From 8841b46e8ef615f706136fcca8e936508d1dbe48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1=20autouploader?=
 <nabijaczleweli/autouploader@nabijaczleweli.xyz>
Date: Tue, 5 Mar 2024 21:51:06 +0000
Subject: [PATCH] Manpage update by job 1162459

---
 tzpfms.pdf                  | Bin 65827 -> 81695 bytes
 tzpfms.ps                   | 951 +++++++++++++++++++++++++-----------
 zfs-fido2-add-backup.8      | 125 +++++
 zfs-fido2-add-backup.8.html | 153 ++++++
 zfs-fido2-change-key.8      | 188 +++++++
 zfs-fido2-change-key.8.html | 207 ++++++++
 zfs-fido2-clear-key.8       | 121 +++++
 zfs-fido2-clear-key.8.html  | 151 ++++++
 zfs-fido2-load-key.8        |  98 ++++
 zfs-fido2-load-key.8.html   | 117 +++++
 10 files changed, 1822 insertions(+), 289 deletions(-)
 create mode 100644 zfs-fido2-add-backup.8
 create mode 100644 zfs-fido2-add-backup.8.html
 create mode 100644 zfs-fido2-change-key.8
 create mode 100644 zfs-fido2-change-key.8.html
 create mode 100644 zfs-fido2-clear-key.8
 create mode 100644 zfs-fido2-clear-key.8.html
 create mode 100644 zfs-fido2-load-key.8
 create mode 100644 zfs-fido2-load-key.8.html

diff --git a/tzpfms.pdf b/tzpfms.pdf
index 7c89f45abdb60d6f5911401aeb4fd02eca87bbf7..d30e51ef0647cb9f720da0ffc444a0ab83c5201e 100644
GIT binary patch
delta 60240
zcmZU)W0NjWmu;CiY1_7K+qP}{B%icx+qP}vq;1>I?6>N6-R_9`w0Eo@u;-W~)-DSC
zllSwd9tIeYqP6L~DUMvzeL+*ITfy8;7R?yc^=f7o)taK&sBYTblF+J4$cc&+02CBO
z`r)>#{FCxMcAY!0Cr<4?S>Y^eXztaikjKCMmZO=B1oO)Z7|SAw+QR$x8$PNley7=q
zUwte}vLOJZ*TpVPMZaag703m}Pjg6&);U<5Y(4^-;<kACcvuV+PWtdN(A~y)`Jrtu
zHqhy_7~-NAIo_rRA*M^^5y3A4hNzlsnE|}aem}<-E0FdSrmZwI4Fj(kXo|B}=5bM!
zQ8%LZ$a#(z2m0=UcIcrqFvnsZ;WD223T+}6TDthiW^T!e0!&$4{KrJUq3bmbGs>|J
z*}8zRm?qh<frM$Y((8#;28AwP+{tVAyeKMu&JOcxtx2rs1<fR<_rWwZtJ*}f*%`|Y
zRtzN{0|#&TGqCVO1?yFT!W+)G&}}EH%vW?4m~M;nE`D)eoQyI8&9inKlBuc|%5Ya4
ztw<=33bXgt`}pBNRj!IA*0|e+7E>%WB`QGW1mHyAIR_-5kSHk2lQo`V_Q&`A-rAiX
zrvu36rDk(z^CiIhGUym*yTcyH!F4QG&cdN~uI}WNfMGf7=Vzd-N*Z-Wsuo^OkZ*1w
z{6;ovRmq)V+PeYAeyqJ@2TZ{;HaHLDO&L`R6t~pyN-=GdTM_|;;A838)&~<LaR|`A
zfLRwRc_8EwI$6|0_!_hgtXyEm@}0ZgP2q03d^56tYzV09CQN{*&_a6$|5+ynLP2dD
zF|XMN3OQ6_l;e4#G@11XegaA)dx@57CV>$ep0}WfbKA-j^-c(AvyX1C9Y)@#BHycJ
zJnFqyjezyjrXc&lH$yI!6DJhzNd+jlYn@)M6yp@_&=Mj&pasB?swG<VQ*sjx3VIb3
zJ8PhDLPAy#;eSnO<oafznz_N6Lq2GVZrUYo#|)x#E;$E|wxPTEN`%oVab11FnJn~M
z8ELuK`ai+z@hsuonFp0sh8sUgt0vMiuq$QWj5pHv2O{lZIqL6udHX9oS^_+QZc;}B
zL_4~5!2d?TG@xpwh*osx+JO!MA9MUQ6r7o)4<94fhGv|SRS$!MCIsym`}G3fVa@Qc
z0fJ|g-(t!&Zm2N@(zlH=MM3Mrz!Z<hG3mz?a&c-_9FbMl`?Cj}HWA`UF6~AIuNKr&
z9W!x6y`g)0j%-rpub)_s2nRq14GVy?>IqgHUmC=dK|;I#aDVV<oJC`#%i4$q|2SlX
zz$}uN*hBazXi9_h|6>-fB&hoV2_-Bs<V!btA9gVPyl^RpnpNU&sV+j{jhNiOJR-b{
zJCtFnI9^0nArsOXp4=5vfeWs5w+;WNwo2VjRE?C0D`!^r#_Obu0|S8A)S!jFMCW^c
zURE{dFk82yP$#F!+FVUGqcg-X_2do$*}hAnKV`-}FJuCCl-^Bhnt#cz*8C{CBg2FU
zRs-6lW9rmkQ~xaM9EPjtcDHBN#ubiZ0eCD%bONLLOjor*rgG>cY8hI|ksF~0ssyTf
zR6qeQfvGp7R97~A+6RoM%fMGhRg0=nFnr3pf45fhU-!<_YLoVf-KVMYMzVUU`L5Tp
zli4A|gUxHkyy<uS5M4B|TrM{fN1#^#rK`S|muGD?P{C{#Dv4XMp-X$EX%w|&)^YDJ
z&CQ8NeeZo@I9!Tl4u_44_4%-%GcL8(q{5xENKlG1BIwRM<^mezOJla3%XSXt>^GG6
znl!d|O??jSS#EXwK<i`Xen+7T62+R)z~0bt83k2vYJU}_br_%LBdLqZ?n3Xblu|@|
zHyxNGRg!g?RS4noNmm+?19v892s`amMK#G5i>vF`E};=pL{<VqCQJO4qS!nJwvS`Q
zbLdnMflX^UmjPfO{<zn(aK}0ZFk9R~u#^oKbYfT-6Cks)jY!8C^HN50EewUdB0hmJ
zId8?L>I~BN-f#`6%qS1CNmP!?kJRYw<<4gCrQ^t8wAqq>htEh+0#ik{LHPN8RVNcE
znZ>SXRdHS_#x03u(XDzZ&(G|`f=8xAItL3=nH4l1odG!}VstV}`LII=nL(#!<=71r
zBbd4%LmNx(1d+L?9y$-Ltyx)T9E#nZz#utaz%Z@(s0m#zSO`g<0lM79>)@EvaA=Io
z6$nP_Ot_VaQLNDDw-EM<p{{DUqQ;w)Rm8Q&XNuG2P+Ksl)|NOl%X;VBNWt1*Tlqf@
zPtl{aE&yIL>^)nZaO4BYu^B86T(NfUu+p@=*}4Vvc^jim6OIWe_|LzdOg-5s8MpMf
z{|+`ed-w%>zlAUk;fLril-fY=zgDZ-Fq-Bx%9_@fKQ9;8pB_KY!>Z1o5y!h}Z1TgF
z*X!=B8$I_8?e|)-SDjU3qAyT~pV9Lh^f2bTDFNFpU@2ry?SsAG{>u5>z>Y^5$OdR%
zm}oMItIMsmM>JBQzZ&Xy7ve&zp|&qNOpd)9GRys;J9*zDHp~?HsrHunYhg8!gDWs}
z6NFR)UwS06!gU#q{_cj{FJlwK4Z`!atxA0Eko$xxKK342G#uoFCcr6TISFB;*xR6_
zA%MA!)&tW7Q;I|8RmNyJrKH2q<IFDx{O6^4!cICsl`sPRL3x&V#GieutY!#99OA;i
z+b{<W=*iIC=+C$nQ>TC~V5%kpel*r2d)OQ8VjW2vRo)0|C=x?3N9#?*D|S!4#JY-q
zZ_3Re?1`16l0Ny~1)Rx|BAgc#G6b=kuYj4W=gh{jct?_XcQUF*sTH&1BB;K-5%o?a
zF!ejtRru&S9lWf{#>Sw?e-k1EUds#d;II*qQ2bDK_FKz1^}5EtYDu?vvK_-xQU3_m
zA>-ggur)#$HP*=0)48w^X_a1W|5z?UlVx~8{l#P~8I|4E<CG?b6Ihnz!+#w`I0MxA
zjUm8;{#NA*nO$>EaXP}^CeO!xVLg^b;OZ1ac*Q1&;aF}jIS`|rk-#OsFN0}O6!w!>
zj}74}Zb4^kAM~sCBVw-e4_skgd1B737=G3daEwM(<J9u?3R;e9fqj)ZCPxem2Z})1
zoO;J?_R4(Qvu=o#Wgqg9@9l_Tn*m-;c(8`4&(<y_PPKT7x+0j9aFi0IWRfn-b~!24
zyE$^Nu@%lhyX$irCwn<&iO!QjkHxCoRN)#g{I|`4oG~4Caq1a&(-64{iocmL%vNM$
z`Fu#gm7r|s>~xn2h~8r{nqPf{f&bDZbq8-N|BFT><W-P_PX{lu#s*)y{Qy{xekUM2
zyTU}PMZ_E;D^g0irX7=o(-MQ~udH!Q8Kqc?v-Q|ACJ+tML(u9mx^~em!c2B9HwMGP
zq>izsBymWqzB?<f2JibzBSQ`aYekm%cVNH4jhfL1HAA{pUO$LL5G^8vw@<UM-6(VP
zy9%v$jl)P{a$~PMhaS$+R|9gc6c;5}cZQkp^G`1I^dxr@W<;vc?W3*O8<gmrz>kX+
z-8a9Zg!wyTwo*v%2z`NPY&YF-5-yacoKg+Fp~<@BP*^V?*PoslZpHD!cpRzykuf2u
zMaexvPK@u-f*Hy)MuK&qRiE+BhP!xN5m74w=#j*LnH1gZ6b8V);Q?o|F%|_YZI1;v
zoyst&g1!yzIu?$Uea@~WSjDk*w!av$kNGmu)D?CMjO+c;I7MS_AZA_FZ90%OnY7W?
z2yKqtFVlt<DI<IoATh2c0{5<e*P=?jCYPj5$<PbQvCf8FeFaT1%VqLm$9T@L=;FIZ
zLal<^Y;a(<AiQJfP5>#^Oh=-gjFB#T{srN?9QUI@O8P5%_~)$Wbv>NSjBfpw+_o%4
zrV8x;#z>}=pjzrDO{joXwZQrHG?rU^+?*S6v2OR%@*OZ8in$oAq&%L9BV4dgvyx7-
zlX{+7biEk8Ei@K6PRj_!zrN3p=bA=C4Kc58Xke>VG$y5PHv!2C?|YX(j1Pz0tNtWa
zo$<*moyOrs6qnvN;qW3AP$Lk91glo6-Pi!7z|VI*y5HOIoo6b<$g1b{zjU7`o#*CA
zXs@Q~%TuHbzYiZchh^o%g|FIMyPzRBh%J2azF}wx81K#%eSs}BX1`TdCthC9N^BAE
z*Q3XB^{1z4w}9}kc5CnCu-u)uG>;;#8mKBzpB?44QL7XN7j1NuHmmycPVV=DEU`&;
z0Y^O0utbU~h6!t}6O&e}u^a)|uyhJ*=_dr-yJSbmD?ZN%xRl#_BI1sceWxuPGmzcp
zB9Hi}AqFqbG8{v>8}B{uoyIm2R^@9CZjpq7p?VePR{&p8O>Vnf)qPp56}WNa9peBm
zxUb8&S4qV^egiqVOT!pkbepl#5~sx8KGVM7-5q8B%L+&OmNmD)2gTRBK-Y({x0$`E
zi>tGlksb7ZZVtxQ(Cmbag#UH2Ftf7$&y0!d{~hx3GRT_QTew;hGBXk~CM`e_14^{z
zk~T+?dT#5|b;ePFjlg%^eKd8d{-RiwTrs<^Cr*JS4w2C!=L0)ZU1X{#f6#oydGZBe
z`8bkoN}UtJ{4p=>GU)T$J~YTUbv{|hd$~Qn88mst=+k$6PHq9vd0bt-k0foT<4><*
ze3;D|4;(CcBqh&yU;ul3k6Sz*0!EI;EIekLF3T7~9%tIpH~>A)KYq_cSyB(?lQ;5i
zBp!?J3>bqjdi$T67QLP6-Q$s0`sx7XzILK428OTUXV1)5h9!nGia5W$H^%$+A7BTv
z1jR1%5u(jTg&VnDo?IHs2#Pi<n@AGjYJV3_zhd^zjw^O($3a#miS9xIK<<|FjvsY9
zjzq2@JjO-H>*a>lX_YePl$`pO%xMkp^VNBW!aPaO1t4|XJt1r3n%68*J51KNs(QkD
zy}qpmOSdNDE|-Q^!`mQNb8!<xJvianM9ckiU8Q_RUjcfeQKTtBEQz5>ymswin7K52
zLfx5Kc=hq0=|eoj@l)A5U>96p)`vrWKXP1diQhwDtJ}xT!<XX$E8FL$*0#kNef{Cu
zsBYJ9TA@w?2FyNFJh$QEu<(1GBQLZ3+^u0j9UddD@FgZsJTKHg=rrS2r|;6kEB{{4
zK$OorPk-Cj#rxaZ@B5)NMv)oT%c29w*aWS@b0U%+x8ic7VF%p^U}r#8rPn%RGl7_P
zF9e!a1`N2$H(wNN?wb|AiK+)STK(KE5cG+eI&)3n-e%gh*Xl?Eo65?ZFxJX>k<&-7
zrk)Bt{$OI}*Xbw%<s^pG+kO0n#Qo}z8O-Nnv8w@KpzDs?+v5s5<_1#p;)^ChXtji2
z5AKg{aonJfmkDYCnyX3k=O&@U>$0THV9I>mdVz5R0!F1a)*||!{}Eo-pjR%3!dLW}
zhHZ#4vButUd59pv<1&%P-z-VZTR_NF*kre?o5noU2XW9+8Ytu*t8Gum4^K5x9x3OL
z)~(a)04tIiRi^DoR*=G~dd;mlB{6W+%vA@0DI#L^U&B8GAngc61sZ&`2wpxLt-bo$
z$RU^xOtGw*rc&kU_TS9=?Rr$@XyL{^R!*tP8Q9=6SR2cYa@+$6yu-a2c<NS7{1g>E
zNhhp6_iy^GFhfT#OvD}DpCrlXj8~79dTx_!5HUq%sgDEK;EY-srH)$Sy~n3SdiXM)
zfN$|1%~>V^X{_M;j!ioszP<X($CT^m`MsWGH0n8*a8B>ZBcs-6@B7HTyE+Fg#0nC|
z1&7H=5{r(B%fb80(bqJ3fBuahXSYQZ+buBpGlqBf_hV-x!RVPIo}(?N+v>205yC)y
z*^z1W)=uK#@zl|h_9zN9nmg2YB-O2p<hJxTha>X?JQg|mikgnq&6ho~o$xiuqrU0W
zc4RGJaZJUjE%88drG=YbL{>lvZ-E(i&7*2;@6)`X32Uz3Bq~L|kxSJi=HH_+!N1!7
z+-OG7!H`!~R<pKuFKJ*tfHB&$r`K>hE=2ZLd_3h%HV86R9o2<(6Dt@8<)n&wE{tCo
zO;(r#Mi+v85bzmm1=Kx*u9$ojIRxd^Ym%ez@bk3`sIg?4`}30y#1xO^v8o@hxQ3Im
zf25B8aB%H+2o>7_%EHUzwKI#KP=_-LH#Yk5yp18VX}*R}6rwO6)Lb@X+}$V!!`rX)
z(HoVm!PpakX<9%PjB&d?!s};RO8&%C4(wF|uBjMq*7>V4QM&xNjj3W$Uqs*5qhZEl
zi>ElzzWYV)UxVmBfZOHOf@~?U4nSG7EpXH%`ur!C8)n}VQF5?!{0Iz6trEY$&3f6h
zD;R@}DKreQA)r+_CiLoR9bC0hu~BkytZt$ltH=8vS(`TdK_hTn$!b#4AXo6uYcOL0
z^AW0oy_^N7awj;I((m*Jy*0pzw`ES1Q3<-b!U_M7(0tApeBqDGpa(f0chtfj5Fxk0
zrV9)#CSzkQAStx;rY7TQUhYDgI1B!1K;m$g&9=(vJg<>gaqMMvFWlBbF7Z#GU8+1p
zHPt;3DG^@nJIw#dQ9+R}DiT->1~x(hgck?FLOi)Ch|v0-8S2w4#;UdMqPT}$1BF#e
ziA24-!##mIkO$pRMa!ibv3v0?lnyDCAk(g+qeZ*{A|;E7rO6$)jp9<QxzvB>b?uF1
z`en!hZ)dHOEVzW)6Y7@flxn9aKO)~iEF1kjBo-O8be}@lta+`q;<eYGe9J}woS4m*
zkxSTg(XGe6_J$%+864h;P;bE8ZJWvzLg|6D;iS~#Ta^<?{?#Bd#8y*-$wXDufwe~O
z-T1%8ONw`pdYLW91{SJIelIsqJ9Ld=KQgU8eJK(hGkumjx2s(nC5lpVf<4?8BWoH%
z-@>B#G<xcgoPm}cZ-7}ReVapo;ongGqGf?UWP9xc@S!`62AL~0Q;uW*+TPa$zphN4
zDxG%6cZffSjI$UB7GMUiIPFCiz+W=O^kBEcJB#><#-7IWf1iilwyENXQE&b}pnQuk
zrT-LP!u&;5iQ80Z$b)eMv41sAGH57Mq0mV6RjdwJVm}UDdo7=x6j}lYkUnYsW6yE$
z#$NI#&*vvYHkp4~Dq8(H!Q7|RAOVD^uAqRD*v(Ulabg+sZX_S4CL7#LHo^akOUO@H
zCLcoHHd+Y^M>g+Kn6dn5U{|M<;>4i~Q_d!3640^NF|U$9Z<_z>%7iKn|BU-nkP+^&
z0wSz|#kp2ea8%@y1rUJ;;GkW_&QbY~NW}kbRVFPL_o$><Fae?NvlMDG1KtPeC^^!0
zS#wBv;Y0P-jH3AM_PtqJ*DkzSLdNP`OO4XDNklj^5o%9_M*YT7+f<4+b8k*jafI_#
zS$ck*mm!n3B3o!(8i(qcd{)^oX#1+l)mMa9b0D;<MEh*ZG_iCCV5aB_6hAm53V)I;
zg=y-Of`+=BenY2(ueD1#UXvq>%3dA{^4U(H2aY|dvJ&H7Ru-C)J)<q9tEtFOQthEw
zRM`stl)D;CnDvgys7{5$^qNvyWZBl?3W3?F;J4B|fo8^#&pDF;OU{abdrztZBf5Tn
zSD#M{i8u`9b{1d&T3_Nf@FGYN<yZd#8nZTt5yNNxo`sRO<BWr>+NO`-#weMZTPDSs
zQ1`z(u`b%~W!ZJ83O~@)$VhZKK?2#Ey{=nJ>Jwa>Xh_!YWsbVdXsEg4qUDe}b`+c{
zNP;pJSr84t1+1b{Xs=Le2$xtD5-Xr(qJ|W%ipH=KiK>kOHo)_B0bC$w&xTr@D27c#
z{%-7OieE+ti>5QFv_$#3A-j0I|H@VQj5~DkD<en2U|2C_Yo8IhBq?mL;aZ9)x7Ft%
z*W-$i+7~F1Y|x7NCZ6QOD$ub7PThRtm$Xu2e5x<)bTV2mM;49prb4%A@yHzc__i~2
z{RBb&UOVyw?nQXIpl19LaQG<e0><T<Bn2ew%CZ5Ptv!)ajC{U2*_v*Y(8Y(CZb}aS
zp#7n?SF$y*Um7qGS}e=41elj1p8~*D=$Ih6GjLm6s&<-9wx^tiS7xU<v=&=Cdq3tI
z9ccf#kE`6ciwZs)btF57SO&;b?jc6)t&XVv<)#k<h&Qb^;5q9gG>Xorv{7bSic^O>
zcP0rc71vvwZC-lyRopd3V&m<<hge@DHTOn~Mw~J4B`w#xkno2Go;6KicX9Hxsi`2?
z3wy1}gNZ5J&OBI2wlR+5ayC!lQjQecL<F)s?di0t>!neANu`SX_HPw^(8~@usPhYz
z#+-ft?yRxLwlf=m=fbHf;$2;)6r6OPAlsh1`Q0~9^~_ZRS{v2qu2k_=Ma0CyYqKue
zte4J4_}Q`<amljEi7!P?{6_Qf>cecf8EK$Blb>8CZ=u+4|GuJ7#BtxOFjPf>z$svd
zHl`L=B8gCe-patNi^wf&v^5mpEL>?rc-XrEBx(wFG4z8@IxmG)gN#-`2<(RlOMG{i
z0=jG!g_Kw2VZwozG36@#*DetZ;JP=`x?jjHfcrOC8-jE~)u2L#IY7#ER<?A#+(9fU
zc8<qMlON)<w8qxxUH1zxXNF-pEyjML^@q*FZnmruh1+mcm7DRS+F`Cox;UO;!;-N8
zg8tL-<Mh5`$Ki~whs|Y@Mec7^p}H{FXm&9@nouOky+<q@H1me7vJB;aQ&<l}D*5J7
zRTN@8E5$1t&Z+{mxZ(|T@y2YM^>qwH<IV8f%);6%+%LKl=)2TQLQ7@b&9uiISPF8C
zf*KR};qDMHtjF9411ZHhV{R@(*@kQY*@adR#`s8vjM+SSLy*QCjT}-vpSJ@gop)hP
zggNc1;?HQWhi+?7R++0d(`)r3m+^0BYEB;OW_~|YSdTu`R9!YF&43a=x5w@0nn+L&
z6&p7m`~0bpEDQ|}mzNxBF-1Q0E;)LKI)*+!KQ|8U%%B}IxFP#c_TT&ECJYaNKwoEf
zm-qAa_3`%d+^#+!z|D;Z#N^g^2u673)F5x(xV$ms1k~(O@Ng-1>1oN9@n=R=AhqTU
zyBKd<M@}6-lP?&!ClTYxKs$Fi^Y%NqmIyBOYFpo<XyfN+Y+6|3z^kI?0A6LYD-pY(
z2-Q;1=|_boU74<6z}G#u(%KgQbfsM55Zj}D+a+YH`cT~C34FI?wsQAYe$RwK?y7+9
zd2cHFnyVJJN6Ky5V?>ZvWCZI~GEbaOwaLY@<i%}Ih=lITMS3tH0`El4!f1%mjTJbr
ze?U{Pyz}A@43gsXC~(<u&gsK#Sqfx(gzl!qcGppxAvp}ouZFyhGH?WFra@r)tWTNT
ztZY0v`K7gdkY+DN@Y0@R$*OAH<f&~w>DHO-$@MU+t{^Ne2f^3|8(SDac|Us&y^Gf#
z{Hu*HDo=mOcJHJh(o#Dt#Qe0!+VMDY^i!|W1a9~Xvv{NkF_Mi*Lr&$uL&Mi@yn{Ls
z3qC1F&d>-=1ZghY&-7P5+qttd$FXH{`Rjn-?a?4wXcqZ@b=v<btN*9eaxnhiQp?Qt
zze_E9(i{{SKts=AlO1(L|C=V<SkSD$Q0$^h!3MicX0uuAz<4duD4%RYnIx)Ka!k(P
zb%UTsMmf=p!j7X@P%)wVb<5?Z!<3&00p;jC@5Q4P-_w%qgO&J%#u{K|<H}4R$6)ep
z)Qh`5^JfHgq#`Z}b!N55-%#LT!H2{7$H()ymzT#Eps<b6#}9b5KIzT)b~+^GFmZKb
zKr@ItC6HKxVS4rrXPJ|j<*Hhb<WQJ_hF{>td53zD%523s>d=390tpC;khlW5k|wrp
zZ1kF<ewx|(_<BkVwu7UWGR_79T8)zp&5PJxz`)vs&4uz?aP*+cWK)SeEl1zPwu=mv
zighmmP$O1R7emKRZrD?c#h`a1a~EIkkE@DS#C1gm(4u&72u=B#0n3L;i3PRB2S^Ri
zmm*!paMK5dW{MplTifKvt?o?&kvhN*XH)stD9)_lLVd<)_{`XZ4FCJ`@N<fdOysDZ
zhzuZJien;eM7qWBUh~@aJ2vaFE&!419|7$LC<P1E;n)9i?%AA5&5W@Q=VE-$-at{a
zH7XOoK_~?vX#UvzbOxm=Uy)h;D_pY+O&<NEH&)hOCYQ7nb|;(fD%bS=%;yoT3chjz
z-yNP%H-SmwuC9jrr_6^J2%{_ukyGvENJXxc=^hPopJ-7ys{<leP-zHl*BiGfCwz4Y
zxX?r1A8tk<cQV#Ko2J&jvj+V*4V>y^(<=5bEyA=-{X_R>1Y+%g@Sa;wAWgXdM<Of{
zu}aw7L^QuX->q;KD=RxshAf7T*1~EE%T-~`f|!-xxLL-HCD*^(b3(l(zH&NVNzc9@
z57V)TXlcV_xgVMS8B*SxK=ZYq%Tb{gaBV`1{%0+!JJpUP1|M7Pm|oL8Y9V90_*9D9
zb-zU=5Y^<sDDDrErEUwICITBglqSjbl{*7IOIU;9PzLJr@RAYCd@69YEfF>&96#wy
z$sfz8mw(8(VhI8ErMUn0^x%gDPkr?4a9F%uVF{Z{4mUEEO$0{ft%o~kaH2K|0O-)U
z%|789uz@^7Az@aCPdir9t>x{!?$UcE!hywYk)hA8=T}EVRU!dJcmArDvgyJo!!{^r
zYR3mQ^punD#<F~upV!c8#x4K;P#Iw+L3{bLaUIBkVoQR#);3UC_G>ZkO>wc+NJGL)
zQT+67bulm2R{dRBXobi=0Fp&}0?37!U~66VVRVaQ6|Zb)QT4GK#^Z{s=Uc_v?dd6*
zgC%axfETBD8ALT(#Cbu%AI2US&oE<{3l6DyJ0ULWf+8Cw&(}`9od)Ps3|zQLnnbDI
zYhQGgKZD?R8Oa(EZy-|-IO_!n9V@pZ_ONoZCe*@}A~>kxh@%@fE!0}?0pO=w=)Zty
zpz`-O6ZW?5$B^`SX87(vjw~mIhgLw*pa}WWt#T|ia2eH<aVNzlh#t5IZ?mLLb+%Vu
zj6)-|DO(ceN*BK%eU1i-4k7k(r2A=8-u${KSprxZa$7x15vF0{vL$-F-I%<cUcTru
zhj5N()S`&EmNsrn{9Rf}0Rd}%^~34#bjSUwJ7|SA9L-zo=6kp)>4PPUeYw3lMdY?1
z4A|{{g5S0}4JYeLzJD&FUfbRUBuILuK$LY+%f>7w5awo9U{<yYX<BAvh<;z+ZBE&e
zJ~nvv+u9iW@f5FxlD;8OJx+<|JYA9nA|XUhoZat#lpXFs=O=kk0p9=VLTKDfRY;{)
zOJF~D7Z;2rFl8t`I|w(m3Mu1YsWX_l-uO@|5E#}UD6+E;BvZYr?pLHndslze<kJi$
z&EQ`+GuhCuHWOGlEnlh_vW~TXln3w_h@gh?1@OrDW1n68))JO3H%uCDhfqgjR<pqM
zqmK(p_UxSJZOIvZ0c%e0gvD`I994Kc(4g%SL99OGvSD7htx2z4OKZy4<qHS^4u7-C
zU;lH4(p0{q7$N-wV5_@TsN|49C=gX(ANdFbG0vsnj2Vf(fw{gXVmGJ%oe2M<Ihj~F
zng2&~GXEdV32zPk|9MUp#{Z54O*@Azc4YCs4-G`I085xC^omy?uvshin$5L)&o;j1
z*@8W3-8$=<=7i=QTlm-WUc3j54+4i!)MxXu4q~uGdNJpd3{UgieVzkFaon%PpB!5S
zTxXAmo8SrqsZWhYGKN$N3l5^6dfmLUI4meGD3dgCCM|mfpD^b+vZ*0J#PelU$oIv;
zF^)ap)637#<d^gJxCX5!Ct;+){>Z)c>pPf-|F{-rjCK*_QW^C?UVUx}`gwwx%ZcQo
zk<(tFoWW^g01O<5B<viFp}1gdxukF{D%<D6ddog2<nQ3R+!nX7i$Eb#x=~j^=jlav
z-xw(9;kYK}SV$Aj=td17dx6oBvjIzkz(;fSg<D3(o}vRa#g`$jeW=6_^+JZ{NweH<
z3F5bnxs<9+OV9+o{X)$1Y{qEGM82!PJg6*iHD#?}jub7X+)U(Vb1|Kp&b8u{yJ7vP
zHR~wBl;jX-v7ZASt?NhmSuCoB?4na0+zBI}iRjFZswz30m<$>K^v`Flrj1Q$fKX>0
zQYT|nM7#)}y;+B3bL5Y(5h!eew!xS4^NE*JLwbH)Zw3g%za{;MBfmbIK6khS+@#5K
z`ak*P9?avQ0LSa8_k+!>sLSJ#EShh#w=-i1-`<wl)tKt>q3HM2>c(d#nj7<9-5<to
z{yo++VGdTHL)KXU+}tHBUpO!h;fLQmp3)S*F#J&+REQesveW8#GH#<eOTaWl<sZBP
zS6A|0v6BZK7^mzJ)>uzOtwu?mJXph8g`wOW>d~a8Z1?MqSg$|lI5=lMDfH2aIn^s>
zCD(T*<pkYsNDmDqZcPcIy_*&!sqI8=dO@Q>XY=7yQ3vAy8w_VH)?!@+6^c;Hzu-*c
z_=&cnP84t^M9Qo$(KdkOYxmu|9k9h|`?bWh2+PLCH*<}YO+A*5XrT<poI91Ub$d)D
z{0}|mp#aEm%ieY1P4_J6GtIa}uD{eNU9imc+0?_DN3lw$$wwuUXh%R|Q7Ixr?Lpoe
zW;#lEXlciQ_FTtuBE43=ao{^2Al|EGUQ#JCm2hG52NgG5PKjbk_Tn9ii0Vs~#2Tob
zjLIfXR9y6DawfAykyOdVWHFLPkTWr6Iebfmba)YN?PtF>nyS)K77ESJ=*HX-%eCWe
zcM$xi`dDBas!U(9lyw{>6roy%TF5<L=}hV*M=>aX`e|drWWbI}W2h{nyi*>xJT4W1
zJX(Y;xEi_PVR?J9s<TdPKX|MsNpZj>@XH3(mfK<)C}F6B^DELH+}O~V>xa)n2<>pS
zmo7>EqX)vrtBzV|S6JvrxxsH6=UfRn?_o!il(!^R+$#~F!oPxr4IV*NGw;7Q-pHK$
zZdoJ%(r)`;GSnpS!@xTQPLnP~h$oXZcYZlM?#Lj#;Go$%X|Rd11cJ8bHis#7wo({V
z7DV13SUp`d=Hnr!bTGS$pxAkn5*s~_&*Gh$Fl!>{PCeo&IdX@lPH}jv-jVnmCqxhT
zKYY9X<>|MDgjz}*%lrexWp7=}(w7M(u=1Ax+jCgB+<KRM>$@oU-d-y=uzxPRXRP`d
zoZIJF$c=Wm-T89LdJsF>ut(<VLx5-fQttc#NzHL89!0O`K!^NO@oS^_?5!tGI(sA>
z;C|tZ$pWylM)^wHu=<6H4akNO*ys#{Zy%>3YG%-P439uMNLSGvUA@`5)FX=!s^MzD
z>D&9v$a~c4;|MB8xoN|#2i~gokJtBw^Zn-YyRp;v_sqNT&*tmn>gr=wgG`XKG@iol
z_W@*W`SgLIy{Y{ug6lQ%C$6>eZe6~r`kH7xp0wTr(<3#N@;DiYR&Yy${hkDHWWyFm
zmv0gO1oRh%X%?y-n)A1R=$2$*)bkQRjw8^0dd<K!$rI_Q$3gMM<QlRVM%uEum=Xr+
zq$=Ed97$Hao#w&U9DCS`{V^MJ?Oc0CD8*ebPtYZ7>l$H|(cDvBJyG>Dkk{0BBg<IU
zS!A_IO+8yqEy_f45|l3b0`8q8Bb>har(j}Fd~q>`Q<A}fSciz0CEZbQH>4l%s(Mko
z1#z#sfG;ebV!^FqAhHC?cSzUQ+mfmftOS9eng;zKexjI?5T=-+a+R*A@W&s<8S8`i
zwfeAiYxT&awra6Am0E)NY;R4LX5AmQq6JD9%aC3}*vzo@YRfZkTyL?lp~62}^A>tL
zG6O>s0>>{w+B00Z&D3#fwFeBqIR^JHVenmY!g<Z$uvWiCF_5S*b6@((`O>}*Yzhq`
zH%lmAMx*wjWNM{ujg%oqvAedo#*L7<oRY|@IZt{G1-K*l$0FnhlIBtRq!hQUSCF_<
z5Bp-^%TXGf59AJeMHUG5jzan(df3*XH%`Rcf&Vx7-Gvc(u$EMjCk-87T;&y+_}H;!
zZB_f@;pr>Io>48DVhc`!5N2y$%7UxWv;Iv>!PGb;{5ZZx*#FlZyh{Pc$HsU4Bn+i<
zWnYF)TJ6>H5i*r2wZ@7mETiobHEbL4-+(6T_$)FomnqOKHO9#Il00}r<OlUj%BvL5
z$hK_OL_rnC<iBc9_W!)UpiWGGInP^&SdG$uVGGCgpbEL|fK_AJaTcOApM$sEkA@Ht
zC44_YI#4b!{G*Vr7nN7UK1)%8FA9K1@h}NHiCoLWg&D%R1$HgmM0ThXR~@xupX`So
z@uPw=9mYtka0mM5XY8WGRM2cb&|%mbc4y@q3@i?6DKE)oygKp$)<`>gggp<yIJVV@
zPIJIxtng|b{@juJj3YdHDT+n|>=~yQZh^?#qxleG+q^reiLir=pi&hVsH(N>-;qW>
zPO<w91se@Mk(iNwis6@yoMc|bA_z-&f1dOQ!j~co_jNFPW#CAa83dki;ISQKe0Hg#
z;yga3m+?xrc$OUjHZxHfRk?7O%_-8G*YJ2?{MNja!e{{yAz;0D?hPnv<mw&O1Xe<r
z@C9xjtU^tG-duqDMGq9JvpB(!VpWwa+NBE8IduY|)qqN^8N+l%sg}N=inkkh;6QS=
ze-w?Cgy5ZZ3sSS|3yR9UODfn;U-raj+iHcKq5sk_*SvxNCfSySy<$N}P%YQLYvUji
zG64;X1z(!LY}2Mtc&d0lYo^xa__BRTJ3~2;+Hq3xGwP)5cYPNGg<tn)Xo6V#La&JL
zKj-UUa&XNRF|^jUqI6hi(=S3NAB>;W6n6{2zVmQt5{g@R?4?Lv5G@d6oWAlsR31D>
zYG8PZ6JZkopW^|rJnxwHk%r10P+n-(kkum2LSh0nRupzjl>F_LV^InPS_!hH615CU
zsQgXlrA4{LtBX?$i}T^P{(>8eJY{EG8yl~!y2j#SsSZAyTP|-=gRwG&Mh_>x-<N|g
zHZ4DZ-}7N%3lX+N7homWcY|!+T4a4Fthh0sn1CHnBE{LbqfvPzs~hcf^ZDh1^cL=4
za1?w3x}fmVQJ$+1Mt;X|<^2vIKi=K~DQMs6&b~3r+veD<6?IcUpW&aG{9w54Yw<&5
zWADLu_`#QM2UGG+HvRq2hC!NH=A^ar?-|&Ex!<=qLKHq+Y0|;N!3EEQa1D6!SOC{s
z*)2NYkj8EeZ{(W?^=yq@A&Z&LN^iz--qg=_LC)nx>{pTXFdv6xx9M)=%=Vi|r%W(T
zs)gw>@Ok7d<XpCo@tZE}M}LUS@#P8&UfrmF3~K@}3BN4pRj-`m+eD^uVl*1Wh<TFD
zt@e|1|KC6aqaqg`oEy^<ro8NriD~pQOCKJ9?FSY6F})Nzml#te#BV-R`zf3y=#Cje
zu!&v?9OX9Ik@DuwWm@-c(D)+#{o&~L?i65pMrH87xSQpFObjz8+yCWm7MA~IVpv%J
zGg4*{x3YCLb0%a++JeFaXzDo}vZIgm{x^dsU?7nseq@);xbo&SCk^9x!!&0U8q#vB
zlgQvl#Ew07Iz)Zbe8+i9MIzUjy0=OClcI~|df#%L>Yt!MGYSQKT=><tCIRuu^2>$)
zpt=dD>pYorarMb9K}<al(~?sbP)=aVvovqXcN^@`eR-rgH~`9j_su)Me32#62OG`!
zBZzS!VCfK0ZVzgH53f$+^go;;(Z|#yYqX^YfgqwYmUqzV-hwRkD=1JUEITsmQCSkr
zwgX?J`Jk6TLBfiG&u5L&|ET5-Rq-(_U?M|N!5_k>M2Yb|f%e1b<nEg5W&2?w$~Hm1
z)2=w^8o)w?r2`siTjDJ)2Hxq2wyTo&NWp3O3%mx>+%D^)x=a1E9=8Cf5)|ANO{D&D
z)49LY2C>ZZz=QPT!Q_={E?ZIwRgOxtWDX&sae9)Z%$6j$8(*1CK}yxMl8j_PoTC-`
zt#9ui=DqE@(ZoTjya<t}9e_EFxX&D|?J*H6g1K$WA^@U=7VcW+k5bI;75>*o&uAwE
zlDrn;+OWrdCYvuUDOvi$8q~?P?fv%kv5%*xi?7!#BK&|Lg2=xXR5-7HXp@e~N>O60
zBOjWo2qcoUgS7c`NEJ_cD;SfAVc+f$wdzc7k_;q&B%JybXhI)QvdM~R`U0g`r+aV0
zgzd#AVgN#l3ER?s>oslHlsB>jRTx{ImF|nM(87mHC~ExQZtp=!ir`kb(j`_Nfm`eB
zXXrWi!2FKfEe^Y$b~M=Q#2rYMtB`MpR?uJYfsBuYsmq~hz5F{Ch#YvV#h!rEltM2=
zi?i?L5!DXx2<F=^iSme@`s0$N^LfB>%71p+)c~SJ5wEJ%h5?#v!ns8H$C6YFdq9|<
z%9V2XGYje*u=P#!F?U(=U7Ur3Edi7_F%^l=;n)<Dd}cOtP&(w*Ttmu{QU@1`;r5H;
z_SlEEcez3#@jT-(Y#16c0XBG}zN>CQoRc9(Vo;uQVqMmeIkXqham&ey*&*<SI5kBU
zqk#B5PW)*jT1!XKQQ@E<Aw89tV>>v)%8fdYQ%@JsnO<%Y8vO$AfET)c<T7@2GEQK<
ztp2>GAxH}Ax@FQJSqm#mD|NI*N+?I^@V3;>%1%R7E4D_kpp86iGBD|o3Nb7<O1p{A
zCdfTWWu2AOE+0tE#F!ykoPoz8^XzdqKfoa>L_>_}i<Q9|x+#d96R+x<)tbPNDWtNM
zP+_i%FOjfpV>;{;W4Cm^37M4vK^wwA$3i*EI_cj!?J}Jw3x9fLbl>Ifp`GW;G^!EG
z`T@4H^=E~&whh((s}FSr))G~4huS*xRhg$GdeF5I$G4H||8z8jrV&X}Kh!<iK!6(i
z-Z8_Yhep)y2}ab&*Z1{^@yq7tdf5AwyXa#1D~@3x*XIn<QNzkL&|c|_X$v9qB6#~4
z*2aD7wjH+O->APuTQxh@fE8uXAth2lF|c0KY3aeR?g^!yw62~dnMmpH6=}^*JGT{0
zRM1m9ZidxEMlEP|+3`Hsq~QKOT0o;#EHjGa0x=seC8?Solz-hjaPh412oNVtOkuBG
zHrn36Jdw)DL{Je^=umK@kxSBOA#F;n(BWCd-haXhmSUKl^!BT_e0HoE-b-zyRG|&$
zY0P?Q1$nw~*m+e_M8~=uZ`zJjF_-GxTZBG-uPR1mn1vD?wjB4Vl9)yI8vvvhC$bHh
z3g~%EWk_B?MOe1cJBp$7V3ZX!HUn0T-}6B8SxvF>VttC;^x7>1qzRYlb>TY}`=di$
z(C6#mAvwVPsRUjda)WT&i{#IqqiIOW8JYrz)o*Eq)+WN08eHRfyNiH!gtOR)#qa=!
z%q(JG9PNq4q=N{Paa>WL0_af#LpqdRNR5`i*6)Hi*95F?6Ee-GSoc2Jey2wN&2TNr
z;us7AYSpC%Q)7!C9k$xwfuOH=i<+bbi37GzaXU5FqZJfgS)6yh9m3M?vd`(rK|%(9
z4|5gSiS`<^F52VkzryGLhW^6x4{oFhcPFlULl;MW%%BXJOdy+Z2Ka@rhgkk?+TeTz
zfwsLl-8=jS^2V$TsjRkPodX(csI)*x?}2@r{VY9{h-bXLizy7<0<ziPyo1EA(srL`
zjtpvcPz=k-`e)i+!F5%wCJYZ&{Mvi8e27UApj{Fa<%{EoMgd62PG33{D@j0qNP(db
zR_gDdlWy}KtT$)r1S}jH!WFVWEd@-%rBPIR0k`E1A{G?hZem0uNEK4KdJ=zjquVX(
znVPg1vq|kyZ~mwAqr$h7MlbTu&WX`1NYFi?yVIm}cRl#1pX7)AEHd%QI3<R-+XyEq
z!INyZNg4-#J9(9w_Xi57y3s_T{R4A&6(l<rySS2`sB&G}1JHzxgTwu4b+SAKIk)r-
znP>J&n>SOkYovXqLn2xH4|$e+-)(700h^^K_P?QWYDn}=);Rp}Ak5UNz`INfE;xn|
z-&$c*%Ipe_6r2F7fB5W7*d{%RCPSsAbuLXb`qG@X*wxeb5uAF(SQVh>PLq=GAULJA
z+R+Z&>>9P&1hh|JEj`s&D0S^#1HozE;=pkW<an~MJv?)SQ=~C0;elP|IHN8%`}e}3
zx)?m1Jpa9cHVnqw+RGyeTvN%fnc;94yG{Ik-?8<c%aUl0|LiW`6!`whc?ESyvE2zD
zlOP1%YTHB_`DH*=&~VF*GI#a6(yz3)c*J3`59P$417uE3UEVI>e6x<aVwU{ge;+(a
z670w?Kf)us3R8JpUp~5MowC_yRbZ<vqoFw*y&F*b8GOxZ7)ZNN$ra7>gg0^;0H{_x
zb>h5BayWTU#d>zOPJh({MVkL>{nEEYyouDjEV?+LB+LbG4y1jA5eLOJ`yklCkohXu
z*30ArknPmbM7D_WEbr;n6<?k~<CTjQ<%R7wGzpN4fkN~6MFa`}2EiO)8Dr|aDloiA
zl9ZdOc$MGc@P>bt%FHDaL?0|tg`13!cv5dV{tqEN6DU|}4*qXK`Y-bNuLVqIW>${>
zF_SDDgp5f4J^lZgNzVV6Nm9U!=70Y|^F7s&Em1b3Boj;@;B$zap|c^Gh#jwyPJJ0d
z#EcAgDgai5Rr>^^|Bd`*;sc#F1WMG_S+Cjt7es1U`uTM2%E3>(IXHeIuzky!w|3_D
z;1oEbvh*G4^0esV?1XU#@wi;f7p)|yh{&amS>VYZAi%pT^te6z1~}a{Kl!?j@$_ZO
z>SG!7u&`{c!%5AX0puZWHiaMde|s`B*;@+TYCQ{gH}JB?QOH|zaYlB6KEnab9x*WK
zL)q;OMAsU9iJKRUWmsJElXh9`qVB3NJd_}|N%bv5@^@W*3ie(aHTFOnDU;_*zeYyz
zMz_@hYx>)un3<3u0Qed$>$c7;GMC~*yIoX{`%*Mli>0f`<7KV>1|?!a$Q$#SY~`L?
z)eqRm)dgQlQG!Neq<^k^(V#P$cI|h&bM$7!83*X`_NnEhjsKA{rLq3hZ#S2zkwPh9
zVvq>cqKWm=f!-fKE8z&KeExh3Yn4y*x1u2%<i0D%w0JQ50N7dw9(->uZnXdPxF7Lh
z6$RU6J}c?Qe$%y|Jv!1U>>t#!YbD@@oP_Rz*nRR^u1DD1ifJL@YAfxPi)ux~I?;|b
z*hRRcm{+TVZNWTWBcXfhQF~K1+0DMmOfSR`AIV6jnpwr3(JY@bHU|UPa(cSEym<P&
zTzLNcEBhL32ZUNzD>a#0s+ntfiWA0&VBmB$w@YMIZq-*xX~j%}G!WOmWRZsmR5jXO
z5X|k&{mx$B72~x&C<^h2?Csjn^)s+y=2oN4^GCuvVyI95Lw_ItgCAc{!m;Tbq!=Hx
z6tsgi-PsoEv$vUwQZ5VpKthtyTI#CiK2lZ<+WD9x2r#}`i%!4KM1P(B>VGLh9klmo
zE^(z&C?v{7>+oAD8d#|lfg+C}4lggu_CiIuX=)z|{^f*=T;ooIHocvl1;+ibhnx%G
zJsZv(!xEW$54qQau0RpG`8!&P7(w)q<d{e8Z#JN)UDQs?zw1Dg8eJV=9z@5W`U3LR
zSuoT3pER7nDeaaeOcE48uek<R>fw7&tXhnwXJLN=`$KrOxys3#t&Y3S7h@;H1KVy>
zQ&8u1BT~nrEWgP10&YCkmM<m=dgweut<KtcCGr@}w}{H=uVubcPMQDkO?YJ=0357<
zy_f15q6sagUSPKV&=*SeM4R;|r(fVDPF*PN9B|9(H@y~Xb{=Q<tkvDf9lD|mDV;2g
zNed5h(T|8|jpd{LV^j(LQ-8l02~5<0{WbE)rf`YPdEtY}o?dyyUoOU#2<7nUOw}Rd
zZbjD(^9UDjKbKp8)_(2kt~Sm%(NH9g_Sr56tdMz1D`ho=NFlueM8Co6h${Jjd)<Hj
z5Ac|6bRLRgJu(;fCZAfnCn14-C|xWN9Xr*`ei*%QQ9tdQK8?yVh`G{0V%b+`SzBJ7
z24VE{ohvp^^%HJ8_0m1$PqPEwR#7_(Rsx2Z7x@PxT^xmAVVEvj;XFeIgl0IP!I~8w
zigxwcG%}DtVB8DI2Z-CZ0_6xSpg!e#0nk_$h-iK-=#>N|%%X=wE~9f?3Mawq#76I8
z`FE3;#%eIpWvPWCmq*x0vKq3AcH=e_rA@+A<>4>P>2aDFwGknJNUGeju&Q!8;Y@Qg
z#!?OQY;NQqPF(?(h}}kj$yNGYD02qTd*#B;U&9=MtyH4?D>4zosdGV9LkR>_5diHM
zXui$fiI<*z(;qb3J(IXN8PoFk&mn<%OVyIv(Fh+;n%K7GJ$#0iow(D@AAOjLDkIF&
z4e&it{ID7ja>iA}YV(<}6ui25H!Zbu=FK8KwFirC5YO|8kb*o*?YJoGK5zn2ySq~X
z+UP1Y>dD>}uG=LX^s+opW<^MIc|ewCIj(}}0qw4XW*~pTF+Q2C8~DoF+B00|40f)p
z*^D5_?jbTKu?3}?&~^XP4DUyKF?j!irU|$x&c{x;=dIxc)UY6xRlA;iGxt+|O?mSD
zpu1A`h#K^0K#peyBV)O-Cl@Urj=YR+|I_veMCgjwH5YKK*FIepb9oIkE&#kqdxpLF
z0QV!qOloFZ9I5Ojx*(K3K)64TRp?myY!oxI8V|mS@FdAa2uu^wV+Xu<XTBY#`2?n^
zsr7aJ@7%v_qb;U!9Z0O|oRV<A!3#`oB09pIW9gDm>GZ{q@zq+3jc8ol0AZYP$u3bF
zV;=*G5RyjRmM(hOlx-*zK>&ZL#pY<0Qsd;i{<HcVwC%FaHPXD1^UDf~<|PTUBZu$c
zwhsZ4J^tznmvPb7VbGL+LMN8nxJ1aP#P@?f&=7`M5yk-`M?CNO#Q7QYK_2sZK*j2P
zb2wo6z?=ANkjM-;*}b1Va@!O>w#x}|z{_zs*v|<rMIu&2Y3j8g0YD#b&KiFCvODq|
zj1`D1A-5foFE<|ABY?H7o%ITV!h`4}(A*XUTHUHo@NZx#mM!7>$S-}&4-%^YjP3Kc
z(cO~9FSO=6?N9lW;;$?F_w&Qa^|PuwT3sE`dCcutMcHlfSYL&ePQr&IW;5K;%Y%8O
zU#HJ|6IYM#^2@nAKER%0J+G{9<|OSAFg-uTQCH@%xaqlx<3l!KC6O7b4#!3?@K|op
zF!t{Z)DAD;r5Yaw*%>`EKZ-3HSJH>yzXbR%%7ZPTe-k+(zQf^e6ujSF%FW~KO}qCz
zM&??X@30ubbHdl&p1^q_e+b5xjM}J9DHL2km<;^&-&(M#1pxcC*FhlP$5Y|@DV%un
zuP!k!gWp_BSD{JeYrVN=+(EzJ?)&Z9uK<0pd+vzop9AA}BT%c?gH1x%W`QGxqicie
zzAFaBrN!e_oWmBkt<}APc#52RwSaGEt}^4t8sotROr-p}_(I?Nqg?~JG)+HDBerdZ
z&ULT>RkM!y9NB5_Y|ezkE(>!>T}*Ey*BGr{Q#9u}qy{KbQuv(tmhb>EZrRf$gS}G)
z&cE<Q{~LEW|1a(^awLUt2mw-5Wi+xGQTewYXc}3vNiui|Noy<JtXo*zxr?)`F(8!`
zF%dEO+%^Svf{n7nqE?28vwdE>Uc2geL82l1UvOrNT^ZY5@bUib2JTBrI~Hay@HS&y
ztY~4OASxqDhX((tbe&e{$5Nbw|9a<oShBs4n<a6B8)<<l+_fu{(Ex1ophAQ*o4--J
z?Xl_)dvtQ0A)x}LaLN*j7vsWiRD{%ng%d%`s{4~dx@<^9VNA6HIT&m2SkgmG;KThv
zCa)c9KSmkmx;<a8{W|~p3$m1UI8~Qm=7|Y~<Cs*x|2G)EJGX=y(IGh`9Gph4T_OsE
z*8<Hl%}tLDuU(H_uM~h2e=)#!&XR(huo}FV<o8S=SE&33s;KH#fw4_Aj*%amMX!)5
zwuO6rEFr5WCjg#tHwW!^y~Z6m`9#aJeVPb(_|N~OEnfd}ol?)`-YftZ!$B)M8Rr55
z0{ws@N6n{<Ubn``Vzac$_SMK~fsykjs|gFiT<=T`@S|Maojssw`TZD+^IR#m{K#fZ
zV772OKGz5)3L&x9aK+8dn-$wlO}n7gDG102Su(uw{~_xf8#95rEF0UlRk3Z`wr%@~
zZQB*wwkl@D729?)>F#-_Kg_Q<=bpXSy7mu7$lC|cPIt<d>2H!z{o%8n;}Tmkemb=*
zY<h%ur!De$?IRn^-<k(@D_K~hEj~L?VZvRS8=z9R-rNWrCR9u?Ogd#tWLmu}_U3@q
znd(QQxYLb5nKoT!Q6~JWu79}-RCi`Kt&BFy_J-6%RxbjnLVi{k^4^=Oq3dO)nng72
z%uMm9BE1s7JtUMVu%Go56!S?T6x@m?aaq*9h=1tXbL4@Lc&d_~?FQ%G>}v*1#$+Wp
zR5;fE+#J~%xsr_}gaFgpaxOm+f6uu_fiJX$jU?)hM<bWyjOC@At<CQWRg_;XV$*^s
z``FIH&b(=LJ~FR$2Le|%0YCy|TvC^2G~r|-D3-2${-2$N2AS7RM~ebmeHt62`C9~^
z-owjv)$c3Tlk#a2v$LpgMqVx@21m5Ww0}StrdOSP(1!I#K>@A2cw7Rx`t6fVD<6>0
zBa{0a-<s{)^#0w>3su-%?GD-<xpV+76#s)rqJHkl$HaSXhI<_?Kw+LIvQBMW&=Ra?
zni~Ua-D#o%A}7DBUo9b6A*OSo`}Cw=uhD;jOkKT{mXXKDS{`T`q7~_b2pkd1;tp}|
zvBH`ezek6`0eqhRGhWXXJNhW^K^@Hk`Y)b~?U(kG0_{~@-QB5IJYE8vv;BTS{tH!K
zt!Hh)pqK8w+&?5!-0)woY>q~=>rNBL7V`<n+8e%0Kd;&KfnH8AG#vqTwZ8loVFz{T
zzs+iNE7jCmK9ty-<?)+5H1OSILy;y7YLj{&FGrVafRU=`NSmF>LJj*UH}Xy29{0NY
z<*rZpzRwIEdP>+({j`x@rmyGoD<?yKwt@L`<KkG~r9-F9o|pUIeBXw+S3VUHp=(DM
z6?QZFISRH4`HZ|bLH*Cui?5~wp4|k`##o%A5w8yxv-e?h3Stw}#eXV2IaixRrpSVX
zpe7B?0EB}M7?=z*2Dx+wJ${QuH2B#IkSd<P)}X6tY1E(8&GPcGu7MM`c+`5PImAez
zWmIHD;w^-E%`4W}&``IrXGfa@9rC`gJ%O9pzru~1jF#oosx5ITCe{4<Y+!+UYb(>x
z-z*$ed!H!YJ4s>^i~ztZJEfda5V+^ZgT`RCfZ-u}{q*rZ?7j1QM)!Y{-cR>;`Nc$@
zk$#w&lf{Z$UTTxwsnwNh+U#~UjoFL6g?o^KgT4owGPq30-u@Ukc(J*2z9Ubu(3+-B
zLmilrrmi1M(~qsCy9w&7x7+=LPxKC{8hYLHpf}Cs+3qvWt(6nXwJF46L#?kka}{u?
zfa$f}TFosv-SNd?Sa?3$=V>s}f)k<^IR6?9=Z@##uFBS~Zn|0yWn3~})j(InrK)Ub
zQx-Cflu$%s8B<<)teubzUq=M49`rc{YOS3yg5GI+$+6y0s~V65Ph{!>#s>mQ?uLJu
z%e`xxxDP?~h+;k*fi@UEj&V+M?@k^~0K3r{=*GfKuZ}C!<vB4Vp!mU^kcrCYAu>59
zZvtE>6`Xby8hmr?j1A1dWDc;hN8J%8nvG4had$CsDmKr%9@+9CJ?a(a)Y1qIP+<n0
z9JiK4F6m?rmtt8@rudvT&3gU-gQF0C(<>Ncqh<I>8H)4H1#C3WLPdW}B{*6v!1v5b
z&-U`azwoQwX?<6)mBC=^HEHN#YZGrh6Z9!nwCsWbZv9n*LJ7qAsM#bqpGQRDot8TF
z@{lK`p?&w>HFP82B(ZHUQ8<CyLJ{L@m@sskZBPM=OO=GGy(xM%GR&zLBqG#U)r1J2
zz^LO`CJwpR?qXg%^T>1BBycrxfQU}J0<x%i48t_m*6#VuC!d0lwPp@;{Xw3_nT^CE
z!Dh6T16<M68(~SQVj}08b^o#29Px>`4>&k4@dg%R?<(u%5wP&#9QK-8^BY9N)p1|a
z6>e^(6k`QLPSf?&UpDI+X959#vtBGTf=SmA!245}vM=vS*S3~J*hNw604+pxkEg>G
zWcBTC(plo86~U{f2NzS^y*`kq)rbXFDvi<i4v)V;6#MdH8Qo7GFs891hllWq=>QUe
zwdO@M)R17s9W?GP>YMc_%U5ec_Uu<(D0K-lDA4*|VL(Kz7sb^yYr50C=uwB;^tt3y
z?G^0V_5)O)tquG$eaUV*fblS5q2;G>Nc=v1!O))Jci)z8=OPWxL36Fa*Vz(UC(seZ
zXTl!lK6?K@8iX7u$JD(`DaXje{gTNGw)Y3;xBiKkB0=GZP_yW&szcu+36N$<l)I}D
zfeE<U4Z#MJX%p2xJr%WOyw~x3&w?grc#c))20)9uFn)H=CVuQHfDiuTPBdY%eZNu{
z_*FLKUCMxh9+9gI`_P@L{+Wti2+$y;Tv1<+ay_j&w>|w_UUj!1qpE}U(u?uOVXnl0
z!N$k)d6JAhPW8xEwHB)cV6)!T>~~22C?hYt52GQDr9295Y4GW?@&TbSWp#$Oin~YB
z=-1+Zigl8-Oj_t-03QGPlFIz}YO5D128maGKGunv2*RNK0cEFvF9Xw3*ptpX8AwMW
ztF{X1w#5F%O31G6@(T6s#3MI;!Lu3|S6F%&;>3wm70(5e*}+9J=no4RiP?Vy9~O#9
zAv@wqEf^@~1~L~`IaH8-LDgWGQcL%GbhtpxO1j?uPP|6eKM8juBXjA!Juu^=U><n_
zO(gj}r&^um9c8kW8MEBI`@B1O2!RJk?4KaAXm6MC)zG9YdPF4=$o&vK%A-O&yJ!V_
zcpmt63MI3Np-B_@yG&Ct9&l`gF%wcS1KL5%GN+^xDOVIa`32hG%EN8Zv9;S@2EL?&
z`#YR+L7Fz|0Jb@7X&q!7LBO*1il7IPw30(no=Cz}B8|oh-I-{}NidpV*4bHC-lzmB
z#$t$Ane}}UD?L9iy`gAA!7h8I=@ESipaK?W{*;#xEAMW~94PcsXzFXct2Tl}EP}$8
za?LpL<|I2=%#&nr=i!C(Fxo@_><|41r(`=}$pA?Nz!G1vVn=~%RR>|?i|EGAx+0#c
zC4k~jf>7bY`b>CHAnat68jJ;*scMv=3<J}FOg_zQ7cTkhfM<$6w=^>MYao@zH8Go-
zPdSJp(Y@l;^<8chI{HVKb)S~V9`%tROIZrOl*R)~F9L#c+4bPjC1aT=j+;_2${i^v
zp7M@4z|i7H^6_qP{K*)`dl@XV1>$MOEk@#~2`U(6E4!Mb;*y$itH2h?bP;Yv5qvXU
zs(nZX(f1d}sSy`*={vGa-9;osgsdm6KZt{s#;ULOeyAj(jQAjr>B8v{Om9y|zbIXe
z&z?%Q`2uOY)F{Gl8O02`vfK_C5mg=zIK?vupv0N}<(#ARuWG(=NfCThFMURiAC*aJ
zBY*-gL;{_|RjCk3$iZ{vtHQrryXMJF4$Om2XzxzkN?u?J53ho4F|amK7PMZ9H*r|;
zNcB$I`WM=+c4nni(;&&TzA|R0FQ8<Rr5I~#XTC1~a&tUo?w<6J=lBH`rT;pt(+X(~
zu%?M-6`?{{*eMn0Oj`8Sa3y7`=evM(elLS4T6?Y4!w`v3Rvry$LJuT+LJOdxUcEka
z?Uow)eUR8;R1J?a%|1+Z;(E}Ytsk%tpJori6}P(HFsfH8L6HLTP)G+EIqtftzU*Gb
z-S%lseuy()WDf>hrVs9z0c|j5wr!mS;BiG2uj0~x>b%1cL*+A%%>$Pb#7P{?L$t0l
zmndAfBNyqzntmQ}WV|U!Iopar+++N*ZKNQu<?w!(nD54&kJrPbt0w4nJsP1cI^|=A
zM7U%L_rAO$?<uB-;CgTuaQ{VQ>a-dBhR{tw>243V%!gk&Sd~dEsLjH(lgUU9z`3o~
zsQ!V6KA_s*yZPPz3myt1d`l^9>Z^OI+%CZh$r;b~U?G}*P7XMN;^Y(sR}$k7nYzrm
zMCumzE){AS(j!1D0{|#iyN|ahY2$tViyjKB38S1I)|60w3@Ka!cA$Y>^Aj22SfOT;
zw?x{k5<ORU;65dcdYYdq=>wEVE{z0hohumBJy^&}W@d0ZCdN}kEv5EkM6u%bq*D{Q
z!{Nha3-|d%W^vWCcLs;Epra-ING0CQreo8$(Q7pweYV-SP^7(vn@(<Bpn1_0bn&Jk
zMQ~k3p=V3o7d^A);k4m3mV%g`gJ_RFv$e646+xjAuu;}puEgi0B>@Oz&YN<(X-i55
zHg&S2+pLQh_iu@>9IP31iz`q5h>gAm9`N*8pnMxL!;0`zRf!*aU-jgD9Syw^#FM`E
zlL*(g?%73RpwH5&ILkGZe+`^4Tr=mUZG_e&^D$n+VO#dSk;Do_HwOBy>lm3O$Ml0z
zE_G=%^Pw2=Xja1+_W(O0K5e}19Qb;pQT_j_-Jd5@e%PUk9A33>Jyz~{N74S#E#LTI
z35GM;RPCDgXUM60Rb_<QN+{0($CCSRpE7JDJ4ilmkS(ozv^Qa6lnx|4y;TcU3{z4F
zAdujxkHml;j@m4vt2ZF|zU(jm^tuw6LB-Q}e?=xYoB<iKeL(U$A7S3Zf|WmwIdEBD
zVuXZP&QW{j<-}u8w4P<m<@@s78<o_hhHB<<E1f$J&HyxI8<IYjji<n0HVLXn^&rZI
z>EQVQoar8~k!rDY98u@-@DK0eqaD>n>8;LlAGl@kN5ZJM$%3i5X@_SW^{ciOWx2qe
zaq;*yw^$iL9>A&Q{LmU}Q8)@-dWR#Kq$p=@-&(_cYVotkmA-u1_&EL>9pJ-{b<~^v
zRSRqpI#)?i`|#VB?S8f5PMrOP6s|AZuhC8nGvC@+TBT90SSQBrD-e&B?u4XJ-y>l$
znq#|f0qQ{C{Iptz_u}Sh`g|mt{9WHlwwa~%mrLBN0RTVWx2-+HF%FlwxM+N4A?HxR
zqO6YL%g^1{$?56t<Hh*)Iz9S&1_N~vDcFWrAf{Q7r^CXg;=vNf`DFeRLgI2cs+TTf
zvtf>k%3x7X-{Y4_c8&G+Rl&=$WlhQVf}cilsBQoTV=JkrkK4v9W7jd@Qj=GfPaxXP
zA#J3z1yIT!Ec>fUdGPDK7InhaA;vTwMFt4zmRK`b)Yk_q;swadY~7%&i%e9^=sMch
zn19&E7_w^S{=CSSpWJ-A)vqCMjKkyNdD(O!SCByqtXYjCT?98zZ1KIMb3ueWv0R8W
znX6>l(p<|OKw8LMel@Y6VH<=#<u=dy!&Zr}0k-~3%Nw)^Jy0{nz+?}VRX#t7ooqT(
z`3><08jf#BGh-eha;z7n(LsL;p&n;XmyxPl#orr|d%WqBSlGqVM`|{te3EBI8!Rbe
z_?!U;D?BfuF%wph$CSCHc0R8f%BI7$k8_Z61Nn(7GzxOIz1QHlfV>-Ior1@TXJi|W
z@TJhJK(Tla&k)IW&!K1fOs)uF4DU|KoyIFBO>w2JJo49FXG$K+_G_@Dmx0|6?^^GU
z+?^P_9QO^^i+m@~E8~E%aB{FDUn>hI+u|Vufc?uD<aEiiw>&jkQZg^s@exG_QB0x^
zPzunmZ4B;<eSmLdnw!?-$MPEJKrkVn^L%E01H=$0#+3{%XAd}C=KP<|V@?#5-buNN
zI5yVqs8tDVug%SwgowqAF7~LzH}<FC9c6W!`KGH4{@Gt#z9oIw8u&iHjd{?#hcEX5
z?5j`A<JjYc@AiG)t;F#ORaQbdH(bs28iOvqK9vOq_}3{|I0oq>_uT{ARpap<1NukD
ziH`!$jp7yksA+K0itF-fo*3#Pw*L)KC`FJ08FmHo?=lQmpD<u&q2l5D>bbnvR>#Xq
z=M@#%!l>d~Q*d&d-34gok$UY=(M%Nqs%huqj(@{g@o>&@6fKQx#X_@JaMR6gIkF&*
z?Tbv}usMRDMif@k$EW7#2fa~8kE{Pu^eC9!9?%As)VGQFl?<d)6ok)3J#E2zETJ!{
z`tMYL7;utso3;GMNEP`k3=4r7na~5&_Hom9qRDt$IFwb0J`V^11aA(w{+)LRU~?`u
zaJ)1Y_fx+-1)o4`lqGrzD^Ec5{J6e+#&6Crri?1a7^%Q1W5v@P4q;T&DNrUqND=b(
z;G((8uLre8PXsP|R?D#!;9#s6X%r@%KA2?UWEgcFHeCyjW`f>ppQIwwzbT<zU=MsN
zy6Y#a^e1e?e_d5;Ym*8fl_Qh|3`(k;^i-S#9-}V_&~;F)Q@}1onPLcMi|NA(-66Nm
zMd#Gk=Ccsb$Nm<Ejz}f#VI*>7s=E|*GcTY0$dM}C7(Af0cY(OLeNTphr^LRD>&#>*
z=(ZYt68mMEMx^I950sB}ATC6u8h==vR$n3FxcMA-O0WvKm0bBWPj}=6ScT4E-{@qO
zX1&||*Kj~k{A{iiQcOhPvD=a=^y_GN0O1y--07ckJ=V%9<s6RFihcZ{%XFbm{gG_S
zj{|T>SFi=n(5$O5taRX5s_9o?Gq{KqG(wP|hz9i!atzZmP0S*g%kW<Mcds}|P`v9W
zG=JS9Akvyiwx3r7;;#1t`0UsTB-C;vml`c8X@041;g7t!C!8m^)8NTkRU@LwQFH{U
z_h*9qL9xzGhn}Q_#}r`@^#=%&EI@PD#oLA~zCfEY?g|63t*PRIj<JSDme2A673z1y
z?YEbL3u~xZa+0}s*7jyzAF-Bj#_66jEr+_tfbB6}ahf{GWg<}n7CaiDD<hT<P>SP)
zEfz=x^Zc_}Ph0rLM&hn>8=ltpMmAM+?@i8$t0skE?}u`NI7A5=G;<sD?1vp(br@Ng
zbLv0MKA)Ujs{C$v;|n?F8bpisq}-pO*eYHdLWJ!Y*d@)RGK0-YZV<2}W=g;{3p+}3
zgeezBn8<73G~Lz!ww^tis-V8y&bbaNZ8bI%KnlPlMZPWmIbhLv7ah$sm&}KVGFte#
z>MP@3N}u$1#z^{({smzxuntUIK;E_Ky=M3Cx1h)0G23AP{!UD{ln-1+W<_3@l<pX;
zwNa_0QTs7?{2}*!D6qP+pUpOI*ssWuNXTq}=li&NX5b63EFnIQseSvB(;W7ZiC={`
zHSQ@iy;#kjR8+!av2Y;<t)ikx!zsNEXXRt(g5S?%tX`&!iy)#vKT!v*8oiD*XNOyS
zn41)$;E0!TL{KE@n$U<+mnNgc?l!nA39=U6`&7+02A)3Y9;_)1MeIojCl7i)BnzMM
zCFqHy=*S0f1*_w@yeDVc*H<s`{c<iXHN1o(b9HnmSV?H~LPEV5L3;yG<;&dEmx@uJ
zLzEt{0=rnI@LT|EgreU_{uXF_n#{^Rr`lVEiLMc`CXD&ef2m;_tY~VV?VK?0>Gb@5
z16?0{_!ufBS9O(_?n!Qam$epLft>u|L&scb9S;DmKrL34FuVv`Y%Q&WDIUITEIEw<
z_O)#Uqs378ZYuif(kPe-j^$49sKUujZ_5YHVEPP$Ml&C?rmH9Nfl0N9-x*ir+na6N
zSDJqD?2S@Q${(}ubv4(SilA$_{s6?{Q1I$(_Ax@CTSu+ZUv-qnkh_YS=hiJ>r_yu*
z{Lp|-k9hwO&+mPn2XO&-#@Jx`n=y~<ds4gK+fH*Lovod%NoLx{O0&CSqCOb><A?b$
zt&{u>2OKxQE_He>ay|3tHU^CL^!{3YTCQ!oU~z*Fhb7EuB5OJ@GTELz?D5YrxI3P-
z_u!L<U&NRf7+qnHxf;HuSe{aqM4uXNk9Gr$>hF!et%SLkTnOz67H{HB4=R}BycgH2
z)lVM7rxlU|X)?xl-}a<?!qZAOMym8*<=6bemb-NG(5Ed($qI;>ler9VfYmr-&o*m?
z`j%xb=p3v5yyhEFS`UI?cZP!6pZ^6jjsU{E^sEZ-&9M9SwyVJYypbb5NAvWmw8a7-
zkh4BCR@^21Hty(UG%hXD3qVA7Hc_<=Xsw-O;OYzAUXF2*p*jBhVIj21-%qCh+XJ?l
zDK3P{y&+t`{K6M)2buxH5J!n)+M_r{jL}i{cne$yX6c)?ne6<HNCLdU%Jy37Y}9^d
z`ZB_sh^gT*?fNWiIX*%h7K}Dfg3K8iy@Iw<q^`9IFt`E$R?$pHONKGP0b}A~Wlp9t
z_z77wbbf#~3~_^Fjhh;r{=I~yEwMoE$R9f$kNzy0<vA@z^YAUzUrCse1{SS{3Ww;g
z)UPpus3Q9c4!whc@d)1ZYu{s@@N47&G~~~^_v|Z7uq}pv43_USXI~{g55`TJTcU5_
z)9ywHDrih-<OFf3&1(!FKtq7JBdgtyJHX}omaf4<{$_gJ?5zDJ;S9k4eApq~($6+!
zm4V|LBL*zPiy&jo6!thN{X>78VS|BFFxz!^WVKjo0pF7Tk+MiYu^kK5n*W8s9NH%L
z?yev9A;-pVi#)>$wko?sX4p(9#sq5Uaq#c#^4iW=I8gGcxM!_EwLR5kEpt?H0)X*A
z`7gmsyPdAu^(iC=9a#ERFy|RA0R<Vmyw8Irn1Fch?zc3qb~ZbF!?75<-7RZ~NQ1(F
z!F%A2piXEtd7aw~)qWI*aAEiij$MryT6m<w<?r?`vN)=IFvyG~s;e0;Gd|B{2@+Tk
zhpf`r2;d8X!h1vNOk#cWaxtKac)+9kHjy6u2kJWP$QC;%hB%Pk9BG*d$Ig>kpmlqI
z=%&BHx9<<n_On%@|9G$r`=*<sI(R2HdGh%2&aRp*ge<Z&N<5%6r+t+Rgc+UR&wM}c
zj`qA=ZjUB%V)&h8UH`Vttf@ms5~Q;_hD^1Mb$1(l+1!7w`i(oTYB=Bp0O*%f2zs|6
z--adNfx(~#|A~@@;RqSM8*`db$G4zhdrvIeLueHQUi(ZeS)}RM=5BN2jF|-`hlDne
zPE=3+0XY)tLxi`k<b{Nx6oJgm+8bkf;)6AuTL?2&h3%**iKLKZyw^&%3=r9VXj_LS
z`$u>u)#ZuY96fT7_?$tO0T`9K@F0XyqE@v#29qwJXysxJSM1zB?5VGTeH@H*K>a8_
ztA$ht;)R<27e*tN>YS=^xYAPn)RM(jT!5*+{g994(nB>$i<1QcXD!(N))`h?<&l&f
zr9g%Mg<j}Gprt9VJ#5J<l50dZ(wlVxzO-cgL<I-IxpY^HY(^@I`*UqVlt$7_aW{@b
z$q0+yIz}9eZ$I#O<;nA>9ZsgYQyCKGjm?E%Z~30OcwN1dT2yJe1Ca4`LfXMc#!RqH
z+aIj2f4eCPNe*5!jAdzy`_L5BO#I;Rig#LWy7Aze$4qG*$I(k5J7M#h&%=1K+*alD
z!<jekDX^ruqHVWX0BpEsVLUUUF)v`|#7K%%ubRy0<0!0C2rQByBb2b3-|~xY(7J`-
zebj(Hf$_9&x_Z7uU?YrGo^s?+$;(1wd2yc<cD~@ZnMjHIFRuA0@x_Qt@)E8C>63A3
z$2B4~p}(CH(b(mY^Ds67cIGL@Y4;HPCs(Sh@ZRT+Y)xn=fD3p$8^6m+@m%i^q**Gj
zVRKiRh}4a?$u9E62p$R2mN0LExIH66OE%gd?f~lSZSHJuU~V*+V!~MY7gyf)RH5ZZ
z=&5_6jA;fXdcPoOc$8zNbhVBZ=ht>q{;;qzgmkVxnh<;|_6^QKS1hY+gWA3x-R~~F
zp3)bwA>Lpd0Beh+k*F|T^NV00JHv`(vFcq9qnw}!5e~j3B#bb8upx+T=OZb$cziX2
z4e?5ovFDd3wSQ|hcDSQ7R+d;`3hzwJ2oX?lgBk^a#+=vi5^E0pO}{ojwkY%9tt6jE
zQH}?DbqH{aVJ(6SA`2$*s|@BJ#rWCI6JFl^{&+e%Kp%*@u#hB3cQr*fSx*xyU;Dn<
zD0t$aY4hIl*u1H{c$VvVe`83ca=)keWyo>kxKVacewKSEmle1S?PHWQ$?R+Yvm3Fz
zViT$&^{+-<94W5(&*{{TXl4B(o_XlF@f%w&Cq59T7%Fo$7*WjIqKZ7!a(ZhKvAXkw
zxIk@Oz`sBq)gcoIr%-q4<>^!FWmU*bm~j(mF-hZDk1KHcP;EENtW*%x*o4@~#gIpw
zuv~@Uz&D}-G<`;&y!6s|e-2#8iAh=7KHYv-Mw1+I@0DxJ4n$vUiW^@^ET{oRVZ_Sy
z{8JLOJ0ON;+EDnTf&$iOB#l_N9j7YFnNMjLKysXUe3gllPBJ|y+E{Qa=RVYNvRU^w
zqKcWH-`CyV1>5?^{>53in?(8AzLjS0ZeAcnh+lV1y&>;?0I32`LavCOhH~Mh5XdB%
zY|o#6i!%YeeS{+sHTyMX<<>Q^lt7$ISmFS0s&?Mocsb8?@u8ucwl&#S{eqH}E{*#x
zz(dpX%(I6se?beksn_zy_VZ61!j&Rkgt@nCBn8c@mF4B~kxNCuP(_RCd<1Ch-^?-S
z>#*9+<iC3An1^w4dc^mh_lMtwC)6Gi@NdiObZtqZG$LH6G1-t-(+b7yfCFLazLBr#
z#riA5(hssd?{ieCgJ&)>^=jN1=RVd8_;n}FW{4{*Y%;<aBEn8iLfSJGpN9`7(L+7q
zny#P;fpR2A^>_V||4@s)5sJZX@6lvR)@h<3Ggtw*L5Ts>KwzV&FE~Oer<Ih?^K#6)
z?b58)XK+YA*e{*@if_7m820lwE{ni$-o12*F#yu`P63HDhVGGv^ohyE(&pJ0rs;+9
z;~lk6wHPEh+Zu<MiHqs~bv@bs(}?)rswW%Qe^)(!Yw9>`h+~ZQo@u}ZffT~Huwv>j
zrn}*^IQ>j*8M^g#F`;DANG3Mb@kI1Pw{49724Kv?IGAQyM@WECB3!usdurbkAj=}p
z1F`^%mmvj@2cIEX21@q|onj2>$!l`u0L@wocP24n5u+(5wBkeey^p);K|TGSVGY>i
za44JfNG2K$L_AMh8!pRu!}|eXjz3c0KR=FnC_A%@MjF(Ot5%e+Oa%7aTU;{7P3bC+
z-(ZLMwM$V6jO6#*wG<7`6hr|9{N~7oPr;Z2sZ*QD<9^Bo4RT8+tFW3bQ~em9^W+()
zq!t`b`{n1zQCb(I>5%4Q%U*znZ~%6E@!x}vFUGFI=Cuhb1kk|*nM|!4C$%o?w%>%C
zMY7D#LU@q>;Du$N?Sqa!$~@O)jPXKL65Qdx4`4FY$8u3JpD@iLrL7C+MD|f1FQMV?
z|7!biVRKCmkmCf50LM)=j?8K})L~*qC))6G-dd+xkh>()x?Cqe81*$(@c_cH&ha|&
z@eg)65hSyh1P(kc?sr$raUJ+yIQK%Dds(m6*>V|Ji!z!DS?Z3W>m2B7(=i?D<gZV+
z0yRgLid=t-h7!m{0jUt!fodF9nb5D0Mz@D|Y_IXuONM{54&;RgxAR>kXd;~$xW-XE
zv6<r}MDu^5p^9(l>9rzutOH_%&m<DAXHXuU+SdP)dJN>3k6hLiyRgR+BhyCU5jUOI
zO<qF;hIGbQStN~YobXb){1ZYYu>|oPj|RCkqbq<~7LV!20?TN_<?Rx}Q(Ab(HLR<8
zx{}Q#*5f%MBY4e#^gEgg(k;}jbWXv;FkDv|gVyaVX+|)1@kCm~#|L-@V6g(@5$Ve~
znj3&}-r;=eFT-3`I@>fhP}A(6?H&0v%ba<)RqT|ql-S(XBcoIt02c&L{JLif>~us>
zR(+({&Mou}HLaLy3Z{a27Fs7Ki!=Pg;(AObW^`AS>$k}HuB7_A{JPZORL0DMXUVAc
zPFZ*}pOvIWw5S=Iodz)bUQ*vbCgeGY1kVR-9B|r=!EEuG;)TP!sg*iPpUtZISLpC>
zA_zWfJxTt%ys`~!z1Brz#%>0@mv{t)g}=@_aGa0xWe3X^nKPaC6P`1;)!+4*qT<8?
z*>W-lBDT!(Me6O-_8lgr5W^S_#-p0T2n9}tVIjmeg?5<Lyn6tJARY@5Wp0rMITo=@
z+varRSwv+IuZR`Nd{3Za*l<Ll2p));mH@%D1Y!7FwJQqfH=;7peFY&3p3+&hYCeb{
zJf%PEqryZSvTS#G%Ys97$i$?=Rgs|tR*S6);>5yGNcipQGzd{DzMNgu)G#JY1lXnA
z%*Q9c!+X^>$#1~yl?gy7#_IZaFHtilRE46(N;9P%j>i-nR>LroumQp+y~>b1EW}H(
z{|5Gt->`Z33gKiF`B`A2u)DS;RUtT9Wbtr_p0)4oc2B%+4=tj_jNH2ax1OJm8&{up
z5uu!L0O;G~tONawL2o95c<SC8*jO*22Lc12<Ll@L^alJl>HT)(%k+Ku_%Z$XVGgF*
z=iohjPuJGNEBw1!cHTRM=TEPq1t>;^l5(U<uS`I)+f$&2(l7Y3B^ZC%O1M;?mJOOF
zvh+7VOVIC)^+uq0&N;E{p6KP(ny2?|m*^l6GN(E5<#;<)7ZHI`G%ac1CtO}n^BM|H
zqy~R106f$TX#++{95-BLv<ZW0jpQ;s0t|K(4&TwAabJN^Vl%rl^XHD7*m)W56i9WK
zCEN!I?z0-=lPCn>RuCfQ0wa^}lE*FXgtTAFK~bSICV9|gNv<vnAkNU%Jb!Fo=!go_
z1KODeeP4fH+U-BAl@vOgC3PW>%sla@f`XwT0dhk6e&;A})n^>zwH*?0n-I%3!%qXV
zJFAgW?RBHTy!rCko4+~xeaz|3cia=B^DHZNRtC(wy(bN}Dls@B(0`D~qRN%nF^R?#
zgxwZ2YvNkTXh_7Q@%;|vydu*;mEIDos`x^2IjVlvsoymG79)-GPGJU3Mkq0uL&n>1
z2YBm2W8$q+NNdE=0<->ADBeYS@Id{iyDlb39#B(cD_M05elz9;YsVvpKQm`7IeXiW
z3<&~p8}2BwX}cU39RoZ9RKRn;W-*l?oH%$E?cSO2N4-GYB|`WFtAz+SHG;jPJc)V>
zP8AH4)nnqpb31zr5lYy?U6L^$3vPnx1S!0d;bjqGn|l_=Hz9#1+#=bMnGA3pEy^Er
zS&~pyPFcs$J-eP+UG`V@h^&J(?da@vjx#~qmhr99s12?_@Xh|m*b`FJ1Z<0DR3u+{
z2HmAc_q*j8v_nQjhX#|<EI)83Wm=UWM4TpsF})3bL&?}s=R~Yz`aB#j<SzHuEzS&e
z^&PZfYpK2fS4isyV9s<to*m#c8|v?YYPL&NbgAaC$WrrhXG%AzefW!6tL`~~QciLm
ztiq-mD<!1LisY!+sHpV<{Ln-i4uWHWDO4)f-wddumXa#Q7Bct=72L^Jn36HIx|E0v
zP6OD74Jl;^?;H{ZqwUb0HlG?nB}j184VrnO{<o80I^1g3W_qgi!3sbykg<RXKqTn>
z+sJ~eq{hSON(3l(d*yv1A>NA`n<^yW^^yQci+I6(UJ>}Y#+y`p8Uc(DwzxK)k1sWh
z_Kbpm^kQ7&+J(H?3gxO=t`9gjlVYTN$G8UXT|D#e+BkO|&l*Y@J}OaAMY#>1QEUej
zQ7e^XG0E->JkS|9WeC7g2ZUH)If==t>doF;z|6ZI2;6B(9!(U>W3ibrVLn()W8_H@
zo_0<j>(g)>h!^YoomhA6rjuYd<K>?uBoy>Ic-lMDctB-JSO%eyAxqJWR3&c*!*F||
znBa6U)3!C;y`wwMSiMGfLbNyKf-g8czF`L)vC?E6rlf=v2PA+;T7~K^AWspt#aSX6
zeleVw%IUjZDfK<He3Tlq*?;&?{&CwMo3sEvluQXIHGGM1F)*K;mWo`nJtv4oaw|`}
z2mSpv%KXP++`V!_l>pB}Pj7f93BRV#Z+-!y@8j3$TZQ~9x2z``LDK>!G)r%6qDC%C
zx#z2!k%>@XIYfYyp4#;r#}HOLmVBRefA{tSAW;>(8St4*e#bK8IcP0vIZl{#Svwbx
zQi`cc0;*?8C8pw$NY&MbpGvnIA>NL#O=EP2O;Tl65ehV~vUGS174^WtHTlZ{rg$K?
zG{nOZpLLoor)W;RLhsX<y=u}g6^2f#nK7pQxEef7cp8ue|0p|v+){p~5_oA8|Hiiy
zC|G!2NcZ5a!{1k?es#!<x_F!nR4U9vdVbqGeMc8!i!+SoDiHj3y$Gpd+E?13s^)|A
zrUf%?RM$0xbFpq@=UFmD$aStoUd@BUS=%~dr*B?>DDE%7i%5s(f$?Rkp`|<9*UJeA
zPOF=(>jfCF21LmVtqHUb^5bSXzr0|cSp)^ffydyn_p`rmA$a3yU(zhXG%X&ZE`qFk
zj32#*_};mK$o4L#l#daQJAuO(8IUbU-|oo!o=E87eet2-UeYBjoKIKX>c5q}A8ovs
zcniX|%-%JAZM^?1=}FqKjp=*4z$Kxe<+zw*27rdW+r}worPwRP!2zF<>5sP>zq%Vo
z4s{Qdy}dJ?hXr4F#^~Uu9l~C{9Q{-4uejhDvWy1p`ZTS`bL+}&Zr9mCT(<Xc*{gdG
zsW;@elvADFV?5EsS)5(QGrbwZPs23<SfpIG9C!&~qk#xQh~ltmNr|gq4yquL!7ld{
zd%zuP25|T-YD{METAAP^gv41{b*<mVk(@%<3qMiKvPxg3|F^JcmWP^-hAKxq@bnrv
z)B)U+E=HG4)@=slzopm=Ov9^gl#11Vpjq84VCIb#GNf}48C**_JO=V#;D9e!8EAon
z|F5^q#`QnFWpEf~E;hzw;2kum|7*r)PcG!31jr?CvM2RC*BM$`45~HBWdOZc)gThY
z^Hy!O)TF*KZz#*wS7~lFSB^9PQSRVnD(jJZsXGz4k_iBkRBb6)<Ek+cffU0W5G4`N
z@0Gn7BQoZVIN5&rw)Q{=f7TGtcY3s8{AybV@9XP$`!Ew1*tD&EFeWf18Hf3EN7BBg
z2N+@6SBBsis~Q3L-BWja-PS<$eXZ2>zVA2PZ0CQTK9T@>;Pi9f3fJiz{M%8K2Eo!q
z{=He>+O4HLt379W4<_xHyOFz4cqzrezB!yKi6V09Pm$IV4(I$<E|;4;QnU{qYb{+F
zihxeKd7U)om843_IaDM~saQYms@vpe0-(`47w@uo-@MAqjA?*dXyHT>9SGCCcrAtx
z`BM%qi>z&G>~5T~a!n7r^NuKJpKPn!x22%}fcp57e+ogt&z-5>t)c$KmF-BI&rpU%
zWU%|W!G!(k<rGcQrfIF&P{5*lFqcDr5ZO>WFR%;RErc-?^)t4pqBYS91TCZ00PN|1
zo_1XubbEhIG{MPou}zffw~^4UoZr;y_V8UiTH7EPp=)h=2N|oQS(&B)037^jM{4`H
zbeOnyRnZg*i%z@QIzC^2*m;dRB!7CPBPJUu8}F@E;o-Su<|y&7y*K|@H+o;*etVpJ
zB%;btn4x8stq`V#&yD>#8ZguM0}Np`S-^ucXlAu*e%`cxe~h<&W6mPhkBjjiNlNaq
zY0lm67_&mrqAZMieWw!Eng?^_IfL(84aY{AjCx~}kvH<9CZoL#HE9_1`F`yky*_Wp
zcI3_~93=gs;8mU2ZWc08!$g)5wP)$xNZshH<2@vM?Q1W|UZcdwn~&v70Ni))jE>|d
z&GlRGUy*B;UiwwHZ4_*2$SETFDY8{vH4|D3%B{4DD4ypl;ZCsKKOu(7VqpR>OUJRs
z*vf@<eoCof*f7BH5`^0z?`aXq5o4!&ddqa%n;#ofz>EP}uuBI}9^CVlRTG6U>-3r$
zpL4%V51SpT>#?0I^tE%S0mn5NVq(0b`^NTRUsjIwc`~+BjtGzzP5ZMlF^g>RWeK%1
zR}eS|h=&CiIL4u{y$)x!gtfuUnk{lFH7O)+gclQT=x{X^AS(m6h5CG+6bD|T#;8hN
zBG;j)mBmwbx7{j1!UIK)%U4f_iraQHH3<=l0r!#0vm6$Y;O`Qc0F-E$U0y9?Po_li
zDif(HGJj=yVjkrI0_c%{slqc+t8XPL1ml_@cf_)Ga^huuRU0CGe3?MvExaH|JrQ(J
zE^tlQ{{I}@KQ}qYN2#RRQS)NJ%;nhgO~OQBIzZ&7Mw3GoXHZc8q`(`2bB&S5W0)xb
zxAdy#ZSEVQt?^Q4077Bi@+#;=p!w6qBjMZHmMuj?n}N7Imjeb)Ju_2wC4c3fxC?0^
z9y@fxl&-s8&VZrogh?gQ_m1UnA$z*XMS@{z4s-~0K~GSWch)Zdk))?}eIlEJSbki;
zlozMX;bW5}Q4XqoyH!N3Dr8-?iqhl|S?*DJjbe<2Mb%bA1yHLDBV&cI1j<vS;*H(%
zN~8<`YqC>F3G};}wf&{uR}dVMPbWlQ{sz|9q7zU-9w)_BEt(U0Or97pKcLqtEK)<8
zo5FkKWO9X2x5k@GefQhi^yx;L(pvQl;~KT=hdW=x5Uk>DaoXNiKqYBWG+ycs^{cGK
zGlxUAS9wvh2PC4Q`A&i$NSikHHxBW8_MB8%gQ=p<cS{DsQy}(fv|OiZ#6ZQ`Rrcx+
z@<*KZQn#f#bFX?&8AC>Kn(AAU?<O&?YUmjhXR(UR{rdzm%`V5o%W_+;=vybZRzov$
zb{d`!3dcD<4{$B16SUZsg$f}-&C7#$4AZ})29dT^1w4Iz6&4qe`}1EF*$4&sj}s)b
z&t+kz{ECZOlWT!gxfFUC&m)|Pa7E_Rv$1!8@};$-{o@4fE-~RzvPE!ON)#pBN03Lo
zJT>IZGwmHmUp{`1Z7+VD;dK{6A{F~ymKFe8ZyT`2HVBHlFgQsufpaLoPc*2M%FNN%
zrMJ0r3n<;PZwdBPE{GtVB1X@{KZAMm7~L~*<?1Bp3fmi!J%)|XbplHT?frg&Vd99q
zTRgS+o8s|^czAYf=T_bNh>3H6O%Bw*LQ2XW-IsF>StS|%8)D6fJ|W_TP-#B~<Aye`
z$}pB~W#G45c@GNz_mHmgc$0DER`~1tqJa{r5uh^XoWlQ8Z>ff#PeFyqu=KmYR;4w;
zlSvAG+G{`5imEu~urdP2__>e_ICIMO*Pd)ir|GiIu<<ACou4O=WhN7pQG8`Yj!JN1
z=gI?I$>l$J&rCCAt{^_I9I42dH;j8;R@F-F_qe2x^U==un=V>(@rAk84T9AAUmnX(
zt^o7062Z{V6D%uk0p`G>m(P}X#9tp)$Q#ldt%q+xv@+tlLj~3~l&V3fZzviYl^67p
zQ)Op8`i)Jf7ECIaIha@$ML=UzGo|++<cne%l^Vs8ImV^sx?0qmMTwA`#WQZ`k`4;Q
zA$v~h&gPpVYT4!Em=d&|JcYf_%RhQ79l(+sGt7uTRCWVNJpLn5t%5gkK1lOF5uo+0
z>nilUCu5&}CDmeEcDtg);2Y<;r~TSxjbLhfFMIl7tgFsr1C_&`s_x5#?uwt1vRfg{
zct-`@OL;g{PiLm9b<`tk!OfD)5~!qiu?#wu{NR1$FXgR20VJq|ia5Cz@%Nb2j{wg2
z!i2Z`LSjhpYYqMJ0&=I|)$NawcubB;#<Gt~htFz8h0!E3SVTC$agQO^u)(oAbw-Zq
z3ivV1fU_(5XxEn^NKY-kIR9;{X!9{b%e<)XZFV20`r`_d{7n72^}Q+kX6*iwd-Inl
z`Oy-qwzRv{^i*mG;(3QbVqSdbFo0d-`@sX}tHQ#|zJgv=h4}s;i#c{dn=Q5r1wZ17
zwBi`|v}R7l5l2E(?H`vv&$)$^YpJM1Aofb-R5`UFZl)IBul`OJo8Jm&CabFkMQzcP
zR;Xj%8^_r@O9VmT&i`h9FV(N<li_0aRYB!%8cLC%Z&8yfgZ}FlKns}SqyyyiZ$5;V
zd1Ys!%jf8WUM749b!e;k)%D9wrx7rDgPb1`GIch(36`@wd5So$2-{Y@Rrh8k_zx1q
z@-P)p>^G(DsmEh+gdb6!Edi5t(YcBa$R&rC(nUL1gFh`r!UFY7kg0wy!B^IXXM#J6
zV8WoKEwO4^P>R7vy^a;h5CWRFJfTr6WO3TituF+-3ML?2K>8D#tjyWHw!N)_O?LE9
zV>~T3YNadf4bI}G>x2%nV+1JRiK&-0|HuW(<5IH>rR#Y;yqL!EbG(f^a+PK##ZvIE
zCuJ>Fk`9>sR$a4&AU@@Ep3pRcBpCA|D^{D(wOb66Zhl!-<3G1sy$58fYBtrI-ncjX
zN+<cvZ?M3)>a1JfMLR_m|1jfPUcsc$rH$ViC%vZ^T4`XH7DQi7($F6X!6La_B6JXN
z^`~7}b`)K-1P3Rr{MXjnK~SS{7AWhC9dVBU5)kW26T?)iVFro99=KD!dLlVT1<WIs
z;+(GZeJ^ZN)$F(`2?4-?;t}q=%HYO@^+_lK=~#hDKEe`-ajm-wFfWAlfOu)tRXU%E
zLm#Z;7G4TW$FkK0KNS<E99rn2H6X`7<z;)*dpnpw3LYi%%;4&?qX)H)91t6Y+=ztk
z&e*le$tWn45{XP;6?hhgVOqX*+CaR6Qm!g%uFS2A!2@m!X$UZH2?GTdLc=>*ZG*zk
z-S`#l;(~8ecocxec&~KGxA=_&Mx&B6DWuPnpkZ8Ht`?XF=rEcBk3-4&obid{D)VSP
z4509#bY~h#jvyw9In@tNS-8*f$Agp_L@C=CaqF1^X5#9U)?7Q(8QpW;q%dOrqhTaw
z{%_8-0qN(fMjJr03g^*}*yTu;B22FM_P(x85ffQKybiV<hC6@c_8SB`H*uEac8{)r
z(AQ**c~P$NgLS!Rm*kP)bAx<PNsf}ONrFS9U75sOw8Wtb;dy0%fd8E4h!SPJ>a=Ep
zvK^~i-WP6UOU|T3y(*d!KQ_DpxKOJvw?#j!>HY8MSs`HMj|l2G*`H$-Ve5_3fvN7m
z+#L5r7LX%x;!GR|&C>UZZKQS;3+Uw5ukI`r7P4;qeu}~Q#;#v<lfMts=i4pGQnU6w
zFW}51xl5Rgr!Da3HJ_9>AnCQQB@IEK8ImTCg~w7ob4%?cYbo2{K!mQj<%&7BKp|Y$
zB-|(!K~w-E)g3w&*}M7W$h}nw)aVO#eE%NFp^@}BLuALQB5|{>VpMhVNB^-<oTiu=
zv|EBDH;H}C_zy2=P|fVOi!s+S@G`qzr7h9dZgA<TooQZdYw7^ebo8tenh71(*M&!c
z&#K`U`Fuj_$-{D$j(TQ;kBbY#Q|&Vrvgg1Sfz1Idbw)j|YTJpj3}?gQMAI`P0vP%8
z%Y2r~4J&fZ<@gb@{G7;2dKz&Zh<+tkjGh5U{94felw9rh1iL>?iXM(eA7V>7y6wvW
zJ~5HvdZi8kQIL0N0)!G?eSCMXIe~KG_?6>!J1M&4M)uV`j&!60Q)w`@Ee^>Jvk;|L
zW1Rx*gilRvH#_697OBRjOQ!ALoz+5z2ZcV|%~mzu8;f=3o4jG5rVl?Znk&A!3h-a1
z=od*r{JWaWvmK3V=&@|p@oFUc9I_uX@(Xv$3mUqzyr|wG)4QHTh$3sLdeLyo;ns;z
z<sk*y6$-!9v(21UmDdRjXHr#8gPsbrde{JC&5K~MoHQ3xIpd+O+k$6^SaInNT`q3{
zP4(cCFtBc@!5EC?<9@rWj0M6FQ#9ADskr%JBxz@)rSlnQ(Za?Dv3W#IJ7Jbtm4JuL
zO8ncDTn@4#gk?UA27#q4Ku9E`Q1Bd{y9YXY!$wCnT(3(bNjzY-sqV%fV_}1<(G##Q
zCOLi|w95clO%Sw-4=eFkNpsQH)?I!gFV?=t68w<F^ssh|zhyGSKWcBpoUQQNvT2hH
z7@f4*=msLRHP51zpgJRpcC<#QCr>k7L01sixXS-q(Rmh)Q(}*B|Bu_v@V#kN>uea?
za0J<7`M9p)t&k9^pDBR=HPrQa<t$+LV^B>`p_GHip9=MA+ny_PDQ|KtWfD6c-ujW}
z^|(o8VvTKWj6CERWp153|AoKWMJP1WkDq!c2m*WZVnsT?WGFNKhp;5Y&XdWd#^5_5
zmCDbGs_?eBdXf!sK7<xBQEu-jTR75<aG<dMhxSQX<hQCKP#IbDSt%1}5eGmLA}-1<
z%YoobxqAyE0uuaD(u#S`t~4fCb;G&5RnpL4Y^!=~6<){(j@N-A1JeMDF{jh&IEEt6
z+Sh)eet$t?D<by)f3JS_|4^f>j7*IGk+ZP>$0hy0fgL+A$NwaDT6QiQ>?nEfl?H)-
z+)7m?LZE)MQLa%{WcH{!78RE*PqAU8hLLPyjbLUYpX&}BuQadmZ9q^-MY+AQW0?)%
zV3=LeetCWvui#u6L=s=DeaWBWLL2i8q(yl}M;eV1b?U{ZYD9$9SK{7GLcn4|!;V;m
z%l-$Q8H{1-V~K#r#q-}i+TCSOYa44L*&UykA7i*Q-Ppy4#pSR5-EUr^_=qZ+2v6*!
z=YBb3I{JPU{|pgpl8|AUNR^gok**JEBzlQ%j82d~2g!fR>~=WE;hZA*8`}Q-JtQTO
z{iP{}dywPiz3V%RvbFX27ZZG)ip0F5o1@W$3p21mLo<LLZ;pBeDs%tU?$72qC$W?~
z9Li=brbwM3WP~5J?@d2`Wl>ivvr<7L^^;lbRTRufc}yskhZ-#>!A7186EvSqiwt-W
zV2__prdOyf-g4-A^jpsl6g$5DI3(A|PyLp-YMxGEFL<Z?pHnKtnb+#QuxW6(bqk@V
zwOiY-iz0wYDTVoLxT+Y%$t2BZXRI2<0$w(FE&if6C5LEq6OAf{R@OKo7DXWU_xOO(
zs<zLE!IpW%gs=@=V4w;5kD1Y7-p?gWRO?3g;thcfSV9i!1DSk_>5bF5n|*^~iZeW=
zK!n~i=XRP%KKl*9op;uBY!3;#PJZY&a4DJf4^%ltCN6)M?nK;)r+VtHF)0g|EWHWU
zRl5zQ1Lq#d469AsPw$=l*Sc*3Y~&Rpui{Kmi=>cs6JocV0TF~Tg|Dc)JT;KD&P(5<
z$I5h%GUn$okC3WxAALQ$ti=*kjDZp$v#r6-!0>ODLH)$118ic#C{Jkm;>`EyY|D4e
za16lm#K%dCsGj*z>#yDI->1u9K6$uzxopd2(3jh%GX)7Q-lbW;f7WAgdY66z>LJq9
zq`T9yEO2@#RnWc%KT{x%zCh%J9?y{gr+Pq5R}>cR)FL!eNRQZ}opf}^pft45qlj$+
z6amz|Fp#$mKV(Wg#7_)hlHChijpR)>V*o4!N=~_4O6ecqZ30rZJL><Yha&id=KXrG
zu}O;4`vXbbbXHsh2~QWc70@`-E^m@$hJv_EEP-gn8!;5^D5wiMc50WU0BJgo_nBmL
zW>bs7^YDu+HX1y`D{#O^ubjk;c*Oo75AC!Ce2j&HK8^%O6Y(^Rlz_4;*;v8lgavR5
zQ8n)RyEpm99sRhbw-chs*E{CzM$xGZ!E3B3Nh3-298J2Ao~YxdZhUMm5HGy*?|v^Q
z)C1E#^<{s4rTBt25s;kr?HlrlaF<{zsQEoHyBF?Ect{(Vfre9-l=kFn#$ej;V@)x<
zf@y$9eHk;n>oHAdF@j-SmTWlnY&-y~hPxKlap|^Do}3d!!{n91cxj#BX{TebU&gH4
zptcgwOgHcr1b4=48E3ELgbT7d)*`B?FF4PNFLH}=BO^lRt)wkkI~^6)`J)-Rz@V$K
zQqL~vqQ@B5U_c@g&jd)e*~Y;1h&2C6gGk-#R1nzz(oO7ec0yfg08=Bl<^oVZu<Y1n
zlB$pqvCYvRs_Bw<<^2$^({?U^?#s=z>udxng;oVt1-vIeue_R}3$O6H8caDqPT;0E
z22(3m-t8siZuL)tE)1m$SHDNiClwsms8WsGP}y;&(1(BKPW}Q9$^BZP_|bm5{(omZ
zdH&if)5yCVT4@8;JP@+*F9DIgwZ{@fe}RbfW-)nx0lD&tsb2rYifXejcHw!pBStH|
zg0x_P)P?t`s}3;qcjEDH&SK0kf{9`BG_Rhs9sQ3(>@$cJ<@2#19Y8jjAs#Nggk)Tj
zSga?^bZjtANFAfBg#$$4d8ayLbN#*8A`%kWtpAQe%NM~aKrtby$N^g?TttXFsgHAp
zGGP(iaGa%1R7W5uRGxt`9@=S&V<a1<X=`mx&hd%%CUe2U0#WkiWT7Tls1o;Rj2bHb
zUf;faNL#GTia!5`uWtaZY}?w6ZCf4Nwr#s(+uE_c!;WoqY#W_)?4&!kjea@j-21=#
z-&ggjQnj;J4a_yxti8sV10Q`Zcz7@|%6ICUC`}exFj(v>jvfYDkSXP4<$UIu%lKv>
zu?vpyoM)DpNxqe!19EC1p>=RmA>h~Aw?k7b89d5a4cc?g(@|Kbg=1=$VNhgROr%l=
zUpME}kyeuPa1v*cWzoY6pLZ9T<x9rx?A%7ng94qcFX&@&^SsxY#hcyy3eqqW1Ei9i
zhWdt6&?YozRj1>}qq!A(&x?y0qOzhhsXm6wcI)*5f!$)Sly<>cu$IOXFMzL0=^Kg>
z*HtmMF(Ozi<Hc89j!VzOr;}7KmyboyJ|8yK!C!OlH?zuqx(yCkDpc26n9eN1@?_DW
zZyigI>Yw3BT`kW5Pn(B1RI{no;nca-%T_~3$zEP@2~38=mWv}WVNuDUlZWyP)79s)
zK<}w5i`CM$L}z>nU<C3ZmjR|DEZS=DBIloZ4U$3gVr>jD9y*%-J%OJg*j5A*%Z#&>
z=3k+O3aQ#8<2Y^${l3NG#EKGez(S=kM`ew5RQcXumAcf~l7T16azFoQ+&WF2Dy~nh
zFhXpumw9HE_g<e>yf@a<X)=J8Jea*ytzLa!OCDGFiW9_q-)|*gG68_%jUv)t!{So6
zg$Uoy-*oKwg*@M}q2()e7#qIVWalr239LN~rzLdAs`bmL0~yJp^7V6oo_X)&Gm}8G
z<g@Z*qA3Euw`R)_v}VS!OqkwL6=UT>=jhYGKVsxc+fh>7PV%!5-?<sxe>uA`;rKIi
z;#Sm`G7~rKFv7J<)d*l|x=Fmd53|OTLwaHN)x{Yxhw~@50)@&9T|)=6FR0V(q8Hc2
z#zes2SX*?bF;pzOvhY-1OAdA6w~Aq+c~HCWroJ%l2!Rwd>)5qPe4JnENrKNJQ#moB
zyJ=HFAR08}($=%Ez2!&?VevyGhR?>L#kJVDaYAXc=T9~TNdQQv@XH8M+F-MY_@V@_
z%BZ`$2d>(Kv-C+rDFE~^BhW(lKhQ{!UWU2$8*()DF(PPH`d1LYSQ}@i#%+slEpea&
zwu6rM5?WIi>D|>PPu7pWH;G7%WhEUKOhtQrDMc}CbZvZaGwB8kV_Xl1pBo5gUy0E~
z8_}>w_l3F@(*=OfA~Or{-1NYtXLZWBJ|_;lNK)@IV0+~g?7#1`Ra&-Z<mJq46)b*w
zC#{nfEpX5^l@vrzio_W8HUNEg28|-vdbbTwQo;!|cAO4Ab=gY$r|}v+2-WWH<OZS_
z+RWhJPI}Dg4Qm+Ga$_Rj2pZaac*M~IS&uC8x1qWR&j4VMEi3*4Z)tD8Ja6Ca^*4*m
z{a1>^o+h`A^tOjYk>Kl|-UXN&hv``ObA@(?2VYGZS+FC|({Efl?0;(AhV>{z`u{?9
zT+t)}nWej58fCwU`*pcRA3=ZoTe-)P!%^>JxU{bj&o^3{4F2-uSm@@7^PNXAVEWq$
z<WJW<9bP~UfZ_7NWW}X=>t(9}V9tyLTaQQyI!HPgB-92~rnrvp^SCpMs5g>)#9hHE
zjLb*FVxBHg)2J{*=0*{bxn~vZ8r5ZdlS?_|RkN4dmHCX0`)pwM`Pw0v-eO>a_Ae7F
zpwMxzVaidOsX70_h4u4K>ep9+dBpKCUpJhE=x~6(QOkyh{G}SbBek#=p`f(t7t&en
zoF&}6+L7ugWwsq3P`fX67E8*h5wU+<)5!H<@`pI=>OcDwu~JU4RLy7&jhx0i8OF5%
z(v>#@G-emK`W@VjsS4KT^m4xzRb4#}*9vI`E&LDxbwS?CO>Rpsy=g-)pce8HIdV0Y
z1*ZV!vqEfEzHQk2S#0zsya)@$u&)aC7N`h|6-x4j(p$@uKC@IY1lB{PN!=9qSS;Iw
z>!gt0c;ZX80eXb_w<LIqDDKo<WCdO8i1d~6Gg?J}!I?jxFp}g@|F38MIU(_%v5DN=
z9RK#rF}VIcZu<Ya=3KxZpAcUqI`*H#q(1>&4*mjknFy1JDK-ShXgjNIRp`vxvupLV
zchP3Xvad>_&`93BC%TyT=ew)B6WU6|xKFb)QYP=SU`WdLwm8VNJjzQ7fpytay1n!P
z9OR#`&RB~3M}Gq>eHOvHbLv6dge)G&_sS~^tDvwDNLn=u-Qsw_hykj0Gw*jlee(`)
zx$|_#18n%$^=D*HO|MUEEj5jpceDF>Tz7tX+z<oJ>&*K!OFz1anML%og2k8Eu#6;X
z8^iLg38{ELVdKAi^FG&lsd8SRC3J3KLN>kDI#Q`i$SRr5Mt#NSV6E!<%)0pYj-z<z
z{vK*}s2}?wtHFsD02&JJE5c|yZ{Dt}uWGCA-^(6&F}s?Ghbj)`kh#I2xO_kA*fqW5
zj7Zr6bbhbsh}O&PP~Z2d^rUqq<`!lwccF3kSb31yl!1I)A-W+gk)l$i+{uGIc0CZ%
z(RIw1vnUg~+g?{z#sgubQ18X)m`sNnacH<y-V0XF=*U5(0KO`&)-!uXRgO?NAv}Ra
z3VsBYgK0wg2HW&Z>0iW2A^e%SWU|$=M!);dEF(u0dS~I1SlgB@=I3u)%}}7|)p?#(
zJ>TsAzOiuk_Al8+$R+TzHL$Z$DIA5prdOfNQcJeS2dn}8qu)6R-Ww@C2CX_BY<H6$
z`>8+zIwdH00arNzNM@%u>I-C&qs3csvo~O4y_^BONMBk-U7u<wNbSU^8@w>S9Q?|!
z;=rB$rODpc<Qq_%T_OS#gW!@o!4j-OI-y`_qt^wamd@$mv*PJqu*4TMG!tQ#_)gy!
ziz`m#9U~nogA?X(OM<BrcQeiHN){Pus~oZ?a!NSU0vJ#y6^ECqW%;w*rE`IMiIedO
z+mXy}bjv&5$P~l6jeUQ_43;{Ry<?iSir`cbw0yv7M-BSxJ{?kB^*ddA{3A*F`yp%l
zG#U7$I;o^6r+AJ@6HS<MA{()kJs1zeM(PgD-p@qJ4G>_w7Vozs=b(g;StnyL=#mU&
zWIn~dYQQMDkoqw!A?-@%kEB^xK1Q71!lp1Ep%DxBPV9F{U)7`i1?!0$miC5=W}QcR
z>?Bxit(a^pJ8og-rr0v;(RbwoYrcNHeR@9z|MBF1gKh+n9#$zHZ?9$JZ_4$e^!r0}
zerPf;WCl9X@ru~$dkW&|RGgkHcIhLP_5Nob5)qK?v_4!wPrS+MLOsokib*clLu{Tu
zO;S3C3~cTtq=XDShxS*+Hf4^IA8rZqcz0I*JQqBAXw*D~EGHOJLCB#<dd82jF`x{i
zSLC<wC60IXg_^GG>D4b!CgHXjk1^hUTm)U#ay-<cyXz*Sl|Eu*V8lwtX4;xc-<^P}
zK?QglW@Rj$jAku6re8WRrcGvjR((!Bch(&`Ivm8HdbX(V7>_Pm_HqZ&MGsSF;QQED
zdFba{yd^HFEucz<dC?>ueCZSE2UBRn;FpvMzd@*=t@|a0^f?iCVYooEjy&_Ns`A$&
zrE?~<hJu1o#|A%XJ<3yJqR=s=v)Gw<t_WZ?rs<1JSg~MInwd9cpC6_N_SU_5!+=h~
zA?kct>G+U4*;&|BWkR%+n=IQIREm3+Ee?=f;t?!00zrV%Zx5P1FW(lf@s&I)Zaut+
zm{s0?^Yf7C#a-Z}Fqs()INWSOf~9&^X;&m*5qc#rtSJIS48$|Fa`Edvg>;7N2LU`!
znpX4AXTCrcUUWwLY8h?lR#^^|hd|paL3&fEQky~aiL%hG?c=^3;96njo1f^G3Cyy-
zP+-D&Nc>3rB4Yq5vMfV$g8n;|Gl&*^>X*xFPkW*J;kzz|yIPz(>@Z9RjClt-%5rNw
zrym*NMqj3lt+Dm?yc-0E6yjXLz%wB9XQk43l2Br6Yu{Aj75X#z-+_^Fdu5R8y#AV7
z39ZqZ-Fs~8%^Z7fmg-6e>LlERi!|POnW|Q#7^BP|pnNX`26%hwxA^%du&A*$_65XS
zZi%dqS(JMn1Q75yP=`MId`jM10Ul`ggZYFEA?PopXLI6TUf6oDsh9Jj0P1JWoT`5y
zVIw@EsJ+{_?%k-u>?p&BlpbfS0_4WV9-<DS`h}YUxE}pRa=D(CUf54l2CmgI@$Qit
zumaqP`b}{sN17r{%2M%`z8{IL&6jqcO;M1HLhN)ac|S0>0EMdu;)exYg>0y{6`L{_
ze#?~7E1b-{j<l;7{dw3E2NXjwgp{M{o)SbWf|nE2cy<w~FS2>87ewf+5GM;qLIlYc
zOp2_IwwE_p$Up4kGoSb86Y!psllY84))Kb_^e9#0ZCdldbe1%9WnFcp@8yTb{?bPY
z8oCT+E9lpL%IJ{*Gg$EiR-7%vZd-V3P}vrP84`vP;q9+x($_U<0T5fvBFn4(!Z8`v
zSLUtkGEQ;%42Zra*|RDvx<&pS4h=Y5EvhFA<51@3U?_pQavZ0BzOhiLW5!a}XaKd$
z>d&C4THc%*@m9!Y?SVCKf=mU*BbA|GVKf?xp`Y=PjagdDx~Ss3_rv6aGVPj*?#!v=
zoHyrJ8@DgB8UR^)&eK=e{qkR9Y{Q@laBw))8=P)k@=yM>mCi|R2$CSJpMi*r%yxJC
zhYgP9jQ+g7**hr~ZA+GL9<;ryAOv|z5gUuk^T~^iAetOXUp!>#;P5#+pAkJJ1_`Xd
za)%*1&pM|a^28QyocwMKvFWyu&!d1~vGnPW-zPUVp#U)8#`cecnRN>T!|tAd!ao7)
zSz5Q)==%t_)t5a!Cvm5Icb+ZU42+byRiNHHT6(b;IT<kqrZ55b{Ow!1qFT}DVX{Fd
z7OxlraQ@GAU$|>Av5A0&HDhR?f(pZH>JrH6b5S;VHrJFTYTq`*X87VliDrXOSxj-d
z)U+_0Z2>FGP`Hc&!y1BVjmc;T7q*PUAZNA5cq3{N4fS+Fg;Ix-aWqMYRg2~*Mch~A
zpg5JG;~i1e3Y)-I40elU@ex;y)O3j%-MVcvr~%E=0G6czsGILu>OL~kovmv>JqU?)
zqqjvq<DsSGoe5a9jfJ3}K10QbZfF8+O$-jzOMtx`{n=cunBiT7@Bx=gt0^n)4&hrw
z4f)Pod|K`etXjKREs))5Ae*2^@ZrZI`kuQ=M~H`~A}(QtQda-nYA51c_xTC}BS#>v
z(jth~$gIId^~o{DxwIe~nbY&&&F183)#6)T)i04CnLNIjO@#|er4duBeObijmjQM}
z9KeRio1g-MDQlP@S`%ccq?fdCQ&^8~G+A9TFVolj@}IS}F(-bUAyl0qb7|x$yCPYB
zr+z|er&WGxRj2mEi5G2nd+*ho+hbweMs)Xem^_XcA*1!nh)ZcaYt<tz%;AgmZ38m3
zeayRQ5g~o{?@0vU_mP#N)j*@WZX*r}UjRz*abHyjf8QBa2r_fB$ozKNb3q?Tf=~n+
z^!x8Dx78oAD*F*GHQC?sCFjD-x9rX+LwD*kpI)J+N_zp-Qx+9jx|-WR;=>Sm3!&;Q
zBFLt_^{4x~5B3f=e+_kj{3{xQ!a2**M7wEdiSh@%6;l-}AU5_1X3&m|@dB{fGZL#Z
zT80KYN`#HJew^tnHg;w9c6E7$Xc`&m`*+$|R5>kF>i!OL=T+{je0NTI==}s2O^fFv
zDHc-+gc8dVt0>l`he{7i>XLTwoiR0{c&vk)?@C-Pjcx!zNWLfC-+ylVmQNkx0QGYD
zL^-Knd^t3IvFOF{yy<@XE&yO6o^22ulKCu>x^G?L>Pj9QfWN*1nX-#&z>7Fc(7t}+
zObAMoJVbVQ$GXk3^&dYl0r(BJfPn@YvbWB$-%O8e`!^Fb7RQJ^cP)0=zZ^QpSGoMA
zA&a8#s<O;;^K9Vt6}cOmT-CXy7%Sh`&O^9#%3A(N8{k&&->RorZ~}}u?aY5AQ!P73
z?7sYxkKYnYQDvHFt}I}eXkugZz&`VPD}FYWz@qOb#37pZ=Yav_koG?j5P0O#+5+Y=
z#Enav6zDXU7m~$Fv$dI{%oN!{Cpup-;~2<ks&>q~fEkcaVxho|tTzzGK%SxSA*b%g
z2a?bqXs*JxLvsfnGgmhk^RM>*4ivap{uMp2F|%|3&&7XFV*iief#V-ENWH(1Xh!}A
ziH0G$<42EO>28a)CF|-6!<t2OaFUf?9DRE-!SY{7G|zt_(Rd|^)8IBqfRQIs-{|+;
z`X63#?R^dAe>VLnea(z$Y23CD7mzqm>X52iY8<vFC$8pV>(0oJETsO*tvKr=<Qnke
zvR~`CrTRDx=zM-z){*``!{6?fGaZc67+G*{eW2gt(QEMWv=y~I^Ydh*$%IJ@J@5C5
zsZaB5TDl+I3HA-*FsN=B8x&t6ISc%^)|*r+qePJTHX*7$7Hx`|U;9beRwgO@Bghr2
z!>kfLZUXZA@iFT|+$S$Y{p_%blcM*-_xnz@2{dxQ0Y841_<e7q81j>ajTcQIOIL2*
z87y^PAI$BL7-oAE$!6HD9`h08pVRxO^V*V9YKQJ5+0US!fAO=Dp!Ao(b@cwCduL2Q
z7SxjZo0<Lfq^LWpj6Lf6Wk@?|{9?mm!t$kqrdCyy5em$Di9)W%!oJSI*6rOduh}YJ
zPwMl{c0iWh-Yz+8H)8=HWu9p|CU4qusw)tJZRT{qVPnzO$4FY9xu{@&>U94kX1yxw
zezEiPnkR&hD1K1*i`)EXzd$7fMIdi4pTffPL3a9jlni|z5n`?``Jj+u9kDUi!+K7e
z{_swcB3gftc&tbpPJ@zD#*;zui(B4}2UnDJBH-?qgAf7dtHp0S6GFh@SnM>qG&rKE
zRLbhx;XRioj!t9<_t9CBHhw0bo!l4sh`BCqr0~fMkHd;T8h(?KSA`<yit@%Mqae3q
zcH+z|r^C3{UuR%^qm**bGD&r`5hvV_bi@N;3yG?{S2cl6NjSb@T~g8~w~O7wHuJOd
zMu5Avxso<0sdz+TO2^rP+6P*`tV&HHQR_W>!_+<r=q>gL1H@5%5}l&59BLI^_${!~
zTv%uYv<=K|HnLcp2w{PM^syK}MgL4`OSKB}6X|~1xo6MA6tEn#mfb)|B*)Kr4h$Xz
z>R08unxYxnkOtMF*$8IKt~#F`x|(iw761(<mKL6Ghvv-O6XKJ%U?#vQ%9`5{1o+%E
z2N<eV_B%z)b9Aiez!@mYZw=6iOr|3c;WV>hQ}d^AvD9>}yz~t(u_vb9L7&Z%zNtM3
zQ7o2FsPR@(-x5yD1HZIu@ydaeYl2Pq5s8CHie@YDnFWfr`-*7cDBZ$4om7VW>H}!Q
zTFppVg8nX|zHpk=F8Lh#?Y__2rUO#g&`1lNRPhv!cAP^sxgGCa<{=URByCL?{D7ql
z0V<MCVBJeBPz{Wd!;XU>sQHt`t85&OF7b17WuQpUL^9#YeS2XekE`DS%Cb;f-18UX
zK(enq85#lr?p0&4JH?iag(MVTo&Xmw=QloaJzCZvF2qQ^UELji_ZIEnQX=rZxM7Vo
z4zFIyvY57O1KQj5YaDudy7d_V&pyuw7T$b8*36L!ho_B3IR*Tjl}r5_ZG1Y6vnN9d
z624!ZWkS3dM!E)r5Gi1k4GSyPr{<cj5|?o+<IjJsR8n};{IS*5?r>CJ&<3D@9dtSw
z+Lt;sWPp|>_8wEhP&;|dO7KWGeQEzqVlJbT3O1$n1fon;K*n=K9}=ide(0O;$l|&N
z)G$SOMKvEh;EnZG8S4nglS<&pdje&}O;Qxg9`-k6EUkZdsf2UqTRod4J{DK}G8J4t
zSj&hAgX)$M-EUQg;)zsjsR%F|75j3?G6R9ezZnNX%2a@PkXdRLx4@NnKdWVM`;zA=
zYw-ykJTA5<N#RWu9g<eS2~FM9=SlIVxle#6JyX=<x}`M=<xd|9*J&cqC%wf9Q^{8+
z0k67lg<j5@&!_L;m__H~8K5*=z=5#6Bz&bhCCdVRa~ny_ONE^)4GrLOD#apjnnWR4
zAUG$hSv`&YxrX&xoNk3KTTyYZ-y?(L-ZCnn{R!n<a%=?ErW%$`RFemUW&8r{$kJ`w
z>C0_x2%dlwE_zoN!1^6XaSSj#k?3RjY@uPbv+x5YX&?&sS>Q3qkDFeK+K&VW4S5o4
zBX#KTDO;2b@&#G#eg@p3A29Vx7j(wezB4@=lFSE1ijLv9lLSd3ox7;q@^0!dKti%V
zDm*?1F#8_ugiTc|uqz=zT_Z&#9lAbr^?UxXgd#Q^%AU7G!#hV(hVT76X4gHK%Scl`
z8}1g)LGq9;D!6W%)fo@Wc7eI{@1KmQ$boRdM5cde|0Bcq>;b5qE=HP>Gq>LAsgDck
znY0PWTGE_Bfipw-BUy}zk%N?fjO@)<S!sFZVQNKI{3tdb1<T%oCaP7`Fhlz@#lj3}
zKiUnef0p2pO_Pp(mrN+uR|qhZh1IPkvDN1gM(+sB-KO9vS25)$>}$h86oW1JNgggz
zrbj*(_8t&G>I>-0cATuVzQw2r<&p|a-Xrt&pqZ?yuk24nNJ8M)aUUqifR~j@O~2HO
z>ynL0881}+LL;d=A{_FYSw>PlSq$%B)_^(}?11%(?)(jkIbyb$uG#fo|7-aTIGF?O
z5jCb7?LRR^Po>^`)G9cavbM21h1e@7rtB56v@SAW-aj0Klel$M7xlB$t$r;$5o(hQ
zq+YamldKb$=+1|VQdG+1)Z*830V>+&_O4fQVhRD#t)}#(EO&#7DmbC#M2t)gMMu=x
zgHo2A$%dD5U|&h0HAsw~Yy`8P2%%eAWupg3ar)FPf2j)bPqPheO2de&$J<w)IBLag
zS56xMQDMN2o7*}CRZNe=bZ+VSz!9H7+N(I06o0W%(BdP`L$EQ~dtqn~BncLI{+qi7
zEn`4v5TYbY9(UJ|XMfVtHB4~)$3eYiOBv%g=6EA^x8B5%1ClvEa6BZd4Xwoddu%%L
zBJz9TnR;@F{3O(@#DHjx33w6QZzg56@pLKxC457xS5wZugPFN+&dg;HcuBIlc~n`$
zx$bI5^sLuyfyZ-f@|^9WupK!}P?d4{DnwA28I@)8wh-RO!}iYExy(Fdcew&&xHs2j
zQW@xi&V5dhw@ktm<U=7p-}U31j_)H%j(;}S0rhc~0<V0sc_JEzPtn7{;exk1<^%cx
zr(nfKf^)?I1voP%zCA)1H$I{j!VIiOu$U#%7mQw2z2~JC3fu$iHCU}II1zS{?)1%Q
zvsV}j_cXz*nzq!eYNSv>$@l?byTZ(^^>Q&D_P$nzj93cp)oP^csH+$wQ=Tng>4gRv
z$loO3_1Fs?My8t+{Lv6*p}{CJ3I&b;UA09C6%O||tmwDcjVP6(Gm|cJkHLm~&;0T*
zcW(<UWEHHSMf>$5+G|TvRyU0pL%*mOzruSE*0b|#`u(=UZl1l6{(OgGX|+zN!t4g=
z5v&hXG}K#an7cQ=ea44~x&VLg_wxx5S|V`QHpH+?H>=9)O+79G8w#k{Y!6`o-{>GH
zJCc2TbMk<lAFz-;zwT116TaX9Qp`PZgIemdtp<@{;QP+~<T3jtWZ$?y!3STr*9nd*
zm4ioJ*><wfyF+{L;XSx+^C*4Yx8C>noLfXkGqwj=etu!wUmz!?!`E8XUVeJ!ndMZ6
z5lQY*&YfM}WlSu71d5K#OIphSqXMlH`^aObPXr#Vs_Ud$vm5d=h2ZB(aNAUkwu-|W
zF!5;Yt>zd&%A4Sy)G}h>`jkM(9#=Gp9_F|~@gV}+?&h;?$fhjBGeo`5u9|G(FgKTy
zvwL>OO(}2g6CKpjbiYv6d}hwzjJ0%uVI7NeYR749CR5$vD1x1kGSFko>Rf1xn|FBB
zV+U<>0~Sj2i9()k2oa;t?sv+IG&B0I1wx*tClMJubrQ4>kAakbz*G|E+T~2JUNd;b
z&pY*JKEOXcanmY%xBurDpNr#vj`6vef$cV~pM^A^P)0xkXLz8Vt?_67?I$cGoS+~a
zlbEB!C%c;~3CmxdIDcIOIw4>Hr)-R<SpUie{1+ALUxNR>_Nnu4cqMM2vz-m)UylEO
zlm1)azXJg_*1t*rN5cQr{Wo&ue@bQJ1SZ)BfO0jWI4FSu;eru9S8YVa`Bxg^zqI__
z=Kr6poGd^UTWfsIzmYHh_bqa={>=|e^1%lh+v-ws{xu@tzvTU0h4jDV0hMiSsJQ-N
z{a+UQJ1g>^q@Q#9K2>9K{Z+{HUt+m{N={sa|L9}=XKAeed}I4Z^5-2FIgv7Q{9|*@
zf9%QmkF7ZWu_V_&PtAbj({Sz%ZX_(9QIr!OI`{wF#lId23m4GInHV_bOohh!??S83
z*h`g_1&);k$n1&_oOY%JWBrSY8H|nPU&Pd)9RFqmdbuD%vhl#N@%)<_*yn->^mV2H
z61gHl{HGY8vnv^J#Tg$s<SGq(9Y6s3IAi{$necD>|FuE>()_oqzl`!<iy-{_3H*Pl
zK4qi*ZT$a5_3w3kZfh17DX`ClD)}&iakBvdJ_LV#I0uLVw|($HKX;rT29VT^{PVw$
z06d_v+ZdFpikgy~SR<pmGAK9~D=QG-Q3LkbdPeVw1IEq%j{x>h0b;;1PXZV&rca}O
zb+rNxc``yts%Yux$~HcEVuAv%d?A2^{`7x;3V5f3asvZ=2*J2H{^sQJ!3MtgU_dFW
z$!W;T05N<UfRg^GKtnI+#tmP0FfeY;zx04|H#!C2e17BlM=RIgyr+Q#K+qr5K&GHc
zG_JpQ!{?^^*OTSq0=^HhHwp)bL;veGfKyS!pqjwMXd6%m;9c|_8rR>u;Xhco|6&1f
zad2}B3jQlv_sY)k^43>d?s$kN^>x&<#l%zSqg-3Eu_dh1sB#~|r8*E1Q91BNA|-`Q
z6mCccA%%cRWS(Jz`7KW9L}ZgQ+oH<1_A7g-rObAIxcyNN-`An{a_e&%iJ#C@$n=^o
z;>>H;=U<E%w>%j)!4Hg?$P7SYaoB}3ON8m_VJj{+5}PgBEv+X!>l-P)+BMEk3^4g$
z!8Ax3jRy!ktTgkV`I)aL>;plAI_;BXW<BYhGkWk?U5z}9f&wgL^!(lr4HR<eGf0Yg
z?}uY{%ZbI2^((86zlBuA3U_~-ikbi)#fKou$ft9)JzIRGwPo*q4gCSU0szwwf4GE1
zP;&82{kevp?c*Ok6;_hlIIQ(<9#RM^_~wx=lOZ}wh*uc|I;hMXk9z8z9$^xsXQ=C}
zE^+cws|@wtUtVnmGr0cLfV}fTW7}XuG8iU*SEtgW1f)0m4f{62{^l@Y`u@!;XGN+@
zsY~RHY6-;^*7LW*Ku88a$_wolmgzUcK$ch56)6@<&k*Hr!hwVpd3y3USS=G&RAD<(
zEOfmniXl!Dn(sL)B3*K4<Z0-gk(i<Q*F@j5v}MjnHBrGtrJZ0c2ZEePEl|mVDJjvJ
zP;8@cep8qbvZO|SF{I=~nU6dk0v$-2MT3T=B1`lNgCTnwLNK8O^pkcu`CT894*4r?
zkeA7b056<cotStNk!X;NZr{8|$9c@)?-@&q14`bH$X*i0Yk|bwB)&<HCf6~hYWige
zy>};aBk8q@pS7<0`{PViMjs~MM(?;v)A@e5#k#t<&GE%`p}kDNY)27u40=nx$F8$^
z&ah9vDT&19i;Q6cexSa<pAXb!m+^7&2)Y02?AmXb7+$6rkT||ETbj_3X>72-{PFUz
z=w4@t@smvJC+@ZAHJVj6FBaU{Y->WM>0zw*`csgkhVzqvnQ<-roV1&p{&)E9iZPg3
zIEvYANyy?<_EelnIN9M4Cst(L@g7Ku>rx03>|k;0me%+*Kp&Y6KRVVeDI`8=9G<sY
zCcm-e(;;_Wtmv|e!#)Cz1I2qRZb?2c{Cr`2cag$AP*4NETP#+T`dm>W96-bnB2|+D
z2x<`bj1E6u@Dw@ZB8pABSflh2-^cMIN0lYcRF=(*wdjVNjkCz?#W|+g6f`e2A`);e
z{4Vpv?O^H%xK&9D<*#Cx0UZ}El}&&Z<0nTW=xIBYnPX9Afbg(Y$?8#IsxNRwJMl3r
zIdhao;IV24VURGKJg{={cfB6p=d>~EX@Xe*scNpZMd^V#gzu4RT=%Cd43vkNV^c@%
z(9d6>(FRdmr@j=`xi0v+2a6AJrO<Z!BIY~Z?DuN{@O?Nx#@oU(w98WY_RL>;+RaCo
zg%c=L`MvxO|LEF3#X+pp#GNR258ei1qvFKo(yo~pnyNpriK~*Pl(fgp@>$th!`UA5
z{La;&x%oDO%}tv(mNQZrANKvH)*EqueutVQpFnrw21?gDu2%_>Kr%rpQFb@@?8oQm
zOPmK@fG|x--4CYfS>z)~MIo`;>yArS%lf6qD=@;iqLR-X2ZzhIo^W#`*McOTAt|<W
zMqx7c(_{W47(&1kVswG=wdWD0vjqX*?l;&SEg5*LBR8JzdKPUw{zMz1U}-OLmy6V$
zQBYuOuJb7Wit&)l7^#5-r!-ilewb{yp;QGJfSs6<c5)H3j|`%vp-@vykQxe0z+TKA
z?WDLx{sa9RxFwkq=$iQP*7SsKa?EwRRZ$u)D?<k=o{yT7pnUh6x&M78Z0tVx6jL{W
zyx;{+|I<~YF&tB>dYJ|FoG?}*t~ulfW`G2ApG`fjPwQdYCTR@lH}N7d<w%Qukg->5
zz}385;oXEn?YgNZXaW9JJ@Lr{Kju3}AQJn=HO8FNMOeW?QFq}IwQaUNRSZsa5KE<|
z#R<jeYZ3GQxO~|h7{*}4H(8euLzU`I$-$BoAbCThr27<P&l93spzE)uPq3A9)RaA3
za-xC-sJewKd8G>G5Y|)p>*He&;7OntfIk~-OLkF^<J^sa(M0!Y`j8L$GDkOoGA7&a
zC;1=5EaWy%&X`hG6gRenPM)dJ*;HaSJ~ATIc6M4yT&)9Q{!=f+)bOR-lkw<0zAO^+
z;;&#lJ*IEO{J5@}m0`8~obm=!hX&b3c`W36PLq~>jA(N^tu1tibw+0|aBna@fO!8S
zXNPsE$oVKkNcPI4!~~b<hCjt;lwl?z;o%ok90799Kfg28nu}*+2;80MfuexU!uQi{
z3+>={8ht02mBPpfq#tBto5$yARx%!;#*Swrz5+iroszm5ioYab{1#KXt^Kfh)&2qm
zHwis_l%82hmXj-Jh`pg5XR-dY{{f$D#i6}u!ZQgCms)CSGEqe&)K8Kg?rE&WY#+pp
z;$QH@TkmhOa(nTxUT0UT#O$7~A0M%ke$YZYqe-ByVCX+jd3kgFHp}Nji15JLBJmc}
zXl1qLIh51nX}8kpG;OS#U?`Jc4&L4*g~hOAW0n}1j3k$nyszB1yoy4*097>O>~<DO
zvkpH}97p!dI?5}qV6nP2Jbr|zIP@cAm{PRjvraT&TW5$i6Y*_oTP>B-lT}rVtHB-V
z+De$}RSNue(x0#px^7Jw*-1j9e3Tw_qaK9Q0z2Y$l}yCJrKw5KJue+fdA<6>qlz}Q
zv&*11(X9Gx)3x7@uE&Xo54dN~zVEg3hA;6|D$%d&e_pUCTEgEq@91QY4RfuSaofL1
ze!LbH)o330QC;rL?+RJlBY=*6jny?i6IOSVQcS4_EQ7MiXQhTuj!A}32I*efv}}|*
zO_~888cZUz#*`t^#lgTl?BwWr)oGvxXP}`__$<ZtBcn2cr~bKA4_MITS~y%YATlKE
z@#n3ucPzs}UH(mL)|@Z0vOLG^Rlwt7jYvmvV|egrs7Obixhmu``nGfFr=FrHxPW1f
zzcha&Kx^apM%m;-ME)!H60aARo8m;sz4;dwH?pE!$KW^9N%WJ4Sq?K!gx!+Flcu{V
z^?Weg5jVB`dtnul1Ark2R+0D7tR5o%k4yCJl^0W(Y=|BZCtWE=Xv7feL36qBFh3t!
zI~7D0HC>)o7WWt&$B(Q;%9v)!IIBMs8Ijr*tWwjW$z{uU&36$;^z9ALv%_ke&0_Y2
z@^Z4GlA3TR;S+eZ(O+j~7H-#kT|hk6czT6G4)dJt*^Fc2HUP@y)IT>1zB2PC_&LQk
zq!8D$*nC$3#52EAzi<Bjjf##njs?q6$f$YDH8+NzGivkXC`m~szyhD;KNwq-b9+s_
z!5dxS`mK)i9g#<(1D*X1lmV!!bt9|ZmmmoTH)Or%V(ur~L<Ti0RkW56_3O)BX*O>V
zhYqoD5tz-n%r>CYKwuvcvG5~ci<Z{NcWuj>M~yN&|4-<R+RREcU`?`?b8NEdaU}=;
zB0Y_t^Y?pBnsVMBjprr06uR4$_wn;7UA_pJz8$jfv3Apqm4OiDO_lnKe(Gcy@Y5#^
zU984f!Ll(GgVK6Qb+IQ)-_%1K`)JCwjFs_SV^^Q3M#}*#dk400`6wB(H3nChUP`lW
zRkI6rW>E~679Ze_vzUj-<7uUau+J51tU*htw8}}}NVKpQ_aoH_ara>Z<CSFMg*LF+
z5TYhMcidRSew$`Y=V3KC?9L!=58$V%obwFx2*a73kek1$rci6c0!u<b0#!-NTQU?g
zt~^4_)U^N(Q3DqSBwSQjvg!FC{eIeMdesb2!=lROG$&)Dj`ry)9BX76%}j10+wii5
zF|6<+pwzT9)_wP1q^=NEb;S_y&{4h#2eo%$NAGMyrjEu!dUQc>q^_2A><CW5*bvSL
zh2IJdM@^o!_oq)_;^F24T_>Q1W+TAFzESGf%N_zq*9C={HjXaS?BuFyY8tc-PvP7s
zzb{qOfl+o8G<Q6zi&dvvA%|gI$jtC!BqviQfFyB8Y(fPyBHw8s8es9H`e3V<-nTb}
zR3^te@P}fVy2t;dR>O?Cc{)=Uju>rzjJc(GF9~wsZogzohbsF8LqE)Tq-v<b$O%O=
z&XNo0v4Ynn4UC|9e>cH0!#^3&|3qgGSD0z9_RB>j<g_se8Yt|P8thj0UlcOL*LnP<
znMe-NAn#tS2%cg*kc7BSP2An(HJ%`i6bE*M^tjn!Xy{fYY$ZmoUM=LmJQ2jewj)A^
zi#Rt?1U*YPt96B=_??4YXB|P5PM5OiTk|l$h6EZ;Le`{7vPODFev%P&%%(xM`8hc)
z+eN>%rX+0IhoJKdE88N%1e+d`U&Iy)30h4&tmeM>0j#-GZECazR?0Uxxyj0*gq_Ll
z{MBch5U9P+?ph#zMb6l)=D~1Pc7o*BwRHV9r!(-L5fu7_8MrZw5sO>aa?x&74A2h1
za<;oRzoDW;f@A<3<jfBF6K{6Q$8ndy>)`vG_!g1?6>kLIsd_T4imlr{XMLvRMxa5J
zKUmc%m5mAVEik8s=n7);BOahP##;__LT5_izgjDR7@8?*1)d_TN*a8^gD8i0mXsjh
zQk^NCQM=+&2@_;}XXG}WY-DwDKj{JxT(6hIs?;kRr0I>QcFx(Ha2b0A@2mSegf&RR
z$rPif44t||R!a8XD3gHWj{6q>Y#36HBB-*$Vx&JVy?a9trjj9#N@9q5Z-tuaZ$BJb
zLF!gpv!SWwfYYhm{_3TW-GRz@i>E(;yn>dthjcXTkSBby?Aj`HPOlM$5d#lUi#DMv
zSrpbbGOyz4-5-(#Y&X>#e>YOz;H(dqe3ObHdGvDhmMbeS7+G5JOUiv2l>?xqu=S~%
zfWOkksDVVGjUZBouv{hfhQ84+7qT0_`((}i7*DCS;Hl`#o=VrS27F?UVN4MV_0xSR
z$ZVg+f6OAeSQDB&KX{vBJr4z>;9sPqY%%mnUw}`?y0S%hBX?ZQ-_B!CV8Y*oN{bKJ
z95Cc!zKib{V0)#S{Twx4qJzSVmNvr&z`wSoYoqNp>}`x$dx6c@SJQ<*XYz844O^$1
z<6^Ka*H>^Sq84oQ`%IDfgEE76Ojg5T6;Y^5+jfO<7%h-(;CF``wzmQZTxLAim6~Ea
zRi3?_wos56+J>Ncc;Hf1zoq3zL*B{ODebTyIh|~UG*TgZ#W*w4o$JtR$J1+HB2Bp^
z$3E9P(U9*^eN(M)MvChx9eIuojaZT!3s6qm^bI81es@&KlK5^C=3HfLBfVQ!f|(#s
z&smvZY)4nj%QMC2gee3t{w&!v=p!VsiSAC^%9*e179E^4dvMoKGqIIF?58E(fkrBh
z5GR0%_k^snChuqjQ{CR~g^4mHyF=+2Y~{DR>_A`)S!<iyM<?4Ff0LprBV3PhPuv>-
z#Mk`(g3Jz|72FqA6Eo8h6S3LD`$F*$7~q8E5D4~%=ym9}aOE6Ol$rw%LU_Oo12xZA
z^y8(K9^y!%Ug<l>A{Cv=w~TB8BBG27M5N%piF&N<{;@pJy<p2YAtFAJ$Gf~rLFl7H
z&Ff}OuePLHcuq{M6?z}s&ghtygNqYY4ZD(Z{sM80Ab%5ca|KJ~cSEkcr#=X0QDct`
z2gGjP6E-*Cf`c-E#$dIjeL=Q{la^se5Ycg<V!^dcdl6pA(>cHgicQ-$q2$4^g-7mB
zS;~P~&5ZYtvF0}MM%4~r<+A3{N&lCtug-w;lBFM$J5bz|m+_9gto2>aq@}WuoI15{
zP{0b%4t<`hk@eR%lvK)P{A3Aq7bj4|nvf&`$hhp0b!JmQaY53gI4fAd3@<I_Se$if
z3Ymzgvpy(eRSahbqem5TJ1&i)w5);}^{q=-1&s{_V?GVm{`aP7LD(dclm{Z%mtP-)
zFQ#IJ7irO&vxv0>N9!30Phnt8V#&BE;J$iNVk(xo3br5y`O9l_vrAUzAY~%JQpqjZ
zqHJf&0N)<~v3p!$z-Ah53*cR4Nbg{aUD>qdAr}L?uk0-*jxdDbelEi$iD3f`CVrO4
z`4_Y&w9y}tyDt7I?#XsOxW}ETiTa!FDLmkXDISz^FJzuU_odU^RtT9_&>YSnX4Gmf
z?tqtO@$Eg-8Q;-I;hEU)Yijz6Z+4Fa1o>8U&AlXm^}^xpstVJPY0U1=*cQ7*BKD1@
z#x`xvAjAl+Y^4*7@3uPT_6&DwNCiL3ayJ5JKH79$g_#~hxU8eGtiLs1sFALKrr6Q^
zos1xr64slk^Qjjst7I*IB*;FuJc**Z@v-O!zA;wER0!SJHOK*M?@!eQ_%dW--J^7$
z&to6}Zw5-OVZONlqoMCp=I)^7W!w+97Z|QkTDtZklF=zeunPSzx@Y6SuY@!#DMv9u
z^&W)+Nh)h`I+ga`P4kDdU+rLp1bKKETX;*pw|8_@(6sYnc?J+q@Tr|4oW#`g1-wB_
z0CJD-kamOE7*gH7r6yOYOB<*Qe`8`O%vqZNh>FFK86bs_Sew~-xxIYd0bfG!5{~fq
zj7K7@fM>D9Dh?L+iP-K}kn_w7QF|93H)Df4)Bq|vaQe$+E)Ijyy4dr0QR;Xac_hFW
z_xjzPTIMb%?!-Se!$&~(@w{w&ucaGJkQv|=XHYSR-G6n82u+ALSua>0y6(;4{!lvt
z3={0x#&!ZlSp~G8=|A02&4(2Z3!3=zNeu10^m2K%s=ZYg{eE>yYYm^cjo27XmkxG{
zN~-4#VMiT<khaF=7c4JvzV|b}mXGbAkahKgQBwk|fq=2)5u=<uo#4hK8eX|yNVT%M
zaolbU72&5|yXi6<x}#MTwj^bhV5(4nmoqP-3caKf-ErCDYaxbdGQPt`m0D}4sitJ>
zmqE!hU`Oa|TyW#hEx$Mw(<yYUiddWcg2sjgxFm5X(;BlxmNkzj1YMYJNCiYEUN<Z1
z-qPWR!^G^9pE@oglw%VUDVBv=Kh;4SqbE2BG=?nNCqr5259RJH1bn@}{y;zhB$TQ0
zUUu<o?T5A@F~{cIp0Yj7fL>%^>*1K8xrm!8uyu(P;lbIdMM#_e2KSI~1gY)o<@^x$
zu~o!wlO60t-<+bd<C>=_AbMXt)GwPIQPLW8Pjv0w)l4XV$nZvqovn{$eY2o>U3kmx
z%kGVHsj?6*Np)kRjd4F*)eF%Fgg8o;&tXb^Pi#1nyIYZH#+pQq97U(jN!Rb;OV6b?
zH)UGoG3{KnCrV2^bfMEAK{DGLqBEK8a;^no2>k5fnXHA<B&|=+)I)^qD`Yaitg=Hp
z!MKQfNf+6C%I}jM5VvSMPa1YX>r7$6M~X6zyfwq<_}+WQAy=4sw`i#iaO-A2%MUCl
zUooq!I<7kcxf6Eh)(pjwJ*`#ssqe_OE8!39()W!Ehg5e3*zUs$8<oczQAmDG@yO$~
z?8WQFuq;7CP=S=CJ3<{WhU;;<o9lS*fqm^3KgK4*>k=l3oY8NN=~3Fp>7qcDb$mc-
z-g_pr>E`(&91BNNBUQQqK*uf-($5>b8l}a8I&=GBMVm@OR9vyE;cUhGq8SKr)tNof
zMP}c_TqSD{j-{-p=9d=M&se~C6y3PC+*E@#B}sUMXd$a;elhfJ=&tiC)9)=>Q#9wN
z_IxLnXx+63R)xeAUYnmE;*6|dkfs{u-T<<_7}jmXaCQGw3!CR9z!@ivdzZW&dAe%s
zqSKmApbmQg2kkjQXy1V9>(h$unL%UMXBw$!_ZeF6qQ5PHpLog*FX$a%_|LJOFL9fM
zkVp3u<?pUu|8YgVGshSSMI+K5l?y91KO6-%kYu>c_ePk$pi=#m+m4*u-r2sdKm;ec
z`_b2zbLt<Fr(bu{3Gh<gV|TF$?X}~!L&+|SNO&~pUL<aER~ksN4{B5HVtat{h!LBz
z==naUY{Q%`#B2nn;MQEs$|IAUOV6OE``iLEop;?E`x{(XLuhw)%=#nEmn96DP<Ce3
zA?M}3-<%s!7#pwF5R9q__h{JMkqn#t{>N(~w`X<NrI-q{E+DF{@h2ZFdl$^;6A1&C
zTqb570U0v*-Amx>)iC^idgaM5<^!)BdVVi=4_FPR(ip^@0Cdhwf6hv;RKM;A{~S_|
zcW;hwmR)#I*Si@4+#V_ED(f}Mv|!f`ELBp)SZ0LP%=Wl6#xy?Vx-mO4@2>MhL74we
zqBO+g?flAPHej5VpGr}d0;!6~g(pvx5&MTp@Doc^l*)JaC<TW5=4l4ldlr*Wf{)QZ
zR}nV8BX!Eq?eR}?5;O8;=e<QdZwYI!OhIyYnO7Hm^?NBWNos~>&Bc>ubEohUioe3a
z1ZF!iFe@92ev5XC4sTA0^{BlW0hc)h^0M0z$~FRjZ~?gG;n_ljYPb83WcJRk-jL6x
zGZF&!`|Jfa0L*$%T<h^hBXqe)m#_#*vhk6XX>M6?tNU;WAUGh?wOF{=;aY>l4QAZW
zq3}w-Us`?&QL^0SpWa+~gD5~9rPj9gX0Kx_=dogFs4{B1a@4YY7|to|`(Lp=)!aD`
z?vKz-=KwszkA<j$K$Y4yt>FJ`RUCBG_9yfnJ;C;kgY=-i>~_usD^aSyHqo*|<h5~x
zaygW5I;?_hLDZSo#&4td^6|Re26&(~6+2Ank3QdkVk5;V94;5s0}MmIy3>`zbZ<mw
zwSV7F=~*<fo)_xXHalqQFLKZBO&I7d+Q71a`~$%95w`Ix$H?WaX1UgmbUF;4q<TAp
zz5l{&b8onUqS{e&a<=&m(49}aXi!#=3P#aa*?JrS(LVBpN5#8eI5O=4*irkI8+<eO
zv30PUkE%|4GGKpQQaxDHkhXmH%2BP?E7UI}Pk>&Hpix)Q`kNU?2a0=ug8LzYXm{mL
zt27`oyRz^j`n}-OA?#%iB<9~~Daw2k$Kmuq4Wke&SaUaL^~ZUi*-v4Vt%zOt9w>5I
zl}%K>`_O07gTG*44o}PP6%8JT^dY}R19u6nmg$;Ra($QgK^3EePR~94)g>tq;G=&Y
zA!L=bJ}S<g)}4X4E|c;xQ`4nKPN#Km8V|V7UL!U>M%K3)2+7@XlC)Y0NI(%+a57iL
zFI4h!gUpe^gR&F`NLY?uwL3_IKcOKaGX=TM%BvWH0q(djHbs@CXU{O{f&(I?z79Ea
zAH!}*->mp`om}|pKf&vcZfoYw75WMfHm6*;%508I_;TuX2c-Bf36(pvYbfebvjY$b
z;ud}f*wdA)C+D_(c@HmURp||r)T7=#yO5?Ay9;%QRT#XLG!E!x2ItfncNez#nNyre
zTww>k))N|W9^AYX+BrqrNG}_!XH=7=-a}OM8gXVM{XuG)#P4(q^+?Hj<@iRr*$)Or
z#LV%?eU(L}Pl?nsF+&ftSvSR#j}9obL#qv|H4-@Y1|fn2_yG3YmGV-)6cm=j=%g$(
z%YHd}*ONN67X}1u`R}iV#Aq?17u8q^DfM%!{ShSvEn+scqxoYYsn8T45O-Cv-AJ(|
zw@sZyex%tj({VrkbDhnKA}nEb-r@-wu~qeDJ=LAdj*oW!)UDOJEo>r0TpB><g9Pq?
z*W11aBNTw)0{v>%h9Y=i1i`WPt-5M_lgOCvJ$JM=&e^(jO<BdRWPyA*UYSw}@lvV%
zeMiNATjn~dr{k*=I)XXENOQ5KoGj96y=RYmVeM)4t);`^=U5Gyq5*Lh=Z2w$?j?PZ
z%kJG8El_{co!MGu9WRq$ZYTh<z1+a-QTWGl+%iurbl12N|F_ym&<c`fVVi)*&>@Ua
z-<g#raK0Hy_!A#mSzTewdRyAY9)xmrV(5_kp8+>7w}AuR%NfW{;DEPZ9jIqMnN}J7
zd6Q?zWIv~`-@6Rz32O?n1BilbbCaxIIRqz2zaqVTE!^{9!6tGham@n2dot%;6)@?5
z#`>75JZc5g1L+y$a)RdtL&XV-=d6Q}tin$G>{V=)6c1QXi$x<I0=@5oyYZJw%`+-Z
z#Z{VV4$Oo{$1$TwLu8PNwyn8cCH>yK79p=dHj)rt@{sVH>O`2-6?V4AxDi~|@&?}O
z+GAf=pajV@UMaHtP`?8lh{-@*peFIR&L2;ac(dFfTQBBw{g5RRd!NzSd8iqvh7>kH
zu!W(e`%3QF;Uop#m=x_twk+m;3g~U!zaTLRsx4TxMpsSfO%dAVIb_o^nRdl|HO5_i
zAK1n2j8iM+pUAsG6L}+U!MBS4D_i`(>#|vZ9u?I8N?!wuD`@{3t5P8h&hiO}fLf^u
zRNuw{`c`hEas6Fq@E^Hjp1*U)9GpBn|Cu}1fmT;v?hyPk#WQL}9}5jSO;99B!AUPd
zfeM>%Qb41Cf(V9JL5tA+g~TqAb#S%{5p+0`Fh>QUpGdfF6GFkH>-$jp-oB7dR@UPK
z!dR?MyJz?Pl1sa>MS8E_pU3w<lH#~X1>$6=w%Cm8-#MHB5eJ8v1Kdf>0g+d^A_N{-
zA8)3m+KEVIE)g-aPT=et^#T07W71Ceh}cr1XVeqQ<hnaYYAn<Kab?eU$82W<t-}{9
z9s9Rqu&xXTQ+f3?9s_+`=x5+xS{z`rn8V&sFmcd&7}%NV=d5jyD0PM)Mz89xU>R+x
zs$n<C;6LZJUq6&}p#K4QDr4+lS!bl%Kk;_jZ#~F)(#L2M9h2yxVxG6sTFjql14i3G
z%7hQ68TAB>8r|&^_3C{irH+EbVyY<tZ{sFenT?!3S|an<xSVsXKBUsnscp#iKWpkK
zRTxt+IWk>J1WN_;OO<UaDpK${;#|t6Xpm3DCV)4eza1603%nEY-(<Yi9v0{)B6MY^
zOVd=a7F=wQ_JwQm4^-$Xo)>6OzSwY>%kZeeQ&UZZvX)GhJEvseDRoQ9R6JIoE=W&=
z<4MGoE~!bTgsut46>zE&n9IkNh%dk;3r-{^tB_0(4Int<xQrO*_OpQZ&kokh*)cd2
z2pnAkGWMqsJp{AHJdm4ld`<|nJbl7>5a{q84zG58ZTIr+8$5URCTO!1`V^a)4UGv&
z4#&Ot-_8B3i#v;prm#qc7(Zs2%6K>R;X%HLzqZ<yGMyfA!0lY#Lq|6PLI7!jRi*F>
zRSJ0-3|zKEmK?Pv8&%i%qmS`_6unqPy@J#M#+AV#v`O_iny$2Vw1$dOCB?&|H1jsz
z_4&4P7^#>vaJa<cyY9iFvG3M8vOfCyQ3tl*c<T?(QG>6ZDaDId%m%H4xq{H8Cem8Y
z+}R(PNYVRlf5NsaV|hi+D#BIowPl$6Xz6#Vt#oL4G+Zn89KbJ@HVOrjH%vsAX`7`0
zlGh)JB1RqEt#4>HB8#~0-+c?^$bNESm4&l)+>>>bni>1!oE2U&oM$tn-tiVNd?&Ki
zseug6lZEJZiUsG3#7MVNsFhEe^s*Dy$F1LGj-&de;l)~w#%0YwLRaX;FMenTi}=8e
zRyR`d8=@N}b}_6kBs_BmvavqhD<@Y9;6sN7ZGu(}rj&|`pf>o`ofdY|ky(D&`?RDG
z_;HwXF{;ItW3bUD2jRZE^~G|!$H2wC5+nV{PEfAuI~8;;bHefeDeSAGs_MFaB^9I_
z6zLF&)0{&}N=SD%NH+okN0Cn9&>$TGN+{BTv@{aZlF}e09ry5j_j}(5xntZt_8)u9
zJ=a`w&AH~<d#}CLZ`RH(Z>`l@lSXsQ+YtGifQCX-Ky+q0osK*zpPTf0^@V*B<vTZb
zxQ=w#YO{haRqlOFY*r;oRe*Jn39TVV3ylfd8|yJyXb{KHgl$^GsZwIQe1*#~?=Fhs
zIzB&dr{9z_3<Gg=q>wk8#942!^f*aJ2S@VSC@DL`o+&8bW*U-Nz=PjX3b?iNs*(5w
z523tsD2-!M*Gd}SfS57Y2dIvWdZ@rKuJ}9U=HmzM9}EKTzZvo{%7|<*k&huq+P2N^
z7zaGTL~ic>99qu3eGspnNmj}I8P3Gxs^wifJpJ9O!==@<{fw>5hZ<`i#UQqS6jf#W
z3c@FyuK8+AE-+SKIG|ABQB=6ReCUr>{8II%Q?3<tdrevm|A$T6^0Du&wwao?DTE1-
z$V$HM)C8fSnpwrshqqmLy#($tBUguPC#q(|xoN(5;<k8((h_7`P(&Z2*S~klbM4@+
zOH36D%JVGomS<ed#ilbf)Vc0u)DzXer_&8N{6?cmei}!2nw>jFVPrhpFw5Q$c3Q?p
zo+nc{3}?c@dILT(oYCEpv)qo*vZ>C2dFIVG?<-fn#a&1<Y64KRmv25LLOxBw4jO|8
zw@td!+GLLS`lZd@R$VH{{)xaDd->VyBZn`fn>qUYQBv=4{|FPSxNjNu9sFL*m1iGR
z+FCgkt-Nl*STcp}vaEJn8-7I)jr#g|e`Y+E(k4!*=ySyKDWBn6(X?l#c4X!Ec$Kz@
z-6;Qrt)Q(VG55!=LG`5nSpqU;z$jo^H-%G)m;KJ?z+1Ye=$xNRwd4yn${G{tcaHm}
z$MIVe9>r6((S{|t`00IlO6o84{bX~GYW?)#+97!m*-@i2NG_(xIcLc+t^TMIweHS|
zoRpOrjKPL&-acQ3ZWq|t5{7O_jlFPwZw~dj^V^B?VHfr$j^+gF5#$glmm<*sXFyut
zuix8jJLUNv{Mz<7v$j{RquHx1x#r`bwuKym%PczGvD#~Ws!{=aw|uu^7vmeUSEijj
zXMtQzjr?P$>}jO~r#l0GTl*x_JFZ1z?irHFvONaDN$`QihWuEnI+KLT`@=P!gz)=B
z^bDEgwv@v*U22(kq}Q8}(P}Hl^WXb%yD9`8JS~s&m?Zr;6s|rm*?kH~Xza{9I8Rip
zc!2Q9&ZZZZHb}ke<B~HoY({vArIu=V|6XDO9oux9ot;~$wnC+1bC7m~=<Ftq5Va(#
zY3<}!SAs28yAV5V%43%W>DgOBwKnbO9WG+>wPmq}E*8_>VCr}cr2Qa^1!dm5G#+^s
zc1z1&=DD(1=H2ttBz2}kO<*BT#*jiaBIQxN$DUe*a`WZ%Vi-gR-%+`E0+;7Fjda2Y
z+LDEK*hXml?09}hc#FG+*3fbRUzj(?$>VKCA;ZH&gTM*$Rx>t?X3#>gz*<~u0A5fo
zGqc+5FMWAz1wX3mkU^#Qm&wP(ed+*#w5;WyJo)Y2zc1V?Y`x$*aZx%&2=7cOVR{=W
zla#INypXrzN&0ha0v3kM3`)FA*4%@%hs`Dfwef=HS-d-X26motC=3_tr9E9B&eS{m
zHN$t}AEb0b(DvF2-!_6FhNb&+fL=0J^f1>z>IlcG#?g_u43e^LAlzvUAI>Xso<Ks#
z%U#gOR^TTk8f2if&FhQ|(AbU%<NQRb(hVas8!C^bZ`NNJ^#&?#<Kp;sU!3iKjh6*F
z47T>XUFA$xP|uH}+UV=$i}yn(nEM$pwpBSmSkJPc-(Yr#>u<bp+~?{goAL)5y=<`Q
zzRZXEc-rNZhx}x<2x=8Lf>ye_RbBXe<N<%tQNjwc#<RNj{IESbtHZ$2gkgxmjc!49
zvZ?6t$cE+}Oe++~o21M$spKN%nSPL2E6GsXiny`D<-G|UTLYrR?~X^B*rJc&w_Tg`
z(@Lp#m}(!#O50H6?>J@3vg9?Ik^~<^dfJveX)h$xN|2*6$!lA#1tw%k&60x|-fJHK
z-#?7WHg*nFO%SXOk4L`S>z91XW+;H;EI65{us{A{8#P*G-AUU~8EzuHV7yp73ZRot
zZEVf)><rEOhA@A9_wJ7;p^SXM3<rDRw~1*fCJHARf`|K1FPzRN%!Q!^-oM`F-d!3J
z5xr{wz%fFO$&BvHW6fpLR;R5x@&$0as7o+a-EZV*&)Lt;cqhN5OSc=y?OblC8N9+P
zps<i!P2L}*xPvGB3|vc@x1U-W9n$F=sg0kC6Se2K|IUrc*r(qI*P5+*`IE_1<oXED
z^6_ivFAYgvIkh<1)#Pz&>p}Mh#Tbte-<kZ=KaN#MZ$G3Pi<1FU1~rcoA49HnXrSiN
zU??wPWeESUKL*|)zj50uoO+5w-^z&ZY<m(0l!0HQVo}e8=tY~rbD^Fec^LypT2`t&
zi2c>Z-eC;iEhoweAU`Ctj2f=MzD$uO=5o5n3aloaAxE-1iIQ8ZwA;iF-%A8J5p9Le
zw5tar>53pwq$cM8vmD2?C-_U&P|f#rNyo*CLhRo;h6=Apg%eX71Y|jzmZ0F36#mGZ
zIXz6aRO|X&o!9xqiBrBiXMNKdxv!PI3vm@3QysZE>1gPaM24-Uv@&=i`|&~Le)Iho
z!69RVPL)bOeiQd-HF-9p{>*lECNtx<KRw4orkbFLE$7jRh(knfUEmPdo{HxnX?4bF
zS5+^S1(U%k0aQi`K7B<5j~J%ww^_Wy(BHh;<*zr7tkHS<-ZDD4c;c&=6Coq0U(wua
zInDJX?Bq7Vxm(7RWNZkQy>(8Zb|h?P`6~F$2rd->yZzOw+Ti=JBmQKTmcl#ci^H$|
zkxaLX|8Uv53;Lc&4#l$&)(r~gN+FIpiOVUw=646(q~;w&s-Nj(iJDpoR!?p_grCG~
zw?Lwu4()^~HwV?&QZeK{sfoFWniARK!NRau=*AcvFZY$Y^|V_TB9QWL9INa|Ebepy
zLTg@(yN+~OY~4L->><WhI6Q$aHk94JK!#6_&DBH?2%}R4;j&*|La>5%WA%)3_D+=y
z&C5eNpF10T5=d-&zjQI?xfw}t4&Up{F_<Zf?erhlkp`7lW*Aur&DH(!oU`20A*N;C
z*yQ2f_(tNqw{&=xN}F~|cikeny}R*i4c{pr){*fcrq2Gw>-dpC9Ksg|)W}y+*+{xx
zng<f?+fJaM)Ae3E$IS^@QQaSi7B97mU?tHW*+$7)_751r6()V(1C9@tJH9k@?2VVY
zy{P*B!}$J0ZT=tU7Fx>Mt^?hl%wWf#mkPOz9dDjCs3mU|8`>IBz39K+Izr3{^UvOL
zpP1Wh2%@A~#SS;Fyx0Fja8Kz=eP2G3t@Kl1X-%H?)Or3UnTzZsG?%`w0-f-j?0%qb
z-({I&n{KRpm(B51B=jPf`B-{9W^rpVJuW3e81Hock+=$=uBWNn^yeTr5uAsBu7-KG
z+EfQ~B(ux?3CirE>3n!;X4F*@`C4V>Prdq+wEdZuVD;c`>O=ub$HXV<l5rf!O)0{S
z_$W1Ehv#;>dW^l1ngo@*rO7FNWPad!GWYMb7xK?*+ufV|<1{j8QJ-8|q!n0%rAzsj
zR|>|3g~ye2nn<fauXTC62z8VpD}JITF&^K<2|vj)GrWVK<~AswMu5t*RSos|0<(Pe
zww0xS{8o9pFQC1DtT1F7^?W@WS*&#+O;3k0nrp?wy&Of4`N-}#(JDbqct59{&-0DR
zv)rRN!y@=wekoR4NlG@;BiAsZoLH-K`>(cNlnjaM`Ruep(+`K79(>=&^)4&BLr82|
zdUqyA)J1zICa>jBhidg`-jg3owcW&TG?I=T9+Z9cyQBwTNoEL-J-O_e!$IydK6xc(
zbbx%BQQ1$a`fW*W;St1+iemoUJMv|^yD-FKOD{U{?s}Wi`iG<vJ!j)g@=G-f^*cd^
zTuBAT1zvG4f`?l>you=y2&)An683H0GY`3aUP_MC)=(+*9q^<fa;g1w)^s8fVlPB;
zhKO$T%S6=!HWLZ|^oH1rkklgMJA{d8zHrnE@8`KMr@;c-kB{V86mdsSm^261qnqa?
zFro9YYAnyvITG=oz=az5I0RWZ?ph?r2GzcQUshJ6jDI(P+4=cQQnWjX?MsOi2QD$3
z<7LL6VfMU(p?a7Dv!^#x(pTt~oa=)1aFd9Er`1G7pggyJs!u7lEL$TIj(xkf6b43~
z?fkwxKWgfJgt7UEE-#kaHS^8sli+3i4yZ_FrR@Z-(K>vlSKhBFGANqYYiv@m#NaG+
zp)I{ce)IY9h29s9fv3A*O+ub!f`G?IG2IGM)|__{ZGyqa$74E<Wn$%=CeLleY{WDj
za81$gY-B8Y^L++&4Tt+koQs3_1Ve1@yOjw5%;==rF|u&>nNMe{-W}BZQ8Lee&NH8@
z&6CYbRN_iIGD#Fp{+cA_)8DG`ZMT}o_<#XzegS2E_F5&)$m!YR$7<i44P_Y|ZG^lb
zN0|&6m{vb8&Wwu>TtB)JRf{S0ngIsKE^_Fe`S)Q-_EF~xAei(hkjh_bfR;v6O~b{V
zMjY`LBWxoa@zNwepS$nqJ!>qgfvTk#geqH#Szh!_)9S*)m#D!Lw;5_aN~iR1gbFeE
zLQ>m;yp<S(dTf7vCURqV8)1!Cbhq>;ZxxTLiZpd=oa95)`oM#Ovq17uLEeDd)N;=|
zC^mgs?2N2`V$72b4I;^&%eJglKElKwQ>!hYnhyuWw0>o<bUA?Yama@!C+!BLxOkb^
zhf?%pY1ZE<x-eiAm?PoPUTF0<2t?p~Q;%B2IhOLOQ`p^g-BS@!HK)p>m`|KF#Vq|Q
zrK7DJK#|WW%7N7K>vKRo_3{=IkoB<iXy+w-*(Cc13&RO2G>eoWJ<xiZ5uV?$P{GVw
zJ$qOq#=Cx*-?-apS>OuLV<XTC_0v2oGNH)IK>%U|<yK@2H9o4v)Taj1EhYONa`)((
zVhKrvEd#%mOzeb=lJ={SCX&AR?Xbr*Sj}N>ZfRw)JIUg&S|3A<Uo_>%x-aP?coK$l
z7dL_zdAT@|{0I3c@1iHyz@zUOhVA6)flT4I-bbi(a72HfWMPQ=T{{8axwG<g{YV4l
z$NF99e-SMO^%kDZGh)irCOxs|(SUBkUDcV$s)M^bNE#QMwi>T@FL@L++1Y>hJRN)3
zMtu31_0d~%@DQYsHSc}yyUco-A|3$~hC;a9q{5xT?Yn4nP--lxc126zDri}*msaTa
zgZ!5mCl8bXN?{C_-?F+jM(GqsU{H+*5+B|@EP+*<NQ}rWe(SS(qqY%NMyS#x=8W+z
zBj8cd!wvNfcQ@Ho<xTmjH|<&ZYqjlXC)2y)>YWJ%6dkoECve#vQ(XJ_PXCWNpN0li
z?uTjRj+*mZp)t@0G!uN5-6jfh!XQQQtAR0fc}zIK&+kHUJ{CZ0MBZ0sRhkpqY$B~m
zn=m4?@sUnry$E&|7A!WhQk48|*q+N?9^m9%H6LZ_>cdr@X>92Bw`{UF);`!`k~7y<
z^J=$|-`=eVV^0Mv*|SeI#0Bu$pi^wQoad~8*)*_Zq?1iy{X1qO-SM4~a@&yejuGf1
z(eP=YEm7k(3cV9UATKW!erJi;-JPl^OK0p!)J$S))+~*VjOJp=J^@7sJEvN)fMS(F
ztc{SMy4FmZ7OMD7j+}Z7dvxF3F4RblW#nk0&!oPYnkxDHBJH2L+(?}f&>)R9^NJDK
zI0+>cGXDOnvvGbr7}-WeX{W&eHquGuVd2gMrgysUDD8NeN2TK44{r_ngP43u%cV_8
zJ5@P3RUd0rdG1moQB<xtcm3X3>gcEsAD{gq+m}Q-qPI2A4$e7@ln%DTi2o!?x3jlr
znZrV{#SE+K${tS)dcXgO!k)`6b#=0n(I#MsL6W?seOYnmjxs%mvqAueK3P{+7)lDe
zbKZjUfyJ_SWr=VyBe8f!&L&>QX*csAxk}N2vXqHmxxV+Vzjy<6ylr}tS&8>B8-I?a
zTUpUBPj`D2Jk@8?8?CQ!lbNUi*gXWv2|%+_e$M`ZODyW4Oi|dq{%mLc8JhCjSTEG?
z6Cv|VuzWap3r^ivi|{Q;)fF@)fU?PnP6@9m45$O6=L7^A;Cc0BjHPAj-XBXoS5uY~
zPa5zPl<13?eXyFwV-Qg&iL^77lQR|9X*QuP#TP)o)ku0Qq8J`yR{Y69r?pIZuprDB
z&`Za|YU-l6H;S)~_e)<9sG5m6tn+=`sUEqxG_6*pLdn(7+sED4)BjM?PN)21g`aEQ
zVHc&K&$L(Sh#oiTgRXg{7dv-ocJ{s)lAM36e%_9s_&AtnkXf&!K|@DJ^Sj$o_!?EK
zq2u$4a+l{7RXf(F_NnbJNp~olpHLd>yJW^`Hs;WIhy#6&@Q$~iKU_m%IO@ySqUW+v
z`AzWu-AT3B#Dc{S1f%eql`&xGxoc@s2|h_aSw3YxRX$BV6FyTuGt^EW1?pZnKB}*o
zo)rGij=}%VXv0xw&FG(zuzycyYgsF+Yf<?To|k+eGusf_Aj&to4Yg^FV2@(gB_-gh
zW(o<BHpBD}`xvN@*%TCHxqA1`mogSkhtRM(=cXsGaU<JFrxrlEsNNp9vn*&ikJqes
z)1hoqol7+TNW!2`_;=m1&&+coGU>H;8P?dQ3p`|@EbzPR0+nQYyH6~gz2H3#Z`oE8
zhxy_yTJt7HhKr^4FfQW!RtbOMsq$dAp)#>ZiP=8+fqmvh0?S;o&P6YV;V2?K8WGD4
zZHCK$)`;As5nI(^$H)wT3Vm|c)_J(Mw3|!Mn&+SO{ltouv4Ga<m7}=Kr0Q?O=6}ut
zj<AvLPVc-u<RtBSx|WIG;$1c>0SI!!l(v=9V&c+b1q6ARL1q?~>ib2rBeqoS?+vKy
z;12g&xQ+djNuS;U$KqK~0Zn>Lmk8O@yfSvIM2sx~-ATzk-0UxtzhZ+vC08XQdh{(H
zfHRVNuz{~>(tpInpl72sWFr<|Q~|1nw(^jJOoOJ@{DNu1{?eI|=hc42rv@m6c>1l<
z4aWxno395LO1LM4LLwwWmY!#4&E4~_#pbcNzZ!@!uT4&8DW>&&36JGpG&fJ)<KGb+
z;2!Li&R(=T6=NaBuc)ak%F@&-Pmh+iN9XQ3Ihb(O9{0buPe}WDy!~nYgLS7EF$P7X
zTbSo$+rHhY6t4YhU6KqRRYHo~)3MwQBEb`ffvyNCR}G2~>6gL&i(18F{cF4pTz!k*
zXtJ5_tGt-m$HF`MTD%RaKUjaE6&g3nGk5Ww_M{{Qz=9`eBGy4q_f^RMqFy*UiATmS
zOV%MgUVpf$EZ+-$tN()4&1-Bo+RFY8vMVW@vy1D8ab$!idS!-TwVQ?2sn<x9B??EY
zo6DWu-a$+yU6B%wR8hT^5V_NM_B&-T<)dyxWic%Ydi~_<_>S%J_e<t#hHBir+)<h<
z#qRmu;d$lyBLoh4mJvJB7V&)*Okn=!zOOdz&7*FW;yFocvk{PrI^N@IBtEVfL$avI
z8QDj(H1AV<l(*-o%(kCrilF-7g8K4oLFG~I7M}I_BEDwxo!PHghI7BdIxdhbTSL?Z
z+)2f;e6Pmqs_P0`e4j+q6r@)xS6`qv4>>Jw(o?ZK3y!X+c`Z3Rf70-HGB)HZc?*ft
zBu-1Q0L8D!JcVjQ+;d+?(!wxS0TyIcj)gGklmyTphw|h6^tj%rLuheS^CM?PXOD8t
zg;E*1l7nPrc2|-jy%36^Zy&Z_HpCFDy;x+w$bPGW6f4x3=;4<4!y=xBNso*!(G7Xc
z2S<rhJkq)(Ukpx-_Jq!-)VEWZ8S0edb+6gluJzQe_2~NfO4I^LgBP}0e;*>v4?Ie(
z0}8|mJ_lv0Wg>*tMSdqvr-?aown}}x?_JPmYR#n;zmNKDSan*xlt%3-vUcKOdk|G2
zAd+RRprIVdV6UC>a5~N)*w!Mr!KS9+@RQFbdpx3%>8%I9VvJE9cvMR_1y*FkH<7BB
zA4i;HHL;PVA8E)o^Mz+_Aq9ZsWA?Ru<tXQ_Y6feBn!UJ)_bK)(_H*^{Rn!pprF&En
z-F_OhHD#o!YG|q+A2$cm=PK@j+CF?Th_CKT?8Qp(D)dLzuJ3@j?I^+40dayVEcwNF
z+*56jd^Hrc3THXRGTp9I6sTHw?KhWK8Kuz&d;19uHS4V3<#WT-wD>Maja}bDQorOZ
z!|)$=<9cE$>e~fho0|oKA$wedo?0X}_{=J4t6m+v$8>MM=TGTn$K{>-<gbTwMi^^0
z@Uc26HrthcYqh@(OQ5lyzdO(r<yLu)P56jskj{lu`o0l;BjStLC#WNzNOV6m!!aK5
zkd8A2vF(D%tfjx0DVgJqWY(Vl<>J;xrE661DUj<8Pc&gYw%;~3R$%Q68!DPyk%QTm
zlkoF5>e}%>(J<@9!)(VFx$korF`tqdzXUAado)#`(MiVPDdItswfVzk7=wMy%2Ge;
z479kNyHdV7ZmX_ya;E=2-nzH8Ygbj@u(<Yn#Rnhagtvlk>Wgks(;>r-HfrQ;OuMy=
z*=QAM8iDootY!AUzLfO!+9y8Dv*~kDdo8YZR&F;p!4uq2JBdHY5{&Q0<HL|!he?oY
z=n{gdi&@tiJhkqzO^0e2l@FsgocG+7P=6j7&p<daL^b*gr)7>(`Q;&bV|QsUegvV;
zx0d?zsnNH0eM4I(Q)Q4p@m8zxwnRm7TLs_CbLT?OhrdO#b0rXXSO(fv<OK<+KX88s
zz?S4T=i&Y3<|^$MC4;%@b5CHr-vILss$JuqBj#AZR7OLQybza*evcKy@NF|%TBSHi
z#dc34!dt`ch2?oD(XzY-j8T;qnC%{ZxI3aK^Ovh?zS($y^4t$(dC-sP+s7?Gz=FJU
z5=W06Q0=j!X)<l~x>==zI(C|0R7Q>rO4YhMhFI@G5H;3;MIx86A=Gw1{}{!=+Lett
zze>r~#j8*7YNng7cE6x;VL4>cTpU=+@HWWO%2n?}$m^&EN<Ob{5}7Hxy>Ed=sSQ1_
zH8*NZdDf`;W~8_u$uqsGG(M|9v2S(sZha_2U!ZDlL&q>Z9r5-vc}YW`=Bh<VL}1<2
zTea}~?cKLFj&d2YS({Z&=bbFZFK(|&Vg%vEW=ynV_}6(pXhtkF4AR+biYk1O%xw*(
zawVAy-H+n)JR^`$dQed(X;Lnt^~YqYVwjP8FL|%+iwpYaGqN@O94AUhil^$g``OFJ
zCTc3GhRdE`VzQx3VX8z+f;eJJnOz>;&L*Q?@2A2=AKCPSY3)2Xic1Sis#YQ=Kq8gQ
zUugnoT8F4?&nmLQIu)m<E0sc=`><AAN{Cvi5e*xBFB2-CWsK01F-Bq`vVFD=SpfW4
zipSfmGb7%1`N+9!?6HBWmfT69oOr{6PHmc3ycH$-8~i{g?#nu_^EZ_nLC*rvu<@%F
zlU6DqZxyZvnV_f!$ezh4^`zq4dDKWP4p@9Co-4FxOHs$NNc{1NVH4kTo2_q)Iln^<
zH)O3srCE;2c7Jkh1-XaLyaS4`6a-|{U#y^)Jnj0P(jfD~Bzp?_KV4*f%$Vu)UPoEZ
zbmA*MXsMofKQ(k#Xu%*7at|MtH`M!7g8!4agrV~VS#7dZZJfj$w<84^V`-17sk5CW
zN<u`R;lWgKh!e&S6`9jjq8I{Py*9qq4SYuqatkYctvZX@<XYr-)@4N+BD}P-1Sj23
zPfG6M{XOJRS{2rtcuNtYb#0o+2B8|4RlAJYIUk0R1}sfx#R_Yeux|Ilx4h={-A_H&
zniKg+3CQ?dz$#?)Dbp*-spBZ?hmIVFoKRP)4@vUwhabBQTeE(L{dVW~x#R=Nh!NFL
zoU+nb!zS-+iT8&xVqsR3zj!RhUY^W*6eQ3j$+(N83TWb{>3QHD!BeL#^!7Vt2sYXA
z=ysg@>JgqKYvZ9y$5-zBb8YEWv7gRPeM_vfOLs0&VPgfkNfN+Ouk<HQQjkxA%AZ==
zAExu4#6ousLhi5Vh-m05$}bbptPd|${){<|W412n3CZ3}-aWl!nAd*;zaU&OU>Er6
zneF=<nINoP^BKt2Fktz~=hmvJ<M%A_*SqOB?i=G%{_!JYs_N)x2-Jq)o>O_&KxT#%
z?;{7q5ArA5)Md#;rg!OE?TZh1qV(e%Ol!E-WlV=U;P|B@lBFMysnnIrG~dnI)qSRy
z?O*TfBOV+MMSj5QFQOljp)scSY+amd0$gH!z{19O_i3v)6oU-@56r~BUXOwQ;0t`|
z7a}2p|AR~MuX~_>?upJ?P@;hg^8PSm;y{4{02r$05cq$uFps{n10W`5CO|NV2MC7p
z^8kUCCOiQ2!GnN-VP-&c7|hHP$iau&K4AYublil&4g~^Wx&QzN`h1Abr{HKVY2s$V
zDJcK~fFJ-c015(LaiIR3@S`CXcuwz$LBRZ1NrSHrMh8axe=hhDFaR1<;~EVDh5^vc
zyG{c_AYfGJDJv2T1))(ouHS@$uK+@>(Vzgx6$ZyO8iXH)Kz~+Tqw#|vSEwG>Xb^q?
z;%^0DaL_-BBGH`x(H;Wh2mW0c1_c0aR15>a|5h3b=Lg>41H*4B1BAl=#dlRd`T#>A
ze+vZggF$~=0Rjae(6AC$$A6WEgKk;|3`hJe4+7)|{p~IQKN1W<Ba>Vc2!O*8Xt;}O
zGzb`RwI=C04G6yiLb*l*z!AW|6$Ap|kQ)tw0RBfA<A1jV1OWbBF}m<oj;d>w03pDu
zn7BrRK!7(p83>5RpaEWxBX3B6LH-{S5I1`w+Gu~5g@Dk(@K^0XbT9dv56F*h_y6!A
z|LZIW2ztXYAPD4d+oFASBaT2o;0-=>6aj9^gCedggYIPL!dECc*K7s?|3|}rDTwYm
zfAK*;{NTU+0s@0>SOEkDBK{5^2n5|{kv9awuLiv9%3KXFf79Tg8x^DF-3$vb;0g}u
zx;!}O3X$j^8uEXKCol*M`P&L;fj6}V1FxWdt_eh!y#fQePJ^ON_!kWVfn5Os{hJR7
zfPlfk>pr=Pc`*1!C2+Jh*9!w65dJGT*MAE{%Y$426kVf%;gG9YmTNQ!5Q4VW{|qw!
z@-ZBG!%uMN4HKfr`x}7^MSwtmD+5C}<nPA8;84VWT!Q@HrvnInqcFOA-010O8{CW%
z80-o|>3Zw<VSpP00sN-xaQNZq$4q=E#yt#pd>#g)Apj;RB>|EK^NWci;L<=bI9LKK
t0TSa!K+q=w4i*vm|8f{yAzHb*nYg%lx>#7^^CS3SKzuefDJ5zA{{vIO%Ax=O

delta 45214
zcmZU)V{o8N)U_Miwr$(CZQJ%8+s?%1#F`ir+s4FBCY<;@U)B4aQ>Wfv-PKk7t5<ce
zeXZSvUl66C5RLGlz>Ln8+txU0;HkEPqhm&KI?E5-?H5IRc1vr@4b+^Po%tXfFmY6S
z0~-*GteSw3sr~~%VGbk=Ush5rRc;cw9aiDx{AQ`r{|*vW0W}5q(Ld}VHotQ;6<%Yk
z`k<X%Qh1scr?33QVyt+PMSG8P4+j4Z`lAy4U(}(VO<yh!0DM18=K-Bu4ZAZZ#E9RA
zxIeC^<jSlc_Ne1|vURcY3Z>Bxe^`GgVKgkGUlsZCGzB;;kk}Z}G#rzY5v%Z=q3a35
z&`>d{@A|YK!}8tH&gDR``#v6U*%akY|7}A4Qk>F6a$@3#<|2U)Ky;)dHrQ6%B(TKr
zXEGfxQ|P?|8tG>2(tgMqXbFB8{t&<qs!j;p@h}qjq*uL*<Ed5oO>Yznr-_`asaK+*
zVeq9vZquZG66THlK6!H0k^4eyb!$bQjj~1?E?vwhb?Qg}!L;!D{q<~PvtJbSWxD{i
z+9C@3oKw5^YJ`yA5%tX)nP{kO)ya#+nZy{VltqOG<k|&dWJwl;#q}es-DA{KA`9n|
z#U+Zhe4dJI^&#lF9jsHYAjZG(+|^|g$ElKFwKIru%xdOEH(zhfR>@20Ji1<A2`RT%
zCnHx&aMvW)lA6Z*$DH9|ycs-OPd#uiZCq}76QA7f?jeMDC>Y~ti~L2?v=7npO+B(k
zu({d-me)r%2sbfar7$!Z<kGEWEKHmBG*~}c#vf`v&aaj}nAwn|$3!;~EPG%fzWi6{
z?`nw<q+j5Ch&7?bibERE^|)VXpmb6DQ8_~$=d??T2#b><2fTf%z?lX!*VG^-k`f%y
z&Na1Jox2(kku7H11Q5FxV5}nT3wB^1TGo>Q9*OId6}`ze!GuU&o<_sX;^Kd6#gJ)`
zpy|uDEq)m2*EZWGB|sk3h>Wo~W^<DDDG1UhOSm;CDqhQp>%>`Fkm&~sxHlL{l6f85
z2!f;vmHQ^xG<(PaT7>WOwUd6d4F)0tZY*Jc0``6uW<z^<f$VJZ!w*raFy1<;O~C`;
zv+2mLDG|L-;WrDm3P?Y`{^7lhVbkL>M?0=F%e+<Dn-jnNEq|eCZfoBdlZf3f9IJ37
zmg%(;6y24MK%9amY(Z!&lhtWFPRQ22%hwrNnBWOS@I|zS<mlolxYp@Q(D~sb{%n>8
z)_-GPpw<Dn-?PI}5?2yv-x}V;nfWV#j0bbXewil>{D`P1BhFV)(qQE^vD%7z6nG&v
z7=~<mGV{b52a`NX^@Hh#NiLb8YD<6xdV$w<>QwsGftn@uGoH$hl2G8)#*@}F(~{-l
zrBn>uUrT)O0v<(4j0ZWA>hvBkgPxjwO_d4v*08e6Y5ACA{OYQR0D!`$%QFKIS@e3e
zEd%g+>unt)WA;Z(bGsW;d=(W<-|c>*=Ivn$IA&C_Lu-2MC`ruIzQVvzCA#a}YITs>
zUu$GV9w3+{VfIr}0Ig?D1-~NxatgKNL<L^p*49vy616)@vtum&)9r{$1;0DDD>P|{
z(Y#t{RtF>2azK=);bnIOd#3=JIN4!){?w$I77X=lS;@|lqvn@d@yVW4rChNSs8mFl
z_T%4dD6M_VPN9)7vV_$x{Gz+ZsAg^3sd|+VeQ>C8zr&JZ;h^}-U{0-pv?+p1<J3Kd
z|57p$YB&Y<*p&$x`;#gYY~TAIjfO~4KhrKJjN7l-4%u)v*6}*>EDA2bgJx-;z=tEY
z=XMm%AwQC38!ODcx!-0h^mOYcFMOHFANNY7?Mgp{+_fV@tw^3mtu2#(QtA1ak2%&S
z=W3yT{Mfnq)?)blQnX`ynO0jc2vQb?f@b58KK<CxU%r}_n=HOx7RrUja<W$C72jF(
z!q8V01@$d9(;p)S)1wKXgf1i!UR2I^=u@PVt?t1vQQQ4P#>0L=rcS(C<Ld#s_{pc|
zrjYdHHSl8h$=`Y5W7ofYa@j4{z<5ly;WqKt9yc#S62Vm*ZczXY#h!FAU_Az6xBc<o
zV37NrQITgqCgU957S_BSWEmP(hnj;ADdbbGOo<v*I(hX&j0h%R99kq&;TwLR;ihOy
z((NjfsB*J_tF03PX*(0;HauMM^=ZI8=tYaa*Y&o+;skkzYX|K;XYiK{%@W2u#d;t-
zU?sJpe9;!Ts?KWL9lat98KS3&?yGFKGU#B&l6KHlP+p5zxEDeLlbG;;Vci8uD5ivM
zGaS+Dz3vEG9V7y5p&4;O3Ef)a3I-whOu{@Kq!$^Tsp)18>-nY4Bm{qrAf(sm>O}En
zJbBb82B(DVTl;!;k&8a)QtK((j+wISD>WP_cR>}>bjisSge(%CsnGlV2s_-kf+V4n
z7CWnN3d&76RMGPkLRf@KfQRzj`Ks+IfDyMnwE3+M8jlPJ_P<cq>OW_G556Ix?Ks{&
zF@iC5DQPbb!YTVxU2=XUkJTf`pJ8&oe#d&@&<Bdv?RZ0;dGvpOI=o#TKSkA66VWNH
zf%4%CCsuQJ6+H{pJ=IJ7jP-wdnaG{Gq<wq6e_}p)JW&*E$LDX|{Tr0?#g%J3`^_cZ
zu-BiztK<xvJSn*7%WDaG(i>@P2L#8L-V_M7kKX#`gS28FuO~ORoZ)uq3`2!3b3=6U
z1{;C(LqV14h0aej5DTyBfAZkZNEhs|FrM)zjh}DJq)EG%_H%V6RaBH-i3L^49Yu49
z-Z@6^qkOxkFiU$k`OT1&&N22j%FG)}e7So9y1#$|e5b)NIi)(I-}x_LoquZXjAPz`
z>6bTqVoP!q?5R0?la1O_Q5>IsW#Zy<_$`K4Zj7_POqZc97hczT*Yo40vOa2}g(jyO
ziUszg#JQ>wzM&br+KR6UE3LR*pTX_&?<KmjC=BxJk;Ue_3*&GMYeMXSR>NHI__j2Q
z<usbffr&V#A`%z+eF-_Dn1~e*6UKk$gh3xiKqD-jEZjZZEKMEZ{+l_Q*}-v<u#o(p
zk&Tsy=l`y;vHZ`XfB>_CrIWRX4G9}-S~52UkfEWdoyUS9xN}e6%$`S{6CfgEpn17$
zXMN=%!@a_UQd0EaR=<mOpa*uChnPtZ8J_3YZJ+m^Keqr_Jj}o|?yl^)iOZ<~UzsrE
zFg@*HjGNTMJW-XtHKu}yj3^B*8d}vND>10Gh#>#n>FKz7OEoud(lRH;8dG#oM?Mo^
z=y|I`Kr)&Ar*=7H$p>}s{G>=)1w`Y3B?KqM4aTMtYY2-Zl7>YWG?ir9)|k<V;Sj8+
z+Sa%97XgJo2Z~H~7tvv+GRkRBrF6^R%7;T(72`zaeyPl3QwoPc#o@?9RK7dE%o>p%
zRV*^RI*&g@jBs~(nni}Io+}>vUK<`jj+01D)MMGLhMa^EeyH*rXCX&|+#h5S)s=E1
zk0=u3U_PfV0bMLt_trIHR(H;K9E%}g`hTA0mvnSXEmt0e@?R79S=_D<ASF&YCz|h0
zUzk17TbuFw62bzV5aK(nH_V=YjWCs$=oCF$v<ssmC$1M2rUL}txjI0nxx0se?kTO)
zEbIL;Y2K352J~;9I4^m>NJa)BnXXXXwUz4yn`KSgh|N(%uy9!t(#fucD9M1dy|D@T
zV#5n^S}<avOEO|l<|oHrH_HxzXO(MwuKQTd^dIIa9ftOH*~>Q}<T!9YS2_@7|85dS
z;p5B2iz!4sP)*zucH~?Rd)2K1r<Ts2nNF4#(Pr&LYHOztu#$ZUyGT|)HxZ{HC=kD`
z*{X;Wdeexw)r+6C*$hhPJK<P`sUriD<Zcto6xeRM3yOrK5ehCOvbaYzzetO+)z-*E
zVTn~`-h0fC1Gwjm^~^Z^{+C4ASpP?kT*Ry_|F1?l{<lUs|I;WXpl9g5&D9*Z)*$lB
zNz<x5k^}UPeM3NI*5+_$eKn(^y_vqey$W~SOh8;oCUNZkGH~nOcmn9D1O@v@KHB;D
z?naL+8%Z&LCKUMQA>Q9KaLP~wbO8<C)S&*r{TA$6fAfv;B_Y3leov3WS=7o-jBieh
zL?cC7(2u5-8;MaMXp~Z)P}vF)?!VW<cK$cFTT86G_hozjY5CfbtLw*Zt&OZ$>-DhG
zKus1MKuWo)>!@Vqe9s0nTsS|X3!BwG#V7<$wAA?*`-&%l`3?Lv#dCQOi3}Q#*yUtK
ze$5o@<_^4t>?@))GP2rH6+kTyg5wv!y-e6Gc*c)tWRVAc#>o5K-KRd>s1JTpAVECX
z06llF^?x@%6M_5H7vEPSU*hHAeF5+n*tdzgw>i&#LV~k)_{Wq-J`alaiLD-0#`k%`
zuuD#LAs5Mg{M%aSRix(;+LHCxrkc0UJWQ(=wWf-nc5SAb6Px}c`%>;lySmknX$aJb
zpBl{GPaQzVEmOUbv7!OEu~N^0V_XHNvo1G9@x##5(fj;dGfyMechHt#=4uERRmbbw
zu<7j%rv6h|<zc7)-z<CYt3fV-J9Sj}?wJwyErXseg4~+|1;nhrbWxK+CMx*R!>3N-
z;Q>~TtIGa=eZmp}bZSn-idrMXg9U^t6(Lh(7U%%6#7)%kO6}AdcJ12ju2-_$Sj8jj
zZ)(>P(&ieS^E$Le<ka5|ap_k^)fa||I`m@mkN<{Fb;k?YmYwioV=keJ(U^W14{Ai_
z#rx-)IW9G=JL$G*Q_^onR=XJrUu}WWG}P8uM!e$wPIvy8XfN20VFrIK9L#xUN0z(-
zyMzWLu-+o<k2VQJ5q)sxglhc0rY`2fG9a{KM<p8THFxQ>Rvb!ywAVw~B>f_OVt6X@
zTfPG=oF0vG>NAfT9i_f_R+J{5mmQN>)z6OHk&j%tHPQAj?AY`#h&OAt32u8RaoU8O
z+UTN_Z(G&EK-@aUA1G@!XfYXkHw*k8cZ~sv^{CbfD~zCFr<OMYYO(J-zgs%$z218m
zojN9UD8cRm_*gEUb|4CH?`bB7#_lM(2v4POUIko#yH1}o$_jf1B^gv%&jiVIh77y>
z>@EC<YM0jtK|~GJNE~-D??B9;Av!Tu(pzZ49v8?n)>ZM@)4#=Oemd@8V`b#@R@Mqk
zlcfAMSkEgPI{y}smCY*{!|MFqSui9w<_ndI6rOjCXlmOs@48*h^}<mw$XiS-&E*az
zjQ-}bw%Mj|N^!6f+&zV5ZRo6-cyKt^OM@OXUAn=~phG-J2@fW;=#dcJc#(KasqSf*
z(~}ZJ)4B)gLalzeH&XG^y}R`bG<OZS=nxmpNKEc#A1bEN*94Y(;@|Q{uwWXId^pEv
z2gHg5{L2aqT$0TVTN!C8z&)0R_I!I;GY^22L4HKZuz^An&gBpM1S}#Rhyh!_6=go-
z$@)6VM|!1fQcQ-`q_MAH*znl4j@g&@k^o^<I2Cm=gnYH=F2^Fw*aa*V`2SoRPnWN-
zMcR5rFZ%=DuBzv5A_sU$c?{JaSxq>$m>k}OP2?JqzZbiG`UTD0P_i`!KYodK7lWaq
zi%h`z;)NB`H%Mf{WQU!33A#9ZtPo#N`VWT-#doD|=y^T#?<;#3iLGLg>}IQ$z+H~_
z_aF0-HV183W#z*8JQ)-i-b#S%(m0<dN^X2!KJS?KElK_iD1tYgm**?CJ6sGMt_69#
z;hbL_R=maj--6^!ph!g9eIX;2Jal0j`yG=0Mki+R`Jk#@|5iLkTShGgqM=6w1O@L|
zcO}El>7);7<N|rE1#`NywtdTKkOsWHNoclT+f%<Pl2r8Rc^n$O-w2?O=&ktlv;6iV
zQ}j`YSXy2C&RM2#D*ku=r^WcBW2E8r?Lq60!AM8seLyG<j%~@jK|z4<F7v(la_1fD
zpW?-^`l0VQ(xgcW<)J22@ENXFGvxkE#thwCFZ~@QUm+a-o0L2b-hIuEez1yR%)09W
z1T%Lo{g1wrE)FQ%J0W1{7wA=F^c}p&{4Tk-gRt1$%70GE_&AtEf*M*F!7i(okEK#O
zR9Tad*CEoXfRW#h-BpPqU}3F+I?g2a5GJm#y`~+Jt!UcY?)`3DnRQ}X+U{0Wp8M+9
z!J`#JPeC;->{+kK*h&95ml_LRs${NChJjTVQ<6WZwXD8Sxel0+)=Rh#^s`CVM-_$|
zD=jyRK{EEx7<JqW6a*)b*>tR3w8v<yyBri^wyRlrDf6%{Bzane<O4^JNR~Oa()u@P
z%{=r#kunIMP>Ow<I0!#3E9O#Ky$J)`-9YZOl^76G2Z2qy{1EsP52SU$z|Yr{&(to_
ziV~jOp6?b5L>)jr(gpjK%EOkV{uxUOu;pk`Eg?8#J8Fxaxl+$()5$cSaYw})+Ekza
zMd9>dVOhr~oGT_UL|1k~<VWlzRkfTNPO8j1VxNfhf@32{9Mgj7(~E4FJ*1FLJ7dr*
zDA$G3oC2biT9(}VK19PS?>Q7L95`x;HW12x!Y~%~+XMObMf@n`Ron{-crqtdZPpiB
za*8!)VHBi_icdQVhvqPGxI-oCZN92{*u;fcEMg_7X<TVn77>rkGon%+UE|P^l>+X#
zBBuTrEx@s%vP24%1b%yq!!HG&$Kee&0rX-4VL`>$dkz@U<|&d)SY!*jEVdF)k@8UC
zQxkym3b-prFt9sMqG=1J8c7x{Ufpa_KI6mJ@Y1r)OG#d!4Q2fNoyr_oFL>+Nb_9K>
z>gU<38%acgN3T;>af9dy0%t)q`5D-^)>IM-7!$VR%NWcM*qpRBlb^>1QLzk)UOXDE
zmk^$$%ak(NsfdYMgowj!Cmz*_K|WsN5l68e0k*^j7gz)IOChKs=IdR}tfuZtGn!`9
zf-4lGjl>lj2t(XkcKK;IAG<cc&soG&zNriJXW&thQXcid;CB}c%0ByMlhVivB9r}B
z8!I!=J!JQNVvJUwI*VBrn#D=BB1w@v<kKmuO6nyAlz3PnR1RFF{urE0xk|k@NKdJW
z1C&3z>#e<C4SrKNQqFL~B=I?&m57mAIQy)9od;FvH6VK`LU`AT99$^b&yq}A@u=BX
zf*X?O$Ti9er2JMn(YTkhqviO+mt!Z>GDJ2bs*3#|*C<(P0moU|UuZDC-X2e%M<%=O
z-Z;mm5SdSKRJSEfv|?gIsT30PP6IoZ0wg}om(r@b{+W@io@U`jZwocPsh|-msYdag
zMe2iOv*>>5Xf*Ckol~H@!D0SkoisC_w`nJp60Ia3+j#^daBlM89(Vn{n!tJE&dyeh
zQG{&BD<ffb&|dGwzw?W5)xMl78q1R$hUbYcc-R1fiYaP!e!D4`if`tZ)O=e94e;ZP
z)&7w|25d1J<2gXZACVt!$H^Y|ZN?^)IWjE7x?JN{DgY(wuXY;eU(@cDQf~I)Zq(0p
z&jm9UC<Ba#=#z(W0-n}6f{V89tm(uGoTK@z&-L=)<Pq1TH~u@nyiQbBjTet#xCX0C
z5ZjsGq1Hp`HosepnuNw2|Dtbm-2rdQj>g_OghAQro3mfVd}l#vb|`LS&O*~6tt2uO
zGpH^u(QqZP0Wdi)@a@ufc*k2%D~fKu0(oDb{DUWgw?gK=+wL8{x^s4j0=876e5p0m
z2<6EC`rMKQIWz*?OVJL0EBhD=_;tLc&FUgazS~$W?nzU;B@Wg<Iq#Jri~^fw3J!#w
zlhT+F7n6p9l935QbcD%+go8!22whoKIpFrC{5}HeqNFKa+w08sx2>V|E+e7c_&+C7
zR3^y_B$W&0_ltc_5^Y#<HjBvRe7M?jN0;KQ=KVTLu;YI*w`9LK<5?<*A(Dt#(O9fi
z;EURm@+ObFa!2T^N(b8aumQNhl0wVeCH2YPyh**nUKhT=_`UcJXJ@LD;h9DZPECj;
zXR5IPPWzF!_bfK6h3<gi#-IEdBlT9BeWOdY((b3<uk^DPS+F}jSm_Cmwjn_0JWo9|
z>dsOp(w8{^q=@o8qm?;eOASIv1pm<)6pBQJChpog9Gp2j>(Z3*2D~?SNYoG1aLe89
z4G5p-&m@LXLGisG1knn6(%dyJT5pJnS?Ankc{{Vn_9y<xoPOUvl~ZhH3i6em*UiDX
zld{GbMAtK2vD2k(M1uy4<ZK9oyJ-K`WS`yv894W5-@AQiyO+VS`&>Y#t572MiLnS!
z>o`43Gn)GWV7X760}Uhxs;HH`PA6S%?zab6c;@e>f~`VwYA=|YClU5>y@^uceLkKX
zXroZO%APZ*a=mH$vRC&e97R&@&c;pl3*}HL1ox!<I~Tk>E3J#IHz!2m-lCsTC5LP@
z>>dx@!-*MDJ3klINqCxB&ArqQ(dL!-v>si!63&Vt#w?i#09Z6srBi38s{nTPcT(>L
zYI%zzqz5gQFCjd0!Q2mqBM&ia%yiY){_W{Nuln8;#II?xGpj-e?S+xbg6zd~hplWZ
z^DKZ2S`ofWrfQAw=<)vA*cczeP1xOIm6FKI=jD0k{yO$k(_W#Ky`DBV->6SW@ZHvz
z^A7>Dn3QA+kXt^Z1@!X(?oUZ^OSQFe#LUVKncx3hUzbMQ#Bj`960pNlQ0=Ud9ZFk?
z6vdGQ{nihvdi7X4Ak+A<@F0)zyQVIgEDc&T2{#2X`iXvKJQ`Qr+QlcQ*?^jJhk9#w
zd?K{?e-#qOMO719G+oX#ueYx*TP4$4YSOKL&wGjiIp+x}SE>gvAY?)i_Q}!CN#Ll=
zDcbFy`JP$fRWw)TDazAPKFZrBp3nE~G{#CXye^K$4kv$S1m6P%b3CZ$<&i)gS7wgq
zBdr%6g{tePRb(mr=EpUVY}tS4X6_J6oFUb8HzRQ5nn3y+av&DM{?PP#vFqm6c0}pb
zLns{rPVTC2dcjd=iM&>dO^roZjvN_t;NP|J993&G!@rAS;IB@WP;1@BUR$;N-I-Hb
z+NH82>U3(pQm2QR{b=F@XM#zK{O#a$gO|}(mn!50|2eQ!$p3dWt)mhK3sq9*V6?nM
z<rBGsz3**el@(IhW%DF|VHXZ8WaR7lR#cY&)3o%#72S!;VMG^M=O2=`MkS;}KR5LR
z*YYJ*SUcvq%7P3Ujn-27sT?4`hj*4mx~sFOA<rpJC|zXayhR~=-NgrrYCq=Db6yIZ
zEvOD%Zpz6hQuz6`JDx}zh_hv|6-budlPc58C*tk<8MLXt6M!%5fN*Em|Eb&A|39|G
z#`!-rIy)~r`~NN6+5b0OVoxKErAoU}Lj^#BDw!1xD06pwwA<2it~Uu0C5F(<V~@~^
zFmLURA4>f}lS_V6<X(GR{e^}#AlUZ5;a&T}{4XV2Al`X-WFfWTe)SZaQC|*}M?PEe
zW9yH3414<g%~U~SMk6OcKy4G4?L(?m6}37R^DuRp(QRb3RJc=nYxMQc>d#l>zcnBq
zeNS=WLYB@oyIxoU2bSeQAi8CiYL=7vRf%J62A`nFlkczD)dIyi*0}v=>=`x&*J$`A
zc0p3$<aBk9gKtQmU;D0bf3c`Hbk-<pB53es#7THROZS1t#CU;-!kuLObBX93q@{r?
zEe74IXwjq)dIV3jTJgp12OP+}5H^75y!g41k&SH%V(<LeO6XL!w^d2T>|NzlBmPq&
z@}|}bAvb~)3D@nZoYU@hs>(Uvx;(oX1Rc$H_Al-vXR`s>zwoMPa-YxJrx(H2a8opD
z*Qf&><n;goM9Y1()pw|RVet&5an>v_M|dNlfJ`H(-$md`-?coiPIjhjQKvw;=#Sdd
z)BO*K7IwNS^iGH+7TLFWv4e7%TDD6x8>X6PgW|Ur*KXHf!9f44NFFZ9F^*WpKYN?8
zH<GI2pDl9Z&E~dM+GS}lK6vkh5R|ixl0gb@T|v|3V%~{Jl%!fA(?iKaBOi&AZ`0#>
zudLc=gdwh6*0NdbCdw{+G0lKY`odRL_c_93?s0&&mfA5bn`Rc{U5vOBM|iUx(mXwv
zA{BVNN}f;PFNRZ7WBMniqIjdD_w4Ypsdn0go30X<4uQadv!8|-hdfvImIvE>yy<3g
zuvE*)#iNqagZDk7pb@JwC4Ia#%$!lSgHkTK8SL)J{-8T-!5PlAP(J`DW2zZTj72P@
z@^T&oad5*ah%a2*$NJ!D5Kp1&&B)pwI!}~wn?hupUqyT16!a3C%y@7EQ0)ybC6~~f
z+SH>AvHozidl&CvJ=;ir*iAu@gYlFnA{!@iHa3)bv?(=3?UEVyX3H+Hk75LQNHUgO
zVyA^<`YG+92)GIn=^}t)y%egrS?-V&hxJW}3bTM%w6#9Ty+=f(INGB3(~bwfCF-#3
z6|Zs*Ek_etbZOaXGC6`JS=D%ToTG|jUAqcSZx&UW5afMcJ8iDf8Z{AB2r#&*FP*M#
z?9M2YH`Y@vM?RgTegckD$k#LR+TM8J?WOMm&X?EtW%>H%*9Ndkx#f(F6QAjj>c(;O
z1ED`S4pjcL(AxB6EoC!<ET}%v@uk>{V0A18i%O<w=YPT%l%Vn|?6gaC6KX)Eu>Fs=
zo~|!`xDKd?Mh7ofo!DY9P_4h{7;pMg5uMfuB`d9+S*nH!-8-NdH7XTF0%*H#9w3j~
zvTrBXw`0f?-vDku{P*!$(6;)$^T4>u1I_Zi+vqrx(to(5I=dipKjM;-6=pZaNa@pq
z>V`Z59JWSo;k|!f5%jr%SeLXAcLZI16Zc*^s0yBi{1P%@{C-p}HuENwz8kx|M?!xA
zHZhY+elxAz7s4fvwN|@210@=}`R#{@XB8u8Z#^sDE?_JB4`eLF_J$-@%)i|3)l4W$
zbE`}&i6S}h%zkeJ)&P$4mTUZ1D2f`#;z4WUuHs`j7D6~QDCC+r^qt?9P@!6BCk-<@
zYoO4Ad6_E&9%=yFyuQo^hXTzrI@G6d`dq1x&JwAnBD}d(W+-p#CZShw?I@m4-4Zc>
zw=emXC&1xqkTAkYnt(hyDElwpJ>1;-Z{HbR?eW3I^^~^_;^8TBZKBFwO4=Ev)$5jO
zP(xw{<{<{2LZJ}yF~KTD{k479vp&aoOskU9+WbGQkdI+a4?aS%jV(@eHG1*~2xv&0
zP9|bD@Vh-YhKWM~M2PMufYh)Q0GICZ>wC<H8TdTu8!?^Ag>F@I%+$UIc7e-)xpJa$
zqnIdY97Y0@olf2_nAovPx+w{EKH>PtAwKT7V`XkX&_`LDm;3}2XCNTVD5rzeN_HJO
z=-bNEx2*PwA67ZpDZlThMuw&i*Ahu%LBxyQS7oa61G2y;V!-4-t$luJ)uRU|7aZR#
zz`gy;VPg*-hmZ1iWb(WYtBx}dn}d|nfzUiNDG%B1MB-v#kSO~+%WbGR70Y{`&4#WF
za?4=fPv2paQ|iG}*mG57@J`>M65-U8xs1Pc-1#eJAx3@rpB#9dLn#DI4NfAQPerBO
zhJ8G=d#u2C)0ckz_|$VLCfYnoMy=R1@H5yhPs@`_e%@JSVi>A(1?ymrSzXXH1i^7X
zSaB&w1Ppb*M9`Tt**opY*qKnU^tPYYq8Dr~sSSR(I5e`L!&CLI!fckd*0e_}{avxz
z&$?K|`Ao&9Y83o`x^q1ET4@QNO9oCvrf3Z<@3?xp(qahy>(X-`Uc2&l;nwUdKtgBX
z$-C-gF%FN_{mrY%@LM66RH|Yi%7UmtW+(p--x%ySb#5ym8HIx$tgVXU8FaJ12%z%&
zm<fW4bWu6;aZg8ucYlq~*Ud5i7e#0PzZ9L7hnwyHeT@JA6dmgSL_O^P2c!QN^=NN7
zZA+m^8lBR=F;b8`KSpRXg4H?D$Dqlt+KmRI`!?C62(q{GQ0yGZ5JCG+Zjtpje|N4p
z>|&0<evtUA8)m6jDro`|5b6?-{m;%l#we|Z0S5CY+RI-tFJ~iuO+B!W$d@xi1Qj$U
zG|@ar<gL5R2FSy}{F|%k=f^cLscUS!=si2Nc52N%n{+DN+cEUQrAJt+cXRy|1xZe1
zl^2%d+1$t^$<(eExDzl)q&EgnWTsSFC8%O}p)3Iuxv)|!2e|NBq1xxgevq&|=Gh1C
zkY?M$PvurA{x&s=7Ka)B6Lffb;c#~-7Oc81=~FMv;7sG#z!nQ$$Z`aztP=d|sm|-#
zUQ$-dlP%8k_g&`Zp`zeW@_)1e5r+Et=evffmCEtLd^U{9@s%fByh(o0_#wnZSwEsK
zgT`}~2DPoqBH>2gzO@NU<w~0AnknL%(pTb~f@dHd!qk6ua%!+v2+e~ex~AqwG|s>*
zY(BJl6-11HC?Z(Zmw^-TjJdcna650bI%FGa9t1M)E9l1O0q$gsRTT*?6F&2@qO9#)
zuZ>-+3;Kf{{VJc~=fyLIvoa*pe9U7INJ$R89O+j|hxTc07B}|VWgNHmiN)P-;)RJ_
zJ?mUOx<?cBxm3Cxf~5faZ~xEX_3pXGJ#0sU;QIM=%o~)mQk*9Mbb05&A3cLW4*coL
z-sHH6FSAWy-dyk2O2!xOwl70L*Xmb9{)7Id((f0q@Y3klV#<fInQHKO@m%CU+gN^R
zIBD_2ydOWJNWFZai`E(=%rxZMXwzdx<5=8vbE~2P*IGS$(`14K%F>wrfO^PAO@y7X
z#;_ok&N~WQur;UxO*s!#p+7tXi>t#9^2a-xFLkQ06StWLzcH^p8!r8kiak62$Z7p9
zQHuM>Rl|I5F5oRCLGQVJq8=q63eScVXATxcjIQdZE#8>SN2@p>S5iIsMlJRy@@&lG
zh+c4s<QtZm2xLuxt+I{U2;;ypF|O^BN>4!HytX`pro7_=(!Jag(Xu1su1}T6=6JBZ
z&!JI)*`w0wMfG7ZfrNZNL%aUzt6!amX%&@L$AuJvUC@q*G4Yd}GfqccE#H?ULCN7;
z#z>rP@kdx9TYMRqn<5j|E3P~bjkD%;PIK7RpaXxynzko+vpp77N=4cKT+?7n=~+4*
zaF$}*L_o*^A`wdn7Gx=!b&G23*mIby^N1`G5bVES@a2D|U!w7-T?V9l_X$=-ej_#t
zrhuBBczUZ)vg3M3Me^WYtLnWVT<}v9B)pzV(BmMIT6ra1B(JJTXNFC|tw37*^ykP8
z!NdJ|b~UyVuU2>16N22upQ#zKt6x%}dk=d8K89xubeGg9^OA<+QzEa&JE5K*J@*D$
zvnO<Va;Vu?jk%&A*^88#f-Zw<Y<#S4F8j}s*0TE9dkmEy`WoVE5M~YFy!32*r2e`_
zQ>en$MXsj1@6DWo&i#dhSD+_We!!HrBXik|2(A#7(*E`Owl%c^{7A5m-Ltt9L#$C7
zWg#mDu=E0oL@u-F%Ty;vjDAoR385q)wSq$yM~bq5u3oRAB9=;HMrCN!>auq77sMJf
z*prdu5ky*L7V8mOkBXrL53aMNAj_W#nAu&-L3OU_3gJqy4g8T2^kysc=5h!nx*jkf
zIw7)R3b>DADk&y1_E_-q84bbrYW;w2M1vCp$o4H+|4^RikNh3PWoAc;#-J*lsTWA3
za_3kq(}&Nb)Hp&LWw)d1QPG9l!uZhOq@R{0*I8W6rG@Q$lD(QzC@8X{F4mBvs%A@d
zD|y#nK4FTLOuVt6=V2RcIUe}~ae$**r%sDvNYPy5qg1q6g^209Mal@?#uWhKT@}s^
zAfRz>u6XL^Gi7PIsx*ZQIM9e;xUFr<<xTl*7*%C*W>=NfDCAMqt+8AgTp%t(gO=a9
zY{YSJ2R?Rh@TmNtUi|U{T^fvc#XH07H$D=A-AdYDL19G+Ee<EB*(|gr|G5H6WF?D$
zKV2NT=s;SJb~!LCrCfKdCYzRMl~igDxZ<TDkz+)Kwd)+hoTgd!tRkyhdIo;oA6#+j
z0f5)jVGZT-)eHy2p39sF_>hp1R5o{k??B2J;rMJZ1H5MGj40?7hC=Ve?$UH{UqA6t
z^v}be)bw&c6R1IWmT{zjfbnp?{3J!61*l>FyN(Ton;sF_2JeOf0kJ-x+W-KdUKZ3_
ziK1Yv=@0x~eG?V2#qcA&y>*n^pHQ30J#3Kp>!M2$qrv{226=Mw@iwFQ(Bt9SJ(r*r
z9anohA9qrVtnA&-{_)(svRq!8A#nem?DVt#=LH$9OS!`w`!M|N#j*CVpDk4Osh;1Q
zL3`Y=L$t23;@ZOVy6_WtGuRejf`&&QPI}csi;8=08T5EX!gHpnI@0Yi#Foq=RIFp3
zC48*Q)(nH}F!au9Rl#F9KfS9i(pBX+w=&nh-#}u9QF$(dl=Pu;+ul3f#_YXr-+0+L
zzOfiCz3uHtZBd`}>q&0Z4S;rVQ$`_=-+0SM?aJ0|ZSwCk`hfrXBvuv5E8_j%Z}|T$
zs9Aacza*TU=YJ*P?7V3tu~fiD;+7QFNY4d5TqLNvXp08C_NnD&JDRschrga&av33n
zLo>yKBBo{Ya`OkDGx)dMm#dSeEBa0W1<rafcvEI~p8w6S4CH8&*yyjNk6b5eh@aHN
zRLdW+KY&F>zxKT8dhyR;H_oOwS~y%d^Tbjd#t!t;wOg#4`wPU+jX>bjt1Cbl){Nj^
zqf?GzKy3Bg!aa-YtZ`?<Nq>)fiMM(y&#Iimlip<DmGpMK*DeK{Zrnx8*HB|p=6Seu
z_7aa1*0S>>b&0SFaZ9wy`(WI@oYjr&kr3_tI@Ja16=WT+l}X&!8QSz?O3P)Z>+%!K
z2*Y#A6nM+weNX@Ta6B-kYJYD4WE-k)I#^;vftrq&Pc!^$tubudT1;|MrONTAP6WS&
zDlUiM7Iptp7r3HiMH-@&>5c@vA{1&5m0}d$<C-NX+f>f#|HiyMLqz)8|Lo0+&pX~n
zLmW5&k+#}6$eQZVj*A-^=Ol{nb&KoK^3uGNIr9wKj(_&&Nd&+bPwtU@yHeUWUVm<k
z<{}Fv@{s<7Pss98JOw)@aOZmbGZOIk<L$uC_wV!lW5F&wjH&`7kG7n~*{%gt(a{2z
zk!By?iJM?^w14({elK{O$FlOng)dL^)*({NOz)RuWu%$0c==%aS&I^@Y3t4k<!f^7
z3{6=OgzXK3YN3W#t)rkD_D76f=Ppl&tRHs*DJnxW0cp#*^As^uNVr?Pt#xX|#+g8s
z(=I6*nGKlFcpTWZC1cU^vQ#_^4n%ebzCgDqf$HKrzDWc9{f$BnsUce$iX{fXJ_>8l
zRo04R=I(>CK}hHmjO?*POkyPOVr2}@bB`BTZx`XE`HOQyCnLkv)AbYXI<;%pk*@O`
z;T%oCAzXs)7x-C`+hl+Ojrpu-Y|ZXbH+y<RG6SZc2a4pMUD@vN->3|};k&%Ds@Xj@
z*2dhkL1>z^7v4+GPvy<sf)mYv!Et$br?8ELUW|k-yMtE2qpWF2QrKNM4xSd+Z;(M>
zMvK{d+6NAc&K9}^LoVCKy0FOva!5WK6G@?${IXRnla_T$)?rrs#W)nj*^l;TaDtb-
zO?9g-*(1HyGTtM&#kw{`NojJ?92Hq35j!^3O3l6{*Fp0Vm_Zz8lWBcG9MxFGFglFL
z$=C%mS>RMLn8!*)iBFPQjzuif=~u4h3aX~RZ{(sxi9UESLJTTv6c5B?bI^8fk`U69
z?l}e2CUKd_iMlWaPsy@wwGd=5p3(=_g>gC|dA5(LefgdaY(`e$w&Y+Ui`_;AQF?h4
zEb?JfE~E$@|Bp?KoET;R0|j<7H}5qnaJOBvUsA4c=lv@bXK7bHP}GJQMXk8L-d4Gb
z<0c!I#ViK&4H5p6Nqv|K9_n8y*B0(;8Ii}(4U)|e>P!D-@!P7F5CRiYZzgj0{KtJ|
zoPBSsI>~BgMipq5*VFZJ?&~qyrv(}q!Mt%$P@wDA)l&d#4aOQk&GY=(>F)D-x#I1N
z)o+~7jHS)oFo*rHXFO|cJkuZ@{PbQSEwJad)k3Z@If?O8`d8W&yeF4Q3La$!&v7>d
zkFGVb4|c|)i`>usv9d{(U)tThZ1Qf^-?dte9{T!N`>4=eHZ9&wc-<>O-~LXjC_xlR
zn^kX333g6rW7%YYJncYG81!7-3Iz1#3UVpvpfANL-?D0ysHf{yMBPe7*Ptk=xN7OU
z0B+9h7*AQ9;?5OURtu}2Y}EaLU7}yumyC2TCxqbw>3|l91XP**Rbgu%KJ+46xt>bX
z{I5Co5Q$VLB|Q-)Q48uE#C}MMM>G^}sU+t9re4Q9p<E6?qh7&{yJUT1x6&;*7%VjH
zt|MK&1|RDo@34Ja+?pXgroEVVK&svjLNZTVOti3JY(~MjK8g4TJ)gHwg;^z@oHiy)
zmy@yDI@bl{ET~2$Mnw$OVmnR=HPWz;ie6npYk4iX)KtNu7=d?cEo}Ks$%+OL!|T5K
z&Zy(m_}vPiN(;*6gvdfKj(I?gwdWgY4nab<$1G-$%Y!65E!prueC~vEXL+Hjz?#(3
z;4j(*fPT2{iftjOMzOczExHT1{0<2g{UF^&;nr_EBr_Lb1v#4yc*cA<H7RR+D<Pz_
zXvVBsASglMlVX$+p)65kswtD>2FDx(naO7p+<hjtYDtugn7v9i>0`l3H=mzVOL`rK
z+T%&W3rJ4pkCIN~x1|7_<0N(yuFH~ZtEd~scD1h+R@LpP+*1wk<lUbvYzSl+xw3s$
z8ug)6NCG<=B=y7=HbA&ySyZVtpMrPlGZ#1CL$=F{e`ds`HP4B-Oj_X}i<M%E;f!rX
zUemBPGCq<mo;;B&M39&(`Ukhb)dqm!R9CMlBNbmi6Lac5mMQ|<?!|jM61qIGHvTK!
z=Q&zIzRj7IKkqSe>el=R(x@mLLzg+V5afndI8YxJSXA|&L+@EBp~CRbvxmy0gqea3
z*3dDe+QUTOV?ud^iqW&>wA4}1B5Q+t@n9xR6Q8<a;<nuQGm$Z)Xhlg5yC86F*B5z;
z<e?lCou=eC@9qC<tiYMi7DgfIU2JS2SX}L9c_9s+J$>q9J2E$tfr2A73F?Lx(TZ+0
z<j@!htlf=PZ2=z~8>+fAM^-K;jq8d@V&%VIc{hM{{1MJ?zvL`pT_MX#*QrB4)~8zG
z$<;i2snq`4b_^oggziF5S;yQ7A(|0xu}Y@X9X!}?5|$L$&J-C}ZnIF>tO?@o{qNXx
zf<t+%sNu-syKVJw#?J;zYR&wsps;M1<AYkAL5SkNKT+x(d<>IZ6at*fz{4S~!KOZO
zEJQTr#HU|a8gW%mDKrbVvCOu|$%;+}vz^;AeVN}c%#n^tc4Ih<Ma7|YoaAMe?_a^r
zY0ghfq-_B>NuqglyJD>yn<mpY76{54V(uEZev}oR<IvS4p4W#DF5elnMrpDKnBtnl
zv&LwXq!zBW7KQCOlP(IxhJ;=FkLRP70v~aLCv!NI1_I><(wi#h_V2w@=%a6ee%`M?
zOT9`<LGaNC9Eo6x%-|ASr)B56gnc@{Sc=X`>uZ4v!*30oL)77OZN%)C+%M+Tn&9UK
zpjjfw3P)Kd0S58aym<%nO?BuoRL-IZ9<ki!f(gy?rM<M7l3)R5?GHPpf{?gH8$%lk
ziC=8j2cBrk7o|1tv7#wQ=TiC|QGHm&uSj)_O`5ja!dWZNUkz%-lrdP5s4sbK18P;e
zEyX|qEl&xSW*}Xo;FW4Wv;Yc?hhS@jk@M84yWO!7(|?SR4c3INmA#qhc8g(8WV}LD
zLG*>a>RTv~Me^AmPhPVPy11}>p5VEQzizOea5Ykz?<1w9Ky#?8H001ufBVD|>doZn
zW%yx!$kqA}vRB5)%E#--t9@&LZ_umV0ti6I2Wk1e5BKh1Gx_JxxT+8qiVus$Z5?Fm
z%A5bp)uydMfqq)4P+0-qW{))Y6#af=36|wmNxg(9iewCvCOj}jLwPKW|8Fs|r|Z8L
z8Hd&m5xE8~=28Fi!kb)Y=d=qX#$}<YsW<1_e%BxwJI3*Xm~Q@LETkeQ0|H<q_8s81
z%#5+~08o&2>FZCmov-~PqPm;9(onFo_DZc!?1Oa)TA{!HeI7i@X+L-qcu)<-uY|Tu
z%Nb~^f36n$W9?RL2wS-2_A4(c&sQq!-3y+Q#0IRwM5*4oL0v*meN}&JOCVYgr>N+#
z97GLPnX)gYyze8%?kC^X6PD+GKmb+)rXLXICnnF7^UZ@PZ?v`cd+okUX{3F~GWJi)
z&J}z8C@Cj~E323*Gv*@hUa(-iVS-sBH$SWdPC~dn$xk4&`I#l?+B<@&ZV^Iq94;1N
zI0UVbI8SG@(tyFjZ!pO_L5lxv(0TvIi?f0Aa<HX2i--c(dNZlp?WldX>O~lp)2^BS
zwWC5e9)ul^$E2=nmG$z_YsT`2ZIpA0C(0&{9;Pe*`t?EQH|7BjA!25w?RJczEeE}V
zG$>UH^nG;=-pc$?Nj>QQ`+fXOM%jVAXQ=W?kNd6fG(lX?Bot(HfUJE9-;$l0nxb|u
zA>-E8JKhY0yD8NpVJ`^x`JfsLzNd~9e!sRfd_7WpU8Xr3NgW)A_V7H1Z8FvO^_tig
zu;?KD*R;BjrK!GCb0hvqF)^`n9~u{~PCEwqne~rm1RBE#gO(GS?FUBQxnixAvEz84
z{^6zT50>=1zwW$56jr}vAgWLw#BLu}tb+;>Fw%zryMGYG0Uvpbe>J7jnq_cfXqVuF
zbYA{8ZZ-S(YIAnb1^rA+TT*b4hW|GK^J#nTO^<f&CI1xCN+5uut0}%x8`49hEZU|Z
zN*yVKZtmwvF>GPXBVoit-~MwiNtbcjDuL{C-pfvMGZMi&HW+m#ruXM08!aV4r%X83
z%Rz1f&=>T4a2_|nW->WI^S9y#x@Gc5@pK+$eb`Hj#3Wf8Uw<zyvAey<WooY7t6zWI
z+LKg%n}=#Vys=@oxpI54Et$^X71!L&R>kIayP@E=BRJ=SgTbBbUB%Ax#_8OtwHMhi
z`a}2wN1HM;aV9h>GIj1)df=00D#cA5YbhHo;6_}6?EK#C-~MSVAZ!wDVy2LQGlCyK
zaC+px!J_lKGvnd8MZ_JSs=)|yav~gywv8?^29GKcC5B;x!u{*t(a7msp-{Kq+mp7r
zT-<9+0MelAlo&m*k~(_ooCA~6{rjdJ^C%lG{m{}a$;qoQ9#YDCS8=hq==k5`9|0yu
z0IU38>gtn<GgsM8b>y<RvPR2QVs|l=&H1JmN!u%~ooJg}Xo9UO1!czVHqQyJvd)B|
z$6=-wEWLpN1+7_YrY9m!NAQ4*EmJ9Xjebwp+mr-RSlE#}h>=$f9)>M{v)bo;8+tme
zP3rrBi^eXqN9f_g$M&arv$xRXSm4MN04Z?W6YPT+p~#~yzgD#7qK&v2jAG6p`-+j@
zU)3GdNr9=`u2`C>7uQ9-Wmi5vuNU7>5!LPI>uuJ_Hc^M%{yzV#^4{sfw`U{DdPU5<
zbzP5lk(+?mCRf}O8>6PYM*XV3IGyi+R;qJy!kZFudmo^1ai;QzE>SqaYc9VQC=KFv
zmpPeTw0+2uMOq$$bW9{0*mJ({+H+3iGAPC(0(lAjmkz_&?tv(LwYnALM8H&Or!@no
zC@2jv8_eHX6YoKZl4527-(Vd1W_THkO`q(eBl09yJzZKemaS)K2i)xY;H+?Dn0V#>
zd(%-*8zqp@PdQ=oG@`eckC_7nmIk_4smF%n{W8S-ddu4JPxv4PyVOmZJ=dHZU2qvH
z#!=i~QbD5|Ol7@6#=CxhfQjgY9?Eu8X^LyC{r4j)MamBj>fzY*_(`@>DQcZG|INvm
zJZ|u69Zyb&JM3cDMw7(l=cNX^eXa#<na2-Z{p{(r2{)WM&)^GgkkkZOU<rADsYV}{
z^N+Gf%un9x#QT2GIE^@DPl?54NZd54@xC?QjrjEPbX=lv*~&Fjvl}!Vn-j=0n&>XO
zj@sO<U<5EjE8UZE6CoxjKAkx)FfkgqZl(+8N?)~Tmlk`Lw2K;3DfmHiyrmk%Be=*T
zF)Fnqfh3cSAZa71UN!PAU^BY18DzY%;7w1v4_lO0%*Jar;1>wHXxU56Ce5{L(V1>4
z>$yP25eVa^KBJCDWfxIwxE<8uZUDRw_d@nnZpOu<G2ZX$ar7I*G<aJi|KQ=&Zak%J
zPzo|+%ZTX2B-!54EdB@(IDO5){_aZ_la!34_tv*@21#=r<4}Q8pzC+V2s>*>l&h(!
z0gRFx6o_+K<N`4>VrfUK;NdhWIFVQf9Gq&A_>)&MfY;3ee(|Sibw;R;OP!!-{zHb;
zD)>i1=s7D29IhR>i5=V>7z6&mJ=7a01DtGF&(OyLQJa!j_{xO)(}Jf5WYXHT)e_UX
zP9-wVISEz||1umBFt3}N1bXu7cf$9>TP0r^%ufpbO0v%Wi*VW6&i(lP5Ls4zXL(O+
zikR!7i0g?O>I;1uROC3At&8TLM;~!^guh4IKJxQqD%rd9G7l+2>+}g7kNJ$}T{Sv>
z!*AtpoMcA5$!afT^nYXhB}zl9f_q9IZ(CLN?tT^rzi4KNfo#W3ECQoxc>Ydb%y8Rj
zbsGhaw#M|^VhYe7urpz;$zyQfzE5ywO<%b8ft}#X&4<Vkg<-`QAQ|zmYYI*F-D~Kh
zC*zsHCd{|g`Uo|3#2h1;=GB^KG)S%Ee3wKA+HZ?|t=AP%dg~hcZM+59v{@?V=iL?3
zOHB*$pT?1QfJ!hwp&7qzZo6K7%CTG_S1xMw3Kz;`2xTN%7QUwEsYGnGA2asEL`<=|
z#fYszUNjhok~%h;FW;(Fol(Mx8@z}dtsLr(nCc})@-ERZB;1IsZ;mRav920z2{=O+
zuNdd;O1n`ze${~uX#9hZ#vm%<ph8Z>GU<8@n#s;5pu|WjG4~9E0cUeDs%+I7{s4(}
zlxyEd9VmDsHQW~zvGODZxg`>W6%-ob*o@Tmi`RYZ9D;qLTw646Wv0w{iQvDFAxXUw
zf*^#>3c8cUJc|xyaYHCRB%?YXZFZG8Wb*J?Dj8#c;78|#Ul94Cdkmref)d8uh6?}F
z#vxGh0&J7sxAr1wO$yiV)u9GnRPRD9;e}@rsnCUF%h`7=8BphCb#8COJXWdLkclDn
z#SCDR=I8kW?g#q?BHmo%)5r*L`5lR7pgK3o8W26=*<%IE;{LeXW!42Sb9&2bJQyX(
z_^<DMh;<7iAt)1)O3$#E5gD3Qm}*_#xaf=a1EzRV4i8dvQwrbCR%q?VPX=DA(<L@b
z><%DoOrDYp!MB^4y64H~%#M1gO_k|q1ce;BR$hT!RAXMsH#NSuS|Z+Box48?u=`b`
zm2ODl#mTU|QZj7jop#~bik@;{Mnvg-@;Wlh5z0fHlK++IF=_7ETP%@R_%jrQ*^clt
z0tJ@kEj*%UxbIyd+pQ%1D?c?Gs2GSr$AgujeAKa8hz>TVvDV&C{2dlS72EMuu;d(4
zq$4XOjF<8LHo;m4AC1ybK6W6PGDYRkN(gnKyxnnhFs@9bgveQN_^+kR$ZmNiQ|rP$
zI`Ey5Kj<lwn#V0x9Bpxp<IM{z?+jq?0voMUaQ0i36}<5BD1Kuh$1xl*s(A%gX{htA
z2`g6rT5FL&-7$2<)N9vYcj5f7yUAAKI1?_L=%t&?bC#<eq=_SPuE*I@3JM5MQV=rw
z9x-RvVP`FOF<PjoeEHDfN7J`|T=MB@!)uvT&bh)}jWdY&j^ez;VpIKow5T*>0$vQG
zp6;YXXSD5y3E6N5Q=s_eIpafM2d-ty#AIaob44bX_e~^{&Xh(mvJsco$C{kr7vBX>
z0C2*mS5vH06OTV9cGFi;3RNot6Uw#IMN{>KoJXh7x+aq7cMI0S;%MdO$m!+3z-cGl
z%<1yLdKTQDT8~mLE(#TOQorhV0B0>8ktK5LeZ8GN+u(|g*_{YF7I9O3%~<XDstwpE
zO6Ob>CfcL$GHa_b6fy?*$T5a^^cJu~ic_wSRU)h+p*Ii31d%{m`0c8lL@GwtSvhKS
zT6_`x1Xuq7)i$s~Fg(*9k&eC)8$Fen(sH&<ag_D{hplq}j;!1Ier($l+qP}nPA0ZH
zwmY_M8xz}^XeQ>wocPOg?|t8T>(*D*Rj1DBb=K~Ec6Zlad#~Sr@l-sfUAUoyw(ia!
z3j+-J3hKtS3e{2BE^b}1XOu;OtO61ILmNUlxF{Gm5klGP-qAnd($0Hgr;RmFx}n%;
zOo8}mQ$8dh+7NDW#<KaA7Ri{!G_JkHoM;;^y@~r7wN-^i!9#@izG2c{4lK}k-PZwd
zRfW_!hF0_JVOT8tR|EZT2p`@{d7+!W27uByjY%Zt#^3wPaAOf`j`#Hs=Y~`<We@X%
z#5w9H*a#6XI;a<pOcO}@tJUQ9^!G|juPLuDO;IsH(~Zyu2s^oKLMuvA<hW)|LLT3^
ze|g?5-%)#PcES95q7-u)&Nwzj;$5p!5aWi0a`D@soV8B>=APo?x4U-n8bHq6*#Vd?
zB+xteVxclmTygl3<*GF5P-ZUQaSO&dHRh;{kjkDzX>6e!&~fbO=Qk8kpA>&sm%$Dg
z%nSrMST-!ld43^5-jMqlrmt9sfg>(}_z<pMlkN$@^wO|{vSd1yBC&1O?psXEfl=~v
zGSp1oqO6-E!Z(avv+IZRjC4iZ<0U|rg{eVU7emmsJW`84pvfQ>8;9$%JH=3hhe(Qs
zzwn5+*j(+=X?+&A3d@YewAVwEI&icz=0*jJbJSm;B9wo{JscZ-!tk4?0wfM%C%f=2
z)FvuNLOy}=f<gcDlu1;}01KA2usr4<9e8HG;v_gDIq=6!C1w8WbRUW7mOlW6Jpdz&
zCzfJ4md_3rscVG)W>`4n)X(WaOgRS}ZJTRjtY0W-_H}XL&j4H%+hX}g{dIQEr&6*2
z9f*{eC$&DZXi!Y{??1?`onLVW2%N?dD@f#C$A&1i(m}=(&jAoWuB9)mjJvZ@<g9&D
zLk^Sd3d*#-cF*vl3h9bpNftm8SU&ap=DNeiBjNaUea3r|t-lcz-O03;3HkdLzE51h
zPtIx<Av4KB56d4$c$)9Ia|Taw$YV^zbCgia5CqQ(?%)`+_WiDe@9JW5ArWY<U87XJ
zYHsD0O-DE$IR(fHCE15$aXTM$l6T%ecHdT72b7pgKjV{lth3jYg5Lpt?$WiOL0V>m
zV6oK>oRdm2X5mKADq|@3R(#jNxI$GLqIHRhyQ=0{0ikN{g9tEs%AXk)yVJHGxD?`$
z^Y51Zy(-$xb;nJz*Qx2LQ1ZTc_N;$1Z;X$ZcjZt}Suj}({lH2<O*;rF=3P#|Fa>5Y
zVm3=MOOTxJNAVL{@`3>F?)dl%(y{zSdR-=}LU4OvzN&Ck<o5<I@UYgr@}|s;HMnUw
zu3Mi2KfxPN$;j&4cLND<y#bNiYn%keiQ<7&$QEZLKM{nfn7~jkk*hmF>~*oL>@&r|
z)4ndLplM@LKdnRdp8Q+Zo8KYZp4>^wKd<ifKIVW!H|r8VyD0#}<!A-oz61QtPlLQx
z>RxMog@J5%DKe*h-T_R6ihjeNzTa;Cs-LMh-V1(ne$!1+SmAT_G$yT(4MGvO5*lCL
z$bo~M3BAZHdm1l);ydR?B*_V=#AE{{0ek4c;HE33T$<U*2VthtnKt*6)6%~s)f*1B
z@K&8Xfp=fJsJ<kS&gdXVXz&I_8HQAvjI_1(a&f=${QL9`zU$)xh%AN&!N$YM1*8`f
z0hH?4yKZu#<-JxJ1x>h9s!N5!1lB*hMHiDhpzB%DT(myMg;SD5aY!_gTa3JKIC4GH
zJtwq-z$6#tmgOq4q9?%8dtkrvztVrf(aa)gf0y3yFQl+G;sXd#pY@jC&@UFIR;+yv
zql{`e$yzgr6G)ki*O2FJg_`W;am1?k0pow49~Si)eyiP`U!3pFY`q11EXD0^$1dC!
zRy_ywyjX}cK&xpZJ?<sl2u}ZCV9K9jS`(?Z9`>7-Mq!7qdfEe02%@Z==!yF`z<S`O
zMue}E$S<VFV{Mjeg|ee&q@c;`BWF&hLi^=KVU~s2J4<5IhK^<Y^13lw^cHE@26Sp&
zK|R8bOe5k^#m&KEY74Jdx{GFG0vlQhjJHbz%y8cdS$n>d)w-ysJoi;BP%^1RMmJPN
z8{ldZBq)rPW&DkA+@Qb=?q4xb#o(80N2Wf?W@&7&SPw!aTEzQxOU<uNu)-(!adp<6
zWYfLoLd`lz=w0@Qhqd$<tg)(uG~m~$`&ig8M8N*%Vd~2k6y;(W(*%f6yi6}TbkWE<
zChaYI)G$<d6qO@iL&H`3D$$2l`)NT@jjo*Wj&`_2lDVGS&n=uJEP`*FbrS9y!ITgm
zfkl^#`UKiY3*X%`OrU5)B5L+bCig{hDBVds<BOZkoFYTh%Xd|gm)h`PECGYW{xtPf
zjF1*hzg9?5hjP&P2HKWFvyf*4lW#Y=BG|ru$=_S~?1O*Mhi^~FCd!cZvDYwZJMgOq
zrr(2Fcr!dv>C80aRf~ZW3Yb8&b*`lg&M*aVr*qA~Ao+lH*U{M<8usKH)yyNCM(rEN
z@Zga&SKqBqdEQxspi6Cf?f|L?v`d@2U%YQ#-d%b#7}8_fwVDt8-aS4XSiYrTUziT2
zT~G)1sFxD$479@nO9f9YN<~d3@F7G*WD!KNWQj&m_$Jvh!>YoK!YyKN#S92+JIN=8
zl{66Lo-orAO$3J+7c{*4aKlUcKU*6jFU;ti+%<EBEi?u)>9m^o_W?VfA!}Ast;(xT
zX;)r|UUhLYtZlU*e1dFe#rK+^Q6`(kS<XOqObH_*R=506@TXi5-_Wz_?BA5@ZUc_f
zs^4(S7?Tt=`R;jm5hJ`ac<dpUJLx5k)a;<kTfOWDT4ST)LIQn8{n1>9hpatS7iFMo
z$znBLG(`H)aoQ}VbO8Roh|5oZUzSS?{m7U+$CiTAgNgn?$QI0!lwWhrjn1pn$83xa
z2@0v7s7+e51(93Wle>q3;LA+>fyU6Bgrp^$k3dEp-*gg`>?u9(LIA2eX^oCy#FMvu
zCs6ns2jc{8MJpKIKwho_Um)RL=AU^C9ji%L=*@j1tyGFe01KFE{ENnHYlrN6t-tyK
zZ_{H`s-7mJSF)Wb!s9cu!XWD)3i8^3H9p}&omIvl{RoO@gCou$>mpKN^ZVKr9UhaR
z(1K~i0KMhZG|2A(4D<v2Il?VQlS+jT0@pn>{A8=#$O*uRtJj4S;ZEI<66PE4^1x?o
zl|*JhUO+U@xC^k*mh8?WDpa1a|5_Hg*uvV*=A?3HQ({ga@Gx-BuN^wKiKvgWQt;O%
zVvC;>w_&&Yy{uA(=ee&d+_=IqXSSeJ`7<iT(EW&%WDH`_H#>a&*Sr##=b`7pL)^QB
z(9nf;r%W94L`k{Kd(Ra?3;V{Bvw<11FaT7zYt-<D8X7SFz^>Q}{|8-NV7L90uL%3a
zARSC%ho&Yce?V~7JCy@%36riU37T~2=ULs6z&8J8`+aYKd==g==}0YOItiCTIb!B+
zO!VQqgUoM`IxyNfoT?Q><pNR4j)^M%%QHAxT+u+M>_d%Qap~Va?twn40=eLCAZ9km
zXk`Uafw=$=&o!!b_#HA5sIx8GOi{x)6hRx?-{A{{l2u>ZFgL%5xeI|1b)u6}gBk;d
z3b2;%d>+DbOTt4JBmg)9v|!;;jXZ@E!z56c@xc0BdqXhm@UsxGI35Sj*4#xDyl=4E
z3P|2TKb~6zQj&c_VHY3MznkU7=@3_B2wTylZq@+4Q3<P-lFgALZ%wIdXKZ-D=d!{&
ziVPzLnT7<0mHldcK1{CLHt6H&HIU-^rL#(gF&?+VdlOb-Z<s?l46S04BuR{eosNAM
z#CZG4>f_S2zEF{CWDr-GC=<^R+I<FRzvKb(f_0J2T)4Qh#ma2)#{K8}_v)eNm67KW
zV)%1_Il0#c*Z$ky!y#Ga)7U~!R)0#?oJsu6?##Y*SLIF&rKVPMqgi!m&P*xnv754)
z2i5dVbvf+g#(aq8j@&~f-sS%JU<=CII|5Rp>5$dpP;?*+TCr4#%7Ps2DWb1BEH_F1
z;sMsn?;+uHP=>YmSrYon>gX(v3=R>;7-45XDsotjF+|ZFS|u#J+iY$Tnk-^%e@agH
z3ad<Bgg`>8Dwgsf2vUl&nc7ncz5Gw4rOb^RP<qHfegBurp&8kWa;%xrb}`5rAb)J^
z<UsIhTZ{Dumi$nFBlV46(TUmtThKbVsfK5vxwIP1FxgDbqDNbyG#T@nk3Aq`^eq6O
zi~Z{2Soxg!QXY0@>yqJ?yBgu<R@1n@&TM38M0rBi=M-r6`3roJA8v`Tr5!tEA?Sb|
zS3YeSKelSjQn!*M^+sIry9L6<!Dz+b;;D9sAe+PXH=9nu?jG%#&t_hM@udepvxe-O
znZFBL_<v==T8l(IqbQ(NvIOhkFIZCm)fcUi!Q!H)gZKSmlDfB~^~t<UCealOb#*ak
zBW`d;9?&$@QB0P>ZI55%cj{}kA2={)o*?lwK1XCpN$*vcXxN*aqCa`pq!@)DJlDaR
z^M1jH3rmgpJbVUI(Ipc>z>FtQx;suP5ssZv9g|;HP~tYlHu$mNV-Z+!b_)Uk*F#_#
zAb>Im&^w9%3!w}U4AzTil=!*ep?ga!l#+xnYDX=-D_d{(M!C155cev%9dvr|XDr$j
zi?_1$=HgyEgP35rdhA}g#2ZIT4W^!_Q^%LL%rJ<){qQx|*-;d4IxLGoq%6Y19?ca>
zOiUGg8kw0@XD<~B`^IvyhrI+)h=UOAG?i@?YB<<PWiji*BE*;9D^}g!9CMXEBg`RO
zvL%!4e^wNz{mNE!SqP^PSh|mNa-xhu+%<osENhQ-2YhM)x%YnEGT(Y?Wr2(`X*XsR
zZ<SHTN(>?AEirjEjidxA{fQ{pkK7d|2nlD`=*zJs*VpCP*N-^G*HQyOc23p;cz?Fu
z7-&bq?o#xlBTnvEaP;H}?T@^_^2a|c8F#Dkv$hL7+x96dl@e2Lc;;y?iH=Dz9cp1O
z4XlI<_2?k!EROd5{T;p4_IAfTrorPuo&*8)du0h=zH5Ighx4AsxdKmnJicVE`>AR7
zxYDqT)BDhC@hNKpS2Y0O%z!|6Mex1c;mFptcRUfW5@T!0K#~~PFPR1rJTDn7F?s2j
z-^-IZk!66T4Q`&8s8&r!xoBPX+~YY?GCx3Ww4pzCW%q6GA-K;)3JW)0Y4uSQ>}_x3
z*~SrnPY*qPl;<KRGaNTzox*qVUvSxE>6B~mN&_Kr|4S_$_g5HT=B`@q*M-+iDLNAP
z2eKi~D?vw0gGlvbP6y+r3QSgi2=q@f-4R%2R~W`=v{t?Do`@Xts+NpK59{-EK$aY~
zRapy7O>QZypDyj}rM_Oub9qYr?lA}RRTkE&?mM<hYhOg6s_L;Sto8{n!sbcl_-q6m
z_5C_T?Pwp7ya}%aFaj4s%)JU9of@tFponOBhExuR#m3k{W*Y2h!)&RXGf~aB=cxS<
zloz?^146`qkZLc+Q-7{t@!pT)h3oBEh%^9)78t9F2f@nC$pNfV6$R-0ir?hKl5{+#
zi6j+1_)#RG+7FJgCbLJrM46|vdEvm<48zT7U!6pukv!&%<=g5R(<i&_j4Y!9V3Wx<
zm<Gwz#_$g4yUV?r?<a*uKN!z{*<SgW7TIhznu~nFSoy4ZJXycBV?{oIo|?%tlvfs3
zL17_~wC)tT!|{L-n*!`-KHN=(_4WkFT^u`>VY|M*o+`C#dhv<IsOdz#TR%_Xy7SB9
zh8U#%Vf(|N^sI@Yw1R$Kcz6~YmXSnVg`MJfNG2snd~JGy@;>0&AXUK&EQii3P|Bg-
zZX=XGgaUf2cblj&4U=e_uo)4ubz3Jm5B5>BLn$7HOynfKXaHoLcK9&XZ{4)7oz*rp
z`pO?^QF|J;W7Njd6?b58^sk=te`p`B1cXihwTLqN4m-#gRJ;r>^{jiX?-RY+vsYR%
z|LQ|k<N>#Xyd63_$V;&ox)(3AllQZxaj{1r4i9`qg$s*m>Xtj&2}4DwrO7nTt4nfH
zLEV3v>lJMxuo%!=(a~acpK$2eixa|wB9;A@TRnmyAj`mji4i*_QWOqqum#vrbEZ*a
zh}og=W_$b)e8f$-``CiLG;;TR_;7n`Tc!ntJloyK$eBt#{~qa;M!h#fquAbxKQkye
z5&#UlTxUIhC-1I}llmRU6O_TFmr@khxuoFVMXTsdu?jfB(drgS>;W<US)vdD*wM5`
z>TkUKd*%=1NveacG$BITKm*F0J4%4dZyp~{>fnW5Cr9O!7f3KqN;FQu*~eg;oMpWX
z3%=1{Yw!gP*GF_jcw-rl61e^la3n=DL6a=h6OtC!Ewp2UkcYr6RPjwb0tG?Vz3}S7
zEQ2Gl=LWFiJ_}U0-^8ZN_t`dq)swGBYdNO{WMi)j)<cz}Rrno+=5Necq7dVGA*Pv#
z;o=(lXNyrBb_f3%_AHR7_{1r}=f>R}rS%{;f4^3X<qSiieViUs2_Y|s^`r3u3p`s2
z#W!BOm6by$WW07p!9%J!EkGeVGZ}-;aQ|i%!3y9h6od8E!bQXD9GWCSVh`Ve=P#*?
zDDF!@C>A|$&U*(j0#EcUyo>c;k0$rCh8D~cZ;=Awp4+jf3Re!S-5q(kiCB`#x$XXo
z-S?6aSuDNhYT(r2C~zbH^1-t<Hv&b~gk}L6FnTfTi{j}N+LCzg`;%wm{Ij0ZW+!yB
zhX63iyU0Kmf>&#*0;b*c4idx}k|X=2fgzMni3zfa+*QIDK1hxhtpINSYF5wQox5;R
zr1=N3f?#+7k5`WVrW@<9D$-Ra$4mNEkl@$@A!|0EC#O1@nA=u6)_D7A1yrlKeQ6!-
zy#faw<kycq(*W<A^BFgm8oPPCq+^bOmNbBnQNLfem#2TDwtjz}5q;T}q0+X#(lI!i
zeZ|0F{GU@&9}h4i&g3kybmo|E$+oe&0o15W5R3QV4%O7ca|{qh#oQ7)(dsH%*CY`E
zIfPYj%9Rw(w4bze+O*EJbV*^tPQ!txE_Z<qXU9fISk7YS;(bw7*ryev6v;l~S;+v)
zN|0BLEQ4080a&XrLzFBij(Dj$bQ30XO?UNGTNt);sO88ZZkhR9;SmyvCzfv+$TO7I
zS%Dm#F-sE-3fwOwL(4yFE4B)^wL<D>ybDEyOQXWWFuGN;g>w0%r(l-R*;hbtoDdD-
z>OFD~;z(c%T%L6!jKFUZ&9^-<M;HP9osDS;B}!C?8#%I<isZ`mFnh2Z)oZEc*V&~7
zDuMo$-*X=a`cB%#E3D~|pzMY<VEOe&!YULa(>EZh5SSyTF1nARM{|+slC<0xG$5A=
zPKZ-%e^Avq5{e|1E)F8*RJK8}J_^k6D(fzb^Qt=wnzWp=IvzZ!pCh6$gZKl;^TlIz
zH;0Jmwbq2V1WH6`G?;CKUqTUftY4<wN$h?(S{#<(21>qGE@SKkQk(*E&LjrN18axb
z(>AaN@^KZUe_<z>wVcjEsifBs8>0YVxQ1(~@O1A4crIIxmXtDtAjwEB7R8G%)cUZg
zm-3^;&s(unKOrZ=JsPRK8aDv$Zj_Mh=tC>z-BKmJ6y}!Q5O)K{J8J!ej(H7Zh<%NH
zih3eWZ@Qwz8=$tkTKh0WQ~IlA5*U1OMGf)ZTqT4I8zNSe;4ZNwJ)W>i+sGH>iPa4h
z^;DNs7YCb3oIqWE#ne*ghnDX-`0fu5QXJy8d90`!KDMbM3#TBoQq=&$dLNC4$X^~O
zCRiR;B=h(|b*WQ^>-B6ZWe@D<Q<%)lgZx|6S+Z_+@LTgN-tQpj=v^yW$d9s#x+myP
z)6y>9mIbqK#1ln?tVL<?y+`DtA%z>2`CIX$O<ZGs*_IZV^@)={-Y7o8DU>BmqsfXg
zYsr+Pt7hu!Y#6>G&lLc)kedmc4AD|a#U~k4In=PEOXK-~A0DGCZfIh(lEgp^El}ST
z6!~tRN0<~z^T~@80ZoD`h@jXhdO|v(7VswX0nLDPOl5X4P|={#l)x&rO<F__Lb*+Q
z66j<4cY9xIj0b9+<5sg1c0v}8I@A;TFwSiE_t50!-Eq|s@FxH*2D3t^gBq{I^c9*4
z68wlo!Q-zqk@Ofy|EHrf4WaHln=Wh{Pp7ad`|{bbkT#wxX!4YOR+dRG4~}dkH&pTl
zi(u!^L(AaY*<&(Vi{xWnt-CHdc7@H5MNg=uh3ojSwWs#km3U+no2|?_Myn8N=84Z4
z{*Mm()x-0{6>vc1leeRxd_K+0G0WV`?uwYB{&pdtVZ<eX<x86(@mQ^OWG6bRbB!Z>
z2Ri}%JdVPxlv|}@x!j=xxmYU1!{uX}jJpOCn+T{_JB|jbs4zUKE<sgMvN9*Q0;V`w
zPTm*N=ZP07PyqRpjU|*qLr1kc*xr7Ab5TX#QjCNSHwci?QPY6|(ZHwN_7%-A6!*7$
zMKiS0B7q@+9I9AV!6H1$qO}SuNlh4`6t4%vH1OkG<xhxpT6lbM)@^;bw8rQMg;wfc
z%EG?Yg!Vsg3X|NzlZnZ*1TFXv{b2ge^sRAK$-*E?^3<|sIWcU8fu3Tcc@w%@O2!9t
zkMVdz#sKmw@D;8DW(PidYR7TB)wL)$ocaPf^l8+5?g7`&ZSVsP<))BF4@F!;X~pb8
z^YzZtg_(10B|6Md7Xi&B-NtYam+z^_ROV7>87cuW`B+zZMl)$k{Y<aWkWh2&Slxub
z;)!DWR4OQx$!O)%0}BZ-uEg|lfS`2_^Xe&ha{y3)HGEtPinr#dhUNf<N}++q;o-A6
zn34xH1+@&dRWOuqwVja4Rr-3Fs@6|I@h%Fh`Fo%xfDCzcT~;Q5VaU4{g+IL4!@6yH
z;mDr8+}I1>kkL7((l`TmDkRzsA3$Cyyf13OsCnb~qF7H*EKt#3a;%|2U~H@xg3KHt
z0!ZJ+S|=GRh|13sSv9d^;oeY$Q?ZONEzN2C4!7uTp}FdTF6vY<=3o7N!2E4&OqN+L
zcX|G=hs(4*3KAy7cb9QsZ2c5$hgQCR{Y65hYvN&Dmr=u|JxqvyEtOQ_X-|cnsnNhZ
zik9*bG)|^5Jl39HFYZq+MA-BYk=gd5K7iy2NW1{8E7s4Y<8*At`P+w)^H&K0WklMh
zUe|~xx35^Hn~n4$;MrJ&fzVS}DuN$+A&fIZ)TX)h!~jC_wynd4^U1(|s~1YXNx$fe
zlt5yM)QSkjJ|40SE<)HCJl-DCqjlBmL;u;0J>)s@t&i*1_RXGvu6l%fPO8z{2O#c&
zkm)e=TD~V8aS}~}M}989aqq*v4N4a;XS;hLTdBVO9x^K?+c!`0pFn2r4Brax*>eAz
zAwxL*>7KHnqqqb3r(N!D6OMPZG%5U5)r8iCf3+l21%dYsZ)N`}4m-i0>W_E3-gBl~
z-(s}KaE8Kgv2gJGhal<PGA_41fLoyD3G;q5eFD*RfuA<AnXTCiiuIq_wE0v#v}K6n
z<lnWb_$X$ri=MZ<M@r)2Kg;T*sS>gK3E?XGb6uH->J-R)<yPrU`}mr~&Vu0@3?oz5
zwn4MDSism$r2{%qx-xXdFZc}d-Z29{;1fw3y#6a84j8Ws55dOF#tF>T{bzk$&+!XL
z8SOjMLWl+_#5#&(8`?BCTD4gowfEDJW7y!85CM`!u}IL8TS$2SYM1zs{oK#%Ov2c=
z)1$W|hT_TLNx$+t<^w*B4?%d}j{QTV5a}xYR*LkAo)$XA>eW}YY)|rQ&{w!O4JM5y
zopqXCaN%<fc(&YSbY!dqydL><`EkM0JZ4g*Gd9bhm|?NB@XP1iX<a_u<!|%eY|`iw
zWNX?T+U}_l_{!INFap1Tl$TCFG3UT9AY~9K)U~;wGo_yYIT#{i^cN3k{2;BjqUt3O
zEG{;A>@NvNH-dZ;lL4|?=l*#bzLdc>S;j3$C%w9ne(uxpO9m@|NH6C2cH}$_<&K7e
z8%`ivUvwonp?cKbQ|}B*Be@fKkNeslMQ1KT%4g~mL+SN|=E)elgaF+__nT+!cu76A
z+(rp1gAX%OlJKUiGftNO!@}=zwMnz{S7V1rvsSyCyOoETJyVujcrX^135MIUmFgON
zm8+3oC%)fYiF`N#3H|Bi-_WwNjApE+djfk{=bFC=lQWK7_)wN<Ywqja6~CK@i;<bz
zy_d85oZs-sV}<oWowgEjL>h+NfiqN`#_nG<%At=r8hnG)Iy&V<Lw?x`GBbSlJ5rSX
z$N^a@K`?j}Mu^>lRqjrrr;)pj;K79@#&V!p{@7~D<Gur+)m{?G)jLPW`FM-!bSOoP
z)*6SeXu7PQu^&G)`AY`_{Cjd}W~*1I7M{t5*5P_zyTQmx4%H`;dhC=WxkSiD91h8H
z0_bjA77V3jFLzPNHro%Pr)Mi)OX*eh5Env!EL7s4f)E?SwiRl3@=?QYx9IHdG|i5U
z8|?S@*o18WH%!LCB!BRR3H+Ao>RQ?Ps;blonY2TD!&G6h?h+f1Y`l0Lu_k_Ge3haW
zEE)I?A5wx8*YhM`Fo!<sK8p5Odldgv`Eq)cn`WwPQ9MQs>1sb;ImQWbGa)p+Q?jIP
z;EE~sBxJt&v?vUE^}s0YaL;jP{OF>BYF!vblL#aL-7LG9#t`ZYE3pRl1g@DE$^7x7
z8VVje#Qz~92Gyk*_KFKCA#5Q48;1+wmCj-YHiSVfc66!%DVdV0cVVgHFaFTSFJ_}!
z<eS=u5T(|IKuVx8m7Z{B5lGgl#k&hvVE{JihbImqDVn3PX%#3s;v2*eJ9h`~)U-0_
zWLyJ)XgQ{`0^KX7ZsWFwD%~+lknlUV1dW`GuObjH+ryVF*#zc1zxq4y85jpGQav>a
z1)44T(jZ6PgBIDTXek=V`pNqgfkkHUh9dD)44LeMg9oFgx=9K;LcLe=iJ`&4_pNcg
zgsTZ4GD?DCi<QjP2lRAkv`8{vamP|S$!G!U>lu%=<nD`QVU+y=f1fW#o~O9(Mk<uI
z28Q?pHCA^InYgy~83Vd`jOZN<xAT~e`g`;GJ2SWALGbTu$L}ypfAKISDAUksGz*$2
zHZg59gGRAaSB}u^k_(5hzEU%(Xwb^q=z3)=<5qpi)NfZ&c+-5^>S}k{v%@xIfa(F(
z&JAit9oC-!GYnv{mpAj096P*Kou=O`WOY)(&b7R*S9E0@iK#-UiRQDfoUJ9NZIDCG
zOxF@BG-A9}#zn)6Bon+@S-<I;iC269C4x*=X7@gXlVU}&cAO_qZp%Vs)4@ofU0}ql
z1(e?T{|XRNq%+0HzNS79Xfj<qfKw1}*e0$Cx4#_3+rp1xMl=V9+gIvFxaD8*fd*ab
zRvfiQ*HsITZ~<g6-EKQ=IWd+%!pp3)-Ua@BB?|3E^brWY_a-s*7y8d|zbct6oC^Br
z)cHQIztDL{g4w;Q?4t)>JawrNP1BGo^)}BFh(%u-LdUJ<iQ_cIOq7BJXiZvmb04<m
zIlt`rGeMcs6t$}M9L{!D^Q70HZ}J(2N-rQ=8T<v6SeZkNjh9@OVKH(yDCp|&SU?sm
z1kf6Up$#P83o$*A7N8Ais^BiN_JMrhG|#V^&Fmu7hTl&^$8)1FM+$}F@0C@1=$m6u
zLxKFtRO&bWAc)1#HPo&I7*Xm4#U7x9C9*UTgC2%+c2)p+e<83#K(c$vzIttEEAU}q
zvNnqaKTjK<teOb@<~LKq_dE8pxZahR=JBH_TyOwsy{>kKsJCE@v&k{7UkaKv;X<%k
zrkerfrNd1WL)z_SO1?F*qYBa=5%3nc>$kRQ%Clvw1Rj(&u{-7ikmJA$Ih4D7P8xr)
zhJu}T`;#rgMJqzj!~7@_sH~zo_b^jNTzoaOFhx7n?c}C;twB?;8Qo`A)g=iAUFWnb
z#{}Ob6?(KY6dI@r|6PUVXk0H!myc4m<?uVn>dfI&Bw0ep;W`gK<dR&pSVjCo#j)H<
z_4#n3t0s$6DQVIN&<xElBbxm6;76lHWIB>5x%o`~Cs07Udk^x_s!ZAsQ0Z`~8kF{A
zwia?8e}>IHNQ|a|fgSnU@PG<FWF7-W_?Gg8ooFgyM$mp?CuLx`m20Xz#Q$I?m(^Wg
z*a^2WcpM}+=pr3rg=#QBbkQf{hz(-?x#joIXn@~x>4-2%D0{;;$T(cmhJ+a8R{L2T
z4hJ8KAA5AS;Nx-$PRL_iH%*M_mAZg)e!FOv=8w#{Gp+)*r4k%Wg7nEo#}pf2T+Ll~
zE{F3O3n*zubQ!2MrI|zMLd-)-!R!`Dfg$tUT?QklcPsmH@>a9PyN8cZDJmr4NRF9D
z5rCNVw?d$(h$Ir00p=eCiUwg{llzdoDSxn?Q^D`<UIyD{Yw&MLNGKH6*xE!+iJ<Np
zw59=}&I(byRF!uJeJJ~qSl}E_R5-O1sJBbl_1eVPGm0h8aCp1}E_xzGX+}(mvB`Ew
zKEV{q2P8a&SfX7dnhz#0aOJsZHP!E;%K)=fcwHgO-`|dZ9&pGF<e^E6Kd!uRZ_qzB
z%vC5{(4!}?;V=peeJ_?v8MyRYMRyF{50D4lV;CFy9?Ex?eewD9QTPP7bZi6oJbhdq
zehVB|-lI;rXB944r&4&jyvCad164qBHqf|wf#;8xLV(7AXxexLBrQX>0G_4Mp8=Vs
z{DmB(><7pb9$Mpkuq*JkNkNS2DWsL%(z@@pgsB|6Fl74BTcgIexTI4}%c6lNG+AeI
z5EeD7Am(Mv2$$p(Jt6xAHgzWHSoRwpKYKD}vTTjYMP<=w5X_GFz6Z%I%uYkk)PynM
zsc@BpZH@`T`V4>viT)JRJ9+5x69km%ULIOdmd#O-$cOnzrtSC6+!BV`;kkfy<%_;Q
zorcgf8JW@B{}F(Brw==7NdIMm=yB1&&Y!lMko!=BwLu6=ptZ4QyH5XVOmP2i?!-jt
zi#wTl`xA4=W&Ql}cJ>+us_q9j`GJSgw^UfE$h2k6yxbU=Gz7I~*}n-8Nf4{{uhlj2
z@bNFw754Of;7%b8sYW-x%`Fk<K@y4ot_<@^T4@vu?a34vuspK6y}wB*mxAxy?9K6!
z_O|PJcj2!pR3OnkcU$#5wY|-=O%aD-&NMOvE)5T@%*7ZlWHz#Ik!n#yl>1FG<TZNp
zd8W0m{@R&K(-UoP?@SMHuiA^qa#;B5Z-gUuxl~tjzxUc#VVg9_@2MIcmF2f}VvqDa
zHdX*S;Om<~azLnH>C2Zk4YbMu8ySIQ?-Xv$H~QD|H{@Wbf2P?D#={9eREEk7r7lDG
zsF9_J{%ojpO(+>d5sWG_mvNTmgEQdU(bP9}J=SJ(@!;;g25MVYmj`7Ae2RaqkyO>t
zjhf%#%;y*e3(tP#R%{snW1X?Sq+QAaA~Ww~OH6%{t#9X0GGxjbqePa>&QMyf{CJ+R
z-`=pfjj%QUYm#jX$MHW{_}98SH*mAi6_gvOR73{K13W0S!DnUtVp3G$1O?%k#2g*m
zEF9ciiT|bWuL=irsKx?b78+5p{=<;}x6MD=F#o#t)!@HM1pLb%72E&E-@ioN{;w??
z+dpknvHeqC;J^H`{kLB>u77NS1f`gu+|8_|N?<^hDk{Q%NE%f*R<?g1{(Z*w@3XHP
zQmaVd4T!%w<nG``%)$&jsNzHC{NGOe=L55F13#;YA-LdJxPU7448W)!1R!h;Ch)u(
z742U={-;-8H4ao+IpJ72f%!EeU~H`a+yWf0!w36{T0W~Kzy9wKfp9f^z?~XI$p5j!
z|6iYI?Ei<p|6f1<d4I5u6lhUP`oG4&qFQONuZHLwxInppL0x#jfQE4>Nf9*(8PR6>
zMrBY?W?+6(El{x;2b2?7Urz|e$p$28Qv@zIqkawPMKdFmw2qpnjBYbY3nnNSGcnMl
z9TTY3iValh!~q7j27z(10~_iI{yC7e>3+2lSkDOdwH5Pq?aLu?n-~zK0T1ZYh6$yl
zAgeAb3ruZm0zS8)H|w{1fq`*y{$mKV2|xhSwed7_buEK}eWgbI%OTg7LouL34*_tx
z8XoxkP6%x3nL_2@`e$^$zFGfy;2h2Iz1`6N=@C$AWCVycY6A=(okrvM*Vz0YOKxC7
zFFSyXorhac@IMtPymE5AY_!$1x*y|7d>tcn!z9rgqBeAE@3dQWrE*k~L?|I8GLLye
zL&=4~CS<|LP2dul=h$HOw4rk%bg5cum*d+W{PlQi6|k>5`!Mfw0=9Xs+ynfu-;A3d
z4Ts*h=DuF0s2=+;STP(EWc0MuCV(V8`Q-)c%{#x*sF7)$v7VXV;cfsKNelu><|q*0
znsKthNUYB5d1glC^=LM;H=N0sY3=WQ4feUEnLqE4@K_FUQ3`R$@URLwoqnfHschhC
zR((X7rvxb|SZD%w0&h|-%I5NR>dJ0=eGL@@C83#Se`ej_;bfxu@jd~cSAeVakIy42
zm>>48El+7U`L&IGv(B4)?NsN|TbV6%-ky^S0!6~<%VxeKV^5G5$R3EW?(nY2Pm$NL
zvA4RtmX8~rg8EMjTi#c%HrPalE!@Tvi!By-6E3H4tCJevrpY7MhXYI*Zjg3m{iJ*3
z2#8lvU17NP1b*aZ$a$gM!2p!@{P&1i@~=s;P<{_%nUd^^*->Dj_Jy)FW?YlCp~^*G
z46B+#H^#2XoReyzbVsEQ6PaS}iuwtkQ#_)6hanoIS_>sJk>W;Wg8>ym-;aVF_92b-
z3Rx4Dr~FOMiK-S^IZW~+PZ>P|7WzlNR}2hs$1uAo?;z=xv-!=K$S{CRbDBHC8Fc@$
zxxKM|Ey+X1W81}#hiXE{9KAI-S*?FTuqEl^d(Yk9a&&TZ9&~uhczKsR_UqA2$CK?2
z7VqPOGOn@yO24~mnoG6qTwPnCUxK59zeWBq|JA(K3(<$Z9I^2&FI9Xsdx=>3<E{T&
z(2(tl7eD}jHk!KfbaMwxyYm0>nsZ*W$wA+iIlrHXm0`=VoX#i7zxjI+*iN_oA-Y4+
zLE3@z0F(+2!t{A!Zmy|G3c;%DH&j7+K{?IP>%l-H{FZtlay7B|w(N&`->MuyBY`OK
zlH6lzB1AA3WZ7gTqEbVGB>hZmnB%Q17E_Rfrw{?DFFoiZUF-vxHK&Bu#=VqSwGx~6
zjx-QN49}AJ=C8|QU2a0>{$g(Nm8vwSE_I1kL@e8@mv)pbCb#3v_9Z;dw3t(9Li->#
zP&yMqHsb36lc%b~%cPRACHDhc4XRg059Y)NIII=flJb=la|skn$h9^n5R9K1_hXzy
zNy1(()geZe#;63SkVJ++^b~773Mg@d(moH^a<*CjY2}CSqAqecOp*Ht3QY{tyq#w~
z==4jY-Q>g1*S9UycO8*bhMYdiiVxsMo!x(rv~2T9mjHqNR#HaugMD4NE@>Tv`+FhM
zksMq+0x`1oSjg4jul79c7>A=<sswsa!s&(;BA4(&+rMG}X$4O&6;9S%z7kq>Yp#Xj
zx)e*bE<1aqyaPI0l&$&`YkSAGJcx3U{0_b%k}AeFYtPf?z3AXGxQ*TPELqoASSjmv
zI}m%c0xYzbBF7FUk^UwFQNEsz9Bu55pQv7x--Oa|lJGJ*;ph8Q)tXT}Hbq!UYo}+J
zmL6@qk@|%JZ69e*E>aD@Ur)dg<BCfwtkQlq<MoA6Y&R9=@%)fjN@oxTW8WXqw?@7I
zyb!{XI8Gp+Fqrrtc%Dpx-E)$@dphtE>Ho^5kLAhtK=zaUTm!uK?ev3zULiG0ZP^b-
zqJHgzS!5D}Qa4$^!TLZ`+|BdjFfnPQ1&Inaq~K%&+&c?EFl=q$ZBbRqS11<q7wEYO
zy|3r7WSdFJ%xpMEkE6qM>*Sc05f-nBA&&<Sz8n42%)=kj-WYq^nE7#FmVgqA%>_>B
zoGfGEl0^?`4iaUUe5`k5#t*R?%#q|P&~|~S3pUS<M;PSC4*nuCJNKS%gjtg2==>YE
z73$gm5ZL`7T|SmM?g-jayjzEz81BlLuO#@J!8)FKOxt4<MNEZRc47K!^YqgihEgE^
zQaLB0s6$yp(P42Cj-AV<Bi02atX+#nk$W&|TZE4rT5<hx#_uT*A^~KVxOCZ@GNQ~k
z^4TUuCObh%sT~g^BDA;=gPU5bgVrVj=)|%F7`E?O{{4A9Ey-@UvlBP^?6Bc8UfZj}
zoEcOA^j@7X6%3o*s>n2Hj2tgh0iEDx12|0=YpBC*j8{@j1=u(SrsRb?ADq-J2yvqw
z;b|b|^0YC#GaGp{1mIgrkDI0|h7gjM3|=w(Wct;$c!TH#+ZPwG7vMZb6}b}s8;ZRO
zfR?1x9Gh8B(=9={SyEJp?+V;hH|D=tnQ3WQ3Z}{vs0JYg$wKLP84~-w0BueO>MtJ-
zYi+j1VQDK+{lX)UZ#txML{<l|PdUZOTMHmDE#|R4yEqg=(615rMJ4VP@U+}wzutl~
zDMvk5L?6<XZW&N;pgW6o9}ADxw1kNZkg42ll170wg;%9Vjho;aB*atv`*$$?XZ8=z
zxIwcpE#HDl;KQ5==N<T4B)-_o%x!|ymGz1CEn%-De3v!Mj;XD*0X?0eoR)|TDb1@g
ztzK=}f+>!YExxPkA5g?xW=7lU7B?OPv7-S`?&1g1+n_3HgZ7p1P@nHzZgiAXfF%)y
z@VUm5+Qud#<i@+QL3*}MwRFv*KG7las^{VL7eAn^3N^D_wE9S39cTJVJGtIa{3yBo
z18RU$rQ4+piRzQOd<0sJlSE)0ODQBwQl6?WO)8^{d}qREJ{iRTJL7Lw3L~bpx)HrR
zwl<62K0~=7+|Q}Bc9kq-jN3R`K#mdvmTj@2Zjra}kTrM2i>Mkc!wU-2u$KB{&2$y*
ztLx9*4c{de)T<wSTXugrr4*}JHF#tTAmDQOnHDlK(m_rh91Qh-WheNbQW3y7%F)Py
zB)tVj;#^%6<_<*#v$wQluwxvYT}Ki0z>6exO-kBZ7}&S1oKD0A`C6gt0v_ApQJvY!
z<W&*R{t76#zo+95rE9F0h;Piit<Ttole67X_zpvVOh}BX-$qSlRBlQaBUePeH|ouw
zbtZ<s22_03UBwnWO~-Y0@1Swhogvu7GR9S}OKBx#GKT`iY1LGhfI(m-r)r2FM`DtI
zX#pX6N!Nv>r$3wqE||Z613p+`;=zqTxl3!i<HA8xE_F>74)uLl?NoEDC^?!hP0sK#
zL$;oX6|gEEXa|E<R7@63z0($<Wa2ezwU)jW!ylZDl4;GlY34hkmS9tklv<F31~imh
zhNF1Ai}qIamcJTzr#>7r_pnd5$%iOlxv2HkNW12T2VJAx{$QC*1OUuqRDfYV0zW!b
zH=rRQL!juB6-aHBbqeMk$`(Z2V5@igadBhr*XY~M@r}=GYm_2(9!cbLoAohItEX6P
z6&J3lTJ+@&=4ezwzTr(!qZB909yZD(HBk$HORyFo2~}F~RXxL4HLv{^cU$pL-uunX
zEp>GT*2kCUdxidk4&b}*ZYSCY&ihzOK3<!~TQinRt)gyGfc0kQrHb<co51gF9n^=z
z?NrBN`99vUHlfN?9Y+fmXB>U<l*AbxOGp&ZFx{lujEHD2*8&-xWHm5(KV?H}>!l^j
z1BOE06)1_%ZYQ*}qtlcZdVk7~iN$KS^-f!XuM!icuF!t)f`9{#tr;%%GyCB*57y5h
zu9Miih?dkc2h``zCMSeivy^^%9>ps5RdZMjdz(_{z<34OSb+_64v?ttPrK?QVtZy8
z^7+S`Tcdvvw@2{PlxuY$b%YVfCn3DgSuy7H5Yb28K>|$$E9lvCSa&X<q$}djNi!de
z^OiC4nGB=fya0E`G9E!)AQ;yo5`~Qn*!`_)q8gQP(Xx&wp#cY&5_n5@B1Ftsm@B(4
zNh7aF6Eh;bsi4=0#B=H!h>+L$J-6sD{B(xFS<@Y~jNORLJ+`lMb2~kA&U>t{4z44r
znX+If!!^l*B=<!F-Wnk#yp`{fBbf6soUdKvx~f&xbby-F&Mf{okqS<m*a6|699kav
zl`)SP=f(3y{*|~=!O5y6Cd35C4RS^Ut$lgXcRwMJMxgH|)qHYvMI==8sE9=68hE8D
z4<?$tZ0syq3&hNHeZx9a9&L@N2)6Iq<wDe)Aks{*-8jZF;^IV9O;aMcHo`S;c2s0v
zD+ZvNAOY^ijMZ=!T@3Xd^ng@Udn{YAyc*@Z#PHY3jc6fDWQV_Ae9}AMGF_~?#b7SX
zN8?cRDe0QJ4fhnuq5{ZWB0sy^W#c^W{$iPjOdcs|W#}~6;PKm0l8MOLn1Azu_qod(
zlu7G?a*c_1l$@eaFYXeCEfJ=ai%w9dv8X(y$plF7%V<b8@@g%oXhi>M>*VfNi81q(
zH!Z>wvGG|d{5IdsFJ9ED5)@r?P0$B1%c8b$+hZyg;4Bk%P2+dR$IhlzsTM?UN7mdl
zv|@(4F)iOS_+k!I<~I`_BPqC7<rcKKhS2X8;6_OmH~I4{2zCBfS#0r-1yx!X>NnSM
z{BXej4xiKHD7NbpA<TmeDnZL1-j#s9K1q@)6m}`iOAtMq;m6J9)v5j_j~Yr379l<R
z74W>K#{P?KtR~Jg_N^aLRLC=eXb~Oj_lhndjB52Z<(bs7PX!%+WiB(`qlirFb|E4g
zEo#tb*A`=2?BZCd<hZ|a5W^kO$u-H@Ei(eR@O|8I@`PzLvJEJ?qDi9Idy2GcDV0>N
z)bJ3<i5Z;pxmD5f>61+{X9mJ3RuZ$ap-v!@s0Djy`kov<CAg1^P&Nz0MrOhwSA6>7
z&Yo};!K*D3XQspDIs-OE(Y8Q(hY#7L-#u=AA76|_7l4@rB(rqs>%;zS#Z0S`+f)S9
zK0YYI!eYEY44;Giu^#sC!f8_SNat*YKdYjDh|@Zm0QBBu71Rip5#X<F+i^c9Q9Gzd
zEaDJCKSz%<HNhY9))?K<Jk+?|=;BjZWB@yp;U4PQ+0uhMi_5tw$k|z*xQhkNh7CTu
zwj5>@m{byEIxhoMZbJBDOX$8P#P|T6Y3TW=?5ylAX<EI+At^94P1Y;d=@TnjXoZ~=
z;HZ+^^iOwojKp!)7r{qo$2IBLsbn*O>PsH^!6ruhowDyK#Q5a~k|zC$oly!Sg)Pj_
zjM-!Cws(QB^MsTV1t<)q!C7YT_D3<gvA)IYC$$lDB(JLF59-xU$f?=j$9aI`0!Xb+
zVmi69#2B?bjD<kMi)Y*%u!~uKKfm4k!VuA%DVOizi1fbr+H@~ve36npc1{!G2Ub<4
zjR9D3eWj9}v5_I1(c^~7$?N`+M894gRkB6ahvD`$N7a*Fwxg%=@a)#81%no55^b$m
z;CJ!rwnxbpd;{^h7g79qTG;^AI{vxgKgXx_qQn0lRXh%18V*1c$Rfh=Vc`5hSY4EM
z0$`Q|__;x%Q9+!*>W?${Ep9j?>VvPajL?mV_vAh&cxckKVdE1|gn#1c3`tyCLvccW
z#AK!GJE0?W__@A)KL_>SLD&L${$zXU9K$S}qN?7+2H_p9`*vU6CZ!L!w%3K27vG`X
z%sWp-Wr|mlM?ic~5`aMh|GZ74y!yB{0x=KSeMzTMTrlXhqGbYmN!7^tg^;k?957P0
z*ToR?d$?{dy0o#mNgLIGkvfh}HN_-f+t6@@NV$7^gl<(x5$8A`w@62-KJG8rFOrpP
z3>PcCO?|tv)w9E}9aKcX)xg9uUAguG;@sDqktp1T(>I~?(WHz<>{VB`nU&MB*Yv<g
zzsO#-E4xY~-NtrM?b=zy@nPlY@%s)ZH_1h;J@;yRQvhn2EH0<c>=tiGArh~F(EX*K
z);IA|>DDgs!3+ZZa4uV8FD*lX>JK7${F-Vjwq1mT&DJ1UC{=$zG|9wx3|-{JkcIn=
z<uL_gtBB{1FlX2a8dh&bP9YwdFWnXPO634ji)t->ZkRG;B&fIh6Pb&syWrWfCd+x)
zx^HLeIWZm2{7MGFuqj~Q<@9nJ1;&b2gOKL!9jd-pa<vCF7l>$3*q5oSR*<!G{E50H
zDCoDBLFQ?=;ohSMcz!>rX3gwYg1_5=zf65;`zX_OR<9gD(>+0sU$|r`jCg|j{UUQ+
z#V_AI;KK~@v^y=!=K7^I9de|G_wprcWT^eehu!4U1hhxK^1iU?uY3Y~K#f9)Yb)<L
z--)5w5$dirM4GxrnI0CBa!Dp{V!BSn=r&y?`g@$kuRuXH0D6-`q#sSIYxtHzm=Rp5
zohPKGWk(1HKf;ppvgDC&hsaAx@QEe{%$@gq;n5GBYk?DmtH|##XF3MmI8vn|;(}j-
zj`ahU)SNWV#`t5l=1DW_ugd9e%-{z50~!Yv-|lksjI7VY)u7|)Z)F7WNYM!5;WZeQ
zH~AS2eT~;X029~HVoQXAgNTJc<S!?uSl20o)Z2&{Zg!*_;=hutTOb3C1XlB;sUMCI
zM&b!JcIB+Ono{tyGjPxiGS#=Wb=Kz-wQ=M4`V&eoWHg~3LUk^L{E<rg<vq2>JND(}
zC<!geEv76?sUT5~qvKk{<Yb&0Shh~7VNfEZA|%U*0FZ{p2Kjs~uDyV_x5g}DH6KIP
z$a2qTg5OPcR}$RoQi;->Maqg4r#q$#Sg9Gga3VTw6!3H8r{@#rF2VOdl>o0l_9^#%
zVbAvYwIJ)4Fy)<e1l)#Fmnh6*sGw<`Me~vSxncZ*GZ>Bkd|$gU5>`55)+*i3MoGDJ
z0M7B(0(7j}2)ifAM;rZtVEC?khcvQb>}t_;89#{Yq-&G2oEBu|F{vcnC=Ad4FjiKg
zw{dCxhE%eNFzS)w{NQtP%AV}u9}I>%kLY38YVACg;Ks+@hlKNV!rYS`E~=KH*c!m?
zm84yOQsnrW7-3o@E-qk8x=PPfA&l5&r{wwB18lJLbc_%h5tod+GUXSDR?PC32O}6U
za-trOtL|z2k+v)5>4KtX$CW1`NMU0+fuJwaQwy%vsQlyKD?-!?4Gc~dINF4yO4QTK
znDI+OVq@KGczy5{j#$1|*!^<WaSP85{bsT6*SK2JYG9bL_#Rq3k#c0L7~kwCum6fO
z3YdJc$N8vE5ZJS!LqJ32sbDQX`CY1l3F$!{GOW@V;7iH{YPF+B=u6wmQw_dVup83o
zaKxs^wZvGI*LUgapkjS@{CyW{+-KRNT~68m$1*aMjkf4%02BT5)_wFq4FI8$u1use
z(`{i2o;}^J9crETs>QgIE#6d6qk>`46o9>=Pb@%A5Le8er+WI^u15zxJl-?!!4IZu
zEx`UK$rqTRm#tZGT4sU|={5=$Qdm~iUV}LApIXT6T1?%VEqdv&v@Ondh*VN~md!q0
zjOUv@r3Cuo;(d-s0#~?PH(3KN`=%P38NDQNFfmgQgA7i?z590s5xQp|$qP=E2@tX3
z4F*8T?z2RGkDOd2#0Z-}-nitAG5qDenzi^AN}aFTT`ni!bn|yg$AQp$X!7NI9HPd#
z^latiAu(17wHYRhHSJ4Ygx7UM%`HJOZ+gB;VN0N>vVn%vphvGIrb;>oByQ~=-PK#m
zBF=k8HkxXF-*ck6Ci2g(eSQgsBEW3rbR}U-!Lc>noV@9FD^eYS!59m0u5eu$bp6_F
z>REJY43d*9!^VP$-<+ilBq6zkE=w<M-E~aWPi87Yh5VM#f3Q>H$9&Ry8=r~I`}l#+
zt6W06KqyPT7k}O*GmI~8^y^*NDv?uqz>(jf!0?OH@#3$vlkIdEf<BQN4#331CgC=q
z37zXN5X$kB7smsy_a>M4!Qc|S{tRVD@#^tuyLZ8N=eagIkFFdNDZ~n@a|&AYWst&W
z$9yiXyBBoxX@qcdHv!Urcf5OTCD*FW<>9c)G`I4;@s!rOfKK8t3btrj+<BtuOBs*d
zapRLU8W{w$H`YL)`o{M$6+q6|Lf2>A>3h^Z_HzdVB-gsbgN7iXtT1Y7TTIdV_8pnT
z`9|DkZY)^11+USnD9o9?2TZDin1W9%4>cQy91-+hvR}$+?{Kjiv-Jn-cLfvhf_~mk
zxLWM^Qnvd(7(%8Wzt*gz25c|&7vTtb`i*jwI7I=opsaAut|<9-cmUtX76JL|!2NOa
zgK?3Tv3zsx=mUgA2Ige&|5w;sM^)9e@4`}2(w)*Exr@Eoq;#i(NF&_{(y{3V2}ub-
zK)R$u8fj^e?(S|re9t+*^FBUjjBow5#=X~F*SyypYtMPFYtbCl?q&9zw=l#!p<T?K
zns;R4I85bpTjeX#>NfSl{cX+XkGUw-`BPeAvI7Pg*MLDg$E7d{DsG-Xv_EGrwrCc`
zF`ilBG0`2RalQ{VeJ^6M*MwCvvLPmLCr%jGhKdVciqAse`imA0knsg<A6LHIG46k3
zD%FAN@f2GinN=rvs+qOa!j%{9h@(`GLu2<niN%!C<#j{&aBTPR{`m7LabU)6m!ClW
z6ap|)>!PKk*UpiSvv-WADDx~lkJyRw*rso7>&Xz(bhVbN0)`$A!kn>vYs1==ax!z^
zhw4#laM~M0&>)(*;7dEF{s(uZkNP$vS0Pzy^Yv7~y>dLF{qE<!`Yi{YzqU)p_3f;i
zMP4?iqh1S{xn$YQ2Afe@@n4JF73`Tk`HAwl*xX0b?)z<py(z`SqVbo`w%86#{eW{8
zbspvW=w#P^_#72Q<C%{QVP&Oh$Lsd%Yamtn^W@%Qged((J+io^hN_`fJ_Ssdk>iDp
zqoHB=`8XOKxDbuD)bP#`WB>U(7_hL`W!OlqNuK^>$RIMbQ!GH>na=tm*{}S>m!%W#
z?^dKNsyV<H1@|XtlI829I0M9N$fm`T9_fk2A_*ihL>QOmZ+Y^!y7ziHxc2vK1u?fp
z>xx*$5QN&+j#(t@BL#XH^*B^`9aljZUy;{Zd!0_5sh>7QJ~o)Vh`Nh0<2!%gB18@j
z3u!h&tTz9=w|llI{qc9PIX{dxC_+b+{^(b}hGM7$mDqz7b53Y<Upp_fWwDj2h&#{F
zr4_jZdu;a0;ZuOi+Y9T)wCj_H?Bap6<H3p~YedINI*t1EB3?@N1OXDR9t`(Ei7@Bh
zN??QAV)WZI!Ht&2nR3}BD-^OQif0eu;#>9cz|ZRH29}@=f14FR9%O#z<M^efsL5vW
z9cwm{r+<)iV%uBudOFr9fe(Z*bx}4pgY^P+Bt+W^V3&#dg4&Mhy)mtx(}6hjmc(Xp
zAHk+*IU<<5<SuuTlV|F9B_5umAz<t=AzWfzuPsNWW{$;2ThbLd<}CM}i`V<jwvDP=
zqcc@xwd!?p+LETrCNPsc*>3}<Js=%`15N6|d8v~JR|NCqE6_~Wee&O_t(*3lX~v3U
z5)1KAs|wewCuqM)M5PsO_j4CmXl614AOOMpv!)B8{QG;&9Szn#K0g)4#Yu1X;h#f&
z?Hor>{P4QJ<62y@#RcqSp1^qOY5iGmGeoF8f3|aMX_nD3C=k*+m#7@oKMYTJ;tlER
zIcPWCAI6UN1)2-+x5NOW#t>Qf!Kz8niU<$ZVs^EL7^%y#=bFpUb8SgOmm!5Vh+ip@
zp)mrZ=J3FezsIv~{DWp*>@^*y%p~Zp<@2U^KxU=ZUNYoSH2ER9I4<Z`1!oB3)PKa`
z)IrU7U+Tl|q}~<Tq2yAQcHiRlYdwir+^LMNUdI~WsE{RwCHS0W&f~VSdZY62werA|
zT9m<WXFnm#Z^FW&G|TdvJPLAG{17W-++<`os3DAEsH(u&%hkJeYrTv1xB=J`uZDx}
zbbMKJ&r|>w-kwa$&1S%ln$sH12!Y1-NRf2*aO563xU#j@dpTo_7DdAky_s`l3~s!-
zCX$L@kTuoUDD-dQIh6gpRqTYkcGO=k&3^8euKg~2W!z3z{Z)ZUVP((|7Znk`Ik<^5
zNIMlap^Dr5tj(#NY1%C=yh0`k4MAC0PSd~kjk9~!s9m?;OlMOu0jWvDZud4Q(J(sO
zm@Upe9X%!_keHHp=n1cWav>DzVv>`A|C0UkRv3_|SB4n9{sa*>`9zn+-}4D$lRTeO
zI8S8h==+V+#vrD0dQt5&T7Se%miNMUBrjWabFohH`?CmLk-{^y{=0;M+DPkV2DSGu
zD?6zOsB{Q0qZu{d)?`h7122lTInBOOcDrXJez`yKYv|JFQxP4RA&t(HJvyYs@ewwB
zr}xeL-$_0vzyEn*qrG&6qT?{AX~&DrA@^C~Pv^17Tdg)~PM>>b<Bb49Ga`YrI2NIS
zw9}`ex6c{fc@S~3YXbj!mpLwMjU9<Mu4?TiG8~kMgZ;QW&9=^x*hYm!9A~<|K*;-_
zP5J-Y(}n+MPnQ=80{!=%?pyTNuO}ydF!nc1%8UW@P$6KcNI7dwKRE`%m#?$g6+<Xd
zA!_R6?$X<tzW}ENQmDj?&L5<Jk8S<J4WTKTdYnhf$IV{fad{5Xl0{AXdp&maAGEm1
z`co_VYMSj1{Cz;wQkba76T)isHjal-#Mv+K)q7;`Tfn`SKk9DR!_kcbJr6VsD+0B<
z`w0aF^ds3D%9E0V)-6?hkrWUy25If(q{4~Tni0_J`q@o4*U=2r?i%FYrqc&MVYLp)
z09+2B1~29fd}d%#pcm;t4VJXU#ES}Xo_l<RpyX|31~EAJ-E3nP`oUz|k*k{!clrAr
z4+}KJl5lU*B`dPJuE)mx_7R&X)xNAmd82nI8eKN_QFtF@F&uE5XEuLq^{Ib;6YLt~
z9vH}@S=;S?%$mVnod&nMv+nDFJH~Bbt|P2@eY059Y{wWZ3D=a~zKVN+w@tJyZi!Wu
zk|O7(Hp<4+>vx>%$)?{Ml_FY<$lT3O{`7q9<v`YLe$JS6Z%jpYf~sTQ+8CB4?V7~E
zHx0GtuLeJntclgB<$j_tQHuN;Fy^}LC8yx^GBR6AwR+5aTWH&{H;GVnCl5I09`;os
zul$pbmK32hg_;@`s#|-KVP7x}EXmA%$Om=`-6fjF5HPp9MmME!3{3mAj;K%$mc|Ws
zIiA0o3?X5}rBH+v0P7!0MjJe&)fk(k^vKVK^X|TGM9d4gFE-5`7#f+acn=E>Cjh^8
z6_I~kwyr}Zl8#e|`%!)nHOG6tJM}ZSa?5j+1>9ww^V{2T(DNr>`+MP)!AO1Jd@=$U
zi}3wqkQ*Q*hty1-3TK8AA-KO9jerP=h$$io%d)9BR;zd|9P*h0x~yF5@X<#`D*FQh
zu+Ao*LaM1S@TDwWUK>MX4C-xzQM?HI1ETX+?V0X4b_sgT_W~C<B0WSmzxv6IYYwAa
zM(DS^9Ub}LP;jj_TueG!`a{x@sjl;r?Q8R>h!|8cQm_54!EMJp6vVh0Z|6Zsafp<*
zW-4vZ<^=X;P+033LA3mW-n4)=r~6_Uw9}*1l$Z1nNe)TS$Deviys}Kp$iXH>fxY!<
zN4%)O`LHXYUMOq3oZ;s#<O&8Uzu>LZ;xDa8(ne;f+zKPut(v+RjTT9mKLFS_Sd*J>
z*)<Gq0G3R-LsiOl3<SyUtDLy9+oz15QZw|}-M5+-b`h@c+e16K2nk9p=jt8;t}f)c
zl}J{w(gs+~NzRvA(AR-p-%uI_1)-d=i=nmY{whiRr&-lS6RsMk+R_R}o2HI<2UUF?
ztLGBTw?)J{s;$khpB~~ge`;Tk<0`}Wc<;oX<kQ1b+Cna+=#7Y!jOEndpKPce%|*Ne
zn}nSelZnhV-N|L)m}~hz(ds_;Q0euhd5uA}b=`ZMlJeTEh(Av}+9Kx&l{$b`EZY7;
zKe#C-D5q8|WKz-O!(iej9Uy)psh^btO^6*uIJI<fg7(l{Cp3X^ve@cwvNTdNOy{lD
z(~syzf>=z6g9ivfXSGI;H<CC728APiai9uEFt}5X`+g>Yo)k>V;~Repd@16N<rfUQ
z6O`)+d|wek*)h>evbt@kU?k-xCMKm-#IG?Wi}{=_^G%(qg$}kUYCDf?MS80=YWu5G
z!0k$?FSUr)sltXI*<3bxf8Az}bx7{V;_Z2NnsS5NWeP+@bVz@z`8AQ?I{1O@jedDI
zp7psysV#R^YD0(NwX}SR@cq(yRkQquMHBTQ(MD;OMTOm0d3)gmMqtkrUxCJNhYYkW
z8VV7D#Tt77<j-DqEzY161}gOrQIx*6e`Rtg*CV-^Y0ZJda@Fi-h@|kYA=xttg88gm
zRye$78#IOxD}0K~C;X(NU)cn2{gVO8M0(HX(<9D4vGZRB&^JPF0%I_6S_tXbAb43u
zyi)N*U-{D3M5j`HoHKILdx+2zfc!dmsGH+{n`HNnWm!(%REuD(<}dnnzB-NRvs37x
zSfX2Qnz)phB+Zz4wypNNgw>i;CL4ltEAuS=s#H3}7_Ogr%o_HW>Cd<ytzJ4&2xJ-0
zgdabC|3!n%viJMy`|((=0W~-BW6=z|v>MF?W#0*9a;3$Gt{!r?`sv7^X8Ys*871!$
z@v9jnv9KtnvSiXzeQ3+`-T@q@3NwR^<Z=eHON{v?%MoJP6zn2i*2%mBlB!@YFZQEZ
zKG%&K1lWcD-9;c&PAmn=t|PY*Z$>7=u|i@oo);!$U$8cP7N-rx@BY~bDnO@y;9{gy
zj!;riQdaI|WZj!?EE%zyCDv|Uqjxg&SZ3xr;+lD=ZW6G1Gf|SA_JUW9xcwS#SD{tu
zd5|f}U#=?lwO-II%%GA2nXfLLXI=}cVhoW*v^)#9_+?`_<0Z?iR9TN=#5_qpb~j$v
zo_2FVQ?ez6r@GKZ_~17MJDZ|&>xY;o{A4xG{u$z!d{(T-J7~PaWE~QCDIO~1zu{*9
z($p8$pLuUFloZS)P9*dA+)mx1@@8OaD2AdU8;@g?nQWp_&|6A%l6hWV{Z(ke?*fP<
z!ogX|TO){1W;<y!bc%%PoI25mS}cjBlg_CLEx<+n3mxqY5%Ho5LP$2{%ZW%dp7~H5
z5hD%E+3<PMlMHSlJ;;c<Zu?80A8gxcn|PVxhpxq34V3YC7(c`OT&3eY__v8WB@ctL
z8L~!$8@azoO22V)li-g$!P}?%k(S=}3=uPhsUxACadfZ5=};T;<M*(an!o!Q4YI2#
z@<d~%eRFy-_`~U>JkjtLS?<WC_$Hb6$z=GC+@(<@@ui{UTlTn{)ox21<%!(BEZ(*w
z(=!5hX5mWwk-+^^hSVR(xR@WCa-NH07j7N&<eO~;N8ey<U{(35w*8c2$m^0=tw+e1
z_jiR=A2}-O?F6#);H{oI1-}~gPg7eK?CkkH16F1KTqIM-`GTFTgc$M4MP?#s>b~UA
ziIA+T*j;;=A6YQ&%GQxN>)B`d`Cm8npOw;B#~mhydIngh3CjCWv>ut51rWj`@oB$H
zq~{nRg5`k?PHPsI^dEPo7Iw>(C_NG89-0(IsdJe0i>6wVc#n&{L-C4Kk%jiD_{-Pi
zx)|1*4=o7>U;V=v?}Av+4#^qdN!X-q@0vpJM$sPo>%RgcBYjxzKHi7XUlNZ3$g~Zl
zZ}S1KN*{oua~qQFOaTAT?Bdg5ZNmcX@-*+b%mZGEk<bEGg7J*dyf9Cvjst|-JGzhE
z1q(y0rFKJEE8Mzf3?)(is-=35pIJ)plo!-u;BO?Z3oLdtYh8abJj_fwYGa)%FClF<
z6<xiyZsYYrSM)fhzpswfT|GGqdp*wgiM%f0s;VsAb_m3u8BI}}GVF}zi3=~t`J^4R
zK(;*WKCC>!?81xF=^0g~!&8W8|3F6b^+;hh+)TXmu#C2nVlGVXTCqk7vKXbcav3T3
z6Rp~PvYrU=!w%^G;mPdDZ@_-<+I7^cSRtHor+_t%QQ{ZLzuhP(mU*pozwQy-_}V<|
zER^Wq{k-F7wUT2FEU)O_rgtWJYkA5Z*WIIH<|5fi6;0=bK0&S7Cco5zAd8CNPJX^s
zz_!d~`&nXT>yjWH^J74q6B4~3sc3VR2S)0xJMR}g3@38t*VS?OmX%sP5AaA@!a;5s
zLwm9xT(^E3-Yj8XLMAc3JTEa`WSS-Y5t&a*GL~<3kE)*~`bp{ik(9e`sdgbs=zN~V
zE6jQ6<`iVc(sVlkj{p_FJ%p8MH?Iig&$bIxx$04-EN9*nVJ(N9&XdnI-h_CfTRB)`
zTo&b+Ja&d346bFQkGxQvA;PWlf!CoTNBRu!q}xN0@+Y1rl?EIIuzqe0jsu!Ji%7mE
zg8s~XKG<>a?iIc#Ml2a1Ysad}+GK6j#3T%*eJ{t>oKVXXcm*$n6d{@rd#A5XQFSkh
z%1wjoH;vfm#YQjnR}P68vZ?P;d64O$zIZZ6l(7UYl%xjYfKI}*Cr?g^6qYW^>zHY!
zG^jM&0OaVV$}%5cL^t+OC%-_WWB#_kgafyqDCFF*y`EaC#=g;Z0DE+pTy^H*m-B`l
zZ}%#=Im9qk_LoEO%MsrbJ$}mxl3Ad=9)MiDf3Oxh+8MQCwMKt2pof{S)v-H@Z~Y9t
z3sR<RcYEqmxT8te`t~7)ZehQYt_xqykkE0b@s}K{bSYY_NYx#xVoepLL$LnShxX!w
zM?%3(TD%M(O56h?1*x4mYiA+rl|Bu;{T<S)-Tm_3I-ky>>wCnd#6aY;JHXBG-Ryzp
zu<`sYDr3r2-rAe|fWx^B*Cna_-|8bb0(_cU({b|;(^b!z?WD|*%_9@lEqNYLH+&mK
z1_s0x(N~A`_wtK*xGa7jsb5WQKCx6${`KD2J&I}6@ymSP*+j|Ssn^eW3R|joO?OoQ
zRvTOkXUNmt@c=kNpJts(pZ55U;FsC2?Q`2qn--=<NA->NgcZ3DF<u5vX%Pj153m?N
zPjOJ0lF2pCb&0e7F3b_*%|}u5XC`-65bz`oF9+ucCTXj+NP4l$`g3=;G{tbejiUtz
z`SP*{#hMPXXj=<S81(@y2Y+wFVWiIDk1F0mS?(7*CXSN`80vmxLZ#frxASj$idNmz
zF_j$UEYyJ&QGH%q8(c!(!rG||(Jz!Gic&n7m_{Y?=kZ^YF!EEn9#U=Pya!wd7xJj9
zN+Y|-v~4q*gmdWj)%0drW)-}0&LTY*`!(DEbB7jj6OeWE2J;_ID)=V^EcB;J=t4>!
zMl$l9(`uLyCcFlNs{+N^rTd7Vn^j}fcT5M{<BhDG2Yv#{^u?r2LDXzi4*K$%*)$ce
zTdiZe8|2Pj!aUH3zR8s2$H&9M4KG_*1XE)yg)9m6pZ59sShx$>#BkTUo7l~MCAD{Q
z*JuarFY1+bX&~HbC`Q_!P?n<Ef!ZSoX~*SBzMbSEB8(&RvSct23d4r4PZegKHcs5E
zo-KZF(a2e>O9;Xa&8-;{50o@_#qjXDgx(z;lRVevYQ9x@R&#UOJuT*PWm|y-7U@SJ
zoqCRVVj8`9f^pl-K;Ix9hR5?Im=EjO)8l*W+e)wf=W;7*fK&B0!84Jwok;=I&Wz0_
z>eH%4#65=A=}RwM3hkZogSV@xDOv-4txYn~!!+N{AqSGyJNrXC%$G9_{4rrep1((C
zqo&U1mOe9IZtF@Na9N{!*$&7~;w)j_`!44(W=0}~kO*N&5QG}GTEe^S7RL{K<gf0i
z(?y~)65})c9r|Ukb=1|hwBE1>p?M~kAq@Ii5&SBZEqYE5aoGXOarn{&p=xM(8D~&@
z)W$`{B|?|XrZe(w!wk+wxXpAMa{{f66;D8jWHToo&bb4$#`UsC<o;r5E|JWy{!L|=
zB+vTG7Z)|O86@0=w|l!9PHD|!js+PCH?`x3_i#IO^u+OS5hu7~)q&0hSLnHh2y<l|
z;zNYG=ucS`Ve)hbv@JH2HM&WOnvf?5kIzokY_!ZIIf>bctHj3iP`D5myq<AsHK$MD
zV_L#&?a<K^q&~kil86q*Z`{>wemynC-u1I5XYqH-dy{pWEtLV;9c2Tp<)6DxH{9;K
znnpKD=lS+U-q&>bJiWhriu9q?oSP0Jh+xa(+KrYFeQs$bWKZ`&*@p=ys`>6JU1?y$
zc!T;dpb!VIRnz9?70D2)azp479t9UCNoTe^ZzHSOk^rGCvRBQD`Mnl$7E1XM3<`To
zv}HqvCLU(he5ItByRo~=dy;P{??dA`O(8rSAkZxtSRhNeleXKaJab;#pZ-MaJt7}{
zPE>lCUo3@Tr>1weV3wqu`8^3RY>cJSU&!hDa4mf_CNpO_tF~g#u6DD?eNjnfuv=!3
zL>gifj~-tp?PN#ULFUa6DoWSCN^NiG9rYCaeq0u3ykeva3#j?>t3AQk-M5#gZF*5P
ztv$?jIakcx3PHxqohE^jxq+Q%orpa0p6`7la!2y^u)sHqC2U+T#2vt|Q}t7|Q}vBg
zxcWGIn0f{W`+C(;$aUgBV*2bXaZB?_X#-LAx5E^My15UcL>7alq;DdtHF``Z;{e({
zR4>p(3Tg8UAoS62K#agk3<-@l<+|xwOukRolf@r6`?U;F1jQpZfZadlO%Tlo-Wgw2
zHwZj#G;Z`pELlxVHr9;gtEB?7ujmoPY7I_^%cTz64+&`UPa}RkTyBmW{YvZb?a$Wn
zfK~cb?VL51Mw1b1gep_AtebrO(Bb~HhDN|^dvP4ON>@cpr`MlQsQp``iR*~Is0x{3
zf9%}_unz}^2IbBC^e@(X+ipbsCo<wJ!fKFuOlrN5fJFoO!p%l(szU65_4iL<l?7oH
zvD={X+|5hf>}9sd`;)Ch>|}Z}6v?NOrob)ijW8~9!2@Wn57ISM1)v=9TzGBhs$QN;
znrdd+5-&?>EMbUzx}szdv##ufVwJL);hnC6xr`V-7SmFgMK~WNf&!5?%JljqyWh+{
zulPrPRc)P&MwsRA?aE`<k5%_2?;4XtKj(}@H%>K1D17oETua7r+jCP?t4wBIsG~hO
z$Y(4zu`#vy5W`o*R6<Zy{_^}oE>s#)4bj+rnKm6Ph_tI=MfV^OEHt-VQBk1+I^wU&
zDr+qJqWSEA1|K)u$WaKf*HH4=t?cScI=f7&O%HJ8)9jYfM)TD^H@Uy6IJWHV_qvPR
zT33l{^l+n^oPe)<(0F^xoT8#!O`RFX^F`*4`@LoMZ#>I211XGeFSlZI<aNOy#l#cR
ziw{nuCAn{>B%>DM+cJmvEHsrq*qV~c8N?B9ISKu&9}FE&-?Onq*z#DjMfa(274$@R
zk_HjWeO7Il-f^^Q5L_M|i6b<AJ5aYgk?Q`!!eor#Sy6~>XlRIRq?qsSXH=?_^Axig
zVRQe5x}?fe2}LBKUkz(P)^9xoCfy3XcFwQD!E)cRYZ#%-TwKiMpd3cMtT4g!ED6rW
zliP;L#EEqMX?6l31m9%E#U;hbbCEmeiW<9ju3z~0h2cm!6)%`DDn_zK2;WO@v`*_0
z27s;R#8%oFmYGy#%YTc?`1{bU(GyM@yLRM!NlitycpU;!4I@<5^Htv1W|XbKKV_ay
zIW_qLVFy#>SmDMek|y?bNGtW32&h(FbHVl>KWAwvU@7gfjo`-}hb5@f)w#1N(OO$j
zI3S6)^haNjf^pry?mfF}W&(0u`<L`^QnEgaAaDnliT5noQ%<zvwOMKv%9F(d!oOHn
zVD-xOdR`GxXK!88dg8-|L)R?EbC?5j;+Gi})7H{LnkM%QdB-h&M~n+A2H!DLfE116
zMn_`f3S!S?5zM{OaiQO2jirU$pD}!~*+(39uJ`jbi_%-av7#r4i`y2#_91%hc(o=I
zC8uJiXxEonVpS70|I#Uszf`b6uz|0cxLkcLtam-K%3JC2GdpLoQ~Y)nVy=AQA|5`{
zZQU7mB2QX*!k_nRF3~o6#?|&mS?#|b(-^PZyQ%+yQqGguple;+q(g0e*Wf*q1vM~!
zhx70rC+YQWNw)d{n>2L-6$MQKMU%Yh!_zF>E9tnIJAwc6Iui9gBMKA>j}yCBK?3}r
z6=zaRaUKaCSsoQ0wYb%LQDi6}Znl^*F1d*v0fK>{|Gm_#;r9BK87acI@mF3%RW@E+
zmfH)<aRPy9{^{vgtyz9lejx@`)pU7m+P_hepCTLfpkrVfN~_Fjk-RU)7Dm>p)RML@
z?b}SYb?(ZSpQ$U|a1=aYMj{dtx--Iku>UdZvC!0f)6nd}95EIcBf}()xFb}HdzTf*
z!Wj_}dBwy#eGL^o{S?x!+d)u5VZ3A)=j~`H8Bg_UnWfdXWJ<B#;xZa--+sl!+#S;)
z2&5KjynTze-4(=*MFsP2tkD;HC#BZE&HG{-#;TN36xFYCahH`&kw*QUU+<3pj+Kia
zN)P1b7iI>qaD#Z?Hqp@|ghgqHv(n=T38=mwUr9^1JRA@`YmW#~K9o;Q{*)Ta&&tIB
zGBPoJeOmBk+={fbNSBNX=4(g_676SWNun4C0E8#2m|~uou|&9K92p54n1cF}-u7E}
zWh8f?0vwZSlIr>eO@+VvU>XMj*s&NGP2`d}V##|hxHGxG>B#3G_D9}X@Cd{TMMz~v
zqSPW4qU*#raR@+E;AIX&Nuo38LbSUAms1AzGyBe3jUp0_AJJ+VWhA`5ag2q(s&i2}
z4oZzE>b+IG#f5x6t%zZR&zui+_#@kt6xtSzsuyj1RYhN2sI6|==hUcPmhv)^(yay(
zmHy<{F&+vgNMo2sY$v7LI2sQnc>k2x*3`6Q2O7pzz)rgbd^y0Rzg`VXK#&FTnVPja
zkVxOW58w-DTnP!Ym)LV^Cu3T~VO%6}-J859!GBSTy>UNGa~zcd_=+iDVK`}H*&-O=
z+sGA_#3kdMDQX+4t~2I4w0<@9{MQwevD@bHM>9K&{-j(sL@)b<L1aYjoCnJNhoj@c
zLB|3bE*5Y}jQW<s^sHZ&U>dtY>oOC9lWN0dYoRKq%EZZ2R~efwdKTp=$H(QbZ@GGM
z8`m{;G^vY+CN~vuOdVg<6`<+JaR9rh;>Y<%gZgJ@&(J2OyLFKCh!!i$<m|~r4#-)W
z(XWVihuLzTBW8?30Loaub0)|*%s;zg<a|-LsqlpoREck=FP<xN8!<;9<IXOs>y@~!
zUci?5jbwY<+}Pdt`hR!M!AaJ^&SR)&tCDS1!5{a1IqY`I$VCM_YuibfkjW+=(54e4
zP-)3$TTRF!iuTn$!Q!DSPbr?A*2!kG$8MI*MkNS^A{J>w2srbi(GCXZ>z(Cw6p8gh
z9mBqdS5b;cj>uG9WP_5^RGP%H7rAR%ytEi8M)X%%?)@TF5u*8Tr~5e_y&3VEG^BXP
z)+k5amcyf75_7zHAX*L9!u5bIO*iHe8|l3*$Lyorw%p-x;!SqCz3%#8#DLpwD64nS
zW4)(0ia=EkOk#1t5X4M*)xLUy_&q>z8YHH})R!rIX6oozS77Ypc~L+26JjRRx?=dN
zM*F)<_V@|rfK>qsho?pRh{9IxuDcGaz@_?5Ra3^A6)d0qglg2nWrg@^yuLSx-SI?9
zeGX0AvG3FI(y8L-w7A0I!qtWvW=|ceZP{!)Zp5i<zN}^MdX1^|ujW*{VY_j=LEG+p
zrEfaepYMkyGNRLNdgXfMBMM?cIzjR#>UHs2y)l)@>Iix~G?yf63KlzmjWAv8+G$};
zx!<pU|I9URtN2b0c0&rpcYI$$kGH|*&;RwlBo_VcVSN4hx^9)asn$ncWv`e_x;M;r
z@{x$cfoDfLji!C`SSgZd2*Q5OqVFF~^&}||QUg+0V%P?cYi+2mw9<z8>tK>E<ZrI5
zOL)Gh_`P-0wr`mYfTzcV&YatE0!LalGQ(;1%x~UXYG`Hit`1SZ_f))HKb0DoXl%Nq
z7M^h^(Ov&y?xWe``;C#_;kO0#C-eR|j09H%zmRTq3Uq9zC>P5((nwJcS;W=HH@E)R
zi`W{*G+T)Y6-vt(ywi%gX0y?b1IY#9m<s2Ys7VYhbgg$(*t1{rj6>rDX@3U}ZC6n{
z`G#)4WiC<irtmbEJH0&J<t^a!^5&lCt&FcPI9Aiq`&K{SSnP?HkT#dmSn!05GVF2}
z;kHy&zQ$1&8^IKDz^A82I8=UYt9-E@CI3mS%B<D}MO^K+%zAj53%$916nCT@9s5JE
zCqm8zm0Y1}l}?e3+Bp=jcG9NDO5s|V>qWIyXwxcs-aR{q2x09v#*&{zQf-A_o|OLl
zk*N2X2A`@iB>3v4wzPrl3O_WFET)lW7U6`VgYZTTsgY0AlmXt2bw@I@Cp>eK2(+%u
zNnn3XtDdKVD#2+ypk!aq$0;Js<olr+ZEkl%>1ns<ise`{Qjx!4w8l6iEdiW+{W~6|
zUs;3#lN<x<N@K|-%68q<*z~}`!pKm_PQJk#%M+|{CwM{2n&T@|gWuWsOY6g3=ZHD<
zOYwwJ0q$jgSA^~NuGGm`nP9gnG5un&c8>ekf~^MOoCM`;QK-3t!zh;e-8D18FYT(G
zW;UDD%oY`&@K4Ye`4#*cX$BT+%H$407mOOKL+csWuQTmrw)i$UO=Niqb(i>WJlpq2
zd!ug8L3@*%_ujmt-o<o<Z!&c2M-d+@TEp2k7rKFyrh-3Qoi~!fje<gsPpuer#G6RA
zOhO`p1!ni+!oM9Ir&;pIWxSwIt7$nq5;wRZ-7-cB!j8@0?-2DXbj5AsGt#!;ia*bo
zZ<5LG`0NJ{IFxXoL7(*wGGxV_dYx6KnNfHRuywbjOK|&jw`>ca*L=6!>5D*?PS2Xq
zc4_c#Sy(&?$67$-9)HR1z?Xc1j!lgsx}H^_bOJP-gcr?*i*RiBgDHv}SgrDkEdV=_
z(;(sMwgvLQg_hAobI&UJu>7dH29p_lB5J&$6+W5}yb8o`<tJP=s-HVa2<akG;8~uu
zhl~K&t+M+G)52T#qO2tdCZa6!AxO5yQcA$-TdO8{;9yOu&awd9K=7gMhxbcuXI)4e
zBlr1O#oqT96hbdZ^cmW_^it2hY=qmeDj)Y)&b1}Cp2){bn7;Z}B*!1<Gc@O?Z#y}k
z(DQSiMCdmWZb%n{8=spUiOU?}zJO`!#ioTJYl%?f!%C^=gOF4{0|Da1!YyGTZFj@2
zLfCV}8uqp|^eg$~YxavuPfOc&bbF)L+z;-_7Mms-=G`2Fc;6D=W)o3kp*O0^JhDGI
zhW_?WR>Zlt_tI2ZkO;smi^{G1IFH|BP{!abZ2Cr%HJMXj&vTj!<>Q!FAMX9Pvr`IB
zb!XniF>Q9WW9hl1{ljyFG%4j3d6AJJ=k;+%Z;oT5ztr*F>l<9nP`=;%aigiTInes(
zP$hw-d?Nk%mjH>zmH{!@4;JTHW|pSdxjB!$Koa@M4X&Mn{4S+@bCT58C6~5#D;E!h
zC?u<2h^AOuWWK(AV~^)<iveoM5cq*kY>f4J>(c^28blD%h?xmMPz6;;?^^XiIcafs
zuq2Q}ZmnE<`JHb07-Gq)W`6*}EkqJj-J@&vQoplf)=mvPJR!JA@RUmvumFE$%No@a
zyjn?3-AnXXxIaK%IT~!zJ~vpK$o+IFRtP%2&kk;qy?Dag>tQ-pW#-7CF=61SD(PJ{
zkq5MH=?oI{_lDM~W!G9Xv+Z{2x0u!o4192LF0#}ntYi1;ba-Sl>RA8yo>;FiRL>-y
zGVe=|))&9;>Fw1D>5cp56Zncvmy_;?dGo6N0ip@5!HTxF&rU?T#eRRS(ZWIsMIwX(
z|M_A)6!@pLqUOajBtd*a=zj<p{%_v}6!f1T3#pMzNRXg41Rx{^WHbnz9|TV1gCGI_
z_o*!esfEP|2H^vO-vPORU|uK}5NK-11$aETO!(eCZq@P{!rmE~vhpPAfRR{g+<B2&
zkx(J<M>8TYB-;OVX86clfCNoUh9Oajg82C00J=Z=06JSbtpA)qA;3SJ5C4#X_+ZdS
zqJV$OU|<kD@eGE<gaAQce_H{;;jqUf|Dgfq1^r=}_@@j6`NMtj4;e2M&ii)+U?AVW
zWW0a=JUr?m9<~1`d@%44pT7)3;Jkc~oi6`y0tP_&{&oxjga4%q27&>9>w@^;{~h!n
z{{R3827&$U7yyF&3ts>j_%CEYZ~*v`Ug6L2KZ$@~P~hJIKI+2%Mil@<0O9`{95@W{
zw?XhDjo;t!KRV|7`#KN|_NOoCAHe`%AmHEE0pP$tb^IUv|8LZA;J;7+!5-85+aMgs
z_qPlP1VaDL81z`Ye`gHh13>;e;s4<OsLc0w(EuT!M?n9X2?!1bJkpo^BRdcu5dQbj
zJ?et~CF27@{~z`cu)iIH_`u-5GXe5Fy7}8N@ZYe4;Qx=ii4Ow%dq_Y)5cq$|5dT#)
z5b!^s`I9E-u~`3x`jKYl4=>9<QGkH|@UQ$+1_S@AjzDneKPQMk_=6uOgTJ8x^TObN
z8-#%Q`2HSG2ps;eO6LUwLH|9*f1=`rf&Y~V7{Cif{B7`2_g~fecpvlqZ4e9s|7%)%
z%;OKe&7b3ciW>SjPyUzegM*=kwTZ(c?+hK!D+_lMWIAYKrZ5tn-s9{c4wnE+LLgu<
zpePg!<P{YMNC0`I#Kk0GyrNRVg8#o)=>B2(ar|KD@WIu=#1sn(c?<`OnORa<3hVy^
Df5Z$t

diff --git a/tzpfms.ps b/tzpfms.ps
index a00bf52..1c7779f 100644
--- a/tzpfms.ps
+++ b/tzpfms.ps
@@ -1,15 +1,15 @@
 %!PS-Adobe-3.0
 %%Creator: groff version 1.23.0
-%%CreationDate: Tue Mar  5 21:49:23 2024
+%%CreationDate: Tue Mar  5 21:51:05 2024
 %%DocumentNeededResources: font Times-Roman
 %%+ font Times-Bold
 %%+ font Courier-Bold
 %%+ font Courier-Oblique
 %%+ font Courier
-%%+ font Symbol
 %%+ font Times-Italic
+%%+ font Symbol
 %%DocumentSuppliedResources: procset grops 1.23 0
-%%Pages: 10
+%%Pages: 15
 %%PageOrder: Ascend
 %%DocumentMedia: Default 595 842 0 () ()
 %%Orientation: Portrait
@@ -237,8 +237,8 @@ setpacking
 %%IncludeResource: font Courier-Bold
 %%IncludeResource: font Courier-Oblique
 %%IncludeResource: font Courier
-%%IncludeResource: font Symbol
 %%IncludeResource: font Times-Italic
+%%IncludeResource: font Symbol
 grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
 def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 /Zcaron/scaron/zcaron/Ydieresis/trademark/quotesingle/Euro/.notdef
@@ -276,20 +276,389 @@ def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 %%BeginPageSetup
 BP
 %%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-ADD-B)72 48 Q -.4(AC)-.35 G 42.103
+(KUP\(8\) System).4 F(Manager')2.5 E 2.5(sM)-.55 G 39.602
+(anual ZFS-FIDO2-ADD-B)-2.5 F -.4(AC)-.35 G(KUP\(8\)).4 E/F1 10
+/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-add-backup)108 96 Q F0 2.5<8a61>2.5 G(llo)-2.5 E 2.5(wa)-.25
+G(nother FIDO2 de)-2.5 E(vice to unlock ZFS dataset)-.25 E F1(SYNOPSIS)
+72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0
+SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After)108 153.6 Q/F4 10
+/Courier@0 SF(zfs-fido2-change-key)7.564 E F0 5.064(\(8\) deri)B -.15
+(ve)-.25 G 7.563(st).15 G 5.063(he k)-7.563 F 5.363 -.15(ey f)-.1 H
+5.063(or a dataset from a FIDO2 de).15 F(vice,)-.25 E F2
+(zfs-fido2-add-backup)108 165.6 Q F0(may be e)2.5 E -.15(xe)-.15 G
+(cuted to e).15 E(xtend this to an)-.15 E 2.5(yn)-.15 G
+(umber of additional de)-2.5 E(vices.)-.25 E .273(First, the wrapping k)
+108 182.4 R .574 -.15(ey i)-.1 H 2.774(se).15 G .274
+(xtracted as normally during)-2.924 F F4(zfs-fido2-load-key)2.774 E F0
+.274(\(8\), then a credential)B 1.604(is made as-if during)108 194.4 R
+F4(zfs-fido2-change-key)4.104 E F0 1.604(\(8\) \(e)B 1.604
+(xcept the "primary" de)-.15 F 1.603(vice and all the ones)-.25 F .185
+(holding backups are e)108 206.4 R .185(xcluded from the search\); ho)
+-.15 F(we)-.25 E -.15(ve)-.25 G .985 -.4(r, t).15 H(he).4 E F4
+(hmac-secret)2.685 E F0 .185(is instead used as a sym-)2.685 F 1.555
+(metric AES-256-GCM \()108 218.4 R F4(EVP_CIPHER-AES)A F0 1.555
+(\(7ssl\)\) k)B 1.855 -.15(ey t)-.1 H 4.055(oe).15 G 1.555
+(ncrypt the wrapping k)-4.055 F 1.855 -.15(ey d)-.1 H 1.555
+(irectly with a).15 F(random IV)108 230.4 Q(.)-1.29 E(This turns the)108
+247.2 Q F4(xyz.nabijaczleweli:tzpfms.key)2.5 E F0 -.25(va)2.5 G
+(riable into).25 E F3(salt)108 259.2 Q F2(:)A F3(credential-ID)A F2(:)A
+F3(credential-public-key)A F0([)A F2(.)A F3(backup-salt)A F2(:)A F3
+(backup-credential-ID)108 271.2 Q F2(:)A F3
+(backup-credential-public-key)A F2(:)A F3(IV)A F2(:)A F3(encrypted-key)A
+F0 1.666(]...)C F4(tzpfms.key)108 288 Q F0 2.238
+(is actually a dot-separated list of de)4.738 F 2.238(vice b)-.25 F
+4.738(undles. The)-.2 F 2.239(\214rst one is as-described in)4.738 F F4
+(zfs-fido2-change-key)108 300 Q F0 5.181(\(8\). Subsequent)B 2.681
+(ones also include \(identically-encoded\) IVs and en-)5.181 F
+(crypted blobs.)108 312 Q F4(zfs-fido2-load-key)108 328.8 Q F0 .081
+(\(8\) shops assertions around de)B .081(vices in a de)-.25 F .082
+(vice-major order \212 depending on)-.25 F(de)108 340.8 Q
+(vice numbering, a backup may be loaded e)-.25 E -.15(ve)-.25 G 2.5(ni)
+.15 G 2.5(ft)-2.5 G(he primary de)-2.5 E(vice is present.)-.25 E F1
+(ENVIR)72 357.6 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4
+(TZPFMS_PASSPHRASE_HELPER)108 369.6 Q F0 .046(By def)133 381.6 R .045(a\
+ult, passphrases are prompted for and read in on the standard output an\
+d input streams.)-.1 F(If)5.045 E F4(TZPFMS_PASSPHRASE_HELPER)133 393.6
+Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G
+1.596(ill be run via)-4.096 F F4(/bin/)4.096 E F2 3.262(sh \255c)B F0
+(to)4.096 E(pro)133 405.6 Q(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 422.4 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 434.4 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 446.4 Q F0
+(Pre-formatted noun phrase with all the information belo)160 446.4 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 458.4 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 458.4 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 470.4 Q F0("ne)160
+470.4 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 482.4 Q F0("ag)160 482.4 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 499.2 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+511.2 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 528 R(En)87 540 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 552 Q F0
+(If set, enables lib\214do2 deb)173 552 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 568.8 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 580.8 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 592.8 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 609.6 R F0
+(The lib\214do2 documentation at https://de)108 621.6 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 638.4 R
+F0 1.6 -.8(To a)108 650.4 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 662.4 Q F0(ThePhD)7.5 E F1<83>
+128 674.4 Q F0(Embark Studios)7.5 E F1<83>128 686.4 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 698.4 Q F0(EvModder)7.5 E F1(REPOR)72 715.2 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 727.2 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 744 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 756 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 2
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
+SF(zfs-fido2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
+-2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne authenticated by a FIDO2 de)
+-2.5 E(vice)-.25 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108
+124.8 Q F0([)2.5 E F2<ad62>1.666 E/F3 10/Courier-Oblique@0 SF
+(backup-file)6 E F0(])A F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0
+2.867 -.8(To n)108 153.6 T 1.267(ormalise the).8 F F3(dataset)3.767 E F0
+(,)A F2(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the FIDO2 de)108 194.4 Q(vice, which)
+-.25 E F4(must)2.5 E F0(support the)2.5 E F5(hmac-secret)2.5 E F0 -.15
+(ex)2.5 G(tension.).15 E(If)108 211.2 Q F3(dataset)3.555 E F0 -.1(wa)
+3.555 G 3.555(sp).1 G(re)-3.555 E 1.054(viously encrypted with)-.25 F F2
+(fzifdso)3.554 E F0 1.054(and the)3.554 F F1(FIDO2)3.554 E F0 1.054
+(back-end w)3.554 F 1.054(as used, pre)-.1 F(vious)-.25 E 1.272
+(credentials will be deleted from their de)108 223.2 R 1.272
+(vices \(as-if via)-.25 F F5(zfs-fido2-clear-key)3.773 E F0 1.273
+(\(8\)\), if a)B -.25(va)-.2 G(ilable.).25 E .594
+(Otherwise, or in case of an error)108 235.2 R 3.093(,d)-.4 G .593
+(ata required for manual interv)-3.093 F .593
+(ention will be written to the standard)-.15 F(error stream.)108 247.2 Q
+(Ne)108 264 Q .464(xt, a ne)-.15 F 2.964(wc)-.25 G .464
+(redential of type ES256 is generated on the de)-2.964 F .465
+(vice \(with relying party ID)-.25 F F5(fzifdso)2.965 E F0(and)2.965 E
+.499(name equal to the dataset name\) with the)108 276 R F5(hmac-secret)
+2.999 E F0 -.15(ex)2.999 G .499(tension requested; the de).15 F .499
+(vice PIN, if an)-.25 F -.65(y,)-.15 G(is prompted for here.)108 288 Q
+(This mimicks a W)5 E(ebAuthn re)-.8 E(gistration step.)-.15 E .962(The\
+n, the credential is asserted with a 32-byte random salt, which hashes \
+it with de)108 304.8 R(vice-pri)-.25 E -.25(va)-.25 G .963(te data,).25
+F .138(and thus generates the wrapping k)108 316.8 R .438 -.15(ey \()-.1
+H .138(which is optionally back).15 F .138(ed up \(see)-.1 F F1(OPTIONS)
+2.637 E F0 2.637(\)\). This)B .137(mimicks a)2.637 F -.8(We)108 328.8 S
+(bAuthn login step.).8 E(The follo)108 345.6 Q
+(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
+357.6 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(FIDO2)A<83>
+128 369.6 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3(salt)A F2
+(:)A F3(credential-ID)A F2(:)A F3(credential-public-key)139 381.6 Q F0
+([)A F2(.)A F0 1.666(...)1.666 G 1.666(]...)-1.666 G F5(tzpfms.backend)
+108 398.4 Q F0 2.707(identi\214es this dataset for w)5.207 F 2.708
+(ork with)-.1 F F1(FIDO2)5.208 E F0(-back-ended)A F2(tzpfms)5.208 E F0
+2.708(tools \(i.e.)5.208 F F2(fzifdso)108 410.4 Q F5
+(zfs-fido2-change-key)60.228 E F0(\(8\),)A F5(zfs-fido2-load-key)56.727
+E F0(\(8\),)A F5(zfs-fido2-add-backup)108 422.4 Q F0(\(8\), and)A F5
+(zfs-fido2-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 439.2 Q F0
+.486(is a colon-separated tuple of unpadded URL-safe base64 blobs; the \
+\214rst one is the ran-)2.985 F .217(dom salt; the second represents th\
+e ID of created credential, and the third \211 its public k)108 451.2 R
+-.15(ey)-.1 G 5.217(.T)-.5 G .216(here e)-5.217 F(xists)-.15 E
+(no other user)108 463.2 Q
+(-land tool for deciphering this; perhaps there should be.)-.2 E
+(Finally)108 480 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25
+G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.172 E F5
+(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5(keyformat=raw)108 492 Q
+F3(dataset)6.107 E F0 .107(is performed with the ne)2.607 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .106(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
+(to clean up the properties, or to issue a note for manual interv)108
+504 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 520.8
+S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-fido2-load-key \255n)4.056 F F3(dataset)7.556 E F0
+6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
+(command succeeds, all is well, b)108 532.8 R .729
+(ut otherwise the dataset can be manually rolled back to a passphrase)
+-.2 F(with)108 544.8 Q F2(zfs-fido2-clear-key)5.146 E F3(dataset)8.646 E
+F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
+10.313 E F5(keyformat=passphrase)108 556.8 Q F3(dataset)6 E F0
+(\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
+F2(zfs-fido2-clear-key)108 573.6 Q F3(dataset)7.607 E F0 1.607
+(can be used to clear the properties and go back to using a)4.107 F
+(passphrase.)108 585.6 Q F1(OPTIONS)72 602.4 Q F2<ad62>109.666 614.4 Q
+F3(backup-file)6 E F0(Sa)203 614.4 Q .352 -.15(ve a b)-.2 H .052
+(ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
+F .694(This back-up)203 626.4 R F4(must)3.194 E F0 .694
+(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 638.4 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 650.4 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F1(ENVIR)72 667.2 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35
+E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q F0 .045(By def)133 691.2 R
+.045(ault, passphrases are prompted for and read in on the standard out\
+put and input streams.)-.1 F(If)5.046 E F5(TZPFMS_PASSPHRASE_HELPER)133
+703.2 Q F0 1.596(is set and nonempty)4.096 F 4.096(,i)-.65 G 4.096(tw)
+-4.096 G 1.596(ill be run via)-4.096 F F5(/bin/)4.095 E F2 3.261
+(sh \255c)B F0(to)4.095 E(pro)133 715.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 732 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(fzifdso 0)72 817.889 Q
+(March 4, 2024)161.068 E(1)191.337 E 0 Cg EP
+%%Page: 2 3
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 136.8 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
+1.666(FIDO2 back-end con\214guration)72 165.6 R(En)87 177.6 Q(vir)-.4 E
+.625(onment v)-.18 F(ariables)-.1 E F1(FIDO_DEBUG)108 189.6 Q F0
+(If set, enables lib\214do2 deb)173 189.6 Q
+(ug logging to the standard error stream.)-.2 E F2(De)87 206.4 Q .625
+(vice selection)-.15 F F0 .726(When creating, the \214rst de)108 218.4 R
+.726(vice which supports the)-.25 F F1(hmac-secret)3.227 E F0 -.15(ex)
+3.227 G .727(tension is used.).15 F .727(When loading,)5.727 F
+(the assertion is shopped around to e)108 230.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F2 .625(See also)87 247.2 R F0
+(The lib\214do2 documentation at https://de)108 259.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F2 1.666(SPECIAL THANKS)72 276 R
+F0 1.6 -.8(To a)108 288 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F2<83>128 300 Q F0(ThePhD)7.5 E F2<83>128
+312 Q F0(Embark Studios)7.5 E F2<83>128 324 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F2<83>128 336 Q F0(EvModder)7.5 E F2(REPOR)72 352.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 364.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F1
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 381.6 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 393.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(March 4, 2024)161.068 E(2)191.337 E 0 Cg EP
+%%Page: 1 4
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 50.243(ZFS-FIDO2-CLEAR-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 47.742(anual ZFS-FIDO2-CLEAR-KEY\(8\))-2.5
+F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-clear-key)108 96 Q F0 3.587<8a72>3.587 G -.25(ew)-3.587 G
+1.087(rap ZFS dataset k).25 F 1.387 -.15(ey i)-.1 H 3.587(np).15 G
+(asssw)-3.587 E 1.087(ord and clear tzpfms FIDO2 meta-)-.1 F(data)108
+108 Q F1(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(FIDO2)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F
+-.25(va)-.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.307 E/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. loads)118
+201.6 R .79(the primary and e)3.29 F -.15(ve)-.25 G .79
+(ry backup credential, and for each success, if the de).15 F .791
+(vice containing it)-.25 F(supports the)133 213.6 Q F4(credMgmt)2.5 E F0
+(feature and has a PIN set, tries to delete the credential from the de)
+2.5 E(vice,)-.25 E 5(3. remo)118 225.6 R -.15(ve)-.15 G 10.689(st).15 G
+(he)-10.689 E F4(xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A
+F0(,)A F4(key)14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3
+(dataset)133 237.6 Q F0(.)A -.15(Fo)108 254.4 S 5.859(re).15 G -.15(ve)
+-6.109 G 3.359(ry remo).15 F -.25(va)-.15 G 5.859(lf).25 G 3.359
+(ailure and missing de)-5.959 F 3.36
+(vice or PIN an instruction for manual remo)-.25 F -.25(va)-.15 G 5.86
+(lw).25 G(ith)-5.86 E F4(fido2-token)108 266.4 Q F0(\(1\) is issued.)A
+(See)108 283.2 Q F4(zfs-fido2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(ENVIR)72 300 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 312 Q F0 .046
+(By def)133 324 R .045(ault, passphrases are prompted for and read in o\
+n the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 336 Q F0 1.595(is set and nonempty)4.095 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 348 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 364.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 376.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 388.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 388.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 400.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 400.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 412.8 Q F0("ne)160
+412.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 424.8 Q F0("ag)160 424.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 441.6 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+453.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 470.4 R(En)87 482.4 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 494.4 Q F0
+(If set, enables lib\214do2 deb)173 494.4 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 511.2 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 523.2 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 535.2 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 552 R F0
+(The lib\214do2 documentation at https://de)108 564 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 580.8 R
+F0 1.6 -.8(To a)108 592.8 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 604.8 Q F0(ThePhD)7.5 E F1<83>
+128 616.8 Q F0(Embark Studios)7.5 E F1<83>128 628.8 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 640.8 Q F0(EvModder)7.5 E F1(REPOR)72 657.6 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 669.6 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 686.4 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 698.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(March 4, 2024)161.068 E(1)191.337 E 0 Cg EP
+%%Page: 1 5
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-LO)72 48 Q 55.603(AD-KEY\(8\) System)
+-.35 F(Manager')2.5 E 2.5(sM)-.55 G 53.102(anual ZFS-FIDO2-LO)-2.5 F
+(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
+/Courier-Bold@0 SF(zfs-fido2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
+(oad FIDO2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 1.142(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.642 E F0 -.1
+(wa)3.642 G 3.641(se).1 G 1.141(ncrypted with)-3.641 F F2(tzpfms)3.641 E
+F0(back)3.641 E(end)-.1 E F1(FIDO2)3.641 E F0 3.641(,a)C 1.141
+(sserts the preserv)-3.641 F 1.141(ed chal-)-.15 F(lenge, HMA)108 165.6
+Q(Cking the salt with the on-de)-.4 E
+(vice secret, and loads the resulting k)-.25 E .3 -.15(ey i)-.1 H(nto)
+.15 E F3(dataset)2.5 E F0(.)A(See)108 182.4 Q/F4 10/Courier@0 SF
+(zfs-fido2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
+(OPTIONS)72 199.2 Q F2<ad6e>109.666 211.2 Q F0 3.208
+(Do a no-op/dry run, can be used e)131 211.2 R -.15(ve)-.25 G 5.708(ni)
+.15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708
+(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.208 E -.25(va)-.25 G
+3.208(lent to).25 F F2(zfs)5.708 E(load-key)131 223.2 Q F0 -.55('s)C F2
+<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 240 Q 1.666(ONMENT V)-.3 F
+(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 252 Q F0 .046(By def)
+133 264 R .045(ault, passphrases are prompted for and read in on the st\
+andard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 276 Q F0 1.595(is set and nonempty)4.095 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 288 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 304.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 316.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 328.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 328.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 340.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 340.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 352.8 Q F0("ne)160
+352.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 364.8 Q F0("ag)160 364.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 381.6 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+393.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666(SPECIAL THANKS)
+72 410.4 R F0 1.6 -.8(To a)108 422.4 T(ll who support further de).8 E
+-.15(ve)-.25 G(lopment, in particular:).15 E F1<83>128 434.4 Q F0
+(ThePhD)7.5 E F1<83>128 446.4 Q F0(Embark Studios)7.5 E F1<83>128 458.4
+Q F0(Jasper Bekk)7.5 E(ers)-.1 E F1<83>128 470.4 Q F0(EvModder)7.5 E F1
+(REPOR)72 487.2 Q 1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108
+499.2 Q(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 516 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 528 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 6
+%%BeginPageSetup
+BP
+%%EndPageSetup
 /F0 10/Times-Roman@0 SF 93.563(ZFS-TPM-LIST\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 91.062(anual ZFS-TPM-LIST\(8\))-2.5 F/F1
 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm-list)108 96 Q F0 2.5<8a70>2.5 G(rint dataset tzpfms metadata)
--2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
-<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10
-/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A F2
-<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
-<ad6c>1.666 E F0(])A([)186 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
+-2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)
+2.5 E F2<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E
+/F3 10/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A
+F2<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
+<ad6c>1.666 E F0(])A([)234 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
 1.666(]...)C F1(DESCRIPTION)72 153.6 Q F0(Lists the follo)108 165.6 Q
 (wing properties on encryption roots:)-.25 E/F4 10/Courier@0 SF(name)128
-177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.979 E F0
+177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.978 E F0
 .478(back-end \(e.g.)2.978 F F1(TPM2)2.978 E F0(for)2.978 E F4
-(zfs-tpm2-change-key)2.978 E F0 .478(\(8\) or)B F1(TPM1.X)2.978 E F0
+(zfs-tpm2-change-key)2.978 E F0 .478(\(8\) or)B F1(TPM1.X)2.979 E F0
 (for)187 201.6 Q F4(zfs-tpm1x-change-key)2.5 E F0(\(8\)\), or ")A F1(-)A
 F0 2.5("i)C 2.5(fn)-2.5 G(one is con\214gured)-2.5 E F4(keystatus)128
 213.6 Q F1 -2.1 -.25(av a)187 213.6 T(ilable).25 E F0(or)2.5 E F1(una)
@@ -300,18 +669,18 @@ F0 2.5("i)C 2.5(fn)-2.5 G(one is con\214gured)-2.5 E F4(keystatus)128
 2.5 E F1(no)2.5 E F0(otherwise)2.5 E 8.743(Incoherent datasets require \
 immediate operator attention, with either the appropriate)108 254.4 R F2
 (zfs-tpm)108 266.4 Q/F5 10/Symbol SF(*)A F2(-clear-key)A F0 1.778
-(program or)4.277 F F2 1.778(zfs change-key)4.278 F F0(and)4.278 E F2
+(program or)4.278 F F2 1.778(zfs change-key)4.278 F F0(and)4.278 E F2
 1.778(zfs inherit)4.278 F F0 4.278<8a69>4.278 G 4.278(ft)-4.278 G 1.778
-(he k)-4.278 F 2.078 -.15(ey b)-.1 H(e-).15 E .566(comes unloaded, the)
-108 278.4 R 3.066(yw)-.15 G .566(ill require restoration from back-up.)
--3.066 F(Ho)5.566 E(we)-.25 E -.15(ve)-.25 G 1.366 -.4(r, t).15 H .566
-(his should ne).4 F -.15(ve)-.25 G 3.065(ro).15 G(ccur)-3.065 E 3.065
-(,u)-.4 G(nless)-3.065 E
+(he k)-4.278 F 2.077 -.15(ey b)-.1 H(e-).15 E .565(comes unloaded, the)
+108 278.4 R 3.065(yw)-.15 G .566(ill require restoration from back-up.)
+-3.065 F(Ho)5.566 E(we)-.25 E -.15(ve)-.25 G 1.366 -.4(r, t).15 H .566
+(his should ne).4 F -.15(ve)-.25 G 3.066(ro).15 G(ccur)-3.066 E 3.066
+(,u)-.4 G(nless)-3.066 E
 (something went horribly wrong with the dataset properties.)108 290.4 Q
 .965(If no datasets are speci\214ed, all matching encryption roots are \
-listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
+listed \212 by def)108 307.2 R .965(ault, those managed by)-.1 F F2
 (tzpfms)108 319.2 Q F0(.)A F1(OPTIONS)72 336 Q F2<ad48>109.666 348 Q F0
-1.583(Scripting mode \212 remo)185 348 R 1.883 -.15(ve h)-.15 H 1.583
+1.582(Scripting mode \212 remo)185 348 R 1.882 -.15(ve h)-.15 H 1.583
 (eaders and separate \214elds by a single tab instead of).15 F
 (columnating them with spaces.)185 360 Q F2<ad72>109.666 376.8 Q F0
 (Recurse into all descendants of speci\214ed datasets.)185 376.8 Q F2
@@ -326,26 +695,28 @@ listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
 G(re una)-2.5 E -.25(va)-.2 G(ilable.).25 E F2<ad6c>109.666 446.4 Q F0
 (List only encryption roots whose k)185 446.4 Q -.15(ey)-.1 G 2.5(sa).15
 G(re a)-2.5 E -.25(va)-.2 G(ilable.).25 E F1(EXAMPLES)72 463.2 Q F4($)
-108 475.2 Q F2(zfs-tpm-list)6 E F4 72(NAME BACK-END)108 487.2 R 18
-(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
+108 475.2 Q F2(zfs-fido2-add-backup)6 E F4 72(NAME BACK-END)108 487.2 R
+18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
 (available yes)24 F 6(tarta-zoot/home TPM2)108 511.2 R 6
-(unavailable yes)36 F($)108 535.2 Q F2 1.666(zfs-tpm-list \255ad0)6 F F4
-24(NAME BACK-END)108 547.2 R 6(KEYSTATUS COHERENT)12 F 6(filling -)108
-559.2 R 6(available yes)54 F($)108 583.2 Q F2 1.666(zfs-tpm-list \255b)6
-F F1(TPM2)6 E F4 72(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F
-6(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
-F2 1.666(zfs-tpm-list \255ra)6 F F3(tarta-zoot)6 E F4 72(NAME BACK-END)
-108 643.2 R 18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 655.2 R
-18(available yes)24 F 6(tarta-zoot/home TPM2)108 667.2 R 6
-(unavailable yes)36 F 12(tarta-zoot/bkp -)108 679.2 R 18(available yes)
-54 F 18(tarta-zoot/vm -)108 691.2 R 18(available yes)54 F($)108 715.2 Q
-F2 1.666(zfs-tpm-list \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
+(unavailable yes)36 F($)108 535.2 Q F2 1.666
+(zfs-fido2-add-backup \255ad0)6 F F4 24(NAME BACK-END)108 547.2 R 6
+(KEYSTATUS COHERENT)12 F 6(filling -)108 559.2 R 6(available yes)54 F($)
+108 583.2 Q F2 1.666(zfs-fido2-add-backup \255b)6 F F1(TPM2)6 E F4 72
+(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F 6
+(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
+F2 1.666(zfs-fido2-add-backup \255ra)6 F F3(tarta-zoot)6 E F4 72
+(NAME BACK-END)108 643.2 R 18(KEYSTATUS COHERENT)12 F 36
+(tarta-zoot TPM1.X)108 655.2 R 18(available yes)24 F 6
+(tarta-zoot/home TPM2)108 667.2 R 6(unavailable yes)36 F 12
+(tarta-zoot/bkp -)108 679.2 R 18(available yes)54 F 18(tarta-zoot/vm -)
+108 691.2 R 18(available yes)54 F($)108 715.2 Q F2 1.666
+(zfs-fido2-add-backup \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
 (KEYSTATUS COHERENT)12 F 54(filling -)108 739.2 R 6(available yes)54 F
 36(tarta-zoot TPM1.X)108 751.2 R 6(available yes)24 F 12
 (tarta-zoot/bkp -)108 763.2 R 6(available yes)54 F 18(tarta-zoot/vm -)
 108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-29-g1d39364)72 817.889
 Q(December 4, 2022)82.463 E(1)183.842 E 0 Cg EP
-%%Page: 2 2
+%%Page: 2 7
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -358,11 +729,11 @@ BP
 (EvModder)7.5 E F1(REPOR)72 160.8 Q 1.666(TING B)-.4 F(UGS)-.1 E F0
 (https://todo.sr)108 172.8 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms)-.25
 E/F2 10/Courier@0 SF(\001nabijaczleweli/tzpfms@lists.sr.ht)108 189.6 Q
-F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 201.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-29-g1d39364)72 817.889 Q(December 4, 2022)82.463 E
 (2)183.842 E 0 Cg EP
-%%Page: 1 3
+%%Page: 1 8
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -371,159 +742,161 @@ BP
 -2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
 SF(zfs-tpm1x-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
 -2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3
-(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T
-5.267(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766
-E F0 5.266(will open its encryption root in its stead.)7.766 F F2
-(zfs-tpm-list)108 165.6 Q F0(will)2.5 E/F4 10/Times-Italic@0 SF(ne)2.5 E
-(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)
--2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
-(First, a connection is made to the TPM, which)108 182.4 Q F4(must)2.5 E
-F0(be TPM-1.X-compatible.)2.5 E(If)108 199.2 Q F3(dataset)3.176 E F0 -.1
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666
+E F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 2.866 -.8(To n)108 153.6
+T 1.266(ormalise the).8 F F3(dataset)3.766 E F0(,)A F2
+(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.655 E/F4 10/Times-Italic@0
+SF(ne)14.655 E(ver)-.15 E F0 12.154(create or destro)14.655 F 14.654(ye)
+-.1 G 12.154(ncryption roots; use)-14.654 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 194.4 Q F4(must)2.5 E
+F0(be TPM-1.X-compatible.)2.5 E(If)108 211.2 Q F3(dataset)3.176 E F0 -.1
 (wa)3.176 G 3.176(sp).1 G(re)-3.176 E .676(viously encrypted with)-.25 F
 F2(tzpfms)3.176 E F0 .676(and the)3.176 F F1(TPM1.X)3.176 E F0 .676
 (back-end w)3.176 F .676(as used, the meta-)-.1 F .926
-(data will be silently cleared.)108 211.2 R .926
+(data will be silently cleared.)108 223.2 R .926
 (Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
 (ata required for manual interv)-3.426 F(ention)-.15 E
-(will be written to the standard error stream.)108 223.2 Q(Ne)108 240 Q
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
 .294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
 (ey i)-.1 H 2.794(sg).15 G .294(enerated on the TPM, optionally back)
 -2.794 F .294(ed up \(see)-.1 F F1(OPTIONS)2.794 E F0 .294
 (\), and sealed)B .586(on the TPM; the user is prompted for an optional\
- passphrase to protect the k)108 252 R .885 -.15(ey w)-.1 H .585
-(ith, and for the SRK).15 F(passphrase, set when taking o)108 264 Q
+ passphrase to protect the k)108 264 R .885 -.15(ey w)-.1 H .585
+(ith, and for the SRK).15 F(passphrase, set when taking o)108 276 Q
 (wnership, if not "well-kno)-.25 E(wn" \(all zeroes\).)-.25 E(The follo)
-108 280.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
-<83>128 292.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
-(TPM1.X)A<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
+108 292.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
+<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
+(TPM1.X)A<83>128 316.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
 F3(parent-key-blob)A F2(:)A F3(sealed-object-blob)A F5(tzpfms.backend)
-108 321.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
+108 333.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
 (ork with)-.1 F F1(TPM1.X)2.792 E F0(-back-ended)A F2(tzpfms)2.792 E F0
-.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 333.6 Q F0
+.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 345.6 Q F0
 (\(8\),)A F5(zfs-tpm1x-load-key)2.5 E F0(\(8\), and)A F5
-(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 350.4 Q F0
+(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 362.4 Q F0
 1.412(is a colon-separated pair of he)3.913 F 1.412
 (xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .867
-(\214rst one represents the RSA k)108 362.4 R 1.167 -.15(ey p)-.1 H .868
+(\214rst one represents the RSA k)108 374.4 R 1.167 -.15(ey p)-.1 H .868
 (rotecting the blob, and it is protected with either the passphrase, if)
-.15 F(pro)108 374.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
+.15 F(pro)108 386.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
 (CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.913 E F0 3.913(;t)C 1.413
 (he sec-)-3.913 F .379
-(ond represents the sealed object containing the wrapping k)108 386.4 R
+(ond represents the sealed object containing the wrapping k)108 398.4 R
 -.15(ey)-.1 G 2.879(,a)-.5 G .379
 (nd is protected with the SHA1 constant)-2.879 F F5
-(B9EE715DBE4B243FAA81EA04306E063710383E35)108 398.4 Q F0 6.721(.T)C
+(B9EE715DBE4B243FAA81EA04306E063710383E35)108 410.4 Q F0 6.721(.T)C
 1.721(here e)-6.721 F 1.721(xists no other user)-.15 F 1.72
 (-land tool for)-.2 F(decrypting this; perhaps there should be.)108
-410.4 Q(Finally)108 427.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
+422.4 Q(Finally)108 439.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
 -.25(va)-.25 G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F
 <ad6f>17.172 E F5(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5
-(keyformat=raw)108 439.2 Q F3(dataset)6.107 E F0 .107
+(keyformat=raw)108 451.2 Q F3(dataset)6.107 E F0 .107
 (is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G 5.106
 (.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
 (rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
 (to clean up the properties, or to issue a note for manual interv)108
-451.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 468
+463.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 480
 S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
 -.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.556 E F0
 6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
-(command succeeds, all is well, b)108 480 R .729
+(command succeeds, all is well, b)108 492 R .729
 (ut otherwise the dataset can be manually rolled back to a passphrase)
--.2 F(with)108 492 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
+-.2 F(with)108 504 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
 F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
 2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
-10.313 E F5(keyformat=passphrase)108 504 Q F3(dataset)6 E F0
+10.313 E F5(keyformat=passphrase)108 516 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm1x-clear-key)108 520.8 Q F3(dataset)7.607 E F0 1.607
+F2(zfs-tpm1x-clear-key)108 532.8 Q F3(dataset)7.607 E F0 1.607
 (can be used to clear the properties and go back to using a)4.107 F
-(passphrase.)108 532.8 Q F1(OPTIONS)72 549.6 Q F2<ad62>109.666 561.6 Q
-F3(backup-file)6 E F0(Sa)203 561.6 Q .352 -.15(ve a b)-.2 H .052
+(passphrase.)108 544.8 Q F1(OPTIONS)72 561.6 Q F2<ad62>109.666 573.6 Q
+F3(backup-file)6 E F0(Sa)203 573.6 Q .352 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
 E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
-F .694(This back-up)203 573.6 R F4(must)3.194 E F0 .694
+F .694(This back-up)203 585.6 R F4(must)3.194 E F0 .694
 (be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
 (-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 585.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 597.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 614.4 Q F3(PCR)6 E F0([)A F2(,)A F3
-(PCR)A F0 1.666(]...)C .638(Bind the k)203 614.4 R .939 -.15(ey t)-.1 H
+(nt,).15 E(the k)203 597.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 609.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 626.4 Q F3(PCR)6 E F0([)A F2(,)A F3
+(PCR)A F0 1.666(]...)C .638(Bind the k)203 626.4 R .939 -.15(ey t)-.1 H
 3.139(os).15 G .639(pace- or comma-separated)-3.139 F F3(PCR)3.139 E F0
 3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .639
-(hange, the wrap-)-3.139 F .463(ping k)203 626.4 R .763 -.15(ey w)-.1 H
+(hange, the wrap-)-3.139 F .463(ping k)203 638.4 R .763 -.15(ey w)-.1 H
 .463(ill not be able to be unsealed.).15 F .462
-(The minimum number of PCRs for a)5.462 F(PC TPM is)203 638.4 Q F1(24)
+(The minimum number of PCRs for a)5.462 F(PC TPM is)203 650.4 Q F1(24)
 2.5 E F0(\(numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0 2.5(]\). F)B
-(or most, this is also the maximum.)-.15 E F1(ENVIR)72 655.2 Q 1.666
-(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q
-F0 .045(By def)133 679.2 R .045(ault, passphrases are prompted for and \
+(or most, this is also the maximum.)-.15 E F1(ENVIR)72 667.2 Q 1.666
+(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q
+F0 .045(By def)133 691.2 R .045(ault, passphrases are prompted for and \
 read in on the standard output and input streams.)-.1 F(If)5.046 E F5
-(TZPFMS_PASSPHRASE_HELPER)133 691.2 Q F0 1.596(is set and nonempty)4.096
+(TZPFMS_PASSPHRASE_HELPER)133 703.2 Q F0 1.596(is set and nonempty)4.096
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F5
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 703.2 Q
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 715.2 Q
 (vide each passphrase, instead.)-.15 E .643
-(The standard output stream of the helper is tied to an anon)133 720 R
+(The standard output stream of the helper is tied to an anon)133 732 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
-133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
-(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
-(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
--.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-29-g1d39364)72
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(tzpfms 0.3.4-29-g1d39364)72
 817.889 Q(February 28, 2024)82.458 E(1)183.837 E 0 Cg EP
-%%Page: 2 4
+%%Page: 2 9
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 36.913(ZFS-TPM1X-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 34.412(anual ZFS-TPM1X-CHANGE-KEY\(8\))
--2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
-(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
-(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
--2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
 (he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 124.8 R 2.678(te)-.18 G .178
+(If the helper doesn')133 136.8 R 2.678(te)-.18 G .178
 (xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
 (127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
-(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
 -.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
-1.666(TPM1.X back-end con\214guration)72 153.6 R .625(TPM selection)87
-165.6 R F0(The)108 177.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
+1.666(TPM1.X back-end con\214guration)72 165.6 R .625(TPM selection)87
+177.6 R F0(The)108 189.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
 .229(suite connects to a local)2.729 F F1(tcsd)2.73 E F0 .23
 (\(8\) process \(at)B F1(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 189.6 Q
+-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 201.6 Q
 (vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 206.4 R(rouSerS)
+(to specify a remote TCS hostname.)2.5 E .111(The T)108 218.4 R(rouSerS)
 -.35 E F1(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F1(/dev/tpm0)2.61
 E F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
 F1(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-218.4 S(ing one of the earlier ones with, for e).1 E
+230.4 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F2 .625
-(See also)87 235.2 R F0(The T)108 247.2 Q
+(See also)87 247.2 R F0(The T)108 259.2 Q
 (rouSerS project page at https://sourcefor)-.35 E
 (ge.net/projects/trousers.)-.18 E 4.415
-(The TPM 1.2 main speci\214cation inde)108 264 R 6.915(xa)-.15 G 6.915
+(The TPM 1.2 main speci\214cation inde)108 276 R 6.915(xa)-.15 G 6.915
 (th)-6.915 G(ttps://trustedcomputinggroup.or)-6.915 E
-(g/resource/tpm-main-)-.18 E(speci\214cation.)108 276 Q F2 1.666
-(SPECIAL THANKS)72 292.8 R F0 1.6 -.8(To a)108 304.8 T
+(g/resource/tpm-main-)-.18 E(speci\214cation.)108 288 Q F2 1.666
+(SPECIAL THANKS)72 304.8 R F0 1.6 -.8(To a)108 316.8 T
 (ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
-.15 E F2<83>128 316.8 Q F0(ThePhD)7.5 E F2<83>128 328.8 Q F0
-(Embark Studios)7.5 E F2<83>128 340.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
-F2<83>128 352.8 Q F0(EvModder)7.5 E F2(REPOR)72 369.6 Q 1.666(TING B)-.4
-F(UGS)-.1 E F0(https://todo.sr)108 381.6 Q(.ht/\001nabijaczle)-.55 E
-(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 398.4 Q
+.15 E F2<83>128 328.8 Q F0(ThePhD)7.5 E F2<83>128 340.8 Q F0
+(Embark Studios)7.5 E F2<83>128 352.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
+F2<83>128 364.8 Q F0(EvModder)7.5 E F2(REPOR)72 381.6 Q 1.666(TING B)-.4
+F(UGS)-.1 E F0(https://todo.sr)108 393.6 Q(.ht/\001nabijaczle)-.55 E
+(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 410.4 Q
 F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
-(https://lists.sr)108 410.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
--.25 E F2 1.666(SEE ALSO)72 427.2 R F0
-(PCR allocations: https://wiki.archlinux.or)108 439.2 Q(g/title/T)-.18 E
+(https://lists.sr)108 422.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
+-.25 E F2 1.666(SEE ALSO)72 439.2 R F0
+(PCR allocations: https://wiki.archlinux.or)108 451.2 Q(g/title/T)-.18 E
 (rusted_Platform_Module#Accessing_PCR_re)-.35 E(gisters)-.15 E
-(and https://trustedcomputinggroup.or)108 451.2 Q
+(and https://trustedcomputinggroup.or)108 463.2 Q
 (g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
-r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 463.2 Q
-(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-29-g1d39364)72 817.889 Q
+r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 475.2 Q
+(able)-.8 E(1.)108 487.2 Q(tzpfms 0.3.4-29-g1d39364)72 817.889 Q
 (February 28, 2024)82.458 E(2)183.837 E 0 Cg EP
-%%Page: 1 5
+%%Page: 1 10
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -533,14 +906,14 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.007 G -.25(ew)-3.008 G
 .508(rap ZFS dataset k).25 F .808 -.15(ey i)-.1 H 3.008(np).15 G(asssw)
 -3.008 E .508(ord and clear tzpfms TPM1.X meta-)-.1 F(data)108 108 Q F1
-(SYNOPSIS)72 124.8 Q F2(zfs-tpm-list)108 136.8 Q/F3 10/Courier-Oblique@0
-SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0(After v)108 165.6 Q
-(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
-(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM1.X)
-2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F -.25(va)
--.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
-/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
-(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(TPM1.X)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F
+-.25(va)-.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.307 E/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
 201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
 (xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
@@ -575,7 +948,7 @@ F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 504 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-29-g1d39364)72 817.889 Q(December 4, 2022)82.463 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 6
+%%Page: 1 11
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -584,13 +957,13 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm1x-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .191
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1(wa)2.691
-G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E F0(back)
-2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69 F .49
--.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)2.5 E
-F0(.)A .236
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .191(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1
+(wa)2.691 G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E
+F0(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69
+F .49 -.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)
+2.5 E F0(.)A .236
 (The user is \214rst prompted for the SRK passphrase, set when taking o)
 108 182.4 R .236(wnership, if not "well-kno)-.25 F .236(wn" \(all)-.25 F
 (zeroes\); then for the additional passphrase, set when creating the k)
@@ -655,7 +1028,7 @@ F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 696 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-29-g1d39364)72 817.889 Q(December 4, 2022)82.463 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 7
+%%Page: 1 12
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -664,132 +1037,132 @@ BP
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5
 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666
-(]...)C([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)
-A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])
-A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.676 -.8(To n)108 165.6
-T(ormalise).8 E F3(dataset)2.576 E F0(,)A F2(zfs-tpm-list)2.576 E F0
-.076(will open its encryption root in its stead.)2.576 F F2
-(zfs-tpm-list)5.077 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5
-E(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G
-(ncryption roots; use)-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0
-(\(8\) for that.)A(First, a connection is made to the TPM, which)108
-194.4 Q F4(must)2.5 E F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3
-(dataset)3.055 E F0 -.1(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555
-(viously encrypted with)-.25 F F2(tzpfms)3.055 E F0 .555(and the)3.055 F
-F1(TPM2)3.055 E F0 .554(back-end w)3.054 F .554(as used, the pre)-.1 F
-(vious)-.25 E -.1(ke)108 223.2 S 3.059(yw)-.05 G .559
-(ill be freed from the TPM.)-3.059 F .56
-(Otherwise, or in case of an error)5.56 F 3.06(,d)-.4 G .56
-(ata required for manual interv)-3.06 F(en-)-.15 E
-(tion will be written to the standard error stream.)108 235.2 Q(Ne)108
-252 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0
+1.666(]...)C([)234 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A
+F2(,)A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A
+F0(]])A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 4.319 -.8(To n)108
+165.6 T(ormalise).8 E F3(dataset)5.219 E F0(,)A F2(zfs-fido2-add-backup)
+5.219 E F0 2.72(will open its encryption root in its stead.)5.219 F F2
+(zfs-fido2-add-backup)108 177.6 Q F0(will)14.655 E/F4 10/Times-Italic@0
+SF(ne)14.655 E(ver)-.15 E F0 12.154(create or destro)14.655 F 14.654(ye)
+-.1 G 12.154(ncryption roots; use)-14.654 F/F5 10/Courier@0 SF
+(zfs-change-key)108 189.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 206.4 Q F4(must)2.5 E
+F0(be TPM-2.0-compatible.)2.5 E(If)108 223.2 Q F3(dataset)3.054 E F0 -.1
+(wa)3.054 G 3.054(sp).1 G(re)-3.054 E .554(viously encrypted with)-.25 F
+F2(tzpfms)3.055 E F0 .555(and the)3.055 F F1(TPM2)3.055 E F0 .555
+(back-end w)3.055 F .555(as used, the pre)-.1 F(vious)-.25 E -.1(ke)108
+235.2 S 3.06(yw)-.05 G .56(ill be freed from the TPM.)-3.06 F .56
+(Otherwise, or in case of an error)5.56 F 3.059(,d)-.4 G .559
+(ata required for manual interv)-3.059 F(en-)-.15 E
+(tion will be written to the standard error stream.)108 247.2 Q(Ne)108
+264 Q .294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
 -.15(ey i)-.1 H 2.794(sg).15 G .294
 (enerated on the TPM, optionally back)-2.794 F .294(ed up \(see)-.1 F F1
-(OPTIONS)2.794 E F0 .294(\), and sealed)B .588
-(to a persistent object on the TPM under the o)108 264 R .589
-(wner hierarch)-.25 F .589(y; if there is a passphrase set on the o)-.05
-F(wner)-.25 E(hierarch)108 276 Q 1.603 -.65(y, t)-.05 H .302
+(OPTIONS)2.794 E F0 .294(\), and sealed)B .589
+(to a persistent object on the TPM under the o)108 276 R .589
+(wner hierarch)-.25 F .588(y; if there is a passphrase set on the o)-.05
+F(wner)-.25 E(hierarch)108 288 Q 1.602 -.65(y, t)-.05 H .302
 (he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .302
 (ys prompted for an optional passphrase to protect).1 F
-(the sealed object with.)108 288 Q(The follo)108 304.8 Q
+(the sealed object with.)108 300 Q(The follo)108 316.8 Q
 (wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
-316.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
-128 328.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
-(persistent-object-ID)A F0([)139 340.8 Q F2(;)A F3(algorithm)A F2(:)A F3
+328.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
+128 340.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
+(persistent-object-ID)A F0([)139 352.8 Q F2(;)A F3(algorithm)A F2(:)A F3
 (PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3
 (algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
-1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.263
-(identi\214es this dataset for w)3.763 F 1.264(ork with)-.1 F F1(TPM2)
-3.764 E F0(-back-ended)A F2(tzpfms)3.764 E F0 1.264(tools \(namely)3.764
-F F5(zfs-tpm2-change-key)108 369.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
+1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 369.6 Q F0 1.264
+(identi\214es this dataset for w)3.764 F 1.263(ork with)-.1 F F1(TPM2)
+3.763 E F0(-back-ended)A F2(tzpfms)3.763 E F0 1.263(tools \(namely)3.763
+F F5(zfs-tpm2-change-key)108 381.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
 2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0(\(8\)\).)A F5
-(tzpfms.key)108 386.4 Q F0 1.509(is an inte)4.009 F 1.509
+(tzpfms.key)108 398.4 Q F0 1.508(is an inte)4.008 F 1.509
 (ger representing the sealed object, optionally follo)-.15 F 1.509
-(wed by a semicolon and)-.25 F .822(PCR list as speci\214ed with)108
-398.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
-(tpm-tools)3.322 E F0 .823(-toolchain-compatible; if needed, it can)B
-.866(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
+(wed by a semicolon and)-.25 F .823(PCR list as speci\214ed with)108
+410.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
+(tpm-tools)3.322 E F0 .822(-toolchain-compatible; if needed, it can)B
+.865(be passed to)108 422.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
 (${tzpfms.key)6.866 E F2(%%)A F5(;)A/F6 10/Symbol SF(*)A F5(})A F0(with)
-3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.365("o)
-C(r)-3.365 E F2<ad70>109.666 422.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
-F2(#)A F6(*)A F5(;})A F0 .727(", as the case may be, or equi)B -.25(va)
--.25 G .728(lent, for back-up \(see).25 F F1(OPTIONS)3.228 E F0(\).)A
-.448(If you ha)108 434.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
+3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.366("o)
+C(r)-3.366 E F2<ad70>109.666 434.4 Q F0(")6.728 E F5(pcr:${tzpfms.key)A
+F2(#)A F6(*)A F5(;})A F0 .728(", as the case may be, or equi)B -.25(va)
+-.25 G .727(lent, for back-up \(see).25 F F1(OPTIONS)3.227 E F0(\).)A
+.447(If you ha)108 446.4 R .747 -.15(ve a s)-.2 H .447(ealed k).15 F
 .748 -.15(ey y)-.1 H .448(ou can access with that or equi).15 F -.25(va)
--.25 G .447(lent tool and set both of these properties, it).25 F
-(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.005
-(,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25 G 9.505(lent of).25 F F2
-9.505(zfs change-key)12.005 F<ad6f>17.172 E F5(keylocation=prompt)15.506
-E F2<ad6f>17.172 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.107 E F0
-.107(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G
-5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
-(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F .289(to clean\
+-.25 G .448(lent tool and set both of these properties, it).25 F
+(will funxion seamlessly)108 458.4 Q(.)-.65 E(Finally)108 475.2 Q 12.006
+(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25 G 9.506(lent of).25 F F2
+9.505(zfs change-key)12.005 F<ad6f>17.171 E F5(keylocation=prompt)15.505
+E F2<ad6f>17.171 E F5(keyformat=raw)108 487.2 Q F3(dataset)6.106 E F0
+.106(is performed with the ne)2.606 F 2.606(wk)-.25 G -.15(ey)-2.706 G
+5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .107
+(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F .289(to clean\
  up the persistent object and properties, or to issue a note for manual\
- interv)108 487.2 R .29(ention into the stan-)-.15 F(dard error stream.)
-108 499.2 Q 2.625<418c>108 516 S .125(nal v)-2.625 F .125
-(eri\214cation should be made by running)-.15 F F2 1.79
-(zfs-tpm2-load-key \255n)2.624 F F3(dataset)6.124 E F0 5.124(.I)C 2.624
-(ft)-5.124 G .124(hat com-)-2.624 F .506(mand succeeds, all is well, b)
-108 528 R .506(ut otherwise the dataset can be manually rolled back to \
-a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 540 Q F3(dataset)
-11.539 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
+ interv)108 499.2 R .289(ention into the stan-)-.15 F
+(dard error stream.)108 511.2 Q 2.624<418c>108 528 S .124(nal v)-2.624 F
+.124(eri\214cation should be made by running)-.15 F F2 1.791
+(zfs-tpm2-load-key \255n)2.625 F F3(dataset)6.125 E F0 5.125(.I)C 2.625
+(ft)-5.125 G .125(hat com-)-2.625 F .507(mand succeeds, all is well, b)
+108 540 R .506(ut otherwise the dataset can be manually rolled back to \
+a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 552 Q F3(dataset)
+11.538 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
 -8.039 F 5.539(ails to w)-.1 F(ork,)-.1 E F2 5.539(zfs change-key)8.039
-F<ad6f>13.204 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
+F<ad6f>13.205 E F5(keyformat=passphrase)108 564 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm2-clear-key)108 568.8 Q F3(dataset)6.029 E F0 .029
+F2(zfs-tpm2-clear-key)108 580.8 Q F3(dataset)6.029 E F0 .029
 (can be used to free the TPM persistent object and go back to us-)2.529
-F(ing a passphrase.)108 580.8 Q F1(OPTIONS)72 597.6 Q F2<ad62>109.666
-609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .353 -.15(ve a b)-.2 H .052
+F(ing a passphrase.)108 592.8 Q F1(OPTIONS)72 609.6 Q F2<ad62>109.666
+621.6 Q F3(backup-file)6 E F0(Sa)203 621.6 Q .352 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
-E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
-F .693(This back-up)203 621.6 R F4(must)3.193 E F0 .694
-(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
-(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 633.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 645.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 662.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
+F .694(This back-up)203 633.6 R F4(must)3.194 E F0 .694
+(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 645.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 657.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 674.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
 A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3(algorithm)
 A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C 1.666(]...)
--1.666 G 1.425(Bind the k)203 674.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
-G 1.425(pace- or comma-separated)-3.925 F F3(PCR)3.924 E F0 3.924(sw)C
-1.424(ithin their corresponding)-3.924 F(hashing)203 686.4 Q F3
-(algorithm)2.523 E F0 2.523<8a69>2.523 G 2.523(ft)-2.523 G(he)-2.523 E
+-1.666 G 1.424(Bind the k)203 686.4 R 1.724 -.15(ey t)-.1 H 3.924(os).15
+G 1.424(pace- or comma-separated)-3.924 F F3(PCR)3.925 E F0 3.925(sw)C
+1.425(ithin their corresponding)-3.925 F(hashing)203 698.4 Q F3
+(algorithm)2.524 E F0 2.524<8a69>2.524 G 2.523(ft)-2.524 G(he)-2.523 E
 2.523(yc)-.15 G .023(hange, the wrapping k)-2.523 F .323 -.15(ey w)-.1 H
-.024(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
+.023(ill not be able to be).15 F 2.5(unsealed. There)203 710.4 R(are)2.5
 E F1(24)2.5 E F0(PCRs, numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0(].)
-A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
+A F3(algorithm)203 727.2 Q F0 2.968(may be an)5.468 F 5.468(yo)-.15 G
 5.468(fc)-5.468 G(ase-insensiti)-5.468 E 3.268 -.15(ve ")-.25 H F1(sha1)
-.15 E F0 2.968(", ")B F1(sha256)A F0 2.968(", ")B F1(sha384)A F0(",)A(")
-203 727.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
+.15 E F0 2.968(", ")B F1(sha256)A F0 2.969(", ")B F1(sha384)A F0(",)A(")
+203 739.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
 (sm3-256)A F0 4.983(", ")B F1(sha3_256)A F0 4.983(", ")B F1(sha3-256)A
-F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 739.2 Q F1(sha3-384)A F0
+F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 751.2 Q F1(sha3-384)A F0
 (", ")A F1(sha3_512)A F0(", or ")A F1(sha3-512)A F0
 (", and must be supported by the TPM.)A(tzpfms 0.3.4-29-g1d39364)72
 817.889 Q(February 28, 2024)82.458 E(1)183.837 E 0 Cg EP
-%%Page: 2 8
+%%Page: 2 13
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 44.133(ZFS-TPM2-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 41.632(anual ZFS-TPM2-CHANGE-KEY\(8\))-2.5
 F/F1 10/Courier-Bold@0 SF<ad41>109.666 84 Q F0 -.4(Wi)203 84 S(th).4 E
-F1<ad50>4.589 E F0 2.923(,a)C .422(lso prompt for a passphrase.)-2.923 F
-.422(This is skipped by def)5.422 F .422(ault because the)-.1 F .675
+F1<ad50>4.588 E F0 2.922(,a)C .422(lso prompt for a passphrase.)-2.922 F
+.422(This is skipped by def)5.422 F .423(ault because the)-.1 F .675
 (passphrase is)203 96 R/F2 10/Times-Italic@0 SF(OR)3.175 E F0 .675
 (ed with the PCR polic)B 3.175(y\212t)-.15 G .675(he wrapping k)-3.175 F
 .975 -.15(ey c)-.1 H .675(an be unsealed).15 F F2(either)203 108 Q F0
-1.39(passphraseless with the right PCRs)3.89 F F2(or)3.89 E F0 1.389
+1.389(passphraseless with the right PCRs)3.889 F F2(or)3.89 E F0 1.39
 (with the passphrase, and this is)3.89 F(usually not the intent.)203 120
 Q/F3 10/Times-Bold@0 SF(ENVIR)72 136.8 Q 1.666(ONMENT V)-.3 F(ARIABLES)
--1.35 E/F4 10/Courier@0 SF(TZPFMS_PASSPHRASE_HELPER)108 148.8 Q F0 .045
+-1.35 E/F4 10/Courier@0 SF(TZPFMS_PASSPHRASE_HELPER)108 148.8 Q F0 .046
 (By def)133 160.8 R .045(ault, passphrases are prompted for and read in\
- on the standard output and input streams.)-.1 F(If)5.046 E F4
-(TZPFMS_PASSPHRASE_HELPER)133 172.8 Q F0 1.596(is set and nonempty)4.096
+ on the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 172.8 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
-(/bin/)4.095 E F1 3.261(sh \255c)B F0(to)4.095 E(pro)133 184.8 Q
+(/bin/)4.096 E F1 3.262(sh \255c)B F0(to)4.096 E(pro)133 184.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 201.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -802,10 +1175,10 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
 249.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 261.6 Q F0("ag)160 261.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 278.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F3(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 278.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F3(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 290.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F3 1.666
 (TPM2 back-end con\214guration)72 307.2 R(En)87 319.2 Q(vir)-.4 E .625
@@ -814,13 +1187,13 @@ Q 2.5(yo)-.15 G(f:)-2.5 E F3(NONE)2.5 E F0(,)A F3(ERR)2.5 E(OR)-.3 E F0
 (,)A F3 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F3(INFO)2.5 E F0(,)A F3(DEB)2.5
 E(UG)-.1 E F0(,)A F3(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E
 F3 -1.2(WA)2.5 G(RNING)1.2 E F0(.)A F3 .625(TPM selection)87 348 R F0
-.621(The library)108 360 R F1(libtss2-tcti-default.so)3.121 E F0 .621
-(can be link)3.121 F .621(ed to an)-.1 F 3.122(yo)-.15 G 3.122(ft)-3.122
-G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
-(li-)3.122 E .781(braries to select the def)108 372 R .781
-(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4
-(/dev/tpm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4(localhost:2321)3.28 E F0
-(will be tried, in order \(see)108 384 Q F4(ESYS_CONTEXT)2.5 E F0
+.622(The library)108 360 R F1(libtss2-tcti-default.so)3.122 E F0 .622
+(can be link)3.122 F .621(ed to an)-.1 F 3.121(yo)-.15 G 3.121(ft)-3.121
+G(he)-3.121 E F4(libtss2-tcti-)3.121 E/F5 10/Symbol SF(*)A F4(.so)A F0
+(li-)3.121 E .78(braries to select the def)108 372 R .78
+(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.281 E F0 3.281(,t)C(hen)-3.281 E
+F4(/dev/tpm0)3.281 E F0 3.281(,t)C(hen)-3.281 E F4(localhost:2321)3.281
+E F0(will be tried, in order \(see)108 384 Q F4(ESYS_CONTEXT)2.5 E F0
 (\(3\)\).)A F3 .625(See also)87 400.8 R F0 2.247
 (The tpm2-tss git repository at https://github)108 412.8 R
 (.com/tpm2-softw)-.4 E 2.247(are/tpm2-tss and the documentation at)-.1 F
@@ -837,7 +1210,7 @@ G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
 F3<83>128 542.4 Q F0(EvModder)7.5 E F3(REPOR)72 559.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 571.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 588 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 600 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 (PCR allocations: https://wiki.archlinux.or)108 645.6 Q(g/title/T)-.18 E
@@ -847,7 +1220,7 @@ E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 669.6 Q
 (able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-29-g1d39364)72 817.889 Q
 (February 28, 2024)82.458 E(2)183.837 E 0 Cg EP
-%%Page: 1 9
+%%Page: 1 14
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -857,13 +1230,13 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-clear-key)108 96 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G
 (rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
 (ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q F2
-(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
-(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
+(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5
+E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
 (dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2
 (tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 5
-(1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)-.25 G 5.641
-(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.308 E/F4 10
-/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E F4
+(1. performs)118 165.6 R 5.642(the equi)8.142 F -.25(va)-.25 G 5.642
+(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E/F4 10
+/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
 (keyformat=passphrase)133 177.6 Q F3(dataset)6 E F0(,)A 5(2. frees)118
 189.6 R(the sealed k)2.5 E .3 -.15(ey p)-.1 H(re).15 E
 (viously used to encrypt)-.25 E F3(dataset)2.5 E F0(,)A 5(3. remo)118
@@ -872,12 +1245,12 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
 213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm2-change-key)2.5 E F0
 (\(8\) for a detailed description.)A F1(ENVIR)72 247.2 Q 1.666(ONMENT V)
--.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .045
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .046
 (By def)133 271.2 R .045(ault, passphrases are prompted for and read in\
- on the standard output and input streams.)-.1 F(If)5.046 E F4
-(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.596(is set and nonempty)4.096
+ on the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 295.2 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 295.2 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 312 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -889,10 +1262,10 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
 2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 360 Q F0("ne)160 360 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
 -2.5 E F4($4)143 372 Q F0("ag)160 372 Q(ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 388.8 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 388.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 400.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM2 back-end con\214guration)72 417.6 R(En)87 429.6 Q(vir)-.4 E .625
@@ -901,13 +1274,13 @@ Q 2.5(yo)-.15 G(f:)-2.5 E F1(NONE)2.5 E F0(,)A F1(ERR)2.5 E(OR)-.3 E F0
 (,)A F1 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F1(INFO)2.5 E F0(,)A F1(DEB)2.5
 E(UG)-.1 E F0(,)A F1(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E
 F1 -1.2(WA)2.5 G(RNING)1.2 E F0(.)A F1 .625(TPM selection)87 458.4 R F0
-.621(The library)108 470.4 R F2(libtss2-tcti-default.so)3.121 E F0 .621
-(can be link)3.121 F .621(ed to an)-.1 F 3.122(yo)-.15 G 3.122(ft)-3.122
-G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
-(li-)3.122 E .781(braries to select the def)108 482.4 R .781
-(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4
-(/dev/tpm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4(localhost:2321)3.28 E F0
-(will be tried, in order \(see)108 494.4 Q F4(ESYS_CONTEXT)2.5 E F0
+.622(The library)108 470.4 R F2(libtss2-tcti-default.so)3.122 E F0 .622
+(can be link)3.122 F .621(ed to an)-.1 F 3.121(yo)-.15 G 3.121(ft)-3.121
+G(he)-3.121 E F4(libtss2-tcti-)3.121 E/F5 10/Symbol SF(*)A F4(.so)A F0
+(li-)3.121 E .78(braries to select the def)108 482.4 R .78
+(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.281 E F0 3.281(,t)C(hen)-3.281 E
+F4(/dev/tpm0)3.281 E F0 3.281(,t)C(hen)-3.281 E F4(localhost:2321)3.281
+E F0(will be tried, in order \(see)108 494.4 Q F4(ESYS_CONTEXT)2.5 E F0
 (\(3\)\).)A F1 .625(See also)87 511.2 R F0 2.247
 (The tpm2-tss git repository at https://github)108 523.2 R
 (.com/tpm2-softw)-.4 E 2.247(are/tpm2-tss and the documentation at)-.1 F
@@ -924,11 +1297,11 @@ G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
 F1<83>128 652.8 Q F0(EvModder)7.5 E F1(REPOR)72 669.6 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 681.6 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 698.4 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 710.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-29-g1d39364)72 817.889 Q(December 4, 2022)82.463 E
 (1)183.842 E 0 Cg EP
-%%Page: 1 10
+%%Page: 1 15
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -937,28 +1310,28 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .864
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1(wa)3.364
-G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E F0(back)
-3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865(nseals the k)-3.365
-F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F(into)108 165.6 Q F3
-(dataset)2.5 E F0(.)A(The user is prompted for the additional passphras\
-e, set when creating the k)108 182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5
-(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4 10/Courier@0 SF
-(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
-(OPTIONS)72 216 Q F2<ad6e>109.666 228 Q F0 3.208
-(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25 G 5.708(ni).15
-G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708(sa)
-.15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G 3.207
-(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)C F2<ad6e>
-4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)-.3 F
-(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .865(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.365 E F0 -.1
+(wa)3.365 G 3.365(se).1 G .865(ncrypted with)-3.365 F F2(tzpfms)3.365 E
+F0(back)3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .864
+(nseals the k)-3.365 F 1.164 -.15(ey a)-.1 H .864(nd loads it).15 F
+(into)108 165.6 Q F3(dataset)2.5 E F0(.)A(The user is prompted for the \
+additional passphrase, set when creating the k)108 182.4 Q -.15(ey)-.1 G
+2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4
+10/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(OPTIONS)72 216 Q F2<ad6e>109.666
+228 Q F0 3.208(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25
+G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)
+-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.208 E -.25(va)
+-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131 240 Q F0 -.55('s)
+C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .046
 (By def)133 280.8 R .045(ault, passphrases are prompted for and read in\
- on the standard output and input streams.)-.1 F(If)5.046 E F4
-(TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.596(is set and nonempty)4.096
+ on the standard output and input streams.)-.1 F(If)5.045 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 304.8 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 304.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 321.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -971,23 +1344,23 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
 369.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 381.6 Q F0("ag)160 381.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 398.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 398.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 410.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM1.X back-end con\214guration)72 427.2 R .625(TPM selection)87 439.2
-R F0(The)108 451.2 Q F2(tzpfms)2.729 E F0 .229
-(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 463.2 Q
-(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 480 R(rouSerS)
--.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-492 S(ing one of the earlier ones with, for e).1 E
+R F0(The)108 451.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
+2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
+2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
+F(the)2.729 E(en)108 463.2 Q(vironment v)-.4 E(ariable)-.25 E F4
+(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
+(The T)108 480 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
+(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
+(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
+2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 492 S
+(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 508.8 R F0(The T)108 520.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -1002,7 +1375,7 @@ F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
 F1<83>128 626.4 Q F0(EvModder)7.5 E F1(REPOR)72 643.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 655.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 672 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 684 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-29-g1d39364)72 817.889 Q(December 4, 2022)82.463 E(1)
 183.842 E 0 Cg EP
diff --git a/zfs-fido2-add-backup.8 b/zfs-fido2-add-backup.8
new file mode 100644
index 0000000..08a80cb
--- /dev/null
+++ b/zfs-fido2-add-backup.8
@@ -0,0 +1,125 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-ADD-BACKUP 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-add-backup
+.Nd allow another FIDO2 device to unlock ZFS dataset
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After
+.Xr zfs-fido2-change-key 8
+derives the key for a dataset from a FIDO2 device,
+.Nm
+may be executed to extend this to any number of additional devices.
+.Pp
+First, the wrapping key is extracted as normally during
+.Xr zfs-fido2-load-key 8 ,
+then a credential is made as-if during
+.Xr zfs-fido2-change-key 8
+(except the "primary" device and all the ones holding backups are excluded from the search);
+however, the
+.Ql hmac-secret
+is instead used as a symmetric AES-256-GCM
+.Pq Xr EVP_CIPHER-AES 7ssl
+key to encrypt the wrapping key directly with a random IV.
+.Pp
+This turns the
+.Li xyz.nabijaczleweli:tzpfms.key
+variable into
+.br
+.Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns Ar backup-salt Ns Cm :\:\& Ns Ar backup-credential-ID Ns Cm :\:\& Ns Ar backup-credential-public-key Ns Cm :\:\& Ns Ar IV Ns Cm :\:\& Ns Ar encrypted-key Oc Ns …
+.Pp
+.Li tzpfms.key
+is actually a dot-separated list of device bundles.
+The first one is as-described in
+.Xr zfs-fido2-change-key 8 .
+Subsequent ones also include (identically-encoded) IVs and encrypted blobs.
+.Pp
+.Xr zfs-fido2-load-key 8
+shops assertions around devices in a device-major order \(em
+depending on device numbering, a backup may be loaded even if the primary device is present.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-add-backup.8.html b/zfs-fido2-add-backup.8.html
new file mode 100644
index 0000000..e6d3444
--- /dev/null
+++ b/zfs-fido2-add-backup.8.html
@@ -0,0 +1,153 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-ADD-BACKUP(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-add-backup</code> &#x2014;
+    <span class="Nd">allow another FIDO2 device to unlock ZFS dataset</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-add-backup</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    derives the key for a dataset from a FIDO2 device,
+    <code class="Nm">zfs-fido2-add-backup</code> may be executed to extend this
+    to any number of additional devices.</p>
+<p class="Pp">First, the wrapping key is extracted as normally during
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    then a credential is made as-if during
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    (except the &quot;primary&quot; device and all the ones holding backups are
+    excluded from the search); however, the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; is instead used as a
+    symmetric AES-256-GCM
+    (<a class="Xr" href="https://manpages.debian.org/bookworm/EVP_CIPHER-AES.7ssl">EVP_CIPHER-AES(7ssl)</a>)
+    key to encrypt the wrapping key directly with a random IV.</p>
+<p class="Pp">This turns the
+    <code class="Li">xyz.nabijaczleweli:tzpfms.key</code> variable into
+  <br/>
+  <var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code><var class="Ar">backup-salt</var><code class="Cm">:</code><var class="Ar">backup-credential-ID</var><code class="Cm">:</code><var class="Ar">backup-credential-public-key</var><code class="Cm">:</code><var class="Ar">IV</var><code class="Cm">:</code><var class="Ar">encrypted-key</var>]&#x2026;</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is actually a dot-separated
+    list of device bundles. The first one is as-described in
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>.
+    Subsequent ones also include (identically-encoded) IVs and encrypted
+  blobs.</p>
+<p class="Pp"><a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>
+    shops assertions around devices in a device-major order &#x2014; depending
+    on device numbering, a backup may be loaded even if the primary device is
+    present.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-change-key.8 b/zfs-fido2-change-key.8
new file mode 100644
index 0000000..8238eba
--- /dev/null
+++ b/zfs-fido2-change-key.8
@@ -0,0 +1,188 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd March  4, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CHANGE-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-change-key
+.Nd change ZFS dataset key to one authenticated by a FIDO2 device
+.Sh SYNOPSIS
+.Nm
+.Op Fl b Ar backup-file
+.Ar dataset
+.
+.Sh DESCRIPTION
+To normalise the
+.Ar dataset ,
+.Nm
+will open its encryption root in its stead.
+.Nm
+will
+.Em never
+create or destroy encryption roots; use
+.Xr zfs-change-key 8
+for that.
+.Pp
+First, a connection is made to the FIDO2 device, which
+.Em must
+support the
+.Ql hmac-secret
+extension.
+.Pp
+If
+.Ar dataset
+was previously encrypted with
+.Nm fzifdso
+and the
+.Sy FIDO2
+back-end was used, previous credentials will be deleted from their devices (as-if via
+.Xr zfs-fido2-clear-key 8 ) ,
+if available.
+Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
+.Pp
+Next, a new credential of type ES256 is generated on the device (with relying party ID
+.Li fzifdso
+and name equal to the dataset name)
+with the
+.Ql hmac-secret
+extension requested; the device PIN, if any, is prompted for here.
+This mimicks a WebAuthn registration step.
+.Pp
+Then, the credential is asserted with a 32-byte random salt,
+which hashes it with device-private data, and thus generates the wrapping key
+.Pq which is optionally backed up Pq see Sx OPTIONS .
+This mimicks a WebAuthn login step.
+.Pp
+The following properties are set on
+.Ar dataset :
+.Bl -bullet -compact -offset 4n -width "@"
+.It
+.Li xyz.nabijaczleweli:tzpfms.backend Ns = Ns Sy FIDO2
+.It
+.Li xyz.nabijaczleweli:tzpfms.key Ns = Ns Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns … Oc Ns …
+.El
+.Pp
+.Li tzpfms.backend
+identifies this dataset for work with
+.Sy FIDO2 Ns -back-ended
+.Nm tzpfms
+tools
+.Pq i.e. Nm fzifdso Xr zfs-fido2-change-key 8 , Xr zfs-fido2-load-key 8 , Xr zfs-fido2-add-backup 8 , and Xr zfs-fido2-clear-key 8 .
+.Pp
+.Li tzpfms.key
+is a colon-separated tuple of unpadded URL-safe base64 blobs;
+the first one is the random salt;
+the second represents the ID of created credential,
+and the third \(en its public key.
+There exists no other user-land tool for deciphering this; perhaps there should be.
+.\"" TODO: make an LD_PRELOADable for extracting the key maybe?
+.Pp
+Finally, the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=raw Ar dataset
+is performed with the new key.
+If an error occurred, best effort is made to clean up the properties,
+or to issue a note for manual intervention into the standard error stream.
+.Pp
+A final verification should be made by running
+.Nm zfs-fido2-load-key Fl n Ar dataset .
+If that command succeeds, all is well,
+but otherwise the dataset can be manually rolled back to a passphrase with
+.Nm zfs-fido2-clear-key Ar dataset
+.Pq or, if that fails to work, Nm zfs Cm change-key Fl o Li keyformat=passphrase Ar dataset ,
+and you are hereby asked to report a bug, please.
+.Pp
+.Nm zfs-fido2-clear-key Ar dataset
+can be used to clear the properties and go back to using a passphrase.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl b Ar backup-file"
+.It Fl b Ar backup-file
+Save a back-up of the key to
+.Ar backup-file ,
+which must not exist beforehand.
+This back-up
+.Em must
+be stored securely, off-site.
+In case of a catastrophic event, the key can be loaded by running
+.Dl Nm zfs Cm load-key Ar dataset Li < Ar backup-file
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-change-key.8.html b/zfs-fido2-change-key.8.html
new file mode 100644
index 0000000..8cd7f1a
--- /dev/null
+++ b/zfs-fido2-change-key.8.html
@@ -0,0 +1,207 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CHANGE-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-change-key</code> &#x2014;
+    <span class="Nd">change ZFS dataset key to one authenticated by a FIDO2
+    device</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-change-key</code></td>
+    <td>[<code class="Fl">-b</code> <var class="Ar">backup-file</var>]
+      <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">To normalise the <var class="Ar">dataset</var>,
+    <code class="Nm">zfs-fido2-change-key</code> will open its encryption root
+    in its stead. <code class="Nm">zfs-fido2-change-key</code> will
+    <a class="permalink" href="#never"><i class="Em" id="never">never</i></a>
+    create or destroy encryption roots; use
+    <a class="Xr" href="https://manpages.debian.org/bookworm/zfs-change-key.8">zfs-change-key(8)</a>
+    for that.</p>
+<p class="Pp">First, a connection is made to the FIDO2 device, which
+    <i class="Em">must</i> support the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension.</p>
+<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
+    <code class="Nm">fzifdso</code> and the <b class="Sy">FIDO2</b> back-end was
+    used, previous credentials will be deleted from their devices (as-if via
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>),
+    if available. Otherwise, or in case of an error, data required for manual
+    intervention will be written to the standard error stream.</p>
+<p class="Pp">Next, a new credential of type ES256 is generated on the device
+    (with relying party ID <code class="Li">fzifdso</code> and name equal to the
+    dataset name) with the &#x2018;<code class="Li">hmac-secret</code>&#x2019;
+    extension requested; the device PIN, if any, is prompted for here. This
+    mimicks a WebAuthn registration step.</p>
+<p class="Pp">Then, the credential is asserted with a 32-byte random salt, which
+    hashes it with device-private data, and thus generates the wrapping key
+    (which is optionally backed up (see
+    <a class="Sx" href="#OPTIONS">OPTIONS</a>)). This mimicks a WebAuthn login
+    step.</p>
+<p class="Pp">The following properties are set on
+  <var class="Ar">dataset</var>:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li id="xyz.nabijaczleweli:tzpfms.backend"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.backend"><code class="Li">xyz.nabijaczleweli:tzpfms.backend</code></a>=<b class="Sy">FIDO2</b></li>
+  <li id="xyz.nabijaczleweli:tzpfms.key"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.key"><code class="Li">xyz.nabijaczleweli:tzpfms.key</code></a>=<var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code>&#x2026;]&#x2026;</li>
+</ul>
+<p class="Pp"><code class="Li">tzpfms.backend</code> identifies this dataset for
+    work with <b class="Sy">FIDO2</b>-back-ended <code class="Nm">tzpfms</code>
+    tools (i.e. <code class="Nm">fzifdso</code>
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-add-backup.8.html">zfs-fido2-add-backup(8)</a>,
+    and
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>).</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is a colon-separated tuple of
+    unpadded URL-safe base64 blobs; the first one is the random salt; the second
+    represents the ID of created credential, and the third &#x2013; its public
+    key. There exists no other user-land tool for deciphering this; perhaps
+    there should be.</p>
+<p class="Pp">Finally, the equivalent of <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=raw</code> <var class="Ar">dataset</var> is
+    performed with the new key. If an error occurred, best effort is made to
+    clean up the properties, or to issue a note for manual intervention into the
+    standard error stream.</p>
+<p class="Pp">A final verification should be made by running
+    <code class="Nm">zfs-fido2-load-key</code> <code class="Fl">-n</code>
+    <var class="Ar">dataset</var>. If that command succeeds, all is well, but
+    otherwise the dataset can be manually rolled back to a passphrase with
+    <code class="Nm">zfs-fido2-clear-key</code> <var class="Ar">dataset</var>
+    (or, if that fails to work, <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=passphrase</code> <var class="Ar">dataset</var>),
+    and you are hereby asked to report a bug, please.</p>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code>
+    <var class="Ar">dataset</var> can be used to clear the properties and go
+    back to using a passphrase.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="b"><a class="permalink" href="#b"><code class="Fl">-b</code></a>
+    <var class="Ar">backup-file</var></dt>
+  <dd>Save a back-up of the key to <var class="Ar">backup-file</var>, which must
+      not exist beforehand. This back-up <i class="Em">must</i> be stored
+      securely, off-site. In case of a catastrophic event, the key can be loaded
+      by running
+    <div class="Bd Bd-indent"><code class="Li"><code class="Nm">zfs</code>
+      <code class="Cm">load-key</code> <var class="Ar">dataset</var>
+      <code class="Li">&lt;</code>
+      <var class="Ar">backup-file</var></code></div>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">March 4, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-clear-key.8 b/zfs-fido2-clear-key.8
new file mode 100644
index 0000000..f7ab9d5
--- /dev/null
+++ b/zfs-fido2-clear-key.8
@@ -0,0 +1,121 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd March  4, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CLEAR-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-clear-key
+.Nd rewrap ZFS dataset key in passsword and clear tzpfms FIDO2 metadata
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 :
+.Bl -enum -compact -offset 2n -width 2n
+.It
+performs the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=passphrase Ar dataset ,
+.It
+loads the primary and every backup credential, and for each success, if the device containing it supports the
+.Ql credMgmt  \" or credentialMgmtPreview
+feature and has a PIN set, tries to delete the credential from the device,
+.It
+removes the
+.Li xyz.nabijaczleweli:tzpfms.\& Ns Brq Li backend , key
+properties from
+.Ar dataset .
+.El
+.Pp
+For every removal failure and missing device or PIN an instruction for manual removal with
+.Xr fido2-token 1
+is issued.
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-clear-key.8.html b/zfs-fido2-clear-key.8.html
new file mode 100644
index 0000000..97e05e7
--- /dev/null
+++ b/zfs-fido2-clear-key.8.html
@@ -0,0 +1,151 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CLEAR-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code> &#x2014;
+    <span class="Nd">rewrap ZFS dataset key in passsword and clear tzpfms FIDO2
+    metadata</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-clear-key</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>:</p>
+<ol class="Bl-enum Bd-indent Bl-compact">
+  <li>performs the equivalent of <code class="Nm">zfs</code>
+      <code class="Cm">change-key</code> <code class="Fl">-o</code>
+      <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+      <code class="Li">keyformat=passphrase</code>
+      <var class="Ar">dataset</var>,</li>
+  <li>loads the primary and every backup credential, and for each success, if
+      the device containing it supports the
+      &#x2018;<code class="Li">credMgmt</code>&#x2019; feature and has a PIN
+      set, tries to delete the credential from the device,</li>
+  <li>removes the
+      <code class="Li">xyz.nabijaczleweli:tzpfms.</code>{<code class="Li">backend</code>,
+      <code class="Li">key</code>} properties from
+      <var class="Ar">dataset</var>.</li>
+</ol>
+<p class="Pp">For every removal failure and missing device or PIN an instruction
+    for manual removal with
+    <a class="Xr" href="https://manpages.debian.org/bookworm/fido2-token.1">fido2-token(1)</a>
+    is issued.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">March 4, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-load-key.8 b/zfs-fido2-load-key.8
new file mode 100644
index 0000000..247ca04
--- /dev/null
+++ b/zfs-fido2-load-key.8
@@ -0,0 +1,98 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-LOAD-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-load-key
+.Nd load FIDO2-encrypted ZFS dataset key
+.Sh SYNOPSIS
+.Nm
+.Op Fl n
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 ,
+asserts the preserved challenge, HMACking the salt with the on-device secret, and loads the resulting key into
+.Ar dataset .
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl n"
+.It Fl n
+Do a no-op/dry run, can be used even if the key is already loaded.
+Equivalent to
+.Nm zfs Cm load-key Ns 's
+.Fl n
+option.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-load-key.8.html b/zfs-fido2-load-key.8.html
new file mode 100644
index 0000000..ffc6446
--- /dev/null
+++ b/zfs-fido2-load-key.8.html
@@ -0,0 +1,117 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-LOAD-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-load-key</code> &#x2014;
+    <span class="Nd">load FIDO2-encrypted ZFS dataset key</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-load-key</code></td>
+    <td>[<code class="Fl">-n</code>] <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>,
+    asserts the preserved challenge, HMACking the salt with the on-device
+    secret, and loads the resulting key into <var class="Ar">dataset</var>.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+  <dd>Do a no-op/dry run, can be used even if the key is already loaded.
+      Equivalent to <code class="Nm">zfs</code>
+      <code class="Cm">load-key</code>'s <code class="Fl">-n</code> option.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>