt7O_wv_yh*I>Wh=^J=rboeedcFlp`G?it#O*^$zjH}cnkpKo;UT|m2
z;n9FoYkzCBw&eB37KY#u1Z<zDAjI=dh@0X4sxh6~pMyFpS~|NJYPeMJ$bHlTT#Obg
zGhxiw$TgEfkVs_B_!Y2sgExGBA@X!%%qr4q?~W4oOxa6~_JmkhgT;HG(B?5e5K{5h
zZ(}X>tZm{w1lAz|ytx8?VtW6Ib(DW|bZ-ROjZDKd<fnVKU!g6{0+2!C26ltTE1n0*
z<sH2U@t{?4+feBUEO62`umTdfAW9$gh8^iPHr2=6020(39(UbxWrO;(E3C;S;hNy0
zOuAXF%?Ug*iCoTwavm&kS*==ig8qg_!G2~}uqeh$2otiD=N<Dn=pOk>ept%z^w_|!
z>6PxCrR`;e)vlD@E4Ydvi1q3e48Yp>Yxg)~QYAg7u)k|x<$y>$NiJF@DelJ+aaf0y
zZk+<uNl8fWy;n8E@E2)JD{Lfgz>Y}x*cuir!)7bA|H5Jgky=lZezh!X@&&0FEp`<V
z;s+?&7`CZH_O%<plWz`XR)-Y6Iu;n-VV6f9IfrSK!rsy~xB29q7rfTQWnnPD*D$@2
zP$1ldzH)#ko_r%JC0$7DbhGX^T9YL)9{Uat?<rBwM&eazvos75Hk8F#U1M>BWVAZw
zL$<=p%aUZGXvA%{o=o#|UGq%He>vlyrDhP>IwE9W5=-XgUCG+kQZT1DS}m}dnBnns
zsGPj6%~d8tVx&B1)$HJ6lDEej>a+?e&sw!1>fYgz2280pH-_2m^Z|1UCt_%jfP?`k
z8Bk+UKt~G&QP@uB=B%+<hq`pNCSuQd)rndgKaC1w;28=+%zjZ=MYpCm#g7qrxWkxD
zG1*qmnQ7lo4c<~OINh7*stX(oB@tPA8iOL}H4qNz9(wa>{&FhN<Q}ll9(b84qIU!z
zMtUadX6<G4`=d$3g?dcevzT;@GSnxPIB$D@aDMBTfF%|fh6Fu>p{6$YH5?CR{+sIW
zYIs0Ao=$y`;Y7-Km3Mb}O)39%oWQfN=^6g7%5y`Ig}<=AcF(51oT|Wg!Q&2eQSyD?
z5@&=}4wS!C{(0SES84VkyOn*@<vl;Z1Cg`EeYnc>wQF7X46^w(Tmy|O586sD#vX@w
z68r}m9?$1U)AqPEB3jg&t>Zz>dy+HXp!_0@J@Ma-2e}q=D0yWdr%KEEMMhOLm|Dy4
z9?7C!3b&PNrRZ6-F#te5zq+D|+_)<1f6`2nFM<N><JI9rf&2X`j{cv9W+iYZ9e1)&
zzlg0{%Vk;<`Wh;rI=jlsHFgq?Tm^;Cs$pH=7-2~g#*<Y&=1pe?7RX`VEny{Rwh7-Y
zm3{~BN+>sDqFNZrURY;QL-__)L10NQ-s>~qfix-WdHFf=8`}VFP#Tz7OYZGKnIDC7
zDB|fNDDJt{Ypw3660OZy<?r3*+$e$x-N9o11d>O2IghP|{LWxRQWk^S57wtT%Ez~h
zQnW|lLujK^HXk3HFjcrqHv{lN;vkNil0g{K4`7u#{w|VsL1j>wrw^()+z}sLyQMMo
zAsg7=<(3cB`l$irn8lINMZpyYF6pcYyA#VOI~3%I#ZM;CX|6Dwi3gtqp$li6opt7n
zNTOjb1OrNK?hDu%1^F3`#N+e+a;BRdF%|*K;c(|p`H8S|?j|ijLM}xnKgT+2!bt()
zl(tlBCJ8qunTY@o(t+KFf82*rra};Z7~i?2+K7t!NyC9w1WM(*iae{jh#Q~8H+DAV
zan#NJlz-wy^5@s5!wLf6CL+~gEy>N)B8_C3SPo=!>1I0dC|>$Kk_>odP<USgs5P%i
zIMlt%z?6vZm9DPuvLi7t-aBo2wZ-;mkA&GulL(|WAJ}>j5midB2aYb8OT}?rm4i_4
z$iVScb}fKLmftfUZ-&Po%%S|3L9$z59_G9N(qCHO!jZOet68ef$!WKW91$!RVb+vE
zH&Z1#hvYwcmvJ2%@URxYB1$!!#e&7iyHolCx!CEfdu#3oi^5Au4suv791kJ%_jC;k
zQq=|QspXn3kjF}l!+n=f&0#9a>`;)<6yQOVJhFhw+^L^VS<2g$a}A41kR$r3)AE97
zEYchPl=#7t7+fyO`N$#;9xI>aeq}n<Pp<M1?hGP(cM{eLLX-IT<s1tEH3@Ryb<+F^
zLrO<#cQQ6K=zn$6E2J9-NT&=`utI!*MGI_&*ju}EwYis@V@b33WQTmm|IkqTu0uPl
zk=KB0TIkl{szmu6(g99n1)ud-(q{TT^T_A-vPj}J*V^4o5s0N_QBbCgAaW=4Kx*36
z>qD0=>A~WIgm&X91l%dkA?g#CgSJcq|9ylM`yV{9tLyb6`Zbc2Nnj883{VkcE}I%l
zZk4>PA2t++xN`;e5TK<7kiXJk3`fm(Y%+j+E@%>!JetrQcbEV)0gIR%NNHi*gn=9+
zn_3IW{B=7Dv0m({=iy(>H$_QjTj5B1%%8Rml!UfiUJv7QU3hbG`dAEAgk3I2!}JBG
z0<2Jomuz8Pmsb?sg^WLV9^8c7Xo$@mH-lagy9lY=?BSOL2r33D(@BJN*jRScnJIv{
zw^f=|-}ulwbSpxapzD9|p-`gNq>{$o+NX-0BHZAtu}pV1;;H9E|08H_ZgEIufMD?C
zW!5EfmxNb|Nb{gRAyO$2NV(c|yhTMH=lvgkD4;r&YHCPJQspr?e-YGy4sOj?Y?y0>
zmPNq|d9zadT*HC)lqm9PZnCHsSR}PL9Hf1&XjuDTDJPYl#``NFjuv_`xjQYA9j`l;
zme>uR06tT+*E=GEr;f8DD2xpQ{rC5*#GCn4OzI9sjn*&k9S$B;8PB1{lUrvPeso1W
z{3$3gJQs18nG&}JkBm8Z9R$tAK$hn~`lF9b9h^iZaOij()V1a-iCGybAR@Wbru^TO
zMP<XEwQ?gn><bt7uL&<)>}d=OD^Gq%4L*kM2#guv0vobJN(hsc3GaKKbrikr^*!Mv
z6F&A6h}X7mnFRpwXPIQ&rE02WLq|-P^x3JOB5P8)nE%4yn)khs0eRvZ{k_+<%&bzQ
z27yVJdURU3(9HOBt6|K0z+Ex#R{l0F0{xN5zU?Zv=ZU0mdZ;{$Up-8pop<h+c;CpD
zPu!3s(;0oTPW9U})a1RI3SvzKv`7E1qWdrJQXFJEC;?uuE$v+NS5Xtxc4U41RZBHY
zGqN8bU_q1b3I5$&H5tZNuOJG&nV){CwMDW6N~dvtN-VCp{j%iyz{GU{qMV0$Yd<;*
z(9+(7a7jScQCs@u_+xjJzE$+)+tTbSwe+Q?TKaJdgBu@iKMYhWvH|u_520laN$N+9
zK&twwpgDisscz5VDnKf(xYJnJyI0}SuG)gkR>!$F{1W6NQDp2y-sJ3*!?Ui&RqKk1
ze8BFQMBJKdjI1yp@KkGVaE-kn3>81M{TI2EICpmMTK#=;;j`G4fkMjI7{Mz8@ZFbv
z#EbJq8)5+_TUklx@XLqeezp8gg7Y64d~c?2gB<`X*TzIfwL!j6H`?wq0H2-Vgf!p4
zJ$@mIYo~V}`oO^Av`Uu$;^t}Ud^nTh&A?i&iLHgkId;YnNRaE(+Lrb!7LTN`U~GCm
z>rm0Mw3g}9*UiV#@#*gUpULfYYSi^KCfWdU&`*A$=q4q;cFUjT4_3HNCvzV^BrlgD
zdl=F->u0H{4Hxtc+-XcRt8I3!^8PJZRTq8D`)U@3==ozZw~%>wyKc-dcOC;TwfN-(
zgre*mQie;KfhC+lax|4H1D|g-XyYyp(PnX|vLMK}Bw9h@KHk{j|3Ey=*9}WM$;AQ2
z*HJzuf<xXWP?gj7=LJ536c#%zzV$hyT<#aoOJ?)g!c5u_P3l~!Vt6@#g}0)Pc`=HF
zG7+*wo}wu$3vD+bSw3&s)%d)oZ6L;^>m2(xT_v#w-1;-6VAw43K+6&hn>koo@%#ih
z*>tG%9TW^O8rzUz#X3UbS}#apfcX+ZJI<UcCDX8uyEmqAe>EVrw2NVk(5g@Rph%B0
zTvWpJJ_8L>d|pInB`T+gE_F@rcwRM<ONDP6<09h)@s&_)5aw=utHyN(do#>9g^ZC%
z%QPD1PhwPsX7d`FCYI}(MF{rB8-C$^KAbGp3zTtDICSlvIrpZV=Rvz!nmnZG=XY$=
z@u=s2#rk|<+RhU9OPo=`g<#|6VokhM5lytlCj}yj51^Vx9-tOsT>mt@FZ2ezk!@;R
zQy9&uX8^;3dd~5lE(QW1RK*uH-`E7Fq1R{pvXwt*Y=A?O4;Fm729Re#ms^wcCDcaL
z;rRFxR^C}Wg0W>mEv4y?6B{wz`iAqlmr>USU;pgQzv^CBVlcKR=Z=(@_qccbGFbME
zkAU3BmYI`PvN`wNWd>(dt701-N5QN4%8QKgsb?t4NYu9QFdRtuSe;3ys-D|7@V<|>
z%|K5;_Y)!~0ysVx$j0p>3^3mU0Q}RJCG2wJN^#Lyz<bw$2{Rr=DS4Q`r;?|tLxeoT
zszwAM<J?Hi;M9bsoiDl$@%Aba&C}M&0vx7PFNN&Dvp?Fi^089R|Dmvp>ZqnMTwhh1
zYLqih+Mo`*NU(bEUZ(+~qK0cS@Y7$vFpCJ1cG8j*O)_DntZe}(`Z-I2fl<3RSVlSt
z!;Ei6DtPr{^{o9xt>~pE1lBrGk012nZPgOo=-9JwWjRW3GCd3i2LJp4tQc0C7Kq{_
zrZxt}|M~p%hNv^d3{zMKaHJijLHL2`NF%?5S*8TTQyjmoKXU&@b>XiQ;?j5e9e(f3
zAjnzVvad)jydGj_;Tdz9IBf+*F+UcTO;D2?M7E73at6E>JO-?kz58yuofu1QZI=il
za`-YMh|1?bmlQxHBrAOtA+tJU0w*=;_OwClFgqB6b)xGa?WH<8{1nV%?CCLNM62LW
zLj*&j+U=++*uZ^{j+;_C804l4I4%1KYlR{jjDF8um1Vwwjb|45<YF}_m=;ws;_ae^
zZBj$GpViwgqH>a<OZpO}T?P2g3PjitZJE?WMJTS@p3hUyjj?)<?t4dX12X|6h#yv)
zAuAfN#c8U6Fs{C3j>{^{L@TR>v$)DD_Ho0`Q~A1esCt+$qC10n!p-nThn)q1CH=?J
zjW{7qFJjg-Prim?nzY}DF>E&jF`IBU(_6{>USXiHMCW%z?zu%stWCLRKc@u3S?BAG
zY$r5Z!%JczvZ~znS>4449KXLLUI9JVK%UepLQ0a?frDfSW22~mE3?xW;?HE)gXl)~
z`T(t$qdeIZY(P=ir;6{_l7d-0P_=uAu!cob&h-Ql?RJ7DiM0;sQ^vqWjF4Jc;=13;
zf`pgMHx;1lm>rTLMl6UGOPNiA$s_f}%FK(@lGiYOP(G9EKp$HGI#kMg*`;!)d0gTA
ztYt`;(I4huY9O4i7;9!0n#A!CJ5h<!q}ef-c$a8}WGftm*)UvoVB%_Bhnl&^ZUZNP
zBbP-fb&pd@l);CiUVJhMQcFqVv7!XK_IG@c)A7g1kR7LSAtk_PSs(XT$C#2(%arEm
zD-{d#>Flx7M?>@gIw7MRRxa(6Yf06e*VQyli1X8*-%07{7ajv1JI10!Jo;Y(aP678
zUJgJ`+6`V)rmjby|9s)}B7FI{a9vQpa2XZVdK}Ps;;=NtppC|C#p3aXUW$`I8z?eW
z`rt>riT@Q2jMQ`aWb#N3_^6DFj%RAxi{P<CcwrMt!AVO1-UiB$Tbq*uq}@k;HewCy
z$%|C)Qd_eXT{cgV_?r$@DHL;ph33d%8lsh9Hk0Hna7s+@QNZNxax+f}h?mdh*T}xu
zv?l>nhecz^<9$zluB^jlMR~2+$4}sjN-0YRE%d!ItAdwsArnHN>md>JpUc1bL`=1%
z9z~?}W|h+bwfMjgpsx@fa8)>;$s)JHMZS;@ov8_zo21Sw0%&+5`tflO5xx7=O(6Nz
zPLZlV8c>gTBe`1!OwQxip~Pyj{C-CNI-{R%tZC4$W!&!l^lxDn_^Pvp!N^Hexi-5L
zOvIgi?7st>?7GE=!{;Fow##UMh!b;{FRo@rAuyZ*!k5zLWu8}u-BJ%oY$ah7{~m%Q
z$G6ez51uva^5SU64_S#aN@M$C!{O{u%_}+|6e{sP<$A7;<ulkSl;0w^Ciy!4SXqA7
zs|dJ=Y3mJ}8vt9D&)kp8^Jt_0Ev}Y$|6xR3<=U+C<x-3(ocnL9Q&LE@>+6=lt1$O9
z4d90b{I}mZ^^(vse?4|hqOYs3y97`%(w_PY5ckFuT$~U(^hx#GyLH%AU2o-I;f<iz
zZwVS4>a3c3oonc|WOk7WM<B_s7p*e@nyf}Y><P{?k#Z9&I7r@-2o&O2r8$qV5TprE
z=&-_`8gZ_+vN&L0Y>s(n#3Md#24zap|0BZzdR9aiZZ~mOVt9QR-!GW$-cdQV^|Yy6
z=ZBoSy;NxSsCwm^JTj&hd)}`>!&pgWFQ;qaf~s@JoNd;K^e)L>F#M|gGn8vMYBK<a
z(-8u0U%3oH8V-VW=~3zLlV<njWmk^#aU)N1j_%<}Yln^a)9S=r)dEuSz{%HmNDj~m
z1R)wfk5R4%UGJdnG26rR(`1`wp!-w(G85S4>o46UcZF$XiVwqbVT9GKwDv;Xk7hvM
z$39@6aV<d;WwM(#-3i`uQ2AwTCB6J8A`V$kU~w&wOO+Mgj*wFrDso=Es*X@ghysTN
zt+h98hsztOhPjZhxv?hn_q^9mJT=jr;Qznt#liBwV-^-3c9uj+!|#|yQ}-Kb!;~;Q
z*1W04?c0lA+yVsfMtm>S@fpmZTb<KmHVxfUFH6A=*RyFqlsiOyCV!3+Mi$tYbLk)S
zkA?H6Ui%#Lg<YfcqoaJ(zGYrvL2NN?Gg-aSoqZO0KbSOXZHd2zO}QB(s-m-?QxL|Y
zHLWqdgA4*^kF5W`-vKYzxAeYcd^5FnX2yP#Xd38uKID*U<!hU?%EWbz84Z!<Ntm`~
z26y~B_1$2MX@iMdIMe0t@M@v-Jb@MCBUOQrQX4j!jo?2*3z(nTcXxeo4_QBbw<yxA
z;VLtWWQWW}qD`R(9|x9amezJh!$1;OB|K_`s_dyRYgi)-<AKZvD$9ib+U)eyuTP=4
z7$8!wg1FD{2r0=q6}%s;AcQ2c|9;8f>11*u)E@&l?QYqF#p)IN4c`KGg>^%!C~94&
zsrMtfMDxR@aqX%B=wT6xm&I+J<gwJb5Kw8qsjsGa%mqA_BuU}G95PB`!a*+x^Y4vl
z(@6|0$^ancall8n9b$ciceHi5;Vn*XObHPES+Y_wuH7f|0Gl>{@l8L&FQ0Fs?fb68
z_};=Y>YZwgZ0DcY<jWDnKf7wO6tT?EEOLj|n(|S}6J>UKJM;OtJKFPdzC9YxiWYQ~
zb6IYkUekbyAWUWd6+GEG+SO(F`Sbo`)pzXIs-^?JKag=LiLhq}>UBsG0TcpyU|XCl
z6j#Lf&4k;WHm(^J$7_7a{)cv6z_s`IqGgJ%ZT1c??x=ZSVsJ=3*?85&AFv~lUL*vY
z3VtY9Dlw?+jJ;8oCjmI4+4)ctHMsWbq6kVU=6mf_D}S+_ht_o%@@=9!=}r%nrl{eA
zgy%H!G~kHzg*y?fGVOOH1tF71*}}sfrqr>2*j-l*_c##Yfc9Q^Rs*F0!Vf*Q9ZCmC
zc1qSfTxqU)YR=#(%)>I+dC0|f?xr50$ISqPw-Ii8?Fg-@bpM?hsYp%miIMM3sI8@-
zGi1dtmTgQv+>>zvxwvTZL=FFgd-1LY#hgqW@7r%el0nu=ax;lVO$&|MIz}3eYddg%
z;mh%(A4;UYQymoLkIDYQ+59zm@v?d+y`b872P7BhfU-k~h#u#dvOic~|8i9lks7#W
z8qLs=@TSYF9{(odmF~1%_2MA4j#*OLkE0gBc0=d1o`>+|c&*FkhSG1`lHka)#anMP
zfH?3?qWI>-qn@Cw2@#aZp4I75$C22lKd?yyjZs6Zixn1JVf6ALduf5aLSrdk40Qqt
zpvIW1d}SyhQkVH83KHH)oB~0w(-D&QpFDGs5)0w!6h%A-GACm)zt)J=MV31xqj1V1
z=3svc*;yo+q}=}yJh@V1NANoT#nFh43cNtT|LJ>KA(8DBj66f_Ib`7?8=kz;I?+k7
z5Y8t_)*R|Z7`taoWW_-r$m>s=xx<_31<H#KTSye6@Xv+6Em>sg5oYq9IBkkanb9{8
z1_AY$B~`tB#p$KZOfWRG6fu>jmoAvVnsbADzy;en)3BzuTkoq=zq{lgV30ou7s%c$
zWh^er(DY9@fRkxOs!;8&n^|61j2M@|3JO*fA;<{Kw&RfuM<T8Y@h8bjqlw3-2d!UA
z6;9YM8SD%|Kob9S^e{0<P`x@Oq2{dT&?0*l!cCu!AdWcez^#;kdqI{vXH_t0vr!GA
zGZGsX$%`!3AEmgNjuU?V{k}K`24F9khNy@XSXUKg7kPIhyFlB%`3PjffLYVt(&(I-
zf<%VPd0#_tg-V}?#AWbt!<cbqU~Yz62#+<SEd67o4C%~E-?J-;f>I-z5-m-G9<DUc
z+{aXMdz6Yn0pA=<?AVR1r=tLvV>GpeI;=R>Z9#bsS{b8_7@+n%J~luH54at`r#5K%
z!!g87W@+lwW=Rby9d^tV1|VfJ<9-Fn7^35fm5~gF784&6u@L--8=9>c6!1!%hi<^^
zos(J;=f{NyH9jFn->cW>!fcu);k9y&)sEzYLwVyPg$>=WB#KnAo_k8Feh0$TL?421
zl$Xc;jI0^sy6ad;HT@w23rvi)h^sVp)J<e0Lmv%l;ogTnPBib@K~gpM_5HltyWm)V
z-@iBubCoPx+qc&0`I{5)BiOeqy3UCI-k(g7FFspLUsEOjQUq**T(0}i_QJG(PcPAM
zc=djDX_-xR3>66XBDMt3i@J?JJ5JtXU1D(XrgcrO#UQU}rBn016Zp{hJpJshCz#jF
zYv#H1zVrMYi0~vy6kzTBHI|0q*Us>Ce$S>RWU8b`b2<Vx^lfGt_O@H^qzhg>wa>vi
zIzAG3&G{kxMIh1{6!L4$>2PWOO=V0pUv0V}qplr-*A5TH)^(#$-GjX>%hm_BGv|F&
zp^I-JHu+-G5$iVE1Ejf=;4s3I6Ez)X4i@92ASLUbjLRW_knE-%cS%*$`hj{RPrbbU
zD0ryN*#OOCxA$l|Dd#wzmmZ`DTCdCmZYZ=-&>Ix4oYg`m;Bh(X)p}`O<2^8F5ag?6
zwe?1PfJ0?+8u<O?a5jigySVn3|Aa9Kt}php91^rZw7bl40APLv1A$<xqJ;tfPbY%o
zzuP1%JS_jG0?P5<qQw7gfO7EsPXn}AOV?pT0&}G2OcOp3EFadH9m`-L)fKnd@mtDe
z8P?YUER>Spf8%On2^fd2JDC5&#aM)Lu}rrNlY*j#JM;XHl;0Dg$f3*uGk}Sg!Fi7d
zAHf-h%J+&50H)N$HTg22Rt=>a3xGt-c+wHQ@X&4V{cdVN-{4!pfty?or4#On#3KPn
z=P9Q{rD?DD-(1Y`d-B`I`!OF?M`pory@pfeiprI#(4JefGYxEg%98U(h%pgEB1{}}
zspBSn8Pop=I#FY|(p!Jju8hSM%CNzKl`YyM_7m7LK3g3C=mKN$I`++}bDwzyn_#|;
z9R{p9x^5d@7z0Q4%Q!r1geL8&?OIqP2mQa5-2&4`Z>eV8?pxWJ0B3?@`+c1vRy6(c
zvsqsUir&)ELBC+<YyRfyX@3LUrDhc$fO4gR6j%XvLFJvCK4ypN=G4T5Mtr>jP%Zr3
zF?!v1pU0<fwj8^CBnYimLtBScv#8vg>37)2bj=k$(4@-w#LXo>Y@eIhPUVYwgfA1R
zmvh78zJC;js_3!Uai!+eCm&@v3nAN+!_ddq*|EFp+k^5_yha?NEx|0Nqo8}RQh`Xj
zv%+hm)g@>&5oieaPJ7Gl29I+2r-*jp$sNA2k2nx0{8ivAUSG?y;IH>|TAIeZes$L1
zJGN*6L{||C^l?uqi|br!A#8{H6lbt^AjodChL123IT$0&{_J?SN0us^NOPmq?uwZX
zVm&5cCkdqV52K%%>nWo^&tD%y!43kscMG!Q8Y4sP?gf47u(_V5S1I~Anl(g5be}hq
zr5#U`gi(P{5eAv|wCD(y%1Bckw2DtC?k4%&z$N}64+0gwf||9q0uoy#(W}`k+F7xg
zVOupm-qz9fLU<{zf6a-p=@RO~K*-r3EW;1tqQqk^NU4N1ogc5>{m0FcS~tHy?PN{l
zsQpc8m4ZCh=ntFAaX3Gh=iGFUb=C)UrOLAVLhVB_z@2Z=xTK-MzfH(mTtzy+35Syo
zIP+Fi*EcHSF@TI90BYiY+J(t#xt8RK%etwZJi?gCuC*+3xJ*ONYh?rwd?rx-30J3m
z(UA5x4Z%}loYK-y_YE}G+v&2MZ7tk{LH7yY3DSCbeY&8KM2R+e%t=a~_Pl7^jhE3w
z4xI#hA0gWFC-olMG@Rq?;3ZlOSj%x25C(Y^eoVUbL>)!~y;%3k!rE1QsfSxEf_k<)
zKq>MdJYNhS%v@WDa7vOW?6t}a75ocHMafK6h@87%QM+6a(jQmh9rG+ViGVE4L-}X%
zjuuREYW60eKbF~Mt%NYCI1C19zdn;km{uTTJ*hl`2^|?`Ju~a&&3E}pvlk!(%-tIO
z48&g8mh}~}Vu}wD)z@Fhak1WHVKW*+6@&KWdFYfw=w!g&jeE7TJh=CoMeXFv!;{?n
zvJJcISk@3kU__KpMe3Y=KO2q0>yA_<UQS6a15I^%yj(hbw~6p$hXF-AVG`<X=LWu5
z^kAz;o}=Nv`EBxay&t}2P7FH$SB|5GAI~%Ihu>RQ?zz4Ja1^7Do>P>W*3G9o=;Q`g
zz`62OxNpt$4|)|c<v*%DXnlWp-}*Ys=;2EjVg1n6BgebfFO#)@W4r>J1B*A-8$jZ?
zX91brQA?}UPj5TUQGsCOj<XU=adv8KVnQQH1@z>r4mZ2$%^ADGL$Ag_c4F?hA)R>M
zGv+eJ*zWjdQgtqFYBOq^hqQ=<7r$t+@%6>2t40$}38qseLaixfhgqUOWv!ukbi5F&
zu>NEIp)ntc%kJmGIwfjww3xhc+O!Gie~yYE%^=I{64q~Yg+-Y_9ZiE@?qoMMMot^0
z#SX{G-O28=FMVmjp{a>w+rU0khLg@hhxw1&7@lWwoUIG&tPtxG%5g<dER)q{kIx<1
z7E;gm!;Z$Mvymb;%R}eYA){+HG)e669>I=x2bkvBm6ca9#U4%)i&)5khU|M~k~D10
zr^2t01pW1Pr7OuU{Q=cV9Zr#`!lobWxQHS^uD?^TozP_vb;+p+)*L+`pWF`lcBSRt
zTn)l04<YxSa3Ap}vVC}F^}1sMOCC0ei>2UO^f%D0qT@TKfEBVTvuK5wE=y2|NuGx~
zN12#h_IpYgz%1-sDi>$<{0(#a6T4c3LEK05=ivwWmAwWE+1*s%SM@`|v^#s0<mYqx
z>-_ua2$Ac`h_@gdAFqJM7q-P*WL!%CbwckdjEEEbEQmEcxT*l#9_e-WI`CGNZ6eTY
z!76DMQqQhB6E+gCXc9D+Sj&p3LUrNRoV2`+bijyUSFM+o<O>_vXjO7Y%&tQc+}>rk
z8v7f3LzIcs&OpeFIO$q0V&#{HeX=4*Bgf<GACji6&mhVuzorOp#)r;KYB)(0yV{OK
zEH)M}%^!&}Y{Wp}fxVW^*hAG}V;SVJHbxN%+!l7kli#4a!@k<(5`GBi(BQcDP+&!x
zxNa$8>t0w#f)KMWzTLI(FKMN}14N<IcCJ9<4_U3T5HNo2RB$;hUI^dRGoQV#E~r|M
z71-~YPR9B?3aYAPYV>6{pK|4~p(Vt@GA@tTJ0wYG$5zSScO)`6uCsuWrj2zhqb;Z5
zfty4HveTkoZGz+({1Sz3r9i$@Wxz>nskknARxN>oQ$ikn5Elt{<dT;K#}UwSQMW}}
z>I1tBnL|osXD0?qVy{M*Ig2Mpyy?Z_X+tdXW8YUVvm#lRI>LJo!?l;Wv;NVTodr$V
zKt*kS_X==Ha&fLJWDg-lI)Q0cqH}LrW%k7mM179KQ*SpMv#D|tIhV|O_w>u`DgnEo
ziT4avT5@#J60aN8&Ro}~C9-7J{~fv_an0f9eW$J1MG^~qWq}ND#a65(xhivL`Pw;#
zI{4!6<@r2a=vG+pgA9jfj|G!w0vG2zCjYZd(4*DPoOeo6Q+cNUWr4kqGI*+qkoKJU
z$plCids`9GCKY0frmB_*4t*D~b#M1eV(!lSO>-hDMw8LuoPV+Hrq&WnhWD4(r#ASH
zWq4IeF(xWdT+tvkmyCM8_kg~%izfPqdj{%uzw0df%CAUKykfV<sI@A_XLZtM^0@)#
zy`09Bws@Om+cHbo*fMkVTv%Hq@5O6SBnVi2B)j~Tjk_0tdM7426&_zf7$e#ywg$rM
z4f-9?u@VtEk!QBDFF{{sz|&7$S@mY9{9MXe{HG2eUsZn%!E&f1?|VXHj{1B@VZgqP
z?&gvCk5{9E=fV5g0Y}Tfif+lnkMHME_gq#lukUAX0PwOC^rVj<x{Jnqny@%vz8@v_
ziB{j3F}Q8x&Sl<c{!$NX_4ih$APYmDZ<uY4;uw`8Ro?-he1sQ%AiicE@;6{^5Dn$N
zCnf|u+q=0=ShaEpNHTCRh<TnD`bNyRqs~AX7XO2oJ6!j=_MkOmnlT*?f=j_cDRD8z
z_L>auo2QpF;BFBG2R%n-zC7x_8T|cgUv))3G`!S$Qv8Bzgb8)oFXYq7-95kbP5_lH
z&1~9i#IS(6vZU7QdXf{uW%Cp#x@mbWeg{N(O*+->ImS23nZo_ce5OBb^kK9n<cyrn
zk%b^BYTO@A^rJ9zN=ou7h>JQ<Y@pLE$+iJ44K(Z)Ejm4DtyEYRO7g6<s>XNYNM14Y
zpCEDdl4@_d-<PO(hP%41rW#iq=+qho^a1>n-t=ZOQMej1k88ja|75l%Yr=-NaH5)f
zXrCOXt2IQ%_u5&8^YO%=-rX4>sOfj1=l?yT|7XqVKO7Yg2lIb9Do)n_ZG-*aBbqZY
zmx~H0pSa2SyZgCT*vfK1y-_|5q__I9e?P&pxwEBN#n3`G62=XqGE)OXn^K!LmFlRe
z73K@$W7HQ086=`2g`Ka|)%GOsgfva+V00oC=5tJxQA_G;<V&-&GJebO!-Hb6*7n_@
z*|fK}{q@~kLTJ;r=E0<&^-lxoo@c+ko2Dah5`bQxxxcj6+vAC`+4WE3hvC<`=FZ2h
z_RaOo=Yv;5uR()msb87fL?%&<S=z6N!}!)79UooJL*FIelAN31t*V-WEXe}u5y+3$
z2kIgyFs7sYStOJG1*r=8i6bTZHB;S%bCEF$>3{F$EQI9o($mgmDB|Vo$DOsCf-LAj
zdZ)s_Y+g4nvLqv##k<<LGMLcinD1SuLB_p_{b%{MSCzYVt{GVtCVUBdR16OebgjDM
zaGknkh(!mp0jnMO<2|^m8@K49e<p{AkV#fbY87nLE~3Q9%bQI$IzEc#L>-pZs)*KW
zbQ)WX2gQbs#C=UHE9v*O1Heo9HTMjFAE%wyhFxBt<BjlgJRIXC2Cb~rE9bj4dffsS
zk2XIMtueGWy#h@P(5<bKfIu$6*vZNfE*(bBbqy@}oRa+kuGXjbL_6^@=X9CIsi@Hw
zn$~AKO(Y~f#VK+^ET6yK)-ArbkFwXZFJx4)9_S(Yp5MN(C$w*tEur4g5?2<`*?U<y
zGO#ovY6;2VZ6?n44S4$w5~X)!8Vf;g5Ckb;iB%|Kk`Nu8^=$a^*M`$$pGNanLg+vl
zw?$Q|h;lIf%mI1G=gq~^3R7-xo9E|;yQ%&0JzBe2Bn(pW9T&sTsx#Juh)KIp_f99>
z=j2j7@lPhkQ;VmFVoMiOq=POXb+F@YDLMO%cC@#2j<q+@`DIG;TZQrCY-5GCYw3p)
zxJ^e3fmSt8!j5`nb3-Uzc_8GylbIsYQ7?$Lso9UwE-fE9+~eVvq0S+K8wQZYxUIf*
zH#OBeg%1Lr)+{U^@T(N9x}yT0cG=BV|52<oUVXNwe!yZV+tb>yBC8c>LWp^b9T(M(
z^ICdgB#^qAh608-Z84ggie37XP?1DGbrXRdpKx4cjiV11%V%d%Ur4X<clCNnxrR(a
zhh?XeetkZN`fdgR(b-avrD%dBKPO5v--7{nKCeVOLyo(Q60s+C)%sQs{#mD8F~)Ba
z*k6LmXD>(e^+sPeq9)2fk}N7&cqYn(xihW#3TPpk)Odn&qqty`Ynl9AfUWO54U!o@
z=u3P_3uWQL&eCQ6PL3Q%p$;KvxWN!+Fi+?jywEjQr=LB(nQ0pN0F0spSR-ZT3=5ek
zY&)33<Va$O(ljdCpCkkkNS@JRXe@I@(B>YEoXveB^fglYwh%a=Yfd>s5VQ{?0vevZ
zL*-mJtTm|9O$BJs!YwP!V1f$o++|<`;q;CRhFtUMdNvGg5BzU(eV;g?PO_V`3{)8A
zx<F^`PGj@IikhFUtiR#lvISsTMO?exIulXgEEN$F!_k-3g$Qj-IFf$w$)lWGly$h%
z8lsdq8jDuifSE@ExgmmnQO^D;`n}Jca~#gf4Kgu8ehSrAbFr*r{tjccdU{t_@G8_t
zS9xej3kI+XlELIH^Hbqjjozf7Q)?Or%SbOIqzawxlZgTEaO$ni^p3*{<dMajVIFNm
zNHZ4L0JBOi<-B@(vlcDFl!?x0ty5e|9*ia#u!HR#XZRfm40O=$6Om4$ue+$Tti|$G
zkMXx5)j_AJ>p%GWT=CR>7m1QzFTb=Ry9&j!rFqz*q5!2E=XoKF5;h4}O|GZX;Jft5
zQ6bG%_jCnCydiGxX0@zd`e~C|rf!@Dh$4#}A+*V=1)opoLCp?fBSDUo^Y9u!L+D;t
zhe%p2yLkHmib;ydzWZzfRstbD;sq$}@;I2NRq-(zGi{Jc)`M;m1cb6s&PcsFmN&PN
z|8Y0eqsPeB@u~EXT|P;1K`NuaKHjL6TM(vfSTDo5hyZeCezEb7P9{>JOWSM;HACq6
zn}bi*pb)OcV;XQOFH^hYLZQS~B(=Y6UGDve<GOSMRuYi^1_R(5BbMJ>C~402vSAVx
zPRu>7a-b7g@EUqt$Pt&}-+Z)chKEQe<thl>mvmJEsWpWhDovZKduNGfXh1=F2yyDQ
z-w%C+v?!dkY~l%yz#_uGP&lTo0><{*VVAX>3G~(>*6I51g(fK=N$E<~ebah{J}@{?
zOUB!Q_IoQkfUUEID0WCNi&vy^PV*>eCd%@B9)~VwgaYRMcG`l_RbOgpVM;dLNQl&O
zM(s!3dabWOA0k2!9SeBT)k4|=<VB;RD-Hp0>&{j*1B-OESR+M3OBL3_o?(6@_~eS^
zo<h<ASJN%YfBGphWY$(2c5yPRNu4&{yp5_rmAnBzmuU8EqI6;9_s{jwF!ax+aJyo=
z4JTib6biB$W2NS0G~58RS5(c7iVMbw$<niKgS$pFOBT(`EG%rx0+3Pa>5_XeiUmMg
zg=V2tmPtvOo;K}PK?2lf;j}A;l!GEk@SdZFlf~w+dS=}imLz=#Uw+T?()X5??xHJ@
z6?WJUB=eRuj^L5FM$wBT7hC5#Ai(YU%_gL+dzBCxeTg|!KGW)exEsIeqwVM8Ql5-f
zPNpnRXy?_-ikjy&tpgvq!&!;$Fa10)Cwm(>!7~!kT6@au3=;taYW_#mN08s!Cn}JU
ziQzsbk!tR&d1FIRNfO6v`|lw#0@J2I>Y`5{t1*#_k8wDhCUSe^x6Iyuw|f#8M@hXO
z)wvi)f3$uV41f>rcrs!CxLs+_h9#75I1h9#KH%wq-PZ>)2N<j%lI42nlCC?4ty_`y
z{F^ewuY5hnrn1zsYxZQtyBcw{;nM*Ypu*YUGEj6DSsaaThCOc9O3g^>n`Bl3fv<cB
zUyF@hb!u1@<?)_Q^63)R)fprD5s2c?35)kJ4;p7Q+%aTTwAc8(*^iCnys8DQebGPF
zEz~gTVkWC{(2cgzo9C$>S$r;-<~D{Cn<7lRFYgifnxUSQrZ?J?a5*=k%=Y)(G5#jv
z(F3Fat>fW~{#@5c6vS)_a8%4du8+Ug+ZGlfXr(K{eB?rOnw1sT7;WWi^JEf=MqBS>
z5}GX*!Mvt%Ty>q8Cb~<Ok4wQ1Xirv~5uhCDY0c=ZUPEm>>_W<=h{S7l`DC#68T9OS
z+CHjub)^b=U?=L7`Ddl}O0EKv^znEdN_llfCH=g7G&V}~f|&ZRd6y$V*?8{#1V`Qc
z5yU3A3i?bmkbo?Cw#Gki%d&X*;MW;OLwp-<>ME{pD(<#^2&6k^do0$_b5b$Mo9HJ^
z`K)X{Ysr#vibp5TgK_YwrWrJAR;Yyx<<ix>sQel-$x{}{zhlWtqp{p}9kV1^b&4mK
zIPJ>BqYU*A8@EG+a-~Cn9B{Hf9I!H-XjISc$#8$@#=^1372_NxY^Nh~a2#1{R*J1C
zOLtW&JyuSs%!jB`V{y+J{V301AH$y&z|kE0(-s)6CN_x5QOuXAr=%h0>_5`ZQ1lE1
z=KsU@DP#>3UiCn_i}-4Rw&8$MJ%A8gCPUVG+uhjh5hq<{WPhp%m}Bhw2<L}5DhQ3T
z_f9hkgMt7?nd$z>#0#zcHA~p?6F0m3FKe5+yA|#%>q7TN-=r0_IyP@A#=yZ~)@Z|X
z3|1%@jgnpmFn<I5T68uR#8xdjKBTNJXl-~T02J0F3Hxt8X4yA~AG)4RhzG_PATw-6
zSv+W7uiEDZVxjT#yDx<--X9R_8#O!Eo_)v7wNj61gBT9VMx?&Y_JJf)$4b$Tf6xr>
zNih<sGyL#Afndt`E2;0oecO4Gr@OHlgnf;#K8hwM7$3!0?isfzDd+fMpIhp83ilRc
z&AB;Z_@6oTfpNwiR>IPKPMA{Z9#}fo`%ucL5V?DRc477akR|S{oBdeXWR)FP=<5~M
z73J3Kp~Js2?_L}Kiz$8<=Y<}XX&dadpDTrdZL4TpQI!FgQRRBBSDzGr$wlRR$(Sve
zj>1GD^tI*e7jWw7M%&O)C}Gw>-a%cke|XpR&XoGf9#^bcM?d(~ia#0wdg}GE>X9{T
ztCdp&sr#Ga%n+uO7R*Ie+2BO5xI(xnu*TvcGqOkjU49#C-jVx?5Wwe}ax=D^tLbbL
z8r%xLD$c9p##L<YY4&2y&4?>qe8f%2Cx#P=KaX91)EN7V-n;w~9IM)$oH;-o{m-Fu
z{=Q6?!U8AxN}}$Mh&=b~lDW()P#pay<t<|wql&a<;4eB?ws$m+0e1|QV$qK3(as)n
z&;r@8_)`xKN3n(M1e^1PRqqk<?1l?CtQaGwma(0+IIUOMVNd*4alI3`IQZ;Nisq<u
zHwDdPUd%VHWz0SqW2Prb?OC3a^ZdPw_6jkVTA}<2Ym}IBmTe2rh6E+>ac;RXgyTSJ
zQ1<l{;B9s%9b-7<YGXdxoH->qarDgbDIo`~hfS$=VqB1gA^x8+gS8m0_@qB-rjH;)
z=+?D<<UR)ct3DkEq_-x+zha6!-<d2yUbR#ddSLVVqDorVdIyl)KY`m9ZJ_uuf{O^-
z5M}MtLpv+4dz%v=NtIfwr^b}~IPnr)*r#@)z*95Z&5l@|S?bZLqAB|~Cw0i70g-n%
z^I6TehC<!BMlV?Cslt~vYt=7jVZNJm{gN<<cQ?x^&c8!C`pnBsJUVfHJDle%Lf|w?
zBBt&f_exJljP93V!YCaD|5U8<SgnHOxC!2O1w&qS?NR`RzY{J&kMwwA^kxOs8e5Oj
zfNmLi3A-WL>1gfYn_Tg);Gz468&_F^yY#l8kwqaL5h8HdYDYc4aIuw0z>kvMH^yTW
z!Eq$d$V%qY&Z0z34q|eMo!!LP<(GtB<(6VS#;5U6mBY>mCsv7Uri2E>)AB^D5IZ{~
zBUdl=G=A*xXy=di9<OP72u+M_@HBbs0|8RRcY*s%P*sG1s|0Y8%gR~{KDKTO<2f<*
z-Byr?q-KXTTY}9K!G5s&!xkL*UsjEq<e(U2WyUu@LRxYxTL`PtBI!q~MY?meQWf=t
zK}{<CzLa2R(77e|i1z<*c<*_#0yZoMaZSvAd#RZ*mi^1iix5;M6rzQ`KCfWf1-=ic
z>noOU@%d4s{oS$WNngy7jH5|)M!{P=bDztdQNWq1`6I|k!ky~B%=j|&Y@7{8J9%-h
z42s1*=3&vR@k&lG?SuZYFBlo<T&_AiFzSOoS6bp!v7O#2fR?Z4DLR{mZhuwY#Dle$
z8Ii#S_=>P1dRmOLDX{82Q`t=?1Bxq!pB&MYf+7}o^^h2WSP?=cz+WXc>7^Ps!{1>;
zjYkf1E$O>cccLY}a3qq{p(>#tdbA+JlI3jaeNcUVAhGcy3;jP90Ox-hPj+Tzp8sP3
z{CE2K|6>7g{U=9D%#)-A=2f*BzFkrRDZXwoK}1xV7Md0uEiOp<hp$X>Epq{W08Gj;
zRH3PB521!xw}<oavC^^^jO)3HB`dGPD5%OQDF({1(lI1E{9vnQA|6D_mKcrEgxmY`
z;&z>`(xbJFwc*V6myh>SJhC>N!b9-dHNUP`b8!YNRV~D)-wC%s!SO<d%A5(VRY0YO
z8PqDJ@hbi9^)Q`m7x9g;5z6BL$!cTyCi^&&a%fLe^FJRifD~GQG)@1|eS)>OQ_u`s
z{XkP4+0%(=$c^oWb=N<Z%PwN>lg&zZ@V8)-4Y-WfTrAp}_<7a+U`{$p<)7R`0g}>a
zgl%HxE-MlvaB3RB;hw6wk}{>>@$h>mO+eP)`cq!?#6Av<&Lpybqu28dW-uMT!Y~`r
zU!AXrtb`^ju)Kq3RRv-ig}RuMP}54?rmP5yuJz|X#vqUmZD!mL&+JuK0mE{xlQmG~
zu&%SInrE(fl~P55oZxzVC65ZW;h2`1W%Lc~m_(~-|L)#_VsKC*KQI3RT{B5&VXK=V
ze#EM)rC9d>+^29*t@{z`_O;cZ@Ht89zURwFPyWt2ZP=bO7vie~BJx-&kNg(NqI{&c
zZLgV*?I%Xn$PShDm6Kk@rd-9u=J{hd!hP+eRJ@_jz{(;=>nM7`ZGdLWvI;pq=}-^S
zSthSjxn++AL_dV#Ph28t6bCbILm2pNNXTtO?Jex7EDLUJ(AYI%v!FDpXbYC>$sI2^
z#pK7GYH5dt-x3d^=atjs>3QqtS1&3QPNAfca%r<TSu<_Pv@?~8;HGD{6Ef&zoIHJf
zc07FkJn?AKqQ|&xFqLxuxbf0C?4xAV6a}dpyZ%-Tqy+{D{^FYDi-NS*{YW&(;f|zT
z-i5bOBSk>ftfvkz%Og#-{>#B1T>*g+*1^B%B%Kk}>wzHqtY<O#L-^lrGVGHN8~g&I
z?FGsm)*!ipfA#E=wwoA6cptxN&H-S$?*r;K8~mq$@=2ZM?wM#WC*|oXiVyOtgm2PA
zUY@xraJ1CTQm>e0iZvkYEWYrK9e3z&=qgog=>7xeR4F)X6T{>D$fBy=l>3RZ4{qwE
z>Bb|+_PHo#If2qe@U(P-0p2fu)4g5hq8`UwO89!}?QC@K46)n@RC+Si<X45hjfAY$
z*C*WYyIYouZyQL0@GjPzq7ou~nI=h8U)bp{&@dq`A6y&LH9E}KarZ=Z#B4o4$ULTq
zLlPvT$>b3{vdt+#2I}ER%(j6uD~{zSOixV#J6cmpBTEQF#6FHBT243!S6wMPg3GaV
zM<J$B?3o-C>kJZhHE+$m<LYg`3<Wo;y6G)tQ+d6>MZa@I0M@)mub%mrm2TiI0?uMF
za0h>@z=RT_F3u((ugkx{nm6=-VmCEZXR)9OSuYa<!Ii6CX^ufhN41JmB$E+yOp^(j
zSRw%^)oK-u+AY=;k@6#Xt3$DO_fzk8y9-OinUp_m+!H*;8O}}1SOOzzJg!x018v2g
zzG9bB*-=Zo(59Px)U!MkI@JbMh9sglFo%0)+4#*mtTx6{-dC%~4nH?y-pZq=ob3C_
z(q1QqqSdq4v-*qD#cOo=T3)z>cvINZ?x})z`xB~wM%ZuVA9*RropY<&ERsk%nqO%0
z+jd9HAh?X^sW}cKUIro7pE;&y1aT1ns9hJlLZ~bLv-?qFH7v5yBTWCVhd%!vh_*@v
zx$jvhDNs*J_>w0DUYYDub)0qWA%b^2nzV8v5ttR!EZ5h`lM@$+4*`$sa+-qsV-<<O
zE<*_zFQ)m-ut#UK6P;gJNFLMT*?-P1ao6_(DkII|^<xa&!(4zpEs$gY5j@2n|93kG
zFRB6Yesv1PL47!9y7`eE`i^lCa2@+0uMchzjaK?E_Q;S5Kjh?6lHs<HA(l870>>iZ
z_Zz(=f1$)DqkIa~qN9cTAbn!&qhLYUlE~4iCm%aZFAu`7f5hKxnZ;vMXDDunQCLf+
z5m#HaaUQ*_B0?gdozNybZCs7Q{8BrmcKQSQ%!+|oqTubKoGj5wd>KmY2ozosJ-+h#
zaFSlRX57ijX{<cX*WM;W8;e=uy$va{GsvPO2QfEBVZdWzWI6(`M}Js)Ja{nG)VzB?
zvymgA2snopsI_UaTV?FqF7QR8?4Jr|V>W;1K9{wx9Q?O5{4z`o_w>K`dJCXBzGZtD
zcXxMpcZc8vch}(Vb|ARR!QI{6-95NNaF^f&$VYzn-S_T$|EjNwf;mG^_v}4$YWAA$
z)oZ-yrpaOCW%ztj>h(IV(2Enmo6^5pbNh38A7I&G{4<J5L$k5|yev3tx)}D!wWyKs
z!cyv{vUL1m-3X3W14kONBI9!Zq8|nI;~fF1ey`7FelRis1`S-MO8JKz-RX3IHAeD0
zt(-&tu^>V)(cJg_^>tP)RhO^Rco!KYgI|i$u*G@lX+)0&HG;4$31n7~=BS#3ko+YS
z904(SHb-A>If&L+;M&!wag<EpH-kq?uEurKCbnuK5Jc#95407%Yc<ySLaOE8-OEDU
zCc=y(H$vSjpf~0VPPJIrpbb(@hObsarS0JcVS>w%Bu`QGx#naRcjsH$@^#2r-d->L
z7lOAG&z%h~8I#%Z;ujhoIMn4ka`4Aoc>s1Dzl?i)aU6&)Z;J`_j<2ucF`bew^R~M4
zxCqM>7eY^guR%_as|ZY-6zu6^pf$32otrpWf_#2*H|bb`lesD9jgwJJZ^D%eF~0gj
z+@XH#J-EUdG5N{RMYYVX3tDV*rEB{Gb4;oy<o@t1V-$--$CmJZ%_ipk3ms)fd4RGX
zH8pY{CVU~>ok5E!6e#<my1q{Jxf9o3^?|2ISf25xv6Z6Rin_mbm?*w5EcL1!C>P@B
z;dgEs*_~8BtY{&O+;I9%Iq8g<oj6Sn_gpvK!o-3KkQp@aykku2KSNxK!dOr%FD-#u
zv_hB!Bp_sbw9p|@LV3LrkRZJdF8~f3vNfWy!{}1_(-6sNjZTweb|f~JIne<-fu{%O
z8<Eyn9p&Z^m-kv3dE`UWWA{oHUy^QUgI6v#s|2&PYDMy+T7CvJv5+Dj6(k2Mt7i^n
z^}oe0gWQA5E2gwD512QkbEG0`Q&<GEt+T~KPbhC1em0R!iF#RkxggZ(&IaiF_S#xh
z8qHPc>;+ygih@=?j(*uv!OQ@W8zn@U&u0(~%Ad|pRADrxZnY<set49fXuGa7gNq!r
z>eq|32Ieu4LR<Nc6`T#DD1gZJW(N8b-y?OyW2~AySwAzroO#^6+o^5koBK)6fB$oM
zT^n;v#uOTodU1u6wq}G${MqC$_jd2YFM;9}to~g^?`tdLt96eOc10d@*H6R^I0z7L
z+8yt-&>XI}pVQ7`iAYF8zcub!4h<<FkCs-GCD8CZH5LCPNVT3aE5GS3t1*Y?kWbEA
zz3aBG-5F1^dY}7DekAwv4E1xRK_EbLJ$CnV@-(k+&vinF*{`yth>QYcl0m&MfM`JX
z%Tc$Kdj>Jh2HR|cFOEp4*z#BV!Irhfo9Nu^05WnwxPmEfZsA(z;bGpjD-8!kWzACY
z-D!LC*2@UVSudM>?Y9n6T&FmsAe|ra=TRvev8Vcx!-$Y46@yZu))XLkl?!~P3rnl^
zWNHX)1|S>ZmFb*nhok`0KUu@9`vf#ji1<~N7HN=&9U&N}k($_gd-ifH%bGIkdOVOV
zcO0oqGxAodTKtnLp3Q1mTkS1nk&3vwgF7}x+nkKm&9AkTJw0K#sw&4Sr`jicT<&x1
z3E9X5H1}%|)gys9s>WKtOk4<Yw+eK08nmZ}0;0unGC7>U787fGeP&s*s2Bwjm$LRb
z&uRNga91LUAlL#dw-GAXp{*JRB`fb9ymx&64`ebnije<z$<6)mc0N2joc~^ObN{>P
z^ZzWlxmo{Jx~6US+0*$`SLNuhuF6Enm#88GaE!K#npTC*%mdq24?AZq7A(8U1WNV9
z{Rg6}1wa1#+I!*cc#MY>TSFy^J`2W#EH8_r^lvA*2|=*V2a0#s-hiXL%eC2W5`K{x
zfaT9hbT=+th+jcVNAkV$N+QZAte<?cX5l*=cNlR%<$n6Z{&{hChnL)Cs>2aB{O^qy
zWDgC`PmL>8^{98VhXq_W0eRdYeU01nhm>!=^b@m7=ok4*uhAiC2{hIQW!n={vA!Zk
z#wRH6eJ*uUWqiPI&^ZNhSqz#RNF~leYh>1&b>*M^t*YwMYh&9xPGX(<duTYIW)6ea
zzQ<btXeoJa2qSI1__}V4RoC3=OCR|#yPAlH%8%ucdBC8!eLiYAG`wOAN!k6i_g1yV
z>g0B59{QAfQo7=E3er}(&^Wy<-N~#=K|XE}U6GbaQK^&e<-wl19tr8`I~K}Vl?dHz
zZYwHcfiP02590L9rbCT5wA{+?`KuT76rfT7A7vM-*#pB$2Pm8%-he^{UxJFk6k$F6
z9R}u9atTrhKNfD8EY-}>dcWBf<gfy-Ok5Hxo6@DcydBF~N)+8%kBiEeUx$0YEZn^O
zigyrl2z+hyZLO6HMqzIml&LaR6YcN;>p;KAcP@hWM#_&t%T9Zn{e-7}Y7qa<FO+<M
zn{0n1v-4kSi)50cMcXlRzre<Nx%~N%$Xmr+o~tQIZN+ICJTb_Re&$tj;!gk6;OJ}e
z@vq4$7KMpIaL$=v{jN+pp<rOG+XbVV%4P4p>fx5Z%pW*38)g>&&d?W)D?#KHB^@k-
z6Jmcyf~g(zYnsP}EIiysDd<4-oN%@UFrY>%0WVd<`e&s}`wI6OC+$-`Bay@Kj&Hn?
zIf`uu`{9HIEO|C-*EDkt!7)E@<%rFe2K47cDx{i9J$-xZ6G`g(F<bjI8Th0csiYW}
zM7Bv2ZHQ7lJF%1<7%$^y@-FSck9ew05MZn(U&e`3U|i6gqmejtaheh`|JS}Mz$k^V
z+9@m{-D>Ad!W=9=6V9H9Da=Q3*y4jD$9;maTBM&)9dX0*!EoW6(@2l)7d9J9W}AwR
zJDB+?_VhaReffZDW8=H$_fznhXTM+Qh5+ed<)ZQS8g_xE98W6WKSY<uCJVx5pc5Ux
z5nFxEK|CCbQWM3my`?hW|13Zv0<s)8hVvPSx7eI%ruk4YDdc*H&GV*7O6HM)&Ao(F
zkO7y_ek$0eED`d<ErIUuPD&Z?GbfLY8t0H@1VhRQ*^~({_)*sSR3Qvs1uT4sV_kfp
zrfYk8^~w@Sc&x{xjCP)uKvy&!jy37;yUFOJPnZ~)uu`#^x2IC~C!nfP0bT}~Y0GD$
znJW&d*Y->)lbN;H*pn}vwZ{(jM^UIAEo!?)qf6g<c>?JphiTIAz3nR9^|G%%pJ=L!
zsFER`wDCveeWLwf3T+qyk}{#c5X$Lle~Kf0Hl|%1&ey1=NPnxW__;*oln$+~pkUas
zDL`6>@*E#8d`jgcej$+~3RsJ3B9{p%5=uxh^P=kW#dOEselTws(9S<bT_`OXA95qR
z2$`ygi<EMeWxs$*a?7;A0djnK0!t1<5Tx=wfab`}vw>^;O_3S15n4#hChxbEUP1Wk
zCU{nm$N~l&Znhx7Qn{$GEfll}zL6Kv5CtLz;F(%F`*xp0I>GgW0A40ds{|I(U!e-F
zIwO5F4L5ZvzYUZHLE9-pdQq#;m_hW3vC^*};=Uc>T4LpypXrne&au5xV#2w9nTaQt
z(FYY>k)b_9-%I8SqywM&>HNE=y}<4GT?fNWHO38g7^VZpyaOF&r8SnzmyB?;FWuV4
z$ZBW76@pU=aXx?G1rYqBLUBAnIKH*DZz}!<{e{A0ah>SVsJ$Z4WkGM<wV2Lu-S#~?
z`qw;1PNvFg2kIo;gtIi>WvPm0xHyx{AE10M1O|9}az^aJGg!pfI>#d79nY7{k2#bF
zZ3GbTH&FXNyF4nsJ3(G(x1)u)G+}6R(u;Ws@>ljAY?_ta2!Pr}GndLANZ2s<2pX^U
z?FU!t5L>FyA;qUzOMkhsvB!v`h<=eKf9@yWksR*l<yVgLq=8%2bi4<o1}uL!qJC4{
z$&sdTlhS0o<@yux^@Wn|iz!NyQHb4cMXyJe7NAJgK<u!Pi?B8I&ex{&#XXr428FZP
z-y`kHhJPLpBmhNFj6r2+I_CtDU%|@=sy(`h)Rx%YH}b=@SBVov!XW}>^Cv~uM%&98
zEaV>#@mVfE>*4q=DM-9WAZv(Q{CgBD@V2aYVLFQ&x-xINQV;S%qkrn51P)yXv*-6~
zJ*V}20n=ag0G3~@!0uRhsZ-k&ff*166X6}Mr8CqvX#x;i%)-km|H_FB>nZV7bQvW%
z>!c_dC)lwmEV+g!*qhD;4cOl-sU?cwP~~M~D1y3ho~C|2u~2EE#*)@)0W~aYFQBNJ
zUR>(2mdIx90o89p%=tzm6~SO3wCYR2%|K#nvy_$%v9AkWkCTr|bnD7Gv*(iYUR=i3
zuH<v-09iY(^WU(CWk1K*he6}u;Bcxoxm>&CpZ(}6oD$j)BtcqDXP2C1cDma?tZ}~0
z>MiJ*y^~_mwPcFqLfg3rK~N+Wva>qBoV{8Lp~<22#X^=04qtNc8!}K~kiZJAbQo~(
zZgANmPi*7H$nQrHo9+mEKM4vINuST`o&B;727m!KcV>=eH!SoGx_kT!{`hZXYTjX^
zA0pgUUH5pO#hmlsd$edVGEwDJf_m|4>PBB>r$y<T!uUT3v~TN(X-1-l$OfKS{KgQ3
z^Lwc!=c&QOCIT8%kD-AIDGaZxeL+^6kFd_QzNIQw&Da#5<&XIbht63|ak^ABF`I1w
zt1D2rOoGGeLMe@jXb4v}Ov4}-HK%wZs$mUv^uh&F$C5F$35b<T<|u_cH)WtW6~W^j
z5mgFXz*Y<nixr6x7mVc8FS9zeJ7!P=8YTX$%L7oq>NC~6Wu!Y>*MGPZ66-|nh*qt=
zFDLF!z@lv~2LA9KDnfKc6Krc@w69tQ9AxXw<#0z0?<0f`IA2>%S@Lv<+##yVcjn;J
z@oZw%*hXuD>`w#Ph1|a%e=MONxG8r8xqE!YB`jCW?7v^@M4a!w{0oKxa21z8G)Lz2
zud2>YF)pQr*vTAU27hf$o>wlt<yQU_4V1~{kJ?hWqEZ|&wLFwXY<?Z!K*RxTioOXc
zAegd+2%$AWmPmR^i!_Dw=tPp$Ch{>G=lumkQD?qfLDZc=^C=Wb`=Xh?=f1+K=as&y
zmFITE@mFnl2k%u|J7Xa{hV&1$n7j@cL8Emmh|4Lw>s2GpETKzvZ38kjeJuMaVL^R%
z?+FCp58)MJRY1f0ZbQy5J^+;Or+t+j0(}=)LC7qLq6<4IFZq2Wal&C}(C>Shu4^;0
z%7<aj)mioUlJg<v+qM@}!Mk<o&%dFjN_qiRQx@f!IvP7Ou_1_j1yFSsVPw-@deeQ~
zM+Zk+KZiO%LYOu};pYdSa4s@6(0(<vMEHT;iK~d`6B~JdXVeOh@&vHkF%hdUeGC5X
z@Firl_2WW&sj(})x2wxDNW;)j&#&_n3pp<S#X@d;N_`dYP6>~_pCX?rvHT=O;>rO~
z;+f**MLG;nsUZnn()K>HriPSHwQvhv@oOcK4Il`K52S~OFKrolG(q-Iuh-91lX^wh
zL(^AFo{TSBZg=m30A}L32B9GtgZI;i)@AOl#K8gh+Z&K6+lU6du;Vzb+h?x0z!b@2
zWczolyG$Fu@goy}?_diUXn+An>paJ=>5(13W`f3|DDjuBr7pYIW2e|k=RI1o2!^i8
zZ@I1>4SYVL_hXZ5+IN&=Wrte12-l98D<3HXJZk;hb(D*afHBA21!FRm(o4kdYw|q&
zmT1aK(|B_wLECr}Yr{v5*}d)9xnu&1z8?_BXkPsXf{;U6)dx9U=`Y~nC+mxtrx3rK
z+oV9Jxjm6ARw4ZxT61Piufih`t9DH+y3uUvd&6v<OT+n+z8+ws<VTf%S?sx6THE<~
z{6{Ii-Qp8FaJ#rVn;YBxH%|CBNtK=De_Ee&|GOXhe}D(zEjbn7llAf`2Q%{Daxl|T
zHI2-fr)_rY>GE9eQ7xZxFcj;baxgU%qYqtI8zvvJfA)zIJCtOh>=Hm=DI)(8Sa*2e
z5I<Qj%EFgBX2Rr_{J-raA5<4VWFAkJyj$83mx3NFEU;8D*f2&2q*!&Xzs)Eb)@(jZ
z>mK!Z0k{qS@WJCe@+ix#oKD5DAoJ?vTFe~UJZ&7tU1y)X6I9Q*kv~~;KH$W{a93ux
z7NF>AcPlyIJpSNIcUlb`aq7(TuQWh?`2I<le*f%l(MRVNOA|{bg<iPGYS6c?&!D;}
zmughvuD3Z-U05SUV^JTcM|8qm!yM)!IOR#;2EbxoiW+7tzATO2V<ACkPdbGp=4##`
zc$}J+OXxuUW&2|BCB^e*%=V@C&5Jm~9ob!Uo%NIN@-jE3_7bV`BV32;B;PIkbwndH
zC~s?pK!GZ!foC8G`Ur|=eo{l&ptn<7znaQll*Bfb>wg$8`~6i{TgFu$$M%4Rgujdz
zeX&0@C5A1`{`SKAm+;ao)J5<<=QY|3zs1NSdEptp88CmYY7DljYPa>{W^p%3dEk75
z<`l^3@5|6Jz|Xp_IJC_(T{LW|sho(>kA$10LjYL@v!enht^Bafk%Qzwib%hZG_0S_
zV?x8C7j6k>3w{$BTNEY!n}D#+7su6$^N7ZJx3}y<Hm*2QM22tz?V`Kfl^reP1JFnE
z-bN{7JF}}gMtD|y*}FX+oEnq$?9x9gw~W@bzwkKuc>~L_L8k`Y$s?^g4RR829uZh0
z1YgZ&G0F!jlr6+&#o^>p9<`<;OR|bSo1`Gz5|NhAYCd6|D}bByoB*86Wt|XX32Xx7
zH44SmuiV_Z%!>ts=f^Ut7y_b@3Tlu$;bPlGDkK&8weyM+3qa)s(UGu5+vvT&N#LL&
z1$cKcC19^*dC?`zlq||{Bz#wIy1SnFq^XqKO8up&(8JdmT!@wLDmPaZ*_s}D)WbOn
z#Ou$RkAKC`U8_%52Xr?zPqPZte*fgD;3piSWU4L8BonG>-88v^^Ng3|dvsXl)+xdG
za<TkK5)AO=bx_z%1Jy4R=w|8<FL0e4B&(h&<HN$HL51vCIh9Kwa48|)i+3w}DKmWK
zQS+f}#0jvb%o{uMhcPNzT;mXj!b#%4?HusTFbq)DBqaD<4M+}nv~|TI5ke?Lf^Jra
zBcke}Pwk&3KuOMV;~i5Q<yMlu7SR51pW<u2<Ih59_ak_WV<pUT{nW86V=fRvB`R?e
zfi`Mdg5JZC^z*l!4sv;i4ZM$jE@&w#7Z(2k^CVo35oD4wD;~)%5)^ZN`0%9JnlVKa
z>vL3qr$YDr8c?&tRJ(HGlMO}k^z&wNqjFNyA*E8rt4*lC9=Vb)Y(;p>_r?8Ta{AEP
z?e5|7(E4R^Ws;kFasyWWUDP-H+l;?k=&#ii9cY)rE3@XlG9b^<bjUCzCt5PWT`UNf
z8i|N@;Di{v+*Y5sa&egeSD0yGs#(Zut-aA{&$9BqKL8}{dcdnWy<?mlDNF26NhV2N
z-<m(RxiD9(Sw>J3<ri&f7Q=mT5klyUgS^IjKkI}nDUltrD-P<)5uQh}k+5k6oJIjn
zH$=`@B6ikWa5J`|>`<Pl-&I=j#tN?$aPs`x*PlcciLc^Q?{$MUw1_aMu4x(lTD2%1
zNJZbissly`#g19!C=<!nVjxKA^Dwc>^UZ=5x#J)D7WD64b3Jq{N~}1>#SbN^y{PYk
z67s3QX*l{kAm37k3Gk%F(vGv94(la}UCIY*v_GG{oSfg!X6V)e7MDjLN)S(wG&eSm
zCbqM8(7h~mLLKNxJSi<gvcO+Z&md>UL#QYEKe3|~1oWmgEQ)okTLRaG+lZxIl;5VD
zE52-T`I26D1g}fWsGwGj&93=IFM^{v9<!j1a4EW8sNI=8-RXC5pC4s#bh02Zx2jKC
z(jX~Gf3%IUKu1AZel?gkE@Oj`T^n0UW-malui6so#`2)BgbN4b?^#rM=-45&LC0@p
z&H{vtKhUC+N;Xc`|A<{sTJxi%%V8EGQOu3y>r>GyQ}S098wDKooC@tATObp5siimn
z1rsFO{VczHXL7lpXI`p?|I%4r<wXnEK&^kS?7|pS>a~;%BLK^=%NF{Ptavzbu=wOK
z<5i)4cF%sfWoZVA)f5B{3q1*0m9EYJV$!EjweuOLGq78n<~+2g9ky1_a76+U_6#SB
zf(zI|ZGVgZh^{!p?c9RNfH{1hb2WjBss28<RCe)KoRFUl+WHF{ys>5MD{f^%ic>ze
zM0alQH@BeebFy0FR=s48%$yxe-V<e00m8mE93*jA^Pd!<{-wGc93k)i{`ua3K6%@y
z2Kxqx)8G}UfW$pAH~0Jr`qqkmbp%voP7%JJb5oGTg_DzaRgwm!U&hUH&J!@m$xZV_
zl~G2?>BdPAT~3%dJ^@AZ4gJO2D@#~i8-26Oi=OexFL1INxf2>rRcmCmPeifTQ<c$z
z-Uw}<$Fg%K8~O-Nm$XM5-#`Q?`HcZ;D`X#+Ohx1uVcd)ede`XyV$?3*@x`58;N;=!
z*Wg&m<>`StadL`|-ci!X_$C6PMoGF!IG%=22`0jCWWQvphf5+Z9u?1AO*TE10{SQ$
zYCxk*WW!i|MG0L~&Kli8ic+&s1`yB0vEuM2(_CQy!o9hT@jq92OAC(xq!-X%N1ODm
z8&1w!wi@j^Szc$N4~f)=Q4vp9j2>V{hn}eCnc+`#K}`G+CJd89j`lv;Ge#J9W#kp|
zo5#)-`lxkI!d-5DDPSYW`_CcbPw>2D$ZX?Wc|QY2{9s{q0QF*Yva-li2y);cc!c$^
zm!(?OT_{QUwC)wZ+7g!lO+Q0gg!jO0KNzaZL0sVSP>YL}yc)D6sxrmCB}|M$%BL2Y
zH;iLO?p*q^D%rur{9-BVQxnWK5Fe9cwvXDs4<1Ja^?D5V92?Cg`jK-J0Uk=91^}fa
zC54cDa^W4IJVlmEEVMDCZfB|beC5RBg7htFg&F}G1ETx0AY4Taz$@MBZ6^IL#-20$
zXaX2pdI;7Clr5P<x0Y4j%#IrI-B6egbu`;((%Bp_CTJjCu3wZD8w9Q#mcmptuZtwK
zV$PE(IStl262Kf`xm(TESRp-34i_-RsgtSm7i0{C`^;$UiE%|e26_MJ!)mTNb8@*f
zj(Y{a4-}!buteqqIGmlBn&@;_NguuqGXzwy+%;s}N9@>?ra`lY<mB>JOP|U2S@Kp{
zG1^s-bG%rA?K!HQ)j@V5Y2gxC2|2Yy$>Monc<Y%*+2~kM2LI?|jJ5lzrv2Pl(a@po
z@8tFZRo&au_2Iq*Mu!LP(uNpvEpIt-yQRxbfJX@xo#ie9;2#|X<v_BFO->nb^#vAi
z=G9(Hb;27zLW+ASZI(%rjyXXx4zOY`O`dWn`tBYGA^piV5O9lb2Xc3=EI6Fz`nPWG
zd{SqsGfXp*A9g-IW?m#0D{y@%iHY)>9YNd{_MYiA1bP@3)HHy1L315LZTj0??5Q|J
zNG04j=auJx+By1nu0GqgyqBxWrDthPRxg5ks(#<4z-D<lJxv!k(1IcO>x^MxIH%lq
zx<q6WEuB8!S>AC0-KLm9i6H`;?&gaf-lj~>3q;*d=1dkbl&y2Iymv<HRUr(Lk4Eq*
zC4N2vO>`Vd$<v{tQ;H6Mg)aN{WSX*51(fF>D-k|G<*`5i%STAKD|b~z4UZ<9`Hw8^
z?|HTTIg{y~58w%KWXDW%IbrR0I#kX8WXoSnDCE)8`gpfvgH!q5JBQwn#Lq9nzUlaP
z|Ia&o?tjzI*?74AyKLq^R^e)1j^@ltz&UFjP;MZ-4LK0c2_86MZAi%Wx86ntPDluj
zS=_<i)!g3Ig@pAl4d?GZpd$jtUn^?1zbS(MW5xD2<Ujj9&*mTTBOYL%wG}n{UqtYK
zZU61@->`w5?O(S4?c;x<|D!DVpMKf7{@Mbc?Jz;P8<Ff4!N54V|2dlLZ;s;sMEZwv
z|DQ*5vHrEi=lVyS@_&!>A7+sX95BWkA2@5RL(TP<uK$1has4el`d|Kd|B220mzDH?
zZ2!rb{HHB9`(Im3?*I1jKcnOZDmZcz{wpBczs`;AU!U0j<@s~e`HrMaod246u76D`
z*T3eA>tEB!{jY1MPx9&3&EA!Sl@mDa$Pdl)FF!zGZ!DmX3l>nxnF{Tn%l!8ueIhay
zHdZ(`R$!fzC>R?z(8+}u7~_Nr#?Jb=N%GeijGgnpHrXNBdEwZ3|C$1OoDqS(E*O7p
zfdno{5dZc8bZ{X9mb#b%!v_%l9ggsy+5UI9e|-F%t^bHj_|IJb|5)IE`ou^3XO{n$
z)jy}r&GkR$$_te9W&-5_ih2-!{x<Xw2X1)dfqjk-!Ic}74T$842Q+XUgHlmeRg@D4
zGPoUqak2o>+%3Vm+1P+S?$ywoEG#6fEG$5$0Q64>KfDORcsPJY9)>X7%%3;5v5O_J
z&w~j{Qdv`5N4D|a0}~W@;{yTg^@0Ruc%cB}z3~6pPVm71diYU){tx?ep9mNaCs5I!
z;P0OsFCE~cHwKiFs+_vK4A7|`6G-Wk4UF)_Xk7I10{e{l)&Dal*Jn)e#ybB+P%s|u
ze;v#HcNg$DfB+afO#`G4oJ8aP=Wh7?vi{dsj++}e8^zHm@I4gz-y<B07zWh<Mn_tM
z+5>MQ*}$#r&4DCQ*{IzA+!g<EC~zi<3&6?4BP8@+h~6_R+tW)=b*1Ammej{V*9H?$
zp^s{P+1iG%QoYh`2$%XuR8;xM3yG8zHeRG55rh;1CZ1)M9cE90(2>YGd#*)=fBk3H
za!aYr!f^YOF20X_@AdX)*AQRf=b-6zAH><;U7tTu;ym(XJOncsv*Bs+fTEBqC)P02
zwc}P?Y$SFYv^zQvc(ylEeAQc=9~fZrKflu=sW%=W@Uqb^e5P=W&o~AG2esQLOU-&x
zJ7;y_vAP<0nS=yc$ruE@9vdj-QfHCA=Dr_~*{;MFh1adFIqV6mh!^bdnTnYJpCpDL
zN-3suv^-jTq_t%4e-8cm4FG%=9{=GM7DdUyH}&HlezA*v@=#b!Y~!@j{q>kcSkAwI
zbe#y%SxmgfDA+-5=5W$e=lBE@Cp}A3Yk7^6n_Ow2`~LddMktN@Pc_IpKQy*AHYB4#
zV!ax*E)^iP(RbLV5q6K$gt<P$GkaC4OR-Dzf_fRn1=eFvVIU|?3gC%$2g|(2IFRX?
zc|(eY(lbQ0M>r6-D$hXi2CHd;iYj7DiiNHlK{>=_LR+7`D%vG?L6L&q8IBo@e@j%K
zsU>qks(}h7ChZ9OZ6MH*)B=_4I~5f=Gm1?F&K{)+A!~9txd9ay%0l?*5a>X{92zt%
zHCeo82n^Zt5P}I+KY+B$(f9V4bja`PCPk@?DDcX$)sdMm9*Gvo@b1lPbez`={(-5u
z$iMjggzPnLyaq_zP2!XAWO5s2s;XCt(0hL-H<DWO^|Q|P@Nk^D((uD1WAvW8B$a>0
zHQL45b)G+_3+;6RW+#G}bI?ojJ$i%PW0qt3O;I#DPjn1(=98QXe>qT_Rm#uJE9~~O
zv+J;7Vt9pe;LGVRv*ihGnZ^bS%$e86CAV4wj2~p0KX7lwZqY2W_^{wE=33*@O^>6!
zHl70|)t#ON&5UZ`=cQd;_3Gif%g12m;3(&IBq58EIg)WE;bez{9NCa{#(N+sZ%ZIZ
zu)j-KwY0{j^a04M1<<kXNFnh_WAMCG(*=yaJs<PrMvJW|+aDs}*i*ho;}+)uLoXM{
z_m?Q`0)*7@yTzl$XfD5g2?Y=_21!*X0RkH&JR(C+7d=Fexrw4vuGXo%B@S_XDNtpJ
z)0Je?qb<52=VC0<dvQ)_w}i|~42cAt3hHH^dF)Lc?f}Xu!2*?xv!LT5C9-j_;sO+C
z1U+rXGV`oTj1cZN%9%aN%ys!LXlLFA#TO3J2)vf<AdFuOCXXzg{akLx54o%jdzxSt
zK`NVTY*2b&j^TTx8aMpt3j*X}=GoOyJM{7vX|+JUZqQtdY2W4>AHd>6+$gl&y^8yc
zH~aovtOpF|MR{3x1b2N?y1Vd`o_6)tVdVk}SJao?<DcC6CE1IYn79$;9Kc&cY?hx{
zU)welLsRz$G;vqZmXP+CeS1-|Qg^b$yu5eOZ*IOzV|Uf!i{=Vf!iRnTq4`GKpVy%(
z$uHO)zlqYdf$LdJB$!B$OqA6PKKJ45Qi=1(Cjy`?uAO17nnON;{3<M7bK7yv_N{LD
z=?082rm*-k4Z`W1(GzNJ=#rnnJ0!)P$|OR@aegXr0z(LRMvTliy7f50bh01--0y+i
z(~*I<I`H7>Y-G~K;!m_83YGK{cR5Sl8wLin<~WTCtQrl;jFIYp;gSZc&<l|bHIOO?
z;{Xs-(M>L4_K`ufG!$rv3(-Jf3EGL<p`8`A$bX<`fPW)X1YMUn-JYJ%NsPK}w=7J-
zWn=6>#q(Bm6q4_LGxvK)hmAf2pJMJNkQchb>3_ayG=gJJRx7ojnHRx|$2Eui!1VtD
z-Dh1#=iPdovPBvNnjujrt`u(34>I=K>ISeNS8zX}P_tpG0h*70Q%8LED1iCS8GyvG
zd5baccomYrSlC^#Ok<N}M;(O|8OU0pVR1$|`n!<ja9qB09t>kJEJM~g$UwQOQ*y94
z2}se<DCsr@+4GF(8sPG?=~EWv5;f@nmx3sN5vq3aMqaU;C5Y`D{`U0L9e5VtDFDa<
z+m>At;=FVvU^3Bpo<8P>zRuQ(ql(J%{Xy{uF%!AXgDa|p4aJo`u9J6abS{~gou7;d
zwVi{G3Rm-pSm4|fF*$Vk?rc0Vmp_xlyvP`gx5xC2SOC{0y&|MWfJ<I~>R3O^Fqf6$
zz;W_h9~0XAZfgtuajoISE8H7QPb|Ri#L0d`DtsZr0Ft93AwJGIvf)qB1yzViP-y7Y
z6sNzO(~o-Q8gq#(48i*|T~HLzIrx719pPR4PQ!YFIVp^^0ER&(_62<2W<{eB8thnh
z;v4XD(<!N&q1bB@ri`eP9j(W$oAy^AxJmHwll1IrqMTfQL-a4YaaOC}R!0DS+45sM
zvA7o!T5i?k<V2$KaHt<7Jv`G`OIhBCn?*n2iMQY1WaSQGVLdNyRERk|Ts}UcCw-xX
zcSjRIUBJ+Pob&PJ_->Ug1QFqZwT0s?rO?T0E^sQP$kT17(rZ{-HNj9Nz8<~3Ns5SL
zM@KC)F&j#*BzWDpZF?35fASG&$2n{*66Wk@k{m`3%sR@-Z(y;y)!k=;l<oTw(o88^
z@!2Mtu&vU>nu++gv@Dm)7|1HCBvj!}bZowu>Q)HuIqFSV2;a6QjqE0%Q9VhIy3!27
zX@Z^bxk$$2;L=vd>0Fi!CH=nn!>fWewY$%#I?=51V%>Gvj;_mvhyMWJ$a?6t^@1<<
zQ7qQ0?SEOcC|t%rH1Fu-hz@ZnpLIR_mH2ckCZ^szFjH0LB;W#B(<6wEev8#LJ{wZ|
zE2)S|7g!2qoySH4pBR-0p9s>uy!EY7>O5f<d}uI%&<azAL<a{0^SG0<>$i3T4LBn$
zrNZzFlrI^zAw12G<+??H2KVCex;~KsVUHhQxt&8P4(iGtomq39=<3Qmi)TKsvlSve
z<u8MyCxfr_6zOZi&ZBR;*S=~=UxgMi%<-2OP6X+!9p0##oQWuY=3L|T;_^_Q3A;7_
z#Nt8zD%UZXVLFL^_Bh9B#)Yt79DmkyKc$ujhCAY_n)e{0OmbuZ0KqEsI+@c&#GkoF
z-&uV%g~@{G0ddrka)3q*q8T)o8xQgIrn6N>WL4GSZDn<f!g2V>jHilfmW;9dGm#dq
zRn8_gEtXiig4cW>cEZr!@G>{7y45UhS0FDZD<-J{hY~u0R}*PGJG*$d?&A#NzRue#
z9CV!PWXEn46|<=XD5LqYm2b=<5a;U{-H=3F$7)@#42Wg<P4m9Bw}*<3HI4<#S-_-m
z$~`}ZpFL{*>>x=+Cddk(={Fc%n0<Fkv&k1(?vhbU`i{u^r30Pg4U`e6qWMc!tuIaz
z4sOWmz}ehawuuaCPO5M{F5)NoeMuHyAg4C5NFkW@rOZwzKwt0>5wYOIf18fZ&}V(y
zidU5?EALP6FV)%ANWi*e4cFLY)6;4;{#9y<0N37oc8XH&AN7}I`Xu_h)%WqsDINYW
znZ8}J`e@tf#)<%lvZe~XC0{kNH2CSWhAuWEtnac><%80?3ANE@%Nc4x4t=y`nnp_a
zF41ex)T3prfP*8Om^_p;*=qe8Oi#r**UGs?TeAqpYl{zXhdIn+<nfde1K5}Hb+*7|
zR63=E3=&Q3rNeMFLfk{xfLKMDSm8}<c7%vYk6l+*@jcVD>0GP^`~6wOodNt5<xAdS
zUJ*F6GYa!Jl_VN1SYUAwNPr4ySxeg2v>W#zGc`?nK*Ye6J_$E9mTYPsNWZUEif$Dn
z)UcS6IqlilsDoXqGUqy(dNZ@D=nlMWK@=OjC@2jbtySLxxzr7!ijFt}9y&^fNML&x
zcI563Wb$Y<q<a?xXYyKU$F9&6j5Xn`aOj=zaKz+Adw=Q#CLV4c&}9N@Xf6y)JcCNx
zPWG4-upuPEym@k+Vk=i!UEQF0d=BSIRli(C4@T9I-`w$}CSH|li5!A;B{R#1k(fvo
z2a>=OwgvT_3He?fQ6Gyp*&AD}<e|MOs3I}eULY9D)GhW0jVfluujdOjk+9L`r>HyH
z_u@c%p7v|zRH)LQFbu;?Cn^TYOk7a3<E%M7084ls(tt49_jeO4GyJmwy-ywWP=(p{
zD&HJbLN06lz=48JsljeFza?P<eC?;78u1hm4f1YPU%``%1`-fAXox@iqK(H%BgKH7
zAU$n$7#O%#idc#>s8tF3txN<mvhRx0<08&a6hhC@&uQM^e68o?(B420qt~G-%xE6A
z29Q9*eUUY3lB|}Vm7ion9kXtbZGK5i$#T|ftu79k_9o~gXJcPNm|)jM@(tTYAwjE-
zh1EEeID$2ItVxbk$4bh8lbfs<irbys$y<A|4uU!`!cPa{muHX7X&en#X2nSwuczv@
zIbMMGjG!>Y&BBdgj9A>Um5FtuVt{t60J7Y)1Ps1@iIen)gPh%^c;?G$`8e$o{5|+S
zFR_gzNX-|9cdnL5r)=Z;z*Uznxf!5e=?7MMPHk<1d<V>~Cc1%`{D=kUj`5WN9nqN+
z1a8*zA%<p)TY={YYm)k(LLN$?oyEn-chnb(7c?%o)FK3#^-MgblZ|Z7Zf9KtfZL5S
zSmin;{S@61mCkwVGj1c#?}uuB_8|?@a56>cNkivukQI`>zm!P8amRg%el!fJMG#b4
zVlgqCmfXJ~h)~N=L?kdqythKl_O~Aots-@+u3OXAaKdR<>==70WObl2-QnpCAg`jO
z93Y(x+vkd$t+=!bUoxnNU_`;I0wPW5i<d;S49zQfdk=?X0Xt1~M)ihDn_P9Fl5bK`
zBu}0WUUH>n`6J7#z6m+6qjCVWB=$Zv6Y$^kQK}#jXd{R;L993Ny}@q`D+L@z@7|g7
zGvi4$7QE$sSyQR%R)9}+FpMc;;eLAZ{Pgx|{HIKkt99YY%cHj`w#(oo0RB}{(l%qC
z^cDDYv<rKf7jnnV!rcP)1Sb5iU}=c~>m$Y-%y)^yd~DBTvmc}8%k)rqk<w=P0Qlc+
zsak0J4F{WJR-RxBbyf7CFX?=oW5ZUd=C~N_D|O{O@u>Nm{oYe#exNMi9g|gXScQ~o
z(l%WooQ8{JoA}+K2JNi`0Owhc4aKG?59Jpx$88j3#<n47US7Clm5h|UNXUEHTE$(C
z6UVddphjwB&nPD*`b%vFtyl)FYosaH#ORkgM_P&l>I{`~C#0C3l989_;IL)6F@L3$
zEuR3Qop%T2%rEsOAx@P>*3$d6#h7vO3|tj)Mz-`te7sZqj+nwmfX}K<{XRkh>&Wi-
z?d*k$Zn42hvqv{|RTCTe<9<5gU1+4DFbM*fSP#fbD~gUrFqNI1UYH0|vU`-C!Bzp=
z>kb5_p!K%-Lv*t3@i!^zQo@ZWxA=nrKy39MIWh-)=J&pk>ZsX{sIaXbzE{e}0Dng;
z`v9;%M8Ajb3RW)*0m<3$AcRLOFi;Epg)^_M3=k(@>J;lam#FELGt#mMh=|gz5Rtz3
zP1IrS^pE9&9(?~6BTU3E`gEULAq0JLta00{;n|jO2hWA6xys;;+Zh?va&&d3qHg<{
ze#@6o5A-uJH&^(k^lreN``icNBxdBEW{=p-cgF4tT(noB1?aD}v@gn5bI~#G3L!cS
zlrOrJYAwMldN}!eL$Pc5#1%gpwD8LPDNQ;utDg0m8EbBnXjJI{R;*~8ob{967&`$j
zi<f66ccFNwu45he*y_5RNK0fPxwLEEpn&C|9eTVsBOAZpP?D)u@DsnFJ3E3JR0kyp
zLdIl`Y_OOX0rC?jCD_3HXZh$b$6~BXlE_5Gob*7MDx<hMnA|Io+i_{XO3Ny!(%d<R
zl+#*MGUd@?9o9EZ3&AFkBs~(rzW)3ed^Hs>xJrrCm_w`~IN3;xdkz6(7Ei=Y0{79C
z5?B6~qhJG~pSQ9;Keudo2~sKwERo!nEzENI=I=8j4tT&70c@q<wgBFhhjfp&Ih0IW
z9&<3T`%2%UVhDpinOkYj35=U)FtKw)PCubNpbh_s-ggO1@l3Y!!#(XzP1ODBp27oO
znc_hy^+M+AcV9csZwHZi2F~LQVn(dx;0}0d6x}^QUGSfL6kLe!-O@0WXV^Xw5ae0X
zH}{fk01Ae8D$7lSrZKxeu`PDXm*_XzYMYdK{UAfQ($!8d{=2HEy9?Z@A!Yo`Z~I|5
z3z4Q9$}9{RBBdRTrTwjW!j1I#v_%f)?_>nYRIpymozJ~snZ@gQBY}1~WeJp3jZcL$
z_(oVAQ$h4&w;)Hby+2eI;Y*Q;bxu;fKVJj!0n$)v4D!qcnGAfM)At9zUB}G0zQS+^
z)6usVl8jD$1uNGh*SQ!68WYm8CY?kD*0~o5CMd7RXjj;IH7y*^8Qa1N3-R(YweS_!
zw|8`u)3)<rdH54g@T*=RoJG~~`@ca<0CG<6k@f@G8IxTzk`pV{r1jNAGME_)vezfX
z0OC<(`ba?}R%W)IuCK<s;L8Y}B4K_Wu}FmF@T}jkioQ#Dhwbz$$a&-jslH2$o3X<k
zs{_B<bNR`nFAamyIot7iQfYe_y2rs6_4?kQf6G~k-;I54h7W`8<9*$%uc04}lNsQX
zU{p4TJ^bw$791CAvXQ?rblaQF^Pze&3?MkLiS7i7u?cFuFnlgUH6B+vEofseCo!~g
zQ_JL4D-YJ3_4?JQtkk_@Hlw37oI5xuE2v*KMI5yCgW4LKU$HzT_}?%1TRwIIgErKT
zMokGU2mHrYMhvrawZAte(DKRsM5>Y1iQ#c&EDt^R+)tI^)ETX$v>_?208@c_1zdO%
zmFp%H>x|2u-U>5Llkp!nD%V&+O*JK2y$(uV06T)`V!k*2*!GQ4Hl0GpDv!3#%WrI0
zgiDZsGOad?XI*!HM$m!jhEzaw<a4#8=`9(4JdV#g`=RYDN;Nhyk@T%V^M@K}W8?%U
zf%=d|`(!XH!?E0hg`kg@@eBe=9H3N%@48Ds^Dwv#i6uJw?wtL37W66&TNlR+%~`@!
zfxSz#5D(5)HB8!c58VBW14vC@FV}~Jx6N1VHrc^W^sOmsTkZwge4_WYW4+S35k<{G
zw|JM{eT}%X$22dL=()ORwl@pf--~ZqeObLR&XpD-#mTPhbWv`{Yq~*tK>!EIvUyCY
z`uK(ux%<^G%~+Gj;iKp@*{OOx{HZxK=BCVRyr!LNc0?)h$IkTXBuHilL-ZzdT~0M1
zi~&0m+mkg=8l-ip>AHxJeFe<s*Oj(tXBby8uc@M2&v|{a0}>W(mkGnpXq`!{_(%~(
z;df>j9re8zoN@)p_e<ZjTmju27kL5sWvgZtm8Z2QAon6}JQ~3`vgb7_-gO;0w#5Pg
zU3xw-p^$1W0GmTt5yP@*LrO{GB==mtZ@qZE7~hJ~5R@Th=}%AxjNp14@8>(-dtiTe
zOPpep;dP0SgwN_VNA)Nk;&f4>$~rtEH6OeXT6go3i$ufGR!fy^q64sth4pd=Z${~`
zpe|fzEa{R-h>FVh)txN)UNr(BZaT9jy2$K$SSn@hz_FBcRee)J`kC^XP9huESDLD^
zrX&eZ5G`cCnqLjQ8@OrzO!s|@)DX-5p|#M7C02Xuj#d6;3a`!A7jafrC{RNc^I!nk
zP8{nlY`Cg_s)gO-+6jP@!n04&jyzpCcGYP`FIbB`fP?lDCw!<+ZT!4ybD`hZ<z#DJ
zxc>sJd)40-CqO*qiWm5fF#PA#)`z(5i?Dn5Gu2*KuiyAr-3y1PFJBEwXDSv~t7jYp
zH<4s`%nwGG$x*3)$nAvB@9ge8lp}%@-Ou#(WuN<n<?7X*b$S9+4mg~xgL`dxY*DgG
z!{VOwyO)TY+!O~A>;l`Ay4W9~+@r*&EPCqam8@A(g;@;26kMB&*mz|Ua~K$PbzWLv
zrgLw5qxZl?)P?uw#;iV4d{{$}31w&3?6Y4V`ptO|MX>Q|48W)haZiTL9mudb9%g>W
z^LSKsU5hKT=tKb88h`M^a&*CrK9ewV%cW!H5|AN--@gX@z8Qu;OszN@#(d<HL(l8w
z=>e<8R2+l27lh89?ayBAmFm~|5ST~G_Ug^{$+Qg(?0PptfIA>1U1PgNnHK8Wg{4j?
zA4?CjoZT6h#+b&Z+A!ik=G%9A%n$L~jhBXax?5O%${GjI2~dBPr9`SEa^}qyW5S*>
z`Toor5use~7NNlS&^*lu`@m`vOz<)K=O)bBXQWmMx;^$;?#rxv>1A&r?_1pZZ{|R`
z`}CWuzPf`Xm;_Y=v*w~nv-xxQFJFI#f(g!bVqjJ@7Ve34iw$p0iT9|!83I>01#`37
z5lS}$X1I9(^6>0I!ZkbnCo%^YH*d%n(`j-3hkbT}n*bKwXYP$y!x8!%q-$6NMcLT!
ziWJvOxV1w#1P~mM=^89t>`=`?;s!IGmtc6sz1Nl>!c?sHdFQ`wyg(G7PLgX{d$TsM
zm2%lI)K!?YTsUjkKMdv-4*hP}pR4bk1`kK*r?Wi(p{K&sfuM?QTbA&Dw#$z?YWm}P
zPo81>#zA_}UiUj^zbjIy{cfUTgUD^;4Cb~k+p=E+*@mb!uZi73@8#!nz4LcRYbvsz
z(i?sG1&WOnqj0>EUk5M<Hg=;ggX!Lk%xteeOzK%Ov04!B)iOJ3>MwN5>Wv%dF5JYj
zfc%36@D{Q5D8tC%t75&?3U@sIK1uy{0sBDCV*OySilWj{eRi>x0qD-7ThcGhPX?px
zt7tt9gJ>Ti=T-LV7YR>!1a{QC<$V7&|FM0vpNFbOcQ#;mTU<3*-H@_!|C_T)w^z7d
zSe^jA3PHU#zjcoVM;nS~fRg7ijA(!LPpfn|AgiL_Bl11}b3xe45<o1l+ftbRCV|7{
zjv7KKl)vs~&gO^nK6{wNBwHT6SRWvIU71Bxw*S~?(u2RKZw^l<;28-XgY+T4O$&Do
zt(xwVS$un+`#~M0jn2R`ZS0&70Pxnk3=_6Y*cg@IN$E~Q+>lB7n62*8rJ&b*FpYfx
zWUUh$og(X54g}@wI!aou`p2PsQd-Sb@Cy_@T_Lk&@Swhl0KR-1y=k|X27g9FL}m_j
znUhyG00Z3fTy2RdNzYwi(tr04lQJH1;yH!gmj1Qs+jVy3qxTH2GrFUZGhg5%GT5AS
z<s!2+GU3Ce+wGs^w=7&{->&{umxcooKoGOI=Wj<}ypfpGM*bdJ#HQREBB@KWe{m(v
zAbuZgAFVKWCu!v0%L2}&J?<uA{Uf_5ow(c<e7z?)?DBi_a&YGqT_b~Rw60-wrdkhC
z;qR~uL+KAv(*yy>JE$irwi|~x(ye|lFd`PtC!U*3YCS5Xo{3oon626=-aPaIfGt{0
zNR6T3r56Yh9KaiJ;HH?HM4n$z2BV#{*epwa@~$g&ZYKip-}XCP4~o)cLNBbg6jto#
zQT-!E3R=iwYD@daLQ<j0UohsTe5a9eTW*IYf#O7?VYcI8{Kp2nC1pt5+JeP1G-9jD
z>qfF0w=F;2!ntd!Ra?kJkc2cnz#9qN9<R6k07lp!!x{RwSsRMbks$=<dPY^{_!f~7
z{d>-6O^lOO$-0uVZSf+-aI6xQBI31T`}?l4-;T^}L{EpYBRYaP!bo$GhMX+YTAfFa
zTS3iv)!jGyW2_fQnZf}HR;Pxc#qMQ2(d+L0YE4i-)7`lm7Hv<H?>tb*06V#X-zT9T
zD={m)(a>GviUJum;h^Ot%_7$RPr*YN!9KIAP2l{qlJIBVbh0`km~}REjXeluYQ)e%
zc|ZJrz1{^3c&(%%JAwn=es-W<c&A&Y_2*7rAd~%=zJ2e~uOqC^&+;b<w8=@Z{LLve
zL28WjW?XRK&WcUsMB<VO5Aa~gy~$_R295SMResX^&H!X!l*|6UAQUV?P&989h-4XZ
z=4+>HqxkiR6}3n#>@mRW{(Cq6a*26bg{g#cGwqR?$mlp`1Zj{AGSQ9|kBg-5o97bb
z4ajB!!fP%Po@1>jvzo&0&KM7Z^Lp;UTWx#v?^P%vGWFk-nZBs?_BO<1pw3W}_}iCH
z=SX~+u8^%)3pu{XU*daT&^dT%7^#O8HbJmOpr!kYA2{G71>cyz+Kp^m%>NM7-F|pQ
zViHnav}}#6oY0*jw9U28qGLAgiZV9BU3(wc$L@?#EfJW={e>p_M%;pL84J8A<NvQT
zHjuTP?z0X=uUrJ2^;3`_r(6U0a~lT;Q?Y}_{ZDDZf24_d|7Ms0oLs!T|CuP(hE`Ks
z=@25H;vKbQh=vB8CMcAo<YEw|M1{>W$){C7K?K7qr$gu_C$WuZ8=R{|1RV}1%vMI|
zClaaMf>1E&svk-{I26{-%zS!87>m|!_vn6Dc5XMaNbU9g^Ys2lQUVt#UxEzP2AgT4
zp3@N!c66LRz>~n@AAXY~O5l$5@n%}06^~Tv92Pa_2+pxt=P%GZChdrih%F^{K{KI5
zq4U{^f_2(2ru60hl>K6$b@*zv<M3__)`jtCDz}c-eV~sU{Q{i4#U3`3CFBhS69=t_
zk%NU{-pb~LN_z-m^rr3xmdS>?3U-qW{&oX!`&in6{s-Xk*~8|>DlOISnXl7s`%%t=
zAxewrltdR5^RkuBV&O~+Fxm!EDsnu{q$_0D=w=tMTjvulb@DwVs)`EmHg1xc-pDo6
z5}wP>?UZBrA(etoV@-A_&sadE%#?)5neJRHR3emDqGVHEo`laC<6JsLi+m<N0sI9h
zur0@3<eP}iknvJ|Tx6IC(~+GnNm0gHbhbu16sgWTQl>9|S)@B7x8^jL;Z=dBp`Hk4
zE1oKIN=n01?3R)#e=0{^l%5F1`w~;KtSXrlye<-x&!s|OE+11Yu?UwaG!dVuOfo?<
zfZ&AVJYtm7&kEi@H&`cU%V?i3cybL$JDfsv7s?!SM{dUPJ|oQZ@DAlgpvQYWzS;e`
z)60LT|I*nTr^Q;}U1Vl9G$t%L9P{dTKmVgP<{~DN(jpOJ{FHSn?cLOy7x^mo)^cCU
zbb7=dw{ztH9o-NJ0i**~mcT1iD&(dya@!Dn<E$~+th~h^eTx0_)st1sGf)j+RPjBC
zE};%b!-dY4&fu$5anbN7?Si#eU7n2`MlvQX94@iMzT0=P=yxk^S#LePh$9<typ6|~
zh{4|;NkvOHEc&g3IYQ7SCeoTtJXs%@NRfxGe?oRDqWMHG%0pEiv}Bll=@@paEVb!)
z)m_RD?7^>=Hwy$4H%-J==$fSflD8l6qJ|yat#4@7qD#1L^*#l1WIwpDN<-N@9>_XM
z%#8eSE()$0FS8hv@A>i>>xpc%t0BMV%0hHIMuYQ*W29Ot)W|1HdfJNU;nwZ5#8CfK
z_hhR=<F;ZXp)c?hkT|x5MSSEzs~sud`_vhXUJB_83QgaIY^+Q5%+8Slc+;ano1j&J
zDJG*Ls16#t(ZNnSu*eU4ofj7XKaR7nMm4#!^*8(EAl&x1$-hna=sUYrV5FYd3dvR0
zQ$y#l#GQ8R9$%exSfR#I?^z>#H)dOi$Y8@W)gE_XRBrCqoz@fdO_dwJyrp~ArtHWM
z{iBTEmpY(=l&QcqiY9OdSSdF`80qZ-Bgf%=;Y_)~HQ200wk=Wkv+6y8QQ67t@9lVv
zxkEgcgonxze~FwQ53Wmtx-!31JdBAs9%-qd1Wmdiy${O+q8JQv8`z8N!-y#76oKQA
zHgS^0JSS>ISIwy{t@i&F_7zZ3b#2>{N+S)5bVyDzGo+-1ba#VvBOq`T>6Gp+0i~q{
zX%Pe^q(wpy2`TCLhv)yk_kDzat$(jsv(CEDzUw-B?{j9)+1Cye9L1G*rP6V9&*P0@
z(A}3Kp2pcxt)>dG<bYlG_idBFhnT>|&bN`3f}8t^8aZTjJa3Uqyl&b)O{244tb1L%
z%z94QDt)Q3_Tm}D_YR}$?ViK<WwNxMPsj(w8HfayC~`+fC@6$|?ZU6nXg}flso|hS
zs~K>=eM=$kwe=QL`xb==Apq3z_opWbk2HQ)8oz(jmCsx74l}SiVmDPkC&5GW&I`BG
zD~y&f`<x=?Xq2O)Pl0P2cTIApOh|!unXfAQd_FFVp|#m<H@k(n<u#pN=)ngXE%K8D
zx|6(u2?}GA@2%h2Tf<K(*~klJOGc4QI9M;ChemUH+wxXhk=nKm`2t>r3mtnZb(y$}
z8OH4(YWAv)N5sIRH0<CBWJve42d!<+n4f>f_nT_V#d+UQI1|s_npbo9!TOnF&bU)P
zjSh`5u}b(=V&B65g!%LF8`bVEP9<ya8v-mjBKEn~J6)|mB8kWS{C(as9!cwvB-IW&
zVfj|g@&D9vV5W9rMR-2XSi){oc*s`V-J4wSb;qz_I^Z-3Nc(IYIIEY&sm#ZI>ut~t
zJ+p1hSIbT0i?%A7Q(3o;24^SnyOOvQDZ6RIQ(XP^-#xk=ApGTcW0z{}<o>S%@?f&V
zHW!F|Y^h8BvQtLOVO{*12PZHsCp#RAEwFL(Yz4kmY->jpwk|#K)aA7W-1pXRXUh8@
zu{UtErsBC_2Y`H<WGj*Zu({i^yU~5Z`z7Rs-BC`{C;8qE@9xyb>R}yAc@&p<OqNrF
z_u5RIBKA(zPVElH2jG)z4|)C~xw<-eb)Vcxog=3Q1ERZUn&}nSk_pco>2&2TgU~c|
z-*R1HB3*+?QuX!0FW#hxyTtSiIplVfqqZN_b8gA3wF5EgKaUo^4B>vP6}<PTD#3I5
zcJ)Yv#)4G;2`H(pFK7QOS*i9O$~P~MUPQ()oxs;Me{R&A=mJYU-RSO}<Rm(_*=~D#
z_X-`wI;D<aok+3o8#KbyQfQj);~yWB?67)-*=f@rxGu_kzY*MI+Y{WMBCgO>8E52b
zIol7VPSgY(hFL5r3twgMDyXtsS^cmmki)X*UzjCrHXCV&3Ue}smZ%e}jO#z}(k7B$
zsG=9gAm0BHUw|igafZ`ICxW6aU+fWB4@>+$S=1ZR>7l7TvQo?+?!$5XV2e@M=pflJ
zXo|ecoDHJ`vKS)xE1@e8FSvl2S^eg_!9up;uMN#WaK+sf@(BswW>63<YgLUG!olOq
z;+>MNbFO1o<r9?1_KY&7kFg4A<(lqO1#8}vKS!oe5!l?Y<g-+*U06@}_f)VBUho2o
zPw&9z?Z+I7qh<OTj}}RC^iO}x@gD~SD<2bfzp%!)i)4sp>3<ujpUM?8%Jn&YjAK>v
z@K8b)pltpe;rt69$tQZ2L`uZRQ{2W@>@O`AY^c1&=K=(3ZpDUk*4$R@7a%hqsfwfT
zFjyS-0V{3c;`sHSpYFX+lmj~scMW8&a;7S36eUot4}RiL^hfXd_APK?v+grd3(KNG
ztN8(LfXU*~pqsZ`+8=n#is6RG3V(d{$w%ixpvHO$(j|BZuk&!PKliQXg}&2O#tOE<
zv%d4>peH7`*U-t7VT8e*Zc%Q!z4XD@y4EdB>v)I{X{A?6`FYx7gJAP6(vj|;5+;fl
zccyUc42hG!I2~$Xi#<TzbZa-rsG#0vYI+bSV@pxA?VKaWQrKoj8gc|1=w9}sJ(tQT
z2gYSne{H%Io06q;NDXKE{CWfW@@7J=t?zUF6yfUVWYnwOA*oC@BS9P&q3LABy~(Fr
z@#FP2eYCxG5vC%GCQD`GAUc`!wyu1yzOcd%D2o>a1YaM9G4g}69UVk6lQYuL>sPXc
z4));QIDHS9OTvnMeq<I9ERTqa5g3ASjDZQ+@jV5s`8?W&j8!N8Kps~ONv8U{Z5%!M
zdwJQf6gKtfc7k|Zs*JQke)0(_E~Yk+4+Sf2<B2?mHc=MtrPsxT_W4EW;HTq6?>g<h
za%VE}9rDGsVQW~aF`bE88{=I$dIA5TDa9wRo*=iHI%#7w?9r+e>lx}dS9J2nsUGn0
z2i#el4Vkj3d6oGY3T(oHv<`>E_=xI45u*VZc*6*j?&mly6bF8Fkzd$$B@HQq-bu&B
zKNhAJYlqH<c~$c<29kFEtoI}dP@i~(F-lNHoF7PjKxP#^T8n*=CPTvIe1{d>Kr}}V
zuse&9+o<-~CXU`ohBy;%hRyY8gaCA<FgT#a`I%XsW7Z4$E_bByOO}+=Qf&$L?|dW0
z=eI?Y(_01QINO)u(4T3DsQh_-Oty5JmIB=uMI^~He%q&mv)KhNRD4Qs6`j(ZcsS{3
z=u<>TZKSocd83B#AyxhhL+2r(6T{AR%3ptz3~0A|b;SSq-q)APjN9|*3=c>*jVG~M
zcv6KIDthA_htTdsA|IgDoupk=yHF8Ig{B2k87uk@mJ)I^%(iT?_=KZ>;ObPp*f_L7
zZ>E>Y=;-Q&uWCUIL{dMexzl-4;6>EOV~Rsi$&_MZ1eLpSMxlNvVsG_4<mDJH6$rcM
z`KtQx>+nNFDoba{EsLem7Xbj%&9XmSb{;~0$5JDSEJV%2LIu*OBTkYk%8v^>!|u`x
zj-m~Zb#ukctc4n;w;Usm6LmUaG0q3}B9t4$>TKy4@-^z>u3~1yc6b8eSS)lC3{Dq&
z%KiE}U5k-uB4MX`ds53=eW0+$r;~1DA1yZt4%-GuuoVxE;Y+QRch7-{>52Kqn9m~j
z1kG{TFD_tM!8>vK#`(J^%0?Ddp?yzW3~L0FyI(J#Pk3!a5uPD;`|=IvD&zVBCUs>X
zRdw0MmcsMRf4t_cHg!p8nb$XXdDcIWy6i3=oTk%e+|XOIOzr7!d*8@^!jE-ma)7D3
zcm5)AEC`3_={_~^JUS1c`$Th3vS-T~5`41u$=+#WN={7gE2`65y*5NyY(TC}s)_v#
zMo6vc;FrLo{gvK#t-ZUG74A>#zkD^hJJnS5$EA~&vgzZ#-Zy5b)3*!70><8#k6P7J
zH_MFd45^+D-R&A9VH60++w_>4-)Ie{q*}#}FsZvU^i^nA`CZFk5x`ba6I9Vys55g`
zv_a-7Hw`bKAFPc@%pkiPq&Ij`>C~+kr|{ACXeJ7N9>RPiGa0+Ixs;WV7Ab;vvcN5&
z3Thr`?>GB43{8d>qTs9HUR|~gAsngf@_&MJKGO8vzc4rcSRVC4b?#4##>0%gxy}%c
zkbdf9K}x6OhZ<4|9KeP&(RyOEI*H>Gdp&)|Pf=QgbvqTQY5rvX&=xX}FHPqPPnvo>
z+5-|avuWdNTsvhHSwv(i5Gy~6Cq+aim37;1*F#?D@p=>Ks=$8wi<!oHevlxlkz;0f
z1&g0wr+gF%smfC`GT;x&_0!){k@@;tHFHl;XYWXH#4h^DS{_iQy)Q#ghcRAY&C9bA
zO^?ZKf0S&UBrdX-U&ZhB()4k`VS-U9G7}-qY9~d>W_IWnPMjZSedh4q?wzs`NejQd
zc39TIi1WQKd$>N8mA8mU%qj@x^2J<rwqpxB|MaRgj2Axqy4=)H@=`P9$njp~d;bf1
z5SCQ7$i%~ofq5KYkMZGiapQg9S$5qJrP_yO`9*G+Jr%{mnNQTSEDsTw=cay4GQnE6
z@!Fe|a(x$*9P$fwOO0E>MqDYyN5$R=PeVq#dVNUf42c?qB9r!PUo(%mzg<p^($Q2c
z@%!vWL+sl0<Fx%)GSoqs^b{4-=ARSa0@_F>`tvE&L6o!!NbD6Mp?SyAB(hiNv63MW
z)N^#Gz@mgZe$1pbycW~3Ac+ZIh*M{IoW+rh{}3tM#?K+d!a-n}8W-I3`gLVxsR}+p
zAhXMpxs(_WQoCo8X^vdtI7cgt!K3Vj`y(v^j?7*@Oeyc-oAPdpHlyvLhF;cFwLuCz
z2I;;P*m7)b=)DeZHdP2ffz$2Z7iWj<{oEKE+;oL;)NVO1PacM>;P=8s>+0;L_>9+(
zbDtFa+oOVG_`D~kg~|<2!xp=<$`v-A9G&aG)BOBs2dYKHyFwWF;4rpdQQC%+0M#uN
za&$DI>r^RT#cBG)R@_!x%MsTM{me$jqQ5X`*xY)s2jHCVCngzT^AOY}fiPoInkL91
z*yn0aSABY^5z(?wzAZ4HsV|T%NY>%XI5A0<O#hfB;WyZ9^y{%+z<7fJ?|2Gle*8i;
z!`S)pg9qv#T#V!xoNR@CV23#j*_hVf&QDFs_T8%8h#SO}KbeDuC(iTf9tR9!NexmL
z38I+vDFBssjbJO|nfB4LK4XqV%Q3bwjzk&KZ%;h7^&hvDHp11@48v5c#I4Q;XKD2W
zB9^J4Q#TnJt7X!L*29Du{9x(b!9L22!2@<b-V(brWJcQHl@e5Z<E!U&Q<b6aN|3rA
zzxMgw{%H{TxDa39O=|fky%Zb1o%Y5y-!K-)Muq{hCvu&?>bNoSC)AsYsTLwYv0d*O
ztX%hz{2U4qsVO^wX|CR;4q+4nxmqo^O3w`$1?NdQbQZe;41-WOA2gzuaE_$Cn-zC<
z+;&w()hwtADHf8yn_*VGm)6x$38X0E6ypH2{RbW6A9?$T3(9#~dG_!TJ!_ZygN5M?
z7yb^&-rm=KlpRsjx>(E1*YN$IQJin>qNr`B&#KrBq|ZjE9p<lfP-;q%n~ws;3d#SJ
zHPWnBk8Md0p<7P%JK!16Gs6;=3||3%D4*I69lt%KemnX0)8CG}Ov4Qv78X|4mOIld
z0ctI=B>1H>{;YdazCy?0I0U$ne89!hRO%mqyYPIVz|eE>F^1jr>b`8rhfmz`S<uL#
zL8+2Z4+48ZzxmUuEQ2URl?MhN(SJO27PnY>b<ByYP@4|KoyCCqiFVZHqU!evwgDPf
zobE>NSI>AAwb<Ez4?LQ<-%WDymX$lx0y+XKVJ&=J@G7T8wv<=Ul%WJEKdpGHWQ!mb
zkfp|w?oqM=uR>PjKhX;RzE|`N<M^HmNI9J0;zMq~<~W_wm;hY!p5&WX_sazuOeM$U
zmp%+yzf@ljuOw1!7k9z<kR8ZfdVgJG-NRijU1dX|{$)>Y(XXbS)8pA435~v_Vv63T
z<71@Uwi&KNVqZXYe$B|R>fLbdf^iFkH89@ySu4qR#eJ$cKO9z?xEd7OT*!n2e)}p6
zr@9#4DEhiCx6XpZb_1}v-Hs8JhYvVUd_u9auwb!~Rm3aogzviU7J`mnHSklWuijtf
zoyCT4eaItAU>y`#N^#-Z>{#tL_TRk`Y2u}bC3jlWNK%Y!3O>P>&ws)ilt&|w3OL)A
zw7g<A)|=cOtFj9{>m7r0i$%<W?TFj9;?c`41Pcq(k++sfJUpmMb9E;kM$aX8<$kBp
zmDO4*-y@{xW#?2c6I7}<jI$LM($JpE(2g&AnJ=#q%N{dG@G*WY-zsW6*>~E&TwRTP
zVTtxnb3v5u7-X2nhWV#4*(50?6_9xM`RODAPk?N_wxZAQGdAF?dcS0Q3ezXcZ=80r
z(z8x!_p6U4{eEl_rPcC=l)aj~yqd3#ngUM+u~>Y81W(KEY5MrMFF(J-65G3EI^xX6
z$NOg-#>)F!;Us^OWqR0qaxDbHu*HoUnkyen4g0*Vj>n$Qt8jC+m(?L;hy_S9X`j{J
zx}`$T;i4GGVL<lrV|ctYcHe>}=RM06pSp69R7Mhs?EDS9?2~@xVRF^deHCd_|0)BY
zodAhe>O{M&6!UVQQ8q-rm3w9B4=)b~RXnxFGV5K>aZ{P7LD&O?sYzh-3IylS=L;<A
zksL9BJ41Oc26Hr3H?f{-+$9DIO|g7A_=-<FR!i}%ZfhuNNrL54lbw@ZP#97N#mox|
zwjv8#Dj6#(HGHbe-!@QIk)TPFi^~l}&EHth;xULSmPgr}$;+Eb=ysUWR^SVwpK7E$
zm*N>7VAlT0KM<QvySFI982E{fm(|QwX?Gl72k(c05?Cz<b5!@sq;m_fu{^6@uS&@^
z#5c$@I52cy%3imsy4K&V@Zck*kngN_`j|e??Ry^=l%H<jqS@YkXGD5d-SDIbKlwoj
z?=Z7|d8?+buGSa#!-!v0T}Dn%YO7qI)Yfm?oH(TSJiEP3+3}Fl#K1KtL8~pF&Qk*H
zdx&?m_2m990K>^Zp$Wa%DIVI6{O<xP7Ayo98lT**f+2vOyOxRP>%d1Zc|vrElOg|E
z5%}NPYb5BO*=q;_De&*vYi%194Q(oaqO<ZhWajI_>%>LIH{rHjk?hgzdbbI=8kj;u
zWy~=H!mEQ6bJ~N0tyT$cy{ly5bPNk`c4>e30ynDX_RJzgFaFa2(nSukQpjiiX~VH{
zT7yfh=upydP~>;>itpSLVltUuJ+iEE?Z7!+i5&Qg+#;1!PmgaLorBOF4j;KLQ^$p}
zO<Id~Cx-Loo^URbqAtk*k(sIx_mN8RD9P`G3ZM6wmk6y2$oiJN8AhXt^=U+{)^!*z
z0=ps$QpW7mMxCOvL8|nrxtnJZJ~HmE1HZiftnDS&{+tNxYWR7WkdxBzVbtQ!X&`Wj
z?cw~&$5UR)e&FK@NhaP!n=*(nKU{fBIU_b9BTi6=ml<MiX{E7O`hCofs^_&Kbu-fO
zZYPgPK<e#Bx1e!&mQ-NV0kdTy_6+arZEH~zD^Pz*>HrV>v()$4kebx`RMdch)jeo-
z>Hs$Q1x?o1*jV)Bv!-0+($jiS{RpsGILtI`W`hvQ5DAdUi8^cWFFP@eS4^betXOxt
z2eN&?kD-ivOe8EyDs1I-dfL&y@Irh6i|4(eIP<UR*<7WJfp-ych$Rb))Lq23&}W|E
zPcnH+_9x;jB>1(Bb)~sl+ErOGG7c|+-Q)c!H=W6VJ9|X5Zzp>mwcJ~Cjui(Ol-$F;
zrn~p-Po!}jR-02~`Kgl9<R48GtP=|zJAVEcDeb075i0X6Bw$IqY+~paUn|$((g&J6
z=DVs-=k~Dh4&Rq;L0b0Lo@$3BjPuT)f1y1tPXn>w37Lxb($l>c4mfWSiAmv=_0N@a
zj7T&XZLciyM&1}YXLa|U*om<Q9BzF~$>aRU_0=RQ(rX4FH)?RVv_A13i?)i#(eCH+
zV0Um7SIttQL;|X6H<F^Z+fIL{4X0J>wbqr<lA_;@e396@RrPw=LfuH6hmR*(>t~rq
zkxxWnmBARHW1&^#wv1)sU@a3A@x<@>hJ!`)jS4(x867sl+hR_4xY|gLfZ7QbRe58F
z7?zGbifRQ1j=DUD1*S-<H?HyT9xtkL7i{9$oGsyNb=>;?9?NL{M|kf!z_K|)UCfhG
z7RUd5vbmwTxYO@p3{7!XgG$3WdSQ_B$_70Z%j1xk+Qt`B-xrQsA56!Ez9;V_b)LrQ
zEEA;o5ml(zV1#?-=XARyoD~pcsn53*xjiEZ4#1(TUYMQKA9oBZi|*idQF8ID(ps#L
zr7Pc0Rbh7{E!7XD2>$S9>sf0o;jgDl?B{uzs(^Tj?$iK}f<G3?tboke_%hvy_d-at
z1O>PD1^H4)dW;u*A+4o{!rVx=3a|f{o!zg2re6bk{(h28;M*aKTdctE1B-pn3Y)-U
z3BtF*IqEqm5e?Db$+H>aPMlrR)pvc02hD7_v=jH@e;d`GG%ROOdx`!!_O#oNt`!u`
zwNcbm31V>2NxMIrU>IU&8PaOo*m_XoyTP7_YGcauL@31?7edFi_0j}NZTY9t^@|cn
z@~x-VGYq1P*yi5x&MyLKAbw^)yXQ{w9%|+SZE*9a=ZU^${$>7do_<Q2f<N>QYh!v&
zf;VT3wbYEvG!hf$AqHG!18}?h4~OwJ{7Af637?03&E4_)EMYfJxVcY~q$ZI1bTZ+Q
zj%Sg2Jhduk6~zkOj&n4mLFCtOF7HZ8<2MctQ<~~FxxcICN2zH6d{@mKzmnVjskufG
zU+pLL#Z@)7ir;s12!_CRxrV*8Np10&RWnw-d-;y&GQSkf=;tLAp7|E7MQ}!%XtnaQ
zIxBV9SA6JlxG9iCW3xc;xjovw?hKoVn|GMbl~d-fF?}2Aop=r0iC;8k2%hbfh`LY5
znTFbO#bnktSjv$C@_m?f7Jj(8cT?#Z7uN)Fz2uD{YQgs3!o~_}nq!NPAy?vHw&Nsv
z`+>S?a!@SXX6Yc$>1o01d`8SiWG3jn!S8U-6l?a8ad?S((&TP@bsfcE|7C4ukb4SQ
z+A8>2wK{31p?iF4@H)}vQ`5&CH3OrvrZ2T`d`Xfrg<iIl-T<iS!VlLQ6>QD=wN2P)
zm1x?)EiJ5-4nN+N4}Nk;zF%lN=&JrgLjAPLetwEKq_t@pf0!i%-<{W&p`aO)u)xSQ
z6jKkgxhrI5&2x(`zI9w7oZe``Ye!P!NmL>O(bNdl_z#@Uc}kUM2jp%26`$}UiF7}7
zww%q3XA<~@bxi~5vfuDl8}K&8#BjTWUMuhvz|TfMM6q)v5qeq$+1C~Z3u@f+cm=|i
z;<4c6`{C{;;~y=Hx$1jIaB|2H^JRRG<|`-6iNKlc)=~vwE?0vAYlhLA=CriR2~tWu
zUdBW>Mm<WZ3gg8p3tKV9RXYXjcJU)TP^CFP+|-K9Cj(W0`L9*MUuSO~b$*2k@y$yf
zK5&fhi5t(5?QYS_tr*s|*LtTqc4%0k-rqaIdIyGTv<WH|y@(5?w*U6WI6<IC#f0;{
zw0v`-#uT4cmc?rSQyN#60~W2N&&%09hPm1W8iObWU9}*oCk^eQbCoyuEYT#jVf%I#
z#%*bj+q7Pe0cAtHv#ZLJ-xVqLtPfwUjbs}L*6*(C8f9gnGT)Myw+?EpT82gjHP2+K
zM-*-CWZF8(XUpYo)VH7Yv6wu)xhjPbj2D+Z)rAqz>~*gLwb(jLXS*S$_)e;zD}>68
zbUth^n&0b`P*V9`ZL^eVm8kX~)0x^)MxNc&-R^g;EkIRQSHu}kw6HX9{cn%cXKn4&
zR8*}O13$#&!kEI<h?j+M#FukEdiJ}Rj(fkJi4fzq9fH!@dvcUjl$6*1jGBUo)-k`Q
z37YE~p|U%z%?<BUnw_mv4s{vC`srFu+(nIQUFUz6RQEW0jGl}!3JaCzyLrF@LSQK!
zZL!Xc`2hAs^Lf}4pX)mdriJqpjf(qpXrA-cmK&@iz|K4u&E97(>(+xG2lg7QuUbx9
zt3rHKxmsm|qg!FSrsLGpN|_7sV@)_viRDDDuz^h_U8_=w2S1J4`JdQsept%?9cHvH
zXB{TPazwWCjcYU5BW&&!Sd^tWFuUdaC;D}!9Y5fNrZ8M;pm?a}JhwV~uFq#J-fFH7
zU+G?F!_@1Uk<$`O2GP(v_yUC^pB_mfY9u6$T+YdwQl*;`B<FdYD99Kq2Gq=4?5*M@
zMGYA4&6I^YV|-PWJy|7=CB)V5=I>g^cj6$ov^LOgw)~#j1We{$)MlU}D*DQCvi$X>
z<<EiFcSbVmv0f%xi4w2r&_uNgH@dFcXMdmfWf*J4(qdMswQ&va_bAEavuNpm<n^l~
z8F8DCjNcWiN=BbH`!h9tGT!FC6UPB3+>Po@ih{>Mb-z(p?(gv59thtHez2@KaU;bE
zD~*l7^sP;ap)f`)%m(tO55(E4Quz*p1>2<n#vQ7_b{?96dmfRz%{s!FUnoPd$&SXi
z5<FH9@uXPW4qSWR^Aw%w$gGNgb8#MAX8pc=>mojUqPQSM5<Kpm_0U-wRwJZR)7f)B
z3vnC=-!Tlm`%_m`(?CgKg^*@#bh++Z>`4N%P4Pfz-bU)q$pyoL!As;h(N9Bm!S`Ny
zfZy*V5uL`jV7AuJRyDpiR?VEg<Vw8Q$-?nipPUIu9Gg(nK;J{)wuE<_t8zc*WJ~jL
zJEFdlKis0OOeHoWpzm@h+vkloNNhE0<XV$88|g*jSByzjR3A}ks8njb`flI+mR@dX
zZE%oecr*-ngEdr2KPF3KLhseJG~W)oz`=Thjq$4H>8CIZGUPu*690Na246lQ*T@eE
zlae9-VV?NcImkcf2Ied&F_1NoKa7|+p@I+y`V+5v!2h4)n1lE1R&Y2Hg+ics!2+h}
zFR+y<F9=<DO|7iV&7epK*aBwB!5{Cp&t8*$_#OiX3PG26lVke-ISM#NpotKgj_-)W
zpa?jc596{hIx^z_bAUj>QRw$l{*u9<a1@$X<8K)l21UkGov;E>ION(%IP{WC<1Ym`
z2zE&#@|O&T5I~}7HvW<!Ah1hPl)q#!1PFQ6hX4}%PoMz0=6|Ax2_QgMl?BkO6W1II
zfG)4jUryji1o&D#DB8=FdN45j^0&|b>R$Rs7bqNdH9`;q4gG&B{!<MG2cghZBA4aA
zK_em8k%1ynR|ABB(b!zk1t9<^?5aT!5{bGBKMabxq>B98F&KHt4f2-^g!X$?1_mQx
z*Ajt&{%<ho{QsK?1O&cX5v_c=(bQi~z%cM-2lz_{gMqF$G6)!c6;&_{0{XYTfA9wj
z!2TZwQIKm8!ob%uhC!g$+6NfjX#VZwGEy)C4a2pdAprcE69^2w8U5ecp)Vcistf`K
z!>&RNgF!*p?V+hduGmBCUNY053-Dj~A<+L9tkCOGL(nbrszK=AuwI&mz`>}i_0Xxo
z{_3)q_`@K`OX8i&@}IT<fkVJoA%q|y(7%)~bzyMu^~MT<{Hu%oV;HS_tt~(yP$+Os
z8HOGouLJ{wqFcxn8Cv<0!RWI5Cuk@f3ceno0P<=gFenuCKf1ubm7!NrK!XpzZV+)v
zb@Z2G7!(G-3N>2y8mcgK*ZDhPH2yFc5_T<PB>WnLa4-n^w=xI>M|YB|!3e;imjp?F
z1&AJ~QCBYs0)hk!09Pu)V5sXi5IE|3FA)&9HqgKj@aqE?+Q-#Phd@GM|C<PazH_;|
zn%dY~x}q7E82Qz0d@LE!4S-+G$qCKVbV-K9$S>z;<-~}_7fmC@FDJ#QFAR|qKuN(7
zC=^l#Dk%k*L_ok&mjeq-91aITB&9|F|1}IR8Lr&iDNJ46y<9D=@DV5kTmYYqO<Gw7
G|Nj7gl#}-W

delta 44977
zcmZU)Q*>bAwyhi6wr$(CQE^hSZOquVU9oLcl8Wu5VmlQ(ckR>8S@&T-&Dq9tZ>{(7
z_3>waK{NzGG{A!b(?2#{Hpfu?PqY>6?bC`<S+a5eJ}cU?n_E(@qh?iY%?03qiKE);
zTY+F?RQUx>_U{7<vmhb(vXW}aaudjHunNy-*Nf%8w~(j`s7XL}|B##5+}7b_XqA!b
zy>@1C!AVMtp7Ixqk>Ys<?H$e?82meEb~*Y>#DT6=Uk(lceBV#y0v%lS+tbIyh~Ede
z*;kWtrIz<Q)UiC7I#{^{(&z`-mLEzO^-JiNh2A`kes=RDR)#e7N91J0Dm<s?y23Ct
zR7~pIUTsIPe7Cf-SrF{r5BpqJg*j9I8j-&gCpD2AnE0W&NZ|bt?dgd1|Eg^em}B@d
znT(Yx^xgsubkjB|*|Pdtf*%Ii0{8)yasFFwh611Ts<$yb)hfgEhS6}E$T^z2#Tpv=
zUmE0Ajq1lCp4jgb$CvFn&%_ot7UY>ItF)ogMT}A>_5=`2^RM4uPgYjDg#lmI^H3|z
zqOea{)jO|-2zl)h->l*B2HF-KyjYwGjQ&a)RA@ksjXy?)WPV6YKf>xAMja)xa1L2a
zyjb(+iO6Ojg09Q{8uc<_>>JN*O*(OmDhXB_gBZt*W^QED)#glvywr~e=c`L0<+jR1
z<Vp$ds>EtilUU!VQ#_0}{U^)Gd+x>ci%n1B<D2argdjHsBOGm!e`uPvL0aC)hn5Id
zmz%)S+Q>TL2F9xth9-kts-=vXN#l+N>qqn0ebvX=<>Ci38<O;>=mvs$4=lu&?=t;u
zH4%dJGn^N(CbU>lP(8XX_cINY4r)ItXR!UOc5xwLQ9}5Dr&k3y(_s3l8l*%*oE_Sk
zrZ%f%S3M%K*-WbdV%I#3MYwJL7VLfVS^~f$ado_`JJBi_7tYJmV6ahC^s-t6nF0x#
zx@6t#gMof!_1Cx<$b}k_F%rjYO0YZuLHc9~wFE`QYd&@!KTQcR`9J~p1S3f>tzjEM
zkW`^^-2j_n586iy^M1N=(2KOfKt#ZeChU*H-p#<QZ~K)mJCk^yElL%_TO+k0xDR|b
z9@;d<qxUHcvtX-$^yBLt+{qX;J}hyx;X1O+S(Lsx@Y~+-7l`Jx^o=r!*mUApgd(v_
ztrnx`EVujP<TqjqLSq@POyO}tw)9=RPSe5!jw6CEpw%Zv7EQvnOkIG^4IT1lvedJ_
zjDCSy`r&@h3`Iy>N}zpfcoL`QEdw%c%wfBw?lABpqN0pAUjYe&<yXXN%dQdN1=wI1
zvZ;y8<EtD@@+g(}ChNvIWCp6uerD+T9#_eesh9g|=GaeoDqBiI{+H{IT2D-i<_i~6
zQE>mv@xk+X6eTh4<wz=1d%*O2s&+M1#$8)NN-w75qmJ+^E5iH$3a>8rG(cp*<H5QV
z!0WBEwhxcm9Wlx2Zb<T0R5W?F8Ai?B!4$Aht6+!LblXyrn4^7#fuV|b{c)q!PHKCl
zkrBR+@G}9kpOOM-Ic?1E4Ex6^)SMOJe~w#SMNLZ7W-rZ-vGAhP9+M1yduCH$Tpy)*
zIp3rXMyzFrC{M%7ZV&cO0W@;5!}jb|rI_UZ?%A}EogqifE3x2{J+4T)WG7H53p44*
zzg|~b{g$0XBVl9-sh;noyThntZQZJPl@PtRt8%@?l49YY_{U&Mt%0;5f=lDjJ&ONa
zJRWQ?3HH#H4jElbl@7M+`9h;1lF-kz%?abuInyp1%EmfYL!Lpw1-Q{H?h<%$MEBhM
zfwRjCXZed2;@Z@2wHbV}d7T@&#N>;6snU9>7ewyd9;Q|(PovhF&Of2_bi~IT?Ui*o
zUpIE-*mPqybao-yKDI=wEf@eP3qwJ(en6jkWZ)}bNy|+Z+b;{{L}NZtt@4WRD0*(-
zt%`#B7M<>k5ryg22v9;75D70R=h^is(#cl#U>K`y?~(DapOdK*uT*)vfi8UV>AEN+
zJbDZ~+kEnOoO{{yFCAZW%hfX;k*&Lo|Fgx-4U<H07Kd99Ktr)5UGQ6rg4k|*co__E
zy)`U!@5f}E#oNT1vw<u{!)jNv^CE?O%#kTpqe>;OypIyW1dM_UMasNG@6ucptx39_
zW#Uz?=W(@v1VLI)N4N|Pm3@8ca}RpZ;_r05t+O~l-s0Lod(P_rBSSNXF-@`@2=!Y|
zF8j4$4O~`cv~K^oBn<jZPZQZ!-e#fS&Wt5(r=y^}8a96?ga#%t?gqoU4H8#G3EOHg
zqT74b9<nk>1Xx2e;(`*oG{@u*Lh>1hxZO)HFgjAxO&`?pOaGJ*>>NQzt<w1s!I$>v
zR;3u26trvU?cPN$dapyRt86`L!mg)OzpvZ{RY21vCzBtvKzOP`?~@&Juzm?iLMJVD
zTGtqmlXRe>>n?<_02K!h<-YY*-IWg`Zhc@itOpv43<&l=Q&;OfrGF2;A)#&A-##*e
zF?A_vFATyd`%+zSekG39A;+F#a=v~?d*IOfi`Hy;LY}(ye}CG&T^v0|R96zwDXoI?
z;S0xCa(5Lz3DrE-N!3RCK0c4<OkU8wz1}@CA3q!`3bx_%w`~6l$ok^SF`D`260hIs
z&)ZgV1dbmSob=?i1l{QkHU9bq#+F>?3%32a@y-Kj!9H3`Y-&Em?fNkU6}-d^(ZL&N
z2-Xh;RjM02H(pOHyrTEXgFh{uzs16M%AYWH_E#oF+O?#gt0SSTtmINGpj_@Sl0)>?
zK5`f3+ck+<+OyGTnxtfwvA02H&Pd|R)g9331oH7621n(TY7B?-o<lnJs&0*<-hrv-
zH(O$Jaun>zS$yO5>Jw2MuYP6XqBHnShF5Nk(|=4C!A|EMSGreoV<oa)YN7?kCmM?R
zwtt9oRKvW3)3&u0U*ncra6LW)+vMMib!1T(<k!M~jrX|f6FHO3DC~rTS`13zMZ3|$
zX_ys|OW~j-y`?*vTBt~docY~pzuYS${sx0EcQA8xb1^ruhx^Z;<4+qnE)o`!|M{}9
z@^JsZ85_(09SR6AE0{Z2x>=F1v8I@$Qvw=_>YFSmd4`|#ZsPfa(Lx`j&UC4%V(8g_
z&VS8?G(vK%H8v7vx?B<0m+~Bjh)=#4Cv5j^wRbBAK;WPTPP6wcP7LnOc)LXkLJrZ_
z4n(<0-H#EB=~-ebh)9T1;Ov8qP0SOEjs^O8?9R?MQd_D!x)4p;j@28Wd|&%$b^>?X
zMLZ&@tkW4;;N|0Fo$6OXk}4o(=PdC!s6Sy&%b<Qkkz|jt>VO855UA-f>M*3B^;BAW
zm2~1z_;Tz<UUU(`BNi00ATSE%#|h^VD+hkK_`Py+F(8vWz&YTp5G2e6S?V-FjZ5i-
zS~V<$G3uu8^45#C+huoM4PG@}xdO|<3W#S>R~j%9hWNqC=bQy|ad6kjB0Ah@x(^YB
zKLV+&-^mQpWqn&#iRWFH-*L=-3)8>2n_kedX*Ykk707>$<7;!vzJu%sWMR5LJA7gG
z$aG01>`Dj<bU=tNdt5Vn|1-o?UgVq9=++jF<zVNKUu3=ice(i&g2m_t?gn7e%Qwmo
zLXQcLjCRU<8P)00TUfMnxD{Q%oO<s&i<c_to3UAHbwD9e00ULsP7q>9&e<1|HIh40
zBZeh<xz$M<sQ|1Us@=<dF2sekE{22jdTMVI%;z8T>Wb96p^+?U*tB-IC`N2O2^{Qb
zSfW`7XEr&QJ^q%}BX2flPXm+NZ;YE0V<;nbf~DKX_pp+EFxyBLwHt^J5D;-+mTY73
zfBwocFR2$DYqRMW(|5ql3sZ;tC8*vo!K5$@PCRxf`wj0_%4xcn7#tCUMbo+q{>FVq
z4O==Ult1YX_yTiP;e7pH5@lokzjEXvVrBiWMmhesMpKOcBhhJHMb}L!wB8GCh0Zp*
zLo85JsGad+65geaoV69X8VxksR>)*>SXNjT5G&ojYsRDg<nNApOO_C1x$V-YrZjOh
zu*|cwfX_GggaGsW$t>ybmTyCQWdRS*y9-$D{-!6RYDRv&T!H@Bvxt$asDP~I9}PT@
zTNLIoS5d^Bw7~QFz7yN)*~f&Ae$TNm53^x@-|PF|SC6lQX^PIQrs{~Uq|LMa4D`LQ
zx?BI6<{t$LhL(~Z)YZ&O=-g&8%TWa#LduIzVQ-v*cc-AE5mBR$;KEMeOiOh-jk8>r
z<Gp9TqppyQ|32946ZRunoYB|zUXnIWr>)ynLEsmMGXb7*=vii7M`6srapcM@5l^G=
z#E!P*>-MkEmhJ_Zo(ta8#6Blyoyv2{KFd2=TOLk@TQlm?Y8P`!Ykam%x?GnAz6f<I
z3SP6A`PIG5#6K1{vCCn|FGia#pPIE!r{TuW%W4j@(;#iHDMRodllUzu`|!(ooDZpN
zI;)9ydVt;zA9qd{L_glU=;rYYsebdnD9|hLt0gz!+=}G0Yaj1T{+IaB*_jN@%iW(d
zozvWRs>;%;@B6c>PiwvQ9Vb*|Xcjp!<!zl_&b%C3Lb&+X-F-LS$7gme#vJ+y-KYoz
zVncp!%@<w%!_;JZ$MaU20+(0oVCDoJ91>jr41vSGETi5IKletj$0tSjN;4}tY;ixd
z5je7#WXu)1y>3H-3;U$xD|++RX%t&o7(8O54gtg$)9`FXa8?%sW{uxc_w1Q+Nhzw9
z>ZNvkhdGG!o=wKy>g+l-RS^a$;76J|TnwwiA(>6B{2ME%0v`Ue->yz&pAX`w>jPax
zNkEv-9$qJxq>3PsM9Onh_E*n~v?FCu+HX?S8oDgb<TOmZ$*#%?q7Cxva6);(F(l5O
zQR<YvqKo>qKCXYToBk<-&~6K)N$yxwqVLHTk9up%e=Xzg@(&_Vb(V%UybYJ9W6kX}
zvBLCe>F=`bn>mfu@anP}hy44xgkAJ6p@4AMw)e(W(cb|-?G3BK2(G_&YbLIkZ10Yw
zY^p<{^Ob$1db<b**(Hg>tep^)i#JUiAc`hU<q0BUx9`r%S8j?BA4|6%VON`R>QbLg
zxh3Mz!v{)!fIs;gUSCXy1kusFCUQTM+m$83pWv)=5PP<7`kWF7U*%+BUNF%jvI8$N
zKbaJi)b`u}oL>}5v*h6VKlP=5{u<(dl=b~xV8&@;EvWANcY?|lBY%)L2tSO<Re&4w
z+-Y^9RpE$YUo)gT2FlXF-Yk6oKq-#}(_wgMT#w-g;Q%E&n9zb-SY*Rpx;bQursjFi
zzbz4(e)!!P<ygS-V&=xi@dC=ua2zmt=GEjAyVin_=&>?;H2lYQ?uv&?GQhX1NzM-m
zA9OdB#OE?7iln*CQJ9G}=MD~7F6-(=e@j9+Vq$QD^@l7aE;3{2c37f<lvipBSNPFx
zG+`~)^O!_yu>24v=mP(PLicBzZu9DH-=P$vuuKBw$1jw&O%eLT5XM5R<T1d-&41N0
zWvsN9^B!+INpl5(1HAZGB-JKKRVcQY9NOC+ME#ZLrG=XOx>|k^sWPnxm4u_FP8Z%@
z;>$wW@-)U5D1vR4{h_Wjbubo&f!kk}`Sqo&r?fZZ!d9}cb<N$#GD%Pt^C^q&nmW&C
z%p%13VOvBQd4E0^I$0Wrykvl)$k~ROi<XzaHQsSYl<xxE>N@rE{7%mwj#zU+9vY`R
z-wkUTXMA8tkd)C^I*6&fn2{11qNH!ulRbT>3GCO^x~K!!OgC74VksJ{p?5e43CCqg
zjhxPof&pgqh*3Q?e5SLW1J_ls37nm&e=a~>O_jkZ9$a;mgv=L^rv<?ADZal>d>zST
z-$uffSJr<MEmJrYzU=Ll=$TD^WY|4AlRMXa$SZm?i6X>us9A9-_YqxVccI$oJ4tv|
zJQP;%0<4D>3U@p>c=L;P{`4NVw(}}k?&&!$yvN>-r=8@ym97J{8T}w-pO~>%@i&rh
zc4aUAGw!kwY`X?!t^nd1C+Z$`U}2~9b!I^5ZuP)SW#5}%FiI_f-)gl%+xbAQ60DGx
z`$qsfhqJ<Z(nXT1*j{v9fS@h}I)OCK1E+asWfG`lTUt&8xv(S!d&1JTs{HEBk%C()
zMs}QPNQj4Sp`L@f#f3E1JyfxBy$l1ZE~X?upRU^Stn|tuI8ZC~DkQ`)Q5zXQ=-i@l
zSTcmonC86bX`~DSo$Qg*<YWWOQ0>z&c^7T-C`h|C4lUEG89y^1N=l*DnRQs_w%)ue
z5buAJ^?Sa#9r_0Mkb<;BOQSX{bbS@A+ge&kR4X`!;{3HPnG-~po~gHokC2s9x;YuD
zh&8VrKCsgF4qyn^k7CS{j`ERA5zbPePqEH!zb|7XedxfnQaGm2S<3PMGn2OD<`syy
zfsb?95`Ur+-xfvP4pj@KpHjhgw0A^H{i@JZj2nUwagc->%zQi;b59eW!Xp5GVkw&~
zwtVOKd-35RceWpOuoB1~4k+cU##?{*RSSbq*l$x~3l#FB{AyrVRmPJ!9!o2^&=OOu
zIt@M)&ptozCK{DS$65@PEVpUuVPO&yU@{I(kecGoGNYm|1+0<S3Kw-&*ah|~r$OL0
zRj0mkJPA?5qfr#sW)@xrj`z4N?{^g-zFyC)f1i{af+XkpCK0>NDt~kmFYpzr4HmdG
zbf0>@0DU*>OKQZbHlT{hq#<CxTB(WW+*c|tYczPsNlVlq^tu{Jjo$RVx7TULk^huD
z*!VVM2+HtiG{`6}<5z(kjtQi`zuT4nl!W~5`|G%p*b&V;H$`hMy@2@{TOJa!bk^0N
zvp7qe6l%Xz7}_%j5`ocyJB}L$cbdbw{cJjx0x)$fF$QY?0VfBO?sqpA|9zaBUA?B@
zGoc!5BCNoU8|uh)L`Tm0(z+6PU=mvRr7X~zjZQ*9cHIJj)$^-U=H5MxP)bq&mgG6s
zB!Qm#6m9knt+(dfS<$4}{9S|#QT(tnohD9I(muuu$N48np~O(^@6Lyep;#9q#Pna`
z69D&hSN>lMb=0JmN9#IKFAZmLY)qIv&+zuEg7b)pWg8<+2`712w2XE+S07Qn!6ZC(
zLM#07VdxwQa#;j(CCd83bTQPrw90G_c?Pu`N_W+<XK6k`_P}{WqR+SWnK%VleP)fm
zoZJ90Ft4jMu78Nb^HX7X`%BUl4r+yeBY_6r8ecS>qXLfMu8#%qq$BX^C&>9d9QTS4
zj}FK{*u10B;^0riSn8}q^$M6#nwS>Rko9mJh`e}$)<t-yp1}os=228V{*{i|hp|w#
zK%tf+60FMj&8oi+nkQ{WwWa#xx=V2+yGzv|Na}lM9hdlut`Q#DR-7krqT1WVRzUG+
z&0I4HtPHu@TC?HR@+FN%cdgkeb_i_WDKb=ks#+fYKT!;c0>zcJuq&yAZ3T{-@CVaP
z$(U^%r*viU>{)Wx-8m-Lid6@r1^)A&iK334rWpicSfhd!Hv<={cGANtTL++YJ=u6*
zrJSbV`Kao}sLK2!Zy4>82~K*m7l3KI|F*fsOOdiQ-+P2h{hMNy=vY)u05{}<0P~Y|
zd|-&U28yPc|JdK@HKf7nU$%G}{NqQez}vHQ@HGFn|L?ns1BcJ1>}4CT1%=pF3e7ki
zIl|kzmc*@94L|l;w34+rZ*2j-_O6nd^_!Td!Ku>jgve#W5S<I;ozjOt8$hXo0%6Al
z6eh&^grQ(qcHFi+X5u!XXg%%2Mn**zxNQkPPkv=#;)})KHAdU(mYy~z$>2@=+W91v
z3Gw{!gaY~9BCq{;s}=l>Lh@*DzP6k{i?J4SHXX%Su^kuXs5je76PclSB7swhV|DKQ
z!CGQX)JY{CaP5WhK9#*}cmS}d&^&n|eY`Vg+@`>Mg-B%f+Gm5WU*KSHs?m5_9i+pX
zX!Q4@{jj}#1sl~YYt(*yuXb7~kK1b3uu`q0>v8RkUhb0%eZ!lP2LEgk<lCvpLm!%~
ztGto$<Nf-JEX?haLS}xdCHOHCB%~-<FdP+{cw_Tmd-`;@OY`OF8ffViEgSyDCU<mL
z$#+>e5Bp9I#&vnjPa)((ZCSZwv(-<?I;$?b-km|V`}&zQ^L_L9OS$FB^Yqr;(m(wI
zK1%fv%*|aiL$$I12?qq`LH*tm<SDwN=DqU*lxNG~?cJa)83|VWmvEQp$eJ|-Gb*yO
z&9i{e*<<M!W5HYQ7XU|whvA%kP}WAj`po1}MA}BI<$p26(`ck>p1<C<W^FA|5u+_n
zE?T<x`D2x!cu5bINSX^73fzX{`53bq%fJR@oRqlfNNRepvJA7!ef1fq3jSOOgE2!i
zt0-sZy1i!2F+)u;Xm?CEVck70MwEYCWqxR#qc{SMAidL=1dx$n$?sopyq}i1iTK+~
z#F&)K|Dd;h`|cF^==RWjJBrR%QrI%_{c3UE<a!j>@@$D^$p3D(nam`#Je*o)mZRH_
zvv~>5Yo$LYsnF}dTz=x%2mC@E+ge)C$?;m-yUJO;=Z1gkUC6Yuv{UEe?e%l_dD{B0
z8Rk`rjD-{D2jp`Y0=jqr|Ht~6#p>#qjEr*ad!RQL@MI-M4L>zF@D{BI+gJzJlm8{1
z5-6T<&CO#|uJvF)cp4ujCAyw{eYYWxyJ?s9ZUH?~FJ%k)nQ`51!+7Y|5|~6dxLLjF
z5WX(-?K-+Iy6<Cc=G)A{R?FFnYbK|Ph4v)elBZGy_?lAq;^=_|Mj{X3QS9f4D-XYq
z(Jy`}ZODshU_1%UN*#;$jCwTidG}4loS6Q6vfIQy^Y-(f4KRwM+G2f3mK0HMbLDN>
zv*zhju96efKx@R~V9WXsthY#)e1}G@3bCnY5FDZUF{qCnH&h;Ck-F9U_wqp#U!opu
zsG<QE@T>B1RE9{2u<xv2r$#~W){{N{`;jJ<qTNKgw`036(ERE(On2ohRCB1bBX3qy
zIY)^~kJZ#o;d&c`H}O+h(D?Q=KU?gWv^Df!OPv}r(?#6bJ`uLJg#>h=@|o;;%=lJ7
z^`G2<uZ%LtGpZ;!Dy&jqkDO<tNnKW&TQijxkc6FUSxvH;6aQq(6J~yp=aBd@5jXF8
zr2~QK3U04>9)Ww|M)+zwtaU5=R}rx#&xf~<ByTtu2TAsnDUzh#5eCOC4SyH$gekVk
z{dl}mTmvMDpEqODra%)}fr6b1<-BqTePY4ucbd_0ObW1H@C}mg<aqnvrJe1+3p(fj
zUC`Ni*;)SIko|v?CHDUzOB5;RYUBW-#BVgy=tHzZ%o|&y`x0N!#NuI!oGZ7>C_=Oj
zo{s0gu5};uWSL~e{apoTCSr3AcNd}A<rVKqM03@TW&!AD&=>Df1`4XfDyd#PN^@^4
z|HN`tkZTjrPcl~NJ$rk~guAtOdO!Y6|Nb=jSI<w~ms7l)qOs3n0A#YD86N}QD3*DO
zxweLPc~<#3+&m%|Zu=u^C9(^QiK}mz^UO4Mv9PVo0>tmBS?b>FcVPaHcD+D=c*r#p
zQye(~ILIpeG%R4^F>;oiBp8&r8>4?E8L~^9>OAsGrQ#4ei0)khW1mDWtjhP^2qf^S
z)5<I5dbV!32L}9yZ%O%;6FKm?ErjXaDekULXhX^7X2fZ_#(>~FmRQYPtLkec<$obS
zKavWWnK<SeKdVxgbc8m@Eg?xTcmdS+-xN_Ir0_)XV~qL?93NQGfM+yqb31+FR=J7A
zcVbxS-QMjrKd_NN5jwpYjf{J$!>8~HFe5JL3kpM@P-o_;islVaW&+`|3zisY%#ylk
zIvFCas;wt*%l!$Pap0F{o8274jkJ7as&;VSD_U;M(Rk+tnqujM^5VT@c@hJQYd0h`
z&f$!ArVFc&rc9V!u5L82jc{gI;TTNEo*FBbQpZyXoyn&#vCX{lUAdsX!Hcq~k|nWE
z(p!p_D%%Vv-A&1K%0N<OmtBxDflCQ#s-|n8VWTx0u5sx8@WrG#FY>!?r6;KQ1KG|f
z1%*MIqP5#9W?1*p8Mu_=RWZ(}i4i^e$;x;UhPoU}Q2-1l6CYgq2`3Uwixk@9w5oq4
zuL3+*@MKkPmhT$;X*y_)pC0EN#|xV^Q%Pc*6Aj~t2@c+=E<klVD^ubLX$DnsZ@tQ;
zf23I%A|mzfCo&27NkpPUx)3n00>ahc--~S^JlDs^YN7g9{l}-)4)NiU$6R;hBRz}-
z11t0dm$sNV{hmUU24pK^RVsE#xO^e@{;rz{T{9}*H^zE&3#QqaF<mKyjSFWq4%#LL
zS23?Ea;VQ9Dj+7X36@k&&q0u!*jIg1wn-a<qx5sudqSZoDouodQZRzRga%zyQpvzB
z#O7yf*zeO`j;sgT#FG}q^@lE@e=M*c@GIMV#kp_Uwxat2$BLSGCIPu@!~-u&dx|sd
zVVM2Ro5A>Vd!dialdG%MajeOc0#aWhqj2N8rLUjpOF$`V1RPvzpDt-0r9D!3)BwLR
zL2n|KaoAq62V9B_GIgv6+b)M@H`=s~1|mz>8u?D0qxNbncs`m0M5z>~a)~kPVBhH5
z!VLRA9__~<w=OB>7`%rh%aGe(cQDS6l-u+Y@WK<N1#U+`I6&rW_Ql|ZS^D`PKN$d*
z3eT1<0@5?sr97M$THF;!9ylPF^_inYZ<QWg&db@IiD?OBR5YWvzabsr8i3C+xYsF~
z{LF=!MBzJegFsvzW-EzwZY{MIH*Ed&UYaAyjc6sOmKL3b{FZ6*z=K$wUb)&(k)Fim
zRfsBad)QO=xcPrd^1q>ZkQ7{@RWUZ`H7Bv}fzFx@Doh`Wpi6P1_Zg*KwF>Wc(HYFp
z#Ns5Z@~}sTV(J!S5&;;R4kEt5)y=2ZRJ;*M@2se^`zRvvIP$s3-ISnhv57JhvBm<H
z)9)fbqLHC&q)HoI9QJ06siNiU25^1Ol>yVdueJ4Qe3SZ;r~?~@I#_Ez79^$LH@V~l
z0DsK0q_z$twzi{DpSUfKFz~}YG@4n~+M~&#KoRlu&Da~&V(|3=mVozK)PAE2Dnb0&
z-n51VUC`(Xp`5XhI5uzeUNtn&U0roq7tJ!!slpi?T}<!xc;wUt<M`exll_|=kLyjn
zuypcM_>b=y_cJ4s-nKwtnoV<0^7s80pm*ZS^eFNqCm=9jwFh$XXZoMCih!ZE4psL2
zs|g3jN~aD3&@~TVs4UifV;Ac6et`cl(Syh;|6Azxox6IH+@N+x)+^ZU;=%q`Rn70F
zEU2JIh92#E;WWP-VE4>%SN%^r*bZ+rS%GKB&{%hF^P}bDm*K!1Eh$%M=%468z-K7Q
zgxv-0IVb>j5cQvuN9y%Ge0ET{H#Px#(E5qQ<cye4CgPL*G(Hr+FszWWOo9*Iz%)A6
zXHu+RU94sASq&Ea!`;?-`TPK8{GpS#J9t$kG~w3O-H7aK{Hu8Uqh%)<^JapUjEJ~K
z9UN;rSe3Kx@;ZZPzbGX#{;rlD5GmZR@E8io))EBHrDzETD-js;)UzzIt+)d8x<ADB
zeU~LZ!U+hkFd;<1;rVQ@NRF`c8X4-aF3#5tM98%^(Q%3BaV?jN+3k7?9@za*<a#RU
z{44OA!qD=Wy`?EW6z8cSA^+^MCu0|O*1{OiS$O)nBvqW%Y3gw6elYwIAcl;k$ay0v
z4(T9r^%NarR~lY|oSh#kyw|nMN#|CM9ASrG_*Z_r{&%s|B@?#yhw>M!(KjUcqG{@X
z?f1V%`~R5ve`+1}{|^5*GiU!FmsVqzvbJ+GPq9tMPubE%0MLw`WzMf9gWS>D-SPPi
zXCY)R7_eG~vs7!6Fyu@v)gCGxW4_Wp6MSi+yE+|o4+qC01u|~@PWU5;Q3o+lAM4+9
zF0mo(v5B!;J~7>aWI>-sLk35&$048Qxd>V~TsTu~X;$4E?EHj1VXM!MhJY`Rqndi=
zGyapKi~DAL;AHf^U|VnA7r!>%o&4$PZ73L(n0*zJ{ld+};4auP?4#>5*uO;y%OTVN
zZ*(i@P0gR|96T%rwdgJ6<R@113N15|fb?vq)+%9eR#QVyRJR1du{2LG3jw#)r+yw{
zfB+0jyh7;7`OsbX!Zlq94+4xhlKEB8Y|e&tmEh+gK+(Co(1|VWJ~R?4v0<G+gt#}_
z!2V%mEoQq|2I{djSIS5f;Y9O9^I|KEa!FsE*m{^Yf%~gxuhnYK-!iUkMJzgGt>jp3
z$pB3{RWTS`K^DjTq^20Jr;5A?G-%a*OKKRzBV*2+<(C2~v)U3_VD{{?g%P<X;s?@|
z<WL?Lz=IVElD9)%F1EV+WFBP06DYA1VD#zsc<kfen2lK|$Ue9|-rRMj)VWnT2hNwY
zjV!|9DoHymeD`$j_jq@_@8kdPSgrt};DwxSUGKtf5hjYr?p#mIBF9wA?h2>}aD0(*
zklu>pz*R7_n||Yi`5%@D1$MoQIu>JzTNma7{)jbXNuyP$v_4bWTL`p9dt2?vOp^@l
zV?6z>*Iq7;qdf6CC_2S5-MI+HOf9c-8C@N&g-!w-GnIAT7$&ovAa9I%G*W4aIcn!t
zA2{p@?ot0awQ<wq<_{Vk73Vrb;|^tF%@nvLO2JvAiSM}<XNrbO%i(qWSrK&xD@m9N
zTzWNPmYEhA@;oU7f75qg^qu))i?O%w$r)1hj8E+6$fdtmW$~7fpgZhbD97?T;Fw?`
z^@2cQlJvZm1zS{mBws`)@JQ<1N{3#1n;G+3qn6AgxQ8cUyt|O0tEh*phs@#Zid1%q
zrN*HwU;R3Rro2Uz<7btIRTvt%zArxjEcI`@FTs_CPWDv~*DEbZ^ZzLMr))5@`x0^a
zsXb`ae5900KNr@LCaHFot;gx(zxN~UL(6)79?7W6%R9if*t4mYAg20h5ssP*X?e#k
zU%isGg7Ap)r1P^vrzqjsa9C0G5FY)ODW9_M@p%BNMUkeha7qtRC@oep)1o~F_B+YK
zt3bmejl&^CZ7Wk;G{K~4@|a_G+M(C)`XSq>*+{1RT%niAu%mc6hR3ZE7P>4|c6jHl
zri7_=_pD%8dwrK8YEbE#!1PxtXi06COI{I{e%OXJ7A&#Lu?~4761#blo#XYkd;Q0l
zP%e=OZ2hk$x_I4TN$a%k5~oiAEOhern=Aet+Tq%gbX`S3?1=dWs1`gdF+!2FN5?$H
z)@On{sFHSFY5~6d)i|l;e=xDmI|b9ss%u1pp>K_kiQ`Rc^qqbUSrJ8hl_TbVZd^>H
zvd6jLSP7*z-cBwYnYF*Ix$9^HN(SLME9jF3B13g){sn>68r3C=Rqpx%MLB^`A{=~k
zNEo3uP=gRZJoTgnVu^H!w8ZKxMx1*8X?*<DQAgUtVBxqY;Jo8u#|i>L_>*4g^+W6g
z)nL(>Yrx<1)eL1EMVkEaZ`9B2^#<6trNB;sDZwdyh(lz9VR6B})8hNvSa4>xmJjF#
zG&r%JyXL%mlxKOA<Ab=&06S77235&)9bf!^%87+iJ@|A=4J@!f>^9T_8QxHv7#|w#
z^i#6*KYnZF(83yApzmmR@`yeviBy)#uvbzZNj!2pJ{Y9lf^9`9IY~rYPR1OdMVd;m
zmZ*_*MV`37=8Cwh+R}9yM7SYnY}|tWErQ!-iR89g<<Ru+(qB0e1*pL88j4_?4}Dg&
zcEva*uf=-p1|%5GY7dr7dc#dlRDnVv7@Dw%$$ZPO>yn+vKS51om`|(lnMgjdiz>A*
zpJdNbo1zHy;h8}w2$XI`Ri9Z*3sOY8Ch1fSg9Laq(^&ge4R8WBkHZ^Gzvj+po_Of6
z$~n(i#GE;-VmRZS03n?}wx2ATTB|3_%rk~1kI$Cc!gYLN)7uI|cZkm%93+<q=Ao|#
zS<nRDe}gUws;W{EHwY*i6n-z|Tnb(xoW8${#;);g``k6DZFqqNipQBeP)FoWF21gX
zV%zidKm$3`W(SaRKE1w=hp2ZWz9;YeOgHmYyrnui-&gPLzzQ;f9Qi!FGvKHWrkw7x
zO#o0vM@+IQhULB%FtBi+tU5YuocxOD_IGFz)7STpFl;db_v(WFbGvz?rJfP5cE@un
z-qot0$7!y+ue;G#AA!BiIawe6sD{k4)4Y`5d5IOVj?&zhU01Tz2vk9vA+`-taA-k@
z^BAj>u`NsjAE)c0PHWZ03LfjB<|HQ9p+9R4o@r+nk|e#1(c6hleWKN&rZ0sdhb8Ra
z^L^UF07%qY9((Do+p&Zths{a-XP1axDBp%TK0V=GTI$~(B2NOBy7dxdPo4u*HxR79
zGi$eTlOnPt^}0_kM*4SmzCmrG3p@Vn;s5Qp|BpHU&v6DT@Bd$Xv-A9~;+s7s=_eJS
zvmU=Gg*DQ1P7fCjsxI2B0k3^xzR`x}Y1i(nE0<VG2(fG?Tbx5?-n7*8!RHA6E%)W@
zpy`ahl}~}Q76{&$-ks}v-I<0QX&fE-wfK=^M-5R+O-!})5uFVrGy1gUPSuHj4!LkP
z#{3@(k1xStY)3y?y}`P^J4gIn2mC)hy8MJ;e-gYjIAkgLMOV(w-?2E)7<JSi_xHFK
zd#bnatjIY$>Q4AyO8>3%*p3vdF@KZ*OxC0)&3=<lSrc%>pL4&V&l6W9=txw2?n*jQ
zvOh=uWOm_bi}FG61+|UGT`Lyuf?)SQyySBra2FI~jqyLc8@TKcxM6-`0S=s(vISO&
zEml*x^l(Q^L~vYa+2Mt1ZM3i29!hdD$lPxZop-lLT2gnZtY(0_h+c|6qCAk+tGBat
z49Vvm>TJtj#TqoK@?qC_1r?6U#+mIa8<XQ>I!H|OAPh)OX6cLpoqoQp9Y13A4+huh
zxo2(6wOivu4Npd=t@<Ml03H&1rf(W0?gcLXe$Gv=`@vCE>QeWje+zYI`h~fsGvPu#
znaue{M*57*+lKkui@u<w(Up)Va^rAYIa4610vms-C$vUuek3sL6CDRw-VBftJ}&n7
z5Fzb9b%Zo@uJ)fUsa)DtaIB^Kuh3G(wsm(=5VN)7hAkzKOy^Oa1B(u=wbIwY!m9AA
z_$OKvo{KnWgTZ4-l6;@`uR|n>D)FpW3Qa8ddC<$#{1RdiiXg~3`6d3U@)d%uN#qDn
zpvPBGvkr;U6g~j>rMu*Io=&MuMl5fXw9v6=0dF&jIt{%BuN)FQ%N6bc1e1Z9E_5TW
zK;&gSlE46T*EKQ<P*2IzTn|d16DOqID%M@~H`}geVxps~BOuJ9xXv>N&Vf(73j!Hm
zhlKJPgs<X1dnx)vrYnt^reo6<?u1qa4W^G<qWASSrUz^k`Hwr8URR0yoE|GnBkq}i
zWKG%&&qc?_Uy`2PGK&i4=Ah2NTx4mom^HhdR{n#mNl-!va2tw)rv)|)GU&}{Hq%6V
z&tcZlOc!UsW!+E{G7+aP<2E-C?RU*zyn<!iyk^ci#EQQVld3rL(e?yR@SMA$ZqbA~
zqT5!=dkD8s(~2l5EncWWmvoevt+67TcIBpjn@J<a@&_O1enn*%TLXK)Fk%y1ACh9$
z8=WK`H!(#Cn2$k=rIBm@JH2ooS>^8>j;30u2VR6Rj>;Or12NGQ@HZzx2<cI0oC0ct
zxU_JrEI`IdqOw`d9}a{w_l0q(pN3zG<zMlNTz?}P9W#GtOfaFzQj?+}jXW|s(H~Q8
z*FX&)j#gTAbR!xPv=(mOd*t^T`|5z0RH5$YPe|4>pf}?!c+QXnKCG*&Oz>=>!_;CR
zk`n5ao8h5b0WpUGXE$NP&hjwDXAZWTzYtdX@3&3Fxt`uDO9#(`uF$2}{bT`C-6Ne+
z&<{PWVkrHM<@OB6;|%$S6j>N25#aUpapbjm^?sy6O}}7w?fGD4@2LJiFiqzpz`gH>
zes7NuU^E2)ynsJvKN0B4O%BmNze)SqcokZD^%kO|__dRBy8$vzv^0Sue$d>SX5^lj
ziQi6gwY$=)zbgJ#Zy9D$>J)ufYc;s(>0#}nLU&m;dp6>AF9&@4I;f%qP#|qoyfwzz
zSe%Y#s-=cOydx3`G;5&~SpDZp3JT&R>Bof%AWaChJkp5Wq?L0H1s#SU8F$Uj%C?i>
zETfatwQjF9_2-n5a00xV_Z;z!9QSbr#Z58-L=O}NH?gh}Sa@?FkeN)i5gidb5t64&
zCR@*K39JE0VpPKqfR{O?Byor(G72#D-Q@A-vaZn2I&?7WYwlGx2LXkI&>q-n%2eBu
zXvjPvXg?z2Gi6e2L7WEVV$&q2*{?~4d-D@?uy}Lv|CrNX@4RPC;$K$jstTNUf2S+8
zFEQLD5OK#^;80av!xDcOPVum!01CMFE2L@JS<Xb>GUIpG+7_$jx^@S&XbgBIVGA1r
z@DL*k`*UtB!VDlZz}6-v!&~r-K!Du#xi;~oJ%rlu2LfaQXA)x+0ET;bTI;G~3`Ye4
zq>H`4f8>J~hqkuQDk56Uj?#uBV(M4CDm<D>lvT>OoW{6CAsJ3#r+V3_)#kR{N@K-R
z79rXcHdKfU!kf-HE3meUf1(<KjOKE3D<dv$57K(Ox(_3Cq0dzoL_(TJ<$=^~A~R&j
zk2I%q9!S6jb7RjG-QAdn;ez>i__+37mG@Jy)q+jhEUb}3T{-+u(9+M4sFWaUEH&s$
zkJi+cZRA5HMEhF(+*E(K;AX4ve<U2bq@m6|_G|IU;G1I1WcG%_zcpakR$8EW=-Vf#
z1Cz3SJ`Yhg9KKakB!xGI1+m|@6jQ@WBHOfkQ_iee!A2od2y93Irr-N*f8&qDM@-~U
z#yXfprSRG~kWQ09^+xP<Dy0GtF<`*)?xDd-wedXC#W#GgkA)!SUVFB+!~Le<$3;jX
zrW~I^#$2*mV#47%9GCHVZ9GU`e&D$KU+z_Mn5lCAW3`a(^C_UMRHWaX*?7R8%ZeJ4
zhQzi#TH~H5Rgzv|^xhgz=ef!RK~*p_xPY~tiUVzw6ve}Y^>hGHQRXEL-9&?VtxS)V
z)my$PYfm|~Ap}iGfwCn5d~w!dD_kYgqBiy8@pT}U1aR(aSJ-aMjr^yA^q2Uv%;>F7
zK_=~CqjZIgNC+vn2rg+9i^jlx#2A+*2pPE)h{FqqKM$ldud$o(s`cmIP^p3Z9jf|D
z5MMYmB2o=^0zxd*OXrm`kMxOmT!oC%z1Df(xSf2z6?DhQk^lt&bf59hqHQGqdCt}M
z^DF49@T_Az@Zwg#*s=pg1|C-;vN#EnG|em9<Qc)N#e`tx6M0ePvnq`F$7|T>O%we1
zv+P@5^=R(vQ8|5V7U4j)8nuWNz}PgXBc@bft}uh^np24`yVj@aZYNA*+#8eXKq{a$
zxx*!^Hm?kWm`?##k5*x#ADDS3X&vE82J^~7pPdLfra5zq=cFnPKHa#gC;ii87-d^n
zVmnT1D49yLIq}c4g2`=kmdn95hln112f%~GR>k#BAKUzdsI{)mCF#nQsX!INJfv0*
z{Bw@*Vb(b!X-@;79(T%-%f<o}O)IOONFEj;vWE;kBRGMz)}f7CnFwK*m1a3zPYx%2
z`<Tt1DG}n>j{q+sU7l-(kHNa8j%?w69w08Ad6wCT5l=+2yzr7(-=qLhk=O47{*ir9
zWE4ya3Ew#9(*ar#srD(&I_&H}tk4?tir?(sPpr?250q-hT5jn8<*)-RtYKF2(M_NO
zo%l@^I|2X_hNXPrOCN0RfA(a2o%OvwX=!*`6+KyNtpL8?arYq=tt7rwH`gM%Jb_)#
z&L5cc*E^}!bk*~pqC8&p9r;GRtv8rN*MH8H{u7V`67sX^K`or;h&~RUV;1QRrgxm@
z{_~<o3x0)-(b+)pQ7__J$E(ERn`YSl$&jL;P#MVTJMx_oJzlRtMJm}oLRdjg|5X33
zkHnh^CogI+9!3sP9kM7Te;&lg7$n^@;FsfChn)%>dV&2jHFzms_$!3`QC(}b&;GuQ
zTHKE~apk;nN1-1eC7bT9s->^W84WzXM1ydF@@2BT-awY1i_Gm3@g+K*fzKMdVk{iz
z7w0sl%IV?&Q%uMbpYFUrIyAaH={MXKEctIl{x8wu{l8(DjhBNp#Zg2QxYC_Y-sD2-
zn^iCDkqw)OMgaW+eLCKyc)GrHu&Wo$xLixymzhH_jna^rXv&?icC74)-f`{*1tTGy
zUaQRIYCQ_Em1vkhEvWBzxRw47z!`pVd;uDHW5yrX6D&18<-)(Q@b8vK*0E>dKlXmQ
zmtm``v8Y8-><8=H%`9*L#j;{dPnLuI#QiYL`Tmo?>%X6F$Bl@?zP%o{CIkC(ldvP|
zGIG{OkS!Tz$e<=gx9=EU+G-|k*8|G(C2%``<WdUARiF$7U+ei{9Du_y-({Xd)5hI}
zRw_>VXxEL~>m6K}5U{4+j<~WCP?+H+@Km5ub#9!Di?=Jo!NEBI9Dbq5eO^juw{#_{
zNu#l$sg;m7S_W&5+zk4EQy*Iqj3$RpImkEX2?7?x0G*DlJDIhupY9}-(8v<$=0+Y(
z)b$bSDwHXUNu>KSIfg_s!W-B~Nk=QuiU&`oQt-VxjIyiTwff0rRG)Da#uENNEvt(o
z;Xt8h$m@oCU#`c2MN8%xBd>H&bss6%Rn654%|8f|HnmP?y#-QYhmG^EpUbyAtWX?G
zopjjso|{gZwMVk@C$9~+%fAGltnl%qbC0I%?l0TyCm!7wwLYi+sI$vQKtA_!Pq)qX
z1qcZ?W1bc8L?u(iPcOc1-I46?nJs3r)%QggkL7ckX-Iej$6^oH_TPS!ZQn5`(6PI*
z$d#zYUU8@|xw)}WP%%G#9`*pI)(*c9m+6&xQRfB9q((?pKZo}O&>->6XSfp#{XRcF
z)<<3!sm0~)&!Y5^2AyN{X@U8~jUz`?=lu0y2X4y4%!gF@=u@n%DIwbXSchKx5lN+(
zy|XQE{Y(ZR`XA-5i$2|Y+2%CP%D4D2pLwD-f5^E7E=6U!Pxhr?7hG@rMS%o3I-w5d
z%u?Cm=wT^thsunGzkeh#$ff9YG6J31VPZ2a$h^om*Q;at6AoE<WVj%ACFv&(lglXO
z*B|ZK#j<jxvgnbZ&pyPYd59Edw**P}FG}pzGL#L0fqNzR$i>8*(8X3aNS{Y;^Lhjr
z)<4BOxFz=oRabAkwByB<ww)@v8iebq^0IG#j6ZTO9jivBllG!%IEB_O{Wis~<U5vM
z<zV4VzMban+RTj%YL5yv5suOlQu&MskCa8#eVbHce`e(zOThI_Hj!3__(xTveONd6
zS{M)lZkti!YQE`OS^bf0g;-ox>=>Y50qUIH4*o2AaIH?r9Va8@B37)ws)2R``>sl7
zG*+$VnhdLRS~3cRj*!|38EpYnRw*vew_g=IzpA{7Afn!JHR>~?8EE)pE06SFUExQE
zD#{u`nsbJ=NAYqv6arh0oGsK(S~=P<UI<tK#2#Bemo?=I?ZL1`d75sMI&qX5U05o;
z*6BYG8Gn98Bd|6zTL*f<$!`dXtPtG8gP4HEQ%^^yawgetwuDH*ozdb<rA7Q&q$c7g
z{29@5H);^Z0M%?-LTjS=+~i-P5j4PAm*QSwm;5Jj!P&;Hh~0>CGJt25sLBXghKoWG
zSPfC0^r&186$Yi`dMl-y_=aUrn-Nk+l{LjTQ#d8@t#)Z5qLC+66M#Y2s{b7O3&}FK
z1goNo(sJaXx4cS(3(+;Tu#`M#_XEMLA^Q>{H1Wj3V9p@np5o-oBEy(!J^eEjD|i&6
zEX{Td6Jb0n5@I%)A<(>=(HqxI4e8VdAj^*?AQ|#HudMQ8?okV!v&(yRfwBmexiRZZ
zpEwYiU!*br?L#*KqMO=|*Kn%UMu-8c^IY2b272pI%DTQRzh2dk5viUp8Re?@Crs#)
z2ua?7j>j23F;XD)NPtIxWEsxLff9_yPSa!Ssca-rQcLJ^v4XrAC(gtV_O9g|0L#G|
z9lj*m2<!A9<r&8V=|Q!X0y1r-9Ibq_Sz-{pV3z4*B!aM(H^shaFMlIcyg|!x-#6$d
zI0uT|lk*gS*!UroK`YakRlo)|(hk5k)Id+#o<cW_K|bEW-Aj8f@xY>LQO=H>WDG(I
z7;;{?vzv<NZJU;c{J3>6lI0NrZ0&>~G7l~)udIYb+^>BfVvpBia8^G?t7n%ECpL$=
zE12r5h$lw6TmMeFyBiGwp}Zg!m#R|ukVZ<+;LQ|B28b^qy$dwTKmwk0Xb{$!2Bd9G
zB@&an*j3u?2Y!OxyjW~&cg}$D3%EO4*>$JKe!`BF!TBON`m9&c_kbOs-X^m<!oVGp
zqivWOE{hNsRg4vWx0OaA!d~Q!0(JMJj<jA^j6thktnZmSP}kxkXt#Ma6|69s^*Ni#
zL-E~bc#UCwALVl7$}C1S%{`=S&WWM(fiMk(k!_|c>;<!~<w>#mx)5vSNU9E5+F}A?
z>Bn2q*}Rt>hsn1qF_8=4R4!>pZ@-l~iQZ&)rf#ta*0|v#hHf0yH$0-7enp$)SF=5-
z<L37B6hkL~09(2kB<^4>TmlQZ6}MWuw&O2CqS|dR^s35|E^KN0kW-MDvxXs+#)xM6
zk6UBpm^vhtY5vYitZBR|9$k<F0RoK%i4b-J3sQF&kK+Gu+V(U69%ep85G)J~Z}VRY
z5#yd;koT)a&W);3Lbqyvz0pti-sEkr#DdNoW0RbkU<aF-DHpyOH;+n96iZFP^Hq$|
z%Af&LX4OZLQCov_Hkx=2!gaD$2%<<<Ea2CMb6Mo?0ZNS{lb7Is_n&oA&`Hnm%tD3a
z&IY&C!mooS=GezTM?t`Od7$^t3FSS|os(_&aK;Y-&dkVURl2-eCR5Z1rQcqj7bVSX
zNdaE7n`ryd{Gs71dtcPTyl{{ADAb+8Y;7BVa}b;sRgEsraLO=zW$=f}ml%HhQ?+rx
zt~jnGLOpH(-r_ufUEF+KvG{D0;lDYiWhPqH*G}qU{YChIl-)fP-K5)hy(L=Nk-NUf
z!c?)<7JCgS+i_Jf%|N^TWT{)^OFI|i{G2+RTfBTW$8vXm{aDd@QjW_;_t9M5QJW`y
z_=qD#af%>}JPE36^O($%755b+?%Z4I`+gy&fP&tn*vo<lw~U_}6IRm&MpGr~A|ux9
zK+8u6mhvL-TQ`^F0m0uuxehOJr(&flg*-h0q;!xPvWNCg7TLMdGN#(#6D!9}BxM>e
zH4H7sGU%9g@Ia1Kh-(iaQ6K+T;MWS-R8K)>uw@8*5pn|iq8cF~ZiR&0A~K;)L5q&J
zcQTg9?4J-Jw%SJwHZEobxjx698qm+?H6*{iJojdRrm@YxGKak%qR5ls2a#+D%E*~D
zA08;7)(`tP=1rFyR_S~x4zB3D>)Jw3R{Ec<Kju4-x?M2%Q)Sa8EFO|B*5hf&_D<IW
z@Wxfn;I;Q!@^<y#6ossR7T-txU@4P{?PLnk<Td5>c!O06V$6c1QO1?e-S0$V<y^PM
ziZR#(ehT&^tK1*SxkhL}IF)Wssd1Vb6FB)|RHCT;o}x-*Tjs%0CGRR>g|ryrd2+7V
z4192icr_B2_V>w5qcC=JII&T<iBPCe6&P2nekh!*Dd0FPht@HcB)lCQG9r!IFM^gk
zm<q-)&*H*V0^P3Y^wFmXva2?7|B-xMwqBb7@QA3BTkh&!)zt-+WzB4b)3Jy<=xRo5
z$5yPPMo`|^GBeR0h89v=jG~Y+Jcf@>C7}0$9Z<+Cywnmfi1@pm;n@bAt6_DhHsdPj
z?&hY&Q>jq}a={&V1eUnK3PE!G_6l<FN1W#<0h5-OYzQG?aaB2DTs$Lzp&u%m4eDwG
zL=2MZ#VW~sHja*&qKjUr%x#dogIfVERuY<hB!I2C8K)i-Vci?|bdW*Y6VXTQKk<X%
z-sTVJ4<5HTW4R0q$<*TzTK3iwHna^FPV}M7+L}V6;GwH!U*3e|DPtrKkFQS*4e@-v
zUZp~71je7)ejwjX=r1P<z8DU~?rB_r1}*!*uusDO$JRRrNz!#|pl#c>ZA{y?d)l_G
zYTMPeZBN^_raA3t+nTxkzTY`F&i&#>R8>~)SnJ8$k^9G5xz_V+HF^SKlfH!>&1T<J
zhUir>=nyAWQ9TxdvvTi-t~?-PM-4FPTIVEx^qIE((VQF`Jk!*(6Q`fg)S-$PS(<Hl
z*WpCasnhYevRvh&vk|rP+%0@Jl6C3@!>vIBKf>t{@i5sro2O9UVOgc(Hq5-8_&urr
zWS=br;9}QsFp`oeqPYoco5sWD!AWJhm4@A*!{rxJR9W(ygNQ!l4#@K-4Z$(vnsdK!
z>!|qm93MJLU~E=Q3c8_?nSrl$SK{l5Y>>#ZnxUigh>f$@O%XCY(gI^!q|Oai*ET(D
zB`Il7+BX6*I@Oh0ovo>`wnfNzTPV@m)^@FEfKEK*V!=%mpG5b*Gw{-{qranRr_>E?
z@|HzbhODZd9gfQa`QBnuITa@awK}y`6p3TjAQri)f%U4&K=M#;C6j_!#^Y_xmagAw
zyp#xzdo6z4`ok<R`sr;(9|^t$GObY<yr>$+05|f&OZCc`6!pkMk@IcK@(vMI?gCl_
zFeIgtF{CZ}*fEr1RR4XNObP)bLlIhv3F4KO#M!^t`y-wFq??g27m1;qj$HrjFKFMy
z>tBlXMldH1w}`DL5{!<HtDfGfhuR<Mpvo1h*`UH05i3xlKxqW;d=bI*1?ew|iD)1`
zdWl1q{f|V_I|mYvY_^NTHoM!|`-&7WfY-(aAyPtiS-V$n_EyfA%o*3J5tw4l@{w_v
zuUP$peYOwpq2)Nu@@z_%+)z`O^AFp;TbUd9abOfEC#Y0_={86h`_i=@RG<3%;%?zf
zN*!hKFWQbIbR9JWzS#K)$-&vXBuR=ZddW}k!9NcxoMTEXVej!tI#&4WN`aqx0Qbl^
z&>$_-0kBy5`qf1R8L@CfXq73HWlO%BU?QPOb8)7`#64BBEQe6FwqFP^-<6*;O8-pT
zyx~%cL(YHtwEsxfZe}WPg1botV*1MaX4wzEXHx!}Z5+X7CKH{M5C@_r`a~LgVhB%#
z<t|0*AqPEV#GQaTm1Xcz84AAb0xsBiIGPav(Mv|HIAKUF3J$WMlw>vi`<xi7Hd&KC
zCMI+&Q<vlCd5^E-&^V-Rlb+m^k9MHY6Cb8q*+AbsdRMChhL>QRv?C%|=U~C#pP}WR
zJ@wUmkmX%xL|$w?Q8x;iDt`keCx(3!4%>!qBR2xdHz{_A37InW-2Amg0bUHCS?zq&
z?B2vRuA*UGm*?<2g(9e!Pua%_i+kfz6W7lwXhd>^^jJH;iy`{3%uOHTw=Oebs*<T8
z7S<8jQn|)N{n(9t%T5IDPPei66cu2`3~j<<#Uh0Tn0RJoD`(vVUZ_E)Rq&`7x@YfP
zbVgmU?l6$lBX=9SZ9L6=2}ok+V8QM3Kp`jz@*vekhKggF0Rw%1!6?iA+5wTp@F3WE
zxwwH0Vj{r&06GA(=2rcu2k?u6=>;FSo1I&htH_3)0L$Qk{m%c+a7WL^A_Dby=>wmL
z8frr+AQ$EK`|<}m(ZbY>S-{bqp`8c%j|`G@vY*_I$Hg<wCOR1zR2w-|8*}wP-z*;U
z&MY0Vu^rRio~QC1IIb<CSCP#};+JNa(QVc;23;Dk6<Pq#B6t@%w|ag9TpOY2OG8w*
zpB5soc>uN-XfS+%ka1+Jfq0pbLJ?hP*tf+6zxR*mL@Kac)!?WDvTe6v(0pvaFbAWU
z{Dm;Mz09%|uUpeCZ;^(dKePxXpI}GI4!9L<^0nAl^0UOwL%HZJL~Pf`^2B;Z*<QpX
zyngDcTF?NPn@kM~^)(AXjzn~RN08Cr=AE@ku-@9)yGF`E0H(Tl=5#_Gh?R#u)J%+q
z8vGb5fN<MQEERI$Rp8lwJny%~+X?K}Fiv;ld6t~*lNPTaSZK*h6c0Ktg-!hGZ~xxO
z1~`BpSgWO%1QC~ae7gZ(IJ<y5(m{*x3yF%Nci04QHypRF68+I?JuT?2(UmjWRfq5<
zD))8!xrKv@WrzGdUPNQ#g9_p)aPVr8-~yjZ#a2B-1ddk3UAKwEc!5SS_gf<0rsnzr
zj`(1-amVsVOD$Be0wAR~G}SyknCurZU0$TKV$_l8l!NGuq@}RT5Bu#Q+&uo0){R^)
zF%dk#z_mDKBn7GxjwUt(*DB>MrMIxPX4I#%Zez>fowA{Xl04WZ!3Au78n#eQOg0zn
zlP@S=Jh`2LLARlS-8`~il)dRt3#KTR)^SYwb=o-;bz76;kj8q0thwj?{n_LDqerWD
zy_RD=*7?!X<=wUoFCFv7NHF458i+To-1Zot*Ai7N<*g<?6%7*776k&5mIcC^P8&t!
zf<{gPYZ5L17Xx+jjIN%(kwWoR$sAHHff6f`RREn&T;u4~fgtVe&(A@!v<So<6`fZ9
zObsMUDt(#el%T)Je)*KEqB=u5d6!(fKUOVnm)ZR6e9JU*L)+1$soM0aaJUuG3?3u^
zxkc|hI6oZU*C^HXw?DWPkI4hr5nmUEmq`aF?g9lPhMeTFvpv3pYEa28JkYd#7&98!
zIx(u581IzVc@Rq>G?MTm$bM5SbcaZi?_(JEBp6Dw;>~uf4|*dq%<tw%xg0(s(oSv;
zUNXfLgH^{p#Q0-zijfs<tSsltW8oeJ5Tukh!<SZFmefmyX+XuU@evlG)h`$Xb$`JL
zszE$99oL<#izZRz@hr8I-IF%q-H?gcxdHKXDmyfVk#oZPBB809Z=ibz^jj^VX2pEQ
zKbX-CBo$=bG55-}`uju7NnG}!jJ|8gN@TW3ydmPI7H{fpR~dbSa6+Jq&*2CG6j^Ts
z8xa>Ig^L^(@f?I^nIQ^sH!A-^(|t<b;uPy*!W!3NM%fk014wf_x`VZvCaPrHM$Y=b
zK|ZGkH-^QiC_@s+Sv#500Q<l_e)FnIfSrL7nrK2uc%7W0!mVtzokwiW+W+aXcKxt;
zhqxa%9@~3f|7It6dDHq-Q;9qT;A~xDH^4*8=5|k+9Nq5tt!C#obD#38cIH7=s+EhY
zG)^1-@QX^shx-ZGukTIh?QiP8FlQu`>Y&OPskUdWCveRN%^3IOruTErf8G$}tCW<^
zFb(1+5T`~MY!g^T{jn;L{VZC4u37-27nOPsdQlvkYE8~c*h`kvLBb{gD7~Uvy`O32
z7u!A`>!_KJ3-p3*L!-d@1_9Qr%POL$mGhbegp3$zND_TqyOas-ERL-zb|{<gR>6RN
z=b*3V5#L{(!aI|Ba)Y`7kEIllKFOi-b6wju&NpHXObEoOa4j~6bLP~0p@<5=5B0>E
zK!Um)bM*rVQ?u%YB_`wmssnqn(B$7e?LyMZdV@E`o-lYIAcA727;<HL$iQ|JK@CGT
zYe42>SD+#Bnscvg_(}&j1^0W;5$?dk?yU{6gMB(+7oXB??K2e>^3_;_W>uxzX999S
zWHRF!F!`OBRgH~obQs;Dc{(6bxuK#V!LYJCe*XSx+v)H5YT?xdXtU{zX_2By#4mQ=
zhnLyx!J!%kS20eMB(cIy$DT@Jx_e{u;o7pJUuLSWD@&Q8*xVn~_XumV-URUvc~Ur0
zK6P=x&0Gx7duVN4*!wu!|1e2`bY(%~zs&XsxP7}zT7EyUGGH`>o3YGpd)k{hu<ESb
zjiKVwim9}p2+d&xgu(jqRAg#WPv2IT!#?S%g`{1>KGNb}9b62w?Ed{kh;K9*uv{F1
zi-6fLma0%*kfS?A^i_xBVaiW_!Fu~OBz*zOsNFV6%1}9(e1@5^BI0;2?3@`F#$X9i
zbcZ$x3-30YTY@IbS=v{U6TU(wQx~KE)2@`EU=V^wS+rFjumWsi(cdhaTn>sengBhl
zSc*X6rcce6<*?m}$83<j<6)x%yZ^p9Smc1qg6P{*IQ$q{qLep>V}Ts0@hdEaRG}0l
zox@djbA6O7uHWdq?bDd3@!dO>IHs8N*zyb!ensVw<@{SM^y!KALI0w2?^dt8vXtK*
z$mUxYG=&ZhfCAdek-0)fDp`%&xT)mIN?m|+Nfxp)*1|-Wp3I7xTX%v;zjpvup0@8%
z>HKp2XvE?*f98fnYvn%9;+MQ*S;B9F9Uxi-CT5jf4Q}M(p|d_sdZ8X;y95RWnk;hJ
zUjdHA;3FMeEgeub@h~Kf)O6<Gt}iYXVFeUK`LG)s0Qlwuy$j}MLU|WGSK%@~7bpcG
z$4h!|6!XHw57lt!IMD_LJ5RCZvUtrd*8E^&ZaXIDoG7yj+$kt=U3>l<^#bQYHcR6V
zT8#1(b~lK}bcCX+XgsJk7?VI=gwBuN@iT%DssO>D?-7j>D+>Vz4Q$mh$`Hle7!=N>
znp^?sfInwcWB#?*{eDl6rrxZsxyy?$0RfZlC`cbGrUu6{SmH+ngSLtet4L$Z^od7l
zUWW5m?$RN>$w2b)hk^>XB4#72Ncuo;L~`JOp|umyrNxY#7~0JM3G!2ox8w<C&TGlE
zPJNo?ag3+cy@&JdXD4ojWF!Wkb+eKI28t~JAgL~(UIg3V_6>w^#T%&z{_;%JsyPzz
z*OK4-@ue%!W9R2621WQvFz@jSm2jpQ(td+t@csyn0*GuozFz>bJG?s_#@gA9O?SGV
z`_7#gK8B~2{)$RYD!}`1>yy6n9qb-u*8!resRVCtp3uR_=Q~66@{&;(P>8Kv;ML{_
zAX%xDgl5AtPjg9hOp19#3tDYQC0wXmCqZX%km&EP=&iPoW||>$)>g=*7d%1rdqBy6
z{f8XNpEQmYc)H`^WG{oywCnhzjy<cM#~$;)vPN)p16&yp2)<MvxeK;joEyL9eP_ch
ztTN~@kP<{PLH(vh;$Vj!oC_rcfb*%k0JIbc%cOy7)pV4j)_Knl-rq`QhsceUwdry#
zUhTaEkGV);c$O=*eu_lDzHjC@a*+L%6ZP~d!%yC0K4i%>NBq%i_2Uv_XCy;NE-<l5
z$VHW$XkHsr3pU%a%mTg8tp5^jExd2cu8{6L^wSkJyoMnNt=*}=%_#YYaMcy51fXjF
zs2U3}zaRUkp?Xv=pJy#FQ(DcgzjnAfn~Wn^OKIs@R~vnyHrRG^kCovm=W0s-H>P6i
z*N`%8g)1W@gBv0G_Y>T?*$6b6hjj$|vOGL_<8SB@)(~RullTWT`}K$2M29nEA^1UU
zMc4M!kzgST?tipn^$mSz9AfakA>$YQLJ;xSQOouEApE&f!P2uO{|6E92btdnrxF;W
ziU+~Q!^H`#RQ;;dY{zeMVM#h3(?*gB9}X5tsP=(ltjX+CEK%j@Y+gF>HN)_5*;gk~
zY9x<2WBImv#`MbWI3vrb0N7=+^`}8HwK2Q{dhc_u=ljT@(GSP--*#61Op9zb8_q?(
zVXXYEc{*9YvtvU(gr1toG>}&oRzYDUkhJ<CbdTc!BQ^y%$b7t?3hU_(kh?r~EW>tv
ze?L`f*Yx5OjZxEy`m}nT!gc4D#|_a>J7+&<RC?9KP+CF1C_Flg4a-QPslrZiJR+A8
zB)Ks;LHX==ZIG(?1}ulpD^SW|*l8n_KY{{!t9KczF%Oe!8?ze{vUgb}I1lvFa6l;@
zg-qlmzG(ntop$*!*6-Z3Z=BUOG<wUQ=uo>Gc4E}V(iL}MaP+QU^9Qw$RszDNU(BOS
zZD9wPf{K^HrCxP!^n9XMyZ1{g=HGp&i#*_Vk#|C82fk76hwjJA?B@NfX<Y0Uh{FS4
zQQ^j7p1R|ScEV5*YH2cw^XinGR8aSy=6*+;2rLHlRCKghJ|rA@_TYr@qDW=G@Tf;H
z24v~$Gc#d_M2f;e4YU9|YR)uj3@|$sK5UL3gMaf7?me|&FOA&49zEXO*_3HPA<uR-
zGI6ES%zs9DrP1uq&?>gK;?E2SjsyV1uGZNuJ}J6t<D`DY@djmZe@`ij`>~|p-$|$F
zO}Pp<!O`jxN$dtO`dOk70oc{FLh5V0dO7n4@+Q?mR~i!`ZJ+^VE*vGm<u{LyCw1^b
zZ<3>O$_pe|CM6mt;Ot|tjnA^)h6O)pu{FNBu<Ii_BD}GTMhRR81suuHjL{?uzY9r=
z>lWIvL&!tm7OMCr{ssj>*1h!V#4Lj&wdVn_;l2t~x8KI5%lFzefz?y2M{7B!1!QBd
z3)VxGqgD9*4$a?~u|Ofg^FmBB7Q@9g@Xr>bJn9NQANDMesQ8Ohg3p7yIZEe2VfJ~W
z7RwceLiaR1rV>I?4(mtz)gpSf6pC-Ocqc1|PRMlQjDm+$b6S8xer7xdo8eAu8NmkN
zEfj<G)xt%?`!O_0io_AV3(sFt7g5}sfKV)Y(VX`QVhEn-TX-MqzaCBDX9X>oCEg+h
z!ZWvPPaUotSi3j!b{nxIm2=nig5CR;5m_v~@2c<A;V5t`|MrJ>ZEggLx(Ur3G+^{{
z))&RoDYPZ=!uKcd#>L-yF6-UU&29p~<hMme@({dQ6BRJ+rcaO{u8<sAAp{$td@4+k
zP2|oJrtkp@v}grz`*+iNj;`E=%OcHl$O?kt1-x%^47XiaM^%xoIyqj_?}7x!9tc^p
z0o^&($s{~B+ObAE&nuu>&FxF;XrC20@F3fR`z8V2w-+;RtTlG?cuB{c{Viz#A;Uhu
zE-z32Ms2;mJVS=EYXhYnJ*8uCH2aGFf%x-NG9M2xL$2g3v2>Og;$)jx-2fU?W{AZH
zaEEFd;W<VK!{V=o_-J(%tsByafE>cA59LZqXS%<1^xAaJbo5DK!cN11r!Mz_4QI!O
zzp<RfF2sAIs<2NhMk$kh#IuqC7L_3H8d>_SSpBe;VFoB!P@M5nb?C;-W}5Emt2Qv~
z7f{QQLp(C`xxyo)63?u}8OSqKR#}0ZKVp_98WecmNQahx)>dp4?r4S7(Rvq(2$x2M
zhhcQ7WDDi;Nl(EnqjRi);5Z@b$JKk}9>$Tv7P!3XMi_$MA)4)YVvaBY`hGN~C6p*p
zBW~o#UMW&2*Td|?a#pXUmfvKT7N`XJSK8)2_4l5%i&t3DBSF~>YryjBjf7PwMy78-
zR3WfLOkH;UjvmcLrccsxU(kSDCO9EUu^FVUb0ic=DqS2v%&BaHVtW#p`KGM9EdEX1
zS<txUg3a;pS^WYLg$2YPK#?yVtNYbi!l1P##4S)FLaV`IE&LXWuxs@;<xXn1?Pz{f
zf*UCLUb&31A4qu$$T^efrwFVa=1AMX?$5_nklw~lFl{-Vg;Ghc`JdjbT53Gqdja07
zmfuTC8A6ccq?e20#g}Tm*fdM|QQ{Y^SgL;^C&E1%X}lUY0Pb#7kR0ekE9G5MB|Vg8
z7F`hc{YJZLeT0sA4P%JCjlGKBMVvl#MT<8;ZT7SdV2GylR?8$X_~MEh;=Q>`2pKm-
zEUCa<VoAF_VU>1}FDVkM8z}3kuc$8%H<P%4y8Mc%rOuBnwmJCjj}B6t;x>6~s2V;t
zsUi!fAaqjI0K$47jmOAsj}v1o4@=T{{GhtjDTDQTc9pV6j*BTwmgNEdEt)J@H#_*P
zc~<XF5Onm;l`P~Z*+ktFbf;-)7jKJ#*$<M5B0{#JH29w16rv%88<qK6@uN-LV}98d
z=9u+~lRn-kKEf$fB~7EriZW}-RAj5B>g((nz9O#`0JM<X3F{2eQc1;U8523wu%s)a
z`G7%>(G@o|F*->SAchvG?+S{17w;2Hilo`(Wr~0%LDj#R3?aQx3wV=Rzh*!>rZR^Z
zsA$k=N??`RCLJOtq1>iDDfBVJr@b!?#v_f+ajWSG$Csc=9qI`~7+1FYXK3>B-ni-r
z_%nbGgGJ$ogW5NV>1#9<B=`~Yf~V~?k@Ofy|L5Ol8bV!p)}7eao=#y^_T{r<A#J?Z
z&=e^LY^;-B9-P@oZm1Lu=E2T?k1T?7XOGG0%#)9GweCCVITSWS7CoVs7H;Cl)}GsE
zSK^UTthX}fm@GqRSSJ3?@c-$sUp=}wS^)=CK6^VF$mi3}9J9{7?X8G8>g^N)8b(|K
zSnu=*6OYweM|Pv5eynkZ?_wvQU&K+mmGY=mESEcUAQwx8c)0x8A?K;V#3lkN){dir
zDk=<5s!LE;l&s7Nu7D{{mQ(bG^m^h&3KT&8WM>Vf)X-7w3bwbO-&|DDvk)Vt#|;8x
zbkuZUKs4|vw-uquG8Xr>e5EsV(jtK&ft;#XRly>>%A&OjD@jclp_K23!?f_@+~v=R
zby|3QaaL`;xO7J7hlQ5vUkbgx)r9sxZwr&$!jnlTvINcfkNjYI&-AQtRmsC3O7hgQ
zX1Oq|hk>4Aqj?j$TS`WU^iT14Lq-6KYw#8BLly@<dm6`ayw$ZRH=Ozcdh}`3e4c*S
zzdPWE8p=%}PacZ6gwl%H17_<#P8Vh_w3X;FLtO+kmvkG$JzQ*4k*Uq3&@xm4V)C)B
z^9*Owmin0Ap&_B>+OfI_x8sRodsQkZmC5Pk(*p|$Fs{Y)aDbq74)f|Mcyj<yfE9dP
z3yQbqsD@@ghDxEn#?jHM8JLm>G$oA;jb$*DZ?&C}%60mBnX1-LLGeyX%lQYO1%MoR
zbzN2_fN{vX7KJ~&$HS^^df~S{L%ER`zQI>2Q)!feI~5Y`h7X{q6h06&XVScNd{e9^
zC>E&bD>>HCATToe9)ipgAp%I>!CEIBD~QU^6InI3W98XUgj2DIFe%Mxw1r!AH`iSC
zKo@nY81t{T?Kk@v8<S;`%Uzy-@o<^8M?u1buyq*+#@0{4c4+16)n6u5x+Wggbs9EY
z*~5hR*HTL*o_1H*nHcuZqi8ArhQ`S>g2&qT>%slWjR>0_A~M@v)C-V20f`r&bH)0(
zbexXuIDhvza`7%9po~b@)Z-fQ>{b-0-NjCJ8SrW(!bs>TEET~Iy%5F~A!^;+dZG^@
zdDqrq&GoErztsaJ-=tThfN74z8mSc#ihVp}6I_I_F>t&y^qtQ2doTLWF6<%C3F2Pv
z?Va0w0bTV7_ncJ2k3WF8M?&VK&>Q*gbi_$C310cR{Kox1_H9tQcsV;=3)xEb^$(C)
zG1<O(lK*5fb7%OLc&`=*#0HGv45$0bf{x-2;D7CM_nL6Lqov8<ud61sF8!+|nJWmq
zZ@*Rco#Jp1oLB$(wClNGzVj_cdkSYP3>OOr&wmV(&Mo71>jk(4TAZ*PL^C81O&9oS
zBb(ZozM)v1&!)|%;-M`=94G&(RmDd!ZC&)d`}SK&T>NKQoiueKb{`>JMPIHf%MjBI
zu;<aQ_jf$bdOsYK#VULw+B=^xkWbQxig1D%TNGO@roz8`s=06QYpGSDG(7)TryDR<
z7aoG0g`EqStt$d3)%ouDMfDi%J<~#n1}Vh)9mzgq`(&OgX}>j^-nv{=tA=6fLcv-l
z9ad69Q~%yJZg>jVV&_ga$+3?KLmVcFU_ZXgz4o)bBl6B5QTmesSh^e*JD+%mRZ&WM
zrQR+|pPIPfN=8nrj{3?3#8pyQ2&k=o<nr|SH9Mtqr!NEiT?O=evqLf7r-5?m>lBf!
zF*v$JRI{)2&+o5uj=3+F7>w}>^ldJjx3uvBWm<gc-G{a+Lg|h)Nb_vDENej&Q9AQ_
zlUjLxB4F|dS2-YKMydP}>AnU9Nh)_ZLM0aIL9}<J=f-rNIonjDDnFlL%47odu&S8r
zX5U@?<#hmP-(!yNMlRA&?rAA`-~^)eL|1|nsz>cTzn@`Y&TT<E6TEOm)*KI!_Z$JD
z%l#ixd>i0Z<D=MW6S_3b7PV4t)3}QykVi?;tiIDCi8a>?Zs2>%0&(62Gw}Dd8NYw{
zx%)SN(L6qag=6(xV!Ev#>CPpWeVw`AevQeX`EUUe`qImZ(Xz7)XDp|?1H0MgniseX
z&Ny@7Ls_S-cy9Jq{B9pFM`rH!-_9O#e!(M;71js+u#t!((l9^+$yT!KKl5{+o_ZXo
zz%oi`qLxoK7E-7tHp23FC+yH0IV4Xd2nLVB2(eqR%-v-<?LAxc8{eFvsSpYNq-ZN^
zA@&4R+q1jyB#mWadd><c5tqT11cx`0Pkw3V-gSx4=tPF_G*HQ8=)_2Qm7<pUYvf(}
zZffYwc;8(Mk962UFyk#d48s%#Ai%V*h_kSskD%TL%)$6Z<@>c+hMOsH()?VoL<L2I
z`Ihn9{Ck|Ll*z>-sgQ_TI@>!|wSt%uV8Iw5r?rPhu+9yV-7V79xlsjCTcztg-pt^5
zUj>1;aa*=-Z^QE&Vd9S8PCRN+_Xf-9QJlvr*(f0gqh>D}C!+sbufm~@U}>*>NpqDt
zntO>6X5*i2-cn)c%u61lpdox~P|X;98f-sRR(MkR8Zi876l#GvcaAg%uOC=x<4~9Y
z`B?k-GA~?&c(#SR?!Yy(BAIhP>Y?DVBm6-bF{n<>uy<Tg31M>q*f?AWuXI*ZuptZ@
zvEQc}kdi5>-!Cn6{KX%8`Ne3N7kXq3!-r}0p-|&1j;5p@+4_^V=yNIHD)hl7{qV#=
zBt>&HHZ221M|^`AW9RPSotjn#oQ!G!5G}{lmZ1B^G;KUqP^G)32@(@)GhisGgc`h&
z@*~_S((Tl|_s{QJ9-aMQrAk+(0O4Sn>r#G_Md-*T34LC7+FRDsC^!<6Gn8+K1xOKb
z$Otf!>WjFq-MA0sR|qmR3@;`-C-{nw93422dI(8^eQ&q>nhSUXGGoT#L2{h{AAfh=
zKHVZ>4bi}}_n|q*ua3*!OlHZjeJCPDFl}=}gFi0!Ge`UF+4m#+zaKAOP5x}2zh-B@
zUcxkp>_qb$s%+%m-@&9dsdAp9|Gx2G$U~Ga5$VP%4;>1EGJjGrD5_FVS!}sU{E1uj
zCHKBlMd?lZ*G5;n)1CviAp`U~VC_P`X4GN*88E{L7JEfm7-y4sQt><5KZVv@1Fpev
zZ$QhIvL`49p~y?vu{T|q-9*tBM;&`8K)hCWIz|+W4TIBX`gPpTDh{=f%f0!%J11`8
z+?@tFimhqAU}s6?Z!8P^H;5Cs!12H=`L~bLEfL)^@ks(a-UM%|#NE^1fD-US%5j6d
z(;Hji-k^(!Ue)obzMaZmHpP5Jyedt)ANVR4Zadblfx_?*T7!-niXsd?M31=#Z5!Mt
zYNYBdm|x_KyEYN!VQ)s=liE10AUg1iJ(u^wA4RUmVssw0g%52|lIh#k7-~j*2``1N
zAdK3w&{|GqS1h|}#{4vl02}h!)3eA0m$hwR9d)+yB$ckxQFf?`WzSCV5!^d-tkJ28
zET;UoL_u<L9!V;9?pCLPAjYo@AqDfF48aZa-weUvOhTA4u(pV;#M}?`gVmz2b}VZM
zR~PY=7nf&WxS!+?ibG^}-G+0LN&yato2B4q@T)6}s+G5KDIj2?9SnDZ6pqx?OayEa
z(cVSn{@XSJ2LvRCr|i4ePPPIc7A9M>Sn%t#(aEZ@&@X;dC49eQKl7VCiD_Ox%EASQ
zFZxEcGeo^PQ=B#Ih(S4c?vMk{Vue-~xSJ*$Nd&>5ui?#|u^n}g-iUy=z<r+;wV_gL
z=JK9*CBw|-F+l7<*a~sEj>yNZ9idS8&0#09CAeq_lp{E?om%5DblU-;O2lWUT3((^
zpB|gqJYS=TcE*c9QkGtvg=91Qvc<&c`{7vL%sF(%%KUeYeZ&h5t0VNml+78wJNfNP
zA?c=*vAB}s!2-Uhc`FPR-{sBIO!WX>!*q?M-?XYaj)12?Y8mOpP}Nm!RvK8XMe#vJ
z9E~T05d&qxs$oAs!7mM)!wy4?x*QvpMM8uPB?77m*xbX!Xj&N95siKWsNf@(F;E0z
zj>aR8nmjrrjbPzX1xPm4#!?sIG=#Ou>*`L<J6j$j@Hj|t&_#O03e{kM=%P=?Z}u;4
zNXxIE(Ez{Y(h*_OP>zNjka4)A4GA&Gt@g7x98NwIKaS`w!KdXCoRFuuF4`E;YjpwV
z{C3eS&B4sLGwuR*HG^0<rliS6#}sQ|T+Mw~E~oPuD=1k;bQ!4C9V_?X$%v1vvgH>!
zggN8b`zsFZ*2S}#7;e`1^zacXMTI0B$uadP0+1AyWP^kS#}Y7f(yeC88U;NKo<Iwv
zzeDsd`LCYcboP!lV84(PlE}_8HSkLdLoI7mM!uqsa#EfV7#x4}q8vzKfpb1n<J3~3
z-YsF*Ym;ElD3-j!;eG3O`7TnFX2_fvn{0>V6HKXmNXlD?CE7`<`DhFyE6PWyt@R#O
z0T`phZV8y~7MiV}upJ%9Lz5PNT6yEyV0dbnt5CRPKu=)DVG<a!EtX5^zxsz#5_%9I
z|HUX78?p`k52NHy;WOaMu?^t!{O9V3IB;BfpC;vjO}J#8TH*QX25%w^Q~}9ZU*q}>
zz8fL|2Z;v8to8D5@K4AVz^gR+D<IQ^zmSuR;}F@ei~cY-^bE3fTo{{9HfdS^MiXEw
zWv;+82=f!Poi)QRe7uRF6@|nny6g>21h<+KB$E~)gii+cdY8v4%XY0)BD-yyli8xV
zY~yETVzM~gP{!-5?yhPJ`@IOet#ORx@=Rs_Q=?Ka(T#Ay{Np^9PY+YR5}-28_g~!?
z85p&~yrd&9$7Vlh((G_p&~2r{Kkp9%80+<{X>E^0p#f>4u4_|Q4NzSk+IU1$H)FFt
zn(&wL5b^Z(&aHN7{wzpud)`)i9nB5YU6cD3f4(?&_$_|^0gs=9AasI|<^V*vozr>s
za%=|<oHOnIabs}1=ABDG!C2u+uVyU^Uyq;)V?kGs4}ombzzQtOtD<TVK?KPdCrzmT
zz&ZB8z&3mVvAgrj^Gn+V+L7dzok3h5CE#V-&v)(|y2a{Q$AA;?`p$RE_e)yjNtK^J
zu*C_){b2uvU6bEHQ-|v8AJvzR`i|Tkz4LcCVoy_dYEq`UUI_s6$|lMZMGOAlo6G$N
zX{|d?G!LqQSn~m0b4-V`%I@<-0eHua^&Q!O{Jw)zsS~v-N621R6bV80LF47FoPoE2
zCcxxh5-TIeH8ePQ$qyO=PP;SrL&1)aJEz0OI>OTI4+x8X;|qv?qHNyzrh&9Ox@y~<
zPH!NPv==$D72t!Har&$zK5S4u*=Zurl>j<(N(pm_@T4!f?T&I6>uYibcKMpYTQ5%6
z_8ds{7a=Iq?JOCGL!b;v<$X3C2pISZvQ-qYSN<!=wt?gPM-Am)HGCc}p8w^T{2$R2
zb#EtgW@X@Yp)M#7P_~F1loz;DXid$=_K%1PoS+~avzViUo4JFVE6Kka`u~o7UFBa$
z_W#)aL*M>y+kY<c|FQiKF8luv?!O9Z|JRoNKe+7w2>JgPF8hDuvUC4)4?yfvOi-R?
z#!@9PpnMfI;XfQ2RX8^G{~Z2v#{QqPFNee`Qh0rmuZg)kxRJ230C%eRz_@sT`bGG_
z%33T4Za7x%<T^%BHlT4W3Gkx^6^-rx5Y$!KxZv2hfH!p_pzL1;{9nI$wNk*y8bn}K
zEgx{R1`+aqE%5&r3W!*X1o1y^{}}|TRFeUXYRUdzi`-giurFBZ25wMppkc#4l&FH5
zl#T{as_{3FxycHY1(?-Ti^uYHyDa|*&T(>b>BBKgIG8$`Svy#gaIpgyeh`3t9fFz-
zzaHdCGZU1wj+&^9ZZkm(CMd9>9Ukc40So-miudn-tsjU$-_{^7E{=cvK)HZ{%}PL<
zHUuC;H9Rn^o&xNvM)NNq=NF(T5WWEq=-!42rKBLME-MR6Y-<9}c0dCg8lb+uu+6&d
z?qFXS^FIi|xVXL?#G2VUmqEe4nxg*2;QnU_Xx&ZlH8a8yYG7^m6dEV@Kab{XdHv5)
z;^a=hfd}Pi?(GSO{@<y~j*I|NN3DTDqYS{N(QGu%f7jXn@!|Q`2f)qF%O)uJKYKuU
z<>Y!<YpZE>J;jsyUhB5P#Zg(I^J&}HHfz?dq7tYiiAaj5{Psp7C55F3GNS}dW`UH>
zIL3u^t^uDFt3}tPZ(XwezSCa1wBfek>Q8^d``PRI>-^(|>1Dv;vM2ogNB-Amgp7a+
zg#pVpS<B4M3UCLO@Uj--{B-=BnaN<W3h^7UjehYjEv|+W&Hx3Nyh(@*l18(IkcXK`
z*#Le0KucvPcucEHxzYr`BXa)p@43H5u70ADs%Bo|lNY5i=?wXV$*k{3<96xuhvPRL
z>(~22i=w9c=q6$Zsvc6K;U!daM24PiQdV9z(*q@c-vI!?+|yrfArTZ`?$K9==;zIx
z-RtC&tQJad+sU@&OKZMG<SUG@4s(JHO2KYEH>C_;uTZHH%M`5^Px+d;Ne#!I&xNdn
z<5^#3;pc%rknkbcjI(-0sSK%1ri_NSdv?KIF>7KqRKKXUq7ouKBYTGNOpx|Oy5+pk
zTw$3_hyZ&E-BK6izo`8pUqhK2qh11U$hpwrVE}_++R_jxb;D#P@QoR3vJ9kcsGCvd
z!$>B)jX-UY4pd^auE_0Sx?rgrSgt+cX$lKeuwW_!QYtjtC~XtA#`p};Zb>_mGPI>g
z;lZSNly_KavPiF77^;q8HxsA<GJYrR+p)r7e}Lu(L^<pL`c;GeIyRwngnEP{@1Gpg
z!)!D7*4SjVzQur+s6Y3Z=~_ezDczIattTrBGE6`y>OR(Wme;csdo^7H-y_ZyTSJA%
zoTu3qmoeP<Tg7<AZ{>wQhYX1Kzd6q->~IR0zFo5mW-V|W&^i(_Cu$A*4rAYKzZmlM
zT>>ty{MK|%^$xeVT<@mE*zMW*Eb_9BIOuIwnH?Db<a=?%5COr$RvBz~P<HdrF!yC~
zoSk!%h-@^`WLKmDuDR)oMMI`dxhMKM7J=c+!GARANP0>thm|#z=?DVroeIME+4?93
zGGI#l5-Dca%S$EZ#pBEe$e2ou$V*hnEdg*qXgh>wg7bUh6SnEP93*mvl6=x;47bIG
z+;7e`oh69#)V8K=@G3N=>!ec;bH$W54Pkf8iRo5Ki!32;f-fJVpRD`2-ysudN`FaV
z&^{;KjHE0Wtzv?AE->6;lM$A>r(3=rEgVqe<pw4kaJ>m)o5zedXSq;HgQ7`D+5vd>
zNkFf6N4AxK3Bfjk4Lb7nosxue(X&w%=iaHw05Vdu!Xy3`2ybS8wcPXU7$v4w)vH$%
z^a@ZcIsKm?ewecdpMe(b@0#M^u*7C&bY!hRgzHk*L3zwepD<;kkr2q3*ZM=Q2MK=?
zZ^+gi-IvEQf$2|2&Y-$T7Wf>JO9N({d^B0Vh49rdX`XP+n_i`Oh^5)N6XhM!+rVs9
zp4nX6wGx6;3-@(!cha_z7Me-DW-eA0ZP0C;9(UTv9jjQLG?<~-qZDwVy%jrl%nf|K
zN*Co5=t^8fX_~_IDkl_7LCZx=ZYG@nqv~3X^7Kvki|RGYTr>Z8?xiRs)&|(?yjHbr
zSbg60V~i^<wK7ZNYRc*jGv8?{4C3vVU{9Nt0^>Me*E@kB1biUEkvc9spST-q@_WAQ
z`#nIBg|yl85NK{@Q^g7az484d|FSq8#qaikfjY)DNC{jHL}DjdwqWv-;L^C5!@>IC
zm)_3vXHYO}X#|=GHl$_hJ_23~U@*?D=xxwds5#6R^XIdjpzihy6;eEOJf8OTV&^32
zTh;S5Y6y$=1mR{wtke7I>IDVj8(Z>UOVh(9#)v3!h#k1(k4loNTI6-UjYFY@l=OeS
zwZnkX4AEfi>ellNV*;}Ri$f9?%z^|bIW7+xONYQs&DLuhsRQ%l-UV3m&0o5+{r(O@
zXw~tFTe6n}Z@Gx{45wSnc)LpIF|5oGtI@)y#>D%JIJ{EHk|!0bK$}TjD;eLdiR_XS
zkEt+6TqTz?x|n^hdPfAB2U^kn^SA%pu35d&9!lw=Z@Gk-chqZUijG#Kl2SW9X3$_G
z4BQ2feoLceiM1oqdJn*re@)Qg=_24Gv3nRp_2RfjaI&z@kTEDcKf`}&!J03E?Qn51
z4k3QHSP^Nam$Ac})`&+(SbMw-#1!)65}6bp5_hqCU%MuNb<L~_V<Pa)=*(d5((a3A
zp)hNlDj#A(Tik7Lqd%@Uym*7+hu#?#c;Ih;R2x1McLc#(i3E&G$*RrDO*$k`a8+2J
z4Co!SVPwV!xHGcfh3*zUCt-r1f+!&9ys8v9ZW*k*2oon8gKgk?WM;08SNX%SN31)=
zzGmR76Wa=gQhR)WG%gTuT#hbYL(i?`pJ0>m_gPAo*)lPP-?2@0iCZr}EKEPA=#8z1
z<~fPDIHZyBaRSI?vA|7)MO8XEJ9#hhI%I~T^0z*}3eU?=&R%vmi>Ovt7N54EGk(ZI
zzej<fj!=|^?X7NLuWcgL-~t>FPNbYQw5h3eWwr$rVJZF;skO`VR;2P|?lZ5iae?9N
ztW0>>Eq=86Qoje<c}?TU?&>-z<oed*LoHm>+}Nq8mjDt9K}wA$wM~sg2+i<iVx?hQ
zWpfNmdL_nmD?ShEriD7SG+5dclxM2KKXvKwHW%%Zpbylz-(mlXR6gca?y1fp$Vaf%
zI8g@Hv0FmHCj~9ORH!?+$p29KlTS`LB+vAVjna@lt#0&t9(%8ONTG_<kj~$!G=193
z2)I`t&RIY?7k%q562_%prN#s~V*Z7U>1lqU*!%QV=3EvMaR;aLPLG$k8IkR~3Jy$u
zA>`C6yl4EF%AjEe28kxJw9-%yy2$x6d9@L}2q;LB?j>3jAvgg}Zr#^ukyl9=B2>D1
zvUo9fk1yhiy(0zUYNq9FRfU2-x$gH?1~$u+H=h7*aH!6Vy`rk{crQ}Acu-6nQjC?2
za#1bmuf^#ra55H8u1^)jA0aXFxQAk`v{HR}lEkVDzGz&9sjj53o`9Vf{l79II}_E2
z?fu?Pvde_O2(<FF+q3IPU5$9CQ`Ji?%}PNb$2rV!LKuR|NTz#07$jX6f}ZiXay+qr
zt=$3mF%&_*g1*+`_K@&_ls_)c6JdTnaCRy=##F6M4yI>W8U9<IqzYKp2sQ)1QX7+;
zO@64FM^Gr0vs#@f&Fi?B-v`A|ciGOhz&1szp|dxufeOhlI%&Z829y~r|3d$4SQ>pZ
zg~%f|{$4(WMgOBvS+l4|YzW1R=yeyzd`bw=HdZkr+e2WyMZ3LSR76USHGzf7Swg3J
z!nJ5c{4HVSW+ygQ%Eu4O_X&|Lo@>=|$Z3kDY?ihz>)|K8!o~r|2Pz|`n%12xMt_1N
z8{BYpsj9cAO)LY}d_?hP0^A<?LtV<ZcupN`;bJhGOW2(*eSsrH#Nb}RSvopH*U43Y
zj$dc2km6tGqjJd$%)cqAdbR0k)>rGEb$y1qcf*0tp0eWpubxNWnSu4w&DTmcrmGv;
z@?=ohu#{%Dc@m)F!i6e_biWJHei2w{rXHn&vJ<Og;qxK1K)%XWIK-*2-XP_K`gr@K
zidc^i2+4-%=4aQl28tRnw7L!a+!HVWEY*sdHV-J;S##eLdxbFZ0Hl4b&oGk`G)4}r
z2#bQvtfN#@D-~&#-OSRc!M>4lQts_0t%*qM^@5kf;-V1`*#+oXdEzs3`@uVEi?-6o
zqzEHWRGE1XqNNOfhgBN}2MJUatYG3I;@-c6lB=lOLd&!_3|h`nr!j~H^SU<z=r|;m
z!C>5qXf#%m6Zf?$h^|=4N81?kpnvw$N3oh?27?*V(OUOEicP#DO)wVvw4&a`74+-<
zf`_~@?4B$R2g5fA&Km5XXYxW|>((8+SK93!<8jX1=I$`5lxGBWi*Bkhgz=|wlH8`K
zRJi0fa)*8hj{D<4yZW%PLHFGq(Ay?#i(xaZi_Wr$Si90gjlbUw*+tu8<SF?SG{5X-
zO%XZBd$CIF_v5ehO6C+;`Jz8$>Zz1PTS!%MyaRtIma%)h#?+FT%wlK`hp^Oe`!no4
z?RM!OhnLBuK7G8LXz~V#t^zslGCey4RW*|yza)Cyfe>ig?N2hkan0qhFO6HKv{UY$
z-KGx-NjL3EcgQA_O98yA!n5iCfUVUw^><-5V(BJzXI;+35N9bat5QF=#iEh9Bn&*S
zdGOAiP6LNdjsA8rK6MX3=k#DO<I-LLJTCa+l<C{T`F#2_gklpHht9@>AG|JIVHT$Z
z9SJ0xj*V)pF6Gp?>>TYLK*pv?j`Ot$%bd4vGi`Cuf-ruYG%C{u>PUw%Xs6iID^k4L
zR19OXg1;AHwo%#nE?Cvn*jgv`2G#G9kAu&!R12K4EopL#X2vVLjji6m-2WTGQlG^T
zWHGVp${UKcsE06?5K{zD2J;M|AL7Ko^+{w;n-`Ov;1TCeau?zSz?IYaXMJnim;7T9
z@}0mZ-ZRg-MlJHIhQYe>eZT^*5!|Eh3AU<^xIRi?T8Yc|F>vhi;`*gMtS00eD7SO+
zcz-(*1(^d=Pn=%)9IF+dHC5W;4kM#~hL8hbKRk1a2Xy}umk-_2&fCMHPBXO}qc<T7
z1rlDv{D--Rjh1dKz~2W!DKe#Mt~N1yI8j{JKqgr6dx6yhJu*02VrJ8K0&*EybeYCz
zi-W;r<LU7^2)8Eb6pWSRWl!5(f*e=H$jf=?(%KP;R;b?GGfx~v^lFF5nQlmIS8%-{
zpa4kE_@%4#r_a^X!K|u;RZ;`X3WgSK9n{Ago$ZYG&jb2TfdA5vSZKh&?e_sZJZECY
z&<oR^BgWj|a6DVndkLS(e4rs(%F3L&3HW<8VL1pIW&EiMRq-(i0QFVEp;0g4@!Vhb
z-XhJbH5bS>J>e&l`WrhdQ*Pj+@gRo{Eh}>~hqcdnzs_IBf&17p)q1p44^Uq6-~cMQ
zNXWrHJHzlBAjSjCPRef-rpwMBlLAB2WWRQ1IH9IPRyb5oE}NTV(0bs&NF4w6MD+AU
zpQ9KxpZJlqa)VK3s*{fB(%eFq7_-FG<t03>H&jN(!mir8eZ{KK31$T4mac<JCLU8c
zzZz=N^|ieAf1NNsy!9L<`uA>nbnABjC+9+3=bYvNA98vH>XR5Q&OSwCNb~ePLJ?|(
zLleHpvw1LE)Wbg*+RZlyTv|d}YXIRutK~7Ibb0ZBIwnl~UnL9e%Q)$%&htK~>(G-f
zKH#T~`hT%nbyD<eSR63r5v^ZZTlSL{;^X$!aDKv7Dq`J(>Wv_314taGZ$O~4_L<Dw
z=)ZFUw5+@`r+?I0$=bwSZW$hde+U~%TA3M12g7SCkPqZyCcf?ck&q_9EQq)PceovT
zs+-zntB7OP7i8Mcod&oyZ8Y|1L(6b|*t%h2dl%`fVL&ii>AS6p@ti!(?A13yKZG<p
zfnz+>ca$4ohdJceUF0C2I7NW6Brf3kulAV(K!xkUJlE4W@-HZyRb^$x#g#_|8;Bt^
z!rNbv#6J;8@MAdyg?w_ZPWg2Fk>;6e_P^KO7?Gc2+tJmnHJ@-^&@t&|cU8+_I;RHT
z4WmgwK1HRba^?;^`fmB51*3&UiSX`ia6X)!FwZNfHj9vYHnz`{V%fBc7$96N-B9HK
zM0=c~HF|E;vA^~b$*^vJ*0#Am%4l|HE>+L$F?bD5vUQGXlRHJKGEgh5g-+<Fmhf*)
z*X3gl!QZWD;VV2<{(CnHnL&rSX7<AgKXw#~=U#S~@4D-qluo~DsT^kXXcw$o7rNL7
z4o@ep-T1e%7<qP-iPu)1yE<MX-eO!OfXcu`#SfIJ8lJn8!KE6x2bWS_UQsT6;@;)e
zx{{8Usi1P?uJ|<DAFWszr^k`zW$YdKJRuL&tzEq(*ujbNW_;9dnDNm295_=zu(t6H
zPd?XMGmgkD$Usg`?0a!3cn+At8J;zLT#D)JmdBCUinTCcGYzxX^V4`(=WJmaU})O*
zkcWcRZ@Co{M+naNxWDES#971xLr^4eK>l<M_v26Tu7r0+K$^QJ&edpUs`Z{v_KM`C
zB?m%506cHk#;4I;-Y1w>kSacznGCN%<_AQV^zr$_n&-TKSq}JMqZLEt838gSl5%X=
z#`i?Ent`3_iem5?%$`6&9qcPQfcT%3QOfUEg`><8%1>Qj`0R@#c(_42JT}FywOh(!
zJ}P>Aa6w`GC+eP07%$K#Q)jYvZ~{$D0i^M=z{u`&wFkqX8BIIoy?(BQpW|p<&CkWN
z=f+%}(?Rs(jUc~i+Z)%G;mZ+;w0F}zSoA2?@^K2Y>KlFax}SC<4~CME0TGrw{?YiN
zVPRVa1st2yLF#p&jCcFe4e==_a&8iVhJ3&Bq-kbG?M7DlH%{eFSUNMZ6O+-1wQ@Js
z^z^rvQ&b5f`1+Jeax1x@2%}nf1D-Hs0eO25pa)UxjB##Rsaf>tQI>RpJcf2fxf_#%
zgYqiu$iYU=>U!exqawTDfYk?IQRrvBh&h5Pcuq^qk{}A7uAM&$avr%MY9A1^X6(_s
z>Oe&YO?{b6a|_mr@m9K9`Q$5dUIBK}&&OiJzMIZ)FV9d%eV#Ss*@feH4}D$_b&Ox6
zR#8lH44z|zXoBCOZ6h2G#{Q1I+~$ioS_o;`ucZ=X9a*Q(f#pg#0vd_CMj1vM{o}yS
z?~@Nt>B2aqqUkdRY3e2`lCqo^WG7I{C7(-j&aWA(ZBabhG<U!ftjhEKrGEb9b8^a_
z<QJL@mb{4YtKC|8)uH6U$6eBa^K{bKw;3+7mBG{-!|jr<n*XNAr~|H}ftk3tWI1*x
zeHm>xBHNWh<ZEq>1=!FwL}-p%GENJV|4GPUl)pR@;ee47_jFi|Xd_0nQ^Haam^C}A
zIRQZi8{3>X5RP*`uw(_gHD+rQxKtn}_R5LaCInrgp3ugFZ5DKK!C;N$1Fo>gT3w;{
zX{@8y77<Epd+b*^ThnZ4kkJelYHFS0VQ7#S<EN+hjypQ~25^V?voc5Y*oF-i75TMC
z>*C|}d__3eca6gRwa~y^R{TKtn|cMFyoIU@FfD5@&+hEktzR>4(G^n6?>Xlf8!uj*
zdeA!0d=8H=HVIkK{V0f2G@p(m<_R;*Fw<|xEL}F=Qoc)bhjdH({tB>7tbU$B0Cw%t
zV5yFDq7izi)B+?Hh4-|{N*~i?J&*QhbXncH*=x#&=4bxc_94kMCH8hso7giW^3fD<
zW8%iSbNXWv242<2_h;hES@UDKD0TfQ)22}(Vf?9AYz(@x^;6fIU>=(eT@zM?r_@=C
z_POdt?iPzqg;<}YJ&;Hcp>TJ2D1G(vQDN(xal8X%eHVZjEG)WOmHXf?Te(9WopRm0
z<DS;tabCl12?e7<T6#O3?6bFjTOPB;^=*Ch&GoCN;6hrln*N9cw4@ph<JJoA4I24&
z_jz)XA4rv-uV2~}Y@+;K&22TH#{yjiyG3IC(so1h-l7=k0f}8kCzCG#SxaBj>l<-j
z5vof0N*W-x4szbNCfAa*@md!=J)w3_d%S$!q$b$zCF)VW@fAqcg*x5H>UrIW;~O|8
zy+}AyJI?E}r0Zia7STv?N9;TLLvb*2q5Z;haB*~jHZJ~{xZ_vIZN85{#vTX6J5Kcb
z()ttmF4pJp(f-$#7z=G9d^OH}jA%UmA==f8`)vT8zGo+VhZ}0d?H6;JJBX~0T#^IA
zEB*Wpr(KzA7`TnbU!FIok5%N@N-#O$ib&4sNa4tV_Yb>`<XVo8kdEuQURJg!SP#gO
zI|FrB2+f(c70c;oGe^kN>B8vxj8*b7Smq^>Q)%kG%)<9&f0>I9aH0I?M2=mZpxb&E
z8qxrK=`A9bvyR8VsI!exESYg*f_Wm9+G2%<*NCZn24KzbTz->moFlWrjW|I~aN!IE
z&3bM9nKuC#B}s!kyDVK^^8z)z6sIkDC3T_KYsM01!kaUU9PCt8-SqTT)#Uu`UFA&t
zYfwld{@x0G6i%kS(l3j)k^fO$WgoKMBt8KsT$Nw?r}tC7xruu!d&%0A^wTm|=`Ndd
zoVkU8mBaW4A)Q!c!D;X=+#3Hf9(4Fk`jd9=dg46GKz>#)9Oxi?jL%ROmN`qfWN+z4
z;o{+S3*E*!UEbHUyGrzQ9ZUagvDrA~HKK+pAc8tUo3yY}<X~Fp{{u__#7B5jD<&F%
zJXXDje0j@zn}VpcyV$TG#6@e@H+2{J1EdFR{#^eWAaE=#?0=SdlI-#;tNJz<_Bq*c
z^8YF9E#s<ey7pm_2BjNBq$PK;H;pvX4bn(AQqr4lkdRL4F6j`EkW{+6yF34QKhJwV
z*QFoc^V7MHJ!{Qc$ISeGv-iv#bKslaW|JdF#s<?d+iwC(w4@-R@EU!jQQL2h8F17_
zO!pW&!uKkBa_KsGVnp+b0k6nI!zi)o*Blu&8En*=dH%^fvW-!R>|`puoSEM8MCXRq
z^ut_!eZ<)rB9s@*9j+Pp{h<M^eMeP3in{>$LNKfEwYJ5F56SzTsT3#1<h)uxt|tJq
z;C^d;Ra=`csM*GiLhCu5X6atl2+5vWE{nu+1skmyLoNpFqGq-Ec1{HkC&;1&=iJX(
z2^bNGQdK?%#9MG?hyBEaBe+*(e;RdKyCC=+e|`pii5Q-ts7kCa!&sf%&Lrg`ldjv|
zaOQ@8*Y02O>KHIa=8B2s+xGK`cpb@)`&N94n+GCvZzYw}g$jYg1%n3|%HhhRf+fT^
z8L3^IJ@YU-Pr0#1IukSRK||IoYweh^<OQJafT;-8e2T9;Xa}VluJ*bKp<jF4ipM7J
z?o`0c0v6V!#6nMeRF~JK?0M-+RA8m-<vS7D-V!cC3b$ICrQVBH5ZG4#Rd|ORci$Z#
z#=D7(WgOstaP~}el#`3T>eY3fiQ3`Ts-P{|sfvTsv$UN6h*yl6vn|jae*kBd&MxrN
z5<dfhKguti3hGO2xHE|ur7wQka`+<~?M3?yKLT1Z9A`_`3RtI6AzD&qEd*m$#Z4yF
z<2wO+zZy`-SZjN?-ebrh2WCO)YNv$Ew87CeCbKvy^jlhHtCFO~AH~}WyeNr7h6<eL
zC8RflNAzR-wNN`cr|}^tDZN8kR-s&VRT}2ubu>jFsZ4)(oy=%maLx`e1unUGAH!m5
zd-$Mahlhyoe1dXAKWuMv`+D9Q6^U2Re7|Dxqui7<ue)!u3Qmn$>9f&e1uXOlp?I6L
zGu|iIR{|c8)0%j>?Jod9hiqDnUB#UBv-_`EXV8om-h&Fey?asSc#I*Us(2cMl!6D5
zSGZXK4+nJkg|V?rm^EMcVSzvu{aoK9BOaZ(+H`vLj?()YqhULYmtXT_9(bPD$~Vl!
zI>L%)n8DjswPu@=Yl75OkCP|_nEHaYonJa1Mzb#;oz|0dTXr8Z8JY93&(?C~{`Z6S
z8(o(U2384AF1EygPI7o=8X~&ed#InbKc(PM3Mj(hXx2X9M8qRjv$4!*MAcoe&5N=f
z?wwoznR<WEw&hJ*LCYrE*H)kC;wRh=)OS?gENlvtgSGIYJ~M`O3Twt3@i%;VaBO!Z
zT0yt5i@`GKelJKS!Hkm}|ALs*_d_~SJZ0UA<+HNVyv%H5WrXAg(9MpQ<QNd}gv^Se
zv;~b3p5hjMMFMO5L0L-v9V;r>J8_n)e_ju7j$)>73VmjXtaoeURh_Y)$V};nsAxaQ
z%N6ITo%d|K?*-SP<klwq8$!C3Pe~k5lrCURmRYoXnz11#yq`r_vIot*h)gdF-NOs2
z#S<NspA?jX8{4#8@6(=JjDW+(DttDlmF+Py;43+m*@NDzsB-&|6n<7-r{e9W&QJD(
zP;TXrFWg2mf>l;7VIVBT;&T(ggC=wZ*x(&1(Wx^;uPah)FHZaBr=ClDC4bBQ;@2KE
z+hm@zEo}KG^~nO_Wk`9<!gGGlZTTI%khB!#vT#P*@3vQsciHJF=Jy)<Z`|rOs|tpU
z8E{o&YZG{O`AYOds=}t!kbHZ)_k-nh_Mp;9r;PAnL!V0lo%OT4_#rX`{1~-0#{XRz
zj`3e(Lg0ugUwiYE3ltM^FBV@!j(~$N#V*Y*!!FA%$1cyV$gae$%&ronx4wwW@t;-n
zf2_X7C~Uyspnt8rzC%@3o*4f|)89NHF$&N@f`G-sB`wu`B&qS<C}%Ut1d$;@6jexE
z#karw0-P3#Ara6xIfwxtcj@yt1}CZOupG%9w|IQTVn0Yt6g2Mdb=%Q>&|o9(PpRyy
zZLvA<^#W0dp(8yV=T~g7vOk2L{epw9K0Nij1>Af1BJFlP9NkF2Vuxm8gdufzKOrTB
zej-*QJ1ISA+fu+0NCFX{5!GEzNS|n|82~-5pWSq`9?d{)9*<*x*XrXsVXzEJ2V4#y
z1uo_fBvaE%zY^#`3KX?Q$Bqbcnxpt8NXF4d2cov~x!Fc9@`1f=e_GRgR{-DdcvyHr
zAj;)Qv}8eC-}Sf;zkS#$LZL4+UdrG-qH33wZ3MQ%TQs}pPBWX|w)#|()dHOZT>bso
z)$6)lj~UY0YEro@?kxK{xa?y#(AVLX9NwAqiq@ml=6Gwe@04O*V{hYc3!7t9CnZU`
zD2_0)_xc>?x-;tbMkEQAeA$H;Bz}Im_GTdSwjgKJvNx(SJ5Iqqe{B@QoN`TMAWv2C
zrP9yOglj_ein*Ujjby{K{6?L(JtU<)-h^k1Db$RbZu4#1_a@*e?BoMST|=^@^D91k
zX^7#8lPW4=Ai1<B==TM_fF+pN4tl{(p}Y9gXgsDi*Qmy%_Wr5A)+^=Uf#O(!ACKp+
zCV~iQut;Sfg}{b~(ve0taYdSDF&&b#q5Qk7jj(wh*Tv?!1APON70)5wp*UbxS20P}
zvSmFIzIcpu%(sezh&hh)-N_%hRa@>O^x!VboGDNHpYA_6+duHH{0!Fx&L_fw(Qxn2
zdbxglk_as%DO_|=e6}pO!7vC9pMW$RuRNQad9|9u%&vgeugk)@9tU-JxT@dJ594eC
z1yVzfh9hSFQP~h8q1Rv?i0FaW?-yCHYD;^^yo=jwy63;Z9PTE#ndKunrapvt8K&F%
zZe-ZOuJBrMsDx;??3<`PZGGowYh}}juqY%UB9Hy9pWF8Nh+`&jj?ROik{~fn^%TmU
z&2h}lfRMH`+(@YfooOCT7T3iPXs275F$d8hf+Pa3moLSna8<dGft^*7G*cT&N30;v
z`H(Z7PB25eq<(VO(@JVFpTMn@l8iP4aRZYSHtAu^Hg#>ZCbI<eZvf02jEPN`>{@CU
z0R0!qLj|&SG{RlDQcg_yEeg%&lyn^?*R7U?UAXgy_TWxdJlrz#x%vmcs|zVMS;7^J
z)By%l!t<q8)ODao9%2(OFO(&EF}N<xS3aTtG_$67+*$QhQ(W3$)7T#Spt`SP^<0GR
zwwORmp{+$3<?wmS=l1m&)^fB@_l`^nUOnt(tt4VHp5dbKXcpc5iN>0dT=;viQOH>d
zvA|sOon+>7Qw`rI8r|n^^1a?Kl+nnyu6vJ@l9XMFx$}i1&2o;ADEt_NB5f~p1Dm4)
za_WSFCS;5pe#UQ70b<7!`Wcv!`Ir#-Q_3D^fQP19!ErPbB^GxRW#Q@}TJJ1SKA{@$
zV$jC_Jm7VLD>k{Qi9RpXD;n;L0ae<A!JRs6_cL*?h`>bb-m#~^Hv+C0K7p`1Udays
z50znL9pk-(tK0h024XHkLSh=l+^Umr(O)utQL9%l)50`HYG;32nbszb)UI?2xLpbM
zrV!9LmEQ0np35fbuixyk49fjfvOVwmqC)R>nKUdC9@O7vdX3M!4t`)%)2-;nwmi2h
zvu3MKY3$Iy7MCjJzh7FfZjo|WG*TH9Y!atml-^a!-wVYx0J|r7^EBlhQd737N{8{5
zsP6fZJbTl%ID=T^FWWyzTBdBPWOOLmBf9y;lKDCPRf~^4g7o{wME3*;`m>6+{Gqkm
zpi!YBILcE_{wE#%az@zepY;&O(|VFmk68MI&VT7a)%eu>qtKqW;!!a|urm!f#A5NY
zI8)aICsVwf(sR;!@KNJ{+*;U3n`1tk#P{~)nU0?1i(rkG4BdKft){fuNmNiY{w>>!
zn53u#^{9Eqt@gXP)!I{9E8KGn(@gH_6sl1yxQ}Vn8fM0HGS(-HH;$w{nT9i=$E!gl
zs*L8nUspejMY9elx{w?TrrV^}sxQcSkIRwBE<SYikhnBVhX=IS9{114dX@@b&BzLc
zM9`Ke5}oQoTVM7LJg2QR(c4I@pf<Tgn_n^?CU~2KS<JyOk$*r~9q8e~bTrH9ym15m
z2<Lu(;SZG*N`f+JNp8fN5KAzx5SoqUhw#}Ju1%lCXhLzifAoP0QC~f<(vZo8$x6%0
z$@S7O>`gb74qMC;Xtu1qa@2QQrei%~oq4Ef=CM#4FU?MU&7nxpe$8c5sZr&A@I{cj
zLP032f!8HOuZr|3XMGy`yarU>5c0P589dbNmzDmE$6Gqtss=;@x(SleyRrKA)SHVJ
zrCVay3JYC$4?dHyvq>tKeu#104+g{RA3^qsXC*ouKMi+iEra|og@gHgH+=L!>bm^8
zGat+b69Q?4@g=Nz(J5Nx)dnU9qev^Wv6(mNh{v0FJ;f9z=;n1*l!6PV3L&C)PH<UI
z)c{V3?S#$XNkZ~-ig+&yp#=I)D#vDIzmF;zRFpIL1dH-;zPCvkCjyb!rh_r~G%sLI
z`Y(&0q_gqqK!#Pc+uwM7W86;N#Qq|D=v>0uNEVBY_9Mi{Sv<y#dz+wB^e`ZsI&&nj
zi7i7^T+PKrggg8Md!OoCYTEZ_QIl|VEfLN1qkCBvySkunQ$rq#zOH94o;n*p9dG(#
z+mcoSb~v4o!XMfq&K<rK-X!)snF#%syEK9zyfm12%M^37+HL+^ZalXyljHl5@fofw
z9e)+hu>bxkb;`G=Sm>Xcb6yH#7Hu8$6qsxUM&6)pU{rf6eE%Uyo!=$0+8|*H@9zq!
zIkK10+3~0E!CpOe3{)ENO;udx?d+MF0V^;i7fTeeyk=r7C4eh^lo$_~ye~a;#3Sx1
zan&5+e##qjWo=KF`7Bv#{?|=IvTQ2DnBDkb&j7<TZbcuWMx*OB51fBEHg&30e2xaf
zTjAg6xMp_w>eJ5T!fu5unY*bQT%EKyWe)w-qOpc3_R_OYgRwH?;YGG7ILp^0+Gv)W
z53O-}S-v4OcLDUsha}Wo37ACR-!}(gk03{%3S<Gp!@cP5KHZ1Bx+E9@5Nqm*-xdIr
z${v6ta~q=Vv;g1W?2^+VP5na6id4^-F9#f?!@-3NxMS(T`62F(9S1J&;Z&cx3l|0%
z%4`NRSJ<>os7oV!70Ptl-44?_rFb={xtj>;{Y&gk+SZ>84bc&eSXt&uiHMs_M%JvY
zTY0?J7CesX@2h8URY}amT#xa7BBc$usxD8n9t3fJi6pH{8gfE*$Koo?`K%eRK)gKU
zIwUtv_mSgyr+Y-X7JE^<1DyCp){*pVsEKgdVL4?L>0F59wM?xTWHCZx<uaW22Xc+;
zL<2tHn+?#{;mPdD6kxx1?K(m!n(z6Tqu(0y2*K;bN8v`&WeyANtUcTtZ>xu$g;L$S
zA9u`c7Ls)S6_x$lubc?qnV&Mnboa=cd=%{@kEHTI9j8$LF16H3903nwOMJOi$hgdE
zoh-7lb%~pX{>d-K5#bdtkzh-;8(PY(D@TS7nj;CFa!m}5d6h=b16MdD-cL3OeOuyh
zthYWJp7bFZK@(^hFG~#<X=jPPg%?l~juu$lBk5)eewO`kB<8AJrdfm-JfCl-gg!6c
zlJu0OEX{_;%}?HE&%zkq%^^Vc<NF1YWX%X|rV~dJzlPmT=Sgy{Cmy!oRu0A}t62p)
zyN$ks-nE4Ikq4p^guhM7|2kOUNSFG(czZBH!T8IBGQT4~hUB)u7@*O!u*7S8=#Si&
zKRXWIE8)1KMH2%ucPy$cjn-C;j6x9G_j0UF@ig3lS6oGq;$}E}?^Nj&N&BL>!Z@&D
z(|~DSXyj6N<&c0no8lgc{pl;HH@3tPSu}1d8IhhapcC)x$&*uj>7|Q`dOAumRdV(3
z01{N=$6F^~M>h3PB)&$bqRZP~dd_7#Uc|CteLcBUgL$KA2X^Z)y6Viwso)4X-tLul
zv5TUu>aT#{RD6wxyG=>*5}P3_4?r$HJXrD_?TlD3Sfaij&_OTI=-3^>v3!Qw1u2)a
zxjp?@w4+Yd_U<8yYGJ>MstZR^AJ2ZL>6avfco}lEK=mDxOl>upU7#+?Lwm`=(Uj;W
zC3ZRxG3EiDgwRfxxwDX|r2B%a{XK%x?tVpYy;o=P_5Gy?d?5VU9pGl@ZuUTZ$Z-A^
zi6&_>e@(5x?{IFzc}Z-4N@e(lhf`f+I%fW1y80!ZjhM+()9`o|bM^<M4eus_fdOF|
z)YU=Vy@C>UR<o%im8*%(C+6~UzdjhcM$nGfXUylHjhF77di<CtwI+Yxd{+%%u);EP
zf}re<`ElvKfUlG5QXb#o{xbQseQy25s+G3MUS*>_Zbi}|%0tgFHLTG80T$)sE(|J{
zHM(ZME_Kq~h1sL2eG)W%W^`u(0Z+W(U}hOcCu*}4NGtic{?gSYRVGwt<7mN7s-pZs
zrnZAP(%MWNMsYyN%-!2~7_PPWt(v3gE!*oIBl`&$5_~^Au1fME?>tXO#-e*Vs*1US
zp2EK}qR)eMgO$&dUo&MP^0k~uagrM??TARhJdQFU4L6zdA^BF$2f%e;5xa_l_|uOP
z-?wRuLYcMuYI`%yGYgfRGKtQGehoFkT%pBmxWpa3f!v1^(!Ozi3;ih~+K|$R;q(Hh
z)LL324!GXWRh|;fvVHiE&FWE#JKBTou_gwV10SBmS0zNv0ThhncDhpP*)J-U+bpBI
z8zs-)z}%4W^CU_OVq;;U`j@TryeU!UeCBw%D1F{uX0CizQEUyaMmDoqM7EBus_mft
zMV<04Rk-U5(&6?eWM#-Up!P64$}uUzyp!B8LwI<8rUV*XdPraSRC)%bY5ZpOZ1HQW
zYR+PPTmWWpZtbA3zo@A*nw!TZ^zP`G@TDee%dPyg+MCnvX`zo-)|D7wfqq1y$(Qga
z#*v#RXtyoYuNs9zu-P*LIWeB09N%N!R(b5dlw45+oT_~1Jrg+FnczX{Oy6v#IIUj1
zM}upezVW~!)!Z37c(<C8q%qLf)+`Y@^dj#Zav*BCvp>jAcRAC@9ThU@J~ccWF?l|>
zluUQItu1!IYKiJ$J@9to`4alQ_i{eXmvDq2LOwJR++h7SbFOZi#jyh~sjEARG=a$U
z_}Fw`yM75wEfp0F4K=0!WcS2!xL!X4w>-S6RmbrmCfjd021mRwSP?lt{S1nO)U+tG
zg!l1F^BKvuemYANm(}!lx;RQJ3wFOC(H0i$=jV3NTIb6if%}W4xp-oq2DPdXQTFvW
zuP<sT(+Sy%ZufRo9aCFI?F-YTZ|cSl@40MHQRBx#1su8Ts}Hm;ScA`11?Z|`9Kzr#
zf<N9O@{^?5A#X7vu2D^h)CN6)yCpl;FjCSH=EP^muM!x(f^zY(ay8H_t>*Ocd`gX*
zts6Xgg3#xaN*LBblgC!`-KVFv#Is@c<Sh1Xd2gbAv$e`EyQ6%dts=Smbi?Jot9fLj
zY@Typ;6rVf7s~w|3W7tMDH|1pmoXpCx*I7X_|n{h&z8zT&WrYWM9bY(n(V-a;ReN_
zU(s{yHg&5TCBi`@xyIlp?9v|{MV%P)Jq;{oOa1t^h?QDo3VO{X&14J0sHOLoD9Z=+
zjoeIXILnB>>_+b{?}@%6yAO_KF@~@+gFv^$V4h65PReeBiZAn;zOPO+J`|wB=LE%<
zxrLIbcWQfg3ug%{=spkvLq_SVeEA%&57*L0qQ2xTXVz8j+0<<oyDrK~{Op$aNhl7n
zibahr7k9KF>mc@|4i=>9U!}0s_l!URe;9lFe5`V~3j?VBCd(Fg^e*qs>35xo+O{6L
z`kX7eZs`C+x=tg1(Omyd<j#B&c+c0qVaX#YTbRGvVksl*YhgREa*A$>W{R$15^Enz
z4{guSpMAY5h$LFEpU}N_me|BO#WaD4``aPXgWYTg5dw<=lj1kwHL5+v6EOhI9`e`7
z0!5VhdXQI<T!1K^H)tZNY8BdP8noUh>xse-Ed3h#h`hpK8^G>w^F}QPaL@ECg$-P{
z8`T?~VRHr}qm4B~sTwi=?5oGSaTFUJ;g?Gt)(&yVQYc}+9xgYBkA9_gc=u;(xxuQu
zs&~$s$|8vgRD<Qn=+}+196DT4YG3epY%h*It=5(o((3ia<7>}rGIAc)6_h8|?~lH_
z0QNn9{sK{Le)<=~y>)l&XE-rICSDClB`T$XkH@T$WZ`BbIz>8q!1C+okgCFv%IIxS
zMegRMcJ?x3`2ES&A!gz$Vnk6CQDfj1=0*rB3GV?k*9+kqDi4qgd&$2xc-0`qDo#E#
zZH}EOI~q4gGF@5v6TQCtgmjgxh5Eg=w5fy;4hHQ~h*>Bn8JskA1Wv1blHG4&n_u#+
zpt`PJLN&yEYP;&#`BU|M>HDSx!Q`Cb$fn7rFzL@;cx#EzUG`jL6sr>H7V0Ta4hm>W
zjI4~!9HKajX-jddE8d(t<U++EH4xR^H>uNsya>Ch7E}*BfqZkzm6et9pd;?;%<`u4
z4E1LRFL1E34ea^$8sVkMF6CDlX-pC+Rz1L#&$C+w8!cD+Y$U!4!kBMwzt&&m);Wt@
zqlOyP=J;iCLSt>sbBc>|)wO2q&ll-B?)R3N^4OPa2a;&sU2a9^NNIyXGVv!w7Y>d@
zrMd4WMI#nszkeCzG*g##ur?-=)Qch5a^(Bb@H2QUZO_WwnjLP*7}+P!TG$iWNfbaJ
znXJ$_y<>0D$h$l;9D`^0ZlHd7JjM03nb9cjv*IA@;NYOQ;X>ZK$w=fU=Se0r{HDGO
z^$As{A~FbkzZ%y9EZ@2DOt=(z?3`bPf+fFV*3v-fSXt>RKshuznIXJsnIbGrC%26g
z@#AT_(@eO0oD=ZMi%ZgzmjZWAm9;kSoijMO`MD5sDqqv0RSstk<9!g{Xq(o-^8;JV
z39YnKFViZ#t(X#&@b#ivdxbY)=-iQ$k&=RBrW^!O2*Fd(@s``zrg>Y5b4oXzbZV3V
zVFHupSYXA*6UFy+h|BgF@hDVZv%>Zt?|n4qF&B5+=Ej1L!Qxb?>RlOSDJ{)N?GS`p
z`y;Q2z*w$Xd(ZA#Xo0NPzNI}ZWDL*3a9zRW!aYm2WaDkv-_13Oq=;hyp&90t7`<<M
z-LLQ|vbU}&-Em+;!E0t?IduLxvCA|vscWf0%@ce29AjovVPpI<fp>JIAQ{7$k>Ti=
z!szq2biMG%nBcs(hT?p#&!{u3_Th(}>;0T9g0C#qEMDQp#B2*-df_YEU#&?*NXpyD
z*z|oVwWy7lf8&_XUB=tU+sN5MP@%FG(z_mB?J3J#Q*stP$!$|9<jff=;N~U%y*u4T
z;7J>M=*xcfCCVoEn7aN5i+$x$)v>C*n}%<Q74eO%+Lk5FS`?Odjh-`^P(8!<&mTTK
zPf*@1%~m;J6sL$ICw&n|+AO8;fRc%ICH_DEKyTeK{@+0&!Wfo&EJP@jD~9i0{_&7g
z#JzmX;{6+3=<h>L|2Q86jR8Ku;9%%K&-tjjC@Yx|!M&S)<%d;gW5;B=yfz=h<(cN5
zo>pqh^da{N(yOka%4gJ^LVAkwRKEum4P9ScepZ9<LkTATQ;jMOaoe)K%|vUbt^%o<
z`mzms-V-_md_KNA1FQ$zZ?kR-%`G>LEpBvSqyAA6w8D3IaK)JSnKAS%VPWA{v>emd
zP{GsBLG9WdxTU0qOExi{_WGi+<Vwr*ZPuleG7V;zk;wbDD@LZS=ym}h#bCqjTkP$w
z05%MAm}gV1uF!ii#r|!M*V`}#*`(r#e))^L%rw$eim%){cieXjtlZF7KsIiEIsiQz
zh~r%|)hm8M_zQx}v=}^G@~_8N;^M6j2l&t0!-C`vrBV_<r$lozuu_8zjEt2}3p2(n
zh&qe4iOFH!`a~eXen$EP(g8m}XrjC^`iTjBm`nPR0l%Ixs4wANzhzf?Vh0kyKA|?D
zzMt2a|Em|eVE}*$gPO)jGLbo&r00U|3tOI+RL=e|{Jj}FPc&bc*q3m`I)oxrt=MK}
z9*8_wx!qub;0!7s<u1?Vq@L}}zLQ3ifJoCP<T@G&5sy6P(NLxOkMhR>DPhIEw=%a_
zkmS?KC`PWC^T7_^r&gs!*2N<##T!`)sH+QgHO>1hsx`}E9tL9CH9-8bAKY4ogMqlI
z)bra3@H8uX!@)SuA0pf8>gG&9{g_JFX*Z8IGnnX?(vS$`DK8Ffi$(_mk=h48&QO|_
zpb%S;J;!!p+QsKIi-gX56Bng8ugfqu?uT9+M<fBV(0R=CC#=j{dHuYbSR)cxB|N_f
zS_i9Wjd~BRUroOJbwz9FvU&W;#0ITDA(ye22|lhD9#%K!hIsFAbo}$Dec=mMdT?o!
z%9ix>tWPFyDwAH@GA*2ieB<NRLUm5Hk)yk|941xdEFuc?r{%17tUb9+>*`wS6eWWb
zo6^sX?Um{ak+me5fnDUWW85PF{j;-Y$m7%9S_nG$i&f>4w!{JlB=jw)R|LC5j5#l7
z4B$ZkIgF{CabjlEWM{OT3>B+NZzyiH@OIkbxg47TUD#8s*+mtdQs>nR*fO`l+urXk
zOfH=LQ=M~MgzI3ZQKYj~(eKrPpZ2|(ZFb5@1bN)++6if&5>GrJPsfQMQIgEI84-sS
z?<;<W#X?t5NS~e7zs+Wf-YlPuh~o=hq=X0IvgAi1AN-teaFWuJA<zl75BVBeO(q~Z
zEKz-t4N6RvZx+g4WUFoU(4Zk5)?KB)_X$^k3l_Ya?q{+0q`_`h72_CPBO7s94vlz2
zz^wLwzZ$54<py1vZptMv(0NyZ{wV!xzQgRuk?44P-Q{3Fjn%IIR_CC{a!+RjNe=Fx
zK>rbq7d=U-ef0!BH9&eAAf!dx_l5t=*xtUr(9p~MqG9d_#DuSHMgLc==GTweV<+eX
z7KMn+?q==7(p$N^u38K{mnu8e&FO0vumYwN@)5I-D+E_#4ZQ(O_9tR0bI6+ZeV>n)
zPGyo)V~U1~RvT;S+_lKJ-)7seoxX(^yfyD#uQj&()skW}WHV;-)4IDrHctyP`F=<w
zJu>yCSF%?stS}m+6(D7#QXi|)8&&mG1^x;f`D215DZP!aYKS&w-88?t<dpK%k6gp=
zm0u~qE(rcO_8&@LVQ(<{a%bI_Mx(wvjBPky*REDE*7(FB=MnXVN{!A&D*SK&{_IGr
z$+&MGBS{n)j@Qpp{PmNujwsndieD0a6ywk1IxF%kjnpCTdYI^IshcayQuYjapLZ^r
zwym>%Txn6kGv_uez~R=7FQG5?Om9Azt7>F(tPWCqaF@AVKNTAoZ)(1z;GeN8)n3mq
z^-}Ng&ZBu{H)Tfg*|a|fEzX&n53XI41RdQe&c!ecH;~bJD&Xwpo!jv1b#yIFs<p_t
zJeheE_G#r@i^)jGf#?E%RHf4!qy*|#s<u0F%-O7b!{8WR$|?WB?P>}~@8Iosbfxm1
zr0%AYr<bR@9EB_%o^0d2Rk00)$BJ4yc@6VTCGOa9sdMQ~g-?jdLN0e*mf+PDYs}@*
zVYFcfoH{yqgB8ctau@3nQlAy8P3k@(3M<~0TMkXLqP8@QU=6pUVmg$#!zDi=kw{ms
zQpqq<I0a+ZO<46<NMG}_zOJzdZeB&rzh`0=z^lunDgA*j_Pr?MN!gEY@jA&baLAj2
z0<UiB${LBUaDwBBqncjKIwHcg;GRf9wNmlw62QCB?r=J$xMz+c{+3laaZJjTD*5tA
zA}odjvbGJJECS-R-VQCubGsX|DBXf9=A$hL#lF0es$(>ixLj=OU$M!2%EP2-C8-%!
zno2Jbx9cZIrw0xeh6jUo3iQ;>PcT9qxe8m??3Il5rm}IC)`z;z=TPC7!f_)!Y|FmR
zaO<yKDHG8WfiBfTx+P%E9M`PEtw#QwIJs;=sHvUZ2!_htH689R&FY;NMyr%Bt@2)>
zpP{b{D!Elt^~~1fNbLA7XjE4R*VC_+zt~7@ac-~}z2(5uUgExSZ{Hv3jkrAr?M-an
zdvc6;mQWR`rE52ge5!=Eg)(j~bOR@hdA~V3Z6t!5c=_y6ENHZZn+dm!g2DoMX7^%3
z^Nx;F&DkZ>U%yJNZ9O{@*1I9vGDHZ#j85n75cDZ>#`?}_plQY$d!9buERo%j?8D`E
zDB?PUI_nvr&ww?loLR1(UUUtxb~UGpbNO|*Y|S;V{(iaB`>8lQEpuG+W20y5!s1CN
z#sWO|I3v3QNAxu+CIzD4dS;>Q2~dB6t9Uk4fO)$gOj>NmV3A*92G|Lo2JzQ?Um)>c
zXdQ_+b+3NBq&lL$(P#z-p8|Vuh4V!ab|rjD?g^`vLUJb|9#uFZSEf7VAq@a_E9ZJb
zyYSAnICJSyC*}+MA>eJTxfqXQUYk0J|IgYotz{lAJ>G}!-#p)FI%z|`)3BY7R_=X$
zP0IJ0P?x&BODE+lV<XgxLGHN6eC~T<+lf@Hh_O;$u_U*@*WjFwuJy!xT+ferLcS?{
zte`Gx7fu%&!jE%!`#i=e7n^4K45fTc4=ZKv4}4+;)VL>RaF@7+)ZGo6N`CiYOW3=%
z;4G2}Wu}WNcXR7@R9l0#TnE=gvrQva({ARU*m?2qvhgV}P@5Da9`&5;gQq+bWuD*L
zdZ^1Ui1?wGN90z0n#bwUE2sA4H&#<;NMzyJbDw5K{50y(hjpKKc1r55;>58ys>!5y
zEIya8e|RoV1Sh*9DK^k&xjydb&9QIt6+6CDzQIxt=A7b=8A+MVfi^@2%knH0;Oox6
z0f;oU4hX$<FgwpQF*nA{&1p)#7AZ(<bnfKk{#eF2CrWW$dTDL5a`AwNNVuATKgrN4
zk@Zf^7TeVt4b+;>^9_~25F>f(^8!E|gd5a^{sllD0Iw9^wdjMgP-5+1h&&CtwQ%m`
zcD&`JjwY_2{RRj%6NpoAjjY{E`O1V|H#zX|1otM+T{4x&44lQ7IikaRwUUyu7w@)k
zfADnW=x4L$x!&4%?&nLPBGB=Dc3|_{izghtZpNe4Cicv#<9hZAqMp^``9RCo&Hy1_
zPiTF1oxE8K<8GI3t8oL*fWt?pVslNrdM1xfJC*UJj`dF;2y`CR#f)Of@-uogGJL+K
zwbw|eHSL>@<H$5$PPiWC&nx))3C6Vr%2-=JI}zv>n#%gmgt*oe1HlOa_whQTf6sVp
z4=@ov;NU|4qnPl2`!1lhA1Dx#2oa#Q&p-%NPf<bKU<fyeBOVMvVE^w2GYCQ}Ed<2L
z0X8r+U<E?;!K^@_u|DggcmRMEXb1x7!#JQ&4lcu584iR^1Y{5x^5}vahVbHlU$q`(
z2(+PG7{3kv=b?gfaDX|ejH&(y193h+RR8&k%KCpXC<Fj{%;NX+Ukt<vgFZ@7{2POT
zL67JCVF<Kv5Cr<TujJp~a&f^PXaE1gz#JgZqZ-7&F%X2~&)PVkoRB{;Fp!huk;8x4
za)6-!i4^{b{x?)G5CVIYCHPlC2p0tQC^_*j3=DvB{#gkG41)d@AP@}rD|JpTjz=Ae
z|Igp=`T+nC>~9tTAPDE5%mBbZ*q@nzxE>|+{?Fn6`hx=hQOSR>M_aBxZ2>Sikn7Lv
zK#%PI=@1MC{6+s`#hibZ1HoXwg&lrB|78^b0|EbJ0l)?P{R0mGc+CI51woJCpBaN-
zT!25Rel-4zejpGC{W}rRZ)K5x1q0#)K>iubfB1hi=KLr4+X4sya{bx8L0peC{N)h%
zS2F=2AmE>g069Uw<tzRj3>O&wSLXt8f`1E@{Hx%jG3-x=ARq|%7yVoi=wFp^{@tk`
zZNdN3Oz?lu4*~y+n%@zCxH$eAVvqXme-Cm9_^;j%f<2CtKN10PL4OOl{9kgv`3Hj^
zUH%jNjd8&Kq7?#$LI3Pr5H8Ng9`p}~kFOkH0PxRd;(&p`e=_qpI5~{|0v~DpSA@TV
z0fIUIY!WaC4E-B>>>z&x0|mjLT=8D~2;>OR_!NEwDji`k3@8YI34=MgAP^vc3nT&*
werygQVJ;yNAr6QTKkxr<3GLsyJoXOyb`H*VM#dOW2oT1JK}RPlCx-F=0HwE%)Bpeg

diff --git a/tzpfms.ps b/tzpfms.ps
index 26b6f2e..0a1466e 100644
--- a/tzpfms.ps
+++ b/tzpfms.ps
@@ -1,15 +1,15 @@
 %!PS-Adobe-3.0
 %%Creator: groff version 1.23.0
-%%CreationDate: Sun Mar 10 02:34:25 2024
+%%CreationDate: Sun Mar 10 03:22:22 2024
 %%DocumentNeededResources: font Times-Roman
 %%+ font Times-Bold
 %%+ font Courier-Bold
 %%+ font Courier-Oblique
 %%+ font Courier
-%%+ font Symbol
 %%+ font Times-Italic
+%%+ font Symbol
 %%DocumentSuppliedResources: procset grops 1.23 0
-%%Pages: 10
+%%Pages: 15
 %%PageOrder: Ascend
 %%DocumentMedia: Default 595 842 0 () ()
 %%Orientation: Portrait
@@ -237,8 +237,8 @@ setpacking
 %%IncludeResource: font Courier-Bold
 %%IncludeResource: font Courier-Oblique
 %%IncludeResource: font Courier
-%%IncludeResource: font Symbol
 %%IncludeResource: font Times-Italic
+%%IncludeResource: font Symbol
 grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
 def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 /Zcaron/scaron/zcaron/Ydieresis/trademark/quotesingle/Euro/.notdef
@@ -276,20 +276,389 @@ def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 %%BeginPageSetup
 BP
 %%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-ADD-B)72 48 Q -.4(AC)-.35 G 42.103
+(KUP\(8\) System).4 F(Manager')2.5 E 2.5(sM)-.55 G 39.602
+(anual ZFS-FIDO2-ADD-B)-2.5 F -.4(AC)-.35 G(KUP\(8\)).4 E/F1 10
+/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-add-backup)108 96 Q F0 2.5<8a61>2.5 G(llo)-2.5 E 2.5(wa)-.25
+G(nother FIDO2 de)-2.5 E(vice to unlock ZFS dataset)-.25 E F1(SYNOPSIS)
+72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0
+SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After)108 153.6 Q/F4 10
+/Courier@0 SF(zfs-fido2-change-key)7.564 E F0 5.064(\(8\) deri)B -.15
+(ve)-.25 G 7.563(st).15 G 5.063(he k)-7.563 F 5.363 -.15(ey f)-.1 H
+5.063(or a dataset from a FIDO2 de).15 F(vice,)-.25 E F2
+(zfs-fido2-add-backup)108 165.6 Q F0(may be e)2.5 E -.15(xe)-.15 G
+(cuted to e).15 E(xtend this to an)-.15 E 2.5(yn)-.15 G
+(umber of additional de)-2.5 E(vices.)-.25 E .273(First, the wrapping k)
+108 182.4 R .574 -.15(ey i)-.1 H 2.774(se).15 G .274
+(xtracted as normally during)-2.924 F F4(zfs-fido2-load-key)2.774 E F0
+.274(\(8\), then a credential)B 1.604(is made as-if during)108 194.4 R
+F4(zfs-fido2-change-key)4.104 E F0 1.604(\(8\) \(e)B 1.604
+(xcept the "primary" de)-.15 F 1.603(vice and all the ones)-.25 F .185
+(holding backups are e)108 206.4 R .185(xcluded from the search\); ho)
+-.15 F(we)-.25 E -.15(ve)-.25 G .985 -.4(r, t).15 H(he).4 E F4
+(hmac-secret)2.685 E F0 .185(is instead used as a sym-)2.685 F 1.555
+(metric AES-256-GCM \()108 218.4 R F4(EVP_CIPHER-AES)A F0 1.555
+(\(7ssl\)\) k)B 1.855 -.15(ey t)-.1 H 4.055(oe).15 G 1.555
+(ncrypt the wrapping k)-4.055 F 1.855 -.15(ey d)-.1 H 1.555
+(irectly with a).15 F(random IV)108 230.4 Q(.)-1.29 E(This turns the)108
+247.2 Q F4(xyz.nabijaczleweli:tzpfms.key)2.5 E F0 -.25(va)2.5 G
+(riable into).25 E F3(salt)108 259.2 Q F2(:)A F3(credential-ID)A F2(:)A
+F3(credential-public-key)A F0([)A F2(.)A F3(backup-salt)A F2(:)A F3
+(backup-credential-ID)108 271.2 Q F2(:)A F3
+(backup-credential-public-key)A F2(:)A F3(IV)A F2(:)A F3(encrypted-key)A
+F0 1.666(]...)C F4(tzpfms.key)108 288 Q F0 2.238
+(is actually a dot-separated list of de)4.738 F 2.238(vice b)-.25 F
+4.738(undles. The)-.2 F 2.239(\214rst one is as-described in)4.738 F F4
+(zfs-fido2-change-key)108 300 Q F0 5.181(\(8\). Subsequent)B 2.681
+(ones also include \(identically-encoded\) IVs and en-)5.181 F
+(crypted blobs.)108 312 Q F4(zfs-fido2-load-key)108 328.8 Q F0 .081
+(\(8\) shops assertions around de)B .081(vices in a de)-.25 F .082
+(vice-major order \212 depending on)-.25 F(de)108 340.8 Q
+(vice numbering, a backup may be loaded e)-.25 E -.15(ve)-.25 G 2.5(ni)
+.15 G 2.5(ft)-2.5 G(he primary de)-2.5 E(vice is present.)-.25 E F1
+(ENVIR)72 357.6 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4
+(TZPFMS_PASSPHRASE_HELPER)108 369.6 Q F0 .046(By def)133 381.6 R .045(a\
+ult, passphrases are prompted for and read in on the standard output an\
+d input streams.)-.1 F(If)5.045 E F4(TZPFMS_PASSPHRASE_HELPER)133 393.6
+Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G
+1.596(ill be run via)-4.096 F F4(/bin/)4.096 E F2 3.262(sh \255c)B F0
+(to)4.096 E(pro)133 405.6 Q(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 422.4 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 434.4 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 446.4 Q F0
+(Pre-formatted noun phrase with all the information belo)160 446.4 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 458.4 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 458.4 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 470.4 Q F0("ne)160
+470.4 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 482.4 Q F0("ag)160 482.4 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 499.2 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+511.2 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 528 R(En)87 540 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 552 Q F0
+(If set, enables lib\214do2 deb)173 552 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 568.8 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 580.8 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 592.8 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 609.6 R F0
+(The lib\214do2 documentation at https://de)108 621.6 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 638.4 R
+F0 1.6 -.8(To a)108 650.4 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 662.4 Q F0(ThePhD)7.5 E F1<83>
+128 674.4 Q F0(Embark Studios)7.5 E F1<83>128 686.4 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 698.4 Q F0(EvModder)7.5 E F1(REPOR)72 715.2 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 727.2 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 744 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 756 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 2
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
+SF(zfs-fido2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
+-2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne authenticated by a FIDO2 de)
+-2.5 E(vice)-.25 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108
+124.8 Q F0([)2.5 E F2<ad62>1.666 E/F3 10/Courier-Oblique@0 SF
+(backup-file)6 E F0(])A F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0
+2.867 -.8(To n)108 153.6 T 1.267(ormalise the).8 F F3(dataset)3.767 E F0
+(,)A F2(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the FIDO2 de)108 194.4 Q(vice, which)
+-.25 E F4(must)2.5 E F0(support the)2.5 E F5(hmac-secret)2.5 E F0 -.15
+(ex)2.5 G(tension.).15 E(If)108 211.2 Q F3(dataset)3.555 E F0 -.1(wa)
+3.555 G 3.555(sp).1 G(re)-3.555 E 1.054(viously encrypted with)-.25 F F2
+(fzifdso)3.554 E F0 1.054(and the)3.554 F F1(FIDO2)3.554 E F0 1.054
+(back-end w)3.554 F 1.054(as used, pre)-.1 F(vious)-.25 E 1.272
+(credentials will be deleted from their de)108 223.2 R 1.272
+(vices \(as-if via)-.25 F F5(zfs-fido2-clear-key)3.773 E F0 1.273
+(\(8\)\), if a)B -.25(va)-.2 G(ilable.).25 E .594
+(Otherwise, or in case of an error)108 235.2 R 3.093(,d)-.4 G .593
+(ata required for manual interv)-3.093 F .593
+(ention will be written to the standard)-.15 F(error stream.)108 247.2 Q
+(Ne)108 264 Q .464(xt, a ne)-.15 F 2.964(wc)-.25 G .464
+(redential of type ES256 is generated on the de)-2.964 F .465
+(vice \(with relying party ID)-.25 F F5(fzifdso)2.965 E F0(and)2.965 E
+.499(name equal to the dataset name\) with the)108 276 R F5(hmac-secret)
+2.999 E F0 -.15(ex)2.999 G .499(tension requested; the de).15 F .499
+(vice PIN, if an)-.25 F -.65(y,)-.15 G(is prompted for here.)108 288 Q
+(This mimicks a W)5 E(ebAuthn re)-.8 E(gistration step.)-.15 E .962(The\
+n, the credential is asserted with a 32-byte random salt, which hashes \
+it with de)108 304.8 R(vice-pri)-.25 E -.25(va)-.25 G .963(te data,).25
+F .138(and thus generates the wrapping k)108 316.8 R .438 -.15(ey \()-.1
+H .138(which is optionally back).15 F .138(ed up \(see)-.1 F F1(OPTIONS)
+2.637 E F0 2.637(\)\). This)B .137(mimicks a)2.637 F -.8(We)108 328.8 S
+(bAuthn login step.).8 E(The follo)108 345.6 Q
+(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
+357.6 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(FIDO2)A<83>
+128 369.6 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3(salt)A F2
+(:)A F3(credential-ID)A F2(:)A F3(credential-public-key)139 381.6 Q F0
+([)A F2(.)A F0 1.666(...)1.666 G 1.666(]...)-1.666 G F5(tzpfms.backend)
+108 398.4 Q F0 2.707(identi\214es this dataset for w)5.207 F 2.708
+(ork with)-.1 F F1(FIDO2)5.208 E F0(-back-ended)A F2(tzpfms)5.208 E F0
+2.708(tools \(i.e.)5.208 F F2(fzifdso)108 410.4 Q F5
+(zfs-fido2-change-key)60.228 E F0(\(8\),)A F5(zfs-fido2-load-key)56.727
+E F0(\(8\),)A F5(zfs-fido2-add-backup)108 422.4 Q F0(\(8\), and)A F5
+(zfs-fido2-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 439.2 Q F0
+.486(is a colon-separated tuple of unpadded URL-safe base64 blobs; the \
+\214rst one is the ran-)2.985 F .217(dom salt; the second represents th\
+e ID of created credential, and the third \211 its public k)108 451.2 R
+-.15(ey)-.1 G 5.217(.T)-.5 G .216(here e)-5.217 F(xists)-.15 E
+(no other user)108 463.2 Q
+(-land tool for deciphering this; perhaps there should be.)-.2 E
+(Finally)108 480 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25
+G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.172 E F5
+(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5(keyformat=raw)108 492 Q
+F3(dataset)6.107 E F0 .107(is performed with the ne)2.607 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .106(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
+(to clean up the properties, or to issue a note for manual interv)108
+504 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 520.8
+S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-fido2-load-key \255n)4.056 F F3(dataset)7.556 E F0
+6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
+(command succeeds, all is well, b)108 532.8 R .729
+(ut otherwise the dataset can be manually rolled back to a passphrase)
+-.2 F(with)108 544.8 Q F2(zfs-fido2-clear-key)5.146 E F3(dataset)8.646 E
+F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
+10.313 E F5(keyformat=passphrase)108 556.8 Q F3(dataset)6 E F0
+(\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
+F2(zfs-fido2-clear-key)108 573.6 Q F3(dataset)7.607 E F0 1.607
+(can be used to clear the properties and go back to using a)4.107 F
+(passphrase.)108 585.6 Q F1(OPTIONS)72 602.4 Q F2<ad62>109.666 614.4 Q
+F3(backup-file)6 E F0(Sa)203 614.4 Q .352 -.15(ve a b)-.2 H .052
+(ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
+F .694(This back-up)203 626.4 R F4(must)3.194 E F0 .694
+(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 638.4 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 650.4 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F1(ENVIR)72 667.2 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35
+E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q F0 .045(By def)133 691.2 R
+.045(ault, passphrases are prompted for and read in on the standard out\
+put and input streams.)-.1 F(If)5.046 E F5(TZPFMS_PASSPHRASE_HELPER)133
+703.2 Q F0 1.596(is set and nonempty)4.096 F 4.096(,i)-.65 G 4.096(tw)
+-4.096 G 1.596(ill be run via)-4.096 F F5(/bin/)4.095 E F2 3.261
+(sh \255c)B F0(to)4.095 E(pro)133 715.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 732 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(fzifdso 0)72 817.889 Q
+(March 4, 2024)161.068 E(1)191.337 E 0 Cg EP
+%%Page: 2 3
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 136.8 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
+1.666(FIDO2 back-end con\214guration)72 165.6 R(En)87 177.6 Q(vir)-.4 E
+.625(onment v)-.18 F(ariables)-.1 E F1(FIDO_DEBUG)108 189.6 Q F0
+(If set, enables lib\214do2 deb)173 189.6 Q
+(ug logging to the standard error stream.)-.2 E F2(De)87 206.4 Q .625
+(vice selection)-.15 F F0 .726(When creating, the \214rst de)108 218.4 R
+.726(vice which supports the)-.25 F F1(hmac-secret)3.227 E F0 -.15(ex)
+3.227 G .727(tension is used.).15 F .727(When loading,)5.727 F
+(the assertion is shopped around to e)108 230.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F2 .625(See also)87 247.2 R F0
+(The lib\214do2 documentation at https://de)108 259.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F2 1.666(SPECIAL THANKS)72 276 R
+F0 1.6 -.8(To a)108 288 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F2<83>128 300 Q F0(ThePhD)7.5 E F2<83>128
+312 Q F0(Embark Studios)7.5 E F2<83>128 324 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F2<83>128 336 Q F0(EvModder)7.5 E F2(REPOR)72 352.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 364.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F1
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 381.6 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 393.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(March 4, 2024)161.068 E(2)191.337 E 0 Cg EP
+%%Page: 1 4
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 50.243(ZFS-FIDO2-CLEAR-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 47.742(anual ZFS-FIDO2-CLEAR-KEY\(8\))-2.5
+F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-clear-key)108 96 Q F0 3.587<8a72>3.587 G -.25(ew)-3.587 G
+1.087(rap ZFS dataset k).25 F 1.387 -.15(ey i)-.1 H 3.587(np).15 G
+(asssw)-3.587 E 1.087(ord and clear tzpfms FIDO2 meta-)-.1 F(data)108
+108 Q F1(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(FIDO2)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F
+-.25(va)-.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.307 E/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. loads)118
+201.6 R .79(the primary and e)3.29 F -.15(ve)-.25 G .79
+(ry backup credential, and for each success, if the de).15 F .791
+(vice containing it)-.25 F(supports the)133 213.6 Q F4(credMgmt)2.5 E F0
+(feature and has a PIN set, tries to delete the credential from the de)
+2.5 E(vice,)-.25 E 5(3. remo)118 225.6 R -.15(ve)-.15 G 10.689(st).15 G
+(he)-10.689 E F4(xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A
+F0(,)A F4(key)14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3
+(dataset)133 237.6 Q F0(.)A -.15(Fo)108 254.4 S 5.859(re).15 G -.15(ve)
+-6.109 G 3.359(ry remo).15 F -.25(va)-.15 G 5.859(lf).25 G 3.359
+(ailure and missing de)-5.959 F 3.36
+(vice or PIN an instruction for manual remo)-.25 F -.25(va)-.15 G 5.86
+(lw).25 G(ith)-5.86 E F4(fido2-token)108 266.4 Q F0(\(1\) is issued.)A
+(See)108 283.2 Q F4(zfs-fido2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(ENVIR)72 300 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 312 Q F0 .046
+(By def)133 324 R .045(ault, passphrases are prompted for and read in o\
+n the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 336 Q F0 1.595(is set and nonempty)4.095 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 348 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 364.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 376.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 388.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 388.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 400.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 400.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 412.8 Q F0("ne)160
+412.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 424.8 Q F0("ag)160 424.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 441.6 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+453.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 470.4 R(En)87 482.4 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 494.4 Q F0
+(If set, enables lib\214do2 deb)173 494.4 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 511.2 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 523.2 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 535.2 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 552 R F0
+(The lib\214do2 documentation at https://de)108 564 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 580.8 R
+F0 1.6 -.8(To a)108 592.8 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 604.8 Q F0(ThePhD)7.5 E F1<83>
+128 616.8 Q F0(Embark Studios)7.5 E F1<83>128 628.8 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 640.8 Q F0(EvModder)7.5 E F1(REPOR)72 657.6 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 669.6 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 686.4 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 698.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(March 4, 2024)161.068 E(1)191.337 E 0 Cg EP
+%%Page: 1 5
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-LO)72 48 Q 55.603(AD-KEY\(8\) System)
+-.35 F(Manager')2.5 E 2.5(sM)-.55 G 53.102(anual ZFS-FIDO2-LO)-2.5 F
+(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
+/Courier-Bold@0 SF(zfs-fido2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
+(oad FIDO2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 1.142(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.642 E F0 -.1
+(wa)3.642 G 3.641(se).1 G 1.141(ncrypted with)-3.641 F F2(tzpfms)3.641 E
+F0(back)3.641 E(end)-.1 E F1(FIDO2)3.641 E F0 3.641(,a)C 1.141
+(sserts the preserv)-3.641 F 1.141(ed chal-)-.15 F(lenge, HMA)108 165.6
+Q(Cking the salt with the on-de)-.4 E
+(vice secret, and loads the resulting k)-.25 E .3 -.15(ey i)-.1 H(nto)
+.15 E F3(dataset)2.5 E F0(.)A(See)108 182.4 Q/F4 10/Courier@0 SF
+(zfs-fido2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
+(OPTIONS)72 199.2 Q F2<ad6e>109.666 211.2 Q F0 3.208
+(Do a no-op/dry run, can be used e)131 211.2 R -.15(ve)-.25 G 5.708(ni)
+.15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708
+(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.208 E -.25(va)-.25 G
+3.208(lent to).25 F F2(zfs)5.708 E(load-key)131 223.2 Q F0 -.55('s)C F2
+<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 240 Q 1.666(ONMENT V)-.3 F
+(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 252 Q F0 .046(By def)
+133 264 R .045(ault, passphrases are prompted for and read in on the st\
+andard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 276 Q F0 1.595(is set and nonempty)4.095 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 288 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 304.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 316.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 328.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 328.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 340.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 340.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 352.8 Q F0("ne)160
+352.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 364.8 Q F0("ag)160 364.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 381.6 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+393.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666(SPECIAL THANKS)
+72 410.4 R F0 1.6 -.8(To a)108 422.4 T(ll who support further de).8 E
+-.15(ve)-.25 G(lopment, in particular:).15 E F1<83>128 434.4 Q F0
+(ThePhD)7.5 E F1<83>128 446.4 Q F0(Embark Studios)7.5 E F1<83>128 458.4
+Q F0(Jasper Bekk)7.5 E(ers)-.1 E F1<83>128 470.4 Q F0(EvModder)7.5 E F1
+(REPOR)72 487.2 Q 1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108
+499.2 Q(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 516 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 528 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 6
+%%BeginPageSetup
+BP
+%%EndPageSetup
 /F0 10/Times-Roman@0 SF 93.563(ZFS-TPM-LIST\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 91.062(anual ZFS-TPM-LIST\(8\))-2.5 F/F1
 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm-list)108 96 Q F0 2.5<8a70>2.5 G(rint dataset tzpfms metadata)
--2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
-<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10
-/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A F2
-<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
-<ad6c>1.666 E F0(])A([)186 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
+-2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)
+2.5 E F2<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E
+/F3 10/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A
+F2<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
+<ad6c>1.666 E F0(])A([)234 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
 1.666(]...)C F1(DESCRIPTION)72 153.6 Q F0(Lists the follo)108 165.6 Q
 (wing properties on encryption roots:)-.25 E/F4 10/Courier@0 SF(name)128
-177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.979 E F0
+177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.978 E F0
 .478(back-end \(e.g.)2.978 F F1(TPM2)2.978 E F0(for)2.978 E F4
-(zfs-tpm2-change-key)2.978 E F0 .478(\(8\) or)B F1(TPM1.X)2.978 E F0
+(zfs-tpm2-change-key)2.978 E F0 .478(\(8\) or)B F1(TPM1.X)2.979 E F0
 (for)187 201.6 Q F4(zfs-tpm1x-change-key)2.5 E F0(\(8\)\), or ")A F1(-)A
 F0 2.5("i)C 2.5(fn)-2.5 G(one is con\214gured)-2.5 E F4(keystatus)128
 213.6 Q F1 -2.1 -.25(av a)187 213.6 T(ilable).25 E F0(or)2.5 E F1(una)
@@ -300,18 +669,18 @@ F0 2.5("i)C 2.5(fn)-2.5 G(one is con\214gured)-2.5 E F4(keystatus)128
 2.5 E F1(no)2.5 E F0(otherwise)2.5 E 8.743(Incoherent datasets require \
 immediate operator attention, with either the appropriate)108 254.4 R F2
 (zfs-tpm)108 266.4 Q/F5 10/Symbol SF(*)A F2(-clear-key)A F0 1.778
-(program or)4.277 F F2 1.778(zfs change-key)4.278 F F0(and)4.278 E F2
+(program or)4.278 F F2 1.778(zfs change-key)4.278 F F0(and)4.278 E F2
 1.778(zfs inherit)4.278 F F0 4.278<8a69>4.278 G 4.278(ft)-4.278 G 1.778
-(he k)-4.278 F 2.078 -.15(ey b)-.1 H(e-).15 E .566(comes unloaded, the)
-108 278.4 R 3.066(yw)-.15 G .566(ill require restoration from back-up.)
--3.066 F(Ho)5.566 E(we)-.25 E -.15(ve)-.25 G 1.366 -.4(r, t).15 H .566
-(his should ne).4 F -.15(ve)-.25 G 3.065(ro).15 G(ccur)-3.065 E 3.065
-(,u)-.4 G(nless)-3.065 E
+(he k)-4.278 F 2.077 -.15(ey b)-.1 H(e-).15 E .565(comes unloaded, the)
+108 278.4 R 3.065(yw)-.15 G .566(ill require restoration from back-up.)
+-3.065 F(Ho)5.566 E(we)-.25 E -.15(ve)-.25 G 1.366 -.4(r, t).15 H .566
+(his should ne).4 F -.15(ve)-.25 G 3.066(ro).15 G(ccur)-3.066 E 3.066
+(,u)-.4 G(nless)-3.066 E
 (something went horribly wrong with the dataset properties.)108 290.4 Q
 .965(If no datasets are speci\214ed, all matching encryption roots are \
-listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
+listed \212 by def)108 307.2 R .965(ault, those managed by)-.1 F F2
 (tzpfms)108 319.2 Q F0(.)A F1(OPTIONS)72 336 Q F2<ad48>109.666 348 Q F0
-1.583(Scripting mode \212 remo)185 348 R 1.883 -.15(ve h)-.15 H 1.583
+1.582(Scripting mode \212 remo)185 348 R 1.882 -.15(ve h)-.15 H 1.583
 (eaders and separate \214elds by a single tab instead of).15 F
 (columnating them with spaces.)185 360 Q F2<ad72>109.666 376.8 Q F0
 (Recurse into all descendants of speci\214ed datasets.)185 376.8 Q F2
@@ -326,26 +695,28 @@ listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
 G(re una)-2.5 E -.25(va)-.2 G(ilable.).25 E F2<ad6c>109.666 446.4 Q F0
 (List only encryption roots whose k)185 446.4 Q -.15(ey)-.1 G 2.5(sa).15
 G(re a)-2.5 E -.25(va)-.2 G(ilable.).25 E F1(EXAMPLES)72 463.2 Q F4($)
-108 475.2 Q F2(zfs-tpm-list)6 E F4 72(NAME BACK-END)108 487.2 R 18
-(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
+108 475.2 Q F2(zfs-fido2-add-backup)6 E F4 72(NAME BACK-END)108 487.2 R
+18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
 (available yes)24 F 6(tarta-zoot/home TPM2)108 511.2 R 6
-(unavailable yes)36 F($)108 535.2 Q F2 1.666(zfs-tpm-list \255ad0)6 F F4
-24(NAME BACK-END)108 547.2 R 6(KEYSTATUS COHERENT)12 F 6(filling -)108
-559.2 R 6(available yes)54 F($)108 583.2 Q F2 1.666(zfs-tpm-list \255b)6
-F F1(TPM2)6 E F4 72(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F
-6(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
-F2 1.666(zfs-tpm-list \255ra)6 F F3(tarta-zoot)6 E F4 72(NAME BACK-END)
-108 643.2 R 18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 655.2 R
-18(available yes)24 F 6(tarta-zoot/home TPM2)108 667.2 R 6
-(unavailable yes)36 F 12(tarta-zoot/bkp -)108 679.2 R 18(available yes)
-54 F 18(tarta-zoot/vm -)108 691.2 R 18(available yes)54 F($)108 715.2 Q
-F2 1.666(zfs-tpm-list \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
+(unavailable yes)36 F($)108 535.2 Q F2 1.666
+(zfs-fido2-add-backup \255ad0)6 F F4 24(NAME BACK-END)108 547.2 R 6
+(KEYSTATUS COHERENT)12 F 6(filling -)108 559.2 R 6(available yes)54 F($)
+108 583.2 Q F2 1.666(zfs-fido2-add-backup \255b)6 F F1(TPM2)6 E F4 72
+(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F 6
+(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
+F2 1.666(zfs-fido2-add-backup \255ra)6 F F3(tarta-zoot)6 E F4 72
+(NAME BACK-END)108 643.2 R 18(KEYSTATUS COHERENT)12 F 36
+(tarta-zoot TPM1.X)108 655.2 R 18(available yes)24 F 6
+(tarta-zoot/home TPM2)108 667.2 R 6(unavailable yes)36 F 12
+(tarta-zoot/bkp -)108 679.2 R 18(available yes)54 F 18(tarta-zoot/vm -)
+108 691.2 R 18(available yes)54 F($)108 715.2 Q F2 1.666
+(zfs-fido2-add-backup \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
 (KEYSTATUS COHERENT)12 F 54(filling -)108 739.2 R 6(available yes)54 F
 36(tarta-zoot TPM1.X)108 751.2 R 6(available yes)24 F 12
 (tarta-zoot/bkp -)108 763.2 R 6(available yes)54 F 18(tarta-zoot/vm -)
 108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-32-g56ada0e)72 817.889
 Q(December 4, 2022)84.143 E(1)183.842 E 0 Cg EP
-%%Page: 2 2
+%%Page: 2 7
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -358,11 +729,11 @@ BP
 (EvModder)7.5 E F1(REPOR)72 160.8 Q 1.666(TING B)-.4 F(UGS)-.1 E F0
 (https://todo.sr)108 172.8 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms)-.25
 E/F2 10/Courier@0 SF(\001nabijaczleweli/tzpfms@lists.sr.ht)108 189.6 Q
-F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 201.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q(December 4, 2022)84.143 E
 (2)183.842 E 0 Cg EP
-%%Page: 1 3
+%%Page: 1 8
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -371,159 +742,161 @@ BP
 -2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
 SF(zfs-tpm1x-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
 -2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3
-(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T
-5.267(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766
-E F0 5.266(will open its encryption root in its stead.)7.766 F F2
-(zfs-tpm-list)108 165.6 Q F0(will)2.5 E/F4 10/Times-Italic@0 SF(ne)2.5 E
-(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)
--2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
-(First, a connection is made to the TPM, which)108 182.4 Q F4(must)2.5 E
-F0(be TPM-1.X-compatible.)2.5 E(If)108 199.2 Q F3(dataset)3.176 E F0 -.1
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666
+E F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 2.866 -.8(To n)108 153.6
+T 1.266(ormalise the).8 F F3(dataset)3.766 E F0(,)A F2
+(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.655 E/F4 10/Times-Italic@0
+SF(ne)14.655 E(ver)-.15 E F0 12.154(create or destro)14.655 F 14.654(ye)
+-.1 G 12.154(ncryption roots; use)-14.654 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 194.4 Q F4(must)2.5 E
+F0(be TPM-1.X-compatible.)2.5 E(If)108 211.2 Q F3(dataset)3.176 E F0 -.1
 (wa)3.176 G 3.176(sp).1 G(re)-3.176 E .676(viously encrypted with)-.25 F
 F2(tzpfms)3.176 E F0 .676(and the)3.176 F F1(TPM1.X)3.176 E F0 .676
 (back-end w)3.176 F .676(as used, the meta-)-.1 F .926
-(data will be silently cleared.)108 211.2 R .926
+(data will be silently cleared.)108 223.2 R .926
 (Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
 (ata required for manual interv)-3.426 F(ention)-.15 E
-(will be written to the standard error stream.)108 223.2 Q(Ne)108 240 Q
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
 .294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
 (ey i)-.1 H 2.794(sg).15 G .294(enerated on the TPM, optionally back)
 -2.794 F .294(ed up \(see)-.1 F F1(OPTIONS)2.794 E F0 .294
 (\), and sealed)B .586(on the TPM; the user is prompted for an optional\
- passphrase to protect the k)108 252 R .885 -.15(ey w)-.1 H .585
-(ith, and for the SRK).15 F(passphrase, set when taking o)108 264 Q
+ passphrase to protect the k)108 264 R .885 -.15(ey w)-.1 H .585
+(ith, and for the SRK).15 F(passphrase, set when taking o)108 276 Q
 (wnership, if not "well-kno)-.25 E(wn" \(all zeroes\).)-.25 E(The follo)
-108 280.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
-<83>128 292.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
-(TPM1.X)A<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
+108 292.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
+<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
+(TPM1.X)A<83>128 316.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
 F3(parent-key-blob)A F2(:)A F3(sealed-object-blob)A F5(tzpfms.backend)
-108 321.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
+108 333.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
 (ork with)-.1 F F1(TPM1.X)2.792 E F0(-back-ended)A F2(tzpfms)2.792 E F0
-.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 333.6 Q F0
+.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 345.6 Q F0
 (\(8\),)A F5(zfs-tpm1x-load-key)2.5 E F0(\(8\), and)A F5
-(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 350.4 Q F0
+(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 362.4 Q F0
 1.412(is a colon-separated pair of he)3.913 F 1.412
 (xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .867
-(\214rst one represents the RSA k)108 362.4 R 1.167 -.15(ey p)-.1 H .868
+(\214rst one represents the RSA k)108 374.4 R 1.167 -.15(ey p)-.1 H .868
 (rotecting the blob, and it is protected with either the passphrase, if)
-.15 F(pro)108 374.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
+.15 F(pro)108 386.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
 (CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.913 E F0 3.913(;t)C 1.413
 (he sec-)-3.913 F .379
-(ond represents the sealed object containing the wrapping k)108 386.4 R
+(ond represents the sealed object containing the wrapping k)108 398.4 R
 -.15(ey)-.1 G 2.879(,a)-.5 G .379
 (nd is protected with the SHA1 constant)-2.879 F F5
-(B9EE715DBE4B243FAA81EA04306E063710383E35)108 398.4 Q F0 6.721(.T)C
+(B9EE715DBE4B243FAA81EA04306E063710383E35)108 410.4 Q F0 6.721(.T)C
 1.721(here e)-6.721 F 1.721(xists no other user)-.15 F 1.72
 (-land tool for)-.2 F(decrypting this; perhaps there should be.)108
-410.4 Q(Finally)108 427.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
+422.4 Q(Finally)108 439.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
 -.25(va)-.25 G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F
 <ad6f>17.172 E F5(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5
-(keyformat=raw)108 439.2 Q F3(dataset)6.107 E F0 .107
+(keyformat=raw)108 451.2 Q F3(dataset)6.107 E F0 .107
 (is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G 5.106
 (.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
 (rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
 (to clean up the properties, or to issue a note for manual interv)108
-451.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 468
+463.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 480
 S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
 -.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.556 E F0
 6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
-(command succeeds, all is well, b)108 480 R .729
+(command succeeds, all is well, b)108 492 R .729
 (ut otherwise the dataset can be manually rolled back to a passphrase)
--.2 F(with)108 492 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
+-.2 F(with)108 504 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
 F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
 2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
-10.313 E F5(keyformat=passphrase)108 504 Q F3(dataset)6 E F0
+10.313 E F5(keyformat=passphrase)108 516 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm1x-clear-key)108 520.8 Q F3(dataset)7.607 E F0 1.607
+F2(zfs-tpm1x-clear-key)108 532.8 Q F3(dataset)7.607 E F0 1.607
 (can be used to clear the properties and go back to using a)4.107 F
-(passphrase.)108 532.8 Q F1(OPTIONS)72 549.6 Q F2<ad62>109.666 561.6 Q
-F3(backup-file)6 E F0(Sa)203 561.6 Q .352 -.15(ve a b)-.2 H .052
+(passphrase.)108 544.8 Q F1(OPTIONS)72 561.6 Q F2<ad62>109.666 573.6 Q
+F3(backup-file)6 E F0(Sa)203 573.6 Q .352 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
 E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
-F .694(This back-up)203 573.6 R F4(must)3.194 E F0 .694
+F .694(This back-up)203 585.6 R F4(must)3.194 E F0 .694
 (be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
 (-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 585.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 597.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 614.4 Q F3(PCR)6 E F0([)A F2(,)A F3
-(PCR)A F0 1.666(]...)C .638(Bind the k)203 614.4 R .939 -.15(ey t)-.1 H
+(nt,).15 E(the k)203 597.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 609.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 626.4 Q F3(PCR)6 E F0([)A F2(,)A F3
+(PCR)A F0 1.666(]...)C .638(Bind the k)203 626.4 R .939 -.15(ey t)-.1 H
 3.139(os).15 G .639(pace- or comma-separated)-3.139 F F3(PCR)3.139 E F0
 3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .639
-(hange, the wrap-)-3.139 F .463(ping k)203 626.4 R .763 -.15(ey w)-.1 H
+(hange, the wrap-)-3.139 F .463(ping k)203 638.4 R .763 -.15(ey w)-.1 H
 .463(ill not be able to be unsealed.).15 F .462
-(The minimum number of PCRs for a)5.462 F(PC TPM is)203 638.4 Q F1(24)
+(The minimum number of PCRs for a)5.462 F(PC TPM is)203 650.4 Q F1(24)
 2.5 E F0(\(numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0 2.5(]\). F)B
-(or most, this is also the maximum.)-.15 E F1(ENVIR)72 655.2 Q 1.666
-(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q
-F0 .045(By def)133 679.2 R .045(ault, passphrases are prompted for and \
+(or most, this is also the maximum.)-.15 E F1(ENVIR)72 667.2 Q 1.666
+(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q
+F0 .045(By def)133 691.2 R .045(ault, passphrases are prompted for and \
 read in on the standard output and input streams.)-.1 F(If)5.046 E F5
-(TZPFMS_PASSPHRASE_HELPER)133 691.2 Q F0 1.596(is set and nonempty)4.096
+(TZPFMS_PASSPHRASE_HELPER)133 703.2 Q F0 1.596(is set and nonempty)4.096
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F5
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 703.2 Q
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 715.2 Q
 (vide each passphrase, instead.)-.15 E .643
-(The standard output stream of the helper is tied to an anon)133 720 R
+(The standard output stream of the helper is tied to an anon)133 732 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
-133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
-(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
-(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
--.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-32-g56ada0e)72
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(tzpfms 0.3.4-32-g56ada0e)72
 817.889 Q(February 28, 2024)84.138 E(1)183.837 E 0 Cg EP
-%%Page: 2 4
+%%Page: 2 9
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 36.913(ZFS-TPM1X-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 34.412(anual ZFS-TPM1X-CHANGE-KEY\(8\))
--2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
-(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
-(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
--2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
 (he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 124.8 R 2.678(te)-.18 G .178
+(If the helper doesn')133 136.8 R 2.678(te)-.18 G .178
 (xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
 (127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
-(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
 -.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
-1.666(TPM1.X back-end con\214guration)72 153.6 R .625(TPM selection)87
-165.6 R F0(The)108 177.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
+1.666(TPM1.X back-end con\214guration)72 165.6 R .625(TPM selection)87
+177.6 R F0(The)108 189.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
 .229(suite connects to a local)2.729 F F1(tcsd)2.73 E F0 .23
 (\(8\) process \(at)B F1(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 189.6 Q
+-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 201.6 Q
 (vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 206.4 R(rouSerS)
+(to specify a remote TCS hostname.)2.5 E .111(The T)108 218.4 R(rouSerS)
 -.35 E F1(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F1(/dev/tpm0)2.61
 E F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
 F1(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-218.4 S(ing one of the earlier ones with, for e).1 E
+230.4 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F2 .625
-(See also)87 235.2 R F0(The T)108 247.2 Q
+(See also)87 247.2 R F0(The T)108 259.2 Q
 (rouSerS project page at https://sourcefor)-.35 E
 (ge.net/projects/trousers.)-.18 E 4.415
-(The TPM 1.2 main speci\214cation inde)108 264 R 6.915(xa)-.15 G 6.915
+(The TPM 1.2 main speci\214cation inde)108 276 R 6.915(xa)-.15 G 6.915
 (th)-6.915 G(ttps://trustedcomputinggroup.or)-6.915 E
-(g/resource/tpm-main-)-.18 E(speci\214cation.)108 276 Q F2 1.666
-(SPECIAL THANKS)72 292.8 R F0 1.6 -.8(To a)108 304.8 T
+(g/resource/tpm-main-)-.18 E(speci\214cation.)108 288 Q F2 1.666
+(SPECIAL THANKS)72 304.8 R F0 1.6 -.8(To a)108 316.8 T
 (ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
-.15 E F2<83>128 316.8 Q F0(ThePhD)7.5 E F2<83>128 328.8 Q F0
-(Embark Studios)7.5 E F2<83>128 340.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
-F2<83>128 352.8 Q F0(EvModder)7.5 E F2(REPOR)72 369.6 Q 1.666(TING B)-.4
-F(UGS)-.1 E F0(https://todo.sr)108 381.6 Q(.ht/\001nabijaczle)-.55 E
-(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 398.4 Q
+.15 E F2<83>128 328.8 Q F0(ThePhD)7.5 E F2<83>128 340.8 Q F0
+(Embark Studios)7.5 E F2<83>128 352.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
+F2<83>128 364.8 Q F0(EvModder)7.5 E F2(REPOR)72 381.6 Q 1.666(TING B)-.4
+F(UGS)-.1 E F0(https://todo.sr)108 393.6 Q(.ht/\001nabijaczle)-.55 E
+(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 410.4 Q
 F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
-(https://lists.sr)108 410.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
--.25 E F2 1.666(SEE ALSO)72 427.2 R F0
-(PCR allocations: https://wiki.archlinux.or)108 439.2 Q(g/title/T)-.18 E
+(https://lists.sr)108 422.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
+-.25 E F2 1.666(SEE ALSO)72 439.2 R F0
+(PCR allocations: https://wiki.archlinux.or)108 451.2 Q(g/title/T)-.18 E
 (rusted_Platform_Module#Accessing_PCR_re)-.35 E(gisters)-.15 E
-(and https://trustedcomputinggroup.or)108 451.2 Q
+(and https://trustedcomputinggroup.or)108 463.2 Q
 (g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
-r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 463.2 Q
-(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q
+r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 475.2 Q
+(able)-.8 E(1.)108 487.2 Q(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q
 (February 28, 2024)84.138 E(2)183.837 E 0 Cg EP
-%%Page: 1 5
+%%Page: 1 10
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -533,14 +906,14 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.007 G -.25(ew)-3.008 G
 .508(rap ZFS dataset k).25 F .808 -.15(ey i)-.1 H 3.008(np).15 G(asssw)
 -3.008 E .508(ord and clear tzpfms TPM1.X meta-)-.1 F(data)108 108 Q F1
-(SYNOPSIS)72 124.8 Q F2(zfs-tpm-list)108 136.8 Q/F3 10/Courier-Oblique@0
-SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0(After v)108 165.6 Q
-(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
-(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM1.X)
-2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F -.25(va)
--.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
-/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
-(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(TPM1.X)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F
+-.25(va)-.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.307 E/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
 201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
 (xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
@@ -575,7 +948,7 @@ F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 504 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q(December 4, 2022)84.143 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 6
+%%Page: 1 11
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -584,13 +957,13 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm1x-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .191
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1(wa)2.691
-G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E F0(back)
-2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69 F .49
--.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)2.5 E
-F0(.)A .236
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .191(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1
+(wa)2.691 G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E
+F0(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69
+F .49 -.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)
+2.5 E F0(.)A .236
 (The user is \214rst prompted for the SRK passphrase, set when taking o)
 108 182.4 R .236(wnership, if not "well-kno)-.25 F .236(wn" \(all)-.25 F
 (zeroes\); then for the additional passphrase, set when creating the k)
@@ -655,7 +1028,7 @@ F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 696 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q(December 4, 2022)84.143 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 7
+%%Page: 1 12
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -664,132 +1037,132 @@ BP
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5
 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666
-(]...)C([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)
-A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])
-A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.676 -.8(To n)108 165.6
-T(ormalise).8 E F3(dataset)2.576 E F0(,)A F2(zfs-tpm-list)2.576 E F0
-.076(will open its encryption root in its stead.)2.576 F F2
-(zfs-tpm-list)5.077 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5
-E(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G
-(ncryption roots; use)-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0
-(\(8\) for that.)A(First, a connection is made to the TPM, which)108
-194.4 Q F4(must)2.5 E F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3
-(dataset)3.055 E F0 -.1(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555
-(viously encrypted with)-.25 F F2(tzpfms)3.055 E F0 .555(and the)3.055 F
-F1(TPM2)3.055 E F0 .554(back-end w)3.054 F .554(as used, the pre)-.1 F
-(vious)-.25 E -.1(ke)108 223.2 S 3.059(yw)-.05 G .559
-(ill be freed from the TPM.)-3.059 F .56
-(Otherwise, or in case of an error)5.56 F 3.06(,d)-.4 G .56
-(ata required for manual interv)-3.06 F(en-)-.15 E
-(tion will be written to the standard error stream.)108 235.2 Q(Ne)108
-252 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0
+1.666(]...)C([)234 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A
+F2(,)A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A
+F0(]])A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 4.319 -.8(To n)108
+165.6 T(ormalise).8 E F3(dataset)5.219 E F0(,)A F2(zfs-fido2-add-backup)
+5.219 E F0 2.72(will open its encryption root in its stead.)5.219 F F2
+(zfs-fido2-add-backup)108 177.6 Q F0(will)14.655 E/F4 10/Times-Italic@0
+SF(ne)14.655 E(ver)-.15 E F0 12.154(create or destro)14.655 F 14.654(ye)
+-.1 G 12.154(ncryption roots; use)-14.654 F/F5 10/Courier@0 SF
+(zfs-change-key)108 189.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 206.4 Q F4(must)2.5 E
+F0(be TPM-2.0-compatible.)2.5 E(If)108 223.2 Q F3(dataset)3.054 E F0 -.1
+(wa)3.054 G 3.054(sp).1 G(re)-3.054 E .554(viously encrypted with)-.25 F
+F2(tzpfms)3.055 E F0 .555(and the)3.055 F F1(TPM2)3.055 E F0 .555
+(back-end w)3.055 F .555(as used, the pre)-.1 F(vious)-.25 E -.1(ke)108
+235.2 S 3.06(yw)-.05 G .56(ill be freed from the TPM.)-3.06 F .56
+(Otherwise, or in case of an error)5.56 F 3.059(,d)-.4 G .559
+(ata required for manual interv)-3.059 F(en-)-.15 E
+(tion will be written to the standard error stream.)108 247.2 Q(Ne)108
+264 Q .294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
 -.15(ey i)-.1 H 2.794(sg).15 G .294
 (enerated on the TPM, optionally back)-2.794 F .294(ed up \(see)-.1 F F1
-(OPTIONS)2.794 E F0 .294(\), and sealed)B .588
-(to a persistent object on the TPM under the o)108 264 R .589
-(wner hierarch)-.25 F .589(y; if there is a passphrase set on the o)-.05
-F(wner)-.25 E(hierarch)108 276 Q 1.603 -.65(y, t)-.05 H .302
+(OPTIONS)2.794 E F0 .294(\), and sealed)B .589
+(to a persistent object on the TPM under the o)108 276 R .589
+(wner hierarch)-.25 F .588(y; if there is a passphrase set on the o)-.05
+F(wner)-.25 E(hierarch)108 288 Q 1.602 -.65(y, t)-.05 H .302
 (he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .302
 (ys prompted for an optional passphrase to protect).1 F
-(the sealed object with.)108 288 Q(The follo)108 304.8 Q
+(the sealed object with.)108 300 Q(The follo)108 316.8 Q
 (wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
-316.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
-128 328.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
-(persistent-object-ID)A F0([)139 340.8 Q F2(;)A F3(algorithm)A F2(:)A F3
+328.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
+128 340.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
+(persistent-object-ID)A F0([)139 352.8 Q F2(;)A F3(algorithm)A F2(:)A F3
 (PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3
 (algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
-1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.263
-(identi\214es this dataset for w)3.763 F 1.264(ork with)-.1 F F1(TPM2)
-3.764 E F0(-back-ended)A F2(tzpfms)3.764 E F0 1.264(tools \(namely)3.764
-F F5(zfs-tpm2-change-key)108 369.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
+1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 369.6 Q F0 1.264
+(identi\214es this dataset for w)3.764 F 1.263(ork with)-.1 F F1(TPM2)
+3.763 E F0(-back-ended)A F2(tzpfms)3.763 E F0 1.263(tools \(namely)3.763
+F F5(zfs-tpm2-change-key)108 381.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
 2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0(\(8\)\).)A F5
-(tzpfms.key)108 386.4 Q F0 1.509(is an inte)4.009 F 1.509
+(tzpfms.key)108 398.4 Q F0 1.508(is an inte)4.008 F 1.509
 (ger representing the sealed object, optionally follo)-.15 F 1.509
-(wed by a semicolon and)-.25 F .822(PCR list as speci\214ed with)108
-398.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
-(tpm-tools)3.322 E F0 .823(-toolchain-compatible; if needed, it can)B
-.866(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
+(wed by a semicolon and)-.25 F .823(PCR list as speci\214ed with)108
+410.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
+(tpm-tools)3.322 E F0 .822(-toolchain-compatible; if needed, it can)B
+.865(be passed to)108 422.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
 (${tzpfms.key)6.866 E F2(%%)A F5(;)A/F6 10/Symbol SF(*)A F5(})A F0(with)
-3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.365("o)
-C(r)-3.365 E F2<ad70>109.666 422.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
-F2(#)A F6(*)A F5(;})A F0 .727(", as the case may be, or equi)B -.25(va)
--.25 G .728(lent, for back-up \(see).25 F F1(OPTIONS)3.228 E F0(\).)A
-.448(If you ha)108 434.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
+3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.366("o)
+C(r)-3.366 E F2<ad70>109.666 434.4 Q F0(")6.728 E F5(pcr:${tzpfms.key)A
+F2(#)A F6(*)A F5(;})A F0 .728(", as the case may be, or equi)B -.25(va)
+-.25 G .727(lent, for back-up \(see).25 F F1(OPTIONS)3.227 E F0(\).)A
+.447(If you ha)108 446.4 R .747 -.15(ve a s)-.2 H .447(ealed k).15 F
 .748 -.15(ey y)-.1 H .448(ou can access with that or equi).15 F -.25(va)
--.25 G .447(lent tool and set both of these properties, it).25 F
-(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.005
-(,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25 G 9.505(lent of).25 F F2
-9.505(zfs change-key)12.005 F<ad6f>17.172 E F5(keylocation=prompt)15.506
-E F2<ad6f>17.172 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.107 E F0
-.107(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G
-5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
-(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F .289(to clean\
+-.25 G .448(lent tool and set both of these properties, it).25 F
+(will funxion seamlessly)108 458.4 Q(.)-.65 E(Finally)108 475.2 Q 12.006
+(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25 G 9.506(lent of).25 F F2
+9.505(zfs change-key)12.005 F<ad6f>17.171 E F5(keylocation=prompt)15.505
+E F2<ad6f>17.171 E F5(keyformat=raw)108 487.2 Q F3(dataset)6.106 E F0
+.106(is performed with the ne)2.606 F 2.606(wk)-.25 G -.15(ey)-2.706 G
+5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .107
+(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F .289(to clean\
  up the persistent object and properties, or to issue a note for manual\
- interv)108 487.2 R .29(ention into the stan-)-.15 F(dard error stream.)
-108 499.2 Q 2.625<418c>108 516 S .125(nal v)-2.625 F .125
-(eri\214cation should be made by running)-.15 F F2 1.79
-(zfs-tpm2-load-key \255n)2.624 F F3(dataset)6.124 E F0 5.124(.I)C 2.624
-(ft)-5.124 G .124(hat com-)-2.624 F .506(mand succeeds, all is well, b)
-108 528 R .506(ut otherwise the dataset can be manually rolled back to \
-a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 540 Q F3(dataset)
-11.539 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
+ interv)108 499.2 R .289(ention into the stan-)-.15 F
+(dard error stream.)108 511.2 Q 2.624<418c>108 528 S .124(nal v)-2.624 F
+.124(eri\214cation should be made by running)-.15 F F2 1.791
+(zfs-tpm2-load-key \255n)2.625 F F3(dataset)6.125 E F0 5.125(.I)C 2.625
+(ft)-5.125 G .125(hat com-)-2.625 F .507(mand succeeds, all is well, b)
+108 540 R .506(ut otherwise the dataset can be manually rolled back to \
+a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 552 Q F3(dataset)
+11.538 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
 -8.039 F 5.539(ails to w)-.1 F(ork,)-.1 E F2 5.539(zfs change-key)8.039
-F<ad6f>13.204 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
+F<ad6f>13.205 E F5(keyformat=passphrase)108 564 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm2-clear-key)108 568.8 Q F3(dataset)6.029 E F0 .029
+F2(zfs-tpm2-clear-key)108 580.8 Q F3(dataset)6.029 E F0 .029
 (can be used to free the TPM persistent object and go back to us-)2.529
-F(ing a passphrase.)108 580.8 Q F1(OPTIONS)72 597.6 Q F2<ad62>109.666
-609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .353 -.15(ve a b)-.2 H .052
+F(ing a passphrase.)108 592.8 Q F1(OPTIONS)72 609.6 Q F2<ad62>109.666
+621.6 Q F3(backup-file)6 E F0(Sa)203 621.6 Q .352 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
-E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
-F .693(This back-up)203 621.6 R F4(must)3.193 E F0 .694
-(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
-(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 633.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 645.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 662.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
+F .694(This back-up)203 633.6 R F4(must)3.194 E F0 .694
+(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 645.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 657.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 674.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
 A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3(algorithm)
 A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C 1.666(]...)
--1.666 G 1.425(Bind the k)203 674.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
-G 1.425(pace- or comma-separated)-3.925 F F3(PCR)3.924 E F0 3.924(sw)C
-1.424(ithin their corresponding)-3.924 F(hashing)203 686.4 Q F3
-(algorithm)2.523 E F0 2.523<8a69>2.523 G 2.523(ft)-2.523 G(he)-2.523 E
+-1.666 G 1.424(Bind the k)203 686.4 R 1.724 -.15(ey t)-.1 H 3.924(os).15
+G 1.424(pace- or comma-separated)-3.924 F F3(PCR)3.925 E F0 3.925(sw)C
+1.425(ithin their corresponding)-3.925 F(hashing)203 698.4 Q F3
+(algorithm)2.524 E F0 2.524<8a69>2.524 G 2.523(ft)-2.524 G(he)-2.523 E
 2.523(yc)-.15 G .023(hange, the wrapping k)-2.523 F .323 -.15(ey w)-.1 H
-.024(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
+.023(ill not be able to be).15 F 2.5(unsealed. There)203 710.4 R(are)2.5
 E F1(24)2.5 E F0(PCRs, numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0(].)
-A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
+A F3(algorithm)203 727.2 Q F0 2.968(may be an)5.468 F 5.468(yo)-.15 G
 5.468(fc)-5.468 G(ase-insensiti)-5.468 E 3.268 -.15(ve ")-.25 H F1(sha1)
-.15 E F0 2.968(", ")B F1(sha256)A F0 2.968(", ")B F1(sha384)A F0(",)A(")
-203 727.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
+.15 E F0 2.968(", ")B F1(sha256)A F0 2.969(", ")B F1(sha384)A F0(",)A(")
+203 739.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
 (sm3-256)A F0 4.983(", ")B F1(sha3_256)A F0 4.983(", ")B F1(sha3-256)A
-F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 739.2 Q F1(sha3-384)A F0
+F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 751.2 Q F1(sha3-384)A F0
 (", ")A F1(sha3_512)A F0(", or ")A F1(sha3-512)A F0
 (", and must be supported by the TPM.)A(tzpfms 0.3.4-32-g56ada0e)72
 817.889 Q(February 28, 2024)84.138 E(1)183.837 E 0 Cg EP
-%%Page: 2 8
+%%Page: 2 13
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 44.133(ZFS-TPM2-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 41.632(anual ZFS-TPM2-CHANGE-KEY\(8\))-2.5
 F/F1 10/Courier-Bold@0 SF<ad41>109.666 84 Q F0 -.4(Wi)203 84 S(th).4 E
-F1<ad50>4.589 E F0 2.923(,a)C .422(lso prompt for a passphrase.)-2.923 F
-.422(This is skipped by def)5.422 F .422(ault because the)-.1 F .675
+F1<ad50>4.588 E F0 2.922(,a)C .422(lso prompt for a passphrase.)-2.922 F
+.422(This is skipped by def)5.422 F .423(ault because the)-.1 F .675
 (passphrase is)203 96 R/F2 10/Times-Italic@0 SF(OR)3.175 E F0 .675
 (ed with the PCR polic)B 3.175(y\212t)-.15 G .675(he wrapping k)-3.175 F
 .975 -.15(ey c)-.1 H .675(an be unsealed).15 F F2(either)203 108 Q F0
-1.39(passphraseless with the right PCRs)3.89 F F2(or)3.89 E F0 1.389
+1.389(passphraseless with the right PCRs)3.889 F F2(or)3.89 E F0 1.39
 (with the passphrase, and this is)3.89 F(usually not the intent.)203 120
 Q/F3 10/Times-Bold@0 SF(ENVIR)72 136.8 Q 1.666(ONMENT V)-.3 F(ARIABLES)
--1.35 E/F4 10/Courier@0 SF(TZPFMS_PASSPHRASE_HELPER)108 148.8 Q F0 .045
+-1.35 E/F4 10/Courier@0 SF(TZPFMS_PASSPHRASE_HELPER)108 148.8 Q F0 .046
 (By def)133 160.8 R .045(ault, passphrases are prompted for and read in\
- on the standard output and input streams.)-.1 F(If)5.046 E F4
-(TZPFMS_PASSPHRASE_HELPER)133 172.8 Q F0 1.596(is set and nonempty)4.096
+ on the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 172.8 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
-(/bin/)4.095 E F1 3.261(sh \255c)B F0(to)4.095 E(pro)133 184.8 Q
+(/bin/)4.096 E F1 3.262(sh \255c)B F0(to)4.096 E(pro)133 184.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 201.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -802,10 +1175,10 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
 249.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 261.6 Q F0("ag)160 261.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 278.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F3(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 278.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F3(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 290.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F3 1.666
 (TPM2 back-end con\214guration)72 307.2 R(En)87 319.2 Q(vir)-.4 E .625
@@ -814,13 +1187,13 @@ Q 2.5(yo)-.15 G(f:)-2.5 E F3(NONE)2.5 E F0(,)A F3(ERR)2.5 E(OR)-.3 E F0
 (,)A F3 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F3(INFO)2.5 E F0(,)A F3(DEB)2.5
 E(UG)-.1 E F0(,)A F3(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E
 F3 -1.2(WA)2.5 G(RNING)1.2 E F0(.)A F3 .625(TPM selection)87 348 R F0
-.621(The library)108 360 R F1(libtss2-tcti-default.so)3.121 E F0 .621
-(can be link)3.121 F .621(ed to an)-.1 F 3.122(yo)-.15 G 3.122(ft)-3.122
-G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
-(li-)3.122 E .781(braries to select the def)108 372 R .781
-(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4
-(/dev/tpm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4(localhost:2321)3.28 E F0
-(will be tried, in order \(see)108 384 Q F4(ESYS_CONTEXT)2.5 E F0
+.622(The library)108 360 R F1(libtss2-tcti-default.so)3.122 E F0 .622
+(can be link)3.122 F .621(ed to an)-.1 F 3.121(yo)-.15 G 3.121(ft)-3.121
+G(he)-3.121 E F4(libtss2-tcti-)3.121 E/F5 10/Symbol SF(*)A F4(.so)A F0
+(li-)3.121 E .78(braries to select the def)108 372 R .78
+(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.281 E F0 3.281(,t)C(hen)-3.281 E
+F4(/dev/tpm0)3.281 E F0 3.281(,t)C(hen)-3.281 E F4(localhost:2321)3.281
+E F0(will be tried, in order \(see)108 384 Q F4(ESYS_CONTEXT)2.5 E F0
 (\(3\)\).)A F3 .625(See also)87 400.8 R F0 2.247
 (The tpm2-tss git repository at https://github)108 412.8 R
 (.com/tpm2-softw)-.4 E 2.247(are/tpm2-tss and the documentation at)-.1 F
@@ -837,7 +1210,7 @@ G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
 F3<83>128 542.4 Q F0(EvModder)7.5 E F3(REPOR)72 559.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 571.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 588 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 600 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 (PCR allocations: https://wiki.archlinux.or)108 645.6 Q(g/title/T)-.18 E
@@ -847,7 +1220,7 @@ E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 669.6 Q
 (able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q
 (February 28, 2024)84.138 E(2)183.837 E 0 Cg EP
-%%Page: 1 9
+%%Page: 1 14
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -857,13 +1230,13 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-clear-key)108 96 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G
 (rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
 (ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q F2
-(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
-(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
+(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5
+E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
 (dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2
 (tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 5
-(1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)-.25 G 5.641
-(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.308 E/F4 10
-/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E F4
+(1. performs)118 165.6 R 5.642(the equi)8.142 F -.25(va)-.25 G 5.642
+(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E/F4 10
+/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
 (keyformat=passphrase)133 177.6 Q F3(dataset)6 E F0(,)A 5(2. frees)118
 189.6 R(the sealed k)2.5 E .3 -.15(ey p)-.1 H(re).15 E
 (viously used to encrypt)-.25 E F3(dataset)2.5 E F0(,)A 5(3. remo)118
@@ -872,12 +1245,12 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
 213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm2-change-key)2.5 E F0
 (\(8\) for a detailed description.)A F1(ENVIR)72 247.2 Q 1.666(ONMENT V)
--.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .045
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .046
 (By def)133 271.2 R .045(ault, passphrases are prompted for and read in\
- on the standard output and input streams.)-.1 F(If)5.046 E F4
-(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.596(is set and nonempty)4.096
+ on the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 295.2 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 295.2 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 312 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -889,10 +1262,10 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
 2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 360 Q F0("ne)160 360 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
 -2.5 E F4($4)143 372 Q F0("ag)160 372 Q(ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 388.8 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 388.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 400.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM2 back-end con\214guration)72 417.6 R(En)87 429.6 Q(vir)-.4 E .625
@@ -901,13 +1274,13 @@ Q 2.5(yo)-.15 G(f:)-2.5 E F1(NONE)2.5 E F0(,)A F1(ERR)2.5 E(OR)-.3 E F0
 (,)A F1 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F1(INFO)2.5 E F0(,)A F1(DEB)2.5
 E(UG)-.1 E F0(,)A F1(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E
 F1 -1.2(WA)2.5 G(RNING)1.2 E F0(.)A F1 .625(TPM selection)87 458.4 R F0
-.621(The library)108 470.4 R F2(libtss2-tcti-default.so)3.121 E F0 .621
-(can be link)3.121 F .621(ed to an)-.1 F 3.122(yo)-.15 G 3.122(ft)-3.122
-G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
-(li-)3.122 E .781(braries to select the def)108 482.4 R .781
-(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4
-(/dev/tpm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4(localhost:2321)3.28 E F0
-(will be tried, in order \(see)108 494.4 Q F4(ESYS_CONTEXT)2.5 E F0
+.622(The library)108 470.4 R F2(libtss2-tcti-default.so)3.122 E F0 .622
+(can be link)3.122 F .621(ed to an)-.1 F 3.121(yo)-.15 G 3.121(ft)-3.121
+G(he)-3.121 E F4(libtss2-tcti-)3.121 E/F5 10/Symbol SF(*)A F4(.so)A F0
+(li-)3.121 E .78(braries to select the def)108 482.4 R .78
+(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.281 E F0 3.281(,t)C(hen)-3.281 E
+F4(/dev/tpm0)3.281 E F0 3.281(,t)C(hen)-3.281 E F4(localhost:2321)3.281
+E F0(will be tried, in order \(see)108 494.4 Q F4(ESYS_CONTEXT)2.5 E F0
 (\(3\)\).)A F1 .625(See also)87 511.2 R F0 2.247
 (The tpm2-tss git repository at https://github)108 523.2 R
 (.com/tpm2-softw)-.4 E 2.247(are/tpm2-tss and the documentation at)-.1 F
@@ -924,11 +1297,11 @@ G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
 F1<83>128 652.8 Q F0(EvModder)7.5 E F1(REPOR)72 669.6 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 681.6 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 698.4 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 710.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q(December 4, 2022)84.143 E
 (1)183.842 E 0 Cg EP
-%%Page: 1 10
+%%Page: 1 15
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -937,28 +1310,28 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .864
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1(wa)3.364
-G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E F0(back)
-3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865(nseals the k)-3.365
-F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F(into)108 165.6 Q F3
-(dataset)2.5 E F0(.)A(The user is prompted for the additional passphras\
-e, set when creating the k)108 182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5
-(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4 10/Courier@0 SF
-(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
-(OPTIONS)72 216 Q F2<ad6e>109.666 228 Q F0 3.208
-(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25 G 5.708(ni).15
-G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708(sa)
-.15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G 3.207
-(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)C F2<ad6e>
-4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)-.3 F
-(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .865(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.365 E F0 -.1
+(wa)3.365 G 3.365(se).1 G .865(ncrypted with)-3.365 F F2(tzpfms)3.365 E
+F0(back)3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .864
+(nseals the k)-3.365 F 1.164 -.15(ey a)-.1 H .864(nd loads it).15 F
+(into)108 165.6 Q F3(dataset)2.5 E F0(.)A(The user is prompted for the \
+additional passphrase, set when creating the k)108 182.4 Q -.15(ey)-.1 G
+2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4
+10/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(OPTIONS)72 216 Q F2<ad6e>109.666
+228 Q F0 3.208(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25
+G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)
+-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.208 E -.25(va)
+-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131 240 Q F0 -.55('s)
+C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .046
 (By def)133 280.8 R .045(ault, passphrases are prompted for and read in\
- on the standard output and input streams.)-.1 F(If)5.046 E F4
-(TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.596(is set and nonempty)4.096
+ on the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 304.8 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 304.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 321.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -971,23 +1344,23 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
 369.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 381.6 Q F0("ag)160 381.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 398.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 398.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 410.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM1.X back-end con\214guration)72 427.2 R .625(TPM selection)87 439.2
-R F0(The)108 451.2 Q F2(tzpfms)2.729 E F0 .229
-(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 463.2 Q
-(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 480 R(rouSerS)
--.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-492 S(ing one of the earlier ones with, for e).1 E
+R F0(The)108 451.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
+2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
+2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
+F(the)2.729 E(en)108 463.2 Q(vironment v)-.4 E(ariable)-.25 E F4
+(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
+(The T)108 480 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
+(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
+(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
+2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 492 S
+(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 508.8 R F0(The T)108 520.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -1002,7 +1375,7 @@ F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
 F1<83>128 626.4 Q F0(EvModder)7.5 E F1(REPOR)72 643.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 655.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 672 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 684 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-32-g56ada0e)72 817.889 Q(December 4, 2022)84.143 E(1)
 183.842 E 0 Cg EP
diff --git a/zfs-fido2-add-backup.8 b/zfs-fido2-add-backup.8
new file mode 100644
index 0000000..08a80cb
--- /dev/null
+++ b/zfs-fido2-add-backup.8
@@ -0,0 +1,125 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-ADD-BACKUP 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-add-backup
+.Nd allow another FIDO2 device to unlock ZFS dataset
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After
+.Xr zfs-fido2-change-key 8
+derives the key for a dataset from a FIDO2 device,
+.Nm
+may be executed to extend this to any number of additional devices.
+.Pp
+First, the wrapping key is extracted as normally during
+.Xr zfs-fido2-load-key 8 ,
+then a credential is made as-if during
+.Xr zfs-fido2-change-key 8
+(except the "primary" device and all the ones holding backups are excluded from the search);
+however, the
+.Ql hmac-secret
+is instead used as a symmetric AES-256-GCM
+.Pq Xr EVP_CIPHER-AES 7ssl
+key to encrypt the wrapping key directly with a random IV.
+.Pp
+This turns the
+.Li xyz.nabijaczleweli:tzpfms.key
+variable into
+.br
+.Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns Ar backup-salt Ns Cm :\:\& Ns Ar backup-credential-ID Ns Cm :\:\& Ns Ar backup-credential-public-key Ns Cm :\:\& Ns Ar IV Ns Cm :\:\& Ns Ar encrypted-key Oc Ns …
+.Pp
+.Li tzpfms.key
+is actually a dot-separated list of device bundles.
+The first one is as-described in
+.Xr zfs-fido2-change-key 8 .
+Subsequent ones also include (identically-encoded) IVs and encrypted blobs.
+.Pp
+.Xr zfs-fido2-load-key 8
+shops assertions around devices in a device-major order \(em
+depending on device numbering, a backup may be loaded even if the primary device is present.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-add-backup.8.html b/zfs-fido2-add-backup.8.html
new file mode 100644
index 0000000..e6d3444
--- /dev/null
+++ b/zfs-fido2-add-backup.8.html
@@ -0,0 +1,153 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-ADD-BACKUP(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-add-backup</code> &#x2014;
+    <span class="Nd">allow another FIDO2 device to unlock ZFS dataset</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-add-backup</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    derives the key for a dataset from a FIDO2 device,
+    <code class="Nm">zfs-fido2-add-backup</code> may be executed to extend this
+    to any number of additional devices.</p>
+<p class="Pp">First, the wrapping key is extracted as normally during
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    then a credential is made as-if during
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    (except the &quot;primary&quot; device and all the ones holding backups are
+    excluded from the search); however, the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; is instead used as a
+    symmetric AES-256-GCM
+    (<a class="Xr" href="https://manpages.debian.org/bookworm/EVP_CIPHER-AES.7ssl">EVP_CIPHER-AES(7ssl)</a>)
+    key to encrypt the wrapping key directly with a random IV.</p>
+<p class="Pp">This turns the
+    <code class="Li">xyz.nabijaczleweli:tzpfms.key</code> variable into
+  <br/>
+  <var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code><var class="Ar">backup-salt</var><code class="Cm">:</code><var class="Ar">backup-credential-ID</var><code class="Cm">:</code><var class="Ar">backup-credential-public-key</var><code class="Cm">:</code><var class="Ar">IV</var><code class="Cm">:</code><var class="Ar">encrypted-key</var>]&#x2026;</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is actually a dot-separated
+    list of device bundles. The first one is as-described in
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>.
+    Subsequent ones also include (identically-encoded) IVs and encrypted
+  blobs.</p>
+<p class="Pp"><a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>
+    shops assertions around devices in a device-major order &#x2014; depending
+    on device numbering, a backup may be loaded even if the primary device is
+    present.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-change-key.8 b/zfs-fido2-change-key.8
new file mode 100644
index 0000000..8238eba
--- /dev/null
+++ b/zfs-fido2-change-key.8
@@ -0,0 +1,188 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd March  4, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CHANGE-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-change-key
+.Nd change ZFS dataset key to one authenticated by a FIDO2 device
+.Sh SYNOPSIS
+.Nm
+.Op Fl b Ar backup-file
+.Ar dataset
+.
+.Sh DESCRIPTION
+To normalise the
+.Ar dataset ,
+.Nm
+will open its encryption root in its stead.
+.Nm
+will
+.Em never
+create or destroy encryption roots; use
+.Xr zfs-change-key 8
+for that.
+.Pp
+First, a connection is made to the FIDO2 device, which
+.Em must
+support the
+.Ql hmac-secret
+extension.
+.Pp
+If
+.Ar dataset
+was previously encrypted with
+.Nm fzifdso
+and the
+.Sy FIDO2
+back-end was used, previous credentials will be deleted from their devices (as-if via
+.Xr zfs-fido2-clear-key 8 ) ,
+if available.
+Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
+.Pp
+Next, a new credential of type ES256 is generated on the device (with relying party ID
+.Li fzifdso
+and name equal to the dataset name)
+with the
+.Ql hmac-secret
+extension requested; the device PIN, if any, is prompted for here.
+This mimicks a WebAuthn registration step.
+.Pp
+Then, the credential is asserted with a 32-byte random salt,
+which hashes it with device-private data, and thus generates the wrapping key
+.Pq which is optionally backed up Pq see Sx OPTIONS .
+This mimicks a WebAuthn login step.
+.Pp
+The following properties are set on
+.Ar dataset :
+.Bl -bullet -compact -offset 4n -width "@"
+.It
+.Li xyz.nabijaczleweli:tzpfms.backend Ns = Ns Sy FIDO2
+.It
+.Li xyz.nabijaczleweli:tzpfms.key Ns = Ns Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns … Oc Ns …
+.El
+.Pp
+.Li tzpfms.backend
+identifies this dataset for work with
+.Sy FIDO2 Ns -back-ended
+.Nm tzpfms
+tools
+.Pq i.e. Nm fzifdso Xr zfs-fido2-change-key 8 , Xr zfs-fido2-load-key 8 , Xr zfs-fido2-add-backup 8 , and Xr zfs-fido2-clear-key 8 .
+.Pp
+.Li tzpfms.key
+is a colon-separated tuple of unpadded URL-safe base64 blobs;
+the first one is the random salt;
+the second represents the ID of created credential,
+and the third \(en its public key.
+There exists no other user-land tool for deciphering this; perhaps there should be.
+.\"" TODO: make an LD_PRELOADable for extracting the key maybe?
+.Pp
+Finally, the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=raw Ar dataset
+is performed with the new key.
+If an error occurred, best effort is made to clean up the properties,
+or to issue a note for manual intervention into the standard error stream.
+.Pp
+A final verification should be made by running
+.Nm zfs-fido2-load-key Fl n Ar dataset .
+If that command succeeds, all is well,
+but otherwise the dataset can be manually rolled back to a passphrase with
+.Nm zfs-fido2-clear-key Ar dataset
+.Pq or, if that fails to work, Nm zfs Cm change-key Fl o Li keyformat=passphrase Ar dataset ,
+and you are hereby asked to report a bug, please.
+.Pp
+.Nm zfs-fido2-clear-key Ar dataset
+can be used to clear the properties and go back to using a passphrase.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl b Ar backup-file"
+.It Fl b Ar backup-file
+Save a back-up of the key to
+.Ar backup-file ,
+which must not exist beforehand.
+This back-up
+.Em must
+be stored securely, off-site.
+In case of a catastrophic event, the key can be loaded by running
+.Dl Nm zfs Cm load-key Ar dataset Li < Ar backup-file
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-change-key.8.html b/zfs-fido2-change-key.8.html
new file mode 100644
index 0000000..8cd7f1a
--- /dev/null
+++ b/zfs-fido2-change-key.8.html
@@ -0,0 +1,207 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CHANGE-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-change-key</code> &#x2014;
+    <span class="Nd">change ZFS dataset key to one authenticated by a FIDO2
+    device</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-change-key</code></td>
+    <td>[<code class="Fl">-b</code> <var class="Ar">backup-file</var>]
+      <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">To normalise the <var class="Ar">dataset</var>,
+    <code class="Nm">zfs-fido2-change-key</code> will open its encryption root
+    in its stead. <code class="Nm">zfs-fido2-change-key</code> will
+    <a class="permalink" href="#never"><i class="Em" id="never">never</i></a>
+    create or destroy encryption roots; use
+    <a class="Xr" href="https://manpages.debian.org/bookworm/zfs-change-key.8">zfs-change-key(8)</a>
+    for that.</p>
+<p class="Pp">First, a connection is made to the FIDO2 device, which
+    <i class="Em">must</i> support the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension.</p>
+<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
+    <code class="Nm">fzifdso</code> and the <b class="Sy">FIDO2</b> back-end was
+    used, previous credentials will be deleted from their devices (as-if via
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>),
+    if available. Otherwise, or in case of an error, data required for manual
+    intervention will be written to the standard error stream.</p>
+<p class="Pp">Next, a new credential of type ES256 is generated on the device
+    (with relying party ID <code class="Li">fzifdso</code> and name equal to the
+    dataset name) with the &#x2018;<code class="Li">hmac-secret</code>&#x2019;
+    extension requested; the device PIN, if any, is prompted for here. This
+    mimicks a WebAuthn registration step.</p>
+<p class="Pp">Then, the credential is asserted with a 32-byte random salt, which
+    hashes it with device-private data, and thus generates the wrapping key
+    (which is optionally backed up (see
+    <a class="Sx" href="#OPTIONS">OPTIONS</a>)). This mimicks a WebAuthn login
+    step.</p>
+<p class="Pp">The following properties are set on
+  <var class="Ar">dataset</var>:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li id="xyz.nabijaczleweli:tzpfms.backend"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.backend"><code class="Li">xyz.nabijaczleweli:tzpfms.backend</code></a>=<b class="Sy">FIDO2</b></li>
+  <li id="xyz.nabijaczleweli:tzpfms.key"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.key"><code class="Li">xyz.nabijaczleweli:tzpfms.key</code></a>=<var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code>&#x2026;]&#x2026;</li>
+</ul>
+<p class="Pp"><code class="Li">tzpfms.backend</code> identifies this dataset for
+    work with <b class="Sy">FIDO2</b>-back-ended <code class="Nm">tzpfms</code>
+    tools (i.e. <code class="Nm">fzifdso</code>
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-add-backup.8.html">zfs-fido2-add-backup(8)</a>,
+    and
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>).</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is a colon-separated tuple of
+    unpadded URL-safe base64 blobs; the first one is the random salt; the second
+    represents the ID of created credential, and the third &#x2013; its public
+    key. There exists no other user-land tool for deciphering this; perhaps
+    there should be.</p>
+<p class="Pp">Finally, the equivalent of <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=raw</code> <var class="Ar">dataset</var> is
+    performed with the new key. If an error occurred, best effort is made to
+    clean up the properties, or to issue a note for manual intervention into the
+    standard error stream.</p>
+<p class="Pp">A final verification should be made by running
+    <code class="Nm">zfs-fido2-load-key</code> <code class="Fl">-n</code>
+    <var class="Ar">dataset</var>. If that command succeeds, all is well, but
+    otherwise the dataset can be manually rolled back to a passphrase with
+    <code class="Nm">zfs-fido2-clear-key</code> <var class="Ar">dataset</var>
+    (or, if that fails to work, <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=passphrase</code> <var class="Ar">dataset</var>),
+    and you are hereby asked to report a bug, please.</p>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code>
+    <var class="Ar">dataset</var> can be used to clear the properties and go
+    back to using a passphrase.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="b"><a class="permalink" href="#b"><code class="Fl">-b</code></a>
+    <var class="Ar">backup-file</var></dt>
+  <dd>Save a back-up of the key to <var class="Ar">backup-file</var>, which must
+      not exist beforehand. This back-up <i class="Em">must</i> be stored
+      securely, off-site. In case of a catastrophic event, the key can be loaded
+      by running
+    <div class="Bd Bd-indent"><code class="Li"><code class="Nm">zfs</code>
+      <code class="Cm">load-key</code> <var class="Ar">dataset</var>
+      <code class="Li">&lt;</code>
+      <var class="Ar">backup-file</var></code></div>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">March 4, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-clear-key.8 b/zfs-fido2-clear-key.8
new file mode 100644
index 0000000..f7ab9d5
--- /dev/null
+++ b/zfs-fido2-clear-key.8
@@ -0,0 +1,121 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd March  4, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CLEAR-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-clear-key
+.Nd rewrap ZFS dataset key in passsword and clear tzpfms FIDO2 metadata
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 :
+.Bl -enum -compact -offset 2n -width 2n
+.It
+performs the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=passphrase Ar dataset ,
+.It
+loads the primary and every backup credential, and for each success, if the device containing it supports the
+.Ql credMgmt  \" or credentialMgmtPreview
+feature and has a PIN set, tries to delete the credential from the device,
+.It
+removes the
+.Li xyz.nabijaczleweli:tzpfms.\& Ns Brq Li backend , key
+properties from
+.Ar dataset .
+.El
+.Pp
+For every removal failure and missing device or PIN an instruction for manual removal with
+.Xr fido2-token 1
+is issued.
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-clear-key.8.html b/zfs-fido2-clear-key.8.html
new file mode 100644
index 0000000..97e05e7
--- /dev/null
+++ b/zfs-fido2-clear-key.8.html
@@ -0,0 +1,151 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CLEAR-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code> &#x2014;
+    <span class="Nd">rewrap ZFS dataset key in passsword and clear tzpfms FIDO2
+    metadata</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-clear-key</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>:</p>
+<ol class="Bl-enum Bd-indent Bl-compact">
+  <li>performs the equivalent of <code class="Nm">zfs</code>
+      <code class="Cm">change-key</code> <code class="Fl">-o</code>
+      <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+      <code class="Li">keyformat=passphrase</code>
+      <var class="Ar">dataset</var>,</li>
+  <li>loads the primary and every backup credential, and for each success, if
+      the device containing it supports the
+      &#x2018;<code class="Li">credMgmt</code>&#x2019; feature and has a PIN
+      set, tries to delete the credential from the device,</li>
+  <li>removes the
+      <code class="Li">xyz.nabijaczleweli:tzpfms.</code>{<code class="Li">backend</code>,
+      <code class="Li">key</code>} properties from
+      <var class="Ar">dataset</var>.</li>
+</ol>
+<p class="Pp">For every removal failure and missing device or PIN an instruction
+    for manual removal with
+    <a class="Xr" href="https://manpages.debian.org/bookworm/fido2-token.1">fido2-token(1)</a>
+    is issued.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">March 4, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-load-key.8 b/zfs-fido2-load-key.8
new file mode 100644
index 0000000..247ca04
--- /dev/null
+++ b/zfs-fido2-load-key.8
@@ -0,0 +1,98 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-LOAD-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-load-key
+.Nd load FIDO2-encrypted ZFS dataset key
+.Sh SYNOPSIS
+.Nm
+.Op Fl n
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 ,
+asserts the preserved challenge, HMACking the salt with the on-device secret, and loads the resulting key into
+.Ar dataset .
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl n"
+.It Fl n
+Do a no-op/dry run, can be used even if the key is already loaded.
+Equivalent to
+.Nm zfs Cm load-key Ns 's
+.Fl n
+option.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-load-key.8.html b/zfs-fido2-load-key.8.html
new file mode 100644
index 0000000..ffc6446
--- /dev/null
+++ b/zfs-fido2-load-key.8.html
@@ -0,0 +1,117 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-LOAD-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-load-key</code> &#x2014;
+    <span class="Nd">load FIDO2-encrypted ZFS dataset key</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-load-key</code></td>
+    <td>[<code class="Fl">-n</code>] <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>,
+    asserts the preserved challenge, HMACking the salt with the on-device
+    secret, and loads the resulting key into <var class="Ar">dataset</var>.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+  <dd>Do a no-op/dry run, can be used even if the key is already loaded.
+      Equivalent to <code class="Nm">zfs</code>
+      <code class="Cm">load-key</code>'s <code class="Fl">-n</code> option.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>