From fc6c86b6a7181ad5a4c0fdcfdbbaf68355e3538e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1=20autouploader?=
 <nabijaczleweli/autouploader@nabijaczleweli.xyz>
Date: Sun, 3 Mar 2024 13:12:03 +0000
Subject: [PATCH] Manpage update by job 1160990

---
 tzpfms.pdf                  | Bin 65713 -> 81300 bytes
 tzpfms.ps                   | 890 +++++++++++++++++++++++++-----------
 zfs-fido2-add-backup.8      | 125 +++++
 zfs-fido2-add-backup.8.html | 153 +++++++
 zfs-fido2-change-key.8      | 186 ++++++++
 zfs-fido2-change-key.8.html | 206 +++++++++
 zfs-fido2-clear-key.8       | 113 +++++
 zfs-fido2-clear-key.8.html  | 143 ++++++
 zfs-fido2-load-key.8        |  98 ++++
 zfs-fido2-load-key.8.html   | 117 +++++
 10 files changed, 1766 insertions(+), 265 deletions(-)
 create mode 100644 zfs-fido2-add-backup.8
 create mode 100644 zfs-fido2-add-backup.8.html
 create mode 100644 zfs-fido2-change-key.8
 create mode 100644 zfs-fido2-change-key.8.html
 create mode 100644 zfs-fido2-clear-key.8
 create mode 100644 zfs-fido2-clear-key.8.html
 create mode 100644 zfs-fido2-load-key.8
 create mode 100644 zfs-fido2-load-key.8.html

diff --git a/tzpfms.pdf b/tzpfms.pdf
index 1b61e7aa72c277198aa3f8cf5967ef5e885b8bb4..e2c9e50bac586b1374089b644fbcf4452bc4516c 100644
GIT binary patch
delta 59000
zcmZUaQ+OER+OFfqR%6???WD1j#<r7*Z8Ub$*tYG)wr!`o|K5B3C+leD`i|!4o%^}p
z=c@~VNPdT?g#!grwAP*0B~Yt6&uD+^ma(*wM>7R=Je!(EHK%CStDAH-B{b_2aiOCG
zfCNR6y}53ye5HJjT;}xcNYJ>AmpRE9nt8P=<_c`SWNRj)!2M+dMlwmGHt;|F1`leA
zUTL@Dm+uRctO<d%n%ISj=$EXQeEFdGNlwY(8hi7j^?RTpZiA1Xm(@V=s0TkC({+?j
z0M_Pg4U-|0F)n(Z^JTLC+vINrWT>-%0qO=D7J!e%@9Xev3EGa*q?wksuJ1V=LuvZL
zEG~*F>PqYuHP_*6Pv1?*7Bh4T?oix4T-GyBu|@PuOP2uE)HOL#kU5iE;E?!l=xSBn
zluE39mM#z$(;yetmoQ2G`*LiVQL)1pZ~W3NH;P(-tIe!ZYyA7;oMw{aYk#VmWp$$I
z^pr&#8<w(<fxS2431s-bqSdls!4+3r=%%A(#xo`>T&MYIhk%4HZh8r!=1D6q=|n{n
zRk#bTRwRsjndxiuZTw)MDtB1}Tio?rlgW2AWon>&3^)>e%mxc6AP&m(WQ(Vq{_=gj
zwQ>`{Z3FRns#+gde+uwE4?4u%Y_kKgcNxi%H@B~zsX00(WL(Vr`sypGkU^i4u11s>
z;-8rdzmkhuR(7MD^sd9T8)+@xf>iX34bBC7Q9+jm$NOz~p_IDLBZUM;__pw9<AV*B
zH~{p{Vb_F8?FqYwju$o&JqK-qs^pupe&%d;Qo5NeUJdOY8Ui()L<xwLS{ScTU#lb_
zXz2ArW>vc&A^XZq^1KgJKd0S;A3zexpQ7a(N#TSCXU!Q9TsLyXyb}Ui?4nz%2T^ya
zDR!!v4!UnuBjEkCDapSGOi_Q!OAv{4{Q?x-w2sf0if{|J=!j76FaqGn)Dq2msd$L{
zg}m~MoHWq5prI=V2tFn>a(pw<O<m#5pzk!r)@>6vWBM_<7MucyTQFUHCBx{Ixi8)k
ze$Mq;8fm#z`#&J+@h;%rm<5%ThZ{f0s3y`eawun9jn*^t2BPeIchKMQ^7dD}w*Wjr
zu6_*%h_!X<KzT&K)uC&ph?RBb*n$s$9&&mZ3QdhOgpW{Y!!k|CsfQuJ5`njk{Plv`
zVoP_o20>&}*kH~vuB$Qu(YJ{*LBr_4!j_1}{n?8x?CjX6G$f~@2eAX1Iu_zdA>&Go
zs20>z88dc3v!;7|iu$v{Uq7)F83Diq4+}uB><U&IUFgS`MZvgzbGvh|pT=OK&s>Xz
zdfR9EhFz#2xr6kU-;fIJ4`CXwETsDe4I?5s;7dPz8@4z3ICn0Oo>}Z~p)N}4jhx)O
zI3%)-H;`_kG+IbrCL7Wmp4<^rh6km5vxx{%U7>C(rbfohojomg<#p7-i3K1x)M;TZ
z(EFaAmQ>8xPuFZI*2rtJHCB>O=?pMVJh*{Dw{DZ_Pnhz|3jc&WNb4js$vfvzYrGfR
zl4VAQtOD=QF>$Q3u6>kq3d2)!z1cBs;SR?&2kwiI9U-aT(^RcdsqNc|n+BG$<%bwR
z%0Vjb715xI;c5-3)KyF#c7f3}S;WeyO0gf5jPD9=pUve0m))~;+GIWAx2dXpk!+r7
zzN^(7<hH1Ykh7XGFZvx{#AkJ^=Zp0u5twBlX{xWKrI{Ob)Ntzs$`Y3Bm@;0e8ih?6
zH9T9)GcyuVpF8hZ_UGamgJGlMJwB|MObg9bzYtDYC8;EskaVZ+bAUR9-!Yp`C0lzl
zc55m-4H}!<CO-Ritk*hz;I%O`e}`f76U7@bAYU-?n1p`dR{vF!(P4U=jif0oxe2|w
zP)-r`UAJe6{E@87@`DH=k8G(PHE?T;mZ;rURZNq7zNoTx<s23%MRX}3WW3m4If~uA
zZ}Tu#BAfmPGN?&4*CGJ<=8tzdjc}-A0Jp&t1W#3WMlb#yYYc2!t{&wueOB6Nrirnj
zThu2oCi|txM4eIQ)*GSj7Yo{*ToSc|$~_GxN2!x3;_p#ZNV+U3kHHf%w7_4Yn_vR`
ze^tj5saV7>=u~l^%0?|n<S;F}sZLMq!h(k;MBDodez7QO+&cl;KgH=~mGj^S_A-Kw
zO-pg=D2K3h!3NeA+z2Ccj@@<cnwv8-PdJr2Jwd^;KS1G{^UxDIoWCO_y$9&>6s<yG
zPa<G2v6LYhtuo`4Cq}WsVqSl<Qwnua!xJ-Jr>Y>SK0HyHG=tfIL$|WPrCroJ<v|J7
zhTO>evVVvkrgH}POmTK>biz^hq(-K`yW@$s@`U|P&7H29!<@A?TK~y827~zS;mO>U
zg_eHJfcIx_ovTYg(DzdqYaeld;Y_&&{PttHq6MpAMx&%*b@Bate)Zx0{WPrN^bvWq
zlh!&fY;m>b)~eof*U)aK8E4r^H75EDeee-8uTBqZwv!6jY=TT7cWmwNhVoa*;{kOz
zNJllm_`t@HO<Z1Vu0EiZ4*jd4esd-vyc}xtq{Hmcy(YWZ8@iSIIb_X3nfJ@iB5x(E
zDzbkGj(&`Yy6;1eR8FKOz24u=kmqS+Y_Lvbwz^rF-wk?~=!cJ;dnPR>1<_B?6!GkY
zFfyD?aIz3!X03V8B*BDopJkaTT3$J6KlCu;gOT8IVV0<!9;gsOV%RIql!$=Xwaje%
zW{68t;IRp}SBIGl+ll#zS2l4BbbwMf5DH+h9oWHNX&328S*!9zSiz7QLONKjBVTZM
z>Lu2c{drMo1mj37CzJBY^Umi=juhoOqm(6#U4I6qE*>-LN8%kwXWhuD>!p`W4+~*>
zc81j3Q6SZCRF@H>Yjp54%j@fdBL9qu5_&Dp#Y4eIM8XKb*xGF@;@0XK|5Z!6#+Pdw
zl#cpCxC$MIAc~_A!lbc6p`OP59hpw~*#^R59+o`a3&sPRsd!j!Q;$oA1VM07j-TLp
z80iG4@f$%x1pix+BW!xfHNoY8c%3{O_woI{Bmz$-Kf)_EK^)g&bHSbj<Af9;@pTbW
zi?X1XqH<&aPiX@-eRHo@wHFzCRiN+U`-La=%#z`IZ6D`wR3&aTf47jus21c$i9>Qk
z-(a99jP<d1+<Ld{rybjxXi3&SKgG_LIF2ds{FC?lAkE3jx#Y1HZ(&CSOA@YfqO@$%
zndvqcm3k*<&LxiG33z91cKvua=QQzYGWel*g{vw;{h9x!8Hf|M{Wfkb({?H{4`I<K
z3zq4UTr9s2DU>pdHNCCwA|df>ELP*Qj|iv-ZBl3OrpljaWFkIADa16WLMt4oh3hxK
zYWOn&>Cpu)S}h`GA61D;+9manJe-aMTz_eWbHXUaLV~@^hADx#pWz#w9+OK4{XE=w
z`(k}CJlwAlwv;4J8P!)OrRCsVe;HKhfncr368|=w7ldI`hM-1h*Ye9d(Fo#sr0~{B
zR`x3u&R!Sc)s9g(DQq5`Rj1JX8HP$A`$B16l5J~{nIP}zTu)DGD`85s0@E(qlA}(U
z-Vy4sNXc#eGfG6DJ!T_??1sn}bjoJk6*u8bdBX9Rp*JjfhddhF`Tgp{BjdFMei*L<
zjXx?jG>sUAd&rUTEk-b7Y5GvG4y@`U{>fkmuM0AISpWlyI4HA{tF2-m<R>C<A{S$x
zztnP{f7Px6_e;pP&P~VMfvU&JrTBYMY>mxdtl0ZJ*=U+F+c~Dy-e}yy5mzwNj>;At
z=&B65Xe*=^ht8)-!?KhieoC+ym!E>SE*>jUzrDs6WK7603n;#y47&IVnP8X7=E0Bf
zo_wc|?-&ZT3~sT;h1>Y%9YcQvq*yT@h<P$aI`8=Bhi`M<4udG`FYOSVvYpm+aj`JD
z_FC}Ruo9ana{L(~olu5psvZAH4XUaIC7`FV*zDu#RFC)ldN(!C9^1Z%o5@nz{gEWX
z8Rs}N=_o6y>!C^4i^<zuW1jQ4gmCoZ^Yn10VK~$f`|^qwzVe60xb*cpkgWK+a}L6E
zx6iZePg>C)pUm2B99~Fy?tK-GC|U+H^sRt!*;2I=2T%@tf7PS^dmX;@NR1p>@wn<i
z|9;edYKDUGY@)t6LB{y^?hSXpq;#<0S$ks}JOmfHi9g;q3<C-4)v2r}u!+|6Z-wQN
zm)D~*dj#U;@S%L|@p0-k5dP6><((Xsv-OhdUdUYqQvvR?rP4BNnZoF-jfvJ`S$o>f
z^O~P2KF%TNfDay)NLj%+W~FuXv)OVaTM#}hjnYcy0SWIW*#Y{3-!lRs<@%PGq^)?@
zaRb*BY`d}0Jw9rH(Tl4D*HHe-d&hgLzJ-)c<<gx;G$DVW_J`9mz+YIE(<)zaTT*Qa
zWgL0K)W-+q>pbdJTy{%PM?v9SH-Zq|VywKtCAqW9yeo8bL)H7V#F@5X#UuDe`SB{)
z@n-C8YG>l?;$&)M3;XZQ-q;G3gNTXff1a!?Y;6BIW9I(<hkSgDa;A3XE*3;AOhimc
z1)L;6v6g(&`Y=k@bxoRRIs9*E=pg%*TO-?=J^7+Vv(&l?{kDG*NVlH^6bB@=pqiV!
zxToN6+A?ce-$=Epx(bgJiGTX()pCu&^T)Jq7;Ea63vk@Qn!1_$={I~>Q~6H2U1yJJ
zK4WM6W>hEegV7n&n@+)(QhL?c9n)bX&ZimR%Fz-O>}kq1@OvI_==uEmIIF>W+Gh0g
zvL&xEzj#_`H0IR#a64+t-+vWY(yE-UOw~%?jCzB69fVmW5xhqmIksHun(Zu-WZ>U<
zVRCHq@^48TP3kZ^BwnwNyOQ5tuil?Sow55fjlK?72R3c=p0IIp*11j93o|c9cpC^1
z@OA8VzAx-6;I$Dnv{4#(wAfv^)|K<|Zkrr-)ozE+_vQq=^Swz|z2$apGdQU<WYfwg
zp2thuq%>)fYCrvE4Vqv_6L1JQr@D?pv;OwpAIZexS6S{S=nUJonym)=3x6$!YMo?8
zyUut5Z6eKuLMI{}i>Er1Vo5Y1YLyX)>WS%0dr`>h$4E#T^|b@qy<C00J$Y}xXML>b
zty-BfHhfGO)ol5VE4n9zfKkemYUn%~t@1xTmhf0v>De@5><<-|dhe%>l@Rajw7<Pi
zU!P@zTKJ4S7X)-|>uvaXJ9~Du`nWENQ+@x|)v^I@{PTO6_|UijUfKR|-5Mrfbg5r<
zrq@i5(}$dTDhwW00t%evdCm8p=S)*xMb&~DEq@N=3;8rnoVX<LZPu;WX*FSy)2@X^
zu+%8NH<!w&Yp6}YKC-e1=x`^2ujnK5be{u=cptqH{dv5swpBUaP`aab)%YR~IRP}f
z1Y%1;rM!bryAH-z*6!Y;B|?C9@-o=0xf;SCr!9R$$b2`=Hb|_H=sua;MQ5+$JQ02+
z=J?_;qGh*nn1m$rLhKE<y9gs5x3L`2XIYZrC}O0_GM9D7nD(g=u06KWmex#EyXCRe
zUMG!g!bB1}!n!FfNI8id!XI4fl;8llYi?e<NT2!FNv;)eSQ3QR&3qs|4<Y!3GL$iM
zz|Uau5~OwQfJh<>p48S&%Z?K))?RXhLuzqw*5AY0CnxYt<r299!xa2H8SP_5eB;}y
zXIsvJ!dX#uu0R5B<EMxF&H|iV20p9TL`km69}+iT0`_;}Hn5t_>!t^xi{RR|c@z9^
zk=2BeXR|hnJl;YbBL%>w+#m9o(WW=#bN3;yMb#wT66Z6ojFgJ4+l*$PZDE!Zag&`9
z*%!Z_!R#Uh9mD+n=#I#@hEU|r4B3MVvCLIelIBz>u3TxeW$7-dMRX_nB(^&AN>I2|
zdYh>hk_t$vKExkL@vv1Insow!Cr8QNhOu}kMvEDy<Y=yXWgoy}wm+ssf5-u{{O-Nl
zwR>9&BDAf3)HV_%M^Z%n50ZQ;9c97M4T%_OQhX{JU$ru(<Usk}k+q_nYs1kx25lmR
zW2O22ZLKa9${|3Qgcn9Uq!%k5!}uvg49*<^EKsU$P$#{hSV^2WhU}vY-F1{~-jN8c
zS3=(+zNvt9fDC9Y=f8yPXbrKa8oL&!w$d6-cyJj{+3=^VOCtM32}BHTGpwN(A;4?q
z$2jC)H+S_mPTiKTPX%9tx>Y1)CQ7{{i2RcuaGog6F9D|HPc~*li5&<*$^%%{i7NIw
z+^NP{2LJdqvUNNwm0>k6I8NrCAw%Y%1U`61dnurpiU!;*JsvJ*VL&LQfL9lSjgaC^
z5S_7cuJ?k&+~CF%xtbHJzPGQ9O;U!FAVH9ao@+-TB)Hbm-f<!z-|f>WU`R$CatGt!
zI}Y=%bu)r=$g%KEce)?s$HQlH=?g8DHBNa?8a`H9id9K}^M1+c;>!nFg4SvJDc@|{
zVcg51)c~L%$h3R8i-$jzMdIcr8eI75S(H_|@by>kzQrSCO-nw|2MK7Dg|XmzNXMbm
zEXeGlRp5KsaQ-RynSJ>jyi&(?RC;TPj8pm^@oS`}N|_a9n1Zm?>vUR$Vn8^ha(flC
zQaqST6heq80x}i<NwW;)2Qxg(9+`xHcVfoP6AGZw5ehBjzd5Hrqd$Wup`0pC;V%|J
zLD>M07s`T$f%HblWMlfdVvTmiYqw20%Fgp(Q}HfR7=k%(j|c%_2(Dz;lG5*&7Dy6~
zV-?=rPLB+7!&RtTH9n2d1%>4G`eo_*b||KQ56vG{cW4j?UHX1;d7AyhY+|p44rsxU
ztOMw~ZMH9$JBIV6V1{_XKP^@s&TsvQ!DdD07R1*{%MreEo%v85_z;K9u^aIRM3uJW
z*QX3G=<kcG1AUFxLmMAQaCYMaB#tqWV({qd1?gJEzchoL6tB5#$7j(Iv?<j<vZ*46
z`S9iyaX#FC?Q^jbh%2NGFEKt4O6#5_=>z2VRKH{G^G*dY&LEPntTOp2-PEqo|1>@)
za>TE-Pa>Za92#*ao8|thtMIPn1egD<j23V6oJ4H}Wi@`8v#Ko}u{dZ%ym+VSoX2L7
zNRkCV$Edp440?zj>#?Bl%6!MllEuw1$#0@Jb2}MIh^q-NT4fvGHSAN52kVeHcnTCA
zHmfyz88Zh(Q(}pF9v~j?nj=7ONPZ$0B})Wp;k0vj*|1v9QYwrE?NSSm&N~;dyXS!H
z6{e8H(KuV3DHeE{(X^k8G^@e1fyI!MYkRNQ7jN(<duv7+e0kpY+toJ-Em}gLy0lgO
ziculCo?8g8hfJY-6SQighmpOufCWlMFalkvHMT{`)k=$+R+bBdB}&y8dI~?){&wJ$
zLYykSLM1}sJa5;RX&f+>wfaek8#J`vNtPl8Y<Y?~OdD(Fp$18-2+C3K`gboxb%k_V
z@)#*N*IN`6j7O?1h$sOnGhC-d{yI<UIryHWNj~Iv#&M~o!6@K9LrOy&tAIX_|JllK
z9vcnhm&o8*fr);_ar}&Bwd`+!+njCp&79zRRWR<b1j@TxQntJaVzUA5^?)v#a!qi&
z+&6=|eQR6!j#5mpTC;t!qm$qQP5V2eaR?^x?K9X=`(`zU#r<WOXa%=Js=s_kggOXq
zQA^BM&RB5OmM)8adgde2V}LYRSjU<&p)%Btc#9(bRmOsFuZ0o4Cd{vP$4FIw6?E8n
zPeRH><izr8M0TOJHwUoUiMjFxjkh;3_a&Z8&)HX_z4^2;RXVn$faBNCwx1yitC;GZ
zex=rDIjI)3X_^xWvS(gP8AoKBy1%VU(H8!A1UkA%ifNO>D6({F7y<Q`!}|r6h=E>X
z<rs<&9bS09*L2?=lRjy)$s9J6czSt&I6j9CVOL|H02*w!E`h`l{?gDvS^A>Y_fBgm
z7yYua`Mbe0Q7sa<CKEO$a1K;{63_xZ#X@ftt(7n*p4;MxoSa-lWk^#L1s-8iKDGF<
z;ac3ayl1AaOQIH(31Afdi$iPOwXyr-&#di5@i>}i(>lsMTNodfamb6mBvn6h7}3Jv
zq_Y|sVpT!aPtHB|3^K{I;vOo$6Mn03hm6reSd~0hmt*;c?FA1lo`l$&JvojW=y@fM
z0t!C0+mXc@char6K*|lS8-2N-MGLB9<yU{G!rK$lIOE;#jRDL*7!WLwh?lI8{Y<C0
zd3iy|x)V$FBToF=<FF_An%>FVA=J?Hb9fNS9QalPWtMmdp=)R|Mg2xzT{9$g0SzTr
zkpibQ{O8I`u4lp7<v|yjr6;raviB15E5^BNGT707<dWkN5}X9hXQ5XH(#;Txq*!K2
z0kTouyR{Mp0suiOV@qA6Ac!0RR7+CwF*vFy<T)kaEI;3=VogoumifA7(yNCj33HZ^
zrcxPc(;c@yfyw$4$z5o6vYQ&CWwlhbDE2$-ixFoT1`CPV$u*J%vNCLkwUmV~GTYSt
zPO9Ul@Yv1!udVCuSuD5e@7IpbdYpAIYP<)QFO5bPEr6&!%RLL}pM3|m%OM{xy8{Aw
zK8te2!=SP;R5i*(eP|vPVWMnxSU--E1bZIrKVoIu@)^C(vWFpKkO&C2?-0IwV4yU#
zx6#{$stA;pP8;fM{UJ{LvmPo_JDxP=H_X`6oO+|3IMVbCsmww5O}8QtFh^&aF4jhj
z9n{*pwScUazJ<Su`qj)&iFrfIA_cgU0e6|Erx%z*daaV%H^<4BwE~-tgjCrqP67n&
zxLa^N-1N+(KHuvT)Ybcud4iOBRqn-<>gui}M3y4v&AeyheTM3=og|II&%;>1k5tK`
z`#P748nyXdjJu&lq*P88_zmfp#Z4hlx2|?CPr$LsP;m4N-1Mi@98XUh-`}I5q00jc
zj<qDVi+57%+xy4+)RrFo-0dxW0C4v6zCC}&VytGgqbS8w_0YheInPAPfPtYv8o_t*
zw9A9=bj$0roUyl3;=p+@tN%8k?y^1?a}tAGfp|%<=C4mJ^OpL@B&JB3&=WnA7R0$_
z5!j}paFHJooR=dYi>)YwEN4JyI-=kgp`@O3-g_xgU@ewm4}u(+)om}>_}0sk^8Um{
z_1uj%sEs|pmz}4vOf5v_O;sO(U;13vHr<p%A9c6d2-Ye=?e_D^Y(U^3i5VW}clTL~
z8mDoniegYiuY?Esxo6#@l2BPBeDcaSM<CYFrDavc*)^5d5Xv>R<)tAbO<|xkutc_B
z!bX|K^j^P|B@%vWN4IQ7kFi#v<7~F}S%-L&A<8ztW@Wtqlio5k;KKRws2&w5mNuH(
z-nmXAsXDreJs1Pyu)gOH*V>CXpJ)DV+bDP8*dp2GL9H-&T<io@_jC%ERH#5!DB#v@
zzDeljH0_V~qEeCSmqT)EJo`o|fS>M`-%%Y>^?+@vqy@@0K7Dlsrb+T1rP3u9GooVS
z%6(#UYavl)RQhtyW$vp*1R#txB%(pKW|Fm>M%!+a=9s#{hs}0XTEQ+(#<a0!h9wt8
zJnGV&i>l|QrB0`Zt?Vg_ynffwmEzemc6>tmcx8+NAO7)QY4(3&>i>(g9Nb+0iL)&1
z{~c#JlJYpofE0Bd`*jZVVf{ziaAP6z-U9KntrGT_%wpR$IyYvUF{W8m+p+}l)a3o5
z8t==vEn@Q3`lM!D)WL9Z0>9%9yffB2CgGf~Q-Ow*!~EjMRgxo}1z!_d7nX)$jk+)6
z=GwI(h#~Z$vbZGlDRp(BTEbV0=B5il1I5kdf0m;Zct2ZCy`G`CS|20ibaUFzI}NgW
z8Bh1EFU2xGdsj05rSk+?v6?t>d<26yN7wKH@lGb+0eL1Oc=rGfhKm;0h-9dSs_aZt
z!C5J?&8KrsXpm5Q-bXGSjRvywmcYGhzE-`${=J3L<M&IE4J-r7hcLHw+8#prY9#5L
z-w16tu;&^y*#E)X(J3T8MxLa_Y!UIsOwo9LV$^*tC1~GsXxb%aO|5<&dTc>_z-)sf
zj*a7%A1iz*81uH~r|ujUx^i#4y(J)8ETK*V(W8XH3=#J?qw6%k7~NYs!-cB(oWB`l
z#QS@i%DIThJ1H3(@w$p5TaBjgd$>OAFp+l_(8uXmUp(Jm#6fEv)M%4~)CWoZ8=RJn
z*MXWsIpZlB>^9Q8V44?9zEHjor}0a`juWP?ro&x27>$&N!qFyJ&>n-{qY3KMxle7g
zjqMLD3oTSGg+5aCF1UjuGI@u<wd`UZt`61@r7DpP;%vTW)52LyJhKb}gJOJX%fNj$
z;6xS;htP2)T_Q*xeg)SYV*H3)XGw(JG&Fk03S8Y-C`zCM(+QH<@;l4akGP%Ww=UJH
zZKHjOQ(Hr<E*j`sEKmG-3C!%)a;Iauj-iuIy`q7YbCWaOb@I_2WF&90aG~w;1_S;D
zPBP>uwyPlG9N5r^+yl7?FB2R~-dRUbpwfnc3<9bJqPU|r9y@GKUp=spie+{xTnMLg
zBH+8j)bgQ3{crT9YS0BY7v1%wwc8)?9HdWr)H)kqwaTMEC&EgnkXu=GJ<_0fFVpB&
zJNM4G$OGbFU=sD@*eZJzDJcnO5Q}5`!BzT_nF1ujmw(fgkH0SKDka~yiFPfi0-5CH
zgHB~IR>4Mc?1o?z&V$7e2&&*N)i(*p8z#M}zE&4<(1_BEU)`G>Eb|c+9!vAh-?H{V
zz%VZ4LVn`3tN@H2F)Uo#*2^-lY9efRcDi$U^qutMl|ohx`az8{HRthHD~0-j14W!t
zb;jv%uc@6)>_z=))<PuFC^(PvK;Sk~q6~s&O&Cs-60Sb&3B0ROZ!GTc&M2E@W+}vk
zD-u+y?5+SY0e5u56`~nZs=S6IhH=+YTcU9x8a1+@kSrKiUdQ?c?-$#kwT=J?t56*A
z)Xk%mB$yHsg*M}QGWc(q2+_V1l)LXl+p97rxR*9)ND%jp78y-m%ml}hzz!+W)dit{
z3oU4p>TcLn=Oo1Rpw&h;s~@_7holEf*Zjm-#eM4aEPVA#%RHi}Q)x5dBSK$yGkL&@
zU*ljJqNwSB*cN61C!V%V(RXf1`ri(R7y1I->xC3H!Q(g#gi3<zs&d_2XK_Nn?H9w}
zV~ft`5`Xm6q0?Lay8+)MU@>b<hs~D5lX~Ir7GT?BBxB%3`SFA)(TY&c&$0>#Il2?y
zWla>`7kV(6Ra2xARzH9Vf>d>i)|nq)&&)=6;uvK}`0mD;&kvC5tz@4Zcg$_RH=?xl
z%J2}wW264&V92;tWa6Drq<dEp4h74iFfz3FRExzj7#Byp<;vgy=vUl-@vm4caT+W|
zrMwjfzU%c7E3JFlkqg8=dY{fFESz65ue~#cc+SVE<LYBg42bnbjRh>r>HV$Sy%QEE
z{9%tZ;D!z5kOXD<l9o=;ga-8%8P%gGzi!2A_2A9AVUQ5Y+?v7j6o1@G_8>|$<u`Tg
zG+<~l=Mqc>@8OXw_tK7*nW2)D{)qeW0ms!MQvBZo{Xc$^nT?s_e+T-1`$<-&|2NPz
zZSDUxG$eY?H0UD1@)3_BC)}Z^9NY@Y?0!m`m+?1F6Kf{WMzM?2keP~eZ<M^djT)Q+
zo#}cE+ZPXz9LQl4o4!Zs>E>oH0sm9c05X96%|R0PBqTJ7+{B|?4@m~~q*Zx;B=yV)
zuk?go3gLrUCX$NH!G_XH9uwCr0K2DCH-nMUptEV}dTVmVev<G=u!ptZ{YO2YTGNWW
zMvsEcL}BxOFLQ;7vF>fwcEnw}Za#t55E^9>VpPFV$Qf)ZovvXmb7Pve12|4=b7%7L
zx10n<y_j`*p>WDcyMkfl`6m$^F!=e~L;mICO@0QDXptC)Shxn<;fyK{pfJFGb<m{Q
zXLtTL3#X;Zidhzne#Y}&FfZO&NI-j|X&mH@65&UWifED<Ypw*mhg#I$N}th!sd__i
zX-G-nBKdaV6xl9&jhOsZ=6o6-y+i4_X2RA1TjpRy5x7Hd*)`-;@oRU7YWJLj?M-<(
z8PPhZRU;e^op?HO4y70>AathqK2=Tf=er4|m7R=*Td&2+TxcssLzQAL2E{D$_~YTs
zvOU(s#9_Ga>vWn&4%t!0$a9$QeRJXW7Ut5*ClMkm7s?>68?WW=G{&BeHr+~wZT$+)
zAW1A8i~B0a?lN&{g5Q&@V(E4YmVTU{%V+OjkKOX0ORl~kCnZKUK&u_x!>IQv$ky}6
zQ@D%^K|PUQ6KymfgW|h3*+JUUI*KVlQRFs7^4;`kvyy?IHBsDrxJ1HbSm<cdFok^D
z{#@RK!s-5;mU_dJt|x!+O$?iB4m_5`n0|6*fht!g^g|&tL_f;cVCq>F(cS<tK3N2s
zQVD|fen5+jSaOImaKZtXK5DIEGn|hWz<E*HAvN|b7$u^GuLq6Cwa=98&(=$oMeME1
z7jLVYH$=0E_~d!xXwPQqkexxCooOCcEQa4H+dPbj)i-_IMF%35fph!kc(-@kv6T65
z%9nx|^R`r$Hs*=Em^`9ywlXqxv`}84c8dr6&_ke)%3BHAK!>EQnmY>g^i3mUv#}f+
z9s+LWVO)tK+wu8>1_3ZWsBCiTj1le<p6$8T2*gc0mmMLKqJ!VNM_*kAO+txk9#`kP
zc2zvS{yjB8j&@j|A|6irvjw)-q988Lv2&N;E;sT-wKk{G&d4i`YWOB>@HUtxM~A2<
zeWsQryzyiM)Me5oYyaDf!yAcnNeji#!zYuVsOkRpj@ISD90Eb@y(G>s`0L_H3imCD
z2BXP!=-Jn^Z~eUD^)d2;Y<{&+9SiH2GxZqD{%FE+MRXq7Q=b-o_$+m3qT=v<=+&vs
z!`Hbxs|Vl*8q&7mFYDL&>Pip2WWpI03@4!2X<gERpEv)2F@eF8re9WA)h=)~5wcXR
zcn3z>S>*tt_;>j(aTt#}-q~mVubLw6FSW%R8Ymjrd^C|KR($!?Ov%-a%D?OlX}Bu1
zckC7VMVj)ofhqX;2jUDMJuVHj+aV{x9U_d-O-{MRKb9l&?06-7lP%QXMQM>&+IM9d
zqAMW*Y9ww?saI$LD#uxxB4(YESDVUwd0k<`9op>b=7SawRWK#&HR#fmKV10;A-%X5
z$_^9gZ}g=c0k`oKM6Y~XPg(9z3jWgxl#zZI@%Fv%-Dg}HKnJ_JVyhxIf|b9^mAXlM
zEyPQ3k-U^1NXd=Pfl_Cg>1ws(8b(;8&vY<g@~#B)9oJG1g^Jvg`V4J1CD2e7<jsk%
z8%d+_$R~QJ+b*%1f%rI2n5Zo+kVkX!F{Thkakdv>gE|h1{fVEPH(tBhj3=2dmrCog
znA55wFjNMle}cMNEY@}d-_2il_{(|oSEI7k1e0aZ11<-w<R&tMj8VC9aC#CJGTS(y
zuxf^kSQq?M(&hz|3}H+=pHf^0xu@9j@3V^OM_B7mTh^5gD*c&u2v4B4pfH+(u6Lp5
z`dWHG07Rm`OK4^HG45>`l~QvOG~Pw3(ZAK08YY>MiK(~E%l@m#Q*u#{mYaQ7JhA~f
zmvED$z1?wNHlVzU;N9%qc6$S`c>BN$d#FTLNNI=xhGcDYw@scnhs%zw8rRi(@>52m
zz6++*C^Mwj^7onR5w7nqG#7*CxX)2subZlUjR-kMsFvD-=RwZ-_9ropdg~xnI4*@5
z%9DC1Sn)2ALY5X?hmS-RIlZ=_1kvouD{9mhTwp1*sX>j3u*!#1!KeGUOawq*^lCF(
z(}@w>#_S)z&op&*Ps$&ifekDq1`pq{f4{4B{+JRXRHkdc;yr7ewYE2QW3qG4NO7NM
zt(>CnnTRS^_({^Gj~|Rvi7XP!{p(SsUo1U5E1<x5D*g=el=KJu5p0DT>?uxGT7%rQ
zY;q|q)FGt}Ww3;Tio+248(A5kmZvWdedJ5%4X;A_=hTfRM+PxHkZ4#fAy=9=88nT>
zKcyxLHPLLte}#+s`FCISywVTyKu$=7Eb*_`D<zrBgcv;?L%SGH0oMbffxO0K*p_)t
zbSITt<pULH0y3-@_5oYx61i6%v_-BTx?wD(YqsS?mCuYvSc2U+JS)!tRFQ~bAgpl8
z=wTU|>~d~?T+o*(e~A8%qtD$~lc7y~REQ9(+05{I2*T1e3CW=J?@uMiSmhC6`UTm7
zyv~Gwup1cA>V8*&;~5R$w(DhLtaSH(%~Xv_!)p{?C({b1#uLFvsq6IZ?(B1fpz7m4
zc{|vKT*sWp+4gmQZ%i5hVn-+}gjQpQw`y6Rg=K8;P4|8>>Ubx?kRYJ{(LTUfDxknR
zS$N3HM@VBKru7KKEKRfy3$Q7Hk`8VTcr%Qvi7jg$@{7|_6G2Eu2*x%vWq|0sf+ZZB
zhqjNogXjd|mP)5w^*Ru@>H3!OI~z(A6n&!{n|;tG9M3zSqcl<z-~cUW3M#NW_cGwm
zok~RU*e;kR4B%wR@}%+Nshn@kbF9l`f1V^DuYnwR{L$8-JK5902Z*ZI%+vsy9N7K&
zH61f_wTkHwo7z3Mb??-s{xpOwA&8vy+{r2q5)=|IzP)d(93)07E+Vg>*CS!ksWT(<
zC@WYliyu9t(#tJ?KP~1u)_&Io(({zNwf<I;sjt+Zg13ox`<QFb5YuasjqM<R+?^&#
z;U`KZK3xoHlJU9EAnr%AZjXxJBB{*-QEpFXcW)SN@f8A1qy~f^`xS>bGH7mLty{1y
zvGeUxu-Yj<vZ&IrzPsqmbf0yTNUg%~FZa&CG)$GaBnf!|(Tx&{@WUDdGf1qDue;aZ
z7hYf){yDc9hXPn1bL@oX;(`6j=PsCoVXGu4o?(|XmDx=AKzRZi!PwR!cd|*<%P;}*
z5C+^yIeb=}#|7);XZNx>1MQ-nF$nO4K6_R@BdZnCr3I6meNf9`**XR!JhBPI8E7Ks
zk{4<i1m-j;KCAAG4{*OPB*YRi(Eox-*8kW67It>_|G*?G>wnn+R<{3z$$bvgVc*9Z
zqDU}WLOSiDt>=02j;-qT&KF~Y01h4WXz>v%lQG)4Td$t2mI9#o?`>!i)!f>}CI(FW
zpwB;!%<(i!iyIw)@Vu+|Y}<<Ad*FKGB02l9@TGY@duYYh6?OQnVoJ)Mg6cPwf^Sxl
zMH4Q!V2@7w^^v_jQ0DE*tN+OnDI#aIPJ<gl9Lq;o6-#=&SM@${QG%p!XB7RbMB*lU
zLk0}VySv7nce&CeuG5cPg9>rZivJGnB8knGlWo~)EC~)GnvB5m@+Hkfb=BxF0K)=0
z0s{S;a@6=R36>txO@GRKN8{r>0$-pd4#{%dLPTcNmV<v8kV^q|C&wUn4Q&~x61Wdt
z+ZtSskjoj<G1d^-E<VKa9Fa?RT{()1B=E=mOTY7?xCAd)C*Cb4_57_7i!bS_AR1=L
zAs|OPRjPC@l#A(hvAHXtrW@<042VN8T9fVT{M4l}w*ewwkdn_S`UJ~!KvgcHcUQ-K
z*q`a#_dan@Kw*BAmHV>+FUJPU&ob`yQY0L0`(AEG$Ne#98Y>a`Vt&-==+fr($gW#+
z%HDqZ^5F_u4y-`B9i>xZhDMYc@rN;(#&PBkeE~$|SK_BG#F`MP(7${=@u5^q%lPRV
z2NjAYvCxR*rrNRh0`Cwd%*-Y2HiXV~_`z&}EU;4uz}~%IgEiFF@2*d8Ni&-)5gdzT
zuFlEfp33f){u9xgHwfzbY|!TF$2EDhr9vnQ%A>~UDw;{}5=#$y9I|G-OKU`cFD_s!
zClxFhzN)3t0RwUQTaW2f%jxaIZD4AgPvDk;L3FW2Jd^7dpRmG02m)<zWYk*)&1Q65
z*}?Z1Ap6({0r#c-$T(0lomeXz=UXoqx`_T=k$h(TZ68ce4CTk~(LP107B!-19z7ay
z_Pk-O-JGPR!r(D1_2gT$NNJl?;^WKW{5H0JOGbWQ6p;%e4hfwLl{=fm*}aZ3t3jn<
z$O*V`@8L|>>}zrT6c0@~<{?W%;&wIDhY*HAfGg6=7JG>my5Ra7PFNf@dhOs{GZ?bz
zq58X}dajZ$6{W?L%tP;7KB(r0?odDWh|<#9t$7pnp5|5)K{4_v8w`BQgb&^@fdaH6
zhlr^fdGxq8f_y*G^D&QffQqoOQYgJl(%m#BD4wJ7pEagTq#VK$QO>B0hKnNX5mt<C
zfT~a5gpRu*E^MQb=+ZK<P+(}LD*!!dOV*NT3Ce?7X{4Kh928xNl2ZtMsuo*Y1J5nJ
z9v2k^`Wt;2_-lFHnuIwx4cYBLO}WSH81Tr_<^$VVo8skmzyG0d3O}m9d>=uQ>hkz>
z<mJ{NB3K^m@9;3pcy)x8s?l(mr@Ju=3|L~jiR@MS>34SMf3>%2GGJX_GyG~W*q*7z
zZ0G<r>VTG32-fyxP*kGEElZac^7;2Gk(<q7pYqcYwd4$6R9Py|R<Tg~na9TRPQ@r3
z-zWp~62JJp9MKp+wvyE!-^KyeaYs=1c|=oMQ+PVg%-1pdtZ5SmGt|dPFAXgNVy(7_
zxY?zsOx2uvYhI8`yW$;dQ-U3h%dHcG-bAeBd?fLz&h8wMf3TV#h!ewokHq0WwgC~8
zbCfHU-h3ctED?S3!k-}BOwFW!bLO|OV162i1#JgQ4u!JhI>C$o#eA9}Jd9#~UX{`b
zLk0?^^6T`*T0~#?sZfae@7eV;Fnt#Ca9WgaRhZauI7AToExcqj01OPGI{3PLK`$0+
z+EN1_=RvYhtubX1l+)=XLTQk@u>{RHCR7Lm<fm?v92~>-#%tq|_nb_7sqmaBBW?b3
zfHbPu^jwHyQ4nserMB(@4M8#{d%}{FYrn;!takLg9i62pjF2Y(FWNFiAbVs0F`o9S
z$4)Xlr&x8ai1f6@L};W{ezV|+fvfhXh`NFnsAXerdoJrv;)5XLBSk#wj=FMF!Qva(
z2Wt)VpXT#@2wNLZg_+P3?P0=x1jl(bUOE<7RPf-do%x#HTu>>gj$jLlo5V{)sJYzR
zzzOW{iItek7Mb@Mi|1930AgP6kzFhw|3mFNamK{t8rVJL4prjo1;{%ic(;4E<?HTH
zxATXDil|LM(@m8p!~{z!ePgmQ<0;M`NBc0gD+4o3UfS>RKM{9*sWe~N2BnEKq#5<M
zp$vw`2u5%yTs8G+irPF(gW&R>b!tS7+-1|I<-}U7zAExgTtHF^0pp25EwwKHb$LUp
z_$_xm*rO25<?)Zoi-t%}(|3m$V|LoX8y9wjb(D>M%x@9qcW>185N~-hodF%N{I6m+
zA7sA+WHZ~>fkflExWAS)Ax7pAvmVIGKhFj{NGN-<_<yO9-m$A_*(3H+QcIzVP+M2l
z%JiqOB)pkN(s+le0E|?GYQ~^0Q3}+mRtKV;R0|Wxq?>(tpJbbZ8{^W5W!Pwn))=K4
zvVDK19iihuGcufb)fh3tXoQjXe+M$F2r?Cc*PDRQdY4+w#TqO@hzJjhSc9BW#vB?y
znfW<}s9!VM`Dr%GB*E(oEZr;TY6tAC?@5d5I1)9C*oI^b0Dedovqws_v#YOpnd8hg
z-W+`EMRlRNX&X-}Y9{+&u*>liqJ3w}11J+gZA}`%0Fs4KrI59b%{Jmp;$Kg@W^cns
zH0?;yUm8;e0>HJ;42~90>c=UJ6iD2K*$v`nj}o7OhSu<Tz~`u+^yU<1i&s6o11Ctj
zNzD=GcD`&A@IQ9#Xb<ph;p05*KNYKPiO<7@t+UrxEGZbL*;x3=oigrDy%l-7E%Oxr
zcX%lm?h{qMznA-tB-c*hIJ2@W^z)A#eypp~<#Np{fS!kjfE~~=Qgfh+Dfy6<u)z9I
zOR!(|O%bawXx8P9wY|?|FV|6i^Bj<FoorVY5by!e$mvl*xidT7MzI(6Yw<O|tSuTV
zT0a><(6NPjBR&{^mSEdH#B;hypM)W^9peL~Nbm#+Z0SU>L6~&pP7<;B1=Sf<5`Tkh
z{(}6HQ)m2d9Af+b<io<k#`M29#Q7f_g8Sd{A1l}Y<)JCf|9kz(_gF)&SjE&r7TXBw
zxs#fs<w7hGKS3vj?lO#+2_0o$1UwJB{0UC?3*+xkFDPt7kVI{*)vC?AAX~6`-}d*1
zQvx3mOo~xdV6CUn#yG!YtOO>Zr{JlEN>p%~604>A#i%=jjS=nO$3Ykeq6pgz#SPMO
z!<-K%!2I?4oX!on+v<0vPi^D&y|c2dYp~BuAN44f9vWM%JNOYOMqB@C;MMPrSFDXX
znj1u{mG7_h&2Ptyqr3I*?dv6(3W_(JDExyv(LyKwO<;(7zF!rus}(`#gu)dZ&mWk7
zDhkS+*a`q2?H3ZxjQobx65J?B-PdidY=TMy7<g!^nRSg#vXxmO{DY(I00W$#xtv{C
z2A@{aFQ$phRA%fI9x-QOQ#2Jy!`2jjR>&?ZFbKUJVc?d|PwP|b?hTv`D01PllC3g(
zff;nMQ{++qRvJ_5dgRoXObimCczB^X#jv-Jk8{|4Kkh#U3Zj%6gz4~<6ua)5@VxB-
z!Vhaa@F%{6vnS0Bf#yYSwZb&}vqxp!=12P0m3s$z#a+}g4o?EYkRym~Fxz)Ni_?go
zgeE#ls5`SQyajX;0V^xb^s>9U<kU6oP**WtOVCj~)mfWZryTox#3&~c7<cGo(RIJV
zyMOS5ijsa*oL(GWX1d>V+S`W;d5tpy(X=PSu#48Q>f#xg=I9o9T!Sm*ulQ@pL!qgz
z{j{nF;m68t+Y2xs4Rn$1Z@U)*ACxFz6??Vq@Q0NM5MSQK7%w4E18QAhTat^Qmn24c
zsB12-R8YzZd1{<+ynaNB!rUU)2(i~UO2~Y0>wc0LN`gG~mM}Htk>cyVdLDUzd(I{8
zY*m&rt9HXjY$oBW-yrc`V+}_}^#wKC!chKx0s%r_4<daU8+?9|UFu?Cnv~)`Cfe&h
z8<o|mF-=03An!MalMZ4&-0;~9_Bh#4g}0DfJ+KX!0KV$FadK8N;j&T7Z?&V`GBoHI
zuc;ljWBbZ%Ot#Q&K@9r-28)%zmbw*Jo9HwxR606TeU|NW`04%F59912oAf&)hCC2q
z!Jgqmly>8aTT2_~C1avX8-z}~ldWfg0S3$V5dk4%Z)~$*SSFgK&I8Y?bpiO973Zk{
zgfxr>33<?}>sMiKSg<_fMgK-J+Cj9FdQ|!-GZ2e3Ff5$~dxWn#pqCraq3CHiAwJ~I
zp%7%-3==nRLai!B&T>ICYT%+OMbHt-V}5D;6fJ+-a=2?q3?jLOy(53gAXkGVaTTD$
ztyEJtSm?xF4KDHRKqn#ZC`w!nf&8Z0k~#zOuF#OvHKvxnu%(=z2&_@~Q;x9^P*xsE
zQIS`GVpUjsV5r{VT@nGOH1{ILs}fXJ)LVowIaYeq@y)Qq%2Izhy!7VQqE)8H2RNP$
z+3(jg`f-*bNx6DxwU(%r?GejQJiEg4e%zsGuQ+WEc)7PDXr2FVXG%Um_9l6yCxR@D
ziL*Mw96mmn%ojimx39F47xB5^sy3!7x-GQAqW-os|3jcpAD0%`E;Oxy0KHg)#Y}ZF
z<H4l+^{X(=vJW?h?>ol#$qw5bOuD06ZmW`{e~ra4&>`Y{8SJNy-Tup`&s;Y;&_7_T
zX?WQc^`r54Kh|Ti6d~AVh-tpn7(s}NYIoaSv`z|RQ9%w}VtVc8v}iftX!+}F)C<*a
z4y%BD5D*5ymfkJ{BOOq})k{MhG0M~5(p`rV#ljH9aW=r?B(zTKE@qW2!wYP=xhUVF
zT<ATzFK1w+HtSOd5En<g@!P@NHK<_P14$OG>k2Q#4638*<$j$KT#k!;P`oLyWwld2
zM9C#Nt?p~Y2P^rb@^_1P&b73}XIKps9z+>}1gV%+#uoJex0qzx816U(g)<gylFSCe
zSnI|&Ww)dsY-48YjhM+aG>8;KrVOF1g$yi<M#UMDSVW68h2$d-WzFE-Dd*dL*(0g%
z#Vp$!YK_e<Mx!pePC*h-=E~_p8}Wga;oO7Tca_*~1(5dZRv$Zg{2nuN+V<k>EhEj`
zjoL6}!9!KR9<Dm9@Mr&gD=Lhs)QQiy^3*RPs(4GxLSu40G}K5tyhKt|Z<lE@bwlB$
zoBXxf(yE@EbB+}O(|w)P9EAN};JNv34lwj&jK=!nOqg1Ta#ZU0mOM1sPm;M_TJs!c
zf1%OUMTIkHo6LsqUFx`uC$8-3;R^SCC%MBDPqlvmx3CuQ^p+?iNtJ5rew-G17do4H
zO%g(38yAHo4r55CM4J~0E>Y_da`&z0(<p?>iZ;yP#a38L`3i>_3XdAEco2e&XY=?l
z8H(O>UNXFhnX7J1k%Ff<J_RQ%#NvoD?s=lwC)9|s<_&~_rFby;J;P9X60xGE3$IL4
z-`E%cyam_y>oYGB__CNn6#FnHfrXE)+)BG*`oBSs_+;(dJDEBVx-OgDML`%j78IH6
zU-2XQAknjt8DD@nZ*&SD>C#sRn2T2)AeH&$<@tGKRUR6-?(RQ6{QUFm6l-DMV5N~(
zrR2!(zVGhn&MVTd)91B;yUTMi`g)1L(ya@~E$Nv$O1%drXD3=}N?PVKJy~%(rxQ2j
zwlh-LSqX{mOMC3&s_ML#$iOZ=**VBA>DWZEtXIV1KYoF5LeI+YtoHgV$s_aKVjOt4
zZ4#Okf37s}<`6uj3@x4F!OTlK7j+AG#QiQUxe@Vckr^6gGXmj49y7w5i817E*X9MP
z`3z&a2P|&ef)EY`C4-L_uiG3`ZRj2u=18uU@dmF~|7O4Z9f_IsK_qj5*fV~01aI`d
zwMB;7x^9s4c*lBY{Deb&^mu>lYn3N_=J&8Tm^0xkt5vLZF6Y>`qQK5ffb<H)xV$fU
z!M5f>_ZF6Fzx12CVt{U@xkw{px*nCL(Y^K0N)Ip}Sc9vu9&8|IOmL1Z6%U9fs|Ek|
zBS?xz?l{R{XC@b}38nwPS%>R?S%--&DTq_J;U2~j44&;j@`r<&Dak-m7?{$QcmB6P
z>^j$wdqs7M@@EdZHgS%}v$~YGu_jliiAa_aK2Q>q1A_<2_*LUA`&x4#cy<1Laz`|g
zv#iVJ)i4v{-yLs*9>2|j?X+X3qq*Ft>%*(TpYD`B*$$7?)_=9HR#x{8UQOi)>6R$p
zjHZqI_7>celIh(j{SJO_m;+J!V+SSowC0Yt8Gm;=Jv`rz2%V4DU*kBF4$Q`@ug)c|
zen%N724l7NKi5qgyRvv@W2|OZb}MbS66??@ehfZ(W;7!$)SS}Bb?<mE-?o1BBW?J@
zHCe0U)zf=B*?Vo@>I%#9^~kLka*@bwK)7-F6>)euui2va_OmflOarG;$EjH@HLzF1
z36yD~@B0C9=WCWvykC7<cJ+G-Jl6-l*L?iXFmF;dZ}0W%h=`5ro@Y{4_&lgOrt<0&
zp<UK-eTx||*KPgIP0xq?)?V*>=td@=n!h&vmSDTIh_yD8Q*`U<4W}enT9pagoYnU_
z93#;r?FxQ%yxmT%M*$TY8l=nrng=zN_iEHxHcd`;4Tl{A`huTnyw#F$kaigoIm};i
z>rd9(omPQ`%R>@6ucZ@(rM@@E*4|%R92?GPDF0;S(2sT9&Q`qD96qDg>$mRXbbIqc
z$iiK(jTplnWYVL>T)pK>Q9%?KPJ<Zrq0}yZoxy05lW(=~>VO;Zhne5w-reHR-r_nZ
zeRE<ywH{MQrdVD7c!7zyx!ReRV`U2@(YoZgRjTd1Hfr*4C=`Pt_*YuK*}PD+t~nmA
z5%@UIwPGP$Jo_%?If>~e^R}H<TPoy4X2zJY*5-94UT@8Ky;0j2wr)z*MgnLow8--F
zM^B(bttvWH6)@G<^rf%a=%3o^ILglA7%An=7fx|)%KqtjJ0r}sk@h~k2_}bJibhYH
z&YqZpp)=NArkdltrojr?i-K*jA&bk4(yEVB)U_xg4+S2!U{EJ&TY#-i=Xe!Lg2!bn
z<(s`IJzIjK2ftL?v}zJ_R~tmhqm*;3wmGRe{L55%6ewmPt662x0aYwED*4W9cXw!Z
zAeS>(%{^!0UMe~Ik18WfA9b4I2Q~?_OxxDY<^4KR)`)iVS;+Vc^{XWR4_W6FU0Kv_
z+t^MjM#Z*m+qQRXXU9p!wr$(Cjf(B6*tzw$cK&l8&hva<bFT4?-ajsd1V?5d#F*Ip
z5E+<-r!CG&`hu!}Uojet{}q$|?K{S`_C=){hzX~dI!4%Ck=Eg>p8?^;b&oKM)JHmJ
z7OE?7X*|>=+9osZ{jrviXH4<k!eXRy%0QI37ugKX#fqlo2D#|>$hntUzZ~qoRJCh%
zsgaA~OHwrjSB(WtEboR{>|i^o%3xJZd2SY*Tc^#jZmBaSXw|@-c<>NI8;fX<bD2Uq
z9OuFQ5xqurtWgdQIoP7-ulRcBnZ}@rN*XsH%d7p*<U?_6P=wKeCiPR#mbOQ5j=Cd<
z@a#y^0{5~O2?Mr9?>aO@cDfk3upu504bTC_gw3D-zMZkYj`5}`oQPEA;;!5M``Rsw
zsRw=IXE}p~VS64*l+JIVLGaIX5Mq_8Pr)+jh4cYVxaH`jt*wM{+kZ`{vhsC>Sfx^c
z*Uw%~oQv4=#w0M+qcB_H1uS<13VWGkjl~ALZdnE0<cBl0`()bYGeUMhts-3->4Rk3
ziHFGwh!p;;8_(HOv?S9L;Bwt1i&&97YOFL=p%VU*we#MV+o$MnNZrt=b&V$}mr8JN
zhey9&oNcaK77W;o^t3Vzq|L-c2uNiHW?eUR?l{nZ5d=k!;l`(VyB#g(zJN`Ljh6JF
z5Ib5gcl7u{N!QG*9Z_$r9Jjq82(**LKnZo_x;{-~PmCRg?WOh<F{P<4U}lhtC_CJJ
zMjzW~<bUz=PF}BiY3`w_7?F&U&h7a_g!v__Q(tCPRDm_TY(1KRvaTMxZ!us4OF_6+
z$IhP{0nXa2W)+)+(gj6p(pCBBz&tE4!`Ng5$@$LB`&(tF#_Es#uOeNuw%59iyF-lw
zz1OtN7d<d+PiwVGJM$OscEd9Xl+yw5O&5qC8+$<JBjJW4CnmN+%D-<KSNm&)1tyoj
z?WeYww|qqB_?7Z_z_ah3Gy|G}eIlCsJyLly$^CO341rA2;&G|2x~X*$NP?h{Gf)+#
zxHyA#BD`fRmz3K!-6?Um-sE)G!-{6lp3N^WpA3M5^b1l=(%TTQ#Hn{%dO1fz^qx|>
zHg=Z$ad&5*?|wy8gxkQq3XOV3S$WrF%*+_&U>79yS_6Asiz-RXdnkQikwJo%Ni&U%
z$Agiyx)_mm60{#U_3l`>#LSNcQAa*4n!D{~8Yug>$4l6GAutDBOa=Ntb9KZgZ3E?j
zop`8R-+(>c6Du-&HBpk3Ea@AWG=BKm!}aG}YHWTVpNCvwMYJFr@ns!_bU*qUO65ZQ
z2iOBNJu>Cx=alNeIUOh9`SHqmL|KK8l&C4U!!ES)Gn)>=44UpoCX%$OV1^uRl67X=
zeJTCV2RGWK^l9m~a?1DU9NK~Nd{#$N#)h-awgbYq1&;3{jXw1t+C+^~zHYu_vO;NH
zHq-ch$KR7vSoeD)UKnH2__?9?O=R+)Ovk$+W#{MIc|g)2)qh5mU!PL6Yst`}fwW-Y
zXLY!jS<8qff`56@Tik!vkfz1f>MmzIkmVu!Rm$E1@Cj!$<?eqFR8HItdcM50d!zbC
zEBq!)#2Jr=DJ`|?FKw!}^cYml0>Nm3CVqFAbrZv;`C?M$l|8*r58ut631&roIV~%L
z&CBx!<#N9fKO^M>dIE03n~~Dh_>K)c7Kor<{KEsZns>xoR%lQ#*HLl(=G+ea#%<c0
zskAGMBr7dw_}1<h%?@l+E}*xS?OQte_G___*y-+6+#)7FxfhXI{FAQLi_141CWqW1
z6RNDhKeN%?$P9>8`RIESxb#UmY~FCl6YJUWSjM9e08+ugEbd&?vOsHgiraV4BWWyc
z09HTs;Raf~@dM3uAvsY*0-|)5%eKXN%NLbo;3)H-+6r_}OI-%m#9%|46t2w__zQ?v
z)hh15(<0-u5JXJ9C90Cw&dJy!kz5Fd=jfu`ctsS-CsZ==OWDDuYO8&LT=`p+bC42d
znTi~p=m=&YNOqyIL8$kulR-xvRF#U&F<w+H<)tkR$zq#83_pxLO~6?h81cvKjh3jU
zo5ZoRS2>MIhb}Bdnhm`wKl8vZTvjTk^~V8fQf&k~1@pT6Qjvt(l*&vl*=l7XvKCdT
zH%T1<*4%|0Lcg~S%vd_uc#%oaq$S01@H&E5id8J&*~MV%c8La9)}GQYDayu4L2D^D
z>k>)gw&!XdjNw2DO%G9&W>X6}5HVQed43hNt2h(B>tfiXjMGQu9|QdhdMlMK1ZF&@
zx||Eip(j&rjQ^O0ail_y48k;&vvYY}NRtGBBHh%sf}2hFvC8C+15th$5;+36gF4SB
z5+^GlTNc4qLeY;**%0m5sDtp{Mv*eG`6Q-dA<Le~s%$9=UrBzR=2NU-FF_q&<KK71
z{ujR^PK)+XIiI?*x|p_)ZV}lWvLpg=;9+UO>L{ChaTl40GQh&!GeoZ4-chdCMPO>p
zFYON!MSBjKB_9pagXXWWab$e>%tBR{>=7P-@n{P!Wg7P%<Y<@NK3BD8O|>k3p#nM9
z2e(tf0EUW_pE!+g+sUfLQGU2Md;Re!VzAmo)E=y@lJkJ`*rrk9&^6diL3FcP&uf=d
zN&dvrvK9ebV`&$r)kS6Y0}{8vu0@eYCDoRhW{PN&<)@pwiu)?w+?QwaHzR>XeT`w@
z1=wKqV_BVcr|4+07{b1xd9Vs7vpHk=phl6*4^-ZeCm*&5s?h6DLLE*Nw#>kAaExSx
zT?~I6O@!Ls?p87JpslF7g$$(@QTyUg(r3wisQ~R9zRMY_d5{rbTTW+2Lwjub+!ZEq
z8j`XLu}*klNgAo*C7GeQed|4yF~9_nQKlsgbD41$z!+`uo2~5%?ID4fQ%!@Udbh~k
z%EPAaCBF|@eQV;)6;Jf^*MMVh4)WY&;PL?gM-=z6<?%nTLWWlJKUkq`7S9z>r{<-s
z@0A^U-LRxx&!$oa`moPSZ@~Kza<N*v;<>#d4wtfC5nY&Z?mtL6i}!0K`~|q5FGL&T
z!&w%5sbxIUvbMvdI;nD847RwkvjB;Tn>kPdgXext072AK*+d7ZI@%?QpH)3y?<$UL
zpB!g+{02I(`<dAGfrr=e_BZJn3PzJ)MchzC6`S#l`|iyt&eTC%d6rc}Ytr=3csBX9
zCL>u3l5=%>4X;~<FwlZ+1_L+wi3lIORlai-{S*WfBcRN;u*NZT-yg}N^sQj7-_3Wu
zm$!2trJs2NGp>W(Ea^q?*>B`qf~A^{OzoUuj^}4?4#w}!jYtR{)@Q3FJaEKZ#-p#?
zt4?;**5I~lE-&FPybAMumj2+G;qbg{8;?Z}-Dp$}AZP1bc62hhG6VJV$%cG;J%w4l
z#`}$HL@VUGDl%Y3NjZ6~do#{H<44zu$W`tl{3r2xiI9x*Vg)e2JgF?%GVJMqy&0WX
zdL5+KpCm&zWjVH*i!o)H35!Oyx|gvgX?{PUW2!nMDn_nLo<C-u>)3ERvYs-(%6tC!
zzn?sQ%mn$>VNi5p=>i=n%hKu;=6bUXW6s846ZDO({<3O+xH^5kU8F@VRaHf$rIl&k
z8yd{^b*0C(i$17zmyMhqUFFsk(_n+0Q1r+US?!vI)6ec$WBZvhb($A=DYX{L_B`o~
za_AlxY>0kW{nZivUi8zf$vz2ZlV?_L^l0D4Mn^Omel_HyKn9|%T~Y)a`#^_}E6)k1
zVwe*ffB9`;m2|Q~p@tOnoP`%7_fwIbXPGK4zK^r*dqhccEXC`T^IZAm#>|4s6K&<8
z$mQ;yjNCJO`LyEMs<!Ra3#JwocpxyF!>g*cvhuhdS~K<PR?5`aidBcj%2~wo2fvyx
zd<BU-s$UaOXaQ-JUL9&<M~#;USQ{Nk+kE`ap`@#eSt=c&PAdt2qYoVUYZ3yUV3$Sh
zHG_CK1uw1cWH^?w9&~u;Yy}A0WPGxbWjoe1F>q{X*c6A;L$4U7@qG)Sn%7mUxbS6J
zE5fsz{Mt%SebOGo+@0czbu<U#t1}llD;Oy}!gDgcNF<?q*+daC<C!Q&BVqO9Q9K{o
zbA-Fw1BcL0W9yb$<X)DgN%Ab>l3cuW2^ueQf0>O!__B|<ggko=t_<FfO!WOZ6}<J7
zyGfc;!G&Pu;$ls@RuKlKXxX`JaiHbCR~iORY|E9$!hrfp-b|4TP|D-ARhCRY0Cqip
zq9tOhlF7zv{H}Xu7ktA6*%jkW+gWFA6*qd`*tX2mfAbJy5*PDp5j;GM&i}l6##zZL
ze3JAPbKqz?b}JWHzp^-C5-$iAIXQ?Zm~lFRN>|3RQ((PpYqJ6RG<6pCZDQ^AeVuQY
zd>$V6+1H%8$F9aTVvfC@EKL&&xa(nE*(UzW^jvzeR%AaR-mTE*e#3MnH#`M&tHeck
z3+<bTm3!@ZuNTEWP2PuDo>ld(d>*quZeiQvhH`;{wBlJI1B*_?h|H|`Q0#owVSO~!
zBn{R`guNDy%K3n5dT_2Xm*5B5VHd$d*7isx;<2qHw8_$0dqR>&TnslPrR&8P%|czo
zEXYj_ONAnco_lCcY8oRA)n&q5y^|!3>TqfZv-iweX&@?UxF&-(0s2MRM36Mo|9Wzg
z32Wu+=Yqt*v-rqJ&A-NKsAGuCTr8MGZQ!<#zkO*IeRqK(p=`noxgbbj_*~#d&tCnU
zt5JH>1Vrd)ovY`NGCvyCNM4|-;*mW+ZfB4Q*iMYl8p_3;XvU}!p)sAP<ySDvm0-C`
z;&<#u@82n}0(8V(`_KJ;Q0~ql%8eaZ*Cv!cPBC-E8Cwn?bwZCZA!1*$!2L=iVfa^6
z$VX}x_=5{f`NnG_cwJXt*kbEXC`B$cE~kFjQG58=h<1^OA#!4u1bHFG2VXElvKUx3
z0;6{ZsZ4Zws<wKzsxnHZH5H$})XJB)q;tVBFU(k{okfPZAMcf8eG!s`-&(9}M2h(2
z-WxDULA`q#TD^pQ9yA42K1@tM=~25$i{}=6jS>mmm<KO)*&}gPDAbW`OFK12i|1JC
zq?2K4oZh*6AuM`6Q3@#vh~fP+DpP>qBEwW*0P;Aa^LBjr_J*+;<W}>f#kYpt`AIWi
zp1|n(lLBmoAt1#e3Jw=43!<S{+bZJIh>CVZ7{%&LX8%u}R6!eLF_hK4`L3FdXEN%z
zT^cgbinFf^9AZlBHvz89K7!mXzStIgbCoLFqHfh!(Qks|SGV|!`D+Cfa;eEY+eIBJ
zGw$}}a)$g?ZPa_)MH_@oqqA+E)Cq{}H31e<2sA8s>cA*pns88Mzj@-7UL>JnO$Op&
z_G)B;QW{n*%VN`)YhPXu5op#+=7nQ&i3dj@b|}HGPzo6sx3l-wmWr2UGj<805`}z8
zbr&(wS9Wdw1CxVyOS7H^F@a}{5nl`bV)X<YdjE7@CM1$Loo<;|4s<(@$A!U<!sf%~
zmRGySCxBm><gVA3h=Y-Fpc(an>oZJC`EWx3m>t8al)3Z_xV%t49!gAZ1uQ#)N|P|~
zbRkrGmsUre%|^L~awK2^zXRN^SA8`EJR9FkOn&jg$%Kw%9WR<5{cnBs6sdJebZ*-6
zEgd6NMW{A1{=Ij_3?)+jQp7HDn>p(vlM`yZrG9+@;jZg~_e&%=<Av3$hY>kO2vcdX
z`LygJZ`9$ay(XgFn7go#^!)ua4Ur_UQ$U$3KA!|@`wFXj(&(WoF1nnt`5<OFmuLzB
zDj@?bMQU+UDsu5AdhLWEvSTwqXFz%JpH$E`4I~zIgeOG@Udxk3+gCncXE`j=ev6nM
zJcYv-%!7&P*{DP!yp!R$>R1I+{s(+ZtPrZ!k@u>>p5F4*Q;^=Okw~NrZZ;HfH9SLy
z;WO~<XFdk+8H~%$!$R76wYPO{#OqYXX27FZKJftR-}jA)Q_!My)7TXxX?<9%%FR6M
zgjIELJZH2aN2_Jmb?{m=+P#ETbeq2F5Ln5EF%2zSI~C+Xt9eYDXh$CH-<D;Q-fmuh
zzaF8R17}{x++@qoveVy6mv&fz6`;mM5(W_jz+pysE@z&AD>idjR;24pnYckQS6}w`
ztV~cppkQ<xisf>fwla;Kp3q>y=#Od``OzxPq&=!`osgl}*Sv|%1+T!wTBPsnos!*d
z53k>M7lbvJ6w>goz}>zE|2-9YQ-|SC{%TCjdiza$Ak@f^dIDKt<_j`#u%P~*HR0ma
z#tr0+>}-ek?Z?5V;_W=%CtE)fJkJo(Zq1zjrp$!)yl7`bXKQ6taergxkZc5@!HW{(
zcjCR>+pjTTfBz!*^mBF6_@a3imt0snJC7jGQyjvoJZ$R#8Jh-#DE1ESY{Xf-!3p#m
zbI_2%kNs<Mep4K&bRP*Iv)!8CWRscM!U&SnJF`V87o9udeI7-zDE~9D^GOJhf>bfZ
zX*p~4?GCNytNzQY(Ge1zTTfrF%42@ewaa&fc9*(GvB5iTYO(v(HUxsLSm9ERE+&8`
zTf*%|BY*b-@(HPZ#q6N2&a?#(h_D?P+*L^chCnBjPvGz)9=QoP<H4D#vxvNl(WnrZ
zR<;;+T^|-^z+tZOM~p!eOJX{?1wLKWtA~SzLr7PBBu(!3z%5{-!$ro~@~i6SEuj%Q
zW70NQ&5W1`l6ynALHU($G84K1ospH;HplL@8s<npbB+hrs7n4<UIDrG8Z@f;aA`tM
z8E-2(YR;DOUeK@*(`C)N24Wpy0y=%XD82*Ison_9)IupEXOrRHWnblRYQ+D^%h{R#
zCogB_W@ApGFcbl5ZaE*dqSE)xYVOTs)1U^!*U5CyZ0c_$^eob3I;Ggz(Lg4o<J5AI
zr438*W=*Q@{Ij2anBqbVY<c%6lsx?W1=5LErkH2nEeWA2_MrI8%S{KfNx#Er_5Q=H
zFA?0kLA&}!<kPrGKYa!x6d{y(OgWk(JoMD`1==nbYnBnXTf04T&Hg#z_xg5sF#EZG
zciN`#;Qnj1Ok!fl`QCmYA`a)&$Rdd$+eSGer@GHxvp$YvB1kfQiR*@gZO!}F86+Gu
zsmM&w7;}{Nr5c80LeX5u>X?2|Mr(a%R995{betoEaXX*Y=Wjg(e?AzdSlf^^Z(}z}
zYma1Qe5ep0aayDM(3ss}<%N)7yEKFNwZLSOzyLFGg41S^<j_+Q^T+LG*s4JmRQmnA
zfvy1ZzS5QQpEU-QE1N3EOC7bhS*jm0Y$^p~v$%FOp%~B&lGg?0ykv@0SrE|aiA)zy
z+~Vw>E4m_hRaTj$F%h6w+4EjZ<~bzF#pU846>%%Tr}>{bh#%-YQslomxG+ON^yf+c
z)#dh{toOay`<1(Tzg|yfuHOLsvLMJ5>kduLX0=kP&%$JJW0hMo^k;JSkq=0qRT+wK
zYJVi{4fSgccl5XIYj=L9=j>C){_1_~acNL*lu(qt;BB03EvsIq|89NtzY;LwI&0!Y
z5-I}#Wsv7C!Tm6cf<VAtgdGYKL}Pz8__1V@R4Aq-QhU!X`$J{a1>V|B9$C7#jq~(*
zu*FVck1@lONMc%hP{Lz}dlSJen|UE&#D>H1a8AULTsgt#?=FU!s7-k5u2SF%j!rwT
zj)8tu{F|eQ-F-4=slg)`=tRWqOFyI!r%N~ikKEup=rCy7T);-+(J_%@qhmoblp3){
z6gF|ghWFP`js(puN83dDAC<GPxDwNTDQRo_s;(RtsIb;ygakjYeE(uk3rDpm*mc1}
z0GNfml?L5aJ+&}Z<T>)b&|5r*G&bb4tS?wW2@aK~hC7qs$LqoGB(Y)d30-!FrN-m~
z?UwsRrNaIJ(`hd0{cQMGse;)82O@lCw_<n9X>%-dvxo$L+1xL-sy<CE=7umuXH@0q
zb~_%<@RvFDLXgfgckGWgH@{DRhC9O63F2GF;-E4F_R%CEZi-A=Za8t@H}sBa-3sIt
zWB!}fje${}8ZAnj$LP$3v=wzREn2$)@#?Hcg=oo?;5xI9^RX&y6M3rGT>k3eic*0%
zM8I^yowc<t|LRf*q;0uN8>#Cu-M;ICY^7xRIqmBM#m<uUYnyF&!YXdD)KbZiyOXJq
zv0QWA1%WLn<AH5VPMSamQ~<A7roEM6(KifGtzKkVFO!K=mcFKYLW*B7jlS`Zm8~IN
zo;DF;ihJX05%`DF&T<on;MpO+Cc85?yuG`>)|=tJM(|P=^@fGuL)G-6j%%!njKjdR
zyjnzGB%GzwM*Fh`?JLWLVHP8F*GlFOz3)^PO_-dcuHTH!s%oT-2*aN(C3>MmOA;ts
z9uTLsPHb#R5SIpr&oH*_8q|FQcaTg~@rMeAgc&krDCXISDRn}BDrcqH6f4sV3uglI
zL78HaKESC9N@+o4=S#DsOeE~I*N&a&FCXdfelNw`O}$><Wx_?21qfuGO0AS-G{6)G
zux4$l)8uI=1rL+4r$4&x>ImQ+u?#OrNj^8GuW`x!!Yp0+`+N<3^xeD*%=osuG%%xn
zr8F|j_rl;RbDkcbRY=6&{;PHvBxQ{D@ZemzR4zV7D&Og01Q0PNE>J9LU5nzGGpY_!
zl;@qwZV4h!^VT3I_7I2=O_^d{z9J_pPqo&-ljdGJrcdUMLQ~F%-hhpj`)eEN#2v^b
zG2KW5Sr{d@lbnZM&HxYv3hn%m7~`dfz3nHc+*1z@5%DRhJn?M-Oq%9MwU43Ahj%_@
z=M0CcRow_RsTdU|xS1ZX8TW))oGJr<^1)DrmQ4$rg;M7k&I|`OlB7)4Va*fB;guB-
zzP<mt3D$yQ?j|*XdK4^<Q{}rlCsBVy%>`J4p-(Fd1Kd$GL*4d(%I_qO?o~ROmsSVu
zJeY0l=PV*lN66^YT!UVgILL3Jn%cVtz1^LjF&w~-_E+O=RKQatZmA=eWj?4r5i;pC
z(KFxP_&wqBiI%!~&HR%V_!QvGJE^104)l}mlT6Z<K#|`|+gh3ryq|b%{w>Lr;o{zF
zD}>XYs~hE;{c-}h3Sa!-{tfU?_5b_(cwcxq&Z;KXT7%>J{?+Hy2ehJM0si%+y%=JL
zVWykwOA14A%{+6``vl0+|66~jx5I`goABnOV*$p=?ViAUp%&^-I&$?sQJ=1&ey2{~
zVLtNtPJ?;LWb?3m&x7Am(;tJHUffaHr8eKW1(%abJbVja&(te`C)R!IE88*#(9e+`
zG8mcv2-OreBgJ@A^b9>fyzj>=^Ry9Sk#Fof*s#j<o@{kKPS)KK{$!WQX|6Q=RTi*b
zp4MBo>#$EGJWQpan}DDDnUHJelX1Co$24n%Y=CkTYkyc1eYO|_CWYr=Fd;@r7$Coc
z6U4Nk(#MKMg3KD;>dwd+)i*c?1Qj$bDND)(;1V-)v-~d?%l_XX_y70yv2*_q%CKd>
zHHtanwW5g-1Xcj&!iHtAly=AlIOK5mrE9Um!-ABLB^$-4NF=45y!7H7uX`Yx%f&H}
zXbx_c3V=A!dosUnS<4kf9l$_+Ec@i#R)En_{K{7Pqy>CSx1Ak3vvk3(AWy9f)0I-0
zQAKmdnl%4b$lmSMZJ)Z7eTxFVpIp1X`lAhV{W0EV$$G(1%_}-KKFIEK24;VIUy8M<
zHgj>P*skbI`dvx>u6AcgV$qIz>v$Wik4rrd`Oh70kHwaDfv!wc9;Yo<{<<gbNWSz;
zb}T?WzfN(%d<9v}KiVkn=L&0aF}@-Ho9Dti#02ww{5WvO$xT4-${09$SkCHID==+O
zW!J_MITXNjq*99ItH)mZ+wL5?tvqqM2TO8_m$o^1kHc#AJF={YY*UyEl6vhAV=dLv
zTYD0T>Q^CMf;1^vr-NT%FL$8vj<yX0C8;HMyBK&qSAT**>&xTC_2YpFvvUkIr9sVI
zwTXSA`Hg<!&aH=q+bs~qv`6$-0@{l!7JQNXvCg@>>GO|IS4<m`FTRrqkD-poOy&+2
zuJUxo^>o$i!B$q(<?+Z?)shdC$4`w0&~ur8)$TI{(Bd$*C>}$CduRT}2%q%#xNGGB
zLHWAV{ht?#ykt<|!qu!|4Rt6>B6<iDW$6g(w=RC;#}*h$f-1lbj?1I5ZNOHvUQG4n
zE;o(g5_V#L&^W3&$EV+G@DH)_iS#EZoa&g_V6;<yI%03N@Y{GS$j!8v0Jvm4W)Tw<
zBL&aC2^-E|q%u%x;8)CVXL~H7mEI3de0R*q-2xuo!VJm=lYnGGOd}qMKM+iQCOn)C
z0(=qEv4jFbh><`rB$O6%&t?Y@BClY9l^C(E&drPH>PnsWuJ%{d>%`IxJ3#w6LIr@&
zR_vFVGxDDBO7d&G%4oJI^@T;!?W|I-h&lN}Q!o|Wb8odPgXi#1NPP@!Bf0Q4-!S`}
zVyaE9Gj>Yj7pe;xwzegQWNvc@tYs^P`^u1JK5GM=C@~-nI1yzGqyW+&`kPh9)N=Tm
z@daHTi=uHPFYRH7G!@-t!^12!BoEb*xWIExu`-2G&$>Bt`;aXfTA_T|E~;q2VF4Mm
zi9Dxt2PQ$wrkKcPOX+pFBN-Js%LM$m4n=13tOpH~=QIg1_M!G@_sYlL2ozC#2yp7y
zUkEy&r*^;qE{lFW8p%2uro!sq0M4lk(#q#!9GN7vZEII^spvD_Vd6g-e-DL$4^HK?
zGL+10(6o@|0*|6Wq%t`v_$najhr_p(dro1n6b8%M=WQAy>L-*Q%JrntR%0p}6W-~6
zm<YSHK}s8o7<3cPUqtK@^6$;QP6ckg>vloSrEY*jj{ec-d&Q~|DuuoC=lw%$NM`{E
zs>H<27fcuTrkqCYYeX%33^23zqZf&v1oQc%H^5eFFTb{`+%SxAf$8f}w!XL51Bsdg
z47iRW>Pq4gl9#6oXa5#4!Amv}2ZXe|UA^po&Tzx%i=ju@SU<rV0)sF2&+X%bxXb&I
zgE!#g%&W=Q*yU^1<?9Sg>DT<fy84a3SIC{#IRM(F=*FU@-%+`d@hD@20#OFwG#LR~
z-wFoG#9ApcLmv}Dl*A*tVsP`M!Z;!O*e5Z#XjfD;`U%3c8+vcT?w%xxFBSSF%1Ip|
zhW4(X{JGARXoI$x`ft44?;C>*;)ZXP2@cG;d|xi)jvJO~;<+<g!5%Xhe{pPwExHI-
zT2neaBUY5~e_=+dSPOJ_PfKfJu9h}b4^(cOf%;5|^>%{6CA+G(krCyDW)!eXyv3KA
zOQ!idB63PR2Z1Kt$!!hm1v|+%fk25@+#6U8os0Q*s!kpYzifdFS)DfLD2B?tR2Ddi
zpZ_!PR^~-FMOCROglUf3zKZ{0UgWIaW)(d8s8LvH+l!t|DrhvlzZrD<_`-8bZ=vg+
z_y_L>OLukPo;ojWsCB!+9=_g-_?dfFa_J!od#M#zNT#WNF`^Fvvknph)<HX#l^vD3
zW=+|J>~u!cj>CYnJ~*QeGkbrEbvN+A>N7Idal>uxQm1{dpCh3%XcA7y^kX>^S$KDC
ze@3<mh6}1*U5!4gr56On3t5!ai(qzs(&BR6c{ngY_=EU23a4t%A;7esKj3P|_X+3z
z)To%ryC_R+(u`KAN?43oEt)4jpi(SLZ&^CWo=$lHWTxj!a0k%>c_>6FqXqcuBw^qu
zTd*<6d!(S<AKp{#C}cF}(?4>;qV^yyf7bS31gi8}O9KUnQ$uz)h!LSvtP7e{K)H`l
zcDhKYZ^ztK#?{&C*EM%6ujN)%O(|RwyO&c>?mF!7sTeI{CKhjUK{3YXKkyPXlw2tS
zYDDCYq}BP2+p5Ic?sm{d*${y2Aq)zW0^p!Jt?0h_8pTN{7BA&Q&&Bo8@I5~-K0o4v
z%X?SEclxbEX>K|Ai7>d&22Neoev#sj8hEgo?^A{O3rdHS);pA0%7C9tbXMbLlu1!`
zZ-6IbU{!R<svCr=Bi5Qkc$R}MvLnstDe-i68x524%bqotbHElF$m;^JGdQ65so)M?
zLS&5GwdIBNt#ZLm0Q;Jouj<IubT=~BTKwwRogV=aS#TI77Bbg?G+6cQ9aVr08fMv4
zrhKMd74qN@CKn==)h;Gdl7N}A$KKW9qC7Ra4HTxnEpQN8u}%8Mkw5cwoF>a>LLZ28
z_<31IqBaL+VVjwL457fr>JVDIZGezdsWfwC%X-B4%}4Wu#HicdA_5#ryBb>zZtJKk
zHi|lQPRUy>BFH%;Wr$<&Tl`4bAPWV-phKC5YN-YMX?jjXIMW42v#D8HCf!@7-JGpC
zmV{u2Bv@SKK}6VtO}%%B>A`!^Dx=IiJqWX4*sP&u$;kmU_6E=h^S(T3*~?io!s#|L
zAf_e_q^RkkYt#B;Q20{>DKkgv{>Ou(&|zy31bv_W&mZI~$kW;K;2^mC#^|i)v|a_g
zj1cB1BMSQ0ScQb}2JxS$L`L@|%@(lfswAH>#FvL>^$|u6T(+sd!f~S0ip?7rd}4QV
zd^wctU_`vI)r^3(gmHDmM<ovSO`k7e3qL@;?%*!XPogxNIekyS>VU{^P)e|{#7@=a
zBctT!jIv8THhp#-Ox2+Kk6bS9l2L1t2xU70Mh^}?eNq=-I(=^w@oyOxd{Ng)*R@K>
z7@hFTB;fMp)Z$Ja2~tgMS(%9Y5gN^#x0y^x8z`4r0Airf9}M|N?jVvOpE>8rEjVk`
z^7egxJ!nK1#4@So1n0Hx^qEY6VVTGTDmfhK4Yy68EV1Qvm<7dtgv9bpMf+2|<R|Ex
zP(B80bEtsB#hEIg*ucQT<jogNNIl(4TmEhM*2j_s(F86tkJ~P3IU``fS!+p$=8`|+
zgD&)>UK6-&jOcz{&%(Fpdr)oJ!gNFR&_0RT=2sjjfsOe4U>!4-7arJHMOS;eYmnV1
zJhgVJDafEBBwp5!PiSGB2P<#hhZ@$7ha^u46^+j!#QVOD<c+U$ZL<y6w3LRi4gU7#
zU#||+M1)<Lb0EPECmd@N5A#k^VHjQJbpTHJ>;!zdm2!7&6OyUptQ++?$9kS=^N{w7
z!*tF&R=<yX?sM^%!X+Oyh<x{n$3)7v*TV;nMTSq&Oo{P#3c}P#MrXY~>fT4}?;Cvt
zHFUSX5%w$_f=`D*XXf=9W*eN-P{alAkfqo0)N5#mW_ec<3aQ->;&H!gX8b<BO?n_@
zqXTaD`_6GkkmR)t8ZQsy+w`<t?Lv;vK+T4c7StQfB7?ibiAi{8w(S(bAo*y7oRbR*
z<0xSZ2Br(7365%8<dhrCc<zqMVU+;_o{6A~o4haDl5Te+q~3=C7m<}5<_p={K|*Ur
zb0rB~rB$BfBs^|KAd90pnj}BAc!iQY!j!R%ZQ-gskBm>0{BC@?U;p{b1d0Dh!~Eaa
z?Z0Ll7H+oxeb#fZ{1?gjUm}MiDUXv9D4+D3BeCbX&dADgP`yb$6GYIs2AMFfyK1|o
zCgqJ~OGU1}N@=^fa-3yCrGt;TtVjN(?o9ATHULCQt%YnXd$pk;xG>6yB!P(0kmAJ@
zMUpP!eD~!W;PC_cSyRw}`O${yt8Eh!*xm8=VJ<BA+qU+>1QUagN(?Q9q<uplSYkb#
zNY>76K>zigrMW*7<>2-5*ys1S-6sJ5eYlZl$T+z+wYO41bY$;!KlCH6DZ-TdsHP5c
zS3};7v1@KQi3;9cLsJ@uTrR>%_?w<T@*H$1%6$4EI9c3laHUk;rMz{(RCnpp7~d)J
z&#NpmA=!~OPKpw#oO8>Zhhc{wP=$(0rf8ql``_W{s3vz*B;Sefc)QM@`%>ia&)D#)
z@XC&~eO<52Yzq_K)I&=8hg;e<T|(F{-D;%bqxrxfH+Hoi{Ghf&>hwhI#$Ut-QdtJM
zLB@@YND0TQk#?6)hZ68T+N8n$R=gcZn-tiDW+0>&=)Af=#MNN%x#DDi<TopMeeYi*
zRi|})Q~k-RMYb1iQ$v6rq}$4sts#TD){{MrgpnFbs+f>*)1r^}uD?zu2JF2H&J7D1
z25erraqzppH}4f&jh)o)va{?A_*&&#dK|jEJ=eVe7U%7I@VD|!*HLwb-r)>H+)ilZ
z()d|rYecEx^J5by1Lg)mKXmZ~ew*=(h`Z^Li}1G3Q_0rPK2QGu@rfyBNfETVfuLMy
ztfD|uRK@7*XT#Th0Eg!xH6=;v*mOCUMRl66bPyfm3t8yb!_~?fV_sjo*Vm_qseRf#
zdWV@zk@9mEhgJ0nUu@%WK!4%2`%3FgNtrI#GrETU{LEF7^V}J5lyKauzuxQZAA9dh
znC9ZGdG1@?ww1p<MNu9u5I<ANdmWCewA6BqvixSb90nlpdJpHDP}1^8EGDBa+=d{(
zuFiA8GcO0HBd~LaKhq_VGf6#(@@UlU?f3_JeL95|&)a}zA_ScaRVio$BWyBgP5GZ;
z)U#}Ain0zeurmW)6K8d;F{0Guip_ETET7Kupr9{@rlF8cl}DR0h)-HZt@TS)ZP!{n
z!1cq!0ZLFv4TIwQoNjB#Yr;ROH%k*}OQg1;y8!gT1?<OrJX`|HRnT+k)pR5-g(Elf
zK2D)58Og1YJJiC&aR-hoH%}`{yLKfS5o6`U$6^(ySxrC$S}lMAM~q2j#C^5&{u~{v
zwo|p0x`<%KA~bKO?b&lJMWa;l6J5@o5UM%DM}ke!(9X(r!EUY`S&=PaV6?#*92k-6
z@36e*EPX*vq&w$Ai<Rn$WtVBGc+uJb^rpXJKU3ksHH-7$=5*E3MPYx9kzeRei?x<}
z!&N=D+?@gm$BLvZ8v-^EZ7WRW<#8$YJiM+7Z)(_DF&^;Cp>J{XvSV3OHIfI<OPm6X
zK!oeh$>dtkH*;VaVpgNa%`6NjS9o_#r9B`j^;J7TX*C>u=k0?kVa?WBw#ySLArYWl
zAkD5Hew8UmUP0u1{8d8VFBo38e$wI$zS^NyM`;I+x;4V4$S-0qlPJW{yE<2xamSwW
z6bc}LbTC`LfeO@gwrHRO!Pwm2ifJal(L+=j1XWQdOz_O~&VIg2ADgizW{MQUiG-|N
zaxr^=HfHjG;ud!T`s%WL;y8n}@7Y?qneniKxmTNVKrGGeSLxs0t#gk``ZnmN$+`gP
z%u+y4xdELP@meJ*263`Ux(Q4z_jTwxte#}jgUkp^5@<7QMZY@0A#I%&s-CW8ufd>P
z#Djr`ZUr9_N1g;V)~c#9l$G)hz<8nO>J4|K6esBE26}H>>~L?s+Pv&*F&&9YG25n5
z<!p%1X??F?^cSxX3A1|czZ%L?{?7bV4jB++L_>Y|mWT&Vi{#ItKn)K|+ywS$T6~#0
z*77b_t;O>^!*mOLMI&y_UW``K_fiYRci4UzY}>d{xRQP-8OE7Z5C5H_F_yUyKc9MM
zM)-<*BshX!BGnX5{^+TZ_gx5ys62?AJSd~l2FR4n8MM|>ke8SEYY`tHTMVWu@f3K1
z+!lq$x6{03*L8$}kRencSu9G|&AW^SeHJ}42I3Me;Kn}|J~59)7-$+n8y@<7m||t&
zd|b9Pr>wfYBB)lC*LFwM_K1c1MLG$Z-zceNi{Z<?i)<l{---Jtyhn&_5hxbJI@llS
zS{uZ^st29MQ}877@}cM=O-wti)&)dX{V3}zFc@0qUvvC;!mH8s^G-bt7!~;z-YB(A
z*c+kaWX<I?NDq_N6Duji47>BAk``i(%Er6E|Eniz&?7;&+V^ue96CQWBN^odpS=V`
z&H2V)X{7dgM*%yFT$enk$1~g3NllwG2@Y{A(Pmc})+)him2|kyvBb@4%MKW)v#!S5
z!Jm^sjb7exWg1+19x`ED6Y<@GjQrY+)4bSf*V6lQDpg=jx*Tu`E8mai_p7R=x>J^9
zs=~W2ZDHeA6h<shTokLa&>>eVal(kHUFpRN6+;_@N@ODy)-x3#2jcviT2F~;c5*7Z
zvV9UQ%GqhSunWD?i_zn;avN9}nFL8SJEROL%O+DhMW;e3L@5AawEbyNi&BW?0}%#>
zy9Js;D6jw#<nwB=<+Aox)$yaLsi)!5P}Qv`X@_Hc?)OalUak`4_V4VBV^{LEjS>yw
z*$a!sI_lV^fPPg*W#s(B7zSCKNK#qK)^YYgXy(#`IyK%o3}x(gF?ArJBtC{9kelr&
zfA4cL3fYy+p5eW#?`>e80_&u`@4F`t>|{dAA8j9Wm#7;HLHA|rw-Jd9MTP4?SGFWM
z5A2~nP)V5v{XAT;n;uoOMAWJo$?)T*E>`5zE;{LV9)qr3?zBbEd2!t%G#zyj;o|5Y
za&~wF-^9%K9~H0Vk|99uE5T2hF2P5HIXYs>87h-pJ=IcWjj9_*&4S%|MA8;7(v;)Q
z?=@D~r8^!5UK<PP<{O;WfM^?aWsJS8R&xy=u@9T9RI4j$NbWIm`OFLbJcl4v9~i<)
zuiMlj-YL6Vjp(RdX%R|J3z_(c4sA0sKy%h}5Pq`&y`Pg6q$2QswGpM4?JR5<xpGD3
zsYir^UEh2707p*OfBC>#M=J^%g5T7T6T*Z3sI9W);yC0O9mM*NbReg=z$LN$<GPcJ
zm46`xfmP#{h<5TipRQGI<4dVVgrYnbbfQfW#+d{CpdK=-YVyXJ$iu#qg-&G?X|PN&
z-RFA3qx4ox8YR#g)Z5~RkTBv&OD?hL{b2FY`|1?#S>A##1tBFznO#?9d8=PV7Hc0w
zf(M;euC!<bMSr*}3mA`G`6hy)`^ti8tT}GOI+c4zo5-z+#xS6v(23ven9Q9ni6&*{
zjC8GuKv`^Xq3Mt>QTZHRbH6#qk>S&V+s35ul(m7WR0<f~VULvsm~gpxK+i<bWr3$s
z<W|f+=s;p-->}xK5?xc~?@lUzbuQ`<rNQJ{G_t73Wd4KJ&i_j-B$=rRwonccQDQmb
z##T;vgDJ)@^Q<*~hluJM&viL1TpLz?Se94w&|A<%q~<`{UZ(_F-{P~HxQ}l<=!aWB
zWA7WJGzKt^UkTR|vlx4>xxxzWkHXC6A&K^Q?U#7C`Mh9r_;n_f72pV=c7-4lifzXA
zhC^)tL3XK<r89<XW|qtLPw(G@L}E&aE+$@yh(F7Cgf4;#4{(u5bj<s0PW1tAXN&Bs
zU@M>W?aEzv@;dX`De@F56ansVhe-X(9bt-r5*R?nv(>hUQgU=Q9U4q%h`@|s8ix#p
za3L+6SYM=z&A?7HL-7i@hvumneGJjR@{=q0cVIT(wiZHE2S`BXrY5dPbmQ^a%TU7U
z)Q3YZ>Vs6eZHC%Qb66wl1@^&YhM7pJ8A(+OfTTHD<FN(xD6_75k>TKe>_ty^bmFuT
z5-yPU8w!4<e!9j0Yo1LaDxHF8pzjLoi+d?IbZaC^NN{kJ#vCeL?baF~ekgju`PK$-
zuS*nP@OEW_p!{(VH1;-n;RqzS+HW+F=(SuBl)qIayquz7fXX-|a%Jx4J+!YRij!g)
z-7~%tu<CR;tw>Y8>TN;wK64A3k6@mf<OZH8RdFEhkK>J#FL5|Ybp0+bQaXg6vKM@0
z1@pKd5#{Ds{|itUk6&>g%p{ME-j<)xvYvvsO^wN`vZATrjv1R&@<$unP5g^^Z!O7}
z+U2|W;bjR1I-cGk)$zwq?4%{F6}}@^kJ?d;|Nc>eX0<9jfZ?rt52AAfliBb?Y#Vr!
zBL<KvUegIT9T%(YWRLRcnAhkmaGH@SZ+Uu>VV<fG!o}!yER)jYvv16a!@~A>LQgd)
z#E&aVCNp{CDcVzga@?N9sYEknGHGhi7#BXg`d4d@!aeLIG{fN2bPKb8q(s;_Gp(x#
zSQsw>4aIAPKjQOe$uI2jci|ifvH}L0(^(0*{wSaYPsmZ6<Yyo&{5@MiVF)!Nz<Kc0
z6zKWkAL*PfQ%>lSj&|i1rL8u5lOO!LHy&!_1uLbuYeo1yh2tua8k?jD=3L6MSn}oY
zrz+<=kBnCXM6!sN&JKC7f5h$faZG17(+4L&BxMr;L>XTb4@RDZ`NS{Gw-H#Bu-Y;o
zO~FYawe9{6AQwH@{^{ODb9LN%aW;Ejoeaij_Y@mmCch-fw>xJ)dr0PnXTubTZsX>q
zwX}1_{^qw;J@$dXEqW~{>tU_+h|J(|Z7BrnN9V=Ntb}fL#JPe<m7U>#>i+i`mmZOz
zGJC1TY>}6q@JMbIe@FrS!5ElO-{f0}`s;m98JO$X?dzt$xRyEScQ;PoEPq95B&bPX
zVk-0pK%>>)eqm3$oy>Mb{X)=$AnYd)f%WjBTwAmk27^OSUV1LUrG7dSP!8!9=XEhx
zePXCbLL>B?HFTq(GSiteMYBgsN&A%k#J3gl%&OR(V;aS1AQn=M@diAk0WT&rSto$B
z>Zo_oNw_4ACv1ZB2Fa#AQJ8=>F0m<Byk;rNJ8*5#mKTAxOUhEo7Ykvh+sUtAy;oaB
zM^_E>vX?Yate&G3$cJfA?**2pTf*a$-N*es;_*D_V3EYL9KbU1O!XlfhJ8zZPGb3-
zfA8#M<=R$%4y9bmf&mJu;oRSrWy^IwOA+$w;V^IAK6D*1T87J7VCfU3q2$U6-9Lfe
zPw#}gF_ix?et!dFuu>8W{p5Q~a^<>LzKeUOf}JZ-_z^{PuPm~gbXVbRdGjO}Qh5YR
z?CKsYS2ELqvMaZoOYN=b`&M5TtBO8&o~A?0h)PmE=GveJh7D9Jy&M377{#gx$$HLl
zn2^f0B23|fDo2cP-qrG|ZBy?ZyY&ao$X3fvlF?ww2@f@8RecZkeM3TXzzzJLUw@AO
zqNr?4Ow9kaad7-sfBXL@dK~`|bf_>&SlcF*bK*DUOZtHVX+*XHhhGd1zmHQsenX8e
zl`=?!3o1Cd?Lil=Z2XvPB13wGLPyv9-RfX8XH&!fQ3qHO_R?-i?eDLEx#LrKKCA6u
zCZSs=Y{d_*Y<`u8xdIK{F5zD1v@KjMX9~tp3A$)D6CNy7&gOCZ>Csx#Si~F=@?*%c
zBFb795hCjgNaY7hJH-Gg-YuxchkBTeHZ_*I9g-O{8<6O{)fvvp=Oty+!fO{6#1^#s
zO9n-nB$uh0LCdyUwqN!xV6htQ{jk}@I`p`pH!?RJqLq6cU4Wj^p9_oA4(;k0%pG5H
zy}R49uX{b8=ml+SG|ZYdgsyfLi*c8J4N<|?d^fBL*l3(Gd2@2Qa`}9D4QMc^+cBVD
zox0vS?pkqHGiZ*2#7m_Iy;Di;jPsi#DW!VUW~3#DgIoOx1E*pHv#3`8GiY5oHIgp*
z#|H})N%D%ifu@Oc_Fdj2Tq>a~-A_|*3ipW0$@^_Cy2sDDP;okByxyWlz&lG7{;XVQ
zq6IZL@SEsGK(;!xF|3Ji%dX$0X6B&6{AK+~u7(HJfjnN$wnL5CKAWujEQ&|`*@?+{
z_o+d)ytDJw?%%$i4-4G8qF)uFAxX!een{c_=?om#tzeaM$%W_2wy#4v-K%>#rNe{0
ziu%_AvDhZUp4iE**&>%PBpLqN@wZ%I^b5`$z+D6INB&*`FKeo;UsL?`WR{R+V>DrC
z<t*dWA2W;8Y(IwbQ=c5CFVOsC(#JXCi_2r$X;6(w8MGb)f>b(%LcuToFoS91&5p&l
zB<ueW&UU<!*+?Et7<O(>Lh9QGz1fqS7(+?jV*`LRmrpiR-hBitl#;Sxy%U^Is0EP<
z1DTHveUkw1Z!o!0n?T~|=c?pL7VD@7JQf<swvJBq0autkY&CptYbf!hX2<~nAyUNP
zadD?nSoR5Ae|wXERAciMd52AyyFOifox#t3Am4Yq{mumhVC-iR#~Mn``vd$9Bcv%j
zR#842SL)*4xDo{r`fA#xI1*wRoM*Ti2ow2deu)&Lvcql-xh-ew!)NK_W#$R?Bw;9a
z=(fpi-FI`}=2}~oD9i>>X4%b#%i(ZAl@inCG*h;ImU&8jTef^HCR4}5nj5c*aNZ*y
z^k9EQ8Q68lbN4p-R+u;7PqSUDgHra-eBiy~fuw_becoQ%@SfiX@>AcGQ9B(Jc;<~;
z#sjeeqOSN-<HK<qYOq!!gxZcqdkVfTi9@?2VZ!4p&gCR*<}I_WUVWNn;}zDq7U!g0
zfCu^)&6Zq>&J_m2qQxYry_V~qloB2(%9u3tqG2lu#!V7OU2<Elz^jM~>B(9{!zp68
zCXIbL>FOL|4;ow6JAR&9{^g_|*fsRekO4yUZ&l=}#1zH>p#6_D+9wChEmI-^!e-p*
z%U6JcNjn@d5w|9&4?B7K)9pGGy}Tb}Tlf{VBMb}}PMS7PlD9ZSKQVYORGT(vK28-f
z9GeC2_KLequ#NAq-x|&lB;4szF9XD*BYN>Q<Ju-mPNqPa30O`^ynWUukP9@Cg+QCe
zbI+i7uz$Hx=M2Ni5uU^z0RtX_j_ta3rf$vk{pN1wkGtK9E0%Sf(oar_%VDg<Rv%`$
z2<XDWpD{x73=E8^r20pX<`1^*8ye;M2Kw^UY0|ADp<P#Sc1x|GZ&24+^975?zgbvH
zKHJZ1{)H*8D<iKXRPZN8Kr+uw&g+kZ$79lp=dp!uonDO0IS#w)p{%h5SJeS5dD~h{
z)vZKWZe2L^Cr2gL8in*jO-1ypmQpDCUGxi8j^AS&!PW!c?>P9TBSCY;;Xja2hb7~b
z3JTNI7V)0SF&y;-$p6wm^n@p@gX`4Wrif~(q>!)BGF1idoCF@Q0P*0pXJN#S$&=AB
z&$4-?$&&#xKxuBoD)B@;tghM(8Ev6ZSjYSjKvyNDxp8N!d`bm4-asPwxN;dXK`O0$
z3LAN5i^CY47P%Kb&X2&?8ard<HiY!Bo*ktFZ?Q$nIZK2l=wX^$k;(W{l?d5P?viU;
z(*y~ldbh1FrnvP_VE1I)$U^)*>tk5x1(kEUTh3~*t82BB(K(l)y&*+8X|H2|-RCxV
zA{{~^cyk-paxv*dMHZ8`iU(U|Zl-lfkeUQ5bIlLb<|Motvp9y`J&4le-M6yGr>i@Y
zrjI!b&-ki~R|!^!QqF&ph`L*8*yTvL74lUCG3&c_hU6(FU~TFa2^<=13G~u8A+Ghn
zU3GL-bpUmtNO<Lch)-@`?thD&(BkGG?5;yMoEV<cHjpT|Yq@_e5pV~W=CwVg@I^E#
zN%>O`1xpaGQ?zy!Xsb$AZKo>^)Z=laam|XcEJvGzlhkk!D$vZgD`hk>ePKkZPU7$c
zy~#o;tBWH7!F3^+`|+Xl{SD3BVujHK^ZILs)(bDJ1R1q5{%tZ0TEK%#Y*(Sh>w^Wl
zB^~yzdKd}3zcqBHcPId?eFX)Nd0?QwE|}}?$>0l}k@ndsIc>sCFMf<W%XTwbJ@XU`
z8%|81nt3a!@ho65u?_#|?+#0t*sEjXigRx|DItahz8J+r`>gVjKETcTs+?47PBq<+
z@HTsOwZHgpBdC#zMdmbbP%^?rv<Q+`64ER{Xz>sP#9r`0FNC_g5jSfOL)}^noZUZl
zNO#@Zn8KkA0S2<~0qFVD#L!M!l)`^aqA5U1wh#sS;yOclAmMD?JlS_-dpjMxx)CFJ
zn`<wC{{o7>?r)uU2CCPPKZ)Cap-LJG@eSwl{vLe!VTxZ^*Kbb{Wo+g8w&+cisi0t7
z^D0(Z7aSI)9aIHZ+)@n@?NpD^SsTXz9mMT*zqFJ08`C#~q<j&HDqjT`_c*@DVSuuk
z7mz6~CenO${!<=f&c7X-ciwgyf#gh(DMoleIj}H(^sd=6_AFdGhckXlQC2p&A8_Gg
z`O_c*C;6ix#&7NOg}KsaGW4)AK~3X(>J_pPcRFXhU-<WwEO+7S%d1o5I^DX4v2P0D
zA~8)D8UmEaw>5UNoVW?!<ORI^ONbMHu$<GU8^iPrn}54U-kMD3kqb$!5OG(aB3o4h
zBdbDYI8~c|DY5LiL)s4QnzkyXxD9@Fz=&$33jNaMGSX$5(EF+W98aSD_f9=Z(8_7_
zji%yGlVYwp_hfM;gTdC>#!?y~Z#A)rcTGe5iP~8A#S4DAtE8hL<y&0M{?@o0W4R+0
z46`%#*Z<?|9iS`en*Pz)wr$%sCpIUxtrOcPwmGqFClh1hnQ&q|nVWf@@BQER|J}9j
zTBlEA{i^ov+TFdX_AW5q#abST!(zPHg>$JXA(pY^MrjRk1Q+rh#5rSJYq=OA-&iCK
z#2pVWKAIg}W=NNH9`z^gzO37N=q=58qug7-oJ?g6@_odg+Nft3I(*Iv3jcw=JHQG5
z|7wK5pQ;#`-2X{h`~Rwd+^qjNb(QLDIc!K_Njbh_gpi3;iV-+lJlPiX^F=LmD%#bR
zc(k=(4`>s}+R-Fa($Y_w)IB)NYyIZG$izkZb5?TBWJeOulfx^#^ZeaYs*eO3eSbXv
zaOeJGT6Cky=zHV~2Irq|kH^m^cC9e`pE+tX4Hc9{R8Uw6q^w$mZ*e?e!~xZNnfHs;
zr9GYA;^)|PN7(SMUC#-gnqJ(ZQ)(J9?`HS6xb6Z9xFH6b*O~X>mVWe;%uDEJh08Co
zVHrs@HdyM8`{dF>Bv&TKDDVBQ_0ko5KuhSnqJ$iVomN7H1E?m+rS`9C%)_MGU)hZa
zUESvi_k#UZtPpahpqn5`X8_eHyZxRtjR(K$cZbRvPfe80-RZon`_Rktn0xwBS=xWx
z3YRua+P=YMUQeNoeMbv60F$nSj=yQy54*z{={`)YnD4TnF7kleMcxVhKEOx$D>OMz
zb~kUewxO|zKMoIkS)~oDuIhv*$_Yb7xcP=nN+2f51$~(~dZt&5Z5Lq0Y{PV(`DS{5
zPBLnYG(1lwgtYv1iny-UF)e*cMS>La-Pj?Sr<^On^fj+;hcMcLlRc=UCRY<3vZqKe
zUBsbhyMg&=3Oi;hd->o#)eu*J?`frTZK+5C8U2?|kpfpa#Rk_$GxaORt3BU~<<t{$
z(|Ko2ob)!bP|$9ho;siizISm<q?JiYlF`IX;be<O*AV2%_O|?%#f6?DVn>%P)E-U}
zE5T)0fWWPVs)=_q8Y;tMb~d$%1Lh|sI<L~#SY!1_7hw827W3c|XIQlVlNwW%Cs>pb
z(gesGLw_vqVJP&r6vZG#tXP|OV)QquPgmX?7&fuu3lc?`Kr%q{_O%_o0<YM*lNsBM
z-nQKyE_0^evKgeI>@8;<P~f$S=GI>&;R~e*=rpWwYxWF@2*;JK@=!P%TlYs*U^1Nt
z<!Tgh;5q<qfiWl6UJa8Ut?}y<tyH!u45shlUWH`xB2+J$0Hg@w^B^M2Z<w;Z7$Vvy
z9vDPiu5RUM*n2?z9>lbd%#C<z-dtgD&nW?H+@|vZ3N)X@6}3P~ZA5Wl0z$Fs*=^7}
zh!J=qbm48R{|_LApB1u@#+Elk;4Q+ohY14Y8lIsYQJ=7XKW?8=z~L!!B~LU5?<!<O
z#0vUs$z^`=yS|+h8NCYDF7@U`541D1v<&n_p=VF=%m?7lNix)z_VcO2Z{%D2E*0~9
zsF;D2I|(RO?BkVpLj@0u)~cZO?*+3LCIkv(g=-!QwJJz*O*>>;LN+Z<fs>*HBXcHb
zQ9Ih|r);!l&c9gCU!8I`*sTKYhYrM2AqG^YOdwu+>yX-eec1bS3yCpIK@0e`^%<C$
z^ZN3b$5H`^MdUZ#SQ#rP<=I+}X^xIeX;aybSlCm~8;*x{j)yU*QLXB`#$)$xsDi>l
z%=of1h4L9A$ku|Agu?2P>0qBrG;JCf1<z^0V>A=Wd88UkoPOhltVa=@JWDpR$rF85
zcxiGulX7OHC<Ls=otpw=-wvPiU1QowJ;-(>mSX^J>OeTzuVji7HwuC8bThTO@VlW+
zp9K;WL$avQSEK5&*{X%;Y&k=5J-}_$O_Ixw4GV4(3nM}krXwuSn-%-Bwy1yDZBh}u
zCw@IS)l@&9b39d9P3fK^D_D^j5{urdn9Bc7SYi&w2A5?6f`B8gwRdX3?5!pPHf}(4
zdSwd`=?y=7tu0zxPH$T|iTX@cE1In~u@!}Jf+;FcXo1;vgAj0wzyVj!>|V1-w1)kj
z1&3)rG7uP7QX3d?T7q#8do7nOk_vk0)ZxFQKi_#9z!=?0+u0eK1x^^sruZ~`UsH^j
zF9Xf(RJM*czV^s*Dq^jI{#$wEIdr~iwmS(RoY>SR(hqVM<%h;<V~^}xumAPW=3OFI
zsro<(<ZpJi;NsuR+@<yIeW|Iy0}#CPa#giR@U)UYvSrwyK#*3|MQuDI5P*dgsiKj<
zm-#Yb3JL$l;D5cX+JdZ(ryut>7c-TFO+E->L!0H%<Hl#73=8xDRH_ZDx-#$B01Etd
z%A)-PpVh@oj5!4at^AApxu>+m%yaZ<@{k~<cZcuZqj_9UD=z}45Chk)uyH=npOq2f
z$h{a`e`H{(oHa)e@?pIvJ~Ue)=XM~Bvj$ylmkaoEw*p0K2jjc*I*40<j@0W4HrEtt
zX;k;v{(GAhb)LReq^cpQQ56enfK!6#FVM=ox|d#p6;;${t>VZ{^}-lI+c0i5`bd*P
z-z8HyO&gfC`rV*IoU5&D=9?Iu#K-pU{Z*Hbzt{?`(M#GCD)qCHPaI?h@!j@N#5jyc
z@-f}517Q$HZOXk}xHBiWbFS>uwA>q|=uVeKk7ZS|5-0HFeJQ`nXGN|B0#wXrmCqm#
ziscYSsmsmbQt@~X%PX^BSQkEx9;G$JuB<O;G9wUX$-n4~>!5;lgvW@279tfoa&O9`
z#ZyTVol`B<4kA26(h$}rFK^MJEf_>-<}%Qf6>a!S3rEeYyBPN&axMEDkV}h*C{Mc`
z5OOWi%SJgrZJs5IrrvyIKr$bJcbV6&Xc$--?W(<exx$k_U6pfTJHk@$2J5j+M~S16
z5kPRd)-vlta)nsG(59>M_IH8(_XtqfgLZ{jw%*R(tOPeyih9%F-&Y47!MV&>=yc}E
zN4l#qW%SL88zBpxQj7CXjbm$%ZQFzi$SBrZI{F5NaYg+Uf7))J0E?|U=~{KQ#Iij~
zzPBzP`qn}T-Ybtr!VjbOgfIMh->|UJXO}^}S+(?HFS0UX3`}7Ho;e1#b;Y!z(Zl5Y
zPr_e$d^nD&j{XP+@98@KWc|Gy&49YQr2b7&<1Sc^@BK`Taks=z4(NOATmIMZaS}xT
zG<>u$TWr@>pn4bqgd-Y4SdGc3kx^4w@}eMJ;O6vng-dKN@>AB@HNhAVJTThy=7n@P
zDd3b#>q~;P@}k;}314y=1N~fI=8SuiGYfF%?fiK)`>DoFXDeJ7Y#ufF*K7C0$$ukK
zipp^KPkK#0qxda%%(0b-!okY0mpA9yGc4>c>&-nx=r9lgELd(*eWl~RvLqu1o#4A<
zc;s@WaGNpOo=I@UYt5y@9!4e*>~{RQ1ihi7*%I~TFOQ9<D4#KIJlncEw(zhkOT`nz
zRa$P=9G&}e@$KX~^h^efebVuH@8&$_w0imNvihfJ(7<i($OV-rP`cO=!{)Euvq))7
z13mJJgFOl`3#`U(#w;Cm?I&IrBWILM(vr<hXOUd8(pr^t7s?(0Zi&Lmp-pBMjBNAm
z%r3oZ^j0ntwjw88jN@{=f7{v_58*MQpQtnEal{B7t6xQ&N#kAbjyu3Wa2%S#{NjR%
zz;5cToaAttK!ItcUqLs__pGt=TSKiG`aT`0yJ`vmj$p_71mcS0_H3U?42O{Q6vIBw
z7t07Gy`e)}^`=~#%I+a9+F3h2IqDz=gLL2Sc#oK&2>7E7Yf%Z*#oPHFABH$s7;Zd+
zB$;*Fo)zRfGcmLNGouqk=c4Kr@^m1aWsTd%1tRnN)H>AzBm$x=qIp1I5^Sq6Dbuf+
z<_>FsOa}o1TrcJfrx>!+nQUfLcV=IEw^y9zj=sKsn;le@ilm3<#Z}%H3=~^{RLQ#|
zDMLl+9@6o#G6qTKXJThMd#soNNn;Afm<@~Dxz*8k+kOsaigk4rER+y4e;IFYp;{`M
z$pU=855eA2wzdO)=O$m?fb_Qu-`jUV=AA--xql?E`(^QRM|bB&?hDN92>*`)1{KY{
zyEjyNqV0XwxrO7mfw*mx0M{DkIsMJ;+vY4RJ|Um&O`gSZZhXL>dza~CCZvN~&HdJ^
z**yZSgJCrZG#xLkS)tPlJx(9dgYlSEom<7Ril5r~h?kbx<^b8Ra8<^RYiKq+W;|Db
zA1IMa*1qDG^3Yb{NbI%aH#q$WlM#q4Wn5(mL0FHip|wlN1ynrg2o9;8fjHHvy}(sg
z00~(qm%AiiQ1{chipVWzZV0Z2J=(fnV-yz|1v>v7sr|GM?TX1~E^C)^nCTMq=L4~0
z6C2c)OF#Dqt*2*Zdf%pR|6?d{e6|12G%@#oqBYrBIN1Ns#s8#t{x8FU^IyY3`?Kt&
z6xL|(i55aMNFml?B>Rx<gL$r${pM(T%TiH|8U_dNXF7%wF;&f!Re!zxx;x>EOnhFG
z9Q&9s#5Ix#_M@BJOFzqPa%A-VDB^eSjV}VtdENOa&ltaje_-|Kf3avw@~YQYTrvqJ
zi!KWN$s;;-KKy);9oE&|QE~yuKK*^OMNzV5nWx=3O)VO$Gdy?0;{4sHV`ml+a60T*
zZslyp--}rtrR03Z+OpoEQ0+F8ee?@)1XR}o9g07ZVjg~7{(2IfStihWGar2y=NsBl
z$+8gR{5XwsEU{`&jCr)zZ=Z~4Ld&)&kEMITU~4pz^st+l>f4|C#A<1P;n80mUaVb|
z5&${ac(DYsbmflSy(;&vt+Y<_+`|iSVclMxq<cTFlGZn+=jMbwH)Idd1y)1z8Ryk&
z{io=gW_i8sLg;f8*pwQKh{A0x!t*$RQrTF4;%P)@hIGb&&kwtfK7&+%D2ZLVrlg@7
z_l)bK&<xQ7e@mxl#KJZpw`*QX=u7e(JM4Q89-z|btxDMR1(G7eI}f(YL#yVuKPl@#
zY<L=b-C<0fBeO#q_NrF-5yFKR50Zb_oW>ab9SwR4$cdi`*(yf0sY;DBRRf4`is0Ae
z$UoKr?;uU}JC}*k8VUl*I%GU3iSsB&;xDjBz>jL7ort21*kC*W#hQ|dsobM;+j=W`
z1iEvMq4QDXH$`+ANJP^Jt>?Sd15ZsFoyZU#7An|o+!*QpQq(eW@4R#94Rif_?_YmJ
zM%!(?bz3Vou29wAaS9wJqm7GJZ^`8%1j)}R18#og@uH0^7l}#cOG2!X9AE3I8wkn~
zMm2DUzCkGZPfqIr7`PDy?<Er$HR9!+%yz)+qOs1ieCW}etMGr5rby3Yx<mRk%WrtJ
zS?^}BQ=Ht@|HPcc%kv1VrXCapLip~NxNuqz^FX{@E0WDd)80#x<!UejE65<LBd;&N
zSMu;h+Kqw2=QLwt8F#FOxeQQaHtp(<(XlkZIkTY{&RYHeP}Qt#vSeutNNgO^)M5|F
zsC@5grXl6xb!;kIi>lvsehzm^R+L<AbP_f#g5j|@E@lk@0c9^!G|m7sj}+*s8i=g&
zINf4!jIa2iWl1AX@5a2CP989sEgDL06M3uBi{M1@Fi8~!VUr(Nl>vnsn1o`vjEGyH
zd~Ik9w|Dyn0LxKuXCbhn2R$E|&<T8^iAF@yt;X;>YoNjH(g7>FDQ1Aqn|cZd`+Z1Z
z`4M20k%o;^fH2`tfF#3$+l>J&aROrKUcp>0L@7iCt^z9IMkrR@d@^?tXe`1~l)OED
zRI^<1!VXbbzZ>IkdYpg1xNCyp^p)H{;C^qUri3#X0L&YTgh+R~fB83rV=@$E895^V
zuj}vM5DvHzM1dTL`bnPdw}Zp%sS!u+qnMGI(~aAax3<+=ZtmL+RO66BOz+;3X8xlC
zR627?+ZF0**++9vizJzth46f|FK`?*jR~J~gsCMdtsxQCz+#`B^M_o0RrOzets$j=
z4b3Ew7~J}>iR}@avo!BNtD9u~$A)NG6;M&pHl#nKvs9Ncp<gM9{5mw}@Q)`+q8WW|
zdmyq<T{}ZG3=m#XIU5^j<W<I%myR1`qz}byV_`Tev$wF9?P3k<q`hTIlFp&t^Wt7C
zLv`lJMKnMppv=tK_LUBh7T74o4(G-J-V84BURm~E_(W8KJ``Os10ct_6W{03RlT1d
z`G07Q{#KI}zn7!(9Gc2K;Wq$9IS$;Vd#b6Xt&o~6?seT<dByUl>xgYF;q8~2Z-I$!
zxAKDSY0;okwhrXgw{y&%^7Rxl^INr+yTmhgoA03$f^5BwB<6$0&Vzy0aw<Cku<WK;
z2+%OvkkuTYM9wc<T*&SK-DxDz?aO{C4p#gVyAkz{ty_;kQ;J3<D3hOrN<g05nH}Es
z8M<*UaiGo_DD_P1jwuH!KlrCeH6~CFM9;iNR{j<2$#hyoZ-zU9y}9u>Zv%ldi7^TQ
zhI?31<Gg*GMi~L5lRH0P;0?fwGm+ZOlGP{IMqoWLAkSoCCIU8zXb-ntqS)HN0RhSJ
zDEI0moFO>w!Ng{ZK5Ypl-i8#xdxYz|zRQ0^ABW6r^8F`0Xq*H1r#TTu?#1X*sVGnL
zS!?8&z{5kPSkzkg_?x5%5@hIOuR?W1LoS31Ci4FM^q->K-#%5-C0_u#>I(}+z7F`%
zVpFPJ_LiPgC~#)S4~(-mG<=vMj4+EAB~^L#8*!qXFqhD&QL-gA2fs?rZnN4_^MFG#
zHeoPS=8N^Y@p`S20cV-r0W|AKJ*kx2gNCK5LZq=>@7?6z)we!ENMgQj%0Mw8yZ~Y1
zq)<7fdvfz&541{7s~iAbWa4b6=R{W&FtQoSQF!z<$xe`p6lb9-lCz1Q1_inN^dsXv
zlN$NqM`KD8jZ{^L=xfvv1#ck`OqCUql(YkGO<ugd(UqY8N)%nqVeF;yS0W{h+2#rf
zIi;Q)w8TW<=O=v2O*h~NkZVrc7&cMVS|k<i4IOP|NIRcA@H^l$dLwC{+>x0f3}vC;
z51fSF+XCwcoR`%yzL1Rv$&(evqyJf@EGyJG{-YXJ*fy>2uioQ!mYQI8y&sMumKN5$
zbnOx}V}&Xf_Ck%{FFiGfD@P$BjYl`I3Nqt6P^Fl;l!FCa!2^8;1ZGXEAchHnHI(SH
z>h~MJ-&3S8+%N#H@y}7gk;wsI`)F(?^~crP_H==e>+r?IOZpe+AWDC9$_Gzhh=vSz
z6Wl=RM7sKKNI-GtmQpDWrEykEDqI)JWG>}}9L!jiZ=Hfybiqi4b4OY6Fqrp?wywWv
zi;6>QJJ`xB-JC+Asi4h>D%L|p3s6umiOC2LPYNN3%31;HAhLb>c4xE?f>#nUAIF}T
zy=T<w%fZl4{abkBxncy**lkq#r=Ir^!sV52*N@RCS@`o2hw*=U;iv_ARbOA>{mgr@
zc>U7@IDXH6Jw4Cg_HXxnh9+Ud;DLke(T-etHT$vMQkSHUGdGN~s&((sJ|TY<`7<zB
zL^JzicCic)`oK&?OC}7A9ZQu84Syrux{!0GCiN8^a-9oHR)ug+w=VDHEN&zts12(g
zu}7dH#@7ii#UhYU`mtg}Mq}RsMzR=I=uA!XlaK&f(G{`F&1%uT>tV!hW#yG>Pb?Yc
zD-QdPj;sE)Lz%FZC86E?O_?C(n$UwR3kVSmMkf(qU93*);Fea+rLMw7$X^KdE1f!f
zBhIB_+9iqEA`5B3>t{XSM4=3_2+s9|+8-fvv+Pz#zVn1D#;Zv1L#C)7YdW)dwVSB@
z&S8wT$umXBqXR4g8-HUsd_QA291e|){wIcGhnb_`mzpxtYQa@5oT9(aPbqM{F)%3r
z625Wvy92Z!Qq4o0UD)&Q`zSlm_w(gqM#*p0=*Bm>1rn@CqVf33Ft2R(hOy9|%z*(*
zV?THHHmJl?@B^B>IX}|getO=X`>zWWNVd(!biPmR?C|cC)}WX%KM#S+z(Xr@GsO#=
zj_jG|9(Cj95=*W4kDR|9>TYR0wG&qZd|{oP?-_k)cfvEM3V%FBIAWJecLw(X>$zbq
z7{FKf>YO(eMhqg3b-Wg5J~T@oN4hv(Vf^JDYWh8qx*05Vd18IiO>5fH-kTuie++Kd
zQ(|DnKB@57tSy~RY;}g*IPEv|5}IfKg0SfSdIn+YV*0{6=VB}GoVwiRxZFJfm_QMR
z7}gd<yt{j)CNrtkkThVW%8HP5wSfiW4e?JOzR3EPjF~X86eli&?`n7*>v##O_<;+?
z{u@IxsBCPB)Me+{<%aoF8z<Mr^Z)-$+jIY?+&mi(_y1AG|4SEF2Tt1<fpP;GY{`N6
z&hWq~8zVxtzs?`3a6&?G%;Js?Zsrbdt|Y8~V?q9213DpK{6$f-{p0%af1~~>ZvPME
zXGa`OY~a{<fCDzx)a-vvg8#*l?LQp<V<ND#{fqtE<Nt;Ir!3xo^JVAyiv>R0V}f!w
zAv-96fpK#GL(TPff#QEr{}YM+-_%^Jf3f&nf93GMu>XX&sKNo`eei*EHoDYYf1}v{
zH|DP&%>TuY_n)@8|Axl=FYG@HCjX7)X8()D<o-WA{$Ck$1HU+N+x^=h+rNEd`}d6f
zU(W3R5^?-1O^$yB#qqBkIsY9r&VNUR>t6`hzYwl}A>98$3`jnkba!wgVdVsVcjAZU
z`L~VFiiuc2eis3>e}@0>;C-5Es%)%qY^=ZrXHhUVZXl}*F)-d46^xzr^H2(mo%3_2
z2FcC~$Ikl~0_<}^1PZud{KWtXU6COELko0rB?DHtngXK+5&kwo_>biO)5JgYe<k-{
ztr7ks_x~RR{wF_tw0|W2f1&>N<MVN5aghf5?398J6WC|kKji=dP#&PMr#Nua2M_G?
zeh}TbLD_)FUU)zww{a*{6*VP!aUi4nI`EG>%s(5ZhXpt{8ynEiqlSQ!g@uHb<@1k)
zgp-rY0FGJG!PL>r+QE{9hvP46u+QCBPa_!azeSC{x>^ATJei=RRJ3$-<(lq2F+qX#
z-VnfkZ%E*iA0m**8}I*|C;MUmz5J;^&rv=%Xds3k{{I~R#iN4paQ@4l6L{^d3w-p!
zfKpbI*HDlJqWU%hqrEVimVLd!K5tAZfDnv_>$4ByO$`A{pkO@Q|I%^)y#zcCBmgGN
z&;S{NrqH<mc{)B{?EiT^xw(P!F&s^T!Qs&Vk-|jO2&g77F4_jv0eBsq2rR1-L*@SG
z3HdKF;9LwBfRl$uNXXUA#r)Is_sYrj^43>d?R<zQ^>x&<#l%zWr&?dJu_dh5sCFO5
zr9KoDRXOxVA|-`Q6lqKbA%%cRWSM1$`6WT<L}ZgY*Q(0D{xfH#wcK`bq~lQ!-`An<
za{IOm;3xbPGPCZBIQ!cD`HK<fQ6S?X_>M6fnUM%63A=D+jWGRj)P{?V#BPgrOXmsC
z_C|`Yc8xQS0jBUXm=;N+=@5aJjdt<pefrlEj=`WIosOw;v)=TsSv`2H?j~L)A;C{q
zGXd|1MoRhgS)?!d??>ZytBEC%^=m&Ie+jFK7w!Er6*B=oN(@7kQ_SRPd$#(@Xv^LG
z9RBkP003ql{%{M6qU7P5`g4yw+s8k8Dy}8Bb6V@&Jfsj-@-HG?CPQ?U68~Tn?4&kx
zJnpS`dW1=knWd?-y2Qy(tv1wqe|fbP%HaM}1M<!fjctPs$!M6|piZqv1xRo58}V&|
z{l#g*+>qs!yC&VO)Gc~Oy@KKj>-njdhh#_tywGl8nSU`3W_x8{kz%3r4paRi986eK
zV4!$|)iOav6|p15Lf4C;9Og2iZOB~{?Up~INJH<6#0<s1CThsmmOUfYL<JL*ae}oR
z400m1KqU*NqC#gzv5ms{MQK9Fni@%NNX3P+82Nh`bTDZS4H}l3EYT|rhU{q=!Gvl6
zK-%r(cYQ=U?EjhOx?ENic;VFM#LSn7M2lo}`{q41!D|M8&s16xQ2KsM_L4AB3ncC#
z@lAR(xsEYa(=SKpyE~B|O|Sj3CDd|oFu`1H^kI@UcE??o&i~yl*44#rfj_Pr?PU^X
zCyJPJ$Xn_?c7xq>mSg5kNi?=VbR6?L0QCj_e6TL3oS&Ol*!^c$_d(<2$SUQa<nJ4^
zl}R1hrbY|Q?=KI_?sbM3^JH4{xYuIWXjVCVSa4@^Z3&sCN3q@;PeD=|&QF47#<lPZ
zGH!1A4e&jc<1lk@lyf^$kR_=csW?+`aw8#5Y{<G3y^xgGWe_CT!4lT3ZSiUS05Tf^
zbgWxaNPN;bJa4s30b|RjBcA+Nu~ij^0|Xog%J*2@(gI-k`O?JRGNpZ>kOqE_c&r%B
z`4`D>01;z|bWI8%s8PZ*I{f#Nr|1zkQEb}9I+c&a0gfL9svL2qvRr1YMGxd$oJD3I
z&TrZ+A@edLB0=Y(2H7W`&kxWoKqW0ypqg<ObV8&|E&*0tfC7!6xBW<VfmN9i!oyZ2
zyH|y|zR(rz#K*Ao%uxn`*Qx`AQPObg(8|T%^?Krf%f_g;8D<Hjx~0|@r5EN1zE`?w
z!=Jt=PyuFvT^+SkzhH@08|2Fd&83*mb>Y{2SbT^p#rE45ao>p+zn@DDfRTb2Zwt@R
zZcF9cGk=*GHy>SAE}(E#L&Y8b@wI=7gLs*VJ5k;~ybZ)=<%!LuT?;WZ^*~@VcNJ|J
zX|I{(v$C~@vpwedovT4h%WVd`n>Jr8SEMpN?EAdd8}UFvr<xSMU{B&EO7{k?S1FNT
zGC?X)P7nCphl^`9&I6wafVQ;mJM*_W<YUM$!s4~potJEu^(&88V1#kSr8Z`1oGw|t
z;pRrJg-N`_((LI>B4iw=zXgtA2mw!s(S^p>p2wKZ76gF1Uto81WZ-R%Jb1br*>v&v
zlkJE?WqrimF4A{KL4j>~&SL^=#>2AXqy~~)GGJBuVRGSy(v@Hw0Aeb-sb$Q5GKkj3
zB29528YnD5dvSZTlaf}25A-Z>OEM+Ub&22GGn2Z>G1nbd#c8-~jGd@>K59-v3O#S;
z{`Z-%u?OJO%sm7OLKip#PghOGaLlRd<rXvxB3OyI=8zwl0g}-DHuZEqZAWQaq%ojb
z62;=mkro3W<FD3NfJOPDyGg~`4O30fLj0?G;*$pf%y-T}B#zB%j0LBQu)?L{o}v{R
z+Z=o97@X)J)+$Yl6UwpIVwQsmh4KY3jG>4uIhPPam2X{AL!~J|ipC}>_i4!9Cq%bE
z*PqRdMm^`KDf_q-M1@OGbxT(YN|h`jY^U(ozkhoGPXfIJ06AdWa?3)T=WYZ{Cb~~E
zNBq#2xw;8dF*$zo6n_x2k=s4FV#?T1+}IPkc&EqaQi<95$%s%pIOwQwwGN2|PQ4IQ
z!&h!kCZhBCvq{WLzJl@gn!XVW;JRj3h1CjhDHu#28RQt{vr_CkO<DFcp)KsTwbCEe
z8J)ery}|Ux1N@Jj9X6yR7o!XzIjWKp6I`Mj|CF3jg_(qehhI!{2FN?lH!#<lOXOe(
z-ks=yqJYl9576%j@8WkEH4w~6V`Ky}3^B1U;`6pB8IRIn$Fmb(fuEXAOJ5DgUy?9o
z#gy%6KWtrfya2&XLXRG0X4jJC<qI2QZ|EjitzWGV0sL~6NA_X~&m^?mYN@HoM3s?H
z^CZ1IGg!+xK8TwoKjDeD-{0iq_v2x`&aPC6IXqoIK4Pc*poMqGl0aR-(C1J2`11U=
zDi%YC@W9$5@s`u*<g^w!mD3dHw$te~ZLFJNsFGg}-`=D|#Ia*zR+yNLq*jx>uiUr2
zibK1r0kjhwb{0u<4&PH8NB7M-D=M#Gv3fK-zK5td3?O8fQnul<O*Ug&XNa{B@o#Bc
ztyD0ORezIEgFDu>l{D3>68z<)KWQO+-Ig-Cn}kO7C^P0pGX$pvcFgB0m575&Ta%!B
zUN)Tadi94_6>WNVk5O&1MfKUH`=A3|j|&g~9>9@v-)H9yU+Sw=s$Vzoykt?lf`4G%
z*~JkX=2|)Hc5svYcr7NT(K7h`TZOZLD`ai2AUgUrR`<kgSlvxZ36&nO9LlDEjRrnB
zCK)~%q-SNzvPt?hX%>8VD2dP-Q<g**2Ltn{i?jPxr;!Gnk(N?%<QdA3jM@mEW`3o9
z382ZnbhK_jWJuWS&sS;hSdN3b`isu2r9gCTb%DjJkk`c;k)HC#@bJ;_3q3{V4`G+F
zx7|xW^^`9{OBm+(D~rd1bT*D}RLw3#6hHGW@%nIiC{KjlTYh5kAb*kX9Lh4CLO*$!
z<22(!*egvuX}+6QF95?GbyF+27f~TOGz5TP6?-4g=^^5OzeL|zdohK{f#?Ns(v^0E
zMhu}DGMAqS^YfvzQ$b`^)8%brb&tVu{K!tEifNIGv-&fc5vg6tCOspTT)v9eau;#T
z(9!rjH=?%H@>wEBL0(QwN)rwxd=jrV`s?iM((Ssh3y8-$Z=Z0;QNFW1yKzk1rZS*{
zW`3*iD~mvapHpmO3UNKFO@j&`p5>M1ee2gRRCKHfELhGWCe7d63*-2?V>VBYQdDGu
ztnk_XL$SrVx7ReAe9@JzS#_lEh`f@W=p1jLj6hYb8#(p<1SvSUVe5Stb3eIeGN?J}
z;`M~6pX7ICIebB!I>aKyU^eHnJ6!++!2?9ZqK|-WIyxiY^=)fjHL9F~KcP2jvun|S
zb*Wme@u}v=wOss*^fUpkU+=kT%K3jZo>%Bo=x^8FC(fsJ`6FcecgY%J?Pi*)0wF4z
ztMr%s)X6g7XHFWs*^IG*<zgy_Wb~5iVoz4G)I%KmX)CmhmGNC;e>_o-Rj>l~4{hTL
zP%`9d46ZP}l;+&3=a%fuq8KkNKENI4FprQY(#i~BpDWkdf>u!Jl#{YZw6K>CBGn0T
z4`2i1m1N_EH?i3fqNY4|-B`tcnP$x7V>LSL%_8m$;-{&c^N#R}z?q#;n7^r}&}hQ~
zOG7{cRY@yaGrnY8d4!m$YdHX-1}_XqxT&$^(hEQa{It{bzA-|Lh$)-Xo{Wz<+NY~<
zu9IoBFuRHFz{?fIu)&Lh($LXb_urFCUm>dMiX-5mqhyH$b#!A#@9sdRj>STHbVG2a
z{wVL<6`F>zA)FNszZD*dnmX$kNT0;S!z}>1PC^aOMSzKCQR&#r9gzYyghZG(k1x~g
z<g06H8nup2;oPViR=&}LQFRu!bUvz!e@nMQ4#T>To#n$wPNqr#N#cpvf(m9rzSBT7
zz~W8y!B#K3?`RIGN{)9B2*omWkDsSe!;HFlI#U;k7;AZqxutzC4RYY=xMWU;D*p+?
zFv4`KYN*1*1w}i-n%4`kg4ZPtjG%pgH^DN)KN-|t(Z&c@obCALmxoHoWn&ODSkxsw
z)T8ddENqCc^Y~LUkpiMo!TsA8@D$_0B*YCG;+}4=i3Ay>IIv@+$E{97L$_)XD{%((
zZ^HholR=E^yQ1{Chzpa&&~x;2T30w<8aO$0HW0+<b*YN8T1IRDB+zh@awg4EH8Qgb
zQ%tDiHjQ#E&&g>yF8XaXrC~EZ1YP88?8^v~?0QIk5!)yvXf^S$ng<exu;xy+snHr(
zDOqsxQ&qzWyHh&_Kb~zup!SXNGlBS(x#M%1ha=TF2~uCz)Aie(&cJ&|Q5X_t;l?pW
zEpFK=#ClLMKs#3fIqup5hF>HTqypd|XLl){_;Ol5es>GL4!ti(Y$FL$^F`pDswdN_
z*t*?w)n`g=1{zfRgH@kW+n6BV0&{DKt{|p9;sJW&d=)?^bmk<1tMx*N;n~tQ;3>in
zDFf=6Vde0y(o*DG>NBM?8dqFu5rXUnCLYtNCN>xMlWqdQ^+pA(O1-i{n%<~t*MiLn
zx3O37fx5p#SfdP_YzcbG@Togwl~mu2G6^{Dgm1}w<FI-ZLA4bY6T|PayEg<8YFUb?
zB*v)sHmKQwj-%l<q#m_(8`@e<IGw7UuU?8dov2K=c>06LYiMcvNXH`%`64H)u5H5S
z3>sk=G4N`DXcPL<Wf5&7^J?C{gJC(qPIJ9+gOTzkSADqDn{*7xqnD$%e0fFT=*pU3
zQr^p$JOC|)y<gn~{FOdN4I~O}6p<!`^(wJ1^o?P)h{O2ZCwt-hL`tm%Z)JbZbh?H$
zpfJ-LW13iafS$ZCvttJTF`MLKU3lvJ@NJsyJTwJ>f02^1&Dbw<0X`G!${yj3+<CQl
zyNErB34aqRBQa=m$e4%uE^$zZ?UiaaKW4r{4}}*kV}=iae{E0KM%!!L-yFC00$Z&A
zMj!s1$;UZ9Vx4Y|i^0BHU&)h*TDUpjGfn0X$^zaw^$iZIm{MKFwmXc|Xo+kSzbD+V
zqm2OIGV8ga)Ewif^6c%jje^YBJ`Byv3zw>zl~xc9c_&w=w99eqbg~`NM2+kf<IF^V
zuEU@m&!ByYH0_og`&{otOR-O#rCRBX6xUle`Wzb?u_8Ynpq#el8%VVC?x>P2*<cdp
zTy1P4vsYJ&nV`VHRh3|DM_<CnJI(KeDQpaQFI+R|CnT_m?n&IvU99R68=5kEaMw^X
zu~j%4pd;ReMk<MrAb^SYgsirv=xhR0-P!4bi83X-L+KrA6R^ANL|_V8Z(le-C)=KQ
zlcp{w+=y{c+#dwQ*Zd+!=77%*?hmVpneB{;*y`nbp?nAoaKds31p7nuI(%ESc3uof
z&4mXcJY<1^TI4VO{?f((aV%M{)WEq+O|O!bkwZX4lyQNG6x=^qkF_%}o)5YoY#Ap^
z#4q}ImtQ3WeSD;O-J<E$o^%V(g{ig1;Dg&09n*SvaiXeWS6U%ZD4`MLZ(?q)XsP^e
z$esVx58*6k?2+Ms*u!_i?gm_PP^JYK{Alf1lB?mOW84)&bR4W)axK?hhF9`*4)B3u
z*Y-^)eK2h0mH$(oa%fgF>-~MarCp*)wG&vis(E}eKz{Yr8E{^@@_lL-iihel-jR>3
zzT26!Ob(Jur}hmBSP9yx&wDkx@%o06O0|lgEQ#*o1Zr3lk|YQjmovJ-Vp;+yOq!Bl
z0}Ghtqr)7Jvo1>^6BTpT2W6^`;p$}as7CI<rTro!r>I7A>k?K;YeUIYK#O(I&^#jq
zn?#cGKm_~p^JD16RJ`aSEn0I9v6kR?BO~D{42)Sk88-#oS5I18#WGLP7Q~=nb$wxO
z#p)cSTohO)wJlei<7^q=`&}Gxk1GP$O2cghysHfB9d2_do3=jWVPN-{zs1B6hA`eQ
zWVj?TZlb}&&k;HQg!Y6s`XhSREilb9)xi(<xH~;rf73IK2fQ%FgHrB;%s1${bXwRB
zA@d4az!}1f`jLk_=%rb5dk=NSfBaE&CjRT1hM_Xc?va3?z>2=5k7NT-G_q4&X&N$v
z+4E`JVz)}hzR}j$rY#tR7{QgVb%F8Uev7$1!<`;h!Oynbi@;foHr-HRVZab6?`$d`
zXe$tIqA#Q^aWsD?BS@u!^=9sR>I2IzT`w37vd^nXqWsqMSo|H|7^`zSgns-Q<Pf%R
zUUdn+9GO`6INj%S8i)^&fl_N&U@pjH==+qpH)MGk_ucIUhC7swzN46AZ2AjWr9Qdt
z*#z(_AuVglaZFIXN0DHX%6gnmmA!ZK;?dk!J6K^MUS6hFzS4${&dy5O4n8c;0OCo0
zwKIg1n0o$zH;73<-tRl4y&!hRRJW|u<Z5*p19g!sX2zo2^+_>+cnp~VQV5B)nVpy0
z%hz4-6$CGl2!GFbB*IE~*3U@vU<sdyodHF8&-@UzcZmrzcDN%A;1>rjf7#6C5imLz
zdtNUp9Zw^V1o)CZzq?b*yw$|r_@@^52<U#^m(7M+`mqGrK|Tpa6?52wSEo-;)p(PQ
z!j0kUzFeLUwc`;0!M<&57f_5%Q2UwTQw`O8SmU&yjX$5l(9Tb<P*AJh|KXxPpiX72
z;S;wR8>8vc$w65~{k$pSsACY)-qiAf<t4%Ye#YPWu@e-sp?)}KN?<h@Fupo!l$);;
z+>}JiC;t<vR!%pL$BnTv{M2hNU6xaKteVo6q`V4D73u|W=0#MgmsF}dA@}=Qm~n=T
z|ENi&)*5QMIobMUNa_sO89Emi+%&)K7pG!6jgD0rYg16z)VKtfBmrewW0uIe?(u}6
z3)2Isi0H)UW<}FiHu7+km~%3(<048mJ~^3US)?_u4%!qw$w{CwY|$|l%F1vge{Uh^
z>;3gR0!jj)T$S&#TR`g|v>k~hHuv_F{b?5TA_H3w#|+Iy!c>vHTeKJt&Q2{t#`G7s
zhomD&ZGRuvhlG#q7wmSqp)T~TX=*#}McP85_a8_4<#VG-T0`!Mu6=u&2^9|+pQ)ec
z>SNj7ENEYs-g5eL`r=%wEksIF-Pq}3+>d_fh3JO>9HlB2Fr^z38;|Ah)+Af7rjR4Y
z&}nkh^?Ui#^JvUXnSbz_cKxs?N=rO)q1PZmGTR@fH<{~pt_5KX+>zLxs)f=dtxwO?
zLxk)vVm805wnIC?xQKg67u|X)=$9LmuxLL|8gW7EN@2xEiZYJ8HN)s^=sV+-FG{^z
zw$ye5^l+RN1Qu4TnN?N)t~&;~6LII!48@T<tyT4@@659+6$tFs_l*mORCfi~9>9ti
zRm2)mN_|c7$mg@{!|TJaEJZ_5fs~^^MjbSU>vg(Y=zQ;meeIF>jZKEvEkY7GtKSmS
zt8{?VO^GV!_<+>1|4eAp!%Hp_3rAZcUABo1z%CWm&mX!Pqr-wabNg;Zmr6oZQn{z$
zY{mDY83=LJl{48*X5Y(FEoTporL3psmlig_RLFE3-L$^iT!S?&MR<&8A@{}nV))(A
zUFT<}-&?e%Snj;`Vi%TJ-L(f+rQ|eTyPqH8tejAgrW)q{AhNwU)@{Vdw}I(acF#*^
z08Sdu9z_T8O!fFhmo>d$9rhp&+H->Nfx&0;)iv8QgQjk0JDcLYXK1~Pf%XIe;%PU$
zpm&6kKfmpKiQ6TGJ$jy~es%ZxPkhlkbBvMvVnq7AYH6+JyQAPHk}Qw;{wOm!D)qel
zPUOPQ?#_KBA~@0A_x}FeQ~!v3{koGbFM#Skhl@>UpB;}KN=|u1!lOaYGI6uJ(qNK(
zP`h$B`va6mjQF%gZ^MGJ4NJN(ixHTjTT2NWuWWK21EZeqb1TeD{&ipMFK`hJ;k~(W
z>yI>F)-Ys3x!E5Mxi9wv<~)cZ*m$*uVARF9$0O#BWY`?{-(M4XJim2cimR~bMgiKJ
z=J{bcx?#qiNEo^0GcofC$dJMBUIJgQM&J+9t4>BRANb_a3;K9^!D=v-#v$$mp>t;k
za@YE#2XsFK7Lani`*MA=?ZSh)-^~!<_DM;9uwA3f2zBqmQYTf8XGU1f?o7yF%-~aP
z7;_-=?KwXbhWYO%%0N8cF0MW1OaSNvsK3ZjB2^Q)@aBs#VShIXeqxP^QfY9HQe?bu
znPG&zXEg~W_!#?h6=CB$TBi)%5&tAFIjc~9-dD`~mazWH93+32d3DiWzn=n=q-JQ=
zQZi+>a0)N^<!3mU;9M65W>r)1FR>o6k*#U*UbQzP;3}tJeohBM`DWmEZXSRFJbQ?6
z?asil?Ecx+8}ivqMnb?rzrEllfJN_#dn4Xxls*sX5*9&8E<Um<%`F@5#{nDy2oA_h
zEfy|zxYiJHqZ!Y0D7@0Im)3b<D%QJ#)0-=A5Jjlt)Y`VboDFQ{d^QXXRVHm$&RX^l
z!v)0y|10*VnmgyAgHigKTu(swZ(-^nP^I=QEBHU#m4}_R0||Y{Pq6(HAiZcWdtI}^
zN>u8v&2(%K`R$yaslzL_9DaaoL)4kq#_yo_@$<Re26&(~mpDx8k3HXjVk5;V9<3JE
z0}MmIy3<#{^lV0FcQhQN^e&rNFADc*n;kX}6uam2B@FfyZ(><M{=owHh}d{mVC3<A
zW4+dnbUF&2qJBGry(ed}xi?%xQSGcbIorwt^c2u78<ZEOf>HKYwf&BO=olsERq-AW
ziA;L{cGkY-1>Y=uY#;6wpsLfI4BB6pejBQ3Ok2Hs<@~1CCp;jmK!E-YL8Gp)?H3D<
z4iwKICC@_y(caphHkn93PF2xI^n2l_LfFR=NG!11TAcYNfy3p28b&EpxbAMw=8y9}
zdyv8;R~ft15GZ<CokLWy_t0<Bi@#)G4o@fG6%8JT^r5g#3wH^vmg$;ZdVQDwK^>!m
z&cHMC)g>tq;G=&YA#9bjF($#2){}v_A)E3sThpyaL9cah8h;PSStmCBjjV4q7?QW^
zBxSW0kbokg=wz;nU!>&a2AM012W2S&khC1T>Tr+&e?mh<W)5<lQ&2Gk1KjakY>6q$
z%$;G<2M0t*e;sz_`3<`*bF=2xeRAQe{{*i)wxgN%=@le0)RJ=HD!Vm0>C2_p6OiJ+
zB3$9nq47nJh652m5V!Ozz@ENzBRQ{~{5`ycO{FhPN{?pm>_Ub?{4UfXR&nT7$~d5p
z1)NJ~!d=8>KDQ*3xY7=My*D)CJh){gv}>BKi9s$_&!{F_y_cx?HR8-j=7ZEUNx<nA
z>XC}=%JI_~WB?3|h=uc!=PH|8p9-mWa+U#Rt8SXN0KEuchgKU_Yb1E?4MGG5@cArB
zp_HFOURYECqm#1KB1eAwt|xtJF9HbI_CHt;iP2(0FRrl?RvO?@`y)mQTFhc<NBhS@
zO0hXWFz%{yr-^b~eupNB;#jkBw)1{s{xkH4GA!Z8qQw(5Vw>vAMyflv9Y5XTsau<M
zd)Q=%gbY2v2MOE(udibtMmPY&1^U&j9YyHS2!eAx>s$527LhUid)`=WoU?V=y0VI0
z=@P|AyfT#%;-yl@`>u-rj_h?*Z|7GhbOdvR(UuZTc{!vX^`5=%MYX5jZY>>-u%01h
ziw7lGog0UjdRFvBFMIZCv_Sn$cjszZbi7Q0d7zL1_VR<T$KfBVajU$s(A^VC0$H_@
zpp_&oA~pe!p~D!VzO!r1;QX^v@FzZWa=Idz^|o|Py$BWR#LyuH^8q(6w}FG+s~N~n
z;DEQEov3F%nN}GC`BP`eWb-rE@7)IVgf)dZ0YpKzc}Z5UoI;bNUy<Iv7VUemViP%&
zxMsrxJX!Lu3Ym34V|`3j9<_oQfDDZCxxtG<p%Mfo3)VqMR$(W8_A0hYUk+JOOT;1`
z0=@5od+=Av%rmM?B~)5y56wizCNQH&Lu8SOcC2|^rTpH!mLab|Hj@xu@{#bI>O`5<
z6?b>Wc@SLI^9SGRI$~efpoGXYUMaKvP#YX<iOE1+pr-J*&mT{b__Ey~+b$OK{E#IR
z`<~G`cxf1^hZQ$LutlI{`b+OQ;G_iKn7`PMZd)wO3+ip(zaTLQsV!NxMORPiO%vMX
zJLJ$Yn|8;1HOBq%KDdY76{l7vFqwaYCi+JFSxzn<cwNE&KTFy`wo1Cs1$Ki<5pdSe
zeE#{Bn!sP%I6&B{9W?HL+zkF}nV9$Q>N0?ni<kGm7m9VD)zw!!g~+FQ$E+A)p+RQ|
zilr#I7(^*iVGB$OX%$fr!SE{S5PHZ->=N0A=Bg1vM<NMxRS*V<MC!I66ivDthST>C
zgmtpBA0H6LV|6+_d+t|UI*cvS`~3bqzW<Suz(p#QAVamqX4+`rbOJ;i9%T;lB(VfU
zUge1rcwl|JnU-lMB9*&D#LPK?b8OZJ2=tB1IN>8=ON*V+Oe$08?jEbL&iKcbKi~ak
zKO1ZtxmfEwxE+UeWjvhDuc!4G?B_;511E2FfX!wJdqcs*LF;AYU}0FWwmqiO8HO0U
zs=tC|vZek8yGaIry#cs>DDOo71MpPFIJmOTNVk9D>$2Z|koRPW(I)y$qKArk-bQD!
zc%ls$YX>P8IhtY86EbRYw@=io_l=Z34i1a?Mg@4AFv-qr;`-hina|GcoM-hRorX?h
zLw2CRSVX15l!D2b=~60GCR9+SY+G5Gg3lS}Qa(+Kd?G#xya5#1RpKu3O~z-*daFGw
zF-%72%FUFesbDR+*dQH<)D#@5&{sY$(VdXnaGJ~Vs>0JyPlmFUPFFamWZ)_FNXu3}
zR-!J+Ooro0#+9w8Nu`9Yi^LUjsS=ng#Fa`c!6ge#CMK(pOcD(uIODjC8s`nLf)C6M
z)yvy4Iur^XUji}?rV%}avd2A;TX1|%2(vwX!g&$s@g9z@c7N{l@gEpGcl9M`vljW3
zn3)Za3rmf}z4+fP%-6-8#YIzEBtuO6W}VJ>H}&B~zKFlJ+LJb&8Fj$zTHQxSHv&Qc
z>44Q`@QT%n`5BDdwnUbkwI-X@*Z5<P@qfN}v5I*GsRN9wf<x$%>Txt(>FnqXzetys
zjEvDP+IZI&*vez1V$#Cl5=-p42aCnNTkFXA=<7!v+JfV4JUmAYy?UmUEMKu0v<>A6
zL6@1xXgTxbd|)C)AGrMq+o_7>6FsX8SH0JkW%i?E*!^auL&vM(TDk84ezCGyB$&Ku
zBDPA`A`Otb{zw!x>g;KIL$eWG#&vJ-Es`gj=fWxvXYafx>nt-f_QyFZx@0`hVNAW_
zD`adSvel`949=H>=y8e#=a0llw^FQCNSgAp6Vb=5-(!iR{;A=`_6?2OnvsOQ$V))t
z$PO0qfd{Q_wDK234@&HESbs=(<}PGYeY#g}o;1LR9u3+A?Hia<Dk_57&{ual*eORA
zg%R)5(jwr;QSQZ<7I&_}X1_dy``$LW<xH=Ei+dGD`mvpme02jgbRJ8>@6O$$i<3@k
z)CB5ZHb}u=*%qU+*zinsCL9@6S_brH^acIW<tNUs>7H~bI}5}AsNnaf52_+%D{_sY
z37h~{D~%CG`?|r%ad@9O)2?t0H|vn?$`t>s`AlL|cQFU}I9+1y5YMIHp>iaiBNrxu
z>(QXDE-aUhU}8>0TPZ3-lP=2a!SaA8g@RlM^&$H*BFZ~Q;W%bY9_KL6i5k<@aO%jY
zNAWE|iB%{MJ`=gu7=#fdE_xW{$Mt@dPeKRSj_h6=hf0G1&TqCCk4m5)Qq>F4S{Yh+
zNEuzVd^(r5<}JruhD}D_DC_;O!S8^?qIXa6ZMH!i%u;!pL2Ghh$@+q!m5TK7G4k?J
zE5mSg>I1KI$LjW)xEjH<16T6N-z=|42d*##5deTz=Bey7fyIv9FRQfBE==Bh_+)_J
zi?-`+J7NqtJzh{lUQxIR`5zbw&r8&U6Y_M|P^aRX)%@~|hfEFmA3u}xh<m$SZ}Yp6
zy1(J+Mm~<?XrjNS;Jp@=tYH`#@AmFe^+vzeQ=*s3R4(z5LV_o<KN;@mUdvfr#cJ8K
z7jt=){u;bfZq0?-%P|^Y!KP|BS3m+NWI=?l@kESlxZ~OsEc*xK>_V#^mKSaFLaqh2
zm^M=Tb4-yXywhjQEX^*HQi%E2L%_hzfE`=asEmA8hOzVp;UX^(v@5i{8SXuZMOyU_
z@M$4=mefX0YyR#C?$@xxe5`3thV4kf?Gco-578$tO<6uNmR_=QW6-`4{FVmDnllRB
z(#@h#Vxod+2?NnJxdy8^>_p$QQPx<`gL(eG^#g7=jXo7~1UEXvB|xu70X0}){^k4@
z>-3fO<Pkj_?Wxb1O)ja*x%kjAr~9cDc<N3A*pQW3NP^%xhkifeyehY`MT|O=T=RAQ
zX2$6UbLoUhI|*?PsksiM=XeCjWr_Fl5Cg0Ux^K@%UK!^jLTsN4I%nj@2E9izI~o_X
z&E<IMOcU}P+r3XWTNNR08g80zK*s?yGNb6ld+2Iv=#3MyudNO=?!??9qZ_0Zbo<5(
zJ186Vx5WG#><{K=@@v`Zq~a>y9#0t4VhE53i3`weF_&y6)e2ywK67#<s2xB5nxBQ5
zY~~|UXh`wcKy6%%QU4_|^~#dgH&O8Lp8lnoh}W;Eh)__<ARFG#rFdt_6!8zZTDBnp
zetH@n<<^Luom-u@V(XW|aP3&(-E$lPYzg4N$;-iHnl1RK02OYQh|8YTE=YK%&1m>k
zhNygJeX^m8`PLLWcB%%zeu3N^v$P_IQC@}0!s5WJL>Am^>em)Zm&xJ)y8sPIWThIC
z@~WPQmlmSjuLeR<P^5=>U<oYWpLfVUJV9RE+PzV(v#8YFA7x`PL+%<{i$~?m(LU5K
zB3C2=hL7n6Ve9C_rj($AY<m%WCn>|Bu;C?SWNOeo-%BaWSK7M(;dKN@=xbtrT`Xa^
z6b(&Y-1hGCd-#>ZA9OD+O0T?v*PBXUK1RwY^`|<%@|KJl_s?J11vz#W!~-)mZ#hPz
zcQaYFVZ(os`;1M`U0YErE>-L0DC{8@=)E26Fuw$cE4?6$gjmAa#u6uyPql>VWzr=q
z(amKqQ~%a@dJ>ZXV0O*LIGw=pFbTb<p&&9bl=o4V2S^Hs8z@~dIRirfpTfR6s;Z{@
zUrMDBX(a>+k+>bCq=a;LgLHQsMLLBG(jYCMv~+`nASfZJ2qK7t2uR28;`?3i^C0h9
zzxji8);@dB?Ad$I%(=tt&uDDKMQ~MJQ|U)gnvGP%Gj`~I9rpn%Zd@kt?>{-(ZcCH}
zI}CRXWGr)~D5w`C(5w!=<4+9Gao7JGG_hXup0tVWtA2~w?&Uz^uls|p-m<B`;jv2w
zYwk<@n99SqPWeEU74{l0fjxMQyIbvvUnMWJSw{&k#G26RhUac~Y<7=<qY3i}vm3)#
z+3EJ;dt<AbS8=T{5Fd(iujJB`)Q9>ZW?d8`Z@!BgE1ce#BCs_eOZworr-?6m4|T=0
zT|d2y_Sdb3d-2jXR0Y4Bp3Ac3x0+If?!yM&EPBzONT!zp<1#5f)?EutD3d!RhqHWs
zyaIiAH6h#D_r7+DWO;Nl`o-3eWCpvT0D-gMbdtjMr0)i1yw<vpzNaSAMEI-mLdiIY
zK{~CqE7z+pJiixh{)CwL<Na_JesGq9y>LcSda8-SL6+d|Hr$(_?>=i$c%jd?j6CAS
z5fM>h0}z1`Fd;L(Esr;sLtmG^?8qO)<DxEctM+CqXLs&)PSy+gbzO$dU>@fRL(S0d
zd;$tzQ|hh{g(&_a6n+S8pw8b;tBDQk^N-dhN+XEba@>C5cFWjr$nUZ>d)-o%$xQUh
z81K^l6Zkg`Nj^EX1li@3No(t2_ZG!Ck1+q)g2UgAwSZ3m;Kt@;a4U<JSBalF&pJF<
zb8k4DkF+KXIU0yVIE*xY^O&Fso90jx^?`j$!hkxsSt=g$P>4~q9Xc28RmsN^MA7-Z
z)`L7yZQ=#aC~*Z@ZqW5zO3RqhYW&kwX>x9-8@IuAq_fun4kyv;)+*gLiK91?AWmfK
z;j`W9p#VcM3=U{=y=Rr<{Nx2~&K{}%kSXc7P+f%oGuKez@ipP3v=#wbuJ%PZ^m{5Y
zI(JSFmp#q8DNpA~0eRAl|F5ILPg!|SlzoaWD>$Y(@^CTGF(!+QT1#nV@kS33K`H{~
zhfYGnCWf7Als^6>AJA&|>cIT|($|;5db#_-F(Hs<f+4q@_pBfc6S;IkKw^6+o(s_H
zOwuo_o+=BbKvRQgj1>F^i%IS>e`?xb^NGOzz}2pJvbJaa+PE}>#lgjkNX48Ch@yQ=
zccb$#&x^E=$Ao~m{8qBDAyoF#F_qe$u$|@O(5GXUX+ZehkC)YkUq<X9Q`kC-u9`25
zJ_!VFT`Bp^ZR;-Re;_%M$VS>YESM*S-sd8(pnf~QIqW7i?;uk5P$yf|)Jm{!dcz^|
zAW^#$7VETYCrrIItj3;(BUhy+<|1lJW=n{Oz++>WV0Jv+R_fQ&?)n-9$Uk+gwWF}O
z+6M}+_nmYdduy>yyw^HFj<2wL0AFY+zj*>gPEX9$$G#V45-_{Wae4~F3)zg<Gs@jM
zR5CQL2<!87HmDLvdh>GeWWsALn&cR@)t759TOQvRIH@BIsi?^^vJjeU{OvVoxvoP_
z&$_zC%d^@`;k>oDdz40>eo1%5BBi^(wXL52kRNZ)co$b^`{YUDSTF&p?+z{SI3@>R
zct^)1(Y@gW2{~MOXXm&!B`d1?5#8ynRvoG&Iw0FB*}(A%C$!pR@I%o4&QecvOV8G1
znVWCzhmXcLry2@=J9pAkH@w}^{mcq={CujA$I|okL5o_-dWoT}0gdm_&8{(W7DQmq
zy8G1JT1yBu%`$$Zam|gPkAhoD%}s*^0DD<ga9Mr6_RMj?8l{WuG(3-SusSv|o$_X|
z?%-*;;~U+0`L{OvGtuyqP}Y6v$+(5}h0KK1C}G0G`McsOpvHmre$&sx&?IO+8onIi
z)n!u`%9+9;_dDeITe`kGr)EZPOQWBt%>Hgtzn{K6+Zn1J+E1G#K<$`xUtKbR6IhcX
zT}_NpBX{t$)74{n7p+NBvssps8bBEUZK8Dl&~PH}+0gCY9+;q!MUSa+>6BJr6P7MR
zE`2YY6c(OT(rLd|3wff;>rJYo4Er7+Y7*zsD^6M^%gX!$hM8NX#$p##<ft0z^9N`9
z>uo4YfBdPEu`Qszy{|B08{@f>1C(g(NHa3vjOSVL@+`$L;@-8}PqKO@CcK?n!SD6d
z<YC@kf?+W#11WXeR+5_Cbk8+{EH~cj*uKrSS;>&RiQi5uJac!%iRr`kWuNl$tEA+n
zWyG_&qAuFM;_^Fx_o&v5=imRh*w9b@R3mxcfvLPL;FJ-BCz&NYasPB+jsVzZx&K(q
zXa{(dRWn4b+Pf(C^)AeghHC!UC;CyQyD-dST`x9?c;$`J%B$p3J!j+R*H6_f)USpZ
zawiw=7kVf7hK_di_>eOgkk$!CJ=?Z<$vWcpdNCzhTSKMD|GgI-nM=dBqxJ)dFnb}2
zBXn$Qz;jF!Xf28K_q#BA5sC&Nu}7Gku9>qzcst*HDIF2qy}u{Vrg(Y$;Fjj_N^Hlx
z1TK6&UXATxCT9}SeUwluKc^rT_s=3FKBVF0%kuJKWg_ArR%g%I<XCqK+eZ?q4%}h{
z`%5e#qa67=BTWbgRxh7h$!+j;IoGe&qwOLFURG1p!SX!%X?|t+vh1w@3jaz&83GC%
z{rY)&yw~23%{0BskRMO$`uyqP{m><%9=J$NjqMbl(F$tzoqRxhbVw|p_r$bdslieB
z*EgA^@@t;^Cwk2q?;mVJHA#7wNP_O|#q}#lS#uGi-w1~8?@#DBmWx$znRwcW*@$U6
zTsFmivr)3?%?}zhw(M>L1SdO*&kXT-h-;pKaAT7jCMY90W~+{teR^n-F*2T?=UI={
z<|*eTYA#DV-jXPq{x(g{ufJaJ-)%LI^9l#v;R|Pd_(Ub$$m!v|duqMThO*3#HbOqI
zz30qXxK^J}j*LroTq|A4>co`ZnSq8UPI4I@1`gs$4$>9~pl|6>0m{wwU`wN!_R*3)
zBhEyNG4?UeL}`l8p6<W&9<~<O!_`s^!j&z>EKdeM(d!~27ipnWSD5Q7rBjDi!-bgr
zVQFtde3V#125i5*CUaxXh_WUuCNBHTSIg_FB2C+sAbAI~@}6nuDERugAYafGS~<@i
zsx`k(J0t7QIP;Vv!vLkHZ0C=fySPLXY7K=n^O2yqt~O>%mmL&8r+j2e@@7z~i?@k=
zIMqP5X4BQ;69X23ISNkguU&x#!DxbB^_T^MeJSroh0RUZEfo<}bDDgr`J^wVxMgip
zI@-!XR0Uk3oPbuqpabTCw~v^BtcRsXHy`PvcG=%}I8Jb(FM!Oo9jymhkp(SZt6BN#
zzU<bE@vWQ|v~KoU7P^A;*h#d)12lJwO{lVS(V#d%x$iQD8kK5sO=+PFiz)uQJOjF>
zctR2pOW@wpsb68^*M`)tC0+CV>9BQcxQ^4@+|tTobDAwswJDCAsCXve_O_&-;6Vfd
z@#QE!;B;Xs<u`CQ|70M~z+><sj_vgFj!aSSyStc7Xw=Z4WKozqv7Lbb+)+iQezbw|
zJ^i=Xe>`*+Hd%Oe%!(<~nheAr$AbDvH&th&Yj=o$0dy_|Z|c2YJmOW*<ly)@@L=N3
z8}ifFx9?_{Lq}jmxAR}-y?EXvQ_L%1!d!%sn^w45v_YH#$k5_Rbt_temmy1X@92eo
zG8H_+Ibc!-DMc`!_Gb5Mj58>XA>bNJ60cs|DMi$oNQ}uX^bT4*Ra=cHCsk<|bH?e-
z3c6c-XH|XG-Ay)4c}>3dX?J$PkB07}gHM~{>V3}&sd^d?4p6ecOfTCf_61hvR*ej+
z+>Fr58#hN<0poq|HJ|w{xlI-3M!<>_mxJRP^KTJ=U%v<^s4Rrni@dDKt}!RKSp%%E
zwc|wR5CKjT@6a4<Y<TRHWf=L*h%J|`e9*y*I)3W3<vYu~pYY)uy*ZQ#w+9gm$<EyC
z9n1Yj0b7@%jJ*`_WRI%q$qP{pA&2;Kxt_O!bLbE$fRjy8(+gH3-N|2L6}Dl=J!9~@
zqLH7#wq&gv7;M^wKz@E2>gpo7yE{#Bw$8-;nAxPR>@RdWGMWpe+ay#y99(K80*bW;
z@isz&>RPkuT9}fjxpL}p9I=DMZ!u%JmeJ!$e$)D9YO2@g7wCUC=0)p_L5At9S-%@m
zPEt_Q0EssrA59_&5tOUdWqk(k@c}25J4L^yaD6hdP@<FN9yN+vAAK|!cj5}DEf?1$
z?NsIDRQ;?~<$21;L@{~dJWX3iY2)L5{QUL{?9E9GWEu4jcaAxYly){E$bTnEcXM=S
zn<K*U#SH5j%kNDM`@F2g;LqihxjNa&Xp=C<0TdbZkE*X;Rc7RLRtVzMr+oW10waar
zH*dkkWU=H^Q!1RoLN1<_yGEFG*v~qAU8Q(OS;{1!Lf>aIP`rgU(Ka*Ltkh?e9hqzC
zR$lzg%iUguQ1zkoYS-h-DYs}r_yZ&<&%kD7NUovxr+Bm@&qWb8hH{+sXXz@g;Q6ZG
zBm?qI@ccOW3J=|vi-|0+sVitofMrvXoSr?QGN28Pof8mfLFG4<vy_#q`&5>`uA{CX
zpElqvEY%k=du8>BkXb~bG}_KoPR>+Zr^AH4j7R|cRU_%KfMLFeTm3tCS9Cg+>8mhH
z&^rd++ompxTjNC9gx~ZP!K%-3M|D0-IyC`ni=WhLRj9d#_y&0f2ZruQ+UZnORtLD|
z@4lrL^!wzUHm1jOjp^;YlJBppbicNm4JnQ*>pZ)OlJ14_4zuc&wrJ?+Xnt_pi~K>;
zW$5TxUE$(cUHi-W&_1pE(Y0UH9rvk?^<ADPXtw4uc!-1j_6YYkJn#Gfa2)mJ8?cE^
z7+5>%pTsF@OlUh99uf@2B)2Q$U~jG}lE(0N5MfiEP#t2Fs6W|*|LkC+K!0|yAxISB
z-#ge^*2?NyGy$Z?rLQQ>R)to{3XHD6ZMvd3VmNfKk#N`D3Ja4q!wrn63|4sF9ui`?
zOnkMuoQ=yNJfhLL{r;27(cRZ(zCv^{?*>rLvXG^GKC^dg4&~G8+@b}05(b09KO2|)
zW<AL$rGIqG+>UPtP6)9H*dJuS(nxl9`^7WZ3*O-Lk?k^Zm@iqUH*a@jK3VLJ;3hBV
zk_Z%@sR(r&DHn^D_%bN}ew%fH#4?YvZ^4^+G=@x%PQ-FmoB1@TD=IH}%vN>OF**yR
z!kCi1ejMo|?dCG@!|V6Tc2f2CiJ-2!?|TW)lk0j%&3_*S0ekrFPA_~s<Rt9|-Y$`6
z5T3Rwfk<*Als1&o;}X*21q69nA!Zhq>f6O%#%yW2UmDOhq8x5^@)!rETzha88c%3J
z12!2jT_oj5_s;rdC1Pv|>Q7D?;Nf_b(uNPIN~ujj59nJmL9<c@@WD^$GC#(}VK<;P
zWTO^*YeBUmz<U1htzlDZq+q&mp!D<T<GO&7Lj#OLBIA15sv{G~rfmmD>GA=okO+m4
zrPt9>NB{g2v3We6HUlx%AJd<*71IZrBjb?^=H@9|$X|l*d4}If=PcMAim{OsRoB-P
zXKQLzWX4L{KLxf9cBWjlCj)P6lhVJQ?0(S1wBi&e1~4nSMR-lW*|s~Bx@^DPm@LCj
z^DI^F!9?CFnc#uL`?pb2t{PNf(vLy|7qm(yhJNt1a1So@(&ez;RPmkN#v|NoE7^cF
z?X37}g(r;j&YgUqKPXKFu@MTIi1jcsv<U^CGzrHh^U4Hd%Q{3R>W{XU7kHyC4V~O}
z^Pbp@wF2y~zD>^IddvOMI6BH}2Dolm=VoDb=sgx=i6PMH=XU3?cMwy_RHQ}$Dyo;B
zMgM9&`k6YMTB+MoQ$kOHJs<fbv1g;=<)XQop&Ab#PmJdG688e1$ovZZF%pM-%cx({
z7Kww^x1dN*|Ho_g<}sJb2%V(0*-5U6I^N)JCEo|CC)iZvjO=6CI<~1Q<?T6Za_r}C
zMbW%+!8AYos&Y4PozVJtfk?CC>X$Y=!?|w}JtqL$`Uq_yPjX2-|KrKVy2ipz|NF6Y
zg_(8Abtl;5Ag84@MjEz<p|REVPb9z0AGF+?jt^_Q-bvv!P0(2)K=my;U!l(M^0B|;
zwW5gIfB;)<u7&Wm83}M80d?j4r%AnWhwze^j=Ro^&K?z-U&~||N_SF}Ib11<^}?t^
zdS7ikYKbHH;k&?bl9QnVh!yEf4e-bZ;E{hqNRN##GK_f7hsKCg-PJn1z7U!g>jj@r
zZR(~nGt{Xd?EhhF`(vQt$AE5tzeEH0TIkn}+rZCV^Bs>e>!3n$lGh>6)t;k;)kS_L
zeM%Q|<m!^Dyy;UoXll)^mAH-hX;^z$x0p`rCGz9I!*(a8T0kV*T0uiOnAu)C_0FdR
zgHT(G&=#Bemfb49HI77d>#YnAq+*;=K6G45Hx*HA!#|a#SCBxSYc;i+t{-j4KHJPY
z_Z3J5@w58dK6aFIS2aVl!p(e768%a7N&;Lx{1r6>zUl5&$95lvtj`!}sv4TACnn56
z^tnq0;I?<}4-={TlY8GLc^v*Rd(;2Dxa~N}`VRRsRYZ#KWWob&j{-FetqNBK)e^&|
zQw*d|_{UFf?{aFRSN8T(8fw<rKP%=&Y3TtX7mZE-qH6&u*@lrH?I!iaRMa;L+d4V~
zLSb9n!(LhxHbkr{>C4_deESR;9|~slauV{7{R&nhxuT3UTljA~DR$VE^>*1`K|G_g
zo+p0a9^+PXj8A%(cbLJ2OZuh}V=KB@tP1YPFA_Th&vHye-(lcNMQ^y^vTErsJeLG=
zeOR^Uzqz=*q0u!etP19S${S1Cgdebhj~Co9%Z`b?uE@!1%SHOSm$qSYP&C4NVK>Lo
zH}7RG3+@9-W9;?XH}1|9YV=WZdWm?@Wv_j78O7oFVP&bGeFRz9$opQgJZY=0b8w{p
zGST{7!`n?&eZ!K557n>y$e(2hK5Z(#1kf@>?5)<z+nDxi8MD(X(zSw{nr@fde`_us
zd}p6@C*Nk!MeT{W+EInw+!SwUOT#qLFk2{*8?PU8UL!6^o}o(^t}bq4SLn=&#|8tY
zWn4aj(Qw{tQ$pP{I+2-lYJ_I|8$stBweq9g>#hA|?}(yEb$UCSj%UU*i2cL6rhzn>
z&xFf$gzKWBm%9XC%JbyGk4Jl>Ik=yZcvuG8Rp*BYs58000O3pWnDg>|b90prh>^iv
z_PZf4Ib?wQ6w|Ho!Vz~OXeO(rSYC+RMSsAGdGv}IJ-t$bq+++15$UB-_o9k?jA(g&
z3(mMoC&G4%DAFBW{QR4%YJu5gkTNj$u_EN-rz`uNAEAPLa}s;^95CJS<LNSQnsl?v
zhIQ;Tn^ng449e8{dq!^GfT8QHgNsE@<HKm}KL0jKKy)h`bG1pyH72T0@o8q7FZcV>
zxv=fBX)e59%<?hF*2+^KM9b@_21|O@wTsM_U)i>}5BP@f*qR%)rao-dd^!e{4Do(i
zR+{{xK(%eP_hMxvOJAUNYgNZEGZUTh`g&>0pyskgSX6N1Oom!y!Nz8WjiX$aZ1!4h
z`*9zevG0{-Nt_VE_^hceoWMperVjMimSF~)HBp6T$-J&m8dr+B@a-6WuOku(C8p{|
zNs|f@t=}dy)uSvtTPa&_nq8WJimtB6V}ckVDc;(j?njSW+i7WNT22SPiOGiFiclq6
z6eJK^eE!y>-`Ql``{hie=v|v3D7~ErXGvL6Y3=vuDTqi7Ya3ngY}W{l?NN1hM4#fP
zPc=$m&VzX0T}sKiXwfaJ{Ewd1Jj@znq-2T4L+ALd@3MiAc#8WQw`a$E0K0;@9Q=v*
zwVip>Lb-{Cg?-v|kNK)g^;eN#C!W(r@8hR6t051Adh}P9EvBthAU-PGEixf7EwC+<
zaoTCcjCssh0|8WgF_AlbU|mtivRM4ycf)pmPn-4Lh1{RvhO4qx;nHmTl$)Qq*F)UH
zXJ3Ft*b0NPnohoBk2G!i1BZ0^5t0LiLsci)m07cWJ}Vf@**+pgrp~&lmop<rMHb8=
zVK;~n`6KThNFb}kB@CTUC>v6w8WJStcpRxHS;_`fO`Yv5F%lyB%uF*SVNN(7Rb&pA
z$>K;Z>%HOcS|xJiyl!EouhnSrC8YtF%s#D7M@N?Rl@eqI=t;?)055Nhq}Sp-O|%pt
zThXSAZV{??S+>jiGUvxU)`F+Ws#tC964CEol)-1-)c?TiM@JI!8VM!83si-YG4<2;
zl(b2V^&LmfT`ssQ&8uX2_ua~V!>;U~5kK9Ley99k88NbYs>9oK)`;n=>*7P<EO@we
z*M0Aaaa5%6?S%-mO9CvLG(qh=bOTK8QM`@XLKz>Z!|*Bh$2St(m-h%IZ@2Ec^tAC5
z9BWH2i+y%>8eF{nW%24MCSsy6FIfUS?wxtxNeWgas9e?AeJ2xn5D(up2)p@RM?^zk
zQGSVpZe?__=5yR(0;_f5Kv>RN%I4uI^Su63)CuW#0}g>UuN=Vt=QCmL`qyCgmiLxb
zewUU_9Y17?KiSMAa9^FA2}~TDP*umSA#fX#8%`D3@1JK$@!fSmf4qKwgSI?{%#@h1
z%f4iXH%33P#k8J#MaFcb2SrpiCRtXwPou6}uKD7NUE^y;*`bxeLGt0zaNrf*P%-0}
z44pBfSJ%Q^JLr@E?-f4I3+x$?>s7JuJa8ycf50XF^_2|%gCZb5Bt$`p`h!&QuXm6?
z@7~Q?P~)Jgpubsh3BV8m5EP@k3;w^Sr@L(&5Oatb!qn817Ys(4VgFc~@L~}cK)euh
zQ>3XG*bHfE3gzU-1nh8BrSG-l;DaI9DohTT{`2tU0EvY`Xgs)a4+e#vVN0A976%rh
zKMzPW1cW`Aa*hUrLO@tBjq@}x2!^3KWCx&d$c1+>^x0K6=lHR>5NGHf=V&k_1dYYq
zI7dT5KxbGd=V&kl0{wRz2qfx{o&c8fzskc9&@<?jbHWH10(_xi>?s?pTh8&pQP^Jo
zMT0?M7nK2n(f{H*Yad&naM<4(f{;+~-!vEu3BuxvoRxo+MxriS1_}rLtso2xh5qd=
z5E6hw|28!Ug*t<lIo}8rj`~{|28NwsRh;9)%3kOQ7|VA-X(-}9%3%BdPfx%I2sWb6
zRfrWv|J^Vcin<t2P~=4#7<qP!()s$Js52~`|I+^0AB=VJ1r1^FGa#M+GM+uapvVh7
zhJn!+;saaX8KlfPSuo;%DUAZoz+=ua!XO~{{}8?~N+2NQ+1zkm7K#R6ph3Xszug1@
zp+Nt!H1Lo4ArKV!qTkUM%nyTL!}_m=v9f1)Ip>stz)%+g4h93k&$V%8e;AhYe+Zvv
z#PVTx1}+8?41CU?XBxmD2<X3t*cs_e_CiOngB=0<I~dLwVOWR$JqN%bNaWux!3v*Y
z`J9#i1~3$czBqEQQ^1ATf}p|wCky;r_`=XR3-k;A#75!Y)`CGnXIM(-l|g~d)`xR6
z7#M4ab2O~|VK5l{LXT143nqkv5U}&YAP^Ro=0ad1U})&ymO-E(SUa6p1_{AB3iyi%
zgCQ=iA6O)y3s%5R6@NE^T@OHiD+ohgbR80jK0|K$V;KOuaJjjdSld~+U?G@T_|>d^
zELc!z7JgMnM=WU58B!7pzpR6$BMa7+SiC8ISxFW>Aqg>Y>{<blL_*<`U>HO~T1-qF
ugp>lqq#<Y&3<MVW|8p3efqA*QQJJ{7dAV3v5+Tu01cHd2T}nxs=>GvgAUtyb

delta 44197
zcmZVlQ+S|Fw6zPzwr$(CZ9AQgZRd$?+eyc^*-6K?I(E{rv){e{?_2-DI;y&6)ma_P
zagQ-8^&O%y2%-TV6qwf8blDt7^*_;8u(wYuN@dB$-FjBEWjD8^Tu05S+MWx*0TV~H
zHLwD~$f)uQn(W^P6lOs}@MR^{lI13l+h7%*&#o7L`QAdJDxf9-+5N+AVsqPvlc80{
zs`uKN#RVrRG5X41EXIoG8MJpecVO`EpxM9BUm_0ltom|r0O0$6Di`SBs^6JDCPw@|
zz|Fpzlq<Eo-=&V_$<)QlEs#b($hQ1Y!l++Dzby3TY4o$3C$Tc3sXrnoBUa%#Mb{IC
zp`l_@-|=cYg5|rVoy~$^_kP&tvMS7(`qzm3r8udH<iNxa%|!z5hiFenY_O%aL12#I
z%VauUs?d82G|)}kq-4t)XbFB8W((j4RL1#lyBP_5(yQLa@Kmde&>Ka=X(H!n>J@8f
z7<_4vTQ#a5hj?PYPaI#i=R6Zz+*pujqO8(}N*6Ioo!ApVFwMVye?3`Q?G*-mS<geQ
zG>gJMWmWIK8X@GhM|`t}#~W%}bns$vCNTOdWl*63IX3<n8It)SG5rXucNle)$ig{f
zG4W!}pC=-leF%Ck`)kz8h_P=xw>9a+F{&h3Z46=@Gn%=PO;?*U74lL#56)MYLdtEG
ziO7`_+*OIyq^7aHQKxtqZw616llR<<>ld4z#K$)~y9hyU3dT6vBLC1dZG*JDlMgKs
ztS&c!rM1y@!VQd9DGW^pxl~J;pQeqw8mu49<M&k`XP1i~%xp-~W1<@f<~^_wU%t!q
zx79=l($8>S#G24zMM3rGdfd-6P`ar7sGPy}v)aXlghdJA1D;+L;7o(*t7?!E32}C4
zXPVlqj$QSL$UkRV1rWRDVJyOJ^S5E|o7WNm9*L{tWxa`3!MJc<o(98>qN118BFGd-
z(9|XCW*-dnE2}M&Vjvf4RK{2wvnj#y1O(}mCDalW6|ec&`Oj%efawPcxF;A%f>{mQ
zD1xL4mFouB6noG<TA26Km4kky6$T;#ZZu(k9QIxYW_?>(zU)lmeYPl72yczlhTuN%
z*?4Hv7?0kkFv5bZ0@9DKe{d&b*!Zx-(T3~DGG|fx=D=@z!(Skp)6zG_Bx2KvV-bqP
zGPPQaqPyJgkCWesEeMTevNDCo3E9$j@j6Wl6Zi)ad;zUKF|ue9u4U>1bZ+>NKa-`N
z^=0e})Y1?4duBL7;!*<bTf>t$J#QJ1abphKD|Lr~9~Bj4#Q6$H82oibthVeL0bYO&
zh9R4p$oyxOgGnBx^4@gaB!|pUwb}0{dcMb1@?`4ezM47q6Q0Vpl92!9`lHqp)1vvp
zg;W&WKXZKWd>%zfjC(nf%G4e(gPy8AO_e{cEg_{BQ}R(q_>~o5egK76mwOr@vf%Mx
zT?*j!)>+$!N9~Q8=5#kCc`GWKzT1qT=I&w&*r!#nLu<NiD@n}JzQVvz#k=a<Xtk5t
zUTI{6?<4$3!0e}_09sBP^E<=-aSAnOMfjiNR##Dz61CY&vtum0=(fisgWsOn6qwXU
zX<p7Zse=(~*&)i)@Uq*3y;A^<ob0eYf2&eV^M`siEo5iNQS(YH_+*bOk}lZ^RLa9l
z`|+>Wl~%uHC(%e4SwgDkJL&E)Dp^~%D_$i;@9nBwZ?U9UI4J%xm{DsWZHVB~ICPKU
zKNtTAHk<@|=t_r-uBA!`+w**((GW@KXWHR}ap|0CmkniO9j_tJpx^@BXcqSfyf~tJ
zZhphr<%P3sVTHIh^;>NQpKM;|hAuJr;$Et>Ug`&tJGY0a70T17wWjk=C_NqVF-Lo4
zUC!5yA2~MN{2V^J5N#h{qSY1*fRu%ypjkhlPdzg9m9M1bCX4Ntg>s@XpQu)O#dj1v
zH}qCTL4Au(_r-|9bZZ1Cp$mwF7nJkt`V{G8D|;|Z)OP-o@vxthsS~eMdAorweDdkJ
zC?q_33_RO>@^_qj+4L_RUv$gWGaiwxyZrfQi<=uJiQp^_w;+IqVoSQ<w-yDl)AsN(
z7~pzqROsH1$vBI*i8W^fS&D|$u4d;&3i+5LQ>;dnN?v&%C4vbU2N#NzdxzeoxhPtb
zbUVw$t6b0HYU>0+T2Du~3=fxoeHw5NdeGwUcD=2$I6&Uw+CY2G8vG+eGlwxtvK$EY
zTTU)7Td)Q$D>GVmeqRy>4bjs?_Wf$JFlcASlD5-TP+kq2zY{_OllbEX!@2_!S40Wh
zYB;Lbd(|GYGDrkiLo?!n61p_U<PSpfnS{9AOD`}wQqxTz)bUIIkPz$~MM$mE)rsIs
zdvvQ(3``2zv-EcFA{V{arPfon9y4XvSE}Dv?t&_y>5`Ml4_Y8RRiXFE4mnuAge0Mp
z7CWtL49H13P|<T2LRf%`gNJh8{;KZEhY`0vuo}?^jYS3o`=6<+^`Fwe2j7s;w(V~p
z8Nrykl(ZKH;go%;E;zpu$Lf${Pcb=PzoR{H=>0`&wml(F-TJ>j?cOeq9wVwNiRhG8
zLHY27<14wl3ZH~(9_yrPqkSKr|Kv<w(7wIiJu)9Z94iX8;q$lb{0qqX;>t0e`Q{R@
z-|f%aQE~*19~GSR<+TLe>5VkD`~qW3uJZ-ke&2ZKfwW*BttB=!pW=4u3_}GkaYJ<Q
z1{#6&LqV151<(DdCl+4O|K!1+md@X1VLate7(d&RNs)Ff>F4T5C@(L$6btwzcNobb
zdTSrKhw|;3#4PRE=rc`HGRxT8ATwty@#X3c=yn46_zr_(a!NHuBYDpu9e=BCjicUy
zspmIaVsmm7?8#YtllAHoQ5>&+W#XbU_)UgaZj94^Oc%jU=N?yjS99YfvR-PU1tupN
ziuty`iE~uLyo1wrv=v|DmRoQ=J_Fn2--~r+Q5fXcxGEiY<~1A8gaq0BSA*@bxE54O
z<yAFF-U(QT0wb5&{qWgC=<pOyQu>Dq05DiT&`WcNpRR5$=BD;=|Lq)q*uZg-u#o(}
zD;p~h&;PBlvHYK+fB>_Cxr3#f6$u+_GpcYJ7%dy?|2g7fW%-}$9RK?|X9}t?1u(6r
z=z8!QwfEvbAyhW;GkV|$)UJnL;)+I3qo;O~4lQ*uJ!G;ttPxrvs8i>LtwZG}{a1pw
zU<j_C$_7Q6`~>tS1k2*$=iB22(dUFf27AJn^>^<^p7-U~<tlq!fcaIw7QaU$kFPi3
zB67@hRzOy>P6N;5Hidc2b{26bE%3a)@5S}Hc@)>&;WG@l82JNVPYJFk5wFHKRDZTp
zw*^+>wiL1Zb77g?!fwp+M&Io2sOXz~b^XioJ4p3wW<Ew9y|dexmmE)%q>*`q6a?ys
zUxM(Riae&H#oNqhuN8Os^XaXkGFGj9F{DGIat4sb5|*SKXS?ITbTX-a10%eGUf$E*
z@0EKF1m3~CEy6}GEtPo|{RhN(%i>yF@+ZB1mwCTVghYkUG`~B~+d{yvJo5RH^&;X&
zR&-OAn@n#u&74{-hJ5R84X*rO$Fq0(cqDOjh11R33tGh-wPduo%_&!F7<BGQaJMQF
zws`6PZS#yqk#nm~Zht&p0o~O(tK8(P0~zG?JexfZ5Bk3molSb3_}_$_7CG)>r~4T<
z$NHQLqyDhz_X=O;DfXo)`|w3?U;}-vW7qb>g50P{ESm;`?bFNE7e!}Jf7YCKAN^<9
zl`TskOaA(7#hL7(;2kd(7_MHC3!%btCrDNAn>x;7(Hsnvkv2s=17y$JAIHm&7uBN|
zo{su5l;Y}LIQuCyS}3}yH4R#@yN~-ijxnir#<bOj;X3kSb1yGLN7e%cY)f`{kx3Um
zMQB{v#seDBxv_jXWaf*kyAHaY8IY4X*?)d$3SQ?B(9};fnRb5Rj-=LZ&$q?zHD36B
z0nnBk%EA~)h&30efNll0Lz1mJ#PWeC$16$o*=&sPqZXPDEdknKRkAL*u5M#%O-|Ki
zk>I|=TH{j5rOL3c9~&-F*H<{94SGStHaD)H2sI&^uB9nj3$wM>?m*o!scq^rfpF}2
zG0_UseU*a+gIRSG&7qub(yCoXEojPu({wB$@!j%p)WHvKfJLE!KeiVM?FrrXUXAh4
z>6zM6^ZH3Qg}Gf#pHkq~Z-M>%(E?%?!yBV~kX9hdA)*sClqrGHnSkAA@>hXge+1W3
ziq9^!!R(I?wVi}*6iy`^u!J9oYslW-73~R7RfUIUI|8u{SyD{7W(JFX8;%~2bG!i?
z-0bu#hH7{gz-`iqL1u30(AgJ<oNR8sG*rh(NBoG~m^EDTQ>gGCo1q1t^8Jn!#bX+Q
z5LYm6IK^Wx2fC%d4r#Vo6S5=KP@dR`GhG`K2%}?pe5Q0;kr64LIt_fm@)i(&rDt%c
zrbprCkSUs)=RN<nMQHlr_hyu10n3Y-8ym+9C_AG+fH5+!CZE`~5`09D)z3%Ke{AQj
zc(^13e0!SY{E+ZLcT-7xE`y@+nmZhYnOJk~;DF__o__SVB-9NC1}7L0x|FzBkD=FL
zi3;+oQd79fk9MO8Yq6fkG+Kj2N0_J^{5J~S?;X0$oBREMQjEfK2^5_&l(tO~`oj>$
zLagL*z{Smf*D__iw3qW9YbQx_1%U&+xGa)tldLKfTTBk^?Jq<<;nSsqn*6$2eh{fL
ztp}CFjfQR)?%%|hh4STXj4x0G+bsJdJ!$G-EDS@pEtdK9rL3p8H{`-rvafaRy~uJ&
zP!{tki}#wkXJpJG#Q70hL>YO1J{LM!8i%}OfTGCRhM9|&m%laMaaWY@0^I64_44=)
z+8>Tsb3q;&r#sILYZ~XzzyUZZqpxxh)30JiN@<9afbnPcbVr?_g{OU*cKs9oAZ;17
zD4hBp5fBu-Ct0nsnw#=ExY7OR_7upewbV`fZj(%~O&#Ks-N~vy=F^FVHok`;@y5T>
zfMBJ?fX*gBFqulAc*y$vLRgA33ZEvx@8b|_o$Z@a-+x0cm;PH%JzpLLoIDOAdpgB2
z;yuhE6c0NWg@{h@l<vhCftNN#04ZGRfkS^cTJS@UL&GBPsLdeWdk5d=T0-fZz-i)$
zInWw_H0wU_O%lqX4KQ{wL<>Uj$~ZFsz&#WtUT{gQh!XkBiAi7R8eFUD0}@Ci=%II?
zZ8B>4SbnJoD{B(=?;<D?sCyjx9OkNY6jvK7V+}%#p+fm9>N?o|6iK=|eEK({jQVE^
zz14GJ;n9~Doscrj!fa`;Fc0fAeKURiEo!tU=yZ`DO+Hpjaz0)uUE}dSit|+js8;Pu
zK#p^vFIIQTWx#wry_J+V-+I_?M;{0(-EL#Z)dQQXBD!quDc1WGk@LJmRdY-$VRur2
ziPE^H>ZCV(BI}4X+x0DSdf4Bd_XXvZg{i~Tv?VotY8`RdNSaMd+arte>8t;V7`PHG
zU+*|0tuQ@bQz~kuaB>A^a-J^$#E@$LkUv%}Hkv<Frdpi%nSFfKV=WIO=m3eA!YhmQ
zXi?DUO36t`R2cpQ1?5|Nz?)iPzyGIJv>J4kqDsO0<tsPEk4kqwRy2J0-#E;m_Wj<n
zImVbQfl=sv425Em&8z2MZ=ZlaC%aL5Tf)jegcq_k<LurRv>>47b~#o!fjPoRwY97Y
zYD5ax!-;u!`XVY#H_<y%MfXR;go6^;80(>8bxvI)9BkqOES4c@^5Yx@wiL{Tehz5d
zxif|f-2B@m3y`oY3XAWV?syn+$w(?Y>@z>2``hjqZzoc)@4F9yzxS@pAb)0h#}hhF
zsK2(5tqD~s_hxz53?KOYfZb<1o5}>5)<CL1iK0OZ8z~8=e6|`MT6DQdiK?{0jN5C8
z%>H!(H+E@<&<CnMt-ZR@L=*&cI;G|3h?*cSKZzzj#oM$Si-W&ah}vvr3`Pm8j#Hb+
z&!Pi<FAj>HyBV(4oSme~3~|}0h#6T0io<Qi9>$76K1|~gzp)<50@w!USOfG2L8w6`
zyIoDBrmjlUns!uzM>M}1h|9AOhPXFf(vomKv}{NIv52XBQ|IeX!=fOedg_6}J6JI-
z`01OEsiG=_jSHHsEl$98jWqX2FjxB+sApQO3neNJqj*<Q%9&}XZjup6=i-3S%(Ij@
zF?}Aflx(erm{%6v0dd_9)H!x^WXWwp)0{8~bPlJ*V5A>2w{4&5pDLYtgjLZn4z!~C
zE+rhluuIViDp?nU+L9Ff8e}<=M^uhA?%-@_G5+dhRmnDwkUfg3VgE;%#f$9VINN*k
z^~RT5<EaCWVn^M7UM(pCSL5x`cSQ)M4Jt^L{6o*FASdErfbOv_>LkrCUGbVpW<eBP
zp{8>c6vBAb2tKO_eUQvK-2gheHOEn}WLVy?Xs75V8GMdR`$*BbvvF1aUXU?-274dg
z__dA3-{R%cRH<MOMU2pmGVWViM-IRE+J|i@kMQP;9Uwq|89_Q_!YPj(%~@shw=GIk
z^J>F%-C;?h1A-P|`H-?Acu7O~k2dud(nTBgl;Zt(3b&E~%WX~S`Bo%yG0EGHrr%6<
z+&&Ku#opYd#G6cd55EJO{qPq2h_b*VJhH@lJ>HXdRIx)4e7f<w4^f(Uu2ub^jS_zF
zlZBrXA*=jdUP2+M#l^pk%|wgy+Mr!I>0tB;-t;jd2D+~%nb?Ps{pA+dh0~#z9n}!U
zlzu+G(<UB!H!8bA5D*jxSCCzZ9|!z?f-zz=TrAv>WlDHk?Ej`%>p9rAWJut<USY1*
ztqrH19?_9kTaGMR0=<!kUl&&#<zA#?jo!}m94&FJ=0DH<?6V@CQs{b*)Y)duZ2daO
zN!`)O0aBwX!MWE9gGCJ2tAD99&qG&&Ep(Hga)uebqj9>L*t<dhV#mZl+l|HVHlNN*
zU&X4Eaq=zU<U^D59$&mYbA=VanB791_7TT-lVDXI^H}uCo=4C_)Lsfk_59@6-_Fs)
zO;G`dNyJ54Z*`EKlaqO(a9L9Ni?yW6+^Q{g061n_dw742eBk3vrJt4c4u&uYYuJZe
zEY`y3(P8;>vd}}{#rS@v`!zTAMUqSkI7}ir+IyV$h=M=srQt2tj;$E0p0{Vs&De^r
z%M?JpM8LNm@S)5L#$D|RyFFvmmYPwEMq89))<{F(AYfk7#`3((?GQaXNI|dG4z+v!
z0<I9*D4Eh!>8NLyO`+qI)`(FXOu2VS|NY_Tl`qq}`1%{_oi9JJ(~AK*dz0Yy1=KV9
z7u)xXN7VCQ#26UM#FAkbR>OD2%6+;GfQS?pWDA2gXpfk0&l(~RoOvwn-ZZDV$>7j^
z&Lh(ORwDO`^72yaJ~@+hq<$2>ube%r2S|!VQGf9|*mS%2-~7PF`|<9)+%6Q0{*I}6
zoMj)Amo63B<<-i8CV{u3>^@B@*PFKI{PW&~rBKS%(TLS{z6>gf;Eq(^VVNM;Mz2WU
z(?6l8tMFQU-UT-mx9fG=bS!$<fp!@KCcfq|({Qx|rzHgeQ!rPN+=ph+Gz%Uo7?6NC
zc+DZ?-&K4F7~kHUN2Bc&?>|E9M~=`@mKKHw1d7<<<f=akZpxXuHFjit0gJz_&B|@`
zXZz}k3f6LMweB&ElS0WMzab4rmM)%Le7>HT>p8(XbM*LZ(UJLkeBUj;JO;mtIjA;p
zH&Yd7>WvGGKY03ao#WBTN`~fUfCZ|UenZ2)&e!+l*Xily=hYML`+h+9`=5;v8Nz(`
z@B3gC_|_Qdwsg4!D$ocbK|ALqrP|ZY;CVv$xZozv?W5KVwzhRT<Y}U4<G2;LH|A~6
zWxerND^PO&;CAiyZG>k3uU*0z=%|abq^s$L@s^b(i$q#UU75A-H4m{$;5shp($o$X
zgiHv;HZjsMUJ&($yk6m*-<la#Rdp>w06z=)AJOLE`QZ^8vr&B1db7Q8>B+xG@OOL8
zY`3vFc`Q)H^_io&@LzvlgevJCRb)qO=Ei?QS+oD=VqXzUR3KILHa%eEm_WK3av&8T
zWvhB1yL7K=+oSZ#A(RaLr++KYdj(Myh&+#qEDA(f4(%zkT<^8<6pj9bhXVCc_fy9Q
zsMRfFuN}$0{>({@<zg8UH9F(h$y0;OHZ(DUkAZ_FzBX`K5ld*l7rW#HyK1=0V|)z`
zvrq{Gh03TanW>&5^6*^2-i>pxN^>aaGIbKa;uH3)CY2}&w>4Cc0Sro!MI-4dQRK%-
zx38W#=6MuT+IFegR!dZkDa01eN@B~JMfbycRQ<tkCvMI;kMpCKU^g_^A3PLA-6X+1
zeWWIHnhtxnBb_HXZsh1f?#biSN&KCuljn(=2?`YKR4C`PJ0%Qp)CRBSeLU~%U$59n
zZ;osK!}x6fL+G6UhtS!1+5ZRI+5b1?v$Otx*j}b%=(^c~nb&u&ZL%;EdLD@a67Y*z
z(SR~%+e^DOHS21F5K&?X%`Ey5tq}9Z*7&}}7c{YWgd*q4?J|lGt%IlIdCRr#gPtst
zthm3c;LKEP&f)GNH2YV@dlJ!H_2bU~^fTy-_b5XJ)e)6cFCL}2H<o{5xhlxD3Fs#o
zs{p-cZ%?^!xAt!D$G_>JPt$+({M3Cp#mgxg`z(e)CJUO$u{Vlko?@=8(OsTZehxQ}
z$c5Yf=vs;F0%PLp8|FMSja@8kE3*Lcduo=t_xc@}|D#<m5Fj3Mjl>j3P5=(F3O@}C
zn0kz!B_|06W$wioTuFxP5vMwjmZ?-60?<Kp?+O_EBywR@zW2r;flr-QUMbhJbt646
z;5xn~zpk9fKX-&My*tI-)d_7V+1!jd&DIzYoW~QZnQK*jjivlA1n5UoAu|)lUE^m}
z>XMGo2Dv392?j5K`u>|DN`w@iD1MAFpMm28D;n^OrX6mlPuwauvG`65EB)I$;BWH-
z8wnJl)0^?=A5V4o6kY*l#03LEVdxX;%sf@myaCG0aM=Y*3^Zm*y)@kn5m(jL6S(F6
zgv~hc%d^dHj*&)MzH(JNxbGD$H|A)(^8!t=bV7OYUa~xifyK2O5*p`l#yhix)kiZX
z%q~|q8rVj-pIG4-Ovj!YE0$8nz*ItK@+nMgGp~GCE~sztqHL;UN$ivKwxXrV4#P=z
zQ!<@$Qe~H2kTQWw32CaPYoJl1H5;x;=>EvXq&YA0yI!RysQClg?idAyVVk10+bU*Q
z_t6=+l;c$~&X}n&J^IPYpCSx(IhLXT7)~ZWxbzcFB$^f}w8v>x|4Lp30G=y&vMM*r
zcMbkD9kj+zpL34mh0U6&B(cqjhH=ys2k%sm>ULJ9#1rx-RK>mZDwn~LW@U(o)VrU^
zB;+R%i7x3vz`P0wSA%~qwxRG`A0MlQ>Xy3Br`9g<;gQE&cjO~Ij0FQL^aPi-m^l4k
zg(wZkR>rDS?2>T#LhSuLz)gg%8I|uFV?DYB^XIq;T`7c(3uiPA+9n29F|R9fsLx+i
zF@a66q+j$L1j&hg)i>pvv@tkJKW4or6pEtKL<lGaBM3}s&_yMc4DCW}ezb-So%V8M
zJ<ukev?#7WbP4@qf&GAA+2JeBeap5L-4{4k)WkCl$YmoQcv<?Z2+XvHVfHs~2IJ5D
z4Si&uTwSe>V@;kEkopoCgZrab`ud5!REin_2iMxCN18`zj}#s?z;8m(n}}r+_BYuB
zE=2~JI@W`2k3+K?ZQ4cyk)>;me7DX~do>n3A58+HREkr%#DsOQZ|rShhW#Ip_G6G+
zmlSgh-b0dQ$ZfDY7{K|Fa+_WPUU;Ik!0iYK2grQQz8JnROFtjvCj;P8;n~tf=^5-&
z9?lCb?uw%i91zR~%u%AZN)ImQzu29LX$fRhG^2OEAsyiwfX{Kb*D0F(%!Qdm;X84|
zKwMpBD~WV&EwvUmY=iY)nj^}MXeFnX7TtyXmTB_9gIL{OK(01aq$hEC6{1Sq9`@8d
zZvLN={17w`l7cI=D#ixA<|OugXUzr`rVmBXrMU6?jMAQ3g?GE?3}$FzaT3<Aut$et
z>J}3c0T`MNBEG=Y&8OE?yirN-tf;g5C?fJW^0~;pl%O54iE>l1#sZep?;<~<(cx^Q
zN*g^K_GXMJplJEJ0o;IdWxy=&Yi)fR-?Y9Y>cEDf4%XU_1xab>CYPLmKjv9dTbB`A
z+tIjB+!jX|&~XoqW|p<~XmTh}L_B>n@kX^6e0_i=;Jp^L-{^u$5P!Bet6@PGG`>Rk
z#aKujn>Ti^8k*;>uDYy;W|`<z;S7#0rhj`pdg_7!9N$}IvVXJValNS*mQH>O|MorO
zer80{-w`NGvuW;0{=WaxKk;RH6nT;p5E!uf3v%&$`k%ClfRVN?RrdU=DF?<%r!E7~
zH4k5?EY^Kv7wYwXfd4SjgUBjBBy{`ET|G%|Si39h73_BLU|&{MGt`s?74*o^qkS)&
z=9dEiduNV&>c88;c6p=83OqxG$GdZzA1x=pj0WatNx4Epe@74c3@4egyP!P>1;7rX
z{!{Wuy}pOf4hr|iCSVU*KarT65%bAJe6pX$hvFB86;hT-@WC6HM#uV0iuJ3Dwd_5s
z!GeFd+dls_KY$s3=;ZAVUR4QAxP5guD*GA_yo$#^T6U5#ZzgETh=^;{!Lhc3RXOV|
zuQQ1Di&7%v?`i2r3im5KhC;Hn1c7rYT7tn!1jan|EQ{<Yt^mF653zmU<%y4Q0>Udy
z2oZ32K07OtqwKuKM!Kwv^K}Cea;;5tTq62h%fH0z_B;g->~s{lo=Q5m1coS#ET7qd
zmZtbnoTr9_{IkoRj6K*{3lltN;pyj+RB=|Psl)C2!SF|7$XJS;H<IFz0ZRu@>6;W^
z)Wu5t2qGDU{T{5%@}p_=AO8?Q<v(a^?l~$6EX0^sQh=dV0Q6hQ%<q5N^Z)J6?ElwO
zXXWAM_^*if{~7b_|Jzk(|9@R|N<drRaf=H}%J@Y4wieCAS?2s&GRPgR-5sCbXcj`|
zf&r^#Bulj>2_xFfQthGAG3G1nGr^bU{JP6J37VYz&Y<r;?}i{i0zzHlq5sLT$rz=@
z(9dA*SbOP9_UUxgr?Ch25&2?zh@hP2Crzv&!KhWQv6oQzcj4o~(A(=~8qnO=S9+71
zQ9nEDkV`xZ_&7@5*thVl$X#ANMnIAaS=7N>teg#X9YXHHy}I8+zFXxnY{7JM#BYK>
zmVHS)K*M2^i%mn%jxt!psT&b^#pk=$*7HNK+nai$w@2|zB{)Ht@;J=Bbn@YUc%hgO
zxTEG@AW!1UZC1zbvydS00;!zPLXI}ln!ay;WL*Z!T$$tF!ed~gVi$=7@rDviZD0DE
z;A>@bpw`@nne6}Zgo-yx4;tSGnHcMb)lk;E&Cnc0uZk7Dui)9&gkeB8N_Wev`pOch
za={|8P?|2~H%HstRwaZI!t~T#P?143bcfD_(3(ekB^5(~mI`U-0RC}qoVWZf*wOro
zP7E-heErf&5e@@alVHnEAW;>seQ#&y(~svrIO#=PErNSfEL&}qJFhC|!1<DPkVQCL
zC22>5@1D;69`BC#ef<9&PvjyLypZ#)>tEQFgi0WDJu;FuPqWguJ@u~&$M!-aK>N@C
z20evS)cuPXBy^`r42W!h7ILe`6mh7`_CaYSjhmH8L=&;M=8zuQ_PlGcnP(kgxz9M(
z^5<`Dvc{WXNu<*(aQ#AJ!QSvYl~>>5RpBARJ6T#1h;BIX0C_{yr;$oa%u&m>`oLjN
zXpQ=BDndcOI!|Q(fHcP~3STV4EmPo@C<SMcCcfuMoCz*$0+`O_W?d@1fK?<+z4U6t
zG#nG_b-Hwi{i?UCe>dFiM$z-cuRAm!($vD*)o9w%wmFUsR_O4r7iK-~Fb&n^c>u#%
z3Uqo@gq+s8qTt3Pc8+e^OMuzFuLwCR6^)f*U&57AyPS+t5K-ixA_^S@f!15*EVc`+
zux1t)rU}|D0$R{rQwKN<?1TZnfZve)lR~$Lu1rLd`FVI)`_`9BH)`+Z7PG^I1ssB$
z^xqU`^MY2kGCwuytUbtA^FEEC|AkQWe7TfXnp3nxY*Z;MS%Fg)XpT8&CAbrrx%>9X
zAc82N#2+b54VI>a;~{3lI!br4EYP{4*W>nz(2uCX0d%=XB<PhD=vkWConCd3MGk?a
zWSOL*b2>I<1{njWdMA_n&sU;cAC7@nQ3x>X{oNrpNin7T93y|M5*E5FRd#vjt)_&j
z_5NDHur~WHMJT`$>Vh)amdcImJzEKZb8_j;uPdM9mg$UngA==XlAYuAws&Of!ohez
z$8+|10OqwyhGLPnsRBRQyGBb>HlLsJraAUk=4EP&@?(arbinZt;fs(8Cyv`!%6EK`
zI)_ec=V24#Pg>b3_=tj7uiu+rDd9HBGgXA!h}d+od>J#4x$apw1X??$UJRMKl2**|
z!!nV`?LY4y+cT=aIq+98`seq;@RrhKOeDk@ftDAMpcQ6qnG%iLUKT|Wa1uO1D`+?|
z#1Ip(n$22rBB=xhWO`EV<{uq9UUUJCHM9{<a5&lC@u>ncv63VpA&usAMCo(hBTF2a
zh)(^@er%CHBTJJ0bCX$b?A9RsH-b6^rUa)9AP$iYN5lpDPKzIJW5JovtzMB$C^14u
zfPqPuA^8P<`Q#9GBMSl)S_P>bLwADzvWrsLb}R<@3I>Q+%OwRbrh9}o+LuZPt;`gu
zhR|AWb+oP(>b`mx=iu|aKsDJUiv^j9sB6c%DZ|uTu<a-<Cy8jw$(RGQNHd8>r7{sW
z)Y*$W-XNP2E)BO$Bx~G?*1zB#;+Q?A0E)KNFAdECrVMxQ#Hc_4I~p;9&iq!)4iuYp
zqlyeTg(a~SDkbz4TO1FfN9gmAKsB$9OK+`Ap|@>20vdWXQ=m8S%;Yx@;$!qKvr9n-
z;mEB`BreRLiWqj)Mu9cC<{b!fGe;2OabY2ceq{9!-)+S_x@~vrP-)5f!KqFz@Vj&v
zW^}%gafN5-^(Suq<FJOVVL^Wnk8j+{Zh_%vhYc*JFFWES_ZItHU_(L%>T!Z4k<+0w
zbdzgEl^R_OuZ&4nXeIZ$Z#M4S^K%GJqkGTep?O*BKM0Tryx~)2B;Jf)_l>a38%|!x
z|0U~x@~~;n9<P^Eq{p#u@@{TAfF5ajcbVp<ugz!2T4J75sbcK?ubpy;e1^v!-Y+=}
z<P7s{INp0<T@#0y`rR##S$X94_bscij*d5^UaLN+TQ_9BVaI-bMMFNlKL>@#XDjC$
za%t94w$|@`xJF*T(v1->%5Y8kEYAd8*O`!-NiF<24W&2DzL${4@$5om0jnCAaHoNC
ziJzqzuk+0zdkxx>S(i<)lOjV~u%me0*XsFY<T1AcR1U(wr!amYWUm8oGT5zGzHjST
zUzifH`y7O4L*&8>-S*6`SCfQKc$b6lL+cBQJ*cRyc{G7doh$T7k)MPOfA~dXSu8F*
zr4CIk=6_$m`ut;lc?K*b1PcrQcMJc&fX&ML|IfwQdHz=}&d&S)18m*(_)RIS(Vla9
zxNuN)(Pj;J?Gy8jHZ)JWc3(ZY#8N^CyC#ZxMNIRirKS%)NAPdCFJ}i$XY}oS3Y@h-
z@W%A+T;J=?G~`H==*X|dj~oYTh+1l5s-=(UY+!-Wr!9A?PW*G&g|jh+77iEAEWQMX
zu^s(n^#<$u?i}$GSoi<*=<*YW{Xy{3;E<*07hO3!f5+lHW86`H+~4C`?5W<uvm$5r
zs5jw%DZN$au|vV88*?7@HPn!heika7xya*ywdD9fT`a6Z+#IR$J{YqnXK^iiC`3EA
zMs?1530cEyVG{FoiZ=C-)O^w5yz~e&%J7sl3Eq5g*VDfS49AYC+TIxenTF~ccIFrn
zpr+$xQw%RHRfesb3keRYR9U{%@!&U5MP(4&qOM=+0+*DmNJF$T-Qj>om_qe|Qk24b
zOp^p<tIBEJzo@q-h;VP)+TPsQ+@n1-#DRSfX^Zv!jLCNGn3&OVPNLXemzW+c56ugi
zQ}=+a*e73rCmwv^_zu~-E2(Y$wRZh?4zf@@4{0rYT!x3@3D^;VE7!x{QNMp5Z~Hdh
z|DNt1@^|22R23L`wB<BTcYZ<@9?o+aY4-6Qy9hQ#`ewf8^@7K^Eh*ohd-FtY9w0?c
z_kKzK3jbj&UN+cv+N{KC+OoY&`I=ZgO;Z{GVSUX2s1|rs+Y7p2e?;kZ?C`Y9`f$gQ
zqB2AhkT#z=P7*@}g}TIATPBCCp9)ks?2w|7S%G<t$ADd#GZsEANyW0@KxDS#3v`PT
zs4l$Yo7B_aT`Odf8nPWz5WQwX`yWpQ8x$E-xug<cnQXBChBfFaZ9)3s>V>jSNaz)a
z?6yq|kQm83Sr~)!+~N7x*@Ss$c5<%kq@_8#JAcAmC3o%E({-F7oS_NWg-XzMf}a+;
zO!z6#n9YbrSM3~jv!~W4GGO|+p-BGSk?js0L1pj`-Qks0&FrzVH0GWOK+~i>_gr**
zENki({L^G`R2JGHY$c%=C1K5Or<MO8YZ{aQgxrSW;Aw%4fDC#w{+zj^z32GZ(M%U-
z$YtG76EYD;4#{U_A}REoSGs~_(!6HQI?Rf{5QCyP^U?MMPVk(&p>EM7d#Kk^%6ka6
zP}7PiDNQb#r6Ox2V#B8TOS5m$dC;sFW)R2GWJ+Hg)mX(aGK9#%*a<UH;6yQy$3jF2
z;FDyQV-ZVt=*%%+M%DE74quQc)(0;_h(cwJ;DMNE3fRg?5JGy?J)?lyATAX-Ru`t=
zDPGd86oL%IQ~JO<H%=ua&-7BYE!)+BP0J|Qk{pa@u~{!CN-c|kMLuZEffS+R&)&eu
ziekn<f!)Z-eU0$nY18bNlq=YN{|d$d7I)<RMXi`o)Qalrtd+Yst}}62enf%3A;Nz$
zsSi`ZL%o!6ZQ{O`61fdsBUufhKKE}Fy{%{oAuu8JrXzRHecb(uvF(jkCs|2Ps{qaL
zc)U8wc|Ah={D}reFlQVP;P3o(`RK=5g|SM_^Yq!_>h*fD?CFTrZ=A=BrOjLq%wpf~
z8qXLTPuEKaKE9Vr3+%dVHj`^iOkmVXccxszyK|W&;ZdgX9CbtR=voqcVW%xP$<^+S
zl}@O1YIpat$-7j3S8Fx6>FZ<dp+a|AHG4MVbuR~e`#Pwi1W+JtRJ=9D**KhzWs=F$
z4g`ci&(<tMKyNG~mw*m>Q>^d-OR5o~?#`ECHOu8)gQBG3swM9NxLG%2Jf$^?+m~D!
z&8$AM5qASN@jfA6GSa=A5Qg)l16m*wP^Gq)1ucE}&<kv3dMb@`owMvg63GrqdLm4s
zKdG}2`ynYF&``Lg5}5lNd+l?DayT^V6kNEA*VcD_xdaA+1*hD$r>a*0_*nP32W?y8
zmJFd$ZAH8TQgt>ElDXPqq6PJ1(+b9Q3B=j-e4aw(KYroKX=Ac<IT)+0ah*fXfNK20
zD379AXu~O{MjG}~(W{ATDXS)zn#^AiBk)YFhAq1;Ue*AjcwJZC8Fd^QzFSbG1?94W
zWT6+v+#tr<@{BZxAfelUsD(6gd62lrMJpbN&+Sm|3=dQlSd(fR`~@37&=2Pwu}vh^
z2=*4d1y=#5k)S})57I3ZZvEB+GBXiYkkc8zC(Qd3lhTH_VnVu~O_&w)1jQ(PQj9Vp
zl*NinRi$#=;FyCT(|K%yJ5LtP@seRPmx(5QEI6rVbF*p*uftHlE>8lUUt%JEgft$W
z4R}RZKbG{Z?nx6XA_VLiN2BW+qB!2uhI8PI8uVeJxR+y$#7^8*X<~H+b^X|m_Lahl
zx-FG!vH_mF>*G%=0vSfGOt0kzeJB+Y|Mq%GJ+b+95UywzRcg)0!0o#9g^l;1t+Jxp
zw3w8pSrMlR3mjxXtOQdGXKXY4iiWj;@qujN_>o*8jKoaQH?SG5+7Aq;vT{`!sp#s7
zm{a$mL~+ZtXm?vemnYiFce(p4ODn*;Dc!vG4kN2()psC;io!m4iBk(fZfKbU^?sg3
zRsSjYj+GKB1ph2^s8mXrDbQdQ9Yd-uMD#r>m`A7xJyQ<QQb$1xuMX_RgPAamf9!^d
z*>vGgN5+hx6(u?7g21(2Ti_{_hq6<2n3UtZvn>?CnadPLA?aOcXeL-#>1KH*4V*c7
z>|;ALGm?RVBQ*)=h8EF^Y%%1}81S#&iBxR{9~>L1xG+OjE+dWUib`PRzgvDcfVIyK
z<+ojQ6tM)#Wm)Mubm+(WRLkADnr1GP+D5F$AR<lZ&h?aa%p4FR8Q~TxWI9~I1AQi7
zNw?BP#+6%tDr{5*aQFWAsyczeJQmb&WU<}WdN|{!gT>W9d@G=^te9g1S{y-$V!uC8
z>g>D>6Py(M981ANA+EqCKXHDFXv&FCJ+n06s-6H8n)zE;Keoon3Xcaf9b41AncvUN
zkPeG?qBx92#i4Z^<YkubUct_2&W=r_t>Gkz=Fn}5w63ihP2X4`D6fgRt6cg~mUWJT
zR}y$$??1S_r_mau$?jo_st!&YB25ySxmueQwq{MbC=l!8c5FYM4x976#0ehF;85xb
zl<NV~>k7xV@7)vV!*79p-mkxlz5flWz(*o*#Dgg^gG+Fol%DMn_UUx86rPdRRi7Jv
zYv3H94xecwW<KY9F(+3AKGg$F5&;%C$~ti{h_7Z%+n8^vLl41nKMUaz%dF0s(9ECP
zN}4DM=3!R<vQsJuiT`Y6Xhk9MiSGKq6HNlXC@p!96iqog7E^DD>O#sp!__f1Xj-ca
zW-Q!0>(z=Vqp-qJpL1IW)GBnFi}GoCim^2P=^6wtRr{d@P-xr)Tf&SSCr?~$j*OVt
zS^e2yP3T(Kn}}{U8Fod+%S9DLpV=$Eh5T70pKS5uHCv&J3d-gPp1SyJ2I~k{!lePe
zkEG^&&7rQ6paUEItz&bjH<QEX;rqEEXUo6H9%-Y?AFrdYwk>|%0k1amAas0?=HGj8
z?{-!be-Df+3Sgo5uvlEyKsGNu`A?m#TI&_)r<4km72vIQNpnun??xA4SzeXYi-{sg
z#xQ9@{gX75$3po36%o5TzdXy>wX_2wa`jxy|GA0<*Ex=kDd$LxOG1;AZ;m(p&H*wu
zjN|!H-TaAINQDjt1i)zYJGXgyl#LsJg0w?lccSfh<r@~!-Po0af}OEjVtH&Es7ufS
z{r&Q}{~)J*?@8cBH5j`b+&U#^psoJ7Qsj%ZQ?V}m(<P^0c|m#Zm%{Fy;0Zty?Y9CG
zp?c#2bpbv3Rr#$gfoM6Lq@u&JA2C>A%D#~FzK0mSmv~!8SeEkvVKHF(0bzD*@<ch;
zG??^8TW!1B=DnCg+J`J-`?%y-zT1zIbZof1g1J0xCgSP=3&tBFm?3qYUALbWdAbw_
zCWG&36sck72&%Y)3&y^Vp~VtZJ~mZ!y!GmG$NX|{td}Vm^S>26@Bb0+Y`h$-DGx%T
zz?I%~@+KEr->iCJk8IdPGy>=s=+p5Y#nbhrgI&E~#^qYtzRVngS(Jv%L{sjBwPR&Z
z^saL^C>ROp^jc*uSL;!Ttwh88X+eFz!>u%$bn3{9;|tKp8}sLJJ;74rQ!e})3;%9;
zbRByZ{^Rct_i}7?H5Ro<iv3^%yO{+JpjcLn>B(}ipST}}Ip2SBsQ&xu_Kz`f*tgfi
z_GDmxZW4AxT}ICOD6%EP3>nm<=*}I(OIyvP?Rr3Yz65TkPA;W@Tm{N-@U^}l#sN4S
z^IhgSG;Q2nXr<z$k9OT3d;Nn8Qv%l1+fi3m0*arw2|N|3RGk|qf5h9B;o#sL01m%U
z<UTK@vs=0n)ugf5(9}xE8!f{%M{Wj#t<=X>1mnr!Qx5XYd4hliF+jIt`%Y$U`-eLT
zB{Z@`y1B7O6Lo!rx(a2=ViM`TOpXzejPM3FQqs{%wBo^&nG}4lE~D%!cdbEkIn`$z
zg^7g!56kM}NH|dF8S=W3-k0k?z@jDdjImcbsJf37?5gJKh30PrNt;@yv)%$JvBSps
z*U#l!9#$w0rcOHSde2QK&DtYb`IFa%+vPIBCo6nB>D;3!yZg&F`-w;QMXk^2-|Fo0
z5s=Tl+|zBdeE~v(&6sBeJW<IM@zaa1+jk`Ue}67!veoxR7mw$2{?w5029CuZuI<15
zCfmMaPM~A=Vv#FRi@oAdUvhI}p`c=PejN4yr`8Tbhs*TJyr}a6<x-=hs-Gi&1<)Yz
z&1bk1jQl=7KGsKH7pcYN?$4qOkOrM&3}}J*#Em0IROkHl5eII{!_0?N`RG%u?I|JJ
z`&frw{834zn7?P+-UgWrK=eP#vWq^wdfDbQ&dRs=ai4jjHh;*u1ujKpx=;3{U>96(
z{6&ETI69#Y=gd;sk?0XAZimW@hOOU{801p)x*37a>@cyJ7Gz%Jo9opv{RxMxJThF6
zdy@2%M#<%r^6QWG>|$BDQd#s!&}ScF(mX^8v)h6s{1+v5YZ=N$z`(r{eB@$cPUvE*
z8>G)8w|PAR4D0V=9^8`qgQ}}HUfMs!mA0KKdK!f5sq(UKzfC@JFCD8!r<49h({Ku{
zUHWZ`U&(hYzskYFnSMLX+qIb+8`d5bY9bt^C8Y8h6CNpxs{1yn#{S64IhKIyn`|Pj
z4DpYuM*FaC@U<``1l%^G#MOM$wX*sn*$T0^tk^L?zXH@byB+*l{=&67A$OdN{t~fb
zEvp9F4eh%sozYmenrkww&S}Xg5IRC?CuFn*P+6t8Jm1PHcFU@~iXfuiaW(2QqZw%U
zV=IpgUR~kGhAYY&L7H<$w8!vrI1~a~j+`yjPg*(JFkT2)0K^_!KbJM-3hlwLMR}TT
z(>igK8a-Gl{nqK<5E;LJL?f^^Gg}9G!O3q3imVXa!-JTD##2v6r*bCQZ?=R;!JX0K
zOr=GXEm9Nl6aI*3xf?SKV}NQlE1@;jd~WhD(FhvgtV?mPuuJ}(xZrGKSHx~iIT^sS
zN>pWxEW<^i2&{%EPkK}?hYEvIa=n$(O?<;LsLcqeqsp4$|5P|7@vU}gBBGHeRTF?g
z*Q);<--2YBTY^<lMQJ(m&|h99!iDIXT3AXRw9`RwYskKY2u(b(Fq|_?xTiSzvdA!@
zT2KEB#R?w7C{ME;$3*y(6$vq$%n)ea&FGEmriOHC1CZrM6OashomW=*G54s2&e`R?
zx<FY3%iR3zOrJOqnO~$aAM&A_0MScr$7?v%Y9qve)qO7Qd;`68C}mw=mS3;x$B0zV
zmyB{%{2eBANrWWtK*!?@pBO2SdL+OjK(Y*H>_7=dW2fn{{Zu|0D5)iMxmZEoj1y<-
z2Yc6Y4uIugjg4FqZG?4tkn;S&1L;Avl>#ztr5vq%vsq#gykM5;WF&&HmN&(|XfKBl
zD&C;wxbGVb5}X6Y?#X!yKy3UF%Au8MepbK+Hqs8jH`G8++MYr;j6*)&!QD%HFY&;l
zYEjOPo@5L{3K(%-xU-vy=k1u4hUnZn7|ZgA0Je5Q5Sa%Tl~-0mBJS6|53$E<F*vIq
zW7V@uhZCE_-4#srRm2mc-K|@b?(W9JKqxOr#igngKBTeIGk7xvk|E+tNbdrTGLV2L
z9U6pnrU7YNQ;EdnE_Ri6`+=WeH!l|3+MP2X`~vQdR({>-v7fLjWq7_wjy~&E^gUn)
zsJF@NjWTeD<Y*iH7yl!~MHOR(-)*N+h_DxVqd?v1)RETfi7{yPi}gKo2kKdT1no7i
zrh*kFvp#1tc__a7jI1%N@1tCfUj2*_O>++^pL1g9d>~8%VPu=>3VXq<Yk5*^zAnUC
zIg+YFmbRFHSkiebI-B>h<1qbpB_?tKoPJ5#(c5pQPNFy2ovB+af;DdVh@qQA^^J_`
zrC-q|`PJ-9>bkl8IK|KnAi$O`28laZ3zxt`ZpE$EuI<=DNL0HGhF(=!(t|B+A9e~7
zbJj4T(iqiD*SR%8j;TXZnda}T#G1yd;?V;+5FpTKkO*Nnv><hd@hFDS@oY~6;9=%d
z1i`|<@HYRY5HbGs3-W%o$hlE9PUu$cuQ&eT-kZF`l~~Z3V`7?96YO9!Gv&fJ<K|JR
ziDIcKc)p4;Rv9#4#;p1%GG=R-&PEf@LAXw~3PBXfiUpKyIG0Bb4Nz(vnZ5-7yZ@|{
zf=+sdXBH|XcQ(AG7JeNxHOD>%Itl{Le+7E~m{9%;x_hz%AI|t8z?m7DtV)-6%VdTc
zp)};>c~R2LmK5MMyNR|R%^w=R^7o5cm>2Hx9)-G7n5}JND+j@8QPue345u8!R|bFh
z*Aj!yKUEtC?26-BBGlss;4RJr*u%}&6N}F_9ofn;D>v1uzIIX<>o39wr0njY=qBC1
z>n+jBkK7GB7N&}=w%Kby*^aA<X$IQuCrjNTU)s4C=jYVn+~Vc4IhMQg>&J`MlX6@(
zx{v1mo7(oI4<B`;C{7WCktacQZ623dvf{pi#GQLfecvy{6j0Eg6nj|^;g<1JW5Q~>
zz-X#OU1Y?X9ccLo!BSoXhV*ht9uWKumFw^lcPmz^QpnR2KuQOxA$w@=WRaaKEn}(;
zKe2M$L{g^lQp3=4EQ5||2M^>(g}DAABpTqC1%9oNP4yIH23v-}7a=FGFRBp|;#Nq=
zEg}=@7PRPkdnaRw%>E7$Vyk_`VB=y|kn3~osR8|LUPJQxo9EsP&@{IBSLU$yLlk*3
z=n%<<pp2eb^WlLKYU$X&F>kuuuuA7kad1WFUDp<RveN%()tT==>UP24PnAuZuy{zi
zSdXV6`+K?`fcHn`3|{+hOWvNro1&2QkK+3%9hP#L*iNPpO<przk2hGQAjT|68f9Gh
z-2F}@R?c;6tQf;h;D=yOvdaCDoNI&zgj4Cxlp3d*34xO@MkR{c&=gf7+cFQ1DtT84
zE2PCR&y#b_X5fRve;<v+rTu*}(<n^b98PQ$ZXy&aR0aMhRzDO@))a6Y{({yuktDnw
z95yD6+Ao5ZJD3W_Fwf$`R07?p==3q52(qg-cGpS1E?=+B0C+^y$u0NvuIlQ7%Cly+
z!|7PW9rQG#wPP#RQ6ngCY?+y84?_#7EyhsD7#_pNrV`M5!44?o6<%ry7)1Qt&hTu5
z&egCwRGV=X^!9So;;GcA0=eK0JOWExV1*z#hP;9t{1N9lO2DM$B^yFWSX@<(7#Gh-
zVCaX7W`nxg01?Bada+6}pN*qqrs$#<Dsvko@8DK|i<N|C9|>S<ZpNv{L|FI6Jso7w
z_C)ki`%iu_+}r#H)!}iAGm*=%kW4)ep=EC^VME(+;Y1(KtgR_D4j#T*_T^1To-#q=
z@c8<~&=Akp?^P<aMqvDr?FaJRg#L1(;EUlv?4HI2Xwb3`jQAv|(-RQ?=%4S^YW7WI
zh+Ywg4slWwGhiV&|K;7#ou9(kQInE%qkCHL`<b@=(VQF`Jj=|p3ul1e%%O@HS%z(7
z&*4<asmt-C@|WsmS0ifIg<JSuB<ti0hFgOseuUE@;$gCL4o{Jx!;)&nzcBN5;`gM1
z(|xuOz{RfNU^F#RRBIE~Hl2sfgOkc^D;>K*m&-4txU%$^gNQ!lE`{eS9l<g4hI7AY
z>!{>-mLDA@Fg80T72R0)r;)F9cjD`*T#)FJy0N3osExDuZ80)D(mZ2Zr0y+N_clFj
zB`IldIv;^Jo!WA(?$%^j+X7^~EtFVoYrA$dpc@alP<R`~FWIy2oO0#YG0@SpTjqu~
z@sCALmaM9t9gfQa`QBneB@HJ8wK}a;42fgLC>FV?f%Uq|Nb1mFIg5f=*5hr>mTtgm
zyo?Brdo6z4`r~I{^wZn4ArgEkWO}0rcyTq15pLwAm)f;6De94j66f2N<sBlb{3Wy~
zFf6T_Ijkf0*fE@HQm;QnCXIlRsRS*}1o28s;_Uzbu=Q49ku=-7F7EE`?yilyJ2VcB
zJ2b9^yBF^6?$Wqx<4)u5-uUL9bFQ`5+UML<K9MzIWJX0@<QF;KFA6>1Qpt~hF%o7Y
zF_hAg>z{st_KZD$Qmod4IdZs!Z9I}-w6$G!bywV1x2J+Cm#Jog3S)#VLWu&U5j=B6
z1XpLJzuXHVf%xb}_MLX^@uau*ByO2(=ld<TH`8}zNnikvwR1wGxXhAPkM7KktPz=0
zt|cQd#j1q^;}CDL+F83yFW!BNQJRJ6q)xekhEAt;o1Pn)Yxq%M1Slt{l%L5aNC^A<
zl^#@&`pn#R{@<h;%ECXiZ3*bwY6$$%Ghveb)3*td6qodp@1Ff1_luk(N-QC-u?gCi
z_^V3(?|J~&@EFhlEt5X5X!_cvIRzQ9P(x^y36up3{_8*@p>Z>Drug_BRnrXnV6~P%
z2r#<JPie&;lh!Y|l;V&x?_RC#iQgNUN*my=lYyAt^4=MC{jceif2Qk)u$jq3$0fvp
zsPSIm#_kxx6Cv62k$T7h_h~W5ppGSJ{8Wa5FWZ1~HXe>f1VH4xQ8P{mQj>zcEGQ*e
zRqrk*#*%f$xYv&#bSx7Wqh~n}&!f;dq%Gs_+>{TtpwMG)CL5VR?;Lt(%RPp_fjB7#
zM6gbQf`{+HrS4s|mHd#Uou@<|Y+Vu83h64Je&b_<-f{aa12^Goex>UaTf~G+>3S}{
z-$el)44@gU{FCgS#8u9sA)Oaz@I3h<sF;tLM{#pIqf%p6Pbz3ca)k6)TZe@ZJy>QY
z53w5;=`a<E)DW|)h-}GRBceX+#@;2z0=FldSp13#Fe8T6A<<&t!U9Y@)3W8$E&_k4
zK_*q;X3z}glfTO-T9E!GC4oczmZEi0V~flee8X$(KgIq%^_qeXtRin`c4)O{dkX+c
z%JQlH|B>$;?EhWy%Eb+A5D{r)^z{V=DDHJ!2><Y@z4^SA^|J@xvr<bf3Lq|R<GTi*
zJw1mz&_)aM35tlIw_oS3J8E7c`p{}V$@^8MBWJX&4&g~u>g}?;frE-=i>w<fqOtZy
z1@Y+Le>q2Rj?blHqn;)LM=Rp0(?DW8OQV?07tg=0xjKs@-XCe)wlLIG4Hc*W03>w>
zC!3`PlKmm3%L#W<j5sivuos<@v=EkQx7!@R&G}Z;yq3)+CW6;@B~BSmfvSX~iOs;Z
zM7d4rDQu+~@$RHk-_(DrY$%~554KKl4x5{TEtD0N$p!o94ay%&Zfjuh%h14f2H7XV
z&SanoQxr?<C@S?T<qV3trNLnUps`vfYvz7;clz-9;MV-TR?DFl>+In1;&#)TmyUUD
zC=hWX1;mq9ZgZsD0#z;Pr7ATU4HD7@1p<<m1;UE%JBr9TjhqD5IGi6Y2I}}JT`he*
zh2pc48KhhsC00DE06M?8#=)~aLCVX=az9y07~+<ScC&A~29gDpzD#2hAm9_(Czo<b
zRC_=>=YngyeaZZ0fz8L(yF@cPxD`#Bszt8?hg%WN;9erT;FSlb-QjhGQeA)ZjZ5)}
z+>agcd3JDtw14c@UodRIQ64+fO&3&yN_O_1rsd6;(ZI%$QSFEER%wkJu@pi*$u|U9
zKE-@jhy?i_hEaEdffP$#K&C@&zzdOK?k|p{i@^h;?}?3p^Cp;Lu<E$`7$4>*7#Weq
z%5vU3=B^Qfl=7zd(y9xRddV<#sMu9r!XmW#dHtZSe{lk;5RXhob;fHVNfde9i*03h
zq<`?P$%JiPgSb1E?3=*IIpT4G=%|~mp?muETF#?pM7_t}o6_|q0P@mqnY(40eSIN*
zOI-Az48Ll~N~AYQyddHx7q07VRv7U?I3m!+W^n`+Sgi#b5$7d@itHEg>;-3-A_{TW
zEB`^$c}(2k6zgQd8r5P(*%rzHNOL>5f;F4Ot7O`QPy4<=KBWfMheW9;LlVeYIhxV{
zd%)cec~vFAPC*HO05l;aJdRIL;TAVq&cfEG?LNA!oZrk}A?`+vM|Pf8`D_I*uA3jL
z%8>^+o9EdL@DMY(U6aO#H`@-?Y+a`AlAhE~-N=fyvT>D0X+!V-P>FbPKLUI8JqbO1
zO?+p68wn-bt1^bG?O5pvT=7FQ#yq;{EwA{_7=pyt)Tc5`0zg~@V$=u&t^F&g-<AY2
zpG0fVRP$i;B9iYw&kLiIt;kskyUDWJNZ165FX@)<rkcNrZJv#^Rn5fsd%(7!QDE^w
zfHmr{is)%&JtqJm!-nb-L?2czWP&>iqbmySOJ;tlU_ife&{y(^?=DT?oyt7AKwX1J
zQwm5QXHoe$16DSTbB&n&<NR^ToD0q1oH+IVQbhRS2fO2pAwgY?IQsyEsaf?x;^VTu
z-VS7-$-lbW2BnmA2d;}fV(>sf1Vm3TWXp7sfo;cw8V0Rbfy_iNLPO#;W?x$K7x!@r
z?slIc+=7MNSs7vndbPpMJ*L{&r7J4rs<8%4t4g;{0sOK+WYS|9Fuyr6s~Q_wYcsk;
z^0YysazjNzf?;L2Egvr1bojbIn|pM&Sa(D<NzugP7rO4k%dB_dPz{2s7{^PJSYoGQ
zPb4tizOZ?5ZP?N;FxA$SBu!AP@Am7vg|t|$gZKtLDjX}H{IthSpYzkZZ*HF5c{|;G
z`;i3c3}8X~c9H4kck^<au<*KPX~1X*H)WC8^0+g#XW3D{9Yw{Z6;*CG7M#Tx0_)9F
zmaa)Xc~e;m`>3N9lyU|8K#PC5ciz{u{rQd%TmPfaVr~E~3}&}bs!VxSj_w4}TOE#v
zDL3&i*2|v(>2pxV?=9n`4CUjAr<iGrA`W-LPJr~75C#i~f?Kq4Sa_G|>>@N-&f=b;
ztk6X=nVKm5W!qwgynYBCWzlB+MPLJq{(8yyLO_hs80dc4d>9fpeR8fWhs{<jW}WOU
z4;vlWo$h*nfjuq@qIXyR;6r$kQqFH2bL4Q1KOsq^3dJa?9L}=qtHWe5y+&s(@5V&+
zuK>?v;;2H>Ba2f+_(hd{mNUL;=#%5`d%bf`-5cHV%2GZ%AnPxk&=lG@6wsCq%w;lC
ziE7-&4Mmrh>H?hevXJG`=09}k$t<b4b;gMFyZd0}X?q@&&MsCDhRmOHr>;q~7Vl!r
z|HwO(#2p%J0ny4ZF)QS%aKq>Jo%Cr^^8tE{tr8d%XtKy9p8_0nfd|^STH2s$;vq;H
z$*IhT&VPTFh2&8X<-)G5!8h*doijHQ%Ky}J7B1oc38f(9a6#{hVwNBOrWy(zBU-0m
z>n_$<606zCnj2`$ZOi186=7P2I{_uGWA`mfJ<lnh&BFMN7NazY-38(y6``Oa5)S~?
z0`tS47op>=d-Rkbh{{heKsT&jVsX~bppLCFN*SV%8-v2BSd+^S{o|Bs#JBpY*XQxU
z#FN!IdtvUcpWnDE3ewx6iNTQ!miPfdzm1~(64J;5ef&X+hvCent8`FzB9MIaKCjHB
zfZ510oZjCPksR1(Xyr(BVLl}%h6cFqBSC(w@{~Nr%z7@G)UHjjIEr$&ymNE9dGEk2
zlMKh;w`x=}z(BD9NU95{7r@rJ@PQC6dLk9TU!00sHijeqnfIAFx^M=%Z7mODP=qc9
z@*XWx38#x8?bay<?hfH7fXKGu`}h&N!n?v@tejq3|4Q|7-MaO_$8fjQUj(RRB?CM^
zn;-R+Z((;RJNFP}O(b}`bA<MW-d`Ca7v_yRfkJGp0?*d%iAu#JG;8iTn)9L~Qp`hI
z&}v&Mp+dj3<Fx1ci9Y{CZnV5L(hQifHbW--#S>J&0~Gbyy~&|`q;M?4(;W>adKkQ?
zT*V%=?O1j_beVn18o|-^aRJgG5WK0}vS)3$IM@Encu$9#Tc*)rAjOHKgZfO0#J~>R
zJLO9V0B4eQ(2^i568b7tQ&A3@XWZX-50y;!k?YH=Q{|dGTDu7zvXMgYEEcPM6p8-m
zu4g%LkbTODx_g!2C+;xsv!t6Lws%{$Utnwvr3uOT$5#mbR3#^x`3}I;g3WX&F-Olg
z?Y)3o3GErN&8IsHes@L<tzrm3Yjx~xF-mL~uDB$XsMtNI!~)FhMn7n%9@NU`SP4uO
zSF-D`>@Q6x;s{n#TDaF#N1m(ow_M+0rMb&Fo6vtom2LbPP^K+&W`tyLAw<_b#{E4V
zhDLM0ieOiggC}pyhb|Fj1tI1-j=x8<Tf6^@Xn%?<2!A%B^lEH+i#1N(^>+Yi-$V2A
zc}rRT9m(kw%0en<i0d2S@?sfF*M|HDBH#m=`yM9&NT7lT!N$YI3FK1|0TgR*#;$*r
zLpvPNhLZ{J_ZLX0_JCuo$m~+gQ{`x{U)b|E!tij}RVGksB#t;?c{jU9b<1u!A<L)$
z*kv;HCqdG`V|e=gQxiSYLk5k$KbrfpwfHe9vfgO;JNyM>@w4jjc=gtn4S64WVk+H0
zURhWLg_S_kvR&v7#|=gdFtL~Za5oXs^~+E0;>e){+xhkNM5$HNgI_dCO*`V<@_7Q+
z^_x6ykbcS;`x&FsvnGbpBKmp$!D)0zS^`Z4c9O#Zxs)Ku^^aqe_g?2ZsWLubDRfSr
zQWnEj3!(f06wp(>(^!ppko3DTyCETar)8W|UpEa0l;T0qSXTTCKttAXn;&EK*5&)P
zliHd_cj+S?>aV)3D7BGP#cdcIy{qTk{_h8iej$^8%_2-}VEdQ?3Kzhoo^`JEydsx=
z?G~5Kyn0a=xWR2BZv{{H@loyu@5ah(=PXy%&;1gJ!2@4Z;l^T~xaEm-#844xYWNZ3
z(IGjmpzb@#{fai`4=C&^YiqK&k2`Sh!U^I<k;?qbqaMcSm!YrE%!C~jE(!<L*92^<
zI@PE$z-&`^vp#wVJmewVd2GU-AG&)!c(}c_F42NQp6;w?;!38Oc@OtUq1m0HRcvj>
zpXw7F@&krkuCkrKQ*>6xNd1Z74M^kGO)7|KpI7khpi}gu1S}onXmyIj{{k^uE>Z{s
zY-?H~_0(VfJ@p0hCe%Qe8xtX|p#f#i9VEcz*N=|Iwef<l6C<)p^CVctCF;lE?4q!Z
zPcvQy1>b0~HTVMtYs1>YJh6<137q={9LUg&(IoSAg`~xG@@?56<RNhLRlMU5K|zpp
zE<8FgOW;WD06c8C&jOXLH_@r`-PR3YwG^w7T23i`nb@m>wNRyKWj=?&xocDAC?t3u
zh$+TmxVQ$snPQX&oq=bA?s*brpEyPMJh<z_bZ!);@7HS4Tp=iQkCP)RK@_F1KC~WS
z{-^W7_(pTLvU2EzOxI2*ct}+zc_`$k#v`z4uEZ8$05;xyF<5UcTr|A)fpJnKj?iuR
zZ$&j>h23!og`($;Iqx8b;PKx1chSD9krY0b(1ID_O;R8{zqjqELzVrjcZObW!sey2
zZae>CcfX{C7fSCs>pQkN2;9iOeDJRP9)hB7Kr;jN8@`zKMsarxZi+wmUgljp|E%S*
z+74d-1t1vbn`0yo!mIwF0`|S(9VCD&C`(od!CEMn3KL`<xub|Fw2uNUQUToV)ufiA
zGkf-;K=TZ;j9_pUk57)_rW5O+BHUR!%R~BAkl@G-A!FL_S5{>r36J&nXrryCMNqBA
z*7;Sm_c9!Kkj?(xAAX)U=Tk1MRkkyD2}hj0O@I_3!ycbb4|m`C?|MBsh72WF21;9c
zN=M*mc4fVNv1cb_UT$E9T!|TCsVq^%iPq6Nel)1e5Oeq7_LVfkzZoG63wb28Bh^*3
zu1UlEvIr~Ql*=id=sxM_ztcI<(I<omI}ZAv{Jit8J3TTy#Bvfl7w?X!z&<G(rcCq_
z&j2KvmxH`&Wau|z^}<?&7@%Z8amGs3pc^xrYPzZ~S;MfOLoI|4@W{+$3lEV>Jh2j|
zAx}|RX83cqN6nAbDe%0I4lFEJmu=*4X$95LdghA=7e|DKV05Zv3T5+4Prxjob1Z`3
zI3nuD)VgKw$B@G2{e0F5GX%dyG~IH?90D-)wAZJ^6)908u4TzyDpDxd!tBCwR<0zM
zUS}5PsrdVr+hjlXb|1Hjms!#yLD>#!z<$#k3Mo?zPhEqkKwt@*xad5L9L`3jPtbCm
z)qq?eI3`K5?x(JCAQVX`p6f%*DsO>edlZ=BQ`T7!=TmnQG;TU)bJ%}UKSxAi0Ri|@
z<cde@tPc<|Xsrlw3lxdaYOq)dzXT&}TfR)VlG<)Mm>m@1`b)l+FJSEYQ=R~_P9=IN
z{Hq5!Qr570b8!`<H?iYPnog#nR8p%*j8FhD+=JEBcsh3iyq8Uf^Gaz#kmRHnbK->;
zYTej0^SKe?=gnBEpO9mrZuK-C^?)^37b-{&^nu0FPN||UN>lSrh`U~+ZM7akhn%_*
z#P0fTMO_icHyzQ!HBjpvtvwi`3B9Ef2@L+2g1Xo*!vR9ZH4zIc@SoA7zuaM!wvaC<
z;w$SYYpE}(FZS0HxPUs}6qAdc9-3^j@LeD5r8vc{bJ$QdysVQ&W=}xqqyUwKwO$$z
z;hS#9##n9^q%-&dHOUhOtF`PZB@Z0u6PPRuecv`{GGtwB;WuVjJ>Nml(K{A1kRN5^
zb&k;;C#8RSn&(Zwk&G1(vK6GjcO6oQ2Ia4n=WfIfH*k;mWSW~{*2a%}d7^j;Cs7qO
z3@0ketRzyAEt#mVvSWCQJOj$mf^NpF(nO0T6`y2&$f1TLTpG>z^}7u(x}b^CNs<6D
zv_QQVQRF*$A7PRtO~)^i1T+aM{v~Ay>4loW8%%pO{ZcWNImAFk1BR3QE7aEM5IG6u
z*6m24j~L$VylF5VXta--O^!JTSvhM^j~PO^GF{(;6Bl+yRfoU<Pjnb83hnl4d=isa
zXevnXLuPr8n<*lxQINh*ho>4sojFz=*jDb2Ar*F|(<4DGyjRc^NqcOp;~s9DnMf|E
z6m@2SPM-(nf!WhX<aB0<M><+}9rPRu>p^qwQ1i3bu_G%_t<#IK$S77D>A#sQf@oOA
zKBvBYwAn2koF6O#z{{UJ9Sr1iX{U}@f4}T3iaF?gF(P$CKmAy5^$6pS)S8F3BO}^Z
zI77Fw<IvAzC|!zqRLT}g?c0zGrGngker%ERRAFKh0Tru9(Lfay2FKMUsLP5Le+w>x
zDUO#?bO&|2<An?4K`yhi22*Nit9Az3+0Craspy%Dk<#M=0@B*5+AtvM_?24<&}114
zdz!xF44t%ye~>??Dpp0H2(PkewZdXT14c0A>;51u{3v(n6Jm`P9)FBwOE)f^5&C|<
zh5DC!sdpuz-SSO-f=g&32}OpW*|!59nC??OOI%g*5Qw52wTx*l468w)yV!8fn9hch
z(LViSEZzXXh~f%-k$a!Tp5KnfVH9s^CBg-#Hjf^C5;d2n*ZFe`d|yMkA?VRf5tmR}
zF|*Hfwf$sv>ioMBJ!bGv0nK@x`cSu@Hp$4;rc!8WDt=M9SXViQQz`R3%&*XpP`_KT
zIte#piK4qz$|#k|>Eu)W^9eAn#Po20pf&b0>PdKj-=F|X_?RXXPt9Qs&0Y+Ze0`0B
zgJ)APB{yhF8W|dkKq&7@TOpOJ)YTGItz|*+4oZued!RXh9C>L~R>qHUz_S|VTWFV?
zWy|F3p&di1kq5rPmzF6vO2eH9igdvTP?QVriJCEK-Z;D{))Ev7l=T!HX=o4_8R-Tg
zvxEUeQn#>HNk{S`a&ttMjBQzY))e7X%)@>ZXVu%l&AFOsF1ewLI+l(2R@(HMzKx8?
zvdCpG%=~rxIcbN2gb88ua}*d|I|19Km8(~K5m)XUe^Aq5Sa)d$6XaV>Efs(AtIYO?
zVebrzmhvGqPP!31)~-(%?lLzbY-*6mbZY^iTk;qrR)EeKYkB@C729Fv_F?G!RYE`+
zk*=Z3Iqb=$!2f$EJK2TbvyliRp}VkD*f;3e5Uwy$tH$PIeF(|hmNqM{Cw;q(E-3j1
zy@Icje<ap$t*~J1qXFx{0)(}`qpbm5I%nN(^yN<M0rxTDZtl&kn_U4N^)T10WWzVW
zN6Z5u^Fi>n{I68RaWn~D`QN$qyB~HfP&#;7Tb;9+O0~83kQq^#-Z_&0NSWWK_!fB2
z=6l2jjG+uCyUKzN;`ZR5w%I!kIG&NxWbjuNV_Fx!m6FV51fDm1<vk}j90X^TAMdtZ
z=gha>g=mkVjQOErq2Rd>0n*te+%AA_7k~3(mc2-ZIHJispYO;f)+R3~mS@u`Gs$>p
z3lK+%f2vjSQB0cW+;8~~mBhuDOKPO4<FR`P;mUflommEI6hyt{xMn4TO-;iDi(<5y
z2W8K%Kol-<0@7V5dh}rQ<rxbevzdN>zzKaq7LC_!{qMD2Ab~al1Um~m7mz{wtL#WO
z?n?^{cfV+%NcfLNp)w|Ru)a0`hwVzH^xV#|?5HLB5-fFbwSQ805*)d1VLj7-p^?&&
ziB<9~j9Bc#P-qf46Ykx2gogsREFw8CR-Xzj=*ZR7SJdJ{5*I>aSY3LG=B)`{b$SYu
zKLW`j$)+7AXMgfL`8}KOFgY-l16~ikI()ccX&=)|Q<&yuP)x8`o4(0s-DzDu-Q{la
z-K^8<5S&TcFIw-a5qM8lxiLwQE;V@7{81*zGh;KZ1K;_juWVSMmE$D>Cck%?1u|lk
z%qNB6oluyda*88Vbio9!wjj4Wpnk#Ac~D(gbA>AJ>92=%%3L%3>g+3z3y7;8a(?*X
zCMW$$OUVN#5UD5n5ExgvX6L4RdRQ#I3GGSnmn*#LXn?%&0B~FCd*9?;2R|1(Mpho%
zDOobEl@uwt&>(_bEk?o8qDl~Y(S2y?uupry`smBTJy>th^7r}l#oVbL=NU2pr+xoW
zdoxXADW>dc*Z#gMju%-V6ELzBHIE#jFjaeDQRNHjX_jMAxanoJ<idn9%u=}18>V$P
zwA_l#JrQ+QIq&Sn{EZ;28}zUu0n=;2a|eVgcg0_0^)wChEJ22$m&i;ht*GBGLsO`i
z;rx*wra7`)ijNlp8jhB+!7SG`Q0$NIV)1i4XQqlWc&smxu3AQ1Ct$IKh<9?)=^~Q<
z$bbS_4XHfO_<WQs`=jH{9z_;wmjtOw2F`qG7uCQj*vc^3;`NUk;qv3R2lqS^y#>{M
zPHV28!OB8V!Ryv!X-#Jbs1bg@VZ1kvaxc=!G}Ji9<?pq{{UHL8O0;K_3KtS^ynRQN
zW)_MkyNA5yXV?v0Rsd`oZ4gqAoV`?)vo&<Bd?J+%b3~CGQyEnZ{-JIKHSU>kvAkjx
z-;nXO^NJD+K=lMrk;Zu+M`ik2^icOuzK^s<e48j)(28);ELJRtz^Ecy>ftYqKhA3)
zgl2FQuV(1=s)s)aRH8E{HN&s$9i|)nb<`d^oESs1G>7)(GX#*a$uyxcfE3G9=OUXR
z<tncN(yf=*Z96@OI?lxh)VS{WNeZJXYb%MGK!N@-tKtkWhD*x7y{~{EkDOz4Z*1Z#
zur|!f7sog@C}ozoO=1dyky^MtDD=bKmcB@qZ-cT<^(V`OLiJBTu~@vv%~QTHFoNH^
zdjrd|b!8!F(gc95H3Az!Zd5RI2^NA>uj@z11l`!7#fzo%k=Pb*5HaU2WTxNV1sk)O
z>V!{#uPem8tS4RS(Bg+6+8kx{rA(B9R01lX;%j`tNW5hO#(Uu4fvCwYl7h9+@8$er
zsBrMzE8H)kYJ!MNlAzdPMZatPezh$&NwQq=L|Z!2Y5{6%nU1vN?h6%RlzjnzpD%`<
zC%Es1%9J;H2fq1hEbSaHb8qP}`E~LdGT0kz<uD)ibmjE4r*FlA;NMq|-f<Rh@-oLM
z)6(lV3L3|*98InIi(6CBdCKyDSt^?mn?cgSE6}=vBTFO~{M<T!j4?>WJgw~rC|+NS
z2Z_S13js|18L~c4@%>!hAnQFQLbg)}w=c-BdYmo6FeB~ri-9(*)wqZH$rio~+VxBn
zW<Hp8$Wq1>`W~*+oOaMoXG&vzpB9nuJcCCrYIkb>q|J(7xO}Eegl1>jCDKD(_<?JT
z<pRTk36cQHIrjRNz9FJhB0ffd#~Y_jmw+*LSOfq!g&Z|V$hgKA?hZH)>((5d=-E2y
zW>d_S!K2gSYsXK&lHamo^A`q((CT&2mKS00B6`UFA|aNK)tFqHIHy3l8cHOU2em2j
zkE@$m1FXT%cdTFY+Z&vZ#K_zg<W3YIqiZ^}NK1R&h;GD=Ky>Pqk!rT(=Z$--Q*QE_
z$^bD<`TyV$#_mV@O7>#q8J3(H4m^d^UOkW#oR5Z0fyGj^i!3L?FVWH4IL+mq<wfvF
zwi1POr8J-%!%Eea@gNMepN;(tV056i2WE0Q)y)1v!wgMR-<^5HDoF+I0?3gd5O$Gw
zLfg_S2(fV?BSD4T59gWFgrLcb6R<T;0oXt2Rp@z5nKYsqq=nn_6{zS{C^G{>^ZXAL
zt%$F@8?8nPRL$I^S#og^Hu=s+GA+)ng08Y^b$mQfoskS_EjjRo8Q<^-`fQRXmN*pa
zmrsO`>hME3PLmHovWwwHNrSHc92I!rtjmySIVl<Zeq;W!8&fl(auwIKlxsYE2F&oF
z=zurdgc7YYiqXV(uP?LF<{!(0=!(!}04u!u?YW^A^L|}vP*Ek6|HDHl$!TL>co0bH
z(2KK>eBlrrKaF(vM{=glpwkv-boF;R&y(>F(EF3tr}$6h=P!h48jeR0|2P}ZWQ$vJ
zM3xDhUfh2zK+9J}HP|;moK!6XzIX^S3Nz7sYX;(^;7ZHDMs!IH0kKBxq&OzlE#flw
zY&_1(qxQ-Yyl8pophxtutlSwHsPeSH_!&LO^F`4*oI@V}ouHq(_9M6DyEBw9rh2I)
z<ea+J(CTCU)w|tQ8Jd2G(6)K?MkK;s#h@Cp*Gkgb$n!ptAbhz?ud+ZuTz3-=O>jKa
zBR+^W6MCm*ng6S1S3;pVbYPsM)AC4828PK@w-dLS%5ioF^<|?Z-8>vm<I+2ni#ge?
zN}p3P!K-BY!pSIK&-yA#DK0umU__OTe+iB=d9*=QDTMDK6v#uMXU>Q`Y*}S-e#(AM
z^=a$;D{TzTG0h>tJUS!*^~N4736IUX?zm#bw!$BB4Ze_gQtuKSMCnP}r2p)NXux1Q
z&c&ZWxU=`xKM0|0TonC|JlaNQfwy3M(3fc>h5^d@QpvJ8MRZij@Yjz3y#@YsQ+mr|
zkO@232pzvJVLI6g-Za=0;e@dLU>%r~(C?dJq%>J>vUPM%@Y*o|4JOO?G*3X*7FTUK
zh&LPw>Y`TVo@L|8fMDSl5}__QZPa$JV}P$;0O5A@g+!1OJbfV%4y;55<Qpnmwx2yu
z$X%b#pKh<E?pId^AE4m~n6aV~UqnR9E5+C!LId(IBBK0XL<AsU<R*N_KTue6{exK|
zS?pCS4j~~IU^NVsBo`I?AZh8;+mtyrP#(i@$uGf>*lf3)Y;{xT3MSXx;oIhd0{%wP
zPASGh6IU`wH6$xrvIZAk!jg>Qmw>(6=CRDMSt%CDELmM-HgD|M(27t`6o(y1d!E+W
z73FGt4Dwp)#cHlPRSUQ<$%PQu4iL^i%V)gzQWMMtppic{kR{I_0Z~ds*~u$!{+K@_
ziE<(Gf^I71f4tuJVXW3#G1^rKz`Sz=9M)-V8Y8-0)Ukcj+=<J6s7f3rge1^f-Njq2
zdNCrn|2Gd|tn|f0Oud~&-Emt!zr3BkO2C)>#YlSRr17y3Rm(AGn>8vk0VNMZtef&{
z1q2a=X}-#~_TS&Xh`0J*KAt+!NI+>(_wMscL|7995@_Y2Jhqn^L_@nX`}-{n?QHF>
zQ^_Uadp3G<ex$tZxZhoLl@ZMptd?qPe;!<2WnGC^L#)a@UxUo`gD%8G?fw3K<Dp$r
zUL|=HHoM)u>*nWdcS-NF5wn;b{Dn7T0lF3(#N<6Kxj%N+hfWe|b{&Y^zHkV$KAjTE
zn#%HyGi3pIhm6%NIH%k$^f9SpwGIc!Zs&MUE}M{nGI!pfhaj_0^-mGyfj@PW7+BGN
zRd}pd7S2X}9ib0)MoskjWw};iC;bOjV2AIA@166CgBTYzG?%*-?x?86e27tOq#rme
zOSgnjQN61xP9s?tzd><Wq>#k3uei&c*NjEhn#z~h6Ns**-N{n@^hUP4{f&|)Q(6bd
zAy9%e`#PNp1oZs|fGR*^cL8sV{<Xx;3slZ?2IT<`=8=Q)0=4t3sM*-Q3M*9M1O?%k
z#T@Ki%<Ns9N&e**{;zXi&*uL!6KDT->^}hX{~P;{t;zq2{dZpW|DU}7awz+svF!iO
z%l?mP`TvvmUv??~E0+78djKXBVuJECmKG|30f)<|3ICxwRN>hEsSf!%{JX{e?-n~Z
z5U!jQUZ3P^V6OHqB&;kz?Q(u}uKymye+I|O12nE8f#8N?<p%baGl8;wHHm>z)u?D}
z{{#3|W#fWl;{tw`i-58J6F~wLsKy8Tk}1YjlAs(wqbeyhj{o8C^55b3|CN{#7*>e{
z@t-9BIXhcT23)Ho`@bRBRnlNzSIMv82IU6UHQ)j7YDS^NG!)d7G=P1zYryO}7f==;
zMtwCN%hz~V{&9Tc<mA$aW0tTtaWJ*Aw;<tS2X59AfPEeEI>dm24Fq4a{iA^iN?Kb@
zR7R&Ur2!KZNY?@n)M-Qj*0wSO9~uKdxqut>gkW48|LFpcsQ>kM_^)4w`|EDdfiN}r
zU|%n2zET6RN>PEe9qho68ayyo_J6*GQc{prmz4!3ykP=~o3nvu4d{)t%^qN2TwMRY
z8LodaH&(SRfPP&opo8%1Gq=MClsmEW7LAkppSk<L7v$syP9AVH^85;g{;!b_4h#XK
z2CaavgONa=13@&-e@)^4=)&_)7XUXqFRP&7f9&u*va&s_zN=|<KE{%IJB-kAWcX8A
z+cZz>RGSbwNlF}wh^QQTB9W59#tSzjf*2#kv;1a<*%g;?BC^h&X;I~Ws=iuRU9VBV
z7Fcc#%$dL9KkAx}y9y+>UHW6wmiyYC`>M^*Zw=P>qrRjKBJ6d9$r%udAcSh{X)w7`
zpSFsg#(S<W{ZwkI-e(M<2E!79Sn@sjch2i%25cs%!!Jnm5_C<5r4I1RkSM+EjV;3l
z)064ZvZA!@-n_Q<O060l_GM<P%gluK$B+8H095C#0RY9{FbT<!SE)flIHaejxNQFJ
zOFin(-oJI|te;PxA31=FPY1t1l33fg>lM_KcJ}cJK`*Vz%M}49@4Y9=bER)i!uv<@
zF1LAq7f3$`Kw|?$6#J%0neuClcP`JCes5h*4=WHe>fLv@x}DUUP55e6$r}_WRHgX!
z>NL7BiA+)>q2q_U!$|!gzhQC;UJ+*?$qIjhvG_r{Bg#Og_vH=`%l(6ON0EW_TR7pM
zYCmvAhJpMSjQ0=T9ffl;O_a`v<UyhznDwbEQa-}x)JrJP;myI|H>6JSJmOW<9uT=k
z=q<sR#!{115D*IT6jZ305sp9T>O;~be@WPqm!PwU7Y1|YQ^lfk1tZ^Z?Z`Psq(ekG
z_8Sl7zM#ixC!pH`sQxN?^!^#@wwBNt()FFV+07z7N{Cs2PRjC<@SbbG&qcqW7R;nb
zpG?mZ@^p!OPwFdoE;%jzlhxv`v!{!`rP}?l=yHU6HBD2WV@7CYVprIV>&3r)L0W_8
zZgkj}F2fGUZFbTmjGN#ewAtO<R@%PWv3d4wiEUYJ!M42utjDe>)a|WDTnMHMn6+%4
z4>cY%=1$&ZtFa!z2XywrpO(fzfw12nn;)iY7ur+R#2F+I-@}}wt^X27%f<r|3SW&S
zb}jm#-m|Ivi3oWJdD%TDGbYX&4UlZ`mN8Bu#gl#}k<2<Q$(LYB#ghwo)|2kzlP=_&
z=Ac4P!@UFnoHZI-3QaO)!Ujbbl?t}QG|kq9@VS>1)Zxw?RrWu^CI}V(VU~LwFQU9o
zO1K?Q!M2{BXNh>3eY$-#G2R9DhWK6PlHE!3{gP=XiZ)14Nf+d}<6A^3iWO~4;kO}n
zAd%4QF@z66*zAyA5*-<Hx!jxxK|D=jKR7BhtOs=sfXEBg8&CZ@U^Q*Ms(Sub-cne6
zbD9D8h7L;#U%ivBG3xs8O(RqaO0a!FoYy?US%i`WuX6o$+q5nG37MmHsE`9g`Y#Es
zHfq%v$j_KbuwF>?gB0>HA;EAxBSz$I=%+0|Yo=exL%CcXU`_1g<~F0a0Tl@`@fl`!
zVkgH8fXliH;rva>I9}BZJK6@sbdSW^GSch3UtPu3V?Iz>;9a{lGcVU`W&Q7z?-B>k
z8V5~N%!`=AE%Pli){7)-RKimf_o7>lhJk`+nZYg3JF<G!TOzvK8IGr>dX|ZXYl6bw
zGItrlbrW!rw007jisda@6OGT14G*mXn(Kj603zxXOG^Sq3BtyXSdC9chL04)he;=<
zjAm<Cw7gXzhTx@{m(r~~lv~ZW@IP23;y=S`nM9mXP8!|U%l#{AAdF1`x4zf3?{VGu
z$Pk~HFdh!U0;jgHl11U?%Sj~x-}6S}X(^5glX}IXjG}*uYs10)?N!fOFPZ>*&J&i)
z1SmI#^OZ8Cd_*7iX^)14xhZELtEy?48~M~^lr457flZ+xZql^DQ0aYkl<e;E49^)H
zE;C_K5ql>YZM2uO<N$@~&=bufNHC@E6K!i%e{U2Tfqy4<n=xA!`NRZK$eVQ<m1@lA
z-hbP8dgc^ST}68B+BpN=0_Dk!b8pK+2E1Yk)8k#fg3dYiC4U5~=?9i5n-p2~K(b;W
z4PYuvHrXu2g&Ds^X>&=e(qzGFnC){_GZ;EYg?@4JD$=^eyG?{yZ-h;O@Z0zLTMTZG
zF|Ie5NGh_~HloUrQE9pI2UgD4Cns1zyJe0H;b8VZLkbgHc)?TIV>Uu3?0n;<0S*%A
zkX%HTfy*t~QrT;G5c4=Nd}&9742No#zY%ls2|~gV@D6~{0(bl)Jeo3;1=U%24fm-n
zUeYI4I0~^B_^;XI#x-ghGdU)(YW#O*{AY_WVxm}`rc}1nq=<et-A>Psi;oVya@Tf)
zYDWPAxg?tS8Q_-cv}C!(M<rePfODjD+sw#N#Yskc6Ti!oTKlhki_pKhUKqfmfX-0#
zxZ=loi4!DLgWk*FQssphFQ?<WR#jlLc%~taq{X!fa_)Fi-wZCvq2e<NvtL$yI63AW
z>eZs`JZA$F-OXlx&@h+i!OtU}5@kFmB--%u&p0!MPf4p34O54V_6y^L1ICp&Lbxb4
zz}&5PPWHkK|5zfdawEmz8k~iC5>^3X>e7jKq&B4IymOQgyrjgW60VLpb!KG5KvLBP
zPRX=qp*qlHccoV)%WbnWz9c_Fx!ve^1vp33KwH_=T;ie&XFBZGPV{2LXjnx*#-<`X
z+G#fJTy|QPJU=I5cW*%};LoHN+vIc(?0n3=f&S0>7dphf@{)P%)1SBMkzfHTs%3Ow
zF3I&xHN1TUK4ffurKQ*2vc=A^$Vq(E#(WqiA@mR~t_BUYC?~YdovJ4!BT27+KY3Ld
z<PUcl)o!PLoIw3LfZWqvIy-CP$a?Rw^~5fIRwmu5=zm_YEoeC{1`K6{aYXyWmoalt
z&h^K5kaib{nwu|a>KOh4<=)5*iSR)Fb70=fOTb$$t7b+QfJWnTd)~IucK%)1!R_bP
z$%f0VoWqWhw9OAI2AI9qP)V<Iq*I&-bc(`ci6T-VxiBTuJrxkR#bhjNdK(+INjD`2
zq(40<>ppD?;o-Uo#ehUQ<%ui%s*BD!l!l5qGRiro!#E~Qbc*zL=GDTSYh<Qz1+v_V
zpYtxdR`;ZsUOd*&I;|*)*E4ahTMs$d_gOvK-pG1T*y4l%h^Umai($vIY=}@lcV*0e
zsLFyV`<wbE_KkROEJHj0#*dm6b$NSVvr8omad+#v4@2+O0s$yGTv!+9GZ%LnD0@&w
z<v`(MzE37mE&0lC>J7)d5*3a4G#gOzG%$VR5oJ))(jggJsCck`F>#5|TXuXqeU7d8
zFc*;(@p1WS{cRgs+S&om_=tJoY|Xm{yCq#45ZyaLZaXi(VoBC|Fbc<sY<UdLOzuul
zsQxUKg2S0n#tk5kCNK6)%M~*1C0nH_2u*s1yKuv6&!6~?_&GJ|Q8Z#vZ@NWdVrTBl
zhv1HEa;mpoA<eAsRddLI2oS9tT8Nnxg}g3Ghz3ibD_1ANB&LFgzAv9inHT+w&_!K5
z{X=2NYn~=^&1ZVg*xN$Jt~#$YtTAU?)sUqXQ;*>=ZXN*8doD+n8|pD4<327LI+aSv
zJ|n`$6kOhW*GEw?{Lp`H8Q(u+V|)c>q)(Y+p~v(|h{CQWS*e4dDwkp6MoN^$w}Kqf
zMzKeU5D_O~;^;gyp?XS}AvKH4J~3qlc6jg=3+m^F0_Gm*^d(btkbnB;kFFqXg~oY2
zJpDvK^a8-w7ZXkbwh`C%-bfjX%jLxVY8Y^&&L|GZ<-$|woGa%cBbW9QErq3qMkKP2
zk%)r_AD|sW<4JE=Z*K*E*SE!R<9CN~Gvw>c-OUH!NGH|bmTAz0wjvEjyn=v8_$aFw
z@!0gPKO`$(;D)d@>b7t&Q%U_o^Ss0A+l}^d6$FeP1>FX2EHS(-8Nh0kPiv@q2=m_~
z8yJ7Lmqi+dY7Yr%Zu2X;>lXW2*rR9$;sZW9O@9&y_LtdU)ylU8msv!?gaA`33kugD
z`QhNmarTJEDP7FH?MJyhC8&#@ms2fDhgzPY26K6&1Hb)Gi2H^M10<)C!HSBX&Jrn9
zx+VaWiaU<>Ug2df4VUcN7)MNkf|&*}nevhMJ@n!}5{RQZvD&MLKbN;3XJDCRt>+Dc
z_MKSD1}kd;VKZ=5(>rvYfeey($tfVmd7~*r##qH&OY5N2Zl4!(+b#qF8Y__c6O&WD
z!z6-C8$;k1qBfq_5XHV(4xp>SYpkgnkZgd>*k!$xp6PH+^kzz3%{))>fdO@e=c~K0
z7N1}EgSP<`5?|#$pu9Nlra@HW`t(zV&uB9FIndd8dtK|4?N1HQRHgyryGlYV4MuzN
z9+T3c0fUKk2KQX|+X7)~^34y!=7d|}nsQ}OuH9(T0rFVH=q0M-iK=MxaGr_d3uFM-
zlrq*Xh-Ety6~!Q|k;@{AIBO6}+88N-_|+{+1Xu7Y?VK3fGg@1(w8Us*6aufr&_Tb&
zb@kQE21BtT<XnA>{BIbQI15X3_GhXypmEw?PJAZ(_wdTOXPH9PF15d?R#~QWQkBr{
z{+Hu&0;B}=`Te0{f?>Z<c|g0tOC133#yk1sA~_LY+?CUfcJHo>a4PM2v{gTlS7gXr
zo&pdr1u;4IIO~DWtG4At*Ht0!)t@c#&8kP+NQwxaE+03RgHw4=iMlRUUJCeA!D=00
z5)w*{!xu_}EY5_~!bOxO7mmXzMN}4+N$Ds3LuEuNEK=H8Dz^D<>9aG11J{7RGUXZ3
zs-87CiP8h~(R0=fn65dLpu%8@Ulv*e6s)jhw3@T(dfyWfWVFZpV=*Ish~k-eT|OZ8
zLV}ChhNWO}V(x35JY!V|8Sy++osx2~6W8o}UBN}Wg5AS~{U&*^-u^hUlYsm5F;?`k
z7f){kyS5ouNKSRn);~H(z&Qp`-`~e<fOE};zuNMe=AO`5*`hCKW}M>H%*}sfy@cjf
z8I&O4uV`Uq{gS~DC=nZrjt%-HzW=rC{F890b|}fqAkrf!1jsfy#vs%FqLra7-B(rL
znDqngkoAezBxi4M^Q~m#a#EI7GfuAkQp9+6z&5&w+|tMv|NCUvOzhY05XnvQbh?RS
zQebGBELYCa#};(x3cE=O?YUU^4#$=>BnejMzUO--I?~Y-iFSmQkC5_%4NUm^C6-Af
z;HCQ3BDwMHAqqpY`$o@#Q6rO!=0V?tTaRepf-NZzwlFk|SPd6`ZhUQK=OCm5zM9HE
zX`veoT~;OER+k%;qPG_axOYhxWm1gR6bJFjKC^J-YvTJn9xHa1+6?ANJvdZ{|GtD(
zCwQD~Mvmv&+DnO^kXs%(_~Oa&l7hF#MuxOTN9HZ;q_eEzb-vvrVaH{LN*}FDt0r@5
zh?y+N{=H7c2aG&}WO4XMO8<l2RrLrt5(u^9FTq_|RVgpv3lw540BF^U`M|2MV>dFs
z89>dGu}|!?z&uW5o0qWNrz8EoccUSlg_T$8NZYz?CHLy;NT@D>RgH^%!*wXM_MLIX
zz&3ya|AVt5Cn{^!))vkug|oVCpMt>U@8QDo3b<GQY8&Y7v(_MdYNcqH(o!=cs7sy(
z@v)pWeAoVB8$#X~pjV}ZzfXWuk^mhW8)F~14;2fV+t4c+*Bx&NVj7gtky`qDE?eM;
z9tz}rjc(c@koxp{&kr@HfkX)hV=bq}g&7r<qHr4YBynsy*?J`g`byioYTom0q62is
z=tmj&ucr*|V84LN#8W%C_O4<(CN@?4`&+Q<v{3gQj?-o}0K-)v_L{a(T(4<V*NEyX
z4I{J0tEB9_T5Cy<`M$Yc0i$Y1ZiPy!wRJE1wUeLHVslB$*)|dn<3)Id&}wIiJ#L9C
zEtmG=hE7mE*4ie|%jFL#C2>mG<_?~|HUhl>?n+~63pc{bOF?;}ifR*fQiQnm_7GVR
zRo?<q!Bp&Q0C9TE#OdwDBRzrj+f^t`p$R&g+3h5PpXe{uSa?gHfH#+2#iwHw6yZ+9
z=a2ipR#PW_B2p$+=*J-3v2G5(MK=g?Dw(*DlR%uEZS3rIOJu6SFY+c<zOU<9*g|3p
zcU7pai5K3p>e|b_s2xZM1J<+9JWS7M2emKMw{+7j0Ox$vlc7S6wM)&9oJ-*Yau6kX
zV8o7zZm|e_ZZlVpN`cD<#)p(k1I8XO7McwSXBnkzmV(9k+z**s#fY)gKah#hd+C#8
zi7BFFoMjHBw8i=4DhIlQF2@x3nF!#A5-Vh#Wk*2a*j1$(=HV9pdQ-Y~)aEzAe~DXg
zci04MKyiywGJpBCoJi6^P48rMQ=_D$5nSxru_*eoVQw1nY~Y&_67rh5VFySzv;ghJ
z?8C?AnRUuu*+SH)l-2Vm=8F0d7bTMIfJY2N6OXsjX#-M8!5KkY3c;PZf#Vt6&(7`W
zzP*WW=!y`L5F-UaNpcHVaZ$@e1oeJ=w>#GifJ`Mvu`-s#*M|8!hA%B87N^<fNby|?
z&NXDsr?(c*L5U*C%e&%-5|!N@WfPwMSWIM8RCHN*txZ{3S#4ZpcyIRB$XtsDdr(Kv
z)KYG@|D2)uDuY>;Qwe1}SK}W0K3jb@Sa{=Ldy|5*ld!OT_$KT&JyHY=oE#tMMqh~m
zz{2w2@3#8qnDytcq;m)qv8%gpEhdY7pgdD*C{kQ`B#Mw$dq#6uSojxk!d9WQguf|H
zjup?Eg6@}p8~E=0gufwzIWpv(g@-y0n7`nj&ccFhfx{DvDwHE|3JZ>lCDX|p_<Pes
zEcAgqlgvA;ae_SjQp%&d&#r5;fXg^i1DHhLTj`bvs7`0S6)zUepc=xIH%3XN){wn(
zoQ;%28wqn8M!a{!)LMpH&!D>uu=tYSM1{Jaggk8uW(GOtBH)i=L{yidRY{^*G4hv`
zaPE!=yKsXAmC}?O{kWZqbhB8BnA)(~2gUJov#G;uGE-~nLwr$5Ii4m~DVf@a0E9+F
zcH_td`GuSrliY>rFeHquC?t#Wdpch#A+3BZFwE?XiX>QZG#q0J-v{FobnIES<KfEM
z5cWI`yD>)27NL=1_0kd&@FM?(1q>^=jG&U6v<LOj%OnP}MVWr&R>yAX%+h8(gZ*L;
z_z^Uk7+v#{E+0KTZ`|QYFHW#ez^PeWhYnnjxHwXIbVP@{mAXuTfGohtBk3ui&aRip
zLqj54!CKY<n%nBH<FCx;$+@Yfh%yU@m#lS+wU1}0Hpm8|)<0($>e<t0;9?vMB`!Uf
z7=WCojNU2$Qsab$XnTUo%)}jMDq|}YE??X}NV`Dn4<wB|#)Ti)i%HA^06K!G5{??x
zlRkuB+UTLN%fG!?5eON2QqJOW$WQVWm}XpN>yp7bHhhBeI~q!xFlV|jMR=SCXq$ne
zm$tK8Jmd!mMU<zy9Frw@UK!)lU@x-T3tpsfMGLXx_vEr~sznKrOCjbHF?m4bcN(6P
zg=R*nZv}B}aEUb#%N=0E0F>m050LjX+2!_#zyte~&guST_iRqju|J|oV&&OtMNDlT
zZ&u9Qaf+OcA9@ZVnEZ)R6>PlWU=iaq5)>H$-AANEZ>(Jm>{{7FN{m_=!k}dplRc*G
z2JBH~^cimpDGF2g9?mNCUa9Gc1}Ut5$XY5{&aCh~1z0NB8pB180J9m_st^l``l~gF
z<!HNIoH6VfOPVm-zxCxkBv*SrQK<6l?8wCRICB0Y(sQVc3<_u6Hgp|T2Lq01o-yye
z?F#*Qv(G8~##WohO?+n)N^Syy3At_G(#_Z*ym2C5?}}6G9pn7$0S^L$Yi;faerkgb
z^blNIBug*B;hQa20HMt&{5M)LcRxZn!LSlPYH6?3*O@Ll6rTB4U!O;Z2OJ-#&R?&m
zya7`)&!m^9eZ7K?=|tb=eeVq7t}ex9sh|EDi5T*|FuA$DPb$`Q%WD-)(0eAjBQDHi
z7BsYdS5eJs^UzrR0jk4s2f!VI_KzeQu83W{7I?M(hOL8%2uQok20ZNZWg+DeB63#+
zqtD87cs_WKA}M&+p`wA8%5?}~{mpj`7r<tWDcRBB8HbF(Ex%nT;{jNa<h6PUg#v4n
z^yq6*Q!*;yPeI=o)0-_D9lvGgkAO50`oGryMhel`2r0r{`{{@OU7kyrcp8<B;Mox+
z*OmYP)A&vPCm;ZQ6vA{uq-lcK6b5b&A#sW&8r<%t?I3^lwwEjcglLCK=T9T$#7!2D
z=RQxB&ZxOB(yA>_=FLIq$Y8Lf`p5$Jk~$}c<Z>`PYQqch=KwL?)L3mER73SmYQwZP
zm-naeU0ZI`y&m}Tag+$5V1Uz2A6VvOJe*2rU*6&&48S(fWmPAyd16YXBt#Ob4GM-o
ztyC|wtcSX`1|Y!eOsLonZg*9eCTULPF5ek9n>f03`arxQ#+v)<N1s6U`Bu9AM(318
z%^oH*gzF2$&@g0}W;h=LZ^}V~E66d3oi-x{8%k}cP*eQQ20Yidu(KJr+UqoblSi9C
zEHDn#JV5I@HlQnSy_2e2sHrZv^~Bs%ccE~l^LAt#`&xJQZtcvK8*hyWVa|an;1BZ(
zp(Xay>~rYpW4BU|^*e5F1V}gG^=%MpkMk_%r9y-0AB!*L>AGI=h-C|Y74S@pUw|Y*
zhycIhImia9qb-o3HTCiWi~krmy{%c;+f&ou3pj07uhX<1R9HU7lU-L=o~imGq(>)h
zLQ5;OKk-7t!d7D@buI<&gVnFpM)f$pn-tWc>>z=s^8OuyKc$?hY_3^pQ_0vIZwjjT
z^bt`hYF7{=hlC4Iv6*|kW4ouG7h``1A+A0p<-E|&UZs=}&_}coCZqvsK&KZ(GAK4}
z0KTiP?rC?Loh4Y-3LCfOeiLqw_!Bdb*UHk1S2I{I^g%H4(IX*hq(=1OejfMvwDK7P
z`gRQ42|2Yp+}k@_NyBmoxmZA(VhMiIv!tA%-2P461QelT)6`WIu@n8!nK18=Dumm=
zeWJr*=OQ}yliH5)GRZw)$drWWsXuKF9RQf2;f#ZGyzX%P`;<s?QoEVuT_llfEm>{z
zT|=m^Aa`ZPA6maRV&A`)eEK6Ck9s87Ts+s+{;3OxABHI~XRc+bF91mzoF_SyTC?BN
zGKGXagWm^=TjOJN%l&e#xf{@{#_|^->l(~~!rled;9;Ab>kZRx=aM$UVc}c;4!~UY
zuDHz0dzBnmF3E4}xg=O_`AbU_TiKG22eV)}X2D*zk)GDvaE?$#JK7C9#!cm=osjgq
z`>|6#PIl}O;&5;d2l^8J7^ARW9<LNTb2$g$T4!R=SzG<M|9a2uH<>b&ry^_UdKdc8
zJ0;j}ZaI(-ng#&bX%nN^KV1XeQ2>_>en8}tHVCLv+PD<M-%WTfbl4+DwFdCm(fK&*
zzyGJOw+xE2Y1)Q^Bv=yM3Bg^~*k#e+?h=9%+zFE4i#r4f8r*_ga0yP(1b26L2+m9H
z@A>ZMx{|l*J!@<0tlsJAo}+u_$Ii^rOyPc?Gj3smjsi#umx8twuHQTP?~J^tAR2fq
z)ts-7>hGqe9bXRW>Au&jxtt7fD)cvl@w7z&t49%;IN?eO@cIxpSRF{VAy)ii^kvdp
zN_uPJ;7qO^wx3DG?+n~x5aw|Ik5f}c*C_!F%zL*L+q}6R#!_QR*N|B;W8t=DjHUpj
z4-N}DUjxzvP7q$t*tDOdIh6WHI~i{e)IK*Y`+PTe*>c`3Dx&5^l__h5V_3)##ejO&
zv4A)(%DqlLwEA#HRf}~Mb4^2z&m!voU2bx8o>yzmv*#Qu(0eWQ8)A9zm5_5b9m7%?
z(0Af&Q+7n|)xs9PCzT=|0Y3ZF?;>t*j|6zqC#-L+iB_H-*c-~z_p}KiOLh}&c-W~M
z9d^nYh%OJ^#<w|-rR4aBr&A=T8RzS{#WVl(5>PZ1_;Bs?YN<`DU!wM_z=>lYPIZ<n
ziR?Oue#Axe=Kdt^4<y8-4^#=-{Ipe$mTuZDG;~-h;W>h=w0y5W)|9P#*0kND-&A{3
zC=R(vJ#FUb8Rr<4l&o6U3g0hATr6gYMLLqjH;_!q%xGe&z2>8QuR9Ta>ZaAh>Ve>%
zfDk(&Gc|WzigenX3X=P8lZ-!Kj_Nit@j2w)U^*jH23<9BT%0rTsAWp6af8oBvOB}H
z1WuV5cp3Q9W;4=2Yj4Is<)a=U9zhh(!ehRz@cz$kaLoM*3ldih%jzp+I4H(?RUKc3
zQ<hVXQ=U_SQ;}1dQ-xENQ!QqCbrF~AKRfIH*l~^NTZ17$pnq<+zClw}of!W{+ut-H
zISSB4g@DDwrL8o4q-pS8sb;gt1(Bgbl+{RFCAKqu0!|CWQ3+_@JBkAzj^Yb61Se_e
zvK=WLH+y`2&UuiMC}h&#>$anJugO8&pIp&b(`<X->jk0^$3R6M7f`OZb~uEd{X~E-
z-ywV60PZ||QFpuUkFI5@IiZ=DVW{2Rk4Q<OABkU+os=B3ZYkjiCV>dhiE1w<WKT5L
z41pe3Pp`Y#k7l5@50|dnwEN&Ej8;KufQtdtz{R|Q&om6O)PfzTfnqio*bzbR=P14j
zk#V)sgJ|r1uD3A?ePB}U$kk1^59RPW?iXGVh`~LHmMn?ux*iVOw+~xKDD`E=%NV{z
zQSY+0i@<i2LbreRerEIAR-fAE*MZIfuKxa<8nxZ7$Bbzl)hTexTdTefxI@ea#yY}^
z%R7@n*=Cf+0&h+JjY<qN_BQ^uhy`X<Qj)Zb@(2@Wug`I=JCj~-M3PW(#x5d1@zcw-
zR|A<h`8lIjy-^j}aY_z(YonMJlxv~`U(}Ufs{HswxF%euocoE?SUx<<Z`66)Lt573
zRd}|zQuV0WHvhImZvvjuP9AX7H6%+mul$pjrZ}Disj@OAs!Mx<L0{ktSc0kDpcm{E
zx{E)J&TD3Sg=RwP;Ggnyy+Q#IDDgb-!}0v(L=YkEb5c1-0kHnQWTe4OLYcNnT$ki*
zDDO6FBW#}6b+Kvgz`)RS#dC;nC=Qs_RYa1tY*mMfFA*af^R4_KVvg&4ck+8~<(B&h
z1Gvj7XUfyzhx>Q#_ICm+Kf?8Z^N9#xG{XCney$(CG*UB3GMpZY&yj^N90uXx6Oe}E
zm1UE&u2ylG+vn5yby+&s;h+r<SN8k)VV+GqfmD;D<A_^)P&I-`>et%@qIlr-`$guj
z+R@#z?&9{E?fEaThPw%EX8A~uX$+xUgz2@s85wr8FSt@3DkhpO{U+u>SJ(N;M%64L
zEDBYa$Ya0j$F@Tr%9tsFtMeeJI7nPeBbl;ia~x|kAf)vSH&SLncbZp=&2=#Z+UZtm
z!bNn5B#p%9<x4RsQduT!Xm6b)%hLL!BUXs_e8?G3H<+<q+Te2+as`dJPvBN^ae6C~
zgrR9NhwLy`tA-AGqj>_xHvrZ(=ESB;b`6aSfFVQrP>HM^op2YSk`q&Q^Mv+Oa+)rS
z>sIr^F2ea;dvGT^9&V|{T;09j<u4fydBPRUlmSLF!t<pTv~{4z7nDXmJ}6uCVsLG$
zuVO;~X=ZiNxU>4HmV~U~rilagK~-PJ>bWTWO%Z{%Qfss7lf!4tpW4@B*vrsA-Z`-(
zc=d3WwvdR+d4`K2qS^HJCmO0pauILA#vy0L#Da58x6+x<%rt!;X?CBxDfW85P(>%-
zy6QbnN>X(x;>i<<G|xFgrSM}Ej<oxw7uXaPkW(uhG$Ci~_#=Lk3J^P<(9g*Fn4bkj
zAh~pLobu32J2;MZqS*3wqBLA1MEi~9laFYIe3*3cKMwfbBa|E6UW+{|&@UYBivd+Q
zfWe)*9CtHu)I?w+PVd-L;448_OrJp5EuVCU|GSDXvX1dy!qsg9SwnFbVPSF2A|CZg
zDU6p)8L#V<%(byhP}@1BDpFe|P}@~b0XHkb-V}nGr?MM9#B<ps{dJo?RzbNRi?`=p
zUzF?LER%*sB7*u`&93nI*1`8oul35iv8~SSOKmu+k{db<t|Vki1n!pBtD0pT7md{h
zg&HLo7G-x;^7cY;4Z-e7-n@-p4rwS`)Mdl?iq-f0NS?mxTAV>C^q21+BrR37Q!zf2
z?h)I}uws42aM|o*fF%32A<;bng7LImN+7gm8#F3hh<Jj`E%2zLU%?oA{gXb*cxun*
z(<8P%;q#yR(AWI0{iD#Iwct@PL9jCoxx{1fv$#{%geH@{-lyfH_TZz%0eQ5sQ8&kY
zHi_>X$}*ii$rr(z&FOk|-r9|+vy*6`X#5+F7cogu2^vxJOk3@@ajP|_bk?}%mS&ke
zRmoJN&k;UmQEOP~)1RMzw0z}6%A0946MDQFRIJWq(ff7v-B>jHfU*n8u~3?AN{z;X
zg7>%riTvVyR}YCx{d9Ohv)yt3jJ#)w$mNW@a7YAQSt8M?9<=3U@4z#<3RC@!#Bv(b
z3-tLVi(vw(B&;GX#)-TG!m2<I50;}@Zs(0_@CO9X+h6`rY2hR&i?;MetSPZ1>k6Uy
zSY8OfUBTM)S&SAGr~7*!r~r-no}HFVAxvIYUO}OkmT_;ov1HhCmO!g{joQh;ZJD0^
zh<)b1x{25F^>|5k3Nx27LHiZlwnDSg{UAe#r(8)mtDes#M8A?0nY%8Pb6yjwXatdJ
zd5Q=%|7mS7;~_;aUs;c0NIyX`dOKFvo^t)`Mah;pw$efu-o4Kx>}-<Cr5|Dv_npxw
z`+JZ>;#sjS*AJr|I;$Z63z1-c-whvqkcOUs-po7m!Gu6M5qwD-J`9Q$#n%IqgHfav
z+1RX`^u*(he4gS;6ZG?XYAV46Qw0z)`}YWWPxSz9$?b&A;7LOAbBcH`3gHBXPAaFS
z$9^Bw(y1tC@Cg<b5&Tj~=_i7b*k*$<__Qxz?+soSJxb%?*M$tL>9oJ{`o^@KvWcA`
za_C&l-ar<Mjs88v$5|rAjc1#nQ|vGxn<jH4u#qEOOyaeRizrX{3HCnKx0KYjr%{s#
z3~f=Zw4*zDHv8J3Z&O1a%D%2=FOZ#0kjEP{?3z=H!H%aBGWbJV#JR&4BAdjXCljIH
za+gMsM3x2<Z&+fkSGz5qDU9d#WpcG0nVjLe(hF4L4Eyh&(j<RFeva|6Dd(jKR^iq`
zPrm6^VB|IW24<DFQrmZFn!GO2)p|)YM1NOE^^t>|?v6i05BBP*Q=rO-Z;J9VUuVzM
z3|NWfbCF~r8#4=22?0XogXDO?<Xy?36CQC_v8&b)4>DiOrHuo9=F`tI^FOcaKg*{u
zj@ge7_6#si<CgcKXg0WB@gf9<V^gL|B<5%#eC7TPPHW~D)E{>y7k10#$=uD{5E`UK
z$#WRgizb?4*h^184#vunhZou<<1Am1=%8C|-nYc*XZeQE-Ucu{J|v-mCtwk^y=@A@
z9(f#nDwqWf5BFlY{dgBbeL*k+AlA~CxXA~ol->hJ<~GFI=>WdL*~O<rS_TDL<td&q
z83$aX!@&iNxMOL-c_Hpj9S1IN5mX<$3l;_$OKk@;S2%P`X-Xn|l}dHn-40VbW%x8{
zcp3@n{EHn-Th|{A4bc;gSX<@Fh)S4FMpmz_TYE6;2pvcD_ti1FswHM(t;cvjlF<QN
zR+XjN41#zvB1vnLhTcDRe-1Cm`J@%FK)gKUI;1d8|AFgSr+Y-1HfLeGBZBxv){*RN
zsHsTlVHss5>0F5Pm0XQDWHCZ><szK#`{QcYiF$m%H(Q{u<D=P=DZqa3+Es)~H2<?P
zC%-k;5d!AK2YNx$WiCsdtUcUoZ|nP=g%Z8n@3*Y2meTb8<rV$g)b9!3Se&xNboVHl
zeh}*<kEHTI8>i4{lUZsZjzENQB);4#U|MFk`7FA!b%C3T@zF2F35lAINT|8W4L$kB
zl`CBr-HC)=wK@jJqEfTx9v)7K_k%;yz>fGE`;E_rCqqbj&;)w=%MznSx>=%c;rWz=
zqxqJ1sCt<~pXA>iiM#5QY89dc&*zz|V9ZN2Cn3|8rrPql`6>GBS(+faxdh3+xBWtu
zt{$Pwe9x66plQF;dGfi&6AxQxD+hCw-Ta~KlC6QG{*|P}kq63qh(N21|5dQyksi%k
ziS}Tm{PC9wrG7_#jGtQrV}Qm_!xFFXq2F^~{^&S(tAgW>9!(6$+_9{(GG1FXHV#2)
z-^;Nv!_#yJUcw6@MNJ6A-l@tds?M*Xa+ARNO+%J>;gJiyl|urWY>GQnPGoARH@4&v
zSu}178IisSpcC)x(W6s**`;6Qb@Y_t>f{=201`Blhf<Erk&QhRiOi3w=)deQJ%ihg
z7qV^GTum-jV_j?6gWWoeFFW&a%DF<0w|iw>?4#%^`^zCX<zM3wZd1~H#O9Ax2Oz)R
z-COY=?TlD5TA?uy=wjq+cI=MeSUpASf|M!P-kg3Y+|i(FeRCg0wXk1F)rF&MfakE&
z_*0ruqV#dJVAU<ETul|3eW2cx`}X34qbae6yEbV+l$d)&5>h*T=FUQ<irx!&`&%TH
z-Tm_3I<L;6tGf$P#6bAdTfp_u?d*ZZkkR}NDs9qa-rDPYzr(o==Oyv|DYfBiUTzJ|
z>6rQZ>8h9Xw&JG9X5sN_7M%B}8{UnA0|O#*Xsd&Id-=tj?B-KPYL^q6k1P}we!equ
zji4KGNT1I;8!y>A_4qzdYD50E>9z{MX#L#$J><#mm>*p41!A3CkMj5y_owO4?Q@$9
z>lV632epm%xD{!~C=Y$7l&}K-dsvi@y9lUE-uR01s^q=iF3bV_^+zGIr^dII5b(qc
zE>^Z-45C&m!PMdp>n~khQshE)H;xwUWy;I$<!U;JBW=tzU=#<GtUSF9hvC|b->SF@
zr8t;(j2$Lms1N11<0_?peL4T4D`(j~9aYI%&OqT`5z*(tzQNA#DWH|S5Xr0{T9o8Q
zM>isxKaZnINXtX!d`P~P^A2zoSjefSB!T=vvTd8zIFwbVuckNCBC|l{eJ0Vl@Xw(J
zm@Bl11DCj?H<0IWLe@9VZ=pX~R0mRWKb)5TKBb1vm<yr*W0kj9t8^dneY0wm;+F1U
zd#sW1VHb=yk-C_uDS(2B++I&cBl|^#YO7UrcZ2lVE1273{4bIv`LVIEP=kvW2EODd
z3w{ecy(fL%Ugoa+)=?bwuEw^rSwwbDuIlZe{YBlfE_H<K3)12CM`WdsZ9(l}c$8x@
zgkMf_!;BE&d6|;v2-zV6)l=D-CynFRt7nT}ThwzF>*4~if^%yIMf}CgoYCDpE}*wZ
z$AmAn*qd(@pVnNTc25g`xU{Lj1Pk_~5KX>BJTi&gJVC!{rlD>S3Bl$}59G#t`sDZy
z>!#9U|E2VbGT>CLjqgnGY-fTOwKHwAiQ=?s@eUoKdHTxZIjPpp*uk6C<Rs03zSbtm
z$e|Zs&LIb4Ry+HHob(qn4LngHgYHwqvk{Z$b4#D;FSd2W57@2HJZuJ}CY~)}+<7nO
z(Po4r1rhS2i{b_wv|7NsZ5PK5ykstKDN+R^)8b>(eC_)sv9#6HG&Ntd1Uz<6EJNt`
zGx8`RDqD1&?qjn3mSb=v3WAj%=cS!NaZno<<(BY1WHg<TY#XGpHNvf@+vwvctt~nI
zg2bBHu%DgVLu;HbdIax&EzQLf`_#X#3=!j8f5rT(hBA$iqwr>LSKTS4dDNjGP4>EW
z?C=h5i-s0I7Aoijcc?nh{>2`At}aMl8RHm+P!swtg(5(bYX5kP31y9HLbN965yI`W
zQ#BJMJz-9KcKj-V5j7Of&knDrU0TiQ<NcTtH(NV+^a!cXCxtMqgZ2wYb(>F5O|fVF
z?8#Z|?egA4-DXRrUv@{?Kx_Hu?$ZsIyRN2@jnaAUeZhA%U0zS_Zl54IwwiHJLHL;R
z5bV2=qCzh%EcxxI92LCio<%g@UZ%<qY#41&9QqYL!*12EzE&X|L{(@Ae#9yJ!Aa~r
zQ=X@x<!p%`{}!=Ivs`|!xwN@_ei)7H-V$Zmpn<WQX*G8#QO0ic?(&}48?w9LST+*~
zCo2eaLk#B4ROqDaHZ0GW*Yc%4(R`PWhL{tQSmqH<qS>kG-7T0UET?}*2n-ozsPyG`
zx;k7-9f``wS<bAj*t4zOEOK3xm;BK!`GZgbVjYVXTPERTOV&Z`NfRtY)xSz%XW$v}
z1pIDH>e*Pua2F;}<5iX&?&$58SEp^d5jCwn^mRFx^xd)nM)aM={$jcQosT>7NDw_=
z`-Y{DWb9!6uNO<0*qKG_!K%r6$y&*JMoH{_Y&~>6KYsM}s-ci*$9}}{+F9a|;1<^c
zqU>*n$PRXM97G5%224s^hgYljm`ua~w0g*y9}5;z=IKMIBjJE3-dE_N>aWXnQZ?zk
zpR6Z}+_Uv-8ldorglz!3zs(yrA0Rx_vXnM(-LBQIb%!k&jg2?fjAW|C{j)Er5d_K&
zPKb-84jad~$1+dCe%@bf4j=tY>G1B))^>wcdR6V5HI_ya6Q~C(kTI+qXE}DbKB;-Z
z>#@B!hFqniD6HM<i^t#orP0`VSWifi*q}f9_7|}4*|QfYuji+KGTzyA$9_T(6J+95
zgVdsu>-l-j8%P$eH=>heqX(?MehR592&stP29@V-Ug%^mGlk!sY#m}HQWK+yJrOej
zZeeYNu#@l|Ky$s2uAqtlg|L?bYlD~dGVBuMGt(B>newA?gCx@xB|k9g%1%gE$(m{2
z>d2Z&3gckXErpnea+4uQQ$`SUswdg~rgnM7-}0+!>m=1fET*<AkDWhO-Ics;Oc45<
zGaT7C*%&7K$qR2S@tMn>i=1+0BK<-g<;g)lZLzVniMeAGcM)9)ZdLiKbH`k$1f&|G
zzWXX=I*<=(SKX58o;Q$xZn>hOLJ@StQ<YiPSeCBw^xy@~^K3&0{=Ei7$!C|c%k)$h
z$z<yu;L4}jEyIoG%Y6<KUnLPNshh8LzjAAxMX%684Qq1zvbdqKb{08BMY$T<GY;pA
z^c{D5%Pe0wmum)+Xy06HMd!%qfI)KcCq%y-orp?u-%N@{EX1~D404-m$UEAY5J~ID
z5NtW|f3N=$JeIm=ZDGTSuwshrQ)DmbiR^r+HZT2IsbPA@!LosGd1N>S&*;rS-ST*{
zE3>)rDDKmuAe-ReAgOR+@7>R+<R|AzrZWO&z6*5;m8YU|Nc=w=)&i{FxbaT76ngBO
zUxtFEzhc$ULh0Gr>B~Vmw7Quge5skDY>g*34HNO>se02axcuA`h>Bkqq$e*0Z{Jtc
z*uHg6=jIWBBjr>u)1g-kXAa}Nlh|mT*2VJ!Th0luw9_opDM^)22}$~TQLRzqO&B?M
z<fJDjqnfJ*L6k!9lytonHnwS{DsWEer;|>N(;+Ni(j3d@vGGLleH{|=ea5^>Rafk=
z{fAnL7Q7Y`ZreQ15o548HL5ySCV5ILb5eUGk(U0*OCs=d*Q~v#x6O1w_AB3#9yT(@
zr(w9R;4+b(B|Eb5R_rzl%|aRCSU_mHMFnQBRImFbK1KG{6{R~4Y$$lmd@P6FKPPsX
zRxV{NC8%j)&wy*pd@5{AKrZl>o)jc!6f-g$9a9i}E=Avqh>QvTB4s4O@A{M`-FhE!
z*ty=%-7G|H_1cmeHzsCV5X%c+)!}kYGD2F>R?fCBqr|c%V*Zs=9#1J>178DoGeNo9
zT1fADc$KF-YjyEi^dygMg|IVssGysdL|b>7t>B|p&d`_r8cURo?lHCf5tjR^qv~Uo
zd)M{fP|D*Q*mbOmo3tscZW}yjGNJlLZ=c=2dzPTOTavAIz$8HtM^5@8j<iWe>HbOP
z^Gk^s#T(xLy(mPB0)@h3YHk!Ct}|J$ipR*`V#a9RzCwlqVw8%=VybW15Mby(|6Nvh
zQB^S|LU=d+%nPf^#*WE!VYV2<<(=l4o>pni^da{N(yywf%45=+LPdUpY|w*-j$t67
zIIBtct{6)IS+i18!mhM$GtuUKSH8?lUFn7c-w8buK0p7h;q!aDZ?kR-P0iO0&2IEz
zqyABnbRxHS2<4c!nK2A(VPWBybX?O{P@&ULLG3ynxFw`UOSUnd4hCYe<SNSytu`f-
za`omHk&pN7R*cPDG3*0C%E3n4H`v=<0UVg*Fwe#sJ>j?F%Kh71%-b+V`J|$Ve#Kw6
znW>~H6kmCCZ+UJR*?FMUKn@-OdH@3li0e%g74<`Xq89|2sWEuC<X?|3B_vwz5AdJ1
zhXpAd$|NU#N{;4XWTycc8k?w|7Nn0^5_J~o5R=2a4TwNO{Y(rAqyv6{&_qQOj1yCa
zFqgC=LjipgP+!8Eeygsu#12$|LqbhLT|b|Rz*jE}qW}O4CJn8zbRugsNzX5i4300_
zGCBLhh_~jPywUt&;u+y6wMd0%+ObWnybwirnf+jb&<q+s<u32Vq`uwE{(H?vLD9yK
zk85cqMLoW-j)tn#eNa3ONDeFNy^*_l4*7gq5yb?bIUnrsMYb*}v?&@<E856XLR(#^
zt!~<9Q?FhY_b?RKsRrVge&^9P8Vtlup_$)KK%`nb7!AgGeiz-=(6C?u8pKq<PP=)%
zS;0g<Rfa?%$b2|-&6*uZM6ciZafi~b1clg%?m4v+(=9%uT_kkgoA_0N!(58BaX0kh
zI3fv<g~4lXFkx-c!sqAR$R3fvF6o&eWD~5WJ?cHUemVK_=Ovwy%jWS%Q(N@@gj}Xx
z7R0!Icv$V68_J#I(eaNT4h1jR8Nek`YFo0?vp$)8DJ=S}%XA1f@{JE$3spH)#!l`!
z3RqN;vnWqkKQ3pzVeiRpT-VUnpeP=k*pz){;-FGj@K{@#71%`{JH|5-&_6qS_IP}{
zTN_Cif3dPm+KyQ8fP|qL?UG=3h$-jgj3FWjpny4*GfvEE_SqRd=i!V>g*OzpN@P2A
z@mzt!kUk9g`Rt;aZi(~iFW54Vp;T|13yTYP|5WE3oNyideiZd=RjjQl@Z-KWtL;u1
zi4d=QZ95?yGV#Ry<LNk2R7#TBR%7C@qJ8C0uvqBI6Vj)rbyC?Z(VJzn5pn#%i<F2U
zT(-Q(#|J;=>)*?0%Ms`XJA`}<ts)Z?8<wp4l?_TvQEU><UgW50@zA6t9oAcAxbq2D
zLI~x*neJzE@TA3VQWxhMT_YQDSq_bOMZo&{9)C4Z^SK*zX}U3&z)<&1ImQE_uf-0l
z6IY_s%~hA9A<gr411a5u9;-dw5mW_)e*(h?bUutEmG;#W#MA)kX@IacU0;U4nTdl#
zU4fC8`>*=B?+{b|))j-FHCkUkWRIO-3|JPRu)3SK56f=l?z(C-@?NOzR5hioS;F#J
zPRK{hKdca3j@9=DusEEEtIa*ua_IYXymTt}IVGlWsBpERhTdJ9d|N8pmg7_kkuPQO
zP;%SE>SuGZ?U3!5?GKyoeEBchSfB5PMAITuu6w0>Wx@)gLD~T_#%gu3n!Qn#$Z7~`
z?8hGxtVkJbebqyBuxh6TG^D3gr@rSJwN-qj0J|Xh<2bx4p~l`|^5x08D~U#Xa~NBH
zzOGZHW}^9#OTi;5gX%TCtxWjg0OIM9cB4t(JZ6&EV+3A5ThZ5#Cc0u|2g!a(3{gx!
zj%%&SFEvw!c<Nwc%re)PRwbP2iau{#wCq}D{otul!87N!Y{21`jf~J2duG?~EYvl#
zxmE`$-nq-&te=Vxj5ju2PzcP}m*}jgn|W#Ucz>a#wx2Sm_+-`}gC6J1!;jFZPJ)i^
z6y;(Xg&WH0A`3cudFR&uWR9+(O|cOjS0uBD!al8-Yc?I}I1pP9h^l!13N?YIg{t+I
z9BVc!&nP&Ck8;X?aJ!1a$vb%a4Sk8CC#k!c^y$UvE>{7YhbPB)Z)I$K!LhQo?w9)c
z#$tEuxRklH#)3!0WFZ&3E=!22@-^17=rFpl18!YiyutEg8--u%5i*~Yt4wP@pol2n
zlvxc;v!gZFk31i4N5gU~c1K8mKqZl_TBVX>qIe&ST{~gjV<~$jz|LH48QiprmUqX(
zDu`G6g|_57zIa<<`lHhC-{N&YzrZ1H3<|uwt}SgKzQhTRCyr`-G3$ha&_;No2Gz*K
zYe)ibN4vx6S>m2LiTYbr=ESk6QmW-CqKdK^4anQobF&Fb(0MyHKc3s&kblxGv|=&Z
zj8x>y7pXo*ONk5TSpSMm=2I3XOD9dkxYAg1fwEmUIXXRXurNFrw3Dy@+TsK=)CpeD
zvgV*-qCb_5v$Q_cbv}oNxDbgO;pJHNbw=2H?Mj}AmJD>M64omQYvs6R6>K#K<isgt
z3qj57?ME=xZm;NZe`;0jG&5NzXS67Kg?@rE=U4Ekr|6rnDUjIn|Dsi29b8YlQq8cH
z+~VF~GnV4Q(^=xVc5mMw>5aHK2klL4-g$D3cotI?zE0DrANg2;XbolBT<8W)nDBjb
ze!r0jZsg;4cw$MbEz(4|WgHY1$UD0i6Z+-oIK_ffI*pk+rKaWVNJRgdXv+vG04q9;
zr$fl6(D`{Ax1p9fd+d4Ie3N8$$7dh7-=V1M4BD(`fC1z4N!83UjkLlmfQ_pKRh-Mu
z+hrU0yvEz*PH$uhL~7=^)`teqmW9QWP|O8H?s0l{2aXss8WshL(0XQp{0Y!t0$wy5
zD#*Is4<;?LXSB>KHV5p4PlE)i+ZIUt7g|Q*&D^V~L-Hf)8jNRf@F}ndSGZpUVOJog
z6dti#D}C-H#G?vFfoHl?9?}9}HwvyNbPI1>i!zrW7-boV`v9pL3vphjFRdCR{y%C;
zwU>F}`h53o-#lMwz1M-X(Q=%RR_uLcCgo=))T3$d(oH@~-w3s4R5<Rjm}^UHJ&}nO
zHBtFeB+cXRH8|&^XEQM$*YkazkbesQc~BRP3%83c;fFcAeO{B~Uz_Fzj3xYy_ba9D
z_x$4dG`J_`2$#5pl-&*63IX?FE7+UX;4G2}RhD0s?iM!fXm*CJxsI-h=9|XqX5Fkm
zu)oB=$;PL^L~B%%^lAh-1W$P;%00WY^UzRS5cR_-i^#3~IFHk#Uq<68VDegnF_DdT
z&wZL5<>RPF-}AdKXQ!m@YVWxgN3~d#k0s_3_7Be`h!A9#Bt?b>Y*)t}y*UnzzT(HX
zs@Kmog1M)7Vn&i@bD;H+!ScLI`S^PCuK=QrEd#<*j^^i?rWPhxxjBs~SEBie4bGi>
zJReHA=fo(kN-k_{SAN~&p%AX7<4-cSNM^lxZHMh@gAQs*<Nbz4V1)U3>(c^20)!jX
zh>-yx4?t8%>{|9g*(jgyV2UCK-B>#J@;Kda(?k<j&3*%fnhVA$xklFPC4XhXsGS_R
ze}sD-=PsSXYYxt0${f+<yIe_5-ivozxH~{zIr`D0b*{fQp8M%SxDa%FmmSz7_3IH=
zubatem8k=(`nbM>l9*@JcplKIr87X-*ArToU8`u`%(UC3*J4u7JK*@?eUXJ0ULA`^
zr~L!#P{;bmcLchH!Met=WO?a5n(01YQ`@U$Qycfq#&P7DE+$+L^X8R&{e<FL1LbUN
zo}LJH3r}U${6t3zM#6ijuk)|_?oi<G%j-3%m`Hp$xX}NwCj9R?3uw&_8B!7<60{}&
zfJB4*7y#vgz~YNRNWlMjT>&ArFu(vtAOo(q-0VOg?Crysi2?fqHvoVg_7-YlXbj~7
zavMV!Ipc?bNDMUxV5C+g1^^TS(*yt*A3n^OoN~5Cq6Ut}Orks>00;tjU|$1*f47Jq
z=R$%ZLF1o8k;q?xxVgC>PJ#S>sBEY(|MLQc0DkjF{7VMnhCv_r9R4kXfkE-+P$YT;
z2m*T`E%^73a5(G%lYhy;Tp-W`FTlTLAPCo=#<-x|kUwQ$AUD?o1H`{{xj@kWIEr|X
z{?~gj5CVH(68Kj`2pj_A`a|}B1^1suAYc&mF9(04_J=Nr8_xAW3-SNk_-!8m0Kxu7
z;Q@H~pU6DK0rsb15F7yh(=Z4I1^&axe{4MH!vE9-zz{(ApAA897~szi!QclU|JUpP
z&uKV-`!5*`_M400_w!#=0Wc8oPXqyQ;P12t03OEw--aMK@b6rJ!2y4H4F~=OKM)9n
z{yh*7_|H57aRVU#49S1+e^BQB(?cKx2>){=Ao#;f_+xY+Zs1>G0zyE*KWD~+%YPyB
z&>!Nj<N|Sne^Z_O3&ICw*q<GOfFR&MNAg?Yp_DE3uXfyjC-sBw|KtqfAMiuKkUvoX
z!MXmLVh_aZf6s9U`2RM?|H>l}918xIjo<i#!4FHsA0q~H!Qg+!4g!Y#=4$!<{5NMH
zaBje#?YO`I;GbdQf`Pz)A_E3+aT)(5e1P>|9{zR^2<HAXBw!HuuY?0X1oTg5pdc6w
z5P!voME<aD67eHZ>56m1!9pM|v4^!mOh^bU41QQMMa9J6V2}`0h)WnM!1w=bq4S%b
b$HCFS-qG3K*aQ;_0m9&z^z>p1;+X#jY|ksP

diff --git a/tzpfms.ps b/tzpfms.ps
index 0868e90..c84157d 100644
--- a/tzpfms.ps
+++ b/tzpfms.ps
@@ -1,15 +1,15 @@
 %!PS-Adobe-3.0
 %%Creator: groff version 1.23.0
-%%CreationDate: Sun Mar  3 13:06:47 2024
+%%CreationDate: Sun Mar  3 13:12:03 2024
 %%DocumentNeededResources: font Times-Roman
 %%+ font Times-Bold
 %%+ font Courier-Bold
 %%+ font Courier-Oblique
 %%+ font Courier
-%%+ font Symbol
 %%+ font Times-Italic
+%%+ font Symbol
 %%DocumentSuppliedResources: procset grops 1.23 0
-%%Pages: 10
+%%Pages: 15
 %%PageOrder: Ascend
 %%DocumentMedia: Default 595 842 0 () ()
 %%Orientation: Portrait
@@ -237,8 +237,8 @@ setpacking
 %%IncludeResource: font Courier-Bold
 %%IncludeResource: font Courier-Oblique
 %%IncludeResource: font Courier
-%%IncludeResource: font Symbol
 %%IncludeResource: font Times-Italic
+%%IncludeResource: font Symbol
 grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
 def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 /Zcaron/scaron/zcaron/Ydieresis/trademark/quotesingle/Euro/.notdef
@@ -276,15 +276,372 @@ def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 %%BeginPageSetup
 BP
 %%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-ADD-B)72 48 Q -.4(AC)-.35 G 42.103
+(KUP\(8\) System).4 F(Manager')2.5 E 2.5(sM)-.55 G 39.602
+(anual ZFS-FIDO2-ADD-B)-2.5 F -.4(AC)-.35 G(KUP\(8\)).4 E/F1 10
+/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-add-backup)108 96 Q F0 2.5<8a61>2.5 G(llo)-2.5 E 2.5(wa)-.25
+G(nother FIDO2 de)-2.5 E(vice to unlock ZFS dataset)-.25 E F1(SYNOPSIS)
+72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0
+SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After)108 153.6 Q/F4 10
+/Courier@0 SF(zfs-fido2-change-key)7.564 E F0 5.064(\(8\) deri)B -.15
+(ve)-.25 G 7.563(st).15 G 5.063(he k)-7.563 F 5.363 -.15(ey f)-.1 H
+5.063(or a dataset from a FIDO2 de).15 F(vice,)-.25 E F2
+(zfs-fido2-add-backup)108 165.6 Q F0(may be e)2.5 E -.15(xe)-.15 G
+(cuted to e).15 E(xtend this to an)-.15 E 2.5(yn)-.15 G
+(umber of additional de)-2.5 E(vices.)-.25 E .273(First, the wrapping k)
+108 182.4 R .574 -.15(ey i)-.1 H 2.774(se).15 G .274
+(xtracted as normally during)-2.924 F F4(zfs-fido2-load-key)2.774 E F0
+.274(\(8\), then a credential)B 1.604(is made as-if during)108 194.4 R
+F4(zfs-fido2-change-key)4.104 E F0 1.604(\(8\) \(e)B 1.604
+(xcept the "primary" de)-.15 F 1.603(vice and all the ones)-.25 F .185
+(holding backups are e)108 206.4 R .185(xcluded from the search\); ho)
+-.15 F(we)-.25 E -.15(ve)-.25 G .985 -.4(r, t).15 H(he).4 E F4
+(hmac-secret)2.685 E F0 .185(is instead used as a sym-)2.685 F 1.555
+(metric AES-256-GCM \()108 218.4 R F4(EVP_CIPHER-AES)A F0 1.555
+(\(7ssl\)\) k)B 1.855 -.15(ey t)-.1 H 4.055(oe).15 G 1.555
+(ncrypt the wrapping k)-4.055 F 1.855 -.15(ey d)-.1 H 1.555
+(irectly with a).15 F(random IV)108 230.4 Q(.)-1.29 E(This turns the)108
+247.2 Q F4(xyz.nabijaczleweli:tzpfms.key)2.5 E F0 -.25(va)2.5 G
+(riable into).25 E F3(salt)108 259.2 Q F2(:)A F3(credential-ID)A F2(:)A
+F3(credential-public-key)A F0([)A F2(.)A F3(backup-salt)A F2(:)A F3
+(backup-credential-ID)108 271.2 Q F2(:)A F3
+(backup-credential-public-key)A F2(:)A F3(IV)A F2(:)A F3(encrypted-key)A
+F0 1.666(]...)C F4(tzpfms.key)108 288 Q F0 2.238
+(is actually a dot-separated list of de)4.738 F 2.238(vice b)-.25 F
+4.738(undles. The)-.2 F 2.239(\214rst one is as-described in)4.738 F F4
+(zfs-fido2-change-key)108 300 Q F0 5.181(\(8\). Subsequent)B 2.681
+(ones also include \(identically-encoded\) IVs and en-)5.181 F
+(crypted blobs.)108 312 Q F4(zfs-fido2-load-key)108 328.8 Q F0 .081
+(\(8\) shops assertions around de)B .081(vices in a de)-.25 F .082
+(vice-major order \212 depending on)-.25 F(de)108 340.8 Q
+(vice numbering, a backup may be loaded e)-.25 E -.15(ve)-.25 G 2.5(ni)
+.15 G 2.5(ft)-2.5 G(he primary de)-2.5 E(vice is present.)-.25 E F1
+(ENVIR)72 357.6 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4
+(TZPFMS_PASSPHRASE_HELPER)108 369.6 Q F0 .046(By def)133 381.6 R .045(a\
+ult, passphrases are prompted for and read in on the standard output an\
+d input streams.)-.1 F(If)5.045 E F4(TZPFMS_PASSPHRASE_HELPER)133 393.6
+Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G
+1.596(ill be run via)-4.096 F F4(/bin/)4.096 E F2 3.262(sh \255c)B F0
+(to)4.096 E(pro)133 405.6 Q(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 422.4 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 434.4 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 446.4 Q F0
+(Pre-formatted noun phrase with all the information belo)160 446.4 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 458.4 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 458.4 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 470.4 Q F0("ne)160
+470.4 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 482.4 Q F0("ag)160 482.4 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 499.2 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+511.2 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 528 R(En)87 540 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 552 Q F0
+(If set, enables lib\214do2 deb)173 552 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 568.8 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 580.8 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 592.8 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 609.6 R F0
+(The lib\214do2 documentation at https://de)108 621.6 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 638.4 R
+F0 1.6 -.8(To a)108 650.4 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 662.4 Q F0(ThePhD)7.5 E F1<83>
+128 674.4 Q F0(Embark Studios)7.5 E F1<83>128 686.4 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 698.4 Q F0(EvModder)7.5 E F1(REPOR)72 715.2 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 727.2 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 744 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 756 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 2
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
+SF(zfs-fido2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
+-2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne authenticated by a FIDO2 de)
+-2.5 E(vice)-.25 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108
+124.8 Q F0([)2.5 E F2<ad62>1.666 E/F3 10/Courier-Oblique@0 SF
+(backup-file)6 E F0(])A F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0
+2.867 -.8(To n)108 153.6 T 1.267(ormalise the).8 F F3(dataset)3.767 E F0
+(,)A F2(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the FIDO2 de)108 194.4 Q(vice, which)
+-.25 E F4(must)2.5 E F0(support the)2.5 E F5(hmac-secret)2.5 E F0 -.15
+(ex)2.5 G(tension.).15 E(If)108 211.2 Q F3(dataset)3.244 E F0 -.1(wa)
+3.244 G 3.244(sp).1 G(re)-3.244 E .743(viously encrypted with)-.25 F F2
+(fzifdso)3.243 E F0 .743(and the)3.243 F F1(FIDO2)3.243 E F0 .743
+(back-end w)3.243 F .743(as used, the meta-)-.1 F .926
+(data will be silently cleared.)108 223.2 R .926
+(Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
+(ata required for manual interv)-3.426 F(ention)-.15 E
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.465(xt, a ne)-.15 F 2.965(wc)-.25 G .465
+(redential of type ES256 is generated on the de)-2.965 F .464
+(vice \(with relying party ID)-.25 F F5(fzifdso)2.964 E F0(and)2.964 E
+.499(name equal to the dataset name\) with the)108 264 R F5(hmac-secret)
+2.999 E F0 -.15(ex)2.999 G .499(tension requested; the de).15 F .499
+(vice PIN, if an)-.25 F -.65(y,)-.15 G(is prompted for here.)108 276 Q
+(This mimicks a W)5 E(ebAuthn re)-.8 E(gistration step.)-.15 E .962(The\
+n, the credential is asserted with a 32-byte random salt, which hashes \
+it with de)108 292.8 R(vice-pri)-.25 E -.25(va)-.25 G .962(te data,).25
+F .137(and thus generates the wrapping k)108 304.8 R .438 -.15(ey \()-.1
+H .138(which is optionally back).15 F .138(ed up \(see)-.1 F F1(OPTIONS)
+2.638 E F0 2.638(\)\). This)B .138(mimicks a)2.638 F -.8(We)108 316.8 S
+(bAuthn login step.).8 E(The follo)108 333.6 Q
+(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
+345.6 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(FIDO2)A<83>
+128 357.6 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3(salt)A F2
+(:)A F3(credential-ID)A F2(:)A F3(credential-public-key)139 369.6 Q F0
+([)A F2(.)A F0 1.666(...)1.666 G 1.666(]...)-1.666 G F5(tzpfms.backend)
+108 386.4 Q F0 2.708(identi\214es this dataset for w)5.208 F 2.707
+(ork with)-.1 F F1(FIDO2)5.207 E F0(-back-ended)A F2(tzpfms)5.207 E F0
+2.707(tools \(i.e.)5.207 F F2(fzifdso)108 398.4 Q F5
+(zfs-fido2-change-key)60.227 E F0(\(8\),)A F5(zfs-fido2-load-key)56.728
+E F0(\(8\),)A F5(zfs-fido2-add-backup)108 410.4 Q F0(\(8\), and)A F5
+(zfs-fido2-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 427.2 Q F0
+.486(is a colon-separated tuple of unpadded URL-safe base64 blobs; the \
+\214rst one is the ran-)2.986 F .217(dom salt; the second represents th\
+e ID of created credential, and the third \211 its public k)108 439.2 R
+-.15(ey)-.1 G 5.217(.T)-.5 G .217(here e)-5.217 F(xists)-.15 E
+(no other user)108 451.2 Q
+(-land tool for deciphering this; perhaps there should be.)-.2 E
+(Finally)108 468 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25
+G 9.506(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 480 Q
+F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
+(to clean up the properties, or to issue a note for manual interv)108
+492 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 508.8
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-fido2-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 520.8 R .729
+(ut otherwise the dataset can be manually rolled back to a passphrase)
+-.2 F(with)108 532.8 Q F2(zfs-fido2-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 544.8 Q F3(dataset)6 E F0
+(\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
+F2(zfs-fido2-clear-key)108 561.6 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 573.6 Q F1(OPTIONS)72 590.4 Q F2<ad62>109.666 602.4 Q
+F3(backup-file)6 E F0(Sa)203 602.4 Q .353 -.15(ve a b)-.2 H .052
+(ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 614.4 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 626.4 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 638.4 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F1(ENVIR)72 655.2 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35
+E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q F0 .046(By def)133 679.2 R
+.045(ault, passphrases are prompted for and read in on the standard out\
+put and input streams.)-.1 F(If)5.045 E F5(TZPFMS_PASSPHRASE_HELPER)133
+691.2 Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)
+-4.096 G 1.596(ill be run via)-4.096 F F5(/bin/)4.096 E F2 3.262
+(sh \255c)B F0(to)4.096 E(pro)133 703.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 720 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
+(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E(fzifdso 0)72 817.889 Q
+(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 2 3
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 124.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
+1.666(FIDO2 back-end con\214guration)72 153.6 R(En)87 165.6 Q(vir)-.4 E
+.625(onment v)-.18 F(ariables)-.1 E F1(FIDO_DEBUG)108 177.6 Q F0
+(If set, enables lib\214do2 deb)173 177.6 Q
+(ug logging to the standard error stream.)-.2 E F2(De)87 194.4 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 206.4 R
+.727(vice which supports the)-.25 F F1(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 218.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F2 .625(See also)87 235.2 R F0
+(The lib\214do2 documentation at https://de)108 247.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F2 1.666(SPECIAL THANKS)72 264 R
+F0 1.6 -.8(To a)108 276 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F2<83>128 288 Q F0(ThePhD)7.5 E F2<83>128
+300 Q F0(Embark Studios)7.5 E F2<83>128 312 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F2<83>128 324 Q F0(EvModder)7.5 E F2(REPOR)72 340.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 352.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F1
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 369.6 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 381.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(2)183.837 E 0 Cg EP
+%%Page: 1 4
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 50.243(ZFS-FIDO2-CLEAR-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 47.742(anual ZFS-FIDO2-CLEAR-KEY\(8\))-2.5
+F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-clear-key)108 96 Q F0 3.587<8a72>3.588 G -.25(ew)-3.587 G
+1.087(rap ZFS dataset k).25 F 1.387 -.15(ey i)-.1 H 3.587(np).15 G
+(asssw)-3.587 E 1.087(ord and clear tzpfms FIDO2 meta-)-.1 F(data)108
+108 Q F1(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(FIDO2)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
+(xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
+14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
+213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-fido2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(ENVIR)72 247.2 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .045
+(By def)133 271.2 R .045(ault, passphrases are prompted for and read in\
+ on the standard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.596(is set and nonempty)4.096
+F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 295.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 312 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 324 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 336 Q F0
+(Pre-formatted noun phrase with all the information belo)160 336 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 348 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 348 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 360 Q F0("ne)160 360 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F4($4)143 372 Q F0("ag)160 372 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 388.8 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+400.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 417.6 R(En)87 429.6 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 441.6 Q F0
+(If set, enables lib\214do2 deb)173 441.6 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 458.4 Q .625
+(vice selection)-.15 F F0 .726(When creating, the \214rst de)108 470.4 R
+.726(vice which supports the)-.25 F F4(hmac-secret)3.227 E F0 -.15(ex)
+3.227 G .727(tension is used.).15 F .727(When loading,)5.727 F
+(the assertion is shopped around to e)108 482.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 499.2 R F0
+(The lib\214do2 documentation at https://de)108 511.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 528 R
+F0 1.6 -.8(To a)108 540 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F1<83>128 552 Q F0(ThePhD)7.5 E F1<83>128
+564 Q F0(Embark Studios)7.5 E F1<83>128 576 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F1<83>128 588 Q F0(EvModder)7.5 E F1(REPOR)72 604.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 616.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 633.6 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 645.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 5
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-LO)72 48 Q 55.603(AD-KEY\(8\) System)
+-.35 F(Manager')2.5 E 2.5(sM)-.55 G 53.102(anual ZFS-FIDO2-LO)-2.5 F
+(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
+/Courier-Bold@0 SF(zfs-fido2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
+(oad FIDO2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 1.141(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.641 E F0 -.1
+(wa)3.641 G 3.641(se).1 G 1.141(ncrypted with)-3.641 F F2(tzpfms)3.641 E
+F0(back)3.641 E(end)-.1 E F1(FIDO2)3.641 E F0 3.641(,a)C 1.142
+(sserts the preserv)-3.641 F 1.142(ed chal-)-.15 F(lenge, HMA)108 165.6
+Q(Cking the salt with the on-de)-.4 E
+(vice secret, and loads the resulting k)-.25 E .3 -.15(ey i)-.1 H(nto)
+.15 E F3(dataset)2.5 E F0(.)A(See)108 182.4 Q/F4 10/Courier@0 SF
+(zfs-fido2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
+(OPTIONS)72 199.2 Q F2<ad6e>109.666 211.2 Q F0 3.208
+(Do a no-op/dry run, can be used e)131 211.2 R -.15(ve)-.25 G 5.708(ni)
+.15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708
+(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G
+3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 223.2 Q F0 -.55('s)C F2
+<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 240 Q 1.666(ONMENT V)-.3 F
+(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 252 Q F0 .045(By def)
+133 264 R .045(ault, passphrases are prompted for and read in on the st\
+andard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 276 Q F0 1.596(is set and nonempty)4.096 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 288 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 304.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 316.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 328.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 328.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 340.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 340.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 352.8 Q F0("ne)160
+352.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 364.8 Q F0("ag)160 364.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 381.6 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+393.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666(SPECIAL THANKS)
+72 410.4 R F0 1.6 -.8(To a)108 422.4 T(ll who support further de).8 E
+-.15(ve)-.25 G(lopment, in particular:).15 E F1<83>128 434.4 Q F0
+(ThePhD)7.5 E F1<83>128 446.4 Q F0(Embark Studios)7.5 E F1<83>128 458.4
+Q F0(Jasper Bekk)7.5 E(ers)-.1 E F1<83>128 470.4 Q F0(EvModder)7.5 E F1
+(REPOR)72 487.2 Q 1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108
+499.2 Q(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 516 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 528 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 6
+%%BeginPageSetup
+BP
+%%EndPageSetup
 /F0 10/Times-Roman@0 SF 93.563(ZFS-TPM-LIST\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 91.062(anual ZFS-TPM-LIST\(8\))-2.5 F/F1
 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm-list)108 96 Q F0 2.5<8a70>2.5 G(rint dataset tzpfms metadata)
--2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
-<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10
-/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A F2
-<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
-<ad6c>1.666 E F0(])A([)186 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
+-2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)
+2.5 E F2<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E
+/F3 10/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A
+F2<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
+<ad6c>1.666 E F0(])A([)234 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
 1.666(]...)C F1(DESCRIPTION)72 153.6 Q F0(Lists the follo)108 165.6 Q
 (wing properties on encryption roots:)-.25 E/F4 10/Courier@0 SF(name)128
 177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.979 E F0
@@ -326,26 +683,28 @@ listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
 G(re una)-2.5 E -.25(va)-.2 G(ilable.).25 E F2<ad6c>109.666 446.4 Q F0
 (List only encryption roots whose k)185 446.4 Q -.15(ey)-.1 G 2.5(sa).15
 G(re a)-2.5 E -.25(va)-.2 G(ilable.).25 E F1(EXAMPLES)72 463.2 Q F4($)
-108 475.2 Q F2(zfs-tpm-list)6 E F4 72(NAME BACK-END)108 487.2 R 18
-(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
+108 475.2 Q F2(zfs-fido2-add-backup)6 E F4 72(NAME BACK-END)108 487.2 R
+18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
 (available yes)24 F 6(tarta-zoot/home TPM2)108 511.2 R 6
-(unavailable yes)36 F($)108 535.2 Q F2 1.666(zfs-tpm-list \255ad0)6 F F4
-24(NAME BACK-END)108 547.2 R 6(KEYSTATUS COHERENT)12 F 6(filling -)108
-559.2 R 6(available yes)54 F($)108 583.2 Q F2 1.666(zfs-tpm-list \255b)6
-F F1(TPM2)6 E F4 72(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F
-6(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
-F2 1.666(zfs-tpm-list \255ra)6 F F3(tarta-zoot)6 E F4 72(NAME BACK-END)
-108 643.2 R 18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 655.2 R
-18(available yes)24 F 6(tarta-zoot/home TPM2)108 667.2 R 6
-(unavailable yes)36 F 12(tarta-zoot/bkp -)108 679.2 R 18(available yes)
-54 F 18(tarta-zoot/vm -)108 691.2 R 18(available yes)54 F($)108 715.2 Q
-F2 1.666(zfs-tpm-list \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
+(unavailable yes)36 F($)108 535.2 Q F2 1.666
+(zfs-fido2-add-backup \255ad0)6 F F4 24(NAME BACK-END)108 547.2 R 6
+(KEYSTATUS COHERENT)12 F 6(filling -)108 559.2 R 6(available yes)54 F($)
+108 583.2 Q F2 1.666(zfs-fido2-add-backup \255b)6 F F1(TPM2)6 E F4 72
+(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F 6
+(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
+F2 1.666(zfs-fido2-add-backup \255ra)6 F F3(tarta-zoot)6 E F4 72
+(NAME BACK-END)108 643.2 R 18(KEYSTATUS COHERENT)12 F 36
+(tarta-zoot TPM1.X)108 655.2 R 18(available yes)24 F 6
+(tarta-zoot/home TPM2)108 667.2 R 6(unavailable yes)36 F 12
+(tarta-zoot/bkp -)108 679.2 R 18(available yes)54 F 18(tarta-zoot/vm -)
+108 691.2 R 18(available yes)54 F($)108 715.2 Q F2 1.666
+(zfs-fido2-add-backup \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
 (KEYSTATUS COHERENT)12 F 54(filling -)108 739.2 R 6(available yes)54 F
 36(tarta-zoot TPM1.X)108 751.2 R 6(available yes)24 F 12
 (tarta-zoot/bkp -)108 763.2 R 6(available yes)54 F 18(tarta-zoot/vm -)
 108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-18-g1f9fe81)72 817.889
 Q(December 4, 2022)86.363 E(1)183.842 E 0 Cg EP
-%%Page: 2 2
+%%Page: 2 7
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -362,7 +721,7 @@ F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 201.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-18-g1f9fe81)72 817.889 Q(December 4, 2022)86.363 E
 (2)183.842 E 0 Cg EP
-%%Page: 1 3
+%%Page: 1 8
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -371,192 +730,193 @@ BP
 -2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
 SF(zfs-tpm1x-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
 -2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3
-(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T
-5.267(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766
-E F0 5.266(will open its encryption root in its stead.)7.766 F F2
-(zfs-tpm-list)108 165.6 Q F0(will)2.5 E/F4 10/Times-Italic@0 SF(ne)2.5 E
-(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)
--2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
-(First, a connection is made to the TPM, which)108 182.4 Q F4(must)2.5 E
-F0(be TPM-1.X-compatible.)2.5 E(If)108 199.2 Q F3(dataset)3.176 E F0 -.1
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666
+E F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 2.867 -.8(To n)108 153.6
+T 1.267(ormalise the).8 F F3(dataset)3.767 E F0(,)A F2
+(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 194.4 Q F4(must)2.5 E
+F0(be TPM-1.X-compatible.)2.5 E(If)108 211.2 Q F3(dataset)3.177 E F0 -.1
 (wa)3.176 G 3.176(sp).1 G(re)-3.176 E .676(viously encrypted with)-.25 F
 F2(tzpfms)3.176 E F0 .676(and the)3.176 F F1(TPM1.X)3.176 E F0 .676
 (back-end w)3.176 F .676(as used, the meta-)-.1 F .926
-(data will be silently cleared.)108 211.2 R .926
+(data will be silently cleared.)108 223.2 R .926
 (Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
 (ata required for manual interv)-3.426 F(ention)-.15 E
-(will be written to the standard error stream.)108 223.2 Q(Ne)108 240 Q
-.294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
 (ey i)-.1 H 2.794(sg).15 G .294(enerated on the TPM, optionally back)
 -2.794 F .294(ed up \(see)-.1 F F1(OPTIONS)2.794 E F0 .294
-(\), and sealed)B .586(on the TPM; the user is prompted for an optional\
- passphrase to protect the k)108 252 R .885 -.15(ey w)-.1 H .585
-(ith, and for the SRK).15 F(passphrase, set when taking o)108 264 Q
+(\), and sealed)B .585(on the TPM; the user is prompted for an optional\
+ passphrase to protect the k)108 264 R .886 -.15(ey w)-.1 H .586
+(ith, and for the SRK).15 F(passphrase, set when taking o)108 276 Q
 (wnership, if not "well-kno)-.25 E(wn" \(all zeroes\).)-.25 E(The follo)
-108 280.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
-<83>128 292.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
-(TPM1.X)A<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
+108 292.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
+<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
+(TPM1.X)A<83>128 316.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
 F3(parent-key-blob)A F2(:)A F3(sealed-object-blob)A F5(tzpfms.backend)
-108 321.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
-(ork with)-.1 F F1(TPM1.X)2.792 E F0(-back-ended)A F2(tzpfms)2.792 E F0
-.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 333.6 Q F0
+108 333.6 Q F0 .292(identi\214es this dataset for w)2.792 F .291
+(ork with)-.1 F F1(TPM1.X)2.791 E F0(-back-ended)A F2(tzpfms)2.791 E F0
+.291(tools \(namely)2.791 F F5(zfs-tpm1x-change-key)108 345.6 Q F0
 (\(8\),)A F5(zfs-tpm1x-load-key)2.5 E F0(\(8\), and)A F5
-(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 350.4 Q F0
-1.412(is a colon-separated pair of he)3.913 F 1.412
-(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .867
-(\214rst one represents the RSA k)108 362.4 R 1.167 -.15(ey p)-.1 H .868
+(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 362.4 Q F0
+1.412(is a colon-separated pair of he)3.912 F 1.412
+(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .868
+(\214rst one represents the RSA k)108 374.4 R 1.168 -.15(ey p)-.1 H .867
 (rotecting the blob, and it is protected with either the passphrase, if)
-.15 F(pro)108 374.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
-(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.913 E F0 3.913(;t)C 1.413
-(he sec-)-3.913 F .379
-(ond represents the sealed object containing the wrapping k)108 386.4 R
+.15 F(pro)108 386.4 Q 1.413(vided, or the SHA1 constant)-.15 F F5
+(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.914 E F0 3.914(;t)C 1.414
+(he sec-)-3.914 F .379
+(ond represents the sealed object containing the wrapping k)108 398.4 R
 -.15(ey)-.1 G 2.879(,a)-.5 G .379
 (nd is protected with the SHA1 constant)-2.879 F F5
-(B9EE715DBE4B243FAA81EA04306E063710383E35)108 398.4 Q F0 6.721(.T)C
-1.721(here e)-6.721 F 1.721(xists no other user)-.15 F 1.72
-(-land tool for)-.2 F(decrypting this; perhaps there should be.)108
-410.4 Q(Finally)108 427.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
--.25(va)-.25 G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F
-<ad6f>17.172 E F5(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5
-(keyformat=raw)108 439.2 Q F3(dataset)6.107 E F0 .107
-(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G 5.106
-(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
-(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
+(B9EE715DBE4B243FAA81EA04306E063710383E35)108 410.4 Q F0 6.72(.T)C 1.72
+(here e)-6.72 F 1.721(xists no other user)-.15 F 1.721(-land tool for)
+-.2 F(decrypting this; perhaps there should be.)108 422.4 Q(Finally)108
+439.2 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25 G 9.506
+(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 451.2
+Q F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
 (to clean up the properties, or to issue a note for manual interv)108
-451.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 468
-S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
--.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.556 E F0
-6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
-(command succeeds, all is well, b)108 480 R .729
+463.2 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 480
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 492 R .729
 (ut otherwise the dataset can be manually rolled back to a passphrase)
--.2 F(with)108 492 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
-F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
-2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
-10.313 E F5(keyformat=passphrase)108 504 Q F3(dataset)6 E F0
+-.2 F(with)108 504 Q F2(zfs-tpm1x-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 516 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm1x-clear-key)108 520.8 Q F3(dataset)7.607 E F0 1.607
-(can be used to clear the properties and go back to using a)4.107 F
-(passphrase.)108 532.8 Q F1(OPTIONS)72 549.6 Q F2<ad62>109.666 561.6 Q
-F3(backup-file)6 E F0(Sa)203 561.6 Q .352 -.15(ve a b)-.2 H .052
+F2(zfs-tpm1x-clear-key)108 532.8 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 544.8 Q F1(OPTIONS)72 561.6 Q F2<ad62>109.666 573.6 Q
+F3(backup-file)6 E F0(Sa)203 573.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
-E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
-F .694(This back-up)203 573.6 R F4(must)3.194 E F0 .694
-(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
-(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 585.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 597.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 614.4 Q F3(PCR)6 E F0([)A F2(,)A F3
-(PCR)A F0 1.666(]...)C .638(Bind the k)203 614.4 R .939 -.15(ey t)-.1 H
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 585.6 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 597.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 609.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 626.4 Q F3(PCR)6 E F0([)A F2(,)A F3
+(PCR)A F0 1.666(]...)C .639(Bind the k)203 626.4 R .939 -.15(ey t)-.1 H
 3.139(os).15 G .639(pace- or comma-separated)-3.139 F F3(PCR)3.139 E F0
-3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .639
-(hange, the wrap-)-3.139 F .463(ping k)203 626.4 R .763 -.15(ey w)-.1 H
-.463(ill not be able to be unsealed.).15 F .462
-(The minimum number of PCRs for a)5.462 F(PC TPM is)203 638.4 Q F1(24)
+3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .638
+(hange, the wrap-)-3.139 F .462(ping k)203 638.4 R .762 -.15(ey w)-.1 H
+.462(ill not be able to be unsealed.).15 F .463
+(The minimum number of PCRs for a)5.462 F(PC TPM is)203 650.4 Q F1(24)
 2.5 E F0(\(numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0 2.5(]\). F)B
-(or most, this is also the maximum.)-.15 E F1(ENVIR)72 655.2 Q 1.666
-(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q
-F0 .045(By def)133 679.2 R .045(ault, passphrases are prompted for and \
-read in on the standard output and input streams.)-.1 F(If)5.046 E F5
-(TZPFMS_PASSPHRASE_HELPER)133 691.2 Q F0 1.596(is set and nonempty)4.096
+(or most, this is also the maximum.)-.15 E F1(ENVIR)72 667.2 Q 1.666
+(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q
+F0 .046(By def)133 691.2 R .045(ault, passphrases are prompted for and \
+read in on the standard output and input streams.)-.1 F(If)5.045 E F5
+(TZPFMS_PASSPHRASE_HELPER)133 703.2 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F5
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 703.2 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 715.2 Q
 (vide each passphrase, instead.)-.15 E .643
-(The standard output stream of the helper is tied to an anon)133 720 R
+(The standard output stream of the helper is tied to an anon)133 732 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
-133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
-(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
-(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
--.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-18-g1f9fe81)72
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(tzpfms 0.3.4-18-g1f9fe81)72
 817.889 Q(February 28, 2024)86.358 E(1)183.837 E 0 Cg EP
-%%Page: 2 4
+%%Page: 2 9
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 36.913(ZFS-TPM1X-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 34.412(anual ZFS-TPM1X-CHANGE-KEY\(8\))
--2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
-(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
-(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
--2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 124.8 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
-(127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
-(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 136.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
 -.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
-1.666(TPM1.X back-end con\214guration)72 153.6 R .625(TPM selection)87
-165.6 R F0(The)108 177.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
-.229(suite connects to a local)2.729 F F1(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F1(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 189.6 Q
-(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 206.4 R(rouSerS)
--.35 E F1(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F1(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F1(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-218.4 S(ing one of the earlier ones with, for e).1 E
+1.666(TPM1.X back-end con\214guration)72 165.6 R .625(TPM selection)87
+177.6 R F0(The)108 189.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.73 E F0 .23
+(suite connects to a local)2.73 F F1(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F1(localhost:30003)2.729 E F0 2.729(\)b)C 2.729
+(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1 F(the)2.729 E(en)108 201.6
+Q(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .11(The T)108 218.4 R(rouSerS)
+-.35 E F1(tcsd)2.61 E F0 .11(\(8\) daemon will try)B F1(/dev/tpm0)2.61 E
+F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611
+E F1(/dev/tpm)2.611 E F0 2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1
+(py)108 230.4 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F2 .625
-(See also)87 235.2 R F0(The T)108 247.2 Q
+(See also)87 247.2 R F0(The T)108 259.2 Q
 (rouSerS project page at https://sourcefor)-.35 E
 (ge.net/projects/trousers.)-.18 E 4.415
-(The TPM 1.2 main speci\214cation inde)108 264 R 6.915(xa)-.15 G 6.915
+(The TPM 1.2 main speci\214cation inde)108 276 R 6.915(xa)-.15 G 6.915
 (th)-6.915 G(ttps://trustedcomputinggroup.or)-6.915 E
-(g/resource/tpm-main-)-.18 E(speci\214cation.)108 276 Q F2 1.666
-(SPECIAL THANKS)72 292.8 R F0 1.6 -.8(To a)108 304.8 T
+(g/resource/tpm-main-)-.18 E(speci\214cation.)108 288 Q F2 1.666
+(SPECIAL THANKS)72 304.8 R F0 1.6 -.8(To a)108 316.8 T
 (ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
-.15 E F2<83>128 316.8 Q F0(ThePhD)7.5 E F2<83>128 328.8 Q F0
-(Embark Studios)7.5 E F2<83>128 340.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
-F2<83>128 352.8 Q F0(EvModder)7.5 E F2(REPOR)72 369.6 Q 1.666(TING B)-.4
-F(UGS)-.1 E F0(https://todo.sr)108 381.6 Q(.ht/\001nabijaczle)-.55 E
-(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 398.4 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
-(https://lists.sr)108 410.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
--.25 E F2 1.666(SEE ALSO)72 427.2 R F0
-(PCR allocations: https://wiki.archlinux.or)108 439.2 Q(g/title/T)-.18 E
+.15 E F2<83>128 328.8 Q F0(ThePhD)7.5 E F2<83>128 340.8 Q F0
+(Embark Studios)7.5 E F2<83>128 352.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
+F2<83>128 364.8 Q F0(EvModder)7.5 E F2(REPOR)72 381.6 Q 1.666(TING B)-.4
+F(UGS)-.1 E F0(https://todo.sr)108 393.6 Q(.ht/\001nabijaczle)-.55 E
+(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 410.4 Q
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+(https://lists.sr)108 422.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
+-.25 E F2 1.666(SEE ALSO)72 439.2 R F0
+(PCR allocations: https://wiki.archlinux.or)108 451.2 Q(g/title/T)-.18 E
 (rusted_Platform_Module#Accessing_PCR_re)-.35 E(gisters)-.15 E
-(and https://trustedcomputinggroup.or)108 451.2 Q
+(and https://trustedcomputinggroup.or)108 463.2 Q
 (g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
-r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 463.2 Q
-(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-18-g1f9fe81)72 817.889 Q
+r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 475.2 Q
+(able)-.8 E(1.)108 487.2 Q(tzpfms 0.3.4-18-g1f9fe81)72 817.889 Q
 (February 28, 2024)86.358 E(2)183.837 E 0 Cg EP
-%%Page: 1 5
+%%Page: 1 10
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 45.793(ZFS-TPM1X-CLEAR-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 43.292(anual ZFS-TPM1X-CLEAR-KEY\(8\))-2.5
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
-(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.007 G -.25(ew)-3.008 G
+(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.008 G -.25(ew)-3.008 G
 .508(rap ZFS dataset k).25 F .808 -.15(ey i)-.1 H 3.008(np).15 G(asssw)
 -3.008 E .508(ord and clear tzpfms TPM1.X meta-)-.1 F(data)108 108 Q F1
-(SYNOPSIS)72 124.8 Q F2(zfs-tpm-list)108 136.8 Q/F3 10/Courier-Oblique@0
-SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0(After v)108 165.6 Q
-(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
-(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM1.X)
-2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F -.25(va)
--.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
-/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
-(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(TPM1.X)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
 201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
 (xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
 213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm1x-change-key)2.5 E F0
 (\(8\) for a detailed description.)A F1 1.666
 (TPM1.X back-end con\214guration)72 247.2 R .625(TPM selection)87 259.2
-R F0(The)108 271.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
-2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
-2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
-F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
-(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
-(The T)108 300 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
-(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
-(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
-2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 312 S
-(ing one of the earlier ones with, for e).1 E
+R F0(The)108 271.2 Q F2(tzpfms)2.729 E F0 .229
+(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
+-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 283.2 Q
+(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .111(The T)108 300 R(rouSerS)
+-.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
+E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
+F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
+312 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 328.8 R F0(The T)108 340.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -571,11 +931,11 @@ F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
 F1<83>128 446.4 Q F0(EvModder)7.5 E F1(REPOR)72 463.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 475.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 492 Q
-F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 504 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-18-g1f9fe81)72 817.889 Q(December 4, 2022)86.363 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 6
+%%Page: 1 11
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -584,15 +944,15 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm1x-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .191
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1(wa)2.691
-G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E F0(back)
-2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69 F .49
--.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)2.5 E
-F0(.)A .236
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .19(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.69 E F0 -.1
+(wa)2.69 G 2.69(se).1 G .19(ncrypted with)-2.69 F F2(tzpfms)2.69 E F0
+(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .191(will unseal the k)2.69 F
+.491 -.15(ey a)-.1 H .191(nd load).15 F(it into)108 165.6 Q F3(dataset)
+2.5 E F0(.)A .236
 (The user is \214rst prompted for the SRK passphrase, set when taking o)
-108 182.4 R .236(wnership, if not "well-kno)-.25 F .236(wn" \(all)-.25 F
+108 182.4 R .236(wnership, if not "well-kno)-.25 F .235(wn" \(all)-.25 F
 (zeroes\); then for the additional passphrase, set when creating the k)
 108 194.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E
 (as set.)-.1 E(See)108 211.2 Q/F4 10/Courier@0 SF(zfs-tpm1x-change-key)
@@ -600,14 +960,14 @@ F0(.)A .236
 <ad6e>109.666 240 Q F0 3.208(Do a no-op/dry run, can be used e)131 240 R
 -.15(ve)-.25 G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F
 3.508 -.15(ey i)-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)
-8.207 E -.25(va)-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131
+8.208 E -.25(va)-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131
 252 Q F0 -.55('s)C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 268.8 Q
 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108
-280.8 Q F0 .045(By def)133 292.8 R .045(ault, passphrases are prompted \
-for and read in on the standard output and input streams.)-.1 F(If)5.046
-E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.596(is set and nonempty)
-4.096 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
-F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
+280.8 Q F0 .046(By def)133 292.8 R .045(ault, passphrases are prompted \
+for and read in on the standard output and input streams.)-.1 F(If)5.045
+E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.595(is set and nonempty)
+4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
+F4(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 316.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 333.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -620,23 +980,23 @@ F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
 381.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 393.6 Q F0("ag)160 393.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 410.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 410.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 422.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM1.X back-end con\214guration)72 439.2 R .625(TPM selection)87 451.2
-R F0(The)108 463.2 Q F2(tzpfms)2.729 E F0 .229
-(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 475.2 Q
-(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 492 R(rouSerS)
--.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-504 S(ing one of the earlier ones with, for e).1 E
+R F0(The)108 463.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
+2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
+2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
+F(the)2.729 E(en)108 475.2 Q(vironment v)-.4 E(ariable)-.25 E F4
+(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
+(The T)108 492 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
+(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
+(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
+2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 504 S
+(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 520.8 R F0(The T)108 532.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -651,11 +1011,11 @@ F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
 F1<83>128 638.4 Q F0(EvModder)7.5 E F1(REPOR)72 655.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 667.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 684 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 696 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-18-g1f9fe81)72 817.889 Q(December 4, 2022)86.363 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 7
+%%Page: 1 12
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -664,112 +1024,112 @@ BP
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5
 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666
-(]...)C([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)
-A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])
-A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.676 -.8(To n)108 165.6
-T(ormalise).8 E F3(dataset)2.576 E F0(,)A F2(zfs-tpm-list)2.576 E F0
-.076(will open its encryption root in its stead.)2.576 F F2
-(zfs-tpm-list)5.077 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5
-E(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G
-(ncryption roots; use)-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0
-(\(8\) for that.)A(First, a connection is made to the TPM, which)108
-194.4 Q F4(must)2.5 E F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3
-(dataset)3.055 E F0 -.1(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555
-(viously encrypted with)-.25 F F2(tzpfms)3.055 E F0 .555(and the)3.055 F
-F1(TPM2)3.055 E F0 .554(back-end w)3.054 F .554(as used, the pre)-.1 F
-(vious)-.25 E -.1(ke)108 223.2 S 3.059(yw)-.05 G .559
-(ill be freed from the TPM.)-3.059 F .56
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0
+1.666(]...)C([)234 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A
+F2(,)A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A
+F0(]])A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 4.32 -.8(To n)108
+165.6 T(ormalise).8 E F3(dataset)5.22 E F0(,)A F2(zfs-fido2-add-backup)
+5.22 E F0 2.719(will open its encryption root in its stead.)5.22 F F2
+(zfs-fido2-add-backup)108 177.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 189.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 206.4 Q F4(must)2.5 E
+F0(be TPM-2.0-compatible.)2.5 E(If)108 223.2 Q F3(dataset)3.055 E F0 -.1
+(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555(viously encrypted with)-.25 F
+F2(tzpfms)3.055 E F0 .555(and the)3.055 F F1(TPM2)3.055 E F0 .554
+(back-end w)3.054 F .554(as used, the pre)-.1 F(vious)-.25 E -.1(ke)108
+235.2 S 3.059(yw)-.05 G .559(ill be freed from the TPM.)-3.059 F .56
 (Otherwise, or in case of an error)5.56 F 3.06(,d)-.4 G .56
 (ata required for manual interv)-3.06 F(en-)-.15 E
-(tion will be written to the standard error stream.)108 235.2 Q(Ne)108
-252 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
+(tion will be written to the standard error stream.)108 247.2 Q(Ne)108
+264 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
 -.15(ey i)-.1 H 2.794(sg).15 G .294
 (enerated on the TPM, optionally back)-2.794 F .294(ed up \(see)-.1 F F1
 (OPTIONS)2.794 E F0 .294(\), and sealed)B .588
-(to a persistent object on the TPM under the o)108 264 R .589
+(to a persistent object on the TPM under the o)108 276 R .589
 (wner hierarch)-.25 F .589(y; if there is a passphrase set on the o)-.05
-F(wner)-.25 E(hierarch)108 276 Q 1.603 -.65(y, t)-.05 H .302
+F(wner)-.25 E(hierarch)108 288 Q 1.603 -.65(y, t)-.05 H .302
 (he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .302
 (ys prompted for an optional passphrase to protect).1 F
-(the sealed object with.)108 288 Q(The follo)108 304.8 Q
+(the sealed object with.)108 300 Q(The follo)108 316.8 Q
 (wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
-316.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
-128 328.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
-(persistent-object-ID)A F0([)139 340.8 Q F2(;)A F3(algorithm)A F2(:)A F3
+328.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
+128 340.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
+(persistent-object-ID)A F0([)139 352.8 Q F2(;)A F3(algorithm)A F2(:)A F3
 (PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3
 (algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
-1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.263
+1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 369.6 Q F0 1.263
 (identi\214es this dataset for w)3.763 F 1.264(ork with)-.1 F F1(TPM2)
 3.764 E F0(-back-ended)A F2(tzpfms)3.764 E F0 1.264(tools \(namely)3.764
-F F5(zfs-tpm2-change-key)108 369.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
+F F5(zfs-tpm2-change-key)108 381.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
 2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0(\(8\)\).)A F5
-(tzpfms.key)108 386.4 Q F0 1.509(is an inte)4.009 F 1.509
+(tzpfms.key)108 398.4 Q F0 1.509(is an inte)4.009 F 1.509
 (ger representing the sealed object, optionally follo)-.15 F 1.509
 (wed by a semicolon and)-.25 F .822(PCR list as speci\214ed with)108
-398.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
+410.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
 (tpm-tools)3.322 E F0 .823(-toolchain-compatible; if needed, it can)B
-.866(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
+.866(be passed to)108 422.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
 (${tzpfms.key)6.866 E F2(%%)A F5(;)A/F6 10/Symbol SF(*)A F5(})A F0(with)
 3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.365("o)
-C(r)-3.365 E F2<ad70>109.666 422.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
+C(r)-3.365 E F2<ad70>109.666 434.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
 F2(#)A F6(*)A F5(;})A F0 .727(", as the case may be, or equi)B -.25(va)
 -.25 G .728(lent, for back-up \(see).25 F F1(OPTIONS)3.228 E F0(\).)A
-.448(If you ha)108 434.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
+.448(If you ha)108 446.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
 .748 -.15(ey y)-.1 H .448(ou can access with that or equi).15 F -.25(va)
 -.25 G .447(lent tool and set both of these properties, it).25 F
-(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.005
+(will funxion seamlessly)108 458.4 Q(.)-.65 E(Finally)108 475.2 Q 12.005
 (,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25 G 9.505(lent of).25 F F2
 9.505(zfs change-key)12.005 F<ad6f>17.172 E F5(keylocation=prompt)15.506
-E F2<ad6f>17.172 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.107 E F0
+E F2<ad6f>17.172 E F5(keyformat=raw)108 487.2 Q F3(dataset)6.107 E F0
 .107(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G
 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
 (rror occurred, best ef)-2.606 F .106(fort is made)-.25 F .289(to clean\
  up the persistent object and properties, or to issue a note for manual\
- interv)108 487.2 R .29(ention into the stan-)-.15 F(dard error stream.)
-108 499.2 Q 2.625<418c>108 516 S .125(nal v)-2.625 F .125
+ interv)108 499.2 R .29(ention into the stan-)-.15 F(dard error stream.)
+108 511.2 Q 2.625<418c>108 528 S .125(nal v)-2.625 F .125
 (eri\214cation should be made by running)-.15 F F2 1.79
 (zfs-tpm2-load-key \255n)2.624 F F3(dataset)6.124 E F0 5.124(.I)C 2.624
 (ft)-5.124 G .124(hat com-)-2.624 F .506(mand succeeds, all is well, b)
-108 528 R .506(ut otherwise the dataset can be manually rolled back to \
-a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 540 Q F3(dataset)
+108 540 R .506(ut otherwise the dataset can be manually rolled back to \
+a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 552 Q F3(dataset)
 11.539 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
 -8.039 F 5.539(ails to w)-.1 F(ork,)-.1 E F2 5.539(zfs change-key)8.039
-F<ad6f>13.204 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
+F<ad6f>13.204 E F5(keyformat=passphrase)108 564 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm2-clear-key)108 568.8 Q F3(dataset)6.029 E F0 .029
+F2(zfs-tpm2-clear-key)108 580.8 Q F3(dataset)6.029 E F0 .029
 (can be used to free the TPM persistent object and go back to us-)2.529
-F(ing a passphrase.)108 580.8 Q F1(OPTIONS)72 597.6 Q F2<ad62>109.666
-609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .353 -.15(ve a b)-.2 H .052
+F(ing a passphrase.)108 592.8 Q F1(OPTIONS)72 609.6 Q F2<ad62>109.666
+621.6 Q F3(backup-file)6 E F0(Sa)203 621.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
 E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
-F .693(This back-up)203 621.6 R F4(must)3.193 E F0 .694
+F .693(This back-up)203 633.6 R F4(must)3.193 E F0 .694
 (be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
 (-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 633.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 645.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 662.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
+(nt,).15 E(the k)203 645.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 657.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 674.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
 A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3(algorithm)
 A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C 1.666(]...)
--1.666 G 1.425(Bind the k)203 674.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
+-1.666 G 1.425(Bind the k)203 686.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
 G 1.425(pace- or comma-separated)-3.925 F F3(PCR)3.924 E F0 3.924(sw)C
-1.424(ithin their corresponding)-3.924 F(hashing)203 686.4 Q F3
+1.424(ithin their corresponding)-3.924 F(hashing)203 698.4 Q F3
 (algorithm)2.523 E F0 2.523<8a69>2.523 G 2.523(ft)-2.523 G(he)-2.523 E
 2.523(yc)-.15 G .023(hange, the wrapping k)-2.523 F .323 -.15(ey w)-.1 H
-.024(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
+.024(ill not be able to be).15 F 2.5(unsealed. There)203 710.4 R(are)2.5
 E F1(24)2.5 E F0(PCRs, numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0(].)
-A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
+A F3(algorithm)203 727.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
 5.468(fc)-5.468 G(ase-insensiti)-5.468 E 3.268 -.15(ve ")-.25 H F1(sha1)
 .15 E F0 2.968(", ")B F1(sha256)A F0 2.968(", ")B F1(sha384)A F0(",)A(")
-203 727.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
+203 739.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
 (sm3-256)A F0 4.983(", ")B F1(sha3_256)A F0 4.983(", ")B F1(sha3-256)A
-F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 739.2 Q F1(sha3-384)A F0
+F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 751.2 Q F1(sha3-384)A F0
 (", ")A F1(sha3_512)A F0(", or ")A F1(sha3-512)A F0
 (", and must be supported by the TPM.)A(tzpfms 0.3.4-18-g1f9fe81)72
 817.889 Q(February 28, 2024)86.358 E(1)183.837 E 0 Cg EP
-%%Page: 2 8
+%%Page: 2 13
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -847,7 +1207,7 @@ E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 669.6 Q
 (able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-18-g1f9fe81)72 817.889 Q
 (February 28, 2024)86.358 E(2)183.837 E 0 Cg EP
-%%Page: 1 9
+%%Page: 1 14
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -857,8 +1217,8 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-clear-key)108 96 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G
 (rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
 (ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q F2
-(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
-(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
+(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5
+E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
 (dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2
 (tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 5
 (1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)-.25 G 5.641
@@ -928,7 +1288,7 @@ F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 710.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-18-g1f9fe81)72 817.889 Q(December 4, 2022)86.363 E
 (1)183.842 E 0 Cg EP
-%%Page: 1 10
+%%Page: 1 15
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -937,23 +1297,23 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .864
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1(wa)3.364
-G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E F0(back)
-3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865(nseals the k)-3.365
-F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F(into)108 165.6 Q F3
-(dataset)2.5 E F0(.)A(The user is prompted for the additional passphras\
-e, set when creating the k)108 182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5
-(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4 10/Courier@0 SF
-(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
-(OPTIONS)72 216 Q F2<ad6e>109.666 228 Q F0 3.208
-(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25 G 5.708(ni).15
-G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708(sa)
-.15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G 3.207
-(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)C F2<ad6e>
-4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)-.3 F
-(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .864(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1
+(wa)3.364 G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E
+F0(back)3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865
+(nseals the k)-3.365 F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F
+(into)108 165.6 Q F3(dataset)2.5 E F0(.)A(The user is prompted for the \
+additional passphrase, set when creating the k)108 182.4 Q -.15(ey)-.1 G
+2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4
+10/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(OPTIONS)72 216 Q F2<ad6e>109.666
+228 Q F0 3.208(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25
+G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)
+-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)
+-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)
+C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
 (By def)133 280.8 R .045(ault, passphrases are prompted for and read in\
  on the standard output and input streams.)-.1 F(If)5.046 E F4
 (TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.596(is set and nonempty)4.096
diff --git a/zfs-fido2-add-backup.8 b/zfs-fido2-add-backup.8
new file mode 100644
index 0000000..08a80cb
--- /dev/null
+++ b/zfs-fido2-add-backup.8
@@ -0,0 +1,125 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-ADD-BACKUP 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-add-backup
+.Nd allow another FIDO2 device to unlock ZFS dataset
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After
+.Xr zfs-fido2-change-key 8
+derives the key for a dataset from a FIDO2 device,
+.Nm
+may be executed to extend this to any number of additional devices.
+.Pp
+First, the wrapping key is extracted as normally during
+.Xr zfs-fido2-load-key 8 ,
+then a credential is made as-if during
+.Xr zfs-fido2-change-key 8
+(except the "primary" device and all the ones holding backups are excluded from the search);
+however, the
+.Ql hmac-secret
+is instead used as a symmetric AES-256-GCM
+.Pq Xr EVP_CIPHER-AES 7ssl
+key to encrypt the wrapping key directly with a random IV.
+.Pp
+This turns the
+.Li xyz.nabijaczleweli:tzpfms.key
+variable into
+.br
+.Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns Ar backup-salt Ns Cm :\:\& Ns Ar backup-credential-ID Ns Cm :\:\& Ns Ar backup-credential-public-key Ns Cm :\:\& Ns Ar IV Ns Cm :\:\& Ns Ar encrypted-key Oc Ns …
+.Pp
+.Li tzpfms.key
+is actually a dot-separated list of device bundles.
+The first one is as-described in
+.Xr zfs-fido2-change-key 8 .
+Subsequent ones also include (identically-encoded) IVs and encrypted blobs.
+.Pp
+.Xr zfs-fido2-load-key 8
+shops assertions around devices in a device-major order \(em
+depending on device numbering, a backup may be loaded even if the primary device is present.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-add-backup.8.html b/zfs-fido2-add-backup.8.html
new file mode 100644
index 0000000..e6d3444
--- /dev/null
+++ b/zfs-fido2-add-backup.8.html
@@ -0,0 +1,153 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-ADD-BACKUP(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-add-backup</code> &#x2014;
+    <span class="Nd">allow another FIDO2 device to unlock ZFS dataset</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-add-backup</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    derives the key for a dataset from a FIDO2 device,
+    <code class="Nm">zfs-fido2-add-backup</code> may be executed to extend this
+    to any number of additional devices.</p>
+<p class="Pp">First, the wrapping key is extracted as normally during
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    then a credential is made as-if during
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    (except the &quot;primary&quot; device and all the ones holding backups are
+    excluded from the search); however, the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; is instead used as a
+    symmetric AES-256-GCM
+    (<a class="Xr" href="https://manpages.debian.org/bookworm/EVP_CIPHER-AES.7ssl">EVP_CIPHER-AES(7ssl)</a>)
+    key to encrypt the wrapping key directly with a random IV.</p>
+<p class="Pp">This turns the
+    <code class="Li">xyz.nabijaczleweli:tzpfms.key</code> variable into
+  <br/>
+  <var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code><var class="Ar">backup-salt</var><code class="Cm">:</code><var class="Ar">backup-credential-ID</var><code class="Cm">:</code><var class="Ar">backup-credential-public-key</var><code class="Cm">:</code><var class="Ar">IV</var><code class="Cm">:</code><var class="Ar">encrypted-key</var>]&#x2026;</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is actually a dot-separated
+    list of device bundles. The first one is as-described in
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>.
+    Subsequent ones also include (identically-encoded) IVs and encrypted
+  blobs.</p>
+<p class="Pp"><a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>
+    shops assertions around devices in a device-major order &#x2014; depending
+    on device numbering, a backup may be loaded even if the primary device is
+    present.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-change-key.8 b/zfs-fido2-change-key.8
new file mode 100644
index 0000000..6bd3f57
--- /dev/null
+++ b/zfs-fido2-change-key.8
@@ -0,0 +1,186 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CHANGE-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-change-key
+.Nd change ZFS dataset key to one authenticated by a FIDO2 device
+.Sh SYNOPSIS
+.Nm
+.Op Fl b Ar backup-file
+.Ar dataset
+.
+.Sh DESCRIPTION
+To normalise the
+.Ar dataset ,
+.Nm
+will open its encryption root in its stead.
+.Nm
+will
+.Em never
+create or destroy encryption roots; use
+.Xr zfs-change-key 8
+for that.
+.Pp
+First, a connection is made to the FIDO2 device, which
+.Em must
+support the
+.Ql hmac-secret
+extension.
+.Pp
+If
+.Ar dataset
+was previously encrypted with
+.Nm fzifdso
+and the
+.Sy FIDO2
+back-end was used, the metadata will be silently cleared.
+Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
+.Pp
+Next, a new credential of type ES256 is generated on the device (with relying party ID
+.Li fzifdso
+and name equal to the dataset name)
+with the
+.Ql hmac-secret
+extension requested; the device PIN, if any, is prompted for here.
+This mimicks a WebAuthn registration step.
+.Pp
+Then, the credential is asserted with a 32-byte random salt,
+which hashes it with device-private data, and thus generates the wrapping key
+.Pq which is optionally backed up Pq see Sx OPTIONS .
+This mimicks a WebAuthn login step.
+.Pp
+The following properties are set on
+.Ar dataset :
+.Bl -bullet -compact -offset 4n -width "@"
+.It
+.Li xyz.nabijaczleweli:tzpfms.backend Ns = Ns Sy FIDO2
+.It
+.Li xyz.nabijaczleweli:tzpfms.key Ns = Ns Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns … Oc Ns …
+.El
+.Pp
+.Li tzpfms.backend
+identifies this dataset for work with
+.Sy FIDO2 Ns -back-ended
+.Nm tzpfms
+tools
+.Pq i.e. Nm fzifdso Xr zfs-fido2-change-key 8 , Xr zfs-fido2-load-key 8 , Xr zfs-fido2-add-backup 8 , and Xr zfs-fido2-clear-key 8 .
+.Pp
+.Li tzpfms.key
+is a colon-separated tuple of unpadded URL-safe base64 blobs;
+the first one is the random salt;
+the second represents the ID of created credential,
+and the third \(en its public key.
+There exists no other user-land tool for deciphering this; perhaps there should be.
+.\"" TODO: make an LD_PRELOADable for extracting the key maybe?
+.Pp
+Finally, the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=raw Ar dataset
+is performed with the new key.
+If an error occurred, best effort is made to clean up the properties,
+or to issue a note for manual intervention into the standard error stream.
+.Pp
+A final verification should be made by running
+.Nm zfs-fido2-load-key Fl n Ar dataset .
+If that command succeeds, all is well,
+but otherwise the dataset can be manually rolled back to a passphrase with
+.Nm zfs-fido2-clear-key Ar dataset
+.Pq or, if that fails to work, Nm zfs Cm change-key Fl o Li keyformat=passphrase Ar dataset ,
+and you are hereby asked to report a bug, please.
+.Pp
+.Nm zfs-fido2-clear-key Ar dataset
+can be used to clear the properties and go back to using a passphrase.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl b Ar backup-file"
+.It Fl b Ar backup-file
+Save a back-up of the key to
+.Ar backup-file ,
+which must not exist beforehand.
+This back-up
+.Em must
+be stored securely, off-site.
+In case of a catastrophic event, the key can be loaded by running
+.Dl Nm zfs Cm load-key Ar dataset Li < Ar backup-file
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-change-key.8.html b/zfs-fido2-change-key.8.html
new file mode 100644
index 0000000..68ea232
--- /dev/null
+++ b/zfs-fido2-change-key.8.html
@@ -0,0 +1,206 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CHANGE-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-change-key</code> &#x2014;
+    <span class="Nd">change ZFS dataset key to one authenticated by a FIDO2
+    device</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-change-key</code></td>
+    <td>[<code class="Fl">-b</code> <var class="Ar">backup-file</var>]
+      <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">To normalise the <var class="Ar">dataset</var>,
+    <code class="Nm">zfs-fido2-change-key</code> will open its encryption root
+    in its stead. <code class="Nm">zfs-fido2-change-key</code> will
+    <a class="permalink" href="#never"><i class="Em" id="never">never</i></a>
+    create or destroy encryption roots; use
+    <a class="Xr" href="https://manpages.debian.org/bookworm/zfs-change-key.8">zfs-change-key(8)</a>
+    for that.</p>
+<p class="Pp">First, a connection is made to the FIDO2 device, which
+    <i class="Em">must</i> support the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension.</p>
+<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
+    <code class="Nm">fzifdso</code> and the <b class="Sy">FIDO2</b> back-end was
+    used, the metadata will be silently cleared. Otherwise, or in case of an
+    error, data required for manual intervention will be written to the standard
+    error stream.</p>
+<p class="Pp">Next, a new credential of type ES256 is generated on the device
+    (with relying party ID <code class="Li">fzifdso</code> and name equal to the
+    dataset name) with the &#x2018;<code class="Li">hmac-secret</code>&#x2019;
+    extension requested; the device PIN, if any, is prompted for here. This
+    mimicks a WebAuthn registration step.</p>
+<p class="Pp">Then, the credential is asserted with a 32-byte random salt, which
+    hashes it with device-private data, and thus generates the wrapping key
+    (which is optionally backed up (see
+    <a class="Sx" href="#OPTIONS">OPTIONS</a>)). This mimicks a WebAuthn login
+    step.</p>
+<p class="Pp">The following properties are set on
+  <var class="Ar">dataset</var>:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li id="xyz.nabijaczleweli:tzpfms.backend"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.backend"><code class="Li">xyz.nabijaczleweli:tzpfms.backend</code></a>=<b class="Sy">FIDO2</b></li>
+  <li id="xyz.nabijaczleweli:tzpfms.key"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.key"><code class="Li">xyz.nabijaczleweli:tzpfms.key</code></a>=<var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code>&#x2026;]&#x2026;</li>
+</ul>
+<p class="Pp"><code class="Li">tzpfms.backend</code> identifies this dataset for
+    work with <b class="Sy">FIDO2</b>-back-ended <code class="Nm">tzpfms</code>
+    tools (i.e. <code class="Nm">fzifdso</code>
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-add-backup.8.html">zfs-fido2-add-backup(8)</a>,
+    and
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>).</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is a colon-separated tuple of
+    unpadded URL-safe base64 blobs; the first one is the random salt; the second
+    represents the ID of created credential, and the third &#x2013; its public
+    key. There exists no other user-land tool for deciphering this; perhaps
+    there should be.</p>
+<p class="Pp">Finally, the equivalent of <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=raw</code> <var class="Ar">dataset</var> is
+    performed with the new key. If an error occurred, best effort is made to
+    clean up the properties, or to issue a note for manual intervention into the
+    standard error stream.</p>
+<p class="Pp">A final verification should be made by running
+    <code class="Nm">zfs-fido2-load-key</code> <code class="Fl">-n</code>
+    <var class="Ar">dataset</var>. If that command succeeds, all is well, but
+    otherwise the dataset can be manually rolled back to a passphrase with
+    <code class="Nm">zfs-fido2-clear-key</code> <var class="Ar">dataset</var>
+    (or, if that fails to work, <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=passphrase</code> <var class="Ar">dataset</var>),
+    and you are hereby asked to report a bug, please.</p>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code>
+    <var class="Ar">dataset</var> can be used to clear the properties and go
+    back to using a passphrase.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="b"><a class="permalink" href="#b"><code class="Fl">-b</code></a>
+    <var class="Ar">backup-file</var></dt>
+  <dd>Save a back-up of the key to <var class="Ar">backup-file</var>, which must
+      not exist beforehand. This back-up <i class="Em">must</i> be stored
+      securely, off-site. In case of a catastrophic event, the key can be loaded
+      by running
+    <div class="Bd Bd-indent"><code class="Li"><code class="Nm">zfs</code>
+      <code class="Cm">load-key</code> <var class="Ar">dataset</var>
+      <code class="Li">&lt;</code>
+      <var class="Ar">backup-file</var></code></div>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-clear-key.8 b/zfs-fido2-clear-key.8
new file mode 100644
index 0000000..dd2a76c
--- /dev/null
+++ b/zfs-fido2-clear-key.8
@@ -0,0 +1,113 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CLEAR-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-clear-key
+.Nd rewrap ZFS dataset key in passsword and clear tzpfms FIDO2 metadata
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 :
+.Bl -enum -compact -offset 2n -width 2n
+.It
+performs the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=passphrase Ar dataset ,
+.It
+removes the
+.Li xyz.nabijaczleweli:tzpfms.\& Ns Brq Li backend , key
+properties from
+.Ar dataset .
+.El
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-clear-key.8.html b/zfs-fido2-clear-key.8.html
new file mode 100644
index 0000000..46e553e
--- /dev/null
+++ b/zfs-fido2-clear-key.8.html
@@ -0,0 +1,143 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CLEAR-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code> &#x2014;
+    <span class="Nd">rewrap ZFS dataset key in passsword and clear tzpfms FIDO2
+    metadata</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-clear-key</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>:</p>
+<ol class="Bl-enum Bd-indent Bl-compact">
+  <li>performs the equivalent of <code class="Nm">zfs</code>
+      <code class="Cm">change-key</code> <code class="Fl">-o</code>
+      <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+      <code class="Li">keyformat=passphrase</code>
+      <var class="Ar">dataset</var>,</li>
+  <li>removes the
+      <code class="Li">xyz.nabijaczleweli:tzpfms.</code>{<code class="Li">backend</code>,
+      <code class="Li">key</code>} properties from
+      <var class="Ar">dataset</var>.</li>
+</ol>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-load-key.8 b/zfs-fido2-load-key.8
new file mode 100644
index 0000000..247ca04
--- /dev/null
+++ b/zfs-fido2-load-key.8
@@ -0,0 +1,98 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-LOAD-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-load-key
+.Nd load FIDO2-encrypted ZFS dataset key
+.Sh SYNOPSIS
+.Nm
+.Op Fl n
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 ,
+asserts the preserved challenge, HMACking the salt with the on-device secret, and loads the resulting key into
+.Ar dataset .
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl n"
+.It Fl n
+Do a no-op/dry run, can be used even if the key is already loaded.
+Equivalent to
+.Nm zfs Cm load-key Ns 's
+.Fl n
+option.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-load-key.8.html b/zfs-fido2-load-key.8.html
new file mode 100644
index 0000000..ffc6446
--- /dev/null
+++ b/zfs-fido2-load-key.8.html
@@ -0,0 +1,117 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-LOAD-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-load-key</code> &#x2014;
+    <span class="Nd">load FIDO2-encrypted ZFS dataset key</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-load-key</code></td>
+    <td>[<code class="Fl">-n</code>] <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>,
+    asserts the preserved challenge, HMACking the salt with the on-device
+    secret, and loads the resulting key into <var class="Ar">dataset</var>.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+  <dd>Do a no-op/dry run, can be used even if the key is already loaded.
+      Equivalent to <code class="Nm">zfs</code>
+      <code class="Cm">load-key</code>'s <code class="Fl">-n</code> option.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>