From a7756fa21ec03df72a694ecc1ce3f434a867df69 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1=20autouploader?=
 <nabijaczleweli/autouploader@nabijaczleweli.xyz>
Date: Sun, 3 Mar 2024 19:46:07 +0000
Subject: [PATCH] Manpage update by job 1161213

---
 tzpfms.pdf                  | Bin 65713 -> 81305 bytes
 tzpfms.ps                   | 890 +++++++++++++++++++++++++-----------
 zfs-fido2-add-backup.8      | 125 +++++
 zfs-fido2-add-backup.8.html | 153 +++++++
 zfs-fido2-change-key.8      | 186 ++++++++
 zfs-fido2-change-key.8.html | 206 +++++++++
 zfs-fido2-clear-key.8       | 113 +++++
 zfs-fido2-clear-key.8.html  | 143 ++++++
 zfs-fido2-load-key.8        |  98 ++++
 zfs-fido2-load-key.8.html   | 117 +++++
 10 files changed, 1766 insertions(+), 265 deletions(-)
 create mode 100644 zfs-fido2-add-backup.8
 create mode 100644 zfs-fido2-add-backup.8.html
 create mode 100644 zfs-fido2-change-key.8
 create mode 100644 zfs-fido2-change-key.8.html
 create mode 100644 zfs-fido2-clear-key.8
 create mode 100644 zfs-fido2-clear-key.8.html
 create mode 100644 zfs-fido2-load-key.8
 create mode 100644 zfs-fido2-load-key.8.html

diff --git a/tzpfms.pdf b/tzpfms.pdf
index 53eef3e6ff5dc9322428aa49680d9ae3b7c1aa55..56fc17680c7c5c66d5a3c769cfc3c5d70b72bfd2 100644
GIT binary patch
delta 59297
zcmZUaQ+S};vbE!mt&VNm?AYnpNyoO6FSgOKla6iM?%1~N<X`8UfA5=hHRn@T^Qz`M
zMvbcVhe&&asDT3ok~P;H*ThjPJ5Fi;=#;XwkVi2Ewm+GeL^dUB)TtSFG{!gS5OJZS
z_=5ySlD)cYDSsw^3}0mTZi~~nj+Hvf8kl;vDdY%jJZEVnp}>8y0mB)jk?Z&$z61N!
zg)g+5aZ7gviB^O_YIV%~c+_*|bDmsa+ytk@P_>=e;o2QgAG^-S&&#T>aM+EXhUqfG
zCje`Gx{Aq=!5AAg$N4<b_if^jJTla&e?N7-H4DJU;`@1Ux(IDcY1~9hTig4ThM_oh
zZW<d&6?ysN1~te2bXU(+$ObcH67E3EElkEESD{(-R8xll)x;$!L6A9vTi}5BD`cgz
zc2YUUE>i~xjjops?Tw!x|8p_A#Hi5jgEw~JniEMaz}0G6p*i;bVOAs2;iWG{)uJlF
zWNOm9l?_YDTi?zL@fb2}Pr-6YF#nP(He|!WBK--I6|TeVq+LMV2RE&lP~*4-mvp?m
zkt)m?S2F^}t<>bD=_YO<K!v-so-Oujw$b>zsuDF&HVPaHK4gLU=Mx8Jc(BD$PJQ~k
z+*rB_;I@KzKUS{wuRZ#Eodq7?ZnWBh*f|ep%bD3#O;;Zt5i%}he17&8mrJ8hN>w4s
z3Gq+QhF!`=E-ATEPI%Sg+77oAZ9*z|#02GlJu9P2f#dx#I9E(r<B>!HBYd5Iu=d6V
zOXvrBX0fY7BzJ|~LdFUjiJk&CK$Y`MSU<8iIw)O@7cK{P4h(?m4x)HON==LxsLvG=
z5H$3<LDR||kl;NfCOO`Fs$WxXLH8gD<d0Eu4Ww|w12bj}2rlb6KfL1on{A_7ss>PZ
zs42FqnD)DFRKnqXwJ6Cy2~1G`$cYn)bp8euTs4o*77K9;HtC2^ZZZ7f$W#-|dZ>7a
z`-D963LVwaxS*jc`U&30)w6vv&`n(6O`&f!eyrIfY()2Aa?Lvi3^ilA_(+7(D{-H{
zA^e){u`twht@67^)a9MWy*3RjE(<fdmsUxjW8_duzZ|J!=m|jC{%)_g?dj#GaAyv9
zfL#6_^8eA=p$+984p)n=nf#-)BijbNAM}9J-9Tt^j3I28LJO8@Tvja<0hS27b@<B@
zYLhL^%?bpONq(I<+o-nE7(~xH(ijb+9Sd7L3inqJwy={!gW{m9vM$6nXv%1?2Zgi?
zHKJ-@V@34nKFzAm(Fy9WazDL<5@ZAb6Fk%(!J;!rab&&^Uj_x^=GFDqt!@f~i9TaB
z2I_T>=^J)|yu>!rYhHZ{v>${?oRW~vD>RIVM86OH&`s#>#KY{F9C}8PpShYSr5AEi
z&%&U{7G8gvvEoPpd8tfrQ&>`abSWN`()9)+L{+((%@0*FX6~#h*-OvEc1|n+xxQ8t
zbDrMk<fOQK+HR_PQ=wW;gRP;0d{Vogas1vD47z2DRBzmbXGZuJ<bG-gnQ`tJhib#!
zk4+h7WXMYJc5P#aTC17|S;tU3MVISslV<KPTr=RV5ZM8e`Ylz(3YFTfjkvLYF-vZc
z0i+D1{7wN4stB&efJ#l-_<jc%NtHpYh^+YWlaldG-u0uYOyHtxhE9vDTkIx9g)f55
zL)B-cii6w+6%leqBl=md{ge2#mi26*jwBqj6eLyUrKBWdy_OnoEni98f*n)ZGey0i
zF}<2+lX-etJo01v4a@FKEPWt!M6BDJ6_aVcsq#0%39AH^I1`f2<XtvUEB_~Y!?AdC
zciMJUdAnYHW6Rik&zAK{+ZVhhdirY!HZMV}0R!?G6OT#gCvMf3qO>;C!%PHCLGg9S
z^|?~AsLz@mOT^D49hRR&2)Sg7b*KTGqqIbAHYz_f$ma?xYL?Gnk&;Ch{e#Df{FEZu
z-Fi0;V#KrPe<Fh#S8*)>kgtAt7gGoa+WK(oJc003wWsuA-?2u)rey0-4$@|%45u3z
z^Sea71ERB@3yswnrEk0tYJan!-O46X+biGEU~-f=njroeL4~Btlyo0BCPNGOExG|F
z!2hK(mO#ZKc21{)`&c?+P9lqG(M5G~Y#SOhI4;`Om;akZLH*7V$oeHlFQb$T-@lt4
zcw|z7Q%gCBtpnD-I`2vtk$vQ*ecRNOk#Wqa*x>;Rmh}z_*OZGM-|qAsDe=u;ho^7_
z3VQ+pgNdaS$#8`kuPh;w4Hon2o2_Dqvnt*Xqcy5>lB$Da#R*fGbvSfOb6na5-4h;^
zAT7xC+)umvs3AHhfX@VH+gdvebysqD^1B<JSPM_+pOl=b>RHSgE5o&4oTD&^Z|)w<
zotbE9R}6T6ch|T&1q6LQgt7Jz`x#D^n!#`0m&%*5>ZjF<>sJ=u&gNF`@7_*A%TFGV
zM>=S&azhtZs&6doJa!Chx0`U5995#DPSFP*Fmr2lv1U4`fQ?4TWO9d=zAh*~<y;<6
z`~5UjeT;W(44H(bg{G=~TB(pPb+zkLap9#9>ql*7`>s`)g`SYjoR2{(7Rub;w&uCZ
zp_LJRi*WR#MAW_Sx}>rq)oFEpt_D1h!=nSWA~RJ@O8l<SJ48RdZQU|xIVp&KfhLP(
z#fOsNY=Dym1JkQbyT<XxlzS{oOi^-5iF+Xj>F<mL5A!obZS+972ol3?Nrreh#EwNq
z!#4w5l6?0KxZPUJB-jqj2fWhpBcL6Wx}Hz~gKggy{!*(@ThdB}FWeG_)Bw`nat-;M
z!$UWry7cd}aswDgLK&H)cdl0+S5ky1*D0k8Va(bSFnRuvUN;<PPdejDPF*LpXmU^h
z)4e^Y)`kM9cCE667*(x}pHWs<7Z~w(RFu$jVKxp5K0E?O0LI34eF3*d$LLEn@d{tI
zbwDceFX0MwEP^PGdN7mvGKE?y_jhDEr6+3$^Ep`ZG*1|JY^I_i*$rJTX%Ym%1zCQA
zry-<cpxSpB2@(9OJX_f0f@_@19`Pz^CieaNU2!;`c3!w=OuQJb`Nq5*3C1xgLc+@e
zq$Xv44@JdrKc3<`Y}&?dk4g_R_KHC7`S)`V?CC{=x0+tgp~wo{D*i4Z^ASzR_hS2`
z@ZNy{Q5dTuuh_LNnGajGRng+iJ${PqO)(r3;OQ6d_W_#Y<ui#RP2Pg`aF#?|r35LN
z#8Z<kE-JMS&g=^ug=6rJnyk99F3u_9lO*s1v2qs`gt}9|4O0+DY`ZPo8m6rjWFEr8
z4;CzwMcEjBZ&D~F7%O@kodrVTml&*uCvOo@ciO~`pbh1}QOHDm3X+JaPz9DaQ1e%>
zfaTCfJko<RT$E~f^d71rm6UVJ0eKi53Ao<kGUvEqvbi{Wr!`YNaUa7sI$b8`cKSKE
zv9^V}Ab7an!)(ckoYE>Uj*3e`JATrr(EUN05ygJ3IL`<}CJccM&@N>cx1!<1b4Xz=
z6Rhl)%A7sU!Yl0~aFW<OI4h1Jd(#XRK-Rh9oCMqE05d`E;hC<k<YxS&XgQ{Blm$nv
z61@Y|L7}4S+DD{_KwI>BGTAke59p-znhS3HsnWQ^Zv!t_@^(2iwzIpH`v=A=ar{tT
zdm2AfY-pMv6mG$XMmHEij3sG<LE5k?5BSFe?Yz#&=%xM)C}N<@iY_(^y^tS>z_Dz!
zS>9svUEXDzGTd(=pITRKGkdCTN9UsNg)!CEUsy4BxiV2Sr8cunD?L%T1;Z|2ChZl?
z+R&BhbWxT_&GsFS69%QpgZz|W(aygFZ=BtiBma1g%}X1TW9CzQKOS)Q5i-Uuk;#Q0
z<~{ySAJ;w@ViDAAg$uX-%`2Mz5J<LU-v8mj6ydb(mlw9hc{2o}q_?<DaKd&{-O0tm
z<kDl#W6erztibVim~>nTrm<%17d5DgCX|4#`a+Ypi(?($_p6<hTsv&LLT)AtDYplb
za3`FjjKsst#LoLh9Zx1NGxa&nqhi95_m7i<>H47%1MG`STKI~e>SIz@Ye161%k~)v
z)9oJ5k{@Y#TU-)rn^9N+<(b!I7@}w?%;2|t!X*op4je!!;O#}1{_84i^MM*UqWodS
zo&N2x?ZgxX<H=ZUVVsQd>-H6Quef9&|4D0o3p^MXxsgB4Clmt->&3COJD`!)<g47`
z(9`oli9H<gV(37w=IAKp3J7~|vGhs`&E9-YaVy}igeeF2-c)WLvPfoh(!xY*wx~I2
z<9W%;5F6tVw8sYzO`t4i9JSOu{MBSJoFxb!no4OYeUF59on#Mv&hHV9kbHGROwwAk
z<FJlv0=Csq;1(Cz&*;fjjB6lw>9y^(S=UU;rhMVXBO0IAU-Q%P3E(fN%x;k@zbUS=
zfHI1>X6ogG@^KpREGoSrsHLEAsvSm%YBo}u=aSgoVcrqCzNYGVT;xn$x8xCgrF?%8
zY=1TKGO;ywa&|N^w1NHSW@lsx%R$6M^gkyn3me;iYRugKzsSeOC~IPC=4?*H!bHTB
z=r2JA$R(}~p>$qVr;3)r|AB@Mv|GM0w5i^eD_k&5sU6pA{YL=l^pSw#fTZMCag!Hy
z=YORxv8MJ8SE;Be^GK5TrJY<ZRqH>!Pw9lRrhGaBNA0XB8#y1oLkHCrZ?s#rc9>?<
zwnndpwE{mGoiM%V<b5cmR*c**?T2H%o4B$8O+mr##vFa$r?L9(kI(nhYOKdCMqf`G
z@@lj5$N2^$PVINs!`8gL7lB31im8ee&9sfkSGbn}m=zMiJG9{=i`CAVjzS3r{_STb
zhgMI&=7f>NcGCmmwYu0#xvjOTy;;<0+rLxjYjCw-Q-*Kx>&K@ZTU0$Tb3X`g0tonk
z_MMKm`8|2OR)YFgN`3cc+jE!NGCtld<Actct+2VCZ2vdDSE<U^oQ^F9N9Fn~TDgR?
zI4SGoMom(!$3Lur<Lqbx_Q7XVSCME|-`@Hnm{@!(%6tW#U|UzRRAGPPuSQd?kxXmV
z8jYikr#e$;ho@ojRAo>sipEE-Fh+I*(H*JJ@|k@Y@rffowm_Swi;tHF@6Gqj_hsD`
zOB2TW_esO*P2VvEx5QvDN;y(>?FYjZ{>O)69!pDI>jsRy!GaR6y_C^n;_dCW*SD#w
z(=1SP@8PF>|IRJlbzd(hkIoivmjyAZ@83F`*TIc`eJ>Ro923AR-5aW1#WcJC^h!^4
zo9J<RkyB2D!9$Bdfzw>ixt_D^Day;p8c@TfkN!L%@5b?C=Xk!2+GShKMl5pL)sS$O
zYK6C^5@|Jc)p6JdRu%zm?nLlqJ!GD)GXN3qy(hdcmzUM1GTRGEXT-J&U&KD!pGJq^
z$6{a!@4(}Zz0swWo7YIOkX90~1U6%)iZH-wLth^}*G01h5+fwKM<#pT(c>^jgkOO<
zwlIWf(Pb1WF2Ot>bIt80!idLhBun&BnrJYB7@@qxWz{~abz+EXhpo7&IUU(%aU{9h
zK_e4Co`{aHW<m>6Mk0&w7neFY$Y1t~o7XnNd+ud|YZ)At1fgXkFD(~92s)+=Va(|F
z)nB*(X<6MT63>JuwQ<$7<phhdlUV1FTo{<~bGP!&4tQ0*KrY8H0Y6JZdtVk?|F+`M
zn!PW7T3D4M5YOB2;qJCQ4=0<B&+0i|oMZf##MOs@{f)R4ta{_B@m}aWsAhG}82?*D
z6=B5bjI{!fmr(m~{)Q~@mppo;@fG>ZZP0T;B~ho?>C`hlxqR~`y~%q^nB`c^czamp
z*|&Qjt59CsAa5_KJ>s=K1i2$!X8-(0#tJG)QwkJUj+E(=RHx(ux+8reTP=D8C|nA?
z^<*<iIizGS;!mVF*h+PcT7iJ$!z3?*7(5iig>(~gG#A~{_lGRN4^zA^cpq7A=T7y?
zt+g2u+D0#O3ki}VF}&_4NgkE9lHka?c(fELJ{66RYAI7vfLzb;YGL-3!ALEG7Lojs
z;#}XBW~VacARtV_3nLcXgB6Ei^cegD&J6)9K(cl~J1xIRQH(d5?7b7+WrS?bfe5Wf
zT+ckNF`u=ctfdU#zkqCS3AUpey%M9g)EtVxcOFY#_oJ*$B>O-KKn!X%sHPVoz-!{i
zIN)D1bMZ1t*^;YE0bhl>Q6Oa|O1UM7_?zc{mLSG24yNcwHfl|Y9RNYf16bCID)iXj
zs>E6Z{ro+=c{C%LZaF77M&_0-O=hnMK5$BVA)t_gcDo2X94usFKqw}IR~3K_lj4mN
zow9MR^?<`%<HiuVm=UYIwXKd$P==8pL6C=>X+<K$yVTO&av~t#?$OC(NJJiR2jSp5
z4DqgZF@m(qvhYoHxb5e~!Dn&l2`!d3OnOZiJXBcxsFeEV^_<<wmj|*4t=;%buF0m|
zsE0$d9t8oAZu4{#3wtb$z|Bd}Kljl!FRgUu>#N#%jYG(slDMZ26i_b>Wx;iqibbcH
zm)=1u$M>}6{G0zP>*6VBxt8m&<i-LSr{pdC_i%Nk5-Z9O1!0Tl$&@lhzi@KJ)(U2Y
zSP+*egb-6WWD5SHMk&fqW_XxgGI77Ig!Jo26!mr>1X{>%V^(ikZyHZrDMgIJ??*TV
zWj#Dz2n!kp(kmU4waLe_71|}Q?H1_>JI}p!`I|^VFy@>cA_Rm1xT0-ya-VN%07)2*
zWms1mJu=8OSAkCD*c3u16q4u5r-jSw!4JJVX#U9B1N~U&lDG4VldPYn<GamtKr@C!
zEqxbYy>+qFK9na3Gsp}6VZMBScH>J7HX}MaFSbTnhVYr=#D{9nhd5-0-GJXOs<<h)
zHfeB9e^*o$;A6BF((o{hvlA;IeuRk>jYn4}NY^a(sS)I;aK&XaHiM3!MX3ssMHMl`
zhc~By^X~S0kBgN+Og?pJk@22TO6N3DkNggx`V(W9dm?~w3XybanZZx#s(Ok3x8W&)
zBW|^A0{M*Kz>qu1H0O71xmOJ*xZEElv^eXhL~2VY%dv~>6)maog#kn2g<B1$TsHFr
zl1%tnMwNvo&;#@s_j&mj=37>lOm2n=eq-I~n~4xYTn%{9N}IUOA@4doSo?&5lY#@F
zNwvw-h&eEd5=+!$AMt3%3;}vw;sd!bNjy*!r;WqYn$=>4QhqdWhgx`K&MBYWEgNLF
zAekhV#>w(jA>Y%KrtNsRNfo9QESj8L%WK)LXq`XFOCwVM)8nqswysfV!2$x+xwZ0l
zv@*%n?7Y7nWHRNepk*UHjLeleZ1FIF5#U0tz9mYoT2k1!yp%62UZTp-UGSm$)s9mF
zaiaJFl>mkFv{hHCzRy(J;wvepU*C2sQG)2d>G8vU%19#@HBd@fP?mbfuWLTCGq}To
z$57s>&OASVEJAf&L=jM)<~k|#(|%OT#`hpi^d`SGicKjALIL+4R2<}3(c=O9PM81i
zSgRvHM+D6XjQ1&w;ioUDW_=6T;%vQZ;sn>NgmHr<P}<p)wBe2aG2`D>2k4+FRR_h%
ze$%hrv$BzEFTn(>G2J6OJPyj&u)8%JgJ1&RI)x3fYf@!c*jtj0l6O6z`r<nz)JABH
zTx7m<!h)-^a9;4$H5-;1l>!4o+gFtcm7uo8nicRb)8~bI%nj)^V1BnbM5y>Fqr=X5
z5K<-}CzM?wvJ17o+JnuE&z8-rzrOx(Tja^`n0YbWol6~6p<_$*KYICS{S_>~f~n@=
zTVi#ZonlU#sxclfbLzR6en_^V^T(<LZT_!&fP=Hd4=r*S1(ptV!#WFKXfNLaF~D=Q
z3`60*-4pN6s?O^};s<ROnf<yVPY(|e%V*y%>|*5YPlN5+DUcA%UlKAPLtnV^)?p>-
ztXDcZcRO$@s!0OZXw1e0&VkBL0-DdKP~fGkxg6@qb5j(aot=ZI1ZjdI&m&CAry4gp
zRD-*k`^40FLDY;gJ^~MXa%ir(G<3cHov}GD8bkAFTtm5I3+2Ny3V!yJpz1>oC7M5&
za8e~htjw?c#ktF#P9~9B)J^4k%x@WHpFUCmtDMW~d?Z)DHSey;6CZQEE6Z^WJ*UW#
zPr;{pGrUmkM!FdrK)KF!ttb1da9(A!?D8*FSX+E5XPn!e5$0b21A+w-@q!hykLd(A
zH#ZPjXMC}4*pYv04E7jb!z*bkm>QaX77s#+1K+a0)B+D7WED-iu+Px5bDE^qzrOe~
zLg0jk|4eDo<uoX(Ebu&|<ah>O=1yF0*(hgK8awK*Y*HLTyrZDm4D@n;nkhn|B+Cpb
zKsKUtyIL$yfFKE^Z>ovp2a+RzYD!2v1Vt7GKPCI0=H)q-uc|8FFke+qcy{w7V$KlK
zR45^BxZ&2tGg*Bgxe3iobWvk8uau}1#(al;HsmbDU?DL*zCtobR)TG}k~H^0W}DpG
zPI34U9=(41y?NC&gXLQF{mQ{fm$Mc|m3QCbxxvu9S=0_-xnm*yyJydKG3f1SyH6m;
zXI`do5Lh~js!Exl2hF1_Oq8Vt>&sCbZ^wiE_ebfLTzZd_%t7!dBm#oX8-&j;7$^<x
zP1II_3Ie5t<GLDKU$7(pjJxvWwg-*bH8b`Ur|w7xjubsZ3UlCH<BbRe%;Bkqvy~xZ
zJGItMjf^IsXYOaLb~*h^e9pk4P#*5M-%Yyl@fqfTUbFb-)nVd!HQ%~DK1C*zlK??0
z_6A%RH!UNv*XQaOb>(h&jv%>Cg?k~ns;V;)k)@D%BlpQ@kD)4bJ5jyh;~>WOJw>AM
zuGaayT6Jy*<92WXDTR{-eqAbhVM7SiwX@CB!=Vu{5F9xLH~Hl_%hTP;_jNcpc(HHJ
zv6{$s{zhtbbN6tU(%h|=v$d%Q08YMMH)l^+j8%-b6eV~n?&=scXBlYeFfbHI!}!h~
zwz&`<uDQJy({`4M960x;b>GI-oY!WfkE4;x5ibZ<{q(4%UsL`XM;A&FdZ1^}f;crV
zY*7Ie&T_+obFu_vG3BL@Wef<7hZOuGl+?3MyU)e)tVPo7fsp+(I&Jyu-+EY*-yXTB
zp1RNmw6N!PvvSp!sD;S9sOrM;OP*?5ry8^ABX3t4z*@wqU4LDg_6zJMGQ;Ei={jvz
z<unRWRtOC55qC#F^Qe7L6e^8?Pg?%w5Muy1H?Jr=xuozKK)IweKi8+H%J-K96wCC9
zTPx9+-079DM8HpO>y%FGGS<kqpU%`gX%lZSMB3z4FR$fe(p!Z1pF2Gq)}bQB&_;3F
zIn}BsRz)?k2Vr0w)OG*mT74Gd^T^w29pNq*T_C&IuMq~1jTxuvno8!93=zl-aqR-k
zHV9oEr~L4qmCI9nvq^4@W?m@;@Y7uL+N**q@3Bo3H9^_NrY<kRG)Ueel{<e#4=Y={
za35RWn2VPhmOS5anfYiE0SKe@322Zl8Dz~TQ8rto*(R>=p);Komaq#G(XFf*p-F||
z4?1*bqG~y*DN|{o%ezV<FW<Fwcy`5&93GM0Ul=37hkpJ`%l?l@{Xa3w!Ois_G0VdK
zZ!yb}2>c^ulhw5C);Q3I^d4x#jD*O0^2JU!i`k<yifmTtT$!y$nPyOJO5?>+lJ*L#
zy)I%miOE;$5}R;Q2g1Y%e2?1kPFZi6gtI?S1nQFy@`@f-NDj5<eT-?HS?Y(>Yd?*e
zYE}m!2GIvgV-wLQ)zpM)2w%*b8qWpw6*iXs@i<C=x6`GRt7(eMwNXM&SI52FlR(So
zu{58$5-g+BH$}7G+K-UsD+%LAhcJk<boK8LZ)9@qkf$PoxA)*+xM;BrNCv8?N=`K8
zoE0KleA-up`tdbqz2s6+Xdv6K@!UIRt5wVF-<v7j|2!93!!n?}3v*kg?jn?}M3Bz<
z4%2o4yDotPeeb;O9YSKG<cXTh=Hai*6b)y`hFw>Zf_B{pCY?X5sMXFwj?9VonXPfe
zuyI`TVuUXQqhD8j)to{@mhX(VHU&hB#MNjZx)m{)A!5JMJ5Tb8(7mM6ovE76_?tk6
zy}qX^pNWXPk&>|yuPHmQRcrXXh3UZ#5qV_-y_^npMRR?H9JE$}4c6I6y^z#@z-ifd
z?Wrl0(jTM1ZX(R`r+C5S3gmim8a@SVIbmw6+ufvs&`5bG9IS%`?J(%w8=*d&dQ~@C
z+5Xb9&_d-<=pj|@fZIDDleY_8$t>jJYGeIWtQ1)%&f<GADVV{;GfgMZFT$6y2-sr-
zj%Cnr2pyKw!~^BvmvPM?#tzA~7e&}jLZY@U!PSg}A_dwp9U+-5zOzjJjNMLp?Nq7U
zGTakCu`$5vq=Bx%^1z=H$INOeb3CGJA3W~RE$m-DGd|T>BOlpDM)D#H6WS`P*XN(-
zBtwp5y9^}Gh7AeN*_RFXG{&*uopAsKDy$jEAfTEdirQ=9utR6{)B*~qSY{@}gm5~>
z{lD8!E**&1{XuW60-bkt)>%tjz4-~xLHejmt-bzPqcrksJhWsIxrJ57Jr#=gB9(5X
zWA~Jc+&>luCP7!0t)g3jl9F&5u_&ewT)8)i$zMEd=?_iW*vpcRV$xl!Xy>8|kU?HH
z;8+S{8DuESZU9E%G*ASApaSk(bsc}SZrqdNV|gwMjVQ(V*|pKmG8bO%zBt$PEprzH
z4C7oj_!my|GQj8_&BCQ+wIuzbD#CVat23KR-$6fCA!J#v7uX<OeHM4QT%Z@wU&tw0
zYm^4}lG4%0Uf7pvB}5X1g7Yv31Z*KCNF!)ehvGCU;_A^J!@C&v#NZBXkFZ%}lt7HT
zAVH<b><ADOa7V>oBAOzl$f-+U7<DeTCKwf<Q6mcq$$)X?wy&M@ezFZ%X$yd`3dIsn
zUOz}mfGHwTXfduOf&Y;X7wtVpx&2PGwIXeddtr@+1aa43p5ExmOmHLtY?C5go)h{t
z(}E_d?1WBsOh8NxSgvQW`l9Q*OSrRi&W(?j-=$p5z*jvt&moFBmNXGQAoO-Mk^3+E
zHVmX9ikkHQ*u>1|#M81a{LU>w|HuB|Tu-2Dt$@NhXbgveP*HGAMYfCUG*$?>`DFMy
zGVgdQ_Crq@Jh{=k?e|Fp7BWY**=#sGsOP^n0h?|^X?;)1_eV_e7KAc>mK8wA!HxJf
zbG+cLz@5poiXw%u>K;rGq_RV_*6iqNdM4Zh$1q*oXD8NduAfwQIqUeSeRkum0j0G^
znui!38}$zdL;8&Z6YsbJ-J7y-2v{bCp@E%;Y7CbCm>A*>S2_nkzwGv#f7yJIQ-3is
z`L!tEO}Cd=am~Y)Tp;Gb>trT={_KKz^^GamV=h(=R}X8v|3`1+sQ;3z?pN*3t*{v3
zPdluBS8OQzL@0~r)HH%dG^p2z$ZiF>HA`O0doR{?{rC{(mUN!SxT6-bdr_iE-^nA#
zegorK=O8M0clRXO=QgyAbmhdf2i*5}IId=qqJKB^|G1OPY|I@0ZRr1YCs~>Puc2$$
z*!`2w5br)!r;7l~Lp+QacY~s`cP${Z{Uu>m%HJ?WtPxKe$u34iW+KMDUi{`dqJIK(
zr0Ftjo!>)pAcu}`_#CFCnVCNO|4%>zNC);d21wizk<ch|5)O0RB^cBaSLFPV)H1?7
z)8cz5g!gBdNXj<`>Ps$oj9oGT?CuVobVf$~j>gHW&53Ed3Bp6cZq`1xpLKkyjmvWC
z-SXDs1x<TB%;m;LIyaeH;kRizc?6n+Xq1JBk@<(gr?4q>ItDe&4XIl8;5aQ!9Z5&u
zvf~+bqu1nw!YC(f^M{b<9z}4#;OA}*_?M10_!&T=M566u;OcRQ(knTD0)M-e0plj`
zow+|OoEFN<rkOB$=})^sym+U<{%s8=v5?n_gzw$TqKT%gIpXl{s*$_Py@vB9YV|!O
z!Nma!<XZ)kWIOEDKjbbm=2H3S?Mu!y;y3r%G6up6!R>oWuOKIjUb@;<x@PTduFJ~E
zh}J+Y8{l~8#L|$nDSw~>LZ=FElT{>tzZ+9p+De<d_LwivhO}VRS1R;iP|P5YJseCg
z*<p>3AB6e5Or^SKlO3iHKZW|-H5GhsW-h6C6d|&7rVQk|_FU>pW$bQm)u~|E(ktf-
zl)%z9zpHfUDixC=_%p%!Bh6Oc!k6=7>GbXMp-b*#(ZvVkxY*DdXt9O6AMsiN*?f9`
z43l;ys3Y=iq>bWZP<YcK+fQ9wLop#JjM$<`x}6$nQq=dgB8r_06OX?L4H-!sqL547
zo6Q}UKiQkrRI7i~@!$`-j%IVohQ|^g)l16ASK;b_zAs>g=tKD&NI9(}+U+OCCksbY
zEJm=}^KZ8Pkrb>19CN^>jaVsL59OixbDo#9OOAdELJ4o?>qg^o=`~^dyZKyc9&_XT
z$=jmp1<_<IHgVQ4(!G%~XsaJ<Ym$o<gW-F^HU}eO`ArXZ!Jdev|IF?w&h^b^G<oiu
z(uE+#oDG$QwOIl$CXeW=jkI(vEtDsy?ZQ4k^dRVi(q_CC&@N%4>V^V6b=|<&WF(7*
zhk%=L5L>Lkc64^HP5_JzC>ftPVT3t{WqGVN0I^d}rH9C*=-_v5QI{8i6HuZWM^$+)
zo#hWNUnj=MQTA(-#6zinH^FwB<;BD}wr}IzWQQNAR%g}Q7<r{o4PJ%yUk6fU=@50L
zPE|97*B`Bc+6=lRt$*g?@P=YsQbKWa@JS>nsyctXqI7sL2SHGKE{N0hznnct;l2gZ
zU^Kc6KKXd`uAP;?JVd;c&8-xuVPPF{rW|3}9gaIJi_Rf?=+VLtou&+qmmj<hzBsnJ
z`#5!Fb_4uCed-qcMco=-ZOMVBbQq(&!8jB<t#cai>-ryHjA!tm>5~ywu?<*BfGklh
z+J=#GQr?Fs`ct+;9Ll4Hclwd{ySkA3Q+45*28sqY4^8Be6<;nTLt<sU;)}gL6<3+|
zmc3lBP(zM3AQ?YzUyK2y+qs^0EBH95U4#+3(J`m!=TbzjEw8vwlDR6pC@u1G+m3X7
zR0SkJjl}IC`2sCK<uF52$gExbVqK9Zrz1?bO`BEKwBPKm0;Y()3SE-?mn#n;xCa+Q
z$$lLDmA-_-|0a%t=!I|dG1Co7-ft?NGQt-l&aUUJ>y%3!XlGYbXi?xsu=I1jR5OmN
zfp`uol#|p2DZbX;SL`S?S*dbZ#R!e?o(ckt-xOiK<67vVP?1|upQ7y~2N=kJygKrA
zA*nYUdPfa**(Ovm5Fh0V6SbxW@MugtL>Is)%=93vQ^!KFKk}3F#%VQ~@+9%)P-#9C
zaay(qgh+$*jZ;_sh_PA6clFa5`gGd(-JoPS&SVjIkIMlov4PAWZCGX$l$MBv%r*wd
zub3hu)&@Nmw|c@PK^W1_B^T8~?kY6@^Q<EJVb;2n<~1e#3O}Z8!egjSD2&Fys~zas
z-sWx)0FkKo0$Ry!lzR(Cxx|bFjdy`+<f{r(-8ds6A?2oN$!`UDQa19zVx#wxN5((<
z0&aq|rz`f;8kAQ7yo<fdcDElEZx4884-xMSE(zAhkf@33vd$IbaNf32<+^-JdQ5N7
zbH<b$VTSZv`aXR%%=P`5=6v7`_bHO=WkaR60U`Sk)j~_~EYK;>?l{^(cMYTx$GIR~
zX+jqTE6zDW$ilqy;DM+-yT>MkAc|dSS(VzH3oMy7C9pvOR_S0e=wuI<i2&%0T4`cy
zJT`<|pZV+ik*db-LHV;Ipq_<9|NcAnpEuQxpOZp_N_1_Pyr&H_R(3|NOtx<6$!>G3
z6_eE6<B?_Zzeqau@PlwFkVRs+e?KVq{YVST^v^e%j5~!qA^iz|2wScSdxDdhS}!{#
zlT-o=bwFuN86+;RY(I$pN>&P}=IY5oANmk_!7G#gJ#nSUmPSkqAR1DQ&ynIy0!?M{
zORkPYO)y>eTjrvE`qNuAr}&dRfD=+aQ|$BQQc?OMK3Z4Xz&6@Lz-6DPKer(Xwt0>d
z-BI~QX<r$dfDG%Iz2C;ESoVbnZGr2jPAE&ss!bVD#S`NpmS7hS&+-!hRVZQ*04tn4
za!^Vpvy_t;8~AC$AFTKD@M9;&cyI$B6(ZPjCL^p4g0N&&Tp}>-`(yDDR#|wcUVfG!
zuM^>4?0N>Y+CP=xc!vGBZMqp4%Uyk+)0HDq@ahFuNwk6~aYQhZYTCU!+j|_rsCxL1
zUiLP@SJ7v&HoYC+8xs40m|+TYp_S;N%^KDxVQFi8ligp8+Fpq;Bnaq#we~R<^C_^7
z=kIg#5K>u)Y25=bOA@R?{jH0kq=K6KUkzfbV@jI_ePcCMMG%q@g0Kxt7$7<>VF?H3
zpzWe>Av!>~CDSNZJom+{JHMs>$$}CEMPDz&W*@K)!}H4HD2dPjI6%vo0`qOpJoWi=
zCKFKHxALb5{W)1OJ!m|6D&|^p9cnY!pC$;%t0DUzezvyjOmw&N0itTv)75|m2X<dx
zb^A13jY1m4hF14Y?Hjd;9}Qu1Fd}CicapNbIEDDLPtPkW2Z`abv&akR)o^H3%JlFY
z$}*Po!h1KV)KW9xM~k_Jwbyx$^fc*arMH=A;v@Mt|8@M$F8azN*yKuNeJjupce_zS
z_>oePPX|MaWNh{$ko&>3%f0-MNJ>+Gr0e79?JGuWT)99asXpQRUirbbG@5H@%O-4d
z%v_r!tXA^ROsX`j@6OuOU8h|nk}EL$OFh#t^^?WUi9()0RD-wz{E&M8G!pB>%g)vJ
z`Da*$e>}Ho`+Qh$Gwk@LqW-;#r%sstA<IN4o+0N{<(Ull0679{!I+jpH?j$pi%<db
zU<TX?S$tNUhk2`{C%4jBeXYXnQ3&w(UOQG@L(65-#d+iGJy44wnOX)UJhE}bX=oy+
z;%90Y1m;vpKFhB3cW~cNB*fw$p#OqN*8jKzEbQ#;|A9$X)_=JJtZe^<$vqC#A)kk8
zq6jcrLOQL&&8Io?_RXrbj%Oo%e-3T*D6wHn<5Ak#8_({|=6s;&>n5a-YIgN}0|O>*
z!22JL%=R!%jUDNS@VG7iXx)tFyXSi4B02pz|EX~`b70BV8F}!nd{WYmg6a>IyiaDK
zc_S{jV7GSL)uEjoQ0nEvtM|bXAtGzIMuQtn9K%Og8AE!sTlv<1UW_DvYZ&#rSo}I`
zT^bC@tE<|Lcd5cSw!@cPoeFW*lK&R%Jdw?YlWoayG!YIWij2VG;yKk_WySEoAHy6v
z90L8DQsmeW36?I>bzkyad&9#V0$+dy4#`sNe0WCWroCS&kV64=E6X5z1#J<l9Iyvn
z(-KsMki!|>K3X5qCN{|O6rMwORWX8!B=FbmQ?KK^s2DFuJI*ya<?OWqi!bpqKMH2i
z-alI_MY3czgp28Bp{diqx(n-<G>Cl=TBFU&+~kE3w>~0YprZE)`Z&vze`OA$S7-ZO
z=-;WFw_Y(&Kz?q7mHVR}FWVZ+*CO`iLL>}r>rQrC+wCEH3M&Emd~U??@WT4#(6&os
z(#~$`;{Fm@7A#+?4W&bTnnsiw@uv}(`ccMDJpn}I7vjfG#Oh$lkT1UOxDYC)CH%DY
z{c;847-&Rt6Rns#fj5X^X6E8HYeJ`5{2;af7T8GyVE4|q-U@2-Pv?i1gsF9=2#$FY
zSI5LqcSToo-?8ZRD+G027HCt|!>SzGVgVEd<zYiqCC!9av4uN54p|f4g%u*e7wf;7
zodOmFU)fw?kAb-Kt=nX>`Q+yQCLkr&J77~^KdQ()j>%<{Pgs6F7=bn@BJ#DIW+N)L
zbpLxakagsZfcxBbXcVB4Mywfz^R0&qT}1D;P%fkHrWd9=n)3b6NUs7_vno*(k1mZE
zd+w0tPIh8rLC`3cTG9<#gp_p(@zF(5UMpLl1tY%?ipV(;hq(5+@~!p3%x-(B<$&T4
z<TzZI*HDH_)|HrEvb%;X^Pq(Rahs~ieK5lSz!l+XgT2TKoqzQWCp4BCy=LIH2@Kif
zK<&*!El1IZiqd>i`o3p24^-n_XRr@@SaEUn#;g&0S7Wo0pa}Vd4F<k>+#7F*KpxtG
zL&QXtJZek}L9UPJ>4-<lUs>2lF@#<^@pcLm6wkrv?<!LUQZ`|+C}(7P{dpnwFe}Cu
zK-H^fOvhax8@k>=bYT%tATT)H>5rbcDPuvj2<1+#INZfR4vMZw$ti?BS%a;mj^~<I
zhl>gV{f)j9{H3gRRoo1mhU})ly3BoM6nJ21^@i=JN%nNT+k2NkfgjOZx(g>saejC_
z^mMHk5iASxv%eo=ygbB8QLjJ9)mfhb`Yo_sMRqHE^*Y-1KHFL}7_hFc7=G95Z%tQW
z*0+NiwnIzF2Wj~*C@50nmZnJwdH?g3$j)T5Px@+$T5yIfC@+>}DVwYQ%4K7Dqhb_}
zYmkO{j$8O%hG+yJTgvE-ZQ+1wyCJA~KcFeD%0C`u<Y}9JRJV$O8R+4pm4uW6F_xP|
z-0YH6CaR7-)z8Q!opBB|$w3ZAWmXA+uOe2m-V%6~r?(EsKUvN8#fag)N8s=uS%V15
zI>?qtZQK(x7K=W5;*XPVq-4;)I`NyEGe7pnfVP1pg+N(w9plCQW<E(59zroYt4!{I
zAp?a{{(W+7C88(%SRh3Gb$ay#Oq~YbpA_a<79_ME3=)KV3o9P+2Lpqs3c4zr*NuUi
zvQWpzxtHiwZAhK~<#ap_R~+DOC`L1i4iUlt`K8k+3&(J^{?c&hH7ng#B0OutNSpWM
zFNOMJYBpG*Fc7!KLQ7|!h9C)(J$}*ArO$jpMk{L0md-*HMo5GIH*Ki`kTu+o7)N{A
zZ7UI$U8FKwNP5z2EHvCAw~>Fyz*X~0L`_~3)S@A$Er)eG;a-sOfg%odTTQ7kf8iDE
zowXYJZ`0WxgpIX_{B+2%)(~MIg2S9DFC7akDtOT4_FQ#O4ydGLdyqNBb;5-K)NIa8
zz&Q5zgbK_h^NhRng|o^B05P}c&^CsT|GwspIDLF#73>ajn=0Yu9OR7=yvwc2;$>&B
z%jsQQS=8FU@w(CjVw@#~z9Gqo@dW3ugIy@wrM@X9FYWiZUx+(CR2naA15!llQjB_A
zQ2K+T1j9HKE*g3?g{|%;fpED`+SQ_lZZfG;vOk(FKg)BEok5Zd0Hg5%P1R1nH8}&z
zxJ@@**u!9rrLp&l^ZE!*lQ;WlBX-(>YiD+ZHI(%}%x~dlx3AQ85U;t?9scdG{4YPQ
z-^u>?%Ve~z0SQL4v0oO|!G>nxGw#SrzfSwzNhrHB`G2dD-m)ue+9CE(QcI$WP+L{h
zNcSbP#J`$F(0GL?1B_IJsz#vBk@D0kmiwX|RP*D=q#M1tA7mQ?>tj-grPyc+Rv0Df
zGQEGN9H3)C)6*S!RT(itX@rsY{sb^93o;dg*BOJ*dX-qt#^^6XhzJjfSb>~SMjseG
zn)*5ft6eeL`f4;uC&KFqEZ!;QX!-B1?MjJiI}p_m+XScg1HMS+Glz<_Gb=B-8Dq@V
zUL1UDg|#6%sq2r*s>XX@uuE~{qP?d}{V3yst&QqI0Ft?3g^-oD^%mlE!k33_lb68*
znpTA9Z}mxi0pQAe8b^~S<^2Rk5+wHA^cwM_Taiy+U32Kn|6{~gYGV?!*|QGbo)aX^
zxcZQDD^I2o_#b!ea2N1t=Hoo+JNZ%79G8m=TWhDMP@F$Tvp)ZeJ9*5FdNbl=OZqYH
zYiKbC?gLe>uZR1VB*#|ZD5Ih@<m0a_evFIa#ZvVPfS!wnfbHKtT)nS?DRG|}KhJt!
zL$Fu+O#!PQaK`zTwXN59H^)J4;|!2$nP^iI5by@j$mvl*xii{dN3iGjYVb8at;`$B
zTRs>;(6NPj!rvKx6=U1n$8ow!9fu;b9pM8dNbm&lY-vQWftYmUj^Z)+`Bmwa;$K14
zUm(9_)foScLu~(_d{|i6nEs1Hod3Zgxc^4~Sh@a}hbA@tclpWZNL{u_*~DB1+Ysuh
zgPNoH{6_+Qymm6(MJO>7I?A31crJF?Bb?4B#@8=TC~O0e1TD>#%8lDV8?ZT_wzvBe
z0&fvaiV;*`wY$LDD6f6A7$&|u|FN1%RB(zCtGVmhuq&O75pDnHekcc`2-`HpHPTZ3
ztT!jX{Q2^f#tpdH=yj$|ZsGR6v9hhHvrkVQb}N(|7+J2_`w}QbS^ci()$58=sEItB
z9YCy+>#Om}Yr~ACyYcJk?ID>Aj58Q7_=`K<OegkDV32#RPX({D1ws3m!UY`9514x_
z49pnc^amg56B5pd_=eRS)F46K+hwL?j7kIOyKAVLc8*T4m0BYF14mo_`Z&LGI6JZQ
zKP;u5O%j%<OxerbqfbL8Y04FctSEdfk)4-e5PI4}!7ZE~*CyB8>N)FCWW!`6TBLUa
z(&=I*$s_+6X-ux^l2czWF^GrY;e})u!QMPP%wqTcynFA@k5sG|ro&TI=)7yh^Rfd7
z->vY#ANk@>A2rqmnijZK3sUV)ACz>O9_U+^@9gOnc2G+>JO~Jb4<WX|Y~J|HPr`o@
z8fz<}ZqGFH=F^G$FE2OI%k1coQ&+b^T}FE@LPzpcWo}@daO~|8qa2H4+@h03)&36a
z`pFL}O8Q=Ya(-};;daMqXBQ&mImQS?(H;-ME?C8=iKSzjp_}7z4J?zt;IAePhNQUk
z(W>l+9VxYL&BMIc(?zts?wt3(Q=){H@7A=zA5<Vfe0mjOJO@Mdt9F8IN-Th0kQnBo
zt~$R^K`F)Os&c~d`VuV&bBkOd#9Un~BJ;tm`AT3Y3i8xhz*Lt-h^_hPy5|CJ*%!1k
zm6=McTJ`TS8H6vs1H`)x)g0+n=hSTTgL!-L1PHy|i1ev!@Og!{DGLRuk_vm6XfJzg
zRF)@3H1VB+yx;7P+ll#b!)DUiV`W0*UxROS!Pa5?`KoHi$XUsROGhle)r@dU)1YI#
zq_o?N?kTY`*+9DnGU)l~FH``VYL;BBqEoa`Y3NXOnKn;hCwHSijj{@@({2qJazTUz
zyN3=?+KkF?EUcXtjfgI+5jt#-H=hLh87$g{1%!;euuX$tnP?U}_B|@s1mLHaohJPe
zQZeeq<v=U1UWC11!E%ij{2It;2hfh|Q0XI0LCjOZu(apx5I$>x9&SLJqPzZ>_<%Q?
zLXd4ERLraqwXz5~(;3mQo{OpkL0c%7`MKdkwCr`${<c0LkmLsTmi#%LTosbUMSu>s
zLRC$Fz5{zDsMx0+orJu-FkvMa@|#L?$~4HEe0_H3sA}5$rcz!4uu9=aIm$vnS#c;y
zMP3eyRc_^up>m6NK?I!8+=&>ih*McoZxX^}Tk2BBHNg%kNq%v7>dvl4DNl{{b37Ta
z->s$h;Vedwa&^;cE>bJmA(kC`bcW^ryhYJkcHHRqbZbM<Jp0qel(diRMe;&V1X&Or
zYk7z{bhJN_Cx94cS79k9;(g9lWkgkYQ(%cj{cU^hr$DbBE-kQCU{VbMdcF#anc`^5
zgGu-McR{K}FK#y9cZ}~7?Kat%bcZ+Gmc@zxBo;?O2Z{5fu^-!a`Ys+na$M;^|AMim
z;$@ZBjl|*oT#L?BfMA;@rukNF2q7w})n#+uG9ipb1vz+u>A9EPtZ9#<>8Gb&CseaB
zqzv{>K<E!!a<c>sw?he6Ee>)-D@}b%a~Vwd5sD~=vko3Bu6b;GKBHt2mT$w&Mfn=(
zOz+-xF%2WRQJ2z>xG>U%-v;KUP6g8zK(b&}TX6nEzbdj$_V)?F#hA!D#j8A9W*g;w
zq->(&%AR^$kfI+df0u~IY;$v5x@CXCexw0Npt5O2Okp>0gGsi9;f6y{Fm2u{!K^Qg
zwPti(dPDloHfp-ofSE)?gGe!G!Vtn*z`(L#Sd=b-MYK>|Kt6n5+63N}e74n_HJtKR
z#Im)n+R)@|IO4417$^>9rj#bM9v4s%#yy~QTY>GG4{5h%`M#aY?>;@NWhb`QJlw?H
zpaoMJG*}7j;;O+4fAr0@pu(6)9(#`|P5vgLinG8hFe2AQLyfS-OCUw{a-JenGZ0?9
z&ReZ1sqD@^<5(6j+0#zRM%eoeo|ETl4?|DJXrw2`gsF)rOQnWy!9$bvD3Rl-Imco8
z1&yvIDx6N+XgYM~T+3xNera0=SFq<Z!5x-xqV*fNfi;Jxw?G+AtWaI^<uunl*WSo&
z6c-9zKQAb@A4NJL+BlDQj$8|uy=ys}LLpRAux17?vcy`<lRrq8e^7tHgAimqox_Jo
zSMZwkl;%auSaEHP5In*0&Oc@$7DJSF%N5N!rbdi0t0xR7!Gp=`9)i*pj}bkYe_@jR
z#>N2P&AYr^oqCeMmqr($*o86)%)f8uRM-~Le+53^leKMaXJ|v{IB#?n24ZBJQ)IAz
z#trL%M9oB`e*$8>QOSIyi=XXa&Yrn|WX7kb$H%2*SxCg1o8Q>b)34JLtoc3t<px^i
z;zQrN-rK`l&j{ZR@0WV+PLGACt3?6}*G?d(xO?(2<qnvb8E>vGZl25VV8!j2O4yLy
zN>65IB_z5l>9&ilto2$X1H15G=ODYFV-v-)TK*CD{u_i7dPZ)0rN>WE4w>%;W8bTF
zgV4C>W4WF;o8UfqaPb5WW=_JXuuH%__D@OiwTO4K^xz1aAqW@ps3G2Tv;lXU7B5i6
zXAs@hZ+_Dnh;Se%5p=Y0)#{L9P4~bsOLC=zH*mG`mG%5J96jTWNahT&YxLp(-r#j(
zgABEKRWITGhV{ny0f+kF{`Sz@B1ibd?{2<7Ys^<#qfp~i#<68dft?W#=^21=aaa6|
zZN-D`B`n!?;X8ZD0Nq4$o;uHQWgrzGW_zBU#sp5?Watv@-n38dIEB(kg`5E4x@};I
zEERg<eGB*gg7(FV67p}>;rcJ@FtH^Da|+kr!q|hsv;D{X;b7uUG?EYoCbi_8)+7@;
z&(u|(|L#M97Qk+8tbH4mv-2vpu_7P(F)fLYhOC(|LjlSGlK#8eDdSrI<co{3ToE#t
z%%lAmBd)+Qg@0MaL<*z6=?y35b0*|{@t0R8FU<1Bs2!z_&)94CBCl%`kB3M6-*4q>
zXdg^wr3MxRubNY8?TJh`fD=L8!j19c(^AUj={x<`ir2&5N&A<UC!qOx;rUy4dgVZL
zZFIx?;Vc~5NI!^pQPW1=)Go5DC2^AT6j#u+{6Q-9g?Rez)Blm)2V({ckI@u#Nk1r_
z&>_#2zD%^%WcpI>%FCb8JUj)<13*_8NXzL(WR#s3zmgA)CecU*%!UTYeQs_8?mks}
zKiFU({@MBEyMAeUX#0o(ZWo`#Tqrw{ZVjEY<NryL6{>$Mc`hR&HmpION?PLcpsu0o
z&W^?S9LM%9q<<%DCAn^VIsiWtf7?ZOF#6C~>i1oQ?bIaKTw91<uW2*d=rp!35V+m0
zpu3;Lqm+M_rFVM)n%%CZ8MkzJs{9#;^;+pU8?PfKhuWzZ2@$<M?tfmkIATV;^C^J+
zdcXQ-`j_Xi03lHw8QpX%l|m`?wauvh_+DV+zHLT=Vw!Px)Wi+A>?~*V|8hSLHAGIe
z!<q^hb>_dMWU`MyxjSX-x{A%q36ILC&Q!fQFrOx1mWSvEpnvy{5eEs<G3x7faO-z^
zd{qsraj=^}|GBOwQ`OL1sKBWh`yi5gXaX_*lH53tuvw7~NU$>BzvJ6g_-@G&9kj=@
zw+w-+xCjYg>-tr|2x_KKoy8ouj-Pf`Xsk5Ks+}DgZY6{G{#?SReHh*@Guq>Yawm!S
zV1oXF@9R|tr0^a%<`!SQ3}?agc87@7M+Ue_@UN-Te3B;LQx*V)zMWz|wo6Qd0Ld)#
zjgkDs3fpDzCf$PD%(<>~YLJ)_p*`W%<?s=tTPngzOe>aDuELKPd@Z!WWutH>LCl*0
zl%J=#6;t`l3&%$GaN6x}`9BFBuLnTJmQ3bc;nZpX7hP4yN_cARCR&c3pEk=Dy)jP*
zubU1O)5=?!=1sf}h;>41hNhYy;`I9tUuJf?SC3-qo7P1fk`N{ED<l7ptaIwl1lqQ3
zl8S9tY}>YN+qS>hwr$%^#kOtRs9U?WyU%$z&+8A&ImYaLm9w|O$2ybfOyu=5B0aH0
z_+#a2g>s@lsYu{gfCl12$h3VjibAAzVx##l#VMkN6nv2^d;Dmugt>hh#KR)<rvkQn
zer@yI@8ce3-aP)et;*$~oES4lSuvZ`6~r@uGKFxmq-gy$CwF)B%Ee?*7V<!*{(Z{1
z#)G(DZ2={h6%u(U=N3}Na1)VzXGLwbcPf-~BlVtIkuBP<RqwOBUw>IcqfqzNfpI!0
z@4@38hn7XGVJ;Zq&!R_6Qr&ARIt(ybT;j?Q;zypiCz1mKKinHObLigK`~c2ke`phy
z98OT^TGT44=34hri3r6`B_|s){0&s)k9Z<s8(+k^Ai&2l)<D?>kGe$MdA)a6xNaeR
zuW#}sXQ(KAM_!J?`B!Wp1Ogp|XqEC)l2m3Hqn{;i3CdYpJ8pE}gECo`g$9t1RZRKv
z+1TmK0`8I?PE^Hs@MBmW?bL|UP9{xL(dIs6Mq!`PwT_lel2w>h4hJghDAyqB0L31h
zP6L04g~xrh{#>2XSSI{SJXaY~ws@zC%k6wGp?#@z^%>U=1Xo+r=2#4ZG9VK5-M@=t
zk?yz5r`-3ia@+8*7r6Gq%K-q81y<8~uf^uKuW-Jw!o3E>gHj!r-0ukbco`!dE@&i>
zH1eR$PxJVt4IkOuL|wfv(L6#>^`mi63-zXfTrlEyk8bjIG<=GwXPqa}lW>LR*JHnd
z32n84pB|2h>y=N1eIz9VqG4kCJwMP;-&9%J&C8BDkcN-As&#0ytrftgZJ$B*uRRU?
zvfas2YSYR15-V?#kk}o9nnJ-ZUtLI_OA4&me7Kg=JUPe4>aX+tCVe#a<GSIGN3{c;
z<F?E<9}rBBamwXZCLjK7`WKY&$1|jB&%j8VCjjG-V#ARo3#$>y{fOGt{%U2B(dD+y
zB~IFPP{k=;g?tXMo-g2$T7XN>u>4N2aMny}Z&fEvF#X6#M7oofnq4GJ-#_pMufiA`
zYp_m;yNn6PY{<GhEe>Cdlm`EgywR&i<6H0{oz+Rk1u=W9yAkj>nokS58An`%p8D!0
zI+g+&cZaXXQ5k4xoWPw9HAiX*8J83ct<KV3wsJ~U+UCmeNd#axP;#|gog~#kP4rw2
zkG3N648{7v!iM0u%iCf}CxHiiw5TL;Znnl~uT;M;6Bv%<uGRIp1zAIF*+4%T4(-Z&
zp}$EU(dQC5COFJWqS%R-+V{K(WB!r_E(il!jD80{2xBfOcux(fB^AX?U;0urkrKi;
zpdA!L67|`aSR1g{q^jfP=y`F+;)>vDLv#B5NpO)MCS9PZ6s5mNXn8@NWNFGI`{=g*
z3>MsbV~U+bdXD~ll-?js%E9Xb?uTrGuKTICCCtBZlDCEZBIO{wFp(UFFV7iav4EZf
z!-N~F?fGtn)#H^@Y?(S@e*Zu-`N%Nyj&N`3_mN2tKm^QNdSsRu7N%Iw6jk)2B>+FU
z=RC{ah+C$I1Vw0Z$FC$<%dgU2$cQD<2lFkLxF3d!KcX%Ah=yH6HZtMy@zv;wq!*&F
zN0@*!kpxyyX4an<Vy@@hZ;=6sUMr6Mu%CJn#i9Yy%X5w=O(zcVXHw@g!UtE&%CPiv
z!I3!JumB`y#2_A4SR>8w=_)*@dH_~Dh<~)Ozsl2&Xv;DcBKjH<w(qR#fiIPIdvm2`
zje&Tj865~e<b%zLZOR42wxZp0C(ofDqC6|jgOY3b#5d^ze9KSoT9t%iOJ5zrCY(rZ
zA>5O*)KY>+hzwNoo7e$t%vvFidGgr7j?Gv;0f4cb5YFzzLo8dYbUED@7b4zV*reiL
z)!*JkN-%V$x*;mfhe({2$adN}y<q*V#~m=jcvoA2;$f~`2a_1IYn^g-H38-t_|>u8
zO#wO206Pc{v$H@^^4UunD@Qm>lm{`QI6Fojj`9haSoli1ugTVYhdEp7F5%+;fLgL7
z2cX3@iUuk($y9I9+nJ{RJ8hzBRU>3PzkJo29u@p#D`AWfm<3JnQ6UlTP|v+Qr<$YK
zqlcdvs&OM0IDTA{S`m=GFOq|Wig^{fhboRPoTa>8RbHV`Y+X`GHiK>53?X@qn)nlu
zIvZ{7QYN0~*AhZ3O;jB3)PMB^^FVMW4(QEz2J7r>w|B2d=_lh*A$!QMnV`p364p9b
z9Gm`S4UguSKfgSL2zs54g#x4~gz3U975J^!u_%|xkm0$5sR{+_a#E?5b4jp>_1PIw
zO2ekV6YGT2Aag}<(K~mD48q%EStUT_bRFT^vsqzxU9TtIA?Q;MAsAdCEck_H4^Sk5
z&oOH<=67lqa*ko31}J{bsk5D_0C^#YqMjM4IHsVC2j`WGhrN86G2Mzs(MN0NF3Shu
z-1{K&?vEtAD&d!Aef5N%TrW~E850_c?k(FW&KP5#5G(J^5h|DW+~61f_J$m2xpGTy
zPgbboxK`}JI3-}=77JZ)3#)dp0`Nr#;3*S%-E3Lq@{1Y~n|Iwv^<Gdds-G=pko^?!
zm7gS9!6z12@K14~HL?^Z0K>yV2_`E<Cpfhkc!SoY^k%W*QFaT?{Ui`L4_oUu@n9ve
z@YXyVB1mTjHRQ%(hea(x-CDsc3rjDz&Sf%4DsF~NmJQVPa^K@iKaKmC0NSf1mcfEG
zFA?;cV8di2BQOX1Xvj)Hj3)FHhI_<PsEFJkf5-kq79u}kc$@7AELeWUK~PX&6;OUP
z*QV?Eg84>Bfwp1j&txdH7~2(pqr8eY5cgNh=|!8dSoka5Y{YC)uf9f;&03`sp(QB0
z5^aa%6QhwVSQhP{-t#<E0E}CX(vCKysV~y(n=!Jn*r#d3Kz)tI;8IecE?<lBH@4TP
z`Oa>I7u_2Pw@2nYl^Ap^PKTnrh+5jUM&d`VYo3KbpwQDbp8oL)b+p_rR`x2Min^Ye
zT`z0rG#c0yi@+auIp}r2{ES?!7p=SZFNngVa8<;XX<hh{5KlRc0MCqm929d>hx60t
zM_g(ej=!JSr;`663l;vbEvp>_Lc+`)sD_KRzW)D+1=mzj+mx@_f5d_gS1erxaxIgS
z#P{F6woF1sHx7T|rQds+6?OR8W1>dw<3yAh@=W+|FwT$Ez}!0(o8u|a4u^KF^eYR*
z*JYri3~>&=VrPv+fPDV)?Z<n;I<xD(3D2=}apdu0n=p_JBkR6ilLi>sg711f?YK_v
zMm`)r^7?w;`kQLe=%Ui13b$m7RG&)O*aF<pb=^!2z8sn2BBafX<uke<3-}DhEt}=7
ztP8D@E>~Y)L0)-eID2frAR1waKJF_G*R^d4*0%s<ZC>?NKnPt4OtMYp>}j0^83GnZ
zjVndVI|D090=H9B(#d7U4uYl6F-<~}_>=O$)3*oo=hnMM@QuQZ1=F_1j}!0fy7h6a
z&r?)%ex6&St}J`5m6%jegKZUer0#tL?va{nf>IQ>)a`LsU+=udksqJcN7B#W=XY1z
zq&xMCdI`fkpl8jCo4d!u+3RKTVW9w@Ud(N{VR+W&`So$tp8l_+pO>fS&*AX-@dG|T
z9e_)pYl~2fif_)y#qFh^O$iMa*ttouB(B*$atPfVpC!7N(ZNpB0#C)}OsTFfwP9M#
z_v~fvuT{6&e4oqiGF4d!qpY$_^40Gfh7pmVbcY{uK-_rI6hi2@!Pf2oq0^FcJgKU#
zWcuH^SJ94}XhBd%8~P8zb7BT)$&VY3#3w=~+2Emrh-sE$^h)?o4fGk#{Bz|`l)&}L
ztVXZ%M0bO(0Y2AF@0ZUFEUz*|<yHn)SN<Yl_FVCsZ6#%EQ(`4n7n4T+tBfi7sviv0
z%DRhN0K<S*!UVwC^(a&kVs@<e-=2Oc%`Ra?nxYs2!=e7X7Z7fS(DgCbNS}}A)P=lM
z@~$ba&emAeYp}EdX6Ed^MRo1SS97eVuZUW0J;#G&tmf3t@OT%2J!d3ebKpQTT@36r
z^Rk_pi|@mRy-`A(c%cg=9BC%EdsL9V{oBn-`XmDPZ3ULmLTIoXmD<cjP-t)d&<*_l
zKs*<+hg&7uwL9We4}ANe?ER{x+Y(;%v0tRs0Hin5n}@i&jJXzFuU75{0`LQO5F^u=
zG_QmW%FMyRo^-1u2uRVeb>3t{&i$;^4;bH;DUXE&-t)ehB;_NO#c8W7nR>F?^&mh_
z#Z)Gd4piH!du8SSKnL0t;ZECGV{R2ScwOH%&(r;I7hw<;@onKhJdDo&zIw%4&MSNo
z_YtvgZ8}!X=UdyEo-&LC2@M<@Fbr-T%{V*^=d$q5)a>io2CQv9lYTGvzWqGQ->SXD
zRROj&_NQ@e@vJFhAFs=>i1Ex~f4Q}ePjwz~?nYgd_yzJd$C%57|Hc-*4){>wCAt6(
zi6SgG2{<%LW4cZ`g`1sI_pSPzq`qijTw{TCfCRD`UB&wmn~vZc>-Qkoc<V%d(N+B2
zkxV4$Ie%2n15oKkKTDqYb)Xq~B$&^_9=1Rv&YgfZQ7l_uM{G1Tp!)|kOC<;W%r1Ot
zcz(@Nu>hRs4%<;hZMY$Mks!USG2A8v1nrkMAGkFbfoKUKnGT3egp(g?IYVBA46Z1h
zqGQ?L;I9H<Dk{C<Fh$XH6axnn8onFwwTq5-mE!l_5CF7gpbii4)#sY|FN0Ih{?(Nz
zovDm4C@9>^Cy)|oO)cU#@TzzOkFVQngx}5KhR9-uQ3ooq%Gj_p2d=i2tpXuZW0WCJ
zH%z&^{Du%qRK>sKUaL6X{p<{wqRKkNGAGiE9qfYF!^ayTFbprm71I<Yd}t4d<TpSs
z1daowRRBNsTW)8D;-dD-_+goR>EHpSbKc7HL1R+o0Hts)`>ZK-@&ipETl7TuY*b>0
zfXgu7?7T&-LL6zVssXLgKiRFv@7WVtZ2|CJo@gzSkwUm4cIKIl28lzdEYLRP13Oa~
z3hN}tpWWrA*u=VboxoI%5>XF1RWB1_+Xl=+jsTV?|8v}S$eg6|mHF%A&h)q9>1Mhp
z<Y<~Ecb?wSvmQ>=gSoho-yXIl3Za~&=?bf1A7-@Q501XP(6&gfH7^=GtC*eNR0Eep
z`ey<%pq08n)VpYCEU;`)ksoFSz%O3~)u^Anbp_NRLw!UcJLvJ)`O|5>%9i_zVgzlv
ze1QDz?i+YS8Wcx&3koot^j_ZZRtyXEGKb=})UTp$?v>M3!OCA{+=9sjlmOQxse<_9
zy+*M{{|z(IsV2!f(K&G8+lh8Lvc0XB1T4b%c8w)ghXncKIr2&buHubV;P9t^u?0uy
zGjNoODflJQIi?@;?zCpVg9$HLXZN3QJOKP)K5@gG2vk12?`|s_T3)7%(Nn_;luLzG
z>_34FS(P-d49{(J^=j(aX>DOTh9-ig>XB9y{t4`e;F(gCI_0iu;dL#aR=R$&TXt(}
zU(K$bo!#>p_pJUNJPnP4ZX`#Kcd(YqfrdapD+W$+WARA<8NnP}xY+DcFgAF_Iw1e?
ztiSpet%fQyrkpLwsNV!WCxC62%6br34xXuy%<`Fo5gqvoek3)*Lu2AWLW{KMl=PWv
zGD^_OaOKzNmY&sP#IG}!gXbaJbs1h6owp-RjCqAP`%Vj9pWy%;x8^VIdSqy!LJ7&q
z^t57k^wF5@TI`M3YyTJIzS9g<K0vICZ=nN$peSAEI=x5Az?nKemZHAJFir(8e<~I%
z5i=N7LUBq0YRNWM+6i4`$A-Vwfa1bGub@pBP%P3gSIP#YhDT%PTc$uuIUHI}tFRV0
zmF*koje)_<K%@u+<>be*lO~2N8ca*908-(cV@*$gNBrcAP*1W!A-bxq0{~kC-^{Ax
z3H&0+UukL%>7@I-h`vGdd4UJ%F^#ze_%cG^SD^60b5qjnceoL|ks3FND=BWd6`)j<
zstTO#h$M7>uKc_nLWfkXU$};R#ZMCoCDtgerhaXs7%zA~pLPXv-=&dbRxV}Q%k}=}
z8KOC4`h8SZy8JFX{e#T<7Lc*zUyndc-#>+OKM4|>4Nt%=t2r1g>@Hg(Zb-z{oB1s}
z?cdvnKcWqZ^K7e@EQNy+?@;atMlF<df3Zx$0bPeaP;dNW-st9{mtTB2#9!uq&VE}H
z%dNLv6l0UvT>kg=b9DuwTWxX;#}R-~6#`bB#WtEJc<-P|5>Za}1Nb(esCI49`s-5y
zFOc`P?JeFX)cyDTw^vc#N4lt=`P*UFbceJyrRULWd~Ho_jY$G(d+o^`a$y(--`KIf
zQ?E4t{Tl+NhL^u*tt+x-rwvBfIAW97srcwm!a%2HkSzmL4B8-KXj>>V5!1rtmq1_m
zUcS1hhqvUc1~~FbHb7Bk(>3>j220b0fmn`zWC}HGcqXR14C-8AmN%ToXdrKVOxYCo
zxwJ*IX6_OpD~}u|jXz=Nc{s%jf>x$&wa)99yX2Kp?bcB<lRYmc-am9q#mvYORArx~
z(zy%#TaCWHt-pp01>pO;N)^WB3>|k%?HVz>9|UycUJdx20kG-kZd*b6eJ4wJiR$4=
zWxEDX%JS4m*%V0r?Br|sM@F;DpEG$fMzH~Sqm!!F<N)1IeR77Ddc5YnPRREYD9a;b
zi*{~AhU8CuknWR^>8UXs^ZqbMsMwnA<F=fsA}sErr@H~o`^8@@twdK}L`5;1lQnMw
zi7V2bEww1PZsJW1`{7zEkLPfWc7bRHce}+o#p=d%ww{d{zks^GAUW%)GD*<-*r1G@
zEKErh`a%G8UHhX}G*P`%^*dVZ{)6yhK3&jq_f^T9>YiG25R!XzFj_~m<`oI8NaI_Z
z`LbTLck1uB9#m0ZTehsiyCB<y?$?Jc=h+^gI3Ah!GC=3<x#51n_Q7{xv%cahHE%vf
z*6;=00zTVj$hwSzh+;AWF1dxX#v5=bVD7|o{|oSNy|KNemz1}aR!2{NvxQFw@VoqD
zpJw4}mCQlIev7^Y!(a+KWz!hqJT2Xe@^I+}24RszrxA@MnP?~MT$9GrBd}+1h19gi
zEQ7Mab$pzFapqk6?6^9lqOGw_x-F`M{f8rzK?l9n&yEh9pAR(s58I%0PkkqGF}D;{
ztPmiMC~eMdXw>$w@<V{H-IB1~1%FsF&)^^Oc-Sl+Cvq)r{I<Igx}ujAoZc{|r_F<~
zk9dW0w@T;1F{ie_lDPUYLva|%E>ti&gKb$O3K|w6e^t=VO(I8;2MUqyrMPwNJmGa$
z*(SoKw!<Qeg9NsgA$~HT!X(^1r4R+Agb%p9E)e9xc_Vj0jO?;?V2K9mtQVIHv+KWJ
z9DK40KXmi`ew@zQd|viS1wxmr-#yV3)y*}%`6Z7Z=h~K~IahI#vdRrwZN>+sK#1Al
z>)PSx>F(Oq;pJ@XCYHzX@>Fx16IFwZ%u6e|2bp0n@7baKWBd5M<}2a2W^Rw`F9%po
z#_QdM_?Qw00|td0+z}xT#T7LAG~qC%l5auA@|s!p1J}$CxV4@*GIwiR<LYx~iJb%`
zhk`Q}Pu6rNhrtZ;!iQcm@q|Z}3x(!lACEJ>Vumr8TL?8!f$69zjv$j@Xvv0ifCOB~
zTG7XQ0H(;72Z_qjXGiY-c*`Km8~{jOx<Z7Kp;b3I1CYm{WWmM7#QkL`wjZ6yZQz6t
z9E_YF@+z58Gzbko%BNv)DJzq!x~cjqOkK;Dr>KGV4Sb&gM$@K>(Uz!BTi`+1Shc+s
z1z#6EM`X_^c42+PSGfvotxf3M$g_K8n39g=WP`xtEqlCBLBQ}WGu9U8kbn&_IG$h=
zP&N#2#xN+Ep#i)1p>txocj2GdGJKeOn#ixMIV5>w@_?QVezO-J8^$G`<)^P4>9`p|
z-yzYl_}cSpvD%t%0K5}q+TG_+!$~^QKJ;6a(?3G8*eCUO+C0#ucl7hkqoftE!;l4y
zzY#oHhRRC$vy2CKC(JWf4Z!Y@bsEzmgkwS=?GfaO2t}6aQHvR4wuCVd<Sr~czsldw
zS~{ow618238ld{q$vu(!m$sfa0oV|Gjkz2tMB=)XP)^D#nT<E-V`4r82_V>0m}{Jm
zv{YQic_MW-Cv~?@pgPdvnt;x%f>MLc8>G51#Uc8=!-TUBX_^~Z3J|paU2BFejL_6R
zt9<FK&w7#VnL8TYDsCgy^{46M)9t;!82de)lf0-mG#D1VrWYw(ZG~tI60+spEcznh
zOoJlYk0o#)<qD2g0?R{pHwYg8ttpmlqU3hqg}^b_Nizk4HeX))LYRTiv3=@Yn9wGv
zsV#<B1{@(v->$Dm5Ae6=_ed#+m~dE-4oizffu)dKGqhkK8~v(8k;+35!?J*o0WQ`X
zgp!bqI#6o9EPDb;@>*l+vLo%0S1R1erP%xNmz(D_#~)=Od|K$@BTF+Ha7u%vQn!?d
zGPI?9^F-_!FE0byJUAz;eUIWIZ^apF+)@#k#f!Jk7vbB#&4AsEzqXftHk9w=1}5d6
zs9a@MQ)4r7nRwgxDu;m*hV)nG$4h03QF3CLF1P(l!Ieq^d1AJ8r;THV)q(P|+>_ZY
zfuyNkYR^O`K6_!Ei00+%FcR^onshP6+2;=@6WOAa^z%VypyDPTY{TtSK^$UJjZ|QT
zQ6BRuc_`&{Rsdmv6*RF?Zd$0@{@<1RszL2S-X#|&J}p+2MKWMp#!zR%x}P(0drIZ1
z?)jRO4D*od=^U~ebp`A1B$$v0AX0mj&U>Dg6Q}CTj``hFe;zKuTp$)lB#Xm-{0cw&
z(+ojw!-Ivs5zdW45xhGkQg{ZHX{8MVIjJP3;SVYs{+%w{>4VPLk%n}{lEqdTJ8CD<
zJwwI@83tmBbKKG#3IfikE;lFB)G_MjPv|k&`K!5wru7tuP~lHuS@JIr4THfCb0Kg&
zcY-!>FFO;VZR3zN$O<lHPjXwqo|>MLFdJNXo>5h6Nbg~R!f=Hz<>SE8P9IyL?6)jD
z2!E_sk^nUr66e=H%U?9_2OX0`ztZ9?YGO6@SpPo0d!Ks4S0tQ;c=+fbBka&kcXRwm
zpvteRrb2N(@?#m?(An>9wIImhyFYGO1h;p-!}nOI3wun3t=z@!)|Aod*6d2Ig}L0W
zH7cp9?TgU`^*_;ct5?;9-Y-1W^t(T0cU*vnX##GYdNX5-wp;lzJd3dF;m8W=jVyZh
zs|}UwFka_BhlUbHKiraU9-*cMhSq|OYYaaq=Nl6wJ)9A)H(Bh33etn*fg2R*f9dz_
z7V-y%D`vM6Vexz#^KQN{t@a!nW)JjAXLJQ2E)u|`(z&QaW;{w2AKU@iJj@~nOQwC~
zAR&FGa}~FEcW8d0`Tf8!-IZ7;Wm;hqGIBEg54phl-%k5~C4H=%|DRmgwA&m(ANE{U
zhYbWNfOclVfTus7bi{6P#Np;k)oPB33M3OpHjY%0oQQnz+JS$d{vK^I4^2b5CZI(o
z2;fNb)%3n@IhFs<y8UhWSGE-;a3zVKT;*@%1|X5vt0Q~L4&-^riIp*m5*iblD0T>v
zwhiU9?H2v!;Un<}aM0_?t=pUThV%kftzC*D$cTnZi-2<amGXJ`wW>|tol`j6V0WZe
zQ=(&l<kYm$5gp}0TXlK?GXz4L1cks@rnp2`PQOfE$fppXDN+8u7vey=`1)s<Z)Sdt
z?1J&?y_$EVQPkH3%IsonU3Q7<!YkMa9qPzQ|F)eApYDYLaHzPJ!K03E#-7}&jWrw~
zkLg6Y2*X!v)wXVX4#7@;xYUy-KFLkpoV>?oG4uDKtcPSnkOPcz^^U%lCh?-(+NAPJ
z)N<=ji_M(xB?{UJXsD-oO-FWg_VFI_^MDb4nAiHjKaK8cRMhYo>rI|V%fv!rhht`^
zyQ5RzZpLyCKsfptz6a;`(LTk$W_qbF@_y!J==Pdz#}AR?DA=X9`6iRKhn}T4oq01u
z{c*UB9b<Jes!hG@74}A;n&{VpDlzp_J~L=M_5w|njq6n8^BB>MAsyakQ6L~wZ+6IU
zEzd0+4*W~PJlv=NaZyMIe!MIlcJ0>LcPw+7BA-YFu+Daw8P~Pkir0aywc6*b(p!o|
z67XI?9Od%y`2ay3u8@Ru4acN`lLJ9I<E<g|R1UvOIO*I>Zv}<6W^)7?(HqCP|4ml6
zO%g|er}NS<dR7z^g<5ejKYFiVaO3TJ^AuPus5zfp^u&O_Na#=Qe~z-)5%Ik5XW{mA
z2W+JPKy~mhryVHrg?k&bda9_zX|9^6nHj6BZtjc9!k?$Bz1%Jh%$kX>92pWrFORqd
z<|)r+0;V*b;zVt%WM995HKkTbhVycZ_q^G`D4796z$(s<0{Inveuq9gSA%lui38Dd
zLIR6#sygxE_7THWc6J?zJ)K!iLqIE^nWn-7uuBezOB(SB_}&ZV)4E}L-giysnk=1C
zPCuBL;4nmnp7f&WafXh7hxRPk8;r0v1zCyGMGxSfA|s^Sbcu|`^udKA<wUe@jEHKv
zDqki;UZ`cY6%Qd6tFSqs39Bw?l&iEU0|^?XLH1|NHJ#F)#*c$!?C<4|KS&?TM|0Q#
zfQK7{Pn9@5Re};nF3`F+HFFhO>1P*^(9PwDsYf1#_x{2K%ERKvdlC=$<*LRMk<Y0?
zNzqsV2?<Z>sx}=D(vM4CSQR*mMV9ViXkKDb6I?kZcT;E}j<^t8Ql0qBurJ8s#tb1-
zBCgxYw0s}3LF9Kj{x$2n@~k%xY$|aB7;^9nKHn=&nk*FbEm#Z)vpiY^#wry8u~-&d
zI~}#_cc{Z`*`tG;dEB^2{Qf<cFHFa`+1%Z`nIbP7DU5&OW}K=2?c-Ra<_I0KHIKR+
zuY}~|?aJAwRhZ|B?av-MIcrZhqu-lBFZR3-9Y{=AxU+w3zq+eS_tVa&PgAQ8*v+Ot
z0d(i~b>!|w8&HMvN$@zoP7)`NN~v?F<G8U`frUmL`0iwD+9(yZCzeHH{<5Y<1Y#~~
zoZC`jzcbb;Dc@r6@-0d;3Hi|9?q9I2DH;huNWUHQY{2ds7ltnu`dg5NDnb+?f?<k;
zCC(%(w2@dyLy}&151b$CBkP<Ga1O~wpY|kC%3QXDSBr7H0*gin%VMbXgLH*sjm2y9
zI0_4Q5a@w#ZtAK|k1>?}sC<a&tYJT^Gg*rIHAf&ArmKwI$>}j~ndEaS;8m&;L66RX
zph=Ywoir^eJqE3C;%LROPVfw8vi;f|uJ32txyKPh=2@<DPGWD;%dFc77zcueyVC^*
zOd3I3r6Qhij@ovF;bltycANI{PpGayQgK%s2PYA<l`+`xzj1QywynL|evcp1U1ai6
z1|Fz#Q<GS9;N9hHzl&PBW}}lCCA5;62ZdxE?UcZI;WBE*#iZ+3q@UYRsI1kJT}}&U
zHt*RDJnjV7Yc{g-r(W~`oX>xt{oZf9tX)lU83?f5Du<?$0*bj;rsf0n)emE*o+8@A
z>{rukwORQ95jf(7oj!8q5T?$mA)Z8n00F-ba}eH=d5*1$0e%H)^nP47pUMkLSU8KZ
zL#8~a5vc)B=ulz25CEw}wq?>BR&8t$0sF=B`tjF;J)IX8MagspK$a;E9yIq927E>R
z(>!pSZBEN4(VsKK3>IVdt30F+T>MV+xRDj^395nQYX;tup<D(grv!S8Fz9aQ*wK-{
zHA$#;Fkra%fzR5!I~SWd1I0X~mBl)Db0pxwXeE7XZF?~c1S=Cjn}i%W16r>d?&z$f
zD!+D3HDA-+7R(3-0D&urN@|oB^hdu2y{$qUC-KMPyBh5g(;5NG#eebh8xv63y&$UF
zZ`Mh1&&oxJ#C_Ux=BgASgeR)w{ue5u3eU?U2T)#Zo@XrhYj)F3bdDnzqv+iNOGQR4
zZHG|RZB>G+Gm5Y*0i9!qnbA@F*41M;NXR91(Nf6*Rjexo&_>JP1mU56D7pxdGIUj!
z=F_pr13S0eQD1#khM}UnmblU6QNil^3H)(|id14Qc@ao~S;O8<QC*~Blul*HXE3Zt
z6!c5)K%l(TO-DlNKUwtBw>+4ar%JWC%Q$-h>UYX;iLznjdAf|jW#vKy3^9+MlCAY;
za%2>=dgZYKlr+`)Q(Ej;^Er|@@RzkrL`>ZMl*)(?xjZew!60>rF16sajk%s8DuZT}
zd{@E!p8`>Y+68_43zZGA65#jS7P}~wn?jsr<o^gGx<PL+HcHE)`);?IxBk1w%$p((
z5La~!7XDz>;2mT{GFtjD1?~hRAR{{aQq{De^Yc#tz?m_|aXF?8yLaHe)*`O0c|kF7
zN%vLdjL>5)(I4gSjFV^!B0#X%NlVN<Y=S8%Dt-4)tuI03&!ez0CiNy_bUq3xfGb|9
z9QzSgHSB?{<39ki=}TE-2XTTe)S=3{;{N`Z6~cv0E4?!W-6uB7uzAfQZI7G(S_UUb
z4if|eoLt<$VGHPeoUm=i*<<SNCz03H>-~dVMZJg2>Fz#W^X-9B;t`QWBeiUF5`P*=
z*1KLdQ(=a%5%uDj&E1<leE&FHT>ldL+xj}$K2h*ol?PjqXF1Ze#<z3h^ej-&B|xe?
z7o4et>VE2I{NkqEM2Nc{srIRhGD3)B^jn%1KmwWDO~)^;VB&GBDd(w8NDG3--W_(C
zZ&<sZ3~rlgrrwu6ec_}}sx*#73N3uYX&nKxKD7b&Tpd7crMX;ourY*(_UkD?fYQtY
z#&>6FzU+@gPqoDH)BB&WN`}YA%%_MmZ*!h!V(82~PTQoV4F7p2jYX{u6>r3MOOR<p
zKwak$_SJ@=sYm(yAI(`R%Pqw-#}rz-Pl;bK47lyX4YauK=szavnmV(6Jsg0b)PMZ3
zpH8zsw0r<3&(t6vO6Gze@jn&@H&YH4lhelE?WODY6G!ugdM8?G89iku#MAS)K^3AI
zKSMJ2aEujdAg($A(u=1~52pO12oU)z!13)?!p)^kK&p<tZp8Z><8`{t-O)7;eVT82
z;sgH{aQcP#&$HN*{Q62jiz~3*&hZnAhLC2OIbr3}hp!Qb$^LlRc7ilC^z#O0?CJQ-
z>s8VBkq(Ez!tdM1(X*f`gZJJe$)N9QK)Z;%x~#(MUw#t8K7FMx>XX(JmlQV#sCW5=
zlItAr$z~lgR35>(;$^+w=NzBKnhhr|WH^wG|8|8M9{t2(-y@EM`&13NDD4)=l+WM?
z!str}h;CZqQtZjR?~TczlUoL&$Ac(t@}k-pf3+7W_BCR46;;h@w3wk0%(t#TWxA;y
z7!fHpx)8EAP3NvNA!>8?C%c7JVjNssDj`JRox-i0&7mj%8^He;0?k)q>i?Xjvi{d(
z!^FwL{$B)#jp@G#&i@cNY)J*|<p0duTWpCvuXP3%=7XwDvY9~qhBXLyaotthEj1}0
zOq)tF^;HVn&6Q(J<4PSojAcEtZ*^z<H`4w<5-KeuquDDB1wn;T21E(?^!j9P#)#rH
z;pe+=f34inAYRq^^%$S68GhO}zyRGHA77?|{987)Pe$mdJQO0xDMan-x_}bPKZzvm
zoO-lBpIPer(^2-GZ_j<c&)a=`Fn<r%^YrN_RwwtCEAWr(JRgV9;+n#ZIge`U(0A2j
zUFo}Kmy#%8?9|jHu}EdY9R>f=@<yHm4@H?yJq0C;dJZm^sydgq4j5}MUK-*$Cf>bE
zGvbjPX=0@)5X(5V%)0A$_yUwDD5Q$^nZ5o!j*O^tMn&?R2#&RD-945fgnh?`RfSb{
zr0r{aW@eiiai<=V(>~o&w`t=+b!k__7az?91iG@S^xy`z9a5$zYBoj?9!O;A<pvry
z(!(bluSD8jz8s3d^k@<X`B`vxz;BRY;+X&uU!ZVnqlv0O;&Q}E0Z4C_^ZGu2hO18N
zcqaRkm5XdHTqlRDdf;y>mp6y>>RM0s)Dnhk$SGoi$Bc`<KD+K6jr3T1=bakn)$~|A
zbK_ukw>BQ-TMZpm9<sA+^>|ukTYBufygb%Ct<28b_h4>io35kk^u5C9@HrikNhNW!
z%2x4H!{$cEPX<i&0KO=q3B1;08Q~98!xv#~->2fO-+dl_{-WcPjN(GbbpwI95Ew-P
z#z^wf*{}NV`&Miohm_<*siRZn9A?#Nf|7wW^lu~~KTlW7tMqw&?Vdm1?#6a$k0>1`
zQbmfdS!@>7Cp@u@fBgFkuichgZ%WFvL0(bRbmyk8lALDG03&!~p8fTnAOBc;AG|bY
zFZFYu>bA}N?MbroFuwTdO7810Y=y;^Ys94w^QBO$-=3dgJmU%)esIMkl!e=%q}SDX
z&N!y!zi58jy1|@j6Ui8*o<zAfYWH^h1G~N*LyPCEfiqzP&jqUF)Pi6)=rkt%&QR-_
zHq?cg2kBTD0WOI%+LowMDl)~U*uLg3XL;ZdmqSzF2*!#dO&NqIEhCn?rOGy|E$+W`
z!@{f-z~LJPMfcfVR}oeP(W*B}6R1lhwjsK#XoCt^kN3DZ_?D_5X49)_h@1<DZ|1xm
zLzps>TO)TU1qtI09F}ihmKAnwOVq+g%l{mURGelt0br>$tmN2Yj4Hz)t0nhmX_z$~
zt1VQ8_$wA5xI1mmUTeu3C5m5YavlVbOzFN7tc!+rmahwTb7e@1Z14i2_0FI{@Rheh
z^Io%b`PtzgoC?jBtH+m|rzGNqYyDB0?nMYvVScF>=RwbEtD*=)MU0YOXitf>mU}^0
zJ-0lZ0`NwQB+MK9*Wqj`jAdo9$@bhmuL^H!SXxn^aLXZXvGcNHnN!u02hU3!{SANw
z>(5DKTF*Cfpy*;&qQ^|k^e2|Nca0_8|CN`@oxs#;4nA{sft64ut1a8*36)^5;Lczs
z*G~~;a^hE@IbZh*DEkF})+}E%*n_TiC{+>L0VA%BP${wtm`g-*F|;mD6(*dqr(A`6
z@IW1mmLI@;HJvSLC;$)^w~u0~iN7ep%5?n7NaIF0COT&XpOVKW%!!#o#n3{*%a<IC
z?!b+iT)^1HomPEyS>AE%ftrsjE!~Vb7(tvXO*ug3rgkf|AD@=FM<sphv{NKqR_Tlq
z01ue~trpQ*1qnJ)k_nn|bPcyPh&qg(Wa5L&aC0IE6HIyEI;%tKIt?TpZS!8eL7DI;
zJvHqL9(cAqF-nXTWkqlc#T_fd`JSr}?BP<Zz?U0{y={@hy}4@BvY&-?cnbM!>qe!s
zAw0*my@HVlZUG`j)!ekG#l`%cxyc+70MM|S>h3K*7qkY^-63BM7gO9g=15w6nJUK8
zE=R4|>m1!w3rs~LcFkUlM$+HK7P7yg`(;pVV*+6cx*;T}XA(WU5Auc>rUJY?s+}2O
z%WjdsV0{xQCb9BIP7S;sf{BD>fn;QX=?&I_CaupPG>!s2Jw@M(c&xHTAgdBj0VfD;
zQ8+w1&6~DeN2stF0tMp5!Zh97OUMvs(bJ<q&e43XyrW^`a~OC5#^KaqA%723EX<sa
z%NA!9mA9AqRjTsZ9w^$LF|dD#CxG)C#WieDeK>a!%p`F;vG2lq1XvaTA~DQ^{gE!U
zfvhV!5NTWmFH&z`^3IZk)PGdE00_!oWqk#DLrc7?4qq=gHQK&jsi*!ULVpF<OKlSN
zhH2QDbJ_LMLnU=YN(#|KAABh!1(>6<aV~K0b%gbL#AsIf2zJ9D@>4UC5#MlGOMq0I
zZuAz1Yp-|YFtbRtNdtR4vTYnyG})7&;YJg!cNL*55*$~E|I|5@xLR!50^+pRRJc2M
zb22DV${VhXgG$eX$8BoD|F$3?yf<StFSOdW^b$;_@~ujiTU|oQ_9Od7RMk{>N)t_1
zc-5uNuSZ0o#&X3)F)Ioja<mdA3>({)UMy44wSg){Hd0``Qds4Ho?lbyC{WByOh#9>
zPasD*IsPf^LaFqmcYm(j1{6jnfl<s1DS}C}NYzf#D3J@0^MM*{f9usE7GijVhJs*k
z0;k~d&4UJdzng73uYOc@pfxr1G(77oyY?jQu#L@bO}FpmDu8WoWoI0_kgl$ms1eRw
zm@U*%#xDBzE7L0?<R8Y+Nn=G4OOv;bu?9demLAlpaL=MDVz!H@0`SCfQTYL!EJyi!
z-xE;?E+lqzpIv<)1N&qcC+&TId-6a|#x?wq_knluyD?z3-!``lh@{9WTn4(b#YwrK
z4s`(vic~1)Ve;LyNa`iR7R~VbUpIBJLf^L0Nn3ez+P1k<W<BS{b<Yqqltp+8BX^{%
zFnT_TnV)DC@8#mb0M0A^Z>cW+XV_U9Lh@+}qg);3Qbo0@8wd4*-8neo7Ej`o<IcaU
z%utIDTy)&lW|GY}Sgroi)~brAdz-DMYFr{;)>)|*SCn9!qolH#7rJ@&fy&;Hc$J>F
zsYTqAwzq20QM-~t<m_fr@!=hsCL~tPS+9Y(&3v@Jjuv3@fX9_a#9o%O&_4*3%Tg~r
zLTs$MUVjd-WVHR34lK1aq98zdjrG|<-D!{7DqAj&gO5>wEbk-(*hTp+3GJTO9Gxxv
z3dw$3G;RuMCa>{mTjVyrm8yly%W^;@S{I?7+0zc{ATTQ@ub&A$?K_%jRW=a^Nfpz4
zuO&Q7ZpNgM11y2P%+Le`;Z9m|35_2Ii;q56Cb7@*=6%TU$l1zlyDH0DeJiq<`#=-i
zX*6;rg~Q4E!(5m^xNOTeVD;UW=Z#}cu^ZMX+&bEXZjIFbSTz(n^12?AxX~n0rA(g@
zuQvTw6d9avI^;=IJcm)=Z_aU``!?gWHYz-2ZeS>t07Q4#VPsj2J6}AZWWs7Q!BEI^
z%4Z*Rz%#P0TdG$HuPX9(CzZcD6?F(xp>r%4m{nvl-XXX1MyLcQGc-XJ%D};iErs9M
z$Ox`8#Q0{OwZ`w@Q~bqoSxO7jgp&Ou&8>du#cw23b0BG_RRW=F_FYZb$1@g)=Gsr+
z`vE423W(!Xz&1xO#++@guz<dko8CAi(j2S(5e+k)<8KbT&IGrxI)bfT{+$WVGVOB1
zrZNC4y;#ZA8ACEX!(nsRdw-BfNDkV?z%3Sjw}gY|%rEx@9hpSKxZmbj@BeYOz`6pm
z{7u`g*o7mjHJ6<tOQuBT?*@Gc->=vaDjy(*3ZOq*X$vnUMPbpRLWcki$Oxjc&yWif
z(7=lIfxp-Y=tR~Rt$==No}AW26~339SjK$-vHojgCO~lj4`6I+;)p~s9Gkfe!JA5b
zI^>`{NTu2S7e$&v8Bor%4kpu0M^a3SE1Ow~o02phn^BH1YO5CM5AMfa^mIojP8q;s
z1GxW!!z|ZN)#zc&v4};bli?5aU4i^?F6M@84o3;_4~|fof~Tw8T3U%73SY2)v{|{;
zC5p~_xiEl|qa6f}evDi=0DfQXH|mM?n$Ppg-YVl=PLk1qXB^_YF!pmF+EwDmNidD<
z8D8;OblRU*q$ytYwjg<(xrWY#Gfqx$0?rhw*x>fZaK=a%*&M~Xw#thX4q+zk_@9|U
z+%JfPIoa0kt>nhym)!<4Nn@k8WyduvCt++-WAdsjs46&PMkf^fkVkhD@8KRT#d%V@
zd=|bu%|U?2(mNzN?tDc~TGCo!I&yU=9YlB^pT($Fs>1x~KFaq%JBQI3^}j^60XI1!
z|CoYRtuW&;k;+ciDDRFrwax;^X^HZdmlr9<$qE5%)Lw@&33VR3#+*0|O!pU*RJ}sn
zxT0hdqYtj4J>?gN?HQ~}WMc-SrUtb!!NaSTABrgK!(KcSR33HLP`hVx*!45xx(fgK
zu@c}AoK~149zUl1!X7_o_TfMaK!7QYg@6lM0rjth9Qg@eI+DVznF=y}@M%8wgO{cN
zk1xMSr*x@uJoj|uE7vGZm6@CTp!dD85Ccyr37uUFyuXuJE_|u6N%A00rA!MYKlXQ3
zIe+s=xYdBfi@0fQ5eEB*U2mU9wRSVTvHXQnHei7ian*4kWr-M1d_#R20YwQbEpyRi
z>|_$#Zl6}9!Ux*~Ze3JY$GsP4Gmq8DAUw7&v0-Jhi{d=HvvxCwB(6Bt3;`(CuAUl;
zJ7=sPzMIvfU$C6Q*D})XmKx6pbne&Y0#Lp*o{WqNC>BTT%WxFg8Gfg3_pjKraK9_F
z7h6mgxM}f@WL9v8<WQar0SWa@K7~jTpL>dcT!(HSSKWox%t7CWG1_L?D{=#V_1{Lu
z0(Vwa8vX4TcGTO+EJu`YznfqMefh#Mp57E|i}pexv1mz4&&4=YPpAFM!Cd1!FJ`Mx
z^mT}+1YWa-Zse4vJ98$f_Nd9JU(#QAHiKW8<-2o?qv-WSf~!$K0Ebk+it&ureuG(b
z)H`b>ToT6PHGz2nWmBHWjYAlgSeMIRGZp0>xHM?W3PIQ=Whv#01hdlY<kzn}s;r=(
zC<l1jiR;N%&yw@yLpG@P0?O0PVQ@(v<L-~RJPtaT#Bt0AFpNA>y-EH+eI&moF@4W{
zc6KszY^%P8kS}II0{B(19&gLCWjbFa@VIrb7&mX9x{m10!=%kHbn(*=bEO3yUw|K{
zcEVig%I^$6KS1a#6huP4c|MX{I35)r;yx*$W=rJIqVOLTg?5u3D!j~ZUSxtRkDv%$
z+=66EraKUKWtMU&z2tp9>dRu4Q3lV`v<T^uh{{J@8dN|q0V<{cA*2jq7vjnHdFKEr
zHBF`(fi_|x8a~9gox;mGAbNTbxNF^@proeAXfUPu`|H!ofc@RSARj!?A^&IhXZtUE
z%EG|F^gp}*e|@+A+v&0W$H<{XFJ_q(D$W4#uX}fi{HL=;(Ke^NZh46bB_oVr6>TIj
z9sb_1XMd-Dk81<^$9CkD=EyOj#6i)xVSMs@(mYT%G6<%=Eq>u#i=%JE`u#?F*IxQU
zxt^a~w(vTR(644AZb>JIBceB0LzuJTZ?u)c6s|fPdwYLg(4pN?e!RNAI+))2^7{cS
z#_aD#&p#AYzWa55n2OLsC~LsK93<THO%2l0=S|YD307JB@tKl9WPz!CJxC(uLtH!4
z7V)iza>Ggq3tcCanNN#F-z-xPW<g3%MwZb*$e2oj@X3upD-E%A6vLnj9!=l&xHn$#
z6s+IvP`?F#ff}BI!zPcJg+bF0Sg!!M3T2@s)wkdp?3VZ$V|^7cbz2kHIH@GR_m<C-
z(JO{W)>lUAVyWTA$&Qw$zr{9ekfH_lE$b?w@`$w|P@H5jHq@K02O!}sU~fNA@TlM}
zbMyV&UUVf`cC9&4Fb(|nEWPApD%plIP!g4J4UUD0fchHwJ4yZA0Vh)|tDgt}_QOr`
zB8L}=YWioqutbi4gGG_waWgR7wXfm*s<T@Z6xD1=?eA}ZjUpOvJ*(|tB%<ZuYt@aq
zXa<vo`~nu;F6rQ?$1PkvV;F)}3WV1j9!ee!;*h-%y1^AUAKgQQqL&{k!7H_8MVty0
z{7}+U)rFog>8cVX`gfJ;=5GrqgJQ+c1|~gjaYZnHyNF-0a^C<A(S+?wN+C!R@v+p<
zuix@02ckd!HSwTzBj1>5&Z-s$&gC@-Y2(~L@0+Rr<v?ej`7iYXann`b=<fF5@6#y2
z|ARa_fbPs9WTt-Fly-YE2~Hl{dfTtcSubVo{``3G{CVufs7;4qUuOoGeE+!q+BV{&
zpx+n{q}@~m@~n{J?GLa=A(Qr9n3M_`Ok{@)3{1uhWJ%$PCUi?SXM$0M>w}%dJPzyp
z_W`kFVnkjgcIpi^4dIYasBU4^gAX&TG~lnbA=2ik+TKMqSHMK2KeKwRiRZ|`Ux<d;
zRO^E3eVW~S>^mKtBoiBeHn5wI*^>Bq4G8j3t2pZ+nI%<ZFOSI?9~8t5H}DJOvO0T@
zY~#8AZh8qHlZ-A=PPN;avkNx-BZKn>bh)!;<W$)jyqxv@hQBoy3JwJDbMz<4NqE@&
zO>uD&td=-t)l*fV4>^O)WNOpL3wHVK{d0x1@Vl7aO>7w$Js2-w1u9t}M_6v(J~yVI
zLIb@eCd}8be6B2c(&m@s#D>HLG%#CY;wl0~bux?!S3UwhQGDCJPqc^hx+@l0#a?Z6
z93`%#%_>Lc9S+hS_>77Vtf8b_5xPLsh0G_@ECOZ?m(ZibTtcoCDF<?@@ja=*(i+~&
zUPtve#)3zmR0Rznsa2wnFv#gCvr0R8D;Vg-kTyQ)Sb;@WJO1hy%K}5VR`OAx!eaOS
zDH%GIme8bLWEYvm;xNej1sKQ|`2)f^dW~G68zj>OB;0(5eBa)W4pXZOBmAX;0VT{U
z?(v0t{|u3Mr-T4+zV6^;eY6`duTVkerrWo}W(RFAyR95x%O=kNkMpYYfKNMYeGy(C
zXEyVrp2rL~FJi%Bt-GQ~hV^Eo#owsPI(M`%PpJ-tvgcw-R45jz_>~Q=sjDCl^k(9A
z>=NfQ$}e=Y!6^ybFi}!I>BDoE)55a3?67kL&;JL+-zBE!KoLIw(lXl%V}-ojYtVkt
zU4;Iriw+DB*{`g@$sgdG{YYg^QcA5RLX03%TDPn_?cM9yYJcwiovy;#nSfZ=uNHYE
zlqO){MokueI?l`w-H2GvVOy-gE9Z?|utQMvQJ%%fVvkC`&o)`b6%pV4d;#=a?8OD~
z20XHWM<OGL0?d7VQ!n3$(Jw9pyVSAF6w-}N=(7M=>V_-gj#hyPdO7S8bPytk(g{h9
z3#{_*$wZ#|aKG|TEe#0W6#hZwAOQ`CuHwm}=pp)r7!RyJwAl?h2fGXbhV8s{W5r!U
z$ij!*oAqx(4SBTmrXYQWL@B<eUmfAWX%bLi446@(YSZMG^DmYX&y~b$PphbBXt_q`
zGDQaL1cu{)41)v1$aYyjPLk^Ob@@1Zb;a6sHdTvL#N$-C9>7R$c5}#vBNPr2#RxFa
z(b1p$(mi@LeL8Y!DpKU`>%>+jOv2TMbYDi>D7^-HqTOIO6e_9eFg2KXb6i<nQ44#l
zih7I^L|+@1xNEi_c^|%<6j!>9EAnIoP_hE@hHwvuvPS1!lm{?mt82}SN7bM>v!qdG
z&htmE<kAn-<x#F$3Lt9w(=L=*w?@~4ED7H}v2cxsLuZS_(14Lh#Ns513e!{;a9+xh
z9fbHw#%Z5=!UEQQY1RME5!O&rM`N{Sunyco4>+L0ht?c`6geeTLP0;v<`yMQ#?}G=
zC^_M(OcQw!yz#6{Xz~MraVZK$N^c}J(`$d1GPfN5(trl)_;^wdTb3$KDiv+Izg7Ug
zBtal9Vye$?p{31i1zW7&#gY1FIQ~F=moa$p*I3r2z*<m&zL#JwYtFHySb&6W)!W1`
zW$epa8SdTEw(=|eu`KA!#3j=$dnN?@{%w8b!8Vn)ng;a|PLI2{26**ni5ql*xV{E6
zbs^xC1y3S<1~0m3$WXJAFy%>D)WQ<x?qH<)IeVZLG|+md1!&dI($T9u{;ifncyQs}
z#k?}}VfJHr1@BE1s41V*H5wO8E{(es>ViGC@}?~$NKo)%__i-dNbMf0DxLvIrxRH<
zS6vo*G3E@WZ3{w69Ykg1*Yr^A${+tw?e>$9vp|@15}VIGEw1#YLO9|{j@OxZtWki5
z8J6K>!udAu#0;atb{RT{B<YX|&uYLEEZ7|)6@$dUsDi~M$|vxYWajgh_dStRcJlQ1
zqYJ|_gbAkYroI>S=SSql?X3U|ZRTB@b5gq}5KKve7;&JL+83yC`XW4Bl@EL8-3_?j
zKN<?tL*%S1eYkni$si%_FBo}IE%8Q{Q3tK%>{fDPE7S=lZQpwhwzA^EoeRjs<IfE>
zv;Jfc%*8JOJ^qT8N%bfh5be%jp@*}i01qPCdN{!<P<ObJ%xKb?nw<fd-_Bk98%91&
znHAs=Dcu*$@;WI9R(_((y~~AA49?qsadDx7h0`_vGv;Oue;x7C0{QOnv17gZ+R6wT
zt<k2#DB2<?gB=k>z*}ncVirOPoVy0i-Uitf$OnLEU+KZUCf40#-P#X5z|&p|XCM7P
zzP<svlCD`hwrx#p+vddP#I|)}`@}XUw(VqMOgs}#Y~#=SzW2NLyWd^wU+eVg?z5g<
zwYwT;SMPeNmJB}&Gx%a_7>jz2Ux){@0z9=5YY%5UojwHPP2Sj7&oSbs>=b)4nHE)P
zV507G%9fgDujb^QmWJ6Kn|~oYq>80B)id?9lC?5?@c(d9k0X>J4-E9UyCv54%zFJS
zR8XRD7c{|h&7QH`i<#xeVaqM);OFqOS0z1&_A}@VbWm_Gm(O#$RAU|Ad*<gX0)U}Z
z4E2(mhAjY@uY$!YU68S<%>u1MMJ_06$JY6}a*;yZhv6>AGwul;_esnaZ}N#?dW(Sx
z+OJHkfK<z^Iv1#TQEm5w3rhKe;#-Hn0^)cCwsZQ_b(o%E(}uhJIU0Q~g|IZCAe_n<
z!C9@GMVh>tk?)a8EIZzywqLePmH|pB;mIE^SQ1^80cb0ZeI0vI?ZTDzq!Jy!m#R`d
zXVGHr)KxHR<pmq_4(5k5Xzbu@EUdutQllFAR<O+8Y4&X%y%485OGBGAJ|xttFTRy0
zFSe_JVRax4a(YuX+!TPp`EiO=)z?C+rvKRc2Gy^Wb36hOHAL554(--BhGr)zKQYCi
zrm;8lWAzqt$tUnCb2}CKh(F>P9pcU`Ug3ANhu%#7{H-s?GuLOq+rwuZ+5bE6{#S}S
zR&LJ!4yNP!S8m|{8F+KCd<N4|0ygc}C9xzO-Y|m6geyb|oXj6>^80ur=Q|W^Ym41m
zo3Z<~KL66GlPGBDCX8$E?dLTA@SSJiB7K||pE25!#Bpcy2yH+8@Q~~!fkxjO%RAV<
zd!G_nZ#4W7@r=Ro@%`cG>DaafX74i*aE5`rlCUxg3xT9%v(OEWJIv=G9FTFhP*u|1
z;U#v4U3-WP|I+ys@1fzzB{He19{px|cZ2K3FOM6nuW^-e7iQs0H^H=sep;~f921(J
zNNtU!=CJogN|5Bz_z2~#&!tYPoEK;Tom&{6O~2hjD8CQYD6!b~O_gbgRO=g?A)$-g
z9N}(|pRy%F_9S#8B<XZjGGM3AgSuh=Pu<R7X~T)J;+Y$*r&TX{SuRs|A1ZU(&l{nV
z`U#s?xQweww9y}ELHb})70_|l&3mD@7{gr$DdlsW=2V65a68D`AwT+gDSn3}<;v{j
zuGG{w6!OL5fiEeyV%1h2b4NO2C<`@Rvr6(uCpx1q5l2n;h_dcjG6Ad^&oW+3?#@U?
zjF5)rC<T$0zD*L>);Of5O)86%LcST<Cvlf?#+$t4)@~C<nRBoO7FXwJphI>S3Zx0!
zcW>1*9Zq6LPi8Ic-=!Gf^7B3}cdRZJiX)@{)-IIiEF)j%d~c$9!FaLbeYTi<L~cCm
zsE(D|LKY0%Y1LILga`C2j0(3fDoQXIyUHJLQtKFiJlfop-7q`Tv4?N#u!h*dNnpi0
z5AhSYHd8k8Y(zn&yU)y|G_u3|qCn?S{1#)R7U2v`Tf<@+SmX$e@_STetn>hjG(;K)
zd8O}*;W-F_-jXCAAdeAk^-75PF8LWgoeje(T69jL024sgv<0}brIY6oU2`;Lz1H2b
z-Nj|f@Le*6G?2OBs0H%BR8rsgDaU`M5C)xs6>7<vCJ|=8)KMA?V`c4nuM9|{b*ET~
zBo0^uz|Avc$JnW2@}V_+d!&)fQh~wrIoK_iNLqmELF0!MMtmATWc~wFx*JVI^T-W@
zh|Aff6a{-%w+n!n@|M09OUa!r2<ko|fQ{X7+DC!r6~Cn7FRlqMDu_oYQaQZ|d;>8A
zPk=7CiShdhB=@yM7F6H#f(W=l*m5^UfLz5huqEmh^6SIxRrEhNL9XDAV&_?b3=dyM
zpDDh`D|*wjbtI!x#@eCUIPZpbf|ino9xw3dE}DM-I0hs^eQi6NEcpIqlh3()ju#a(
zfMPoy#gc8T;&w3qe!)rwwC*i`=G>S-o~&TieZEE+Nw#sDY*Wy>*)d>3gkX5q7%g&J
zOYMY}#?<LI%h`)#_BxxT|J~reXbMEX@}x1uCv6X@t;d_KSEqm&!vr*+PfL%Uktw$~
zmuWNwu@La(x(h3P`M4}g(;?NtfiZP5%K-~}@@d`Spw{6a8a1*-ZO3Tz&J|TaD3A$X
zX1YKweHhtFK!Q+6Eg}u<b6%`f9V7oKHE5K2Tq&1SeUZa=tbpb4FK5VFCTYC)(;1S@
zo{%*qMIm4@>e%2X`+o40=MvpU>Q1&Tz7*}M1^~jzd?QmBzm^Ypqn)nNf!_&f{H#Ku
z5S&Sgz7ko7%~~Z$Yr_$O>ke+MW}H-dWRQQIP!JvxKNW6{-lWi%xk>fYc7u}OE#ceo
ziH6$Qtiy@&N^;jMS^l#4plH-)`DES?!eTQpR=7-S5Cj}C&D|4yCNEWKurYn2lS>=n
z9zfXXOHJYGQd;ZsapY${V391<@y$q#V@whL0&~pHYXtur1a`POCb#MZqE+m-OgK!t
z;r@Ww;+lZ)lVXfJ*elsA;S|sV$9BJMy}6DXe}<?InvRZ;OmM;wR)xo*yXqpuJZWey
z$I>;tvDF9m6JaZ5^gl|&Pa$)aGhK;734q2{;XaVtNMAG-Ydd70I=ycn8@CBqC2IY}
zkbl@%gNptzah24$^`@i%_d)Q^%2ZS%z*CDqWJ<9?fgmj^3tD)FAOLeoQUyc)uXCkB
z<l=q}K>;GKq#G!$ftE*84|^L68Hz&2?*uU+O>*e5V>6Ei`Fa3KmHHJO={Ib0e83t-
z;oiRY%0dRltUQ8d-g(~aV`@Ui8T!<h;6TMU`yXB-xtx#7&-^D4{Z}rqvEI<1<tJjl
zc+$K4Ovh3_ZHgM;#d=G)Z?Z(rX-61i3B24Y<M-ie0Sea)#C7Gi6E_1LsMh4IugFzX
zDetiTb~nmvJ$x!jRf1C@%jZ>32mn!Ep_O=aE<6RwE2&OfJ_#9hLKuNtFs{{lNE3oT
zBvLp`>X|hAT%m)Vsw}PN8W|kLM)&UgRF;mu+6b=FNmv&s_OW~!-_Ho-z3C>8wjYb&
zWxQPj!XS=Vmw7pJWlU^kU)rT=x;04Bo-BzR$tY(gjN{4qP<)fij93j&HUrEkokH#x
z$s&wUm6^e%;PD)kRb;}j%o8H4DXt=RW`0GJ9)>VY`b}$83l*d-G)fdWA0gkKb6plC
zmO_%?lwzT}AMP%kim*Cyaf23RPA^P7n~tWW@aX~-jF?(=GVDR*SoGQ>mlP6FoOIbE
z<XE7Wj&OkGlq{Mz_T(ug@d60EN<DW(LcvODR_x@;<RATLE1e435EgsZS&ppRiyaIN
z0RmGs7MbS~%fxyG)}0kMfAZ~qgoDEFx5>w__H^`Q#=D}D*O>(Ux!iXT%3;Dnr!`AD
z)LDrxrE5}H51#jsT$p=o7+rm6-6D)fMzPw|*3&nLE$k!zXuWw{XaQ)aY1Y;d%XBOH
z+&I7MSqa8_Ek76v-H+T6KJ)2*$HGRRSpxN9(bSDO&rFZjH-YhgV(;J55!H-B50&*h
z4twGDW<R1l{16D*)p7d8@@FZE9(89??Yn~dZICSQ+o>wUPO+~n(C5gfEb-F|auh)S
z+Y4&8SzU(eW*{5}s0(5>B%ww`PG-u9fOLYJ(a{zxvOddAT4_}WVL))hXwjJ!(BdS6
zQ!K763ed=jXf?!t&29+rb$OmO>Q2hY$DOnF<I(7&95b0Icc!;~(BNCE*%kZp2a!TV
zn%!^0bK(ibcd31rwO9lW_8%XJetvIBclJJ9o1Vy=8E~EABNh9NISD!N7~eVFJ%=-y
z%ap<9RGc$Tb2bh3AR?Y%r~Tss^qQ7>Q^bd_EGCY;Y}%;dbo2Je+}*Y`1y2-Laj8jT
zWcKU%_v5ROQ)w`^35TcM>$B*Ss-@S9s$U|3{Wm$o=ae2msUimqYuLpoxCII$YUtq?
z9PAO(06-Of6K2VXOCRx?=obcwL`|8TG-ioKOU)GtH^Hoa;HC(yEZRgy{_qy>_RQjo
zdQZg?VGDBN`4}$y+xN}wv0!dPy75{wZU>B@(Yh7H=~SMzuGoDH1c$*%%&*Rv2y7-^
zN{RL-@#L76dgZi3yie-ef7Df*pzqR<x+*8Z5rCg15&+R`W4tj8P*UsKG?lMPH7RWF
zVj>+iQxhZhqA*BzZ4P&c=?Z`kEm-pkpbp;lkGN38fr2ojX(Wlvo3_kApXu@GwO{ES
zAlm1ZFOVnwVa%&s-p&viKPJ~G?;#NoWf09iqb6Znj7S-OPdBw&Nw*Uq!1Z8GbBH4U
z?f7&7GJ4y(JYzMs_4NE&ZJ{caCEPvEFLS?Qpx6K;i{Bhb>B~!Yk&cd(Fi1K+Q)biJ
zVMX^#7?C?fubbb@u8h3d^szIMuc;|xp#+=yNqcz-)=*MU<m3Ck3-pw*w(j#eHTv-Q
zr@fy0+`I`eZ5NpNMF6{=7cRDSwy$Ns!psZ<_<rWoD{JiDzM|3*ZSAql&L6$@$8H(>
zyHqpH>TPV@G-YD(3VLsCa4(E;;R8PIoTri)k@jyi_F67yb_q21hg8MUv^_Ov1W(R&
zIlM*o$D&uXZxlw$e`)0*URY$A0c5_xRT??0qFHmBa$o*LiCDDq5xbCswhTjJs~Nin
z;PfF(gd;MSa+byiVm-8k)GQ|DQ*x&v*r#*^;8dmb09RN5BxD_&ZW6qKU5{tV!Z#c_
z!MN^r6Q>O6ZTH3w#^F<-`o`TDHub&G?Cq)$=JS!S&ZMp^%@J!JJ-jb;udmp|FpZA?
z$5r5B`8yQvi!~e@GdtVAUea^@D{=O}`3fALz5)fP7SP6!6u{1tgriz4s-ls+;-|Y;
zdn<IFfzM-{Z5JJixJnYvc6gn0;cKz=1sQ!WlK72l{VRV{ZdV@46UHB*pIF^`U(H(+
zJ?r!o7L9|*q6$NPaf?iz4L$8=g?4te7oTUH{JGvFFJ86C)#{j{5{c0sn!RRr`eE3<
zJ@Yp~w#?EAV9VEoSrw`1bjs4a)-GS=I-Pa+8*vy^#~dAsFM)gxeogLb0-Z@Zz-l88
zeFx_|+F|jMAj8}kwNnhSN_Vtbl;<Ds^e94$)=2loJAoi8G?KK?>*%VRUwXu<sY4^b
z+dWx2DZ~MPv1C6<vP$hcyOnO8o2eaUIS1$9LOMMF?Zi7@&*GL>#iyqDTvudwk$Dya
zvuUT5E4|04>n1tftpeyX6xifyjPQajO~SKS{t}rOKjJAwC;Bu7|IY`uwjRBtzX*wK
znudgdD%Z5jgWxpLJzsN&NBI0!PUoDY;Mb&CHrTgrJV1rvYo(CMGbDMsS1xR)yJqzt
zKT?*@DokOiY_$i`wGK@7sn{!;Wrqmop4>=&p|k3v__x&P$sotR#$+oPRVK>SQk3-|
zKFI>#k|I8={NF$t>$WcvqSWR2leEdWQ4;1*4#l2fk$~@2g4^MR>oGxi<g1FtCbADs
zt!ph`!qJ_w4V(@mzAK<hLn4}lYd+ns?0aYcsI?=4xtS?pyKtkW`btns#k_LQpx4dx
z?!10~2#>T`d+D^4uV137z2W5BPed6NuH1Z)4Hx)wO5uO~GnWT#c&SiSB2NNhmE`D3
zM@?TqmN2rOE94bI!Ea(pm!1nz;7%f*K|M~+(R3TkHVW%3)0+;xsS^JWX|mKDrW>R$
zph<4sz13<bosInXw(b|^1YWLtKo!-12oS<&uh^NxYKR-+`AUIoCW_`xf-Fa!0a#83
zSru`0@uPy9H^O!l6h6BN6U(T5HPpGE3bS!XZ<Lm~9?pps#bCzbCuQ~W26Lu*zxetA
zbq#jEwDOP6CTdbn9*4%#)yTRXr>8JSK$3#QN`s@2Ng)ikoly}>FbF7Hse(~Dm{|mW
zcV&M>rTfVyy+d62PfZJIIXYLSg|sjJ6Imi5U#uf;lzR{y$?qp9BO$Ew0xHv?Py-TC
zES3;)^Odd)jNo=}Ucs{E-Ixh1=|Inh$F&0<siP2)bgD3XPwT01JGH?IuZ!rR0lAZp
zVPJm_$SvOe4bxMxaq<zy{RohxnQ^-?pv8|t4BX0@$^<C{DZ!ON#a#(StD25y&jXBv
znG2J)#ty5O%AeUF3hH*E{Y;MX?iO~8F&w{r@$<ji9j-3s2m<B~MnI%F-aQ{X`!|aV
zO@x3fA&2K}8)WzTvKhv}4I}br10d=qxVv8W53(kQ9k>poho?{0Z-!r6S8lktZq`wa
zf(tOcdWxI)4);-M%_wY^sitHe%sk8!rK9J=^3cA*u~Rq1N5L(n6eqU?hg$)QytmKp
zbM#cye)qNnm#k|ff<)uig^q6xTc4(SeXMMd^&J_YWtKxlMp={ol*&|D0$@VFP!RdH
zYs}&wO^`$}c;9qGWTLus1gq;Kyr6P4)KkkTk0~u4)k{kqh}p!za8zV%VlUao7}QF6
zNf#%cLA~Y1K3jxn&wdeB2N8!dHDldV+((*cr4T)s9rL1hj`Pg4`^qb<9Qdx_g6R)A
z#+C3ko2KIR^uYI1bL5Yz3_$EomeONzGUu329~9*%V2Adxx{9V;a;B)qWn=jT%a67_
zrlpvtPjapqCaTTS6S})uol?mvfJe{PA#2jdL(tTB#Y*-9&&YMIn^q9A<tBod7aBVk
z23pgx^q6@k)tsN2!J4f4=s03-{`_2K8|X$Yfo@m&TVbHQam%6K84&q~ty70UU4lj_
zAf1<pO7JD8BP*<Pr;qbYd|!<tK=O&k4O13WZs4O(B|1PBMAxiZM(zdd(PT<kcbY4l
zt*PM;Pd$MXi4h6_hHFSc{j6<_S_uK9gDcO!|CI-4Jf({{vsbp2z-qi-j?vgu7;FO3
z4sNShp{1T30+Rhf7VzRJlrAvl&d6$mK4k$V)`}F)bBOD+w!?Qw7mLhf{NooLXsrDw
z5ymj|izkC~g@PRQXQ7rO0(W=mA`vT{qwf;JNRS~9J@QrI^*IpEn8<r~Qy+ynf4nQF
ziofcp&CeJ5*yBTsPO5a;S$IsMz?mN1Gt5|1^I{4!z$}~>R|0bD)?-CDU@o9jB4vuL
z_kS0k-ek6><N^n!twUib%@*o%;&fXi{7*Bw{HfQFx>G2&1`JA61W98$-@3m1P}_VD
zCW-#GAq~Zd@C<~Bl|<!`>dwi9-PbHWskHAT6JtF&Bf2Dqkx5sI#G|WDa)eYMKMhfq
zm`V8b6TZkzJpdT)7*)R<yf-8_QcG3_i@Zb*lJgV*!BkivNlDw`R^`O%8e9naE=AB)
z?MI(0ekV}Cm~JeSe4)^lg%%$V_<V+My6X7<1ai)58NnuqSP7?~y`rNn4{GIo3HVWV
z*OR#S#es=F6lK287o3F7%N*+`oTudyzM!=`$)hF4gCF3uLWTwE4F5qDD|Cy-=XcLh
z8*_CKo9<5sVGDCB9@;i>>d^vab34I?9~T}PLlq+s5k@2HSos-o?WmGWoJv9bF5m&)
z{roc~l@LROz-kKg8MV9hKX1vB7_JyDaZiy!5lQ}FduXi2bw^cNcC-PIYw$(Hi+bni
zAc`N_WdnedXQDxaop@J}TH(&VYZ6f0*~Jv{11X%9;&PYyQt1mhL3>jcr5nefWgRe5
zp_~yGJPfA2!p*DiS|Vc5TJ|>5i=S+5G-b4D5rsO4D1LIPMNw&?p$S0*5gE%`h%E2k
zooTK8pyl|Chta1cuW8k~GB7k$zh<5|&S-&CHfw+i-{jLSLYSQ5&Ds$f1v6hB;t>8X
zPaM?%&#J3SykEJ`<}V-JfTOp(my@%+Ex$IOCukB@3~o5cZmo#L7t^0x&9#YoII}}2
zE1GxqZR2v65x)Y0gf+6>XBJ9B?wN>a$b^6~qbZUhVXvf{=dw;zq&^~pF0-LYDiCgI
zR%L)5j-m!Kf|}5(VLJp$Vtnne5-b97#h=TDWYl)eU?dBn1x{4dzX%DS6<iQIT`d>f
zI`4;VmzQ5CcSVz6zTvQKYrE)O*_R4gS`gaKU6%@At_t4EFoO`mU~~|ziPmcF-_WQ!
z*OogA`U%2*qg7*Tz`0OJy&y4NU?$Cfp;-icBnYOHg>$UU*Zd5gonf;?@|h!CHd;Y~
zA2dOIU)7$$tJy&9a|&gsNt!N19_eT1U&o5$gZF8uqPIUVG|cW5nOr&4+-73W|E;Qo
zw32_B1E=8U{Yw&DcN9z#3EwE|%^q3+sro+FHuUMwU8F7O+u2ePgT(hLbffE>d~p^4
zl1LoB63h#$ok0w=2UCFm;^?pK-E~T_WPJZdFOK)r*IyntXMSt^`4X)&(H(D-+uJ<b
zCDkaVOizR0((uqqT#Ru-Cd0dCIfq@iImD97e#2+42RfUYk8Q+NKCn(scMRS%+hOUH
z1wS9d9k9!!I)ZwEbzHFK^x(_9wNC2*`C<L=BW=%x>35Bihv8247Z^X;`%h{+QWw3s
z4tI=qnn`tQ>RThk+|PlnItmP|m`7!9>(#}R@y(9lYsbC%9zwIM-w@_~-%cS+oK2p2
zW}R*1oKlur9hSPr$5DhJhO`6_Z*O0y$c$^$CG=S+Gs7iZtYN`;g8kB1JrF6S%|(dh
z^^eLi*bXsg9`A`}_wq=YfnW8}f=fpiNu9T!oUfT4pO~-?@kIXbfScpLxG${STx`HL
zYZp*1Aid2OAifhkaMIe4lJ&2k85KA|K{zHc2YXjDdsi0{mcK|efB*I=&cWCkjuqHv
zZB51ccihbXhO+)8{(nKaf&JE2RBV5Z^Z!FE>wk)6WBmvF-!lHE3x5|8{CBx*oPS|~
zPj;A~T#d-~ieO+ITz|Lb{A-@!KQ#SK<p1~9pDeh~*7%%%`5FI#{hJ)50tbxq#s|(?
z>riq2l?32FF@FUS{V#buf9vM@i&*p@*uUpJ{vG>i_D|iIT>mZOe~yw1_|=ii_8*0;
z|MZRZpFOsJB(wd~i2WaHvj1Z!_J8ci@z0s#_~)!}{sZCs2g3OegzF!OKFOy_H+xqS
z77pMKM?Proe{_7-m&5|{IrF3aeGU9|o<H3$6;>8FRu*8rlL#0q7m&r77#Qb-3dY9r
zxhV<8#__pQg=FJ_W8?V?0_=501oAs${DlD$x*$RPt1Zycg$!8kVgigDK=?}q;op}3
zmx{mJ|7E#<(?<BW-Tyxb{7-rKXn$M$f1&>B$LBT8>?{TL*(rH%MlfzRppriUC^yi^
zLkzg#jR*F5JczDbpsYY-PduQZ>ll=ZvZ|t-7?8nj4fx>(^Y?=3ZVt}H$_n&#uO{GN
zW+q`_{`_Jl;o#uZhhvhkH*qkvvbP}NX8%hx*yrk-han8tUnQWvxmW`GJs6=Rl{K|>
zWE<~1FhPNJUJ$@OFG%2{FCvi03-7=8lYB6Mo_<uH`zW6aG!VlV|G&2X!lQz5bNnNo
z19;`71AOqtfKpPGQ<s+kqWUxdqdYMhmwddyJ`YUMpAd|j^Ro|PjrIPEpkSXVA^+|c
z*Iz#Yj{*pQ@zc~m`oKvvuD`F2&%67-?qn`5;9N9&qd-s?^uMey9ytuE0gR2Z2DJxX
zMI``BD@9Sc{=P!~tr>7OniIgm%`GVC;_7Vn%?{2pJIB*YPj#i^K91DKLDvQoPoa-;
zZQ0u9GhJ7e+Ym0*fryCmffo`fDQtppLlOun1WW?+3>(aEaY9ET>zvsZ6~47!*~=|u
zHVeb;54!k1_PrNdH=O`qp~v9qH6O&8m#)uGv>3NM88^WXjG2h^1VC}<xf4sc$<M=9
zTx=vZ8?+l*4|vvBQhe1boH-0I`CmaaNa~FT2t2Gb3%~Btz8$j<1P*GqPnMbXq;<~d
z!eezc@-PYtu#nO7d)+rs$feC7ea(A29J5_XD2}LG{ps*qNJXr0_qU0tG4Mfr2%?O9
zI#<i1#Yb98_V(A%#|r=en7;qu5)whl#W(Te8h)~id+<<LO={z?(!IV<CamCFK)OhR
z=qw@r$so`{W$JL$Q|I^q6E8hOU2A!Plb2Fup!@dxVk4N&^-&G-#s`gUjSb0QkW{Zm
zrArA&YxEuVX@vdFVa!yY>6x=C)uq@aa!R#~;sWdOIT8;}mjZaA-M}*aW*Erw%(^7S
zLg^Wz{7pCzzba2p{tByUjEX93ONxcA8%Z(5X-rd}vntXhcS@d$-Wh=zf`3I+pQR;p
zN~(bhCMxX+YcUY$NNSEs7DP#j&V*tUiSwJnn2;qU;)?+#C(1&^pCQnJ#91_GSSqpv
z&rle$#~}n`%6<T8m!t31A?c9c*A4PA84=*QW2++*ZvqkxlHtv(*XTHpDf}H{NwI&)
z+Y#Aw{CEwJxSPZ$@xk~i+C){a459b-SZ*Y(=If?l^Zx!gQ<dSnapvePS7{pG57!tM
zXV-bY*e<l^37G9jVva#C$+wtwHjf$h=~qROn0%2j%pU;MXZW*$+UznuE*>GbU!7h1
z4HLsF6ax}}u1%LGv}GC_%rSpF-!Hk<8eq(kY0lwZiC&>uX7ggfozAw#XP6wuc&$GM
zN~$|O3YZ$zz|Tv&y6V-#cUO$T%)(L3Zc9QIr?98sOv1?y2RpJN>x}n6Qe2fnkYERi
zTeY;trS<{HtohNgZb%{VNn`Q6R5SREEFKTJ^I}9-l<oHsaO^4GVsK0HfnjHh<GV`~
zb^(Iw_}yYLqSR+!CBgti48c;>$$-EHagV65KZ_nBhg?K4spo5y-s1Z>zT~K~#2HGm
z88PPFkh8Jo8NE1vXf_4SN)3qwoC@n@9=SgsKsNy8)DZqEh8fUt;ZoUnSTTNbG=iSC
zLz#INB?bt08|ADXWv03U7qnw<gOXDRX#^h2b`S;$gUJI+XFr##@qJEf!=5IXMUblI
z8XJ@zm_zs;sm66by21c?n0Yoe)DFG;MH(%Tuj|woqS{vl-}YefAubi#Zl1+_#+!YA
zE!G2u^P|1YJwm!Hlx|M_q^DiIbyzroLY4L9xA;d_e#!P?rN(YVxqI-|5E~W8))%(T
z#L!gz0Zm+$G^M0HrWQ|1R_ac6m}j>x`pwNZ>1?iAyfK^+O8BsEbDFQj{rMfLl6(T)
z2^%O~>$sjJL;^_!DMZ=b;Ir?}E>$@9yutvQlG-0k-)E7JAioNU)m(L4uv*kDKU{(l
z#uk-Wo2GI&XZD1d8M+iC@(f9_r7;SVv7h|mKY}3yJR(LF7+rZBVLF);0B(PS-O`eQ
zw>og+>8xkb#^F!2AqtlE5_dUE-5Lf4wB|aE@~;{V$&8WeOK?hqRqBPxh8ajzfUyIJ
zDQPE{F#E_LS{e#9#006KumtSH?9h&jTjbx-Gr=v$6hYU-|7=Z9=p;p7wObaY;<7Sy
zpyGL}Itt2nznb~oWx&SlgHJJa6UYmm<McmXHX6Y(rKpveQ_l-yCE%JtzGM1JK=)bK
z(R#NYrf!l(gJy~si77>x_k)bRSX}}Z<O**m6l&H@G(ZdRFYAbp@A)y`I0BH^H?A<|
z9nV7x7K^$Im#J;C?Wm%0q5@eeHO!AGMqi4U_s8YS=D{!q!!u=_gAJ6wcS;VHBm>DC
z8YSJPAbTDWT?1TxH8B`=pP?r2;gS;-EJD>TUdk(0FbA`qz+e6O;|@Fy@Z<+%gKfz!
z338md5-=L;JWe0-L0{zP#8XCR`_7SnAZ8)Ad2mLTvZA=M#dq>djn1YJv+<D;p|-Qr
zQsQbJ5c8jSBBq2b-yDxe<?&^am=%8m<LNPZCFaL<$*2si;pddspE}gfHq2uo-*cR_
z=wn2i-)U{3JFGQ4eTI95>4^jQ9XZ*rOGPY18bGpFCMLu?M>TvDpHhYz2Zx27PjUFm
zInC8G)tHHAV+h<H>w=<y&cgT8Z42$-cN*3c%t~RT2ha~PvMu2AG%Fg7P-Dlj5nqCz
zm`q7s4#i!NFlI)VZfo6dUba62!Hq)>AEakiljP(I8e*<#$62gitPTKtvK5DRqVZ28
zG+e4FDM>^X5m0j^J>1h+OWEFt8^yoiiMQTfW##tbU_DPSRfyR=T;AVfCVioWc19CH
zUBJ-iPI!59eK*S&f{F0J+9L3lQfXy17dVts<!QIl=rpXYnqVlCo)2DMC56SXW1^QC
znG7XY61^_nwmgeMx~c#)<LtKPiL>@Uk{w3&OgqXeE@82{)!lytE8F)Yq?=H*;<HXP
zVOyn(HWTq}YFRFq)00(w7gvQl(y@^+(XABt?Wi|lE_BtJJhGFBM)@E;>PkHbrwMk%
z>mr$egG*B#uX9#9l>Bn}!J~pUwX@5hI?=51WZkvjj;_mzhkplP&%W!m^@1<)Q7qA`
z?SEP{FIvXmH|ywRj|p|Dm~q{|PI|Z!6;*E@`0>5miQfgXrbhrB{R*pVd?vK^I=Prq
z7gz>mozF@QpA?-0p9IpqylK%Wb&@y(J~Ws}XoV?5qJx8hdDzL(^`hNC4bDJAp)mXe
z<x56o2v0q?T(=0&;95Lf(<d?@?D6BRuyZKGL0$PxYucPIvbr+Q>{-C$Y=uZiacyw$
zVDOcWJmaU3^XTi&g|AxjSHVRLGyLU+BLP}#hgZrbXCm@nxfgi7xZD)SLT=5!K9kXW
zmFpPHG?_#{zMthV<wV#mNjPr0ol?sO!yR!|&A$^?COI$wfM6AQ9nI<@;{Uin-(Gz-
zfysvG0ddrka)3q*rXDnt8xQsMrnOZ@WKq@OX=QPX#&LMhN}!BxmW;Lhm`IP%s$i9x
z7ELN!!E3$^Kca7Mc$ytn-E0=KE0mX$6_wP0LkXL}tBLwHGqZTJ=Hm?FzQ)rl6nvQH
zWXEO{9lN0fD5sv=EcnLEAMfiJ(~wMD$6{Tt42WZXp?=%^{Tme>Ya9!fqmWVK57+z{
ze$J@%qk|+RnE(rXmfv7ZQO?a3^#*TLg-d2F=^G-CL<c(iD<}g{Me|x#tuI~@4sOV5
z&)LjZwuuaCR;p+%KJwR>+tO^_Kn`tU;UX~WGnws9fWE*!B4XjY{}wH+q0icu6^|-q
zcK%1mwd%}j)Mt9f8qTrFriaxW{PVO_e$L--IjKr{AL>ubbjfr#t8e3HQ#yR%GJQK_
z^)a^7jg<iq<xQ1(OTKDk>G0FX4PC58SV6MU6@${ciM27u%b9Ay4t+G`nnp_aE-^nJ
zsYc6L0DA{EvH2+Jveo*Rn4XHWu2r*(wx*E`7v}Ha4zrkt$m6M{2Cz>RYpj9GsI*Fn
znIxLnOZyROgt+^#0da~laY7r|YzUE)9y_iqV!ut&r}MBH?007nw+HZ3mCtyFd4%Ci
zkIBtmRg$T-V1XsUAOR|*<t^!7(=XkFP1Q8*0g(ge`XpRbSh8vPApO2tsk+}8poT@2
z%xI3sMjh<ZlsVSO)SH=HMYiE(3!_=#ML?-(X{`G0zDQjns_2Lz;Gv^r3J11#VMpz3
zL#B+zK)QE9aHRY!>(~*Tg0Uu?5emBz8jhSiZSPN;z{JDN2f9o^4b6swiDgo1+sPi1
z0@ekEnKq6tQf=j`s;e6`4^QA+DeITN(}7WT6f}1{sEK_~vqTQXI+vN@#Yjq`j0Z{N
z4&Q_dVnn`GN7TpSN%6*3E4^!P3a(6wv*!=NGI5KWqgKU?ynZ}Y6AmA3eu%!Ic`FID
z=Wf4XN`or<1w%i~c%)*W%*Y8vGtQFR1F(eGAq@zpd3!U)GQ~e0&|B8R2veA8|L&WM
zO2}!gA2?9hDK*%w=C>qdfUo`VOCy0CqCwv6`&aN}qk%-kb!y`7F3<6JX{1=NBczAT
z4g&+%Dq%}8dbRIDek&7!3~W0hbhwD~6GhOobhDb5IA7~I*tORYMCo)Wi!z&stpOy^
za1ye{O_J5pGxC#+sAJX*vdvFPsoBnYt<@!=)7}J~Us&0e5GL4kk$l6qP)N|K<6t%R
z#SdW39BWdd)UlE?;p8SOhvIi8xAT8KSqDSy8R2ID@hfu1W;G6mtFq%IzpbU|wK<-G
z_l%&>$IrlxVT_pHu$GH<qhf$|tN^mzwD=9aO2kY0!$HpMkU#Qfx4i%95_lPWn-||g
z5}@J@$2(C=qE)tWz2mIQklYB+ukr({I-#;QM!o^&R1;l7OuokfbjNthfsW`*iTsyq
z1rS3sC9S{{grAc7RMSIBVVxx<$Tw7{il@{rxKzRfS@n$ECX<b<&ThwD1c0mca#-a$
zCH++05tYt)>tik>&!BxZKl{)IX*ii;^yHxvH^@rK-fJZiaNKd9;<<()wMc?0ODsnE
zKc%;?2*Ok{<dKOCk#DU~GyUy{L#s&Ls%zFXH5_o-mD}Gu6|y@}8E^3P29Q_LQumOK
zhVAo&k5^n;h0f^JLouS^RRK}PbR|o|T83s-JiYrvvViTTI-`0+r47!yFv(Y`Xp#p{
z2QRs@@`91&Ro}$i=TSKTS~6RonlbnbU9>7lB-#ifbui0iLT|_`{YoLb(VKVH{EzYE
z8grhCzU-+qbt^zYh8M;Zu~0wVmx7G;Y5a#QlJhm8$+LskDb}-)WB~qoa`F~KpY%ES
zbc_pIxEFHA<-*MZ_5>#Ub%?b1fb{`GF6Nu~egU>;is{^_*)kmzUX-*cJ^=ouElmq;
zw_$H%%*qpNq3%0f*i!~C$Jnq{ni(zz+e%#pcLHj`M!)wInI9-Kc*o>-IIJQHHEEl!
zP!7XIvJL$1FoX710)X?3$GT!uw1@JOm*W-+GDF)CG!GA4ib`f`eiY=bY^~xB`;p`E
zR&XN~vS+jtBi)%cy;dB()&<g(Yf{Wpog)qT9#y7Fg%eV2PwB{0Oi1{$+?c;o>ZVTs
z(e|5za+XBBai~+3k+t-0Z3$+)JUwS+ypb(kF)z;)pChJ_5#X(0Rlkprz&ffsVJl~$
zvRia;()8X<UDen|{;;2xcn2D(I9!|nCe8!0%8I<B5lm%!yB8+XgzOfjXRwvu_M!uU
zF?g+QejlA|Yy4G;s*G?w+AU#k01#LG`wKEVd{$6jXm#{VM|AjR5AQR@eSp6smVE%&
z2hq#WP2uWU5g;W89)$3K83t;Bujt2fD?P-KM4e(i#}XBta%Orq0TEI9IU-U}-$WhO
zcK=u&=w6UTtPl~O$ir=3r6Batp~h9ShG$#i4Lm2N<|@56Zf8_<%fb1vin?t{Ie&q;
zdZ3@NnVEux(whNS-eVtxlc<q<x;<hy?=hPzaM50g2B815rF~Jhnv<4cM-b6rpkmRb
zOlt{V(c`m<2^5=_PkhO}K?{%EM_KZLY4wcPkFn-9@kW&nVC9O&(Q*Hm%WqDAvy$Z>
zlRHq{loxRhysULyPNb!>keu2zuTa1W&<;JG%aQe$SCkaW75pR#bZ19UgX-W!0m#_w
zk#%O1Vn9LSq&O>>{|qlJ=2)y%>1QblQ71i6#;Rz}4o3GX<aS(|uhOy#s?;~mp%paN
z6pZ;aSo`%&(}J*xB+2(gu+P8V2cJ#E3eQucG-eTN2#(g%;~zu8n8cEBlfiv-rNopi
zausYq^z&EN=4Y2J&p^sVfTfaKvPIcW7XCgz!~l1=!hp?G+!nx_@{sPq7Q2#3%Y7~e
zc3;_RbSz;o!`*zkb0WhA8cf_Qk<%||4`{;=k=ri*DelR3KDdXSsfoJl?kPOrxd|SW
zQZHnle)omr{8liTXW%@}AZFyxT-*UqjpCa-s8hb9_rg=L-&fT16`8gV1O)k(bj`ga
z>wv=H?Wzis;Azb6Pu~{1MIz>vrrIWTUO(6nu57gvjPK@q^vx;m)Q~cMmc?#3&O(&Q
zx-v68hHzO&V_AP|zEC4w0Zp-k*&7)_3MH%;Q|DtZSXRke{z#x*Zh0cb_r`~!ANWRC
z9aF({V^<&tu)T9Ci|}R0#5zZ5-k-05cme4sH3s=+0*nSej~Tmz78kKUT%TdMLTKsQ
zi%3SNzJgWgebG4`2Yw@@VM#uU4y<!86i8HFi`A~Q^J-c+oc(4CD<sIn!`Q-GQs3Uu
zQ9;wri{;@@Ji(`Wif|lV$LIeFF#*W^bBnYa$i|T3nwgSRr6#SfCY;H{P?)neAqo(S
zCeud>Cb2TL^>lsywgbM5;3*vL=MjfQSOL%S$>R?a_YU9gSCI3_3s!v-A2(%#J5&dL
zwdeGc$ygc&qjk39@ubxDFm#WHFYfidJ+a7LN!W>dY=#eq?&EphsIQ?Ljh7kV6=zU3
zgWZ2|{0upbGhQ!PAG+$z;eJ;=8U_&T*~D}LMOg*3p6EY^p&IwA9Og7}XOkFOd1>YH
zs#SYGo%Q<FD6Q1JV>e==HJm%xDJrR+HiR9t^@H0Qo1d{f#rfV&`C8t$1B2Jq4n|D~
zEC>9@Rz?hS^0b2*6KQzmej(M!>cn!pGE{_}c<!djaOjLyQP_}_Rf4HNJp)cXi7Ipx
zOLWF%|6B<%Oq1~)HY(RxK}|I!Sv?O*o&q~UW@CdI=eB%fl})D5u_|J$^9vdq7U2@b
zp-iex6Ij;V9}#q5x*-)19eG_Xse4O@?++8QkLR?VMJUH6CXy`*HRseo8>1#T2-Jtn
z+b2U<=nv)Y%msYBzWqQzi3gOa@LqKBYwm}%Au-3~+?=pI&VZh$W9#CWqB)D3D6n;j
z6yd?ys)kFO{04WIZ~&?4>*ahG_qO?p-6lKOiM}~SWy`fdQ$Y0g^H8sBc0^Hg&@I8G
zcUL36{65_aC1$oRhV|8)=4J6UyDz&p*15`DxFp4ujW*it@TYFDUNFExvV0y>sy?CN
zNbYu3q8V!vIbsx@Iwwu9hc7Lc+RTLMCyz<zPdlR2ghOXKbrK}gy&*c|*)FFV5Qczl
z@vX@kC=JrOv<zKD$i6}*vx_QQv}26(*yl8n&By#c*#U9$wzI@xXSB{_7JQ^gqlg<*
zjE?%=Qx3Vpl-nf>EmuG{`)PhaLHVj_W!0bBBamBRH*Sp(9NCi^74N!^T-y@<fG$0s
z*f2;n7l6$^tgvBuj3I^Ow`BJ`UW;D5UJQ#8Gz4WxS-K<C0VB8`$J_aiw;tG+Zt*|Z
zWO!Y|BoQ-u&CxxI`#4<`sIm_CNX>gsgx1|WUxZ`eXsV@3H_!ptB|>_6gO{VUSWu^~
zKP+ieNQjCncGaCMd7m``ATB$zC%VY&dYG$Z?ZB~=bX9#*L;D#E7>}YF*H)UUv8E&m
zj}XmeznYy7y&1S^|H|-vjnWX!nbTV6#1gH&a>uHWn8IuG^+lYK6%5o+#oQY}wiCm;
z2_OF6Kh?tKap45ON#))pZ%3Z48awZ_q7$ga9>76+iWl0~r~3A|YICaJ*yUtvU9|fI
zt$W_z7SB&S<%$>hhA{l`$JU3qO+v`M`;qc@SFhjrSKU*GXo;_eq(3SbSF3+G2y7t9
zaGULoFnvL#nv>g(nBU&nzN<h4C%XO7*OznR7oMkAd)(;>P}yU5whrmF<+er1E(?!;
z(C=O%ZgNu`NVE%VQ|e;7hjNb=n=<dIpI5SGP7`7_1XFNrE@tJCNy?>X(A9Zrftk*`
z>W%pgF03xJJ3D6ep6bIAicBaw^V2@(`L5rL8&Mb=uf_n3stEUJ*vx?poBi&`O9HpY
z_pS>uWoDg7KwIM+A1r$p%;+Nt1D9L|W*z|<GWhLtz{}+@{C-;H@i68+uN-=QFLw`E
zHKyVi#H|2y&P;#KYOhqk&O84+QjS+|j!%|tSYX$iDFWOcDd|tvE0k%$t{qsa#EP+u
zaLbwPacPWce9Cnrc4XdNr~86XznuhWh=-en)rahH04+b&S6K?ADk5i|JW)pMAI3qC
zERm7Q^=^?040p}b46t`B#vugnqaT;y);=S(O3>|bk8%<-@?~eeMLe(ZYcEWJa<>_m
z=Y4g1$uNnk2Byu$lcw`0@Dg8tg@Fmoc4A;wHWvLB?G_#0oD%C%eKiEGa0ujOw<DBo
z1pMIQ2FSy+1q;<|_aDjZonF2opH8R8`|tPJ32XqEbsxFb;|xdWa*-}z5fo+PA}Ui|
zv*3R2!y$m+fK1n5;bMnr4iYz*azBN@EB=0NnG>R9xy?VhzVrf7fI3R4Y3<Ek$5zT?
z#ZXsa)N<jdVS6{2SJ?NvWP7Z>bsF3sp_|U}0EGP!q6!36Y}>Si|JbTH=&0$B?>%~i
z?HdQ_L3`fqoC#8-RC{TnWrfIV;|SrhFW<EP39<!IYgQAtjo!=0>w4qwj@DFcKczSN
zbPbA)6svH!Qcwpl2>IqlR}Ry?5tY?mzn|Q*WNfwYNg_8rXzDL=%kGUI=q}p8GKc)Y
z0(c8sdz543@_uKz(u#0A44R~RJ%zpd!fbtKu!^G6QGI;6nF;95r(M!7D@XyO=&Nk~
z6AsZn@`Xp)t6w-G^&Z$!^O_rUJ^#LSu$zynMteM9cUAIzu(~02<@SZ+yKb*gzmPlu
z`ga8N+Je^K%sARm+yfNc_u)jls~@e>5rFK<!uP1Rg3keAFLMAf|4vI$#;Z6Er#osW
zg<!#&n;EMg&fCm>GNWuo%wm0j$VF8)QTgtDpK%ZVqP`hCEx%_Jcr4Pp{1y$|1+;30
zOIFF%ZQeUov^F|D_w+aC!~lS|-dVViW#am%ICpAyI^w!a^7~A6mo7P-=AB909Uyy+
z*ys<kp5;Jr?vA6R<*I)?inxNKnF@ZPqNgiljtm}@g)l(EV)U}zUK;!n4H20s&}CL$
z*#Hc1%YD8nsw6#oib)sbA1?K6$cg(8?3VQPs&CivxsTo>yw2#hM($@Eknmu0^0|x5
z=E#H(r*5}@vfr{$xqZ9(S6ym$L;ykT;%|RDx{~#z+_o=oVa2S<y`hr2)VrtW()41t
zA@(r}gEx{!{=LlLoZ91V!q#&+#TmpEw%}_$A>n61&C4O3Q?!lrvN5`b)mdsiL`5&*
zr-st+q$Y{{jyF&bl&qHypWz?<U|>Yd91q-=SyXzINIerX^e~&XQ#|?Tg#cT$n$Q|U
zfio`<A~=9IV9!l4FZoMBVL6O;@?x{>m!mgbsS`V4fd7`?{#tOfCL?-LwWW|^Key_K
zC@E+WvxzOuhq<IelfOXhWyN+Q#g^PQbt3tZM#D_U-T2%mhle6G{^x@EBQ#>G%JX`P
z8<#B~?ZSy`t5sX*M6kFt9l#q2+#avDeGf*+AHx~?#k37Y@W2p)V=eQ0)%Yfn5#3wv
zXicn>Rq2|NvTeyC`EZ;Pr6S^mV*A^UvfsAMRb)@cH%D{?GlY@mVhuT2q@Q&jJ#K|H
zC*N-@><_V?AZ3aM#95pgh8DY*^+YbZcdIo){Y-XdYnZh?jf1$MkO6jb120Em?<=t@
zJTcH+<BI&5H4&f{B+bIs{tqET7$H70t4-j1Gm`Mf-n6nh!kBe7w2eIo<!Z#x!TEFk
z*UvWr170iX$d2HE*Iyl|r`{Qs>HT?=r^sY;(^qd@`gMfW1=;>Yfi}5`mM<KF6Qtje
zUcVLYxwBvsIgz+z!2>*)^DYaRv_WIMO_U!rgXn?u401U^3xXly1jX}Kfk>92$G&#T
zHi};lSWt^a!|wyUZiBk<mrKpkD^0|en`sVAg-6FRBT0j0kcqafxLqWDUp<!~FF`gE
z5uWpq@EmJJnA8+@w#T>;oY(ROUTfQ9URI$5$<$vcvV2kN?QMw3K%Jo`@wd(%PLO!B
zTp?S}7jk`(B@%j{(AjyY8K{O7HbAh2p{4su?%3fZ1zwrH+Kp_P&(8_yZrwd2F$$_K
zTDC@2P3TS$+UD73(=wTKMSnBG{rNVqi`^NkTFO6>ca0|UO5B2P83(*7=licIZ6Ip}
z?dJr$euXeN%V#-+yb2BA?=2i4Y~?l@*WY0V|29p`^VjS$fP<5V=ieuawV~D2RyqW~
zO!16b(#Jr9P7@SKQgG6XP@ux*8yC<hpdf<bRnQ`Ie<86=U>%&TLIfR-Ak0xl=qD1c
z-Gopu?y4V3+uIk?&dPeYM;MFIZujWETXt?YGEeLE{djo$kQB#7Di9|_wZUdwujg<C
zgdZGc3~(nh`$t^niV(PCy}z22Y9%0*IfqBjI)bxr)cN!Gj!8S>BVtR5o>EUJk?ZUn
zsj^J_#g;wY{$V>EXdOOZ?byE=gLPpzn98f8aUba8LO%un(qa#r#T@#If{BCH!@$l=
zKW}AoM5#RlF?v~d3Cn0h^&NJD4E|~zaCKkSf&KyTP{P>1v`SC2d*to3+q#$YppVuf
z`a`0Nih0&bYrb%-1sH7uDHA@NX4DllY;?0r(5>@{kU9zqjs8vvcpW#+%4p>L(Groz
z#^sc2`7V`;PHj!LFV9d&smz#+$&uk)B3LSzU#etNQIU+#5$jwwMT2}SHUYc_6xvqc
zF7i&qWy*M|-Y?QmgzLyom!>LXEjn8x?F(1uA1KpRJT1~5f3fB;li^W;r>2?+VJ(>|
zcS=sjQ|y+Ksd%VBU6h^(!;^?DT~?J$4p|e9E#OokFq4lh5nqH$5}Zg#QYM)o8bENu
zaUL<s?Pme+pB=1|vt_U^5IDL3r0-85x(jBFxg$5@cpnpHd3cBMAkg96A71YK+V17s
z*MI8ljn`r+^e#3v9U2po9FBeVyPcn_jXjNxqA*W_82`gEmHuYp&4YX%cV)RNWimZt
zkK4JjhmLLtgaFb4t4iS&suc3l8MthSEI4Y6H>$4iM<3!ozIw8VdIqWij4FeIX%p*k
zG+bzHX$`(gl@t$;(kxhe)#cmBVWeQvz~K^$@45wv#=Kc+%X;hSMIP9I<E`I6MGn4r
zBo{ATGV8Yv<_bcW8cS<Bac93{B1P@HeuQpU#_)=qR)neCX~{78($epIx74QPQFp1>
zvj;z4-Y67E+AtPfp>37|NM5}sh!}Qsx4xoTi!9-~)%z66k<D>pm4&f&+>v#Zni~1x
zoEBa%oMkhl-0~JM)DzigS3?Hn$wG8H#(?uhV5C_p)W|1JdfE!>;nwXk$5Q=L_hkK!
z#%0AoLRaX?FMenXi+InCRy$Jh8=@N}W+}8UI4olavav4BGbdLH;7x}HZH)FEOfdx&
zL3Qw(8!hal1GD_F*GWks@cl67d{mPwM}MPF4#I7B>x;#7kG`{8B}Uqjt)N_0Jr#5=
zbNru<ox}6v4lC4ns^8W~LEl&xA~RX>Oti-x7?hj)b*J?NeADE{&#q`6wJACZ!akJo
z`_cwfkg^mwN749?0V@?o2qV2+U|(=}o;Xr3aSb+Vk!?#AK32UaFseG4{JkA7Ft>?k
zlkrg56V8we62Nt-QCH@dN`^5p$D=G2l%Po$q<3MtK@>wkt^#|JeHaksoFZ`?(kG6x
znPx?dXsbE2rPU&N7okMUl?I-O+^Y3M2@)3E4fA4qzR4w`18jzOu8cyYzyN30TMLK9
z(Dx~7`DiWl&D^96E}GsQi<@&6qs~LdBd-*7zS!WmKw^>G$GBFTKz1g{T#dk0+0Z0C
zfshIXy0~aLxya=qxLURT7uq8=I}Kd*Ae#P5xuowFm!$od7y<|YKnv4kRx1BO`_9)D
z8fa%mFJ62yz@G)1wbpG>dYo=gs6o$2T!g%LjQFQTs)2Di+AF9Nv5hJ|Ifetq`n>mF
zNx8&5oh~<dT}WNu@pK{{#&9&yUy|`&3X4}U42^brb|`zIUg{{&OQb6nxk(|x6WAUN
zwso##%`am#t=oz?JxhKM+$y!?K<#E5_A_Hs)}P5E0pv3w!dAJ%hu7V3t@D@s{IhqU
zRSwDuw|F2|1DZ`5sQlO`$>QJW(x(?^mPpA({puiK;HJTjEUT4=hp4|=c!6+!$rrFK
zu(%%T*^fb5@$>g?CV7(3LQZY^;Q;Pizs+={VMm7TK+feJn7s$lD<?%!HawbEynL<S
zwjT7F3do!_4B6Dlq*i34glP^1(J{UPD?jK!-?dg!U(1Dg`my;FZYY&51#=iTD&5&%
zw_6@Hh=1<+>;~)Ph35DHJq+!!*NIg&vC^sNz#+Tqu?2YIMh#e(k)BV4;5>tVJLI@5
zv$jEuJe64War$n`;R|!&h)FX6aR#Ze2Bc$u0LW&F^>7mdtO&Yp&W2wY=E8$*p7J}U
zWk(0RhBMk5=C#aZd1y`Ia~;~ePBvN;Ag=4Lo325}0MpVV=taBes;cM><1#NT_S9~~
zT*D*lq~)}GM)cb#>vcE8eCurYW~XwiS!$$W%HJQ38B(JOkO+zM(QPmnttV9TVI)5@
zn#HRgJ^h}WftqOIC6cdCc3($rScq2pEk60eoZ35{fB%;DwTXzwx3G{<KvF*o-q*Qk
zd(i~(16(!BfB-)&6^~+b*w)syR!gDf>p+-RjL^>iE9@(vqWZqJf0Rli(uyE05>w0!
zEh!=0-5}i^SCLL(Kp0Y5KnX!QBm@xzB&0<`kd%^+Z}45;|Mv&pwcaypX71YeJbUl6
z&%QBd&Ux+{jS#gYs%81`=jWHUI2}T4v?&i==A?i86H;f>5z?J3CSO+;Z|Gt%)eWUi
z)Bx-Um@O#tUZ-)(tFT#G{xr{(#WC-mog%9@9c+OLaWIAzs*xy<=son(B9@yirx(K_
z+5L*j#TPg`!E2@y=BF*0>wvF@C;k}A?~H77*U%bVEZ~jsVLyDh!6;<7mt+t;eyiP#
z6{{687b>uv&>n;zlFP)TcD=DTkG0@iO+64&dS~(0sJLG}D43R|yuu4%@BVe}c47M|
z=b?+z5x?-}q!PA|kuq7?ijJ?m6?gKV0~4q)Y<fWADOz(I))Dao4c5jFnPv9r?CIZp
z!mcn>te5t9j`Wq@@y}`A!@v-wL!yt*tq5$R7~+__-v{ZTIb(-7`%{P6mo)bG#bp4>
z`u<3#WdbCR$jM7GVjix7X4ZlLDbWxEr41fuAV^~)E`p=trb;)Q+-$Hsp1xIoZo~(y
zxN!~7zx(uf=R=|_*kPc(Cw++nt)QNtK(*TYg*P!k$6fz>(CB(qKjztwbNWqYd)ESu
z=MH*Zy=7DW@Wn0~thq1pqTU^ScFF@PtmYx@0{eVb?rznme($)UjXFv=A=da-w>|ed
zVzW9898DMo8QkdRWG7mR9uBW+-oUm(L43%{ypl^!Q=aIDn6;A)e*7hFtZ;UF9M9H(
zB<ZW;z9z2dL*#YW7X7qR>dkv~596h6DDpR*Udb}&HJg%!9>97&E_l(NN~V<nBQoga
zb=LwD^5j;@flQy}x1g_YM`fG4`m4u@mWIZnUvKwGrn4Ff;5iFUBq{8S`EH;_s;#?d
zJF6m1gy)Rsi$_3o(y7huIbL1id7t>rpA!;(dlb&d3(j<~7fw$~OTj$hB~x&3htC_Y
z>k(67c!AH)^jyM)K@m|x0}!4OFe)>$BabtaO<R+;<j5Pu<)SWeuli0idq>VrcIIpO
zbzQoxU@qr!L(R}%JOT=H=$c!7A&Q&$!cU-elzBU;Rk2}R{?Xb5sdzEljytd2?iu^_
z`CYSSty!!vnT%c;=3YE_&i7M8l1EN0L3Rl}W^Fy--lQ1k5#~RgfAq((8t@4K+?bsV
z?qyPQEAcYqT89T~?hl0X5LbmEh61th2N1>|pW!uN7B*BxeP!L2FrW->l!`|^5uz7u
zfzE_`z2jjFB5V6q?Liu-Hu@TCh_IX_C+OB5xn;~yCGJ^@G%2UkZ5D71@$@Z#%}Ml@
zwMvIg;?V6Rh!e?r_;iPQC_q;P;{!A~`kCa|r@WwzS%bA-GbA17D+_Ud=NKwHyD6NM
z+9V*$(Xzk?{gr}<&Y97}W=*wj$klnCPntC8zj@p{m6`io*{ATDf@7*97Y7{;eX_`q
zwUkyScXS^Cq&#4@?=&=Qbik=f>DzD89<3IyR@9##U0rCVYaNeI@PSkl6shH`XE}bD
z$UmoeM7BrbIRLHB810hknX(`nni521q~O<EMD&1Rs$qlKCj#>WSG)ZA+P?LB<C1hn
z2Ny2_6>}0GiuxJN?Y5&_FXApP6FkDQd&$OzP}zS@DAe|a?JS>#z8Jnn1;Xukwxl-j
zCSo6fW^OCIVLm_fJP^2dz4#BOt-GNAq2yp9GjaWZV6GJZ0S9S0<>%S00XL~x2a%d5
zI$5HoR)RGX8xE0&iP~+jSf@QZVal}uHP%!txe7Hg7g19ZTYPu~4l~^-gX7tbQn#LV
z`&<+t|H84_j?Cgl7bv{ecg%J8v&A~$esd2guEO3S-+WWqol_ukVsxf9wqN+JfY~*+
zvojb@$X2|bQO@>}lA(EdSeK`>L4`ol$2SY7qh4##L?_7Yt{j8uviPpRF&$}0c~z#7
zh0sj>AFmn9bsbV#rqwlWuGLRu&f5!n$Embw|LCq*pgX#oKh*Lb@#5?o?_ulgoIXz+
z4#p$)-K7Se#bg6?Uuf=1bZj_5LXK9x*g39^%ZloL<8Sj;s|-~V?U8MktYdqN6<TT1
z`!(obcd@gvsdIa*)Xlg0>o?;&<8}FeoZDzA>pt)5erJL@em_&lW$b+MxJeDYUTkP<
zK;_$ar+t`|5gwSm?mj-V))YcXwS*gKTy?weo8Y!mV?%E~z*<@nTw0r_J$aJ9M(!dz
z!Iw+lTN#^}Mt&z)xA&~f@uP0M{AZhk$!NaQP^JUvvAFs5`HX~=C}I4g*$3h(p!%Mc
zZqx4r&?IOcKi^V>SG!G3C_9=>?oY_8&oo{4&&-TImqb5Tnf}wD{wQr{x-C>aw3|9f
zfYLGPk-B68JFq52yqXxJM(W^cr>n>KC0diHYO55T5<ngRZ6J65T6Ze%S=Zs-5}2To
zNsFp*X_Ho97M3nWEdDAO6BZs*(rLL_4SBB1?M<ws4Eq%zY7*!1Nu0PsmWkmt3^lV#
zi6J2<&sH_m=MB#C*V|B*{`OlXeMdlh=Rjf5HpX)$8z|P=m8Pe|8p*Zd=30!Q$9`aU
zkYx2zOn4`!oY(7x$&=ju1j8a^Izo!YR+5s{bl)|CBq!eL#QuYAqmm(M1FxM{c*fqK
z)7`H-*L=##ZV;22mJ&|qh`MNR#^tsB=~S&5$$Ru|p{|?sg+}s$!`-qE0cZ3e9LY@K
z(MM-JGkCxb<D+L{M!Ue%%&I<0)lUm@a}Qv4R1~u(KG9Dz+=XEt>w2+CgexD7R^BF;
z=s6p|x^<>zp?)L8kTbd9puju9H*~1I(}$GKfVf65>gA5j8>T_G_Y3G~Z4H$||9&qT
z5|_H4$1R5vVfI2~$NaI)0k2REptU68KVQP^Mab%a#7<#Snnw0I;hjA9#WZ+u$HBfl
zv*NXp!+V+oE3vJ!64-pR@oLOZGT4&{9wCLAdD#V-*$FMs@ga3@-jtOUDH9L|F*$oq
zC&#*z**=v>ao`lgJ6L248Dh)Z9c+L*FnRghOa8#OF6TODJ=7v%;AJ&l87$AGpXyhN
zE6dspAaSqPmBOLG@#gQdll_)%%-Yfibb0aAuCHDkJqleU=;RZrs<IvDF<L=Re~}Mp
zi4KY7@gAKJEHO9^pZl0mBERN&aH`j+(f@c0s!7bfNEGyNKdxIr%9?|a|D#~&!NI7G
zW0_bvhl!_+n2ngG!!=XPJsUZ*-fXWyebe3!fOoo^_|g!Ui?He?2s<{pZj?NdZMx!k
z$)}SV5hLUIeU|A&ZI*miqUxHo<2{MOiJudsy!z|4{vB4cSZ}fTT7CJLo;+7cGje+J
z@S)l#XG2*AM;jp@*#0YqOl+&~r^m*{yRPqCNovHDzL<dqMo)9-o&@&dNcK|a3-I65
zqX3i}Yr&RAlPyEVT}JGQ7Q?K=?1|E3-#y(o^`0~r)$*yO7=$ZZidmlaPSNVZBNwQl
z<JTE#-$|$Rt%eIR_`^~^hWIEkhV<C}d{5%WkRD}?Uqo2?ou``HRYjV*Jwft5YNh|~
z?s4#~5ka1y>(p|dofK<+ZFWZ1-?3)N2L}LhPuaHRst4EvqiS^pRI`zwxb_bWmM*(U
zUUvCNbn;eEii@|2eK<u=mS)3^qEiD#ff+J(?YZ_qgJ6EVPwFxAcn4D6^$J^CuG=ai
zs^(OA6thV`OtDKpNa<)R2T|m6h_VA(0lf~W$KF0-0<s>K9vwWyPg`XF;9xoN3H<<M
zZtiM5&Wy}&nyX~usrj*2E5@^OmfyV9Wm(_~(qkpk3J=iSD>9+T%Hapa3CjJFG1Pdc
z7T1s(O1FUa-{b1hHN_E<h*$)FDjDAl8@bu1b~EXw?{A0gdjmD>=H`}G7F!d{fvOF0
zqy$Bi0W3R`eu9S)c!bxYc!0C{ar7VHLEdRku7OAI6D-?_rCpiAPhTFOGN4g?y^@7t
z?u2#%{xiqr8T!!%$`AEFWBzz(D`>FrYMmBSrZ(w`KZyl(6K|<bM_2C>ZUQtecpq!M
zUq9tm&}3u#-Sc?#{zuZY_bd<6&7p&^LYBNYxvyU}$P{r4m@pI~<t7wv6mAfr0U2r>
zsSZU;@DgNE?hCEZ@4NX=u@3JlgOnl|&OT*zYmCq-4#W90?n=CUeZK@=V<IsuH~*>E
z>V?{BL>aM4i<mRkr_7)SMfX?LSKZxYQ<c}`t6y|v<uBKD93M_?iK}<LETHJDJ3K_n
zZkk@RPwWbOms2q~pmHZdD|f^kVFiqI^=rQLTXY*Q$ccazB`yWW)#u&A1HXSAj`yyB
zuU6zuRaTWbsm&T-eX|8CI-3A+8vVl0#>|YvN?wYR--_6F+0FwUzOLb=OkKLa#65+}
zxA7^PJb|SbKA-H&x!$_eZ4|KmPn5Bj0*>r)MJ;IovM%HZS1!ksB{-V~js~1;3L9QC
z8R?E~4wu`8opcWKJrIqY0^5=_Z=f*CE(G%OQjs?nNZsA3in4S@AH_^3wP*dH(UH-d
zFWDiY=w#ziD;7|!Hi)+o5>(fkPSZjazsQkOk7JANCH#yU&asRhN%EV}H&au+H9JrH
zr#?4YXBaX-W6ku-h<uEUk_t$?^XzyGfe$BNtt{;_=*I<|RPGmUj$`{|_>a(zm3dSt
zZh!O9px=$lr?gyHleANnlT-DxR+Z-}B@spCigPt=AE%Ct`0?`E&$Bir(UGLrKG{8C
zH&WW&h#>uwB;CQ*k!21K#}zZIsV{ptKH&4_9SV0QyVTXmPDY!EAr2r*r+r#^<AyRl
zyR$+NyFU5n&k-mo+^$&*j=L6%K2;^cXhu@;%$zm+%%g6mfm<p?yUJ1~0p<EWTY=(D
z)QPqk$z~-!L#&7#OSiJ3pI+|vD)_2Tq*vRYT|?ia2I2M)p<jZ{N)a4={bxATgRey4
zxBIf4^`~jdujBZt-ys3=OmO_zc?yo)mx>51Z>lS3N`Ph2Nlq`HQy5SO$Ib`{G$HdE
z${0(_)P3HSysx1wC!H|hE-29#F?(w@h0h?OP!ertDko<uuG4BlTS_2+xvP=%m`5=@
z#IF34vnM){a(7OcG3W~&H;bu@;`RuEHvUh2MX>5C>>-`6V@?gg+QO7twF)I?A5Sk=
zZ%^NSNjshLca;IId3&EJ1^uSHQ-}4qZr=SotK_?RgJyHP(U9!qU5#f4LDIue?g1vf
zk|qru9nG(9`;p63?S_t?mE|s;mDQWpNA{^5Pj7BgwmzaX)^~Z8pxK;5=OGUE+s8lH
z@VvhaU^(i`*I^bqp<pe@e-}<sqC#6pa1dZ9D!D}&3yvATmPYZm5@41*AzQ`Bk$+bY
z{yTz=1pOVsh9Hpe{~p2CvQ}2tq6#2BDS1n7wkotrl5cdK&!#<!Erw0^CJ|@Ny|6H8
zGwi^Kcfks;T0%lBmk4h(mN9cUgh$jnw>)}&ExP08<Qzm7^`!^tEDKr8<1zcP=1?}F
z&MBI|FJaIt{JVb9Z`zZDTza`fh9$lQIK{`Txc(|TM<v<O;TKP5FL;~XN4DL>VYYak
z*1W}$;dG%Rf|E4AT_R9;vOLsnuuLpk;zzH1{|?hUk!3D<*St5wPz;G4jfmx{Hp5v^
zdsJ@nu&wHlV{|4+g&v)?eiG>;?dH<6?Dc15C#mw+Xi$62ul<Bq$u*yb%>Nt*0sFY_
zPOp7D<RtBSJ};7{<DWGvfrxS<ls1&o;u6y01q8X7AZ8Yp>N`b0hHa@j-WX8VBOUIv
zaTy1qZ$7>OjmNj30-N-hE)cV&d1r1~i5Odgx|7j8Tx?I#A8;WR=xQ{7kG|zyXePP`
z7yO(i<6B%DW&m14Hfr9t8dN<9tmh5f8!)v-2&M@KO23LesR<}PGC(OL(yy1UI^G4@
zeAvZOx^_q`Btj-+>2-YE+CBSRY!-*>gMk>+^2Ah@Vp>mQWISTt+#J1)*c9yN8u%ie
zJ#Tj;#!O03SzA?<rKwe(5i4!~0@yy>9e33p3%tEUO#6PU<8i~?6{k2cfI-nM!fWE=
zj@^;eHT$LdWEoznmnm|OM{`$61P>khKSxQqYEXnpKMf6>*D4<ETjpuv?4AEalg)HT
z#dmrK2Y>%V@dl(}cg0sLJYj@;=JYG=VMz*z8DG#utdpMZgHYgUgK%szw@g5mtV3j?
z{!mL<zBlrpzEc)A@6oMTE5QE7=j3dT&z#?kqocegfm?<(ZWdNY-or7LC_JrhPIoqY
z2QiflMM@-~qWaIv=*{Ni-zftr?{u50ifPF(^CO=pc5alvSuj^KRO8~|iqZU4?4Iuv
znOCkqOyrPf8MP^Gk=R>#4~p>gf3{|C9`jErzLT^zE746+$J?CEqz6FdD6@*3k$o(4
z>kh>`d3*M%Z2Q@JQB-eTP>oOKR37B6<6EE16KJ;H`0)Y9aOP)3=PAIvK1f}_m0TRp
z`)sVfroN!f|4}SWK}L;o%_(MakkjHCJr(nl(Adh_=aN5W51SrN#D{&j)kfwtf!9_n
zK=Cs=Poc)}+KIp8&B6#4K!CYA$3pn#qy#t+kMiB@)R^9gLwIpa>jP&+XOD8txl$Rr
zl3lbin=4t7UKmBlr?(qVo8pL;edpOuv(r@ou|l2k9xnL+9MUPc^zg_6-JthuXpA_;
z1Ff@L^P#D+UVO7D4ILC_hC1c=-OIMN%RP0=J-Pw@5_RC4p>rE7!0$ctU5`@hpaOBC
z_aU#;Uhxa7i~LTSN)vPBXqS3-$ETpz)S6Q(aR>F=u==QGA&uHgWckp;b~mO{KqSjr
zK|?v1!CpJ%{#1fNsI5h4lTB^YUWMNpTOxn+y>t(RVw_PPbVN%x1zu#sJD#eSpFo;p
zHNKjrA8p7w-N-#N2c&>_nfz^^Im)@Kn!%g-%zRH1{fYyM16)1)6*UBY>h4#@b{vJQ
zPa0{e8k(vnCd@$eIg5MvZ0|oBAW-)w^=2V@7XB@3%fDaTc7$ksm-MA79PK-n@L1a;
zUkydA!ck7KNVnw_1E~>S{>|xKMrric-hNy|%{uFM`OFYCEkNL+vE^TQGXR}s82Qa^
zOixTjeWTz*YpXygY@2hyON-2gfJr57$-9&1fG+)O{-j=ZLf(mA{z@cAl(A+LFN>36
zt6k}*cKhq_mo(P1g#9fsZdE6^#1FU!=v+9Y?-<cH^EZlB@Hz5|#P;!JIwtbpr{hTB
z-*CZZ($b%QB?;vCFlo>JbaDGgrE64B5zP65JC?WsH(&!7C%A5!6%~6+k)6qwgZTX?
z>bkLB(Fp7Ly=+I{+&4Ll*pJDLpMvIZKbS1g=ptwL67itPTKncQgvGXOWvQQa44L1^
z{Z+m+W~;7qc&z^>(fUi>=Pgxz!{WNHm2dq>U#1JbXejyzpr(u1U#*q5G40keW~Ei6
zX$Chmu$0;VY%J;hVxM$B&!*Q!?YX$xak<^hICp4M-2}k^b0~ouw;w}pJvLFUp-ULH
zE_Qu;=;VsW1|6ztL_UJvaMo)}Lftbuk%4%8kZR;7UfT?%^3%Or&E2J62%?B}KD9NR
zOpc@z`iHkq0I4$H@t11w*F{CIwF|zH=gQ?f8Tu5>#`%)S!!p>eGA~3x{jU3K5UwPb
zIXBNwH&^L^7#Zv(zuN+1eFoSsP#qet9kEA)CNrCg<b^n0^n0urhOV2@(kdlLDt34o
z5&tvfURa)o5-rPX!WvO&gWGNsM7r}Az53~@nr}81qzue_D-ZcLb^W028&r^IMq>Y=
z1F9o_Bu(aHgKk#ofR3GJqss8UL8)4I=OD{%7=NvGaFNJad>FOe_diAn@D62Tjt^3D
z^@-}^JenEiOWnRSF3fw(n)Ce&nLY+tTDj`I{PH@g!IGXeEh5up*LN%)0lwk8w&q67
zDNmX;Ukn4qecV$^N@G71D0Zy&U#|>i>I+nFuj&|PWbmiIzg5!ItGQ$m78P7SnXVR@
zzp<5W<0zLYo3&Qma?-_Y?0bDl5-S8hK6AVsE3n?{ZY%#>(*T{#ny5mfWNv#Xl`Gjy
z_)ZM3*D;ZV(%s5>Nt1FBtv@D{l|zhN+vx3&jV=v9d3$^030{nl6nFJ+_v5F{E!0$0
zO=mqn#bm?pMW~W22;zw?y!!0X?QAmQ{bn*!^npzul-ACJy|}cnr21F%I7Fn1=>tvh
zbo(Hc?QvyRM3>^!RFzVgb1%*>mlBe8YW}8G-ls3Co@5TwlQTx+@Mrt2?=gcAIEn`w
zEYrh2fL;DfHtuMDbzAO)P)?#@L6<hoGoH#4{Z$0miR-N1`{YH{YRHqIPW{y-iwP?g
zh>r?qlT1iV6KvaLgnB|TeHJxbhX)m3NaPIfSy$AtEE0eC%dmyl(`NnCe9rH1!&O<U
zaB1cP@~!Wj>mlyp)33oI%mqQ24X3{_Q<}E?fg_r{2+5v;zKYYVcbU^&J}W58=`I4r
zyKOb&Zzczi3oRH#!fq45^9H{>mOxa9OBgzzlGmZ7>JlVoxEv|S8B2RqO`Yv5Q4%8h
z40k7s!<?|bsmL5Hk;D;Q)BDKVzDnT8e#^p2U#s5Y2f7Xz%Q~w}<Bu%uD#6PL(36ro
z1>W2qOsmFuk!UGGvZ75B-6T}&vSgR}W5$nRxCuv-NwLz}C8FECFrCM|q5HAda%&Re
zCJ{NW3si-iK4t0`I&}<XeczFNkAu&Z>TR;T``){5!}hG-5x?CLerLR388MPtiX#>p
zYxu;Cb@9G%MjY&#TfPs)*vip7`ym1?k^titRZt5TP0wBTDDHY~q4ckmVYuW6BO3|s
zOZ)heEX{i^ogcXJPqd|%#J)Q_^)9gdSh#V9iWn`(O_l(UcxOCvl7dwTDp$01+|NK9
z#`A3%gx&e2Bch?ND8EQVvof?$^*!z=fyug{CoFpny>)cPFsuIpc}o1tfKA|oS2p1P
z`=zjU?Rzk5Q@>?}-#<&Hj$gCHpKoR0xv!2*1||-Vs;XnIA$&GOx1Gwf`d?*A@jP(g
z|90!q26Y*l#FUV}-M)C2J4QdT$+VVpMaFcn6G>1yELr;QfJ$AtO!M^*yZZO^vVAMP
zy`%#};lNv*z9RZz85(1HulD(w7SI_U&Rblp*O)mVw<==4cwmtu|B_4m*IhFBFN=VD
zpAZ>2@-I`xf9-?(-S=hMf)Wc^0sX^_jSCk5AyB$|kpJ0uvG;)uY63<gAtnfJFxV7|
z`LHzM#_%nGxGj(%Q&Tg36AQSdB|9%FV3(~TZNC)@2aZu-a>(%a`}rXPLxE6#cv}nx
zg`N{#oEJt1MuNW^2!03{!=!OR27^Mtm=;`=fkAvw6!j4c0Of;VST-*1gz=vfO<a&+
zNFfjya*Ycz7y^3E5^+I>fPkP^9DpN0mmPp3kbfNoFzEky4}(L`c|a~Ggu~$AD~2&s
zY%V*^hlHN9v0T8ypqSTX85qp}U-i!IV+xcHc3B|^0R>-{!C(jwh8yC%{OdFVc{MUn
zKF}2`7z(}IT_6Mig<?1=E+_<Ha^t@|{JRqd<wITu!@w{khT-Hg_DVy*U`$6{st1F@
z|Hm0j`~PhT7=BK2b3q{n%zrtAU?}ox>!67LCCL!ygqIifL6H}1{Ea^t4hCKE5XN^-
z|8fBggCef97zXCQk{=j-SMmr9M}n?K6$!wv7=eJ!AESN2Fa~_3OCTTw@^WNgQ2whq
z1Hl{;m-InE|KAzl-|#~q$aCtU3x+WY`LD<zP}t>e!eC*S4@C$jJucUS!9eGXLI2t~
zk3S3o<G<Wb81Olb(7zQiTbN;ib3&C1G8hbePS$f#27yB_hZ=+BzpM`m=0^Zmz%U5t
zN?0L?^SO2xj9|e0m%|E$@k1}P4ugQfAXf}yMCYVG=LPsr_G7?&m!oi==vVRs20gzZ
zoR|M#VNlTdW7RImFj(Ye84Q!>7aNR;KMV#t=Lfm~h9SXMLWnt~@LdFhKp0M%bFQfi
zSUBd0y&M@#{$9y`1Ox`f(A-`GV|=-K0m0A!U5Nr5a!yip!7vN~0bh0yhPc{w7|A*9
z)L$%sxpKL=m{{9cxM28~7<tvKeJmI;r#fC$M@I}}(>YBNBd@H3r6VH-fgzjXm6c@F
z6N11&QcylH6pndINQ#4yk}x<DDhWbJfuzNd5SYmSUBlp<$;;J^!o<bR%f-Ty0Ktzr
NgAuT@N-0Sb{6F;6qox1=

delta 44524
zcmZU)V{l+i*sdGfwr$%^Cbn(c$%<`fVsm1f6Wh+jP9~iAynCO$Po1jo*Xru-e_gfi
zzOH_r?01O9V2B2IP+&%T%XMoUHQ-cB-oYWgD2?SO?)Hm<9lM1U<pyeY_0D`C4wyKq
zoxU{)MrO5t@KpZ+AU_8ZiZ3gvnj$xe+y*QEa(=T^;dcj#Dvz2B{Olig7n|QXnhL8n
zQhCtIDlRxpjnz~7Vlh&<$fUi;xd(%P2mM)r{x9-S*SaqU2LQewrgMP~uKL}X6Jo^g
zL)@R&Q*xzN4|~*cJXtzexdqbbhd-@86fx?T(XR@9cpClf7f7rPY3h&3$%vJC&d_y*
zVQ8qB)ONkwj$!%kXy>va*nJ)kxU36vrvEk~e<@69AUQJeLvxY9`y)Eg5$kWOZW35v
z_%WG`m&*6v0S$CBwy8g5^)&@Q41NmW2Uf)g?6?~WeA27j#q!iBkI);&z-b`oXy_KJ
ztLuNMlUp~corHQ}zfYcAwdcGLTi#ldXQ8aohDjGON}W0oKrk)5et$h%TkjVJe%UNQ
ztu~9oK4;hLy&59qwMTxlMkE+$S$6PZaV9bbC}vWj0Xen-7@3m!p|Sl4Yxfv+l*qz4
zWU&ci&7Y?tTYU(+t_SPXD~NG#Ja@Gj#IY(QSZxeq9J3m^QBBudvz0%jv>#oruY{D^
zs*;eaB)F@SYDi7u{G!kBFy8c^t)?Ehmo_f9yogV3clQv2-Q|sNv_$@*Y1jp8`lK9L
zAy{8+0n6*78-$w}uTmHq4035!GUg_Yd+Mwo&EpT%ALmy~AIxk>(qp2V2o^oC5MO>P
z^mjEx2+}Wb-ozTvVnxCA=(^l5G*CLI{ivKF4s%+?g@i?k5d&V{mEcT+8EdML5{dEl
zXy+PQtWI6^h{)!%tpbQ$3ow=ucKJK756$a|0FT7=$%^h|t6+QtFHeKPW>L|<wIaw=
zNYJ!pn`U1O^lR&F<6<BeYE;HZ9J49W>J$X&lO@aw6cw-e#AV_vHPGY(1>6gaB+;yv
zZ4^OLnaXVwY??jz04?0-`Pxx0${GU^0XK%QKOTEO6SKapEMImu>EWj+RVZ(*)TZD8
z@Y#4|+n9jfCqKf1tqjtSuXlJaW6=1x%+ZGH#4>ML`sT=QcgtTOn$yxZ#w23fiDMat
z#4^2BjH0vB9)OeIh%E?>WxP6##|hceclkO)3llVf2)>9`pA=Oz1=lit2|7P~#Gl1d
z&-!od3)IRV_j`6YQsPPi?OWZ8I3sTbka1@Y-!JumfgcqWWyJXkOdPDZCRSZ>iv%yg
z2E&j|OJbf_<6!!MQuSc6VVpx|pwjGbj-Ky%oidenb)ag2{fwu)qbL+`weh6+%(P^&
zcqtVP_tyd+JfBBF65~ORq$;fkOuwgkUqgAqttGVda{5Q~F@9BLxIaMQ-Q|%Eh%9<O
z+LQu#y>&JY5z+gjCOO>=$vz4SChxW*sJVNX0uJew?9dwSJBkwXw68EQR0(d{x0>yw
zcGv2e5eEpSiJ1MA6hO;aV}57&UrwRs?8tx%+?r}?Qld5oX?Bdoe>&~4Dd2bKwgtxZ
z(Hd6^O=@7on)Zl4Xn5Hjz}_i<MoxCvo<G&8Ciz1>Tb8o3<fwTimVB}&mC0A^1j^;%
zCjIy~8;Wb+vQuazj4Yuw3!QZL7*(vTJC&~zq7U}fZg*HxEF2Vn8O*5Fkv2teX&k%9
z@L!52LJX$B9=kFiV}4O(fbDzzqfr-0>}T5LgmLYhZI=yWV;!$0&!pf2+-a8f3A{OC
zdTxKi+2=*DY-5GGHT7F>g`95P<c2LX`QctEw_fQ5le@Hss}}yCQEkoOpHzH4=3|cW
z&c0fx8$Whxx-}m@zZ7jBU#8U(41|=0p`h6~q)$6G@cU6k%S{&7FAL>NV=-By{EF`+
zdST$Bf`a-Mli`OEjp^P9P(l|F2`?(;+4m{X$yW7X7_097A>(1cAX6h=t@d#TUHs(J
zb(K$i@*H@v{p9bs@V4z=KDq3ct7kkW+i;!uYloW~E{WhG4!0<PhGIv$=)WEfvD^0e
zZ!pm9&alv<ACqwoZwqVQ7P1r#t6kOJn-uaXN2XYnDviAAAzB0zFbXLYDfbDxPj^+Y
zA?bFJNl?C7z}3<YhP0W9bR8Zp|N7MD9`vNe-|KqYU~z=J!?lI>n$!PFhGqd{mTWZ;
z=D(6sUbbihTvcVZ?*6_a3?8DViR!Cpv(#^A#*((zkyly^U$_@S1Cy9=hhg0Xi7%pr
zZ8aFx?Y(XfT^%F>Y@iu&K?z-(WAg_g`HVx|AEXx<ov7(%4(s@(O(g_7M-kGhb+jY-
z(x2R`6@rq3_pN+9y2wQzbf|TeY{pF3^%Uz5l)9h_Xu9NN@`D!%&y?wXe}*1zTtSl1
zNsFD;H3sG+A1dp52q7#&#lu5+?0nU9<->^E99oa)fyN;Ng8eVlHG0n(--B;RXgdyf
zPmEwpU5Z+ZgK$cIRF|AzNn>@$ac7vEuir7AIP?LcwL4yrXYT#qpZ0H;$4`+pRYY`(
zYoL7i!U<K}U4_p=wNG_YzheBJUM6y;E@|Ih@1K}Y9#0em+wl2YcK-%ue{tm)&3<!<
z*YEY`?J7C}Cr|RudOtJ;J?IV9xBY|SN^bH6+kW5r<bkwcAFn4hHJ{;jX%9n%EOSG2
z@CF%z^+Q3G>W0iu)DsJ@>V5Ly&q(L*urQwSCyt+Q%cM%XmGpCUB$k(#T!{r%$Q?y-
zh~7Cw?W26VB{NHVHTuqwl*}>qHpt8yNqo6^06LvOKEC7Nn4Ds*;Yi*~Xvd%GJEQ1#
zVEX0Fj@W`61$$}^-*}_uR20X%Ux~Qr9Da-8l^f&iFVkg+^M&WN?)Ch5iLAG(Xo2ym
zx<bC)Z{i%4aG#L$T`h&z_>~r1&(EN?AMeFFvM3Bc*157Rb_b2&^2T}DO<Gv(2c__0
z+-c#|%?rq-a8Q!pGMvmTl_f*Z{qME@Jt%#=fi_q;n!CBXT9`P%{Wo$lwT0s%VIlcn
zUp7`A?*BW-#`1qA1q7JoEgY@ftx4Een^A?+z-ZZ6|IZQ^3-AB8o#TIQ=S)QvrT}Ji
z4cxZ5ngZ79MLHcdEZZVDK=0T$1Y~Bd4|mpA)63hM=*!wFamP&s#1&-{#_lfzw(gB4
zfSw9au#cpponP;+^vJRi6!T|70dMZ&{fz^s423`!Q13+z>Id9!!LIc;-56aG^6TaG
z^vIt@uIxnnWH(DRP^1R_Y+SjK0DcGlrqm-;vIK<t?=`WV{>|;y5G(C{*_?k`yte1)
z__AARAuH5)KCIMJlSTQHQm*PaC|Ww*vjO!NPLJrqrZrE|@&OagwSGlD;)!6s1Ak5M
zoF7CY0>{I5Ihm1PGX%T218yPv3MmZ@Eq7D|P|E`0_yuq;<9G9)@xvQffFHl2fB4?r
zr##%K4SrG}K|ELkJ$J8le>Xo9fcw=KpI1X4;^pCe0q_^tw~5-fIgfrqg0nXG$K*#o
zcZ#-&tsWJ|_j$t5OHMT*XUTp1+ZyOqq~}rE;`P_Y>bK8aOv`4~#`0gbttJ{1n|`DF
zQf^1PI#rLU2-FFm>danGKzsWwQ=Oraf<CyBV$Xp?Y&oZs4mU;7!_d>w`}|xJPXpI?
z;Fe&<YA_d7`|I1V$?XoN-cxDCVTa$}OgpcuK`wziHB|WSnNhbb{hls@oSS@k#LT`l
zQR4z8D)`@rPaVX=1FRfZ75)GEgeCmxR2_*GG)IRA^9hy9gQv*M0d!)Co5<spnyEGH
znzh?q&m_6A@<-MYYL{ZtrfTi;TC_#vlo9*bv@64^3xfo0da?P(e?zA_;{|NXj(9QA
zmrzA$Oh1hV)gyA_{BlekmKxU`by~G3={F;)Tn&V;w!moWYpN~6UvWp$oIWPn^7o^e
z!Cwmov!B_KC9l9P0cZ)Vw{W|oO#)FwZ=5-yYTvJ^i@DHr2+f$^5)E}4yL6f>_9Z{t
z>Y%I>JBgndo(g@J??4Nte@8m@nMMBoO?~mKAWb|kJ0`KJmld(|BVy&&Sj(@VebX;L
z&a}xosP&=PaT9WCql@lG>#8OO;?^<#KxvbHv+>xwX~6fm3lL4LOSMi|ZU_xKwY=e9
zgMHue-P~U1`QF3m*gmOE33lht$8zzs1Cft=Pcu0*c1O`gcq)bSD&R8WGJVb{E9?=N
zs9$L{6DZRWJna0dx8NVDZEgbu5j9i;aqPvsJu!p2=)_oYZ-Fs;Yyi(#SNUg8{}!j&
z>A1bMrJ>_nDbO-al02fno?AL}{w*LYo0~s|)iKhMKO{Hi1C@dlmV1n7V$(eDvR%dX
z!jV77TSP3)<pw5<{^q>4*(!fZaj+89J%wdu;G~goa5&dXgC00tvcb=wO*}{m4<@we
z9v{_kk#J0@=3$WClN?CXvIpr*t#-LLTK>|#yVVJr1FT)Ni;JcwBz3b7718Kv0Lwjb
zZ@HsbFbzoFoa3_tVub>JrTO~KNoEEuj5Ouo?n^^^KE13N2SD;5KcZylKmiHo@&|rA
z77-7`fQ|2p5}(mzT`lD!y<!$ACc|pt*jEs2SWIjC?8|$xzpx6NvKkpeo@!K=Lm_6&
z0+up7U~|RO<s)pKx?bMP{(!fu;<1~+0bX1dO|?f>9fmC?hc{szv4-U5$!?c+K{Gd$
zWQD<xU+mSzV4&bE<A1(*VTtq&5)nVyZfjPIE)E|f#21+M)BZx?UGW=wUKjoQ%FbD0
zs|X~k$+9_Mm*f5Y=X`|qK`T~inQ$IYIt7LopeVaE&gX%W6PKIEJLYvuk~ag2;6>-@
z@rvyR7fpw2P9A44=NpR^XTJY8KPdw!6wz{9NKYXTS=h#YhoryJj$V8|sBF`_6_3`E
zQH_SE?-2n(!F$$ONw;-8=|dX5KwfLcobIS;+j1PF0dH#*n(f!}(5s9f6@7Xhheq!Q
z4C%vr%RhZBzCFnlyye4}R@c6>mnj^J{+<76Hack^t$%%c(EOu6+8%N5AA*BpQ#`Mq
z?=QT|d~degafkY+Xfd>I=sT7)agsu5s1X%>hO5OCxj%z3UFX(QZ%5Hb2*>XxIhTWX
zU!%Prtb7==_BtQI)QwB;qwl1P0}A&J5L)U4y^4ssgBO|KCHJxy7Q0*dFVu{VgGeN(
zp@k7_Gi&%*DzrkBGzfX^BP{b7`EA)<6e;`{*6OKajbjdBV*A>v+Ys3br@d_7@5Yr_
zC#I!sZ&iM9Ume@Kw_xbXtAvI=>lPY0>K*4$W5G)m&(+E>u<Bq+@&~q*))goLwG-01
z@%I6~)@gdE!cb!+Wv0<cM(*mr9rgkQ!3ktG9cmWsFdAwv2Zfkzt5;r1-K`2po>n3G
zz>&j~WR5L0|4mvk4?R#M55mWnVBaPT!jH>}IhRyz!oYUdlY4F@_y^ZQVAC!?1pLAS
zX<5+s_3_{{u}!d~geSM-yTt+l)R2#Kz&cZS*b>z~V@LtEY)z^q1Sf0<EwM8f>iH}>
znWi)D$T$P*s`I}nobD_v>-dCoMFa-uN{)#9h#jOV7E{BC6}d<36EU7}Yy=5onlOF3
z5%sf&6tbyj47&McI#3!@K$K$hl3U-0XjsKPhl061M-9;iLfJ1E#=?HUF3+xzAEm64
zdqEyg=A^RK>Oxaaq53S8f>c4_X-EFh3?>$Ls93GlM@1K#xB!bqtQa+wEA`4e{E>M^
zRLZ?;96F*xzztW##1EqxI5tp{NT!m&Z)>*il=prd-e40zFA@+IRCvATfDvt)BFTV7
zHmA#EEA|j63lTmw1~`GMyD|iQ+w(-4)*!0UB+;VP&1R)DK74ggO`F{0qy^d##?O%y
z=72iETZh&o=tC7>k6xV!A__cu?b7laL=O-+bE3)5fWEcH;t;@yunk{Ee}=&Nq@{`c
zJSLEeWl;3u(O|up@FY#9gvnM}Ow>GB9Bw<|s8$T}@fwdfk`*|zA=baZ8lYbaMh!Mw
z?`mQ-aZ{YpFr^k;q4?cET)u%Y#Jy#kmx}YTYdvz#BBuOJov$|okBXH1s0#+ayP#kC
z**BY*N|qmy<hR;Tk&f;zyYC%sxcbyl#In#NPO=q2isb$yjk2=1PEtUThZREkz(wkh
z{>hY!)N8%;lqw)j`K!Cm%Ij5sgu;Pxh7%@{&+)8SjMUu8d+qByuu``k*+T)st48GD
zLeXxPWZIHP)vf~EfIM5SK~^AnMEOMhUe1=5;}2i9txWR}*^H<P_J4?3ywnViv$VfZ
zZ*;vqo;Ht6cHO;kj!hvlAMc=MLz-a8#D-EKB<7V0b__^Ke3~t#R(Aa}C0RYq#Ese(
zYIsvdBUDt0<U5Pd1Ic31`O;Qz*qb`1KzD`1{KGnFYBq1(Mk*y*K|Z$g2u9%4=*~Uv
zGO`-adE>^;R)kTAY``lcVR_J2=gGg*Nw{iP#ubI-K@P+7L>Dxy4?)EgxjMhym_x-k
z(<wFI+78hCJY%(cWRL+{jKX;KSN22Xhud+q!+o2v4q=W64Yn#%zm@VwiTtaT%K6u%
zd!>Y%eYhL-bKPUXlm$v3<00zgVVr=cWscyYwL5b<p&aLEe(Q6+EGTKzCGm~_&NsIM
zl~w)4JqWJeG6TeBW+cRFD9w7L*|1S)%;7KkHWzUBw(MZ!l}#9!rM5ZyRm67|m}-mS
zO6DXq9o#}9LotKu>>LGG9ODm@{Q}=6eTR3v1+}8!>LZZ*^~pbYB6urg=CkeA?xQnj
zizr}2^_wrHni`=D`Cp%Fk|2k=zgr2~;fRvAk$`XeTk5P1lH|L!<>H<+#aqH)-ILQ^
zDFX0&vsB)muwzmh6XIghKu|IwUWkq`X^?QRkQSjUvoagpu7uxPKuwf1*>iiH+3vO_
zq|SLXq#OU&M6&WEdA_7l!H@kS?~?>;R-Da3ayf6V)|}r<ahCJG9mUvjoy^TyFHU$C
z@?wZ2B9=7fYvuT&cBH&X<1XCcdMeTZc0B+aF0druJa<WbvNvyBC%@N)FED;DzQfs(
z;%IQD9*t8SEXkQ-B!JU)<mEMs&1$YQV6gEgZ^lrq#d_cHQnjS}Y2=lD);tq-rw1!7
z{?R5F=$PlJgGSw1>OlH31At^vzGt*jdu*veD2bpy+Jiz7sL;e+TZe-)XJ=g+GJu!Y
z<_?M4fhum9>%BhV^Zc2_Fe)g%*MlHhK~Jii`bEnPF){0$n=EffCfWYPADPqd+ov*$
z%?v@l((~FmI5$$(X#J=<rYm;3)Qu?6Ad&11VQ^=y5e@d~9gu-@FZR9Lht_);9NW(Y
zWV&)ia_?w!f7SNW!&Jk$p8%HI1aMwYa-f1*!RvU^<?42OfQ4uFZX(zsB&Yg<sc{l+
z7u%a471rnN!GZQ0YFEi)234*%bzk=C-k76M%FW5B(Qcs(Dw*J(w14M<muIDAvE}B3
zNZd>GGqU)QjfUO*p?f$XJ#y#Qq8bTL6RVl0+9BG!BA@1?Ggtgs5yY4U6F>lqhN^h#
z<ap)J&i+p7RZsoH{0QkmljTbY&rC4qgW<?s%nCD2<+Xo%I>588HyQD3n(WN7z+P)%
zv?4!iG0lD}3(G7MAcIzb?~<upBRqP%zcw<$hj0~kb6=$-^7MXrp1Hq{`P8tJZ(*;a
z&B-(D6B2y4@!|YKz$_*u2_)x~&1eGsJb>F%V(d~)O)N39QhmnvKbO~~QCBe>Q|EZ>
zuw+zQD`fkU79s_4BthTxgUViA)^^BLek?r5WBjhEOC}5bW(~qkL5zN)U+IrV<+rwR
zNvYPLX51lOTJ4_*&3<16gt3uT#O95cGfnGltIL*2v=$n4>)-PpfLQi<eDamb0SpM4
z5QJS)lv5%&Ds!?{+h?9fW>_W7m07aVbfmY^wz0?aeH)FDVl=O_gOUBo-x<O80Ksf`
z>iHi?pbjfD$MX?Z3y(rob<@hS6u$H0>PR;1KXo#8h$YUDs=J#IIC6|3{R}t|3t)e0
zc)r+nb89)E^y(s%07EBtRX4rhsIx?#D@7(oA}mJ^jM?z-T6hjBH5p;wh0*X=CrhX`
zu4At)ntpD~$<1w2nG&_y)n6&o!_2-kv4S%}q=kOAa5_QDXsb)*a)STtS;~L>_iI{5
zB@7a(pw7l<eu>N@aszwc+r%m@ps>y2N&3Pr7+6Tp)AcE@0*a?;>4VC<6P81XE;7$Q
zBy9|fNr!%I>I$yqNh-6p&vTUq>Ngm!CHGU=Lw*nMEQ@qkWl}?)Q=Cvb%gA|&Lio6e
z4;0pX%%d;*A;W1)=UCsAC8?uyHoJM~5#PTBN4pO~hzY)U%jx`_?s%SZ^|;^rcM5=p
zBRl2(Z_elX|ARgo=l`K}c3yUl|BLSI|C99DS^qb>muVZgZFOMg^<8KgFV2QtM4^BL
zRxm5*Q|9b=Yqh3jUvCm3N(`Zy#T=m(V&2*rJ(T!?CKZoR<XpR7MH8ZR@N~RvyVZTr
zlVy<=_jeVXn~2Rj-d~3Otf+iXCYrB#G7m&QhrWD|Hjq~tQBL#bQJjBc`74&IjQlGR
z{WNn8p!e$SDHrb6+Ux!JJ2UiY^0%I!x-X}AB~|@^#Q?}+K{Gz_L9xnH$h9-P&$G_Y
z;pP#!bUzqfFOgkjOj>)xTwtcLkArPx79f64%U1K*xCaY(vhM`~#Y1n9nBvI^z(LmF
zXJ7#n&(ZUgWWnI9{aF2L$<Te`G?&pb<;o)fI+*TV9^-&SF1*_B!3ZSixzpM^^=7Va
zqz49E+pnbJ+L`=wR|wOmQ`|$1(3X<T-H6j{odLmRJgJ8Hmx`Z}RKTSG{b(9wR?@gz
z!kltl@-f;Vw}d3Y;3ZJse_KR}kjfLyk1^&uaB^r(1D@Hm%kBJ$TkS5E(1~HKcXto`
zX?|oQfg*H%Ga8-nQiD(B6<|hO)E5+nKBdmeQxVM@pv;PpU9`eLW0urS*U1!dQ)xYg
zTj@{SiU+?s-|FTVX{6;VSFwltUe$DGj={Sq&=AWY{2|^;mM1Z=w0=uM;}XGmZ??Gh
zWX6Qq<>pQU+X!cl6@kHY;-$W7C3ON!Cw8Ws!NfK5{^-gD^$S^&O_MB%dzRi&uu|S-
zIPGpqp;Jn(>aq`3B5*AsP1A4-GHkSA!!-^&7`dFX;6;Adt?~l3cqH2!qo6QoQ?PMg
z!wl~}J_na_x-P~UGclq^KV6+D!cdcADGG$)Wa5L%IORm5X^}#Eno$X;;*|&Bxk9F@
zbF=-{;m<NaYyI^&=Q;kd*)WwPwK>x;j+)@$o#|5D&B>H_L7GEVKG>{r=^txUg^EbM
z`-@CLeiD)BkS+!;D1&e{1oUDX2+#NNv0AEZt7(5~?hzjyd(L-9J<-EhGO$8Va%qW)
z)Bll=R)=h5tWLu&iTF{7eXtL>i_kTr@_l1$#I#_Vj~mmKLfE=;#^9iBVQ>}mx*>=8
z{y`NJ*aAzgpywb+N$RV)E#IPz#Zfe!^O=+{icS|HpcITGFrh&gl~gpa54AOI4Iet|
z<;Z@dO*(B+*m&#``pW|Q0l&J-SDgFy(@yk2;6y<K&m=IHjd<YS@*f3YwmlrPzj-SJ
zfBsL{6Z6#CT1`A_%9McAm&h30gl_5UC;D<JY9t(7Yo9J@9;E|PMDzf^F+pz<mT~x>
z6i>KR8D#1>Pquvyjc&9VTXjU1u66RgIw!5QIPiQl35ZfDPNfoK*1^89x5ZiZzdTw`
z!R}pB%&~Zn$yT9vAs%1==SS*YMhSS~sp2BH6CfNY^ELO+;2*Q}%VB;B04^2rQ@SW4
zlU>TwWwFIWVf2v$f?1zATJ%ow(e<K&-G!KzKt@?3X7?M?39bS79EW?Irui?>W|M^P
z#SMaRb(pOsGPpHWTimhrH+pG~DK}#jom*OT7V}$X$b$~!bb0}~UtuCWNh@m*)#47Y
zXCCnje-(cWLGvKVyFsg9Y|?8?VLx=%Zc<_TQUqU#8@<me?yFY%w2RJSh9wmzV^xGd
zITlm57?TLV&~y;-1+8s8zoy}hO8R6+pFczsk;jwINA0Hu?}|;9n}{_Qu$+At`4f!}
z|3s>?)x}|N#+U|*R&E-=^*L7u%<{h0H)iln>Pw;zZ5irdZTwk~6o+ne$qD#lUnI43
z7_qgSjQYgwaD)MEkFXeKSsTwL#{vb!vo~WORLjBFM_2;h8&QYNE~rHD7YDOi7IZ<Q
zYlI5MLgKi*u?Ll~JP$RM6<su|B<D&OaC9-fyOYr~R}A3f!8(imn;nnqO|7tW>Qnf)
z-#PaSBa+^(Kw-LVb5F|m!<XKvAJdb_vz&myfb}1c%ilA9rIiH?wREU{F1(s>V61lP
zFaTW(@P$fZ-M98(-tUL_kCQ!!tUrc??%ug;rpOI`?a6wFxL-axlvURbHDyBuKQZ)Z
zJqV}!=K#R|xzoPd?{=^~-Wak1uh8M~?%d`ltEn%;fq7a|uCTD*F@wIt$tLWsXfMHm
zu!E?76+P2#9^iilNBCe9um^9PN=(g)`DP(LJIvri@e9KWDaj=I;tkB8V|^ya`Pao+
z^`6&a!9U*bTvRL!U?v<n`*?s?S3wi*T;Gq%z9s;#;t5Yyon*{giJCGZ;_7v9tnFac
zF1jll45Iy_l*st|ntD;f{qj#?kZdi%;9Lq;V6YNFvClm#BD)H!K(EJRT;F$j(i5D3
z@G28RBpjaa?yBS{JFk(U4(rlF-9V&VYZD!ph#uEUg_!-mm*AnjwgT64N$0k}5QU-D
z3p>!#ln{pV+>n@me$|t?4?AaRjOQXe^HP!~&gwjUwDT|+@k9(6N0IYJQXJYb?dCO*
z$T1#L1%HSTZZhw~*rqU*Lp^eU3zqRu?VtUPjVkYSm|-pTcUb*5*u9yV$p6sr?ElxR
z|EJ;qS32YUZ#mEYKg~M(|1#^8fR>)qHW!wZ(W%zmFEnEpnTs3AU=Or*4}5;ZIS83c
z2CSBmY?az%3^_9^)yFEQ*st`@L_eCCu1-hYqrvegfy`U~Q~pR|)Iki?r~3DtD{Ke{
zY+~$|PfQOWMbNj=kikjpY1p@UK9Uv=7tRb@npO7}J3sM{u=Qt0L*SPua9mr@e9nJ*
zeEHCfe>(P1u&cM=hyN?VgZ%mVZ8!v#n0*bB{nFjU;6B7D{G;nLB%nnR%Q4IVZ)_*{
zO*Me*0z5nxwdgJM)D)|Em6jPvKzgoIbB!=0yQ!fkx?6(aM4Bgrg@D`oQ$G(ePymJ{
zK|bvCV)#B{@rJI12LVPLK(e?Fp3B*^sTTY^qUhXT?8KJ#7#<Ci*tAI`Li{t<!2V%m
zBWAZ$4(hoxU&=@n=}hxX^UqEg<%+&0sr4v*61S}9PpkEOfK`0ks#r|uddZ3EvH_ZO
znnDP;yey8#X>BoHPc?ZFXz-fHj?@T<XXd;QOPM?>v+6Qg(9gLQz|x3Z1MvgtT5>p#
ziw7$VByW$rLTqjS*&^7MCrDyB(CE|s>BQHg@h4`XAp79%M03}<V&_iPJUCzSF0u%R
zn<VXs@cr|J|I_`+fp5Uy6S)F}f`8<68+w=aOEA$y_7{3$mN{mc_SZl?fa8aZgY;G$
z53Y>)vuOw)Ea0dF5DMyg7j-Je61OSL4?wIXOCGC6rS+Zuxr0D!^k=6%g=vbReVnJi
z^~T%PX^ba92Suk?raKqGn5pG;KC`RCt<YJ3W45Z!2g78J6XcCik47pzDM$6f`U8hO
z(Ifi5$_RHoZvNnrF>$VQH104a)+~WLqEwtEnuMMkai$n3AU%iI$+R;199EJr?aI3m
zv)ru6kmp%G<eR?xvhUmvTa3N^kDMV@&&1?Gj$FojbvADa3A*FnrBWQPBaR6cQZEP;
zCP~k0d5C3=XUb(vB9ElbopjiZkGV0g4Qj~(f=5I$#=9#Sy0Tj6M(8}wzDQM<SXw;F
z%5~W}H02#4Aji)t4J$u9dh<|mXr+JGeFd&0bb6q2v{7YAn*UodAa#?O-H(XNU-ePF
z_9L}a`lav}X|hUZ`9{1x{(C>t0ko|5=dp~+j~|Y(Ee>odC5UPMnuKE(LYh8tE7z}N
ztsp$2JQ@6~(5Z@ewj9<}J%q<YG8NMfJ-&}%zfh!UflB9$Q2EkgMRQHslY>sOh-%P?
zDB}nSQM;;CR}C;}nmp#%y>{r0`+mqaYBrK-e>dnAGVEwxj*$uL#KkTv<vrd7>uF(X
z-9Oeati68Ak+rCFO<?+~m9(UGD<!W8%i4C~jRni>a;(EXh{Wz*WEXh7?cV<d6Ur45
zfnC5gFxkcH0ZUq^d7m_MhJ{YvetXTILp$=TBtut05Ib_A0jdQLON>w?{mCg$q4kB}
z9;&2Wms)@?e=S~W<u6Q}%U;0@v&uTrVAxyZQ_@7!I(?^qLw01*pQ=%d-?y$NQa>lS
z;8+QzHs4M!otU-0ZMf@b14{<sIV<Ut2cp7s0h+(TV84v&lEkX^{fcsephP(M=8-VM
zY@r4rw7vAC1>%Twh&09OEJvMt|EhnO>Zl?8!C>KdAmF^`VaEyvLHM0f<*hAtifXWA
z%ry{T_G*qYfg(-*v>k1_yU_sqwj9(cFfBN(4{?NSFd{D4cUJsx7YEMF*75<}fCeXK
z3hZ0({-He2qnsGTWoAc;!k{XdspCtaauZlA)q~HVRL27Q&2CFAkm&=ph4G=@PCqS6
zuRWxhLknwgiN2@R$s_utC{k4_!(K&sEb+wc^k|TF2euQf=qwRqH5Ge^7G);ETB1tQ
z6?N+Ink(X=Vn^3y5b2JfzIg|_T?Dtw0z`3JuW@Jubm^}ii&BBzHx$9R9Qm$l?u&6u
z-H7$t4@fYY|2kYY>5VWsRRIcxU}(Z4r}C}BZ%X!_eg`*^VLq?HXCe8<Eh+!{_eu5=
zy(NlJACVP|f<WnBRQ;LFv?xWiZ<0aPFi3z$GlO+d-2f+G`!ur2R5pK3^UOns1ypeU
z=PO+}tYbM7oP~6L+kLWVXs(?yGtU~9JiS<H3D@z7&Fsn#-y^<oaFARbT7<nGW<wMB
zYzJQvR9B}VZW2&5$PX>&TnSzyoV~w`#;x=1`rbFGZhC_SiN~8fQb*=aExoRXVLR~j
zKm$25=7*4SzP)}=N2vFsey8vJ0MqS4HE*eo&iD0u`zkVl9Qgvg3*e*%rj+5kO8`*D
zL{70Ogy+5%FtBi+t~ohwo|Z*+2ROEf>FWnX8nzgLdv`(qzT3LhRLe|Iz2`X-?`oCT
z<FwE{(B15-kHp^PoT`s_QblIjYhKRpyuymyKxyv#Sy!^t2vkFxBeo3!6dalm;ylJ`
zWNeF5A7>k)&g(VB@}3)E79=J&VWz(fUTEhQlO?^4(c6j5d}Gw0X0C)GM<g8H^L^XG
z0Z7zeJPy)bcjJl6j$2duFRqcjP<}{md5j}j|Eiq$S@du{e`%4SzVjQWdWGPaOl#i8
zjSo*3|Jr$YIxxDs{nl9!EHwY05&nMxo0XT9<^Kb0p8xSS&d&S)0=CXZ!j=@)XwL;b
zTm-0^XtO%J)~Us28=9AWyPvLHQYj&XeG|ok0;WaNa?=N&6Zp5>my4r@3;Iqz1<ra9
zcw<I)uHQ{(I&ze8Ow`xXM~)*k#4l=Ms^yQEpTHucZ(Htko%rXlD`#Wu|IYA)5*)^M
z^wYIlteg7_#7|%&;M23qUl`Vu;9rAdwt|05)!f28i_5H0NBv2Ek6W>qS_{vroc)vT
zWWbg5cAe)g1)EOnMfBHDLt@5xm~_?>k0aKy(<61UurhITl=Ayv?7p1kjqH&S?fg2`
z1?v@LEw80<?AICE^kZ`KWrxf16U->XbMh2;^Wl9@|2i-nH>P5DuMcDysBPL?U_^qN
zjF(L_{A;N;Xx&;&bX1|r_M=V!zlAC)gWwi*`%)9QqGUxHqLt~606fFxYYr8o<=<nQ
zBq&>z&+7h0zdb`l_}KmG&5g@F-bX_mH~^8h+&IXbYS)U59UbQ+itBZa?a}nqxRg2b
z2;7c)_5*klz!y*Mk$t+7+csW*ZT!wb7E0hD{RJPN>8WrEc1+;L_4sGh|L@1!fvwNq
z=ljR}U3eH3c}5;BIrXz$bEv|j1ujF4KE4xI!KNs`toOWL@L2a{rH2b2o~W%ur0AL6
zFUg7sQzP-R!M3wzMOKrRofXR0q?#F;(m)8C8wNn7z_Z3d&=vb5TDN1Dr(M>UJDwDk
zA&P*s`P^xW7%Di-HO|H=C4A#dpwe-d6phRp%zHc*?An5{@OfD(js*uIs~umUTa-X$
z@g3i|p8ozuKAY5l?Sz8pH48f6WI9B@NWa=OjR4Ddll?cWephJ=lBt_F$_62!cM!7s
z4lzJt_`})K2%P60FQCpg+*6~Ib3;2l-NnP@6Ye^tYuACU;~e1}O~5`(g02(%tk8AR
zU!KNnRy3x1_o$matv-nX)7KqE^3Sepci0FjgHPBludGT|kF}K%_iP}V2JMB{lG9UJ
zQ@7wmlm2m8SckB+gl@Ei4ZFQ&{-dl(a3T<T7lwnU2{r;U=)-6}dr$koVcyY97jM92
z(@+~a8BY$$XKgGg^paP)ie=oqZoxXtioY0(qA>f>_6$z&lDny9*(H0V+fvGV1h-h*
ziYO^fE}E?@YbavNrc$BNx8yQtRtz(U<77OoCyr{QY!DSn<Y?rKnIv$k5X56Cq6qLw
zGRv`uWjJ=`SgfFG`1wREN)+pX7a>HWvPSYiOg05>=OhXtJ?WfNKy4D2ikzqkQ}7fo
z>r@Fr2H`1wU|krc5t3(ltJsz8X~U*x7HmrnCa~CUloO?uMZzK<Hs(Nz(DDD=#K?|j
z#z2AH%*lO?4A^bc=$Di$*m?g7!2y<be*}nHGoz>$)z#T3b#dHe;j)-UgT5ice=?~J
zQ^7<1E8*J0eJv$&AG$%Z9zuQT-z<7t)f7TtLh8*x?w<d+uZXqljZq_6%}B2V&GdY_
zKF)bPM*B2J10$F>3JeTz`MP@YXRXFqqvm=3>~Qmby<G8f!s<85W5&{At_S9@ANGu9
zjf`gMrGuW{%cTYOT(_FZ)h8!0eo1$xUcq~C87JdWrt=(kL-6QW5qo2&FFMQp+8-;O
zRPNO3?q&PoTJ>F{+2F3HhqaFi-DTbE)ri-<68P=ssDctmfwWoq));T=cs7<r_JejH
zFcf;Ob_D`@a|O8sbkK)ll@C}}i4^s4xeBjcDeoE-B^6gGc^AOVz8&K!tyS2$;>v7h
z^_7jhAFxgE4gHdl?&X9qSRftH1d)I$wYw^4>BEO!WGmBEZk+F&V-J={aa7b5VG=c`
z&PMEqq<BO_;g(8d?r-dM$Q8=rP_L7B<t|>|*sX943IYpBy=zZXs|N6~9&!)cw#BU&
z!lK)Xcn75FY#}6bwZudV>c?i}jp`DKf70`L36+~x;K^xWvUE8bsjhQfK+b}yS74M!
zQ!TdP6jLJ&dn@bK#<!H!kV{SFFNzU(rPRQd-4w5=1JS&0tM823jt$=}sM3OR*}<~V
zi(~E(V{Lhc8bgrKZ9w#5I{6Qf_@^an9*EDKFz!rGRApG>8XEjXTYu0GmtC<fB$Y_^
z7Q96_0q2q6Akh!fZ4_?3)<ZHg5mu11S^sCuhg0LyhPPruI`byX$_0XA6h0|N84=22
z1*Ym!Ic{*wL6Dg|Ho@Iz%jN{h@Y$;*<31LgG_(0R)x_6fC}58#5zjv<i9b>r56>37
zGQ1y4`cCJxi4_q7_MD^9Z5>e@?|IWDXjT>aC`sJgDOO@P{<<`&rjojTY**`AepStm
z$}L47?}yuyxix_dBUhI9N`oGhGD$#ty`-+#!UhOe42uf2##7KvUB=?(d+>Hy(XaH_
z)TTKR=SfQ(WI(J0Qw(QpE8?1lwSn=GZ1LoYTt1w{Ou;Xx8Lq}345zAUO$n*!`k9zh
z=dna#+pTDCM?!}u#@cVC`#f7S(5ETG;@3S!cI}$qKq?i5L&!3xCW7413J2=L0*i{?
zbI3g_B~&Q>dDc*=lrU3}{u(-lR9mR%dvpkoP!W2T9H6O&f)-H|)Qbl*X_D~N4HLWN
z%AbLZ8A&Tja@YldYqP${Q}_eQUcqrnj`QBGPy}Z_OBjWucd?<FU~#pZ<%Kk8_VlTb
z?a0hf1`3YUIItU9L^G<zfJ1#Cpk_Bpr5Sv1Y^d_m3|Xm+G`1@`k(K{`<y{}v;b$1X
z-I9}t6;LkAO4p%HKh~#G?!nbGd#TtqVlxI2WlVRWtE6q_h!DjHw^%9D;RYV$I|)m=
zogp%=)M_rjSslpT``@W*2ZiuhQp1tOb=&CTjGqk_*O>ZMLSb1m#|5@Hfe^)gf1=dc
zdmAJ=%lkW(f`>s|gH3(nn2Tu0iBG?<G~lY70u&ng+gPUC<79;=gIP|k89vPK7iLID
z#k<iQMxx@-+KxYDmhWG|&S}n1jHPYhB#GwHZHqK-tQ$?<SRg2Gh`Fm>`%zZ3k3&`y
zd0rnrxO`^N8l=e{V2Y{_&l;kP6PvkOo8`CXjJqfh>*IIrKAw-7^S#9hp3LA->IszU
z0n(dFr?&6CQ|O~_fqvevKTExeOM&oF2pkDu3e4aVT&JbyyM%q(oh*gtq;)kH2H)y9
zhp5BnT8LRMIbX~v)j`koK$AqEC61DIJPhKiS<?>Yo668*h@5#LJYt#k1rwUZOIt}3
zCBXvB+8=gGc_DH0R)$s-65p7v4?NLi;EU3V_gKM%qhl%Uj;JoQyfZ=#W0R(}reN06
zqqAPMh%y>00`(=gbwIUJr@1JfmZum?BY>_!@Jgj0S^$N{U9ctG&}r(_&Gy)kiJdio
z4c3^hg}sUBc8g(8WV~EdUi5{%@>?i?Me^AW?}tV!bWuUsJi&7pf9+r$;cA35!1s~d
zoUbv|RT6w?tG9h(0rh5l^fLS~KjdQd2iY@ybmil9^wqA#-zV_Zb^(Nr57Od$AMV}W
zdh*YqQDp%v6dx9g>pIBRl^6e+i*;+gJpHs{fs#DD^&V-?Df<2B5-iKBqFOOgB*_>i
zO;|v(y3$xE|KB2F50`&0GWIR)fQVc@7xRBsvEU}h$tm>$iE&wIYU<7Dw%;XC#+GqB
zKf0Sg2@9#vQJ(-9jd|y`$cVOe2T+i9>FZ9loUZ-CBfA^BQc<uo_e!iz?1FR%TA;uG
zeI7i@X+3xmxKj<rt%S5r%js*WeXbVyVeM9K2%Ed+^eZhY%~#0p-3y)qBr*Q0Fp(;^
zu27fIQ(slzS`vs>!^z6pEC-Q;l_u<q$?yA!G5bk(b%bR(9}t!UCLa)HC&tf|^G$=v
zZ?rXbdu={Tsib|#GImePPUU<3D9I-VE323*GiD-gp0HrNp@Nw%UWioXfhS4^XO#$U
zr{OZA&sg(Ed890<3I=#A!R2GqMJL;@uJ_FU9*h(z1(p8ijh^@aT;ADuIapI4g+zgC
z-I<i_Hq^dbwL*-FX_t)u>RF*14nhydqf^#3OM7|fHDdTfH_AB06J!&9AEqgFc7D+L
zj=6(Fh?rVxxgKL^$w99m4N8>&eP3OJw=zGKQx5w7ejh)RQMP0687P0!<9_QoP7v2I
z2?ZJ+AZuO1H)o}!B&*&_$hfxljyC~eu8MU?*bBma-l#@`?<u1N->=Q}Uyl@Dm#I#M
zQU}K&Jv`5$n@n|my~Z~AEZRu_RlP1`YN+j0--v%wOiZlYhs1`d(T+iWX8xlYg~l+%
zpyfnn`-zczu25rX<S-tfcX;XYlO^r$uNyBBg=MD<L?!Bj*zLoLRbT-EM%oZy`wxQH
z|08$tuZC1=lMHS&?Gk*T_RHUfttM|DEzWkjz+VZeOY-*8@c$-YK5fpu=+VwSe>?@Z
z5D1{?Xo#=W1osdriMGm%Qb)+3oB4WB44WJANEq_axBc2n)M1>qj3@h?_q3JVj6m>;
z2|}HT?)^2%MoUT1Arpr6a*$IG^aVa2oW~BZ8BY$-{4KwMZl3&EG@XlC7y8mHF-g|S
z*WZgv>}Dr&nUZ7s>f0Z?_9T_p>aG$8Z)DJIrqotsL#91=#Wi=cRld31W+1rj0M7Yf
zuYV_dSHAPSaXNQu<w-V-{t))S(W=BuoB@rBOr0~97VxBzLUB{eTEa#PxDpp5JH2=N
zwS5{12pfkPo65)IjN-=)oF3V8uxO8Tq(3}2i@4!a)f+-iPK066w$dd;<54A`L^Etq
zxPARQ8a<sW5bE}Qd(twKi+zpuM;dgQ5~BxJQhuL0Wy2(QkKD9j9%aF$9a^|1I(inw
zK}vb;Dl9e?9{+p%Bf#VUV3qw#S$$G=;ws&#idYs`Qg6OW=q`e?KHu~tX??}D6>XIZ
ziMLUqpiIBr<~hMt(w;DIKg_U%rPtS|pfzpD@Ib_A4;qm9?;VZ1TCb<;ZAyYDH1x;~
z#L%-E55tDPN%eES6+MmCI_3SqS$&t;J>+oVWBb#r$xCQ*EMW8sfE2jx3Gzk^SKv|m
zu~xX|tcAE4gkr`Z`-+j*U)delL4m2$rtqJHitVD_vMn2**Ny9^i0t<D@iOgTo2W%@
zd!K(+e(!MR+p`vBy&`7bx~{{!$ce{ml`HCriB?rwqkdIeoX)dHE73kV;Y|*{z4w>D
zI8**ZmmnPPIhR)hlmv3S$(+nC+B{^+A}tR=IwX({>^WU{?l~oJ=@(%UfxLwLOM_u-
zb4L`uTHOkCBw(tr)trG-5R`_P4dU;pj&r9(Nj5cyuQ!T#Gq{Ywrcd(L7I~7Znl7mx
z%hENl1#b4eaaK6ejXiVzy=kkZ{w9#oOFm)pFr>Hp5j_VAEDdz8QjZPC`KF8c_LjEc
zpYTBpcBvURd8|1)IO8&ukE6J~q<}`%o5*^BjCYNEfQe{_9Ljc6X^5+@{nuTSEaeLa
z^>A!*{3KhU7`aZG_vUCs9y@rojwh$h9eS~AtwG}a>rx%vF2|g<)cvQ9Ue@&5ge%UR
zN6-Z~NJ_jcu!Ow7RIP{0`A114`WJ6i!hJtzta>c6hs5GCByK9zc;6cDMqFB18ZJ?o
zY{i<1=?xl=^$Fw|O;nd{dri((5CWKirOwH?u@Dm!pZ1(5m>3OQH`9evg^y~KbF&>w
z>P5AQ6#SqW-cmK<5nRNP7?tXgK%((RptPY>uPS*Luo+d+1Tx-`|E8<ehb>AgX6-ra
z-wDDlTKZDGNptN|c&3xWdM=QD1j4wf$EfXI(M1&VpA%f%^@sQ7UdX!2NxyhB!W*d?
zN53&hg||WS3mQ)8##7t|r65DL2#-ogl<obU$sY~^r>7Cn-+jqqoSdHc-tsoiAZey;
z6e3Upbd8jcva_~Fx|o>g!zj8!fjE^$ED$pzmbAAB9!`^j6N$CM!KoCAKY1nrc-<`E
z7k?U8XM}3G)CdaaKV(QPgMQ|RoU@|9;o5>5+rr&}G2jo}L%o4Az{!U841FvRwJM5*
ztxUK*EqJ&?CazsuE-|fZS0Lk@lVJ7mFT)`L^Ex?+peL`sCwxD>l=GCpe5K&8Bx~)y
z2$!vF-HzW6k!96(miIKLh`BBbxt^$@zR;&ZMUI2mx@i8n_Yr4>`?<I7BR@~3ki9!C
z^N=F6OrOy4n9X?HRiWe8k0^cPBr)nvR(T?${~PNsRvcOt+*AB`+p4s4^EE%{q?sWG
zvK%(C2n?s;`8#|t!)&J2tmQdc8`5rzC_sP0&V;rkjlqHYJi(bZe&OB+bbv269U?;%
zgcf0dq{qFk$v4_{uc7}w8P5nZX1=A?L#VDL<`~T|tI{~5L24Q2yCgc$dRydcxh{{?
zU02s@<;~Bc%~Uo!?=F{KYFvo>G>W(bl!N#QP5Etd+H~`hkL3!ua!{jIxKJj8DI?G_
z@ijb7C1R?4nXxA(qKnkbM{V?Tqrf;6)v(cg_*N}z4dYK-;YH+V<xqFTR4y@+c8P`|
z;YMYBvQ;pRbW~}J!5O-E#W-(Q+6>$9D-Wze;~u=#2T>6R<+H<=N!O#%jCVc(MMhGI
zxn~#*IO~hwN|r5Q50F?#Id*;20fIMD!+n9_D^F68TOxs2fg#}zO-Nmxyl!LX5bPUe
zTB5ltGo?mL1pjrGB=$-Of)F~%>r58$EZUpK4xxCH{MP<xwXMh|`vIS+oIdsk{`Z{l
z3nE`sj{($QP{Qcj5aEAXI0TBGfKB52)?Ngyal!h%8q~mx%3X*Byznd{6}pgY8T+mU
z1M0l2_U(<B`zjS1GBKo{m_BUc{5+rk{b0X9_?t^yDj5MTzXQ<>RL4eXJ)(OYdyHUd
z>>oGVj9PzYPOl&84~B^{e(QT5V%@?>2ug&c(lackL<XkiCYqNw&U&K#fC-+I{eu+U
zl>E1oC0g6@lfLKbbg}gkyFCaSlZWI&(Cuc1&Uw-~vx9C*V@28-K>>%3rDs4F)tIN!
zO|{Rhrihnj$L=oz?0%If#T$}1aWX8=<aFzK$6a`~!l!JQQBivD-1dwzgtB1Aq<^Kl
zOd5N3=1b(|ehm4cHlzHEK)yv;Gmq#Q?t548b_+@W$}f$2Dh6WE@gOBAZ#ArDqJzz8
zthM(OKl?>cg*JR;EIIpR>4*vmqh-9mjj&chN55$(AKQ^km?E=jC4{<A-tIWs8CNEf
zgXPRQ{MM3ZWVbw$sC8f;?fK5gA9R&S&0-hJkG8nR@#ck<b_TF_fsK|aIJ>Qia$fi!
zD86IC$I%=xD!KWVsi^ZV@hg`9T56C$-7s{-)N0mWcj0`oyUA8!IpZ%I>7^UZvX`su
zrHR9{ugBSv^YaN$k`dDT9x-RvVP`FNF`B8UeE87ef2VE#yyVl>g4Z;zm~(-<8fOsk
z`Hk}ugH1K^XkKB!1iTnTKHW))&S=>U6SCnBCPVT6;EW4~9k`Y)6_b(W&k>ni-Zz#=
zJX8FQk%hRlKGx_6zxXbA0)P`fy_#U18oU2Fv7Nq(l&@S7m{6*jE}W_>;5<5o)-jeu
zzgw^p7Dp>HLryE}1gD*JHKWS~>sfGnYB@^2xF}H2PWh_a0h}~>M3%^{_H}pqY=X)+
zW_QBrSj0{AG-9;kDmP#wDV=gim}rl}O06u%P{<hIBgPow(3`;yDNeaQR*A3*h2Gp1
z;za^z;kPSy5~vtmX62~SY4Jt$;$8d(R9e9b!0=3ZMB4j;t#y^7OUl?b#ZlIIE1xs2
z-BH3?|ID9?00#Vpb>mt^>Zt73_iorT%3`T(f{_Blo5H!cC>Vbug>yE1V%Fd?u6p98
zjWy4@q1b6nQ}HvVd`UsHA>8AQ<q9k<QZP$s-Fi#7&^BFrlMb_fRTmkB3==;3h0Az5
zvO?o^-vz=|7t!PzTFrBWW3e9I4)lK@eEBTphi&;80A=wSlSnL$yNAngW0C7lkM&Pi
zhSag;PxFH$x#}p`2$63(sMk)+6G-~2H588wk4j7LY42}M(XqkPjnD=N`+4lbD@xK7
zxMt46p2R#mUJuI;G@e^sFgq_);?5&kr>01J>(vV4Jg`u%{+m>@)|tc}X}<n{*00|K
zDOfr?faxLvy(@24YV)KO$DyBYO1~Y;&E-4p!MLWzoRksLIdZ9tEtCU0PM!SyhXd=A
z6OQY$IDo<IAdsVF!_wT>H&W!yA8X<Iigg$`5`u_N5$d&>UJ%T04f`ldrc-H>duHu^
zB_x~}rE8O6X7U#0-JFqr;T)P>LoPEimGRFvfE+7xgNQDMkXuERmOx;WK^!&?_f2=2
zp(rnrG_63<315l1+OzY<EN(TH8LMfprzTC%@6Oo2Dp*{<0|YC>1XesEu+b+BiM<pc
zaS%H>ME*c+p>ie`5GXGg^uJD-M7IpEVp)sGV-C`TXBQ|=f-_O14$V|i6}(UPk(zD?
z04N-R7~#Bel*@7a_OM7@qXK_NME+|pbUqSS&IL!?<K7(W7yf_PI_K!hnr-dJwylnB
zbZlE4+qSb~d#7XDcG9ucvD4|;w!ggRoO?gq@1MQ)T4V0Hs>Z4@c0E<|_pHF_*SXo#
zUbqUjxzdl?tIVuV#Uy?@5J^!FYF%WJ!060Br^wCiU%CSXPW^xtBx0v+O@vx;FYS?M
z4~QSz)E!#F-Ci$z(z>oLi}~#m%DA<9NB_J6>5@-T20#-~I`QZFs?Ewh{_u5m%4?jh
zrydmD(YTrk*=7UZJJx@hvyw&7L?Ykayx#y%<30Pg-eWBC2ouR~N~i@0f@gU*aExiY
z9v8xQHBs5%a5R^WVX9xMuBGM;2RQCodC2lbnfu>j|9;R(+<NtIzb!WRDl!*;#wGGt
zX09j(y#svRq^dy!HBI`!Vk+%9#}%bb!VI95M^Nr8c&~zR1uN7=Y7!E*RZKJdLsZ@R
z5MXqaKGV#$C#^qlDa0UW-pzY{DgS7!Ic$)*`kDF@O3o+8j`b=1+VF5;TNVYC1(P-3
z7pw@>xQ&ov#`*Y*b6^%FVKe_`4w7Ya5I3eNCjj8?jEg%b8_Auc*Jh&12e$*}st83!
z*wlG~hc@SwHl(Mmz)iw&-FWZ$3S5IqL{#3q>xqNw^a|fx;lwkJ754swY;r>K6-Jnd
z4hZoSzPuH{UKPE}JW=R7?(UEboHQi!)!b+A%DrK|{u8|A!JVkIe0ity@f$dBy(+%k
zNdXuvMa%Q@>E&yD?E7w^=DE_HAHar}EPdSV<<CT@;5+!~Lwx<DcA{2)CqV4<rkyOm
z$m`@`NLD5jh$3boIJ&Tw1qVA7a-LrDI9mG1d&Z4On&n@P$p%UacHf4<O;=1gKlL{k
zgqccf($g3IsAp31nG8#a6R09#P?l+L;KnQ2KS*H|Fa;k#!sw|Yp(Z*2tc>m%==lV}
z5dXyaANrl0?LYdRjfayPST8ILWc5P_T=C~BI3*9-8K2S@|61yvogpW$FOf=N(%7hd
zcL(+)eR{$N{LRcR$yQ)RkB6mq$A0B|rN5zLWfq3|oPWdrqVLue{j*W7br#;xiDoCJ
zO#Sz73~b%e+tWx=$(Fh54-2Q9jJ49zDA%$m*M8S7znI_WoLD$uV>_h0JWk{S?Ab5P
zqn41(hT`U@n9!|P()yk2u;rT`h4Id`u62F;IM+hZ=LaaS-_3=ea{#PQ&|vud!K27n
zeR0x5`NG=JurG77zOQdl36x;jDnXIEWSg#opt;z-q4tK+xwD~g+vz2Xp4TQDUcz<D
z?V5xV53oZeyIcy^xtgrZxf!B>(-2NNb77m+ksQ%q!>muD;-1UeD(2Ko4JP{edK!5k
z`@&iW;bhdfIVUaREZ4SnE)lX2fQe4--&!H|#7cwis>X%`b-oN`K)B5Y<}%r^3h>Mi
zkK0YLRs!1<jN`v?-1AO$iE|ea%rxJM6m~n#g^Yb`uRm{O{O!SatyEJ1MS;YnZQrlJ
zXHU-H_O;N$eS;$->Fn3J>JFQih(0u%kMp{!v}FzdszG=WmHN0YZ{VO}*&^%239GNY
zQ9?Wf^k2*ooZ)jS+o+`p!_f%4X*ZA<%~C65e^20D*I1p!5$lgKYFij;s)h=Z2PAig
z{4`4qBKt#3n-k%r5V>yxn6MX_lCThxZnxVUz|G++YF^9c6cxtnyA-2{AV*ci(ZHtX
zT%!0(;U#3H5&7<<UEkDyqhuhiC<nGqa0Z*3f-RU8oyiIN-~-AV_sv#czso@1b_Uru
z(#~X{2~z}1^DsK~GUXJCs-?kUKz+4N#?0gP_T>Kc-o5!pt)@dQ0PA%B;rwRPnunHY
zZ72wFA_c^YMs{<g+X7WJ`K2oLCmJNA4GIJ#4Ksul?GF^;Giq6JtZ_JhTnyCl6WUt3
zdUAzlMKeg*cnYip7JhVIG4=gtdxDggkL7-{lyJl?Wvynvbaf;PN<Hbu<iJm4-&~3%
z5v>8OoO8~<?Mvp@fCW}xTb~k*?2uM8Dasbz3LGv4H2pjA?1EQroOXxT6$&-I%{NYk
z!*Bj<h|jZw3#9#HHvt0S1CDaoneIBE>Xb6GchoI!MhyBkjtr{CMq8yd?!=M^^(1@<
zGT#;Q-5?U>dgw<z2nJFtc`_Yp17C;?a=X}*&j<I3ek3&p0p?9GMPb!&_b@)pk1;Z$
zjFe=3xXs-n1t{c9@ugH2By@km)S+Tmc?${C=;if;x;^0pRv{jmjB1b9M3E?PdlcKs
zY)cvQtVxG&U4eKwmh73p$U5S2fM~0kt)YAQ_gc=QW<<Zo-I>z%CFZ5wFm+2e`}slq
z7C-Mn8Gcol0f?tJiN7G?{w!SA-K;SD4&jJE8<)i%Twt{pWJsKs7$&?|z`YxiVTvfo
zRj>31P5U8fgG02F5o=VF3FWU~4nT^_!40h0BtbdTCSuy}1@bX9s6I4WSqYLr*2>Y8
z8rTEwe!!z54t4@cXsiJt?s;^K3b(k?avHuqZTIoZ3gGf){t9tBYBaL_xcc2z;QXrj
zp{g8tfTMYyO&<?2lgll6e0a0%K-JcD>NfdN^~9a5STh?}ag-+P?hmD~H`fEOSI>*k
z%g@Ab_P3$nPkR-H2-R&XUH(g6XolDaSKZ|mzZnCNgqr$P`biL1{#aGQAnSk%s<$Qn
z%tw*hQ-DeyjBe!5ThOz@n4ebPSO~kxvf4;k`HL@Tmu{z;`9wEQN7|}pVgo#3ThPd{
zzC(aDYO@IIYGyqr0wKeP>JmlnSI(tFItpVd3hhf~x|A`XU)kv@xy5#tCh$(AA6%iX
zz+))*rH-;FeO*>IjdBf{0^$R3%3KP~;G8&gp8({M{`estIAcgq=OZq@03j+C-Oz;i
ztgo$@3^ch{58L3BlJ1~&(FY7}2#CO#3Hog5Uu0l^6F?1u*Q-EgViutx@fx!)ta*$3
zI0SaOPZ4gwLT{}Mu!FqYVCNoEZS2w&<a1S70;g4^TBrQ8K%~>-=rQ>mnN*Ant+g0j
zqX67(kf>ZxQIKF*8Scvm%QhW;9?#~Uoh{ZK(M^)n3HXI>JMhx$zi=oA!Ig~?BuFf=
zQ?Vx!8E;-#y*W2*=@uAkYf6$Q$k%uJ_1r^StkyyNf*<6Ml#ZS4antAgb?=&+XSd%@
zcHWGWAzhf!_|7xk{jXnc5*J=~E%g};-~dw=nJo|7Q@fTO<$t3oIW?op?Z!f~7(!uv
zxXaQts3xx~OJN_hRfAJ5Vee`1FLuxRn*M&iBgEAk_gTyhz=gx?6iSvU&C1dqBl@Vp
zaWm#7Jz>548IU>yW%$uDPD)=so^*nlwkYgyE98_O8%l2hQE-Dc4h!!(on3?`!vQGn
zDas04B$KX*)?2nMrqAn#;8qf8)>{NNFzc<Cj4uSn8jgYPmCc7Eanb$Em0`Epio>jv
zx#4D|1-sQ*?=P^&Wk&S*l|OhNQKXpj8^;_uLj6x@GO2tqN-DdH%=+puS!}Q2Y0JA2
zQT?mePvYo8(nE_AMEFJJJ?7Kz)zE<BqaVAyb57kG-EvBjzS|({FP+fjS~%p;mJUp1
z(vnH4Tt*E=7nW-L9P=`e<uT^Q+H_==R9xC)M0(wQuyQm#_ll?ItNTOd&$&}qB$|u2
zvF3l|97^I3^tXU$Wtf;1vQ@Ydb9+vD)T#Np46WiA<Y+R;C7=B4b3yxBxS9YhP*t%|
zB=w)EOb0Gc&Sjx_<V3l!Yisb0ySisgjf8T}x-LQ`yv|Vaf)3|&UMOby32!Q4(6J(Q
z^0pqLjU{m!oh-RQMqIXxPFazrWw;YiV%m0mS!#Js`K%U3Z!{RC$!x9=_o)a46;XIl
zEilFbJO~|c-J>T2!Ib_2fjWTjdhx|sfBibv%4j8sLM{w)r(z9GfAo(N$`QZn%U<7y
zdlN4fm+XbPCx8EOHx#6|MHBr)X)LjQf_@tX`z5521-gX&6i<Vh3pc6Y?j+#1(Yw4d
z*8(O(%LuvvFT`)aJ_9R9qI2^pSy8mBJ`&`IDlds6%&h04Nv+xxi$g%Phvlui)Af4?
zZka>`2Cr44qCN(S4M0MTU#$SP&h<M8;i4B(0sQ%ih-G60;-7innZt7zp!?SHFa~+p
zVi3>aBBfBeDAG=yLeS0-jy#A=E55Hku^YS_9LCDYm33FDuiMs*Cq9OUrQV`))=z-f
zXY+%e(hcl3MdvP}j0r%Tr#nY*cj*0<K5Aj!uoEcA+RFcI-JYaaOhUcpk)ts$G9t+|
zqzSFMr5q;Mr4_F=*H85MCu*bRt&w`bjHMYe@d-~r?G{kfXZI$H@{z*62v2)BnB=Md
zo^lzt-?nY}>;9M7r;H&SZ69YE1cDExd-kjiC&${K8K3Deb4x%PEe2A&a5|{(q;M?k
zz@1aRI6rXar#4zLghgUsrAjKwe)EjS8_$8F=^k=@d3CC6lV@u;!F@JTD4xY)wXXuv
zAD#6q2X?YgSrHHK68xlXrak6#GsO08%l31Ot)VnQ*?@!!L1&e3L^D4yHDNOyO3cyo
zO?%JbR>FElZ1VxMry=hys9{y~foQFcy)A}G?Lrk7q~aAj`;}OLnVpz>b(Q^Exg0D0
zsp3jDy_LPC=_DM1Y6=UFn(C-C)&7>NTdXt>Sr-$!&*-v^KLbiMWiAYm^sa>HI!Cy_
zr^C^x?^Y4)N^<bzjJ~6XTS17rjpOf9@6_&f5$#Qp1>>{KmX}}VH;C{yly;1i|G95o
zK5Hq<za=@DLRm=VSd1Lma?*>1o1d84+qydZq=Us#2NEmeL9lXjvIF^*g@L^hNPsdC
z0w?n)o4nrdkx6axrnN=xt<Bh=@^R#x7-LDvm}d2wKCMTUcZ83V2;l(tIdg1I6iI^V
ztlWQ!&I=6^Ltz^R6>lAy1RG}_&X(E81jVNWXNmZAa;H*qo(zBSs7AxyP~U)sy@OOg
zS|ANz8Cm-AvHAPAvo0??ls~^s0p5(Q`~^Rcm#!SBEZr)syK}1mJcTL2G$wTu-v!wI
zglV<y@2fsT@LCdPvk<ePK}-dmRC}66LPO}^F%%GSW4Xipv<O=zm7Aqfz;ejMDlraT
zWwqR3F5fjFu3}E7i`UY19a%9n_-g}xxYK7VEp<yvvEsrICFk^={;92e640@t$|mFW
zBjfV9{7{z35dy*f;Z3o;+8M9Mx8$AmslGA9Ftb<rCXm99VL-$)YNrl~PQUPRN<r*m
zuaCF}DLYhM<_VU9AK1%Zs%K&<?t!-mHC|{RQ&&;3OWrFiq_;IXffK3~Q<Pcu@x%53
z6Ae_-M?btjXH0Nu3(*+i03bvlzhi7b)be8G<o2sWH<k>J1_yFp4p?EYQE&d!qV?J)
zOA~%=S1qJ-UVl>acWUbL=|p9y_Ax*A<#5}|LYLSh`VLN)9A_!{I;VXTbSFlq9oCCQ
zbR9C#)`OF1z<&~UuxqnmM{ly)|D>^u50fK)mZjXIkc5Y*w?;k_4)8h3U_k6|vJpD_
z%IU%vEm>}a^w5EZE=^!B&M((_csQqZ@_dyPm-Q`QoSD|MeN5IY8r{(P^ktCojRtFx
zH}0u6+%&-Jz-XA>uitM)g1mPS*|*ax;igLB*&HDagjFQ?f@BCBgb3rj-*&<cQ)JCC
zkL||ikL|7{Q@W?R1prcC`j)y1$oJYpee0(juRx*nJb5G7oH<4!wBVvmKM+R7YV>Xg
z`cv&}T#2F^nn7f9gk-Z{dY$uU{Wk&puw3IN8lKd83q~YuaxJ^RbVMZ}Wu)>eM3jWJ
zuI#hBVAww02fblPG6MNXE%foYkJA2SbLijI>O8W))g<uN5CDvYO|H6oMXh<cab8B5
zX`cm%SCFq3LD~;#f3ILxOZA37{4JCc^MVL)VgKXqivYQTr*BIH;PxBT@=Se0lOR_0
z-?MVAfkQ&BrixS85|n&h{jn>iRzThRyKU14c?T&j0VzrJ(p&QM{d185F{^Gp)lXTn
z!fa2e(5;^iL>ACZOgdwlpt>C{aeg>Y4sO_?pS$qPohBw!Z<nVBAV@avVO#TCp#25%
zGgt&e)Iu7<-$Y;BOeJDx&}7YHo4eCu#`k)6UnK>iPk6!@qO*n$xlOw(n`!Ata_k4l
z5fT>m#6+}(!$GB!S@04JK`CTO{m1jm{`z9)Y4qaB%RS)6m;><W{c+&kO^|3Q3yIZY
zD~UPVi2l@ox^T80g1b#xU0Svq4i`!x8Rg$=hYNYsPJwKaY)bt*f&K(f03o0FFua3%
z!C5*fvZn$s1uiQ}##8`>VAil>gO8-@;5oHj+?H4;u(I$3g0@0BG=vDX#MEoJ&p+K<
zrv}ooUklK^``jTc4~(>fT)9qHCN6G<>ql58THIllR&^aw_8Oh>LyMaXH{WfR?@imJ
zShd}tq`yxvI;qf5JD<6nEwh2sw?tK<D=-oma-Z2(+((*Y1-*xmUj&DW$*&BZtx4^o
zAqQ2n$Em!c6Y35;>uf1nx#!{<eo4G5FA~lKjsZ5WF-|ar`SQ&vI>T_^4sb0o3=ORD
zOZn@VUKsXS*OG!k@ul@Zk(Z^%PSN4$%)ov^9SsaU__=tUPKQTeyQ#Xm!E!)<hcSz~
ziaf`YR5DF>bOg5;uMUjSldMNd##&5#Fw0WJseYZrZv)5l0f#^k%8j4`EgXKRgPx#x
z_ziGFwo;a%kkd{OApORD^5LxKta`7b%%g>rr|d7o5h~J~bR{^pKxT;6t5Jb3y9@tU
zF`lyMIC_L;?am@NPf-JfIYKZ5e}@wVG5a|V$K(6$G1X*laAJbHQNhxKR@))9X6|+J
z<xi}nPsp(_cUYzY*0p<AN=SC}sm0Px$s)k7KJkAvOt0Zz)mD6moVpRjZkF!p@4}96
z+CqhYK&`hmw_%8)bva8QF?6a6nB&9+i})GVL@gM>oaIQmJgm}w5wA;=Xnt)gDxN8>
z;o4J;%UOp=Q!>b(l=|(S<<)xlRFEdzCdZX6s463gmx56fR(lxnmsLofar!~C^#BCn
z1OHs9RqG;+3ru_c<e0Cc)96)#zICj$wEojL)#xXCcn>Zoccft@utF#9oG;tU!Z0?J
zp2K$=OcHHB3iF-Obqxq}KWts<<;<HN^(QN2oxb*jT!i&>F|ZO;IV~X)Pu7RR2rdI=
zB|usHcfuLu{x?~KVX8_qxO6<0%~C))jTnYR#aA`ibtkUotTb48T7X=VF67yw5cBEb
z3aJuaAY-fQ#}B7bGziw38(Z3UC8UTXP@RF!u8;y;coaBxN=P-}nu68n@sAaIXBO_m
zRfly^nsUkU@1^*nhpQoDPO(B3G(T6XE~%1>;3RXTiP}>01FXhd*5_z|SB!xD#Wp2d
zDC?~Y9M@mkvmOpL`iPCEM<qUq_t2VUYxXC;e3qHFMnb+UjOf)d*qYJLQrN;^yp(B3
z2KH1d&(1vgB9uHWPR+I*BI`|r)P6SXgt3>NO@4q=z4JDZ#HH;09cPv(F!Z;r>D~Bs
zb6rM#ef|XR+{c5VxAX;HBo{you|EIZusg#Gv`$qjHu{JLsFy&hPE1W&TCANNjQ=%v
z-ya-Z^(f3I6~BtGS7z^pQ_90n{-9m$`fZlu#VBgjzYEEd9kkxU6xsgn<!Fu~0>xv5
zcfaQU(J(7<abFsyGAe_^)+Xo=R@@FPF}zkEjMxYTTqsGvW?%!wPk@rO<$LiSdsT|?
z4d0np)z1bcOoZ`3G;7<FoaAB>`c*0_1!bWc0Y6K}MwRt)@y6?^AE2is@%)8z^?92*
z7nW-&@UcZ)$({nrcQiXR2clQ%`yyirP&9+zrn2VTTk560#kJwjJxm(=3kE0FZs<58
z1Sk5!sA&QRnogU#+W@3CS|%fnPF-Eyax;>?J0K$;0Av(R;bWw=bsjTUavpgopxI@K
zBuAqOTlE6UxF>CCGi#W;vyB=um8mRBnudR6uEu4K0mIU5Pi;7~7vAqysLt#S1)`Yl
zz*=%8I$GD%fP4asOHo}*AZSg?vPLq&SM7l%d~DO6xIV>KF+x9va-p6c_TsZGl%hK{
z4Rs`wc@UP5a(C|7W2LX^M5PTj*=8b}<%?El56~zSgTx;{ng-`jSSnrC9xIObuyY>S
z`4X`(?M$1J`W5xF{3b9zi2!hnYf3nb6<c^-wWsb+{p~nrRVkr@?pH&7CQ6VW#|6G0
zxcR)GfJT7UQBlfpYom!#kYgF?k4DkN10&t3-d_iM=I4%bdO`H9`|m+c4k9>{HXJ-b
za>x^F<Oh%lh|-8={sD=wEnlSvJ5x>VR#KuYI2hY0T+1;0z4el2(<cD$kGGp0MD3pL
zAHF@-P!-DJ?j9FcIWqs!CPnW|#0X`@yGTbzN*E*^GY3jCc38K4;)W#l(d*_eU)to|
zrk9-wV$D<;3niHRdy$csKn*3eOfA0e2Y+|*T<bos|1TdF|J1i_pWAo6AKj9bFDO)A
z_d}OkI9s7V(@=7*0gna3xLsAl$IomU8$DAddBwBO!T7)S-(F<&@>bh^9a?cPxcc5z
zwL6srR&sr8FIrC~aXt*)YV5UK{oW<e+#gI7L&NdZ{M~(Wp@ZoyydM$0taU3tQnrm_
zfOu(<X$C;u!dI{3vW4Y1V>@fNg%PuE{+0h&49+eZZKWyZ1wb%_+8=<z0pibx3q||r
zh-g|%E1_n|L$%822{kRMY(<`?38JE^XI79gDC)jFQ0G0nPk;UGQJNiK$;D)?q^Aiq
z3Z>#Oc@92$1W@`!^~!xmHDG+=EP+aVonE#8gyw#NrD@g`{*P61j(?-4P}Xp4%xs)M
zW-SqbmX5<0nlk+5{eTb!l8<!|!8Ty?V3sXmw=taByiicBiechR&Qc;3T2w_{``R*U
za17XB<4Q8lvWpHy93%;6JG{xh^tHGl@=7C7{73`LpAU+jj=jPvD<(cuZ5E_XjGb{N
zA*WPE>dPsKDJL@%P+7KTbNBc*I;L`^F8Bdl`1QIoLoi+^fwHNq<Pj{<INC&%)6aB|
zug||7vY*Z|7~<sVTAVqqY2x@xG<j3I_H2{|Qyr+0W>~YCR|3f+wPtk3HFJE0!Q^%?
zvOq=*fAWQ=`sn8+D&OD;7MZ68(%clE8qs=WZBh;^FF(SRNC)U*RWQ{|zq<IzX`umh
zq7QF|&QefrX(+hi_@i`17K7p|hwVIcPOvb4Z$LW{JaI-;9S(f^wGW6Y^}9><se@OE
zi)5{i@6<4z(@efj;VKYE9wtSz)S*EVZLAeo!}pQ_;=Br^;qUxl(0TK9^J{GT5%U%#
z6r=lvrC8n5o=PnEIB~uF8IeZw=8OmQq?Qt+Wo8&mSxj~Xbg}+!{9;W`II`hGSSBsG
zueKL`ukX)?rfzm#PVTb)z$1_3*9Nv*i^meF>!X2WD%$p*__|F_+>erD8OAqI$t4*H
z%2yH_V!6K(w&@P-efvoe1RjYIY&&a_{g?T;`((~{bbX4tOgQMByrrax*rO6)$L7qP
zIFgR(G0m??TmoAZ6juLj{L7p5rc;<&D<YV?j#4^JD_YXC7`4PtJ?GqKU0rv|>*i8u
zsLd9F32(uE5GLOr0j70PjG5(h2=&_kH;hkYu5XJ)n5jGm_42F*DkvJv_p}2uomdq~
z<Fk8GL1EQY)>o`bc~M2ctdT50a~q9dl?x=ZOSrRRtpcLDLfdP!k>2690s?RCx@6VP
zn)?7@?1s-)EOJi!3d`|cjN3BFFg^>TYC8%iy!U&z{GOITakpGiV}%-;Tah7V{l_Lx
zu@H3nIk#cp0KOHdMzkI^wyz2cJgHn27=9%R75{HH_7r>1cC3_9C`>s(j9pxbCoV!9
z>+DTez=~;s^r<h^K+woOe!sLRREI|BD=w(GkQqO0EG~p+DvJr&00y<_!Ld4|MDkCa
zb8{^}vHNa5Q5vS%Uor+^gEV?jsBvZc6O#9=y@?xi+2n9#dSK(ecw!(DB3bI|76Bqd
zK7kA|zi;6k8y5Q<4XYpkO@~w#pgV=sE!>t+#eYrW#m82rz)*e?s`Et14RIw)wNmli
zKE7_acl3f4D_)oYgo30mi}^_Apd%W@^?2N9u33&F;Yf^6P`>ZwA%({xBfv<g&EY<G
z;og;AAV^cwKN)Ww;Vay;x8XqQA|wj*yj<^S%;NP)j~Iys%651I{M>kYv<ryUMFLJ<
z2Yx#+O&fHlGf9N*KoKc`{V*fc|8TyY+TUr-ydBy(xIce3{#ZYK&dhv1hp7|ZisCa+
zUdz6{f%(~>!f}dzaOF3fgD6!b+=W#dG7t!5_Mog^P@$GQ*L0Pzj9c+#C%#od;YIUl
zt^K3Jjvclx4OC|ZaHdx^Y`^*lm|_5nxuD38wN5xHJBad2{xTMVt25Z{)3l-Z6_|xk
z;3?$Lohrm;tl)#AhCSdfR;@i5ErP|0!QnmmJnCy1i<-~r*7(|$6+3(CMvWZF+OV3p
zHLv^`!wml&;s`EaG$2Fn<?VPwSi3}QoB)p}-itEf@9{wq0DO;PR6pnV%I2Txe|Wdb
z=tR#}c{i&<t^!_#25mdO@|o+Fl}msSJcMSygSvt+y*JT)_HN4>*O4lzS`+3JDCbR!
zu+pFxgZ5E%EN37s_}RAeYkqry%b_T(dv*R@3zS6aW+jHIA#eOsz6%J$4;g4p$C3-?
zzbQt1)C|^uZ`H>q5wp%Ko4^{XOr>#3ZN>e}5M_&BTS5D9uS_w9$I3F8a^DjKzJ24C
zpmgJEcI*pea4_3X#te{nEqBG-37|Lz=%0uSQ3O;Muojtp@gywf`PCyC1Gw6V$2_>)
zJ3_rAA1L+_nKf%piOP96Ag&ey??KNl%qo^%M#cVsu~snLF;X~E6H{TZaYQ?3<=gL@
z2<#A$>>e_&o?DsnyjYm5jiN!%lZHo2MuLC%Oce2b4}Hz9w#6rTd@1s0?LnHaDxDx|
z%@|{?V2AWe!LtYKapuZ2Gr(OnSV_VO`h5(pZj5ZH0(FP@z4&i?EU63>o6{Gzy~^pQ
z)(=GiyF!+T3pGUEwyg;HLNE4P5luk_^PucO39Vm1Nyw%>LWQvRR;8RAnI0WBm07NO
z0nL;rfrJd581t7W-+7a<q0Zh&&eSP%+Tx6k`VQimy5&B4fAabi?~UB%x!{-U;z(@K
zVSgTP<cuYTvd_Z$ak`p6k3p*X`~i)Mmcs)efJ$0wE<|PN2MaZ<=A2l+0*?9v!jQg_
zK*gXhAn%X5^<J9+MopGA^Bf_<nj!(^7;N@lLKF=Q?2vk|K2*>?^9U#cF?;>KdsPlC
zl6sKPuskHIN`0}jPzu7z_+@3s7f`}&2p$Uw4mwANSf&yL5SjB%J79yDd2af%9OVmG
zC>|0b4Pmd_0vUx%ToV_C+-N<C#o^#Z@nw(d6nI!D!U=we?WBnoxm4qK%54?N(CAN(
zJ>kk@Q`L`wV@w>ccSyDZ##Y^SW^*{5uz-@KMU{YB-mq}>9}RiSC|THpC^4lSddZ~*
zbZO&Rj}11ezq@-27NbHE4rQ6R7mxr7iZVe$gJKBiJ7||OWefu!`j4RbQ(qx^=lzyW
zt~$C$>ad@_5t7KvFxK%&2|+EWmq$FK4s%eP5a=Jib))P`V1aWyQsGonpx(@5*Zv^E
zo>C}!hQs^b>#QSOkYd1;5R+t!<Q+tzv`5O5k0sJUs&Q`wBO}5~@k8@9v}^=Gi{0cu
z*(Eq#J7zQ7mxCrH_OSTEy+;2~_q$B~oE|-%4Tq6`z@|_(x%a|%3Ed%N*Iy2Fhhb#E
zCWQAS^ZfJiBmWU_;m`u`e*C!DCk_}@+M!OqV-+e|rILTVxWXF?1(io~(o?^Df$xHd
z$3dcoF>OBo3|fY40z6BhKc@qX`SLl)*!R8`rResuLrx%@M}@FyWfB+kt~3BPl4kPU
z{V>a*tt@H2VWSQIW=cw4(1dX-IY82B5Q2H7VK4u3TV~j-6pLrJY;rJ}H<qj|mnS5N
z!40H6Piy~GX=1w-X0tJhmROi7?|rCO3?jM`%A2{L!Sepan5$S0Nb&iXQH?Z=YJN`Q
zzNbT@FEnXp7%b?fV*bbLT_473ElWzvJyD2%iipd~#6=xcr~3~)qKT`KX>Seq^Eik&
zI=e4*m*U5a^s?<`x!u-SN7XsLWBzeJ^o-x+>*s&}-VZ`60BHt5gxflvQ7gr^XU94D
z(K~7cZriwZo(CAoU+mVXX6F4Rpv;ih`OBL?Cb4hvAD~2~fZz)#;rIed`cAQT`!?b8
z{sojgwTz+dOKjNc$M#SFo;H1bexE`&Sw3p%a{!)Sc@KI2NC`iv@bLvSIfA(D?mV$+
z@ab!4QJ(x`Q`1)4mc6BW`U*$vVd6$b`h_ltGXWOYQRc~;@ISB4ckZM#Z#>Z4zkm|6
zK5a8h`;+pn(*%Bahqcu$8UNg#-DAlk)d~m5ZWk1B0k(dlh0d(Lm%awT_$P^_p~DIq
z9K6IEH35h1iQAq)TkwtJUj2XbBxevN)+R4JUpz_54eb|C(%}XChbM_>_6Fdk9X~3H
z4eD2pcNoiY#)D2BQ^4#YJm`&YaHOR{X)(Ly7phEVX_8^C`v?I6VP8{iH)(_nBGvFR
zzr%^Kp1+4ZLdn>H|8u7OUxfJAV)}oZt^XeuFKS+nW=u*(7C^_mAE4a8vAl1fJV5<C
zD=JpjuR<0TH~|4TCQ%1_S2KH87m|OOwEyec*M0uw;Li5%*nf!g|2OuZoBUs~|IW+y
z|H=C=OSu0tmhInp+5T~g|9|rS%b(`|iskyJ4ZxH_Oi=E|szOCD;6xb};XfFS3LNV{
z)i_^=f1k1a`;3hXh+IwzuSfFLF*kcx5*B8lemO7LSGmqc9zJlQ0t<o*j)e;dsA2$P
zWd-(C5CeTGQGxIU2v91loN%n1K!<8!U}gaV@U)TzNLPpe?5gGiLRTUJCoA}XI+X~J
z{}qM*--&=Rl}Hf(`R#wM&Xkh@w<^j0cL+h16xdhtk{T{hE+9)Y9`LDV6iQTGUR6;Y
zI9$61EU0q@Wd`EbSK~2%HJSMz7d;LRPCYm#aeEU7Q!9H55>7UtQX2snCtFg3!Pm32
zXkdhr(oz+X)^5yfzyt*{wZH@4T3~_PO?dzMp4^NAd~fsz<pgfm6MlVu)++*!n-GAN
z<?uj=8gejBj(^et@k>#G$PH}3s2V)rT@xmhqP&cnj0_ODxdAxQ3=a%whG|@C_5}M%
zpx8zTeD*~E!Zq+T*0(Kyf^l;FyFpw@4WhuK4uY?aWerdP={qN&IJo|KGQjI%Ea3V+
zZ6kkI81#R2c5Gk>m@sISG!z94+!sLO_}Ae28i)TGa~#~j*?o2Z7aI?YfWUuVEZ~`y
z?P>KxRkQOUj?~9tgqA%cfYREgd0M;LgwRPs{6JV(`M?W_loU2Ws38f&2q}U2Hyg~3
zn79*>b@oh)3h!g}<+{pxjXXC0a%)h|{3Y+<uj%;9AY$94KQ?W-ukE?7TJ-(aV135*
zC2bJluOo~ufG7k(R3k6_$(8!FRrEBTGd-!tQd6})BM4O(=1|0vA3uNRyiR7oW`a6&
zL86zSYtS!sfM0}0>t=6k88nz4Pmh)rrTy*AYiqC6tkGs$X0p1-Ol*JnsP79zb=evK
zkUxcsON72k4ids4Jx0f8^LAh8QhoM5)uFR|K7M}W0M0)h{DVm1Y~!z1P><W$#wP^4
zH774t_?>)qA1Tfh`J9CI4ij8&@}3q*KL<eL0)-X&rb!v|YmBxpPM3afT}=<m6Eo=E
zb+@`7*PBiFX;#VU7bjMw`1fizx-$w-QX!$^M|i+U8h^WHbP8D!qbJFVc!aSqCfydH
zC)1651i*3`vurESlk!Cn4yyD6SET8`b;0-;^K8qXk!hfGM*bWmGRCY=U6J$^I-^=b
zfsSYn0ly}7O5hf&qVj~uHAHU-!8DSbq=bNwmm{Y{&5U$3rmYW6ljst+{Z@j`7Eu_&
zkxv<i${B)u&ABb>7?}<c?bvTLl>34nua$^y3!r>b@a+9F)NL)UJ*49|alMm8dYBly
z0G*uWE$%bdewT}WP9=~@o<5nLCFtcE^`6{U?ox76`X{T!Lwi>TeM_bLe$n+1_i~!L
zKF5sE%EYd)8P}Wl?>T7=qKDx@U%E6KAh+2`gD`%AchF{M^RMFH%Wa!yzm~X`)fQ~q
zOTc>EihSMfdgQr4I=@-V=Gjo=eq-+Bb+#(YA$(wGFZ@YqEEEXa-I4i0x>lh*Wlg+(
zBJmx}aoT#97+N+SkWlDyEa}&xFX|nu@}J1i`_Px2GcqIMtkFP;1|MmoWKuk-XA+65
zgOac9tW-SNz-L{lzVA|n->2Cr(bI4*KmezWMwWt;jG3^(F-4^U?J!NVb)nxqN($<5
zXAUd-A7B#&i~lgmK8zPpTqP&ojHh5*PtP+)zRW(}JeU~mfcrrFE_2Q9r2cWixE)Os
zETE_Za@4^WnTldX6I;kP#0Df1oIQf@B?zA#(oLo%V=9-O6DCNYPU;6og@*N{ssRvr
zqx#^fT?MYDtyfjg-^f`CiEU2P1K-eLN#U!v^VLV)?)lWiB%uV_7sPnXBVB|knDHvt
zU;mo6MLZ(2w+<DuV@N%b&}gAnje$7FPJ;D9qVK1C8xs_W&^2U0?uLHc^0#K}`Z<)#
z*#XwX_RZX86gRLUF*YH?>{j&nh#qiJS0R+YDG|@3l3_>FfSB%?R9i-RmDlyFxO&VN
zDhvGAPR-2A)mmBqJH@;B{<Hdi(-hMp=5Wh=%Z&9R$r`256#1RVmZL$CfLUfp%k#F3
zZuOS1&fg5j6H{HwB!e{pAs^}6jF7qsxF{MsaSes?7R`yqXUK;8R(_53peX<mRf?r0
z0fRVUV@I6&Cj<RQ3gZ2w6JtiRH7r`*svv#H(#%WgRvyZY##_W6tP(Nj@LEP;7nI{h
zkM;6^iW&$bQ^1Yi70r8mH$F1NCnk)iLkRzgEv!UQ#MyFkN#KvX(F7XuBf{if(P+b%
zE-@`QxTjvVto5P^u;)A>*-U^^W5oAT#*~kkgFda%&~SI93}h8mO>;xvnvAl=j%2VY
z6vR#HHW*6X&yJFv9q!>d{exvjEJ|XZWW$a2a^@VM5G{I=StJRj)LoKot;+9>LPPK$
z#O^a@%fg?SAo6*$PNR~I`CNN%8;{Q%!YZpsufMiWLAOA;GvhtlvXB9<SVDAo7q6gm
zj(tBrLR9sFN|a2Bta>0>Fpvf?<tLkLmg2*W-lDZQ#aF4b;ML9cIIHOmT%yCi+y<1T
zbc%PH2(#V@n}Xo~-sx@8yFbLbU1K6C%VgV#C`Co5<;v|_xm+C|V+HS&Inqaf**k|8
zCbjT@r?SOvgiYA_#ZLnq#L*!+i7bPbTe2my*YF_balV#!4hiWGR4soa=He5CMj+tr
z17rAac}KW4q$vujv+x@3Qd_*Gj;(Oy<IeG4v%eYDsH)H8n82#?-kR~AF2ab4V0D^O
z+ES4s`rC9nJwGfyIP}V1*$t{52J+{UXy9jnTdL8J<rW{7{K^NMA*I`9MujO%GT58=
zUmVxkf4u+-ozLxDA07pChP=lOKi*r6Ah8<sP8ydoFVtu`9oMa@0-M<@4RItbzD<B*
z+l%UYa7h*wpFxQ2qUyuRG4DXP7G?W68<^x_He*c9RH6$%k9b0q@tl}s!^1n{!Wc0n
zrCc;j6*}54gcAW6S7Z<6B;Nq@u;M=64LA5>iLlCr6pyQa8s<e<1&FOnC*GFakec(!
zQAF^T6qQW8JmS!vkro9>RUJ4X)0&0qK$F>#T9qib&CZaRFhVG|8y&9zXKxy4E1Q~2
zT6E<|huzwaS&SSFujt3vRDef2$)=ghPRo+x<v{H2EocS&ne=9zoX&xrkKNPPbFP1(
zMcgefna4hHzEO(;3shDqqXl#QS>IH{(?{S-#_C^MdgUWi>=K8Z{GH0^JBCRp9fYf!
zenTzFF->!)$}!1E^6S$lj|#oq!48A!&6M#mRM$S_uFlfwX%l<adylObcJZ?k=~hMm
z^MY+b%Ska{C?lLbCIG&SiJfAuKh~49yFkR;d`UywpbM01BR4eC6Zy}+c`pwEPq~b$
z8EqgMwd>7U+eX{j4<QG4=dI%n*Be=fZ9^#=V=H=?-PbS)?=z$moJe%?!k^+rq=K^H
zil)2DAaIL6v8?HAY*;7V6&;ZN^q{Q!w#i3C=p+^cl4zACF72z%JLgauD(1*2<`@s+
z88y(!)7zO=3v;fJ8OP<xax0wYU3IMPNHM*+t)aDBQIf7^;@!6HbFlBSdbE6yb)m4u
z2m=vODP|YLk7QU8p`3T5&5TuKz?1?^{gV1dJlU6_U4G+7&x*Ldy|3A&5{7!X_uPe}
z_iBOw6dca2i}RU^JN1=3DWY?r@G;*flPQ<{<TiDOV_%7i#(bOgDYzRL`M5>s6*aX<
z#uh5>tzS%BBXyS@-%g(6Dn87GWrTfQovr!)LQ7dYz!@DfEu60T)L^%yYXM?<C%)Ov
z%dJ?FweF9?aUfeBK{I{xAShIOmQ2Cn$SC6ie2e*3?3b1+XxdA*N?j0^{0w*Qj@O<)
z@dNR5YSgo6#G>AGi^Rmv-0wSr2eQeD?%xV2COz+(1A0V&NafH%?4$_fRZ(ILSR!q?
z8WAQjB|P+9`Ao{Z$P>aZs^V#5`6cgp>dZCY>0Kiq3u(LRywdQ-oN*Nc=2lEy`h)m+
z06_P-994Fx$B>NcsA%X!G9~+z2pdyidG}opMcLp(@401s@069{6_}AeWsZd&+b1pp
zyP9mJ27;<ohKU;`UY5`bazGQ!7A;IfoQ#R1ecy!YB~^yhEIj+jm=)CF`Mp>`FE<P@
zcTcM)k)n<49FRY{g0vMD?|J{|jDYA3fUhqmoCN$uT-$vkWhgF}74xs5$B{fG|Jt^V
zNTGG9oQI5B+Doz&k{lWl&ptvT4jH_Mb_`1(y=J+&5%^u-7R!a-9nM9cuRV7=ABZEB
zTz^xhP94^YG#vQ~0wV6Kq-@A-)4P8EQ|TNxl(kW(g`J5~vJ1`Y7OQV3#@9^%FnSn#
z6ST2J|F)zLt6n~>uI4GkdxxxV^ut~TX%wnGG_<+Rzv#AG)VZ)n!3@L~d~}-bI0)>C
zNq^PKuLYM$Sl)yHQ!@(+SO4ez{-NXSA-7Yys7IS|xf}(ktFE_GElP)Ko`E`3d6WaM
zy)(pJ!?`|^Q^{aOg|mxz3Z;$-0HxxVy}egxnN!_0yEfJllb~RxK~%bY<b4;txQ_(l
zuuio0^8U}o&BrNNCRyuQ!=Qa9mXiL;T44ALT-Ee8tyd7e1m4dSkfXfO6e1(6FDzmm
zl*;|{eD1F+L7@5yq~65jRPQi}0OQ6G__>IU*A+yuUzP*tYRDQ(syZYqU^8x6H>GDf
zLIb^-LPsOdOKf03P5$}vHoV2R3xDt?kX#%$Um27K$HO$3a$JvY%HSDIIzI<GJ8$>b
zIz{_q!!xC6;P{TBAajG^uAJwjR9N6(Ql0)C=iOiaa8<eH`(bm!tq2X-GAOrhG^s#2
zEMoK$mGLAMw0StMr11qZfLlr#%P)v!I}>GvV62ggBJy}^5DJ=DNr2ep4N4?u$Scj9
zDC;v?Td$P(Xk#=2kND7jzr|Jc<;(_su>#~=eXQJX80B~iOLVqp%2S|G+7kypBmR3t
z<=nG$p~^4SCseB}Q(DPN==Ok%aan#+0=oSEFj0Z<E>v#NZtzkEz`N0Q{x{*ANHDI-
z=|;PEw?#PR_B@&@W8@X-Z!M33h!+Bw9J?I#z~@!la-yrM(D&-kmV{=N!@o!h2wtuq
z*Or4*d5=jtu2$ai_){UO9pU2QijBkPii6B9gj7OB6ej16!zo3S7M98B$NfWPM9R#P
zT3O1r`R?hnGlc_JfG6qlj2IQK8k{7l0lJtu>jq4>912h&u%s^|vH@}ySTY)oSvB1s
zNeI$fV*zoPk;Wo;Cf*nKh`o^DBDUcvSR9ypn#a#r6@rG`_f;pPoNUB3d)}9DF>YXY
zaN)m6?ydiR9NLM)efk<H_}Yu5w}D;RjLZK_^~lyc+)u<g0#M!E#cqIe&PKf2@|flx
z(^}c0FKA?(;ML5{e`LLc<yGmIAmFcPVr6wnWAK-Vj>W_UcZuy`<3c(UF4Ybtd+SGe
z28RM!C&%ce+g~&@w50l~>Kn6+(GFN1c}#M42RGkJHZCS*Xf)zw+b@KTW(RCzioRJI
z+T#D144;Y11SJ1#lB3m08j}P=(_p@Ii8->MMVH@6PHfM`!gn~bq$WwUI`cc*Ezy>W
znMkrDtbBl!8*E_2-z%|9CIK(ivlh-xXb+Vin%y&e7Kk31Tr>~n6KXxAc?+?m*x$lX
zH)JtbaNhWOE1-j*Hu!2P@1%uJ2y|JMTw7gkaEk735a7-=U4&5~Mneq5JNwka@q5$v
z&!e$o7s<^K?$rGQHTWM(SakwN*=FDH+**4n&=YgZqXu8R*k4lcc3H`g)@aFmgq*aO
zmA%jY_K4eYnxWFg=+LN2pBP~N6kz*Nr|b*%ErVon*f^#CUiY$k<QozQm1CE{j*N<=
zH}C}tu@(TdYQ?-~k>9o(8Q%<~;?CG3_FZ5aC$h~;{M)B3^}c(pE|rCqSL#U9`qxVK
z)y<JmO&qHl7yFv?Kyd8`!-~FbAUXaAM@LR{)~u~9oNo$8b=w{}f$P)3!tx5ZcmHY|
z=*_d{Abe`2NVwusGXtn=o;vZ7tTp_vy~Q?!yfHwpatm)CKZgVXIyN@O9&isT4m7u+
zS0cVU!2rZGII$zO^!Hpg{~;X|$om@Yv_lZp$&VgmRi}X@aR(z!r^SUCW#ys>YV>5W
zuT|E1MS8kQ+uLfMv%f_9=nOFr((qri46YFWz>B04JGk~=#deIWD)@IdU{`5j9^33E
z&8h(U%OLDEEy4I+)97C#DzDTGOzN)^GV`jfB|YYQ=DGz8Djm5M%Bj}Yy=+%b{)&su
zB`v3ak+>PoBPs+}J4@_wOJry`wH`LKgY&W0Ho0Fej3pJtC}f&Dxck}&bOX66jifBx
z2`euI<cKP&P1r~g;@8_lWk6K?3P=S~v9kfh>9G?hH|Gy@1lDhtVK9Xz=xAm)lL-DI
zT`F<#mcD^+t~&~kM<^&lorupLcTZMR$Ns{SCRXT2AY5_o4!=b<2y!YJIgyh=TwHAI
z>~%_{tHICnCRTo|>sr`CVhjDMP+1czykpU^mwi#)7Z(DoXQ6qTp3)3zovUr>q+0;a
zzEe$x2|Cs;H9v4HMGVM7l;nXCJ0`iuA$)hAxqMIzTHZH0pja9(@`SO_Xh=NGC}p)2
zD9-1)&)h0TjH5C}CPwe2OO_!fkCt|kK9JNB`z~8K&>eg+CeO=A06&yeA>$%50t&~b
zBH1txxA5dc;nq=`-vs|9ZoxfZ6R`osEs8&R%dcdGllN<SCu5o#B_s^t;?|Bt(3cHz
z(}-t--VBkD*VGI;K)Rv%Y0hWwKQ>RTQ+CT1qDLjIo<A{H)P^`IkZcD$W9gf?eH2d`
zkV*<p3EEN!Zq4-_PvM+9|Hky~PVk{CKtw@|6a**BE?~t+FB1{e`+vXLzM=<YDmsdm
zF(<t?%-_;~X(`cojW$Q}AChoxp=-XqwRjGS<jLMX6~>B`cDEEwczR>8QPI&cWf8SD
zWo2cx@s$z1*;^xXEuL(_9l=vex!nPC2Ii~uW?4=p6bYP-yKH-`_1Rz%jf3q?@-9w7
zLiQ1xuz%^0B4OZUzk_b{mFNR3Ecc)Os(p@Ge|9CGL7<3U-tx7WEcStNPpP6va^{gJ
zKw9k@&S7EUpTh}Rh0zfHCO<w>IBg2PTmG%@x9tpnO$2jjz%vUEbrd*%&NZEd1=#|J
zCmLNSOW+h95+6sVoj34w-9s$+fjsk*XIT9hdHAK2TW60=$7TVSVWb8yiN3qiEgo2%
z&T=DGERsPvgehl)l1im6bL%)8C5tu^?mmoo=Z>kl47Z*^dl6{yCBKOZbv_BX+vLsk
zbIgUoA4G{LFT$#lMY3Y$E-2tU9QSwN1`8^sC^q_WI~8bWu@o@1V72y(6Xs@9hgqek
z*3^c+M<?fanOLP{Y8e0!8WGuyq7vm6a%N0&7pB9JFtVbNEXwa_{U`-B^EJURvok7^
zVZX{_jL7}&jY`n5XIYPiD{Dj9^3?6d7&ux4M~c--OGv<r0u~l9tl%<&ORm%I)xs{4
z>B$zQ`;l86yQMNqn|1Z~iap^+(5Pc|%u9ax>gxL74o`Y>fPDf^%;Gz=;ey4)kji5s
zJ3Oq^qyzb708XCCkAZb|y+oes;@R@nG7ivOR!@#yna`7RQ%#X&77j02>lkYv&rofU
z4MeSfPBGN7r%%B}+38DMdoVEoIgc5=RRE;M2@8?-MAw;#TaHwQRw&%>@p~Zc{Bg!e
z>Uj(c#@LI=O#A>^g6I<V8kOTdgf1=gu(;*l-Yf`&^gSu32{_-5^W_<5TxaWkf^}^8
z2IqG)lr~|`{K6FGb{U{)28vwR&Tesk+eav(IMHFBEWz{67@r1vk<nW4CWR|nh#SBA
zCiA9Jlo+)XYCaL02Sk3S=009%W{~77h;M^Ss)1PU03!yV{A~CDc~6sBZjTJww@>Mu
z?qBxE=I|Q(Ba$pyo~>HM*yj0W#l#h_z|r`j>mZEDn-pEa$`b(=IZiE3o)Or6NJ{j^
z@{68LGkZvpK{G=Lw5(#X$FyCaExL>@<82{DehS~yMVZb!H9bi`g~cCPQ#s3p1-_>M
zOBq{zxaa|3Hse+mYC&FqxdyQuW4D7dhCO3R9d7$nU*1D<x$7H^D#yl#Ok9s68!#d@
zhsr=Nf7<=!s9d!_;E3iG``+6w-=8=8oWg5lwRzO^{d7Xnoj)isw~a5|j19sEC+hXK
zIK|#E-rpW@&p)`<=CSXuI_N+L!MR1U^b!)W*>VXG+>FM5qY?G+CxjCSFY%|6@=kr7
z`9+JuJ^$+G``~bo<LlJf^?Je+I5qQ3dU4X%E8v(;#5eEv<+pKpAv#O-_+%(-@co6+
z-R*r+p{83-vuJ|OE6D?KVIH%fq3wsVN>-bv`l>OgHv26AcL+KlifFhZZt;r$)tV1m
z8xs+bc99LZ-}|10lt+ljRTY9hE6472?=y-d?^B1023{)LA&B*q?-s$2%@A9%t<F6T
z8Hrndvrxtjup-H8^%e{R)+X!H)uN_kRKlNtzAvUXTQ)lKW#^B8G!X{8*8fHdRo@6L
z!d-Lr$NwS6DMUPt%1ZF;h>~kd0Dx)alXC_HqK`tDP6#(m5Szll?II*iF~@-0UAOJ$
z&))QsC4vxbQ)>Tdq?owQ;`Z9(uF@Vg_d{B><<7j`4;vW_kx(01;964SV3$}9fk$n4
zA^sd7rkxtA&4X&FzD{kJ*5dT}6uNE8ZMxG1Up|T!CKL#Cy6ywZoJ@dI?(EB3Jb(e%
z2Dz?k=QU4EDVKywK(#@^@TQgOW|s9()z$#`d0Yq;+QIEE>(V65DLv#m<7bmbmrm}9
zS43HIyNvtzv(L8D^)@=EENXT!nIPO=Aclq^!!;tlBk-i`H@JZuf!Jv=kh7xHh6y$$
zY;VAG@`azyxYu5#1(-b81Yv=(qviox*RcV=^42>ky9Jx-LRyc_O?4IuS2}M-{$gM0
z%-*h@x^dyH5h2VuPzL^CS|PN=ew=*{J9+3<?6H2w?TrNKCcL@{M(uH##k`PjF#Tik
zr99o%D;}_H!7l@!Y48h>#0e4LSG)#UVYRjRGc>1OUSRPb;-~*=6!!Mi^!EZzn$_ww
ztOw<nkMLyH)s$wc{QN*iCvCz?E3`iG!otH>V<)vQ`0qm0E>%Z$*?*W6)S+x6fv563
z4Z)vK%v3hlth6a-Y>qbtSA6;kD;KrPi++QI3skn5d$?u2qna0Gdj}z|J|X2e*UDa{
z5a-uJv=Abs2C74+7evu3G;IKWsI2a4b()<fTGk2~wdL{&wMYJm9ms2C?!~JatQY(s
z82RWC7co>Ndhs}m|9o8ej0Jr=g6)Ky+8OTcovoy1K7d>-ph>X=Kkivl%1~<O6Egut
z=-4!M6G7}mKX4(;JD?2Z3TU6`aM=D|g?(jITuak#kOWI`hY;L#W|+YV?k*uX!JXhf
zxI=&m8r*_gaQC1I?jGFT<#NvZ-S;~uxoh42F>9|{Rb5Y2SMRlF_wJ|nBhnw~tXU2|
zyZCk+k&|6^B#z=hp~Li?pHS_N8tkqvW9hfc7E(NN#L_LqODr|i1lzOHr-yxzblO7K
zeA=jfJcJO_eGf1ZO?R@nY$oJIX7x)Ot(k21MVCb2iVLDs?{G7VCkH0;dcJ_DJ@hWQ
z9L!d?K-*N<uU@7c!P`>XIAZCZFH?c<@T^x37(#8w`7&3aCeo+5`R*PwRImbZUMsgr
zfdaFpcftgUW;|SYSv`^CHqzgi7)<m=Un{+ja3+X!R=TNwO`+kk^)Zt$HEQ!!Pe2+7
zXOg6k<*jxGw*-)_0Q7pcG1h;#uA<*(uJwdZDj)MQ#{#Lsktyg@0fo;w?fJR7E>!x5
zp?=h2b7xC9)N!5{8g}{q8Jt35zXbEu0vZ?xWz$Zj5+SO0?32Y6ePqCw%zKESqX3-3
zwV*Aj`}c1C2O}SHkOnqm4coiphKHG1$2Y@zy3U%l*VAE6MS*4zo{kufnsI0rW~5Rg
zcSD#5q#hvK7$<%;{wDbY8I3hTXcp%#^Uvgxj|Ltvs5y7wr<s}J+ti>&hW-1>9o{@I
zW2uScThP3iv2aH#N^=mLi^G!6x1e-^Q>f1?X6+a04rPAQPR2V!b?Bz$Umk|9+b()V
zMbv!Avt+F>4U1@FXc5o5mY^radABJ?Rxan{b!a!RTS^ifM$y3Ua?|6Byjlz1eHUoK
zzUyf%(AD9$LasT~v@7Kt{!`~$vSV^@m$v!6$rZ72aadk{7xDOTEWnd7Wqogr|Lf(U
zy`el!UxyI9WH0`vmz}!NQMa6d=<3LQLWk=_YHna;25F+2ae<yk0>e)q0Yy^*ms_W|
zD;-*c5_R7MP8|m@YqDhtWj9#$qpo7N4yLhwz(J?|z)IlOm+f*?)UzJp;iFQC=uqOa
ziv7VjQ|8`z(@w8JQ|&FGc=%@Z^tt0#Y!l>CvT8lQ_%7+N&=^1#8E_UY0GZUe@uW0+
z&1VHZ4<h;$&1*+BL!o^^VRk}hYM#2J8C1EIgpV!LbU)vW>o(EzIpp1;y26u%+%&OX
zUC{EVWl61b0nf*Bx+Am%&KPKUY5CLVGt&X<?<YSOARa@XffUapVV%Et|7Q^xhPcKE
z#|dLwdkfDEfW5jGPhcd5!^DwclVy`*lV?+4Q)E+SQ(;qOQ-j5H;lfVW2C+E*UN`^8
z(kpCu9RdXa{<-e@9!XVoYO;lDuz5;yoLv_Y1Qd^yw$kvEro?`$n!_j;LW~GfRwHzm
z*vb6KepV=sh)d<{D9#bWpCQl~nyjJAe5`QN>h%qs?JzY-$YikJV^{A{la*jFrE;LQ
z)%MWe2S6&0f(Sn;pxj{Xa0EX82?bt%g!jH<fAI20-0OKfzLlk5181Q|Aolh?BO(HS
zB6vr9T6);Nt%NC<48TRkue+L(J=I({<nX$AdE3i!JO{RY+E(46J-~fRXBCppel>&`
zyqrJug_2g5La+-lSj+|mBPzssfwV=4n6sS*KxyxHyMt2X2a)Q8uW7z7fF5)`F1^MT
z<Mzg1u_UPP@eWV#9JP*88pukJG5mm_-eYYSh2bcLZ2!u6ZmVT`K<&%BVAmk`z(6*Q
zx?cAax^&i>RBp?AtAQ?V2iPXc2GokvH;Y!;W}MOjdtLs$3XB0`2WLmb0<}6hS=vo`
zjGnFE?<CKYUavnYS*Rp)4_c7)`OW&<p{%=t+;OY^n97`ZC5Qa=aa0Skb<v@(>dJ3a
zetgDT7p_;%`%GjkADJC6?z-b8E$j6*GDlpgX54Itf5)Le5nE|DpJUuTEL%3e;<JyY
zIJN|lvN9^7TW6xdK=5lwqN&}m59AEIhck=JYi4_cWJ2T+nEG?0QUMw)fgbE~vUoie
zf=7i;BnK+wXm~6gYxIy%rfL?~B|IO=zt7%`SmbqIZeBPvFf{$;J;FB<&yn3zOqjiD
zRgZ`x0h5KbR2)Vva9-?9f6uGh_8g-H_E_c4csu;?{La<+QQ+5)NIj0lBq&EL)c3P~
zUI4!|Tq|J;Hw_qvH5+O;3c$v}C5pr@&mm!2tL8MfFQ5+Sv2?A+L>e8f8Vm?PJ)e33
zsv$wf6t{3uH3CWMH`oLtcwr9)L>H{tQQtG|VfCBs2QD#1dI)W0`$<n|j38V^=(W8c
z8+EiVyip!0!JjW{5p$rf@BVC~Y8Dj{gD8yeb<p!;#~~kK!W7EceHc;_BCe&8Le{r6
ziMACK)_#r^EwiLM%d5rgz8nVb_9!#q#6N<QhU4?`C!H3lDi=1iw@#L2Y=6-eC&YU(
z;)<;sO4liE@TCX7l2Y6+csr#eqa9Ad&@_crb`-5$LkGFZJQ1aZ9qkr%YRfIBmeP%#
zHdFdYiMSIPZx5=H3oE~SLG?K$U6;{)yLD*~>iV%Ww3`JRtIT4d{xRVCQifF??-y$7
z5S<y`#Y!8}28Y*IgeE>dFmvp3XkD7WV&dRgR!#AwtNNLigskC~i37%A^+4C!g(%Hk
zF|M{!d#mb;qgSn;J2zk~<;b5NoEQ^*`q;|a2*u^RBgLSx%z6h?jWuI=&<{Z4u=5fE
z!G-2~>8w{~n*Pr;doMf``+Z-lB9m<2^q(XrtGX5Q<cma`=N==H2G9vd+g<7fH^&6!
z)(MA9$r(HTNZ2B0kDE*!q+@!{&xjz9Qnoxvc4Vd<8c#J<VtGGR7O4@Y{oeA$CnQ5Y
zRO*BuhkVXZ<tC4JVy_DIi$(`vfJz4-uv?e)VJ@BmABfN98+XR>R?r>QFBo#qC*2kJ
zu`+_VYqB42ZO1^?P~1&eSX{H1M}1lf<qdu2yLu&aZ8Q_aPBy8^v~~%^PL(tEyI-Nc
zq=K4fvYUPc3ps>?^;>;bA$gxlb{5@VSLolZ5=BHqLk8Q;ZgBWEfRFU=^eTEWtS;=!
zY*?#P8oLZ`BxFhj9#%H0TV))Vjn#&Qnj~nKW%pF__rtLafu6~}yiH$^D9PH?Wh3}X
z)b|4jU%u^Go<k@Klph=>DpR#nF+P&+6WhwPVtPe;-RfrmC;Oo>$ukjz^0GooAiQ=5
zFfLpKeF4uU@T_Z4!5CxXvp&LPTHlwmW99+ji=X=7cl_@HV~}69VUyE?FtQ9e#p7_Y
zxl-4Krc->J({t1MaFF6Tc(gGPw<i3y2p$~Dvz)w1mVuhB8G7};+D&Qm(@20=oIBRn
zu;iFTjhIFH?aur7wc0akYpe@Pvn-zK6!LL&sGnKPI$Fl;7xYh-Z=HyEvyA4#Pu4<8
z)afnyzpZ_oh-Dd4b|X9yO1Dj|)mT#Som3!{Uw-WABXnz+jSOnFI~kml_bwH=o|6|2
zi=r-1!avgkx4r2fdPQAns=t|3L1}u0ytra9iYt|jR?JB^m4Ap=9qi@Bcs$SLx_Jw9
zf%1H~3<OIHCxaQar8nbD2_%_*;h9h5hw<ALuFsysw7{6X-v<DNNEDAORKyAq^0M*@
z3jI`c`?F1@qn7iyTCM98P6i&UG%Uv~bB{I6yq51KOLI~gIF)fbZ@6tMHLE-iGlh66
zl!UVz_}s$utBBya>eJX3HNlETAgQ*O&~Wpg)&_H4QZ({a4G4xbQ-tI96ZM^`x0kO=
zx5Y7(mU^%s{iY%3)8uZ0Ad~p-bVfPfLmZOMOLRGZ80}J9g#=!Sg!21u`so8S^aS+g
zKAI0F22+dRNZRnBkhUql8=4-DA*#&5VA`S~m~7(n7FU|0S=3Wg2`!u{1c})@L*>2I
zgSaGj61PI9@klO66MRU86KT82otmEqxTs~2lg;7aE-OO$rIIsF1*0*{hG95VuOZF`
zZ;GF#v-0bLM%8pW-}<!B@1$;FWQrWQmasGu$6+9U5A$=CfO+uj;C7201?5m?jRiNc
zW{63=b8{2ri9E$PAa6-c>v$P64Mouw)k;5pkY~293u&1d@ly78KYtDHY63smlxf$R
zRswW9o07p9*(S&vy%O0X@IIXiZ^>I3gA-X9PP$`+-LCaoyi%CV8_449I5s)Qa;Fif
z!W<1eIHOEyfk#LA)SUZ91g&WMu&=;$J2?6lc@wqTSE=K>G-ZB|=vsrM8Fa8GtmfE3
zPIotuwhv?N%qdu9%s*9mm9M*RW)7&t_@!8~h?#+rz7!X#;vzX2H2qL|<b+MoQ{t{Q
z!UN9-yS8zl$$I%kX7T53!x#Bfx(WNq;l3fdS*(fy1kER&WL~JiXk6+{sl);mh_52B
z(P`cMisIAm^wM61Jh7*l2ULToIAsBaV%bDf3}fZxr{Op`lE@;v6wK8dLLFqQt;e=_
z{cQg*s{0_?=SPH;+=*!T9Uq!QFvgz8o(X1iL`M41-hX-sqqxEyV<*tkm$)lnS1Ehs
z7+csB>!fD)56vk#8__Z-)T&7JhGiad5{-ry(qT=chvtWQI&~eoeSngG>MdLvrYo}@
z&iciwV@g>X<*!tx+v#zX)-A)QNy*cMTOU~BVA{U%Y-EH6f6Uq{PexS2bUM0beZ$&|
zK}YB$W^kaM&Rs1j3vC1D`%FfM{kpn5&1M+DlNn7^mptP9+!LL<F!!@o&=SGwi2I1b
zB#jH_t8UMza&5MvPDd!g>+ECM`EXN_vZHdcDx!rj=^MFPanN#<=C7+rzVFX#+@~6F
z*jsEl{2iaopU$u!^snDUsl@WXns5qOXBxw0NSbjYB3k9N)XCn*y7jew++8ZwyZ?UA
z)NUzF6If9>xI^KL_uk@+5!TzMXzC)?O%hG+g)~X3(IK<aMi2#!U`=|nT}Z#mV)I4x
z*Y*`w8p@{tm=hcYAHGm)wFh#_ojYfSF0vCLjcN@H)1peV?~yx_4EqPGq=6kl3(K9~
zrZ;U^M#vO$#+y>3W$JnSmdFA!yzv6d2SmLrq0jOkkHy_}%Cw3QLKpMRRZtcsT9e_a
z%F=9kJpvT{_AO1Iy_|x?-#ac5rEA8hvz$4T1vKq<yHCH=dShb<ZRetnvzS+)u-O_o
z>fcC89D5-+g9O@T0&hYEkM$@&NOXq66->TKEDJaep!?Du4C63<8Ig2@1OA@(=114z
z2Ng_D<X8gstX<1$E93PwW8*M{&iz~)Gi*&yj%)5BP;oO9x__o}hNyE{TwxO2uw}@&
zC_Hwh_v;9kGKcg5kqw>#?293JOdN~VMvSj7!rqO2{_NQqj_k^1MLi9fxH^eO2Rk8>
z$<xW04AD(}q)80V$!WeGti0m3n=E49w7HpHsX@EdvIlx}8DDqjV^(m6o$U0>y4lB2
zR}EHxFe|<#Ks{!p`3TIPs}6xKKR#OVAMcJ?(pe!f4C$g2Xm;(5VOqUJ>H(E2*xsGF
z6zyt|x4(akAzwPEBJaUeHo$h+ZTcxqCsFo1R<QaWQLeU{*gjbA#bam5;S=5878yo5
z2LkL7nhe)TleN2)rK0zmyYmB_%HBamf4xt4@y)}PD0C?D<vsiD$o>4G#)#449U@io
zbpHCgf`FriP1hCigBi8aTV5^=%~{yu<81XC8e4Hwc(cd^H4C;!#7*BO!J#1$Ii$5=
zz5Rj`HWu@lW3}t4t!EaB3O_#@xkpitIb<y6pHG(VpLu;>B(fp-(0pIbPG^m7?hJad
zHxa<C_ZqrEqDOXekM+~^=gx&qrga;2lY`o3XZ$Z|#~3etr__kTz(+`opQi|*T;BMG
z?WWXOZx7;t{O*&G*-PVlOAv7CH767EC<=bNm0((l%f=gbw^X@s-Ob}Adzp&zN4eTA
zf@m9a4G8HW852)`<58sca!WO5krXS#uCc=u1QB`=8DAxR`Ss$fuAF7>Y)lnX1ubb{
zWz>Kd%O(rIw}4j4QZ$2tXmPR!HT9Ti!6K$A9u*I<>k-Lz?nm~U;376PB?)*J$&MW=
z<8UUOf!h8oi>yKw=PdjS;h!Uo5O;7fD;7ale=yI{l&pVzz|vrfs1B&~aWuWaIklGB
zm=mi1V~w{&tLy;!eXDw$^q%@~XQGMjX*rBHiJ}C*If#^=#9mKEBj<IcYP(fzZ=>}2
zTZqSVoUf9l1#xkZaD%HhTE3JR3w{f1y%z(%KIZQH)-kLN?#8zB+4y!&?&_U@gJs?F
z9(AbuYogK4XT)XCZ2_GT*kltjcwbNRB8;Gs`B{?4P}va!)ic?-7fqA5Yv;?~+SGHG
z>*IsaLi1{eMFPdlT#-GzuE6)lCwOnPSX%ECU)J89_09^rT-#Kl0tE*V@TcEEpP58&
zog&}0Qc^UEgki8{1aqOjd~x!Cc30(f@J9NVGW(fY2j98i`R)`iVt4vhGwE6N@&htd
z^X#n`I+51y#Nqq3lw{4Jf%ay}=#kf7FF=Q4R=WqoY&2JMjXW`7!=5vv^HI|m3oBn}
zu6A_94_T~`yljS~re3X}Jov8WQ)NcNh2Zfci(-Wuv|DiZ+AdEV`p8`0lcotqrzgav
z``ZsnqG_wCX==V>40`UFR1Vc2q~lS9R<-FmJ;HJVR$-VDg`vvN^V844n21fwax2&_
zna$^fI|k{@P2ASA9W?P|)|PAmA!4n}7_Tnu!L_beeS!~{D+>t(ehu%c!o=7%-ZEU)
zlBMIZ7TxXdsXL{%jyn{l%ih*a96fN`A|WMAgbO-xJ5(QPU$TT=s0-3m!5kx?YC_+o
z5CjO*?4NJbBdn88iPnZZgL-^%s-Y*N!OKm^Nm#=*q5yOAvv4<1t*qq^@P0~-pRXG}
zeg-$-mx>qBMfH`nro*qVw#2(({`5TVeszDUeygo2Ag8N*sJ-G#@7bo?Lr?SAX4xXw
zf#Ap59-kKv_b=ca+s#<XL45T2P?o)DQK2^$mi%_)jtV~1ucBJ-uhZm*HjOq(j{=Hb
zVYF*l->TpZBPuk8K4X)0aT0T;&-XU8oG%UF-zHFLl`H5smo}F#h@h0+Um+_WHZb-u
zt>G%e&)kdMTiq9XPy7%X$7}*(V*&u~2!Om<3f*MAh83BMTK*KLnjZ_0pbJ70t31NV
zl)JV4dxi6O6*M35IKswhtNi($ZjRQ|#$qyaSF`FW_igL8irtsxC4clv{=ky}S;ry8
zl}k9;5_b`JQ-%tW53Z5g8F)v%0Dhd1dNolw+JnlW@iyBIYyAG}+p`YcsM_{En)=*p
znqJu;BbsjGK(V~Q?&sb4gwVck1EbQ%GIo%_cgv;pEDR#{K-Cnz6s;6Jqhyu==057a
zA3p~A)es1^<36GI?5?m%aEWViARO$3$qx6j9!3c+2Te=dM%JkJnM}dhwfaaHo(mR{
z<?DkeqPf{)c;6z6s=uqyNz<hEeX)@w^2j`>X@I~d60ynA+p=ifdI<GS&sN&R^0-yM
z)g85<GdA8_H<GCl56royfZ{4QIzg{ix@;WdpUb?6`1yFXHG2Frwaa%fN81BZ<x{<T
z-c%M%fU6#=Kuo(~obA}<{-X9Zuh-7<1bnrQqOf+qKQ@2o*Cu1vQ9U6=0)xTW`%8|2
zSFc_pyjz_8N%vsW8}}JXfSZL~15k@eY2fEIZzNp0-Hc6<jUBT3_BpJoFsw3m2T+l>
zb)}QDN+0=fx_yL}L_vTc_Cm~rV;gNVjD?Wz5S-@&cLP>rSBQ8cus(d<Aj2X-GB<01
zktIJKKTJ4VS^5K|zWkJEjkuNagO043q%bBb^-7p|I2SRLD0K`<t$La>Xlj>V(o#@e
zS1+j^W-+r<b>jM|`l0kgQ=-t9+|lT!>81$T&pz1eNw3`Y-Q<+3l4zFd$xaUos7j2j
zP0Sr*xQeMuv8pTHUO47~B|tSG^}V;Lv%!3Dd+L_tkG#SB3#*ltm5P94p6aafrt%Dp
zmxr%0(Q^zP`1c#3rC;32uQSpZB~z^XIDUPe-!|NAy*^+i^j8u=le+s>f0<Y3Dtdzy
zZdjWekj({-v$M!8F3!`?o^!ZZrs;avUuFEtwpu%sO!fY1J2qEF2MCZ$IK{tobiyyq
zdp|7}wG`KpIm~6QA@68of-kKP!`*h`|K9K;bRuov+QNnnYDFJCpvY3#7u}5?ge(0;
zsd0AK!LpHWb!-%dZS;Pqeswa%ox$9A9P4Fqh)rl{h*YGo@7@<glGBT1(>Vb%|E2oG
zsxwhJIR2lF>p@oUJ$R?wioA9&uET-S-_UBQz%(o@G!=kcD&4FwzO*b+=BCrT#;JtK
zG`(3yEPk#jXyxS<(diq(d*{kp+Yhc8Ts#8YaJiKX)X0^iS)<q=B{th<b+H40mJ7na
zIw@DFm82?Wge3ia$k!>br;J>?ax+p=5Y1IXKuTfQO1i!Zn>$oem6&HVv&m=186ZX=
zQLZI=TmpW=K$nF4fHAL9^$iQ;;OS^e3tkHej~yO#=maEQjlABSUY^X#oX8$dq-`+z
z8Xt)6p1uF_zLlDT<;K6XkC~Y6WdxQxuw0~X#g2Hg9iziSvq**@jy*iXq7t=Vs^9Y(
zhcsvVhRhQaG7`FOK9Nfkm>aiBC6~IM8qz$qZ@@WWJ`*t^AQya3Lj;gBf{l&F!U|(A
zq-gq~(Xi03QbrQ|?k_1btPh|^-5Y~ktwI!5?<^^>V6YuQG#?yQhwF98C}~AoIopBE
zQp?(?#kWrRJY{^1e2rYKxD{&aVf`DC)!y<?hv1yYPV?AS3cGTJ3wroSbo8d%3O;LR
z3x6}Hu|n4539B27vOG{7SD&cbzintis7PpJ(XlFN)+V*OZ}gta0_z)nc=h=4Rif%%
zX^z?<y##4I3DN6#qGlPT#}`@X*Ag(bJKq1@GK2>!x<f|*gSlZ%cZyHDnO@y1!u0On
zVuAnK&7}OlFPg!y@_Psr2>$1bW_34J6;phuZ`05Gi0T{+Se6@u#RL}bEYIw$N_&<c
ziC>6*bq#qwz19pO{0n%4J|tum0|~`>O}vjKXaew>RhklZWdmDDHqJc-GIRB1n+|-Z
zG;lcl{P%|Fk9IBd9!t%ww~ehHG!f&0F_P3G_t;Qn*oQ0_EptRf<TW+t><w7x>~lz`
zP8U`wk<p4R%-g|0ERIBFmA2icbXu;#{3`nSf!!}-Gj|mGAb@hH(as&lPEQakDhb59
zsa8+;gShhG4kyD7gib!WIBHPw@;)n#D3$aZkM2FsJsk@Vn1X|qM}UT%mKDJHzL}ij
z>Ex%^xLIj1Y%G#*C)W}ZZI6dIFFPYb6pmz4l0K)z^3btR0t}5!RL=@CCM@y0i**P{
zAif6p0HHy8+C-wE0QT@CMH7@$Q`!i(^kYK-eG|Yy;`>3Xp7f+HM0SV7+Qj-nJ`;g&
zJ}5>(?2M?CRL0UtOtFN0m#mqrU$td&4@RLM%-MKj`6I+LBN6K0ijcJ9nwfY(irnS)
z!-+z3Nc?1byjRouc5?^LnoWYDO`o3EQAvt=ePtRCSE+YVJPAsPDDJ<LyF&+kIjfAJ
z=bpP5?(&DXE-kVt9#bpc%vM5LTdJ#RK44a_Srzv(6xXTYz$yFAqir-CjFn2cxRVG?
zvvx2Vj`#j9x}%|C!N_3%tAw2O^7=9X@qem}h=SnxFsWNLyWsHOeGK3Vr}`BVW+%Gu
z)JZ_S{EBKB&vk$5vJ{h{3~lpa<n>8ZGJ7@(uergLwM83WfNv8^R3eL{cczd{sG9b;
z@9@U;^qZg8)JASwC!b7hkp~m===&L=llqYnPvmF_501wtKYlnAzGk5Xmd2=U%g)aG
zW$~pl>bI{_Lzzi7UAC91bE}P=JarV%$fM^GUNC)H&3@0)m)EqRp{+q$GCZ{<`^v;Y
zrM~dFwlot*4@ukv&sfml{QUXz$=P0QI9;6Os&Z*N0>MK<+E%1%+`SR{+&6QE&=7V7
z)S28#0w%LBuE@Dh->p>og0ZSacG8wF6j%*uBH+>Im(_GjUDqxlt2~BM{T*(MZd`*i
z-3#1!8$joA#Pc<=j_Tk~2fj?UyXAyJyq<NPc+~I&Q;*MQ<3$n42<O|42_lLQls`k_
zz`tG)y*#Uz%3+M%DxZ&v=MP;bgN9%+=SM$3{IS^JETb)ls~hSN_AR`cSWs+KvidRy
zkd&&}ES$5<THEHONkufOw?_Nm7pVjlDtJFT$n4-vh0&}o&N;qLJm$6<9`zQN>D?pF
zTCgU%2Y6++DG%3B_k9J*6ML`4E|U{ylGEKykE0<adZ&Su?qQ$RzU~;J0yHp@)&-dl
zC0V6&?G!pQM06G;tW7<TDR6G$;80&^<l}kSu<#vZ%HRIW;AgGYH<z4=Q<NdgLIfsH
z^UhJ(?YupAZ93j7wcYCG^mR)}0plsjn7PX@-0O*k{vbw&Q*pJ0=UNT}pHEiK<i4cB
zibjgo8f$4hwMllQa%@@8q@V>-7X2HwCRRUNQ*1|UCv1P%^cKi})kgdBFd~{BoqF3Z
z-7gbS7z@x2k}+1RkJIdrse)I7QeZrHNwgxOwe?pI(?P4770{5LQJwjoXVg*ojTGnx
z7l`Tbv6KR1lir^v`=K-z>HSe$!^MV9wVH|MCr$;gm`w6_G`2F4M?=t;$J$LM1B<B1
zV$Y%2gUrR>KAGr>5g(=mB-6&w|2V0$Cb`y39pR~mh%w0AUR#y2WhnZ+chj<Kn-Abl
ziwT{(uw~{LZQINYf4y&Z`_V#OGlz3+nDnEk+}*~R_|Rli^A)MUoPDXzMuwS>MxXCj
zDhm4<bJEXdgD~WHR~~+-PE9g+e786c)hN<XP8VL#)yFrl;U`0EEmf+G=%gaCMGVGS
z<wC3JSl6N0l0ZzQ^IOD3$~N-$dlIzy?0ln87$4b8;P6g0sgrN$&U>0tMQ<WcGwHLd
zvpvp2W-o8n$^NRihQbqNZQZX8i%lh-81bnK=}m>t2#CY3_S{yW)fMYZ<*^ae5r<s5
zy4b@NCpHR~8&NW!m8(tbTo6Q*@5-%4W?7J08^+K_JCV>FOFW^{E{KG()obK(^rX(A
z7<E(DeU`E}0xS$QmZ8mSNcj(pOoG^TU#UvJ<A`?@WjrhU-jbmE<uxWrQ%LajZCzO-
z!8K-R0zpjE>v<;xs5aCaF{D-|K|_+`e!Mr5hB5x7lW3q-Rc<_^Dw$foBBCg>(U81d
z0~fQP1hubY>+^-ZP5BqSLcc7=Tj7fR`J&Y)sK~ImSvS665c`!!$WlvF(*0^Gy+YWj
zpB|qbI$RnZ4%scxe`j%u8t%kh*tYJVVxm8jgSoOX(sQwZ1icc8ALC_R^>>BZeCtV>
zij@p@s}|NP0cz#CXBTca3gpHs<OqSy?Cr-;)$VU-uzqS)@3zugr)0J%`h<T5GZa+v
zsHf_iuPYGR^IuY_uMKac->7EVN^Wy)G8;>AV(YB%+<JB%jP*y|T>$o{wjR7W$Gl6(
zi{7Q{G>m<!gtmv%Z!Pt5OquYtxH@kp0h{>v9bQ;cX^S-DZ5xL~1oO`C!@|EFpQKu_
zNvAVVq}H~bAB*VU;%^(l1);^J^K=RM6}h5!a2aZuv&3DbFE&f&bbayT4mc8ZpF^7W
z4l<xapH|H(*GMnAVYhL&Adh$ZdB1AIy{PeFwc8h70-BaJspZn>-L|xR8jiXI%{$4+
z>B1CaKtdx$5ZcHplt1M#nBp#;4;N(G83Ym)+tXR*mzcBfM$Q5RYC4t(1DD#y63jfS
zDZ&b(>Kl#cFmXsRhJSIr4#B8|&L})%u~z!hjfYJhiNKxZNp?iV4!KisKc!xJ?_Qj>
z^27?034IKbs<ja3b^6+_K^XX>woH4Kms_9jv7^QNt(LP6sDq02V!U$y8v_wP1D+mb
zXOC{mdB$eAHJ!pqpT$B)Qv0b)oT!P)*J5d&K%e0SKRuhN#rVGOi+KDqIOriglx|#Z
zws<ZJ*ay5ODVJO326UzTO^?6IJRkYR3n;Np&7p4bOR0OCwv_^&qgIgj?V;I(Q>u)Y
zRh||$ok(_u?Rk#wN#<L|>Sn!6KQO)~ywAZQMMY{-l6+!satNLAPLg}|VCSWwxFi~Y
zQXZ98^=T2aPrsbfTfpR<23-;}@4n|O3&N*yuL1Ojujgk(o@&mV%i~&%$|n*Fi3dj)
z68KQ!Yr<kf1Lm8PuKrwyCV%mhd(~TXjZm%`9@tpQd@i^lI#ix_r2t27@h!V(Q`?ZR
zl%x4YmZ^maT3&8b>WyeYQlo1(ACF5J*Mb=7P3e`5?XSy6Yy`Zu44i4YHp%Sw@9Z$#
zZIA(N>AWpSxJIa7wm&biO8~G!nou&?NrIr25_^^dU}iG(T~tx{kULA)ejcYgF3MPf
z>iHJ-aC5<UCHLss{giKvD0S0AkI%4f<2|KQdCh^@^jTxNeAmBHQuY%(mL3k_e;xm5
z*1FJNpUnGwC0qnJdB_QFmb!e#+3#U8UTx~Yq&}(dpd{v9J(<s8)z%#(?C%Y(&#6;1
zZ>8Vs(Q7kl;2m;waW1yd!melZ>b6&#T<O~Q^buG0iA&5ljyOM~Pcy^sTUuw0Y+BQS
z*(9c1^VO95QU0Qme}GVYd$631&C654Ug4SS+HqvKP`DT1zsS#&VZM2PZ+)-LMup?U
z!~*|Ki|~&p;MyZ%xMVyyaBVm{92GnwhzA5ns06?P{&TejfNP^>hk%W_3;<vj4vr7N
zrymmomM2~Sb`}69=LawtYzzjOaMun3;dbB<Ku^~7oN#aczL?{LgXn;{QU6l@Pa_9&
zasoNYP00Tv18{M1J$?G|S0lIi9~l_L{ud?0zhnR|2>6Mj;omX{5WtmS3x=bH0zly3
zdjW8BL!QF_mj#d$0C-{p__quI;{4qkCzuQLy9~&|#reeQ@Go0V0QhgD&?o7C;R889
zkS8L6e<^~vL69eUjDN|1>|n0noq&J<@E-s<o-}{61#oe5KCxc>-~Rsc&(02jfFMu*
zZvJZj1;Y*i{gGdGAjcni0B&~R?~VZwFvmZf{N3@BE%zTjAW#nOKM-<5*njU32z<i$
z8^9;WTz|+QkiV!H{v8Me!122tJ2waT?;&}L|GyCfxc?u~LAcp}PxX^A*YDABaB%!t
zW!wPZ?{x&=Vh8;*-~<~kxED~4KLX(Z0iKZkI}iZ(6A|I>GOj<f`eY0E-7g0h;IAqD
zuf#m{_n*@GR}#2@f3cVROYzD0k9q@e062cn^wV*`e@-T@KWqBQ7WmIe_jeHjKtRy%
z!vx^w{9}eaam4&N$3Z~wA7CKBKgtNe4Su?V{5v=x5CHun{Xk9#_wVTf0U>`l0daG&
z|E|XgWas#Om^dN-j`%MKKz7c*zFm82djDI4z^AnSfsh0EN4)_7K=ALw1biCM-@$+Z
z5D0t1BOe?I95{i5AC6pC7{DnC5fc>?1qpL;35h@5B1E2Uk>XF8<^}_R!Vm$z|F4G5
eUyM5rjt2IQuJ*<zs9+EWgd3HHMod8*_5T2K;`;Oe

diff --git a/tzpfms.ps b/tzpfms.ps
index c91265c..a4e55f4 100644
--- a/tzpfms.ps
+++ b/tzpfms.ps
@@ -1,15 +1,15 @@
 %!PS-Adobe-3.0
 %%Creator: groff version 1.23.0
-%%CreationDate: Sun Mar  3 19:44:42 2024
+%%CreationDate: Sun Mar  3 19:46:07 2024
 %%DocumentNeededResources: font Times-Roman
 %%+ font Times-Bold
 %%+ font Courier-Bold
 %%+ font Courier-Oblique
 %%+ font Courier
-%%+ font Symbol
 %%+ font Times-Italic
+%%+ font Symbol
 %%DocumentSuppliedResources: procset grops 1.23 0
-%%Pages: 10
+%%Pages: 15
 %%PageOrder: Ascend
 %%DocumentMedia: Default 595 842 0 () ()
 %%Orientation: Portrait
@@ -237,8 +237,8 @@ setpacking
 %%IncludeResource: font Courier-Bold
 %%IncludeResource: font Courier-Oblique
 %%IncludeResource: font Courier
-%%IncludeResource: font Symbol
 %%IncludeResource: font Times-Italic
+%%IncludeResource: font Symbol
 grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
 def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 /Zcaron/scaron/zcaron/Ydieresis/trademark/quotesingle/Euro/.notdef
@@ -276,15 +276,372 @@ def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 %%BeginPageSetup
 BP
 %%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-ADD-B)72 48 Q -.4(AC)-.35 G 42.103
+(KUP\(8\) System).4 F(Manager')2.5 E 2.5(sM)-.55 G 39.602
+(anual ZFS-FIDO2-ADD-B)-2.5 F -.4(AC)-.35 G(KUP\(8\)).4 E/F1 10
+/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-add-backup)108 96 Q F0 2.5<8a61>2.5 G(llo)-2.5 E 2.5(wa)-.25
+G(nother FIDO2 de)-2.5 E(vice to unlock ZFS dataset)-.25 E F1(SYNOPSIS)
+72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0
+SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After)108 153.6 Q/F4 10
+/Courier@0 SF(zfs-fido2-change-key)7.564 E F0 5.064(\(8\) deri)B -.15
+(ve)-.25 G 7.563(st).15 G 5.063(he k)-7.563 F 5.363 -.15(ey f)-.1 H
+5.063(or a dataset from a FIDO2 de).15 F(vice,)-.25 E F2
+(zfs-fido2-add-backup)108 165.6 Q F0(may be e)2.5 E -.15(xe)-.15 G
+(cuted to e).15 E(xtend this to an)-.15 E 2.5(yn)-.15 G
+(umber of additional de)-2.5 E(vices.)-.25 E .273(First, the wrapping k)
+108 182.4 R .574 -.15(ey i)-.1 H 2.774(se).15 G .274
+(xtracted as normally during)-2.924 F F4(zfs-fido2-load-key)2.774 E F0
+.274(\(8\), then a credential)B 1.604(is made as-if during)108 194.4 R
+F4(zfs-fido2-change-key)4.104 E F0 1.604(\(8\) \(e)B 1.604
+(xcept the "primary" de)-.15 F 1.603(vice and all the ones)-.25 F .185
+(holding backups are e)108 206.4 R .185(xcluded from the search\); ho)
+-.15 F(we)-.25 E -.15(ve)-.25 G .985 -.4(r, t).15 H(he).4 E F4
+(hmac-secret)2.685 E F0 .185(is instead used as a sym-)2.685 F 1.555
+(metric AES-256-GCM \()108 218.4 R F4(EVP_CIPHER-AES)A F0 1.555
+(\(7ssl\)\) k)B 1.855 -.15(ey t)-.1 H 4.055(oe).15 G 1.555
+(ncrypt the wrapping k)-4.055 F 1.855 -.15(ey d)-.1 H 1.555
+(irectly with a).15 F(random IV)108 230.4 Q(.)-1.29 E(This turns the)108
+247.2 Q F4(xyz.nabijaczleweli:tzpfms.key)2.5 E F0 -.25(va)2.5 G
+(riable into).25 E F3(salt)108 259.2 Q F2(:)A F3(credential-ID)A F2(:)A
+F3(credential-public-key)A F0([)A F2(.)A F3(backup-salt)A F2(:)A F3
+(backup-credential-ID)108 271.2 Q F2(:)A F3
+(backup-credential-public-key)A F2(:)A F3(IV)A F2(:)A F3(encrypted-key)A
+F0 1.666(]...)C F4(tzpfms.key)108 288 Q F0 2.238
+(is actually a dot-separated list of de)4.738 F 2.238(vice b)-.25 F
+4.738(undles. The)-.2 F 2.239(\214rst one is as-described in)4.738 F F4
+(zfs-fido2-change-key)108 300 Q F0 5.181(\(8\). Subsequent)B 2.681
+(ones also include \(identically-encoded\) IVs and en-)5.181 F
+(crypted blobs.)108 312 Q F4(zfs-fido2-load-key)108 328.8 Q F0 .081
+(\(8\) shops assertions around de)B .081(vices in a de)-.25 F .082
+(vice-major order \212 depending on)-.25 F(de)108 340.8 Q
+(vice numbering, a backup may be loaded e)-.25 E -.15(ve)-.25 G 2.5(ni)
+.15 G 2.5(ft)-2.5 G(he primary de)-2.5 E(vice is present.)-.25 E F1
+(ENVIR)72 357.6 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4
+(TZPFMS_PASSPHRASE_HELPER)108 369.6 Q F0 .046(By def)133 381.6 R .045(a\
+ult, passphrases are prompted for and read in on the standard output an\
+d input streams.)-.1 F(If)5.045 E F4(TZPFMS_PASSPHRASE_HELPER)133 393.6
+Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G
+1.596(ill be run via)-4.096 F F4(/bin/)4.096 E F2 3.262(sh \255c)B F0
+(to)4.096 E(pro)133 405.6 Q(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 422.4 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 434.4 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 446.4 Q F0
+(Pre-formatted noun phrase with all the information belo)160 446.4 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 458.4 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 458.4 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 470.4 Q F0("ne)160
+470.4 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 482.4 Q F0("ag)160 482.4 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 499.2 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+511.2 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 528 R(En)87 540 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 552 Q F0
+(If set, enables lib\214do2 deb)173 552 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 568.8 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 580.8 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 592.8 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 609.6 R F0
+(The lib\214do2 documentation at https://de)108 621.6 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 638.4 R
+F0 1.6 -.8(To a)108 650.4 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 662.4 Q F0(ThePhD)7.5 E F1<83>
+128 674.4 Q F0(Embark Studios)7.5 E F1<83>128 686.4 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 698.4 Q F0(EvModder)7.5 E F1(REPOR)72 715.2 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 727.2 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 744 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 756 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 2
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
+SF(zfs-fido2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
+-2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne authenticated by a FIDO2 de)
+-2.5 E(vice)-.25 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108
+124.8 Q F0([)2.5 E F2<ad62>1.666 E/F3 10/Courier-Oblique@0 SF
+(backup-file)6 E F0(])A F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0
+2.867 -.8(To n)108 153.6 T 1.267(ormalise the).8 F F3(dataset)3.767 E F0
+(,)A F2(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the FIDO2 de)108 194.4 Q(vice, which)
+-.25 E F4(must)2.5 E F0(support the)2.5 E F5(hmac-secret)2.5 E F0 -.15
+(ex)2.5 G(tension.).15 E(If)108 211.2 Q F3(dataset)3.244 E F0 -.1(wa)
+3.244 G 3.244(sp).1 G(re)-3.244 E .743(viously encrypted with)-.25 F F2
+(fzifdso)3.243 E F0 .743(and the)3.243 F F1(FIDO2)3.243 E F0 .743
+(back-end w)3.243 F .743(as used, the meta-)-.1 F .926
+(data will be silently cleared.)108 223.2 R .926
+(Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
+(ata required for manual interv)-3.426 F(ention)-.15 E
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.465(xt, a ne)-.15 F 2.965(wc)-.25 G .465
+(redential of type ES256 is generated on the de)-2.965 F .464
+(vice \(with relying party ID)-.25 F F5(fzifdso)2.964 E F0(and)2.964 E
+.499(name equal to the dataset name\) with the)108 264 R F5(hmac-secret)
+2.999 E F0 -.15(ex)2.999 G .499(tension requested; the de).15 F .499
+(vice PIN, if an)-.25 F -.65(y,)-.15 G(is prompted for here.)108 276 Q
+(This mimicks a W)5 E(ebAuthn re)-.8 E(gistration step.)-.15 E .962(The\
+n, the credential is asserted with a 32-byte random salt, which hashes \
+it with de)108 292.8 R(vice-pri)-.25 E -.25(va)-.25 G .962(te data,).25
+F .137(and thus generates the wrapping k)108 304.8 R .438 -.15(ey \()-.1
+H .138(which is optionally back).15 F .138(ed up \(see)-.1 F F1(OPTIONS)
+2.638 E F0 2.638(\)\). This)B .138(mimicks a)2.638 F -.8(We)108 316.8 S
+(bAuthn login step.).8 E(The follo)108 333.6 Q
+(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
+345.6 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(FIDO2)A<83>
+128 357.6 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3(salt)A F2
+(:)A F3(credential-ID)A F2(:)A F3(credential-public-key)139 369.6 Q F0
+([)A F2(.)A F0 1.666(...)1.666 G 1.666(]...)-1.666 G F5(tzpfms.backend)
+108 386.4 Q F0 2.708(identi\214es this dataset for w)5.208 F 2.707
+(ork with)-.1 F F1(FIDO2)5.207 E F0(-back-ended)A F2(tzpfms)5.207 E F0
+2.707(tools \(i.e.)5.207 F F2(fzifdso)108 398.4 Q F5
+(zfs-fido2-change-key)60.227 E F0(\(8\),)A F5(zfs-fido2-load-key)56.728
+E F0(\(8\),)A F5(zfs-fido2-add-backup)108 410.4 Q F0(\(8\), and)A F5
+(zfs-fido2-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 427.2 Q F0
+.486(is a colon-separated tuple of unpadded URL-safe base64 blobs; the \
+\214rst one is the ran-)2.986 F .217(dom salt; the second represents th\
+e ID of created credential, and the third \211 its public k)108 439.2 R
+-.15(ey)-.1 G 5.217(.T)-.5 G .217(here e)-5.217 F(xists)-.15 E
+(no other user)108 451.2 Q
+(-land tool for deciphering this; perhaps there should be.)-.2 E
+(Finally)108 468 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25
+G 9.506(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 480 Q
+F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
+(to clean up the properties, or to issue a note for manual interv)108
+492 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 508.8
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-fido2-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 520.8 R .729
+(ut otherwise the dataset can be manually rolled back to a passphrase)
+-.2 F(with)108 532.8 Q F2(zfs-fido2-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 544.8 Q F3(dataset)6 E F0
+(\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
+F2(zfs-fido2-clear-key)108 561.6 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 573.6 Q F1(OPTIONS)72 590.4 Q F2<ad62>109.666 602.4 Q
+F3(backup-file)6 E F0(Sa)203 602.4 Q .353 -.15(ve a b)-.2 H .052
+(ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 614.4 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 626.4 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 638.4 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F1(ENVIR)72 655.2 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35
+E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q F0 .046(By def)133 679.2 R
+.045(ault, passphrases are prompted for and read in on the standard out\
+put and input streams.)-.1 F(If)5.045 E F5(TZPFMS_PASSPHRASE_HELPER)133
+691.2 Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)
+-4.096 G 1.596(ill be run via)-4.096 F F5(/bin/)4.096 E F2 3.262
+(sh \255c)B F0(to)4.096 E(pro)133 703.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 720 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
+(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E(fzifdso 0)72 817.889 Q
+(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 2 3
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 124.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
+1.666(FIDO2 back-end con\214guration)72 153.6 R(En)87 165.6 Q(vir)-.4 E
+.625(onment v)-.18 F(ariables)-.1 E F1(FIDO_DEBUG)108 177.6 Q F0
+(If set, enables lib\214do2 deb)173 177.6 Q
+(ug logging to the standard error stream.)-.2 E F2(De)87 194.4 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 206.4 R
+.727(vice which supports the)-.25 F F1(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 218.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F2 .625(See also)87 235.2 R F0
+(The lib\214do2 documentation at https://de)108 247.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F2 1.666(SPECIAL THANKS)72 264 R
+F0 1.6 -.8(To a)108 276 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F2<83>128 288 Q F0(ThePhD)7.5 E F2<83>128
+300 Q F0(Embark Studios)7.5 E F2<83>128 312 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F2<83>128 324 Q F0(EvModder)7.5 E F2(REPOR)72 340.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 352.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F1
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 369.6 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 381.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(2)183.837 E 0 Cg EP
+%%Page: 1 4
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 50.243(ZFS-FIDO2-CLEAR-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 47.742(anual ZFS-FIDO2-CLEAR-KEY\(8\))-2.5
+F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-clear-key)108 96 Q F0 3.587<8a72>3.588 G -.25(ew)-3.587 G
+1.087(rap ZFS dataset k).25 F 1.387 -.15(ey i)-.1 H 3.587(np).15 G
+(asssw)-3.587 E 1.087(ord and clear tzpfms FIDO2 meta-)-.1 F(data)108
+108 Q F1(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(FIDO2)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
+(xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
+14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
+213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-fido2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(ENVIR)72 247.2 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .045
+(By def)133 271.2 R .045(ault, passphrases are prompted for and read in\
+ on the standard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.596(is set and nonempty)4.096
+F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 295.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 312 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 324 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 336 Q F0
+(Pre-formatted noun phrase with all the information belo)160 336 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 348 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 348 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 360 Q F0("ne)160 360 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F4($4)143 372 Q F0("ag)160 372 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 388.8 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+400.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 417.6 R(En)87 429.6 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 441.6 Q F0
+(If set, enables lib\214do2 deb)173 441.6 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 458.4 Q .625
+(vice selection)-.15 F F0 .726(When creating, the \214rst de)108 470.4 R
+.726(vice which supports the)-.25 F F4(hmac-secret)3.227 E F0 -.15(ex)
+3.227 G .727(tension is used.).15 F .727(When loading,)5.727 F
+(the assertion is shopped around to e)108 482.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 499.2 R F0
+(The lib\214do2 documentation at https://de)108 511.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 528 R
+F0 1.6 -.8(To a)108 540 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F1<83>128 552 Q F0(ThePhD)7.5 E F1<83>128
+564 Q F0(Embark Studios)7.5 E F1<83>128 576 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F1<83>128 588 Q F0(EvModder)7.5 E F1(REPOR)72 604.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 616.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 633.6 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 645.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 5
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-LO)72 48 Q 55.603(AD-KEY\(8\) System)
+-.35 F(Manager')2.5 E 2.5(sM)-.55 G 53.102(anual ZFS-FIDO2-LO)-2.5 F
+(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
+/Courier-Bold@0 SF(zfs-fido2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
+(oad FIDO2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 1.141(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.641 E F0 -.1
+(wa)3.641 G 3.641(se).1 G 1.141(ncrypted with)-3.641 F F2(tzpfms)3.641 E
+F0(back)3.641 E(end)-.1 E F1(FIDO2)3.641 E F0 3.641(,a)C 1.142
+(sserts the preserv)-3.641 F 1.142(ed chal-)-.15 F(lenge, HMA)108 165.6
+Q(Cking the salt with the on-de)-.4 E
+(vice secret, and loads the resulting k)-.25 E .3 -.15(ey i)-.1 H(nto)
+.15 E F3(dataset)2.5 E F0(.)A(See)108 182.4 Q/F4 10/Courier@0 SF
+(zfs-fido2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
+(OPTIONS)72 199.2 Q F2<ad6e>109.666 211.2 Q F0 3.208
+(Do a no-op/dry run, can be used e)131 211.2 R -.15(ve)-.25 G 5.708(ni)
+.15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708
+(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G
+3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 223.2 Q F0 -.55('s)C F2
+<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 240 Q 1.666(ONMENT V)-.3 F
+(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 252 Q F0 .045(By def)
+133 264 R .045(ault, passphrases are prompted for and read in on the st\
+andard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 276 Q F0 1.596(is set and nonempty)4.096 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 288 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 304.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 316.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 328.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 328.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 340.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 340.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 352.8 Q F0("ne)160
+352.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 364.8 Q F0("ag)160 364.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 381.6 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+393.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666(SPECIAL THANKS)
+72 410.4 R F0 1.6 -.8(To a)108 422.4 T(ll who support further de).8 E
+-.15(ve)-.25 G(lopment, in particular:).15 E F1<83>128 434.4 Q F0
+(ThePhD)7.5 E F1<83>128 446.4 Q F0(Embark Studios)7.5 E F1<83>128 458.4
+Q F0(Jasper Bekk)7.5 E(ers)-.1 E F1<83>128 470.4 Q F0(EvModder)7.5 E F1
+(REPOR)72 487.2 Q 1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108
+499.2 Q(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 516 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 528 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 6
+%%BeginPageSetup
+BP
+%%EndPageSetup
 /F0 10/Times-Roman@0 SF 93.563(ZFS-TPM-LIST\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 91.062(anual ZFS-TPM-LIST\(8\))-2.5 F/F1
 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm-list)108 96 Q F0 2.5<8a70>2.5 G(rint dataset tzpfms metadata)
--2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
-<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10
-/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A F2
-<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
-<ad6c>1.666 E F0(])A([)186 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
+-2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)
+2.5 E F2<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E
+/F3 10/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A
+F2<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
+<ad6c>1.666 E F0(])A([)234 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
 1.666(]...)C F1(DESCRIPTION)72 153.6 Q F0(Lists the follo)108 165.6 Q
 (wing properties on encryption roots:)-.25 E/F4 10/Courier@0 SF(name)128
 177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.979 E F0
@@ -326,26 +683,28 @@ listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
 G(re una)-2.5 E -.25(va)-.2 G(ilable.).25 E F2<ad6c>109.666 446.4 Q F0
 (List only encryption roots whose k)185 446.4 Q -.15(ey)-.1 G 2.5(sa).15
 G(re a)-2.5 E -.25(va)-.2 G(ilable.).25 E F1(EXAMPLES)72 463.2 Q F4($)
-108 475.2 Q F2(zfs-tpm-list)6 E F4 72(NAME BACK-END)108 487.2 R 18
-(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
+108 475.2 Q F2(zfs-fido2-add-backup)6 E F4 72(NAME BACK-END)108 487.2 R
+18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
 (available yes)24 F 6(tarta-zoot/home TPM2)108 511.2 R 6
-(unavailable yes)36 F($)108 535.2 Q F2 1.666(zfs-tpm-list \255ad0)6 F F4
-24(NAME BACK-END)108 547.2 R 6(KEYSTATUS COHERENT)12 F 6(filling -)108
-559.2 R 6(available yes)54 F($)108 583.2 Q F2 1.666(zfs-tpm-list \255b)6
-F F1(TPM2)6 E F4 72(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F
-6(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
-F2 1.666(zfs-tpm-list \255ra)6 F F3(tarta-zoot)6 E F4 72(NAME BACK-END)
-108 643.2 R 18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 655.2 R
-18(available yes)24 F 6(tarta-zoot/home TPM2)108 667.2 R 6
-(unavailable yes)36 F 12(tarta-zoot/bkp -)108 679.2 R 18(available yes)
-54 F 18(tarta-zoot/vm -)108 691.2 R 18(available yes)54 F($)108 715.2 Q
-F2 1.666(zfs-tpm-list \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
+(unavailable yes)36 F($)108 535.2 Q F2 1.666
+(zfs-fido2-add-backup \255ad0)6 F F4 24(NAME BACK-END)108 547.2 R 6
+(KEYSTATUS COHERENT)12 F 6(filling -)108 559.2 R 6(available yes)54 F($)
+108 583.2 Q F2 1.666(zfs-fido2-add-backup \255b)6 F F1(TPM2)6 E F4 72
+(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F 6
+(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
+F2 1.666(zfs-fido2-add-backup \255ra)6 F F3(tarta-zoot)6 E F4 72
+(NAME BACK-END)108 643.2 R 18(KEYSTATUS COHERENT)12 F 36
+(tarta-zoot TPM1.X)108 655.2 R 18(available yes)24 F 6
+(tarta-zoot/home TPM2)108 667.2 R 6(unavailable yes)36 F 12
+(tarta-zoot/bkp -)108 679.2 R 18(available yes)54 F 18(tarta-zoot/vm -)
+108 691.2 R 18(available yes)54 F($)108 715.2 Q F2 1.666
+(zfs-fido2-add-backup \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
 (KEYSTATUS COHERENT)12 F 54(filling -)108 739.2 R 6(available yes)54 F
 36(tarta-zoot TPM1.X)108 751.2 R 6(available yes)24 F 12
 (tarta-zoot/bkp -)108 763.2 R 6(available yes)54 F 18(tarta-zoot/vm -)
 108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-23-g984c5d5)72 817.889
 Q(December 4, 2022)83.023 E(1)183.842 E 0 Cg EP
-%%Page: 2 2
+%%Page: 2 7
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -362,7 +721,7 @@ F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 201.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-23-g984c5d5)72 817.889 Q(December 4, 2022)83.023 E
 (2)183.842 E 0 Cg EP
-%%Page: 1 3
+%%Page: 1 8
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -371,192 +730,193 @@ BP
 -2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
 SF(zfs-tpm1x-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
 -2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3
-(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T
-5.267(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766
-E F0 5.266(will open its encryption root in its stead.)7.766 F F2
-(zfs-tpm-list)108 165.6 Q F0(will)2.5 E/F4 10/Times-Italic@0 SF(ne)2.5 E
-(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)
--2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
-(First, a connection is made to the TPM, which)108 182.4 Q F4(must)2.5 E
-F0(be TPM-1.X-compatible.)2.5 E(If)108 199.2 Q F3(dataset)3.176 E F0 -.1
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666
+E F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 2.867 -.8(To n)108 153.6
+T 1.267(ormalise the).8 F F3(dataset)3.767 E F0(,)A F2
+(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 194.4 Q F4(must)2.5 E
+F0(be TPM-1.X-compatible.)2.5 E(If)108 211.2 Q F3(dataset)3.177 E F0 -.1
 (wa)3.176 G 3.176(sp).1 G(re)-3.176 E .676(viously encrypted with)-.25 F
 F2(tzpfms)3.176 E F0 .676(and the)3.176 F F1(TPM1.X)3.176 E F0 .676
 (back-end w)3.176 F .676(as used, the meta-)-.1 F .926
-(data will be silently cleared.)108 211.2 R .926
+(data will be silently cleared.)108 223.2 R .926
 (Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
 (ata required for manual interv)-3.426 F(ention)-.15 E
-(will be written to the standard error stream.)108 223.2 Q(Ne)108 240 Q
-.294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
 (ey i)-.1 H 2.794(sg).15 G .294(enerated on the TPM, optionally back)
 -2.794 F .294(ed up \(see)-.1 F F1(OPTIONS)2.794 E F0 .294
-(\), and sealed)B .586(on the TPM; the user is prompted for an optional\
- passphrase to protect the k)108 252 R .885 -.15(ey w)-.1 H .585
-(ith, and for the SRK).15 F(passphrase, set when taking o)108 264 Q
+(\), and sealed)B .585(on the TPM; the user is prompted for an optional\
+ passphrase to protect the k)108 264 R .886 -.15(ey w)-.1 H .586
+(ith, and for the SRK).15 F(passphrase, set when taking o)108 276 Q
 (wnership, if not "well-kno)-.25 E(wn" \(all zeroes\).)-.25 E(The follo)
-108 280.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
-<83>128 292.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
-(TPM1.X)A<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
+108 292.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
+<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
+(TPM1.X)A<83>128 316.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
 F3(parent-key-blob)A F2(:)A F3(sealed-object-blob)A F5(tzpfms.backend)
-108 321.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
-(ork with)-.1 F F1(TPM1.X)2.792 E F0(-back-ended)A F2(tzpfms)2.792 E F0
-.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 333.6 Q F0
+108 333.6 Q F0 .292(identi\214es this dataset for w)2.792 F .291
+(ork with)-.1 F F1(TPM1.X)2.791 E F0(-back-ended)A F2(tzpfms)2.791 E F0
+.291(tools \(namely)2.791 F F5(zfs-tpm1x-change-key)108 345.6 Q F0
 (\(8\),)A F5(zfs-tpm1x-load-key)2.5 E F0(\(8\), and)A F5
-(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 350.4 Q F0
-1.412(is a colon-separated pair of he)3.913 F 1.412
-(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .867
-(\214rst one represents the RSA k)108 362.4 R 1.167 -.15(ey p)-.1 H .868
+(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 362.4 Q F0
+1.412(is a colon-separated pair of he)3.912 F 1.412
+(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .868
+(\214rst one represents the RSA k)108 374.4 R 1.168 -.15(ey p)-.1 H .867
 (rotecting the blob, and it is protected with either the passphrase, if)
-.15 F(pro)108 374.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
-(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.913 E F0 3.913(;t)C 1.413
-(he sec-)-3.913 F .379
-(ond represents the sealed object containing the wrapping k)108 386.4 R
+.15 F(pro)108 386.4 Q 1.413(vided, or the SHA1 constant)-.15 F F5
+(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.914 E F0 3.914(;t)C 1.414
+(he sec-)-3.914 F .379
+(ond represents the sealed object containing the wrapping k)108 398.4 R
 -.15(ey)-.1 G 2.879(,a)-.5 G .379
 (nd is protected with the SHA1 constant)-2.879 F F5
-(B9EE715DBE4B243FAA81EA04306E063710383E35)108 398.4 Q F0 6.721(.T)C
-1.721(here e)-6.721 F 1.721(xists no other user)-.15 F 1.72
-(-land tool for)-.2 F(decrypting this; perhaps there should be.)108
-410.4 Q(Finally)108 427.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
--.25(va)-.25 G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F
-<ad6f>17.172 E F5(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5
-(keyformat=raw)108 439.2 Q F3(dataset)6.107 E F0 .107
-(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G 5.106
-(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
-(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
+(B9EE715DBE4B243FAA81EA04306E063710383E35)108 410.4 Q F0 6.72(.T)C 1.72
+(here e)-6.72 F 1.721(xists no other user)-.15 F 1.721(-land tool for)
+-.2 F(decrypting this; perhaps there should be.)108 422.4 Q(Finally)108
+439.2 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25 G 9.506
+(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 451.2
+Q F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
 (to clean up the properties, or to issue a note for manual interv)108
-451.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 468
-S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
--.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.556 E F0
-6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
-(command succeeds, all is well, b)108 480 R .729
+463.2 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 480
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 492 R .729
 (ut otherwise the dataset can be manually rolled back to a passphrase)
--.2 F(with)108 492 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
-F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
-2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
-10.313 E F5(keyformat=passphrase)108 504 Q F3(dataset)6 E F0
+-.2 F(with)108 504 Q F2(zfs-tpm1x-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 516 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm1x-clear-key)108 520.8 Q F3(dataset)7.607 E F0 1.607
-(can be used to clear the properties and go back to using a)4.107 F
-(passphrase.)108 532.8 Q F1(OPTIONS)72 549.6 Q F2<ad62>109.666 561.6 Q
-F3(backup-file)6 E F0(Sa)203 561.6 Q .352 -.15(ve a b)-.2 H .052
+F2(zfs-tpm1x-clear-key)108 532.8 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 544.8 Q F1(OPTIONS)72 561.6 Q F2<ad62>109.666 573.6 Q
+F3(backup-file)6 E F0(Sa)203 573.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
-E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
-F .694(This back-up)203 573.6 R F4(must)3.194 E F0 .694
-(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
-(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 585.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 597.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 614.4 Q F3(PCR)6 E F0([)A F2(,)A F3
-(PCR)A F0 1.666(]...)C .638(Bind the k)203 614.4 R .939 -.15(ey t)-.1 H
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 585.6 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 597.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 609.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 626.4 Q F3(PCR)6 E F0([)A F2(,)A F3
+(PCR)A F0 1.666(]...)C .639(Bind the k)203 626.4 R .939 -.15(ey t)-.1 H
 3.139(os).15 G .639(pace- or comma-separated)-3.139 F F3(PCR)3.139 E F0
-3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .639
-(hange, the wrap-)-3.139 F .463(ping k)203 626.4 R .763 -.15(ey w)-.1 H
-.463(ill not be able to be unsealed.).15 F .462
-(The minimum number of PCRs for a)5.462 F(PC TPM is)203 638.4 Q F1(24)
+3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .638
+(hange, the wrap-)-3.139 F .462(ping k)203 638.4 R .762 -.15(ey w)-.1 H
+.462(ill not be able to be unsealed.).15 F .463
+(The minimum number of PCRs for a)5.462 F(PC TPM is)203 650.4 Q F1(24)
 2.5 E F0(\(numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0 2.5(]\). F)B
-(or most, this is also the maximum.)-.15 E F1(ENVIR)72 655.2 Q 1.666
-(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q
-F0 .045(By def)133 679.2 R .045(ault, passphrases are prompted for and \
-read in on the standard output and input streams.)-.1 F(If)5.046 E F5
-(TZPFMS_PASSPHRASE_HELPER)133 691.2 Q F0 1.596(is set and nonempty)4.096
+(or most, this is also the maximum.)-.15 E F1(ENVIR)72 667.2 Q 1.666
+(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q
+F0 .046(By def)133 691.2 R .045(ault, passphrases are prompted for and \
+read in on the standard output and input streams.)-.1 F(If)5.045 E F5
+(TZPFMS_PASSPHRASE_HELPER)133 703.2 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F5
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 703.2 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 715.2 Q
 (vide each passphrase, instead.)-.15 E .643
-(The standard output stream of the helper is tied to an anon)133 720 R
+(The standard output stream of the helper is tied to an anon)133 732 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
-133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
-(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
-(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
--.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-23-g984c5d5)72
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(tzpfms 0.3.4-23-g984c5d5)72
 817.889 Q(February 28, 2024)83.018 E(1)183.837 E 0 Cg EP
-%%Page: 2 4
+%%Page: 2 9
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 36.913(ZFS-TPM1X-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 34.412(anual ZFS-TPM1X-CHANGE-KEY\(8\))
--2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
-(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
-(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
--2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 124.8 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
-(127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
-(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 136.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
 -.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
-1.666(TPM1.X back-end con\214guration)72 153.6 R .625(TPM selection)87
-165.6 R F0(The)108 177.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
-.229(suite connects to a local)2.729 F F1(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F1(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 189.6 Q
-(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 206.4 R(rouSerS)
--.35 E F1(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F1(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F1(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-218.4 S(ing one of the earlier ones with, for e).1 E
+1.666(TPM1.X back-end con\214guration)72 165.6 R .625(TPM selection)87
+177.6 R F0(The)108 189.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.73 E F0 .23
+(suite connects to a local)2.73 F F1(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F1(localhost:30003)2.729 E F0 2.729(\)b)C 2.729
+(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1 F(the)2.729 E(en)108 201.6
+Q(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .11(The T)108 218.4 R(rouSerS)
+-.35 E F1(tcsd)2.61 E F0 .11(\(8\) daemon will try)B F1(/dev/tpm0)2.61 E
+F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611
+E F1(/dev/tpm)2.611 E F0 2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1
+(py)108 230.4 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F2 .625
-(See also)87 235.2 R F0(The T)108 247.2 Q
+(See also)87 247.2 R F0(The T)108 259.2 Q
 (rouSerS project page at https://sourcefor)-.35 E
 (ge.net/projects/trousers.)-.18 E 4.415
-(The TPM 1.2 main speci\214cation inde)108 264 R 6.915(xa)-.15 G 6.915
+(The TPM 1.2 main speci\214cation inde)108 276 R 6.915(xa)-.15 G 6.915
 (th)-6.915 G(ttps://trustedcomputinggroup.or)-6.915 E
-(g/resource/tpm-main-)-.18 E(speci\214cation.)108 276 Q F2 1.666
-(SPECIAL THANKS)72 292.8 R F0 1.6 -.8(To a)108 304.8 T
+(g/resource/tpm-main-)-.18 E(speci\214cation.)108 288 Q F2 1.666
+(SPECIAL THANKS)72 304.8 R F0 1.6 -.8(To a)108 316.8 T
 (ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
-.15 E F2<83>128 316.8 Q F0(ThePhD)7.5 E F2<83>128 328.8 Q F0
-(Embark Studios)7.5 E F2<83>128 340.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
-F2<83>128 352.8 Q F0(EvModder)7.5 E F2(REPOR)72 369.6 Q 1.666(TING B)-.4
-F(UGS)-.1 E F0(https://todo.sr)108 381.6 Q(.ht/\001nabijaczle)-.55 E
-(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 398.4 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
-(https://lists.sr)108 410.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
--.25 E F2 1.666(SEE ALSO)72 427.2 R F0
-(PCR allocations: https://wiki.archlinux.or)108 439.2 Q(g/title/T)-.18 E
+.15 E F2<83>128 328.8 Q F0(ThePhD)7.5 E F2<83>128 340.8 Q F0
+(Embark Studios)7.5 E F2<83>128 352.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
+F2<83>128 364.8 Q F0(EvModder)7.5 E F2(REPOR)72 381.6 Q 1.666(TING B)-.4
+F(UGS)-.1 E F0(https://todo.sr)108 393.6 Q(.ht/\001nabijaczle)-.55 E
+(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 410.4 Q
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+(https://lists.sr)108 422.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
+-.25 E F2 1.666(SEE ALSO)72 439.2 R F0
+(PCR allocations: https://wiki.archlinux.or)108 451.2 Q(g/title/T)-.18 E
 (rusted_Platform_Module#Accessing_PCR_re)-.35 E(gisters)-.15 E
-(and https://trustedcomputinggroup.or)108 451.2 Q
+(and https://trustedcomputinggroup.or)108 463.2 Q
 (g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
-r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 463.2 Q
-(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-23-g984c5d5)72 817.889 Q
+r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 475.2 Q
+(able)-.8 E(1.)108 487.2 Q(tzpfms 0.3.4-23-g984c5d5)72 817.889 Q
 (February 28, 2024)83.018 E(2)183.837 E 0 Cg EP
-%%Page: 1 5
+%%Page: 1 10
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 45.793(ZFS-TPM1X-CLEAR-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 43.292(anual ZFS-TPM1X-CLEAR-KEY\(8\))-2.5
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
-(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.007 G -.25(ew)-3.008 G
+(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.008 G -.25(ew)-3.008 G
 .508(rap ZFS dataset k).25 F .808 -.15(ey i)-.1 H 3.008(np).15 G(asssw)
 -3.008 E .508(ord and clear tzpfms TPM1.X meta-)-.1 F(data)108 108 Q F1
-(SYNOPSIS)72 124.8 Q F2(zfs-tpm-list)108 136.8 Q/F3 10/Courier-Oblique@0
-SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0(After v)108 165.6 Q
-(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
-(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM1.X)
-2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F -.25(va)
--.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
-/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
-(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(TPM1.X)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
 201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
 (xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
 213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm1x-change-key)2.5 E F0
 (\(8\) for a detailed description.)A F1 1.666
 (TPM1.X back-end con\214guration)72 247.2 R .625(TPM selection)87 259.2
-R F0(The)108 271.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
-2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
-2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
-F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
-(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
-(The T)108 300 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
-(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
-(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
-2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 312 S
-(ing one of the earlier ones with, for e).1 E
+R F0(The)108 271.2 Q F2(tzpfms)2.729 E F0 .229
+(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
+-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 283.2 Q
+(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .111(The T)108 300 R(rouSerS)
+-.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
+E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
+F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
+312 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 328.8 R F0(The T)108 340.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -571,11 +931,11 @@ F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
 F1<83>128 446.4 Q F0(EvModder)7.5 E F1(REPOR)72 463.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 475.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 492 Q
-F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 504 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-23-g984c5d5)72 817.889 Q(December 4, 2022)83.023 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 6
+%%Page: 1 11
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -584,15 +944,15 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm1x-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .191
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1(wa)2.691
-G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E F0(back)
-2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69 F .49
--.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)2.5 E
-F0(.)A .236
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .19(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.69 E F0 -.1
+(wa)2.69 G 2.69(se).1 G .19(ncrypted with)-2.69 F F2(tzpfms)2.69 E F0
+(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .191(will unseal the k)2.69 F
+.491 -.15(ey a)-.1 H .191(nd load).15 F(it into)108 165.6 Q F3(dataset)
+2.5 E F0(.)A .236
 (The user is \214rst prompted for the SRK passphrase, set when taking o)
-108 182.4 R .236(wnership, if not "well-kno)-.25 F .236(wn" \(all)-.25 F
+108 182.4 R .236(wnership, if not "well-kno)-.25 F .235(wn" \(all)-.25 F
 (zeroes\); then for the additional passphrase, set when creating the k)
 108 194.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E
 (as set.)-.1 E(See)108 211.2 Q/F4 10/Courier@0 SF(zfs-tpm1x-change-key)
@@ -600,14 +960,14 @@ F0(.)A .236
 <ad6e>109.666 240 Q F0 3.208(Do a no-op/dry run, can be used e)131 240 R
 -.15(ve)-.25 G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F
 3.508 -.15(ey i)-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)
-8.207 E -.25(va)-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131
+8.208 E -.25(va)-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131
 252 Q F0 -.55('s)C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 268.8 Q
 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108
-280.8 Q F0 .045(By def)133 292.8 R .045(ault, passphrases are prompted \
-for and read in on the standard output and input streams.)-.1 F(If)5.046
-E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.596(is set and nonempty)
-4.096 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
-F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
+280.8 Q F0 .046(By def)133 292.8 R .045(ault, passphrases are prompted \
+for and read in on the standard output and input streams.)-.1 F(If)5.045
+E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.595(is set and nonempty)
+4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
+F4(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 316.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 333.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -620,23 +980,23 @@ F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
 381.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 393.6 Q F0("ag)160 393.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 410.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 410.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 422.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM1.X back-end con\214guration)72 439.2 R .625(TPM selection)87 451.2
-R F0(The)108 463.2 Q F2(tzpfms)2.729 E F0 .229
-(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 475.2 Q
-(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 492 R(rouSerS)
--.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-504 S(ing one of the earlier ones with, for e).1 E
+R F0(The)108 463.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
+2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
+2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
+F(the)2.729 E(en)108 475.2 Q(vironment v)-.4 E(ariable)-.25 E F4
+(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
+(The T)108 492 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
+(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
+(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
+2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 504 S
+(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 520.8 R F0(The T)108 532.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -651,11 +1011,11 @@ F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
 F1<83>128 638.4 Q F0(EvModder)7.5 E F1(REPOR)72 655.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 667.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 684 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 696 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-23-g984c5d5)72 817.889 Q(December 4, 2022)83.023 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 7
+%%Page: 1 12
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -664,112 +1024,112 @@ BP
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5
 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666
-(]...)C([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)
-A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])
-A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.676 -.8(To n)108 165.6
-T(ormalise).8 E F3(dataset)2.576 E F0(,)A F2(zfs-tpm-list)2.576 E F0
-.076(will open its encryption root in its stead.)2.576 F F2
-(zfs-tpm-list)5.077 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5
-E(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G
-(ncryption roots; use)-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0
-(\(8\) for that.)A(First, a connection is made to the TPM, which)108
-194.4 Q F4(must)2.5 E F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3
-(dataset)3.055 E F0 -.1(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555
-(viously encrypted with)-.25 F F2(tzpfms)3.055 E F0 .555(and the)3.055 F
-F1(TPM2)3.055 E F0 .554(back-end w)3.054 F .554(as used, the pre)-.1 F
-(vious)-.25 E -.1(ke)108 223.2 S 3.059(yw)-.05 G .559
-(ill be freed from the TPM.)-3.059 F .56
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0
+1.666(]...)C([)234 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A
+F2(,)A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A
+F0(]])A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 4.32 -.8(To n)108
+165.6 T(ormalise).8 E F3(dataset)5.22 E F0(,)A F2(zfs-fido2-add-backup)
+5.22 E F0 2.719(will open its encryption root in its stead.)5.22 F F2
+(zfs-fido2-add-backup)108 177.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 189.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 206.4 Q F4(must)2.5 E
+F0(be TPM-2.0-compatible.)2.5 E(If)108 223.2 Q F3(dataset)3.055 E F0 -.1
+(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555(viously encrypted with)-.25 F
+F2(tzpfms)3.055 E F0 .555(and the)3.055 F F1(TPM2)3.055 E F0 .554
+(back-end w)3.054 F .554(as used, the pre)-.1 F(vious)-.25 E -.1(ke)108
+235.2 S 3.059(yw)-.05 G .559(ill be freed from the TPM.)-3.059 F .56
 (Otherwise, or in case of an error)5.56 F 3.06(,d)-.4 G .56
 (ata required for manual interv)-3.06 F(en-)-.15 E
-(tion will be written to the standard error stream.)108 235.2 Q(Ne)108
-252 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
+(tion will be written to the standard error stream.)108 247.2 Q(Ne)108
+264 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
 -.15(ey i)-.1 H 2.794(sg).15 G .294
 (enerated on the TPM, optionally back)-2.794 F .294(ed up \(see)-.1 F F1
 (OPTIONS)2.794 E F0 .294(\), and sealed)B .588
-(to a persistent object on the TPM under the o)108 264 R .589
+(to a persistent object on the TPM under the o)108 276 R .589
 (wner hierarch)-.25 F .589(y; if there is a passphrase set on the o)-.05
-F(wner)-.25 E(hierarch)108 276 Q 1.603 -.65(y, t)-.05 H .302
+F(wner)-.25 E(hierarch)108 288 Q 1.603 -.65(y, t)-.05 H .302
 (he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .302
 (ys prompted for an optional passphrase to protect).1 F
-(the sealed object with.)108 288 Q(The follo)108 304.8 Q
+(the sealed object with.)108 300 Q(The follo)108 316.8 Q
 (wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
-316.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
-128 328.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
-(persistent-object-ID)A F0([)139 340.8 Q F2(;)A F3(algorithm)A F2(:)A F3
+328.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
+128 340.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
+(persistent-object-ID)A F0([)139 352.8 Q F2(;)A F3(algorithm)A F2(:)A F3
 (PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3
 (algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
-1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.263
+1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 369.6 Q F0 1.263
 (identi\214es this dataset for w)3.763 F 1.264(ork with)-.1 F F1(TPM2)
 3.764 E F0(-back-ended)A F2(tzpfms)3.764 E F0 1.264(tools \(namely)3.764
-F F5(zfs-tpm2-change-key)108 369.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
+F F5(zfs-tpm2-change-key)108 381.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
 2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0(\(8\)\).)A F5
-(tzpfms.key)108 386.4 Q F0 1.509(is an inte)4.009 F 1.509
+(tzpfms.key)108 398.4 Q F0 1.509(is an inte)4.009 F 1.509
 (ger representing the sealed object, optionally follo)-.15 F 1.509
 (wed by a semicolon and)-.25 F .822(PCR list as speci\214ed with)108
-398.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
+410.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
 (tpm-tools)3.322 E F0 .823(-toolchain-compatible; if needed, it can)B
-.866(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
+.866(be passed to)108 422.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
 (${tzpfms.key)6.866 E F2(%%)A F5(;)A/F6 10/Symbol SF(*)A F5(})A F0(with)
 3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.365("o)
-C(r)-3.365 E F2<ad70>109.666 422.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
+C(r)-3.365 E F2<ad70>109.666 434.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
 F2(#)A F6(*)A F5(;})A F0 .727(", as the case may be, or equi)B -.25(va)
 -.25 G .728(lent, for back-up \(see).25 F F1(OPTIONS)3.228 E F0(\).)A
-.448(If you ha)108 434.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
+.448(If you ha)108 446.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
 .748 -.15(ey y)-.1 H .448(ou can access with that or equi).15 F -.25(va)
 -.25 G .447(lent tool and set both of these properties, it).25 F
-(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.005
+(will funxion seamlessly)108 458.4 Q(.)-.65 E(Finally)108 475.2 Q 12.005
 (,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25 G 9.505(lent of).25 F F2
 9.505(zfs change-key)12.005 F<ad6f>17.172 E F5(keylocation=prompt)15.506
-E F2<ad6f>17.172 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.107 E F0
+E F2<ad6f>17.172 E F5(keyformat=raw)108 487.2 Q F3(dataset)6.107 E F0
 .107(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G
 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
 (rror occurred, best ef)-2.606 F .106(fort is made)-.25 F .289(to clean\
  up the persistent object and properties, or to issue a note for manual\
- interv)108 487.2 R .29(ention into the stan-)-.15 F(dard error stream.)
-108 499.2 Q 2.625<418c>108 516 S .125(nal v)-2.625 F .125
+ interv)108 499.2 R .29(ention into the stan-)-.15 F(dard error stream.)
+108 511.2 Q 2.625<418c>108 528 S .125(nal v)-2.625 F .125
 (eri\214cation should be made by running)-.15 F F2 1.79
 (zfs-tpm2-load-key \255n)2.624 F F3(dataset)6.124 E F0 5.124(.I)C 2.624
 (ft)-5.124 G .124(hat com-)-2.624 F .506(mand succeeds, all is well, b)
-108 528 R .506(ut otherwise the dataset can be manually rolled back to \
-a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 540 Q F3(dataset)
+108 540 R .506(ut otherwise the dataset can be manually rolled back to \
+a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 552 Q F3(dataset)
 11.539 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
 -8.039 F 5.539(ails to w)-.1 F(ork,)-.1 E F2 5.539(zfs change-key)8.039
-F<ad6f>13.204 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
+F<ad6f>13.204 E F5(keyformat=passphrase)108 564 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm2-clear-key)108 568.8 Q F3(dataset)6.029 E F0 .029
+F2(zfs-tpm2-clear-key)108 580.8 Q F3(dataset)6.029 E F0 .029
 (can be used to free the TPM persistent object and go back to us-)2.529
-F(ing a passphrase.)108 580.8 Q F1(OPTIONS)72 597.6 Q F2<ad62>109.666
-609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .353 -.15(ve a b)-.2 H .052
+F(ing a passphrase.)108 592.8 Q F1(OPTIONS)72 609.6 Q F2<ad62>109.666
+621.6 Q F3(backup-file)6 E F0(Sa)203 621.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
 E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
-F .693(This back-up)203 621.6 R F4(must)3.193 E F0 .694
+F .693(This back-up)203 633.6 R F4(must)3.193 E F0 .694
 (be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
 (-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 633.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 645.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 662.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
+(nt,).15 E(the k)203 645.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 657.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 674.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
 A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3(algorithm)
 A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C 1.666(]...)
--1.666 G 1.425(Bind the k)203 674.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
+-1.666 G 1.425(Bind the k)203 686.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
 G 1.425(pace- or comma-separated)-3.925 F F3(PCR)3.924 E F0 3.924(sw)C
-1.424(ithin their corresponding)-3.924 F(hashing)203 686.4 Q F3
+1.424(ithin their corresponding)-3.924 F(hashing)203 698.4 Q F3
 (algorithm)2.523 E F0 2.523<8a69>2.523 G 2.523(ft)-2.523 G(he)-2.523 E
 2.523(yc)-.15 G .023(hange, the wrapping k)-2.523 F .323 -.15(ey w)-.1 H
-.024(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
+.024(ill not be able to be).15 F 2.5(unsealed. There)203 710.4 R(are)2.5
 E F1(24)2.5 E F0(PCRs, numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0(].)
-A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
+A F3(algorithm)203 727.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
 5.468(fc)-5.468 G(ase-insensiti)-5.468 E 3.268 -.15(ve ")-.25 H F1(sha1)
 .15 E F0 2.968(", ")B F1(sha256)A F0 2.968(", ")B F1(sha384)A F0(",)A(")
-203 727.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
+203 739.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
 (sm3-256)A F0 4.983(", ")B F1(sha3_256)A F0 4.983(", ")B F1(sha3-256)A
-F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 739.2 Q F1(sha3-384)A F0
+F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 751.2 Q F1(sha3-384)A F0
 (", ")A F1(sha3_512)A F0(", or ")A F1(sha3-512)A F0
 (", and must be supported by the TPM.)A(tzpfms 0.3.4-23-g984c5d5)72
 817.889 Q(February 28, 2024)83.018 E(1)183.837 E 0 Cg EP
-%%Page: 2 8
+%%Page: 2 13
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -847,7 +1207,7 @@ E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 669.6 Q
 (able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-23-g984c5d5)72 817.889 Q
 (February 28, 2024)83.018 E(2)183.837 E 0 Cg EP
-%%Page: 1 9
+%%Page: 1 14
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -857,8 +1217,8 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-clear-key)108 96 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G
 (rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
 (ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q F2
-(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
-(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
+(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5
+E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
 (dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2
 (tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 5
 (1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)-.25 G 5.641
@@ -928,7 +1288,7 @@ F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 710.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-23-g984c5d5)72 817.889 Q(December 4, 2022)83.023 E
 (1)183.842 E 0 Cg EP
-%%Page: 1 10
+%%Page: 1 15
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -937,23 +1297,23 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .864
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1(wa)3.364
-G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E F0(back)
-3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865(nseals the k)-3.365
-F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F(into)108 165.6 Q F3
-(dataset)2.5 E F0(.)A(The user is prompted for the additional passphras\
-e, set when creating the k)108 182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5
-(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4 10/Courier@0 SF
-(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
-(OPTIONS)72 216 Q F2<ad6e>109.666 228 Q F0 3.208
-(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25 G 5.708(ni).15
-G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708(sa)
-.15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G 3.207
-(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)C F2<ad6e>
-4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)-.3 F
-(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .864(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1
+(wa)3.364 G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E
+F0(back)3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865
+(nseals the k)-3.365 F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F
+(into)108 165.6 Q F3(dataset)2.5 E F0(.)A(The user is prompted for the \
+additional passphrase, set when creating the k)108 182.4 Q -.15(ey)-.1 G
+2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4
+10/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(OPTIONS)72 216 Q F2<ad6e>109.666
+228 Q F0 3.208(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25
+G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)
+-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)
+-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)
+C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
 (By def)133 280.8 R .045(ault, passphrases are prompted for and read in\
  on the standard output and input streams.)-.1 F(If)5.046 E F4
 (TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.596(is set and nonempty)4.096
diff --git a/zfs-fido2-add-backup.8 b/zfs-fido2-add-backup.8
new file mode 100644
index 0000000..08a80cb
--- /dev/null
+++ b/zfs-fido2-add-backup.8
@@ -0,0 +1,125 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-ADD-BACKUP 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-add-backup
+.Nd allow another FIDO2 device to unlock ZFS dataset
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After
+.Xr zfs-fido2-change-key 8
+derives the key for a dataset from a FIDO2 device,
+.Nm
+may be executed to extend this to any number of additional devices.
+.Pp
+First, the wrapping key is extracted as normally during
+.Xr zfs-fido2-load-key 8 ,
+then a credential is made as-if during
+.Xr zfs-fido2-change-key 8
+(except the "primary" device and all the ones holding backups are excluded from the search);
+however, the
+.Ql hmac-secret
+is instead used as a symmetric AES-256-GCM
+.Pq Xr EVP_CIPHER-AES 7ssl
+key to encrypt the wrapping key directly with a random IV.
+.Pp
+This turns the
+.Li xyz.nabijaczleweli:tzpfms.key
+variable into
+.br
+.Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns Ar backup-salt Ns Cm :\:\& Ns Ar backup-credential-ID Ns Cm :\:\& Ns Ar backup-credential-public-key Ns Cm :\:\& Ns Ar IV Ns Cm :\:\& Ns Ar encrypted-key Oc Ns …
+.Pp
+.Li tzpfms.key
+is actually a dot-separated list of device bundles.
+The first one is as-described in
+.Xr zfs-fido2-change-key 8 .
+Subsequent ones also include (identically-encoded) IVs and encrypted blobs.
+.Pp
+.Xr zfs-fido2-load-key 8
+shops assertions around devices in a device-major order \(em
+depending on device numbering, a backup may be loaded even if the primary device is present.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-add-backup.8.html b/zfs-fido2-add-backup.8.html
new file mode 100644
index 0000000..e6d3444
--- /dev/null
+++ b/zfs-fido2-add-backup.8.html
@@ -0,0 +1,153 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-ADD-BACKUP(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-add-backup</code> &#x2014;
+    <span class="Nd">allow another FIDO2 device to unlock ZFS dataset</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-add-backup</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    derives the key for a dataset from a FIDO2 device,
+    <code class="Nm">zfs-fido2-add-backup</code> may be executed to extend this
+    to any number of additional devices.</p>
+<p class="Pp">First, the wrapping key is extracted as normally during
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    then a credential is made as-if during
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    (except the &quot;primary&quot; device and all the ones holding backups are
+    excluded from the search); however, the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; is instead used as a
+    symmetric AES-256-GCM
+    (<a class="Xr" href="https://manpages.debian.org/bookworm/EVP_CIPHER-AES.7ssl">EVP_CIPHER-AES(7ssl)</a>)
+    key to encrypt the wrapping key directly with a random IV.</p>
+<p class="Pp">This turns the
+    <code class="Li">xyz.nabijaczleweli:tzpfms.key</code> variable into
+  <br/>
+  <var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code><var class="Ar">backup-salt</var><code class="Cm">:</code><var class="Ar">backup-credential-ID</var><code class="Cm">:</code><var class="Ar">backup-credential-public-key</var><code class="Cm">:</code><var class="Ar">IV</var><code class="Cm">:</code><var class="Ar">encrypted-key</var>]&#x2026;</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is actually a dot-separated
+    list of device bundles. The first one is as-described in
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>.
+    Subsequent ones also include (identically-encoded) IVs and encrypted
+  blobs.</p>
+<p class="Pp"><a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>
+    shops assertions around devices in a device-major order &#x2014; depending
+    on device numbering, a backup may be loaded even if the primary device is
+    present.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-change-key.8 b/zfs-fido2-change-key.8
new file mode 100644
index 0000000..6bd3f57
--- /dev/null
+++ b/zfs-fido2-change-key.8
@@ -0,0 +1,186 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CHANGE-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-change-key
+.Nd change ZFS dataset key to one authenticated by a FIDO2 device
+.Sh SYNOPSIS
+.Nm
+.Op Fl b Ar backup-file
+.Ar dataset
+.
+.Sh DESCRIPTION
+To normalise the
+.Ar dataset ,
+.Nm
+will open its encryption root in its stead.
+.Nm
+will
+.Em never
+create or destroy encryption roots; use
+.Xr zfs-change-key 8
+for that.
+.Pp
+First, a connection is made to the FIDO2 device, which
+.Em must
+support the
+.Ql hmac-secret
+extension.
+.Pp
+If
+.Ar dataset
+was previously encrypted with
+.Nm fzifdso
+and the
+.Sy FIDO2
+back-end was used, the metadata will be silently cleared.
+Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
+.Pp
+Next, a new credential of type ES256 is generated on the device (with relying party ID
+.Li fzifdso
+and name equal to the dataset name)
+with the
+.Ql hmac-secret
+extension requested; the device PIN, if any, is prompted for here.
+This mimicks a WebAuthn registration step.
+.Pp
+Then, the credential is asserted with a 32-byte random salt,
+which hashes it with device-private data, and thus generates the wrapping key
+.Pq which is optionally backed up Pq see Sx OPTIONS .
+This mimicks a WebAuthn login step.
+.Pp
+The following properties are set on
+.Ar dataset :
+.Bl -bullet -compact -offset 4n -width "@"
+.It
+.Li xyz.nabijaczleweli:tzpfms.backend Ns = Ns Sy FIDO2
+.It
+.Li xyz.nabijaczleweli:tzpfms.key Ns = Ns Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns … Oc Ns …
+.El
+.Pp
+.Li tzpfms.backend
+identifies this dataset for work with
+.Sy FIDO2 Ns -back-ended
+.Nm tzpfms
+tools
+.Pq i.e. Nm fzifdso Xr zfs-fido2-change-key 8 , Xr zfs-fido2-load-key 8 , Xr zfs-fido2-add-backup 8 , and Xr zfs-fido2-clear-key 8 .
+.Pp
+.Li tzpfms.key
+is a colon-separated tuple of unpadded URL-safe base64 blobs;
+the first one is the random salt;
+the second represents the ID of created credential,
+and the third \(en its public key.
+There exists no other user-land tool for deciphering this; perhaps there should be.
+.\"" TODO: make an LD_PRELOADable for extracting the key maybe?
+.Pp
+Finally, the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=raw Ar dataset
+is performed with the new key.
+If an error occurred, best effort is made to clean up the properties,
+or to issue a note for manual intervention into the standard error stream.
+.Pp
+A final verification should be made by running
+.Nm zfs-fido2-load-key Fl n Ar dataset .
+If that command succeeds, all is well,
+but otherwise the dataset can be manually rolled back to a passphrase with
+.Nm zfs-fido2-clear-key Ar dataset
+.Pq or, if that fails to work, Nm zfs Cm change-key Fl o Li keyformat=passphrase Ar dataset ,
+and you are hereby asked to report a bug, please.
+.Pp
+.Nm zfs-fido2-clear-key Ar dataset
+can be used to clear the properties and go back to using a passphrase.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl b Ar backup-file"
+.It Fl b Ar backup-file
+Save a back-up of the key to
+.Ar backup-file ,
+which must not exist beforehand.
+This back-up
+.Em must
+be stored securely, off-site.
+In case of a catastrophic event, the key can be loaded by running
+.Dl Nm zfs Cm load-key Ar dataset Li < Ar backup-file
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-change-key.8.html b/zfs-fido2-change-key.8.html
new file mode 100644
index 0000000..68ea232
--- /dev/null
+++ b/zfs-fido2-change-key.8.html
@@ -0,0 +1,206 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CHANGE-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-change-key</code> &#x2014;
+    <span class="Nd">change ZFS dataset key to one authenticated by a FIDO2
+    device</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-change-key</code></td>
+    <td>[<code class="Fl">-b</code> <var class="Ar">backup-file</var>]
+      <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">To normalise the <var class="Ar">dataset</var>,
+    <code class="Nm">zfs-fido2-change-key</code> will open its encryption root
+    in its stead. <code class="Nm">zfs-fido2-change-key</code> will
+    <a class="permalink" href="#never"><i class="Em" id="never">never</i></a>
+    create or destroy encryption roots; use
+    <a class="Xr" href="https://manpages.debian.org/bookworm/zfs-change-key.8">zfs-change-key(8)</a>
+    for that.</p>
+<p class="Pp">First, a connection is made to the FIDO2 device, which
+    <i class="Em">must</i> support the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension.</p>
+<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
+    <code class="Nm">fzifdso</code> and the <b class="Sy">FIDO2</b> back-end was
+    used, the metadata will be silently cleared. Otherwise, or in case of an
+    error, data required for manual intervention will be written to the standard
+    error stream.</p>
+<p class="Pp">Next, a new credential of type ES256 is generated on the device
+    (with relying party ID <code class="Li">fzifdso</code> and name equal to the
+    dataset name) with the &#x2018;<code class="Li">hmac-secret</code>&#x2019;
+    extension requested; the device PIN, if any, is prompted for here. This
+    mimicks a WebAuthn registration step.</p>
+<p class="Pp">Then, the credential is asserted with a 32-byte random salt, which
+    hashes it with device-private data, and thus generates the wrapping key
+    (which is optionally backed up (see
+    <a class="Sx" href="#OPTIONS">OPTIONS</a>)). This mimicks a WebAuthn login
+    step.</p>
+<p class="Pp">The following properties are set on
+  <var class="Ar">dataset</var>:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li id="xyz.nabijaczleweli:tzpfms.backend"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.backend"><code class="Li">xyz.nabijaczleweli:tzpfms.backend</code></a>=<b class="Sy">FIDO2</b></li>
+  <li id="xyz.nabijaczleweli:tzpfms.key"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.key"><code class="Li">xyz.nabijaczleweli:tzpfms.key</code></a>=<var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code>&#x2026;]&#x2026;</li>
+</ul>
+<p class="Pp"><code class="Li">tzpfms.backend</code> identifies this dataset for
+    work with <b class="Sy">FIDO2</b>-back-ended <code class="Nm">tzpfms</code>
+    tools (i.e. <code class="Nm">fzifdso</code>
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-add-backup.8.html">zfs-fido2-add-backup(8)</a>,
+    and
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>).</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is a colon-separated tuple of
+    unpadded URL-safe base64 blobs; the first one is the random salt; the second
+    represents the ID of created credential, and the third &#x2013; its public
+    key. There exists no other user-land tool for deciphering this; perhaps
+    there should be.</p>
+<p class="Pp">Finally, the equivalent of <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=raw</code> <var class="Ar">dataset</var> is
+    performed with the new key. If an error occurred, best effort is made to
+    clean up the properties, or to issue a note for manual intervention into the
+    standard error stream.</p>
+<p class="Pp">A final verification should be made by running
+    <code class="Nm">zfs-fido2-load-key</code> <code class="Fl">-n</code>
+    <var class="Ar">dataset</var>. If that command succeeds, all is well, but
+    otherwise the dataset can be manually rolled back to a passphrase with
+    <code class="Nm">zfs-fido2-clear-key</code> <var class="Ar">dataset</var>
+    (or, if that fails to work, <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=passphrase</code> <var class="Ar">dataset</var>),
+    and you are hereby asked to report a bug, please.</p>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code>
+    <var class="Ar">dataset</var> can be used to clear the properties and go
+    back to using a passphrase.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="b"><a class="permalink" href="#b"><code class="Fl">-b</code></a>
+    <var class="Ar">backup-file</var></dt>
+  <dd>Save a back-up of the key to <var class="Ar">backup-file</var>, which must
+      not exist beforehand. This back-up <i class="Em">must</i> be stored
+      securely, off-site. In case of a catastrophic event, the key can be loaded
+      by running
+    <div class="Bd Bd-indent"><code class="Li"><code class="Nm">zfs</code>
+      <code class="Cm">load-key</code> <var class="Ar">dataset</var>
+      <code class="Li">&lt;</code>
+      <var class="Ar">backup-file</var></code></div>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-clear-key.8 b/zfs-fido2-clear-key.8
new file mode 100644
index 0000000..dd2a76c
--- /dev/null
+++ b/zfs-fido2-clear-key.8
@@ -0,0 +1,113 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CLEAR-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-clear-key
+.Nd rewrap ZFS dataset key in passsword and clear tzpfms FIDO2 metadata
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 :
+.Bl -enum -compact -offset 2n -width 2n
+.It
+performs the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=passphrase Ar dataset ,
+.It
+removes the
+.Li xyz.nabijaczleweli:tzpfms.\& Ns Brq Li backend , key
+properties from
+.Ar dataset .
+.El
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-clear-key.8.html b/zfs-fido2-clear-key.8.html
new file mode 100644
index 0000000..46e553e
--- /dev/null
+++ b/zfs-fido2-clear-key.8.html
@@ -0,0 +1,143 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CLEAR-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code> &#x2014;
+    <span class="Nd">rewrap ZFS dataset key in passsword and clear tzpfms FIDO2
+    metadata</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-clear-key</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>:</p>
+<ol class="Bl-enum Bd-indent Bl-compact">
+  <li>performs the equivalent of <code class="Nm">zfs</code>
+      <code class="Cm">change-key</code> <code class="Fl">-o</code>
+      <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+      <code class="Li">keyformat=passphrase</code>
+      <var class="Ar">dataset</var>,</li>
+  <li>removes the
+      <code class="Li">xyz.nabijaczleweli:tzpfms.</code>{<code class="Li">backend</code>,
+      <code class="Li">key</code>} properties from
+      <var class="Ar">dataset</var>.</li>
+</ol>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-load-key.8 b/zfs-fido2-load-key.8
new file mode 100644
index 0000000..247ca04
--- /dev/null
+++ b/zfs-fido2-load-key.8
@@ -0,0 +1,98 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-LOAD-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-load-key
+.Nd load FIDO2-encrypted ZFS dataset key
+.Sh SYNOPSIS
+.Nm
+.Op Fl n
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 ,
+asserts the preserved challenge, HMACking the salt with the on-device secret, and loads the resulting key into
+.Ar dataset .
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl n"
+.It Fl n
+Do a no-op/dry run, can be used even if the key is already loaded.
+Equivalent to
+.Nm zfs Cm load-key Ns 's
+.Fl n
+option.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-load-key.8.html b/zfs-fido2-load-key.8.html
new file mode 100644
index 0000000..ffc6446
--- /dev/null
+++ b/zfs-fido2-load-key.8.html
@@ -0,0 +1,117 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-LOAD-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-load-key</code> &#x2014;
+    <span class="Nd">load FIDO2-encrypted ZFS dataset key</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-load-key</code></td>
+    <td>[<code class="Fl">-n</code>] <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>,
+    asserts the preserved challenge, HMACking the salt with the on-device
+    secret, and loads the resulting key into <var class="Ar">dataset</var>.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+  <dd>Do a no-op/dry run, can be used even if the key is already loaded.
+      Equivalent to <code class="Nm">zfs</code>
+      <code class="Cm">load-key</code>'s <code class="Fl">-n</code> option.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>