From a8a0190f46304c1993f5cf6974b811957677e590 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Mon, 4 Jul 2022 17:59:39 -0700
Subject: [PATCH 01/33] Text recode/revision

---
 .../hello-for-business/WebAuthnAPIs.md        | 25 ++++++-------------
 1 file changed, 8 insertions(+), 17 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index 9b8365686e..e8d712cf57 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -17,30 +17,21 @@ ms.reviewer:
 ---
 # WebAuthn APIs for password-less authentication on Windows
 
-### Passwords leave your customers vulnerable. With the new WebAuthn APIs, your sites and apps can use password-less authentication.
+Passwords leave your customers vulnerable. When you use the new WebAuthn APIs in your sites and apps, your customers can use password-less authentication.
 
-Microsoft has long been a proponent to do away with passwords.
-While working towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs!
-These APIs allow Microsoft developer partners and the developer community to use Windows Hello and FIDO2 security keys
-as a password-less authentication mechanism for their applications on Windows devices.
+Microsoft has long been a proponent of password-less authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs. 
 
-#### What does this mean?
+## What does this mean?
+
+Using these APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement password-less multi-factor authentication for their applications on Windows devices.
+
+Users of these apps or sites can use any browser that supports WebAuthn Windows 10 APIs for password-less authentication. The native Windows 10 WebAuthn APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. No matter which browser they use, they'll have a familiar and consistent experience on Windows 10, no matter which browser they use.
 
-This opens opportunities for developers or relying parties (RPs') to enable password-less authentication.
-They can now use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md)
-as a password-less multi-factor credential for authentication.  
-<br>
-Users of these sites can use any browser that supports WebAuthn Windows 10 APIs for password-less authentication
- and will have a familiar and consistent experience on Windows 10, no matter which browser they use to get to the RPs' site!
-<br> <br>
-The native Windows 10 WebAuthn APIs are currently supported by Microsoft Edge on Windows 10 1809 or later
- and latest versions of other browsers.
-<br> <br>
 Developers of FIDO2 authentication keys should use the new Windows 10 APIs, to enable these scenarios in a consistent way for users.
  Moreover, this enables the use of all the transports available per FIDO2 specifications - USB, NFC, and BLE
  without having to deal with the interaction and management overhead. 
 This also implies browsers or apps on Windows 10 will no longer have direct access to above transports for FIDO-related messaging.
 
-#### Where can developers learn more?
+## Where can developers learn more?
 
 The new Windows 10 APIs are documented on [GitHub](https://github.com/Microsoft/webauthn)

From a04dfd22a7548d515b350821eeb0e02145d86ead Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Mon, 4 Jul 2022 18:08:35 -0700
Subject: [PATCH 02/33] Revised

---
 .../hello-for-business/WebAuthnAPIs.md                    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index e8d712cf57..50484d275a 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -27,10 +27,10 @@ Using these APIs, developer partners and the developer community can use [Window
 
 Users of these apps or sites can use any browser that supports WebAuthn Windows 10 APIs for password-less authentication. The native Windows 10 WebAuthn APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. No matter which browser they use, they'll have a familiar and consistent experience on Windows 10, no matter which browser they use.
 
-Developers of FIDO2 authentication keys should use the new Windows 10 APIs, to enable these scenarios in a consistent way for users.
- Moreover, this enables the use of all the transports available per FIDO2 specifications - USB, NFC, and BLE
- without having to deal with the interaction and management overhead. 
-This also implies browsers or apps on Windows 10 will no longer have direct access to above transports for FIDO-related messaging.
+Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
+
+> [!NOTE]  
+> When these APIs are in use, Windows 10 browsers or apps don't have direct access to the FIDO2 transports for FIDO-related messaging.
 
 ## Where can developers learn more?
 

From db5faf75be5e6ec1a8f1033a3aa8f55da8ee1e7f Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Tue, 5 Jul 2022 13:36:11 -0700
Subject: [PATCH 03/33] Edits for MSTP

---
 .../hello-for-business/WebAuthnAPIs.md               | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index 50484d275a..6c6056a031 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -1,6 +1,6 @@
 ---
 title: WebAuthn APIs 
-description: Learn how to use WebAuthn APIs to enable password-less authentication for your sites and apps.
+description: Learn how to use WebAuthn APIs to enable passwordless authentication for your sites and apps.
 ms.prod: m365-security
 ms.mktglfcycl: deploy
 ms.sitesec: library
@@ -15,17 +15,17 @@ localizationpriority: medium
 ms.date: 02/15/2019
 ms.reviewer: 
 ---
-# WebAuthn APIs for password-less authentication on Windows
+# WebAuthn APIs for passwordless authentication on Windows
 
-Passwords leave your customers vulnerable. When you use the new WebAuthn APIs in your sites and apps, your customers can use password-less authentication.
+Passwords leave your customers vulnerable. When you use the new WebAuthn APIs in your sites and apps, your customers can use passwordless authentication.
 
-Microsoft has long been a proponent of password-less authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs. 
+Microsoft has long been a proponent of passwordless authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs. 
 
 ## What does this mean?
 
-Using these APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement password-less multi-factor authentication for their applications on Windows devices.
+Using these APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement passwordless multi-factor authentication for their applications on Windows devices.
 
-Users of these apps or sites can use any browser that supports WebAuthn Windows 10 APIs for password-less authentication. The native Windows 10 WebAuthn APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. No matter which browser they use, they'll have a familiar and consistent experience on Windows 10, no matter which browser they use.
+Users of these apps or sites can use any browser that supports WebAuthn Windows 10 APIs for passwordless authentication. The native Windows 10 WebAuthn APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. No matter which browser they use, they'll have a familiar and consistent experience on Windows 10, no matter which browser they use.
 
 Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
 

From 83020687fbbf4110f47c1da41c1a66ac4b28a3f2 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Wed, 6 Jul 2022 12:17:04 -0700
Subject: [PATCH 04/33] Added images for new section

---
 ...webauthnapis-fido2-overview-msft-version.png | Bin 0 -> 49169 bytes
 .../webauthnapis-fido2-overview.png             | Bin 0 -> 47622 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview-msft-version.png
 create mode 100644 windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview.png

diff --git a/windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview-msft-version.png b/windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview-msft-version.png
new file mode 100644
index 0000000000000000000000000000000000000000..49639cefcf242161dec1ba4e4c1cab696f1f8ec4
GIT binary patch
literal 49169
zcmXtA2RM~~*tW8=vMDQB*_oL|BC~`LviIJbN_Ipd$KGY{J)_9TI7SE|d+*Knod5TI
zb-B7a-t(UK{k^~EdG6=F@8^U)Rh1{ir^QD@LnC~m@JJmE4IK$TLb%xQO5;5KJ@^OD
zQ9;KA4UOss>Ic1>bx#@%jS=n1qlX%v$?GXzzT|SJS2H7$@|!ntgOVJ1oEhquGykH8
zhX*3?9(|yYJNKHaGk8VeF(&u@!uxL(?wcnh6j=AE<Zhr7V=;9xF(%9^;@)R<aUa`?
zenR|_<Y^1Ng8J52#0&HKf`S5@N~sGC$pZ=DgdUchxX-y^airf@<dBsQG&JI-wvJjp
zCM0+qEDvVU37Ge8r)|1(kmJ9b`}aFL4wor3B0_fT06CTFt;R_5lvfD<os3hkk$}p_
z+FH?IVg}X8YP+2iUrU60{iNpB2X*6`Nu4HdAx^Err*HC~vXfho2y?L17bA03ZcbF&
z`P5H7-x{y5h$dBkCzB!CUiz@>?(UgvkMrvX4|H<#&^cIyliojIbgWOxg!hK0g%Li$
zy+Qd@1vxyiV$~|B!npsE9d&8FGKuMMAsJ84W#T^Hg;!*Du0JzIeIEXI-bZ0y;WzB$
zEhH?t|96n>RYF9e-v=4o>^KEHRztgJaty5Wuz9n>-Tw|47V?k(JW4*8&T%8KI80YX
zuRTtIV-U+y`ng6CUkFo~l)t`;Q}r+T)Pj?XBl4ZD>creIE5vM(d|s9$>IBCdC(rl^
ztz_NMOR?It+$`0?(o*Cx$?M)K;QbsFD^g#tRB_R2$n|c@qa0P3{kkz7lNPXkw)Ny+
zlaNXQB^q-%aoiWU3%RLTHtpOSl((6#ll=`DLMtiZG?^X6KTM#BJ5#=k$y63vjyIP=
zyW&KPsoUvjlJ-bU5Erk2gJrl>%!cffLXT^EFrlXeeZAY-V`XLKV=)yZI|qjmEWM!B
zP*88LvZA6QJ3D*2%~<iBJ9m;9=VIbFqUoZ^_a}boY!nhQVXcjoSRAg8XXoVb`=5Kx
z&CSX9JvA$OER}~^&R=?}9Jw(v#@z$1oBYvj(o*-k_iUn!6f9G0O^(xyR|Y$t%zKI>
z0&mx}<;qIMZx#L<;Z^c7+TefeuJo6IDldlKp}n$W`_4DYu$e83U&;4vC#&D@%y+sB
z%2B;Tez!vW$drrlJeu;T`}^j4?ZN0vj=Oi~-V#ftd+ja4<r-3B3s3HJ3aSX$a*tLz
z7m3-#S9O%+2I@YGxV<KzLZ(0F)G*ZuZ*$$4_>?N?V_Y$Q{O_Zh<wPZi-9+X6g@~a4
zZh}koZf*>%1>Q=+S(Bc~6531R)7sTS&&~COUaul!RoxTmz#@5Hi6b36WDAi_nS(y^
zbHv1t;A;n+qc;fKTUT6%GUcu}pRRJA9<0eLD=(+Md-rbrciCI5BHedAHCD*rPKJP6
z4O8?{9yZk26ciM9SXnczXxj|=^h!GC+h!fp*TiIS8x45<ThfApumn}w`63-XzYh(m
zue*!$^Yf298sBhd&MA!lvDx|>6PIaux=B1m%q=rJI|!Cxu;i7rZnbTg5w++oB9<?(
z^Pb^|zB8kx{YUsb)8-A!<P<?a_nluE{2s2@vf|${HNuP)9GUUFc4b1aRSoD7zX+R1
z>zt;Ucv7p=632wiHEM#k<F>w%$dKS-Esqx6d|7R4v^H9_zdVQ;$lHAUW_VZwA!sG@
z<Ov=L>F=YNfHb4_;K5oa6Jdwx-k}^NeuB5Ze`}XlR6zW5=~jlq4UHDP?9_arFSj+_
zq*Lq2bnV(TOT=SaTdo%dUMw^;G#Xl3<(7lDiRdLl`^>W}`cwBer;^Ic?@{s^^iDVV
zzzO&FT^~nMzs|L4yf~bU`}8R$Ev-K%!Jxa^Zjzmwd!dK7<=^&fyPn&Krl9>F?f(LO
z7~Oix!kTb9{)2!0Wc!F0j%B>1#eqs6^#n(1AQS)XMz0O;gMfNglAsP@Lj`Z4_vQ=l
z`)G!x;*)ELcQ50^2LyT9UUg=#CU?$fs3Zwj+KfeM7HFaWJ@7u+?crS+uVBN&!<)6`
zw695WXg<M??tDA8X0|%~wd4DDr|%Rm3@gS(9si=KD^hanc5F^H)cuQ9>gwt;Tp7yY
z(k=~j>6c7+_!j$_o?h?p*XQWk4es0!e`W*e4@bD>Arn@(Z|MG#zVgK;q<!@8A$o;*
z-)%85g#X3q4Js=67XJ&&nPy49(|sl;rq}Kp6HX8;Hy9Wg{H0LIFL`{}I`J|7O2#hZ
z{IvLkIKueIpXp}hbS+F}R-Gv^!sOnbF0%KNh)?))vfaWlUnGeBa-fSq3u4{5dCznt
z%2wuT?8xat97o4P$wfCul#h8-%_dwaJ8S6vQgVA7$MbDZiS>!9>ot=qX;OZ_>)mXs
z3Pqkhd-i+7UD*ClD9M|f4vjYg4>u+;OC4sUhK7cyrF=!XUshxNg(o(b8NrkJs>L78
z)YO#EX|BUjC#}B|wg-)bCtrQB%ldDAVcXxWDk4*l5_t3jKeVc)Nzs*zDWNt_v+w<>
z1`jqNp-->@jg5^hryK9vO;!_@oZaP@y!f}Y6p^Epu>0et!<R?pPz$ae6&YK5ZDO3e
zEIg~GIMtDArs4j$fu$0re?3fZ;DbbCV`!chy&Sf(Ye?{e(sOZ<l46e8Q>n1?v-02$
z`IX;7PX<0b8W)<b&*h&=ooVm*F4rhhj+cwo_Op{;f9&g*FMt2I^s~VFM@yZCUYs2v
z>s%~c^*fjLG|5<c_`5dTLnJNzq!?5!y0U)r5oBg&ev5iSAB~gNFK=vo8?DXo1H=X7
zQc>SyK1rWL({Dj|y(!`eEK2boK7N!nH)n+-_V@R<{fdNOiRAgHI|Nn!*o%;mPINVv
zNt-okJ0-8LuM09#I4&(NZnkXJuVr5NUv(mK^(Ts6)@0ojwzVAi`aCZ)gx<Rgt9B{X
zrxLP>f!~29GJk%`V}_zVggAj%>Ns6XM~5R%Iq`Oy|EX2Xr%x>Cn~i&_e%)~#kNbSo
z5Q0x?r|bvQA7Xlq>3jSf%#!as_HF)setyo3mi74kka-`%EQ(er{~;f>uO{w}p@G44
z&Cws1Xe~WGWnEp`tJATTUc|v&^6+|Dco+($R&Ng885mriQ_r8W2=EC|qDdP6X|ecu
zBlV@hBi;PB4Lph_3L)CJ>J2xfc%Msg&c6S|a!mMH>NZ^x>p<1Ou%mhYTY2p4-GP9J
z6Gsac%*hTCK^Ea6_h(`IKQ<<7cq1seWyaj>8#b!9y?X9Z$OQG|<>k3-|9uFXQ654F
z0`h^71+$Iy_=;=n=g$fdSX2g{On@z_Y{usHPAn&@x#gp7W$09xpKmw>nEZ&O=}i)e
ze)5rZ)>TZW%9;WSDdyj`k``8e{up?C;SmvoZj$RCOz#Wme6#Yp(6uWyV9CY`!oEFB
zGrdf7Y8Gu<gv2vfVOG%aWv(Yw5@4`n`{tmz)wmZ$&2Jp!TBj$1$o0a^uqWk7SR+IV
zTHrAu&{9iUF6+g&Yan8j(THXo+X+wq{rpH6*s#_7@}qjUMXJ|hA_gfv42hF}A6Z-b
zL}s`)o6qbMQ&LjCu6Ykact(xbzEo9>(qb8ybw9bdY-@eWXz{1k>C~pAiIUQg>5(i)
z4rY30rc9c!ov!HQ8F$T}%%<bH2t^Hwa504qWTR#PmA%WnThbqI)h=U!{KiOEmF>Y|
z#nhLYGS>Miawhkdrv$}({m!sei`S_;OKb4GY~1jmuJC8NSiT<^>e=xl^*YZoHn(Fp
zF-)TVP_<PTrw)He4ahEfUR}!g`%9&Wd$0-!kOg*kE8e|(7Y!E+BQ8E3)_?hT88ehM
z<K2HhT~~+0;4tSYx3L&_QdU-0+FgPwCdb>ejc~2X2*I#_|4bqK|M<WptDvCp7ZAbU
zihijqD2KjR7f1W6BiHrE>gK{ZKMPn8HF#`2R{TjUecsv?!`wa!C*x={BtdJKQtgbQ
z(<wDXhia|oK5k}&ll?R;*Z_N7IP8PJAd(90^TjSEz31Pn{rOa@-lnVLr3N<DVfjdE
zBU1|t;&^o_t|01!goK(qoSX$h13i3^qUofL)`;pCiua*_I|q)v3YhBp^=lI^PWoaW
zIf?!_>J|-iP-u#f&1g(vVIe(Hh)EA*e@SNfs9rt-=2wa*gI}IyrMioyuw0$=2Yka2
zby-w)`PUT_7Hs5-R=u>elz_`5jBXz|X5iCDec#!%&<ep#*v|e@T}z#%@p+yqAzYUQ
zMworg*&5X=-@(R}+@wmVv2u9%GS50iA1bpj6;$@x@NK;mp}ORVs{TsE_%Frgb2_F&
zA?Mq`pOQ;CgAG=K)9GPZ-L?leW3w$&I(e1N2K;$>izO*3pGO3-r>qy_75>)z*;bCW
zg6B@~JaZ(p+O%e}?(%f)XIB?mIv{~RK3h$KmII7>i*pgYL~3cm05X&8>%)QxZ(=yE
z71fkOWs9N{e>~IdcYm$0;>(vWhOj#UT)s=yQ517u?}F^qx7e42hy8YcYbNbiiZ~`8
z#BJ=ykM~`dNg!1c_>jHwoPCD^uXN(>j6q+jv6EtBWmHv(-a{%{Z5TL-j3mg8Gs3yE
zre_orBHQ`K_mwG?l>BuJVV`*yhQvXZ`tu0auW}(cNA+QGjL8anXAAwQ4Ht?1*`ebS
z?F1<?V^27!7MGTIfByVg)}MUeg{rh?!TCF;u>P1|u2prcx<TgJX*VRp`MnbZVU@iv
zB$=;!7EXnEdAGLIyG@aTRJD4=YJpn*Ew4Nv#Gi2Z;4{&pNfNeq4Z2;Nbj8={6;}rv
zN#NhY#?aBxQA^4lSHR`R(vJP~Y2-U!WB|H+pdizu@Hll1{j*RjL=n1&tLr{iLeIef
zXGx>8AwcB0)q)bOwF-PWy17UEMW?UMOD9dI42ac;RGGVrZwRu~i`whhi?3e``SpoT
z)+UxnKZsj5kKWmEb&?Aq%pojHzyFR7A%o5+LnNP26+K(U8&y^%s^I-ba((=ICtb9w
zexAcjv!>m3p<*b%Bh4Pm15D?Vkn$kFZsMxsJeHGlx;$Bumw06<{YCRfd9VsH+pH(v
zh`+L!N+zhurQqm!7e_v9M+oATAR8#v%OeFZs@z%c+;QCbPW7Uoo$n#i@cZd)g9}5E
zpJip<X6JH@`!2~8GrnB!WMxPHcxo(dGd*I)yTaH!b8S<cYz&AhGhn2}XOg-GZRf}F
z@p0jXsi@BRK{x$QJ_1?AME0C@S_161xmMGxK?>#Lwly@tgX)SW_U`V75-P|j>fpg^
z#|<QN{2U9N>fKCVzkWrAhll^T&UBfSkRW0<{N>pp)PaYEFKbi-=HH9FX}u;B>MoqL
zF>1*7c?gos926H3Y%z_hE%d(%8XChYQfXV(91CyNyLX`mPpfxlw2Fqb?-b2!1u#$(
zOVk^G$0rmuveN=6R+sFWw$iqXc1$p#`F)JAXyIMq^Xxl@^u%<yoq56BcY>;aTD}Q1
z3hvM*8(FnZSVWU8-_k}4ecVk(=Ti7ZMyu45!_0GIP?xPr!lXz@fiwM$rqqy&@a|^{
zU;2EU+?r;2?7R}45VsT~>XF<CX3X`mMtQr}TSYmd0R!2M_Y@+ZQ>nWswlcLk8TXGq
zQMRzfpWbEOL8}*F+SMabzyR=EwXnG8jb2_}PVnH7oZRe=CjnCso0!<d(t&q>jJi2C
z#_PuXwJbrEy(b)5*>RJ*dwVnJj&*uT*>N<yjoUJOko%Msy~tYy`-;>24#&9|?{adk
zspyZTi4e@kK49ci!{tBO>13GEStxbo;^gFfj2nZ0?sK}o^6CEl`z{!-TVDyO>?v~e
zqtl{CpI!KqS#so@<E8`Dwnn_j_+paGm^(_aHXF|PTPQY5wwZVIgFPaB<;@Q~BH{JD
zvf=@y9&#Li+2A}cO!F@Fi_0%*Zz-@<$mm4vbgRhi(8^Tl<l}zb@YoItmJ3f_=y*Qq
zk*<r|nx;-KI{TUBO^n-xHXWO|f4=)@;f#0Nu~LG@J=%_PFC@0f0Yb?8fmn-Zyzn`H
zh(iE^{E$riiz<nCL2Q>rj+L-XC}SYyn6iPi{hN*VV+QyboY`?%#dV8_1ZNkQX#IeT
z1H{;x9a|84jJmfZz1s4Ds$!P4cNKwla#~t|NUOfbRF34?dWE^WySoq5qwNWslK0S^
zR^yP!gra2-I|Wj;+SfRI<~Ip8bGv6f{AIbZv2m6sp`aqpIiqI*Uy&mktr}2RcVQuy
z3hp3wy0xN6^Xj{=8n|Tz0Ip^2n+~+_06B;(qX8UK(@(Q{%Dzg+R;B#@?i&BPAtzTG
z-g`{uh94ER>5&#%pB$~uL^C&N(V1O;k&XnE@XUt1m9l5Bw`2I4U)fEI#4YN_E-3ut
zZS;2JK>^~_{^Je#q)5@qEPt1`77_FW$L>v6r+yKt9%uf<*wY6qGw%k{t&0Y6X|a@(
zs?1O8N#<--kkdWg-MVW#p1RkW+!J$8Fa|ni9YY^5{w0^mzJ~Ey^sg6FhhRbv1x_3l
zCFNr?3yYZ-ER{56Wo7Z2pYgLb{HF0FmYwSmS|c}a-FMEu9DV6P6Kq5P*>wqn-Y{UK
zrCPn46-_3zt~G@xfwNt(&s`>zJUs)s(z|!!%lx9mKyqxs*$x9yH?^7Yx(Wq*&ArGu
z0hYEs8B<0YyW%ST@voS0QVEi>@OW==n2SZ}tKY3zf$ue!Ib15gbvcBFLZdUB(Xr!P
zh&7*EY1L%6O{Z?lL@9of60p4(J*@Z7FXVPJieB8Ye9l^*J4=k8ZQeN?L}%FXJ0#QO
zYBy-hwPtVZam~Xdmk-x^ZiLhn<<oq9t8;boN`Q?`KIy)T`C!$Ufw(TRvgfr{tGfQ!
z(l3P2+UK4H+Ju;x*+~E}TJ3!FmE*RlGy>+niJv|R>Eb$N#Ho|X6mHG5v{;PfYrbnU
z-2TB?T>DMhZbC3H0H3KFEjvyPpUGX3L+MSMAzEu8Vv9<qkY7bW4mXA|s8)cNw}eq#
ze9{iF_!f=urm*h`fFqxrI16-Mbc*`otu)wt(&FMil~xGZg4{RK!)_Pifm!m=cY8E4
zzS!vb9gH|b-7Zg0f1t>bBTW*gu2{EFs^)w|d2+s*rLM?<`S3X+mm?=`h)*UU;x5K+
z|8ozeO|B0=qa6|?Q?CpTy=Q&K&%dU`h9#LT{!4M5M=yy}?=~C}%C%C=%1>2mfupDH
zQrQ>bPKi^C(TBOItvU4d=OuL=>RjE9zS5BK7gXobt?Wws_>sAyynGQYl3sGcss8Hb
zNfC|bSe_4$k7vOx&!xP6OoFqe*=?n12qtSnFRy!gJY&(DKbwF@XrGgGm~Kov5Ek}1
zTu;;RhdSWq?NBO{@#Pn6i<=#*rn%xe4gEb=;_}8wxlcz{T`^q_3e(5+k<i7I;@v%u
z<qq+)#K6c!(=V+NY{hxWX_;W&X@&e|&=`+*x?;~uNV;K~8-%z~?p^RQiLHm@?g9hz
zo2PbmqEmMHO3G<cQ^^uu<v_g+V7?A?6unh$h0Oht{p906xKvwYo*FU0BrV9vR=iF7
zu`vk=765yni2ELwvgUMbxc9)(G-!}Rs}lt*u&*w*0($sOek=oKab6zCScFEP12CYG
z&7az`ll6*zt-bP#{(wv7=Ht2RO^uCu3LJgV5R87lXBPgu*{?y^ZB+yF@3ha>h@Vv2
zm%_q00LU#f4zLS*K8rY{YBze88E9#-y6Pw7TG7_k)pg(1WM924#EmrMqprTi#v{g+
zLhO*>qj-*b@|vSLY=+&>Dz3BC*u@jF`LS*3dMXr8Z^Y-MrWfwt+?|v)I5~=rFkM87
zv(!*@+3fj$uupr|XMCMD*Y>KH$7?+DB4aDw>_z)(MfaJn)X6XLt*$?R{*+QsSzV(I
zzG3Y%QitfY(XEbIuo-nJ-x^)&5@ViRa&ItWBoWOZGD}QFJl8={yiTl7*T@l71v}wH
zPRHl0F8JNA=ZR#Z&uc<;(moAj*%2reJ9G;q2>(l_<iGQ1<<X>&n6T^agDVZK>EFpr
zlB9`Ei_{+6Vi+3th0%MOT`D#d7;p8q2^QQ+zCB@N_X7QQlaGi}JeSes`N=H_&r)3<
zGfi~|{jv6+jW+br1fO43G`bZox_?H@6!pir(LV0_Fy7$73yU`*@#fPz6f1r3R`<IG
zRmQMYfE7hw)fB1ccFXs5iB<VAEQYQ8e*rHTa;!|)PIOe3r|;mmFtz_|Hq(5H-NIyb
z%YnInBxuvl#B*Vfl+yNVYcAg13)UkZj!d7&<dD}*x}Q=a5XjmX<4Qo=-bb4%W5xP9
zb<Sp0&WPNyfGdAsT;!dcoU|E*R7{qBrTAVPjA_81$;(|p-(~hwVt|jn-Cj95Yah2P
zl*kwN*vzi1Bxk~cK*=aCkIl@yjUqdtc`F^a#d`ZttHhuW=w)qS_<fExuc@Z!s-l>7
zw~*(#hDa<4*N6BK)tcL59>hC4gninF`q!FG9;VjbO{umbdh?h)Lb+-U&n_BID@Xrq
zEFD{K|C_zJJ^TD_l#{ZaZ_pb|srX2{@TR-Eu~l++$_e8c<KyGY?Iwkbn+|mqm6Q@i
z9O%dNTnHbC-Z+}5vU#GWwgia`8X;tpkB5QpjvP?evWklME{nahP&Zh(x!>od`6I%^
z@u8&{uW?{VF!1Jhi%pnWSs4e!n}F?azKI$KH95I!s1RJ@PmvCgGBY!qeE`YBOJchf
zlRCI9S0#y0<>M#L7eiGxFAyRQmq{0v{}KKsPDA9jqnG`^-Y1{?D9HY3_6g-QzkE=~
zt1!>{EP0BnlJIdTS&Ac9fqDt)cynK-)o;FVIyry)tG^_?CHH^4#e80yt<RM!L2q7~
zOBU^B3y*ENUKOY?T<o`vN7FvG6P01b`VFYtkLP{$3%Y;hqs^(4)3uT(ii*Zl^=`g<
zeIgR)+wDNFm74d_-Xg+rS^AX&JTdS<p~uIbC`uJN8c~1+H)NhZdv+tWUP$HR?(VMR
zpPATLQlOwcrrfB)!onnu|GwpV)tn3ngQw-(SqlE^*!zm}G-hs$86aN>Nv6Jmfq_2|
z4SlnYhSb53zjjAnydsREm(*2KQK5(@8*C?*F5H-IdRb|O{K3V=H4Iq}%~bRAgH)iJ
z%3PLIo3gVX0b@N6cOmG|xbv7PXyC%X#d4~?YG=EhI0<UaXhAI1Zva$&&?iyhGO6$F
z?oQXu2H$jr)?H5S9c;ea!os7_3{v%qZ`R84-n~nT$i-{t>#dpgR(eOQ!M@6u=el2N
zm9a9t=EJJ4XXV(R$^2J@dWhw<*3S&3x48r%#-+}&iZsr@g;X4WGfsbXdRV}29^e*v
z&>*S2oYqZ76^t>GW-T{JnuTJ%cXyrRdGy0)wmRo`g1B3^n$M!*;>e+C#eD#e;f72p
zApeO<D_P*0(7u(qiP%kacrB$+{n8gRY(=Bw(dz;t$_k!R)fc()yN@zPh?4pqpB-+r
zqwgk(IH>CA(4Y+t4$g`;$E;Ob_wA3#;tm3pK;4yg-(?Z+S%!J<=Nm*p+g;4jmeJCe
zo~DLD)(cxLSN=|*j`VcRM@t@l_S_$oH|r}0xvn&5;ET1qO*&rCz2V`}Q6K<+0ct1i
z1z5p=cK2nZ%(I&ND}p6v6v0^P&PQGx*^k!#9JVn@T{g$Ayh@l|B~_Er;GSIJx)_kL
znxwQX`dcAMU%GbQFJ~ojk5P!cF~ho`_v<aU?(Xj6!$}7#;9?<3V5PgQjoQvM)8W3m
z2L0IVt=yQ=GBcycq%=w|6lt1&nO8976l%S&wY9BsQ`4bv5Gm(TvMlPij_7p=i5p5+
zTn5$Pr4k1(x~>vO&0~4_{_PWAePyKb*6>$ktUSF}2T*2Bfu>9y!brgqa+%5x>h`W;
zDHSNP<P_eD%#LHuiNk9>muK+XPbxF%6qBUyr%wMwVr*}3zqthXxg~ChL`ILOcSz8#
z8MqTPJ)RfRt*Y#I)diS3UMA?fj~~9fP9=pa@z=TTUf{cu#@+5YIE^)EWzRvj9Db;3
zojCeuh9f3&<CDVDV<LJ3gWhA13+5(F2<)kP?)PO`rkS$|{Rn3L`?=H5;z=Oy;mPq<
zl%mwdFO>xIXN?kqDLrCA<-L#0WA1<YYx}zty<zHCM;KWFUCYU063~u>`t`0xkg$AD
zSMpHo2Qb=0l~&Ka4_3cJK}V@{`VH<V{Qz3=Bvc~sJ#j{*cgSC!XB#zxg71mw#QyG`
zY<oAMQU!>6uwNC8jEt)O{S%@KFWe#uc?&!+D!WszG8i$~>SyLlyP+Wk8!+kKku<y`
zA!{^nz$m@p3H>~`ejw@J8-}u<NUB-Lg|~&%`V;V#W7MTMa)tv_WI_*HMd+iKuBEe-
zjtcg*K!%*Uo0E)Ni7kbBo@-@rodBB$vp7MW=!VQWFVjOmlfg_mogibZ7YZCxfefu{
z2bWTGIZxUBJyh@ay;LE{zGJC)Di~qj=0@Y&2thweKR@2DIG}YsHq&mF;2yfH`l`^E
z{iNh6iSWi}D%5|Z;yc*s1d<8P^1SN(VXbD#Z464NlKO&+*IbteUaLu8!~qSJaD(|V
zpU0-&Vt<;Nudf78LIfbHdq5@`_@9_TY6K!6*<;#^;HGdSCJxbdbig?#Bo<|50y0+R
z)>+5Dj-s{e<vl0{5ww{c*xHrWBX^TO>*2nhvM(8x>bcj~+nWuHBZ`V8xFz}lIK8x!
z=j^IKg7C;Xlz5v=i&(MHjZI9XK{2_hjC93k5<`0nxi%O0A!hY%DIhY$bK=5eLK^|y
za6^v6DJZ_EAj#wmjJrqkMX=;xB>Dfn04jSYH8cK`8_soN7_zp)FFOJB(f9oNWp9sI
zG)kAj-BAVZ{R$0EjIQ4OR?}@+CiD;Vj4jcCiWiU0q(xNr`cF<yu9Bd2xGODvB^3xN
z%`=~akr$sdVPik@|F(EM|0bV|R3n6^w$_e|s^<NIWlmc#rhzcSu1mT^AV<c-!uN-S
zxArYb<>oylZ4-6wKZ{mN!T0aAY}orH-j1>88a&j7$Ml)c2&2u=(#odm0}}x?9~y`^
z5bm{lK+nmB5V4Tpe)#Z#q?*s6<-)zYr-z?_S#R3=$7@U+=fiOeGF+_C=;#vRA|Fs2
zG+pk}O8fgB>yVO?ein7Q4XWwv8K*y8eh|4#+oBzseT|QV<9iZgq72^yt@F7Pnb2AF
z?vV#_5b2Z&Jwi9Av3q0HCvxIg(BQtuOksa!SWO_{5q*^j#o#de-kT^8js6d`lWUL{
zu}ir#pTy2jc4xlsM@Q*yCgbI1K0zd3LFG_{OcwPl>oH3oswJ};JxQ*_mup&-|1NmP
zy|YLmiS^rP4l5Q1zZm93$Gvow^(Sk%FSDvVFH_H(Gn_%ZeQ<Cf&%xr}KnMD-6g?Rk
z8P81}DJiMu34UCikMWr5raEg5w(C0<Ww&Cp;{fh!7Ic!T^z8k%ulbmqtXC9?n7der
zymh}kBkrDo;&{sZ3CRz9ruc=01<57nIs>dsv>+0JoVbGQIPUy=^=N<Y<Rqu2rAd!0
zIHz#tM51oa;yRN-31XGb0%2ZFA_H4wP$u+BkpmKF<Ew+0KjZ{|@&q|*O_gXUdcE&i
z&@FXc8B%>ftb$AxRC$ie6#KT#@F+Ps`3<ny7hPKenxL%-?tDD5*G4Bc{e*m~N%}Kw
zUyX!xx~twl(t52*$artm{XEEL)VXo7DyCCS^M#$=*ORIItm=E=S2v+wp$)V`yw8q1
zQsNN5&XkLe%an?tYhh+4$&q7A?2G;(DXHPP;z<VX0)8?fV~#KWGN@7q#2jYNnL2{=
z=jXHIcojJM6V#hOq@}fJD&BvhcwbTRgupRAZU}SzQ^u`aO8LO8f>pji*T43E(G9I(
zJJdsTnY5nCgr2=^`)fwB%Xj&{K^eF?R{z7RKk<&*#yiii<P6RN>eTwyZ0M!OFZ@?`
z(p)z4Dl-;c*!`shEPe@I9oDpjK|HA-axbF$%x{7*M&zn~tr!W2#5pIf#s+biOEL$2
z`xTwj$`$61e+vtr&evXDk)mP_eG`&kr+EcoHP(F=mIc<oRw_vQU;X`Q*l-WhbhWCu
zJDw1|L2!OjSaqEEm!E79)xYc0NN(%k?)bv5Al>f3nbdR^hLFfDa+yD@Imy?bniNDq
zuc|amxoog=mW45uCNXgFTuqX~pScdIiBKRwzGeAWSSW~qz6}b=rRBKO{0}QM$Zoh>
z2M}D1o^xSrswcuAs2{}lEY#1OUM^=v-(7p2@g?NT`mJzj2|yNU$wD^q+O>`upT*qr
z@%XHU?zo^R=!>Hns+E<Mdmw;9VSa=mad|v{TR`CB`noONHaIL0D1Gov8)LvJGVR}N
zdx#e>#tR2yuXr=Fvc7|fVFC1dl|aDWKOw(H9RuL|4l2H_47<9zW*`n4NF^Ngt}EaC
zj;7dzRBq<2)uTI3+SOPA$k7&Ba{;v!F}V>BIOpl!1-_jAW1ZXpf;h8$^->P<aDjyF
zbc)1kE@$!3xub`VMP>f8E%n~!$|aKTLJN;P%sRgKN<*G$@NA)Q!G(&mgd1AL$3{p&
zZfabtZ*`IYLc86aX+LN>y{WOEvL*>Xu-5HdLnlSgyjwr`jZF+&)#EM7ZM0<QB9;P3
zM5o$ze8oNjgHHuXNkJjUM;(c?YAcxYkk~eq@bnKJqR)u-VH%GL8Hd?iU|2zxtBS)w
zxkK7T$$OH6ITe&%fASk>(2%DNT<HSn%+v&|m^SE;;!|{6>34tgT)dTkc@y11PK4<*
zaW*dQDQC1IQ{|eS@X|rsgN4<Lr0Rpb$9Dx$Zlf&Yo}QkDZC4SQXW}B$o>|b-4}Zk(
zmOT2CRX1hNO@f=u-^R2q|B7`jYAkCvFZpczornK<Gs&|tGSvyTx9YUQMyHom$7Muq
z{ABc%;(b}_h`S}#b9qJxR{NTlf<P;YdhME;F|qrL*osWKK9@Z7Jeg<8>6qUMef*x5
z28!-Jho&ircdVK=1s2o~17m+&T*bRC??t#xr5e$qx7bI!V-cKe%J=IZOSSGNq-xmY
zg<lDv1Y<CT9XFLW?RIlow~EPr?GBD*&e;c2m;fmlnH$Dif*+q_kh&hdfn_N0#(yp%
zVgF~n_wtf@1ZDcYB6fdznb35S+xoct*6`sr^nUw;WEfUp^txuv(3_|to`)P4a*p0k
z3}TEDJ$iAgOeEp=yikKr2o2RAq;f>K4JH0fzeR~?lH2Ro9D<X-s=7q1G9Yq|sIeh=
zLsOiMQYTZ5coV|~C|GhW_=J=Co@;6S7`I5Hs|8bsU|PS&kHQq)WyEm2T^L20?O_i;
zmB-kGNLQRxyScT+2j&tIjFy?`&Uw5%OknU7p9aVas$@a830nX0_3PKO?1W#Ev~C@x
zZRT>U;wdWk8@lRKNu@=DuVV#l6%!saelNK5))?sUehVq!QpOr88WjX#hGYd<DPAah
zvw?alXfqlK?D5>u*?6rJa|khm7Wz|vHf7`^q#!h>s=B&}YUuf4OR<yfCGIoC&P6`H
znDNIpdFNj_xzU>@odzF~0D3mYYXJ)yJw>txX2fzWxxr~U$sU33=_gIR*|%+sRQj$r
z5)%_4SMXc>y48HLc+*z+W?TBi)ZR<uYvN9#w`%ox1XT*+^RzRLo1Pl$;(Sm?Y3zVZ
zmqD6`+6j`Vz+#aef;E@s5t1&MN#%#23fLl!FVD74K+sZ9RFuJeUA&f^o&6y$uHzb&
z-UASgfz*sV;r?}}aOUq`zjPj`g%gF5s}A3{-jgE50!c91`QZLR?Tt|4sl!4F_J2W_
zBb~POeoR7uT{gMF^|Cq=>>2F7f6Bvwte^&y3ETp8aE6TQCAM};8<>lr<?mmykIGEV
z>Zpvm9VD97vEOTDg{yQ+Z4|U3M;aC6uP-xm$`22|&P4~oXNKzvoZ6j~#d*o#e$v_!
zd3;dtzpqDnyIjqu`$xQD7|9ElCbedgM=>DbuR=+mqdYn6{!EI>6#sDq@7Vb@|8px+
zWp-%%-$A>JMN0}C1rGCQg>*QhKQMbN)I$fBx^}y>)ZvJ@&!aDIe;<e=MPlh=_Nn)N
z1lxl`7*ABhs@jcVg~4LGfOHDe+vWP|iUjQs#tzclN=_e{w&*h5VSf9F`Z0S;WAU2w
z%C#@%eu&(6^HcfFFW6P1NRi$O{{m^iKcSMolHqcugn7#;Dei>e{9zagiOHBk*q~Ls
zCG+SFT^d{jDPh<lS<$cpzl7#6<6813ypHb1Ozgdhu=TO7=JLzcdiqPfmsdKSD##AO
zKF8JCuG7L9R9?Hql6w$3K<%Tapn@l?^7lG|>(8RmxCe!AS$}&}7J7FN#$ORxE$hnn
z<{a+zLSb|LeOWZa!ol_`nP_~<Va0OV$uh&%zaJA#eE<F(0x>9h(pLE1y?gmOYKUB?
ze_b~q@5+D$DKtF%^vPhbHGRPvhOMNDnHdX1z&Sq@C)cfMNnc-R-V`{%cGdI50*k9G
zvhu-{y$FN<F%$IRD7(N2)<NfO;*kVcmD|sZbxS_XTIs9cx}qz!xa_Uxn-u<DVSP%E
zC2mNztV+n;T`ptvsw~Y9$B#?<)eoij$&sR*Q9k`jtdi4FMv9f8Rx{6Y{K5AIZFa=m
zoN;VyEOfA7_Pb~Qr?!;B48dAoTmh!2Y40^|U=2V^)bM;za$kEanYKD=B;?_gcQcSM
zxoT-qQ}#<~SLbXHHkgLr!zn)J(oiB1l(|Ch4W2%2g)XKRtPLbG(CMLiLTJ_m9i}DD
z%S{i=OlRZ|9Zc)$r;qUE?kFm+;TiRmDk=~@-`x&~_`IuwXHbLgUfO9zt@${F11|u3
zz!syAo|gKE;^cGrx6W8QdxOSICaTIXLcF`uQlW_4pO+VBD-gdZk}M}D2k07bBt8&*
zPxAoUB$NTJzHnZvu4^fO!_)6J3GM)xpukQFlreqHALr|cT(GN!SRq=SIETC0O^f6(
zQKm@X&F*<_8z!r=J$drv59A&rn-PT2mlIMGKO!s)OT=LovKwl;T$q(4<B<A55Tl{O
zkACs4N}<jNI8z)Sg0M8m3_oic-+4fV@yw0O65~zj7kiHVd!|2#|1}^Sy*g_L;<lnA
z(`0a=#Zy5DGV$<4fhjp~JFvxOj7RF~+yy*osw6*}e2!3z)$HEMw<m)kgg1lx%;&+|
zV-AE2aBg5vXdl(^qZtrV$to<2yw2PB0rGXJ|An{r;W}6?XPYIR|KUE*RR%tk6bxDo
z?i;Aq2fVUNO-Ix1_BAfh!#Is-z8Gxqa9~wSRfYx#NS;No@ys`$ZDJb22Ph}rdk5eN
ziwUcw>5vvoC<+|+!5l;_Z2P%fnc{$GLG!8F2le2Z`accFxJWGq%$v*g56BE@N!v|G
z3;ALm;>losH9EfYu;!VN9Il4fC4w|a<>`u$;{sK=wFgT*Wx21-%l1fHoK_$_yU$Pd
ze)jiUfRWP@@dJ1$uhp-4?BJyx$dGM3+iaMvY6M~+)q9l#^xLra@6DhA0#chKsqaU*
zS&t_eH&CA0`r<usy_I=vO_#E0F$@U42Mdpw$0leQegNZCkCRy}Rr5Zs6*oj#r1`~z
zs1BVSQ7MoVzwR&HLh*>S!nVL)NqhqYi1(lEN8P|cwLewzWV2xlWrah7P8(&aTVA$=
zFi-`<l@~OIsB1kw-|I&)Bu}r*amWvDnk9}pajn7DSg$vnc#$Jfv&#Pa;TYEAr^d(1
zr0VPYR#dW`!9)nwi6@~${4BSMaZ67=B*?v-($J!{BzkQXtnQ_RCqq@sNob$y5vpcy
z`&coOTjG;%{=#$cH99%*gH<oO6SFm6v%qq+kOuffPBd_;f<=!iq`mFO`<r1A5hfrQ
zp^=l5!wTX6(v6_vT?B<i0EKvg#1sMxp5e*vLL{AdwSiaWYP~8XCg#VHh6~-F3iTV}
z!6OUoHM)YbGEnPrkciMT{!IXlg4WU5X;Lws--r9#Rv1ppty{^+!4U?YA;*PJFUpPD
zv9SrL1E=gQE=~`?lKU2#n{B0jV5CKtl3l>{zDfa6&lmrJ)?7isgYIB2S}p30(QR9%
zf(kQcoOy3HC#MGOdO_#Er6ac`)OW$ybvbk1Zp*QsIetyko3`BD?#&y9Mv10X>VOte
zLL^qk2*JtIgQ9NTTlY+H;Uf!1N5MLX1h#*>43@#9W)h4#D03{NJK$NO;lhBl21<pX
zWGrHGV-X%SYSG&HEC<rj!P7=CQ_{>B)C!KstSlNqOOm~%el})i=0<vbNNm7KwCPx+
z$N_&kAjoZ7_cDO_8lQ7;hI}-=?RfdSieF+8u;HLDcw-b~&IQ?3K~<HN1lMt+YAiM}
z5$~ykfiXEgV2`D+TeoJkU;K!|G#I$X|4f*bNZHu7<dN>3aSmr3ugwZl=X$mwKGn_-
zon}wT_|jFlu4v+a<p><Q6y6RUkX<WO7!c%p?IH5QQMTVxH&3knrMa~%va(c&b|vE`
z14Dm?Y{<6-NORw&b0Jw|fj<y55MVRvKvY~A$iRf&91<nU%OppoA2hk~7~UH=oQFQ;
z%!N@4_BEXre@Rq{LfN0uAY*jSI`WzKQlpI)>c}#Zpvhd26JYZbWKCSEN3@(T@Jawe
z2Gaf`h&D*DVgg6c!NGyDKS5IB)6>$)4nI}6ps`xz$R$u&+T_98zO1pwRjda`^Y~{1
z`UbxDluz8Jr!`cU0=8IwWeke81(O(#wQ3!x;cnlIb<us~Vs)k+svRJwy_Q#ck)A+Y
z?ep!Z$nNPU^|=G@@oKx9Ny2u<P>6hiEJ8y;EwDQWU%O7Z{gW*Xy7dSv1a<K1nXM(5
z69Ka*fI>)Q<Wy8-3=C=|22I-4wloDVO3Z;z^gW&pL7DSr&qi>#I(gO>n53jqVJ+2l
zbi$A;Sm_`gK|$n$J|op@kp?B(0BMH?dnP+G^UcqXY$#7OIBaJf!DEC(BCQ59ug&<M
zaYLpNMgyRXlB7}g@N<wtmjInF0I;-x;{V`c#pfMHoSCkJc0g-qt|UFS+xw+H8(Jiz
z@IJDoG&ktw5(BHG!P2QgSO%Z7Iroig1wX!D78!R<J^itBZE(Q1q!{nbC)R=^&)SXT
zN7hN)!2@D?z^nZ(Gr`$vI-&=oZb!!>R5^!~{<W~s6zVm&&_5THG$R0KpaaJbR(BM!
z&rOT+c*CzzgkdDDQ25E-QUxSO#>!EUoL;4Gs_p6aCnP8Lf&l#OOo>TQ=nOjPSOfz9
z0f=;7e_!K(+nN&-n*i765hjY~gkq8ej<|tpyO&@k?)v#N14Q8m%N{rRjj<pb5P^dd
zTgLcgN%|@gx`}rwU9=+h$^}|Q)>B9z{mcMYIu(8$CHC-Ko)V6)%eog@9)ewW?$BL3
z|F-?F0JYD<yMvmY8>deSvOJLNu=KcC1>`k%&(pBh-+=VJ&Vx5}Z`{DHAhPOm(NzqT
z=dV@v94u6Nj_B~yhPO2Bccgz$K;Y-EU)X<PHRe9OFlbvlAia6Br_`t&s@!k9gApA5
zPwJ#(WU?r`_dI1ru9YiPsEIOG6~q8Y;nr^2OS+Yo55d{{t+QWjt<ZYuCfvgOkN54J
zg+6&XIZm5(OIihLcJH4Ji@@z*62;;0D}VIRTQOpqavSc~kBBnFQZBW*#YOy~CWDK-
z%isY!``;Zau_x^Ne~;uZW+lILswv*VaQ*GU)tZ6-HvZ?KwcQt*2ThBCHY#koXSa)}
zo8u2$!L_yr1#0)VNwiVTBnM0!AZ&`6goTC4X$J)hR5(Wy{vHdF;Xe8yRqWM!N?%t^
z>&0`gR@QVXFTbSv-!-jtoOhX086B1MBqmgmTS*FgcYH)kFRqHEe!Mo8u9r3ZyuEmO
z4-B(cgY_~r=GFvpqpgK_iW1lh%};Ylb&9%n+9sVHzY^+?708K|=enKkugJoRu=DUd
zR(#^@>@0Mha~H9yQqUlSpUfC8)IUN=mtWm1Hhv(T)12m9B=c+xfNe-wVQ>d~O7VL)
zWg5~US&E0wB3gk46!)Ggym@HF9ia81jqEPr3;Hs9+WJRijF_Y?J8L>DF{5h0<5)tW
zt8$6y|BCGhOi4W?*pM&+F^2mahdafJQE@oY*Ru!~_y}zVqb-M=)TVJc7dm;*z7I#5
zli#1xekD3yS?rzolwFk<3X|xYuJiZ|%(RW2*G7Q`O@GwrBGj~$H8@tks+W%Fy}GXN
zVQjqJ<q~6N-LjR)b~}b+#rja*)clrcnY8uGp2EaB7H2vQ+-G)ldrOBe{<+1x-Yqi8
zJH1dn{8M!;M3gK*{@pj3Fe^G%=hlc@jqVKBH4+oz3yK~gGPVO+u%4s6e)`lmeZtkr
z?l#F2ySKLbtjV5#?@Y?8vhs}X0Q>=CwK60s=p5Oy<qKARA1HO)Rj(}4{>f%D7JcDg
zg_lRFE~ozhfN6HGO<<h1RihcnkJOY7A^o`%7N^;FxGdMVkb-fd63)F<*u92)T~Hz0
zW1>(F$cZXWK)W|6T@RA8g}5gWoz_X4lH*4ckJxq%s`SrZD(C6Oq)45u3qTQND6Rni
zTO>6<jM@yBUZY+y<1}NZn*hBBCGsQ!84eca*;}QK68Rd8B&e~9Oc;dF^IplJ4t`dU
zXKy+)ye`m_SrxRO6)k1F`KJyb1#?dJ%NlzEIx+G*B*52^;-U?Y^3<=n$Ctx1T4BX=
z(c#b$hRRBB3f@7>zB9p7n{BsV;!eyV+qP)~)@;wE6b~rLjpG4rZ?2)V;X7<>FF0)o
zljA>YQ^pASS*e7Kx~ufHjggihCMCFHLb<3;B!|4ug}B)Z{BVfrfh0ot(HL_~A+G~m
zOqsNA;J)>gY3NLtnjrY9ermHcP{*J@<|5mQ7Uo*;#O+2Fzu)9YXR8op9tWERq)z}+
z@nAdvq!T>3VGfN1TamQ0@NEFCupj|vlQRlRN(Bf0EpjcK<Si%=#PptQeWcNG5NoeS
zgKuR{FgA1lX{G~b=tZ>Q=Zt(?&6TlM-GHL0aI)Lvk$$a#=z1U|D{#~;#J@xt89)uB
z`Sj@%fG}typrUvD_z{dV0-Ge8;F=Z{YBmaNGIxN;*JItK<zNBi*3r=cQ$Nt~-4b_?
ztgNgoJ+?#y&ury^`VJE-P#8xIv^g1p;lHMuw->ZB{0dWl?1_pBA&wq9FYgkl;Mt9h
z$)G1=yheiwDIlF<Q&Uw@^6<r%H8JpQm~;{W<oTAVp|1W7$|kscFaeUzCYQl6%)-L)
zfWTmcN&&!=rOqc3G{dXQi}gQsWO+y$Rjz561tB}!61E%&1W^!@GC+t~*d3YR=J@ta
z2HuDJ02S$gTkDIT8yNh84?rO{$hO%q{e)`U;PhIB+W+A*sAsS=mC(ul>71-_U;}&#
z_HJ;7?S#lfa6H6)sA=h4pDX@g?12_X2G8#o|15^&zf1U8wLi6NWq7i0XD3wkf<jE!
z>H}$3n&HpnLT;@(zq7-PH8JSg(Lfh{4FfgLH8eV6nB_shfaW&&&mTRA&PXHbY#8YP
zBtk|-)d>csAL$R@F8`?$0PMgbEuCglTo(*8cV(y^JK)L>SY!w~yz5jvU^g_ZnWTY9
zBzR%ga2xP~XOjUoF}-pK5uGR)%Q;^ZcWfP1K!*s{)OH9dT|2RZG2o}(fcY2jIEtZO
z8O*|gbprzk3aG+Rm(@@<-gQbYm`vm`1ii~BV#vIL-|y5FA#B%uyfcsP320{=V8TaM
zmAQ9R2I*j@MnyGnPA<pWMlclN*f2#-LE+R%=P}Ui=K}+Dw~CiS82r=I(*xmgr!wXW
zrCmXLA)2D<s&DZ#mgSb1E3W<+2N#zqOa-6>Vpz4E4l*@IXp$=2*0fNQw=mTbY_z?Q
z@G7`QvhOqh+q_ioa2O+d3cCi>f$uQyAp>nyz{sT*yZ?2lnPlLV=belYFme1XbpAT@
znmS#oj^-Oytms#tX`|v??{Q`5SB$kQr6mj%guR_S%hA{nk!(KHekl&~7?4{E4Vn;u
zK|aL9+=x2zh5;^=&*5Y#tsga+p`>I2%ZUPgpkRTx;R*JXpFKVExk>il)(*-+PKEBV
z7qTR3I2eWWAn)1!sf~dx3A$;bnA_d=H$}{0r^8162t6T8+<3t$P}5?NC1$~4@((lx
z3!r`f*M+14MxVDh#6+Dn7ggNMDo9c9eReRwn87qMY7>EHA9EY7ZEvGyW)~V+^io)}
zRKG)=U;-M_>c)2@dj2O1pb5_Hcsh!uKx-Ey@Ezv)-eFF?j9&*)7bZ;%hq9j(YL~r%
z4tj6q>M{YPD7&wtS~)KeQ<i610%}u6UBqt@L7r=e&Y2ya6}U4aX#}wIkUs%4g0}`;
zW|l$v^4R3`XiH5)gWSC#1<vB!!(9Voppa+jYo^?9LdR(%nz}vrJp!<z8jK5Jz4AX{
zf$*695Zod+11XLbQXF2)sA1k?BJ9dAqo0fS1jRGXvt$@me*TMw0ja#CHJ>~8<_bM&
zf2@p*N)bMH{&Kr(&dz?(_U=-|g@K|XhTzRO_wtu%pvUcROeUaXVwYO<)1%@B=DNPW
zx;lLkM3SAGi<-fK$Yfz*K|LAqt;UaFiN`=Sqp?XzN?u;~QI`yD9F8I6A=Kn1SQOAp
zz4pveL<w@`&i(s|fJ4=_wH08B4_&*?nFVskBYAmvjx!|CBtWx`Lv#yfXm97BcJ=Jp
zC1uzT7%719$n%4e05gETAg7^RYcMI^1C%WXC+GZZ2tzJRi0VzR9caB&+l1;0T?s1?
zEUZ8tJYXbA6|R;M(KVX{GmeZ521$68&;If=#yARdnD~LfA1!$Wg#1_Y*N=<+yd~&~
zZixnxya5Z*Tj`4xH8fPO31rXT9Z!H*xxlVLgJVPu)5ZgNYH5!9oN4_yfn#fgGg&Yu
z;d`=>fQo5w2MmH+V|&=!^d@<@^lf-JH1Q?_O-n2lrVTfdg84o#@Q=McSYB-%IbRJi
zo95oPN?d1Ly{b4`bW+z?`gT>5@4YpCWF%}JZ1>rS=8(pes_o0eL0ko8g2e>6taysU
z^8fb&G(Y>O_c86K&qp=mx%W>tubGe%@;qXz#W~2tdSv#>EP*cQwb9{9;>t=<{@O*>
z*UW}QqY#}hTT7ToeSNpp<b0Q3@Hcf&!u&?ft69sYG+9C^33LjKwhxoc5npZ!r4Vlz
zfJyP+zke`^_!den<Q*7;BYs9+rp?t=9(m^pF#Wye70sJCe_ewKa-dv+vcCW!wTM)c
zmU~8SU$;Ox?SEzm06(y2A@j=@+&~<9&p?>J`T#Uy7;tg^$L$QDR+Q-$VPT*n5D30R
zWz_H^jC8H8u70@lWb0fAGq+$c<7JT+BuNFx*l^|ri1ut)afR4N?(V{<#@NcnrrlQ9
z<X+<KLT?JWHpsoET_ivXziFRMudV%je0*FHSs-X*O<1IiW?qq)o6Cxdb+}##+#@i|
zh5vq@FS*z3ceYw#@gC*x0>f+!DmepE*@o`10>+teU#}mXF&E#EdzSVSBQ7DK!u!Db
z5;{!e#DpTuk&#$onHvsh@&~QBb!W@qNYkWsZC&bzSiWO?vpM{bFGM5MzU15Cyq&G|
zqLfPp<ML)y5HjCT^BJ#ov~{f}chKk*$TE-eN@8MT-{j}pPB$h3Fe1dgR;Q|@guM0`
zhUI_|Bm(|>e+3z0(Bxfa`jZqgBUAva{}@C-Qc&4<o3{L-A?#3GqXa!MXfC&fgeY*o
zCbo}czL+%2$YekEm718C0Fz$iO_8XU%Yzb)7cT^iJ8-2=mzkv?6`?pKcvcx1uc7X&
zVyh#BwrZW`kCADYkNBwnL9~q`56>>@(Fn0HZurNT>5K*xl$1a;NWqdY_uK=g{;9Hr
zZ=WCu?lSuKDnVsdvZA6Q_|gIJSbi-jv4G5QS_PKkw0^3XsGp`X@n+QyGsQN{z{Enz
zl!mpx4FC#ec-Q);Thj|naFJ^S4{>#-!r!#==H78B*D)UqX2psKbexzf&aaal@)ff@
zdzLkXPfX&Uagmar55xm%$GLA!tGKubu&Je@U?y5+Rn_3cM1KDx0N}OrQR3iY<_8Ds
z!)N5M=W4;dx3AL=)zu498OmV-H-SoDauJj}1G2<M72_Yw62T^FE1XoUwK3Hof>OWY
z;<ksMtHl8AF}C)7)^Qt90o;CHU!TQBN~5}^6=X?pYUf?A1GI$tE&$;CfG%5t<`ESf
zW<W=Dl`Cs$QJQo{eTQ!i$Wvp`--eL~SSDE|rRxCuP9?!0w0|%SzRPv@hSU(4e3umU
z1R@0blJ*7X8vr|tiWaIT?dM_AIr6CkOt{M9nr<A!eV`fxxG5fJ4nFsp!)d@Y3Op1(
zK0X*Fz3ECPH&DR4U+Rn?q363@%~bG+bq*j-u$4xG>VS%9&7V(qXkFb1jJ)YGe5P(-
z#ifT&aqT8dBA=8h^}d>-F5mpbIKgBX@=^7m(&ZctD=tbkyu-R`7lvh%VBTw`0wLvh
zx?J%AjOb6bwW-S(oS<5Q^~MR%&YdTyuPXrX+4PYCs#(9pUSzYXHVCP(E=3N^{E5oG
zTRt-=H}aSK{8z-=5Mycm(pSmB!PtdboRE;vpcd`6ViGSe=@Ygy;}(&D4|vr_aei*j
zbGr@aV8)?-h1I@x78{-|6mMvGFd<ztz+jWB(U-nMB_$;%v6Rz_L?IhW%7|-$CH@Bm
zH&%xrc#O-mzrYrS^+okHDCRN{6(GRTYRxof^Mm2RFEHclD^1Psw!$tz_&Bc)bASl4
zv$G>8B*gTD6t;!$lK9Nvn03_>xIH~U>k)-VS6okp^%_tsL{@r$NYIyu9<3y~V@&z^
zx5JoTua<_M_uGAq+_GD`^4II%B%4O6`i_K-TP@3Mq|xefQal=(>+7Yt)!uj`L$%qY
zrRh!cClmN`fE!wfz-D18x<K8tN%+<W*kM#o&7(1$9UTyMAku;&<6Uaa{T?PD{mxX5
zog%(}16r=%TZ$-z*|=|0(PMdH50b!*wcz~xRgCA)V}jGNB-si^!bhw}=yXwi3%G8b
zLAh8N3(usEiD&JtEVr34(?L~LsEAKry;8HY<A!qmH%feSU@u=kuSh?{hYw%G9+_HJ
z&7keGG_fw)xZbKWX#l-Kh7Dn)&ew+?-{8h+W{W2TU*8SG@E{Cd$ZaNy-*hk;T<Wte
z*&Uj@KKJ4cmf9pu;vMvYCwIn~_{GM4_4&~$^SH)Ry7*s}%%<4O555xga2X61K#;v#
z-fKq=i%oC4)jN84&JrzT=})~|Vmn1R=Iy;GmnH7^sZ2=U{=1yXp8BcfP>)$Lw&PEo
z%L+1&*pc<YQJvndRST>aDsn5#dcY=+01EzJ8xF%AY3Y_Jj~jL*!_y7#-RY=PqPO>|
z=EF1jK&#RhH|$j;tS1ZRYa$Ax{Bo-Not59lk*fl`b7=MYu3S-cKIOHRTOGIY?o6;a
zlPUjW(fy?;;GH`(Em_sF<m^3=I<k0Dd?TnUaDH$pt>F14`^Mo=ZETQq^mb+cQB%`A
z!mW}u=-Z6k@t$q}%}?$I@I5UZ%|pw3-`*LyUjF)Y<l+~_^Y+dY<z&%kSN8vZC8~H^
z9pBy+;HS$(YMPo>H%-|H)w~`k(;fTUeZ%gVZ*l+ZOg~$YSiMwof!X(4DbZ2ghK2+B
zd{C->=~R3|UVY8aZy*?^n<J}>%-6Yc7sTYRb*^L^{&nz&_n)NRvQNXrmY{F0H}{r}
zp(6`_&{y;U|4uh1e`=nZmWB^HV+YEWr{@}P6Fl>18Z^a9tfyLA|4ta;K7Xsq{Eb9T
zvp-zerK#W~^Igs)=l{_39q?T4?f-T%LfOj5NHU64GBQg_ktkb|y+dV(3K>QA$S5l#
zvmzssBC=;l%1j8AtpEEy&+q@dUe9yRb57;^z3<PsuJ^i1H?)LZ&z<&_8_4z8c*Via
z?k0XWQXId~NGo{mvL|P$SX=&8^0mkpUsn#~*uF0@Xt;TfiYg_N?=1asdQCGb-I&Ca
zJdb&-zgkou{rYFt-6M}dgj#JZ*XEaN-l1jt&S-lJfq`ZH>6L$Bbaa(F?<T(3)+K*j
zKgLY!d;15yh`yWFOZ%S)UOtr6_BUvb`}<V<nLW%o*>|pK>8}2Iw5>=YxIw7n=xo`G
zw4CcjM+=)Ix!jEDt_(J`U-TW`-+cG<&i5MbT3z3=iyO~BJ0*0exASRF+~CrjwZqZD
z^!o2w`s3+&HT2N}QI9!P@*DC;*F3Xidt3rj@$tPF1Du84#(tWdWlbrl*krRKzo+|l
zPB$li<xAOJr}xvI!l41fj;CV3m!_5qsh3ZQm=yhqI_|5@yztkeCf|cU!J%K1raDT1
zjP%62C!*h|I>wxnS%liY(4m-mo|~So6c!$?8*b(HT}wA+V#1P-oh}bLNz#KsHj#=;
z+*gkz4LrX>4)#R8<(lawHM=h*qS1*bq8|M)7qK(YFSkFWG;ohM*!V(9cAg09{X4t%
zotxTp8VkGh7~~X=KtHgzY)mT4=8M}byz>HIlV;}T%hdhs*~ci@Wi!cXJpan*%thTs
z+j7@m-%bx}*Sz5XcqJjX+^!O5vPvgTqZ0p{L{*!xb`K63ARFYS9^*t|gs{fV&#jNb
z@+W!+D1$RXR7`tIuFai_{}?O2|Ex4_A?`wYWnXt=aW?36Sq|tK#qyTxiwTFG<z?jc
z=sETGHMh43LqPgSSe=FBmEy}#I!~ThJq`<i31iL1oYOP-JYMlk35I5vGE$@;c=7aS
z5HGcon)XM<@DCQA*C9g=zk6_QLOlw+j3ojd(0;4EefC3vI>(l=wDDXLdzxm&L64b~
z&mKCf-@Wd<q{4lTD2qJK&@LIT-}a6WzEJzUVY@F}w@AejAXyzHmZQX>#K=VP@H$0f
zm3Rl)PNHR6|Ldaioi^X-)dez(FMZGvO>;+PpJC9b;>yeW>UJENL@S{g`BYeBxMfLe
zN6%lm!UucFaKEsMB6GkGg|8WnnGfPpHBY*3Id+g*&t^j19R1-fE_vLOamhEdnVny;
zbn|nQNq)N)zyJMncdi~EE8ft(;o;%Jq2|;&ynK9P%NqWko#Ts77`Wy7qZ1PLSG;)V
z<m?ih5&UVAR@}7avv}y&?MjSc(p{+my~l72irXFO9-t0TJQuoM=^%fIl7XR-@UW^c
zb$vp+1O5{ys;;u8aiuTLgwu%TNU1+_S?7;m85C8GsvC)!19X2kd{wlPPnPmBPz74z
z+5vc<54MxBT>tf(?_(ZSG2dI_$S)sr*gxRoWfEBWKw!G$#T7TI4wJ}$JdOLZ!F@$L
z=N~<fuZ%1jITP}R!^H8vfO7_)q7GNQz{4;BsoX_Y3pKT<O5aska?N;7<&3M9fp@cI
zoy9L@-#sWj<+gYC5V@Fx((m1WIwy4Yx0Oewn7@;_Cr5fGqub5Vx9G6Js-RLGn^vyv
zgYCj1=bovb3)O#|!sW<HkK~PkXZ=0z7_+F1$>g&{%u17)62l8<I6@|bU)+*E6Q7*m
z-jFMlAoL<YK+&Uwqe@M6JLhI7ec|qtdn(=9q!|w_@1-)P(lqNA+nc*6L{Znn`lKh5
zH)O8q^^c!H&x(9VWByrk2vQgC2nkc|N{BDH%PW0ws*}CGJFO*c?JK3^&a=ULUsfv_
zIlKwJ?irdWVxX9)Nk(2$@a;+bbc$`n<pW0!9-JB^e*J9vT_akdV}cZ<wn^94OG5iq
ztg=Z+Wxg$p+U(ljToJX?sk5gl&b-?K$8`slJIZY}?Pb5QH^POzbrNz8y1HO$jU}n?
z;#93<<h#vuQTL<J?XsJ@@@T@vXbO+0neLy{pr5+1{RIuP+U-DH1w2gc(Tp?-l>lAY
zqJ5A0(!8!`6^8yRBt0FqxA&K9iEH)FKM}z`qM^o}ck2!+N=``z4c_Th=WXK~drot?
zb+3?idmqEtkGaFcx2;P(b#))A-X63}sI;U!&l}t$`e66f#-gD5BKNowj%E9@N<(8~
zO;pRF8N8==f@cPx36pijJ}uduWo*}t7%9*h=H%w4`)zHiM|F>t@A=LzH+NvTA}k?S
zDNfmrM1%1M>+Mc5*+9=B_27ql?Qd2k@!t8pluw}>(L+ToEV8&GB;P_RG?Y)BzLMFX
z$_Ow7Y?V6+y#|pTl6_)hKR}}UjAmnJc69`f{Eii^kF<F#?PS^!-~vMX_3uGDG#MLz
zrV?EK)-HIRoSfFU`VkLu_t?z&D(Q>U<Ruzfy2bjcS{;46s&=K%DUfMssWI2tvdUbT
z%YLP)#H@1il8XmZZAR*d&d^4)b$cle0brR+sA$b36D}i#1Rf|VfL9S(wf{DJQS)X9
z@BHchVgAo-hwqn<oH-uI7icmsR!w#)P7ZM}0!9m;8+3O$d7&A?@n?nPnay8zaVjxt
zF;hZr_`zZ?JDvHFB=_^zE>${k5X+6prkhu5nEA_1W0KQ5h1-fR4COP<GltyI5Z3qu
z<K*64YU<=12Hpb?b|290VgI+=j_t#_L;Tyk2E`2mQ*nwOOKGEi@pMe8g(%BcX8Xqf
ztU(1qV0n8F9JpUmafIOeZ0+o{neUX99j^J;Q?wHxEqZDKDm@J-5Zw=&0U|^W-CrA&
zMIV}*zs4Fm@(Bsu1+U**Xx#E+fOsxMU>hB`Ts&;aye*Q^`_5aU_EofIt%CZ2SuH&`
zHv~TbM8HW)%dGSX>8VxKXWl>bZufQ#UHv@5I}~|yz;L>Ojk@(`Wr|G%$%udRL(UVj
zHFR+QCQ;BxipD=F?J=jKGTweV>e$T%Ufh@j#opc5CuP?wN}*&1jA$K}A|cSzL?@%8
z(*W_zqGvV0kFIG8ppiuW3{sYU!7odyb?H*mkW+0dU<APUR#276t#s=oA9D!+cwGWR
z*txYgPityYA>jD(XKit9gK*UmnNk1sTvBMqL`y_<@Q2)&s8KgE+KtqqF$DgAKX?!y
zPi>SU$b8k(w*4vf4f8LHl&d8t-}SJ{RZs35Tvz(RN?PhRc;>>s$v+v|Dy0{r+5bIT
z`%a&#P0kh2opyjfbZ>@m2@pMK##a))G{+p^IPNBlFUmlIE|t)06F3*zeaWlu=pg!m
zYz;V@w!VIDHd>kwuWv0qzbp!eaum3w#o>8hHh*Y&oYBegGFSClmQK$JfOCKi<pOYe
zpz!@r3Y3?Z<8xyJ-}vmZO(;49d1XjWDju+ZU*fGx7Qim06DS@cbmpA&hr<;jRuSY;
z!n`4gGi7V(!g;AT3UvB)roY#nHjNzIyxP8`#e63@c{hPX?m92`CS=#X{@1sp7!A(P
z^*m!ExvfZYItpE0Sw#ie!ZXv2&{|ymKSrvPDl3os7$0V*JDGp~U1Q_JM~|M2>I_9?
z`t*iHmyI7uqNi?TskkhPoh)CoV7mE>jZotK{yBUGP>z3%rRUQ_mbeFKG+$B#itI>I
zKV2B^v(NkGXBr_LYbvWK#i*d4*<a<uGsu*!&3Lz|3|;LU*Zh{1SmlsFSIAIL?@jo$
zAb45*J08h_9v3a*kI`BllG1^*?(Wi>nwl`g_ygg_GyZ@T1vm{IBtp=(^SbivPZs-8
zmhjx8Fm~JA^_$72N{r793NGsEqQL~=pZ4liLKC-F7%T$RZ@mBaDMOuEtPbYvv}4=<
zp)`tlAJYRB`i}xMe5TdI8o!c1<Yxpav?#@}C#h>k#N3wAv!9UCyL&gWFYUlrkE)df
zp`d)bqfR5l=Q3SwzC_^Ue(U2r`anoPXqbWU#aeinoE+9@K1LvWep`S12pjqGVQ&Q<
z@whW=t|mosXuv(@VG_1+bfi+28hrQe9d%&iyLTtoeNUhfh3l{clocuqf;(A-e2c&0
zlaWnWf(-+|cWZH#=cnzTO7n9rpCwZp(A$x^oKi6p!+57%kHcZOxGIh2OI#pc!oUYh
zSDn`Wg1sd>r~O`5b+82a-SBoCrkvY|jft5K(A3q14(IQ?qcyji#`!=1A!jj}fMN#+
zn_)X86nP|AwH70<Z@~|@9d0`q3hoWqQ>Eb^fu=_1u?w(Yt)tAHKk+?Cp`aKmtom7R
zUd#xQ0?s1PbCkR|ogh4Wn3&iMAHy_&AP6CG-ookH3{CQ<=<^Dv|I2G@@8`VQekk#o
z7`3ij>A+{f<F8uObl;fY=DVYJ)>0yX<Xn~R4afH3;QQM<C5BWDlyg=o1D#oZ@D=VK
zOs#FJyx}%{^ks>4;B|*#ZLbNvXEBCO)hyJl%#er!?&~h1<!Q$gpXs}|1%J<ZU*DR|
zYT$3c1y9v_AQ#K?U$y5-XWzAybNj#_B>5Wu{R2V;3eot(HakhcdLiECXPz8axZ_9=
zJ?}@m2N_c%aFTI>75<L%CcbsTar8}&zkt7~-r@&m`#(L0_P%7Lu!xC{?P7iH_KEcN
z-HJmBAo>8yqwFqR_1a#v)gjJBUr0B2y@%@Tpy&lIRh!wwLD}{;hCidvghLhhyQx+O
z6Ri%icYo^HJzzK5FwfyDo>nE@{gban5_l|f6B8hTx`TyHhcK=-bm>Kd`OGMa3vf&V
zz*zzYOZ@lLx)3!P)*Hb+06n(Q|M|qoME@geuo7>7xa^sva<55K6<u9`j%XPg@3Rpa
zMfZ@~Nv)O*vnw99+@73c^%DPX{yh>sHQMm0D|!6XE=RK`J`DTT6Q{0crkt`K^}@!5
z{qHKk)4V(YLOA*U-9lk`?7rE-;2zsX#}~8w;sw#N?la7|jfD95GfPWt+5`U&+C=S3
z06u)LdUNtL3=IvlX|D&i@fjT83*CDzTk7kLm!4j)=&uZhA4+NkbPj3D+e@|obg?l2
zbziEIU-~F@_~_B-hYwwPE^<-zNhDSRI}Hce>jE?hjIS~;<I5~}O`YvvDop$~+(Fjn
zd{U-s%aYf<S(f>)<@BTmZ60m)`Le4U*VQtK6O0K}zGw@fq>qg~X<%URb{^QK)!duV
z32(czah>lg$@av|Dn}Tf4Xo1J)7-doIJb<gF;iYVOLWY=Va&N5VkGE^3eVjZCsET5
z4hflFwi-<dF67_CB>#+dYq#(4cZIc<>hmuTbpGzVU$}LtB$d6sEQy~wpoV+q&)P$Q
z?fS96_Sv2|%9=Kf8p~!)xt32ZRq&s9$)+>$o72*2tuMT0>(0cp>T@f~&1oFrU}SuJ
zHVxtoqXghTefy;&%_n2F?oM~)Z>pZL$$O`KUnP5vcKC?LT>rkN0dSbxU+<8rcGv>7
zYq8Wb0E7mHh7YfCz`Kb~O(^=bljz{@K<BY^{dpU{h<eJKe`6_Il_lgJcMR<>d&izy
z=)p60bnfO$%F$O5N2R5wZJp*W1AK+$0tAHo1`3(ajxT)ktG(5DXc@jg$rI`6>46O3
z>-hM}_*iVnm|k|`afM29+VeV6W$lnqgtUjr_?LD@rrt)~hB6gShI-tOP1Pn6=*Iwp
zQz)SyQyLwb#8GK$yB8j~y~9gAN@BGgC-+`TTJY@Iv(2}UbB<u5Hvjl-#R0v8nvkFB
z?wH<-jzCfUSZ!ThrzTxp-SwY0YR6BV_{Rk2=p2n+L8`4ys$EuphYudWEo3+(9C6@;
zjg-levSH|4nWf<IYG($G!Bw`X7fU@hD)F3Ca>${>xg7QIAri~L%mh36%o?Ju3vQGB
zoNc+h7$IV`?4p^bDx2KP=~CA7SnpLs<h@J3r^XGE!M?0NKu+SXrW2dmpBi9qeGAT?
zFoxBz-GIE_vy4V;;>zJY-&wxkI3Yj)0xU=3->>{hrp?b~Zf%qHvj6n0uhDFYc{^Qm
zvl2eN6T-j=w%WgxCpH%&U(HnvEgwDt%RGKd9JOg4bPO3#UK7sTdneX!k8b{cf!5l?
za4tw`&3b+b_bgGAgEP=U+N82_fcWc-ZEwfsO|LgQgIXj{_ncnwbZ?^RApf^eS(L&f
z@4REwHZ!HxW&EVAt?f$)1#fGmcvKC8f!gr8$wkBVb?jPCgcDrTK(Yx&UUi*y<c8{`
zrWg0%>LegcsydE+3~-#80W~0yQqzr@OWx~?O`ko69B{Tq1O$+w(&85xLu8!{?o)!r
zg)HIwc;pGdr=%zXR8+|Eb|CCP(u)u$CnriAQgW(;z>C4nTt);e3eSdVw+niDCmkKd
z^YTi-HRa{yEvymgrcz*;NkFM7UcJf>2Vc8byqdNJ&~iuuf}#3@E^UQM*TA58-(zoO
z-0HXtGRn(ia2sR)AM;&*S@UKcmOBVD2~-G*8d;AY?SEP|;}71Bk7p;q+N0k<k9UDV
zk|%3KkOp#=>%Y6Ye5oV-_j``E?oHq}@CxZj0nyb(g-*E3!HzBBbVdpuT)Ww?UU6tM
z@0XCs28RTaHaazRM;&7PPD9`P{P_dFt+i387_h8K{~|t@I5_*CUttP2*75p@vJHO}
zkqD7>E+tQv5(t8YrRA^trt1OtXjmG4gf%-5_44rX&x~pEyEKmxOf<ZV+9;dRTX4vF
zh-L_bP{beGXG~%{7!DN;!cw8OY@A(@L>M7F#At>iCobsf-Vtp9wMk+{k=!@?9pE@<
zU1%5586wW7%AE!?gUwFxMtBZ@u26QN(a|w9Z29sg5RBnocnQ|#Yk8`M3+)<=#M$tR
zku)+(+Aupi>wfj)>(_Gf)o5CrK@rGTLlp|r1I<ceA}66$K7E>0d1DNWgZlaN*_D-?
z(H~SbG@51TW#~s=Qym}6>jztaXWfF59Ly83-M|t}Puj59LW@ttUJ}JPo(KpXh+^^$
z%0od8Ass^ox_Rs*ArS3wUqVcYK3{HYeTmRa;2+>Y5KYF~pZQaa6a>4E1@Rsl3^+Kg
z<_61i@|r;-+=7m>ztoC>afZFjCjuQ2E~+nKG(->}UK<F1syehY;E^DTc#hReg4+u`
zO=oqfH>4-K6};mi*|?yia~fHk5IGRWD||Rr?Qc$gYg}StVyKsx)vkbJ`HZbagp*(!
zZY2DKtO&Nji(4bz-GnX*EdvN5kb;EY06Yb1&?`rh^h+$Z<M8`Oq{o{fXM;r4<aIo9
z8eCxkA_3*sN`z}Ka+lw@jJg^+;Z>M*H60uZeg?^{%Q;XT!o~sTi=y??0N1h+Cl?oy
z`a;B<KxAaKGSlN(om*Hq0V~MU^mI~c2cLgKqnq!DhU3-sYz2Qq1Xk}mmyA3%EcBaD
z9uW!FTT3Ul8Xy8nr|m=r<pO>~Eb98jdRmDEWU<Vip@-z?8-ylSWA%3k5yST)zl{U8
z75(8kaYYA}n3Qx2n)PEIKiF~A6a69~>``L8T;nZsUVeqysd|N#Ah-u={Z0_F527@`
zg-3D|LeyLT&Zqyv6oLQE2$;^sW`s}U0Vw#6&Q4{dqHuT4!GSXVqIN@!;EwTp55t;3
zrMww1ivFBc^m5(2-<H=V8eFpEQe&bgqb_SE5Zs8}GW7_iqYSFwYcoU->j7#sh@Yb2
z#zPCx7RqwqCAdPUc`aesz{`JT1x!~RDzgMch50@Pz}MB?{gx=BK#!3SJ08wh4g$-;
z%EWt#Mrb$uAcWcqiKhbc@+lxmiT8)Sh0^GsXi0uP9T;M5*3(h%VO0U_;{E-A=@?)R
zNb3#~uz~#mS&-$^D1qrr8yHitd(md8sv3Yd1vSD%z5O%JJJ90;kV#`LA^rjNFGxKG
zpv1VrfvEtB^*kOWK-iMd%0o9qLhK{-?|Yv0Xdq-6h2AFvU0o2y%N*Bm2m=*ILc~1;
ziZCa&vKGhfXv>fBgO%Cy^#>esxS}|rA<KWvR#Q_3#S1J=P(d@f2+?~A;e6#qgNzM`
zjFfnU2(7HF{Oip^gF5{D5F<5E1r<=$<4uuP|C6NnE(G%MQj^isgJLJeMUo(MU5G%Z
zur9AbLlvB%jtv5KZUS*DR(R-yZxfiq1swT!wveoP|EU^%3OV12^)ZICIMxwaP>h@)
zTy{67((j>J#+F8P;<oJ%0W_Je4fe4gb=+;&o39jmjW~7~d>6>^;sEs$3lb-+HiNn^
zmId*_7<cVzz(GswL<GK{0DiFhn6p1j0PSEQA)czocEOni=^FdJ2GV4&;cncQ#{+nu
zBT5Q47=f~=si^@r*^c*n$gZcq+>Q-4fiRvEskpD;pSlMw8aD{iA`A_aOt#O?%n-i>
z$;`k2&}eBmIu<JAl^YZgF&hMu;!y>Z3A+i>R9tSy2!BqLz?kbRc6rakIO!&F1~Id;
zmU#Vfga+^f#EgT(G=~xG<nuPS^;lCFM+1WD(PR)iCoC+CI`9c}W_zj0uth->;)axQ
z`ATsnPW&1qOE~dhbD*sQ-h}?}&EyiH)oA%{j!giv`0UZ<&QAKHl^6a)-Jtfw^@lSI
zT{7-(`vJ+{^P@$RML9X@wU*$*MU5*T;lMz$NZT*Rr{Vu@{ODIg>`z`E0itZ<@m936
zBbI0-UoRvoH_%7p+#~EWh&vsfKYH=CJo8+2p=qs&X<YZ<436zr0Lqvs`0Ar$Dkz>9
z&pID-i+jo_`2(mR_5*^G+3)Vy(~Lgy=_$xy7hxB;FWQ2Q0FdtXgW)<z6p1?xFc;2h
zye8Pe_M+Lv9wKVp^`x^xSPu|Pym5RXb)}x-qoov@pNNA8jo@DiU>uxIvw4P%axkeC
zcPPnopEVDJgCd`hj?rLe^M?;tfTyC?!L<w>U*1UDCo5Squ!GbPtP3AFa1{~bL_Wwd
zDZ`%4#Ir)EV2ONR06Qq-QQ~0eKu6!NFJW8<Pe%dwCA6x_%xYO@6FLjOUwhe8DB41Z
zWpL(1CndF@u+e6wgbNQl76&TSs^rw$XNYzY*p(XlF6(JF78X8gGFTt#@%|vTu(cHd
zIzwm|u{)`+P^J&qpoIJxd(JQuG66zai90h4lA38-`_h4r0hF|EEno0|4`B^``Dm?I
z+D!kVrni~P;Yv>KdldTTvUTSB;mkp8{~1DO;{L;;o9Q@O4@by1tVWz*&r#ukF8l6U
z4BlDjY<$`_3vn?qK|Fqxj@8kxVq;%Y^|5L*=R)9tZ$yaRuz=9j;*%1ZSiDEwOIvm;
zA_hwxBe7M^b~joJc|RX}j(kfr%ebA0n0FkUO@NGJHwWE2^cu$84-M9d4}Q^Rq|hrg
z`T#ZItHpO*fD^*3Wjm%R$w-aKzx`Qrj|-gJes<1xQc_tmC|8LBJF}9J`bESp3MHNp
znt(bSGs`}Ah-7q>1B5PuEo+QL5^hgy{u(3?&Nkud$S5K=D9|IpdXH=vLwXKSKqxN-
zB_tvV;0lYL;L%mJAp}2&wY0fDdEz=)GVIRWqlpV^wvVO9Q}8ygmKzXu5kkHN-5qvX
z#;JmKPW#iRL%0i+52&EO!-=^~namrdMCJ2pd|}iim^^?Gq*i$KULuMHi~sPEBV<!v
z{+V1BZmE<?W`tIDx@#MCcv|^DHsou=j*f^Mt8g4{hA}d4Qa<^-!fFu8OWbSWLv!zJ
z%S$Xi>?CGZK=P^8^C0sMN=>!P)c3YsIWm=yuU~o>+r<|yznLZ+u73wU`JM!Efo%%}
z`8s5Vuqa<fSUh?^Px+1+-ZZbO(2<c0hj9%}%|^@8u|I1ZGOhytj_tb~_djDYna8ap
z9!Fa{TJ%`r^iB)_!D2vf&<`g+BvJXMwW%m(p=MGsG2teP7Od~ey1VTp1K(X?T?J4<
zXg7&30G*KzJamB7v5_8d-xBhcHN3fcyq-OPa|&0A9CzfVK2Q>zOpr<b=f}c5hOn*_
zpjuK08Yg1pe^&o70Thfny2<{?tmUu46^yrtjb-&=K91`b>zgn)_Ltf0BDfPMzpXIv
zf~0bWNqLd(5?Y9&dllv7(_}8V(FkvAZ?B%bh}vJDaw;Oh8=A}WMn=hw#g}kp#flk1
zoy1gsQJWb`+9q@t1FvtD{-n#StV|^61vHu^*e(dFBF42qhDk60#5cu#Ds(Pc-O!MW
z`0;Op!D8tyHXkT@4s%$l-{vjjf+u*w{1<KUB+<$99;QY35>uw{+`u_}BG4-{^#(0|
zX!nVSu>N-uy}&_)v*F}Qki14?>b-c!(c;_U&E>Tqt{BR|H^Fio%c6uW1D70G&`he(
zGFk}&&jg>53Gq}dmOtU<s$?nbJxW-*a6|tJ<XQK}Pr}S28wZE*er3psQGno(JP3Y)
z$n8T**hbVzCbzz`;NasAl1!WT>7j~%E;|$V2da&WFYd!gfY%2765L=^u=_w>ocaZt
zS!91+M}w<lY~1R%-sHD{nDx%jpY#7*11yOvp4;okA#~BI5az-rHD0?pTT8^e{9Ssy
z^^t&`h>0S+jKR-qUosBfSafO^V?XXT)rwm`6H53z0u61qWKA4vg{|%+q`A<$Pj>&Y
zYa+i*Ld+XMDQ`|*8k+_50M~U~3*wf<p-#m4GdrYG=3kBS=W>DG@JD%eI{3WKn3$wG
z?w@f!hJi!rkO9oh*rG&2pboS)rlwX11r$I-1-Ju%OR5Rnf`p$F7$Z^FT)vzWSA=xg
zqt-MMrqJ*P@Dh#k@LWa(tCZ)mHRNr3EiECu!(N{;Btw4%Ej?hguFs!8B2f+9YX(Rc
zNQBW3t>|ZWO~1v~!v_%+eS)(E_gH6tKP3AqFOiYIx4W`Lv<rus&)q@}*+z(|_}8({
zhL1f#m@?WQ!1`*iJP^m?;v-8&bIAmDS&#h9*OW@_E!Z6=@##>hz$;L?*GbX(qJs06
zx?pv#4(m^^(LbUvKZFJ5<5gdtI$-+=M@e`ydcd<$0@ancodV&y*omM(x8ZP_labtF
zj{VP-#KgsY>&%OvgtH$~Zf$Pf3Car=VeAn|UES_c<4Hidxv>ZD>H)ELA$rA@c#qrs
z!^e+r?T<tQsm2_EW$Aa2ao~Ex*crtr0bJ!cPl&+?=sWS&K+dN@kVizM!F!6<4HDN;
zb4$sD2LeRl4E<hkqd6a522cSV0|QiG;s6neB@Sfrf2@QVwjTfmDP+f@Cxwj40{?*6
zq$oWJ8$`8(AfgZOvQUL+pppV6NXH==1P=`s;ai|Y?wKmu%p6DT*|D@_>^Q!cNin-a
zZJfbN?H<5;5&dgvy3|PN8<wwd%&*N8_n!||K8vnyk0Ngx3KrmPD3DgLtYa!~%$wlv
zb+wtx`4M+~Z#477fl$}p;)u2reSa3l$8O1*dQP^CKlPp$*3^&vB;vIEXUa}uLf_<E
z&CpswwOsOS|DCKMra>>%?eYK6$mM{{VrnX4G2k8=9PGwLG3fP4{!b1Pkw#ld5F!1=
zUFOP7I9dgX$sAsjpv$^ZLyF*2m54rG`J6HPwQ-qca;>`B(>J}(_~UAv>+8&`Y@G_|
zzQ2J^$c0X2mGEZyytynTeT-pD{7r^@dd?N82MgE5ndcI%8TdQwf^D}+?OBntegFH{
zjhfMhmX6dHPk;a7OpW~gi!0UAjYC$%(CZdmcJ-Pn&wcT(r?2?~Q%|`K(-%o71{v1;
zrVB4yYWw5$_r}~~57ESk!m0;rWql*ZZMnuKZ#;VU>X)lHA@p=9q+!|^TCI6;V_muJ
z)dM^6<^DULGc&zXX8+KNHQjmQ$2Tf5amz^k_~dbq{qu{;$9D$)RPj3LIp?D=TGGDi
zTid=Qu~K<`!?*D2T+FLXuTy>}E*V0A#IW!4>dV`2Vg$VJM;;oIemQao{|sjBcAQnR
z!AFk2F1)v?adFCV2{kSlLhy!DhCy_6g_nT;lXnDJ;<`f<jq^c#uXnuCBtLap9^*w7
zKQ&U-L(8vZ(`63LcV$O9hTGE((iNWi@An)z_6gHk;G}o=@StmZ^G4)^W6{}jiGc!>
ztDoj)l0T(2*QI5f13eDzO~144n{=4^-VV|0x+`bDEZMDw324`SkCk!FxSiEY!g@$C
zgFn{nxmQiLvz?Pl8mCbt0Pbx&9ofwpLwY;B<haqnV>L4=JuK4YW~2}}{nkA8d7|#w
zs36|pVDmq0s>AYIR8(;RkXjTTID7?ec|GECB041ozrQNXY9R|0ZgaoLZC^;qOHSnx
zWGtYmnD)Uz5mFl7x`8($;w-JML+uL5;lv+t2A4LLBaXKl9(s62?8LPreMW_&&i+V?
zWvTuR!2y$?^!tsBPv)+o#Gc*xpH`pAB;q)^5(#PMRmqo<AiI_-(9I`7Vb$K-+iRqw
z6WtG%479Kea-swq^Li{ZKso{C!M#O)dvFKnkC)=xZ#ebdx<#U|y<J!-;O_1CH{bcQ
zva=-!xCr;tzY0NJ-9Usx$=zJ|A}E+gnRgi-B5*=f_E5Xdq24DCJXbHU{mDLqkm96Z
zcXrK=FTYTrX#!&n=PNUzF%x38)w$E6bGy5zM=i+maPV8}H&lIs#&5=|TK7sGl=$i9
zdtCYel{|%hY=QrNMrw6s3(DGWoUGIo%kfWBhAk^4|6^$us&f-#X78vTy)E^oygWW{
z(4?)fm%1t-@sdi5TA!yf)$qfGn`M`5pY^@UsAf-o13~Jcv9>++d*rOcwHSkFcRm?>
z<u9%(-H=)+tj^c@LD6b#Wt+^+43-y{_>Q)oD`H+-m5_uECyKp(`S{5spU{l{pTZS@
z_5k+5uwLe2<uX=G)6g{tvlp6nD+Dv(r2Cd{C($$19@9UXWh{#dh`5?@QTeyIIP)D4
zk=9g5G$0pvXR;YfNlqTv)<AqHh<3D@WsodFILlEMKI>`5IZ2So($dm|EaGg^5zWUg
zwn4NV&Ps#0!a$;(#yl{$rb%ZPrLyu*bH;2wBaInPK^6YT{9J$8ORfB#`h#dlu(9)R
zM>8|$G4{=g!mEe*@YeSuE%a?)&2MQS`R@?FMoe3Sq@(Mo*S%*BV_}JI$f|galG^iP
zBC5+wVH$+B90eWS{>ee2(&tpbVY!WkPh&Pl=MtoQDnwg^Lo<qIJ*e((ds5hnkm0tW
zQwqP{^S@JnUl*Ui8ANdnO&5N%8LXCQB4S}0(=suM5N#oW7XelaLbwgC=?VgLLF@m5
zgCBrafN<#l2|?Q1+v~s+Fj%%F6O#gg+kshuJB0m&uN)jycoA6EchQ$Ge0c-3k+1?l
zO#$Np;#=sTokO<_67&inpUVZk2eKx@^&D<Ax*G>R!>RuHs{8R2g3Oh$YpQ|paR~kI
z1{y&7=P;ZeL$r<|FXMB}vdiK40xBZCzrFnns#i;0-RiB4(XF}Z*E`wWSfE5AB|#lU
zNI$^5LKi{|YV((>k&E0Td$(!)3ffY_Ekw-3Lj!@j<TR=sC})toh3|nj8b|}d*8(fT
z%LaV$3keGgsBKA}1IID(nv=#IPP7@ly}!VwLo)&l>)X-VReD184@!tY7XXe--KtL3
zf8ycr_v5l_*X!NNlAjsB^(7KTC7G7)${04k&EO&;g^yj+-_%i2QE8i=zu_sDT8sRz
ztwg*P3DR>Z$ECX`m#Rfuer@S8e}4r}j9>P34Hp+{ccaqIxN98xvF_t4b1w?bzmE(b
zgfcio7@%!E0E{}6jqlKGp=?YqDA2sIso?re9p*TKaR9giB%CO<2@DaX0)mk`YyJH2
zusMK4p=sb}q+TGbEKuDz!!uY4NC6G=_~JrLk@p>t91mk-@Al0;MKJ`JfheZ&Q(q$M
zFaZ=dp_@VBSNHuBZ$sY=O`%;t3Hka9r4zRa3@rG&wW1VfA-$-(hjzIq;(mrT3&q$D
zCB~0P|7z3LUGekp$q=p)q*m^l?)pbUS$E?0c?zYQu4ucil5l%3yb<rqzB_c(+TA!x
z0R1>9#=iD4t5RYw*_x1F)Fl#Yihxz(3qjqvGR{eu(XjLgkOOava14;F`})1D;6$58
zdnT^sPOD{C7v4CNi{73cr&PJi+%e?s9{OhBkF|HWq>LT)DV4qe_#}uW)LVz35;=EB
z8S<shT@G(KxgQkDTuJpFyr|n#o0G0FN=8Al?F-&*Ci<oEx{|KR;JQuxt$ST1-rSa7
z0Ivlpwv>mAw8~3=X0?aFAkqAy9i<1t3)~*AQSK{oX4GBxn{fI<<&>8PR)aiEm?laf
zJx|29mWKeYqvGP4(29VEkU%#>0vO5T=jRV7W#51NNTFQMNK}&qR*Ke55+x}rByv=R
z4+IFvZ!GbwHuHuFNE)<OD+XeImjaxx7-(z1!B>>kj5lcAOTJ`I+Cbh}E_8MmU&Z)-
zbqaF=q5g?jyWcGVy!OOjpG67CFCi%|mBd?d8s`hQwr)9{)(?+0FA|B`^%7+^bhpEt
zemJv05U}gVf{Rd$y@pN`GBF_rxdjq%VlyRP4OPdD&k0^}o@?iX%$^SWrqa19D0JAd
zkMakKJ3@q5yV~l6>kV!oE`PKT=vn+Wmmb?#Tl1n_0m%bw9L{TEHXI5;e}V`kAsljq
zwHoc=@@s%S?awYr$eRKV`uFj$jEw#$gQsANuVD3Cqa7mbzhC#o=e$WEd+t1@tP~}{
zqIFR>h6EKj&n4XzZY4$y7B&6N0w<pq0qOwDeEg5IDr1maWYdzSKe(sb>kW+MfkNsG
zyN@XX5r#9J$b&|Gnn-vT*D-Pr0EVRB=6Z0sPT>89_ym(CYeQwC;D$)cU;R=5D9H71
z`%Wl<QCXR7g1Cyw#pfWq04jZ+jj2=ril00YfHAcwTiW}tGqEyU;IHytN*e7xLH_R+
z)De;iH@`hRwe0oTbGCqK^7kX{(lOH9CF)U+r+KzV>WDh{)%8iT;0$3Z5<(76e!!mv
zweA3hzc?~cD6vpnF;r7)d`vR&F`<;_CiBgaX*Um<{ZGmX+vr2+&W_eBh6j&INlM-X
zw@P?wLBs4rH~sUlY{1VjzOzMF>nW|46}0Axj^y<ysC@gqbI!m)UPx|u;c(e(ncraX
zf?e6+`X&BQ^Qy_;L3bT*D$dBsai3pUZtA<eiVq?~^#f=3`JB8;u|tPkwy=&)l1Ec0
zUCz$4g(0FCYmKB?S9i`2*TPu}`@B3~L*1Tmk_=&wflv_27%#A`jXQpD&I6V$msdti
zwOmHWQi{eUrw-Sjn#>SB>D{+!ds1o8N>iHiXYD0sHG$Kel-Jx0#`;q19$UF3%KMzp
zAs!ck47JW}`4}<=f!E(d`I*+9O>Hq9fVyyA9@T9!UETSMy5$sqk#gU-Ux_h-#0z(g
zv2G7X5M8t{h1rp$z&)Q!x`089V}9ICxzy5p4?8<M&{(~3?w%T4Rk5IT$Ws<N^0Fpg
z?c8*(+S@@^ReDg4*IfbB9?R&z-WMZCHLi#=^?gP8#p=Xb!UDo-J$F5y<{JHb(ukMQ
z*^cZlgqZ^s$O3jE6;fh+1XtWEQr}<EkEv_dhUW{LTas5z!@mxl(0DDNR6wta@jm?}
z*Jz0|5BkVD4zW+*ehIrhVr%6~s!eH8p*K*Eo~N>^`YOxTA+$U;ZJg`v{^UYUFV35x
zxn8kI`tshD77Y6hLUQ*}MQd3)f<d~26>nO^h$MCmDPnEC1@A`%*83Tm!<fzM^<ORZ
zxc^$8>4l7JYMU=)HT5NZExkuI`u9Y|{hfJ(ogoclUod<s()nXrIbqs=h!)Kif;*rp
zVZWWXqo}{f^z)G-ztICV+QO;U&jy^Rx$ZUG9<Z+wxZRh!5ca#ki*Nd5_VuS<Glc{N
z54lZg;rhDW7Q#tRR5^7Z+PL^+>M3oGp;!5#6>O}jbbM}~;Vzbe=#n3QuI?cDyqp<s
zdB#3*ee;u-X}f&Gkk(&beHFvdRX|99#YM0gttcxF9y<Y3!WC<Jum_~bAJfy*3*!GX
zr8%%ix&#j%*C8EH^EQq*-;J6w@9Ycu9ew2JQ6wN_a~(0ZPRN+Qo}M}Rn_?9_8gP$J
z*|0XoEPOo1IT@PZ!puD>JQqoI)uJc@lw#6CNyzfdc9PoOx!t+JGQ2ca(c4`A^<Hb}
z&IRV%|GtJt7Tz*`@KHi^tw`IH%zN&<$)d7lZpX<xd+75D^q%o4N|3|T!COx`L0t8T
z(sqAaoqRLrJM5iK=J<?&ti-7ZzdWfknAzb&DrISNIoD@}&m)mk2xD6z-2(Yav<`&#
z(oM;SFW@607hvp$hVS@mt5d7gCkow#6AzRxec!Tmt@cv1b$Z~zXK>$njQ39Kj}(tx
zmfCuhJ@=&B`)L;b1#H_8y}2L~_e~^|%8v3w_j$>IO}~Npn#p&k`d$mFPmI<s`q@jf
zxxNx@K{=?f`fb<9&2f5EUGDdUo!_0zC@$_`%!+%n(ih-$&|q6B-~%*SFy|A}0&qb5
z)MTL<Qvs^Fx)%DqV%OLtO!Au!fq(+KwSik4IcI&cM;)p=?2n8)A6s66#D|d@nINFq
zV4={_*+o#VIGbUQ-32KjREOD3J6Y5o0uoi#?jEM~tj3RfoT?BMv_{n3ew&kidqejE
zMKU`GY}0yLL`dl5yhZtIND+WqEps@Z;$Lnvs47oXqxu~|x$<wtzk8&VAy4G1%t%N^
zkY&cK$I%71M&Aox3xq>8wCFqgk9B@Mvqv?Yc`0&#<YvCUV$4*H!XXOfTQ72z)M7Ur
zbr0*)cBlQyO#AxSYdq7AHFx1h=!r0S-$K>0H@0vcL#o|izr&${hQ~}Kv>r{O*JqQT
zb|G*y@j}zmXdwwBt^LTY$vsfB1@+i|Cm3e{P=xFUpd|!6wFJr^!E>Sw(FO=gu^`A?
z5R~|xi{QeE;lUtzP<>gVRYJ-QMv*81(}e~LX=;b?Taks<@auaEN@PnQM|3<2$xgmY
zNkoMU(2NNG#Gm^PGZFqG-0DML?WQ|2O>Ti6Cko8~UT5Uw5cwfUNF!dx|7bmEci52v
zi%;_ng|!7_JpWNOxIJNff;OAum@}^_X4ZmBUH{5f%Zo`dd3ho~5uXiubm*EGvu^9g
zL+6cx<dY1J=cNB0Gx{#ncEwyvNjSo>iZi&2AwRwG(_IP94;sbe48qg_>h|^lX2tp}
z_Xm<4<mIh@R51K@tJaDk*{nE8A}zf3+P~5K{;c3Oxf4p;ms5WA4>}dy%zFKBhen>*
z5~00~i|ZSkgWf02OG%3EfjBp@@kCi^(O>}ac0pJKNXZtiwUa+0|GyRhnI!1m*$<le
zb9-!WI~)rhj~E0;BwnIvI_=_8tYCK^g8kwq?yErAh-V3Gj|jE`^Lbuwk%EwdA~&R0
zx5(YyT@I}qY{W#*iX_H1G)XFu6(RR|7w}%Zv34|PNX&%#bqrE0qVC8lEQ~;#2=??9
z_P4sGCXpct4^$M!xi5i)|3%0oFu#_Hi2dFk+0-!a`$rZWC&&u{4D4XSfCE_ox&%Z>
zM2gSv&ggl~W=HKVz3?w^_puI*q)UAJTF>>mPmu0^-7w-)me6d#kh@(kYFvz|w9C5e
zMoiq#FG*dlA(4l6(cL{P1edB7&KtqT#Kn+P7)+&g?ZEI2OBzOs3;z2_gzk3<tquRJ
zZsp0$qm6DFUKpH}qAc*9i`7{wuSP71$B+IuurLwBxdOF>LzPh=A>6$Ga_c3x8+&fM
zaTCWi-a|3+K=BQ5Y!Lqk6a?J9&av(7yTuf9_&YCVC02S63<*dEA`pY5X8qS0w0gMw
z6}6c`6EUhW>BsID7l(9*gId3(x4RpHP1c7Mu{Drgg91eB%MM)vR7toefRGVMnil$5
zxw+eMN5Ks;yE0RJiWIpx9|02FZs#?JZhN<aH@iPtN<wPo7UNO&<<T_`oL5kq3QYZd
z%6mYh{O&dZ5*!p3LPMt`N~fBRd+v*3mpmf!A#yx-p84L!-lfq`uf?1cUaM(*>-YP(
zHQ7tw$2)r|g=_0m-tIT{GD6flNgsR3kQL<!HJv!&>v`G#gvrh0X!t;XEde+sG^fY|
zU9N^sgNTZjKOW6@R^q?)i@F)SZaQ>_xY7W2H6x6s9;GWyP*B7XDIAYjvOe;H>~u3!
zGMtH|7kC-l8?pxMj}UDhVwq5qdpbKg6kJrPimc$yEa(cF?3s2u8RV*?8{@YzYf5z2
z#Du0F!&Pxa@!;9e`@4+{7WfSVe<1#VUNS~yy|=9YdT`FoL(@dep8ZmH`?KHHhH$8>
z-fGbi+?rY&*7l3L9t6Tss%*g2Hg!N&^6;+nv=?P^QY$86oU1l&S|p{Z7r)HU>@qv>
z!rL#MKmM?W!tA?Y62UJl7d#pM^zAl^-t%bV0EN;zZN~Cgs8zE8spIOZZ`ZckA2&uy
zYz}$d2djnVrVYDq6@QHo4kc(l;+-`&!$X2m0qz5W4+|p*|0s9lJvdDyfkB{J&*m{j
z0xH2=K|Gglw7NAYyR;yZx3*Q=_VKgWD}7!HWokp=_l3b)`rRTI3s^e_dA?Cyq<9u!
z&T_v>&+wU^l94mHSipn(XVhkY70?=}70_O$7<jm6`vafamXE6&E>dwxjLOt!$ddb(
zzMZz5NKSZlRB9>plg#7qI>gKr#P48)nNzoy1g`U=qu$ZrDseIxrA@TwIJ6ogKMPW5
zbU@U1l)(!`r=(OrW;4qVhOQM(8F>(kASe(@j-@Gs;g`2CtSCYDhB(wa(ED{}X>vhN
z^d3;uUl<Mcjxoflfv<0OPl3n86;!1Zkc3pPpE6G#K~;e0nHC%$Rh&&lJ_^M!aTeS5
z<Q=zr!F}f31f6=x;9}krxsUH2w^$F?-)Tv|bY6g`|9DBCU1DACfP^~JytQ%k1@&F6
zd35A%ow1aut3!V+FR{*P{hc#CB1ZdY!uVguRq_@R@zoYRl^grw?>pKJq{UIJ-RTsU
z>POfsTD4b@o?_k;_<3TY7Ang(^hZA{;-*S^A~3dybnRWih<`);r>do;rJMT2uEPj9
zx_5=07<-RI0i5e~30A2gjATW9v~@(%24rJ410{k8ww`_(cQV=>%8-Xdra2!4VgG=*
zjNqM7K~e449XvFbg`--V!Pp<QgWSxIgHX5;bADW1B>{06c`r6XPz|z{I8a;SB(m{~
zlRXA)fR`Cm*q;WlPV~2s5F*wF39ayNnIqm4{}v&XpNJial?Jed9^HWqwsm~g2XyI#
z6Jp1@;t{$)d<g0Mp52U0SHd=Ua<-ZjMye&Gs3}e<yfi*D8^dS%^6c)|rw;d@$Om9b
z#wn;<?q126-#Dmc?nwqk%6s5?^xb7;<}J_M=LTbtY1cbtCCilpQB}uxsZVlJ|85`v
zGE;f~(<hJ*bbM6$T?vp9#@BmOF5BoinTKN$frfB+MhCxl99F6?Kzbs0kFEFE<3Yip
znd3iix2g24a88<-u0NA^8-A2Sr~dG~pQ|4^{rH^M;8BsIMSD)!-k-uZBnk!M(gUjp
z8y=B`f=8<kJxk!#S{7+-d|IZYWCcA{+igvKtO=E0#qIW07CkGdHoDaAGq>r!-Oy*v
z_Pq>uzLQR4<dH|w^5jt)PMH0uX8xL7#VK_wdwkDO(hXn{IQtR3MdXxE^%ihJ4VMY*
zyQ89F>d53;)~k%S%h<EplU&yvwDV?#a;s}<qO9EKGJm_yZLYNXNn32W7dWYpPOK{)
z8<651xJW4$+M@DsK5ccgD#8oL#Z-6hE+T&k`ii&HVK>hWNu+s@u?ap2AOBVz$Py|v
zVe!e|LY9{$mU4A^(seNFWk-^e!`wLQTB8R}zK&_OmJ$T$OPkcqef!<&qneEmbkXI4
zdG?+#`WH5dOJAO}`djR}mG(IQ@#fUkdp<rmVF}eWxa=R71e*_QLIVo`1vQ*Xhz-A%
zdET+y=RAzYm2P8s&kBi9LdC9&;WET07vA<H^S+ORm4$^f%0?^%br6aeo*3deos{(f
zr?n}-B9fSM&krFUKlx(6%H`r)8c8BqKk)^g?0yhI?-6DL7zfTY62j+&4dH@n@6-@}
zM!|<uwh>m3wo1P~spqaK5xwtxEX*cRdZwED%tfjv)VfOdzn1VevmZbHR>&c^wbdAz
zBPeJ|35g-fTmeBf8oC_55tUQ=S)tLPJ_FawJmq5}SwzS$gppr35b3ITJoN2xE@GXb
zbCCqCc~0g#v+w4r6%kB|*V^rE!%r+1GltfnhA~do*esh4gVZCx4_eu~d>N$X`@J+%
z>c{iZrinFousFM-;k*xPTH&nwL`S*kvy)M4fhkTZkv8`_-uBAs?)G{_-q|7e+oWXv
z3dYxC_>}cfg&3mgo>+ZKCB$a8esNQ2oQ=F{pI%IBJtP=op6he9zomTFr#>}%(>0+k
zcb{6h*V|_8wuT?5{wiLID^4)vl+3;*5OFJCo8tlThrg>~12XvFLMJ-yDd`i?MgtnU
z$WI!Y;UauUK4SYFWi)WbZqpZ((;1P|rTy%AUS237T2ep_%v&W)K$LWI@hiFBH^_67
zueZryB$jP$nDD6g5<TXB=%j?qK`DT@M8|nJ=bhXW#sDPf5CKD2t2>0>;Vk2ol9KW~
zyY>g&<K-IfTPXo-JMQ7s8UxP&?R)Pr%VWEV#3_ROeRqVb;UKYVKo8sORMO>mu(vh_
z-=T3w_$pM8`eoKk1dlXg#mJ#)0Qo#2l_f?&w!2CDMp`|J=WYsWxB?@~e<LP<m}i<J
zU=91dgNCsjz$gPmEEl?0-@U7#kmqKQ_gp59S#8o1^2!q^nQ>!PZ-^QqZ4V*o8TZ9Q
zC*IxhIeHD}8I&cD{WfI`PLv(N2X_yhhB7u@-peC}%miHwR1ECEKYh(@6NLy8$JA#<
z_i%-Hg%grG@g40X54p1kl*Kyk{JLA<U5fX}>mwE9QO*8tZUkfwzXJetRw&t^@XY*k
z2C4Fdln7DcX%MqZf7N24R|%PRK@1|2lG}lupOatd=8Uz$pIz2<?pdiR&Q1)WwwozG
zJNNc?@eWxMA_f>;`HDf7yUcG~3mB6(i+@?-;^DXUCpSB_8FPmXi>?`5T0urP5l%hb
zS2XGyo9j@GWTE-K`O9Oj*2_QQwK9FJt_yl_4^22v_9aG>cLE7616-v#S^-VoUT(j2
zm+eHy2dBRplqYwunCZu^!zsc?`Yw`3;>ja(phB*g+SBTJ6Co9@z4}%i1%^jWZjMnF
z0@{H-fJQac0-2&v^PNGf*z>>%r-|q8tL#)*gur2w(Ao6b823n94d&?{z_=Or_KhaJ
z$mcxCguM?(8T|~GtRDyb#=%VdJEr4*Yq>xvK0Q*s#>b=6w_@$k8@OWkUT&eIu0)F0
zrqxi(jy7A6U+vYbh--Vi&(U)7PDuRn2?W&~{L{`l)(ij5CfbzfF~g_+M+|c#bH&^v
z$SSqHa1JCoq-AB<V0j@%$P}Yu06<F;Vbm&j>ELCchc;0r@vW-<(|afd#*_Q+C5TLU
zdArD6Qw%LXD|Wg&pe$eg%Fl-43rT~dHi&z6iM=LxF6oHa9|)~kA&!28Lsd+)g+{{Y
z<#RXiMj^4+%9)g{W3SmHX3gn8H&gO0e*o!gC8-+0UZo1Hvu}IrtAHK^*3#{DxGf22
zkWdceBO~q~_hp@g?;@?V>7e?f_*AoQ?o^rfb|aOX1BWNH*0`OT<YK$yNOSonN7_H#
zd@?vN+7bJ>g*qWhe0uR1UBSE6-kRQ-(M#Xvvpf_fHJ5hty}gQlgaMI`zgA|Jk|=(V
zOeAK>>{vLxzm{As%ch3*H8#_fl(c5mF5w3kg#LNg6jhtdhhfX{=q>)_50{@IJQ-*P
z7;i0ZHcI%uAz*i02bG18uFwcSD=QY3nxJTi5WFv@rZ?*9bHZb2u$JNJ{G!Llt06gU
z{uWc5clD$w@Og)s=SV`E8`fXG3M#t9w$RlkSwFGq?#8g}(<|5;Lmd3=hd%kcA<wOU
z-+;2l0Lx1sJk5f<KKEV978kdMY5Oy61_SFF>YDJtIh2D3E;O@X#23bHy?j*i5+-xX
zFNoQ)KN4yoyOiSEyuafK-S6WqCCIhpN5EQ3$&B~@3y0~hC5SL<2G0eRzBoqxs3YqR
zms7HmzFNF7rLHuOt+M|kYXkQ^-6}ShI4m#ujt`yQ-w~8%e1PHHJ;go>wQGE#%_{bz
zhNt6}Z+7a)^_S8WXVR4Ow5)OWr_l=MQWsyb8aO2JMo(Aw+LjH86M1~rt!)eYcrR~|
zGm?3TAvS>F`L?>rr41%w_!7pddmJiAO%>1san@nLT~at_V`%mqkJi=xn!%Rp-)CaJ
zw&Rl4I?Qz8<iu{VGbL5eLtlR-;f}j~v@NYn^6j9*)A-(+F|De|bXqy_lpq!BOL|O&
zwJB0r!@n<_y}sp9DWo1O)t<-m@^0ak)56c_mWC_$8VEhQZW||HAaE@6G-lClOJ!hr
zxNT#kp2RWxu5Z}ATUXa<KPv|-f4Q~)yCI%3X4PH$;iaHQ8n@<MvyHTf(LC`{iQseA
zFX2Z=7~$|>gq&c+z0bI{jr0Sn`cS&W?j8I=!8^7RvqBh^R}FU~_7ZiCa$nu-p**pG
z;L9>$!D+|n!Uc-RTSChjNo`(q*_KI(y*ghuW54gW6PtWw;#}1Do*=vOXn*m&b58`!
zduXWd@y}g|PA=1Q8F!gm3T0Jhq%r&<w!=)n=QL;DxPSeXkfGc$j~R*vR{7&XX?FCF
zCl%`B6*2a8%T!OV_fqV&VXAm#YOkMNBpzg2lsl8pP5xBm<qcxo;g7s`C9t^GNH;rM
z3LrCg&dbb-vUCsY+%?(OG~$ZY6;7mnp_6@MQq{hi*}sK@sobI{u&YX_Z=mSVT-56w
z|88g&N<FP1NsjQDJ9k1+*8kXxwzldR_5IuLiW&$V|6u){uR4Y+j{g^L1j}2qe)I7N
z*MKVrY^Q1Xa&l;*f4Dop+b=d1&w5HD<NE08?o7US@k?QMYpD6SA6%$WvatU1bY^bH
zmu<D9TdBj4vO7GuunDN6*oA1H50D&?m6iQaB8mjp%id=d6v;#ORK{HRg@n~5n1vuN
z_5a^^O=1oMit-<m>)F=Fh}UuTW6hPLO37YZhV9(SE1okv9<tpY@0e`aB*k`qrSo(<
zo8}%x8z;3lqrAa_1Pkl7yuptb3|)`dD|y)~E|-=+D$$5`<QTd7k2mtekp0CifN^~|
zH7?y@^m}+=uvlY99XTQXYbX(wVy0=O^mR&{IHmB|sp3&d)iwP&x`vnZ!o(ENMxY>(
z@d-YQkB<ib;hq}I*=Vf!O!y>-h&yh1Pn?U}P}V@#{~hyFuVQ>X0G7+!iSjK^YxmV1
ztiN<{ojL8BiXCfgFQ0l)D9Eo;ZLo6C;m2fGP~Du|LVJ2kZuG;MD{HAV$Fm#N?j=Q1
zLah4QAzYkXV{Sz`nBzk8^GCm0W^}dhF9S&1F?#)z{8vPa<$r8z+e~>RNjoJTBuwH8
zTCA4#i#pBzIxhydnA)0^0~=vKlzJOB8u{ji&QVtWUsnlgXBv63;d8`v7%+)Y*0B}!
zJ)<aRB9>9aA^Po2HdBE=F29Jr5T%uJ>KJEN%Vu#UeF#%U^og7DROjyXTId>Y_-;v>
zB~&LzN9&vvpm;a3>0!SH@Lp@gtxNMO?tc+d%RO^TYbyn&ji;ZiWljguDkSchJiqa7
z%&|jZy{M{_YdL0MD-gU%Cp>034+ggotNXsW*&L%y2>Cn=JtBu3D2U-!jY=|Fl41Sd
z`|mlaeAS#2j_>^-9#y?#H~sQNInQ#e;Gt*xlHH9Nj|gTlE7Q=QxgYj;{xFs7z4MEE
zUb6qJk)je9=^eI6b1proNxQ!wr^k5hx|5Sn=<9E(E_-+HxcaK|$<X*aks&^jXL$=1
zGa_gH<jdL%hMsBrV*1COM#Cm$hn%E$Gn>SW_<RNfw?YB?mw=%-4xaVuEj}6fMx+5s
zN89&r@xK@{b{aNQ+xTw?7ro-edr!F&RR0uzy=cH8R4brvX&^`MB2<3oVwdg2vgX3^
z#VOL<q-z3tg`>0!z0p@i7*@X}a*#P3s8mqxN>TZ!I3V4S?ft5b`6~~8l3$wA#<Q&x
zMEe6-4&TwEalq_27oVP3Um!<-VTbvyW)XQe%xGZ_4cs{!VtCzWoTt*GKJ;q|W73V7
zu3~qiKyyvaGZ}UPJV#iUI@b(s#@x*`4mMn=_?9vwe0ut=$*Gy>21m`o{TBVF_ne-I
z+(lt_+NPqetUik)>aLWp`mu{Ls?ohK$8>7EweO$tU2WLrb!TQMWRK|}N=3w6aB1#m
z=elI8&kC^wpP--`{o;|Gf>|_oGER5=IMzp{P|MF+V0Owx&}rRj-*my}pn6tiYXN~L
zHf?_+vbx6Drw)aw4~-kJQFPKV<qMNM7&E)Y^2Mz(nkq59`L?Cnm|8=&uk7Y{6BVng
z|9RVe_U~I;k&*cv9v}ca!C5w#V%6G3<QB4UUT6RB1!$_Qlp1vH)sN@=H&wy&EBCax
zZ%+}+{*ZHLX+>KsKBdY%D=ASv8W_T*l9;V%#<9CLcE4(yJogk$8kggXYj>!1S)3j$
zgg*Lcu$$>Z)tqnt2M%H`J%M-wvOj~80&31Qm=<uv1rAr;=z_H}hvnI^|GfjDH>{t^
zSRD<7j&T`DpX{TEeMI-8BOuvp+gtnXi*L)Cl;JVBF371io|>}tA#U5}4=!&PlHx3A
z8vdS^GKzl_s(YciPxOP-V+9wz&Ga8lhc%(!Z3W4WuT4z4oCKspq)Gy3XYM*|*Day9
zn-kllN!tC6+1tBTZwsGE7-gob7?%G@zx#H_V-<JBlJQGo`!lCm-HkI}%c<76QlGh>
z`MD#H(z|}jknN?0kx%3qHeIQU`xU(H&8Ri)uIf){9MGyEdAr^y)i$_&A<0W`dh3r_
zk;*@NVixz_E0PGA=11S~ofw@5JH@fx5rNBk-S>9tG`eUSFNPPlxHro83VPGCyd`hc
z5!sRQ?l|wj=nEl=M3apzUh`sGvhA$ORGR*Jx~6wbQxqm%GV5@)PH%S5>1}u{hNTaY
zv_1Y;!2h(x|M`|@N7|=rhDlb*E>uLAD~{O4gLJ+K<^P5HiG<KAE5?|}?#9}Wu(Q4Y
z?Y8Pq^<cAnY0e$@ibZL&yK*U34$55I_9Qx-foIy3=8?(2_D_{Re>MA!BwjB1<LL0i
zt`=y}XH2&zvbP~mLe?@H#0e1%W5JpQIfdU(X4w7|K1U7p?M)af3G)QwE#8ZIdc==^
z4rq|mfiOS%t}mWK*-6k&K)keXm(9v1X6aj{TgV=nM-BS@;VEv?;EM9KMppd_+JjBM
zPqddja;@FmSN61B9Ut!Dl^3ENBb5h+*Cz`??iqa*^Dt2EI!t7eL##x2?|HlzNP%Y7
zZTBtMLr#2G;o`k!dR93h#+TOah8y2VQ`m+(3?UN$Hou<OT0QT!0eK2xDqUUfI-l8l
z6)|ua*Qx*))V&7nak0<7vVDg!_QURSY3#M098wONJAhWD6#|Dp{SGec>nXQ?{Gxhy
zm7kZF%7tHhKD|B8n=&H(>dg-Ief;;Wl6$6(=l*t&g=`1u<AiAg2U9wL1pA?iaOkJN
z9~ovB-Od=xxnk1DlwRm|-Seym=d(eZw~mHh{XHX&C(hgLJNx2~F&Cd|H!ULdYrG+T
zM$S6qFhKF&j4u-D=^)hL{<d10Xa#Nn{YD650My@Oi>jf4#Lt1YpNQ81<_LKQ4g=L$
zxx31IgpD1oEu0x^6F>7PT|npq!tE$DmW_($zt#a=5k^!XzlF*ln>KTnAQ#ZZKm&A8
zlL#N*Nk^ss!f_9pZw$dne|N)u@AaG=>Y*wPtX+g_3*tJkk{7S85g7%TTHJ~>e^2Gw
z*Lxg@SHif~**d_m^{FDJ_=V)hfw^&;J(K+spK>=0ce)7e&y!qrGvo+47k(vWr$76c
zykbt8!yM`IkAY~yk4;$oJ39%dK6oy|JiU(BMhM=aK75dvsDa%M2mEBmDW2~@3<xD6
zst+ExBy@EN-31_4ViFw2TEZGP{%SI{Va@~J4$epc0o68`LJ#_FdSeK{Spd1XFNj!i
zh%X}%D_#Pg3Fdg3I%K4DxTg@wFu{-B&LGniQU5?T;I?lAl=^a^o>pc&Ov=`K+dj^4
zcf|{bBVcO+GkW{IH0>AHS5x>6kf&a1e8aFyFe{W_Isbv)UC}~sC)s)Xux@q7J@aP0
zcQ}mtWk}Cx<fy2}*-Knq-<tb>oqc&YRqGq}Ht!HSNg=Xj+DH^7B5h;{v6H9>rA!G$
zDx@-{l*&*$W!#2jOejJqNs%a`OocK=Cqs(wUj4p5zQ4b7UFSMo9m8I0z3Y9S=YH<N
zalZ+LEwNqgeB!b(6MykvQ6{5rtx->b1xCoyfCmFnS_MrLxE@f`Dk^3mm4HiXwZLxR
zp15)%fE&mItP_u5wGd{#bFdBA0w=1|VDl3}YM7CsYW{&B1A~auJ&>pqK@%u{8eYEa
zh43#b>M-CC!dsU(QJ|lLtq^`CfJ=NAp+;8$kOO_230@zRdh3DJwNQs{K4Vx47}tlR
zi-Yv28EWinjRR462jTpNd7Y`T;Bt+l_cf(aS?_Hger?OF7ti4(hbpsYJfE&m9G~@E
zc~+^$l`i#hv+{!_+fAy!HZ`C4SXO?+u|t|tG+X6oxOKMYDJj(D?@!I?L^&d$iAbj_
zKQ-~9NEtx-F3=e<{^WzJBO+4`Z=UAB?wjS}v5Fh++`!&Mh|DysR9-$lU~a_u1bxRB
z|8fwFhF))MzB2v=s`kTJL1_P%*|!t(67bm^fh}N!fPhqC^S)`qApt*vP^v-YZ2*ms
zYfq&P5&G0i47fqYX-OGc{$7zQwLjZ~JpxFkdq?{WL@&@^ejyeq;p~LUeh77-Gh(TT
zaiir=R>Vad5X)*SmnIC_(2e_5!3!M}e(;*FsI+Ljpe!}{`Aj(n`KV0s^S4~LZcO+p
zxsT84)kiN&Y_-siCS1{=Zh}ogBuv<m6G%K)Y^{Bh0jV{6x`rP<bvritSnh1l=$*5p
zJ^tF_UCSCoW(g@Zye=S(vH-?Q$nt>z5^GDv{t2|Q-w^OY5by|415*<s_Thn#gS>P}
zK#5ylYSO>!67a%9B}8YCDgOjsNepBE?+66%X-@m*?LOYb>#sRh!Ts%ee>0QRcwv)|
zmV?pf&2EV*#xr8Z8{avwyI$bWfB3AvcnygF>LC=uY&sO31L<w{Zh8LN-rUmeRG2cf
zQ1d#<+B$;jRJsb&@#DY1yNyJ|9}s>ZEz^KMiLkWM&PRM9up`>NXOAH;t+b(HxWO&V
zR4ulE8;D`UOR%ZyF^Sj$xiuRRZ%9*6a0HZ2z+I3+wx70;muAH|1vll_xEEL5Pu2CT
zf=4`|Fd^a~5IyMxdMP2H#^jLwe8|+I+BsJeX-$NQ!FKCG9kaH??EXk6>nf(XXv{04
z{ib%MIqdvwWH0fzQ398mTuYeW60>8Aqc)cPd~I{!=YqiN7_RvAASJ<5_ipos1jp>H
z?1<2V?>N}}#FM~n<>)=B1)~=}0*!?8l*aGy+CJAsM^#(>3Z%UjA9#<JrwNT!Bib-5
zV|nl=qM{-P0vlu#peA~Wrv{=IcP}ObQD=Vme}5N-og+OK_OM{My!Dfyxtx5tMVMC&
zQbgs(nlXPEo^*UWs%2$`mzcX%U5)=DSOr(HpG)Moi{G8t%zqIRwk<=6wXz8Zd>OA>
z)~q9*FPTm*pOwCQ^KM}O2)${TK5Y}arRoHGt(IJy>wfJ~7kZEIlhTtvyLZXTJW&tS
z+4okhLG(@S8CB<*Q{Yrkc*7uLy5hA4jv^R;oo?e;DFuBl;tQm-wh=jMTNJ}dga$Ho
z&J;D)YrH(WtgM##`1oKV0yevV9*%(9TTgGmme=y7vp$~4(0jbNFwd4cp9C2noeZ)w
z8=}uvA(cfD(58%>+>O{+>o4<K*KwUjE6<vyLURVzUD)hwfbO3k`Y0Cg&L6^7LL8^w
zng`Y{zX1@ZC$T@0GGcky#N<i)vn1}4?tJrO)abuDGHdTqMJN4AB7Pgn`rlb+SvWM{
zU!F!6xwG`eRh~G;hgtDRUgp!)Yt|e*)PwW0<yc{1dSTG$&r-ur4r`Q3{L7J^BT=xp
zgqHP+?fWgqdgrtMCW$C&h!HhTU=VmyFVUTc{;mMDiESb!{F~LxkHhx*#!KH!wZ^!s
z_(^=xTXA@J-`@Sj9up5Mn@=Vmd(@ntH*j%J(H5&qetPb=d$BDWEom&mXct8RVIlJn
z<OpK;IQ%~6BiNoe9f@qs`|;nMh;fu{n@H_%gLOr#O~wn3e?H%s_1;3mHYv^~X|0uh
z`}@*QmN{i=T_YYR==;(iS&GJ7Rhia7?H~tISs4Pwzhi!YE}$13nG>NQo#@%txp25_
z@G1r=D<Yns=N!^we|+v-$I&!$vR8|>*Sx$WF1^E1u!mqV9fn3wuZ~7ryY?bVnO>RO
zHkz-pw);MJI@A;Bw3A^e$}M(w_xSp1t~e+9k-z%S3O{&wK976y;r%1Qvv=(axu)|6
zQ^TvS5<l|WT2`GZzgg>*!J-mkMzuOR*M@#30DaJEk?A*kmldu0^+AM@k^i+@_VM*&
z1{G(;H_WW`XxO*G_YjQUB^i<j8)O$hnfX*-sSEnBu~Z>cueDfAzwS}HglpMeQ&GRV
z$lO8a87skCX(8AV<?0;DOOEE-vtFuR`S#bUJog{+r>X4eHvd?;E_DrG%Uv-+m4<=a
z6F;T1IRsVZ_Z?cJ)@3ewx~#IID5Pug=f-gTFFiSY9}fsW@Tqw6o9E(oFdx$dd8yJG
zraz~qQbz<1-{z$faV~gV`mO53DFmI<u%9YpwPc}y@qNy&mfFh787P<kLAyqV8mk42
zy6P5eR%;P=KJ4#oqp`PY>R!IrrprH5K2^*fT_{XVe!}0Sd-<J6M#q{++X5j~^=CC2
zhGu`fd6;tKy|?*C?wKWsG>O$;e%@UVg6V0@%2QXUkzj&D#Kb~s|DZ*8x?Zx$zRcUH
zSaKN3Jc3awU4LbAJU6I&xbMVltWD_0>zNy*B-V{OeS(VW+$Yo(L|ii=KDQGIcWV3o
zIWKQS-)M^zO+b9N>8J1)u-PpPJSE%3$3fQr@<dR2kK?%byNn(EVNViojOJbodKhsw
z;j56k?7L#)V}1R7CpvHRwyCYVWD~*coL7P+C}uKNKAbR2amMD*;^(*Y(DN6;orPJ2
zcFw~inS-~*cD1o(Z>@{}<g4|_Z68lMq7wIE=nl54Sh|e=yrn{D&&2VP;Y0gVh+q#j
zwd+6`&w~_!U`Rq$DGFCljDN3`>}@~sg&4sqhf-V_&iih3XG<>lSe*@=@LZcO6FKlU
zz|llyjhD*6__Jf0r59ITvpTV0Wol9#tNhWSNq_Nk?YWZpR5y0f6645Is`EAc+{MwC
zdEJ6GKhAI~JCG+fz#1K}WjlzRCc;(;nhaQb-9Y!kKCdnHT<&QP#_71cG#HS81#h7}
zrY@Uq6gk)*qJFd~@tdJ9&O;Bdud~~2t{&@2EX;3(I}$-k4`Jh&1w)q*ffAkS_sk@M
zDoWK4_XeP6wEN)wk>3Plt*M-9p=-eD7m&%haN16O;m3mihlxB=#EWyM;(vCvZ)#z&
zE}zg2_<pZnx+QzJ$OgNEl&`JFTpl#$L~S+WvfX~uB3traxfFv#!^U`|ydjK&S;-`{
z1pU5`DfAflDWV83ZicMxIKdQc+O`--SkywuLii=Pb(M^<MU)ULoKSAlG85^@nF8{+
zl?c9xQp(Gklu!`3e&lP&Nd!JWzVIx0C1RtM5|M~Z?u7x;of5bmwZoy@Rs&+#B}5Qj
zB-Fy1)KGv1=B?^GP3^!YU+!6R&0BADq;=XI4p?9<5zHF&xJ~%I1Wo4JwgpYXR}}-V
zD{^Nn)se0qRSSn3>9|&zqett0`q;>wTL1A)&HJ#>SNgplK3WTZ&HS^qpkwn3`N+dB
z+c~YnmU&%VJmt<ScsFiGf{2PTEoaDHeABf<Ov0<C`ummFh49pLV#-1CkFJ3Tx!DM}
z3nC*8I&i|4C@J_i4G6x5a*J(u;7@bR9<9-6aq3~@89=alk%Q*?`N<>ZL3f!qG!C%0
zR;>@!6zn+0JhC&Xd2{Q;%(+KUV5k5;|M6k}aUC{KHt_3=*~U5ck)Fr9goS*p9wwZQ
zoFU79Gkl@oAbl*L6*U40p6jSNI;t_XUq)924M@vxm@}Edw~3v&1=2T8I3*=KP~psw
zbxZnoxcm9o+__Ad$zi5+_uuSW{i#ylF1T;pSj4fD?s99^Kz`+^<Il6k8x91U%E;%r
z8HN_8ED=w?VjWF{_oj_tk9&;xY7!CrgryAFvk1&!vsOYL0WeQ%=J<NVwQK+nT&n+X
zN1Bl!2oNwLxE7UNWG24L&G1&m4JrH1P4?U}RD*3am%<FUYaF{-vAftg%v#O3gE4J7
zaR0e=Yq4fyQ4{+DHFVb26odv&S1&rR#?#N6!GA(#7?JV{J~=^vA$mY$su*NyxBdF0
z`LDn!%x3djC!IxF8+`qx;q4_4ns&MPIfSe@tN77QMB33bk(r#^o_yRx@aewC->>(-
z$Tr$~&c!d%Y)m+mN8c1@{u0=UAmBVWIJj;8!+>v!n;53@z34fRLoHmZnrh?u;OL>T
zhz1<?ss9pnG*^TA&T1-&3U7J6Iz};!B7VZxcN4_qZ+OB<WNM8bjUrJ}puCfvMUPw$
zp85y%H{Um{F6Znbv|xm*F*d2kkl7O%m?)Mnm+*zrTWmdKv;J2>=#$;a_hWAq$f~Jt
zPqG#aV(45Mzi!rX-{Lh%(_Lq4ZTyv0`5Maa!X<i&lu`S-*R^~!ybh89T8#{#8APgZ
zv1<#vd22^ykoH|Izf{njfc)&x3Ap&ou{i!aSn+dJi}TyS+9DWM`Be*AC_7kS4!B3o
zkdximBf7r|7;AZFHxIR@$DWhf;CY!sFIC<tKR9|n!rY$mY8yro?-{T9Aw8&61r?tl
z->R4M)kqc*sX*uu4xg0C*yR6sJ7_ohmr!&ww2zptG<YaRm9DMckvl8WCA32NUH5p;
zTk%e>p<idd!(DG_JqWP+Xrfb(<(2jG65&OJ8HBod8nzTdq#r_nT*&n$!3rwv-cyvg
zOZvQTL2g89EFvfounp*(n2pkx`M}oTI>m3yFcqcHh54wJF$@Rzf(+WmuaNW2@LQ^v
z!14Tj6<B){YFj^tA3B%>LLtOlu#FP)Q{|1QZP~IXv(;qZKIYWmF&Ui8Mqz&q_T*$*
zi#}S{qF;V#%qiRJ^Ak0fSFvLC$J+BGAn-bR(jNH4UVFdy!Se;mmqG3&$O;qZ){LdO
zi4nr&v=LA1#P5AAiK}BsJIRwJJrn0d1GXqBjhvtj4A3KYk#>`<oHswHEMccd4q++T
zbdIb!^DX7b(YTsQr*5LihlU&0FEBIXLi=2NtV@I{{R@FuJ0JIji?335jlpLnCJsh%
z;qhu7FQ+-I*5)7gbNFnlcFlg}oynIknrc0mN7NJYKfe$e?p)8#(>Rmks`=&_+mau~
zv}TA87aUBt2!C@pmZHUqrB!q3Cgtl`vW;>Jv0@Wu11n{uBxk!PX4Yu5{#Rr)9c6eb
zeUs^fV^&+yf@2=D4L1-Q;U$Qih@c$9+9N1LN_(EBxN5#ywDbA2d_+Bc<aaQ;WO<Xr
z)xU+MADdPd>~b8_WoEqpXtc!bOJR?>Cyz{*TdrG^VK6n6Y)msUq3vSJd(+S`x4pHP
zPOa0{+tusayOnAn`a|IDvRMgLGjfZVBdh|91};Rdc&A-?J>n$)Jga%Yx24EsCmIBp
zZjcD>L}DV5UYmCM%$RPJzP{Z*V82iz#+g-IN&U}Nh@DpWz`gl6F@cFU2nlaHpjB<*
z^W@8^bImz>MU@*<o!jg4&(vu56th3y@wO{xYD_)|uA6=dR+1fsjS343n-ouNIe9*Y
z*{Zm60X{O`UwRHV$YoOEDNL%NZ&G#Gx!}5hQ^(n>=FfI7n{!|vnCpL9l_(^pJJ7fw
zWyJS+uFdG$(od5w*N0VXGK$LG7MLIOV`jmR$EbZW=wsRj4F6+eL7;L3^ZyUJ<RO@{
zxxg#~j`0%LPizw<W^@Y7@KroA3Hr5e)`D;L9@mOV?xf#ea$aO(GqcyP_uU1?!&fF`
z&jy|VkHJvITW@0?F5x)ev0|dT>%*q^bUl~cX=?KQlr_J+--bF!aqVV_RycLUu0P_+
zR6A}{Vk>wnK_@Y1{gaJj$rs!YHD8m1Ukeligaf(6sZZxK+>mL_1@Ofn(@;1fTxd5o
zF`14H9f}Pm&WX>u`=v}K1rA&d5}bOXynDa#se!$PC+(?{nF2&oYzL#;B0q97ZThf7
z@c6N2)<|Cs=UXw=Wwv*tmE0v8nO&m?-*wxR2aV|(g&04$?Pk}fLN=3X>N73VUajyn
z7$5Q;m#@g@+a=Sz<sWD0Li6_1$YBRZlQ7MMq$SNnyp3|4DE@GZIOnMo{=*oF4~YL<
zaz|uR@?r_iORM;5`qP|sS@E(hC!bA4KmYWjPB1+)fE>2=m;0Cgvtn1{|C&YUSG`XY
z@AZ6dy=EeknyZ>}Ux*|s5F378I6`}}+j~#LSEt>T0Vdy?cyxn39ces~ZI7y|Adduu
z)#9f!Y?<jMhDI0wF&g*nK)7MZ@~SZJ->_2HoF46TAbFA2@HK(+<L*_}#b38yex=R7
zoiG1pdcegPQMa^9lv^1`_Nmb>Up*@$lulYwLsgIV-b1VArSycX$jUF35c>&yVFL)|
zV9=*F?I@Yaixn#EdIOK9Z|(U>LajTJ>#S2O)t3|sdYCV-D_`3GdB@Vr#s1n-`(}F|
z=+Xk!gUC#7X2x!)P9gfckh3?}H>#}UP(sqL>QsTA^%iQ6%D(L0%aT>ET~S=~ESO#Q
zEq_8m4V#<YpiugsJ7Ke5TSfJ23U!7%qb0;Zd>irx|J2b=Bz{HV*Uw&?Gu(hmFQXHl
z{aGp9FaGygL?P=fbTaa@Gj6dI%(U<rs;q7^D7~rq)O7gBl6!hS<4h%k=S<@R-+bQu
zpdB3NewFL(m>pU#vQ76towHr**6dU}ROb5jaIVe+kD*v@fS<C^pTgXy%{8;`zqeK@
z`!Tv}z?RTqAU?gzzP6%p#KkXwUr$v=jTJ7el`-hYen4aL-j@%Kt2X9n-LtloVO30h
zsgGDtv@vEAlTP<{dqxBiz=K=%caREX>5yH75~~W`bMknCxM8iP*LrnCemi>?DBJNU
zMwcG{TX}&ztw>vY;=DudkFq^sT<tqTr@nmGFJa$5F`p!SaQz>Lz}cCFXw%)+2>dMd
z`b?o00J|m_fL`Ten+Ov!6gU9%9=;m(``-*O>d5PFnYHwN8Pf^DHD6WxkAtV*0k3}&
zA)zA3&j8#A$|p4SS%DQ1m&6A5C<x=5a&9i2>s(_W?Vnn-Ts6_}gB_qo?>8Flmavxs
z;?G+RA71dyuY|u=5Q`|nd^)V3^M%TX81RP?e)j^c3x)?A(EHJ3k@ajBJ?$P@`j4O?
z9JTzGZKiZY?RKDc9uG<v!#U1cDhUAY2&1QHKHFkRX4p5H8jE9&M*PM3?B@Ny9UG&<
z(^kg_^Adk!hB}S-lh3VxLr(l+)qlH}Fz<7x)PG;p&$;%-!!j#7o{>)p{k{LbDrz~W
zc`H3+XS-jy`kjl$E#3`mQ4wqSGh3G+m{Ch8GoS`oND5-qDK&lG&cVTilGDPx6(G1V
z4Ye4nz$0E#F~bcvPbgP8ElZr3>(YJLrC71Bq(ZHiWtBI~$-l>|RJ*ayyZBr8({j(&
zjA(L1ZS+;yF|ddcEgKSLl*=cZAy4rSG79TIJaD*jA&eq)YgM_5w)VVPetTCxI;Qx{
zMBi7-tn?a-EPgXH{et{uGwQc6Ub*fe*Q&OOr}d{Bw*UI})Vs(Rt<aXGwXo@V1(wow
zL(SFx;k8ZxWkO!YjP(T?(IamzXotUi=wIb$?kyR$HZ+#OOU2d5N#UU1qeFjgaw%_w
zkk9dkd9JisBA>)URPZOMYJiL8Bx)#)B|{<K>hrb*Gb(%Kcr5~+Ep2R$n9}^Ji}Ka*
znP8>y7DYr&)xxj!L_o*qw#+n3b)K#8k)N9Kl^8COvfv(V&UIsU6)E34Jt$fa@_B3B
zQNMmERvX^u6w8<ESZ#WjzE3vgIjWXPWC;)Z?M@+)<A`)eswo@T%FN$^%+No70_U5f
zpE;^JkgY7%>K_uGUmIFLPl@5_kP0P-fcz(B-g;zz{3CKfY`mhd-r<0DBw}o4!(6Dx
zv;U`?5Q>MRf<G<d8D}h;BiEYxWouDc{A6md*YHm(1uUZeP(3?b%(bmkkqYb9tw^yn
z-m*eL*q~z1^5x43nblP@m8V}4QG|Km0jh6ux|r&f9*gFY@Kr_aot38%)*nDvRuf&-
zZ$hscZ9-TkXe2cc6(m6IRwel>AZ&iTe3$sP;0j$(IR6qN3+eiDG``Pa2g`C^_iru#
zw`$`NvuIoSq-J@zO$Au@C;bVoA{+<BJSz{tn6AImBYzJ)%Q89q^opn>Z$PIsOKNUs
z*IcRqpUp<nMq&xk2C88SepE?GDH{G=l@^&N27q!Xil0?ZYCct+{F=B7fTFm;LTvV?
zc9>?ZSLXN%=kLuv7(K3G=na7+rT{S;ElBsENAlgSF^4UH7k+HlRuq0C{L3cWQvDF5
zy<YK*U_rA4MiW%Yzw?`iewxzeO=-t5eA<A2;oN@lSuc%*s_(_lDIog$YC9{&pNyn7
zV#MeD-vmIU6M?!1d!96<0d2Q1-C|@qw~{s>LmR-SEQKw`(sJA`V!~h5^N_HR<tg@s
zqDP%X8<=Cf;!3g1;;M$><4Ez7iLx&O8hx3rABY#6Nz+Z5U{LEW(jy}@%;)1W+-k!p
zi^BAD4whb}i(M0FqkpABHR}g_bD6467hwAB6hc_JS`dz;?FC{7p|1Hhb@x;^P2QZD
z&PJw=lU}s>sW41=VmM#NFs^=39}A=ntgKeT>#jS7X;-P|v+{-CBfl^$bH{k7_<`<=
z;AT<n!x*5g6Qcjo($Ue`=KmL#86N+ghM-@j8hW=jS7xeRs)|`y>TPLOg%NpjeO1r4
zoHKits4kUKQu0tp77bsvfSIQb<JF};@7V?v!Q<0&fp=N4dlTZ~9yNjGy`26UNwNDM
zK76=axsfRyI?KL_$~wv3yba~^&WA-sd7Rwr$ME>J{-^+<&Ii`E{Qv{v-qTvy_28Dw
zcTrE*`(g8t_Aau|I#oBcj#u$Ote`op;#>{Z>7oN@j{6~jk{tgz$36FVfrnTQgrDR0
zpL3G&jLOyg-1u~TXdE`4R|M?9`D2BM$cv*cE<u<tmnR^z)(ibyALG?d1Z#vf5AE;!
zb!O=GJss@;{zVC1!>0<3)+w&x7^`%z3w=q_<%CIYq5ulPTUk8$lncldE}%$nC;MD>
zV}1uBQx?M*BvU&{>-nf!#<YVVMop2aX0@v0HyGXAp6rY;3SWJ+_z>47j<9MkM?h(^
zB*3MYb=FZsRY_h*ES1nRox4Oy-K=-|^jtJOvMXfQ`Q}i{wYk8`9&4UQJ<PZ`4T6Fi
zi%YL!mvd*9>^A+#SEjOx{|VOUUfO_kH7(SZ*9<M?-Xh$!<pDP2$!)zlv;jX%K}$J4
zAy#}?G{aRSi_Z#|1=NehPB*n9Cy$)DD?l6}HATuxtVwfVM|@VG8p!=nv81sAd1ht3
z?^9B1)Zg&->S6_$w-z_(K?6DZ$h)sbwpy!K90bCCyy7Kng!!SyRS)@Jc`!cP8%C1Q
zBdf8^vUdR5knE6Stsa}1KNrhbAYHldHFT2^91k9vjs2zvX6?VERJW50KTOOV9GRI<
zg6Zne>8<yKdgUCoe?(K9^C|s&)VeqlF5>_B_|VdLCNTEVBkz$Irfda{&n{3Xx$<^*
zKk(C7*fu%7hj8(8<cZMv*+h7$CG3-Ww<)OwXOg%n_a(=<yxH!BC-y)_HG0x7lYM`F
z`M4HGBu6JHjTPIzywJZVe|%~ewXOi@Yv)q_74(XIK>|z)_#I1WE?NaE95JGu1j_+n
zUzTdlwwvNF;~5TIn&%VPaN=55SESk{4}u9f*f><Z=N#g#C6k~CAW3O!mp{#LJDuUi
zo!wM=-;JqmzA@d6$u=5kJ-GbZ{NIIRq`e1&9-ReEdk;8SZXCC)duHNYQrws(27%e*
zdylH@kEo^Ur&z9vWTu1hNKxf18wZd`26vWH0QLMfPH*sCv~XmyQRso>D>?V?pP`%H
zULR`9cq+cr)Xipp#kQTa2o9V#Re>OyALFl8;OAu54x>y4S1qc9z`kV|!yWEwK%H^7
z6q#ITtD}xYWw@2@kN-7+y>t<^#Zy5|R&1?u;}cWU@7S=cGjFtoQD}@;BGpwPcg`mS
z>h^T$Ipgb`{r#tVG|V@ex0*fNxx<Yq7qW>?7S#Kdn2tSofNkRU--Solbf$0Jf*-KV
z4ZTVo@0{i#aXHo~`G7Jj@G-y~zWcjQm&8tmBmH=D%zg&LH=N=u`6CH$od$mXL3w%k
zgL@Ag2)x!a(c=(gb}hEZ1zr`r)In2P{%h<#%jkiJn1cb0MMa^MW>P-BMQ2^8?IRSB
zP1ORu--+$C6RAFN$%@R?8n1IK)prA~Dp?gisnlyuHPEhJ$Ev`uI7%z9FrB00e;J$F
zv29fh?Rbb~9}@dcp7m$_52apVYTYohRfHOg0ASRQDnh`LMhdv`(p#CCp(D!*Ow$VA
z!%hr;Nwum#%Ql|hkZj~<lJ5apZ9pyFGkLZ@!Hb9Jk=mh@+w{nX=eIhFSL3Kw&@exn
zT~;>h*Q+tVk(X-2OTBkO>+bfdo~j+>$;D90ifVjy71oRfo}7}@otLV=RB0@6TW-qA
zm8X37EZU%4c%CwuQ1yq^WWe=npwGV8)hg|V_$Q2+qlae(?;PJT{~5$;o=^373EVyJ
zX!@ky(mv%C?U!Hq+x_le5RZc63bwb5TGdwY8g3kb=i*HmoC`tLkn6<EKxu~f4JP;%
z`Ew9<Sap@3%D)HHnjQH<H`3sf75LF5p#i;wA>4O5-m062(y5SA9D=OjjYW7bbghE0
z=iAlU2!4V<4>B{Rfc1;Oeq0UqP=?S^(Gi%je`(I~{<=$79aR-bII3Myq0W`}{8iDa
z|BXoQ2AFapp2n3<K53r-q>r};8l5TB9dV_fd@qCOG&BpZeTfQ8{RY6it;gB+2xgN(
z3xDQPptS`EohcrkGV;VibyYE*ZVjx=t19}Vluqhx=I6kBhA8RR^7jJhODF!7?<lta
h)${)!|FLjh*yc=rug5Nb^a=_8m>60Z<k1~3{2vgrNNWH9

literal 0
HcmV?d00001

diff --git a/windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview.png b/windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview.png
new file mode 100644
index 0000000000000000000000000000000000000000..97ca13f648bc7e1c2777e4cbaffaeb0ece7a26ad
GIT binary patch
literal 47622
zcmZsDcQ}^)8~06Sl1-6Kh{()d8QGEB$|!qflf6P_A}gE9xb2mdtOwc34k0s=m5}wG
z*Y7>v|K8(xp5yubaNqZJeXs9%o}cx-qaJ7~6JMsij6$J^RqiY3pio$|@UH{`9{l9l
zk2}NgA3~S=hVCd74H@z;R^QEi85D{MrJ^9G>z(;4%g37%{jGi*^INm<^$-I=7<=gx
zep#jndgd#ktV;{L8dH>}o=L|ZE;p33T$Sh#(8>X1J!CXEH*Ck`NM~Oul19*55{BIl
z<{|WBQsHPpXKlw9*ozYpkcYQ5R>bs|V;&Z2W<?*Atck5j#*eSK5i;X6m9vJ)YE!bM
zQZwUVFnBkvz8GBF*Klv1d)xhzo^JPd^Y%YJ&lxuID22VHN?H~=Dyr}<^MriAH>3nO
zr1Hia*7xCe?@}r^nlyEFDeunv3;z81^T=OX7u_<p)nrd5|G3J);Dh6JZvFC)V}l9s
z*DAN42%GM}U)4HH{?@5ic8iem`+J{ApC#dbIa6tLK2uoR+CCPuenG7Z-)-uca9Jjo
z;tXbZWuno4mvcFzxvDW3^C|;gySL@mS4#9=zExu*?@bODvSNpeWI4Y6DwG@fnBL)F
zN@Msz!u>$JcMGcjy8}U&>B~+>iPxCJ8tKnZ3LCPugN{BRf5JwiR(83ZS+lA9t(}qZ
zqQKwqRFZj`z=5>)4ho+HQuwa7mY9wfsZAc(duEZKH%aDGklS81ubQy7inxDWE%r*g
zz_|m@-OFbG$UjxwWJXhVU2(rgMyCCAT3zE{v*{%Uvqq`DlvcjE-t@A|oPSebg5^<}
z9#<1`$;DLma~){P@cew1Pba^dRn5KkmQ^Oo9=#Y|6TJQT@tx1zadcc<T>SkJ76fzA
zRNQHIowI%7(#wnOXg4P-Y$nT1iZIdTn`@M+_Z*3z2>02icXQ<UcQko!qSRvyk-JNb
z$<xD~BrOaL#WwZ*$^Md2#);w4Cx5Yc>3^KfURwf(0T*Y7r)S$iYo8NXW$*tAZGS90
zx&OVzZ@Sj*wPC@A>)Qddi+}p2L1&)sIg4M*H$I4LJU}OJw_ao`#!xRF_zwC_HMp|+
z9sb5GnqcTODc|(1vyd4-sz%m!L%Qx(Lj+y@qk5-z@7}#iO|>z4d2+bT!OR?Tdg}i$
z?eN$1z0m><6%7sCHv2mBI-@EBp5zX-Z;m3c8INZw@5j}KqWV*Aztzf-F2eNvJJ{ql
zY+U?pZZYE`LqkQi`$d_N?D}=WFojX4`ivQ`<~hmv%E-9C*PkXYwft{KFxz`xp^*=@
zs+qp8p<x9d^=ET3o`OTuWn+x1x~69OQ$Vw!*U8_lckkbm(bH=%kuEI7%UHwTaYoBu
zoS!wG|J&3c<L2YD`TJ{{=h27Qq$EnEmp4>8BZ#%pR27r`tAiQWCA@fIsBfE(W6+jX
zR#?n2M=Pmj*2|w0-W3$&+tE_oRA=Jgz%Lo^Tkd`R#WU*#gKuPJ<_)KYMZ8iyZhR7k
z<(9+m7I2U7V%JHNXJlk#?S0AIT%4S3KRv3=yDtCu@uOjXNWyNesgCP2a#IPqD;y7B
zyrh@VdGG)gR{AJd?m3?8pLK0`v@d&>@`{Qg|8C7(+G)pUtPHvc%=X_?VesFP`*i-#
z;e0>m0=3{GI`t_)LOLhD%A)7Tf$wpT%=r_e%FT%~R%z*Mhw{dV^Rts0n_-6Nm>75*
z>rF%DCe56DeE9O%AK|AjZ-~jixJti1Q_pwx#q-%&W8Z^~a0~|Lx!eb*IaMPg+Glf~
zG-@e4Po}G_P|ysd&yOtNTDyz1-#(xW|2bNypU!j>DN+@*y@?BPjF6z<>*(mqFBzoz
z+MnaQif4KJ{EFK=_rDM2;rVZE|4Y6iQ5b2dQC+n4V0zWFZBu_~#)O0f$Jqw5V0fW`
zfWS3z56-QbdYeD%Uv5bIPf`96c9<B+mAj;wEg3a#-?e#=Zt<z9oZ|X*L%UTEOUrlD
zLn*f(nb%Bz9vFCM+TtsFKgr$A?b@BkC@J4RxhBnCjx!$yC1s?f=u`W<geQ$VpVrSQ
zX={`9yrh2}>PL88#4*hi9&f72M4anVx1pKO3YFLdQ^I}wAj4PiD2Q!Ga<RDeN*8t(
zJ7HU4jWl^Wh&X>&pZV}q<^KI#?YBxd#N2R9CVPj6ZRS4(5HLr^#}}%l@}gD~nFyku
zoc%i(bfA|B%)Equm6VFA3wF(*l>!vdd$ZQSWaE$M)C*Z#ouq{95d$w>VT;5r^I{>p
zK4klgWDGjKU0!?gUnH3xa~Lfh9k*tVbXmRqxN6Y9pM}p+OFi-W;iS<$OJvTiXMcwU
zx=usz86HS6#EW}wj6EK=aQ?WfR2KlPZDX0^dZ+Mzl`t`QOq!BzYNU^p8VaJStE<xl
ztS-NQ|Gw646fd};L6n7s<(hzHBv<vK0S~oimUuWRc1%|XJna#oxB`ugYRg{oUtSV#
zmEr_AB%Xe&jcRmXb6X!_rWLji8(!;N+Req>;?T-|S6X_dWZbAYuyB;{!R^Y3c9Prt
ziKqVlu!F}H23FkW-gEXv>6-<3E_O`>L9;4xZaJ9ni8;t{{#1Nvyl+0>a89IRQi3{d
z+pGCd@_6}mpZl;BN9zDvVo6et<(0|Gzv9n+s|N;37i#5*;MT(f&Xf*FhkhvT^@~8(
z(vt1$<Z$g^(rgV1ajBC;X8Dax_LG&qWR!w}g3Cf1)=l-awik?npJ$v~H4cBzRn2Vi
zn0?BOjlJ@9bW}x6jg_4}9ClG2=Vdw(M^r9s3H2=T<Trvg0zP||nwg?cqAlg+vEe=~
zzrIr`HLStY7$v~L#(91bP>BCr&i&D(=V@T8&%o3t1ERyywH&*`yS6PDbim$n?`2sh
zC#Tx}72l2(w}4HzM(PIRa&4RFhA`5}OYlEwUJ%oHNwxj?Im*{CKcw%t-MlT0`*^DI
z$#Y}g$x#$^IiU)Uuu7~$tlKEK4rZG%6*hhT6sYjk3TTzaeH08_8$F~9SbaY|p!NP7
zE2ell^Fi38)2lfPM$qf5tfx&5uxr(fjM5vu>J4kGJ$}z#f6*B-zg=k2^HRuRA{JI|
zw8ih4Q}dRHBm>FH$_kX=bJ!T8QjYaAP|Kn>u73Uc73%E2%>x}%)1kP#-|r*+9#&0E
z?9ID(Y&tqRqOL!1?Ck7>9H&SL;<hF#%oqs>otC=e?7r1<r57ZmrQI*lD;xMQ<0$g2
z-r2dSB`CJ*k*D34ms`iafq|cJO=cR{oi{U^zfRV8bL*FR{`py$BjA7Jl2N|7jb+&O
zFgo86+i756V3sLt9s5RqfB(scdoQj|V&nSw_~1()FH@i*NEpkVzJEN%KjFK3w?0rw
zsT-eO+{55aYU;Cpjw|PX>sz__T2HG{>mzyhSecml_?*X6%>wOGdItu^gf*IRk8bku
zZJ&5<P7nsunE7iPHtggRyGAMK^c?jX_eC_UuCD4yNPF)rsLqhOZCYDdz3KPqh_|t}
zPM?`;@)Qh`$kKFbInb-gB#S0nXxc0nJnZS|abL@NmcCYJ`=vwDy2@aEx`qRQl2E)^
z(Ah!qw~2aZGj|CosjNSLJlrL?xT0WZwtQ{5xEAYvNse9-O=x>rzACSTdHyincUv4k
z)_L<H&v!%oZ<?<>i8mFc;>lj))xcny^FzgzT^Z?{LK<|aKicTJdDuyZsM%-p0XbUf
zLMrZ!#tFgLxtx83%whPCk9HP`g*E6fc1EnJ{mB&=jNiXMKUa8DH@)N;vJG;x@;Mn5
z6&1@4y(JG(&x1K&Li`&afFg)zkoxxf@T4pDy5Q+s<@lF-$Nru5PIKSBuDF%CG|%N=
z7lxA-4%PM;>F6X9887W0Uq-#i=e!l%zoL5S_qPUDivajI8ag_Or%*itNpBR~k{@h_
z(rGrJ#%mn`o#cM=@-|#LYV6aiqbzZn^eDAASz}GFlTuL~#np@HNG*x4v_9dAj_)zl
z?D=!=;alIoLCfvE42v;%u3fE}0q>Que&F!nXSeQF38(a2Ora&*8|W$n;NJX{Vy``+
zyYpDqWvocMn}20MCXAG~ZU1EcB5)K2m6<l>%By_N*I}f?8%^J@9!ZU)zG^;<4}M6%
z-}v#PB>ogW<t2#_`CzVx1xEvakNuZ|+oSU(S;88epg?=&BSoU~uizIXB_*9+ZO|gv
zZH51flTO5pZKIh(P>QBpkz)Q&ke!{~u5I*iKB)Detp0oA>k_s^?o1<^S(gwZ5>Erq
zAW`Au3L`V`>GZ$)RKxC3Zbwz=<$fRBhdl=|hu(SX;*Ud!CA4-I^DhahMxk$O(|e-P
z>B>q|=|qbQvDwCX1hR7bsTS`4E#8)(C6r{$n&LSvU=0yKF^4tTkKYPBnVC1@(9FCh
z`7lI|RMZo8e|dDiF}^yL{2yG$HW&F&I^2&-Ud?9o(*EAH1$O-*t1y*wd|STD6k)_I
zU<DN$8yj0ZOc*cYP$|A)597qi4<pr>b2=<R*_1kTp7~4d?7<G14_FAnFQB5Ksle`w
zAg23E#H_%vAi=C~w+(Cds$^Drx^Gv|eHFIEoX;J^^-O%$LE}p@wKD!Ej;(y}&i9Kq
zUwjy*v6%W8P;<@c*B4T)Uc#0l+Z;?u!V7<+4ROUI`ds5)KI`yT54<L^sZ=gU<F}b<
z_uU&-N8gkbR^^PYRwLNm++FH<WEyaQ?%cQ%k;Q15TF$AOMB1VC+1wMQ7JN9AL?+7>
zT)wFid^0SPGLMfg`4!Wpqu__K4+!#_=Y9t@8uQBBnO$*f<e}~tHJOx>C$Rc8RYk@S
zubjyh-?OA00xif^J`yMQ$AEBFo4=y=C%?nFXUPD*OnZmXED4#59G+bID~`O&80wYr
zNJZkg6AdZ4I}OUW+}DQ2rDv)hjE6Oyb_TTw{^_0%oNZ(LvffAENhM#W%#q?N#W7Kw
z63I3+kV_*AWrg(seW0c>dj3FH_s=2BtfK^|xd|HiSlF%e@{vpzXMTEEFEE%HAq{T4
z%d<|0zY<uL#V>`(##9QB*#tU-m73x1T-ue7Od?}dx^c1aoMZxPGuHYlok-~<RIqg4
z;Gjw2=D*7tqu*{t>tHFg0%r+K?f1NK?Xv&+;mI~ioUD4_F3R-r+nFs>QS<*Iy){M?
zflP8+4`mi#p%?#y$s*-QFur}t*-rcnOJBoG-;>^9e11*P+Nds2Q9JNX>(=oHL!eqt
z4rnx=4>tDFzpH-h38IeTm?G3|1FSncF%mDOjUNP*ttEH!b@P$vtX#iBH>PyD<s9_z
z{7<0_6<jKhKEZB1tMW@n4$FW*af|L)dfwFj&g(JBuM{1QCtJ_!=2zU#aJ?s1+*)V}
za9&>8MrB};*vz(JF!t#M^tk^eaXsvV3CbZKsTJD3Fw^!B-mCTz5B1sE;XDZeb2a?V
z(qxiqAq%(}p9D1aL7Q^I9mzXiR@}Dm^ez#FaMsVX46V3H;eY($)@TldihqavL8aS@
zYVxafHK^e<M)n4@;I{6Hu|-|?aktULzQ(PfDs$U0!_h<ziz|ozig%4adYV)uD;!v7
z$>-j>+=O~S7LCT85?Xhi$$Fao$^7<g^^)HhU-r`y*OZVAnX{i-*pItouWts^o&TF`
z#mv+@+pG?}5f7f(Ixo|n*z%fZ_<JI_P=ml#?2uq-yRU58b*HW82Nj)R-KKHw-7^2y
z-^SmN^d=3q8!b5Qc-bOtJ&<<yqiKaez(0?BY%*f|Bydku>)Wu)o$8wtBb(-a$A`rC
z#L?OKEXCa&umG0x%A7mF7}q!{eDm;Ry2+CpdWS4Q$mmZtR@UcfY1ahZHPOrhfqaJ5
zVSw5ru3XnCQ*SsbGpGs$qzJwJbqu-iTPfw2H=Y2-N=i+A%XwKNL*zY-RT|61h?v7J
zqwkBJ^2GKQJQ;h86pT`ou3b&^6&Gh1qNaM}PG~H*UJ%V5KQ65*i#q)7w~b$6f_CI9
zxD9x=Z$VkH;SSH&#6)sazb#>E9)q?IPiNAE9jIZh3ji_`+W!(=8MeJh?JOsU1yCEe
zXmwSXN0S)`D$oirI?DRT;SSqQw@<{$bc5cw18w;>6}R4<CmlFI+9f7R4LcnwTDsSA
zf}BzaWhO;?iX=`O@;QM<#5sRD##7Y3Rd@ST8gsKK711Wfdlfa($>m9DXnLlqEP&Pt
zzaU{;jpE3Dy!EZ_3a!w3scRIL;19~j-NGU`T(esz9YlO-dY0a&OPDRu$-0j4A^W<o
zAD%v9@L49~p(e@+_<MbSb&!>tyFXUI^ONV=+FFg*mXVvA+pWflPLt)j6>{WbRpwUn
zZMYoLBZg^ce^gI9T4Q4oydOV-$3FGpDIEsmc6KniA7ggfAvtVb<+A*l?0ewJQ>a{r
z%ijUB?i~9!81sJjULyYYcS{X~B=60#dfPAgxcFCZJcdvA*cgkF*#1aSIBLih((=Sm
z#O`Yt!Y)0;xeech$f9zFl|dmwI2!Qiqq9K0GNZ1KKKnbqEe2(JPE9{=`X2s{E8jeY
z>Dmpf*L6wB+`>XdUET6{Zv_V%D{wz!-erIAt~;>Y#Kgpg-EKN8SUY^=@gPL|-Mh~?
z2XzB!{1!>@=(U=N;eN9g^5@T^^DA8z<qNcOhJX?%gWR$Ht&ST7yk=#r_@U&<uNujt
zh3Ed~$7^tp-IBxGhZ(N1z>OZE0L=o0W8&f>RMh@FJiG=h43#PB8Vcos@KL}9?HF{)
z(Z9`#kO!r6Wsm9w0#Cj1NEp<8e8dn`*CjIBH0DVk-*Zn<5qE!Wm;*?{*qCm9em)Q;
zf_Ry8QQ&z?Z{wwZoNTu$qtRYl-@4!$kR?S(=(FwbK!d{pAT#)`GnY6276+|h-hV&t
z7^~X%z+RFe{`zY}qlP*)6N(vlGlO%i`vC3hs;^Gk*QH}m)Yxd<xQY*S#~OqR*iw;j
zfj?YCD~-w=frSB`*Guo3Ez#%GD>v>nc{bMt)iC0jHIyZBDNkKK;*s8@C*IW?_cb-I
zq7ab@>JbH$H4NbdiHY*Y#y4QyyB1y2)~<sl1CQAoNLg`FQEq;I=$E(37B$oBQ&p_t
z;o(5WuK`^su*($p>>F6gc=M(gAoO5U;_KI3JUs7!Y{+u1?tyN2@5vM9;^JbYU_vh8
z=W||ef4o!5>)IRcj?g`Zc#dxSx|EL>=O?MU-rFsQra<WhfKR%ASb8b(yXYY!0mzVE
zjkdUO6Ld}uA+Wm;Wr*LR`wCEo_{mLnQi4j0o~wez{=h4^SDJ-qOT@&)c#Iof0U1n4
zO;rYlQDoNoNldIaccVIc$8{700s+6jj)+2Y^#&6&b30|9iz|&hDIJ{}EQ_nFD=_;v
z7QOIfZD2o)mFSabjB;{w3vTLDc2VxgG6fG>mk8PQuk9zKr>oXj4;oaN<4&6T-3HYK
zc=DUWTRpCP**%Ow#y*STGzx}>hO8Q+*_ZL2lVGi|D#cccXK5-<dICABwaNBTYTf>H
zQVMdw7{ar#c1G@z7{YU@*!te`sBUI!;|;&pT$*rZMutOFY^-j8G$SD)VS5w>M>NcK
z49H2;8G{jn)}x4m7jSyCOKmbK=JhM>DIm1(K+ax-P%gy7kgU?v)m`uq-}RQn%sEZo
z)XFZ6yCL?KngE9uCVgg7(()T1YE-QSMxZ~f=Hu$4(GSz0Y6tTbW2UODh+xyRvap0c
za%v0*^=Z<(oLRcJx3|`LKAS}5l$06g65bWmo#&>yx6LS^4D&%Q6tW+StgRJl^4f}?
zbGqB3(P?u-Sy}mYa<Wx)Zb7)79bm&38BR^TH=YNq=e@w-{v~i$KC<MwS6cz)a1Mgy
zLn9+q5Z>;qs<K?W0;=%4sR`^S)A{CvR#&U#2UUJ@XrxnS3fYls$(+^hrM8|bs;Av)
z=X|SuFE>hX(|+(Q=%|x1Db>`s*vRb|<b`ogi_>SoV-irv7K>9MfVo8N(rB!OrKOQ6
zTJ<OI1%nQUdK#0WK1*YCgKhi4$yvep8+g1KB2Nu!ZOLE--UeNqe>~mm|MPo}?nP%i
z6jbBSf{f37eVC*%`ds)WqE1-a*knZgM5DW)+k{>tz!{h)?R!W^5Jq0bcJpR+;F)h<
zU*7=#B(jmm#>P}TY}NN}@$pp%eJa7+f+8t3X@&>doi6Mk>b;X|r>OswPxkdqjib~3
z;Wu!zSrX3*945;>w!R?}M77hLIMO^(<8Pf+0wsZ<qX?Kia*Zbs+CZJkN-vPY`$Hj*
zgGOf+VK&SGIO3gd@&z6D-%9Pb!avXB>;uvx6(WH}w39Hi6-eK<;<iGr>h$2M<ndQE
zzNgO`ja!0SNu$e7TlGpjUGH4Gq0G6le1Cx<SDxU@o;tln2%apfypP}f(LqJfS^I3G
z`-PTv62E+;De%S^LW-M`d;5RV6j&OKkG>=npz`0oZG_HlH<BCT<G8cXzPz^fP+Pkl
zS_U#CkB^UwFsj4ZQiI0TP%o>?EWsjAzl{JxH2UDE;^9$iNA=yMlepG#nw-Eez8i-v
znAfB!jc?&KhZdj<3Q)u&FqnZHnH&=7qhNr>*P7>?J~RTvP*7BSLv7bUDh;Cmk-Ojp
z$S?%?L&Myhg_JfYE-DJ^eDm^fU!OS)8%jz_7~S|`DH5L0p`o!RCMSDNpqLUFm8S%_
zaVv{3n9U{zVt<lT88lijob&?la$Q)MGfrjn1GZw*HVRq79k#rq-ce9*J{S<>VJ(Ho
za7Vl8XeYH*KIsGsSb$xDJrhjUR9=Dm8(Wh*THw2Vof9z*_EK<p8|8x00yR_WgX*x<
zwZV+~N9ggWrt&ouA6K-%1;;jLl!Du|t9Bm!+x+~7m6S&VXYvH!YVGd9230TFb5vQW
zsi_&9kIn~npuj|W$3~QHH!jZdV6oi#t<zgam|P%<07y?l7VdS;ReEvD=uBo`nA&$u
zX3-R!us!vfa(4bkaOB<Hs5an1r1ZeEf9R%E&?eIK{!MqNs0Q8u5$pjfk2CsK*hraP
z$<vLo;vRQ*_sR99?@I%Mo|l<*AJguPy?N+-$$BV_e`y`=Sq})bmNq5v4p(%deU-rk
z{`2;?ZG-ZWK`_wY!j?OeS%`$)x35mGrW8j@wRLzxa%p=QhCNo>n_qH;LrJcv3y>0s
z7y%HyudH+lBh9}6vU0xa*4P(DIs+`H3TTQ}a_<^@Vo8jVekg`T?;%cc`c$nQ#qCEQ
z-l0qM#=D({!^<~eEAT&VLm>bWNI;sXD+`zvYeN#-rIaO&H#_c$XFES~Xp(vR5)`Dx
z!xIp*Np{TgQpc|HeLBj&3Q`G|EbLyn#{QL!vdt#CNc_Jj21V^mC=T2O&qm|UU_A_G
zXkc(qgG%1Nh*R~EqW0xra%P1wd`5qljxDbXasv`|8TXe7QlAwjJ&E$(5oTA;Es{)$
z4slm}WFdIJ{1C$+D9M8;w2S#QxYw^OB`vb(zFv>mCRzLDQ1M<lo?(0g^D}ctMJ*zC
z&b5brd3o98Xy*yYw6@dL?9?&ujVhyR#tlbz(|-#a=Q=dC0xky<qYV9HsF0g|tyk)B
z_N{uhq#>w_l#1Ho_URMEk^Z|~G@hyb<FqbDJSikX8qHVlQ_G9WK();AraIu}U6Er1
zojITfo@5i2U7H6Jo-MZS^6IL{nCID5G}`88Qy_&4^i}7}%-PpO9H(03BQMDYX^fg)
z`ek!|U4gXP5la*Mu*tYQPWILao%ilQ6{n*1@6UsSasE(-lNU*6><RaIWq9qc)ZgT;
z-S|{vh(V{GfVq<1I-GJpx1cH34P?U1Om#Q6>P8v=(=pKtW6$h<jP#>M%pn;JY)3~&
z;U}qMv{dquSL7|;Yh9Y!`fDhiQ&Cr7r-juM5>H6T*w#9fbVk}{UGwzs$r&HkQW&Xn
zh)-Lf`~{!oMpHK7FMagE3Owy?c!*1$Cao%jD<99g&8sr6;yrhuR1~9}D43I77;vV`
z+g&b~rCHFfpLx1G8bH>7o;(;0<FSLfq;l=Wry*_^!oD!GonW|R@l(tDYY4{t<RSTa
z-h)vcmfkLYkc)RS=1-Meo9EcCzF6{nTsyPnbxHk=!2AEUykzn)8(?ysXnpze#e#yI
z{3^DBl9Cf>(a#YzyaKC0Gs|cZ)EKBsEx^O4VmEKDW<S2ufXH<C8<Q0>dfG`nba$O3
zo!|$4SWpxmCFB2OFc|4yUd@F8ptUnBY{Ph=i~V58lfp--=yNh)jlB~Ng{OxezkqAH
z5a??JxuY24TR(1pwl+NK02{IT2UG_ozy~sDGUW0EWLNOQm%rw1Hj&Clf?#|M)P@)M
zvTiWIL?z>m*5sVT&7f9Q+@r3e6*}ir_fOaE1Rk%UTF)KY4O{MjSfPjd4V=p8BHj0R
zC6y`|+>$qp?{fnG{UkB%0m8oM))?sQNCHYiV$hf>TVnsEV}Vy=DqvMhTlFPzVYd-%
z9nH+2e^8S9xR&jQ*<!rwWE^J|cLr`}5h_jG6C>^W$JPoIy}nn>_X1u1X3T6cta&wG
zoY%LWX&}yyfcxrz>hG5q$2k`XOGM<o=;$lIxr<+`rwbLQA0aqENiI{;$F1%RaZBQ?
z9KJadoP_Tb%A6H<yMOmtqZhL>VQEyYl3!uJBmYv))NPrK8!WrVy~=38*8z?qk8EEI
z*t#2%W~VLM%WB^i4zyZty4fn-!0R{o|FQr;5vfAZ=<&yQu2~MI3j>HwlVxJMU8)v~
z!Tg$Se8^h+p8|flcSYwUpB0^4wI?cM1WVfQrj*OXYs8Mf`UEhc9y1QGg~9huF>F^%
zCd;(7wUbg(#IgLP=c!JpgccI0z7QnD<|h&4DHE7nN?Jc(O6@VyRjclz_Sq?+5kCp4
zWI--Ewh9kB1owedN8)ng+vJp#o7fImK)*2WUzcoN`L~4Ee|oW%Pssc&_^8i522*$}
z)h^q`l_&dBm}R4Ol~0Cp$Hy0IKHltBlK#o9Jra<*##Bn3>irhpJB2OJO765>+SsgU
zHMPh_2g{r;lGv-LL@7qP_XK^K<&?T3*Ld(f^;gcvZw{To^S6&l^Wumke(678Aq@%Q
z@x8rv^5kN_p=CX*xeH92N6(xdxJ~D7ic9Bc0aWl@C@#!S47!)77J2{<SEb2@(tXU^
zO>rtJDph&;(7!<!he2z#P7bPxrZ09b{j!@p93FgDdfm3_+vq{=aD~wp*}3fFxrmUn
zn>(}v-fOt?BxtsTOp;;A{a6-7eK)SkPsghnZaS*;upx=rDd`$Co3d~*7~YR!4-#E0
zqKBu+NcBu6qj(L+k5ac~F5XLfq~+)K)4W?&e#@zfx{swKeK7WLehwJv2GGjQ4Q0%`
zmn@U0@h1qQUs1o@pa-D6<x1*a_`ACwZ;%Gd3u#+9aMcS_sVd}Sl4v$w?tR3g&UhPw
zF_6{Ol5}k}=cyB{)`d3veYc&x?nP1JIQOkv(cspxHB@sjtMZz?TbOwA(UcDb10cV)
zHi`PSk?p;RE6mrfOf;r8qe`O-%4c&*d8TfVK0guCuc0HRk{-mAc)Dck-nj<84bU;K
zW|MN~Rt3OcuCDwsG<<(^L|r?cR2hV#0RNQx1?eV=$NLkFJ-MQdMxz0$Kyx+{_gH5F
z##kttHKaD%M05|OM`gr8UGwb++NgV`N>Q8&J$l>o=aL+O+?{J|z>dM(&D#_QD}D(U
z#oFb1@9;hN1yBkgr`1;d)CWNLq2*x<q-QLDWx_qY+~&fntf*M!@lz)|;IARHI4woR
zuJ=yga9Ju1o{IiRzw>0vv{qcS!@6dg0Pi^hRzUuO{sgV8)SwExWL%YrsZjmY7_7@o
zO%C2vqL?n7LhBv1a`kr$rgG~|njRiP2!(N&d<o3m{S;Hq6ec@~T{PiPq$Uzc8X6f%
z0A6?pTwY{M%sn((7tId-IhbGINCS6H`7#@59!5IlC;~7Q2W&>mtbakWZYwNs=^dn#
zpn-vX*gH7bWnMMbQu!(x+w&JLq&oQd`TY;Z^-GN#tJ8C{!KZ|*0BAV~x8%@Ov1c@y
z1Y7O&_p{a|h-<iYq%T*?UH(lKJ!s7;F8)vF?h>ZGGWVC4U))3zDR%SRRapSWl)*Vz
z$J(rov#&z^!db#(M}@?^4g_H(s-_*+{@lFQ6T8N8Y&RlATrz&^;x~ILy^c%8<Bl>;
zJMFVt<NFu14)@q)h^w91Q@OvcA&HXzf4qhX7fJDePLIXa@V}J8>6QEK$?(@v%Qmu?
z%iobJMYq<Rl{ZyvRPCItJzACTGqIfsQkU|~V%&IMBelf%C`W-sOlDc!ScTo*sM#T`
zn}{SqfArJN*`nv^gE#wSCASvW(1QWK%m>DHnI$Clz7c3bzDJ(((;wK$dr4St!|OWA
zQup@U1nbLpLl1mgj?T_iPq0H!rWJ>od>cQ0m{ao_-v{atM@ZGNi76^7`l4E{>P@GM
zR@A2SFj3Z~yviW?ITV*@M5t_t-KD{x<K*koZW>v6>=|?pYwYlJp4pv1V!-p_V1Xa`
ze<~^0Vo&^r+#79#trXPsK(-VeK}*<KpbSt>A;f>}$Aa-44hjdwk+bxaER*b=YeHsy
zU0q!WxdlJ|5+tc^h06)`wLronmR<s6hYz~s4>U&M8g%I5;zQsikUT()>&@xrXM7;M
zya%@&9Av!b$zeT3!?q>bhsO;De9vP23_p7FgX5x}AySqoD}6ZY4rGS%$k`0^vl_+@
znZ)Sm=$(@@6j)9>%dfT4*Z#rsFxoB#7}q(!rvp|W%3Umf6e9+<B3wjT53qP;sCJ-T
zpx1%U*#7uci{If_2s4b5gMJA6x>V2My)POqOcAWCppc8f9Ea+mlVSb6e$T47xd~hx
z4+jOms=UlxX~1J`Y>Pz9(htDJ1v_2V)YSC-wJr#F6%}#9dy8ZcqtP1t{2Mh!W$?y=
zC0~=5Zyp@`BND-TwbW_|eF&xn9SMs3`{Hd)9n&>14H|+GB1ZzW4Sw)7yobRr_V--#
zr91`V#fi#sdqp%FWcRvH;pryhpty$J=uFmS@pmi-+uCueG6ePlIXU@MqdNy=t8R#U
zM9wuo8~qgEclCy7FeGR|m_i{xwdzlC{rATX>hve1T}a6_GX|AFAV%^?AazLx{2Te`
z;~v`1q*sy*a`1!JzyPRJU?L!QMIRk`qxSapcDyA$HYbRKfkZt7)&*{8nxM^9*Z@4B
zg9BF=aGbjH@WEZ@?*ot|ii(SS4<Z2@8`}dNo&PnK_;?#I;E}ijgOu+Gh`t^st>)DO
z(3~Jt0Vyn?_<Ki7@%r3|GD^*7st#&nbpES1Z&a+UZ%TOmdc6CiD=9g7cjA%rmpTW1
z=uF5>gU-AJtQxsR=q|AS=>=6Flfr%4eg7ziyzF3O9HKiAn;58@G$s06W!5`Bn7nJ9
zFh;u=av&%m03QvDg!L*XN6X7g1m4dAkc#YQ&rJ_;yV(YQxWA8(oB|bp6oMlNodRt$
z_?4m`kP#$@1PLC5SV0<KVg1Y70^C~gMv#mKT(n3=+`;B##+FfQV9U=w97I}zEK+&W
zU*6f!4>Mc8=38?rTF=v=`KIui^!aVK;L92sUI&Hk$Kc(0NRq@tRqYQ4oxcW(hOTbf
z6vtqG?0Pqx{hgVvu^}nZufQwv2!eVlsH`LfZL()+ajSm5AU7BFqVq|hHzYntuU}Vz
zRTQ)ycnnJqx3GVHvh5CWG1TAf`S_Ww?xkIqodr1v#VCNJO-v^O;JgNcF8k?UJCcpd
zpy%m!x}1n*Y3e+DI1L(gQ~5(39eKFGb;wsVKikGb-WIYGS3n@L$q7(`H-TCuf!xrK
z)eL9rpI_fYlu8%f<y0@|z4I8d2}6t*N6M#xG63j^qw{ybghH-HKv2+C^o9qxvWW}g
zH?C%C7B<qumBY+}R2K8S2xK=RqI&;Ihf_V+>JTzo109*=?%h<71ry=H0pAD1);7I6
zSMK>WF*i2QMVL?-cb)MX%yDSse}JnY2+^*tOfh%Vt@n<OKp<ghZQuhD&HTTvt}35>
z>vWN)s=)nV+^uH&{mu(G`HKRT08($zW<eB<hvh*5FT_i~>#V7yga;`l7?*A*TlM=T
zW@pjAemMdb37gzZo+w+!C^aRqj}z3(!krnm21-GN%WG583fam!I`RN0&&$mXhPs6c
zLy5X9pg@*gNKj^ACMAFn5#U?!5ug%5m=&`7ii3jT4xAQAmXOl&Ne28A0xOgm?v|2@
z%JtV2KRih-h@o(6e8d_cM9UN0x^-*BlRjtIhG9}D4mdHbh$8{=u~691&qmz@znS|R
zUwi$$oGn(m34|384$s?QQn-j`ttu<3s1S}8Y9TT?KnZspy2qN{d%i6NYqFD`?mBva
zXbkJ@salV^_>j#EHIJ8DS@{Y&&VKX!*-)nXI4rc?v}(C8Bvpryy6sQpvw^z(uczmA
zW@apDXjm8yly+?SrjYaZ8w7?~Z{EC#rMp{h1WvQRbdDG^zWnb2KqyR>CSIUOf#?X2
z+jg{o80y9vQhh>Cza>4sa~~$pFhH~MiSJ4vc=Zsg-6AD`DBwVqp+zeOWBsUugVaRj
z+Urgjn6QecAeb%#I=^}CO1i}&W6&voPdwuqG=obE(>6I}W5W>=)3RuEO%C`${W2HF
zT6(1hP)y8%f)oTA=5&(YcUr-dE2&d?xu{xhU0!-O_MIL<5c34=326DN!#P?Yxd)G^
z)qwaika0JDYRUjoVK}ne-&>G}Zx(pW4usMissRxJWIxCGz+(f5*ahj7p2D2KKJW>U
z#2%81gTNyqJ0l&k!b}D>$mgLUYgj<rbS2mX2K7$#4ilwM7CXWrz<H&0KE8Z&YRe09
zX~<8(4=51+1tHdx5zjf}d50TB&*=SHzN^Z+vy)!I<DRntwI6nuKREU<m=;<Y<ss#Q
zsE80B+dqX{K`_JKN<a7+IPzzf1`S|KFhe4z{=07sh*b$GDR{CKrY#WLWk52KV3qw3
z-GSSbiOYN2q<1{J)`flTKd1Upuw#TY1bcP?MoLIzKswevDzd;1(Q(19ssbH%Z-1W<
z@A;}2Oij4?#8<D79SBLXSs)TZwj;sx5?&*a#UiJm(4cuYX#EycV1zru)`Wi;VVw6s
zY6(fM{v0o%0R#hW2Bv2N2-HVEV))Wzf~293Be5*_(+mm>VB+i7ufs}(kpgy26U@C$
zO$0svJt%%C&+piR-yn_{08uj9hsH~gP~G}41Ly)q7itG7?VyX3dH>Vh9_SMZpy&t6
zdj6h$18bJTV;Bn826Gs!f$zUKf?<y_w9Y$U<%XOo%!A1CO$gWBC>)If*M@^*Eqb2`
z0@~4(#=VC8vq2D#r3c4`U0nQ|<V1l69g=MwowF@<r5AN!g67k;v<q9>Mf8U3XB`H9
za~!C6;JxV%mf@tvep_|0nB$c9O2(r}LxGtf-qI47Vg@|13{vT^$YeA$5IypiWO%6F
z<ndD;_FwRbvOMfl+pq7UxEeqlnT2^Hnxz>=8heeuLz4RX^<HRh1D-9OCf8#BnjxR?
zdv@AbnJDkQ>20IhqA@<$UI?9G<KW1^QVAmkp2P3;%Rp64Eh;KX4vmKHZd&{a+8_+(
z0UNv0&QH)>t_j(aO6QP(mD-zMzR4&=-W#t77*nZZX^U2lEcPjZVK|V4Rq0N2kzM-F
zAK@2DWda+d^5DkxTw$)DUDHR8+glNr=n`oEl+69=b#%Zaq{1yCGV!q<Gg(?p>`Ap`
zcx||?ZJo&C!!vKvgym&R)V>&955(=K*JSIY>mh-?K}14xor=opWeMGIMS<urK&Vhk
zW0kmTd}A03r^Qf%haITSuVu6`^#xO((edL+*V@~P?n=_?j*Dd9KHqEXCI)S>iI+h5
zz|7lha%>*GeQex=VIY~;KX_YQ(E7Y-ww}DV3mAhAt8j~d2}4D(`uIh5$;%pg34MB-
zlC>A6KV(+_c_!B!m}#6075?gyZ00U=W``)d6N#S62AjToXmCH-bOm|uN*vTrUEj3v
z7d-UsOzy#~6N}@#w)3@(3<yQdJrlX>jy~KAudTPIr}=6fwQR2dD>+g0kNlk3RWyUs
zcwM-&=jP^y!6HeW*r~LG+h}%)*|6S4*Pkzq<yOCB^fQJ%gSr*UW1hZMaBF0S>n+g@
zXirH_Ufe&foOXn*po_Lz8_J@jrv3_<JQzS$R#xy+cd?Q1kB>Vm4)3wJh*{JcPI~tB
z_jBVOL`Fr4Rm7)3&wKOb)6mWG^n%4*@5tC#pt<>aJhPAQMD{H4UwWaStPEjgAGzOK
znBm=?4{9upnFu-;?l4Oakqw3r?H*v3^kZ!az-M#M<~1PN3i)9qAN=cET?|-R$%Waz
z(ST6W9ArCfr04{bgf&X6aj!4ZYC$4;a`QdJRjvQ#HCg_o-IDa)VFG323XHnXpYOvR
zAinh98RxtGKbuUs;wzbTU>x;0)xUo8#;!n8=wBPbO*d%8Fzv;Z;u$pb^d`hkYB%Z@
zS{GS54V%4gBZ&$~bFNlbE_S{cEq=%WO>LMYC_DJgScmtj(ut4;D;HPqfc6#LzTy%)
zT970(rOcvmVD{N3xa4I*CIj(QLHUQKgWxO>jN8D=ten|`3GZQ22$&r4?Ezd28y^}{
zv0ioamiN2VI<KXmfCIzMqBoIU^5S%VRqVkb51Ym)^a8K~A_fN3k?i{p+}P`s6eTaO
z4_xmS&nyX2;XFoH=|+>Cg#<r;0!OxYC|K^nv?oITd&vp<4L4&2z%r|~{SpczZWzGf
z9jiXd@4lP2kr)XJD{Dy><0lc?Tllocd;NS|w{HEY>R~AH(DdeUT$1Gakk}LfMN{^~
z;6BU@9@CH4Qu`HQzF`3r<6vdI)TT}g&;=Ut^2!R><|JT$fr-8V4RIB~IcT^pF!?Az
zzXmi4y_{WGI2qh3ZDV6~fZSQ)p5}loc#LWZ;(IzF39SM@oSvSx&e-^>Hf>u%rk<}~
zVG884Ye2%G&IqK~xa%a1aEhYVX^ytdLoP?sClQ#H0Jt6I=H{gGm5?e3BlXz+o&}$Q
zPzB&e290j)Ab=oy>N!5iS9q3!#)ajZrKT<Eaddah>u0pl$*^3IdN8(Vekwu-z!Uu1
zD0l-`2zkR+f}Nv0=?U+@KG%E~UV`_yJrws{VPOrJoRo@ra8aw<&%XP-fCdO>4ImtU
zXKon@Ex<Db=K@?d{k80h<qaiXqQo)Uh!r<Tr2r0w(?hbKu}6gl)q`l9<bawZK0i1R
z#BFrWALW3b!PxpWQy&i_n5beh228(9u~BteGd;a-Sf}1k0Vhy~%q%R}irSHJab-z!
z1-#@}@TM!DT!K|zN!B;bd(s)PivJ&EdD{W}+5#nl6IsZ0Laq}vDs|%u9?-6<k3Kl^
zZ)WgY;6c#AyTugr_dWpDaKyo9f0ZASK|r^GB_S_^1;MHWnM(TKI;&BwtsDSvfM(s+
zHRGa!hT4>Z%S%A}N#$QbwgR|*VCy`k=aLULY?w4i6lDYH)-f`Q?p%ZeGU;U9kc*kF
zbD&`i_><rh2aRNRT;B{#4(?Q0m5m#~K*kW6Gnu@buDlIn5kl(b+1=FzM`U`z=0OAm
zzK=WD0Pkv_&ZHo_9YO`j@dN-vuy-KggJKByqm7gt<V_K;)v(1^xbp=G{w=MIVzp}&
z89?oO;bN!iof*L;HbYJ>fS`y=M19BdGbx<T!Eb|uL!gd2fByU#;30^PK;{a;><9iA
zkuBv{?J&s;j}Sf<gvG?9B+Di%fE9pTEFm%}yMD<QAPABrLJn{MmVp$?XTHE)B1p$5
z0w2KCO<UKv0*3@=KB8v{K~uB7n`O{&0fjnzsDspu<liX^q#Hv<2dO9h3I>QDRElK+
zCGLeHyACHsP)OV#9`h5ZA7mY15fRgGf4jK6rzOSM1Q^_yIHH&*Cu;+916N7R4ztma
zzdLg+^%S@uBqWdyv^rI)owHc3siML^92XZSY|~BK`!zs1$H&wpQ<pW236x8qVNl8V
z*+J(%!0vmt0}mzOY(xZUsFw6`7_@OvRw3eh<=P$8QH8-hPS<uY9YuZi*ubViOi8#e
z<g}KijsU^%xkbY^7O<!x@Uhpwz9#~3B0qVcx?9va<5)9|JO}9M2xu32D7Lz`Cg?E1
z110svlfGo!-d7xG!g1bXN##yD^HU8Zw+}(vM2NlE+uwrLwAv$Q;{PeJgpR8r(WujV
zSJ-w01qX28aoT;!59bPo76lV2!%1c7hJ^?Q0)2oHTQAPG$2WNS_<GE%(n7Jvdu$;6
zF%W!a6N6<;1CXi!R~&W(5~{sSL=+Vt-?M$V|Cu#@1e9F&>`7=P&=m~e6dE|rt2}Ev
zhM&8=#-)WfAQ1LncQ<lw#KU9_nkk$}`d-UJ{AEHY4!9`4<>yzb6z|~1d?2E+4lovK
zoErs^uL_^pv^+=SNm%s`$LHhrD`1CO!6buc_@&xP&Hc)?jcojTZl0`X{BVmd`|qK<
zLY{0NIV<q=n-G%VgLHxqG+Y4k3fhz~u0uxtyOA^eVsaCCFA&{gfqA4t5a(qwx4r-@
zFMv4EPoeVNJE+2V-tE-oAZNKCiH`&Zt^GE>iRP4V>gwvIv7}{ZYpSbX$q70a1K3w<
zKOT*+19+P~7~cHwR_<3O;f&IR1&lD0CXdC}TGITtRR{<ld7mu?5ab!oD>3@Dm_l?6
zA$8FGkmEx+!}=<Y%$CVWXlMTzHP94y&d0^I*cNi>BY53#RSzwZy;!!>YmSSH3u<yA
z9N1$Zcu)D~*x&!}v<*c4dp?pxy(>pRjYAlI&d~~AP%n7uNNFPz7(@y<koE=Q6+f1i
zenOs$l)Mi%FLeE=m>7%M23JJnf&+k6a6%0UtO%!08oLt%-xsP#&CWLEGW6Bcqehf6
z&{>C!q@kWbt7unOv#ps%;(Hn)*QI=gKowhq6<dM6ytvT*yg+yg>UK1lXaoXmz)fzg
z{1+D)$s{N^TG|S*-<pxu6Nz0}A*TjSO&Op}EWz^wDHT8WtG9oP?}6=PdDisRd$vnU
zOQ5W;fMbA|*Ki00s>b@|R$*ab#sr3+dZziAGvp#VzrI%!gK|T`XexlN4SxrGCf#V$
zA!>OIQ6uV<yuGDky5xZa!ij*qj~_GF*KJ4V(vp)Efu@tH220zIaYE3pseBa5956g5
z7gsxU>0^CQ6B{^%m7JI}4=%j52j;*36d+5f2C7J1W|=3}(xp5oSA@7FTN@p2&(GH?
zP*6}b!jt3T=Ds&71V{dYM_Q05ugF|2218DO110t6*Yqe41wH*BJSFwX6UgnMdx-(Q
zJ%%fQDn^ohKu;!5MM0FIg|%4*xd$`$_y3+#8sz`C6Q5OD%7ZXAXv@31yU5;LiMUE{
ze=btG3Jt*x_|QXB)0d+^g`OJ&3xZ&l{Yz#wHcv97FR=QP$M8qcW*^OcwsMFpaFvui
z3f&DQrXeS2c@<~5+AVD{GgXMe_>?t?1k#=7=^Q*~{um!CEmW%THZz~I;67c*9Y`Ch
zK-s_NAI6-myNKR0=@+G@ptuLh*U?TV$uw*{hzv9F@x=q1f3MRVNBD4&;z!3l$IHwB
zk%jI_MVM7=><dM(#kO8InS_&x(C4cIPP`DmST%qtVN4hSk;&=UKVLAG&~nso>|&Ol
z+i=sE9!{5|Q&aH5gNm+=d6+3(j9Iq4P=0}pR1-|SWb>OB4;Zg|!Z92qYY8Xy1^{o~
zS5vcqBnKE-dNBlE(w=&^{XVolPw$>9)8ht_eO1)sXe3-gClwAH7khTtFy(A|Ygi4f
zW$qWR8GD+%%q$rWRA(e)hUk|-klFpYh;>CJrLT1kld3%>f$HOIfii!LhtTC4(#$w8
zAn&H~h6kmMy<g)_K+Y|{({vMwIdasqI1-c5bspdEJUq+Hevav+Se#5X=Pr&xY?X~`
zHZ^+~r<@8a{|^E-HBCXhRYa}l$3}xdiDHeZ*%}=Q7&9biwo9@w=8t|8yZzF&J#(-s
z`J?ke2W;3dAWf;b!Wy+0@l8XW0G%&+OQs)wbLYvKvt>Q%dJ<n5MxUCJtKcRE-NDV!
zrJP?`%=*x*<D{rovMrm11eMPFK=-Ft@_k+#SaM#Xj;@1R4%sh+d{>*pYm+t{ge&wg
zf92%z@N>+1?6qx^X*I&?{w3am6vQzYcenC*TOyw^-g=uma<4^HqSuv7LD|T`SlLLw
zIFA444;`8Co|bj_5mB*d-`&6VldtZxrP6>Sg}sr8F5<jQOwKCiF{@^$`0B@3)RzQ3
z*}SWBN^zM_C${3BoSf@mr)%oI3%BOdF2Z=UsIjF=AYRtSMt{AjKO4Wch-UIXQJr7x
z!d&F&mXF(A1fPPWLl}7fHr|l@y`tOr5@Tem!<YWw)WzyWGSlm?IUJxnYJ+Q3<SWTA
zZ6kxFG&Ks9ybFQsb-0n}j!G9mPJnK#Aban*$6mTAPPThH^65wl#d})D;cVsHQ%cOr
z-kJNjXBLnvh(23b{~+YJc{2i<zm9=H<mBd=HlL^ofv)1>ksY5a@eBn;Mw>zKy50ZF
z0&KjGnYN`^mmg9QA(ba3Ba;KI8_d`tw~7!r7G%~4PzyKr?C}$oGS}lz?QAp<5rDEr
z4mXQ9&3@h(FX8ii&3jEzd)G%w$aysUk&=|syH2_D^5>-nLUipbPrI(0)dHo2VEjJ2
z8Gs#trjV#)Atg91@*`mPt$eIag&o2)K_KBu$aUlPw-*>AEG|wo;C^U?5GJrXd$#W`
z=)S6M1+p+4Qmn%_GAz@p7_@#(uiI}6S@X4;B8+dJbxpusIAVI4t3jUt<oE+$6)i3B
z&OvX{S8m;)@-Sijy7*sy>f+&y?RXVQ+@^9~zH8%*Yjpm?;R!$xa5UhH1lGT|NPq;B
zoJe3yfL+On?L5-QrS<AR+e$;qP$SZq_xfA&|51e&*nwh|E@amMGU)sD?8W_InRt|c
z8wEsS8v$#1w|rNdE9FiEjTeU2Rj|O$+j#%)Wx?@8O<!Men6If#Vs#xa&kCo5YC}u^
zYS{T%yy!Q!=YDHPi{vM-+z_qQ@ycRUYhOgoGakIAbYN#4eEFW&^E3N0GH}4W)o~eq
zTxS$l@#!@{C(y%FgdL|w^zO=x@M#Ts)771xo^rx@SGF*MP!BFM{%gmNvEcNx{VGRU
zOxSP5Jkwa!{L%Ico9&NFHAP>$F0%Gg{wUGnkjoRYGi8m$;K~`(@TLS4SC|AHHf<Q`
zO}1>dJUb{aX?`}>qHowN`}?vg`oVwbSGO)lP^-$`Cm{TJP$sy4vSbzEGavRn@y`4(
z2cvgkrkIWOkmQ=rkb5@Az|9Bx597WmeZv1&Gm@hm5O5~8<}xlsY)D>Y|6nTMbKGzR
z^FMYBYu5e5;DRr!E%kiVzMri6-`$AqZP${{M)yer0c*x!QX8$eF8z;kgYIbHvr$|K
ztX)J=8>bS-sk!}B4&aiU%G?b3D(YGy(_<Q0ZK03RkvxQ-b!Ph9i9$|mZAuo?XNrnw
zl^srt?u*i6OO0lRiLq1GJ)L`@7RT#yn`HL&TcQ^`J3IX*$zE`tKzDz3D7BcEn)){R
zhW5r@(GAXh9qmmHsa{R%X!=&S6@u$>!5etted03dc)e8u+D{Vmw#>K=+kgDXbNG;=
za@>*osNpm)sOH>`&^Si#h2gqtzHEzHSBb1ui@YxriBHC;+c2&i=>y8R&J}50;tqP2
z;$4A!7fG*bDw}UVupgT;I<;u6X{m|5_vCpLqgbLqileK+I>0=_tSV35zJe~s9I{5y
z+zeK5U=z)gyivCMaE{dA)*EsT3JTsueXX!Y$N0mxj{FvL<m00X><EI*LXt%3L{!?g
zMvF@INxRx~-uzABxGO}JS0LxupwM#^oV#_+`5yWb(OVulhbLeDR;u?=mr=_R5aiu2
zyzkL)UolJm>1);JYU~5d`Is&JP6`|>tjH+R-fD>*ZrZD2xd)F5WMU@%`{|}<7JXRv
zUc9zD(A=(p8vJ4#u`k*>=1=dl2sKdN+N5Gz3`?0|xD#~8QYE)Qdr|gHDqd<d=Vj4f
z`RtCjjo4S83H;HjmpA#flYV<VPxvo|+JaH7xu(a+5htM``2%4WKeWFpQ~8}*zC5Db
zBA41e<wb20nR7}5zmmIEEw$tMXOF3icvEA(eKWFmZ~#ITneW{zYz(QnQa|UXXI%nZ
zk7|u#$po09Ms9b##QRSfZ=yEBt6)MjUy5pQ)sZmFk*8$$p=lwL8uphbEF#AW8Q*kH
zc*=Q<d1-)90O%*9rjF=eF>edTGKQ}s`0TcyIbp3a_R(Zb*QlCQU}_>L6--e$ya5R8
zaHQ<fUC01XD!z>!!3v%xS=O=roYGcjJD$02iA_)87%AWO=056lV^`R@BdT%mL)do_
zse{~tke))<cYQQzHFbpVIHt*P9?Ynw-Hzd=hA)Kx0Ue2kB6b<*J>V8F7LNA*7exVI
z8KIIG`mfk<CmfHHpXl4jSW4cEXWn%Nh9USZa09G6*h87W(mDDy0;=$~|925-5-;+D
zABA9iWjuM42P`E-40C(S$bXa0WR8r7KMi;t+EbB0$?9JFP0KUj@%0Brp>YI-k=DIN
zF(Sd7(ST^d1AO|Q$2@#P2dIUXKmLolpQ!Ng;r}xD#l=zJnY>C*xBs&X;yGfBQ7VFi
z^BPk5Or%83O-<>L1g->|4?KmRAmM0eXgJO_CBq104fF@!5`-2YhL;c*7>sSs+qV%b
z1~4X^?;svL1ZNjy7!s94_%Z;HiJG2mJK1)nL^!xAJ`rJ^whY-5muZfX3JH+SQe&Ux
z9pUSY`r*9Q7?#d@d1U>|RM6Nx*Km>wnaA?+S7}sU5_=4*Eqa(gas32i1%@0Nja3OM
z5~if2aWR4pHHBm&RtK0N_XN%``0fbDcmrQn0KnM)Xz>M*N)`fa;5BQI6uim7@d5;`
zJ>c?)K#2lA**i3}3e7w0#fygq2A_c(AyIm`-P6gSGaBTy4v-6TIEy4CB0^429|x{6
zd`-wIoCrWvwo<d!>~JC)0ha|?AiH92%LEsHv@R6D59IqMRgF`wSfWHDg262A+Hqp6
zaXxVt@8uPdQcZYK2+Ot^mli!3&t-}V3B&2-hZe;m{m^&k!@HJ8#%~Bh+kl`PZ<JI(
z_-6@XmX<&%z^?5GCxY|yOJ?UQW~7P<hy>Kjk#h%l0Akn2@O=Uex!t;E7Y;fm1Gaqq
z`t|dC&auf!cObWdwj)f^r#tt+tZT0smR4&GJUfCDU<RPuf@&;W&9iiP64zclx!Lv8
zV-F64Vat&o4LS#Qf_U^3*fxBRk0mIxkT8ks=#W1@47x}Kxra6ShZqN)7=21=wPHqF
zMaRo~PF^%Vp|u7oIL$n@Dm5jhRx93#DN9QPY-Fkqr<5tayP(rc@bDOMrx&=6YTVt0
zTm0G@6a?QNav4M;Dwwk1Zw{rEY{8x*9WlT{1SyC}BYqd>ty==-k|h{be}72;?<m9{
zLySLg&rlFee1N6`&dx*-VL^%W)zaF=#-e@(#tyJX?S~I9$-=30QU9Ymb#--)^PlL^
z=;w)|2H2B7qPuvB*t+_ro`(Dq^VKKC!8&o}`~IQmf-u;gyug=^cJ@}ChJA*LitUrU
zB@gigt2YwA8=k`ocx``=<LQSl;K|RtGY$42XxpIrAkHqLGbbi?9PKW_mjr;+McaeH
zM9**I-;vCQ^EsrXn7ocJlA^+9549=pEdcY_*xW?oJ8*qJQXV-m^YicKYc9g2<)bYE
zcSp$`|7f}|R1zM=E59KR|4_1s&4eRl94Gte3==VT^DFnDT&oBE)#I`6Nz~M3$$)%b
zXJ-$=cgR3TVTNQKNam2s3kSgr>{KXN#A<{~*8sWU?ssoika!{GkR#G%TeP-U{F47-
zqLst%@2@<_8i8Mx@cMOUFxDkapWoqa>77q|YB_A^G)8xhnfZ<6Q*Qj?-5XigbNz;E
zsWM64euL+2-CMh0yg)@oZ6Q)-E~R{j>MVj6kr>z6{idh*A8pIDgLrs(ZfgX<^L+_w
zDtt#tBgAx(NX)Rzg=96)>$J4b_ei90+MpPxA*ll5-5rob@;-g~Zt(4`#SquiPfF{;
z!Wx1vg&k^LSg4qB)W3lgmJh-<(wUI&7wMsYb_X&(x$G)5<Z25aSpTH{=V<=LOgf|N
zsRZ>;TUxg6DS~I;rd>bB%@mT6S@+z;$I*TCub?D7V(=zQ<mE-p5QeN9Y(1avo6Bxe
z**)4KRJ?mBUB)ey{Oox#r)ma6Wi1s*G2Wmn5D)5(3IVO}hbS@l3}6rJ{Hht&(bs=b
zU<W4&p488L5sHIT6gy)NwY1@<b51=!J!psF;+`OyAEfiz;Fat1tumU06a)mDaOC=0
z>%~dyMMh=i|Dox-1F?SFw~>mFnORa43XzeO8HKD+*@<LtB3n^WluBik5lTfyWEY~6
zm1LGQkeMCAdtA@=_x}0qd2rvK&o$2TSf@Az7?x5#-9<FF>hS`=qZX$cwg*hV6U2g|
z{sz$Z44_ha9+|Op;XMhjTsIEyyVPW_&P0s{`)a^uLpIM+i>N0dfhz4(u^K7qRPTO|
zI)8a7u;WxhW#4TDy4jcSLQ3Mq@^{+!Kgw0&?aC09ez<;iK|)Nd`R^mESovYz?7<_4
z**Vw?*Q=kC|2X+VC>q*J?p{07-9Y4IJ6$5ZWw)ZT-EjL^_2IIb)H^opBZDg{t#fLl
z8FZ&rnXaF?2PmlZ)2BnOuA(S{3Hz$rVC^6h-n$ul6gnz&8gPoFk{A1O+(Q=o`a1-T
z;Ez%B_uh8YZ~yjf{>MOek5KxJ%L87WKWox*_CP*@#m%~X`}UtNy@YQFT&b_u#0_vm
z;CDes#zF6bqX(C&T5a`B^n?T(DSQh01r<6iwp(U|z&`dDAxE#l(?c^ujxRiFDd*bA
zI+mB?6yT0dp5!FL(-YN8x0$8aQ}KVu%Gy0qI>eiG^q!ioZj)mQbI+zI&E9$wwUxlO
zsH9V=&bMLYgQlFQ)3`5GH%1CY*VWZA;c967Rpv71keB>E;P=tU&)xD$DWj!fHgl~R
zHuq?+^|~|-m`SO#X#jzN@{H6bFTc3`;O9UEfLrDW_CI2(!1T;{o#_0&DGj7F;ie((
zu)X#(Q<I4rKZg&Rfj;QV-~A_(c?MrL<>aL2I9>Ph$}i+Gr7GFR*SMd7fdS+h<kgI=
zU0s(&8WCmX?=SlxXqvX8qeF#nT05}KL)2`0*-a}H0tF(Hz9Ytfe^4(uu_vz{`=pU@
z#>vU)Z~xkg^`=dm=o`3WZhG%$o$999Q7C*siuUyzCVSB{tn%Hyv#w=fu2*8DWs9mR
z#;FVU2Aw>4@;X<GVvcf$j^EC!>D)g}onpU!WWRHcT2RH{YGA5+=g<pZql$^{P1LRm
zcbp>=0_A9ftIiK5NCr<tr%NehXF5~V2W-ByPIlm_mmI`3cPzR}&Zs?bA69hGx!b>-
zaM9Tz;eq$Bqw5z-=et{{^*SdC-{2Ke&(NiZ4sX$rsE};=nJJNEZnmUi`Jwb$%$3q+
z`$^5<@~Wm}1*7d1$*$&24aLS2zslV0)0{%82A5kudUr}S$qLSXO`$ELV6<cm5N_?Y
z6Qz@f_kEvL-kr;rFSBn;|B$Tx^0<kKp{c1BF7=k>Wo9$KN2xyLU!pi>x<eMke!lu<
zcao|k#Y^nQm03n-^yoyElAq74+YYQgCV#WugBfvWrKPzKiRtM=s+6yqhAui8mThpj
zuP@<zB5nIo%f^q=1qRpV>=K{04E+EiN~}D%w77aZpPH&eO9|jmGXMo#-H$18+~NEW
zlNXoH2m6}k)OK2j>LS7jYB%Zk9lZ{p&qIA0FR=cF@~m9cW~$lO#ySfs)surucO%E4
z8W9o_I)xh?rxRCiOmuV?j@Y@mIh2GDXThPV!lr?Gd~x8?b{KW;PEjiLE{u9H$n<>t
z_Q%VXT?u?%HdI(JdZR=vN<GI(!(H@yrFU|{$kI~R-~VO4z*$f-#6zdNIu%!cKwx&6
zc~7hQ`p1jqscX_QG9O!8PhGUVB|yTQZi5^Vcl`L!{>-HW=PF+64UxF^v4=QE!_4KC
zioS@_j@`8BHWi_tjV%gXa3j`=&D)iZIywpi$W}s?uX&hOdhf_~Z_@;Z*J&GjTMs8e
zMXD7~udB7z9@n`(FF+w#{B}}{1RbMkLK3aKB}&pIoFO32nAdO`T<!Pu^{tqGzgOhs
za|&7JbG~0I0sx`X@(uSa&8hdMb*fI@B^oohA?aY^-))uG`6wo2O-*{Nbv|kGLP)IG
z^||@Tuj^)lrPe-=W_G$lUqq~*L?<^~>fT)t30fi!Iv2uMkqn`Hhqj#*03C4I#SYM&
za=bduy0YR`YC(d{;GZMaY*^~+;>F<3<#p6cEubUhJidjsO#<Boc>d}NW$~h!$LUwx
zP62J}3%k?a{YyCy!1mfIW%%3U@H|NNu%6E??MvA36X9MmD0`bed`fF5F|L+u`zp%N
zna&k2Kxo~G>a`Fc>wi)E61Ia&(w-h>1L)x+z{YaDZkW@PJ=?tXkl{}xD4aop8_3?C
zx9+Cq=8Y%<IH9s3YoMwMlARU+_N8;5&4F0|XxCRhgS0$AFVH-_!R2&KD4JwsK{v)s
zbEuHOREYRP9U@A&hd%!w*MOq5-nA7G7Pe_lmLt^w+@PGj+cs~6mB<FaN>c$lO$S9D
zjx4xfiSOFdavNS5MADy`K7!M@7#X>PhKhvEVFeQj87@swi=>VPV+p>AKYAw!U6RE@
zgs!-bI8Be?KtngM{jQvMR-0Tu^uvU<1xyA?_0B*S(rmck&L<oU?xLd)l(y-%lX?+#
z?@v51lGaApl|J82OK>BIJ~RbGPMCO@RW*C(Lh0z}9G#p_!}3T(#^f8dSSFl7<I~I^
zr%3gR5XvatxsVq)FfaglpSgG1_|}z_zKQ@z6k)`93Eop2i5s@sgbopkKK=9BLHvCj
z=m7t3A_{}c^9BzO5B|>*8@}Pm5SkmnB4|=hpGp*@5ThM|XB7nJ0V0Ml|Bc!Lj|$yV
z8<cS%a$x-C#I<`0Pnd8*NCJR+RRf`Y;DjlnUbx|*<0$azFgamU*exU`Hi(Y_Au#Fx
zI`g*k#$5tcLe$uwb1ijrbs5k#?n1?j+tP2WOI2Nc9Tp=0!Gqhv@GoeB4}&GaNx193
zq^gX(7Z*DMMH15-!;fw~FB6OKs@j>N{QMgc5fS!-pRiT(5idx@<2XR^U%x=k?cTeW
z&NLxlEWZJy#|ALlLeVuOumHgc@9`E6<4=;!8Nv4l3<9~x_)qLsfdl|5%R!<J1=NZ%
zlkfWU6G$!rx>5;By+Ft0iBvb7CN4#X`#YiAA?Vvf>RyO-K};WF)4-RZe1&I&_6j2J
zZ+_(<1?>=krHGW24~fz-kW3MFpDhxSVo4}M;2d6;lam8Q5GZuW^h%dTo}i;7;S2SZ
z_#aLK1yEfGL|7;KN0O*=-~T%;kYng%h*rhIyGeTM!SlD!lTw8<2maTcQ;{?U5aZ8X
zy7wdQ!Dhb_Jo{~ag?`IOs6(OA1iABvH1$hDA|mvON${daB|Nxs16d1TZfa*;+p5}@
z-+}dd`|h0$KDm^X)N@cJKki};P2ndwtBK?s`2$y>27(gW#Dui1{h@0I0lNCg%lQm5
zp`9k`$O>$6>@G%{iWWK!v7hdt%RJbHM7>S~p6Go*kglyxuKoQo8S+12CU#T6@60<0
zjKn!{|KrDF6nG-nR{ueQo)6JJ1>7)o=u+PjAt$l}{6WJ4PX?1Xg$O<pJBi?$T4aM<
z7r27Ak?P0|F*)hh4B5!1s$Ohz|BEX7FR6y%5M+3wkB*Tv_Hm*A`03b1zQNi}Q+7$z
z2DnyJ>yR$2P)yX}Z(=xDIXDhud6Qp)6R$phX?PA&8^qj5eCp^RDvBFPNjjiuQCofb
z{284$2Vbhm$V{fZb<ouMcmeQu=TKYWm7!uw*k|1gSrMuOKCEqMSMj9l;rXz;`yAz2
zOu7(E;-n=-9Yt<jgf56W+2TjhBNFK`_8WF3sY7up85kJ60#t%DNQi=J#hIZThxP`)
zT3oSe?$jm#*SMY!9lE&Vda+CQ>7SEVuUr|xr_Fr%@-A?iLx%LzT^&+QfA+*hNACpu
z0dR)EFOtc;1+1v9?_(!s&_g1Gh6>+|q)Q?Nfik<@@sp9Ve!`hPw*%<)Z14$5Ck?K!
z3QBoC*5v-lA^Zds2!IMyArrun!^Xk!zXPjM|Msn02DtG-i{|I&&yM%rfeVb=>~a4j
zBX^K+v>FyL&bL0VMp2^HAI&X~g^QDG844jn*Q1mnM-N^&p}uiSpfaCgv~RiJgl34`
zFeH`%Ez&wT9MS<%!PYT@Qr5u8s1|5l1N7rB=X;#F4!CV4ggUBbe}e+5FX@H;Q>V%0
z12&kP!4TzLPJg?$9J<CxGn<lEwG`c=w0spj^F1JQGuT3i3OGPSE5z)ra_krjBpCt`
zeB>7X8oXdh>f!d^53vPNG);r=;f$EK>k%a#`Fd*A)ZE-yB7guC1&|T64xW?xsPuL^
z1As@iaR)Wg^xzgQ&hJO(PdPSMngHQ?)!*-Q*z*9A(jg{*J;ctm9+y<(el0C6f;*u>
z6lp{P3Y;*D0I5)bai$A>_bdP1nzjz7GvO6xM>=9~dfiA#xmG)nif3<n5Kdqs2Z8j!
z4s<0sULa+`k#qIN6hi92W;<W?-lAcHUJ<?@Xk+gx2J9~o@kUJoC9WETgLtv%@+qJD
zjvj}gjqDDfBRKK_#yH73MaG7y52>pwJK$$<W<s}(M6<Mlf{$H!LYr)CY_OKX@#HQ(
z$t}w<y=PyTlDo*x!2#L&2WSPZ28u=R#4SaFJT(txl}}djBsF~=D>W}to>f|ckHN?k
z5?76w%dxRpP!RzPMl%O>0bOEYhvU0)%Lb&Uz}AgpGhC%d382IIN~n23A9W*LiWI|>
z3y{Y-pESiAfo+BY(8f(jivBVWcS<SP&_;wIR;1_~^j=iq0Y7n6QiYfHW5e-9?*tR1
zDW&8cKp`zH4YXJS5|AIuM1$ud!-LWZ_}@mY_^Te*&$1Xcv5<45NafftS;#o~vAeF#
z-LlW7EIjNE<v$KZ=tXcHASEappQ5Q^!KZTtiD5V_P#WwXjF@vCT^sqOu2M)YnA^8+
zM;WvoZpIZ&Bo?@t^HJTBTo+t?-DAHx4_9M@kRTi)fhzSri}DYb>W{{K)kIsO(JloY
z%$ZMU^od^v1qs9JjGR62ghw^Ze18*z%w|^P2YrJ=ey5^hGEhnGSav+BpY=TME`z5|
z%M9J8*Dyq4%4r03;!^N{P>*O`So0&Wgg(HiRtwFU9vZpU;7@raIE?|(ETZ-yqI|Tx
ziHY1;81JEKnp$4L^Y%vg7Yi@1-W@T^tKQE_d*|bF@2$X)gx_9E!yOM83R0~u7;g}_
z13O;oLdSrI)M#~@+5P)+$gJgot+NW12FXN1k&9(V<O#s>=+CNqKadP%oxM%7bV_1&
zDXra#0xzusg(TurB$2g*N)DMikrHR0I+|VIqGQdRnz3-gTWxb*r?W-xnBf-|f}TfZ
zt&itL7)uh0BwIKA(C$NqbpsxpYCbpy$+-nt=pjRJ{81=txTy~K6p@IcvF^fauE-(V
zp{%?emXL}u;zUU}gWUn=DDmjQ%Dx{(GCUa{aFDprOybvIRRlmgNHj@c5LLbPm@1?m
zo^82L-XyjxQGHY3{{xNVDOA<utObMmLs6B9<S65fiNA+>9txRoXdx+z-TRvXtTM1J
zBii;bzzHZTp`9lO698t!V!`M1LA)Pse7@JcEIB#ciE`9bawNj4D=+jYqW0bq7ztR~
z5i>J0gWl1RkuH>&2fp~Q!jt$gEsau@iNq+8{0q`I-VcO@=jy_%F^bdoZuK6(DTpPh
zt*uQkE}T9W^7C*E{|6<jqtzs^4IUY(*X*0PZB=p?`U?v7W1U<9^v>;)gr`)Gw0Hi)
zu-oqehK_p!h4r<kP;|ehP2=9OMFW*Qb{VVzh}^!$M}vyR*3AA*^cEsN#YsujeyALA
z4p|`X6m4)m#HoC(4d`1?k)gOJk+XOm@7}&850jL};B$%l4TvU6(#)Kkk*9a8&1#Rw
z*bnO&m6^6Z-KF~K(=?1LQ;S0n3LV>b!|+4WJ#fV!qmcQ31(>4$b=;M<hn(wwc^O(;
zyI(zd_$sF=IuK-g?1XP@kd!_|A$nGMnTv_@-H81|<VF%xA9_+8g(wSZ$Dk*afo|>+
z)S9Dn8?JdYxeoW0N<uyg`4U&nE|jAvD+}-eAQrm1XcYW>3KFn<oV~bq&G{AD@zh9|
zIsw{o?9p@HNY<nN|5^a?FdPZjkxB!W8g~YIWda2N?<4P#6y7^_gd@%93KZD!C#(V@
zk$KBU$;CaTb)fq9vW3_kn`56vDRXkLyNI9(hl0!QS42sL%L>n7=l=cBW3pk5;zl6S
zNK!}oJhi5a=-e9RB*Q+wai!D^5G$A*+u-6=hGFyr1SJMZ^zNo0D}t)g1U8|fJPIfQ
zk0Yv;8v-xL(tjaY;h6-*`iKo~5lojozkqQeJ|1$^kSboXMX?sAm6QMS=(_gS^J=ds
z_XD!-|2KFb>YEhZD|Dr8U0rX{h3lX$yny6koUugFz4kY5?Hf1_oZ!+?GDsUHtt_nR
zgYYP2ps9dFmsn)*(#-Fl9}z~i|KS3o(&gF#@q{lax{oY$YF~)AD&uYVkr#STqDCt2
z8*;GgF4D5Xv#A+>5yjzs0B;$RM2L=7xgB8U@#6_;qEvSF_AFdnju(54Ot!$phu*FR
znpj!1Rw(gEa|`V@g*b91YCEdY{vc0<OSc_Lpq(-@>|xm7_X7sGY#-N{oUlA|H~oY2
zPdI*XR%_kdeFMHtP0c975-6G}IK2;+)qcXq0W_Na=n+jA?#J`<WA83A^MelphDfBk
zNC<-qDon!t;YKR(9DRPhuJsM0;DhY2AdF9(ko5e1XafT`B8yHTx=6E?A`IsW&w?78
z27VG@-qD`QwY9a^&VsL+)kjClqvyCJ$-u}sRNU)^^|V9C<rgG{jt&l~I0Ep|YierD
z{)GYfC8|j*y~IjZcGvAI0gzvBQ)Qx;%&$7+ii#So>?e;u%Se6FwYB93p!YvNkMw(T
zBA};`r2dFBcmgq{t<3*!zl314CZRxlKt$Ei+-Z#Dqd`H%|EF#;bS;p7szNB5=xw9E
z#iH^BU4XaSCNzqTeBf(8DGpJcwYIi~i8R*pEunCdN$C1*?_#O`01YF+v4df0Q%HHf
z2?mVE$hAyP4(sL7wzCntJVfbd<zhf^at`XusJZF3U&gPG;&F4B3bOpBsj0c&txwiA
z5K)I$SI|vnfeop5Ur8h@`xTw2(E{hE3#W$dPrdRu6b<n&<}sLEH#O#vAAB=Ly6<F(
z+4I?%nP@3^igXjs5Em!%wvsyF4s&cO)=iXpC)=;6>}+)oIyf9erwjc?7EYspQ}u1#
z$h<TO#~)nMVOfs#J<7qMK-Q*$KAai3K(WF*vKAK`D-#<R6C=5SFRkSud_7Fl+2(!j
zZ88#cU9CfTf!{}~$NkE8(1hC$-P_omM*CxzmQw<!6-R+R^$yvzN^oQ6szUCU@-CgL
ztLV2c<htM+TrLz{uVR_^AmBmi#QET+hS4)I>0M7lvTITMY!KC5x)f!ia9c~lCpI&4
zMf7%Xj#tairL)I|jBd9dtJLpIXlLfWGJ3R^>HO2u&7vzxrsev_vzizC79_7cvTd7}
zO<MSQbouY^`O#|q&X(q%6$xLvTfJIlQx15`^e4B^(dvA&vPqu!rDW0|Z<#IIyRtMX
z`K;w#tinzC2RX@-<926j-}U&F$t3F@Y?)n%teQL<Sf$ZhBO;|Y_{S$}=)t>HNzvt_
z&CZV}&KgzEIA&)Km~js8yTH4#yXO1p^ak(Z=g(!scX{+mlqCTE!+k`7D*66?mgqOX
z-Y9Z9JuyqKk^yj4(k*lHqy;?)ir6;guLRTq-K#kBLGrj_-|^TSCx<W!nsgQOA`Kcf
zz6md5<6AejzAnf?p+r?;nUNjNBk%Jl|I?dvU+*Hbfs@xRy%gfHl<yKd=PO2IukT40
zvzH58l<f!JsKJWo>`ijkc|YmGbDXxy9oMnZ;!ly6)w&v8>&Rhf;_xJ{c`VblGL-#<
zJZPPUy9eo?1@sQy-6(*7ijrP%b{F%9*N)L%X6^iVeHZg3-J0Dx4eR_aUq0Q-aon|X
zm7Se~s<GMD^9|xtVK^LshFT#bIe~-6WL;zD+wW>KBnOYUp+V6_R4v;NX@BAN%MBfz
z7D=>4$9zIDF^j<5$YTWPR4+ppGhc^OI){?`+XjevtV~R<(dcuWzW*grURD|v)^k24
zs^;H5#hcp8`HH^Cna6zAL1cX%9NO|*uLD*=s`s(@5g+;P>d@-v*g`V}BXDIR4j&J=
z;NpbvbL!m4^@2M+EcKd>^Pkc?&c>k8ahsVgX2uq${q(=ZnUz-~q01$qqmL8}mV%U|
zbd4~sz!l!kA&V-ZXuQZ{$kAK-*Rn=^hNgg~9_y9;88zi)A8moUt}C1GFpG-5{!Vp0
zIr(W^-yT4ptFd91UXAW%{qv*kPRIiebnLT>>}?bI_!Js@RhjtscSRIE^blZ%{`@8T
zP@JRN@p*qmERLl9$piXb_d8>DYq8+`xYN=0{Mjj}c5a?-u1HHtYqrxpqZ2;)Z0@dL
zLy+~D3}w0F1K(;9F@XXR9<BC$b%B}H56<VB#~9h-XY48We^5KtlARM5KPT`zTYX<k
zkc%@rFLZGW%ljI)=7v}s>t+;v)HSJ$8}_&tyDj-`d{@q7Qe@<td*sLY81{bZR_(Vs
zemshg2A!KUE5(vK-sQz2J{q)m2CxUAazKsfa=QkX#0Gj!93#jQebeRlxJ^pv*}O;U
z!yEXm0u2h+Mf+LlV*D=PD2$*U1ha;>q>S_cL>i(%C=i(e#sdDl6hJnreboq4wl{n&
zhhU%;X~fk+R?>RtT3~O)U!&h7@i^&Tleh99Q_PZ*<zGvOnIfww0j;ZB<>FD)aCeq&
zr8+@zh*H2%c0#<PY{PDLcJ`r5TO8llVBk+adUt>u5h9Ib#0p4UDqv8wjEo!g?k3JD
zTM8kZ{~k_N{>E_6K734CI=UZ`99E~GIgIjXZ@Iu)qr27~`FJ(dd(~=2!d~)kDT|Z#
z!tzRe*f+0zj0FxnimQKrsAi-?9eu(d3@S;B_`oe{DpmUtmjJaYA4(rce)r?XMp@>M
zyB^~4^?DZ-d`d0GzLeitS~?GWM-!03A|T1X2+ufzG9ICVuyx*q_60yF>O*_<JZ}p~
z-}~tC;~jv70H#nNw@MH_CAvN+P*{-oizX9p2tj4#2WXk2an4t*tp*Bc?Nm_UF-_Qa
zIqJ#U6S~FLV0QL2B&cly&B6T&(ZcLfO7OXqJe`VvqlLw)!IYDOg}+_}e;F26P4Q66
zZ+I>orU_vD2O#YD@c{W%*NnqJn7)6nU4t85;3vvy;978foTd3qz!#*A!68^jU^w`K
z-x2Ty=9qM$X~btG;A8&4WSH4@eJ!MGBGv|FwS>>Gfg7Ta_*iF3Pkr{7t2SU*@;Y^8
zsj&fu1>w~J#!!Q^0P{85r4CzJeZ8|()z{aTM6D_-AG-Rl34f-f>BrOuiv3|bO%s%t
z0oOk9^7fwG5Kl?1+O?OaCK>|#(tSF%%@M6tr|K0WGuDb_4~T?2+oYa*1luuuk^~ci
zULhl2zmo!;m9DR^bV&6B0+GU0gf`RO;o13*Q?Mr^BkZnHusr61Yy)=q58Ml>uMoRB
zg#|5%>}$XbM9u_H_jU@nw@B(A6pR45iDr>B$AEN*VF~s2H?L9}Iy!}Y?Rlopi+@sM
z57Ef#J+438ax6hi8bByZs#BuhIwpo7$DWncEXUEXCf>LqOTKL<srm*NmUZH`FSGrT
zHhARN<D8f^x6Z2Kma8m}+MQKZ?@Ow>?FMXbIE_m*8ybp9Ig$uHEI}x_U|dEa*)$K|
zcp|<!Gdd<9;(mdremOicJ>H+?$c<iIKveYFpFbW*(g0onzXyQ4=ycA(Gc*p}a0jE4
zqznTtd46`7QU&C%UiM6cNWp=)5x}93a&vd1#2y|VZk#q`rYIL-nYixJB|xpyS^4ws
z29J>`Wyw8)nyLqAB0PF=0xNG^Jtd!I$aL`>(4XovIG5)Vv%V++9`3|H^m}+ZhfG|Q
z7yR7WX#|l;|D>S2d?G+d0WGJ&R}Qpa3L8ifQI^#S4?1`Xhr2g?C7(>tOP`ytAbITo
zcs@MItNNcdhWb%#H|-vLFM!nl8ElaN%F4`aW4A}bIcG@@-;Zv#>2bAK(Z>A#$+Kwv
zV1K-faaZvOcH-)+x<$QHH}Youw>mMp;}0KyzSKST=SG%e-q7ISYW5emwP7Gm=eG5W
zIVL9DOiFr!_a^%M=?gmZO8o#uUZRL1RI01%v$i3`WZuI9!b?znLNC(H3w0ys@RhDP
zHs8Tt%Diz6vTh)JDsYM704T)b!|AYr`siD5pBaGmKng%c1^oqbb6~G{55&?RVgj5Q
zsbyt79`yi)H|^;MX^JM(XABYs^+(G=O6Z>%D1*~9dqA>8MQ!*Ye}|>eQDNuN-8;wX
zlyq*se0s5Gc71S?NMrTv@(LrRKISYelMU3;*x0+iE8IE!Ntkokg*yc`XJZyu%$}bj
z6NpZMi2_lzLyHBQpMb9YD--7`{?yQ+K}q)f!xJ+IK(pqRTZuRJ3YS^7X>B?D=T~DF
zk^Aoj?=23Fdx`-C`4$fF`;gf$CMFO+;cOr}GF!P8M6WdhA4R`JghGjln_i`y`^x3>
z3@0Cn<jOEoo_@<uGP^uLD3Rvo<Vlr1mO?gmR$e}jC6bEwj#hj+ut<AO+vl<;-<9LC
zA9Sv0UB4X0Z&#AOHUwzp>AKZXD5=(NrVG)9bA<JV?f$k6hsO!FU!hXE<_J74M=-8C
z@-qrA;`Dg&{>mbN2+~RO`hTN@Fo&ne9qeBP;tdGFiTAQ`eR0050!|fXyW_ayHbfk*
zO3dP#c?^pUvQwaji+JDK*)`(*i~@)n;4Plz@&6&Vo8&k0VOI^8z#B6d3;7XsAtXM?
zieYAMdm1~W^W;cNwyI}o%!N!{pQ9cuJdTH1p2hWKf=XIh-$kc*J1MDG0iX1oo7)71
zZhP6Lh(GLPw2z=xJU8xL^Q5GtW!Bc;e*-W8$`?r`X@M}LHAv~+3>W`aP-QNtKB<ms
z40Q;sw)E5@TEK;|z+|^V{&SU3tZ@w&YMJFX=gS)5tF^gkspvFP%&v`Q^d<~iH1(?U
zYrZJ@`OU78L2Z;dQFceshk2=woBj7VQ@d%6E~}KB!-8bP$5LXWwxR!Hh0l246{jjw
z)!W8K^F(~|b^b<%w^m?!u~8}JqhZ{>uO`E>XC3~#^Kp*+hQDU<4?8G8z_|M|8c!<3
z3t+Y3+5r^AuX63{0UmDd>u0*(dk5Y>8RZ|7O2K4bm=jQXba+iYLp{=s@fxRZ*~|wu
z$=Qm8_u^}A`qWhNo3gCg@30(9eY3XGzqSY|r~Nv{bxC2N&5ezL-~UQ1A2O`C^eR48
z(KMl<`GIoix-dSPxOD-q?7vM_R8*Lv#&jikv-w=@Q9V6~mF{;uIkAp&^UVU0_SRMv
z0NyAh4kw)1%g`Ti%JJp+tpv60_pfPko?ngpw7aFmjpKrWYKWYpuT$%m_aLDz0)Gf*
z3}XD#XuWzY2ms%wAIl+BAs^!`iyUr<qX%|f{kO=|bS7xF?Qo4~Nnd&;bf+BS`FbI4
z<uAW0FQ*i;eUiEcX4<WK#c$8vy_69}=Ah2e)nEOc`nmOR57BOA7YT?oMTix(C+oes
zA17YH<QX^T^}*Nq@%<sNYYfv-RmmqG6n=h<bzVdw!;xpohLKTObmn0oH;Ki8gA!)f
z4rJ3iQdBQ><kcZu4(Sr$dtbmx^(+0!g&}^Ixex%wfIBjQVW|cqnVdwULc~kX2`o3w
zpK>wetRBDB8qn5GTXB=ND<@|UP*y|({gm6c(Lqb-{=~w&_p}G+)o9GM;_pHr3oc`S
z@@p}j^GZ~)Mi`yZ>4jC_omx#dG9~As+kSl)rAbFC6E%}ToS@>r)gw<8fB)WotNnH<
zD<3<B&ByjQPS(4VuIu6pDP%W&f0#YF;alMP%XC|fsB0c(yO#^yyw6O_6*O&J;nl=C
zx-sLi(V_0ep?x9B50CdNFP`Xqv!z-=Qgv%t@t3{_vvt!5UI3DB8Zob!Pwl1vsT8`8
z_k?i=9;AcGZ44U)Gz{rkbME_CEofg<5iII<K^RazDt*lJyV5eGp71NxzjmqA{^nD;
zE0tEcA-cikB8})U3IK9~4notS*1DST-pMhEk4BSiYp~mIJ73DHe|+q-_ZqVO{%=4N
zea=j#CdDB`m3V3@iG8^imIprVN%ss2DPJ$Bu+6e7nzB1OWG%hsj7x+*tMq{zRRv~Y
znck}%fscE<4BL$J_`0o(S0)bU1q6L*j1XwCo_qhNU`zFA_E)9DtV3V-JqmGef2Xe;
z@&LRBV%ap;TH8+SBCOokcN`RGFO7U`W(b@JM<&8sz_mRYph*kliE?^|R7U7hA~B1I
zbJ=%x^H~}Fl3UML?P|2+1&Ar{KOzs;6+ErihK)sUZz<DlDK9_unhNp=?UN_(G7ohG
zS$f}k+PYsI$zg`ezY_J?sfXj)G=pwk6Tjr6p_#Zz_H0tcAf=(~fTmy0P&!>N|1YuV
zM$0ZcO2b=^+#OQ;k_5`OeG!TslXLqg>Hb#6U8^YSlV4>hHKkM&qnWbq)H=0zJH}Am
zDVf#j#D?l%jax2s_{waQQVvtu!8dS35uzCR_AY~LyBhc73(ZdUuYE82wW$Vc_U_1t
z6Kb|vz~v3lDnEYuQ~+Qou2$T=n$S92iH;`fLZX8J$wRb6(0oI<Vhj5yI9X#8aNyTL
z4FO$kg3cvO#U~4l0BrZ#pgzIn97;F?;2peTIy|8GTVw>Jw)Q4O!<<I?|Jc{cB=k5$
zH6h{k^T=u2bu#7Py=C0!|0a|E2aqYcn;J}21Vl&At9TdpBXJzZ@6rL1m*L)DMQAio
zE6_QUk{<dKGQ;n3`Vq9@a7o~I*_qmdqJ8Eje8corgGTq2m;#<<Gjq#*@@7Yl(Z0%i
zWc=y;l`Ay#hxD=rmbNgIi#)gcVraGOpe#J47ZkEZmCZwbWADSwwI)d-D?5(5sCm~}
zMAciKqNdcH%kWQ<qIlE$i0W|x|Fm><_5eqx;_7&LgwWbl>1MeX?hmpaf%IDaH>3;@
zpMj1!EM15=v=L_jv5Ehg$`}qxXHx?O5~pTjf)N2bQNKXWL}38Q5Jp?HfGnW^le`fT
zzQRm*3vp{j**li>3X6*VLfuz0xgZHD1&IIpSFncv1%7u#ON;0ZND5FG43pE)A@;-T
zLuhj3JA`AW#tVQHD-gk)iAT?#{URZ9_yhH8aTrVqLXHTO07@e^0g8V#UKL1IMB}re
zqiw(g)x19jtC8`S1tNv`4ya%m$)&Kba+U>A#hW*6?@knV?wQjKiS6)z<T{&{!%^S;
zRFv7EPp_!_QN<Nsg*}TQ?hG9a*~L^z8mgz>Q_zo2Ppu?wFbllL!zfjMm4YfUC)F{$
zM3YHlJg;9~Z||<T)+})Nz*Y%Y`7<j)fEMEzpb}00`X(kkbD-E3I-Lf9x=<;=IsvT&
z7qZwefe+QY`XkJN_%R7klJFdT0YfP&uS|g=Cy-Gqmug9n1k8uKP%%RU6NTM<9bz7&
zg%Ew)U!*U_^3jmtAGib7>$bnd_zY}}pAg&IgLxz~3W0tfGc>gE8N+kNsFr}AHx5(4
z!n^|&{DZZBL(oMS8XMOkwgF-e;%6qR4_q=gplk=p0Rig(CY@>~oFOp{ASgc|l?K!y
zCmuaXgQJYl9nPNVs`})>{m=OG+kyQY?>sjzovlArU9(g7p7OBowUBvs>FbH#><r?>
zxBC5l*iJ$5(UbMxti-l=zga_T9$Hwp)Wj*zZ&UJlI~X@Sm3P~)^O>)IOi!^EmoCNY
zODdsEUsaf{+m)yO?Yp#6m8DFR{&(t5UhE#q;eT(v_x~Fb?lrTtY$84fbW)t?s)#NO
z3hdxapz<h7t)?&Xjx&r-yif-T2&x}2FHD&v&CAin<&cR9MEN%agoSuw1DY(+Y@+>`
zNk^rKT%-^Enn=79+Jv=^Lk6xR*sbf}xhQ<FLQfMU)wE-0ZB2~>P;(-04#~){&d$oJ
zr`b;1ns0j;#2WJR7?By90rCw+ojTLfN(lcu;=Kf=uNepo0&4+W6nZ;6V@=BsYM=i&
znV66Z4ZG=xzP=!asus{#GW=PV?z39|z}i(gu}h9+;udH3fpGDLD*^v*-n+R&yz_|@
zw=k{VF_z?dzv>g;oXsQ6Mi#FeI@24a5gL4I^iAGM=0Kw0=L0n9m$R1Q{s!ls(0C^^
z*?7V$ma=bl^3C^n>+HujPIow3qgxOliX{S7kSs^oFo<X!=c2&gy)hsZ+To}Fwkdh=
zWf;)VZ9BDCtb^yaz@71Lw0d<fqO1@mL1-SF%v{n=Z0SN?kP@KVhU5h<P_CiRSZ6qD
z0kyYEiN0kUo$?3M4@m^b{6pXyVWYx^?is#_7Z7Xkzc@!K9Vt65r0HmAMCR)&%K&Wo
z)p*An@h~{a)6&98WQw(Q3y2w{wXN?DS$;Oq3hWnP0AU!ho~N;HF+5iVNEylIBaeN;
zvQkX2{VJOVF-iPy95NV&p+pSJRQ$b2b5})!fBN(7MZ@;~j1=V#W>%XFXQw*PnWe{-
zw_g0vGg>O(lVZ?fadepe(e4tlTh^mnGK0cx`AxZud4IWnxyYjz$E@z|dm8k64-AFI
zZx;5d#;=wwG4hYju2g@`rCs}~Z$N1m_*bj3Z8BRx>;DET5Fi%cAM7E?ivU)H^8W*<
z_Y2?eo2xC1kviuW{u7k6%-fr?Ff~B|NceN)GBsg15jl0yHV}13E7VM2YY6H45+idU
zE~5FUh}1S3Mn*yC_i(P>AOWVp4nfVL?FEH%0sOQ&KRb0eUj89N0TGd_IGsp#Cx8a%
z+V~|Tm>;w>;8G=HY$y6kAyNV_NeETM#*pk9+-J}+(eHqO(xYl=WG`d}L<dUH4H6DV
zA|*hw4`6@~1r_b6Z?;HEf)X3)+Ye`$t0u&j-`g50lD*W*lco}<-#225B8w?j-+xo0
z_4?s$fhQN6D%E&ogg5@3X5^m^|JOQ>M<|=o`POB;ZR22cIth=-ty*%LsF=}13qdeF
z@`p*#6(*l1HXb}ooCq);_8}$RXRM1^mbq?#<b34hY*J++nRtZX1nrKy4`>ktYT!mm
zJODPKHq=59e4I6Or%*jaweny|W38i@WJZ_)Ktjs9;x-YUx`u3}NDF}u2T?j?vN41$
zh-gm4VH}B9DWLTo`ouKcn(#tEJwf3QT`GYWq5qe@DD#S_`|xhB_2YU3F~*OxxD9F$
z{*-?3Nah-|LNPOk)(vb*YEd!@SuM}_{@ptB{=zra?av{Lh1IDRco=bYp(-X72&AYd
z-_bS0rdg~Guo2-?G`z1z9*@uZ79mWsUam~V*hE_B8LtW^y-K8aNZV9i1*1-^B(7m;
z%%h#3BeUJg_GkZT-?;vK!1?`wUwpQrU-t9!GgzMWnp+wj@<V1105+~6x(F2u3k!oU
zW*0UD%A18U>|@X?zxc)PpWDd;zaA#%J?~h)*)n7cdYMSWnvxEXfl^p7L^1gr25*Q!
zR2$5b527o&G_1P)L))znQ@4D_+qd3(w^j80)&T8&`)0S!xO@NH{e@ObxqhpFdUb5N
zP}7Kg?C+e;cUy(uZ%zNW_1B1xFRiP$^Xkdrv~4E3`nLXOlE#;OuW3I2Ij(USodKp%
z6JIzV4cTZ&z(vvp35NGfmXo)1o;duBa5Y9|(bt^VT?W^Z;%E;p7%!_e%HFh9%P@+Z
zpc9?6GkjvUXTi?9P|$hkcWmXS%Ty0{%X;?gLTUf7k;$q+I)ClRI%b>wzuyU-Tgrba
z4j(3w_#m2+hS7a7WOU^-OYu-FFh7x4R_=3)$80`x9{Zm1u<pUhk6yb%`*KEtA2n>h
zl=XVcc^)xZs1=EXrN@k`q5S`A0U(vi$q8d^-_PXF$j{G@wN)t9H}i_{AJkHgNlktM
z1=RPBu39~a)~B^A_3X-ZnXxpunO8AreGJkEf6Sbs7d!;J?d(QFHe7agfYSR=JRfJd
z@V{SjLJ@+;FTR~nnz_pQSn|H6+o+QyBzEow=V<D=^K5>L?{7=Vm{#m$m9^N6K&op(
z?s#$kP;uD9U`q0iL5pJrK6?7pC86up_c72sZ??qbLR@+T%<A>C3%}l9>iuc>$ng*J
z#4WLyfO6?JWl8zxS?oHmD^CswWAHh*mKNWs(-V->n3{$sSEJrHK7QOP*QuB%*CmfW
zW-oW4FeXr;3zl&AH68S#mDSUV4->E|y^-Y;9V=~U)ho}cSH$rlSjCX7;;Tx;Wt?J4
zE3-!Y@B8q%Ak>X|*ZsZkzmL^zYtE)&XS!M2#iO*fh}AGY*Y17JLF0~%)M38LVhraE
zl6u|BuR)i>8#pErG8JPDziSKpx|AY?(*dWTm|-qE&dzPBWgX4Red+l2j{Dk4@LiiG
znA86YE%VkeJQN?Hn=$0&=8#UQA?HhDagZx`*tccAZ*QC7V`)g(HAezQ4K3I{1nW$?
zpRX&mUR&xUv(4cnMz|!70|v8xch7m^FF{<KUm&07;=2z@_B+zo){aumUfOV9w$r<1
zzDzXpV|(T9mS1H<=O^G4db&%TB3{TNa-T-k@bF|=?|9b3hZmt!vi0Bw3jxlC5|gbo
zLn}T8(=~6za$g7MFV1+t{8Lc=V~_}g<YUCS;%0>of;Xv&{o%l#=o+F8Lr<cYE&0~?
z;baT+H<(i0B&A!@+k|EYz_QzC%*(6$<t2ewYpnJ}$3%$pQ8v~c*}|FQ>zr6mXa-CS
zZ+kZvs-vw<66P?7rQ6~O9}U{i-0IcyNdHY5SAggp4TED$Cz}Q{I40mF2xOsSnZL7%
z!N3Gw_UO|Zi6eKot_hjx8QqD%Rb%Bpus#G4f06+54;f1BtXT|FB2HI`AL{TodyMaX
z`Wyuom=akMCB1UzXN7>)(rIsnazF*`FBAyRc6c<|uyvvsCj;qxe0(Imp8#b>*;_Bv
z37PaSh?c+MNRE1E3j7F{0%$0HLBWQuT<da(BZ#~d)701{<6yS}G<f}0N1QOqW@Oo6
zm=1eWJwP#V6YJkx`AizmftpBBr_KTq$UYByc}<^TeHlSPE8&Oy0GW?|eV!xlGb`%V
z?^^B@`MT+DXuddODkTPEW5B_BM#VoA@d6k=giZ>@BZ;fQ_Y)CaP(;dtf=avqCKtk&
zZ4o@z0q}xbLVu2Wtn4~1L%S@5>PyHPO8;hLavPQk_PpOd^2EULI4{p#Vk-u=W}y>R
z?VbApdm~|p(e657izaFkby&fNA*kYSz>_%i&^tdmy-3J~lK72b*8KEcdhYd=kcmvT
z;-~~snumgyHb(BR=o=h2VwTsSd~LLONXM`=rt1jLyQ$_zc1I^L2;adgT&TE6ggFBX
z)oYa-JYZ#svC8Anisw}Dd+LXrSFV&{=yjM#<)F$$Jq}#MwSz@_O^<|6lkj{p^HlNQ
zpIXi9M2;WwZ|X1#6VMz|nWo9~WI_9cLvPu@H{&jpw*3fxue8%A$3}O@&7FX|akQm$
zlrBwzK!L^2OLHjkg|BY=k)ua{W+l1FXOCjDh{K3dST>Q#=MWI@_q{~O;v}VC8m+F9
zjh->(kn%~Ure?W2j~CNw*i|@+DL{ru%wuk3FGa=dN1Ym6Fm-6rj0XNzyuz0dssbqZ
z>~rM_HVu^Y#9e{`^8@;!ORV~eQ`AOTM-fICu}dd`$hma7?hE4b6TCYlxe^i@W8a=o
zajPY3tTnWy*vfUP><)|W1@%nbTgS_<#1*tZv!yORzSVJ$Pikt?D-#oiiNC%f3x-T$
zlYQf8#oXGZL_OhZ+7*g@5gEF8C$wz><Hc!AOvZsR+sxsw@7Q+md=cF#{^xZcT}ygn
z2x!0F0Q$ju)O7?~b$4bjW_nJK0moQWNQ@#f9N4A8V5GocTT-cPcsIz|$bR+`uCivD
z!l=O9A*+#q2gUP-tzn59wjbWpm#SL7=05r1M~2YHwYA)d`}aN^ow!axsYX*`vF8zA
zbgq~G)16k<@;kQfDSIOJ<ZanV%Vej?XPzyl6*Rfpe6M{iKfU2OXQ@%aWTA0OUG;{f
zAg$bP$uD!uwpo|7XuQ<J&R1Jqzn43bGje}ob=C+o7+iy1CKs&)waI>3+^YKJ*zv;w
zChJlpSN?v#YT45_`^M3I_;$)=PwM0>IMhNf>+GvEHcRN(cK1x;pgF>#%QmK_r41;i
zGXBZN5Cos=$HXX<u1R^`yydkg%rSA{h_L<!nR{9HFvdIY(IbaN8^x=YHH)I?*f6dN
zLn(J=!t1>sT2BHH!IuEJ&+A`a!ur3~9ip9(ct64G6j*NjWi_Gt!17pQmF|L^g{u<F
zX;BK@b?O{#q02q@E4LI~NXaYy`n~r-j_?zwRNv@JV=^HX_v;(QS3eqTylh$TaPCv&
zWpBs7m6sMI<{<Q<QQ5TPSmv#JuWo^E#Z-~#D(aqf2X~I^Q5IZe>ZIAR2MSbjI5tW(
zDTM1>WICWNTtayv^VYU7cHx)Dw4wKt!&{|HS6^4`N*XQ{w_z;37s6O9BGX~8YA{|6
zF=BX3>-O>H!IQ;y<{Ag3=Z;HNJ-;BjODRq->65IKu7Md>YQgT8I!eO3#MCo%owmB&
zsh{7bs$H_tk6Bf#D||11_l16E1EcMy%{3^@-=~BNdF&R|+8_TzoIYHq^HDCHp$X4v
zBh!Q1%$MJ~{ito_*~sF!8ZMgA_At3(RHpO#@VOfaKjoh48R_}g9#N>Kl+h8MTqj1M
zrV@N~{v&ci^N<4lZUdn33cKFoJW4m@urBe%50&E|*cYF=a=+c}_sr?6Jnz`m`m8MK
zZJeUhI}L<l4-1^?X3^>@Tb^%lk}sZ*T;Cc0wEtM+;53Dp`k^;khvv2Pr?1~1Q*EbC
zY8*8!%+Kl$nzFj^)1Slbj;5)}I_tbA(apZT)7{KAvEHM9D>o=OsXzUfpLo5)ZcHz#
zx9`B=R7WavZF=3>1Otxef9->}^t<Pzoo%4*$qr;5t9)Z&#E~v`s;$SA=dZX@zim%8
zbBN|wI+6XlGbdEme~W#1fWj1RCnMeVqKiz{y~UN(;$XZsq4IFYJeuYZj7;ag6zaS~
zio@}}C$~#8b949M{7|9SCPHR3R37D0LA=}4IZh_jxyrVuzxwfcD!|7g>ay5}37W?Z
zmF-V@&Wwqu*WYs0(MmRtQxa!T{}$8UcIZdYF>QLwm`(Y)bQQeY8l(OB6&7jM&JJ@Y
zh%z7I{Z_2|Hs1fBJeI;gPt78WouSSnq9Z&{>lwZHn2NM?yk>qBo5lYVlehny?s$o3
z$HiO6&I4rayqC2o_2=+6Up@-H%uh5i6Z$t?&82h;fy-(?UI)Q9q_+L1x8yjss2fcN
z4Fx{U>^)XF7`Nfpw>@m4)I0dHpFNm=R>5p@(|>1#^KgXQ_>bS8>N{OHo~Jnu-;n5!
zeHL7#HzhS=K!0w_@=n_)&x{lWmgxO%7kYH&9}r94_ii#hwA0Sc*vZ!G{qv50-dfve
zRD&->c4o9IeNn$ezuoc5ghSOIiKy*eqa~mI{P-;2ms@WeVIr-%VNRQ0vMJ`ip45tm
z(l^^4eo8rHx>{;48uKy9^86M3WB>Ccz3{ID_+TR-HI<<NRV~<4yzSPp%^O1e2k)JY
zpuh#9m85XaEylcG?6a_5yA(lwFr|}pd5CR?tQ2we)x#BkyF4v+l`Y3&$9<<^b(a47
zgZ`gxmb|><RN#Q3z?rUstG*|DES2JP8h-S6E8R)E!M4^o6Mta`kFLrczmT4+H#ZVE
zH{WIAUHH<`Tk37ExNU#XfM+-7O*y<4Esv>{dhX)m8;1Kuxk8gYPj3ICchpNblhS`(
zcvv-}8Q)7aQR%j`cNMSb3RrH8hw}VB^)18(Ydnx~HM{MYC>eH1xBcoy8H(y+5oa#(
z(dS!VDKRbYM2O`cOjXtk4n7D<39;+MrbgzmAf`ky7q(i<^bX;9hFvc=y<xW3_rA(#
zw>mZOR`4PeR<S>+Ik?^pl&lv%*Hhcnl>N0`NA=QYC7D~F@@>qw9V}o;%zwtX4Q**N
zr8^b-NEt5$lE0Rnfwh;>J=(yec1ue*Mv+(FSK!MAjGYLnz?>_3SvpzDt|N7Ol#DGr
zh7Nqcro7OzZ^32<HMCmf&LWAjP|+m7bc2WvwoTBrTZ_YdgyFy~re{+!w`Omqc)@;2
z&GX`wl<7}>)z;d*{S_Pet^N1t+nH(o)60L6BKCfFtW17-d3mVc&%Bn5A2IE;rm>^b
zJJz_;`+VAUSyE9sKdG>qTn9Y~Wf&<=iu)%Yj4UjlrGQ}}Z=+kv!9c%*uh2H^dS#@4
z@C*kBM+<nDs%Fe)KW<^6_~PYD|JpQ%(e-P~DI30B9<Qr@7koZT;kzk9*>I5n5Jxh<
zT-njg-f?^AL<#eY=z-IwpKanKLPXL;EF#tNt!dgSd~?TNm(OvCX55`VZ@25)$CTjt
zKHhAl#)K}vmmzodiuA~+@%e}_4^jOs$jJ-*S()TlDC^Y~;1Dpkxo^lPe_wNH!>-JW
zWlg7TdxZUbeZy>SHk2uIxMupgaRk~;I_d?*|KU7)>IqFp!sRV@?sHhk-0g`e|2n!U
zVfBRfi;=T*o*s2MX<5cy$JL*w6}$XteHSB06_+9&^yiLbGpo$2KgvN)6*GSvnOlYr
zK2U5dz+7>NiKALnelE~&xBv+~X3#7Gc*CHBYgwEBTS1Yht1oYIx;hu|yy9deQ&(}_
z*GpS&CI|cIN|`wdOTW`dX1|_jqWfeiuY^j(-_Cf&jjreR7n&K~kJ}m60vIBe4LX%1
ze5SvPmNh21uOFQ`Q8m-{)TSipUrl)&z1ehgZFZ#QzbU#ecRs$}?Do>TWLcrw2m-}p
z+63&<!&s+ByGAdM0u+XW*(CoKBNG-i`AE?@sfH?7FGv@coVMKZj@C_YEV<}J_`au?
zyH?MQ`z1VkOdn`Vcde|<?DJ>8jwh_~LJP5#Q^~@n{SJO9j799*`v2a!LG@h4&iu7J
z&vi|UnipwHBU9>v`|iiITKO-(UfoV%5!n9e;3^-gdGfl6lhPvhQJWr`07&$cQHqB}
zX9n?+L!V8QB~GXI*(BTC!2z0yjn=pKyRMq`JPe@OP}_d;-zsm^jlNE=@~c;@EDvk<
z-!Pq=Ol9`tzj^%nso>kxhaOdxQHoo5UOBOT^vU!kJ*$5OhrasMKRN5xdo!@;j45Po
z7m(9h2oDB*E#LkJNHKo{Xc3S@Omm0Hz_tZO@<7rxPIt5D)XVCQt8P!RdvI9rV7IPW
zL{jPxAB_tFY^~}E*VAf8B7EOospnI5aN9xsdTEb<SH4Qc&uIbU5ZPh1Ym?S%Z``I}
zBqYjm>}d?Rg4v6h6@=J`01XPQR!nG;-Ze~N81ckF$V}i%Ps5MsD@88^li%=8NBMp$
zDD2sBoij@H%$Z$<n>Iy2lIJ&CC3ELP;NaKJmZS<HlQN?PDVg5W`Qz7Huf2>iNIieO
zb+#n3HUHU$#sm>cxsJ;*Yn{CdDRz`Ut$kN`AIv~B18DGuxqIc7#)6knK`xHFhsGeF
zfmjScjwhbDGO?OLeIm`E=t!T~!I8|01G1aVJ>61d&wbF=pcPXzyYOk;tb(Ec4*$hD
z_FG${WwyITeJyx+tmnAO>0qkUJ%MqXt%e_32DQX}f3Y?yWWK9x{(XAqoJW^_tvE!4
z#D#%LPmnD0pB3I!yc~xcLalA*;^acFR_wVp_kAf@iF$@!^*k4LToIKP;7(w_&+gN~
zaBes>_<L2x=bCFf4?VthHDIz$a&@!#SVG(zEckeeycO%iw5h)XLq23bd`PCETLn#N
z02Bh|PMQ}eJ4q;3L1E$TGl5J7|2=9q^|2z4h3|6J<pEU#c^`!}seC^C*~<FkWlR>s
z66N24bmic@?vLN+%FD+KhhE%@hcOkGfHs-8hI+E(iysfd9Y{<T%y^o2MvPSVZKnTk
z)vy!@BvdZw88z^;4r&{oxFWNrnQ#61yvxr#Rz2BpxI+su8VZQSK`aSQOqEgbd1i6u
z7cZx_$CgbRF#>|^{SE<YZ*mn6Xdap0de^q3u3lpm><XD?0_hwsra#d9kxVaGW_1x#
z=4YB}l|T94o{6`s-dpxF^?U1%i>W|IApc5%qsJQ>K;*$o&|iSq@B*ZfB<)FEwDBC1
z!M16#&<k92cR7cAr3{NM^l<PH>6@PRLSC;ddJo!2HO{DTrU=yw8wf`RS=hW|#~zKD
z|J$PKaaXQ9y_%!0?J_G=E1v$~ATMLM%C{pj<9F3)bJfxuZcvMA34M0d_H6YmyCf+o
z33&P+EEJgq1@V~Q1A2%E%;3BNV%d=r#AIOmzkL^fd*IrJ=LRi{>X&Y@Aj<}9X6SNn
z|4Y~vG19NG07>k`fZP`3WY!v<_TOsld03Y=UOOEW9W3Z)Ap;VJpwjprB8@fT^k@k(
zzBFmOFmC<t6-~cM)Q<mdIoqsf-0s21tarc@WEh}rG2Xb1wc@S5+Zqc{&Oiz$3F|46
z#z&4TsgUw5n*9oswjCn}2FDRW-;_V#Kr)~UHWJJRfG-q28e+3{={@f4$w=|vA4}h<
zyX}0k*e^J5pj=_60P4{~R2*mSSZ;Wwj5$Nx+}!DlTmJuEa7^O9)R~c-wVC6XHu2-Z
zV~UVvE<|vFaf<?{;qhKLd+YDPZLI(I%26;1DW|B%NbWYbvT7!dpxjXl;Gtc`y2#!~
z6e`%_I9Sv%q^rQ=zq1~1Jjiv|l@N}Dg)GK#(>v<L>BY*1cS2dsWVt;5@TMLWpOO+U
z%{jrnuMdj<_r<l|#-B`x_V*O>toJ~$v)qrXl3^(WyxY=zi{%1t4^Jrnw|wggb`=}z
z8C{A$xx=-L+rXvIZddWfjnZoAvTmNdLe1w>^LyD2-=7sYpcTTAiZ8h(Uu{I>Wa>n?
z`Xv^NH=bH!NeBN;^ZW~^@oo>k{c`f4WzU=TT$8>VZuJt^yqiuK8~*{>3!!jimSfwL
z*-(hXg#7U_g&dtl*|f*c>%K}gUwcu`BRoG?=&HayD0=*1@_5sDdy$ghAq($_p<A6r
zV_ChM=jA*vAB@dvU|Rmuog^bAIMVFbaj@iU)sl_E6(tVK-i9Z<ztoQkv3&>PFbMfy
z8l<^|bp9_m;T*H&ne~(Sx^eucHJ+8ed=$tM*0pk4!}i=S=`F2Uj`_YaO`R6q%X^MB
zUDKBiK1s6!rq1;w*c-T8Q-XW1Okx%WRkrz7c1OOn9rdzeN*pW{p%dN}Wi!?}wblL8
zdY3-2z5jmE2v10NTJQrr#CJtnKnjs~`+Wpk$%hGJb$~jUD^rOE3mRKNtUeg3;lVUn
zZCU%LA9Gw#co$5Y$ooiv>SG$BXCe)NQ%4=l1Q&)(!K_d-G@~)|WYllXAR=%pv$G9m
zz>t|t_*J-`A&tC8lHs8~^sy8a6N`m_6YG?u@*|iGgN+blrUIKCc*)oV;ftrhpSeKN
zj&U!IzjlJRJO0c}W7Mk9o&iZ&{*_iZH`uQ=j__UN<D@UZwJYy8b|fe$$awg8o|P_S
zC-|((K7|LiJ&1O7caZ~8uS_z*PW^g+8yNY{OaY9ag01OLwiY?hiDw+R<H~8v*dJPB
zbPXT|{ULltG8slpfuNiJU82By;~4MMnMHW;MXxw&7#iL<2~w0OwzmQ_6MKf~$jdyx
z+<(_qg^iTyfu?o%QYL*i*>eM)%Xi2$p$=ID%ZPM-CTxn<F}m#2lXy(YOnYe_1kZDk
z)9AS?PhKZU3^|+P%Z{y22Cxe6!WF$6!uPlab%d3W#7z7zgnEQzPZIiI4A8@gibxHh
z8h;ViNg@c*6kk-^v0E?s2;L1zupzN|Q8s^IJ|yuryY=r^#0(!lae@qYBGDXric^O~
z8r9mRctihrHp>kqJ3Nx>EzTc*l!mAb!@aUHP0ZDh$P;ruR164YcJ;9$eHwZ+PUR3q
z2nEhyUN*34U_8W`iIe3lG^O~uQ?QdF0tUG#{bH8GdOT`rOeA6pw+`l3ZPaal^yCS$
z@5yu)pfp<<Zk{#$EVit`UU1<Si)H7z?!l9-dJ4&t4e<vYk5$lFThuwv(`?g&D0Khz
zU753+cI<(;_ryAMmCnVkXGhAaY$2_`t+$FY=wWy97c1@G>}n1wkD)k+fYf<1H<n+^
zyHW*5EqWY8e(HjU3>bgWNs{$&sFC$w(i{9RDfm-5^@8l{(tLbJBvX7VYS-i6w~rAe
z9TpwQ)F_2mw#_#MD;crsZXq*C{UnPYGvUf|$)+$Xabx&j6yvTt7A&Iu<9?E->u8`^
zp?rz;?@tWS5W+!{{}8d5=z9v$74ioCQ6+g9NRm0{cou*66Sprk_BB7I4pld7av7T%
z7kh@B3iz9&=(#=~xf{tu=7zzP{So6X0dF5gF<!kg?haa>j@WQ9(K!{b1rxZaN_wv~
zZkbQ~Vo7nXR{ZaB{~9sb{YG+<R2~xs#QgsB*eIi-X+^W?c4hfeqMLHUpw9dU?aSu{
zw@>hsOqn{ctRk7WsyFPWTDyI0e!s3aFz=BRpt6TrrJ4d=dabBFG`F-Ifc8s0;mj|}
zjPRC+x3pfx|NZ-SC>-!verGiQLwFD%J|Mz75@2!@o>Q<Dvg1YVex>$XmZRhY8)%z#
zUm*MmiDDR$peywZ0!$n}(oPz335heW{M-uA$$i9A)|3A&fKsPYGs3x7Ce1)-X$4l3
z!Tz<?127u2O`Ij(QS?W&)KpEy?fFjOk6uc@FvEjxLZ}dgB0Df32(+fMSp#m>0I204
zYd#HPj}-7klkQhuiXm<Ihjj<~Jk*UJDJ_pllKw_>PJ!J46tqKcu_(&4HmSp195^!(
zaN+LKi--zuq`8oL8c%^_J>i-C#Gg3}R+?bJ2;sN~O%TZ!B7{2;GeI8$WPuOIkd9dC
zMOZZXGk>D|dLvFx*a{Nh0hKw?VYT{_X+ubb>2X;2N-|+EC551on8V&B(eY(rT)(3(
zkin~GiE)|94I0jrxM$%k4_eMSTUvhM6aHo0*w|>jK7qnAY&(TZuU}&4W+9y;M_#@t
zE0b4mFWRPZnLXP38BPnBbL-K+nU?uD79AiAB|yXL;Pab8pITTSrjiyNmVM0}O$_e0
zZ?7L?V;ai4*}z=Vm7hY=SrAd7C74o&h4uK^voknj4Gk~;VX;m)V~F|zp`?U80&&q>
zoUwDBs7jEF0=1E!W5$mg7AQN{F)F?yGI<=6WWsC4+*8Z)1c-Q(apvEEcL@4I!tf)s
zhUEQ_c|RCFL_$$X@&zytSv(HxM?9Rnbo(lpP;W_zmbGAFC-;lm04_2?1@V{BW|{eV
zmZT{RU0ozmixB-A8W@DR_R@3hzld*2hBR(DVWEms;s4wv$-bXWuX0OA<0}#wGxoJE
zCTbudhNRK}`sTZM3Ij3;(L!`5I2mun1NEQAn5%YZn6OjTFdLZh;4Ble3r@ieLA126
zbz6o^X51TBi1_qLqi95YJMf{(83}5aP^5m1hR?lf8Dncb&qo7?*+`K%jd63L^pi9!
z;3Pbm6U1y(@^`x}(Wc=hMkGDavXIjww{qT$><u)7=nC67oPK3itO?OA$kuvBM5IuC
zzq(%j^vBtKufW?~$RhDP5L%OjTo@O>Uu4yzs7bE~TJ&1QaGd9uBaX!H42cu4Qj+iv
zb`j!>#!Rg9B}UhY3;;t*UY}xuL>pH&Q!p(tdpUIEY(dz;`c!D`f^e+_E&a~62wD7v
zC|>A-N#a9xiXS%x4A-^4yxOWmL!rC=UnlVT@b=(Ch;&SEwruwQO;T>YhOPyZ9RejE
zhp3>Rh%W-FNkRmgNnG-8u?jGsnu{Q6lM9$fygXb=d`d{<PsfQz24`VPFD|0=21lEF
z&nPIkg0v2)8k3+Q<Z(43{-YEDbT}T80|xIQH&T8nDN=0*K4U#rFXdkh#jO?2PG(tI
zeZ6rznfHZYvJk#Ihhx-eV!OIrkDjPxNVZQL{BrDlW7u3-?!LH(8s;a>%=Vm~e&B?E
z#`sy?BybE3$PGL$cJjH3)R0}rF{sgo;K_ED@?q5(i+NGtv9NvDOPqKNcv)nEaoF?7
zQ4ygppCmT=nQ4IwCPoaX)1kZ67w3FfTui1ffu`GxXO=G#gRoQ&V5i?_7KcAS<0;Fv
zHD!;oLDWzak#eE%csZONlbF&z)b|#V0rFUSmx~cV^7V4@GvvqMuTj~=^oY~r2_cL6
z4OnPcxUB+yZ6VA*?*6S}FTYWtVmqdd`wVne8^=|22;xY9(42{I?Hxp!_z-6^8PJ35
zghwh3_ZtwPGL5`ABnhZM8FfrsEzRK572)E*gPim-BVPTup=LQrg85<)iK#%FGdzje
z0xugUIeOpR2X=w$PHHXxrO?ZL&3w(ib}3mqrSDK!vlP3z=ZlQWpW1CxZoUpgyu8im
zaf&mqvM-irl&m9(TbC*ames^LvHFy*eC6Sd6Fh%VVZi}-0B*M#327J4mxd^?zV&TI
zM3x;2l>emzjrSf%tn&KxUh}izSW^*VyNUad4C%ufeD0d`pPc_>nU65W4*MB<U;;BE
z(_ArTQ=nYM-qj!v7z`ozizkn7@4a~0Px*k9)S+#1$wAM|UVKOR%=#MlF9~O+aQGiy
zmj@>K0Tj*ThQAM{9-rYt!w*$$u9U-%9J!&v6=d5aEx)l@;(`D7D~6Y{v-a(PSQ0HJ
z83|P%x1FR1KF-axhlJ|ddj}_BS>8Gd2+#iE5TIz2aqW9~1C7|e#1i4ACR;bL*0=eG
zCdcad2c@?BP!$Wy1F^tCaX0JUW{bNI9w;lYZCW2LANKz$JJWb5-}a5qWQmAL6D^X_
z#?M;WB1=P*vKNwF%ES<|Bx{yrkBMJnDKsP7D8?wVWQm9f*(0)!t%O88=k58weBS(f
z)92GNX70J}>prjJIL_~R+GAYNzfI|7=IhtLV|so9W#I|G(;(g_yjr~Q?fq`%xo%IS
zHwdZgfsqF_BYY5qBmy;~VA`?l9&ggH(9Kl$Cb3kwZpb!>Oj!jUap_RNML@tHm5qAm
z{yRdG$TVDt^cos^0Mx+_4E|LA<z9Hsz(NR46RM6yodGQXDPk;czhgsY#li!ruf(YV
z!UI{Z&99b}6xWn3b5Y0=Mrf4C++`RqWDEV~u%$o}_&0D5n&Fv_G!+2!2I(@5kH;)Y
z1&lmAj!eN2u)MPiz#2#4+z$4GR(b`b{Mtu3!tgN?+BdC=U~no_0>D!i6g!HrAVJ15
zOA5o>2i_hsx)6dxnWGIbSpE;@5Hx%OVs@-u`w#^-H)y_v@wlJBoaPKIh_R9BnY3s~
zXF0AvL(im6HEaU|>)m|Uho*&t%VqY|xT(<c2yHYm=s@rqa1WV?OVBE#yLjzc4C&|7
z(1NcURKmu7N49+3ix<~?!1Mn?E1?TQ`EnO%ye}oV;0M8pu@!kL0UZyRF>m3N0bx9a
zTQkd`@WJVUxiPP(f$SG>`H<uzJoGZRO)UBDQ}y$?<9rH+kVQ$Aad4<j%IRu!dj|Yv
zS|eIfkd}vq{W)w+jo&*q0h@j=*%zAm0`w42?O@ze%onDauSPg`23$TAQ~?VQ)YgN+
zd4K6Pss*i*?;uG5G8j@YK>-YVY7}75fSd#a&-Mi&ND@f0utMw<1bL(qO}Hp^mSfj!
z0>JlDJz7t<|4ExVqo>@e#LRzjxCd&%Pq3fwP19R~XTN57ux`h9i1rA8C1LpL5GYyT
z4Wnz)`@9F-wj-+m25*nU!)iFcxHU4ifOoIVv-Z!9z(<FNjdu2RP8^WYY&sK7x;<OZ
zEM9_W&GOnG$A`{&-0^(wj~=7HHBT*g+E)S?t+nA(u=B8N_0CIRF9e)OSmtXxsJQ$5
zXHWlE#Qsfoqo8-{f;OfmCIRe%{O?pYV+-jD^UU&Y<9NHQHxQ7OBU=f8$fa_LLEO#F
z9{0wIR2#!LFdAwm4o(FOBp<dMf2X970++K%yfE5D8SsT!Yh@NR$4W%6gJ`V?<vUyq
z!euSzi1&bflRHrQnotg<FO{HG$}Ec|omBeU_#q`RQA1BpFU#%7&4DTS=ih+5+$Dt*
zSzBUiL)rue2EcTirv{=}&s*-(`j;+6EBV$Z&AwHy(+in~+$bC{qP1$3#z@AQYYsPV
zoCJuUR)Y_G-?B<-5aLEy9Wm2xs!u^8k6G^WRGAhW`wn%FX4X7JPMz;q#f5Fp%HYyW
z{JLaKzB%Ju?EH}UfJJp*xL#wz`A~Jo9+6hmZ|95KR~D|R4Ha;>Xr5gE!pym-_HDH7
z%h9K0%x)&mI(Df~V?sW4Ew)pNsQlr|=+pwe<i}1+E)s#`rQhkKB-Ps$CO=lU7u|}P
zi_w3K8@ZmA7b3X)-~ugVHKnfp=0e}5CpS;pTOXPDxHcinUyW0F2VWgrvdO6&jw=vp
zC|&cl|CD`-`}$sX@Rb}O!~wb@tVLvM;c#_ujOJBD!&GVQv6T4>BFd__>HEs)147Z@
z)iD|vYF~0)d@WwN&Z>9j>R-6fD?Jg{<4abGm)#RG_;~2ox}2xr8pYq+^h@Q8hwQMt
z?Ay89$(5M$aAOzWeA{e=hcwPR#EIojO#vZEVY$5U=VkLcXsf{KT;Juym2j?<v|x!?
zN43f}i=$+k^-VTrp^(yQ);?h_0Tti($y^&fO-l2zo6|1Vxd;1BdKNZ&q*5Ub@d3)7
zt%)$il+@HzEouLj)qSGN(a6%Giu86)v3pq#9`ma5U!5U!$rANvZ_&PvYkKJuUCm<?
z=bY7GnH`wjeeM0+wCkLY{o?%G?-cP;!aefEe#@&ZY1!1Z8Jfa3N4(C3!Wq_WXHycI
zP=pIEbd|T4dl;G>tV0`SEs>sAd<OU9J6;szIQUy0uQ;X}yJLRRZQ|0@7yV-I-)H+h
zy7N$8>?Np-57w8Q%HVFzc%mV}77<Smv6NI6MYlvmJr&F?+-Lzyiwn~?P&&sf#oCPM
zuFNdsdj^|5EGz^eKaxqOW1EXIYxn8J#oBFYMeUvYds6(W=tI(vOG`cLsq?gG>woUS
z2a_6flXox6Pn*4$8yNU$sB*lw<HsDW+tzy8HK(pp=JyD9?k(n3Mp=SpRg_|>R<hTR
zBMs$b{~V59zS3i6zv|_M?z%}5jYc`bon>{07nkItNr{rl7puhdy3dxKPVk7~Nqt%2
z+K<C8UE#xkw<J6)H^LWqD7Uce#^m>UX%TvVz~9~}3R}7OQ4t0R2VlL-{lrhYzrl#S
zRfLAP!*X&Z?E#Vg8l1F|*TT!+FwDF8Li;77s46Ukhc4{PI+W)p)vxGsG;f4`O=z@^
zyLh<$CT6~i^Qx`WC4sY{M1ogHHGj>I8l|RPb)k+)L0lQOa-G}qNsV!=o%#C|jTXM;
zRryqd;x!PkHVbSxtw-ajbEE3Q)v(V)g1W{f#2#57h~;7D*jGP)Qr2kq!1H4>sd0k?
z7}n6Ve3bhGui=r7ei2!jJ0VT8kI!rlEbesrLUS8s%J}M*Di7USTC6g9zH2BmdwN}j
zar8Mogku(q`(@fLiz9Lou34YYSGzZItzzkYXZjLq_SnW(8{VknP-QQ|NDQsfB;_v!
zr{caAN%*N+XGIuC`fG2A^oBDo>uO%yL#skjiTv|&5pX7;ukPektuWc2p|if^a3E<=
zgt7Y}%9DNyOh;Y$o|>X0G%wSwGVrZO;3lTJZq*1I&403Mg==uzE?M2$iABirW%WZv
ziX8H%oOyDU?{5Cr;ljoUzOyR}^xk84cE+PBXY9Z%&rThQoWo&J@#&N3*Xy~;(FVx}
z;>@{9iSvvzp0DEha?e^7Pqv?W>O{`Ap~s`huO^n96o9u1W#k8_lg|THjoDpz6I$f}
zhja?`Iw=soCUvaJQ<5k>r~c1V`J+A*l4#aJEH|&j2#t``d-|9i?e;^S+T(_5@oQhR
zZsu<@v0SzZn>=&m$piL>{z}KR6`gL~f(IuE`r8&D;ehmmAV*G6<C`IF+xYS0z|qK5
zyP+*N39Bt;pZ++r(*42m$~C^_W^?b*j#;l_I0K*%6%NXi*KmpnUO4#})WGdI^$iNh
z`wANob(rhIyJKp!7*5@>V1XcEQ7GmiW${ji8?gx>b=TP1%1$!f49-Ms4$)Zq)Z2xo
zmY#d81OLiFy^jQwgTPV(eBkfN$ZI;cdACd`yjv<C^Vzuj8%4lGWf33*Q(G;=4N5#G
zVoAW?ewO9&mS}15G^x2~vt=Vhj*_V9gDsLA?G^#`8yT4f;@BNw+YIjezS#QWusiB)
z)se*l53mR5try8K5ZsEiAg{OAz^ZBMbup(}w6&6yuy_tJ%7CkD&N!7<jJ&nV3<PT(
z&FP1Y6}VZ{qn_{_sSV`$sN5^VEx~+Y={NOq%f%6mwS|H+Ev^gHoDj*-7Z3g75{=5Z
zYvaRhBmR~c$?0YRr4(wMkoE!l{r~+W+>3C;F+;&)K3h}%P0%nU+3HUyw4!YQLW_HR
zZ0rrOU-g-9Dki>+cE~0w&Jqe@4Mo=%83vOarJ5OvKNWujYh=Xlw~zh?M92x~%x{3m
zTWGaRbO_%9K5as#)ee(k;F!Fa%eu1n9fJsgOq3OT0ZTj1g@T_m;8GgNBKQrO0tHa9
zS(i0^9IpGBy2V3`kU}U7R;q14B{^Jxo)S=~zk{5sD~vJV<qy06aywCGFM=}zAs9sU
z*gJ`_im`j9f1!{j6Ob=NnZJZHnMzPseP%An^I0B!t$iYPCBxxr8IVfp^viEI{xG4C
zauEs>xsTZf_)?g~3hJU3ODxmvJ=LliZV2xJs|xdqj6>H$F<JoIhjLnK!q@ozJuH$Y
z<`fS7EsWhUIOhIl21FaNS64*Im>psHWHR}PWp~wfX!BBZaZNA~{r++2E``BhoRN~E
zDXFSjv7J?FJTK;;p%HS8<3}+jbNzg&HnJq(yZ>Lmjr{vPH;?uiV$W0j--v&pGR-(g
z*T{grYiS2q{k5_!8`XQ%`CjUD(AmHUTzf^M&7~pYzbgyx6YA;xjfBCnrI3zn{Zc@O
z33JzCfC~a$BOd@*E<H_2dHS?)4?lk&(iP0l!RiC26JijY=`6uyFT-cVL$f>s^6jrI
z?KYoK@9vIgF$>!1M<evrKn?4o?OX}88lC3W*7u`78WFZXAA-N>0}fxNgWkU~XW{y)
zfl!6(kez>I6rcjYmt>K(D2SUw3)2S>k+Rl+W)lhW<u3Tq&}GOYA)kSFi$LxcK{n91
znUI=EB9OaL9l`b0-qniz41G3t&W6UAxS0gj=iQy1lR*?_nU#S7CT8_+Ke3bmDd?b`
zK-+bc1|b4;tR{BoM^8ZJ&@o|YCQ}J|>|a!16twglm7suP1_#1H<$-g5rIMQ3W)nc{
zB0)!oyKWf)2$qpPzIGdp7O?WcVZ|9Jm<X22nkrA_!Wp5#XLuoi#hL}N?mcxQS`|DA
zX5i*ZU`dW~c3<l<^b$M4A+9V{mhjn4c}%;#2>C$t+i-@KnuShQ21xk&@kU>H2TUz2
z{GKMJr=%#${5*kOeK0g1NMkTeq(wy?QU5|PNK`?gG>cSJ(#^Eo0M;?<7QDi>->U{N
zdGaaLUJZ_2z(0Rq1|75Jg#`sIsGq@w9v&W5pJj=oAb01HWefR5C8VU%S>ltEz2k`e
z%^DePD%JDg4Tz(~;l)|n-ZPhIK8OqlZ|W~Tf&qdt6Oz6JG%{*w2x9O`Dk}c|SFiS7
zuNpc8EZc4oyJo;r-*Y0HfEP313F2C@Dgf5S-PipoqzrJp9|QD34XYN6cQY_ZOxqL5
z52LUj@(5D|d4QPy6eXj3iuUZ8ItYXQd>^Joe)3rw8+*i%+*_ejR6^wLp(G<!mH`7(
z)0J2PIRpi_1aEVZmAvkv*zi8Fu{=0D&Vj*F5_CeH|8@fDC$7237Y*y}n3takiW3F&
zi48!0JVu`ijzYtFf0jbMTS{_gkbZi@an}{ZuRq*4%{IpDeaH=5OuY{q2aRRp46KiS
z#_U91US6OnES`z6F;6+&#htjiM588=4%uvE$(Vo#18->)zBtZ-o8)mW_*pq9sO^mG
z8zcF_c!gXn@J1)^G%T~40K>Ek4K4WH`l*VBFn7EB@KnM})V3omY0~90Ckf>7O;j=`
z&ZW!qudmoxa&_$^KSuwo5UVr#J&QDpH~fceE?hcWB^y5%?ihi*ET>*~E2f?uQc+8f
z=7&&Ufot=I$z)2iT*B3<;3I}m^IW(a&^1+v7DXRJS$K9`5gOL18SDTF{4%Pak-g0d
zSJzd2D3~232EgG8%!s*e#|G+7ve8#ogDY1kzVlc~9#2C^RtmyC=tl|?;%49KR!d4s
z($dh-@My*3s&`d42md2BhG{MeI9elq?T);z@%CTg;o&W1G_}*P5)wcIv=bZKndIOA
zW}Lq*dEDz69m3Fq>3uoOGIle31gjW@LLl?*<uNmAN(@TmsN$#tU!erP@S_wz=!uZd
zpwVc%+xCk_VoiCS51qPkDcs>|_70qj<UjwIv*e>yWps=0J%3wo)YNXIWBPsl7b{3)
zO*L2Oili{){({k_lbU^-{EA{2jw7fZhGaItpFaJ2;;<L`dcz;=%-gC8^*t|DivB7O
zd&9Gif0%tH!Uji)W_gaO5xePX)pWEP+EI5$lTPdvMH(9Z;Z%0Jg6ev-?8m#V*Fo=t
z{)a#o3WFHOu7%D6smZjCBrY<`XVjz=G%#SH5Xw@k-Dkqnd9En{?IT)LXpS{+A2Hyk
z;oEBn{fvSR$~u+wQ=dT`N`rf`0aSYfg#W^#c&>xKn&i+`WPDrFE3(yn_%qx?`0S5x
zIX^aPbB3mt7#<!9IWZ(DyvwF0l=D5n&bu!+;`P#C{c##KS?`)Vwh{Q~SC_hLa`V#9
z)YBebsPAx98N_n=gi6%!own_MQq%!<b$uP3KIrN;L|dTV&bhxiLnWkVGykk*7`$NR
z05*3O3PQy5EPf~;(BF!T&#XtXgPCE-?1VMw#cV@9uM=6G=XEDz)`3c>l%}jdAh|cf
zE)$}Dt@==}<gWARHrZKe^*02v_@xfN!$m__lo(~Z<E$AS&vDREpqFRiSUlV}*C5-1
z4T3;TgID(rjF*|Y1Z7=d0V`7sf`8z{P8F`6{oL$oa=IQF1oB1Lnu&1AHF;jyE0xT=
z{;b$`FG7edwr|O15d*;ZbG8943up592rR@v9kD`j35k3@Jp36b)7tPZg?5Bl@rL1R
z(MUVTI;|?(@s%i-X@=qs#Fv}_G;9RmRV$KGQp$~VP6xe|Tgk%MT{zNz1Xp(hg{!j|
zJ{SbM2@(9H^3J0CViAvPd2$f9e#ZP`n&e;!5cZ3QhpOQ9tK_*yQ_i0*eoh+N#s9?<
z1tObYe#d3iw)ETGcM33e4u*#9foPYCC6ig04fy9SC`qQ<sv<ir+5DzvEG}RERY4#N
z?7-!MVCIy4=}G3f>A#Y;+EQ@MtzqZe{!Gn)xcB|NNB#ovxTGZ*rEC4Z$}sF+(nmoR
z&7Zacu{WqKRXxBulkXRogNB^RWk{!$7^Va7mvVJ`Ch+Z7;}!W^QcoKznk+zb1HIc5
z_IEuN1ew3}5SB0BoDW!0MjR%w2GM%Mu%g?0BC{eOS@UUmr^3LqH-j#=d)dK*frCk}
zzRD7bNTwoF&euThp-;4=9EWrKaiptu4b-nku!crpJMV<KE3oZ?*;H2v6LpSO!)T6d
zHDG5NMlArmpba!&POcgc7l75vLR%XM^)poC`v7Rldw|E`C`S$-)&RKUU6As%8uSZa
zkL*|lgm@It*Bk*k4(cCJv~B_2;iP%%^9zZ;5D^&~8n_T@%}?-4yCAFPU}crgiZm^i
zfQ{z_HdYbDP?q7yBZ>}yW@D#VZFjJHjCAgSi~i4N(*G>L{y%@H7`-02-&FW?#GdAP
P6#TkyPEV7Dx4Hix@MLh}

literal 0
HcmV?d00001


From a20054e08b0e81582a73d6107e2a0bcf9d23186a Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Wed, 6 Jul 2022 12:24:54 -0700
Subject: [PATCH 05/33] Added blog content

---
 .../hello-for-business/WebAuthnAPIs.md        | 91 +++++++++++++++++++
 1 file changed, 91 insertions(+)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index 6c6056a031..cfe779b0ec 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -35,3 +35,94 @@ Developers should use the new Windows 10 APIs to support FIDO2 authentication ke
 ## Where can developers learn more?
 
 The new Windows 10 APIs are documented on [GitHub](https://github.com/Microsoft/webauthn)
+
+## All about FIDO2, CTAP2 and WebAuthn
+
+To understand how FIDO2 authenticators work, review the following two specifications:
+
+- [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/), which is available at the W3C site. This document is known as the WebAuthn spec.
+
+- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html), which is available at the [FIDO Alliance](http://fidoalliance.org/) site. (where hardware and platform folks have joined to solve the problem of Fast IDentity Online).
+
+### The Big Picture
+
+CTAP2 and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials. In this ecosystem, any interoperable client (such as a native app or browser) that runs on a given client device uses a standardized method to interact with any interoperable authenticator. Such authenticators include platform authenticators (which are built into the client device) or roaming authenticators (which connect to the client device by using USB, BLE, or NFC connections).
+
+The authentication process starts when the user performs a specific user gesture that indicates consent for the operation. At the request of the client, the authenticator securely creates strong cryptographic keys and locally stores them.
+
+After these client-specific keys are created, clients can request attestations for registration and authentication. The type of signature performed by the private key reflects the user gesture that was performed.  
+
+The following diagram shows how CTAP and WebAuthn interact. The light blue dotted arrows represent interactions that depend on the specific implementation of the platform APIs.
+
+:::image type="content" source="images/webauthnapis/webauthnapis-fido2-overview.png" alt-text="The diagram shows how the WebAuthn API interacts with the relying parties and the CTAPI2 API.":::
+
+*Relationships of the components that participate in passwordless authentication*
+
+A combined WebAuthn/CTAP2 dance includes the following cast of characters:
+
+- **Client device**. The *client device* is the hardware hosting a given strong authentication. Laptops and phones are examples of client devices.  
+
+- **Relying parties and clients**. *Relying parties* are web or native applications that consume strong credentials. The relying parties run on client devices.  
+
+  - As a relying party, a native application can also act as a WebAuthn client to make direct WebAuthn calls.
+  
+  - As a relying party, a web application can't directly interact with the WebAuthn API. The relying party must broker the deal through the browser.  
+  
+  > [!NOTE]  
+  > The preceding diagram doesn't depict single sign-on authentication. Don't confuse FIDO relying parties with federated relying parties.
+
+- **WebAuthn API**. The *WebAuthn API* enables clients to make requests to authenticators. The client can request that the authenticator create a key, provide an assertion about a key, report capabilities, manage a PIN, and so forth.
+
+- **CTAP2 platform/host**. The *platform* (also called the host in the CTAP2 spec) is the part of the client device that negotiates with authenticators. The platform is responsible for securely reporting the origin of the request and for calling the CTAP2 Concise Binary Object Representation (CBOR) APIs. If the platform isn't CTAP2-aware, the clients themselves take on more of the burden and the internals of the preceding diagram may differ.
+
+- **Platform authenticator**. A *platform authenticator* usually resides on a client device. Examples of platform authenticators include fingerprint recognition technology that uses a built-in laptop fingerprint reader or facial recognition technology that uses a built-in smartphone camera. Cross-platform transport protocols such as USB, NFC or BLE can't access platform authenticators.
+
+- **Roaming authenticator**. A *roaming authenticator* can connect to multiple client devices. Client devices must use a supported transport protocol to negotiate interactions. Examples of roaming authenticators include USB security keys, BLE-enabled smartphone applications, or NFC-enabled proximity cards. Roaming authenticators may support CTAP1, CTAP2, or both protocols.
+
+Many relying parties and clients can interact with many authenticators on a single client device. A user can install multiple browsers that support WebAuthn, and might simultaneously have access to a built-in fingerprint reader, a plugged-in security key, and a BLE-enabled mobile app.
+
+### Interoperability
+
+Before there was WebAuthn and CTAP2, there was U2F and CTAP1. U2F is the FIDO Alliance’s universal second-factor specification and there are many authenticators that speak CTAP1 and manage U2F credentials. WebAuthn was designed to be interoperable with CTAP1 Authenticators. A relying party that uses WebAuthn can still use U2F credentials, as long as the relying party doesn't require FIDO2-only functionality.
+
+FIDO2 authenticators have already implemented and WebAuthn relying parties might require the following optional features:
+
+- Keys for multiple accounts can be stored per relying party
+- Client PIN
+- Location (the authenticator returns a location)
+- [Hash-based Message Authentication Code (HMAC)-secret](dotnet/api/system.security.cryptography.hmac) (enables offline scenarios)
+
+The following options are cool and might be useful in the future, but haven't been seen in the wild yet:
+
+- Transactional approval
+- User verification index (servers can determine whether biometric data that's stored locally has changed over time)
+- User verification method (the authenticator returns the exact method)
+- Biometric performance bounds (the relying party can specify acceptable false acceptance and false rejection rates)
+
+### Microsoft Implementation
+
+The Microsoft FIDO2 implementation has been years in the making. Software and services are implemented independently as standards-compliant entities. As of the Windows 10 October 2018 release, all Microsoft components use the latest WebAuthn Candidate Release. It's a stable release that's not expected to normatively change before the specification is finally ratified. Because Microsoft is among the first in the world to deploy FIDO2, some combinations of popular non-Microsoft components won’t be interoperable yet.
+
+Here's an approximate layout of where the Microsoft bits go:  
+
+:::image type="content" source="images/webauthnapis/webauthnapis-fido2-overview-msft-version.png" alt-text="The diagram shows how the WebAuthn API interacts with the Microsoft relying parties and the CTAPI2 API.":::
+
+*Microsoft's implementation of WebAuthn and CATP2 APIs*
+
+- **WebAuthn relying party: Microsoft Account**. If you aren’t familiar with Microsoft Account, it's the sign-in service for services such as Skype, Xbox, Outlook, and many other sites. The sign-in experience uses client-side JavaScript to trigger Microsoft Edge to talk to the WebAuthn APIs. Microsoft Account requires that authenticators have the following capabilities:
+
+  - Keys are stored locally on the authenticator and not on a server somewhere
+  - Offline scenarios work (enabled by using HMAC)
+  - Users can put keys for multiple user accounts on the same authenticator
+  - If needed, authenticators can use a client PIN to unlock a TPM
+  > [!IMPORTANT]  
+  > Because Microsoft Account requires features and extensions that are unique to FIDO2 CTAP2 authenticators, it doesn't accept CTAP1 (U2F) credentials.
+
+- **WebAuthn client: Microsoft Edge**. Microsoft Edge can handle the user interface for the WebAuthn and CTAP2 features that this article describes, and also supports the AppID extension. Microsoft Edge can interact with both CTAP1 and CTAP2 authenticators, which means that it can create and use both U2F and FIDO2 credentials. However, Microsoft Edge doesn't speak the U2F protocol, so relying parties must use only the WebAuthn specification. Microsoft Edge on Android does't support WebAuthn.
+
+  > [!NOTE]  
+  > For authoritative information about Microsoft Edge support for WebAuthn and CTAP, see [Legacy Microsoft Edge developer documentation](microsoft-edge/dev-guide/windows-integration/web-authentication).
+
+- **Platform: Windows 10**. Windows 10 hosts the Win32 Platform WebAuthn APIs.
+
+- **Roaming Authenticators**. You might notice that there's no “Microsoft” roaming authenticator. That's because there's already a strong ecosystem of products that specialize in strong authentication, and every one of our customers (whether corporations or individuals) have different requirements for security, ease of use, distribution, and account recovery. To see the ever-growing list of FIDO2 certified authenticators, you can find that at [FIDO Certified Products](https://fidoalliance.org/certification/fido-certified-products/). The list includes built-in authenticators, roaming authenticators, and even chip manufacturers who have certified designs.

From 7f9e14451094ba7a0f66b27f37f8bad6d3986f50 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Wed, 6 Jul 2022 13:00:04 -0700
Subject: [PATCH 06/33] Link fixes

---
 .../identity-protection/hello-for-business/WebAuthnAPIs.md    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index cfe779b0ec..f070f9fcc1 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -90,7 +90,7 @@ FIDO2 authenticators have already implemented and WebAuthn relying parties might
 - Keys for multiple accounts can be stored per relying party
 - Client PIN
 - Location (the authenticator returns a location)
-- [Hash-based Message Authentication Code (HMAC)-secret](dotnet/api/system.security.cryptography.hmac) (enables offline scenarios)
+- [Hash-based Message Authentication Code (HMAC)-secret](./dotnet/api/system.security.cryptography.hmac.md) (enables offline scenarios)
 
 The following options are cool and might be useful in the future, but haven't been seen in the wild yet:
 
@@ -121,7 +121,7 @@ Here's an approximate layout of where the Microsoft bits go:
 - **WebAuthn client: Microsoft Edge**. Microsoft Edge can handle the user interface for the WebAuthn and CTAP2 features that this article describes, and also supports the AppID extension. Microsoft Edge can interact with both CTAP1 and CTAP2 authenticators, which means that it can create and use both U2F and FIDO2 credentials. However, Microsoft Edge doesn't speak the U2F protocol, so relying parties must use only the WebAuthn specification. Microsoft Edge on Android does't support WebAuthn.
 
   > [!NOTE]  
-  > For authoritative information about Microsoft Edge support for WebAuthn and CTAP, see [Legacy Microsoft Edge developer documentation](microsoft-edge/dev-guide/windows-integration/web-authentication).
+  > For authoritative information about Microsoft Edge support for WebAuthn and CTAP, see [Legacy Microsoft Edge developer documentation](./microsoft-edge/dev-guide/windows-integration/web-authentication.md).
 
 - **Platform: Windows 10**. Windows 10 hosts the Win32 Platform WebAuthn APIs.
 

From 62af69f294157f5df85445a01cad6c32a890b215 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Wed, 6 Jul 2022 13:07:13 -0700
Subject: [PATCH 07/33] Link fixes

---
 .../identity-protection/hello-for-business/WebAuthnAPIs.md    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index f070f9fcc1..42c82937a4 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -90,7 +90,7 @@ FIDO2 authenticators have already implemented and WebAuthn relying parties might
 - Keys for multiple accounts can be stored per relying party
 - Client PIN
 - Location (the authenticator returns a location)
-- [Hash-based Message Authentication Code (HMAC)-secret](./dotnet/api/system.security.cryptography.hmac.md) (enables offline scenarios)
+- [Hash-based Message Authentication Code (HMAC)-secret](/dotnet/api/system.security.cryptography.hmac) (enables offline scenarios)
 
 The following options are cool and might be useful in the future, but haven't been seen in the wild yet:
 
@@ -121,7 +121,7 @@ Here's an approximate layout of where the Microsoft bits go:
 - **WebAuthn client: Microsoft Edge**. Microsoft Edge can handle the user interface for the WebAuthn and CTAP2 features that this article describes, and also supports the AppID extension. Microsoft Edge can interact with both CTAP1 and CTAP2 authenticators, which means that it can create and use both U2F and FIDO2 credentials. However, Microsoft Edge doesn't speak the U2F protocol, so relying parties must use only the WebAuthn specification. Microsoft Edge on Android does't support WebAuthn.
 
   > [!NOTE]  
-  > For authoritative information about Microsoft Edge support for WebAuthn and CTAP, see [Legacy Microsoft Edge developer documentation](./microsoft-edge/dev-guide/windows-integration/web-authentication.md).
+  > For authoritative information about Microsoft Edge support for WebAuthn and CTAP, see [Legacy Microsoft Edge developer documentation](/microsoft-edge/dev-guide/windows-integration/web-authentication).
 
 - **Platform: Windows 10**. Windows 10 hosts the Win32 Platform WebAuthn APIs.
 

From 36fb955526c177e6f613c340e06aeee9241d2073 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Wed, 6 Jul 2022 13:33:15 -0700
Subject: [PATCH 08/33] Added to TOC

---
 .../hello-for-business/WebAuthnAPIs.md                    | 8 ++++----
 .../identity-protection/hello-for-business/toc.yml        | 2 ++
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index 42c82937a4..f5b734fcb3 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -32,10 +32,6 @@ Developers should use the new Windows 10 APIs to support FIDO2 authentication ke
 > [!NOTE]  
 > When these APIs are in use, Windows 10 browsers or apps don't have direct access to the FIDO2 transports for FIDO-related messaging.
 
-## Where can developers learn more?
-
-The new Windows 10 APIs are documented on [GitHub](https://github.com/Microsoft/webauthn)
-
 ## All about FIDO2, CTAP2 and WebAuthn
 
 To understand how FIDO2 authenticators work, review the following two specifications:
@@ -126,3 +122,7 @@ Here's an approximate layout of where the Microsoft bits go:
 - **Platform: Windows 10**. Windows 10 hosts the Win32 Platform WebAuthn APIs.
 
 - **Roaming Authenticators**. You might notice that there's no “Microsoft” roaming authenticator. That's because there's already a strong ecosystem of products that specialize in strong authentication, and every one of our customers (whether corporations or individuals) have different requirements for security, ease of use, distribution, and account recovery. To see the ever-growing list of FIDO2 certified authenticators, you can find that at [FIDO Certified Products](https://fidoalliance.org/certification/fido-certified-products/). The list includes built-in authenticators, roaming authenticators, and even chip manufacturers who have certified designs.
+
+## Where can developers learn more?
+
+The new Windows 10 WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) Github repo.
diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml
index 1e3bd031b3..6453d6dc2b 100644
--- a/windows/security/identity-protection/hello-for-business/toc.yml
+++ b/windows/security/identity-protection/hello-for-business/toc.yml
@@ -21,6 +21,8 @@
       href: hello-how-it-works-provisioning.md
     - name: Authentication
       href: hello-how-it-works-authentication.md
+    - name: WebAuthn APIs
+      href: webauthnapis.md
 - name: How-to Guides
   items:
   - name: Windows Hello for Business Deployment Overview

From 14372c68b13bec28c27f6a16b48ac72b85c5d5f9 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Wed, 6 Jul 2022 14:10:23 -0700
Subject: [PATCH 09/33] integrating

---
 .../hello-for-business/WebAuthnAPIs.md        | 24 ++++++++-----------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index f5b734fcb3..73677209be 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -19,28 +19,20 @@ ms.reviewer:
 
 Passwords leave your customers vulnerable. When you use the new WebAuthn APIs in your sites and apps, your customers can use passwordless authentication.
 
-Microsoft has long been a proponent of passwordless authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs. 
+Microsoft has long been a proponent of passwordless authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs.
 
 ## What does this mean?
 
 Using these APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement passwordless multi-factor authentication for their applications on Windows devices.
 
-Users of these apps or sites can use any browser that supports WebAuthn Windows 10 APIs for passwordless authentication. The native Windows 10 WebAuthn APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. No matter which browser they use, they'll have a familiar and consistent experience on Windows 10, no matter which browser they use.
+Users of these apps or sites can use any browser that supports Windows 10 WebAuthn APIs for passwordless authentication. These APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. Users will have a familiar and consistent experience on Windows 10, no matter which browser they use.
 
 Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
 
 > [!NOTE]  
 > When these APIs are in use, Windows 10 browsers or apps don't have direct access to the FIDO2 transports for FIDO-related messaging.
 
-## All about FIDO2, CTAP2 and WebAuthn
-
-To understand how FIDO2 authenticators work, review the following two specifications:
-
-- [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/), which is available at the W3C site. This document is known as the WebAuthn spec.
-
-- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html), which is available at the [FIDO Alliance](http://fidoalliance.org/) site. (where hardware and platform folks have joined to solve the problem of Fast IDentity Online).
-
-### The Big Picture
+## The Big Picture
 
 CTAP2 and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials. In this ecosystem, any interoperable client (such as a native app or browser) that runs on a given client device uses a standardized method to interact with any interoperable authenticator. Such authenticators include platform authenticators (which are built into the client device) or roaming authenticators (which connect to the client device by using USB, BLE, or NFC connections).
 
@@ -77,7 +69,7 @@ A combined WebAuthn/CTAP2 dance includes the following cast of characters:
 
 Many relying parties and clients can interact with many authenticators on a single client device. A user can install multiple browsers that support WebAuthn, and might simultaneously have access to a built-in fingerprint reader, a plugged-in security key, and a BLE-enabled mobile app.
 
-### Interoperability
+## Interoperability
 
 Before there was WebAuthn and CTAP2, there was U2F and CTAP1. U2F is the FIDO Alliance’s universal second-factor specification and there are many authenticators that speak CTAP1 and manage U2F credentials. WebAuthn was designed to be interoperable with CTAP1 Authenticators. A relying party that uses WebAuthn can still use U2F credentials, as long as the relying party doesn't require FIDO2-only functionality.
 
@@ -95,7 +87,7 @@ The following options are cool and might be useful in the future, but haven't be
 - User verification method (the authenticator returns the exact method)
 - Biometric performance bounds (the relying party can specify acceptable false acceptance and false rejection rates)
 
-### Microsoft Implementation
+## Microsoft Implementation
 
 The Microsoft FIDO2 implementation has been years in the making. Software and services are implemented independently as standards-compliant entities. As of the Windows 10 October 2018 release, all Microsoft components use the latest WebAuthn Candidate Release. It's a stable release that's not expected to normatively change before the specification is finally ratified. Because Microsoft is among the first in the world to deploy FIDO2, some combinations of popular non-Microsoft components won’t be interoperable yet.
 
@@ -125,4 +117,8 @@ Here's an approximate layout of where the Microsoft bits go:
 
 ## Where can developers learn more?
 
-The new Windows 10 WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) Github repo.
+The new Windows 10 WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) Github repo. To understand how FIDO2 authenticators work, review the following two specifications:
+
+- [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/), which is available at the W3C site. This document is known as the WebAuthn spec.
+
+- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html), which is available at the [FIDO Alliance](http://fidoalliance.org/) site. (where hardware and platform folks have joined to solve the problem of Fast IDentity Online).

From fc7945196d42e0aaa388e99d735135fee1938ca2 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Thu, 14 Jul 2022 13:40:19 -0700
Subject: [PATCH 10/33] Acronym check

---
 .../hello-for-business/WebAuthnAPIs.md                    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index 6df213bf6c..7720a79122 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -23,14 +23,14 @@ Using these APIs, developer partners and the developer community can use [Window
 
 Users of these apps or sites can use any browser that supports Windows 10 WebAuthn APIs for passwordless authentication. These APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. Users will have a familiar and consistent experience on Windows 10, no matter which browser they use.
 
-Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
+Developers should use the new Windows 10 APIs to support Fast IDentity Online 2 (FIDO2) authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
 
 > [!NOTE]  
 > When these APIs are in use, Windows 10 browsers or apps don't have direct access to the FIDO2 transports for FIDO-related messaging.
 
 ## The Big Picture
 
-CTAP2 and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials. In this ecosystem, any interoperable client (such as a native app or browser) that runs on a given client device uses a standardized method to interact with any interoperable authenticator. Such authenticators include platform authenticators (which are built into the client device) or roaming authenticators (which connect to the client device by using USB, BLE, or NFC connections).
+Client to Authenticator Protocol 2 (CTAP2) and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials. In this ecosystem, any interoperable client (such as a native app or browser) that runs on a given client device uses a standardized method to interact with any interoperable authenticator. Such authenticators include platform authenticators (which are built into the client device) or roaming authenticators (which connect to the client device by using USB, BLE, or NFC connections).
 
 The authentication process starts when the user performs a specific user gesture that indicates consent for the operation. At the request of the client, the authenticator securely creates strong cryptographic keys and locally stores them.
 
@@ -113,8 +113,8 @@ Here's an approximate layout of where the Microsoft bits go:
 
 ## Where can developers learn more?
 
-The new Windows 10 WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) Github repo. To understand how FIDO2 authenticators work, review the following two specifications:
+The new Windows 10 WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) GitHub repo. To understand how FIDO2 authenticators work, review the following two specifications:
 
 - [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/), which is available at the W3C site. This document is known as the WebAuthn spec.
 
-- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html), which is available at the [FIDO Alliance](http://fidoalliance.org/) site. (where hardware and platform folks have joined to solve the problem of Fast IDentity Online).
+- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html), which is available at the [FIDO Alliance](http://fidoalliance.org/) site. (where hardware and platform folks have joined to solve the problem of FIDO authentication).

From 58296a1117f08a63b77bf9b7a7c7415dafb56b4b Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Thu, 14 Jul 2022 14:37:13 -0700
Subject: [PATCH 11/33] Acronym fix

---
 .../identity-protection/hello-for-business/WebAuthnAPIs.md    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index 7720a79122..ba33c54dc4 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -15,7 +15,7 @@ ms.reviewer:
 
 Passwords leave your customers vulnerable. When you use the new WebAuthn APIs in your sites and apps, your customers can use passwordless authentication.
 
-Microsoft has long been a proponent of passwordless authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs.
+Microsoft has long been a proponent of passwordless authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/Fast IDentity Online 2 (FIDO2) Win32 WebAuthn platform APIs.
 
 ## What does this mean?
 
@@ -23,7 +23,7 @@ Using these APIs, developer partners and the developer community can use [Window
 
 Users of these apps or sites can use any browser that supports Windows 10 WebAuthn APIs for passwordless authentication. These APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. Users will have a familiar and consistent experience on Windows 10, no matter which browser they use.
 
-Developers should use the new Windows 10 APIs to support Fast IDentity Online 2 (FIDO2) authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
+Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
 
 > [!NOTE]  
 > When these APIs are in use, Windows 10 browsers or apps don't have direct access to the FIDO2 transports for FIDO-related messaging.

From ec925b7a2aff2e226bbc82fe666003dd3ed16107 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Fri, 15 Jul 2022 13:57:40 -0700
Subject: [PATCH 12/33] Edits

---
 .../hello-for-business/WebAuthnAPIs.md        | 58 +++++++++----------
 1 file changed, 29 insertions(+), 29 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index ba33c54dc4..3141737937 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -13,28 +13,28 @@ ms.reviewer:
 ---
 # WebAuthn APIs for passwordless authentication on Windows
 
-Passwords leave your customers vulnerable. When you use the new WebAuthn APIs in your sites and apps, your customers can use passwordless authentication.
+Passwords can leave your customers vulnerable to data breaches and security attacks by malicious users.
 
-Microsoft has long been a proponent of passwordless authentication. While we work towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/Fast IDentity Online 2 (FIDO2) Win32 WebAuthn platform APIs.
+Microsoft has long been a proponent of passwordless authentication. With that goal in mind, we'd like to introduce the latest W3C/Fast IDentity Online 2 (FIDO2) Win32 WebAuthn platform APIs for Windows 10 (version 1903).
 
-## What does this mean?
+## What this means
 
-Using these APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement passwordless multi-factor authentication for their applications on Windows devices.
+By using these APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement passwordless multi-factor authentication for their applications on Windows devices.
 
-Users of these apps or sites can use any browser that supports Windows 10 WebAuthn APIs for passwordless authentication. These APIs are currently supported by Microsoft Edge on Windows 10 1809 or later and on the latest versions of other browsers. Users will have a familiar and consistent experience on Windows 10, no matter which browser they use.
+Users of these apps or sites can use any browser that supports Windows 10 WebAuthn APIs for passwordless authentication. These APIs are currently supported by Microsoft Edge on Windows 10, version 1809 and later versions and on the latest browse versions. Users will have a familiar and consistent experience on Windows 10, no matter which browser they use.
 
-Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Moreover, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) without having to deal with the interaction and management overhead.
+Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Additionally, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) while avoiding the interaction and management overhead.
 
 > [!NOTE]  
 > When these APIs are in use, Windows 10 browsers or apps don't have direct access to the FIDO2 transports for FIDO-related messaging.
 
-## The Big Picture
+## The big picture
 
-Client to Authenticator Protocol 2 (CTAP2) and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials. In this ecosystem, any interoperable client (such as a native app or browser) that runs on a given client device uses a standardized method to interact with any interoperable authenticator. Such authenticators include platform authenticators (which are built into the client device) or roaming authenticators (which connect to the client device by using USB, BLE, or NFC connections).
+Client to Authenticator Protocol 2 (CTAP2) and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials. In this ecosystem, any interoperable client (such as a native app or browser) that runs on a given client device uses a standardized method to interact with any interoperable authenticator. Interoperable authenticators include authenticators that are built into the client device (platform authenticators) and authenticators that connect to the client device by using USB, BLE, or NFC connections (roaming authenticators).
 
-The authentication process starts when the user performs a specific user gesture that indicates consent for the operation. At the request of the client, the authenticator securely creates strong cryptographic keys and locally stores them.
+The authentication process starts when the user makes a specific user gesture that indicates consent for the operation. At the request of the client, the authenticator securely creates strong cryptographic keys and stores them locally.
 
-After these client-specific keys are created, clients can request attestations for registration and authentication. The type of signature performed by the private key reflects the user gesture that was performed.  
+After these client-specific keys are created, clients can request attestations for registration and authentication. The type of signature that the private key uses reflects the user gesture that was made.  
 
 The following diagram shows how CTAP and WebAuthn interact. The light blue dotted arrows represent interactions that depend on the specific implementation of the platform APIs.
 
@@ -44,7 +44,7 @@ The following diagram shows how CTAP and WebAuthn interact. The light blue dotte
 
 A combined WebAuthn/CTAP2 dance includes the following cast of characters:
 
-- **Client device**. The *client device* is the hardware hosting a given strong authentication. Laptops and phones are examples of client devices.  
+- **Client device**. The *client device* is the hardware that hosts a given strong authentication. Laptops and phones are examples of client devices.  
 
 - **Relying parties and clients**. *Relying parties* are web or native applications that consume strong credentials. The relying parties run on client devices.  
 
@@ -53,39 +53,39 @@ A combined WebAuthn/CTAP2 dance includes the following cast of characters:
   - As a relying party, a web application can't directly interact with the WebAuthn API. The relying party must broker the deal through the browser.  
   
   > [!NOTE]  
-  > The preceding diagram doesn't depict single sign-on authentication. Don't confuse FIDO relying parties with federated relying parties.
+  > The preceding diagram doesn't depict single sign-on authentication. Be careful not to confuse FIDO relying parties with federated relying parties.
 
-- **WebAuthn API**. The *WebAuthn API* enables clients to make requests to authenticators. The client can request that the authenticator create a key, provide an assertion about a key, report capabilities, manage a PIN, and so forth.
+- **WebAuthn API**. The *WebAuthn API* enables clients to make requests to authenticators. The client can request that the authenticator create a key, provide an assertion about a key, report capabilities, manage a PIN, and so on.
 
-- **CTAP2 platform/host**. The *platform* (also called the host in the CTAP2 spec) is the part of the client device that negotiates with authenticators. The platform is responsible for securely reporting the origin of the request and for calling the CTAP2 Concise Binary Object Representation (CBOR) APIs. If the platform isn't CTAP2-aware, the clients themselves take on more of the burden and the internals of the preceding diagram may differ.
+- **CTAP2 platform/host**. The *platform* (also called the host in the CTAP2 spec) is the part of the client device that negotiates with authenticators. The platform is responsible for securely reporting the origin of the request and for calling the CTAP2 Concise Binary Object Representation (CBOR) APIs. If the platform isn't CTAP2-aware, the clients themselves take on more of the burden. In this case, the components and interactions of the preceding diagram may differ.
 
-- **Platform authenticator**. A *platform authenticator* usually resides on a client device. Examples of platform authenticators include fingerprint recognition technology that uses a built-in laptop fingerprint reader or facial recognition technology that uses a built-in smartphone camera. Cross-platform transport protocols such as USB, NFC or BLE can't access platform authenticators.
+- **Platform authenticator**. A *platform authenticator* usually resides on a client device. Examples of platform authenticators include fingerprint recognition technology that uses a built-in laptop fingerprint reader and facial recognition technology that uses a built-in smartphone camera. Cross-platform transport protocols such as USB, NFC or BLE can't access platform authenticators.
 
-- **Roaming authenticator**. A *roaming authenticator* can connect to multiple client devices. Client devices must use a supported transport protocol to negotiate interactions. Examples of roaming authenticators include USB security keys, BLE-enabled smartphone applications, or NFC-enabled proximity cards. Roaming authenticators may support CTAP1, CTAP2, or both protocols.
+- **Roaming authenticator**. A *roaming authenticator* can connect to multiple client devices. Client devices must use a supported transport protocol to negotiate interactions. Examples of roaming authenticators include USB security keys, BLE-enabled smartphone applications, and NFC-enabled proximity cards. Roaming authenticators can support CTAP1, CTAP2, or both protocols.
 
 Many relying parties and clients can interact with many authenticators on a single client device. A user can install multiple browsers that support WebAuthn, and might simultaneously have access to a built-in fingerprint reader, a plugged-in security key, and a BLE-enabled mobile app.
 
 ## Interoperability
 
-Before there was WebAuthn and CTAP2, there was U2F and CTAP1. U2F is the FIDO Alliance’s universal second-factor specification and there are many authenticators that speak CTAP1 and manage U2F credentials. WebAuthn was designed to be interoperable with CTAP1 Authenticators. A relying party that uses WebAuthn can still use U2F credentials, as long as the relying party doesn't require FIDO2-only functionality.
+Before there was WebAuthn and CTAP2, there was U2F and CTAP1. U2F is the FIDO Alliance universal second-factor specification. There are many authenticators that speak CTAP1 and manage U2F credentials. WebAuthn was designed to be interoperable with CTAP1 Authenticators. A relying party that uses WebAuthn can still use U2F credentials if the relying party doesn't require FIDO2-only functionality.
 
 FIDO2 authenticators have already implemented and WebAuthn relying parties might require the following optional features:
 
-- Keys for multiple accounts can be stored per relying party
+- Keys for multiple accounts (keys can be stored per relying party)
 - Client PIN
 - Location (the authenticator returns a location)
 - [Hash-based Message Authentication Code (HMAC)-secret](/dotnet/api/system.security.cryptography.hmac) (enables offline scenarios)
 
-The following options are cool and might be useful in the future, but haven't been seen in the wild yet:
+The following options and might be useful in the future, but haven't been observed in the wild yet:
 
 - Transactional approval
 - User verification index (servers can determine whether biometric data that's stored locally has changed over time)
 - User verification method (the authenticator returns the exact method)
 - Biometric performance bounds (the relying party can specify acceptable false acceptance and false rejection rates)
 
-## Microsoft Implementation
+## Microsoft implementation
 
-The Microsoft FIDO2 implementation has been years in the making. Software and services are implemented independently as standards-compliant entities. As of the Windows 10 October 2018 release, all Microsoft components use the latest WebAuthn Candidate Release. It's a stable release that's not expected to normatively change before the specification is finally ratified. Because Microsoft is among the first in the world to deploy FIDO2, some combinations of popular non-Microsoft components won’t be interoperable yet.
+The Microsoft FIDO2 implementation has been years in the making. Software and services are implemented independently as standards-compliant entities. As of the Windows 10, version 1809 (October 2018) release, all Microsoft components use the latest WebAuthn Candidate Release. It's a stable release that's not expected to normatively change before the specification is finally ratified. Because Microsoft is among the first in the world to deploy FIDO2, some combinations of popular non-Microsoft components won’t be interoperable yet.
 
 Here's an approximate layout of where the Microsoft bits go:  
 
@@ -93,28 +93,28 @@ Here's an approximate layout of where the Microsoft bits go:
 
 *Microsoft's implementation of WebAuthn and CATP2 APIs*
 
-- **WebAuthn relying party: Microsoft Account**. If you aren’t familiar with Microsoft Account, it's the sign-in service for services such as Skype, Xbox, Outlook, and many other sites. The sign-in experience uses client-side JavaScript to trigger Microsoft Edge to talk to the WebAuthn APIs. Microsoft Account requires that authenticators have the following capabilities:
+- **WebAuthn relying party: Microsoft Account**. If you aren’t familiar with Microsoft Account, it's the sign-in service for Skype, Xbox, Outlook, and many other sites. The sign-in experience uses client-side JavaScript to trigger Microsoft Edge to talk to the WebAuthn APIs. Microsoft Account requires that authenticators have the following characteristics:
 
-  - Keys are stored locally on the authenticator and not on a server somewhere
+  - Keys are stored locally on the authenticator and not on a remote server
   - Offline scenarios work (enabled by using HMAC)
   - Users can put keys for multiple user accounts on the same authenticator
-  - If needed, authenticators can use a client PIN to unlock a TPM
+  - If it's necessary, authenticators can use a client PIN to unlock a TPM
   > [!IMPORTANT]  
   > Because Microsoft Account requires features and extensions that are unique to FIDO2 CTAP2 authenticators, it doesn't accept CTAP1 (U2F) credentials.
 
-- **WebAuthn client: Microsoft Edge**. Microsoft Edge can handle the user interface for the WebAuthn and CTAP2 features that this article describes, and also supports the AppID extension. Microsoft Edge can interact with both CTAP1 and CTAP2 authenticators, which means that it can create and use both U2F and FIDO2 credentials. However, Microsoft Edge doesn't speak the U2F protocol, so relying parties must use only the WebAuthn specification. Microsoft Edge on Android does't support WebAuthn.
+- **WebAuthn client: Microsoft Edge**. Microsoft Edge can handle the user interface for the WebAuthn and CTAP2 features that this article describes. It also supports the AppID extension. Microsoft Edge can interact with both CTAP1 and CTAP2 authenticators. This means that it can create and use both U2F and FIDO2 credentials. However, Microsoft Edge doesn't speak the U2F protocol. Therefore, relying parties must use only the WebAuthn specification. Microsoft Edge on Android doesn't support WebAuthn.
 
   > [!NOTE]  
   > For authoritative information about Microsoft Edge support for WebAuthn and CTAP, see [Legacy Microsoft Edge developer documentation](/microsoft-edge/dev-guide/windows-integration/web-authentication).
 
 - **Platform: Windows 10**. Windows 10 hosts the Win32 Platform WebAuthn APIs.
 
-- **Roaming Authenticators**. You might notice that there's no “Microsoft” roaming authenticator. That's because there's already a strong ecosystem of products that specialize in strong authentication, and every one of our customers (whether corporations or individuals) have different requirements for security, ease of use, distribution, and account recovery. To see the ever-growing list of FIDO2 certified authenticators, you can find that at [FIDO Certified Products](https://fidoalliance.org/certification/fido-certified-products/). The list includes built-in authenticators, roaming authenticators, and even chip manufacturers who have certified designs.
+- **Roaming Authenticators**. You might notice that there's no “Microsoft” roaming authenticator. That's because there's already a strong ecosystem of products that specialize in strong authentication, and every one of our customers (whether corporations or individuals) has different requirements for security, ease of use, distribution, and account recovery. To see the ever-growing list of FIDO2 certified authenticators, see [FIDO Certified Products](https://fidoalliance.org/certification/fido-certified-products/). The list includes built-in authenticators, roaming authenticators, and even chip manufacturers who have certified designs.
 
-## Where can developers learn more?
+## Developer references
 
 The new Windows 10 WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) GitHub repo. To understand how FIDO2 authenticators work, review the following two specifications:
 
-- [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/), which is available at the W3C site. This document is known as the WebAuthn spec.
+- [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/) (available on the W3C site). This document is known as the WebAuthn spec.
 
-- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html), which is available at the [FIDO Alliance](http://fidoalliance.org/) site. (where hardware and platform folks have joined to solve the problem of FIDO authentication).
+- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html). This is available at the [FIDO Alliance](http://fidoalliance.org/) site. (on which hardware and platform teams are working together to solve the problem of FIDO authentication).

From 5838a7d3ac905c09073e85951310d5d0086bd054 Mon Sep 17 00:00:00 2001
From: Rittwika Rudra <33437129+RittwikaR@users.noreply.github.com>
Date: Wed, 24 Aug 2022 13:09:35 -0700
Subject: [PATCH 13/33] Update Language-pack-management-csp.md

On 8/26 this is being backported from Win 11 to Win 10 as part of 8C. The proposed changes reflect the new availability
---
 .../mdm/Language-pack-management-csp.md                | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/client-management/mdm/Language-pack-management-csp.md b/windows/client-management/mdm/Language-pack-management-csp.md
index 948207dc6d..37651bba2c 100644
--- a/windows/client-management/mdm/Language-pack-management-csp.md
+++ b/windows/client-management/mdm/Language-pack-management-csp.md
@@ -18,11 +18,11 @@ The table below shows the applicability of Windows:
 |Edition|Windows 10|Windows 11|
 |--- |--- |--- |
 |Home|No|No|
-|Pro|No|Yes|
-|Windows SE|No|Yes|
+|Pro|Yes|Yes|
+|Windows SE|Yes|Yes|
 |Business|No|No|
-|Enterprise|No|Yes|
-|Education|No|Yes|
+|Enterprise|Yes|Yes|
+|Education|Yes|Yes|
 
 The Language Pack Management CSP allows a direct way to provision languages remotely in Windows. MDMs like Intune can use management commands remotely to devices to configure language-related settings for System and new users.
 
@@ -95,4 +95,4 @@ The Language Pack Management CSP allows a direct way to provision languages remo
 
 ## Related topics
 
-[Configuration service provider reference](configuration-service-provider-reference.md)
\ No newline at end of file
+[Configuration service provider reference](configuration-service-provider-reference.md)

From f7a0cf61a54af4da7539793f890476e1104bef47 Mon Sep 17 00:00:00 2001
From: Alex Buck <abuck@microsoft.com>
Date: Fri, 26 Aug 2022 10:52:28 -0400
Subject: [PATCH 14/33] [BULK UPDATE] DocuTune - Fix build validation issues:
 docs-link-absolute

---
 CONTRIBUTING.md                               | 12 +++++------
 ...e-mode-and-enterprise-site-list-include.md |  4 ++--
 browsers/includes/helpful-topics-include.md   |  2 +-
 education/windows/school-get-minecraft.md     | 20 ++++++++++---------
 template.md                                   |  2 +-
 5 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 3bf0503686..e09fdb10e8 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -2,7 +2,7 @@
 
 Thank you for your interest in the Windows IT professional documentation! We appreciate your feedback, edits, and additions to our docs.
 This page covers the basic steps for editing our technical documentation.
-For a more up-to-date and complete contribution guide, see the main [Microsoft Docs contributor guide overview](https://docs.microsoft.com/contribute/).
+For a more up-to-date and complete contribution guide, see the main [contributor guide overview](https://docs.microsoft.com/contribute/).
 
 ## Sign a CLA
 
@@ -19,16 +19,16 @@ We've tried to make editing an existing, public file as simple as possible.
 
 ### To edit a topic
 
-1. Go to the page on [docs.microsoft.com](https://docs.microsoft.com/) that you want to update.
+1. Browse to the [Microsoft Docs](https://docs.microsoft.com/) article that you want to update.
 
     > **Note**<br>
     > If you're a Microsoft employee or vendor, before you edit the article, append `review.` to the beginning of the URL. This action lets you use the private repository, **windows-docs-pr**. For more information, see the [internal contributor guide](https://review.docs.microsoft.com/help/get-started/edit-article-in-github?branch=main).
 
 1. Then select the **Pencil** icon.
 
-    ![Microsoft Docs Web, showing the Edit This Document link.](images/contribute-link.png)
+    ![Screenshot showing the Pencil icon to edit a published article.](images/contribute-link.png)
 
-    If the pencil icon isn't present, the content might not be open to public contributions. Some pages are generated (for example, from inline documentation in code) and must be edited in the project they belong to. This isn't always the case and you might be able to find the documentation by searching the [Microsoft Docs Organization on GitHub](https://github.com/MicrosoftDocs).
+    If the pencil icon isn't present, the content might not be open to public contributions. Some pages are generated (for example, from inline documentation in code) and must be edited in the project they belong to. This isn't always the case and you might be able to find the documentation by searching the [MicrosoftDocs organization on GitHub](https://github.com/MicrosoftDocs).
 
     > **TIP**<br>
     > View the page source in your browser, and look for the following metadata: `original_content_git_url`. This path always points to the source markdown file for the article.
@@ -37,7 +37,7 @@ We've tried to make editing an existing, public file as simple as possible.
 
     ![GitHub Web, showing the Pencil icon.](images/pencil-icon.png)
 
-1. Using Markdown language, make your changes to the file. For info about how to edit content using Markdown, see the [Microsoft Docs Markdown reference](https://docs.microsoft.com/contribute/markdown-reference) and GitHub's [Mastering Markdown](https://guides.github.com/features/mastering-markdown/) documentation.
+1. Using Markdown language, make your changes to the file. For info about how to edit content using Markdown, see the [Docs Markdown reference](https://docs.microsoft.com/contribute/markdown-reference) and GitHub's [Mastering Markdown](https://guides.github.com/features/mastering-markdown/) documentation.
 
 1. Make your suggested change, and then select **Preview changes** to make sure it looks correct.
 
@@ -82,4 +82,4 @@ In the new issue form, enter a brief title. In the body of the form, describe th
 
 - You can use your favorite text editor to edit Markdown files.  We recommend [Visual Studio Code](https://code.visualstudio.com/), a free lightweight open source editor from Microsoft.
 - You can learn the basics of Markdown in just a few minutes.  To get started, check out [Mastering Markdown](https://guides.github.com/features/mastering-markdown/).
-- Microsoft Docs uses several custom Markdown extensions. To learn more, see the [Microsoft Docs Markdown reference](https://docs.microsoft.com/contribute/markdown-reference).
+- Microsoft technical documentation uses several custom Markdown extensions. To learn more, see the [Docs Markdown reference](https://docs.microsoft.com/contribute/markdown-reference).
diff --git a/browsers/enterprise-mode/enterprise-mode-and-enterprise-site-list-include.md b/browsers/enterprise-mode/enterprise-mode-and-enterprise-site-list-include.md
index 25f58fb19f..a8f90c3697 100644
--- a/browsers/enterprise-mode/enterprise-mode-and-enterprise-site-list-include.md
+++ b/browsers/enterprise-mode/enterprise-mode-and-enterprise-site-list-include.md
@@ -5,7 +5,7 @@ Starting with Windows 10, version 1511 (also known as the Anniversary Update), y
 
 ### Site list xml file
 <!-- rework this entire paragraph -->
-This is a view of the [raw EMIE v2 schema.xml file](https://gist.github.com/kypflug/9e9961de771d2fcbd86b#file-emie-v2-schema-xml). There are equivalent Enterprise Mode Site List policies for both [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/emie-to-improve-compatibility) and [Internet Explorer 11](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list). The Microsoft Edge list is used to determine which sites should open in IE11; while the IE11 list is used to determine the compat mode for a site, and which sites should open in Microsoft Edge. We recommend using one list for both browsers, where each policy points to the same XML file location.
+This is a view of the [raw EMIE v2 schema.xml file](https://gist.github.com/kypflug/9e9961de771d2fcbd86b#file-emie-v2-schema-xml). There are equivalent Enterprise Mode Site List policies for both [Microsoft Edge](/microsoft-edge/deploy/emie-to-improve-compatibility) and [Internet Explorer 11](/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list). The Microsoft Edge list is used to determine which sites should open in IE11; while the IE11 list is used to determine the compat mode for a site, and which sites should open in Microsoft Edge. We recommend using one list for both browsers, where each policy points to the same XML file location.
 
 ```xml
 <site-list version="205">
@@ -47,4 +47,4 @@ This is a view of the [raw EMIE v2 schema.xml file](https://gist.github.com/kypf
 	</site>
 </site-list>
 
-```
\ No newline at end of file
+```
diff --git a/browsers/includes/helpful-topics-include.md b/browsers/includes/helpful-topics-include.md
index 0a0f72e971..21e15f6d8d 100644
--- a/browsers/includes/helpful-topics-include.md
+++ b/browsers/includes/helpful-topics-include.md
@@ -35,4 +35,4 @@ ms.topic: include
 - [Web Application Compatibility Lab Kit for Internet Explorer 11](https://technet.microsoft.com/browser/mt612809.aspx)
 - [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=290956)
 - [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](https://go.microsoft.com/fwlink/p/?LinkId=760646)
-- [Fix web compatibility issues using document modes and the Enterprise Mode site list](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list)
+- [Fix web compatibility issues using document modes and the Enterprise Mode site list](/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list)
diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index d209181213..8ed1fbf9e7 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -53,16 +53,16 @@ If you’ve been approved and are part of the Enrollment for Education Solutions
 1. Go to [https://education.minecraft.net/](https://education.minecraft.net/) and select **How to Buy** in the top navigation bar.
 
 2. Scroll down and select **Buy Now** under Direct Purchase.
-    
-3. This will route you to the purchase page in the Microsoft Admin center. You will need to log in to your Administrator account.  
 
-4. If necessary, fill in any requested organization or payment information 
+3. This will route you to the purchase page in the Microsoft Admin center. You will need to log in to your Administrator account.
 
-5. Select the quantity of licenses you would like to purchase and select **Place Order**. 
+4. If necessary, fill in any requested organization or payment information.
 
-6. After you’ve purchased licenses, you’ll need to [assign them to users in the Admin Center](https://docs.microsoft.com/microsoft-365/admin/manage/assign-licenses-to-users)
+5. Select the quantity of licenses you would like to purchase and select **Place Order**.
 
-If you need additional licenses for **Minecraft: Education Edition**, see [Buy or remove subscription licenses](https://docs.microsoft.com/microsoft-365/commerce/licenses/buy-licenses).
+6. After you’ve purchased licenses, you’ll need to [assign them to users in the Admin Center](/microsoft-365/admin/manage/assign-licenses-to-users).
+
+If you need additional licenses for **Minecraft: Education Edition**, see [Buy or remove subscription licenses](/microsoft-365/commerce/licenses/buy-licenses).
 
 ### <a href="" id="volume-license"></a>Minecraft: Education Edition - volume licensing
 
@@ -96,14 +96,16 @@ Invoices are now a supported payment method for Minecraft: Education Edition. Th
 
     ![Invoice Details page showing items that need to be completed for an invoice. PO number is highlighted.](images/mcee-invoice-info.png)
 
-For more info on invoices and how to pay by invoice, see [How to pay for your subscription](https://docs.microsoft.com/microsoft-365/commerce/billing-and-payments/pay-for-your-subscription?).  
+For more info on invoices and how to pay by invoice, see [How to pay for your subscription](/microsoft-365/commerce/billing-and-payments/pay-for-your-subscription?).  
 
 ## Distribute Minecraft
-After Minecraft: Education Edition is added to your Microsoft Admin Center inventory, you can [assign these licenses to your users](https://docs.microsoft.com/microsoft-365/admin/manage/assign-licenses-to-users) or [download the app](https://aka.ms/downloadmee).  
 
+After Minecraft: Education Edition is added to your Microsoft Admin Center inventory, you can [assign these licenses to your users](/microsoft-365/admin/manage/assign-licenses-to-users) or [download the app](https://aka.ms/downloadmee).
 
 ## Learn more
-[About Intune Admin roles in the Microsoft 365 admin center](https://docs.microsoft.com/microsoft-365/business-premium/m365bp-intune-admin-roles-in-the-mac)
+
+[About Intune Admin roles in the Microsoft 365 admin center](/microsoft-365/business-premium/m365bp-intune-admin-roles-in-the-mac)
 
 ## Related topics
+
 [Get Minecraft: Education Edition](get-minecraft-for-education.md)
diff --git a/template.md b/template.md
index 84c08cc7de..5aba1cfc94 100644
--- a/template.md
+++ b/template.md
@@ -289,4 +289,4 @@ Always include alt text for accessibility, and always end it with a period.
 ## docs.ms extensions
 
 > [!div class="nextstepaction"]
-> [Next step action](/mem/configmgr)
+> [Microsoft Endpoint Configuration Manager documentation](https://docs.microsoft.com/mem/configmgr)

From a7090d7415f80a4a3ed3a657d90dbb728ae4cd75 Mon Sep 17 00:00:00 2001
From: Alex Buck <abuck@microsoft.com>
Date: Fri, 26 Aug 2022 10:52:59 -0400
Subject: [PATCH 15/33] [BULK UPDATE] DocuTune - Fix build validation issues:
 docs-link-absolute

---
 .../hello-for-business/hello-faq.yml          |  5 ++-
 windows/security/index.yml                    |  5 ++-
 windows/whats-new/windows-11-prepare.md       | 32 ++++++++++---------
 3 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.yml b/windows/security/identity-protection/hello-for-business/hello-faq.yml
index 5900a1444c..dbaba9dfe3 100644
--- a/windows/security/identity-protection/hello-for-business/hello-faq.yml
+++ b/windows/security/identity-protection/hello-for-business/hello-faq.yml
@@ -84,7 +84,7 @@ sections:
 
       - question: Can I use an external Windows Hello compatible camera when my computer has a built-in Windows Hello compatible camera?
         answer: |
-          Yes. Starting with Windows 10, version 21H1 an external Windows Hello compatible camera can be used if a device already supports an internal Windows Hello camera. When both cameras are present, the external camera is used for face authentication. For more information, see [IT tools to support Windows 10, version 21H1](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/it-tools-to-support-windows-10-version-21h1/ba-p/2365103). However, using external Hello cameras and accessories is restricted if ESS is enabled, please see [Windows Hello Enhanced Sign-in Security](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-enhanced-sign-in-security#pluggableperipheral-biometric-sensors).
+          Yes. Starting with Windows 10, version 21H1 an external Windows Hello compatible camera can be used if a device already supports an internal Windows Hello camera. When both cameras are present, the external camera is used for face authentication. For more information, see [IT tools to support Windows 10, version 21H1](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/it-tools-to-support-windows-10-version-21h1/ba-p/2365103). However, using external Hello cameras and accessories is restricted if ESS is enabled, please see [Windows Hello Enhanced Sign-in Security](/windows-hardware/design/device-experiences/windows-hello-enhanced-sign-in-security#pluggableperipheral-biometric-sensors).
 
       - question: Can I use an external Windows Hello compatible camera or other Windows Hello compatible accessory when my laptop lid is closed or docked?
         answer: |
@@ -155,7 +155,7 @@ sections:
 
       - question: Where is Windows Hello biometrics data stored?
         answer: |
-            When you enroll in Windows Hello, a representation of your face called an enrollment profile is created more information can be found on [Windows Hello face authentication](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-face-authentication). This enrollment profile biometrics data is device specific, is stored locally on the device, and does not leave the device or roam with the user. Some external fingerprint sensors store biometric data on the fingerprint module itself rather than on Windows device. Even in this case, the biometrics data is stored locally on those modules, is device specific, doesn’t roam, never leaves the module, and is never sent to Microsoft cloud or external server.  For more details see [Windows Hello biometrics in the enterprise](https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise#where-is-windows-hello-data-stored).
+            When you enroll in Windows Hello, a representation of your face called an enrollment profile is created more information can be found on [Windows Hello face authentication](/windows-hardware/design/device-experiences/windows-hello-face-authentication). This enrollment profile biometrics data is device specific, is stored locally on the device, and does not leave the device or roam with the user. Some external fingerprint sensors store biometric data on the fingerprint module itself rather than on Windows device. Even in this case, the biometrics data is stored locally on those modules, is device specific, doesn't roam, never leaves the module, and is never sent to Microsoft cloud or external server.  For more details see [Windows Hello biometrics in the enterprise](/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise#where-is-windows-hello-data-stored).
       
       - question: What is the format used to store Windows Hello biometrics data on the device?
         answer: |
@@ -262,4 +262,3 @@ sections:
       - question: Does Windows Hello for Business work with Azure Active Directory Domain Services (Azure AD DS) clients?
         answer: | 
           No, Azure AD DS is a separately managed environment in Azure, and hybrid device registration with cloud Azure AD isn't available for it via Azure AD Connect. Hence, Windows Hello for Business doesn't work with Azure AD.
-
diff --git a/windows/security/index.yml b/windows/security/index.yml
index 2fedb0e205..c8868f61f1 100644
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@@ -133,13 +133,13 @@ landingContent:
       - linkListType: concept
         links:
         - text: Mobile device management
-          url: https://docs.microsoft.com/windows/client-management/mdm/
+          url: /windows/client-management/mdm/
         - text: Azure Active Directory
           url: https://www.microsoft.com/security/business/identity-access-management/azure-active-directory
         - text: Your Microsoft Account
           url: identity-protection/access-control/microsoft-accounts.md
         - text: OneDrive
-          url: https://docs.microsoft.com/onedrive/onedrive
+          url: /onedrive/onedrive
         - text: Family safety
           url: threat-protection/windows-defender-security-center/wdsc-family-options.md
 # Cards and links should be based on top customer tasks or top subjects
@@ -170,4 +170,3 @@ landingContent:
         links:
         - text: Windows and Privacy Compliance
           url: /windows/privacy/windows-10-and-privacy-compliance
-
diff --git a/windows/whats-new/windows-11-prepare.md b/windows/whats-new/windows-11-prepare.md
index 84525fe130..bbf3ef592b 100644
--- a/windows/whats-new/windows-11-prepare.md
+++ b/windows/whats-new/windows-11-prepare.md
@@ -103,29 +103,31 @@ If you use Microsoft Endpoint Manager and have onboarded devices to Endpoint ana
 
 ## Prepare a pilot deployment
 
-A pilot deployment is a proof of concept that rolls out an upgrade to a select number of devices in production, before deploying it broadly across the organization.  
+A pilot deployment is a proof of concept that rolls out an upgrade to a select number of devices in production, before deploying it broadly across the organization.
 
-At a high level, the tasks involved are: 
+At a high level, the tasks involved are:
 
-1. Assign a group of users or devices to receive the upgrade. 
-2. Implement baseline updates. 
-3. Implement operational updates. 
-4. Validate the deployment process. 
-5. Deploy the upgrade to devices. 
-6. Test and support the pilot devices. 
-7. Determine broad deployment readiness based on the results of the pilot. 
+1. Assign a group of users or devices to receive the upgrade.
+2. Implement baseline updates.
+3. Implement operational updates.
+4. Validate the deployment process.
+5. Deploy the upgrade to devices.
+6. Test and support the pilot devices.
+7. Determine broad deployment readiness based on the results of the pilot.
 
 ## User readiness
 
-Don't overlook the importance of user readiness to deliver an effective, enterprise-wide deployment of Windows 11. Windows 11 has a familiar design, but your users will see several enhancements to the overall user interface. They'll also need to adapt to changes in menus and settings pages. Therefore, consider the following tasks to prepare users and your IT support staff Windows 11: 
-- Create a communications schedule to ensure that you provide the right message at the right time to the right groups of users, based on when they'll see the changes. 
-- Draft concise emails that inform users of what changes they can expect to see. Offer tips on how to use or customize their experience. Include information about support and help desk options. 
-- Update help desk manuals with screenshots of the new user interface, the out-of-box experience for new devices, and the upgrade experience for existing devices. 
+Don't overlook the importance of user readiness to deliver an effective, enterprise-wide deployment of Windows 11. Windows 11 has a familiar design, but your users will see several enhancements to the overall user interface. They'll also need to adapt to changes in menus and settings pages. Therefore, consider the following tasks to prepare users and your IT support staff Windows 11:
+
+- Create a communications schedule to ensure that you provide the right message at the right time to the right groups of users, based on when they'll see the changes.
+- Draft concise emails that inform users of what changes they can expect to see. Offer tips on how to use or customize their experience. Include information about support and help desk options.
+- Update help desk manuals with screenshots of the new user interface, the out-of-box experience for new devices, and the upgrade experience for existing devices.
 
 ## Learn more
 
-See the [Stay current with Windows 10 and Microsoft 365 Apps](/learn/paths/m365-stay-current/) learning path on Microsoft Learn. 
-- The learning path was created for Windows 10, but the basic principles and tasks outlined for the plan, prepare, and deploy phases also apply to your deployment of Windows 11.  
+See the [Stay current with Windows 10 and Microsoft 365 Apps](/learn/paths/m365-stay-current/) learning path.
+
+- The learning path was created for Windows 10, but the basic principles and tasks outlined for the plan, prepare, and deploy phases also apply to your deployment of Windows 11.
 
 ## See also
 

From 8a5bd151a8b4dd937260d6b27f2de375f8798967 Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Fri, 26 Aug 2022 10:54:16 -0700
Subject: [PATCH 16/33] Update configure-md-app-guard.md

Added clarification for managed mode
---
 .../configure-md-app-guard.md                    | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 168c3d7608..c3169c82a8 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -31,7 +31,7 @@ Application Guard uses both network isolation and application-specific settings.
 These settings, located at `Computer Configuration\Administrative Templates\Network\Network Isolation`, help you define and manage your organization's network boundaries. Application Guard uses this information to automatically transfer any requests to access the non-corporate resources into the Application Guard container.
 
 > [!NOTE]
-> For Windows 10, if you have KB5014666 installed, and for Windows 11, if you have KB5014668 installed, you don't need to configure network isolation policy to enable Application Guard for Microsoft Edge.
+> For Windows 10, if you have KB5014666 installed, and for Windows 11, if you have KB5014668 installed, you don't need to configure network isolation policy to enable Application Guard for Microsoft Edge in managed mode.
 
 > [!NOTE]
 > You must configure either the Enterprise resource domains hosted in the cloud or Private network ranges for apps settings on your employee devices to successfully turn on Application Guard using enterprise mode. Proxy servers must be a neutral resource listed in the **Domains categorized as both work and personal** policy.
@@ -56,15 +56,15 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
 
 |Name|Supported versions|Description|Options|
 |-----------|------------------|-----------|-------|
-|Configure Microsoft Defender Application Guard clipboard settings|Windows 10 Enterprise, 1709 or higher<p>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether Application Guard can use the clipboard functionality.|**Enabled.** Turns On the clipboard functionality and lets you choose whether to additionally:<br/>- Disable the clipboard functionality completely when Virtualization Security is enabled.<br/>- Enable copying of certain content from Application Guard into Microsoft Edge.<br/>- Enable copying of certain content from Microsoft Edge into Application Guard. **Important:** Allowing copied content to go from Microsoft Edge into Application Guard can cause potential security risks and isn't recommended.<p>**Disabled or not configured.** Completely turns Off the clipboard functionality for Application Guard.|
-|Configure Microsoft Defender Application Guard print settings|Windows 10 Enterprise, 1709 or higher<p>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether Application Guard can use the print functionality.|**Enabled.** Turns On the print functionality and lets you choose whether to additionally:<br/>- Enable Application Guard to print into the XPS format.<br/>- Enable Application Guard to print into the PDF format.<br/>- Enable Application Guard to print to locally attached printers.<br/>- Enable Application Guard to print from previously connected network printers. Employees can't search for other printers.<br/><br/>**Disabled or not configured.** Completely turns Off the print functionality for Application Guard.|
-|Allow Persistence|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether data persists across different sessions in Microsoft Defender Application Guard.|**Enabled.** Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.<p>**Disabled or not configured.** All user data within Application Guard is reset between sessions.<p>**NOTE**: If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.<p>**To reset the container:**<br/>1. Open a command-line program and navigate to `Windows/System32`.<br/>2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.<br/>3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.|
+|Configure Microsoft Defender Application Guard clipboard settings|Windows 10 Enterprise, 1709 or higher<p>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether Application Guard can use the clipboard functionality.|**Enabled.** This is effective only in managed mode. Turns On the clipboard functionality and lets you choose whether to additionally:<br/>- Disable the clipboard functionality completely when Virtualization Security is enabled.<br/>- Enable copying of certain content from Application Guard into Microsoft Edge.<br/>- Enable copying of certain content from Microsoft Edge into Application Guard. **Important:** Allowing copied content to go from Microsoft Edge into Application Guard can cause potential security risks and isn't recommended.<p>**Disabled or not configured.** Completely turns Off the clipboard functionality for Application Guard.|
+|Configure Microsoft Defender Application Guard print settings|Windows 10 Enterprise, 1709 or higher<p>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether Application Guard can use the print functionality.|**Enabled.** This is effective only in managed mode. Turns On the print functionality and lets you choose whether to additionally:<br/>- Enable Application Guard to print into the XPS format.<br/>- Enable Application Guard to print into the PDF format.<br/>- Enable Application Guard to print to locally attached printers.<br/>- Enable Application Guard to print from previously connected network printers. Employees can't search for other printers.<br/><br/>**Disabled or not configured.** Completely turns Off the print functionality for Application Guard.|
+|Allow Persistence|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether data persists across different sessions in Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.<p>**Disabled or not configured.** All user data within Application Guard is reset between sessions.<p>**NOTE**: If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.<p>**To reset the container:**<br/>1. Open a command-line program and navigate to `Windows/System32`.<br/>2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.<br/>3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.|
 |Turn on Microsoft Defender Application Guard in Managed Mode|Windows 10 Enterprise, 1809 or higher<p>Windows 11|Determines whether to turn on Application Guard for Microsoft Edge and Microsoft Office.|**Enabled.** Turns on Application Guard for Microsoft Edge and/or Microsoft Office, honoring the network isolation settings, rendering untrusted content in the Application Guard container. Application Guard won't actually be turned on unless the required prerequisites and network isolation settings are already set on the device. Available options:<br/>- Enable Microsoft Defender Application Guard only for Microsoft Edge<br/>- Enable Microsoft Defender Application Guard only for Microsoft Office<br/>- Enable Microsoft Defender Application Guard for both Microsoft Edge and Microsoft Office<br/><br/>**Disabled.** Turns off Application Guard, allowing all apps to run in Microsoft Edge and Microsoft Office. <br/><br/>**Note:** For Windows 10, if you have KB5014666 installed, and for Windows 11, if you have KB5014668 installed, you are no longer required to configure network isolation policy to enable Application Guard for Edge.|
-|Allow files to download to host operating system|Windows 10 Enterprise, 1803 or higher<p>Windows 11|Determines whether to save downloaded files to the host operating system from the Microsoft Defender Application Guard container.|**Enabled.** Allows users to save downloaded files from the Microsoft Defender Application Guard container to the host operating system. This action creates a share between the host and container that also allows for uploads from the host to the Application Guard container.<p>**Disabled or not configured.** Users aren't able to save downloaded files from Application Guard to the host operating system.|
-|Allow hardware-accelerated rendering for Microsoft Defender Application Guard|Windows 10 Enterprise, 1803 or higher<br><br>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.<br><br>**Disabled or not configured.** Microsoft Defender Application Guard uses software-based (CPU) rendering and won’t load any third-party graphics drivers or interact with any connected graphics hardware.|
-|Allow camera and microphone access in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|Determines whether to allow camera and microphone access inside Microsoft Defender Application Guard.|**Enabled.** Applications inside Microsoft Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.<p>**Disabled or not configured.** Applications inside Microsoft Defender Application Guard are unable to access the camera and microphone on the user's device.|
+|Allow files to download to host operating system|Windows 10 Enterprise, 1803 or higher<p>Windows 11|Determines whether to save downloaded files to the host operating system from the Microsoft Defender Application Guard container.|**Enabled.** This is effective only in managed mode. Allows users to save downloaded files from the Microsoft Defender Application Guard container to the host operating system. This action creates a share between the host and container that also allows for uploads from the host to the Application Guard container.<p>**Disabled or not configured.** Users aren't able to save downloaded files from Application Guard to the host operating system.|
+|Allow hardware-accelerated rendering for Microsoft Defender Application Guard|Windows 10 Enterprise, 1803 or higher<br><br>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** This is effective only in managed mode. Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.<br><br>**Disabled or not configured.** Microsoft Defender Application Guard uses software-based (CPU) rendering and won’t load any third-party graphics drivers or interact with any connected graphics hardware.|
+|Allow camera and microphone access in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|Determines whether to allow camera and microphone access inside Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Applications inside Microsoft Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.<p>**Disabled or not configured.** Applications inside Microsoft Defender Application Guard are unable to access the camera and microphone on the user's device.|
 |Allow Microsoft Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|Determines whether Root Certificates are shared with Microsoft Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.<p>**Disabled or not configured.** Certificates aren't shared with Microsoft Defender Application Guard.|
-|Allow auditing events in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|This policy setting allows you to decide whether auditing events can be collected from Microsoft Defender Application Guard.|**Enabled.** Application Guard inherits auditing policies from your device and logs system events from the Application Guard container to your host.<p>**Disabled or not configured.** event logs aren't collected from your Application Guard container.|
+|Allow auditing events in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|This policy setting allows you to decide whether auditing events can be collected from Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Application Guard inherits auditing policies from your device and logs system events from the Application Guard container to your host.<p>**Disabled or not configured.** event logs aren't collected from your Application Guard container.|
  
 ## Application Guard support dialog settings
 

From e2b969722c41013e2eadd177ed53571aff656b10 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20B=C3=A9langer?=
 <11839202+davidbel@users.noreply.github.com>
Date: Fri, 26 Aug 2022 16:27:46 -0700
Subject: [PATCH 17/33] Update policy-csp-remotedesktopservices.md

Update policy-csp-remotedesktopservices.md to add the new WebAuthn Redirection policy.
---
 .../mdm/policy-csp-remotedesktopservices.md   | 55 ++++++++++++++++++-
 1 file changed, 54 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
index 09f3f50725..faf08975f1 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
@@ -33,6 +33,9 @@ manager: aaroncz
     <a href="#remotedesktopservices-donotallowpasswordsaving">RemoteDesktopServices/DoNotAllowPasswordSaving</a>
   </dd>
   <dd>
+  <dd>
+    <a href="#remotedesktopservices-donotallowwebauthnredirection">RemoteDesktopServices/DoNotAllowWebAuthnRedirection</a>
+  </dd>
     <a href="#remotedesktopservices-promptforpassworduponconnection">RemoteDesktopServices/PromptForPasswordUponConnection</a>
   </dd>
   <dd>
@@ -257,6 +260,56 @@ ADMX Info:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="remotedesktopservices-donotallowwebauthnredirection"></a>**RemoteDesktopServices/DoNotAllowWebAuthnRedirection**  
+
+<!--SupportedSKUs-->
+
+|Edition|Windows 10|Windows 11|
+|--- |--- |--- |
+|Home|No|No|
+|Pro|Yes|Yes|
+|Windows SE|No|Yes|
+|Business|Yes|Yes|
+|Enterprise|Yes|Yes|
+|Education|Yes|Yes|
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting lets you control the redirection of web authentication (WebAuthn) requests from a Remote Desktop session to the local device. This redirection enables users to authenticate to resources inside the Remote Desktop session using their local authenticator (e.g., Windows Hello for Business, security key, or other).
+
+By default, Remote Desktop allows redirection of WebAuthn requests.
+
+If you enable this policy setting, users can’t use their local authenticator inside the Remote Desktop session.
+
+If you disable or do not configure this policy setting, users can use local authenticators inside the Remote Desktop session.
+
+If you don't configure this policy setting, users can use local authenticators inside the Remote Desktop session.
+<!--/Description-->
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP Friendly name: *Do not allow WebAuthn redirection*
+-   GP name: *TS_WEBAUTHN*
+-   GP path: *Windows Components/Remote Desktop Services/Remote Desktop Session Host/Device and Resource Redirection*
+-   GP ADMX file name: *terminalserver.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="remotedesktopservices-promptforpassworduponconnection"></a>**RemoteDesktopServices/PromptForPasswordUponConnection**  
 
@@ -367,4 +420,4 @@ ADMX Info:
 
 ## Related topics
 
-[Policy configuration service provider](policy-configuration-service-provider.md)
\ No newline at end of file
+[Policy configuration service provider](policy-configuration-service-provider.md)

From e04f0c6a95528580687e0241512ccd44582df9e4 Mon Sep 17 00:00:00 2001
From: Nick White <104782157+nicholasswhite@users.noreply.github.com>
Date: Mon, 29 Aug 2022 08:03:25 -0400
Subject: [PATCH 18/33] Grammar edits

---
 windows/client-management/quick-assist.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/quick-assist.md b/windows/client-management/quick-assist.md
index 725cf5eda7..0b4918cbd6 100644
--- a/windows/client-management/quick-assist.md
+++ b/windows/client-management/quick-assist.md
@@ -97,8 +97,8 @@ Either the support staff or a user can start a Quick Assist session.
 
     - Type *Quick Assist* in the search box and press ENTER.
     - Press **CTRL** + **Windows** + **Q**
-    - For Windows 10 users, from the Start menu, select **Windows Accessories**, and then choose **Quick Assist**.
-    - For Windows 11 users, from the Start menu, select **All Apps**, **Windows Tools**, and then choose **Quick Assist**.
+    - For **Windows 10** users, from the Start menu, select **Windows Accessories**, and then choose **Quick Assist**.
+    - For **Windows 11** users, from the Start menu, select **All Apps**, **Windows Tools**, and then choose **Quick Assist**.
 
 2. In the **Give assistance** section, the helper selects **Assist another person**. The helper might be asked to choose their account or sign in. Quick Assist generates a time-limited security code.
 
@@ -141,7 +141,7 @@ Visit [Add Microsoft Store apps to Microsoft Intune](/mem/intune/apps/store-apps
 
 ### Install Quick Assist Offline
 
-To install Quick Assist offline, you'll need to download your APPXBUNDLE and unecoded XML file from [Microsoft Store for Business](https://businessstore.microsoft.com). Visit [Download an offline-licensed app](/microsoft-store/distribute-offline-apps#download-an-offline-licensed-app) for more information.
+To install Quick Assist offline, you'll need to download your APPXBUNDLE and unencoded XML file from [Microsoft Store for Business](https://businessstore.microsoft.com). Visit [Download an offline-licensed app](/microsoft-store/distribute-offline-apps#download-an-offline-licensed-app) for more information.
 
 1. Start **Windows PowerShell** with Administrative privileges.
 1. In PowerShell, change the directory to the location you've saved the file to in step 1. (CD &#x3C;*location of package file*&#x3E;)

From e9624fc06dc77dceb6b99e66d76dbdcee3b35404 Mon Sep 17 00:00:00 2001
From: Peter <18031711+peterhuerlimann@users.noreply.github.com>
Date: Mon, 29 Aug 2022 14:43:22 +0200
Subject: [PATCH 19/33] Added status "progress stalled" to fix #10808

This status was not mentioned before. Details in #10808
---
 .../update/update-compliance-schema-waasdeploymentstatus.md     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/update-compliance-schema-waasdeploymentstatus.md b/windows/deployment/update/update-compliance-schema-waasdeploymentstatus.md
index ec78a072db..80aca45d8a 100644
--- a/windows/deployment/update/update-compliance-schema-waasdeploymentstatus.md
+++ b/windows/deployment/update/update-compliance-schema-waasdeploymentstatus.md
@@ -22,7 +22,7 @@ WaaSDeploymentStatus records track a specific update's installation progress on
 |**DeferralDays** |[int](/azure/kusto/query/scalar-data-types/int) |`0` |The deferral policy for this content type or `UpdateCategory` (Windows `Feature` or `Quality`). |
 |**DeploymentError** |[string](/azure/kusto/query/scalar-data-types/string) |`Disk Error` |A readable string describing the error, if any. If empty, there's either no string matching the error or there's no error. |
 |**DeploymentErrorCode** |[int](/azure/kusto/query/scalar-data-types/int) |`8003001E` |Microsoft internal error code for the error, if any. If empty, there's either no error or there's *no error code*, meaning that the issue raised doesn't correspond to an error, but some inferred issue. |
-|**DeploymentStatus** |[string](/azure/kusto/query/scalar-data-types/string) |`Failed` |The high-level status of installing this update on this device. Possible values are:<br><li> **Update completed**: Device has completed the update installation.<li> **In Progress**: Device is in one of the various stages of installing an update, detailed in `DetailedStatus`.<li> **Deferred**: A device's deferral policy is preventing the update from being offered by Windows Update.<li> **Canceled**: The update was canceled.<li> **Blocked**: There's a hard block on the update being completed. This could be that another update must be completed before this one, or some other task is blocking the installation of the update.<li> **Unknown**: Update Compliance generated WaaSDeploymentStatus records for devices as soon as it detects an update newer than the one installed on the device. Devices that haven't sent any deployment data for that update will have the status `Unknown`.<li> **Update paused**: Devices are paused via Windows Update for Business Pause policies, preventing the update from being offered by Windows Update. <li> **Failed**: Device encountered a failure in the update process, preventing it from installing the update. This may result in an automatic retry in the case of Windows Update, unless the `DeploymentError` indicates the issue requires action before the update can continue.|
+|**DeploymentStatus** |[string](/azure/kusto/query/scalar-data-types/string) |`Failed` |The high-level status of installing this update on this device. Possible values are:<br><li> **Update completed**: Device has completed the update installation.<li> **In Progress**: Device is in one of the various stages of installing an update, detailed in `DetailedStatus`.<li> **Deferred**: A device's deferral policy is preventing the update from being offered by Windows Update.<li> **Canceled**: The update was canceled.<li> **Blocked**: There's a hard block on the update being completed. This could be that another update must be completed before this one, or some other task is blocking the installation of the update.<li> **Unknown**: Update Compliance generated WaaSDeploymentStatus records for devices as soon as it detects an update newer than the one installed on the device. Devices that haven't sent any deployment data for that update will have the status `Unknown`.<li> **Update paused**: Devices are paused via Windows Update for Business Pause policies, preventing the update from being offered by Windows Update. <li> **Failed**: Device encountered a failure in the update process, preventing it from installing the update. This may result in an automatic retry in the case of Windows Update, unless the `DeploymentError` indicates the issue requires action before the update can continue.<li> **Progress stalled**: The update is in progress, but has not completed over a period of 7 days.|
 |**DetailedStatus** |[string](/azure/kusto/query/scalar-data-types/string) |`Reboot required` |A detailed status for the installation of this update on this device. Possible values are:<br><li> **Not Started**: Update hasn't started because the device isn't targeting the latest 2 builds<li> **Update deferred**: When a device's Windows Update for Business policy dictates the update is deferred.<li> **Update paused**: The device's Windows Update for Business policy dictates the update is paused from being offered.<li> **Update offered**: The device has been offered the update, but hasn't begun downloading it.<li> **Pre-Download tasks passed**: The device has finished all necessary tasks prior to downloading the update.<li> **Compatibility hold**: The device has been placed under a *compatibility hold* to ensure a smooth feature update experience and won't resume the update until the hold has been cleared. For more information, see [Feature Update Status report](update-compliance-feature-update-status.md#safeguard-holds).<li> **Download started**: The update has begun downloading on the device.<li> **Download Succeeded**: The update has successfully completed downloading. <li> **Pre-Install Tasks Passed**: Tasks that must be completed prior to installing the update have been completed.<li> **Install Started**: Installation of the update has begun.<li> **Reboot Required**: The device has finished installing the update, and a reboot is required before the update can be completed.<li> **Reboot Pending**: The device has a scheduled reboot to apply the update.<li> **Reboot Initiated**: The scheduled reboot has been initiated.<li> **Commit**: Changes are being committed post-reboot. This is another step of the installation process.<li> **Update Completed**: The update has successfully installed.|
 |**ExpectedInstallDate** |[datetime](/azure/kusto/query/scalar-data-types/datetime)|`3/28/2020, 1:00:01.318 PM`|Rather than the expected date this update will be installed, this should be interpreted as the minimum date Windows Update will make the update available for the device. This takes into account Deferrals. |
 |**LastScan** |[datetime](/azure/kusto/query/scalar-data-types/datetime)|`3/22/2020, 1:00:01.318 PM`|The last point in time that this device sent Update Session data. |

From 885b3cc6c4bb57e51fdb1082cb816e3264c43f64 Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Mon, 29 Aug 2022 10:30:04 -0500
Subject: [PATCH 20/33] Update policy-csp-remotedesktopservices.md

---
 .../client-management/mdm/policy-csp-remotedesktopservices.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
index faf08975f1..5d03cb7066 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
@@ -133,7 +133,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies whether it require the use of a specific encryption level to secure communications between client computers and RD Session Host servers during Remote Desktop Protocol (RDP) connections. This policy only applies when you're using native RDP encryption. However, native RDP encryption (as opposed to SSL encryption) isn't recommended. This policy doesn't apply to SSL encryption.
+Specifies whether it requires the use of a specific encryption level to secure communications between client computers and RD Session Host servers during Remote Desktop Protocol (RDP) connections. This policy only applies when you're using native RDP encryption. However, native RDP encryption (as opposed to SSL encryption) isn't recommended. This policy doesn't apply to SSL encryption.
 
 If you enable this policy setting, all communications between clients and RD Session Host servers during remote connections must use the encryption method specified in this setting. By default, the encryption level is set to High. The following encryption methods are available:
 

From fd86cdc7c2b03dba0458ff29e809f0ae4661bdd4 Mon Sep 17 00:00:00 2001
From: Rittwika Rudra <33437129+RittwikaR@users.noreply.github.com>
Date: Mon, 29 Aug 2022 09:14:15 -0700
Subject: [PATCH 21/33] Update Language-pack-management-csp.md

added link to the new PS module and removed mention of Intune
---
 windows/client-management/mdm/Language-pack-management-csp.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/Language-pack-management-csp.md b/windows/client-management/mdm/Language-pack-management-csp.md
index 948207dc6d..3ce966e6bf 100644
--- a/windows/client-management/mdm/Language-pack-management-csp.md
+++ b/windows/client-management/mdm/Language-pack-management-csp.md
@@ -24,7 +24,7 @@ The table below shows the applicability of Windows:
 |Enterprise|No|Yes|
 |Education|No|Yes|
 
-The Language Pack Management CSP allows a direct way to provision languages remotely in Windows. MDMs like Intune can use management commands remotely to devices to configure language-related settings for System and new users.
+The Language Pack Management CSP allows a way to easily add languages and related language features and manage settings like System Preferred UI Language, System Locale, Input method (Keyboard), Locale, Speech Recognizer, User Preferred Language List. This CSP can be accessed using the new [LanguagePackManagement](https://docs.microsoft.com/en-us/powershell/module/languagepackmanagement/?view=windowsserver2022-ps) PowerShell module.
 
 1. Enumerate installed languages and features with GET command on the "InstalledLanguages" node. Below are the samples:
 
@@ -95,4 +95,4 @@ The Language Pack Management CSP allows a direct way to provision languages remo
 
 ## Related topics
 
-[Configuration service provider reference](configuration-service-provider-reference.md)
\ No newline at end of file
+[Configuration service provider reference](configuration-service-provider-reference.md)

From 86e511094b46a7637737f8f300a6b30573f96e57 Mon Sep 17 00:00:00 2001
From: itsrlyAria <82474610+itsrlyAria@users.noreply.github.com>
Date: Mon, 29 Aug 2022 10:02:38 -0700
Subject: [PATCH 22/33] Update policy-csp-update.md

Adding the NoUpdateNotificationDuringActiveHours policy to this list of policies.
---
 .../mdm/policy-csp-update.md                  | 52 +++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 26dfc16e2f..e056057f7a 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -138,6 +138,9 @@ ms.collection: highpri
   </dd>
   <dd>
     <a href="#update-managepreviewbuilds">Update/ManagePreviewBuilds</a>
+  </dd> 
+  <dd>
+    <a href="#update-NoUpdateNotificationDuringActiveHours">Update/NoUpdateNotificationDuringActiveHours</a>
   </dd>
   <dd>
     <a href="#update-pausedeferrals">Update/PauseDeferrals</a>
@@ -2382,6 +2385,55 @@ The following list shows the supported values:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="update-NoUpdateNotificationDuringActiveHours"></a>**Update/NoUpdateNotificationDuringActiveHours**  
+
+<!--SupportedSKUs-->
+The table below shows the applicability of Windows:
+
+|Edition|Windows 10|Windows 11|
+|--- |--- |--- |
+|Home|No|No|
+|Pro|Yes|Yes|
+|Windows SE|No|Yes|
+|Business|Yes|Yes|
+|Enterprise|Yes|Yes|
+|Education|Yes|Yes|
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy can be used in conjunction with Update/ActiveHoursStart and Update/ActiveHoursEnd policies to ensure that the end user sees no update notifications during active hours until deadline is reached.  Note - if no active hour period is configured then this will apply to the intelligent active hours window calculated on the device.
+
+Supported value type is a boolean.
+
+0 (Default) This configuration will provide the default behavior (notifications may display during active hours) 
+1: This setting will prevent notifications from displaying during active hours.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:  
+- GP Friendly name: *Display options for update notifications*
+- GP name: *NoUpdateNotificationDuringActiveHours*
+- GP element: *NoUpdateNotificationDuringActiveHours*
+- GP path: *Windows Components\WindowsUpdate\Manage end user experience*
+- GP ADMX file name: *WindowsUpdate.admx*
+<!--/ADMXMapped-->
+
+<!--/Policy-->
+<hr/>
+
+
 <!--Policy-->
 <a href="" id="update-pausedeferrals"></a>**Update/PauseDeferrals**  
 

From fc8e6f9901221e47231a70a03758269541b9310b Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 29 Aug 2022 14:07:21 -0400
Subject: [PATCH 23/33] Update Language-pack-management-csp.md

Change link to relevant url
---
 windows/client-management/mdm/Language-pack-management-csp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/Language-pack-management-csp.md b/windows/client-management/mdm/Language-pack-management-csp.md
index 3ce966e6bf..75ba8815c4 100644
--- a/windows/client-management/mdm/Language-pack-management-csp.md
+++ b/windows/client-management/mdm/Language-pack-management-csp.md
@@ -24,7 +24,7 @@ The table below shows the applicability of Windows:
 |Enterprise|No|Yes|
 |Education|No|Yes|
 
-The Language Pack Management CSP allows a way to easily add languages and related language features and manage settings like System Preferred UI Language, System Locale, Input method (Keyboard), Locale, Speech Recognizer, User Preferred Language List. This CSP can be accessed using the new [LanguagePackManagement](https://docs.microsoft.com/en-us/powershell/module/languagepackmanagement/?view=windowsserver2022-ps) PowerShell module.
+The Language Pack Management CSP allows a way to easily add languages and related language features and manage settings like System Preferred UI Language, System Locale, Input method (Keyboard), Locale, Speech Recognizer, User Preferred Language List. This CSP can be accessed using the new [LanguagePackManagement](/powershell/module/languagepackmanagement) PowerShell module.
 
 1. Enumerate installed languages and features with GET command on the "InstalledLanguages" node. Below are the samples:
 

From 6e6c726c0a14abc45435a54e4c0b26a68f3329b5 Mon Sep 17 00:00:00 2001
From: jsuther1974 <jsuther@microsoft.com>
Date: Mon, 29 Aug 2022 13:16:08 -0700
Subject: [PATCH 24/33] Update select-types-of-rules-to-create.md

---
 .../select-types-of-rules-to-create.md                | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index e1f7559c0d..faaf141188 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -10,11 +10,11 @@ ms.pagetype: security
 ms.localizationpriority: medium
 audience: ITPro
 ms.collection: M365-security-compliance
-author: dansimp
-ms.reviewer: isbrahm
+author: jogeurte
+ms.reviewer: jsuther1974
 ms.author: dansimp
 manager: dansimp
-ms.date: 06/28/2022
+ms.date: 08/29/2022
 ms.technology: windows-sec
 ---
 
@@ -120,6 +120,9 @@ As part of normal operations, they'll eventually install software updates, or pe
 
 Windows Defender Application Control has a built-in file rule conflict logic that translates to precedence order. It will first process all explicit deny rules it finds. Then, it will process all explicit allow rules. If no deny or allow rule exists, WDAC will check for [Managed Installer EA](deployment/deploy-wdac-policies-with-memcm.md). Lastly, if none of these sets exist, WDAC will fall back on [ISG](use-windows-defender-application-control-with-intelligent-security-graph.md).
 
+> [!NOTE]
+> For others to better understand the WDAC policies that have been deployed, we recommend maintaining separate ALLOW and DENY policies on Windows 10, version 1903 and later.
+
 ## More information about filepath rules
 
 Filepath rules don't provide the same security guarantees that explicit signer rules do, since they're based on mutable access permissions. Filepath rules are best suited for environments where most users are running as standard rather than admin. Path rules are best suited to allow paths that you expect will remain admin-writeable only. You may want to avoid path rules for directories where standard users can modify ACLs on the folder.
@@ -139,7 +142,7 @@ Wildcards can be used at the beginning or end of a path rule; only one wildcard
 You can also use the following macros when the exact volume may vary: `%OSDRIVE%`, `%WINDIR%`, `%SYSTEM32%`.
 
 > [!NOTE]
-> For others to better understand the WDAC policies that has been deployed, we recommend maintaining separate ALLOW and DENY policies on Windows 10, version 1903 and later.
+> When authoring WDAC policies with Microsoft Endpoint Configuration Manager (MEMCM), you can instruct MEMCM to create rules for specified files and folders. These rules **aren't** WDAC filepath rules. Rather, MEMCM performs a one-time scan of the specified files and folders and builds rules for any binaries found in those locations at the time of that scan. File changes to those specified files and folders after that scan won't be allowed unless the MEMCM policy is reapplied.
 
 > [!NOTE]
 > There is currently a bug where MSIs cannot be allow listed in file path rules. MSIs must be allow listed using other rule types, for example, publisher rules or file attribute rules.

From 28415f96f507034d4f536f7b2b3fb7b9ea435cc9 Mon Sep 17 00:00:00 2001
From: jsuther1974 <jsuther@microsoft.com>
Date: Mon, 29 Aug 2022 13:21:10 -0700
Subject: [PATCH 25/33] Update select-types-of-rules-to-create.md

---
 .../select-types-of-rules-to-create.md                          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index faaf141188..0194121a74 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 audience: ITPro
 ms.collection: M365-security-compliance
-author: jogeurte
+author: jgeurten
 ms.reviewer: jsuther1974
 ms.author: dansimp
 manager: dansimp

From cf888e99a98fd5c5b65f8400ff4331301f5069d3 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Mon, 29 Aug 2022 14:11:05 -0700
Subject: [PATCH 26/33] fix broken link

---
 .../planning/windows-10-enterprise-faq-itpro.yml      | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
index 8aa8e68722..4a695dc7b7 100644
--- a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
+++ b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
@@ -50,10 +50,10 @@ sections:
           - For some devices, Windows 10 may be unable to install drivers that are required for operation. If your device drivers aren't automatically installed, visit the manufacturer's support website for your device to download and manually install the drivers. If Windows 10 drivers aren't available, the most up-to-date drivers for Windows 8.1 will often work in Windows 10.
           - For some devices, the manufacturer may provide more up-to-date drivers or drivers that enable more functionality than the drivers installed by Windows 10. Always follow the recommendations of the device manufacturer for optimal performance and stability.
           - Some computer manufacturers provide packs of drivers for easy implementation in management and deployment solutions like the Microsoft Deployment Toolkit (MDT) or Microsoft Endpoint Configuration Manager. These driver packs contain all of the drivers needed for each device and can greatly simplify the process of deploying Windows to a new make or model of computer. Driver packs for some common manufacturers include:
-              - [HP driver pack](http://www8.hp.com/us/en/ads/clientmanagement/drivers-pack.html)
-              - [Dell driver packs for enterprise client OS deployment](http://en.community.dell.com/techcenter/enterprise-client/w/wiki/2065.dell-command-deploy-driver-packs-for-enterprise-client-os-deployment)
-              - [Lenovo Configuration Manager and MDT package index](https://support.lenovo.com/us/en/documents/ht074984)
-              - [Panasonic Driver Pack for Enterprise](http://pc-dl.panasonic.co.jp/itn/drivers/driver_packages.html)
+              - [HP driver pack](https://www.hp.com/us-en/solutions/client-management-solutions/drivers-pack.html)
+              - [Dell driver packs for enterprise client OS deployment](https://www.dell.com/support/kbdoc/en-us/000124139/dell-command-deploy-driver-packs-for-enterprise-client-os-deployment)
+              - [Lenovo Configuration Manager and MDT package index](https://support.lenovo.com/us/en/solutions/ht074984)
+              - [Panasonic Driver Pack for Enterprise](https://pc-dl.panasonic.co.jp/itn/drivers/driver_packages.html)
           
       - question: |
           Where can I find out if an application or device is compatible with Windows 10?
@@ -125,7 +125,7 @@ sections:
         answer: |
           For an overview of the new enterprise features in Windows 10 Enterprise, see [What's new in Windows 10](/windows/whats-new/) and [What's new in Windows 10, version 1703](/windows/whats-new/whats-new-windows-10-version-1703) in the Docs library.
           
-          Another place to track the latest information about new features of interest to IT professionals is the [Windows for IT Pros blog](https://blogs.technet.microsoft.com/windowsitpro/). Here you'll find announcements of new features, information on updates to the Windows servicing model, and details about the latest resources to help you more easily deploy and manage Windows 10.
+          Another place to track the latest information about new features of interest to IT professionals is the [Windows for IT Pros blog](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/bg-p/Windows10Blog). Here you'll find announcements of new features, information on updates to the Windows servicing model, and details about the latest resources to help you more easily deploy and manage Windows 10.
           
           To find out which version of Windows 10 is right for your organization, you can also [compare Windows editions](https://www.microsoft.com/WindowsForBusiness/Compare).
           
@@ -152,4 +152,3 @@ sections:
           - If you're an IT professional or if you have a question about administering, managing, or deploying Windows 10 in your organization or business, visit the [Windows 10 IT Professional forums](https://social.technet.microsoft.com/forums/home?category=windows10itpro) on TechNet.
           - If you're an end user or if you have a question about using Windows 10, visit the [Windows 10 forums on Microsoft Community](https://answers.microsoft.com/windows/forum).
           - If you're a developer or if you have a question about making apps for Windows 10, visit the [Windows Desktop Development forums](https://social.msdn.microsoft.com/forums/en-us/home?category=windowsdesktopdev).
-          - If you have a question about Internet Explorer, visit the [Internet Explorer forums](https://social.technet.microsoft.com/forums/ie/en-us/home).

From 6b4e40ec127ec03232c1efdeb99df25aa5ccdf5a Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 30 Aug 2022 10:36:02 -0400
Subject: [PATCH 27/33] updated text for Win11

---
 .../hello-for-business/WebAuthnAPIs.md        | 26 ++++++++++---------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
index 5ea3f07aca..ebfeb9d088 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
@@ -9,21 +9,24 @@ ms.reviewer: prsriva
 ms.collection: M365-identity-device-management
 ms.topic: article
 localizationpriority: medium
-ms.date: 02/15/2019
+ms.date: 08/30/2022
+appliesto:
+- ✅ <b>Windows 10</b>
+- ✅ <b>Windows 11</b>
 ---
 # WebAuthn APIs for passwordless authentication on Windows
 
 Passwords can leave your customers vulnerable to data breaches and security attacks by malicious users.
 
-Microsoft has long been a proponent of passwordless authentication. With that goal in mind, we'd like to introduce the latest W3C/Fast IDentity Online 2 (FIDO2) Win32 WebAuthn platform APIs for Windows 10 (version 1903).
+Microsoft has long been a proponent of passwordless authentication, and introduced the W3C/Fast IDentity Online 2 (FIDO2) Win32 WebAuthn platform APIs in Windows 10 (version 1903).
 
-## What this means
+## What does this mean?
 
-By using these APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement passwordless multi-factor authentication for their applications on Windows devices.
+By using WebAuthn APIs, developer partners and the developer community can use [Windows Hello](./index.yml) or [FIDO2 Security Keys](./microsoft-compatible-security-key.md) to implement passwordless multi-factor authentication for their applications on Windows devices.
 
-Users of these apps or sites can use any browser that supports Windows 10 WebAuthn APIs for passwordless authentication. These APIs are currently supported by Microsoft Edge on Windows 10, version 1809 and later versions and on the latest browse versions. Users will have a familiar and consistent experience on Windows 10, no matter which browser they use.
+Users of these apps or sites can use any browser that supports WebAuthn APIs for passwordless authentication. Users will have a familiar and consistent experience on Windows, no matter which browser they use.
 
-Developers should use the new Windows 10 APIs to support FIDO2 authentication keys in a consistent way for users. Additionally, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) while avoiding the interaction and management overhead.
+Developers should use the WebAuthn APIs to support FIDO2 authentication keys in a consistent way for users. Additionally, developers can use all the transports that are available per FIDO2 specifications (USB, NFC, and BLE) while avoiding the interaction and management overhead.
 
 > [!NOTE]  
 > When these APIs are in use, Windows 10 browsers or apps don't have direct access to the FIDO2 transports for FIDO-related messaging.
@@ -85,7 +88,7 @@ The following options and might be useful in the future, but haven't been observ
 
 ## Microsoft implementation
 
-The Microsoft FIDO2 implementation has been years in the making. Software and services are implemented independently as standards-compliant entities. As of the Windows 10, version 1809 (October 2018) release, all Microsoft components use the latest WebAuthn Candidate Release. It's a stable release that's not expected to normatively change before the specification is finally ratified. Because Microsoft is among the first in the world to deploy FIDO2, some combinations of popular non-Microsoft components won’t be interoperable yet.
+The Microsoft FIDO2 implementation has been years in the making. Software and services are implemented independently as standards-compliant entities. As of the Windows 10, version 1809 (October 2018) release, all Microsoft components use the latest WebAuthn Candidate Release. It's a stable release that's not expected to normatively change before the specification is finally ratified. Because Microsoft is among the first in the world to deploy FIDO2, some combinations of popular non-Microsoft components won't be interoperable yet.
 
 Here's an approximate layout of where the Microsoft bits go:  
 
@@ -93,7 +96,7 @@ Here's an approximate layout of where the Microsoft bits go:
 
 *Microsoft's implementation of WebAuthn and CATP2 APIs*
 
-- **WebAuthn relying party: Microsoft Account**. If you aren’t familiar with Microsoft Account, it's the sign-in service for Skype, Xbox, Outlook, and many other sites. The sign-in experience uses client-side JavaScript to trigger Microsoft Edge to talk to the WebAuthn APIs. Microsoft Account requires that authenticators have the following characteristics:
+- **WebAuthn relying party: Microsoft Account**. If you aren't familiar with Microsoft Account, it's the sign-in service for Xbox, Outlook, and many other sites. The sign-in experience uses client-side JavaScript to trigger Microsoft Edge to talk to the WebAuthn APIs. Microsoft Account requires that authenticators have the following characteristics:
 
   - Keys are stored locally on the authenticator and not on a remote server
   - Offline scenarios work (enabled by using HMAC)
@@ -107,14 +110,13 @@ Here's an approximate layout of where the Microsoft bits go:
   > [!NOTE]  
   > For authoritative information about Microsoft Edge support for WebAuthn and CTAP, see [Legacy Microsoft Edge developer documentation](/microsoft-edge/dev-guide/windows-integration/web-authentication).
 
-- **Platform: Windows 10**. Windows 10 hosts the Win32 Platform WebAuthn APIs.
+- **Platform: Windows 10, Windows 11**. Windows 10 and Windows 11 host the Win32 Platform WebAuthn APIs.
 
-- **Roaming Authenticators**. You might notice that there's no “Microsoft” roaming authenticator. That's because there's already a strong ecosystem of products that specialize in strong authentication, and every one of our customers (whether corporations or individuals) has different requirements for security, ease of use, distribution, and account recovery. To see the ever-growing list of FIDO2 certified authenticators, see [FIDO Certified Products](https://fidoalliance.org/certification/fido-certified-products/). The list includes built-in authenticators, roaming authenticators, and even chip manufacturers who have certified designs.
+- **Roaming Authenticators**. You might notice that there's no *Microsoft* roaming authenticator. That's because there's already a strong ecosystem of products that specialize in strong authentication, and every one of our customers (whether corporations or individuals) has different requirements for security, ease of use, distribution, and account recovery. To see the ever-growing list of FIDO2 certified authenticators, see [FIDO Certified Products](https://fidoalliance.org/certification/fido-certified-products/). The list includes built-in authenticators, roaming authenticators, and even chip manufacturers who have certified designs.
 
 ## Developer references
 
-The new Windows 10 WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) GitHub repo. To understand how FIDO2 authenticators work, review the following two specifications:
+The WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) GitHub repo. To understand how FIDO2 authenticators work, review the following two specifications:
 
 - [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/) (available on the W3C site). This document is known as the WebAuthn spec.
-
 - [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html). This is available at the [FIDO Alliance](http://fidoalliance.org/) site. (on which hardware and platform teams are working together to solve the problem of FIDO authentication).

From d6d14610b669f4acdfabd18b8703668696071552 Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Tue, 30 Aug 2022 11:25:42 -0500
Subject: [PATCH 28/33] Update
 windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md

---
 .../configure-md-app-guard.md                                   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index c3169c82a8..d9221e9bca 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -64,7 +64,7 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
 |Allow hardware-accelerated rendering for Microsoft Defender Application Guard|Windows 10 Enterprise, 1803 or higher<br><br>Windows 10 Pro, 1803 or higher<p>Windows 11|Determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** This is effective only in managed mode. Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.<br><br>**Disabled or not configured.** Microsoft Defender Application Guard uses software-based (CPU) rendering and won’t load any third-party graphics drivers or interact with any connected graphics hardware.|
 |Allow camera and microphone access in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|Determines whether to allow camera and microphone access inside Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Applications inside Microsoft Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.<p>**Disabled or not configured.** Applications inside Microsoft Defender Application Guard are unable to access the camera and microphone on the user's device.|
 |Allow Microsoft Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|Determines whether Root Certificates are shared with Microsoft Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.<p>**Disabled or not configured.** Certificates aren't shared with Microsoft Defender Application Guard.|
-|Allow auditing events in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|This policy setting allows you to decide whether auditing events can be collected from Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Application Guard inherits auditing policies from your device and logs system events from the Application Guard container to your host.<p>**Disabled or not configured.** event logs aren't collected from your Application Guard container.|
+|Allow auditing events in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher<br><br>Windows 10 Pro, 1809 or higher<p>Windows 11|This policy setting allows you to decide whether auditing events can be collected from Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Application Guard inherits auditing policies from your device and logs system events from the Application Guard container to your host.<p>**Disabled or not configured.** Event logs aren't collected from your Application Guard container.|
  
 ## Application Guard support dialog settings
 

From eb7740e97b057e7be7e2c1ea1c16a29c41087acb Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Tue, 30 Aug 2022 11:33:35 -0700
Subject: [PATCH 29/33] Filename changes, sentence fix

---
 windows/security/identity-protection/hello-for-business/toc.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml
index 6453d6dc2b..6e71a47657 100644
--- a/windows/security/identity-protection/hello-for-business/toc.yml
+++ b/windows/security/identity-protection/hello-for-business/toc.yml
@@ -22,7 +22,7 @@
     - name: Authentication
       href: hello-how-it-works-authentication.md
     - name: WebAuthn APIs
-      href: webauthnapis.md
+      href: webauthn-apis.md
 - name: How-to Guides
   items:
   - name: Windows Hello for Business Deployment Overview

From b79437aa79448eed3b57a4dc93778663f57fe9a8 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Tue, 30 Aug 2022 11:34:16 -0700
Subject: [PATCH 30/33] File name changes & sentence fix

---
 ...authn-apis-fido2-overview-microsoft-version.png} | Bin
 .../webauthn-apis-fido2-overview.png}               | Bin
 .../{WebAuthnAPIs.md => webauthn-apiIs.md}          |   6 +++---
 3 files changed, 3 insertions(+), 3 deletions(-)
 rename windows/security/identity-protection/hello-for-business/images/{webauthnapis/webauthnapis-fido2-overview-msft-version.png => webauthn-apis/webauthn-apis-fido2-overview-microsoft-version.png} (100%)
 rename windows/security/identity-protection/hello-for-business/images/{webauthnapis/webauthnapis-fido2-overview.png => webauthn-apis/webauthn-apis-fido2-overview.png} (100%)
 rename windows/security/identity-protection/hello-for-business/{WebAuthnAPIs.md => webauthn-apiIs.md} (94%)

diff --git a/windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview-msft-version.png b/windows/security/identity-protection/hello-for-business/images/webauthn-apis/webauthn-apis-fido2-overview-microsoft-version.png
similarity index 100%
rename from windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview-msft-version.png
rename to windows/security/identity-protection/hello-for-business/images/webauthn-apis/webauthn-apis-fido2-overview-microsoft-version.png
diff --git a/windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview.png b/windows/security/identity-protection/hello-for-business/images/webauthn-apis/webauthn-apis-fido2-overview.png
similarity index 100%
rename from windows/security/identity-protection/hello-for-business/images/webauthnapis/webauthnapis-fido2-overview.png
rename to windows/security/identity-protection/hello-for-business/images/webauthn-apis/webauthn-apis-fido2-overview.png
diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/webauthn-apiIs.md
similarity index 94%
rename from windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
rename to windows/security/identity-protection/hello-for-business/webauthn-apiIs.md
index ebfeb9d088..d4721e84a1 100644
--- a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md
+++ b/windows/security/identity-protection/hello-for-business/webauthn-apiIs.md
@@ -41,7 +41,7 @@ After these client-specific keys are created, clients can request attestations f
 
 The following diagram shows how CTAP and WebAuthn interact. The light blue dotted arrows represent interactions that depend on the specific implementation of the platform APIs.
 
-:::image type="content" source="images/webauthnapis/webauthnapis-fido2-overview.png" alt-text="The diagram shows how the WebAuthn API interacts with the relying parties and the CTAPI2 API.":::
+:::image type="content" source="images/webauthn-apis/webauthn-apis-fido2-overview.png" alt-text="The diagram shows how the WebAuthn API interacts with the relying parties and the CTAPI2 API.":::
 
 *Relationships of the components that participate in passwordless authentication*
 
@@ -92,7 +92,7 @@ The Microsoft FIDO2 implementation has been years in the making. Software and se
 
 Here's an approximate layout of where the Microsoft bits go:  
 
-:::image type="content" source="images/webauthnapis/webauthnapis-fido2-overview-msft-version.png" alt-text="The diagram shows how the WebAuthn API interacts with the Microsoft relying parties and the CTAPI2 API.":::
+:::image type="content" source="images/webauthn-apis/web-authnapis-fido2-overview-microsoft-version.png" alt-text="The diagram shows how the WebAuthn API interacts with the Microsoft relying parties and the CTAPI2 API.":::
 
 *Microsoft's implementation of WebAuthn and CATP2 APIs*
 
@@ -119,4 +119,4 @@ Here's an approximate layout of where the Microsoft bits go:
 The WebAuthn APIs are documented in the [Microsoft/webauthn](https://github.com/Microsoft/webauthn) GitHub repo. To understand how FIDO2 authenticators work, review the following two specifications:
 
 - [Web Authentication: An API for accessing Public Key Credentials](https://www.w3.org/TR/webauthn/) (available on the W3C site). This document is known as the WebAuthn spec.
-- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html). This is available at the [FIDO Alliance](http://fidoalliance.org/) site. (on which hardware and platform teams are working together to solve the problem of FIDO authentication).
+- [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html). This is available at the [FIDO Alliance](http://fidoalliance.org/) site, on which hardware and platform teams are working together to solve the problem of FIDO authentication.

From a4e797755734c1fe87ffc5529aea2c2db19ecf55 Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Tue, 30 Aug 2022 11:43:11 -0700
Subject: [PATCH 31/33] Filename fixes

---
 .../hello-for-business/{webauthn-apiIs.md => webauthn-apis.md}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename windows/security/identity-protection/hello-for-business/{webauthn-apiIs.md => webauthn-apis.md} (99%)

diff --git a/windows/security/identity-protection/hello-for-business/webauthn-apiIs.md b/windows/security/identity-protection/hello-for-business/webauthn-apis.md
similarity index 99%
rename from windows/security/identity-protection/hello-for-business/webauthn-apiIs.md
rename to windows/security/identity-protection/hello-for-business/webauthn-apis.md
index d4721e84a1..8926ad4417 100644
--- a/windows/security/identity-protection/hello-for-business/webauthn-apiIs.md
+++ b/windows/security/identity-protection/hello-for-business/webauthn-apis.md
@@ -92,7 +92,7 @@ The Microsoft FIDO2 implementation has been years in the making. Software and se
 
 Here's an approximate layout of where the Microsoft bits go:  
 
-:::image type="content" source="images/webauthn-apis/web-authnapis-fido2-overview-microsoft-version.png" alt-text="The diagram shows how the WebAuthn API interacts with the Microsoft relying parties and the CTAPI2 API.":::
+:::image type="content" source="images/webauthn-apis/webauthn-apis-fido2-overview-microsoft-version.png" alt-text="The diagram shows how the WebAuthn API interacts with the Microsoft relying parties and the CTAPI2 API.":::
 
 *Microsoft's implementation of WebAuthn and CATP2 APIs*
 

From 8e324e38d6dbadfef89da0c75ae78bff5b190b4c Mon Sep 17 00:00:00 2001
From: v-tappelgate <91994953+v-tappelgate@users.noreply.github.com>
Date: Tue, 30 Aug 2022 11:52:38 -0700
Subject: [PATCH 32/33] filename change

---
 .openpublishing.redirection.json | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index da1fa1a88d..2c59b009f8 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -1,5 +1,10 @@
 {
   "redirections": [
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md",
+      "redirect_url": "/windows/security/windows/security/identity-protection/hello-for-business/webauthn-apis",
+      "redirect_document_id": false  
+    },
     {
       "source_path": "windows/application-management/manage-windows-mixed-reality.md",
       "redirect_url": "/windows/mixed-reality/enthusiast-guide/manage-windows-mixed-reality",

From c55460d50f2789a73bc1261f7fece29870550ea1 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 30 Aug 2022 15:56:14 -0400
Subject: [PATCH 33/33] Updated AD DS string

---
 .../identity-protection/hello-for-business/hello-faq.yml        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.yml b/windows/security/identity-protection/hello-for-business/hello-faq.yml
index dbaba9dfe3..bc542d1967 100644
--- a/windows/security/identity-protection/hello-for-business/hello-faq.yml
+++ b/windows/security/identity-protection/hello-for-business/hello-faq.yml
@@ -261,4 +261,4 @@ sections:
           
       - question: Does Windows Hello for Business work with Azure Active Directory Domain Services (Azure AD DS) clients?
         answer: | 
-          No, Azure AD DS is a separately managed environment in Azure, and hybrid device registration with cloud Azure AD isn't available for it via Azure AD Connect. Hence, Windows Hello for Business doesn't work with Azure AD.
+          No, Azure AD DS is a separately managed environment in Azure, and hybrid device registration with cloud Azure AD isn't available for it via Azure AD Connect. Hence, Windows Hello for Business doesn't work with Azure AD DS.