From 504c7bf68b17b9234de03a4e4e3de33872bcc861 Mon Sep 17 00:00:00 2001
From: Liza Poggemeyer <elizapo@microsoft.com>
Date: Tue, 2 Oct 2018 21:56:39 +0000
Subject: [PATCH 1/7] Merged PR 11779: Fixed what's new merge issue - live
 publish

---
 .../auditing/audit-ipsec-driver.md            |  4 ++--
 .../auditing/audit-ipsec-extended-mode.md     | 16 +++++++--------
 .../auditing/audit-ipsec-main-mode.md         | 20 +++++++++----------
 .../auditing/audit-ipsec-quick-mode.md        |  8 ++++----
 .../whats-new-windows-10-version-1809.md      |  3 ---
 5 files changed, 24 insertions(+), 27 deletions(-)

diff --git a/windows/security/threat-protection/auditing/audit-ipsec-driver.md b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
index 4b1c430188..1fb88b5fd4 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-driver.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Driver
@@ -56,7 +56,7 @@ This subcategory is outside the scope of this document.
 
 ## 5478(S): IPsec Services has started successfully.
 
-## 5479(): IPsec Services has been shut down successfully. The shutdown of IPsec Services can put the computer at greater risk of network attack or expose the computer to potential security risks.
+## 5479(S): IPsec Services has been shut down successfully. The shutdown of IPsec Services can put the computer at greater risk of network attack or expose the computer to potential security risks.
 
 ## 5480(F): IPsec Services failed to get the complete list of network interfaces on the computer. This poses a potential security risk because some of the network interfaces may not get the protection provided by the applied IPsec filters. Use the IP Security Monitor snap-in to diagnose the problem.
 
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
index 9edf8ad528..e9388ef13f 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Extended Mode
@@ -28,17 +28,17 @@ Audit IPsec Extended Mode subcategory is out of scope of this document, because
 | Member Server     | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Extended Mode troubleshooting, or for tracing or monitoring IPsec Extended Mode operations. |
 | Workstation       | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Extended Mode troubleshooting, or for tracing or monitoring IPsec Extended Mode operations. |
 
-## 4978: During Extended Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
+## 4978(S): During Extended Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
 
-## 4979: IPsec Main Mode and Extended Mode security associations were established.
+## 4979(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4980: IPsec Main Mode and Extended Mode security associations were established.
+## 4980(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4981: IPsec Main Mode and Extended Mode security associations were established.
+## 4981(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4982: IPsec Main Mode and Extended Mode security associations were established.
+## 4982(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4983: An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
+## 4983(S): An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
 
-## 4984: An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
+## 4984(S): An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
 
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
index d0764daf4b..1a34ba32f3 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Main Mode
@@ -28,21 +28,21 @@ Audit IPsec Main Mode subcategory is out of scope of this document, because this
 | Member Server     | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Main Mode troubleshooting, or for tracing or monitoring IPsec Main Mode operations. |
 | Workstation       | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Main Mode troubleshooting, or for tracing or monitoring IPsec Main Mode operations. |
 
-## 4646: Security ID: %1
+## 4646(S): Security ID: %1
 
-## 4650: An IPsec Main Mode security association was established. Extended Mode was not enabled. Certificate authentication was not used.
+## 4650(S): An IPsec Main Mode security association was established. Extended Mode was not enabled. Certificate authentication was not used.
 
-## 4651: An IPsec Main Mode security association was established. Extended Mode was not enabled. A certificate was used for authentication.
+## 4651(S): An IPsec Main Mode security association was established. Extended Mode was not enabled. A certificate was used for authentication.
 
-## 4652: An IPsec Main Mode negotiation failed.
+## 4652(F): An IPsec Main Mode negotiation failed.
 
-## 4653: An IPsec Main Mode negotiation failed.
+## 4653(F): An IPsec Main Mode negotiation failed.
 
-## 4655: An IPsec Main Mode security association ended.
+## 4655(S): An IPsec Main Mode security association ended.
 
-## 4976: During Main Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
+## 4976(S): During Main Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
 
-## 5049: An IPsec Security Association was deleted.
+## 5049(S): An IPsec Security Association was deleted.
 
-## 5453: An IPsec negotiation with a remote computer failed because the IKE and AuthIP IPsec Keying Modules (IKEEXT) service is not started.
+## 5453(S): An IPsec negotiation with a remote computer failed because the IKE and AuthIP IPsec Keying Modules (IKEEXT) service is not started.
 
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
index 7adfcddd8c..40aabcd719 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Quick Mode
@@ -28,9 +28,9 @@ Audit IPsec Quick Mode subcategory is out of scope of this document, because thi
 | Member Server     | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Quick Mode troubleshooting, or for tracing or monitoring IPsec Quick Mode operations. |
 | Workstation       | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Quick Mode troubleshooting, or for tracing or monitoring IPsec Quick Mode operations. |
 
-## 4977: During Quick Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
+## 4977(S): During Quick Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
 
-## 5451: An IPsec Quick Mode security association was established.
+## 5451(S): An IPsec Quick Mode security association was established.
 
-## 5452: An IPsec Quick Mode security association ended.
+## 5452(S): An IPsec Quick Mode security association ended.
 
diff --git a/windows/whats-new/whats-new-windows-10-version-1809.md b/windows/whats-new/whats-new-windows-10-version-1809.md
index 50352d8816..62ee95e835 100644
--- a/windows/whats-new/whats-new-windows-10-version-1809.md
+++ b/windows/whats-new/whats-new-windows-10-version-1809.md
@@ -189,8 +189,6 @@ Windows Defender Credential Guard has always been an optional feature, but Windo
 
 A network connection is now required to set up a new device. As a result, we removed the “skip for now” option in the network setup page in Out Of Box Experience (OOBE). 
 
-<<<<<<< HEAD
-=======
 ### Windows Defender ATP
 
 [Windows Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) has been enhanced with many new capabilities. For more information, see the following topics:
@@ -220,7 +218,6 @@ Windows Defender ATP now adds support for Windows Server 2019. You'll be able to
 - [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/onboard-downlevel-windows-defender-advanced-threat-protection)<br>
 Onboard supported versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor
 
->>>>>>> 951a08abdd8a55231838c35a12890ed68af95f88
 ## Faster sign-in to a Windows 10 shared pc
 
 Do you have shared devices deployed in your work place? **Fast sign-in** enables users to sign in to a shared Windows 10 PC in a flash!

From df0712bd005c86bcbf4bf8f61295c6762bdea1f6 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Thu, 4 Oct 2018 19:58:05 +0000
Subject: [PATCH 2/7] Merged PR 11881: push all the fixes to live

---
 windows/deployment/TOC.md                     |    7 +
 .../update/windows-analytics-azure-portal.md  |    2 +-
 windows/security/threat-protection/TOC.md     |   10 +-
 .../threat-protection/fips-140-validation.md  | 7085 +++++++++++++++++
 .../mbsa-removal-and-guidance.md              |   39 +
 ...ows-defender-advanced-threat-protection.md |    2 +-
 .../windows-platform-common-criteria.md       |  165 +
 7 files changed, 7304 insertions(+), 6 deletions(-)
 create mode 100644 windows/security/threat-protection/fips-140-validation.md
 create mode 100644 windows/security/threat-protection/mbsa-removal-and-guidance.md
 create mode 100644 windows/security/threat-protection/windows-platform-common-criteria.md

diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md
index 6577188cbc..c136d082ac 100644
--- a/windows/deployment/TOC.md
+++ b/windows/deployment/TOC.md
@@ -218,6 +218,13 @@
 ### [Prepare servicing strategy for Windows 10 updates](update/waas-servicing-strategy-windows-10-updates.md)
 ### [Build deployment rings for Windows 10 updates](update/waas-deployment-rings-windows-10-updates.md)
 ### [Assign devices to servicing channels for Windows 10 updates](update/waas-servicing-channels-windows-10-updates.md)
+### [Get started with Windows Update](update/windows-update-overview.md)
+#### [How Windows Update works](update/how-windows-update-works.md)
+#### [Windows Update log files](update/windows-update-logs.md)
+#### [How to troubleshoot Windows Update](update/windows-update-troubleshooting.md)
+#### [Common Windows Update errors](update/windows-update-errors.md)
+#### [Windows Update error code reference](update/windows-update-error-reference.md)
+#### [Other Windows Update resources](update/windows-update-resources.md)
 ### [Optimize Windows 10 update delivery](update/waas-optimize-windows-10-updates.md)
 #### [Configure Delivery Optimization for Windows 10 updates](update/waas-delivery-optimization.md)
 #### [Configure BranchCache for Windows 10 updates](update/waas-branchcache.md)
diff --git a/windows/deployment/update/windows-analytics-azure-portal.md b/windows/deployment/update/windows-analytics-azure-portal.md
index 0d7862c02a..e06fcfd35f 100644
--- a/windows/deployment/update/windows-analytics-azure-portal.md
+++ b/windows/deployment/update/windows-analytics-azure-portal.md
@@ -33,7 +33,7 @@ To check the Log Analytics workspaces you can access, select **Log Analytics**.
 
 [![Log Analytics workspace page showing accessible workspaces and linked Azure subscriptions](images/azure-portal-LAmain-wkspc-subname-sterile.png)](images/azure-portal-LAmain-wkspc-subname-sterile.png)
 
-If you do not see your workspace in this view, but you are able to access the workspace from the classic portal, that means you do not have access to the workspaces's Azure subscription or resource group. To remedy this, you will need to find someone with admin rights to grant you access, which they can do by selecting the subscription name and selecting **Access control (IAM)** (alternatively they can configure your access at the resource group level). They should either grant you "Log Analytics Reader" access (for read-only access) or "Log Analytics Contributor" access (which enables making changes such as creating deployment plans and changing application readiness states).
+If you do not see your workspace in this view, but you are able to access the workspace from the classic portal, that means you do not have access to the workspace's Azure subscription or resource group. To remedy this, you will need to find someone with admin rights to grant you access, which they can do by selecting the subscription name and selecting **Access control (IAM)** (alternatively they can configure your access at the resource group level). They should either grant you "Log Analytics Reader" access (for read-only access) or "Log Analytics Contributor" access (which enables making changes such as creating deployment plans and changing application readiness states).
 
 When permissions are configured, you can select the workspace and then select **Workspace summary** to see information similar to what was shown in the OMS overview page.
 
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 6bc125f9d5..5399e86a43 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -394,6 +394,12 @@
 #### [Software developer FAQ](intelligence/developer-faq.md)
 #### [Software developer resources](intelligence/developer-resources.md)
 
+## Certifications
+
+### [FIPS 140 Validation](fips-140-validation.md)
+### [Windows Platform Common Criteria Certification](windows-platform-common-criteria.md)
+
+
 ## More Windows 10 security
 
 ### [The Windows Security app](windows-defender-security-center/windows-defender-security-center.md)
@@ -961,14 +967,10 @@
 ###### [Take ownership of files or other objects](security-policy-settings/take-ownership-of-files-or-other-objects.md)
 
 
-
-
 ### [Windows security baselines](windows-security-baselines.md)
 #### [Security Compliance Toolkit](security-compliance-toolkit-10.md)
 #### [Get support](get-support-for-security-baselines.md)
 
-
-
 ### [Windows 10 Mobile security guide](windows-10-mobile-security-guide.md)
 
 ## [Change history for Threat protection](change-history-for-threat-protection.md)
diff --git a/windows/security/threat-protection/fips-140-validation.md b/windows/security/threat-protection/fips-140-validation.md
new file mode 100644
index 0000000000..cdd262ce1c
--- /dev/null
+++ b/windows/security/threat-protection/fips-140-validation.md
@@ -0,0 +1,7085 @@
+---
+title: FIPS 140 Validation
+description: This topic provides information on how Microsoft products and cryptographic modules comply with the U.S. Federal government standard FIPS 140.
+ms.prod: w10
+ms.localizationpriority: medium
+ms.author: daniha
+author: danihalfin
+ms.date: 04/03/2018
+---
+
+
+# FIPS 140 Validation
+
+On this page
+
+  - [Introduction](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0eo)
+  - [FIPS 140 Overview](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0ebd)
+  - [Microsoft Product Validation (Information for Procurement Officers and Auditors)](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0ezd)
+  - [Information for System Integrators](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0eve)
+  - [Information for Software Developers](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0eibac)
+  - [FIPS 140 FAQ](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0eqcac)
+  - [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0ewfac)
+  - [Cryptographic Algorithms](https://technet.microsoft.com/en-us/library/cc750357.aspx#id0erobg)
+
+Updated: March 2018
+
+ 
+
+## Introduction
+
+This document provides information on how Microsoft products and cryptographic modules comply with the U.S. Federal government standard, *Federal Information Processing Standard (FIPS) 140 – Security Requirements for Cryptographic Modules* \[FIPS 140\].
+
+### Audience
+
+This document is primarily focused on providing information for three parties:
+
+[Procurement Officer](https://technet.microsoft.com/en-us/library/cc750357.aspx#_microsoft_product_validation) – Responsible for verifying that Microsoft products (or even third-party applications) are either FIPS 140 validated or utilize a Microsoft FIPS 140 validated cryptographic module.
+
+[System Integrator](https://technet.microsoft.com/en-us/library/cc750357.aspx#_information_for_system) – Responsible for ensuring that Microsoft Products are configured properly to use only FIPS 140 validated cryptographic modules.
+
+[Software Developer](https://technet.microsoft.com/en-us/library/cc750357.aspx#_information_for_software) – Responsible for building software products that utilize Microsoft FIPS 140 validated cryptographic modules.
+
+### Document Map
+
+This document is broken into seven major sections:
+
+[FIPS 140 Overview](https://technet.microsoft.com/en-us/library/cc750357.aspx#_fips_140_overview) – Provides an overview of the FIPS 140 standard as well as provides some historical information about the standard.
+
+[Microsoft Product Validation (Information for Procurement Officers and Auditors)](https://technet.microsoft.com/en-us/library/cc750357.aspx#_microsoft_product_validation) – Provides information on how Microsoft products are FIPS 140 validated.
+
+[Information for System Integrators](https://technet.microsoft.com/en-us/library/cc750357.aspx#_information_for_system) – Describes how to configure and verify that Microsoft Products are being used in a manner consistent with the product’s FIPS 140 Security Policy.
+
+[Information for Software Developers](https://technet.microsoft.com/en-us/library/cc750357.aspx#_information_for_software) – Identifies how developers can leverage the Microsoft FIPS 140 validated cryptographic modules.
+
+[FAQ](https://technet.microsoft.com/en-us/library/cc750357.aspx#_fips_140_faq) – Frequently Asked Questions.
+
+[Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#_microsoft_fips_140) – Explains Microsoft cryptographic architecture and identifies specific modules that are FIPS 140 validated.
+
+[Cryptographic Algorithms](https://technet.microsoft.com/en-us/library/cc750357.aspx#_cryptographic_algorithms) – Lists the cryptographic algorithm, modes, states, key sizes, Windows versions, and corresponding cryptographic algorithm validation certificates.
+
+## FIPS 140 Overview
+
+### FIPS 140 Standard
+
+FIPS 140 is a US government and Canadian government standard that defines a minimum set of the security requirements for products that implement cryptography. This standard is designed for cryptographic modules that are used to secure sensitive but unclassified information. Testing against the FIPS 140 standard is maintained by the Cryptographic Module Validation Program (CMVP), a joint effort between the US National Institute of Standards and Technology (NIST) and the Communications Security Establishment of Canada (CSEC).
+
+The current standard defines four-levels of increasing security, 1 through 4. Most software products (including all Microsoft products) are tested against the Level 1 security requirements.
+
+### Applicability of the FIPS standard
+
+Within the US Federal government, the FIPS 140 standard applies to any security system (whether hardware, firmware, software, or a combination thereof) to be used by agencies for protecting sensitive but unclassified information. Some agencies have expanded its use by requiring that the modules to be procured for secret systems also meet the FIPS 140 requirements.
+
+The FIPS 140 standard has also been used by different standards bodies, specification groups, nations, and private institutions as a requirement or guideline for those products (e.g. – Digital Cinema Systems Specification).
+
+### History of 140-1
+
+FIPS 140-1 is the original working version of the standard made official on January 11, 1994. The standard remained in effect until FIPS 140-2 became mandatory for new products on May 25, 2002.
+
+### FIPS 140-2
+
+FIPS 140-2 is currently the active version of the standard.
+
+### Microsoft FIPS Support Policy
+
+Microsoft actively maintains FIPS 140 validation for its cryptographic modules.
+
+### FIPS Mode of Operation
+
+The common term “FIPS mode” is used in this document and Security Policy documents. When a cryptographic module contains both FIPS-approved and non-FIPS approved security methods, it must have a "FIPS mode of operation" to ensure only FIPS-approved security methods may be used. When a module is in "FIPS mode", a non-FIPS approved method cannot be used instead of a FIPS-approved method.
+
+## Microsoft Product Validation (Information for Procurement Officers and Auditors)
+
+This section provides information for Procurement Officers and Auditors who are responsible for ensuring that Microsoft products with FIPS 140 validated cryptographic modules are used in their organization. The goal of this section is to provide an overview of the Microsoft developed products and modules and explain how the validated cryptographic modules are used.
+
+### Microsoft Product Relationship with CNG and CAPI libraries
+
+Rather than validate individual components and products, Microsoft chooses to validate only the underlying cryptographic modules. Subsequently, many Windows components and Microsoft products are built to rely on the Cryptographic API: Next Generation (CNG) and legacy Cryptographic API (CAPI) FIPS 140 validated cryptographic modules. Windows components and Microsoft products use the documented application programming interfaces (APIs) for each of the modules to access various cryptographic services.
+
+The following list contains some of the Windows components and Microsoft products that rely on FIPS 140 validated cryptographic modules:
+
+  - Schannel Security Package
+  - Remote Desktop Protocol (RDP) Client
+  - Encrypting File System (EFS)
+  - Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
+  - BitLocker® Drive Full-volume Encryption
+  - IPsec Settings of Windows Firewall
+
+## Information for System Integrators
+
+This section provides information for System Integrators and Auditors who are responsible for deploying Microsoft products in a manner consistent with the product’s FIPS 140 Security Policy.
+
+There are two steps to ensure that Microsoft products operate in FIPS mode:
+
+1.  Selecting/Installing FIPS 140 validated cryptographic modules
+2.  Setting FIPS local/group security policy flag.
+
+### Step 1 – Selecting/Installing FIPS 140 Validated Cryptographic Modules
+
+Systems Integrators must ensure that all cryptographic modules installed are, in fact, FIPS 140 validated. This can be accomplished by cross-checking the version number of the installed module with the list of validated binaries. The list of validated CAPI binaries is identified in the [CAPI Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#_capi_validated_cryptographic) section below and the list of validated CNG binaries is identified in the [CNG Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#_cng_validated_cryptographic) section below. There are similar sections for all other validated cryptographic modules.
+
+The version number of the installed binary is found by right-clicking the module file and clicking on the Version or Details tab. Cryptographic modules are stored in the "windows\\system32" or "windows\\system32\\drivers" directory.
+
+### Step 2 – Setting FIPS Local/Group Security Policy Flag
+
+The Windows operating system provides a group (or local) security policy setting, “System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing”, which is used by many Microsoft products to determine whether to operate in a FIPS-approved mode. When this policy is set, the validated cryptographic modules in Windows will also operate in a FIPS-approved mode.
+
+**Note** – There is no enforcement of the FIPS policy by the operating system or the validated cryptographic modules. Instead, each individual application must check this flag and enforce the Security Policy of the validated cryptographic modules.
+
+#### Instructions on Setting the FIPS Local/Group Security Policy Flag
+
+While there are alternative methods for setting the FIPS local/group security policy flag, the following method is included as a guide to users with Administrative privileges. This description is for the Local Security Policy, but the Group Security Policy may be set in a similar manner.
+
+1.  Open the 'Run' menu by pressing the combination 'Windows Key + R'.
+2.  Type 'secpol.msc' and press 'Enter' or click the 'Ok' button.
+3.  In the Local Security Policy management console window that opens, use the left tab to navigate to the Local Policies -\&gt; Security Options.
+4.  Scroll down the right pane and double-click 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing'.
+5.  In the properties window, select the 'Enabled' option and click the 'Apply' button.
+
+#### Microsoft Components and Products That Utilize FIPS Local/Group Security Policy
+
+The following list details some of the Microsoft components that use the cryptographic functionality implemented by either CNG or legacy CAPI. When the FIPS Local/Group Security Policy is set, the following components will enforce the validated module Security Policy.
+
+  - Schannel Security Package
+  - Remote Desktop Protocol (RDP) Client
+  - Encrypting File System (EFS)
+  - Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
+  - BitLocker® Drive Full-volume Encryption
+  - IPsec Settings of Windows Firewall
+
+#### Effects of Setting FIPS Local/Group Security Policy Flag
+
+When setting the FIPS local/group security policy flag, the behavior of several Microsoft components and products are affected. The most noticeable difference will be that the components enforcing this setting will only use those algorithms approved or allowed in FIPS mode. The specific changes to the products listed above are:
+
+  - Schannel Security Package forced to negotiate sessions using TLS. The following supported Cipher Suites are disabled:
+
+  -  - TLS\_RSA\_WITH\_RC4\_128\_SHA
+      - TLS\_RSA\_WITH\_RC4\_128\_MD5
+      - SSL\_CK\_RC4\_128\_WITH\_MD5
+      - SSL\_CK\_DES\_192\_EDE3\_CBC\_WITH\_MD5
+      - TLS\_RSA\_WITH\_NULL\_MD5
+      - TLS\_RSA\_WITH\_NULL\_SHA
+
+  - The set of cryptographic algorithms that a Remote Desktop Protocol (RDP) server will use is scoped to:
+
+  -  - CALG\_RSA\_KEYX - RSA public key exchange algorithm
+      - CALG\_3DES - Triple DES encryption algorithm
+      - CALG\_AES\_128 - 128 bit AES
+      - CALG\_AES\_256 - 256 bit AES
+      - CALG\_SHA1 - SHA hashing algorithm
+      - CALG\_SHA\_256 - 256 bit SHA hashing algorithm
+      - CALG\_SHA\_384 - 384 bit SHA hashing algorithm
+      - CALG\_SHA\_512 - 512 bit SHA hashing algorithm
+
+  - Any Microsoft .NET Framework applications, such as Microsoft ASP.NET or Windows Communication Foundation (WCF), only allow algorithm implementations that are validated to FIPS 140, meaning only classes that end in "CryptoServiceProvider" or "Cng" can be used. Any attempt to create an instance of other cryptographic algorithm classes or create instances that use non-allowed algorithms will cause an InvalidOperationException exception.
+
+  - Verification of ClickOnce applications fails unless the client computer has .NET Framework 2.0 SP1 or later service pack installed or .NET Framework 3.5 or later installed.
+
+  - On Windows Vista and Windows Server 2008 and later, BitLocker Drive Encryption switches from AES-128 using the elephant diffuser to using the approved AES-256 encryption. Recovery passwords are not created or backed up. Instead, backup a recovery key on a local drive or on a network share. To use the recovery key, put the key on a USB device and plug the device into the computer.
+
+Please be aware that selection of FIPS mode can limit product functionality (See <http://support.microsoft.com/kb/811833>).
+
+## Information for Software Developers
+
+This section is targeted at developers who wish to build their own applications using the FIPS 140 validated cryptographic modules.
+
+Each of the validated cryptographic modules defines a series of rules that must be followed. The security rules for each validated cryptographic module are specified in the Security Policy document. Links to each of the Security Policy documents is provided in the [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#_microsoft_fips_140) section below. Generally, the restriction in Microsoft validated cryptographic modules is limiting the use of cryptography to only FIPS Approved cryptographic algorithms, modes, and key sizes.
+
+### Using Microsoft Cryptographic Modules in a FIPS mode of operation
+
+No matter whether developing with native languages or using .NET, it is important to first check whether the CNG modules for the target system are FIPS validated. The list of validated CNG binaries is identified in the [CNG Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#_cng_validated_cryptographic) section.
+
+When developing using CNG directly, it is the responsibility of the developer to follow the security rules outlined in the FIPS 140 Security Policy for each module. The security policy for each module is provided on the CMVP website. Links to each of the Security Policy documents is provided in the tables below. It is important to remember that setting the FIPS local/group security policy Flag (discussed above) does not affect the behavior of the modules when used for developing custom applications.
+
+If you are developing your application using .NET instead of using the native libraries, then setting the FIPS local policy flag will generate an exception when an improper .NET class is used for cryptography (i.e. the cryptographic classes whose names end in "Managed"). The names of these allowed classes end with "Cng", which use the CNG binaries or "CryptoServiceProvider", which use the legacy CAPI binaries.
+
+### Key Strengths and Validity Periods
+
+NIST Special Publication 800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, dated November 2015, \[[SP 800-131A](http://dx.doi.org/10.6028/nist.sp.800-131ar1)\], offers guidance for moving to stronger cryptographic keys and algorithms. This does not replace NIST SP 800-57, Recommendation for Key Management Part 1: General, \[[SP 800-57](http://csrc.nist.gov/publications/pubssps.html#800-57-part1)\], but gives more specific guidance. One of the most important topics discussed in these publications deals with the key strengths of FIPS Approved algorithms and their validity periods. When developing applications that use FIPS Approved algorithms, it is also extremely important to select appropriate key sizes based on the security lifetimes recommended by NIST.
+
+## FIPS 140 FAQ
+
+The following are answers to commonly asked questions for the FIPS 140-2 validation of Microsoft products.
+
+1.  How does FIPS 140 relate to the Common Criteria?  
+    **Answer:** These are two separate security standards with different, but complementary, purposes. FIPS 140 is a standard designed specifically for validating product modules that implement cryptography. On the other hand, Common Criteria is designed to help evaluate security functions in IT products.  
+    In many cases, Common Criteria evaluations will rely on FIPS 140 validations to provide assurance that cryptographic functionality is implemented properly.
+2.  How does FIPS 140 relate to Suite B?  
+    **Answer:** Suite B is simply a set of cryptographic algorithms defined by the U.S. National Security Agency (NSA) as part of its Cryptographic Modernization Program. The set of Suite B cryptographic algorithms are to be used for both unclassified information and most classified information.  
+    The Suite B cryptographic algorithms are a subset of the FIPS Approved cryptographic algorithms as allowed by the FIPS 140 standard.
+3.  There are so many modules listed on the NIST website for each release, how are they related and how do I tell which one applies to me?  
+    **Answer:** Microsoft strives to validate all releases of its cryptographic modules. Each module provides a different set of cryptographic algorithms. If you are required to use only FIPS validated cryptographic modules, you simply need to verify that the version being used appears on the validation list.  
+    Please see the [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#_microsoft_fips_140)section for a complete list of Microsoft validated modules.
+4.  My application links against crypt32.dll, cryptsp.dll, advapi32.dll, bcrypt.dll, bcryptprimitives.dll, or ncrypt.dll. What do I need to do to assure I’m using FIPS 140 validated cryptographic modules?  
+    **Answer:** crypt32.dll, cryptsp.dll, advapi32.dll, and ncrypt.dll are intermediary libraries that will offload all cryptographic operations to the FIPS validated cryptographic modules. Bcrypt.dll itself is a validated cryptographic module for Windows Vista and Windows Server 2008. For Windows 7 and Windows Server 2008 R2 and later, bcryptprimitives.dll is the validated module, but bcrypt.dll remains as one of the libraries to link against.  
+    You must first verify that the underlying CNG cryptographic module is validated. Once verified, you'll need to confirm that you're using the module correctly in FIPS mode (See [Information for Software Developers](https://technet.microsoft.com/en-us/library/cc750357.aspx#_information_for_software) section for details).
+5.  What does "When operated in FIPS mode" mean on certificates?  
+    **Answer:** This caveat identifies that a required configuration and security rules must be followed in order to use the cryptographic module in a manner consistent with its FIPS 140 Security Policy. The security rules are defined in the Security Policy for the module and usually revolve around using only FIPS Approved cryptographic algorithms and key sizes. Please see the Security Policy for the specific security rules for each cryptographic module (See [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/en-us/library/cc750357.aspx#_microsoft_fips_140) section for links to each policy).
+6.  Which FIPS validated module is called when Windows 7 or Windows 8 is configured to use the FIPS setting in the wireless configuration?  
+    **Answer:** CNG is used. This setting tells the wireless driver to call FIPS 140-2 validated cryptographic modules instead of using the driver’s own cryptography, if any.
+7.  Is BitLocker to Go FIPS 140-2 validated?  
+    **Answer:** There are two separate parts for BitLocker to Go. One part is simply a native feature of BitLocker and as such, it uses FIPS 140-2 validated cryptographic modules. The other part is the BitLocker to Go Reader application for down-level support of older operating systems such as Windows XP and Windows Vista. The Reader application does not use FIPS 140-2 validated cryptographic modules.
+8.  Are applications FIPS 140-2 validated?  
+    **Answer:** Microsoft only has low-level cryptographic modules in Windows FIPS 140-2 validated, not high-level applications. A better question is whether a certain application calls a FIPS 140-2 validated cryptographic module in the underlying Windows OS. That question needs to be directed to the company/product group that created the application of interest.
+9.  How can Systems Center Operations Manager 2012 be configured to use FIPS 140-2 validated cryptographic modules?  
+    **Answer:** See [http://technet.microsoft.com/en-us/library/hh914094.aspx](https://technet.microsoft.com/en-us/library/hh914094.aspx)
+
+## Microsoft FIPS 140 Validated Cryptographic Modules
+
+### Modules By Operating System
+
+The following tables identify the Cryptographic Modules for an operating system.
+
+#### Windows
+
+##### Windows 10 Creators Update (Version 1703)
+
+Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3095.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3095">#3095</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a>); CKG (vendor affirmed); CVL (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278">#1278</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281">#1281</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">#1555</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223">#1223</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133">#1133</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061">#3061</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127">#127</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#140">#140</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626">#4626</a>; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2521">#2521</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522">#2522</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2459">#2459</a>)<br />
+<br />
+<em>Other algorithms:</em> HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1133">#1133</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#2521">#2521</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281">#1281</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278">#1278</a>)</p></td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094">#3094</a></td>
+<td><p><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094">#3094</a></p>
+<p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626">#4626</a>); CKG (vendor affirmed); CVL (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278">#1278</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281">#1281</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">#1555</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223">#1223</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133">#1133</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061">#3061</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127">#127</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#140">#140</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626">#4626</a>; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2521">#2521</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2459">#2459</a>)<br />
+<br />
+<em>Other algorithms:</em> HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094"><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert.</a><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1133">#1133</a><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094">); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert.</a><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#2521">#2521</a><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094">); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert.</a><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281">#1281</a><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094">)</a></p></td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089">#3089</a></td>
+<td><p><em>FIPS Approved algorithms</em>: AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625">#4625</a>); CKG (vendor affirmed); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061">#3061</a>); PBKDF (vendor affirmed); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>)</p>
+<p><em>Other algorithms</em>: PBKDF (vendor affirmed); VMK KDF (vendor affirmed)</p></td>
+</tr>
+<tr class="odd">
+<td>Windows OS Loader</td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3090.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090">#3090</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625">#4625</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>)</p>
+<p><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090"><em>Other algorithms:</em> NDRNG</a></p></td>
+</tr>
+<tr class="even">
+<td>Windows Resume<sup>[1]</sup></td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091">#3091</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625">#4625</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>)</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter<sup>[2]</sup></td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092">#3092</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625">#4625</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522">#2522</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>)</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3093.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3093">#3093</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522">#2522</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1282">#1282</a>)</p></td>
+</tr>
+<tr class="odd">
+<td>Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup></td>
+<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf">10.0.15063</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096">#3096</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522">#2522</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a>)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1282">#1282</a>)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise, Education and S
+
+<sup>\[2\]</sup> Applies only to Pro, Enterprise, Education, S, Mobile and Surface Hub
+
+<sup>\[3\]</sup> Applies only to Pro, Enterprise Education and S
+
+##### Windows 10 Anniversary Update (Version 1607)
+
+Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2937.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937">#2937</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">#92</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a>)<br />
+<br />
+<em>Other algorithms:</em> HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#922">#922</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888">#888</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#887">#887</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#886">#886</a>)</p></td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2936.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">#92</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a>)<br />
+<br />
+<em>Other algorithms:</em> HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#922">#922</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888">#888</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#887">#887</a>)</p></td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2931.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931">#2931</a></td>
+<td><p><em>FIPS Approved algorithms</em>: AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); PBKDF (vendor affirmed); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)</p>
+<p><em>Other algorithms</em>: MD5; PBKDF (non-compliant); VMK KDF</p></td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (winload)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2932.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932">#2932</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> NDRNG; MD5</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (winresume)<sup>[1]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2933.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2933">#2933</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (dumpfve.sys)<sup>[2]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2934.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934">#2934</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>)</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2935.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935">#2935</a></td>
+<td><p><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (non-compliant); MD5</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888">#888</a>)</p></td>
+</tr>
+<tr class="odd">
+<td>Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2938.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938">#2938</a></td>
+<td><p><em>FIPS Approved algorithms:</em> RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888">#888</a>)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise and Enterprise LTSB
+
+<sup>\[2\]</sup> Applies only to Pro, Enterprise, Enterprise LTSB and Mobile
+
+<sup>\[3\]</sup> Applies only to Pro, Enterprise and Enterprise LTSB
+
+##### Windows 10 November 2015 Update (Version 1511)
+
+Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf">10.0.10586</a></td>
+<td>#<a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606">2606</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">#3629</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">#955</a>); DSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024">#1024</a>); ECDSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760">#760</a>); HMAC (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">#2381</a>); KAS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72">#72</a>; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); KBKDF (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72">#72</a>); KTS (AES Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887">#1887</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888">#1888</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1889">#1889</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">#3047</a>); Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024">#2024</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#666">#666</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665">#665</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#663">#663</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#664">#664</a>)</p></td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf">10.0.10586</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605">#2605</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">#3629</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">#955</a>); DSA (Certs.  <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024">#1024</a>); ECDSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760">#760</a>); HMAC (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">#2381</a>); KAS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72">#72</a>; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); KBKDF (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72">#72</a>); KTS (AES Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887">#1887</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888">#1888</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1889">#1889</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">#3047</a>); Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024">#2024</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#666">#666</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665">#665</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#663">#663</a>)</p></td>
+</tr>
+<tr class="even">
+<td>Boot Manager<sup>[4]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2700.pdf">10.0.10586</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2700">#2700</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">#2381</a>); PBKDF (vendor affirmed); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871">#1871</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">#3047</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">#3048</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; KDF (non-compliant); PBKDF (non-compliant)</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (winload)<sup>[5]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2701.pdf">10.0.10586</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2701">#2701</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">#3629</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871">#1871</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">#3048</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; NDRNG</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (winresume)<sup>[6]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2702.pdf">10.0.10586</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2702">#2702</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871">#1871</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">#3048</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (dumpfve.sys)<sup>[7]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2703.pdf">10.0.10586</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2703">#2703</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a>)</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2604.pdf">10.0.10586</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604">#2604</a></td>
+<td><p><em>FIPS Approved algorithms:</em> RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871">#1871</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">#3048</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (non-compliant); MD5</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665">#665</a>)</p></td>
+</tr>
+<tr class="odd">
+<td>Secure Kernel Code Integrity (skci.dll)<sup>[8]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2607.pdf">10.0.10586</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607">#2607</a></td>
+<td><p><em>FIPS Approved algorithms:</em> RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871">#1871</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">#3048</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665">#665</a>)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+<sup>\[4\]</sup> Applies only to Home, Pro, Enterprise, Mobile and Surface Hub
+
+<sup>\[5\]</sup> Applies only to Home, Pro, Enterprise, Mobile and Surface Hub
+
+<sup>\[6\]</sup> Applies only to Home, Pro and Enterprise
+
+<sup>\[7\]</sup> Applies only to Pro, Enterprise, Mobile and Surface Hub
+
+<sup>\[8\]</sup> Applies only to Enterprise and Enterprise LTSB
+
+##### Windows 10 (Version 1507)
+
+Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface Hub
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf">10.0.10240</a></td>
+<td>#<a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606">2606</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">#868</a>); DSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983">#983</a>); ECDSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706">#706</a>); HMAC (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">#2233</a>); KAS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64">#64</a>; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); KBKDF (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66">#66</a>); KTS (AES Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3507">#3507</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783">#1783</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798">#1798</a>, and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802">#1802</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">#2886</a>); Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969">#1969</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572">#572</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#576">#576</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#575">#575</a>)</p></td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf">10.0.10240</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605">#2605</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">#868</a>); DSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983">#983</a>); ECDSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706">#706</a>); HMAC (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">#2233</a>); KAS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64">#64</a>; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); KBKDF (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66">#66</a>); KTS (AES Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3507">#3507</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783">#1783</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798">#1798</a>, and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802">#1802</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">#2886</a>); Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969">#1969</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572">#572</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#576">#576</a>)</p></td>
+</tr>
+<tr class="even">
+<td>Boot Manager<sup>[9]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2600.pdf">10.0.10240</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2600">#2600</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">#2233</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498">#3498</a>); PBKDF (vendor affirmed); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784">#1784</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">#2871</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">#2886</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; KDF (non-compliant); PBKDF (non-compliant)</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (winload)<sup>[10]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2601.pdf">10.0.10240</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2601">#2601</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498">#3498</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784">#1784</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">#2871</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; NDRNG</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (winresume)<sup>[11]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2602.pdf">10.0.10240</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2602">#2602</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498">#3498</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784">#1784</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">#2871</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (dumpfve.sys)<sup>[12]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2603.pdf">10.0.10240</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2603">#2603</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498">#3498</a>)</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2604.pdf">10.0.10240</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604">#2604</a></td>
+<td><p><em>FIPS Approved algorithms:</em> RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784">#1784</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">#2871</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (non-compliant); MD5</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572">#572</a>)</p></td>
+</tr>
+<tr class="odd">
+<td>Secure Kernel Code Integrity (skci.dll)<sup>[13]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2607.pdf">10.0.10240</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607">#2607</a></td>
+<td><p><em>FIPS Approved algorithms:</em> RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784">#1784</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">#2871</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572">#572</a>)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+<sup>\[9\]</sup> Applies only to Home, Pro, Enterprise and Enterprise LTSB
+
+<sup>\[10\]</sup> Applies only to Home, Pro, Enterprise and Enterprise LTSB
+
+<sup>\[11\]</sup> Applies only to Home, Pro, Enterprise and Enterprise LTSB
+
+<sup>\[12\]</sup> Applies only to Pro, Enterprise and Enterprise LTSB
+
+<sup>\[13\]</sup> Applies only to Enterprise and Enterprise LTSB
+
+##### Windows 8.1
+
+Validated Editions: RT, Pro, Enterprise, Phone, Embedded
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2357.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357">#2357</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855">#855</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47">#47</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">#2373</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)#2832, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#288">#288</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289">#289</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#323">#323</a>)</p></td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2356.pdf">6.3.9600 6.3.9600.17042</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356">#2356</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47">#47</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)</p>
+<p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#288">#288</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289">#289</a>)</p></td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2351.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351">#2351</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); PBKDF (vendor affirmed); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; KDF (non-compliant); PBKDF (non-compliant)</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (winload)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2352.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352">#2352</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; NDRNG</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (winresume)<sup>[14]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2353.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353">#2353</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (dumpfve.sys)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2354.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354">#2354</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>)<br />
+<br />
+<em>Other algorithms:</em> N/A</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2355.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355">#2355</a>#2355</td>
+<td><p><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</p>
+<p><em>Validated Component Implementations:</em> PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289">#289</a>)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+<sup>\[14\]</sup> Applies only to Pro, Enterprise, and Embedded 8.
+
+##### Windows 8
+
+Validated Editions: RT, Home, Pro, Enterprise, Phone
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1892.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892">#1892</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687">#687</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">#1345</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a>); KBKDF (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258); DSA (Cert. ); ECDSA (Cert. ); HMAC (Cert. ); KAS (Cert. ); KBKDF (Cert. ); PBKDF (vendor affirmed); RSA (Certs.  and ); SHS (Cert. ); Triple-DES (Cert. )<br />
+<br />
+</td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1891.pdf">6.2.9200</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891">#1891</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#259">#259</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">#1345</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a>); KBKDF (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a>); PBKDF (vendor affirmed); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110">#1110</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258 and ); ECDSA (Cert. ); HMAC (Cert. ); KAS (Cert. ); KBKDF (Cert. ); PBKDF (vendor affirmed); RNG (Cert. ); RSA (Certs.  and ); SHS (Cert. ); Triple-DES (Cert. )<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. , key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)</td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1895.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895">#1895</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>); HMAC (Cert. #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1347">1347</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (WINLOAD)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1896.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896">#1896</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a>; non-compliant); MD5; Non-Approved RNG</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (WINRESUME)<sup>[15]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1898.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898">#1898</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (DUMPFVE.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1899.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899">#1899</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>)<br />
+<br />
+<em>Other algorithms:</em> N/A</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (CI.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1897.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897">#1897</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1893.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893">#1893</a></td>
+<td><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#686">#686</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, vendor affirmed)<br />
+<br />
+<em>Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#1902); Triple-DES (Cert. ); Triple-DES MAC (Triple-DES Cert. , vendor affirmed)<br />
+<br />
+<em>Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. , key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider (RSAENH.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1894.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894">#1894</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a>); HMAC (Cert. #1346); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+</tbody>
+</table>
+
+
+<sup>\[15\]</sup> Applies only to Home and Pro
+
+**Windows 7**
+
+Validated Editions: Windows 7, Windows 7 SP1
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1329.pdf">6.1.7600.16385</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1329.pdf">6.1.7601.17514</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1329">1329</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1178">#1178</a>); AES GCM (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); AES GMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#24">#24</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#386">#386</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#141">#141</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#677">#677</a>); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 to 256 bits of encryption strength); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649">#649</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#560">#560</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4#559 and ); SHS (Cert. ); Triple-DES (Cert. )<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. , key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4</td>
+</tr>
+<tr class="odd">
+<td>Kernel Mode Cryptographic Primitives Library (cng.sys)</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7600.16385</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7600.16915</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7600.21092</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7601.17514</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7601.17725</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7601.17919</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7601.21861</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf">6.1.7601.22076</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1328">1328</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1178">#1178</a>); AES GCM (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); AES GMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#24">#24</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#141">#141</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#677">#677</a>); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 to 256 bits of encryption strength); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649">#649</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#560">#560</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4</td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1319.pdf">6.1.7600.16385</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1319.pdf">6.1.7601.17514</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1319">1319</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675">#675</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557">#557</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5#1168 and ); HMAC (Cert. ); RSA (Cert. ); SHS (Cert. )<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>Winload OS Loader (winload.exe)</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7600.16385</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7600.16757</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7600.20897</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7600.20916</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7601.17514</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7601.17556</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7601.21655</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf">6.1.7601.21675</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1326">1326</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557">#557</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="even">
+<td>BitLocker™ Drive Encryption</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7600.16385</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7600.16429</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7600.16757</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7600.20536</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7600.20873</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7600.20897</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7600.20916</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7601.17514</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7601.17556</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7601.21634</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7601.21655</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf">6.1.7601.21675</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1332">1332</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675">#675</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> Elephant Diffuser</td>
+</tr>
+<tr class="odd">
+<td>Code Integrity (CI.DLL)</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf">6.1.7600.16385</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf">6.1.7600.17122</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf">6.1.7600.21320</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf">6.1.7601.17514</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf">6.1.7601.17950</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf">6.1.7601.22108</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1327">1327</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557">#557</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="even">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1331.pdf">6.1.7600.16385</a><br />
+(no change in SP1)</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1331">1331</a></td>
+<td><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#385">#385</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649">#649</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>, vendor affirmed)<br />
+<br />
+<em>Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4</td>
+</tr>
+<tr class="odd">
+<td>Enhanced Cryptographic Provider (RSAENH.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1330.pdf">6.1.7600.16385</a><br />
+(no change in SP1)</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1330">1330</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#673">#673</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557">#557</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 256-bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Vista SP1
+
+Validated Editions: Ultimate Edition
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Boot Manager (bootmgr)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp978.pdf">6.0.6001.18000 and 6.0.6002.18005</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/978">978</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760">#760</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#415">#415</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354">#354</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>)</td>
+</tr>
+<tr class="odd">
+<td>Winload OS Loader (winload.exe)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp979.pdf">6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/979">979</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760">#760</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354">#354</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp980.pdf">6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/980">980</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354">#354</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>Kernel Mode Security Support Provider Interface (ksecdd.sys)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1000.pdf">6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869</a>6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1000">1000</a></td>
+<td><p>FIPS Approved algorithms: AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#756">#756</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#82">#82</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#412">#412</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435">#435</a> and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#357">#357</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>)#739 and ); ECDSA (Cert. ); HMAC (Cert. ); RNG (Cert.  and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs.  and ); SHS (Cert. ); Triple-DES (Cert. )</p>
+<p><em>Other algorithms:</em> AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</p></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcrypt.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1002.pdf">6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872</a>6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1001">1001</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#756">#756</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#283">#283</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#82">#82</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#412">#412</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435">#435</a> and SP 800-90, vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#357">#357</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>)</p>
+<p><em>Other algorithms:</em> AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)</p></td>
+</tr>
+<tr class="odd">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1002.pdf">6.0.6001.22202 and 6.0.6002.18005</a>6.0.6001.22202 and 6.0.6002.18005</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1002">1002</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#407">#407</a>); RNG (SP 800-90, vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354">#354</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>)</p>
+<p><em>Other algorithms:</em> DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</p></td>
+</tr>
+<tr class="even">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1003.pdf">6.0.6001.18000 and 6.0.6002.18005</a>6.0.6001.18000 and 6.0.6002.18005</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1003">1003</a></td>
+<td><p><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#281">#281</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435">#435</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>, vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Vista
+
+Validated Editions: Ultimate Edition
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp893.pdf">6.0.6000.16386</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893">893</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#553">#553</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#297">#297</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321">#321</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#255">#255</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#258">#258</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">#618</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549">#549</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+<tr class="odd">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp894.pdf">6.0.6000.16386</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894">894</a></td>
+<td><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#226">#226</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321">#321</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">#618</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549">#549</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549">#549</a>, vendor affirmed)<br />
+<br />
+<em>Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4</td>
+</tr>
+<tr class="even">
+<td>BitLocker™ Drive Encryption</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp947.pdf">6.0.6000.16386</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947">947</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#715">#715</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#386">#386</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">#737</a>)<br />
+<br />
+<em>Other algorithms:</em> Elephant Diffuser</td>
+</tr>
+<tr class="odd">
+<td>Kernel Mode Security Support Provider Interface (ksecdd.sys)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp891.pdf">6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891">891</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<br />
+<br />
+<em>Other algorithms:</em> DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5</td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows XP SP3
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp997.pdf">5.1.2600.5512</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/997">997</a></td>
+<td><p><em>FIPS Approved algorithms:</em> HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#429">#429</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#449">#449</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785">#785</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#677">#677</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#677">#677</a>, vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES; MD5; HMAC MD5</p></td>
+</tr>
+<tr class="odd">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp990.pdf">5.1.2600.5507</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/990">990</a></td>
+<td><p><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#292">#292</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#448">#448</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784">#784</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#676">#676</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#676">#676</a>, vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits); MD5; RC2; RC4</p></td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp989.pdf">5.1.2600.5507</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/989">989</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#781">#781</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#428">#428</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#447">#447</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#371">#371</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">#783</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#675">#675</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#675">#675</a>, vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows XP SP2
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>DSS/Diffie-Hellman Enhanced Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp240.pdf">5.1.2600.2133</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/240">240</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a>); DSA/SHA-1 (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29">#29</a>)</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66">#66</a>); RC2; RC4; MD5; DES40; Diffie-Hellman (key agreement)</p></td>
+</tr>
+<tr class="odd">
+<td>Microsoft Enhanced Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp238.pdf">5.1.2600.2161</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238">238</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#81">#81</a>); AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#33">#33</a>); SHA-1 (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83">#83</a>); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83">#83</a>, vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156">#156</a>); RC2; RC4; MD5</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows XP SP1
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Microsoft Enhanced Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp238.pdf">5.1.2600.1029</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238">238</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#81">#81</a>); AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#33">#33</a>); SHA-1 (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83">#83</a>); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83">#83</a>, vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156">#156</a>); RC2; RC4; MD5</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows XP
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Kernel Mode Cryptographic Module</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp241.pdf">5.1.2600.0</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/241">241</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a>); DSA/SHA-1 (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#35">#35</a>); HMAC-SHA-1 (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#35">#35</a>, vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89">#89</a>)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows 2000 SP3
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp106.pdf">5.0.2195.1569</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106">106</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a>); SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#35">#35</a>)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89">#89</a>)</p></td>
+</tr>
+<tr class="odd">
+<td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Base DSS: 5.0.2195.3665 [SP3])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Base: 5.0.2195.3839 [SP3])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(DSS/DH Enh: 5.0.2195.3665 [SP3])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Enh: 5.0.2195.3839 [SP3]</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103">103</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a>); DSA/SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28">#28</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29">#29</a>); RSA (vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65">#65</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66">66</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67">67</a> and <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68">68</a>); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows 2000 SP2
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp106.pdf">5.0.2195.1569</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106">106</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a>); SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#35">#35</a>)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89">#89</a>)</p></td>
+</tr>
+<tr class="odd">
+<td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
+<td><p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Base DSS:</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">5.0.2195.2228 [SP2])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Base:</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">5.0.2195.2228 [SP2])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(DSS/DH Enh:</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">5.0.2195.2228 [SP2])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Enh:</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">5.0.2195.2228 [SP2])</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103">103</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a>); DSA/SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28">#28</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29">#29</a>); RSA (vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65">#65</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66">66</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67">67</a> and <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68">68</a>); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows 2000 SP1
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
+<td><p>(<a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">Base DSS: 5.0.2150.1391 [SP1])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Base: 5.0.2150.1391 [SP1])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(DSS/DH Enh: 5.0.2150.1391 [SP1])</a></p>
+<p><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf">(Enh: 5.0.2150.1391 [SP1])</a></p></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103">103</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a>); DSA/SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28">#28</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29">#29</a>); RSA (vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65">#65</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66">66</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67">67</a> and <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68">68</a>); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows 2000
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp76.pdf">5.0.2150.1</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/76">76</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (vendor affirmed); DSA/SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28">#28</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29">29</a>); RSA (vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65">#65</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66">66</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67">67</a> and <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68">68</a>); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows 95 and Windows 98
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp75.pdf">5.0.1877.6 and 5.0.1877.7</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/75">75</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (vendor affirmed); SHA-1 (Certs. <a href="https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#20">#20</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#21">21</a>); DSA/SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#25">#25</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#26">26</a>); RSA (vendor- affirmed)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61">#61</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62">62</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63">63</a> and <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64">64</a>); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows NT 4.0
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Base Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp68.pdf">5.0.1877.6 and 5.0.1877.7</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/68">68</a></td>
+<td><em>FIPS Approved algorithms:</em> SHA-1 (Certs. <a href="https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#20">#20</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#21">21</a>); DSA/SHA- 1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#25">#25</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#26">26</a>); RSA (vendor affirmed)<br />
+<br />
+<em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61">#61</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62">62</a>, <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63">63</a> and <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64">64</a>); Triple-DES (allowed for US and Canadian Government use); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)</td>
+</tr>
+</tbody>
+</table>
+
+
+#### Windows Server
+
+##### Windows Server 2016
+
+Validated Editions: Standard, Datacenter, Storage Server
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2937.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937">2937</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">#92</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a>)<br />
+<br />
+<em>Other algorithms:</em> HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)</td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2936.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">2936</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">#92</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a>)<br />
+<br />
+<em>Other algorithms:</em> HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)</td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2931.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931">2931</a></td>
+<td><p><em>FIPS Approved algorithms</em>: AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); PBKDF (vendor affirmed); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)</p>
+<p><em>Other algorithms</em>: MD5; PBKDF (non-compliant); VMK KDF</p></td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (winload)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2932.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932">2932</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> NDRNG; MD5</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (winresume)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2933.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934">2933</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (dumpfve.sys)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2934.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934">2934</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>)</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2935.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935">2935</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (non-compliant); MD5</td>
+</tr>
+<tr class="odd">
+<td>Secure Kernel Code Integrity (skci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2938.pdf">10.0.14393</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938">2938</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Server 2012 R2
+
+Validated Editions: Server, Storage Server,
+
+**StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2**
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2357.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357">2357</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855">#855</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47">#47</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">#2373</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)</td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2356.pdf">6.3.9600 6.3.9600.17042</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356">2356</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47">#47</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)</td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2351.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351">2351</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); PBKDF (vendor affirmed); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; KDF (non-compliant); PBKDF (non-compliant)</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (winload)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2352.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352">2352</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5; NDRNG</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (winresume)<sup>[16]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2353.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353">2353</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (dumpfve.sys)<sup>[17]</sup></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2354.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354">2354</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>)<br />
+<br />
+<em>Other algorithms:</em> N/A</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2355.pdf">6.3.9600 6.3.9600.17031</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355">2355</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+</tbody>
+</table>
+
+
+<sup>\[16\]</sup> Does not apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
+
+<sup>\[17\]</sup> Does not apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
+
+**Windows Server 2012**
+
+Validated Editions: Server, Storage Server
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1892.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892">1892</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687">#687</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a>); HMAC (Cert. #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">1345</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a>); KBKDF (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#687); ECDSA (Cert. ); HMAC (Cert. #); KAS (Cert. ); KBKDF (Cert. ); PBKDF (vendor affirmed); RSA (Certs.  and ); SHS (Cert. ); Triple-DES (Cert. )<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. , key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)</td>
+</tr>
+<tr class="odd">
+<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1891.pdf">6.2.9200</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891">1891</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#259">#259</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">#1345</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a>); KBKDF (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a>); PBKDF (vendor affirmed); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110">#1110</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#1110); RSA (Certs.  and ); SHS (Cert. ); Triple-DES (Cert. )<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. , key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)</td>
+</tr>
+<tr class="even">
+<td>Boot Manager</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1895.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895">1895</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>); HMAC (Cert. #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1347">1347</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Windows OS Loader (WINLOAD)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1896.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896">1896</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a>; non-compliant); MD5; Non-Approved RNG</td>
+</tr>
+<tr class="even">
+<td>BitLocker® Windows Resume (WINRESUME)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1898.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898">1898</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>BitLocker® Dump Filter (DUMPFVE.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1899.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899">1899</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a>)<br />
+<br />
+<em>Other algorithms:</em> N/A</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (CI.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1897.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897">1897</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1893.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893">1893</a></td>
+<td><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#686">#686</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, vendor affirmed)<br />
+<br />
+<em>Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider (RSAENH.DLL)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1894.pdf">6.2.9200</a></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894">1894</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1346">#1346</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Server 2008 R2
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Boot Manager (bootmgr)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1321.pdf">6.1.7600.16385 or 6.1.7601.17514</a>6.1.7600.16385 or 6.1.7601.17514</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1321">1321</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675">#675</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568">#568</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td><strong>Winload OS Loader (winload.exe)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1333.pdf">6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675</a>6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1333">1333</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568">#568</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1334.pdf">6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108</a>6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1334">1334</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568">#568</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>Kernel Mode Cryptographic Primitives Library (cng.sys)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1335.pdf">6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076</a>6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1335">1335</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); AES GCM (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); AES GMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#27">#27</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#142">#142</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#686">#686</a>); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649">#649</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#567">#567</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>)<br />
+<br />
+<em>-Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4</td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcryptprimitives.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1336.pdf">66.1.7600.16385 or 6.1.7601.17514</a>66.1.7600.16385 or 6.1.7601.17514</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1336">1336</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); AES GCM (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); AES GMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, vendor-affirmed); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#27">#27</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#391">#391</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#142">#142</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#686">#686</a>); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649">#649</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#567">#567</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; HMAC MD5; MD2; MD4; MD5; RC2; RC4</td>
+</tr>
+<tr class="odd">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1337.pdf">6.1.7600.16385</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1337">1337</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#687">#687</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568">#568</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+<tr class="even">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1338.pdf">6.1.7600.16385</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1338">1338</a></td>
+<td><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#390">#390</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649">#649</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>, vendor affirmed)<br />
+<br />
+<em>Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4</td>
+</tr>
+<tr class="odd">
+<td>BitLocker™ Drive Encryption</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1339.pdf">6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675</a>6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1339">1339</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675">#675</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
+<br />
+<em>Other algorithms:</em> Elephant Diffuser</td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Server 2008
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Boot Manager (bootmgr)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1004.pdf">6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497</a>6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1004">1004</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760">#760</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#415">#415</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355">#355</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>)<br />
+<br />
+<em>Other algorithms:</em> N/A</td>
+</tr>
+<tr class="odd">
+<td><strong>Winload OS Loader (winload.exe)</strong></td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1005.pdf">6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596</a>6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1005">1005</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760">#760</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355">#355</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="even">
+<td>Code Integrity (ci.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1006.pdf">6.0.6001.18000 and 6.0.6002.18005</a>6.0.6001.18000 and 6.0.6002.18005</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1006">1006</a></td>
+<td><em>FIPS Approved algorithms:</em> RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355">#355</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>)<br />
+<br />
+<em>Other algorithms:</em> MD5</td>
+</tr>
+<tr class="odd">
+<td>Kernel Mode Security Support Provider Interface (ksecdd.sys)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1007.pdf">6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869</a>6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1007">1007</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#757">#757</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#83">#83</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#413">#413</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435">#435</a> and SP800-90 AES-CTR, vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#358">#358</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#83); HMAC (Cert. ); RNG (Cert.  and SP800-90 AES-CTR, vendor affirmed); RSA (Certs.  and ); SHS (Cert. ); Triple-DES (Cert. )<br />
+<br />
+<em>Other algorithms:</em> AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+<tr class="even">
+<td>Cryptographic Primitives Library (bcrypt.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1008.pdf">6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872</a>6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1008">1008</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#757">#757</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#284">#284</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#83">#83</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#413">#413</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435">#435</a> and SP800-90, vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#358">#358</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>)<br />
+<br />
+<em>Other algorithms:</em> AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)</td>
+</tr>
+<tr class="odd">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1009.pdf">6.0.6001.18000 and 6.0.6002.18005</a>6.0.6001.18000 and 6.0.6002.18005</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1009">1009</a></td>
+<td><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#282">#282</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435">#435</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>); Triple-DES MAC (Triple-DES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>, vendor affirmed)<br />
+<br />
+<em>-Other algorithms:</em> DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4</td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1010.pdf">6.0.6001.22202 and 6.0.6002.18005</a>6.0.6001.22202 and 6.0.6002.18005</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1010">1010</a></td>
+<td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#408">#408</a>); RNG (SP 800-90, vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355">#355</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a>)<br />
+<br />
+<em>Other algorithms:</em> DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Server 2003 SP2
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp875.pdf">5.2.3790.3959</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/875">875</a></td>
+<td><p><em>FIPS Approved algorithms:</em> DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#221">#221</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#314">#314</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#245">#245</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611">#611</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#543">#543</a>)</p>
+<p><em>Other algorithms:</em> DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC4</p></td>
+</tr>
+<tr class="odd">
+<td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp869.pdf">5.2.3790.3959</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/869">869</a></td>
+<td><p><em>FIPS Approved algorithms:</em> HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#287">#287</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#313">#313</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610">#610</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#542">#542</a>)</p>
+<p><em>Other algorithms:</em> DES; HMAC-MD5</p></td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp868.pdf">5.2.3790.3959</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/868">868</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#548">#548</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#289">#289</a>); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#316">#316</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#245">#245</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">#613</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#544">#544</a>)</p>
+<p><em>Other algorithms:</em> DES; RC2; RC4; MD2; MD4; MD5; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Server 2003 SP1
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp405.pdf">5.2.3790.1830 [SP1]</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405">405</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#201">#201</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#370">#370</a>[1]); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#177">#177</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#371">#371</a>[2])</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230">#230</a>[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)</p>
+<p>[1] x86<br />
+[2] SP1 x86, x64, IA64</p></td>
+</tr>
+<tr class="odd">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp382.pdf">5.2.3790.1830 [Service Pack 1])</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382">382</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#192">#192</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#365">#365</a>[2]); AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#80">#80</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#290">#290</a>[2]); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176">#176</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">#364</a>[2]); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176">#176</a>, vendor affirmed[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#99">#99</a>[2]); RSA (PKCS#1, vendor affirmed[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81">#81</a>[2])</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226">#226</a>[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5</p>
+<p>[1] x86<br />
+[2] SP1 x86, x64, IA64</p></td>
+</tr>
+<tr class="even">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp381.pdf">5.2.3790.1830 [Service Pack 1]</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381">381</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#199">#199</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#381">#381</a>[2]); SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181">#181</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385">#385</a>[2]); DSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#95">#95</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#146">#146</a>[2]); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81">#81</a>)</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229">#229</a>[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40</p>
+<p>[1] x86<br />
+[2] SP1 x86, x64, IA64</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Windows Server 2003
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp405.pdf">5.2.3790.0</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405">405</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#201">#201</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#370">#370</a>[1]); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#177">#177</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#371">#371</a>[2])</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230">#230</a>[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)</p>
+<p>[1] x86<br />
+[2] SP1 x86, x64, IA64</p></td>
+</tr>
+<tr class="odd">
+<td>Enhanced Cryptographic Provider (RSAENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp382.pdf">5.2.3790.0</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382">382</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#192">#192</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#365">#365</a>[2]); AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#80">#80</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#290">#290</a>[2]); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176">#176</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">#364</a>[2]); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176">#176</a>, vendor affirmed[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#99">#99</a>[2]); RSA (PKCS#1, vendor affirmed[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81">#81</a>[2])</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226">#226</a>[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5</p>
+<p>[1] x86<br />
+[2] SP1 x86, x64, IA64</p></td>
+</tr>
+<tr class="even">
+<td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp381.pdf">5.2.3790.0</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381">381</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#199">#199</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#381">#381</a>[2]); SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181">#181</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385">#385</a>[2]); DSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#95">#95</a>[1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#146">#146</a>[2]); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81">#81</a>)</p>
+<p><em>Other algorithms:</em> DES (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229">#229</a>[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40</p>
+<p>[1] x86<br />
+[2] SP1 x86, x64, IA64</p></td>
+</tr>
+</tbody>
+</table>
+
+
+#### Other Products
+
+##### Windows Embedded Compact 7 and Windows Embedded Compact 8
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2957.pdf">7.00.2872 [1] and 8.00.6246 [2]</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2957">2957</a></td>
+<td><p><em>FIPS Approved algorithms: AES (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433">#4433</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434">#4434</a><em>); CKG (vendor affirmed); DRBG (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1432">#1432</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1433">#1433</a><em>); HMAC (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2946">#2946</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2945">#2945</a><em>); RSA (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2414">#2414</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2415">#2415</a><em>); SHS (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">#3651</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">#3652</a><em>); Triple-DES (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2383">#2383</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2384">#2384</a><em>)</em></p>
+<p><em>Allowed algorithms: HMAC-MD5; MD5; NDRNG</em></p></td>
+</tr>
+<tr class="odd">
+<td>Cryptographic Primitives Library (bcrypt.dll)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2956.pdf">7.00.2872 [1] and 8.00.6246 [2]</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2956">2956</a></td>
+<td><p><em>FIPS Approved algorithms: AES (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430">#4430</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431">#4431</a><em>); CKG (vendor affirmed); CVL (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1139">#1139</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1140">#1140</a><em>); DRBG (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">#1429</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">#1430</a><em>); DSA (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187">#1187</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188">#1188</a><em>); ECDSA (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072">#1072</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1073">#1073</a><em>); HMAC (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2942">#2942</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2943">#2943</a><em>); KAS (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#114">#114</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#115">#115</a><em>); RSA (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2411">#2411</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2412">#2412</a><em>); SHS (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">#3648</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">#3649</a><em>); Triple-DES (Certs.</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2381">#2381</a><em>and</em><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2382">#2382</a><em>)</em></p>
+<p><em>Allowed algorithms: MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength</em></p></td>
+</tr>
+</tbody>
+</table>
+
+
+
+##### Windows CE 6.0 and Windows Embedded Compact 7
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Enhanced Cryptographic Provider</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp825.pdf">6.00.1937 [1] and 7.00.1687 [2]</a></td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/825">825</a></td>
+<td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#516">#516</a> [1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2024">#2024</a> [2]); HMAC (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#267">#267</a> [1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1227">#1227</a> [2]); RNG (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#292">#292</a> [1] and <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1060">#1060</a> [2]); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#230">#230</a> [1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1052">#1052</a> [2]); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">#589</a> [1] and #1774 [2]); Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#526">#526</a> [1] and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1308">#1308</a> [2])</p>
+<p><em>Other algorithms:</em> MD5; HMAC-MD5; RC2; RC4; DES</p></td>
+</tr>
+</tbody>
+</table>
+
+
+##### Outlook Cryptographic Provider
+
+<table>
+<colgroup>
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+<col style="width: 25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Cryptographic Module</strong></td>
+<td><strong>Version (link to Security Policy)</strong></td>
+<td><strong>FIPS Certificate #</strong></td>
+<td><strong>Algorithms</strong></td>
+</tr>
+<tr class="even">
+<td>Outlook Cryptographic Provider (EXCHCSP)</td>
+<td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp110.pdf">SR-1A (3821)</a>SR-1A (3821)</td>
+<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/110">110</a></td>
+<td><p><em>FIPS Approved algorithms:</em> Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#18">#18</a>); SHA-1 (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#32">#32</a>); RSA (vendor affirmed)</p>
+<p><em>Other algorithms:</em> DES (Certs. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#91">#91</a>); DES MAC; RC2; MD2; MD5</p></td>
+</tr>
+</tbody>
+</table>
+
+ 
+
+### Cryptographic Algorithms
+
+The following tables are organized by cryptographic algorithms with their modes, states, and key sizes. For each algorithm implementation (operating system / platform), there is a link to the Cryptographic Algorithm Validation Program (CAVP) issued certificate.
+
+### Advanced Encryption Standard (AES)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>AES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CFB128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CTR:</li>
+<li><ul>
+<li>Counter Source: Internal</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-OFB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4904">#4904</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>AES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CFB128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CTR:</li>
+<li><ul>
+<li>Counter Source: Internal</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-OFB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4903">#4903</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>AES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CCM:</li>
+<li><ul>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)</li>
+<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)</li>
+<li>Plain Text Length: 0-32</li>
+<li>AAD Length: 0-65536</li>
+</ul></li>
+<li>AES-CFB128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CFB8:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CMAC:</li>
+<li><ul>
+<li>Generation:</li>
+<li><ul>
+<li>AES-128:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-192:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-256:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+</ul></li>
+<li>Verification:</li>
+<li><ul>
+<li>AES-128:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-192:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-256:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>AES-CTR:</li>
+<li><ul>
+<li>Counter Source: Internal</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-ECB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-GCM:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)</li>
+<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)</li>
+<li>AAD Lengths: 0, 8, 1016, 1024 (bits)</li>
+<li>96 bit IV supported</li>
+</ul></li>
+<li>AES-XTS:</li>
+<li><ul>
+<li>Key Size: 128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Block Sizes: Full</li>
+</ul></li>
+<li>Key Size: 256:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Block Sizes: Full</li>
+</ul></li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902">#4902</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>AES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CCM:</li>
+<li><ul>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)</li>
+<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)</li>
+<li>Plain Text Length: 0-32</li>
+<li>AAD Length: 0-65536</li>
+</ul></li>
+<li>AES-CFB128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CFB8:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CMAC:</li>
+<li><ul>
+<li>Generation:</li>
+<li><ul>
+<li>AES-128:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-192:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-256:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+</ul></li>
+<li>Verification:</li>
+<li><ul>
+<li>AES-128:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-192:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-256:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>AES-CTR:</li>
+<li><ul>
+<li>Counter Source: Internal</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-ECB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-GCM:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)</li>
+<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)</li>
+<li>AAD Lengths: 0, 8, 1016, 1024 (bits)</li>
+<li>96 bit IV supported</li>
+</ul></li>
+<li>AES-XTS:</li>
+<li><ul>
+<li>Key Size: 128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Block Sizes: Full</li>
+</ul></li>
+<li>Key Size: 256:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Block Sizes: Full</li>
+</ul></li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901">#4901</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>AES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CCM:</li>
+<li><ul>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)</li>
+<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)</li>
+<li>Plain Text Length: 0-32</li>
+<li>AAD Length: 0-65536</li>
+</ul></li>
+<li>AES-CFB128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CFB8:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-CMAC:</li>
+<li><ul>
+<li>Generation:</li>
+<li><ul>
+<li>AES-128:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-192:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-256:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+</ul></li>
+<li>Verification:</li>
+<li><ul>
+<li>AES-128:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-192:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+<li>AES-256:</li>
+<li><ul>
+<li>Block Sizes: Full, Partial</li>
+<li>Message Length: 0-65536</li>
+<li>Tag Length: 16-16</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>AES-CTR:</li>
+<li><ul>
+<li>Counter Source: Internal</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-ECB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+</ul></li>
+<li>AES-GCM:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>IV Generation: External</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)</li>
+<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)</li>
+<li>AAD Lengths: 0, 8, 1016, 1024 (bits)</li>
+<li>96 bit IV supported</li>
+</ul></li>
+<li>AES-XTS:</li>
+<li><ul>
+<li>Key Size: 128:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Block Sizes: Full</li>
+</ul></li>
+<li>Key Size: 256:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Block Sizes: Full</li>
+</ul></li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897">#4897</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><p>AES-KW:</p>
+<ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>CIPHK transformation direction: Forward</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)</li>
+</ul>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902">Val#4902</a></p></td>
+<td><p>Microsoft Surface Hub Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4900">#4900</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><p>AES-KW:</p>
+<ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>CIPHK transformation direction: Forward</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)</li>
+</ul>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901">Val#4901</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4899">#4899</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><p>AES-KW:</p>
+<ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>CIPHK transformation direction: Forward</li>
+<li>Key Lengths: 128, 192, 256 (bits)</li>
+<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)</li>
+</ul>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897">Val#4897</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4898">#4898</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><p>AES-CCM:</p>
+<ul>
+<li>Key Lengths: 256 (bits)</li>
+<li>Tag Lengths: 128 (bits)</li>
+<li>IV Lengths: 96 (bits)</li>
+<li>Plain Text Length: 0-32</li>
+<li>AAD Length: 0-65536</li>
+</ul>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902">Val#4902</a></p></td>
+<td><p>Microsoft Surface Hub BitLocker(R) Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4896">#4896</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><p>AES-CCM:</p>
+<ul>
+<li>Key Lengths: 256 (bits)</li>
+<li>Tag Lengths: 128 (bits)</li>
+<li>IV Lengths: 96 (bits)</li>
+<li>Plain Text Length: 0-32</li>
+<li>AAD Length: 0-65536</li>
+</ul>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901">Val#4901</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) BitLocker(R) Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4895">#4895</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><p>AES-CCM:</p>
+<ul>
+<li>Key Lengths: 256 (bits)</li>
+<li>Tag Lengths: 128 (bits)</li>
+<li>IV Lengths: 96 (bits)</li>
+<li>Plain Text Length: 0-32</li>
+<li>AAD Length: 0-65536</li>
+</ul>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897">Val#4897</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); BitLocker(R) Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4894">#4894</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>OFB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4627">#4627</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>KW</strong> ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 256 , 192 , 320 , 2048 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a></p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626">#4626</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a></p>
+<p> </p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile BitLocker(R) Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625">#4625</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
+<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><strong>CMAC</strong> (Generation/Verification ) (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 )</p>
+<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
+<p>(KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
+<p>IV Generated: ( External ) ; PT Lengths Tested: ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested: ( 0 , 1024 , 8 , 1016 ) ; 96BitIV_Supported</p>
+<p>GMAC_Supported</p>
+<p><strong>XTS</strong>( (KS: XTS_128( (e/d) (f) ) KS: XTS_256( (e/d) (f) )</p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434">#4434</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433">#4433</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431">#4431</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430">#4430</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>OFB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4074">#4074</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 ); <strong>CBC</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB8</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB128</strong> ( e/d; 128 , 192 , 256 ); <strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
+<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><strong>CMAC (Generation/Verification )</strong> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+(KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
+GMAC_Supported</p>
+<p><strong>XTS( (KS: XTS_128</strong>( (e/d) (f) ) <strong>KS: XTS_256</strong>( (e/d) (f) )</p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p> </p></td>
+<td>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4063">#4063</a><br />
+Version 10.0.14393</td>
+</tr>
+<tr class="even">
+<td><p><strong>KW</strong>  ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 192 , 256 , 320 , 2048 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>KW</strong>  ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 256 , 192 , 320 , 2048 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3652">#3652</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p> </p></td>
+<td>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3630">#3630</a><br />
+Version 10.0.10586</td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 ); <strong>CBC</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB8</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB128</strong> ( e/d; 128 , 192 , 256 ); <strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
+<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><strong>CMAC (Generation/Verification )</strong> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+(KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
+GMAC_Supported</p>
+<p><strong>XTS( (KS: XTS_128</strong>( (e/d) (f) ) <strong>KS: XTS_256</strong>( (e/d) (f) )</p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">#3629</a><br />
+<br />
+</p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p>KW  ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 256 , 192 , 320 , 2048 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3507">#3507</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498">#3498</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 ); <strong>CBC</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB8</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB128</strong> ( e/d; 128 , 192 , 256 ); <strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
+<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><strong>CMAC(Generation/Verification )</strong> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+(KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
+GMAC_Supported</p>
+<p><strong>XTS( (KS: XTS_128</strong>( (e/d) (f) ) <strong>KS: XTS_256</strong>( (e/d) (f) )</p></td>
+<td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a><br />
+Version 10.0.10240</td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p> </p></td>
+<td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3476">#3476</a><br />
+Version 10.0.10240</td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p> </p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2853">#2853</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CCM (KS: 256 )</strong> (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">Val#2832</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 BitLocker� Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2848">#2848</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>CCM (KS: 128 , 192 , 256 )</strong> (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 0 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><strong>CMAC (Generation/Verification ) (KS: 128</strong>; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><strong>GCM (KS: AES_128</strong>( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
+<p><strong>(KS: AES_256</strong>( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
+<p><strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 128 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 128 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 8 , 1024 ) ; 96BitIV_Supported ;<br />
+<strong>OtherIVLen_Supported<br />
+GMAC_Supported</strong></p></td>
+<td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">2832</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CCM (KS: 128 , 192 , 256</strong> ) <strong>(Assoc. Data Len Range</strong>: 0 - 0 , 2^16 ) <strong>(Payload Length Range</strong>: 0 - 32 ( <strong>Nonce Length(s)</strong>: 7 8 9 10 11 12 13 <strong>(Tag Length(s)</strong>: 4 6 8 10 12 14 16 )<br />
+AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">Val#2197</a></p>
+<p><strong>CMAC</strong> (Generation/Verification ) <strong>(KS: 128;</strong> Block Size(s): ; <strong>Msg Len(s)</strong> Min: 0 Max: 2^16 ; <strong>Tag Len(s)</strong> Min: 16 Max: 16 ) <strong>(KS: 192</strong>; Block Size(s): ; <strong>Msg Len(s)</strong> Min: 0 Max: 2^16 ; <strong>Tag Len(s)</strong> Min: 16 Max: 16 ) <strong>(KS: 256</strong>; Block Size(s): ; <strong>Msg Len(s)</strong> Min: 0 Max: 2^16 ; <strong>Tag Len(s)</strong> Min: 16 Max: 16 )<br />
+AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">Val#2197</a></p>
+<p><strong>GCM(KS: AES_128</strong>( e/d ) Tag Length(s): 128 120 112 104 96 ) <strong>(KS: AES_192</strong>( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<strong>(KS: AES_256</strong>( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<strong>IV Generated:</strong> ( Externally ) ; <strong>PT Lengths Tested:</strong> ( 0 , 128 , 1024 , 8 , 1016 ) ; <strong>AAD Lengths tested:</strong> ( 0 , 128 , 1024 , 8 , 1016 ) ; <strong>IV Lengths Tested:</strong> ( 8 , 1024 ) ; <strong>96BitIV_Supported<br />
+GMAC_Supported</strong></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>CCM (KS: 256 ) (Assoc. Data Len Range:</strong> 0 - 0 , 2^16 <strong>) (Payload Length Range:</strong> 0 - 32 ( <strong>Nonce Length(s)</strong>: 12 <strong>(Tag Length(s)</strong>: 16 )</p>
+<p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">Val#2196</a></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p> </p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a></td>
+</tr>
+<tr class="odd">
+<td><strong>CCM (KS: 128 , 192 , 256 ) (Assoc. Data Len Range:</strong> 0 – 0 , 2^16 <strong>) (Payload Length Range:</strong> 0 - 32 <strong>( Nonce Length(s):</strong> 7 8 9 10 11 12 13 <strong>(Tag Length(s):</strong> 4 6 8 10 12 14 16 <strong>)</strong><br />
+AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">Val#1168</a></td>
+<td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1187">#1187</a></p>
+<p>Windows 7 Ultimate and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1178">#1178</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>CCM (KS: 128 , 256 ) (Assoc. Data Len Range:</strong> 0 - 8 <strong>) (Payload Length Range:</strong> 4 - 32 <strong>( Nonce Length(s):</strong> 7 8 12 13 <strong>(Tag Length(s):</strong> 4 6 8 14 16 <strong>)</strong><br />
+AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">Val#1168</a></td>
+<td>Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<p> </p></td>
+<td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>GCM</strong></p>
+<p><strong>GMAC</strong></p></td>
+<td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> , vendor-affirmed</td>
+</tr>
+<tr class="odd">
+<td><strong>CCM (KS: 128 , 256 ) (Assoc. Data Len Range:</strong> 0 - 8 <strong>) (Payload Length Range:</strong> 4 - 32 <strong>( Nonce Length(s):</strong> 7 8 12 13 <strong>(Tag Length(s):</strong> 4 6 8 14 16 <strong>)</strong></td>
+<td>Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760">#760</a></td>
+</tr>
+<tr class="even">
+<td><strong>CCM (KS: 128 , 192 , 256 ) (Assoc. Data Len Range:</strong> 0 - 0 , 2^16 <strong>) (Payload Length Range:</strong> 1 - 32 <strong>( Nonce Length(s):</strong> 7 8 9 10 11 12 13 <strong>(Tag Length(s):</strong> 4 6 8 10 12 14 16 <strong>)</strong></td>
+<td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#757">#757</a></p>
+<p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#756">#756</a></p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CBC</strong> ( e/d; 128 , 256 );</p>
+<p><strong>CCM</strong> (<strong>KS: 128 , 256</strong> ) (<strong>Assoc. Data Len Range</strong>: 0 - 8 ) (<strong>Payload Length Range</strong>: 4 - 32 ( <strong>Nonce Length(s)</strong>: 7 8 12 13 (<strong>Tag Length(s)</strong>: 4 6 8 14 16 )</p></td>
+<td><p>Windows Vista Ultimate BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#715">#715</a></p>
+<p>Windows Vista Ultimate BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#424">#424</a></p></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p>Windows Vista Ultimate SP1 and Windows Server 2008 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a></p>
+<p>Windows Vista Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#553">#553</a></p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2023">#2023</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
+<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2024">#2024</a></p>
+<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#818">#818</a></p>
+<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#781">#781</a></p>
+<p>Windows 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#548">#548</a></p>
+<p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#516">#516</a></p>
+<p>Windows CE and Windows Mobile 6, 6.1, and 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#507">#507</a></p>
+<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#290">#290</a></p>
+<p>Windows CE 5.0 and 5.1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#224">#224</a></p>
+<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#80">#80</a></p>
+<p>Windows XP, SP1, and SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#33">#33</a></p></td>
+</tr>
+</tbody>
+</table>
+
+
+Deterministic Random Bit Generator (DRBG)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>Modes: AES-256</li>
+<li>Derivation Function States: Derivation Function not used</li>
+<li>Prediction Resistance Modes: Not Enabled</li>
+</ul></li>
+</ul>
+<p>Prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4904">#4904</a></p></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734">#1734</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>Modes: AES-256</li>
+<li>Derivation Function States: Derivation Function not used</li>
+<li>Prediction Resistance Modes: Not Enabled</li>
+</ul></li>
+</ul>
+<p>Prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4903">#4903</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733">#1733</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>Modes: AES-256</li>
+<li>Derivation Function States: Derivation Function used</li>
+<li>Prediction Resistance Modes: Not Enabled</li>
+</ul></li>
+</ul>
+<p>Prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902">#4902</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>Modes: AES-256</li>
+<li>Derivation Function States: Derivation Function used</li>
+<li>Prediction Resistance Modes: Not Enabled</li>
+</ul></li>
+</ul>
+<p>Prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901">#4901</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>Modes: AES-256</li>
+<li>Derivation Function States: Derivation Function used</li>
+<li>Prediction Resistance Modes: Not Enabled</li>
+</ul></li>
+</ul>
+<p>Prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897">#4897</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4627">Val#4627</a> ) ]</td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556">#1556</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a> ) ]</td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">#1555</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434">Val#4434</a> ) ]</td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1433">#1433</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433">Val#4433</a> ) ]</td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1432">#1432</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431">Val#4431</a> ) ]</td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">#1430</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430">Val#4430</a> ) ]</td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">#1429</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4074">Val#4074</a> ) ]</td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">#1222</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a> ) ]</td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a> ) ]</td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">#955</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a> ) ]</td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">#868</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">Val#2832</a> ) ]</td>
+<td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">Val#2197</a> ) ]</td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2023">Val#2023</a> ) ]</td>
+<td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">#193</a></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">Val#1168</a> ) ]</td>
+<td>Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 RNG Library <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a></td>
+</tr>
+<tr class="odd">
+<td><strong>DRBG</strong> (SP 800–90)</td>
+<td>Windows Vista Ultimate SP1, vendor-affirmed</td>
+</tr>
+</tbody>
+</table>
+
+
+#### Digital Signature Algorithm (DSA)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>DSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>PQGGen:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>PQGVer:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>SigGen:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>SigVer:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>KeyPair:</li>
+<li><ul>
+<li>L = 2048, N = 256</li>
+<li>L = 3072, N = 256</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1303">#1303</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>DSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>PQGGen:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>PQGVer:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>SigGen:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>SigVer:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>KeyPair:</li>
+<li><ul>
+<li> </li>
+<li> </li>
+<li>L = 2048, N = 256</li>
+<li>L = 3072, N = 256</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1302">#1302</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>DSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>PQGGen:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>PQGVer:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>SigGen:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>SigVer:</li>
+<li><ul>
+<li>L = 2048, N = 256 SHA: SHA-256</li>
+<li>L = 3072, N = 256 SHA: SHA-256</li>
+</ul></li>
+<li>KeyPair:</li>
+<li><ul>
+<li>L = 2048, N = 256</li>
+<li>L = 3072, N = 256</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1301">#1301</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:</strong></p>
+<p><strong>PQG(gen)</strong>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p><strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p><strong>KeyPairGen</strong>:   [ (2048,256) ; (3072,256) ]</p>
+<p><strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]</p>
+<p><strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p>DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223">#1223</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-4:<br />
+PQG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
+<strong>SIG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188">#1188</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-4:<br />
+PQG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
+<strong>SIG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187">#1187</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+PQG(gen)</strong>PARMS TESTED: [<br />
+(2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+KeyPairGen:    [ (2048,256) ; (3072,256) ]<br />
+<strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256)<br />
+SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
+<strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+PQG(gen)</strong>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ] <strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 )]<br />
+KeyPairGen:    [ (2048,256) ; (3072,256) ] <strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
+<strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val# 955</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024">#1024</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+PQG(gen)</strong>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+KeyPairGen:    [ (2048,256) ; (3072,256) ]<br />
+<strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ] <strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val# 868</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983">#983</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+PQG(gen)</strong>PARMS TESTED:   [<br />
+(2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<strong>PQG(ver</strong>)PARMS TESTED:   [ (2048,256)<br />
+SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+KeyPairGen:    [ (2048,256) ; (3072,256) ]<br />
+<strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
+<strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val# 2373</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val# 489</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855">#855</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186</strong>-2:<br />
+<strong>PQG(ver)</strong> MOD(1024);<br />
+<strong>SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p>
+<p><strong>FIPS186-4:<br />
+PQG(gen)PARMS TESTED</strong>: [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<strong>PQG(ver)PARMS TESTED</strong>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<strong>SIG(gen)PARMS TESTED</strong>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
+<strong>SIG(ver)PARMS TESTED</strong>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#687">Historical DSA List Val#687</a>.</p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687">#687</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+PQG(ver)</strong> MOD(1024);<br />
+<strong>SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#686">Historical DSA List Val#686</a>.</td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 DSS and Diffie-Hellman Enhanced Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#686">#686</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val# 1773</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#645">Historical DSA List Val#645</a>.</td>
+<td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#645">#645</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val# 1081</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#391">Historical DSA List Val#391</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#386">Historical DSA List Val#386</a>.</td>
+<td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#391">#391</a></p>
+<p>Windows 7 Ultimate and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#386">#386</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val# 1081</a><br />
+RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#649">Val# 649</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#390">Historical DSA List Val#390</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#385">Historical DSA List Val#385</a>.</td>
+<td><p>Windows Server 2008 R2 and SP1 Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#390">#390</a></p>
+<p>Windows 7 Ultimate and SP1 Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#385">#385</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val# 753</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#284">Historical DSA List Val#284</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#283">Historical DSA List Val#283</a>.</td>
+<td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#284">#284</a></p>
+<p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#283">#283</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val# 753</a><br />
+RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#435">Val# 435</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#282">Historical DSA List Val#282</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#281">Historical DSA List Val#281</a>.</td>
+<td><p>Windows Server 2008 Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#282">#282</a></p>
+<p>Windows Vista Ultimate SP1 Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#281">#281</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val# 618</a><br />
+RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#227">Historical DSA List Val#227</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#226">Historical DSA List Val#226</a>.</td>
+<td><p>Windows Vista CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#227">#227</a></p>
+<p>Windows Vista Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#226">#226</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784">Val# 784</a><br />
+RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#448">Val# 448</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#292">Historical DSA List Val#292</a>.</td>
+<td>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#292">#292</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val# 783</a><br />
+RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#447">Val# 447</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#291">Historical DSA List Val#291</a>.</td>
+<td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#291">#291</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+PQG(gen)</strong> MOD(1024);<br />
+<strong>PQG(ver)</strong> MOD(1024);<br />
+<strong>KEYGEN(Y)</strong> MOD(1024);<br />
+<strong>SIG(gen)</strong> MOD(1024);<br />
+<strong>SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611">Val# 611</a><br />
+RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#314">Val# 314</a></td>
+<td>Windows 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#221">#221</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+PQG(gen)</strong> MOD(1024);<br />
+<strong>PQG(ver)</strong> MOD(1024);<br />
+<strong>KEYGEN(Y)</strong> MOD(1024);<br />
+<strong>SIG(gen)</strong> MOD(1024);<br />
+<strong>SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385">Val# 385</a></td>
+<td>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#146">#146</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+PQG(ver)</strong> MOD(1024);<br />
+<strong>KEYGEN(Y)</strong> MOD(1024);<br />
+<strong>SIG(gen)</strong> MOD(1024);<br />
+<strong>SIG(ver)</strong> MOD(1024);<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181">Val# 181</a><br />
+<br />
+</td>
+<td>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#95">#95</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+PQG(gen)</strong> MOD(1024);<br />
+<strong>PQG(ver)</strong> MOD(1024);<br />
+<strong>KEYGEN(Y)</strong> MOD(1024);<br />
+<strong>SIG(gen)</strong> MOD(1024);<br />
+SHS: SHA-1 (BYTE)<br />
+<strong>SIG(ver)</strong> MOD(1024);<br />
+SHS: SHA-1 (BYTE)</td>
+<td><p>Windows 2000 DSSENH.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29">#29</a></p>
+<p>Windows 2000 DSSBASE.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28">#28</a></p>
+<p>Windows NT 4 SP6 DSSENH.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#26">#26</a></p>
+<p>Windows NT 4 SP6 DSSBASE.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#25">#25</a></p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-2: PRIME;<br />
+FIPS186-2:</strong></p>
+<p><strong>KEYGEN(Y):</strong><br />
+SHS: SHA-1 (BYTE)</p>
+<p><strong>SIG(gen):<br />
+SIG(ver)</strong> MOD(1024);<br />
+SHS: SHA-1 (BYTE)</p></td>
+<td>Windows NT 4.0 SP4 Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#17">#17</a></td>
+</tr>
+</tbody>
+</table>
+
+
+#### Elliptic Curve Digital Signature Algorithm (ECDSA)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+<li>Generation Methods: Extra Random Bits</li>
+</ul></li>
+<li>Public Key Validation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+</ul></li>
+<li>Signature Generation:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+<li>Signature Verification:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">#2373</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1263">#1263</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384</li>
+<li>Generation Methods: Testing Candidates</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734">#1734</a></p></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1253">#1253</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384</li>
+<li>Generation Methods: Testing Candidates</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733">#1733</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1252">#1252</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+<li>Generation Methods: Extra Random Bits</li>
+</ul></li>
+<li>Public Key Validation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+</ul></li>
+<li>Signature Generation:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+<li>Signature Verification:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1251">#1251</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+<li>Generation Methods: Extra Random Bits</li>
+</ul></li>
+<li>Public Key Validation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+</ul></li>
+<li>Signature Generation:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+<li>Signature Verification:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1250">#1250</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+<li>Generation Methods: Extra Random Bits</li>
+</ul></li>
+<li>Public Key Validation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+</ul></li>
+<li>Signature Generation:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+<li>Signature Verification:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1249">#1249</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+<li>Generation Methods: Extra Random Bits</li>
+</ul></li>
+<li>Public Key Validation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+</ul></li>
+<li>Signature Generation:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+<li>Signature Verification:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1248">#1248</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+<li>Generation Methods: Extra Random Bits</li>
+</ul></li>
+<li>Public Key Validation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+</ul></li>
+<li>Signature Generation:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+<li>Signature Verification:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1247">#1247</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA:</li>
+<li><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Pair Generation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+<li>Generation Methods: Extra Random Bits</li>
+</ul></li>
+<li>Public Key Validation:</li>
+<li><ul>
+<li>Curves: P-256, P-384, P-521</li>
+</ul></li>
+<li>Signature Generation:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+<li>Signature Verification:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1246">#1246</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 TestingCandidates )<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1136">#1136</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1135">#1135</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133">#1133</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) <em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) )<br />
+<strong>SHS:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
+<strong>DRBG:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">Val# 1430</a></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1073">#1073</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) <em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) )<br />
+<strong>SHS:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
+<strong>DRBG:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val# 1429</a></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072">#1072</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 TestingCandidates )<br />
+<strong>PKV: CURVES</strong>( P-256 P-384 )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) )</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">Val# 1222</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#920">#920</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val# 955</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760">#760</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+SigVer: CURVES( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val# 868</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706">#706</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
+<p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val# 489</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-2:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+<strong>SIG(ver):CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p>
+<p><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#341">Historical ECDSA List Val#341</a>.</p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-2:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
+<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a></p>
+<p><strong>FIPS186-4:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#295">Historical ECDSA List Val#295</a>.</p></td>
+<td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#295">#295</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
+<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
+<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#142">Historical ECDSA List Val#142</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#141">Historical ECDSA List Val#141</a>.</td>
+<td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#142">#142</a></p>
+<p>Windows 7 Ultimate and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#141">#141</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#83">Historical ECDSA List Val#83</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#82">Historical ECDSA List Val#82</a>.</td>
+<td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#83">#83</a></p>
+<p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#82">#82</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
+<strong>RNG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val# 321</a><br />
+<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
+<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
+<strong>RNG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#60">Historical ECDSA List Val#60</a>.</td>
+<td>Windows Vista CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#60">#60</a></td>
+</tr>
+</tbody>
+</table>
+
+
+#### Keyed-Hash Message Authentication Code (HMAC)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>HMAC-SHA-1:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-256:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-384:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a></p></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3271">#3271</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>HMAC-SHA-1:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-256:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-384:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3270">#3270</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>HMAC-SHA-1:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-256:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-384:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-512:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269">#3269</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>HMAC-SHA-1:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-256:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-384:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-512:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268">#3268</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>HMAC-SHA-1:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-256:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-384:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+<li>HMAC-SHA2-512:</li>
+<li><ul>
+<li>Key Sizes &amp;lt; Block Size</li>
+<li>Key Sizes &amp;gt; Block Size</li>
+<li>Key Sizes = Block Size</li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267">#3267</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p></td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3062">#3062</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1(Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061">#3061</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2946">#2946</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2945">#2945</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2943">#2943</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2942">#2942</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2661">#2661</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p>
+<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p>
+<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p>
+<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">#2381</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p>
+<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p>
+<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886"> SHSVal# 2886</a></p>
+<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">#2233</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p>
+<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p>
+<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p>
+<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested:  KSBS )<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
+<td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
+<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
+<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
+<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p></td>
+<td><p>Windows CE and Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2122">#2122</a></p>
+<p>Version 5.2.29344</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1347">1347</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1346">1346</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS )</strong></p>
+<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS )</strong></p>
+<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS )</strong></p>
+<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS )</strong></p>
+<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">1345</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
+<p><strong>Tinker HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p></td>
+<td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1364">#1364</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p></td>
+<td>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1227">#1227</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p></td>
+<td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#686">#686</a></p>
+<p>Windows 7 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#677">#677</a></p>
+<p>Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#687">#687</a></p>
+<p>Windows 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#673">#673</a></p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1(Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p></td>
+<td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675">#675</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p></td>
+<td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#452">#452</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
+<td>Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#415">#415</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS )</strong>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
+<td><p>Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#408">#408</a></p>
+<p>Windows Vista Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#407">#407</a></p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS )SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p></td>
+<td>Windows Vista Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#297">#297</a></td>
+</tr>
+<tr class="even">
+<td><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785">Val#785</a></td>
+<td><p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#429">#429</a></p>
+<p>Windows XP, vendor-affirmed</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p></td>
+<td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#428">#428</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p></td>
+<td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#289">#289</a></td>
+</tr>
+<tr class="odd">
+<td><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610">Val#610</a></td>
+<td>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#287">#287</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
+<td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#413">#413</a></p>
+<p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#412">#412</a></p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">Val#737</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">Val#737</a></p></td>
+<td>Windows Vista Ultimate BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#386">#386</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#618">Val#618</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p></td>
+<td>Windows Vista CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#298">#298</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS )SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p></td>
+<td>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#267">#267</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p></td>
+<td>Windows CE and Windows Mobile 6.0 and Windows Mobil 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#260">#260</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">Val#495</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">Val#495</a></p></td>
+<td>Windows Vista BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#199">#199</a></td>
+</tr>
+<tr class="even">
+<td><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">Val#364</a></td>
+<td><p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#99">#99</a></p>
+<p>Windows XP, vendor-affirmed</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
+<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
+<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
+<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p></td>
+<td>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#31">#31</a></td>
+</tr>
+</tbody>
+</table>
+
+
+#### Key Agreement Scheme (KAS)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>KAS ECC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration</li>
+<li>Schemes:</li>
+<li><ul>
+<li>Full Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>KDFs: Concatenation</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1253">#1253</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734">#1734</a></p></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#150">#150</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>KAS ECC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration</li>
+<li>Schemes:</li>
+<li><ul>
+<li>Full Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>KDFs: Concatenation</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1252">#1252</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733">#1733</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#149">#149</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>KAS ECC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration</li>
+<li>Schemes:</li>
+<li><ul>
+<li>Ephemeral Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>KDFs: Concatenation</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>One Pass DH:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>Static Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1250">#1250</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p>
+<ul>
+<li>KAS FFC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation</li>
+<li>Schemes:</li>
+<li><ul>
+<li>dhEphem:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>dhOneFlow:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>dhStatic:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1303">#1303</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#148">#148</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>KAS ECC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration</li>
+<li>Schemes:</li>
+<li><ul>
+<li>Ephemeral Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>KDFs: Concatenation</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>One Pass DH:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>Static Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1249">#1249</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p>
+<ul>
+<li>KAS FFC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation</li>
+<li>Schemes:</li>
+<li><ul>
+<li>dhEphem:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>dhOneFlow:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>dhStatic:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1302">#1302</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#147">#147</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>KAS ECC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration</li>
+<li>Schemes:</li>
+<li><ul>
+<li>Ephemeral Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>KDFs: Concatenation</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>One Pass DH:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>Static Unified:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>EC:</li>
+<li><ul>
+<li>Curve: P-256</li>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>ED:</li>
+<li><ul>
+<li>Curve: P-384</li>
+<li>SHA: SHA-384</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>EE:</li>
+<li><ul>
+<li>Curve: P-521</li>
+<li>SHA: SHA-512</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1246">#1246</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p>
+<ul>
+<li>KAS FFC:</li>
+<li><ul>
+<li>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation</li>
+<li>Schemes:</li>
+<li><ul>
+<li>dhEphem:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>dhOneFlow:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+<li>dhStatic:</li>
+<li><ul>
+<li>Key Agreement Roles: Initiator, Responder</li>
+<li>Parameter Sets:</li>
+<li><ul>
+<li>FB:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+<li>FC:</li>
+<li><ul>
+<li>SHA: SHA-256</li>
+<li>MAC: HMAC</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1301">#1301</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#146">#146</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration ) <strong>SCHEMES</strong> [ <strong>FullUnified</strong> ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
+DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1135">Val#1135</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556">Val#1556</a></p></td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#128">#128</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
+( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
+[ <strong>dhOneFlow</strong> ( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ] [ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong> SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
+DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223">Val#1223</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val#1555</a></p>
+<p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <strong>OnePassDH</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
+ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133">Val#1133</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val#1555</a></p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127">#127</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
+( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
+[ <strong>dhOneFlow</strong> ( KARole(s): Initiator / Responder ) ( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ] [ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong> SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
+DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188">Val#1188</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">Val#1430</a></p>
+<p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <strong>OnePassDH</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#115">#115</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
+( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
+[ <strong>dhHybridOneFlow</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong>SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
+[ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong>SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
+DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187">Val#1187</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val#1429</a></p>
+<p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <strong>OnePassDH</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
+ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072">Val#1072</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val#1429</a></p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#114">#114</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )<br />
+<strong>SCHEMES  [ FullUnified  ( No_KC</strong>  &amp;lt; KARole(s): Initiator / Responder &amp;gt; &amp;lt; KDF: CONCAT &amp;gt; ) ( <strong>EC:</strong>  P-256   SHA256   HMAC ) ( <strong>ED:</strong>  P-384   SHA384   HMAC ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#920">Val#920</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">Val#1222</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#93">#93</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation )<br />
+<strong>SCHEMES</strong>  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
+[ dhOneFlow ( KARole(s): Initiator / Responder ) ( <strong>FB:</strong>  SHA256 ) ( <strong>FC:</strong>  SHA256 ) ] [ <strong>dhStatic (No_KC</strong>  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">Val#1098</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val#1217</a></p>
+<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <strong>SCHEMES</strong>  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">Val#1098</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">Val#911</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val#1217</a> HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">Val#2651</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">#92</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+( FB: SHA256 ) ( FC: SHA256 ) ]<br />
+[ dhOneFlow ( KARole(s): Initiator / Responder ) ( FB:  SHA256 ) ( FC:  SHA256 ) ] [ dhStatic ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024">Val#1024</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val#955</a></p>
+<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760">Val#760</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val#955</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#72">#72</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+( FB: SHA256 ) ( FC: SHA256 ) ]<br />
+[ dhOneFlow ( KARole(s): Initiator / Responder ) ( FB:  SHA256 ) ( FC:  SHA256 ) ] [ dhStatic ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983">Val#983</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val#868</a></p>
+<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706">Val#706</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val#868</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64">#64</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+( FB: SHA256 ) ( FC: SHA256 ) ]<br />
+[ dhOneFlow ( KARole(s): Initiator / Responder ) ( FB:  SHA256 ) ( FC:  SHA256 ) ] [ dhStatic ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855">Val#855</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val#489</a></p>
+<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
+<p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">Val#505</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val#489</a></p></td>
+<td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47">#47</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FFC</strong>: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation ) SCHEMES [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
+( <strong>FA</strong>: SHA256 ) ( <strong>FB</strong>: SHA256 ) ( <strong>FC</strong>: SHA256 ) ]<br />
+[ <strong>dhOneFlow</strong> ( KARole(s): Initiator / Responder ) ( <strong>FA</strong>: SHA256 ) ( <strong>FB</strong>: SHA256 ) ( <strong>FC</strong>: SHA256 ) ]<br />
+[ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FA</strong>: SHA256 HMAC ) ( <strong>FB</strong>: SHA256 HMAC ) ( <strong>FC</strong>: SHA256 HMAC ) ]<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687">Val#687</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p>
+<p><strong>ECC</strong>: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation Key Regeneration ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( EC: P-256 SHA256 HMAC ) ( <strong>ED</strong>: P-384 SHA384 HMAC ) ( <strong>EE</strong>: P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <strong>OnePassDH( No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC</strong>: P-256 SHA256 ) ( <strong>ED</strong>: P-384 SHA384 ) ( <strong>EE</strong>: P-521 (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC</strong>: P-256 SHA256 HMAC ) ( <strong>ED</strong>: P-384 SHA384 HMAC ) ( <strong>EE</strong>: P-521 HMAC (SHA512, HMAC_SHA512) ) ]<br />
+<br />
+SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">Val#341</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>KAS (SP 800–56A)</strong></p>
+<p>key agreement</p>
+<p>key establishment methodology provides 80 to 256 bits of encryption strength</p></td>
+<td><p>Windows 7 and SP1, vendor-affirmed</p>
+<p>Windows Server 2008 R2 and SP1, vendor-affirmed</p></td>
+</tr>
+</tbody>
+</table>
+
+
+SP 800-108 Key-Based Key Derivation Functions (KBKDF)
+
+<table>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>MACs: HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384</li>
+</ul></li>
+</ul>
+<p>MAC prerequisite: HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3271">#3271</a></p>
+<div>
+<ul>
+<li>Counter Location: Before Fixed Data</li>
+<li>R Length: 32 (bits)</li>
+<li>SPs used to generate K: SP 800-56A, SP 800-90A</li>
+</ul>
+</div>
+<p>K prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734">#1734</a>, KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#150">#150</a></p></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#161">#161</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>MACs: HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384</li>
+</ul></li>
+</ul>
+<p>MAC prerequisite: HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3270">#3270</a></p>
+<div>
+<ul>
+<li>Counter Location: Before Fixed Data</li>
+<li>R Length: 32 (bits)</li>
+<li>SPs used to generate K: SP 800-56A, SP 800-90A</li>
+</ul>
+</div>
+<p>K prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733">#1733</a>, KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#149">#149</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#160">#160</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512</li>
+</ul></li>
+</ul>
+<p>MAC prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902">#4902</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269">#3269</a></p>
+<div>
+<ul>
+<li>Counter Location: Before Fixed Data</li>
+<li>R Length: 32 (bits)</li>
+<li>SPs used to generate K: SP 800-56A, SP 800-90A</li>
+<li>K prerequisite: KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#148">#148</a></li>
+</ul>
+</div></td>
+<td><p>Microsoft Surface Hub Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#159">#159</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512</li>
+</ul></li>
+</ul>
+<p>MAC prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901">#4901</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268">#3268</a></p>
+<div>
+<ul>
+<li>Counter Location: Before Fixed Data</li>
+<li>R Length: 32 (bits)</li>
+<li>SPs used to generate K: SP 800-56A, SP 800-90A</li>
+</ul>
+</div>
+<p>K prerequisite: KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#147">#147</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#158">#158</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>Counter:</li>
+<li><ul>
+<li>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512</li>
+</ul></li>
+</ul>
+<p>MAC prerequisite: AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897">#4897</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267">#3267</a></p>
+<div>
+<ul>
+<li>Counter Location: Before Fixed Data</li>
+<li>R Length: 32 (bits)</li>
+<li>SPs used to generate K: SP 800-56A, SP 800-90A</li>
+</ul>
+</div>
+<p>K prerequisite: KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#146">#146</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#157">#157</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><strong>CTR_Mode:</strong> ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )<br />
+<br />
+KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#128">Val#128</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556">Val#1556</a><br />
+MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3062">Val#3062</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#141">#141</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>CTR_Mode:</strong> ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )<br />
+<br />
+KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127">Val#127</a><br />
+AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a><br />
+DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val#1555</a><br />
+MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061">Val#3061</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#140">#140</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#93">Val#93</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">Val#1222</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2661">Val#2661</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#102">#102</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">Val#92</a> AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val#1217</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">Val#2651</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72">Val#72</a> AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val#955</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">Val#2381</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72">#72</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64">Val#64</a> AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a> RBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val#868</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">Val#2233</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66">#66</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>CTR_Mode:</strong>  ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<p>DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val#489</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">Val#1773</a></p></td>
+<td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>CTR_Mode</strong>: ( Llength( Min0 Max4 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<p>DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a> HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">Val#1345</a></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a></td>
+</tr>
+</tbody>
+</table>
+
+
+Random Number Generator (RNG)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS 186-2 General Purpose</strong></p>
+<p><strong>[ (x-Original); (SHA-1) ]</strong></p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#1110">1110</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS 186-2<br />
+[ (x-Original); (SHA-1) ]</strong></td>
+<td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#1060">#1060</a></p>
+<p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#292">#292</a></p>
+<p>Windows CE and Windows Mobile 6.0 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#286">#286</a></p>
+<p>Windows CE 5.00 and Window CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#66">#66</a></p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS 186-2<br />
+[ (x-Change Notice); (SHA-1) ]</strong></p>
+<p><strong>FIPS 186-2 General Purpose<br />
+[ (x-Change Notice); (SHA-1) ]</strong></p></td>
+<td><p>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 RNG Library <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#649">#649</a></p>
+<p>Windows Vista Ultimate SP1 and Windows Server 2008 RNG Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#435">#435</a></p>
+<p>Windows Vista RNG implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">#321</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS 186-2 General Purpose<br />
+[ (x-Change Notice); (SHA-1) ]</strong></td>
+<td><p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#470">#470</a></p>
+<p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#449">#449</a></p>
+<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#447">#447</a></p>
+<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#316">#316</a></p>
+<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#313">#313</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS 186-2<br />
+[ (x-Change Notice); (SHA-1) ]</strong></td>
+<td><p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#448">#448</a></p>
+<p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#314">#314</a></p></td>
+</tr>
+</tbody>
+</table>
+
+
+#### RSA
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734">#1734</a></p></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2677">#2677</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 240 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 1024:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+</ul></li>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733">#1733</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2676">#2676</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Generation:</li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2675">#2675</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2674">#2674</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2673">#2673</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Generation:</li>
+<li><ul>
+<li>Public Key Exponent: Fixed (10001)</li>
+<li>Provable Primes with Conditions:</li>
+<li><ul>
+<li>Mod lengths: 2048, 3072 (bits)</li>
+<li>Primality Tests: C.3</li>
+</ul></li>
+</ul></li>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 1024:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 496 (bits)</li>
+</ul></li>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2672">#2672</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Generation:</li>
+<li><ul>
+<li>Probable Random Primes:</li>
+<li><ul>
+<li>Mod lengths: 2048, 3072 (bits)</li>
+<li>Primality Tests: C.2</li>
+</ul></li>
+</ul></li>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 1024:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 496 (bits)</li>
+</ul></li>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2671">#2671</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Generation:</li>
+<li><ul>
+<li>Probable Random Primes:</li>
+<li><ul>
+<li>Mod lengths: 2048, 3072 (bits)</li>
+<li>Primality Tests: C.2</li>
+</ul></li>
+</ul></li>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 1024:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 496 (bits)</li>
+</ul></li>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2670">#2670</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><p>RSA:</p>
+<ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Generation:</li>
+<li><ul>
+<li>Public Key Exponent: Fixed (10001)</li>
+<li>Provable Primes with Conditions:</li>
+<li><ul>
+<li>Mod lengths: 2048, 3072 (bits)</li>
+<li>Primality Tests: C.3</li>
+</ul></li>
+</ul></li>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 1024:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 496 (bits)</li>
+</ul></li>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2669">#2669</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Generation:</li>
+<li><ul>
+<li>Public Key Exponent: Fixed (10001)</li>
+<li>Provable Primes with Conditions:</li>
+<li><ul>
+<li>Mod lengths: 2048, 3072 (bits)</li>
+<li>Primality Tests: C.3</li>
+</ul></li>
+</ul></li>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 1024:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 496 (bits)</li>
+</ul></li>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2668">#2668</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>186-4:</li>
+<li><ul>
+<li>Key Generation:</li>
+<li><ul>
+<li>Probable Random Primes:</li>
+<li><ul>
+<li>Mod lengths: 2048, 3072 (bits)</li>
+<li>Primality Tests: C.2</li>
+</ul></li>
+</ul></li>
+<li>Signature Generation PKCS1.5:</li>
+<li><ul>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Generation PSS:</li>
+<li><ul>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+<li>Signature Verification PKCS1.5:</li>
+<li><ul>
+<li>Mod 1024 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 2048 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+<li>Mod 3072 SHA: SHA-1, SHA-256, SHA-384, SHA-512</li>
+</ul></li>
+<li>Signature Verification PSS:</li>
+<li><ul>
+<li>Mod 1024:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 496 (bits)</li>
+</ul></li>
+<li>Mod 2048:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+<li>Mod 3072:</li>
+<li><ul>
+<li>SHA-1: Salt Length: 160 (bits)</li>
+<li>SHA-256: Salt Length: 256 (bits)</li>
+<li>SHA-384: Salt Length: 384 (bits)</li>
+<li>SHA-512: Salt Length: 512 (bits)</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2667">#2667</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 )) (2048 SHA( 1 , 256 , 384 ))<br />
+<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2524">#2524</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-4:<br />
+186-4KEY(gen):</strong> FIPS186-4_Fixed_e ( 10001 ) ;<br />
+<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 <strong>PPTT:</strong>( C.3 )<br />
+<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522">#2522</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-4:<br />
+186-4KEY(gen):<br />
+PGM(ProbRandom:</strong> ( 2048 , 3072 ) <strong>PPTT:</strong>( C.2 )<br />
+<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2521">#2521</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a><br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
+<p><strong>FIPS186-4:<br />
+ALG[ANSIX9.31]</strong> Sig(Gen): (2048 SHA( 1 )) (3072 SHA( 1 ))<strong><br />
+<em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em></strong> Sig(Ver): (1024 SHA( 1 )) (2048 SHA( 1 )) (3072 SHA( 1 ))<br />
+<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2415">#2415</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a><br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
+<p><strong>FIPS186-4:<br />
+ALG[ANSIX9.31]</strong> Sig(Gen): (2048 SHA( 1 )) (3072 SHA( 1 ))<strong><br />
+<em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em></strong> Sig(Ver): (1024 SHA( 1 )) (2048 SHA( 1 )) (3072 SHA( 1 ))<br />
+<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2414">#2414</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
+<p><strong>FIPS186-4:<br />
+186-4KEY(gen):</strong> FIPS186-4_Fixed_e (10001) ;<br />
+<strong>PGM(ProbRandom:</strong> ( 2048 , 3072 ) <strong>PPTT:</strong>( C.2 )<br />
+<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">Val# 1430</a></p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2412">#2412</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
+<p><strong>FIPS186-4:<br />
+186-4KEY(gen):</strong> FIPS186-4_Fixed_e (10001) ;<br />
+<strong>PGM(ProbRandom:</strong> ( 2048 , 3072 ) <strong>PPTT:</strong>( C.2 )<br />
+<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
+DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val# 1429</a></p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2411">#2411</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 )) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
+SIG(Ver) (1024 SHA( 1 , 256 , 384 )) (2048 SHA( 1 , 256 , 384 ))<br />
+<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
+Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2206">#2206</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+186-4KEY(gen):</strong> FIPS186-4_Fixed_e ( 10001 ) ;<br />
+<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 PPTT:( C.3 )</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3346">Val#3346</a></p></td>
+<td><p>soft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2194">#2194</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+<strong>SIG(Ver)</strong> (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+[RSASSA-PSS]: Sig(Gen):</strong> (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<p><strong>Sig(Ver):</strong> (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a></p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+186-4KEY(gen)</strong>:  FIPS186-4_Fixed_e ( 10001 ) ;<br />
+<strong>PGM(ProbPrimeCondition</strong>): 2048 , 3072 PPTT:( C.3 )</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val# 955</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1889">#1889</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">Val#3048</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871">#1871</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+<strong>SIG(Ver)</strong> (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888">#1888</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+[RSASSA-PSS]: Sig(Gen)</strong>: (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+<strong>Sig(Ver):</strong> (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887">#1887</a></p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+186-4KEY(gen):</strong> FIPS186-4_Fixed_e ( 10001 ) ;<br />
+PGM(ProbPrimeCondition): 2048 , 3072 PPTT:( C.3 )</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val# 868</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798">#1798</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">Val#2871</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784">#1784</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">Val#2871</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783">#1783</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+Sig(Ver): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802">#1802</a></p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+186-4KEY(gen):</strong> FIPS186-4_Fixed_e ;<br />
+<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 PPTT:( C.3 )</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val# 489</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5</strong>] SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>FIPS186-4:<br />
+[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+ Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
+<td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 256 , 384 , 512-256 )) (3072 SHA( 256 , 384 , 512-256 ))<br />
+SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512-256 )) (2048 SHA( 1 , 256 , 384 , 512-256 )) (3072 SHA( 1 , 256 , 384 , 512-256 ))<br />
+<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+Sig(Ver): (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 , 512 ))<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p>Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1134">Historical RSA List Val#1134</a>.</p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-4:<br />
+186-4KEY(gen):</strong> FIPS186-4_Fixed_e , FIPS186-4_Fixed_e_Value<br />
+<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 <strong>PPTT:</strong>( C.3 )<br />
+SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1132">Historical RSA List Val#1132</a>.</td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1052">Historical RSA List Val#1052</a>.</td>
+<td>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1052">#1052</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1051">Historical RSA List Val#1051</a>.</td>
+<td>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1051">#1051</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#568">Historical RSA List Val#568</a>.</td>
+<td>Windows Server 2008 R2 and SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568">#568</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+<strong>ALG[RSASSA-PSS]:</strong> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#567">Historical RSA List Val#567</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#560">Historical RSA List Val#560</a>.</td>
+<td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#567">#567</a></p>
+<p>Windows 7 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#560">#560</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#559">Historical RSA List Val#559</a>.</td>
+<td>Windows 7 and SP1 and Server 2008 R2 and SP1 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#557">Historical RSA List Val#557</a>.</td>
+<td>Windows 7 and SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557">#557</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#395">Historical RSA List Val#395</a>.</td>
+<td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#395">#395</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#371">Historical RSA List Val#371</a>.</td>
+<td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#371">#371</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
+<strong>ALG[RSASSA-PSS]:</strong> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#358">Historical RSA List Val#358</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#357">Historical RSA List Val#357</a>.</td>
+<td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#358">#358</a></p>
+<p>Windows Vista SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#357">#357</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#355">Historical RSA List Val#355</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#354">Historical RSA List Val#354</a>.</td>
+<td><p>Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355">#355</a></p>
+<p>Windows Vista SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354">#354</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#353">Historical RSA List Val#353</a>.</td>
+<td>Windows Vista SP1 and Windows Server 2008 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#258">Historical RSA List Val#258</a>.</td>
+<td>Windows Vista RSA key generation implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#258">#258</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
+<strong>ALG[RSASSA-PSS]:</strong> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#257">Historical RSA List Val#257</a>.</td>
+<td>Windows Vista CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#257">#257</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#255">Historical RSA List Val#255</a>.</td>
+<td>Windows Vista Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#255">#255</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#245">Historical RSA List Val#245</a>.</td>
+<td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#245">#245</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#230">Historical RSA List Val#230</a>.</td>
+<td>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#230">#230</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-512<a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#578">Val#578</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#222">Historical RSA List Val#222</a>.</td>
+<td>Windows CE and Windows Mobile 6 and Windows Mobile 6.1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#222">#222</a></td>
+</tr>
+<tr class="even">
+<td><strong>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</strong><br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">Val#364</a><br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#81">Historical RSA List Val#81</a>.</td>
+<td>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81">#81</a></td>
+</tr>
+<tr class="odd">
+<td><strong>FIPS186-2:<br />
+ALG[ANSIX9.31]:</strong><br />
+SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#305">Val#305</a><br />
+<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>,<br />
+SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>,<br />
+Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#52">Historical RSA List Val#52</a>.</td>
+<td>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#52">#52</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>FIPS186-2:</strong></p>
+<p>– PKCS#1 v1.5, signature generation and verification</p>
+<p>– Mod sizes: 1024, 1536, 2048, 3072, 4096</p>
+<p>– SHS: SHA–1/256/384/512</p></td>
+<td><p>Windows XP, vendor-affirmed</p>
+<p>Windows 2000, vendor-affirmed</p></td>
+</tr>
+</tbody>
+</table>
+
+
+#### Secure Hash Standard (SHS)
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>SHA-1:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-256:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-384:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-512:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>SHA-1:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-256:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-384:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-512:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>SHA-1:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-256:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-384:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+<li>SHA-512:</li>
+<li><ul>
+<li>Supports Empty Message</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong>      (BYTE-only)<br />
+<strong>SHA-256</strong>  (BYTE-only)<br />
+<strong>SHA-384</strong>  (BYTE-only)<br />
+<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong>      (BYTE-only)<br />
+<strong>SHA-256</strong>  (BYTE-only)<br />
+<strong>SHA-384</strong>  (BYTE-only)<br />
+<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">#3652</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong>      (BYTE-only)<br />
+<strong>SHA-256</strong>  (BYTE-only)<br />
+<strong>SHA-384</strong>  (BYTE-only)<br />
+<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">#3651</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong>      (BYTE-only)<br />
+<strong>SHA-256</strong>  (BYTE-only)<br />
+<strong>SHA-384</strong>  (BYTE-only)<br />
+<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">#3649</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong>      (BYTE-only)<br />
+<strong>SHA-256</strong>  (BYTE-only)<br />
+<strong>SHA-384</strong>  (BYTE-only)<br />
+<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">#3648</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a><br />
+Version 10.0.14393</td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3346">#3346</a><br />
+Version 10.0.14393</td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">#3048</a><br />
+Version 10.0.10586</td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">#3047</a><br />
+Version 10.0.10586</td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">#2886</a><br />
+Version 10.0.10240</td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">#2871</a><br />
+Version 10.0.10240</td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a><br />
+Version 6.3.9600</td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">#2373</a><br />
+Version 6.3.9600</td>
+</tr>
+<tr class="even">
+<td><p><strong>SHA-1</strong> (BYTE-only)</p>
+<p><strong>SHA-256</strong> (BYTE-only)</p>
+<p><strong>SHA-384</strong> (BYTE-only)</p>
+<p><strong>SHA-512</strong> (BYTE-only)</p>
+<p><em>Implementation does not support zero-length (null) messages.</em></p></td>
+<td><p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">#1774</a></p>
+<p>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">#1773</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td><p>Windows 7and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a></p>
+<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816.">#816</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)</td>
+<td><p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785">#785</a></p>
+<p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784">#784</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">#783</a></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td><p>Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a></p>
+<p>Windows Vista Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">#618</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)</td>
+<td><p>Windows Vista BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">#737</a></p>
+<p>Windows Vista Beta 2 BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">#495</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td><p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">#613</a></p>
+<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">#364</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)</td>
+<td><p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611">#611</a></p>
+<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610">#610</a></p>
+<p>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385">#385</a></p>
+<p>Windows Server 2003 SP1 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#371">#371</a></p>
+<p>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181">#181</a></p>
+<p>Windows Server 2003 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#177">#177</a></p>
+<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176">#176</a></p></td>
+</tr>
+<tr class="odd">
+<td><strong>SHA-1</strong> (BYTE-only)<br />
+<strong>SHA-256</strong> (BYTE-only)<br />
+<strong>SHA-384</strong> (BYTE-only)<br />
+<strong>SHA-512</strong> (BYTE-only)</td>
+<td><p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">#589</a></p>
+<p>Windows CE and Windows Mobile 6 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">#578</a></p>
+<p>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">#305</a></p></td>
+</tr>
+<tr class="even">
+<td><strong>SHA-1</strong> (BYTE-only)</td>
+<td><p>Windows XP Microsoft Enhanced Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83">#83</a></p>
+<p>Crypto Driver for Windows 2000 (fips.sys) <a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htmlhttp:/csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.html#35">#35</a></p>
+<p>Windows 2000 Microsoft Outlook Cryptographic Provider (EXCHCSP.DLL) SR-1A (3821) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#32">#32</a></p>
+<p>Windows 2000 RSAENH.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#24">#24</a></p>
+<p>Windows 2000 RSABASE.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#23">#23</a></p>
+<p>Windows NT 4 SP6 RSAENH.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#21">#21</a></p>
+<p>Windows NT 4 SP6 RSABASE.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#20">#20</a></p></td>
+</tr>
+</tbody>
+</table>
+
+
+#### Triple DES
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Modes / States / Key Sizes</strong></td>
+<td><strong>Algorithm Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>TDES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-CFB64:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-CFB8:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-ECB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2558">#2558</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>TDES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-CFB64:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-CFB8:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-ECB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2557">#2557</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>TDES-CBC:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-CFB64:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-CFB8:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+<li>TDES-ECB:</li>
+<li><ul>
+<li>Modes: Decrypt, Encrypt</li>
+<li>Keying Option: 1</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2556">#2556</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><strong>TECB</strong>( KO 1 e/d, ) ; <strong>TCBC</strong>( KO 1 e/d, ) ; <strong>TCFB8</strong>( KO 1 e/d, ) ; <strong>TCFB64</strong>( KO 1 e/d, )</td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2459">#2459</a></p>
+<p>Version 10.0.15063</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, )</p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2384">#2384</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, )</p></td>
+<td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2383">#2383</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
+<p><strong>CTR</strong> ( int only )</p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2382">#2382</a></p>
+<p>Version 7.00.2872</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, )</p></td>
+<td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2381">#2381</a></p>
+<p>Version 8.00.6246</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a><br />
+<br />
+</p>
+<p>Version 10.0.14393</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024">#2024</a><br />
+<br />
+</p>
+<p>Version 10.0.10586</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969">#1969</a><br />
+<br />
+</p>
+<p>Version 10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
+<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCFB8</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCFB64</strong>( e/d; KO 1,2 )</p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a></td>
+</tr>
+<tr class="odd">
+<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td>Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td>Windows Vista Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549">#549</a></td>
+</tr>
+<tr class="odd">
+<td><strong>Triple DES MAC</strong></td>
+<td><p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, vendor-affirmed</p>
+<p>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>, vendor-affirmed</p></td>
+</tr>
+<tr class="even">
+<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
+<p><strong>TCBC</strong>( e/d; KO 1,2 )</p></td>
+<td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1308">#1308</a></p>
+<p>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1307">#1307</a></p>
+<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#691">#691</a></p>
+<p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#677">#677</a></p>
+<p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#676">#676</a></p>
+<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#675">#675</a></p>
+<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="http://csrc.nist.gov/groups/stm/cavp/documents/des/tripledesval.html#544">#544</a></p>
+<p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#543">#543</a></p>
+<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#542">#542</a></p>
+<p>Windows CE 6.0 and Window CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#526">#526</a></p>
+<p>Windows CE and Windows Mobile 6 and Windows Mobile 6.1 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#517">#517</a></p>
+<p>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#381">#381</a></p>
+<p>Windows Server 2003 SP1 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#370">#370</a></p>
+<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#365">#365</a></p>
+<p>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#315">#315</a></p>
+<p>Windows Server 2003 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#201">#201</a></p>
+<p>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#199">#199</a></p>
+<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#192">#192</a></p>
+<p>Windows XP Microsoft Enhanced Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#81">#81</a></p>
+<p>Windows 2000 Microsoft Outlook Cryptographic Provider (EXCHCSP.DLL) SR-1A (3821) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#18">#18</a></p>
+<p>Crypto Driver for Windows 2000 (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16">#16</a></p></td>
+</tr>
+</tbody>
+</table>
+
+
+#### SP 800-132 Password Based Key Derivation Function (PBKDF)
+
+<table border="1" cellpadding="0" summary="table" xmlns="http://www.w3.org/1999/xhtml">
+  <tr>
+    <td>
+      <strong>Modes / States / Key Sizes</strong>
+    </td>
+    <td colspan="2">
+      <strong>Algorithm Implementation and Certificate #</strong>
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>PBKDF</strong> (vendor affirmed)</td>
+    <td colspan="2">
+      <p> Kernel Mode Cryptographic Primitives Library (cng.sys) Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937">#2937</a><br />(Software Version: 10.0.14393)</p>
+      <p>Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a><br />(Software Version: 10.0.14393)</p>
+      <p>Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935">#2935</a><br />(Software Version: 10.0.14393)</p>
+      <p>Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931">#2931</a><br />(Software Version: 10.0.14393)</p>
+    </td>
+  </tr>
+  <tr>
+    <td colspan="2">
+      <strong>PBKDF</strong> (vendor affirmed)</td>
+    <td>
+      <p>Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a><br />(Software Version: 10.0.14393)</p>
+      <p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG), vendor-affirmed</p>
+    </td>
+  </tr>
+</table>
+
+
+#### Component Validation List
+
+<table>
+<colgroup>
+<col style="width: 50%" />
+<col style="width: 50%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td><strong>Publication / Component Validated / Description</strong></td>
+<td><strong>Implementation and Certificate #</strong></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA SigGen:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul>
+<p>Prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a></p></td>
+<td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1540">#1540</a></p>
+<p>Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1519">#1519</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1518">#1518</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>RSADP:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1517">#151</a>7</p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1516">#1516</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>ECDSA SigGen:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul>
+<p> Prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1515">#1515</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA SigGen:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul>
+<p>Prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732">#1732</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1514">#1514</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>RSADP:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1513">#1513</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1512">#1512</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>IKEv1:</li>
+<li><ul>
+<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption</li>
+<li>Pre-shared Key Length: 64-2048</li>
+<li>Diffie-Hellman shared secrets:</li>
+<li><ul>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 2048 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 256 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 384 (bits)</li>
+<li>SHA Functions: SHA-384</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269">#3269</a></p>
+<ul>
+<li>IKEv2:</li>
+<li><ul>
+<li>Derived Keying Material length: 192-1792</li>
+<li>Diffie-Hellman shared secrets:</li>
+<li><ul>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 2048 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 256 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 384 (bits)</li>
+<li>SHA Functions: SHA-384</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269">#3269</a></p>
+<ul>
+<li>TLS:</li>
+<li><ul>
+<li>Supports TLS 1.0/1.1</li>
+<li>Supports TLS 1.2:</li>
+<li><ul>
+<li>SHA Functions: SHA-256, SHA-384</li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011">#4011</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269">#3269</a></p></td>
+<td><p>Microsoft Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1511">#1511</a></p>
+<p>Version 10.0.15063.674</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA SigGen:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul>
+<p>Prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1510">#1510</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>RSADP:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1509">#1509</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1508">#1508</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>IKEv1:</li>
+<li><ul>
+<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption</li>
+<li>Pre-shared Key Length: 64-2048</li>
+<li>Diffie-Hellman shared secrets:</li>
+<li><ul>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 2048 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 256 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 384 (bits)</li>
+<li>SHA Functions: SHA-384</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268">#3268</a></p>
+<ul>
+<li>IKEv2:</li>
+<li><ul>
+<li>Derived Keying Material length: 192-1792</li>
+<li>Diffie-Hellman shared secrets:</li>
+<li><ul>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 2048 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 256 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 384 (bits)</li>
+<li>SHA Functions: SHA-384</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268">#3268</a></p>
+<ul>
+<li>TLS:</li>
+<li><ul>
+<li>Supports TLS 1.0/1.1</li>
+<li>Supports TLS 1.2:</li>
+<li><ul>
+<li>SHA Functions: SHA-256, SHA-384</li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010">#4010</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268">#3268</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1507">#1507</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA SigGen:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul>
+<p>Prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731">#1731</a></p></td>
+<td><p>Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1506">#1506</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>RSADP:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1505">#1505</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1504">#1504</a></p>
+<p>Version 10.0.15254</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>ECDSA SigGen:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul>
+<p>Prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1503">#1503</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>RSADP:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1502">#1502</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1501">#1501</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>ECDSA SigGen:</li>
+<li><ul>
+<li>P-256 SHA: SHA-256</li>
+<li>P-384 SHA: SHA-384</li>
+<li>P-521 SHA: SHA-512</li>
+</ul></li>
+</ul>
+<p>Prerequisite: DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730">#1730</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1499">#1499</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>RSADP:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1498">#1498</a></p>
+<p>Version 10.0.16299</p>
+<p> </p></td>
+</tr>
+<tr class="even">
+<td><ul>
+<li>RSASP1:</li>
+<li><ul>
+<li>Modulus Size: 2048 (bits)</li>
+<li>Padding Algorithms: PKCS 1.5</li>
+</ul></li>
+</ul></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1497">#1497</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="odd">
+<td><ul>
+<li>IKEv1:</li>
+<li><ul>
+<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption</li>
+<li>Pre-shared Key Length: 64-2048</li>
+<li>Diffie-Hellman shared secrets:</li>
+<li><ul>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 2048 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 256 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 384 (bits)</li>
+<li>SHA Functions: SHA-384</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267">#3267</a></p>
+<ul>
+<li>IKEv2:</li>
+<li><ul>
+<li>Derived Keying Material length: 192-1792</li>
+<li>Diffie-Hellman shared secrets:</li>
+<li><ul>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 2048 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 256 (bits)</li>
+<li>SHA Functions: SHA-256</li>
+</ul></li>
+<li>Diffie-Hellman shared secret:</li>
+<li><ul>
+<li>Length: 384 (bits)</li>
+<li>SHA Functions: SHA-384</li>
+</ul></li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267">#3267</a></p>
+<ul>
+<li>TLS:</li>
+<li><ul>
+<li>Supports TLS 1.0/1.1</li>
+<li>Supports TLS 1.2:</li>
+<li><ul>
+<li>SHA Functions: SHA-256, SHA-384</li>
+</ul></li>
+</ul></li>
+</ul>
+<p>Prerequisite: SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009">#4009</a>, HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267">#3267</a></p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1496">#1496</a></p>
+<p>Version 10.0.16299</p></td>
+</tr>
+<tr class="even">
+<td><p>FIPS186-4 ECDSA</p>
+<p>Signature Generation of hash sized messages</p>
+<p>ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )</p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1284">#1284</a><br />
+Version 10.0. 15063</p>
+<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1279">#1279</a><br />
+Version 10.0. 15063</p>
+<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#922">#922</a><br />
+Version 10.0.14393</p>
+<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#894">#894</a><br />
+Version 10.0.14393icrosoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#666">#666</a><br />
+Version 10.0.10586</p>
+<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#288">#288</a><br />
+Version 6.3.9600</p></td>
+</tr>
+<tr class="odd">
+<td><p>FIPS186-4 RSA; PKCS#1 v2.1</p>
+<p>RSASP1 Signature Primitive</p>
+<p>RSASP1: (Mod2048: PKCS1.5 PKCSPSS)</p></td>
+<td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1285">#1285</a><br />
+Version 10.0.15063</p>
+<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1282">#1282</a><br />
+Version 10.0.15063</p>
+<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1280">#1280</a><br />
+Version 10.0.15063</p>
+<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#893">#893</a><br />
+Version 10.0.14393</p>
+<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888">#888</a><br />
+Version 10.0.14393</p>
+<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665">#66</a>5<br />
+Version 10.0.10586</p>
+<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572">#572</a><br />
+Version  10.0.10240</p>
+<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289">#289</a><br />
+Version 6.3.9600</p></td>
+</tr>
+<tr class="even">
+<td><p>FIPS186-4 RSA; RSADP</p>
+<p>RSADP Primitive</p>
+<p>RSADP: (Mod2048)</p></td>
+<td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1283">#1283</a><br />
+Version 10.0.15063</p>
+<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281">#1281</a><br />
+Version 10.0.15063</p>
+<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#895">#895</a><br />
+Version 10.0.14393</p>
+<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#887">#887</a><br />
+Version 10.0.14393</p>
+<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#663">#663</a><br />
+Version 10.0.10586</p>
+<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#576">#576</a><br />
+Version  10.0.10240</p></td>
+</tr>
+<tr class="odd">
+<td><p>SP800-135</p>
+<p>Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS</p></td>
+<td><p>Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update and Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1496">#1496</a></p>
+<p>Version 10.0.16299</p>
+<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278">#1278</a><br />
+Version 10.0.15063</p>
+<p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1140">#1140</a><br />
+Version 7.00.2872</p>
+<p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1139">#1139</a><br />
+Version 8.00.6246</p>
+<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BcryptPrimitives and NCryptSSLp <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#886">#886</a><br />
+Version 10.0.14393</p>
+<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” BCryptPrimitives and NCryptSSLp <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#664">#664</a><br />
+Version 10.0.10586</p>
+<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BCryptPrimitives and NCryptSSLp <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#575">#575</a><br />
+Version  10.0.10240</p>
+<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 BCryptPrimitives and NCryptSSLp <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#323">#323</a><br />
+Version 6.3.9600</p></td>
+</tr>
+</tbody>
+</table>
+
+
+## References
+
+\[[FIPS 140](http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf)\] - FIPS 140-2, Security Requirements for Cryptographic Modules
+
+\[[FIPS FAQ](http://csrc.nist.gov/groups/stm/cmvp/documents/cmvpfaq.pdf)\] - Cryptographic Module Validation Program (CMVP) FAQ
+
+\[[SP 800-57](http://csrc.nist.gov/publications/pubssps.html#800-57-part1)\] - Recommendation for Key Management – Part 1: General (Revised)
+
+\[[SP 800-131A](http://csrc.nist.gov/publications/nistpubs/800-131a/sp800-131a.pdf)\] - Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths
+
+## Additional Microsoft References
+
+Enabling FIPS mode - <http://support.microsoft.com/kb/811833>
+
+Cipher Suites in Schannel - [http://msdn.microsoft.com/en-us/library/aa374757(VS.85).aspx](https://msdn.microsoft.com/en-us/library/aa374757\(vs.85\).aspx)
+
diff --git a/windows/security/threat-protection/mbsa-removal-and-guidance.md b/windows/security/threat-protection/mbsa-removal-and-guidance.md
new file mode 100644
index 0000000000..1c121d6b6a
--- /dev/null
+++ b/windows/security/threat-protection/mbsa-removal-and-guidance.md
@@ -0,0 +1,39 @@
+---
+title: Microsoft Baseline Security Analyzer (MBSA) removal and guidance on alternative solutions
+description: This article documents the removal of MBSA and alternative solutions
+keywords: MBSA, security, removal
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.author: astoica
+author: andreiztm
+ms.date: 10/04/2018
+---
+ 
+### What is Microsoft Baseline Security Analyzer and its uses?
+ 
+Microsoft Baseline Security Analyzer (MBSA) is used to verify patch compliance. MBSA also performed several other security checks for Windows, IIS, and SQL Server. Unfortunately, the logic behind these additional checks had not been actively maintained since Windows XP and Windows Server 2003. Changes in the products since then rendered many of these security checks obsolete and some of their recommendations counterproductive. 
+ 
+MBSA was largely used in situations where neither Microsoft Update nor a local WSUS/SCCM server was available, or as a compliance tool to ensure that all security updates were deployed to a managed environment. While MBSA version 2.3 support for Windows Server 2012 R2 and Windows 8.1 was added, it has since been deprecated and no longer developed. MBSA 2.3 is not updated to fully support Windows 10 and Windows Server 2016.
+ 
+### The Solution 
+A script can help you with an alternative to MBSA’s patch-compliance checking:
+ 
+- [Using WUA to Scan for Updates Offline](https://docs.microsoft.com/previous-versions/windows/desktop/aa387290(v=vs.85)), which includes a sample .vbs script. 
+For a PowerShell alternative, see [Using WUA to Scan for Updates Offline with PowerShell](https://gallery.technet.microsoft.com/Using-WUA-to-Scan-for-f7e5e0be).
+ 
+For example:
+ 
+[![VBS script](images/vbs-example.png)](https://docs.microsoft.com/previous-versions/windows/desktop/aa387290(v=vs.85)) 
+[![PowerShell script](images/powershell-example.png)](https://gallery.technet.microsoft.com/Using-WUA-to-Scan-for-f7e5e0be) 
+  
+The preceding scripts leverage the [WSUS offline scan file](https://support.microsoft.com/help/927745/detailed-information-for-developers-who-use-the-windows-update-offline) (wsusscn2.cab) to perform a scan and get the same information on missing updates as MBSA supplied. MBSA also relied on the wsusscn2.cab to determine which updates were missing from a given system without connecting to any online service or server. The wsusscn2.cab file is still available and there are currently no plans to remove or replace it.
+The wsusscn2.cab file contains the metadata of only security updates, update rollups and service packs available from Microsoft Update; it does not contain any information on non-security updates, tools or drivers.
+ 
+### More Information  
+
+For security compliance and for desktop/server hardening, we recommend the Microsoft Security Baselines and the Security Compliance Toolkit.
+
+- [Windows security baselines](windows-security-baselines.md) 
+- [Download Microsoft Security Compliance Toolkit 1.0 ](https://www.microsoft.com/download/details.aspx?id=55319) 
+- [Microsoft Security Guidance blog](https://blogs.technet.microsoft.com/secguide/)  
diff --git a/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md
index affe0ea030..4320d8ddca 100644
--- a/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md
@@ -45,7 +45,7 @@ To access Threat analytics, from the navigation pane select **Dashboards** > **T
 Click a section of each chart to get a list of the machines in the corresponding mitigation status.
 
 ## Related topics
-- [Threat analtyics](threat-analytics-windows-defender-advanced-threat-protection.md)
+- [Threat analytics](threat-analytics.md)
 - [Overview of Secure Score in Windows Defender Security Center](overview-secure-score-windows-defender-advanced-threat-protection.md)
 - [Configure the security controls in Secure score](secure-score-dashboard-windows-defender-advanced-threat-protection.md)
 
diff --git a/windows/security/threat-protection/windows-platform-common-criteria.md b/windows/security/threat-protection/windows-platform-common-criteria.md
new file mode 100644
index 0000000000..86b6688059
--- /dev/null
+++ b/windows/security/threat-protection/windows-platform-common-criteria.md
@@ -0,0 +1,165 @@
+---
+title: Windows Platform Common Criteria Certification
+description: This topic details how Microsoft supports the Common Criteria certification program.
+ms.prod: w10
+ms.localizationpriority: medium
+ms.author: daniha
+author: danihalfin
+ms.date: 04/03/2018
+---
+
+# Windows Platform Common Criteria Certification
+
+Microsoft is committed to optimizing the security of its products and services. As part of that commitment, Microsoft supports the Common Criteria certification program, continues to ensure that products incorporate the features and functions required by relevant Common Criteria protection profiles, and completes Common Criteria certifications of Microsoft Windows products.
+
+## Common Criteria Security Targets
+
+### Information for Systems Integrators and Accreditors
+
+The Security Target describes security functionality and assurance measures used to evaluate Windows.
+
+  - [Microsoft Window 10 (Creators Update)](http://download.microsoft.com/download/e/8/b/e8b8c42a-a0b6-4ba1-9bdc-e704e8289697/windows%2010%20version%201703%20gp%20os%20security%20target%20-%20public%20\(january%2016,%202018\)\(final\)\(clean\).pdf)
+  - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](http://download.microsoft.com/download/1/c/3/1c3b5ab0-e064-4350-a31f-48312180d9b5/st_vid10823-st.pdf)
+  - [Microsoft Windows 10 (Anniversary Update) and Windows 10 Mobile (Anniversary Update)](http://download.microsoft.com/download/1/5/e/15eee6d3-f2a8-4441-8cb1-ce8c2ab91c24/windows%2010%20anniversary%20update%20mdf%20security%20target%20-%20public%20\(april%203%202017\).docx)
+  - [Microsoft Windows 10 (Anniversary Update) and Windows Server 2016](http://download.microsoft.com/download/f/8/c/f8c1c2a4-719c-48ae-942f-9fd3ce5b238f/windows%2010%20au%20and%20server%202016%20gp%20os%20security%20target%20-%20public%20\(december%202%202016\)%20\(clean\).docx)
+  - [Windows 10 (Anniversary Update) and Windows Server 2016 IPsec VPN Client](http://download.microsoft.com/download/b/f/5/bf59e430-e57b-462d-8dca-8ac3c93cfcff/windows%2010%20anniversary%20update%20ipsec%20vpn%20client%20security%20target%20-%20public%20\(december%2029%202016\)%20\(clean\).docx)
+  - [Microsoft Windows 10 IPsec VPN Client](http://download.microsoft.com/download/3/7/2/372beb03-b1ed-4bb6-9b9b-b8f43afc570d/st_vid10746-st.pdf)
+  - [Microsoft Windows 10 November 2015 Update with Surface Book](http://download.microsoft.com/download/a/c/2/ac2a6ed8-4d2f-4f48-a9bf-f059d6c9af38/windows%2010%20mdf3%20security%20target%20-%20public%20\(june%2022%202016\)\(final\).docx)
+  - [Microsoft Windows 10 Mobile with Lumia 950, 950 XL, 550, 635, and Windows 10 with Surface Pro 4](https://www.niap-ccevs.org/st/st_vid10677-st.pdf)
+  - [Windows 10 and Windows Server 2012 R2](http://www.commoncriteriaportal.org/files/epfiles/st_windows10.pdf)
+  - [Windows 10](https://www.niap-ccevs.org/st/st_vid10677-st.pdf)
+  - [Windows 8.1 with Surface 3 and Windows Phone 8.1 with Lumia 635 and Lumia 830](https://www.niap-ccevs.org/st/st_vid10635-st.pdf)
+  - [Microsoft Surface Pro 3 and Windows 8.1](https://www.niap-ccevs.org/st/st_vid10632-st.pdf)
+  - [Windows 8.1 and Windows Phone 8.1](https://www.niap-ccevs.org/st/st_vid10592-st.pdf)
+  - [Windows 8 and Windows Server 2012](https://www.niap-ccevs.org/st/st_vid10520-st.pdf)
+  - [Windows 8 and Windows RT](https://www.niap-ccevs.org/st/st_vid10620-st.pdf)
+  - [Windows 8 and Windows Server 2012 BitLocker](http://www.commoncriteriaportal.org/files/epfiles/st_vid10540-st.pdf)
+  - [Windows 8, Windows RT, and Windows Server 2012 IPsec VPN Client](http://www.commoncriteriaportal.org/files/epfiles/st_vid10529-st.pdf)
+  - [Windows 7 and Windows Server 2008 R2](http://www.commoncriteriaportal.org/files/epfiles/st_vid10390-st.pdf)
+  - [Microsoft Windows Server 2008 R2 Hyper-V Role](http://www.microsoft.com/download/en/details.aspx?id=29305)
+  - [Windows Vista and Windows Server 2008 at EAL4+](http://www.commoncriteriaportal.org/files/epfiles/st_vid10291-st.pdf)
+  - [Microsoft Windows Server 2008 Hyper-V Role](http://www.commoncriteriaportal.org/files/epfiles/0570b_pdf.pdf)
+  - [Windows Vista and Windows Server 2008 at EAL1](http://www.commoncriteriaportal.org/files/epfiles/efs-t005_msvista_msserver2008_eal1_st_v1.0.pdf)
+  - [Windows Server 2003 SP2 including R2, x64, and IA64; Windows XP Professional SP2 and x64 SP2; and Windows XP Embedded SP2](http://www.commoncriteriaportal.org/files/epfiles/st_vid10184-st.pdf)
+  - [Windows Server 2003 Certificate Server](http://www.commoncriteriaportal.org/files/epfiles/st_vid9507-st.pdf)
+  - [Windows Rights Management Services (RMS) 1.0 SP2](http://www.commoncriteriaportal.org/files/epfiles/st_vid10224-st.pdf)
+
+## Common Criteria Deployment and Administration
+
+### Information for IT Administrators
+
+These documents describe how to configure Windows to replicate the configuration used during the Common Criteria evaluation.
+
+**Windows 10, Windows 10 Mobile, Windows Server 2016, Windows Server 2012 R2**
+
+  - [Microsoft Window 10 (Creators Update)](http://download.microsoft.com/download/e/9/7/e97f0c7f-e741-4657-8f79-2c0a7ca928e3/windows%2010%20cu%20gp%20os%20operational%20guidance%20\(jan%208%202017%20-%20public\).pdf)
+  - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](http://download.microsoft.com/download/d/c/4/dc40b5c8-49c2-4587-8a04-ab3b81eb6fc4/st_vid10823-agd.pdf)
+  - [Microsoft Windows 10 (Anniversary Update) and Windows 10 Mobile (Anniversary Update)](http://download.microsoft.com/download/4/c/1/4c1f4ea4-2d66-4232-a0f5-925b2bc763bc/windows%2010%20au%20operational%20guidance%20\(16%20mar%202017\)\(clean\).docx)
+  - [Microsoft Windows 10 (Anniversary Update) and Windows Server 2016](http://download.microsoft.com/download/b/5/2/b52e9081-05c6-4895-91a3-732bfa0eb4da/windows%2010%20au%20and%20server%202016%20gp%20os%20operational%20guidance%20\(final\).docx)
+  - [Windows 10 (Anniversary Update) and Windows Server 2016 IPsec VPN Client Operational Guidance](http://download.microsoft.com/download/2/c/c/2cc8f929-233e-4a40-b673-57b449680984/windows%2010%20au%20and%20server%202016%20ipsec%20vpn%20client%20operational%20guidance%20\(21%20dec%202016\)%20\(public\).docx)
+  - [Microsoft Windows 10 IPsec VPN Client](http://download.microsoft.com/download/3/3/f/33fa01dd-b380-46e1-833f-fd85854b4022/st_vid10746-agd.pdf)
+  - [Microsoft Windows 10 November 2015 Update with Surface Book Administrative Guide](http://download.microsoft.com/download/3/2/c/32c6fa02-b194-478f-a0f6-0215b47d0f40/windows%2010%20mdf3%20mobile%20device%20pp%20operational%20guidance%20\(may%2027,%202016\)\(public\).docx)
+  - [Microsoft Windows 10 Mobile and Windows 10 Administrative Guide](http://download.microsoft.com/download/2/d/c/2dce3435-9328-48e2-9813-c2559a8d39fa/microsoft%20windows%2010%20and%20windows%2010%20mobile%20guidance.pdf)
+  - [Windows 10 and Windows Server 2012 R2 Administrative Guide](http://download.microsoft.com/download/0/f/d/0fd33c9a-98ac-499e-882f-274f80f3d4f0/microsoft%20windows%2010%20and%20server%202012%20r2%20gp%20os%20guidance.pdf)
+  - [Windows 10 Common Criteria Operational Guidance](http://download.microsoft.com/download/d/6/f/d6fb4cec-f0f2-4d00-ab2e-63bde3713f44/windows%2010%20mobile%20device%20operational%20guidance.pdf)
+
+**Windows 8.1 and Windows Phone 8.1**
+
+  - [Microsoft Surface Pro 3 Common Criteria Mobile Operational Guidance](http://download.microsoft.com/download/b/e/3/be365594-daa5-4af3-a6b5-9533d61eae32/surface%20pro%203%20mobile%20operational%20guidance.docx)
+  - [Windows 8.1 and Windows Phone 8.1 CC Supplemental Admin Guide](http://download.microsoft.com/download/b/0/e/b0e30225-5017-4241-ac0a-6c40bc8e6714/mobile%20operational%20guidance.docx)
+
+**Windows 8, Windows RT, and Windows Server 2012**
+
+  - [Windows 8 and Windows Server 2012](http://download.microsoft.com/download/6/0/b/60b27ded-705a-4751-8e9f-642e635c3cf3/microsoft%20windows%208%20windows%20server%202012%20common%20criteria%20supplemental%20admin%20guidance.docx)
+  - [Windows 8 and Windows RT](http://download.microsoft.com/download/8/6/e/86e8c001-8556-4949-90cf-f5beac918026/microsoft%20windows%208%20microsoft%20windows%20rt%20common%20criteria%20supplemental%20admin.docx)
+  - [Windows 8 and Windows Server 2012 BitLocker](http://download.microsoft.com/download/0/8/4/08468080-540b-4326-91bf-f2a33b7e1764/administrative%20guidance%20for%20software%20full%20disk%20encryption%20clients.pdf)
+  - [Windows 8, Windows RT, and Windows Server 2012 IPsec VPN Client](http://download.microsoft.com/download/a/9/f/a9fd7e2d-023b-4925-a62f-58a7f1a6bd47/microsoft%20windows%208%20windows%20server%202012%20supplemental%20admin%20guidance%20ipsec%20vpn%20client.docx)
+
+**Windows 7 and Windows Server 2008 R2**
+
+  - [Windows 7 and Windows Server 2008 R2 Supplemental CC Guide](https://www.microsoft.com/downloads/en/details.aspx?familyid=ee05b6d0-9939-4765-9217-63083bb94a00)
+  - [Windows Server 2008 R2 Hyper-V Common Criteria Configuration Guide](http://www.microsoft.com/download/en/details.aspx?id=29308)
+
+**Windows Vista and Windows Server 2008**
+
+  - [Windows Vista and Windows Server 2008 Supplemental CC Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=06166288-24c4-4c42-9daa-2b2473ddf567)
+  - [Windows Server 2008 Hyper-V Role Common Criteria Administrator Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=cb19538d-9e13-4ab6-af38-8f48abfdad08)
+
+**Windows Server 2003 SP2 including R2, x64, and Itanium**
+
+  - [Windows Server 2003 SP2 R2 Common Criteria Administrator Guide 3.0](http://www.microsoft.com/downloads/details.aspx?familyid=39598841-e693-4891-9234-cfd1550f3949)
+  - [Windows Server 2003 SP2 R2 Common Criteria Configuration Guide 3.0](http://www.microsoft.com/downloads/details.aspx?familyid=4f7b6a93-0307-480f-a5af-a20268cbd7cc)
+
+**Windows Server 2003 SP1(x86), x64, and IA64**
+
+  - [Windows Server 2003 with x64 Hardware Administrator's Guide](http://www.microsoft.com/downloads/details.aspx?familyid=8a26829f-c177-4b79-913a-4135fb7b96ef)
+  - [Windows Server 2003 with x64 Hardware Configuration Guide](http://www.microsoft.com/downloads/details.aspx?familyid=3f9ecd0a-74dd-4d23-a4e5-d7b63fed70e8)
+
+**Windows Server 2003 SP1**
+
+  - [Windows Server 2003 Administrator's Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=75736009-59e9-4a71-879e-cf581817b8cc)
+  - [Windows Server 2003 Configuration Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=a0ad1856-beb7-4285-b47c-381e8a210c38)
+
+**Windows XP Professional SP2 (x86) and x64 Edition**
+
+  - [Windows XP Common Criteria Administrator Guide 3.0](http://www.microsoft.com/downloads/details.aspx?familyid=9a7f0b16-72ce-4675-aec8-58785c4e37ee)
+  - [Windows XP Common Criteria Configuration Guide 3.0](http://www.microsoft.com/downloads/details.aspx?familyid=165da57d-f066-4ddf-9462-cbecfcd68694)
+  - [Windows XP Common Criteria User Guide 3.0](http://www.microsoft.com/downloads/details.aspx?familyid=7c1a4761-9b9e-429c-84eb-cd7b034c5779)
+  - [Windows XP Professional with x64 Hardware Administrator's Guide](http://www.microsoft.com/downloads/details.aspx?familyid=346f041e-d641-4af7-bdea-c5a3246d0431)
+  - [Windows XP Professional with x64 Hardware Configuration Guide](http://www.microsoft.com/downloads/details.aspx?familyid=a7075319-cc3d-4420-a00b-8c9a7068ad54)
+  - [Windows XP Professional with x64 Hardware User’s Guide](http://www.microsoft.com/downloads/details.aspx?familyid=26c49cf5-6159-4197-97ce-bf1fdfc54569)
+
+**Windows XP Professional SP2, and XP Embedded SP2**
+
+  - [Windows XP Professional Administrator's Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=9bcac470-a0b3-4d34-a561-fa8308c0ff60)
+  - [Windows XP Professional Configuration Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=9f04915e-571a-422d-8ffa-5797051e81de)
+  - [Windows XP Professional User's Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=d39d0028-7093-495c-80da-2b5b29a54bd8)
+
+**Windows Server 2003 Certificate Server**
+
+  - [Windows Server 2003 Certificate Server Administrator's Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=445093d8-45e2-4cf6-884c-8802c1e6cb2d)
+  - [Windows Server 2003 Certificate Server Configuration Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=46abc8b5-11be-4e3d-85c2-63226c3688d2)
+  - [Windows Server 2003 Certificate Server User's Guide](http://www.microsoft.com/downloads/en/details.aspx?familyid=74f66d84-2654-48d0-b9b5-b383d383425e)
+
+## Common Criteria Evaluation Technical Reports and Certification / Validation Reports
+
+### Information for Systems Integrators and Accreditors
+
+An Evaluation Technical Report (ETR) is a report submitted to the Common Criteria certification authority for how Windows complies with the claims made in the Security Target. A Certification / Validation Report provides the results of the evaluation by the validation team.
+
+  - [Microsoft Window 10 (Creators Update)](http://download.microsoft.com/download/3/2/c/32cdf627-dd23-4266-90ff-2f9685fd15c0/2017-49%20inf-2218%20cr.pdf)
+  - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](http://download.microsoft.com/download/a/3/3/a336f881-4ac9-4c79-8202-95289f86bb7a/st_vid10823-vr.pdf)
+  - [Microsoft Windows 10 (Anniversary Update) and Windows 10 Mobile (Anniversary Update)](http://download.microsoft.com/download/f/2/f/f2f7176e-34f4-4ab0-993c-6606d207bb3c/st_vid10752-vr.pdf)
+  - [Microsoft Windows 10 (Anniversary Update) and Windows Server 2016](http://download.microsoft.com/download/5/4/8/548cc06e-c671-4502-bebf-20d38e49b731/2016-36-inf-1779.pdf)
+  - [Windows 10 (Anniversary Update) and Windows Server 2016 IPsec VPN Client](http://download.microsoft.com/download/2/0/a/20a8e686-3cd9-43c4-a22a-54b552a9788a/st_vid10753-vr.pdf)
+  - [Microsoft Windows 10 IPsec VPN Client](http://download.microsoft.com/download/9/b/6/9b633763-6078-48aa-b9ba-960da2172a11/st_vid10746-vr.pdf)
+  - [Microsoft Windows 10 November 2015 Update with Surface Book](http://download.microsoft.com/download/d/c/b/dcb7097d-1b9f-4786-bb07-3c169fefb579/st_vid10715-vr.pdf)
+  - [Microsoft Windows 10 Mobile with Lumia 950, 950 XL, 550, 635, and Windows 10 with Surface Pro 4](https://www.niap-ccevs.org/st/st_vid10694-vr.pdf)
+  - [Windows 10 and Windows Server 2012 R2](https://www.commoncriteriaportal.org/files/epfiles/cr_windows10.pdf)
+  - [Windows 10](https://www.niap-ccevs.org/st/st_vid10677-vr.pdf)
+  - [Windows 8.1 with Surface 3 and Windows Phone 8.1 with Lumia 635 and Lumia 830](https://www.niap-ccevs.org/st/st_vid10635-vr.pdf)
+  - [Microsoft Surface Pro 3 and Windows 8.1](https://www.niap-ccevs.org/st/st_vid10632-vr.pdf)
+  - [Windows 8.1 and Windows Phone 8.1](https://www.niap-ccevs.org/st/st_vid10592-vr.pdf)
+  - [Windows 8 and Windows Server 2012](https://www.niap-ccevs.org/st/st_vid10520-vr.pdf)
+  - [Windows 8 and Windows RT](https://www.niap-ccevs.org/st/st_vid10620-vr.pdf)
+  - [Windows 8 and Windows Server 2012 BitLocker](http://www.commoncriteriaportal.org/files/epfiles/st_vid10540-vr.pdf)
+  - [Windows 8, Windows RT, and Windows Server 2012 IPsec VPN Client](http://www.commoncriteriaportal.org/files/epfiles/st_vid10529-vr.pdf)
+  - [Windows 7 and Windows Server 2008 R2 Validation Report](http://www.commoncriteriaportal.org/files/epfiles/st_vid10390-vr.pdf)
+  - [Windows Vista and Windows Server 2008 Validation Report at EAL4+](http://www.commoncriteriaportal.org/files/epfiles/st_vid10291-vr.pdf)
+  - [Windows Server 2008 Hyper-V Role Certification Report](http://www.commoncriteriaportal.org/files/epfiles/0570a_pdf.pdf)
+  - [Windows Vista and Windows Server 2008 Certification Report at EAL1](http://www.commoncriteriaportal.org/files/epfiles/efs-t005_msvista_msserver2008_eal1_cr_v1.0.pdf)
+  - [Windows XP / Windows Server 2003 with x64 Hardware ETR](http://www.microsoft.com/downloads/details.aspx?familyid=6e8d98f9-25b9-4c85-9bd9-24d91ea3c9ef)
+  - [Windows XP / Windows Server 2003 with x64 Hardware ETR, Part II](http://www.microsoft.com/downloads/details.aspx?familyid=0c35e7d8-9c56-4686-b902-d5ffb9915658)
+  - [Windows Server 2003 SP2 including R2, Standard, Enterprise, Datacenter, x64, and Itanium Editions Validation Report](http://www.commoncriteriaportal.org/files/epfiles/20080303_st_vid10184-vr.pdf)
+  - [Windows XP Professional SP2 and x64 SP2 Validation Report](http://www.commoncriteriaportal.org/files/epfiles/20080303_st_vid10184-vr.pdf)
+  - [Windows XP Embedded SP2 Validation Report](http://www.commoncriteriaportal.org/files/epfiles/20080303_st_vid10184-vr.pdf)
+  - [Windows XP and Windows Server 2003 ETR](http://www.microsoft.com/downloads/details.aspx?familyid=63cf2a1e-f578-4bb5-9245-d411f0f64265)
+  - [Windows XP and Windows Server 2003 Validation Report](http://www.commoncriteriaportal.org/files/epfiles/st_vid9506-vr.pdf)
+  - [Windows Server 2003 Certificate Server ETR](http://www.microsoft.com/downloads/details.aspx?familyid=a594e77f-dcbb-4787-9d68-e4689e60a314)
+  - [Windows Server 2003 Certificate Server Validation Report](http://www.commoncriteriaportal.org/files/epfiles/st_vid9507-vr.pdf)
+  - [Microsoft Windows Rights Management Services (RMS) 1.0 SP2 Validation Report](http://www.commoncriteriaportal.org/files/epfiles/st_vid10224-vr.pdf)
+
+## Other Common Criteria Related Documents
+
+  - [Identifying Windows XP and Windows Server 2003 Common Criteria Certified Requirements for the NIST Special Publication 800-53](http://download.microsoft.com/download/a/9/6/a96d1dfc-2bd4-408d-8d93-e0ede7529691/xpws03_ccto800-53.doc)
+

From 4cc084e5ca5d9af37708581104420a6f6d245649 Mon Sep 17 00:00:00 2001
From: Liza Poggemeyer <elizapo@microsoft.com>
Date: Thu, 25 Oct 2018 20:00:35 +0000
Subject: [PATCH 3/7] Initialize open publishing repository:
 https://cpubwin.visualstudio.com/DefaultCollection/it-client/_git/it-client
 of branch live

---
 .openpublishing.publish.config.json | 16 ++++++++++
 windows/eulas/docfx.json            | 47 +++++++++++++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 windows/eulas/docfx.json

diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json
index d9934af08a..224abb8ddd 100644
--- a/.openpublishing.publish.config.json
+++ b/.openpublishing.publish.config.json
@@ -34,6 +34,22 @@
       "moniker_groups": [],
       "version": 0
     },
+    {
+      "docset_name": "eula-vsts",
+      "build_source_folder": "windows/eulas",
+      "build_output_subfolder": "eula-vsts",
+      "locale": "en-us",
+      "monikers": [],
+      "moniker_ranges": [],
+      "open_to_public_contributors": false,
+      "type_mapping": {
+        "Conceptual": "Content",
+        "ManagedReference": "Content",
+        "RestApi": "Content"
+      },
+      "build_entry_point": "docs",
+      "template_folder": "_themes"
+    },
     {
       "docset_name": "gdpr",
       "build_source_folder": "gdpr",
diff --git a/windows/eulas/docfx.json b/windows/eulas/docfx.json
new file mode 100644
index 0000000000..ff3ab96c92
--- /dev/null
+++ b/windows/eulas/docfx.json
@@ -0,0 +1,47 @@
+{
+  "build": {
+    "content": [
+      {
+        "files": [
+          "**/*.md",
+          "**/*.yml"
+        ],
+        "exclude": [
+          "**/obj/**",
+          "**/includes/**",
+          "_themes/**",
+          "_themes.pdf/**",
+          "README.md",
+          "LICENSE",
+          "LICENSE-CODE",
+          "ThirdPartyNotices"
+        ]
+      }
+    ],
+    "resource": [
+      {
+        "files": [
+          "**/*.png",
+          "**/*.jpg"
+        ],
+        "exclude": [
+          "**/obj/**",
+          "**/includes/**",
+          "_themes/**",
+          "_themes.pdf/**"
+        ]
+      }
+    ],
+    "overwrite": [],
+    "externalReference": [],
+    "globalMetadata": {
+      "breadcrumb_path": "/windows/eulas/breadcrumb/toc.json",
+      "extendBreadcrumb": true,
+      "feedback_system": "None"
+    },
+    "fileMetadata": {},
+    "template": [],
+    "dest": "eula-vsts",
+    "markdownEngineName": "markdig"
+  }
+}
\ No newline at end of file

From 2e17ac9c1505777ca66362f1929813299424f4e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dani=20Halfin=20=F0=9F=93=AC=F0=9F=94=A8?=
 <daniha@microsoft.com>
Date: Thu, 8 Nov 2018 00:26:43 +0000
Subject: [PATCH 4/7] Merged PR 12678: push to live

---
 windows/deployment/windows-autopilot/TOC.md   |   2 +
 .../windows-autopilot/user-driven-aad.md      |  54 ++++---
 .../windows-autopilot/user-driven-hybrid.md   |  25 ++-
 .../windows-autopilot/user-driven.md          |  23 +--
 ...system-components-to-microsoft-services.md | 143 ++++++++++++++----
 windows/privacy/manage-windows-endpoints.md   |   8 +-
 windows/security/threat-protection/index.md   |   4 +-
 ...ows-defender-advanced-threat-protection.md |   6 +-
 8 files changed, 188 insertions(+), 77 deletions(-)

diff --git a/windows/deployment/windows-autopilot/TOC.md b/windows/deployment/windows-autopilot/TOC.md
index 315115e706..19d3896e66 100644
--- a/windows/deployment/windows-autopilot/TOC.md
+++ b/windows/deployment/windows-autopilot/TOC.md
@@ -6,6 +6,8 @@
 ## [Scenarios and Capabilities](windows-autopilot-scenarios.md)
 ### [Support for existing devices](existing-devices.md)
 ### [User-driven mode](user-driven.md)
+#### [User-driven mode for AAD](user-driven-aad.md)
+#### [User-driven mode for hybrid AAD](user-driven-hybrid.md)
 ### [Self-deploying mode](self-deploying.md)
 ### [Enrollment status page](enrollment-status.md)
 ### [Windows Autopilot Reset](windows-autopilot-reset.md)
diff --git a/windows/deployment/windows-autopilot/user-driven-aad.md b/windows/deployment/windows-autopilot/user-driven-aad.md
index 6da9e99b33..b63517060d 100644
--- a/windows/deployment/windows-autopilot/user-driven-aad.md
+++ b/windows/deployment/windows-autopilot/user-driven-aad.md
@@ -1,19 +1,35 @@
----
-title: User-driven mode for AAD
-description: Listing of Autopilot scenarios
-keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: low
-ms.sitesec: library
-ms.pagetype: deploy
-author: greg-lindsay
-ms.author: greg-lindsay
-ms.date: 10/02/2018
----
-
-# Windows Autopilot user-driven mode for Azure Active Directory
-
-**Applies to: Windows 10**
-
-PLACEHOLDER.  This topic is a placeholder for the AAD-specific instuctions currently in user-driven.md.
+---
+title: User-driven mode for AAD
+description: Listing of Autopilot scenarios
+keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: low
+ms.sitesec: library
+ms.pagetype: deploy
+author: greg-lindsay
+ms.author: greg-lindsay
+ms.date: 11/07/2018
+---
+
+# Windows Autopilot user-driven mode for Azure Active Directory join
+
+**Applies to: Windows 10**
+
+## Procedures
+
+In order to perform a user-driven deployment using Windows Autopilot, the following preparation steps need to be completed:
+
+-   Ensure that the users who will be performing user-driven mode deployments are able to join devices to Azure Active Directory.  See [Configure device settings](https://docs.microsoft.com/azure/active-directory/device-management-azure-portal#configure-device-settings) in the Azure Active Directory documentation for more information.
+-   Create an Autopilot profile for user-driven mode with the desired settings.  In Microsoft Intune, this mode is explicitly chosen when creating the profile. With Microsoft Store for Business and Partner Center, user-driven mode is the default and does not need to be selected.
+-   If using Intune, create a device group in Azure Active Directory and assign the Autopilot profile to that group.
+
+For each device that will be deployed using user-driven deployment, these additional steps are needed:
+
+-   Ensure that the device has been added to Windows Autopilot.  This can be done automatically by an OEM or partner at the time the device is purchased, or it can be done through a manual harvesting process later.  See [Adding devices to Windows Autopilot](add-devices.md) for more information.
+-   Ensure an Autopilot profile has been assigned to the device:
+    -   If using Intune and Azure Active Directory dynamic device groups, this can be done automatically.
+    -   If using Intune and Azure Active Directory static device groups, manually add the device to the device group.
+    -   If using other methods (e.g. Microsoft Store for Business or Partner Center), manually assign an Autopilot profile to the device.
+
+Also see the **Validation** section in the [Windows Autopilot user-driven mode](user-driven.md) topic. 
diff --git a/windows/deployment/windows-autopilot/user-driven-hybrid.md b/windows/deployment/windows-autopilot/user-driven-hybrid.md
index 6f4a760dcc..88e4a87f15 100644
--- a/windows/deployment/windows-autopilot/user-driven-hybrid.md
+++ b/windows/deployment/windows-autopilot/user-driven-hybrid.md
@@ -9,12 +9,31 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: greg-lindsay
 ms.author: greg-lindsay
-ms.date: 10/02/2018
+ms.date: 11/07/2018
 ---
 
 
-# Windows Autopilot user-driven mode for Hybrid Azure Active Directory Join
+# Windows Autopilot user-driven mode for hybrid Azure Active Directory join
 
 **Applies to: Windows 10**
 
-PLACEHOLDER.  This topic is a placeholder for the AD-specific (hybrid) instuctions.
+Windows Autopilot requires that devices be Azure Active Directory joined. If you have an on-premises Active Directory environment and want to also join devices to your on-premises domain, you can accomplish this by configuring Autopilot devices to be [hybrid Azure Active Directory (AAD) joined](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan).  
+
+## Requirements
+
+To perform a user-driven hybrid AAD joined deployment using Windows Autopilot:
+
+- Users must be able to join devices to Azure Active Directory.
+- A Windows Autopilot profile for user-driven mode must be created and 
+    - **Hybrid Azure AD joined** must be specified as the selected option under **Join to Azure AD as** in the Autopilot profile.
+- If using Intune, a device group in Azure Active Directory must exist with the Windows Autopilot profile assigned to that group.
+- The device must be running Windows 10, version 1809 or later.
+- The device must be connected to the Internet and have access to an Active Directory domain controller.
+- The Intune Connector for Active Directory must be installed.
+    - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf. 
+
+## Step by step instructions
+
+See [Deploy hybrid Azure AD joined devices using Intune and Windows Autopilot](https://docs.microsoft.com/intune/windows-autopilot-hybrid).
+
+Also see the **Validation** section in the [Windows Autopilot user-driven mode](user-driven.md) topic. 
\ No newline at end of file
diff --git a/windows/deployment/windows-autopilot/user-driven.md b/windows/deployment/windows-autopilot/user-driven.md
index 1aa1ad5321..4fd86ef3b5 100644
--- a/windows/deployment/windows-autopilot/user-driven.md
+++ b/windows/deployment/windows-autopilot/user-driven.md
@@ -8,11 +8,13 @@ ms.localizationpriority: medium
 ms.sitesec: library
 ms.pagetype: deploy
 author: greg-lindsay
-ms.date: 10/02/2018
+ms.date: 11/07/2018
 ms.author: greg-lindsay
-ms.date: 10/02/2018
+ms.date: 11/07/2018
 ---
 
+# Windows Autopilot user-driven mode
+
 Windows Autopilot user-driven mode is designed to enable new Windows 10 devices to be transformed from their initial state, directly from the factory, into a ready-to-use state without requiring that IT personnel ever touch the device.  The process is designed to be simple so that anyone can complete it, enabling devices to be shipped or distributed to the end user directly with simple instructions:
 
 -   Unbox the device, plug it in, and turn it on.
@@ -24,21 +26,12 @@ After completing those simple steps, the remainder of the process is completely
 
 Today, Windows Autopilot user-driven mode supports joining devices to Azure Active Directory.  Support for Hybrid Azure Active Directory Join (with devices joined to an on-premises Active Directory domain) will be available in a future Windows 10 release.  See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
 
-## Step by step
+## Available user-driven modes
 
-In order to perform a user-driven deployment using Windows Autopilot, the following preparation steps need to be completed:
+The following options are available for user-driven deployment:
 
--   Ensure that the users who will be performing user-driven mode deployments are able to join devices to Azure Active Directory.  See [Configure device settings](https://docs.microsoft.com/azure/active-directory/device-management-azure-portal#configure-device-settings) in the Azure Active Directory documentation for more information.
--   Create an Autopilot profile for user-driven mode with the desired settings.  In Microsoft Intune, this mode is explicitly chosen when creating the profile. With Microsoft Store for Business and Partner Center, user-driven mode is the default and does not need to be selected.
--   If using Intune, create a device group in Azure Active Directory and assign the Autopilot profile to that group.
-
-For each machine that will be deployed using user-driven deployment, these additional steps are needed:
-
--   Ensure that the device has been added to Windows Autopilot.  This can be done automatically by an OEM or partner at the time the device is purchased, or it can be done through a manual harvesting process later.  See [Adding devices to Windows Autopilot](add-devices.md) for more information.
--   Ensure an Autopilot profile has been assigned to the device:
-    -   If using Intune and Azure Active Directory dynamic device groups, this can be done automatically.
-    -   If using Intune and Azure Active Directory static device groups, manually add the device to the device group.
-    -   If using other methods (e.g. Microsoft Store for Business or Partner Center), manually assign an Autopilot profile to the device.
+- [Azure Active Directory join](user-driven-aad.md) is available if devices do not need to be joined to an on-prem Active Directory domain.
+- [Hybrid Azure Active Directory join](user-driven-hybrid.md) is available for devices that must be joined to both Azure Active Directory and your on-prem Active Directory domain.
 
 ## Validation
 
diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 865d98939f..3ac0a072a3 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -18,6 +18,7 @@ ms.date: 06/05/2018
 
 -   Windows 10 Enterprise, version 1607 and newer
 -   Windows Server 2016
+-   Windows Server 2019
 
 If you're looking for content on what each diagnostic data level means and how to configure it in your organization, see [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md).
 
@@ -43,6 +44,12 @@ Note that **Get Help** and **Give us Feedback** links no longer work after the W
 
 We are always striving to improve our documentation and welcome your feedback. You can provide feedback by contacting telmhelp@microsoft.com.
 
+## What's new in Windows 10, version 1809 Enterprise edition
+
+Here's a list of changes that were made to this article for Windows 10, version 1809:
+
+- Added a policy to disable Windows Defender SmartScreen
+
 ## What's new in Windows 10, version 1803 Enterprise edition
 
 Here's a list of changes that were made to this article for Windows 10, version 1803:
@@ -99,19 +106,19 @@ The following table lists management options for each setting, beginning with Wi
 
 | Setting | UI | Group Policy | MDM policy | Registry | Command line |
 | - | :-: | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | | |
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
 | [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [5. Find My Device](#find-my-device) | | ![Check mark](images/checkmark.png) | | | |
-| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 | [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
 | [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
 | [9. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
 | [10. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 | [11. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 | [12. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
-| [13. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [13. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 | [14. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
 | [15. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
 | [16. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) |
@@ -142,6 +149,7 @@ The following table lists management options for each setting, beginning with Wi
 | [21. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [22. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
 | [23. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[23.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 | [24. Windows Media Player](#bkmk-wmp) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) |
 | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
@@ -202,6 +210,63 @@ See the following table for a summary of the management settings for Windows Ser
 | [21. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) |
 | [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | |
 
+### Settings for Windows Server 2019
+
+See the following table for a summary of the management settings for Windows Server 2019.
+
+| Setting | UI | Group Policy | MDM policy | Registry | Command line |
+| - | :-: | :-: | :-: | :-: | :-: |
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
+| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [9. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [10. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [11. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [12. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
+| [13. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [14. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [15. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [16. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) |
+| [17. Settings > Privacy](#bkmk-settingssection) | | | | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.6 Speech, inking, & typing](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[17.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [18. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [19. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  | |
+| [20. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [21. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [22. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| [23. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[23.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [24. Windows Media Player](#bkmk-wmp) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) |
+| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  | |
+| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | |
+
 ## How to configure each setting
 
 Use the following sections for more information about how to configure each setting.
@@ -336,9 +401,17 @@ After that, configure the following:
 
 ### <a href="" id="bkmk-devinst"></a>4. Device metadata retrieval
 
-To prevent Windows from retrieving device metadata from the Internet, apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **System** &gt; **Device Installation** &gt; **Prevent device metadata retrieval from the Internet**.
+To prevent Windows from retrieving device metadata from the Internet:
 
-You can also create a new REG\_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one).
+- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **System** &gt; **Device Installation** &gt; **Prevent device metadata retrieval from the Internet**.
+
+    -or -
+
+- Create a new REG\_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one).
+
+    -or -
+
+- Apply the DeviceInstallation/PreventDeviceMetadataFromNetwork MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork).
 
 ### <a href="" id="find-my-device"></a>5. Find My Device
 
@@ -608,7 +681,7 @@ You can turn off NCSI by doing one of the following:
 
 -   Enable the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **System** &gt; **Internet Communication Management** &gt; **Internet Communication Settings** &gt; **Turn off Windows Network Connectivity Status Indicator active tests**
 
-- In Windows 10, version 1703 and later, apply the Connectivity/DisallowNetworkConnectivityActiveTests MDM policy.
+- In Windows 10, version 1703 and later, apply the Connectivity/DisallowNetworkConnectivityActiveTests MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) with a value of 1.
 
 > [!NOTE]
 > After you apply this policy, you must restart the device for the policy setting to take effect.
@@ -879,31 +952,13 @@ To turn off **Turn on SmartScreen Filter to check web content (URLs) that Micros
 
     -or-
 
--   In Windows Server 2016, apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Microsoft Edge** &gt; **Configure SmartScreen Filter**.
-    In Windows 10, version 1703, apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Microsoft Edge** &gt; **Configure Windows Defender SmartScreen Filter**.
-
-    In Windows Server 2016, apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **File Explorer** &gt; **Configure Windows SmartScreen**.
-    In Windows 10, version 1703 , apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **File Explorer** &gt; **Configure Windows Defender SmartScreen**.
-
-    -or-
-
--   Apply the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on.
-
-    -or-
-
 -   Create a provisioning package, using:
-
-    -   For Internet Explorer: **Runtime settings** &gt; **Policies** &gt; **Browser** &gt; **AllowSmartScreen**
-
-    -   For Microsoft Edge: **Runtime settings** &gt; **Policies** &gt; **MicrosoftEdge** &gt; **AllowSmartScreen**
+    - For Internet Explorer: **Runtime settings > Policies > Browser > AllowSmartScreen**
+    - For Microsoft Edge: **Runtime settings > Policies > MicrosoftEdge > AllowSmartScreen**
 
     -or-
 
--   Create a REG\_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AppHost** with a value of 0 (zero).
-
-    -or-
-
--   Create a REG\_DWORD registry setting named **EnableSmartScreen** in **HKEY\_LOCAL\_MACHINE\\Sofware\\Policies\\Microsoft\\Windows\\System** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost** with a value of 0 (zero).
 
 To turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**:
 
@@ -1793,6 +1848,36 @@ For Windows 10 only, you can stop Enhanced Notifications:
 
 You can also use the registry to turn off Malicious Software Reporting Tool diagnostic data by setting the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to 1.
 
+### <a href="" id="bkmk-defender-smartscreen"></a>23.1 Windows Defender SmartScreen
+
+To disable Windows Defender Smartscreen:
+
+- In Group Policy, configure - **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** : **Disable**
+
+  -or-
+
+- **Computer Configuration > Administrative Templates > Windows Components > File Explorer > Configure Windows Defender SmartScreen** : **Disable**
+
+       -and-
+
+- **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure app install control** : **Enable**
+
+  -or-
+
+- Create a REG_DWORD registry setting named **EnableSmartScreen** in **HKEY_LOCAL_MACHINE\Sofware\Policies\Microsoft\Windows\System** with a value of 0 (zero).
+
+       -and-
+
+- Create a REG_DWORD registry setting named **ConfigureAppInstallControlEnabled** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of 1.
+ 
+       -and-
+
+- Create a SZ registry setting named **ConfigureAppInstallControl** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of **Anywhere**.
+
+  -or-
+
+- Apply the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on.
+
 ### <a href="" id="bkmk-wmp"></a>24. Windows Media Player
 
 To remove Windows Media Player on Windows 10:
diff --git a/windows/privacy/manage-windows-endpoints.md b/windows/privacy/manage-windows-endpoints.md
index 721814aabe..c324f877dd 100644
--- a/windows/privacy/manage-windows-endpoints.md
+++ b/windows/privacy/manage-windows-endpoints.md
@@ -145,13 +145,9 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
 
 ## Certificates
 
-The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses. 
+The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses.
 
-| Source process | Protocol | Destination | Applies from Windows 10 version |
-|----------------|----------|------------|----------------------------------|
-| svchost        | HTTP     | ctldl.windowsupdate.com | 1709 |
-
-The following endpoints are used to download certificates that are publicly known to be fraudulent.
+Additionally, it is used to download certificates that are publicly known to be fraudulent.
 These settings are critical for both Windows security and the overall security of the Internet. 
 We do not recommend blocking this endpoint.
 If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device.
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index a83dc7afac..028116204e 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -63,8 +63,8 @@ To further reinforce the security perimeter of your network, Windows Defender AT
 
 <a name="edr"></a>
 
-**[Endpoint protection and response](windows-defender-atp/overview-endpoint-detection-response.md)**<br>
-Endpoint protection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars. 
+**[Endpoint detection and response](windows-defender-atp/overview-endpoint-detection-response.md)**<br>
+Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars. 
 
 - [Alerts](windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md)
 - [Historical endpoint data](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
diff --git a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md
index abe99e8194..6d9b834f75 100644
--- a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
-ms.date: 10/26/2018
+ms.date: 11/07/2018
 ---
 
 # Windows Defender Advanced Threat Protection
@@ -76,8 +76,8 @@ To further reinforce the security perimeter of your network, Windows Defender AT
 
 <a name="edr"></a>
 
-**[Endpoint protection and response](overview-endpoint-detection-response.md)**<br>
-Endpoint protection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars. 
+**[Endpoint detection and response](overview-endpoint-detection-response.md)**<br>
+Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars. 
 
 <a name="ai"></a>
 

From ec1d8ca0e63ed5c664710a2d839da635ee294d79 Mon Sep 17 00:00:00 2001
From: Liza Poggemeyer <elizapo@microsoft.com>
Date: Sat, 10 Nov 2018 00:06:25 +0000
Subject: [PATCH 5/7] Merged PR 12741: WaaS servicing white paper from marcom

---
 windows/deployment/TOC.md                     |   1 +
 .../update/images/servicing-cadence.png       | Bin 0 -> 54411 bytes
 .../update/images/servicing-previews.png      | Bin 0 -> 78290 bytes
 .../update/waas-servicing-differences.md      | 106 ++++++++++++++++++
 4 files changed, 107 insertions(+)
 create mode 100644 windows/deployment/update/images/servicing-cadence.png
 create mode 100644 windows/deployment/update/images/servicing-previews.png
 create mode 100644 windows/deployment/update/waas-servicing-differences.md

diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md
index aa375d690f..00acdc9318 100644
--- a/windows/deployment/TOC.md
+++ b/windows/deployment/TOC.md
@@ -215,6 +215,7 @@
 ### [Quick guide to Windows as a service](update/waas-quick-start.md)
 #### [Servicing stack updates](update/servicing-stack-updates.md)
 ### [Overview of Windows as a service](update/waas-overview.md)
+### [Understand how servicing differs in Windows 10](update/waas-servicing-differences.md)
 ### [Prepare servicing strategy for Windows 10 updates](update/waas-servicing-strategy-windows-10-updates.md)
 ### [Build deployment rings for Windows 10 updates](update/waas-deployment-rings-windows-10-updates.md)
 ### [Assign devices to servicing channels for Windows 10 updates](update/waas-servicing-channels-windows-10-updates.md)
diff --git a/windows/deployment/update/images/servicing-cadence.png b/windows/deployment/update/images/servicing-cadence.png
new file mode 100644
index 0000000000000000000000000000000000000000..cb79ff70be87615b9d11ac3e3b2b69c9f5209705
GIT binary patch
literal 54411
zcmX6^1yEdFvs~QaBe+9w3GNO-LV~+nkl^m_?gY1>3GVLhF2UVpaff|3|D%f9T8eAu
z&gq%y?uk&8mqtS-L<WICXfj_UltCcqA`l4bJ0djjm#E!+CEx?fNm*JPR5?j}419q#
z7n2hMfokGVUX9>@?@0Dvw46X7lCXcjP;vWLrXbKfxr~IEs=NN#TbPEb%qn+mj>vww
z)8ezwA>IbqCzq8W-`IVeANb)okszU_`~U}s-Jj(&$#;lKa<s<DIlVW(m(}`<Bd5&O
zXv~^K(m1Sjsi<tZ&Gmc*=i;=J@x5z<&8RmR35!NnP!E5T!)S+eb`0rFtSY)?no8{X
z-K;k_0tIE)i$-=(s#7A#KrTP_p*zX!r7eY7+Ns1R{>YIW-aKn<N(`|MCXLmB!pM6n
zc!X|*{M9ht*6X3|8a_&XGdp3GdDs@ma+UNeVP$(|>vQY#PE@H+(^t1mx(%;7lbhw&
zOG-YX*aK)xX{R8J9~#zbZ_TFhj}~PN_I|E=Y#)fK-|gjlTLOVYE-Qt2B3U}f?Ygc@
zk?AolR$;X&zUYXlVazVi$ju5O8fC-ErbXAYcAEE^xbJ-*eEt}gZVg^RYn)xV7~hG#
zEkAhKc^<1O#n_-<b!|c1BXLx0^GrQRRlTc~7|3^j8V`>q*d~B1$Fs40c?35cck`Ui
z(!wIr(ZD0q!lC%k2VUyz;qg<+qT^DK5>gmTy-vDqcW^=>vO2-Y;LJAi>c={NZ1}=a
zj#fx!5MURebWL6$EL28aS6ElrNVI8Hd++mZ-oI^s`)1r5Ji?0fZ(-r-VccW{yf)Oh
zbQ(<Ija<j{jL!cI;jC8q&p7$Xsj-CroQOyqk4*L-E~&y(K*Lf%!VEC*fkqnGK}hpL
zmhPTgjH0JIZG(>gU|t$8UWoOlXb@^Pj_eWFd*;@j4SJX8stConsLNVKns_XP%l=yF
zNyzBaH7s9&U9D@zb8Qsx?kOpv!Rf3|$WTLmIR|Z@z+bJrX6tn93K!1W)Dqn*K{*#E
z*%|vXqss{&a=V2Mh~;ng{_EYz`#hRT?sfSQ^db8Sv#yo$5@%1Rmt)wig9qiZqwvPR
z&f-Td6mX$BCZ!h7RCte{_RN0ZiNws~hQKrRJ*w*@;L3d;|99p3+ub__Ebq8;J)0=%
zuGvfFW%nyd9OA|9x8*UcpTOR^H0`n6eS-rX7GrJVSsxNe2)B#okekQr%|qv<!`FeN
zK#m_=XIne8MpBVkgsVJ%S&x4Lms>TsVi-#J1J@D!Uto$Bt^du`Te)K`c;73yo;bXQ
zxi@85F1$p+>C<sBMm}u7^2<K$H^V26_nJo(^}V0c-@BikK!$WI%N(M}3o`kUS1zRx
zX!DEk{DnNd<I~8tO9Ol6O5cIKhnBwQ#C>VaNDaqz4Ri6lU7grl^yOQr=e88V+O)$d
ztZ+c@NKYY8j;j`o;Gi+SKJN{I2l|fmyI)<bEdHx&fwfvB|B)#7=ut|Zy4Li@tZALM
zaSRAK9a99W3U}~9wq0HL*Bc|z_)gX$k;TFv-NV;FO@cJ|SeoD2u45{J;Hl53-w~5T
z$fO~3B*~axk@4`Xlb^s7E4~d!X4)=NwpNls=~seSH2?iOm!$CV#<JHYjye%I>cq`}
zMc<FtTr2;>9@~ZiXsE`{mT!q;ig)8KfIS}zM#+*+Aenp=QzV6&K^()vO^?MRUdcdp
z!RBrL9yESuzJu2Lm=iICV(@dRNsA+D)egzBF^fery<8ig5l+S)Yam2LTrzq^2#HQE
znO+YOWMybn4m>QwmG^s0(?Z4$`h0LF|5XAjihso6zx|LylRG~zN7BeCcM~CvL!@x*
zyH>hq7W5!jRUj`IM~g3rL1!v5c_-bXfQ<Vb66yCvc`$2O;I4V6qPV4IeNjW>ogw-$
z-8~wBfSr5jm{*yiHKTg-pUyd6#c{kTFLUZRobSB0F2uv6wq!TE9RzC|Ad`2IlfGt`
z<K|l9GKOnSW=oV4R7-gSk`r3sOwDco&ZJ~q(=|rVvxc{1+oAcmi%b25gnykU+}idt
ztrHuoH!3@I64AA^&69%rV4RMc4ht^upB7`S!dwfvNLWqSz@o1y2;bM25>CVwp?TS2
zBRC|T(89(ex%vJoEXaAfLWM!FL^-}cwC=xp4}4-%p8u`46qP$lSeiNE({SFw8kZa4
z^>1}97^KG9+OI3eSjqy?O;{q6#8h5jk!j$ON<!I0a*W*lTO|&kC;rCQ@XF&lDthg!
z{jAJC-PQ9Yc;ImG0ro)u-9Af3echp6Yw`YY2Rp=P8G<yG=W}O2{5MM=Gy!J)Ebjhk
zcM8~dVc?%gbvmd*J`0IRSW9@o6X>eCqpSFo?HARuMU>~MOhpglH_5Zor#T4r;e#4t
zFKT!h#jl+rJ;w&b=f^|2U8^y$H2!y-c4@|VT+v<T)Se#^Z6+bS(6_~znshhRO3?i0
z|3ubZ930vO-|H_D3Oj2Pc*ZgMe!ARoI3WGITb!Z^Lq8^)FM_F%&xwx4dGWEMbyz>}
zb^qgNp7T)@@d*m<zLqfUUG|>eSgh<~Ix;VxG8qrK5=vsj+Ijqs`cVvnyK!~HjGNkk
z;Z<0SEqnFG_G@@}HpSQ$a~ft&0O7ZX>lfcT@3D|TPC2K~UJ$)k{8J7B4&c%zXGKHL
z=#~ykcRRUFrj8_qCIp;BnQmhCpO*?>GTgEQ5KOSsH}ROR(Qqqe)xjNF*HY_iZ%aA8
z2Ui>frvFZmy!ZY5!2O}Jder_=e;F*mshF_aJSX?p(IXWu(#$vd7Dze(xTwp*z}`J7
zHC^p4sovGR?Ek*G_mvB%5l&LV0@hsWv-{VIUlY%o+GI{2?Oc<CGXrUFbLidY`XZtP
zDMUrt*rsi`QAL#t6!!Q$z3fmd(@pOiwrCy_aD3`MQeh4`lF6K$XhZJnNoi!I!~w7(
z&^n&FwLhx+%KxxNr=MO9@9_waneo7|lDFBmFCIYE#8p=KS!K=l&F0Q-l_M<V`b|87
zfX$}A906Nvd_*vLR}XXdMGQJUlwZ{RzCu<VK)P~<A8xE}xg)<3fdHkXdE-p&oN<;`
zBx+_MnndFyAtqrlLGfm%dzy`6F!>TTqpfNB+xkd~CZhfmBqAQQChWUsv-^O$+Wgg8
zQRaxM^v1do)EzkCQ9yj~;WM10on!S6<9K`Z!hS!6djK)^@78s7jCxH9gMrta@H2X?
z@mwP+g@!I~g~lmt%JbaY%id&ItYYE7-^}1={=1nCf3okZg&t5oq+=!$fHjDEY4VbA
z6ZGC<Kqe%WTbQqTQ2$Z<@TEy7Nde%`{#A^R-Fw$!z3W}JfZ{mlaYkhFeG!zdG8p0v
zZ-39}?Oi0Ysjw5>7)M!n>6I(4NC?Kd#LgZIZTr%7li~(#V??M?{)1%GCef}<H@Vp2
zU_~zX-`cPu|67}n=kTkPGCtGqXFw)Z#Jm+ynDe0U4hr$I#iewr?5KDj%HW(P{YyxN
zJPq2?+a%uxDiW{&JLGTr(+ziR(pIt}rqS(XG#CrJc?XXs1B?2}$BU--wOJAg{tg9a
zDk8D+i@KhlO3X0E`X`;A`Oh|92Wvm*e_>TV;LAhEbh8+f)RNaRX?<Vg3nj9))+HU-
zB@oBs5@t6J26Wj${Xv}M9`c>i&zOd$wS;b0y!&<%N3X$lEq{+_yZt0zZ?WQ|4OBR;
zl(x8Gf#U2#*A?QMH_OnxBAYg{Z{7lccn!|AGd?tZOh8UYtxI0K%kt4ig5VH?7QnaY
z1T<lY-xUrzPJJ{~Z8Yn?^`(oE6|-z1ytaSBLyjy%^U->`Sa*`_+mUm;q<$4~UvT+U
zEN6aW+N$o^)G!B~ODcS;prfW1<F`E0@n=0c>hjmN@I{B3_WHcrlCjI0Y#9aiBndzH
zu%%cQ0ysIP-S5xGF0_N*gSsai7oYX9oh;lmIF-I(rK>Hkwt|O{+U=85h7*sKvksmO
z^{Kd@vw?#|SJu9!cn@?5OD9s(f(}M7AsYH>ZZ4~n!he2mJy%*~c%@jUsC*9$fZmt%
z5?1s!&r!!!C$QjVH)41Gx8eUv=*=g1raP|(jpX&GZw|uf+B6^7&C3m!p%>hp)s0eT
z;v~CmzxTc<@Ed@*;k0OS7{diqypE{}j{TCBIT^*-H$>hBR|%_K%$wwNR*>opH!GAS
z0zp7F>2*Q>oBAd`6E4EiIWJ8-p#>ytSE_UdC^s^^{U@6%b7!TYn~Mm`tHX(=g*@}W
zWM5DbS7%->ifSEp{|LUuwV_qeBrRNNYR5?zdh|EClUIHYc!ovJk3G~b?@-Sy_%-4E
zXiM;0PiG|n<QCHKC<+@cP*Jzy`OPx=i&1~gn$r}6gGRYcPgtBzs_&KL&%POy-^eQ;
zruOZ+l<Vo_h5I8=NRjGEOdf+lJ#JUm$=^as#S=$l(@>TEK~D57nL1~hm%$%G`kwAE
zn1HKfydW(5BRtz=JukiWS+Q7+V^&R;uK79U+mM=C@s3}OE#~^sw-C*{6G+p^ogd`t
z{!e+2CHQVL^R7x{uF_%sZfXy0_|R^#7-D7Pd0ix~i)qHw_w;_4dyHV4x-&Jr+XAV3
zKJO=|K!ow-BlfY;qV<JTsa0WqqJt&%E}41m!=*kVfD21(f2~F49)gt1>kzXn@x<r&
zJ54ceo9>K8RxnKaxg=TW*JGOzKa#qQS;lk~mR=o-EEV>k*<4iD6P1hDs0Fq-jq+#m
zk4Nq7yDveWpYHtL?hkT)qu)y$QJjmYm*}}y4(%qcse3bZ{!nHuV=w?AquU@;cfNm_
zL^1t7753R<8g_YFIH~F%(!;Z?AGl#~oODY$pDc2+<V5k<ch}q_VFyaHbj&X`C6X*{
zeFjplW*y_$^mi+34g+s}mpd0O>%b_M+dKu>FM_#{DUmtb;sw#3p{!w&rr7A~k9`_6
zWuo;(4TCK+{l<AWcih<%L!V$l`*wmAPPg|dON86zl=7f?eSPWHaF_@4pqDw$iFLD=
z+%_%~icL>8cgdX1#qW)fdP%MbqA0EZ7#S<s7aP+Ill`}jAKzl?33EX`w|71-gHcY}
zVnV0)Kh&wp5^_@H$BOWLa{b9NjCV4N_357hP+R#PfIX{V*kJ0Pm;L&~l#c7Kg47&B
z@xOGv1(c5?hK1{fZJ&O>*?7^sieDn1wnDT;eS(a)u~eiKI&`tCc~%W;b*#}9g|i&d
zQ$o2pvX0|FulQBTm3Vg@N28;Y8T%hLIoA=poodT%4vq*PydVYi0<dy^zd;&Bay8AH
zxjJ!IL8B*mShdPQ3;&@Lp$*}DYH&9h47WT%6ZN(<KTf}994YB=ooM-8?#AG8qlFYh
zG_7q7A4>3X)Aa{`4EL#YuA<T=i31ZJy3qbh1s=*VEvq+9{OWMiNKd|qtED1=cI)3@
zVHyKk0Q|hOIqP+*IxC+|GYL1~Ri}omYVd_&>=_UfGo&x$y0lW|hn5rsnZlCLj2BZ}
z$WgUS@e;%iE9Wj*OKpp>I^%r7n=kMvM$GjtT4SfJhj%yNUHQ}Q2m9<Ew5t-A=4+a|
z2>o9U$|b}Oz3MM%V9AvfmTRFqFeXfTIvLFeOC5WM^^NkMBMhJ8Dn#wb>#mmkZh-|E
ziw1|Gnw;(ZH+$>5QQY}jTH5$CyKTxO@825`Evj7bes+LcC&VB`Aj~R>!0!x)t6~3-
z))8Y3X$AgnmfjIS8A!x1-8@mWP~&D}8Kj2aCaVjy2y*vSFNDPi1Xp!Y?>+z#Y$o-^
z-pbn_K(7zF9#nr2oG2%EF_1RFol389Toy@z!|9(zsOU2Vm=<D$zVVDXV6qGZkvsPD
z@pgiVx~ez=R}y-GS8LFrGPht;W_$8vn?!s(PJha&Lt^#t<C6awDZB-Yg};eGrsz%Q
zkPG_jU78ffXqn*=cEMqE{jY4?o9m51xkp1&=gNp(V|fu4gL?jz^HJf2)f-cBIw?@H
zDp?NaZk_xfro<WP@Y<jZaoHTV!LLmT-nH-sJZc#ugNNLUzTclU-1aEWGHIceQwZyz
z@1=LX<*G0F_{i}@ORA=6)3I*mbt(1<d4NYV*|`(s)=)%}IeFx&#|RGvROGSiv{It#
zGSaWduXkZi#tJ94MN93<T+HFrdeFyO6J}8bBAdG|xMjdc>Vor9L)zxcLyP;L83}kq
zLrwpdu@+OWk{s2o)9#(jse^(YRjzv~1EzjjiQHj<mwM%lCFqwe1HWPe56MT;+>u9L
zO;JXiuVkh^x4v4`JWGj4NnQUSMVMCZT>a>DKLVNV=sjwH03M3<$H`CeX%B;gPA`Pb
z=YVE(ecqb<E&H$tH{DOn6%<fMoaL>!b0g9?Cbr)GTV~oZ3mYgb1{yO>t$Le(liWKE
zku{jN4m{XqhY~$KQKG+{*Fmh~yVc8VxVJyX)U|IkKS+(p+KPZ;!H}IzCvONIg!I^9
zaw!NYkTcg)mty#06&@Xa=;zWx9py_byePFyi>{`or25U=5?5ooQi!4c)|GIl`TJXS
zpqYTRK=R|V`A<I~+gzk1jDInTa4fRa1OUZ-v8QD12U*tiPc=j|vS?VJmZ>1$OUx#i
z1J&p)?HOv_%wSstgtE>;5Dd<z)-znZYSqE>Oy9@_7W}_v?>+!b(|C0J^iV1_Lvj1&
zA?WoS@9U(#&cyn&LsViX=2YMvX5wIk2Boj=FDw?{mC{}udp>=+Hk+fLElP!bWTL?U
zmjY?cwvG&w#vL4uXZTB2jd}^g^6}-=0So%*)XYA&8sLF+_OM(nQfL{DY00_&`%nqA
zYTKBEIY#(USZH@9lC>u%r<U~wEAbT8=ptAQ0A^ek4P9S!HeWQIrzaoNXS1TB#HSmY
zPJg;iF=N?Z$AIEpDR#pgmpPR0+;o<Dn9ydYL+1tai!EobotWoSpo;VFO1w^D66n&d
zZN~W=<CxbYMo7pX;Ev8|xi?2O@fzG-(Sr7{n%fZPM1W@79&?KSGdn8F7p<`P4-zjO
zl;!75`ar7+M9p(LME#|Wb`~C>J*M$Mao_L<{}UGLMIdmYD=55q5{4@0$l7)i9V?RK
zHMF}|@dz4_U**BF``76qF7M`kStWK9McG8Dq&l^A;p&dr@F~zNwL)9TmFuv951oRk
z_?x=QNxzq;9>0E;H<69C*ayz;ecbp~<QKG*;yReSD2Ik6XMB3Bhr`h_qm?V#Q_t!M
zVg@tA^lb(Z1yY!E_UFu+{^WhwHuna{00)*8buM^c+Ag=_|4}g9gk^?@ho6Gce&`pa
z(0&eBExP+ehI`5(y;&A~)sY&xe1FlHcR%!LG-7R#N$|Y8yL-#y5{0tBMZ{KV{cBYK
zyy1=wa84r0j3q*E#nUm8x`{bNR8-U)G~1pK*1fzG+u(7eSMQHLer#8YM&973*)D?A
zMZzXM=ByTqzEru<8{6*r7c;$91G-GKt(ZKOCo}6|e{Q-z6q%H4SMb0QpNwle+iq(u
z9kRx0<B4_0tRSeBNY(5$<H8x*Y{?;K9K9UHm3Y#mV?G}%44QbNVh-Ft4I5{PZtu7+
zw;VoK=DgoLq`Mchc0OnxgBKZ*R{}9i6p%mEpnE^`mSS_!d5AGBLnb{igFBd%0#2iL
zOoIMWLdD4<;bi;jMnon!witeNbHBi23&&$?hHG{q>+SYg9u0IYWlnQ11x{*jab8Q(
zW*|)ab?0TtW*%Rcc)lccuQC6>KJ+9kha;EXMT&fssS&B$h{GFNzYZwrr}rZv$5?b@
z(Sa?vM|^7o!6|r77>2*&Xaoos$&Jpn5#FSX(O@CD=e9eGi~|u@GkH`hFWXCP-k_+U
zYac1}bR`_m@TrHx+*1dktF`bOA!vZ&q|TaH!fvV(N#qD$VrxdpqXq~L-_@L_K!JjE
z#LS*UE#MtF6^hJh@T3EP8(JF*)Nt*g6I;)D-Yf@Zihkn{hdG#?3R{o9X0S8!yNgJ#
z;v<a=yCWmd$B(%~6PJ?!^`f&`E=P8l>$`Vh@aU_Z_Lo*Myp0$ZD@f6%Kb&9*QbTjz
zU7-vcD^T#_=j#)cmcY$FhT*`U+v}2sISJepW%%IML6miys;1JE{L&pK@M<Y$bI)=a
z34K@cv;LzqB&oiL3b+xvJhYwYi*DU?GkMP_^<}D1n6m6-sq9l}maGtZedLyRy|*yU
zD1NdrQ@M>;>vJ3X4`%y?oZauHP44<T#;60M+}!Qg1;p<Tp6-KthBFUHkwg|;0}Cd|
zZnhq@wn8cMEDEZ<y=lZuy3I<id-{Akuop;H38;lh%c&RWmW267WM;P{Rpb2}K=@0`
zsC~!a1+}_=ST$asV6*Sc{g1pK<CT84alR={o1f{f!UU#4zQE>Y*}FCMByr+;{3AP2
zSxevAnh{%ub&L%aDrvA;E*|Bl-<&{UqU0xfUZJ-Kx?`*=z05Dl#9@X052tdzAr1Ks
zKE2XKE5Dakw3%J&r@^vmBmZs8I#7k$CXpln%}b98#3&j3F1jGDG?+8aSam9O{P|e`
zM|KTp7QABHm3iKqC1p}p*_t-qfSZ(#7|NOFBktgC+dVlw0jRO&voPKVp{jfo=Er`~
zZ6QoP9dPCEl*-Okr-H&h(Jv%ykFXy)MSxH^&tbBM0Q|kVv`nN`G<?!IK)Cdi|5Av*
z?6#TB#W*!0)~Z!NuR|y>->Y}cJP$X@>iU;dAvG#<w$->NBSa;&u|9DiWI`NJ>^p}R
z3<C(u4L~_tCV8i}3Bw?G>D}P_!v;-wo&k-kw?P&D*C$yejPvNWyuEZxf`NrW(kPz=
zZmz7CV%KkaWfn?Vs2A_^tZZN2pz&Zxx^inMcFC+}?Hzo}Z`<6TdNr4^w1iI7|85gY
z@bYOoAEBSWviKkS!;-VTd(~|(kKL>uNPWW{7{MDDyPW?fNttuKnK^Lsix#RVg1_!Y
zo6Qol6bkDB2e>_!(ZEKoHqPm>A4%<@qg$Q8o*1Dxy%I;ietI8QsrAemdeG3<m^n_L
z>l<Kw*QXn1vZ@B3=n<AJ{9?8ol9Y%7C4H7eu<Ii0!oZbB!uh12n&qykq;18iMJ!|{
zz$BB|;nt_r``}JOa;DI#xJ4w92(`HBOhX2B7OVd~4sCn;XxA?|VA=zQvjH_Hz{1GH
zJO_yW-rj<u@qUt!tBx0>!$qvA4eN8Ehk8eS&f~6-4~JYz@J;Z%MDD-H-+piDeXZ|~
zzBB&svSDeVIj6g#%kBDY!Pi^FrQ<O@OOU9V#p+HzCS=#^1MU7xJchT(hCwyEmYS|j
ze{LMrotJI$S%+3Wv!xSn_e0Cu6X|<L5|}4<LYiy5>}buW<FWf(8CfvRvE{N&&e5`*
z)%}B+eWv|XY;yPFS<USoQ!S>?!-v6#3x*KS&yNXNGH1>L7;vVhU+WKZ)M7FIn|>!s
zek>o3K1)O|Tdy%|f;U0EFY<;+sAF6_pisj@-8x#>H2oTaXEw+w{K27Fmf?9I@zoxs
zGowy~47X2Yv2dnI*YnTNo!@)<y&vTHV3e^oH!cYrw?PTjsLRxy3y3*JYOoh$jmyN5
zfsGKYx0F~o5TuU(+z;}Odz?kk10jaT=$3WtC0*Vk$S4t=a$R>50k9_pdZN?0u9sF3
z6c@8ZLm&vB6co~BGj+zQEr<IOTP8{F__%{&T=>v3;s!9Wx)8yu#$#`xx&?=O3+iUq
zufNk~TX;)Co}Z0vbwRE$1YHI!p)4EAa>Z-3S!0mHjQW4l+so*w<=54Km%1`SudNob
zil8kc*KP-C|4a+6YTARLFXjQ0eH<np6|U0Y93pDO&sSEZ{O|R)w)M$R52UE`bc*l!
zyicEz{)EY{eZk*si<z#hBdyy7SZH>xxQgZ*=k9?pfuHW3c|}3vNu{<Y^krP!4VjyF
zA3g$W8GIOHIN#OumzYaVXr0DOFA7QIhdZQ0D@i;!DKO;p-fW>M9?re_x7}I5rb6l=
z!1o5DUHJs&H?M%MnWx<>z6oRqFwvm!2~nT$UV(ca%G@mMF*O)Y+in>6fhL*e5#{~w
zuRp)RgI;5&(I@%$y$mq=pC+u{TnkW(Wgr+vmx6g0zmko32|b?=Y*_zM>0o)~<!LMz
zCJf<4PHwI#0g!>Ea`@4q%?XiR89>QIzH%G6I?X;or$MW1I+fOmK(4>}42#)F*_P=p
zxoT*(d6vMd%Jl(>xnj8pP*lRcNUWqBVR-<xW!Ho?GJkxG4q_vdl7o&S<6J{v^}{;D
zx;HmO&TNiMfXjJI5EfCWP;San3c9lMPYxL+B`$3fKjb#)Ydg9E#Yz&!m_rEPgFZBS
z1k0D^cl%hU0AVb=f6zr~f9$)Jvh;cBhLAJ}A;|sd*T-B@C}IcX$I~~yg^`D)xzeG8
z31^u!Bq$RvJ#&1}cuW*0yyD$FD?9%dvDFYp?t>dZx+evWbheYb93DSj9v<nnPinzj
zVZRqH4I#wqxu;W~sENvn!fEFGmR;gh;Tq`w32b_z@Q#P|A`LaCe5y%FEmTx_-lumn
zZLaXF^dQs%)Y8;RktH2#lko((6*nzlZS!}mIpjzd0Ujx-Sx)u2i47he`O@drqBi$}
z#0YKIE0hhY9!t{?P>%U+S<GoF>7&7VN?9fbzj?~nli)%o2PFvJ(SH*G!l6-EJ-~X-
z5iD~=V-|-c^?iW+O-R>U5nI4>y48~d!Z6D|Cb%9ey)xz^Y)X(jbjtAH#mVA$jUPU=
zrWduc$-*K~Jbs-gYl?2O2*{yPqgWPwf%wP$4{fDvtgNifa5QjH2NK^d5G`Mv3BLQJ
zVh%nq)4C3|IZfSO9@B<}XVn!D;KL(6YW^1N3ys?`H+=k9Y#&CK<Eac~GuZC}obp@v
z+&kCpUpIZ0{IMc;x$vGbsQc_mlHj1$ZG_;+quHl8Hq*!MsC4M1E7w9OdNI#<hQgRs
zZFrWUdR8{#xAW8}{%8|gX~diBAzk2kf~QjymyBci5_s6cCnj%P^Pv3|X%Uh-Mtz#$
zE;h@*<zmamie?c|q~m?k!=}}#)#?P~Sq90Dk6I08sWcbK=wJB%vEWaD1l_Ho_4dtl
z7sa%1X{V_4>Q~|W9_5FT8if7uB&kl%5;N0UWINrQ!v58+n52oAl*wrFvddq~Llxho
z`4hBjsSQ}!5H-2(9lQU_`j0%EH$!L6B;PakC3hqZY4?Q<w`4-+H;<^50wOl6#t4yU
z*4<q{Unmi*Gyy5cQPy|29$ttutY)j$)l2Mne9+48-4;OF1=>{pm%?i^?FmM;B-y15
zgJrdazjL#E+=mHGE?U6)h?QFT6j@4?P6}77xpcUn4)g+Cpi!7p{58P70#cVhrawy{
zoPQN%2ei>%J?SF#mXIjD0xI@<4Tp-x%)kPP)YJEW!6dF4axOxZ@aM68v3H9N)YpTN
zL;Ml?NepHOp>jMjemo+P>6<F-`INk%#y@o@rv9WUqj)_3zE=CYRmp%QB+J+N_I~9I
zHs<_bmhd~@@>=J&_;sdXOL?IDOHg;Z3VEL$E3FzBIDB3`<_bqh*z)^v68U_gT<g*m
z(m8phRb=CK+xwr`^A(Oo295Vjf|n^kN(4SwrP4B7bv#;n3mlO>iSolV&oJt4@8buV
z`;!);yeMQyquUs>hxR`Dj`trge=cH<Oqvra#TSIJw*uKBs_;_y-wp<C;P#IKMBU=~
zNTg7afOFGXO})O>wEB|q$w{MDOU#J7@mb9_v*2<2wY+993pN_S2bYkl5jU%}UL`Z{
zXfhk?<P`cBeeqht8yLBa1cVIa_#<rFXh<2RIE@b9u2@z$!PRHeUA-|ZoHFHkcY#^^
zBl%^3Qg|3>_>$RL4ODI_n}1a{EibtJc2IHfksoJ6)j2w!6ADQO<<=}n9KV~^T8fp=
zv#8zz{)=Ho$3O%8t9LB~e_E*II0mZO#@hvWn(u&NVMuesG6QdL^skZI1$sQzz6O5*
zS~u8^XH*>B@?njM57K^}-Y%xH2KDahJt|;(QH_0qwv(0eveP=Jz~H(`7b{Y6vzZC!
z`v&k!y2Ixd3XKiYYEPGu4|#Qmmm;&GgNVG-!cMP{26BatI9SoF$;WIv=VGX1vC<>M
z{(07!9rq^%9aSJ5CcLlne4P}m@FuV9bHh18%O&>lpFw#MRYA2XzFMmrU0;g&jBar?
z@@5c_B|#X^s-MHrjHj4<lV4P&D(7Q5WilUf^`<$h;?b8yheYZ10OyV<$de-wU}jr?
z`vUuvp_j226~Z%TH7|K??|R%*D_<kvDG;+5`E1)#d1t15_pVcPigCD=@RPojI&-hC
zfNG1cxh34*nB2(i>-PLI^_Hi!hXuaQt-(7_Hiu`t*|f-PTvd0Ie}&S>l}nlOaJ#rS
z80eG%9c0Y8;yLsJy#U8!HdP?&R`U$Vw$&hjQ!dn}*KMP<vIsP`t%toL7oRLO><3q-
z5r53W`sBe>0cNzODFE8MA=!&aOLNH&Z<AIZP?=E_3GdvLEVt^AprG9^#a`-Es<8Du
zwWvpIY<?8n#EX2<NtM)?xl^C>zH?dV)S(94KR_z}p~^}6A3n$lij!{wt3%TplMDJX
z=Jxy5LUSN-8Ue+VMH#Y3?SmQ8^&!wR$!nRn^{k}2fs1M;m_}?`0A}cAA%6>I8DN3q
zZ?HCpf<B0;wx_Z;GZ{AhYQKmOJ{#;anGe2t`#T&{pJ8z-BTZe!#@bBYO*d~O=`pbu
zUt?duwC8{S*mup7E(hlcV^_Xn?SidNkTZM|x5l{Y{`FyKQuZ>*uG*gXuy!uQGTfej
zNO?m>^|tRg9;yZ=FyczW=K-#!7GQ*p6%I(6RghV#e~)&bk{`3JCUjIS$Vp$M!jVn)
zZiq+Z>HgTL#qqa=T7j+Xth``Ur755WmQWN(g(`7jOQ`s|2;@|;2P3tP?!QG!egg_`
zw!0?9Vk2i`W<?_g)x1q@>OB6YWd`6&kxnCPVmKW7f(i4t402ZYp1|S#VVHUkCwn`5
ztuGg-`v9@xqlSV|rR<a?b0s&voKI$xs3J0&jafn?T%*Pw+pGh0XP91yp!9N$pquGq
zNa6@Hp25+}XyQLn_hlyKX6iQS^I!Zz#=z@|y@$E!11Xt6^dE6Tbl>JUxf&p*l?1%P
zZS}j2d9F(_#_s7i-$!H+++i`qqbNR{bl&Wk<MYOQ4S)XU`N2hC0^utMAk+dzl9p`!
zOtskn<s(K6c|z?8JC4j)k#a=7-`ONG#RJp%5>(|(y8o@ADzX*4&HxsQ0tTLqMcMsF
ze~mkWL0o$TTKL55GoUNdpeh5DD3O#!fQfnG`05lUsrMKD4%<ulVT}8($-zVo?obZ7
zqz0PAW87V&T3qN6zz9X;nV}oSk3glD5{m(^6}POf{oOlWDc4=tPc4$r^eYNp+|7;&
zzRq-ZF<@CcVdSHs1XN9F1t7kEIp8n1Ap*5T$9bMD4J_godMHUSqXF}j9oPM?d))$*
z$a`hA>*+wCX~fsyhh3Unn8%*>!5U~sQq^sy@IOZR`w^psC~%iAb>H}z7Q3Pw>8@Ah
z1xpbH3bTo*#kA(Me63w_qq<pSIemQKkz-TvR=@j600=Q0S@$fQus9VN{}{sliDM9?
zHhrw8_zdj#Utx~SU8T@}9%v&5xt+AlZZ<Nh-(PBR`yK0gS}w_v2CpjNlM(fxSral@
z1Fn(RQaesPufCancM>Vtv~=1_amg?5L*E~dN=Up6FbNf5oMuC)-?_cp8A|Mw^o+ii
zmdD?WtG0J}0IJWmA0sA>x3*`jK?1>{XQo6{x*6ngycte+E^0C{GxxrI+Pr})v*?#%
z{WEJ|?h$jTFJBB}4?L9En%U_RU>@JrX(acq*1oaa+CQTS`Cz>%?%=qrFKwtw=ML+n
z<X!HU!e(yrH2Nb6GqUfdw+EzPCSd~I7$x&Zo3U3-dO;+89CLg){{t~lQj5@*ndH}e
z`Mq__`ILG5=h1_8fusS7NgF=LDnWO@`)GS{9M-WTPYR9I<xr!oyr4Ha>13KwY-*r^
zJRN>x7jt!j+$HV13<3!uEy=^Fpa^lfDQ&0VFTNDibUd)C7Fs@SU^W&%DgZ9NAXQYc
z>#csYHO8xQ<cQ|ns+0rVN3e*%K3KXK;fKf?=-SwO-pHMs)ihGyeVqZU6NeHqM>}@h
z#ixJLIy>!%B>sAL6_+YqY~jp9X%n2qZtM{54&Xfl-1LFuHzo5UOHq9)R7$io-J9=)
z)g#TuM&2T?Kpuys?y5ZvqoQ_3sM6+$CeAC~&Zn3v36AvLOz?QLP5;<6am;`($DPn<
zIu(;>8iBm?(B*dQp1|tP(2Ny*^ic@&q#Nk|0L3AD5X0(uA>>^8;%CLipMbUqZHYA>
zsn-I;<jEcPmg2&KD#0|=GS*Hq`ad>o70Z8q?S`Wk_*-OQAgFZ$n0Tcdz}hz8A&Rp0
zT%H&k<n|S^RuNFfLm>(hlBe19!A1(=0qx5-JwG5(aREd?>o58X`yA!Ji>5eMI*oeF
zy4bWZS94Il|DF-He#bz0;V0U9JyRNL0dPgkWA5er*nRQL%To5fYM2W=XEr+TmFH++
zZ6*c(lv^JiGlsf>k;_m4IsOSemVrZ`-k-e<-+4IDy*1&#9Ht%6$|j(^(?xrFa#||x
zqhW9!u&`m>dZ|lR&4RKJoe?p<P6qb~i`*Bt=ZybEOV3J>4_wu^hHt~BOB=Q}w`VX&
z`h%gZ`%O}iB+7SF`cz~<6%+!O7`wQvlA6sA<cwyLQ5L9N7PHAsTt1MiQ#KL6qyYvV
zY_3B<?9~^pkXO(ATxhfGQIR$|K(P>^6+?-H9j4&V`egj;uI~#<k`Z9K>!X=ODl*Si
z7pG(uaohvtqE4oe5&T-p@~f;W2cJII33%QxwxMq_zVJz+X+-mzw3`#)3u9<Iy^0S2
z{mYBp&%G2k{<v?`JkAC_dL3q|@ZK0>{tZ_NFxRfi)kpn(ju|)Bt?$(US{tPx?0C+r
zDq>bWv!jw!KmUsI2^xNH*bZ|d{d$t+wcX&Xoij`bNK$5!UxtI3TvZACrv0D$?nse<
z-TE<ZUwHg?mEC#flwIv#rR9&Y`yWv)DNpyvD9FD<xjJ3|MwXXtY#II2_8*P&z7n8)
zly!a<sn%oJPR^<YGq6*OGmaj>`~qYr{Di`uE_1OrK`4re8CjFuT%qB1DfV4wX3@&5
zy!I8q7J2yU>^ucN)hN%)&MR!xp?)4pR-9S;@kjBS#t|C<Ku42t(^sA9r~LNUPkU0T
zFvaK0v!6Kt?6{o@if66*SsEKWsiT%|-K~)#6+!%$Xdk^+ytpR{lzWy4n&dAhTAf8M
z@O||`p_p)%c&J}5pU=L?tXX7huI^+pB^oR@fYp&sXi2^s9~@jldvtP&0UVcvdY%3o
z#lJ^Pa4m3oOCWxPY9AeC{UK_nockU|wf}VZT)WaK_FQSZ8Wi1%Chb)0sbY6h&w3SE
zQA%WIb$JeOF3t&1lvFU1TS70`zlwj6Uyk@1?EnqTOTPBJl=dgalh!HW3f)PqSCeP-
z%rXJ*G<-S<+a}k9{f6l4Fu)BPMm0Iw1aU<g&Pl)TgQJt%JB-umx&4U-9+ErNmL-4B
zRasE^JR)dWrTpiTByIzo+2+jHF^Kc}h04$)@fwi30E*PE?CG}`IYn}>-JkTsoZ~XW
zmlXf}$iO>4d8Gnq1>-hLbh13O`!%Lt>EkBT0LtL+Mb!7OsE(%`p^_*TI2+Wdt<K}+
zoM!Srr*)Q3x&z(dEG(~r30HE{#6V_aPV~ny7n|q7i}veD?jW2LMMxd4SkqR{JJ;nd
zV>pzCd!As7;p6(IZ+^gwLHcMm9O^Xhl}O~V8DaXj23xxnH|7vg=3m_T^1e+nzK^zA
z4lbK5s1?~M0FmswoD#v5alK@1f={ftsn|nmI#1!19wqVvfJ66R3-TJv4ZQl3W~Znm
z^_1A1GZXb0p^d`DVTaCp`st|{vCr@*Zx3cJgf?LpDWuJMk=Dx&6~l*bi!sAVd`gMb
znfo{2i=2l<Uqu8Gbpbm=fyQg|8?2I&5yz+X^6pQdmPmvvUef;DTb>vv{o5Bt-B-F)
z4>n~%#I29-Svcu6bn@@<0)3qKsvEsAwf{=(kI$qJ4CGO-y%K;o+3@YH=_|v@GklI>
zSXIX#z*|?$4F#qTt%9q?RFl`3;W0=YAqR3vJS+pRy&v}~r&~CPD4@f4Ex+}-w6$-#
zX+%b;VS6iE`AD&vB!eG}35Ght4V}E>SpWz%AijW-QWn=s$`<8E=)Kb;JTg!a5_nms
z>YpSiCFca)o9`ksm5fmI54-}Rf`+D5BmaL$<@2O<9jhkN=V-#e-wtyv@br%`dEcYa
zm9`y%H{HsD+Y%Lo=6_?g!2Q%imuAUXOmTf}6mptij+vvWTlTWymj1PIc`lWX=lLX0
zzM7!N>Vv*U?~>E=cg3{jwbW9wHu4nOs9c1K+zaqgH+5)W%66&)y1afK58&)~ZPh{z
z0v$ow;0rqJ`D)qJMVMI|{WO}I_;4iG+R-w1d@C=DMokN?%I$2P>I(GKvN|l23>Vd!
zB>mHS2VuQy(E=5pJJ&z>ufIGB-^Sx=kjk830&d0lQ^XG1Qn?mYMAxu^=^2}S?&zer
z8@z6&?)5^Hr|`&Yp=`!@=U;|de$P{@^V#c-wc5KtJtR<tJ9eW37$gCrGHDXe#NjZ*
zf67&tK2juGgd<Rs_6-Yc(|t(UBz6vHW-qn@cO&JFh$r`eAv20Qah<ednTqhE;qFHm
zB|ELK_buQxZtchB;btVDo3nd=$|DdvtfQm`2#Rc&T)?2%R)yC`5P}0&lJXGlX8bjr
z?m&W+{SaU}=>*cG4bfkbz7E=%P%_&JN<O|zX*VQ+Kcj!>>|&_|l*8vzY?rp442_M5
zONegL{bt#mEsAAZYX!L@;WiKoh*|FMFq>qZ8iRWDk4w47&9R&2IjZk|ex6TVetrV9
zU$1=vds$@vwa%#q2?&0x2@$+kOf35wsPh|00piu~v1J33MbwgNp~+(*zi)m&&2_A@
z5_0C*DRtNtW1;*USpvXM47vWWSChb!w2GhI8`CgZrsw0d=52)FpUR&H=ASd4&gQ<(
zdXY(_<;3!H{CACx3;2YiX<n-SocNW?yqMWMN1FTuDDX|fc>%8IGxl48PBJiyW=7uc
z-{4BivjB>J9<Jh$2o6UbCT{8OPHXJ`{;BIXcgXF}k<vwGt8XRydj*cHLO*<!S+$6v
zMDEo2)2r~D$uqfv<HQE<TJ9nNTCX}KtB;Ib&uackcaQWF(}oJF0qn`)E53z1AJH(x
z5`YW*V{SgcufBZcW)PLGs{_~bTBCBKyzrwg$+pEd=}p~pf@PIGA$Ppw5X$!Un#z<?
z8b@p3oLw)Isfw%aH;JG2d2IOimMzrWsp}4)-80VH8XaSJ)mpVqJY6|*fWe@4;h-Ew
z^`E*CIzslV6iNJiC__Q*7Tf^LD^vqUTa5pHFAV=xqdx)ky7e_?q2EtcsxbiT9RD<|
zukRkp0{sM!wq`?<X<d8#3<FTJ1{9N#F7N52%;*B|7iFM0dvSljD1WwB5b0_=7*o*n
z(9k;KXNRjwN-TG9>K*Oy9%!QxsR#y)lX;ddN&^059$8K|qPjd0mmU6qT(YFbNpvOR
zh@;W{5N@QEpD(%z$GH8cT}<sS(5I~Wm6@nh5m*c|=JDILQ+t#7Ng>Pyc<DBSakWlm
zpGdi(Dqm?oQoh<V>&Kk33IJtxad0@@Cc@d6u{XqHT3jr)Vl@-4xFoW0!cgd~@LGpm
zA%vvk#>M|4gu-jPC1;N^U1q>UwD<9yG5FfY)??`vpZ-Py0sSk5VQRAqzn<h~XfvN_
zwnK@_u+$3QxK}V#8ZHeyW8bf)6=D%P70At$Grnv$AeMYuF7z+cn_H`MPkPOCIld|x
z`R_$X4(n){R+Lp()c%s$VHzB132CAEbizyU-t|*G=#&*51Pk+ayX(bH=y_y&ECP{*
zc>s_llq8f9>2Ub<H67E(Y5LvkPN(^fPAqES>eRKi`8C%6(g&~~1Fj>4^g9K?z9CT|
zS~LpP`m4gp7L2aSS}Q;j-D9<7OLE)tPZIUK8*8>UVSeuhP(U;!v7^TXgKrpj%Lnd<
z`GMW)f<ob)Yb8uq!<;AJCC>JpTFaOM!TwjxLS&MwHp>>2`A4EE2&cP&B{^nz95DI!
z95E)UxqLEl>D%@y^1E2{4;5&$iQU)`2+VMJKL&gW`)bbo#2qB?R!(6>MSaTZR>9^i
zy!yh_s)BqH_)~J=DmyM4!6F?$D(S=}%i1lA-UrAt$NBi&sQEQ~AuKmS+Q{^G#y@P6
zQ3<{5yie887{VHy<?GoES0<#)wH7~see)VD3UvYjc->FgCUKf=1$ca~tM{@d77&|c
zeBq$<HQl%P&)SC+>9U=4(O?AT;4*-s=p!>WdlVJ5Kq9uk_2v5!YPR!Da+geiBO$Cj
zXz#|KC7dZ=DCM%<gXCb^c?1u|fl;W;<HYl-UsMbLlK;3<hrpIPveMw6L|)bkrY1t9
zg1=~MfwHQWm<)5r&w@0ahJM&K2kX-v3YG#IPOiHuR8_WcCH)2OTk{8zMtz3hT~fEN
zC3Z)dM(6?3INqXBya8lQbX)@_>`;ZGn_MF5{4t-niSXmke~@fFre>|fLp}6CZ%z6c
z6Pk&VcRY*bJ5Bwl5(c26mbDXtJi>eq@)F~_E+v7%VC{J89d2)rhtW16oDjN%dL8(q
z=+sm0wl|i?h^-DDj}}aMvB`>F!i47W1bTp`#fy;)0<rsnOl+oL2#Jdz&x!j6U?2U9
zOo7laZyGI90Ax~t+kekpu-IKJf_#@F%=!}FI&h#_rxS!w;*k0C89dRu3vgfCo|Cau
zVVx{;iqkzWWQoa-90w*Fp_F`4J9|mZ>pNyr@eMEl^4%77*-n`--8G1Ad^`kff!7;x
zPNujG2qe>i*Xd${{{f29R8)#Gb>HKA6tDxw#LJZ8mPw@!_Bbk^q4REgZpl%38E<c^
z8<|hjOMa4n(luYj@x}o*xHmLxu5(60QnTcrROquPMo@N<2wObrEM@4}+TN?2`E}1N
zQ04qfO6xQpYTp&)oTh3es7c(U-R)65vR40t=ZxC~1}-+JM-ZvloJc0gHol;?O=GaQ
z=mYeRVk{l~U(Fws&ZK2CCIWAT(43+7y|TYqjE(a^#T7U1#x%Kra$@jb$%wm-B8tyw
z#^xc^5az|p$~vKkaQZM>!d~Nhiw;bq|Iif5I4iP00um%=RcPs1d)?VU^+7`0K>Iu3
z4{Wo;4yw@l=?XXPgZ=toHnIW!@{2y8AU9?wvzPd7Dln}ypqFTkG(lFF1qfuShEK)&
zGCn!~^=(4QiU^21zKVI2BsAZJlCF*n?bm&z?w5O_W9>UKl;U+*1m+SAN(rqp<(@-x
zPKtAy(&Yfo^*@oEifDU+Y37vWgv5e}vDMb_f=!#oTpw*d7Aa&E|8&z_DA|8}5C6rM
z^<o)>0LV+^%U*TCviVQHbJ!H8g-5vBxFR2HeasvLc;RI+l(*r`@J(egXi2W8BQ6h=
zh<$$<v#&A-XV0BPrV)NUxO(fP<dB<_%}gwArrh(#9pubJd2&mu2{_8lUW&AcWgCSE
z7<ofXXRw=qX@Kfu4!^LG9`X-YlcxjD4oXcUz6Ub<S#;dbN7|xVw+LY7pl<=5cwV+C
zoDEpH4P~pYN45l&3dT-)5cugSprA<~@Tm(*_g2Q=^b;#@+!+4eB5ZxSrT|sHjYY0o
ztM#t=by6(sh@o|B5wIZD)?mPg{xW26`*I6j<;eCivzw0@OG<7Y9&b>9mYM}3dD65<
zRu~v&%f+0fho#B<z+l!E4vbE5v3$Yz<t=G$1y4`C<hKr7ITpv^<A=i8U-<-u0K5#)
z_Rn;bGMuyl6>smD^yw~~S>CRC9F<QeLQ)(+jFp7Mg1FqY{g#V!*6c>GU<L}wXUY*r
zM#6BM31n5;JXZHVa&kA)jp_L(K0mBDcPV1(ISg&piV^@E4t360l?BZUy_R)sodTn|
z^w(#W0h2t@obs<qTn$OfvHyR+NxK+Fn7iZ2@1Vzv;Ur*h_MYKpd@Jp}2mDOWu+<X|
zVPq<hgZX)jHTtcf@k{$__e<Y%pjQNZ54A`?D>1NdB`$)6WNZxzlJ**2>m@^?%1>)V
z%&f@~gowQq<((qr)^-6+OaZZidf#Q;B*@{Q`W_}bjLcI}M_>B+(&l~x7+F1#kTHb1
z6lX_80mcv@^=e!^8E1Ki?ctjM*KO~kAMO0#XIgg?$KOY&P2X)t_X8u!&(>f&dwR7n
z6H%t_)QL*+PTF{gC&auY%JxET%>bMLe3Mm{Ct|p4+yA@x{tMtgGGw@BNaE>ZQRU>*
zO!h4L-4He2_b<cn7kqySi2m<4IH%I0afKKFx5<cQL#w}eCAq3Q&&74EVyJoX_~Me%
zU`#T)D{o=VV7#sG<ge}!jMa0tXdHmX0F1Xl#=k8O2AXG}ApemDVkzW-;hvs(@nIHD
zdIzv-PFZOa1~1aZg&#^korI$0x^(4&d{9x{Vh9+5p{<3vkV57BPTgYC)KJ~$-Pv`S
zWu1W1NNUk3ZCD?ehUH<$o(asv)m>Dw4c*$;DCB`E6mERamnUvBmX)k|AuxtGK20+E
z>k_gb7mGFxfSA@sUt<m-4X)i?paS>zlW)($N_yh*VUb)*ELPLW4?bT?V<&?LwAuBE
z{#n#+Wvhdog2Coe@qLS(TGBL|0hxf*2>~MNb!yj4f|o+nUkAv%K3QG<Ll4cTSah$z
z>`_mvbE_M)aSkrcdoGv74|GIgH>n4|w`;RCe&anQ>0IFu-VvfVxbZP!t~`HS+ho3_
z9^~3gzrXpnNdHv}^?+3M_ND;wkJAZ%UjPVo+QR$|*qeA46__7<ibtpSCi@zRH*HMn
zL%^uyT<?epoBo&3?SbwmQk*-$M+%tg0B#(Z+q~Qb6w`FtpJi^AG$G-1P~@n(-9kKH
z?N6Uq2>}xYf-NR;iMNPNhr4aP^Xh&t;9$VqS~)#=oa5(}aYshmehdP<V2(!>R84mP
z#fHLi`;CXu5P_Tkz({~CyF#=-aTpji`N@$DFqqhHz=RTjg~x>Hv)bRM1FUEF2ivik
zofN+@5~W2!@Bny13gGFJx`0wd=hJ+1*Y_b>-Yct_Kn)BKH}4}Z@DI3o3kDhOw0OTh
z>CR}XTXE_T)1WLn7XDfwc3?7BW_5VR>;F1eH~e0%o(c1VN0ae%B;h_BO3lZ%UPABh
z#)1t@#>#}c4vQ#m2`mcW@%;&R?i{FDG84&b^aM2D8p_Sib-Fp5@L1J#tBWfZ4!j#`
z+|CGR6FYZ|tkJ~7ugl~{YxE>~rAv#Z>&`T}<6GaqMRLbibjPlNovzXW*XLAf?aGCu
zgX1CxlG+XtRq&KFM%PHyk#@&7nEhVWkt4$`Z!i{Jw9p@b)C(}b4&4WIfR@KB*lBDx
zfMXZG((_P@5iuwuI+T*>j7i#dNDAQ%3Gbm*WED||FA=%cBt>2aIyk_*(mFD4R9`8p
z^aLMeA2R8?;#mW#$|Mlu<__?KC@=r0d${OQ;RjT1$7;IQFX(50Dao}xK`Xc*^myAO
z?I13j&@<4tX{7T;8}qpC>iMHTI)quj(#{0yP6U|L>lAGWSa4SxTJ<kxr&e`-)F)Wa
zQchWF6;$fs#vzsS#@VzJEb7Yz<mY6<-*|WcojrQm8bc$%>!p-cUO6y7Z=|1+C%P_`
z1`MoPRYkyU5qCj&c&rr+kW1auln~;CZxv$|;{U4>b`NuYr_G|xhC&Q_TsoV*O*_8?
zi=F5BRijsSDRKg(t>49@I4DCqR0*^k%AyFooxsV9`W2EP(&U$rgl&BNFICXBaB2@f
za-*hNZzF(uEvlaA3@D5}Jp`b#^Zw}iN}Bn9&KWrc!eaTXT?xKOUj}_<i>zu$;N}*~
z+wbWo=|C{Z9XIEh5hvZC#a00~OXROj`oKB4<C-`~(B+bQCMX%Kv<-|S*>ouv(jWi0
zsOD@)pHN5ecB^gA6hPj-)ce4DEDluxj|CHwIk`vazr6F?j*F`ylL*Ro8sUSh=2&AP
zu}@y;cvMPW!>n@id!wfrEd38VeQ`c|&H9g83oDYIbm^k_n-Iy1s1rjx1%s(7o(-7#
zc)&;x_^dN1RINmJZvxq(IqBHCl)3V;d*k+a&p(Ym)cXlv2_72){<j7mH9FzmhwYs|
zrvnNm5_do^rri;B+0j}Z<GD>0syMSP;NvYKEPCk^D6S%b>lWdp&D=R{;Hgzqc2+Ck
z2~gknhhFWIBM(UCC|jeci});pO9mclF8f?iIU(jPOiEBzLB%OXoB@gARvqc;LA`<P
zs@(aX1U^Z!^gE|D_T&o$cA^>q7#*Z}u4rEflcZtMj?gKV4~!5(@zkK4y!ZEA|5<Z5
zZZ||N0F92)lB(x1#R}7r9kS$6A-{1^>Xr}Nou0#`Cc#}98jL<X^f!>(RSt*ysORwj
zGV{NtuUT^0sQ%}YTi-(8r~aFX)?1ah;s0altmC5Gy1z{$QX<_T2nf<8F{G5Vbc-O}
zIh3>@Af3{Uq$17G($d}CF_a9=yU+7`|39AtGWYCz?QdM`!5eGm{PFa2BlYA9-+TW`
zh1)iNFW0@7d*ZWBH8JqLai;y1u8-}H;BB;e8?`w7cyq-5F$eql!P0%+|Neml3+dpE
zcnJ7cO+U@>Hk2HhQJCT53`gH06bT?5SLEVWd*%Uzvg!w4pu38P=jBlU>#{W>WC;Z$
zh%nl$Ssfgv9mQt1K1GI-H3ufqgzmBFPhTNvnBos0C)$Pgrq_MD*!nvG#uTwHt<QVR
z8~FaOqgHhk@2qEZqJJ9U13>~IfqprxjM)2^E3c^QRgj*Bc`h$XHmwj26SRth{{mD9
z9}u*TkJpwIN+Ij4s4v_ucP6@hxKLt|zSn`762uIDPX&^-|2KJuU*Dpk9|j1iKd)o7
z!wD3KOm4pQ<~Ay#A8-I#W*4zB7bo)G!BfKimF!oCTmOAjz_ky`+tecEL>3i*UXm|b
zQ!OzW3=~RbBdzzJg2#=ieFEeSFBe$?uRnQS1et6#)vep04zLuLpQqTTxus^@AV|{l
z3%fr45<X*XswvETGBIwAB_5BOkNiX=W5Sd!><fK7u!9^DTGUk6=e&PC69q9Mtr<HM
zi1}s>Y{;$@^g`SlD7{{j5}Ub%bA2$W1G<oh4rv_-8nD%sg4A8mrER+K>m>`3@`#iH
zS>1?F?y@qHl&sGW2q_HOpI%@Q9X322U@qf&s~>&VQoA!QsGI8h1L+!Ey&)kb;Qug@
z2W=#6`pw&TIlA&2bI!HdgDVMg8PL!FQj-X{KOy@1wrIKAT5iW}TEd+A`<t2r2&dkv
zmdXh6e716)#A&h#KIPo78n>)F9EY|{P}Rvn5Ga5aXaw}=__eY#CJstS;5p*JgFls~
z=dF6u+9EFm*7bM&veu_h$w#>QnZG_JZ(jNImD2K0Cx$s2iu(VWRSYHF2Pf~1WM(RA
zC=4Z`P5t;?WGMWY#Ady<FL-yhy5bGwg)c*m-}sGiDn(HkXv+y?oVb|!t}qwV=scUc
zR5v<>N}#uo=9)Y5%_VRK9fn378exVwV7<g%v(d=OyA)J<wUU1Y`oa`DobB09f=}qI
zMQ`b!yF}fDk>#MBqDIrbL=r#dKsOr0WE-99ke(PtycT>JYk24r5%TA8@%P~>2`Ng%
z2xg*xZMZ`_^K@OnrJ6460}Z~Wj^;37OrIth=ZbC2DI~6v=D*3S#VH&+8;3adbosYx
ztL78*j=p7d<jgHJcya>Vu|O-hxVY-kjVpi@mGkcoe4Gsp7I{x&?$A<}8*^4gH1^B)
z-L-Ma?uX)sj8cbVMrr+JrR(KkM9rZI3*}nMn-+3TWUAK2v3S8W^Q5{l^Mmulxzv{C
z4iFySdp)O$$ZANwQ1^@2BZrY#jakhsR9$#ocOGsxj=i5GH0B!ViE^qwJ<%Z7v-o?p
zyzp}C{TkFCJ}(*_{UDY&xpodF=gGlP^8>!^xn_ExIf8K@eweg;uF!OwqN{fm=8Mdd
zt+L|tx+0rgvgaeTLzI#b72Sa2Vrc$ce*j_AT3l$nU}xN<$32y9^Qh_Y^>Rwke1s${
zA2GVb14S}!em1s*yz~tvv}501g|e$%a@rmP3xDaAjE`JdTbed1?^sz8^M)B|@8Is3
zNff+AC##>53EgK*2~u;{pPM%k(|<_Z2j;R>EZNKdN+vbVEKM44%7;DXq=bh2Sg#II
zV%|=L;%!3fmCs$vAeXk%ojvUpW5x%`P%@hHFB|#W_E1L=-Kvvzje}#1J^#xy^I#TC
z9r$3bMPG%aGjz0m6_T{5^R9q$u1s)b_IMls;s7W4!1rJDUCe5!ZmsQqGrbX@79443
zOB566nss;a&pg`~X?daMXI1ZQFS2C@%#*v}mBcm6N*KBMdUW^xtV=GEa3E=q2KURi
zHGGn}j)x+%{n*_L_qQUQ`Ydla(~1SS<)1ZhHWy9=;gebjj>N>Nn3feTJ<Bn*vQJzx
zcTg6+_!ojyeMsYvqGqEKpGEyDjgmc+^4lXO-m5H^%IbVa$qd5aK7$jEYBXA%1_%0r
zkQ4!o8O(QtGOs7&&3N=h*d=dkjis*PF(dSK(Vlo~KCf0LI(z(oF`wsjL#H|!xL@i1
zH$MH0ILs?8+tsgDI1UwYY!J(Mi%m&nx8FN<RPcd*mx|bZQMg0!pbzT;B(YeAv|g10
z!+Dx^_^VJ{{lAZEK=}s~NVc!$sr>s#rRfvRX}S@|2`!JUWKTRQuOuT7&$e_qyE0R_
z2T4iB`LHc834;sjnvpHSe60m4@*1_k93~#0sDg_($>Q|YgiLQf;$i~dH1f>o*(iph
zz@Yl#C`R|x7jT;_F@tf@U};WX@d_WmrgtQ&x`dadzaC70t=IVYZXB|_TB2$DH3akU
zB&p%$#OX>!ih6T|T9xp)7xnamcEM&bJL`$<g|pNSKz0~;|7c?_B{b(Ri=0=q{f2AL
zB+SSA{bThkrM@z>x%8(|>XfgEq34#?zue|Rt|uQ=wsURnV++0$)2C6$wgw@LuHO4{
za$=J8fF?|ct%uFNfijDRv&vuwOFt1O+59;+A!kI24!@UmN~_K}<btVOKSoDFty)7W
zL~x>ykvejUz+Zm{!r;O2<lRX^aKBL9MUC*u&HtiuNgyhx!AZIVHApD3W-aI0rECHn
zP+1q~Q1LxMtY7gMh#<0-@ejCHys+n0Y9fv3VXG>8g}3}lxmB~_$Yrb@d4Acy42?*|
z49aBN*Y}c};h|cXVHer)E&IM=hY5N=-{owqMFG{Gf0=dDWf6t*dNc6W{s@9tYBO^5
zxoWRY7Yg0Qqxu6^6ooGeIydv#u9)aghT=Q-Y>ODQ{dC7zE+gq49+(;|4xY&%*h`z}
z<7@fg<^Z?a^^>A#X#r0|9C@SNta}YtW`?ueq9KdMJUf1AIwkwPSuxWY^!S*v8<?gb
zk<}4x1QF0@zm4n~TUh>7Q4Sw|1y4Mf&yuHfD4NOe)%<lU+ux(nlyg7VR%9`}aWjPs
z3lD%!`L!!bmYHCWGe3%9JVW}H-1-r8LsBOHuA<I2Of-S}T5P<5HNWbofAR(ndd01|
z#Y-Ow6~&?BQ}*40t=fW_KH81<HtHaFvr=a{9Gy6dBbm90fzlVLi`ia+oaFj3=L3A`
zx&Ft|=c`gN*_AN^9;qTo^Vr=!*UNT3J8go48zSeqsx!31d)rD^x9j@z>VL7jxDF+l
zCeqxlkhKkxOF%>k;#5rZQ2D>)?bP(AtzUUV%M0VyW6ACyH6U{O^W#L?UCD;mhw1<N
zPO$}`lqA3=wNCX~?(a{U_Mw`Dj9BL@%m5zofMKjF)(d}_NzG(Ij?u-iR}deBmw{1!
z4c{Qq|1f|*_FE!z#*p}V!P(auV;xDcWSXA`M6+l^)XBhej><@m<oqX6MT~ho_~4N6
z5wwp_Z_%EdxR>Weqp0Qd?SMi83z5}VV9%R=KJA2(<(%ulCuik+sQ$kE<8yod?^}`3
z*mF%!WBU_E2~Pj)9F{Wvbsw$JqjR&q);VJ+-L`zN3*+uH71lmSP-B)XKa9yt1KnPZ
zmdP^g1(7HL;}qZee&Y$d0oG&a4?EHO0-jUDj_;WiYD^jKZ$m$#)H1LRBVHz~<|G=`
zRj!}EvZu=|zz<IE$CvoEZm``g58~1tb;|%hHknmqJ@D$l&Whi_-hZsY!^hFK7`<n7
zt~d#Bk3MYCvGrVcRTI$ZZ?e~lL#r&vgo{F+CnVB**V48$%qj`M{ENMzAR&`U%f?>z
zuV=#<G+n;#`!QC8#h-n^mC`!l6%u-p2X59kX=Iy5mS|CYv0XWQ1HC8joVP$u0C*3;
zJmK%A&Rp`}%XU1j0Xei)I8BR5mhTU)aLRF6<UmqCAysPiYv&fu#D$x-KIK3V8(ob&
zG3v|f?=Y;A2tXp)8F{r2;B8I^9miFge^7RBY&~k-^-Ob@2__vtxW*CZ*Vr0X{DNVM
z>?0{R4guGgc43KadjDbz>42=h4LJ6K_ZHE<F9hjV=AC-ai5kLE;Pu9@L&&jbLUbra
zQPpa#x_lgy-t_&vZ=Ph6Aw-4vTdePX@NOV0N6qSi14kd6wt*V}l=RN_+r7e|o%>{6
zDkxGU#QevqN@0GrwkMSkZIFVuLe1U&RzmaM?D9DsVf*6hgY$#=Ya|_T|Gux$s$H`>
zzP9xKBx&GR)<5moPxP93^N3fk3$$2(#NwBolS(d0qU{_!6m=DbsYaSUvc<4KkLi#Q
z=!>sSS|U39+ZFZ>RwLfFpo9-Y%*L^<d{A#+KEz`Xf|IK}H+;dOXH51b5VZ-P2EUrX
zhG4h@BzjRj-<hybu<k#Mvsu+6NVLea*eJk#$-w{3&cZjISm7ho08CXsPvgJFc)}zS
z+h}MEDe{6}O;UG3FR*XJ3*4_jo18?45^DAc1Zkc99w6NT#hYH-wC_b&T>ak+>Zh>@
zC3%7q{Ssn0<=~|0(={fGK`tlfGtHkn=s9VLhVPj}+|_sPbbl0I>M3Ipb1t$>B*zc&
zov{jc2&;v|xNuO>$oj&}5*yXyr$qR{Xj=MoVIKESY~IJ}HxZ?{h;H|VDkAj5A^j%3
zHOkkUqR=tE=nyh|Tq?fiQ7%(@di-K1LNye`C&xDZ3kgG=_hvcFP4D;i>wsC2?e)IV
z!*e==#Ualm2kFtrrg%v{So6&4M^OW+SGvY>Ba2G(-A?E!PLAntL}E!qUy64U^wr9W
zQdwaBc3cG6^7GW~8-wb3ng_pjvAWt}9aLge3S@qBsesjHsMoCN(H=ALHL+1LLgO!0
zOG~JCm$dUz-C!u_){I2bCmgQwtrBz!My-ZnO*G>AsRvpkcxJ6WRSSdQ9>mnXwRLb0
zk#Bg$);tU;!x6~<<|EZ5c_(j-|1$}6<9g;uheki(QN*lh_!RV9V>@8WTYk~`nsT`V
zZ`R^*FcPl9fMVoO<wx(NHK0R5a7zlo?P(d1N~6-mr%>e*ZnY+>cV|s~*cmjyp>Iit
zCs$Qhg9@t#k07wzt0@AlEqNwi4DNtn7l}}m?-!v^Q3TdA0O|Qc+aKx*9K<pIZt?KP
z$`XO&8oc9IxJvSoxaas}B~zgIM#o%Hw+uQ&KQo}nqNrklC_j-Zc$XQL`w(h)alI~(
zY8vT|z_6#R{Y=*%?XfGBKB4xYB3&UJ`Mdnw4Pzew77w6B*%<U0eqyyZ(snmpIK|uo
zk|D{Tce&3%JbM2_Z1V?wvWTcdlaS}vewN#7KA-kGJ@!-I|FGqTBna9G=ihQGU=7H9
zP<7V|BQ2Tb6_n3`#D>XCVT_l-zvc&89UjDNj_T#sOw3UJX}-!zwgm`Dnd*Ua)>9k@
zm4_r9tt(lz$?rybSvKkTq!LI!V`CLpZvp882$GV|4VCG~7frnq=G;zH_Q16y7p;SQ
zl;CrD%4||VwZvC7W*U-qa2nm$E1Hz0Q_PFm#V(K9v?dw<27g+d$~KCZ!;AMLsO;-8
z)M=yieURM*g$|mAy=9Q(k5`VEu2i+N+3Q&U_Rvz9XG<{`6J>(BNPXfCPLVx_SrFQe
z%ku3}@<%-p{5O{3pnce?UjEw3l|~fxyZ`Ho74O{D9eW!zy5Bu-zI;gA8<5z`iE7_s
z;k;|(k*VF1>Hy3qKU>;UgQMv3^~;v}ci<Y5Q8*GA(t))(Lhmr4x0~=U406&A7)+#D
zaRv{jHN%vDD6bzv^9b+)!+tojR9$nAAHL_=;QQU+=fT+6iQN?-6(;iJT`D1aV3((k
z?!rwg=B$Nh$<qZ8>beHJ3)g4Sbk4TA_&+I8{={HJKYx1)r0-wn`oBP6ROnY*;e<=N
zD`H1hkqOP|{5tI=f*=QCA!`nhK5=G^TbbA&KhYGaswtev#1xo|@W2TiH*Yua2bp~q
zg%iF822I4Uowyr8>H_@qXkfMNtL^`8;y<|qs|RFDKami~$QIUhyWQKngZd=-;%k}^
zb3Qn^gpgFRDh{IoQwY_hv6t4AKMcd-6g*x)1=y|gqx-zPVT`vzm;1Q<dcMs6QtxH;
zSON}%FZMv@rRga3EKCy2WM(RxUSuoM2KVu$4mQk2DL^}UKJumUH5~aHzMz9~jobZN
zhFttj(WO|}@~BzD-h4bKac8dFAYx575b-+L5^0!f*9O4E^nyMDN9dCz<-2U{;AxdX
zUOnl}u|;&i+(YiUQIQCvn*imZw;cSQx}b8tN4cq<h8k?qHAbb63wsL-|L@q0tUxdi
z=j|l5+@cIUk2uT<x5Ladnd29i-6tJ@M$W=Nc=K6v`RymYa9_g=`!7Iur0m|lZ07)U
z%v;D+0OC#X4l;Xa(-{jQz;BM!L_29RHtDq{UpF-X1Nu|SCF@n|r4fxXVhavLlqqmP
z5+|=izZO;PggKk23HF<xlI+l|yFd6TM}Be^)k_^@1C0?D_A8{cB1|8PgHV)_bUofD
zO51goVaH!EI7bo6{oHy~@fp(<q~X#rhG#E-N0SfvFf<^4u1*^VCGU{m=-@u>ps}(m
z_BsH(MRHy+VZ^b=df|K1f4H}6HVn!5HBZ%nS!=})LpqLpm1~aZiTHxAC?skOi-x-n
z;9`qfF&oXJE0Yd_$$hiNh4VP^iz)``A7-@x3*S{0>r)?iMPrwXs$so{D#;n92U3RU
zb_+LB304Vy2@Z%$!q`jfH)a3O0V2zX`z?j10=f95E*=GM^+vzg#ckJ0twE!{NcM9q
zvP>oV?rxkyPla1aE$Z`by#LCx-%So#p0CZh4qCY6z@W%5w9&qko>fp*Rrm}@D6c#>
z#X&*^ltOOmsnah0>Io3UteNF#tF1rs^Pi6^`kmjtq)hs^1OikX%4(}5tT8jy4}a)P
zL8i!xtl`RlgXqdhj=~#>1skSKXxXn=w+MbVxLrw~U*fcgztn`$X_uDK-A|2}<8tXh
zdZMpc1Gbqlp87B5fswHKi%1vc`xTp}E2+mp0sg%Od<z2tE?@Ez`Su8NVw-4JCV%_i
zdz1MQ0MpZX)3H3;g<r8w%KABTE@W|3%WXI&PU`%mvw<Op5EKj@if6`xE-}E5$9$=D
z8Ge+vYhl`4NxG3Qj5BRg?{jwAnvLdyWb;Jn@m%0vHz{qhzLwynA+++*G_rc6*fRJ6
z2NmOp1*Mi#Q8Vkaq2AQ2G@F)2*!B8gX;Qz<qEv<S(gtLAE+F@}ckvevn^}(^&(hkl
zSBuEt*`N2h^#WF3uDknYdly>4+L$lo0H1?BJSj;tA^Kopua?fI%Eh$*+C8uU@o>l6
z;yPPf)VQ;Ie+I6#VvAUH0FX+Cfj3E;jYPly+$OO#H|8JZ{F4LDwdmFJ(pJ8vnzh!{
zhEDK?UbMm|e~wOixNXS9Nl>+M3+iTAG~5qpgd(TD$gL%13pci`d$rr>Cz|c$9rYWJ
zpc?8{_zX=v8p2}Iq$gSb9>F>hW*UOTOyiElZ=(*o>uaeV|K18RS^PbdgEBc1`uJX|
zUaTj-Y(1=_G9ueHY{o*6RDs2ef({5f6CeL!oN}~!!hA?w)I`SaMe;uw0@zj`D^v5%
zGSooYy8>cmbZ8mCi4KOW$cC3#u|*!(qCaI$d7x$m`AOW6uAeCUHmvn459`Vy|1z0R
zb1*PK%ZGw)5F+M1a4vCq{e)nNINnd}Y(Rt*`bUfw__82VW3Vztp2fM`ji6qFgGB#V
zrU5qhdejE?Q&Db3T!=tyHl{9@37S#{7IF}v@0K~1ep|G$j+}BfF|22mfpEvZ{<RTm
z`GL$hCpx#NV!o(}v-DuiV*}2;0N7JSgO{*epA|uQG}5*u36EK2VK^4yKlLKeLRe@%
zl{BUYKlU4Si?}Ocomb(p@d-8|sBo4vQm+DCF5G8rOyvkjL1Uty4`JGd>MJvRN$B?K
zy{<o+M|{1%j3L`lRJc$^Z<Z{>XTyaXcVzqjJ{jLQn!^^ebW$XvF^^UEmHE6-F5h3n
zg_tf>%L4E;16*_NEWy|P=Nzq7w!f>CJZ^{F#y0Z+x3YmBLF3Pdcf^ScDM>o$i>8g;
zXPS6eC<I+$LKO6<J#tyv5_hKybyQFp@~C{&+^!F$9teE3I(I}sdvzPFBprjhN#^r@
z=h&}MLrSLXy{2-eUo)FG42r#?u~1RI4C9krn@-=8no+_fZqrVv{RxtI6QWklY&0j<
z0Lz<Q$Ld%-quWSO_kXcKe1&&b2I7LAuQ7u5);^jCmCf<V#|vH<`4gxyl!S>h{s1Va
zOI)rws`?3AfU3@2_O>Z|n|XmvEFL$#;WNQMbiCXwz^`<7Zz1E(J7@a!8j;0-he;n5
zuRr0LzUcrNLc`bt$y91to)8k(7b6;S$IM}||5U&*ttI%6Jv4r^u5&Q#JcQ~berg05
ztWGa1WlySN*e&GVAuY?m(e~Gf98mmEkSpF4CuwU=&VnyONlQr?jh;F)+EV~noTF|z
zIRidhgS$V*)k8D1u{G{*hq*6YNNSL$c=3&RPmACPm?$%RWCg-UwLI9PlA7F2x|xxC
zt)v2wRPJ28P<7nktdvclYWtm7QdoUyCM~t!Z@$4j2zl5ghysF8GFh>S7S2*E=EQmS
z6Ca4GfM@n_+N80$4E0CmYOs6TrANk=a4=u3D6%7?n3kf-9V}u;+M~Chly}zDdi@fh
z`^4?l^U5J3V{-ffB<v-O3*K4&!<mtf>SUhC`zMDi3Iz4z@uw}t3La_5-UEKuG>5G$
zm2l_)xYdc8F$6w<-eIR8Qzj=%6$AUI1H6TyM6XE?uhZ3*4L867ygWazn+n;Hj<U-K
zkp^J;p7{}^kpcEJEo+h|f;W|d=>}+UhZ6(TGZ81n=Q4COnh#xwfy)(+?ik6FXA!I5
z{^jSVs?m&2;ZNrqGky{OEhbjzBB#h_T_3ZTO6wbFL^@H|ekYw>LLPEmR~KsimDlQH
z9n|S(`8F4?OO0*QgWb#*ZvA4=F`I_NV+B{+4<!V+hWW;I?t1>pLvDz#VfV;S(aONR
z(l=3EZtBw~Y5Wog9zl~B(phTmS8r>)Q+ke_K<Dt}mq~fZ>Mb~A`@Sk$x|wt%o=|zS
zV3O-<+P7z`7-OFL)+;QV)(F(3pPD_pB;30F4_^1%n$B08_l22W-g+2gVHvJM6qTAz
z$FXzq`QUQ)EVzgPPTt2n%cH-jyvKlpB!EhOx$OPx!~37jc)xPh)Xe7!Gp|5hC5xfv
zb+=H3M(3itw0oX$7w>Wj<taV*;$-m&KY4-N5=uQi{(E0tJEq{@U_y8@RXE`uNe*H9
zLeuLsnWIGb>0`~$Hr?#|s*@|4nr{ZM=W^Rfut+G^ZossiyH&)(sil9b2^D7*pgjEG
zU&q|?dCpFX#3^%!M*HcF0x`nFx3e?mYS}AAEK+<=10a$`=&SO|N`F{7BogV@`o~B;
z7T=g4kXD=398>I)R|qC&sox$E=}-z#4gD)%hpL-{%0=&DImGMpf!m}d;*M`pny>Qj
zi)!aI!En!0KfqwfUO2l?RIApk=~c2ok)s~`mzv+y{$e!?MEFIT`?WK_*>7(~qF?Fa
zAE4i-!YyUwLC^4Z#4nik5H_9-_d^Xm|5(tlWv+qLW-0Toy*a$si{Og2HJebT2<=5Z
z0nRC^JZeK)s}&Q1D5J4ao$*IQcn$F$F8ISdIbPQ@e0zrUHncr)>O-h6P@gLJ1w2#N
zR@bK&t>RTEn2otbB79i&BO<eAc4F2so)2%$I1#GgLh7VF2V!|?G|JS6fJz+*F{_)M
z0nT~g8A=1XTHz@@g+u;(NAS@(1S@ppfkEzs_&Ui5TVNnZ*9&=(;3R~kcQC8(rfB;|
z<UEkWuF$+!9X^S+_6o|<j@a4=W`BN<Ro6v)M+>OEIvlW3K-cc1F7RzT)uhoJM|Gxl
zs90Di){PUVQ`9o`(W`L&R9z|_i4zM~_b>Vq0ot*JUKO?;w#KZK6#`-XAA!XeM%$m8
z7$XN@fGUtmiE7})L^K_@2r8b48+x2TI(?hfJ+>8Oj3R$5*oD2+U$GH}786;Y<B}XT
z8QX1YTj%cu9tHS-2t=;An}tfvCKxGhv|a1_9qQg}Hr0uHHY51pswhG+?;ikTQAnu_
z;VOe_M`ySh>L!=-kb}3G7?*W&KEk%-CgP{*vc2Myqt=?TU8`&aPxckh)My<*sowe9
zXz9J{HmPY$hCq3T9Ki`n8IU$w7q%9R<t$9!dFGCdTkzry`MueYpT4(wg=*OG=#=WT
zB`HhI)6tIrS*Azb1dkJsSB)<#^LsirpRF6MMJUa@W8M@o;d5%m44E7Hu-@ard-w%}
zw~T-ES*hEmd;(0O*%S@wZozRIr<e7x^E=lT#(LuN81YD3oY8+P<%HmMYsWViTM9br
zD&my|^R!C%ym+)ARoz-R0hC^mM<x7x`h6&kJoN*_3cq8#`g@FcdBaUpX<-*i<Qfnv
zvv#&dRwK+*5;w;cAx8_Gr2=TQlR;*p?RhfPVz-Iq!~?8*snmPP%-chBewr`z9a|(}
zk?`N|nn9N_=L%YQd=qeH)GSgqVHHdhmgnh7iY$W!Y1oo7H6Wdn&uQ$6_b%+?jN*F6
zS<t&`23T}oG6I~AltG7~tHH|y<lpbFKTnV^wapZPAgiX}Wx!Ye#ZolRAhlCE6vxK)
zm7cq@D;fvL3$F?XeJak|-hDpU1(V!KxGzlnS5N!<P%R^1jXWM8>Yub7=yS8Q!J^A;
zyR+q|K%=rvFa5#);qK<~zAG}j{>SQ;;<^3_ho-tNebYeYd@@a&+9{wm2T$PdWYNfZ
z>}gFsmVdtWFZaEFygvN|QpbjkgMR$VrD4d#lt+T6zLI`yb5ZyhqnB(lEDq+_<+R2h
z1W^XqHgiZ`f`_b6$lQdtY*Ge^vRg<z`*>`9Zk^p%wcBrIL-INcsvD>pfRY)h>SVct
z<c9uS__U<+BZI82hxJZ&^KVgWn`LHhqSi1b8EC^;L-Uaf{VvE))-=qIj>=ljKX%LC
zu(qmB@JXB8!iOm8IjBufl1HWWonU-b#GH`(5U3*n80X!ramZs=+E^>E__lyN58n--
zMSYfkAJk1ayhRH$dYZsj3^UUX3Awx^)h3s40e5y5Ltln*i8d6PM_?`hLh0#hph2NU
zB(+%bt;+4qixVTRfX^#gKej!V<nT-Yn%2EOD^&U^+Y5&Jj5ocbDy@<Q6z81{Z`9a#
z-YQ1g!nWF};Ae2qN(8}}M(P!Yj#cP<n*Wv-e<BZO041_r&4>J`;lt4XsFo24&H0um
zwMhJ(#12PPj4Q!pPBRt<em`ueb~usrK*R?`IO8lIZ}J{|W2|n^A=MPVCi<3}9%*;&
zh``(GQ=-m*F@KpC&9A+PGaGy&&;J2Zz!-`Y4rpU`!*_Nzra&i0UK+e7jWOG@J@htE
z#rqLI@lPHp9oVeU>gIh;#RKqv%~F8^`3Zg20D`E`d^7#`S(~Q7XHw3v!a?k94!V3|
za~+nCM4g8DMq)574m?fk8gxIx1(T8AA<3WgG7XNi#b4<*cz7mv?*~NSh~<Q4ZJ|4n
zO4L@!YyWuDg|45~@P;5{2ROv|t43;jK*3eXPwGXam}sw&U_F!CK3E%IzNS$UN;ogX
zfz+93Od;O7H~i}z{u|?puhSQ2l9@d4<#;ZRR<;UYu>I#tgC21)skN&T;LXaH;-1zl
z`5TYoo|gY~59bQ0OWapo3M_YOKMI>m91gQ6<Swf%*aac)lQK0i&=u!`gwXvj>ECaR
zX?*FLe=SA5z1+D4&`wc@Q<^Ow;h<RGAJ5j}XjZ|?eM{k8Djr{E*0)!SH=*D_*^7IY
zqo5o3L0J>YSiT;KbzvT&H|bzd&pdcE&r@3C`snNU48A|&Ie6~UKuwRgNIy{vgx+Ie
zPNoby60}Y>KruuOa`!Oe#K?a$*B2b<7?%79I!MU3wIFT>T1yD5MfpoGK$cLWJ%Rww
ze+k2_<eY7@)-X<VQvVU<=c@w;rGVaB^3j2BH^U^YxPtky?CAn%I{>I^ILYOo0=l&;
zB;*Pi#M|1R?4V))Y8ns|Mkhg?iUIPor>BaLYLy9N`CS$Hj%v}y8iJYwB9B^GzN`=}
z&YX-^-&$GFGizGY>3!9^U-Nk1Yv6!Sa)8+ylR&Hmc6PAmc>IBrz9WHCH_A<?Qneaf
z0vPSeRWXAW$ksGOp4_)}1_uhql!IvqNhr8{RPYk*a74;E|1Ff>h*qOf@1{oaakI;1
zlFb;26w`)UG`0tCgtoDG-N@Hu#zJndDTP2d^DsP~zRyAS#<6HdY3q*Bn2Z#Y-luvm
zourbcHLtFl$X#@Vp`PTC?4%SF=EVC-ZrS<48vr8qn3jjEk3pr>jOZA6l@h6Kr)A`;
zj(&W2bkq`eiPb8n2}KKeS|q5~M}tFWjdt+J!R!Rt^9@`Yv#opcL8l`ObPa{C!~Z^7
z+3{8>sVigA=kKlhKo_9s&z<)^5x-dRXe{YH{5emJeEVBnVlaV-e~1ZW7{DtPPDu1a
zCxT+(i45@!+4ft4W{uRPAaPGaHjMnL<wAAh_$*2?zEz)(T5>=f>~s1DEKW9!$%{ja
zhO;SUi2MRLJHyXGFLr)OuVi*r9G>et>6_@-C&|9#*!H7~$}gk5$*q|L*(fBa_2&Bp
zDoCZ}=&M&jO%2IQTn_JiVv<Ot;Z+ObW9a(>0fIllfx`1?{ThV@9buzB`egJBykjTR
zUzHtw`5ab#yN+>|g$%6$_dA)zILz2}n=bGz1bS52pZ*S~v!{FNVX@mDgWaUwWkUdT
zj{oQ=6>y@CLB6XjoDJ_{cVN0-GhJ_%;#sL^9lCIhcuFGi=qVHk0|k>pL)P;0$HBLZ
zGM^1bKeOj*RR@Z%-GYR_Yy$P8NCL=wEqS$&)we^eUj1TruZ71z>*u{`!w+2EiKL6L
zgGy=5d3M(Jhu?^G2V*Zw;0)@Up{;aLq*A?}cVlW>8YMmVQ>V5;5o14eQlY7TLilvr
zg29F)?oZahIZZ2O>|<X$I4?rA7*XRMK~u&rc*${kKLiOmO3@ePZ$rn?gy<Iu+($n-
z3!nNOUI;OK-6ws+X!N1=hr%(+WFIi!v_<A>Hi4>roCJ0H;`of7hLPsFiv378Dep^<
zCuhQ^@BoZQ>oT6}_w+=<i+apu^n~r<z}H$Msea;(NpDI9%3Pteqv>2xb%rbf(n={a
zBa5-z4w-aoRAUt%tkABM@VTN;H_y-B%B(k{yv2J<Gnh#(S)?|KlnC#?YMG1Hd8{+~
z#wCxn==ScC59fX43+Vx8&#p1U0<<6V(077t?@{uRYYD_|lCeX7q(nLq?9&+1xQmi1
z6v`-xIXSLif`qF&4{8|@mAW&>?VAnJRy%;Pcl;?7pENeG<T<Oucx(URtm|(yfeasY
zvFA91B$rR^T7k`6!#Q9SaEA{m*_y`k3WbucNCP>cgKjISiOme)iy1wMw6qm4GcCHY
zSF4dMm7YG2=lEFps8?irFQ&d`d^zBRZ2SN{rqjP$U6T4TYA~9<DzB+>hh!3zE}0C_
z$i0psjF*z(;gvBlkTitnu%G{%73`}!_ZU*<6-4S0R}d(keZvUGR{1fH1xs8GVl8gr
zmuEC03UGVz+<PW0YBcg02Iu}`!#S$+OyeRIZK(XN`<+w1KIAaq-)|Nbj!lfia)Dj|
zzB%67V)y~-7NaWij{uak(NLHUKH8}vOLzIklyK5h2z8c1%X>89E;jd+?kK16SKo{1
z6;pu>afOC=ws|&&S%XA$5Bx1B+Bhi4Y6R)-Nw7q$!MTJ|-5x#C5BY~6u3^4+qFX-B
zDrNcgf|~*9?%rNxqa0x3+f~=KV9WJ2bY>U`Q+1J(*S3L8@kxGa)EKx&Z+47T_+k8F
zc@vPF{qIaeDJwpwJ%6E}RZwn4m;dvJ&eO3<D6%2pL?_l<R}GIr-ya=Q0eYWNVotKI
z_CSir0i^oYx;eK?YxKJf`e{>9F@7a9ej|Oei@u|Sr6;@!%unY$5d8JozowRbRy}@D
zs*Ca2fN)~T%=e-!+WL}3E357F+Pz|$1g~=A7sfj)D<qS-#LAut{U1R_D;KjCtS#uW
zy7vq7p@OP5od(M+RFV91%4*?iPJ>?3N2z>42I2{*XwHhlZ*n9t@t~ySJ!m-!YGRPi
zb}8XY$?IcovlULw8Xmn*tI=`*igLsueZ}P!x8sIVo)SLuZKc>+KZkFr+X;j@XF;^F
zpQDUliodxvEr@B8kVWZDifX@cfqfb+YPIFkRTru`XX)`X$nAr~H<bJnk6kk|wr2w|
zhv#R?B$yc%CZ4H_5yC>e?@_2j%^e%nBm}1KS)#B}`m>1X6-HjzzH2e%rulPlWo%%f
z`)q^8U^hQg6^nT6h*f6p_*dN&GsvmRFZ8f?yf6p<Qh>7K!XcU*^iNkPI&>o|kLz_^
z<7j^4_dJ1HH265t_gZUe6f<2GQ+}tO^3z<QpY10w;YY&{7Rpzg!$MC6meIM{qm+CL
z6aI0C&Zu5n6}#!65&^6rpIaG{z1|McsO&UT1J`W1U!~e9mvFp@yr9rm1~$7g4$)n2
zC^^v~-Z$?rB1Q@s6Fg?YK1y@JvPQ`zqk>+87ERBpHhh{lmOvH204L<O<1Q*;%(%LO
z^r`99IZ6YO#F3RKx_5QVJFg07t%&)QI0$N24${D*v+at2GLUJB4YXP%rFLv&Nzvl#
z_i*%PwWnrz(-(Z=NZZi^m6))NVd2LuF>v}{%u8m>Rj+dMfO0paE$0Xqxf-hci};+o
ze*KH*M<wyx!lEgb*lKc^DKA$8UV9EW>&6()!Nwbs-hLx5E4z=eCnHM~WkaTXbN<Uk
zU!+#ioh0eP7^1gbGFI8wzxn!~siTu)KbBk>;mVu;{VK}XP}f~!{`+pDLf;S#tPrtq
zLi{mD=Fq<d%-3wB`Z?x+zz+UE67W<+2`4KGGJa-qOjSu%YhsD%3<lqpNkO+Rp*c6E
zm4BFLu`TlFaku7dy#MpmbV_A;f+x4IuzdY@IfRsyvQ`E%L$)K7Gbi2!1uy2>SnUH-
zSLw+~a?2?>nJkf&A;_PD@xac5$LDVM-X%rLa8w0|q~oIFU7lCQX|4+vDd^SC`l(l6
z%aO4zX-;KZXS66*7n`r<1qz%1C1hREC2yY48bUV7ud^;iD?>HN@3OD~T=lfG&j;=p
zpuJ^A;dwY(n6in~M3VryWE9ekC+#6dx(V?=lb4#VUXd?LTRjsA9^*$}MPZ!v`Om}U
zsJ7dyu6n25Xoq-%zW?ItAuc2%)&txU*3@Ts)tJz+K?8-g@#vAUvBLGmOOC8E92^JC
zHnp+8;W$klpWQV^I2R^Q&b&+wkpY{q?JDSs85CnH+bpjqxlRG?c$#Cq1R4X)_lH9f
z95>L)NW_~!I3Q5EPz$MnV|)CxQt-tw>APg?aUpLY&Cz{kOeOsi7-+g1u-EolU44Lk
zDsHD92-`QIjZ|AP2F!1KW1__0o#_`h+*!~A-V0#C&-Z^`F=hlNc`UGw)kM7b+Y7le
z?QYT~Q|bXml&YR1lk|g~WHYUbi-D?V`Vpx8HCPBTpaSOJLO*Nq!rQtE*oh(j!u-?|
zcc}obEuJ|XzIvGJ=cq)Q^~35Du)qU7R=?^wurykYE+%Z(R+`U<?thrBcb}dOd~skD
zya@qt^r20C#S>(E9l<?Zk=ye42{F6btU%KOE{LHhw;J?};MY%}|A6|PRWOXp44Vbn
zigj1V&uk>dAdy3?Mi8tmN)eeDQS=xuTrYfRsVhGK8Ybx>p({WS?A9OcPpe?Vc7WB$
zQR|7Te-@;xr=rK~!t=YtPo*XicY&7+@QhHwf<bwg{wMkh-<<oI8WoTF1OJpSq}w0<
zawjXd^=Q2K8adJV2YiCxpXYS|OmpjnuDAb6*4_aBb8Bp|*d;R$zS?yEx#T@zTp!`I
za5mUk6UE%@w6!F*C+IGKY%6j}D2SyAxW_`)XcP}jksF5jjKO1ouQ2dM`}fc?rMLXS
zfK7*>{FBInvfjwltca8|2qOUKu$@C}%>RrT)?}3S(A2z`an6bR`Lj#^caoBuknapG
z$vh7i6bCfvT5d!tiNOl2T&i`|o#x>I!IOKi84Tj-`vn_M@B(wZ?&xWn&8q!+i|?c6
zG?#q~8;482L|L?m%w>M1-L52?3qfm`IJXE7!|w)EEDe&Hp|6Qoja>@CI5;$@HIi*y
z1P}?%DwwNj`Cl0iOw1KdMYU;u!d7ODXu~A<p5`v*$7-zr9rtZ%5MUZSFuXCutV#ak
zdM$663xeVKINvfzKU{DJFT8VnWUo##uAif+5l^RD_@~YVzI6nlj<F|TeyhkV(0QB<
zcDchs*$5@~lSl!T?c|v_nP99P!;+0a%-#1^ntlo7dlv$y#;t-2-ZRHz4To=eYm)63
z*OTuCD$##&bRfVp4R}Gg6$P1wpS89q4_(-T$jD%5t5EL;JH@aq5L3`eT|sTlretS#
z^=i!q?{jedTXQ!<yam5Gy&P?#@)M^q73P{`&?k-S1L6KOf&%;q(hrHqHVACuiTelE
z{U(rSzMswTP3ee21PseGO56gm@Uj;W_iZM30=Zzt&tgncpE&1TSl_`AJW<4I11k=R
zWA{Q?0~Acn0jCg129=L$LJf#?zR_9w=m-ubE>DiHr2l>5)OB9zb2z+n{F$0H$<m(k
zg_^{53CP92wtZIU)OT~KeovX!BODsl+KcwS@u(@PV-`8f5lGFbB1^GU5!xWogF?gt
zgFtTr+-ut4eK?ER)IY260YDqD`0QJBW8Kyq1Diqc^V#?{(MJhU&|(9nO0~syACUkU
zsiPc4?DGQ5A5!y%zp1^reE(0iSD^4YG{vkn6KnYLG$0~QNAl`(@6^Yc#ZepqwtXjA
z73^GOI3Wn^g4K*_(HuMrp_n_{iKU%&+@NklJq*cw!8lX9KA=gu+|<sCbcDqkic(l9
zM4gZR?=vOytwVyZR)jamEdaL@FttWRf56zvW%f$27uJll_%BE8DWi(S$QmZ1FkU>_
z^DPA=7tx!ZEU6ay-z5<Cvg_!aOW<RGQ%jN;dK+Or6|d|9O_L{nkIgT<obC3UZb)7z
z|1l0D!+P_#ykZG9nm__&+IA?pas&FxZRpnzozu1P3}0H*VBg{N+?%jhI&NBPD-$Zr
zI-s8=01D~KB+X!2Jgyl|(wPTFG)uAT4sEB=_M+Pw*p;Z3nR97U_d^;FNXJ9sfFjyj
zqLQ_uKR1fYQ|E$N@Q~TQV|!FxLtaiqEz1^#H0q%~wUQ^{SmLlRDZis(Z$yG!zkde*
zW8><UZU?OYv%5O5U_uU_LZ4|G=JFwuZVS{!fgHMO0M?^jal8-fN+aO<D`5}XC(^2e
z--NR;6Cz1J@U4;f;!lv*CYH4=vn&rHz!kl+1W)#Kwt9~lS;u-snTOEWh_A;NU+|;F
z+b^X78H)*7Q-3r64&ry6)CRZ|9E)gP5)ISKGCgMGec=&yYQC`0$Gvke83t$4h6Zos
zUlKWGS5@a)$+(qErr&#&KaUrA?*VRefrAu~>#-pPAo*)CR4I1XC~^Swme5~3SL^;^
z0RNa>#{#r@7qMFJ6sE&il3(`C?;GIS{nwT^K6%0g@AO8E4eiVAx%KR_>oE59mF0!r
zyDO^soZ#)@1OPZ~Itf!x%DRspX1f!zJ>fI+xcu`E?gU-VheV+V=aARKuX10^4jDrJ
z$)0*Vw$^pS%oEsDAi>n%2acY^>5PHux$qZ=yV_{_$g{{<n*-d%Dry7T&L!j{rP~%@
zcY}!`$Fu={>zE=MH%+QVDU5UHAiL?MSX@{>%`#I9<P~H;S(-txi)nknd<wjS0mn~W
z&_d?f1akKUfNF7A@Fa_;MIDIHhkTb#9YHny|KFx?T<6cf1*qEyFyP;58M=Ky$SD>8
zC>*w04GIChl*h$ja6jtXkwyA9#~iRf>#Aud0wa~@KlyJ81n|LVvvG$GWjI9YxexAn
z+i(^3H4;B|;<UFCj_d9N79Y~Ar$AegD56L|{6%&(_sYww3oSRhPyv4e8Wf)NO+ah6
zVh5Yj=)BCDX&i;qk~#Bw&sx<4r1<l-&O5n$F(zX$lcZ(>)+CZadqAX;1hg=d;wIj&
zyc1yF;{-H1kmnC0cL$*&u(Il@cziRD-Z$v(-J81@=o4~8Hb<}fV-(+~_bUYOPRdi`
z8yUY>UfBX@xAY2)Yx2k7?zNMpz0Q`1esq=B>gdCXTVat_`ENdbADp7Wcvhg9=qDtC
z8b{~Sb8mv4_(Wo7THeKAH|YUc78hC-S=Aft+_;A`_XlS``*!8v&%(XW6Dyq7$TDkk
zC+S7&_xy^sQ7heSJ*Ai^$5OMV72W&00t<lH*v__v{^5#IEwkNN3>jsV{_YC!W{z|s
zjDJulmVT2xme(kDqo`<#P*G!;UGjGnxO)DMun^ypx)B#QG_TlArNbwVE#URk#`u^2
zEiEp^1zgww+8EBKvniS0g(sCi1?pkHC$2~lZ42g{Ke&smzk9B*$Z`yQi*I*8(pvSO
zxzi;@a}im$s+_Y4i)?$4$Eyajk{go25lCTbY2Zf?Hw{i*WqE9iCkc*5>}0M_`KlV-
zHEHuG`j<cX2M>^?bbW!pHxaY+aINXLvLld{xLMozSuTAo)YPd{0h;5b8@s~H3J`Q4
zwDRMX4V>G56{@S!%`Y2Qw{<uXF-zzLU_0R6+^0Lr_>@|7hg*!J6=fxev(vL9SZ;e&
zF~#ov|1C`7fs{4=EG>JSM^5O@0>n{+lIxQ5K53~t_z<=6CXNc7e^J$l8fh&9KCME}
z;WO$<U!7&~>{N#I&2Nk9(#v(<DmBPf2m|5#%iSJf0heLo_O)@=dYfE(zsQ_{%yTEC
zrHtRG`bG!oeh|A|0$K6N7P`)7*@i2ySIkdP(U^r|PohWzc<S&-+qFNKha+E>)B4y`
zdKpIJ|HPsc`VmzyBb#78?@W<8S}!|2Dp3KAevmUMH0B68Ffm4?IQW~-C~9qhg9p6S
z{%k<egrYz<r+*cVhj~ww{NdoR4&e4^2oX87D+q@-!WK(7{+P403sskyaa~}uPAJJ8
zn-<|zBaD^jODdI;fFIgS9c6i0zv+1XQox$JWWO;qSMC8A&OIK(IkqTzXx+lYCS0z;
zo1j7tP<|FE9&QxkZ_0<Lw*lZ9Yyu3vv<2vA_1+%W$~F@gSKV8f|0aggku{iUon632
zS!P=8c2#?u$Dj2=-;pvNz>6)e3u?0{yngyS^8t!9(+Op*6rk$`x6hcb)_B>QGe`S%
z9MuSEfPzYK!7mZ;sbKm|1=9n6@m4tBe_o~1Q|H{L5g0i2t*ujb^$3uJCBMHvlu!X|
z2;zT#4uqYGqYjhX0#6~xcbbWKg2={K6WUY9=`Z)bZy$foKRY?3HJ=34-ivbq{+(eL
z$_bbIaaai%ODr#=V&hym*B9-VW#JQ?rR<}GDEUEDDieH1t;VpAWlw7fu2riOak-pR
z2~=JegHC&#I>0jkKqpr&)Kr$@M4=PUnq2_1X1bIpWp;c8Ygg6k3Xj3M!1!QMde#^6
z<kjalrlWL~8}5M)pg#T1CcJgQ*8_*CS<3G%^+<5-n8VM`+B002+-VVQiCh4vyl)6>
z2Tc#1(jt9_n&%%qFOsLpz)XMx-ZNtA$WlQI?|QQ4n0QT49rkJ09<Uw?7|i>bWKNJl
z+&RhWNuTNW|8{1Q4)lP%W{dQA1#i_jU{KhzK8~7+Iu$k^)`!1jN-5HkqZM|58f8US
z>H1z^o-QiJbwpn0<<zAy;5XA3U`+C*lXMRn6%SG{A|uo_l(ttv)|F=<T}R?5@82@<
z^!icIp~bF-<E64XNguK>&40(=zxpYa?_r6~%f0}j1gaI!L`AU#>V0(sMA1$Ygraiu
zK)nyQ*ClSG@2J(6Io&c9@Q%UC=^gP!g&`IO$6=3Ig+7)h#IU_2ZcQ%>ZM=w>#LpdX
ztmQ1dNtHSs7xHh&`A+IErIkLD+x^i0imitY`g|Rqwo{#a0W;r56;g^68CAp)ybf^j
zk}=iGuK8%gB%A>$NM3j&NTsd-jWHN1Wo^u+qY(~XJfJ}Hb?3ZIRjoZmii~q7Jr31{
z*ejAsRty-Hj2VOethN#l6G2WFmjh?|8XUyK-{R?T1_o^vJ5rPs*rc*Fr#(3-|0PI1
zv<TcEYPh_0^w#G6%Q=%~wnoXQ)FM?K3RoKWd3}!3TTTSOi7L>2{n;uou$mdlGliSd
zA5?IN{$!5-yKJ>}s0UkEL(+jZd5UC7_vnWb3KF!p4oO7Lyt#BsOd|XJ!?xX^<*tHH
z8XO4Ya_xEc^KINt-!%|DKr{zq!n4ifK-bWI*1wEs%Ke4s&nnVtvC{SGw=xE#ze3i*
zx<FSL5(DO@00lN5v9X`3CZ<U?>4$QzOoNwY9Q&*L;q}<y_xxD*&&6P%AtVyNHJj>n
zkY!9rhcPJRk@HKVv7^D87<Lc-A_T&)<^yjoKvl`uJGaXE_y8kB`dY$})K>y~0o!v;
zv@zUzH&kMn;Zgl53wB~3M4kPmki1dk-Wl8dcOwe@aAPf5uHaE903O8QBmVqRAgfJ|
z)b48eej%6TV+=4p;I~>OY`2#+zh3NDU1o@aKfdq`ao3PG`czKwlx^#|9+$r6CtV^z
z@ANxq<-ajW#M%Tg9`K6iJQVlpWHD%o42F3>Okb$=nOXZ`*Yjf*6#dv))VK$J@!Bav
z0I6^^2e!WX&nSSt1RLmb{o6b_qkhkn_WbM;nrL|GZ~WfeusFvFm~ER9dYR4+iEfjB
zsjZ5^<s25F0`u;z%^N$^zrxAskNYVX?_K$x3*aljw$k~23y;cQ@o2t}J2c9Uj#Xpk
zKw-C;d=F~JHQvQN$Gf!)K993M0(rL3PecRoPo~t~gLDKS7-sCW+bD|QFLM~d6!3~L
zWxY^{x{v~0kVkR@K9B?-@pb!U)|Yf~5`6=r)wRp*oe%0kK3>&Qg(SLw0W}z0u5640
z2vB$)K`kuWp=@fI(wA;QOVjG7lU77&{z@{LF-H{q_D>_r`5Qr@XdTBMw4X|C3yhB2
zu)n}4$e(rtM4d2rTt4EQt*Ld1<sAFp35~k>>)CZMy#i3(u)`WCSAk3|h=wzxJ(2xw
zl4v?AL7rRSixLWm$iR+qD-tf4uxe%~F-pqAU?!M;+?7;C(Ld<?#$*5L7gR;8RN`n0
zos3?>@(b;7hoXTnJ4f~C*GrF#&q_tlcyc?hTH7wz|Ngg;(J@BHN0!!#7vyO6rK%a>
zCrj01dpbK5U*&-Vm9nf<)}dJJbDYf7XUg)H2$9xH{0)w98!X#>Cv3vSCMA`Yg?JKt
z5X`2%1~!d37rV_-olDL)z5XxC3l?J0oveNg9Siox9wg3wJ#5{P5-n9sWc*axW<<G~
zjI+3WL%i}A8UDlbh=sYz|F{hP&x#}c&z#W{J5z6w7Y`{<Ap~iH2$uY;1}26Tw_Lhp
z2kl+T{x`eH*yveJ&mC{PxkcmAe~n9fzT2Y-iXEreI6mkGGi<Bmrkckx1I{tJ8s31j
zws}wGK{p6A)P%E9HsP<ZNjIuqEE;)(?%~&+r=XVtba@bem(4YKW@9sdgCpF9Fa^<)
zY2qRY$*^pH6~wIRI9MhsPCqqN^hqH?-HO@d&mW17R)aq_U}<Q(AvJnySOktpIlms&
z5yk;PuNl!3exYt%)Gh~$I?->$C`uf8GeOz#jq!1pulESby9s8A@OX%K8?5Mu;}4nK
zWhB`@6$)8z1kv4Z!P*+|3Lc}G=dp?*{V<Ch6z2K1SeYsh5@!Z^2#vqDE-S4A8)f_f
zqboa^FlM0RshP1YctU{RLJt9Z!xBx2>Po2K*{$akbLrrkN7wA+lZ+oS5@^sSs^Dd!
zDc9@@99Y2lPMFYXeCYu@0fLY)xhn{%fi295Z>-ng%aG*h$Dg5Ya39^5VU7@2X^bUq
zkkju}C+iH`s&UFM{}CK(3%ZTm*^g)~kXO3UZ7j;h9dL%JDjG$4S+CF1M&PskL;R<r
zkfgT=ZogfY7i6p<ENKJbn^;r;z=kfR;@jYmp8Ti!0VxZ#b-@}Vt5+M8I`Dx4k-F$c
z`(Ca*iR-*X_31Xp5#PcWY?JihvYn_XlSm_4T<V&?$JyuzyD9RvnGL6%44JWi^BtRd
zYRc?3$)Iikn`=NqvMb1Oe>dG{@DC_zKWeLp)8}8ozVi(P>~OQa&*ONZaXBnnNhR2s
zzXx49Wcezu$aIhiKw;Y+H%`ba=$w|Hs`nf70*A*+tObAx1}fgKWj`pvArgA|+QE-?
zChVow$Go@8<^uOkM&Bsb$)m-7*-5=+rirg;`cGTUm-Q{<Fkebz-gF0O6Oabc==GL~
zam+bEp=^9i1ke-%!1d--e6K`tAhwM4uqW6!SLY;aY4;4kNPxc=@Le~#q<nL`%3ds8
zd@c#^2@T&aQ3%*vQI>vlam(w~1*FE&Tf35F5nvwR9OU4M{w>MZ%FCUqdGr9;-}T*d
zlx7CC9kT}Kc92Ez+$8EC(EJEud%BF{@l!GXar>VTMO7ewbCl~Bs3F{0PLFB5F95$)
zMutxjg8E>nF*cxrw2#BbstK$rcz;Pjuk@7UzFK+7zFN;ddZpen`r4`ISzypP7Ngu`
zvGq;zM;-ouj9|%A^9H$1rYQ@OV(u5_3^tak1B0BnxP=?n2=9+M3!c{!igz$&uu282
z`KD_l$V?6DJAGR7+Wf;nVdt+UAzJjX_2!eHD0!Z1-T!b<C8i)g5Qn?nGue&6CcLka
znKEVE-Ur|^hWTDRurqJ@HLPUl!@YpY_Vh8QJT<%cW=>tfmy9#aZiIv(<}m_x4Uo4O
z6^w(=i9ONyE!c!Si}PAV&fcUsZ%-#>drXd1G@&4D<r3lGn*%`Gopn}6)&Bu^->&?V
zX*ZLk&=;QT12i*0G(-1Qef0>4pPY&1!8=;z>ZqBv`Rojo8nphpVtKrSqxv6J;~m-o
z*%oH?<F-;#j-$hU0pQ2y6~OuqP~%#gh^gTD=%k#Z-98Sq5;<zW{C<yBk5^YTwc(`W
zMysSu#zdT)>(TA<Z&JivXs}O<gG1!t2}f_hK5J9)Z);f-qvNAfoJr<+FQ%52pkU;3
z44o#6tN>yVo(fWx!#9f2yc}<^dP?>qxYnQUJQ=E!`K#vZ)2Lj%d2OHX^<w3uQ&5-h
z|8aB<40*P36wkJw<yzRXZP%8$yjr$xZJEp7(z0#W(w5y?w*6jvzrgl%<GTMi=XZEM
zIBCuEa7NneB*Qcsuuj(|L6!+~QF25#03nvMF<CPM;NCphOm}Gh$x%25GU??&Af$))
zuHC}WnUH$l4<tGMM%Ob^F?5o!_zP*_*tBH?0WiM%!JXd-S@ZvgrBk%{He7c20gHiH
z!eos{yD8qe6?}9+^o&}s^lO?-W6GA>pfPLTx7MlH$8UGwFi39Uz``?81E5({{Z3W`
zuYg2Z$g&>4cL@5*RI%`K@xW>Xf260uP<6$Lm;5j4s}o-~Hcud@r{#Q9Ni~KR3?Xlz
z&!Rhy-I$~kd;k=Ro$KLu!r+BRd=1=BN+hkHy)C3by78XaArN%GM|%|yVO##53e>0z
z@mhvj-BLuoDp6t}2Ygk#uUfCAt)pzP;YAa<F5uyMggr|5QCzB+6)ZBR;&TCH5UjXK
zwp%rHkqE)K4x}q*1%ZG&>K!);E*e9|E?wZwSKx_VO<NIk2<un}xpsvi!{&fV8c<k2
z+QKfyr8&#+f#q;FJhMJKWkJx>^aBgf2i?1#tAyt0W|4pC12M&o2K2l8wC08>bFSee
zzk;4uyk_xxQv-g?qT(Tt|4MP<5CTCnA+>j4yuicmKjqYYwv(NR{&%%BLptIFyU4yO
z&MN9*vwE4EeE+Pde58e76T3S5aRN~214ks}gl<iKm=(M`CA4W4J=_iBz5w`l*-SZ1
zSA>WrwocGbO@%Cnp77NW+O%t1aK^ux1$U)Isg!tu0gV~{7s;<;U?O>Y>>@AG$OQ09
z>7A`(7Gn2w2*^spwBG9xwYozdvq*LDK=xN7`3Z>mq<J><p6P9tALQ0&P6OSgTsknQ
zA0|LK&VtHC^nP}=*u<oP>++ZKRKmDZi^<q*Bs}$0T~|6sPru6_@3ry-?0qRBx2|si
zC)=;R(<+ilyg6oxsR8C=eVautZic|Pf#1!5LHfcSm4%#%@a^WQ5W6ke9y#Sdy0L8Y
zyPu22w%p*%fX563GmwA*kn$cAX#EU6;QzBGlg?4g&>}Yn%{Et~&>@LIA%J@7@bviy
zncqNF>#I5z=FS8XNaK+cb{k|aXDjTTXak`4u&2xNbiA8u;5GO=dOdASM4OAxxKM~?
zns~R9`=~$1H{y=S;=kPDQb;iT^UV<vPzurBhJMK&B|iNE{MGr)13f~iI8-1XZk*{v
zU^ihHSZbdF`uJ#Fj$E()u<h>-cmsfFTo^`y>+6{M?;n1MPLP(lew)0yBSV&^x><W$
zzeplm%h~Aan2Dxk=7*OMXgmp}1GW+!!#3iiwToWvhAe?=BIDcbKBrH|#33j3)V()g
zZVQ06(MN?GB7nw%^q%Tj@Ki;1;M-Rlp7uZhm#$2-s}<V!s8CubQn%BdS+h-;(YXiY
z3iMXOrM1rR!NX0T*zYlT$L%WO!@}=pz^5P0E1EFs-%8I`NJR5KrN9TZ?a{iwLc}EJ
z_J(@krm&SwyD4_5te~M8(aSP~0NI}mxH`a&XxH?0@USR&A+(UL&buRkhOj_Ho6E#^
zAZfD0IVUb`q1X2i|CVfATUVa@+}XDyhlqaOL*Be5?)&qH70$1WHRKr^5(xHCd5@{W
zBRsmKXGN~2;=3~4dWb+VhIkwY0&VlJjd#2)viaf@e1y)>*A0}&BDV_j03Bt-sVQ1!
zA@dO${Kefv(T!Ziwgn<u<Rk#%p{dn4e!LqkA~B0}27?Cg;@6=rb4|G9-|7-FdkRvY
zG5rsRer&h!gOhbHh9CH_(RxvTu_<??>UIG?*}Ze4*$=Z5KWvL;*(GFt5krB;i;F3!
zg4msf!*<$8la=fras}C#4vMshsFiJ0#AvLLCJ>|$)zuZtpUrch*kx=C9ufHE<7AfP
zXj27{<b3vKP0jW1$iW#v1A>52m*l>R%Hk7)Y)Qq2?NDPQBIGV45WzrSLUVBLn*2|l
ztA8<OQKz?Nw6RBL`XuzL|MdJR%7N`Xkhv9*H^NX}T{rg{!lnBF#cgDA)74lr`M)1f
zh_~BHU@vY>ek5$Fe%a>?U%Zhe4XReI-rc#N!znvU4&lG0J|~2<>CKc|_35u`R*cY>
zbA%ij|EjWjFd1zF;F%pq+{z8e{CbAPUB0?@5!VefaflXh*(&*A?D4R_zWmZ5R9im-
z!&JB36Y&H6SuocXEUNa#KGGV3T&2zrMvAJD=gs+GKkkv_?f^>z0#gX);#&Mb=zZqO
zhShM=3At&UEko{`)1}|HWZ8Wni^9_mA$Vbb-mQ7)h@1bDgL|$@z($v|8EP86ymV!-
zRKdx*A6XsK8vZO*s5@MJ@6b&IBJ<!`_;y5d;UceyCih5@h4|X$%r3v^-v$5jf4716
zU;*G9i=PUHBRvSmmI`j<yvwZeIZVQf+9}PzK6F^dbnGO$WlsdVuVFnDBB3mm=u<M;
z^L_~NKq3--%K-tl7Ydp?i-b||A?Y%ufcv=V1KL-@7-5!qA{Y`u0o8;GN?3n@F2OY6
zd9B{p=vc#UC%M&EfRg_tjKbj*fOCqDL)tQWJxmUYFY*MJSGIZK&eEO~{!S4N{hAuM
zjpwf5Al%qjl4uPz0Dm{ul-XC8G05@Viv-+s1AFsHnQ=_+cI+??1p)$;G`H2d0?iqF
zhQJsAxV8R@QhAN}BU4TBZxcArd82$VgNkI#cwAEfhC${oAoFuz&!hxj)-nY04gtis
zA->To5<WX0-ERSY>L@eoohUuZquE&vm+{zmj5#E#d~}h7V2iR0FRUYaObs7|)2;Ya
z!b~rwGL8gKRhui)-c*?PerL3vo}_0khHr?CNm^rk1!>d)_$P?jNXMVoyoms_03G;7
z87gRVe6G+JJZ(7V=mGMTY2in%MA|z9&|8Iz8I)xxlgcELs$6M(FJ9N~`ZMoXZ_#x9
z5{RPPt_CYGFmLiAY+M(8GXX{3bZ67iJB4b)FJMOJ%*uKhu9VBVVbig)YVCeWn>`VJ
zGK$Ko358oZUs|J0YQa*b8fI($0N{u#JQ2>A;};LtV{&2zMdZ2q<~Bnf-Q%=o?Eg|N
zOgGvdfi%~5IREQZq0a{FamX@^?_7}fLRHhPLpsPq`_RfbX$TNyz29iVkY1Y%(|W$)
zF}>BBS|{W;8?<9*y&U8`PW6-*2a`#Kfnz8SvaTC|!;{reDEhQ#c2`Am$Ht}3NhhDK
z^9}>8E!lv>5f72gGWIXBT>=Fj^NmPiH~3g@U?=vI`BK^U&{v?tqW1K0U&iGzHr<*I
zOv)H{5U5GW`RfBA-KL;JtBdv~3Dx8;I{3(nHd<X%o_c3<=+-d&o-U|d?&r4mEA!Id
zllA=7grYb$5YcbDl`$Ud6Xk3zMtj*=!+G=2fte-or%2)xm@F48p#5tgV|LQZP4k&a
zr9QFqg3Do(Z+{3)d>1p@bbjf;_TkDFTE{7|@+2Lf4{hc^HZzZ^<@HH?;VPX`)SVwK
zj|lx`E`b?(`rWhcpW+0zxgroOn#+9;myl(xBBG)&M-Dk!XeEc0gMo;QQJ7n<;{R4O
zTyy6fP=;Dz=MWbc3M_J}h_$V|X9r^u@X-Rv4IW&H|Hr@JX&4JUZmHDz0IQGx@yI@_
zHfhYN{@j=FPwL*8{%h3>>6>nxd(}sL;fCxCR1!aJ&&r1EGf3YA=7Z&h5s_|gO1@dX
zUw%qy<RWkmNjtxt7)%x8Uc$CiK;}7V)?sJ7Mx<Kst4HFFt{(i`$zwfj;mPG-2}ldc
z@TOSMJ(&;xeuZ($&KK#r#*zZ|C`5@>9wKHx^i^F=Yd~IRb5VoEa2XpGlsRd==bmBx
zc?ls|Umnb!&Wq1rbn{Rw;4>ZSVs*GhKnBD5*7tudzk{KUOf-fFvNrK34xUQ{<+=9p
z<ei^9{lY{=UD&(az=ptHA^w?j<NB^`kBZ%;58?4olb~9t`drIz;HLq<N}AQrx4s1!
z>y}Hxcf}v4<9J@gmJE``2dKe?NyTkp%S4Vv%fz4B;r?b07)3LeM0)teY0G^=J?|2h
zHS4<f4(^Pl(W?>wB1`9}y<GnvAqc~<gw^qFP>2h0#l7YXSYYomhDu$8FSwk+>$svB
zn~E@kY?@nmeCLz#k2wKTsTCr@)~hb9?J0_=g6E*J&n(5632aG>Wf*X1^HGhUKUBsT
z!)Vbqvhk%w2%CT%cL1*ajP^OZ6Zn-)C4&H!UJw6nKD!eUSCxlD*<q}k)=(K}#DHUG
z*GJ?2-7&?~pAd+*eF`tpDCWN)ENr&RdG72nV$zxrndc*E9cXugtKcYp?KO!yj>&1}
zPO6KIPc5^}Q`0J|<V(n}!Dnc~I32=Px<t&%>cg}i+fzhnJ$#lhfscM#I@qV2-C`if
zph`7Pqh?UiRtj@-0po*ziabf@E@i6fpptC7A-zD)$lIr2Nhqa-2_ZLTkNWq=hq?)I
zHDrKY@+(pffAIi{yN}R%8+M68my^ooNJ_{A<szBEv8?GfCiTzg9|ra`3iX&t@)tiE
z5y9uCeAjy`*=u=R1zKP(S|Qac4!`#rjl@6PWb6-1+9<yR;w+XMZ_%KQjEyccfoMi_
z5H>82<v24sX@Mzw+rR(3pYIo3q=!xdj^Eo#aZG_By}(m6IkGdRx^JYY;SEn1?{1|W
z&%-pQR}+}=qL9}f;NrLxWdl0mGm-yLEv161fM5{@CK2~xWWSa`fOHdj(=Aw=P>g~O
zH9i2`@qFF|Wv~9pT@cAq+ngr^9K&dKv=l63Rj}7104*<ckP^Ls*$QsOo4jO@$>9sQ
zCG^_&9-%KCj4e+;0kP-fXMa4i0E*e(uqZ;58tZvj$0Js<W&u&rauCou)bz;%?46~}
zhvEW_BSa%JNEq`?jKO>RYonw<pcn55&%UkqX!uNeCBlu<qzXAVYafVBExn`@g&Yj8
zv38!&;T)oYX>RWi<-b%dkkLU+U)S*#b#cQXmUDXs!d#RScf9~?Bu5iuBg!!J+*k70
z`K6$8YEqGA3Q&Pf`pZ&cmDq1rdsDHL!PQ_519E^dI4^(>%Yv7nY->*as>;Sxz#(8A
z_-powhi5r~ssKGSFYg`9^(R+1UF_e@=E=9tlF`p;dS!-qbcufx6y<5DUxO4vi9S9c
zJ1?YOVLK*#n@&hQ{`Y!886W57<K)WvB%bNlNw>&?8~vW<#|{2ia|#MY)d&kP;P#Pn
ztT(o+LnWOV>^k+FtggbbE4l9$_?9T`o+A7sI-1V)l$}3nHjiW~l7NRpoN9uO)aHK}
z$Tw=CT!fk&+&6*QeZ*-|nc#-dcox`Yf<1wymMaw>`3LJi*H66HxtZGA#0U~8Roh}M
zAlWoxC$A9Wi^;DTnEcjYa42m3)>>0nqVcvn?FG5Xw8~mj1NPq&nW`ig2{`jrta-aa
zpt`A%7o>0MOR?WT^cqQU4sq!PyKFnxY-?o5Mng3>LLmlNHL(fGw!NnR0ugtIQKfo+
zAmwA2`KfP(qpn-d-vXb}mMfTs?(3)JK6bbNq!X>$vQjx|bq7JFpevuG^@Ns2a+$^z
zYVn>)^LZUi7|@L$AP--AxMn>gX30T)>)s9l#XWc*a<4VHu0Y0bRGs-@AKvlU!#*v$
zE-N4e<+_gqIlfq1nJI+BpLIC|3PYx{eO?n^?NleFzIiA80c0hX3Jw)#bY!bL8hj&{
zzBG(s`CX6UHE{=`A3+E)`f_P%i1S@X0hc94nADIM*ye-x7ch{|N$+&TsiQ58|KR0g
zYozBuAJVlwZIvTC!p|WJalm4N9k1|39ZqOJg5Eu>PqW$A@4ZI#^CTNGPSWO5%uu7e
zcR1A?ua?HZ&Im(sIPQ(#1|;8Ry3#<^M301pe2Q7l3T<U;_J#uj55BXDPFmUu0#DLE
zNB?y_4xC?q{_ea~#YFYR3fGxpev-j)(#+;<{Dd%w)y7H<U0f~%jGNPKUw%?D(>r0W
zGo;YH1shH2oO2Z`*5}h}z%hQdA9U60zJjk-eRMM*=LNk)gOkA_NI0BY&>GQ)Qm`<n
z<LpfMLBHf&>#<yHLmFrXzMH|!mY#3R=oIfjnSs<q#d@&Ec41aV{THs$WL~B_41UsY
zGEnv!-;NJ9WPE`9-|zO?{4p7FzM&tTx)DXY|KK-jUABVlFU`}0?0%{aB1y}+5wV&?
zyq$(DJl=vE=^{48;R&1Ozy4EF9FwSxq4c0S4lRV>FFcWoa^%rs20;48gZi2eC2~LT
z002MM?*Y>&_`q8fEn_0VbrnFbe5zA(m;Z%Y<9f*LbSmY>9e?u&D$z9UrAMe<j70{7
zr;oKaVWiVkIiAo6L7&BXz@BBrjQwF}(|Monv=@y~`9K-BqMedD_MJ3{8;>pJeM9bd
z0X{$L>D!{LTv2_DW3;uam(gGq@D@>wduE7p1&!bGy1LE}&ulN4^h_0+N9P2nyr#~g
zr7@CDavWM=BuHbC*VeET$kLCrB0YRMfxoZ<B&4vR_+Zu;Hqsr0=Cd8w**R1?vjp(&
zjcDgJz>oVBJ`~FaBA^<+9S(yytx)jfNC)}>>v1X73eL2k9ZB2_B{g&*!Dk-|TCT)l
z3s8Ho;nq#?sZh(_8GQw@Od|+2L|Q=Y-fYY|dNF{A)L=j%a0Oh;V5=rkdjW&Sl3N5&
zYTHTiG@(F-+5Dg=0J<r;edBF-^4<Skw4e@tre<U<?9lm&K@ftI*<cX0mKYTJi}Lw@
zem(<lh$Ivo$d2MCyq)R)VpOc(I4x%`w~sHpR-{Me<9}$(2ie{J>qPxlZxHh}=E=8V
zhXH9aG`egCJC#Y_<xC&Ubs59b+3#Bgr_rZ}j!*uxg;Jyw66=Yvqc4?)tB(&8E<V5q
zIUtw4Nd_6D$$cSS!K05aCzQP=*lq2IBtKiBjJE{h3L75njrXs!ScpROg<XYo@Ghb_
z-Vra2b$&CuM~Ie9S0SejMFP9AZ099UF>Rjbe;2A6Pt5HCDDA0#)j<_|c&Gy?{R#g?
zl1=(lju`^X?zZRDwD`~c&dVAUI4JmWRF0_BG20A)P^ek(22}2-8VSL}^)n$9FU>+z
z(2)YM#2&Ns(3lQ3BzF}oT7Ys$tQ}Nr4(Jj<Ml?98B*@r#Ub+udqVu*P$<4gOha$&+
zx*}OF!EiChTN47@+jrNF&FdpjcdIPwfPCS2uF?-|eqhZOew?K5tM7VkNy8HnoQiBq
zU0;lLy2sL4+H&6V_R!%cP_y@m-uc~owJDN#v!84_3mxZ|f=(_1j^Z3tIRKZi2Q&I3
z;TnWVG(7+*#m5U&YR4YDF7wT3kO5J#S_0YQ=SJz$LL?vh`@?ipmYgE8EeQTIqtrFQ
z{$4z{;oN|Vf(j3yO-lzcX$}H2P}RP4F_N-|a`!a*L&_>!4f!YVf)7v)+k#yBEk4y=
z_<RQm$*+dE`bIVL-A{_&L>%6s;T-P}Y)!uxl>P-9%&*<ZgDQ6f)GsNeWR`;#h22};
z#VT=zwvi<>7EhLuIDE+G*|;>r3@4J;%u1?V)!$od0lgK>I%j${&de>N9j}<tza$j=
zjykX}i>7Vu|7&sdnpxkx5&h58nG0433B}shY>SZ2EeBJXj@mMq|K;ACnHNo^_>{yI
zI=6dxc?^_azCtX@jc1jJEpJLcd<$Cuw+0{MNmYKb-*A<B1XfXn=zjuFJ+Q7ftu=7D
z_*=)_l#Og_k-1T{t=tOX(t>5iG`)4d;;S^eXd7`x(Tf3orTrd4{80E>1LhUn{e+3r
zzs>HKY&Yl`ER6`l^+?e@FsIEYpbP`BUDa`Evk52*9PR2!4-f3r?D(f$un(*L3h>mQ
zK7Yaf&<Oh*RyzJqJh$eY)xAj(LgonSh37kT+-^(yGMbSm5D5{{VkoOS`D_CspEA!R
z5~iu|I*J#&Y%Oy`K7RA59J1#~wJC<p74?|cU+zI^t~hG^^=>&7WgrJc!s7<R6~BJ4
z!(KW_%MU#Ex}MQY?x+q=l?l;$PSA(l@irA8Il!Rytjy1~1tq0w$B7v-O8zUkmHbCD
zeg2g*tgxYTNqG845O?_M`L@@oFKR;YMX&S83Y(r}q9;6fC7{(f+}VLp(P!F|Jq=`9
z%NKeA&ZniQ6#ppcOpH92fP9cC1-g;1HY}^JFt_0{(yeq7txe6Udwbnr5TQ|%D7x1#
zbW;<#=#AF#^GZ?|nJLhizpbP$7bt5o5kuQE-3)~gtV^xY(W{3Zd0>acKc#|Dgs*X#
zHHt)glTp-S-@uF(C^C|&{vUezZ{G<m4@11|uw2&`KRwYTPcZZ%v2Nb?@_DF8WO%By
zkqCC9t{V`MtYt7^{6bWwP%l)<UEjguTK<T)Jcfh}vy<Z50AZw;TnvxpErAb!+5DXY
zECKrIpq4jWgD;hqy*)sZm~#hPMGh`?wCAwc4m<nV5U8HD7lVurkjuvHnQ$;6LlbCz
z2h#JzTs>Icj(rX{?O6orzF;^H7qP|vq9n|mv(D1Bb?au~4+th2CYV1E3!x#QMmxNy
zMl%pnKkBTX_Kqy;u*OvGj$|AtNq;6}jKkpR3qUJ2O$gLx_ltxZXF$ZtHP{U#xyoYH
z@#-HGj5YowC%zX;jmiUcpNZpQ^SAne_232EW*x;g1P&L`U_{cPu!|7FZ=bm1A#H{n
zLx?mO_6dpw-c)7bHQ626<YwAX?O2YSg!a&DEUSOYee7L9v_Owa@77Qt$k22h|GxPO
z(4UYG8x{$0m+g4Ffrjax0M{>|DBgsQ{A_1ft)r8gqBgft|L=t_d!tu}$UpO)J=c3#
zoarc|Q~5m=d+^}~YU(okeqwKezU!li0HTi%(QCcJ0p^`&g^H;wJ)xWsUYx~o9ZIBk
zbT?Uk(_dxRj3_(m+DENw6Yaah*Rg$QNoD38%TwXJUnuPmO|hM93h%NPHEyH|eO&Rg
z=wH>T8Kh1ay)7|<C>5H<7!*xOHz3^KcXzPBREpLCeYt!y2YhPOzX_lB27OMIpF$DW
znI3c<tP6AH0va~hFesxhCs_BOgS5^KQpJb#CudP9-Jgk{@BcWAJyj`4ONMr5T?uyh
zr*`i=><?sbfA;mkOb;O*-}+}m{j=cb6I)~id90H9oVmyO;RMOLva`Gc@Ws~$zkSsJ
zN)gJ_K_4Y^CxFg~YP`{>b1sw;s7$~hZXv_eh&lK5a>LE`nz+g5P>N_o*ELpY`;qrs
zZ{^q1(Euih{%eUniMR2Y<KQ!nIh>9Gq(!jo8eya|0GbB>4euROzti@YRU6iiYORo*
z0GZuJJ#RJNv(RTS!TF=R>L0NL{h1sH5$pp54_OoVNC1_$0M7$j7#6R()~Eb>RXsJh
zP%o^xInQfri6{G~wGCbC1v|vq*yjXi^YVOrc9r^O<WXEw4WS<S*gSv$gGNE-9jM{(
z;E;^gA1v3;(y(z#`=t2Bo6a@<_CP_~AqgY}w^_LOcZB<+Nrz+jW-LVEVDQP_`We*K
z)y*QgUq6ihk%b9?F0uY1(BjoGcC)TNY3rF)T|Wvl@>sdHHr;RkFTw2P@fty83g7Mt
zIzKcyjH;ETB3L~9MW(SMkf3AmF7#jhueq)>a#JPf@bz-dp@VwaH{>%Aofi}q4p{6~
zGl7h@sZ0<TSR`?td+Pr~F_KR#Wl8R0X!FFs{QZMrnL&}$&YP2F74f@l=GmfWAuEj4
zrngeRmyJtocBLC0Z^(Vu&N0uK?BfGsJNu(qQG8;xy2x-WhgXTf@*cQsVC`e+^@wI!
zw``VeCP7+yow7%F7?L`7(pGotHz9&)^WHxEkh6Bw&xuzXyJKI7p1<8m%7mCJi=f%v
z52$%&s!U*By9dNz2>gI&ph#X~j+YW>gOWhJR9x?{DO&-K<~z%>b89VvW(-j+id#^$
z7f%Jrv)e#GN+BP@<}W<lj5pg(luhV|-j{xmFQj8PQXPm3)Ce9I9*=_VulabL06P7L
ztlVVaA(#Nfg8ZE08)W(0$)V{Zt>M7kmq!ltm*A+p1F-S}Qr7t4+*3f1U8id;xcQa%
z<t4<NLK`IPjI;n!T<d$MHHs;d<Mn!l<@9%0&g;*IICg%|V21uu%g+>Zah1dH%E%|+
znXqqUcfPY$MCAH4^67^axbJx`z)u=-+T;OXpkS=Sd(N~6TH;#*!5I6K7s_LJ(}!4H
z^%aXZ?d|?iV?IK4%Y~?YA>w>t<l}d56F-XQQe2yoamg6a6Fb8H{^1{x2TOxd2E-^G
zM;Dpt(Zlm7Ti%4pbNkYY6BxDM14={XHU2bi;DgQ*ocORJ0T|4}WJOz{pXvu_PL;!#
zr~=L4HpEnVlHp)CT-%`RpciSFe_Fn&;I>d0E=1HYe&~rd<rnI(n1N&sZ?fu;8uh`n
z=T(pE&HRGBH~{JH78Cv~I<a5lXEy&le9PEA(w{9I$Oa)K4m$wXPl^^{Fzx)TK6@&?
zlB70^%;HJ<I27vv|E62vY#>E(I`2y#g~kF6DM;`&c;#0ZONX>}GMy`2=NhkOfO4rX
zo6)~twdf5z{eSN%B|&!Jj|~i_u{Q?+<o1WvU)2-!AwPwvmnguXe6(^ms5w9v=p$*k
z5Lyx(UdnOi>D9XYb(62k&Dscc^4?mYF6IdNWkE3u>$?@dwehC1l^wMiD8kopEq}G~
zDTf;U&mAC}6(%uV14nzEj44szBN$d1jEr~r#;JtMhu#mMUbqLmZ+@;KxaQ23(&>6f
za;+J55^5`d^I)>6+H<?=N>f${JMvMyORH%e7Ml0!VH~9j-auvUBTOfTk3@wWWq$IT
z(nW&&8&J2x=%VROp}|d_0~J+ih8IbU`_$ltbPwAr(tsksR|tFrk#Xb-2Y|;|$ovaz
zsCGHdd^#HH)Yc}^dl`)EuL0iq7Wx7C?oOffgW9s=MriiAklr;&v<duvm(~UiG8;qO
z5Y9jX0JJM+Sy|yg>UT>R=U$U%Q=!0&P`xK#nZLbJ{I3z*Bs{auHbL+-GRh<Zy2M?_
zlH}h5DYA)iCOS)4$m{IU8&nB)*;J7CAmVOqP(q9?_sN$B=X8|2zNO0dA(^T#Hughy
zao<-eC*@mMz$sRcVr4P1qBw`Rpr!|Z0NJkZaHYhSQ0x#X1)CUEJoi3nNVQ|<1Oq1%
zq)CLhl6aM0WJDCwo#1xa5&T&qrj%Gy{F}2Qv-1r5q#xKHAgsPK@-AQamghz+e-|#f
zed>ir&sB(?^G*l_>Ecjdo@lMLZkO0=7v=8;slEht_=}kNn7Hp2k3sjpd*$zNilGCA
zKu98Q>v087QUIz0tH?tt4zv!h3#>V4q--3@=aV%<lq@6|in(UpTp=GWKjpCAm)mFt
z@*d~MjX!2x5RT8`uzo&a6vM>LT9@rf-Yf<iJ|Gu1c7YkNGSoW)dphc#xIUySnxk<-
zel~yeGhSZtlLJx3S1E-XPqjafz05PoJNln^=7B`@UAz2umH@S84zlpX6S3lM#5$LY
zU=z#{1mPcH-&?FQz8ojOWkl888{4+gTjxMQLv}a#$x@qgSv%Za!94e7^=;rtfcPJ-
zsyrw-Oa<~)GJ|-v*=9yLHqnvrlpI2)VMeN?Os%PAhXNZSTm&tg>UNbx%Z~u-KUnT;
z(t+5ei`RA_`l4%e`D~myC*r>S)E{gAM0y`Sxb<Yu2Xaof%|1F^2nIYG(|fS-`k$US
zO-#Q$6uhip5{h_Du0WFs-DJLtdOyQC5q0||&BYLItN@;kol{$~;*DhvF%4w>0~y$>
zPKR_Dw1;UfmhohoDvj5J&TBE+bc)6KKp)r;TEmy|XPG0CF$y@)X;4iB533qhL>J99
z<p$58-H*kxx;1y#UtLGnz1plm&yfa+()>a+7q(^`dhOUBb|)qQc`{$5`N<_Y)b`fd
zW6+`v%Ywos^0ut9?997qwz-=q9gneX#5Oj1mavM&Isk(|8(^BgZYM&Lz^Q~T<J4(&
zwn_-y&L*Pi1wdJ69FCxAJK5i?OXBK30*mVq!sA0!QY!lG!R%jR@Nu_dcXA_v7Fg#-
zaYipks;|dw9Bl-XcW~*6m?zN4o3eCAG&Gmm8C4cK%`*VJ6VXK_(`GajX5RmHh9mQ^
zy5|=wyKZ?1F{47eD(6oTU@n<V#iEe3=5ice!T^Fw1&FNNdkg}QBhS2@qCn(r1C)=a
zhYvR+Xz;A)*h`fqX(KS)Mkfg1U_tL&2-(*iLpHwvyB@=OfmL%TUuYT}_qVb92kDy_
z%7>zDKCE!rzN36>00}#qc%SkKlT=My5>!`^akpKr&F-kKQV|3)Gp8@!Z6XV|DejRQ
z)`5bO?Of@HE41E|&xdloN#AmhPH^#AgQhkC{ObjoE)1S!Y%n*wJxM^gV97=aNLSfp
zMd^$%NKIj6svNf7kY+&*^<9OYwG$&7`(`|?03AOd7Nj0j5$)yLYVTUq*&@_PhPxbM
zj*ZH|XwsHhr4OS)VTtIgfH?wES3)W=&6M-twS7BpYHu5aXaI{f!_6V_YQ!oUl}8?t
zx8vFKHuUpUhe6peN+VF;Oe`VP4PY9tFO0hMU2tE{;~+0!>Yh+Aeuiv(+@(TI;~nY~
z0!4+u=b0(6$iH`tOt?J498?B)i0SGanZfgoZOo8!V_OPnR=lz0>>cxFQll{8<(R&I
zl9S=#V`fZ_{oxu;?#!`u+JO2muO8H;txiy-s44qndwiI%=w4B;KxWL`ZG<yoMLLPf
zS>~dZ+=bZF50eh3nmoD@pnWI=;dXO)4vD<oaR+XW-`)ei@8fW{X`;G8FbUkMT1Skk
zpPS_%X6_@)-Rw-S+{t#y;Gfr=8SRAppLP@d;uD6usamwGHPj}0ZipLz^<Nl-+NRiO
z{&IR+8vcqBE<7al$}HDmX2B;iy0$dON%QKfk4uP7N^Y*nzWz!>h%<bqeHSJ-lIYTU
z0e99gOC=qt_q$~U@W$ovmRowWEO-(|A&vU(uDFnFqXHQ9l*y&jsDReD;!a*{`?u~<
zOAPpXmNqs#FU`6fm)JMMl==9>Z;vVBR<C57PU%>nV1un;T)7^R_)bg8mQW%+cN=)q
zulKXk0T5}^Cu8AVtjK!k9;OxfV|sd;mg4Lo1ZiQX03S2bPxNE1ZAE8E!_85|#IhI9
z{})Gbc7o{yg|9eNO2kEk=)D)rT(wf8AyWz4eWLzar|8|JqXPGEiQn*>18owP;NYLA
z7aF+|*)Hts!2T~>{-Te7Fb9`D{Ksem$o2QjwU=P*$Tru7K1x`RFjGeU1$CPOkH4`d
zBjp2>@g%gZCu!RA^x~%l4|$n;*s#L|iN;$vB#^af{x!kuXWx790JowV1C8OoVH0R}
z7q54k?;^Xl0H*^S(D=(ye7pqU(>#>9I)RbjORL>VSJoV?jSS&qaxN&8SPnt7vKHXk
zD*+KVAIrWp-=bAudR&a+Bo|i~H@^8ggk0MOWeET4&T~rD5rYr9vbmR}>I5}hxgeAZ
zD(Z^%_*BQ&1k?TXmNMbUrlXZ9Nwe1M?_R|gXM1okt-`RZ?d=9z`0o(xVopuvbf4W+
zF8y|x#V*eqYye^_z3T~?$eV%8Ar6OdJAkn7`bIRe=jK7M8r2a$PXgQ+XeZYcXlT@d
zXD5y66?TU@DZGU<g+rpEO}C$u#vVA*4}tbPr;%)u+c#Je2>vKp$)+@1o*Jl~cgxLQ
zHMTu}Rj;QggG{kIx`SVHz4^ym)}-~*+||cARl9n$&MQCs-6V44MyEL|XOeb9gsf?Q
zLU*$7;l1rxK>bxXb5+?{64pWdWgFz}HZi=`F938f2bae%vp!bVDEh8RQ1M>!_O%8r
z=DpLCDid33KL2u9U|!AVrpNI72uDgZ=tr4vax=Q?c|G#j0GKKrybISCxpq%=R}ipl
zn&nI+LzVT{=<Oo~cQ9P`<$G%UObbXEdeyczNzhl&JrNl{Eipog+2`tFN5PVcJ2QtX
z<od@Cg8q+?@sWsgJ2Be*+ANI`!$*6wIVevTNR_C=KL?6?Y*>UzC)yrm{}59$&ZGO3
z>8H0xf&a4d87N~=2n4~uR5faB&U;hi`^`?A`svp6PbG{EA?L-KyTvr8Vq-R2I~|zC
zOvFDYt=UzPwi^lysKSVt&@%)K8-F5ZU;i;<0bs;sszb(J{*5%e^Q2Ap=^^fy*V!Jt
z9wXsbtV};D71Z>9DQa;8<0oqq3=(;``K0aPH0S%OT0||aDb=p}qU^YD*Kr^x=Jw*G
zp*rXeq_v8ACpn&c+W_&df&K<Vl`v=#3n~e~Tb&^=#7|0_4fbwAI_mI8KwEK&DLjMu
zA{DpV!#V|mY{SUdxeb2<Ga@6Q{Kknk$t#rfT_EI#5g>6;Mo_wQU>C=*7}pH%{~IBa
zC=z&7Ke(QdN<<$al7$(&Y~>t6`co`)2c8JYXeFpLR){`4FRH=WP%qpqWVR1g8XDE)
zW1P{`28ob+-?whlC1Cam4Cl6#4sj!`;?dQZZ-fYkTy1zKuy)*tdag+hzpT&>HWwwM
zek^pjL_8vw!0j$V9M}4li0rar_RuXL+3YhNl{)O&-#d|8(Oht|G8_(k)`%RDarc*%
z&0CKDOBA;yF7-kDGHLM<u<hgTq8EPyT)pq%m}U^NQvSsuz$<b=dxn;|_Ba2&#c$AZ
z;pIqZ9&|t)fgD4?zq{@4K}cqZ#UON5m|qq?b{ow4{YDTx`oo(x)jBk!fFLcFQt0oe
zT(B-l4TlWaAb*xIvf{k+7eTDyS|>zvuvPRi_I1d4d{koJDB`w1m+n>xkbh4n`w<%M
zFVG7ID?lH{@Oy4FlU>!8kKRATjEO~M_2LbvQFym}UPYCHW%f%rG@pFFmK~0+>wxwK
zm9xBEgssD@;0IiT5MGdfJmoaFuV!p|5)X<3V5RVO-?F`$9zUOO>G#J5+QoH`oj(+x
zjF-p-hQho|AI}TA9K=pvOk%*-?_aDpSJK#NIO(LwJR!8e){qc8V%3rjs<5aV!6v+s
z5fQ_`#>0F@!(os-rGV)a#)qtsBMNY!l!QyGoJ?Qjf5Y(?*@h!dhm*^W8G8B|`ah5w
zA1zz#t%qSkwGl>J51ZX>YiWGH3BHQj69STS?@-<)hffj{zzJ4MC3mwzLGr1Xj`vs@
z7jR)*oD`10Y69?JngS&{rt?T2Zp8-ADIMh3Lw%+l@6fO=+AJ*1R0KZ8?R{|kH2IVQ
zbc9GP$QshjduP)rZasL<9~55M8sFc8>GwU_?#`Dm@VqNwe4zaE$7m`gGStO><zG;<
zE{z{+E+SV?XamT!&BTwd1`$*6OUP^1pi*d*^{>^BUu)Pv+FQ*bVJDhJT<ICc;L9Da
z+!eQpxUHzV*0n2H9jwOo#mjcwvdxk9rm{{YW=eZZ_RWsqJ9LQ28~nR_wBlYCvcwgo
zBHXJDqv0zaV007xF+AAjGp^rj#QG${zZaqmqPn@HMsd1(T#C5OBBxZGjlg`9aq{pR
z<!!4t=Jxs~1=`w+zqi)r+^_obm;8rg-;)(h+pG_UWf}sDAC^kn7d7FqNubQ(`gJn9
zJsU9A1@j4zy5VGD<YWUx#e3oc<3xuf#br-@9}XR&j9Fte7S`;a9-$X@GCh9sALy=;
z%?>P_&ThROeki^3g9*ci0a5@|!Gi~HazlU9?Ap&!kLXE%Cpaq*42RvVM?H_2=iHda
zXd|Bs?yv92MuT}S#q8v&MeQD9h&3Z@xZ5aYqu(<&E6b+biLE`hNL{y8CqrtrtR0Nn
zgv*a4NrFqy4!TU;i6kB>HNPU`nFb0NjNrPb4~wTl+f%L5wpn=8p8Dm{I4IcMx!K-D
zme=;*Ij*zlOqYo#=9D)Odm8zO<Qu!fVHnK$H<zM)@tkD4-9Uc}E!pwpBZ1i18PiKT
z?<p7AiI%CsLz(6xD4y>AFf3c7I>+U2jn8~<IYx<-hhnT~e!lKd@*TI@DHrGCz~MNN
z>bxaGKaSl>`p@08>Iy11`@XWXDXQ+}advpEsEGs2<B^$YUB;-=7%AsvrLQSwhSSqe
zWv40eH<4vl_zUa=1tu>uni0+wT$|;C3sBtZBGX;B*&B|wiPkG;AK>66Lv}v-mWmLV
zj+VU|y5(1<sD7?dL3twOO8J};VR)eQ%gssmFhjtntf_Rp+7LUzV))srMM6X!Lww@`
z<14$#^*KUiu>Ou$L*}Z%t?6O=`y_WYCk<MG1?sg8WYg@@U=x{kcwUk8@t+A#{YN;+
z6nxsL<wUqI%l7muGKdSkizZxFLXZFxqG}_b39PWH#g0qSt3J~j-koMI+9{%NpXM6I
z%6VBW%#5Rs_vQ!KwfSZk!FkwTI5+gfd}$cvO0#DY3w_+V0jQL#wokQzF{mURC4;Ue
zCzM75huhJ&r}+uNbLgj{9uL>3=t=Jj($TF>o!hVlm^qu8nkx_@zaE=LJ4<s*d_YrO
zbL;4y7IO+xE@m+_dbDy~h-^#!Y+7fx5NO5k(8b!*4X#^>ozU**5dAM_k#a^LM$&|n
z-QT0yVSH-wo<P+D&V#=GIe~_T8Xo(t56)a9D}x%9YJ9XXbYG1nLm%4!yAO@t?xk<d
z@&Y;1r|ciScLj^ACfDgvth@OM^@G-}Po_u9IheX<-}}zf*G1cu6V;@4$m%BN-mC6V
ztQaZnps3GItXxXY9x$y&CAzNLGzqO8riH=5eC?$?YsJGXJbFAB=RcL<C0gSM=^lis
z>^w=CKOc;FJ91yGgesl{{ovQyAZTcmANiT`vhh(ziAKd#0dD+FN&ZmH<3*!}U(#um
z{&mTF*|$%OQj+fH7VfuOZX<(jeFmmusr_~oCT)b8h&tGGaZ9vC5g!*Cu%lvbU>Ki^
zMF!j7a!!%()Ii>QHX2%39K5a(COT|2uzF^bfVuIj7$e?+e5HT1)%|T--M>X$NeK%J
zzvUfP)K%LtIOkq66hRS6g!m;|owAp>25!EzcRy^lYSN#g_UGzr38F7(F_JZm1jj$;
z_=F1WXQnqM1T|#LnEG=~253{pw6#>0BoU|`@plW0Cx@dJ7<g{yF%M{5$NLWUb(hzQ
zw4$QB57sYu9mcC)@h7ewpprE$-VV<=A5$EN?bp^8hPM6S@t(ugc_C4|I1Sre5&H-V
ztB-k8Tjr|Sl&_*rAYl@%)DG8TqnHN_ShZa>DwJmQ)Iqccrz<UA+CEZ~S~t4g-x$ok
z*Qb;g-0VlmCsWL*(~>i>$Zb4X4xTNsoN6&wmLSdt1Y&Bg_dgeOY6y!>Mxu105d0q~
z3&gvbzSO$*FP4QAfD0P4W_f-U_vy`t0y-M4P{zO<=Wusu`@SUgvyRbdmpZaLZqui+
ztAweES}*vZ=Pk*NF|^?l@9`rH_OzTJ*L4obpfjP~TI0Q4K9}Cp83cAB5#hfmk8vkR
z5@j*JEbe74w-+n6n}5eKwppe1jju}xt58%=bARF@)mwY!_)EDZK#|HUq-?t*e=x_{
z>^Dpm31eWS!p>pVOO)nV6Y)bwiyNor#0ha4qh!Oo*ZWlj2@C49avu9~_>1!FvkC1S
z-<pU(>~#p!sEWpH_}uJ4RQ4rqecYah<E<LHi3h3!g5K^R+VF-hLSj~7CmNarpaw|%
zsB*c^d}Hx!84TBrL@=64wMfD4*WPm2w?f;JWv67nJ3xIgK|J)1rsII@GByRVf@}Ks
zo$`_HvkirBcJFaaaICOA*6R~B)nvoD&F=*WD&wha-Vkb`KN+9uPGMj3?m~nKxC(?v
zPTjg1c`|2-Y$a>lZ{RT3IJ@-kINf1*SnOvJkP8K~_BO8&DaSi?)D-!<J{FUH=5899
zm#hiJUmek0!u^gJI-e@kyAIB$Q=cjU*qs-vC)ZlEo}l7PqB`LZG4Ju1=id+x^+pCU
zl0F|QEV4{XKI#>IUM4UuLHzxJ8u<s5{@}~lu)IZFo1t9f7wZqpowj9EZ$<vbD4UIi
zv3cAsk57Bq(V`3qJ67U6b4R&%Yn3c^ys2@3)roavJi-hJpFt?tQs|JyHQ%w^ix8$z
zU)-wMrZ~}-K4|9ridON|(u`yO(R(g&lkdk(wy_6mhq(uKldrE<sF^bFUZxTr#@Y==
zFo{@5dfg9~El6~OKbhgDc9Wy2MWrS$ABzCdu&P_|IQxis{31W6KZrt5{mh6<L^U*h
zO4z8TSWwix`DEh#`&29qQft0gv|M=4mtp#W+EL3noW-~iCYw8oeA?akD*jdbg2Lm&
z*_QRUzxJAm(^C%i$M{%&HFYjmQ?Jr!^)gGR4u|>GL_RApPEzb=sz`ga-K*`ieZ*ZA
z^TG*W6Ov&3|N2HmF;*N47oXnhqp%M^BuM?>eoUPOoy?}>G_P%LH(;TM-c#5SoM<E@
z4`wnK9o%Y>mRPP!KRH&z$St*%YYZU|V3zxdo_5+-T3Jy$67=QN<?L3On^BIXqFW7#
zZA2?zs`EIL{kAx#$Rqi_hLnxjlbuD=dPcu2Qpw{ztrX{a;b2Arf6_k@c}*{m$9)gu
z>C<jbUgwizfUPhrND_I2DnhZ-q&7=1e2Iou9SmN%$N-Zkhe>2Oa>CK0y+P|vJq>QF
zy!Eum8_}gL9699GPE*ZOp`YuRA-N%cZA&C4B`qXwALzwcP4waO%_AaXFx=PYv%Xi#
zX1!3h-sBDB9uo6e{@zBm5m*aQj;xj9G8wS(D0rRaE2m(d8F08`TOP6{#Z`b{A5y8P
z`{rl!_o55gfN<4=v8XRo6z6}Yk%vP{Uuvb?+JB*m3>G=;A*vqq*xb$cPwaLLdWSS3
zzd655{$w39n?!%8$1K(bC)A4y$Y8yZ)CpJ6_1#(C`Y$G7A;eYWcD0I%XISit0>u@@
zsP-cZ8)%swYiRwjvx5*L+(db~DSNv){oIO$EXNv*1*oH!SbjP*#AnI3H}OwHXTO;r
zfAiBwg`ocb^XY>deX7MX=Q=Nb6jtDp!FRq&?NKEUi>%<!*WAmh^OY#`?%m^m4LxMh
zz0G^t>bhNolD^c8BP1$iyYoe2|MT!4cnB@icf}Zv$2jKU_U~Fk8aLS>`3LpiiN_GO
z0vRGq#c^Z6YM{6YH}>Usx0Fw}m`U^MK&hPiyX34BPR~c1orE0Bo!%iH#Tg|1uF69t
znaQpw^DmqVUC73X+DzYFkV6~6+oM``8eV)|Ak6iEedtm0TclvxW8w1Gu*l}mMIoy{
z(?fiCEKk1qrrBa1(o4$g*m&1kzg>U}m%Gn~Of#f+qi<<b9Y(ip8GRgG#HFU%e|l#e
zw%>h;b!h=bH^BhnlXDoqn;Ut^{d+-~kc9m77#qc6X72go&LysT6VvXN-2@OT5270!
z9Dbz<B35uuZ_6QNMU*@93?C=e!#B_G?_p&7P6lN{<tUOke9%MPi8_pZzbfO#T7X-a
z#zt&m+9jO#+A=4B8Pm}n(S7GYv>n!2{+8HhFQb0D=$LD&{8b<#&cUOtDJKd9RyeD=
z0tQmrjgwt(UgNr@)v__JtQgS<>lcZjrYhxOO*XO!YwD*!1df!A<bO{HgS5KMG-vCL
zp=D+orPw8$vyAQeIPoThaA*s^XJbhgLmn)}$IW^BxfE&we<H1@fYgMte6F9nMHxS>
zgmr0qid2F=<I2&DI;p?c8*}ya&Z`qv!lop^ocTOr1NSP6IF{VaV4A<#_TZhH;UXnh
zCW-;x0*-K)NWM^8j3HO)v;cV3#YX*E=%0B5e=tMW&v+ID)X(@oD$XdSDQRRxuy5X-
z6%rqYy9`$dl8SJOcBf`<;QxC<ti{wboxCJ?`cv@3f6r)rk?BXJ$Utzj4Ej76FAuu-
z3B0;V^q#=K+$S9j{1)FaH@_Gg7Jk0bpG|9$rwx$(9p5Cwm-36ub3Zf3>EP1LTyE5Q
z*g@E`<XF3^V81{LhW0W|r9kIzTX}N-^0h)hTeq0mj-$}NPp#atYD@L!LfC*c?S}H1
zug>Mz&yQl6P^K@wUQ$0bd=*|2yb8wM_YE#$Avo-4BJ)<Nnf^Wr4lZp*izsY0^WY#=
z<Qe9s>K@A8`2GJM($^L6ZMs!))%JNJMP4?)I&!G6tynq2@JvSeiiP+a-3iy3bG9q(
z#70J#PTDkEr2O;FO@10Afk9l&K5k6w`aZaEl+jUO8)+?KG`<F{lS<_F!WdPb=J&?F
zSX6c<)xAdq#D7dWf|4`@^PL<%Y15)?Q5ama?cYv4DX*0r&Mg#4McKE}qbX};78h4o
zEaD2P)J_GLo&GH1Ev(MI{qY%L(iKqTle68HUaCGVrbcI$`>V1r>t)V0rZV=#NzqEk
zUI9~rz1A?G{Og2Pw67{2N%3ooiRq>;#4t7NlO)>P=$x}Tp1W_T$o2`e>{jFpnR<Cv
zsq?5*ofc_d+d>si`jB|78GM3mb%(1cOQoT#icz}j=M|v01fR$Kj*y}DX6bZ!!xgy|
z59j^7=c}mf-!fJMOtfh4mmIF#BEtJls1#O(I;w65C`U2WdvB!sQ2~Nf>h1E?M0@zx
zpuN1kjR^<+XQwB+*CnuR$4m9w2QhOfctFI~hXt6q2Z-Qz^L(K{`e<>H#cUz{Cv;hi
zGvxB__1*BfFIAYVV|#)QBw_i$t0kIj5*JC#=G&iAETJi*qq7e!2$%uaUKI79#1e{E
zGgCj1_(s{`-`?{0P7F1xZ|5rBX&ZED*fZ1*u&M29Vdm&LY3a25PNSkS2fjk4$2*PI
zO>aFi>2lGFIztsO=<UDiSWI9kt1LBN6FI?5BX^qmbHzU_yJ3n-ls!zohfO83BPiLU
zbL4>D_}zz}s6cq6lHI(P&lURc2q9W!1r5TZP{eCL`-!cQunGyD%TBwL_kYcP$FCFT
z-C|2%n~Kd7Pgwjx$M|5&gSTJy!`(D{)+bvW;Uncj_x&ZcKZSZ}UD4lC2gXf-PcHfU
zIPy5|45n8bR^L(d=g#%;nL`*b4vmbig>`P<u)KLMR9re6+B%uczcc;x+sIv+eR0wT
z>UFzmXH9YG%EbHl@Qmc&E{qc@8#5CrBJv_Cx&}*Pi2=%nIjVE@dp{5oNS}vq&?iT`
z!{gukb?CuW{%kJ&YDKcLvG*uCf2T7i)SChK?|H&iIs3Wx(9||t&7j2NZ%so_!sa5*
z{zg#IgnskQM|v3gh_>Pp=^H%6F}JnPt>d5w6VH%p#lMYUUV;sg_XcOqvoNh#fVNV&
zNzwPulqW5MPmv|2vwcD+suZ7g-#(44>i2TcT!<2)5}v3C$7z=g@+}7zG@^qe#S#Y!
zcIIVmTILO+1}4K&iSFhaPAGZ@H0GnL!gjR)f*+f&l6|qZovv#k!YWd1{vHe((?+Ao
zdZS#=-BPKW-mfpevV@c-dQC_sPTfIa+`ELNb+d)@P3R%vdhi`G3_Tu^2sY*mRS$Um
zq$oPHO%ENy2v4ry#Eova2CX_|@mW^O+RlbHcg(b)@$0id8REz&gqhC~<PF0P>nUKn
zet^8fY%MVWr6~$KaDNhx{oU|gDw)!C%DlL{E&`m>QjZOv4^(!*AbMqhgP~`kbRkA8
z$`!(JRNEilkxH$vMLEUT^foI`!{2)Gn?8J01T70<59UU6;Y>Cfblincf*wDIM2&!w
zR(_R0E2NU6P5)mp*RWASzjqp!<_js>2gfFMw@4H&MU`Jm(kv6*Oi3IT1(Py2KV|bS
zB|_v)7Z(5rl@T1N7+|O0=F?jRTf2AI{iJ;p^QvAMsy`N2JYVjChr!v?n}wj^=g))<
zYJ+MvZy8%bo;N2u=+h$P4g3!ePNlC}PW$q<245#d#Sl{9-+C6f4EBfZOVg1e2Q@C^
z>7;C{51u5Dch2<L>qIJPc<rn*wB&HhitPh;al&be`zejG@G|X%y1vS{@)`X09~egI
z*&DV{;Nfb-hTSsx+E`gN-EiY%qSuh=GV1)hzl4N*lqvT^c0thhlf$nMSk5;zv$lk<
zYJOTU6A14i?7G}6<HXBD<rGC=oxQZ@5_NlRS)x-3+fJ@-i@3E~A~ZTcWd>SH)gaY2
zE_Zb&?U@&9k+hmv92ia@H>~<p_)SkwV-nzPH5Yu^7rUxgtu60t!cBcHooqYu>8%jd
z{}UJ2e=Jj*9R53pi7wfbVzXpR#gV*Iq54JM#5kGsS#IgV2s}^?{~jm-gvOU@)j8Kq
zyP5ozFW{C=8T-MlvBg=-i4Xk{y5p~3?N=(B&1i?mIT&sQsEvC9o~#_q;;Wy_2mk7Q
z-d>SsHC`Hxx~=?%DG~#zm5)cljz!4(aS4bb;Q<S}*6U7-QZJ*@dsDh$1lCPMS*x4<
ziBDATFJnDJaTA70Z<Y@b>bs@jh0evxr+jsc_|+y=wHJQIPCj@A)p#N9`fGkSW#pkF
z7Y_5Md;PWN08Doj@i`e>6zzF+*SmSMH;(>I4BTOr6=31j)G|&U4a==#eg~xv(x8aw
z(ce;3c)SZ*zu3;FK`gCAd5^SR_sPC$!s24Z!?fdUNY!9wcuoxViBP?618x1`CEbwM
zHI#R!rK6eY5k!^8Y1xE?WpusAFAT0%;p{y;;S$82Uh8!o=sQX>WVAWjC+}v{Zfl-<
z1x|$*zRI|$N%D$jnuaF9jgX0tH_3Bu%LKaX__>}fN9ehhZrk_}TsH<<M}b`*BCSW`
zOsLhXQR#)2t$M=9s8jyM1jNL1v=caR0JoVCaW<qMLg!8UJu0f5ckHuF_vM;ny>$L1
z^lL7)0VAa$JKYHWA@-6170nrdRaeq9aS)q)sT1P|{Y3`X_7V%{I?E-sY*$a|b)Cfi
zgqm#ZaT7EbblMY>bkUY?COzEOA~JP}tP75Fs|-B>W{b`b8ew>GcvfvoeX(=vpLx=S
zzWsJ9`L0%Rv}w7ze`@%Kt(;#kIP)au0=4_>G#`wt<Q|e_>>%<<Zq9>=+b)7cGaPLa
z|K4njVA<y)SUU>1<D0dw9~!glwW}mBY!QDycL#k8c?Pp7DUBnaKm&U3*U(tbDH!Av
zxQa@-#Ul;Jl1E@_0U8j?aP?SqH-21JqJ6d97Vey~B7w_VaUuVLji3HW{{_4TL-|08
zG|Wh^*mPD?*<X?&(A)Q@+P*ADg*@+v^%aog#c~_1s{`OEn{B=tgA>o))&IwKM~^^3
zHgf!Gb=kic6#rvh;j|TH3wFx4p06*Ew71%P@Te#-j%RpB!T6rxeZWv5SZyFfvsq^}
zKW~tZi7$cZpP5my<y`%3aa&tQnD~J%cfjil@~jVZx_TZ+t-JEH3$x|Ra;l;H`1ShD
z*6zGw<BCJ-$tj|-T&b3c$*iCMwHxj*?lbN-XdZVy^`Ht*!O*|wtiv6+UTRLsRsFub
zD*KWa&#uGuWN6*v3wr&%ovtSW9cun=c^gRm#|+7+g@RG>f?1go_({INRMX@cK=BL=
z?*ka$GmHpyxPr<?=bsN-QV*)9uPB4=N1$J_uR0%`VfON!x&V|SrxnAnJ9|Xxjw3e>
zJ1#U_D>b*;!UMf%rfG4XxZAW~N7a;6vL`Qii1qWo4#QnVUNt5`FgaE9$BwF#_nPaP
zT=Xg6-xh24RiSC~In9w<29e6n58MF3U?0`}6!^KR&6_VUF3(Zn=}%oDp1x9?c1V5h
zL5p15Wp_Tw_9&Q+XL!%R_@3c?#-JhF-}_jlcc1^un0cx$agSo|X4#Sh)o1UwRMtBp
zC4LlK-MtEJ*DbNRL}^p#x-9l^_drh|B&qA%ov)j>wQ_uta12)!fXwV;-2W1WyN7#-
zJBdVUT%r*7c2}OZqOOy#vS70Ls<d6javNkl*qZO39|%0tDy`$}{br<kb2rHnb}KfV
z)|`9Ls%&&|1#_dpXrAGH1><{$_aBJhLj`fLhtBM~FR|{s(g+&JJf%5wLl2o~b@)BL
z;Gjo2y}i|q&KiRY`9Y(}!wblEhadC<;zt4j#+sN+3bv0MY^Q%_L)oWGN^!@yN=l?y
z{hTc6&WjDjRW^Rs1vEPDc|~m}QZA*=$q%wb0uK$(4u_N|?YY<W87J#Dp4Q;`-j`Y%
zjNQGA%^5~27~eCDPz>a9h`m;uzpSS7PFdTjd(D>xCYi?3)aJEx`1sZQk#Kr?y}n?F
zE6~>AkL)+52?5TKlB=4PDS=2O3%Wr3O!N<CbU_{N&xZ>INRn{JmgT5U+-X*5oqSz9
zAk^1q?(iY00+$a;^N{`~yRXICt<ZK|Dl(obXuc`3h*g~?yFX&M<_U&M0T~$HS1`V3
zU>FkCu8^|Pt!Z)FyLyba?zRpe-=91X$O#5A2-1Z+WtQwqy0~mP1S?;ijrRFRG2aL=
z5IpUxr?+BUBH5@0_h(PO?rwP-KLw8m?kaBkQ0(jvgpiQo=^z!TZE~v&9*bkhK^eyJ
z3?mtg?->|k0yv~6NS5zIzFQrBs`x=40~uscPU&#<)HS*C1;%y9>*j2deZ8g(^glXY
z00ZZZ1n!53AI}x4gW=b&SC{|1QMUR>4YYWz!4)~3p2xr&$=~pvK&Y+L@AUKrLu5k6
zpab!PKM4kgkqXB53=D4?z8+G;wV;Ab8b~{+p1WBF?jOZfY#pCOR`-GaY3KjDxXcgV
z8Q&b=AO8!of-Xt;aU!Wii$BiJlBFF|@4wo3r@XDM+3ocWDa2nGOu;iS3<bvb3=FX%
zic4MzwFHBG#`f;Y2FHy@=Il$_xE=DZSC@UBLWmP&$*n^pd$fQxKS_Q|hyO|cJjd(w
z+ahbhH^<*6r--JnEQ`yQZ@bWNRcMxK94*%F$cYXw4BYuwa`PD&Midy|Gcdd?DEGWP
z1K|Xo?%ob(kJ{jTC~H4m(6Z%RebQd#Z`-QAPp_DgDgv8+7)Q2u1E<m?U;?*;AL$8*
zut+j~NsBr&t~DVkEZOlL@J;CVnVc$`kzO%>Yh}_t<;K&RllPh*O08-=sbuHz^}Y&<
ze>K?^1H(uL<9h~%SB!zo^pafVa0fIkZjs6km3;W7VcYqJ)kkZV<*0t$ESr@n0V|K^
zCIEtl@dGS85AJCr8wU?-QSGVG6Vk*2KYX_Q(aa19uDd)}h3~NaLc^gO`pW{-BbB|b
zdGIm#*b#M?7{N0zyjn26XJB~k7?iqRhR^(gkh?qB?(m!KKAp)^+vE}|ZFkGt&J?s9
zx@pKbS-19B?YiS(TYsW1agTCNmTd0kA#HY+Z1G+t4&;x*8Sv|oTZYpG&37x>gi1TE
zf@_)V;YD%y4&iU}LSS^x!0?8__@05`tpMe}fh>r>4E*C;h+)2DDD+a90RscWD*@ws
z28Op9!;?Li47`DC;MtdWBVU7of#Jo$_@04*fq{YHeaGX+{}1<v9SMUaV`=~Z002ov
JPDHLkV1m#)hcEyD

literal 0
HcmV?d00001

diff --git a/windows/deployment/update/images/servicing-previews.png b/windows/deployment/update/images/servicing-previews.png
new file mode 100644
index 0000000000000000000000000000000000000000..0914b555ba105d687443a0dd37d96f4c0399600f
GIT binary patch
literal 78290
zcmXt91yEJr*QKPpyF<FWyQM=Kd?4LjBHi%lZjg|W?(S}+ySrPz>+e6`9T?^@bI&`m
zW9_x}iBSC{i-Jgq2mt|sA}=SU4gmoTf`EYh0uKfJXC2)b75D?`qAn`|Q8h_?419q3
zDy}RJ0r4vi>CN;5@EO5T?z0O71WDMxU&y%qYjX&Qzs2%W;+mdDXB}ZWn(|$j?|---
zg)ciivRy8{a?;fxF-S;Uh`$ocl3?*G!q&l?P4YAHA0m?+(H>^GOir)620!YzW#H-$
zvFA_EJNV&MEVsFzE3}=|F`obZ8cM)vF`g2j>{9Z6c)INSG!hN`18EeWiQ~(l?aXq)
zA*XQv8=Dgcsrg{^@*_8F)OZ^ED=zF#y66$O;%m~JRQYi_#)zv;Zb8T27y;O%iH@7M
z6?UfuOZ)q!q*80_jm8}oXovM*mB!yq$l16w5o36=jMpv8d+YylegTFQ!Vi+R7*F%#
zezmpkF^6D?@b#7`AxJJQU!|>Bp;aIp#B_O0ynUs57Jf9-yBw_FxeWTf$e15<@mL{5
zX1VX%*1O|eMzfGS+w~UZFQ|33dd&Os?%GpLcl*r=r_v3h^0hoL>?&o$?1Ch}>n#!;
z->#G;l`_5+!e_0zm3YNdG({?GkWpbeF=-PGhdWxU;nRG*N~}_OJhmJ<_1IzYv8@qX
zEC`rrD&c<<eGl@JA4=Bb=cLTGI@Ou?7)7*}bzulIbMX%36wJ>AE8_(by+NNss=F_Z
z*;S>S3*~eTFnUzzT)=u<!+Okk^Ue?+X6451|8&Q!s>e(FjdX>_(YVW6cW_+47U}?c
zl^JvoOh(m9b=V_kbHSX9B9{NXffLBis|mli#zuuGkQ$Ch*?gdjdKZ-mk0E;phL?-X
zrn{-EN}_OzU9S?8plGp|;ej)Eh5hO_2=C*}5O!-L3$8JcrIkNnWnUBqj<>Fh^M9x4
zn^<A-GNh?2tRanp^>zccG<9&aSh~L|8Ox6uB3o+StgdZ0@V=6`p4{~!67H8F-m9$H
zuCAehVsr9_)-6E|)QXjWhmqN%hLOhLM-q>5`4DI@KO2QgDfdO;7^~no049G6DNjmb
z2D`8<3?yX+CCTd*4sM5gj{>IKx?Ul4U3B0qM<pgiT_LD2ovFdEt|_`PE6B}OqF&z6
z@&F#Z0t2=<|IZW~`_IV&#PTWXAOvAc0Mn=)gQfCZN88bx>MD0>*MbyVKGeTkJq{!p
zy5;eT1Wx|DLjbp^F6ggidPmmjE%e$}I6a(L9;L8_*^2~)Jh(>AD3-PX<~him2c}=j
z{ig>OMureL%vQpJVhq?uzQ45>roN1|2|7Hw3j#Cj<Yeht+P>Hd9KN7ITl)VD0eMZN
z<eMBPCnp#G`aBhDIoZ@lQYaarNQVyW*{%DUl>@zHvad)8@XqW0_0>q0X1#8%+hJ9*
z=<^bx8Uz?D$TJ%Xdr>?~_3MegAmR~jI787Yi1gQ?bcxIg^NqN2@bR!WHUxH1@5}W8
z>GKtJI`4CwOccRsG-z;~Jf??|(*oAqvQl)-M1}q<>`>DF1eR3@boHzN3k*;5MrD1g
zdh1``8Ndm6o1>ISLW*prBb%~__F;4b7>2{I*1&U3Ex}e!5#w=L6AB<k4!qCN(X=j%
zm0rUyWK4C+B*7n%KVrg7;^li1w`q7$lx~|_!$qPXqD96V6f>)R`-)7Q&d!PdrDixf
z-IS2<#B}yEpO!9fM$*!wP|LZQW6*77WXB;QZ)?<2TLc731#!q0w7~sDus&WORYi7)
zOHZJc72*Iy$oD%+7e+TriXM!t0?AdMDcnGE=s?1pAN7R+IE%47k4h*i)=`^bF;3K+
z7ExpW*#Z0+8Iex1MM<%Pf+{;^#)2Pb?eX}nzz=<#Z_hXmx08}SD*E1E>_1ew59>BL
z?vW^%n0Z&LY93AV0JBFwkEX_=;ZKs9kua46yL1{l9eABj3?In($JIC&eNnyM4&nZ{
zH2tSR6EH#Dz}MZ{^c2$1{u6R?7Ki)OGLGB1hln1eQ~H;*5?Fr<X)fs)Ni!Vl_bum_
zYUG2JZdtK8v3aohv4yZju_fN3pju8re>Pk~$cKS=h4FT=R=(XRvYd7Y9WeYG82-ao
zWZZQ2*FO*2lgU5?Rc_;Ib3Jm?8)~SbZSqM5ykx00{D|;Ft7A`pZ06@-Sa3RSv?{h5
z`G^>gj+9k3&!6`JE!Xbq;a%|sz-PC{C&zbsR#2Bq_sH<UZeko?9!UPP6QnWhlk^^^
z;!<nskA-uOTG{6fwLl<jeBG;b$NXcGt_+)W{$%NN-1?=!gV2h$<ip4HazaiziFjAi
zy||QR;P3=}ho2hWV{UG%PgKv4PGsN)lP*cxVL3RgL4#+jME}C#!Mey=yF51Mz2R)u
zXnuEeY#pn0oDtLVPI}v-G-$9=WV?}p+K?kpvSTqdVgw>MFlHx4;!{^Ybdtd#!^%l^
z6x{Y(#mm<CC;w&DFHK4hJ(qKAfq<_W{kMc$GcwB#P-OZFs+GFY-|VB5L=_vR>LmN?
zQSL^nwv_m(^dsE7ngu!~MI~1h6hpBfxbH&PYmfeoUWcEJnFX(#VdIqaw#D2sK_{2X
z;O|tN7RKxUtm&cQJiF0aNnm}NKRsdd8(qo3vGza?XUMAG%_83+Q{BOPzaK5WGS#02
z8@}|kG;$$APqFA`H%?E`V(Xsm?d1EeZT{H$sNl@RaR{{XdICcF!)Ko{i(IMDI3T0t
zv+Dx;b9)XQqw3Qop(;Y0w&8SPzApaPtlo?9*bMvPl>o#ZiFL{cGJE0L2KNL74aqiH
z!a|9VB7E!#dSIxORAry%f9k=o`IjGC{~Imwyd#>Azqsr&sXx;D-Dqjmh;h}W1j24L
zE@kg^*k!43-0nFoEv-}PF1@$!1E@dfp%CZTW6h-z0?kCs#82sygWW4NsnR)>z>uyn
zun)PQ|7;NMwas0cTX=4bbAXY=H{tiebInQ9+=o*`>5A+T&t*i20^wu9d7D*W=mRa!
zqpPEBNUp}+UDLM#<-6B(sJK@xmBf_~`;yAS9Q&KTM;Y6|&}3}?vP{S3pQ>xi3-CaM
zH){wN-`dAbH_C4<D8P>jZ>^Fy`leO)zxn>Mj4QMsCq$#)*m2JpuIn=Lr!QjX`GJR4
z`vA58lCLPiKP$Ua%Eh3$Nk6ccR}kME*b1eBq*?WK))7P+p;NbgvJAr~<X~q;ge1G}
z-uX4qhZMVZk?6B$hCq6f)ZSUb5}{e;x3S5+csv~aZ#2af5w?DVWdVZ3IT!w-nG=O$
zZ(fXSRTUrfnc1TTNhKwvC^^qyt2ingQb!;rFZE`aIeS;=(Uf-)lv@nij{M64it`%-
z{q*}vlBv`R(=He0+0VrZb|PMPj7^q`<3~419vQ^6v?bEaLi3*W*8#iibbTKh-_Aw6
zJm1t1@)#^HQaal5smf!!d`5t<t_s+CU9tW7`_0dU9wH27S=N-d9R`UyQ;=dOwRmXS
z@{T!eNins6rm_u$=7-bu{!(0fS>D?*SV7oLQPqiV@Ur^9El1wmsGQg@PY-PUMHgYW
zfmZRDMK9J@)0<-J7<BO6k2fSD0wEdVJq5Y^!wX5T@K>aEGA&URdsaI_*$=(Z%LyF7
z7%7qT+?<siwR>-!F07}2gmju`45ML9(z(%MAWy|XW@aw|s?vD{Vs56kbiel~Hat3q
zAGQ3vx5f0UmEJ!MQJ&g>EIff2n*M!tt2sl5=ZU=P{&%**{7ozU`5BTAu(!DknuMhS
z^$X$I5SLjj9*ksk^$3iiVRZLP18mkH3$}kRLlT~xJ^U#HqVrN;xu_qK+Q45+Y4^{Z
zyNhMxl`nuprirMODji`T=Kl0NHE?-&#`PBd8H@4Yit=e9L@G3T9Jw3ta!z86sqrM<
zH~<s1u9fu@iJmxJNTQx8G61u<Wz^&-wLT&`rbS~f&#O6O(UdJsN@M4Q08*PRc-cp%
zBD`D%*kr*qroRKq_2U_<XM<oSt(l7Hf8TzfRq8&>*FciK6@D^&ZSmZZwz!s|*1^sG
zvkknw^KTz<zvr9zHQApNsojjh0jUi&i&dhyeJ#`%obE=+!OqT%KGTC@*^z1a_qhPb
z5xtT5ooXG~M4K8d>|YwEqXB!6wpb4u)m6KE*17M>WyzZx*Qs6jH*+K{hsuawcxU_?
z;U|nnYfGZ#U65#nG8RaSz>@VHA2tYG9F@|uHoxsSO*s6xi8&vRc5bxd!NQu`!7OLe
zG`MS1{g%Zn^rxA&($U0ohuIo5JZua3&!&-908B_Q0R5->^qX+H!yvPe6wMeuI3mJI
z&8ER6cH}G&U(^22_xtn#Xvxc;VWwNdw%`9@c%<ID6RC7(+CtAO36uBlx6*^|d$$Y~
zzXOwL@*0MQ1J)6V64t$cbXKXRIHo2)K&{Qpi(kpt8D3WfLPezFzVWz`|4Ey0vE0Ow
zh<&Z4>xHOaiC_vBw=a---`7F59%ms+V5sM&0E&}-V2Q6653pFWG#PIzU_}a)SHCDA
zBFDQ;xc?-(ent9xC3Bhe9x2iHd^+OWcDmn{&Cu=8QD>}Jk?q3c9qyF+ei-GLDmsa~
z_2`}}MEnDFBa)SFz2T{&#}MRGdB!U0e17?3q(LyYtHr(Qu4>`<GWJ_LU|!punL_=>
zM`&}s7`2$JgQa(iEeCI2Rafecl13B5!+UF;GU{5joiY}i1OKLo`e5&;qs!|qSpK{f
zV%82S95k?+;*m8#mv9GgfAskV{ND_Lah*k`rfowc2MI4v^d)Q1*plFDL-0pp)Q>%e
z98qv7`nM7sg4eH4yM+CyUv&h#u*?Oe(z61!1>k`R^>&mx!&CTX{0`kbG@75WIYhJ*
zefz#KVDt2_>>y6A`H{X0?UB37AdpUa3Uba2uUrJgSS~K)2gi!N9%;?;lSI;;^M5#@
z&H*GKmZccE9;9Jeer})S;EFdVzxneAXdB)n*tZ3LUUh?SagomMG<mUJWi8Hb`6By~
zJv#8GfyD%L%rVK|0Ej3Z2_iMNi-G!aMkdlbR&jQvkxN;4vi`=M$7{L;2oaMtWB&ob
z!dD&;F!x2Qz8r$0YYtienne!FB?4d(M**eU6`i7eGXK0KwZXdv{u_`8rkDu!l2Pn$
zC+9kzr!Qu^?<NCV!J<<*=>q;7Cu+J%!{-BjaYip6b)|m$*Y8ju+ida=)W=J2@~X1i
zJL0Wwengu*J0r}Zyf0bQ#iOco_=mXskmgPmh!ZVq6=D617Xip9T^A|i(Ro<P?pGdt
z{v^wSyHu}C-nH^-UNE}7cCtMQN$|(+Bth4R<(+N3(jC{{5$jc`>cL;LV{!kBtf5<t
zr-z6sM!@~haxZ%X2UpuE+}K&$40C`e0ODwi$iSD*O$m$z3Qh}bX383Q4JzJSz8HG;
z*h|JL2WYYMX41msH9)<^&~WgyYi&^B5heT;F_bO|OMSm8@ws(Jx$IYsJ+?n-hc4n>
z(U7PSHty~K*@q}O_u&`oWgsYkerDY-vVO{c+j0_HUOh=ZeXV7waCKA~l>;yH{;SqI
z%e3m10-$4IlJe3GdMdv>$wiyIq)61=t(FB2R>^~w$L3?1javS4OhM_`-A|%Sob>i&
zJRlIy$H)drM4t^G^tsYw9yx}fpw;kkl^l_Psj7RlTz(Bk+q{MQ5Q+F732Yqn?r<=Y
z`WB+zX**Aorh2f3IpTT4+=bRTmIxMOg$&S#2n24vJ4BtGZYw({4_<il$3o-At(U1*
z{P+?q{MU`|v}>YnON(+T=257a1eLsdCs;E%e)TnoW=gb1yetRSc&B-T*<aLfnwxKd
zm!sh}ScK_76IpTpq;E|l&(O4Q0Aq54h(5fCEtPQWr&q}Xl(24p!=Qn01Ydcc&i0VX
zqEP>b*f;|wao2d|Ryz9&t#Cfckq;~&VtR^3Uu+`Hd`}tGY)YVDF5%?J6a`}c+39MV
zoAy$kkj(E>&kD1|ANY2p{rFBj))T*oLDPxU97L@AT@KI0dj+Ln4gP42rQXbsWqHR?
zZzLVMJDzoG58lf%XbA&d*`tqMnscI*mjpRbiu`L#qFXvroFoA^Q5C}{3iNBc&CkV{
z-8A<Ka8WvagpdLNWv~T{D)uQ@yoGIxH}Kb^0YzluTqWWY^rq{$>y|J0eqq+Fiocnp
zO8Ce)y5i0PrOFxG_I6}~h2+jp3l8eRQ#Dy%IC>G!qo}4-U4`!8Va6&X9ElH895V^+
z&yI|J{W2$Shvk-;BecoPv%9p>MEF872T874&$4VUCA!^II#i~OdGiu28pn#<9L!|*
z4%cW&tb~E3Q+iR_ee$du3xBr(3_=aOWAI@(hM58uOhn^4U0io=onzFG-w%2OfCtC2
zhVf8(#PfxJIOK;kHV9E92a!Pq5dF$O31QV^qQJ%ndDqwca51^K;sRj!CJ-kxW#`7n
zug1cre_n`a1(c(Ve-Dkpgq{mrV4$P8swlPBtjuw5HT>0kP`PbVvwQrtVc38iUJP!p
zY1h*zt5m0Wwvz&TG3Jb4-;pX%=^)c)izo@Q`R`m)ys^wx2;neOWzDzCWr-T35a}2T
z0iGXpb)I5}<ZK;Z3ftgA;5>pa2J7!)hL1n%dYg*&2F#k94XH2^<7aBZn!Cm-49hN@
z2+%@S3uw<Fgv4{O`1eV^l?<rEMO_yd2}Iz2QxT@Qj@k1_gy2K^p5v(UUbM7Bey{x_
zE<~DTlvQ1T*8C)3EA%Y`gGGW<VZoKUn&=}0Vt+$-+w@PCi8H~pJm1ovPRQS3m?%9O
zy{X=PXw4mX+^Z}}MLqNJDd6~GU5@kWN?1lLstvyA_rQ8MIm#>*Y5F8flp&0qNp*H*
zYAYdWeEc=cgsq0XVn}zZHc?<w`gxPG?wS3c=VwfutDcc*1%up|jTj}19}>Bz=D&0O
za<LI8`M{{*({qvdY}YZ{!#)5cL1Ax*?BAOo;ihmF;xhOXq)(5fgHJG>eZcEqbCzO1
zedLUUYxLZ2-Kabv1ACw;_jKGZaC9evv$vKsJ~W(z&X{E6*4j2I$E#_Ble9P>uAnvz
z5Ur&6)on^D^y%8kwA<Foit1pEi`?Tyr1eGQF#g_*g^EewrYexp#gk6Y2l`|3*ckmR
zg<I-{o6hN*aIOwp$SdetU$U5VcnRvI)Qyqq;lxAsp6+UHv@7s&9DP%dxIW_=eKZo(
z$%TnR+tnBMPoQ^m>MLFCP?&;Ss1#P0I`KC^B2N2_VDtlgzfv%2`g#g_Fy-`cSICED
z+SwLx%`Ym`cjhcuKF~`a*jJA{_FCvWHISN~iK4-tV1-$vLJVWUhPK1Vv4kYZjKy}<
zH>PiBRaf}ymondZ;&(O%<e4&zsmYZu{EIq@lALWXG8<=e!-FO1emMUkNYvSSMrpkj
z@x;P~#xr9}GUKLymstrb_7MocdOd0!f$a;5UHYhA);^WQVvE!K5#L78&+npZ%q(N-
zu4ENA;<T5^6BzSB=+AgMYWlhLWwL>rCWMY?k^PmW7T5{#KR>-i9iXfnv9Q<>2Zaq?
zX#UBi`kX2`%;x%O|B4o^R_xCv?y@XPiV{6nrQhsCj@dL3M18p%l+pVXGyys>2pdI-
zegVJ%e@)U!7*C|Z(R&`yV|TO){?QOolTD14tl3Ic+T~nDN>k(1`}dVDINK%O7k@uB
zU()qZ+Jm)!cP-L{$t+)MhbV9w&IrL$zuy{c7ili=llO7nv)(clQDZ`OqfnQ);5y-S
zT#2H6{qqfuBjxigK<LWQB?nL1jS$PW@}j5R7~?Jv8yG+dz~s>4-SzeTbtB&uefU8Y
z%w35kw`#Z1;>|x<uPgNfYS-!YUh@w?*4!L8Rb2tKJI+6NJoU?iK&^y)u3d;sv(f{L
zxo#)F!^<HKX|6Xl0stk(7@spGOw`CorU{n~7@=3cUqzocy!$?y=|eEq*P%##*prBA
zxb^gx?fO})6G;gvr*|$DDdmoEykFa;*4Z0sTNb34vU)|<kD&)8`)6reN#HBSCD9c+
zs^jDR1?6-;NTJ~sB=S+AZ1E0RSsKYlbpvpjUFnWyBo?O@eFWWpadc92Tvci4H~9kL
zDCgpm0xu!*nr$HdN>El&x^Q7QJD$sSzNzY-k!DB`UU<UchU`1^P@WSDzt%p`DPmd>
z110RzA{`Na@@_0$i@2j08zv%x9Bk+Lhj0;8b=}}Y+6Sm8#p3VB*&|+l)7_<J2IW$;
zgsb2x<2+7cePiYz&Zn;46cwzN&MzDa-86;GXy1BL`2c1Y-b+?;tR7!lkT6yMmZv#N
zh)kPi|51MbrwjOhOt-N$v+(TU$T>i(6%t6I6c6DlMSU^}0isN1EA=cr$F$YWLkSzB
z?bAk_b^Ij+_tje6p8H!Tx^9;(YF2)WH!IVQru{v<>e=uBrU`-5$ho&CXP_%D6v5xq
za9rG;ygYTj?hwG=0&6MAw>IiN*guvhl^@Hem$&H8u29*X(@3aB5y`~CB)x%(L!?s$
zlf@_r(^N1+q#L{mxgK)EIR4s!--DzdXwiPvn8D|_Vr&FYpTOpclC!Nj{6G|d1qFS%
z@$kVNNbchZ$*|4lgu{IgIyt^m<r^eXBpMnlX0WeF^3I~+6lwXuD<>n@L`awlFgnVk
zr;-@~`I$b{b{*>J2ErWqzg0w%pG9=*w>Kkc5kxrhZBJ6Ro{Q<1r};-1iProWzTx1>
zl?<>1M)L?Ir2ra)aZw{x6!^FfAg`By{NovN9RhDCx|Z(s+nr~s3YQB}DCW$TtnI&K
z06`CQon2}HF=tJ8POkySvCdqVc83ZJ!@D(4f+|Q#Q$L#{Jw2`fS4%(<GBD}?*(J_3
zoAEm}{MR|8h$g^CfdWyI7}8usp1R+Qs#bof&XcqDS$53Ud+7e6;3ZbRdm12s&mH1J
zM#Om6P_Y#qV0xh;()kgU&z_7w;A**OOG<7HM2Vv`vz8+56U*LJdF#j($B?d3QcT?C
zBMo5tQanW*7XMP@pwM`CYDE9O)I<3>!%n;anRhkr&<*9&eVh`wgMpt*Wt?hk*2zW+
z>wEOb%tdIBt7pGqPSPq|Ej7_8AN-TKq<V`UT$CCylb#U^P0<*0Q3tj}!L2~YZC9KH
zl?)ew6Y)#hZ+2$Nd<gO=a2-ItK?M>@C9g<p0<>2GKzlum@Nmhvb2fIWw*o;YmhV(c
zMJdXVyb?<VzR(qQc$_tvrS2f;%MrF%JulzJ3gfyPC7C4@Q(sqzTOm-e{e85=T?;q_
zXyskw8bzO6TN9;U3v`bF=2ZRE4SxJGQsZW3#G1EfeDJw@Vx8_5QpLIWAASE<IKeF<
zvrczL=+Ejg)Y{!<$}*seSeE>7ifR~g7Sp?Ou{5|&HD+(gra`mcy0w@xfO)m)DX97i
zh6%V84V3jf)dt<lJ}~v7KwSm*HN&t|GQRaBc!uy05l07&JilMz8ldX>4#)H!YNFcR
zjs#`qGI`-a$y0vCMI-OQn4@ojMfmf23{`}7G`*v4by-6!g`_KmOFrs&=2`b9iV7lE
z?uKzA)<3;x0%(svqG6o$gh1Vu@~Nz1b+F0%aMnQb3Vj#|{2k$J1ktJ+s(Onpk!Mw@
zL-0N_bYD}a>TuY`MSB0$sW3JtDI%Y2*Ih~iI?HPZ7(*Exp)*oa%SeV@%M9KHI(7kS
zR<Q@=Sh~m<{ilUb2l5A#hD66~#`N!DK|AH9o2hO<{{4YX=)X*EM7;&QjzpWa6k?+y
zTmdP1E|P4#^y%Scl7ZmLPs@X*{#S8kbnJSB6=YaGdmH9r(V|kEq83neF7;(z3^Z=>
zb|1~x=}`%)pRmAyO_u@eGq45gNDYO{cmip4&X)rhuP}KEoPpt`zX((78cmJvve3n2
zxd?gbhG-3`_yEc23SIXQ+28LXLR6mW4En>AL2Kovp8JojIS=p;s466U#xQV>u)4nJ
zn~@(2N9>QmMyOUm{mi0c336^2TUVgc?{&x4s?ZyJH(nA|wk68cR94VJOg=a&R(H%1
zl}&kWprXrN%<(glP34YOObU>urdLOfj-vX|KoveV5nd8QY9@sx78exaMm5acj!&-D
zQ-aXa5rA;DzXlvb!j)!$T$%v<-#cbs@a)XS6ptn7K@H%#mN!?{w3xW<5-pbieZkmX
zvXiWPupHT_qS>!zs<V{Q3V#77c-u)@S9=K@fVsOI5$#xa>uD5S^Hs0V4V&)dJ^8hp
zWHe$SS-n*a^~_0v2>%1h!sS=QZl%%XkU`~j%mC~)XkqbBA1x$zM+3HC1(eYjx%u4K
zo56gJw5#^JIQwrEt*xjMStd+xc1Kw-(vT|K{1>RL!tSq}rWmf~ehs!JcN4U+HS+0*
z&7p%h%0F{n(JYz8RXAMOvzB7W)vEUp-KcZDi<QL$kYmEz6;9EUY?^Xy&y#b!v=zy?
zq<kwp?CbMn%V_CgWqdQ{AIPh4xDa%U+Mb0zk^kNKDI@vNHC~2Knyq>U9q0TiZht?j
zyiJSK9eE-HB&VLTQv+vvS?-`=r+CSQ<AhN5sW2@NmHdM%QEU9zN1~5DUD+(n7&8W&
z^!WqO4;MQCS8M{5`W@zV+#!vfVyBv_g5EEm&uLYz5lwdJ?4^3^OFwu+``g{1U-E0z
z0A*Hvlzs)|!CVU@CS=X@gDUS6(!3adJ{eR`82~}{R_a1bu(LAUa&KR)Dsvr8%w$DC
zP>+r^1B{Pxbs<mhQ5E3=zr85Yl4MB4xHKWivsMoEVTPJvbY(o?)|`aUWO<w)3ob<E
zn-L#BOwQ_S0AAs6Af-)w%Kry{o53K8Hr+df>}kpJ6O_7cf1Ue_7s_mm!0JWN$FAi|
zbgS5a8SGHBCyx#ydE&R?uiN-TkI%T27pDf&!yIp7Qj6q42E$D1#6==h4OXLD4Ag=N
zrz$K2+x#5x{IBdmXG*YCNh+FWo`Jr`i^)8(GuF8TbsqnyW?r7hZ1u8qc}8N#Hl2t@
z0%dr+syhZk+914X$j@lu;)PHXG-)jo6#4d7I<jt>TSDIFYr6uE{Zma*xVn*^J4(3y
zmL%<SiOQ1FQ@!l;S#>{-t{-7<s6u>>drLY#JgSKZe<iDK0n@1YtTK`?8NrwT9ZB%z
zg!Sef6;KIBtBWXffqq)d9-z-K_byZL8>C+s=j)C+a%#@?iL^QnXN2ARfXwO)XrY`@
za0kAyq4yjdbN>j+7akTZ*{in7>Xd?OU5km=1oza4h~vIqs)xu-B5#_XPA&I`$l09i
zemL7Pf!a@tI%5EFPYYUU!5UBN0pgv{7b;9QzUo)jzdOlm?$o7%ch*<{OJB{1<@4uy
zi2GRjJ+^67r`C#8X;Z)SA?EC<B(@h2%%+K>l{i2k831;2nsE%c!c@PqHBn@Z44qRC
z_4nWHQ@S9Ye-PCJzhhkMUov6MdCXXU<!~?!K_QEgfa%izByv&6-3Vo2MHn<tZ0Wh;
zhW3`GNs>AD#s3$GriqcYPm1>613v*t_@RA}xJ4I}@r)pG{DFhR$iREh#0g>9Kqgpz
zpK~UVG)j>M6#9DRtoh#?wAs^Kc`<B_yJR0YBE6Gs4ZP)nub=@5s3*~v09e%XM#tIb
zp?2fH@k`LcA2_O9(SI8-Dh{6~)7QTiap+SHn#^3;**okcIn&ZtPrX>Dmj!hX$NGMk
ztd=n``}cTPPlF%`bodb~t5RqW?nkg!QbN*ui2i*|*@ySWrBO?V9qYx+;eOz`JJvgA
z;%dZ7`+aLyoobG2BP!TGUK7(((6h3JI?&sy*5spQ@u?Swr(5d(-;kEjs15Wb7a6)0
z*Rl$_IAtwbPhWju<3#>aW4X0BO@HlU*fl8)0*yT=1KI<iK4eh7a;)3{GQT0Bz2#Ao
zH4&)=EWqudOt@CN`cXx;u`>(C9x^vsr2RJ|E@KWC?1Fr87Z=vX;%}OQi5M{$+%K$k
z(ssZr(?vJw@J363R<G?CwRD$b{okgRRI|JsR|8CA$aQN`<YyUByCpiXOVdm=U7H8i
z1k1Yte&K+S0@xi9VoWSTQ|RoAwUxDaSL0{1#;2H`ogJQwY~|Nk?FE60d)2nc5K~Gl
z;F<HlASAC%o0UJh&MR+q%W72p`OQfU*hXpF)~^mA^>@B}yE+|~92Fj6fNuu|Z;QG!
z_<h6c6G=AMPyjBd#Ho|EM#jY}p74_%V<P3lRE1LFax?kgD(eG4C*%+ufOt6hk#w3z
zZyXm8APxE#=b8Cm+wEgqVt<hkd06PRN^Iv=EKK$`?NM{R()PyO*;nGRb(nCnGh^gm
z6@q)AoiC&fB~ztV1Dxtg>qXO<J-^g6TSg1%*2OI*Illn<G|&w)*5XCstwM`6SAd&=
z8)*z^#Ec{`QV*bH8W3nmHr?31Z*DZBsW-*Jj5UqXKw39uHWQ1Y(XFb$*g*P8P^BPe
zs)OF23f~)2QWe9*a7*WR{L!>0MIcv+MXcT($Z-T@((Cd)3~xf)#5>H^y^?EpV89Gm
zckaG++;1bs!il(zx#9l$y!wM|dr^2H(C9Up>InQBsL$A9BFMjf?|qe$s8`(k+}q<{
z3xr4Z_}_Ea9stqGLMg-=F*&trZ9D%+7=3mh0NkCIGQ&ZJXZJG3@rLSSAt%odR@xtU
zk+^r%2M;(4F+jjf<{D4k;<v|Oy@<k1$drH=Gx4VDm6VVU!rSoOkw=00iPXM3;VcCQ
z7Vyo-$B^R6zqhB%a3vr6=2UiFh$Bx7j}Ve1UO;giA0Q{w5lrJP_@17Io6(FX`u+U=
zrac40E^#p4i5)*^U;tz&c>{<UHilB3zqRYCAJ~~8AXT*m5g=JAEHI|~W9Mu=2#+~4
z&v^<_8@>1cIF+DZ!I?OB=)3*VdS9rK!9J5ksO%xg7VF?sBdd1hYjfqR_Wt=xLwl3L
z<`^8OJgGElQKYf*wTBIPM!blYnsZ`ZBb+u#pF6TylKj&aE#@B3@`8D2ZMoZ$>c--M
zU{3kpoD*^coQ{7gx@REqLGca~g3xOb(u-65l$17&EZe7p^C{Y}*QU8Gb>r%{fw=R*
zZf&^kA(@fB+TpULcb`W{^WA%j6l=~GDNEc3Mr~~FqMM9a-k7`@2D^4cxqexr{S*cO
z*N6H*C&TYu|Awi;j0#ibILsBJA0D)akLI{&np|;94Jz(;j4!g9R9Kvd`_T&WijQzg
z!kmTa>1qt~SkCuPN#4Gii=x!W1St>dZgJc?j|V#U2U=MByVcFy^mQU!6(Y!^_V6l|
zD9H4kgu1TurAIeH2syjB$8J5JQMT_o;RBj!zK6n<pNv!-GanH+EPNnR!_Op)uNcIj
zm$I{v8IZmu(~f3Hrk;_ZEqM*ok{fJ|9T`n=qPDdb|9e`GN`0R^J-8cZvv#3Ha>pto
zLoNu27n^74QOFVx6m@_!Azq(|`B`2qL7aN72@i1tk!WM1E(8FEt^U%B1I;Et#DHpO
znNpJNI$Mj<<D_ek`4z&XWNhqOlje#(If)G;3BjbgG0Y`M^hZS-29ei09Fh!>hXKOw
z(N`4!x1>x@91T=5zZrkx(^ru>T;>uIYD~Sk*rBl{C?*B<)lP0i3=a0}4E7|f{CNv}
zs9#&$YhO&-%h36S6Su>d8;ou2!zA*~^?3G9oEzY(_}A6t?_DA3uhlH7C9<d$v3=r(
z4SMJ7U1ENzH(Rn!iz?eb?TN1OJNrnJaTI)i!Ku)67(wTbuWO(Fa`g`rtNDBsxaN8s
zPh6WbrQt=t{v8=+)gUg1NG)gT<L&p2A_4v++ft%HK3P((`x~{QCdF`U<3?FRD1zy;
z9CjC6x*PM)<F^X$$5$;>-cf)7I1@og!qy0vlA&q?A3y1=l8q#XEw~m>3J!!u93zD|
zhunm6xIakS`E)7iJEk+s0Rd~8nZ4;Ujx%Jea#;emq`HuM5~P~2MZP54Jf86tG&Iy@
z64=1Pf4VLOROM)fAKg3j3DD=SsLPm{Dx!1*(sYFN))}l$wUFafR3J4s9JZv2z4b)O
z@GnRmtjWsgFLALwKo-2gbPMg_3~jH}kK?;*bG*+iOSReE@?R6th*h4}X}l9{#x2-#
zrNhBq(;T;3`zaJMDHMb8TBQ+grDbkM3Yn@J(`h7huUEM}rVcje2K<<nK8h}RcBI7~
zb4`*1$CW0~AFZO%xuwu&q(GGtN|tN#)-bHHf#lo}sdAJ{N6K`V59BlPu1j^<@zLE!
zKUxk8#xCg=gbul7D9adILr4l6*1ssL?|<Y7+`W11YcoJiny-Htw$Y>UTA%{N+x*Yj
zaagM?Fx)`D*vnY8XJVLVP#e576gOIASYzq$8#UW2)<|^31fv-s;Ueb;FxMUY^=~ET
z?^4khNM{xTHo3;uKFsWI_!}ViGR)==<JPkIWw<gbx{f*PIL5qpG1t!g{=37l;zjxG
z?=xiuV=;>d!<*5P=qJmliQ|bfV*8_{=uf4f8-j_~*UCNT``<^J9)CeLx2ooDDml$G
zfZs9|+&x4=b+t)M-Ij&*d=t6u@*2Fj3SYm#Y{1BaW~)UqMj?fI*M+HuK>H45*W3NA
z!f`F9kG9z<@-5`pufVTZ%6*%BOiNClnmhp`0%6;jn#u%Q9_2=+mg+i=?kzO>N`+Up
zq@CdkuI%f4Shzl>%?qM_D8nnQzU&Wg?2PMlf)JiBhxoNd0^FP&`4XmL;Bbrwpi+MH
z(fW4wsdztG9h(T76q^FO2<Vz?fU)}f5SZzKNR2fYCQZ8|xNm@Le?(Snelvm1WPt=A
zPZq8@5mL_?Km@8^%kTq-9Os4{q@$8m@4X<+INK~G#ruI^1buIqSW;hvs#-8M?gT2S
z*qe+E`1O`pNbuDvH0zs>GYy0{M3-mTR5hn_1|1?Jt9>!`oOiu)Sci8NO3sgq{5Gz;
zpj3Z0i-?-!PGrsK&VGQ0$s&o|@4tTl=j#e1o4p_wWM{PIC}!LYLuKG`8OMuLXY!5q
z(^oeeeoa6#n5dNv6`2skGxA3IJnj(5bS7s*%tR1hpATUf)w^1vxkIBJ(;Gw?9C*jk
z039-VYnlwSyi{(i1!guaE$5-nZrft3bx4f$7tysl{H)pDwS$?+ZR}<T82}v}PCW!0
z6<6*J8JYQ|k4)_BYWc^~MA4YFS*uQ=`g&<~K%ea6$Q!gjDES%)r-0b|uc7T>qzdx6
z8DybX$ZS$qqNbuqhtnsSa54D3w)bKDu665bHWN*Hh}A+jS4G&D;~FjQw;coq#L&$0
zjHykPY<w*_M9AbwpRus7sb2i71ujSIbdmd6X0$hz3wXdpf$uha-JipW6|uWmDN}YQ
z@gwF({E%}3<)HnK444CKktj{LhcRUfoL>^>NZxPC7oD*A(f5kCWPpCdSKp{+esIgj
zUowqvWXyGH25OdSt^|S{@7bynszUZsTro<Psa@<w2JpbjP18%ApIEyn+YR$Y7JP!!
zQt}oZSCyuXBss>WjRf70?~i$M4aUZbjnK-gLwP#oj^&t%KiXs+k!W`|86}s6`p{)q
zzarhNs%zLl_bJ$mj0n4MuWoD38rgpzW<|xYfkfYuSb6S`!AQg*Ld6gjl=+zrO{@gV
zXrHh@<z9~;j1enkn#K%U^yNu+K2#&Zr`m!)?@B6ZT}GV2Ql<Ko^(faiT|LG+YK0hD
zsz3~PDelJ}nvk+}7xvoLbKc3(04BB}w#oVvcQ#~%#3$|9_FH&1X7T)1eQ|*BrK}=d
z#HF>^T*YVd|2o&fIifWO1eV2?J$x5IOit#{mF|><BSlNoq4gz}vP(eYoFm>jzs8n(
z^^FC{Mb|yG*}Az?Qh-N(Y|=oZf=fd(p{n(dgp-Y#??U3?^Wi1@8uTo)3hkfogBu*b
z!zT&rQ4OuelnHz}m59ZCa_$HMt>}@Y%_hxAI3BSFU_*u??_>+e34pW}t`i$Yu;>9p
zT8+q(H@x3eJdcKrrs&gx!}CJ2(ziS3Mxu_r<!FS5c>8NLxht1m_fkfC76L<cD|OZK
z@eWe(M3_)XQP$H=*R&64{<&jlketAw<RG7D#qY`mkTv?^2Ax}%@dpt$H<SBa%mjOa
z$aJjFLAB$dk3d)P(bZDoGtk4C?V$72QI0lww3CeDcBi5|%9YWizd^q+98lC@npdC4
z%v|;|aM~Ni>p5xJ(qZP&D&rud80WqosQ=j(%i0>xB6QH71&)o~FFzpRqh_P2#bSQR
z8lgLtK*~8`-2kWkVS3R!uh&puR8`S@dja%vP=b4lx01duzedGZ+Tx59()1cLKDNR!
z(V7jQx6$~|K-;IiLXNkY1m78qIN0oaxw}cpeo!}u8+Brhicr~ciH`@T?wkLh$#q-$
z1&zEed;L_ZZERm-fi9w+vQELYgRLVY#Pmn|>+yyb?a-7PX$2pk?aMFB7G%(+Xkj74
zNqzqFlog$4NG5sRFXhmOzVAS4hjeA`OQE58?>VdF0ru=4iA9a!JLM2cIA3ZP%03+%
zj}JSGi_;<8bXboDBemahzKOK%be7VPhInZ%zS>{zPN%gt8fNIRU2zomUAlD)?9VFa
zn6+9U#YM9}niC31c_!VFve5R;S%1BeK8E&}-eEY8=Q=feV*ys-lOe(V&h^U<U@K=U
z9)kf2&T?qmnds&knadgIX>U{62UL=KA1$(!buCTNl^IbQFB`=bt6~dhsl_D$17>^q
z=rT`F(V<s~jDfQLjth4EnIqEu#!X40=*?*Obljj}N1n(ElqEPT(t2dEh+bb>tK4rH
z&s5hV&7-o<c4g;%ZiTh}IG-hN2M1|5&;4q9TW7lOP}@~M8?g-R){RI;%SN~guf#{h
zArqtM%dCYOv#PIZU3N-wzS90XgwL{F<EN$#U}hq39<CWv^A$fi+8h1r#g=f?mqfd&
z>QL^`+t%B1SvZ+{-byfin4pY}f`C_9L$xvPlkrF`5Z*-E4g$D-tuaZ~t^`!_nQ}l(
zRF%y>L>0ytmO_6N-gP$`bML2$*Cx_j8E_!0RBNw`Q~4XtP;G%7H(Q(s`(h_4<SP0Z
z9AaEQ2S(LD6;4x%(zE;s?gCiQJLF$e^55XT)I2FGFL~u?@V7r2Y$FnpX7=0RON@a|
zK5|i3s1GZ+PjBN+8H_O&r%Dp;NOzdW>{@PYY_!V=7iXLiS7J3#OC@gth|!5+y;ty$
z&Q_k+)y-!XkRUb(GmaCZ)i4JkiFgKFbqx~lZS1BSd*6%r<n?f^;Ikb)Nuisk<JFTT
z8I@)^VQ=if{TH>s3!s1k^w=iP2%vi!Xp(Af;MhBr0`^w2B0G4@&hvGui<?^c8(XFW
zFzrg^{0y&@wa!VcU_GTvc@sS;iCgIJNHN2(&Y<NR?F&XPQnd0MnuaKbFrTo!o2Jg#
zeEbwQUeuJsM%p0M>f0<8>Ob40k~|#s2vpE6i)$WyztcFd5<hjz3SmRYavW36W6Q36
zX(Ca1dT;DzF4@U%<}ULp1uTp6QIN}dU+J>OK$rcEylUaxXnz}tX0_erSTd3U4~@ys
z`JVJ^i8S@z0dQYrY#w!A)R!cCd5H@)YIFWY76;h-=~TlGxB#o|sM-9Hvmf;F5dh)Q
zvRU1VH;2i3!R(NQpX+<dty2tcK-PiJ{L-iBu#V%MBfp`dFLJJcZEs^U>oF{Vnx6JY
z-gTdwlt75jbv;_E6d^WCncq?6h(OI-f0}rXN4+w`-{$7>_nxctEez?@s@epgIyJrS
zr3*Nc3GC#UjmCP%@z3?*ofvTy{>WWIjj4-i>jJauW_irv>;M83fceIjr*F;XtnIx<
zRo1kB10DwiTGtN!XO7~IX8(F0)v7GcXVo$=vb=Y>w=-5nt|&Umqq6WGP7{`0rq`8o
z1v*w68|R|aaQ_|7KK?J<EqLpGs!+HILHniW`92`=C)yY--tEW9y&hC0gBdMaVfUW7
zsZ_954KB1V_%)h)lx_RZo#WuLn8BY73Mz`ut5bR16fOU77-i`I1`wm9$^G`49*EPp
zCn@6{l4F&Run?b)^=uaTi{x`}G!+oQ0U5&&Jey<8DIjpYxHZ(=-sP01IiG-U<b7)0
z800g~bDn^Gq0#=d-Mv`I#y-(?l*UaeVBdm#T=xh-i=e}3IL;sZou+vpiTu|cHg=)m
zopSIG`Ex)?nx^3hCTw}{zJ99Hc?n?!5u6+XgcI(3$04-DcxM%`jk0qcNBw(uwm0O}
zHQwggR^ky#V)eVwM>Cqhg_Uz*9nS}8L+Y-!dM8^G(8Z4VeXwt7xel?;^Ha|Bsqc#E
zV_IcO&k9MzdCTSQFH$MmlFN@m0iMX`ecuMDBH*x`qn3A4-S3QIb!_(wPc{t7%xo|I
z#J*FNCxrf*{#m6lW&Myv|1_WlI`{}Qj>U=F<>{!gF@M}n_OJVD-`=c~nL2(jgwHft
zO|Llz+|AM!1RHAJMe@yg;JpVR;$s9nCE}n3cpgbyr+;lQT{Z;7jl|lPic}mwtjdLs
z=LoGS`)k9F-EVFY8<s>CG9s~<7S?2)GS!s;!KbI%E2+@r+5hDfvtxwL|Isl2tMh$S
zc}_c|{LuJ#W>XJBdP%uCC12rfe_{p@@c|vVl=!L~%~#5;M+CSeWNxN{+YS^O8g<`~
zynx$Ix0Zca3h{7;fj@Mb(>n{b1rsSOur37AOU)af_W-c%mAnYn5$51|UVPw@OqlF_
zxI4Oe_4q(Kgyp}>BgnN-rM&$RJZBT1*7^Miy=(Uk?P6*p+?OMhXxX6haH~%OUd^N#
zFXDc_!a<bcd)p;LW1w|ae7>hAm}7;RR8kp0FHWLEf+cUJrm`>OkVCvYTqU?#sG^G2
zkG{GM1B^?-t3zN^tvaWZ4>Vl0mezpw6!*!xC0E(>trbWDj6{eZnG2N-F<*)HZTZJ~
zF*tgEf4WM<nVJ`GUKd<?Qy*EVp%s5tUFuHqcE{bhi#F3;(VrbbV(jpu86&NP*YiHV
zNxEA2IrDxYflID2`GeFwYFVJV26gH<#-Nb*A5<bUFrD^z@aWyIV%L9Dj{^!=lIZZR
zC*|HZyQt~1qK-oiG>W%RKac*z#8Y|JGfPG@2kLB@il#Ro>NS1=EwA6$Q<Mj$6P%mr
zCtH^keq*QuZ8^*Bf}?2kJ6w9A)_As}3GpHU3rUBbY+_h>9f|Zb)E_^q09dbTtJZ?g
zD||19|JWj6bso4UPVG*>)i|c6gLHlbp!|R8s6v~%sJe_Fuau#V%r7T(vOYh3<=@D0
z5<DAe?6z?IY8w`wd#{HFjjktKp^7DtIu;pSRGp!7^`a-yW>3^uo+oTrroFaBA_;rU
z|D@L&v*qO^+o;am6>slE=@h3>$Z|X`g4^&t1+EBRx#KfI-}~AULZ<2*<7fAedT%B8
zQSmsvC48EwO;1%krl7j+7AOTuqzxiG;(q<nL-QEF{wb6G@*IN}1;lZ4P8t!JVS|ev
z-UcfDooX4aD=}B0N}kdZR^x*C3n-MnHgn}wkfrug3!YmTw8GU*%bMQnK0a*hrjDg!
zPZZo+<Y>mAr3Jgun;vlR73o!~K%?WO5O^r1&Q~^nl;;;#-lFb4_1YFoV~6&GP)kRt
zy{qHdgoMR?eSyzU`U;92`3r)-^@Wpar@#s2dCAl%XqV#Kt01Qx7>xFug@zA)zbWat
zsb%RIgZdUQkcxIjIRnAlt=h3`tcZ<^B*-yOxPX!~<^y?J5#DPi52sSB27%kL<1U|!
zwQnfVO(`4P6`Z{G^9+L*If(~Fn+r8%=?+IKWnCCtGsLnMO<RbH`ypUp3kM+9=H@a4
zp*)0jVUn^wZRq^Y0WY9maL^%L_0f21Soozi(~JPwK0fy%Ar3oa;AF$M*!zUa6vGtu
zi6wF=^cfcsq81_|)GXjkQsL!Crs&k;gnjfGfrHF~_$m7Dtx|?A_dO@Giu+{smlkVH
zK@b(GOw6VVqwRCsrvtnNn^ZYYqc;X%3s2Lk_$*S8ZSN<!Yrl+r?rgaF6oKeX!^;yq
z`ZDDbA`)jE$kC?f4N^E)#Z+1roY7kuiDT-(inl+;ty`ej`MOg5C0;oE5>X7|<(R}F
zGbjCm(8ijmiX;)G?8idWhYJ9ad&i2(2OwWfC~y2aUH&u)K0OR-q-XLE%8`c8LCW|t
zSOTj;^XC}IXrckG;dts1r@zJ|O(i%eAy;KjXiH?SE`QHYkNJvbs?I9gU^R}4P8d`r
z(Jr*}5!N%c926VSbo98$JRNQf(7NsqAS+JPTbLBgaeLQQq3?w0kEe8AyQe$fxZdQF
zYp&Cfm8qP3E=vE0lB%YW9?jcJ=|FI!&<u!S;SF+RLgH%X9@i-gyfY>G1cj=T^{!)q
zoUQGo+Lyxm;SBIN80A!&3bww-t7E@E1%&FVib%PHEvEwVM75RtvtL(pgsSopjzP&Y
z7K2$U1tkfrz@D)$b31*pN#55h6bgp<gwdR=v`Dze;GDWs&7+}IdAb6lK9lYOCiQu6
z2v-C{SC~`{GP^)_JuAS!F7I_6#E<H+p{OHJ8k*PrmL&+MCj8FBc_JoDaWx_AzM5uh
zVp7n@V#^KmErdf)Ii3H^<r7&_*+Jlt@X_F)jaB+wEg0Cvm3e0}L+Kf^C>hw|aE;<o
z$rJp<p6b5^y+#$wCG<^JE&S6b#daxncZOq?$22>t+V5E@F#S;9;ewMrqWIufeW<Tw
z0gy4RYdb(ytS3^Our_ubIt3J20n!aJ$p*J4a?>i;S}Fm4c(cqcd7UjtP>vMq1_k(+
z_+{VlaK#JyW;-?HeXJCASmh&!-QaJ13I`2KV^V33Hw~-dq6{Xj6GNz9&(7n=u38H8
zg9Du?P2&Jq!&mqt4~_aj9SakkK0-?D4<&cJ_M>zA4nwZyedM7(e~FJOSWnD?_s_nu
zQd6(khY;&XwcVzqUmYfiVSF7|l@r|QevRz9Z`Qayr$#<ZaMcOk(kWIspg}*)jp39y
zUb)i>bKr7p)TylO##ve=Y03j`<JWekE74r<-!$G>+4`ZlI<lgQ%8lC=8`o`ZgBe=Z
zAs%nluI=~;P$va!J@;9a5>fE(?eX@IYmoXbzG8#>;7~bvfFs&MCdZz9DJFp=clK<W
zWVAm-`ST0Iip=ENEVRLRWd@)YT8fO&9<SaEM#WElsJvBUdy}JM3gvIM@TcCSep^v{
z`@rxyEQ4GQph>rem-pVg34;+YoG3!1*P#CP^78TJT)i@xC46*LHFp;{R`C{uftLLk
z#xGkb%NAe^&*s0yH2WQ?$Y1YsSh`HgI;1E?u&P%R+pm*nV%>3Y1?XR%657&ylO}}4
zF%<u0Lr?{zI>a=H0`9w1k*Ql@!um7mPUBs%bcYku*P5mmct~P0gedr{k$&M$dbsOV
zZVOH`6big}g*qK@I92i%?6p94I~m+qD-2?CbT8%P4(kSrqihi}R8Y9;lO(N?TwUoo
zBg}e2rKAQL6<&P86{L>%n$}B1OMi%2P?1<N6oqWO<@XRgMS;378sSo3OA;=jDi$kZ
z$pw&GaZ)tj^3Cy{RY!R=aCT;Nx`&iNcgv4u$S;z!xqvp=75m|<`wq%%(mnlT-IaA`
z<f{NDn^Q;T@V@<iR8s5;&-q~vp9VKd@>lL)(MjQRg0?x9XxG8`Pf2K~easjX7zPEr
zfDS^Hj#-`q$@FuB^c$RWw%i((wLA>h^!!=wk#B}iiejG@M7aF3rHr4h?lE(jS)f4a
zDJ!a66BNUMworkrYsxx0<N-9#_h-bFS=R;EN8K^Md|o~TG2D1l{^Ep4eayL239dQN
zCS`~osi8ZWZ{j+7SvqY@l@dR}XLr0F$pC&`CFoLMte=;x+i#NOf}{~D`TMYsTdcaw
zl{|8Iy%A;L@Y&UH+U{Xtcbh3sn?95D3-|Ux%iz6^s1R}JD^)a_?I~hiA!N~GrxX4w
zRR0YeZ)bG*7iEf*t&SI6-M!XYDP{!dM8mj&A2zR1&1n<SDk!q4o3ij=j$wnPBW8mF
zuqVZFu<|dvJ~ufy>Jor^XKStD_g8p6xb+wySr)l&yT-g%btQhQ6don0#i<F0gCkBi
zA`4{78*&<|Nyu!*yC{tsNJwq0#!HXg3A2XtN?ONX=FrU7S3;?<OBGVI_vp}X=`m~{
z&ybas&^6xmMLKR@q@fdPi#mX^rWlOM1+?j|Kw(8|<709*^Gy25A4(*{<4#4lG9JIq
z?`yZBCr48d)>C+$0jqGZ*IZr)^2o)n)tNt^oeVV$G~V+Uy~{>uT^HVo9T4EuAp-S%
z@xI1lfK}yKOmI<mG|ld#^r3X>z0RrJ5bx*hzPAAtbRGS-7-bYl5eQy-?&=GKj@uRW
z?Pj;;K~DEJz|p5}-v@t$hEfYZy7)pU9jc=Ss<rQWKz`mr=JJZVd|{eu@(5HKXv;8n
zAZ=$NUso^BQY}yZKaS49Ezh@&<F#y?%Wm1WmKT?~Y%JS$%XZ6l%Wk!7+ikV=UcdJb
z*m11qdG6~z&o4d~*6m!v?ini*3$mj7I}ZrCy@s9q!U<m9_hgWN*7rNfmFGyoUc6(t
zZL6vL&-8{qAYYsd#<i37UOX5j0;82?$33VtL*N~nWJ{q;3^zsnG3F=^#yP&7iZwPv
zEJMlR1J;c-^utwJykmKp6vce&xbfCjKLs%aHuTi@HaE{PX31|Z)t~95yy7~(RVfEa
z`Kco(e60Lti%;j9^p&RRnV)6oBBA&iZUydoxEG#?0>|*Tq(HJ7H@r6V)Yg9I08bw^
z=4o7?P@^!mC1eVGi_H0B=ezi{f-lX|e>=7*rVS?RTjI&%(WXqEV}j9~eZWFmR>oC_
z2ql|N^|fIW7c)dyhOQiVIJw^iYRv@-)hf>zC1FC%LaY}#G?}s9XMTR<85fH+qi#mY
zYbLp4XrM1upFZQfK+QtN6`29zXkrB?heu(y*auIUMaFzZLzXW0Y(9k8HrBrmH`7Ay
zox9d*Urp0BD&|YyicRV(X<57OmooSN>dTBWRG|+<c&G9vf3%trCG89S6Ud$whVqx1
z$BQK&rI=J3MJ6Hl#o*sj9_zm+hnauj{#otvHB6VI@9e%QZHfqUF{#V<#mOE~iiuE6
zox#aIZTc2G_4oO=OFCTUSzQrZL##O7ZGKt_&F<&n^-R2iLyOE)euL9hA;#by=?_Ob
z!BuBC$*?_kF0JvJZRj=l>*2^oFiDb%qOaJ>k9of^m!CJFV81J?e}Gk`(lDWHZ^K^s
z67xreb5bTaO{{>LXB!Ce;)X|jJ09*5`vuEy|L%t0{`_5eL&79Xdu)kcq`a(U%MLUb
zt&N!1vzo&gRc2=Phl@rxP&HvB-MgH_L8D{(S0s#p>lLedt^bQS-t36tAJ$Y|(nr#1
zSTpVS1_58et0~;@E#UQC1SJ7=6k8uf#4K>&z<Ms}^)~VL`gg^joa@hzwXZa*>xHcp
zO-t`-q%JZ?ZA3+GhiPIIm7((o-zNXm2iLtxVcwm*oe{LUNb(0PLmibrbj-4MD-&~t
zW#kW$Mz01SGF0E=GE~Whx{rm*b1f`V`{u4+x`K|7B}=P0rGGQlna%4T-H8XT>L$GW
z-}#X<=NvKpyGI$9KcS1;2Eu#=@6V!RxYiP9s=y8(h!M=rKat&B6!jt0yP-Oo?2|KA
zdEh5>C6a%ICnlds$S8|3F9Lx#i*hXHEsv9|>@uSZOB9)fb?spMRa)&K8W<ocS<6AC
z_)|?CE=~R1whx*6zU1*>oYq$$Kypmeze7wXXYFGFXB-@jK&MQ0fchxvYWk=7L=?Do
zX1TGStb8Jd2Tci`5Nb~C{vGY&LYj+-!w1{CX9=lb-T4yBP{;K%YV8NiqO-^d+$9!6
z-n*;W`+2@-E%pm0@tEyiw{khrFls?-!fJ@z9~y!ork8^;Gfth0S$#2oKFnq)@|_U0
zLiH^QEzJuoof32oro{*+FZON4<Ly51)XTcB$<?3?ZJ3UW;Na3icwGe#XSLVU*~a};
zw6VX@hwyO>rUZwRJkDNDQS2zH{A5J4`8A^CI7nM#Yb7{-!D}NAO$_if+hru9G;biJ
z_)#VeOWWDK=T5l+kzbPI)3>{_59KH~n5Oc8?f1^fH4?!wg@MLV{p$I1-uQ}w`Y6&q
zP5N_jmiV9W)OB(fxt|U+Gbx-gy|NdMZ8|+mp+4=Xnq+6b&!@TvvV<wLkui883*b5K
z5mK<XRDM{-*{qDcfCh~-qIIcHTJna)O+0RL`;EyJH2Z^AtwGUs&!xnY!FK)3VI{%A
zpz)jljfq~PC3#|3Y`3h9^-SN&6<U0^I9gxqAh|kYo$p^5yoHUDj*V;c5*472Z4)5*
zet6kYPJfv4F5moWpwMMMY&=(=7e9{>_G$9Z$`;RD;wK_x_kwzO#R4($FoOx_6ezMa
z4l&tLeaA`48@Xq6WpCWAzC!ymVqV_lE`Qn8Wv<nI^nWhSQ%Jn9B-612eP(!BmaQ2z
z*tjo0)|9DUQQxf9e3H=Xo(3r763Pwfe1g0B+d344$%mFj{vH>bAorCiXu^v?L<3cu
zvca#xZJJoS3!Lx#eX(|J1SWF=n_<8BWL_~p|AT0atMP>QhRr{=%Lyj(8hK-|m&;0s
zj~NR~z$<DHYnI*+*t{f>St9Dj!-b6Sj^rDswveNpp>*%`<vr7R<xEV^Q&AW67$wv&
zDIc%=dPjwL;U2*LThZ=ie{YEUPJz0&EfGx(%3fP$PYe4Z7=HY?7-9N689Zs0x>gqH
zK*HmXFmN*agIsgi(`aHg!PBz$c3|jASx8^!Eh+SpYEkh8n%UR$gn27P;?ZmivEf$`
zmqs2fr<SaQ5y4-)UpwGed;Ec$%az}YEFT@=pNi``!;rQI!clHDDqps9z#|j?sW)zL
zY*MA+F6KV!iH_nkO8qacdHCBtYHVNmj%P<lp)~|_jx$=6!5MOfReD}L+#R)ov^Pp7
zgXyNmeQ#Xg=(7}O2eW2}S8iw2HbydZT4KaBuHqpiU|mMA?~!)82^-C^CHaKH^d~UT
z2ATv|WC_2~b=Lm`n$#JALrzM(_sEs>`LWa4hX&?}a$6(W`8}yW*PnWSHsUt~wIO`=
z;yz&AmtEFw9MltvmcF`Yx)f8hocyQ;O|mNuh6~-W%ESlndQW~ZykiKHvtm}|?InTZ
z_lkz*@6^4QxT<6v`AT9ESbGY`ue2VcaK2n@N6Jg}oICP083R9`Qb0K5H1Xp0uO^6{
zNe+_qUzN&Do$rAp%aL|<dHQuM)K~9bjdJMpwR{HbbKYE!LoYjv8_~B2_rLkxx|_Tz
zxSyOCM5c(Rz?yslOL>O;OZ)D~hD3CP(jCrE+nH?ezga!5Pf4i8o}ltwV%O-C#JJ^B
zcwirdzavE8uQ(~Y{CZwCE+*BOt?l-J*zG<JcbPTE8r`CfEIYJxVkUPK1@8^h);*?M
zB&|>vp>zaIWk}+-oTZsjw`o-(VKiJ9z2qAQ@6Yh-gA&kOwMh^r-k(44Mo#Mtt-(Z%
zC-#v!vD%wZyzi<*idJW!_q?1v^QSb3i1<3W1l~IKIl4rnIE(QNCGb=xl3M%ZLE9oO
zEPdPsjHc~3t_Bh*cDySV@b#ldhfKGGMUDj^0aDMNgT`PLCFM@8e%;wpH_PSCf#*~-
zq2q3(66q5o$?bzeXIP>d$conW$_o8rwoCRm`EzhmZhJkiP)&P=u`lm6T$TqolCQCD
zoZ;Ve(lhiCZ8M0FN@s9%#6n%AEBR$=&_?T{=sFiTwQFC*fwzFExm!`jwbpf~NYbXP
z_Wd%F6;}<@AF#BnC^%j~Nap#w^dY^oI*vNxpXClKB;ti5>sXG=th;0!heny&yNf7*
zl&S5f&zi2Eo`by}KS0)N8n@z_3wnpNSz(zetb;uaX2?5T_1weUZrb}Ox^5vFqIVP!
zSb^_I+17~QCK6#F>au<Cj&*t*yjtN^f*J#cF?2*op+dhPnz@LKWc!Ume+aag5%xg|
zC^F8+mI1%O;Oqb1D3Qvqm(z1J-q)}*zj3z?%me*39X5eSD%uUQNhQ*dEfUwR_2r8R
z)Lbq`H`px8Q#zA23YwJ%Dmv-t#`)cbqQAhzLe4NU+6;4H&6~8A<*c{uo_rKDakn;)
zPTA?m(VD?5v}gAhE5{H%8fSxo+}Ua@_N({|T;ZNmYJB+Ur8kF{9X)tPge&$?^1b*L
z+$H5(g0Q$pHi0%^h3D`l3AbT}F&15ZL)g5wyLgW)IC>LV<5QgbDNv`*VujKi!ZFos
z<4MuU@{uG^V46ZH<qJ#$k-im9M-q+3N0$M&+&hr7O6zBMUE`U9)Rt5uH*O>xaDv{C
z((ujoCpDHZ!F4xF2xgXR{Vh9bDmxkU=nBC$AK2aEEA?JTb*|t;n<StGjD7)hAREbX
z^)rH`-j8RlpdvdaF&S3YtIv1=1Kvn0CBdur=8qUa1S?W(EetgjZd*~0DJ<1`&JdO^
z--cM(H-(K08pMmvqiRXzv=VtjB}zxzZyFN8&3lYlGsZEA!L$FmMDDA(5?&{q*al|{
zx4J;{XHs!O<!57;OUr)IkC4e}8nRJ4rKO9;^2|?AV(@Vx_{q6azhxJU_*6)J<VYZB
z;#^3yuF2AaVFG#YHB5fGH2LQf19?))C~hTOwnR0}9U&kRVm1I76<1&@aQLykUe+7e
ztzLUQaYJYc*$?JU6%B|Jmj|8&efdogHC?;zL0`>W^Q10IW1$Z689k+*bR^+>A#iUt
z8-#mfZ9#tX191{t{V~PU&9U+$ZemA<v6KK!1!Sm8*4|9X>u@5)I=VKr{JVeiXF<pI
zarK)wEhFt^)-p7OE;L^L)K56L_&&1b-ZWNGsq{2r-$vn8m@WoF-oK1@hJfX25R)Al
zr9%o*bctuOHj(vWe^A*h+~c+OJWTdNIC^!62|NZgccK)VQ7{YXNHF*a(Md6dabK?G
zF0C~plW%#pswF}rzuX-UCuzo=SA8&~f_SoEb@F3gF+lwBxbRyBJd!hECXxzjep92|
zSAv3t-otSxWTAvpzv6n=!vIEZc~4B!Vyy4D7+0ov{CieU&~j+{G}VPfkvWFRy&MUL
zVjdMx!gGqa1H}8j%!axm&HN&<$`pm=J)4BgqkO_a-<}u-jD!@4Vt*c69KsL$mftIB
z(NN3L{H$dh-EplVwr|0~vuHVspnux4?JWH8;i&9qdrI*1dYQ>Ar!yHPn@CPmyg{5%
z+pz6H+^bx0NG}Kp?qn;!I$Wc??P3RoM*!y__QwFNAJ2O!JM7VLMe+o!*msv_q>VW1
zP;fw%#-QBNz@$I@*Vu$Q8B0FbDRDguH746b@|vk`-5&&@R80GTJ{DaD0cS~KWsITW
zEwqNgQo(_`(2Nm&y~gEz7wYPA3WW)|9y8<`xhXsC{NW<q9ou?0-Fpb=S}Y@I&p*18
z5_8H_@XKdp)v`RUvHpF_NzNE0r#iIl%Q#dhW=A#%#Is1*Uk-)j>V{!2dHhM3T9)rK
zdZhZmU8k>6S*}aK?iV(ja&<k%c*xJ>S|j*>TppRt&l;?+AMx;4ZXXbd7vMq|Y*UNS
z-3Sc!Pz~w4(3f==DmT92E(xn8YyTx?PKNTzgpEr;n>zWKp=kISg3t(Z8%n%N1n<Fu
zBq7pO7tXk9R(~fS^}k6^RQFTCkNaDX8+ev2q2Y}bPuahVIq!}WK1`nMLlqr|BE~tT
zUgEqf<1PFQ7gs>)9JfUw;`xrJvGwcOix6)dgrn#EkH2Mz9>uvcn?cnYvo3cP6mpy+
zgROa?JoTQ+$8MaS1a8v59pX5|@fWc$W$f9o{{3v9+XyO_8=7hRw)e~<e7q~w8C4;i
zkfC_Tj15I496|<3@JWt~RX2R>74i$0UD8*l8W5fC6Dqe*U19(7O7(v3AFrPFGTRf8
z(d4EBGVWXd@tX9^>>`L*GunE3OU0gCh44>|qSkc<p<M2odN8OVy}-#dGivQujupmD
zh8HFqI0;O(*JQT~$FP3s$~@E)?Q^Ms<65XpD>!Y>?)u=11&OP5*qj&}OL|D$itO9?
zDaYD6f+@5gDL`rzai)zVeux&B6{Q-wLj;8C=Bdb_0k^sTUOLsrY{F8ZOvC^f0cq(9
zFVg#*Y?*&^fKqCi{ITMOn5EUC_*qq4D0Fpv$lyBN|0Xu#@N|iX?BI;hPO-xGAlrMC
z%_K)NVr+ervJ{4;^O}nm)1UQZ@?#Ck{trhTvg_7G{yuNdlPO?DPGoWign1BuV8$s}
zZ9?R7iqQTl{NQNvaQBFD%dC_k&9U%{x*c!LnJPboDF>Flp-##t1W?8DokVVmr7J83
zXUPB|$lpdkkAhwZgwU_IYmBeHyiwWTAbM4}b!lSIUJk#oD9KGVb(K@zN%iDut+Qyj
z0KvA}@C#cMxv-AOz+sgySs>m`)Uc4i*~3RRX08JKe2U?_W75tGr^}O|N6u8~&M$WQ
zg>v-A9=%$j{41kz%DDYq>RKFAID{UQdjJ0Z`jizgxoLxpyXDZ)UYpoO%0b%@TV`-$
zl2w(8y5Go{E#wj}Qj4pFGO@q9NR)B@u@0&In{n{!6#J0Xr6e6_%_!q#*Yw|~osaS3
zQ;v)pzME$TBk_G)u;=JU7{mib<BekgY|v|y`d|wek7kofX??Ia+}(6w68(7-&`HP|
z*1;5NZ<3H;&~H+xdqE|+n@<A*qi?#N3*TmV7#Y2t4RD}6N0R^gjote%rT$mv;1r=y
zNS9TzImPI_(79|+inD!aidh<NzDNT3gx;KKLt}-6#8{=boY^$HM{K;M#3@&NrXKJ&
zzAa^SQ2T$Q=WN)k^DWb0+o49*MBDuFn8)g!xVpJoRFhGfg2gxG1fp2wy~i}XhHd95
z|8HTKhK%DbS`nC>qyM}6$rOJ6LpD;pbM52Tt;MtZX;Ar9wXUn*Y5d;sG(MWvJJVWT
zl*efqgZB{AU)VE8!Ooz%vPEY}bkOx*>*9dBi))%Mu9cw>S_n(+;xx4<a%nMZxu;_P
zZt7D3O*P|O-#-5LB|*=2pi*)hPm@c!7jdHL{$OS|CHP|H9HAX8gOmA{`?sk4RMq8o
z3tfeHg`eN~x<7)#l0f2@Z_HUs3t6Uo6L!xas6k`Citse)3f}+BMaAVRN-y2DmeIQR
zlJ1K8+~$tGhSYRKYE!jNV7x|VZ1<wr@wi>VY48lKN#^2wue@Q}QnCyaj&0Z&uf6yD
zdrgPKmn%^Sdr(p2%!%@a)nKdvi*qDb;rGO2V~^Qj({(7GV5egP-8ikEhvQtT#ic^-
zhggd+E$(Bd-Y?BqD^}<@od%k{DN=ZyfD55wtv$1=2mWJ1xcyf@D2Mn@-Ne=Y!|m-d
z+<Iwz*5Ik!HRwqBVy&rs2{nfR5}o&FKHi!*$^E1JL;LTarn(nbMfV@hZ|WjqVuVGM
zj3lqxKKE3FubZ??uKYMQO`fB%{du6MXJ+-$rAz3yF8SAf4zrcex)x+M=lGRBDy|I;
zdc`UVaxk@77@8<wg{oJ#Sq$u_OfPai$|9=6iB(7VT;ya<<1?M=fqfIeF<Q!DbO#@3
zYU_92c4_$kR&)1Sq|hXKdo%PhKk&~WFsE&faAzPZ7yDC8R=08JQIH8_KEqAf6H|4P
z`^KWY5mSzW?#5MLJf0eIyn&xymKwAFXU{SIMQAvukn_)foUUv~h4*vHsZ|Sd`O~Xk
z-f<<rM{18bT^073YPOZp*v=xj;9e~MrP^KR_MYQWWv9{CJwNp^2ykDCI)9~q-URrq
znmI_T3jI9*tAWX`9A!q4*!Vv8`TV7!r&>-xLAN69pt(dJBta?3YCn(hQ>6vX_CXix
zji)3PJ~B0!MEY1dOr7lerV8y2RazSIGQ>_O(_GS@?3ew7E#UnQc^RK*x~~gHi(%%-
z(Uc>vqm%O{q?1D~-%z0Kjq*T<P!KQ&#~SRv>=d9fc8@7Z{q*QFOQ5LpT8G1^HRsD`
z*RpOJ)z;wgzLmRx<-y1jQD4#;P%;2HAo|R#9Q)>dur=yE(tS^@-JE6QQINNY8!+d7
z1t2|0F_cv1)eXnuaaC1?UGSAQsV%KPLEWE{(@5aR?rMrbjQ2(R_!C`LjRU1INB$p{
z3`3_BoZ;J<)pk6vW~bNr5sadgGAe-Q#&8+Ci_-Qhtfm3pKumeg3+b?bqHE7z(?$c#
zk}~i7x4U$ux`UvEMy?jT*WXQxet$Lwk-lB`TE8lv-D>j)3?ZZ~ba6t4b@+o!Qn5QZ
zd%PxO|2L<Pz<T^ld=&H6gTRdt$@aRO<Gd?8B(B_#axo);k8V!f-^;m+?w3s2Sb^x@
zW+y*pL=m?a#~blMl(ST}BbwmTD29RQVqp548|O7G?~<2*2SPMRV!aDM!bk#ZjM}iL
zrZTBou+W@>{HT2j1$Hn<C4gKZdr6BxewXztsAemX+8Xg&0yJA9%A1$7fD(ZPIM1~W
z9!6Pf3rhso@SJ!W4jdfu3{kDC?X!!=D756DmA<F5+uDjN^&?iR>ZpmkgS_yR^~a3d
z+@2(B8MXt>{^2N6aJmRFT};?0iJ7`+9V0x8u0e6OQ##@`Q(-ri?JX{>H|A5nz&8*G
z5QESr+!S_G2||_$i@EmR=$+u!ElYuX5pgm~KiP5OF%?~SwuWW$20p^bz+qdJ&Li=C
z7Y;W$;U&JdCw&deD6R2Rw2z4QLSLam?OgW7Abm+qBPy3rY7<YvDgCtg3QA(@Z+q;<
z?IR$Dcl|i-6pwElgOmNWy1;QNA*On@`H>d-MRFiF<n#!h=-n&R6>)g(89bd!cl`>=
z&c1=2H7KEcHf{M8hIPL$?Kc(R+NJ=+(@zpZAVJ1mP=&q%vLyP%B)sVn*eg%aVDtUv
zh`<s<*ByJEr|_Gx;t#bCDoaPuUc8I4rAsb(=%BpA(ml?$^#zH;jGdBnd4f*-P}z1Q
zklgJuxLG0|z@j>;B$;4ge&#q;ZVM3!fmT6OT0$xK&QqxnOIvkp;^!)VZ?)6<llcZe
z9!3^aBlS9Y7C$23(nXy$Q*{r4rsPuCk5qte*<P7tWKodZf63scx*W+{Jod(--5<<+
zF!r-PwBoIiQ2G@Ysi4w_1ae*^MJQOes^l<zNV3>^H&&9XB0?NOB`NN)+@KC6GA3k7
z(C}_C=v|QpBh5h(FP&;k6;~w?j;)fb#kDqPZW0-2%*My2=YHH&6#R=sC08(-J9sb0
zDyvbO<QB{I6w}<r0MCngzh@UnB$%ltzl~4KM|IMkWDbX&O~j2YyY^wBfd#T2XBKM2
zv_UL2jH!2*XV|ej%qGBOxq&25g_l>DOOSzR2(4L~!0<P|ry0(dphn&x_+4FSPoF5;
zF#)=h_L#M92SV!HP^`$Wjsl^&n;e_`ALc@<#G~u>AOl~v3#$-Qk>?~OrAvY%{EWYr
zem(z0MJbM{?}IZ3O+fizCO<Z`2!H8!{Ll*$@=gm0yEbVBKboE}dY!1c&Rf9KtJdsQ
zpG5Vb&A}qW8_nN<?yPD<u`Y<6Bl<P(6P_S9SBO7GM(v!m<k6Q>p*D1x=h!)SV;j+L
z@WGbr(-=Cv(nXI70zuW10fD*l&9B}qSmrXN)O3O}bRXS~t8N4lvrVWGFV^o1|EPl6
zlFheJ07g-8Z?X$z-g;F#Ii^~Z3-70}B%GQA-GR$QZD$8nz(J;Y3`%_*0OK*tL2-BB
z*w12~Ii3e}U2IP0Y96OC#E>1FRu>KKS$+-R><0VQV;DIJUwj}hYD$jZayK^XrF!+$
z*^VDbUQRnDZtfTK<ZCNykcpveg|_EKsvM;5p%0IP{R<5NgH{lr6H*NnV6+JJ1+9oA
z*t*f(^-)7a0d@$@f7XXG!T!#%o5=7`TgMNNPW5f_i%9``$bge^@bWJEbv_PN(Y<mp
zD!>(~3f(mCdBYd$f+3co;T(0>1gqn;b{4A|_O#=h^;b^Ml>??VdK?|%tmU*_tT&=8
z#VC8esT+6>bEft5sCi4PF*ja#`kttWUm=-77<oOk_s~B-k2k^2H=}Bifx?uaRl8;c
z!UIFYE2+MLY%8=Rs(c5l`7iAd{2ck$M(cWtZkBtiS@s0RZ-E!H7V6r?-{9Jcp;ity
z#9sv{E;@5BA|O0R-l8&q;8t431^hcl9F<fx2X~1O^Lh*uNH|)oH~a)wxqVYvV`$PH
zFLHiV9^ioVNfwi?n=OX#j^1_Mr8(fXb1+Leb;lIv5uu?X_Noo~S{i%P6j}9MdbfY?
zhL{?{Tu)DQFVaVHpddQgE^$Y=TI^mlPCWG073<9`a{P&zUHJVFf5ptEq`U7`O-|nL
zEhUI5!do|SD^1$lsV!cn;AFl^JtHke)Zw4Cj3%L`n?nz%i6vm67TN}kiTas;_Gw~4
zUEgmvog)ei18#08CsH59=sdmi-{kd1I*kghI!K{_(UZ&*ORt_j?EL-2{Ja1$_Z<rm
zr-1msaS(Zp2sdZ13hkrg2uVE~#QP7Ubyn%5sIWd`IjeA~oGe<oU!o0?n|iqmu*z6i
zZxMPCvrSLFi9GvoUXRS0h<^pg?KSQwd`k5RGkL6eIXwi%4tV5O!))3=TQ7P2xPWGH
z@%IRHavITs!E@xRW5Yy+_!17~-xu2E_Qei84jeYYRe~lS<QOa#+H$GM&Ay@6+}}_6
zra>S>+O;pA_npX039;ljm4;A%1zMj8c)LYB#`O(SWVmhx={WKA(gRkEr$(Knz)ljF
zw9nA7!msn>JX9l`fL7a0uZ{kGMCbLZ-nR6MRbo7-FFHbRqo#bzZc$WFr{kv6r3=(*
zB#9PiC@qtV&ywUO0dU`AaW+CE(@yHv$Kgpic=>4->R?QT73~=cf&k%TLuA`|Mv5?I
zb+~?Kn_KH5fS`_y@$n?xkD<Av*@CITI7Mo*^nQR}z{EDXkuS}$kXGNwKH^4-wo-Uq
znBvpM4(L<SxL#(wT#lQA-Okrw`xusuldSeTBnuUhN16oX&xu;8+ZHqdDj2i96R(a)
zo)}*tnZV#2JwSm-%Ip@9fkcqDVan{d&aDQ=dl$KdGSZ=<s;WKdprBciy4*l~qKH6@
zz}Ov$6dYYgjH3IWqt_dZ7-%JZ&yaGV=c7f;bcG4x@onF%p|mIM<XR|^y5&R)LGVT*
z$zbR}dr>;SSW+0(UD6esK}U`jEfAV=7tRNGNKqA@$6(#%PPy;Fb2Ho7P7x2nCZE%a
zVboCPo#)h!t3q7m;9SVc?lOgkz)N}vFr{LJi&ow_hpLBH%hQP2k>*~tk&70_!^Jow
z613DGu!(sGAM{C1Q9@QxlhE9n7LCbMaHlnJtTrwYmYmfJ6E$Iar=)c>Hp-C_Hd;})
z;KKsVcI|9cODj4xGyppE%AY;&+3v90{9_m?35}6<f2G7zph<rmw}Or4c-qsA86DBR
zp9n7)pG@>w^2+wOOde|4G_DnJvM6=RKexWr;WV<cR#89xNusFmDPMGcp)@J*T5!*O
z+mLv%-^3bki~C!3U!PMSS&l}!#$Wb^^N+5-ed#LCSseE<btIKb=kpX_DJx$Mj;tu7
z^v@hoc#!QRjlY-HC9H+Y=sota0oNs-u5&|J4Q@n~=Z({axY)7+a4(f|k*qhH>SZD5
z%8%KN*g}J)>eCOHm<mJGwW~9rqG9Y#;CGmqE@7E~$qj`FsSW=j7U^En2UeK;56fJ3
zu9JexHd?|B$ZW3XU>4`o!>TSx_r8+)ZQ-^-K1cDhLq_v7<X9SGDBaG;@{lkEMY`3?
z!rdPYP$V6Tcfed=yh1Qp@JOE;CH^S)%g3%i%l6K&uOe0RiM<P{9u<qD`jq_dBlxth
zq9`c+^2>QpH1ogp@x$#und;5?Bs8-sSTLb_8rilkYDu%YX;)k4NwynOtjQM)xo9&9
zK2(?XNOWG;Sa!iE(G#fbWtFt2!eC()^gSDnlu7@gSrz-puMOQ+z8KZO@;(lt{v2M!
z4)(f&i-C9T?N($eI4$sJ9Q41ow*!ACa&c*?_Y(;?V7lAm6CD2nKT^?14_6!&+40W=
zTf`Hl2l7m11h=0tPRarNEa69j4z=wQ{!C?0iVPHj$-P63s!I49>h=I+(0xb3IW(1R
z)B=h`FW!H_)S#-#;C2)b3!a01Unk1fe4^R)nVV0QIG;^pL6rIU!~N%ik<FtwB&VbM
zg+Q&hBUw-ln<+;d)KMYNnTq5b>RgEo*{YFHOyV^eG>uS?!w}gM=V!i6HoBpC!)Mvy
zksgfoeYPdDE4S7jLm`$S1Ub5Q2M8`R-tV;c69Z39WD1jQrzsY`hVF(p?2vY%#A9BZ
zhyQF*F2sOjV#)Et#roPGx96p_vFh%EunOp9v0=zv44MnHd5cVqyC*nEgA0WA>t0|?
zxRtlIxPed#F_z=WLT`$&vZaImz;=R=BJoKgesLlN6R5TUn8Zy;dcG_N+bL>@LH7|G
zalwvIeu(t%%|89g-N9_0V;_Rg-^1)a0r7vJ<6g3@ft8FTehbA);Q5ash(~R+gY1je
z&iV7=bwtw^?GBG)jNUzNlcJ*!g)y2NGTAo1ZHU?*x%!9?&t)W1ypTo8&dNno!QomB
z=iVc0r71~gD{+17uP+|;$G{(bJGC$CJdv1-RLJCp{|!<d!nyT&g&Crhr})2-ZscpM
zh-$$MkM}El1TlSUp9E^Z{|49|Cz;mYgtC3M9k<a)zY8F)F1YB9vS;NNGQvA5IrM)o
zN0EiR-pUX0`GTzaY^6=r2;(TXCrUuPjR|~ecm`+0b72Y+{ETz8@&gdvnjTfZ%t<KK
z^zuMW3bK!pq69sW+Uw(j(VcF#mfN}VYBXw;G=pFMoB_7)O-}2nI`Griu4j5Fph)Ve
z+vd&Xo|tas;l|cAY5%et8&T{{bN>ftS596##)UYwF3G0{p=m?29jZae(q6o0g#CV-
z81e7zQyz`)ZE{D&KsE%JN5sS#=jX(BKAMjG?4B^%W#yE~0>5B-D$W=|QkXRDesi1T
zE@BO}f%w~b<pm=MD`ls|KYna7oUA{5+|@zq8PX)D^2E{bTw%6Ax<-0)j#HrBr@T(k
zbA7;_RavLM*mW^>0S;FTLvK7KSY+(l{t{wvx67Aiej2=cOyqxs<?f#B4bamItu2m@
znCJ-M*A^swBie58FT}c1^{zi2_3ef&$jKnICZ>bigk((p;w5{-#aZHRY=Q7|W*ekz
z(Va$C;xHO0m4O@nfs6%@dt{fXzRs<j5HHB&<e4j=v$hw%EUXP1!j~I0ZEp+oZC%g4
zmG&b}H65CS{rtukP19Z@=LmJ)f=n%Xg3;LRRgWnXF!0$_$w-~IG!ZNU+q|Q<;DGj&
z-7_Kk$C2M<S&j2sJT0)%JK!WQ!~<=@$h3<N%+DvQ={rsb3&rl7EE6>-{u)`*D%u4b
z9A*_O^P$6XnSl6NVO)2SMdC5dch}WYp#GAn!1-SS+lr{IG@aSq;!i?=A$LKk>t6@8
z2c)$R9K`)j?=%s5cT%A~X#Gs~;9I~gQz`#e#4R`@Vz`mKHEXE5Wr&>L-tSU+$y%&;
z*g`WXBv0PUw#sur4uk#eHfk;PCwid5mp_R1W&%((U=WVd#Vj}du+;f-C<-45LLs1p
zR+971{>&Pan;4Q7((DReaGS#lq05tPL3cd~y32-;36G0*c6K+#?$?*C#o)fF@`kSv
zV(^Ox1f3F#Nf{sykK2gzcDjMB^}b2&=gip)M$7y>OF!@o?L+hizxxgmlDj!sa)12!
zl%C>x8xYJgM^rI03--(Azfu9cg>g)T$j_0z!U(<QJd(SW9siQ>e*1wAcYxs)Licq-
z(BprGs){o06(DN$LttfxVjI>RPY2SvGSGh3%3V&2!j>opU69gTz0fR>-wQ|$FYczb
z6uCfwR0GvE4MKA#nKV1P6}fOyOOrqK)q|s}Z=K@GDV(dNi_OZp-nxyea%=0yToPea
zlma~$&FmFE^tG-!9re#l6)44RtBwkf@^FFQNw#*?5FFg6-V%xhy6)2y?rECHtOD;V
zA!tgU#%Wwr9Zm}ne$!n?P%_w!i3J1O(S*RnjKCyj>pt6g`~5XaoJv1rLTC{DhftRp
z692D<!Juxz%Ra(5&Bk|2I^z9~p&vyC4AH4@b>$-Hm($GrrT>VgP%v2_Uw53x_4uD0
zq0;^c_ziSBej?(wS0JQ95(*va@8x}d)Uk`ga7K~Zoi)Oz)acMl82Y9J2@U(U3x{We
zNv{v{)b@@4P*NBZo@YIyfqQod%h_<ZokeW>Fn3muqXsf=EwpB710>I-=y-B49NsP2
zB4?ebhZIIw4sm(AX#Cz#)e*5X1OWHh^@NLG$Q~#V0gxETW9Nmc25K!}vZ&Cz1#Eh(
zuY*hro~?SugIni`FQBF>F25O=@+C8${!#H(Sa7F9IwkVN6uJwddY^NoiZg0LXVs6X
zRO&r>k;`Hj_^C`z-j^WTeBOj)i<h!1KVc+Jdi4Hr8s7roS24##IS%7ustQ56lrj>*
zhlg?|YXDIQ_3s#|-uS8FbsExs;kLvKv_9%Wxc`~iWt{0MlE6r}_>Ab`n8&WN>MlLt
zIW<mwN<>XvVL_)UjZb$w9?xEP=O|2*<V35+X2#t~1O=MFm@{HK$LRNlB>Qp6ZnGYt
zq`ah>?&*p$#suT{I^vq5dTBsjL4l$!?#|4lw;}ZC&=kY%!9RA70TxYbQMR>N`m}s{
z2~0Gnp#W^zf0xp*w_O$09SZNZ1G<`*^9xn$%wvcTZ{dBM!oBoTABS(IisurDbLvkw
z9sFR^(a|M#j?q5D>V5HxiwE)Y%Lwj0$5)N{JdaQV@B(auJmX0R?di(dw){w^=oMle
zcgrBZBK=aY-1(kig&3N#>qGAvSM*E4#N|z8emnvu!UjOb=WfBm*QRZ+2u4qI?$8Nr
z<tLmPC%pmQ<JoK~S;p1y(0wAs1!U&O5t>$J_COfWhuWOt<!4soX-))05-FLIzYCKm
z!U*-ZrA|j{I6vHdpw`AR6z>}jwqoZl`P(IJ5&8>T^qh>oEF%PG)yVQ=+x-Ss3!o#*
zmdO&+?n{74`CHMFzfqF#f7mFj1ug8%En<sP;s*uolPRa#XjO(hzs%L16?I#)2^sa0
zWlv@Uf;9wiApmMjl5#$C;`A`}a^v%dTDMHdsZX44R9}zDIzQ{oRbQwuUE$6v1*{ai
z{fD_KbztHY(#I>3BGA#1s&2@1Wh<;;FJ3VOCSKhFzcqAv5HqtjF|qnTuiDWM9XQLx
z6Kvo2_C|uAKV^RFT8U9Y2}$1^X#B$Q;-pPeN==RZ((b(Nj-AKIX=?b{yR}d0A*cXP
zmIeUjqJ*;EzruqpCJbRJS);a{Y`J4eYR#4)05o)gl?Y$Hy*+SkXWhSB)r8u$4$*k;
z>^o=OoQz(_^>qg4cB1Jk-6z-R*M<09-)Z4*N?Mleih+YFUHz6o;%zam8odlIph++X
zpp|RH*JdQ1g)uPf{}sV)?$@b$7%AlL7_kRE=pBsCzl_#!f+4Nf-!@@dDfO7AQKU06
z0iQ(*{Iik*sd@}g;v?<kz7hk@%nW1+x=morf+c;T)5S`FnvP7ov3Whq5~9jrDM1Ji
zra!aEW$s$0Fddf3SsgKKL=)UzRjdEH5e0bZrUE@PMW-zW4TK5>Y1A4*64B;30~U1b
z%(yiYItTolOQ(O{Ae5o&2PSO?KIw$lF53CnVITt<Xn!|29zi(8GU+K#Nf;DOcD-Bf
zP;&1i=Elm}Ee&z>Wh?#Is*WOm&V(v`r_Slxjbkb=7i#QM_$92i%(b-6w|cJ$T?bZm
zg-&SjN0t<GWN%@|>Ma;iEqBRQ`#l!+y;)zjgOL@U85=yheR&^Ok4PJTg3`nM4v<!c
zQ0IzoN}OaUeudUae{sx7=ZqX}eUUBv4s)UyElF49DK=o5t@5BzL4)#1FAvnxQ;m`3
zh}IARfK|415wO&Td9{(pPTAeinNC^7_B3H<eo3R<M5nm(E&m32KX29%BqbzW?C!FZ
zNbC3Tjzuv2eAu$GR=C02eVKX*XP~~odI9eW^5>F1gs*s?{X|-JRpqB_oNO>PR+9C$
z4Ci@OxIe6L(VgU`#9NngMO(S^i6a3)2j1t+%yPlVOX#<@No^Z7#&?Ap6wuno*L1(q
z*=(n6w@iRPT0ng%BYB8fiyRWeEZC58J}D_?9!XhEF@qj!A`iW_CNXhVJ`RONLK{di
z`2&s}(7QGvJJ!2Ud_0cBdzyz^ueYl}mZ;)d0HkfER-K_n>Q4el82=>x4Fj4Er&{Pm
zW?9m|CS*2~Sm=c(9C>opA%5oZgqej*K&JssE@aW*J#ZYw(Z2ez9MlE4PJo2}%&kw+
z_?0<N2-v@W-s9fKwW7#-|1gtaFM)oiI*0ks1I&0prll`2)8OW1AOcvb3;YTPl3M!9
zQ2^~=wVerwTIFaYqS#{~8`csI1SO9jp9Fn!k6u)KZofY-YR!QRs3cX(u9)~w4)65m
z@sT!q6bOykv^er+khu1Ypu}4h!xTedDE5yjk}mxgvd6YUzK!WreZk0ZIXYdA7Rl24
zB={znG$%6kYI_R_v_E?`J&5Q}?|;ZT@^9K<Ss+G0m%5}vokg1cnHHxuA~5mcw>FfM
z;bz|1t=xe+if)U=$8*BlW4FmY3jV_N#7Xqna9r{(+I$L&Xni=kb!!duSLY2JK`?Lz
z{deVjiZey!d9KU8H__t-SE&P?{bEKOUR@~`7|_M+|Bx?Fm>&{!?%CcN0#$@G>LWC+
z0az9@bjZ@S(mpL~tqUy)z9%c0+1px4QDab-1!3<_>1>d41kdkyXJ}#CP)tWc%%9oO
zhE5Qx-MRQ2I6@Nma-g`zG4?Y1+9qiSU63TECzObO8VUVub5^7G`dJo~V{_y-;~@;k
zo5Z%S5QPl!3=rvi!erlnIdOZxyF|s(!x!QCWW@oXp%Kt?G*d6gqI}$3i)`~M8+r+A
zS>HYpVSjeN(iH3aOMJzc*;1DD_>RIFj_Mc2N-+|1(2$$-zZe>Q*67TPLuI-U&##g6
zy{uYtDggp7Wgmqr*jlidHcM9~<=QrtG?v8*O@Fm$7~MFDpRu0}uhv+Z$Q<ebPK-+8
zmEcSh$}(6pB%lIL4X#wdZDJkolmnRig3{ibNt2L6)zN`p9&oxI6a>6Mw_n4Rujf|o
zqq>h&Yq@oOp=Fnw1~<7@_uF6vL$i2g27cNj7uu&Z_gfexw(mG-hB&Ygx%NowwPq`y
zWm~V6IYd&QN5IMqR&Qq{nI*mOEK-y|k@uNSRoWJo4~ga!*u!-9T{2C*E^+rJPnyLZ
zNEF>hj^gCjRv5O>q^jE%bV<#u5vxG9oQ<Ps_?UQx;UxK{v1>pDgSjuC28iRhTMur=
zqWTA>e(J73uM*{>xPVit<h(MB;VVf2n1KFu6e#mhl1v>G47LL_u;3P)^5%5SFxuns
zVg||_I#+y&VQN9*ksv>kj*UF2ibj?T&)W97BDND1)1<S^rE00!`QdWZ;vFqz(^mH;
zq-<R_lLP6&!h)ckqG*l!na-dco+q&^8N2oOehFUU2AolQ&6ri$+&piCREnaZGVyFe
zGfnw8UzUy>-Zkh0II=rAh=$>`U2E<PFRm^F!DlL1b5EVppC_SGgYidcSjR{f5#0EA
z2Q>M>P~}m-lon}(4~zM){}5r!-i->2((Bl*Q2CBjm7jkFZY9+Eqn?Y4IohkBXkybf
zD~>(9%`J*f$bZM|ZRdQC)&pJ-pwL8%`4mu37O5PHYp7i7Mg8R?L<0|+=7Um`^0*8a
z;pM?CiMox(_Gs9@`SrBop;OD5+vyG5Hn?KFT-jexy3OzgaXvBz`S_0A@vE9#F2UnN
z_tfH%4TxMfk#8ue2+YZ2zkRd2hkmp~H%P!`*!WdQR&ZZ)u_(O5l}a51<W4Cbwjdw%
z(J+7B{NjdC+qRl{Iui!c`4;`F6;qQx8dC@2{JpX4kOoq<mIB>OZ3((W8Ov#EYg&r}
zn=G1&vohATW10;hc?TAjfw;-Zu=?_b&N{?*r2EhM6Ylp40=p!=YxK_DAQs##K4^q;
zx${HRNgY*ev--k(;Y3)i(Kl`NVNX`NHczed7fd8_eiPz*MrFuE$P-*phuI$OE1YN&
z!Q9>y)Zk+}$?+pQP}tuSGOYnRG}u$Or-6H2XD;CR<HB{3{qGm-q;}{EJZ_L<!I8(#
z{Totgxv)^|(N*r}>W*0Cr{31rJg)j2olRGFNOt&($z2b#-t$r_=lceQo*PWZXZt}9
zf0dtHveNgU$D4bQ(}=(&rBw4Y%Esm!0-q50VfI(>=45dCUhCJ%7I4gn;Q$TBl#vv-
z+0r$J8;nog0uA(<ijT_fEvU=;&81YDy};4&r=GY3>J4aYfD8t|j2(nxfW~%BOK<`a
z`48qzRH%h6B+*E-JaYkixbgghZCPU1$kk&o+ei*v0TW<-w-X5MAFEIpY-c1((d50&
z#^vlRX0p_3@KaG*(3U9|_NsCN1fb??KyWae_7THoGB`~q6u*eqseLjc?}Vc%7khD5
zvt0T3%<60JIk>cq)2Av2S7!zl|H<S7fhLa;hmZC-iR!Cghmq4%xb^`#ryIIHio>^r
zq`>0K?}rMREuY?(->e`BEyzU1S?~TFNJF+t;-V{_q5q;T+HqidQvtv@;F)^(OI^f%
zaUa&sEzE_?0_1LmDkMb4?i=!vBa;psbVx3N4fCu&2s`i>G_F+C$vXq@aAXo}E-ZOI
z6ncd#QuPkX8P<U&TRM9US=2|+NuR7nV>}-{#;=fJo5hXb<EFT%yJE#@rI7+~87g6~
z_fxw-3;*LSIv(sUK-B@QCxWl2c!fxfb#TN#)9%rQ0%NOR_|A>FgPN7bJqU0(9%Bh_
zm-Ug!a0k6M=)9uKEs69yr=>VMSzi^+<Dbpu4Vvz~XYjEWI>puP0H_J0>s{;<P_M|l
z{`;cCZ&H<`1R4aS32C+r;;S>4WO0%~g{35?tN1j1=61$#!ucLhPDomj$gM~fmr^EC
zg{N64jERlN=WB-Nlw`>}Npu{$r@?Q)R~>a@n@?m$Bu|$}dx`q^;FIMUim~#jOkgTC
zN!QTn5t`(PGWFj`3Ylf9Ik~j!-#IVrY$r%12e!9?t3Be_49ymYQt~gl>EER8VNe<-
zhr{wR)@1UKf;k7nhZ|W>{Tg;p%rAm)WSttzc$@3<U~{*y_Xw4^duP8kfg3MtUlM#E
z(U^r=VF!LOTSNo05mchG{z1`hT=nI5+-^4W66raCxj3GL>ac524s3m90X7@2bXs<`
zOlMqD*mBZ}nAuWnw`6EF?OrfoCny?`A%=lheEPAHQU97xD<~YSpkM$T2vl;8e6zS-
zJ+FFYS%-8s;u;5-jW#B3dJ-&lz=#USUqtoXjmsZ3%vp&PuP_+Mx~%s(X=fW!QkGjc
zKQ~2$fug}RxV2@Wk7z&33MzaUBl1sx;hc$=7~6MBq`XiZ3HWvk-B85zJqV8O@F;8g
z2{vaE>(O?%2CLz@KZRl4V;+%Aos{-+w#0OK2{uo*W!yp>8zL(R{EC%cV(!j|e1WKe
z!JesQpTmgpPIaA@5;#ueI*Vb;!wU!8M3Yi)pMCkQw;pWE!1)50G^rj(0VK`l_DkSk
z$cANb)=Q$4cQBlCc8p(<{>rB6+Mj<N_@Kryl}hp?^z>X=X7x|SuR$Ib?7sxeN!0VD
zr~}}Nx?;rnhiN0H8y(|~@`_-iDHHr)1E3W6GW6!BHQfUn+HHqgW84-!JQA^nYt@>c
z?i>`XSRY0u=Hxi%fBM2uHvDVf2$ydz^e=4e;1Ox&zShaDb2xpU_iXsNhzAP2eL_i=
za?0Byqern%xND@4GYgJYW(?$N_etKWz*imZ^VZa1RJ--v#{RoT`2jGLx|)g?d;9>a
zN%*1Oavc@GHoW<Gjx^tJ6%|z6*Po@ePn0-==(zb(2RlD9p&D?yVAcwysn5OU#!?~=
zA`{~pmb&AwFb6rqs;ysXX>3Zij3(0k$UV#%gxc%FO=dAp?D@8GKyRg<Q?vvGQg2Q4
z1WmFzUX{4g^fbpW$x(A*fojI;`jRIXpjS}WmeXQJjre&a|8v*?M51+WNTE5|$3G+|
z?0DF^0Imrdfxrp}o3sj(s!2&y>nA-Zm@L={j<Z1nJZNY$?RU7Udvi9{{_UI08EJ8|
z*99NC=&s8Qz33fCU%&<818*8vUo3YRWW<a*{N6hHGXe(-NB&mA2*Y-VWuG}di#z$k
zRVdOP6alBXT0CY2Vrm{+OEqa2@)_6wQ#=Q=RRhtxX+teL9ql&iDPM-`i(3ozKsMtz
zZg$V-)HwdvMcXX!>`8K^U#6na0U26{2TQI8a~fw9=UL%p;OfAWR<pPK90Q<@G+bx|
zK90)hh1-DO4(lE3b1A9#cbT2CGt*y4ck|erxYuE?R8Po%MXi+9hQP&(NO^d%w!aO~
zs;n!x1v$*X2CsF=pXkt0FS6bMR#@NW>Y_Z`QeKLS-Z78wh-}8e><Ti)<_EYHzd{l<
zCwZO0-l>!8;BIPmWEHF{ad@esZnH>I6brbBiRK=4W-IL@wxOn-*FVkV#+k@ZyUa~=
z$;H1*(!;P9=I_GAc@Eikrd{BFzR7Rn=(MTU;rM%~z;SA=c_a%}$98Ic$p`ZPW`-UO
zO=QE_wlhPU{%LUu8=l5(wD+XRD1}CxuJT}?tkwRtH%H_C>e~}Kn0)o-Ja57?7$U{r
z&Dm+|Sc8-)m!DpQBr{R-dr51&1GWr(b@OJaY6Uf|TG`1OzJ0Pef4!Cy!$#1gbqmM4
zbg`@Ya;l7Vf&Yxe0k4%NG)=#^-{mpx4Tp8z%GIsN4H-QXH&I33?T)c}^xs7(aQb@3
zToCAcXzb;R1ujl(eZJtwOE^ze0h-C`hSeZ*-TN!4>LmSl;?`op5#A0)4M+zC9@_SP
z70|Jz1{@uZfS2?-tVvZ(PLx8pNr)$LsnbRB)7GrhQLA;E`eZaTsl|XkXq98r`~3zn
ztC}reW&ecmt7XSjtmS!J^vS2d&~&8Lh47N@(-qd=A7>Pwlw4EXZX^`!^(X6rDt$0|
zA;G=IHYg9D92n8VUSL$@xyKXb4N90%zB=jk{)G~)Wt2~BXFY|FlUgv4c=MBxah^WM
zme%)zX6zpdG_*r&k!4%YNo~aBtWJ|&544&FEOstKpOSH|<UspN5Y`kHDVkv_W}znP
z0I6AnVD0uPm(li^>JD3#8N@O~AIhG-f%`;eD+^Sc4*p2}_Zee(mn?SK6IRbcQYe<D
zXgnQ)*q|_W&UMt9HP#n-@K=j3(VZe#4>&dcyQyOV{TpveIQyHc5liR`!J@xCO+=oT
zD-M()X-I>+84E$!r8DpYwpcBQ+W@;qTf<UcTIVP)hs&>`UV-E0JM8Im2`{K`I!fAf
zPQd0Gh!@LRs)r`up$c)jN(*kf)viA)3M2*?%|+NYm$>%>6c_(4NK^sfr0s)NEB@Mz
zM;-&61EB;j_<YkjF7W9Ii)TLu|F$~Jm0iCR-A`U19_gmAIm0Z`-Q<~Lv5oth>#@mt
z5n*$0u^P-PF#CfaV~Y~_J^;P@A0kQQkSlWgZEQ#c?Db(=U^@nH;uDa*HiZ?nrd<Kp
zB;fJ#DnI@ix>|DKc+(AE#tZ>A&%{WG*L%56VOX>vpge_av0fbC2^y*@4D?Bs*^@zl
zCa+Bs!pyW#0nZerpq1x3E)p?^ZxlT1<~CpK=;#px;+eF^^L_!rPaAE#|K9`pf{UWu
z^H4xJ_#rrS`1WutmUI{9*;fu&kGQN(_9!dLPHMv53fmSKw)fMG{Y~1T?s1Qa5HIJH
zOTgyy1&8cb8b7zxqiz{D4N>Je#)zhHN7}_PVdKjCZ`A>%$=~mNvT5HZ0Ikg`aw<4o
z0={yCV&#QIZXc(&%Cf83tqoR`+y8HLTcXT*+<Q3(;MOIbfftQh4G{bST^BGI;wU!~
zyc@@?CJ)F7xv`90y7Z|#znLEqw5k{4vtD7oBfc2iT6lpO0ihFuGTHj8>^*Mds_mmA
z90bC8V6wp9QO?Pwun56L%gRDto_vtP+_5{APx~zXbK!LJwLPyEoEwMDG`*uwcM3w{
zWJ0gzNG8Z~qw<1=PcB{N^6bR4mBgFp^acT29y%A2rOe#!$t&it7T{-|NgWJ=2BF->
z7<D9|F{MLo=7op&S7Hu<ajDFT&N<>alSsfI^wR}ECq*;};B4@@^p>$xkf1kH^{{kB
z(4Z)hp9<RtBr)AB-i+{|Q%5rDJc7g%&PL(w<u}kKpU8B-lFC%Z!3@mS<1;*tbcJFH
z+UXe4?SW+as2JOVvP?b<U>Fo|MH5$NMv0<|8P=j5)OBoxWAGq)4e|(3Fn#Qcymibl
zm+doYw!;F(c7{8h^$|Wm*?eDn>tt_p3wXcRj*q-2T3^#VYV(;<{+)q~YOQcbGz2B_
zb0cPakePN_^wS@MNG1=sQMO^1ZnpC?ewUC87o{v`v5(iJmB0ouUF?IDw@7jqSsdiL
zC)EmkvoZWks9QNgE>e3`zP7X9mabM}#o)jx+B;|bH3aAbhYnceAIR?0K&y=leU!6O
zm)QZ4b2+bly*>G6;;a7h91_Zv{IOkJLW|mTd%o31z-|Uz=%xEZ1)NpiSMa4xCrXQ{
zPj(YK<UMb-J(*Hw*I)5zTaa}8=MqMmh}Wn-D7&M|dutGCK4~|4yk4@Ju}Y3}xQ{&8
z(sKUP*UIb(X2r{Zt>^u)@{@0sx2_(3z%h1no?}z@XR-}Z$EiWw@_iFc^*&9glqk+N
zYcsb>i7LfILJSx&J^uznSjq(ZjhCZkYQ+35{XYne>ZIRh@OyczH(i)sUo!AiQ<5h#
zTUv~DizV3KJv_&%@}kNfTs|LG#$$v^<um(u0#tf@eT2m`0Gpb916@V0@wPffDh#^W
zplbNnVcMNmI6h&|J28T#n#jb_k$@|3qEDB+hAw_UGYEw4k8jWYz|8-Ct42H~II4E`
z3i8L{y`!EnE4cwQQ`Rq}frhbLJ17qDB!df~8FA-HbLkd-xW8JCUBG91>k{bt<e*j`
z3n42;ON|O7AYRCWJpx<Txw~8_88uPGhM*EwaUH`O0={YCdJHl0>f7F<vCT)SbAoT@
zY4p_Kc^DhD9-8rhz65g-2x%SvF}j9|5r={6n85HO7E47rAwH&nLG8)Ch-tI@84i_U
zD=tS{b*a0`%=vXpU!?i$L-|nxDx_Qg>_hEIf8qa_I;()Hx^@fG-6`E&(k&elN_UHt
zNH<8Aba$6@OLv#FAl=>FaOU@4oqgq%;%2QG;~nD}>hudz2x&(YiQ|pU$r2D$hX#B6
zHWh+p*y8|Wdz!speELU*6?j=nxJU3GUi*aaJYrO?kl2BY*_pOuL}C_(?+Yx>c6tl(
z0DQ&R&I%LM&AWr);A2-?mLm*(mzhp@jmHOsU#QKt6yqQ)@n|X`dPaa2J127w^t6u>
zNw{1@?hZALM9?M&W<(WqJbS!@oK}rwTC~`2EdG&Q-FDAhXT%(66se=?EoFG(kaO76
z7`fuUv9Q1!5~D|OlRJdd7er{V1Z)V<$ZXk)tI<N@sghXjyo0HDK}t}u(Xl&sMdo1X
zjs7ks5xuKk)%{|i)BA_3m2gfrJewlbxQB9;RsT#Q?H@}HA}W|@ffi;4b<<Fxj!Q%<
zUNuLLXvmp7jKxm^f+uc0XKYt5j4e`5OIj&9`G*AGq&R&7_Kty(;+(6sdr<sf8lqu!
zyOpvS6}r$(W{+^(nJ*Nar<|dA1n_<X)blF1Sc3fpF$a=<osYO_&{{b2n$DZ*@xKdK
zX8jp>7>Pqf{!7^H?74TG>n+D^gQ1whwD;Y+lQ4{BsMmF!P4i8I`>LxMDi^_LKhEcY
zlk;@1${1b#Q{v_<(u;@{$U7WYdS)nub&7ik^V~1WM9$SaIL)N>Fu?b|jAo8$eafuO
zzcB*a3#<x4gA9_`N_@$Y#gnuo;mb;MG(+X+bqLz_?7d+7x~REN(En#uuYQlu%tw8|
zAA8;kwmK{~n^MZQo^<F?nB%{EO2MJ)thg(i<-rJnGST%PNb&3|h>|bQ6_YRNVlRnF
zHp$zOYQQlqQF`QqmosqR+>086pt`Q5%8YfPB@|f<{^~_5AcpqZOD=pjCAJClor*Qw
zhN=|k)$iZA(Ge6+wN<RrdnbMw$AA$7Qkv;P$@PmlSr>RK!O(!(HT~%|ewkC2(v*^S
z_jP#dNdZ}G$O31#;1GXEqtM|Ia3yzmyp+-m(x2L4w49n%KgwtR_xs*#vi3Mz=n1+y
zN!n@f0w98y{B2}SV92izoA-oB!E2C}w<Y?d!I`trL3KW4g+LY?SLi+qMlwLC2QsRD
z9&di8H1_D%3vpw~%r1D~zg5}U4z*s#Tf@x>koBW>Lc_T9MH!9zl*MDh$+@$_4>X+|
z7wM-*p*KJ=yA?X~vieS*Ni0;DVEQ-2(fUGOJ2}PxDm`ni_}Aa%LnQ2bcka>LS~^Wn
z8?&M&D&)Q|MAFYFEX@?Ea+IT|+rQ)7y{jvyioPvG?Ww#no{kmCfFG^WY>Db)Y=dwA
z>+pEgRPcHp(+})|GSXm(Y(@SqNP5{Roc9ScSXED4vRg(EiOimoeu30W26-tE?S2*q
z3v`<^IX?PGW4P~dn1kT)=ut4725hI<o5S*O!CtnJ9X}elO`q6P2&7KE&@EZw=Pc(d
zX)@ICGT)mV;-4nZQhtUGf0$5t{|OW(nDI*bZ^tl4VN#oC?_?6iSPXUoB|wtp=RKrW
zJ(B*<7$ExRrT<m#UFr$qatz0y@-+g0gIoI4OJU&;++H7cFyb%|em+h6Ii!dSCmP`U
zV|B!ov8l8Mr&8oAtHpc;3*Ym=K5!%w!v4!C5Uk+2Z|FibSAI2bmB(MsAGwB{!V0y5
zAy^a!Gt(T?4eO%1X@lyCM%nLnN4cojcuP-3-uAdGF}C0&iRf~_{kI_&a%679>T_*S
zRwZ(vWiIk}^fY6x42zzZnJ8Ly5nICYoPHD@Mxu3YX`p3XhA!C<Sey1bznl146+|0|
zN}*7NEVaH<S~B*i1ohpNS8RGB<ov0Slpvijj)69R<Wv|hJFLvBe6HBH2WUajFfZ3a
zYv=_~@Kn<sDVOkFzq4vI+!9r;2w7}^1}&9QnzbyGhrJ%Lh1f}@&1${~=_LI%V55+C
zgYE<if*R5(3XTOpLHUI_E7V3k2XrC02yQ5Rh0aGp%R3$GFPt}|j2(%W1JEvxA)p|_
z?Ml>`>=5rSr8>w8$L2QDfHA*ZToKF>3ccdhUa%Si-Vn}HtS7<9&c>Bx333uzabyta
zz+fcY5@-1fnp>DcrCt!D-*=b!RY0ba&1xd>O*XQ#6{8TA^}zNyCu<*ZP=pjOdpGlM
zQCs<cqdt&1u!%b7IFvX6*4+yrViXWv!k(jEo@Vy%%WSH;^<IRoOo3f~GU>MTzd<H}
zDU+8(!)BA}EE^DhedYP2jp5crhWLT22A24la*b?qjYI9K^gTo~gLPC0Q5(+G?4*>b
zahMt2Dh9?6AP=BR(cLSuw}?T!GoZjK&DNLYbq&>%8Gd&$eHCcgjg*L6im!$|G;+Cn
zQL);LY-(R$5@7dq(N>wuYbe5t!l|G&Rz;$HLLGSRaIq9V-u{P~K(rVF54_TI1xzN8
zXq)d3kRv0x=kc8>jVG?2uM&k#RucLEY7Ni~M*WeCD~_AlYMJvWSYYn8t_Oe!RBx_U
zlyFW+^#jW#-xNxaK2`ru?c3JF+w#-1&x!jhS&lR@Wc|y{;oFBT=~R%5_fkazij4^I
zeQ!U?5ksP>QSFsmk1a?)-4&t`@yV7U27dY8_;tHwbKE*n8d78F>iKO6{8g_Hn?5v-
z*stL1`FeBMDIs6E<+>%x@8uf;2HsL6F#Uv&^6gvR!oV{~UNQX%GD`0c<ytQc^KDck
zB%WB3#k&1ZiTkumo9U7VFi@6Vk5*pRYX`E|o7Y9Bed}7*YjnsaHeZ|$ksJN_S}0*9
zECV365u-j@p58wVA`qOAwpKV72O~$ntaWb=?gOVK$j3h;a{=sgM4(hT@M6g(VoSu4
zlGTo`w-j~Db#3bB(y5G5x;2AEe6fR44@ys(-6d+VEAcNkU|!Kpn*zWS44*$fP$s&s
zsQg4I*f-uu21V3S>M~T^MlAu{<tq1_7qb-=$7%H5n?0ACwp62RQ5=BtJjR9kcrMsK
z9q<LdMQG*&Lwl*mCH19!AAay<w9kbv+1@JGd7F=lyU}Bm_*8p>rQq-hUu?pX`EETq
zUMo2YC>Q;zxX2v^_azuH{6Gqto_FoXG?RsMVf(r^mV3WuanZTe>unD1j5tmj5*JIs
zFN)=3l_Eu}KSv!u(R3<}BB8%tBu0aJgOc<GcIF?S@tS-YEO5lo5!ELwj={nVLU{J!
zD~sTeTbQuv=JfE=6ea^Cm@A$54f1x@ZGa>Zo}jBnm@L4)>B<CKf495bZz1v(sC&2Y
zbc|GWvQI?%UCRdrBJi}WQ#^wjLSd{vT@UWRLWxAeD!gE7b5)Pd@sqa>x`F^4#U3W|
zacX@>*1#=J13!=ow93#kJ2>JI>E$<)BV&-j(6$}p5mRdjHzIPwPAYu<Y(5)AdETTC
zV0FjA2pJXoBi$@uMhNEB%X6lB@~wj(N<<Lbb_nZW1L4uxzUuh!1NZV99Nx!-wQJ_x
zto}}bo?;$KzL0IC@mCa^;k}75Jj4vrnd8ucCEffKE0vE~*l0g|oYDU~RPg=X*A5@O
z{x7Di>sTdDn(KZrGDsoGaWF8P8-{Vn6il|rdK>N&TJn+y6`*QJ$!S4&vBFzs-MFsU
zC>H7KFzYhPLzF^WiVcC`4a`s9eWhL^1OqydRQpDD0;tIO_I}9RDD!V8A&>C<ZXyl+
z|DxVj1b=GqBhI(}>{GYpQRMvZU5~)OV};Suv*`uM<_fjgVPqijD<iW>S8EA~{|ykT
zMdNgiUU}8>D$UbnR<>v*1EW6}MRu?-S=ji|S}>sIJVA0rG`S6)Fdl4EMS-Iy@a^41
zG+GsLtMmt|v5&vd5GJAqCN1+3-$MuW7g+U}o<r^spjvtB5~2aLlNUbFs6<mSEk&Ls
zO%8>&r3>L9SVN$Ea;g#h3sRtXdTfai8C%9!&~?I#NQ|i(hg@d6H<v3M?I>bGTW#MF
z&)?uHPAH7x!~;w$iOkmk%irChY(f3c4Qf#8*{?#IjC(_<P8>VHG9Xu$O@|cj{L;@D
zd3ff5M;0125!64Mrb%2FTSzCHs%P{3q7n?^wM2jFON)5d*fW@urHi^k_{(xXa!|rQ
z(FrzN)AT6DqPgCm%C@^2V}3se7izHn7$gi0HgQq^<YyoYpj++|PHn7~?N3zT5IO<F
zE4Z_i90nJKqLp{(G<A7`dty=1=EpA7uzfN16v%}n=m;xmqLs5vYh`*D?R0GZ!T<?d
zD~IyEOsY4qe|@Y{J*wxdmFi9ozPmEsT~XikX)-TLA;HqKq4;Yqk|F~kx|#q08ErC>
zx<+&?+~?Tm2o-I1gBPQl#)6+dliA8XL+r6|zY`=vZ5#vPAp{cZ8$HVjM1AkUgm)d7
zG(kY>82GFC9fV_cq+Z>dBFen1hkv+)E~%UAe>cqa&~awy1+f(Z=iGH6q;O#0i5`Lr
zrf&al&z7>Cy}~}n*O24+o{Ai<ykoll)LRYwI(vBSux;T+5Rf3((IW<IF3UA7ykyoM
zETfS21&xk?&5qSR#cw5SV-Jd6<c(q-;G~$`pwKs>Z)cCEk^02<UZKTj*NODa9d*}j
zq*$p30oFYj++*yYY1f=tnQ1kIC6Ky&mT{7)ie@+oJL{>yzJzq62GFO_je~;XCM30S
za9CBsGXCBz*;|~#6$b?0+S9(C5&wo{$nL*sSjB9E4gY*KK6MU_2aK)u1+_BA#1G-$
zuJQB-a*f`NNfNF|`~bx{^GlCr0uJ+9j!q8&;G(|{!5=j{*P3MMhp-S5RtP|kdf)al
zmUlBl1~jYqUz0$;`ah~q%ks!^-6`NOJ+tisf;X;#{eQ<zAp~^(1$2Q4|9BDceH<wQ
z;0%9fnY@OQywp*p#oZ2Asb(mIdHaCz&?IdueuZM54T*=WYH>_qgo*(Jb*sz=Oh5H#
zoUjlZfEGWv(M1Mf3@l-ocBs#ggHGldEw7Y7a>t{P-W3}K!K7jJ>B<^fa0ak*Pd|f$
z2lL4Dq#~kIb*VYA&tOc$_x!k4=N+e=b&f6a0UFN}nBUc=TgBO)k=J6lzv`Q+Y*Ae>
zz%bN=F{`67bfC#Xbvn3icf1Wm+WSy2i@PO(<DVSP);T=A^mL5Z)Y7{wFnsqbfK(^j
z<4nbQ0!NZumeZjg%zKG1PBb%sVF~2ei-;w^{oX6!R$4DN&Y9)3q068!aH|nxkWwLM
zv$Ip0jwH{N=Xc|>ARq>26{x)ptiW@-^-fGiR>jH}u%nZqJ`M}?QAdyN^Hys~50rzJ
zAY#PFSW^DjCUdQ6nO(_&H#uZzn=n-YKAv|JbxJ}pmqwd_c;t4z!$_b44WvJ;-_&};
z^)mdD%Nq)3Iz>U`kNZ=n8`a0G*n-`zdaGe`WWcO_S|l}OH1^*3!bV~AE~p=u$Lmby
zFVarEna)*h7unw!gAKFCQ*ojQp1(lo49M65)bJpWFubhFsolOqd=S!S80kt~4GPx@
zRd(wCfgx?(-%BL4cO>)+oPV4eag5etyRson<$im4S#5(MglJ1Yu;?Vi;)5iquZN$=
zI{AyN^q$3505MtU=>V3#_ge5$_A*dt<??}XMR<t+Le^^&j8`xQgmdvp1I0d0fEA5=
zd`F=bBn%4m{Q*Gg{=vTbT`-k^7NCi%7w>TFP`}%^N)pyDT;kC?0;3zozHNoeSBj5S
zW;!G~4kV3D36{{I+qeG&QL&(yt+)>T8|o*5rC4LkfUL7WCj^Y!v3v+b7DV@2Gn)Iv
zzc;9UBE5njA`(oX2v7_~8=16aGe+Ytr$A=!SM#>~51biHH;+~@Di6uS27(MQDV^Jb
z&CN!hT(u?rGoUMhknK2#3sL;EgQ-Rk0DQfHvqwJ_@+V+FHTZ&asmv*?7?S(FN28m7
zn4Fr|Z4jaetTPqjk@?LL0NvX$>?kI;sYA`Dg=EZAz2_fRh8+>R?p-1SxE!|;-&_gf
z%8KM#@99q}*-aZs0wSLB@P0_|Q|lL6ExvgFb$zCWH^RKX;JEpt;0p9)f2n%+>%qiH
z>G(7FaFACu{Jh(E9S6DJbBiLdqgQ3e`Gbu=?uN-s^gk#|cfaO=9IVyX74fbZ-7yWW
zc8h*gj(O`IFlQI`^H}6_)R;*}x7*f=w3daew<0K=%c5c_<f>xXak}gPXwvo}5p+`q
ziwU3_{W6DKuyht1%;R-9{*7jhulWFDAv@vk4dEp_22Admj<+rGjC6sD_H<a@A=#MA
zC{pW1Xm|%QkrH852S)6z>>z^BfP)A2IpC56c&09bizuZ}sfLTn%LvNVXu60_pyx5?
zmyw;u0#!$f%~#U4W5Nkc8IZUFFsWgLTK$v-pgE7Y&x*Q*&H{b^gJln5PlUYWA4JBR
z^md*!I403R1PU7%USj4f*eyI~Q}vr|WnQC4U@`lmOua*qpu0?xNG`1VH(e(FLVJ}z
z!R0<47$<Y5J1}n|eoqri8jIFa1pz$Wt^-r5(U;n8&W}$P?hqtVvcvdtmM3BJzQC>r
z(o*&^`Zy>Gp@bZ;Q+HuY4;*Vgr>D8atiG23L2HNi7Xhhl^|!*BylFf<N2pj<)Bx)+
z2pchV&U_MpK>s568o*ckE9F1cBJXTe0AtB@Vfx2!&IL0Dxh_;udCyODClXt~G|N*v
zl6~cPa!m(!i!YyAB16B9e6*LJR$OKOReV#hMBdZYiYf{R9<l$>W+Rh{%!2bNe-cp0
z1vJ9VE<GA%SUQ-9?|-E_1}c8=5ZhyhI`-8D4`mJz_L?N;=f%5s9Ew;z>5tdjN3Oyo
zZ?}s$(b#wd$UOHkfIZ0$P6U!2*qI>IAr){U)=4|<w}DQ!NELfDPJK3r`QMNf$qg)#
zr@((0$VlFcL;*tx^}@iQLV*MnJPa8u*bYFnV$utu!%XhNmiz<a(_LzNubePdG30>X
zR%ymRnXuilB5uI>!C8)sRjdv0X-Y&uCLKd|v0sV=0`DNBzbS06i7gJw65%e?pLORT
zTAqN1OAMey$VcoBNZy!ODN0Dp@PJ!(wrSWAvdFXlq(^(ADN~QK3jXmw4%^7O!+(7X
zu}Ai<dO`0fF6<Fiu*@%rhGnn%*Mq2k1LR1QPBhoBt$ZQ_jb4ygLsS?;XS5ZJZDO&?
zb*0Ipfw+sFEN^xSp)_gGRSUq0T14Ft?%R@gZ8{LW-XKh0*vguv^iF~vBHvpN?fdWb
zJxM;7A0x%ND^fMuna^b$H{azN7NvI7Odc!GiK!+l-B<%yU3(y~l5!mNLa_27w@v<T
z4Q7oaoXZ7N(n(LMPjTPoAnp8mK&qn0MCC?))F^*p^k(lh;C7wv#@%L~<PQ`hS54io
zA<fTrfye<#HN~TiQ85Hb1)eA}G3n>2(99>17;1Xr`iFs|Yhn2fbk@R^J+aNE4>Xj1
z^E9*g<*|F4;vMD^IHhki0wl~ub8T>vn}&RzAfe~d0^^6yRaA#b=Tz1TI~`BU!J4YL
zeY3o~%0&r5{#`O=F-O9Kcol2?m1D@jX%h)6D>nOOh8ai#%9eJCgJZ=`<TZ~EsRch|
z2>?7_J_(lo^yLp9$f7Txh*jRY-LJsq`_ykfbj*6+{cn?+dU?I`>rX`U|Gw((d}4aE
z3z$fi9X$WK)1)Y7*DZRcdNSpf)Ae2)>{J8~+>C0OTAp7)pPJs2IZv`>%IhZ$3hAom
zzwa!6i;>H=*C|}l6+DLv`5&Y@=h9CY{-YbYCJ@K<vw|t`rhO1~dVpS8Ei3*QR|d|5
z-P)H8UA4QdBOgp69cMjS>dQ)<0U@}uq}NsJ07^^f&cA!p<b9RQ-!)RadA>bB6|<Fz
z@BU-|P|eo3=U@3P@L&lU2k-(ffr|&Y2J<<-+nTJoc{)7^1Mi04&j_~<A7v{Aq3(8b
zO96u0u*^K_;7edaXTPh|NC=MpZ<-&)5wacWVC4mn2(L|_aOTz}!By#RiOLH`;(zOa
zkPPUf`!1ir(qZ8O=BJ|x+t7^jJ!u{Cdz+s%ggWPM>aE{J5a59AZqf2)&+tbGe>i{&
zc4ji}6H(O70)LBr!O-FL85Kt#o|OaTMRY-0vXjRL6mIYn{;)NoTtN!i8UHovXD!<-
zXB(4nKonZ|+=E$)rbaF*eRjX1{Pk`>7^2$P(op4Q6v#?S550b?>I!Sp%NB7AFT1Mp
z(N5`~S4(Y|nwthvtwS6F{%GsrxbPQX?%zggN)Rnw8vcr}L43^A6TJ0)5DuKfVY>qu
zI?!=-V1|FA=mcsFZ-2i1!Acow>FZD+Hsu_DMKfXOoHWIkb}<LxI9)*C)o1$xD2|L|
zYGTEq$Gr<&1!v?(?`Hsm%#yboB#UjAn`Jd6)}m)R#KHGK${Ytf<(k)d^C28a{4!8s
zGPF1|oM~V*sd4=6dQHzsAJ$uFRB)b0PhKASMDZH9%vBq#wFUkQZs09A&Ct%yGTCS<
zJOua+v+7*sAbG@j!kH^yRWnSjX}MJZ<7HG8b#}@bNz$8r!@2G!`TQs54p|CenHCZq
zlrEGy^9y%}!N%w1?9_OS#_+ulXEPu4j_~S&BE`Jq{YI6w1tp)o;?MGy-fYD`#3|ie
zOZJeCE}+Nk>-YcH#;zWC7^Lt6k^MvBwYiRdwdrm8rMhr4FlrV1D2dfD?&~5gY>>Qt
zd!wdkh#9L)M1y*tVbCl5864C**0IK^!WjsdS)Gta4_}k2Ev)IPTMa7Ja<vq|u(c75
zeTu0Gyc8-jA!%R(0POcNF1hX31Qkk)F#co*jI-<IY2_FBln)Y7nBTzQn5twUjU`~x
zLx>Nsdi=g*Xa{=>Ln0~f-4~MJ{-&O^h09aHYNUSnMN%kuyx(k|M#nGxYJ%Is(X@|L
zD@v(K)}r+M=XM{CdDGUU(xtNPzYBzke-pmN+xJy!-vauegCNtI@A^Km;DzJ)yt5Q~
z%D6|+N|k$f5a<<X_QT$M?l&_$C=;utAWla-PlQo%3SS`9eArg+hV?v^XYoKw>1bD)
z@H(yhY|3;7iX%&Yi~WkfW%qw*5s%8b6q^J6LHXItA&NsGUzo_62W=!0`)^gBc*MJ1
zq8H|P^a8G<v96ilG&u3QNssgZeREslZ?Nfqx==rK&XX-PI6XnN{f>~I<>Z_Jz?k#L
zVolT3T`^PI7>T~c!De#->3Tt&dKC4Qi3<uM<dC##%<L*AK;gb~7#a)$rloT6$OVq@
zGgb`5p)J!*1N_U#jL+j}>DB6*b;L2bZ3Fc6CD~FL3S?Nk-=pebfh!QWj++>*ihdNJ
zeTVs!`)Gnb#T)arTG?(&y})a&+T?6OoNLbG&z+Y=V!mBKD_^5of*Ei*f$voLg<kez
zsf%(|)1aV!tLTL4H)vY=XR`Ew*SPBbRkY=+m?zwyQ%p-A@Uk~rT>cT5t9be=<tcZ$
zG*cM%6D%$#JsN`cYhpDBJe!L`Kkl*_?`;V#o!fLMp}v#9NU<Pd^}kEK>!Hb%=$inc
z?<RNrH=*(fE_kZl#==hwH06%=uab<wTGqJF0?6-5ic^nBxXC~r`gWN}l5~8<#5D*k
zI%Ml+tg8{$zz_H2{z~@?5_o?@N7IL;qyP7v>j$WIHieBfl|WyW0#KGd-KCD_&~n1R
zFd2aF_XtWnU_xRcE^+_T0Itc|G4Xc|2bPhbkO&MPqw)>r94D^TO|h*Gv&~qQBa&T^
zVuqqHO);)Os4VE@!04KdII$sGD_~Kmk((a?iY}8;?R+ALspg^ZfNuwkx07KZyU->{
z@AC`d@wMC#x!%}^5$1dVjssoU?t)wT@QU&DW$xbVkRrjcWz$%J=bh#Qf;xc;X}`gQ
z@Qh}HbLdCuAN130EzTyK4>_Z4uB@AQpcS|!WGHI%fB!jb)ft~hJnsOLnx5d#B9Qza
zxSe<&AfC$mpAr91FwTLy)Z;5w+9->Jx@%BYaj3Q`ZxvK1cwr^{I~ftGH$GUnP@n$-
zr8WQE>AlWxe8>==F=>2UGGQJ%@&MjHKSNfR&%6nB{6FV1-|O@$^VRxS&?;<I^cR4#
zLZIJJtL*r1tSYxUeQM{Z-0Y0VKG9ZBr|VdDQoaljAR+z>%?kQb`4kz5#0wl01i8Nv
zIfIB+PF`z%eXk7ByYR%8X<aaq5QS-vX-kJffbI#PYEo*PgXy%FOfGdp2JUoY8JiZU
zLFW<=W)CWFQGga{0>fWo5XC?9c`zIzcZ-t6wC&YAY72_t;|o3Sb=0F&{iNZv2Q=Jc
zjNzEC22w88UFo1JBYQ5_O2y~T7#B){{-}$j&FdHUFOSx_8HTcrYNfwo)|Xv<_cD<*
z7Lfq~kR#{oqz+K|X2-_dgi`J%B+~hjeC%;?=i*o^Gj`n?_<Mv9ZC8swU*Kga-6&MX
zQU0de`J%jY2g(H2`O;ZFR6!ky`WI=<{?M#D=70aVV|ls&sJ$4gU8b5E5^kXMKrt&E
z3`DnK|0_(B0Ho<EcE+*~&smeBA2Nss)j^1jwLq6zv$L-xVR0Um*lYn4=g+nVoI)LT
zz~Hh8_0@EP1Pz$b`(UyBSn3TqSn}Ji>3jtaH<~DC58RVMUIJXe&cl}LDK;%v7r^Y+
z2^Jc?2$&Oq!?tZemd`gkG!!t}H({TlZh#}MqucRA?71fvqOK{h(Ks@|i%fb4Yy-Zo
zRKkj%Ey6iy8tKBbfY_)()IUgfcwh5K@Tt2DT*EQ24srR38jxx}RZ=j-Xx%(JO@9bP
z?O54tE&2-!Vlo?glqw=yyiouN)~lWH1`a2fUmHKuoJKOXhJ4H3%a*}*)7*#sJYMu1
z6xzm$LVvKmF||+p9hkQzih(S%HhLi~4eX86{jkG9eZ$4bVv9N<X#j0)OH@e|dz<~~
z5t~$n7wkC+AHQ+%)Y3F;PW9nf@)adu;mB5oPbD~)O@zekx?Rf&)W$BhO?RtDU3Ea#
z{cP_#F`%)5|Dp@7C#?c+WI=t%fiE`>iAXzQKUkK29#u}Vl_(g})^>-e?~j0FmSO-d
zmpPNC!xTpC5BiQsUwn(<MVUj0eK3oiq(%Lct|n%-P5<{25VH8r+_SQQ%;Z2_^7xP-
z=f6cY{UK4hL}_%2bx|f}bq!dYFG?tgiQ}#nN(w*<0o=nuQ%3h5pdb`Vvs0hIHo@TQ
z3u9gPa%WL_mvJ+0YB8K-?@JazSL_C(e)s*JVyT@BF@E?MK6N_%N6zTrhQiL*1xko8
z#`y1eg}=B_F|^w|Z5N{dh*}OTOPDes?*!R_z_Yx*mUS@)=E!%K*jRmZuk&C<Say=+
z@ufA)dxy^47KlLU#&$VDCBXO_%5PAAU3xZSAFCaaVq^SqgZVj`fyOG*L2KHPVdhb3
zy;H20@12U*N}R4x;Ct|^g}{g{ZEA2YmMhAzCaDY#2^9y}Z3<wl>_){P;6_KlYV7Tl
z)hhVcWqKEBy+>}d7E}KCUYFy2J01mS#QY@k4dz~2W3vYcv_T$+I!Vw!P>mkpdcJ_z
zH*t)O`T~ozK^GzX2%Gsr?k5S-1Aend2MS{#LVupH7@#@KPnO&DOhta~#GF!aoQoMV
zGG>3Dza_(zWx(pK4=GL66v<ombU8^{z4u&(jGE$k%#(w7qC}ic7{%D?%4`K4Ro8fK
zOO;>+UKY{ph7H16?{H`*j@o!*#CoXT|0Z14K{u7qAK`FosCG~_4?{$82BDs2dE=bL
zSzBHZ53d5#vcc=dRP^jew%|4X4_r6h${MN=&f$HA#`=exfeoPP99(ya!7VX@wUaEy
zCRfImn7I-tYj$71&^O&PR!Zd~yQvo!HD#Ve*ni)%$T!mg!oV?zCWM4Ke|DHq7?SBW
zfILW&2}sr-uZ3NiHp>3EdPdw#(MkdJ2FO+it|?tsq4}q5r=djMV&EXFf<`sp&f0V@
z>x8AYm;K4i#U;8iL!Li$Ur@4qhg-VmtHr^ee6i8-UnHq1gaq-Zz}qb$2~z*kUEo$_
z&)9Lvp3%<Qh5)l|G=<V>55v0&SL?%ihPSzf_;4<qOGlic@Z3u~hT{t;^zJcR0cCc>
ziXF(y=S2CIj1(E*d_=);KAR!8EN{>vu5gOfZe~`5yg0oM*Bw9yICV{j+F5Mrwl6F}
z4naKuPz2f@_ymE>F++n&L;vaGo>V4}4humQ1K(7R>~N<aELE01Um?PM<I^e-bRbG0
zU}gr*eeaeo=f{@(EjZ~mJb0DA3tE~f{mL(y{I5TUk}Jl7b}C~lGu@1SwdaCuQ3`Hn
zO$CrGye(xQ+(D=Sl*(9c<_kkVLg2}_-b0{0o&V)KCH{@6kgqiACnk#hzFl#@6pWUK
zTDK3AhyL_LDV(pp5R-vJmD4Jz!vd=pE(U6Z`i!OpzK!%?xtNg?0|YDlwU%8}x0U1G
zsu&I)n8a}ta@*}$On$b&?JBR&Kb7hbIrZPV2ffkMl2Xra1mj)qd<dTeu<ohc)IgV_
z)dv5fEnr&ZWa%+{BdG+5bpNh(;s442UczNJqWq+i?cH_sG5+D8zk-Nd47sddL7FCC
z)cY+%^UZ0LE=E;3D-UFhQobkzFt()<K*QWd-UX+jtIwP=|Bt9usYl~UE?@&PDZJv0
z6vfX)79`Azft3aN1pw~V1Y-j>&aA%}Q2`)z#VoNtz?JWpvjOx{8Z1*7RCRy{2{gA^
z<oE%d%SE}MT%qn19)nyBnn#3e_z)829mlR|Y7uzkO57uH#;XYQd9%X}=VQ<%ko*2_
z!*+FzK^QCNPp#X2Ei<kA<(9bRmG~34!7GGlXS#$S)#_TMi2Kl{eR}wM0g5Z9-7Cx0
zTY)FE9F($9%AKvV5VNqRi3$%YTrqZSCMpR28FO;B%|gRNgey#U6b=W?dnt%MAb98;
zF&l6$T?n1eVPPjJAUY@w8_7=2Xk(h{^%p`9;nY5Q0d6989vEEmgu`L5n|ZJ>9BD>v
z?Bd!op|?PA6d2S)zO*YE(=&quXX)%nnJIZ94*GwPtsrDE9nrDvwB&8qDcpLzYeu2c
z#(Nt+tyKnK-LvPPfvZkgic_HSM*xmq(zt7v2p*sS_2mmwo{%M@QV0N%*S~=a;L3ze
zTqmpK05}g8-%t=BaE^oKfI$x#o~}sR4skhJ?&%=Maa3vNZEaQ8tv|8eF#m0${m6Um
z^XgsZM_;3lv;wI^W2RoT{#=o;{;->;r#AKLr}d&+;18%LBP-5m2gU+{piHLVb}?Kk
zyYj=YPs6IM#|&*c#xer+E2yz#n?Ef?(>H(0ew1d8ldv|&40p>Ar!$9R))tf)C@cz>
zYP;c%W%H)A3KKW|XYXo8&pv6vf#+%l<c14_AJ`<qmvcG)&i;8x3Lr1kGY$k4Ydu3r
z{*=<l!^TqfMt(ushDG`-am@>ZrnktHCDL+rV*3$F(d?vYy8g^7HF8j#McMH()_aTX
z+i9u}dR;~}N<U?5fs?4s<IOgdz{c~Uz7uaHF1i&VqeRdzl5Tg(1<G}@I_`Wi-(Za4
zr4K4T>f4b;QQueTMK~#@$am}E6i4mUm5yB+AnQW=Yi-zPNty5@z*8`)>jbCh@`ajO
zM{Z?wwk3J^H(O3%rP-5PTszxs6K)5gk`sk_E>twl+wMr6aX%$afo32l6P_4X(mhYj
zuH~AfAQXsAVwGG^eC?j;-*l$z87g>Bg;%vjR~61C&RpAz$c8-8+JPB9slwa$+N8C>
z@;kJ@=hjJW<G`fmOFiV~z1`;LCg|0mozWi0CTLPjjMhj^hi2m(m^%WE+tt|M^@C$P
z>^{1hM}}3BK3nY4Y|&%!b6i)mSb_&@vOv=>{&bu6cs2KV=NVGW9rjjNjargenToE)
zGBDs*wxAe`S2ILdxSPv3Ahvtv>WD@mD!G74OMq!4>;N;>D@BSMZkSN4F{G5R0Y+J-
zAyWl1{bH^?rCqAtT*f|7CLJUx<Y@R4oi=)WHBAHI)<LAoF$3RHjTb&iq>sgS@G|1>
z2a>_ta=>S*N=2nectQl&sB<xh_*;~&xV!vPy_>y`GbYN(5oY1qkm2oMk@QtJ8kvyD
zgW7Ucv={*CYV`g$-{>X;Zs-k@_lN&trPy*gxoD`pUqlg|h}5=hC*IHl37hWz`gnW3
z`VdgmlKN0Q>bsW(Y`GNu4WaUxIdZQQYTaV!l=xFk6>cET(S%UZ3+IApNP^Qy)f}vF
zCJra2qj;9suFD)Z#Sz;7vQc(lIG+L^wB>W#_+;=Bas!jF6jyzAqj}5)3Xj?OqRQJ$
z4FhR(XY4T_QFtXCU%B22rcC$WRoq3d_Ov**GTgpB9K4MNuRT4Mtr<S!V?j3lF-a2t
zz{0nK)q%uo+(uC;p|Y+RZ<V!KhA*{u-q93F7MvW@&Ok<uR~3%FPIo*+86QzFvi?>a
zw$wzb?Jd~JB4s|CCGYC&<A@z9<>I$1v7p>yb}@=2g--*S8K1{%j;eMoI~6SsDH>ai
zr0|d{>FgUhV);|12W)E<H#Eq@<!LwW8;q{@lP`xmd%W;kSthY0dTm7WW_t_<p+7Dg
z^w>Sn9SWy}EG0uozyDI7DtK0k+Y$6?eQGv7-p-e<0#K+(!YGYNM(UkCYPC<I#|_{~
zNHnnL*!j#ONbdBh=(YdY!X`*o+;f+#o#2utFQXiG%u-SGszK!Wn=Bc9T-m~hTtpG#
zh=*GP8w;ajS0(Y7XxG$U=v=i)QPPjk?&6#R<;Ov+PCE<tQs0q`pd`v_{1*H~E#-;p
z@-CqJC{JBjdlhYGqrOR>$p&E16gP5OJ_*PWIl-~0k@RgAGM~2gnJ6v0c-0GyUrwgS
z1%StD^W@d-0*C`^4E2{CKV7nmQ8lGLNN>KcCB7tdm4-lD+YqOPw+w2k8Rbn6X6(W8
ze!kjydzAW~RNp6;_T?P6GvWA0<uUCm8m4(l!YiT!J&u9#xXILoLlT|$^m`?LK1Ud|
zA$%AKXo93B-Ad8}BHI~4wVjn|Xk{W{sv-Fr%OIv98Twsb?BxW*IO|vG<TXD?NgFf;
zr@UoKpI`W%Bhi~4YSLP`1&2d{#^zdnFHp?Nj%G!~*|hN^t<TlgGI)L&rOFObqh85~
z#h(Q$xBECZ!#zc({BF-q@PaM_LTMwJ?4lSu^S|i*x*gKB34>lvRfN`{U=ZQV&7M^H
znD!->ZC(nV4{ADPgOXZb-v^V`C1RErElHS(5B2*tSzTdivKzD?A=9BO+X>ch6m@Yo
zv0*VcRQeW>Bo7nh9Brk^FZDB4e<K=<JfhGZsv009f|E1E$wCcXnB!gb1K)S5`Wy?X
z@=at3JVoxmUvDJ5(x=t&oeF-bI(6^V?eR6ii<Fa^lSkekK?@y*XJfErSTGrtI!5a~
ztnL+Vb}z@nPuW~9Z-N<~dm%#qdkggBU{q<)#6)~X$dqrbl~H>Eb4@7{f|X0W_~Fnf
zR09|to_4>G*4#+Yl)!pA)Q5dhgt^nG=ibnvOoS{jea_+y24NwMoGI56$P=3(7|9h8
z`DURG&yu<EbsgS;U*~g4DDWuQBh8=#&$wzV=)TEIzN^Jdw>=`L;h}ed_x$8Bs^mOl
z1iR2rNzTL&OM4t_f1Mkv*hKNfictjrrGfGl8e4y|>Ntgc2cIsCIIK_cqiA#nv!j24
zjJ6be5yAD(z^{C9_u+cNp=!dn_1+Xo#r*fOyl~sQoWI2Ds5C|qN41%w7*o*tyt218
z`yz}6cds`vr<1feT%}uoWQ*4Ocu%F*63|hJN_`%mDlkkP#uvDG-a#z!LovD2rB)M>
z&JSX0iYhv?m}Uziv7F>(=>@7>yK(risnhk`dE974?_ZGqRT7#Ea&-{TiJycq7{6pZ
zN^*+i-lPK+MSH9F3j>-MOto{=dbUI*Qk*}RJ7b0!4o1wNCE~S-HFPQAC~2GCY2H*<
zcHZl?5K(p+xRVPm@@aYV?qLLyl+tZ_sc$1IBK`=5YbxM8YWat*EcLrz^ViI+_|1T(
zut`59wHnwzLuWIR0)7A4Uf4fki!Hxrz8EZ*hAd#o(-cv<6m?1YYij!E>-Hm9TYkR;
zh4L7XVM<KH_IZW(pa_R#BahnDN6%3aa{qvxmjn!*PxpwXN3jLj-~fEVR6ta9JyJ5;
z4kF!sA(VB_wC!1%3+bLh53Z8wKjEhOFn4%~;N@aVk4JdCf?WNMPf5Q?myZ{m$h^}F
zA@5+|NBALBO3D{^jhwzqe(J@)6wWMkf~8%X=)exlqV34DZ0{uI7>nlGdz{g-Kh=2&
zDLY;?7ITsu5Kx>NAn=Yg=nYrVg%2c1^UNm^B-LrbpsiM<-Ju1>SIsW){wn`@?1+<~
zZ=PO!5ESPSCE1coBbafIeI$+MYkCc~h6o;Q_@ZZ(z*4@<hUk?5D1O-5d5X((T#nI9
zgfs@_9R}(w1bbM+8fx*tsh1drq;T>NI*jAjx*Nc2;{7X4OqLeP$MxU88Ul?BKR1ER
z^WE1z=LQ<NvBslw$M8T(&388gj1>eQO_=TlZTg_v+y$saNtg|5)^xDo-`2-DrN8JP
zm3Mzm(KL$pw}vp^vPB$=bHCu8G0afpy4_7WiXmyFhNP`io+g&Zlk4~>oqYaxgGN*7
zz#v(#=kvetgz%6d$<BS2ynzw}t`>!mP1oj`AF|n^_*seyJHpgvVk`84eph}E8P0)>
z)f-_FWVPn}X$M1_SkP>BqXQDh&l(-xNF?ory8f4s(!=Z<jfH+TPR92#vC3f$_#AvB
z`KIEAwzEJKT1UzRlNM4H`cCHDKyt&&#W-haRL9EUHAbY=p=pQy!<N6AXDuII${MQ_
zI{C285#Dd%BCow3p0JNL2E4?dwGml7Sl!y1cfL+QoVER3($uOYTZ<?%%?r~X*{uB%
zlXRrsUdw)?B)iONp?WK@lb07ViAdsGe7OV{Ps;y~OUs+lnQdlsOz9o{nmqoh)$Tfk
zqi(jDj8;ecofjH4|AQQfSAptjQ}PyC@>eE2ZGFQzYS;55fd{R<qhEHBzf9kPR1ycu
zxudcb*FFpGkcpjz-t2F$U_3>a!o?`&A9lkxhp^<!C4@(w_I)wLaA5pJvl?lCW`gVM
zU_Twe2e%d-aYST`9J*kJ8AR;&qKIhEL!fzsfHZA27Uys=$=S0I*}1E{%072+?3)+P
zKQ|O*wjdMJ+t`_~Q^FY)%`{etKWg24#ehfhqu}V-!Afw5zjzdDR1d5>5uMqrer<Il
z^Ph7gLsE`y*gw0B9!X$(ugAr{KNA1QkK9f*m+R;ya(5mWd{1gcRw9_au`7qqz-r<l
zQ+XG;=qAE@+_LZMx-GznmyFa-ITu9pd|$rKg#-8D6Op~1tI)$8-2<J!iTS?^#pYs!
zUW5R5hWMp^Ya>Ec^p%ABtuXwOpL2c;<`kOyI7#O-IkmmkX(&ImT1S3-n0To(7h*20
zAD!%_4FCE86*a?a>OH7&_t~NKh*Kbj)x4GcLCLFyN3A>_^xkVS2;Ed>)&q9B+P(PF
zZG@~z{AQ4nF5aHUiTKAbCfo>(*Ub_Ed}QcR(%0C8@KmJ-8!y3qPnY>NJx(v)kbA$z
zVxN&_4Cyh6eJv5C2(C7~g-f#e2OPLEzC3xaO;r*tZ)7~b9cH`*l<+?%x?41<gQ@%K
z#P$x5{J)vYlo7stQzvFH&(-V`KwEpYU$sw+iuem`k0CV2MUMe-adDUJfh9s|*WW-p
zSp=N|eao^^%#16aa!0akO~x)CwNYTPYh?1QWtN^Jc8EvTW(3w|vU#(~Lo_p5#DR~1
z2A`p49(YrTp1;zdZZ&aMU6+m${rZ}4MiY@HIB}{z1>3G1J_~Fmd^m5y>R}1s<47HH
zF{0f|tXRoi3^wTWj;qYec1Z`R#CXm~hq3`4xFO=*Vbr<`_|yQ>1R}e=ov<A?Jii$>
zLhzt$sSU5nw+M4}R_b%}TY6`>W@sPV>Ju}p(bgRgoPO;7sKJor{1cp}^Hz0W^9#Ty
z13Z^M?4HMw2BO=?bKKK>;>KiD+xd7MV9-9N&U|1>$6XS?+?8S$;Jk`FCcduC@HMNU
z>@yKNNr|6$M&YZvNO*Ruul|i6CNo$`Si=~eU^^oiSFS4QP?E}7o`Zuv;3c>MjZ6bR
zJH&|nTV(BpZMsm7rPGSbNpQ^<`;d>0l#7|3{JHV*MY}dP<JJD$SN3M`ID5eX%~Gg+
zHyqoPSFQvmso_!@yJcKOKlVm<zkaUI{IwlDL-V5-E?@iOI9dLeFOK91o9eL>O=d9e
z%JYWA#EsCIU&`M9_ig_7b)I1mx8{52z(}iC5_Dwj^jl-sqe)vzq5ExdPx%dh{IOQ;
zeOHs`uALp6-ekbY$*P;k7lg}Riy)+UdT;gNR&vRq|A{SO1UH_r_um5wZ-P)+t*oUK
zZ^z1m(>w*Nz4{`Lo+tGIerYuW_=v<#hReizTauLoSdysSW_()OlQwTzm8qOO&}%81
zDksoP@fOw=Vynda-n2PSpdT@*HLk^AQq!T@%*{8kdZcQe_npt=^tVH%w}UvZo6rvW
z|NcGx%*mj^__uvRs&Iafo$qw2uTJ@c>dLIt;5GL|$`o_B&Fu2a7?pYLkm_h>nz-HC
zAE@h}sIcXea>$H?2p!UrijH$2MRfFFbVgTTLb2Y{+5#J~rKXol4>Pg+tGcZUK}5Vy
zCd<S1AC%*tHWfb@r7f7v%W-NfvNBMbblVT(C(sOcSZ_P^gO(zTJ<$4nCJJAz*A&tH
z;(f;E9=$hbt+W<g+2g~5=NM6F3US-1<|V$kOO=0Vn#1<WZ*PK<K@XNpVy9zky_#>j
zI6?RsQD={67&$=x{<O90-<gu|L}6=&yzAH3*8uaGTf?FC<x#|!ce}yhLYy&SC-OA+
zouDP_;}RKGClkGmr_nKwB(Ab}-(+#!g=FAD$`<ZF*KT=j0}QrsO|vzUpQ4(%;0>kM
zNv>;?{<}?IK9aQzt(>kDQ{JPbgYbkw+^AYX*RiC>nzZ2NRZ4xosE_klos=11Fwm;&
zn@EZ0NB^;^J-Kh{E*=hFnM0fuqp=t|49&p{?`G%)%>!{hj{=8RilSoHqu+T7vJ{8m
zSNvc9>J`an_F7x3$xrKDxB|6b9Kh-CCBISBS?t-*d`7>@)Kh=_)+537+WDeCS!(YK
z)0sIB!t|lRs1Ej&ioY|ol>X&oWzFO2g;}AuYzdj!>uY?ASfugw9~GzP7jh`t-^P89
zSt#m{#z8jK=52`f`^05sM{MOrCW$k|A+lyX=lM*hl#5m2tRG@XnlpCXX_oe^A7B4F
zxVb>qES=YaALo2?74s-1!QN<)L;L5)gu=<6>hVdY1$rB%4d{!@v2fo|t#JO-Kic8o
z;$W2-B{1g}D9=l){g7o^(@o6gLp|B1at3}^JXZ6&FuZc|8opefSNEcAZ2Wq0X1LXg
zft6q!eKGr`60M9_i-VO17ysHLS^E6p^OpNKqHLQvU2Ri%gavl-cNQ+pF(hwGWF1J7
zEBqM0FO;6|La==V;v3#fXzz;d*I$<38!tpQl|J#a*!O1=C<c5z$>-i891?8SVdG8v
zyZey^p?P5T;7+t8Eko%OqZ+4DWy<mXe8Y{^;!{1D<TH#&-$aGY5LUEm9IYqo`<gTV
zWR-&*w{G?u(I;8OEh9^1^Okyk+R8&?$%j9l%^^0S=mulgeDMuuveOe37p-3TJmkW6
z?XQHEvIES+7Bo)OsZYUurZX9Hzj3A1*stj+M{IM|QvVd~!J6-HOr23u;Wb8o3y#%T
z{)P*_rte!~x9{mwsa})rswt}}`|@b;^Qnb-NVBQ&G#&ds@G>eEeQYiwYak-|0oD=3
zJjhmx3(dpOqswyX+>ox=Tc>39T;-U~>K@aG80{ALlOD7Hc3e~8?e#?Kv!%E${2=q7
zue|Z!vcuCT!M&>V$)R=N@DZ2A>V=*P(j1y`C1#nA%Z&IPw;C7INII<?5#4ln$fn~{
z{3X0Wk@HHFWjoQ52Y24XzZrq|$I2Chi4J$8oH34t%R43umA$Y_5?8KX<QLe_lQ$*=
zHYU!xNu-*i(LyD{BYhjC)db+3Gcb3e+eIZWO{J0es)+qH5?j3@>=hH*z+B5FgRshr
zS0Uc&x3{U%!W_Gf>fdD5>D1Jfcd>d;lzGRyb<Z=6g<{FILcLhtffhzH#6P2%jqsH=
zeN0g~LR&z$m+4^oR~AHi7NnDZJItRC=e|qlxdhTa7jwta1ba>-dyR0_*Hz7qt5Ob~
znjP+64k8h1!@%vd7=FT8_|Y@OIfAzc{o72Xgp5D40X_I%DYHsmqCncU{2C1ZhyU7h
zMLdx6-<1a_vnq=_zHgcA&a~a@LBZbiSt~~Mt6A#7a?O@~fNnY0?mlQL4Vg}AT72!v
zx=3PI>|8BK$(XJFJBb7bO%P8MOVkR-9jPCdQ5w7L?{_|SD#-rb+<=F;O||_^JoTus
zR(MZN*}XeE8vi@;@EZ@c?Kits0g>9S<zdY*gXK=W+P9Oq7c$MM`P0BMK1$un`;~-$
zo*#+ZhMA{Bu)xE+*0Ql?N(Dj55sF0#*SY~-I{=RD34Lhnc3(o<d2`BWLu)$oVlbH8
z5!aq<Pg9*BIvr@ZsBKY2f;0U~g{qH4J-Q!=_%Sfh1HN8hrZ1(XN@i6BbhwzxY>F`P
z!NR&zKA@Y*0pX@2mdL0)Mtg{32*H#<5X&;LIYB;oXf3CS<d1|pJq9Q*rMOs|***B4
z$1afAGH9gotv=o-gY_Z7a-TaZPGme`C~@>*Ht9f1+XT}sW7f~5e_>u=YfrWw#&bLg
zW%Q50)_uPM`aiw0+NPf2aelmpUlb+qxGRJ4KEFtoY2?miU6K(AI0A!qFr1qP63qjm
zyDtQd?W)3`N%yibl2&AG5!enDYzY}jly6e#oUNtO(c<kLEXHQ%%9w1^hRR6g$H_wD
zu9qXfwc|~B-P>orWtO(@$@>WDgg)+!F+=+o`_qC0pV%M?H<}!BpUC|XmP6!ZdZ1~q
zk5lBUkmNPSXP#1pv5(IzRbQ?qT>HYeZWc5p{MYwHvgsE+D{&B=w-E^{yfD`ASWXm2
zjwZ?o$}BX<jbqz5$H&tDEE=o3UfF5en|pXbf7WujvVXlGq7*SD<G|GZi9&-+IV_+|
z=Vb~{e!zT-RY<gUs<8NK&wXLRWEJMGC5hXBRM+#9ON<W5%u35f^0&Biy1{1=-wxAl
zdT~j;o(ha|z8cx6un$p`m$3m8^tzo{%%`NY>0_ltCO)o*zt+j9>3$0hi&(y=_!03L
z`BN@~2NTN9CQUt*B(xm&Wvn)B=c(vyk?+6ngR0&>^nzHb?jnsex!yTV=56+ROXgYi
z2ASqOpRJrHgC0kcevZZE&J(O?!u-ia|JGiq`Rv?adRNoKB3A1>*0bi*YE~EEQ!ef=
z<bU~PCn27VVitEp7uRk9yK1aMFdfZ0O;nrmr`Ae@WV)Ov@037iMunKW2q}}~rH5e^
zil-X#OC)&kG=D3QQ#pCWF=&VmP&~!_92!}k3;Z_%f9KfyspuIO<BFx0DAk4mLa)Ww
zv}B5VSz5^hwYi+v>P%LGoU8(>+)kW1ZzC&%%L#4Yn@{C_imvIOeg9-y47PQq4x*Ml
zc>Yo*(P|JJtrK4yDavo}WRTKYxr-z29DDYw7o74)Nk2VX8s%aC)SHdnpeb15!Dm}Q
zr5_@%oW$Jp%~ZPmxr~u^-n-zGtUKKWq?gU2;<S!uW%caw;`&9^JeAM4XhesCi9t8{
zi0&`ZSW6Ra*5}R2KePTd#Iz~;)!ukFqphlhrdKUXmGLVD#&Kt<LYpxuL9t@QrkElm
zMRdw(*!LMWV_rlu$v*$_tF@K5^yb&z_N=?S9)&YiYAdg*wyEz>{VQlHdi#P++pf%=
zcUW=6hQlq@&f4LmOXx-W-A8NFCIK7V<5@RMA+V%iVS{aQw8u>QULM0viA}BMwNz!F
zS+~>FQxX->{d%DnjIUD;7uCUPK9!^Ux1@P;n0Iha0)@g)l84iXaf)M54kw%h+A2jk
zB$|=t{_os++X$Y+z(t)ur_C(M7*VbKf`iUxEC<y{$Cu&GDgMWPX`bkR!t{D(&`7LV
z3M-DfSUAcqocVr+Q&cB}W%KU_Q^GEJQG$o(3>0nt(u<Tmh2=0DE3@3`^s~{0kt5}P
z(x|)o6+uk>B``@_&CGYQ6i%6yeu3hnhGgwltV<S_Y2;TmEbZWkEdwTz=ce1zYVDX6
zs*-n>XEPn`<SG?pCj_>DL2b^B1Y0-{9tkD2wp4Y)Nix;KQ2QOu_6TKf`xfN6oK8A(
zp6A*p<bzE$WPYe8O{u+Dj>1T6ixFkTa;r%_1c|$?sUEQh6nUE@c8xqOm`W+0Du=g}
znYWC0Ow1M3;o>HYXRR^a?~XQ`I1WbY+LMXQ-V;pz@lf~jOMT7hMK{b^jXj#mqY~8X
z(ac{!2wiYtKA2CB^99dwe`ad?rA821<cNq1C6iiwd+*{jt$RfMorcqqU%I+aCc}br
zlhGGZR<6NL{kq|6c1~A?V8jw)JxWt}r`WGUe5Pb5<h57=4!zyWXVEy%_AUR;G;nJL
zbrw}usbwJDM&V;Vl@OgK@g_U}1o#4Qd&-o3pyKnU8%dFGie#FA%ajm^uYMQG82v~(
z>^9AwhSEsw=ftrn?)sXxy@)THT0XsD`~1;4#Xx3PTubP>m6R^lSjs2}g$asD4b<M3
zPTenf&yMuJHHA@1nl`qTb7Rs(j}Q6AP`ys+{)==g%v^~1nRSih$0n8_&Gk>#Ya2mk
zeSLsRCK&9`Zu(B-ZTBi>(4EFPvR}x5;cFSaSGYwv2tOK(M}8#hYs_>rICH3Rl8=cX
z$@H)G6@|G#|Da;oG$tEN@r$<hZTzdLFp}?5;pNunBT||Mx}Cdxw`(*ar#HQvLf#UA
z!NaR1)jUR<wNX^z%$9jx2WT}a?PI>*`oX7(4;+%4RBWXlrb9)$xpJNRe`d++oVJ#d
zoPNeIe^wPpt*9hp#+&MVd~m}QEN^m1psW_}r^LuwfW=1CwN%Gh9sNI!uEDL(uMe*+
zF5AX(E!%F{#&RuNL$+<#GM2fpY}>Zodw%a9@V&0@^*rbKocr85Y6KTI{aDL6mQ`#d
zX88OUV`+`+`rUL*zt|@B6R=s9FD7Uac79Fr8fO4-#$Ss=3_v}R!t0CD>cn*O+)SH?
z4|;i_WtviW;XsUokI~9}*mOmAlofwP;+toU`_~^fn3C5CX%>HiaBki^{>%_7JhT^&
z8F6qW!|(k;&+S6~WXVA={BojN{j_uWRpBVJ&^dT0=t;u)@%yN5l=Wj;5N$p~^#)~<
ze8GwM8LD^;d6i^Tz^K2k?_XGh;q85d9)p><XY_uk(sy*x`)vfli}L~^qlUaMH5-Dq
z3+g*>ZO)f5i;k2^vHFGmmGos|)%~~7s@ie?b{w4x%VoN~Lb4!NN;z;pNlxoIn-T>J
zSOZ+phQ7`GbPY{3#XP>@A5d^NeH;HrF{o!MC)$RgIraoy-?1s1zd&-ejGbC(GUZa9
znaAk&H;sIZ+q|qTpFCqP3xU+{Fm^P~@0#aahiB1$!_%1OUqNgRqXj?`!eQWeF%5XW
zErVU+X*4O*YlRx)24g0|1#v&TujDWEzTDw!h%1J;??FQ8LOXT3Zcd!+y_H$mi*~d4
zE-T7kSj)_z#sgdYlAEZ7LmJ(KQrQX3tS>Ltx>H3{3Pg=srri(gv&1W(Dy=bjx<BG6
z)*0?Z(!Xz-A@6@h*85|4M)~sKK9T&_gzbpY)T8lA{gFBqe~hF35Oq?e0#_jB@l(*L
zwHC7{E8;szA@9`ntRM4d;DFGlzRGkgb(Thww=y-so;^ZM<QYHjdu;jg3U9i0zgOXy
zwU`ion@Px9N4pdse^wB8mZmqaZ*qiCJEPb7q`A?>tHzn9jb`!^q4)dXFKPxB#%OLN
z0>(5x+S`w0yCxAyXBz3xSUeM`{{r%OzmGg1G{7+|R8rBm2ot6>T^!p=e;AHyZa3-%
zl(i9D`QYubNr8y(3AIj{2A+DICZs%H<=c1$BlTxM5^8%6cnC*bMOB{DXh?N~@r_6~
z&~yx^78Qf%JZ!jnKv+%WW9%9vqqux~g?k#a(=gal;1_C}_i*;G6XPK2a^#-hxaaMj
z2XO2eGIrV3(95FUbwUel#AA?aC^gNVl)1sC3Ru<8#GEm4QO=SUubH)!|FUM_#rbEx
zp;ITSKsh_2^|}a6XicV2Qn&b$#-S55po^!{%p*DT7?bYz8N^L=N)Eb3u?O{>iCF1C
zX(}xfw;#Gpi04blwY<;RLuL=z$IkGX>BQJh_@f=uJBS%(W7cqkYA)+aJlSoyvMoa!
z{PkB)>ZdPz?g6RX`yy`bdS7;YD8%2y_Hz7*)f+#jO6DqhuoN-0T%0KO0X_4kZr#Mp
zFWafi_VM|$aZ-1ZBuI$wCiitNPW($P{~v>&dY)1lc*?%=e>p_Ba__6H@fF`I(T}xS
z389J$i#ue{HX?u_q?DhvoyC`O`AI`6l;<N~C_iT8m3aQ%Mf}=7_8uQe_W?>Xxhoml
z^4a|9HZkSk!JzEtve46Ge{ON6;_|gc$<Dzp8SJpm+Iaco`lho`<Ccjiw1Lrw!*;%`
zenh(2DIAS;41$JQ$<@$&P`fWe$Tkc!hyJs_Hb96E=jsHUhn%H=rSIRg$#G(Ux}erv
zg?q-T%eC}MyHi2h2U7#qqMU5a+!Be0{8D6^4z7hfi*)Z0R};cOyN~fF{2HFmT5TjP
zML8-V#x`BWzZ>c+nJW$_dcQ>ZP3Z6k$lLPqG9Gv+&)iG<AMe5vOdfeiZQsT;f0#&X
zQ$HLOuNdbhan+ep#EsoFGRDXADMjOjH_|w1jKwb5ZVkZ<O8_iyzgi$T_y`p5lT?jG
z$i!JH7bJmZP29qf-?|kjxmk~ju8@|+lXBT_GC`PvsrxscA2V`L^*ri<mJBYw0S|3I
zkuzoZ`;*Vf{+twTpq*HKcJB%fiPL#vE@Hir{Bad+R(yO|G<9+KSNrO`C})))HfIl$
z_!A?OgBzz^9V^~=Ba0Q)5*V-e#&4o<Yk3kv?6K7nzwrbUPraYuaS7U#tl99-w*AZI
zT~ts;%%^k_%n<QxPiHQXwW}<SNCRioir=a++zNh%ioaKSK>66SjIS48n_&c1-j+Hb
zeKnMOMOXXS<?R$8pTNJZTk>3w!DQxCp@uWKaM0V>`V;dCh0DL^%ro}8$TG$hgPlnj
zW%iT;*33{=k!zqp*~^9n>7ur?s;0TSv)9KRG|EuMkIbQ;2U+j0LUPHYj=-@xfg{qo
zh%j`5(hh}P9MCv$p-UHqsfyTq#9wM&_#E|UwsfoVS*=YANww)(8>^0~&~pB0v{CMV
z7_}uO^>HFWOIB`j6z<)`sF18L+YH|2`VR9IM)n_%&Y-odRtjSom-mybRwiECpb5un
zB6N$gpgysPLQXCG81#1_9JHo6NzJBm<saA6OAsU;IsKMkyh?lJQ>jVeR*rJf64^_l
zNy1giH<DFqoq%6NqY(YsL2JWUj8B-TQ{Rgd6whBwQcMN3U;6+PQ3TpZwSe68fC|2}
ze;)rv%;H3NT?M+oK}FgM5$6r7GK=E34xcu;)hh`AN@R|#%tx+FNU@qL;B&$1i88LX
zX=%+RqwfwC&qdj)P3Cc$1wY2y%SY#t6ExfI%(Q71RTpMYIv4p@{q}`g5hQiE$fXA%
zSIuPt_A;^}i0XaZ$xqnV2C#O|4`LH(KD5&x$aVk*ZEEAZa34Mmf7lV5z!X-o+7P;1
zU$e#!O3+(~Kn2GTLr1U{iJUoym-lh2X9YcF|5@-)GPfU+K0eTW(_T{nGROT?V_-N^
zAYZW-``!veG-Nv64mtW8U#o@quh8BOrA3N03~Eu%x!(ZTux*1Q8xa9}@^B#UB#9<t
z>10zY9KH|p?h?2JD__TE=fh!_wX3IinYdjhx&4oUb}Al{Z;>Z4oYe(LICxV40ulS_
z!bb%6O|k?_v6Jn5qzL72VSvVj_<K>bB`%pcO|^X!CI5W#tH`ZYe3HORZ#(E?fK|Yt
z_+00(j2XE-!vd_XpyH-NJxY05dmH}PtyY)iRep(`CJd|fzYG<+C?aqnm6rGwm(HO&
zSFt8V)p59Q%B<xPscWj=6Qw2_4vQ9|gLJg=UF`LY`lJX7XFDOc>|im}n0aGPm>uR1
zG?Rw%M*qq_L7?|dV7l>29*xAQWK6G;>Zu>Bmtf!Uc7Gh_iH%cjbk0qQy|k+_!&3Wz
zx&1^QP-MVnl7w`NAje=MrUqoGh>AuSbbs1iH2GPVvbxW;+-Ovf&G+xn<g68m6&}8d
zYuRAHS?r|Gy0`jzUXUDwj+KNYEjsi@Lw?c9%Qn71)NCuB#rtroIyUhkjzPnlzXrDh
zPw6I*^3;rgUlV)ERJxDQkH0dW02=Y@2p4j0>FAp<oAz;ig6PHCl?<cC_4dA;jPj^q
znG2|Q6fH8~cy`PU)>}v3Vo!R7qudFlJZeWxfKtB$58d2AgdIuCwR=At9g}}@t~UvZ
z(mTo%X7Z;5onwGJAPxiL`K2lVw`-KD9;rhH<Rr~YJ94Yb)1-SjgRu=9q-$k$2QgA)
zt7)E^51vrX>%RD^^xAm^8h^;k-mPerPF`^swYn115fFX)AkGxVm@QTjeJF|G(DN8-
zOQX;C=X6HKRrZyG6dkNnz}zsJ*w^3%l(|4VKMp*~_h!t`w(ZHxJ;ktBQh#+Oh=~QJ
z65856m0yQ`GIe{p2QT;a%}4>SBcV0I;u_j7M^3o5%)J%E&@82gO~xUwt!~?%TGnLB
zB~|>0o}K{+U7PF^Y*(_C8@*nVb!)^l$wLAbIOhH~N1yiUl&Z3g9iV%L9u+fJy|7Sf
zKWPt+k>O*2e6u$>XGJswheD2u#os7&JV&uzxr?rZyjb%bPA98cfU}ryTZ*8H2Ag}a
zutQe-7GWL6e(EF~JqII_eL7Pb3yzP^l29dc<s9aOaYA0Lh{U+lEG&vJ`{rQY7xx?o
z@p-N0^`xYm(9UdSHSDjGRMu<AX!iUGotU(j1lN<eoh@-mS6IjBKAEh~Dy^)#*o4SY
zmNIi^JXI(Sm@Xf{<*b-SS5}etZ65?-yW6xYW>X`mR^+5RKRQUSliD}Z+;S?U{$nQx
z@{Oq(TUmD*K`x<4yB91$6va!r;!C5G&7f@V1e?|ji*Lx<_0>i043Tj(zkcs;SS4j;
zUpA$j@rv4;qdjzSjewCqCm-WN%74WX=G{zS-u*>$^@1f-lGeC~gjHVm4ouUo9LJkZ
zs%=Y_Z+A)Fk#uW+X-gj;kgk=mUj3eP+@_<G-Va%K?`Z<hd-dg0HUoIxX4GsFZ%Z@G
zLh6(Qp;apTh5f$=IFefHDX78C%sXoV0STz_`n`0Vi0auvp^+_WKQRB&q)<EarJbg#
z-+AhaM#94cZU<g(3coF>0mQm!-&^mz^pSGsJ-QkK=18At>xQB2c$<}KXUs*(%9P`X
zA+Sd}9oRDKhMVZ-<b|6o7%x|hDov*OsJnYox}Tq$c{^acnQbK0$^=QxZTi&m0KGN)
ziQVcX4GE?fU$OdL-WjpvjY|dL=&M?C+5MlE{pm1hXF=8G>ZuYhqwuo9qsu(7AWDUU
zDZuu0i&mlYvqguGeAW@ij&M$_-QydLm0vmoD+B-UAh;7iC+5Cc4PkaOE2T(DKP&_v
z?g|wa^}1%pzU;{oQ`R@!S<g3@eC~JBL9Yx!V)iXN=GRz79RR0wF7KdF+s$O2>fM9a
zb2W8{MB)hogMNFBqko8j1LRTG8f|vg@TpJW)A0%_8bs)I1`7pW2Jc@z^xlYXa6W(;
zPCv@Z6(Y_D{)_=iVTXUAtC_U;IAOyFC^%=|+nyOlojoPX{M03|46q*(TtZwVYThr}
zq?TD_a9#a2ddhj8A*eBmvl5dT1Q(+Vu|1b^Z4w$mnH#XHvqjZ9O%+!a*8`tu)z{*F
zy7IiEzqQhp$dWu5bwwT@Gm`F(ShZ}Dbgu}`bml7NaY)j9h~M+z06}&zt;q8gLmkXN
zeyPDTH)DC0KeU=tmO}~4!4&@>BCG==DPC$?^)$PBAbU^tiO2;CvUana;S6X_8;vw4
z&^wRT;tA*vhkuBfeC*G!bEG&{I`Qn#Ws|qw5Ag;VE3i0x|1i(kcPk73u}WR}^K;=W
zo-9wTt@QiWevF?lgE8UzdmW7J!FS+ZA*7I{rdACU2S}tM<-73T{Q?O~6Xms8i^gY^
zF1HDVSn}Vja%3^rpfSVF{`vWHB;!j-lx~`m9#2G$|8h06|6D691dW|^c4|1?32cCU
z?A<(hw^sFIGMbbpgu>7&6BWAPvAW4dm@%*{TBM6Dq1!j4(g(X@D@lfcf0`I6plku9
zI_cL?+OyLQy~%4gX)>GWCR-8qGX6mf%AikTNd)M;2{v|q1I)lKlz9mg-lX=!R21i1
zYeqgd7VgS&`QxeLD?Pb@ynsp1o~0uU4VEfR`v+C}QRw>deZ<{7g+mh9Rdx&iqf+k8
zQq&QuDGDd$mKOZAQE&|~zQ{*|;p_4J1oTv;;y%+3OuSu8#DN884K3^3fiKTZ!c@De
zNW`rw5oMC?DuP_`@v^^6*4QMEy-D^uPkt}|MpZR=mw*?$sd{K|+R8rUTS=s`?#}bA
zQljz~gkW6#cU-p{qdF!NdsQAs<+T(I#C_V~N$;(tJcT1?=;jhr4zO51Aq=>r5A86s
zsqYMnTx$a|q1-l2XnlFM$F!9Ik_QLeZ~IvI`*mxegX!zlU?itM<*|IZSHW~dHKnjB
z2Z59XdI1N~=7L72qOvlhNbcgIz4Q*hdl7Am&7fabqZxC-t*OOd<SM)3d-X!Y1(Zrx
zt^@M|*JTqH{r>IFb}cAPqU%u2Bis$$#e|4-2J2Wmr1%A|vDS-s{6T62F-rwCMh|IQ
zKd4tBXtCCiUA?Q@oi>ZM0_x9hC+ikPy)VW2|Kg22mXZ<QnJ!v7?JTU0aQj0ZWbO0C
zpLf@=m4Po<@1Y)OmmZWF;D(YfG|6Q)xX2!gwTTCTlhWoggOqZrM#YfN=(oj*C)*!<
zwoZTx8;~H71C8|N1x6Kqo37#3!Icek3#&se&<JGrg%q6@leiIa%!{?*m)T3_V2bZ%
zmegv}m_cBMIlV8%wqB%iC8VkH2x294O{b|0Ot)5EWw?pd%oH%y_27uQirgXuC3;AG
zHhN~ps0@%A`~9f%2Iz#vCv+qpV_ZE=!*+`}LiJU{?K2^<v5s)4Gq?$!PT9xWCbIwV
zKk?4^c-Ytx7aFEy$n9WO&oWs}1=kQ)!g24^6X-GIN?%4Sjx#HUy2YzSaXrYa%``~P
zp7H1!9?&WdBhg|BBJ|#T1z$fncDdLk@S*T0|KOdWn#v!r@uuLdr!UQwy+2GEPEi87
z4e(GJ`INn<*YiY!v9U&?e2!KcGxymnt}DbY$zY~7XbB_Ow;-e3aipNwnmgSjj>2dk
z-Jd+{Z~W1hEmiJCi1yZozpzm6{rJp02b0U;I+S)1iEJvFw8K^hqzubfn%3-9!(ILI
zs-02hM!(&qK)O}b)F@~|QkvcO;E&>fyByNqo3du&`4fe=C9$P&tJLVMzF(+*zWpvl
zFF;442CVR}K%p=t$Kr>K+>iY`cr91=`GHSMk$133*>)&h&^loPxHpEvx0hWNLhf!t
z|MIZ#LIUq2|1j?$CJzI?okh6j@-*jaWJ60Ddd+iT4w%m5(jCB(y9xEx>G8OYk`;+A
z_hA(;J*Y5!z&w=uXJ~Jfu;)Z4=W7!y&rx90!-Koh8uLX3nQiE=94)gV*``Yy;%%b7
zrJKkGsNNGz=&5mi)FVSSa5NgWlukBzuDU_6WV%SxoC`Ty6qS^gZW`X-mW@nVwP(K5
z7Q5=CZrSRhwv6PCKL>Ez7FW|zVMF^Zx!myvMgKUp-z{at$3vp*2CZVmPN8eb<+{|3
zkg+PwQWF*N4uBn2S?H8!b`?o(CrHdN;*j}e0doVENDDQTF2GM(?!FVslYSF&g;ekR
z{e{U=L}MiuGWpYpUub4kPgY{1=JGrCv5lp*n852notX0eKmM)0{XTWL&K}?mf25#&
z1(2sfrC0jlr40S-Hs%pns+lolR~|kLvwQY_L`?B&i|^Gln;JhIhOAq#VZr;<O*Avw
zSlPQ8Mo%hBOH#@KJPv#Rtv{k)$F|9s7y_l6`}^cjD#-);5aN3qJu5>48JNdIJ2p%i
z!hWX*1Ji;@*N}*-y-c36Rx5OVA>ojB2$ngQF>bDz*Cbdng9);#-+3z_cVCW6`+UuU
zmF!eMsR{xofTc8V%`FBGAht!zRrbSEoenC7r0K~FBB|bZ@{c9VdUvnOFH()(r+zC7
zSfD@<O4x+?@1_1Mh~`%~F}cZ|@x=yWYSGt#6;Ttfj4}pPHRpx06VVL5q>bO>gEOAJ
z0SInL-=$OKfs4=9y9KNk)thM1il4_dIco}--{r=PbMo^|f_=AWBlpKxdnY-=mH<)(
z-h^L$+PRS~jqm?m;o2&OqAyOU(0C<|z%gc`TJr~tLVYuN-`phGbkvW4K5kKX(w0A_
zQWR;KbFT<cP{|K{6PcWw`%SB;k^zgW`~zSyo7<`3=@DIb2NpXc)5-yx<|HQz8pfDF
zd$+9xJ#51L#5nY}PpW-76Ab+|xOXD}TvllEup+6?KJBcASgKj|!x3lXA@+!pj=9pD
z#@?cEEf2s29-QLa3C7+}UCuX(E^l7iWMOBfq_g45?T$<SDP0bM89C7HW*cXk?C--4
zjrsr<8S>D5E=dbM)P&VoS)M|qUy^@Dcwik*Mzfno_=BkBgM_UG(QgVSea~;-?`ccl
zg#jj(mEH`nTnX}#8WtyN536Omy*YFk!1H8Y=$AB|NXPA7)a>-*3l>dX9#iOO^(%VW
z@DSN2He2Ujy;c!9gZA&&SYyFE>y+4tM@`NeO{q4TAp-|`TQm-r50bala<z)ne(&C8
z_`Gs~=O$f+(UP3r?&6!TD4!M8_m4OVi^B!|>>SiwLwsIJlvF@kY4kSh6l}|s<bY$$
zz{RZ?A5dxJD7dA3%ntspKe7*WCo^u2c;MheGf_Z!-TDG|r1{T;gGyEKC%=}qjy{lZ
zK=%a6Yi^-M!;Zbo2=w*yhp!FbvitRdLmmtuoGl28C0ay&Yub!}V42M#>@E5c+N%&C
z&QyqrXv0Tc%Y$r>DY@-YZmer5^v=?WJ}DiyZ5x}Z`C_g|U7!<R?RxuO-0oJJY(+)A
zL^kzn@-dmuI3kQG#~D{t5cpG$JPR}j48k54H3GANCY%z?M3{+vDDQaf^ydu1lO;8l
z^&I0w?55%@6|NRzFC@s(dG3aG)OoYN@%QNXU9Gwg<a`ayf~3XTgGeN!W+Z;);2P`G
zW(pk(;;e!2H|1P*mvwQd1Kz%F^4*?}*O17no)uZ+MhwDnK=*;Zzxi<YnAwAEx{L`G
zs{g!sEmFFa1pOWf0xl-r!a9dt$#zLS8}Q82lCi#KgzAEWyv-O%X$nPdJ)TJ4|MLj9
zMs`^Uyq0D1A20o#A=*3%x^yZn<oKjia32EBDw#0`yugL{{qa5*0O*J$|0L=9BRZF@
zZ83S4S3AAyB$TH2MJgp;Hxdl)94n?5mA(E6{>t<x!xC5)F1z?j49A%irToYL+4s&U
ztBF=)mp+&C@J|p^W-P#bP3lA==gd5Dsm@w07G;HOX`|qIs2z{6^ZN8j)0$+jrv1y2
ze{j}mzww`-{UGvyf(R2Mp59jQ@*X5TYM=k*1(b3dI}0uRYUxv{`7A_LO4QW=8uifu
zJ~|j-)JL^`$!!4J%!Z3Tw!t<m0oIi!jZLoIbYJW!eUEw`YX-7i&Bo*jJ@{+H3X;Sn
zfN~&h4dIt<E+*d+nx;A>OEdr`tBL)pE&K9r_El7s+DX}Xly>0P1FXcR3jnFsFH+<~
zW)Zb^NO)@o3K(h)ky|=HB56k9i#5~Dt9EKYgTq);?93EWSnZCCFOUB8qHMD;SoU2G
zyj<R1YyF7oE{4+MyvBqY`|0}Fk#543i>$^cx%{wUbk4t&<Nr{R{`T~H@OCHv!iT`0
zM)Ti8B$iB$nIXz`s>HvMFupP^52@N?4p*nLh(S?bWb#yzGZ4s4)gKc*s&&>76}}+~
zeao?owz0B2R)4jx8?U(zQwk+Z0vB)&w=0Kwfc@zTLH1Ljwc^(ImXCS_VQfELubY&(
z3&*#XLQm6y<v@1s({BJ0BH3`5Sbh^BguDT9)=;R-uti)>DY&SM%Y#2Rg;rcfX7GV5
z54(4cEG+{3soFHM30}Q)9UT7P@5^g-(CnKYa?Xa*^fkat#s)sjxogbmS#y!GHg%(g
z{QY%?KR3~kYn2E1q@Ns>hM9^rb%m&>`@&iaf%MMUGI1bWEpXAQUqI=r^O1MbCy&E3
zI>TAk&KtFUS89?;bWr~){~-rNvvlbqd|5rm{???SoJ*Z7eP-x~1$I6fn!Oli8gRHw
zo9Jm1?4)a|;nJHF`r1a%7leaE+bp{2#+X33tlpz@|Idcu2yIIo!%B2s)bSk~-mHrW
zDa``Dz1n=4S*k{;2MlHyeB@q9MimV+_5IN{d4RtEFE(aYY;J~&;rP=@-t^1}SJK)h
zt|IPHJ;O7?>c(SmCO%E1P%PIV2?U$%JZiIi3>X%xaNX~(kjOu%<c&w_p%ZG_WSCDn
zVa;Q+9@Q5xIDkc)wE3%-(>fIG0t+wW;J7rfaz%W!z2`Ui%iPmWpt<}vr6NsOFjcvu
z)w#~~q=>vy2|RP_b!*~Adxka4r>~Ukl9r|4Wy6o{dTeO5{?g?KrLGD{Ypb-K*c4<=
zAd+#b`0$)Mfe7PNl0*RB92D7OZrZAi5hz21le;%kI$;Nzfqc<v21o>r>;~23*~*?D
zYnl0e*8@pQ<$06TRx%s?5mesKG840+t>kqirOtyXWI}Fr^pGGX`i0sO=V|N91?{!}
z>a|!Fg+hkKXgcKje$#ZiOP&`V&Xe96mq%ECjZT<(FPlxMM$h9UBP!YKY|-O|W==wp
zv&?^MsURZgelD(e#c!Lh6R;u`KZ5b;rmhS22W#cZJVJwA!Z{#&Y_D{!oU}5x!`1)A
zFJikxt?TRJw>+k=+&}N7#D?ycM2um;!_Z=36C~=(|NF7{B(Y<KTpbsM;W^PIi#Ez-
zz^0H&He{D`)v(=%4dCW>DiEM5s{8ytFJTREU~6QKT>WAVPFOWWYB#7o%n|^Vb2K#A
zze<;TgNWy>Zm9f}?x@d_>FkugNQjyR^qd{W#Hl5~%|z+BbErdLaZk_#8ZnrA6PZu$
zpz4mQbWC{u765#`a3PreADh1b#XJTfOPZ;O3*0A~TQo+lZBoEl?!djhO`WGjtZ@@v
zjwx%=5f;?B;k>Ay@pF3SsVNBC?@G$zlzgD0st7}D?|N}UjseVrtN><q=HrkWUz{vk
z4_S+6<K%Gtv(bj{!vu{5<B`O&uMu>bGTosTC|x~=pG*`3w0ut2<<zs{IHqMCNn4dl
za+b6N(ErQ#3WcoUiOEw+IK1@<atgQ|=1*)d?t%H2G%modV3y-7470GSJVQr*R7l>j
zJq%Cw;UyJlf8N?&@hy=URZl=p1cvDkCw#qvgmlNaWG{Q+o&v)YNqXrY;(}qpl~AMt
z9^VEsx0!b+Yyb3$?)yW3Zp-AlhPq!^k#AQ9GP2cf&z_V6vKL`C*bO06>3!8T2c5O1
z<};lNz?9cvTzFvW&!oN6ia>224$e^fqgCg;wE(n_g9x7UNVfT#uu%v5{}UI*&L%H|
z)#fgx%Wn><)c@^>B2HlcAd5=3EtrhTl3BVkg~48Vus+>}#FvAPTd<e&?)3TmO*B2j
z0uov58yc&=<IkjF%U27=91K0C1hu+xr)L39@Q93Y2&OXJ)jRrB-pg&RGx($~chL^~
zx}65XTJlJ*tf4^a#owy>8eZ(rl5aDdR^3V39s`X*_CFRSz6|31>)=ifQ~gu3_1_SO
zA7s~$E${MhA?&eCDy9k5O20CN#x@Fl$>rokjER#UZ0^|}oSc_vf=DFzJZ3E`F)UX&
zAQ^IUs~-yv;(k%r$47lJ4vtk&z2<<7F~E5qt^ih~%4M-KLBh75y7UKVP<`JF5M<x&
ziS%4G&nuWy$X@~0=vjF}0{PYXP(Q&IVS?)=7lKfcj$B?^TKWO^KT_{~<%CVDs)giO
z{>hs%)kK8(6WiN#{zBOV9g~@3l8oQqjU||WCx&ez+VZO+=uPa@Ofn)!euejBfV&Fo
zVxiPqq+WAtzh0|YVEznvay&w<YMmK6_>i?f6u%qXdU(cQ_m*cN#aevwN0~f_uyJ*r
zHx}||+eHY*i`KAWqh8w*po(;fblph)P3R2XR+hD=8pOgpNWE=Q)m+5`@w(bbn_joe
zr8L@Z>QYAxt)q9X>CKhMa!Yvg_<7gg6J(QN>;`}m@)esqldJv^V)%Yfu=WR?^T*%^
z&{p!%0o>c`dodH|ln-_^#pjC9Oad{Ta(2CKcApc**Fn9yH)Aai)(p?rSO9yJ3=LJ?
zp0!rMaZ9iw7k%t-M~0<yo<%o6pN5;yDuyuflEVmb%(OA*Ez|-;<Gg)~Ds_LV03H5z
z0#9t+Ru>;nitbA8fg^{M#6Yv=^ji`n>QY7!e57EhTZ?La_5>C3M>-*&<?lJuT{?qp
z+Q5FWay#y=`>$b2C2Hroe|_s#^x>X?EM#qyiI(d$@F<ZPD|T(vnGo9?K@gkF6Qu;0
zkAanU34=P%^MVz<?^)WBcUbAjo>B~dYxnP>6$7=AKlz{?>3h7kL*3@3O#_%Hvrz!7
zczgu$1jM{VOt~I%Ukw-+ICKXVG!VPdoev-2{X%<t-(PK;xSP!d`qjKGrn#KUV|oEQ
zea&4x8?3TTOeMQ8|K9ltNNxvTC426h92#VKe3_0gcT@2mx0qEZ4hNwFEm2P4j;Pz=
zhoGYu$GInTkuUTKl$oV`JuqjgdHIysw_6NY^3XYLl5#zMxfJ~Sz0!1n=b&%!W1YUu
zJC1|G{UrEm3*52#jZpr|*gwYLCgS^Vjsgxvj_0lkI}K9<ugiyI{kxGfz1(QDSNLzs
zHB>A(wNIL)dL2(GmU}b{Ztbe2oN2>-bPM`fTBTih-LO&A(j~IxUcIPX?o6k0<C%Z|
zSg-&SMvz($Xa9OK<GL+o>fZ>6rYSdm6>nk1>PBkAlvqYv9H$Q5SHY*6Z1+PRDtmEj
z#g8(TIrU7AZ<<wsL7N?CAi<a}+aeYnrJp6cUURj6fY{S5qCY~7TcpLa1#;*}tFb_C
zel9zWamdiNPFKWtES2D^RGar25p7;@pnP*22;|YqrkMkX`$NO;FS`TD>8ntfVH`xp
zXGfS+wGZOjdm6U6untiY*4M4-wnLP@%59Yz^|!Q=pRT2Z>`g?HlvrSWIuFHlD&|j=
zQwB^TQC!~s$zAjPQL$rwSgWW><!QLWcynmZuT}}UmXw@ei46V@0!I{>-3bg^U}TeY
z&<m!JYgJR15-C|m2ohz)Y5H@$Hdx<=e@%}kmZ7-+FSg?%R#r6IzWtFvaEZREXdHKp
z_6%!lA|p?Zd5Gw*IDc7i;fUyZ4^!K3_F|Mhpj-h9&D$T&sTW5r=?@v6`t;ySs_x9i
zPQaVWnCH+zzStE?Y4lEROP=Ty1ROz(0%haHEMGsr4O<NNwT3vhz!C(szDnBb;Kg#9
zQu+QAZ-;3M4TJM_j8HJfYy?@;M=ME>6ukkcmn|6|?F$nBxldM5&&x-iy<7RW1`3!=
zU=^C9hoN|bs2vHUU2mO;IGp&3V}TKf{$VhCyKHLlqg7SQb`2fxn!1RdY<!)|eoR6a
zkB)`)d(9O2DyA&NBPe^KXcbPRL1({mh-&gIZEkg>MygU6)(fnmyS6*UA{|fer212r
zaom@FJ-Mt?O+1hJr@|sj^`aiCOujrB$Wlh#XFYW>A}pGt0Y9F;l!nZ<T%G)tW!z|z
zh<nu^%@OxSW0N$DDvWT5l+_k;jt1fch$5f;YtSOFRpAT`13Mohqo$R(?aVna2#weI
zo4ZzP$h3$7XGP=1G1du>X=U&qqW6*@fp5&4f6Slx%)9ljpJ%=`4h*`GH~kXw!+%en
zlz4`8-E!O+)T%}LC^>Oz9R5-JT}$@8z`OXfu}f0jYoiiiEJ0hcbL+l8=ub;7;q6_R
zkexpB?@GD0A%|RiP1Xk9j)y#xg%YhER)0Ugy$%XV4N;%9oWgDL;G=Pxe^}pj#}X6V
zG;8_`oymxW`bxK}^X#L8T)iYSZ^wY%6a1-%06)`bnRawoN9eqKseq+*Xr;0KZ6)i5
zw#{1P+x?64XWM|vNdEF}jk_(Kw=6-HS8F@0)5M-(_O(#k-WSw&2O;&RS~7cY$77z+
z;}x^Gq-^E4dZhEKP6b;sqM}8c->Nm21SSN3zg*y;hE1su-I-58(%3z~1v3ZtX`F7;
z73=udp@sF6Jo~?tQ_A&c@DF5|hOe#=rM|6sv1%yrQlLjwJ%^514{5~Lo?CM&o%_^;
zdTP!PqIF!=+B_|FZd7uoJkBM1qKsjJ8YL2@P0BN|IdGtA_vijcyl(E2X9HY;I2oF^
zAA2_e;T#5!5{A`At%1h~pK6#o)^2O~qzPi+d#uZP9<E`t@Et*&r1TDMXIwGxAR?Z*
zT~!Fh8N(b51fzW^<N-uMLZ+JHkAt`&*G<@Sp$N_Ra~}ym(12QGJyU5;Sor6$CSBiM
zwQex10RZ)Nqt40@6gP}2-2oc(IkFAU`*e?m_3tgAE9Wf?6imlTa;~^qOE4|pH$C_<
zfF+pEe0LdY{7M_j7M93UvzDDY%7=_C_by^k6xj*|F$vzZaqj>daoi-DDO{I)g6k%C
zBMDuF+Zr|O`S|n?OuiAaHR^hQT(g~Dk*(C}0eQf?0A1dfSU#kQd7rXqAE;Ks3gYkD
z9WRQnzI>;qqWv#;uzwoZquUy;pU9y;PwJok`6xzpZS*a^4o1TsCQQ>ibMfar$*!W3
z6qatt$cfV}X&81+b1p?&Fs+zq=Zck-4u-sXofel{bub+;W=L`NpiBR>sHN#xWtw9-
z4aQz3py0i1M1uPjErp`A5d9dTDaINu3AtKsR{QSaZ9^)j9402s9nx2MPQZvQ^{l5p
zmkHIm63-*lYtezy-G4{Jx8b+_#HHAvR`BqOQ-!n1vI%oZMF>(OJXR~XkZt1_x4J%l
zLZAO~H~L;L%$4P%Tr#j-=r+@}WQZ4h2E2h7jd&bq-|<<#rp<pNPE_~vbN7TuR$9W!
zu)~4l$a>h{T17*HTf-k(;Lzd|?=~z(l{fNt@+f>MI3S^(pq;<t8V{|g*w@=B8{u1P
z!c1YhJT<NQtTVDD$@^?l5;uZ13cS~cK0%G>75<#ZC6gqM$QRe&IL#0z24(~6{r<1M
z-uPaHxDc%UFkO(SQxlbDl__7$sG~+9*fHQvqr5|gPE;%-jvIvZM_|Pe$Uf{SDe{K?
zBkk;OjC{f34AS>VpZ|PohD~vb@JGyeh}2lgoOy39QiiT**7BYBO<qS9S+}oZ7TCjh
ztG|gl*2spRc>lSjZPK7S|7hSO78S>1Px;5*Fuv&_S>$bKfXv%enhf57u3yZHiN!Wl
zveJ`P(F!#zDt7VJ%K)naY)j69k;B}p!B*A5hPwZjHX80_eV-DEGV(NgWEbpvOT<5X
zm5II7`=Ann0IUckC|V5nTN7liE)ZdtR33BLcy=%!-ZO*|0KI4qKe>dTN)E3D!~GHL
zkJ(=AG9#+9By(R12cA=7{tQboU$S+WVKfc+S~I5te1VU&tNjsSrzQA{a8&W{0QWt!
z#2xx$XXau0@NcTUgtZI#?8VqukZgEN$T?eAe{1usb_q^|BhE%>oeL;1ziXI>_CkYD
z^*d;ZKayF~CxQl#g_O)8X~w^{Tz%`se-ew$(^rhsL~xI*lxqOzTO)%#pAi{)zw}j{
zrMTZwa^UQsm5ThQN%OX~H7^8}kB{6*Lk<~)?tbGQi86Jnb#-naoN<!#P^8bcPJX={
z=*L1`1Okg)7J>D_7&p(}x&2q#;$FmBiN0FnkSXm96j50-5mCU}vfj{wguR{_Eu&<-
zDR-wPfnB#1IsQE4?MQ^@T*OMA9PJQI4(J1Un<J3J^$I`yRra&7m1yDeW#iY}fyrkH
z`I+E61tis^vk{q$%;3z!S-9&wl0Xz4Z~wBNj*o*3Ps>LV-oxcYfg+2()N60@3EI|T
ze5hGqe*4fh&-6(3_p}NGlQzhjt_6C}i}0({Z(_mKw1YiZ)G>hnH(}yY=;6O}S9Pb6
z+H=1iWB+0p8To?Go2IDWqUd%Q_<OW4V`1;Kj*{Y3q<3QsirmP0-=EE_@7;4z&yo2=
zJB$y4P6Hh^;8mGNRqv!ya(zH~QsjdwF=tM0oEwah>F2c|?8zyUwq;9UI>&SK-+8mo
zf7b^4d?@UVUq{mnV`D>OPT>hp{V@44mL>+%4G_dSxD^kSJ=Eb0CS*iO%1^(Jf4t^?
zy6Nyc0$oSK4!mM=F&6zOGn<dqK6|ngorsZgE*Laep8y&4oP7A7g)7g)J!RF>P{La~
zu$0l<BWKg6Wb4L^)HA|YDXrAgG<fev?h)_^ojyZNhk;bPk_uZU6yb-X;m8-oQ4vtG
z)Zk9qTHPG64@Z*cj^emM=Z5-t*S*yon&?p6_qLF9)4{m#<~kCYbR$~Ws7wEpB<mVp
zhb?kstGh%SIp61ZoP}tNWhPA*M9M@W1Ma;jaa(uAY!`7AQak3>cwY`(5@eS%^J@Nm
z)+$m{RiJDF_dB;1!o`0W5yJE5oIkAh4%H%t5CPs6O_4swIyo%j#}ZEJIUoG=peU5E
z`}$n*c1o#0iyw;G4E(g^qdgU^{_=P@QzA#tcdKP!TY0rsz``#D9*eiL%;BZaCRhSZ
z*~Fx%aZ%&^DCQQc2ojTvDakoJSf9Du@R0}4XVo{>dXdq>l)~FPvd-NGVV27SU82>Z
z)&&GOrBb)&A}g-^GO2vSNp+SURkvtA@FGUI^$f)p1W^dH%suU~xzV*i&*=QRI(PE2
zlU5%ffqcA^gpZbkje7qMD*TgxjLlnRn^wOk#R@p>?ft-Op!5r?)3_Cgt<n3Eh)gxt
zKL7S;P1nsH<^PjE^YUNxulVRoTbc@Q-?7NE0`neiHqE4(MuzZGd%qa>Fj0jBy<^$x
zeqgpl`(cXtb*yUlchv)0C0rjKv0Af(@Bw?@zl~g-WN`W=mVPeKkk{S;SwcX)W81DS
zN0@7jXNJPG4epDO%fRsMihLq=gdN-^S-2>=!5rC=YD=w$gT=5w%2;J99LJuGNMIk7
z#owVs{OSmmQi0g019gIvv;<?c=hL=njdbA+U_SgL0Qhn%GO)1yNUnae>upxgQSTHv
z#?`31L>={vR;W+4CP|pSMbpigtj0MN5KL0E*hrOpJ{2_h$o>KDGUB_f{0{RqrPj|u
z%2yK9u|-#?_$hS>`WkDjfLvRS7U6!H`hkmfrRpb~i5A6NAVLQVYA!R+@_wNjsT5}u
zy<0Z&-vXXLMb$*e2a?U1{{GyBbal3MkGA)lH{;!@!)RpiJ(%57rfbJNKDQZ68H%`v
zycqbeG*}Mk+x^bfuqn1IDHrq{J25OB>C||MN7`Nqu;0mJ-OHPa*KYr$^`{UT+>OMj
zMw_H-*X~pP{3xjp{K12%;I|a0J)4nL-uog_Uz8S5dN!Fpg=toYHS)`y_V62hi+1=T
zP15lf6L$P0$K-?xUuVz_wK<(XM}86QXs}i<yDfydoVg0L)3__nX?_I>tI<uJ-@#ZA
zatYbTsmhYA8_w6Im9S|O=`I~wBgU4y)c^muJ^Rb?nowuRN~vn`g^avBHUHY~W+(Ns
zAG||!(>pFQi*$*p@99$XWc*@|jZAyk->ITs=%!qKFYHhMLwyM?UPD!3bXwq{m5Aqy
z9kb~Cj(XJgO!)3x`1V}5NOJ+k?VCd(<Y6dg*lR<nI%|=gsQI&f9ZG7RlMs|NXPzeC
zLo38$g`JpR?$C0aqBb`H(~)15XreIa+mHZr@}8I$#u)W4l=AKvYflG{7#thfc6@?n
zc;c<dJFOlvrnuqg$F-8j9Z1wlMMHNPq7Xq3C_X%ei)Q@`rX(A6di`zon#yxjlU_30
zOX}*Ax8nhSfu|^)+rA&Vt~vcFNr=bkuU;Wf>x8H}u<ZwEaWnrAGeU)%Z0|0<2lxJH
znX##hVF4r9;!MK@fXoXdR$Wg}+Xpuq+I#cb<ZkWC$%cl7{M+iM5S#G%hNsd>vB<Z5
z0!2GypCV1~-r-lyJ8GqO^tdn(k1XX*PU{Fdzo^S$t8r+^@_axV9Nrl#$=sinzN0SX
zK3nl9p0md{>{|(0Zjc+Y+<gvkF2+D!{+6_r__NF0az>N*5lrIPWW_Y}%g3ouXew0`
z_d<<TM@hWl4PN_zFpD|(mi1H(#|0ZIbe9sB%0`h-$sDDIS@L{4BW%uDZF9q)ij?F(
z_537svuY>${r>U@u6A$hxD*;}U=n$_ct;&~rY}nY=^98PhA(67^j<9NG=YEpH2LgH
zFAXXd?z!7nK!y}8|F;XluMcj%@lrjTT`g*g`10*0SB~fWj_Wd38=Y@=8oM1StUq&3
zE8e~PTrVvqtU6wF+LYy<?r<L4%7E3obA}xT24v~-z|Wz62S~qnENKIZJ7CENuSEJ{
zu3mh<Rp3V&>%}LX2Lf}*r3Y$Q;>!5?+v%8Dz~#$5M{Dqmf*D2VQGGODut-7Qe|DD{
zJA&EuHeYTfFkKpMO6no^NTKMBFV-_?Id(Lh#H5H5`oI|p!ow|7%dh_t*?fl8H^5u$
zuZRj6&3uf;HERqkIITNH6gAeEdK-QLa9_$PxHn54W7C!zf4s#F7s69~{`u`W^Mbf<
z1JyQCSJZeD)kc+OO`HPt@^eN?pnR#<A3KP`9R2|7CXqdmp>p^4m?Y5m230s_N)PJ5
zMehh13Bqd@`6$u_i}A|iS=2`w7KMGN2R}BI!I?=G2b5DtKcKX*PZ~}Z%w36Wy2TDe
zif?HS(HS!Y*=4Cdg-6%}$vLvqX!Ye)h@NVeulGd-K4eR1=p11u+*u&{YHlGG2>znz
z&u6|hSSLYw0qoz<s}^jNhR(m~wTP5(xa*aYcuuh6LjcA7*}2ue?K>kI3U4`81<tBV
z<2wj@bkf?q9bgs9r||Fhb0<sAW_~>*qDI@iGJVSNj#q|le8HAU5%=HD1W58!K)vzw
zT?{)hEtZd+x(L09EEL$-e*KKT>Ci*$`e+Gt0(B6lC9`~&?yimu5oG?e5l-Le>$`<K
z)+pnco7#THp663VUtdIAExzk)vq<tVsc$_$ZwgYA=c1hZT7F0!HtIT_F0?hO^TF5n
zt*rl|oBVAQEU12e$<mK(kng%#pqq0kxBD0gmw)*7KnLH!bCWA<&KxDbk4m%v`MI1k
zH9G(8j2O2cYWrqAx!zo=JGA$YFZaTiTo3(H5Y@$wW@5x1x`uWVuO+DLGb0Gb=tC^m
z_rLsBgReVJ*j}B03~-VbZiNCxSt;+DK>a1@DKdq+;0?*FOEm#Pm|1^>9X3V_c{$^<
zA(<~+bKo>^1~KrPAY%5$0uzEPQH0*$tw2JIgZG4hvYQSbWL&koIwvSJ;U`ZQk5CHE
z?8^VH=j^a*K5X<E%5=`*?U(k$uF$4L4}i$punRx0ODu?z=x%5NK8&gGK4`6!x0#f@
zdnNr!N&xB+@gi1XzuocV9jQAH#cd<)hsX9+XBa)8SWQgo`%RdzrSd+`Fir6+hz9aN
z7s@mKl;FOOK6X36Q|<V2hGF6&s^WXXDDYZGqzpZ|4XCy9;zV;ALMWHKn!^}|pDeIq
zmOE8lCcFACI`q5hh-t%S!P;S(V)!3cx<kc*$<{Nk$xRdfXL9shRPs<lBgC}<x+>mg
z)tSh`d82$etH|OeCdfLPV<59R%m0VRQhEm$hJF<)poSg8G5$G02kAxq0=HigD?QRO
zRuk{ovf`p{6jsG8Sc>Ndv1+iYYQ&LtU~0^Hu%{zyx<kj~#ppx55F}WG>wFSs;Q}I<
z@85vuCm4A$V&-CmUq+0k)LF6ob7c5YU&13X?i}|qk~4J&(AE3zR#9uz%gmF5#Vzob
z-$+?0!jnmKVvNTxP-0+1!qm#Q?y&^LVu~%Zgua|}@icPr#yF(;nP85XATJzk%2x2<
z({<m_nC!WNWbT*YRylQ1$m+T<vs!XIlE}`DdWzz2{>L$s2O(#_ALW&WsS~NeP)15t
z#BT|j-U??@$xw=0ATcC3njfvCda|e)Ojz;DWwjvMC3M+X7~VQB3hKNlr1;@7*!INb
zu)?`wqN0uZO|x_5_wu1pLf^Zc9L{7s9!zt6b|Hc)M%tV)Z}5qc93m9LB|y-Z;rA+>
zV@|8JmMN5S>TR+YV#hHI<7Fr*e{MbF<Ay|rNY5rk+FlN`6SeGV0H9_qa9bEzI1(@d
zeUcfOZAAh_j`MpG1#wKcU7<rKM+B-Z`t)DLk$a4Pl_87cvA_z7`8PoB?97GFx_nvB
z0*b5t932nLbnsPP4@bb_58#ne(Sx;fc6S1onUm+n>yCq9+dD(KC9driK$G4-U<$M5
zpAYPT_A=OK)Se--kY<>fMpnA@PQV#b`l4S$klA4Rx^CJk+Mw(NV|vlGu3!pJ75*sE
zsW$#Bu~^EPd=WhT7s6k7P}HP_`5!VFf^@-p>l|)|V*t^bh!~Nt?h{EnBLBcy6c!1B
zGITTUrBcCX5oysu^8_T}W55QjP3VMX*&z;w4V|c2h2L{$29%i)egT0@ScuSnG^)`1
zF8)7*i^BL<WifUI$Knwpa=sQcQ6g@i&uQXTL{V)`ES`F7;5v60shXBcgFph-z&i*$
zLXAv9yzFq#_E9ObHVI7V_$;^^wn_*LSroug5_d*|!J{cj1RRQPP9ozCI*t7O#A0IP
zBxX7u4Ui5hhka)|fumcFcA5j@{=_q$EI8e5>Ja$fO#jf7!$JjijFY9kha(*&p~}X|
z#&%dq;T{iwgpL0O7fXusYCa8Z`8LlU7HwV1WqiAri2tiBOO_h>wiE!5<9qZLXr#ff
zS7}}%?=~`z8^-M$f7vah4ZE9u{efWeW^g9C8MwA7+!*|ZO5~7SVW{chU)jI)exSS`
zlj_}SQbZc%xg-i_9R-Oj2d<XKU5>wTeJgzMTvs`L2_P+~;uiMIcEV|pH<9|qIMmk&
zh6DEhi9e5-(Op9QynyZ3dKNdl#hhOwL#U{tk?`G=B$9EAyU6j=_{wTazV$h%jdkZ(
ztO1gc0;k}!+;`2trw@3y<T5dKcV*|{eL}lVKr;X-Y^;!sy^ra9kVp*$U7#**f{UB0
zkkEHaBTFk=N`snF4ag8S%xZ9$R(Y#JuXFf+QX>8WChGK=J<Ny{KHge!c{K2+a*td=
zn!CFFVuY9tQJ(-m`Rrfade+?oZ827D79L>^-kc94X(ULRqg(|RaPOKrt>~Wz$*_=D
zOGI?~p_3UWG;3H+Pbyd2i*|S_zC?9TCvXxAi=mmkNlJ0>Js~%3gjWhhI;MCMz@3jB
z*#*6kXcK+g2zN;4Em|8tR1a<v2Sq{TLu?C%>I3kvFN4ERo8+gK53`rBx33g2<t+On
zV;507WDg0HTdUzK%A@iWc(g<17B!;9mQ@5Y4*HLMRofNbEuaENYi}umpBq?Wu>6kL
z#1POpC~P&%{DjOY=m_d~Hk*mx6zP${^Y~&o^K}ZpNWe9M9T<yyFu5G>;eA;SyarI`
zgD9W-A3sdt{sHZx%_IM~=NdnJ!E7PrDRS)jU6Pm1gf_5AI%?Po2fbFQe`9vUxFdp2
z)3GR;uFdr$Uhujqu<&{Flj@CU2Z0v*!g>5e=N$@<?<19|CU>%f{(u^e!g75s?<Z>8
zmM3H8<7alo?mI^jUWoxqg?D%)JpPTtLcN<c?{Rm&m&W3K34E@P2X3h42kZ9xW~}{Q
z(1$huU{S6Fa@GreXXgj6&f_HkR1)vQ=^{YsU*VJqys#7&jGgp;_hJzZ;jxuS>AQG%
zvHaFHPVR{(Eg6_lPPvC(h2-px(RhnGDx3m*W5Fne+t?Et3a>2kLEF?}lg5fVI((Un
zFl2~qVTZk?4Cxh(`OLv)soK9wC#bz>KvSZF`g+(kKllWSQb&gjSBs)&!c6tZdOij+
z)f^{+Bs|@Z&=o^W$J6bPgvh;Thlz17nVfk#?T%0Vaop7Adpu_L7i;04QV-xi(qN~u
z?IiuzeRP*XKH9P!q3Dt|FB{|m1R_vbRU`AcgTEIP^EiDO`nNQ!K%vDmQ0qq-Rnp3&
z5f||=CCt8g34p>7`q}T&2)~^>M<n6&oT4WvpN7o?W>?@2uqgvsRbWx}kzrckH3rpZ
zjCnt!S}<oLa@bwmt+}!P)AG%;^BSDDx|W+=H`zW_@6ymO713+@Q(uRz(p!ZahVSH;
zu}?60qUT|hi~17fZU_afvHpE9I*qAE-TV}0ObNVWm@sWhNo$FYEIUkY?S!7C>VfOE
zsK0<<pVyc|&jty!cc8U2Uz~UgsQ(4k=9MAdE)sv_?fx@@Ecy|6nwj?e-wTpz&=Mlw
zVZ)3!B2)e>0{!o0D`OX>W7Y_+Wys4>lQ(67M5yBtK64tXWdtY*8TAcS<SQn*Pa5hd
zVAn)-_sVuqWyjHT;N-Fmq8sbGf<H;v{g}ZQFgmg0b~EgGGP{vld%$Sh8s%KFMOcl*
zq&&;eSAJ<N5kiN;(<lWbdk@Pq$^`=IQY*^t(3(WZ$j;ZTUHfx7oIQ{R`_>(9VC^TN
z>H2{qPOJJW;XNx#J>CUe<QljD+d@Q^<5aPX8hld9%v(Kd*9)b&SHNRFad(5^3o)=y
z=^V)8O~T9an~aw~D4`9!rOz=B$qY;c?JqMn27b~(Zit{7a?!6s7gP>Dm+6k6X8B5U
zKv^ToT>A>zw&Osfn4R0o_gBTHKXT<Bb};dZct`la(Tzy-0S~eJKtiOFqy2>Q_)Z8N
zq$+&{PzXEp8t`F;i2IScshRUUv%JpWxf?>w-2}SZeEbROOWBLT(puk?#L)u67jWsq
z^G@1l1<LnM=QP-9IsNAs3RuTe7yx}&Coes4x%u3Qbk5JPVS^Q`k!6h|JSsNCB|#pb
zM#A@1Z5Nopmmgfg{zkMz_>GVXsgFjT9=wgFD&+`J5DhASDmo`#rV_t?hctqma6*)Q
zhI23^S6Pn1#e4GurUB6ta!JGQv@U1Kso^St=B`>uC)wa3=qmo5?pzm>_B8YkOlSj%
zvzKuqCIlv}{N#HT2Xm^gumcbbU|ARu3Dzo$eaY4W5$%Tjp9yVEHYU{SEXA7n_xL=1
zh1vW!B2+<T#;@}Q9K>=sv!LWo`AEO!loYf++XcTYySozeP$F8>QMU#1S~ybydUV?F
z^MB@+sTA%trhVT(+SdM1URutp3Fg+Osb-(HYVAi5FS>}hx$k-{Sn_Av0;Qjwi6e-`
z`o-LS@@wq7lXkZiv#OYrzz@;@AeUbis9o7_vkq#rrXtMYXDm!*u;Qx}tHO~Tk!$H(
z*r3$_U0#Wt9(xNSBKUuDnmLi(imf$l;B(^sGxx*G;-u&W!Q-{WGxHYc8EcY`53-Gj
zBy*kh+kqmMYL&6>&`jVZV-C#P&%XH3L^Scgmd=8qs^{y%7N|%HDBX=ncX#(C1VkF7
zQ_=$I?vn2AkXE`&kWkP|N_wRvl>g@UzV{Q%J!j6IJu_=P>y3$MMx)+mf`Zw2&zd(G
zp+3HZ_`MjgCnUJ#MCxy<^UQ2?nl`kv>jiF6M3x;JZQZ-cV~e3@4KD-jRWKH(ap*7J
zgu9*4kNsH8Qd{hIOjEq_PDQaaa_wCSY!0MS9&X$eB<@|M8!@$H_gNtOXw=>(rTwXy
zT=lG>nKhi#E1tI<jd4<M<8{Y0zKMru3YtQQx52mVpK6UILir|=y)?b{L|Vs%UxK^+
zCD`wOsm-!8Bf*$~Ijpp+jPLdi5#4t5$}y#A;`tau%A>#Daj!p_&<W?kT~oy|?sRYX
z)gaV}9;77qEACb!eDc<f9hv5t1^Bh^2CNhQxG4XA7~@~=&Xb18%sURUpYCf0fksp`
znLEzcBK+h;qjyaVuN5ft(xBaAdBD6BeRtHx_FEY&EZJRRi%hh768Y4(ma}uyLj#{o
zkx2&;ZOs0Vqcgn~Z};qbvTeps0Ky>)7n8THl$qXn@m21G@_zq3pqGe1_|4F!WPH$9
zAmY@^bkIlcUGU$2QuEY|>*(UigG-LQP;9b~SB2-fM-^i|tv!#vMyi4-8jN8*3{R)C
znR&}T?VjFd&yPImHlWk)V6DyrKt;5QEih7g-;1;^q2J|k84*lyC@9LQ(#46kD>X$&
z7Jido7QSk0fwS_Ksfw<f3?L>-8Z2(mRk5XV3hzHF9rzL78*<`?a}pVkQmC7Mm&xJw
zF0sOM)w;TDTi}8>q${=l<<z?V2dk7hU5v0NS1-rcWTq4GlOVUS7_0>`c8(X(A`WW-
zVBmobXBOdmQ)^oltN3QYGX<pj2ut6|oaMj}u+VfwdyWDO%rQEi9W=BKr2hAS)M-Zs
z;3^4jLSawWo|9`xf?GGb@-jm|g-b7UH?}9MS9NlSgw*}b{zi~X>cLsXjd9`m(+B#W
z-F`mKEmTO1BIA~p<b0@6qrj=Bq8F*O+gwk-2RPnjXExS#u``v84-?#G6~fDV3P|=O
zYPrLKXK{7bd@+d$bx|(4_>_Q&Xw0%tCeE0MH_sC^W2Cg3RtHIzpnRN17@5mJz(TBx
zD5kRNvsVCx(wAag;m$C&5E%!<4TJGu;@eQQz6jMJgZMda)I*<KbOw^ifDavUyR;6W
zdRu+-cl0F~GnlPFx=KKa(_s8$J|2|St0srKbFG15OPQ(X#vt)RKn^D9+pVQG<tIki
zpnx(gA`^cn>qzvdR~<pJg0emWO^STWav<<?yMKaO7Zvl~dnVhWj{xZWQY)`hUMgc?
zCcxfKsj;bdQ2J7aQH7Z2s}v3s@&kY<E>qZG1<^SkK=`1MUdIT-xp6g?n`MqRD<<Bs
z8h~}X^|w7p$Ul_t{}bSHWY__JE#MG6(6J~gIE$yYx(8j@MOvR=s|6a10JU4Vqj)kM
zZrJTb=|5*-L;1UnC)Yiu?aG!b>qNx|c=SzY8bQ<Eq3`;e%tql+JSw`-N;=VDSBBCq
z`uqc=2*4~eDUso*fKBq6Oi)?tV5<K4p@Zrz{OBr@=8w#~np<r-cIC`DXQ-Oh<z^{)
z{c)V%iszCRe9d4EJDqL&S$GoFBnqh!q#sO^Hl*0m`yAQLk6Vc%;!jo<-}{BIJ}v8e
zb7c#V`(z|QIpCcz=SWkA#TYKc<&SLauGUW_Ns0;Okmpch4<9>Gjfs3DVX3}X@TgLF
z`PGj$2bjJnBlm@9x_|Ex2la+aBVsTrZ3!4v(WeoUt?t#;W-FP`1Rk8z-NLTWA_YAe
zvvC*`%K)Y3#4`}p#6EL%(4QX`YiX?d-bgnQ{&Q%2b7MsM`*+HA`YN_itSqYS^DBcv
zK<4eME`p*G8PXWM4v>YqS?PuQ8xPyP<q8G_*y{r#TiCEl_t{Omaa7#fnMAhn1F?6d
zcJIBb@wnTB3jKObG;N0Hy7qs=o4$Hz7hSey3pTUKFG4dPW@3dczIA+zSdda_?h<H0
z?L;yBrE!SjP9c)Fj*suncmmwW6j>>3CsNBo=}xhVy_r=yVzOcz;$^o=3&P;Xrm(8M
zPvyV{x$XJmgxUJo-R?p~X|qvnkjy((O$B{4O=bjwzD351>p}qxd6|?->lt4j$!yGP
zH$P|`%W#5^>c9h40GB=^?B_NQbo)~Mk+fIO@Kdf+n`p(qBk-&MDAGc9<%UWJ?)D@1
zwzysG$#`?Fc=`?7c3^(IWI1BjEiwoUZePE%^X$P>4coOlUxmx>`Xaz;aKnK2K9qOX
z_rRSeVILf{K9Y7N9|<(#hN{kEKekvKtz!=+f&2XO-M6SYe5z$LQXg^;GPE^eO%}zo
zIzyI*L}R9^r)rt+sE<Q__LZ7jp@z!KE_+gAD)lejr3|3@736GMPdx~K$og&1`N~%M
zQVAQ0bMWqSR}w3hdQ&7drxTV;GZxNAasd|CCk0KEVcH@g-`Y??3{@)K&H<ISR;)?1
zM_B5BwzsF7b%Jxj879oudmo|)k5@!d5L=_jtIo)iXaD`|U)<tUHuE&k_<9uCS_C77
z(w`sCKmM$BteMfELF;V`2$Ky1L%J=rQOcFxE<z5J+Y}ENocekLDdp!h6eIxCRTakm
zB3hMgTh2+i@VBwT#R=#eraxr)y!X5%NO0tg-19$1@L4<!Ms`&wy`cJ7IuA{gk!Jlt
zLKnfU<ub=T&Dvw?PBt_orkr`ppugf<)4PgugxcQA$f+{B@}HJJ1ec2=El`ISgEAry
z(c@*P%>I7BY>Ge^qv#QH5!%e>?v;82gB*YNlR?E?1DM#9Ls7WF^&-M4pS^dy;{zl7
zT4VlXa4bs?l~BKxl=VdPW^~`x&WlLuBI~$G@wa7lD#ho{$9kWGvct-K?6s;~=?Hka
zacW{ya1JE=>G!ijkJ^7OaymD`2=%dAqU?#v?U6eXim-MThqXG5Rb{>V7+TW&kf4d2
z!RB8QV`XrpzZ{)(C`!D`{*#w&B+GH=H9Lb6xqN-_kSU-}e>Dnj$2M8;-f;@K@T1{(
zzGboMWPJRQ17BLL`U`k;)QWxV=O2F)U&7Nn;z%H-_>Ms~zsv5GOS*iF*vc$j65-Q#
zIKTCzcay$hO=)xf4UF|&@lNq?+;9*mJV7TIZjoWs9@w%zp0FmuO2PJfNBowvCV~N*
z^&DA7L8*8a7#n)2fB1Xy-E$h+<Po#}ZJN#z^y`=m=K}YN<?{cCWShkzho!9%P1s*#
zbiN9v{w{L*EC+gcKQ{FKmtVbNB078YL~9lL06n3y*4`c3DtN(bp%%=!{bxhsuy8Z1
z72g2q^vUGC%FzDhE&^p6HJ3T2q^<SXGdHd3828e<kgme{jYpn9A<6e-Bg@E}=IU1p
zIa3}$w)X2TQEIryO2o(0MyLR&oz(&<LR@*&j5Gh?e!~yMmN8Mm><`-t%~3JzZ0S&f
zEK0;9Ek8y5dEs_N?S;g@ZNGLV^RuXbgSF;xeIC^r%}_THT+WK2d~sFG-<WM7X7O}h
zYmL@Hf3w-VVptX8VU&Y!5IFtZH(Y26kM|vM+&0{SI$_3e_A6>H3xQ=dCTc`-9EeP?
zAJ$kSJ}?<@QWs4<W5o0?nt&ZDxg9-(SSXizi<R$~e^QZRXV4W7d|_cNE9Sz37lgfz
zt^Rfs{>Cuih6<k2w5O7tNlBu5uZpGFExM<Uc1VZkF|S7+R9+()b3Bvkj;0dk+#RYD
zjXQKRn(6M~kC(?^&=lEpZRBrdxnpW_GASZ5Bs?oP+Z9w|6HDo%zvB1CJ~BTpHqLb(
z_sW`_@l0(l&tNu~W`a}8Q=C6Snap00qwL9Smw?g0cLhTv81n6j26|G4&STtnNH*0I
zLPxZBzzG?^xeRFT)dqT;4&ui8H&L`&eowASlK!vbuVLO(pV^$$%DsJf7x_7kh4nJA
z4#_Z^Eaea6aSd=^o_uf4s0w>rkEvIOGnMYX_AO3WkQ&an;3A<l&uzR8)`3{Wxu20V
zUq^~c{Ct5l5Quk0=%J%%iGgt|;_DC*dPf%ZocjdUyS{4>0#=3JkvYPTtAe_EnX+RD
zOx5Jiou3ye^pkC4cG<j3HVV2<tv!{+^K-<}uqNQ+M|^;BGtP*>7uB^{gOi)BkAV4W
z_B`9Wn5N-)#v^w5ZL#W3{<ys7=HPt~t3Ki;A0}a2L7VHv+w4(~Iz1kp^80O*INlU~
z#o+MF*f0!?{;1N1c(|pzl8_SbrUd@dWy6IwgQh4injrC^&fJmI6F<kSsMHsHDZGFc
z)_(4*u?DGDlUY~YN#`LjGp0A*);bR6wVB66?-2C#vqhU03Csm@!nwv$0+~wX%SkRR
z-XlzmuwD#ktCQ{@T0sh=xz_0Pz0@nmRrNwdz}M)n5|NY;#x~j8`F<^NF>Qci^F~A|
z`h=?y;i;7Bzti8ZQ6YA@H)kxWc!*yU>5;5hzI^;piM(x4i&1DuLGc4!Na@g?p4(fM
zgrgi9?wN1;GqkO7yD+y-x7RwUzCX6|QAjgqyN9pS0ui&T+qpNzVo7oP!sqe-;#pwd
zs16(i$^5ZWqn^P_uYQ{V7uPgy2cdD5nvkoht0lXw;NdruXGil4YX5{EXi;A<w<Jcs
zVxN~?qmb%{O$zK=RZrX?^5>-G4>IS^J~gq+Wzi{PI{NT@6_0_Ny;{{`fvaI<Pm=N%
zE+7>c=lbNvE%+#XeVmxHP|B;_Qtnc{Q?o-<%E#j6{B`VM;6|yBrPaY_8Rum$Un|i|
zm9tls6L%T>Ju(g?0a(!QW$o^Kx9M%FR2DaYz!z<>d|$Ip=!6o46GMG?MBLV$l9m?C
zqP1l#!AlWwIvY<`*$_nQ{6}MElU!0w-sJ1jtIP6VDiAa{X<<S+A-t3c>g0@;XmY*g
zEYcvppue_KmP#YrC(Q<9*aiY#+Jo?bLqb@dckd{#7_-Ui$Oc;4Ij)%e{QFgdNsvF2
z4Tjy^8%W(__Vo2+c&;0Gj$K#qoCGL^R(1#_&$2jVs-+}r7M+y+xkzt~N+)vY?$F*L
zGM7VxM|-vXRVJ*in^vvxo|>!L9Iz#j8X>>(@VGAkWBm;0_$(la56Ngl4PbL<fZ}-i
zvD;B&#k|EiRFoSTccAO)``*Y?Y-*y!WqWi*LAvf))`=Pi?BBcN!P5%4aA@M|@G|%j
z(uh8AfCcQ$0HJcOAyi^Tg4ox>&G~B-1chjnG@xUh&s3MHFOYfC4-fOZb_WZozKccC
zP`nsuB=QqUY}s&GLILzw)8jIM!|x^wE^`tM93kij5lv$gxaa>?uF8O{1Y$|-pJx0$
z9Kt0P6&Dc}<7&<uRe}(|A#++0^meMmFg}mO2YiHIWM93lS^hS9mw9)HPd#pz9Yl+p
zKa-DujsOl>0Lsb>@vFjlm*R01N59Z(Po~SS+kKx}I2#?)7>^)@3Ql7+9h{VI^r&*?
zm0mw)y+%kjbD{rxe{baOZ?`O$AjKaTq2AZqX*)k8^a7#EaF$J%xUa}jRkG&MRZCdw
zuT%9jht!UwG^D~0x+GdS=!NP||K8r?Fzq0dh>M@x5g+$pmp9hwh50+nd0}X#aG$)|
z_6s^^d!Aj)Y*3kL>$`CNd0b2AB$L(SnBJTed+G2R5jg9L+LLe1U|j;h=6>e<j35WE
zu|OdO@Zgqk&$E<0!z-JoAtuK7wnheu@M_X1H)FA!lYMio!5`&d__F~leMnk@Z|Ngd
zF;-ZKq54g3G%0y}<|MxV9(Bs3kY_Z1Xj-oEgADofAH(+ct1;BKtg8e^wCh;E!j1~I
zyU?*Dz6ecdDT%!acK&GKX^4)BCu)xG$Exo}Pi`>)WgJ_)^4onn!(O}!RBq)9U_z#j
zjjR(6^Z@^O8GSfPtYr8Rh0KikB%9NlAYV<dV-J+9D@oY%t$TsG##5<BZQoU#zp7Ps
z#Ugf3PA{yjQonpM>auD6ZEq?uq1=-}Kgt<U>UiAvV8rG%6H^k;)yQ2mh}R+mEK?)>
zeLt82YHQ-Y7l*t;-p7=e^uisocGnX_J0WBN!2FHadWOep(71#Naf9asjwBX?$~@%g
zecKzKqNqClo=o?aQ<?~?-#u!SRy+-rp_kGz6J5=76;-pX+D{>wk)E-mC{-zWnQD9j
zmR@re(E($59S4$f+yrB5et}k$y=LsP;o7|H2nXIDFQy;C5PSvrI5?TMUHKf!u5Hpo
zJrhDOObA7!+$O><h}Fk!;+4_RZxM)hNi{%L$Q^K;!`HAq_H1RW2{Hy<1s7S%ICIVG
zmoBV`g%RdDPMPJrB@WG23WB^_964M-k&G6vSbkZL3-Q2nJUWqJ=9NJZBi;jg3X%J*
zA46TFDj9*v`nkNnXOP<Rp@o^Fos@@D2WV?=8J#PTw>U$uf04`2&6~WV-B|khL9L;V
z$*nnhRyeLU9{epeUR|nJIH6kc=7O~N7(t~~e(h=zM@kfiSk>-lm>+#$y9*N_Lvb;>
z@!ivUY%ba;ZXPxpgh(hpFW0YYGhT)y3C5I;E?w6#Rook~zZ|N&AF9`@cc3~JC#$0F
zpZr;_G}w?2l9TXd7n)U26eQJ@)KJ|CQP&=XixW7Fj71tF=o{5k)kw}579bsRQO*`X
zg4$m+^5jXO_5$W2*M}=FAcA!^Rp{-A7$M^rBGI!a5qhzUsj}MHo;}oh$)cu4xyjY2
zT|X-IHF@MoiO=$B(K?3t7&vc1^9y{iOew~Pu2zR6JbcrOMEBZLx=nzD2!{yExaZdV
za+pj)^R20)42h0rQo;~i$eW54A8$b*Q^7mq!32>BEzg)2$r73tq}#%13tNkrnJYq+
zYSN_TkWJ_t-bT!?lcqG6OC*j=w~{7prlO0_7<lrE%|;Rx<LB?pq|7k2JwCn{wHzuG
z9(Edq<&a<3pE-tELqyiJ;=a%U0TTJ6HGl|H`uo{iO*f?`OHs0B2Nq1UUV9Ezk_Gu~
zs(;3WPn+Mb5#rWiIp7#jJ?2(2Z4eB4`s3DMNayvMMT&u_khENg8K3A;`G(D<S;Y}+
z8Kq6pi6!R-W_L-c^zq0ck5_`gdztl8B5Ny9>p%!-Rchq^%EOrRR?__t-hmoF>d-_{
z<+OvGCrx8IopF?;eX7=s=&~N`OD^!P(a+_b)-dKBSfg}j;=kqlZ~Yvr3sAufUG(5x
z4AyfMETXSeUJ_`}G?18~Mni+*h}LVAll8ei^7DEFeQ>goVDjDz4lC9)nirmQtu+fs
z&wzQ1y4lDG+qql)`)$<6;blHxkt^V~E!yktQjsGrN}~Y*(gM@#)Y+dN?Pl895#$<@
zzKSOr+5izPUUa2rI%c{s^tad)LvghZrLSU)BF4j*_^nKqZd6E4iy(-#z4y~LC7{5-
ziGq-;#=9g3)*S=9JMsuE8~Nn{ryJ&-0TL0F&Dvj6=joleRK+t={r!>T&;j}*|9bhl
ze>9oJW)gx6gFwqKaE+s0c=4069c^lY{=L_#X*w$pf=X}mUC_|g;Yi(@{ldSHT0`EK
zfwV*aN=Vz$BFE-ti^6bE$b2*orcqKn@1K1Lod`ivw$#VErpA7&_D4oaMZE^?mHVco
zLqdL&n?%KosxaAp7MvREo~+3yEJM!1!=tF(>YUu1COH=Jm4-L8RIhNqdA-mGhGf2P
zN$CB$qQyI-<T^MhOA*`ScZ3oYBvDtzJv-%g#CDMF`Mo+4S}%G%kQ+nalEmta<YMg4
zrkCbkXZGX1lr5~zP%GH;e(DF&aEokCnFTIen|hW6I7{Jn2Q9j&$k&fssnOl@gEh1t
zKM~@V=QG4OfG>62j*w|Jl|JBG0OU>1a-^$fm`5TDH=)T=%fA>bKS?pb@*lFC&-_Fv
zguH|$1XkzG0mXFl^q`>`2A@m}v|dJls$zsizm@&bUU7J6b@V2;u2e6{=o}=MIe;kU
z?pLgGyZa29P17d5m3<(!{bA(!5v-h=sk!Ef`wGFE&EMg|bfK<NjL9ZC#H2W$6U+<d
z7k}rAA=Ub!r!t;e+K&O2p4RySe6)PSuf&YOfyiL6usByBfy!jryu4M~9a2iELz{cS
zaApFb7SiN<IL{)tx+BPiVru*-1m)0lb}WXna9pF|(nG4rL1Eq@|6rJa-~jC4%uEj+
z*win`*|{04&<;BRg<LqJ<pd5yUnFC;>fmEh)DdOf=?Akl_tq&~HDK%-QhZx7ahGCe
zA#EX_CUI^$>*qHnop<1LFHLhr;mYEn-S530h%fs&h*i!-Hm9BR3quK!9A_rWgwyrF
z&dN@vI>|p0FX-qTAL@NyReM0bP~FfMX}!@`cNEPKE<`aDC6lxq*Vy9`1>d6$_gghq
zZ4E!6|7L)7wo6*UOOh{GO_86I+^zcc#C_hszCa8;vpI%S1Ft(|C!PP!s`M_;ARLt|
zIP`<)pg3GP+K^UGl6+2jnl+unodVKZP-x-cFM{vT{%%}OU?bRQks%Hr%zT|#$e25?
zQRD75ThMZcAzN+=0*R!pN>4<|CSDgiuXziLJHa9z+_|iVL1kQ|Xpl>hG3+di+ki)S
zedaA@7k3m6PM^IfG=iE-HDD~ae2ScnB?&Zj-#Xd9mKX{T`|8esse|s2VHD;^n|zwq
zIT9!h5C{wLnIg3BFChZ9Q}nX4@&}(->~=K6-!p+rnFnqIb0N0t8Jr{;B~FNR9U(8)
zLf-FcM*yW>M&FR+txY%Ae<p$u)*2JmES6xT<nkLxYI3@8do8T9<Jr2U>u&dAUSq#n
zt}M%Y1Sjyr^J<z_<{S5a!4<$2d(4~fs@(jc?ENQIcv}boGEpD`1q?a1pHhz9dX$|T
z<8PMpU%j?Q<K7W4T;wa>V%d*{l1ww?xCFTR)U)IwXEu__msOpv(8y+9ECzh-4&_z1
z^Ep^c%PCoI3#9%~S+7ZvKJ6<zx9ZW3Y?VHp2w%m-RCh&3|L2lV;mstT6cdzGdn>ZJ
zPq}uC-4oa#+Uz8sxLaLW<XeJyw9!y(u*(C6cPQ_;Mg+uGkNptd@%_si)}+45Z#{MV
zZ5%7|aVM)|ROQw%sg^o<q9E;(VKfsH(>fkBDH?vn)v6f<AAR+Pi+Bdk8H8-lF}O(s
zVRe1TEht$de38os_U)_VZu=Ivh+Tu7-(Jo7-O-UcS9})flkAq_SBE-2)}TaqrvAV|
zJYjz)z1uNXG9HKgc>y{TbJ6svL=^2deLAtQ%-i_~aVNu}G|QxkfI^=NM^9@_>|POy
zA8f(QLqyxj3CWSV8s3L<Q-O?@hk-x}6~5f80GGvMYu~#{RhIm6e3%KaR?h^LXzN?u
zhA!*>&T=#!31thuFOcO?+iLAkhp1cpQc7_)0T1n+*L)6_KYFqtSWIjzJ*{q=*on8z
z+#Iev%b$~~#~ghNvBhpP{M-K%2|*`1WRtd51uG=$<+e;WTlB0f<1)0Z`g1giH0U%q
zy1>T?0;pSGOFACe0FyL<e|T*u)w9?pGL6F9&bx`OVed$Kesa3xJc{lgW~!I+{XcL+
z;<_6iS6MD5OX~4LL9*uEe=8%hcc*mnM&$Ec>$ZZzDykxSvBKY(0CMg;+}cKl<5}_-
zjMjMk?WG-h75G9WPfvfBXogfpR61?p_^!+8#CAmGy*35_Rs%qi^oHw~)3tIG4Xq+B
z#?B_~Ow@4PfUd>kS|Z}eoglfM-pK18n9#uo2c~-VDWQVIZh*6MSBUXE$5cWSJZZz}
zRiC=g`luC^`|DBXVOsW~0U*=~6pZ#WY;=gN#cWgG3`t>x$>Lmnkx3LwtTb5h3og6P
zow<1~#clbl!mXOn+l<&LJCZ!wCwGF7OG@3NlEc}$SIv34)+Bl)rH1{}VIkbV!2SXD
zrPqR*JrQDImn&(i^|W<clY{bGJ@$@Ne#-tDk6CB}=H5#s33fbj2`Rs5vg51uP}W!)
zXABdmObQk)eHk;61e%+F-OXB6sXs9Z8;m*gcXlcFH{+XTPLfxfiYz`K)RNMM2~9y%
z!WrQ%lNZw~?Hp#<IG|nCM16*oVWRvgfd$dYuVMyYgeUnbi8XEd(FsK%{TDwCukMtx
zXwTqU@5E%)<4Vf#<RjP!hy!-|z@T@$KOFSG0$%ZW{rm@s+Kc4B@LYQalPd!*%w&*t
zVG}IRAUdh`=%3(#m_j%H_%<bDWB<l+B2PraNtrvhV8ithtD9j%T{0Whwdy7D>NfJe
zeTIOM_hm@aDfEnf*zwUQj2;cGm*(oGjbIqd{=j}lVSLIeo#ANb2G>FUlM20JcYO3|
z;V<#T5$ksoO-&GsOGPZt$&^R7U%&tCvaS>G<tR*CEg1qBoedS1AW{JU5s=pNdQC1#
zs+Km^{qpFBi*0_4vK&V2_e+;iIVA194y-}x7gXAQj=D4fnRFg>>qm(^Lpk?iU#_sU
zPx^=tEmLAKWN7h6ed>B8gOZ>&z0AUMW49+DAW;6VT4;>m9HMLQR~P1bi_}@fB+tAQ
ztzG+5=L2$A-?79!A*1T0Xfn+^lIAOtHpBGF)J2hAit|r-)kgYACY0`1FsZ2$pU2#i
ztd04x$WPm>z(Yqa*cdGMVZ+W7&;7?(^$oh(<=xVFkdDbV{i<u>4!b>^-XBZOE%fo9
zj0PKgMN?N_5n3<i=%wG?8x6B_;-wBhHFf!-hfC$PFm6*>?)5f2Me>vTXbiU-pn$6m
zxD03&NpD&JVpxG@#iB>~o}dg-Tu6wrRXU$C4J$EWgA5vd?r0w+yO}pc6RlXHhP+(b
z#O`0Gj-^sax{B%vICv$jv+B}7b7;CNYm9$igK0~Rl_X&%0#P5q@5vfFz_L4X@2=RL
z0nf5>YjK08`Ptd}npfSVznPi|;?~E{8|pzHZDu!BFd8H)Cz_5+SqxT*=>tZF2BJt~
z+2Hsc?Q03rh}pB%sBz!#=bm|>I0gOJ9-ARhEjAjV{tF9BgRn3f)+edGEXp*G+e4Pp
z0!Pp@qG`Byh3`@S8~9Gi{jXoi7&lf1foE!T(U)b<2N?46x8AgE3t+8xOdb-cOt`&N
z)(7!cS#+K~>&KRf*g6f7V72H^^eO0jvnrLVO25o#{>m*L22Bi?HyF^W-DVZgS9xmI
z^@=A|%mW)y!OOxEG<o->a`gSQk`luw`uu6yg6|D^<BTRKnfF5D4%-yA+aQIDyL2rs
z`{zVJT9+^H#}nIsLWXDCp}EUy4?0Je)e}KXZ^Kr%5UtRML;cF1@}FPZW|Q`8lVxb|
zo~Ry)SCi1Du__pWW$xm&Qq25jX~)-;eHVXlZaG8i6`0#n)93hGi>-Z#vw$M^$w8Dk
zYW+^xqip!4u*3dOQWACARXl|Dna8I)UrrwVkvzj;fO!k`=?EFobi+xBfv=9kOG>%_
zj|a4&roea}e#hp>>YKe|kvO{jl<K8jAeyQn{CC1D{R9)!17<5t*~^|d4TU<{`}+dH
rU*Oed|Ka-Y-TMFcLz1Vwzqq_klcJv?nMxjU4StHUYBH5lCjS2e!U-h^

literal 0
HcmV?d00001

diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md
new file mode 100644
index 0000000000..d4f38b30a4
--- /dev/null
+++ b/windows/deployment/update/waas-servicing-differences.md
@@ -0,0 +1,106 @@
+---
+title: Servicing differences between Windows 10 and older operating systems
+description: Learn the differences between servicing Windows 10 and servicing older operating systems.
+keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: KarenSimWindows
+ms.localizationpriority: medium
+ms.author: karensim
+ms.date: 11/09/2018
+---
+# Understanding the differences between servicing Windows 10-era and legacy Windows operating systems 
+
+>Applies to: Windows 10 
+
+Today, many enterprise customers have a mix of modern and legacy client and server operating systems. Managing the servicing and updating differences between those legacy operating systems and Windows 10 versions adds a level of complexity that is not well understood. This can be confusing. With the end of support for legacy [Windows 7 SP1](https://support.microsoft.com/help/4057281/windows-7-support-will-end-on-january-14-2020) and Windows Server 2008 R2 variants on January 14, 2020, System Administrators have a critical need critical to understand how best to leverage a modern workplace to support system updates.
+ 
+The following provides an initial overview of how updating client and server differs between the Windows 10-era operating systems (such as Windows 10 version 1709, Windows Server 2016) and legacy operating systems (such as Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2).    
+
+>[!NOTE]
+> A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc.
+
+## Infinite fragmentation
+Prior to Windows 10, all updates to operating system (OS) components were published individually. On "Update Tuesday," customers would pick and choose individual updates they wanted to apply. Most chose to update security fixes, while far fewer selected non-security fixes, updated drivers, or installed .NET Framework updates.  
+
+As a result, each environment with the global Windows ecosystem that had only a subset of security and non-security fixes installed had a different set of binaries and behaviors than those that consistently installed every available update as tested by Microsoft. 
+
+This resulted in a fragmented ecosystem  that created diverse challenges in predictively testing interoperability, resulting in high update failure rates - which were subsequently mitigated by customers removing individual updates that were causing issues.  Each customer that selectively removed individual updates amplified this fragmentation by creating more diverse environment permutations across the ecosystem. As an IT Administrator once quipped, "If you’ve seen one Windows 7 PC, you have seen one Windows 7 PC," suggesting no consistency or predictability across more than 250M commercial devices at the time.
+
+## Windows 10 – Next generation
+Windows 10 provided an opportunity to end the era of infinite fragmentation. With Windows 10 and the Windows as a service model, updates came rolled together in the "latest cumulative update" (LCU) packages for both client and server. Every new update published includes all changes from previous updates, as well as new fixes. Since Windows client and server share the same code base, these LCUs This helps simplify servicing. Devices with the original Release to Market (RTM) version of a feature release installed could get up to date by installing the most recent LCU. 
+
+Windows publishes the new LCU packages for each Windows 10 version (1607, 1709, etc.) on the second Tuesday of each month. This package is classified as a required security update and contains contents from the previous LCU as well as new security, non-security and Internet Explorer 11 (IE11) fixes. The security classification, by definition, requires a reboot of the device to complete installation of the update.
+
+![Servicing cadence](images/servicing-cadence.png)
+
+Another benefit of the LCU model is fewer steps. Devices that have the original Release to Market (RTM) version of a release can install the most recent LCU to get up to date in one step, rather than having to install multiple updates with reboots after each.
+
+This cumulative update model for Windows 10 has helped provide the Windows ecosystem with consistent update experiences that can be predicted by baseline testing before release. Even with highly complex updates with hundreds of fixes, the number of incidents with monthly security updates for Windows 10 have fallen month over month since the initial release of Windows 10.
+
+### Points to consider
+
+- Windows 10 does not have the concept of a Security-Only or Monthly Rollup for updates. All updates are an LCU package, which includes the last release plus anything new.
+- Windows 10 no longer has the concept of a "hotfix" since all individual updates must be rolled into the cumulative packages. (Note: Any private fix is offered for customer validation only, and then rolled into an LCU.)
+- [Updates for the .NET Framework](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/) are NOT included in the Windows 10 LCU. They are separate packages with different behaviors depending on the version of .NET Framework being updated, and on which OS. As of October 2018, .NET Framework updates for Windows 10 will be separate and have their own cumulative update model.
+- For Windows 10, available update types vary by publishing channel: 
+   - For customers using Windows Server Update Services (WSUS) and for the Update Catalog, several different updates types for Windows 10 are rolled together for the core OS in a single LCU package, with exception of Servicing Stack Updates.
+   - Servicing Stack Updates (SSU) are available for download from the Update Catalog and can be imported through WSUS, but will not be automatically synced. (See this [example](https://support.microsoft.com/help/4132650/servicing-stack-update-for-windows-10-version-1709-may-21-2018) for Windows 10, version 1709). For more information on Servicing Stack Updates, please see this [blog](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-7-servicing-stack-updates-managing-change-and/ba-p/260434).
+   - For customers connecting to Windows Update, the new cloud update architecture uses a database of updates which break out all the different update types, including Servicing Stack Updates (SSU) and Dynamic Updates (DU). The update scanning in the Windows 10 servicing stack on the client automatically takes only the updates that are needed by the device to be completely up to date.
+- Windows 7 and other legacy operating systems have cumulative updates that operate differently than in Windows 10 (see next section).
+
+## Windows 7 and legacy OS versions
+While Windows 10 updates could have been controlled as cumulative from "Day 1," the legacy OS ecosystem for both client and server was highly fragmented. Recognizing the challenges of update quality in aa fragmented environment, we moved Windows 7 to a cumulative update model in October 2016.  
+
+Customers saw the LCU model used for Windows 10 as having packages that were too large and represented too much of a change for legacy operating systems, so a different model was implemented. Windows instead offered two cumulative package types for all legacy operating systems: Monthly Rollups and Security-only updates.
+
+The Monthly Rollup includes new non-security, security updates, Internet Explorer (IE) updates, and all updates from the previous month, similar to the Windows 10 model. The Security-only package includes new security updates and all security updates from the previous month. Additionally, a cumulative package is offered for IE, which can be tested and installed separately, reducing the total update package size. The IE cumulative update includes both security and non-security fixes following the same model as Windows 10.
+
+Moving to the cumulative model for legacy OS versions continues to improve predictability of update quality. The Windows legacy environments have fully updated machines, which means that the baseline against which all legacy OS version updates are tested include all of the updates (security and non-security) prior to and after October 2016. Many customer environments do not have all updates prior to this change installed, which leaves some continued fragmentation in the ecosystem. This remaining fragmentation results in issues like those seen when the September 2016 Servicing Stack Update (SSU) was needed for smooth installation of the August 2018 security update. These environments did not have the SSU applied previously.
+
+### Points to consider
+- Windows 7 and Windows 8 legacy operating system updates [moved from individual to cumulative in October 2016](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/More-on-Windows-7-and-Windows-8-1-servicing-changes/ba-p/166783). Devices with updates missing prior to that point are still missing those updates, as they were not included in the subsequent cumulative packages. 
+- "Hotfixes" are no longer published for legacy OS versions. All updates are rolled into the appropriate package depending on their classification as either non-security, security, or Internet Explorer updates. (Note: any private fix is offered for customer validation only. Once validated they are then rolled into a Monthly Rollup or IE cumulative update, as appropriate.)
+- Both Monthly Rollups and Security-only updates released on Update Tuesday for legacy OS versions are identified as "security, critical" updates, because both have the full set of security updates in them. The Monthly Rollup has additional non-security updates that are not included in the Security Only update. The "security" classification requires the device be rebooted so the update can be fully installed.
+- Despite the cumulative nature of both Monthly Rollups and Security-only updates, switching between these update types is not advised. Small differences in the baselines of these packages may result in installation errors and conflicts. Choosing one and staying on that update type – Monthly Rollup or Security-only – is recommended.
+- In [February 2017](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplified-servicing-for-Windows-7-and-Windows-8-1-the-latest/ba-p/166798), Windows pulled IE updates out of the legacy OS versions Security-only updates, while leaving them in the Monthly Rollup updates. This was done specifically to reduce package size based on customer feedback.
+- The IE cumulative update includes both security and non-security updates and is also needed for to help secure the entire environment. This update can be installed separately or as part of the Monthly Rollup.
+- [Updates for the .NET Framework](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/) are NOT included in legacy Monthly Rollup or Security Only packages. They are separate packages with different behaviors depending on the version of the .NET Framework, and which legacy OS, being updated.
+- For [Windows Server 2008 SP2](https://cloudblogs.microsoft.com/windowsserver/2018/06/12/windows-server-2008-sp2-servicing-changes/), cumulative updates began in October 2018, and follow the same model as Windows 7. Updates for IE9 are included in those packages, as the last supported version of Internet Explorer for that Legacy OS version. 
+
+## Public preview releases
+Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates.
+
+### Examples
+Windows 10 version 1709:
+
+- (9B) September 11, 2018 Update Tuesday / B release - includes security, non-security and IE update. This update is categorized as "Required, Security" it requires a system reboot.
+- (9C) September 26, 2018 Preview C release - includes everything from 9B PLUS some non-security updates for testing/validation. This update is qualified as not required, non-security. No system reboot is required.
+- (10B) October 9, 2018 Update Tuesday / B release includes all fixes included in 9B, all fixes in 9C and introduces new security fixes and IE updates. This update is qualified as "Required, Security" and requires a system reboot.
+
+All of these updates are cumulative and build on each other for Windows 10. This is in contrast to legacy OS versions, where the 9C release becomes part of the "Monthly Rollup," but not the "Security Only" update. In other words, a Window 7 SP1 9C update is part of the cumulative "Monthly Rollup" but not included in the "Security Only" update because the fixes are qualified as "non-security". This is an important variation to note on the two models. 
+
+![Servicing preview releases](images/servicing-previews.png)
+
+### Previews vs. on-demand releases
+In 2018, we experienced incidents that required urgent remediation that didn’t map to the monthly update release cadence. These incidents were situations that required an immediate fix to an Update Tuesday release. While Windows engineering worked aggressively to respond within a week of the B-release, these "on-demand" releases created confusion with the C Preview releases.
+
+#### Points to consider:
+- When Windows identifies an issue with a Update Tuesday release, engineering teams work to remediate or fix the issue as quickly as possible. The outcome is often a new update which may be released at any time, including during the 3rd or 4th week of the month. Such updates are independent of the regularly scheduled "C" and "D" update previews. These updates are created on-demand to remediate a customer impacting issue. In most cases they are qualified as a "non-security" update, and do not require a system reboot.
+- Rarely do incidents with Update Tuesday releases impact more than .1% of the total population. With the new Windows Update (WU) architecture, updates can be targeted to affected devices. This targeting is not available through the Update Catalog or WSUS channels, however. 
+- On-demand releases address a specific issue with an Update Tuesday release and are often qualified as "non-security" for one of two reasons. First, the fix may not be an additional security fix, but a non-security change to the update. Second, the "non-security" designation allows individuals or companies to choose when and how to reboot the devices, rather than forcing a system reboot on all Windows devices receiving the update globally. This trade-off is rarely a difficult choice as it has the potential to impact customer experience across client and server, across consumer and commercial customers for more than one billion devices.
+- Because the cumulative model is used across Window 10 and legacy Windows OS versions, despite variations between these OS versions, an out of band release will include all of the changes from the Update Tuesday release plus the fix that addresses the issue. And since Windows no longer releases hotfixes, everything is cumulative in some way.
+
+In closing, I hope this overview of the update model across current and legacy Windows OS versions highlights the benefits of the Windows 10 cumulative update model to help defragment the Windows ecosystem environments, simplify servicing and help make systems more secure. 
+
+
+## Resources
+- [Simplifying updates for Windows 7 and 8.1](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplifying-updates-for-Windows-7-and-8-1/ba-p/166530) 
+- [Further simplifying servicing models for Windows 7 and Windows 8.1](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Further-simplifying-servicing-models-for-Windows-7-and-Windows-8/ba-p/166772) 
+- [More on Windows 7 and Windows 8.1 servicing changes](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/More-on-Windows-7-and-Windows-8-1-servicing-changes/ba-p/166783)  
+- [.NET Framework Monthly Rollups Explained](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/)   
+- [Simplified servicing for Windows 7 and Windows 8.1: the latest improvements](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplified-servicing-for-Windows-7-and-Windows-8-1-the-latest/ba-p/166798)  
+- [Windows Server 2008 SP2 servicing changes](https://cloudblogs.microsoft.com/windowsserver/2018/06/12/windows-server-2008-sp2-servicing-changes/) 
+- [Windows 10 update servicing cadence](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376) 
+- [Windows 7 servicing stack updates: managing change and appreciating cumulative updates](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-7-servicing-stack-updates-managing-change-and/ba-p/260434)
\ No newline at end of file

From 1fc74c4f1984b747f57503f6461c73b9f749528a Mon Sep 17 00:00:00 2001
From: Liza Poggemeyer <elizapo@microsoft.com>
Date: Sat, 10 Nov 2018 00:07:33 +0000
Subject: [PATCH 6/7] Merged PR 12745: Late 11/09/18 PM publish

Merged PR 12741: WaaS servicing white paper from marcom
---
 windows/deployment/TOC.md                     |   1 +
 .../update/images/servicing-cadence.png       | Bin 0 -> 54411 bytes
 .../update/images/servicing-previews.png      | Bin 0 -> 78290 bytes
 .../update/waas-servicing-differences.md      | 106 ++++++++++++++++++
 4 files changed, 107 insertions(+)
 create mode 100644 windows/deployment/update/images/servicing-cadence.png
 create mode 100644 windows/deployment/update/images/servicing-previews.png
 create mode 100644 windows/deployment/update/waas-servicing-differences.md

diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md
index aa375d690f..00acdc9318 100644
--- a/windows/deployment/TOC.md
+++ b/windows/deployment/TOC.md
@@ -215,6 +215,7 @@
 ### [Quick guide to Windows as a service](update/waas-quick-start.md)
 #### [Servicing stack updates](update/servicing-stack-updates.md)
 ### [Overview of Windows as a service](update/waas-overview.md)
+### [Understand how servicing differs in Windows 10](update/waas-servicing-differences.md)
 ### [Prepare servicing strategy for Windows 10 updates](update/waas-servicing-strategy-windows-10-updates.md)
 ### [Build deployment rings for Windows 10 updates](update/waas-deployment-rings-windows-10-updates.md)
 ### [Assign devices to servicing channels for Windows 10 updates](update/waas-servicing-channels-windows-10-updates.md)
diff --git a/windows/deployment/update/images/servicing-cadence.png b/windows/deployment/update/images/servicing-cadence.png
new file mode 100644
index 0000000000000000000000000000000000000000..cb79ff70be87615b9d11ac3e3b2b69c9f5209705
GIT binary patch
literal 54411
zcmX6^1yEdFvs~QaBe+9w3GNO-LV~+nkl^m_?gY1>3GVLhF2UVpaff|3|D%f9T8eAu
z&gq%y?uk&8mqtS-L<WICXfj_UltCcqA`l4bJ0djjm#E!+CEx?fNm*JPR5?j}419q#
z7n2hMfokGVUX9>@?@0Dvw46X7lCXcjP;vWLrXbKfxr~IEs=NN#TbPEb%qn+mj>vww
z)8ezwA>IbqCzq8W-`IVeANb)okszU_`~U}s-Jj(&$#;lKa<s<DIlVW(m(}`<Bd5&O
zXv~^K(m1Sjsi<tZ&Gmc*=i;=J@x5z<&8RmR35!NnP!E5T!)S+eb`0rFtSY)?no8{X
z-K;k_0tIE)i$-=(s#7A#KrTP_p*zX!r7eY7+Ns1R{>YIW-aKn<N(`|MCXLmB!pM6n
zc!X|*{M9ht*6X3|8a_&XGdp3GdDs@ma+UNeVP$(|>vQY#PE@H+(^t1mx(%;7lbhw&
zOG-YX*aK)xX{R8J9~#zbZ_TFhj}~PN_I|E=Y#)fK-|gjlTLOVYE-Qt2B3U}f?Ygc@
zk?AolR$;X&zUYXlVazVi$ju5O8fC-ErbXAYcAEE^xbJ-*eEt}gZVg^RYn)xV7~hG#
zEkAhKc^<1O#n_-<b!|c1BXLx0^GrQRRlTc~7|3^j8V`>q*d~B1$Fs40c?35cck`Ui
z(!wIr(ZD0q!lC%k2VUyz;qg<+qT^DK5>gmTy-vDqcW^=>vO2-Y;LJAi>c={NZ1}=a
zj#fx!5MURebWL6$EL28aS6ElrNVI8Hd++mZ-oI^s`)1r5Ji?0fZ(-r-VccW{yf)Oh
zbQ(<Ija<j{jL!cI;jC8q&p7$Xsj-CroQOyqk4*L-E~&y(K*Lf%!VEC*fkqnGK}hpL
zmhPTgjH0JIZG(>gU|t$8UWoOlXb@^Pj_eWFd*;@j4SJX8stConsLNVKns_XP%l=yF
zNyzBaH7s9&U9D@zb8Qsx?kOpv!Rf3|$WTLmIR|Z@z+bJrX6tn93K!1W)Dqn*K{*#E
z*%|vXqss{&a=V2Mh~;ng{_EYz`#hRT?sfSQ^db8Sv#yo$5@%1Rmt)wig9qiZqwvPR
z&f-Td6mX$BCZ!h7RCte{_RN0ZiNws~hQKrRJ*w*@;L3d;|99p3+ub__Ebq8;J)0=%
zuGvfFW%nyd9OA|9x8*UcpTOR^H0`n6eS-rX7GrJVSsxNe2)B#okekQr%|qv<!`FeN
zK#m_=XIne8MpBVkgsVJ%S&x4Lms>TsVi-#J1J@D!Uto$Bt^du`Te)K`c;73yo;bXQ
zxi@85F1$p+>C<sBMm}u7^2<K$H^V26_nJo(^}V0c-@BikK!$WI%N(M}3o`kUS1zRx
zX!DEk{DnNd<I~8tO9Ol6O5cIKhnBwQ#C>VaNDaqz4Ri6lU7grl^yOQr=e88V+O)$d
ztZ+c@NKYY8j;j`o;Gi+SKJN{I2l|fmyI)<bEdHx&fwfvB|B)#7=ut|Zy4Li@tZALM
zaSRAK9a99W3U}~9wq0HL*Bc|z_)gX$k;TFv-NV;FO@cJ|SeoD2u45{J;Hl53-w~5T
z$fO~3B*~axk@4`Xlb^s7E4~d!X4)=NwpNls=~seSH2?iOm!$CV#<JHYjye%I>cq`}
zMc<FtTr2;>9@~ZiXsE`{mT!q;ig)8KfIS}zM#+*+Aenp=QzV6&K^()vO^?MRUdcdp
z!RBrL9yESuzJu2Lm=iICV(@dRNsA+D)egzBF^fery<8ig5l+S)Yam2LTrzq^2#HQE
znO+YOWMybn4m>QwmG^s0(?Z4$`h0LF|5XAjihso6zx|LylRG~zN7BeCcM~CvL!@x*
zyH>hq7W5!jRUj`IM~g3rL1!v5c_-bXfQ<Vb66yCvc`$2O;I4V6qPV4IeNjW>ogw-$
z-8~wBfSr5jm{*yiHKTg-pUyd6#c{kTFLUZRobSB0F2uv6wq!TE9RzC|Ad`2IlfGt`
z<K|l9GKOnSW=oV4R7-gSk`r3sOwDco&ZJ~q(=|rVvxc{1+oAcmi%b25gnykU+}idt
ztrHuoH!3@I64AA^&69%rV4RMc4ht^upB7`S!dwfvNLWqSz@o1y2;bM25>CVwp?TS2
zBRC|T(89(ex%vJoEXaAfLWM!FL^-}cwC=xp4}4-%p8u`46qP$lSeiNE({SFw8kZa4
z^>1}97^KG9+OI3eSjqy?O;{q6#8h5jk!j$ON<!I0a*W*lTO|&kC;rCQ@XF&lDthg!
z{jAJC-PQ9Yc;ImG0ro)u-9Af3echp6Yw`YY2Rp=P8G<yG=W}O2{5MM=Gy!J)Ebjhk
zcM8~dVc?%gbvmd*J`0IRSW9@o6X>eCqpSFo?HARuMU>~MOhpglH_5Zor#T4r;e#4t
zFKT!h#jl+rJ;w&b=f^|2U8^y$H2!y-c4@|VT+v<T)Se#^Z6+bS(6_~znshhRO3?i0
z|3ubZ930vO-|H_D3Oj2Pc*ZgMe!ARoI3WGITb!Z^Lq8^)FM_F%&xwx4dGWEMbyz>}
zb^qgNp7T)@@d*m<zLqfUUG|>eSgh<~Ix;VxG8qrK5=vsj+Ijqs`cVvnyK!~HjGNkk
z;Z<0SEqnFG_G@@}HpSQ$a~ft&0O7ZX>lfcT@3D|TPC2K~UJ$)k{8J7B4&c%zXGKHL
z=#~ykcRRUFrj8_qCIp;BnQmhCpO*?>GTgEQ5KOSsH}ROR(Qqqe)xjNF*HY_iZ%aA8
z2Ui>frvFZmy!ZY5!2O}Jder_=e;F*mshF_aJSX?p(IXWu(#$vd7Dze(xTwp*z}`J7
zHC^p4sovGR?Ek*G_mvB%5l&LV0@hsWv-{VIUlY%o+GI{2?Oc<CGXrUFbLidY`XZtP
zDMUrt*rsi`QAL#t6!!Q$z3fmd(@pOiwrCy_aD3`MQeh4`lF6K$XhZJnNoi!I!~w7(
z&^n&FwLhx+%KxxNr=MO9@9_waneo7|lDFBmFCIYE#8p=KS!K=l&F0Q-l_M<V`b|87
zfX$}A906Nvd_*vLR}XXdMGQJUlwZ{RzCu<VK)P~<A8xE}xg)<3fdHkXdE-p&oN<;`
zBx+_MnndFyAtqrlLGfm%dzy`6F!>TTqpfNB+xkd~CZhfmBqAQQChWUsv-^O$+Wgg8
zQRaxM^v1do)EzkCQ9yj~;WM10on!S6<9K`Z!hS!6djK)^@78s7jCxH9gMrta@H2X?
z@mwP+g@!I~g~lmt%JbaY%id&ItYYE7-^}1={=1nCf3okZg&t5oq+=!$fHjDEY4VbA
z6ZGC<Kqe%WTbQqTQ2$Z<@TEy7Nde%`{#A^R-Fw$!z3W}JfZ{mlaYkhFeG!zdG8p0v
zZ-39}?Oi0Ysjw5>7)M!n>6I(4NC?Kd#LgZIZTr%7li~(#V??M?{)1%GCef}<H@Vp2
zU_~zX-`cPu|67}n=kTkPGCtGqXFw)Z#Jm+ynDe0U4hr$I#iewr?5KDj%HW(P{YyxN
zJPq2?+a%uxDiW{&JLGTr(+ziR(pIt}rqS(XG#CrJc?XXs1B?2}$BU--wOJAg{tg9a
zDk8D+i@KhlO3X0E`X`;A`Oh|92Wvm*e_>TV;LAhEbh8+f)RNaRX?<Vg3nj9))+HU-
zB@oBs5@t6J26Wj${Xv}M9`c>i&zOd$wS;b0y!&<%N3X$lEq{+_yZt0zZ?WQ|4OBR;
zl(x8Gf#U2#*A?QMH_OnxBAYg{Z{7lccn!|AGd?tZOh8UYtxI0K%kt4ig5VH?7QnaY
z1T<lY-xUrzPJJ{~Z8Yn?^`(oE6|-z1ytaSBLyjy%^U->`Sa*`_+mUm;q<$4~UvT+U
zEN6aW+N$o^)G!B~ODcS;prfW1<F`E0@n=0c>hjmN@I{B3_WHcrlCjI0Y#9aiBndzH
zu%%cQ0ysIP-S5xGF0_N*gSsai7oYX9oh;lmIF-I(rK>Hkwt|O{+U=85h7*sKvksmO
z^{Kd@vw?#|SJu9!cn@?5OD9s(f(}M7AsYH>ZZ4~n!he2mJy%*~c%@jUsC*9$fZmt%
z5?1s!&r!!!C$QjVH)41Gx8eUv=*=g1raP|(jpX&GZw|uf+B6^7&C3m!p%>hp)s0eT
z;v~CmzxTc<@Ed@*;k0OS7{diqypE{}j{TCBIT^*-H$>hBR|%_K%$wwNR*>opH!GAS
z0zp7F>2*Q>oBAd`6E4EiIWJ8-p#>ytSE_UdC^s^^{U@6%b7!TYn~Mm`tHX(=g*@}W
zWM5DbS7%->ifSEp{|LUuwV_qeBrRNNYR5?zdh|EClUIHYc!ovJk3G~b?@-Sy_%-4E
zXiM;0PiG|n<QCHKC<+@cP*Jzy`OPx=i&1~gn$r}6gGRYcPgtBzs_&KL&%POy-^eQ;
zruOZ+l<Vo_h5I8=NRjGEOdf+lJ#JUm$=^as#S=$l(@>TEK~D57nL1~hm%$%G`kwAE
zn1HKfydW(5BRtz=JukiWS+Q7+V^&R;uK79U+mM=C@s3}OE#~^sw-C*{6G+p^ogd`t
z{!e+2CHQVL^R7x{uF_%sZfXy0_|R^#7-D7Pd0ix~i)qHw_w;_4dyHV4x-&Jr+XAV3
zKJO=|K!ow-BlfY;qV<JTsa0WqqJt&%E}41m!=*kVfD21(f2~F49)gt1>kzXn@x<r&
zJ54ceo9>K8RxnKaxg=TW*JGOzKa#qQS;lk~mR=o-EEV>k*<4iD6P1hDs0Fq-jq+#m
zk4Nq7yDveWpYHtL?hkT)qu)y$QJjmYm*}}y4(%qcse3bZ{!nHuV=w?AquU@;cfNm_
zL^1t7753R<8g_YFIH~F%(!;Z?AGl#~oODY$pDc2+<V5k<ch}q_VFyaHbj&X`C6X*{
zeFjplW*y_$^mi+34g+s}mpd0O>%b_M+dKu>FM_#{DUmtb;sw#3p{!w&rr7A~k9`_6
zWuo;(4TCK+{l<AWcih<%L!V$l`*wmAPPg|dON86zl=7f?eSPWHaF_@4pqDw$iFLD=
z+%_%~icL>8cgdX1#qW)fdP%MbqA0EZ7#S<s7aP+Ill`}jAKzl?33EX`w|71-gHcY}
zVnV0)Kh&wp5^_@H$BOWLa{b9NjCV4N_357hP+R#PfIX{V*kJ0Pm;L&~l#c7Kg47&B
z@xOGv1(c5?hK1{fZJ&O>*?7^sieDn1wnDT;eS(a)u~eiKI&`tCc~%W;b*#}9g|i&d
zQ$o2pvX0|FulQBTm3Vg@N28;Y8T%hLIoA=poodT%4vq*PydVYi0<dy^zd;&Bay8AH
zxjJ!IL8B*mShdPQ3;&@Lp$*}DYH&9h47WT%6ZN(<KTf}994YB=ooM-8?#AG8qlFYh
zG_7q7A4>3X)Aa{`4EL#YuA<T=i31ZJy3qbh1s=*VEvq+9{OWMiNKd|qtED1=cI)3@
zVHyKk0Q|hOIqP+*IxC+|GYL1~Ri}omYVd_&>=_UfGo&x$y0lW|hn5rsnZlCLj2BZ}
z$WgUS@e;%iE9Wj*OKpp>I^%r7n=kMvM$GjtT4SfJhj%yNUHQ}Q2m9<Ew5t-A=4+a|
z2>o9U$|b}Oz3MM%V9AvfmTRFqFeXfTIvLFeOC5WM^^NkMBMhJ8Dn#wb>#mmkZh-|E
ziw1|Gnw;(ZH+$>5QQY}jTH5$CyKTxO@825`Evj7bes+LcC&VB`Aj~R>!0!x)t6~3-
z))8Y3X$AgnmfjIS8A!x1-8@mWP~&D}8Kj2aCaVjy2y*vSFNDPi1Xp!Y?>+z#Y$o-^
z-pbn_K(7zF9#nr2oG2%EF_1RFol389Toy@z!|9(zsOU2Vm=<D$zVVDXV6qGZkvsPD
z@pgiVx~ez=R}y-GS8LFrGPht;W_$8vn?!s(PJha&Lt^#t<C6awDZB-Yg};eGrsz%Q
zkPG_jU78ffXqn*=cEMqE{jY4?o9m51xkp1&=gNp(V|fu4gL?jz^HJf2)f-cBIw?@H
zDp?NaZk_xfro<WP@Y<jZaoHTV!LLmT-nH-sJZc#ugNNLUzTclU-1aEWGHIceQwZyz
z@1=LX<*G0F_{i}@ORA=6)3I*mbt(1<d4NYV*|`(s)=)%}IeFx&#|RGvROGSiv{It#
zGSaWduXkZi#tJ94MN93<T+HFrdeFyO6J}8bBAdG|xMjdc>Vor9L)zxcLyP;L83}kq
zLrwpdu@+OWk{s2o)9#(jse^(YRjzv~1EzjjiQHj<mwM%lCFqwe1HWPe56MT;+>u9L
zO;JXiuVkh^x4v4`JWGj4NnQUSMVMCZT>a>DKLVNV=sjwH03M3<$H`CeX%B;gPA`Pb
z=YVE(ecqb<E&H$tH{DOn6%<fMoaL>!b0g9?Cbr)GTV~oZ3mYgb1{yO>t$Le(liWKE
zku{jN4m{XqhY~$KQKG+{*Fmh~yVc8VxVJyX)U|IkKS+(p+KPZ;!H}IzCvONIg!I^9
zaw!NYkTcg)mty#06&@Xa=;zWx9py_byePFyi>{`or25U=5?5ooQi!4c)|GIl`TJXS
zpqYTRK=R|V`A<I~+gzk1jDInTa4fRa1OUZ-v8QD12U*tiPc=j|vS?VJmZ>1$OUx#i
z1J&p)?HOv_%wSstgtE>;5Dd<z)-znZYSqE>Oy9@_7W}_v?>+!b(|C0J^iV1_Lvj1&
zA?WoS@9U(#&cyn&LsViX=2YMvX5wIk2Boj=FDw?{mC{}udp>=+Hk+fLElP!bWTL?U
zmjY?cwvG&w#vL4uXZTB2jd}^g^6}-=0So%*)XYA&8sLF+_OM(nQfL{DY00_&`%nqA
zYTKBEIY#(USZH@9lC>u%r<U~wEAbT8=ptAQ0A^ek4P9S!HeWQIrzaoNXS1TB#HSmY
zPJg;iF=N?Z$AIEpDR#pgmpPR0+;o<Dn9ydYL+1tai!EobotWoSpo;VFO1w^D66n&d
zZN~W=<CxbYMo7pX;Ev8|xi?2O@fzG-(Sr7{n%fZPM1W@79&?KSGdn8F7p<`P4-zjO
zl;!75`ar7+M9p(LME#|Wb`~C>J*M$Mao_L<{}UGLMIdmYD=55q5{4@0$l7)i9V?RK
zHMF}|@dz4_U**BF``76qF7M`kStWK9McG8Dq&l^A;p&dr@F~zNwL)9TmFuv951oRk
z_?x=QNxzq;9>0E;H<69C*ayz;ecbp~<QKG*;yReSD2Ik6XMB3Bhr`h_qm?V#Q_t!M
zVg@tA^lb(Z1yY!E_UFu+{^WhwHuna{00)*8buM^c+Ag=_|4}g9gk^?@ho6Gce&`pa
z(0&eBExP+ehI`5(y;&A~)sY&xe1FlHcR%!LG-7R#N$|Y8yL-#y5{0tBMZ{KV{cBYK
zyy1=wa84r0j3q*E#nUm8x`{bNR8-U)G~1pK*1fzG+u(7eSMQHLer#8YM&973*)D?A
zMZzXM=ByTqzEru<8{6*r7c;$91G-GKt(ZKOCo}6|e{Q-z6q%H4SMb0QpNwle+iq(u
z9kRx0<B4_0tRSeBNY(5$<H8x*Y{?;K9K9UHm3Y#mV?G}%44QbNVh-Ft4I5{PZtu7+
zw;VoK=DgoLq`Mchc0OnxgBKZ*R{}9i6p%mEpnE^`mSS_!d5AGBLnb{igFBd%0#2iL
zOoIMWLdD4<;bi;jMnon!witeNbHBi23&&$?hHG{q>+SYg9u0IYWlnQ11x{*jab8Q(
zW*|)ab?0TtW*%Rcc)lccuQC6>KJ+9kha;EXMT&fssS&B$h{GFNzYZwrr}rZv$5?b@
z(Sa?vM|^7o!6|r77>2*&Xaoos$&Jpn5#FSX(O@CD=e9eGi~|u@GkH`hFWXCP-k_+U
zYac1}bR`_m@TrHx+*1dktF`bOA!vZ&q|TaH!fvV(N#qD$VrxdpqXq~L-_@L_K!JjE
z#LS*UE#MtF6^hJh@T3EP8(JF*)Nt*g6I;)D-Yf@Zihkn{hdG#?3R{o9X0S8!yNgJ#
z;v<a=yCWmd$B(%~6PJ?!^`f&`E=P8l>$`Vh@aU_Z_Lo*Myp0$ZD@f6%Kb&9*QbTjz
zU7-vcD^T#_=j#)cmcY$FhT*`U+v}2sISJepW%%IML6miys;1JE{L&pK@M<Y$bI)=a
z34K@cv;LzqB&oiL3b+xvJhYwYi*DU?GkMP_^<}D1n6m6-sq9l}maGtZedLyRy|*yU
zD1NdrQ@M>;>vJ3X4`%y?oZauHP44<T#;60M+}!Qg1;p<Tp6-KthBFUHkwg|;0}Cd|
zZnhq@wn8cMEDEZ<y=lZuy3I<id-{Akuop;H38;lh%c&RWmW267WM;P{Rpb2}K=@0`
zsC~!a1+}_=ST$asV6*Sc{g1pK<CT84alR={o1f{f!UU#4zQE>Y*}FCMByr+;{3AP2
zSxevAnh{%ub&L%aDrvA;E*|Bl-<&{UqU0xfUZJ-Kx?`*=z05Dl#9@X052tdzAr1Ks
zKE2XKE5Dakw3%J&r@^vmBmZs8I#7k$CXpln%}b98#3&j3F1jGDG?+8aSam9O{P|e`
zM|KTp7QABHm3iKqC1p}p*_t-qfSZ(#7|NOFBktgC+dVlw0jRO&voPKVp{jfo=Er`~
zZ6QoP9dPCEl*-Okr-H&h(Jv%ykFXy)MSxH^&tbBM0Q|kVv`nN`G<?!IK)Cdi|5Av*
z?6#TB#W*!0)~Z!NuR|y>->Y}cJP$X@>iU;dAvG#<w$->NBSa;&u|9DiWI`NJ>^p}R
z3<C(u4L~_tCV8i}3Bw?G>D}P_!v;-wo&k-kw?P&D*C$yejPvNWyuEZxf`NrW(kPz=
zZmz7CV%KkaWfn?Vs2A_^tZZN2pz&Zxx^inMcFC+}?Hzo}Z`<6TdNr4^w1iI7|85gY
z@bYOoAEBSWviKkS!;-VTd(~|(kKL>uNPWW{7{MDDyPW?fNttuKnK^Lsix#RVg1_!Y
zo6Qol6bkDB2e>_!(ZEKoHqPm>A4%<@qg$Q8o*1Dxy%I;ietI8QsrAemdeG3<m^n_L
z>l<Kw*QXn1vZ@B3=n<AJ{9?8ol9Y%7C4H7eu<Ii0!oZbB!uh12n&qykq;18iMJ!|{
zz$BB|;nt_r``}JOa;DI#xJ4w92(`HBOhX2B7OVd~4sCn;XxA?|VA=zQvjH_Hz{1GH
zJO_yW-rj<u@qUt!tBx0>!$qvA4eN8Ehk8eS&f~6-4~JYz@J;Z%MDD-H-+piDeXZ|~
zzBB&svSDeVIj6g#%kBDY!Pi^FrQ<O@OOU9V#p+HzCS=#^1MU7xJchT(hCwyEmYS|j
ze{LMrotJI$S%+3Wv!xSn_e0Cu6X|<L5|}4<LYiy5>}buW<FWf(8CfvRvE{N&&e5`*
z)%}B+eWv|XY;yPFS<USoQ!S>?!-v6#3x*KS&yNXNGH1>L7;vVhU+WKZ)M7FIn|>!s
zek>o3K1)O|Tdy%|f;U0EFY<;+sAF6_pisj@-8x#>H2oTaXEw+w{K27Fmf?9I@zoxs
zGowy~47X2Yv2dnI*YnTNo!@)<y&vTHV3e^oH!cYrw?PTjsLRxy3y3*JYOoh$jmyN5
zfsGKYx0F~o5TuU(+z;}Odz?kk10jaT=$3WtC0*Vk$S4t=a$R>50k9_pdZN?0u9sF3
z6c@8ZLm&vB6co~BGj+zQEr<IOTP8{F__%{&T=>v3;s!9Wx)8yu#$#`xx&?=O3+iUq
zufNk~TX;)Co}Z0vbwRE$1YHI!p)4EAa>Z-3S!0mHjQW4l+so*w<=54Km%1`SudNob
zil8kc*KP-C|4a+6YTARLFXjQ0eH<np6|U0Y93pDO&sSEZ{O|R)w)M$R52UE`bc*l!
zyicEz{)EY{eZk*si<z#hBdyy7SZH>xxQgZ*=k9?pfuHW3c|}3vNu{<Y^krP!4VjyF
zA3g$W8GIOHIN#OumzYaVXr0DOFA7QIhdZQ0D@i;!DKO;p-fW>M9?re_x7}I5rb6l=
z!1o5DUHJs&H?M%MnWx<>z6oRqFwvm!2~nT$UV(ca%G@mMF*O)Y+in>6fhL*e5#{~w
zuRp)RgI;5&(I@%$y$mq=pC+u{TnkW(Wgr+vmx6g0zmko32|b?=Y*_zM>0o)~<!LMz
zCJf<4PHwI#0g!>Ea`@4q%?XiR89>QIzH%G6I?X;or$MW1I+fOmK(4>}42#)F*_P=p
zxoT*(d6vMd%Jl(>xnj8pP*lRcNUWqBVR-<xW!Ho?GJkxG4q_vdl7o&S<6J{v^}{;D
zx;HmO&TNiMfXjJI5EfCWP;San3c9lMPYxL+B`$3fKjb#)Ydg9E#Yz&!m_rEPgFZBS
z1k0D^cl%hU0AVb=f6zr~f9$)Jvh;cBhLAJ}A;|sd*T-B@C}IcX$I~~yg^`D)xzeG8
z31^u!Bq$RvJ#&1}cuW*0yyD$FD?9%dvDFYp?t>dZx+evWbheYb93DSj9v<nnPinzj
zVZRqH4I#wqxu;W~sENvn!fEFGmR;gh;Tq`w32b_z@Q#P|A`LaCe5y%FEmTx_-lumn
zZLaXF^dQs%)Y8;RktH2#lko((6*nzlZS!}mIpjzd0Ujx-Sx)u2i47he`O@drqBi$}
z#0YKIE0hhY9!t{?P>%U+S<GoF>7&7VN?9fbzj?~nli)%o2PFvJ(SH*G!l6-EJ-~X-
z5iD~=V-|-c^?iW+O-R>U5nI4>y48~d!Z6D|Cb%9ey)xz^Y)X(jbjtAH#mVA$jUPU=
zrWduc$-*K~Jbs-gYl?2O2*{yPqgWPwf%wP$4{fDvtgNifa5QjH2NK^d5G`Mv3BLQJ
zVh%nq)4C3|IZfSO9@B<}XVn!D;KL(6YW^1N3ys?`H+=k9Y#&CK<Eac~GuZC}obp@v
z+&kCpUpIZ0{IMc;x$vGbsQc_mlHj1$ZG_;+quHl8Hq*!MsC4M1E7w9OdNI#<hQgRs
zZFrWUdR8{#xAW8}{%8|gX~diBAzk2kf~QjymyBci5_s6cCnj%P^Pv3|X%Uh-Mtz#$
zE;h@*<zmamie?c|q~m?k!=}}#)#?P~Sq90Dk6I08sWcbK=wJB%vEWaD1l_Ho_4dtl
z7sa%1X{V_4>Q~|W9_5FT8if7uB&kl%5;N0UWINrQ!v58+n52oAl*wrFvddq~Llxho
z`4hBjsSQ}!5H-2(9lQU_`j0%EH$!L6B;PakC3hqZY4?Q<w`4-+H;<^50wOl6#t4yU
z*4<q{Unmi*Gyy5cQPy|29$ttutY)j$)l2Mne9+48-4;OF1=>{pm%?i^?FmM;B-y15
zgJrdazjL#E+=mHGE?U6)h?QFT6j@4?P6}77xpcUn4)g+Cpi!7p{58P70#cVhrawy{
zoPQN%2ei>%J?SF#mXIjD0xI@<4Tp-x%)kPP)YJEW!6dF4axOxZ@aM68v3H9N)YpTN
zL;Ml?NepHOp>jMjemo+P>6<F-`INk%#y@o@rv9WUqj)_3zE=CYRmp%QB+J+N_I~9I
zHs<_bmhd~@@>=J&_;sdXOL?IDOHg;Z3VEL$E3FzBIDB3`<_bqh*z)^v68U_gT<g*m
z(m8phRb=CK+xwr`^A(Oo295Vjf|n^kN(4SwrP4B7bv#;n3mlO>iSolV&oJt4@8buV
z`;!);yeMQyquUs>hxR`Dj`trge=cH<Oqvra#TSIJw*uKBs_;_y-wp<C;P#IKMBU=~
zNTg7afOFGXO})O>wEB|q$w{MDOU#J7@mb9_v*2<2wY+993pN_S2bYkl5jU%}UL`Z{
zXfhk?<P`cBeeqht8yLBa1cVIa_#<rFXh<2RIE@b9u2@z$!PRHeUA-|ZoHFHkcY#^^
zBl%^3Qg|3>_>$RL4ODI_n}1a{EibtJc2IHfksoJ6)j2w!6ADQO<<=}n9KV~^T8fp=
zv#8zz{)=Ho$3O%8t9LB~e_E*II0mZO#@hvWn(u&NVMuesG6QdL^skZI1$sQzz6O5*
zS~u8^XH*>B@?njM57K^}-Y%xH2KDahJt|;(QH_0qwv(0eveP=Jz~H(`7b{Y6vzZC!
z`v&k!y2Ixd3XKiYYEPGu4|#Qmmm;&GgNVG-!cMP{26BatI9SoF$;WIv=VGX1vC<>M
z{(07!9rq^%9aSJ5CcLlne4P}m@FuV9bHh18%O&>lpFw#MRYA2XzFMmrU0;g&jBar?
z@@5c_B|#X^s-MHrjHj4<lV4P&D(7Q5WilUf^`<$h;?b8yheYZ10OyV<$de-wU}jr?
z`vUuvp_j226~Z%TH7|K??|R%*D_<kvDG;+5`E1)#d1t15_pVcPigCD=@RPojI&-hC
zfNG1cxh34*nB2(i>-PLI^_Hi!hXuaQt-(7_Hiu`t*|f-PTvd0Ie}&S>l}nlOaJ#rS
z80eG%9c0Y8;yLsJy#U8!HdP?&R`U$Vw$&hjQ!dn}*KMP<vIsP`t%toL7oRLO><3q-
z5r53W`sBe>0cNzODFE8MA=!&aOLNH&Z<AIZP?=E_3GdvLEVt^AprG9^#a`-Es<8Du
zwWvpIY<?8n#EX2<NtM)?xl^C>zH?dV)S(94KR_z}p~^}6A3n$lij!{wt3%TplMDJX
z=Jxy5LUSN-8Ue+VMH#Y3?SmQ8^&!wR$!nRn^{k}2fs1M;m_}?`0A}cAA%6>I8DN3q
zZ?HCpf<B0;wx_Z;GZ{AhYQKmOJ{#;anGe2t`#T&{pJ8z-BTZe!#@bBYO*d~O=`pbu
zUt?duwC8{S*mup7E(hlcV^_Xn?SidNkTZM|x5l{Y{`FyKQuZ>*uG*gXuy!uQGTfej
zNO?m>^|tRg9;yZ=FyczW=K-#!7GQ*p6%I(6RghV#e~)&bk{`3JCUjIS$Vp$M!jVn)
zZiq+Z>HgTL#qqa=T7j+Xth``Ur755WmQWN(g(`7jOQ`s|2;@|;2P3tP?!QG!egg_`
zw!0?9Vk2i`W<?_g)x1q@>OB6YWd`6&kxnCPVmKW7f(i4t402ZYp1|S#VVHUkCwn`5
ztuGg-`v9@xqlSV|rR<a?b0s&voKI$xs3J0&jafn?T%*Pw+pGh0XP91yp!9N$pquGq
zNa6@Hp25+}XyQLn_hlyKX6iQS^I!Zz#=z@|y@$E!11Xt6^dE6Tbl>JUxf&p*l?1%P
zZS}j2d9F(_#_s7i-$!H+++i`qqbNR{bl&Wk<MYOQ4S)XU`N2hC0^utMAk+dzl9p`!
zOtskn<s(K6c|z?8JC4j)k#a=7-`ONG#RJp%5>(|(y8o@ADzX*4&HxsQ0tTLqMcMsF
ze~mkWL0o$TTKL55GoUNdpeh5DD3O#!fQfnG`05lUsrMKD4%<ulVT}8($-zVo?obZ7
zqz0PAW87V&T3qN6zz9X;nV}oSk3glD5{m(^6}POf{oOlWDc4=tPc4$r^eYNp+|7;&
zzRq-ZF<@CcVdSHs1XN9F1t7kEIp8n1Ap*5T$9bMD4J_godMHUSqXF}j9oPM?d))$*
z$a`hA>*+wCX~fsyhh3Unn8%*>!5U~sQq^sy@IOZR`w^psC~%iAb>H}z7Q3Pw>8@Ah
z1xpbH3bTo*#kA(Me63w_qq<pSIemQKkz-TvR=@j600=Q0S@$fQus9VN{}{sliDM9?
zHhrw8_zdj#Utx~SU8T@}9%v&5xt+AlZZ<Nh-(PBR`yK0gS}w_v2CpjNlM(fxSral@
z1Fn(RQaesPufCancM>Vtv~=1_amg?5L*E~dN=Up6FbNf5oMuC)-?_cp8A|Mw^o+ii
zmdD?WtG0J}0IJWmA0sA>x3*`jK?1>{XQo6{x*6ngycte+E^0C{GxxrI+Pr})v*?#%
z{WEJ|?h$jTFJBB}4?L9En%U_RU>@JrX(acq*1oaa+CQTS`Cz>%?%=qrFKwtw=ML+n
z<X!HU!e(yrH2Nb6GqUfdw+EzPCSd~I7$x&Zo3U3-dO;+89CLg){{t~lQj5@*ndH}e
z`Mq__`ILG5=h1_8fusS7NgF=LDnWO@`)GS{9M-WTPYR9I<xr!oyr4Ha>13KwY-*r^
zJRN>x7jt!j+$HV13<3!uEy=^Fpa^lfDQ&0VFTNDibUd)C7Fs@SU^W&%DgZ9NAXQYc
z>#csYHO8xQ<cQ|ns+0rVN3e*%K3KXK;fKf?=-SwO-pHMs)ihGyeVqZU6NeHqM>}@h
z#ixJLIy>!%B>sAL6_+YqY~jp9X%n2qZtM{54&Xfl-1LFuHzo5UOHq9)R7$io-J9=)
z)g#TuM&2T?Kpuys?y5ZvqoQ_3sM6+$CeAC~&Zn3v36AvLOz?QLP5;<6am;`($DPn<
zIu(;>8iBm?(B*dQp1|tP(2Ny*^ic@&q#Nk|0L3AD5X0(uA>>^8;%CLipMbUqZHYA>
zsn-I;<jEcPmg2&KD#0|=GS*Hq`ad>o70Z8q?S`Wk_*-OQAgFZ$n0Tcdz}hz8A&Rp0
zT%H&k<n|S^RuNFfLm>(hlBe19!A1(=0qx5-JwG5(aREd?>o58X`yA!Ji>5eMI*oeF
zy4bWZS94Il|DF-He#bz0;V0U9JyRNL0dPgkWA5er*nRQL%To5fYM2W=XEr+TmFH++
zZ6*c(lv^JiGlsf>k;_m4IsOSemVrZ`-k-e<-+4IDy*1&#9Ht%6$|j(^(?xrFa#||x
zqhW9!u&`m>dZ|lR&4RKJoe?p<P6qb~i`*Bt=ZybEOV3J>4_wu^hHt~BOB=Q}w`VX&
z`h%gZ`%O}iB+7SF`cz~<6%+!O7`wQvlA6sA<cwyLQ5L9N7PHAsTt1MiQ#KL6qyYvV
zY_3B<?9~^pkXO(ATxhfGQIR$|K(P>^6+?-H9j4&V`egj;uI~#<k`Z9K>!X=ODl*Si
z7pG(uaohvtqE4oe5&T-p@~f;W2cJII33%QxwxMq_zVJz+X+-mzw3`#)3u9<Iy^0S2
z{mYBp&%G2k{<v?`JkAC_dL3q|@ZK0>{tZ_NFxRfi)kpn(ju|)Bt?$(US{tPx?0C+r
zDq>bWv!jw!KmUsI2^xNH*bZ|d{d$t+wcX&Xoij`bNK$5!UxtI3TvZACrv0D$?nse<
z-TE<ZUwHg?mEC#flwIv#rR9&Y`yWv)DNpyvD9FD<xjJ3|MwXXtY#II2_8*P&z7n8)
zly!a<sn%oJPR^<YGq6*OGmaj>`~qYr{Di`uE_1OrK`4re8CjFuT%qB1DfV4wX3@&5
zy!I8q7J2yU>^ucN)hN%)&MR!xp?)4pR-9S;@kjBS#t|C<Ku42t(^sA9r~LNUPkU0T
zFvaK0v!6Kt?6{o@if66*SsEKWsiT%|-K~)#6+!%$Xdk^+ytpR{lzWy4n&dAhTAf8M
z@O||`p_p)%c&J}5pU=L?tXX7huI^+pB^oR@fYp&sXi2^s9~@jldvtP&0UVcvdY%3o
z#lJ^Pa4m3oOCWxPY9AeC{UK_nockU|wf}VZT)WaK_FQSZ8Wi1%Chb)0sbY6h&w3SE
zQA%WIb$JeOF3t&1lvFU1TS70`zlwj6Uyk@1?EnqTOTPBJl=dgalh!HW3f)PqSCeP-
z%rXJ*G<-S<+a}k9{f6l4Fu)BPMm0Iw1aU<g&Pl)TgQJt%JB-umx&4U-9+ErNmL-4B
zRasE^JR)dWrTpiTByIzo+2+jHF^Kc}h04$)@fwi30E*PE?CG}`IYn}>-JkTsoZ~XW
zmlXf}$iO>4d8Gnq1>-hLbh13O`!%Lt>EkBT0LtL+Mb!7OsE(%`p^_*TI2+Wdt<K}+
zoM!Srr*)Q3x&z(dEG(~r30HE{#6V_aPV~ny7n|q7i}veD?jW2LMMxd4SkqR{JJ;nd
zV>pzCd!As7;p6(IZ+^gwLHcMm9O^Xhl}O~V8DaXj23xxnH|7vg=3m_T^1e+nzK^zA
z4lbK5s1?~M0FmswoD#v5alK@1f={ftsn|nmI#1!19wqVvfJ66R3-TJv4ZQl3W~Znm
z^_1A1GZXb0p^d`DVTaCp`st|{vCr@*Zx3cJgf?LpDWuJMk=Dx&6~l*bi!sAVd`gMb
znfo{2i=2l<Uqu8Gbpbm=fyQg|8?2I&5yz+X^6pQdmPmvvUef;DTb>vv{o5Bt-B-F)
z4>n~%#I29-Svcu6bn@@<0)3qKsvEsAwf{=(kI$qJ4CGO-y%K;o+3@YH=_|v@GklI>
zSXIX#z*|?$4F#qTt%9q?RFl`3;W0=YAqR3vJS+pRy&v}~r&~CPD4@f4Ex+}-w6$-#
zX+%b;VS6iE`AD&vB!eG}35Ght4V}E>SpWz%AijW-QWn=s$`<8E=)Kb;JTg!a5_nms
z>YpSiCFca)o9`ksm5fmI54-}Rf`+D5BmaL$<@2O<9jhkN=V-#e-wtyv@br%`dEcYa
zm9`y%H{HsD+Y%Lo=6_?g!2Q%imuAUXOmTf}6mptij+vvWTlTWymj1PIc`lWX=lLX0
zzM7!N>Vv*U?~>E=cg3{jwbW9wHu4nOs9c1K+zaqgH+5)W%66&)y1afK58&)~ZPh{z
z0v$ow;0rqJ`D)qJMVMI|{WO}I_;4iG+R-w1d@C=DMokN?%I$2P>I(GKvN|l23>Vd!
zB>mHS2VuQy(E=5pJJ&z>ufIGB-^Sx=kjk830&d0lQ^XG1Qn?mYMAxu^=^2}S?&zer
z8@z6&?)5^Hr|`&Yp=`!@=U;|de$P{@^V#c-wc5KtJtR<tJ9eW37$gCrGHDXe#NjZ*
zf67&tK2juGgd<Rs_6-Yc(|t(UBz6vHW-qn@cO&JFh$r`eAv20Qah<ednTqhE;qFHm
zB|ELK_buQxZtchB;btVDo3nd=$|DdvtfQm`2#Rc&T)?2%R)yC`5P}0&lJXGlX8bjr
z?m&W+{SaU}=>*cG4bfkbz7E=%P%_&JN<O|zX*VQ+Kcj!>>|&_|l*8vzY?rp442_M5
zONegL{bt#mEsAAZYX!L@;WiKoh*|FMFq>qZ8iRWDk4w47&9R&2IjZk|ex6TVetrV9
zU$1=vds$@vwa%#q2?&0x2@$+kOf35wsPh|00piu~v1J33MbwgNp~+(*zi)m&&2_A@
z5_0C*DRtNtW1;*USpvXM47vWWSChb!w2GhI8`CgZrsw0d=52)FpUR&H=ASd4&gQ<(
zdXY(_<;3!H{CACx3;2YiX<n-SocNW?yqMWMN1FTuDDX|fc>%8IGxl48PBJiyW=7uc
z-{4BivjB>J9<Jh$2o6UbCT{8OPHXJ`{;BIXcgXF}k<vwGt8XRydj*cHLO*<!S+$6v
zMDEo2)2r~D$uqfv<HQE<TJ9nNTCX}KtB;Ib&uackcaQWF(}oJF0qn`)E53z1AJH(x
z5`YW*V{SgcufBZcW)PLGs{_~bTBCBKyzrwg$+pEd=}p~pf@PIGA$Ppw5X$!Un#z<?
z8b@p3oLw)Isfw%aH;JG2d2IOimMzrWsp}4)-80VH8XaSJ)mpVqJY6|*fWe@4;h-Ew
z^`E*CIzslV6iNJiC__Q*7Tf^LD^vqUTa5pHFAV=xqdx)ky7e_?q2EtcsxbiT9RD<|
zukRkp0{sM!wq`?<X<d8#3<FTJ1{9N#F7N52%;*B|7iFM0dvSljD1WwB5b0_=7*o*n
z(9k;KXNRjwN-TG9>K*Oy9%!QxsR#y)lX;ddN&^059$8K|qPjd0mmU6qT(YFbNpvOR
zh@;W{5N@QEpD(%z$GH8cT}<sS(5I~Wm6@nh5m*c|=JDILQ+t#7Ng>Pyc<DBSakWlm
zpGdi(Dqm?oQoh<V>&Kk33IJtxad0@@Cc@d6u{XqHT3jr)Vl@-4xFoW0!cgd~@LGpm
zA%vvk#>M|4gu-jPC1;N^U1q>UwD<9yG5FfY)??`vpZ-Py0sSk5VQRAqzn<h~XfvN_
zwnK@_u+$3QxK}V#8ZHeyW8bf)6=D%P70At$Grnv$AeMYuF7z+cn_H`MPkPOCIld|x
z`R_$X4(n){R+Lp()c%s$VHzB132CAEbizyU-t|*G=#&*51Pk+ayX(bH=y_y&ECP{*
zc>s_llq8f9>2Ub<H67E(Y5LvkPN(^fPAqES>eRKi`8C%6(g&~~1Fj>4^g9K?z9CT|
zS~LpP`m4gp7L2aSS}Q;j-D9<7OLE)tPZIUK8*8>UVSeuhP(U;!v7^TXgKrpj%Lnd<
z`GMW)f<ob)Yb8uq!<;AJCC>JpTFaOM!TwjxLS&MwHp>>2`A4EE2&cP&B{^nz95DI!
z95E)UxqLEl>D%@y^1E2{4;5&$iQU)`2+VMJKL&gW`)bbo#2qB?R!(6>MSaTZR>9^i
zy!yh_s)BqH_)~J=DmyM4!6F?$D(S=}%i1lA-UrAt$NBi&sQEQ~AuKmS+Q{^G#y@P6
zQ3<{5yie887{VHy<?GoES0<#)wH7~see)VD3UvYjc->FgCUKf=1$ca~tM{@d77&|c
zeBq$<HQl%P&)SC+>9U=4(O?AT;4*-s=p!>WdlVJ5Kq9uk_2v5!YPR!Da+geiBO$Cj
zXz#|KC7dZ=DCM%<gXCb^c?1u|fl;W;<HYl-UsMbLlK;3<hrpIPveMw6L|)bkrY1t9
zg1=~MfwHQWm<)5r&w@0ahJM&K2kX-v3YG#IPOiHuR8_WcCH)2OTk{8zMtz3hT~fEN
zC3Z)dM(6?3INqXBya8lQbX)@_>`;ZGn_MF5{4t-niSXmke~@fFre>|fLp}6CZ%z6c
z6Pk&VcRY*bJ5Bwl5(c26mbDXtJi>eq@)F~_E+v7%VC{J89d2)rhtW16oDjN%dL8(q
z=+sm0wl|i?h^-DDj}}aMvB`>F!i47W1bTp`#fy;)0<rsnOl+oL2#Jdz&x!j6U?2U9
zOo7laZyGI90Ax~t+kekpu-IKJf_#@F%=!}FI&h#_rxS!w;*k0C89dRu3vgfCo|Cau
zVVx{;iqkzWWQoa-90w*Fp_F`4J9|mZ>pNyr@eMEl^4%77*-n`--8G1Ad^`kff!7;x
zPNujG2qe>i*Xd${{{f29R8)#Gb>HKA6tDxw#LJZ8mPw@!_Bbk^q4REgZpl%38E<c^
z8<|hjOMa4n(luYj@x}o*xHmLxu5(60QnTcrROquPMo@N<2wObrEM@4}+TN?2`E}1N
zQ04qfO6xQpYTp&)oTh3es7c(U-R)65vR40t=ZxC~1}-+JM-ZvloJc0gHol;?O=GaQ
z=mYeRVk{l~U(Fws&ZK2CCIWAT(43+7y|TYqjE(a^#T7U1#x%Kra$@jb$%wm-B8tyw
z#^xc^5az|p$~vKkaQZM>!d~Nhiw;bq|Iif5I4iP00um%=RcPs1d)?VU^+7`0K>Iu3
z4{Wo;4yw@l=?XXPgZ=toHnIW!@{2y8AU9?wvzPd7Dln}ypqFTkG(lFF1qfuShEK)&
zGCn!~^=(4QiU^21zKVI2BsAZJlCF*n?bm&z?w5O_W9>UKl;U+*1m+SAN(rqp<(@-x
zPKtAy(&Yfo^*@oEifDU+Y37vWgv5e}vDMb_f=!#oTpw*d7Aa&E|8&z_DA|8}5C6rM
z^<o)>0LV+^%U*TCviVQHbJ!H8g-5vBxFR2HeasvLc;RI+l(*r`@J(egXi2W8BQ6h=
zh<$$<v#&A-XV0BPrV)NUxO(fP<dB<_%}gwArrh(#9pubJd2&mu2{_8lUW&AcWgCSE
z7<ofXXRw=qX@Kfu4!^LG9`X-YlcxjD4oXcUz6Ub<S#;dbN7|xVw+LY7pl<=5cwV+C
zoDEpH4P~pYN45l&3dT-)5cugSprA<~@Tm(*_g2Q=^b;#@+!+4eB5ZxSrT|sHjYY0o
ztM#t=by6(sh@o|B5wIZD)?mPg{xW26`*I6j<;eCivzw0@OG<7Y9&b>9mYM}3dD65<
zRu~v&%f+0fho#B<z+l!E4vbE5v3$Yz<t=G$1y4`C<hKr7ITpv^<A=i8U-<-u0K5#)
z_Rn;bGMuyl6>smD^yw~~S>CRC9F<QeLQ)(+jFp7Mg1FqY{g#V!*6c>GU<L}wXUY*r
zM#6BM31n5;JXZHVa&kA)jp_L(K0mBDcPV1(ISg&piV^@E4t360l?BZUy_R)sodTn|
z^w(#W0h2t@obs<qTn$OfvHyR+NxK+Fn7iZ2@1Vzv;Ur*h_MYKpd@Jp}2mDOWu+<X|
zVPq<hgZX)jHTtcf@k{$__e<Y%pjQNZ54A`?D>1NdB`$)6WNZxzlJ**2>m@^?%1>)V
z%&f@~gowQq<((qr)^-6+OaZZidf#Q;B*@{Q`W_}bjLcI}M_>B+(&l~x7+F1#kTHb1
z6lX_80mcv@^=e!^8E1Ki?ctjM*KO~kAMO0#XIgg?$KOY&P2X)t_X8u!&(>f&dwR7n
z6H%t_)QL*+PTF{gC&auY%JxET%>bMLe3Mm{Ct|p4+yA@x{tMtgGGw@BNaE>ZQRU>*
zO!h4L-4He2_b<cn7kqySi2m<4IH%I0afKKFx5<cQL#w}eCAq3Q&&74EVyJoX_~Me%
zU`#T)D{o=VV7#sG<ge}!jMa0tXdHmX0F1Xl#=k8O2AXG}ApemDVkzW-;hvs(@nIHD
zdIzv-PFZOa1~1aZg&#^korI$0x^(4&d{9x{Vh9+5p{<3vkV57BPTgYC)KJ~$-Pv`S
zWu1W1NNUk3ZCD?ehUH<$o(asv)m>Dw4c*$;DCB`E6mERamnUvBmX)k|AuxtGK20+E
z>k_gb7mGFxfSA@sUt<m-4X)i?paS>zlW)($N_yh*VUb)*ELPLW4?bT?V<&?LwAuBE
z{#n#+Wvhdog2Coe@qLS(TGBL|0hxf*2>~MNb!yj4f|o+nUkAv%K3QG<Ll4cTSah$z
z>`_mvbE_M)aSkrcdoGv74|GIgH>n4|w`;RCe&anQ>0IFu-VvfVxbZP!t~`HS+ho3_
z9^~3gzrXpnNdHv}^?+3M_ND;wkJAZ%UjPVo+QR$|*qeA46__7<ibtpSCi@zRH*HMn
zL%^uyT<?epoBo&3?SbwmQk*-$M+%tg0B#(Z+q~Qb6w`FtpJi^AG$G-1P~@n(-9kKH
z?N6Uq2>}xYf-NR;iMNPNhr4aP^Xh&t;9$VqS~)#=oa5(}aYshmehdP<V2(!>R84mP
z#fHLi`;CXu5P_Tkz({~CyF#=-aTpji`N@$DFqqhHz=RTjg~x>Hv)bRM1FUEF2ivik
zofN+@5~W2!@Bny13gGFJx`0wd=hJ+1*Y_b>-Yct_Kn)BKH}4}Z@DI3o3kDhOw0OTh
z>CR}XTXE_T)1WLn7XDfwc3?7BW_5VR>;F1eH~e0%o(c1VN0ae%B;h_BO3lZ%UPABh
z#)1t@#>#}c4vQ#m2`mcW@%;&R?i{FDG84&b^aM2D8p_Sib-Fp5@L1J#tBWfZ4!j#`
z+|CGR6FYZ|tkJ~7ugl~{YxE>~rAv#Z>&`T}<6GaqMRLbibjPlNovzXW*XLAf?aGCu
zgX1CxlG+XtRq&KFM%PHyk#@&7nEhVWkt4$`Z!i{Jw9p@b)C(}b4&4WIfR@KB*lBDx
zfMXZG((_P@5iuwuI+T*>j7i#dNDAQ%3Gbm*WED||FA=%cBt>2aIyk_*(mFD4R9`8p
z^aLMeA2R8?;#mW#$|Mlu<__?KC@=r0d${OQ;RjT1$7;IQFX(50Dao}xK`Xc*^myAO
z?I13j&@<4tX{7T;8}qpC>iMHTI)quj(#{0yP6U|L>lAGWSa4SxTJ<kxr&e`-)F)Wa
zQchWF6;$fs#vzsS#@VzJEb7Yz<mY6<-*|WcojrQm8bc$%>!p-cUO6y7Z=|1+C%P_`
z1`MoPRYkyU5qCj&c&rr+kW1auln~;CZxv$|;{U4>b`NuYr_G|xhC&Q_TsoV*O*_8?
zi=F5BRijsSDRKg(t>49@I4DCqR0*^k%AyFooxsV9`W2EP(&U$rgl&BNFICXBaB2@f
za-*hNZzF(uEvlaA3@D5}Jp`b#^Zw}iN}Bn9&KWrc!eaTXT?xKOUj}_<i>zu$;N}*~
z+wbWo=|C{Z9XIEh5hvZC#a00~OXROj`oKB4<C-`~(B+bQCMX%Kv<-|S*>ouv(jWi0
zsOD@)pHN5ecB^gA6hPj-)ce4DEDluxj|CHwIk`vazr6F?j*F`ylL*Ro8sUSh=2&AP
zu}@y;cvMPW!>n@id!wfrEd38VeQ`c|&H9g83oDYIbm^k_n-Iy1s1rjx1%s(7o(-7#
zc)&;x_^dN1RINmJZvxq(IqBHCl)3V;d*k+a&p(Ym)cXlv2_72){<j7mH9FzmhwYs|
zrvnNm5_do^rri;B+0j}Z<GD>0syMSP;NvYKEPCk^D6S%b>lWdp&D=R{;Hgzqc2+Ck
z2~gknhhFWIBM(UCC|jeci});pO9mclF8f?iIU(jPOiEBzLB%OXoB@gARvqc;LA`<P
zs@(aX1U^Z!^gE|D_T&o$cA^>q7#*Z}u4rEflcZtMj?gKV4~!5(@zkK4y!ZEA|5<Z5
zZZ||N0F92)lB(x1#R}7r9kS$6A-{1^>Xr}Nou0#`Cc#}98jL<X^f!>(RSt*ysORwj
zGV{NtuUT^0sQ%}YTi-(8r~aFX)?1ah;s0altmC5Gy1z{$QX<_T2nf<8F{G5Vbc-O}
zIh3>@Af3{Uq$17G($d}CF_a9=yU+7`|39AtGWYCz?QdM`!5eGm{PFa2BlYA9-+TW`
zh1)iNFW0@7d*ZWBH8JqLai;y1u8-}H;BB;e8?`w7cyq-5F$eql!P0%+|Neml3+dpE
zcnJ7cO+U@>Hk2HhQJCT53`gH06bT?5SLEVWd*%Uzvg!w4pu38P=jBlU>#{W>WC;Z$
zh%nl$Ssfgv9mQt1K1GI-H3ufqgzmBFPhTNvnBos0C)$Pgrq_MD*!nvG#uTwHt<QVR
z8~FaOqgHhk@2qEZqJJ9U13>~IfqprxjM)2^E3c^QRgj*Bc`h$XHmwj26SRth{{mD9
z9}u*TkJpwIN+Ij4s4v_ucP6@hxKLt|zSn`762uIDPX&^-|2KJuU*Dpk9|j1iKd)o7
z!wD3KOm4pQ<~Ay#A8-I#W*4zB7bo)G!BfKimF!oCTmOAjz_ky`+tecEL>3i*UXm|b
zQ!OzW3=~RbBdzzJg2#=ieFEeSFBe$?uRnQS1et6#)vep04zLuLpQqTTxus^@AV|{l
z3%fr45<X*XswvETGBIwAB_5BOkNiX=W5Sd!><fK7u!9^DTGUk6=e&PC69q9Mtr<HM
zi1}s>Y{;$@^g`SlD7{{j5}Ub%bA2$W1G<oh4rv_-8nD%sg4A8mrER+K>m>`3@`#iH
zS>1?F?y@qHl&sGW2q_HOpI%@Q9X322U@qf&s~>&VQoA!QsGI8h1L+!Ey&)kb;Qug@
z2W=#6`pw&TIlA&2bI!HdgDVMg8PL!FQj-X{KOy@1wrIKAT5iW}TEd+A`<t2r2&dkv
zmdXh6e716)#A&h#KIPo78n>)F9EY|{P}Rvn5Ga5aXaw}=__eY#CJstS;5p*JgFls~
z=dF6u+9EFm*7bM&veu_h$w#>QnZG_JZ(jNImD2K0Cx$s2iu(VWRSYHF2Pf~1WM(RA
zC=4Z`P5t;?WGMWY#Ady<FL-yhy5bGwg)c*m-}sGiDn(HkXv+y?oVb|!t}qwV=scUc
zR5v<>N}#uo=9)Y5%_VRK9fn378exVwV7<g%v(d=OyA)J<wUU1Y`oa`DobB09f=}qI
zMQ`b!yF}fDk>#MBqDIrbL=r#dKsOr0WE-99ke(PtycT>JYk24r5%TA8@%P~>2`Ng%
z2xg*xZMZ`_^K@OnrJ6460}Z~Wj^;37OrIth=ZbC2DI~6v=D*3S#VH&+8;3adbosYx
ztL78*j=p7d<jgHJcya>Vu|O-hxVY-kjVpi@mGkcoe4Gsp7I{x&?$A<}8*^4gH1^B)
z-L-Ma?uX)sj8cbVMrr+JrR(KkM9rZI3*}nMn-+3TWUAK2v3S8W^Q5{l^Mmulxzv{C
z4iFySdp)O$$ZANwQ1^@2BZrY#jakhsR9$#ocOGsxj=i5GH0B!ViE^qwJ<%Z7v-o?p
zyzp}C{TkFCJ}(*_{UDY&xpodF=gGlP^8>!^xn_ExIf8K@eweg;uF!OwqN{fm=8Mdd
zt+L|tx+0rgvgaeTLzI#b72Sa2Vrc$ce*j_AT3l$nU}xN<$32y9^Qh_Y^>Rwke1s${
zA2GVb14S}!em1s*yz~tvv}501g|e$%a@rmP3xDaAjE`JdTbed1?^sz8^M)B|@8Is3
zNff+AC##>53EgK*2~u;{pPM%k(|<_Z2j;R>EZNKdN+vbVEKM44%7;DXq=bh2Sg#II
zV%|=L;%!3fmCs$vAeXk%ojvUpW5x%`P%@hHFB|#W_E1L=-Kvvzje}#1J^#xy^I#TC
z9r$3bMPG%aGjz0m6_T{5^R9q$u1s)b_IMls;s7W4!1rJDUCe5!ZmsQqGrbX@79443
zOB566nss;a&pg`~X?daMXI1ZQFS2C@%#*v}mBcm6N*KBMdUW^xtV=GEa3E=q2KURi
zHGGn}j)x+%{n*_L_qQUQ`Ydla(~1SS<)1ZhHWy9=;gebjj>N>Nn3feTJ<Bn*vQJzx
zcTg6+_!ojyeMsYvqGqEKpGEyDjgmc+^4lXO-m5H^%IbVa$qd5aK7$jEYBXA%1_%0r
zkQ4!o8O(QtGOs7&&3N=h*d=dkjis*PF(dSK(Vlo~KCf0LI(z(oF`wsjL#H|!xL@i1
zH$MH0ILs?8+tsgDI1UwYY!J(Mi%m&nx8FN<RPcd*mx|bZQMg0!pbzT;B(YeAv|g10
z!+Dx^_^VJ{{lAZEK=}s~NVc!$sr>s#rRfvRX}S@|2`!JUWKTRQuOuT7&$e_qyE0R_
z2T4iB`LHc834;sjnvpHSe60m4@*1_k93~#0sDg_($>Q|YgiLQf;$i~dH1f>o*(iph
zz@Yl#C`R|x7jT;_F@tf@U};WX@d_WmrgtQ&x`dadzaC70t=IVYZXB|_TB2$DH3akU
zB&p%$#OX>!ih6T|T9xp)7xnamcEM&bJL`$<g|pNSKz0~;|7c?_B{b(Ri=0=q{f2AL
zB+SSA{bThkrM@z>x%8(|>XfgEq34#?zue|Rt|uQ=wsURnV++0$)2C6$wgw@LuHO4{
za$=J8fF?|ct%uFNfijDRv&vuwOFt1O+59;+A!kI24!@UmN~_K}<btVOKSoDFty)7W
zL~x>ykvejUz+Zm{!r;O2<lRX^aKBL9MUC*u&HtiuNgyhx!AZIVHApD3W-aI0rECHn
zP+1q~Q1LxMtY7gMh#<0-@ejCHys+n0Y9fv3VXG>8g}3}lxmB~_$Yrb@d4Acy42?*|
z49aBN*Y}c};h|cXVHer)E&IM=hY5N=-{owqMFG{Gf0=dDWf6t*dNc6W{s@9tYBO^5
zxoWRY7Yg0Qqxu6^6ooGeIydv#u9)aghT=Q-Y>ODQ{dC7zE+gq49+(;|4xY&%*h`z}
z<7@fg<^Z?a^^>A#X#r0|9C@SNta}YtW`?ueq9KdMJUf1AIwkwPSuxWY^!S*v8<?gb
zk<}4x1QF0@zm4n~TUh>7Q4Sw|1y4Mf&yuHfD4NOe)%<lU+ux(nlyg7VR%9`}aWjPs
z3lD%!`L!!bmYHCWGe3%9JVW}H-1-r8LsBOHuA<I2Of-S}T5P<5HNWbofAR(ndd01|
z#Y-Ow6~&?BQ}*40t=fW_KH81<HtHaFvr=a{9Gy6dBbm90fzlVLi`ia+oaFj3=L3A`
zx&Ft|=c`gN*_AN^9;qTo^Vr=!*UNT3J8go48zSeqsx!31d)rD^x9j@z>VL7jxDF+l
zCeqxlkhKkxOF%>k;#5rZQ2D>)?bP(AtzUUV%M0VyW6ACyH6U{O^W#L?UCD;mhw1<N
zPO$}`lqA3=wNCX~?(a{U_Mw`Dj9BL@%m5zofMKjF)(d}_NzG(Ij?u-iR}deBmw{1!
z4c{Qq|1f|*_FE!z#*p}V!P(auV;xDcWSXA`M6+l^)XBhej><@m<oqX6MT~ho_~4N6
z5wwp_Z_%EdxR>Weqp0Qd?SMi83z5}VV9%R=KJA2(<(%ulCuik+sQ$kE<8yod?^}`3
z*mF%!WBU_E2~Pj)9F{Wvbsw$JqjR&q);VJ+-L`zN3*+uH71lmSP-B)XKa9yt1KnPZ
zmdP^g1(7HL;}qZee&Y$d0oG&a4?EHO0-jUDj_;WiYD^jKZ$m$#)H1LRBVHz~<|G=`
zRj!}EvZu=|zz<IE$CvoEZm``g58~1tb;|%hHknmqJ@D$l&Whi_-hZsY!^hFK7`<n7
zt~d#Bk3MYCvGrVcRTI$ZZ?e~lL#r&vgo{F+CnVB**V48$%qj`M{ENMzAR&`U%f?>z
zuV=#<G+n;#`!QC8#h-n^mC`!l6%u-p2X59kX=Iy5mS|CYv0XWQ1HC8joVP$u0C*3;
zJmK%A&Rp`}%XU1j0Xei)I8BR5mhTU)aLRF6<UmqCAysPiYv&fu#D$x-KIK3V8(ob&
zG3v|f?=Y;A2tXp)8F{r2;B8I^9miFge^7RBY&~k-^-Ob@2__vtxW*CZ*Vr0X{DNVM
z>?0{R4guGgc43KadjDbz>42=h4LJ6K_ZHE<F9hjV=AC-ai5kLE;Pu9@L&&jbLUbra
zQPpa#x_lgy-t_&vZ=Ph6Aw-4vTdePX@NOV0N6qSi14kd6wt*V}l=RN_+r7e|o%>{6
zDkxGU#QevqN@0GrwkMSkZIFVuLe1U&RzmaM?D9DsVf*6hgY$#=Ya|_T|Gux$s$H`>
zzP9xKBx&GR)<5moPxP93^N3fk3$$2(#NwBolS(d0qU{_!6m=DbsYaSUvc<4KkLi#Q
z=!>sSS|U39+ZFZ>RwLfFpo9-Y%*L^<d{A#+KEz`Xf|IK}H+;dOXH51b5VZ-P2EUrX
zhG4h@BzjRj-<hybu<k#Mvsu+6NVLea*eJk#$-w{3&cZjISm7ho08CXsPvgJFc)}zS
z+h}MEDe{6}O;UG3FR*XJ3*4_jo18?45^DAc1Zkc99w6NT#hYH-wC_b&T>ak+>Zh>@
zC3%7q{Ssn0<=~|0(={fGK`tlfGtHkn=s9VLhVPj}+|_sPbbl0I>M3Ipb1t$>B*zc&
zov{jc2&;v|xNuO>$oj&}5*yXyr$qR{Xj=MoVIKESY~IJ}HxZ?{h;H|VDkAj5A^j%3
zHOkkUqR=tE=nyh|Tq?fiQ7%(@di-K1LNye`C&xDZ3kgG=_hvcFP4D;i>wsC2?e)IV
z!*e==#Ualm2kFtrrg%v{So6&4M^OW+SGvY>Ba2G(-A?E!PLAntL}E!qUy64U^wr9W
zQdwaBc3cG6^7GW~8-wb3ng_pjvAWt}9aLge3S@qBsesjHsMoCN(H=ALHL+1LLgO!0
zOG~JCm$dUz-C!u_){I2bCmgQwtrBz!My-ZnO*G>AsRvpkcxJ6WRSSdQ9>mnXwRLb0
zk#Bg$);tU;!x6~<<|EZ5c_(j-|1$}6<9g;uheki(QN*lh_!RV9V>@8WTYk~`nsT`V
zZ`R^*FcPl9fMVoO<wx(NHK0R5a7zlo?P(d1N~6-mr%>e*ZnY+>cV|s~*cmjyp>Iit
zCs$Qhg9@t#k07wzt0@AlEqNwi4DNtn7l}}m?-!v^Q3TdA0O|Qc+aKx*9K<pIZt?KP
z$`XO&8oc9IxJvSoxaas}B~zgIM#o%Hw+uQ&KQo}nqNrklC_j-Zc$XQL`w(h)alI~(
zY8vT|z_6#R{Y=*%?XfGBKB4xYB3&UJ`Mdnw4Pzew77w6B*%<U0eqyyZ(snmpIK|uo
zk|D{Tce&3%JbM2_Z1V?wvWTcdlaS}vewN#7KA-kGJ@!-I|FGqTBna9G=ihQGU=7H9
zP<7V|BQ2Tb6_n3`#D>XCVT_l-zvc&89UjDNj_T#sOw3UJX}-!zwgm`Dnd*Ua)>9k@
zm4_r9tt(lz$?rybSvKkTq!LI!V`CLpZvp882$GV|4VCG~7frnq=G;zH_Q16y7p;SQ
zl;CrD%4||VwZvC7W*U-qa2nm$E1Hz0Q_PFm#V(K9v?dw<27g+d$~KCZ!;AMLsO;-8
z)M=yieURM*g$|mAy=9Q(k5`VEu2i+N+3Q&U_Rvz9XG<{`6J>(BNPXfCPLVx_SrFQe
z%ku3}@<%-p{5O{3pnce?UjEw3l|~fxyZ`Ho74O{D9eW!zy5Bu-zI;gA8<5z`iE7_s
z;k;|(k*VF1>Hy3qKU>;UgQMv3^~;v}ci<Y5Q8*GA(t))(Lhmr4x0~=U406&A7)+#D
zaRv{jHN%vDD6bzv^9b+)!+tojR9$nAAHL_=;QQU+=fT+6iQN?-6(;iJT`D1aV3((k
z?!rwg=B$Nh$<qZ8>beHJ3)g4Sbk4TA_&+I8{={HJKYx1)r0-wn`oBP6ROnY*;e<=N
zD`H1hkqOP|{5tI=f*=QCA!`nhK5=G^TbbA&KhYGaswtev#1xo|@W2TiH*Yua2bp~q
zg%iF822I4Uowyr8>H_@qXkfMNtL^`8;y<|qs|RFDKami~$QIUhyWQKngZd=-;%k}^
zb3Qn^gpgFRDh{IoQwY_hv6t4AKMcd-6g*x)1=y|gqx-zPVT`vzm;1Q<dcMs6QtxH;
zSON}%FZMv@rRga3EKCy2WM(RxUSuoM2KVu$4mQk2DL^}UKJumUH5~aHzMz9~jobZN
zhFttj(WO|}@~BzD-h4bKac8dFAYx575b-+L5^0!f*9O4E^nyMDN9dCz<-2U{;AxdX
zUOnl}u|;&i+(YiUQIQCvn*imZw;cSQx}b8tN4cq<h8k?qHAbb63wsL-|L@q0tUxdi
z=j|l5+@cIUk2uT<x5Ladnd29i-6tJ@M$W=Nc=K6v`RymYa9_g=`!7Iur0m|lZ07)U
z%v;D+0OC#X4l;Xa(-{jQz;BM!L_29RHtDq{UpF-X1Nu|SCF@n|r4fxXVhavLlqqmP
z5+|=izZO;PggKk23HF<xlI+l|yFd6TM}Be^)k_^@1C0?D_A8{cB1|8PgHV)_bUofD
zO51goVaH!EI7bo6{oHy~@fp(<q~X#rhG#E-N0SfvFf<^4u1*^VCGU{m=-@u>ps}(m
z_BsH(MRHy+VZ^b=df|K1f4H}6HVn!5HBZ%nS!=})LpqLpm1~aZiTHxAC?skOi-x-n
z;9`qfF&oXJE0Yd_$$hiNh4VP^iz)``A7-@x3*S{0>r)?iMPrwXs$so{D#;n92U3RU
zb_+LB304Vy2@Z%$!q`jfH)a3O0V2zX`z?j10=f95E*=GM^+vzg#ckJ0twE!{NcM9q
zvP>oV?rxkyPla1aE$Z`by#LCx-%So#p0CZh4qCY6z@W%5w9&qko>fp*Rrm}@D6c#>
z#X&*^ltOOmsnah0>Io3UteNF#tF1rs^Pi6^`kmjtq)hs^1OikX%4(}5tT8jy4}a)P
zL8i!xtl`RlgXqdhj=~#>1skSKXxXn=w+MbVxLrw~U*fcgztn`$X_uDK-A|2}<8tXh
zdZMpc1Gbqlp87B5fswHKi%1vc`xTp}E2+mp0sg%Od<z2tE?@Ez`Su8NVw-4JCV%_i
zdz1MQ0MpZX)3H3;g<r8w%KABTE@W|3%WXI&PU`%mvw<Op5EKj@if6`xE-}E5$9$=D
z8Ge+vYhl`4NxG3Qj5BRg?{jwAnvLdyWb;Jn@m%0vHz{qhzLwynA+++*G_rc6*fRJ6
z2NmOp1*Mi#Q8Vkaq2AQ2G@F)2*!B8gX;Qz<qEv<S(gtLAE+F@}ckvevn^}(^&(hkl
zSBuEt*`N2h^#WF3uDknYdly>4+L$lo0H1?BJSj;tA^Kopua?fI%Eh$*+C8uU@o>l6
z;yPPf)VQ;Ie+I6#VvAUH0FX+Cfj3E;jYPly+$OO#H|8JZ{F4LDwdmFJ(pJ8vnzh!{
zhEDK?UbMm|e~wOixNXS9Nl>+M3+iTAG~5qpgd(TD$gL%13pci`d$rr>Cz|c$9rYWJ
zpc?8{_zX=v8p2}Iq$gSb9>F>hW*UOTOyiElZ=(*o>uaeV|K18RS^PbdgEBc1`uJX|
zUaTj-Y(1=_G9ueHY{o*6RDs2ef({5f6CeL!oN}~!!hA?w)I`SaMe;uw0@zj`D^v5%
zGSooYy8>cmbZ8mCi4KOW$cC3#u|*!(qCaI$d7x$m`AOW6uAeCUHmvn459`Vy|1z0R
zb1*PK%ZGw)5F+M1a4vCq{e)nNINnd}Y(Rt*`bUfw__82VW3Vztp2fM`ji6qFgGB#V
zrU5qhdejE?Q&Db3T!=tyHl{9@37S#{7IF}v@0K~1ep|G$j+}BfF|22mfpEvZ{<RTm
z`GL$hCpx#NV!o(}v-DuiV*}2;0N7JSgO{*epA|uQG}5*u36EK2VK^4yKlLKeLRe@%
zl{BUYKlU4Si?}Ocomb(p@d-8|sBo4vQm+DCF5G8rOyvkjL1Uty4`JGd>MJvRN$B?K
zy{<o+M|{1%j3L`lRJc$^Z<Z{>XTyaXcVzqjJ{jLQn!^^ebW$XvF^^UEmHE6-F5h3n
zg_tf>%L4E;16*_NEWy|P=Nzq7w!f>CJZ^{F#y0Z+x3YmBLF3Pdcf^ScDM>o$i>8g;
zXPS6eC<I+$LKO6<J#tyv5_hKybyQFp@~C{&+^!F$9teE3I(I}sdvzPFBprjhN#^r@
z=h&}MLrSLXy{2-eUo)FG42r#?u~1RI4C9krn@-=8no+_fZqrVv{RxtI6QWklY&0j<
z0Lz<Q$Ld%-quWSO_kXcKe1&&b2I7LAuQ7u5);^jCmCf<V#|vH<`4gxyl!S>h{s1Va
zOI)rws`?3AfU3@2_O>Z|n|XmvEFL$#;WNQMbiCXwz^`<7Zz1E(J7@a!8j;0-he;n5
zuRr0LzUcrNLc`bt$y91to)8k(7b6;S$IM}||5U&*ttI%6Jv4r^u5&Q#JcQ~berg05
ztWGa1WlySN*e&GVAuY?m(e~Gf98mmEkSpF4CuwU=&VnyONlQr?jh;F)+EV~noTF|z
zIRidhgS$V*)k8D1u{G{*hq*6YNNSL$c=3&RPmACPm?$%RWCg-UwLI9PlA7F2x|xxC
zt)v2wRPJ28P<7nktdvclYWtm7QdoUyCM~t!Z@$4j2zl5ghysF8GFh>S7S2*E=EQmS
z6Ca4GfM@n_+N80$4E0CmYOs6TrANk=a4=u3D6%7?n3kf-9V}u;+M~Chly}zDdi@fh
z`^4?l^U5J3V{-ffB<v-O3*K4&!<mtf>SUhC`zMDi3Iz4z@uw}t3La_5-UEKuG>5G$
zm2l_)xYdc8F$6w<-eIR8Qzj=%6$AUI1H6TyM6XE?uhZ3*4L867ygWazn+n;Hj<U-K
zkp^J;p7{}^kpcEJEo+h|f;W|d=>}+UhZ6(TGZ81n=Q4COnh#xwfy)(+?ik6FXA!I5
z{^jSVs?m&2;ZNrqGky{OEhbjzBB#h_T_3ZTO6wbFL^@H|ekYw>LLPEmR~KsimDlQH
z9n|S(`8F4?OO0*QgWb#*ZvA4=F`I_NV+B{+4<!V+hWW;I?t1>pLvDz#VfV;S(aONR
z(l=3EZtBw~Y5Wog9zl~B(phTmS8r>)Q+ke_K<Dt}mq~fZ>Mb~A`@Sk$x|wt%o=|zS
zV3O-<+P7z`7-OFL)+;QV)(F(3pPD_pB;30F4_^1%n$B08_l22W-g+2gVHvJM6qTAz
z$FXzq`QUQ)EVzgPPTt2n%cH-jyvKlpB!EhOx$OPx!~37jc)xPh)Xe7!Gp|5hC5xfv
zb+=H3M(3itw0oX$7w>Wj<taV*;$-m&KY4-N5=uQi{(E0tJEq{@U_y8@RXE`uNe*H9
zLeuLsnWIGb>0`~$Hr?#|s*@|4nr{ZM=W^Rfut+G^ZossiyH&)(sil9b2^D7*pgjEG
zU&q|?dCpFX#3^%!M*HcF0x`nFx3e?mYS}AAEK+<=10a$`=&SO|N`F{7BogV@`o~B;
z7T=g4kXD=398>I)R|qC&sox$E=}-z#4gD)%hpL-{%0=&DImGMpf!m}d;*M`pny>Qj
zi)!aI!En!0KfqwfUO2l?RIApk=~c2ok)s~`mzv+y{$e!?MEFIT`?WK_*>7(~qF?Fa
zAE4i-!YyUwLC^4Z#4nik5H_9-_d^Xm|5(tlWv+qLW-0Toy*a$si{Og2HJebT2<=5Z
z0nRC^JZeK)s}&Q1D5J4ao$*IQcn$F$F8ISdIbPQ@e0zrUHncr)>O-h6P@gLJ1w2#N
zR@bK&t>RTEn2otbB79i&BO<eAc4F2so)2%$I1#GgLh7VF2V!|?G|JS6fJz+*F{_)M
z0nT~g8A=1XTHz@@g+u;(NAS@(1S@ppfkEzs_&Ui5TVNnZ*9&=(;3R~kcQC8(rfB;|
z<UEkWuF$+!9X^S+_6o|<j@a4=W`BN<Ro6v)M+>OEIvlW3K-cc1F7RzT)uhoJM|Gxl
zs90Di){PUVQ`9o`(W`L&R9z|_i4zM~_b>Vq0ot*JUKO?;w#KZK6#`-XAA!XeM%$m8
z7$XN@fGUtmiE7})L^K_@2r8b48+x2TI(?hfJ+>8Oj3R$5*oD2+U$GH}786;Y<B}XT
z8QX1YTj%cu9tHS-2t=;An}tfvCKxGhv|a1_9qQg}Hr0uHHY51pswhG+?;ikTQAnu_
z;VOe_M`ySh>L!=-kb}3G7?*W&KEk%-CgP{*vc2Myqt=?TU8`&aPxckh)My<*sowe9
zXz9J{HmPY$hCq3T9Ki`n8IU$w7q%9R<t$9!dFGCdTkzry`MueYpT4(wg=*OG=#=WT
zB`HhI)6tIrS*Azb1dkJsSB)<#^LsirpRF6MMJUa@W8M@o;d5%m44E7Hu-@ard-w%}
zw~T-ES*hEmd;(0O*%S@wZozRIr<e7x^E=lT#(LuN81YD3oY8+P<%HmMYsWViTM9br
zD&my|^R!C%ym+)ARoz-R0hC^mM<x7x`h6&kJoN*_3cq8#`g@FcdBaUpX<-*i<Qfnv
zvv#&dRwK+*5;w;cAx8_Gr2=TQlR;*p?RhfPVz-Iq!~?8*snmPP%-chBewr`z9a|(}
zk?`N|nn9N_=L%YQd=qeH)GSgqVHHdhmgnh7iY$W!Y1oo7H6Wdn&uQ$6_b%+?jN*F6
zS<t&`23T}oG6I~AltG7~tHH|y<lpbFKTnV^wapZPAgiX}Wx!Ye#ZolRAhlCE6vxK)
zm7cq@D;fvL3$F?XeJak|-hDpU1(V!KxGzlnS5N!<P%R^1jXWM8>Yub7=yS8Q!J^A;
zyR+q|K%=rvFa5#);qK<~zAG}j{>SQ;;<^3_ho-tNebYeYd@@a&+9{wm2T$PdWYNfZ
z>}gFsmVdtWFZaEFygvN|QpbjkgMR$VrD4d#lt+T6zLI`yb5ZyhqnB(lEDq+_<+R2h
z1W^XqHgiZ`f`_b6$lQdtY*Ge^vRg<z`*>`9Zk^p%wcBrIL-INcsvD>pfRY)h>SVct
z<c9uS__U<+BZI82hxJZ&^KVgWn`LHhqSi1b8EC^;L-Uaf{VvE))-=qIj>=ljKX%LC
zu(qmB@JXB8!iOm8IjBufl1HWWonU-b#GH`(5U3*n80X!ramZs=+E^>E__lyN58n--
zMSYfkAJk1ayhRH$dYZsj3^UUX3Awx^)h3s40e5y5Ltln*i8d6PM_?`hLh0#hph2NU
zB(+%bt;+4qixVTRfX^#gKej!V<nT-Yn%2EOD^&U^+Y5&Jj5ocbDy@<Q6z81{Z`9a#
z-YQ1g!nWF};Ae2qN(8}}M(P!Yj#cP<n*Wv-e<BZO041_r&4>J`;lt4XsFo24&H0um
zwMhJ(#12PPj4Q!pPBRt<em`ueb~usrK*R?`IO8lIZ}J{|W2|n^A=MPVCi<3}9%*;&
zh``(GQ=-m*F@KpC&9A+PGaGy&&;J2Zz!-`Y4rpU`!*_Nzra&i0UK+e7jWOG@J@htE
z#rqLI@lPHp9oVeU>gIh;#RKqv%~F8^`3Zg20D`E`d^7#`S(~Q7XHw3v!a?k94!V3|
za~+nCM4g8DMq)574m?fk8gxIx1(T8AA<3WgG7XNi#b4<*cz7mv?*~NSh~<Q4ZJ|4n
zO4L@!YyWuDg|45~@P;5{2ROv|t43;jK*3eXPwGXam}sw&U_F!CK3E%IzNS$UN;ogX
zfz+93Od;O7H~i}z{u|?puhSQ2l9@d4<#;ZRR<;UYu>I#tgC21)skN&T;LXaH;-1zl
z`5TYoo|gY~59bQ0OWapo3M_YOKMI>m91gQ6<Swf%*aac)lQK0i&=u!`gwXvj>ECaR
zX?*FLe=SA5z1+D4&`wc@Q<^Ow;h<RGAJ5j}XjZ|?eM{k8Djr{E*0)!SH=*D_*^7IY
zqo5o3L0J>YSiT;KbzvT&H|bzd&pdcE&r@3C`snNU48A|&Ie6~UKuwRgNIy{vgx+Ie
zPNoby60}Y>KruuOa`!Oe#K?a$*B2b<7?%79I!MU3wIFT>T1yD5MfpoGK$cLWJ%Rww
ze+k2_<eY7@)-X<VQvVU<=c@w;rGVaB^3j2BH^U^YxPtky?CAn%I{>I^ILYOo0=l&;
zB;*Pi#M|1R?4V))Y8ns|Mkhg?iUIPor>BaLYLy9N`CS$Hj%v}y8iJYwB9B^GzN`=}
z&YX-^-&$GFGizGY>3!9^U-Nk1Yv6!Sa)8+ylR&Hmc6PAmc>IBrz9WHCH_A<?Qneaf
z0vPSeRWXAW$ksGOp4_)}1_uhql!IvqNhr8{RPYk*a74;E|1Ff>h*qOf@1{oaakI;1
zlFb;26w`)UG`0tCgtoDG-N@Hu#zJndDTP2d^DsP~zRyAS#<6HdY3q*Bn2Z#Y-luvm
zourbcHLtFl$X#@Vp`PTC?4%SF=EVC-ZrS<48vr8qn3jjEk3pr>jOZA6l@h6Kr)A`;
zj(&W2bkq`eiPb8n2}KKeS|q5~M}tFWjdt+J!R!Rt^9@`Yv#opcL8l`ObPa{C!~Z^7
z+3{8>sVigA=kKlhKo_9s&z<)^5x-dRXe{YH{5emJeEVBnVlaV-e~1ZW7{DtPPDu1a
zCxT+(i45@!+4ft4W{uRPAaPGaHjMnL<wAAh_$*2?zEz)(T5>=f>~s1DEKW9!$%{ja
zhO;SUi2MRLJHyXGFLr)OuVi*r9G>et>6_@-C&|9#*!H7~$}gk5$*q|L*(fBa_2&Bp
zDoCZ}=&M&jO%2IQTn_JiVv<Ot;Z+ObW9a(>0fIllfx`1?{ThV@9buzB`egJBykjTR
zUzHtw`5ab#yN+>|g$%6$_dA)zILz2}n=bGz1bS52pZ*S~v!{FNVX@mDgWaUwWkUdT
zj{oQ=6>y@CLB6XjoDJ_{cVN0-GhJ_%;#sL^9lCIhcuFGi=qVHk0|k>pL)P;0$HBLZ
zGM^1bKeOj*RR@Z%-GYR_Yy$P8NCL=wEqS$&)we^eUj1TruZ71z>*u{`!w+2EiKL6L
zgGy=5d3M(Jhu?^G2V*Zw;0)@Up{;aLq*A?}cVlW>8YMmVQ>V5;5o14eQlY7TLilvr
zg29F)?oZahIZZ2O>|<X$I4?rA7*XRMK~u&rc*${kKLiOmO3@ePZ$rn?gy<Iu+($n-
z3!nNOUI;OK-6ws+X!N1=hr%(+WFIi!v_<A>Hi4>roCJ0H;`of7hLPsFiv378Dep^<
zCuhQ^@BoZQ>oT6}_w+=<i+apu^n~r<z}H$Msea;(NpDI9%3Pteqv>2xb%rbf(n={a
zBa5-z4w-aoRAUt%tkABM@VTN;H_y-B%B(k{yv2J<Gnh#(S)?|KlnC#?YMG1Hd8{+~
z#wCxn==ScC59fX43+Vx8&#p1U0<<6V(077t?@{uRYYD_|lCeX7q(nLq?9&+1xQmi1
z6v`-xIXSLif`qF&4{8|@mAW&>?VAnJRy%;Pcl;?7pENeG<T<Oucx(URtm|(yfeasY
zvFA91B$rR^T7k`6!#Q9SaEA{m*_y`k3WbucNCP>cgKjISiOme)iy1wMw6qm4GcCHY
zSF4dMm7YG2=lEFps8?irFQ&d`d^zBRZ2SN{rqjP$U6T4TYA~9<DzB+>hh!3zE}0C_
z$i0psjF*z(;gvBlkTitnu%G{%73`}!_ZU*<6-4S0R}d(keZvUGR{1fH1xs8GVl8gr
zmuEC03UGVz+<PW0YBcg02Iu}`!#S$+OyeRIZK(XN`<+w1KIAaq-)|Nbj!lfia)Dj|
zzB%67V)y~-7NaWij{uak(NLHUKH8}vOLzIklyK5h2z8c1%X>89E;jd+?kK16SKo{1
z6;pu>afOC=ws|&&S%XA$5Bx1B+Bhi4Y6R)-Nw7q$!MTJ|-5x#C5BY~6u3^4+qFX-B
zDrNcgf|~*9?%rNxqa0x3+f~=KV9WJ2bY>U`Q+1J(*S3L8@kxGa)EKx&Z+47T_+k8F
zc@vPF{qIaeDJwpwJ%6E}RZwn4m;dvJ&eO3<D6%2pL?_l<R}GIr-ya=Q0eYWNVotKI
z_CSir0i^oYx;eK?YxKJf`e{>9F@7a9ej|Oei@u|Sr6;@!%unY$5d8JozowRbRy}@D
zs*Ca2fN)~T%=e-!+WL}3E357F+Pz|$1g~=A7sfj)D<qS-#LAut{U1R_D;KjCtS#uW
zy7vq7p@OP5od(M+RFV91%4*?iPJ>?3N2z>42I2{*XwHhlZ*n9t@t~ySJ!m-!YGRPi
zb}8XY$?IcovlULw8Xmn*tI=`*igLsueZ}P!x8sIVo)SLuZKc>+KZkFr+X;j@XF;^F
zpQDUliodxvEr@B8kVWZDifX@cfqfb+YPIFkRTru`XX)`X$nAr~H<bJnk6kk|wr2w|
zhv#R?B$yc%CZ4H_5yC>e?@_2j%^e%nBm}1KS)#B}`m>1X6-HjzzH2e%rulPlWo%%f
z`)q^8U^hQg6^nT6h*f6p_*dN&GsvmRFZ8f?yf6p<Qh>7K!XcU*^iNkPI&>o|kLz_^
z<7j^4_dJ1HH265t_gZUe6f<2GQ+}tO^3z<QpY10w;YY&{7Rpzg!$MC6meIM{qm+CL
z6aI0C&Zu5n6}#!65&^6rpIaG{z1|McsO&UT1J`W1U!~e9mvFp@yr9rm1~$7g4$)n2
zC^^v~-Z$?rB1Q@s6Fg?YK1y@JvPQ`zqk>+87ERBpHhh{lmOvH204L<O<1Q*;%(%LO
z^r`99IZ6YO#F3RKx_5QVJFg07t%&)QI0$N24${D*v+at2GLUJB4YXP%rFLv&Nzvl#
z_i*%PwWnrz(-(Z=NZZi^m6))NVd2LuF>v}{%u8m>Rj+dMfO0paE$0Xqxf-hci};+o
ze*KH*M<wyx!lEgb*lKc^DKA$8UV9EW>&6()!Nwbs-hLx5E4z=eCnHM~WkaTXbN<Uk
zU!+#ioh0eP7^1gbGFI8wzxn!~siTu)KbBk>;mVu;{VK}XP}f~!{`+pDLf;S#tPrtq
zLi{mD=Fq<d%-3wB`Z?x+zz+UE67W<+2`4KGGJa-qOjSu%YhsD%3<lqpNkO+Rp*c6E
zm4BFLu`TlFaku7dy#MpmbV_A;f+x4IuzdY@IfRsyvQ`E%L$)K7Gbi2!1uy2>SnUH-
zSLw+~a?2?>nJkf&A;_PD@xac5$LDVM-X%rLa8w0|q~oIFU7lCQX|4+vDd^SC`l(l6
z%aO4zX-;KZXS66*7n`r<1qz%1C1hREC2yY48bUV7ud^;iD?>HN@3OD~T=lfG&j;=p
zpuJ^A;dwY(n6in~M3VryWE9ekC+#6dx(V?=lb4#VUXd?LTRjsA9^*$}MPZ!v`Om}U
zsJ7dyu6n25Xoq-%zW?ItAuc2%)&txU*3@Ts)tJz+K?8-g@#vAUvBLGmOOC8E92^JC
zHnp+8;W$klpWQV^I2R^Q&b&+wkpY{q?JDSs85CnH+bpjqxlRG?c$#Cq1R4X)_lH9f
z95>L)NW_~!I3Q5EPz$MnV|)CxQt-tw>APg?aUpLY&Cz{kOeOsi7-+g1u-EolU44Lk
zDsHD92-`QIjZ|AP2F!1KW1__0o#_`h+*!~A-V0#C&-Z^`F=hlNc`UGw)kM7b+Y7le
z?QYT~Q|bXml&YR1lk|g~WHYUbi-D?V`Vpx8HCPBTpaSOJLO*Nq!rQtE*oh(j!u-?|
zcc}obEuJ|XzIvGJ=cq)Q^~35Du)qU7R=?^wurykYE+%Z(R+`U<?thrBcb}dOd~skD
zya@qt^r20C#S>(E9l<?Zk=ye42{F6btU%KOE{LHhw;J?};MY%}|A6|PRWOXp44Vbn
zigj1V&uk>dAdy3?Mi8tmN)eeDQS=xuTrYfRsVhGK8Ybx>p({WS?A9OcPpe?Vc7WB$
zQR|7Te-@;xr=rK~!t=YtPo*XicY&7+@QhHwf<bwg{wMkh-<<oI8WoTF1OJpSq}w0<
zawjXd^=Q2K8adJV2YiCxpXYS|OmpjnuDAb6*4_aBb8Bp|*d;R$zS?yEx#T@zTp!`I
za5mUk6UE%@w6!F*C+IGKY%6j}D2SyAxW_`)XcP}jksF5jjKO1ouQ2dM`}fc?rMLXS
zfK7*>{FBInvfjwltca8|2qOUKu$@C}%>RrT)?}3S(A2z`an6bR`Lj#^caoBuknapG
z$vh7i6bCfvT5d!tiNOl2T&i`|o#x>I!IOKi84Tj-`vn_M@B(wZ?&xWn&8q!+i|?c6
zG?#q~8;482L|L?m%w>M1-L52?3qfm`IJXE7!|w)EEDe&Hp|6Qoja>@CI5;$@HIi*y
z1P}?%DwwNj`Cl0iOw1KdMYU;u!d7ODXu~A<p5`v*$7-zr9rtZ%5MUZSFuXCutV#ak
zdM$663xeVKINvfzKU{DJFT8VnWUo##uAif+5l^RD_@~YVzI6nlj<F|TeyhkV(0QB<
zcDchs*$5@~lSl!T?c|v_nP99P!;+0a%-#1^ntlo7dlv$y#;t-2-ZRHz4To=eYm)63
z*OTuCD$##&bRfVp4R}Gg6$P1wpS89q4_(-T$jD%5t5EL;JH@aq5L3`eT|sTlretS#
z^=i!q?{jedTXQ!<yam5Gy&P?#@)M^q73P{`&?k-S1L6KOf&%;q(hrHqHVACuiTelE
z{U(rSzMswTP3ee21PseGO56gm@Uj;W_iZM30=Zzt&tgncpE&1TSl_`AJW<4I11k=R
zWA{Q?0~Acn0jCg129=L$LJf#?zR_9w=m-ubE>DiHr2l>5)OB9zb2z+n{F$0H$<m(k
zg_^{53CP92wtZIU)OT~KeovX!BODsl+KcwS@u(@PV-`8f5lGFbB1^GU5!xWogF?gt
zgFtTr+-ut4eK?ER)IY260YDqD`0QJBW8Kyq1Diqc^V#?{(MJhU&|(9nO0~syACUkU
zsiPc4?DGQ5A5!y%zp1^reE(0iSD^4YG{vkn6KnYLG$0~QNAl`(@6^Yc#ZepqwtXjA
z73^GOI3Wn^g4K*_(HuMrp_n_{iKU%&+@NklJq*cw!8lX9KA=gu+|<sCbcDqkic(l9
zM4gZR?=vOytwVyZR)jamEdaL@FttWRf56zvW%f$27uJll_%BE8DWi(S$QmZ1FkU>_
z^DPA=7tx!ZEU6ay-z5<Cvg_!aOW<RGQ%jN;dK+Or6|d|9O_L{nkIgT<obC3UZb)7z
z|1l0D!+P_#ykZG9nm__&+IA?pas&FxZRpnzozu1P3}0H*VBg{N+?%jhI&NBPD-$Zr
zI-s8=01D~KB+X!2Jgyl|(wPTFG)uAT4sEB=_M+Pw*p;Z3nR97U_d^;FNXJ9sfFjyj
zqLQ_uKR1fYQ|E$N@Q~TQV|!FxLtaiqEz1^#H0q%~wUQ^{SmLlRDZis(Z$yG!zkde*
zW8><UZU?OYv%5O5U_uU_LZ4|G=JFwuZVS{!fgHMO0M?^jal8-fN+aO<D`5}XC(^2e
z--NR;6Cz1J@U4;f;!lv*CYH4=vn&rHz!kl+1W)#Kwt9~lS;u-snTOEWh_A;NU+|;F
z+b^X78H)*7Q-3r64&ry6)CRZ|9E)gP5)ISKGCgMGec=&yYQC`0$Gvke83t$4h6Zos
zUlKWGS5@a)$+(qErr&#&KaUrA?*VRefrAu~>#-pPAo*)CR4I1XC~^Swme5~3SL^;^
z0RNa>#{#r@7qMFJ6sE&il3(`C?;GIS{nwT^K6%0g@AO8E4eiVAx%KR_>oE59mF0!r
zyDO^soZ#)@1OPZ~Itf!x%DRspX1f!zJ>fI+xcu`E?gU-VheV+V=aARKuX10^4jDrJ
z$)0*Vw$^pS%oEsDAi>n%2acY^>5PHux$qZ=yV_{_$g{{<n*-d%Dry7T&L!j{rP~%@
zcY}!`$Fu={>zE=MH%+QVDU5UHAiL?MSX@{>%`#I9<P~H;S(-txi)nknd<wjS0mn~W
z&_d?f1akKUfNF7A@Fa_;MIDIHhkTb#9YHny|KFx?T<6cf1*qEyFyP;58M=Ky$SD>8
zC>*w04GIChl*h$ja6jtXkwyA9#~iRf>#Aud0wa~@KlyJ81n|LVvvG$GWjI9YxexAn
z+i(^3H4;B|;<UFCj_d9N79Y~Ar$AegD56L|{6%&(_sYww3oSRhPyv4e8Wf)NO+ah6
zVh5Yj=)BCDX&i;qk~#Bw&sx<4r1<l-&O5n$F(zX$lcZ(>)+CZadqAX;1hg=d;wIj&
zyc1yF;{-H1kmnC0cL$*&u(Il@cziRD-Z$v(-J81@=o4~8Hb<}fV-(+~_bUYOPRdi`
z8yUY>UfBX@xAY2)Yx2k7?zNMpz0Q`1esq=B>gdCXTVat_`ENdbADp7Wcvhg9=qDtC
z8b{~Sb8mv4_(Wo7THeKAH|YUc78hC-S=Aft+_;A`_XlS``*!8v&%(XW6Dyq7$TDkk
zC+S7&_xy^sQ7heSJ*Ai^$5OMV72W&00t<lH*v__v{^5#IEwkNN3>jsV{_YC!W{z|s
zjDJulmVT2xme(kDqo`<#P*G!;UGjGnxO)DMun^ypx)B#QG_TlArNbwVE#URk#`u^2
zEiEp^1zgww+8EBKvniS0g(sCi1?pkHC$2~lZ42g{Ke&smzk9B*$Z`yQi*I*8(pvSO
zxzi;@a}im$s+_Y4i)?$4$Eyajk{go25lCTbY2Zf?Hw{i*WqE9iCkc*5>}0M_`KlV-
zHEHuG`j<cX2M>^?bbW!pHxaY+aINXLvLld{xLMozSuTAo)YPd{0h;5b8@s~H3J`Q4
zwDRMX4V>G56{@S!%`Y2Qw{<uXF-zzLU_0R6+^0Lr_>@|7hg*!J6=fxev(vL9SZ;e&
zF~#ov|1C`7fs{4=EG>JSM^5O@0>n{+lIxQ5K53~t_z<=6CXNc7e^J$l8fh&9KCME}
z;WO$<U!7&~>{N#I&2Nk9(#v(<DmBPf2m|5#%iSJf0heLo_O)@=dYfE(zsQ_{%yTEC
zrHtRG`bG!oeh|A|0$K6N7P`)7*@i2ySIkdP(U^r|PohWzc<S&-+qFNKha+E>)B4y`
zdKpIJ|HPsc`VmzyBb#78?@W<8S}!|2Dp3KAevmUMH0B68Ffm4?IQW~-C~9qhg9p6S
z{%k<egrYz<r+*cVhj~ww{NdoR4&e4^2oX87D+q@-!WK(7{+P403sskyaa~}uPAJJ8
zn-<|zBaD^jODdI;fFIgS9c6i0zv+1XQox$JWWO;qSMC8A&OIK(IkqTzXx+lYCS0z;
zo1j7tP<|FE9&QxkZ_0<Lw*lZ9Yyu3vv<2vA_1+%W$~F@gSKV8f|0aggku{iUon632
zS!P=8c2#?u$Dj2=-;pvNz>6)e3u?0{yngyS^8t!9(+Op*6rk$`x6hcb)_B>QGe`S%
z9MuSEfPzYK!7mZ;sbKm|1=9n6@m4tBe_o~1Q|H{L5g0i2t*ujb^$3uJCBMHvlu!X|
z2;zT#4uqYGqYjhX0#6~xcbbWKg2={K6WUY9=`Z)bZy$foKRY?3HJ=34-ivbq{+(eL
z$_bbIaaai%ODr#=V&hym*B9-VW#JQ?rR<}GDEUEDDieH1t;VpAWlw7fu2riOak-pR
z2~=JegHC&#I>0jkKqpr&)Kr$@M4=PUnq2_1X1bIpWp;c8Ygg6k3Xj3M!1!QMde#^6
z<kjalrlWL~8}5M)pg#T1CcJgQ*8_*CS<3G%^+<5-n8VM`+B002+-VVQiCh4vyl)6>
z2Tc#1(jt9_n&%%qFOsLpz)XMx-ZNtA$WlQI?|QQ4n0QT49rkJ09<Uw?7|i>bWKNJl
z+&RhWNuTNW|8{1Q4)lP%W{dQA1#i_jU{KhzK8~7+Iu$k^)`!1jN-5HkqZM|58f8US
z>H1z^o-QiJbwpn0<<zAy;5XA3U`+C*lXMRn6%SG{A|uo_l(ttv)|F=<T}R?5@82@<
z^!icIp~bF-<E64XNguK>&40(=zxpYa?_r6~%f0}j1gaI!L`AU#>V0(sMA1$Ygraiu
zK)nyQ*ClSG@2J(6Io&c9@Q%UC=^gP!g&`IO$6=3Ig+7)h#IU_2ZcQ%>ZM=w>#LpdX
ztmQ1dNtHSs7xHh&`A+IErIkLD+x^i0imitY`g|Rqwo{#a0W;r56;g^68CAp)ybf^j
zk}=iGuK8%gB%A>$NM3j&NTsd-jWHN1Wo^u+qY(~XJfJ}Hb?3ZIRjoZmii~q7Jr31{
z*ejAsRty-Hj2VOethN#l6G2WFmjh?|8XUyK-{R?T1_o^vJ5rPs*rc*Fr#(3-|0PI1
zv<TcEYPh_0^w#G6%Q=%~wnoXQ)FM?K3RoKWd3}!3TTTSOi7L>2{n;uou$mdlGliSd
zA5?IN{$!5-yKJ>}s0UkEL(+jZd5UC7_vnWb3KF!p4oO7Lyt#BsOd|XJ!?xX^<*tHH
z8XO4Ya_xEc^KINt-!%|DKr{zq!n4ifK-bWI*1wEs%Ke4s&nnVtvC{SGw=xE#ze3i*
zx<FSL5(DO@00lN5v9X`3CZ<U?>4$QzOoNwY9Q&*L;q}<y_xxD*&&6P%AtVyNHJj>n
zkY!9rhcPJRk@HKVv7^D87<Lc-A_T&)<^yjoKvl`uJGaXE_y8kB`dY$})K>y~0o!v;
zv@zUzH&kMn;Zgl53wB~3M4kPmki1dk-Wl8dcOwe@aAPf5uHaE903O8QBmVqRAgfJ|
z)b48eej%6TV+=4p;I~>OY`2#+zh3NDU1o@aKfdq`ao3PG`czKwlx^#|9+$r6CtV^z
z@ANxq<-ajW#M%Tg9`K6iJQVlpWHD%o42F3>Okb$=nOXZ`*Yjf*6#dv))VK$J@!Bav
z0I6^^2e!WX&nSSt1RLmb{o6b_qkhkn_WbM;nrL|GZ~WfeusFvFm~ER9dYR4+iEfjB
zsjZ5^<s25F0`u;z%^N$^zrxAskNYVX?_K$x3*aljw$k~23y;cQ@o2t}J2c9Uj#Xpk
zKw-C;d=F~JHQvQN$Gf!)K993M0(rL3PecRoPo~t~gLDKS7-sCW+bD|QFLM~d6!3~L
zWxY^{x{v~0kVkR@K9B?-@pb!U)|Yf~5`6=r)wRp*oe%0kK3>&Qg(SLw0W}z0u5640
z2vB$)K`kuWp=@fI(wA;QOVjG7lU77&{z@{LF-H{q_D>_r`5Qr@XdTBMw4X|C3yhB2
zu)n}4$e(rtM4d2rTt4EQt*Ld1<sAFp35~k>>)CZMy#i3(u)`WCSAk3|h=wzxJ(2xw
zl4v?AL7rRSixLWm$iR+qD-tf4uxe%~F-pqAU?!M;+?7;C(Ld<?#$*5L7gR;8RN`n0
zos3?>@(b;7hoXTnJ4f~C*GrF#&q_tlcyc?hTH7wz|Ngg;(J@BHN0!!#7vyO6rK%a>
zCrj01dpbK5U*&-Vm9nf<)}dJJbDYf7XUg)H2$9xH{0)w98!X#>Cv3vSCMA`Yg?JKt
z5X`2%1~!d37rV_-olDL)z5XxC3l?J0oveNg9Siox9wg3wJ#5{P5-n9sWc*axW<<G~
zjI+3WL%i}A8UDlbh=sYz|F{hP&x#}c&z#W{J5z6w7Y`{<Ap~iH2$uY;1}26Tw_Lhp
z2kl+T{x`eH*yveJ&mC{PxkcmAe~n9fzT2Y-iXEreI6mkGGi<Bmrkckx1I{tJ8s31j
zws}wGK{p6A)P%E9HsP<ZNjIuqEE;)(?%~&+r=XVtba@bem(4YKW@9sdgCpF9Fa^<)
zY2qRY$*^pH6~wIRI9MhsPCqqN^hqH?-HO@d&mW17R)aq_U}<Q(AvJnySOktpIlms&
z5yk;PuNl!3exYt%)Gh~$I?->$C`uf8GeOz#jq!1pulESby9s8A@OX%K8?5Mu;}4nK
zWhB`@6$)8z1kv4Z!P*+|3Lc}G=dp?*{V<Ch6z2K1SeYsh5@!Z^2#vqDE-S4A8)f_f
zqboa^FlM0RshP1YctU{RLJt9Z!xBx2>Po2K*{$akbLrrkN7wA+lZ+oS5@^sSs^Dd!
zDc9@@99Y2lPMFYXeCYu@0fLY)xhn{%fi295Z>-ng%aG*h$Dg5Ya39^5VU7@2X^bUq
zkkju}C+iH`s&UFM{}CK(3%ZTm*^g)~kXO3UZ7j;h9dL%JDjG$4S+CF1M&PskL;R<r
zkfgT=ZogfY7i6p<ENKJbn^;r;z=kfR;@jYmp8Ti!0VxZ#b-@}Vt5+M8I`Dx4k-F$c
z`(Ca*iR-*X_31Xp5#PcWY?JihvYn_XlSm_4T<V&?$JyuzyD9RvnGL6%44JWi^BtRd
zYRc?3$)Iikn`=NqvMb1Oe>dG{@DC_zKWeLp)8}8ozVi(P>~OQa&*ONZaXBnnNhR2s
zzXx49Wcezu$aIhiKw;Y+H%`ba=$w|Hs`nf70*A*+tObAx1}fgKWj`pvArgA|+QE-?
zChVow$Go@8<^uOkM&Bsb$)m-7*-5=+rirg;`cGTUm-Q{<Fkebz-gF0O6Oabc==GL~
zam+bEp=^9i1ke-%!1d--e6K`tAhwM4uqW6!SLY;aY4;4kNPxc=@Le~#q<nL`%3ds8
zd@c#^2@T&aQ3%*vQI>vlam(w~1*FE&Tf35F5nvwR9OU4M{w>MZ%FCUqdGr9;-}T*d
zlx7CC9kT}Kc92Ez+$8EC(EJEud%BF{@l!GXar>VTMO7ewbCl~Bs3F{0PLFB5F95$)
zMutxjg8E>nF*cxrw2#BbstK$rcz;Pjuk@7UzFK+7zFN;ddZpen`r4`ISzypP7Ngu`
zvGq;zM;-ouj9|%A^9H$1rYQ@OV(u5_3^tak1B0BnxP=?n2=9+M3!c{!igz$&uu282
z`KD_l$V?6DJAGR7+Wf;nVdt+UAzJjX_2!eHD0!Z1-T!b<C8i)g5Qn?nGue&6CcLka
znKEVE-Ur|^hWTDRurqJ@HLPUl!@YpY_Vh8QJT<%cW=>tfmy9#aZiIv(<}m_x4Uo4O
z6^w(=i9ONyE!c!Si}PAV&fcUsZ%-#>drXd1G@&4D<r3lGn*%`Gopn}6)&Bu^->&?V
zX*ZLk&=;QT12i*0G(-1Qef0>4pPY&1!8=;z>ZqBv`Rojo8nphpVtKrSqxv6J;~m-o
z*%oH?<F-;#j-$hU0pQ2y6~OuqP~%#gh^gTD=%k#Z-98Sq5;<zW{C<yBk5^YTwc(`W
zMysSu#zdT)>(TA<Z&JivXs}O<gG1!t2}f_hK5J9)Z);f-qvNAfoJr<+FQ%52pkU;3
z44o#6tN>yVo(fWx!#9f2yc}<^dP?>qxYnQUJQ=E!`K#vZ)2Lj%d2OHX^<w3uQ&5-h
z|8aB<40*P36wkJw<yzRXZP%8$yjr$xZJEp7(z0#W(w5y?w*6jvzrgl%<GTMi=XZEM
zIBCuEa7NneB*Qcsuuj(|L6!+~QF25#03nvMF<CPM;NCphOm}Gh$x%25GU??&Af$))
zuHC}WnUH$l4<tGMM%Ob^F?5o!_zP*_*tBH?0WiM%!JXd-S@ZvgrBk%{He7c20gHiH
z!eos{yD8qe6?}9+^o&}s^lO?-W6GA>pfPLTx7MlH$8UGwFi39Uz``?81E5({{Z3W`
zuYg2Z$g&>4cL@5*RI%`K@xW>Xf260uP<6$Lm;5j4s}o-~Hcud@r{#Q9Ni~KR3?Xlz
z&!Rhy-I$~kd;k=Ro$KLu!r+BRd=1=BN+hkHy)C3by78XaArN%GM|%|yVO##53e>0z
z@mhvj-BLuoDp6t}2Ygk#uUfCAt)pzP;YAa<F5uyMggr|5QCzB+6)ZBR;&TCH5UjXK
zwp%rHkqE)K4x}q*1%ZG&>K!);E*e9|E?wZwSKx_VO<NIk2<un}xpsvi!{&fV8c<k2
z+QKfyr8&#+f#q;FJhMJKWkJx>^aBgf2i?1#tAyt0W|4pC12M&o2K2l8wC08>bFSee
zzk;4uyk_xxQv-g?qT(Tt|4MP<5CTCnA+>j4yuicmKjqYYwv(NR{&%%BLptIFyU4yO
z&MN9*vwE4EeE+Pde58e76T3S5aRN~214ks}gl<iKm=(M`CA4W4J=_iBz5w`l*-SZ1
zSA>WrwocGbO@%Cnp77NW+O%t1aK^ux1$U)Isg!tu0gV~{7s;<;U?O>Y>>@AG$OQ09
z>7A`(7Gn2w2*^spwBG9xwYozdvq*LDK=xN7`3Z>mq<J><p6P9tALQ0&P6OSgTsknQ
zA0|LK&VtHC^nP}=*u<oP>++ZKRKmDZi^<q*Bs}$0T~|6sPru6_@3ry-?0qRBx2|si
zC)=;R(<+ilyg6oxsR8C=eVautZic|Pf#1!5LHfcSm4%#%@a^WQ5W6ke9y#Sdy0L8Y
zyPu22w%p*%fX563GmwA*kn$cAX#EU6;QzBGlg?4g&>}Yn%{Et~&>@LIA%J@7@bviy
zncqNF>#I5z=FS8XNaK+cb{k|aXDjTTXak`4u&2xNbiA8u;5GO=dOdASM4OAxxKM~?
zns~R9`=~$1H{y=S;=kPDQb;iT^UV<vPzurBhJMK&B|iNE{MGr)13f~iI8-1XZk*{v
zU^ihHSZbdF`uJ#Fj$E()u<h>-cmsfFTo^`y>+6{M?;n1MPLP(lew)0yBSV&^x><W$
zzeplm%h~Aan2Dxk=7*OMXgmp}1GW+!!#3iiwToWvhAe?=BIDcbKBrH|#33j3)V()g
zZVQ06(MN?GB7nw%^q%Tj@Ki;1;M-Rlp7uZhm#$2-s}<V!s8CubQn%BdS+h-;(YXiY
z3iMXOrM1rR!NX0T*zYlT$L%WO!@}=pz^5P0E1EFs-%8I`NJR5KrN9TZ?a{iwLc}EJ
z_J(@krm&SwyD4_5te~M8(aSP~0NI}mxH`a&XxH?0@USR&A+(UL&buRkhOj_Ho6E#^
zAZfD0IVUb`q1X2i|CVfATUVa@+}XDyhlqaOL*Be5?)&qH70$1WHRKr^5(xHCd5@{W
zBRsmKXGN~2;=3~4dWb+VhIkwY0&VlJjd#2)viaf@e1y)>*A0}&BDV_j03Bt-sVQ1!
zA@dO${Kefv(T!Ziwgn<u<Rk#%p{dn4e!LqkA~B0}27?Cg;@6=rb4|G9-|7-FdkRvY
zG5rsRer&h!gOhbHh9CH_(RxvTu_<??>UIG?*}Ze4*$=Z5KWvL;*(GFt5krB;i;F3!
zg4msf!*<$8la=fras}C#4vMshsFiJ0#AvLLCJ>|$)zuZtpUrch*kx=C9ufHE<7AfP
zXj27{<b3vKP0jW1$iW#v1A>52m*l>R%Hk7)Y)Qq2?NDPQBIGV45WzrSLUVBLn*2|l
ztA8<OQKz?Nw6RBL`XuzL|MdJR%7N`Xkhv9*H^NX}T{rg{!lnBF#cgDA)74lr`M)1f
zh_~BHU@vY>ek5$Fe%a>?U%Zhe4XReI-rc#N!znvU4&lG0J|~2<>CKc|_35u`R*cY>
zbA%ij|EjWjFd1zF;F%pq+{z8e{CbAPUB0?@5!VefaflXh*(&*A?D4R_zWmZ5R9im-
z!&JB36Y&H6SuocXEUNa#KGGV3T&2zrMvAJD=gs+GKkkv_?f^>z0#gX);#&Mb=zZqO
zhShM=3At&UEko{`)1}|HWZ8Wni^9_mA$Vbb-mQ7)h@1bDgL|$@z($v|8EP86ymV!-
zRKdx*A6XsK8vZO*s5@MJ@6b&IBJ<!`_;y5d;UceyCih5@h4|X$%r3v^-v$5jf4716
zU;*G9i=PUHBRvSmmI`j<yvwZeIZVQf+9}PzK6F^dbnGO$WlsdVuVFnDBB3mm=u<M;
z^L_~NKq3--%K-tl7Ydp?i-b||A?Y%ufcv=V1KL-@7-5!qA{Y`u0o8;GN?3n@F2OY6
zd9B{p=vc#UC%M&EfRg_tjKbj*fOCqDL)tQWJxmUYFY*MJSGIZK&eEO~{!S4N{hAuM
zjpwf5Al%qjl4uPz0Dm{ul-XC8G05@Viv-+s1AFsHnQ=_+cI+??1p)$;G`H2d0?iqF
zhQJsAxV8R@QhAN}BU4TBZxcArd82$VgNkI#cwAEfhC${oAoFuz&!hxj)-nY04gtis
zA->To5<WX0-ERSY>L@eoohUuZquE&vm+{zmj5#E#d~}h7V2iR0FRUYaObs7|)2;Ya
z!b~rwGL8gKRhui)-c*?PerL3vo}_0khHr?CNm^rk1!>d)_$P?jNXMVoyoms_03G;7
z87gRVe6G+JJZ(7V=mGMTY2in%MA|z9&|8Iz8I)xxlgcELs$6M(FJ9N~`ZMoXZ_#x9
z5{RPPt_CYGFmLiAY+M(8GXX{3bZ67iJB4b)FJMOJ%*uKhu9VBVVbig)YVCeWn>`VJ
zGK$Ko358oZUs|J0YQa*b8fI($0N{u#JQ2>A;};LtV{&2zMdZ2q<~Bnf-Q%=o?Eg|N
zOgGvdfi%~5IREQZq0a{FamX@^?_7}fLRHhPLpsPq`_RfbX$TNyz29iVkY1Y%(|W$)
zF}>BBS|{W;8?<9*y&U8`PW6-*2a`#Kfnz8SvaTC|!;{reDEhQ#c2`Am$Ht}3NhhDK
z^9}>8E!lv>5f72gGWIXBT>=Fj^NmPiH~3g@U?=vI`BK^U&{v?tqW1K0U&iGzHr<*I
zOv)H{5U5GW`RfBA-KL;JtBdv~3Dx8;I{3(nHd<X%o_c3<=+-d&o-U|d?&r4mEA!Id
zllA=7grYb$5YcbDl`$Ud6Xk3zMtj*=!+G=2fte-or%2)xm@F48p#5tgV|LQZP4k&a
zr9QFqg3Do(Z+{3)d>1p@bbjf;_TkDFTE{7|@+2Lf4{hc^HZzZ^<@HH?;VPX`)SVwK
zj|lx`E`b?(`rWhcpW+0zxgroOn#+9;myl(xBBG)&M-Dk!XeEc0gMo;QQJ7n<;{R4O
zTyy6fP=;Dz=MWbc3M_J}h_$V|X9r^u@X-Rv4IW&H|Hr@JX&4JUZmHDz0IQGx@yI@_
zHfhYN{@j=FPwL*8{%h3>>6>nxd(}sL;fCxCR1!aJ&&r1EGf3YA=7Z&h5s_|gO1@dX
zUw%qy<RWkmNjtxt7)%x8Uc$CiK;}7V)?sJ7Mx<Kst4HFFt{(i`$zwfj;mPG-2}ldc
z@TOSMJ(&;xeuZ($&KK#r#*zZ|C`5@>9wKHx^i^F=Yd~IRb5VoEa2XpGlsRd==bmBx
zc?ls|Umnb!&Wq1rbn{Rw;4>ZSVs*GhKnBD5*7tudzk{KUOf-fFvNrK34xUQ{<+=9p
z<ei^9{lY{=UD&(az=ptHA^w?j<NB^`kBZ%;58?4olb~9t`drIz;HLq<N}AQrx4s1!
z>y}Hxcf}v4<9J@gmJE``2dKe?NyTkp%S4Vv%fz4B;r?b07)3LeM0)teY0G^=J?|2h
zHS4<f4(^Pl(W?>wB1`9}y<GnvAqc~<gw^qFP>2h0#l7YXSYYomhDu$8FSwk+>$svB
zn~E@kY?@nmeCLz#k2wKTsTCr@)~hb9?J0_=g6E*J&n(5632aG>Wf*X1^HGhUKUBsT
z!)Vbqvhk%w2%CT%cL1*ajP^OZ6Zn-)C4&H!UJw6nKD!eUSCxlD*<q}k)=(K}#DHUG
z*GJ?2-7&?~pAd+*eF`tpDCWN)ENr&RdG72nV$zxrndc*E9cXugtKcYp?KO!yj>&1}
zPO6KIPc5^}Q`0J|<V(n}!Dnc~I32=Px<t&%>cg}i+fzhnJ$#lhfscM#I@qV2-C`if
zph`7Pqh?UiRtj@-0po*ziabf@E@i6fpptC7A-zD)$lIr2Nhqa-2_ZLTkNWq=hq?)I
zHDrKY@+(pffAIi{yN}R%8+M68my^ooNJ_{A<szBEv8?GfCiTzg9|ra`3iX&t@)tiE
z5y9uCeAjy`*=u=R1zKP(S|Qac4!`#rjl@6PWb6-1+9<yR;w+XMZ_%KQjEyccfoMi_
z5H>82<v24sX@Mzw+rR(3pYIo3q=!xdj^Eo#aZG_By}(m6IkGdRx^JYY;SEn1?{1|W
z&%-pQR}+}=qL9}f;NrLxWdl0mGm-yLEv161fM5{@CK2~xWWSa`fOHdj(=Aw=P>g~O
zH9i2`@qFF|Wv~9pT@cAq+ngr^9K&dKv=l63Rj}7104*<ckP^Ls*$QsOo4jO@$>9sQ
zCG^_&9-%KCj4e+;0kP-fXMa4i0E*e(uqZ;58tZvj$0Js<W&u&rauCou)bz;%?46~}
zhvEW_BSa%JNEq`?jKO>RYonw<pcn55&%UkqX!uNeCBlu<qzXAVYafVBExn`@g&Yj8
zv38!&;T)oYX>RWi<-b%dkkLU+U)S*#b#cQXmUDXs!d#RScf9~?Bu5iuBg!!J+*k70
z`K6$8YEqGA3Q&Pf`pZ&cmDq1rdsDHL!PQ_519E^dI4^(>%Yv7nY->*as>;Sxz#(8A
z_-powhi5r~ssKGSFYg`9^(R+1UF_e@=E=9tlF`p;dS!-qbcufx6y<5DUxO4vi9S9c
zJ1?YOVLK*#n@&hQ{`Y!886W57<K)WvB%bNlNw>&?8~vW<#|{2ia|#MY)d&kP;P#Pn
ztT(o+LnWOV>^k+FtggbbE4l9$_?9T`o+A7sI-1V)l$}3nHjiW~l7NRpoN9uO)aHK}
z$Tw=CT!fk&+&6*QeZ*-|nc#-dcox`Yf<1wymMaw>`3LJi*H66HxtZGA#0U~8Roh}M
zAlWoxC$A9Wi^;DTnEcjYa42m3)>>0nqVcvn?FG5Xw8~mj1NPq&nW`ig2{`jrta-aa
zpt`A%7o>0MOR?WT^cqQU4sq!PyKFnxY-?o5Mng3>LLmlNHL(fGw!NnR0ugtIQKfo+
zAmwA2`KfP(qpn-d-vXb}mMfTs?(3)JK6bbNq!X>$vQjx|bq7JFpevuG^@Ns2a+$^z
zYVn>)^LZUi7|@L$AP--AxMn>gX30T)>)s9l#XWc*a<4VHu0Y0bRGs-@AKvlU!#*v$
zE-N4e<+_gqIlfq1nJI+BpLIC|3PYx{eO?n^?NleFzIiA80c0hX3Jw)#bY!bL8hj&{
zzBG(s`CX6UHE{=`A3+E)`f_P%i1S@X0hc94nADIM*ye-x7ch{|N$+&TsiQ58|KR0g
zYozBuAJVlwZIvTC!p|WJalm4N9k1|39ZqOJg5Eu>PqW$A@4ZI#^CTNGPSWO5%uu7e
zcR1A?ua?HZ&Im(sIPQ(#1|;8Ry3#<^M301pe2Q7l3T<U;_J#uj55BXDPFmUu0#DLE
zNB?y_4xC?q{_ea~#YFYR3fGxpev-j)(#+;<{Dd%w)y7H<U0f~%jGNPKUw%?D(>r0W
zGo;YH1shH2oO2Z`*5}h}z%hQdA9U60zJjk-eRMM*=LNk)gOkA_NI0BY&>GQ)Qm`<n
z<LpfMLBHf&>#<yHLmFrXzMH|!mY#3R=oIfjnSs<q#d@&Ec41aV{THs$WL~B_41UsY
zGEnv!-;NJ9WPE`9-|zO?{4p7FzM&tTx)DXY|KK-jUABVlFU`}0?0%{aB1y}+5wV&?
zyq$(DJl=vE=^{48;R&1Ozy4EF9FwSxq4c0S4lRV>FFcWoa^%rs20;48gZi2eC2~LT
z002MM?*Y>&_`q8fEn_0VbrnFbe5zA(m;Z%Y<9f*LbSmY>9e?u&D$z9UrAMe<j70{7
zr;oKaVWiVkIiAo6L7&BXz@BBrjQwF}(|Monv=@y~`9K-BqMedD_MJ3{8;>pJeM9bd
z0X{$L>D!{LTv2_DW3;uam(gGq@D@>wduE7p1&!bGy1LE}&ulN4^h_0+N9P2nyr#~g
zr7@CDavWM=BuHbC*VeET$kLCrB0YRMfxoZ<B&4vR_+Zu;Hqsr0=Cd8w**R1?vjp(&
zjcDgJz>oVBJ`~FaBA^<+9S(yytx)jfNC)}>>v1X73eL2k9ZB2_B{g&*!Dk-|TCT)l
z3s8Ho;nq#?sZh(_8GQw@Od|+2L|Q=Y-fYY|dNF{A)L=j%a0Oh;V5=rkdjW&Sl3N5&
zYTHTiG@(F-+5Dg=0J<r;edBF-^4<Skw4e@tre<U<?9lm&K@ftI*<cX0mKYTJi}Lw@
zem(<lh$Ivo$d2MCyq)R)VpOc(I4x%`w~sHpR-{Me<9}$(2ie{J>qPxlZxHh}=E=8V
zhXH9aG`egCJC#Y_<xC&Ubs59b+3#Bgr_rZ}j!*uxg;Jyw66=Yvqc4?)tB(&8E<V5q
zIUtw4Nd_6D$$cSS!K05aCzQP=*lq2IBtKiBjJE{h3L75njrXs!ScpROg<XYo@Ghb_
z-Vra2b$&CuM~Ie9S0SejMFP9AZ099UF>Rjbe;2A6Pt5HCDDA0#)j<_|c&Gy?{R#g?
zl1=(lju`^X?zZRDwD`~c&dVAUI4JmWRF0_BG20A)P^ek(22}2-8VSL}^)n$9FU>+z
z(2)YM#2&Ns(3lQ3BzF}oT7Ys$tQ}Nr4(Jj<Ml?98B*@r#Ub+udqVu*P$<4gOha$&+
zx*}OF!EiChTN47@+jrNF&FdpjcdIPwfPCS2uF?-|eqhZOew?K5tM7VkNy8HnoQiBq
zU0;lLy2sL4+H&6V_R!%cP_y@m-uc~owJDN#v!84_3mxZ|f=(_1j^Z3tIRKZi2Q&I3
z;TnWVG(7+*#m5U&YR4YDF7wT3kO5J#S_0YQ=SJz$LL?vh`@?ipmYgE8EeQTIqtrFQ
z{$4z{;oN|Vf(j3yO-lzcX$}H2P}RP4F_N-|a`!a*L&_>!4f!YVf)7v)+k#yBEk4y=
z_<RQm$*+dE`bIVL-A{_&L>%6s;T-P}Y)!uxl>P-9%&*<ZgDQ6f)GsNeWR`;#h22};
z#VT=zwvi<>7EhLuIDE+G*|;>r3@4J;%u1?V)!$od0lgK>I%j${&de>N9j}<tza$j=
zjykX}i>7Vu|7&sdnpxkx5&h58nG0433B}shY>SZ2EeBJXj@mMq|K;ACnHNo^_>{yI
zI=6dxc?^_azCtX@jc1jJEpJLcd<$Cuw+0{MNmYKb-*A<B1XfXn=zjuFJ+Q7ftu=7D
z_*=)_l#Og_k-1T{t=tOX(t>5iG`)4d;;S^eXd7`x(Tf3orTrd4{80E>1LhUn{e+3r
zzs>HKY&Yl`ER6`l^+?e@FsIEYpbP`BUDa`Evk52*9PR2!4-f3r?D(f$un(*L3h>mQ
zK7Yaf&<Oh*RyzJqJh$eY)xAj(LgonSh37kT+-^(yGMbSm5D5{{VkoOS`D_CspEA!R
z5~iu|I*J#&Y%Oy`K7RA59J1#~wJC<p74?|cU+zI^t~hG^^=>&7WgrJc!s7<R6~BJ4
z!(KW_%MU#Ex}MQY?x+q=l?l;$PSA(l@irA8Il!Rytjy1~1tq0w$B7v-O8zUkmHbCD
zeg2g*tgxYTNqG845O?_M`L@@oFKR;YMX&S83Y(r}q9;6fC7{(f+}VLp(P!F|Jq=`9
z%NKeA&ZniQ6#ppcOpH92fP9cC1-g;1HY}^JFt_0{(yeq7txe6Udwbnr5TQ|%D7x1#
zbW;<#=#AF#^GZ?|nJLhizpbP$7bt5o5kuQE-3)~gtV^xY(W{3Zd0>acKc#|Dgs*X#
zHHt)glTp-S-@uF(C^C|&{vUezZ{G<m4@11|uw2&`KRwYTPcZZ%v2Nb?@_DF8WO%By
zkqCC9t{V`MtYt7^{6bWwP%l)<UEjguTK<T)Jcfh}vy<Z50AZw;TnvxpErAb!+5DXY
zECKrIpq4jWgD;hqy*)sZm~#hPMGh`?wCAwc4m<nV5U8HD7lVurkjuvHnQ$;6LlbCz
z2h#JzTs>Icj(rX{?O6orzF;^H7qP|vq9n|mv(D1Bb?au~4+th2CYV1E3!x#QMmxNy
zMl%pnKkBTX_Kqy;u*OvGj$|AtNq;6}jKkpR3qUJ2O$gLx_ltxZXF$ZtHP{U#xyoYH
z@#-HGj5YowC%zX;jmiUcpNZpQ^SAne_232EW*x;g1P&L`U_{cPu!|7FZ=bm1A#H{n
zLx?mO_6dpw-c)7bHQ626<YwAX?O2YSg!a&DEUSOYee7L9v_Owa@77Qt$k22h|GxPO
z(4UYG8x{$0m+g4Ffrjax0M{>|DBgsQ{A_1ft)r8gqBgft|L=t_d!tu}$UpO)J=c3#
zoarc|Q~5m=d+^}~YU(okeqwKezU!li0HTi%(QCcJ0p^`&g^H;wJ)xWsUYx~o9ZIBk
zbT?Uk(_dxRj3_(m+DENw6Yaah*Rg$QNoD38%TwXJUnuPmO|hM93h%NPHEyH|eO&Rg
z=wH>T8Kh1ay)7|<C>5H<7!*xOHz3^KcXzPBREpLCeYt!y2YhPOzX_lB27OMIpF$DW
znI3c<tP6AH0va~hFesxhCs_BOgS5^KQpJb#CudP9-Jgk{@BcWAJyj`4ONMr5T?uyh
zr*`i=><?sbfA;mkOb;O*-}+}m{j=cb6I)~id90H9oVmyO;RMOLva`Gc@Ws~$zkSsJ
zN)gJ_K_4Y^CxFg~YP`{>b1sw;s7$~hZXv_eh&lK5a>LE`nz+g5P>N_o*ELpY`;qrs
zZ{^q1(Euih{%eUniMR2Y<KQ!nIh>9Gq(!jo8eya|0GbB>4euROzti@YRU6iiYORo*
z0GZuJJ#RJNv(RTS!TF=R>L0NL{h1sH5$pp54_OoVNC1_$0M7$j7#6R()~Eb>RXsJh
zP%o^xInQfri6{G~wGCbC1v|vq*yjXi^YVOrc9r^O<WXEw4WS<S*gSv$gGNE-9jM{(
z;E;^gA1v3;(y(z#`=t2Bo6a@<_CP_~AqgY}w^_LOcZB<+Nrz+jW-LVEVDQP_`We*K
z)y*QgUq6ihk%b9?F0uY1(BjoGcC)TNY3rF)T|Wvl@>sdHHr;RkFTw2P@fty83g7Mt
zIzKcyjH;ETB3L~9MW(SMkf3AmF7#jhueq)>a#JPf@bz-dp@VwaH{>%Aofi}q4p{6~
zGl7h@sZ0<TSR`?td+Pr~F_KR#Wl8R0X!FFs{QZMrnL&}$&YP2F74f@l=GmfWAuEj4
zrngeRmyJtocBLC0Z^(Vu&N0uK?BfGsJNu(qQG8;xy2x-WhgXTf@*cQsVC`e+^@wI!
zw``VeCP7+yow7%F7?L`7(pGotHz9&)^WHxEkh6Bw&xuzXyJKI7p1<8m%7mCJi=f%v
z52$%&s!U*By9dNz2>gI&ph#X~j+YW>gOWhJR9x?{DO&-K<~z%>b89VvW(-j+id#^$
z7f%Jrv)e#GN+BP@<}W<lj5pg(luhV|-j{xmFQj8PQXPm3)Ce9I9*=_VulabL06P7L
ztlVVaA(#Nfg8ZE08)W(0$)V{Zt>M7kmq!ltm*A+p1F-S}Qr7t4+*3f1U8id;xcQa%
z<t4<NLK`IPjI;n!T<d$MHHs;d<Mn!l<@9%0&g;*IICg%|V21uu%g+>Zah1dH%E%|+
znXqqUcfPY$MCAH4^67^axbJx`z)u=-+T;OXpkS=Sd(N~6TH;#*!5I6K7s_LJ(}!4H
z^%aXZ?d|?iV?IK4%Y~?YA>w>t<l}d56F-XQQe2yoamg6a6Fb8H{^1{x2TOxd2E-^G
zM;Dpt(Zlm7Ti%4pbNkYY6BxDM14={XHU2bi;DgQ*ocORJ0T|4}WJOz{pXvu_PL;!#
zr~=L4HpEnVlHp)CT-%`RpciSFe_Fn&;I>d0E=1HYe&~rd<rnI(n1N&sZ?fu;8uh`n
z=T(pE&HRGBH~{JH78Cv~I<a5lXEy&le9PEA(w{9I$Oa)K4m$wXPl^^{Fzx)TK6@&?
zlB70^%;HJ<I27vv|E62vY#>E(I`2y#g~kF6DM;`&c;#0ZONX>}GMy`2=NhkOfO4rX
zo6)~twdf5z{eSN%B|&!Jj|~i_u{Q?+<o1WvU)2-!AwPwvmnguXe6(^ms5w9v=p$*k
z5Lyx(UdnOi>D9XYb(62k&Dscc^4?mYF6IdNWkE3u>$?@dwehC1l^wMiD8kopEq}G~
zDTf;U&mAC}6(%uV14nzEj44szBN$d1jEr~r#;JtMhu#mMUbqLmZ+@;KxaQ23(&>6f
za;+J55^5`d^I)>6+H<?=N>f${JMvMyORH%e7Ml0!VH~9j-auvUBTOfTk3@wWWq$IT
z(nW&&8&J2x=%VROp}|d_0~J+ih8IbU`_$ltbPwAr(tsksR|tFrk#Xb-2Y|;|$ovaz
zsCGHdd^#HH)Yc}^dl`)EuL0iq7Wx7C?oOffgW9s=MriiAklr;&v<duvm(~UiG8;qO
z5Y9jX0JJM+Sy|yg>UT>R=U$U%Q=!0&P`xK#nZLbJ{I3z*Bs{auHbL+-GRh<Zy2M?_
zlH}h5DYA)iCOS)4$m{IU8&nB)*;J7CAmVOqP(q9?_sN$B=X8|2zNO0dA(^T#Hughy
zao<-eC*@mMz$sRcVr4P1qBw`Rpr!|Z0NJkZaHYhSQ0x#X1)CUEJoi3nNVQ|<1Oq1%
zq)CLhl6aM0WJDCwo#1xa5&T&qrj%Gy{F}2Qv-1r5q#xKHAgsPK@-AQamghz+e-|#f
zed>ir&sB(?^G*l_>Ecjdo@lMLZkO0=7v=8;slEht_=}kNn7Hp2k3sjpd*$zNilGCA
zKu98Q>v087QUIz0tH?tt4zv!h3#>V4q--3@=aV%<lq@6|in(UpTp=GWKjpCAm)mFt
z@*d~MjX!2x5RT8`uzo&a6vM>LT9@rf-Yf<iJ|Gu1c7YkNGSoW)dphc#xIUySnxk<-
zel~yeGhSZtlLJx3S1E-XPqjafz05PoJNln^=7B`@UAz2umH@S84zlpX6S3lM#5$LY
zU=z#{1mPcH-&?FQz8ojOWkl888{4+gTjxMQLv}a#$x@qgSv%Za!94e7^=;rtfcPJ-
zsyrw-Oa<~)GJ|-v*=9yLHqnvrlpI2)VMeN?Os%PAhXNZSTm&tg>UNbx%Z~u-KUnT;
z(t+5ei`RA_`l4%e`D~myC*r>S)E{gAM0y`Sxb<Yu2Xaof%|1F^2nIYG(|fS-`k$US
zO-#Q$6uhip5{h_Du0WFs-DJLtdOyQC5q0||&BYLItN@;kol{$~;*DhvF%4w>0~y$>
zPKR_Dw1;UfmhohoDvj5J&TBE+bc)6KKp)r;TEmy|XPG0CF$y@)X;4iB533qhL>J99
z<p$58-H*kxx;1y#UtLGnz1plm&yfa+()>a+7q(^`dhOUBb|)qQc`{$5`N<_Y)b`fd
zW6+`v%Ywos^0ut9?997qwz-=q9gneX#5Oj1mavM&Isk(|8(^BgZYM&Lz^Q~T<J4(&
zwn_-y&L*Pi1wdJ69FCxAJK5i?OXBK30*mVq!sA0!QY!lG!R%jR@Nu_dcXA_v7Fg#-
zaYipks;|dw9Bl-XcW~*6m?zN4o3eCAG&Gmm8C4cK%`*VJ6VXK_(`GajX5RmHh9mQ^
zy5|=wyKZ?1F{47eD(6oTU@n<V#iEe3=5ice!T^Fw1&FNNdkg}QBhS2@qCn(r1C)=a
zhYvR+Xz;A)*h`fqX(KS)Mkfg1U_tL&2-(*iLpHwvyB@=OfmL%TUuYT}_qVb92kDy_
z%7>zDKCE!rzN36>00}#qc%SkKlT=My5>!`^akpKr&F-kKQV|3)Gp8@!Z6XV|DejRQ
z)`5bO?Of@HE41E|&xdloN#AmhPH^#AgQhkC{ObjoE)1S!Y%n*wJxM^gV97=aNLSfp
zMd^$%NKIj6svNf7kY+&*^<9OYwG$&7`(`|?03AOd7Nj0j5$)yLYVTUq*&@_PhPxbM
zj*ZH|XwsHhr4OS)VTtIgfH?wES3)W=&6M-twS7BpYHu5aXaI{f!_6V_YQ!oUl}8?t
zx8vFKHuUpUhe6peN+VF;Oe`VP4PY9tFO0hMU2tE{;~+0!>Yh+Aeuiv(+@(TI;~nY~
z0!4+u=b0(6$iH`tOt?J498?B)i0SGanZfgoZOo8!V_OPnR=lz0>>cxFQll{8<(R&I
zl9S=#V`fZ_{oxu;?#!`u+JO2muO8H;txiy-s44qndwiI%=w4B;KxWL`ZG<yoMLLPf
zS>~dZ+=bZF50eh3nmoD@pnWI=;dXO)4vD<oaR+XW-`)ei@8fW{X`;G8FbUkMT1Skk
zpPS_%X6_@)-Rw-S+{t#y;Gfr=8SRAppLP@d;uD6usamwGHPj}0ZipLz^<Nl-+NRiO
z{&IR+8vcqBE<7al$}HDmX2B;iy0$dON%QKfk4uP7N^Y*nzWz!>h%<bqeHSJ-lIYTU
z0e99gOC=qt_q$~U@W$ovmRowWEO-(|A&vU(uDFnFqXHQ9l*y&jsDReD;!a*{`?u~<
zOAPpXmNqs#FU`6fm)JMMl==9>Z;vVBR<C57PU%>nV1un;T)7^R_)bg8mQW%+cN=)q
zulKXk0T5}^Cu8AVtjK!k9;OxfV|sd;mg4Lo1ZiQX03S2bPxNE1ZAE8E!_85|#IhI9
z{})Gbc7o{yg|9eNO2kEk=)D)rT(wf8AyWz4eWLzar|8|JqXPGEiQn*>18owP;NYLA
z7aF+|*)Hts!2T~>{-Te7Fb9`D{Ksem$o2QjwU=P*$Tru7K1x`RFjGeU1$CPOkH4`d
zBjp2>@g%gZCu!RA^x~%l4|$n;*s#L|iN;$vB#^af{x!kuXWx790JowV1C8OoVH0R}
z7q54k?;^Xl0H*^S(D=(ye7pqU(>#>9I)RbjORL>VSJoV?jSS&qaxN&8SPnt7vKHXk
zD*+KVAIrWp-=bAudR&a+Bo|i~H@^8ggk0MOWeET4&T~rD5rYr9vbmR}>I5}hxgeAZ
zD(Z^%_*BQ&1k?TXmNMbUrlXZ9Nwe1M?_R|gXM1okt-`RZ?d=9z`0o(xVopuvbf4W+
zF8y|x#V*eqYye^_z3T~?$eV%8Ar6OdJAkn7`bIRe=jK7M8r2a$PXgQ+XeZYcXlT@d
zXD5y66?TU@DZGU<g+rpEO}C$u#vVA*4}tbPr;%)u+c#Je2>vKp$)+@1o*Jl~cgxLQ
zHMTu}Rj;QggG{kIx`SVHz4^ym)}-~*+||cARl9n$&MQCs-6V44MyEL|XOeb9gsf?Q
zLU*$7;l1rxK>bxXb5+?{64pWdWgFz}HZi=`F938f2bae%vp!bVDEh8RQ1M>!_O%8r
z=DpLCDid33KL2u9U|!AVrpNI72uDgZ=tr4vax=Q?c|G#j0GKKrybISCxpq%=R}ipl
zn&nI+LzVT{=<Oo~cQ9P`<$G%UObbXEdeyczNzhl&JrNl{Eipog+2`tFN5PVcJ2QtX
z<od@Cg8q+?@sWsgJ2Be*+ANI`!$*6wIVevTNR_C=KL?6?Y*>UzC)yrm{}59$&ZGO3
z>8H0xf&a4d87N~=2n4~uR5faB&U;hi`^`?A`svp6PbG{EA?L-KyTvr8Vq-R2I~|zC
zOvFDYt=UzPwi^lysKSVt&@%)K8-F5ZU;i;<0bs;sszb(J{*5%e^Q2Ap=^^fy*V!Jt
z9wXsbtV};D71Z>9DQa;8<0oqq3=(;``K0aPH0S%OT0||aDb=p}qU^YD*Kr^x=Jw*G
zp*rXeq_v8ACpn&c+W_&df&K<Vl`v=#3n~e~Tb&^=#7|0_4fbwAI_mI8KwEK&DLjMu
zA{DpV!#V|mY{SUdxeb2<Ga@6Q{Kknk$t#rfT_EI#5g>6;Mo_wQU>C=*7}pH%{~IBa
zC=z&7Ke(QdN<<$al7$(&Y~>t6`co`)2c8JYXeFpLR){`4FRH=WP%qpqWVR1g8XDE)
zW1P{`28ob+-?whlC1Cam4Cl6#4sj!`;?dQZZ-fYkTy1zKuy)*tdag+hzpT&>HWwwM
zek^pjL_8vw!0j$V9M}4li0rar_RuXL+3YhNl{)O&-#d|8(Oht|G8_(k)`%RDarc*%
z&0CKDOBA;yF7-kDGHLM<u<hgTq8EPyT)pq%m}U^NQvSsuz$<b=dxn;|_Ba2&#c$AZ
z;pIqZ9&|t)fgD4?zq{@4K}cqZ#UON5m|qq?b{ow4{YDTx`oo(x)jBk!fFLcFQt0oe
zT(B-l4TlWaAb*xIvf{k+7eTDyS|>zvuvPRi_I1d4d{koJDB`w1m+n>xkbh4n`w<%M
zFVG7ID?lH{@Oy4FlU>!8kKRATjEO~M_2LbvQFym}UPYCHW%f%rG@pFFmK~0+>wxwK
zm9xBEgssD@;0IiT5MGdfJmoaFuV!p|5)X<3V5RVO-?F`$9zUOO>G#J5+QoH`oj(+x
zjF-p-hQho|AI}TA9K=pvOk%*-?_aDpSJK#NIO(LwJR!8e){qc8V%3rjs<5aV!6v+s
z5fQ_`#>0F@!(os-rGV)a#)qtsBMNY!l!QyGoJ?Qjf5Y(?*@h!dhm*^W8G8B|`ah5w
zA1zz#t%qSkwGl>J51ZX>YiWGH3BHQj69STS?@-<)hffj{zzJ4MC3mwzLGr1Xj`vs@
z7jR)*oD`10Y69?JngS&{rt?T2Zp8-ADIMh3Lw%+l@6fO=+AJ*1R0KZ8?R{|kH2IVQ
zbc9GP$QshjduP)rZasL<9~55M8sFc8>GwU_?#`Dm@VqNwe4zaE$7m`gGStO><zG;<
zE{z{+E+SV?XamT!&BTwd1`$*6OUP^1pi*d*^{>^BUu)Pv+FQ*bVJDhJT<ICc;L9Da
z+!eQpxUHzV*0n2H9jwOo#mjcwvdxk9rm{{YW=eZZ_RWsqJ9LQ28~nR_wBlYCvcwgo
zBHXJDqv0zaV007xF+AAjGp^rj#QG${zZaqmqPn@HMsd1(T#C5OBBxZGjlg`9aq{pR
z<!!4t=Jxs~1=`w+zqi)r+^_obm;8rg-;)(h+pG_UWf}sDAC^kn7d7FqNubQ(`gJn9
zJsU9A1@j4zy5VGD<YWUx#e3oc<3xuf#br-@9}XR&j9Fte7S`;a9-$X@GCh9sALy=;
z%?>P_&ThROeki^3g9*ci0a5@|!Gi~HazlU9?Ap&!kLXE%Cpaq*42RvVM?H_2=iHda
zXd|Bs?yv92MuT}S#q8v&MeQD9h&3Z@xZ5aYqu(<&E6b+biLE`hNL{y8CqrtrtR0Nn
zgv*a4NrFqy4!TU;i6kB>HNPU`nFb0NjNrPb4~wTl+f%L5wpn=8p8Dm{I4IcMx!K-D
zme=;*Ij*zlOqYo#=9D)Odm8zO<Qu!fVHnK$H<zM)@tkD4-9Uc}E!pwpBZ1i18PiKT
z?<p7AiI%CsLz(6xD4y>AFf3c7I>+U2jn8~<IYx<-hhnT~e!lKd@*TI@DHrGCz~MNN
z>bxaGKaSl>`p@08>Iy11`@XWXDXQ+}advpEsEGs2<B^$YUB;-=7%AsvrLQSwhSSqe
zWv40eH<4vl_zUa=1tu>uni0+wT$|;C3sBtZBGX;B*&B|wiPkG;AK>66Lv}v-mWmLV
zj+VU|y5(1<sD7?dL3twOO8J};VR)eQ%gssmFhjtntf_Rp+7LUzV))srMM6X!Lww@`
z<14$#^*KUiu>Ou$L*}Z%t?6O=`y_WYCk<MG1?sg8WYg@@U=x{kcwUk8@t+A#{YN;+
z6nxsL<wUqI%l7muGKdSkizZxFLXZFxqG}_b39PWH#g0qSt3J~j-koMI+9{%NpXM6I
z%6VBW%#5Rs_vQ!KwfSZk!FkwTI5+gfd}$cvO0#DY3w_+V0jQL#wokQzF{mURC4;Ue
zCzM75huhJ&r}+uNbLgj{9uL>3=t=Jj($TF>o!hVlm^qu8nkx_@zaE=LJ4<s*d_YrO
zbL;4y7IO+xE@m+_dbDy~h-^#!Y+7fx5NO5k(8b!*4X#^>ozU**5dAM_k#a^LM$&|n
z-QT0yVSH-wo<P+D&V#=GIe~_T8Xo(t56)a9D}x%9YJ9XXbYG1nLm%4!yAO@t?xk<d
z@&Y;1r|ciScLj^ACfDgvth@OM^@G-}Po_u9IheX<-}}zf*G1cu6V;@4$m%BN-mC6V
ztQaZnps3GItXxXY9x$y&CAzNLGzqO8riH=5eC?$?YsJGXJbFAB=RcL<C0gSM=^lis
z>^w=CKOc;FJ91yGgesl{{ovQyAZTcmANiT`vhh(ziAKd#0dD+FN&ZmH<3*!}U(#um
z{&mTF*|$%OQj+fH7VfuOZX<(jeFmmusr_~oCT)b8h&tGGaZ9vC5g!*Cu%lvbU>Ki^
zMF!j7a!!%()Ii>QHX2%39K5a(COT|2uzF^bfVuIj7$e?+e5HT1)%|T--M>X$NeK%J
zzvUfP)K%LtIOkq66hRS6g!m;|owAp>25!EzcRy^lYSN#g_UGzr38F7(F_JZm1jj$;
z_=F1WXQnqM1T|#LnEG=~253{pw6#>0BoU|`@plW0Cx@dJ7<g{yF%M{5$NLWUb(hzQ
zw4$QB57sYu9mcC)@h7ewpprE$-VV<=A5$EN?bp^8hPM6S@t(ugc_C4|I1Sre5&H-V
ztB-k8Tjr|Sl&_*rAYl@%)DG8TqnHN_ShZa>DwJmQ)Iqccrz<UA+CEZ~S~t4g-x$ok
z*Qb;g-0VlmCsWL*(~>i>$Zb4X4xTNsoN6&wmLSdt1Y&Bg_dgeOY6y!>Mxu105d0q~
z3&gvbzSO$*FP4QAfD0P4W_f-U_vy`t0y-M4P{zO<=Wusu`@SUgvyRbdmpZaLZqui+
ztAweES}*vZ=Pk*NF|^?l@9`rH_OzTJ*L4obpfjP~TI0Q4K9}Cp83cAB5#hfmk8vkR
z5@j*JEbe74w-+n6n}5eKwppe1jju}xt58%=bARF@)mwY!_)EDZK#|HUq-?t*e=x_{
z>^Dpm31eWS!p>pVOO)nV6Y)bwiyNor#0ha4qh!Oo*ZWlj2@C49avu9~_>1!FvkC1S
z-<pU(>~#p!sEWpH_}uJ4RQ4rqecYah<E<LHi3h3!g5K^R+VF-hLSj~7CmNarpaw|%
zsB*c^d}Hx!84TBrL@=64wMfD4*WPm2w?f;JWv67nJ3xIgK|J)1rsII@GByRVf@}Ks
zo$`_HvkirBcJFaaaICOA*6R~B)nvoD&F=*WD&wha-Vkb`KN+9uPGMj3?m~nKxC(?v
zPTjg1c`|2-Y$a>lZ{RT3IJ@-kINf1*SnOvJkP8K~_BO8&DaSi?)D-!<J{FUH=5899
zm#hiJUmek0!u^gJI-e@kyAIB$Q=cjU*qs-vC)ZlEo}l7PqB`LZG4Ju1=id+x^+pCU
zl0F|QEV4{XKI#>IUM4UuLHzxJ8u<s5{@}~lu)IZFo1t9f7wZqpowj9EZ$<vbD4UIi
zv3cAsk57Bq(V`3qJ67U6b4R&%Yn3c^ys2@3)roavJi-hJpFt?tQs|JyHQ%w^ix8$z
zU)-wMrZ~}-K4|9ridON|(u`yO(R(g&lkdk(wy_6mhq(uKldrE<sF^bFUZxTr#@Y==
zFo{@5dfg9~El6~OKbhgDc9Wy2MWrS$ABzCdu&P_|IQxis{31W6KZrt5{mh6<L^U*h
zO4z8TSWwix`DEh#`&29qQft0gv|M=4mtp#W+EL3noW-~iCYw8oeA?akD*jdbg2Lm&
z*_QRUzxJAm(^C%i$M{%&HFYjmQ?Jr!^)gGR4u|>GL_RApPEzb=sz`ga-K*`ieZ*ZA
z^TG*W6Ov&3|N2HmF;*N47oXnhqp%M^BuM?>eoUPOoy?}>G_P%LH(;TM-c#5SoM<E@
z4`wnK9o%Y>mRPP!KRH&z$St*%YYZU|V3zxdo_5+-T3Jy$67=QN<?L3On^BIXqFW7#
zZA2?zs`EIL{kAx#$Rqi_hLnxjlbuD=dPcu2Qpw{ztrX{a;b2Arf6_k@c}*{m$9)gu
z>C<jbUgwizfUPhrND_I2DnhZ-q&7=1e2Iou9SmN%$N-Zkhe>2Oa>CK0y+P|vJq>QF
zy!Eum8_}gL9699GPE*ZOp`YuRA-N%cZA&C4B`qXwALzwcP4waO%_AaXFx=PYv%Xi#
zX1!3h-sBDB9uo6e{@zBm5m*aQj;xj9G8wS(D0rRaE2m(d8F08`TOP6{#Z`b{A5y8P
z`{rl!_o55gfN<4=v8XRo6z6}Yk%vP{Uuvb?+JB*m3>G=;A*vqq*xb$cPwaLLdWSS3
zzd655{$w39n?!%8$1K(bC)A4y$Y8yZ)CpJ6_1#(C`Y$G7A;eYWcD0I%XISit0>u@@
zsP-cZ8)%swYiRwjvx5*L+(db~DSNv){oIO$EXNv*1*oH!SbjP*#AnI3H}OwHXTO;r
zfAiBwg`ocb^XY>deX7MX=Q=Nb6jtDp!FRq&?NKEUi>%<!*WAmh^OY#`?%m^m4LxMh
zz0G^t>bhNolD^c8BP1$iyYoe2|MT!4cnB@icf}Zv$2jKU_U~Fk8aLS>`3LpiiN_GO
z0vRGq#c^Z6YM{6YH}>Usx0Fw}m`U^MK&hPiyX34BPR~c1orE0Bo!%iH#Tg|1uF69t
znaQpw^DmqVUC73X+DzYFkV6~6+oM``8eV)|Ak6iEedtm0TclvxW8w1Gu*l}mMIoy{
z(?fiCEKk1qrrBa1(o4$g*m&1kzg>U}m%Gn~Of#f+qi<<b9Y(ip8GRgG#HFU%e|l#e
zw%>h;b!h=bH^BhnlXDoqn;Ut^{d+-~kc9m77#qc6X72go&LysT6VvXN-2@OT5270!
z9Dbz<B35uuZ_6QNMU*@93?C=e!#B_G?_p&7P6lN{<tUOke9%MPi8_pZzbfO#T7X-a
z#zt&m+9jO#+A=4B8Pm}n(S7GYv>n!2{+8HhFQb0D=$LD&{8b<#&cUOtDJKd9RyeD=
z0tQmrjgwt(UgNr@)v__JtQgS<>lcZjrYhxOO*XO!YwD*!1df!A<bO{HgS5KMG-vCL
zp=D+orPw8$vyAQeIPoThaA*s^XJbhgLmn)}$IW^BxfE&we<H1@fYgMte6F9nMHxS>
zgmr0qid2F=<I2&DI;p?c8*}ya&Z`qv!lop^ocTOr1NSP6IF{VaV4A<#_TZhH;UXnh
zCW-;x0*-K)NWM^8j3HO)v;cV3#YX*E=%0B5e=tMW&v+ID)X(@oD$XdSDQRRxuy5X-
z6%rqYy9`$dl8SJOcBf`<;QxC<ti{wboxCJ?`cv@3f6r)rk?BXJ$Utzj4Ej76FAuu-
z3B0;V^q#=K+$S9j{1)FaH@_Gg7Jk0bpG|9$rwx$(9p5Cwm-36ub3Zf3>EP1LTyE5Q
z*g@E`<XF3^V81{LhW0W|r9kIzTX}N-^0h)hTeq0mj-$}NPp#atYD@L!LfC*c?S}H1
zug>Mz&yQl6P^K@wUQ$0bd=*|2yb8wM_YE#$Avo-4BJ)<Nnf^Wr4lZp*izsY0^WY#=
z<Qe9s>K@A8`2GJM($^L6ZMs!))%JNJMP4?)I&!G6tynq2@JvSeiiP+a-3iy3bG9q(
z#70J#PTDkEr2O;FO@10Afk9l&K5k6w`aZaEl+jUO8)+?KG`<F{lS<_F!WdPb=J&?F
zSX6c<)xAdq#D7dWf|4`@^PL<%Y15)?Q5ama?cYv4DX*0r&Mg#4McKE}qbX};78h4o
zEaD2P)J_GLo&GH1Ev(MI{qY%L(iKqTle68HUaCGVrbcI$`>V1r>t)V0rZV=#NzqEk
zUI9~rz1A?G{Og2Pw67{2N%3ooiRq>;#4t7NlO)>P=$x}Tp1W_T$o2`e>{jFpnR<Cv
zsq?5*ofc_d+d>si`jB|78GM3mb%(1cOQoT#icz}j=M|v01fR$Kj*y}DX6bZ!!xgy|
z59j^7=c}mf-!fJMOtfh4mmIF#BEtJls1#O(I;w65C`U2WdvB!sQ2~Nf>h1E?M0@zx
zpuN1kjR^<+XQwB+*CnuR$4m9w2QhOfctFI~hXt6q2Z-Qz^L(K{`e<>H#cUz{Cv;hi
zGvxB__1*BfFIAYVV|#)QBw_i$t0kIj5*JC#=G&iAETJi*qq7e!2$%uaUKI79#1e{E
zGgCj1_(s{`-`?{0P7F1xZ|5rBX&ZED*fZ1*u&M29Vdm&LY3a25PNSkS2fjk4$2*PI
zO>aFi>2lGFIztsO=<UDiSWI9kt1LBN6FI?5BX^qmbHzU_yJ3n-ls!zohfO83BPiLU
zbL4>D_}zz}s6cq6lHI(P&lURc2q9W!1r5TZP{eCL`-!cQunGyD%TBwL_kYcP$FCFT
z-C|2%n~Kd7Pgwjx$M|5&gSTJy!`(D{)+bvW;Uncj_x&ZcKZSZ}UD4lC2gXf-PcHfU
zIPy5|45n8bR^L(d=g#%;nL`*b4vmbig>`P<u)KLMR9re6+B%uczcc;x+sIv+eR0wT
z>UFzmXH9YG%EbHl@Qmc&E{qc@8#5CrBJv_Cx&}*Pi2=%nIjVE@dp{5oNS}vq&?iT`
z!{gukb?CuW{%kJ&YDKcLvG*uCf2T7i)SChK?|H&iIs3Wx(9||t&7j2NZ%so_!sa5*
z{zg#IgnskQM|v3gh_>Pp=^H%6F}JnPt>d5w6VH%p#lMYUUV;sg_XcOqvoNh#fVNV&
zNzwPulqW5MPmv|2vwcD+suZ7g-#(44>i2TcT!<2)5}v3C$7z=g@+}7zG@^qe#S#Y!
zcIIVmTILO+1}4K&iSFhaPAGZ@H0GnL!gjR)f*+f&l6|qZovv#k!YWd1{vHe((?+Ao
zdZS#=-BPKW-mfpevV@c-dQC_sPTfIa+`ELNb+d)@P3R%vdhi`G3_Tu^2sY*mRS$Um
zq$oPHO%ENy2v4ry#Eova2CX_|@mW^O+RlbHcg(b)@$0id8REz&gqhC~<PF0P>nUKn
zet^8fY%MVWr6~$KaDNhx{oU|gDw)!C%DlL{E&`m>QjZOv4^(!*AbMqhgP~`kbRkA8
z$`!(JRNEilkxH$vMLEUT^foI`!{2)Gn?8J01T70<59UU6;Y>Cfblincf*wDIM2&!w
zR(_R0E2NU6P5)mp*RWASzjqp!<_js>2gfFMw@4H&MU`Jm(kv6*Oi3IT1(Py2KV|bS
zB|_v)7Z(5rl@T1N7+|O0=F?jRTf2AI{iJ;p^QvAMsy`N2JYVjChr!v?n}wj^=g))<
zYJ+MvZy8%bo;N2u=+h$P4g3!ePNlC}PW$q<245#d#Sl{9-+C6f4EBfZOVg1e2Q@C^
z>7;C{51u5Dch2<L>qIJPc<rn*wB&HhitPh;al&be`zejG@G|X%y1vS{@)`X09~egI
z*&DV{;Nfb-hTSsx+E`gN-EiY%qSuh=GV1)hzl4N*lqvT^c0thhlf$nMSk5;zv$lk<
zYJOTU6A14i?7G}6<HXBD<rGC=oxQZ@5_NlRS)x-3+fJ@-i@3E~A~ZTcWd>SH)gaY2
zE_Zb&?U@&9k+hmv92ia@H>~<p_)SkwV-nzPH5Yu^7rUxgtu60t!cBcHooqYu>8%jd
z{}UJ2e=Jj*9R53pi7wfbVzXpR#gV*Iq54JM#5kGsS#IgV2s}^?{~jm-gvOU@)j8Kq
zyP5ozFW{C=8T-MlvBg=-i4Xk{y5p~3?N=(B&1i?mIT&sQsEvC9o~#_q;;Wy_2mk7Q
z-d>SsHC`Hxx~=?%DG~#zm5)cljz!4(aS4bb;Q<S}*6U7-QZJ*@dsDh$1lCPMS*x4<
ziBDATFJnDJaTA70Z<Y@b>bs@jh0evxr+jsc_|+y=wHJQIPCj@A)p#N9`fGkSW#pkF
z7Y_5Md;PWN08Doj@i`e>6zzF+*SmSMH;(>I4BTOr6=31j)G|&U4a==#eg~xv(x8aw
z(ce;3c)SZ*zu3;FK`gCAd5^SR_sPC$!s24Z!?fdUNY!9wcuoxViBP?618x1`CEbwM
zHI#R!rK6eY5k!^8Y1xE?WpusAFAT0%;p{y;;S$82Uh8!o=sQX>WVAWjC+}v{Zfl-<
z1x|$*zRI|$N%D$jnuaF9jgX0tH_3Bu%LKaX__>}fN9ehhZrk_}TsH<<M}b`*BCSW`
zOsLhXQR#)2t$M=9s8jyM1jNL1v=caR0JoVCaW<qMLg!8UJu0f5ckHuF_vM;ny>$L1
z^lL7)0VAa$JKYHWA@-6170nrdRaeq9aS)q)sT1P|{Y3`X_7V%{I?E-sY*$a|b)Cfi
zgqm#ZaT7EbblMY>bkUY?COzEOA~JP}tP75Fs|-B>W{b`b8ew>GcvfvoeX(=vpLx=S
zzWsJ9`L0%Rv}w7ze`@%Kt(;#kIP)au0=4_>G#`wt<Q|e_>>%<<Zq9>=+b)7cGaPLa
z|K4njVA<y)SUU>1<D0dw9~!glwW}mBY!QDycL#k8c?Pp7DUBnaKm&U3*U(tbDH!Av
zxQa@-#Ul;Jl1E@_0U8j?aP?SqH-21JqJ6d97Vey~B7w_VaUuVLji3HW{{_4TL-|08
zG|Wh^*mPD?*<X?&(A)Q@+P*ADg*@+v^%aog#c~_1s{`OEn{B=tgA>o))&IwKM~^^3
zHgf!Gb=kic6#rvh;j|TH3wFx4p06*Ew71%P@Te#-j%RpB!T6rxeZWv5SZyFfvsq^}
zKW~tZi7$cZpP5my<y`%3aa&tQnD~J%cfjil@~jVZx_TZ+t-JEH3$x|Ra;l;H`1ShD
z*6zGw<BCJ-$tj|-T&b3c$*iCMwHxj*?lbN-XdZVy^`Ht*!O*|wtiv6+UTRLsRsFub
zD*KWa&#uGuWN6*v3wr&%ovtSW9cun=c^gRm#|+7+g@RG>f?1go_({INRMX@cK=BL=
z?*ka$GmHpyxPr<?=bsN-QV*)9uPB4=N1$J_uR0%`VfON!x&V|SrxnAnJ9|Xxjw3e>
zJ1#U_D>b*;!UMf%rfG4XxZAW~N7a;6vL`Qii1qWo4#QnVUNt5`FgaE9$BwF#_nPaP
zT=Xg6-xh24RiSC~In9w<29e6n58MF3U?0`}6!^KR&6_VUF3(Zn=}%oDp1x9?c1V5h
zL5p15Wp_Tw_9&Q+XL!%R_@3c?#-JhF-}_jlcc1^un0cx$agSo|X4#Sh)o1UwRMtBp
zC4LlK-MtEJ*DbNRL}^p#x-9l^_drh|B&qA%ov)j>wQ_uta12)!fXwV;-2W1WyN7#-
zJBdVUT%r*7c2}OZqOOy#vS70Ls<d6javNkl*qZO39|%0tDy`$}{br<kb2rHnb}KfV
z)|`9Ls%&&|1#_dpXrAGH1><{$_aBJhLj`fLhtBM~FR|{s(g+&JJf%5wLl2o~b@)BL
z;Gjo2y}i|q&KiRY`9Y(}!wblEhadC<;zt4j#+sN+3bv0MY^Q%_L)oWGN^!@yN=l?y
z{hTc6&WjDjRW^Rs1vEPDc|~m}QZA*=$q%wb0uK$(4u_N|?YY<W87J#Dp4Q;`-j`Y%
zjNQGA%^5~27~eCDPz>a9h`m;uzpSS7PFdTjd(D>xCYi?3)aJEx`1sZQk#Kr?y}n?F
zE6~>AkL)+52?5TKlB=4PDS=2O3%Wr3O!N<CbU_{N&xZ>INRn{JmgT5U+-X*5oqSz9
zAk^1q?(iY00+$a;^N{`~yRXICt<ZK|Dl(obXuc`3h*g~?yFX&M<_U&M0T~$HS1`V3
zU>FkCu8^|Pt!Z)FyLyba?zRpe-=91X$O#5A2-1Z+WtQwqy0~mP1S?;ijrRFRG2aL=
z5IpUxr?+BUBH5@0_h(PO?rwP-KLw8m?kaBkQ0(jvgpiQo=^z!TZE~v&9*bkhK^eyJ
z3?mtg?->|k0yv~6NS5zIzFQrBs`x=40~uscPU&#<)HS*C1;%y9>*j2deZ8g(^glXY
z00ZZZ1n!53AI}x4gW=b&SC{|1QMUR>4YYWz!4)~3p2xr&$=~pvK&Y+L@AUKrLu5k6
zpab!PKM4kgkqXB53=D4?z8+G;wV;Ab8b~{+p1WBF?jOZfY#pCOR`-GaY3KjDxXcgV
z8Q&b=AO8!of-Xt;aU!Wii$BiJlBFF|@4wo3r@XDM+3ocWDa2nGOu;iS3<bvb3=FX%
zic4MzwFHBG#`f;Y2FHy@=Il$_xE=DZSC@UBLWmP&$*n^pd$fQxKS_Q|hyO|cJjd(w
z+ahbhH^<*6r--JnEQ`yQZ@bWNRcMxK94*%F$cYXw4BYuwa`PD&Midy|Gcdd?DEGWP
z1K|Xo?%ob(kJ{jTC~H4m(6Z%RebQd#Z`-QAPp_DgDgv8+7)Q2u1E<m?U;?*;AL$8*
zut+j~NsBr&t~DVkEZOlL@J;CVnVc$`kzO%>Yh}_t<;K&RllPh*O08-=sbuHz^}Y&<
ze>K?^1H(uL<9h~%SB!zo^pafVa0fIkZjs6km3;W7VcYqJ)kkZV<*0t$ESr@n0V|K^
zCIEtl@dGS85AJCr8wU?-QSGVG6Vk*2KYX_Q(aa19uDd)}h3~NaLc^gO`pW{-BbB|b
zdGIm#*b#M?7{N0zyjn26XJB~k7?iqRhR^(gkh?qB?(m!KKAp)^+vE}|ZFkGt&J?s9
zx@pKbS-19B?YiS(TYsW1agTCNmTd0kA#HY+Z1G+t4&;x*8Sv|oTZYpG&37x>gi1TE
zf@_)V;YD%y4&iU}LSS^x!0?8__@05`tpMe}fh>r>4E*C;h+)2DDD+a90RscWD*@ws
z28Op9!;?Li47`DC;MtdWBVU7of#Jo$_@04*fq{YHeaGX+{}1<v9SMUaV`=~Z002ov
JPDHLkV1m#)hcEyD

literal 0
HcmV?d00001

diff --git a/windows/deployment/update/images/servicing-previews.png b/windows/deployment/update/images/servicing-previews.png
new file mode 100644
index 0000000000000000000000000000000000000000..0914b555ba105d687443a0dd37d96f4c0399600f
GIT binary patch
literal 78290
zcmXt91yEJr*QKPpyF<FWyQM=Kd?4LjBHi%lZjg|W?(S}+ySrPz>+e6`9T?^@bI&`m
zW9_x}iBSC{i-Jgq2mt|sA}=SU4gmoTf`EYh0uKfJXC2)b75D?`qAn`|Q8h_?419q3
zDy}RJ0r4vi>CN;5@EO5T?z0O71WDMxU&y%qYjX&Qzs2%W;+mdDXB}ZWn(|$j?|---
zg)ciivRy8{a?;fxF-S;Uh`$ocl3?*G!q&l?P4YAHA0m?+(H>^GOir)620!YzW#H-$
zvFA_EJNV&MEVsFzE3}=|F`obZ8cM)vF`g2j>{9Z6c)INSG!hN`18EeWiQ~(l?aXq)
zA*XQv8=Dgcsrg{^@*_8F)OZ^ED=zF#y66$O;%m~JRQYi_#)zv;Zb8T27y;O%iH@7M
z6?UfuOZ)q!q*80_jm8}oXovM*mB!yq$l16w5o36=jMpv8d+YylegTFQ!Vi+R7*F%#
zezmpkF^6D?@b#7`AxJJQU!|>Bp;aIp#B_O0ynUs57Jf9-yBw_FxeWTf$e15<@mL{5
zX1VX%*1O|eMzfGS+w~UZFQ|33dd&Os?%GpLcl*r=r_v3h^0hoL>?&o$?1Ch}>n#!;
z->#G;l`_5+!e_0zm3YNdG({?GkWpbeF=-PGhdWxU;nRG*N~}_OJhmJ<_1IzYv8@qX
zEC`rrD&c<<eGl@JA4=Bb=cLTGI@Ou?7)7*}bzulIbMX%36wJ>AE8_(by+NNss=F_Z
z*;S>S3*~eTFnUzzT)=u<!+Okk^Ue?+X6451|8&Q!s>e(FjdX>_(YVW6cW_+47U}?c
zl^JvoOh(m9b=V_kbHSX9B9{NXffLBis|mli#zuuGkQ$Ch*?gdjdKZ-mk0E;phL?-X
zrn{-EN}_OzU9S?8plGp|;ej)Eh5hO_2=C*}5O!-L3$8JcrIkNnWnUBqj<>Fh^M9x4
zn^<A-GNh?2tRanp^>zccG<9&aSh~L|8Ox6uB3o+StgdZ0@V=6`p4{~!67H8F-m9$H
zuCAehVsr9_)-6E|)QXjWhmqN%hLOhLM-q>5`4DI@KO2QgDfdO;7^~no049G6DNjmb
z2D`8<3?yX+CCTd*4sM5gj{>IKx?Ul4U3B0qM<pgiT_LD2ovFdEt|_`PE6B}OqF&z6
z@&F#Z0t2=<|IZW~`_IV&#PTWXAOvAc0Mn=)gQfCZN88bx>MD0>*MbyVKGeTkJq{!p
zy5;eT1Wx|DLjbp^F6ggidPmmjE%e$}I6a(L9;L8_*^2~)Jh(>AD3-PX<~him2c}=j
z{ig>OMureL%vQpJVhq?uzQ45>roN1|2|7Hw3j#Cj<Yeht+P>Hd9KN7ITl)VD0eMZN
z<eMBPCnp#G`aBhDIoZ@lQYaarNQVyW*{%DUl>@zHvad)8@XqW0_0>q0X1#8%+hJ9*
z=<^bx8Uz?D$TJ%Xdr>?~_3MegAmR~jI787Yi1gQ?bcxIg^NqN2@bR!WHUxH1@5}W8
z>GKtJI`4CwOccRsG-z;~Jf??|(*oAqvQl)-M1}q<>`>DF1eR3@boHzN3k*;5MrD1g
zdh1``8Ndm6o1>ISLW*prBb%~__F;4b7>2{I*1&U3Ex}e!5#w=L6AB<k4!qCN(X=j%
zm0rUyWK4C+B*7n%KVrg7;^li1w`q7$lx~|_!$qPXqD96V6f>)R`-)7Q&d!PdrDixf
z-IS2<#B}yEpO!9fM$*!wP|LZQW6*77WXB;QZ)?<2TLc731#!q0w7~sDus&WORYi7)
zOHZJc72*Iy$oD%+7e+TriXM!t0?AdMDcnGE=s?1pAN7R+IE%47k4h*i)=`^bF;3K+
z7ExpW*#Z0+8Iex1MM<%Pf+{;^#)2Pb?eX}nzz=<#Z_hXmx08}SD*E1E>_1ew59>BL
z?vW^%n0Z&LY93AV0JBFwkEX_=;ZKs9kua46yL1{l9eABj3?In($JIC&eNnyM4&nZ{
zH2tSR6EH#Dz}MZ{^c2$1{u6R?7Ki)OGLGB1hln1eQ~H;*5?Fr<X)fs)Ni!Vl_bum_
zYUG2JZdtK8v3aohv4yZju_fN3pju8re>Pk~$cKS=h4FT=R=(XRvYd7Y9WeYG82-ao
zWZZQ2*FO*2lgU5?Rc_;Ib3Jm?8)~SbZSqM5ykx00{D|;Ft7A`pZ06@-Sa3RSv?{h5
z`G^>gj+9k3&!6`JE!Xbq;a%|sz-PC{C&zbsR#2Bq_sH<UZeko?9!UPP6QnWhlk^^^
z;!<nskA-uOTG{6fwLl<jeBG;b$NXcGt_+)W{$%NN-1?=!gV2h$<ip4HazaiziFjAi
zy||QR;P3=}ho2hWV{UG%PgKv4PGsN)lP*cxVL3RgL4#+jME}C#!Mey=yF51Mz2R)u
zXnuEeY#pn0oDtLVPI}v-G-$9=WV?}p+K?kpvSTqdVgw>MFlHx4;!{^Ybdtd#!^%l^
z6x{Y(#mm<CC;w&DFHK4hJ(qKAfq<_W{kMc$GcwB#P-OZFs+GFY-|VB5L=_vR>LmN?
zQSL^nwv_m(^dsE7ngu!~MI~1h6hpBfxbH&PYmfeoUWcEJnFX(#VdIqaw#D2sK_{2X
z;O|tN7RKxUtm&cQJiF0aNnm}NKRsdd8(qo3vGza?XUMAG%_83+Q{BOPzaK5WGS#02
z8@}|kG;$$APqFA`H%?E`V(Xsm?d1EeZT{H$sNl@RaR{{XdICcF!)Ko{i(IMDI3T0t
zv+Dx;b9)XQqw3Qop(;Y0w&8SPzApaPtlo?9*bMvPl>o#ZiFL{cGJE0L2KNL74aqiH
z!a|9VB7E!#dSIxORAry%f9k=o`IjGC{~Imwyd#>Azqsr&sXx;D-Dqjmh;h}W1j24L
zE@kg^*k!43-0nFoEv-}PF1@$!1E@dfp%CZTW6h-z0?kCs#82sygWW4NsnR)>z>uyn
zun)PQ|7;NMwas0cTX=4bbAXY=H{tiebInQ9+=o*`>5A+T&t*i20^wu9d7D*W=mRa!
zqpPEBNUp}+UDLM#<-6B(sJK@xmBf_~`;yAS9Q&KTM;Y6|&}3}?vP{S3pQ>xi3-CaM
zH){wN-`dAbH_C4<D8P>jZ>^Fy`leO)zxn>Mj4QMsCq$#)*m2JpuIn=Lr!QjX`GJR4
z`vA58lCLPiKP$Ua%Eh3$Nk6ccR}kME*b1eBq*?WK))7P+p;NbgvJAr~<X~q;ge1G}
z-uX4qhZMVZk?6B$hCq6f)ZSUb5}{e;x3S5+csv~aZ#2af5w?DVWdVZ3IT!w-nG=O$
zZ(fXSRTUrfnc1TTNhKwvC^^qyt2ingQb!;rFZE`aIeS;=(Uf-)lv@nij{M64it`%-
z{q*}vlBv`R(=He0+0VrZb|PMPj7^q`<3~419vQ^6v?bEaLi3*W*8#iibbTKh-_Aw6
zJm1t1@)#^HQaal5smf!!d`5t<t_s+CU9tW7`_0dU9wH27S=N-d9R`UyQ;=dOwRmXS
z@{T!eNins6rm_u$=7-bu{!(0fS>D?*SV7oLQPqiV@Ur^9El1wmsGQg@PY-PUMHgYW
zfmZRDMK9J@)0<-J7<BO6k2fSD0wEdVJq5Y^!wX5T@K>aEGA&URdsaI_*$=(Z%LyF7
z7%7qT+?<siwR>-!F07}2gmju`45ML9(z(%MAWy|XW@aw|s?vD{Vs56kbiel~Hat3q
zAGQ3vx5f0UmEJ!MQJ&g>EIff2n*M!tt2sl5=ZU=P{&%**{7ozU`5BTAu(!DknuMhS
z^$X$I5SLjj9*ksk^$3iiVRZLP18mkH3$}kRLlT~xJ^U#HqVrN;xu_qK+Q45+Y4^{Z
zyNhMxl`nuprirMODji`T=Kl0NHE?-&#`PBd8H@4Yit=e9L@G3T9Jw3ta!z86sqrM<
zH~<s1u9fu@iJmxJNTQx8G61u<Wz^&-wLT&`rbS~f&#O6O(UdJsN@M4Q08*PRc-cp%
zBD`D%*kr*qroRKq_2U_<XM<oSt(l7Hf8TzfRq8&>*FciK6@D^&ZSmZZwz!s|*1^sG
zvkknw^KTz<zvr9zHQApNsojjh0jUi&i&dhyeJ#`%obE=+!OqT%KGTC@*^z1a_qhPb
z5xtT5ooXG~M4K8d>|YwEqXB!6wpb4u)m6KE*17M>WyzZx*Qs6jH*+K{hsuawcxU_?
z;U|nnYfGZ#U65#nG8RaSz>@VHA2tYG9F@|uHoxsSO*s6xi8&vRc5bxd!NQu`!7OLe
zG`MS1{g%Zn^rxA&($U0ohuIo5JZua3&!&-908B_Q0R5->^qX+H!yvPe6wMeuI3mJI
z&8ER6cH}G&U(^22_xtn#Xvxc;VWwNdw%`9@c%<ID6RC7(+CtAO36uBlx6*^|d$$Y~
zzXOwL@*0MQ1J)6V64t$cbXKXRIHo2)K&{Qpi(kpt8D3WfLPezFzVWz`|4Ey0vE0Ow
zh<&Z4>xHOaiC_vBw=a---`7F59%ms+V5sM&0E&}-V2Q6653pFWG#PIzU_}a)SHCDA
zBFDQ;xc?-(ent9xC3Bhe9x2iHd^+OWcDmn{&Cu=8QD>}Jk?q3c9qyF+ei-GLDmsa~
z_2`}}MEnDFBa)SFz2T{&#}MRGdB!U0e17?3q(LyYtHr(Qu4>`<GWJ_LU|!punL_=>
zM`&}s7`2$JgQa(iEeCI2Rafecl13B5!+UF;GU{5joiY}i1OKLo`e5&;qs!|qSpK{f
zV%82S95k?+;*m8#mv9GgfAskV{ND_Lah*k`rfowc2MI4v^d)Q1*plFDL-0pp)Q>%e
z98qv7`nM7sg4eH4yM+CyUv&h#u*?Oe(z61!1>k`R^>&mx!&CTX{0`kbG@75WIYhJ*
zefz#KVDt2_>>y6A`H{X0?UB37AdpUa3Uba2uUrJgSS~K)2gi!N9%;?;lSI;;^M5#@
z&H*GKmZccE9;9Jeer})S;EFdVzxneAXdB)n*tZ3LUUh?SagomMG<mUJWi8Hb`6By~
zJv#8GfyD%L%rVK|0Ej3Z2_iMNi-G!aMkdlbR&jQvkxN;4vi`=M$7{L;2oaMtWB&ob
z!dD&;F!x2Qz8r$0YYtienne!FB?4d(M**eU6`i7eGXK0KwZXdv{u_`8rkDu!l2Pn$
zC+9kzr!Qu^?<NCV!J<<*=>q;7Cu+J%!{-BjaYip6b)|m$*Y8ju+ida=)W=J2@~X1i
zJL0Wwengu*J0r}Zyf0bQ#iOco_=mXskmgPmh!ZVq6=D617Xip9T^A|i(Ro<P?pGdt
z{v^wSyHu}C-nH^-UNE}7cCtMQN$|(+Bth4R<(+N3(jC{{5$jc`>cL;LV{!kBtf5<t
zr-z6sM!@~haxZ%X2UpuE+}K&$40C`e0ODwi$iSD*O$m$z3Qh}bX383Q4JzJSz8HG;
z*h|JL2WYYMX41msH9)<^&~WgyYi&^B5heT;F_bO|OMSm8@ws(Jx$IYsJ+?n-hc4n>
z(U7PSHty~K*@q}O_u&`oWgsYkerDY-vVO{c+j0_HUOh=ZeXV7waCKA~l>;yH{;SqI
z%e3m10-$4IlJe3GdMdv>$wiyIq)61=t(FB2R>^~w$L3?1javS4OhM_`-A|%Sob>i&
zJRlIy$H)drM4t^G^tsYw9yx}fpw;kkl^l_Psj7RlTz(Bk+q{MQ5Q+F732Yqn?r<=Y
z`WB+zX**Aorh2f3IpTT4+=bRTmIxMOg$&S#2n24vJ4BtGZYw({4_<il$3o-At(U1*
z{P+?q{MU`|v}>YnON(+T=257a1eLsdCs;E%e)TnoW=gb1yetRSc&B-T*<aLfnwxKd
zm!sh}ScK_76IpTpq;E|l&(O4Q0Aq54h(5fCEtPQWr&q}Xl(24p!=Qn01Ydcc&i0VX
zqEP>b*f;|wao2d|Ryz9&t#Cfckq;~&VtR^3Uu+`Hd`}tGY)YVDF5%?J6a`}c+39MV
zoAy$kkj(E>&kD1|ANY2p{rFBj))T*oLDPxU97L@AT@KI0dj+Ln4gP42rQXbsWqHR?
zZzLVMJDzoG58lf%XbA&d*`tqMnscI*mjpRbiu`L#qFXvroFoA^Q5C}{3iNBc&CkV{
z-8A<Ka8WvagpdLNWv~T{D)uQ@yoGIxH}Kb^0YzluTqWWY^rq{$>y|J0eqq+Fiocnp
zO8Ce)y5i0PrOFxG_I6}~h2+jp3l8eRQ#Dy%IC>G!qo}4-U4`!8Va6&X9ElH895V^+
z&yI|J{W2$Shvk-;BecoPv%9p>MEF872T874&$4VUCA!^II#i~OdGiu28pn#<9L!|*
z4%cW&tb~E3Q+iR_ee$du3xBr(3_=aOWAI@(hM58uOhn^4U0io=onzFG-w%2OfCtC2
zhVf8(#PfxJIOK;kHV9E92a!Pq5dF$O31QV^qQJ%ndDqwca51^K;sRj!CJ-kxW#`7n
zug1cre_n`a1(c(Ve-Dkpgq{mrV4$P8swlPBtjuw5HT>0kP`PbVvwQrtVc38iUJP!p
zY1h*zt5m0Wwvz&TG3Jb4-;pX%=^)c)izo@Q`R`m)ys^wx2;neOWzDzCWr-T35a}2T
z0iGXpb)I5}<ZK;Z3ftgA;5>pa2J7!)hL1n%dYg*&2F#k94XH2^<7aBZn!Cm-49hN@
z2+%@S3uw<Fgv4{O`1eV^l?<rEMO_yd2}Iz2QxT@Qj@k1_gy2K^p5v(UUbM7Bey{x_
zE<~DTlvQ1T*8C)3EA%Y`gGGW<VZoKUn&=}0Vt+$-+w@PCi8H~pJm1ovPRQS3m?%9O
zy{X=PXw4mX+^Z}}MLqNJDd6~GU5@kWN?1lLstvyA_rQ8MIm#>*Y5F8flp&0qNp*H*
zYAYdWeEc=cgsq0XVn}zZHc?<w`gxPG?wS3c=VwfutDcc*1%up|jTj}19}>Bz=D&0O
za<LI8`M{{*({qvdY}YZ{!#)5cL1Ax*?BAOo;ihmF;xhOXq)(5fgHJG>eZcEqbCzO1
zedLUUYxLZ2-Kabv1ACw;_jKGZaC9evv$vKsJ~W(z&X{E6*4j2I$E#_Ble9P>uAnvz
z5Ur&6)on^D^y%8kwA<Foit1pEi`?Tyr1eGQF#g_*g^EewrYexp#gk6Y2l`|3*ckmR
zg<I-{o6hN*aIOwp$SdetU$U5VcnRvI)Qyqq;lxAsp6+UHv@7s&9DP%dxIW_=eKZo(
z$%TnR+tnBMPoQ^m>MLFCP?&;Ss1#P0I`KC^B2N2_VDtlgzfv%2`g#g_Fy-`cSICED
z+SwLx%`Ym`cjhcuKF~`a*jJA{_FCvWHISN~iK4-tV1-$vLJVWUhPK1Vv4kYZjKy}<
zH>PiBRaf}ymondZ;&(O%<e4&zsmYZu{EIq@lALWXG8<=e!-FO1emMUkNYvSSMrpkj
z@x;P~#xr9}GUKLymstrb_7MocdOd0!f$a;5UHYhA);^WQVvE!K5#L78&+npZ%q(N-
zu4ENA;<T5^6BzSB=+AgMYWlhLWwL>rCWMY?k^PmW7T5{#KR>-i9iXfnv9Q<>2Zaq?
zX#UBi`kX2`%;x%O|B4o^R_xCv?y@XPiV{6nrQhsCj@dL3M18p%l+pVXGyys>2pdI-
zegVJ%e@)U!7*C|Z(R&`yV|TO){?QOolTD14tl3Ic+T~nDN>k(1`}dVDINK%O7k@uB
zU()qZ+Jm)!cP-L{$t+)MhbV9w&IrL$zuy{c7ili=llO7nv)(clQDZ`OqfnQ);5y-S
zT#2H6{qqfuBjxigK<LWQB?nL1jS$PW@}j5R7~?Jv8yG+dz~s>4-SzeTbtB&uefU8Y
z%w35kw`#Z1;>|x<uPgNfYS-!YUh@w?*4!L8Rb2tKJI+6NJoU?iK&^y)u3d;sv(f{L
zxo#)F!^<HKX|6Xl0stk(7@spGOw`CorU{n~7@=3cUqzocy!$?y=|eEq*P%##*prBA
zxb^gx?fO})6G;gvr*|$DDdmoEykFa;*4Z0sTNb34vU)|<kD&)8`)6reN#HBSCD9c+
zs^jDR1?6-;NTJ~sB=S+AZ1E0RSsKYlbpvpjUFnWyBo?O@eFWWpadc92Tvci4H~9kL
zDCgpm0xu!*nr$HdN>El&x^Q7QJD$sSzNzY-k!DB`UU<UchU`1^P@WSDzt%p`DPmd>
z110RzA{`Na@@_0$i@2j08zv%x9Bk+Lhj0;8b=}}Y+6Sm8#p3VB*&|+l)7_<J2IW$;
zgsb2x<2+7cePiYz&Zn;46cwzN&MzDa-86;GXy1BL`2c1Y-b+?;tR7!lkT6yMmZv#N
zh)kPi|51MbrwjOhOt-N$v+(TU$T>i(6%t6I6c6DlMSU^}0isN1EA=cr$F$YWLkSzB
z?bAk_b^Ij+_tje6p8H!Tx^9;(YF2)WH!IVQru{v<>e=uBrU`-5$ho&CXP_%D6v5xq
za9rG;ygYTj?hwG=0&6MAw>IiN*guvhl^@Hem$&H8u29*X(@3aB5y`~CB)x%(L!?s$
zlf@_r(^N1+q#L{mxgK)EIR4s!--DzdXwiPvn8D|_Vr&FYpTOpclC!Nj{6G|d1qFS%
z@$kVNNbchZ$*|4lgu{IgIyt^m<r^eXBpMnlX0WeF^3I~+6lwXuD<>n@L`awlFgnVk
zr;-@~`I$b{b{*>J2ErWqzg0w%pG9=*w>Kkc5kxrhZBJ6Ro{Q<1r};-1iProWzTx1>
zl?<>1M)L?Ir2ra)aZw{x6!^FfAg`By{NovN9RhDCx|Z(s+nr~s3YQB}DCW$TtnI&K
z06`CQon2}HF=tJ8POkySvCdqVc83ZJ!@D(4f+|Q#Q$L#{Jw2`fS4%(<GBD}?*(J_3
zoAEm}{MR|8h$g^CfdWyI7}8usp1R+Qs#bof&XcqDS$53Ud+7e6;3ZbRdm12s&mH1J
zM#Om6P_Y#qV0xh;()kgU&z_7w;A**OOG<7HM2Vv`vz8+56U*LJdF#j($B?d3QcT?C
zBMo5tQanW*7XMP@pwM`CYDE9O)I<3>!%n;anRhkr&<*9&eVh`wgMpt*Wt?hk*2zW+
z>wEOb%tdIBt7pGqPSPq|Ej7_8AN-TKq<V`UT$CCylb#U^P0<*0Q3tj}!L2~YZC9KH
zl?)ew6Y)#hZ+2$Nd<gO=a2-ItK?M>@C9g<p0<>2GKzlum@Nmhvb2fIWw*o;YmhV(c
zMJdXVyb?<VzR(qQc$_tvrS2f;%MrF%JulzJ3gfyPC7C4@Q(sqzTOm-e{e85=T?;q_
zXyskw8bzO6TN9;U3v`bF=2ZRE4SxJGQsZW3#G1EfeDJw@Vx8_5QpLIWAASE<IKeF<
zvrczL=+Ejg)Y{!<$}*seSeE>7ifR~g7Sp?Ou{5|&HD+(gra`mcy0w@xfO)m)DX97i
zh6%V84V3jf)dt<lJ}~v7KwSm*HN&t|GQRaBc!uy05l07&JilMz8ldX>4#)H!YNFcR
zjs#`qGI`-a$y0vCMI-OQn4@ojMfmf23{`}7G`*v4by-6!g`_KmOFrs&=2`b9iV7lE
z?uKzA)<3;x0%(svqG6o$gh1Vu@~Nz1b+F0%aMnQb3Vj#|{2k$J1ktJ+s(Onpk!Mw@
zL-0N_bYD}a>TuY`MSB0$sW3JtDI%Y2*Ih~iI?HPZ7(*Exp)*oa%SeV@%M9KHI(7kS
zR<Q@=Sh~m<{ilUb2l5A#hD66~#`N!DK|AH9o2hO<{{4YX=)X*EM7;&QjzpWa6k?+y
zTmdP1E|P4#^y%Scl7ZmLPs@X*{#S8kbnJSB6=YaGdmH9r(V|kEq83neF7;(z3^Z=>
zb|1~x=}`%)pRmAyO_u@eGq45gNDYO{cmip4&X)rhuP}KEoPpt`zX((78cmJvve3n2
zxd?gbhG-3`_yEc23SIXQ+28LXLR6mW4En>AL2Kovp8JojIS=p;s466U#xQV>u)4nJ
zn~@(2N9>QmMyOUm{mi0c336^2TUVgc?{&x4s?ZyJH(nA|wk68cR94VJOg=a&R(H%1
zl}&kWprXrN%<(glP34YOObU>urdLOfj-vX|KoveV5nd8QY9@sx78exaMm5acj!&-D
zQ-aXa5rA;DzXlvb!j)!$T$%v<-#cbs@a)XS6ptn7K@H%#mN!?{w3xW<5-pbieZkmX
zvXiWPupHT_qS>!zs<V{Q3V#77c-u)@S9=K@fVsOI5$#xa>uD5S^Hs0V4V&)dJ^8hp
zWHe$SS-n*a^~_0v2>%1h!sS=QZl%%XkU`~j%mC~)XkqbBA1x$zM+3HC1(eYjx%u4K
zo56gJw5#^JIQwrEt*xjMStd+xc1Kw-(vT|K{1>RL!tSq}rWmf~ehs!JcN4U+HS+0*
z&7p%h%0F{n(JYz8RXAMOvzB7W)vEUp-KcZDi<QL$kYmEz6;9EUY?^Xy&y#b!v=zy?
zq<kwp?CbMn%V_CgWqdQ{AIPh4xDa%U+Mb0zk^kNKDI@vNHC~2Knyq>U9q0TiZht?j
zyiJSK9eE-HB&VLTQv+vvS?-`=r+CSQ<AhN5sW2@NmHdM%QEU9zN1~5DUD+(n7&8W&
z^!WqO4;MQCS8M{5`W@zV+#!vfVyBv_g5EEm&uLYz5lwdJ?4^3^OFwu+``g{1U-E0z
z0A*Hvlzs)|!CVU@CS=X@gDUS6(!3adJ{eR`82~}{R_a1bu(LAUa&KR)Dsvr8%w$DC
zP>+r^1B{Pxbs<mhQ5E3=zr85Yl4MB4xHKWivsMoEVTPJvbY(o?)|`aUWO<w)3ob<E
zn-L#BOwQ_S0AAs6Af-)w%Kry{o53K8Hr+df>}kpJ6O_7cf1Ue_7s_mm!0JWN$FAi|
zbgS5a8SGHBCyx#ydE&R?uiN-TkI%T27pDf&!yIp7Qj6q42E$D1#6==h4OXLD4Ag=N
zrz$K2+x#5x{IBdmXG*YCNh+FWo`Jr`i^)8(GuF8TbsqnyW?r7hZ1u8qc}8N#Hl2t@
z0%dr+syhZk+914X$j@lu;)PHXG-)jo6#4d7I<jt>TSDIFYr6uE{Zma*xVn*^J4(3y
zmL%<SiOQ1FQ@!l;S#>{-t{-7<s6u>>drLY#JgSKZe<iDK0n@1YtTK`?8NrwT9ZB%z
zg!Sef6;KIBtBWXffqq)d9-z-K_byZL8>C+s=j)C+a%#@?iL^QnXN2ARfXwO)XrY`@
za0kAyq4yjdbN>j+7akTZ*{in7>Xd?OU5km=1oza4h~vIqs)xu-B5#_XPA&I`$l09i
zemL7Pf!a@tI%5EFPYYUU!5UBN0pgv{7b;9QzUo)jzdOlm?$o7%ch*<{OJB{1<@4uy
zi2GRjJ+^67r`C#8X;Z)SA?EC<B(@h2%%+K>l{i2k831;2nsE%c!c@PqHBn@Z44qRC
z_4nWHQ@S9Ye-PCJzhhkMUov6MdCXXU<!~?!K_QEgfa%izByv&6-3Vo2MHn<tZ0Wh;
zhW3`GNs>AD#s3$GriqcYPm1>613v*t_@RA}xJ4I}@r)pG{DFhR$iREh#0g>9Kqgpz
zpK~UVG)j>M6#9DRtoh#?wAs^Kc`<B_yJR0YBE6Gs4ZP)nub=@5s3*~v09e%XM#tIb
zp?2fH@k`LcA2_O9(SI8-Dh{6~)7QTiap+SHn#^3;**okcIn&ZtPrX>Dmj!hX$NGMk
ztd=n``}cTPPlF%`bodb~t5RqW?nkg!QbN*ui2i*|*@ySWrBO?V9qYx+;eOz`JJvgA
z;%dZ7`+aLyoobG2BP!TGUK7(((6h3JI?&sy*5spQ@u?Swr(5d(-;kEjs15Wb7a6)0
z*Rl$_IAtwbPhWju<3#>aW4X0BO@HlU*fl8)0*yT=1KI<iK4eh7a;)3{GQT0Bz2#Ao
zH4&)=EWqudOt@CN`cXx;u`>(C9x^vsr2RJ|E@KWC?1Fr87Z=vX;%}OQi5M{$+%K$k
z(ssZr(?vJw@J363R<G?CwRD$b{okgRRI|JsR|8CA$aQN`<YyUByCpiXOVdm=U7H8i
z1k1Yte&K+S0@xi9VoWSTQ|RoAwUxDaSL0{1#;2H`ogJQwY~|Nk?FE60d)2nc5K~Gl
z;F<HlASAC%o0UJh&MR+q%W72p`OQfU*hXpF)~^mA^>@B}yE+|~92Fj6fNuu|Z;QG!
z_<h6c6G=AMPyjBd#Ho|EM#jY}p74_%V<P3lRE1LFax?kgD(eG4C*%+ufOt6hk#w3z
zZyXm8APxE#=b8Cm+wEgqVt<hkd06PRN^Iv=EKK$`?NM{R()PyO*;nGRb(nCnGh^gm
z6@q)AoiC&fB~ztV1Dxtg>qXO<J-^g6TSg1%*2OI*Illn<G|&w)*5XCstwM`6SAd&=
z8)*z^#Ec{`QV*bH8W3nmHr?31Z*DZBsW-*Jj5UqXKw39uHWQ1Y(XFb$*g*P8P^BPe
zs)OF23f~)2QWe9*a7*WR{L!>0MIcv+MXcT($Z-T@((Cd)3~xf)#5>H^y^?EpV89Gm
zckaG++;1bs!il(zx#9l$y!wM|dr^2H(C9Up>InQBsL$A9BFMjf?|qe$s8`(k+}q<{
z3xr4Z_}_Ea9stqGLMg-=F*&trZ9D%+7=3mh0NkCIGQ&ZJXZJG3@rLSSAt%odR@xtU
zk+^r%2M;(4F+jjf<{D4k;<v|Oy@<k1$drH=Gx4VDm6VVU!rSoOkw=00iPXM3;VcCQ
z7Vyo-$B^R6zqhB%a3vr6=2UiFh$Bx7j}Ve1UO;giA0Q{w5lrJP_@17Io6(FX`u+U=
zrac40E^#p4i5)*^U;tz&c>{<UHilB3zqRYCAJ~~8AXT*m5g=JAEHI|~W9Mu=2#+~4
z&v^<_8@>1cIF+DZ!I?OB=)3*VdS9rK!9J5ksO%xg7VF?sBdd1hYjfqR_Wt=xLwl3L
z<`^8OJgGElQKYf*wTBIPM!blYnsZ`ZBb+u#pF6TylKj&aE#@B3@`8D2ZMoZ$>c--M
zU{3kpoD*^coQ{7gx@REqLGca~g3xOb(u-65l$17&EZe7p^C{Y}*QU8Gb>r%{fw=R*
zZf&^kA(@fB+TpULcb`W{^WA%j6l=~GDNEc3Mr~~FqMM9a-k7`@2D^4cxqexr{S*cO
z*N6H*C&TYu|Awi;j0#ibILsBJA0D)akLI{&np|;94Jz(;j4!g9R9Kvd`_T&WijQzg
z!kmTa>1qt~SkCuPN#4Gii=x!W1St>dZgJc?j|V#U2U=MByVcFy^mQU!6(Y!^_V6l|
zD9H4kgu1TurAIeH2syjB$8J5JQMT_o;RBj!zK6n<pNv!-GanH+EPNnR!_Op)uNcIj
zm$I{v8IZmu(~f3Hrk;_ZEqM*ok{fJ|9T`n=qPDdb|9e`GN`0R^J-8cZvv#3Ha>pto
zLoNu27n^74QOFVx6m@_!Azq(|`B`2qL7aN72@i1tk!WM1E(8FEt^U%B1I;Et#DHpO
znNpJNI$Mj<<D_ek`4z&XWNhqOlje#(If)G;3BjbgG0Y`M^hZS-29ei09Fh!>hXKOw
z(N`4!x1>x@91T=5zZrkx(^ru>T;>uIYD~Sk*rBl{C?*B<)lP0i3=a0}4E7|f{CNv}
zs9#&$YhO&-%h36S6Su>d8;ou2!zA*~^?3G9oEzY(_}A6t?_DA3uhlH7C9<d$v3=r(
z4SMJ7U1ENzH(Rn!iz?eb?TN1OJNrnJaTI)i!Ku)67(wTbuWO(Fa`g`rtNDBsxaN8s
zPh6WbrQt=t{v8=+)gUg1NG)gT<L&p2A_4v++ft%HK3P((`x~{QCdF`U<3?FRD1zy;
z9CjC6x*PM)<F^X$$5$;>-cf)7I1@og!qy0vlA&q?A3y1=l8q#XEw~m>3J!!u93zD|
zhunm6xIakS`E)7iJEk+s0Rd~8nZ4;Ujx%Jea#;emq`HuM5~P~2MZP54Jf86tG&Iy@
z64=1Pf4VLOROM)fAKg3j3DD=SsLPm{Dx!1*(sYFN))}l$wUFafR3J4s9JZv2z4b)O
z@GnRmtjWsgFLALwKo-2gbPMg_3~jH}kK?;*bG*+iOSReE@?R6th*h4}X}l9{#x2-#
zrNhBq(;T;3`zaJMDHMb8TBQ+grDbkM3Yn@J(`h7huUEM}rVcje2K<<nK8h}RcBI7~
zb4`*1$CW0~AFZO%xuwu&q(GGtN|tN#)-bHHf#lo}sdAJ{N6K`V59BlPu1j^<@zLE!
zKUxk8#xCg=gbul7D9adILr4l6*1ssL?|<Y7+`W11YcoJiny-Htw$Y>UTA%{N+x*Yj
zaagM?Fx)`D*vnY8XJVLVP#e576gOIASYzq$8#UW2)<|^31fv-s;Ueb;FxMUY^=~ET
z?^4khNM{xTHo3;uKFsWI_!}ViGR)==<JPkIWw<gbx{f*PIL5qpG1t!g{=37l;zjxG
z?=xiuV=;>d!<*5P=qJmliQ|bfV*8_{=uf4f8-j_~*UCNT``<^J9)CeLx2ooDDml$G
zfZs9|+&x4=b+t)M-Ij&*d=t6u@*2Fj3SYm#Y{1BaW~)UqMj?fI*M+HuK>H45*W3NA
z!f`F9kG9z<@-5`pufVTZ%6*%BOiNClnmhp`0%6;jn#u%Q9_2=+mg+i=?kzO>N`+Up
zq@CdkuI%f4Shzl>%?qM_D8nnQzU&Wg?2PMlf)JiBhxoNd0^FP&`4XmL;Bbrwpi+MH
z(fW4wsdztG9h(T76q^FO2<Vz?fU)}f5SZzKNR2fYCQZ8|xNm@Le?(Snelvm1WPt=A
zPZq8@5mL_?Km@8^%kTq-9Os4{q@$8m@4X<+INK~G#ruI^1buIqSW;hvs#-8M?gT2S
z*qe+E`1O`pNbuDvH0zs>GYy0{M3-mTR5hn_1|1?Jt9>!`oOiu)Sci8NO3sgq{5Gz;
zpj3Z0i-?-!PGrsK&VGQ0$s&o|@4tTl=j#e1o4p_wWM{PIC}!LYLuKG`8OMuLXY!5q
z(^oeeeoa6#n5dNv6`2skGxA3IJnj(5bS7s*%tR1hpATUf)w^1vxkIBJ(;Gw?9C*jk
z039-VYnlwSyi{(i1!guaE$5-nZrft3bx4f$7tysl{H)pDwS$?+ZR}<T82}v}PCW!0
z6<6*J8JYQ|k4)_BYWc^~MA4YFS*uQ=`g&<~K%ea6$Q!gjDES%)r-0b|uc7T>qzdx6
z8DybX$ZS$qqNbuqhtnsSa54D3w)bKDu665bHWN*Hh}A+jS4G&D;~FjQw;coq#L&$0
zjHykPY<w*_M9AbwpRus7sb2i71ujSIbdmd6X0$hz3wXdpf$uha-JipW6|uWmDN}YQ
z@gwF({E%}3<)HnK444CKktj{LhcRUfoL>^>NZxPC7oD*A(f5kCWPpCdSKp{+esIgj
zUowqvWXyGH25OdSt^|S{@7bynszUZsTro<Psa@<w2JpbjP18%ApIEyn+YR$Y7JP!!
zQt}oZSCyuXBss>WjRf70?~i$M4aUZbjnK-gLwP#oj^&t%KiXs+k!W`|86}s6`p{)q
zzarhNs%zLl_bJ$mj0n4MuWoD38rgpzW<|xYfkfYuSb6S`!AQg*Ld6gjl=+zrO{@gV
zXrHh@<z9~;j1enkn#K%U^yNu+K2#&Zr`m!)?@B6ZT}GV2Ql<Ko^(faiT|LG+YK0hD
zsz3~PDelJ}nvk+}7xvoLbKc3(04BB}w#oVvcQ#~%#3$|9_FH&1X7T)1eQ|*BrK}=d
z#HF>^T*YVd|2o&fIifWO1eV2?J$x5IOit#{mF|><BSlNoq4gz}vP(eYoFm>jzs8n(
z^^FC{Mb|yG*}Az?Qh-N(Y|=oZf=fd(p{n(dgp-Y#??U3?^Wi1@8uTo)3hkfogBu*b
z!zT&rQ4OuelnHz}m59ZCa_$HMt>}@Y%_hxAI3BSFU_*u??_>+e34pW}t`i$Yu;>9p
zT8+q(H@x3eJdcKrrs&gx!}CJ2(ziS3Mxu_r<!FS5c>8NLxht1m_fkfC76L<cD|OZK
z@eWe(M3_)XQP$H=*R&64{<&jlketAw<RG7D#qY`mkTv?^2Ax}%@dpt$H<SBa%mjOa
z$aJjFLAB$dk3d)P(bZDoGtk4C?V$72QI0lww3CeDcBi5|%9YWizd^q+98lC@npdC4
z%v|;|aM~Ni>p5xJ(qZP&D&rud80WqosQ=j(%i0>xB6QH71&)o~FFzpRqh_P2#bSQR
z8lgLtK*~8`-2kWkVS3R!uh&puR8`S@dja%vP=b4lx01duzedGZ+Tx59()1cLKDNR!
z(V7jQx6$~|K-;IiLXNkY1m78qIN0oaxw}cpeo!}u8+Brhicr~ciH`@T?wkLh$#q-$
z1&zEed;L_ZZERm-fi9w+vQELYgRLVY#Pmn|>+yyb?a-7PX$2pk?aMFB7G%(+Xkj74
zNqzqFlog$4NG5sRFXhmOzVAS4hjeA`OQE58?>VdF0ru=4iA9a!JLM2cIA3ZP%03+%
zj}JSGi_;<8bXboDBemahzKOK%be7VPhInZ%zS>{zPN%gt8fNIRU2zomUAlD)?9VFa
zn6+9U#YM9}niC31c_!VFve5R;S%1BeK8E&}-eEY8=Q=feV*ys-lOe(V&h^U<U@K=U
z9)kf2&T?qmnds&knadgIX>U{62UL=KA1$(!buCTNl^IbQFB`=bt6~dhsl_D$17>^q
z=rT`F(V<s~jDfQLjth4EnIqEu#!X40=*?*Obljj}N1n(ElqEPT(t2dEh+bb>tK4rH
z&s5hV&7-o<c4g;%ZiTh}IG-hN2M1|5&;4q9TW7lOP}@~M8?g-R){RI;%SN~guf#{h
zArqtM%dCYOv#PIZU3N-wzS90XgwL{F<EN$#U}hq39<CWv^A$fi+8h1r#g=f?mqfd&
z>QL^`+t%B1SvZ+{-byfin4pY}f`C_9L$xvPlkrF`5Z*-E4g$D-tuaZ~t^`!_nQ}l(
zRF%y>L>0ytmO_6N-gP$`bML2$*Cx_j8E_!0RBNw`Q~4XtP;G%7H(Q(s`(h_4<SP0Z
z9AaEQ2S(LD6;4x%(zE;s?gCiQJLF$e^55XT)I2FGFL~u?@V7r2Y$FnpX7=0RON@a|
zK5|i3s1GZ+PjBN+8H_O&r%Dp;NOzdW>{@PYY_!V=7iXLiS7J3#OC@gth|!5+y;ty$
z&Q_k+)y-!XkRUb(GmaCZ)i4JkiFgKFbqx~lZS1BSd*6%r<n?f^;Ikb)Nuisk<JFTT
z8I@)^VQ=if{TH>s3!s1k^w=iP2%vi!Xp(Af;MhBr0`^w2B0G4@&hvGui<?^c8(XFW
zFzrg^{0y&@wa!VcU_GTvc@sS;iCgIJNHN2(&Y<NR?F&XPQnd0MnuaKbFrTo!o2Jg#
zeEbwQUeuJsM%p0M>f0<8>Ob40k~|#s2vpE6i)$WyztcFd5<hjz3SmRYavW36W6Q36
zX(Ca1dT;DzF4@U%<}ULp1uTp6QIN}dU+J>OK$rcEylUaxXnz}tX0_erSTd3U4~@ys
z`JVJ^i8S@z0dQYrY#w!A)R!cCd5H@)YIFWY76;h-=~TlGxB#o|sM-9Hvmf;F5dh)Q
zvRU1VH;2i3!R(NQpX+<dty2tcK-PiJ{L-iBu#V%MBfp`dFLJJcZEs^U>oF{Vnx6JY
z-gTdwlt75jbv;_E6d^WCncq?6h(OI-f0}rXN4+w`-{$7>_nxctEez?@s@epgIyJrS
zr3*Nc3GC#UjmCP%@z3?*ofvTy{>WWIjj4-i>jJauW_irv>;M83fceIjr*F;XtnIx<
zRo1kB10DwiTGtN!XO7~IX8(F0)v7GcXVo$=vb=Y>w=-5nt|&Umqq6WGP7{`0rq`8o
z1v*w68|R|aaQ_|7KK?J<EqLpGs!+HILHniW`92`=C)yY--tEW9y&hC0gBdMaVfUW7
zsZ_954KB1V_%)h)lx_RZo#WuLn8BY73Mz`ut5bR16fOU77-i`I1`wm9$^G`49*EPp
zCn@6{l4F&Run?b)^=uaTi{x`}G!+oQ0U5&&Jey<8DIjpYxHZ(=-sP01IiG-U<b7)0
z800g~bDn^Gq0#=d-Mv`I#y-(?l*UaeVBdm#T=xh-i=e}3IL;sZou+vpiTu|cHg=)m
zopSIG`Ex)?nx^3hCTw}{zJ99Hc?n?!5u6+XgcI(3$04-DcxM%`jk0qcNBw(uwm0O}
zHQwggR^ky#V)eVwM>Cqhg_Uz*9nS}8L+Y-!dM8^G(8Z4VeXwt7xel?;^Ha|Bsqc#E
zV_IcO&k9MzdCTSQFH$MmlFN@m0iMX`ecuMDBH*x`qn3A4-S3QIb!_(wPc{t7%xo|I
z#J*FNCxrf*{#m6lW&Myv|1_WlI`{}Qj>U=F<>{!gF@M}n_OJVD-`=c~nL2(jgwHft
zO|Llz+|AM!1RHAJMe@yg;JpVR;$s9nCE}n3cpgbyr+;lQT{Z;7jl|lPic}mwtjdLs
z=LoGS`)k9F-EVFY8<s>CG9s~<7S?2)GS!s;!KbI%E2+@r+5hDfvtxwL|Isl2tMh$S
zc}_c|{LuJ#W>XJBdP%uCC12rfe_{p@@c|vVl=!L~%~#5;M+CSeWNxN{+YS^O8g<`~
zynx$Ix0Zca3h{7;fj@Mb(>n{b1rsSOur37AOU)af_W-c%mAnYn5$51|UVPw@OqlF_
zxI4Oe_4q(Kgyp}>BgnN-rM&$RJZBT1*7^Miy=(Uk?P6*p+?OMhXxX6haH~%OUd^N#
zFXDc_!a<bcd)p;LW1w|ae7>hAm}7;RR8kp0FHWLEf+cUJrm`>OkVCvYTqU?#sG^G2
zkG{GM1B^?-t3zN^tvaWZ4>Vl0mezpw6!*!xC0E(>trbWDj6{eZnG2N-F<*)HZTZJ~
zF*tgEf4WM<nVJ`GUKd<?Qy*EVp%s5tUFuHqcE{bhi#F3;(VrbbV(jpu86&NP*YiHV
zNxEA2IrDxYflID2`GeFwYFVJV26gH<#-Nb*A5<bUFrD^z@aWyIV%L9Dj{^!=lIZZR
zC*|HZyQt~1qK-oiG>W%RKac*z#8Y|JGfPG@2kLB@il#Ro>NS1=EwA6$Q<Mj$6P%mr
zCtH^keq*QuZ8^*Bf}?2kJ6w9A)_As}3GpHU3rUBbY+_h>9f|Zb)E_^q09dbTtJZ?g
zD||19|JWj6bso4UPVG*>)i|c6gLHlbp!|R8s6v~%sJe_Fuau#V%r7T(vOYh3<=@D0
z5<DAe?6z?IY8w`wd#{HFjjktKp^7DtIu;pSRGp!7^`a-yW>3^uo+oTrroFaBA_;rU
z|D@L&v*qO^+o;am6>slE=@h3>$Z|X`g4^&t1+EBRx#KfI-}~AULZ<2*<7fAedT%B8
zQSmsvC48EwO;1%krl7j+7AOTuqzxiG;(q<nL-QEF{wb6G@*IN}1;lZ4P8t!JVS|ev
z-UcfDooX4aD=}B0N}kdZR^x*C3n-MnHgn}wkfrug3!YmTw8GU*%bMQnK0a*hrjDg!
zPZZo+<Y>mAr3Jgun;vlR73o!~K%?WO5O^r1&Q~^nl;;;#-lFb4_1YFoV~6&GP)kRt
zy{qHdgoMR?eSyzU`U;92`3r)-^@Wpar@#s2dCAl%XqV#Kt01Qx7>xFug@zA)zbWat
zsb%RIgZdUQkcxIjIRnAlt=h3`tcZ<^B*-yOxPX!~<^y?J5#DPi52sSB27%kL<1U|!
zwQnfVO(`4P6`Z{G^9+L*If(~Fn+r8%=?+IKWnCCtGsLnMO<RbH`ypUp3kM+9=H@a4
zp*)0jVUn^wZRq^Y0WY9maL^%L_0f21Soozi(~JPwK0fy%Ar3oa;AF$M*!zUa6vGtu
zi6wF=^cfcsq81_|)GXjkQsL!Crs&k;gnjfGfrHF~_$m7Dtx|?A_dO@Giu+{smlkVH
zK@b(GOw6VVqwRCsrvtnNn^ZYYqc;X%3s2Lk_$*S8ZSN<!Yrl+r?rgaF6oKeX!^;yq
z`ZDDbA`)jE$kC?f4N^E)#Z+1roY7kuiDT-(inl+;ty`ej`MOg5C0;oE5>X7|<(R}F
zGbjCm(8ijmiX;)G?8idWhYJ9ad&i2(2OwWfC~y2aUH&u)K0OR-q-XLE%8`c8LCW|t
zSOTj;^XC}IXrckG;dts1r@zJ|O(i%eAy;KjXiH?SE`QHYkNJvbs?I9gU^R}4P8d`r
z(Jr*}5!N%c926VSbo98$JRNQf(7NsqAS+JPTbLBgaeLQQq3?w0kEe8AyQe$fxZdQF
zYp&Cfm8qP3E=vE0lB%YW9?jcJ=|FI!&<u!S;SF+RLgH%X9@i-gyfY>G1cj=T^{!)q
zoUQGo+Lyxm;SBIN80A!&3bww-t7E@E1%&FVib%PHEvEwVM75RtvtL(pgsSopjzP&Y
z7K2$U1tkfrz@D)$b31*pN#55h6bgp<gwdR=v`Dze;GDWs&7+}IdAb6lK9lYOCiQu6
z2v-C{SC~`{GP^)_JuAS!F7I_6#E<H+p{OHJ8k*PrmL&+MCj8FBc_JoDaWx_AzM5uh
zVp7n@V#^KmErdf)Ii3H^<r7&_*+Jlt@X_F)jaB+wEg0Cvm3e0}L+Kf^C>hw|aE;<o
z$rJp<p6b5^y+#$wCG<^JE&S6b#daxncZOq?$22>t+V5E@F#S;9;ewMrqWIufeW<Tw
z0gy4RYdb(ytS3^Our_ubIt3J20n!aJ$p*J4a?>i;S}Fm4c(cqcd7UjtP>vMq1_k(+
z_+{VlaK#JyW;-?HeXJCASmh&!-QaJ13I`2KV^V33Hw~-dq6{Xj6GNz9&(7n=u38H8
zg9Du?P2&Jq!&mqt4~_aj9SakkK0-?D4<&cJ_M>zA4nwZyedM7(e~FJOSWnD?_s_nu
zQd6(khY;&XwcVzqUmYfiVSF7|l@r|QevRz9Z`Qayr$#<ZaMcOk(kWIspg}*)jp39y
zUb)i>bKr7p)TylO##ve=Y03j`<JWekE74r<-!$G>+4`ZlI<lgQ%8lC=8`o`ZgBe=Z
zAs%nluI=~;P$va!J@;9a5>fE(?eX@IYmoXbzG8#>;7~bvfFs&MCdZz9DJFp=clK<W
zWVAm-`ST0Iip=ENEVRLRWd@)YT8fO&9<SaEM#WElsJvBUdy}JM3gvIM@TcCSep^v{
z`@rxyEQ4GQph>rem-pVg34;+YoG3!1*P#CP^78TJT)i@xC46*LHFp;{R`C{uftLLk
z#xGkb%NAe^&*s0yH2WQ?$Y1YsSh`HgI;1E?u&P%R+pm*nV%>3Y1?XR%657&ylO}}4
zF%<u0Lr?{zI>a=H0`9w1k*Ql@!um7mPUBs%bcYku*P5mmct~P0gedr{k$&M$dbsOV
zZVOH`6big}g*qK@I92i%?6p94I~m+qD-2?CbT8%P4(kSrqihi}R8Y9;lO(N?TwUoo
zBg}e2rKAQL6<&P86{L>%n$}B1OMi%2P?1<N6oqWO<@XRgMS;378sSo3OA;=jDi$kZ
z$pw&GaZ)tj^3Cy{RY!R=aCT;Nx`&iNcgv4u$S;z!xqvp=75m|<`wq%%(mnlT-IaA`
z<f{NDn^Q;T@V@<iR8s5;&-q~vp9VKd@>lL)(MjQRg0?x9XxG8`Pf2K~easjX7zPEr
zfDS^Hj#-`q$@FuB^c$RWw%i((wLA>h^!!=wk#B}iiejG@M7aF3rHr4h?lE(jS)f4a
zDJ!a66BNUMworkrYsxx0<N-9#_h-bFS=R;EN8K^Md|o~TG2D1l{^Ep4eayL239dQN
zCS`~osi8ZWZ{j+7SvqY@l@dR}XLr0F$pC&`CFoLMte=;x+i#NOf}{~D`TMYsTdcaw
zl{|8Iy%A;L@Y&UH+U{Xtcbh3sn?95D3-|Ux%iz6^s1R}JD^)a_?I~hiA!N~GrxX4w
zRR0YeZ)bG*7iEf*t&SI6-M!XYDP{!dM8mj&A2zR1&1n<SDk!q4o3ij=j$wnPBW8mF
zuqVZFu<|dvJ~ufy>Jor^XKStD_g8p6xb+wySr)l&yT-g%btQhQ6don0#i<F0gCkBi
zA`4{78*&<|Nyu!*yC{tsNJwq0#!HXg3A2XtN?ONX=FrU7S3;?<OBGVI_vp}X=`m~{
z&ybas&^6xmMLKR@q@fdPi#mX^rWlOM1+?j|Kw(8|<709*^Gy25A4(*{<4#4lG9JIq
z?`yZBCr48d)>C+$0jqGZ*IZr)^2o)n)tNt^oeVV$G~V+Uy~{>uT^HVo9T4EuAp-S%
z@xI1lfK}yKOmI<mG|ld#^r3X>z0RrJ5bx*hzPAAtbRGS-7-bYl5eQy-?&=GKj@uRW
z?Pj;;K~DEJz|p5}-v@t$hEfYZy7)pU9jc=Ss<rQWKz`mr=JJZVd|{eu@(5HKXv;8n
zAZ=$NUso^BQY}yZKaS49Ezh@&<F#y?%Wm1WmKT?~Y%JS$%XZ6l%Wk!7+ikV=UcdJb
z*m11qdG6~z&o4d~*6m!v?ini*3$mj7I}ZrCy@s9q!U<m9_hgWN*7rNfmFGyoUc6(t
zZL6vL&-8{qAYYsd#<i37UOX5j0;82?$33VtL*N~nWJ{q;3^zsnG3F=^#yP&7iZwPv
zEJMlR1J;c-^utwJykmKp6vce&xbfCjKLs%aHuTi@HaE{PX31|Z)t~95yy7~(RVfEa
z`Kco(e60Lti%;j9^p&RRnV)6oBBA&iZUydoxEG#?0>|*Tq(HJ7H@r6V)Yg9I08bw^
z=4o7?P@^!mC1eVGi_H0B=ezi{f-lX|e>=7*rVS?RTjI&%(WXqEV}j9~eZWFmR>oC_
z2ql|N^|fIW7c)dyhOQiVIJw^iYRv@-)hf>zC1FC%LaY}#G?}s9XMTR<85fH+qi#mY
zYbLp4XrM1upFZQfK+QtN6`29zXkrB?heu(y*auIUMaFzZLzXW0Y(9k8HrBrmH`7Ay
zox9d*Urp0BD&|YyicRV(X<57OmooSN>dTBWRG|+<c&G9vf3%trCG89S6Ud$whVqx1
z$BQK&rI=J3MJ6Hl#o*sj9_zm+hnauj{#otvHB6VI@9e%QZHfqUF{#V<#mOE~iiuE6
zox#aIZTc2G_4oO=OFCTUSzQrZL##O7ZGKt_&F<&n^-R2iLyOE)euL9hA;#by=?_Ob
z!BuBC$*?_kF0JvJZRj=l>*2^oFiDb%qOaJ>k9of^m!CJFV81J?e}Gk`(lDWHZ^K^s
z67xreb5bTaO{{>LXB!Ce;)X|jJ09*5`vuEy|L%t0{`_5eL&79Xdu)kcq`a(U%MLUb
zt&N!1vzo&gRc2=Phl@rxP&HvB-MgH_L8D{(S0s#p>lLedt^bQS-t36tAJ$Y|(nr#1
zSTpVS1_58et0~;@E#UQC1SJ7=6k8uf#4K>&z<Ms}^)~VL`gg^joa@hzwXZa*>xHcp
zO-t`-q%JZ?ZA3+GhiPIIm7((o-zNXm2iLtxVcwm*oe{LUNb(0PLmibrbj-4MD-&~t
zW#kW$Mz01SGF0E=GE~Whx{rm*b1f`V`{u4+x`K|7B}=P0rGGQlna%4T-H8XT>L$GW
z-}#X<=NvKpyGI$9KcS1;2Eu#=@6V!RxYiP9s=y8(h!M=rKat&B6!jt0yP-Oo?2|KA
zdEh5>C6a%ICnlds$S8|3F9Lx#i*hXHEsv9|>@uSZOB9)fb?spMRa)&K8W<ocS<6AC
z_)|?CE=~R1whx*6zU1*>oYq$$Kypmeze7wXXYFGFXB-@jK&MQ0fchxvYWk=7L=?Do
zX1TGStb8Jd2Tci`5Nb~C{vGY&LYj+-!w1{CX9=lb-T4yBP{;K%YV8NiqO-^d+$9!6
z-n*;W`+2@-E%pm0@tEyiw{khrFls?-!fJ@z9~y!ork8^;Gfth0S$#2oKFnq)@|_U0
zLiH^QEzJuoof32oro{*+FZON4<Ly51)XTcB$<?3?ZJ3UW;Na3icwGe#XSLVU*~a};
zw6VX@hwyO>rUZwRJkDNDQS2zH{A5J4`8A^CI7nM#Yb7{-!D}NAO$_if+hru9G;biJ
z_)#VeOWWDK=T5l+kzbPI)3>{_59KH~n5Oc8?f1^fH4?!wg@MLV{p$I1-uQ}w`Y6&q
zP5N_jmiV9W)OB(fxt|U+Gbx-gy|NdMZ8|+mp+4=Xnq+6b&!@TvvV<wLkui883*b5K
z5mK<XRDM{-*{qDcfCh~-qIIcHTJna)O+0RL`;EyJH2Z^AtwGUs&!xnY!FK)3VI{%A
zpz)jljfq~PC3#|3Y`3h9^-SN&6<U0^I9gxqAh|kYo$p^5yoHUDj*V;c5*472Z4)5*
zet6kYPJfv4F5moWpwMMMY&=(=7e9{>_G$9Z$`;RD;wK_x_kwzO#R4($FoOx_6ezMa
z4l&tLeaA`48@Xq6WpCWAzC!ymVqV_lE`Qn8Wv<nI^nWhSQ%Jn9B-612eP(!BmaQ2z
z*tjo0)|9DUQQxf9e3H=Xo(3r763Pwfe1g0B+d344$%mFj{vH>bAorCiXu^v?L<3cu
zvca#xZJJoS3!Lx#eX(|J1SWF=n_<8BWL_~p|AT0atMP>QhRr{=%Lyj(8hK-|m&;0s
zj~NR~z$<DHYnI*+*t{f>St9Dj!-b6Sj^rDswveNpp>*%`<vr7R<xEV^Q&AW67$wv&
zDIc%=dPjwL;U2*LThZ=ie{YEUPJz0&EfGx(%3fP$PYe4Z7=HY?7-9N689Zs0x>gqH
zK*HmXFmN*agIsgi(`aHg!PBz$c3|jASx8^!Eh+SpYEkh8n%UR$gn27P;?ZmivEf$`
zmqs2fr<SaQ5y4-)UpwGed;Ec$%az}YEFT@=pNi``!;rQI!clHDDqps9z#|j?sW)zL
zY*MA+F6KV!iH_nkO8qacdHCBtYHVNmj%P<lp)~|_jx$=6!5MOfReD}L+#R)ov^Pp7
zgXyNmeQ#Xg=(7}O2eW2}S8iw2HbydZT4KaBuHqpiU|mMA?~!)82^-C^CHaKH^d~UT
z2ATv|WC_2~b=Lm`n$#JALrzM(_sEs>`LWa4hX&?}a$6(W`8}yW*PnWSHsUt~wIO`=
z;yz&AmtEFw9MltvmcF`Yx)f8hocyQ;O|mNuh6~-W%ESlndQW~ZykiKHvtm}|?InTZ
z_lkz*@6^4QxT<6v`AT9ESbGY`ue2VcaK2n@N6Jg}oICP083R9`Qb0K5H1Xp0uO^6{
zNe+_qUzN&Do$rAp%aL|<dHQuM)K~9bjdJMpwR{HbbKYE!LoYjv8_~B2_rLkxx|_Tz
zxSyOCM5c(Rz?yslOL>O;OZ)D~hD3CP(jCrE+nH?ezga!5Pf4i8o}ltwV%O-C#JJ^B
zcwirdzavE8uQ(~Y{CZwCE+*BOt?l-J*zG<JcbPTE8r`CfEIYJxVkUPK1@8^h);*?M
zB&|>vp>zaIWk}+-oTZsjw`o-(VKiJ9z2qAQ@6Yh-gA&kOwMh^r-k(44Mo#Mtt-(Z%
zC-#v!vD%wZyzi<*idJW!_q?1v^QSb3i1<3W1l~IKIl4rnIE(QNCGb=xl3M%ZLE9oO
zEPdPsjHc~3t_Bh*cDySV@b#ldhfKGGMUDj^0aDMNgT`PLCFM@8e%;wpH_PSCf#*~-
zq2q3(66q5o$?bzeXIP>d$conW$_o8rwoCRm`EzhmZhJkiP)&P=u`lm6T$TqolCQCD
zoZ;Ve(lhiCZ8M0FN@s9%#6n%AEBR$=&_?T{=sFiTwQFC*fwzFExm!`jwbpf~NYbXP
z_Wd%F6;}<@AF#BnC^%j~Nap#w^dY^oI*vNxpXClKB;ti5>sXG=th;0!heny&yNf7*
zl&S5f&zi2Eo`by}KS0)N8n@z_3wnpNSz(zetb;uaX2?5T_1weUZrb}Ox^5vFqIVP!
zSb^_I+17~QCK6#F>au<Cj&*t*yjtN^f*J#cF?2*op+dhPnz@LKWc!Ume+aag5%xg|
zC^F8+mI1%O;Oqb1D3Qvqm(z1J-q)}*zj3z?%me*39X5eSD%uUQNhQ*dEfUwR_2r8R
z)Lbq`H`px8Q#zA23YwJ%Dmv-t#`)cbqQAhzLe4NU+6;4H&6~8A<*c{uo_rKDakn;)
zPTA?m(VD?5v}gAhE5{H%8fSxo+}Ua@_N({|T;ZNmYJB+Ur8kF{9X)tPge&$?^1b*L
z+$H5(g0Q$pHi0%^h3D`l3AbT}F&15ZL)g5wyLgW)IC>LV<5QgbDNv`*VujKi!ZFos
z<4MuU@{uG^V46ZH<qJ#$k-im9M-q+3N0$M&+&hr7O6zBMUE`U9)Rt5uH*O>xaDv{C
z((ujoCpDHZ!F4xF2xgXR{Vh9bDmxkU=nBC$AK2aEEA?JTb*|t;n<StGjD7)hAREbX
z^)rH`-j8RlpdvdaF&S3YtIv1=1Kvn0CBdur=8qUa1S?W(EetgjZd*~0DJ<1`&JdO^
z--cM(H-(K08pMmvqiRXzv=VtjB}zxzZyFN8&3lYlGsZEA!L$FmMDDA(5?&{q*al|{
zx4J;{XHs!O<!57;OUr)IkC4e}8nRJ4rKO9;^2|?AV(@Vx_{q6azhxJU_*6)J<VYZB
z;#^3yuF2AaVFG#YHB5fGH2LQf19?))C~hTOwnR0}9U&kRVm1I76<1&@aQLykUe+7e
ztzLUQaYJYc*$?JU6%B|Jmj|8&efdogHC?;zL0`>W^Q10IW1$Z689k+*bR^+>A#iUt
z8-#mfZ9#tX191{t{V~PU&9U+$ZemA<v6KK!1!Sm8*4|9X>u@5)I=VKr{JVeiXF<pI
zarK)wEhFt^)-p7OE;L^L)K56L_&&1b-ZWNGsq{2r-$vn8m@WoF-oK1@hJfX25R)Al
zr9%o*bctuOHj(vWe^A*h+~c+OJWTdNIC^!62|NZgccK)VQ7{YXNHF*a(Md6dabK?G
zF0C~plW%#pswF}rzuX-UCuzo=SA8&~f_SoEb@F3gF+lwBxbRyBJd!hECXxzjep92|
zSAv3t-otSxWTAvpzv6n=!vIEZc~4B!Vyy4D7+0ov{CieU&~j+{G}VPfkvWFRy&MUL
zVjdMx!gGqa1H}8j%!axm&HN&<$`pm=J)4BgqkO_a-<}u-jD!@4Vt*c69KsL$mftIB
z(NN3L{H$dh-EplVwr|0~vuHVspnux4?JWH8;i&9qdrI*1dYQ>Ar!yHPn@CPmyg{5%
z+pz6H+^bx0NG}Kp?qn;!I$Wc??P3RoM*!y__QwFNAJ2O!JM7VLMe+o!*msv_q>VW1
zP;fw%#-QBNz@$I@*Vu$Q8B0FbDRDguH746b@|vk`-5&&@R80GTJ{DaD0cS~KWsITW
zEwqNgQo(_`(2Nm&y~gEz7wYPA3WW)|9y8<`xhXsC{NW<q9ou?0-Fpb=S}Y@I&p*18
z5_8H_@XKdp)v`RUvHpF_NzNE0r#iIl%Q#dhW=A#%#Is1*Uk-)j>V{!2dHhM3T9)rK
zdZhZmU8k>6S*}aK?iV(ja&<k%c*xJ>S|j*>TppRt&l;?+AMx;4ZXXbd7vMq|Y*UNS
z-3Sc!Pz~w4(3f==DmT92E(xn8YyTx?PKNTzgpEr;n>zWKp=kISg3t(Z8%n%N1n<Fu
zBq7pO7tXk9R(~fS^}k6^RQFTCkNaDX8+ev2q2Y}bPuahVIq!}WK1`nMLlqr|BE~tT
zUgEqf<1PFQ7gs>)9JfUw;`xrJvGwcOix6)dgrn#EkH2Mz9>uvcn?cnYvo3cP6mpy+
zgROa?JoTQ+$8MaS1a8v59pX5|@fWc$W$f9o{{3v9+XyO_8=7hRw)e~<e7q~w8C4;i
zkfC_Tj15I496|<3@JWt~RX2R>74i$0UD8*l8W5fC6Dqe*U19(7O7(v3AFrPFGTRf8
z(d4EBGVWXd@tX9^>>`L*GunE3OU0gCh44>|qSkc<p<M2odN8OVy}-#dGivQujupmD
zh8HFqI0;O(*JQT~$FP3s$~@E)?Q^Ms<65XpD>!Y>?)u=11&OP5*qj&}OL|D$itO9?
zDaYD6f+@5gDL`rzai)zVeux&B6{Q-wLj;8C=Bdb_0k^sTUOLsrY{F8ZOvC^f0cq(9
zFVg#*Y?*&^fKqCi{ITMOn5EUC_*qq4D0Fpv$lyBN|0Xu#@N|iX?BI;hPO-xGAlrMC
z%_K)NVr+ervJ{4;^O}nm)1UQZ@?#Ck{trhTvg_7G{yuNdlPO?DPGoWign1BuV8$s}
zZ9?R7iqQTl{NQNvaQBFD%dC_k&9U%{x*c!LnJPboDF>Flp-##t1W?8DokVVmr7J83
zXUPB|$lpdkkAhwZgwU_IYmBeHyiwWTAbM4}b!lSIUJk#oD9KGVb(K@zN%iDut+Qyj
z0KvA}@C#cMxv-AOz+sgySs>m`)Uc4i*~3RRX08JKe2U?_W75tGr^}O|N6u8~&M$WQ
zg>v-A9=%$j{41kz%DDYq>RKFAID{UQdjJ0Z`jizgxoLxpyXDZ)UYpoO%0b%@TV`-$
zl2w(8y5Go{E#wj}Qj4pFGO@q9NR)B@u@0&In{n{!6#J0Xr6e6_%_!q#*Yw|~osaS3
zQ;v)pzME$TBk_G)u;=JU7{mib<BekgY|v|y`d|wek7kofX??Ia+}(6w68(7-&`HP|
z*1;5NZ<3H;&~H+xdqE|+n@<A*qi?#N3*TmV7#Y2t4RD}6N0R^gjote%rT$mv;1r=y
zNS9TzImPI_(79|+inD!aidh<NzDNT3gx;KKLt}-6#8{=boY^$HM{K;M#3@&NrXKJ&
zzAa^SQ2T$Q=WN)k^DWb0+o49*MBDuFn8)g!xVpJoRFhGfg2gxG1fp2wy~i}XhHd95
z|8HTKhK%DbS`nC>qyM}6$rOJ6LpD;pbM52Tt;MtZX;Ar9wXUn*Y5d;sG(MWvJJVWT
zl*efqgZB{AU)VE8!Ooz%vPEY}bkOx*>*9dBi))%Mu9cw>S_n(+;xx4<a%nMZxu;_P
zZt7D3O*P|O-#-5LB|*=2pi*)hPm@c!7jdHL{$OS|CHP|H9HAX8gOmA{`?sk4RMq8o
z3tfeHg`eN~x<7)#l0f2@Z_HUs3t6Uo6L!xas6k`Citse)3f}+BMaAVRN-y2DmeIQR
zlJ1K8+~$tGhSYRKYE!jNV7x|VZ1<wr@wi>VY48lKN#^2wue@Q}QnCyaj&0Z&uf6yD
zdrgPKmn%^Sdr(p2%!%@a)nKdvi*qDb;rGO2V~^Qj({(7GV5egP-8ikEhvQtT#ic^-
zhggd+E$(Bd-Y?BqD^}<@od%k{DN=ZyfD55wtv$1=2mWJ1xcyf@D2Mn@-Ne=Y!|m-d
z+<Iwz*5Ik!HRwqBVy&rs2{nfR5}o&FKHi!*$^E1JL;LTarn(nbMfV@hZ|WjqVuVGM
zj3lqxKKE3FubZ??uKYMQO`fB%{du6MXJ+-$rAz3yF8SAf4zrcex)x+M=lGRBDy|I;
zdc`UVaxk@77@8<wg{oJ#Sq$u_OfPai$|9=6iB(7VT;ya<<1?M=fqfIeF<Q!DbO#@3
zYU_92c4_$kR&)1Sq|hXKdo%PhKk&~WFsE&faAzPZ7yDC8R=08JQIH8_KEqAf6H|4P
z`^KWY5mSzW?#5MLJf0eIyn&xymKwAFXU{SIMQAvukn_)foUUv~h4*vHsZ|Sd`O~Xk
z-f<<rM{18bT^073YPOZp*v=xj;9e~MrP^KR_MYQWWv9{CJwNp^2ykDCI)9~q-URrq
znmI_T3jI9*tAWX`9A!q4*!Vv8`TV7!r&>-xLAN69pt(dJBta?3YCn(hQ>6vX_CXix
zji)3PJ~B0!MEY1dOr7lerV8y2RazSIGQ>_O(_GS@?3ew7E#UnQc^RK*x~~gHi(%%-
z(Uc>vqm%O{q?1D~-%z0Kjq*T<P!KQ&#~SRv>=d9fc8@7Z{q*QFOQ5LpT8G1^HRsD`
z*RpOJ)z;wgzLmRx<-y1jQD4#;P%;2HAo|R#9Q)>dur=yE(tS^@-JE6QQINNY8!+d7
z1t2|0F_cv1)eXnuaaC1?UGSAQsV%KPLEWE{(@5aR?rMrbjQ2(R_!C`LjRU1INB$p{
z3`3_BoZ;J<)pk6vW~bNr5sadgGAe-Q#&8+Ci_-Qhtfm3pKumeg3+b?bqHE7z(?$c#
zk}~i7x4U$ux`UvEMy?jT*WXQxet$Lwk-lB`TE8lv-D>j)3?ZZ~ba6t4b@+o!Qn5QZ
zd%PxO|2L<Pz<T^ld=&H6gTRdt$@aRO<Gd?8B(B_#axo);k8V!f-^;m+?w3s2Sb^x@
zW+y*pL=m?a#~blMl(ST}BbwmTD29RQVqp548|O7G?~<2*2SPMRV!aDM!bk#ZjM}iL
zrZTBou+W@>{HT2j1$Hn<C4gKZdr6BxewXztsAemX+8Xg&0yJA9%A1$7fD(ZPIM1~W
z9!6Pf3rhso@SJ!W4jdfu3{kDC?X!!=D756DmA<F5+uDjN^&?iR>ZpmkgS_yR^~a3d
z+@2(B8MXt>{^2N6aJmRFT};?0iJ7`+9V0x8u0e6OQ##@`Q(-ri?JX{>H|A5nz&8*G
z5QESr+!S_G2||_$i@EmR=$+u!ElYuX5pgm~KiP5OF%?~SwuWW$20p^bz+qdJ&Li=C
z7Y;W$;U&JdCw&deD6R2Rw2z4QLSLam?OgW7Abm+qBPy3rY7<YvDgCtg3QA(@Z+q;<
z?IR$Dcl|i-6pwElgOmNWy1;QNA*On@`H>d-MRFiF<n#!h=-n&R6>)g(89bd!cl`>=
z&c1=2H7KEcHf{M8hIPL$?Kc(R+NJ=+(@zpZAVJ1mP=&q%vLyP%B)sVn*eg%aVDtUv
zh`<s<*ByJEr|_Gx;t#bCDoaPuUc8I4rAsb(=%BpA(ml?$^#zH;jGdBnd4f*-P}z1Q
zklgJuxLG0|z@j>;B$;4ge&#q;ZVM3!fmT6OT0$xK&QqxnOIvkp;^!)VZ?)6<llcZe
z9!3^aBlS9Y7C$23(nXy$Q*{r4rsPuCk5qte*<P7tWKodZf63scx*W+{Jod(--5<<+
zF!r-PwBoIiQ2G@Ysi4w_1ae*^MJQOes^l<zNV3>^H&&9XB0?NOB`NN)+@KC6GA3k7
z(C}_C=v|QpBh5h(FP&;k6;~w?j;)fb#kDqPZW0-2%*My2=YHH&6#R=sC08(-J9sb0
zDyvbO<QB{I6w}<r0MCngzh@UnB$%ltzl~4KM|IMkWDbX&O~j2YyY^wBfd#T2XBKM2
zv_UL2jH!2*XV|ej%qGBOxq&25g_l>DOOSzR2(4L~!0<P|ry0(dphn&x_+4FSPoF5;
zF#)=h_L#M92SV!HP^`$Wjsl^&n;e_`ALc@<#G~u>AOl~v3#$-Qk>?~OrAvY%{EWYr
zem(z0MJbM{?}IZ3O+fizCO<Z`2!H8!{Ll*$@=gm0yEbVBKboE}dY!1c&Rf9KtJdsQ
zpG5Vb&A}qW8_nN<?yPD<u`Y<6Bl<P(6P_S9SBO7GM(v!m<k6Q>p*D1x=h!)SV;j+L
z@WGbr(-=Cv(nXI70zuW10fD*l&9B}qSmrXN)O3O}bRXS~t8N4lvrVWGFV^o1|EPl6
zlFheJ07g-8Z?X$z-g;F#Ii^~Z3-70}B%GQA-GR$QZD$8nz(J;Y3`%_*0OK*tL2-BB
z*w12~Ii3e}U2IP0Y96OC#E>1FRu>KKS$+-R><0VQV;DIJUwj}hYD$jZayK^XrF!+$
z*^VDbUQRnDZtfTK<ZCNykcpveg|_EKsvM;5p%0IP{R<5NgH{lr6H*NnV6+JJ1+9oA
z*t*f(^-)7a0d@$@f7XXG!T!#%o5=7`TgMNNPW5f_i%9``$bge^@bWJEbv_PN(Y<mp
zD!>(~3f(mCdBYd$f+3co;T(0>1gqn;b{4A|_O#=h^;b^Ml>??VdK?|%tmU*_tT&=8
z#VC8esT+6>bEft5sCi4PF*ja#`kttWUm=-77<oOk_s~B-k2k^2H=}Bifx?uaRl8;c
z!UIFYE2+MLY%8=Rs(c5l`7iAd{2ck$M(cWtZkBtiS@s0RZ-E!H7V6r?-{9Jcp;ity
z#9sv{E;@5BA|O0R-l8&q;8t431^hcl9F<fx2X~1O^Lh*uNH|)oH~a)wxqVYvV`$PH
zFLHiV9^ioVNfwi?n=OX#j^1_Mr8(fXb1+Leb;lIv5uu?X_Noo~S{i%P6j}9MdbfY?
zhL{?{Tu)DQFVaVHpddQgE^$Y=TI^mlPCWG073<9`a{P&zUHJVFf5ptEq`U7`O-|nL
zEhUI5!do|SD^1$lsV!cn;AFl^JtHke)Zw4Cj3%L`n?nz%i6vm67TN}kiTas;_Gw~4
zUEgmvog)ei18#08CsH59=sdmi-{kd1I*kghI!K{_(UZ&*ORt_j?EL-2{Ja1$_Z<rm
zr-1msaS(Zp2sdZ13hkrg2uVE~#QP7Ubyn%5sIWd`IjeA~oGe<oU!o0?n|iqmu*z6i
zZxMPCvrSLFi9GvoUXRS0h<^pg?KSQwd`k5RGkL6eIXwi%4tV5O!))3=TQ7P2xPWGH
z@%IRHavITs!E@xRW5Yy+_!17~-xu2E_Qei84jeYYRe~lS<QOa#+H$GM&Ay@6+}}_6
zra>S>+O;pA_npX039;ljm4;A%1zMj8c)LYB#`O(SWVmhx={WKA(gRkEr$(Knz)ljF
zw9nA7!msn>JX9l`fL7a0uZ{kGMCbLZ-nR6MRbo7-FFHbRqo#bzZc$WFr{kv6r3=(*
zB#9PiC@qtV&ywUO0dU`AaW+CE(@yHv$Kgpic=>4->R?QT73~=cf&k%TLuA`|Mv5?I
zb+~?Kn_KH5fS`_y@$n?xkD<Av*@CITI7Mo*^nQR}z{EDXkuS}$kXGNwKH^4-wo-Uq
znBvpM4(L<SxL#(wT#lQA-Okrw`xusuldSeTBnuUhN16oX&xu;8+ZHqdDj2i96R(a)
zo)}*tnZV#2JwSm-%Ip@9fkcqDVan{d&aDQ=dl$KdGSZ=<s;WKdprBciy4*l~qKH6@
zz}Ov$6dYYgjH3IWqt_dZ7-%JZ&yaGV=c7f;bcG4x@onF%p|mIM<XR|^y5&R)LGVT*
z$zbR}dr>;SSW+0(UD6esK}U`jEfAV=7tRNGNKqA@$6(#%PPy;Fb2Ho7P7x2nCZE%a
zVboCPo#)h!t3q7m;9SVc?lOgkz)N}vFr{LJi&ow_hpLBH%hQP2k>*~tk&70_!^Jow
z613DGu!(sGAM{C1Q9@QxlhE9n7LCbMaHlnJtTrwYmYmfJ6E$Iar=)c>Hp-C_Hd;})
z;KKsVcI|9cODj4xGyppE%AY;&+3v90{9_m?35}6<f2G7zph<rmw}Or4c-qsA86DBR
zp9n7)pG@>w^2+wOOde|4G_DnJvM6=RKexWr;WV<cR#89xNusFmDPMGcp)@J*T5!*O
z+mLv%-^3bki~C!3U!PMSS&l}!#$Wb^^N+5-ed#LCSseE<btIKb=kpX_DJx$Mj;tu7
z^v@hoc#!QRjlY-HC9H+Y=sota0oNs-u5&|J4Q@n~=Z({axY)7+a4(f|k*qhH>SZD5
z%8%KN*g}J)>eCOHm<mJGwW~9rqG9Y#;CGmqE@7E~$qj`FsSW=j7U^En2UeK;56fJ3
zu9JexHd?|B$ZW3XU>4`o!>TSx_r8+)ZQ-^-K1cDhLq_v7<X9SGDBaG;@{lkEMY`3?
z!rdPYP$V6Tcfed=yh1Qp@JOE;CH^S)%g3%i%l6K&uOe0RiM<P{9u<qD`jq_dBlxth
zq9`c+^2>QpH1ogp@x$#und;5?Bs8-sSTLb_8rilkYDu%YX;)k4NwynOtjQM)xo9&9
zK2(?XNOWG;Sa!iE(G#fbWtFt2!eC()^gSDnlu7@gSrz-puMOQ+z8KZO@;(lt{v2M!
z4)(f&i-C9T?N($eI4$sJ9Q41ow*!ACa&c*?_Y(;?V7lAm6CD2nKT^?14_6!&+40W=
zTf`Hl2l7m11h=0tPRarNEa69j4z=wQ{!C?0iVPHj$-P63s!I49>h=I+(0xb3IW(1R
z)B=h`FW!H_)S#-#;C2)b3!a01Unk1fe4^R)nVV0QIG;^pL6rIU!~N%ik<FtwB&VbM
zg+Q&hBUw-ln<+;d)KMYNnTq5b>RgEo*{YFHOyV^eG>uS?!w}gM=V!i6HoBpC!)Mvy
zksgfoeYPdDE4S7jLm`$S1Ub5Q2M8`R-tV;c69Z39WD1jQrzsY`hVF(p?2vY%#A9BZ
zhyQF*F2sOjV#)Et#roPGx96p_vFh%EunOp9v0=zv44MnHd5cVqyC*nEgA0WA>t0|?
zxRtlIxPed#F_z=WLT`$&vZaImz;=R=BJoKgesLlN6R5TUn8Zy;dcG_N+bL>@LH7|G
zalwvIeu(t%%|89g-N9_0V;_Rg-^1)a0r7vJ<6g3@ft8FTehbA);Q5ash(~R+gY1je
z&iV7=bwtw^?GBG)jNUzNlcJ*!g)y2NGTAo1ZHU?*x%!9?&t)W1ypTo8&dNno!QomB
z=iVc0r71~gD{+17uP+|;$G{(bJGC$CJdv1-RLJCp{|!<d!nyT&g&Crhr})2-ZscpM
zh-$$MkM}El1TlSUp9E^Z{|49|Cz;mYgtC3M9k<a)zY8F)F1YB9vS;NNGQvA5IrM)o
zN0EiR-pUX0`GTzaY^6=r2;(TXCrUuPjR|~ecm`+0b72Y+{ETz8@&gdvnjTfZ%t<KK
z^zuMW3bK!pq69sW+Uw(j(VcF#mfN}VYBXw;G=pFMoB_7)O-}2nI`Griu4j5Fph)Ve
z+vd&Xo|tas;l|cAY5%et8&T{{bN>ftS596##)UYwF3G0{p=m?29jZae(q6o0g#CV-
z81e7zQyz`)ZE{D&KsE%JN5sS#=jX(BKAMjG?4B^%W#yE~0>5B-D$W=|QkXRDesi1T
zE@BO}f%w~b<pm=MD`ls|KYna7oUA{5+|@zq8PX)D^2E{bTw%6Ax<-0)j#HrBr@T(k
zbA7;_RavLM*mW^>0S;FTLvK7KSY+(l{t{wvx67Aiej2=cOyqxs<?f#B4bamItu2m@
znCJ-M*A^swBie58FT}c1^{zi2_3ef&$jKnICZ>bigk((p;w5{-#aZHRY=Q7|W*ekz
z(Va$C;xHO0m4O@nfs6%@dt{fXzRs<j5HHB&<e4j=v$hw%EUXP1!j~I0ZEp+oZC%g4
zmG&b}H65CS{rtukP19Z@=LmJ)f=n%Xg3;LRRgWnXF!0$_$w-~IG!ZNU+q|Q<;DGj&
z-7_Kk$C2M<S&j2sJT0)%JK!WQ!~<=@$h3<N%+DvQ={rsb3&rl7EE6>-{u)`*D%u4b
z9A*_O^P$6XnSl6NVO)2SMdC5dch}WYp#GAn!1-SS+lr{IG@aSq;!i?=A$LKk>t6@8
z2c)$R9K`)j?=%s5cT%A~X#Gs~;9I~gQz`#e#4R`@Vz`mKHEXE5Wr&>L-tSU+$y%&;
z*g`WXBv0PUw#sur4uk#eHfk;PCwid5mp_R1W&%((U=WVd#Vj}du+;f-C<-45LLs1p
zR+971{>&Pan;4Q7((DReaGS#lq05tPL3cd~y32-;36G0*c6K+#?$?*C#o)fF@`kSv
zV(^Ox1f3F#Nf{sykK2gzcDjMB^}b2&=gip)M$7y>OF!@o?L+hizxxgmlDj!sa)12!
zl%C>x8xYJgM^rI03--(Azfu9cg>g)T$j_0z!U(<QJd(SW9siQ>e*1wAcYxs)Licq-
z(BprGs){o06(DN$LttfxVjI>RPY2SvGSGh3%3V&2!j>opU69gTz0fR>-wQ|$FYczb
z6uCfwR0GvE4MKA#nKV1P6}fOyOOrqK)q|s}Z=K@GDV(dNi_OZp-nxyea%=0yToPea
zlma~$&FmFE^tG-!9re#l6)44RtBwkf@^FFQNw#*?5FFg6-V%xhy6)2y?rECHtOD;V
zA!tgU#%Wwr9Zm}ne$!n?P%_w!i3J1O(S*RnjKCyj>pt6g`~5XaoJv1rLTC{DhftRp
z692D<!Juxz%Ra(5&Bk|2I^z9~p&vyC4AH4@b>$-Hm($GrrT>VgP%v2_Uw53x_4uD0
zq0;^c_ziSBej?(wS0JQ95(*va@8x}d)Uk`ga7K~Zoi)Oz)acMl82Y9J2@U(U3x{We
zNv{v{)b@@4P*NBZo@YIyfqQod%h_<ZokeW>Fn3muqXsf=EwpB710>I-=y-B49NsP2
zB4?ebhZIIw4sm(AX#Cz#)e*5X1OWHh^@NLG$Q~#V0gxETW9Nmc25K!}vZ&Cz1#Eh(
zuY*hro~?SugIni`FQBF>F25O=@+C8${!#H(Sa7F9IwkVN6uJwddY^NoiZg0LXVs6X
zRO&r>k;`Hj_^C`z-j^WTeBOj)i<h!1KVc+Jdi4Hr8s7roS24##IS%7ustQ56lrj>*
zhlg?|YXDIQ_3s#|-uS8FbsExs;kLvKv_9%Wxc`~iWt{0MlE6r}_>Ab`n8&WN>MlLt
zIW<mwN<>XvVL_)UjZb$w9?xEP=O|2*<V35+X2#t~1O=MFm@{HK$LRNlB>Qp6ZnGYt
zq`ah>?&*p$#suT{I^vq5dTBsjL4l$!?#|4lw;}ZC&=kY%!9RA70TxYbQMR>N`m}s{
z2~0Gnp#W^zf0xp*w_O$09SZNZ1G<`*^9xn$%wvcTZ{dBM!oBoTABS(IisurDbLvkw
z9sFR^(a|M#j?q5D>V5HxiwE)Y%Lwj0$5)N{JdaQV@B(auJmX0R?di(dw){w^=oMle
zcgrBZBK=aY-1(kig&3N#>qGAvSM*E4#N|z8emnvu!UjOb=WfBm*QRZ+2u4qI?$8Nr
z<tLmPC%pmQ<JoK~S;p1y(0wAs1!U&O5t>$J_COfWhuWOt<!4soX-))05-FLIzYCKm
z!U*-ZrA|j{I6vHdpw`AR6z>}jwqoZl`P(IJ5&8>T^qh>oEF%PG)yVQ=+x-Ss3!o#*
zmdO&+?n{74`CHMFzfqF#f7mFj1ug8%En<sP;s*uolPRa#XjO(hzs%L16?I#)2^sa0
zWlv@Uf;9wiApmMjl5#$C;`A`}a^v%dTDMHdsZX44R9}zDIzQ{oRbQwuUE$6v1*{ai
z{fD_KbztHY(#I>3BGA#1s&2@1Wh<;;FJ3VOCSKhFzcqAv5HqtjF|qnTuiDWM9XQLx
z6Kvo2_C|uAKV^RFT8U9Y2}$1^X#B$Q;-pPeN==RZ((b(Nj-AKIX=?b{yR}d0A*cXP
zmIeUjqJ*;EzruqpCJbRJS);a{Y`J4eYR#4)05o)gl?Y$Hy*+SkXWhSB)r8u$4$*k;
z>^o=OoQz(_^>qg4cB1Jk-6z-R*M<09-)Z4*N?Mleih+YFUHz6o;%zam8odlIph++X
zpp|RH*JdQ1g)uPf{}sV)?$@b$7%AlL7_kRE=pBsCzl_#!f+4Nf-!@@dDfO7AQKU06
z0iQ(*{Iik*sd@}g;v?<kz7hk@%nW1+x=morf+c;T)5S`FnvP7ov3Whq5~9jrDM1Ji
zra!aEW$s$0Fddf3SsgKKL=)UzRjdEH5e0bZrUE@PMW-zW4TK5>Y1A4*64B;30~U1b
z%(yiYItTolOQ(O{Ae5o&2PSO?KIw$lF53CnVITt<Xn!|29zi(8GU+K#Nf;DOcD-Bf
zP;&1i=Elm}Ee&z>Wh?#Is*WOm&V(v`r_Slxjbkb=7i#QM_$92i%(b-6w|cJ$T?bZm
zg-&SjN0t<GWN%@|>Ma;iEqBRQ`#l!+y;)zjgOL@U85=yheR&^Ok4PJTg3`nM4v<!c
zQ0IzoN}OaUeudUae{sx7=ZqX}eUUBv4s)UyElF49DK=o5t@5BzL4)#1FAvnxQ;m`3
zh}IARfK|415wO&Td9{(pPTAeinNC^7_B3H<eo3R<M5nm(E&m32KX29%BqbzW?C!FZ
zNbC3Tjzuv2eAu$GR=C02eVKX*XP~~odI9eW^5>F1gs*s?{X|-JRpqB_oNO>PR+9C$
z4Ci@OxIe6L(VgU`#9NngMO(S^i6a3)2j1t+%yPlVOX#<@No^Z7#&?Ap6wuno*L1(q
z*=(n6w@iRPT0ng%BYB8fiyRWeEZC58J}D_?9!XhEF@qj!A`iW_CNXhVJ`RONLK{di
z`2&s}(7QGvJJ!2Ud_0cBdzyz^ueYl}mZ;)d0HkfER-K_n>Q4el82=>x4Fj4Er&{Pm
zW?9m|CS*2~Sm=c(9C>opA%5oZgqej*K&JssE@aW*J#ZYw(Z2ez9MlE4PJo2}%&kw+
z_?0<N2-v@W-s9fKwW7#-|1gtaFM)oiI*0ks1I&0prll`2)8OW1AOcvb3;YTPl3M!9
zQ2^~=wVerwTIFaYqS#{~8`csI1SO9jp9Fn!k6u)KZofY-YR!QRs3cX(u9)~w4)65m
z@sT!q6bOykv^er+khu1Ypu}4h!xTedDE5yjk}mxgvd6YUzK!WreZk0ZIXYdA7Rl24
zB={znG$%6kYI_R_v_E?`J&5Q}?|;ZT@^9K<Ss+G0m%5}vokg1cnHHxuA~5mcw>FfM
z;bz|1t=xe+if)U=$8*BlW4FmY3jV_N#7Xqna9r{(+I$L&Xni=kb!!duSLY2JK`?Lz
z{deVjiZey!d9KU8H__t-SE&P?{bEKOUR@~`7|_M+|Bx?Fm>&{!?%CcN0#$@G>LWC+
z0az9@bjZ@S(mpL~tqUy)z9%c0+1px4QDab-1!3<_>1>d41kdkyXJ}#CP)tWc%%9oO
zhE5Qx-MRQ2I6@Nma-g`zG4?Y1+9qiSU63TECzObO8VUVub5^7G`dJo~V{_y-;~@;k
zo5Z%S5QPl!3=rvi!erlnIdOZxyF|s(!x!QCWW@oXp%Kt?G*d6gqI}$3i)`~M8+r+A
zS>HYpVSjeN(iH3aOMJzc*;1DD_>RIFj_Mc2N-+|1(2$$-zZe>Q*67TPLuI-U&##g6
zy{uYtDggp7Wgmqr*jlidHcM9~<=QrtG?v8*O@Fm$7~MFDpRu0}uhv+Z$Q<ebPK-+8
zmEcSh$}(6pB%lIL4X#wdZDJkolmnRig3{ibNt2L6)zN`p9&oxI6a>6Mw_n4Rujf|o
zqq>h&Yq@oOp=Fnw1~<7@_uF6vL$i2g27cNj7uu&Z_gfexw(mG-hB&Ygx%NowwPq`y
zWm~V6IYd&QN5IMqR&Qq{nI*mOEK-y|k@uNSRoWJo4~ga!*u!-9T{2C*E^+rJPnyLZ
zNEF>hj^gCjRv5O>q^jE%bV<#u5vxG9oQ<Ps_?UQx;UxK{v1>pDgSjuC28iRhTMur=
zqWTA>e(J73uM*{>xPVit<h(MB;VVf2n1KFu6e#mhl1v>G47LL_u;3P)^5%5SFxuns
zVg||_I#+y&VQN9*ksv>kj*UF2ibj?T&)W97BDND1)1<S^rE00!`QdWZ;vFqz(^mH;
zq-<R_lLP6&!h)ckqG*l!na-dco+q&^8N2oOehFUU2AolQ&6ri$+&piCREnaZGVyFe
zGfnw8UzUy>-Zkh0II=rAh=$>`U2E<PFRm^F!DlL1b5EVppC_SGgYidcSjR{f5#0EA
z2Q>M>P~}m-lon}(4~zM){}5r!-i->2((Bl*Q2CBjm7jkFZY9+Eqn?Y4IohkBXkybf
zD~>(9%`J*f$bZM|ZRdQC)&pJ-pwL8%`4mu37O5PHYp7i7Mg8R?L<0|+=7Um`^0*8a
z;pM?CiMox(_Gs9@`SrBop;OD5+vyG5Hn?KFT-jexy3OzgaXvBz`S_0A@vE9#F2UnN
z_tfH%4TxMfk#8ue2+YZ2zkRd2hkmp~H%P!`*!WdQR&ZZ)u_(O5l}a51<W4Cbwjdw%
z(J+7B{NjdC+qRl{Iui!c`4;`F6;qQx8dC@2{JpX4kOoq<mIB>OZ3((W8Ov#EYg&r}
zn=G1&vohATW10;hc?TAjfw;-Zu=?_b&N{?*r2EhM6Ylp40=p!=YxK_DAQs##K4^q;
zx${HRNgY*ev--k(;Y3)i(Kl`NVNX`NHczed7fd8_eiPz*MrFuE$P-*phuI$OE1YN&
z!Q9>y)Zk+}$?+pQP}tuSGOYnRG}u$Or-6H2XD;CR<HB{3{qGm-q;}{EJZ_L<!I8(#
z{Totgxv)^|(N*r}>W*0Cr{31rJg)j2olRGFNOt&($z2b#-t$r_=lceQo*PWZXZt}9
zf0dtHveNgU$D4bQ(}=(&rBw4Y%Esm!0-q50VfI(>=45dCUhCJ%7I4gn;Q$TBl#vv-
z+0r$J8;nog0uA(<ijT_fEvU=;&81YDy};4&r=GY3>J4aYfD8t|j2(nxfW~%BOK<`a
z`48qzRH%h6B+*E-JaYkixbgghZCPU1$kk&o+ei*v0TW<-w-X5MAFEIpY-c1((d50&
z#^vlRX0p_3@KaG*(3U9|_NsCN1fb??KyWae_7THoGB`~q6u*eqseLjc?}Vc%7khD5
zvt0T3%<60JIk>cq)2Av2S7!zl|H<S7fhLa;hmZC-iR!Cghmq4%xb^`#ryIIHio>^r
zq`>0K?}rMREuY?(->e`BEyzU1S?~TFNJF+t;-V{_q5q;T+HqidQvtv@;F)^(OI^f%
zaUa&sEzE_?0_1LmDkMb4?i=!vBa;psbVx3N4fCu&2s`i>G_F+C$vXq@aAXo}E-ZOI
z6ncd#QuPkX8P<U&TRM9US=2|+NuR7nV>}-{#;=fJo5hXb<EFT%yJE#@rI7+~87g6~
z_fxw-3;*LSIv(sUK-B@QCxWl2c!fxfb#TN#)9%rQ0%NOR_|A>FgPN7bJqU0(9%Bh_
zm-Ug!a0k6M=)9uKEs69yr=>VMSzi^+<Dbpu4Vvz~XYjEWI>puP0H_J0>s{;<P_M|l
z{`;cCZ&H<`1R4aS32C+r;;S>4WO0%~g{35?tN1j1=61$#!ucLhPDomj$gM~fmr^EC
zg{N64jERlN=WB-Nlw`>}Npu{$r@?Q)R~>a@n@?m$Bu|$}dx`q^;FIMUim~#jOkgTC
zN!QTn5t`(PGWFj`3Ylf9Ik~j!-#IVrY$r%12e!9?t3Be_49ymYQt~gl>EER8VNe<-
zhr{wR)@1UKf;k7nhZ|W>{Tg;p%rAm)WSttzc$@3<U~{*y_Xw4^duP8kfg3MtUlM#E
z(U^r=VF!LOTSNo05mchG{z1`hT=nI5+-^4W66raCxj3GL>ac524s3m90X7@2bXs<`
zOlMqD*mBZ}nAuWnw`6EF?OrfoCny?`A%=lheEPAHQU97xD<~YSpkM$T2vl;8e6zS-
zJ+FFYS%-8s;u;5-jW#B3dJ-&lz=#USUqtoXjmsZ3%vp&PuP_+Mx~%s(X=fW!QkGjc
zKQ~2$fug}RxV2@Wk7z&33MzaUBl1sx;hc$=7~6MBq`XiZ3HWvk-B85zJqV8O@F;8g
z2{vaE>(O?%2CLz@KZRl4V;+%Aos{-+w#0OK2{uo*W!yp>8zL(R{EC%cV(!j|e1WKe
z!JesQpTmgpPIaA@5;#ueI*Vb;!wU!8M3Yi)pMCkQw;pWE!1)50G^rj(0VK`l_DkSk
z$cANb)=Q$4cQBlCc8p(<{>rB6+Mj<N_@Kryl}hp?^z>X=X7x|SuR$Ib?7sxeN!0VD
zr~}}Nx?;rnhiN0H8y(|~@`_-iDHHr)1E3W6GW6!BHQfUn+HHqgW84-!JQA^nYt@>c
z?i>`XSRY0u=Hxi%fBM2uHvDVf2$ydz^e=4e;1Ox&zShaDb2xpU_iXsNhzAP2eL_i=
za?0Byqern%xND@4GYgJYW(?$N_etKWz*imZ^VZa1RJ--v#{RoT`2jGLx|)g?d;9>a
zN%*1Oavc@GHoW<Gjx^tJ6%|z6*Po@ePn0-==(zb(2RlD9p&D?yVAcwysn5OU#!?~=
zA`{~pmb&AwFb6rqs;ysXX>3Zij3(0k$UV#%gxc%FO=dAp?D@8GKyRg<Q?vvGQg2Q4
z1WmFzUX{4g^fbpW$x(A*fojI;`jRIXpjS}WmeXQJjre&a|8v*?M51+WNTE5|$3G+|
z?0DF^0Imrdfxrp}o3sj(s!2&y>nA-Zm@L={j<Z1nJZNY$?RU7Udvi9{{_UI08EJ8|
z*99NC=&s8Qz33fCU%&<818*8vUo3YRWW<a*{N6hHGXe(-NB&mA2*Y-VWuG}di#z$k
zRVdOP6alBXT0CY2Vrm{+OEqa2@)_6wQ#=Q=RRhtxX+teL9ql&iDPM-`i(3ozKsMtz
zZg$V-)HwdvMcXX!>`8K^U#6na0U26{2TQI8a~fw9=UL%p;OfAWR<pPK90Q<@G+bx|
zK90)hh1-DO4(lE3b1A9#cbT2CGt*y4ck|erxYuE?R8Po%MXi+9hQP&(NO^d%w!aO~
zs;n!x1v$*X2CsF=pXkt0FS6bMR#@NW>Y_Z`QeKLS-Z78wh-}8e><Ti)<_EYHzd{l<
zCwZO0-l>!8;BIPmWEHF{ad@esZnH>I6brbBiRK=4W-IL@wxOn-*FVkV#+k@ZyUa~=
z$;H1*(!;P9=I_GAc@Eikrd{BFzR7Rn=(MTU;rM%~z;SA=c_a%}$98Ic$p`ZPW`-UO
zO=QE_wlhPU{%LUu8=l5(wD+XRD1}CxuJT}?tkwRtH%H_C>e~}Kn0)o-Ja57?7$U{r
z&Dm+|Sc8-)m!DpQBr{R-dr51&1GWr(b@OJaY6Uf|TG`1OzJ0Pef4!Cy!$#1gbqmM4
zbg`@Ya;l7Vf&Yxe0k4%NG)=#^-{mpx4Tp8z%GIsN4H-QXH&I33?T)c}^xs7(aQb@3
zToCAcXzb;R1ujl(eZJtwOE^ze0h-C`hSeZ*-TN!4>LmSl;?`op5#A0)4M+zC9@_SP
z70|Jz1{@uZfS2?-tVvZ(PLx8pNr)$LsnbRB)7GrhQLA;E`eZaTsl|XkXq98r`~3zn
ztC}reW&ecmt7XSjtmS!J^vS2d&~&8Lh47N@(-qd=A7>Pwlw4EXZX^`!^(X6rDt$0|
zA;G=IHYg9D92n8VUSL$@xyKXb4N90%zB=jk{)G~)Wt2~BXFY|FlUgv4c=MBxah^WM
zme%)zX6zpdG_*r&k!4%YNo~aBtWJ|&544&FEOstKpOSH|<UspN5Y`kHDVkv_W}znP
z0I6AnVD0uPm(li^>JD3#8N@O~AIhG-f%`;eD+^Sc4*p2}_Zee(mn?SK6IRbcQYe<D
zXgnQ)*q|_W&UMt9HP#n-@K=j3(VZe#4>&dcyQyOV{TpveIQyHc5liR`!J@xCO+=oT
zD-M()X-I>+84E$!r8DpYwpcBQ+W@;qTf<UcTIVP)hs&>`UV-E0JM8Im2`{K`I!fAf
zPQd0Gh!@LRs)r`up$c)jN(*kf)viA)3M2*?%|+NYm$>%>6c_(4NK^sfr0s)NEB@Mz
zM;-&61EB;j_<YkjF7W9Ii)TLu|F$~Jm0iCR-A`U19_gmAIm0Z`-Q<~Lv5oth>#@mt
z5n*$0u^P-PF#CfaV~Y~_J^;P@A0kQQkSlWgZEQ#c?Db(=U^@nH;uDa*HiZ?nrd<Kp
zB;fJ#DnI@ix>|DKc+(AE#tZ>A&%{WG*L%56VOX>vpge_av0fbC2^y*@4D?Bs*^@zl
zCa+Bs!pyW#0nZerpq1x3E)p?^ZxlT1<~CpK=;#px;+eF^^L_!rPaAE#|K9`pf{UWu
z^H4xJ_#rrS`1WutmUI{9*;fu&kGQN(_9!dLPHMv53fmSKw)fMG{Y~1T?s1Qa5HIJH
zOTgyy1&8cb8b7zxqiz{D4N>Je#)zhHN7}_PVdKjCZ`A>%$=~mNvT5HZ0Ikg`aw<4o
z0={yCV&#QIZXc(&%Cf83tqoR`+y8HLTcXT*+<Q3(;MOIbfftQh4G{bST^BGI;wU!~
zyc@@?CJ)F7xv`90y7Z|#znLEqw5k{4vtD7oBfc2iT6lpO0ihFuGTHj8>^*Mds_mmA
z90bC8V6wp9QO?Pwun56L%gRDto_vtP+_5{APx~zXbK!LJwLPyEoEwMDG`*uwcM3w{
zWJ0gzNG8Z~qw<1=PcB{N^6bR4mBgFp^acT29y%A2rOe#!$t&it7T{-|NgWJ=2BF->
z7<D9|F{MLo=7op&S7Hu<ajDFT&N<>alSsfI^wR}ECq*;};B4@@^p>$xkf1kH^{{kB
z(4Z)hp9<RtBr)AB-i+{|Q%5rDJc7g%&PL(w<u}kKpU8B-lFC%Z!3@mS<1;*tbcJFH
z+UXe4?SW+as2JOVvP?b<U>Fo|MH5$NMv0<|8P=j5)OBoxWAGq)4e|(3Fn#Qcymibl
zm+doYw!;F(c7{8h^$|Wm*?eDn>tt_p3wXcRj*q-2T3^#VYV(;<{+)q~YOQcbGz2B_
zb0cPakePN_^wS@MNG1=sQMO^1ZnpC?ewUC87o{v`v5(iJmB0ouUF?IDw@7jqSsdiL
zC)EmkvoZWks9QNgE>e3`zP7X9mabM}#o)jx+B;|bH3aAbhYnceAIR?0K&y=leU!6O
zm)QZ4b2+bly*>G6;;a7h91_Zv{IOkJLW|mTd%o31z-|Uz=%xEZ1)NpiSMa4xCrXQ{
zPj(YK<UMb-J(*Hw*I)5zTaa}8=MqMmh}Wn-D7&M|dutGCK4~|4yk4@Ju}Y3}xQ{&8
z(sKUP*UIb(X2r{Zt>^u)@{@0sx2_(3z%h1no?}z@XR-}Z$EiWw@_iFc^*&9glqk+N
zYcsb>i7LfILJSx&J^uznSjq(ZjhCZkYQ+35{XYne>ZIRh@OyczH(i)sUo!AiQ<5h#
zTUv~DizV3KJv_&%@}kNfTs|LG#$$v^<um(u0#tf@eT2m`0Gpb916@V0@wPffDh#^W
zplbNnVcMNmI6h&|J28T#n#jb_k$@|3qEDB+hAw_UGYEw4k8jWYz|8-Ct42H~II4E`
z3i8L{y`!EnE4cwQQ`Rq}frhbLJ17qDB!df~8FA-HbLkd-xW8JCUBG91>k{bt<e*j`
z3n42;ON|O7AYRCWJpx<Txw~8_88uPGhM*EwaUH`O0={YCdJHl0>f7F<vCT)SbAoT@
zY4p_Kc^DhD9-8rhz65g-2x%SvF}j9|5r={6n85HO7E47rAwH&nLG8)Ch-tI@84i_U
zD=tS{b*a0`%=vXpU!?i$L-|nxDx_Qg>_hEIf8qa_I;()Hx^@fG-6`E&(k&elN_UHt
zNH<8Aba$6@OLv#FAl=>FaOU@4oqgq%;%2QG;~nD}>hudz2x&(YiQ|pU$r2D$hX#B6
zHWh+p*y8|Wdz!speELU*6?j=nxJU3GUi*aaJYrO?kl2BY*_pOuL}C_(?+Yx>c6tl(
z0DQ&R&I%LM&AWr);A2-?mLm*(mzhp@jmHOsU#QKt6yqQ)@n|X`dPaa2J127w^t6u>
zNw{1@?hZALM9?M&W<(WqJbS!@oK}rwTC~`2EdG&Q-FDAhXT%(66se=?EoFG(kaO76
z7`fuUv9Q1!5~D|OlRJdd7er{V1Z)V<$ZXk)tI<N@sghXjyo0HDK}t}u(Xl&sMdo1X
zjs7ks5xuKk)%{|i)BA_3m2gfrJewlbxQB9;RsT#Q?H@}HA}W|@ffi;4b<<Fxj!Q%<
zUNuLLXvmp7jKxm^f+uc0XKYt5j4e`5OIj&9`G*AGq&R&7_Kty(;+(6sdr<sf8lqu!
zyOpvS6}r$(W{+^(nJ*Nar<|dA1n_<X)blF1Sc3fpF$a=<osYO_&{{b2n$DZ*@xKdK
zX8jp>7>Pqf{!7^H?74TG>n+D^gQ1whwD;Y+lQ4{BsMmF!P4i8I`>LxMDi^_LKhEcY
zlk;@1${1b#Q{v_<(u;@{$U7WYdS)nub&7ik^V~1WM9$SaIL)N>Fu?b|jAo8$eafuO
zzcB*a3#<x4gA9_`N_@$Y#gnuo;mb;MG(+X+bqLz_?7d+7x~REN(En#uuYQlu%tw8|
zAA8;kwmK{~n^MZQo^<F?nB%{EO2MJ)thg(i<-rJnGST%PNb&3|h>|bQ6_YRNVlRnF
zHp$zOYQQlqQF`QqmosqR+>086pt`Q5%8YfPB@|f<{^~_5AcpqZOD=pjCAJClor*Qw
zhN=|k)$iZA(Ge6+wN<RrdnbMw$AA$7Qkv;P$@PmlSr>RK!O(!(HT~%|ewkC2(v*^S
z_jP#dNdZ}G$O31#;1GXEqtM|Ia3yzmyp+-m(x2L4w49n%KgwtR_xs*#vi3Mz=n1+y
zN!n@f0w98y{B2}SV92izoA-oB!E2C}w<Y?d!I`trL3KW4g+LY?SLi+qMlwLC2QsRD
z9&di8H1_D%3vpw~%r1D~zg5}U4z*s#Tf@x>koBW>Lc_T9MH!9zl*MDh$+@$_4>X+|
z7wM-*p*KJ=yA?X~vieS*Ni0;DVEQ-2(fUGOJ2}PxDm`ni_}Aa%LnQ2bcka>LS~^Wn
z8?&M&D&)Q|MAFYFEX@?Ea+IT|+rQ)7y{jvyioPvG?Ww#no{kmCfFG^WY>Db)Y=dwA
z>+pEgRPcHp(+})|GSXm(Y(@SqNP5{Roc9ScSXED4vRg(EiOimoeu30W26-tE?S2*q
z3v`<^IX?PGW4P~dn1kT)=ut4725hI<o5S*O!CtnJ9X}elO`q6P2&7KE&@EZw=Pc(d
zX)@ICGT)mV;-4nZQhtUGf0$5t{|OW(nDI*bZ^tl4VN#oC?_?6iSPXUoB|wtp=RKrW
zJ(B*<7$ExRrT<m#UFr$qatz0y@-+g0gIoI4OJU&;++H7cFyb%|em+h6Ii!dSCmP`U
zV|B!ov8l8Mr&8oAtHpc;3*Ym=K5!%w!v4!C5Uk+2Z|FibSAI2bmB(MsAGwB{!V0y5
zAy^a!Gt(T?4eO%1X@lyCM%nLnN4cojcuP-3-uAdGF}C0&iRf~_{kI_&a%679>T_*S
zRwZ(vWiIk}^fY6x42zzZnJ8Ly5nICYoPHD@Mxu3YX`p3XhA!C<Sey1bznl146+|0|
zN}*7NEVaH<S~B*i1ohpNS8RGB<ov0Slpvijj)69R<Wv|hJFLvBe6HBH2WUajFfZ3a
zYv=_~@Kn<sDVOkFzq4vI+!9r;2w7}^1}&9QnzbyGhrJ%Lh1f}@&1${~=_LI%V55+C
zgYE<if*R5(3XTOpLHUI_E7V3k2XrC02yQ5Rh0aGp%R3$GFPt}|j2(%W1JEvxA)p|_
z?Ml>`>=5rSr8>w8$L2QDfHA*ZToKF>3ccdhUa%Si-Vn}HtS7<9&c>Bx333uzabyta
zz+fcY5@-1fnp>DcrCt!D-*=b!RY0ba&1xd>O*XQ#6{8TA^}zNyCu<*ZP=pjOdpGlM
zQCs<cqdt&1u!%b7IFvX6*4+yrViXWv!k(jEo@Vy%%WSH;^<IRoOo3f~GU>MTzd<H}
zDU+8(!)BA}EE^DhedYP2jp5crhWLT22A24la*b?qjYI9K^gTo~gLPC0Q5(+G?4*>b
zahMt2Dh9?6AP=BR(cLSuw}?T!GoZjK&DNLYbq&>%8Gd&$eHCcgjg*L6im!$|G;+Cn
zQL);LY-(R$5@7dq(N>wuYbe5t!l|G&Rz;$HLLGSRaIq9V-u{P~K(rVF54_TI1xzN8
zXq)d3kRv0x=kc8>jVG?2uM&k#RucLEY7Ni~M*WeCD~_AlYMJvWSYYn8t_Oe!RBx_U
zlyFW+^#jW#-xNxaK2`ru?c3JF+w#-1&x!jhS&lR@Wc|y{;oFBT=~R%5_fkazij4^I
zeQ!U?5ksP>QSFsmk1a?)-4&t`@yV7U27dY8_;tHwbKE*n8d78F>iKO6{8g_Hn?5v-
z*stL1`FeBMDIs6E<+>%x@8uf;2HsL6F#Uv&^6gvR!oV{~UNQX%GD`0c<ytQc^KDck
zB%WB3#k&1ZiTkumo9U7VFi@6Vk5*pRYX`E|o7Y9Bed}7*YjnsaHeZ|$ksJN_S}0*9
zECV365u-j@p58wVA`qOAwpKV72O~$ntaWb=?gOVK$j3h;a{=sgM4(hT@M6g(VoSu4
zlGTo`w-j~Db#3bB(y5G5x;2AEe6fR44@ys(-6d+VEAcNkU|!Kpn*zWS44*$fP$s&s
zsQg4I*f-uu21V3S>M~T^MlAu{<tq1_7qb-=$7%H5n?0ACwp62RQ5=BtJjR9kcrMsK
z9q<LdMQG*&Lwl*mCH19!AAay<w9kbv+1@JGd7F=lyU}Bm_*8p>rQq-hUu?pX`EETq
zUMo2YC>Q;zxX2v^_azuH{6Gqto_FoXG?RsMVf(r^mV3WuanZTe>unD1j5tmj5*JIs
zFN)=3l_Eu}KSv!u(R3<}BB8%tBu0aJgOc<GcIF?S@tS-YEO5lo5!ELwj={nVLU{J!
zD~sTeTbQuv=JfE=6ea^Cm@A$54f1x@ZGa>Zo}jBnm@L4)>B<CKf495bZz1v(sC&2Y
zbc|GWvQI?%UCRdrBJi}WQ#^wjLSd{vT@UWRLWxAeD!gE7b5)Pd@sqa>x`F^4#U3W|
zacX@>*1#=J13!=ow93#kJ2>JI>E$<)BV&-j(6$}p5mRdjHzIPwPAYu<Y(5)AdETTC
zV0FjA2pJXoBi$@uMhNEB%X6lB@~wj(N<<Lbb_nZW1L4uxzUuh!1NZV99Nx!-wQJ_x
zto}}bo?;$KzL0IC@mCa^;k}75Jj4vrnd8ucCEffKE0vE~*l0g|oYDU~RPg=X*A5@O
z{x7Di>sTdDn(KZrGDsoGaWF8P8-{Vn6il|rdK>N&TJn+y6`*QJ$!S4&vBFzs-MFsU
zC>H7KFzYhPLzF^WiVcC`4a`s9eWhL^1OqydRQpDD0;tIO_I}9RDD!V8A&>C<ZXyl+
z|DxVj1b=GqBhI(}>{GYpQRMvZU5~)OV};Suv*`uM<_fjgVPqijD<iW>S8EA~{|ykT
zMdNgiUU}8>D$UbnR<>v*1EW6}MRu?-S=ji|S}>sIJVA0rG`S6)Fdl4EMS-Iy@a^41
zG+GsLtMmt|v5&vd5GJAqCN1+3-$MuW7g+U}o<r^spjvtB5~2aLlNUbFs6<mSEk&Ls
zO%8>&r3>L9SVN$Ea;g#h3sRtXdTfai8C%9!&~?I#NQ|i(hg@d6H<v3M?I>bGTW#MF
z&)?uHPAH7x!~;w$iOkmk%irChY(f3c4Qf#8*{?#IjC(_<P8>VHG9Xu$O@|cj{L;@D
zd3ff5M;0125!64Mrb%2FTSzCHs%P{3q7n?^wM2jFON)5d*fW@urHi^k_{(xXa!|rQ
z(FrzN)AT6DqPgCm%C@^2V}3se7izHn7$gi0HgQq^<YyoYpj++|PHn7~?N3zT5IO<F
zE4Z_i90nJKqLp{(G<A7`dty=1=EpA7uzfN16v%}n=m;xmqLs5vYh`*D?R0GZ!T<?d
zD~IyEOsY4qe|@Y{J*wxdmFi9ozPmEsT~XikX)-TLA;HqKq4;Yqk|F~kx|#q08ErC>
zx<+&?+~?Tm2o-I1gBPQl#)6+dliA8XL+r6|zY`=vZ5#vPAp{cZ8$HVjM1AkUgm)d7
zG(kY>82GFC9fV_cq+Z>dBFen1hkv+)E~%UAe>cqa&~awy1+f(Z=iGH6q;O#0i5`Lr
zrf&al&z7>Cy}~}n*O24+o{Ai<ykoll)LRYwI(vBSux;T+5Rf3((IW<IF3UA7ykyoM
zETfS21&xk?&5qSR#cw5SV-Jd6<c(q-;G~$`pwKs>Z)cCEk^02<UZKTj*NODa9d*}j
zq*$p30oFYj++*yYY1f=tnQ1kIC6Ky&mT{7)ie@+oJL{>yzJzq62GFO_je~;XCM30S
za9CBsGXCBz*;|~#6$b?0+S9(C5&wo{$nL*sSjB9E4gY*KK6MU_2aK)u1+_BA#1G-$
zuJQB-a*f`NNfNF|`~bx{^GlCr0uJ+9j!q8&;G(|{!5=j{*P3MMhp-S5RtP|kdf)al
zmUlBl1~jYqUz0$;`ah~q%ks!^-6`NOJ+tisf;X;#{eQ<zAp~^(1$2Q4|9BDceH<wQ
z;0%9fnY@OQywp*p#oZ2Asb(mIdHaCz&?IdueuZM54T*=WYH>_qgo*(Jb*sz=Oh5H#
zoUjlZfEGWv(M1Mf3@l-ocBs#ggHGldEw7Y7a>t{P-W3}K!K7jJ>B<^fa0ak*Pd|f$
z2lL4Dq#~kIb*VYA&tOc$_x!k4=N+e=b&f6a0UFN}nBUc=TgBO)k=J6lzv`Q+Y*Ae>
zz%bN=F{`67bfC#Xbvn3icf1Wm+WSy2i@PO(<DVSP);T=A^mL5Z)Y7{wFnsqbfK(^j
z<4nbQ0!NZumeZjg%zKG1PBb%sVF~2ei-;w^{oX6!R$4DN&Y9)3q068!aH|nxkWwLM
zv$Ip0jwH{N=Xc|>ARq>26{x)ptiW@-^-fGiR>jH}u%nZqJ`M}?QAdyN^Hys~50rzJ
zAY#PFSW^DjCUdQ6nO(_&H#uZzn=n-YKAv|JbxJ}pmqwd_c;t4z!$_b44WvJ;-_&};
z^)mdD%Nq)3Iz>U`kNZ=n8`a0G*n-`zdaGe`WWcO_S|l}OH1^*3!bV~AE~p=u$Lmby
zFVarEna)*h7unw!gAKFCQ*ojQp1(lo49M65)bJpWFubhFsolOqd=S!S80kt~4GPx@
zRd(wCfgx?(-%BL4cO>)+oPV4eag5etyRson<$im4S#5(MglJ1Yu;?Vi;)5iquZN$=
zI{AyN^q$3505MtU=>V3#_ge5$_A*dt<??}XMR<t+Le^^&j8`xQgmdvp1I0d0fEA5=
zd`F=bBn%4m{Q*Gg{=vTbT`-k^7NCi%7w>TFP`}%^N)pyDT;kC?0;3zozHNoeSBj5S
zW;!G~4kV3D36{{I+qeG&QL&(yt+)>T8|o*5rC4LkfUL7WCj^Y!v3v+b7DV@2Gn)Iv
zzc;9UBE5njA`(oX2v7_~8=16aGe+Ytr$A=!SM#>~51biHH;+~@Di6uS27(MQDV^Jb
z&CN!hT(u?rGoUMhknK2#3sL;EgQ-Rk0DQfHvqwJ_@+V+FHTZ&asmv*?7?S(FN28m7
zn4Fr|Z4jaetTPqjk@?LL0NvX$>?kI;sYA`Dg=EZAz2_fRh8+>R?p-1SxE!|;-&_gf
z%8KM#@99q}*-aZs0wSLB@P0_|Q|lL6ExvgFb$zCWH^RKX;JEpt;0p9)f2n%+>%qiH
z>G(7FaFACu{Jh(E9S6DJbBiLdqgQ3e`Gbu=?uN-s^gk#|cfaO=9IVyX74fbZ-7yWW
zc8h*gj(O`IFlQI`^H}6_)R;*}x7*f=w3daew<0K=%c5c_<f>xXak}gPXwvo}5p+`q
ziwU3_{W6DKuyht1%;R-9{*7jhulWFDAv@vk4dEp_22Admj<+rGjC6sD_H<a@A=#MA
zC{pW1Xm|%QkrH852S)6z>>z^BfP)A2IpC56c&09bizuZ}sfLTn%LvNVXu60_pyx5?
zmyw;u0#!$f%~#U4W5Nkc8IZUFFsWgLTK$v-pgE7Y&x*Q*&H{b^gJln5PlUYWA4JBR
z^md*!I403R1PU7%USj4f*eyI~Q}vr|WnQC4U@`lmOua*qpu0?xNG`1VH(e(FLVJ}z
z!R0<47$<Y5J1}n|eoqri8jIFa1pz$Wt^-r5(U;n8&W}$P?hqtVvcvdtmM3BJzQC>r
z(o*&^`Zy>Gp@bZ;Q+HuY4;*Vgr>D8atiG23L2HNi7Xhhl^|!*BylFf<N2pj<)Bx)+
z2pchV&U_MpK>s568o*ckE9F1cBJXTe0AtB@Vfx2!&IL0Dxh_;udCyODClXt~G|N*v
zl6~cPa!m(!i!YyAB16B9e6*LJR$OKOReV#hMBdZYiYf{R9<l$>W+Rh{%!2bNe-cp0
z1vJ9VE<GA%SUQ-9?|-E_1}c8=5ZhyhI`-8D4`mJz_L?N;=f%5s9Ew;z>5tdjN3Oyo
zZ?}s$(b#wd$UOHkfIZ0$P6U!2*qI>IAr){U)=4|<w}DQ!NELfDPJK3r`QMNf$qg)#
zr@((0$VlFcL;*tx^}@iQLV*MnJPa8u*bYFnV$utu!%XhNmiz<a(_LzNubePdG30>X
zR%ymRnXuilB5uI>!C8)sRjdv0X-Y&uCLKd|v0sV=0`DNBzbS06i7gJw65%e?pLORT
zTAqN1OAMey$VcoBNZy!ODN0Dp@PJ!(wrSWAvdFXlq(^(ADN~QK3jXmw4%^7O!+(7X
zu}Ai<dO`0fF6<Fiu*@%rhGnn%*Mq2k1LR1QPBhoBt$ZQ_jb4ygLsS?;XS5ZJZDO&?
zb*0Ipfw+sFEN^xSp)_gGRSUq0T14Ft?%R@gZ8{LW-XKh0*vguv^iF~vBHvpN?fdWb
zJxM;7A0x%ND^fMuna^b$H{azN7NvI7Odc!GiK!+l-B<%yU3(y~l5!mNLa_27w@v<T
z4Q7oaoXZ7N(n(LMPjTPoAnp8mK&qn0MCC?))F^*p^k(lh;C7wv#@%L~<PQ`hS54io
zA<fTrfye<#HN~TiQ85Hb1)eA}G3n>2(99>17;1Xr`iFs|Yhn2fbk@R^J+aNE4>Xj1
z^E9*g<*|F4;vMD^IHhki0wl~ub8T>vn}&RzAfe~d0^^6yRaA#b=Tz1TI~`BU!J4YL
zeY3o~%0&r5{#`O=F-O9Kcol2?m1D@jX%h)6D>nOOh8ai#%9eJCgJZ=`<TZ~EsRch|
z2>?7_J_(lo^yLp9$f7Txh*jRY-LJsq`_ykfbj*6+{cn?+dU?I`>rX`U|Gw((d}4aE
z3z$fi9X$WK)1)Y7*DZRcdNSpf)Ae2)>{J8~+>C0OTAp7)pPJs2IZv`>%IhZ$3hAom
zzwa!6i;>H=*C|}l6+DLv`5&Y@=h9CY{-YbYCJ@K<vw|t`rhO1~dVpS8Ei3*QR|d|5
z-P)H8UA4QdBOgp69cMjS>dQ)<0U@}uq}NsJ07^^f&cA!p<b9RQ-!)RadA>bB6|<Fz
z@BU-|P|eo3=U@3P@L&lU2k-(ffr|&Y2J<<-+nTJoc{)7^1Mi04&j_~<A7v{Aq3(8b
zO96u0u*^K_;7edaXTPh|NC=MpZ<-&)5wacWVC4mn2(L|_aOTz}!By#RiOLH`;(zOa
zkPPUf`!1ir(qZ8O=BJ|x+t7^jJ!u{Cdz+s%ggWPM>aE{J5a59AZqf2)&+tbGe>i{&
zc4ji}6H(O70)LBr!O-FL85Kt#o|OaTMRY-0vXjRL6mIYn{;)NoTtN!i8UHovXD!<-
zXB(4nKonZ|+=E$)rbaF*eRjX1{Pk`>7^2$P(op4Q6v#?S550b?>I!Sp%NB7AFT1Mp
z(N5`~S4(Y|nwthvtwS6F{%GsrxbPQX?%zggN)Rnw8vcr}L43^A6TJ0)5DuKfVY>qu
zI?!=-V1|FA=mcsFZ-2i1!Acow>FZD+Hsu_DMKfXOoHWIkb}<LxI9)*C)o1$xD2|L|
zYGTEq$Gr<&1!v?(?`Hsm%#yboB#UjAn`Jd6)}m)R#KHGK${Ytf<(k)d^C28a{4!8s
zGPF1|oM~V*sd4=6dQHzsAJ$uFRB)b0PhKASMDZH9%vBq#wFUkQZs09A&Ct%yGTCS<
zJOua+v+7*sAbG@j!kH^yRWnSjX}MJZ<7HG8b#}@bNz$8r!@2G!`TQs54p|CenHCZq
zlrEGy^9y%}!N%w1?9_OS#_+ulXEPu4j_~S&BE`Jq{YI6w1tp)o;?MGy-fYD`#3|ie
zOZJeCE}+Nk>-YcH#;zWC7^Lt6k^MvBwYiRdwdrm8rMhr4FlrV1D2dfD?&~5gY>>Qt
zd!wdkh#9L)M1y*tVbCl5864C**0IK^!WjsdS)Gta4_}k2Ev)IPTMa7Ja<vq|u(c75
zeTu0Gyc8-jA!%R(0POcNF1hX31Qkk)F#co*jI-<IY2_FBln)Y7nBTzQn5twUjU`~x
zLx>Nsdi=g*Xa{=>Ln0~f-4~MJ{-&O^h09aHYNUSnMN%kuyx(k|M#nGxYJ%Is(X@|L
zD@v(K)}r+M=XM{CdDGUU(xtNPzYBzke-pmN+xJy!-vauegCNtI@A^Km;DzJ)yt5Q~
z%D6|+N|k$f5a<<X_QT$M?l&_$C=;utAWla-PlQo%3SS`9eArg+hV?v^XYoKw>1bD)
z@H(yhY|3;7iX%&Yi~WkfW%qw*5s%8b6q^J6LHXItA&NsGUzo_62W=!0`)^gBc*MJ1
zq8H|P^a8G<v96ilG&u3QNssgZeREslZ?Nfqx==rK&XX-PI6XnN{f>~I<>Z_Jz?k#L
zVolT3T`^PI7>T~c!De#->3Tt&dKC4Qi3<uM<dC##%<L*AK;gb~7#a)$rloT6$OVq@
zGgb`5p)J!*1N_U#jL+j}>DB6*b;L2bZ3Fc6CD~FL3S?Nk-=pebfh!QWj++>*ihdNJ
zeTVs!`)Gnb#T)arTG?(&y})a&+T?6OoNLbG&z+Y=V!mBKD_^5of*Ei*f$voLg<kez
zsf%(|)1aV!tLTL4H)vY=XR`Ew*SPBbRkY=+m?zwyQ%p-A@Uk~rT>cT5t9be=<tcZ$
zG*cM%6D%$#JsN`cYhpDBJe!L`Kkl*_?`;V#o!fLMp}v#9NU<Pd^}kEK>!Hb%=$inc
z?<RNrH=*(fE_kZl#==hwH06%=uab<wTGqJF0?6-5ic^nBxXC~r`gWN}l5~8<#5D*k
zI%Ml+tg8{$zz_H2{z~@?5_o?@N7IL;qyP7v>j$WIHieBfl|WyW0#KGd-KCD_&~n1R
zFd2aF_XtWnU_xRcE^+_T0Itc|G4Xc|2bPhbkO&MPqw)>r94D^TO|h*Gv&~qQBa&T^
zVuqqHO);)Os4VE@!04KdII$sGD_~Kmk((a?iY}8;?R+ALspg^ZfNuwkx07KZyU->{
z@AC`d@wMC#x!%}^5$1dVjssoU?t)wT@QU&DW$xbVkRrjcWz$%J=bh#Qf;xc;X}`gQ
z@Qh}HbLdCuAN130EzTyK4>_Z4uB@AQpcS|!WGHI%fB!jb)ft~hJnsOLnx5d#B9Qza
zxSe<&AfC$mpAr91FwTLy)Z;5w+9->Jx@%BYaj3Q`ZxvK1cwr^{I~ftGH$GUnP@n$-
zr8WQE>AlWxe8>==F=>2UGGQJ%@&MjHKSNfR&%6nB{6FV1-|O@$^VRxS&?;<I^cR4#
zLZIJJtL*r1tSYxUeQM{Z-0Y0VKG9ZBr|VdDQoaljAR+z>%?kQb`4kz5#0wl01i8Nv
zIfIB+PF`z%eXk7ByYR%8X<aaq5QS-vX-kJffbI#PYEo*PgXy%FOfGdp2JUoY8JiZU
zLFW<=W)CWFQGga{0>fWo5XC?9c`zIzcZ-t6wC&YAY72_t;|o3Sb=0F&{iNZv2Q=Jc
zjNzEC22w88UFo1JBYQ5_O2y~T7#B){{-}$j&FdHUFOSx_8HTcrYNfwo)|Xv<_cD<*
z7Lfq~kR#{oqz+K|X2-_dgi`J%B+~hjeC%;?=i*o^Gj`n?_<Mv9ZC8swU*Kga-6&MX
zQU0de`J%jY2g(H2`O;ZFR6!ky`WI=<{?M#D=70aVV|ls&sJ$4gU8b5E5^kXMKrt&E
z3`DnK|0_(B0Ho<EcE+*~&smeBA2Nss)j^1jwLq6zv$L-xVR0Um*lYn4=g+nVoI)LT
zz~Hh8_0@EP1Pz$b`(UyBSn3TqSn}Ji>3jtaH<~DC58RVMUIJXe&cl}LDK;%v7r^Y+
z2^Jc?2$&Oq!?tZemd`gkG!!t}H({TlZh#}MqucRA?71fvqOK{h(Ks@|i%fb4Yy-Zo
zRKkj%Ey6iy8tKBbfY_)()IUgfcwh5K@Tt2DT*EQ24srR38jxx}RZ=j-Xx%(JO@9bP
z?O54tE&2-!Vlo?glqw=yyiouN)~lWH1`a2fUmHKuoJKOXhJ4H3%a*}*)7*#sJYMu1
z6xzm$LVvKmF||+p9hkQzih(S%HhLi~4eX86{jkG9eZ$4bVv9N<X#j0)OH@e|dz<~~
z5t~$n7wkC+AHQ+%)Y3F;PW9nf@)adu;mB5oPbD~)O@zekx?Rf&)W$BhO?RtDU3Ea#
z{cP_#F`%)5|Dp@7C#?c+WI=t%fiE`>iAXzQKUkK29#u}Vl_(g})^>-e?~j0FmSO-d
zmpPNC!xTpC5BiQsUwn(<MVUj0eK3oiq(%Lct|n%-P5<{25VH8r+_SQQ%;Z2_^7xP-
z=f6cY{UK4hL}_%2bx|f}bq!dYFG?tgiQ}#nN(w*<0o=nuQ%3h5pdb`Vvs0hIHo@TQ
z3u9gPa%WL_mvJ+0YB8K-?@JazSL_C(e)s*JVyT@BF@E?MK6N_%N6zTrhQiL*1xko8
z#`y1eg}=B_F|^w|Z5N{dh*}OTOPDes?*!R_z_Yx*mUS@)=E!%K*jRmZuk&C<Say=+
z@ufA)dxy^47KlLU#&$VDCBXO_%5PAAU3xZSAFCaaVq^SqgZVj`fyOG*L2KHPVdhb3
zy;H20@12U*N}R4x;Ct|^g}{g{ZEA2YmMhAzCaDY#2^9y}Z3<wl>_){P;6_KlYV7Tl
z)hhVcWqKEBy+>}d7E}KCUYFy2J01mS#QY@k4dz~2W3vYcv_T$+I!Vw!P>mkpdcJ_z
zH*t)O`T~ozK^GzX2%Gsr?k5S-1Aend2MS{#LVupH7@#@KPnO&DOhta~#GF!aoQoMV
zGG>3Dza_(zWx(pK4=GL66v<ombU8^{z4u&(jGE$k%#(w7qC}ic7{%D?%4`K4Ro8fK
zOO;>+UKY{ph7H16?{H`*j@o!*#CoXT|0Z14K{u7qAK`FosCG~_4?{$82BDs2dE=bL
zSzBHZ53d5#vcc=dRP^jew%|4X4_r6h${MN=&f$HA#`=exfeoPP99(ya!7VX@wUaEy
zCRfImn7I-tYj$71&^O&PR!Zd~yQvo!HD#Ve*ni)%$T!mg!oV?zCWM4Ke|DHq7?SBW
zfILW&2}sr-uZ3NiHp>3EdPdw#(MkdJ2FO+it|?tsq4}q5r=djMV&EXFf<`sp&f0V@
z>x8AYm;K4i#U;8iL!Li$Ur@4qhg-VmtHr^ee6i8-UnHq1gaq-Zz}qb$2~z*kUEo$_
z&)9Lvp3%<Qh5)l|G=<V>55v0&SL?%ihPSzf_;4<qOGlic@Z3u~hT{t;^zJcR0cCc>
ziXF(y=S2CIj1(E*d_=);KAR!8EN{>vu5gOfZe~`5yg0oM*Bw9yICV{j+F5Mrwl6F}
z4naKuPz2f@_ymE>F++n&L;vaGo>V4}4humQ1K(7R>~N<aELE01Um?PM<I^e-bRbG0
zU}gr*eeaeo=f{@(EjZ~mJb0DA3tE~f{mL(y{I5TUk}Jl7b}C~lGu@1SwdaCuQ3`Hn
zO$CrGye(xQ+(D=Sl*(9c<_kkVLg2}_-b0{0o&V)KCH{@6kgqiACnk#hzFl#@6pWUK
zTDK3AhyL_LDV(pp5R-vJmD4Jz!vd=pE(U6Z`i!OpzK!%?xtNg?0|YDlwU%8}x0U1G
zsu&I)n8a}ta@*}$On$b&?JBR&Kb7hbIrZPV2ffkMl2Xra1mj)qd<dTeu<ohc)IgV_
z)dv5fEnr&ZWa%+{BdG+5bpNh(;s442UczNJqWq+i?cH_sG5+D8zk-Nd47sddL7FCC
z)cY+%^UZ0LE=E;3D-UFhQobkzFt()<K*QWd-UX+jtIwP=|Bt9usYl~UE?@&PDZJv0
z6vfX)79`Azft3aN1pw~V1Y-j>&aA%}Q2`)z#VoNtz?JWpvjOx{8Z1*7RCRy{2{gA^
z<oE%d%SE}MT%qn19)nyBnn#3e_z)829mlR|Y7uzkO57uH#;XYQd9%X}=VQ<%ko*2_
z!*+FzK^QCNPp#X2Ei<kA<(9bRmG~34!7GGlXS#$S)#_TMi2Kl{eR}wM0g5Z9-7Cx0
zTY)FE9F($9%AKvV5VNqRi3$%YTrqZSCMpR28FO;B%|gRNgey#U6b=W?dnt%MAb98;
zF&l6$T?n1eVPPjJAUY@w8_7=2Xk(h{^%p`9;nY5Q0d6989vEEmgu`L5n|ZJ>9BD>v
z?Bd!op|?PA6d2S)zO*YE(=&quXX)%nnJIZ94*GwPtsrDE9nrDvwB&8qDcpLzYeu2c
z#(Nt+tyKnK-LvPPfvZkgic_HSM*xmq(zt7v2p*sS_2mmwo{%M@QV0N%*S~=a;L3ze
zTqmpK05}g8-%t=BaE^oKfI$x#o~}sR4skhJ?&%=Maa3vNZEaQ8tv|8eF#m0${m6Um
z^XgsZM_;3lv;wI^W2RoT{#=o;{;->;r#AKLr}d&+;18%LBP-5m2gU+{piHLVb}?Kk
zyYj=YPs6IM#|&*c#xer+E2yz#n?Ef?(>H(0ew1d8ldv|&40p>Ar!$9R))tf)C@cz>
zYP;c%W%H)A3KKW|XYXo8&pv6vf#+%l<c14_AJ`<qmvcG)&i;8x3Lr1kGY$k4Ydu3r
z{*=<l!^TqfMt(ushDG`-am@>ZrnktHCDL+rV*3$F(d?vYy8g^7HF8j#McMH()_aTX
z+i9u}dR;~}N<U?5fs?4s<IOgdz{c~Uz7uaHF1i&VqeRdzl5Tg(1<G}@I_`Wi-(Za4
zr4K4T>f4b;QQueTMK~#@$am}E6i4mUm5yB+AnQW=Yi-zPNty5@z*8`)>jbCh@`ajO
zM{Z?wwk3J^H(O3%rP-5PTszxs6K)5gk`sk_E>twl+wMr6aX%$afo32l6P_4X(mhYj
zuH~AfAQXsAVwGG^eC?j;-*l$z87g>Bg;%vjR~61C&RpAz$c8-8+JPB9slwa$+N8C>
z@;kJ@=hjJW<G`fmOFiV~z1`;LCg|0mozWi0CTLPjjMhj^hi2m(m^%WE+tt|M^@C$P
z>^{1hM}}3BK3nY4Y|&%!b6i)mSb_&@vOv=>{&bu6cs2KV=NVGW9rjjNjargenToE)
zGBDs*wxAe`S2ILdxSPv3Ahvtv>WD@mD!G74OMq!4>;N;>D@BSMZkSN4F{G5R0Y+J-
zAyWl1{bH^?rCqAtT*f|7CLJUx<Y@R4oi=)WHBAHI)<LAoF$3RHjTb&iq>sgS@G|1>
z2a>_ta=>S*N=2nectQl&sB<xh_*;~&xV!vPy_>y`GbYN(5oY1qkm2oMk@QtJ8kvyD
zgW7Ucv={*CYV`g$-{>X;Zs-k@_lN&trPy*gxoD`pUqlg|h}5=hC*IHl37hWz`gnW3
z`VdgmlKN0Q>bsW(Y`GNu4WaUxIdZQQYTaV!l=xFk6>cET(S%UZ3+IApNP^Qy)f}vF
zCJra2qj;9suFD)Z#Sz;7vQc(lIG+L^wB>W#_+;=Bas!jF6jyzAqj}5)3Xj?OqRQJ$
z4FhR(XY4T_QFtXCU%B22rcC$WRoq3d_Ov**GTgpB9K4MNuRT4Mtr<S!V?j3lF-a2t
zz{0nK)q%uo+(uC;p|Y+RZ<V!KhA*{u-q93F7MvW@&Ok<uR~3%FPIo*+86QzFvi?>a
zw$wzb?Jd~JB4s|CCGYC&<A@z9<>I$1v7p>yb}@=2g--*S8K1{%j;eMoI~6SsDH>ai
zr0|d{>FgUhV);|12W)E<H#Eq@<!LwW8;q{@lP`xmd%W;kSthY0dTm7WW_t_<p+7Dg
z^w>Sn9SWy}EG0uozyDI7DtK0k+Y$6?eQGv7-p-e<0#K+(!YGYNM(UkCYPC<I#|_{~
zNHnnL*!j#ONbdBh=(YdY!X`*o+;f+#o#2utFQXiG%u-SGszK!Wn=Bc9T-m~hTtpG#
zh=*GP8w;ajS0(Y7XxG$U=v=i)QPPjk?&6#R<;Ov+PCE<tQs0q`pd`v_{1*H~E#-;p
z@-CqJC{JBjdlhYGqrOR>$p&E16gP5OJ_*PWIl-~0k@RgAGM~2gnJ6v0c-0GyUrwgS
z1%StD^W@d-0*C`^4E2{CKV7nmQ8lGLNN>KcCB7tdm4-lD+YqOPw+w2k8Rbn6X6(W8
ze!kjydzAW~RNp6;_T?P6GvWA0<uUCm8m4(l!YiT!J&u9#xXILoLlT|$^m`?LK1Ud|
zA$%AKXo93B-Ad8}BHI~4wVjn|Xk{W{sv-Fr%OIv98Twsb?BxW*IO|vG<TXD?NgFf;
zr@UoKpI`W%Bhi~4YSLP`1&2d{#^zdnFHp?Nj%G!~*|hN^t<TlgGI)L&rOFObqh85~
z#h(Q$xBECZ!#zc({BF-q@PaM_LTMwJ?4lSu^S|i*x*gKB34>lvRfN`{U=ZQV&7M^H
znD!->ZC(nV4{ADPgOXZb-v^V`C1RErElHS(5B2*tSzTdivKzD?A=9BO+X>ch6m@Yo
zv0*VcRQeW>Bo7nh9Brk^FZDB4e<K=<JfhGZsv009f|E1E$wCcXnB!gb1K)S5`Wy?X
z@=at3JVoxmUvDJ5(x=t&oeF-bI(6^V?eR6ii<Fa^lSkekK?@y*XJfErSTGrtI!5a~
ztnL+Vb}z@nPuW~9Z-N<~dm%#qdkggBU{q<)#6)~X$dqrbl~H>Eb4@7{f|X0W_~Fnf
zR09|to_4>G*4#+Yl)!pA)Q5dhgt^nG=ibnvOoS{jea_+y24NwMoGI56$P=3(7|9h8
z`DURG&yu<EbsgS;U*~g4DDWuQBh8=#&$wzV=)TEIzN^Jdw>=`L;h}ed_x$8Bs^mOl
z1iR2rNzTL&OM4t_f1Mkv*hKNfictjrrGfGl8e4y|>Ntgc2cIsCIIK_cqiA#nv!j24
zjJ6be5yAD(z^{C9_u+cNp=!dn_1+Xo#r*fOyl~sQoWI2Ds5C|qN41%w7*o*tyt218
z`yz}6cds`vr<1feT%}uoWQ*4Ocu%F*63|hJN_`%mDlkkP#uvDG-a#z!LovD2rB)M>
z&JSX0iYhv?m}Uziv7F>(=>@7>yK(risnhk`dE974?_ZGqRT7#Ea&-{TiJycq7{6pZ
zN^*+i-lPK+MSH9F3j>-MOto{=dbUI*Qk*}RJ7b0!4o1wNCE~S-HFPQAC~2GCY2H*<
zcHZl?5K(p+xRVPm@@aYV?qLLyl+tZ_sc$1IBK`=5YbxM8YWat*EcLrz^ViI+_|1T(
zut`59wHnwzLuWIR0)7A4Uf4fki!Hxrz8EZ*hAd#o(-cv<6m?1YYij!E>-Hm9TYkR;
zh4L7XVM<KH_IZW(pa_R#BahnDN6%3aa{qvxmjn!*PxpwXN3jLj-~fEVR6ta9JyJ5;
z4kF!sA(VB_wC!1%3+bLh53Z8wKjEhOFn4%~;N@aVk4JdCf?WNMPf5Q?myZ{m$h^}F
zA@5+|NBALBO3D{^jhwzqe(J@)6wWMkf~8%X=)exlqV34DZ0{uI7>nlGdz{g-Kh=2&
zDLY;?7ITsu5Kx>NAn=Yg=nYrVg%2c1^UNm^B-LrbpsiM<-Ju1>SIsW){wn`@?1+<~
zZ=PO!5ESPSCE1coBbafIeI$+MYkCc~h6o;Q_@ZZ(z*4@<hUk?5D1O-5d5X((T#nI9
zgfs@_9R}(w1bbM+8fx*tsh1drq;T>NI*jAjx*Nc2;{7X4OqLeP$MxU88Ul?BKR1ER
z^WE1z=LQ<NvBslw$M8T(&388gj1>eQO_=TlZTg_v+y$saNtg|5)^xDo-`2-DrN8JP
zm3Mzm(KL$pw}vp^vPB$=bHCu8G0afpy4_7WiXmyFhNP`io+g&Zlk4~>oqYaxgGN*7
zz#v(#=kvetgz%6d$<BS2ynzw}t`>!mP1oj`AF|n^_*seyJHpgvVk`84eph}E8P0)>
z)f-_FWVPn}X$M1_SkP>BqXQDh&l(-xNF?ory8f4s(!=Z<jfH+TPR92#vC3f$_#AvB
z`KIEAwzEJKT1UzRlNM4H`cCHDKyt&&#W-haRL9EUHAbY=p=pQy!<N6AXDuII${MQ_
zI{C285#Dd%BCow3p0JNL2E4?dwGml7Sl!y1cfL+QoVER3($uOYTZ<?%%?r~X*{uB%
zlXRrsUdw)?B)iONp?WK@lb07ViAdsGe7OV{Ps;y~OUs+lnQdlsOz9o{nmqoh)$Tfk
zqi(jDj8;ecofjH4|AQQfSAptjQ}PyC@>eE2ZGFQzYS;55fd{R<qhEHBzf9kPR1ycu
zxudcb*FFpGkcpjz-t2F$U_3>a!o?`&A9lkxhp^<!C4@(w_I)wLaA5pJvl?lCW`gVM
zU_Twe2e%d-aYST`9J*kJ8AR;&qKIhEL!fzsfHZA27Uys=$=S0I*}1E{%072+?3)+P
zKQ|O*wjdMJ+t`_~Q^FY)%`{etKWg24#ehfhqu}V-!Afw5zjzdDR1d5>5uMqrer<Il
z^Ph7gLsE`y*gw0B9!X$(ugAr{KNA1QkK9f*m+R;ya(5mWd{1gcRw9_au`7qqz-r<l
zQ+XG;=qAE@+_LZMx-GznmyFa-ITu9pd|$rKg#-8D6Op~1tI)$8-2<J!iTS?^#pYs!
zUW5R5hWMp^Ya>Ec^p%ABtuXwOpL2c;<`kOyI7#O-IkmmkX(&ImT1S3-n0To(7h*20
zAD!%_4FCE86*a?a>OH7&_t~NKh*Kbj)x4GcLCLFyN3A>_^xkVS2;Ed>)&q9B+P(PF
zZG@~z{AQ4nF5aHUiTKAbCfo>(*Ub_Ed}QcR(%0C8@KmJ-8!y3qPnY>NJx(v)kbA$z
zVxN&_4Cyh6eJv5C2(C7~g-f#e2OPLEzC3xaO;r*tZ)7~b9cH`*l<+?%x?41<gQ@%K
z#P$x5{J)vYlo7stQzvFH&(-V`KwEpYU$sw+iuem`k0CV2MUMe-adDUJfh9s|*WW-p
zSp=N|eao^^%#16aa!0akO~x)CwNYTPYh?1QWtN^Jc8EvTW(3w|vU#(~Lo_p5#DR~1
z2A`p49(YrTp1;zdZZ&aMU6+m${rZ}4MiY@HIB}{z1>3G1J_~Fmd^m5y>R}1s<47HH
zF{0f|tXRoi3^wTWj;qYec1Z`R#CXm~hq3`4xFO=*Vbr<`_|yQ>1R}e=ov<A?Jii$>
zLhzt$sSU5nw+M4}R_b%}TY6`>W@sPV>Ju}p(bgRgoPO;7sKJor{1cp}^Hz0W^9#Ty
z13Z^M?4HMw2BO=?bKKK>;>KiD+xd7MV9-9N&U|1>$6XS?+?8S$;Jk`FCcduC@HMNU
z>@yKNNr|6$M&YZvNO*Ruul|i6CNo$`Si=~eU^^oiSFS4QP?E}7o`Zuv;3c>MjZ6bR
zJH&|nTV(BpZMsm7rPGSbNpQ^<`;d>0l#7|3{JHV*MY}dP<JJD$SN3M`ID5eX%~Gg+
zHyqoPSFQvmso_!@yJcKOKlVm<zkaUI{IwlDL-V5-E?@iOI9dLeFOK91o9eL>O=d9e
z%JYWA#EsCIU&`M9_ig_7b)I1mx8{52z(}iC5_Dwj^jl-sqe)vzq5ExdPx%dh{IOQ;
zeOHs`uALp6-ekbY$*P;k7lg}Riy)+UdT;gNR&vRq|A{SO1UH_r_um5wZ-P)+t*oUK
zZ^z1m(>w*Nz4{`Lo+tGIerYuW_=v<#hReizTauLoSdysSW_()OlQwTzm8qOO&}%81
zDksoP@fOw=Vynda-n2PSpdT@*HLk^AQq!T@%*{8kdZcQe_npt=^tVH%w}UvZo6rvW
z|NcGx%*mj^__uvRs&Iafo$qw2uTJ@c>dLIt;5GL|$`o_B&Fu2a7?pYLkm_h>nz-HC
zAE@h}sIcXea>$H?2p!UrijH$2MRfFFbVgTTLb2Y{+5#J~rKXol4>Pg+tGcZUK}5Vy
zCd<S1AC%*tHWfb@r7f7v%W-NfvNBMbblVT(C(sOcSZ_P^gO(zTJ<$4nCJJAz*A&tH
z;(f;E9=$hbt+W<g+2g~5=NM6F3US-1<|V$kOO=0Vn#1<WZ*PK<K@XNpVy9zky_#>j
zI6?RsQD={67&$=x{<O90-<gu|L}6=&yzAH3*8uaGTf?FC<x#|!ce}yhLYy&SC-OA+
zouDP_;}RKGClkGmr_nKwB(Ab}-(+#!g=FAD$`<ZF*KT=j0}QrsO|vzUpQ4(%;0>kM
zNv>;?{<}?IK9aQzt(>kDQ{JPbgYbkw+^AYX*RiC>nzZ2NRZ4xosE_klos=11Fwm;&
zn@EZ0NB^;^J-Kh{E*=hFnM0fuqp=t|49&p{?`G%)%>!{hj{=8RilSoHqu+T7vJ{8m
zSNvc9>J`an_F7x3$xrKDxB|6b9Kh-CCBISBS?t-*d`7>@)Kh=_)+537+WDeCS!(YK
z)0sIB!t|lRs1Ej&ioY|ol>X&oWzFO2g;}AuYzdj!>uY?ASfugw9~GzP7jh`t-^P89
zSt#m{#z8jK=52`f`^05sM{MOrCW$k|A+lyX=lM*hl#5m2tRG@XnlpCXX_oe^A7B4F
zxVb>qES=YaALo2?74s-1!QN<)L;L5)gu=<6>hVdY1$rB%4d{!@v2fo|t#JO-Kic8o
z;$W2-B{1g}D9=l){g7o^(@o6gLp|B1at3}^JXZ6&FuZc|8opefSNEcAZ2Wq0X1LXg
zft6q!eKGr`60M9_i-VO17ysHLS^E6p^OpNKqHLQvU2Ri%gavl-cNQ+pF(hwGWF1J7
zEBqM0FO;6|La==V;v3#fXzz;d*I$<38!tpQl|J#a*!O1=C<c5z$>-i891?8SVdG8v
zyZey^p?P5T;7+t8Eko%OqZ+4DWy<mXe8Y{^;!{1D<TH#&-$aGY5LUEm9IYqo`<gTV
zWR-&*w{G?u(I;8OEh9^1^Okyk+R8&?$%j9l%^^0S=mulgeDMuuveOe37p-3TJmkW6
z?XQHEvIES+7Bo)OsZYUurZX9Hzj3A1*stj+M{IM|QvVd~!J6-HOr23u;Wb8o3y#%T
z{)P*_rte!~x9{mwsa})rswt}}`|@b;^Qnb-NVBQ&G#&ds@G>eEeQYiwYak-|0oD=3
zJjhmx3(dpOqswyX+>ox=Tc>39T;-U~>K@aG80{ALlOD7Hc3e~8?e#?Kv!%E${2=q7
zue|Z!vcuCT!M&>V$)R=N@DZ2A>V=*P(j1y`C1#nA%Z&IPw;C7INII<?5#4ln$fn~{
z{3X0Wk@HHFWjoQ52Y24XzZrq|$I2Chi4J$8oH34t%R43umA$Y_5?8KX<QLe_lQ$*=
zHYU!xNu-*i(LyD{BYhjC)db+3Gcb3e+eIZWO{J0es)+qH5?j3@>=hH*z+B5FgRshr
zS0Uc&x3{U%!W_Gf>fdD5>D1Jfcd>d;lzGRyb<Z=6g<{FILcLhtffhzH#6P2%jqsH=
zeN0g~LR&z$m+4^oR~AHi7NnDZJItRC=e|qlxdhTa7jwta1ba>-dyR0_*Hz7qt5Ob~
znjP+64k8h1!@%vd7=FT8_|Y@OIfAzc{o72Xgp5D40X_I%DYHsmqCncU{2C1ZhyU7h
zMLdx6-<1a_vnq=_zHgcA&a~a@LBZbiSt~~Mt6A#7a?O@~fNnY0?mlQL4Vg}AT72!v
zx=3PI>|8BK$(XJFJBb7bO%P8MOVkR-9jPCdQ5w7L?{_|SD#-rb+<=F;O||_^JoTus
zR(MZN*}XeE8vi@;@EZ@c?Kits0g>9S<zdY*gXK=W+P9Oq7c$MM`P0BMK1$un`;~-$
zo*#+ZhMA{Bu)xE+*0Ql?N(Dj55sF0#*SY~-I{=RD34Lhnc3(o<d2`BWLu)$oVlbH8
z5!aq<Pg9*BIvr@ZsBKY2f;0U~g{qH4J-Q!=_%Sfh1HN8hrZ1(XN@i6BbhwzxY>F`P
z!NR&zKA@Y*0pX@2mdL0)Mtg{32*H#<5X&;LIYB;oXf3CS<d1|pJq9Q*rMOs|***B4
z$1afAGH9gotv=o-gY_Z7a-TaZPGme`C~@>*Ht9f1+XT}sW7f~5e_>u=YfrWw#&bLg
zW%Q50)_uPM`aiw0+NPf2aelmpUlb+qxGRJ4KEFtoY2?miU6K(AI0A!qFr1qP63qjm
zyDtQd?W)3`N%yibl2&AG5!enDYzY}jly6e#oUNtO(c<kLEXHQ%%9w1^hRR6g$H_wD
zu9qXfwc|~B-P>orWtO(@$@>WDgg)+!F+=+o`_qC0pV%M?H<}!BpUC|XmP6!ZdZ1~q
zk5lBUkmNPSXP#1pv5(IzRbQ?qT>HYeZWc5p{MYwHvgsE+D{&B=w-E^{yfD`ASWXm2
zjwZ?o$}BX<jbqz5$H&tDEE=o3UfF5en|pXbf7WujvVXlGq7*SD<G|GZi9&-+IV_+|
z=Vb~{e!zT-RY<gUs<8NK&wXLRWEJMGC5hXBRM+#9ON<W5%u35f^0&Biy1{1=-wxAl
zdT~j;o(ha|z8cx6un$p`m$3m8^tzo{%%`NY>0_ltCO)o*zt+j9>3$0hi&(y=_!03L
z`BN@~2NTN9CQUt*B(xm&Wvn)B=c(vyk?+6ngR0&>^nzHb?jnsex!yTV=56+ROXgYi
z2ASqOpRJrHgC0kcevZZE&J(O?!u-ia|JGiq`Rv?adRNoKB3A1>*0bi*YE~EEQ!ef=
z<bU~PCn27VVitEp7uRk9yK1aMFdfZ0O;nrmr`Ae@WV)Ov@037iMunKW2q}}~rH5e^
zil-X#OC)&kG=D3QQ#pCWF=&VmP&~!_92!}k3;Z_%f9KfyspuIO<BFx0DAk4mLa)Ww
zv}B5VSz5^hwYi+v>P%LGoU8(>+)kW1ZzC&%%L#4Yn@{C_imvIOeg9-y47PQq4x*Ml
zc>Yo*(P|JJtrK4yDavo}WRTKYxr-z29DDYw7o74)Nk2VX8s%aC)SHdnpeb15!Dm}Q
zr5_@%oW$Jp%~ZPmxr~u^-n-zGtUKKWq?gU2;<S!uW%caw;`&9^JeAM4XhesCi9t8{
zi0&`ZSW6Ra*5}R2KePTd#Iz~;)!ukFqphlhrdKUXmGLVD#&Kt<LYpxuL9t@QrkElm
zMRdw(*!LMWV_rlu$v*$_tF@K5^yb&z_N=?S9)&YiYAdg*wyEz>{VQlHdi#P++pf%=
zcUW=6hQlq@&f4LmOXx-W-A8NFCIK7V<5@RMA+V%iVS{aQw8u>QULM0viA}BMwNz!F
zS+~>FQxX->{d%DnjIUD;7uCUPK9!^Ux1@P;n0Iha0)@g)l84iXaf)M54kw%h+A2jk
zB$|=t{_os++X$Y+z(t)ur_C(M7*VbKf`iUxEC<y{$Cu&GDgMWPX`bkR!t{D(&`7LV
z3M-DfSUAcqocVr+Q&cB}W%KU_Q^GEJQG$o(3>0nt(u<Tmh2=0DE3@3`^s~{0kt5}P
z(x|)o6+uk>B``@_&CGYQ6i%6yeu3hnhGgwltV<S_Y2;TmEbZWkEdwTz=ce1zYVDX6
zs*-n>XEPn`<SG?pCj_>DL2b^B1Y0-{9tkD2wp4Y)Nix;KQ2QOu_6TKf`xfN6oK8A(
zp6A*p<bzE$WPYe8O{u+Dj>1T6ixFkTa;r%_1c|$?sUEQh6nUE@c8xqOm`W+0Du=g}
znYWC0Ow1M3;o>HYXRR^a?~XQ`I1WbY+LMXQ-V;pz@lf~jOMT7hMK{b^jXj#mqY~8X
z(ac{!2wiYtKA2CB^99dwe`ad?rA821<cNq1C6iiwd+*{jt$RfMorcqqU%I+aCc}br
zlhGGZR<6NL{kq|6c1~A?V8jw)JxWt}r`WGUe5Pb5<h57=4!zyWXVEy%_AUR;G;nJL
zbrw}usbwJDM&V;Vl@OgK@g_U}1o#4Qd&-o3pyKnU8%dFGie#FA%ajm^uYMQG82v~(
z>^9AwhSEsw=ftrn?)sXxy@)THT0XsD`~1;4#Xx3PTubP>m6R^lSjs2}g$asD4b<M3
zPTenf&yMuJHHA@1nl`qTb7Rs(j}Q6AP`ys+{)==g%v^~1nRSih$0n8_&Gk>#Ya2mk
zeSLsRCK&9`Zu(B-ZTBi>(4EFPvR}x5;cFSaSGYwv2tOK(M}8#hYs_>rICH3Rl8=cX
z$@H)G6@|G#|Da;oG$tEN@r$<hZTzdLFp}?5;pNunBT||Mx}Cdxw`(*ar#HQvLf#UA
z!NaR1)jUR<wNX^z%$9jx2WT}a?PI>*`oX7(4;+%4RBWXlrb9)$xpJNRe`d++oVJ#d
zoPNeIe^wPpt*9hp#+&MVd~m}QEN^m1psW_}r^LuwfW=1CwN%Gh9sNI!uEDL(uMe*+
zF5AX(E!%F{#&RuNL$+<#GM2fpY}>Zodw%a9@V&0@^*rbKocr85Y6KTI{aDL6mQ`#d
zX88OUV`+`+`rUL*zt|@B6R=s9FD7Uac79Fr8fO4-#$Ss=3_v}R!t0CD>cn*O+)SH?
z4|;i_WtviW;XsUokI~9}*mOmAlofwP;+toU`_~^fn3C5CX%>HiaBki^{>%_7JhT^&
z8F6qW!|(k;&+S6~WXVA={BojN{j_uWRpBVJ&^dT0=t;u)@%yN5l=Wj;5N$p~^#)~<
ze8GwM8LD^;d6i^Tz^K2k?_XGh;q85d9)p><XY_uk(sy*x`)vfli}L~^qlUaMH5-Dq
z3+g*>ZO)f5i;k2^vHFGmmGos|)%~~7s@ie?b{w4x%VoN~Lb4!NN;z;pNlxoIn-T>J
zSOZ+phQ7`GbPY{3#XP>@A5d^NeH;HrF{o!MC)$RgIraoy-?1s1zd&-ejGbC(GUZa9
znaAk&H;sIZ+q|qTpFCqP3xU+{Fm^P~@0#aahiB1$!_%1OUqNgRqXj?`!eQWeF%5XW
zErVU+X*4O*YlRx)24g0|1#v&TujDWEzTDw!h%1J;??FQ8LOXT3Zcd!+y_H$mi*~d4
zE-T7kSj)_z#sgdYlAEZ7LmJ(KQrQX3tS>Ltx>H3{3Pg=srri(gv&1W(Dy=bjx<BG6
z)*0?Z(!Xz-A@6@h*85|4M)~sKK9T&_gzbpY)T8lA{gFBqe~hF35Oq?e0#_jB@l(*L
zwHC7{E8;szA@9`ntRM4d;DFGlzRGkgb(Thww=y-so;^ZM<QYHjdu;jg3U9i0zgOXy
zwU`ion@Px9N4pdse^wB8mZmqaZ*qiCJEPb7q`A?>tHzn9jb`!^q4)dXFKPxB#%OLN
z0>(5x+S`w0yCxAyXBz3xSUeM`{{r%OzmGg1G{7+|R8rBm2ot6>T^!p=e;AHyZa3-%
zl(i9D`QYubNr8y(3AIj{2A+DICZs%H<=c1$BlTxM5^8%6cnC*bMOB{DXh?N~@r_6~
z&~yx^78Qf%JZ!jnKv+%WW9%9vqqux~g?k#a(=gal;1_C}_i*;G6XPK2a^#-hxaaMj
z2XO2eGIrV3(95FUbwUel#AA?aC^gNVl)1sC3Ru<8#GEm4QO=SUubH)!|FUM_#rbEx
zp;ITSKsh_2^|}a6XicV2Qn&b$#-S55po^!{%p*DT7?bYz8N^L=N)Eb3u?O{>iCF1C
zX(}xfw;#Gpi04blwY<;RLuL=z$IkGX>BQJh_@f=uJBS%(W7cqkYA)+aJlSoyvMoa!
z{PkB)>ZdPz?g6RX`yy`bdS7;YD8%2y_Hz7*)f+#jO6DqhuoN-0T%0KO0X_4kZr#Mp
zFWafi_VM|$aZ-1ZBuI$wCiitNPW($P{~v>&dY)1lc*?%=e>p_Ba__6H@fF`I(T}xS
z389J$i#ue{HX?u_q?DhvoyC`O`AI`6l;<N~C_iT8m3aQ%Mf}=7_8uQe_W?>Xxhoml
z^4a|9HZkSk!JzEtve46Ge{ON6;_|gc$<Dzp8SJpm+Iaco`lho`<Ccjiw1Lrw!*;%`
zenh(2DIAS;41$JQ$<@$&P`fWe$Tkc!hyJs_Hb96E=jsHUhn%H=rSIRg$#G(Ux}erv
zg?q-T%eC}MyHi2h2U7#qqMU5a+!Be0{8D6^4z7hfi*)Z0R};cOyN~fF{2HFmT5TjP
zML8-V#x`BWzZ>c+nJW$_dcQ>ZP3Z6k$lLPqG9Gv+&)iG<AMe5vOdfeiZQsT;f0#&X
zQ$HLOuNdbhan+ep#EsoFGRDXADMjOjH_|w1jKwb5ZVkZ<O8_iyzgi$T_y`p5lT?jG
z$i!JH7bJmZP29qf-?|kjxmk~ju8@|+lXBT_GC`PvsrxscA2V`L^*ri<mJBYw0S|3I
zkuzoZ`;*Vf{+twTpq*HKcJB%fiPL#vE@Hir{Bad+R(yO|G<9+KSNrO`C})))HfIl$
z_!A?OgBzz^9V^~=Ba0Q)5*V-e#&4o<Yk3kv?6K7nzwrbUPraYuaS7U#tl99-w*AZI
zT~ts;%%^k_%n<QxPiHQXwW}<SNCRioir=a++zNh%ioaKSK>66SjIS48n_&c1-j+Hb
zeKnMOMOXXS<?R$8pTNJZTk>3w!DQxCp@uWKaM0V>`V;dCh0DL^%ro}8$TG$hgPlnj
zW%iT;*33{=k!zqp*~^9n>7ur?s;0TSv)9KRG|EuMkIbQ;2U+j0LUPHYj=-@xfg{qo
zh%j`5(hh}P9MCv$p-UHqsfyTq#9wM&_#E|UwsfoVS*=YANww)(8>^0~&~pB0v{CMV
z7_}uO^>HFWOIB`j6z<)`sF18L+YH|2`VR9IM)n_%&Y-odRtjSom-mybRwiECpb5un
zB6N$gpgysPLQXCG81#1_9JHo6NzJBm<saA6OAsU;IsKMkyh?lJQ>jVeR*rJf64^_l
zNy1giH<DFqoq%6NqY(YsL2JWUj8B-TQ{Rgd6whBwQcMN3U;6+PQ3TpZwSe68fC|2}
ze;)rv%;H3NT?M+oK}FgM5$6r7GK=E34xcu;)hh`AN@R|#%tx+FNU@qL;B&$1i88LX
zX=%+RqwfwC&qdj)P3Cc$1wY2y%SY#t6ExfI%(Q71RTpMYIv4p@{q}`g5hQiE$fXA%
zSIuPt_A;^}i0XaZ$xqnV2C#O|4`LH(KD5&x$aVk*ZEEAZa34Mmf7lV5z!X-o+7P;1
zU$e#!O3+(~Kn2GTLr1U{iJUoym-lh2X9YcF|5@-)GPfU+K0eTW(_T{nGROT?V_-N^
zAYZW-``!veG-Nv64mtW8U#o@quh8BOrA3N03~Eu%x!(ZTux*1Q8xa9}@^B#UB#9<t
z>10zY9KH|p?h?2JD__TE=fh!_wX3IinYdjhx&4oUb}Al{Z;>Z4oYe(LICxV40ulS_
z!bb%6O|k?_v6Jn5qzL72VSvVj_<K>bB`%pcO|^X!CI5W#tH`ZYe3HORZ#(E?fK|Yt
z_+00(j2XE-!vd_XpyH-NJxY05dmH}PtyY)iRep(`CJd|fzYG<+C?aqnm6rGwm(HO&
zSFt8V)p59Q%B<xPscWj=6Qw2_4vQ9|gLJg=UF`LY`lJX7XFDOc>|im}n0aGPm>uR1
zG?Rw%M*qq_L7?|dV7l>29*xAQWK6G;>Zu>Bmtf!Uc7Gh_iH%cjbk0qQy|k+_!&3Wz
zx&1^QP-MVnl7w`NAje=MrUqoGh>AuSbbs1iH2GPVvbxW;+-Ovf&G+xn<g68m6&}8d
zYuRAHS?r|Gy0`jzUXUDwj+KNYEjsi@Lw?c9%Qn71)NCuB#rtroIyUhkjzPnlzXrDh
zPw6I*^3;rgUlV)ERJxDQkH0dW02=Y@2p4j0>FAp<oAz;ig6PHCl?<cC_4dA;jPj^q
znG2|Q6fH8~cy`PU)>}v3Vo!R7qudFlJZeWxfKtB$58d2AgdIuCwR=At9g}}@t~UvZ
z(mTo%X7Z;5onwGJAPxiL`K2lVw`-KD9;rhH<Rr~YJ94Yb)1-SjgRu=9q-$k$2QgA)
zt7)E^51vrX>%RD^^xAm^8h^;k-mPerPF`^swYn115fFX)AkGxVm@QTjeJF|G(DN8-
zOQX;C=X6HKRrZyG6dkNnz}zsJ*w^3%l(|4VKMp*~_h!t`w(ZHxJ;ktBQh#+Oh=~QJ
z65856m0yQ`GIe{p2QT;a%}4>SBcV0I;u_j7M^3o5%)J%E&@82gO~xUwt!~?%TGnLB
zB~|>0o}K{+U7PF^Y*(_C8@*nVb!)^l$wLAbIOhH~N1yiUl&Z3g9iV%L9u+fJy|7Sf
zKWPt+k>O*2e6u$>XGJswheD2u#os7&JV&uzxr?rZyjb%bPA98cfU}ryTZ*8H2Ag}a
zutQe-7GWL6e(EF~JqII_eL7Pb3yzP^l29dc<s9aOaYA0Lh{U+lEG&vJ`{rQY7xx?o
z@p-N0^`xYm(9UdSHSDjGRMu<AX!iUGotU(j1lN<eoh@-mS6IjBKAEh~Dy^)#*o4SY
zmNIi^JXI(Sm@Xf{<*b-SS5}etZ65?-yW6xYW>X`mR^+5RKRQUSliD}Z+;S?U{$nQx
z@{Oq(TUmD*K`x<4yB91$6va!r;!C5G&7f@V1e?|ji*Lx<_0>i043Tj(zkcs;SS4j;
zUpA$j@rv4;qdjzSjewCqCm-WN%74WX=G{zS-u*>$^@1f-lGeC~gjHVm4ouUo9LJkZ
zs%=Y_Z+A)Fk#uW+X-gj;kgk=mUj3eP+@_<G-Va%K?`Z<hd-dg0HUoIxX4GsFZ%Z@G
zLh6(Qp;apTh5f$=IFefHDX78C%sXoV0STz_`n`0Vi0auvp^+_WKQRB&q)<EarJbg#
z-+AhaM#94cZU<g(3coF>0mQm!-&^mz^pSGsJ-QkK=18At>xQB2c$<}KXUs*(%9P`X
zA+Sd}9oRDKhMVZ-<b|6o7%x|hDov*OsJnYox}Tq$c{^acnQbK0$^=QxZTi&m0KGN)
ziQVcX4GE?fU$OdL-WjpvjY|dL=&M?C+5MlE{pm1hXF=8G>ZuYhqwuo9qsu(7AWDUU
zDZuu0i&mlYvqguGeAW@ij&M$_-QydLm0vmoD+B-UAh;7iC+5Cc4PkaOE2T(DKP&_v
z?g|wa^}1%pzU;{oQ`R@!S<g3@eC~JBL9Yx!V)iXN=GRz79RR0wF7KdF+s$O2>fM9a
zb2W8{MB)hogMNFBqko8j1LRTG8f|vg@TpJW)A0%_8bs)I1`7pW2Jc@z^xlYXa6W(;
zPCv@Z6(Y_D{)_=iVTXUAtC_U;IAOyFC^%=|+nyOlojoPX{M03|46q*(TtZwVYThr}
zq?TD_a9#a2ddhj8A*eBmvl5dT1Q(+Vu|1b^Z4w$mnH#XHvqjZ9O%+!a*8`tu)z{*F
zy7IiEzqQhp$dWu5bwwT@Gm`F(ShZ}Dbgu}`bml7NaY)j9h~M+z06}&zt;q8gLmkXN
zeyPDTH)DC0KeU=tmO}~4!4&@>BCG==DPC$?^)$PBAbU^tiO2;CvUana;S6X_8;vw4
z&^wRT;tA*vhkuBfeC*G!bEG&{I`Qn#Ws|qw5Ag;VE3i0x|1i(kcPk73u}WR}^K;=W
zo-9wTt@QiWevF?lgE8UzdmW7J!FS+ZA*7I{rdACU2S}tM<-73T{Q?O~6Xms8i^gY^
zF1HDVSn}Vja%3^rpfSVF{`vWHB;!j-lx~`m9#2G$|8h06|6D691dW|^c4|1?32cCU
z?A<(hw^sFIGMbbpgu>7&6BWAPvAW4dm@%*{TBM6Dq1!j4(g(X@D@lfcf0`I6plku9
zI_cL?+OyLQy~%4gX)>GWCR-8qGX6mf%AikTNd)M;2{v|q1I)lKlz9mg-lX=!R21i1
zYeqgd7VgS&`QxeLD?Pb@ynsp1o~0uU4VEfR`v+C}QRw>deZ<{7g+mh9Rdx&iqf+k8
zQq&QuDGDd$mKOZAQE&|~zQ{*|;p_4J1oTv;;y%+3OuSu8#DN884K3^3fiKTZ!c@De
zNW`rw5oMC?DuP_`@v^^6*4QMEy-D^uPkt}|MpZR=mw*?$sd{K|+R8rUTS=s`?#}bA
zQljz~gkW6#cU-p{qdF!NdsQAs<+T(I#C_V~N$;(tJcT1?=;jhr4zO51Aq=>r5A86s
zsqYMnTx$a|q1-l2XnlFM$F!9Ik_QLeZ~IvI`*mxegX!zlU?itM<*|IZSHW~dHKnjB
z2Z59XdI1N~=7L72qOvlhNbcgIz4Q*hdl7Am&7fabqZxC-t*OOd<SM)3d-X!Y1(Zrx
zt^@M|*JTqH{r>IFb}cAPqU%u2Bis$$#e|4-2J2Wmr1%A|vDS-s{6T62F-rwCMh|IQ
zKd4tBXtCCiUA?Q@oi>ZM0_x9hC+ikPy)VW2|Kg22mXZ<QnJ!v7?JTU0aQj0ZWbO0C
zpLf@=m4Po<@1Y)OmmZWF;D(YfG|6Q)xX2!gwTTCTlhWoggOqZrM#YfN=(oj*C)*!<
zwoZTx8;~H71C8|N1x6Kqo37#3!Icek3#&se&<JGrg%q6@leiIa%!{?*m)T3_V2bZ%
zmegv}m_cBMIlV8%wqB%iC8VkH2x294O{b|0Ot)5EWw?pd%oH%y_27uQirgXuC3;AG
zHhN~ps0@%A`~9f%2Iz#vCv+qpV_ZE=!*+`}LiJU{?K2^<v5s)4Gq?$!PT9xWCbIwV
zKk?4^c-Ytx7aFEy$n9WO&oWs}1=kQ)!g24^6X-GIN?%4Sjx#HUy2YzSaXrYa%``~P
zp7H1!9?&WdBhg|BBJ|#T1z$fncDdLk@S*T0|KOdWn#v!r@uuLdr!UQwy+2GEPEi87
z4e(GJ`INn<*YiY!v9U&?e2!KcGxymnt}DbY$zY~7XbB_Ow;-e3aipNwnmgSjj>2dk
z-Jd+{Z~W1hEmiJCi1yZozpzm6{rJp02b0U;I+S)1iEJvFw8K^hqzubfn%3-9!(ILI
zs-02hM!(&qK)O}b)F@~|QkvcO;E&>fyByNqo3du&`4fe=C9$P&tJLVMzF(+*zWpvl
zFF;442CVR}K%p=t$Kr>K+>iY`cr91=`GHSMk$133*>)&h&^loPxHpEvx0hWNLhf!t
z|MIZ#LIUq2|1j?$CJzI?okh6j@-*jaWJ60Ddd+iT4w%m5(jCB(y9xEx>G8OYk`;+A
z_hA(;J*Y5!z&w=uXJ~Jfu;)Z4=W7!y&rx90!-Koh8uLX3nQiE=94)gV*``Yy;%%b7
zrJKkGsNNGz=&5mi)FVSSa5NgWlukBzuDU_6WV%SxoC`Ty6qS^gZW`X-mW@nVwP(K5
z7Q5=CZrSRhwv6PCKL>Ez7FW|zVMF^Zx!myvMgKUp-z{at$3vp*2CZVmPN8eb<+{|3
zkg+PwQWF*N4uBn2S?H8!b`?o(CrHdN;*j}e0doVENDDQTF2GM(?!FVslYSF&g;ekR
z{e{U=L}MiuGWpYpUub4kPgY{1=JGrCv5lp*n852notX0eKmM)0{XTWL&K}?mf25#&
z1(2sfrC0jlr40S-Hs%pns+lolR~|kLvwQY_L`?B&i|^Gln;JhIhOAq#VZr;<O*Avw
zSlPQ8Mo%hBOH#@KJPv#Rtv{k)$F|9s7y_l6`}^cjD#-);5aN3qJu5>48JNdIJ2p%i
z!hWX*1Ji;@*N}*-y-c36Rx5OVA>ojB2$ngQF>bDz*Cbdng9);#-+3z_cVCW6`+UuU
zmF!eMsR{xofTc8V%`FBGAht!zRrbSEoenC7r0K~FBB|bZ@{c9VdUvnOFH()(r+zC7
zSfD@<O4x+?@1_1Mh~`%~F}cZ|@x=yWYSGt#6;Ttfj4}pPHRpx06VVL5q>bO>gEOAJ
z0SInL-=$OKfs4=9y9KNk)thM1il4_dIco}--{r=PbMo^|f_=AWBlpKxdnY-=mH<)(
z-h^L$+PRS~jqm?m;o2&OqAyOU(0C<|z%gc`TJr~tLVYuN-`phGbkvW4K5kKX(w0A_
zQWR;KbFT<cP{|K{6PcWw`%SB;k^zgW`~zSyo7<`3=@DIb2NpXc)5-yx<|HQz8pfDF
zd$+9xJ#51L#5nY}PpW-76Ab+|xOXD}TvllEup+6?KJBcASgKj|!x3lXA@+!pj=9pD
z#@?cEEf2s29-QLa3C7+}UCuX(E^l7iWMOBfq_g45?T$<SDP0bM89C7HW*cXk?C--4
zjrsr<8S>D5E=dbM)P&VoS)M|qUy^@Dcwik*Mzfno_=BkBgM_UG(QgVSea~;-?`ccl
zg#jj(mEH`nTnX}#8WtyN536Omy*YFk!1H8Y=$AB|NXPA7)a>-*3l>dX9#iOO^(%VW
z@DSN2He2Ujy;c!9gZA&&SYyFE>y+4tM@`NeO{q4TAp-|`TQm-r50bala<z)ne(&C8
z_`Gs~=O$f+(UP3r?&6!TD4!M8_m4OVi^B!|>>SiwLwsIJlvF@kY4kSh6l}|s<bY$$
zz{RZ?A5dxJD7dA3%ntspKe7*WCo^u2c;MheGf_Z!-TDG|r1{T;gGyEKC%=}qjy{lZ
zK=%a6Yi^-M!;Zbo2=w*yhp!FbvitRdLmmtuoGl28C0ay&Yub!}V42M#>@E5c+N%&C
z&QyqrXv0Tc%Y$r>DY@-YZmer5^v=?WJ}DiyZ5x}Z`C_g|U7!<R?RxuO-0oJJY(+)A
zL^kzn@-dmuI3kQG#~D{t5cpG$JPR}j48k54H3GANCY%z?M3{+vDDQaf^ydu1lO;8l
z^&I0w?55%@6|NRzFC@s(dG3aG)OoYN@%QNXU9Gwg<a`ayf~3XTgGeN!W+Z;);2P`G
zW(pk(;;e!2H|1P*mvwQd1Kz%F^4*?}*O17no)uZ+MhwDnK=*;Zzxi<YnAwAEx{L`G
zs{g!sEmFFa1pOWf0xl-r!a9dt$#zLS8}Q82lCi#KgzAEWyv-O%X$nPdJ)TJ4|MLj9
zMs`^Uyq0D1A20o#A=*3%x^yZn<oKjia32EBDw#0`yugL{{qa5*0O*J$|0L=9BRZF@
zZ83S4S3AAyB$TH2MJgp;Hxdl)94n?5mA(E6{>t<x!xC5)F1z?j49A%irToYL+4s&U
ztBF=)mp+&C@J|p^W-P#bP3lA==gd5Dsm@w07G;HOX`|qIs2z{6^ZN8j)0$+jrv1y2
ze{j}mzww`-{UGvyf(R2Mp59jQ@*X5TYM=k*1(b3dI}0uRYUxv{`7A_LO4QW=8uifu
zJ~|j-)JL^`$!!4J%!Z3Tw!t<m0oIi!jZLoIbYJW!eUEw`YX-7i&Bo*jJ@{+H3X;Sn
zfN~&h4dIt<E+*d+nx;A>OEdr`tBL)pE&K9r_El7s+DX}Xly>0P1FXcR3jnFsFH+<~
zW)Zb^NO)@o3K(h)ky|=HB56k9i#5~Dt9EKYgTq);?93EWSnZCCFOUB8qHMD;SoU2G
zyj<R1YyF7oE{4+MyvBqY`|0}Fk#543i>$^cx%{wUbk4t&<Nr{R{`T~H@OCHv!iT`0
zM)Ti8B$iB$nIXz`s>HvMFupP^52@N?4p*nLh(S?bWb#yzGZ4s4)gKc*s&&>76}}+~
zeao?owz0B2R)4jx8?U(zQwk+Z0vB)&w=0Kwfc@zTLH1Ljwc^(ImXCS_VQfELubY&(
z3&*#XLQm6y<v@1s({BJ0BH3`5Sbh^BguDT9)=;R-uti)>DY&SM%Y#2Rg;rcfX7GV5
z54(4cEG+{3soFHM30}Q)9UT7P@5^g-(CnKYa?Xa*^fkat#s)sjxogbmS#y!GHg%(g
z{QY%?KR3~kYn2E1q@Ns>hM9^rb%m&>`@&iaf%MMUGI1bWEpXAQUqI=r^O1MbCy&E3
zI>TAk&KtFUS89?;bWr~){~-rNvvlbqd|5rm{???SoJ*Z7eP-x~1$I6fn!Oli8gRHw
zo9Jm1?4)a|;nJHF`r1a%7leaE+bp{2#+X33tlpz@|Idcu2yIIo!%B2s)bSk~-mHrW
zDa``Dz1n=4S*k{;2MlHyeB@q9MimV+_5IN{d4RtEFE(aYY;J~&;rP=@-t^1}SJK)h
zt|IPHJ;O7?>c(SmCO%E1P%PIV2?U$%JZiIi3>X%xaNX~(kjOu%<c&w_p%ZG_WSCDn
zVa;Q+9@Q5xIDkc)wE3%-(>fIG0t+wW;J7rfaz%W!z2`Ui%iPmWpt<}vr6NsOFjcvu
z)w#~~q=>vy2|RP_b!*~Adxka4r>~Ukl9r|4Wy6o{dTeO5{?g?KrLGD{Ypb-K*c4<=
zAd+#b`0$)Mfe7PNl0*RB92D7OZrZAi5hz21le;%kI$;Nzfqc<v21o>r>;~23*~*?D
zYnl0e*8@pQ<$06TRx%s?5mesKG840+t>kqirOtyXWI}Fr^pGGX`i0sO=V|N91?{!}
z>a|!Fg+hkKXgcKje$#ZiOP&`V&Xe96mq%ECjZT<(FPlxMM$h9UBP!YKY|-O|W==wp
zv&?^MsURZgelD(e#c!Lh6R;u`KZ5b;rmhS22W#cZJVJwA!Z{#&Y_D{!oU}5x!`1)A
zFJikxt?TRJw>+k=+&}N7#D?ycM2um;!_Z=36C~=(|NF7{B(Y<KTpbsM;W^PIi#Ez-
zz^0H&He{D`)v(=%4dCW>DiEM5s{8ytFJTREU~6QKT>WAVPFOWWYB#7o%n|^Vb2K#A
zze<;TgNWy>Zm9f}?x@d_>FkugNQjyR^qd{W#Hl5~%|z+BbErdLaZk_#8ZnrA6PZu$
zpz4mQbWC{u765#`a3PreADh1b#XJTfOPZ;O3*0A~TQo+lZBoEl?!djhO`WGjtZ@@v
zjwx%=5f;?B;k>Ay@pF3SsVNBC?@G$zlzgD0st7}D?|N}UjseVrtN><q=HrkWUz{vk
z4_S+6<K%Gtv(bj{!vu{5<B`O&uMu>bGTosTC|x~=pG*`3w0ut2<<zs{IHqMCNn4dl
za+b6N(ErQ#3WcoUiOEw+IK1@<atgQ|=1*)d?t%H2G%modV3y-7470GSJVQr*R7l>j
zJq%Cw;UyJlf8N?&@hy=URZl=p1cvDkCw#qvgmlNaWG{Q+o&v)YNqXrY;(}qpl~AMt
z9^VEsx0!b+Yyb3$?)yW3Zp-AlhPq!^k#AQ9GP2cf&z_V6vKL`C*bO06>3!8T2c5O1
z<};lNz?9cvTzFvW&!oN6ia>224$e^fqgCg;wE(n_g9x7UNVfT#uu%v5{}UI*&L%H|
z)#fgx%Wn><)c@^>B2HlcAd5=3EtrhTl3BVkg~48Vus+>}#FvAPTd<e&?)3TmO*B2j
z0uov58yc&=<IkjF%U27=91K0C1hu+xr)L39@Q93Y2&OXJ)jRrB-pg&RGx($~chL^~
zx}65XTJlJ*tf4^a#owy>8eZ(rl5aDdR^3V39s`X*_CFRSz6|31>)=ifQ~gu3_1_SO
zA7s~$E${MhA?&eCDy9k5O20CN#x@Fl$>rokjER#UZ0^|}oSc_vf=DFzJZ3E`F)UX&
zAQ^IUs~-yv;(k%r$47lJ4vtk&z2<<7F~E5qt^ih~%4M-KLBh75y7UKVP<`JF5M<x&
ziS%4G&nuWy$X@~0=vjF}0{PYXP(Q&IVS?)=7lKfcj$B?^TKWO^KT_{~<%CVDs)giO
z{>hs%)kK8(6WiN#{zBOV9g~@3l8oQqjU||WCx&ez+VZO+=uPa@Ofn)!euejBfV&Fo
zVxiPqq+WAtzh0|YVEznvay&w<YMmK6_>i?f6u%qXdU(cQ_m*cN#aevwN0~f_uyJ*r
zHx}||+eHY*i`KAWqh8w*po(;fblph)P3R2XR+hD=8pOgpNWE=Q)m+5`@w(bbn_joe
zr8L@Z>QYAxt)q9X>CKhMa!Yvg_<7gg6J(QN>;`}m@)esqldJv^V)%Yfu=WR?^T*%^
z&{p!%0o>c`dodH|ln-_^#pjC9Oad{Ta(2CKcApc**Fn9yH)Aai)(p?rSO9yJ3=LJ?
zp0!rMaZ9iw7k%t-M~0<yo<%o6pN5;yDuyuflEVmb%(OA*Ez|-;<Gg)~Ds_LV03H5z
z0#9t+Ru>;nitbA8fg^{M#6Yv=^ji`n>QY7!e57EhTZ?La_5>C3M>-*&<?lJuT{?qp
z+Q5FWay#y=`>$b2C2Hroe|_s#^x>X?EM#qyiI(d$@F<ZPD|T(vnGo9?K@gkF6Qu;0
zkAanU34=P%^MVz<?^)WBcUbAjo>B~dYxnP>6$7=AKlz{?>3h7kL*3@3O#_%Hvrz!7
zczgu$1jM{VOt~I%Ukw-+ICKXVG!VPdoev-2{X%<t-(PK;xSP!d`qjKGrn#KUV|oEQ
zea&4x8?3TTOeMQ8|K9ltNNxvTC426h92#VKe3_0gcT@2mx0qEZ4hNwFEm2P4j;Pz=
zhoGYu$GInTkuUTKl$oV`JuqjgdHIysw_6NY^3XYLl5#zMxfJ~Sz0!1n=b&%!W1YUu
zJC1|G{UrEm3*52#jZpr|*gwYLCgS^Vjsgxvj_0lkI}K9<ugiyI{kxGfz1(QDSNLzs
zHB>A(wNIL)dL2(GmU}b{Ztbe2oN2>-bPM`fTBTih-LO&A(j~IxUcIPX?o6k0<C%Z|
zSg-&SMvz($Xa9OK<GL+o>fZ>6rYSdm6>nk1>PBkAlvqYv9H$Q5SHY*6Z1+PRDtmEj
z#g8(TIrU7AZ<<wsL7N?CAi<a}+aeYnrJp6cUURj6fY{S5qCY~7TcpLa1#;*}tFb_C
zel9zWamdiNPFKWtES2D^RGar25p7;@pnP*22;|YqrkMkX`$NO;FS`TD>8ntfVH`xp
zXGfS+wGZOjdm6U6untiY*4M4-wnLP@%59Yz^|!Q=pRT2Z>`g?HlvrSWIuFHlD&|j=
zQwB^TQC!~s$zAjPQL$rwSgWW><!QLWcynmZuT}}UmXw@ei46V@0!I{>-3bg^U}TeY
z&<m!JYgJR15-C|m2ohz)Y5H@$Hdx<=e@%}kmZ7-+FSg?%R#r6IzWtFvaEZREXdHKp
z_6%!lA|p?Zd5Gw*IDc7i;fUyZ4^!K3_F|Mhpj-h9&D$T&sTW5r=?@v6`t;ySs_x9i
zPQaVWnCH+zzStE?Y4lEROP=Ty1ROz(0%haHEMGsr4O<NNwT3vhz!C(szDnBb;Kg#9
zQu+QAZ-;3M4TJM_j8HJfYy?@;M=ME>6ukkcmn|6|?F$nBxldM5&&x-iy<7RW1`3!=
zU=^C9hoN|bs2vHUU2mO;IGp&3V}TKf{$VhCyKHLlqg7SQb`2fxn!1RdY<!)|eoR6a
zkB)`)d(9O2DyA&NBPe^KXcbPRL1({mh-&gIZEkg>MygU6)(fnmyS6*UA{|fer212r
zaom@FJ-Mt?O+1hJr@|sj^`aiCOujrB$Wlh#XFYW>A}pGt0Y9F;l!nZ<T%G)tW!z|z
zh<nu^%@OxSW0N$DDvWT5l+_k;jt1fch$5f;YtSOFRpAT`13Mohqo$R(?aVna2#weI
zo4ZzP$h3$7XGP=1G1du>X=U&qqW6*@fp5&4f6Slx%)9ljpJ%=`4h*`GH~kXw!+%en
zlz4`8-E!O+)T%}LC^>Oz9R5-JT}$@8z`OXfu}f0jYoiiiEJ0hcbL+l8=ub;7;q6_R
zkexpB?@GD0A%|RiP1Xk9j)y#xg%YhER)0Ugy$%XV4N;%9oWgDL;G=Pxe^}pj#}X6V
zG;8_`oymxW`bxK}^X#L8T)iYSZ^wY%6a1-%06)`bnRawoN9eqKseq+*Xr;0KZ6)i5
zw#{1P+x?64XWM|vNdEF}jk_(Kw=6-HS8F@0)5M-(_O(#k-WSw&2O;&RS~7cY$77z+
z;}x^Gq-^E4dZhEKP6b;sqM}8c->Nm21SSN3zg*y;hE1su-I-58(%3z~1v3ZtX`F7;
z73=udp@sF6Jo~?tQ_A&c@DF5|hOe#=rM|6sv1%yrQlLjwJ%^514{5~Lo?CM&o%_^;
zdTP!PqIF!=+B_|FZd7uoJkBM1qKsjJ8YL2@P0BN|IdGtA_vijcyl(E2X9HY;I2oF^
zAA2_e;T#5!5{A`At%1h~pK6#o)^2O~qzPi+d#uZP9<E`t@Et*&r1TDMXIwGxAR?Z*
zT~!Fh8N(b51fzW^<N-uMLZ+JHkAt`&*G<@Sp$N_Ra~}ym(12QGJyU5;Sor6$CSBiM
zwQex10RZ)Nqt40@6gP}2-2oc(IkFAU`*e?m_3tgAE9Wf?6imlTa;~^qOE4|pH$C_<
zfF+pEe0LdY{7M_j7M93UvzDDY%7=_C_by^k6xj*|F$vzZaqj>daoi-DDO{I)g6k%C
zBMDuF+Zr|O`S|n?OuiAaHR^hQT(g~Dk*(C}0eQf?0A1dfSU#kQd7rXqAE;Ks3gYkD
z9WRQnzI>;qqWv#;uzwoZquUy;pU9y;PwJok`6xzpZS*a^4o1TsCQQ>ibMfar$*!W3
z6qatt$cfV}X&81+b1p?&Fs+zq=Zck-4u-sXofel{bub+;W=L`NpiBR>sHN#xWtw9-
z4aQz3py0i1M1uPjErp`A5d9dTDaINu3AtKsR{QSaZ9^)j9402s9nx2MPQZvQ^{l5p
zmkHIm63-*lYtezy-G4{Jx8b+_#HHAvR`BqOQ-!n1vI%oZMF>(OJXR~XkZt1_x4J%l
zLZAO~H~L;L%$4P%Tr#j-=r+@}WQZ4h2E2h7jd&bq-|<<#rp<pNPE_~vbN7TuR$9W!
zu)~4l$a>h{T17*HTf-k(;Lzd|?=~z(l{fNt@+f>MI3S^(pq;<t8V{|g*w@=B8{u1P
z!c1YhJT<NQtTVDD$@^?l5;uZ13cS~cK0%G>75<#ZC6gqM$QRe&IL#0z24(~6{r<1M
z-uPaHxDc%UFkO(SQxlbDl__7$sG~+9*fHQvqr5|gPE;%-jvIvZM_|Pe$Uf{SDe{K?
zBkk;OjC{f34AS>VpZ|PohD~vb@JGyeh}2lgoOy39QiiT**7BYBO<qS9S+}oZ7TCjh
ztG|gl*2spRc>lSjZPK7S|7hSO78S>1Px;5*Fuv&_S>$bKfXv%enhf57u3yZHiN!Wl
zveJ`P(F!#zDt7VJ%K)naY)j69k;B}p!B*A5hPwZjHX80_eV-DEGV(NgWEbpvOT<5X
zm5II7`=Ann0IUckC|V5nTN7liE)ZdtR33BLcy=%!-ZO*|0KI4qKe>dTN)E3D!~GHL
zkJ(=AG9#+9By(R12cA=7{tQboU$S+WVKfc+S~I5te1VU&tNjsSrzQA{a8&W{0QWt!
z#2xx$XXau0@NcTUgtZI#?8VqukZgEN$T?eAe{1usb_q^|BhE%>oeL;1ziXI>_CkYD
z^*d;ZKayF~CxQl#g_O)8X~w^{Tz%`se-ew$(^rhsL~xI*lxqOzTO)%#pAi{)zw}j{
zrMTZwa^UQsm5ThQN%OX~H7^8}kB{6*Lk<~)?tbGQi86Jnb#-naoN<!#P^8bcPJX={
z=*L1`1Okg)7J>D_7&p(}x&2q#;$FmBiN0FnkSXm96j50-5mCU}vfj{wguR{_Eu&<-
zDR-wPfnB#1IsQE4?MQ^@T*OMA9PJQI4(J1Un<J3J^$I`yRra&7m1yDeW#iY}fyrkH
z`I+E61tis^vk{q$%;3z!S-9&wl0Xz4Z~wBNj*o*3Ps>LV-oxcYfg+2()N60@3EI|T
ze5hGqe*4fh&-6(3_p}NGlQzhjt_6C}i}0({Z(_mKw1YiZ)G>hnH(}yY=;6O}S9Pb6
z+H=1iWB+0p8To?Go2IDWqUd%Q_<OW4V`1;Kj*{Y3q<3QsirmP0-=EE_@7;4z&yo2=
zJB$y4P6Hh^;8mGNRqv!ya(zH~QsjdwF=tM0oEwah>F2c|?8zyUwq;9UI>&SK-+8mo
zf7b^4d?@UVUq{mnV`D>OPT>hp{V@44mL>+%4G_dSxD^kSJ=Eb0CS*iO%1^(Jf4t^?
zy6Nyc0$oSK4!mM=F&6zOGn<dqK6|ngorsZgE*Laep8y&4oP7A7g)7g)J!RF>P{La~
zu$0l<BWKg6Wb4L^)HA|YDXrAgG<fev?h)_^ojyZNhk;bPk_uZU6yb-X;m8-oQ4vtG
z)Zk9qTHPG64@Z*cj^emM=Z5-t*S*yon&?p6_qLF9)4{m#<~kCYbR$~Ws7wEpB<mVp
zhb?kstGh%SIp61ZoP}tNWhPA*M9M@W1Ma;jaa(uAY!`7AQak3>cwY`(5@eS%^J@Nm
z)+$m{RiJDF_dB;1!o`0W5yJE5oIkAh4%H%t5CPs6O_4swIyo%j#}ZEJIUoG=peU5E
z`}$n*c1o#0iyw;G4E(g^qdgU^{_=P@QzA#tcdKP!TY0rsz``#D9*eiL%;BZaCRhSZ
z*~Fx%aZ%&^DCQQc2ojTvDakoJSf9Du@R0}4XVo{>dXdq>l)~FPvd-NGVV27SU82>Z
z)&&GOrBb)&A}g-^GO2vSNp+SURkvtA@FGUI^$f)p1W^dH%suU~xzV*i&*=QRI(PE2
zlU5%ffqcA^gpZbkje7qMD*TgxjLlnRn^wOk#R@p>?ft-Op!5r?)3_Cgt<n3Eh)gxt
zKL7S;P1nsH<^PjE^YUNxulVRoTbc@Q-?7NE0`neiHqE4(MuzZGd%qa>Fj0jBy<^$x
zeqgpl`(cXtb*yUlchv)0C0rjKv0Af(@Bw?@zl~g-WN`W=mVPeKkk{S;SwcX)W81DS
zN0@7jXNJPG4epDO%fRsMihLq=gdN-^S-2>=!5rC=YD=w$gT=5w%2;J99LJuGNMIk7
z#owVs{OSmmQi0g019gIvv;<?c=hL=njdbA+U_SgL0Qhn%GO)1yNUnae>upxgQSTHv
z#?`31L>={vR;W+4CP|pSMbpigtj0MN5KL0E*hrOpJ{2_h$o>KDGUB_f{0{RqrPj|u
z%2yK9u|-#?_$hS>`WkDjfLvRS7U6!H`hkmfrRpb~i5A6NAVLQVYA!R+@_wNjsT5}u
zy<0Z&-vXXLMb$*e2a?U1{{GyBbal3MkGA)lH{;!@!)RpiJ(%57rfbJNKDQZ68H%`v
zycqbeG*}Mk+x^bfuqn1IDHrq{J25OB>C||MN7`Nqu;0mJ-OHPa*KYr$^`{UT+>OMj
zMw_H-*X~pP{3xjp{K12%;I|a0J)4nL-uog_Uz8S5dN!Fpg=toYHS)`y_V62hi+1=T
zP15lf6L$P0$K-?xUuVz_wK<(XM}86QXs}i<yDfydoVg0L)3__nX?_I>tI<uJ-@#ZA
zatYbTsmhYA8_w6Im9S|O=`I~wBgU4y)c^muJ^Rb?nowuRN~vn`g^avBHUHY~W+(Ns
zAG||!(>pFQi*$*p@99$XWc*@|jZAyk->ITs=%!qKFYHhMLwyM?UPD!3bXwq{m5Aqy
z9kb~Cj(XJgO!)3x`1V}5NOJ+k?VCd(<Y6dg*lR<nI%|=gsQI&f9ZG7RlMs|NXPzeC
zLo38$g`JpR?$C0aqBb`H(~)15XreIa+mHZr@}8I$#u)W4l=AKvYflG{7#thfc6@?n
zc;c<dJFOlvrnuqg$F-8j9Z1wlMMHNPq7Xq3C_X%ei)Q@`rX(A6di`zon#yxjlU_30
zOX}*Ax8nhSfu|^)+rA&Vt~vcFNr=bkuU;Wf>x8H}u<ZwEaWnrAGeU)%Z0|0<2lxJH
znX##hVF4r9;!MK@fXoXdR$Wg}+Xpuq+I#cb<ZkWC$%cl7{M+iM5S#G%hNsd>vB<Z5
z0!2GypCV1~-r-lyJ8GqO^tdn(k1XX*PU{Fdzo^S$t8r+^@_axV9Nrl#$=sinzN0SX
zK3nl9p0md{>{|(0Zjc+Y+<gvkF2+D!{+6_r__NF0az>N*5lrIPWW_Y}%g3ouXew0`
z_d<<TM@hWl4PN_zFpD|(mi1H(#|0ZIbe9sB%0`h-$sDDIS@L{4BW%uDZF9q)ij?F(
z_537svuY>${r>U@u6A$hxD*;}U=n$_ct;&~rY}nY=^98PhA(67^j<9NG=YEpH2LgH
zFAXXd?z!7nK!y}8|F;XluMcj%@lrjTT`g*g`10*0SB~fWj_Wd38=Y@=8oM1StUq&3
zE8e~PTrVvqtU6wF+LYy<?r<L4%7E3obA}xT24v~-z|Wz62S~qnENKIZJ7CENuSEJ{
zu3mh<Rp3V&>%}LX2Lf}*r3Y$Q;>!5?+v%8Dz~#$5M{Dqmf*D2VQGGODut-7Qe|DD{
zJA&EuHeYTfFkKpMO6no^NTKMBFV-_?Id(Lh#H5H5`oI|p!ow|7%dh_t*?fl8H^5u$
zuZRj6&3uf;HERqkIITNH6gAeEdK-QLa9_$PxHn54W7C!zf4s#F7s69~{`u`W^Mbf<
z1JyQCSJZeD)kc+OO`HPt@^eN?pnR#<A3KP`9R2|7CXqdmp>p^4m?Y5m230s_N)PJ5
zMehh13Bqd@`6$u_i}A|iS=2`w7KMGN2R}BI!I?=G2b5DtKcKX*PZ~}Z%w36Wy2TDe
zif?HS(HS!Y*=4Cdg-6%}$vLvqX!Ye)h@NVeulGd-K4eR1=p11u+*u&{YHlGG2>znz
z&u6|hSSLYw0qoz<s}^jNhR(m~wTP5(xa*aYcuuh6LjcA7*}2ue?K>kI3U4`81<tBV
z<2wj@bkf?q9bgs9r||Fhb0<sAW_~>*qDI@iGJVSNj#q|le8HAU5%=HD1W58!K)vzw
zT?{)hEtZd+x(L09EEL$-e*KKT>Ci*$`e+Gt0(B6lC9`~&?yimu5oG?e5l-Le>$`<K
z)+pnco7#THp663VUtdIAExzk)vq<tVsc$_$ZwgYA=c1hZT7F0!HtIT_F0?hO^TF5n
zt*rl|oBVAQEU12e$<mK(kng%#pqq0kxBD0gmw)*7KnLH!bCWA<&KxDbk4m%v`MI1k
zH9G(8j2O2cYWrqAx!zo=JGA$YFZaTiTo3(H5Y@$wW@5x1x`uWVuO+DLGb0Gb=tC^m
z_rLsBgReVJ*j}B03~-VbZiNCxSt;+DK>a1@DKdq+;0?*FOEm#Pm|1^>9X3V_c{$^<
zA(<~+bKo>^1~KrPAY%5$0uzEPQH0*$tw2JIgZG4hvYQSbWL&koIwvSJ;U`ZQk5CHE
z?8^VH=j^a*K5X<E%5=`*?U(k$uF$4L4}i$punRx0ODu?z=x%5NK8&gGK4`6!x0#f@
zdnNr!N&xB+@gi1XzuocV9jQAH#cd<)hsX9+XBa)8SWQgo`%RdzrSd+`Fir6+hz9aN
z7s@mKl;FOOK6X36Q|<V2hGF6&s^WXXDDYZGqzpZ|4XCy9;zV;ALMWHKn!^}|pDeIq
zmOE8lCcFACI`q5hh-t%S!P;S(V)!3cx<kc*$<{Nk$xRdfXL9shRPs<lBgC}<x+>mg
z)tSh`d82$etH|OeCdfLPV<59R%m0VRQhEm$hJF<)poSg8G5$G02kAxq0=HigD?QRO
zRuk{ovf`p{6jsG8Sc>Ndv1+iYYQ&LtU~0^Hu%{zyx<kj~#ppx55F}WG>wFSs;Q}I<
z@85vuCm4A$V&-CmUq+0k)LF6ob7c5YU&13X?i}|qk~4J&(AE3zR#9uz%gmF5#Vzob
z-$+?0!jnmKVvNTxP-0+1!qm#Q?y&^LVu~%Zgua|}@icPr#yF(;nP85XATJzk%2x2<
z({<m_nC!WNWbT*YRylQ1$m+T<vs!XIlE}`DdWzz2{>L$s2O(#_ALW&WsS~NeP)15t
z#BT|j-U??@$xw=0ATcC3njfvCda|e)Ojz;DWwjvMC3M+X7~VQB3hKNlr1;@7*!INb
zu)?`wqN0uZO|x_5_wu1pLf^Zc9L{7s9!zt6b|Hc)M%tV)Z}5qc93m9LB|y-Z;rA+>
zV@|8JmMN5S>TR+YV#hHI<7Fr*e{MbF<Ay|rNY5rk+FlN`6SeGV0H9_qa9bEzI1(@d
zeUcfOZAAh_j`MpG1#wKcU7<rKM+B-Z`t)DLk$a4Pl_87cvA_z7`8PoB?97GFx_nvB
z0*b5t932nLbnsPP4@bb_58#ne(Sx;fc6S1onUm+n>yCq9+dD(KC9driK$G4-U<$M5
zpAYPT_A=OK)Se--kY<>fMpnA@PQV#b`l4S$klA4Rx^CJk+Mw(NV|vlGu3!pJ75*sE
zsW$#Bu~^EPd=WhT7s6k7P}HP_`5!VFf^@-p>l|)|V*t^bh!~Nt?h{EnBLBcy6c!1B
zGITTUrBcCX5oysu^8_T}W55QjP3VMX*&z;w4V|c2h2L{$29%i)egT0@ScuSnG^)`1
zF8)7*i^BL<WifUI$Knwpa=sQcQ6g@i&uQXTL{V)`ES`F7;5v60shXBcgFph-z&i*$
zLXAv9yzFq#_E9ObHVI7V_$;^^wn_*LSroug5_d*|!J{cj1RRQPP9ozCI*t7O#A0IP
zBxX7u4Ui5hhka)|fumcFcA5j@{=_q$EI8e5>Ja$fO#jf7!$JjijFY9kha(*&p~}X|
z#&%dq;T{iwgpL0O7fXusYCa8Z`8LlU7HwV1WqiAri2tiBOO_h>wiE!5<9qZLXr#ff
zS7}}%?=~`z8^-M$f7vah4ZE9u{efWeW^g9C8MwA7+!*|ZO5~7SVW{chU)jI)exSS`
zlj_}SQbZc%xg-i_9R-Oj2d<XKU5>wTeJgzMTvs`L2_P+~;uiMIcEV|pH<9|qIMmk&
zh6DEhi9e5-(Op9QynyZ3dKNdl#hhOwL#U{tk?`G=B$9EAyU6j=_{wTazV$h%jdkZ(
ztO1gc0;k}!+;`2trw@3y<T5dKcV*|{eL}lVKr;X-Y^;!sy^ra9kVp*$U7#**f{UB0
zkkEHaBTFk=N`snF4ag8S%xZ9$R(Y#JuXFf+QX>8WChGK=J<Ny{KHge!c{K2+a*td=
zn!CFFVuY9tQJ(-m`Rrfade+?oZ827D79L>^-kc94X(ULRqg(|RaPOKrt>~Wz$*_=D
zOGI?~p_3UWG;3H+Pbyd2i*|S_zC?9TCvXxAi=mmkNlJ0>Js~%3gjWhhI;MCMz@3jB
z*#*6kXcK+g2zN;4Em|8tR1a<v2Sq{TLu?C%>I3kvFN4ERo8+gK53`rBx33g2<t+On
zV;507WDg0HTdUzK%A@iWc(g<17B!;9mQ@5Y4*HLMRofNbEuaENYi}umpBq?Wu>6kL
z#1POpC~P&%{DjOY=m_d~Hk*mx6zP${^Y~&o^K}ZpNWe9M9T<yyFu5G>;eA;SyarI`
zgD9W-A3sdt{sHZx%_IM~=NdnJ!E7PrDRS)jU6Pm1gf_5AI%?Po2fbFQe`9vUxFdp2
z)3GR;uFdr$Uhujqu<&{Flj@CU2Z0v*!g>5e=N$@<?<19|CU>%f{(u^e!g75s?<Z>8
zmM3H8<7alo?mI^jUWoxqg?D%)JpPTtLcN<c?{Rm&m&W3K34E@P2X3h42kZ9xW~}{Q
z(1$huU{S6Fa@GreXXgj6&f_HkR1)vQ=^{YsU*VJqys#7&jGgp;_hJzZ;jxuS>AQG%
zvHaFHPVR{(Eg6_lPPvC(h2-px(RhnGDx3m*W5Fne+t?Et3a>2kLEF?}lg5fVI((Un
zFl2~qVTZk?4Cxh(`OLv)soK9wC#bz>KvSZF`g+(kKllWSQb&gjSBs)&!c6tZdOij+
z)f^{+Bs|@Z&=o^W$J6bPgvh;Thlz17nVfk#?T%0Vaop7Adpu_L7i;04QV-xi(qN~u
z?IiuzeRP*XKH9P!q3Dt|FB{|m1R_vbRU`AcgTEIP^EiDO`nNQ!K%vDmQ0qq-Rnp3&
z5f||=CCt8g34p>7`q}T&2)~^>M<n6&oT4WvpN7o?W>?@2uqgvsRbWx}kzrckH3rpZ
zjCnt!S}<oLa@bwmt+}!P)AG%;^BSDDx|W+=H`zW_@6ymO713+@Q(uRz(p!ZahVSH;
zu}?60qUT|hi~17fZU_afvHpE9I*qAE-TV}0ObNVWm@sWhNo$FYEIUkY?S!7C>VfOE
zsK0<<pVyc|&jty!cc8U2Uz~UgsQ(4k=9MAdE)sv_?fx@@Ecy|6nwj?e-wTpz&=Mlw
zVZ)3!B2)e>0{!o0D`OX>W7Y_+Wys4>lQ(67M5yBtK64tXWdtY*8TAcS<SQn*Pa5hd
zVAn)-_sVuqWyjHT;N-Fmq8sbGf<H;v{g}ZQFgmg0b~EgGGP{vld%$Sh8s%KFMOcl*
zq&&;eSAJ<N5kiN;(<lWbdk@Pq$^`=IQY*^t(3(WZ$j;ZTUHfx7oIQ{R`_>(9VC^TN
z>H2{qPOJJW;XNx#J>CUe<QljD+d@Q^<5aPX8hld9%v(Kd*9)b&SHNRFad(5^3o)=y
z=^V)8O~T9an~aw~D4`9!rOz=B$qY;c?JqMn27b~(Zit{7a?!6s7gP>Dm+6k6X8B5U
zKv^ToT>A>zw&Osfn4R0o_gBTHKXT<Bb};dZct`la(Tzy-0S~eJKtiOFqy2>Q_)Z8N
zq$+&{PzXEp8t`F;i2IScshRUUv%JpWxf?>w-2}SZeEbROOWBLT(puk?#L)u67jWsq
z^G@1l1<LnM=QP-9IsNAs3RuTe7yx}&Coes4x%u3Qbk5JPVS^Q`k!6h|JSsNCB|#pb
zM#A@1Z5Nopmmgfg{zkMz_>GVXsgFjT9=wgFD&+`J5DhASDmo`#rV_t?hctqma6*)Q
zhI23^S6Pn1#e4GurUB6ta!JGQv@U1Kso^St=B`>uC)wa3=qmo5?pzm>_B8YkOlSj%
zvzKuqCIlv}{N#HT2Xm^gumcbbU|ARu3Dzo$eaY4W5$%Tjp9yVEHYU{SEXA7n_xL=1
zh1vW!B2+<T#;@}Q9K>=sv!LWo`AEO!loYf++XcTYySozeP$F8>QMU#1S~ybydUV?F
z^MB@+sTA%trhVT(+SdM1URutp3Fg+Osb-(HYVAi5FS>}hx$k-{Sn_Av0;Qjwi6e-`
z`o-LS@@wq7lXkZiv#OYrzz@;@AeUbis9o7_vkq#rrXtMYXDm!*u;Qx}tHO~Tk!$H(
z*r3$_U0#Wt9(xNSBKUuDnmLi(imf$l;B(^sGxx*G;-u&W!Q-{WGxHYc8EcY`53-Gj
zBy*kh+kqmMYL&6>&`jVZV-C#P&%XH3L^Scgmd=8qs^{y%7N|%HDBX=ncX#(C1VkF7
zQ_=$I?vn2AkXE`&kWkP|N_wRvl>g@UzV{Q%J!j6IJu_=P>y3$MMx)+mf`Zw2&zd(G
zp+3HZ_`MjgCnUJ#MCxy<^UQ2?nl`kv>jiF6M3x;JZQZ-cV~e3@4KD-jRWKH(ap*7J
zgu9*4kNsH8Qd{hIOjEq_PDQaaa_wCSY!0MS9&X$eB<@|M8!@$H_gNtOXw=>(rTwXy
zT=lG>nKhi#E1tI<jd4<M<8{Y0zKMru3YtQQx52mVpK6UILir|=y)?b{L|Vs%UxK^+
zCD`wOsm-!8Bf*$~Ijpp+jPLdi5#4t5$}y#A;`tau%A>#Daj!p_&<W?kT~oy|?sRYX
z)gaV}9;77qEACb!eDc<f9hv5t1^Bh^2CNhQxG4XA7~@~=&Xb18%sURUpYCf0fksp`
znLEzcBK+h;qjyaVuN5ft(xBaAdBD6BeRtHx_FEY&EZJRRi%hh768Y4(ma}uyLj#{o
zkx2&;ZOs0Vqcgn~Z};qbvTeps0Ky>)7n8THl$qXn@m21G@_zq3pqGe1_|4F!WPH$9
zAmY@^bkIlcUGU$2QuEY|>*(UigG-LQP;9b~SB2-fM-^i|tv!#vMyi4-8jN8*3{R)C
znR&}T?VjFd&yPImHlWk)V6DyrKt;5QEih7g-;1;^q2J|k84*lyC@9LQ(#46kD>X$&
z7Jido7QSk0fwS_Ksfw<f3?L>-8Z2(mRk5XV3hzHF9rzL78*<`?a}pVkQmC7Mm&xJw
zF0sOM)w;TDTi}8>q${=l<<z?V2dk7hU5v0NS1-rcWTq4GlOVUS7_0>`c8(X(A`WW-
zVBmobXBOdmQ)^oltN3QYGX<pj2ut6|oaMj}u+VfwdyWDO%rQEi9W=BKr2hAS)M-Zs
z;3^4jLSawWo|9`xf?GGb@-jm|g-b7UH?}9MS9NlSgw*}b{zi~X>cLsXjd9`m(+B#W
z-F`mKEmTO1BIA~p<b0@6qrj=Bq8F*O+gwk-2RPnjXExS#u``v84-?#G6~fDV3P|=O
zYPrLKXK{7bd@+d$bx|(4_>_Q&Xw0%tCeE0MH_sC^W2Cg3RtHIzpnRN17@5mJz(TBx
zD5kRNvsVCx(wAag;m$C&5E%!<4TJGu;@eQQz6jMJgZMda)I*<KbOw^ifDavUyR;6W
zdRu+-cl0F~GnlPFx=KKa(_s8$J|2|St0srKbFG15OPQ(X#vt)RKn^D9+pVQG<tIki
zpnx(gA`^cn>qzvdR~<pJg0emWO^STWav<<?yMKaO7Zvl~dnVhWj{xZWQY)`hUMgc?
zCcxfKsj;bdQ2J7aQH7Z2s}v3s@&kY<E>qZG1<^SkK=`1MUdIT-xp6g?n`MqRD<<Bs
z8h~}X^|w7p$Ul_t{}bSHWY__JE#MG6(6J~gIE$yYx(8j@MOvR=s|6a10JU4Vqj)kM
zZrJTb=|5*-L;1UnC)Yiu?aG!b>qNx|c=SzY8bQ<Eq3`;e%tql+JSw`-N;=VDSBBCq
z`uqc=2*4~eDUso*fKBq6Oi)?tV5<K4p@Zrz{OBr@=8w#~np<r-cIC`DXQ-Oh<z^{)
z{c)V%iszCRe9d4EJDqL&S$GoFBnqh!q#sO^Hl*0m`yAQLk6Vc%;!jo<-}{BIJ}v8e
zb7c#V`(z|QIpCcz=SWkA#TYKc<&SLauGUW_Ns0;Okmpch4<9>Gjfs3DVX3}X@TgLF
z`PGj$2bjJnBlm@9x_|Ex2la+aBVsTrZ3!4v(WeoUt?t#;W-FP`1Rk8z-NLTWA_YAe
zvvC*`%K)Y3#4`}p#6EL%(4QX`YiX?d-bgnQ{&Q%2b7MsM`*+HA`YN_itSqYS^DBcv
zK<4eME`p*G8PXWM4v>YqS?PuQ8xPyP<q8G_*y{r#TiCEl_t{Omaa7#fnMAhn1F?6d
zcJIBb@wnTB3jKObG;N0Hy7qs=o4$Hz7hSey3pTUKFG4dPW@3dczIA+zSdda_?h<H0
z?L;yBrE!SjP9c)Fj*suncmmwW6j>>3CsNBo=}xhVy_r=yVzOcz;$^o=3&P;Xrm(8M
zPvyV{x$XJmgxUJo-R?p~X|qvnkjy((O$B{4O=bjwzD351>p}qxd6|?->lt4j$!yGP
zH$P|`%W#5^>c9h40GB=^?B_NQbo)~Mk+fIO@Kdf+n`p(qBk-&MDAGc9<%UWJ?)D@1
zwzysG$#`?Fc=`?7c3^(IWI1BjEiwoUZePE%^X$P>4coOlUxmx>`Xaz;aKnK2K9qOX
z_rRSeVILf{K9Y7N9|<(#hN{kEKekvKtz!=+f&2XO-M6SYe5z$LQXg^;GPE^eO%}zo
zIzyI*L}R9^r)rt+sE<Q__LZ7jp@z!KE_+gAD)lejr3|3@736GMPdx~K$og&1`N~%M
zQVAQ0bMWqSR}w3hdQ&7drxTV;GZxNAasd|CCk0KEVcH@g-`Y??3{@)K&H<ISR;)?1
zM_B5BwzsF7b%Jxj879oudmo|)k5@!d5L=_jtIo)iXaD`|U)<tUHuE&k_<9uCS_C77
z(w`sCKmM$BteMfELF;V`2$Ky1L%J=rQOcFxE<z5J+Y}ENocekLDdp!h6eIxCRTakm
zB3hMgTh2+i@VBwT#R=#eraxr)y!X5%NO0tg-19$1@L4<!Ms`&wy`cJ7IuA{gk!Jlt
zLKnfU<ub=T&Dvw?PBt_orkr`ppugf<)4PgugxcQA$f+{B@}HJJ1ec2=El`ISgEAry
z(c@*P%>I7BY>Ge^qv#QH5!%e>?v;82gB*YNlR?E?1DM#9Ls7WF^&-M4pS^dy;{zl7
zT4VlXa4bs?l~BKxl=VdPW^~`x&WlLuBI~$G@wa7lD#ho{$9kWGvct-K?6s;~=?Hka
zacW{ya1JE=>G!ijkJ^7OaymD`2=%dAqU?#v?U6eXim-MThqXG5Rb{>V7+TW&kf4d2
z!RB8QV`XrpzZ{)(C`!D`{*#w&B+GH=H9Lb6xqN-_kSU-}e>Dnj$2M8;-f;@K@T1{(
zzGboMWPJRQ17BLL`U`k;)QWxV=O2F)U&7Nn;z%H-_>Ms~zsv5GOS*iF*vc$j65-Q#
zIKTCzcay$hO=)xf4UF|&@lNq?+;9*mJV7TIZjoWs9@w%zp0FmuO2PJfNBowvCV~N*
z^&DA7L8*8a7#n)2fB1Xy-E$h+<Po#}ZJN#z^y`=m=K}YN<?{cCWShkzho!9%P1s*#
zbiN9v{w{L*EC+gcKQ{FKmtVbNB078YL~9lL06n3y*4`c3DtN(bp%%=!{bxhsuy8Z1
z72g2q^vUGC%FzDhE&^p6HJ3T2q^<SXGdHd3828e<kgme{jYpn9A<6e-Bg@E}=IU1p
zIa3}$w)X2TQEIryO2o(0MyLR&oz(&<LR@*&j5Gh?e!~yMmN8Mm><`-t%~3JzZ0S&f
zEK0;9Ek8y5dEs_N?S;g@ZNGLV^RuXbgSF;xeIC^r%}_THT+WK2d~sFG-<WM7X7O}h
zYmL@Hf3w-VVptX8VU&Y!5IFtZH(Y26kM|vM+&0{SI$_3e_A6>H3xQ=dCTc`-9EeP?
zAJ$kSJ}?<@QWs4<W5o0?nt&ZDxg9-(SSXizi<R$~e^QZRXV4W7d|_cNE9Sz37lgfz
zt^Rfs{>Cuih6<k2w5O7tNlBu5uZpGFExM<Uc1VZkF|S7+R9+()b3Bvkj;0dk+#RYD
zjXQKRn(6M~kC(?^&=lEpZRBrdxnpW_GASZ5Bs?oP+Z9w|6HDo%zvB1CJ~BTpHqLb(
z_sW`_@l0(l&tNu~W`a}8Q=C6Snap00qwL9Smw?g0cLhTv81n6j26|G4&STtnNH*0I
zLPxZBzzG?^xeRFT)dqT;4&ui8H&L`&eowASlK!vbuVLO(pV^$$%DsJf7x_7kh4nJA
z4#_Z^Eaea6aSd=^o_uf4s0w>rkEvIOGnMYX_AO3WkQ&an;3A<l&uzR8)`3{Wxu20V
zUq^~c{Ct5l5Quk0=%J%%iGgt|;_DC*dPf%ZocjdUyS{4>0#=3JkvYPTtAe_EnX+RD
zOx5Jiou3ye^pkC4cG<j3HVV2<tv!{+^K-<}uqNQ+M|^;BGtP*>7uB^{gOi)BkAV4W
z_B`9Wn5N-)#v^w5ZL#W3{<ys7=HPt~t3Ki;A0}a2L7VHv+w4(~Iz1kp^80O*INlU~
z#o+MF*f0!?{;1N1c(|pzl8_SbrUd@dWy6IwgQh4injrC^&fJmI6F<kSsMHsHDZGFc
z)_(4*u?DGDlUY~YN#`LjGp0A*);bR6wVB66?-2C#vqhU03Csm@!nwv$0+~wX%SkRR
z-XlzmuwD#ktCQ{@T0sh=xz_0Pz0@nmRrNwdz}M)n5|NY;#x~j8`F<^NF>Qci^F~A|
z`h=?y;i;7Bzti8ZQ6YA@H)kxWc!*yU>5;5hzI^;piM(x4i&1DuLGc4!Na@g?p4(fM
zgrgi9?wN1;GqkO7yD+y-x7RwUzCX6|QAjgqyN9pS0ui&T+qpNzVo7oP!sqe-;#pwd
zs16(i$^5ZWqn^P_uYQ{V7uPgy2cdD5nvkoht0lXw;NdruXGil4YX5{EXi;A<w<Jcs
zVxN~?qmb%{O$zK=RZrX?^5>-G4>IS^J~gq+Wzi{PI{NT@6_0_Ny;{{`fvaI<Pm=N%
zE+7>c=lbNvE%+#XeVmxHP|B;_Qtnc{Q?o-<%E#j6{B`VM;6|yBrPaY_8Rum$Un|i|
zm9tls6L%T>Ju(g?0a(!QW$o^Kx9M%FR2DaYz!z<>d|$Ip=!6o46GMG?MBLV$l9m?C
zqP1l#!AlWwIvY<`*$_nQ{6}MElU!0w-sJ1jtIP6VDiAa{X<<S+A-t3c>g0@;XmY*g
zEYcvppue_KmP#YrC(Q<9*aiY#+Jo?bLqb@dckd{#7_-Ui$Oc;4Ij)%e{QFgdNsvF2
z4Tjy^8%W(__Vo2+c&;0Gj$K#qoCGL^R(1#_&$2jVs-+}r7M+y+xkzt~N+)vY?$F*L
zGM7VxM|-vXRVJ*in^vvxo|>!L9Iz#j8X>>(@VGAkWBm;0_$(la56Ngl4PbL<fZ}-i
zvD;B&#k|EiRFoSTccAO)``*Y?Y-*y!WqWi*LAvf))`=Pi?BBcN!P5%4aA@M|@G|%j
z(uh8AfCcQ$0HJcOAyi^Tg4ox>&G~B-1chjnG@xUh&s3MHFOYfC4-fOZb_WZozKccC
zP`nsuB=QqUY}s&GLILzw)8jIM!|x^wE^`tM93kij5lv$gxaa>?uF8O{1Y$|-pJx0$
z9Kt0P6&Dc}<7&<uRe}(|A#++0^meMmFg}mO2YiHIWM93lS^hS9mw9)HPd#pz9Yl+p
zKa-DujsOl>0Lsb>@vFjlm*R01N59Z(Po~SS+kKx}I2#?)7>^)@3Ql7+9h{VI^r&*?
zm0mw)y+%kjbD{rxe{baOZ?`O$AjKaTq2AZqX*)k8^a7#EaF$J%xUa}jRkG&MRZCdw
zuT%9jht!UwG^D~0x+GdS=!NP||K8r?Fzq0dh>M@x5g+$pmp9hwh50+nd0}X#aG$)|
z_6s^^d!Aj)Y*3kL>$`CNd0b2AB$L(SnBJTed+G2R5jg9L+LLe1U|j;h=6>e<j35WE
zu|OdO@Zgqk&$E<0!z-JoAtuK7wnheu@M_X1H)FA!lYMio!5`&d__F~leMnk@Z|Ngd
zF;-ZKq54g3G%0y}<|MxV9(Bs3kY_Z1Xj-oEgADofAH(+ct1;BKtg8e^wCh;E!j1~I
zyU?*Dz6ecdDT%!acK&GKX^4)BCu)xG$Exo}Pi`>)WgJ_)^4onn!(O}!RBq)9U_z#j
zjjR(6^Z@^O8GSfPtYr8Rh0KikB%9NlAYV<dV-J+9D@oY%t$TsG##5<BZQoU#zp7Ps
z#Ugf3PA{yjQonpM>auD6ZEq?uq1=-}Kgt<U>UiAvV8rG%6H^k;)yQ2mh}R+mEK?)>
zeLt82YHQ-Y7l*t;-p7=e^uisocGnX_J0WBN!2FHadWOep(71#Naf9asjwBX?$~@%g
zecKzKqNqClo=o?aQ<?~?-#u!SRy+-rp_kGz6J5=76;-pX+D{>wk)E-mC{-zWnQD9j
zmR@re(E($59S4$f+yrB5et}k$y=LsP;o7|H2nXIDFQy;C5PSvrI5?TMUHKf!u5Hpo
zJrhDOObA7!+$O><h}Fk!;+4_RZxM)hNi{%L$Q^K;!`HAq_H1RW2{Hy<1s7S%ICIVG
zmoBV`g%RdDPMPJrB@WG23WB^_964M-k&G6vSbkZL3-Q2nJUWqJ=9NJZBi;jg3X%J*
zA46TFDj9*v`nkNnXOP<Rp@o^Fos@@D2WV?=8J#PTw>U$uf04`2&6~WV-B|khL9L;V
z$*nnhRyeLU9{epeUR|nJIH6kc=7O~N7(t~~e(h=zM@kfiSk>-lm>+#$y9*N_Lvb;>
z@!ivUY%ba;ZXPxpgh(hpFW0YYGhT)y3C5I;E?w6#Rook~zZ|N&AF9`@cc3~JC#$0F
zpZr;_G}w?2l9TXd7n)U26eQJ@)KJ|CQP&=XixW7Fj71tF=o{5k)kw}579bsRQO*`X
zg4$m+^5jXO_5$W2*M}=FAcA!^Rp{-A7$M^rBGI!a5qhzUsj}MHo;}oh$)cu4xyjY2
zT|X-IHF@MoiO=$B(K?3t7&vc1^9y{iOew~Pu2zR6JbcrOMEBZLx=nzD2!{yExaZdV
za+pj)^R20)42h0rQo;~i$eW54A8$b*Q^7mq!32>BEzg)2$r73tq}#%13tNkrnJYq+
zYSN_TkWJ_t-bT!?lcqG6OC*j=w~{7prlO0_7<lrE%|;Rx<LB?pq|7k2JwCn{wHzuG
z9(Edq<&a<3pE-tELqyiJ;=a%U0TTJ6HGl|H`uo{iO*f?`OHs0B2Nq1UUV9Ezk_Gu~
zs(;3WPn+Mb5#rWiIp7#jJ?2(2Z4eB4`s3DMNayvMMT&u_khENg8K3A;`G(D<S;Y}+
z8Kq6pi6!R-W_L-c^zq0ck5_`gdztl8B5Ny9>p%!-Rchq^%EOrRR?__t-hmoF>d-_{
z<+OvGCrx8IopF?;eX7=s=&~N`OD^!P(a+_b)-dKBSfg}j;=kqlZ~Yvr3sAufUG(5x
z4AyfMETXSeUJ_`}G?18~Mni+*h}LVAll8ei^7DEFeQ>goVDjDz4lC9)nirmQtu+fs
z&wzQ1y4lDG+qql)`)$<6;blHxkt^V~E!yktQjsGrN}~Y*(gM@#)Y+dN?Pl895#$<@
zzKSOr+5izPUUa2rI%c{s^tad)LvghZrLSU)BF4j*_^nKqZd6E4iy(-#z4y~LC7{5-
ziGq-;#=9g3)*S=9JMsuE8~Nn{ryJ&-0TL0F&Dvj6=joleRK+t={r!>T&;j}*|9bhl
ze>9oJW)gx6gFwqKaE+s0c=4069c^lY{=L_#X*w$pf=X}mUC_|g;Yi(@{ldSHT0`EK
zfwV*aN=Vz$BFE-ti^6bE$b2*orcqKn@1K1Lod`ivw$#VErpA7&_D4oaMZE^?mHVco
zLqdL&n?%KosxaAp7MvREo~+3yEJM!1!=tF(>YUu1COH=Jm4-L8RIhNqdA-mGhGf2P
zN$CB$qQyI-<T^MhOA*`ScZ3oYBvDtzJv-%g#CDMF`Mo+4S}%G%kQ+nalEmta<YMg4
zrkCbkXZGX1lr5~zP%GH;e(DF&aEokCnFTIen|hW6I7{Jn2Q9j&$k&fssnOl@gEh1t
zKM~@V=QG4OfG>62j*w|Jl|JBG0OU>1a-^$fm`5TDH=)T=%fA>bKS?pb@*lFC&-_Fv
zguH|$1XkzG0mXFl^q`>`2A@m}v|dJls$zsizm@&bUU7J6b@V2;u2e6{=o}=MIe;kU
z?pLgGyZa29P17d5m3<(!{bA(!5v-h=sk!Ef`wGFE&EMg|bfK<NjL9ZC#H2W$6U+<d
z7k}rAA=Ub!r!t;e+K&O2p4RySe6)PSuf&YOfyiL6usByBfy!jryu4M~9a2iELz{cS
zaApFb7SiN<IL{)tx+BPiVru*-1m)0lb}WXna9pF|(nG4rL1Eq@|6rJa-~jC4%uEj+
z*win`*|{04&<;BRg<LqJ<pd5yUnFC;>fmEh)DdOf=?Akl_tq&~HDK%-QhZx7ahGCe
zA#EX_CUI^$>*qHnop<1LFHLhr;mYEn-S530h%fs&h*i!-Hm9BR3quK!9A_rWgwyrF
z&dN@vI>|p0FX-qTAL@NyReM0bP~FfMX}!@`cNEPKE<`aDC6lxq*Vy9`1>d6$_gghq
zZ4E!6|7L)7wo6*UOOh{GO_86I+^zcc#C_hszCa8;vpI%S1Ft(|C!PP!s`M_;ARLt|
zIP`<)pg3GP+K^UGl6+2jnl+unodVKZP-x-cFM{vT{%%}OU?bRQks%Hr%zT|#$e25?
zQRD75ThMZcAzN+=0*R!pN>4<|CSDgiuXziLJHa9z+_|iVL1kQ|Xpl>hG3+di+ki)S
zedaA@7k3m6PM^IfG=iE-HDD~ae2ScnB?&Zj-#Xd9mKX{T`|8esse|s2VHD;^n|zwq
zIT9!h5C{wLnIg3BFChZ9Q}nX4@&}(->~=K6-!p+rnFnqIb0N0t8Jr{;B~FNR9U(8)
zLf-FcM*yW>M&FR+txY%Ae<p$u)*2JmES6xT<nkLxYI3@8do8T9<Jr2U>u&dAUSq#n
zt}M%Y1Sjyr^J<z_<{S5a!4<$2d(4~fs@(jc?ENQIcv}boGEpD`1q?a1pHhz9dX$|T
z<8PMpU%j?Q<K7W4T;wa>V%d*{l1ww?xCFTR)U)IwXEu__msOpv(8y+9ECzh-4&_z1
z^Ep^c%PCoI3#9%~S+7ZvKJ6<zx9ZW3Y?VHp2w%m-RCh&3|L2lV;mstT6cdzGdn>ZJ
zPq}uC-4oa#+Uz8sxLaLW<XeJyw9!y(u*(C6cPQ_;Mg+uGkNptd@%_si)}+45Z#{MV
zZ5%7|aVM)|ROQw%sg^o<q9E;(VKfsH(>fkBDH?vn)v6f<AAR+Pi+Bdk8H8-lF}O(s
zVRe1TEht$de38os_U)_VZu=Ivh+Tu7-(Jo7-O-UcS9})flkAq_SBE-2)}TaqrvAV|
zJYjz)z1uNXG9HKgc>y{TbJ6svL=^2deLAtQ%-i_~aVNu}G|QxkfI^=NM^9@_>|POy
zA8f(QLqyxj3CWSV8s3L<Q-O?@hk-x}6~5f80GGvMYu~#{RhIm6e3%KaR?h^LXzN?u
zhA!*>&T=#!31thuFOcO?+iLAkhp1cpQc7_)0T1n+*L)6_KYFqtSWIjzJ*{q=*on8z
z+#Iev%b$~~#~ghNvBhpP{M-K%2|*`1WRtd51uG=$<+e;WTlB0f<1)0Z`g1giH0U%q
zy1>T?0;pSGOFACe0FyL<e|T*u)w9?pGL6F9&bx`OVed$Kesa3xJc{lgW~!I+{XcL+
z;<_6iS6MD5OX~4LL9*uEe=8%hcc*mnM&$Ec>$ZZzDykxSvBKY(0CMg;+}cKl<5}_-
zjMjMk?WG-h75G9WPfvfBXogfpR61?p_^!+8#CAmGy*35_Rs%qi^oHw~)3tIG4Xq+B
z#?B_~Ow@4PfUd>kS|Z}eoglfM-pK18n9#uo2c~-VDWQVIZh*6MSBUXE$5cWSJZZz}
zRiC=g`luC^`|DBXVOsW~0U*=~6pZ#WY;=gN#cWgG3`t>x$>Lmnkx3LwtTb5h3og6P
zow<1~#clbl!mXOn+l<&LJCZ!wCwGF7OG@3NlEc}$SIv34)+Bl)rH1{}VIkbV!2SXD
zrPqR*JrQDImn&(i^|W<clY{bGJ@$@Ne#-tDk6CB}=H5#s33fbj2`Rs5vg51uP}W!)
zXABdmObQk)eHk;61e%+F-OXB6sXs9Z8;m*gcXlcFH{+XTPLfxfiYz`K)RNMM2~9y%
z!WrQ%lNZw~?Hp#<IG|nCM16*oVWRvgfd$dYuVMyYgeUnbi8XEd(FsK%{TDwCukMtx
zXwTqU@5E%)<4Vf#<RjP!hy!-|z@T@$KOFSG0$%ZW{rm@s+Kc4B@LYQalPd!*%w&*t
zVG}IRAUdh`=%3(#m_j%H_%<bDWB<l+B2PraNtrvhV8ithtD9j%T{0Whwdy7D>NfJe
zeTIOM_hm@aDfEnf*zwUQj2;cGm*(oGjbIqd{=j}lVSLIeo#ANb2G>FUlM20JcYO3|
z;V<#T5$ksoO-&GsOGPZt$&^R7U%&tCvaS>G<tR*CEg1qBoedS1AW{JU5s=pNdQC1#
zs+Km^{qpFBi*0_4vK&V2_e+;iIVA194y-}x7gXAQj=D4fnRFg>>qm(^Lpk?iU#_sU
zPx^=tEmLAKWN7h6ed>B8gOZ>&z0AUMW49+DAW;6VT4;>m9HMLQR~P1bi_}@fB+tAQ
ztzG+5=L2$A-?79!A*1T0Xfn+^lIAOtHpBGF)J2hAit|r-)kgYACY0`1FsZ2$pU2#i
ztd04x$WPm>z(Yqa*cdGMVZ+W7&;7?(^$oh(<=xVFkdDbV{i<u>4!b>^-XBZOE%fo9
zj0PKgMN?N_5n3<i=%wG?8x6B_;-wBhHFf!-hfC$PFm6*>?)5f2Me>vTXbiU-pn$6m
zxD03&NpD&JVpxG@#iB>~o}dg-Tu6wrRXU$C4J$EWgA5vd?r0w+yO}pc6RlXHhP+(b
z#O`0Gj-^sax{B%vICv$jv+B}7b7;CNYm9$igK0~Rl_X&%0#P5q@5vfFz_L4X@2=RL
z0nf5>YjK08`Ptd}npfSVznPi|;?~E{8|pzHZDu!BFd8H)Cz_5+SqxT*=>tZF2BJt~
z+2Hsc?Q03rh}pB%sBz!#=bm|>I0gOJ9-ARhEjAjV{tF9BgRn3f)+edGEXp*G+e4Pp
z0!Pp@qG`Byh3`@S8~9Gi{jXoi7&lf1foE!T(U)b<2N?46x8AgE3t+8xOdb-cOt`&N
z)(7!cS#+K~>&KRf*g6f7V72H^^eO0jvnrLVO25o#{>m*L22Bi?HyF^W-DVZgS9xmI
z^@=A|%mW)y!OOxEG<o->a`gSQk`luw`uu6yg6|D^<BTRKnfF5D4%-yA+aQIDyL2rs
z`{zVJT9+^H#}nIsLWXDCp}EUy4?0Je)e}KXZ^Kr%5UtRML;cF1@}FPZW|Q`8lVxb|
zo~Ry)SCi1Du__pWW$xm&Qq25jX~)-;eHVXlZaG8i6`0#n)93hGi>-Z#vw$M^$w8Dk
zYW+^xqip!4u*3dOQWACARXl|Dna8I)UrrwVkvzj;fO!k`=?EFobi+xBfv=9kOG>%_
zj|a4&roea}e#hp>>YKe|kvO{jl<K8jAeyQn{CC1D{R9)!17<5t*~^|d4TU<{`}+dH
rU*Oed|Ka-Y-TMFcLz1Vwzqq_klcJv?nMxjU4StHUYBH5lCjS2e!U-h^

literal 0
HcmV?d00001

diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md
new file mode 100644
index 0000000000..d4f38b30a4
--- /dev/null
+++ b/windows/deployment/update/waas-servicing-differences.md
@@ -0,0 +1,106 @@
+---
+title: Servicing differences between Windows 10 and older operating systems
+description: Learn the differences between servicing Windows 10 and servicing older operating systems.
+keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: KarenSimWindows
+ms.localizationpriority: medium
+ms.author: karensim
+ms.date: 11/09/2018
+---
+# Understanding the differences between servicing Windows 10-era and legacy Windows operating systems 
+
+>Applies to: Windows 10 
+
+Today, many enterprise customers have a mix of modern and legacy client and server operating systems. Managing the servicing and updating differences between those legacy operating systems and Windows 10 versions adds a level of complexity that is not well understood. This can be confusing. With the end of support for legacy [Windows 7 SP1](https://support.microsoft.com/help/4057281/windows-7-support-will-end-on-january-14-2020) and Windows Server 2008 R2 variants on January 14, 2020, System Administrators have a critical need critical to understand how best to leverage a modern workplace to support system updates.
+ 
+The following provides an initial overview of how updating client and server differs between the Windows 10-era operating systems (such as Windows 10 version 1709, Windows Server 2016) and legacy operating systems (such as Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2).    
+
+>[!NOTE]
+> A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc.
+
+## Infinite fragmentation
+Prior to Windows 10, all updates to operating system (OS) components were published individually. On "Update Tuesday," customers would pick and choose individual updates they wanted to apply. Most chose to update security fixes, while far fewer selected non-security fixes, updated drivers, or installed .NET Framework updates.  
+
+As a result, each environment with the global Windows ecosystem that had only a subset of security and non-security fixes installed had a different set of binaries and behaviors than those that consistently installed every available update as tested by Microsoft. 
+
+This resulted in a fragmented ecosystem  that created diverse challenges in predictively testing interoperability, resulting in high update failure rates - which were subsequently mitigated by customers removing individual updates that were causing issues.  Each customer that selectively removed individual updates amplified this fragmentation by creating more diverse environment permutations across the ecosystem. As an IT Administrator once quipped, "If you’ve seen one Windows 7 PC, you have seen one Windows 7 PC," suggesting no consistency or predictability across more than 250M commercial devices at the time.
+
+## Windows 10 – Next generation
+Windows 10 provided an opportunity to end the era of infinite fragmentation. With Windows 10 and the Windows as a service model, updates came rolled together in the "latest cumulative update" (LCU) packages for both client and server. Every new update published includes all changes from previous updates, as well as new fixes. Since Windows client and server share the same code base, these LCUs This helps simplify servicing. Devices with the original Release to Market (RTM) version of a feature release installed could get up to date by installing the most recent LCU. 
+
+Windows publishes the new LCU packages for each Windows 10 version (1607, 1709, etc.) on the second Tuesday of each month. This package is classified as a required security update and contains contents from the previous LCU as well as new security, non-security and Internet Explorer 11 (IE11) fixes. The security classification, by definition, requires a reboot of the device to complete installation of the update.
+
+![Servicing cadence](images/servicing-cadence.png)
+
+Another benefit of the LCU model is fewer steps. Devices that have the original Release to Market (RTM) version of a release can install the most recent LCU to get up to date in one step, rather than having to install multiple updates with reboots after each.
+
+This cumulative update model for Windows 10 has helped provide the Windows ecosystem with consistent update experiences that can be predicted by baseline testing before release. Even with highly complex updates with hundreds of fixes, the number of incidents with monthly security updates for Windows 10 have fallen month over month since the initial release of Windows 10.
+
+### Points to consider
+
+- Windows 10 does not have the concept of a Security-Only or Monthly Rollup for updates. All updates are an LCU package, which includes the last release plus anything new.
+- Windows 10 no longer has the concept of a "hotfix" since all individual updates must be rolled into the cumulative packages. (Note: Any private fix is offered for customer validation only, and then rolled into an LCU.)
+- [Updates for the .NET Framework](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/) are NOT included in the Windows 10 LCU. They are separate packages with different behaviors depending on the version of .NET Framework being updated, and on which OS. As of October 2018, .NET Framework updates for Windows 10 will be separate and have their own cumulative update model.
+- For Windows 10, available update types vary by publishing channel: 
+   - For customers using Windows Server Update Services (WSUS) and for the Update Catalog, several different updates types for Windows 10 are rolled together for the core OS in a single LCU package, with exception of Servicing Stack Updates.
+   - Servicing Stack Updates (SSU) are available for download from the Update Catalog and can be imported through WSUS, but will not be automatically synced. (See this [example](https://support.microsoft.com/help/4132650/servicing-stack-update-for-windows-10-version-1709-may-21-2018) for Windows 10, version 1709). For more information on Servicing Stack Updates, please see this [blog](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-7-servicing-stack-updates-managing-change-and/ba-p/260434).
+   - For customers connecting to Windows Update, the new cloud update architecture uses a database of updates which break out all the different update types, including Servicing Stack Updates (SSU) and Dynamic Updates (DU). The update scanning in the Windows 10 servicing stack on the client automatically takes only the updates that are needed by the device to be completely up to date.
+- Windows 7 and other legacy operating systems have cumulative updates that operate differently than in Windows 10 (see next section).
+
+## Windows 7 and legacy OS versions
+While Windows 10 updates could have been controlled as cumulative from "Day 1," the legacy OS ecosystem for both client and server was highly fragmented. Recognizing the challenges of update quality in aa fragmented environment, we moved Windows 7 to a cumulative update model in October 2016.  
+
+Customers saw the LCU model used for Windows 10 as having packages that were too large and represented too much of a change for legacy operating systems, so a different model was implemented. Windows instead offered two cumulative package types for all legacy operating systems: Monthly Rollups and Security-only updates.
+
+The Monthly Rollup includes new non-security, security updates, Internet Explorer (IE) updates, and all updates from the previous month, similar to the Windows 10 model. The Security-only package includes new security updates and all security updates from the previous month. Additionally, a cumulative package is offered for IE, which can be tested and installed separately, reducing the total update package size. The IE cumulative update includes both security and non-security fixes following the same model as Windows 10.
+
+Moving to the cumulative model for legacy OS versions continues to improve predictability of update quality. The Windows legacy environments have fully updated machines, which means that the baseline against which all legacy OS version updates are tested include all of the updates (security and non-security) prior to and after October 2016. Many customer environments do not have all updates prior to this change installed, which leaves some continued fragmentation in the ecosystem. This remaining fragmentation results in issues like those seen when the September 2016 Servicing Stack Update (SSU) was needed for smooth installation of the August 2018 security update. These environments did not have the SSU applied previously.
+
+### Points to consider
+- Windows 7 and Windows 8 legacy operating system updates [moved from individual to cumulative in October 2016](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/More-on-Windows-7-and-Windows-8-1-servicing-changes/ba-p/166783). Devices with updates missing prior to that point are still missing those updates, as they were not included in the subsequent cumulative packages. 
+- "Hotfixes" are no longer published for legacy OS versions. All updates are rolled into the appropriate package depending on their classification as either non-security, security, or Internet Explorer updates. (Note: any private fix is offered for customer validation only. Once validated they are then rolled into a Monthly Rollup or IE cumulative update, as appropriate.)
+- Both Monthly Rollups and Security-only updates released on Update Tuesday for legacy OS versions are identified as "security, critical" updates, because both have the full set of security updates in them. The Monthly Rollup has additional non-security updates that are not included in the Security Only update. The "security" classification requires the device be rebooted so the update can be fully installed.
+- Despite the cumulative nature of both Monthly Rollups and Security-only updates, switching between these update types is not advised. Small differences in the baselines of these packages may result in installation errors and conflicts. Choosing one and staying on that update type – Monthly Rollup or Security-only – is recommended.
+- In [February 2017](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplified-servicing-for-Windows-7-and-Windows-8-1-the-latest/ba-p/166798), Windows pulled IE updates out of the legacy OS versions Security-only updates, while leaving them in the Monthly Rollup updates. This was done specifically to reduce package size based on customer feedback.
+- The IE cumulative update includes both security and non-security updates and is also needed for to help secure the entire environment. This update can be installed separately or as part of the Monthly Rollup.
+- [Updates for the .NET Framework](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/) are NOT included in legacy Monthly Rollup or Security Only packages. They are separate packages with different behaviors depending on the version of the .NET Framework, and which legacy OS, being updated.
+- For [Windows Server 2008 SP2](https://cloudblogs.microsoft.com/windowsserver/2018/06/12/windows-server-2008-sp2-servicing-changes/), cumulative updates began in October 2018, and follow the same model as Windows 7. Updates for IE9 are included in those packages, as the last supported version of Internet Explorer for that Legacy OS version. 
+
+## Public preview releases
+Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates.
+
+### Examples
+Windows 10 version 1709:
+
+- (9B) September 11, 2018 Update Tuesday / B release - includes security, non-security and IE update. This update is categorized as "Required, Security" it requires a system reboot.
+- (9C) September 26, 2018 Preview C release - includes everything from 9B PLUS some non-security updates for testing/validation. This update is qualified as not required, non-security. No system reboot is required.
+- (10B) October 9, 2018 Update Tuesday / B release includes all fixes included in 9B, all fixes in 9C and introduces new security fixes and IE updates. This update is qualified as "Required, Security" and requires a system reboot.
+
+All of these updates are cumulative and build on each other for Windows 10. This is in contrast to legacy OS versions, where the 9C release becomes part of the "Monthly Rollup," but not the "Security Only" update. In other words, a Window 7 SP1 9C update is part of the cumulative "Monthly Rollup" but not included in the "Security Only" update because the fixes are qualified as "non-security". This is an important variation to note on the two models. 
+
+![Servicing preview releases](images/servicing-previews.png)
+
+### Previews vs. on-demand releases
+In 2018, we experienced incidents that required urgent remediation that didn’t map to the monthly update release cadence. These incidents were situations that required an immediate fix to an Update Tuesday release. While Windows engineering worked aggressively to respond within a week of the B-release, these "on-demand" releases created confusion with the C Preview releases.
+
+#### Points to consider:
+- When Windows identifies an issue with a Update Tuesday release, engineering teams work to remediate or fix the issue as quickly as possible. The outcome is often a new update which may be released at any time, including during the 3rd or 4th week of the month. Such updates are independent of the regularly scheduled "C" and "D" update previews. These updates are created on-demand to remediate a customer impacting issue. In most cases they are qualified as a "non-security" update, and do not require a system reboot.
+- Rarely do incidents with Update Tuesday releases impact more than .1% of the total population. With the new Windows Update (WU) architecture, updates can be targeted to affected devices. This targeting is not available through the Update Catalog or WSUS channels, however. 
+- On-demand releases address a specific issue with an Update Tuesday release and are often qualified as "non-security" for one of two reasons. First, the fix may not be an additional security fix, but a non-security change to the update. Second, the "non-security" designation allows individuals or companies to choose when and how to reboot the devices, rather than forcing a system reboot on all Windows devices receiving the update globally. This trade-off is rarely a difficult choice as it has the potential to impact customer experience across client and server, across consumer and commercial customers for more than one billion devices.
+- Because the cumulative model is used across Window 10 and legacy Windows OS versions, despite variations between these OS versions, an out of band release will include all of the changes from the Update Tuesday release plus the fix that addresses the issue. And since Windows no longer releases hotfixes, everything is cumulative in some way.
+
+In closing, I hope this overview of the update model across current and legacy Windows OS versions highlights the benefits of the Windows 10 cumulative update model to help defragment the Windows ecosystem environments, simplify servicing and help make systems more secure. 
+
+
+## Resources
+- [Simplifying updates for Windows 7 and 8.1](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplifying-updates-for-Windows-7-and-8-1/ba-p/166530) 
+- [Further simplifying servicing models for Windows 7 and Windows 8.1](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Further-simplifying-servicing-models-for-Windows-7-and-Windows-8/ba-p/166772) 
+- [More on Windows 7 and Windows 8.1 servicing changes](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/More-on-Windows-7-and-Windows-8-1-servicing-changes/ba-p/166783)  
+- [.NET Framework Monthly Rollups Explained](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/)   
+- [Simplified servicing for Windows 7 and Windows 8.1: the latest improvements](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplified-servicing-for-Windows-7-and-Windows-8-1-the-latest/ba-p/166798)  
+- [Windows Server 2008 SP2 servicing changes](https://cloudblogs.microsoft.com/windowsserver/2018/06/12/windows-server-2008-sp2-servicing-changes/) 
+- [Windows 10 update servicing cadence](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376) 
+- [Windows 7 servicing stack updates: managing change and appreciating cumulative updates](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-7-servicing-stack-updates-managing-change-and/ba-p/260434)
\ No newline at end of file

From a4da9500d3579f1c072114d3c75bb980dcfb0166 Mon Sep 17 00:00:00 2001
From: Liza Poggemeyer <elizapo@microsoft.com>
Date: Sat, 10 Nov 2018 00:22:25 +0000
Subject: [PATCH 7/7] Updated waas-servicing-differences.md - removed statement

---
 windows/deployment/update/waas-servicing-differences.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md
index d4f38b30a4..91ff222523 100644
--- a/windows/deployment/update/waas-servicing-differences.md
+++ b/windows/deployment/update/waas-servicing-differences.md
@@ -88,7 +88,7 @@ In 2018, we experienced incidents that required urgent remediation that didn’t
 
 #### Points to consider:
 - When Windows identifies an issue with a Update Tuesday release, engineering teams work to remediate or fix the issue as quickly as possible. The outcome is often a new update which may be released at any time, including during the 3rd or 4th week of the month. Such updates are independent of the regularly scheduled "C" and "D" update previews. These updates are created on-demand to remediate a customer impacting issue. In most cases they are qualified as a "non-security" update, and do not require a system reboot.
-- Rarely do incidents with Update Tuesday releases impact more than .1% of the total population. With the new Windows Update (WU) architecture, updates can be targeted to affected devices. This targeting is not available through the Update Catalog or WSUS channels, however. 
+- With the new Windows Update (WU) architecture, updates can be targeted to affected devices. This targeting is not available through the Update Catalog or WSUS channels, however. 
 - On-demand releases address a specific issue with an Update Tuesday release and are often qualified as "non-security" for one of two reasons. First, the fix may not be an additional security fix, but a non-security change to the update. Second, the "non-security" designation allows individuals or companies to choose when and how to reboot the devices, rather than forcing a system reboot on all Windows devices receiving the update globally. This trade-off is rarely a difficult choice as it has the potential to impact customer experience across client and server, across consumer and commercial customers for more than one billion devices.
 - Because the cumulative model is used across Window 10 and legacy Windows OS versions, despite variations between these OS versions, an out of band release will include all of the changes from the Update Tuesday release plus the fix that addresses the issue. And since Windows no longer releases hotfixes, everything is cumulative in some way.