From db582df70401098f821af771c93034000d5f0d45 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1=20autouploader?=
 <nabijaczleweli/autouploader@nabijaczleweli.xyz>
Date: Sun, 3 Mar 2024 16:36:38 +0000
Subject: [PATCH] Manpage update by job 1161116

---
 tzpfms.pdf                  | Bin 65606 -> 81309 bytes
 tzpfms.ps                   | 890 +++++++++++++++++++++++++-----------
 zfs-fido2-add-backup.8      | 125 +++++
 zfs-fido2-add-backup.8.html | 153 +++++++
 zfs-fido2-change-key.8      | 186 ++++++++
 zfs-fido2-change-key.8.html | 206 +++++++++
 zfs-fido2-clear-key.8       | 113 +++++
 zfs-fido2-clear-key.8.html  | 143 ++++++
 zfs-fido2-load-key.8        |  98 ++++
 zfs-fido2-load-key.8.html   | 117 +++++
 10 files changed, 1766 insertions(+), 265 deletions(-)
 create mode 100644 zfs-fido2-add-backup.8
 create mode 100644 zfs-fido2-add-backup.8.html
 create mode 100644 zfs-fido2-change-key.8
 create mode 100644 zfs-fido2-change-key.8.html
 create mode 100644 zfs-fido2-clear-key.8
 create mode 100644 zfs-fido2-clear-key.8.html
 create mode 100644 zfs-fido2-load-key.8
 create mode 100644 zfs-fido2-load-key.8.html

diff --git a/tzpfms.pdf b/tzpfms.pdf
index e2a3197c4817dbd841aba9a2dbc5ce895f441a3e..122eda16cce616ec9c197804bf2d9c9983b98a7e 100644
GIT binary patch
delta 58961
zcmZUaQ+S};vbE!mt&VNm?AYnpNyoO6FSgOKla6iM?%1~N<X`8UfA5=hHRn@T^Qz`M
zMvWTsgUEV=sDT3ok~P;H*ThjPJ5Fi;=#;XwkVi2Ewm+GeL^dUB)TtSFG{!gS5OJZS
z_=5ySlD)cYDSsw^3}0mTZi~~nj+Hvf8kl;vDdY%jJZEVnp}>8y0mB)jk?Z&$z61N!
zg)g+5aZ7gviB^O_YIV%~c+_*|bDmsa+ytk@P_>=e;o2QgAG^-S&&#T>aM+EXhUqfG
zCje`Gx{Aq=!5AAg$N4<b_if^jJTla&e?N7-H4DJU;`@1Ux(IDcY1~9hTig4ThM_oh
zZW<d&6?ysN1~te2bXU(+$ObcH67E3EElkEESD{(-R8xll)x;$!L6A9vTi}5BD`cgz
zc2YUUE>i~xjjops?Tw!x|8p_A#Hi5jgEw~JniEMaz}0G6p*i;bVOAs2;iWG{)uJlF
zWNOm9l?_YDTi?zL@fb2}Pr-6YF#nP(He|!WBK--I6|TeVq+LMV2RE&lP~*4-mvp?m
zkt)m?S2F^}t<>bD=_YO<K!v-so-Oujw$b>zsuDF&HVPaHK4gLU=Mx8Jc(BD$PJQ~k
z+*rB_;I@KzKUS{wuRZ#Eodq7?ZnWBh*f|ep%bD3#O;;Zt5i%}he17&8mrJ8hN>w4s
z3Gq+QhF!`=E-ATEPI%Sg+77oAZ9*z|#02GlJu9P2f#dx#I9E(r<B>!HBYd5Iu=d6V
zOXvrBX0fY7BzJ|~LdFUjiJk&CK$Y`MSU<8iIw)O@7cK{P4h(?m4x)HON==LxsLvG=
z5H$3<LDR||kl;NfCOO`Fs$WxXLH8gD<d0Eu4Ww|w12bj}2rlb6KfL1on{A_7ss>PZ
zs42FqnD)DFRKnqXwJ6Cy2~1G`$cYn)bp8euTs4o*77K9;HtC2^ZZZ7f$W#-|dZ>7a
z`-D963LVwaxS*jc`U&30)w6vv&`n(6O`&f!eyrIfY()2Aa?Lvi3^ilA_(+7(D{-H{
zA^e){u`twht@67^)a9MWy*3RjE(<fdmsUxjW8_duzZ|J!=m|jC{%)_g?dj#GaAyv9
zfL#6_^8eA=p$+984p)n=nf#-)BijbNAM}9J-9Tt^j3I28LJO8@Tvja<0hS27b@<B@
zYLhL^%?bpONq(I<+o-nE7(~xH(ijb+9Sd7L3inqJwy={!gW{m9vM$6nXv%1?2Zgi?
zHKJ-@V@34nKFzAm(Fy9WazDL<5@ZAb6Fk%(!J;!rab&&^Uj_x^=GFDqt!@f~i9TaB
z2I_T>=^J)|yu>!rYhHZ{v>${?oRW~vD>RIVM86OH&`s#>#KY{F9C}8PpShYSr5AEi
z&%&U{7G8gvvEoPpd8tfrQ&>`abSWN`()9)+L{+((%@0*FX6~#h*-OvEc1|n+xxQ8t
zbDrMk<fOQK+HR_PQ=wW;gRP;0d{Vogas1vD47z2DRBzmbXGZuJ<bG-gnQ`tJhib#!
zk4+h7WXMYJc5P#aTC17|S;tU3MVISslV<KPTr=RV5ZM8e`Ylz(3YFTfjkvLYF-vZc
z0i+D1{7wN4stB&efJ#l-_<jc%NtHpYh^+YWlaldG-u0uYOyHtxhE9vDTkIx9g)f55
zL)B-cii6w+6%leqBl=md{ge2#mi26*jwBqj6eLyUrKBWdy_OnoEni98f*n)ZGey0i
zF}<2+lX-etJo01v4a@FKEPWt!M6BDJ6_aVcsq#0%39AH^I1`f2<XtvUEB_~Y!?AdC
zciMJUdAnYHW6Rik&zAK{+ZVhhdirY!HZMV}0R!?G6OT#gCvMf3qO>;C!%PHCLGg9S
z^|?~AsLz@mOT^D49hRR&2)Sg7b*KTGqqIbAHYz_f$ma?xYL?Gnk&;Ch{e#Df{FEZu
z-Fi0;V#KrPe<Fh#S8*)>kgtAt7gGoa+WK(oJc003wWsuA-?2u)rey0-4$@|%45u3z
z^Sea71ERB@3yswnrEk0tYJan!-O46X+biGEU~-f=njroeL4~Btlyo0BCPNGOExG|F
z!2hK(mO#ZKc21{)`&c?+P9lqG(M5G~Y#SOhI4;`Om;akZLH*7V$oeHlFQb$T-@lt4
zcw|z7Q%gCBtpnD-I`2vtk$vQ*ecRNOk#Wqa*x>;Rmh}z_*OZGM-|qAsDe=u;ho^7_
z3VQ+pgNdaS$#8`kuPh;w4Hon2o2_Dqvnt*Xqcy5>lB$Da#R*fGbvSfOb6na5-4h;^
zAT7xC+)umvs3AHhfX@VH+gdvebysqD^1B<JSPM_+pOl=b>RHSgE5o&4oTD&^Z|)w<
zotbE9R}6T6ch|T&1q6LQgt7Jz`x#D^n!#`0m&%*5>ZjF<>sJ=u&gNF`@7_*A%TFGV
zM>=S&azhtZs&6doJa!Chx0`U5995#DPSFP*Fmr2lv1U4`fQ?4TWO9d=zAh*~<y;<6
z`~5UjeT;W(44H(bg{G=~TB(pPb+zkLap9#9>ql*7`>s`)g`SYjoR2{(7Rub;w&uCZ
zp_LJRi*WR#MAW_Sx}>rq)oFEpt_D1h!=nSWA~RJ@O8l<SJ48RdZQU|xIVp&KfhLP(
z#fOsNY=Dym1JkQbyT<XxlzS{oOi^-5iF+Xj>F<mL5A!obZS+972ol3?Nrreh#EwNq
z!#4w5l6?0KxZPUJB-jqj2fWhpBcL6Wx}Hz~gKggy{!*(@ThdB}FWeG_)Bw`nat-;M
z!$UWry7cd}aswDgLK&H)cdl0+S5ky1*D0k8Va(bSFnRuvUN;<PPdejDPF*LpXmU^h
z)4e^Y)`kM9cCE667*(x}pHWs<7Z~w(RFu$jVKxp5K0E?O0LI34eF3*d$LLEn@d{tI
zbwDceFX0MwEP^PGdN7mvGKE?y_jhDEr6+3$^Ep`ZG*1|JY^I_i*$rJTX%Ym%1zCQA
zry-<cpxSpB2@(9OJX_f0f@_@19`Pz^CieaNU2!;`c3!w=OuQJb`Nq5*3C1xgLc+@e
zq$Xv44@JdrKc3<`Y}&?dk4g_R_KHC7`S)`V?CC{=x0+tgp~wo{D*i4Z^ASzR_hS2`
z@ZNy{Q5dTuuh_LNnGajGRng+iJ${PqO)(r3;OQ6d_W_#Y<ui#RP2Pg`aF#?|r35LN
z#8Z<kE-JMS&g=^ug=6rJnyk99F3u_9lO*s1v2qs`gt}9|4O0+DY`ZPo8m6rjWFEr8
z4;CzwMcEjBZ&D~F7%O@kodrVTml&*uCvOo@ciO~`pbh1}QOHDm3X+JaPz9DaQ1e%>
zfaTCfJko<RT$E~f^d71rm6UVJ0eKi53Ao<kGUvEqvbi{Wr!`YNaUa7sI$b8`cKSKE
zv9^V}Ab7an!)(ckoYE>Uj*3e`JATrr(EUN05ygJ3IL`<}CJccM&@N>cx1!<1b4Xz=
z6Rhl)%A7sU!Yl0~aFW<OI4h1Jd(#XRK-Rh9oCMqE05d`E;hC<k<YxS&XgQ{Blm$nv
z61@Y|L7}4S+DD{_KwI>BGTAke59p-znhS3HsnWQ^Zv!t_@^(2iwzIpH`v=A=ar{tT
zdm2AfY-pMv6mG$XMmHEij3sG<LE5k?5BSFe?Yz#&=%xM)C}N<@iY_(^y^tS>z_Dz!
zS>9svUEXDzGTd(=pITRKGkdCTN9UsNg)!CEUsy4BxiV2Sr8cunD?L%T1;Z|2ChZl?
z+R&BhbWxT_&GsFS69%QpgZz|W(aygFZ=BtiBma1g%}X1TW9CzQKOS)Q5i-Uuk;#Q0
z<~{ySAJ;w@ViDAAg$uX-%`2Mz5J<LU-v8mj6ydb(mlw9hc{2o}q_?<DaKd&{-O0tm
z<kDl#W6erztibVim~>nTrm<%17d5DgCX|4#`a+Ypi(?($_p6<hTsv&LLT)AtDYplb
za3`FjjKsst#LoLh9Zx1NGxa&nqhi95_m7i<>H47%1MG`STKI~e>SIz@Ye161%k~)v
z)9oJ5k{@Y#TU-)rn^9N+<(b!I7@}w?%;2|t!X*op4je!!;O#}1{_84i^MM*UqWodS
zo&N2x?ZgxX<H=ZUVVsQd>-H6Quef9&|4D0o3p^MXxsgB4Clmt->&3COJD`!)<g47`
z(9`oli9H<gV(37w=IAKp3J7~|vGhs`&E9-YaVy}igeeF2-c)WLvPfoh(!xY*wx~I2
z<9W%;5F6tVw8sYzO`t4i9JSOu{MBSJoFxb!no4OYeUF59on#Mv&hHV9kbHGROwwAk
z<FJlv0=Csq;1(Cz&*;fjjB6lw>9y^(S=UU;rhMVXBO0IAU-Q%P3E(fN%x;k@zbUS=
zfHI1>X6ogG@^KpREGoSrsHLEAsvSm%YBo}u=aSgoVcrqCzNYGVT;xn$x8xCgrF?%8
zY=1TKGO;ywa&|N^w1NHSW@lsx%R$6M^gkyn3me;iYRugKzsSeOC~IPC=4?*H!bHTB
z7$89g$R(}~p>$qVr;3)r|AB@Mv|GM0w5i^eD_k&5sU6pA{YL=l^pSw#fTZMCag!Hy
z=YORxv8MJ8SE;Be^GK5TrJY<ZRqH>!Pw9lRrhGaBNA0XB8#y1oLkHCrZ?s#rc9>?<
zwnndpwE{mGoiM%V<b5cmR*c**?T2H%o4B$8O+mr##vFa$r?L9(kI(nhYOKdCMqf`G
z@@lj5$N2^$PVINs!`8gL7lB31im8ee&9sfkSGbn}m=zMiJG9{=i`CAVjzS3r{_STb
zhgMI&=7f>NcGCmmwYu0#xvjOTy;;<0+rLxjYjCw-Q-*Kx>&K@ZTU0$Tb3X`g0tonk
z_MMKm`8|2OR)YFgN`3cc+jE!NGCtld<Actct+2VCZ2vdDSE<U^oQ^F9N9Fn~TDgR?
zI4SGoMom(!$3Lur<Lqbx_Q7XVSCME|-`@Hnm{@!(%6tW#U|UzRRAGPPuSQd?kxXmV
z8jYikr#e$;ho@ojRAo>sipEE-Fh+I*(H*JJ@|k@Y@rffowm_Swi;tHF@6Gqj_hsD`
zOB2TW_esO*P2VvEx5QvDN;y(>?FYjZ{>O)69!pDI>jsRy!GaR6y_C^n;_dCW*SD#w
z(=1SP@8PF>|IRJlbzd(hkIoivmjyAZ@83F`*TIc`eJ>Ro923AR-5aW1#WcJC^h!^4
zo9J<RkyB2D!9$Bdfzw>ixt_D^Day;p8c@TfkN!L%@5b?C=Xk!2+GShKMl5pL)sS$O
zYK6C^5@|Jc)p6JdRu%zm?nLlqJ!GD)GXN3qy(hdcmzUM1GTRGEXT-J&U&KD!pGJq^
z$6{a!@4(}Zz0swWo7YIOkX90~1U6%)iZH-wLth^}*G01h5+fwKM<#pT(c>^jgkOO<
zwlIWf(Pb1WF2Ot>bIt80!idLhBun&BnrJYB7@@qxWz{~abz+EXhpo7&IUU(%aU{9h
zK_e4Co`{aHW<m>6Mk0&w7neFY$Y1t~o7XnNd+ud|YZ)At1fgXkFD(~92s)+=Va(|F
z)nB*(X<6MT63>JuwQ<$7<phhdlUV1FTo{<~bGP!&4tQ0*KrY8H0Y6JZdtVk?|F+`M
zn!PW7T3D4M5YOB2;qJCQ4=0<B&+0i|oMZf##MOs@{f)R4ta{_B@m}aWsAhG}82?*D
z6=B5bjI{!fmr(m~{)Q~@mppo;@fG>ZZP0T;B~ho?>C`hlxqR~`y~%q^nB`c^czamp
z*|&Qjt59CsAa5_KJ>s=K1i2$!X8-(0#tJG)QwkJUj+E(=RHx(ux+8reTP=D8C|nA?
z^<*<iIizGS;!mVF*h+PcT7iJ$!z3?*7(5iig>(~gG#A~{_lGRN4^zA^cpq7A=T7y?
zt+g2u+D0#O3ki}VF}&_4NgkE9lHka?c(fELJ{66RYAI7vfLzb;YGL-3!ALEG7Lojs
z;#}XBW~VacARtV_3nLcXgB6Ei^cegD&J6)9K(cl~J1xIRQH(d5?7b7+WrS?bfe5Wf
zT+ckNF`u=ctfdU#zkqCS3AUpey%M9g)EtVxcOFY#_oJ*$B>O-KKn!X%sHPVoz-!{i
zIN)D1bMZ1t*^;YE0bhl>Q6Oa|O1UM7_?zc{mLSG24yNcwHfl|Y9RNYf16bCID)iXj
zs>E6Z{ro+=c{C%LZaF77M&_0-O=hnMK5$BVA)t_gcDo2X94usFKqw}IR~3K_lj4mN
zow9MR^?<`%<HiuVm=UYIwXKd$P==8pL6C=>X+<K$yVTO&av~t#?$OC(NJJiR2jSp5
z4DqgZF@m(qvhYoHxb5e~!Dn&l2`!d3OnOZiJXBcxsFeEV^_<<wmj|*4t=;%buF0m|
zsE0$d9t8oAZu4{#3wtb$z|Bd}Kljl!FRgUu>#N#%jYG(slDMZ26i_b>Wx;iqibbcH
zm)=1u$M>}6{G0zP>*6VBxt8m&<i-LSr{pdC_i%Nk5-Z9O1!0Tl$&@lhzi@KJ)(U2Y
zSP+*egb-6WWD5SHMk&fqW_XxgGI77Ig!Jo26!mr>1X{>%V^(ikZyHZrDMgIJ??*TV
zWj#Dz2n!kp(kmU4waLe_71|}Q?H1_>JI}p!`I|^VFy@>cA_Rm1xT0-ya-VN%07)2*
zWms1mJu=8OSAkCD*c3u16q4u5r-jSw!4JJVX#U9B1N~U&lDG4VldPYn<GamtKr@C!
zEqxbYy>+qFK9na3Gsp}6VZMBScH>J7HX}MaFSbTnhVYr=#D{9nhd5-0-GJXOs<<h)
zHfeB9e^*o$;A6BF((o{hvlA;IeuRk>jYn4}NY^a(sS)I;aK&XaHiM3!MX3ssMHMl`
zhc~By^X~S0kBgN+Og?pJk@22TO6N3DkNggx`V(W9dm?~w3XybanZZx#s(Ok3x8W&)
zBW|^A0{M*Kz>qu1H0O71xmOJ*xZEElv^eXhL~2VY%dv~>6)maog#kn2g<B1$TsHFr
zl1%tnMwNvo&;#@s_j&mj=37>lOm2n=eq-I~n~4xYTn%{9N}IUOA@4doSo?&5lY#@F
zNwvw-h&eEd5=+!$AMt3%3;}vw;sd!bNjy*!r;WqYn$=>4QhqdWhgx`K&MBYWEgNLF
zAekhV#>w(jA>Y%KrtNsRNfo9QESj8L%WK)LXq`XFOCwVM)8nqswysfV!2$x+xwZ0l
zv@*%n?7Y7nWHRNepk*UHjLeleZ1FIF5#U0tz9mYoT2k1!yp%62UZTp-UGSm$)s9mF
zaiaJFl>mkFv{hHCzRy(J;wvepU*C2sQG)2d>G8vU%19#@HBd@fP?mbfuWLTCGq}To
z$57s>&OASVEJAf&L=jM)<~k|#(|%OT#`hpi^d`SGicKjALIL+4R2<}3(c=O9PM81i
zSgRvHM+D6XjQ1&w;ioUDW_=6T;%vQZ;sn>NgmHr<P}<p)wBe2aG2`D>2k4+FRR_h%
ze$%hrv$BzEFTn(>G2J6OJPyj&u)8%JgJ1&RI)x3fYf@!c*jtj0l6O6z`r<nz)JABH
zTx7m<!h)-^a9;4$H5-;1l>!4o+gFtcm7uo8nicRb)8~bI%nj)^V1BnbM5y>Fqr=X5
z5K<-}CzM?wvJ17o+JnuE&z8-rzrOx(Tja^`n0YbWol6~6p<_$*KYICS{S_>~f~n@=
zTVi#ZonlU#sxclfbLzR6en_^V^T(<LZT_!&fP=Hd4=r*S1(ptV!#WFKXfNLaF~D=Q
z3`60*-4pN6s?O^};s<ROnf<yVPY(|e%V*y%>|*5YPlN5+DUcA%UlKAPLtnV^)?p>-
ztXDcZcRO$@s!0OZXw1e0&VkBL0-DdKP~fGkxg6@qb5j(aot=ZI1ZjdI&m&CAry4gp
zRD-*k`^40FLDY;gJ^~MXa%ir(G<3cHov}GD8bkAFTtm5I3+2Ny3V!yJpz1>oC7M5&
za8e~htjw?c#ktF#P9~9B)J^4k%x@WHpFUCmtDMW~d?Z)DHSey;6CZQEE6Z^WJ*UW#
zPr;{pGrUmkM!FdrK)KF!ttb1da9(A!?D8*FSX+E5XPn!e5$0b21A+w-@q!hykLd(A
zH#ZPjXMC}4*pYv04E7jb!z*bkm>QaX77s#+1K+a0)B+D7WED-iu+Px5bDE^qzrOe~
zLg0jk|4eDo<uoX(Ebu&|<ah>O=1yF0*(hgK8awK*Y*HLTyrZDm4D@n;nkhn|B+Cpb
zKsKUtyIL$yfFKE^Z>ovp2a+RzYD!2v1Vt7GKPCI0=H)q-uc|8FFke+qcy{w7V$KlK
zR45^BxZ&2tGg*Bgxe3iobWvk8uau}1#(al;HsmbDU?DL*zCtobR)TG}k~H^0W}DpG
zPI34U9=(41y?NC&gXLQF{mQ{fm$Mc|m3QCbxxvu9S=0_-xnm*yyJydKG3f1SyH6m;
zXI`do5Lh~js!Exl2hF1_Oq8Vt>&sCbZ^wiE_ebfLTzZd_%t7!dBm#oX8-&j;7$^<x
zP1II_3Ie5t<GLDKU$7(pjJxvWwg-*bH8b`Ur|w7xjubsZ3UlCH<BbRe%;Bkqvy~xZ
zJGItMjf^IsXYOaLb~*h^e9pk4P#*5M-%Yyl@fqfTUbFb-)nVd!HQ%~DK1C*zlK??0
z_6A%RH!UNv*XQaOb>(h&jv%>Cg?k~ns;V;)k)@D%BlpQ@kD)4bJ5jyh;~>WOJw>AM
zuGaayT6Jy*<92WXDTR{-eqAbhVM7SiwX@CB!=Vu{5F9xLH~Hl_%hTP;_jNcpc(HHJ
zv6{$s{zhtbbN6tU(%h|=v$d%Q08YMMH)l^+j8%-b6eV~n?&=scXBlYeFfbHI!}!h~
zwz&`<uDQJy({`4M960x;b>GI-oY!WfkE4;x5ibZ<{q(4%UsL`XM;A&FdZ1^}f;crV
zY*7Ie&T_+obFu_vG3BL@Wef<7hZOuGl+?3MyU)e)tVPo7fsp+(I&Jyu-+EY*-yXTB
zp1RNmw6N!PvvSp!sD;S9sOrM;OP*?5ry8^ABX3t4z*@wqU4LDg_6zJMGQ;Ei={jvz
z<unRWRtOC55qC#F^Qe7L6e^8?Pg?%w5Muy1H?Jr=xuozKK)IweKi8+H%J-K96wCC9
zTPx9+-079DM8HpO>y%FGGS<kqpU%`gX%lZSMB3z4FR$fe(p!Z1pF2Gq)}bQB&_;3F
zIn}BsRz)?k2Vr0w)OG*mT74Gd^T^w29pNq*T_C&IuMq~1jTxuvno8!93=zl-aqR-k
zHV9oEr~L4qmCI9nvq^4@W?m@;@Y7uL+N**q@3Bo3H9^_NrY<kRG)Ueel{<e#4=Y={
za35RWn2VPhmOS5anfYiE0SKe@322Zl8Dz~TQ8rto*(R>=p);Komaq#G(XFf*p-F||
z4?1*bqG~y*DN|{o%ezV<FW<Fwcy`5&93GM0Ul=37hkpJ`%l?l@{Xa3w!Ois_G0VdK
zZ!yb}==YD5O;*#kTjM|<(tDr{GZG^2$rn4_EM||+D6(0lb7i(3Wtu^?DUBCPN!lx{
z_PU7OBqm>}OKieL9S9R6@I7kBJ7v9P63+fS5vWf-$SZnSAvx5Z_c5k*W~m=iul+P?
zs#zU`7(^c|jZH+KR8teGA$&1!YCIRzSJ+tk$Kxmg-cFZNuBIt2*G36BT^;vwPXaBU
z$I^W2O0bMh-xSS$Yd=DkuOy5g9l{{a($&91yphSZL!OEV-rj?Q;iAPhAQ`BlDml@V
zb5@9K@o8TX>c`id^^!|Pp@D3_#&hqOtyV3we{ZIA|MOgE4a<P?F3fF}x{FY@5<xoa
zJ51XJ?79RF^u6=8cL<4%k|%01n}@$LQ#70%8+Khu3fgram~{TIqE<T#IWi~SXST)>
z!^UyVixIvMjDB79RdWgrS-vyc+7u8i5?7;v=vKsFhKT)2?>xyXLidtNccyAO<8J~P
z_WGWxd?q6DMoPv;yr%5HR;}Ul7N!R~MC6qT^m01X70vY(a?n}@HdtpP^+Hnr0jFi-
zwWp>~N`H(3yNNK%pW+3RE0F8OY4{Yd<%FrNZg-OkLL=p&aIg*%w8NlxZ-n}A>Q&un
zW&2CZLJO5cp@&qp18(ntOx`YVC9{x=tBv(ju~KB6IE(Meq+kXU&orGtzX)H-B4CdV
zIF>=fA#_+y6AzSwU&b|q7&|1_UKC+B35nXa1XnW>iWF$abcAHK_|7u<Gj==awNs^X
z%WzNp#Kr)tlLop5%L9K-95bt>%<+h>eek$Lx3GWt%=lDijeKMq8Oe(*OlYgDUY~!S
zlMFeM?J|%!8#W|7XJ0nl(-_Bscg6t}sIX=rgMey=C~B{X!w#L*Qwu1dVwsr?6T;~j
z_y2A`xpW|2_XoYP3UuDpS!XSA_2wr$2kE0Owf6dFjnc@k@z9b<<Q7&P_f#m}i&VOm
zj@?r(a{pKum;_x}wu){AN=m|M#G;r!aOK`4CV%m;r9U)fV=qfOib;2^qMeH>Kn8i)
zfMY3)WsspPy8#%5(?Agff(p2E)ph*Qx^Yj6kL9^6G@=yaXV*qM%UpQ5`{G>Fx6EA-
zFpP8A;9oe+%K)Q$Gz*uO)spm!stDVyt<G#NeFyzmg^*>vUSNZC^;z8Ia)Dkze<7!2
ztx+1>OG-y0dtqOyl@Li33eLkE5U_=mAdR3=9g5Sah^t3?4DVvt6N5XnJ;G*@Q35gU
zf&`T!vm-!Ez#SETiD-(HBBw5aVbr<UnqX9bMvW{eBm>5k+rD<r`^h$7r7Zx$DiljR
zdHo<M0j7vVp~bkC1pY@lT(tKX<@P(#){3+-?u9iP62x7Dd3vKKGr^GruuY0|c~0op
zObeQ*vJ*PlF#$0(V7Z>f>Wi-LF5%A7IX6C9ewT7J17G#rJclUiSkgrJfY963MDD-r
z+c1!dC~DIGV-qu<6Hm*!@H@8z{U7^-b3K8swE_z3pfMZ<LPfzf71=JX(^w(k=9A&;
z$h_mJ*bhBr@Z?7Cw%;caSjZgJX0ze&pq~HQ1Z=turS&~2-ybo>TM)|lSylic2RGu|
z%<+P|0(U0UDvA`ss(Ua&kjf6xTC=08>6vg39K&>RpPg8<xqedJ<*ehQ_SucM29(ww
zX&z#DY}7v-4CyxtOuXX?bZ^SSAz+ylh6Z*XsxeslV`7LmT<IJD{j%F{{$=w;PW{Em
z<kzBrH{D)h#WfFGa)Fo!ualYh`Lhe=)i<VKkGWViTs^Gu{vW-Oqy9^>x?i<Bx58qC
zKkcykU9q9;6QL}gQ_~0<(V$)<BD)pj)+~7~@4Z;p_2WaBThe(R<BnR$?nQ|veJ76`
z`wfg|or9?0-QAO9pWDzf(v=g_9&q2^;kcSbivHcu|Km<FvoUl0x1s;ron&SDzlN@1
zWA{%!L%jP`oh||_5AiT!+zpD#-nD?t_LqcNDSyKhu|_;?B)b?5nTZ(pdhwg<i2e!C
zk*3SAb$$=YfgC!%;d7XlW@h^A|33i@ARXA-7$9*=L_(v;NjS`Lmtas!T#@rbQp*VU
zOpEWK5Z<3*A}QY(s4uzTF?PuWu)8~S(is``I~pgiHYcX-CI}A&yIK3(e%A4+HZIGl
zcgtIk7c}klFqaz}>D**)h2N&><Pm5NqEQwiM&=&|pTefl=@`^7H>7IWgX6R`btD~q
z%Z_K%jb4)z3ZtB`%^yOZdlbO|gP*%O;9ol0;Aa4d5{b5tfvd+IO0VPq3jFO>28^4$
zcjo@Ea9SuYn`Xl3r9bTk@#38Z`?oci#6n&x625mUizb?~=7__)t48iF_ZrTdsMYtB
z1Q!P^kZ%=ClI^fp|B$=Pm`mlOw=X%<h~M02%NPhR1h?-gy@H%9dg*Fc>6*2-xh^Xs
zBU%HsY=GmT6H7zRru=~l2%RdtO;(Zo{ccQYX)A5++GD;v8`6SNU#ZZ8K{10o_HZ!0
zWQR3Aeh}vKGL`C{O?H?*{1obQ*HrMmnYpCmQH03SnKF>;+H<KZm9e|MRi}bsORt<W
zPy$Qa{I1fWt5i&i;Lil>k2G6(3t!HUrPH_1hc3B~MHe5C<6=W=pv4yMe#C19Wb^6$
zF-+Q-ppMA5kv58tLE%k{Y(I5z4aJ0@Fk*`$>2_+QNm1X|iYRt2Og#P~G-M=kh(a!P
zZ#H*a{$y`fQ?33{$AdrUI-1QT8y-u1R4*wbUxlj!`o4e}q7UVBAmy}@Xt$pjpDY|r
zu^7Q>&%fFFM^dm7aLfUhHe#i0J(P#$&v{<bE;;%w2qnCkuN#fWrPqY*@8)x*dCZOT
zCvS_Y7ete>*u+`GNcTp{psjwatw}Cc42JIs+Z>FD<u^Ut1$!cv{xiF$IM+9u(d4;r
zN*96{b2d~K)@BL3m^`AdHqz3yv{0U)whR0G(1V~4N}KUoK)ZyEsv8RQ)O7=6laVYM
z9s+L0L2R)C+tJy*Isq^?pk#dFgc0T(mgTY90K`r?l^!CKqJ!VLMO|J5PC$uj998AH
zbe2E7e4Q90N7=7U5)Y;R-2~fhmKPJ_*uIT-lO2AfTAfvIW8{@WHFy=)e;r7br9;$}
zI#taSUVpR(YBT7PwEmfk!yAfmNeRWx!6%WRsOtRjiqhf190Wn_xgbv0|8n*qh5Hsr
zgVE?R_~hf!yLMLo@(}S(Hn&oshJ|&+nR0|>cR22_EINnmp+^fpbeb|aUViX4_~O{=
z?&H*z*$wam^{HF%7j<iVwIv6h(qWA92IEldw9aY3uj_w+F`mJLrcXv##Wr9i0kTB3
zXd6b#NqHZl=ug=WaVU=(-swl)@9IMCPt}EM8YmjrJT#F<R(!dX42hNXiZAy1R9t1+
zTlR9jLJc|EfMoo<eK7`*Zs&U1t>ELJb`eJCM#r3@pGy(Bw!Gp#N#?5XqO{1%Z9CHS
zQ5BE?H4?Xn<O{R_mBS28A+vVzi*-ewoQ^QzHf>f_(|)tN3Ya4HDs)NmU#>ia;2vBI
zCHryoSNakT|C=}pq8Gl+$4oaUdB3T6$_QVKIJ=&=u2U{`pq*V!p+$ik!P3w9Qq4H7
z2I4uWP)<@8r1)BUU$LXqWTnbs6(cmldnyPpep7_`j%%TdLPc&teTue|9AF>=^6JRf
zg{0na=p8lKWt&jNKzx)dOw^hhz@sto5M2PHFw=vuP8|!y{>V?x8>iJ|%9F&GL#6pp
z#A(?c5F!oIH%?vkBgSSO-_=iN=+kNAcY~7UIFm)-JuU~V#0D~hv|*W1P+B4uGTRs+
zzha7vSR3?M-0BIF1Ytxwmt0f}xvS9p&$Ei?hgs`Rn%9){EBu(Y36G&Rp)eW)uXdnk
zdz-sK07RnR3uq;`QSL1m<q|UzG~NZOk*_LDb>obPgp`}6CBGHqN!iE;i;dn(9vT1a
z3%Ci=p03zWYfxSV@GkZ)+ueRxyglHVJw&`SxFlE~L!u_C%Q{z#!+G0AmFw~?=`p=Q
z&lyv4gc;Iv>HGB6FxU5In)87(+^0ycmkpKP288TGR0}P^vp}ajyW?mF-8GO(9Or^`
zr3qaWtT^WgAq(@)g9oDW>>isCf+%*SWmRf(F0f?Ul)wfBSfzu>pp!jZCIX;0YNd&-
z@z@Y<ede$4N2(gT2j$O>fO-}Z{rm6Of8JC(eohJzD$%uF@}4%#SlJo5GTFMNC%etD
zR!mZNk4Kit|03zs!w<r#Ko*JN{{5ib_aiMV(?8#6GVT=eg!Cu;A#AxS><Lb0YQ5}~
zOi~Ff)B&Y6WstbMvi%_XD_JR^nyV)Vedt5z1+Pr{_r#SZTN*JffM`fHK1Yf-2{e_(
zFS$ArHNkY<Z<&kw=}&LfoZ?UN08U8xOtH_GOGW96_-I{i1KVg10hfKE{@jKn*ycG-
zbVubIrF~^+0y3;;_I?|uV%ZlSv<0r8I-x8jt2Sjs6;F(ZSb|+RJj+i2RH2AL0IYEG
z$U!NY%u-HXY~ZH}f3V)q!;hU9<G~GlRES{9nT)VH2*Q$8af!gR?~lbtSY_d%dihy`
zyiSCFvFjPoYX4M%;~Dnjw&`YIEO+&NPFIdd!K)WsCD96|#1X+rs%iJ`Z0~Udqw3*5
zdfD3qUqzqA+VpmOZ%FJ1VumTqg;t`6Hfva)gr%+VO?H1VYI`NZkRYJ{)!N5c%%{LQ
zp1;q{Lr7&Irgaa%EJ?5m^|vmDk_u|_e>I4$jwx*#^o`Y26+uWs2*NfnVSwnkge4r9
zgSLylh3Ej`mQ15u@!S`)?);YiCksjx6n(u6n|;7K49_c%qa;ED-~cUS3e2}X^VH|h
znM^=&-^!mN^yg&B^q}$NshDfYb*Rl?f0`g5uZHY@_}SX7Gtu472Z*XwPgesP9N2w%
z)$P-CH414E8(Q5rwQtlWel&#5!HAr7+)2vz;uPY~K0U9j93+Oz&LS_MSHq!EDbvGq
zD9c#R3-8^eQcKN%A1&q@)?Vj1($l1ymELBeiI3#p{MYd}yXY&AV3RA6^{qfZ-0emQ
z;YUhEJ{=4xlCjy3K<)?AF8A_3A}LM%k*<%Yx33tjapeMyr22&Kd*uh$(rB)sEt{~-
zF>`H_uv*DKGpW+BzB_AAcb#^TNUp%}FZE2r)K3;WCklB2Q4Qh>@I&hT(@3ljFFRM?
z=bvF2{_)(V?ek&1&9LK}iu(5|o;qRnhb$AJc!r!)m1i>G1LO#-1!GzY-N+_XE<y#!
zgBfrqWbs*X9_Fo*p4>`j^|cDOM<KxDd+k_t4K0^R7w3($_dqR%WNI0Z@W{pyr=f|Q
zil3=r5SUXX`7FEA-@$!9kr0c2fc^_6S^wh>u&}eU{|6>nS^wn@u(JIZCigf{hkPEY
zi6X#g3F)*7H=pLn+c&G$I-ZU6{W-MJqr`?SjYnx`Z#=s<oAZI9ubYrUs@c`^4GfsL
z0q=h}GTXy6HFl&Q!sE95qjfWy@1E<Gi{$j@{HMm%%z-6aXXL@R@<~ZM3aUR;@;;e`
z=8d@Ag5BC}SBG|XK&h7tuighogov!+8VznRaSR_}Wen-jZslA5c`=gwtzp#fV)5&&
zb!jjpudZr0-lYoT*bZNEbt=SJOa5E5^F%fqPPQe-(L^|iC^7<zi|15#l@-GSe++Zz
za0v8oN|9qjBv`sg*L}%z?F|oe2z&t+I3!E4^WhnhoA!RCKn?}ett^A=6|_aHa=;#R
zO-oQ2LJnti`)GYco7f=BQ+N*DRmBJ@lE7cLPrZ)wqGG%t?Ks!yl(W|cEWX6c{3w`3
zd;e^$6v>j=5H6;hg{Dsb>MpEb(jfLhXpJ^6bCVZF-1>-ofr{QI=;JI;{*^h1UY+fC
zp?{}x-g?DA0r|NRR_>2_yliVMUyIn63z0CitvlImZMTQ)DXawK^SKen!wc(|L)$Km
zNjtl#i~CDtS+IPmHk1zWX&O;##GgiB>PHzr^#l-+Ux*(&5vzkGL%#UB<3gyImhjWo
z_sbQGW1tbqO|)X}1l}NunVE~*tO=cJ@q^d`SYRg+fZaRadMl{SKb;?55~kLfA~@zr
zTpbfb-4$KUeaE8LuMpIAS)ff-536!$iv>^=l!pybl{6Dx#TM@LIAl$D7gmS>U#$OT
zb_!S!d}VWmJqF^^w{DZk=98QIn}C#9?|@Bx{iq`II3|}(K4JO!U<BHrh{)G+nvJN~
z(*5tzK-Q5r0`7C$p;3TF8nI>=&bJ;ebP>JVLb;5(n_igiXv+6LBfSb#&8kFEJi0Vu
z?72glJK2ei1wo@&YDqU}5mMGE#77rJd97@H7L5EpC?e-X9OByN%D2`BGrR4jmII1I
zkmGP+UPBo!Syy6u$?h7m%!3vN#BHi3_rVMU09S;k4fY}{bpF*hoX}Wm^qPU&CNN}^
z1GP5`wH!qsDoXQ7>HD79JW!2yoxwirVa3JO8?#32U5(8~f+FM-HW>Kkac{gK0(oc$
z4iOVo@~AN_1i3z<rz0LIe`R4K#SnVw#M>!MP&@~tzpG3cNZEwNqMVWG_2-4y!>kxv
z09CJ^F&%e(Z0LFe(S=1ofxzH&r$2h)ri=yAB9uF|;&2xOIVid!C8rSjWDT~KI-YA<
z9WE*e^f&ra@RzdMRdF+L8nT=I>N5A4QQ(24)f={>CfU>VZtq?G1b#$s=`Nfk#rfg!
z(9^YEM6fK#&;EXh@$wKWMZNwYS7&_&=(oUj71^!u)$3^2`)q5`V8FV%V)$LJzcpQj
zS>Fz7*bXfvAEf2OprA;NTbd>%<o(ZAB0H1KKIyA1YQY({puAX?rEISHE0>Msjfzn?
zu0a~+Id0*58KMz@Y$>BRwuJ+#?S`P{{eY&pD*t$tk*96?QQayAW}t_YRuWPQ#8_?;
zakEQOnW#GUR6iq^bjCT<BnLSdm02YOzKU4MdQ0F{p58hj|711W7bAxI9)ZJuWDO!H
z>mXYqwQ*0(SS<SJi9b%dk&;3G>cnqu&ivRP1KI|b6ar<zb&MDHoB1SNcnHPptTMR+
zh71%+`S;1Sm5843V}TI$*Xh+0Fm)Pye^QudS&-0vFh~&cEv$IN9}EnlD(I?gUN;76
z%0e9<=U$>$wIO)|l+*DzTycQAp%~35Iz$Kq<d;sPEF8nt`b)#1*Q|6~iSVomBW>Q3
zzZB|^so7wK!a&>_3oV^_8iFKD_V`6dmp=0a8Lg-}TRIC-7$FV*-?XI)K-O?SVjS&d
zx2;52c9F_#A?Zo8vCwdf+(!N(16R#25jA;DP>Y6~wj9>&gnL282Z}h<Z8fFF{DoJr
zch+j?zfEU*5H{8x^3x&5T0?|=2o7_qymTzEsNg}D+jG@DIiQk~?Lp=g*9jK}P_sEV
z0pr-;6Dly5%roxN7tSgl0L0v$L)#cW{`;CY;`H%}Rj@nAZK{NqbC5Si@GiG5i<h0j
zE~j^KWl?MY#_LKCh;fz_`i3MU#uJ>s4tAkzm-?odytLorej)DoP-(od4M-8GOEKzg
zLFo^U5)9)|xM=9n6t=pX1j6M$X;+IHy2+$Y$^K}z{4CEsb_Pi<0F1^5G*vtO*5nK<
z<2K!NVGn~fmd4&I&g&yMP2TLIjo4`iuASKt)=<{_Fu#SH-M&)WLA>Tlclfu%^1uAJ
zekc3mFO$)>1|%5G#(r5;2OFA&&$uHi{W|S;C!y@l<o~Toddse?X@}TDNiB&gLTy!1
zBi)zG68~xzLE{yo3@}m=sv3bhN6J&HSni8<P|c4clWz3pevoYptdB_{mSUqRSYec?
z%k=)8a)6EnO;2~^Rb|8or4dHn`xC&dEXY&{US|wK>s4Yo8>7DnAtF2^Vg+(S8GT^%
zXzJ?_taim{>#NZuod~Zduz07GqvgN5wksv7?LbsNY!jT`5BMUP&m1b!&aAxTW{fdc
zdvWls71oC6q^>_Is~Yct!7jy(i}s!_^`ndjwl=B<0Z8VC6+%|p)?0|v311$zO<o2M
zXj&1Xztt!81%NB>X&g<Sl=l-DNs!oc(`&?!Zbd$Qb<LqO|Bn%0sf|g@X3si!drpuv
z<LX1stvs1V;D6k;!(G6qnUC|N@8m~Sb6hSiY^|N1LUH~W&HDT=?&L8y>dlCgE$PR&
zuc5^pxDQmhz8>ydk{nxsql}8ukdMEz_%SYu7faPI0D3MO0=9qqaP__lro??_{5<P@
z4Z&XNHwCPMz!~RT*0x^b-5dwGjWa;1Wui?<K)@S7Bd13N<<4k-9l@U8tHIa!v@&lf
zZ~0&ZLB|&A34dq&Rg7(OAIIq`bsUP!c7zX<Ai)#Fv!xNi24d2YJBr8P=U1gyihl)F
ze}Vj#Rb%`&4zc}z@?l|NWBM-+asCH~;Qkx^W99l^9-7qn-{mKtBX!v#WfOB5Y(uE0
z4r-3(^B)QL@!H9B7oo&V=qP(4;JMgkk8nDl7+=3Up|A}=60|f|DmQKeZNTPy+TQL@
z2)sowDMnC%)$RgoqrCRfVwm{u{Ksl4QNbxntmdv~!>)8TMzsB(`=K0&B5czX*GNnC
zv)-Hl^XJP`8aLo(qt}@>xrN*N#>%#)&OSYL*sV}<U}U*w?@OQ%W%awBSFbBhp(gTh
zb^x(PuCK-?uMIPn?#8dDw})ghFwS7S;4kiYGo9EsfkE!MJ{7#q76k2M3KwuZKVa^$
zFfe0$(;s}KPe?c;;u}_TP=f?@Z<m>pF)9t9@2;V0+BrJGR%(gx4;*dz>*M^&;q1iH
z|FD#LHc42bGG#A!k3J2Zq$yV%vZC;{M0Q?=LFj1@1-Ec|T$@~TtLLmokqwiPXp!Cx
zNT-XLB#-=Oq%pasOHO^k#2_AmhZmAv1bg%FFpJ&$^X|PrKT@$?m<~@-q4Ta0&&v)V
ze7C{_f8>ilebiVNXj<S_El9OHeNfVAdZ2GvzO$!S*g-Aj@E{-zK7`l;vw7n)KMDUu
zXsoS>x;@j(n@=b1zr5T;FSDaVPF>vwbs6os2p!2&mAQd+!m+nYjB+fFaf?nCRr@=v
z>nA^`DCv9o$@#%WhT9#don45K=NKapMSDC1yI>WgCYFwAhHj3>HLy(ng1?$H7?R@B
zN2{_QcBIt0H4pP%PZ!blx^v$DPKgp)zFX4<e^7w{@#$5B@f-}*ui6Q=DX{>0L1LJT
zy6XHw1*H_9tI7$->r1pC%q?<-5OZ~{h|CAK<|~1rD9BT10aINTA-3kD>z)g^Wna+F
zRAwr%YSq8TWDvgi4iN7)RCA<Pol~>T59aN~6Cm_<Bhsg`!RHm)rYsbsN-FGOqP^^~
zQCXfC(ZqKO@_w^FZYSo$4Vy`4kCh3Le+|CT1zU&l=c}q6BWEQOE*-J>Rx`paO@of{
zlG1K7x~Ig(WCQIQ$e`z^zfb{es#$WiicZl&rJ+OBW!gN2o!pK7G|DQpPP;W^$ORD=
z>>fHmX)`Lnv9NYpG$OjNM(D6T-h2}1XRv4+77#M>!Zr<pWujT^*!QSh6M&yycAE4@
zNX4iZmjkW5dJ*=51<N&B@M|EW9Y8y-L#2;21u;(r!_uC&L-?!(dbj~?ithSj;sf4n
z3PHAwP%*Pc)XE~{OlL&HdM>IG1Z|;Q=I4eF(X!V~``h}2K$08STk_|0a#ctY7Xdol
z3RN}z`3~%rpkkkPbQ1FR!i1Gz$ZsmmDbpZt^7YxBqpE51n@V{Jz$%3w<tPgQWyPT+
z6?r)*R=JfshRQA81rcyUb0=c7B2HyVy-5g@ZK+Eg*91GHB>BbRsXMzGr93s(&+%ly
zez%t1hqD+#%GFJ)xk#;Khgf#((HWNe^A<&G*>R)a)2$6b^XyL>Q_?=N7s(4f5oAGh
ztmPr*(9!-xo&aK)U4^Bbi1#^Hl@V3pO@SpA^|$T0p8~ylxU|4lfk`z4==mxvW{RUJ
z4<_C3-vy}_y|~$Y-!Z;VwA*B3(jDG#TNWq&lUN)D9VE_^#(r$y>AQIR$Z@3u{R_sL
zikDShHxh^Ub1gbk0fKFsnC4rxA%v)?R+r6r%Y-l%73AOrrsrOEv!*?crk|dAolwoj
zkTTdi0ii!^$;}cl+zusNwK&KTtu*y5&1Ep*M<}8g&N_IkxaP6#`HYf9SiTK67v*cD
zGrfD)#WalMMqNrj;=)K5ejAvZIu%S?0Lg+?ZNd2u{i?`1+21Dw7h@vt6tD7ZnQfH!
zk+O-7D|_m3L5hB;{9Pg*v(3$M>6ZNk`;i79fy$;8F@@d04JO$Zh8qq+!L)g+1hc*{
z)|%0E=?&>S+o<VU17;Ep4I;&$2}1~L0Rzi|VNtpS7STd=0r~KKX%l!?^4V5z)^N&O
z5zE%PYD1H=;fS-2W1u*cnNph2dR#z7825nIZ3VV#KBV26<@<Inzx(v8mYvvI^KcV)
zgBDC_&|oF7i>n4J{Lwepf(m0IdF(x=H2Ir|D$WA4z=&KI4K>0RFM$-*%Xx}S%|LkZ
zI&Zb6q_R8vjAL2AWKTOK8)5G^cut<HJq$e=qmiB%6Q(AjER`C*1rJTuqePCU<{XFV
z7c{z>sBk)Mqv_C{b1j$A_@!+fT*02t1b0}%iPmr62G$&&-U4Mfu|jptm(yJLTzez8
zQCui={k)*qeiZ41XyZKIIdUyr_O9h@3WZQf!I~Mo$P#NYPyQfX{z3f(4?>XfbPgXT
zUBPSCQ<@hsW5u;GLhuB~JO7x4SPW6xEmt(_m>Mz0te!BS1P>;!dk9KbJVx|n{)I{M
z8yf?FH}CRxb?Qk1Um9J2Vi(FJF#o=pQ(;>~{}uRvPu8}zouLh(<Gj&T7>JQ=PLaX>
z88@s45;YT%{t1ZjMkVu+E`GLyIeX>;k{O?#9v_#MWg!u3Zhm7!Prpu2u;%ylmm6r6
ziw}M8dT$SJJtKTOykF|MJ3SVnt`-R_TswiB;_k`AlsjNzX1uw&xOpzagB7=9Dq%x*
zD?OQ=m5}JJq}wjGves*n4D7;#orCOxj!hKHYWYXp`)?3V=oz`~l^#DuIb^;YjD4@x
z4MO9hkL7yaY=Zmb!Nn6im^lfj!Y%>#*gqx3*CO7{(t{&xh9F$XqlS3X(FWXYTD(9N
zpFwn2zxhpTAi{y5M9|T~RjWgaHQfWlEXkD;-oVw$SJv~_aP*8fBAGM9uF;DFc!SrC
z4Kmc`RlS7!8`c}+2OR2y``bfriyYw-zq|SVtTA6{jY5r68ON3-1$IU}q-Oxe#a;0;
zwiOS$m#}2ph41Vo19TJ3d1_LsTar{9QN%ebYmIJ;Ue77cjrFL^ekQ4<5)m29c~9>=
zQ3B%J%Rbig9p(E5itoQ!hwHzr!^D;t!YN#T3u6xk&-Nelhl7bb@t1@!FsUWyv?iI*
zd8V%N{C6J;v;cN%W9{3hoSj#(jTQOOk7-GKG-S<$846Giko4cxP8rwwCtqBQ<%*EG
zWFGCm7;y!bDg4VSCQ=ynO>a0cpEDuvi@&@&d100}M(rqde8yh87kOQqcsxAf|9&f9
zL;GMdD>bknc-5RzYfogl0h|cx7H*6mpO#WKPv7akR=ghePTIe;JORzm3(w!W(<=v}
zYoi<94`<=fM*2a-i<&m_rgo8KEs2wyr?`Tq<quM+FT~S#pZ<^ZJ{U7tc#Ni?OZq|a
zgbsPG^kt&8CexR4S6=>%=HV$=9ss(+Kw3^OBBSiQ_?3KUG>JwkU^X;B?sIb+aQCU&
z`@seS@z2gL-}Ot=L)%9TaJ%><=0e$tbZh9G9sf^~tWf=9$#WSIv0)AJRMHZk2Xzfy
zcXlks=Qy@^A^kgHE6H`^(*gLI_}ebJgVBe^QorvaY^Nr<=GsE^dQF?rMyIiTfxzu{
z1>OA|9;N)dEWO(c(Cl_K&A6q*Q{~S%tk+7<*?1i>In++QNQmh5asTtO#St^&olgPm
z*Zb8!)4x2A1qg}i$mph9sT4}7uWd&4$M*so_iZy06w{2mqb6>^WoJ2?|Cjr5s3CHy
z9oAI9s5Ad1C6j#w%H1hr*Hvs@PIy#Cb*Adgf%!B6vphsU0R6jnj5tV;j!|E?gImAT
z<Ev^|jf33;`p<PenW~27LIqC6*awl^LlcPcm*mEIgw2X{K!TO|{vF@0!gouK=%78G
zy=4eo#YIQ}Ti34wMo=?_>MZ8Kb^NrmLSv;-R_*N2a4Q+a_vaEm?ZfbPnb96Elsiep
z2NU!cd|$6JAcgn9F}L{YWjG6_w>w0vJ~F^ff`3hw=94t}p0WTa^z9V$v0Y*s1W0C?
zZ;a$8R@g3!H|ZAKX3lk`Q-j2e2<-{4E{BgG-BJ-&Vp_4Jaut5W;A^1`E*phA31Z$1
zp!__=t(eMZUN|<ghtqC<%l}F6cs&3zwq!Er3a3^Bxag`nR>D(jH_>wR{IprN=#6<g
zc-?fMm{#7(G;iW<K&%s5Gc?uw5U1aF_%gH8y?PW=-?T2`kc23KUm5v-WW8gPCS0&>
zTejI{+vu`wyUVt%r)=A{ZFbqVZQG~siTm#JVgHB~k(qOjvC7z65n`N3wa0V&n2;Y?
z!~L*wv_d#B9#td=%E1B%AZ1!Vm_#8{I<V3G7Go9BgY!R0m)yTKmP1`X^yA=A_)`E|
z-Jn}McYC-88P^Zrt}AlcsK-Vuk(MmRwfS+3V9ddstjStGW)yA?o;kl5m4)0<Xz)%r
zS9y^3s?4F~GJ_)y<XnSG8Lz{$ZY^mncTa?}uch8n%CkiKwCcQ<_UbOGX%%We+c8i6
z%DeM;#iD1DXqX9x`?2bhkXH4Whz<da7Z$nFh4@j%?}+7qAP#niOzpeYH{O9W+3#D0
zC5Pe_Iv2DGtGL#@Rl-BCQz*y>4Df&|{g93&Y~l(z=LPsUM(e3M5zrP%I<9ta3)ak~
z@AQlx<qQ;sZz;-9Ie*0ZgCQ|Mh*zjSB*|o!F#A|z7ona0{D~debEis@Wu*n=VHHt5
ze>8MBu|hbfg%MXW?SC7TML9O0wvkKImbbbMm{QuMcdnslk!BWTmcfI`I>^<F+C#Gk
zrO_fBVBvFLu02&HH<Sv4isvXp$rf!_a=D)E#<wk&tUTe`g5dtqv_2Apr1FnId-Ln$
zSfIy~`H=epEwc#=eTHu<xabD}nPWAs^_Xvb`3UC;E8J;7-YeB|$>D`F#K{<HbHN~k
zq*4TKe3->8u6xVoB<SdVisll5sUMDknX5PU=YW&Expz^tp%YL}K50LS9)~G3y&U=W
zkN;82|L*1(zgqrK*h5y*CmteU*!2Yq@kx=T+qh`21*w0Jtz3gK-CPE2*!1dWf$nM$
zl<rKF(3nib6<d0d2FGj@Ru>3<`shG;Ur=Jj<iR(e<jOfTRDGW9HR_?WAJq=MKd9|%
zAGKz@dV~COAER1oVfN<VVt7UkdpJeD@(75qegrTbD%Kxbu>LkAy&G1$+*_$AG`!fd
zzQ9Sn3M@atFPF~-*7X5A&<Jqp8kF4%7R;DR?XGC23Z@+zib!|R(Xfkz>iGp+<Chy@
zWBsia;x1*zF&(h#N{uBDBcml4ls9~FZ+Hzlptn3uKPO?2aWe!SL-%gRFy)91*HvHH
zz`#;K=Wh3LKP&|ci50ljrr}5_Cg+lZrPE&A%~DRTOx;)>It~X61xT)xsgtJItBIb;
z;nS5zoT6IYn_Ckeb$XdEYRB_Hj1(3p%+6FB?w08FW&p#J-nO_LHKS;#E$Qne!J}V#
z&G$9RBY9t-L<fahN)$Qr()gS;V$NN#!Utl)h%syv1Y*u62JNaLH>aSQ>PcT{CQw28
z__u*!N}@gako*DcHmYiSI(VGlvbrF8Sks<-eGs0<i%I8eDn;ro5Luj4BwCm-%RacS
zJ%I=HT$^AglAU2Z9j4VwlX37mL-?W?W9WS7ZVL0SALnjjKTFvQ&yOdC63BCgo6lop
z!!qN>{PB3R#On6UF0x1&HoLp0op@lJenY&o@O{r<03ZS8EZj4S4GNO2rVGpa(Bpw0
z-Lju#uf;9Wf&;^~xZ{@Nt>jne&Sk_B7=rkgiro%E#2?TXyhTILBN~|T`S_}JMbZjT
z*~5(?m`MZ5sWR%$3Vy9+-))iuiC!s=ezTu=633te(#o=rCQQZ;2&Pl!(!>6)l$K)Y
z<v<{FxMBfFPf0-BEwP515Ykk5PILjk@ge`w!hR}`+oH`&)JPbs$k;wJF8e;zf7+TV
zG^_Q+D@^G@_@VBtk8P6AA-5E5pE`IBe39gT)7~q&gpGfZ%_B5__pDY*C^q-jB5uHo
z)D*x!I!P_Yy9diaH@%AO!$q$a;Fu+i?r&R<<`Dvz%81}?kKM(x#7dUZd~hM-%!G~0
z|3&?6jbwxar>g6s(tJoHnF(ws9aHmGU%K4>!%Vj|<*4pve`;Y90(Y#EPcO&8T>?Ja
zm%1pS<{07rLcng%Qx<>pP{qg*%@F584lB-#QiP#?KqVBsknL%*HQoN2DRGl<_Pa+b
zUX%mS;TlE(l^SQL*XwRi(fmvqt6EkI8O<$SwxmS{J=#bZAqHf^5Wbg7gxS||FU_iE
zD|YJ=WQ1s3iv^4wRi~8ur|pSkW1;=J4B15!#}Lj`UaKrCS17V7t{|VrwrYZuyh2O(
z4o{hhGIK5!&-HB%CXpsCigWC{e1yFxJQWA@q(6aobhO#Il_&R+bEuHtr(2IRU@Hl0
zohgn^fm$J;JLJtR4IqJCrD350DGL2^=9UWh(rsUm%V13R*#4yo4d;AZp_Y9?xPbN1
z5ne*ernepAh*K|fNqF8fdw>GM+ig)PK<#)H?$W(cZhKXyE8Q;WT?Q!_R4y#|iEal_
zBt^(JZ8YL{Y!Y&cW~2cqe$J}1ovHwNqJ*HG8mc%XqmBjTmWhWxf0{Dih(|I+{mEI9
z55&3iM&aEXj(<@iD9QZn4mrMBpky{8G7#NevR0fn!agQZ-kl{<F6+J~D8TcA>TkYu
zO>0Y1sO7j)?8ZDHWaSnMnRgAXvbO~AMfu|^6MJ57TITSJ8j_fGUQ6|yQ!l8WE~Jxx
z=kt{vCs-mR<eT$Pa-uh|7R3W2z(ETpDMZCPw(5I<RVVjk{>G>35}f^xCv+OJ(re_w
zif84melkFm&Iqi}iNOwyT!g-{gk2JrUTT@mV3btc2%RYHukGQ!BanU^^EL*wRY@#?
z2Weg)>NUcJ%1DO)`rAuOUJPP5uB$NAEtX78><Wb!^AA~w_<-eYvL!TU1&xKIq{Pan
z`fRF6)Aj-P36}zE#nhWlS7<h}E&4)z5w9odtCG`=GG#UQQ@UP{-lSQ1i6Wn|Oe02*
zS9T%Z3eF=zC!Mz_+&j7Bxi1G8H6NxPu1nLLr`k1PW?`{U(S?Hf7>>dxCqrMn6cMa%
zt<vzF-Uu(aH4tqL&w3~^YMY-7M0yf8w`mQ>4PRA134uUkq-i|<;}vS@xScKSR6G=Q
zJTf|;SI=lQu*(;K-*2-qYC(MsU91+Yy7tbAL#1$4#Fprs`H_)MI1K?$OuihHvr-3h
zQ)h=<Y8noBkL;64|B!`pKe*<Vc0wUxmUc9Qg&H5ff5d`Iil|NU=gdE1L7OXvz8s~7
z*-_%_r?)kOh{=`1k7N;VSF^m9AZt|Aux*T(DqWtL;1$;Cfd-g+yL@9T8OHv=wuNDN
zp5&?&Y=kk^-bd`Tff$g-U$*sdCs=EG)jRGndM1uCR%9Itl5S|#+hbf0E1UmShyN$G
zgS&wb$Csk6&Zq9WN;Imlq_EsI$vnloLN+EJH)KsGLxV3{rl=5kBYo+VKF}N?U2)TT
zX*2U&tGLs}$48J?9tGYG+c%I_7_yi9Qp06+OXBydzw#em^%X!ceKBm3b;is|tvNX&
z7Du%UW%C>3Z`62h$Hv6ti}Y<o3-2S^_(btX<^IPncbJdOH;tfcg=ur<EsbwS-j_A2
zqZseU$f&$r*9IL~_8dzwsla-hO6~}qyKvk?HJ5m$NN%Z{qt4!*IrBqbKFjyS@4p{k
zovjmYG|%eAjB|kQRZnj2Zg(fo=Y{+Ed;$hB*P;5M8SAH)hZQ@99|vDg50CGIp|hiV
z0)Bb`mmb$9kr*}Ktf8~(b03=$IvlW5qhfJvlU>9Bh8Y2CR1cHAt)@A?iuI{dZEs5b
zl$y`!^X!jhm)cyf^Ue}=X)u$lvP{w?-ZkT}NMM@%Hw7SetZ))BWK4f^r=Q4i(J78h
zRYx-IXZA(3{W?kz%)y%Bo#>2&5k~U;nj_(nh*>shU_X3{wFsjE;X?ysnltZA`2#gz
zZ6dS5^DMzlzq6muWy9<FV;#%06iK;-(Zz+oP?$YO{CZ1C*~)}O>9@0SgWqNPBtzvl
zCR#=9`3-=vUn_nb;N)@`q6j%N+VgKuzmR5^FeFP>42I=Uf7<mAGezutpKV~s!*}dN
zSuB3j6jx_!DD2T+Tn9IGa@(Z7a^R~z($!N$tFoHqK{irzY-4=54ac4}l&{{mr=2PS
zcAS3R%E%$`X2V`DCP_HgffkN1mD@SYPus$CwFDf8<GwD#F_{bf?Lwn5bruxbojY)a
zxZ4-c+1<|G<@r-P&<@EIeNC9#ox(nqZ;qcfiXqdd?i6bl^x{0c^mk%u>}PkT7kHOK
zrs99?;H>{e3oINQ?EmErzyIrG{9n^RB9t->AX&r4X@d<V=c7W;e{4&pECvdA*Xw$M
zjE_tfr?sMZ^3ig~oe(AEmolkzfZAs5%WwX744@qm?$qs7mKIU{m$fakT%C6}5k^rF
zpJx7pgQ&c(%NMMr+=6FuZxOqe#v|1{zSZriNrMQGkbu#CgP@j?^n-&iE_1I8&ED=U
z!0N^m+1FCf>-UrVjoNc;C16WqZwl82--;^c;i?pi1m83U)U{=7vg43*C-S`5H-NV(
z+DtAC4_oxg|6Pff_#8Mmk|_V!|G+Sn`6~GYer8tPr}ATh=De9{l@-n&3dnk71^-)Y
zDx7b$&z*4nwFBi@M-i_*iCEBM?y!sppwfkLnlui&uNiVEn8(T<I!`Rl9gjX<BwJTY
zVmR5aGl-U{l8td{8#XyKw`!r755aSb?VzGIRG+j!m{!^lW}OUz4(i1RVFgYoT1-T)
z4PqVc=!;gym>VvGD@w2EQ2G<}nJ-LDtveK|D4K?<Z*NS?cMY+6-u|Xi^wtv$fUyYB
z<^jI^STzIHKk?{WS&r16Ob>;I#=Uq1DTdM1B6)?Vj6-z)ytzWeYYH<!5i^L~SBX)^
zhNIngv8iYg2$mY93Vyt1&e`ENfLx?50+oBI<aqP7)n|?@Z5PWJPc^c)4O$BuYk<Tw
zI2Tt;Rh00i+b5P^2Rj!y@|RWteA{iho*IaY+9?x+X7Hs!_?OIjDbEFtN|gbW!no`*
zC)FwTHGym}5)iV`NbLPDLVdDw7qkj+q_HadwL%87T8`eb#<g1g5j;K6n<XQJa7Ap*
zG8*&~22xmItjqehCovV)NRK|c%1p3HbZ$F<sU0LD@3SkP$HlhvS%e$_tdD+YxNT6`
ziDk=kS4SObuSHW$^pPl0w2f{&JtL>xoM`*AvBP-oHpL1doMdSVE1~bEbYJ%lKD;nC
z$S&2-8ayk%I=-m;FNpO{1!TY~bbx4f(9v1p*q|fcP4j`DKl7{5K6+~NX@UoOiG#N>
z;;{3kQhk&y_7uekTXpyVd0SoA2uQT34sPa@;5cbLykRYv=IW*PMXf2Hg<agsCo6&#
zprzb`NrY4Ymqe-jxTD<$u?D|&Q_;yr$y(7_2;rOYHaYU$&F6S5qPRAV#ozYv@<+22
z6^L9#>np%vkN++l93fA@kt!w-7szM7d|7s;H2dt0dC5Dv2E*_H2!HcP>Sslu^ALP?
zTG-HYGh_@O>zARO%PnL6xn{^KrEz6=ZlbDIQbtc|3eqq&5iL{?wIT_Q;f4iIl_J%t
zc1#McYWTF$^pae&T3ULmcXVxSpH8`F^mY+wX%%!LIJ&)pv{d#r1pHetaf%v>j{V6A
zXW_%dW)_36A<EYPc@L+3RX6C>)EUubY>9?_#t7N|Y&+Cee}Ux?m<z})o;a8=P%aUM
zQ^MUf#_uJx$O=!$p139=1uYGhK}R-qEg!-`Pg(b$25i=3cxAL-4>d986k_c<%z3?s
z{Bc~HKDp~qV1x=JBq!2Ri`+0qqPJ?W*JG~yo>6*F(pC8YG0r{(_Jo3>^c`yq?#cb9
z>I7Jddgeno<-GhUSa8HF;MDO&$?<5#TUe>b^bzgrep>yC^Zyit)}cT#$U|Jo>rfi*
z4IQr;0?lRc=-Dm8S`gGWuVB~u`q%vtB9K%Q?@NxFn6l`w%`pPV1+xy--F@wG6VF23
zN%{pCsy6ljYz+ca%l1cz^FTkP$ywy%uCqdhdd;VK9^{8qmS*6KZ~@Q&;r*w^#F?)!
zLv}+oZc-OA+%ii*i70g?1lu8L$lh$(SskP{nOdK4HN~>8CNye{VQh8X>Ut4=&|V(h
z@~=JT296oI<S9>=yYDB+rr@c!5n1W7+pM&Aa;qCa`l4SQA_+s^B+lIgNK6(2A-AmN
z-zZ@>*<x`6Vy>QyFWD)-o?e3CKTtSNHfl*yIGAzvWe(spLWy_hOQakywHW<%M&D))
zuFkr7MHd77rEX{JH`OuRx?6?O)(K5zKQ|vM%ZOcS6RS850L02*@TyF<kzBz$dri{t
zGV*W0mp)~cOS9IGcQJxM?(3G9c&|{`&l#R)VeWgHsIS@ULFZJv^dBmZ!<V?4>Y8ff
zc(k^f<6D%1P)xqjBR$6+Y5u!c#9tboejYV0D4HGCn4x1xjbbO_Bj54;9h!kQjL^~O
zf0063Ls*EJ=O;b|dc$_})J5IBBxf`rP>!<ziZUB6Irp?!n$C<Qa{R-SXrV*X(Osp`
zX9_dCVLXQYxnrZsCb&-}&6?G-7l@g;6tJoM@dHmo$)1pOGOa7Mo=4opFH~wb4w@P4
zxzTZcA)_j$h8AEdd#n{soe*DY40Wx2)#RuEAG}IcSmRR++)cGBq_92^u=P7N;5SCV
zhOe7VIoa2(EYSs;y9c$+DgqhnV*^!V0L7D|kHMgfW~U!#(nPdkJ@9%5b&v5rhOhd>
zG#$-Y^;@lw&j(PZd-^8b?63^!U|pcjqmapo5j@M@5J-sFs?EceoQWbF?t+J#KJDB2
z50+Mfiw}~bm_BCfOVm7LOm;gSmo5;=4cqdc`bunFUSbS-B$CPO4OVBgO4<_H+LlJW
z-HYB#rxcMycs*<|CQer7L>fIIfVz&|VGFvb?uq&>9d_S-SP`ENSee_3WOh||jTs2(
z9R@g^gK5*UgjR&njrCk<5BeL;S8O+$sE-X>X2ETsO?=nO{if4Qw|6X$Ok63TW9Q6Z
zFMn(QE1*eF@r8yr4>NP<oPM5wZ6kP1MnOa|i4m8=+)3jVI0P_z?6LO=xW8K8+SE<V
z-At`zV7T5Spa=L~4BDld`&cG%(6ZlPEW$FHz)e~=1UpSh_n_WixPn8PC(>&~VM!*~
z3OiM&@^lOA>R%!^?y|_Bu5%q7#bcg2)jT<@45<9k*dp5!)y5v=2w~L5Xz{hBhv4S}
zOB-bSE8Sh!K~lsm1sx*<h$T*)bsZS7IjDFS;A^uWYI7zSlFZfrM@JqsiN}gui5tD{
z%!e%NW(K9zkLv#6LEJ;SM7>?1cjuT@+gnapd7q{{h+r4WADPCss1^ka4VS;nZ{sGF
zqs#?^O!HLSymA`%ysc;zVN=^?mBm2@UriT3?pI+J?wVAH1X3aZTwLV~a^bvEI3q=L
z+Ss#30d>@g%Z1wZT`l~5v<y3N_4#_3%G`Kb@=O83kgMA{))dvrF}VhnCx~@v&D5MN
zKTclZ2CFjVgH|B=)$Zfc?(5;^(%J6mWaKKA%klhJeUlwoje^2UC%FriZYS^2{^#4~
z;cL}L!eQ0S4%bf(u#|+~vjh1)DGm+{2K9Gagd_x4(D1{U!-QJC83oI8ddU|;Gtd9V
zYW&d5wRM%N*Nru10*nG0-bg%2(~Sc5SD+^W%%ZUe0-9V13>W)YtkES4tp4nLh`tJJ
zdv#GbxddZ#7Q8(a;9S;{A<i8zNwM^oxC~=v_;%1s21RBcK>FMnER+PJy20s>G72pV
zAucBFCqudQ;7DN&FT8JW=yac3!Gfwmr2k$v1&d2nkyP15-CJ(rQnoZn1H7m2^8_%Q
zGEt1OKzrPT2*k#!=_$|uJnudve?qkl?H#(zQDAFn#NbAm*)9Dg=}<=g7kI3Bmlrw^
z7@>LE%KQupur3DA6J!j=hUvu=3N16xZ~HcIMneB4{2fzD0DDIp@wqvREN?{N-@VRn
z`s{7Zw8*pc_?ayoJ1yulAUYaXb9N<GQ~d=%aD+;|{TQe}PD9><d98H(2U8Y#r{JZ|
z0bO`SJzYOYS_0b-nA7?hB9N!6ESEjWxN~>FK5<n8Y!7}<{W1^c7#B!=0C^-vm8E{r
zV!@m#W(okg4Gqhy^z*fn&ThLvYZIaYsD5{FkEi_5)$zsy8(^=plpzO8T$K>XNqHu*
z@dmz+&jlj`1iK4zjPj5di%L0<rA}w1Zr2D^`<q?jF<4YktFd_lRo5puM8CF~arU50
zaw19qf_8W{rWnGAjcqf^7fyP=&$B#oMxt88t))5#8{a=%-|C96-_kfK3VT9=;2^4d
zki*oLiASNJn%_*L&f`xtD5HE?1NKla;prr>+;w&W5eQxzW5~ygZ~C7J9daBslOgHy
z<fYGr8TlOACf|gKtP>ksqe)~S5Hs~`d%JZ3Kizo4B^+YHp@G`0%@X+*LUK(of(2|0
zD-wk&_koN{0z&$@Sg(*uLNe+=DS5K&@uW$s4Jk_wbcdcP@W&ToZ%3c59#b5H%0dKm
zFhz$JrnC@L`imv5$>F8wi+N@V*wdb#`gFPQj#zu{MTK69(^j}8BCreRuOH9CH$P2)
zo%A1@3twxhHwt~@G7mJaQp?HFX}Jvitvi*200{$z%d?}!QpHF)u?**%zQv#lC4pQq
zo7$6xQG==gd0Fm>tmXi+6i>A$;$!dK&<-TCvNc$VI5bWA=%TE%`{VH}Q7VSHz*8`B
zV|TWpw#h&avB?H%@PbJ9Ih9=0GI~pZu)s39*a$Zr^i3aL#hz+ln~+!W`LTDiWksP3
z_@)u`sj$w+wA`*znW|f!CKclx)LI&ctVV7A+8gOFC`1scT`H$t4~y{=bry%buF1js
z3vg%1g<;8}&~M*@kG@m`kejd|p)bTUBQQj-4vA!*zshvd1_7MZ5>p8K74`pG&bE4B
z)3#*6?J?vrl|~MK66v3yVgd~Uu*5lTXb%Jdr_>i46RGN$wR6V|nC$#j+(J{jiUVi}
zCvdEJ7Y7DG5C=JsxE|Yq>$n#k2{1OXC>rGX7qZ7WE#QxhkBPtPU3i|*RIADE;DADL
zg)ih|!BbBjTA=MV&E1K<t(Fr3)tC}zSKmvYv~T<E69b^BvF6n=n!3M#9^Sl8yb#Lc
zPlMgPwNVha>8H9lz9rD)S5#A=IUo43^snjdb~c+4<p|s!HqC?DI^Gbv&DDk7CqtKS
zV|S`c>2<1iBv(V7Z&n+WRMqyx=mYy6X}i=bYeVklAFKP^9<$odAwo3)H;z3SF@;+#
z{Fokv*mdya`E`co-FsCA%C(p;a~}f(@gwi9N!Jh1Qvw64K}OXE?^JUQ@sjRNh*uk|
zc0&1Sf%3rhiVUE7y*mZ`0bz<+EyP$nA4a?z&&(^`M+RB_J<{Qwfx0-QRDU{{0^L}g
zbi-9}@%?1Ku>u&+lzLfE3<;D&n_L;#BYXeO0Du`Yij5L;EwPE1IGO(knf?7={{8=i
ze!n^Yf68IQc4HW0$YV(zE&wDS#)%bEcOmtF)$)MN)tk2290zkK4OcRXN{Nh$X8gi~
zd$jhEU?vAkSF9<pNx~0oU;EkQs(B@cAGse5`Kk1aeN7HZOa41c;fu!dN3!Mg$dS1d
zdI@o2X^^&r(wH)eGsduKQ!Z<#=TF<jh4gzQ;N$qp`OOz)kmJ^1i#huhO*yyl$Y4LK
z*AbBQ<9Q*{s@%k}9KBi5ob<68+opM?9U)X@@}%u!uqr-b{Fh|X0=E_RT>2@z3~_OU
zmUz+ombfk9%uA#mlM{PGgg2zyuX#kHr7V`dUj~n}GyIRZPOQSDAwfIOEO*UxXe93>
zz#Z3xd}b+h4ZiqFP0ZmJQi%5WV?b=>x{d3f_x>sA_>Px*a}TrN6qHSfsW-jvrc@Db
zs8Yfs?C+suQ6)ULXqn_*O7!S5lfdggxn*{8`e|;<853ipnh5lBK(q+<MX7YY-JV|E
zZ5mP92mRsdm9%u}H1mtysAFHgW@;}80H$T`M_cE(&;t%a9i<=YVeSpY-qsEGkNy#4
zilT>NmzAnBpM2z@thMQ`42GWW_BLJJu5PYwGkZuwbey;vY|VVgY$CtKI8#lNN+Y!@
zaSR7Ur=NOW>ete<CmvjpFAGQmMx;S5VYCkzCc43+IPZutzc0R((5kg4kaKZrz=o;L
zgG1~3GKo6L#k*U~_zG(XX&s@Xal9Nr?^_=n*^;@WTM)vk@F8!|15r8*e`$}~*dyjy
zlrA46Ga8qO35t=TYv-^z^AI__{|Lw{ijS*JBEACO2RGJx60~+ETQ}}EB~6B75<Z4L
z7uYQrqmLmMdp#dd*klYop8$LW00aT4nasVZ7MMUYnordw&{eg42}?6M`Pt3kfn+_r
zW7~$h?F_EmlE>QEAKL+OSMVt5Elz1TOPHwAGx2I#p+!h^Ezb-x{p8w5@m%{hOc17n
zlCduh!R`)ji;H+>gX8o!g~2OjrP6Zif?X1)s2%2_`LeMIu!YBbS5ZO%KoNpZ4ja}R
zH;CeK&M~zdv36illg%XOFPfX$Fm$4V#<I~r0hxre!f2%THFtp;xqkPm2~*pEHA+H*
zZ0QcNu-`#GDWst+TY<(zjFt^C(UsPMs|p90lnF@#ZbQmAS9wD=3><!=1k|v53X|P$
z01xpX5@f$Xgb{I|TAv3FfG`G&F?D>d5+#aKs&#W}{yeP0#~}noF^@aC25k)4CzJz>
zkHwegG?ouxNpp-e<XFErZ?wc$!d|4j(J}-L=$PZKliEGYARrvmMeV&hSs{6COb6`}
zie$Y$Nwoo=oF{6;_Smodv1~%EgsVs459ujS`cL~z$M%Jr09L{WfH8}}h>PRwu)$nG
z@6>tM02|U-Af!AFNz3Ke(_1|b<K{)ImOUoeiHD8L*f)atEb<HgMpIYMMzXwcgfPLe
zt5JsDm$yTqngdMm<{a8moD#CPmkVdFRza={wjX=Q#Ec#Nv|dj-gV@vFJJ?7M!3zQd
zp!56M@owbl&CuZs@P6#g^mFj^Ira2u3Z@J=4IE@~>*W#hsB&%&Y*%z^)Y5O0xO_OC
zG)%+}m&#!-09sZf1Tqyf$!{;V-4$0XF56`9^eId=4u03$>YKNzE*$;>V%!OSF#PSB
zD2^);{4LB*6()l6p_BBr%8_7!GM|EGLe%dajR@p|Yn}lL$iDbkEZ~eClxpOf>aSpm
z>5jYGvqu$MLd>tpAD$B?7xR5(LMUJHcXdrgZ)B>H)Km3WY<+_GN{;e$fWjudth165
zW`|_pvq`wYm6%DQz8excA(AFbAYRLA3aSD!p;sChgDAHnyznm-{k*qY03Wen9TPs1
zqVOPj$UaK|$U-QX``y62{=raIXbfVU;k2FLeVo-kud`YPjWU*v&g*EDVk3mMGy++G
za89i}uyHcEnGO}X&PdtIgn`m+ZWPK0xd5N;57sNPZ7pEL3oT<3MI~Isy&$$(y$G9g
z)Nex?=@zgOF7L4Xt*U1@o%Q4kn{t8eJ{M6ATqAP;C>Fm^cMh7U>C{!92ZwAaP()Wr
z0>VBhRr7{=??JFrOB3y5@~iH$UaNWn_Z#*4l`(c<AEL(gXC#FL0Ss;*aWAAT{Txpn
z2lN`)_~p29CXFAGq<9Wzi&QDBTBI5xzFmdsTmYm3#fDikoO(^8AOJYS>kH6@Gl?Gp
zUCwL;K%F896f}nz0D49Ttna!_H)0Tw9!~G22Z%KSFaFgFBzdiJT+4uX57I#KH4A0M
zRVfLcRsuha6Li0ERNRccDvGN#*RQYbnpvk>RyHDc5>YdkZai+c!KGv{jUJ2M;svFQ
z%YR#8rpiB+0s0e6nUPrG`PWuG-1exOEXv{+z!FL)E6E22q{*D(RiIjeoM`e^k^lPl
zJTv`cK-tTKFhs$-8m0$)=}|@3#-q2wVIE}ef+AUr{V%VrxuoF2U+-U}$QgfovU8~5
z)52X8mt|83vu`~S6_m7#uIW`gj?{j)MG)=hLrAP}usR8zo!$o^$3D{LFBGhkhI#(B
z0T>vs|9Z@$3_C!j_Fpsk4epZf0h3l4tY>hd&RbO1M$>Hcrebh<4@z7kt&o&K)eKpo
z-KXZDt|nVKNUQnR@2|IXGTi;Zq>qH=&EKdnAhz7)4=L1GU!{6u;l58>L?GH!$<|Sf
z0pZ^5QN=>gJ9Zu?Z`%O)>hMG?%gPr`5<s#ExVGkn8fXLy@>|)mAqjEkLn0R**2<VP
z3#Gs=isp*tD)xebfC`>-%6TUnP!VPp(qH&<VT@due|B1^-t2AJ^bEQzBTr)dzh%m^
zG4VQ<4W}0^yp72^zrKv|p?NAINU-N?`_GYM!f#@=dT9k(fd)T+aRF2@G9n4|jRAq0
zlZ7#5%nqp&4mS~g(bcIyg^iD$>lUAX1;2z4&a-72&>!su4qAf1=z4Vs(aDw&C$nTh
zfv|ZEP+87sJo332z)X;a<W#RQ8?a$@<Gzpy^dE|wN<b#5;(UwED-KTU!u0JptW(BA
zv7%CoOd96AVs^5<*%WM`ggkz!=mTo-V{3^Hi|uS1zg|P;(1AVfVJ=LLBh{POy^ld^
z0f_Gq3eeC*4pn7C!(?X+(h1#Gy*BNPRls{s98Rv{kt^bGrQ3Y^k9J<YXsQU+dSAv8
zUotE?L(hht6HB1M*C5F<f~b~KiksPy!<SbjrotQz=+)1i<Wa(GgIp<E5&$F~4;|l_
zywTh3#;p4mAuTX!TX)12!2#_7D)@EQsTyCV%%!6qsiFiDDKxQ7r)3n(hV*8fb4^h3
z#fA#`q2^HDbHrIlkm9s_x<?OX@mv&=rv~EWg_A^}iocT+mh%+8JKRI8VN~Y6$4#<I
zW*}k{2C`Nb%2$GirO>RQ-GFlht2(RD<h}S~R5RYnA_wvO5!IHqD-w9tzvjCbBQ5ru
zny-mECJwwm&-<V7T0MNd?+$Yy)Lh`lw~VkKGUier(Tsyz_U2qn`iFJE>uWczvj?-5
zdS_~BIXy+E__Hf7fz?83UwsPKXzUe=P>$OEBC96_o=iE%;fPtABY?eLlC`-l5UTF&
zF6^6Py-oI=?eKGax(uI;<R|{^pXoQjMX9Lnq?Z>$I$VLRHjeKYbi`DXjB!h60FqYh
zFZPFv)??&>f&N!;BM*lsUeEGgh%|UaR(_vej_!F?8GOiYNk%;veYypdl_eEkzp~?C
z_Nhy~;I@hF$U~BUjjOFb?-|Zfp3LUI28)BZR^82)JDj6a*wY~-`E~l!h@h@8B4VBy
zt=olA2wrMIXJp)hSPH-R{nPkT`G++vv&(d++;@g$FiS1{UI-wI8a>Zj6K{6HBt8Z$
z&m$_>Oy;sQ0|Zv|5fAe^O_RhV|CZVg`Y2pa)1;4H;pL5S3oA!4vbk6ck|45#o;#gP
zi~)9Met=OaBnJOieD?c4>kTs}>;J@OY|Q`RI{!oKu(AB#x&BH^HgS_Jq5Gv)-`wo4
zYNKohP_KZM&#n8R&Q*;~^<wH;ieZ3G@Og=<Xo_UY_)$3LmCav(=#PUQ2$(=Y1sUgY
zQw%&FnhqFh_^10Db3Z{KhoPX%&+w0WXC+5l@B3XuxnAI1?-Kp%!PL?T1MK^rsZ%j#
zW8SWyB6&PzARu!~HA9S6G9dF{X}`DE1AV*eH6>K<XG4AG>!R_NKj-W1NvKN~qE_yU
z&}|}<pvFB*6nBEi&Zqgc#j?U{&8H+sMAN>pLrNs6t^pVGac90T4WF@#(y)Y}h;|&c
zhOIh7xEUUQBSRPQAS^LxMla<+P$(x{LLi!PY>98j2XOQ(nXgY36*6<$f5L!;qjyA0
zeV+zNbYR&(lgWqs%#B}zUvaD(Vs~WWm=S)Z5tG|A+grP7>!Gr~W#~dk7K(sYRhfT&
zgw%y6-=8GYPaYCRV&mxn6EfDrA(HZkrloo#7KiT9G#c(b|LTy-JX7C24mhez{?b|%
zO;K^b58y$X)TR#jzW%_h&FQ_T1yz=dZYW=&L#%w_>Z(+;L-gui&j|b@iqV>r$4WiH
z!#3XAi$g$hta^Y$hlyizB${~g)^<Bp&HH1FgCQPpvT6OWUvE=!<+HIgFfgsmB0U1G
z=Wdr_qv!oK&)wvHI4GG!>R_Ft3(&w9BB02G1f+UA$)brqR}q<+B$?5x@poPE^EX`m
z3_XC-f?*oP1d-|ng7YHMi-C?1=ltTl>AfFVvc4Twu8GpXXDQrItJj4fgKp^BO+<TN
zXjIqh_5R*JetX%8Zl^n@a2!h#E4*g6nbnx`z%>a6_7~l_s<7FTmTv{Srl{)3%Uq*4
z0_4m^^Ts{+89Y2HqhP=C(4Rck%)e>awF-8o$|@lG5N4{ntt0-<E3w)jDtnqKgJ0sh
ze@663$glgvmXK5u>4cVA*W^E88&`nT;99@Lm~9nF8>F4WyfJR|c6zvB`8a@+%wGXv
z#R6OKSIe$~z-rQ|OZl3m(l=?U4KWSU0azNIl4iHgQ_?Ru64Nc5ayN?quyXuMR@mHs
zMKb41!7<hTma~eNtJhiChIhupuMouI7=*zL-dWV)*M?NBv&<B$Ng{S3xU6V~3t3JI
zyx4tJsKw_oVpbG67Kz--f7ypIVMcC=*rpOBiru$gx_(|#*s&>A3mYjLG%Q$r08D9y
zpws@Q$P{Bz9rRc(x;0Blui{W^qR!7%ISa(oVSDsaN7Ym*d8W<27eF?l|BSaP9N1pE
z%HPS6AuY7V_m9#&O#$O8X@lp#Vej;{#XUR{nX1rCEI&z$Ck)jFrZ7DS7of$2sFC1D
z&uOh74?#hRm0oO3OI|BDr>a_B0gUH*;l>hY50OpU>PzEUS<W*8_f8mLy4V%hn@G<1
zd*0UEjh%5ASp-vN>taJfK_G!;%KbIYtl3K6oj0EflQDfR*6x1bO>q{_TmM~*Q)dW1
z0(nJVmLcG(vk{G5uGOc{s4lQ9m+OA+JSaCiMu7Mm8DA<Y+cegNW%N2*2>|YIrA?9f
zFKLYyq}yLy6{1L$N;z<^Avr$)io;1PA=q80_+$0^jzYkwRKB9%lV6bI=$-{Vp0-7B
zSQ^imzdXxYOi4MZJRolV+$Afm6G&4w8wg%Wr+H^(s(S>dzse&+YdbAEvLE+iP0o)c
zKGP-g+c$%v{g%BmINews9>4+t9ZRKA*)oa_GiHL7Of201o`Uz>e<8|n6xK$*ubB?Y
z997z*-h7v=UIkTC&7#L(KrZ6RP+6^l51A=nn3TG#tO#MQxNT`L*M0epJye1f@O%xq
zyCrh4J6mN^`aPe9Kq;SP#jJQffbX!nn?D@REkMkqniDy6W}#qr3OJHO@iVNfxOqXu
z1E)oPb;wo2OCK?YJCGh-s7PJh;ixfvnWdj>hAnTvuHKE-Nc>r7CjSZ9D}`<y6$n+(
z2_{85mFVWZmp8yP5#Z%f?MM$@a*Y6m^HHK2gi|<hV&wG@iq9tpDk<^9th4qz`uzw>
zd!OLpA^KLxW0@ra1*l9oIYw-a#NpX)+OX+7M1#`|7mAe#)o^z!BSV<Q%8Ug*{^fJ-
z8H1RZ&%gsRf~1ZB`!hl_H+eWNUz%H3(oqR0Q{%TgQnbBbVEq(N0u?Zcty`shb?hOS
zOyF?-y^HAOZ(j5hhHVz)kA9{NZdKKeK<^@Sm3;e_dz>Jo21ruA;*+_{{SNVjSANkR
zxZAL6vVA(!%mKxQ{em>fY!D5=Y}}l5-*z{^CU-!F7Nvtb`cO#lGsWO!U*z0x59#uZ
z)~Esq_8=k((6LYv-Evw=0hb+ac9%rzY;<QcvPrjq1$4V-Sv#m`vM0j8k0e;_C_<aZ
zJ1mn7*4h`l0L(XRVzpLPxZ8QN)2V0_jn+mWWEY?l*R+s-tO)S$Em+KpZ8j`@1XJjI
zY7!NemQgeO$lg)Z|7g0TibRxq)~3#_g-4>raK%QlC<+{Kv=GG)8QGMaFHzFBf+?jG
zAVqqiHOmD&KBLi7qM03;h^cCugiHUUmgcsgm%36r0iH{?ibG={XeWDR0c6+#7tH^v
zceCM$z#4A7sWd^SL-_vre#5Q;#i8=7{=2$8YtNg_-<GyRm)3UHUn?p)H$|=R_bhHK
z^lcO>g6!;OrkvTkT%C*5gPL11@4tr}u#w!)$<BeDyXH)&gdL2}1~J;nZwZH0K9em^
z(v>hE0Q8E<Bgl|LGkOT{oRsdp_xqrD;h7WP*R{U(ZDYZl*EfKhQa=yol-#06zZ=AD
z*bur;8{0Z&De`jX{?06MknEtl8vZh*agp~uR6FUxWP7OS<-N$AuO-E@-e`w}j|G#;
zsl>G^_Uy;zZ$C1VMd9^dJw>Mdk@8ATy~Mu>08bJY2p{sj^Vjmc11!>`k}MHv6e~#<
zNlO*no2sYm&I1xQ+Y%=2*FR4(f1A2uCZ;nqQL4Q{=m-zARMEg+TWr#kW0=32Wu;l4
zlgKzn$Ye9lb#m<jl)a$vD?Dye3b`k2Zq%Y8cO-=<*iEJ4!rC>BNiCZ)UjlHO_|SVe
z08Ig<9#)!3J*=l8gNPMNQqSE&Y`=9p2lugLX!tDeSm~;UKm&5>YjFZPG4B5?X+1gq
zy@&Q=eJ$$CB+h+8YW2Kq<7DMmOhjN^v&pBGvd*DnmDluErWq_H&jKB5R)l$M#W1J|
zO{WrJ>p=2x&q_}@zZ}g&p_1lzHTIcz1sohnYWd}8f-5KldQ_W@u68j}z4bgbK)jo=
z=7x`iPg!i#P*>RKogYs!2p;0WrkKqm6+qt-Wk>nR;Z(2<r0TdlrWHz%VBieVzo?z+
zOh#zXsj=3S)?^LFm?#xDVEG(+wkTsLo}I2a;E$C(23Ojz%W<UoDo<vloxaJ?0-`j@
zhqYTHWt$H<UEZN(L+H}MlS;EF<nFXX(=slbDwpyv%J8=(7roo(Hi_skIp+0E%QKkl
zfj4tRsD&z68=(ti;Nis<!>+Am1lJg&eKJm4;<gDWe{h@^Q$sbOWe0<^D;>HCnDW)`
zNZG6B1L+%mm*e#Cjr$|GcK;#KfB@2n5q!#M7FeYyvvn0#aQ9NvD~EVmWA&ec0p?SJ
z^#NB|P}bj$5G&^hvY;8JTy8iO`XPUtDxz#jBpX=}aJuZe+KflT6Liw>NJQMv;bYqg
zC_KT3BvaCEH#jr|e4Nj)t^CiwF*eJ#qRHvZr^m@rsZa&DgB>7u%d`hd0Rkiun9dh}
zL>3Z~S+%G!Ai@081F7xO<w6BCuwuLs&e#1rQ1nF0VIG?%rgYGR?_|f9aPL8^eymLe
zDEI%JWg8ngA`<80vR7bv)6gFeIH>khXt(HVE{cKbpq!%_i=`Whr5@&z($^KS!mZmi
zQx4LqE9MyX?8TpS=?h3%0BM24)4lydztP&4E<iGd&5;)lNnTTR`uNS(8|^#Ykx#`}
zHHs&J63=;MtIfS7zQlgirmj^RD79h{LUxOUv~M+bH1Mu#19`QVCq`dr-%HPY#*KW|
z28RfpJ_G3?+|4#+pAL{Ehkx-zZ9&SuT=6_HM{KpS2_be*BVjX{0@Bk05t=O*kYc+0
zwV7>D&6*~nxnO?x)LlL+^OM+@(laL+1>)5n2f=CDP*iE|kFIVdMM3}3)o--^)D~5i
zoU-6i3%O6^_)dwkOOxl`uirdMJf7i3g%TK^6dez~Az`lVZqgZjI+XG!IZv-;SE|?L
z1#_Mg2d9{&bH#cX0?033ZA%t~h<H}JaD-IJsJ5CqFfcSH+nQ^$pjcLScPmXgQpZ6A
zGi*}LqsL}ipB#V>XMY71r&5j_P?CkG^-NQ~Ch=;wI)zjW{)$?)u0nU5<?yQJA1@eg
ztA)e@pHa=u|MLYc%=W%&MXk^3Xd$o{as|Q}n+sQFUc0j?3viHZ>SM-WCG3cpO%_bg
zmLKP(R}pK^R+jC7%kZ%syfOp5d;LN?VoX-xy=Ej^y})Rcn7qyleA^uj&T9iBt+8W`
z{W*f;B9I;#qX6bq#yV5_VSink{*h0>qwy=8!-LrfWVCnK^7^V@Zavn8$Wth00~J6U
zS%MHsEW>@^0|@i2%}HEnnTsXjpcdJ7`ZOmH-Ps~_>YzV6>bW?dc&JGM=dgK=3@ntK
zk>uQ%v7b03bVUD7>kDu0;Hk2(d&K_gu~|0q4av%PE%~d1t@af-q4R;IAVeUoD+9L(
zhW#e%0t#bRveT~f*)1k59E#%9ks{++Iuw{SmSMDN0SMrurM{xgH5b|Eb6?D*!2L(G
z!M<xXI_L5@!rGvIB-iCuBGfYxy8lL})z@}uO}3T7zDN6v(G1DsBN&AB{G?n_v=<JF
zN<mq0CdsOJFcnw~=osO7GE;kCphrf}`<OCtqbN7snl?edO-@AjlJUy1DSly*@5(lc
zWY84}0>~u2A5eo9;Tx{vNzdNTPg_iABl<t4(anPH$}qV}@j;>1<nuL8MEOQ644M9h
z#%q$bmGVbHUaoTw{HryitSK)e1Ag3&=fPXgm;35RJgD~eoo|>!XCF7oKb&~68-6m5
zYm)`87q+K)9gjqDs=O^P@}B?V;$mjsQF#q34=7<r_AO&R-jU}_cfN_|apgc}+PHb_
zJY+Bnl{UrHAxK5akrsG(27Z{_4t1d~yEXWD2cb7t5DEU`c~5lacu>5L{h)-NDV9Tz
zBzRC1+DW`G_cXhHmI<mjgeG!!4U{RKYDe0US<IpGl=ptGD~(Y`{d<<GMT7~3ylB*+
z0YCwQNIvttB>+k*MEgzEbrKc6M6DTe>UVl@H^hEl!>zJKwY$%?+jmSxNQo?|LYo#4
zV#coi6Abu)eOZR_`Cscl+kdDkD<dQGf9+Ye|Ma;3FV<uG|5~<642{9!S-=1;p^@N0
zFyDipqvZEZ2=e(7hA|-i7>8y|$bz9Y^zla0m_dk;a0)x_y1JXzW&CgT=CizlDlKXK
zU5y|Q{8Db`mCaxA7`Ox*HKH!-0pwuceg)U_+PE4Bb5_o21~62DE?W1Ddzpe+<Ss;R
zF@=pr_F+MorF%+<3oY1Cru_gyA83XNdT`OM4RvDVfh-j6zLtfc4ESlkg!}c5P!?|&
z39Dvqn}EO0puLI7goz^F78-hWn;NNpsfWPDnq)5{7DEd#mBOHSyar$`?W?JLQw+Ww
zsq9lw2%f;5H8eK=vanpes#!$C@B{rwPHdva%7?WHw+E9zRPhbB-3kD%MsZ{3yT{%8
zmt%JtU20_OKev<jm+QAJ6G0N@m0^F%6{TO7N-_R!Un_KCG2fX<v4}xG4w#^z6r5lN
z48AR)Yf>>YtO<B8TqOMXIdv^fJE`1|ya~88B3VkD!9TOZoT^6;UPy88Pjg+^l@X1-
zi(0mTiE3Xujru(8(JtU8aMf(0Sz*~e<;ES}y(U_cr==Q*n~$ZU@KFso++d?H!{LAw
zSyXS4sv~y5|3l7?SLkU;*6zTWYnR=$JQhwlRf1xI_Z>GoWPoQfs|BP&CWZKcswHqi
ztBY+{Yj|*2P=NP<Z`*!wz#O17?*LOxvRU?68Q@L9Xg!hA_zrl+F1xvVDwh^sQ`5c9
zq2Ocy<5goy5=a)5+p|lF$uHNyXpRmQR!coq{%g|WPikT_s2UE0<IrCTiIy@BPK`Gk
ziikYAVb3SlReV_ibs%D|K0bmLL)v16EBhJ^We;mc%@<NfTB-<}C+bq-lYRmjrG}U9
z!Eq`fUyOna9SNv^MPanOJO_2BxB3ZY-L6%lo+zT5w;RpF?LI!o0B0xi6V`w}EW$#Q
zUBDpy0E%XXE5H~^CtM`8dTkF6j!2npNZqf2UU#h*=<)Oi`U(FO?hvg^EW-<k;t~>e
zzFuHx<4=vE)7cDCrL0Q|fsA2(;?_5dC($9z!=L3l76oXCeB|KgD@@sR`nFwdV(etH
zQP{S~Gsfb&>Nw<94_sP=)<&Dj`usb2#LS3Tuv%{~Dpp{-9cT&EFa4e|+LkY02~W~>
zF(oD%`8DsA8FaQaD-Ys!<aYQJ{Uypju%*#18O<nHT<Y-Db%Wc)y1w9`V}vLG02b&N
z*1e|$odrCx$~7ZaqN?!jwVrVoV7}|5f{5-?Rb}P&`6k{m+mM#fsELpuij>qY=?r=G
zc(mA^d42s#Mem45V(3>3I21}1(08RF4?7uS;fHBJs^hRJQs9;ILdoAIEPOA^WMZ{z
z3LntPNLIxq^0+X8e=73if_w!YPQWMqcXS5kz5-m=$v0s3i3`Ckwl6UUcVQEGCk%GM
z7jj3bKn6Y^bPC!FQ7~x-C&dO-`gLcZ$b7h6`lXckhinKxqj8Xe`A1FAW>a<(gCfNN
z>kVvF0nNfKL4spDZC+b)7Zb7aq4Z?_8<~P1EYvX*JcFR;pHr=ja$+<I%hCkQsFF6S
z2mllUO2s77WQdy+DjI3)uCUp}2zG*l@cxE@e!(SM&2L8uH9I;zoZUL&>|2`aBxs}2
zOI&xsMK*d_<b#lk2JvEqzc5oVAN=X>KbSooJJ#mPvh{SL%i|<t=z==WVQdy$f!;B$
zG8yydmo}LhO+Gm;tgI>r-j;^mh6rIVjRB<Y>+A=g`%gzC<u4<1T^YSe88ZekcY9L@
z<{jm`k>qOXjrB&AL0MD9&?n9cM*sc-zpE^TeqNsqRNIw)D#yM)xa@C2`uu`Js5cxi
zn;(eqgF-13FH)S7rapuBQi0|m%1wC1c;6lnxCEwKjhQB*Egw(FKu`NEXcsBqkPd(k
zuF?l9ct9zKhIO9KE<lljukKCC3Rz;7%n9X<ZC1ii=m$bbQZV}SR75MYg0PUj{s2r1
z?x*eZUOr$+wjjAsu=eU&=I4?S8n1|@F}t3EA-fS^v3dhfmLrem6X89~=p|5fPM-v4
zK^^Q~l&-u!&4y+H2Jxr%3UL9xHy5Dxmd~MK>09z`k>8PlORiJ;M1+TDb?L!1nYxk+
z{T{}EySoZ_@gt4=Ym9hx1#aR@$SDhvNcIF#cwV2bMlEq<N?h7(2zqrmO!-zg(F*2o
zan$;0(azV|r7`u>$i+Ll@Z@b&mw7k!I=6}QDh1M9AmkQK2C10AQv-X&oCK)6Y7Pq!
z5jyLC><tvty5*rcpr+A}D4Xr6xW6BAhS7U&MoSvRWD)%1rRbVA{$<h<EGcJ>FzPHm
zop)AR?L&virb$ZHo3Lk4h=d!GZEMc<IOoZZq0D$0GDQ}{k`Bjf#OWu|87&?M!%DAm
z%oD*cdY|MNfROi{kXTkx5CZVG0cGmLh0yU;H+G2;MCB*wuO3(}xG-m@b5CCqB@JZ4
zfl+Fkr@`qBcXv@f=$UiV=X!guFGvfPv$XJL=RGEeg1kFts(v7aWj{juYb9s9oD);7
zPB>xn)}z0f83*B%Pc9yJW}uipnAJavqz?3eEk-WgHNWfKn9a%nFA1Q82;|wkJI2aa
zx4)E3Z`7WgnKrwbJ-@o#|1e=ufJdTon>Wqvpd?)Wjw<si6GGKLYlGyfc)%6GTwe}e
zG{y0~&%yBHv&+ql`siURA!NG5m~1a&gC56qL=tyF!C(k62T}0c+I{%Q`*W(C*N5?;
zKG1zw`EeY&QP(CsQ32Q<)O<^Q(ZksZE>1(zz2~0GgVRkKxOijH-RzxV!}(%ey+(_j
zw2|-0U|3Y9f{J*~E?sJxy_=K%_k>vOoA(gyQiM~Q>KS@kiCgJ@tP}SdesL#AfPmgq
zp7GD$vVD_9`ATP;gC{#3O7c|uPPB$PuG&X!zi&4H$QZ$s^#M3CAR#^>yl%G{vehl@
zk2#I`SXwfn#Jdhkra%O)N=EaHKHBD)Ig+PRbkNiRjbme#N~uU!&5LgPoX7IUhluqS
zv?oriUaeiYkJ$*pA^J<ro^pKMtu358zeK)LgU+61*hxurM-7-KupNEo95<MHBJ15#
zfQVE9XhmY)d4PKA8WcXAXie07!@ehwRk5y-s(k8;pdTj;(Joqllok8Fj@^iMfr@KF
z(T@G4$`toml&B|FCG=VuzQ)|+`Jr?w8yG7yNx0mUh(_)e4AEz*J*!s__{sl6*joU{
z(Io4lVrFKtn3<W;VrFJ$9I-5h5i>J0Gc#G1#THvEOBTbE{qOEQXYYIQA||4zdor^s
zD=Vh!t4io9?P$?>mr$#{G%inG?ob26>O>mi^r39LDS&|U=M<@GsDoBbp9Sn2Lk%e9
zoQy(54byd$L%TPPqe&W7vwJ3^2t}=~-e!RRB4;+ZSuYHq4Jj8AQ8K(+CGYhb`;9=W
zFsE4r7|MGGKS;(A{lC|O|Bj?$<>vg4ix=1bilq8mvlWbs<>M@f60qs8E{P@S_=*ui
zCR{E`;B4_=o8QkHnbfXeR#)uN)`AVH5J%35F_DyvY2Kje+jd-aOL#wx5CQO5w7}*>
zks_GQ&b#zG;wv&t41;YPR=ja+7HXQmJNw2)CL}Q<v_K@Fn>Ul1`(V_=qZ$qSi~1K>
z_$x@wy(Q8Rma&yTKY%SDpo8_>H^+*{mzft6>j0tmpDS06R95blHobY(0G^`M5E|3^
zDPBRgt#Ix3g9Ft^2tF&q92R0WG>DntlNv9xNN5OyTZTd+ZY&R&6wC1Mr1A??pRpXX
zuu4rrzO!0wFjwrE5?3>4(8X)(xs9zF8SdDEAMFm<$w=SOQUF$68KUH!dFdb8E2cYF
zRoP^{wK6XsD~{xtoFEV!?p_otYFzO8{7PS09~zoMjk5Zce+5zaGYpA(MeWuj(HRuo
z&wLiY*dHLSMal_NmwkYx5CHZIl<AwANqFLYg_<mKh^eov+#~N75!T-xpTY^#jw#M6
zf77zN!$bp>@&y<~4CYP<t!yKjARG!4DD0XT616^AJG=LE>cx`5(Huj&0*84xhPXK|
z2ajJ1tTfmNrPtQ1*_D;()?8utSAG&coAmnhc6S>X8Za!&UJiUz?H(yTr0C2;8QU>$
z<e~W9dR->)y=2vXX+cPL7?5ti?qJU!{<?z>6VN3w(goPj^+zyM_NKKVDl%2Mlw5G(
z?>Ed6N{L9+?G=0(MIp6Q9dGhV{&Z+mSH+Py^Fw2KsM$AwF{dOKnd#>^51J`NQE*yT
zw^}PVXlW~>+Sy>9iE_{0mv<j&s2xipi|IwGjR<>jF!`7Mwk&9xIh$n1(Q#OkPwdA?
zDxo0Mq6+}V=~lh8PsNDPyr24xW;o;Sk|H(THFi?i;|F;snjE89x3Pa8tASzk)4!{B
zWgviw3zR`}*in<AuWVx}sf^SjsP97Odk}}X!Bg3<tBuAz*x>|3EtKx-jplZ6TP2#c
z1l4(^gXM?&8T+QYK`dQM#AE24J!T@{8&E%n@~#3J`7Ji69t&g@kCg_t+~e9sKN87&
zfg~J!21Bkm-!VG=G*rI->}Mp@uL-`NTg7jxc}osTycVLU?nwl?LlE0WNGt~08jhVc
zM*NxB8EcE8FLYrnnb<osyDE4{>@>1y>3(h@fOCZ#HH8}Pip}AEE2KT-Q*p@teAm{3
z&pQC%E(1<=c4uz5oOnXWvuu@f1=pW+DFwrhyRY_8p#1#EJ^_+m`_0l*5Q!31$&SzZ
z8#Q#vcgI8z;ucwM;e&jXk$DrepzU-`<qV8M?(6hBeeT%{Tz113ua0C25vTb^oPpZY
zN$^@M$D?SDCuLSFkj{{ikzc=dzh^z#=zS*v@Pdt52U%AGdIKIkeqTJ9v~&jae7wQ8
zdvg0aa+##a*HnVS7}k{~ZqFck?I1XwIgKT~q)%y19tuQ_ClU*ZopdEZGaV;}a42vm
z*~p_i!;!_TrXLF!ky`YU%y#Q4!%M)*3ehr<A*9&T8M%;Qs=VLK9Z=WDG<HtPd4r+=
zHY%i~@}V@^xz6>5rQcI+L9_n=qFx83B{LIUP!B(gWhv{LVCJD#sTNuJMT|{nH6m8G
zywFcK1>e2w(U~ngWjOKMVC4kN(mN|L)%k9H*-tWqv2`GpqpZ>u8wlMVRXakO<%K0h
zRDTD8njYI2H=j~C!pVSi;E&S2z$E}2NuFyNXgpqLVjBX;{b{Y|56xUW`NMo9P!!9x
zCu)tM`n;j=AXn4YMy-+0q66eQVp{i&`XyB~`-j|Bem#W_%4P_cfIc}j_;2fNb>5Kf
zN^D~2>x<3=A&F*?`I&T$E`%zEhTwCnIv|>z@kY7lH<!mXGwt~eT5Vcx^%DZdzvGh_
zfjo)x!{TtXMhIvzHUMgUrK447jTeJ&VQ~kP@6%3`vMRTuCMR4#Vt=Vt(qMq4hQ7;`
zVu1odT2(f+@C-o!K9ZyghWwuwN`=TF{2PM<MP5iZP}+j5j;B3`H<mIKg^b?_VnUnY
z(Obsn1_h)#o?^=U>Y5W?n4|%m&2nD2sSCAbY&7{9R<(kg0)^LzjI8Ta>CjN%d7Yct
zH=zO!SFzXbE3m<P-@x#GBPqf6!AV_d?KiS8<geObhB?zek)B&G5b?UACYXZ#=#d*b
zdtLnu*71w)myZcxan^}X*+S)$Jgc>}iqJW}CA5Ffx+-E2LA9HBNp2Ltg_;*r_@`A5
z{Hch#fXN3GN`HJUfVmAXvpH~4x^tebs>Y4hZvZRh!->(AP`$~u&pp@Wts_pVlx&l|
z88Dzpg4YL&vzB3;z1`0shR}8slbm-hSjrVI=hEPt0j^J|-5!!}Sa_>bp(bh9A?YbZ
z4Tj1uYpv12s?Lk|L&X4SeZtK?ve{~zFbirksE#jxVG&X|5dV^RVl*G{;;^djmLyC|
zNdhF-1oh=WnSSE&fJv6jpE^$#(jaL3KtWafS+YXO;Du)WD_4w61y-YAp<uBxpkIqy
zRq<Tpv0AhA<mbKb*6);LPZAqve}3d8;52s8`!ugDYtDK43`+s17)-QGg1#`PHp*-~
zZ*`j_@0RoCV8qA@T5IEj(y!CF-OQ@e96ICe{ApnJI)GW(n#D_uymsh^gJKvnB~G_D
z^3_CeQ6ix~4z_eCZ5`I5SMPKA2L`g&W5}wV=d_2G-NsXp+M6P>-`@7|<YyEvcDL+k
z*NZ9ahj?$hdDsKA;-*EXX(AVI9rbv#04O=~h6wf|G?9B6^rPPfuucy~h8xs{bLS4Q
zin=H*Om*>tKjv9I7nEj-31qKYUgZzL7^2^u6OVxSopud7FL|F9GFb?2j)TP7C<7&#
zvON7ti0lMKYZqw$OLjD0VffY}Qy96E%0dgo_00UXup&VF<d~=iGuVQ2q$nwjk!QZ0
z3`H`Y4uFOSvC2GwAK914wuD{{GQ=f66fdij%A5v9?rtJd6(gZakr=O9gO!k-Av4x-
z6iy4;`wTZF4)T1<MQW*4&x*XKVE87oP!Uy;g*dp57F#x)U7D20`Y^e*DOMu0-REZQ
zjXC=96#*dG>*6@Uf*|>eR7qa}X{mPUX*ayuJeF{7^!nEms|fLRBsjtIyMVABWC@>@
z<5BWL;yydBd}>b?(bws?nPwF+>b;8Wl}Vhni5g{r>;wi8Bb~>Z0G%G+fEKN}_g*5R
zeQW-0yfY6MK5ynHsNN*un(}#luy7ZpZe-^I1t>uKnt`se3qSNr0R#JD61I2BvNx=%
zc&vxJzS>a}F8_DJ;(YSnbXc7;iN^rS?YdtI443u#U;d&X%kwuKqG9j<MnO;Z^rc2#
z_y)C3NmEA0xKlw<&AI@H3gJCb^?{;&F84A`g$1HzL*A=OMr39{{m2gZwDJ5wn|S~=
zv(;{yWr917E_+;SQ<COmK}<25g_uZX?d{~KgDA}1*LKHS#B_!C2Q5&G0-z4w_H0}j
z>|jB-(F~GAW`r{b_<bfYt7VAA9ky{J^&Wn-2iBOm?(04bs{p+%Fddtjotz{25mb_L
zHTbdp3)j+NDJddg#7HSrcT4ZnEyx&A3QyJP<IPkwm(}Z&$@Oa`Zn-4p_sxzWUs`41
z>Q~&vyS^~y{M0zU{30>sz+=%YF`5?bX=v=Apmqj_tQmhp{QEl4rEU}}poF$CLeg<U
z_`zd)W<GU~!`0*cL#pg{>gB`li;)NYUlErx_nyX&L^US>vF!b?*nI#~KWq&XQLoYM
zXejfmM!d44IW6aR&iJ5I$s=Tk+tiy=I`<%py}R6hFi_LsXa-d6)<cA56^q>3D)yXi
z;`*RaysKUcx)hp>(T={rb7hyK`Y~k6Cq@Iy87{)2a8o~y?mYX{SBfy2^57n0xpLz?
z<2iFN0EtS~IbshJVg3jD=^~pn1!1Em=Il@3NEd|A*;q&GRFMmg+OcD8S3dzOtVw<P
ztT*-&`K5eK4b$3tcehOnbmp5Imc?rL<M4)x=nJ(8`jX{*WyW=|lpg@vs<8}ax)}ZX
zAlT8=2BqWD&;L&I;gN};vB~N`u;D-3#at}^@)l!bW@r2N9x~Uz(?I{9J!CG9Kd=Gl
zV8{l@z~?c^wvP@&943iiJNlJ#>1X+i$UB`x@#PrMbUrM0I`IsfsF?UhwO*JuHF3s?
zhMZazsq>#O&5j)IKEEcXG_JH|e^&wh-mFlJ=V^4gv`6wUEYUbRM3l3SbobAXbB;L=
z=NJre_G4`(9M?2)0;L*!Y1S#V-hdmu?gDP%DZ4=<=p=F<5nmbu?_Ee(=GbRfFoF>E
z-R$PIG73CginwdBO3wy)R3?37)rP$@&V{(nUMXe;u>D4*0B3i>>{HXpq*X0`Y$l7g
z&|^iK0p(-meKcBZKfM-*wsn=Z>ZJ|;9jPfUy2f1O_~q1hn!LLO;Kcx=G=O)ss+#A5
zHy7SeIoHE_itjd`kSwS%WtVyRxw5Dyv5Y;k;WDIyH142rWKQ!NS9J8qI1^0h`C{d`
z?MbQk#a7w(p@1@t`wOMDE?2I#@i7@RAIgG0%{`{y(T2Y*<@*95*yh-bzg<*v^e~ZA
zrZ3F99Den?{(U|&^K19%<Q9-UK!`k6P>0fa;uS(<9*icOqbR?hY2r>_`Fork%P78)
zN*?W6Xr_+X2<z^dP^BR%Qi@d$0ve1JZ`V&+Xux<8@b&0f$t_D+DFotK#!mjH;DyGz
z$G#I;+!EadL1K$FSVg|^*%fWxTj$Fx90j~H3iK#>5SQsSOgsCa8#Q3A>D8z!rb<xp
zg>W24lR<F`%N<`ZxRMxrSwS0B{?;cz{AayoXwR^s;5wUBVY`l6`Ek=15PS#$gXqdC
zsftf5ci{<n`4x&8-q8o81!cX*4JDJ#uyJR)feH(S`l^oR!5Z$L1VVpNcNW$L#(P+=
zUvMH4xQ2`85OH>kY7YUHkeq&tb6X`D#b>M4QpVy$2n+Sf>}#`>^hy^uRhpxz7aL)+
zylwJeN<k-{a~lN#TL;1DvAdKQABs(|vQM=jDK$txLk*rj(yteP&BT{%qD{A2Cm8un
zhC?&yorXm*OnGF#g29K1#m~5n^0~3%SO@FEQXT`e4AG9=0)+%%G};V{pqh`6Sf<H=
zqx{vOC+lDamE-vY!Q49R!u-i)Skas9i<3B_v*2VJXxy;Dck)Exb95!lB@!@ZwB71X
zQg95~EqHljzg)vWU<Fb*xIIOF4>u1y3b91PfQW5MaJ&E(g(;Vuuv$R!LBA{Rwi3x^
z_WtztCH&GaFz{pmX-E7JC@f`2+HRmUVSg3U?~hQz;W0B3+Q2WhVpb^{glmK-2r!ar
zi};V-EqLmHa1snGzXnHy*QNkGy%;b?yW+XJfbRB`W=W?-SDeHhv|0m0{n@(IW2p?3
z{HGsRH|x<iX^w}{$_4E~5kL?P+=#Tk4L{e8hx0?fhIVg&zi)5)`<>6*p+x{6m>qL7
z*<4z($5A)GXi2r%%u^`O&)&0HdNgb0wJX&@nII^MJ7wj9&ZOi;k1J+-7q!c-&0e5f
zl<dn_k9xOtS~MdT@K)yUU0Si5te5YZx)3;<a-!&8NtBft$e*QED?4|M`i4W8zQOr`
z>*I<yNI3Qa(uCPeK6}<zMjHziN^)YE)4=_ybAk19+|Mc&wSdyS>A5g7cH#6lHF6|-
z<7WPLlk$5EGrSK(Ib7g)V6}YsOT~tWPO11f0Ul4h#4M^}(~Jx>HSK(#b?sms$RkuE
z@skQI(|Z8b^Cb5NFeo>e*mv;iQ1vgP0|6sM(Sro^xpP2%J@#Jqj9d5FE>xsQTS#Sx
zUZw8D5<$gAyv%QForIu8WR8eFw|Djah|7q%<W=~o4<5tVsX0>C??H4ecC<5y{$mGj
zR*ev9V=)H0L_(n$Q=gDUXKhp9r*9)tiB;i@TDJ_2`^q!J2QGLQg--=7Q5!6V{>jD~
zY+4LZ^;~koCRi=aDbKEinx_^jsTHL$l6f#xvq4pYHL9xSu(tld1~Ir+RgZ^%;xYuN
zQvVZ|QBg^VjSCqCDtv#q#PlaFqaz7h@<#J#>L&&suL+451Zm-p0)>IB<_XT!@ch6-
z18d?-=qBjzvl15e!H?5M$16Vo%t!pDiuis<ekIpGB&K=%DDoHVL0Yb=oFM8X7+b7i
zM-1w~bB1P-tl6m*;B#7F#tQ<kw$iMBGq(bTYj=aXa~}<x+4L1tGL~hcWp#Ai=Ir-`
zt+Z|0&d(fhMS~DFdk?e`CCb3cA&u8^)V`v7bg`5}{dmo1Wr<X)(aTN-_#51`F1otl
z$kd<=6x-poE;&!Nj>iiCzadMk7qm4F>#kO*O;UwAx8->bXH>2OP|R3j@F)7iL;z?7
z3)F>&<!wuB1us!<`d{re&7>`QHo<ctNMX@wl}$_3(Q5M}Lvxrbk8zWF^8L&rAA3u-
z%x#7@3{zdOMx@=Dt%RHb>Eu*yD#Em-B;<e4fi;YVM;thgpq0twxt5UnUv#jJXI5+`
z_cM?hx1OV?F6;9YlkXxF9y~oLD>Y)dN-#il&<E$#6=MFed5bH_Z~r{31Vt1t-4Vo$
zVs4sD7Zkb1XGm%W34%Cww>MsZgJv|}e=lINaGuXxaRZwWfL*HYWI^|gcsxzdAO)EQ
zbHL3$Sv@1Q^7uL%#r-uM1a;bL9gKa6g=_G51WGo+(g8$?DgDS>J|(c-w6Vo(H={Cu
zuP1NuOK_aYEQ^pbit?gjpq{8C0+v5!l>%hFu&?oLNamD3*v?O(Q?-xaYtvQumqer;
zOe<_HB61RNKxSvs@C(ddCWiaxHH@GB6JxRTP&P!L=XK;r_RE&IB|~<@^qTo{G3l(1
zL8j~xBXt6Lgvn$JdCFl^g%cz8Lv>(&MreJHAf<*qPcc%x#O}te(wl!`xq0L6<E`_C
zyHgV;E3D%jTd-(|@RwAuvE=!9<2n7bHo(^}gs?bj0t9(|B0x5ULviFFGWfKix^4H~
zcaPlj?h5F6UFt&iWO@e?4+oPf$j63H^vR=N@4Dkif(OsU*?p?qLgey>C1N2^LK(MN
zdiP#So_`zpB(ZOqbltxAWj;ZucwL|7g4~SB$_uGeNhK=(g7tj4%|cBhbg0Ftr9F0F
z-}KW|JzzOF<d|mtNe-f<MgzpGlbQVjf}%TQFW<V>I1S0Z)8V5~>CBqXwwazZ8YzP5
zA)jp=-PX)4^m%m%gU(iS8QA)mAS_frc#!BfG2P?em41TevKN@@vt@Hsr1D`ll305^
z6Tb*U?eHie+=RlOh!>$%_v<Bf*EoDpp1h%Ei~&rYLwILv#>QUsgT#EN+CwRPVBEF!
zBkGOXw*%Zb;g;)z&X&fC9w{R;FQ?HrTvm@yFDK7oP-=c~lRxk<dQ}T56qz=xj83)s
z$Bn`5nzqmL#|pmoCe|<u^#~?1<oEUXG?#pFcL$U2MNg(4B^`GLhch-Tor%8QxqzIH
ze*$p7`1-AzeQ_Cb<g6RrP7-=?=<QL=f^I&(^Hy#HJU;Usbv0uKpHTq3K&*d&oQ#fK
zTUL8@SKnlF72OPtch<G%Z0l7$!x7(`x-*e7*7kn5->#!9k+b8!U!CvXN^4$uqTNvr
z#F+Q%9C0{gRkWX?2*5jbe&4RV?e$8tAO;jDPV{0v%m$^6$iqh{U%FKPUTFlRlJM%T
z;<ttl2BQkWNg-zW2z2OrDiOu;ue24}sb=>haL42r$vemkLF+i!)6_OT-PL4r@!;-8
z1maYc1?2|3i;GXURF>0?ir>^*eP$3Lv8+dSnb#Mqi*1Tg*i4Unr*Sp7j&ZyMRp5TZ
z1!McUOu=I1BTq<npTk7;9-Q|MhLMQJ^PlDQe-_gJt~1Zd{jq@Vv2g|E0<zeC0+Kkx
z13w~SC|Un_aHzlu3c@joIXbwRJGi-$u>1+?`1|ZboTG^i94m0d#)gXZuM@}rCjDE+
z{(q5j14nJFso4H3>i<hD>wk-7WBrHrPZ$4-_HO~a|0$P^^A9cX%^nk!s|mwF5ex_y
zjPOSTFiz$Vh0vk?#FDGP0rO|E{yfF!`~x8VOX%OYln<IjAAI0f8yzane|Y|v?th(E
z{%6CSJbydM^(Us~zvTTr-1wigTx@@6F}eOY!2CBYP}PZx@Sg@*|LGg+KX+{ZNd8c;
z%!!nd<DWt1{Ac_){}~$2e@2e$A6w~@e3;7J!HtB41GwbGhtB;UHU4ET7A_#EGYK%)
zg%azpdH<O314pT_vcR$al?x1X#s2d%80#NOVqlvqDi|BfznQ?;IR5pO3h3{G0L#V$
z$M&}a|6*eU(mP}P;lX16)AIkPbfCK{84%Y6A2{wR4I~;w0Ma>Q{b`l-uWkO#_8;m0
zFa0C^YoY&N%8xd%{@UmNqWq7dT%7+$J075-4<i^i8xY__@aN(jAPU^}!2@LlI{RS&
zDcs0EzA3un0nOaTp;VMr73IW$tnO<-2LJ*X2Qv`M!wQ^>l@$o^sQGhC?}-D(&Hj%l
z_772Fz%ow)7_L8sjf`EbfWw}QP?E};+B&jL51yEyz$;$}V4*+#->ZOk8Ynj~z=sfw
zo8vDhmk&1Z$p-^UNmWi=UIvKa+X$5OM+F*qK{svqx`TmnbN*=ul)K3(0O#Y5>z`J+
z{_>s%5`1*KV3P{S6f}j#^>-G1OzeNn2re!l$sl`^aBw*Ezg3!!90A5|!2r{uOhFxh
zw^6L%)(+-C@@QQkU!^D-*WWqyKLl|95dh%g;N}(-baitvH@1iK%Fglf)>Hk~c^60O
z>!@psiKoy{xwc|s`;kJb%6%A@>QF>P`Oq7QloU2WxG@QY6aprJd5#TcSDes^$R=mL
zRfTWuNA^l<neEa@$GtATuS4JE)=d|{Pv{|JX3ZCI?z#Kp6D`IqPsU9!i!t{l9gt8Q
zcHzttVfy{34Hp}U%@*y3))Sufg%n@)8fO6mO#VkO4U&4(Ap#F8&C-wGX~rk)gF!>u
z9aCjyy=h%@y6{-tO+1W(0xV?o{N8ts6mn^ENT2gwkH+o3B@}<DU;Xa5E2JV;xVLL6
zY683$ABHF+pUKtoZ1t7alD+*g{0?{q0A}vqxr9Vea`8?5xkeuC<L*5bR+HK}taX3g
zB@<TgEg@YdL3EW6e`gTrq%w0n?yYyahl!V-qpq{M#K}vkGSGc}dbSlz=X$RJdF6w~
zw!wyEFi2`pqtc}Wq&4}C_%^}ra+okRWP0VSN_8uCi=0udpt!<%?kWt1qywb9&~9Lv
zb{Ph<yt1xHu~2%4DR&76<5%VB$zNbKO;AyV?MSiEbt5T;IZbF9a#lsU<<7`c(YwB2
zhT>lnHDqbYoRMmvf{98y!CDRmIgwhRk_A&zqBEh`M&j&Jm=Ln0eEDQR$%(S`<>xTy
zVB$O)G%OWaf>#&}*~2h`2_;~FwA;z=`iOMc|MLcUnT!bV!l})Pi8ld>2FdW|#d~am
z#|-{AV@Yv9$?GxMQ~X3Nkhq7$H}T%&I@(lKuMDB@_C#(pt@iV#V9UY51XGpan@Q%_
zEmvt8->h4VtBczrUu-wp(<IDxBr(U3x8!TgI-BPl`^<}?NKC%SI3{2g^$Grbur9ld
zkBdjh{YO{#LF44eH;O@tpTEpjCbean8Z9tqpYFc8*BM|ekZCU9UW;C%S!MHL!JW;w
z#b=lv#dxnj1WBqpKM0r^)xs}IySeE#!1q*)!_31`%x_CV7N@YM;7q~Ej)XX|BI``_
zLQ-6pLXcnwi(9w0#iauJ$!z%1v2I8q@kwLxyj3&!jVvFIxbtE}zbQK$AmBJqyvE>`
z<O9RcmnZhVQrHIys^j;F#fVa$f0hUb5HW;E)g%Lg8pS=M!hbG%iX3qf#iU-WQTm7<
z;P{cF$`WTN$!5e@^gzzXT4eO${G{0wG%qzI5^yeTka^&CFm(jnD5r+<S24_iP6(IE
z#>0y7lcN#zwjaqXvM4b?c-Sgu^(r&f7r3IG_!yL&IZ7k&SapCfNEl2VTDkbUUQZlw
z+8FjW!z_bTwba_8^uip$_ewRb`_mN$%EK(OsiAi2<uB7{fqY)4z7*BIE->DQ#fP|3
zXuo+9^POn%`>_mY7|D<Jw(tz?wp6+~^Ov4+^U-191PWC)l;7eXU;8IJh?SbS6Xov1
z+dynooY-92wGcy74FooGRnnA__L^BfDp{*L+hd;Jy6U&I+@!O)Y4OHzeo?}QeO=Ie
zAs)!@RF&it=t<Z>>0Zb6Dj^a`B1j?1?g5{Fb8)T0x#I;0)0EWBGJW_~9z%W>605!L
zykxbkU%9^mBaAI7u`x^KaLMcqH#c-GNaPuoVoPHbCSyPS$$tz(2zWq@DloeCJjQgk
zAOPI%g5A=Rfwwtw<LRtt(Z=CVwj&Cb_7QixNZlF+1-9inkMXY>4a<y^>Pv7+gH`H<
z$%Y$9Re%B5i79EPzGC*1L9{j&YKRF^LtzQni`k={6t~L1p=W|yk|~0&iT~W1nbb*&
zzV5IpO2uVm=tRZyQFRiO?|Cuz|D6FFa{xZg)I%UIc!4wUaMff4$CRR0W<k9ujFo_E
z4*7-|AOYQPQ%~#Dc9gnF8V#B$UL>aU#bN+t{Mj0CwIo+~JE>5+ZmI!VfPYm_d~(N+
z`N|Q9#J+KjvFLOWR<K;uQ@BEHn{7`OjT05bQmJ8aLNWGS#C$LzU$zK_F%*$0>k?w1
zT-_x(RFVuNZ)}oupN8yxKy(Xq{n5-|*mI7WypKyxRIm(Hw|ph9Siu~^dJ2F2^QQ;!
zB+v`MpAEJp`&E$R+>L<IMCW1Vh!6TQM<<>#I@@o7{2eh1x!sd9x|9{gjV->5XL@Wt
zg_w<xj0m-Zot6?;^N^VT)C(~seC6h3A}WtBi^ROx7>uXa^o5uo*EORutd^fsUVr*X
zKie>mg?!&>%CeskZE>fqmF}p{@azfh1*RA9QOCvEVO{FWQltSSdu3umyh~K$d+`}%
zm`O-@_{B6wfSmI}15>TJcs7Q>?TIcZ3g|ri0Nu9G4t|$m1Hrr$MtUIq5F^_XK2M9H
z(I_=`92@Z!_^Ii%)YWj@B?)6@bm_L%-R4!t6A;`a^yprCZZ%0xuAnjI7wrU#^~d-h
z^2t^l*^9<MlF)FerlcehReXV3AnE0v!TOr*gSb)r1D<&6^+i^0KMvOG>`H~0-P85$
zEoRCOT4-l15!4k7ec_asH`i~od?|zo53KzQ-q%!GS<NL5rBr#^tu#6f8|!8m%A}{m
zmlsK4G3=P=6-FjQ$#03?SMFP0MWNk*Dw+v)JB!45huIHzhJCZn@`@{1tR8ib*$`!i
z0fcl@iZ*=K$!2WpbkP<fzD+Hwm2!Hrs%mjnxMLk#2~*ulfn6uPNeiLtw&c;BL^R5K
z=`lCzAvjI2V_sLu1RPwNns}Y_(&6Oit9Kq1wCSBa2Gz+Hl}DTIgAR0EPCWb%*U{|X
zeRkgPCBBL!dUXSj%N9i|_y^{lUF<Pot`&1`2fvc;uSG@GTLx#V%bodMA!~aD(9y54
zx+mts>V72`Q|bcCpltG4so|5Nli-s;dR8_qo1{(?=fH=D5(%v_Wk_^zFffn0IJ%#;
z8>zt=Xebm$9-;ims0`t$7gj!iuLjrh(V9My0b#E{Z-u>M84l{VU0So2e38{}i_BgH
zJTBIVbQHe~4(|;<(~)O<7jhYU*}3#nOa3gljA4$yvUDs!YvcGr+3Z3@{v-DiuMd}-
z;zY>3<p&lw@@Kiup-j^$^pm@J4l_=Ky^@5J=G$qtd@$TmH`V;#!pbCv00R)LBJbmQ
zT}1rZOZ4s4CsUYgh+YsU9Vtg>#1QHsbGeByKOb5<WkeQL9iBE8_h=l)x2y!p=oZOX
ztM|$DFIp9>QZu4SW#8~xZX=HAI~pJ7M^rak#Ow>@<zz)AHQ-RfC-G{djOXT-Z`OQW
zKs?rX`h-G`@|^A2jG|*V07~W53!4ST%>40wPBD$i#PuvT4a$Hx=4a~H&D~v8bgT(1
zSdKzQjh|eL<M=saHV=-Hlw<-d@LB#tF-18y*VG%lQ5CM4b)>I|JQAJg>@T1UKo!kj
zvTFVDl5lXt*848zezMJEQ1ennYw?jkKHZjP^9FHf6AKrC*__L41G@AD4iFIw-vYL1
zX$^hXwyb$nDYNt6Lw~8xtww#M9IWLWpK88e&B4D&OXcU>ea%T#%6nITT%k**yIFmm
zIG@(xi;(HxA!~@Sn`x>HgeY&W)cfkEMwSjgbJEz&YJ?Rm8(lFZt(#aEbFz}D7UI}X
zQ?6;Ggzp;j{efz%{G(jTp>1qFO1f-~{uQQ|;=Ehc{IZ={B*Ue}8@S^<<`MElYN-M2
zW5pV4&<ZN8Qeq~FCid5ZFKUFi2e5&0iZXFR8`x|JkyD;KZY*NErs*?zSd9*QbBNo6
z_^Hb0JR>~9aAqgu<}WJA)LI|D_aPvGDx~GD>7UcDJVMOWGyx8ggBSWFTvS-HY55=n
zep;!z)eKN0qDtm8C*xy|_G!u-Yh>yzOl~6E@Un%`tnebB)U-6#{l7m+T_LLIh#}yi
zqhtyPb#!A#?QBD)jKx5DbVG2Yd@t+V5uApxA)FHmzY!XVoI2|mNSnmO!_5b}PC^aO
zM}UcCQfk}F9sx+#1%;V5jxST~<f>|F8a0nj;oK-2R;ua1C_4*UI`7rQs?)5H!>}%7
z=6ErZk|^Ur61gKbp@JEaZ`Bd?v3OE^u+>U`cQl7oCdE1Mhhmw!$1PB+Vn+UYI8zgj
z7;CwYzM*+733A}>xMWI$D*FLLKf-vdVxY{(2}Lu(k_+gyg4ZDpjG%daHNi5&KN-|p
z(ZUE<nCqza%S9#Rw9yY5EbNjR>QVFmDrA7Keg8uvfgGYy-o5%Wc(T!8BH}tVaZk6`
zM7%UoEZ8y9{br|ufm@ZZl^DHRwUGa}$sh){9T7TQ#Kp-X=y|$%%`2SG4IJ#+>j<KB
zI+R73Eh7LM5@<LHS(9eT8tFOtDMr+Bn?~7|$E4J37rnNclCT*cg04@jY+n&3*>sWo
zBDPRS&}!mfH4elNVa=UtQ=-(dk~87trYeWycc!-Uzdzc9K<yjhX8`dla>nO14o9l8
z<0XyP()8M$&cJ&|QRw66;KngVEpAxLMSD;&Ksy27vfZ`#4L(c6O9sF}&h3yt@MgEZ
z{p=Qa9(r9A-$D|g;*G#NRZF5(wsrf>S)U=f5vX6~4_0+bWn+ST1I(!*x`LQ`iv#G6
z^Oggh(3ukXuht46hUZG!fTsxGCH1LhhLys*N=lG#sLmA6s9kZXgbA`57`aWSnpj=j
zPr3mF*X!l5%JoY6sk);oU5hp+Tt;5O2WtKfVU5yoGR5f0!>8_$m6CnGlt{pFCwz++
z8i&;)3978H80mkO-o79RQ^}A=CNf06wn5DebQ}$@BK4@Q+0fK-z-d=*8+$2accL=h
z;OPw_ucD>yBOQ-8<O!dAb8Qnkr&kZdh=vEKMw!r+d==I*G_T_6I~bM)Y&X{%H5e*w
zaMp)QzDPxr+<Q5C%axTEjIONuCFVYj$pO%k+4|K?z@O=&RY4-rMiHq)SgsQKLSN{=
z6|x(>`eZH6P9)b_@Kp3?Pp7F{0}3*{F{X)y2IxK&WOU5n-)E6rtO-q>AHGbpo`(XG
z@h_5-w;1}RFTiJFT-hSLkvp%JZkDhoG2wrON{bKL95Uo$zKS0dV0)#QEsUA3&_Urv
zNt@vV;Gf&mw9xh%_cz9^y}*|0tLefYGk7`1N37G#aWUAw)mLyQpcZTl_)L@egEE76
zPF2HU6;Y^3+jfU>7%r1-;P-?ZbhH5oT;@F26`P|yl^?yGwos56+J~Wec;Hf0GE?)T
zAa7;s6nEH<oldqwny8SyqMaG(&b8^a;^?(5k*3{}Vjk<AXvp`eGF2*^kz#vGM;~KC
zBUa?b1C&xXeFKTMUmcaRBpOV@oU4p%r1$DdFyrOvIV<Ch?C6Sld8YZCFogg{uLZ06
z{e%QIQ9TJ;IZKs2qC-<=ckb${CbsfN1GL0D&`8A*;sh{po{&}6<eg1mD%;zAFp;KY
zw<x_sZTxnZod}E}Ywe2%=ww?HFH%%xgzM4n3HyV9xSHKh$n5Z0!Tn)1(Q}>A5u3fd
zPZW270Zv#Bfne`M&%-x`tLK2ClpJ^v!b4^ls3pFl*{3#oh+~O*#RiVARCLOj>DdHC
zMCliZNWuM+^;p{j<9VR_!IrT?M0_Imw|SL<(8os_*DV@e?TI(=oS2%c^gg&<QPHi3
z7bhy}b|vNf1>)*K{wC(;3YJQ*23&a${SeNgMjq)7h&{X~Y;M412PFWF{`c07W!V}|
zT814#M90C3W!EyTukebVA4NEz*tC4(OYRI>dF0;9k`K*l=DcUeTiV5&R62o`-!zU-
z20mRGI|I&3R%WMmptvb7;~aTe>${yvOJyNBwQFCXfEA#fdOTO7>(4JJDU{#vlO)hx
zoInj~LJ|caW3xxsnN0!31&LGQtY86iytJ6(vDT#@<q<@k^*|Y`qB%PmJ*tp9aA`hE
z%POc+-?)TT(AZEg=F?yuG&Ii$!X}a=-x0w+{dgOCG8HSlNR85%N310{UQdsI2m@mh
zOTtYC_tljWQ?|@ium#c2|F*U`zhZR`QYHc{mE4jo%67I4@SO#S{l*mrY^LJ20$!De
zbq}}Ll}uajaxt*`%U+^m2}2luFQ&UBGHjs1#LW{q|A6*{HhdSk?dG56p6cL(yWg3f
ztpC+BjR(9i#e-7ngUr+KxpZ3G3L*0fTErQ`jQpO9JLsiReDfRXjPLlZ@Jwv?nwq{M
z)9#*tAm56vrH=%#UO2K{Rbd)3gW2<eZLwP=VqR!!Y*QEYLk!`{R=dFXZmOei&TyxP
zmGQGI_abnXqD<G7ndvcv%Q~CN2HNt4n&=8>iXF{g$p}&?VZE8U9{RwtO4jm6gY0w5
z6Dg{j?u%yejj%eWL+Hk@K@MU27F3qu%aDn6j?;WTwt)b==_s`Z`Q`$Q2EGp&dqb9&
zv9oSZFkGRubR9(`W7D6(D)c_-oJ|0Y329i8kE4U?JqiU9mDggmEA73TmyYI*?O=rj
zd3YFGc}p5PIy)<9I(V@>1BfU2RL>AjqU-qrULYm`xj%1__JY_LQrt3AlB(3C_0@zk
znHUOl)+Pa>V$o#!NFgNFW_Dg~PsTgoD+pe~5&oWWNQ4#eES6Zs!Qws<+XD)6o_Qgv
zui_JCY;Z^Fz|Rhx{xTU~N5E)Z?0LK>wLJ|z;^B+?{BBPzbH63*#67gYM?m-UJZ&`8
z(v8K-4DyOID4W9`JUc~%#>bhg7pxCo_vLWEsU8DH2=;Abx`3jr0$PvsAIngUyHySg
znz-{R46VGha(UIN{qHV%18S7k>OQd>G0_?>o$M5qRF50Nj@tSm?M*FDSYG0MuV;L%
zZ`(m3>uQH%rUX`l0ps6B4Ri9egPRg*c;$W|)ynF`a=S59gr9otrO9yUj8#$Cl9W|~
zsXzgq&b){!bQ4Q-CS-qJ3o*=)@f|fO*IGkOHz!#?4N0B>J45GVgPRt%{9=_&r_r%0
zVr=pYni`kk62+lRYs?Z@);t~%bYOZQ6%d_x-K?nlN=NRF60%Pgv|U6f$0sL~Eekal
z)Igh}COHVyhb=m$LRsjK<bGQS_<9@9BA@``%T#zTyZJQ_Lfes;V{&dz*&gOVFVeAf
zam>(M#7!00x<!ic;OtZ*q)m6hJtQ1KYWw>*-^6`vKV!Gc4t1e#PE*-&EzuMZy?#H^
zE1Mrx)Esh8aP8aEh%diO_eP1Cua9AUv7mWge#!37?u&J)vJfswabu&6c0c;A8=?mY
zag;1y#FT1CXgrp?U6p9TnnM0EhEAQ6rq|1tmP>7J%JiMbwClS)QEI}G3!OR%lG*++
zoymN+b1eu%;I{bIR4tSSX?<FTE+S-qA(Q!Kl^xm%#zpK?n#krue!uLXxJCPU;)n}c
zS27DeQl!zB8#9c~hQ2cnxx$p&ua;T>w;uMh{J?_pRkO;fpLNF|x5Dn+8lgC{r?o0R
z^_{tPCH#TidcLvYkZP^~+XGl(!}1tI3Q6N+k33$>KD<5*%MvsMWk^}NW7I(-xL&8*
z#m?7W*ykScpV(x0-NGba=JZ;kdle6Gx+zd)9q*7@_8$ptdU!qw$H39lNR@5?(6LK|
z^zw$T#%Qsi&fI3LXj4dtiYxZiovnDEGy);6y0Ry`$?SWXt7PrLv6OUG{ZhjQ7z-GW
zqng&fHP>KGOA;O<TF8DjzZiZsaM%8k;r9}yA)2$GwbX?rT6gV%RUt8r*Y4+sI43I@
zq@jwrKZtBEhIJD$Qav!;%I0|qaK=gH-Xrfoo~atY=(460sKXw_L3@lBI?(?}r@Cr;
zrr*@<Y-dxn_Xw?fG0+~*Pdx307xaoS^8VA#m$+R*$fM_ha<{wBf8w+5nParXXG7B2
z%H`FXSx12lBpGh={ZXb*s8kDb+g}#9cea05Ac7O!&i41`occ%P>D8Td0lZZ9*<EZx
z`|P;wP_oM+;_vl)z7jXPD-I^w2em78v)w^?M2k&Z^foLi*)XRGF&ly@xV03s^2j9R
z(lhAlJhsBj<X!j0?1Brc3+>I1Tfe3HvV<WM%Fcav$a(rbV9t#wjEz@o07g}Wdpu(9
zNQTY+d-gej+q1g+QcRgy2N2obw7>_;-VHPMK*GQ!mw}l_K!yx{`xN+mH3EN-R(Udl
zdB-b<p5Mpa3s!@vI1X_u0G%^8kh9t+HK6mxzlfCM-IwE=WfvaQ{c45)w@*s?o%I@J
zMzDJamMXDgJR`ztZhJx+V+Nmc-H08TchC8*Ak2R!K^o%zW@+_48!$o3PxV=r0;!6~
zg(pvx5qs7o_<<!dQn|rBQi0)j%M1hTZx)kKg152vs|Xw4(K;pQj<^Roi8=YQ^S&aU
zm-w}3rXac7jH`?O`u${>L{$T`mf|V1#Z!2R&p*P!1m?RiFe{sic13$cM>eO$dR1Qx
zf!{a;^0GS+$~FRLxd7bq@N6MMwc7*7GW%y&FUV&z>G1&v{q_PI0A}3>uJt&>QMz2D
zOIQR&*|;y2scu<t-w)srKyW~2YO!#!!!?J98_l>ML*W&7pIR4$C|PdvPk&u`gD5~9
zr_{FfWv^o^<*{O@t1xQ0a@4ZD87wLs_+PO-)Z97`9gNb=<N!Rwe+p3rfhx9dTEV|>
zRUCHK4#f8zKfv}+fb^n0?RCusD^jXGH`B60<h65zaygW5I(!G&f~YgEjoU`=<KuO^
z3GhH`E_RsK8+-f(ij5SjaP+O99$*k^>`qq>)3Xtk)zNT}-22tUdP%5H%j~dupvXPD
zFMhD6Xamav@*RNXBW&YYj*-h-&2p{v#px(`it6PI_V*`do8JbjC@P&bCuf_PfS!EX
zuli*LDPR=+m2E#GAUZ}r@hE!_2!Bbv19sNF<Ocs*eA_zQ%STnCJsGsWE~y@>X-xfg
z`^-_T+b1+2Bu{`|ji6pv(6-BrqYcG9NWpy<LA1B}-X;zBl3iK&7WG>2u^{YY4kYH^
zX)Vfl5y#>5Kn<f1ELd|lXZ6Q<ojXWol&y$aZU_{)tjZ=T-@EHK>BV2xH;1R?_lg3K
zMS7FpqJg`FR?TqDD!IPRd!vfhMyKbVF?LA|1o-HkM+jLZu8)axr}m^HuFE99&DC`4
zlGADaHjM-P&R!!n`iZP(H5ih+<0NUd8W4{nuHa;@f?ufU<p!A}g9l|P43MxKyXtU|
z27f?9L}m(dotIZO00Z1|Uu=phNzb2Q(gg=ZNEr`1bN__hlK!>o*L`x~tM>q}Gq$af
zyIANeJk*kW;VQE^I_b-)+Y^xNzamub(4qcWmzo`bND#Zc8(>dYvYwRN{^>Qmm{qwi
zOj4J6@9aXFUhFp1Ax2^7M$#ytj~Sd(d%|7VW+A6IgSf&De62S$;yk!zCA4drwuxRg
zM%S<=ORblv=sDudQ2LG3G?Cxw2I`)Y^~&*ubaMa<jEI@zp8G0`N{<q$cXEy%X0vXZ
zCm$V9XoprCR%<A5?hQf&2k-&xyDR1;e<~;}htW=6Zjt?T{HiN;YA*~3*z!ME3yIcb
zL@%nb5>g!CR(%&G1ubGWwWE2rkW^?65Qx31*lwcOlG~<EBtO<@oa_8Ov9Qi&MG+SN
zeaYeh8nI2~X+6cA%Z`tB>C~;wx;<<%L|hs`=Ys_9fY;Zt4<i(S;R5|^){Y{0Xb8cv
zmRVgju}Ne^_nJFa8|!Rcx~8OTSF%h#5~oC|h<K^k@w%hzzb$he+1qLCgpOd2FxpbA
zAt#IUz239ey|DJQ`o_}X2<s72rf5){#kp~Kxo1UB<g#b4MibQEbZ5SnS=-Abm>UX!
zY%e$Xd>sDvE%qBv40QK|B7bJ>7tjil7Gax!`_N&GP~W-LW^leaN%#{VT3H=o%z9he
zre1_{HDc(H{DpvDPd9;s-rv%ZoxlMvKRQv*d@`)k2lA%QkjWNiu3x+L>j`TLvIB^M
zY;zN>o;d_3NsW<Sj0^WYSg?tlNnEo4@Se<hR|QPkpfNtC%J-VV^gwzBxt!o7!BBC6
z;zjEqB&)C!KYL|c#m|Q<sKufYcY)rw!9DmZrRM3CrsB#iG>2xwV-uK>q#-iMMBCQf
zu9AK)USA=vKsFK)p7N0Joa#iF)D(8M$GH()*762l>N;YcSD^&S)SoG`{7@V09Eiz4
zU7)7$x6bcRk$AJ*AlojMa{Z7c68av|*?FiLsD>3bK(K|OrTa^Mv%^UWyfA&XAKkK8
zToBOR`u&8&D5$z@)fQDXsXI+*m*<d8%VgReZES@5{dI5;yDL_;lz%es7n;ZmaVx%6
z91wK|9hgy0{jc+D;8;2BhwsR*a$#_mk1YKG1Cl_W3KXE{77j4CVjGR?uZO_@I56h<
zdtl7L$;0zM4~(^;)zrRq3VxdA8MC5~fd-u+D3YY$q!*z;h0Ql9piw|U1jDPKMd<lN
zVwb==G+%`XI`V}uM;T#&NVskjLcyfFVK{C7Ku9|)>;4X5JVv|2v*-7UONWs~TA$zh
z{p-7=I4)9wI2o!fHsg8&hZ7*;@F-)DJCQly%T=xjfd|&xi)pD=0#cbvMD)B9IQvF@
z0Ds@Ov=crewv^}@^`sKH&d#wa%Zz_)+2id`wzI*uk&D&NgPU<!SBAssym}gs!G13E
zGw@HX4zO9wVJ|3{IB2~L?9B9w*0#r#+QSfISM^u0jJ8zOup4CX*Xw}myRuI7cYvo7
z#=(_!dYb(MZ<qbnot!6qv=-4%5?xfx^EO(Gr4uc{SUX6W@X-vTuApI)yM2Ogz3&&P
z<KVF9YD&P%gh^IL6X$H}mpnEu=Ul5dsZ?}o8?pm=hC)hZ#$-&643`qYQo;OECEJRM
zWPFZTm$GRZ<P)(;;IEHAj0)Uk-pRO38E@6QW%|ho9od=ERAsDX7aODl;hOwIWx9&T
zW!jTZHXP<MJSy<iRFk2sCDY~3$?15CJyJ3i_Z6ti(v#tM60xN#s*=f}Yr?SwoGJw7
z^06i2%Wz48lL<-6B$FTB9nLr|qei&{EZ_t4L-lfY3=RbX$CrTggK0z$!K`r)<Q5#C
z6T&P{pKu-oI=s81tDPU)eS8P{k6nH7S}cV=#b##1<3f@nu}}WDiwkwJXR%Qf7D*5j
zKUt>JUrl{@kT2q{t@fl$XGR@xyT0wCqZ<MtfV9A>Qh0?bg}ihIE?Xi?j#`tAs%!kQ
z`?&YdUM!+sL23Y_%HR;%#CjYJS6Vw-gU?bW#Uo=hOE%v1`L=QxDVQIQyTsyq?!lrl
zuh!bKK6-kQhqmB&>vxZlL(iVc#b2+O_1lJW1))n#q&1znv)?e0q7K~N!?r79cty@C
z!c~52$uRlR((hDTY18tkyH@NwfM2X^6bdA5n23I(ZIJ><UcV)X7<Trwy`b5Me8qKd
z@GX=hTj0bh3uo*6P1adzX5^1^R(Q#9p3RVQ%Ui(EKxC_30~wqr3(?~g1J3saBh5;o
zRz7jc%T8Diw|<W~mg<MP7i%>dmo)<kU7;7h_>mnf;vF|y-Dt%wL=Q^L*RcMO@QfYE
zrusCmoLnh@4;>n`30gInVhSpP>X5NJE$oydv;2tnX-OgQ?I`DBOp_}|f1_Ux!hLV+
zljTgWzKeS$M%uBRpj=f06?86h{Ljvvql=SHYt(qET^poeW7eg}OjbNo?FmN)<(2{6
z89f2NG`WfMYuX2Giq3-YcV+zkv_Tc5ECtRnH2xF7w+bVK(Y|i5PdGe}9I02h1{-zA
zcBKmMt3Hz$Rb5O0K2DdI+r;z9c&O|N=g0*K;JVbP-xj}?j9_9;L|G{)L6a^?@4<3|
zD29Su2lXNQG9b!1N8&i9PabD8&5Ib()^KP`t3~oILy49v4L%aN*XV~4BrJIt=Ee3J
z%O#=%Y)5vkjY6fs0O!B9mX3;{?^4wA(OT(SxJemYHGMjlHy13&T!u|XUnuJRu)%ME
z#3Hv3ac#Ci>`aom8bPbFVM%%dp%n^ranW*ekt@S+b!r38w8v`p8o27gGy_+1N!6BD
zqytwN0tf&=E7Md~D*sZ)&gXA5&@PPLy!d2*pG&rDZQG*sI6YoaLtc@%2zhT9@sG<?
zgA;PJ*HEWo8&!OA42O&jd2c_Ga*2DpTyOHak-Dq#biUk=<7l8iC*wUA7O!F$8twG%
zQ1(VW*HfUENLMU#lR|<guss-T>s-rPT*YYGv=?!DmFy1QDz)Z7?PVJdFk@3ToXaBt
z<TD|{SGglb*4=S!^1u2AWbZ($9F`Ss@j$KywwN|j`Lj=v#lO;}&n(Y<B_$X2uZMtv
zn*lqvs!<*prv7Z{4Z`^;U%;-w^4D<hK@8G2{{WvBl1B+G<kaR_M{vJ}ZKh)ldopZC
zaxRac?0twnIVp;=k+HPmm0$Yp>%lLnfXsQr&`q68YDGp$n3gaQ9g}OY^21K_JsTzU
zwOp9T+0E~8!>M#Bm?OAR=`I1fJ@Tl*{0mR#H(007G$;4y;b;$i&aASDmCi+nj@jK0
zt-w=vYQVaT^kO0e=Q;H25yw@TjV)s2nZ&BEbF~?VAIzl_Ce0+oIi$uKkdFNxAe$-H
z%S{ZhCg{F7A9-e2hzPNL%<r6$9UJr>$>?ZY)H0Xlp*4-qb!_)O-Dp*S_|@>M`4{Lo
zU`Bcry=V_zRTaH)Lgu;Ef!dvzYh?5zD=_W85&bsGdi@PC-#Xi!`I+2mmKv#;a`pWQ
zLuxbu5+QLux-I6i&7^8RjO6J6AYS$Oad%-3YO<M^NWLN2V;!||DOzn;eCnAwwQnN-
z?ltXmGZBwpVIiS_q<$8>pG(p9vMJ&_xN4RG0e)I49>wN}ot;~qmO|_2!Emh@p`CLa
zer$2zz{%6WWU4LrC_g1`rm)MN<PJ!9r_E^iRJw><XMK`^i}~gh8+M91z<%+QIc7<D
zHiMiprG>?TS+NYb+0^bPN|(vf02@Cw$(IUMB&Bb<!d{w)vbzn0BA`egF-FC(yzj4&
zeRu*qxV3wuoM(|KJKsykqKDkoHJ6Ucn4)~Bo`kPR_zmvU^uyNBhfOI!2U+(bcu$gt
zLt(><$;ecpduB^0%2wLD0O556N9e1feqGFAxa18@UR?I>3w!t#!*8@tE{e}Q0@oXg
zU_ORQDD|h>zH*if>AxS1*#y|P7sUcIG;Y{OqjoY_v|z(`KlzMJ&tF?nDJ)m%X3Os(
z=j*;4Y%@IthbulIjD%Ri*~Snjewu0t)y<%dU#6YU`bzav{oz4W8i3g~AMJDk$IU4C
znu>zRNMF`RQ5GN}6t1s$#pnzORliD%qHaP}p5jC^U1~@o9Ms$U=EL&&3JTJH>h0yW
zKShScVR3jm=O=ZBf?8=Z*4gX~Q%ZpL|5MmiKt<JcZ7G!wX_YRKm>!0dl#oWcQ@T4w
zkxpSi7*bk5Y3URsq?C{rK?IQw>G%i#^?mOv{A>MZ-8Jj3efB<kpM9Ql@0}aZao7JE
zG`?Q_iMWyVyMD9T{`ElP?}r1f-f}6wp|MK_Ywk<@sEXr{PI<^ms|8Sp-~qJS-L2-#
zuYwocq@#=zVvTQg+jGA&Hml3P(S&iB(T)DQ+*Di9gV9yZo7h$;kPlgzS8~Z&$`kz%
zvktQ14?iW070+)^;@KLIBz<-~(8LvcAaKLAO+T%aW{bK0LA;C&W&W1aD>>G@7E`j&
zLrC9;MK8KDsk9R0m@N9&x@&<6Me=*8p-i7&Zvmg*j?1<5e5#owS{|8*e!Vj&mCkM`
zi03Rcm87^k;k$_%tFi8(>#B}45&3SsP&@{pmq~5u$nok4&+A5*KPM#o@-Uo<ADHQ2
zFOr^=mSUoKlqs~o3-!k9dB{>2Uf}a1J(qBCSX7MA0DxzN9G4y2Rlu3crmIa`cH|G@
zanX=uuDR2~*_pGOo%vc}U6+14n8&%?P&4!=pP=G*bnUId5Tz}Aktg7Ks=VFQ>e#Rz
z|7dN3RJ@oS$KBU%%*K9$e%GzpYnLibrlVIzd6y2KLw`J$;*(cTkXuGiSX&RdH!H<?
zg!#|rAOCi&LHYzB-B_Irm@{d3mH8QSt;2&g4~D||h^xckBY{}>LvZ5{&+r;4_x-D*
zKC|yg8c+o{Nynp}2;UWJ1J8wfRq!zdk+uJ<@gNOUAAgNCLRe0c6Lf2z!ZK#03imuk
zhLqdsHXE>(c=i^O!%6IxwQ8qL;>hhJkQ2#z_-v;}D3ZPi0!3<aePWU4obduTWewMT
z&X96ks4B$W$T3uWMlO<++AJu?)wT!)|4e~L=gjG0v!_}&=IT7pCrz66-#QtX$;^GO
z;!}8C(J|GLhl`%}ZnEfzwX{|yZ}cDms61eP@GLZJe8{O<`O5}rpH`dKd(`i5Jw0fa
z>z$8I@sX(}C{oLL&vN`Q(Q9XTM7GBgIY>I4i3{RL6(KY@C5YNc(QlxL=sx32<0h+5
z1m=&fcKP$Q1M7FjCFx8KE?xwx<|N1{nrF1P+mCa-h<kWU@CeJ8lZ_3*a@S5N)el7M
zET4tG7`;vn!0mjttUmN6;sB0jZ7;lOzA*AU5XpR__&2w$yO95p)Nmpzal?>Mt~BD1
zi?p2T<NWrJoAkVcXzdf7EHP6nq1vfUhsdKu?RH44)4rVu)!L9cdn%TErMkF_m??=Z
zJ}d%<m42Mj@qAagS5Ld+dlXXPg=38!nZ?Z>KzN<+gzM->i*>?-mOfHk#r-4bLUY-j
zGi2n{_*`A=ClLlgv+Eq^=MbEb?RY(-oSkE3L-X>m9#3b3O2MQLZx+wSz1E_MP6c*)
zatvn6;(G!obYwu~)tN>X!gCG3z2+>}bx7%0R@ZoWR=dfZcNX_gQt8sJ>8@CyJ9}GN
z>-dlPaSn|4v2}LOo+pk5;}QGr(IB72WFzVOX&EFtH=RHs$1DAIj%$;0V!B@t?cVBD
zp~_-?axGHz9B;8gt4szy2OaJ$bu~42?M#%q`PO{?Vti+^KL59KI~`U1$35MzEMUj4
z=Zd*ZT`wLrtE1P84Q&mmeFyJ!jFK|J0<+iMC+F6hL#U{iaU+eZZx4PE+EH$59LPtq
zmsSRs*5zqWpXRSoxX4XGbMFpR#U`dv+zHklI4^Vjpc}97(dKYE8hRGWawszqx3IpD
zk&qH4f`2@JUqTho(AU;$`gI7L1kOW1mm|D7Y-&R}(H!!>LtcHP?YVbuX7sTn`nl@t
z??#P>X}h!Sp&FsRG)aO~j!6$Sq!KuhYtqE4i81P=4xV<pdQAP%nncyxrRbCZiU4pU
zh5P6FGX>B3PWQIJgvXh5s7jZ18AVnRnNs-D&w>dNkqKp;Hu4(Kb6s9<VjUI8&j2x#
zIFD`#;z~Id#@7(k+$z<hC{TH}nxQ^_aF)N`ri#p$4b}8rLG9f`#bMhR&y{RsvDTi<
zU3#psTq|ClrI@?e_w5dotX_(X?B<m7d%ZAul6#O~SR{}Rmu9n-qGC5aaE&0ziMKkn
zZ?$bwHY9E2x6=yG*dKOc_`G}Fr>yKIF{x=O;cSkWi}qGrUi<GZwc4?~hhG-!dr4nB
zPCj&CC~FNkzYD;T$`l!Yc-}XMhumd)_)Oer5BW5+dXP%3dr|)TeTW@3<@~8n^wSJ?
z5s1gSUThNK$_JyBx5*`X&c?59ovT}D+zc_~PA)hs@J{dz9qH)uA*DAUt`&-Uxoh)=
zW!UZAB05_8v1+0JCoftOm--(kZAX$}_QGT*h}f2ZSExq7S`zW^{xEw{vU+4<mk23s
z6KB21Zl3#68Z5Z;@IZl8>H63av*yrB?E861Z0LNvI_r}R&Lo0|0>Ul)oI<Regcj)d
zkoq@o%F2pV2nd5%oIPigW8KMYpGu}UaEs#|E-{6SaOCX`H^LlPynL9GTcPXnuHUUk
z+C&Y!tR}016?pVh{Yr7=*jtbSxHsxcVPNFR*2ekiL0j*AthM{}dGR!^uU;HK3|%7V
zf{IpG+fMQstq9EaD+IJfhs5%Ek537e7@UNE|Bz9lu;zJqrq}fN)1z&$CNb|4QP6{f
zxL!qRYc4{>2cgiz!*LzQGVyXQ6Hgm)8*xpC>!z4%HVRg~`2mB5=KWnH-q~K_OG8{9
z!s?d*?AYY`af(Qe*~*h;pDr4BjI8I^d6rZ4d5U?->gzI&%#wvuKc-0e_1EkCJFVui
z-eN)D`$AcsJXcLKa(eRMfqJ*Ip&X;5jj#{o;1y#gw$<0O6XW7N*9upXT5;umGr-XJ
zSq}Y^zyTbo0h)Y41hXC`Ql+U5XlXRvHd5SU#F=O@%09}OC`0zu(|t?tNlQ^3R6WHY
zT*Xq{@@!y+P8SxrNCTd{!B|%zlQOs(F3ji;N&OJwqs$c2XZzzFi5p{jlr?@4Vd+=C
z8eUgb8Jdm+se7oEPYin}!MDbQ_=0ZG$a{8CuKBgw8CieDnx_~ZLQ;6jwg0NVk4-SH
zUSB{x9|?%-Xl1l?*%RRBRER_;ZwIBgc$?UVQ}$(PHr^~cGhh;&BjeQm-ho+!1%cPC
z5wn1IDDB;#xV`PVqbjOqPMt?NpY+WXyR=nWM_VO`GM`I~6R8z2;DCDM?ISKI=V9s5
z$w&OOP3|`imJ?L?8&Z~hPwP=;WPbDaDi*%lZ~JxPd@JYqE!#bo1+D-+b|S6t0L}d(
z6UwX{1RzdG{-><r;|le-#?(;yMYR7uPoJ(Sj<96J60o~uaw}|%d{CV{iQIR?VTXCB
zmebta(#m3ciZxKJF^-g=XgYvxSIST5C<2f0dK4e>d|?v(8+kwPtS{HVW8evv?bPy~
zY+-l*eN+ZGYH&cRFwC9MPSAhuq&!1E+Cb%j{zuFMi1va;3$ORH;wm&IeetKUfL`Kl
zwb|&JJ;E&{tqb0VI`7v{c@;G|I5zqojo<q~dj5{>e!4k$7*fcV_a^uCt47%(UO^Ma
zLIL?H#hZnjglMEJ4UTlDk|l5%v?Sk8C%nOs{}k(pK?R^3!Fb-C)%$piUTG8teas;F
z_Vv9ISgncVsQg0rfYl52)rc};)i!ZwtnSR9`$hLwHCEl-<Wg1E6lz{{X665??>sr0
z*_P1gd09Z&Rey9OAh%_D-9E7=up*~&cu4h5gjVjDIot|4*7Hg8rQed<WI;{@q$qJY
zIIba&84vjGbvRx{0klr^O?6haIjPMW(we*tD>|D1=``Mt;9zCNVW%iXDQrjVxa{Ns
zj$YUDQ>8B7Tjrg?g>H6dQzWnrz!s97x!2z>_ZkK4T#GXHQpAxvsjMR{5U3A1#+A?U
zWDCxwg`ts7HieC^S&Vciwnocs!%n+Kq4&iiXMnaOEt@FJ=NE!`d8q<77fIdSsf)67
z#vjJaCUs<eqt%hsTqxNkqU_?}QZE)%sxgSS5f;+WnoZL}6~D-l*NEeY9U%OO8qKkc
z9!v6@(l=9AyEVT+_q!oCT4xkAL~G6R(}-e%jEWkWc<0&41RNhmv07EyWAF(V>7;tE
zaBC9VC&Pb?ZlcViT50Et&*Qs$arso1i)&JLYVz`Ge%5LVJf$RJs9Xu2#+{SYu`xe>
ze)|RXrX+fj^tvZ|r<_L0dz%rYzmsG-IXbh<Vd1#qhP4f44<?6v-c+D)=dw#(o$O?_
zi5TOMWa)HIt8U&@xy$LS7{sYh@$q8>N*cFk-hzw4V#%kvL<G%5Dv_D9hM#%d%QAFJ
zwP;U8+9aS{-)B2eqM0VqHY3@r#Ak#Zo@41&R`kQm-Ch-6?TO54$Fu8bW*Pu)9})T`
z(5w{BHTdZqhi3Sd80_|7wzK{$ZTSrxUyVB?$UGAqKTf`aWB27E0!wlYMNLVd96HJA
z<#S2{n&8+uLBVE$yv8!7(lQO7ijsG=ROO^o2D}9&`l4oUt!D5UMHNe;?M&t6O(k^R
zo6waK2x6{kq&yZ-j1RD@e&=8oT})y4F2WSlPtVI{>Y}tWMxc%VLthD~_6mDM=ktV9
zBXVtVM!iOrihGc6fM=j@@Sc>NPI*ODfNS3VM=Bw|8Sm6lJsxs~kMqjDTQ_O9cA5;y
zPAh6XI|-5=gz^rt=#?}-*3r@Y>~;|Oi@L+m(X*=D#j~nr%lg<pweu<Y7S;QQRL1%)
zuM#v{a_BuIfPM$~hnt@Fej%|O^%d$dA3vce`^iuftz7^4r0PZ+D-Ik8M)9_(V8Jl=
zuvM@$QT=V=<N_Bog=+uYy%s<*zQ;Umg#G*0wU)Jth8A@I@oC9h3bR$=Rg!$88&I2$
zD2^BoU2-DsTIR4Y88hs_h>BpvS8X97mdk`Uo61<Z9Ks_SoZB8gzaHI5KK&h}i|X$a
zaFzot<?)&IuQ`-WX>g0>A4nPuh-@@0`OSKgP{{o1lx2%=JHtm7$^k#ieW#Y{?DUJL
zw->t2=_A)+;xJ#lPG{cc$auEc8Np4O-ys<&GF=|(He4niE%|Lg;nOb50+D4dMbCma
z<46pN9<8Y5sy5?!P)Ag5@~Exah+}jnK=m#<YyC9RN5;*i@0Zu_mEEMOpW{ItwLcFM
zUM1IdkC^{H2|B<<x;wr0@sO9Y>-)GwnvQ?oq6{F)iBR5DPK!%Oix(8)WdWI4SZeGR
zeH*o<?tEiF(;(n*r=7<*5KaE*CO977f*NSjXSzttk>;JbWhH8C3Fu8m_wjH%MYrOD
zD$zA)M4!GT12_}ihYNg8oAD(s4s+-Ev0T)GZw;Vkcs&m}#5`nb4Hrri36yyieOen(
zd~ASHOvJ1|u<FPFuxZ`HQoepfEG$YUZ0U7!^1gTex%fN|Ppg4A%de@KETy!*rpS2s
zg1I?*2fiiriD#%^CVRo|Se%uVpsKFAC`(hTJR?@d{snU9Xm8S0dm`}mE-~G^iOxrj
z3@c7?;*3g2w+OGP54(29(%0>m8<J)Dsb8kZKN`<nB@sGu`1CPK+VwGIn9S4Azy+=1
z@xfnw&D;YE-L%;(cT|06cX99!T8lS9je9G;THy&}ymM!t>5fWL0Ic{zCgNRp>05;Z
z&l*KylX+zWvg8~h6ZJ>h%JRJht__~Cxp|Lo$6DFnM1D-p=K9F}#W*_33-juQVXd2m
z)v@<zj3o+BtC!oI!`?w$HA9I?0I8~W?Pc^<%gIK{P)dbvb9FHt8RiAa=ZRgL<!=_v
z)eY5o_;_M8e-^vv`$XoI>yHvS<XJ{-$yg)~R563$p8n6)?9F4YmEt?eXtNWMi#gur
zZXrFa8b`9K${X3ovcBJ?tWdD$tj@NdXO5zN>w;=}@?G_Q?mE8p=>mb~`<vfdaSZ2v
zM0A}YS=WbY3V4!><N2RWG}JZ}wEI7dr7g&)RjED0d>!Ppw04)8^+{-KRo!!`Z}UgZ
z52oV7T5q+JIZffU7YkDUh|W{2HN1Z6??_%4!6wLxtjVzuA)l562I5gw%+E~djX8uD
z$GpGqtmN!buKB%GmcC>Ut-|3-R-_k38PffB^J#M&(J$Wxj<f7^Rit>K&SW2tLI4iw
z3`}NpY>|H0dp<Nqg7UuB`K^V})L1X*d`e>{rJ12lIezaiTiaiK^}qUb1N<fHf#jjz
zH`zA!k>-0IrPe_O5=8GpUa7xAh-ipzB+aCWJ92eMSKRR_7%;Ww)=Jz(Z5Y-Z*Dj{f
zc!~Zx^03{DsS*^;vQ~Vo63l3?opNs`!64MuBDC42u6e)GZ;c}n(ZZbW0auDM$^(yS
z>88MnZ1^Wr_3{%)bF3y;)AXYa*=L)0=f0-^ko+wEw$B{p-PO!sEl@MxvqZn*fZ_mG
z4}Yb{f<JT*s$x5jL)NE_G}R1EH4+o%K>FOpeNfwb4~Gae{7Jpph@ORi$=de+Bw;&7
zw7y6BQVoXook)13?UApJqEY24r(B}nc8USjiu~H(_Aa9`dTVb#`B>dLYomN_gocj5
z1^IZ}zmPlton;vL#co1RTvcPUp!NNG!BEH!_mGzsnGFGpYTB}Q7vCX$`se&<z3ha%
zQ@{L`NUkVj&1QZ!C#CmxrQIF&H()Pmt>+0pwZ*tqpW+hV=N+PV;gY#ybhic3Bwh)1
z<QI({gl0M>BJR<1r64w4uvxV97hXx__#j!d=YP1keW2DgDyR(Re!&|{+=v^niHj3l
zKg*7ay`{v-V#`JRuA8QQVn8gydSO4?(Kq)^4iokx3gf4Mh1>V13m*4SaC(V)&}OZD
zaT&ql_+@3OpLGIS*v$P|zC2;8p>uSi|0dD8zy9O4n!aIi{pYH;exxtcg<dokU8A8#
zMjWixDcG3yY8kWBDbcn78ynfm?0+<s4D{P4-OIBXa8Z9Qp?*?sH#f-}+FU<HFvJ>4
z;Ku96nA?C&lxye`hOLX;&=ESl;;~7OY93RFxNA7?wJoXP8J);TJUL7~_5-hdj!Na}
z{;ihY(td&{Vx8{x#?$GsbVC2|j;T~x<X8OVTKsh}vFjZ|ZxncPp{FC=(Hz__i99TW
z?W*!Z1T`4kUjuNZc+7eEez>{H1jNW<FZ<mVoES8~eu3(I{Mr$FJZL(zxky2n+eN?6
zigDzI86BN+f|OFHml5%`5%<FKJd{{jUNhF1YCFt!hal1&QS|DEt6IL<M3Bnd7i4+J
zmzf)f?O(t`d~=cq4;)aP@ndPS9~yPDN{4jpG@DdM4-87xd%K3&ZbJ}t*1<)h=kZ}Q
zc3*!RCBQmWjJaB+<r@+;Ciyfo%$Iw8X<b<NSv40vEoS-{WNGDU3?LMA)PkivYuiL;
z%WmviJVg42@7bCgwWK_0(R?vlJc#6-SyrC-rbxMKb?|y+I8$G+W@lB$Fe3wz{_a*u
z^MK~EMOajD!*sfOWd7!Mx{afJrd-xqP1|V?tFiBmWhtx>{P@ht4y?ciFNXJs@6AK>
zHfv&vO;WiXq13KqbK$!&{9Y$SlFAHK4N@lMqFTRArmIGncy`b`ADUb+51Nr3k*9bu
z!qU7o8}27hTiR%-shiLHeu&G3Ge@YAEDGU?FTVQd(d%q7=KW?mQtZCXAehe1gR{7_
zu%zZ^^dv~Mnx&OCc(!Ah+V-R>E22kfW~N#>%y|Ikr%MS*2MwZmmH+9>>L;0_cPW^n
zaS+*l>-($#IF8ccCfn?&k6k`;E*p3JQ%!sBlyFX>VL^{J?K8fr68%*;(23`~!Ta<@
z^=inIpf3H@Ws4~*RgjM=ce89rOfzK1WQ=A?DSaL_T8{^oSWM&&?^{>Wu`H5!@YAr3
z-_vHjdm(2d+;COSDqM#3kYf8Q_j-tX`0Q(-C~HAbX5-mU%sWln{>QY)ya=hjg2BqO
ztcuLp9-kGI<!ldu5<`3K<eTZ?lR^td(XiVDu)N{^N0RVL2}wieGm3h&bbW&49FHR<
z1ygCCnyIs$B}!6MpOIm@ILry_i>mDLGD#fKb-fS#9jgS6oVP5j^tBo+zM<=p6Itg~
zX^6<uo)Wx_06l5>vp2Vq!)Y}*FA^<9NmjIJqnm~6T$b%Jzs>nEjyB_HvM5zqyF~Q5
z7pC)>H}*dA`t?2uPEJI@?*dk(xSKNb6P-GNvcBiYxz7c4rGA^N;J#ncYuJ&s5wYP8
z_dDkY%8HZJQ696=TEnJpu1gGtGvQ#@-tv7Q&QXr$I|vbMlVaLNQU|s1(DpI7NAWgj
z3#Wgk3d5y19NSEAUp~N>Vr$uV>1yT4Kh>657XRw(G_c6_ZSm$gDq_4KH(3%m=AH4-
zNg7fqq*B@5c`pNg6c61t2)pxBNA$72lEM-Z?aIhv_1C!L1QzRpzOd{y^!D*N<GlV0
zfivQt1{{K|UfKQ|$d@A8b?<=e&7UkQ{jM#WI)2WQc)p#1=e{~I9hf*euBL%Ghd^zJ
zZabA{eR`EC&3E4c@#WUTO`0+^i7DaT4*TLg-WdJFX45+E6<O2aE&+nlQK{03Luw6`
zGR@cD>>A$Pl^a|c7$6-Q2}i!g87#UxDobm8*Q;Y;t_^UG^A-me>vbi0e>fI}z#rC#
ze_b8}|Ii718xSU=5cor1@vl12pE}c73n~m#LH8~b_6?XI7_-4q8+-i!-Dlr#WitZ;
z%)me}lotp@2w;9JO?UyA!V3i=5N4((m?dQdEKtw(xGI4Mtyr8eFboXW1pqiP+dTq)
zMMrZf6E_PkDM1hb1Ob2nVBjAO6zvflL#v>2bXyz(247HSTofh;CW1dZa0Cd5;Wqe7
z1_6VB7^028Wk3KFj(T&%h6F=F7(S1`D<Oyrj*q`&PypcK9hkpl5IBa@@RAG;0)Vds
z0D}WA2LOW${0S6^Y4N|&Ltx+w){wuPz#y;-!j`{e5GWjD^|uTv0KQ;g`CAVRxf%>+
zH2$S`;U81LP{`#T1K^mHUv3Zr2VwwmQT_=UE^sw7U?}i%fDj-inoG6-I1)36mxTfX
z7rZlnI{`xxmyIDnh`|40d!-{lAZDPhv<Lg&U@-mvrzaSQVWz@gjxolF%VP`#3jnTU
z1`Pi{Kn90j?g+;Af@tTzKK|q%2m=DHL<oUGuA~r*$@RaCFIs^B5m)emY43uB=D$uZ
zc7QN}D<H(619`!6^Oqt71h`oD=`R_^_{xxg0C0iJP9R_e=xTcy%}ecp0RIUF`A_;m
zAb~4AfnZjix*QAyghAKk20;Q>vIT+&Ttz<wa6wP=Pv<W34*@|Cm&XZX4E@(M`C|dX
zWdHK?gkWHO1q&e91*6VCPB42I+ka2HKb2r00)ziciV#fxuQ<V2U)IAIUjZf<g1Dd?
z`pYo{0tQ@>fe`-zA@aZI#~4GeIKcq@N-!AIT+SB8#|6*pUyd=8MBs83AQ+tgoh?lM
zArQz_Cj!7LDTD%G(7%lV01ROb_;N5X%#6JZI1GLPmxF<WAYdr+Qq-7OuAV@knB(nb
zJs9Z9feQi$T|HvLuMQm?j=12V`jahG<vAtheAa!=WC#KypaL>*3{*f+2o!)27ssGq
tLIMUyNJz^_LM26o|6dJ*3;HfsHxm~(FBc0-0yqK;hZ3-}ODoF|{0~T@;YI)e

delta 44042
zcmZU)V{qU>)Ak$Nwz;uw+xEt`@sDlWPByl&v2ASZWW$Zm{l4dUPMxaz(@gdBx2c+|
zf7f*9y+e!!LNvgG0yElME?eWM{-;{<_V#H-sm$59+b;^XZ044f8>m^;JM#fJU}C7Y
z`c@zq8P$G4Q~d{k{2WLKzKn!wvg{;s8?5}x`OQ*=?;RwnJZch<-9PLmI=^!?6<Tei
z@}QMjTyUBaqo?%6Y@~3JL3@vL4+j4Znq7hZFXB+wsxJoz0KOllbAb-d`rVlmV#M!5
z-0bTq*;31gJ?dEQOdYJ;0x9&vY|9TtjQVBtt3q$?MnAg+5-UTR`eSl3VrA|#bX_4B
z8Y)J$U9YxdSl&C@xhx1a@5cj9tHPY=zm3RW3R4<L4vc)zoFwpmi1t5-^|w_w3CuBk
z8BNAZ<$Lddh95IFDcLgmngSmN+5GqcRdN11Zif7ybSif-+%?L-=?tUcG>~&Nbc@y1
z^}p1~ts2!%LOikGCr_^0b6$uoZY{_&QPyZfrHU9NPwfdH7#Ci@zn-nE_6q~PtQVkG
zn?+!svugHU4H5F%BfeR};|;VdI(V=+5*YjyGpNvj92<X(42k@Zn0|z{dyG0tWT70g
zn0V3V&r{*8J_KEtgLUc^#Mn3PyV`W(7!?w%HhNL^S&iJtrt7WQN;ygGN9XG+L8Z2;
zMC2-QuIj`ZQj=KUs53l_H~nYJsRyp5jms@h;*;CmJ%k`Pc_SPx;lF4awn3WS$w!t5
zR##iV^7_aI;U>nbB!&jPY^tTSnMvcGI?G4%_(S!_`PI?~6DyL`n8+rAc@Heam+uPQ
zT@4X})C-&!u?DngQBXa)F4qeUln!b?Do3#WoK|rmVNpW(fTvd_IOAaYnkuAtLYy7i
zxrP>tV^=*Qve|4aKVsJcj77L@{toOz^LhfnEq;BnqC43t5EstF-C(d;RP=AH2r>l{
zG<Dg!*#`st+G^Xl7|4Yhkv0;;Y)Y^^1wr~`4z&bD#cMuso;XVhF!?|M_XHzJFs)@B
zL6A_Ua@_=*W(zt%3-f-ycF>Eo!azj8jVA1m!`{!ptZysJmzhm`$QGdr;i;9}6gU7r
z8;@)n<I(%%e=}n%gY@I;9o|bDG(Ik~x8XW6&s&tfIq=!u@)d~WwDgTJ3fpwzScD=m
zPp=iD=&ZE+<K#DD3qWHTuTJA}K(_Q<zRu9X1Wq7=FQU~aMix!MwM<`v&JQ2)Wir>Z
z{2TiMwe-XNo*j-5zY<6LR`(=M&szbc-I&7mOWk4MM?^#zaJ~W(1}m<KRaaaizzeX!
zFl15_nI_iQ8Rbx_9!xfjbI1%-n*Ges^F6MUr&6yDRL!xU@sxKI1^ur!o;05sm&_M0
zC8OZ}n&X4#b1O(-Jjjw%rS^d7_f+p|C{MVygp^)R%S9dIS5=1j0Tf<c?rDJVqQ|3k
zDS+2oXKf!IwLfB#)7_Bdt)O7?Zu1*8cMp@_KCO}sTElHeQGA~E6$XYX-c|cnvz^rT
zT0JBD0O4l>W<Mnb&~nz8-x>CoL$En3!v6xdrka|RsLfuA4P)`2PJ2u;_}#fpfpLA5
z#??ZT8W^#r9iki!51T#MI|b0l!3Nv&r#i(Xf2e26LS~j6HLt{iSLUQL>57d&xjf9I
zAOB`UaqU}X3XOz;IizNx^T$0#6-(<*<*T^JgI%@j9hM|BJH=mmQ)+djO<`Obhwd@_
zm*R<FgDJ4bu5`%gUsUN}`=0-3)P)oJ8Fx8gTsmjlWkOk5#%swlC^!K(nx%aLFZSr3
z+fg{Xym01itPt0xeygqE)2*A_&}Bwn+$-hQE4?6c=k_qwLOB}M)^xr}#ph#Qrf9FM
ztA)DpW5=djv*Ghgk@oRrS}lP9NEsLknvFxc)MEo*xhh&Nve<qZC?^{8$r|NXd`FQB
z18)@+)VJt#UyLYBw?=>xx`0S%Q7O-^PvM75RS$-->h2#hZng_DHR9E3Z#U4zPhMRY
z`GhBrfft)kzK#nooBrjK%Wm0vhGVh~mx;f&xVd2x2+m?~i~MLPwxo-G>roK9ZIAy3
z16=P63*GxM8Rqb|u;y(bOVO~}Rqeb;A)j)ji&d#o$*UfsgfRi5;6mYY@6h`+7X@pQ
zZfEIu<(mauE$tvk>zN3b;o<VHPkpXI4_f@auD1<l2go~I8)(lt{l8>r<}jv7mII-F
zE6L?$i`KwZRYvRX=oMkm5FJfqUqzdRemfJEl%0;e(puQUy&xKx_=Fn_%PvS<5hZM^
z!H90}b$iI_AQ4~<&43F^=+YdMKM2Wd9OCvMwaDN|{bS~^j!){RxIpI!LTa^+b_8$Q
zlUubyU{cV&rMG(*xyXYKwXTx&m<gMnV*P<q7gPaFm#lPt&?4cPGM!I$$l=BnB*_mc
z(X+b7fSja5WnFhcghi-0cqsRsubQrW7%}TZtKWK{vB-cx{|j}E-gEl*;2RR!j{V&e
z0~lkMqSoRdoRTlqCC69dSRHcg879Z;ceDo%oxe!!jwj@qTmSc`-P`5yQ$$S_(GSHn
zP+okY_$sch!e_zSr#i`B(Y{YF6FF0tv~REXPfRC|Ckg^>_<Sw9e*?0<ICG3<zd6O~
z_xkg86&-<-CwV75IZXj~Iz#nszrfg%n|y(`(Od64kQVIY^~9#;Gu$riVW{9`E{G1E
zKtr&8D5z51;Q5JqVxd*NPj37fsr(&ghBLl|@$+rz6e-t|e$I}B^74`^(SQosqeym<
zJNw9elyBE0CMnNGpBa*pIfmW_>3JjZFIRU!rxVD>cNiR#Rjf7qo%a&b@u&LEDC!-U
zetEMcHYZ2Ho|?lq-l#bh!SU)>A}%_I-=crz!Z`cOcp2<;;c=~dJwIL|<E1K6V0@~s
zkZ(ImoTC!v9h|nSrSKZJ(t_*p8Q3QGUaTX7LNB+@iOX?|Qx<@uYgz8d<768c$BuEX
zilII(C>6_0LiWV4H#%Jy4Yl-oRDX9`@Ky?1Y3^X=>gHl@Vh{J9o#Rg%I8G8~lK-=^
zvT$?#Z;X}se}eq{O!DRqmTp!gtSrr_LaAW1tStX?#L3L_|E074cREK3st^S*qif*0
z&DrF?RxjM?pkdJ#&JKFVw!tqwYjwD@zM59v)<jp<R*5_QlV40xI)3c_(tqpTXaeY|
z00sL<Jlgs7?m~ww6HYOICg}g>Cf46La7teYbOH6A)S$k={TA$6f76Z8B_W?)UQdtw
zS;Wdtly_FMcmqXBKz8HGjW{qGFiNRMsAK^M_1|k^JN}#7tsz$0`?5a&G=FW+(eYuk
z)IwIM@pxFNrzVT^Bc)u`u~)Qkyk`aKFB~7yg?`pNMalb5G}rnTd5a~0`3(Fu!E<^L
z4i6X)+vQ+FeoYtX=JLOV>?@=+G_=@J;YTeCfaBxGy^Pz<f5s1MU<TxVMalWx-6ucX
zs11HnAVEA>0X=uGb$>TM<AM9t7w=a?Z{p?QeSYv4*tdz=w>kHILV~k4_{XG2UN?%i
ziLD+LhWB~GkV_6VK_`iQ{M#DnRix(;+T!)s#_G4vTuh5*)yDE)HmxQa6Pvyx`;x9l
zyE;{mDG1c@pXyAWPe6P7En}Ubk%B(Bkz&t*eM~urqYf8E(ZkTw(fj;d6L$mWcfgiF
z`f3m-Rr~APu*vNXrruL&#bJl<-wa#Nt3giwJ2h1J?wJwSE&ZM@f}ERtdBlvqR1xC>
zMk@Hx!>117;Q<!*tBU@AeL~`XKU5uv6*NbN2lEM)%Y&xK%m8#^@tcU_m71wF?3%UP
zU5`ZBvGPZj-_*{<q)pY@=e1~y$jQI$Vp6XRt1b-Uwdq9XAO8)V>Wmk#E<4~wM_ob{
zp)qC~4XTId#`@;`v|nmmchG6oqNLjluW~UEy4nJxsjsOv4|~P^o$B~8(U!j-#RUFZ
zFqrkshAeRfb_qa>W4(ph9&HkcAbR1<30C`jO<l}|q(Nv#kBT?cY3%;cT(K+3ZmWZ`
zO6VkhqJJv%S-t};m>!LA=rfHN9i_f_R*)i|ml+dZ)yoXukqckBHP-SiXy5eBkNw$X
z71;Vv?63(rwbAuMu60!t199sZf1tEUzu9=~{ipx;xHAw%tV^{{SZ)XnJGH#wSA%`u
z@!i~B=kead;Ltv)O$m1A$IE>2v;&ckdrvbtG<HYPMR+QS^UCl1+j;t&K}N_uAVI&<
zawb5!BWT#^S8u^TRGZue2qJ2z2I82Dc{^fyb&-j&;@$#dwitizv99vZp8hQk)6;P~
zD+@!1w^E>Gnk4DB{(5fd(D^sNj7)C+7*@ycj{G6nF>k13q|n@BL=)@gdFSma&KLIl
zL7pOFDNa`~A@nz=war%fQ;LI?!0st5O9MxZ_=Cf_UK;d(>5>gTdTruCN_a5AMYp)f
zhKu-PN;P+bte&I*nwC9CCu+6Jy^->l?%l0U&>UdxqFqcREk3cEZK#MwPXk!)iG9l*
z!GdW(^5Phu9S|+#_btuWcS<xhXknl!2X|W<+Vk#ZNk0IR2Kf*rLIw&*IF>)~<FJUh
zAqK2{R+M;+ChKY`AL$e`NipeH6UM#*VMC)^+h<?ii~WRD;FQ(K5b{(byX*@wqZhE0
z;Q{L_?k;a3vy}DnUbY9kT^0A;cy{pOvM8!Ovg%N5QCYkRtMD}>Uk^6h)C-!qp+rjz
zKKx?OE_wq6CuzU)#S06hZ;<e~$#xslVstV1XhGh9)NH#8g?Gho=y_fA?<-p;@vS0|
z%qELw|6TU?_w4y_tAkdo(lVhu?lcMvPe4&-X`I&`B_}pFk7vyDmLzWm6v6X{hx;qG
zD_qnMTr=`mgE^lVtXQ-Czxj#jK%uaf>q1&GdGNwE_B$lqjds-H^Fd{s-mO@amb7XV
zM17Ai2nyb_&Ptk%!$}{~$OZCRGv;(hP1}~kAPsn1qu^}6mb+eMIH}0f^EfnmKVV1~
z)?5DRWB%<yrr;$XwzRtTowZEiQ1tKoPqWcU`$+xk+k@sG{gL+Yd%s{D9P8qF{d_;6
zU8Z}}<&HblKShfnbwl4VqzRK0N<)pP;4_>pKau;>8ParaJ@j@Iy#;Z6Z<2D^dG<Bh
z`@zbGF>9~$5q`RI>V5Q`bg@I>-T{J3ouF6Yk$3RI^Sk7pc0!_eEB_HSqvJplacXEG
z1e=T+Ugip|U?mMg9=mXhd<H%nHfKc&zlF7W>KNnbLztMpw(2%S*1~B|oA<kMC6<Y4
zDVtjrIj*Z?JGT}LU3ry|kZ0XOBL}_X9BM3h$>O<MX?hkNObNb#meRTcC7^afN;mG_
z-^VId4^;?itfcH`6q1pf`l$V$zW_La^rn5yqAf;4?d6~#lTG!?OR1Y>0m;)UBriB}
zSfcc?h33CWOQxX*iljmKxDxE!_(Aw_8BwQ_s!bT!?s{^Mt$4qnS_o{~<p=*?cpxnc
z`aa(7ye2mB7L@Shw!F7kAb=Y3kq%gAGB<02+GjK=z?!8=wS?e^ZLcMI=1e`G`9r$t
zj4LA6z^dx}FA9enGxIt=;am}c0lJa{A|GN0sfzj3a6(1y5!*zx2OKLw{Fo+8pKf^l
z>>-6r${D?GewhxG#uN~#*u3Q0_aPEmanG(`X2)Jbw1H6e3x=VvAF$1{E#yNftK?dc
z$CEy(Y_+`5lvSuc3!xxYP<YyrKQx7j!5u1AYxP#q#U?JmViqk%P2o(rG7EcTnh}w7
z>l%j+ui$sZ6*lq3Xa<fAl*E&$#PQpj?K<VX9)~wr`O%B`g#;8{@7ZBQnx;t7VUf*#
zWUv;y3zr28of-oiz|~zDg1*gp0!?cm)kva9(duTi(itzlx`(E9Zc^d`Z7{><?_?(b
zI)PjJ)+6Xc6(9Frop2%wJUZ>t@*6~V5I8fU$xr{jwZ`ILz=*I7Us`{L!0M!>iTpe|
zfQorg<l@m_y_oPMRl0=HMp;zEEJzG)JN~Fv6!P&Jk2rz_II<?zzrY%xTM9xAGF|U#
zVli=5oYDA6EwDl{+CW^sfiT3iWs{eJ^Ra97`<z)+`I|alZw4L}Dd|xc41RY(zx1<j
zHX(&9KRnTQwV@&n-A!iSE6Q;7siTN_p-GHnE1VR`O)izPvbauyUy+*yLixa1@{j(>
zl(Xb(z0{N{AV&GCyUx<{RsT1IJ>?7sOaiaNS+OXonWNX**LgstZauQQ0)%Ic@WF+m
z?JUW(1-Ghg1-JoumTZFzf6{N|6ZLyp8(Q{1yjeEV%|m1}A}ZMbLCoT%W^kOP{e^m?
z>+SK>d1SKd?u~P73gP)Udo^p)cnd~WlnOyn&lIp@KvMkEbSb5>>)%h3)zb{z$Zf%f
zH)S+JMU@ENvv56-OlF-gZS{t|sdEZ+7dXs6ER#P?=dIdEB}FR8$95jU2pk*TxW=7-
zuf}oQxU#VpVH6@8@JNeW9JJMW@a=RGuG*GyMq;^>!*D<S2prajpkj<zo!@TEq2itC
zl$>vE2WYa-SZp8ZrNI^>F`oUDeG&QKb{uSR-)5|WnZiSYEX&kyCH+t${%WOg{59!b
zDdA!p?neDwcVGC)45g3p5P9-2PQcwVM{v>FoiQC>j&n4>^|@Xam^k8`@WyxNliPvH
zqW<C*2v={B4q`p?JJ@n4)#`V%VWZ%f{a^HLPT=ls+1|)Ai!dNlZFBaki1#cY#RkQN
z%u#SUsD(tDVg}X8DH5(Y+7Bk{1-?z{4)1siYDK}tn?LvKlW*`u;8xJod)u|$TW8J&
zk>8qXlsCDW8lepNU!O~&0K2-MYYE!nZzV4yexLTYlvy1liFYfD#XTvCxA?)jC&#@~
z1YmTtRNjuTV^Rte;$qT3Kq5R&@CRYyAmLykEkajDWfr(?37;3gnh0r<$M!mt?QKhN
zozqBgH~z1QB;`r+d<mrjx&0!qlXxo@oXtXVSuf7koYAFNi+P`pV(i#Xrsm8SM?7<R
zQA8493mUVva(oe6Ql7+dXRa_k6)At)9)J}WSdwp^yQDtZn>VhL-|NEXAHNsd;pj+q
zFgR0>!l@3D;7B&&$7wtA^qj?JG1D0^*!Yt-W2n|*wQqQ-TGIXW`;~6iECY6@2P-x1
z(K-m|nCGs8M%`KJK>9KTfFu##XS7l~Y{@|=@xVXYgM#6x(8OI^hl4X`XI&c7fT!o?
z4vE@<DsGv}y*}ad{F(SLDk#3^g8*7VPl~JhMavB_G0U8*3{OV}+5W^I>C^Aqr!tDo
zbOGMd^V&H$S5lTJ{m44TE4Cjg8<C)a!dV+a;7(e<HQ1(iKnBh|+4gQ9TJNQCY(5u|
zf0QeddqtV~skWaUrWnp;16ZyTz<E8%feLB`kHblqi|g$H7M|(5i9m~>tm+G<#z~lM
zOmDnoXrGrmJK8AJu9Eu<s%&q{zRcCVF?*q;tD{k)?Lrw;62U!b|IP&u_e#rR%gqUq
zn5W2RMDZaj4V&9T_i%h##LllpH4^S77E=$kL$rBCUd=}*&bYH8h%s|UfB+T^Rq@o(
z;mVJV?VZ%Ko?6cA2<btS`AZPbR3PVr{>V+#5;IlhwSRls-=nTK3Gr*1?98ITPHSPL
zB0qC6)ov>j%QOQZgI0j=lCE4MJbJvpHZsD8a1nBKTcsrO@OpWkxxbG7)UcIrVXLFf
z$usN|6nMAx=J-RvBq}KZB;}ONXafD*fa_C2%u-EF3^9{Zefsx5=hvkX7g3y_PI1_w
zNvJlK$aW<yL<(X^0zT^pmA$$w?T{&aSa^`f_+3+%jOO~y8ibny82v=Q(jJY<Z*5`|
zQ>;Kuxq>~l+CLGReZL9_V<M`E%^ELfn%3J^mn{-$%{6|kf6u!EqFLv0NmnWdFd$@t
z5VnbtjtStXOi5a8pLy;Xp_MdOrb$ZE5nf8$#_rGeZ8S!TQ9MreMs_EEX9V8;1+v_z
z=jD(<?N?@w=ff=*9tErFrj=zVeCEg1k*wLWb<%f;#m|tcyPFW$bBrN<4cHM2V6!zm
zUTnI#wCquObrDK{p_99+n_h6#St5^>A`>HF<|BKCEckaVJbRUz^w96ZDEO<BCDa<1
zvDX$&UstB2<~GR;@mlTbujJ`rCLfv@ftf(kLSGv=oxo+Z)unP-fq!<)<#PXdn$}SX
z0|hInvoM-pBJzk_!QS^au}TXlY%;kMzpx7i7Si%`z00eB;%QpC!1C_+<q)EajPnl(
zYr|sFp<kQ20&95^$}H{koTUN!4Tft;{Zw|4-@`l0!rfIF)R5;CCzMXovYsLk-mYQ;
zg*6}Z=-a+b+)8V<JTI!aMg9{Orx$I4M^E7B=fSX{J~w|;o7l6QuQQG>j{5)3eS-y8
zIi~(!&gcC9gFY+A|4=#`4;%acqC4AvlRg{E|3&vQZ3EY>4$Qp13oYZt+0ctf6p(-l
zCIx-UoE<N%*3_))O+rNRAvDwIBeX)yTU(=t5?|27;@=cG*KSu)glHYy9WUFibsuzO
znPkQNT?OYRqVo>-m!a7emG4PJ^EFRq0qEz@m+w&q@+!ZTQ@ywq=iiwBismXK|4KkV
z%~%8IJbQb}g}Sx&dO!Zo41JpXt>>fe%PC$-Q9ocd05X};j8D8#Eb|m{Z4K}9tnzcX
zxP>p>4o22XWEL3`*WNG}m}u-`VOyE_iQiMR)Vw$D!Tg`>dVv73kQ*e%IC27TkTv)j
zSir<%<UBb^ASiP`M*mtOWS=<Id8ACa@(6$q`tdH0aX=y)R_*&>1QPh%Y2}r2GgtS!
z2L@c*x1{3QiTra{5YxL;%w3JphLY9Ih{JT99>IA$v4-iFim#ER|0O@&NGfDz;<#)4
zoN`^#G1?%PxCFuAB~aggTSSSF!X3qjG3GOHa%e>Zp3$_+<@AYL?Is%EiD9L8cMtq&
zeq<$qB6NB)8kz7^gHPe%XF^=m7Z8FzrOwP#5y=~%%nX-Vw8TJTlF&`l$q;r`X+4Eo
z=}*{-1HU@o>Sq7lNXuKUVh8uVs_DiQjdxL?A(~DoC)P`rCqA&WeoI2*9L{iWy14da
z%81$J>P7?G2xo>Bj=^~1slI9{c>+u)bS9s{#5VKDb>)Kk1~18^N|eMtOYJCFD(}*t
zb~h#eP)e%mvI|loa48{8)o=|oY_w*@H4Z)aeK}>$gZ!>r<q2y3NVYddL1ECQVC}Ys
z8P<J#4le0<U5qnkVnm02x;jyWp(e{*6ad4)$P1T#%7H}FB8m1iqvBu1BM-oH22WMz
zX8EqepQVG=`ss1Zv;SkYW-Li;bE07wF~Pw*)1|tblP>XuG=r*quwLWTKh~%U5te-S
z6P|+nBqGrvT?|-I2H|Y*@5MF{n(yOfu~6Ao)Be=lBR)FznD35!qJy!ZXMvvN)Djh=
z`y(Hv4%y03or+x&E?0<sun)Ki|7b?#{l?gcZoxDgH~vuyVdKIPjf1v@!CB1XiX7_m
z2UV1R3oNOEj-4Pmv9IQ~e2X>)NAc&J_oRGLRGKgWr9cFM2@Sf4grb36h|SN|u%WYF
z_N+(R#M2gqjmIv*zs#^7@T<GL#kp_Uwju}oCkh&PCIPvu!~_49|0n>n?O~Yx&0E3v
z^M690n5Nd&YT{Uur}!nmgva0}bW2}9(U(h6BjDg#`*cb3DD9ELqXzhl33?N;jKlsU
zd%&egBU8tEu<o;KbfeAKs3S6Wt&{K7IclxNg6E@&LzGH#D3utq4EBw^EzYw2<<@!%
za_f?0iottKvJANkb_WAEK2q+|OTY_H6&JZ20igituepB)|Cpp+4)c=%aLMp&siO1@
zHc1cX#TIvkkw<n2CVi$Tkvqjlmx~HEXJT3cX=RP*-ET-oxCY>J9PV|R=0Acqn<#WI
zW)O(0!(=6%&ZVi^;)boi(Mxkoxf!kK)Y77}nBOu(9(Wk5(+kM{3Ki~2Tv>yt7PE&v
zbB|m2t0*@F&5b1Q3ax^%NvAP|{m@yvNrmY{5p*SH^ggS&uUhHdE;5T5npm8KRT1{&
zP)yxoOu`RC(?P@=xVH8Dnu<3f;hhzA{t!h(9!EYOxt|iWD>_+jBHCEMeD+=BM>H~=
zjZ|f$i^JB8F%1;0+%$mebF2=S=6$Vi%;1~UmqZ=f(AU9Q`!ORa4&COG6Y#~nNNDLW
zU~4%V^@-Wy2m#veq0vk-)*ej`1qz5~Z^quJ7K5*kumn6eBKDhIPzho$_NKMW=mJL9
z2o(&4#Ibo}4=SN~?rJJ4x@eY(PL<B!=%RXeCnIMr7{JMcRVLdv8y@GIT4Cwbr_iYH
zIoAsVlHM+VVVX^IPxAM}m)@x_<CE~SEI<E%)gO?{(V4$e%KU~}I#k&UuO{pmtDQRZ
zK-U6%p^|9#tzD?s`yu}0WDg>X+>qeiJ6FvVxxueJ8Lwcs%SZdN>e`{EEU2I-`W~$Z
zp)|i70N6iw+*ccI2ixO`CM)m^86NM>ZGN(x`Z64trzPbK4IPah^chYvVRJ!y2?~H6
zME$Gik$Uq0pB)tLjZMH7v~emvH7n|qiTG?kgAc_g1S_Z{o#2BvFoTZunH1|+7i-yj
zUW*0)c)xQ|u`qxcf8^xt4qjaaO}KM?KO*xQ54?)SKUsE?F>NJiN(+mr*TJ#0gH=20
zu58eY^ovj;<L_(gMGE!HKZQcFwgiE5Dp-QSiU-C#_pAu-Dy#y%?vJs3-{px<aQs56
zj0h2Mcs{$U5+iIpMus{pOAB=a5wfjKKRAW;I9Dn}?e;wd4(+rRIG;;8xA})C3@u;S
zfR?8CP@Lz6g#7cXo{W9iISXSvXQ7#wl2kDkr|F}ehr#eCV#rvEoHvr<kOBIe8{_$?
zrRAKiMr?6r1m60QHf!&PP;Gv(0W<)vU`9aUM?}_q%+pc9-ILMnrz!V;+3;-t>#P6A
zhW|h6jQ4-ddA9#{*4h4#vrY+UZ8>a9qDdH@(!DWIkUT$zX)%D++R;U!$*tOq2BLd6
zS|tgvwQy7H97z*FdrxkW^*4QYtk~^hj=+A9c&!^`s8uLx0OAm8;*b5$jy*;wEe3x2
z^Cw!%Ur{e-BR-8iu#d=>GeZRBG{!WM+(_gtyG;7X!@&HTv&rYj^(3HUWVGlxJGFLd
z$u*mBD%9IP^uno2SfhJ${S*O7PGpfAlI7miz$n4krs}`rH%O#A22b=;v7}N!+2BG+
z94K^Rp;-2F;;}%r&5iybVSUWC_1_`Qw1%I`sZ{uFVi+j~GyEsu@btp&?oc#PWnIFn
zPKe%-#=f348oYq{NEuiq_}5dF+qJ!<q?jvHl<Vug%*9Pb!LI20Xayn!_3O`fHDe2v
z{e|gl2&4Tgcc@sS+@R4zkg<|pSZx}O`z#G=Yo%G-jh<~wBbM@&6yr5x*fpiM_&Ejl
zKq`cZ@9gB%V2vP}8%bn!b#^4qz$|PYv|1%Z6u$@}Sml?#!!v-nxH51%Z@4;S9c&r^
zGVd+m!s`a^V1!i}4lW%!^Rl9(<yfbMU84h<&4zxJNB`^M8N*Qtl5sxjF#x1Ei%ypG
zE2&-Uv?hZKd+joYOY6k!?l<wm#ICMoj_!{~W3{>DA3Fp~ezxDfpTq0ja}9gg_5^`-
z^Qo9OC}$-&PoTi^&Vw&{8i6eM)0M69aU*YftNgsF?yZHiH{NYun!JuhXIS2Y-lgL2
z7mv`A$k!suhtioU@K~`NWPj^uK4>^8vBTW#><Cg1Z|K6chOnRNvaPhKQKK=;t~xoD
z5&ml}?!76}0sN&YjDJAgWFjU)&RC+D5liOnh0Iv%RT_b;2ddy~H-Vz6kb}JO_NGhi
zO6>S;#=&pQYxnv~U!)@U_CK<kzl#-PK5|qs-<$GzN=VRqZl9<}35Y^7A;p*iMGzw^
z`)P|dCiBqB56Bf&PQFo#e2Lr}a@ivnoWgmBr6>GZl3**XBQ`?Vag2>>x+GKMP&ls5
z&!8#qcvArnmw2?y@R;jUrLj3~Y|nFORABa~WO`9;Sd>35&&R-~fBLGk<1nSX!s57q
zLZA!U9x*C*l4Hi<sH^$=k|ZE8bjt{dqc!#jOL&Vn4Rcd?!g9r#`=MdhwANt`y9#vR
zZ%E_z1W%^hqH>7{+n;M1Y)M^nhXalhY^yK`Sz#b-3BimkNuzdAl?{6ilVu)}Ssa4x
z_Y1z<uhdI4Zq-Y_r0+g~%J6T*27x3{lM{DOWlA<&&xmkt+-nux7laEwYJ#}eQ*k;R
zL{bZngp0&gRjKrlDYz9#vtPdKIYD^1zs|14R$^6a4|{@;yZF*I!glqF^L6fFPr%3U
zjJkp1Y9$`hP<%?{^;ieg^P}fpe@nKw4tI7{+sZL#6eL^W5);s6Q1y+E)y-w!Ino*y
zA6vJfvO{kJe09Q%0i2hfjgREcYc%;vY#rpPANRfKQ_wk`IC%NGqGbn+DLc}aO^D#~
z5lL-duWwsZD?oOfZS<biohV|p>L@c=5f-59S15d$L076WIbxViRVauOhtvWNSrjh9
z47z%~ii%hwg&C2iUZca(!IvLxL~lz*l1mV7kzS-rXgMm15;(ZdnuIKO#{bjiVh*Zf
zO-B${oOR%jw16jTfhVV3FwymZKG6x01*6}61Y>a#k&)YikJo4rzDLUkbORckC>gMC
z&hm%yJa6RhATARdQX~dd$xI!8Je4c^VyPZ{I;Hv%+9;b1Rgba`+!n@%ItSgf47v8=
zY7Q-I$CJ#}lze`n4Rw*aEL9b2vP<#1-tq}!v_$-k867w4VDs_FABY1Sm0C4g6a$K;
zYA?mY%}PW}?=4aW@K#Pg5YNg`E(8FLV{^q_Cyy~h!&$j8l;4g<6vJh0Q#N<XXTz{E
zog=fdv|2uws&<X}O8)|J85*?g&S@itoy-5RdxKj!n|krf2XtvL)*0^%v)|}Q5OynJ
ze+7jFCAcV*pn9{wn*7%aD3OH>0{(PS_@W(Y9opr<u%uG$wW>@?yhTEZsWX6=f<%rH
z5z?l82y>cZ-m{9VX729)b$@Whp$h;WPlwf%%U3h(^m|To!r()KhLV|F`Q8IbV}#?g
zMfC6*B{L$RQyB8S6T3^(fqnhNN0Gk{e^JxP{)(dp;a<j(1pLNBdGit!ycVE_eec>g
z<ZpU}W$Hca^Z7;lyl(vfYG7GFcO`;?p}ODyd-Y93*c!u!^!C<Xc7H;3Cg-qT{I8P^
zMU*<*cM9am$;aD_!b6XnbN5`FW@Jpw?R?Bh4YHDFKikK1_sVivNgDtCd!oayx?dM$
zv`%Gqb8N%#w-?7+!#>tfnWwrwbNX#D!*-E6Mha^S&+9@@;7wp##sC@~T`1{QGc79a
zxp~0j6$$s5hRR5{+YoCavtW_7X@=0T4r>z(vfa=-i$yuN`TX>*ns8U8{oKl2+kQRC
zPmGFlX{3Y?<=eL2=~gDsb=!tZ<_kOAG7|#VE!a-%pANmrjoW*mIos&JVNBZsEJGPB
zu<Wn$>#@Isfp2InUx7mX|CaFo1#A``7UusCu(|*1Z=8+i{{?KFjrc7|tdX7zI=FC9
zHIZg@c&$_O%{DYoyLMk)*~C&p2)ibV1qDp=rsbv&UPth6*)L}Y4QKS7d<vZPK=8)&
z?p)uS&NSpm<LJn*rH>p3YKULd#8k^4(b>QvgHK!Tbe-7eunR|H3@sckoN0Us4nsTo
z>Dn#U&HV-9C$QoF>CxpU1pAZVUxP!If?ssi+`>Jx^Q=)v{Yih1Yq6(V3-_w5-IMO5
z|CQ8soyRT(t4_>C)Yni$Li%~AROS-51J<(RBXzNmGI4XH^7~-SzO2QK%#k4N{5sVI
z%N1lTkA-o}*BRRMV^Z^Fhx76i%n1E+(iC{};eAj4IxrkNreb@q4`dpsZQ7Y*M1Y!%
zmrc|EYpFJ9-C9g=P@&55rH%)`g(@n8;1Y5DQscj(WI-CDmF^A)Ji_E_4i%&1-(#A@
zDO;7#>i$N(Jwt?h+y3g!jm<sYM?)Mq0FkoTILMf4*NTZ58RsC1?RAOi(e%)`ls<D0
z*p7Yn1-RqE7f<eyy}OdyHeP>ijOHK<#&eVYf{)AaP&frUCUE6^{4?VB_v7ur#{2K{
z{bT+vJdBDw1Gko}`q{1-RN>JAr=dn4?}>{*Q>1U^dtNVijN7u(!-Y3@<klfl)J*S}
zL`C>dBeAl<wzFnM7L%5p70TDdni-nX00`?FdO)SXqsCsq1^XjPw_}&PUB-tijue$X
zl7O`N+;NH+Dk#(?*4i>TY~zf-(qWerjm!$nYdi+*+MJ>Ad08@+83!V>9iP8jgg|BS
z9pAW~?*2wTi`0Pigo5Zb6Wae|I#|C*zuG000LyrjZ4_3&tF#5_r>hsr1|gwWAhO#I
zF+gG{=VW07&V7&PUuP5Mq0z~)p`DiI?C$&tcb(j|YyYF;9N`>|-!4@AM<@7Mq06M7
zJdNqBNObk?Q8!y^eIh-kj~j}_pIw>m(BG)^-l4lZGAfxpR+dIwvjJ!tv=^RBj!$Jx
z-2xL$`p0FV9YR*(x>4fRY<8OYk1{4f2|&nQC=Q+`*l&<QZw9m3d)fzfvySE;aR!{$
z4YeVYapaJ^R>l&7FL|Y_SjNrk<}AZ3_=_<p3bP+=&)@_vxtnShT{1_yEu}n1aErCA
zh!RrdB3a5ZhQc<iDis=iOU{F)#V~_7j>gk^VyH&S29Y5|4n|IxiTtMuf!r3tiU6+!
zlPt4nx<hA<`3kCruXp&Oc(ERM5keFyO9VH>WK+O)PJ$rPlg>E>)FyGM@QIob1$XhX
zPL&{JAfDm})`d|jA$g{kif!4RHf&l(!M4O;JhRP4IZ<j^1T6AlV-BS755DY8jI1ao
z3>4VSoZQz4|J^o?ehJxvo%gR`9AIfz&R@ie2}QN2uFhJii~S}Om-%ND=o=#ZC!^Xh
z6+G0x63#8$*HR+4p&KNtA=H=t&7!weO+f@kq~3Jo?)i`ViWuA8Xf=}6^t4LQ43DSl
z<DA!Hv`;fMFoJobfB=8zud63NmTHVOYVPOH4p*<&%N0*YtbU_BCM+$cdSDLwVb5sR
z$Y`csD)8yOT#A3sWviK7eR2}xmsDrU6}&sAaS|S78uxKG1h<YQu@`pQqLb{e{jt(X
z<xZ{cURF7ms_z=j1~)xDtbJ7IE~{qGM!fEofNx(16_fx9q|M5=#yA^?v$0GvIog4M
z5a_wu6$t3f7331oL2rsxUSL@zLd4zqDy(*;ylYT|R7|DhogX*rc8t5UR$=FgGozWs
zM<(Kaz$V@&<V#wrmjl9JfpkC<L>#Kr_Nt(z4<CAwwM<vJalUhoEl51sK~YzjQN)Zo
z3$Y)P;t>snOEQ6}zp>XoS1^ZNy-wbRt9X55x56bb5G*+5u02()8o<YT$USV^7PF)e
zjcP068IY{Afsn}65)~<^ADfXks!JfwrsMS#EdN=7C#!|Y+~r`Ty3Tn4ISZ;@fl(es
zwb+JJOpP?`rL0>U*HTtPE;*IIC`#a&TmxHnQ@o-MMDe(;zB6b$G<>(9N(snj1<61!
zj=4dMwdEOV3_(J-0a1%-<Z>W!PfJ$Z5T84tTp1py%CN>YH28})exM)DyP{i2DiLfg
zc#E$5PQQZ!MLtNkQMmM456Mi0SwPNa{hl!&PK`?&-iir-m^EQmE)W!>@JcdB3sV*=
zFjkk!a)DzGg3RQx3hX{xG{;MX&0ZxM_c7z7n$FLuCcF+q0ejpDcz%hAd=XN3csAgb
zVf|QAcRHs{EQk=W=j@HH>xg1_&zsJHv#QWXiDF)kG2**%*QJRymDKfPyIR-st7^7X
zuF3j%a;{HiRs_-voS9xL4SG<@B>wI761t)b8z7v~%qr9xPk}pi>5H51LEB|TztUn-
zn&yO^CM|G~0nrjnQJk@@@M{{D28Ktn#giv;`7jbw1>eACxEen&oT{odC8VP3XJQVW
z#}b8Y*P^{0aUJexE8msw^DNB(@1}I~U-uYUwQIfuDO42p!OI+)2(m*f?5Gb5%qn`%
z!S^hbP$Br|nM0+LLX3g>Yv>q~Z6PA>QNi4TMd+EbfTkJ>T6j%hFCNUKN&HhcOw5)G
zUpg{o1g!|kVHX6h_4*=rp&XQ*g2R+7$GvT#FwT6Y5DH1}VnZ{*;%YbZ3u)l&=~Ex;
zk*T3H6db8>KsU6oW@L*2yZV5C&2FShGx*@xQ01j5vQimoOjlF_3*Y_9yFRRab||0i
zlB2LCP%gvrqeGi+tWTxfowI57QnBr~^%z8?@sA5#C2dm&gh&Rs#Y*W8SMWfeNm$bD
zbm4KORx|m{>Hx0Z|J<r}U@*4@H5^%Nx3w<L_}O4_%}?J-C@d?c*nk#C5Te-cPn0@4
zFM|Xpc|XTe@KA_ru&GZRGhq!`vFR7)23(a>fI=gG8|&xxI9cJzV5Vbhx;NANg(=ce
z@op5mk%$<ywu7AX^8G8=InDWrv6MBO1kpUYO_An}RinupGX&)gF;}%qKgx>saqwya
z_v^z4r}qq6gA~~VOi}gWSwp08LNjM;v;6j)aTf(*ecZ0?$MaEhzLyxmlPMfZJ%Lg^
zKzdW@*!I153Vrm=-_P^)XQ@|lDF8kafju5ffeBok^R)DQm#|N}lezGmw65mD;9DK%
z5Ow%m3o-L0=Zh)1I`Fw3Xc7;wz){kUgF$>XZQ8+nQyF>;mNhGcM=Z0tU_>*2X)9@>
zBv^o1`@=>lFDPc#O5ch?;uGEVfhUp#d{J8R94nZxcPype5!Hp1cZREBY|^yW6wF$<
zch;*GQAS~fqrT*}4yab@G#BO5au;K1`2T1SxKind=0~A%6KDxDbeuYMwK+CqWMlDX
zg*E=s!q!A|yG6ezJYFs$FY>}x`7P+rEb(lMC#TU0T~tsuPw?EuS36ioxEd}6@O~sU
z=W7ggl>{By=xv{vL%kUvy$nCh4>?=@LH0-+S^0P!d9`iv^A32mSpfOL3u*qn5BF|o
zHTmbzsImYSiWiI7WgTSe%9HQR*{Zc(o^D#PKuI3nYL7JM6#af=36}X)QLUILf@BPn
zCe%MkU1=<Y?{5*YyYs&nX}gwoKv=e(lj%RMV!=(0qhrbi62r3K)YO~fZNGDXv<<^}
zepEMKA{J7igFXQ;68+9)o*rf62B0AA($$@6IbQpQMRYfIrJ!JE?3Gxa*aqqlv_OCV
z`#gA*)q3zGaHATGT?uZTmeto%`&=#Z#oDdh5HfSg=~r4*ny--GyB9bGNTU5#VIov+
zU7#+Zr@pGbwZsuEhm(}GnGYfcD^1uIliv3cqxTc<>IlnnJ|HXxOg<n?PmG@_=bHwT
z-e_xV_u9OdQb_xdrEQ;<9n1InQIbv!R#q`rW=w@$Jz&9jLIe^+Zt#5UQ_KA>B)6fT
zZhBCv)_1|Od)Oc>nyTbj$mbt3d6skej1<2hfiHNuIRUBvF6nvxr+R1QVP{Qw6choj
zb!U>d+fe&%)e12xrk&IO)6fdta1e4h9+kYVS=!4@rxDE;vQfq%7B3S&dYG!z+4=Fq
zXUq*8LineJmdi1QmMruN(x7As(D&6fcq^T)oP5y#_xt#njItej&p`Q;4)<HnVS>1h
zQ82*p09or2zBw~FIZ5?iT-v3zcf1J*by2KC!d?*S^FlQecuyWF_<n7!|9YhOx=e92
zlsq^N?%{q8*<`Hi>ovB{XVymgPuuH4hKAZs^^Mpk#l*zQeQ->u8toY5XU0F85oioU
z3|bCk)@+R2bA=iUBl~fGy~9iAZ06Lvzpgw)6c(M*5S6G8qPGt#mH`C_7^y>m%|8fY
zzmMF-zZ#M$P13kgv`g>-+An__wwk=WwK&>;1pJCmS(3Mtg8w%G^J#tVNr!gsA@>y2
zLcourqan6Z6VyYbB+@D`LLDxRZtCMsF>GeUEpEt7*Y;~KL5E@5B982H-or*>GaSJ)
zIuLaxs`u9<D=j5Khjb{`%Rx>(&=>H0a2_+jYCJhW^SAs4x_L6YXgU|OF65<Ie3Gn{
zx4##c*wt3}GC9ZQ)u%sZ?MX7P)lDT9-pHWaRH?1VnoN7}igWH}t9*02%|Kw=9-QOB
zPXA8ku6*Zt<8<!S(t~Um{UP*$y;X^cI2{@lnL1}I)&EH&nc}9FrG%9ha3L;6c6{&l
zZTmFh7cvet{wW`aGlCyGaC&6N&aC~rBkke2S=beys@@QCav~Iqw)IDR6dqMPN)-JD
zh3nV9qmk3O0>N&dw<j%A*_hWTKcqqDDN#CLC3*DJF$*TC`}a*7=20eG>Y=$yf`dmv
zETp98uEJtd;qkx6Km3gL09M(*<kcr-N6ylns_<noCH3a3`0gSotMg3{lGayT8<AGo
z;5cg)3d*$GZSE6XCG80Vx5IP`SUP=u3fiA7>F$U)?STW*|M^Jcs@Ci2dYcj_3JE!K
z1u^uf#>24YYf}B3Z$(d~wMu?Ja8lo8atl6O_}Kn5ZSoYH9P=N!0wDQsdjh=>!xXsH
z<kkw;oU{-(15r%rWnMAz`YXEwIw&x8+7wFCbz{1yw`|JB=XGQIDI&Ukygh$*uujw>
zx4q9lE5CO*@$OlPuv`%{ZC%&lUF5{!waOOtL`SJAtx><KEl%gzp_OQ#obV(C-QN4j
zUz{ob`4KM^=P{R81C#`Cxk{hRE?Pfi$RI5bLE6WY4eU8yc<edGbLtmi5rMn}|4W5o
zXmdjpx?0@|a3El;u+f}>QxK4Xm<{CXsE&1`L`nK-248O!{$_9)jZK&6r7ip<TQyx$
zJ(j6!U<2Ijd*Q6Grx|<X{Cm?@OBp4Q)=N5JbT_24m5Z7K1(pW7SE<K_V|~&@eR@mV
z@K1Ol2D{XZo7~qN?45Aw%g0e%Uy?y1>rG@lLB_j&e}D;V2Or9GQ)!5)ul;AdCP~r<
z4(j39<oHRZLNQ{UH1Ey9h&*QSY8_8jn=9mE*GhxL>DQ$?x^0dbZK+$fj$Y>U+Jp<v
zoO|E}7f5oP46uZ}zf`S<%kf7^IO-QqRs4NFXpDLcvb*@=G9+#a)p*|;&qi!&St>43
zs7%G0$<G@!9IF$^Gn&XQoA#QVtw01Y0}Gv#abrP7C|>P34=_<0xNgP^#|m%NNT+67
z=9G(S6G`|%Q@o{W#3Q)yBT*{VBmM;AjQ}Y_$zE0RE?_gVq6uWYA^%NRs}Ea*R@BO4
z)~^$UO{DatdXwhbx$sOUndO{6?FfWnQ;$L0t)h!4I@AVgan}#ti)$hCDktsY(FpH%
z)j0Z%K?=Mzl5gN}ayOphHYf!dvUyl!e1c5xXa-*x2%MgVe}DHSvvE>d!h6fxIK70a
zwox#D3DEVse1wgqJ;K?<L?1@c1q#HmG<<=W39+QTMc{Cn6r4!39S%;VQ0&Pg5y0za
z2EX{zxH=<P%c(|CIR7C{Y7v;7AAHV&0*7k@Zfpa02S$%Sa1ZqcN)IO!(lhk2K-8)z
z8oDy!`n2Hg2AQySZL!3-u3dqQb54TQ!?z5F1kCH?B!Hg0`ke4)dn)HCf%!<nUrE&3
zei1HP+PEISA0o@B?JVzUP7!ln6mmXMLw%u7g9;x9vUbt@bL%6{4D)qs-A8_&OeTAG
zT;?W4Xqi6w!EHL@epiK#U;kU_8z+%Lce2U@8U5c_f3f1ws=%J&$J<t=t*ejOK_|@&
zF_3A$iA7*I4bRu%jTve^t!5?9-rA6QTSNhx4LcLkk~jtj?)?P!v+)b}-oFEUx#<uY
zq9CLQ10*f>bxpp}wtEeI^kh6e(3t6#S`VSRmY97c-Ly*Mj0UM?ocEIGK<jOhx8=G#
zLU&zVuazf1lQu)y^t`)VYN>G{_R}c*4p0u{BmBu{ozte9mvk&!z?p*@xx$Gu8AKV5
zmVvL~ekvYa<->$MF%eayW;SB2pBo9ruBe8M=FPimQEM1?;sP%$ODl`IBdT(Vk+@4V
z3<)<P<DI2~X{4h{TMSO$#UsjbyV7RZhF^JL1seO{r9Oy?I4GYLwoJMng=W0-2`Dm<
ziqAd6V8B^jj4D~Qgg!uG9p%{eQTq$rNDlV}gsnVDLT(8MU<Cw+**76|b@I55okOr~
zlxd0NuFRAgEfM@@v?QTdTmXd7QC?@Vh<nlQXUq_a7s;shN2^Um7MUD;hH~22ANbKZ
zp%+Bn$Q}czzo3Lsx4}aHv~UO%Jpk*3_pQBfTH}KCdo`$m7nQqUb9kXyL@IPanKHIr
zb9&Ty8SUE}QMXkpR%BvGJyCtwg!y@1zx%;{{;)Ua*c37XTt0iE8K{np(t1R<Shi?^
z(wIN4HtDr~OdOta>JNqq(!T3^AEMntNC--Vq*61?KZy)}mYZl^-Z<%r^aCb%l6DW0
zKc?ir9WBt>j-T{BR;P=tme}k-SQ*_V76NZK({;`h&zbCXlN&2i&j<?Gbu2vmyQs!I
zly0iMZ#9KIH9K~H5n%VLL@M5p#EOw&c_gJ-%{%PEvlc#O!HkH|dF8gJmm!n|IVAoo
z)n(M!vo%{HFZZR-53wHMV*v8a%bK}G&T!wmg0@>o`d5Bw)Kk$DgN_F(L3ycRH4`0d
zPGhaTpZMA>f-1D(D`UypB}s)>h#M{A{cVJ`3_Kd8p?qvdGGUC!q7@hHLV3GmZ)aGU
zND7iQWA|N4nvvOZPo&m?eYE2}BY)6UA~lU!EI-=f9LJj%Qra27-UT*Vrr>P1D$04_
z<xqUaf{vruVN`PSEmBbDo#R$4{<YK~fx2Soh^p1BzwW~MV0V+P#Bju2HquEonr1Cm
z*+~(HWnGW6CgtZ7o+Kfp^*v(FuEWln?_xAlQF-&C!;hwJXJ7K_YQbw7SIjxXU5(QV
zdynG0L}OF^el)8vU<6(aBA)IfMP{^YhY4A62a}-q<Tzr3U<a;cN=2n*_;Q3Nm-mgu
z6V4PzF)|UC*2fwh;1}NoP5^Mir&klKQ)9P3CpObp5%QHQ{1Zww(}h!Y1sq4G&^pEv
z=ywa2LSkrTrpT#fo#3>SE~Y<n!Fm>4pIVNRE-nfbw3EN;b^u3BZs8?z%YEIQKI_2p
zjoF>BAIxGVdK%GMv6UOJ5tNQOB#g92p{14<V<=?w@Zn?hvFOcUhZLurAFD)Ig@SKx
z3UR{zwD8-NJMmNu&a<-A=(PC4dU4La11hax1z>n4J;LpMK~}oTQ6*)pn_?*IJeAMs
z*KR1Gt$*fEg#iP;!n$#-B6U=@>w8!18D-HFR)Glq;Z31jTojDI5kff|-qCAt=~q3m
z)5e---B4__KU472r+i33v?1K$jAaWf%#$%oXkB|tIMFs;dJ_*be^nP51rHNG`i4n+
zIj}(Eb>9WRRTt6Z8d}b?hhecC-VXGCAbfc*<%e$h8UST+8k0!Ojk|}-aAOhcj*s<E
zSBBIv<xlg2B)RG+*a#7CI;hu<OcO}@t2Gpl^p8qQ@2T%^O;IsH(~Zyu2>W?#LMuvA
z6u72NLLS82JDv~A4>TTIT`)T@RANrQGf#ga@vc`Zh;hS0x%h2T&01v;yQlj2{aL?$
z51?S~>;R^V2=uPJSg6esR~&}2U6n>1%FX0E?!h>x#vGLq(%5sUjLnq;I!+z^{DuSS
zlj4u-GTDK_tU!>XWy8|k*Edq+O}Vu&eZ@Kq9B~1}r*QS!3{MEAw}yR`rJqx&5__iY
zz9l3a7^Q2Ip{DZY<=q?+zG3W|T|>?@(v@+~H-Ib)Q-iQBhM;Rjq!xcblR+#t4%bb0
zs-XxEkrXX|(Ft#fncB0{#w>0%mMP26UJp&0z|qc_zbaUqqy7Swq5LcE;n?UChQyu<
zkT{5)?81Mbwoo||3J8=J4EkTEOrlx_Sg@>w<uM28z_SVzC&3vhQif)#s0!Yv`$&Io
z`vWNK0T^LCv6RcPe0H!%T_gN|fB!#hd~<MQ?YnJk+nm_u#J25BjEN`im=ktv+t$Rk
zjfrjh=KIe1Rh@J1t?J!-zuix-?p^)<@nEeb6nO0IuqUdN0gkrCwK~)#=s)>7J9F9%
zSH?D5{84?Cp7E&||D6s*QuG(K9<qpkWcubQa%1aP-2nope!vP6w$rjILan%$^2oCX
z#E)v|3@+kstrb3LUQ?IFB)^0*X|CKcI4?uG<X4md(D)UPZC+osSh>X<zOGDojIwpr
zf}%T^R5BsktmAt|`7Uvmvk00><hq&n8scfZXHMxqMj;O|kxWrS%|j48%e#VOOxkrh
z6TYj7$_9p_Ikyc`{ZVx(Hm^Itam&a-mM=)(Cy)C3K__wR(YyV&(AcfWT=*Fs$77kk
ztQhbP@OG7|1ohW6?E(8;ZqGTYC~X>I2(3JXa%aJJ6@V*PrY=$y8@sLYBh5ER)wKr!
zMpx-G#cX@r`U96j408J2yz7s$R(;iBoy=8Yaw3$RSC$>?Q|h(R;rzBN3MvaGYpyp~
z0jNm}A;q-Q@t4qnS(Jp$oZK8F!{#7*L{m-xz}+4leNHx%Jxi~{M3oC}2h3Ix3J<fX
zaR(1>%qp%+O<9H;hvT~O-18Q=29*dazj@ae2iNTuzPZAQVI0ZtPK0c5MDi9!7>o1^
zau>e56~JB*y-Yt*=sE6elk^`qBJ<YVXYa_qVZGiA-1@~Gr?hl=r~5Gl?7LnOUuvfS
z^cSP$czAX5*FW~~TBx}%cjo%B;U!2PcY63T5h{51e|iyLKdGIl)!qpZJHF{8$S?3Y
z{xTvfk?}_nvk)AfU(JAnod`NlEqWX-e&jpjMkLMfEyZL5B?Y^0!QiGVq@0`hn+?KD
zg*#vHl%!0XB-<I53*O7ro6j^a-(20sM{c|m&)j_gDTIQ}PeWdoyFIcnu(iDf072dQ
zMEQT}cXqb_uHV^sIJtqf!ou}zK0crT``xx(5fiYl!uv+X#~vKrYA*SQAMsGjY9#o~
z&KcakHkzafcwaxTnNVx_QP&3fvwYP>Nm-+kg4uz-mp^8Xu+7H)w-kJIjNMWmubnVD
z7(ht*mlY!tedrMf?>KXCLJlv3N6OU%i2|@KmTzcgg@s$JH*(IQG}KBL5uzSo6x$h;
zY?d5Aws}q$7iO#wPH41dB{BhJAtdc#x6y~&$y?C4n#n0_+~&VEA`>f3*2!MMq-9?r
z+bw(JH(L?^y4$d06}*t^ADzVvwx)L`n|**Sm@$@a4gvkgPk$+qlZk0_ib>-Ly0+i3
zW`H0nc4guDY`^`vt|vVIoX-KEj#M$bqW|9E{_fjqFrG9vuvWg})alCyXih;MjdZIu
z8gs)CGAL6)cKEv%G@_DySErI!^A|B7hlC=8L>>~E3x#h~B{jG%z%XP0%FH!!DNzrt
zc&E57pfD6oc9=QaIQgiIe+#K^cI#6|tN)=EvxT=@A*YV^?|34eRgx3n>QnfveqV>$
zhI{N+2NeI(;5VW*4L`zc+y!ONa=-qXbLEK^$M~>3rW1^fq3v!Ts&1m(my@DqM_$4!
z{Q7yxkW$$K;69O0v_hXTk-35{s5+%=+%v{nj}?Ofz5|1)$u3DwmLu^`?j7R>L7HRk
z;6+q>wHI~aPIR0mvoURej~C+n<I~H0VXiG5)2}ID26g~ZIgU)uC`s`Zm+a8A8hzyI
zU>|9@>>bTE>zYt}9p_G&m|s-O-vw|u*?q7?q@%u2m_0jgV)9KDH}xP#vKG31Q#eVq
zHI8V?HwlQAU^Yx*QLXs763FR1-nq{4TX2c;=xKfemx5vy*ytd@fR;Bb4u{)4D1UO}
zrwHDqCQYK*EY>mC52a`WXV=Jpbd+w=3J9lJgoq+5_;?>b2|Os}$Q?Np>v)d0^?ng?
zS<4k!$0Z26b}bUaKSF+=VjrX%c?;6>NWv0?xum?0$Jp!HvV%#C_Pw+iS~7j$lBq9*
zHTA=BjA%;8mc+LJGWt9p#TccMgC>2!bvOISOZjwkt~II@Nu>6wmZ?SKhlakT!TKTr
z`WW0Hi#&Eb&YvgL>QU{E3^~guX@@MA#q+0PGS$3naj~Wd$A9E|@9dAL{M&E%Ze9jI
z^0K$>E7l7naEfQ=T0A#@A?e_qAGcK1Lg#dWkm#E-c_e@Wjy&;-S3?(I%d)Q4?g(e#
z->YQ($*wRoCKZjkM%+_5(dIDe^5US$=9W&XcD`@%uQlKO@%=ppw;>glY(yvQlq*ZZ
z+>VLff4i4T45<yHmBFb}LR9=cT<K@5vd{bkP8!#0|2E^qC~b6X$9-Lhr^@$C@HY@s
zX=JpboN&KPfZMNSsulRZ<fKq1>(;3v22m&i(k7cBGlUXlUlW4s4HE8LAWoIYsAP|N
zw}Cut(L0};knEgL-#Mul906K@(4bk8LV`gYD9o^5^|qY`h-Ju0AXpTS{jbK%Srj~C
z*e!V^5C7ihhH`l6@4XOKuValYibM1$YH~UC7^8NJfEaX=(%HDec<2i=T6#IV_Fx6n
z&}NdI5TRP(Zjrf*)i)>UrAx-GjLoY2^b7iPRJgrC>&z#S*(N3h^qs(x8Yyy=-;raH
z&qCPGKDgg`HqI>PC#$Ol)rP+fVfE^}1~*ypf%rr|$fqbBTifHNu=-})H#RP8zn$#7
znZ!c60a(%a&(j@!uU~HB=3jR$4JHg_CJvd0o~{lY**Da##L>&kSC(tlMJ5ksgPeIw
zSlZDKo)+dHyzGvI>8=W2)DRyXAB=QhK764<wQ9H7j*Z2IAi`(JXG@MK67NF3mqBF2
zDoT69`&=56JosVRN*<ylshLSnz>TNnG>hkaB~c+F8q8ob9^vyrki3Tq%CLnYi-s}^
zeb%YpruwpmbZFp9j6k4eN@^=TRj`U|LXYLnpFxtqgsKGI=eNxZA5<gFch_>k7Nv<K
zB+QJ2ZFF_m?cj@yySNhE1(fe-ZgBg~Kx@m|l~@Z(F?Qn26|DHylnPLBZ2vR~%5lB<
z0(AC6cZ^D(Q(uaMPpq9%Trw9!U0f<^509A*4Gbxd$U7bUOg}fk<LTjm-y52-6K4GP
z*m32O=J9`*4Vmkdk|d^wXDmh_HURPS_hJ~g&>)Huw{D8}U(Rk!I6kLN?no4uZlika
z2f217oqztNgPo6n+n`7y5VN{zVQd&v0#r3Ek-?$C7DCT`BH>x}+*bT9ukfSE6L~Eg
z9mAfZ@m^U{Q9?5uhp;;rUoobAOkTmF<jLhBnIq&0EXr<rXyjl15tr~L6A~IF;(+7U
zmb)@7dAgw`*HeSfnan-;gZ1wBJ_y-4Cy_Aibc<5zE%gV+i0UXTuiuNTLS9(}9ssHd
zu^+@4$K_c+Zh;3%{>>Yr8Ob!VDu1KlubBpR9KxV2wbZsuwe1__&Vqc@tHhT7@!siB
zgb5aJY2o$8T}nC$L4WyB!z7S?JwX+wnx|FUi?_(YpT2qjHNf$w2;O*b8i8<8sJI!L
zGnA;P9_Y9YPAdJiOyKQ=+iVB>H$W~9!i~dFx<!ydPc4<%q!WuEU-lo-^5*);%j5|m
z4xxf|>2#lyJU^{hw!Dj6IC;OqU819sNoN#&OI>W0bi1b!FCCDV4j+5gi`UhZfc_d?
z=EJ<zZ`97i!UPM_S{*ofutLYKfm4@(_PL7wV7h09h>!8r7wN?IeLF}D<p57~i+#gQ
zfSosXl8K1>$fZ~ytGhB%_2HDe<EOxy?cJPFyDC3x^Y>@#P9?=c66)1oSsHU9Ly}DU
zn%HyQ3n79X+DO{7gPl*C5$jEF_3|NOCTCJ)um~O1MW0fAYfs6{FAP>?*lLq;RM!nJ
z3|mB_#(gZFr(R<piQO1#0RTH@SeyskhxHyC&c@ZvX|Kr;b4wP&2)`leR8a3_=_u*G
zJI7o*Ps&`n#&0Dslay4|GWsG7ODbF8hbe+_af1CtwHZ@0XB#(8)4zBz@B-AAPI#X0
zHdhb4O;PR*(TdjCHe!FflZKAa+YH}}kJ$}9F%Ir%g9WL*E63tp`vV5cT4bJFILzgP
zB0!hmjqtCD>O;yZ&_AZMF|O+%Wc2z#PXp)<z)IT!F^(fNt95pSWtkT>rPVuFpT~XE
zWU(!Z8fYpqDOkL9XeTf9bTL+ngQ~X=IhZfg4i<IZv6WjpLvvMB4pm^aj(8E)j#7sw
zL(!=3Rv;<|JBj3sc_o0MxDcYQW%%gSXw`dpMDr75vN-;=v+K$tZ`3BHa~4R$z;5@6
zpOJXH$ax<S!aggez^5I;CAJdw?}kwyh=31d>U<n|Ah9wY1S>ZuC-A$nFrZL-!~Tm-
zCGqneBalp}RD{6M{K+P#n>T#6P2RS;z^%CvyC(%t+Lk(=f`)F?r24^rM)R2OA{7_u
z^Q_>U(Uv5dJA+4X>v{5*L>CD(`rdH%!InGVAm@CA$wJKMi&C}o-LsQ7odN8*$J)6F
z8y!OlLkuAlRp)$)KZLM%8gSxn{(fg|Rc*hi^g3|*Jka}L|FN5ixhX$=qqblosQvCO
zL5Qq6Xq3G0GVa;O)`_`~eFFP1O)FqZYW^)E4RQhhc{mOkrUQppOz?`}47F@>Z^gg(
zh@5Jy*$!H@wZ|5f!+v=l-VsJ)d0cZyPv2#z#mEo?5B%_^$5vSC7C=kEeMJ~y>%mL^
zR8xA^wyesh0LgUzYiItp5Stqeip%Sxm|epo%8-=JS9@n!Tck$zFZF%5a%WOUY*rpe
zwFiauUDZl>Nha7+A6Kq(jY2qgZh-|_%VDEUMa7Xq{-BWSeC0rS8Lt8vf%rUfWrrSl
zR%M(M`T}vpM5hSrUw|c(HRE~eo9X>I$)FKZ{|u!7(t`0Aadp+tq~tMWF;d8Uqg5-F
zg$dfl3b=Jn->6$pVXus6hhM8>&o=`*H|DM$K82c4F_Z0$jGT?sGkrnsNz}jznvtd`
z{PP}x0pIlCj}_LlzHjZBQIeZ6JpL)ox@vimt#gV#SjokCSO6OrxswfQDFcuio4KMs
zK_@!)&@G)ue%~c?g&(KN)+wQZRsBEELUm_A<}RLFosytPJARNI(paMYhEuk`QCZs&
zPiZR>s6_^hir*`cT#u3B8f8JIunc8fb+3hqr35J-aU!e4El_X$21OT^u$(6>@Brx!
z+##H5>Qy5xKm<rql6UP-aAsY{k7&wk{7qz!@yOg;(G*X;jP!J&^&hoRc&gp7g#yj<
zUoyevOo-dQ*MwA4sikXG@J7}NdQlW^3kKHOm6=G2a3Tl}SgOM1noM~UG)g(Gc54O{
zgOrfUw}4U-R=cpz?1B+P=Wch0Ajz=g61ipgX(LPfmH=kadDUuuWs>K{@l_G*2${ls
z1clDuJFwry8LLJ32-Fb&wE?*yamlJ>(v1s3KJSqPhCRT59O8DI_v66TaC9v5`vPA4
z*nG3!#&?lRxg*$lmLNkz7tyB*F0=FB^=uu;=#;VkQmtS7fp&zJl!6|~{q-k*;^Xrq
z9!jC*d<>9VLB7H2R5HVhis?tO6@y~QHe7nwm-8@Zr2<;>o}+kTLLf($yUaOVC5R+b
zzlFOYVBKioH!4g}nOpx2t;<Gvz)WR$r{8q-ahto@V*2eQbS#(_HXuJ~0OrBRkkG;B
z-rToQM38zAOz2lli<X`NKj6DzG#!3}#GVHOb0uIwk*j)>err>YKACHao-ygRd28Ho
zYaE*#&91b&C;If5%+nXlkTX6_G?_V)c-Aw5*S7?P33B!h+`gPzXo>;SF#nsVM~Is8
z(iLf_ZwB$nj#4>=H05WRwHB=-EnQr&kVC)UvD0l>P1+$~l3^!gIoumvooQBCp7z^)
z7(0Msj1BamoW0$e!4G{B?hgq&qIH^_9#yZwaK%eW#R7`?GGYm8sB~JMm;b0}2oah9
zD{-3qG$*KyTlSB7$8?7~(U8(=UFAm6u7Uh28joCYp~~=(V2pO<WWh{6sWFIoboK=h
z90x@GsG)X)o1$0<rB?6CzG~2Cyt>Qw2or#&;igVG)od{k%1(je7nMqhCd746n)=x&
z+tUQwG<A39e4~Pwk>Q;Uty%*nG&pB`8yHa)P-UK~pUw_U9V(@7|G~#u{B-hF3&T~_
z#TAwVnis|_?JE3KS5oOms*3}-MOmf)Zy&{aqy#LEI3)E9MV!i)ar|d+OfPr{1R+57
zFcoV4;zJGe80N#2JhGLt45pk;tN=MVciM-ODxB`4t~QT0QqGJoEk`i7k@QRU4^LEP
zSR*=)sKRT=D+>wq*}H*V47-<l;dv@L7@U6MUPMRyu#ib_#c00F=R5L)sU9h*cJ>*|
z*WZ_rqxTkMm|m5^^8n$xTzxVbgF!%h)?|U7xk<~5%V$tSbI`bLwh<97g7?X<-3hjb
zhMwldLv1RU=xkZbc|IYAH*10()6}uShA@+2b&SQ@qtJ$8aj&CsGofhMphtoImG;_9
z2q#Rpz5DU^l1y*D8FQ6Ls?<96(yk-?LkXWhYpRHGX~lA4iCGcO)Vzd3`<8$|yZ1R|
zSv6}&-^Y7D=pj7GryHGks9#+f%PLYsd|JUmcvC`k#Z@D-?ELY0DXTAyO+<d_-1ZpI
zsKEPxMdL~{P9e;vUQ%egh)T>m<}PK4Su$(zO#s_R)E*9ke%5!C0dYzzG@)~$#jHdq
zZRpPvgBYyHOu!`)zl+vlC&U0~S#Yv5l4#Vd_gu1znlO}cj*+0wsm{#x<f&i_Ou$&B
z9WiS(!FwvQO=E<t#ERAxo>d2OWl)A&M(ay&MEOX*s80Kj9<btUSR@#ha<C<oU$u<V
zTy4V!mXpI|y<u~xigHZ6s{vQYWIe3vE}s9SigmsAmLjz@VKl!g{}mud1avOpw5d>)
z@=XA9p+!j#%6jV@$E8tkwz;~xi^zP5P5zPW6uC;Naby13Wt#J_&o9VHk5U5HP~UJu
zvJD1pnWe|&$%(IL5<3z$k#)qm@>F~dbG7JP_?R#M*wTB*^z2pl(s~Fwtl@&bim_Tk
z*(m;V&Ew5#tzxWPa|sYruvz@ag9lK>o;}2W`dUrwwflnfp2?sQ85w?f;@6Q<&LE*F
zH$G6s0@3B2X7rOGmu?_jq)@=M&xhbUo(u5ylc>kBvgIn}&RRSP#=)A_L>2Q-PP~HP
zs~S8vP4?^_(aWaQx36+WZ>k?9X<l9Y9IvTS_@}I-V`5Bj#SZ|4$qt$`4UEyR99waU
z1RV*06%S&$dTam)G^kA>y&7boQ%;ahdK;A)4UFu=Ot>mm>`w(^y!8rpH@q2JA0CZv
z%3;%~5+{1=M-9H!s$Eg?V?+vJDR!Sx_t9q*?}gTB)&gNTSShyRhD<y9*)Xchkl)|y
z8{JcShBYq;IYIzEQUVZVKZlK1U00PhV;d`K(O0+)gbgWE$OWAI4nMk}hs$$ZpwG`U
zSb5_!I0HxOe$C~luhgb$Si|glmK8NRA)fC|mJulqM}K3^e@hZ%-0E!U)S39~#3RDM
z;os6evv=b1V1JRwO%kdsVb%u=aZ>7taWs~LYH1VJRkjB3L%-!Ru+OSscqGnyz^aNx
zxw-1A9oFOWuMj5We9O&%)j1n@_AT11zLBr2s`3eQk(|sqwmAQgAgZ|4lJ;fj^T<cx
z5BXzn*)%?LU`JnU<c@Dp<q%(Pl!7}J7~!G|_*N>kE22)iv#04(tSLW3G;hdzRmO<S
zTvOQtoze%$8T&c*rerkTZ<ryxXl%>Ey*eqQydTP{F}aKgdECZIhu;oM%00i^xxi(_
z`TlN7ky5B&ZRO3!hs6mKiWk7ahha6jw1BW~qhP;?G&B!6?4-HDq=n2G)YCZwBp-G$
zSmdl_GP0DiroILLEms2x?^wGjm!2MyFxHdvS9b=WM}7w~l$F3Umj3)znlD-2PYf*l
z8Z*zqQ~&Yn5b5$*47B#aLTvT(rYAs$_rfn4NgOl}-VUj7*4&1r1?Kmjo#UD<(aUNJ
z05RntSS+1(6wD;HKQtlvaMwB@523B+aBEkW)>*d`ovS^0_t(f}C)d{2?G2&MVyJ7p
zCg26|u6wF$Fao>X>Q059Krw2aktJv{(3kFw*uc&UaL8{?+0r|OXUA@S<gY9Wj*iLV
z;+kZ?nHbyx{2{0>h!lP9z-(oByLF8&ciN#L3#acWx5##Vti=11<Fq$$TJc<DI`2?1
z74ld=QP(wm8AZE{-xP$0gp1_O2|?!iRl@*YXF=0)`+n2a@k22O-WY@bE{!@i&8hU#
z716YoRzlB^g=&`37y7**vo&)1MWjU4Pj4g36f$^wpw4-Ao9sboXU<;Mm65_3vNZ`s
z(BY^zh|oH_1eL$Q@K1Fi>(YbKmt)9#$gH0HfD`<LOaiS*|KH7ClrIZIj{j&V*_hcl
zfy~+>K=4F%01q2Myh(;#WH6!@N+{dmP3EPy#akA40xC3MwQIy}C-#2tJ*f1j^efd$
zeDc`H8D}?BQhB(+xKy_^3M`()kJe1BF7Nu9WUl0OU+3@oo#{^*ZM{8(V=g<vY7hbR
z$mpkUiSO@khs_#KZZcRyZE?DK6M71wl1B@RW_tZL0PXKXR2iN>Qsp4dy7Nl(l?->t
zp^2GeZff|3@=3LV5BmoMCP#*;`3LVk+Q+&vye;_>cBAXpN?hmN2qirBP<5Y9qRMYS
z^pc%Wg9mqb1X4Cw7duCB5xqmv(;XZC?v^#BZzQdG;1)jw@*{cUi!C~C)BV{8+!Xt`
zBzV=p1C*mj$V#KzC5n#dq<1N+%tVQFLQ{(E_U9kheC}r^hgFG!=UsdBvO}y_b`Hx=
z(+37j_OKyL_Tn=wT=O+?xdJvL+h<-GqsX>cJl_6r`^2TrzpZvsu0qFZZgW$vRwjFX
z$tBPO;4YB8-8l@seY_m&J6bw<zZXCD=H^~n1B|NhwBsZblVQ3KSkY@}bqVWDzOzcZ
z&u{O*0-4W>tz5s;zS(z){w{~`EsXCg36-*nV|cA#JCWSb)lWm#uE&L3h%CVm9!xmc
zwQsDHM3QvZYu}k{ivfmOL6rXWwHzVK{Ahc#N0Hf9WxD$<4Z~)74O7jZ(@{NI@AI=g
z0$}4s<olrZJ5p!RLq08vfOH-abh{`G$L!qG<C|lbg;3^jl)xGrg_bJEh|8ULw;x0Y
zQjzvdLjHVhEU(Y7;`DssIDetF>ekFpm*rXY76{1)j&92Gkt*6|TH*3K6{10_G!AWT
z5XAGHe?$}92fvLxh&by=q$zfx9PY)q0qz*ep_v%AW0<7({;qn!;d<LqeYt{0T6Hwn
z0wYYej}7hMZ_wjzN3c^7HVuAd1Dpx)-%C@16YMJZ(dn`!zE8QbC)w_pFd)Vu(xx;v
zX{YV5;IK%Wp<D3uQzp8qnDHUN6DC(9Qz7CW>0n-1KzwmM?!U2{qx{t;)j@~Y2MFP&
z6l+r8C?~kJrWY>6slD#}{^lrrq5h&mrg%IHZ`qA#C{Pwkgy>NH1C1uf4VJpD6dMEw
zw_Za&8x#ri(!GdTV2Y`GL@hMOz=k5{J0A}`3Nb`(kMMVD$Yfr!utEC+zmmI>QQ;!m
zP64uwj2{zQmuz##{NM=!tugPQr~tD+$?ifq$g$$0ZB8dDJ1UFlm_h}WqDQfTyab#A
z%-#6P(iVHSp3~WFY_Uo~j{}`ETp2f34zNfqIAlJ)_qzj?c^ne?(S0dk*lnIZt~^~j
z@x<yPekZSeQ$Lv|4LehrB!W%6kfQjt%m@rVoNg!fcbe002X+qb&!0^`)&Qr^>FLks
zFf|5S5d@mbtC{yVFo|_49H*?t1Fs!C__0#*J2F{l3JC0BD^%LTqaw;O8{Nr{iSbTb
zXAe<2@t9Ag_D07|i{D5@Ky8id{t-EtWqooq<1n|OKU0<&6y&GTJSZ1on34AQ219FB
zihF|d97AsVZR$}4n18D{05F#@3UBz~H>T|KV6kFwc#QAFJx}9-56YjIKWek!=Pw;A
zU9g$`_(R%7mH&aOwCxHrjR_J5%7J_TJl7i7Acs3jK%^C;O&k6jI3W!^3>W*yvFx9`
zAL=Xbmmy{P^euiF<@VvVD$pz4v;WaK=Tkfa0)~j92ij%E0$F<m;9hTxUUM=8Dz>W4
zXs|;s52vLGp;{!`<}@#^LR29zhweUzI-4C%hKgOJCC#S8;SjcKk`{NnAvyb;g6Px;
zL2Eh`T`>RE82gestc&T)EyTs|*R)IOE82^O%QvL$0Hqvk{%i&8!@V-;^vvcb(51ML
z_zX%oAgs=BsLetFpqm^66IByH@Xm{8)xSZ}=YDGEVuL1vG~LuuR4!t7XQM!^dRFjc
z#4W^T<@=LkK_KiPZ-=xTml0y)LPvlK{W`d1N)d!6FHFLgIKjTwh}Uo$)-(ByASKiq
zCr?@4BEt!e*aJF|IV-UFXnq?lPGRmQ#hi_cu(5ji)neQMSOs2IRO@(i`_~{DlCq~E
z=3x19ME_+usN-PRnLl>Pas5Z>a3|yJH;D%BG)&U*=%L5|`}{|2c@0&y#Rc~H?<G|`
z%I2L4r6lu-+gwMI1}JMy<nKkgFaJs%%v3~XjzO9NnC%tHPGH;5QPjXax60*4!Sv~{
zsm!vI>Hv(Z*UQKW8ZbseoQP}Id)-alh=jl;Wajd?=CXd9WxA!&p-`IU^j}wU8|Q)~
z+IPDW^Uk?Tnf>m}5hXk)=XVH+hFH~+b@p{ZCI4t0(9zJ+l#HVG1LJGrD9IdqOP1L%
zyo8@i(405?JvB>v90jNBGOVd*2oY8lk0fVc0hvEyBWPe?2fjub3=omV(cf_d+<%Oo
zYYC_mltK9aK1KUcU?RH@l7z5~x0S3uH(I^zhsb__2q9I?o+E?%9-ed0JW&jhb8Gdd
z8soV{Hqu|@s?}l>G<KhrB{BrA<>vxEkF^`glRJu=&snK73&c6Tn<`f5W~t|nfX%lw
z4M2Bl;|W&|8<3kAQ!i+=_Gf~0W^{#fdnSkD2@5D$%5WQ$<)Ep3(2VR|LeAtmNR9!_
zkYf-dXon7-^~f-b`n#K_;65lcAw`9$XC6sFNjgYj00I)0KIW-Bs#eY)>Sy7peMayr
zmue2)j;2$X6ZZ=#=wYx1c=|`OSWtCsYJiDvkfVG!FI`pLlR)yW1Qr;_BUOVAJnGFH
zcC{7>_Pqk-3LGA9x09|&UXmdbj09|YV3rXsM(dP9NpP)wn7R*60NS+ztj4}CX?g7^
zWF;}&Va)B?0Y_9%7MK*otF<eE9Tx9A=6Zo!(&!K_LbAe`O};F~)S34p`cI)gUw|Cw
z4#QxdjS$~S`uXSMN9QfzV$1&X?&5u8Ob{eaU}sp;6PKiJgG&10;R<gg1Qao}rK;@L
zJEVb_Bmy)BMBVBg09TWz0q`b+{+w#UU&=wozK4A6mb{x8bOM<uCyY%iBYZNsE74^m
zVJ6RAhgk(~kIwvz5ND=kO)7l12XK9+2(YeP1i`Q~ZfFseafcofp401NL|kE?sPbh=
zU)b-I`6h#g5t8dr*;o*4Ykm%YU*XSSt-VkTwpPe^>)8$NFS10gdvxFCEkL1jVJ1#n
zJVhlS7wjo9c)j`K8A*imo*b$zTlD?$IFP2!a874c%?stl3T(nSX2TfK4RB74M`ZFO
zYV*Ckzzy2pG@qd<X<`{#w3;|86f2r9(!H*n-u}SQFr$m~%S}Rai%CZ)xH#vmT6p_A
zVcN}IZ<LoPAv_L`t)JaPJK-I7-Ku68W>N7HRT-p9vu2Da4QmT8DCHI@#SS+FPn8hq
z*=>s_3(-0u@{2NdC?Mu%Isif0esAJn;Yt4?^m3y4(eYjgYeHaR^o6MlVBv$kL_KUU
z8VVhYh4rt}VK8E7j8)!@gLexV>JhW~Hr>X@aC_Fi;^JHXz(Vt0q34Mz(X;t3ai@L;
zkrg>W($@lQTnnngOlP(&ZATyafxgYk96-18dZwS@9VAfrl5_~rfljrk*Wmu`narUj
zsP&-u1}%)})tB^-&;k0R#Mrr*{IQ2HK@?ol<(zuu2Ng3o5;_%*D*o-1e-ctte|bff
z&*{O0LdcT<$>2%pl0p}NjO;)M^Hc`LmIyp;P8Mbu_auOzVQJc??;ENrAI1|h>uI9g
z-UHF}UKT1dP?6ORE1;-&-Nbt9+3AMq>6uAD0Ndk#=g$A6&i~OafA!OOfZ93EpxnTT
z9CA<|;B}5QCF>W9LIqAh0FFuYr@f1ry^Ax+zZT*DzV?OnuYWk(zoGxgo&WF9e@smN
zSLl}jI`99B`mY_?{|seg`#1C-lk)!y^<Qh0{}svwWXbmh<*u*ER|Er2l~57>Bi>Mf
zWBrE%@^$*J72AKU*tme`rKIrsBwu&rYVShA!VEMi<pcX7iTusM2ey@BL2$vbd;yj-
zfU&XyjmnwPSpSERTZNSqj+GNgSS}34#tN({B>|R{5dcXmB!Tedh`{zzKA=H4BIJL9
z@c)Cwi2DD-`0uxS%EkT@#{eX$kOKSqg4$|y;Ge2*pj^Pu7Chiv)i9K*ingk<9B{OH
z6^@yNgZaM>U|o$RC^L|-wh}mAivz~V2K>@n{Bz1~P(XuY<6&}i{pn)nWMyIL0>{F}
z4Ya9agp$%$6_M7d&#uD+1x_`i0RPrQ0|gtfzpinBANBrVob3Mv!u|!K1FWgW0HRjm
zgK`4>8VJ9hvl>K!(N%cBrv^+YMR^%D85tmYV;yj+5k9^JzJ8<86%6caEc5j%KsoCj
zTX4QsT>k~f^#vyiJZmEW%9Oza%lZg`%<W^S99;kWMPK{tzxNVHJwiu2^nY%4qHh40
z&~F8V7@!Ao3}^%62Lw<#{@rK);}gK`0Zzcz<`oe5Z+m<9j7)bcEmh6-hiFo-OPxlz
zD9V!XRh`PkTAfB6$qeN<4>Sz3tV0yEcp)??4K$J<8lhhPDUvXB*KUszSCKWD^E)@s
ztt17TIq|9c%ACWy*GZ4++uioR(CLkjco&DhUk|Lvnsl)mtqPip?U|nNF@T<Fe$2pf
zRx)$F_IQT$xZZ<8!KW%~(O>2O8i<r$DAhCC!*Td}i(ZRvo9do~;~>JwM*A+!YZGM6
z>gHrd9}7uaJslBuORd?C1v<^jRO|%K%l%>g;=lb@(<vT5w*^%K@=bR00!`zQLL{Ln
zs3z03er4G>SUSzu27SH)0D!57PcA`W6vj1^j^?44v#?v&h^^EbI>%qLS$ltIUR7ew
zu_1Yi2?a?69GRb#!elK|Y+7`Kyb2`M8kXAb;Wym@yU>wXUFXGKhr@OI{&X5e)w41h
zvRh`A+I%r2SSX=ki2e9M@Ye#@l#VIOQuN>S!kb~ZOi;HK=qdTbngOtiCa~M$^b{T8
z=ly&^$hCo55>IFf{Z73x%hDAjZm4wO8~wB<$hFDt$;*-zqz~veuogStcR(CtwG^*l
z1bQgX!dChTM1-dM>H2?|prgvmQE;Nqg)N0u_PdxsZ7VLL<L$s~3qhb%qx(Z7r%2a?
z^>G(H%^B^W(z(U=6#%-WA6NKRG|!~kf3#QgbY`gTdDo?SCdaFG%?h}Hz8}&lRP$%j
zdnDdkZ<m{@W)vaFXYwsD-w!r?pG!0J+UHoXF_in2etqzp^;P?!7U=<rH*|YR)PVSa
z*MVu0pP9|>;Ie)*dx86u=O^1#w&t+cDE3X}vmtNi_R)@euQK3R>u8zR>*Q>=zOsJJ
zB0GJTnaX66$$4o!D*g3+9U#)zP>W&|y!mI`o6cr@t{0J+8m^Cs?7MShvP>TOZr%G4
zgLYeX2va~O)+keBOYO2!nkE^6U$sL{>Y2U{fyHlV6#*#}3lD26RQjAjHX~AOl^W35
z5`VU+5m1c~uQ<T{2#gD!vF3P?vH9#!tN|FW<+4O3kGlFg+)+J;vR5#5%Iq1i@bzFC
z&AnId`Cufn(ZVW4!Ux;kYAufX`eP%YI6>u-0xsE0`pIO}lKD6SWWy-_2`(;rwr!Zr
z+vzAAJxacJ$dO35S3H&MCZI?THr`Jx4vR2?TdJGSZ6EOWwjY=ifn0GAprIcaZ6S;;
zK3|yuHzF8^Qa6o9q!Y}qF{NqYWw8sCWk`^%Y5`FLuWxN~2I+*uzU`E}UF{en_YXpz
zoyFW<wIx{^wFSwjSIT;h@68t-CS1JztLv~;Nwv6>-uh-`N+(3cX5AQ?p<F`bL#$Fy
z(8)lYJ^&z8#-?%6J$A&FY3C4aB867Gf#g8A&~$5ZZO~HmXUj2MM_<9wC)Vt!wyi0s
zt0{_idunYOU3Z*CU9H3u(S<BY4C*|hyNEFoS|H6O?EI6VM(om!>Ryn+orRH#mC%Si
z-KnA)iSn>4%u-lBI>EGbf9j4TDB850^k^+vGXi*BR$++BFSIn$;Htsv3Mn+K&-LdS
z6|dJ|5C>yFToa!rTK&Aj#}L_!xST%i{jGH|oLFedNCy63`yEwf4oLQ!P_7GFps0(u
z#n<r4(BJQu<cg_%lTm-fu&|v6mJ~#UZK_DXrVtH(0}kcznA(0$7&3h!B*TlI5=?|k
z10<j^qJ%9?<yg^DAR~C)!;-Jihl|bGjC1fXB3P$#ih34lZW<U6X*}A<bXxYswW2?_
z@I5v*zNsC88H`Ma1@h1o&{F6p!Lj=HlZ@OlJknf2<9EN5fM4(-LsWxUqD4iE2&93(
zlN=WND^|nJ(l+s(hZ`V2O?FRsHjKU7&I6V}R%aY8n`1-ZnUISzj!+xK(o7j%ZNqXc
zaVjm1i}V`->|ns`DJSX?(HXsxDw5`tAHl2X?0VunVPw2zm{b;hnqB^G4x|~Kx8)S}
z{^1w?y~Z+yk5aH>4%oMIG(bk;>@0gW+PC0cV~nc=Iz6?9KAM&cs{>B`6C8JUHvqh+
z_}{-#l+X4X+n1{|-%<vJrU&>>O<0IUsqF7MuDHd1%$3Cc$Vl1ZIk>i_#kAX=kJ}gg
z#V#@`)aUNxefe}r0P7r8=C44Yo5Gtq#i!jB&HC*}?U;G50^01~=Ec)wd;Q}#xHp*2
zXpbE?$4AMq1^)vuJoU)o;?aPL<OIM5BhXHLZaT4b#Ey}k`*~pE?uspdis+9GC>cl^
zLBoX);4-DJj>AuYu@9nw<qVH4-(UTfpeUwhoBI}&D~EB_g+S5v6Uih$*mCfEVGB{e
zf^UvV%-y%S;VyHf0cTW}CdQ;tc}|jTOWBFgg3oghGJFL$VtlUwMjImx%n=Y=nlxOL
zkp345kqYqi_x5xG)r;zHZEyLX>G^?|CF=BNB;W2RiuVKPZ#i5IE(FgZ!sXx_><|t-
z9C<WxUmbz++;8Ctf0z<0=cX-r<ValQTU!zRLh4x<@yZ))IrL=@y1BS_5y@`++qgx$
z`a*)tB|}`GDXHe9<pZZ`k17Gpbwn{Wx8@>+sq6WQObdFs#;glp#?PXi(v{R`DHH=I
zXhKUVWB59%72885z+X==pTed0_9M9}&FpfaDisa`epMWW&~S17v+kv8lTLE2$e-Ed
z6umBto2(RD-;(URbq%;{%>r|UCHr_j$C7@jtUhAgFj!|OR$^I43hMyMe1!UNT4G=1
zbSW8piJAH})kZ4DSFK-fm$pN^>X}h5d->LFxs%DM7PL<YFqJ@q4YHEeViS^Kj^wKh
z_||oz0T)yR5tfP!iV(_g-NRa!`o{YC(g7|FbwTV{2PfCz1Raq=wMDBEcIrO*O|B0>
ze9^~AiYB5H6tW$2+g3mU)cmbi`YALcmv}{4lXQ4P=yQJP0+_V<X3QB2@e?#QW<i|d
zJf!vu1G{HT1V2VIVWlpFwEI<i$j_H4xR=Szk}h~gf9Jfa>7tanr`13gj#Nldo{<7t
z4hC{aYN0mL2^^ybCYbK^+dh*97($<R-%|?g?Q?xWs6Oex@F0NV=EsIP=Ga+7I@-<*
zS;fGK2w`&>_*0@Hd(hnxANbiHxq~@h>M?9WBJw0UbxtWK7relb4-|cpB@V(rPEF<J
zHR`d-2?W_$sR&P`@h|uy%kOOWc@J5~p@bTX#Q9gV)N8EhoVvr6&vho}K6p?)vcvF0
z)T$r;3=$JqC;I@HU6ErV3@jx4S}D%R5@YpTk>)6gtRpmyJ^&jl>T$TX?Fv`_vaU99
zOt(IH3h!Zy^{i$!{d88*HnL@7N?Vp{1&9E9yfTRfL*nReeEyFaKLOMgHx-!dyyk*=
ztBMg`LA-tC^htNYqcg_xYV5mv$3@lFH0Q<WyxYPz*cX5zwIGLe`O_i&9@L)(wcF_?
z=lA^h9Sf+AE@!fn+b+5-tW<CPXgh!kUH!<Y$qq}46g8=?(>NRn7+e&YZY>VxEtUwd
zjJ+5m<tZm`c-cN@Vpvzi)#`VIKi4+KeBWF-f{ZBEhce#$%b8vj=pMLfcq@7*67db*
z<pF*=0w=&kwms#u8{eh(S#(uKH74v$O`Y9;(UDdt35`h|bDkD5;^D5&U1*4cYJl)G
ziYTDJ@zo(Dmh_rMu1N9L&VF}4<Z=g5wuI9x7cI<RERi}!HyF+R)F|E^1VpJ9T3vi_
zPNHK&2zDV=pT6GnKw2L5c_(o=rWq&69NQXBm=r*)hK1R1xYPU~RbnmgpErs>DY11M
zkq^guBTPh1%~&;bFFNuHH8RoT*@$`-MKYzf2o8B=*bxB?;ioeQNE>XSW^6}d>A-uH
zo%*|@=(xiQ{nL3sB~=IP=$n~U7mBB{k<tcrsq_W6wIk?Von7aobkclUnv9Kl6{n&N
zhBZKL70jsMRJY7?a&gEV21&(orKe#$zh|U$)&a%edAU{aN(b<B|1XEXXt;%exb@{3
zr;_&iW^m{<T*c&!wMPWKFkW&Z*ip@LlYlW}Vf*S9q~Y=VT4B#IH&}TMd|R4oY*du6
zlS)H7*J}9U&0iLo$C7ENI!IR&#`4G?FXsTJ7J5J&>N%FRb5@1aYivkpN!#caHp0&j
z2W+W5aOn_QiE=0>=I!AS`h;W!ot7KPZ^2MRF2RhyekNkBPweW(BGRS{`YeqHOt5XE
zvf)CijOD$|oKB}dA}G|(bEWCtd$Z{<<fgF)(~>~4YCDM}=upUxNlnlmNSCq6vbO^A
z%*}AC)(+y|C<&uC9K*w{!OU<cKDKhXJi^5A^8ztO!w5Pd7}-@>ZaUCReWk4muV}o_
z@!6R)3pK$hn&L*!U?#*unwYCMjeOX_RJ(rknVAwhEWD6d=@l752~tJ^74}aNazLiP
z7mb_tUbE6#f7?+V#t#Pm#dml~`iTu7<R>@)(q1*33T&_}E0v?D!|CLexdjrko4lTH
z{l!#L=Tb&*PtC4qIssK&Ti*Kk39rrP3T1!zE%pOGdXU_n^H1n{#T2V0pCx75tROXw
zM?9Y~z(gX&h8xtx4wnz#!dBbdvq>W{AA?aiDlFi+Z1zkAzmaZyP~dwAm6Qx%!7O<U
zzCTt>$G|Z|A-&l0iUuAOEjG(ViGV^{3RSu`!hEMU-dt`>9@-^ODgk9CWBS*xzhrvu
z%3<fzd=w1g!5mPXQ74bM3gqQ(DHHU5bgjO8qUidde|n$MrQSWSH;V}=BL0dP`#K5B
z1-HOmozgNaB)er99G+(4;eERU!2aGq<eUwAb>aDueL`b%fikbDi<ee4J@=9E5}#Ay
zTLgx`Y-q>*97pY|7c-0d9r`(9c&aXP&$Gf%mU`k1;Tj5`$}9!g8ZR@!#9kj3(7Id9
zQ}~UY<&k?=0KI?Xu5SHec!GLCPOA08*Ks6}|91hrr3pd0*0`4gCl>=3z%Es-i9Iw1
z;#-Bu=0VDgq8d`#cqs|I03(Ot(wveI+1S(C@{oLE98NOD5R}Hdb4rAnK4<^LbeRyR
zLi>0gD5*1gI^5@-!?Qv95dHK%D0&W`d;|%pjx=O*Kjz9fb|b-~1pM?V@{-U)A>-*W
z=e92`7c?W@UQVHAt59hIfM#!J-d!9aXUW4GtXQ<Y9+}vXd-sy2zm>k(e6_o-+5g`D
zlOB2|B^i-1HSA4HpNw<7cxGvyI~mn+8Vhv=TBhFf?f4q}6RVLYLB4|7eqWBm>Z!5d
zt#l?NYKI(W4y+Uj>lR6G>VD0M-CWQCQWD>kvDlSHmwm~~J!-rSP-rP<8Gga7at!J1
z2hee70VrjlFAI_Pyf?<ae9T}<Wnkn`T@l*P0GlRl{^FH{GibAs?huXxTxwQp{wyO%
zbH3Twe#dUj<yppnptsR>>`~|5ds_%+s)fGucXj~BxT;P$ywD7qB(6Nwf;&=b2W5_3
zMD^%t_P`aY2E$$fRAE$)LpX}4sAy>krBQK%fzgVj|A8j+g^ER#!1v|%NV~Y;({)9i
zW~$f;z;dtfzlZ0<T(Z-?!*j#bq?gxMr-(>_6V~>w%_Dg2kBB&l?rsyEG;jpH?tSvB
zP&$|J6y38pLMmM;i{)EcJwRh?>>*(Si?MWvR>(Kt9vCG8xK{!1=cwhHSG?#Ok?ZAB
z+mcnv#@F+_dxqs(#MTO2h}DZ}mKObs|MvBErj;`gE_K^EsH|cxxpx5M`&i`?oowqe
zTJ9xGzi0Std`?g>3WUjg>E)#ZV0l^)e$MxXU35Tc^nFhe(A(-ZC&M9X_F_u}D+p0D
zbpmDTWadN$Broi*WoU3OL2iYk3{n*pjPCKQye0fdB*32DBYPg1Cp5T5B?)>UKziGr
z0k#1H1F8;gu%;oaULWnp#MiyELIq|ZM*SKa|8(Y%59Q4SDomT&SN*hOZVq(LQPyX$
z%Z+ndk6SD9&f`Tss@7!_LH^0(&t0yM|5`48kj2&u;D2Ixlo5Rua?a##lQV*)g990|
zYF@4(hYqlRCvjIMGB+^#j^hvQXkM7!N<`VH{K|s(Ua}RyXzRd}<bD(eVo)?6@-?<k
z^5PYoq?~Q#{r*7cVko?*yzTxiNzFB>91WU!RE}_RjCS_#rTYAcf6)z*P<AEa28~!}
z!XS+*;G%4hDOkCw9gL1`bp($v7?<1HG?ISZNYvU`4j(Syng2-1Yn$K+`e^Lv_fLci
zea&V9$wFl@fpOZm>TYw|rZNYkbV}<VwG%6^O38Q3==!_eje9M`w;5|nYSZ8r2!#3v
zKqq>&Z`^3aMLK1*9(o-Q(<Se~nMVn89`7K0fJkuadU`SY3Z=hV6KJKwp;S#Y#%ZK$
zu%98@OqLY&M3daW1;OgJvn5wkJbrQl2EJ<I`m~z*!g7ilW*}b|av|Y}2Go6s?zx~Z
zQla3KlY6LRUuu#F@3{12(pY~zrceeQV-BH?tf&YanK?1I|4vv+O-X}kH@xlHuRymi
zak3%;Q8gl`*<PU^glF|s+<7^YUeKI3g!B(|xLvh4q)9A&$5IbBRO+cF>T9|9s?Cav
zmDrD)<Ld0zEwPT*UdZH_`@qP%0bu5mVkSm#6MP!E?CzMJLugP;w8?7DZU6Nri{snR
zTxjQ@a!vv%gh_|`5sR$J3a+(ieLJ*Wz;dUAKLZc!jas5e8pQynoH2%Gk-DsWizP*2
zIFP&@$oTM>u($}%r&D$jP~6ZrwP~vRLCD=AZ|2KC5+HFF+QG1n*or&Ajh`9-k8$yr
zc0fH$d?}W;C6&!LN-cLH1FsIRj&_W+u$bxhVeD#SYJ@8%&G-A+S^DNW0eoY8fJH9?
zTWT4fdAC3*5IK{E8<}ua9e+NAz}LSw2h5t6O_c&Y>>Kl-928z2{m^8-*)(uT3)w=b
z{iQA)&lV6ZQ)+Lg%sC8_nu<G%z>Y1y%W_(3`wpuuS5zKEY`5zjK3Pz&Z;-<J7PL!~
zu*gO=BrQN%^^Ra__Rb6Ud14U*@K}Zm6ca-#pD2CdvQm@x-zYP3bjjHID5>m*eOm0#
zRIpKY3&3ahW}cbwHaRut6`P++_L*dWvwL*`Uq{f6S-o_Fw^m4l>SjiirFs7;UYMO`
zfRb`Qh3d91N6iJCg!0IJh(BK>(Y?$hBKy^=JYF2(GQfM5rvq2`(R=L<kU1qyBpMz}
zZ!|h`53D#OpI&*eX-AS~25z?9k=Y?5uF>Q$QM2ROl)sLyfo>RLhOlv^&9>0)*>k?j
zv#Qz)=@hj}_wkpNRu}HD=P+sZS7PTW$?WE-5NT{Dn@p&62(T*JLv48Di1mz6RoM%i
z5dxM)W8HW<Ho+nMT7KUHUXLZe8b~x>4W!iz-bllB*TvM?_aN%**%mXY4ae)JIca;s
zbZfKs*3A%Fw{M3Fm`*6rD(a3ATI}HOfuZhKd}iVb{*=kt+NE`VWJ;>~?mcdQ%rTXd
z8-r8r@O8Pa4szY@DA~ld<Gwp0YpSOK1hBjEP?ZlC4jLxSrcFBlQ5KZ7m#Z*Kzklwf
zj2uqeRs`8T<(kzD-x=plz?f^NLL+PcX6WAib{v3}XmP(;o1iy)ZOk6-J=C?oPG-Ek
z47Qe8(_n0?6Zl>@#7Eq_9J5Y5<%ARBgD~)ZETYTQA}i?Jc7tW|r^{krKz95m9mLl}
zdGRG7ML+td;7TAq;EkrQ8Gwr<7+B;>F69M$?JlRpXqkBh1ADN$Ci3(xuX`ND_3yh{
zF}^s-od$IXC*oc3+O;?QTNQXc^b6WZ7+`TGe|7?uN~k9q+$r{x*2}gH4)2&&SzINL
znn7Bxt;{4Ggdyv>>$k!WoV!jKLZ)7y<rj%wybH2fI6|H-fWDpxXAj7vF)JRV14_1S
zmU~#;cR9CE;4sGCuyDgG@ehcI9fY__<_K`Y>z4D}m4|M!I1r+PqSa03Z*<ogDN|0r
z8<6U>vqd=ZCyl{cXJBFDSQ=rYCR{n>C$3#*M1syfhCZ)CX>DGrmEcz%o@BKj=|jH*
za-P>?R$r<D0OfbjHC2Ao1$z$uq6%V(C3BYZ$2X8j#xMMY(-Vxtnr7mIA?`si?I~1x
zp)Flh)pp)2JkE#;t%!s_>r>3lDSzoTC(pzU&s+=;FE26^zmEpAx36@u@wNWaQPl6F
z%Yr{ef{~Sji>W|!#l5u~+dl@K248K`5woQ>Km=Gu0;W<AZQY@gL+m<dU`Zu27K0eT
zjxhZUF7<BqdkwnU_IieQST_gpYY82Z(JzOI{j+<1QcRsxbLjm%X%Q6b%7A$JZt*KO
zb3N1|-I@<t;3Myy3d9if>OPiuix80)-Ee<_O!m-cM~`^1rqNt+M&k-gE4G&O!f4&U
zB$hDL4gkzaY&0#>Sxk;uad5DOYQ_rwaD@z6tSanvRbjgb99&dtOUldB*ofrgG54k8
zR~~y=g5hWHwKrdMy389YFs~Lls2Z>$4s8TY_to?GYcW+y>@S>u+iegrd!b@RsPuUV
zAAxqxfR{$2gfPw<X&;+x$6fV%92U&Gp)6+J4RGLgn3#BX&z=c}m?NTrZyrupo7yMi
ztnHeu_<q0;y6YnvJR^LAvLNA!jTG232;$X(HuQ1CM)3NH1?w+rwzpL)__AgC$pv*4
zICRFz9+?gzI#iW29dxLc-lUcXU-+pbYDK<(15=5}eB=?hfY^9uuQlu%vWkzf339-A
z3do9TX7hc?ZfL}n*yO<iM!By$@6r;#3D?i_Qg-*8_H1v7<~4M=IbOtbj+EfnSDP-p
zfynwAiINk!Ko8A|iXgW`l3NE50CiA(Rx8=AymwHzkzYpnRzn%xgz>sd+4-B$CMD}3
zc&^vuR9mKCC3^gC7poB8z_a|ei~klJ0^G@^O(U<%po!|XnJn3U{nB=-e_%o6QeK@B
zZ(O4#(xG>4LtU%Ca8$qDU~LN%nd=FMLA<bY`yvHd!FtWvN7ACX@L4qgS;tQ!{N_Nv
zlVX_8U3YA!Oam=?CD>YV!y+3jEDt1UWn&&H_WsUVSF!9wSImA3$JpUi-lb2n2lP06
z(D+ME*5&j}J}QoABmDl%Tsz~Fn)>rz>|TwCa+Ol*I~=gZZ^2gUz{o|;v{$2dT)m%9
zk7ggBVCb{<j>EtGdG~RJe_=2(BnlC?9WPa@T9~$UJN1y{<@fOxf7&K5sZpWJAl5!@
z9R1s|-~&C_{dezpt@=9O@q%(21Ax7^*mo-airFq*3Zq)z!fVl9I${;5Fh=7&exdPx
z$-XXre4#$S*>qMZRlcy9|9=Ym>Zqu?w{0mYmF|%4m|zBml<p3ZMnW2-q=#-080k*w
zk`4h0Nu^7=yG5E0fA9Of-=ojF*0=wdHFKXku6^(OoORahy|2Bj#D<RF!MTO@q@m+#
zqgd$X!t%&_?_taHMWiR1hIKL6p24NjPyfu*?z+CafZSRPwLzITyvj39M*YiG+@X+<
z&XlK=TT{I&#vD?>HcAzIh*dLZC6{;)e3((b-?DU(eA>M(?6=aZBI;bqK)W6TOPxAB
z(inL9V(~zvNkjub0hc?nN4%NfShy+ckh7DMc=hq21A$UrUydl2Odmn&f)FR@@rp1f
z(*%4mh{eG6o%>sGA*z;(<VK<oQL(zwBOdMVa~^mq4O>j7NOrDpWuY0tNGdu4w6R9)
z<W4_^Ca_P^r{{IqQ6D<LcRH-Hgq_c=(J^AiABBWfPxa~f^!pDALFWd%z633p!T?)O
z(DV(DK~Ztz3YwsAr$+cyF=8c1I$6slju14?`Tj@*vP{quYSf6W{E#|3IYnMANo+dn
zI7M0C==gqoe{_6-=OWF9@Vl0y@uL2LC13+L`H>LG^r21^)611X9tA`KC?g1v^<gjN
zW^aP4^8>50(?<oy(0ddw)fOP)>#D$iPs$=N*4U6B2=LkqWEcp6cPoWxS;I|yL5@U-
zSX*1fhx}(E`yW%EFvQaq9ykOF0{wIH^A);=#?<6z`oY#InQ?#tDi2sHO3p^xUycs{
zg+?BmVkkK(kD4Z_hxAVNcfeV(6e=OTtFsg^R47ZhIV?rnfa6&Cq|N)&Gw#FmWKr|M
ze$QRQdmS#4!L;gu`ZoK+0ACQL6ecS2q_A3(t<w<{{_{Kd@-4E@4dBi@0ClhD{`gvf
zmK&Ob6^Yv0`-qGT`kv$^`DyuK$F?f2ND7D$gSg>hO5s#z-2~`;_2jyj^Y{nU{tD#r
zMQ;Fh%4`#w3Ah+S4OuE2N~L2`pcUyt4Ux3N#EA}dou~XPN)G8@1kpMAU+-X+`18tk
zBG<LTZ;KAP?iZ;DC1F0q%hn`~Jw6ecoujtVsslNR@+PlQw0dkEqH&yMF&v+|{@D7w
zJ)oKTGQ=&|BPfVlyP?<PggKL|E*)llYctRVb3$xlZoq9IemP8PcH?wb`0Glq)Df&W
zI|Mu8R#>$Ue|fp9jj?d|`=1neu^9G8r-+upv-gUUKRjQ5F_d#tls|6MA6uQ5pz2h(
zK8|HYy)H5IQA_Q)`nL~6>tc;+1s}-Fl%jG2$K7_k<rKVMMCD1T){R^22<<raC*iB^
z76QjT!gCc0t3LSZNa0J9si|S1x_2fS4}?(hCcSYO_T@c;?h(vl2w2!(p_`LA1*L!A
zfLAMrNIwgCcd~Ff6-q?^j7*WI7}#`QKGy6htw!G}WkC9Kr0_O(Gjc(|W2tri(Aeb7
zs?UhvNCGgor<62z#ikLJKpLTd_*``uJr6nGoBmo*v+Xs;1n#lPpYd_}=Jl1Y^R4je
zw<ts4LNXi}2lxA6R1hd6htx)z278#Lg>&VajDqk92+5-GEAuGW*J>e_jztWCJ=SiG
zxagy!HG_eHSU;y8^VCsb;7VD&(=g?cF>104LGi{P42&sSb6~h--^1&-*biD{kMb1V
z%Jr9<&>lg#h%{_}H8$$(SbU{6Qbs&i@mbP|p|SgeorXnpWGt!}vG+mGw;iWK6!^p&
zNcUlAS*Vn*b{cix)+F{;aCpa0ycqdKgINJx4v(d9Xt!sDIfVEKNe)TSH-K_lyrxpj
z#L+fIfvw|lSG=ge`G_07K^SwVoN;Ooay6Zlf5>)PSyl&<w8@(^E`?F-4sCsm7Rw~e
z&j9Retf?*cym~r!08_Tykt%s72ApV5Js(kd^O*iaTBZS;$9CJ|9^CD1XIM8UK3;{@
zeB*uK<u7?IC8AZV^dV*oqVwf;^bMf*N0b&pK`2MuQdmPqfJ)NfSx#N)q?^{6uC#*5
zmbnwoVeLTI+PMVdO(~(CYDb&K<D;i-A38S>oRt{w?_AiDeEYa7+DWApec(}&aU6yR
zQ_Xc_1@PBkv+$o~BqH;zw{kg8Ep!4N>GYm^s`UF&X<$%nU-h4)q-eO8@)wH7Smqz2
zQU)@M#W?&j3~7xG&TkM4ol-P&{+75!1BjnY8f0ci6JkRVPODg&q&~9H3rnD%Dzm<w
zs)*7K*L!9C_&vIbAQnU7w?nv~t6GcaOUb9jMkS*I2vD^X7~E~Zb@wBImKaRT?H7Lr
zd?Dh2<sZU(D=60$^tL*Zylb+bXl=(>!9>bkOiW6rlwWIF7V|kv_RB_9OFe9J)J|^M
z>WmI))K2v?z|CryAEk)SnZl+&$$TE^VB=PwO=!XUvYiDFsw$(K6*72aOz2>T#T9|z
z2Kb)krD0Vsj?KAag&kLIT6352m9%`h@ZIu8ZJWIFl9}ePXp1z{lER*P;eG_33D_&e
zPoU-F5gm2AmO`Xpnbv+F>5~^dOFvLbf|Le_$tpA))Xk3M`Xsj==t7<{UAFlfBPqOY
zPWDRT!F*CBD;!b30~&{ml{`k~6Mob+sBDI_@xcgXGNUi`?3iOf?EJeC^rg_tpjeEj
z?f5h-JUBTf5UF^AT)y;m(djf_*UbEkJ_7UvAio|C>eht+7RjAcWsZvv#S&PjEz7Xc
zPp>6oZW<jFM{vVMg-D4_(vDqV+3vheSgSu{u*EyKw#ebHO{0O2Kl8VUUB}LvO?~#>
z`h^RbK#u8;h?9qdJ+xS?`ai9`orvQcQgbIg5zVwuuh(8w_M22DRa(05=_7S-nvDu>
zb2u6Nq2yC8e)&U5EIgW_GMV_y5ZeB{f9NSg^&6wj<SM#17Z?l6R-=TnDcGeD=BdI%
zqS_E|Z?@w(KDW(lIQSj^>t8`oIk6Ndo1WZe{2LM(_EjRwiNbIphvN0wp9ozjZtuh5
zx?*(Ndro?C<wzw3C1vG)dglGvmhw^SIYQmGby^o=&lN__W6mG<b*%!{FDJ|M(pe#D
zgq>F~`)ZvUufuFn{wh_m+$KTyaHASBWWL4>?gbsFiYbpQy!}ap<#$`-AKtQzN;OR=
zCX7?0<F^xyo$1%VsLHpca8wt2@bCSnd4EpRxDWD}Cwyf#&HEbal>D>I0P@Xrm%%19
z=t4Y9C}7jy2&8Q&Z204?<#196gE)bVoggM<yUNR<>ET$i>O36wEk=^b7C|2=)hWgW
zLrwLt;+bL|Nw}k{l8;s}pUh6uR@gKV#W`i7FQr%#Q#XxED_Y<?%`6(~9|VL;DsUm$
zl&n*c7#xdX1OYu2udDI%(npzGLIymen);nDd_S}7q;KJ5iyyg_aW<33<6wLZ_ji*<
zc=GQMc1s=w=h5Yig|u*GNlL$TcbDLgI>kAl`JA5d<q14?8dFa~H}m*TiNmoW^z+P!
zw_1S5Pby?LbL7dEY=^dtGO+X6lsv)6Hc7$gh4>bU&*@ae=Yr)iB=P0p<Qq1`^;)mh
zQ{~BmfgH$}WAmSQ9*n{@xT8S_XLM<wk)L6{Z_R%$j$N{S*jMysJ0#{BV-u^^PxZ@J
zIl96giM1xUjKyG2c-^s+qQPzuQy<RSnM;WJSU|ekiePu&%nz_CTWYCH2?r}1OF1E2
z{hiEY@bq2zkqbUaPnn1A2tTqQ;?mBEG3QCD{KEI^rc|YL<_X8i;l3f}S-h$N6rBgg
zTmiW7Xnguix%50ek6=|$v&*{W1?~IY>BYS&C2}vgg{L-IY1%v{?UK2UB+l}a_rvju
z6j3D(X}Bv_r1}^(Tleh=M!5mu^tZuGXh)=Uuq15aFRxoeamLW%&O~y7QBl53x9{)5
zX)g%J03^Cb(l<o_^@@Ao*!-qsCj%fLEU)ZrMAx`jw<_HSk$ngu8x1RF#+%3tD-8E?
z={khFzovQLTf8{TTwy<)v&yCahORt1K()f);ryJ8Zh1i+I{p^I#-K8%Hys;~Mn)Kk
z$82p1<RzrvOvlu%Z`gXX>WiMl4h}RjduS%-U~eG&9?9ziE^8|@?1n-7*)e1dDI>0E
zUe92~`5$zH7fDt|JVul!8Q(#kc6&uv>T#FAJDo|Wa*q|}BHoBs992@+kj;n7T`AT}
z@hnB_tX@P3enqSEm}(*be6|M$I6s;@odF#5uU|#0#|b^1a0y&zA0uQ<o^dB5TY*^X
z=kDWO``O;_E|weKe!XSyu$E&Cs;VB`p>-vCWp&1e=<QQ^^G>pxB8J8reUei9i~Mps
zoFqDuEBX0$G0O_4U8=<D_61%B=KDZ|3lgm$v1nVZCq~+h2jpRKw+ktwMjZmzsz#^p
z9u`H7|BXw=*n#9T=Z*iS4^wzn=oCiQ^K#QAhB@NTQAN~5<3-kYsD?SBAC%r6OL^#5
z=$4>_EfiX+V=hRyr6AK+WY`OM2CDe)!>!GGAtK~ozx+a#s~cm;afPG^>p1RqpQhIP
z;NysH=VOg?T2^6l+Z#I@UCBrvd!xAW2zST_U4@Ap8`8a&?hHdJntYyA5qKQPoZ1nB
z0Gd6COuiz3el2+Zt?Tf$I<6N+90?$2*SglmY<<nlEF7hCKi|#*U&jl02`k|#g}1`@
z&(zOQ^?#LCnTIrOnXoO0ja?Y79ud;zQQo0)Bhy0taAc0j<M7(aiH*bo-S|HrJvt*$
zSpHSj$Ve@vMWOu#K#Feua7ZF+OiLeSGAkMl<Hv*Lr!a@f5{^x~tLf!B>}y>|uxFRq
zWp^QN6(sy*r(eO{F_xibu!;w_3jQh4b4E^(#1c(oi09YadmEwS-7#xs8+6to1I!|w
zuDvl_n<wZ!JeA7!H)rokcC~3bUfsviEFRR*^x&!)<2&uPe3xUEu0V?usl7#2tgj_^
z3^9Cs-&uC}K>W5vjgtvPLEOVrkUAN2b{BKh4XI$AuaVUE4yyVaeY;Dq?%)>^Ls3s|
z0oNn9bBEd^rVBTy^eNMY>o1D}kLEYsmZc76G)J!m__TFq5exUTwa*#trQRT0L?vok
zao?kE`n8A*4T&qFuMHdS7nN~yTFxA6UQTU2vQkn0{?^nZnqkZ-YoYMxWcmJ?_tyn7
zJBrt>x3vIf+h>-pJdgJ#0%34NstpQ5>XTc%?{B{EoZDsFwllOiX>N8VtjamZdK<Z<
zM-~U&^TzsniGwPY%&xev%3Tfjc%3j_z8AH4Vs>lI1D>LSuyc%J5_i~$WR$(zc<$kz
zt{7pkdA#T-UsZXpSl>kwV`r(&OL<7m&fnjB6s5QHxfW6)%f-5D<}?N8MLmd0sFC~i
z@%*EKqIK_VYz=!A6J=0!^nf?#CZ~{(ux{F746Cw4X^JNU!<a<T0<H!TJwLhI5yf`?
zTfkLF3Ad)IH1a!{FFW*R5$yT{_5C?kImPO(ImG8;-$$BxJ)osrcqCo@A^b;E3IPd$
zi-Tzr`aI?LqnSmn>Gce7Gl<c*HGwkSiUau9t=e(QTZY4(i56y#Lw|u}+A`wSU`iGW
zM?-n-JgRDq4x6~%X1Sj)cs<bwKFX9A#mDnT7+<tA38uwb30dJAJ|6J%we%3Ojpb_c
zFteY_C3bM}(CP#oEE!bxXu&<G$VNLKkyoJEgE}MesVC%#KAsl9BTb_Ub7U~!3M0lE
zX9_<aw@hBI{apIgu9d&km=KH|R!~1I9wceuhT-Xb0lhswA$qRM*><Dyr2hJ>cUJ7(
zrCl`^SY!}|c=|c~k$KG4DaK739c{CCI1YDK2p`sy$0v8#H#Ob|&*fIt0B4$C1b>SB
z+?^6Y?ath4r97)$g5P22oW1aVMy9(varkO2Ek$Q&prchLW`yeFInSY_&F;Z4H{->R
zX8zdlVXv9dx#;Qh`Q=o`iyeKbLrxoXZ@VGcsi(`BcYZ5{^x08Jp+rI$5_n<89agYj
z`=yCPU-`>h$_$a1%*6Q20LMWYY&}g)9i5kK!DwE|m2jg$W;nk}O}l~1Jt8k~1%WGF
z9Hxd=nE4Zmi`ufJxQzcUyY(mOj&UYO3(R)*3u6Mctu=RGsAL-l&eL;8XuaD-pUB;>
z<@rPs|E8BU;gZ}NFIa!oQ)d!!mE7#_X}P4gjXM=*DqJ^A9Nod}(a{qpB1BwZPPK=6
zzc|CrwL}<e5OC*6P0_EiD8i%}j%eE~DC;y+67`{v;GU^2bu843MEQw%iED(Wv{0B3
zC#;Enc`biH;C*_+T*L73BcuWUbfU;E`j1?7U;O*(%Y2&VPJhPVuIx`WZnf70=5<vL
zbyTJHo^86{^|X#{RxI!xh`g=u@qK)E`xwc&!-9*3M-a|Z$hj9IA^P0PTF8OMS=pE2
zX>{A|Wrotwrs*c-QDDhaoDOZ<YjvVwRORNdN8AeUTqIpt3Vlqh=gI?xwn^066pQ*T
z<t&woBIy+Nm#Hg<jm<pY)bUjiXYa-Bt?Wy_BEJiZ=P>8tW(R?8NWcO)%H7nxCRN!B
zx&gGOI&a}c=<}k|EBs<9bi4Kad&P4^Rg7<mfZ^jzH332{S4Zm^W3k!!D>)6-`}Pf6
zr5;O4GT(Y-z7a|D*v6yBS4z9slXsE$(1nT846ac+82dy&2EUz<eL7J++Jgnuev#{d
zH-7u^#n~5w==zR6#>V_h#$JVBQ^szyAjyKDZnSQAA!*;Ifl;|*c?aI0mrLa=oUG!G
zV2w1xG~F~q(-h7Djy{IIZ{G&`HBm_Q;@@NX?k;ml^GWFfQ4V&(6^47c4x>euf~Tdg
zqw2K!%%>0l-98FdG?5bOLL(m97#JW{;01<+*2^mW3>^l)#~aDw_Z)*d#wdc~k(<EY
z&kJVownLxHT-8lH&ugt~gHbDHGqcTgQ~5fnpu9_3IH6jz3;bfa%g#9gP5yD@_xp>j
z(c|ywU4DakdY-&BzO}nQTPk8m2(`kL$(c6Ha-F+89@kR|c<(GtAlK@vi0SnQ;0twr
zY%y~iH564LF&>P&{RJF&`jiUg<-+WD<~zGyc>D(v!W{fMkY;RJlaPRAGwI^>W?Y&=
z+>p(u58*Y%;ni_FpsIqc3;nzmmZ-ba?IY}DS`rk=$CBp2ZS2i(PEx@`Xn`-%6;uVF
z9Qj;$efY9To>Q9Q$E+1jj?#F-FzIY{`8UkQ%2Tp6@;18H`U(~@Vz^ig%i)$0eB^L4
zc={NF#%bQ*8;8QO&qcKjjWSx{Rx>*_CvNX+@5*1dB#EZxkH)l2w?ry@@Wo$Ge(JvO
zuBcX%%(&P{eR^0#UuI@&Zs{D$SISV1S6lVs+_?ZM%~Qvtwf7=@Hbf9<Ps^I-ULZth
zex<s)S_O2>Uz=0eQkkXw<d6#YS)PfL5PZM6Jk`DOGAn~kCe5}FxcXsk+hnut@_>sp
zKvf)D_U2RLuYv|Qi7WI7lluI?Ts~;LgH?WMX@R!h52y1b#;&{l6}FGuEA>Mu^sg?q
z<MQS8!63!NQ{rFFF2v;pucjrV7vsNV5A#`SD>>Vl6U!MP2)A8?zBYXeo5<L=wSwDm
z+pxq8sBjkd#dJTM<1Uw~+C01KWZf*dGB%39H+?nKxH6gM!D?wXj`yTA)GjP6R5nV?
zZ!Z;<;`BV_%@1LVfW^k7nllMSB%$xk>%lg!JO!rQOT2f_FC)NmpRnucp^TiIj8&j~
zdV`#B!HgUUj+WD#=BdQV48vJAJRvyWRQ0b5veV}xx31Oo_OIQt`1plkNcq*Q3>ej;
zIivV*r8hff4e$fO*7IVkopdV<s<KrxqA~%#H0!kZQ>JcR`B`acsFoU`JgVXNss?__
zn>+Nf)wpMjvngk0Sv+iDvV7}j@rlHV16|Te17-rMwO5?H2M?zdS_xQ5d+xybpH1*4
zXwo!#uqaX6Sduv+iMJ2NToQwydF1Xtxou+ra$W_L_i>OjKZ(Ti09T6lEjy4;cHn%m
z(kYQAi3dbvSyf~8%l3O+5>V!CUr~GE@{WY9TTbLN2Ia@E&?}~|r-!yq?HfZTEN3Do
zgcU<>8OcD3riii8I7D&Wxh$NqKL!!@QPxyi$m0oJmhA!jsC#3OuT7NJ=A|_)9s;o=
zg6&J7;dHq!6D_A=uV_DzU2a_;z3{@NkiSB(S+JR}jj&2{J-mM-s@6y8;W(6^ant<v
z)naaZ5h9+x(qDQr?L{7Sa7R2J)Ly1;@j^5VMq3|fjB8EQ>|Zy1MycXXY}U6aYt^H)
zxo!6Okpnd{ef{+Q?b9TUz4AQGLl$Yu1PU^$1hQ6n)%(Xe&n~4AuWkhX@7A4^8+sJz
z!?v&X8<mG`M0mF<2$S0v$WQ=6r<5E)(!vG@@q+)@Sfk~xq5g&#?$`3YFtRoe2a)5>
zYBhl;Fv~wXtKO00PvIYGR9i<=$f7%giu@SaxDOoz(^y(%PKW4i8MZL8PK}PVL&d;W
zvYl&Bk^GOwicKfMQ${2LA)#B7XZH@D=R6l%+pe42JQ*X$gJNYE#NoI2YKYf42quom
z$f!#O$m|tV^z1`ur+yb+IhpCQJ;KMySTdeMeTAvRu6$at$?_rw?Z9Ex%)$fHF&Ly4
zX1a5Ov(ppIg+;;Z(^79J_F779a0kM=!^^CcQW`y|^6NGygDjo$6TiVN|1C2oKa>{8
z#V^bVVB!KnUbWKD!i7bt2y-$J_;?hbPA;XT+wTtvo^(crDj&(GC4WeZ<7eii1DTka
zYn&BlO;{6mm+F&H@cJ1OgG2{en3Bkb0s#@pD(0A{Z<r$8GmlM#jm$v<Nv{TNdNPx{
zPytR!^+}C`g66`Xd@)Uf0c==w^k#C&>~W-hzqqowKI+Nm!w*JZTXGA;2}Md}N1-$z
zm7wdzx3UZHsK6>6hm%BqpbJs&30zDYIs7<q)oBrtXnBv;KrbWV{gHh<LcQ^w%1Llq
zWNH76;>|Oj)U)bX7TAyT;jRE=+wu~-(lO1_&0JOVwZ(?I)&mZ$x)mvJ6Dj>VAVI}f
zem&FS5WIA{1^7-<hOLw7aDvZQi5+ciD>k4pqMG-tSHO=QO#EGaM1lud5SO7%rwfVr
z<=a5M2>R8~a0iKfmrfFfrKj{uL~i?2zshl0E3h~3MyO7rQvkV`0+z;8wpQ(efqpHV
z(Mg;#KG~vnVVZj5e#0A=)6c(OGMKt=oxFczk1?23zyj}Qn>31wY?${%xpO`~`S#7J
zn2M7LTpp{rtuQ<1pCg#gX4J950Oz3Ce7C(=n_p|@;-#;QO%pSR@|gYoO71JpzJitw
zZ9Q$uvf-&Mg{S6D>W#%{dUEW*9*X!0{;}Y}xw)Tcle4{gNCpH;HI;G>BqE2TOl|0w
zgnJ__`Oo1$OhN(5STp&PB<vQcZW#Glnzq$`P`q04os6Y(WiAuONaSa8OPU7dZfn1I
zSNKh2`@guex$_OqbkD<xHo&gqs6W>vzto1jKk#F>->oDS74T~4Bw|1&nYu@tO^`sP
zCY|drBZ(|MQ2W3e4_$ps_T;QlHjgcCt8y+nK`0EqL>-F9Q5b`E_-&!dRbEe#&>+ky
z{8L0NxrpSbOzp2cP;$CTt61I=SADy;4n5hZ;TqGOf0Qa*wCL6BAcvC=Jx;5Z6l8pz
ze9V0%BKid(`^$TRwGf?Wp3vplmI6W(gI86U1LQkayX-EIWS5((9%mD}XPw5f28Vq%
z`vzlhROO%~rgs>Em?`R=Yp3v;A+obzF+GNXY~i2gPEL)*roLXkn&!Xqyb<bHHU3_&
z`{`ZY#3|;GbukLNmu2Uu!gj%)haR)Qh30N;Yv#H&ZxP!m#hB&0Rl>`Orv6|yr&B4-
zc{E+8fe$CkXNsxmh?0?#wdQ(8FFlGK**tqL_?c{xtX2O;y}8Zzwlw<@`w9DRcD+SP
zAN8<P??xmtW74nt<@)6#i{n6g!SZIBjqy7Du{Fq=a9SL+cS$y6O!fg<;riGOv%=bP
zGa55r3rxRMf1(7tBL(3)y)CE3*<=ae&%G;;Lw|J?-*mpAU#n@Z^B$t?9h*(_lF?p1
z3Vt;7<XEr8d|&}9MG_5;Kgdz~>AksuB>7=lU<y+#%eRvTTZ&7a^b!6>UP)H@>r0z*
z?kpAmSMItF?Q?;!jM%Ur=k^@H(e};k2&#RH>$g@~I(d+_Vam5&iZ>f)QbUt1trwKS
zKOD>TH?k~zwfp=&($hN5SW<ql7(`$sxWV~_^y^Zf<GZB=Sf)`XiU!CcZoYm6P2XAL
z>gm(%BqmkJtzvP`s^{C@jCCDKE(*t1yS_k8qHCw=xTV0J%PlkwLkLpO1P$-hQo8ts
z?Yv?vSMee9vXDEwINO61b9no3P4?HsHx-|#=^1=%T4*Wr!bwP<&ul4vL_!{Zu?Kfw
zuB}>UuZ)Xih&<#oFu)(KI<Zs!wGl1<L9O;p!#fmlwVO(tky%dkwx+RXqn+s3&ShS3
zxp%0f3bkuAiY%0_VK@y_wtdzLSHhgEb=G06Yv_e{Z0sWV4Ik;tzY<7&Dam?N@%3|}
zK`Iq4MN4SN<#j_vGsz`xSRzSm3)LLl1w{|;gBn^dpQtSZydCe2Vq{Br;vx}bQ<I;-
zra`S)sDdiNVLGJb(8R|fBF*6E+=e#4x2g2FS9H~CybY-|KrlvYf}R==#<lSYhupt1
zQh`B^j(N4E`~qdCae91q=x}j#ICQtj=%v*uR)h<zxP9G8-P~v<4|jQEq~{zykA5MZ
zFebpY65s~6`_z**6(<woUMpr;2G-5@$SvM(7S2yl&J%@NI697DY2IEj;(gbx-ECvB
zP0Maq@s0QZWi6`a*Gf0CTvsM_6#7N4wKlwwd8LtUFSE_J$zdi7!Pj5rzxL`p80(L|
zIS1`eZQc1m#(c_XN?vB_H;uvHS9e6PY%TTzr_2REySZ*AgIffJoE}@#>xs7#ZJUKg
zh6v2<BO*Q?pQKxH%Vo0Crq{RsJQg>)Cf+th3dWAh<nI#oFL8VJh0jFSk~981bD>ox
zuPfCb7I-A#@dJI%C)k+z*|bJZrFLe?6~NBJiYCGR`|XMyY(e|=O1B>zSvn(UQukf6
zPy6E1X$00Hyx=4&uM1a_6&;%rMRX&lSm_jKJOwMAix6So83dD+Ix<@qmRSOJqh>+E
zbzc@qgBIJz5-q%HX~T=68=K93;1W>c46pK0h2m7hXOtgt+N!2@6XDZDp}=yysE_CY
zyf?}orwog)JW6wxc`)IX+4sS+^;S{>E+0FzNrS%CSLm$>z>Ea%zkK$2q3f#8^M#)4
ze7t)96DyezE0G~xXOBVJ&#cV|TV~~xKCAgJ$sMQi@e=0hA4}!<gM5eQ{SED=783ft
zE)WUL5IhU*p>yYRw<mfxkAEOwp7v|Y(wMnisO5gO!s}j0s)!B`eroBSu$aELX<seu
zHEP5A>VZa|bV`HmSB;mIT_?JONk@URN3!LXnU+N_`!}4AiLdeqD6!C6RAqcyKu%#Z
zKFNwt?;O0fRTd=zF)O1BYThs4_8C>u`3Rf8)MifR5ZL#c<wSWu?mh7A?&HrhGA~V6
z$kMnjo7#!=eA2<uIb52U{F1cP#F*piq^m#QsU<+_<W}SQnRXc83_oHlZ7v_$6ceT-
zuv|o7xbOlX(b7I7ChKf@p7X}a9J?UDCH+dGD7o3KTaf=<1>d|R<yHBGo&D;sdwdk4
zwJd^Z=60FfS1%oKJnS$)?U@3f(FsklQnx=W0;EBBp)Hu%060Z(we+6#0F;CJ*)Em@
za_Eh<TR*?c4If<`N$uQcK!l}8f~rSM{eIdfHq3_Uq5DU8*9l&7=>nGET$Y?M1HsGH
zw6y(1&&9h#<kjPEt-9w%>yrf^F2qVeCwF-vt+Kx!LHa$-$7|m>v1?5lIjKte)J_%x
zZQ8qo#R7bwjcR!fmTfG1J%;V(O#(yC?_5i*bnzS6yt^GWCzrc6-oGU@cp&UDizhG4
z>eI>c|CG^Lr;yQdU@?iS*m^PLaa6dV8W1R&&=I0&XZPe(q*rVvw|*J}DGUi8`kOKA
z9~;l1z~5^r>OW#33F6{I|3iE5{}x(6LI1hPN`YiXgaoaB4?v<pMu+f2VEjDb#5xcX
z_y7FZ10l6Dz+eyW)W$$_P9P8le)upq<^()6PIJ@OP!r?VuVFw4tbQ1bw1tEQfxsSI
zv_g=m{`>191c_H43d8zs@L!Dv3W0zjH0Ct_B?IyC!5(N8em5Gs|CT|)4=(?bf%tfN
zANu%*-ox8G7@X(?MPh)1c%TofN&dVFgYiDlE&L$^LqNZo8UB=kcp!gAgFty7F#e?n
z<b(X}4+4Vx2PyA^>i@t819|xVhROp2Lmzhf{}~tnP3#arB7g&-|H1?W1OC+?KG^RS
zGk>@M@$&HgjS~Rk;rm+;00#2@9Rmad@H`X-00937b`UQV_`ev#{x$~i0%3nA0|es*
z{>R}z{DB`B?EbcW2n_qD-a~u<0L04+ePFcs-To($0A3LAfl%R384UO@JrE4|uPlIg
zVSxX|mhbOc0|J3?=)Zdc0{=_K2l!3P_Xn5<W4^zG0C_-wzx6;cFyQae2k`-6|21^*
z|JUOOW6(cS^E(=l5A^#6{v+^%L%x5dl@AR5d*~i)`Tou-2nYiG0q}SJAC86P{W~=v
zKA!*0_`izgAHxLV0Ym-;1_t@fh4Ck7J}Bs4G9EB5{0}t0!SI6rRY)Khl;`gtVDLjJ
z{S^cZ;r&<j^MIkhpO1fl;ekQ_?{f$KKLrPQ@b~w)LwJGUztax}JS<ZC%i#lL;NN2m
zejq9NyT{;%()v^O@bGx($Zr~$KM+De(0^9Cv!k)4jhQ2spdbymx}}F14K(q&5E6}n
zq!>gB2mn7+oum|)4=l;c^Dw|rNq{6sOdKf6!z(QK|JBg{&4}aVZ0zXl=4fV)^^j;@
N5Edh&q_Py&{{ansCc*#!

diff --git a/tzpfms.ps b/tzpfms.ps
index 5e84b08..334ae4b 100644
--- a/tzpfms.ps
+++ b/tzpfms.ps
@@ -1,15 +1,15 @@
 %!PS-Adobe-3.0
 %%Creator: groff version 1.23.0
-%%CreationDate: Sun Mar  3 15:59:43 2024
+%%CreationDate: Sun Mar  3 16:36:37 2024
 %%DocumentNeededResources: font Times-Roman
 %%+ font Times-Bold
 %%+ font Courier-Bold
 %%+ font Courier-Oblique
 %%+ font Courier
-%%+ font Symbol
 %%+ font Times-Italic
+%%+ font Symbol
 %%DocumentSuppliedResources: procset grops 1.23 0
-%%Pages: 10
+%%Pages: 15
 %%PageOrder: Ascend
 %%DocumentMedia: Default 595 842 0 () ()
 %%Orientation: Portrait
@@ -237,8 +237,8 @@ setpacking
 %%IncludeResource: font Courier-Bold
 %%IncludeResource: font Courier-Oblique
 %%IncludeResource: font Courier
-%%IncludeResource: font Symbol
 %%IncludeResource: font Times-Italic
+%%IncludeResource: font Symbol
 grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
 def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 /Zcaron/scaron/zcaron/Ydieresis/trademark/quotesingle/Euro/.notdef
@@ -276,15 +276,372 @@ def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 %%BeginPageSetup
 BP
 %%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-ADD-B)72 48 Q -.4(AC)-.35 G 42.103
+(KUP\(8\) System).4 F(Manager')2.5 E 2.5(sM)-.55 G 39.602
+(anual ZFS-FIDO2-ADD-B)-2.5 F -.4(AC)-.35 G(KUP\(8\)).4 E/F1 10
+/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-add-backup)108 96 Q F0 2.5<8a61>2.5 G(llo)-2.5 E 2.5(wa)-.25
+G(nother FIDO2 de)-2.5 E(vice to unlock ZFS dataset)-.25 E F1(SYNOPSIS)
+72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0
+SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After)108 153.6 Q/F4 10
+/Courier@0 SF(zfs-fido2-change-key)7.564 E F0 5.064(\(8\) deri)B -.15
+(ve)-.25 G 7.563(st).15 G 5.063(he k)-7.563 F 5.363 -.15(ey f)-.1 H
+5.063(or a dataset from a FIDO2 de).15 F(vice,)-.25 E F2
+(zfs-fido2-add-backup)108 165.6 Q F0(may be e)2.5 E -.15(xe)-.15 G
+(cuted to e).15 E(xtend this to an)-.15 E 2.5(yn)-.15 G
+(umber of additional de)-2.5 E(vices.)-.25 E .273(First, the wrapping k)
+108 182.4 R .574 -.15(ey i)-.1 H 2.774(se).15 G .274
+(xtracted as normally during)-2.924 F F4(zfs-fido2-load-key)2.774 E F0
+.274(\(8\), then a credential)B 1.604(is made as-if during)108 194.4 R
+F4(zfs-fido2-change-key)4.104 E F0 1.604(\(8\) \(e)B 1.604
+(xcept the "primary" de)-.15 F 1.603(vice and all the ones)-.25 F .185
+(holding backups are e)108 206.4 R .185(xcluded from the search\); ho)
+-.15 F(we)-.25 E -.15(ve)-.25 G .985 -.4(r, t).15 H(he).4 E F4
+(hmac-secret)2.685 E F0 .185(is instead used as a sym-)2.685 F 1.555
+(metric AES-256-GCM \()108 218.4 R F4(EVP_CIPHER-AES)A F0 1.555
+(\(7ssl\)\) k)B 1.855 -.15(ey t)-.1 H 4.055(oe).15 G 1.555
+(ncrypt the wrapping k)-4.055 F 1.855 -.15(ey d)-.1 H 1.555
+(irectly with a).15 F(random IV)108 230.4 Q(.)-1.29 E(This turns the)108
+247.2 Q F4(xyz.nabijaczleweli:tzpfms.key)2.5 E F0 -.25(va)2.5 G
+(riable into).25 E F3(salt)108 259.2 Q F2(:)A F3(credential-ID)A F2(:)A
+F3(credential-public-key)A F0([)A F2(.)A F3(backup-salt)A F2(:)A F3
+(backup-credential-ID)108 271.2 Q F2(:)A F3
+(backup-credential-public-key)A F2(:)A F3(IV)A F2(:)A F3(encrypted-key)A
+F0 1.666(]...)C F4(tzpfms.key)108 288 Q F0 2.238
+(is actually a dot-separated list of de)4.738 F 2.238(vice b)-.25 F
+4.738(undles. The)-.2 F 2.239(\214rst one is as-described in)4.738 F F4
+(zfs-fido2-change-key)108 300 Q F0 5.181(\(8\). Subsequent)B 2.681
+(ones also include \(identically-encoded\) IVs and en-)5.181 F
+(crypted blobs.)108 312 Q F4(zfs-fido2-load-key)108 328.8 Q F0 .081
+(\(8\) shops assertions around de)B .081(vices in a de)-.25 F .082
+(vice-major order \212 depending on)-.25 F(de)108 340.8 Q
+(vice numbering, a backup may be loaded e)-.25 E -.15(ve)-.25 G 2.5(ni)
+.15 G 2.5(ft)-2.5 G(he primary de)-2.5 E(vice is present.)-.25 E F1
+(ENVIR)72 357.6 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4
+(TZPFMS_PASSPHRASE_HELPER)108 369.6 Q F0 .046(By def)133 381.6 R .045(a\
+ult, passphrases are prompted for and read in on the standard output an\
+d input streams.)-.1 F(If)5.045 E F4(TZPFMS_PASSPHRASE_HELPER)133 393.6
+Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G
+1.596(ill be run via)-4.096 F F4(/bin/)4.096 E F2 3.262(sh \255c)B F0
+(to)4.096 E(pro)133 405.6 Q(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 422.4 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 434.4 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 446.4 Q F0
+(Pre-formatted noun phrase with all the information belo)160 446.4 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 458.4 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 458.4 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 470.4 Q F0("ne)160
+470.4 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 482.4 Q F0("ag)160 482.4 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 499.2 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+511.2 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 528 R(En)87 540 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 552 Q F0
+(If set, enables lib\214do2 deb)173 552 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 568.8 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 580.8 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 592.8 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 609.6 R F0
+(The lib\214do2 documentation at https://de)108 621.6 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 638.4 R
+F0 1.6 -.8(To a)108 650.4 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 662.4 Q F0(ThePhD)7.5 E F1<83>
+128 674.4 Q F0(Embark Studios)7.5 E F1<83>128 686.4 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 698.4 Q F0(EvModder)7.5 E F1(REPOR)72 715.2 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 727.2 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 744 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 756 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 2
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
+SF(zfs-fido2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
+-2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne authenticated by a FIDO2 de)
+-2.5 E(vice)-.25 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108
+124.8 Q F0([)2.5 E F2<ad62>1.666 E/F3 10/Courier-Oblique@0 SF
+(backup-file)6 E F0(])A F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0
+2.867 -.8(To n)108 153.6 T 1.267(ormalise the).8 F F3(dataset)3.767 E F0
+(,)A F2(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the FIDO2 de)108 194.4 Q(vice, which)
+-.25 E F4(must)2.5 E F0(support the)2.5 E F5(hmac-secret)2.5 E F0 -.15
+(ex)2.5 G(tension.).15 E(If)108 211.2 Q F3(dataset)3.244 E F0 -.1(wa)
+3.244 G 3.244(sp).1 G(re)-3.244 E .743(viously encrypted with)-.25 F F2
+(fzifdso)3.243 E F0 .743(and the)3.243 F F1(FIDO2)3.243 E F0 .743
+(back-end w)3.243 F .743(as used, the meta-)-.1 F .926
+(data will be silently cleared.)108 223.2 R .926
+(Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
+(ata required for manual interv)-3.426 F(ention)-.15 E
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.465(xt, a ne)-.15 F 2.965(wc)-.25 G .465
+(redential of type ES256 is generated on the de)-2.965 F .464
+(vice \(with relying party ID)-.25 F F5(fzifdso)2.964 E F0(and)2.964 E
+.499(name equal to the dataset name\) with the)108 264 R F5(hmac-secret)
+2.999 E F0 -.15(ex)2.999 G .499(tension requested; the de).15 F .499
+(vice PIN, if an)-.25 F -.65(y,)-.15 G(is prompted for here.)108 276 Q
+(This mimicks a W)5 E(ebAuthn re)-.8 E(gistration step.)-.15 E .962(The\
+n, the credential is asserted with a 32-byte random salt, which hashes \
+it with de)108 292.8 R(vice-pri)-.25 E -.25(va)-.25 G .962(te data,).25
+F .137(and thus generates the wrapping k)108 304.8 R .438 -.15(ey \()-.1
+H .138(which is optionally back).15 F .138(ed up \(see)-.1 F F1(OPTIONS)
+2.638 E F0 2.638(\)\). This)B .138(mimicks a)2.638 F -.8(We)108 316.8 S
+(bAuthn login step.).8 E(The follo)108 333.6 Q
+(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
+345.6 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(FIDO2)A<83>
+128 357.6 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3(salt)A F2
+(:)A F3(credential-ID)A F2(:)A F3(credential-public-key)139 369.6 Q F0
+([)A F2(.)A F0 1.666(...)1.666 G 1.666(]...)-1.666 G F5(tzpfms.backend)
+108 386.4 Q F0 2.708(identi\214es this dataset for w)5.208 F 2.707
+(ork with)-.1 F F1(FIDO2)5.207 E F0(-back-ended)A F2(tzpfms)5.207 E F0
+2.707(tools \(i.e.)5.207 F F2(fzifdso)108 398.4 Q F5
+(zfs-fido2-change-key)60.227 E F0(\(8\),)A F5(zfs-fido2-load-key)56.728
+E F0(\(8\),)A F5(zfs-fido2-add-backup)108 410.4 Q F0(\(8\), and)A F5
+(zfs-fido2-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 427.2 Q F0
+.486(is a colon-separated tuple of unpadded URL-safe base64 blobs; the \
+\214rst one is the ran-)2.986 F .217(dom salt; the second represents th\
+e ID of created credential, and the third \211 its public k)108 439.2 R
+-.15(ey)-.1 G 5.217(.T)-.5 G .217(here e)-5.217 F(xists)-.15 E
+(no other user)108 451.2 Q
+(-land tool for deciphering this; perhaps there should be.)-.2 E
+(Finally)108 468 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25
+G 9.506(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 480 Q
+F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
+(to clean up the properties, or to issue a note for manual interv)108
+492 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 508.8
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-fido2-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 520.8 R .729
+(ut otherwise the dataset can be manually rolled back to a passphrase)
+-.2 F(with)108 532.8 Q F2(zfs-fido2-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 544.8 Q F3(dataset)6 E F0
+(\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
+F2(zfs-fido2-clear-key)108 561.6 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 573.6 Q F1(OPTIONS)72 590.4 Q F2<ad62>109.666 602.4 Q
+F3(backup-file)6 E F0(Sa)203 602.4 Q .353 -.15(ve a b)-.2 H .052
+(ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 614.4 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 626.4 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 638.4 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F1(ENVIR)72 655.2 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35
+E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q F0 .046(By def)133 679.2 R
+.045(ault, passphrases are prompted for and read in on the standard out\
+put and input streams.)-.1 F(If)5.045 E F5(TZPFMS_PASSPHRASE_HELPER)133
+691.2 Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)
+-4.096 G 1.596(ill be run via)-4.096 F F5(/bin/)4.096 E F2 3.262
+(sh \255c)B F0(to)4.096 E(pro)133 703.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 720 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
+(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E(fzifdso 0)72 817.889 Q
+(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 2 3
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 124.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
+1.666(FIDO2 back-end con\214guration)72 153.6 R(En)87 165.6 Q(vir)-.4 E
+.625(onment v)-.18 F(ariables)-.1 E F1(FIDO_DEBUG)108 177.6 Q F0
+(If set, enables lib\214do2 deb)173 177.6 Q
+(ug logging to the standard error stream.)-.2 E F2(De)87 194.4 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 206.4 R
+.727(vice which supports the)-.25 F F1(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 218.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F2 .625(See also)87 235.2 R F0
+(The lib\214do2 documentation at https://de)108 247.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F2 1.666(SPECIAL THANKS)72 264 R
+F0 1.6 -.8(To a)108 276 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F2<83>128 288 Q F0(ThePhD)7.5 E F2<83>128
+300 Q F0(Embark Studios)7.5 E F2<83>128 312 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F2<83>128 324 Q F0(EvModder)7.5 E F2(REPOR)72 340.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 352.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F1
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 369.6 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 381.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(2)183.837 E 0 Cg EP
+%%Page: 1 4
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 50.243(ZFS-FIDO2-CLEAR-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 47.742(anual ZFS-FIDO2-CLEAR-KEY\(8\))-2.5
+F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-clear-key)108 96 Q F0 3.587<8a72>3.588 G -.25(ew)-3.587 G
+1.087(rap ZFS dataset k).25 F 1.387 -.15(ey i)-.1 H 3.587(np).15 G
+(asssw)-3.587 E 1.087(ord and clear tzpfms FIDO2 meta-)-.1 F(data)108
+108 Q F1(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(FIDO2)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
+(xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
+14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
+213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-fido2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(ENVIR)72 247.2 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .045
+(By def)133 271.2 R .045(ault, passphrases are prompted for and read in\
+ on the standard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.596(is set and nonempty)4.096
+F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 295.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 312 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 324 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 336 Q F0
+(Pre-formatted noun phrase with all the information belo)160 336 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 348 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 348 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 360 Q F0("ne)160 360 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F4($4)143 372 Q F0("ag)160 372 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 388.8 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+400.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 417.6 R(En)87 429.6 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 441.6 Q F0
+(If set, enables lib\214do2 deb)173 441.6 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 458.4 Q .625
+(vice selection)-.15 F F0 .726(When creating, the \214rst de)108 470.4 R
+.726(vice which supports the)-.25 F F4(hmac-secret)3.227 E F0 -.15(ex)
+3.227 G .727(tension is used.).15 F .727(When loading,)5.727 F
+(the assertion is shopped around to e)108 482.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 499.2 R F0
+(The lib\214do2 documentation at https://de)108 511.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 528 R
+F0 1.6 -.8(To a)108 540 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F1<83>128 552 Q F0(ThePhD)7.5 E F1<83>128
+564 Q F0(Embark Studios)7.5 E F1<83>128 576 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F1<83>128 588 Q F0(EvModder)7.5 E F1(REPOR)72 604.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 616.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 633.6 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 645.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 5
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-LO)72 48 Q 55.603(AD-KEY\(8\) System)
+-.35 F(Manager')2.5 E 2.5(sM)-.55 G 53.102(anual ZFS-FIDO2-LO)-2.5 F
+(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
+/Courier-Bold@0 SF(zfs-fido2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
+(oad FIDO2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 1.141(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.641 E F0 -.1
+(wa)3.641 G 3.641(se).1 G 1.141(ncrypted with)-3.641 F F2(tzpfms)3.641 E
+F0(back)3.641 E(end)-.1 E F1(FIDO2)3.641 E F0 3.641(,a)C 1.142
+(sserts the preserv)-3.641 F 1.142(ed chal-)-.15 F(lenge, HMA)108 165.6
+Q(Cking the salt with the on-de)-.4 E
+(vice secret, and loads the resulting k)-.25 E .3 -.15(ey i)-.1 H(nto)
+.15 E F3(dataset)2.5 E F0(.)A(See)108 182.4 Q/F4 10/Courier@0 SF
+(zfs-fido2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
+(OPTIONS)72 199.2 Q F2<ad6e>109.666 211.2 Q F0 3.208
+(Do a no-op/dry run, can be used e)131 211.2 R -.15(ve)-.25 G 5.708(ni)
+.15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708
+(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G
+3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 223.2 Q F0 -.55('s)C F2
+<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 240 Q 1.666(ONMENT V)-.3 F
+(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 252 Q F0 .045(By def)
+133 264 R .045(ault, passphrases are prompted for and read in on the st\
+andard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 276 Q F0 1.596(is set and nonempty)4.096 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 288 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 304.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 316.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 328.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 328.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 340.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 340.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 352.8 Q F0("ne)160
+352.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 364.8 Q F0("ag)160 364.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 381.6 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+393.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666(SPECIAL THANKS)
+72 410.4 R F0 1.6 -.8(To a)108 422.4 T(ll who support further de).8 E
+-.15(ve)-.25 G(lopment, in particular:).15 E F1<83>128 434.4 Q F0
+(ThePhD)7.5 E F1<83>128 446.4 Q F0(Embark Studios)7.5 E F1<83>128 458.4
+Q F0(Jasper Bekk)7.5 E(ers)-.1 E F1<83>128 470.4 Q F0(EvModder)7.5 E F1
+(REPOR)72 487.2 Q 1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108
+499.2 Q(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 516 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 528 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 6
+%%BeginPageSetup
+BP
+%%EndPageSetup
 /F0 10/Times-Roman@0 SF 93.563(ZFS-TPM-LIST\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 91.062(anual ZFS-TPM-LIST\(8\))-2.5 F/F1
 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm-list)108 96 Q F0 2.5<8a70>2.5 G(rint dataset tzpfms metadata)
--2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
-<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10
-/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A F2
-<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
-<ad6c>1.666 E F0(])A([)186 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
+-2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)
+2.5 E F2<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E
+/F3 10/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A
+F2<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
+<ad6c>1.666 E F0(])A([)234 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
 1.666(]...)C F1(DESCRIPTION)72 153.6 Q F0(Lists the follo)108 165.6 Q
 (wing properties on encryption roots:)-.25 E/F4 10/Courier@0 SF(name)128
 177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.979 E F0
@@ -326,26 +683,28 @@ listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
 G(re una)-2.5 E -.25(va)-.2 G(ilable.).25 E F2<ad6c>109.666 446.4 Q F0
 (List only encryption roots whose k)185 446.4 Q -.15(ey)-.1 G 2.5(sa).15
 G(re a)-2.5 E -.25(va)-.2 G(ilable.).25 E F1(EXAMPLES)72 463.2 Q F4($)
-108 475.2 Q F2(zfs-tpm-list)6 E F4 72(NAME BACK-END)108 487.2 R 18
-(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
+108 475.2 Q F2(zfs-fido2-add-backup)6 E F4 72(NAME BACK-END)108 487.2 R
+18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
 (available yes)24 F 6(tarta-zoot/home TPM2)108 511.2 R 6
-(unavailable yes)36 F($)108 535.2 Q F2 1.666(zfs-tpm-list \255ad0)6 F F4
-24(NAME BACK-END)108 547.2 R 6(KEYSTATUS COHERENT)12 F 6(filling -)108
-559.2 R 6(available yes)54 F($)108 583.2 Q F2 1.666(zfs-tpm-list \255b)6
-F F1(TPM2)6 E F4 72(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F
-6(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
-F2 1.666(zfs-tpm-list \255ra)6 F F3(tarta-zoot)6 E F4 72(NAME BACK-END)
-108 643.2 R 18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 655.2 R
-18(available yes)24 F 6(tarta-zoot/home TPM2)108 667.2 R 6
-(unavailable yes)36 F 12(tarta-zoot/bkp -)108 679.2 R 18(available yes)
-54 F 18(tarta-zoot/vm -)108 691.2 R 18(available yes)54 F($)108 715.2 Q
-F2 1.666(zfs-tpm-list \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
+(unavailable yes)36 F($)108 535.2 Q F2 1.666
+(zfs-fido2-add-backup \255ad0)6 F F4 24(NAME BACK-END)108 547.2 R 6
+(KEYSTATUS COHERENT)12 F 6(filling -)108 559.2 R 6(available yes)54 F($)
+108 583.2 Q F2 1.666(zfs-fido2-add-backup \255b)6 F F1(TPM2)6 E F4 72
+(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F 6
+(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
+F2 1.666(zfs-fido2-add-backup \255ra)6 F F3(tarta-zoot)6 E F4 72
+(NAME BACK-END)108 643.2 R 18(KEYSTATUS COHERENT)12 F 36
+(tarta-zoot TPM1.X)108 655.2 R 18(available yes)24 F 6
+(tarta-zoot/home TPM2)108 667.2 R 6(unavailable yes)36 F 12
+(tarta-zoot/bkp -)108 679.2 R 18(available yes)54 F 18(tarta-zoot/vm -)
+108 691.2 R 18(available yes)54 F($)108 715.2 Q F2 1.666
+(zfs-fido2-add-backup \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
 (KEYSTATUS COHERENT)12 F 54(filling -)108 739.2 R 6(available yes)54 F
 36(tarta-zoot TPM1.X)108 751.2 R 6(available yes)24 F 12
 (tarta-zoot/bkp -)108 763.2 R 6(available yes)54 F 18(tarta-zoot/vm -)
 108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-21-g2118cc3)72 817.889
 Q(December 4, 2022)83.583 E(1)183.842 E 0 Cg EP
-%%Page: 2 2
+%%Page: 2 7
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -362,7 +721,7 @@ F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 201.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-21-g2118cc3)72 817.889 Q(December 4, 2022)83.583 E
 (2)183.842 E 0 Cg EP
-%%Page: 1 3
+%%Page: 1 8
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -371,192 +730,193 @@ BP
 -2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
 SF(zfs-tpm1x-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
 -2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3
-(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T
-5.267(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766
-E F0 5.266(will open its encryption root in its stead.)7.766 F F2
-(zfs-tpm-list)108 165.6 Q F0(will)2.5 E/F4 10/Times-Italic@0 SF(ne)2.5 E
-(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)
--2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
-(First, a connection is made to the TPM, which)108 182.4 Q F4(must)2.5 E
-F0(be TPM-1.X-compatible.)2.5 E(If)108 199.2 Q F3(dataset)3.176 E F0 -.1
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666
+E F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 2.867 -.8(To n)108 153.6
+T 1.267(ormalise the).8 F F3(dataset)3.767 E F0(,)A F2
+(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 194.4 Q F4(must)2.5 E
+F0(be TPM-1.X-compatible.)2.5 E(If)108 211.2 Q F3(dataset)3.177 E F0 -.1
 (wa)3.176 G 3.176(sp).1 G(re)-3.176 E .676(viously encrypted with)-.25 F
 F2(tzpfms)3.176 E F0 .676(and the)3.176 F F1(TPM1.X)3.176 E F0 .676
 (back-end w)3.176 F .676(as used, the meta-)-.1 F .926
-(data will be silently cleared.)108 211.2 R .926
+(data will be silently cleared.)108 223.2 R .926
 (Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
 (ata required for manual interv)-3.426 F(ention)-.15 E
-(will be written to the standard error stream.)108 223.2 Q(Ne)108 240 Q
-.294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
 (ey i)-.1 H 2.794(sg).15 G .294(enerated on the TPM, optionally back)
 -2.794 F .294(ed up \(see)-.1 F F1(OPTIONS)2.794 E F0 .294
-(\), and sealed)B .586(on the TPM; the user is prompted for an optional\
- passphrase to protect the k)108 252 R .885 -.15(ey w)-.1 H .585
-(ith, and for the SRK).15 F(passphrase, set when taking o)108 264 Q
+(\), and sealed)B .585(on the TPM; the user is prompted for an optional\
+ passphrase to protect the k)108 264 R .886 -.15(ey w)-.1 H .586
+(ith, and for the SRK).15 F(passphrase, set when taking o)108 276 Q
 (wnership, if not "well-kno)-.25 E(wn" \(all zeroes\).)-.25 E(The follo)
-108 280.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
-<83>128 292.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
-(TPM1.X)A<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
+108 292.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
+<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
+(TPM1.X)A<83>128 316.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
 F3(parent-key-blob)A F2(:)A F3(sealed-object-blob)A F5(tzpfms.backend)
-108 321.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
-(ork with)-.1 F F1(TPM1.X)2.792 E F0(-back-ended)A F2(tzpfms)2.792 E F0
-.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 333.6 Q F0
+108 333.6 Q F0 .292(identi\214es this dataset for w)2.792 F .291
+(ork with)-.1 F F1(TPM1.X)2.791 E F0(-back-ended)A F2(tzpfms)2.791 E F0
+.291(tools \(namely)2.791 F F5(zfs-tpm1x-change-key)108 345.6 Q F0
 (\(8\),)A F5(zfs-tpm1x-load-key)2.5 E F0(\(8\), and)A F5
-(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 350.4 Q F0
-1.412(is a colon-separated pair of he)3.913 F 1.412
-(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .867
-(\214rst one represents the RSA k)108 362.4 R 1.167 -.15(ey p)-.1 H .868
+(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 362.4 Q F0
+1.412(is a colon-separated pair of he)3.912 F 1.412
+(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .868
+(\214rst one represents the RSA k)108 374.4 R 1.168 -.15(ey p)-.1 H .867
 (rotecting the blob, and it is protected with either the passphrase, if)
-.15 F(pro)108 374.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
-(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.913 E F0 3.913(;t)C 1.413
-(he sec-)-3.913 F .379
-(ond represents the sealed object containing the wrapping k)108 386.4 R
+.15 F(pro)108 386.4 Q 1.413(vided, or the SHA1 constant)-.15 F F5
+(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.914 E F0 3.914(;t)C 1.414
+(he sec-)-3.914 F .379
+(ond represents the sealed object containing the wrapping k)108 398.4 R
 -.15(ey)-.1 G 2.879(,a)-.5 G .379
 (nd is protected with the SHA1 constant)-2.879 F F5
-(B9EE715DBE4B243FAA81EA04306E063710383E35)108 398.4 Q F0 6.721(.T)C
-1.721(here e)-6.721 F 1.721(xists no other user)-.15 F 1.72
-(-land tool for)-.2 F(decrypting this; perhaps there should be.)108
-410.4 Q(Finally)108 427.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
--.25(va)-.25 G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F
-<ad6f>17.172 E F5(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5
-(keyformat=raw)108 439.2 Q F3(dataset)6.107 E F0 .107
-(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G 5.106
-(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
-(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
+(B9EE715DBE4B243FAA81EA04306E063710383E35)108 410.4 Q F0 6.72(.T)C 1.72
+(here e)-6.72 F 1.721(xists no other user)-.15 F 1.721(-land tool for)
+-.2 F(decrypting this; perhaps there should be.)108 422.4 Q(Finally)108
+439.2 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25 G 9.506
+(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 451.2
+Q F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
 (to clean up the properties, or to issue a note for manual interv)108
-451.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 468
-S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
--.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.556 E F0
-6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
-(command succeeds, all is well, b)108 480 R .729
+463.2 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 480
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 492 R .729
 (ut otherwise the dataset can be manually rolled back to a passphrase)
--.2 F(with)108 492 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
-F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
-2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
-10.313 E F5(keyformat=passphrase)108 504 Q F3(dataset)6 E F0
+-.2 F(with)108 504 Q F2(zfs-tpm1x-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 516 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm1x-clear-key)108 520.8 Q F3(dataset)7.607 E F0 1.607
-(can be used to clear the properties and go back to using a)4.107 F
-(passphrase.)108 532.8 Q F1(OPTIONS)72 549.6 Q F2<ad62>109.666 561.6 Q
-F3(backup-file)6 E F0(Sa)203 561.6 Q .352 -.15(ve a b)-.2 H .052
+F2(zfs-tpm1x-clear-key)108 532.8 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 544.8 Q F1(OPTIONS)72 561.6 Q F2<ad62>109.666 573.6 Q
+F3(backup-file)6 E F0(Sa)203 573.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
-E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
-F .694(This back-up)203 573.6 R F4(must)3.194 E F0 .694
-(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
-(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 585.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 597.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 614.4 Q F3(PCR)6 E F0([)A F2(,)A F3
-(PCR)A F0 1.666(]...)C .638(Bind the k)203 614.4 R .939 -.15(ey t)-.1 H
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 585.6 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 597.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 609.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 626.4 Q F3(PCR)6 E F0([)A F2(,)A F3
+(PCR)A F0 1.666(]...)C .639(Bind the k)203 626.4 R .939 -.15(ey t)-.1 H
 3.139(os).15 G .639(pace- or comma-separated)-3.139 F F3(PCR)3.139 E F0
-3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .639
-(hange, the wrap-)-3.139 F .463(ping k)203 626.4 R .763 -.15(ey w)-.1 H
-.463(ill not be able to be unsealed.).15 F .462
-(The minimum number of PCRs for a)5.462 F(PC TPM is)203 638.4 Q F1(24)
+3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .638
+(hange, the wrap-)-3.139 F .462(ping k)203 638.4 R .762 -.15(ey w)-.1 H
+.462(ill not be able to be unsealed.).15 F .463
+(The minimum number of PCRs for a)5.462 F(PC TPM is)203 650.4 Q F1(24)
 2.5 E F0(\(numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0 2.5(]\). F)B
-(or most, this is also the maximum.)-.15 E F1(ENVIR)72 655.2 Q 1.666
-(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q
-F0 .045(By def)133 679.2 R .045(ault, passphrases are prompted for and \
-read in on the standard output and input streams.)-.1 F(If)5.046 E F5
-(TZPFMS_PASSPHRASE_HELPER)133 691.2 Q F0 1.596(is set and nonempty)4.096
+(or most, this is also the maximum.)-.15 E F1(ENVIR)72 667.2 Q 1.666
+(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q
+F0 .046(By def)133 691.2 R .045(ault, passphrases are prompted for and \
+read in on the standard output and input streams.)-.1 F(If)5.045 E F5
+(TZPFMS_PASSPHRASE_HELPER)133 703.2 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F5
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 703.2 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 715.2 Q
 (vide each passphrase, instead.)-.15 E .643
-(The standard output stream of the helper is tied to an anon)133 720 R
+(The standard output stream of the helper is tied to an anon)133 732 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
-133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
-(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
-(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
--.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-21-g2118cc3)72
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(tzpfms 0.3.4-21-g2118cc3)72
 817.889 Q(February 28, 2024)83.578 E(1)183.837 E 0 Cg EP
-%%Page: 2 4
+%%Page: 2 9
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 36.913(ZFS-TPM1X-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 34.412(anual ZFS-TPM1X-CHANGE-KEY\(8\))
--2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
-(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
-(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
--2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 124.8 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
-(127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
-(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 136.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
 -.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
-1.666(TPM1.X back-end con\214guration)72 153.6 R .625(TPM selection)87
-165.6 R F0(The)108 177.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
-.229(suite connects to a local)2.729 F F1(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F1(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 189.6 Q
-(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 206.4 R(rouSerS)
--.35 E F1(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F1(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F1(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-218.4 S(ing one of the earlier ones with, for e).1 E
+1.666(TPM1.X back-end con\214guration)72 165.6 R .625(TPM selection)87
+177.6 R F0(The)108 189.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.73 E F0 .23
+(suite connects to a local)2.73 F F1(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F1(localhost:30003)2.729 E F0 2.729(\)b)C 2.729
+(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1 F(the)2.729 E(en)108 201.6
+Q(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .11(The T)108 218.4 R(rouSerS)
+-.35 E F1(tcsd)2.61 E F0 .11(\(8\) daemon will try)B F1(/dev/tpm0)2.61 E
+F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611
+E F1(/dev/tpm)2.611 E F0 2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1
+(py)108 230.4 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F2 .625
-(See also)87 235.2 R F0(The T)108 247.2 Q
+(See also)87 247.2 R F0(The T)108 259.2 Q
 (rouSerS project page at https://sourcefor)-.35 E
 (ge.net/projects/trousers.)-.18 E 4.415
-(The TPM 1.2 main speci\214cation inde)108 264 R 6.915(xa)-.15 G 6.915
+(The TPM 1.2 main speci\214cation inde)108 276 R 6.915(xa)-.15 G 6.915
 (th)-6.915 G(ttps://trustedcomputinggroup.or)-6.915 E
-(g/resource/tpm-main-)-.18 E(speci\214cation.)108 276 Q F2 1.666
-(SPECIAL THANKS)72 292.8 R F0 1.6 -.8(To a)108 304.8 T
+(g/resource/tpm-main-)-.18 E(speci\214cation.)108 288 Q F2 1.666
+(SPECIAL THANKS)72 304.8 R F0 1.6 -.8(To a)108 316.8 T
 (ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
-.15 E F2<83>128 316.8 Q F0(ThePhD)7.5 E F2<83>128 328.8 Q F0
-(Embark Studios)7.5 E F2<83>128 340.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
-F2<83>128 352.8 Q F0(EvModder)7.5 E F2(REPOR)72 369.6 Q 1.666(TING B)-.4
-F(UGS)-.1 E F0(https://todo.sr)108 381.6 Q(.ht/\001nabijaczle)-.55 E
-(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 398.4 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
-(https://lists.sr)108 410.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
--.25 E F2 1.666(SEE ALSO)72 427.2 R F0
-(PCR allocations: https://wiki.archlinux.or)108 439.2 Q(g/title/T)-.18 E
+.15 E F2<83>128 328.8 Q F0(ThePhD)7.5 E F2<83>128 340.8 Q F0
+(Embark Studios)7.5 E F2<83>128 352.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
+F2<83>128 364.8 Q F0(EvModder)7.5 E F2(REPOR)72 381.6 Q 1.666(TING B)-.4
+F(UGS)-.1 E F0(https://todo.sr)108 393.6 Q(.ht/\001nabijaczle)-.55 E
+(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 410.4 Q
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+(https://lists.sr)108 422.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
+-.25 E F2 1.666(SEE ALSO)72 439.2 R F0
+(PCR allocations: https://wiki.archlinux.or)108 451.2 Q(g/title/T)-.18 E
 (rusted_Platform_Module#Accessing_PCR_re)-.35 E(gisters)-.15 E
-(and https://trustedcomputinggroup.or)108 451.2 Q
+(and https://trustedcomputinggroup.or)108 463.2 Q
 (g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
-r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 463.2 Q
-(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-21-g2118cc3)72 817.889 Q
+r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 475.2 Q
+(able)-.8 E(1.)108 487.2 Q(tzpfms 0.3.4-21-g2118cc3)72 817.889 Q
 (February 28, 2024)83.578 E(2)183.837 E 0 Cg EP
-%%Page: 1 5
+%%Page: 1 10
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 45.793(ZFS-TPM1X-CLEAR-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 43.292(anual ZFS-TPM1X-CLEAR-KEY\(8\))-2.5
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
-(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.007 G -.25(ew)-3.008 G
+(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.008 G -.25(ew)-3.008 G
 .508(rap ZFS dataset k).25 F .808 -.15(ey i)-.1 H 3.008(np).15 G(asssw)
 -3.008 E .508(ord and clear tzpfms TPM1.X meta-)-.1 F(data)108 108 Q F1
-(SYNOPSIS)72 124.8 Q F2(zfs-tpm-list)108 136.8 Q/F3 10/Courier-Oblique@0
-SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0(After v)108 165.6 Q
-(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
-(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM1.X)
-2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F -.25(va)
--.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
-/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
-(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(TPM1.X)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
 201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
 (xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
 213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm1x-change-key)2.5 E F0
 (\(8\) for a detailed description.)A F1 1.666
 (TPM1.X back-end con\214guration)72 247.2 R .625(TPM selection)87 259.2
-R F0(The)108 271.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
-2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
-2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
-F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
-(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
-(The T)108 300 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
-(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
-(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
-2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 312 S
-(ing one of the earlier ones with, for e).1 E
+R F0(The)108 271.2 Q F2(tzpfms)2.729 E F0 .229
+(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
+-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 283.2 Q
+(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .111(The T)108 300 R(rouSerS)
+-.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
+E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
+F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
+312 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 328.8 R F0(The T)108 340.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -571,11 +931,11 @@ F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
 F1<83>128 446.4 Q F0(EvModder)7.5 E F1(REPOR)72 463.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 475.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 492 Q
-F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 504 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-21-g2118cc3)72 817.889 Q(December 4, 2022)83.583 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 6
+%%Page: 1 11
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -584,15 +944,15 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm1x-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .191
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1(wa)2.691
-G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E F0(back)
-2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69 F .49
--.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)2.5 E
-F0(.)A .236
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .19(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.69 E F0 -.1
+(wa)2.69 G 2.69(se).1 G .19(ncrypted with)-2.69 F F2(tzpfms)2.69 E F0
+(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .191(will unseal the k)2.69 F
+.491 -.15(ey a)-.1 H .191(nd load).15 F(it into)108 165.6 Q F3(dataset)
+2.5 E F0(.)A .236
 (The user is \214rst prompted for the SRK passphrase, set when taking o)
-108 182.4 R .236(wnership, if not "well-kno)-.25 F .236(wn" \(all)-.25 F
+108 182.4 R .236(wnership, if not "well-kno)-.25 F .235(wn" \(all)-.25 F
 (zeroes\); then for the additional passphrase, set when creating the k)
 108 194.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E
 (as set.)-.1 E(See)108 211.2 Q/F4 10/Courier@0 SF(zfs-tpm1x-change-key)
@@ -600,14 +960,14 @@ F0(.)A .236
 <ad6e>109.666 240 Q F0 3.208(Do a no-op/dry run, can be used e)131 240 R
 -.15(ve)-.25 G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F
 3.508 -.15(ey i)-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)
-8.207 E -.25(va)-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131
+8.208 E -.25(va)-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131
 252 Q F0 -.55('s)C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 268.8 Q
 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108
-280.8 Q F0 .045(By def)133 292.8 R .045(ault, passphrases are prompted \
-for and read in on the standard output and input streams.)-.1 F(If)5.046
-E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.596(is set and nonempty)
-4.096 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
-F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
+280.8 Q F0 .046(By def)133 292.8 R .045(ault, passphrases are prompted \
+for and read in on the standard output and input streams.)-.1 F(If)5.045
+E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.595(is set and nonempty)
+4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
+F4(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 316.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 333.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -620,23 +980,23 @@ F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
 381.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 393.6 Q F0("ag)160 393.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 410.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 410.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 422.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM1.X back-end con\214guration)72 439.2 R .625(TPM selection)87 451.2
-R F0(The)108 463.2 Q F2(tzpfms)2.729 E F0 .229
-(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 475.2 Q
-(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 492 R(rouSerS)
--.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-504 S(ing one of the earlier ones with, for e).1 E
+R F0(The)108 463.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
+2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
+2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
+F(the)2.729 E(en)108 475.2 Q(vironment v)-.4 E(ariable)-.25 E F4
+(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
+(The T)108 492 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
+(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
+(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
+2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 504 S
+(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 520.8 R F0(The T)108 532.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -651,11 +1011,11 @@ F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
 F1<83>128 638.4 Q F0(EvModder)7.5 E F1(REPOR)72 655.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 667.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 684 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 696 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-21-g2118cc3)72 817.889 Q(December 4, 2022)83.583 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 7
+%%Page: 1 12
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -664,112 +1024,112 @@ BP
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5
 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666
-(]...)C([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)
-A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])
-A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.676 -.8(To n)108 165.6
-T(ormalise).8 E F3(dataset)2.576 E F0(,)A F2(zfs-tpm-list)2.576 E F0
-.076(will open its encryption root in its stead.)2.576 F F2
-(zfs-tpm-list)5.077 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5
-E(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G
-(ncryption roots; use)-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0
-(\(8\) for that.)A(First, a connection is made to the TPM, which)108
-194.4 Q F4(must)2.5 E F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3
-(dataset)3.055 E F0 -.1(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555
-(viously encrypted with)-.25 F F2(tzpfms)3.055 E F0 .555(and the)3.055 F
-F1(TPM2)3.055 E F0 .554(back-end w)3.054 F .554(as used, the pre)-.1 F
-(vious)-.25 E -.1(ke)108 223.2 S 3.059(yw)-.05 G .559
-(ill be freed from the TPM.)-3.059 F .56
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0
+1.666(]...)C([)234 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A
+F2(,)A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A
+F0(]])A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 4.32 -.8(To n)108
+165.6 T(ormalise).8 E F3(dataset)5.22 E F0(,)A F2(zfs-fido2-add-backup)
+5.22 E F0 2.719(will open its encryption root in its stead.)5.22 F F2
+(zfs-fido2-add-backup)108 177.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 189.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 206.4 Q F4(must)2.5 E
+F0(be TPM-2.0-compatible.)2.5 E(If)108 223.2 Q F3(dataset)3.055 E F0 -.1
+(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555(viously encrypted with)-.25 F
+F2(tzpfms)3.055 E F0 .555(and the)3.055 F F1(TPM2)3.055 E F0 .554
+(back-end w)3.054 F .554(as used, the pre)-.1 F(vious)-.25 E -.1(ke)108
+235.2 S 3.059(yw)-.05 G .559(ill be freed from the TPM.)-3.059 F .56
 (Otherwise, or in case of an error)5.56 F 3.06(,d)-.4 G .56
 (ata required for manual interv)-3.06 F(en-)-.15 E
-(tion will be written to the standard error stream.)108 235.2 Q(Ne)108
-252 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
+(tion will be written to the standard error stream.)108 247.2 Q(Ne)108
+264 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
 -.15(ey i)-.1 H 2.794(sg).15 G .294
 (enerated on the TPM, optionally back)-2.794 F .294(ed up \(see)-.1 F F1
 (OPTIONS)2.794 E F0 .294(\), and sealed)B .588
-(to a persistent object on the TPM under the o)108 264 R .589
+(to a persistent object on the TPM under the o)108 276 R .589
 (wner hierarch)-.25 F .589(y; if there is a passphrase set on the o)-.05
-F(wner)-.25 E(hierarch)108 276 Q 1.603 -.65(y, t)-.05 H .302
+F(wner)-.25 E(hierarch)108 288 Q 1.603 -.65(y, t)-.05 H .302
 (he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .302
 (ys prompted for an optional passphrase to protect).1 F
-(the sealed object with.)108 288 Q(The follo)108 304.8 Q
+(the sealed object with.)108 300 Q(The follo)108 316.8 Q
 (wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
-316.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
-128 328.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
-(persistent-object-ID)A F0([)139 340.8 Q F2(;)A F3(algorithm)A F2(:)A F3
+328.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
+128 340.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
+(persistent-object-ID)A F0([)139 352.8 Q F2(;)A F3(algorithm)A F2(:)A F3
 (PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3
 (algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
-1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.263
+1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 369.6 Q F0 1.263
 (identi\214es this dataset for w)3.763 F 1.264(ork with)-.1 F F1(TPM2)
 3.764 E F0(-back-ended)A F2(tzpfms)3.764 E F0 1.264(tools \(namely)3.764
-F F5(zfs-tpm2-change-key)108 369.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
+F F5(zfs-tpm2-change-key)108 381.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
 2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0(\(8\)\).)A F5
-(tzpfms.key)108 386.4 Q F0 1.509(is an inte)4.009 F 1.509
+(tzpfms.key)108 398.4 Q F0 1.509(is an inte)4.009 F 1.509
 (ger representing the sealed object, optionally follo)-.15 F 1.509
 (wed by a semicolon and)-.25 F .822(PCR list as speci\214ed with)108
-398.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
+410.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
 (tpm-tools)3.322 E F0 .823(-toolchain-compatible; if needed, it can)B
-.866(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
+.866(be passed to)108 422.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
 (${tzpfms.key)6.866 E F2(%%)A F5(;)A/F6 10/Symbol SF(*)A F5(})A F0(with)
 3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.365("o)
-C(r)-3.365 E F2<ad70>109.666 422.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
+C(r)-3.365 E F2<ad70>109.666 434.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
 F2(#)A F6(*)A F5(;})A F0 .727(", as the case may be, or equi)B -.25(va)
 -.25 G .728(lent, for back-up \(see).25 F F1(OPTIONS)3.228 E F0(\).)A
-.448(If you ha)108 434.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
+.448(If you ha)108 446.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
 .748 -.15(ey y)-.1 H .448(ou can access with that or equi).15 F -.25(va)
 -.25 G .447(lent tool and set both of these properties, it).25 F
-(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.005
+(will funxion seamlessly)108 458.4 Q(.)-.65 E(Finally)108 475.2 Q 12.005
 (,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25 G 9.505(lent of).25 F F2
 9.505(zfs change-key)12.005 F<ad6f>17.172 E F5(keylocation=prompt)15.506
-E F2<ad6f>17.172 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.107 E F0
+E F2<ad6f>17.172 E F5(keyformat=raw)108 487.2 Q F3(dataset)6.107 E F0
 .107(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G
 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
 (rror occurred, best ef)-2.606 F .106(fort is made)-.25 F .289(to clean\
  up the persistent object and properties, or to issue a note for manual\
- interv)108 487.2 R .29(ention into the stan-)-.15 F(dard error stream.)
-108 499.2 Q 2.625<418c>108 516 S .125(nal v)-2.625 F .125
+ interv)108 499.2 R .29(ention into the stan-)-.15 F(dard error stream.)
+108 511.2 Q 2.625<418c>108 528 S .125(nal v)-2.625 F .125
 (eri\214cation should be made by running)-.15 F F2 1.79
 (zfs-tpm2-load-key \255n)2.624 F F3(dataset)6.124 E F0 5.124(.I)C 2.624
 (ft)-5.124 G .124(hat com-)-2.624 F .506(mand succeeds, all is well, b)
-108 528 R .506(ut otherwise the dataset can be manually rolled back to \
-a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 540 Q F3(dataset)
+108 540 R .506(ut otherwise the dataset can be manually rolled back to \
+a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 552 Q F3(dataset)
 11.539 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
 -8.039 F 5.539(ails to w)-.1 F(ork,)-.1 E F2 5.539(zfs change-key)8.039
-F<ad6f>13.204 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
+F<ad6f>13.204 E F5(keyformat=passphrase)108 564 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm2-clear-key)108 568.8 Q F3(dataset)6.029 E F0 .029
+F2(zfs-tpm2-clear-key)108 580.8 Q F3(dataset)6.029 E F0 .029
 (can be used to free the TPM persistent object and go back to us-)2.529
-F(ing a passphrase.)108 580.8 Q F1(OPTIONS)72 597.6 Q F2<ad62>109.666
-609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .353 -.15(ve a b)-.2 H .052
+F(ing a passphrase.)108 592.8 Q F1(OPTIONS)72 609.6 Q F2<ad62>109.666
+621.6 Q F3(backup-file)6 E F0(Sa)203 621.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
 E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
-F .693(This back-up)203 621.6 R F4(must)3.193 E F0 .694
+F .693(This back-up)203 633.6 R F4(must)3.193 E F0 .694
 (be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
 (-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 633.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 645.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 662.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
+(nt,).15 E(the k)203 645.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 657.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 674.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
 A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3(algorithm)
 A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C 1.666(]...)
--1.666 G 1.425(Bind the k)203 674.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
+-1.666 G 1.425(Bind the k)203 686.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
 G 1.425(pace- or comma-separated)-3.925 F F3(PCR)3.924 E F0 3.924(sw)C
-1.424(ithin their corresponding)-3.924 F(hashing)203 686.4 Q F3
+1.424(ithin their corresponding)-3.924 F(hashing)203 698.4 Q F3
 (algorithm)2.523 E F0 2.523<8a69>2.523 G 2.523(ft)-2.523 G(he)-2.523 E
 2.523(yc)-.15 G .023(hange, the wrapping k)-2.523 F .323 -.15(ey w)-.1 H
-.024(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
+.024(ill not be able to be).15 F 2.5(unsealed. There)203 710.4 R(are)2.5
 E F1(24)2.5 E F0(PCRs, numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0(].)
-A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
+A F3(algorithm)203 727.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
 5.468(fc)-5.468 G(ase-insensiti)-5.468 E 3.268 -.15(ve ")-.25 H F1(sha1)
 .15 E F0 2.968(", ")B F1(sha256)A F0 2.968(", ")B F1(sha384)A F0(",)A(")
-203 727.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
+203 739.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
 (sm3-256)A F0 4.983(", ")B F1(sha3_256)A F0 4.983(", ")B F1(sha3-256)A
-F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 739.2 Q F1(sha3-384)A F0
+F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 751.2 Q F1(sha3-384)A F0
 (", ")A F1(sha3_512)A F0(", or ")A F1(sha3-512)A F0
 (", and must be supported by the TPM.)A(tzpfms 0.3.4-21-g2118cc3)72
 817.889 Q(February 28, 2024)83.578 E(1)183.837 E 0 Cg EP
-%%Page: 2 8
+%%Page: 2 13
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -847,7 +1207,7 @@ E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 669.6 Q
 (able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-21-g2118cc3)72 817.889 Q
 (February 28, 2024)83.578 E(2)183.837 E 0 Cg EP
-%%Page: 1 9
+%%Page: 1 14
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -857,8 +1217,8 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-clear-key)108 96 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G
 (rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
 (ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q F2
-(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
-(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
+(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5
+E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
 (dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2
 (tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 5
 (1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)-.25 G 5.641
@@ -928,7 +1288,7 @@ F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 710.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-21-g2118cc3)72 817.889 Q(December 4, 2022)83.583 E
 (1)183.842 E 0 Cg EP
-%%Page: 1 10
+%%Page: 1 15
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -937,23 +1297,23 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .864
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1(wa)3.364
-G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E F0(back)
-3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865(nseals the k)-3.365
-F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F(into)108 165.6 Q F3
-(dataset)2.5 E F0(.)A(The user is prompted for the additional passphras\
-e, set when creating the k)108 182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5
-(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4 10/Courier@0 SF
-(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
-(OPTIONS)72 216 Q F2<ad6e>109.666 228 Q F0 3.208
-(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25 G 5.708(ni).15
-G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708(sa)
-.15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G 3.207
-(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)C F2<ad6e>
-4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)-.3 F
-(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .864(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1
+(wa)3.364 G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E
+F0(back)3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865
+(nseals the k)-3.365 F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F
+(into)108 165.6 Q F3(dataset)2.5 E F0(.)A(The user is prompted for the \
+additional passphrase, set when creating the k)108 182.4 Q -.15(ey)-.1 G
+2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4
+10/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(OPTIONS)72 216 Q F2<ad6e>109.666
+228 Q F0 3.208(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25
+G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)
+-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)
+-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)
+C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
 (By def)133 280.8 R .045(ault, passphrases are prompted for and read in\
  on the standard output and input streams.)-.1 F(If)5.046 E F4
 (TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.596(is set and nonempty)4.096
diff --git a/zfs-fido2-add-backup.8 b/zfs-fido2-add-backup.8
new file mode 100644
index 0000000..08a80cb
--- /dev/null
+++ b/zfs-fido2-add-backup.8
@@ -0,0 +1,125 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-ADD-BACKUP 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-add-backup
+.Nd allow another FIDO2 device to unlock ZFS dataset
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After
+.Xr zfs-fido2-change-key 8
+derives the key for a dataset from a FIDO2 device,
+.Nm
+may be executed to extend this to any number of additional devices.
+.Pp
+First, the wrapping key is extracted as normally during
+.Xr zfs-fido2-load-key 8 ,
+then a credential is made as-if during
+.Xr zfs-fido2-change-key 8
+(except the "primary" device and all the ones holding backups are excluded from the search);
+however, the
+.Ql hmac-secret
+is instead used as a symmetric AES-256-GCM
+.Pq Xr EVP_CIPHER-AES 7ssl
+key to encrypt the wrapping key directly with a random IV.
+.Pp
+This turns the
+.Li xyz.nabijaczleweli:tzpfms.key
+variable into
+.br
+.Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns Ar backup-salt Ns Cm :\:\& Ns Ar backup-credential-ID Ns Cm :\:\& Ns Ar backup-credential-public-key Ns Cm :\:\& Ns Ar IV Ns Cm :\:\& Ns Ar encrypted-key Oc Ns …
+.Pp
+.Li tzpfms.key
+is actually a dot-separated list of device bundles.
+The first one is as-described in
+.Xr zfs-fido2-change-key 8 .
+Subsequent ones also include (identically-encoded) IVs and encrypted blobs.
+.Pp
+.Xr zfs-fido2-load-key 8
+shops assertions around devices in a device-major order \(em
+depending on device numbering, a backup may be loaded even if the primary device is present.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-add-backup.8.html b/zfs-fido2-add-backup.8.html
new file mode 100644
index 0000000..e6d3444
--- /dev/null
+++ b/zfs-fido2-add-backup.8.html
@@ -0,0 +1,153 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-ADD-BACKUP(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-add-backup</code> &#x2014;
+    <span class="Nd">allow another FIDO2 device to unlock ZFS dataset</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-add-backup</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    derives the key for a dataset from a FIDO2 device,
+    <code class="Nm">zfs-fido2-add-backup</code> may be executed to extend this
+    to any number of additional devices.</p>
+<p class="Pp">First, the wrapping key is extracted as normally during
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    then a credential is made as-if during
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    (except the &quot;primary&quot; device and all the ones holding backups are
+    excluded from the search); however, the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; is instead used as a
+    symmetric AES-256-GCM
+    (<a class="Xr" href="https://manpages.debian.org/bookworm/EVP_CIPHER-AES.7ssl">EVP_CIPHER-AES(7ssl)</a>)
+    key to encrypt the wrapping key directly with a random IV.</p>
+<p class="Pp">This turns the
+    <code class="Li">xyz.nabijaczleweli:tzpfms.key</code> variable into
+  <br/>
+  <var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code><var class="Ar">backup-salt</var><code class="Cm">:</code><var class="Ar">backup-credential-ID</var><code class="Cm">:</code><var class="Ar">backup-credential-public-key</var><code class="Cm">:</code><var class="Ar">IV</var><code class="Cm">:</code><var class="Ar">encrypted-key</var>]&#x2026;</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is actually a dot-separated
+    list of device bundles. The first one is as-described in
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>.
+    Subsequent ones also include (identically-encoded) IVs and encrypted
+  blobs.</p>
+<p class="Pp"><a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>
+    shops assertions around devices in a device-major order &#x2014; depending
+    on device numbering, a backup may be loaded even if the primary device is
+    present.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-change-key.8 b/zfs-fido2-change-key.8
new file mode 100644
index 0000000..6bd3f57
--- /dev/null
+++ b/zfs-fido2-change-key.8
@@ -0,0 +1,186 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CHANGE-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-change-key
+.Nd change ZFS dataset key to one authenticated by a FIDO2 device
+.Sh SYNOPSIS
+.Nm
+.Op Fl b Ar backup-file
+.Ar dataset
+.
+.Sh DESCRIPTION
+To normalise the
+.Ar dataset ,
+.Nm
+will open its encryption root in its stead.
+.Nm
+will
+.Em never
+create or destroy encryption roots; use
+.Xr zfs-change-key 8
+for that.
+.Pp
+First, a connection is made to the FIDO2 device, which
+.Em must
+support the
+.Ql hmac-secret
+extension.
+.Pp
+If
+.Ar dataset
+was previously encrypted with
+.Nm fzifdso
+and the
+.Sy FIDO2
+back-end was used, the metadata will be silently cleared.
+Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
+.Pp
+Next, a new credential of type ES256 is generated on the device (with relying party ID
+.Li fzifdso
+and name equal to the dataset name)
+with the
+.Ql hmac-secret
+extension requested; the device PIN, if any, is prompted for here.
+This mimicks a WebAuthn registration step.
+.Pp
+Then, the credential is asserted with a 32-byte random salt,
+which hashes it with device-private data, and thus generates the wrapping key
+.Pq which is optionally backed up Pq see Sx OPTIONS .
+This mimicks a WebAuthn login step.
+.Pp
+The following properties are set on
+.Ar dataset :
+.Bl -bullet -compact -offset 4n -width "@"
+.It
+.Li xyz.nabijaczleweli:tzpfms.backend Ns = Ns Sy FIDO2
+.It
+.Li xyz.nabijaczleweli:tzpfms.key Ns = Ns Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns … Oc Ns …
+.El
+.Pp
+.Li tzpfms.backend
+identifies this dataset for work with
+.Sy FIDO2 Ns -back-ended
+.Nm tzpfms
+tools
+.Pq i.e. Nm fzifdso Xr zfs-fido2-change-key 8 , Xr zfs-fido2-load-key 8 , Xr zfs-fido2-add-backup 8 , and Xr zfs-fido2-clear-key 8 .
+.Pp
+.Li tzpfms.key
+is a colon-separated tuple of unpadded URL-safe base64 blobs;
+the first one is the random salt;
+the second represents the ID of created credential,
+and the third \(en its public key.
+There exists no other user-land tool for deciphering this; perhaps there should be.
+.\"" TODO: make an LD_PRELOADable for extracting the key maybe?
+.Pp
+Finally, the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=raw Ar dataset
+is performed with the new key.
+If an error occurred, best effort is made to clean up the properties,
+or to issue a note for manual intervention into the standard error stream.
+.Pp
+A final verification should be made by running
+.Nm zfs-fido2-load-key Fl n Ar dataset .
+If that command succeeds, all is well,
+but otherwise the dataset can be manually rolled back to a passphrase with
+.Nm zfs-fido2-clear-key Ar dataset
+.Pq or, if that fails to work, Nm zfs Cm change-key Fl o Li keyformat=passphrase Ar dataset ,
+and you are hereby asked to report a bug, please.
+.Pp
+.Nm zfs-fido2-clear-key Ar dataset
+can be used to clear the properties and go back to using a passphrase.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl b Ar backup-file"
+.It Fl b Ar backup-file
+Save a back-up of the key to
+.Ar backup-file ,
+which must not exist beforehand.
+This back-up
+.Em must
+be stored securely, off-site.
+In case of a catastrophic event, the key can be loaded by running
+.Dl Nm zfs Cm load-key Ar dataset Li < Ar backup-file
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-change-key.8.html b/zfs-fido2-change-key.8.html
new file mode 100644
index 0000000..68ea232
--- /dev/null
+++ b/zfs-fido2-change-key.8.html
@@ -0,0 +1,206 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CHANGE-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-change-key</code> &#x2014;
+    <span class="Nd">change ZFS dataset key to one authenticated by a FIDO2
+    device</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-change-key</code></td>
+    <td>[<code class="Fl">-b</code> <var class="Ar">backup-file</var>]
+      <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">To normalise the <var class="Ar">dataset</var>,
+    <code class="Nm">zfs-fido2-change-key</code> will open its encryption root
+    in its stead. <code class="Nm">zfs-fido2-change-key</code> will
+    <a class="permalink" href="#never"><i class="Em" id="never">never</i></a>
+    create or destroy encryption roots; use
+    <a class="Xr" href="https://manpages.debian.org/bookworm/zfs-change-key.8">zfs-change-key(8)</a>
+    for that.</p>
+<p class="Pp">First, a connection is made to the FIDO2 device, which
+    <i class="Em">must</i> support the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension.</p>
+<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
+    <code class="Nm">fzifdso</code> and the <b class="Sy">FIDO2</b> back-end was
+    used, the metadata will be silently cleared. Otherwise, or in case of an
+    error, data required for manual intervention will be written to the standard
+    error stream.</p>
+<p class="Pp">Next, a new credential of type ES256 is generated on the device
+    (with relying party ID <code class="Li">fzifdso</code> and name equal to the
+    dataset name) with the &#x2018;<code class="Li">hmac-secret</code>&#x2019;
+    extension requested; the device PIN, if any, is prompted for here. This
+    mimicks a WebAuthn registration step.</p>
+<p class="Pp">Then, the credential is asserted with a 32-byte random salt, which
+    hashes it with device-private data, and thus generates the wrapping key
+    (which is optionally backed up (see
+    <a class="Sx" href="#OPTIONS">OPTIONS</a>)). This mimicks a WebAuthn login
+    step.</p>
+<p class="Pp">The following properties are set on
+  <var class="Ar">dataset</var>:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li id="xyz.nabijaczleweli:tzpfms.backend"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.backend"><code class="Li">xyz.nabijaczleweli:tzpfms.backend</code></a>=<b class="Sy">FIDO2</b></li>
+  <li id="xyz.nabijaczleweli:tzpfms.key"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.key"><code class="Li">xyz.nabijaczleweli:tzpfms.key</code></a>=<var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code>&#x2026;]&#x2026;</li>
+</ul>
+<p class="Pp"><code class="Li">tzpfms.backend</code> identifies this dataset for
+    work with <b class="Sy">FIDO2</b>-back-ended <code class="Nm">tzpfms</code>
+    tools (i.e. <code class="Nm">fzifdso</code>
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-add-backup.8.html">zfs-fido2-add-backup(8)</a>,
+    and
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>).</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is a colon-separated tuple of
+    unpadded URL-safe base64 blobs; the first one is the random salt; the second
+    represents the ID of created credential, and the third &#x2013; its public
+    key. There exists no other user-land tool for deciphering this; perhaps
+    there should be.</p>
+<p class="Pp">Finally, the equivalent of <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=raw</code> <var class="Ar">dataset</var> is
+    performed with the new key. If an error occurred, best effort is made to
+    clean up the properties, or to issue a note for manual intervention into the
+    standard error stream.</p>
+<p class="Pp">A final verification should be made by running
+    <code class="Nm">zfs-fido2-load-key</code> <code class="Fl">-n</code>
+    <var class="Ar">dataset</var>. If that command succeeds, all is well, but
+    otherwise the dataset can be manually rolled back to a passphrase with
+    <code class="Nm">zfs-fido2-clear-key</code> <var class="Ar">dataset</var>
+    (or, if that fails to work, <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=passphrase</code> <var class="Ar">dataset</var>),
+    and you are hereby asked to report a bug, please.</p>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code>
+    <var class="Ar">dataset</var> can be used to clear the properties and go
+    back to using a passphrase.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="b"><a class="permalink" href="#b"><code class="Fl">-b</code></a>
+    <var class="Ar">backup-file</var></dt>
+  <dd>Save a back-up of the key to <var class="Ar">backup-file</var>, which must
+      not exist beforehand. This back-up <i class="Em">must</i> be stored
+      securely, off-site. In case of a catastrophic event, the key can be loaded
+      by running
+    <div class="Bd Bd-indent"><code class="Li"><code class="Nm">zfs</code>
+      <code class="Cm">load-key</code> <var class="Ar">dataset</var>
+      <code class="Li">&lt;</code>
+      <var class="Ar">backup-file</var></code></div>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-clear-key.8 b/zfs-fido2-clear-key.8
new file mode 100644
index 0000000..dd2a76c
--- /dev/null
+++ b/zfs-fido2-clear-key.8
@@ -0,0 +1,113 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CLEAR-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-clear-key
+.Nd rewrap ZFS dataset key in passsword and clear tzpfms FIDO2 metadata
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 :
+.Bl -enum -compact -offset 2n -width 2n
+.It
+performs the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=passphrase Ar dataset ,
+.It
+removes the
+.Li xyz.nabijaczleweli:tzpfms.\& Ns Brq Li backend , key
+properties from
+.Ar dataset .
+.El
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-clear-key.8.html b/zfs-fido2-clear-key.8.html
new file mode 100644
index 0000000..46e553e
--- /dev/null
+++ b/zfs-fido2-clear-key.8.html
@@ -0,0 +1,143 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CLEAR-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code> &#x2014;
+    <span class="Nd">rewrap ZFS dataset key in passsword and clear tzpfms FIDO2
+    metadata</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-clear-key</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>:</p>
+<ol class="Bl-enum Bd-indent Bl-compact">
+  <li>performs the equivalent of <code class="Nm">zfs</code>
+      <code class="Cm">change-key</code> <code class="Fl">-o</code>
+      <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+      <code class="Li">keyformat=passphrase</code>
+      <var class="Ar">dataset</var>,</li>
+  <li>removes the
+      <code class="Li">xyz.nabijaczleweli:tzpfms.</code>{<code class="Li">backend</code>,
+      <code class="Li">key</code>} properties from
+      <var class="Ar">dataset</var>.</li>
+</ol>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-load-key.8 b/zfs-fido2-load-key.8
new file mode 100644
index 0000000..247ca04
--- /dev/null
+++ b/zfs-fido2-load-key.8
@@ -0,0 +1,98 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-LOAD-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-load-key
+.Nd load FIDO2-encrypted ZFS dataset key
+.Sh SYNOPSIS
+.Nm
+.Op Fl n
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 ,
+asserts the preserved challenge, HMACking the salt with the on-device secret, and loads the resulting key into
+.Ar dataset .
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl n"
+.It Fl n
+Do a no-op/dry run, can be used even if the key is already loaded.
+Equivalent to
+.Nm zfs Cm load-key Ns 's
+.Fl n
+option.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-load-key.8.html b/zfs-fido2-load-key.8.html
new file mode 100644
index 0000000..ffc6446
--- /dev/null
+++ b/zfs-fido2-load-key.8.html
@@ -0,0 +1,117 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-LOAD-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-load-key</code> &#x2014;
+    <span class="Nd">load FIDO2-encrypted ZFS dataset key</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-load-key</code></td>
+    <td>[<code class="Fl">-n</code>] <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>,
+    asserts the preserved challenge, HMACking the salt with the on-device
+    secret, and loads the resulting key into <var class="Ar">dataset</var>.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+  <dd>Do a no-op/dry run, can be used even if the key is already loaded.
+      Equivalent to <code class="Nm">zfs</code>
+      <code class="Cm">load-key</code>'s <code class="Fl">-n</code> option.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>