From 2c014209c54d08f640faa3e6d7c6c0e6e767f934 Mon Sep 17 00:00:00 2001
From: lizayugabyte <77016159+lizayugabyte@users.noreply.github.com>
Date: Fri, 19 Feb 2021 12:53:26 -0500
Subject: [PATCH 1/2] Updated YB Platform files

---
 .../install-software/airgapped.md             |  55 ++++++++++--------
 .../install-software/default.md               |  39 +++++++------
 .../install-software/kubernetes.md            |  42 +++++++------
 .../security/enable-encryption-in-transit.md  |  13 ++++-
 .../images/replicated/application-config.png  | Bin 0 -> 29206 bytes
 5 files changed, 91 insertions(+), 58 deletions(-)
 create mode 100644 docs/static/images/replicated/application-config.png

diff --git a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/airgapped.md b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/airgapped.md
index 509961586620..59917d7e2a0f 100644
--- a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/airgapped.md
+++ b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/airgapped.md
@@ -39,89 +39,91 @@ showAsideToc: true
 
 ## Install Replicated
 
-On a machine connected to the Internet, perform the following steps.
+On a computer connected to the Internet, perform the following steps:
 
-Make a directory for downloading the binaries.
+Make a directory for downloading the binaries by executing the following command:
 
 ```sh
 $ sudo mkdir /opt/downloads
 ```
 
-Change the owner user for the directory.
+Change the owner user for the directory by executing the following command:
 
 ```sh
 $ sudo chown -R ubuntu:ubuntu /opt/downloads
 ```
 
-Change to the directory.
+Change to the directory by executing the following command:
 
 ```sh
 $ cd /opt/downloads
 ```
 
-Download the `replicated.tar.gz` file.
+Download the `replicated.tar.gz` file by executing the following command:
 
 ```sh
 $ wget https://downloads.yugabyte.com/replicated.tar.gz
 ```
 
-Download the `yugaware` binary. Change this number as needed.
+Download the `yugaware` binary and change the following number, as required:
 
 ```sh
 $ wget https://downloads.yugabyte.com/yugaware-2.1.2.0-b10.airgap
 ```
 
-Change to the directory.
+Switch to the following directory:
 
 ```sh
 $ cd /opt/downloads
 ```
 
-Extract the `replicated` binary.
+Extract the `replicated` binary, as follows:
 
 ```sh
 $ tar xzvf replicated.tar.gz
 ```
 
-Install Replicated. If multiple options appear, select the `eth0` network interface. The `yugaware` binary will be installed using the replicated UI after the replicated installation completes.
+Install Replicated. If multiple options appear, select the `eth0` network interface, as follows. 
 
 ```sh
 $ cat ./install.sh | sudo bash -s airgap
 ```
 
-After Replicated finishes installing, make sure it is running.
+The `yugaware` binary is installed using the Replicated UI after the Replicated installation completes.
+
+After Replicated finishes installing, ensure that it is running by executing the following command:
 
 ```sh
 $ sudo docker ps
 ```
 
-You should see an output similar to the following.
+You should see an output similar to the following:
 
 ![Replicated successfully installed](/images/replicated/replicated-success.png)
 
-Next, install Yugabyte Platform as described in step 2.
+The next step is to install Yugabyte Platform..
 
-## Set up HTTPS (optional)
+## Set Up HTTPS (optional)
 
-Launch the Replicated UI by going to [http://yugaware-host-public-ip:8800](http://yugaware-host-public-ip:8800). The warning shown next states that the connection to the server is not private (yet). We will address this warning as soon as you configure HTTPS for the Replicated Admin Console in the next step. Click **Continue to Setup** and then **ADVANCED** to bypass this warning and go to the **Replicated Admin Console**.
+Launch the Replicated UI via [http://yugaware-host-public-ip:8800](http://yugaware-host-public-ip:8800). Expect to see a warning stating that the connection to the server is not yet private. This condition is resolved once HTTPS for the Replicated Admin Console is set up in the next step. Proceed by clicking **Continue to Setup** **>** **ADVANCED** to bypass the warning and access the **Replicated Admin Console**, as shown in the following illustration:
 
 ![Replicated SSL warning](/images/replicated/replicated-warning.png)
 
-You can provide your own custom SSL certificate along with a hostname.
+You can provide your own custom SSL certificate and a hostname, as shown in the following illustration:
 
 ![Replicated HTTPS setup](/images/replicated/replicated-https.png)
 
-The simplest option is use a self-signed cert for now and add the custom SSL certificate later. Note that you will have to connect to the Replicated Admin Console only using IP address (as noted below).
+It is recommended that you start with using a self-signed certificate, and then add the custom SSL certificate later. Note that in this case you connect to the Replicated Admin Console using an IP address, as shown in the following illustration:
 
 ![Replicated Self Signed Cert](/images/replicated/replicated-selfsigned.png)
 
-## Upload license file
+## Upload the License File
 
-Now, upload the Yugabyte license file received from [Yugabyte](https://www.yugabyte.com/platform/#request-trial-form).
+Upload the Yugabyte license file that you received from [Yugabyte](https://www.yugabyte.com/platform/#request-trial-form), as shown in the following illustration:
 
 ![Replicated License Upload](/images/replicated/replicated-license-upload.png)
 
-Two options to install Yugabyte Platform are presented.
+Two options to install Yugabyte Platform are presentedas, shown in the following illustrations:
 
 ![Replicated License Air-gapped Install](/images/replicated/replicated-license-airgapped-install-option.png)
 
@@ -131,16 +133,23 @@ Two options to install Yugabyte Platform are presented.
 
 ## Secure Replicated
 
-The next step is to add a password to protect the Replicated Admin Console (for Replicated use only and differs from the Yugabyte Platform console).
+Add a password to protect the Replicated Admin Console, which is different from the Admin Console for YugabyteDB used by Yugabyte Platform, as shown in the following illustration:
 
 ![Replicated Password](/images/replicated/replicated-password.png)
 
 ## Preflight checks
 
-Replicated will perform a set of preflight checks to ensure that the host is set up correctly for Yugabyte Platform.
+Replicated performs a set of preflight checks to ensure that the host is set up correctly for Yugabyte Platform, as shown in the following illustration:
 
 ![Replicated Checks](/images/replicated/replicated-checks.png)
 
-Clicking **Continue** above will bring you to the Yugabyte Platform configuration.
+Click **Continue** to configure Yugabyte Platform.
+
+If the preflight check fails, review the [Troubleshoot Yugabyte Platform](../../../troubleshoot/) to resolve the issue.
+
+## Set the TLS Version for Nginx Frontend 
+
+Specify TLS versions via **Application config**, as shown in the following illustration: 
+![Application Config](/images/replicated/application-config.png)
 
-In case the preflight check fails, review the [Troubleshoot Yugabyte Platform](../../../troubleshoot/) to identify the resolution.
+The recommended TLS version is 1.2 or later.
\ No newline at end of file
diff --git a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/default.md b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/default.md
index 67b65e93144b..4ba22a960bee 100644
--- a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/default.md
+++ b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/default.md
@@ -39,25 +39,23 @@ showAsideToc: true
 
 </ul>
 
-YugabyteDB universes and clusters are created and managed using the Yugabyte Platform. The default option to install Yugabyte Platform on a host machine that is connected to the Internet.
+YugabyteDB universes and clusters are created and managed using Yugabyte Platform. The default option to install Yugabyte Platform on a host machine that is connected to the Internet.
 
 ## Install Replicated
 
-Connect to the Yugabyte Platform instance and do the following.
-
-1. Install Replicated.
+Connect to a Yugabyte Platform instance and then install Replicated by executing the following command:
 
 ```sh
 $ curl -sSL https://get.replicated.com/docker | sudo bash
 ```
 
-**NOTE**: If you are installing Replicated behind a proxy, you need to run the following:
+If you are installing Replicated behind a proxy, you need to execute the following command:
 
 ```sh
 $ curl -x http://<proxy_address>:<proxy_port> https://get.replicated.com/docker | sudo bash
 ```
 
-After the Replicated installation completes, verify that it is running by running the following command:
+After the Replicated installation completes, verify that it is running by executing the following command:
 
 ```sh
 $ sudo docker ps
@@ -67,27 +65,27 @@ You should see an output similar to the following:
 
 ![Replicated successfully installed](/images/replicated/replicated-success.png)
 
-## Set up HTTPS (optional)
+## Set Up HTTPS (optional)
 
-Launch Replicated UI by going to [http://yugaware-host-public-ip:8800](http://yugaware-host-public-ip:8800). The warning shown next states that the connection to the server is not private (yet). You will address this warning as soon after setting up HTTPS for the Replicated Admin Console in the next step. Click **Continue to Setup** and then **ADVANCED** to bypass this warning and go to the Replicated Admin Console.
+Launch the Replicated UI via [http://yugaware-host-public-ip:8800](http://yugaware-host-public-ip:8800). Expect to see a warning stating that the connection to the server is not yet private. This condition is resolved once HTTPS for the Replicated Admin Console is set up in the next step. Proceed by clicking **Continue to Setup** **>** **ADVANCED** to bypass the warning and access the **Replicated Admin Console**, as shown in the following illustration:
 
 ![Replicated SSL warning](/images/replicated/replicated-warning.png)
 
-You can provide your own custom SSL certificate along with a hostname.
+You can provide your own custom SSL certificate and a hostname, as shown in the following illustration:
 
 ![Replicated HTTPS setup](/images/replicated/replicated-https.png)
 
-The simplest option is use a self-signed certificate for now and add the custom SSL certificate later. Note that you will have to connect to the Replicated Admin Console using an IP address (as noted below).
+It is recommended that you start with using a self-signed certificate, and then add the custom SSL certificate later. Note that in this case you connect to the Replicated Admin Console using an IP address, as shown in the following illustration:
 
 ![Replicated Self Signed Cert](/images/replicated/replicated-selfsigned.png)
 
-## Upload the license file
+## Upload the License File
 
-Now, upload the Yugabyte license file that you received from [Yugabyte](https://www.yugabyte.com/platform/#request-trial-form).
+Upload the Yugabyte license file that you received from [Yugabyte](https://www.yugabyte.com/platform/#request-trial-form), as shown in the following illustration:
 
 ![Replicated License Upload](/images/replicated/replicated-license-upload.png)
 
-If you are asked to choose an installation type, choose `Online`.
+If you are prompted to choose an installation type, choose **Online**, as shown in the following illustration:
 
 ![Replicated License Online Install](/images/replicated/replicated-license-online-install-option.png)
 
@@ -95,16 +93,23 @@ If you are asked to choose an installation type, choose `Online`.
 
 ## Secure Replicated
 
-The next step is to add a password to protect the Replicated Admin Console (note that this Admin Console is for Replicated and is different from Yugabyte Platform, the Admin Console for YugabyteDB).
+Add a password to protect the Replicated Admin Console, which is different from the Admin Console for YugabyteDB used by Yugabyte Platform, as shown in the following illustration:
 
 ![Replicated Password](/images/replicated/replicated-password.png)
 
-## Preflight checks
+## Preflight Checks
 
-Replicated will perform a set of preflight checks to ensure that the host is setup correctly for Yugabyte Platform.
+Replicated performs a set of preflight checks to ensure that the host is set up correctly for Yugabyte Platform, as shown in the following illustration:
 
 ![Replicated Checks](/images/replicated/replicated-checks.png)
 
 Click **Continue** to configure Yugabyte Platform.
 
-If the preflight check fails, review the [Troubleshoot Yugabyte Platform](../../../troubleshoot/) to find a resolution.
+If the preflight check fails, review the [Troubleshoot Yugabyte Platform](../../../troubleshoot/) to resolve the issue.
+
+## Set the TLS Version for Nginx Frontend 
+
+Specify TLS versions via **Application config**, as shown in the following illustration: 
+![Application Config](/images/replicated/application-config.png)
+
+The recommended TLS version is 1.2 or later.
\ No newline at end of file
diff --git a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md
index 50158ac6daaa..c511ce2c3073 100644
--- a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md
+++ b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md
@@ -39,14 +39,14 @@ showAsideToc: true
 
 ## Prerequisites
 
-Before you install Yugabyte Platform on a Kubernetes cluster, make sure you:
+Before you install Yugabyte Platform on a Kubernetes cluster, perform the following:
 
 - Create a yugabyte-helm service account.
 - Create a `kubeconfig` file for configuring access to the Kubernetes cluster.
 
 ### Create a yugabyte-helm service account
 
-1. Run the following `kubectl` command to apply the YAML file.
+1. Run the following `kubectl` command to apply the YAML file:
 
 ```sh
 kubectl apply -f https://raw.githubusercontent.com/YugaByte/charts/master/stable/yugabyte/yugabyte-rbac.yaml
@@ -59,9 +59,9 @@ serviceaccount "yugabyte-helm" created
 clusterrolebinding "yugabyte-helm" created
 ```
 
-## Create a `kubeconfig` file for a Kubernetes cluster
+## Create a `kubeconfig` File for a Kubernetes Cluster
 
-To create a `kubeconfig` file for a yugabyte-helm service account:
+You can create a `kubeconfig` file for a yugabyte-helm service account as follows:
 
 1. Run the following `wget` command to get the Python script for generating the `kubeconfig` file:
 
@@ -83,33 +83,35 @@ Generated the kubeconfig file: /tmp/yugabyte-helm.conf
 
 3. Upload the generated `kubeconfig` file as the `kubeconfig` in the Yugabyte Platform provider configuration.
 
-## Install Yugabyte Platform on a Kubernetes cluster
+## Install Yugabyte Platform on a Kubernetes Cluster
 
-1. Create a namespace using the `kubectl create namespace` command:
+You install Yugabyte Platform on a Kubernetes cluster as follows:
+
+1. Create a namespace by executing the following `kubectl create namespace` command:
 
     ```sh
     kubectl create namespace yb-platform
     ```
 
-2. Apply the Yugabyte Platform secret (obtained from [Yugabyte](https://www.yugabyte.com/platform/#request-trial-form) by running the following `kubectl create` command:
+2. Apply the Yugabyte Platform secret that you obtained from [Yugabyte](https://www.yugabyte.com/platform/#request-trial-form) by running the following `kubectl create` command:
 
     ```sh
     $ kubectl create -f yugabyte-k8s-secret.yml -n yb-platform
     ```
 
-    You should see output that the secret was created, like this:
+    Expect the following output notifying you that the secret was created:
 
     ```
     secret/yugabyte-k8s-pull-secret created
     ```
 
-3. Run the following `helm repo add` command to clone the [YugabyteDB charts repository](https://charts.yugabyte.com/).
+3. Run the following `helm repo add` command to clone the [YugabyteDB charts repository](https://charts.yugabyte.com/):
 
     ```sh
     $ helm repo add yugabytedb https://charts.yugabyte.com
     ```
 
-    A message should appear, similar to this:
+    A message similar to the following should appear:
 
     ```
     "yugabytedb" has been added to your repositories
@@ -121,7 +123,7 @@ Generated the kubeconfig file: /tmp/yugabyte-helm.conf
     $ helm search repo yugabytedb/yugaware -l
     ```
 
-    The latest Helm Chart version and App version will be displayed.
+    The latest Helm Chart version and App version will be displayed:
 
     ```
     NAME               	CHART VERSION	APP VERSION	DESRIPTION
@@ -130,15 +132,21 @@ Generated the kubeconfig file: /tmp/yugabyte-helm.conf
 
 4. Run the following `helm install` command to install Yugabyte Platform (`yugaware`) Helm chart:
 
-```sh
-helm install yw-test yugabytedb/yugaware --version 2.3.3 -n yb-platform --wait
-```
+    ```sh
+    helm install yw-test yugabytedb/yugaware --version 2.3.3 -n yb-platform --wait
+    ```
+
+5. Optionally, set the TLS version for Nginx frontend by using `ssl_protocols` operational directive in the Helm installation, as follows:
+
+    ```sh
+    helm install yw-test yugabytedb/yugaware --version 2.3.3 -n yb-platform --wait --set tls.sslProtocols="TLSv1.2 TLSv1.3"
+    ```
 
-A message is output that the deployment succeeded.
+A message output will notify you whether or not the deployment is successful.
 
-## Delete the Helm installation of Yugabyte Platform
+## Delete the Helm Installation of Yugabyte Platform
 
-To delete the Helm install, run the following `helm del` command:
+To delete the Helm installation, run the following `helm del` command:
 
 ```sh
 helm del --purge yw-test -n yb-platform
diff --git a/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md b/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md
index 8e2bf9b779ab..db5d86a69179 100644
--- a/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md
+++ b/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md
@@ -254,4 +254,15 @@ X509v3 Basic Constraints:
 
 3. Verify that certificates and keys are in PEM format (as opposed to the DER or other format). If these artifacts are not in the PEM format and you require assistance with converting them or identifying the format, consult [Converting Certificates](https://support.globalsign.com/ssl/ssl-certificates-installation/converting-certificates-openssl).
 
-4. Ensure that the private key does not have a passphrase associated with it. For information on how to identify this condition, see [How to Decrypt an Enrypted SSL RSA Private Key](https://techjourney.net/how-to-decrypt-an-enrypted-ssl-rsa-private-key-pem-key/).
\ No newline at end of file
+4. Ensure that the private key does not have a passphrase associated with it. For information on how to identify this condition, see [How to Decrypt an Enrypted SSL RSA Private Key](https://techjourney.net/how-to-decrypt-an-enrypted-ssl-rsa-private-key-pem-key/).
+
+## Enforcing TLS Versions
+
+As TLS 1.0 and 1.1 are no longer accepted by PCI compliance, and considering significant vulnerabilities around these versions of the protocol, it is recommended that you migrate to TLS 1.2 (default) or later.
+
+You can set the TLS version for node-to-node and client-node communication. To enforce minimum TLS versions of 1.2 and 1.3, add the following flag for T-Server: 
+
+```
+ssl_protocols = tlsv12 tlsv13
+```
+
diff --git a/docs/static/images/replicated/application-config.png b/docs/static/images/replicated/application-config.png
new file mode 100644
index 0000000000000000000000000000000000000000..922f0f10477874a186721b5c9742f5eab4e0d29d
GIT binary patch
literal 29206
zcmbTe2{hIH8!x&mX&2Qdp(2!!%*h;4GGvI%nWr+(W2TTYL=i%igb+e9Qz1#HBxEX*
zWS&B%``Q2hId`pl*1GH5d#v~E?Pc%nH+;X(^O>Gs_(e5^-MbF%A`l3>l@!lu5(r!I
z*Ddx$@_$Y>B+%eL+uY=ow1`Av?+^9w1Oh8T>71;V_k)RkFK;dF0kIjk-i4$ODjW`)
z#Ifyi5~t4)kDR-+eLqd;{_Fkmk6EiCDhvMod2FuVRm=B2ca3zHgH`cvr7V$+BKD4)
zFMpg;)}UnB+D7?!wU5T#_;A@@t1D+udQF`k?fc==wlr|5C@PAYf<Sn+^gYA~$3h6%
zMn1A-E+YQ?p23PggJOd5CqeoT$8JI}>qp^Mmp)U5pNX#oqUwJ*SM`S&kqALfY*FVk
z7~=L(ytWr{W8%E4=*UhJdQn+9f|V$eqDl%K8Zr+I42)%WdSbtO_ioQBql`~|ibssQ
zy1VZuBqSs!zn}N>@$qqTD%8nio{-x@@O!gcJ4cs>;`Nw&fnL$$k`lMxmktuCQ=^&n
z#S<UX&zkrzb_NFr_mo_TVV3;6wlZH>x8dvJQl!OQv*B(plG18TwP(+HV(E())k_1{
z_!7s%In!{3mwmR+SK=3rrd@L!sP?fft$h4=Xs9t#EV@vy=*W>H=FcN33FV7ECkX=7
zCoSLIIc4|N-OFowu<qfoSTJitA%!f?dekRvbZ77@fe&s>Z0rHYh{4{{?em&BT6vv+
z+$GXR-CSKifBtN4VWIv|nwOFwOA?E&7x)lY>#e=nkgqe|?=_fu|9-i3Yx2jB7h~BK
zZXX=+tcq7Y);=#59hvAYv`C8Nw*FN2bg*f@+B^Eb!KS(4V)0yv&92~&0|OhYgPXNk
zS-<ch9ulc73A`Owg^i4i%n37nS)A*3bd&_b#^r&DZCt#(Mm4^t+UF@l%znJNar*S>
zA(zNTbCHz1ygXHoIO9T@z>Vsb5jkQwuT+13zr4J>RQn0Kh{unQBv>^THYC%ry>RG#
zx#O_6>GVL2ZK(k%bZTm9ezbkZjvf0bG_<vEkX$Pa&39eDetl$QL?<tPbR{=8cWrI0
zy1Kfpt*xMd?}l8FZD+2+VIPVn7p5lt1YT}#S_;{G9ftk;#Z%Rap8EUybHt6kk3W&0
zpa1&x>(0*3nwpxyx=Tgcxm8t?!on}IvlXOn4wvJI5?eC6#v>yla96#HTdhwfskFAX
zj<!GCyL0E*@87>CCeD#>v!#_4Tj+rQQoqOe*P4xg;};V7QgM>c&FV>VIQ`Pn(xLGS
z78VxQu2t3lAPpZQ5WH`64G{Dam`_@(`1<<F%E}rT7&tmkeJi!wwsq^bZ{NNany?%=
zps%Yd>N95<e(rOB|N8Q9j7f!Sqj^#F;@8Wr6%VX>Uc3-yYD!5-xze7Nf0657_Jg>%
z`B9lopZc)f3eik9j*iA<j{P-D19_S`V$oI3Ki<5s=}6$wFZP+Y4tdRbSJ7Ui_e5cJ
zv0YcewjFz-n8ahPdcJ)#$m^{1Tba9g*!Nb}So{gyA+dqp-phJ=SA`Gm48H2%;6K~Q
z5E&WiAkrJQ`_P;EdOKU&xw*NYt`$A@1LZEm+O7Ih?F<YI)BRPV$BxPKC3Xm}H*-ED
zZ-hNJhf|zt!y_XzxZYa|)%^WtcXKbxd1AhPiS^HScX1M_f)-(#IWP2hu-&e$%{Gzu
zS=DsyA+{I3i+?)vbouq3e=lk}9H+=`@iuBF71g!x*LUE2aFY&%xk#kahX3p?vQU?r
z4P~T7`FQIyx%*Le_La5=;*=pj@(OGJ{mCoD<`5DR>T~q6v&;K*^+R)WlBkohwzjsu
zzP`Qv#Mk`G`Uws;HamCkPL=Sm_4M?#v9WP*aIm)im2)YZ`^1S=nLoCr-)`L^1_o}n
zB=XlS4@HiD&ClS<ee&c<W@ct->3%k0%Xg%Z*Ul?*Blum99zDA9&|gGQu&Ai$(+}rz
z!-C@CVyq5rU0nryoj?Eg?_c9e_nh)_F<##M+}uAX2YBh_m-crR+3}0bHL%u9E?si_
zJJIv}`SZ<{hnqS1`TGauNpiugFG@>OPhS&}kr}iXF)4RW&(3bL6gnj=Oh-?zmMom}
z^5x6&@@`WBznRxNcJAD{xVVV5-qX`_Lg(34dwVIjUr}n=*CvXZNOHoeq9P(kLjR19
zx4eHJ%`8d3Z{NN{hayRp^KFt3{r~DmJg&u}4hsvrfB!yq*gj6RGn)d0SCQ59gyiI8
z>ks$MN_wzh0~da4l=ZG-1?t;Brm>q3+?anD$En`d+G<o6P-DnvQewUPUqQ|lEYC~X
zYRr<J6MrXrj~+Q<-JaGTNO<a9p|`#Lq0FGA(2bin)suvdojf@ouWPKNu0B{~(ezX!
zBTFSIHYMfS@{C!?Ytp`bCH6hVX=#Te8-=hM6j=OUWMrJRzw~Ep%x8VEYkhsatI$No
z=JS(Y$EwN9MB_IC6N_CYOF!q<=G)big^$a~1dg_)(#hu=R($R_-yrY-YZv!MElo<?
zyy4dIOIf&|4*iuL_~&dG^$Ip0N~>et`rlH!uFC$Y(T9NpalhW)K7{X1l@CWR4F<BX
zE&PmAm!56dXP$Mr%n=KS`(ME(fsKxt`L<d2CH2!Do9jzx7&;$(hu_{7O8Rhl(-_M%
zm2jqGVPUKzBO~LQukTBzL20Y^bcrqTckj~RjifgMQD*nC)S8-__OeK?;f2KXAN4nn
zhB`A%|M^3Eq9Zgkl)r9`mQ6Td%{$C2K;Wp1OdT3t=*9Eoudr@8bD^ZK&-5>8YHDh0
z$0sF)lW12x1gZC3Q$2h3>?&vM-Mef=ISq|ZC{|do((4NyFJFqdT)pERU}p9M-$Y~j
z*4s-XhsBdNCqRAl??=aPFOKu^@f|&S^wg<Ndyy+wt{e^JGpeLJbSNb)t=4OL;Ljgh
z^jr0;{rmT0G0)D<qGl4)@7y6pJl5jgFQ>>67ruAnuxAxB+r6~3Xi`K(gd9<vDf-YV
z=T<^co)0JCUScA@Ni9>8OUP>h|9=a;PIalQx3K<ahnpffotc^hqQsKrNfcpbQoGls
z+9gxlHY|+XCHhZg1ug#l>w7p<Jo-{z=jO&zoo=CVtAGmjdiT8FWSeG^$}i6<pEQP}
z=luOow-l#^Q!zE|3}&T&d(yDUEx&hi4>dLF`OBBSd@dD+LP=4>V(3UzxGjuf>0IyI
z+uPk*#G<b`&VM_$_AAAS&#?SCDkYi|cEP~FK$r0~)d?naL8n<c!gnz~2?^g1_XRyX
zJoa&@l#drw{rZqp;yr6FOG@Cq97aM%;!E7IeLMDLkNwM_AVT;#O<i5ifRWMB#0L-T
z%X$wTI<$|LmL!M%*mYka;lYCm*9yG^blyZhBZC)LHT3kl@j+O#9BL2rE?@55v@D{m
z<9_f!+TY;F-QSD8Xt^al==7N#V?6Ycqp@~TFYmRC;KH6Kw%!-ac=6(%m4065K_(`@
zKVOaqvu@qGRYFqIh)>toxAN0fcQGb($!@QLP0svh&l&`t)ztX6r=3=pSzloG>eJBB
zm^Ep=4s`bL=M92sS#P%b!-7uRGKXFrU0uMc?k`_npcOuT{1|`722{20GJbA)y?65K
zRpG$3VHO&>-ZCczVt9s3BJX7#Bcs%mlqy`A=;4<Rz2`N)?ESSkSvJVQ!BIQ=_7GZg
zQc@Cj0K-0p6HOy6iRx)mJ#NK~=CkwjDW~joHk%xhRPa8L(2wYzA;H16wzh|_O$e46
z_|JTob!Xl-c|0OFKmSyc3ijw`?6C`md|eO3-8fY4&%B}Hf6h~N_0!{@KYyYSUrF=f
z5D>ViGJi!;U41VVRY~t80K%>tN4U5YNfcMNZzXsqGK5{nDHa-5#Ac28ul~Ie78c>*
zrKR;H?esOFlP5=8Q<~<bR67jvb(l7zN#D?KQMyQSV$qj*640&H)u%7;*PvH&MZ_v+
znroVeNGrvj&zQZzV60acu%4@(r;~4RgCr5S;fK8oJTTEy(nyDjEaEbBE|&cmZS(bQ
zI}ZCVd`gw{5~4n7_mwB&af3(_mS6V6fPYC>(!^2K^>8eI*GBjQWr-SeH-^iv*xna=
zn764S7|VX>;6dYSlci0#J|TOhNqcKoex;;{It48MxM>owGJ;|qu>%$ArFrA7QiJ|Y
zzJG(!SB|7y`N}A-F_agxJP5?YndU9GmRnLXk4AighbJ_^ln_*ADq4H&N$+HIOw1L=
ztlHXvONrqva+a2s_Yx8uyPun(yYH1*69_Zg*x0~wCvQyLr-;bN_Ebp*5=p>ost-J1
z_Q$`z3OAG)vFN78Mr>peQBlCc<>loQx&>lPdy=!1Vwt4<yw9CGclq+=OP4NTTkGVh
zs;YL5FQS9**u%8k>J)HEU%y!(s@1yX!-uGtnCXcLDUUx|Dk{`XF6L}im6e*8E)5S2
zk>qp>43G2hQ199`B-VCS_|Kwm(OrcH9P~6a8YU)AWxcEFOOq25QNTG75ueB0Z~x~@
zExW_KsG*^O{n#-j_E>;4aDZ2@&d8FeDMOZX+5WO$V2>>?FGruOt(A^=92*yR;>3x@
z^Z97*OikDuU%R`Xe!5D}YY;jtrrJ?97_bTmiVf9)<|Qm8wMMyFLm-^Nh6*CNR`mz7
z8g@GK7yQ=O(eeEKF<m3${Q8f*fnq*$Pqet>71?RSDe9kNgSm~iZQs7#%F4<{_#kzC
zL*YlSnk)+0JM71^j^0(28W%;y_AJt*laFO@a^Xvi92OIFNzTgD%qd^ks@fr}dWr6s
zn&?@g&%s2LIGclP?6tPHZp-krM4adeXKAdK(l_yFaV$$27Mm?Hl6pPq*&)okL6>%}
zq0OwlX`{@oGhdLpe%=pA#mQ;<?oov-^@n`F7AH#D$$ez=Usv7Xz_r=D^TJyQuiAg5
zCcTpBwu~{m-)$`Gr;w?+==7R&vw=jBev#{*vel+CeZ7GC!)#7wn&@Gnq-UEn!L0X`
zGe<K<Pt3}-H|6ab+bObsm%S(O0E=KDOV!Bq;NsrHbkjAP`9|7rHsrx3QhPhHRP&xa
zo0ynbn4dp{r6Moi_-}FC?BIXEN(E!z-iTYbo<4h~m7@jTqRV^NTKFK~tJJV1WhHwZ
zJ+K}X1K$G?hi^dg40Lo~dV5ztU*HE9Q9W|ku+)*6K<Fb*3vV&HtgEYQVKID*=4fr*
zqd>G#b#--HTW*S=4ezwF9((YKp{9556!UecN@WPIssh5v4E8&Rdz|CWodkmEBU$qQ
zvy7ywnI;T-AO6d|g%D)2kDmf;&E0@kNrU(|4}H*NFTO)vFLfek3m9?fjM_dD^$-QV
z&-|MLJ%(jFzD@9>1A8XSXpr#dD~11l?*HZo_Y$`e+UMUa^6o?%?RR7lwcXLhIz`7%
zeB-h4T&jJq`&|N|jPlJ@Vc%nHVP+q!-4qpXwOSARY<yc~kVtLAI=syyGcf77w7BS#
zNho6vGXn}z=n$4Ap<!l?v0U~H&$3}^qLBls5mq(1@&ZRMG)+M$>rK6Tw+JKzMZ{(J
zZO`Q2U%#wVT7S7#I5Tl7eI|orzMJ)IIx66GfQP&&y2{GMdOX%8J&t9)lb+cfO0iEm
z#_lPy6WLN)&uiSP|6$7bcEnYQofd?<tarQYBd%R+?8M+!YY>E?h$rUfMN)2C0lcDV
zR`s(h74wX{RuF?pk)b5oy%7gyrJPC)fP>UMtNN+yZz+Xm(w@+XY#efz*coi9pFpPE
z&vZ^i4>N{^k4%h@yGf*iA|LSiOw$rYqQ$>MKDA|Kx;(Ve!#a7|ek^}BFZWD(rj4S3
z1_T5+IXPKcJ~^LZbM>mTM5?*1`4*-<JLGOz^*ng+00cFqRRpl+>sK9||4PDRuEdrR
zcM0Y_JDObR<X;c@69_-^*9lKF!QiF}jH-Z-s42JA3jjz#reF-)&%nSU=KOtQby}A@
zULv)ipkS&YeBa3{ZCYG(=*&{>9m1y}AB6AY<fhw|HVVwziz3=Cy&A=OYjERl8Gv^=
zGzgNMLH=K-z}4PjtCqF(b-)eO;hc+HPc+BC8CQF*Jk;k&uxd$Q#zy+`RD+F;4OA9=
zTU}LkacOC==9-tawY8<?&rcZ&)0N{O-JiO<%bf;mqoSfvBm>vSO=xIn=6|*3J$?G|
zsxY{mHu%)ltH05nezm0@B9XvA-@ku<@ZdoX)#P&;TC%d&b@Cbo$N~!((rNTS1%)Pb
zgr&*erB~bbk|;DZHC^X^Hp@rSe-h@6Ypz|JYeBzbqz=QUgzVT0PMJ0e_I%iHMmF@K
zi;Ih_>}${|@n|X{Q7mv{?RCfwApSfp?%kAU?d--mANmd1Y`zx2MZqVotgd!-bv=~!
z_x-OjQ(QcU_YOD3u!z{}nVGS*&oeb`r=<KfI@)4cjNdoeTLw7PYbvn3y6WZbj=t1A
z<}ODKVxPYE%(G9=bnN8iZ`9Svw9nIqTLK3_slYEkB<cA~i<?=({V6LE9QT5nT69#@
zv;6$Y-@n0JZ@xBt<sv02S_WC@%?&CFSuGtMbf)NG3fYfi?u=oeMd&d7RbGQ`?WcF$
z7>eYtRa8_Y?%m5kkzP?D&dSQl!^0yitd;TUoPxrk+iw99lrukrxaMkchrIsoE}_k>
zedY|IrC3Qx3H?vp|KAI_bnHeV71ddyyn@0dI$+Py>FH^AiBkt}*VP4jdcM@j>wjUh
zFM9aKjT`ilBUok-77m>DebHmTXYXEhWo4m*w*m3b-rN)40x4#3d3IPK=5XtW50?5O
z?Cj^#FHZDToaE$GNWW;0>$*Ji14PvP;mwwjf56Xb52aI6Q~NtQ0CUYt4b&fq3EF;n
z3d#(o5X-(a(E}P9N2VuR+vk02jMFcwq)KS#>rD5QjN;x<*FTW-a>V+=**KO}WoM6K
z;V|$S5_j#QrC|FHDQ1!O1Fd!d0zpkt&YYWXm)W~}x2l?&HRG?hoBdk|b)Ew~dxJ)O
zn3@{1XwydP-@H+b?JIZ5FvwR!NxyKxt-=sDj)C8JVr=YgvnBfHs82}`k1+}o)Eq%-
zI|qkMF6C!)|72F6=%G%vKM=o^@#(_@@whCTkk=nSeM;BN;pXNJ+sne2*mB{*g|l*U
z(5gU|eojxz;A8<5)U#i7+kW}>&G+X!nhHZT(m8zcg$pgIUIXapcuT2)!=_5Bb%_>t
zs+5nAY6mYbFRDOub2E`Gm=z$z)zx)qc(|pdrIGT*pFe*<2eBcKhTc;?CQIT=w1b3(
zcVH(9B~27mO_?*E&-ip}49WvGZv<xv&$zP~@THD{L2_K&zWw`ekhrmk`1so1zsIdj
zo1+Rg6<};jI}N;bmUPb0(9qLUBzl-m9>*3vY{-|`ZGi<n;=1yyH3i`E{OyDB_wKP1
z$(#jWmoCL+AKOLvK3qLR88qze<yCe*LrG2TW$z@rQgW+x^ziwZ!_3Ugyz$CaRaG={
zjA6}|LclN*M%5&?bEI>4yFor5M3=c1ei}L2@X*IkmzTX~xn)VtOo_^we2IBgRjb1>
zG8@1fxp{d?v49I$0Jk8|P*eAnTv0bMd5A5j+JRGcEOTSZzQ_fYZNayu`#A5*{>YVF
ztz0yk#<y>|<KLt4-&(X*P`HUV$dbU>@Vy_-6WvAi_98JXGPTv!YafzM64{DYq>mhV
zoSPdlT>kOnM~ES)vh?)yX<{yNDuyJAvR>ZA76*~b*RHK*siwTN@6j|c;7$<d<Q&D$
zfD*+<3?3GXWxsvi;_6i{S(168_n9+6{f<jZOAL~nQZlDhJAVB5!PHd5BWd=ABCh#`
z|ElK?Np_`(nua|$L#%ol8qUQl1H3^pY%sZe<nFD;ZRB3T%Vv`-?f&~?)Pa*&4eYed
zxEuUNl?%Ot8wtbZ;HMc1F$1U>=7Gm&nPb@-W2D-5P*VO|S-E}i6t|!tnSOj1bL`C3
z9=dphx?VB1!No8~>#&sf%=I0I^@=USwYdGq^UFwb6tW=Z>M0_-+3*TT27pORkW&EC
zjjB8W*s-K)(QJ0zcw=64%jj8}`LNhPclRyQpUKI|KYzIS`LQ9F4>?r>@TqXbozKwV
zqQg2y{a{ymSz2m!<;qFwkm2%{5eQLKyLX><`=z3(`5C(!i#skh7BJ%`iB>Y8vFZ|c
zd{Z=Y6(mJaVQ%6Z$Vk{A^*>O{?h9E(cnithVs9Sn04bHO$;%rj%Lh_EbH6`jKm@TA
z(no6m$L%gs(f9%hf4X*cimV>tFw)b_P%E%k%!BM59mzBbAJW(>g}!+2_$6H02Wq1O
zHP^Zdj824|nQf|@4Rj~G;w7}adpDyjHzY=%s&=KMhi=#QdV!%5-g*Hjg|?;dM_gSL
zqab^*+}XcN-o(TNG9&0`0-sR?$#=SD34)W)+VU*;e@ZI{)cpMO8R$vF<){ob#;C-N
zi96Fqq47TS9twxfij%rTXH}#J4$$w2_78LtcxxMWdnW!jM{DThsg`08cZia`XwY_c
zC*%~RDhdnRp|?V-<Wx`VL$_zyTvmX9x%-ev=#3jt#M4Gm?>ojU8Q((U7;!~+Jq-Dg
zy8feZey6R2ND6SmJ^cxz8L6O18L)<-X7p$BiU0}e7^9;w8+jj(wg6$Ww09EVXV1;E
z9B~!>j_u1wZlA9gh|-%b;W;6~=d(4Y(^ebD$jF(gIp!?(#kN$eTKPjTE79f7e!{CJ
zA6~*Osa8pu<=GwWqdpseHw?YSMtohMw%lK1WjxcnIrv0&D`kFOovs`F;p_*}YOYw`
zCgjWnT|YiC@rqEA^yZpd`#Z&1%fyybkp7-LVNcFNaoSj49UmWW?7BN%w`3Q1>@ZD=
zBUsqN=EmUWzC7=${#wiCSa3Pe=#A+UGWWl!4~(gAY!C=0zeWf%CvRD-K<ctdcC@pb
zmr6I`tT7(^^5w}zu8q7r5G_S^<;>!uA`L&Sx<3@z9XXx0owgosZY9f>{_EkJx@g_w
zi@;535-^=^ZTq`}OMyTj?G7N2!l@Y7qWF|u2%p>EY54uCeOsC)sJLyN<lo7=HX#WD
zu=)PX>F$lP0MGcP68^R3<aLIp|KxT1w|?0G384IP>VI{}cKyFuXa9eGFlPYes_lpK
zM`7NAiD?gE)yPAF8>at;M9laSFZBIl0L@UJQzO86<7rV#5#c>~@)GW~AzyaKSo}SC
zVbvH$L33a<Y%w%TtDcR)VjjCvgH*NA(4G4R0yq6{fwefFu71u&-BJvK01yNM7OTj<
zWAEW=*AZoGj)?syz?>mOH*`R<w6(Ky5IH2r#m85Wo2x992D45;#mA>&Sx`ubmQBmV
zB!+YlaLTw)ff%2Va9Adwx}@Y%c87<T7wXjQtg*H>wb`|M_wF@DGPEb3vYYCwIB?(q
z$REB01qHEKMFYHWM0s;>4iTDMAU-fPflD_wH9_K;`-Hjxi-D|?ptPWI18UFBxk7G&
zxCOio0lqcubQKT_bfTi7yJq(VE#7KrYePZ&Hu?7^OMrKC>@jp->k=RQ1y+|ipJ&zj
zNTSJ}J$pnLsj29Byhq}7p{_!haCLJ-UAZ=z>SbK+46n*gI2l%9R#w(_D*A=R#r|c$
zl~?)iskQ_?eu}jUxvH|V61|U+%^h6|LO@?%-~JOiVocG4&{v4*kg4B~%t5fvPV=<|
zN&;}-9A?>6>{x*EQ|><Y86dW9W3dnr0p1D}7Ae2w8I)L5)Psi)^Et)<iKwZyVe1@^
zkns5PCH?HpH2=Rn_|=f$roWY<_e!2RRSKspue0EC*%bO4q=*{Vk@vR;$wWD~`Xfc?
zaJh1(vYJ}Jzp-rHXL_@s6zCG4g>RE0!oz#2yrxmOQIez_`^ZfSz1RWZ3&k*!p7%5C
zrrR7mJkP4DrTF>zg@lT8a(1#k`E(V!-76Qv%a>DLn?Bd$G3SGEgL}F6^uovHI8IUf
zZd2idG;-jK9VgDjT7slEu>{%+AIw%savd%MZ7vhwuii2v#X?IfWcT$MSWrQExt^bO
z*O)so9q0)%ROm$=9UTjcqv+0~Gb|f3JMwi>l9FshQg#O8vc;-!^g_}DEun#J0&g}D
z;Qo+^{nMPBbkNVAo>has<M~Q)97fgNSYU#uPA&ep$x@J$^V;RXuvn7He{^4_J?COY
zTdbF`@H*z?2+m?mP&hZ2n`CeVv9Ynz|9)pc)_wQx9j>;z^a?u=M^4UhVc`X+qUVXT
zQvC7CUK8DHi7lWYd7ZY*dlcN=Ul`;YS9{N*X+iQ`9Ls*#mMXb~-U+wo_xSj}ardGG
zbrlsbL<qoBzkhoV-xduH3DHkD?YI2A$G+g%GioByl=1wB#!1h?WksGh=l*9FARp_F
zmwMmBk4|?wZDCPiyIsW<H#dLGN`$}<^exq{tEIKPvI1%E7$;|9Vj_&%L$}W-X92x}
zU{lBzb|uEgXJ%)Ym6mpX{R+QptW9$I91*)rS4Sr+JKKUWj0BWSYZoZkgp~|U&4u+N
z)D>lAWk6e;9>hLa8Lie3cNX504=De=<Q9Uz=>7}Oo}E@`h)I*F4cr-K2G|BQQ%yw$
zc8+Z+pTUb;WESt8)--EZ^T;rMB4z|7^7{@nnl*cfOY!jl_cRnma31g7qr3Wg2kPpp
z?>h)IEycmCci4BT&q7*hDc4Uc{gJ~$AOx5_KgdN6CrnFu%}Wh_{(L05`9IYR<*HF!
zC8UvR%NZv3O_+>XnVGUw(gea9dgur1`5i2N7xnbSZVA4k+VZHZY$^TbVR#AX)?J6o
zp$DD8q6yqw9mKVeNL34FrOc!@CK3RdP(%&#=?`yiA$*shp%8TceNje6rmA0BZ_6u5
zyDhKTd2ldJciF|yT;?+7yjp}~`G1N+b>|2uTg%O!d@j7=pf9vbaVrP-Olkq$TuxVz
zqZNl{2(RYXP!|J)2or;KgY!#3iKEV90mhz?^wJzc0|gk!6`S?o%zp3pEiIt17h-<`
z0_|m%V2@YsdZr&@)(v>Ydsh+WC=55JB0XaW$xtkC(jcwS2Ohu&lai9cM);h00iW8~
z*ciB6&mw%V75uf_Z^acb*Q$j+rS)rP=OU1P;9{pP6f_FiXP3*=xZ@prUrv619pYK#
zzy5C#cxeFX17=#<VvD9|)WG%CrLM1E+aAhnB872t53?Nc^v3eALB8jsKnP>yJ9jT1
zdX;qYN<*u$TB^k2`xAvcu#iC+-jX2}%B9remrJOOF;P(}7cN{bwT*xHa1fZVqoV^f
z*8lsfEukL)0RcWgSeGpSbS&u+i(dUVUI<3GHdDX%=FOXSrQh%ZnYnjI(alimgIS+s
zXK${w2e!4eNCvDeqa%Rrg_6)Z(%>}v`K_V+Lhpew|L@(=m?##R4dBvk>r`m0tv06H
z&VYA<0P5-8?{@^fe$2&v<j9*b_g%qv?%a9QX*)bT45ZsT`PStDyHbMHUM4XC`)+|6
zWAzSqXyQPZdU}j4#Y0RMvLs?KBhdC#f7Q}de@bHFsJjH&ttQJd*u7-$jgE#!RznLt
z76zW2+#8sRU~s57P@>4HMT4b~Aax1$MpzhSjj_z5I!KItFDOL_hSlCK@9!NavSn)e
zjD0><)@yX>($T~gLFzm>)1t9o#@rFlc%TZKL=+?@loUM-&>A>ZF<M+wLL>Jd5gk4_
z@*Eb79CsD3CX-DITmytd4ut9B7Lb!6W{hx!c!_f8^u~qQDX^`ltLLNjsPj7C7u%bf
zvbGd^^?P(-MKvy<9PFThi9#9odt#z`b*c(-LhWWJ8Ws>c-L4x3`3Z{bus5uXjQSy~
z_@v2r&zRzzL10kE7k%MO%Q$~OgW}=nSkTRd)-d<Yt`NSkCST&s&`|7)O}q`8@%ZuM
z$BrFCt4E$ATP+p)p$dJp!fh1UlcAv@3fZTHh5X#ywhj(8aQnC-G`ZukBrDNm8WN+h
zUcofs>R@{$f*VVu@(BpcPzGXmEgt}{Kr2L~!jyOWj~mRdl`mYt0^y$e8IXGL&>?h4
zap+fe4?4bmtAy!<P=>KbpLGeZVYxGS5HX$H;wQhAc1<;&_V{zJ-|?Y@NA5C>PCjlJ
zJE$VqVAsHan#Pw$bf(UKf53U_a`cn&UAPK^cW$JmZWEl+7jX-+ULVUY?lbq(u4^Mj
z!~rG*fc_%W^>3(t=R)=owr<-tKQ~w4@&?VGQ|-aBMZ5<jJzLw{?k8@OQNLi`>!t4}
z5FA|xb`mxxEl!1*brmEA7F#DOvUkPN0JjomEUE=|DduQFNIs;#1NwDD{g3ZH0i@o{
zni)#8Zm-F2@yW>&D0SU55Yqx^!^|K%VgKW*hm;?C!f<{ITj+%6HFI-wUtbCLqOE|V
zv`Z8Nl^%JoO&J?TtsyjrlIjKa+}xI6u#FHj&eo=Ru<xdI;q9#enO!}C*k|9Z395hp
z&%kr_K7x0elcVD=pTleo#r9raOQr2zRsD63<&Or)%Wuc;8@+*wTCK&sj`H9k!K~T=
zL6*N}A-37lT>oVm`73c)Ec6aI?$}t7LB2=|ue9`lV_Aprq_fzBXH}1V7EG9i;%7bf
z^!x~*S(oVZ(3kY!C)ciB%h$=%V~A8*Gzl>vfohC-R;~W~2aUR3piAF7dbq&9xcmlt
zy#P<k#@ZkPbdJ)-dQ`VYeZtQnHL*HyZ5r5%l7b@Y@af9h+5mvYrG77#_IXLKDSIcU
z_SRN7X)sAq+6-Yuq8eb?<#dd3MeL%Yk^~h;qjz<kLp|$rTmmX=wVsFEfbFH3(^qqC
z3FQ~d7kHUHt{L0zd=#S#5-=#who~uKNqPx2h?0!|`2$#UH5n+HkB5g{>GP!LB|6yn
zEyZw{*p;yKqW6`VX4y!Hi|c21fU?Iv=87I>r`=gE@E=Eua{qth0LUn%wCWfeZ^TJ<
zqHGr4@X9?IJ?xz(%19j^9*!RB_j41{2V|M^qy`)?IhcjKMr~y!d|9es5<NZ4^uCWD
zXQ~F*)i~mkRI<PhfLRI+O1VWvQElEfHnt|6%zpCZCk#4xmH_I{4f0Xox#M%o%a@TO
zDa_BW!M@f@fK5T7FoUzt(_$-}Tw7a<9n&AMI*H5pWqk4ft{9N+p)Vi?f&Ag!yLVAQ
z7{eMH8uWPRLoc2?7iy5dXXj3Fm!XEA&2f^FlE6(aOxVQSEyZ;5`uSgBXrT}rU!yWd
zvDiPW#uBtVvG(PXdJTeLz;~=fb2zMUukgvxQxGnpqNavG0BH@lvR!7=4{{XpQ%Gjy
zYjIB_QT6kuWpWle+<L=4btcfK(o&Cw-=B!-xHBI<e1KPb$EpWHqEp?vj$hvIu`!&7
zMqcMh>kn6LY-lLV-rZp{@tfTqX69NU#l!Pq%-z$=tNp$p0+}CDME5q$uC4i1^#?RD
zdqEt(Vr>oi8EOOE!GpKoA`bvIhJqO#9gUaWkh`0ZAOie9xb{obw`Rap;GJbLhyYBT
z+vm5f!x+09=Czfe6f3N{IptLs856VFVzTk37@{Mz1}I3`9TkQJfE(~BP+niYc!35F
zB8Nz0T(fuD6@3v2iEm@>P-1|qLC*B@bzE-SC$_*AM-VS%)rgNlPBG)tM`6|fz?v8)
zaavm1$2xf~Ow*H-@<fOYhz5Z2-H<aAU_{YDb^x~strq6(B-UXtD}^j+m61aBdmXf;
z;=s*-j8BYobnGy6Tr19Jh&z9O1>2#qLoE8_!Q18vqNvDQQAFT)5#`b^QZq|v*}L)c
z@%{4IfO+o&n$+)DW?UF^`!<4I(B4%Q6+v>m2K~!4bKq>T5@%fztVvQqbgmGNMdW2F
z5(Qfphe%H(3wG;)g9m-F5|fh;mh`A-pbw0SsTFqZqxdv1P<w4@3K%y>>yK*%Im-o4
z)2Py2DZAtLfs^FS!^Gw2+qap8EN>}i(o)5k0Yh-dM`VqG^0uakvYht4mo)}Y2S&EK
zAVMN$?H9laLIe)p7ERj~X7=gRC#)qa#`EbHf4f)W4Jj&FHXT{8OKKNBUw|3~ag`iG
z!__UeZao;Ue9Gc2bu2sT1;kUBYPWB%BRB;MiVW{SdQl|60-)ZIQ89%7BX{iwYyBH;
z(dguPfU9C7fqPT$-OCSc-`@VG7$4xJh{((I^y^kVWILRa61K;`fB)bzVod}f4Th}?
zo+uVAdg>H%nE^=U?7Hz7i@l~M)k+^ZnNovE&uiM+od}r$4;k|50vn)kEcp5(GG$zd
zEC@Wa`-XgVvk%cg94QBSXk$lL-oIC#HA}MU0S<lsT;OIsDxOv7MLD_Pb4PM=bIln!
z;K&FIf3Yq>Isu#gzDgEMVd{El&{5|tAT^iE7oX2S)Q}uFq@uE5d}}Fm;P&~*M!Aj`
zuT7D(ge&w)fJabJgClNd@ORIuQRIj0y7<yYk4FGuu`A6<@$Z?1mkl8t5#`1Ru(ACJ
zAr863vLBD2z3d@Cy^r5TjETsWq{8u1nk`f;It9R>(Hy%uo$JrrKt3Sk1Ktkm-(Mfw
z(}QSGSGQ^0aQV}xTyf1m$1KVNsOwD`DdAv$*Kv)c2pVs2dC)y1(+zt$==JF3j^u_m
zOF%**eF!w@ha;t;gaj*_<S-wE%$-jwlC}7d-XoK#gzv5uNQnYMKk|Vt@IN~G%#V72
zbW)xwJnphyW*VB=KDYMW2ZRvV^#&yhvO{Ruv5XT5pv{fdT{q01n+Gv$J%f;wMa*dt
z`|jtmfvIHEoGM=jt?2_W5zyQ2uR`_4?>cQuBdAvUym1)cj}n97JP!S_4AG|KkJ?JB
zt6eqgj*gK{?VBP_y>0vdN|?6wF7|!;gfbkCwE?3$Gb<}1atxu{%$yv^iAqD_K==SY
zAnb_BkgdDiTnQ`;oxIkTmX7g7up5XPU&j}*J{J~Fmc4iZUr;Yo6Et&WWhH!v42b=;
z>6)@l*H*mlu(+$Gv-9(QM~Dc4CMGO$S6>Hj*UWK0Gkp-(X+P!P-9fCkpfyM@d_2qI
zzo2p90+rm;vNA7dyO5~T++dfqw$?zt9`G4uh9lmw0GJ9Lb_L{mMrsqG+YhOdqI`Ug
zNNNwQ2&;l4%>#9}zk9d*J0qqc1R2HCu0L;;zdK1brm<~Js=Ys13bBQ%a9l!~0~TBQ
zUqG~&>$?e*A+JpZzI^@qZ*>)VL+D3zQ)##v8_a`n{`PyB;bx0PBc5o;5qCUZIbON5
zzaNy)UBU>u#PV7+36L|6Llu{*8)OXIn<R%zqMYf9rjur=6k83r%%Psfa~P>RTtj$`
zA}J1MrWtS<<SDE7K6?IqCL=}~k`ScUM~_TV31A}*vaBpXS{ZO@V%~LQD=^apD5t=c
zHYRv51%pZ&bkW01P2rq~5~0{lzPo!AG0vhMd$Q0t94*NhHYSrK#~okU?>IXRZiRZ~
z!n6cNCM+ttcY${sV8xptbr~4807@2Q=7eVGiF^rQ5KLj2Yk%!^biRVNG?Jsa`<R%d
zTz@KtlG^9-vcCXESn?3{8kGCS+=Zx*Qf^CW{R_tvjqa0eDOulH>T^>EA0caXXzfty
z06`*GcP?e?<efZul17fH336uGjT^fcjBqTiPGE-MLR#F%l!~7|z1mZ3g*Y>Jlgpl)
z^|qx@P*9?U#l<TCP7n}9&MgoYp||%kvd0{8&Fr*FsD7@l#d7In9kr0$U-nY~n;TVB
zRIn?FK*lR8LmGMX=g%iuS+VRr0|U|y--P3uwKO!?{tC=X@jEUd(f89?j4R?Bupaoc
z^rJGs^E!ItZn|1z!KSLF)f5$%H*|$n5smTk@){i(0mp%zcS9~+Cl3jkkdP1%SGDZ_
z7|oJQd#d^iU>)p|H#L2Pme*qs(*@84ydN_I*ndn-KxM!RXxWCfeo3si4xF@pH-a|I
z7T1j8iEKshB!D72I|Um6CoDZfzEPjr$B*Aw3X##5XaLyi_x)<wZmWMMv6i0y&7FIb
za0kT^i=GTcYcyFwMra_+LmIVna$<S5{?_aWBjDBl7(J;bVF)9{0R`^+6~?~z9aLLT
z%pc|CglCN%QpY@vpTdO;kx0*Uy*of>%t&b~z_>9R6Bv5)<`pZe-BZ7yG|uD&ndyNc
zz^!l+N^02oJmgZ;A(ri-<lqPn1Xt~C9ONhyyvon7S~G{~gOK+z!maN;AX^24kCxJW
z-8g0*4dOBfjqj*G1D5;$E#LD$5<#F~Qtj8WwnSD5Y?xEX&RFs;bkx~1HNEDsLfMaC
z*oqJknjqA2GM8v}>ARinlZpuwm%dA5C#ma;dFlnA_&=K!kFIwy%-4a!N4I~!(b40{
zS(Bct{Myb00;8X?-Yzuip;y<pfyW?FjbRT+q4&kztTE{DAAOdo$)*$@^|yfm<Ip>5
z*;KoB<vx9Sh6oz1pRW_~7&s6zG^SOQVtG!S0J`HpaRMtuULNHVLH6%r1O5G}X=w=P
zTb1;@dGiM91W68Ayv?;y84!>Tb(#JzU$pedUy8Ao2!4W&8W_Nte&{zB4vSGa6KW@v
z7z8co_d)(dlLH11W_9=Q;5B%`#l`g-V*KBsAw~48lk;+fTM-eyP~edOqdR<f1JwXw
zT3_sM#<0`m4J*C!L^;!-!gU1NDzXVaX?2jh!Ia<+f{a0Y7C@Ik5Lk4;+X9FMDSqUC
z#GtFg3MjYf;7C;~15VAqTowQ{B&^EG&JM8%aRyFl=?xSpeEv@;wlLfb`Me}jha4&3
z^>W1BWzW&fA?N)~8M8iJ#Z|y=t1TPwwS&)sTm$)3<<h;OnvtuN*MLvcq$d`kQl=(U
z8wmHPY`YO0e;Y`T``+x6z7z3l1lvm=J^BtPi&ReuFd6Qeo}>bjmGbg6$lM-1AGO@^
za07|%)xW(?M?*a)ziD5-yqYbu-u%P)=jbT8Sd5JD>K7ws#0ETuECxgzC|i1!?l#DM
zs;Q~@`u>BPAnG(Ag*d$`oFe0DF;32#W{eAG{RzJ}3ogL7t@fG6YdGVTfeh!C>NaZ%
z3kz{r2>l~svH$>vU=X>+f9>jmI0|!b9{f&pBZaJ$A@%*L{^s7mxn@qpHlUu|tR45-
zzxmw<(X=>ranA`oD2g2&8C~P^^YhS;QGj4Uq-$}*;PCyoF!t)zE6M5Vk{2)N*zO^h
zX8L+-h2i1DhojB9(fG*d9vmrC6S|9Eb_e;>)Z<QvnK_mnVp~|h?E$>+697H3tlzU2
zHv{sTLdOEiVl6_<U`1{)2gu_l7?5EM1Iq_GKBnYUa0himlotv`__;YK`5;X|2&|#r
zX^G92M7A2^nBiq4n34CuxCwMvBx9drePOojAI4^A#_eQDbMx~^Ln)9N5X6DGy$%|H
zIteq%M~$>fEkIV_*1?Z}vXc@1fx(Ye5M~BQ`@#C8+`GZSLGz*ollX)60!&S?G%d`{
zjRV&g5%-UH9JYr!f^<Yl(_RdbJ0crX(+(F45tPFbpOW|3Ms)Ht6fUzvjhKtTbjh!g
zky)w0)yXnsp=M@gR^~^Msw(M`GJ6vWPFIxv3zraa8^j9Aoqq(M&+z$`bR{_@1rrW~
ze)Fo)!$5~*+f;~;ZwiPXn==4+kvwQ}v;H~>a>FV@1qgCsKf~h!-$05V8IjZKvy5RH
zbf>I8FwWk{c=in7>rbobpgr`b!b0*oXcR)K0e7wp79aRdeooHpkP}L*C~x5;@qC9n
z#5Z&zCnx?eGeF?;8AX_o0rSN;3hEIWJsft<FSd(FVPjQ7F`II&fCGUICx?XRLusH?
z8aQK~?3k4Lj0?HA*xA*Eu?&pfTxVB`YZeAn0KiXd@%a6bE#fgrPABh_w6yf`<LDXa
z@n8vi4hWrN(qX@==$%H6mFepzEgP`DR7IW=;U+pdy8Era5T1h<hbUxn7J%l{i(FVn
zCn^l5;s>E;J6aF)(Z*)kAoP75fUbn+f`*pA|2h^wBx7Fs3&^3%Kzn8|@zWslzU#x~
z=Z^dkYn$}MecA}bhZd=ZJ>~*F!o}1t?{{QsT6M~RwsauuwSWqDJT1j*jLW&uhM!wY
zFk@^VB(kNA+9cB-${_}uGUAQY^%Szs6^2B%ry%CiZ&J2=Z$eLi3`@3B;p8GM1p{?k
z>QS_;hYJ_}tHe2$UFJ(Xt8jv>MFym^#n6U736vx^HQ62Q!(<h%dY+P%9NM(Av)jjM
z2|2W!lDhtdfy2d%Bw1339yJ((EQyD{1yOkHBi=n*DrXTV{!Sleb|02T*O5aFoja=U
z6t!BXAg=+KnA>T)+WrREeg?J@c}NT+PPpFBJ_*8A0lGvM=I_!HOP|*PvY5iA<ci1#
z_#s(f+)t>!lP9*5$~F*35rAk#-hOKH1EzFH*HTBzI-R@;I6#p8ubuwX<Ot!`1<^<f
z*`S&(9FMiY^I>&RTF4wYcoUOBBu1_#OMA~eQp?WZvIVBumJG{2$nH?LC?T&?Irb+U
zaRKU*9(#a!h{LHuR?5gLwOSwg_zV}pu=f>Z(4$AJ)b%eN`*SaHfgMXqNHml_st2&F
zs@frJhePQSdA<b`Za2x3fG^N@Fb&lnbw!p$>A$uQCsz*S4o?nP8R9i6Ct4r+1&k$P
zdO`v{B$+L(U>dJVciVH$++jPr=de^as62eFsjYR_mK<HSNP((9(g(dOe~FLUvSkZd
zF{~FzQ}xGGT6-~%{T}=*#PQYWmRr|KH=P2+_JA!C`lwAg1jtAVm5%W<UQs83E06fr
zaQS~V-}jHY9^gBW?7!q(0t6FHqr=OI(Zld@277wMZ>8jTo6+4-&O|k2Xdyd2H%?#2
zCFV3^{E9h9Gzuf`_&r}eO^IwgM~~K@*oiE0bo8DCtD0DxPv08>Y7D00XhZZ?kMg%|
zyT~065q3a%H_r7;h}k3ZqGQF?`=67=|GRiZp(@3&&%kA+{ue-m9_m{NWz;w`>iVrA
z!7doY4R!pK8RUJvtk>Q%Wj6%6?_a;)AYeu7WS8|ic&1Fgy;NmG!#?IDAjZ5$Z*mX8
z*=|OSaOeG#)BQ%v-+68SQGM5=-$|@@F?*gk1K3zNqsjR^h$I|^qb=MOwH5V?Wu#Q&
zj0{Fl60A<&{v{TMPa8Y8$h6t)s2y#wb0{$KeG!lBhI8|F*>dhuJK-MqDgnKlvD4W&
z$+9O~s4+LqrJZ}fTP)%+#TGM0SMk&lt4yi($W#2XB*tjAADkj@8{o*_F3hhu^0kF5
zOmZ6L<gUH;|AJ^u2g3;n0bCJ7K8MYS^#U%TwEQz-(MPuw@mz>yZz<+WymaL5E~pbH
z0|E^48s(JONo1G(C4Q@;Xq=S2_XW3-D=7j=DhaX4o>LQLjA2cUoa`LOFla=bPSq%%
z&&w+o<|3tVmrgcTsvY?+wsT7Cbn=Z2Z{rh<-jF!%Dj%b@G1r_MDZU`a2Z@Pv=iHH%
z_5z7u0T<VS*^EI9gSqrgu6TVhuAtq|d{&dLeV%9B`l<nUT#J<uG;-%|(6FJQeT>P_
z*cR&4ZP(VqvY#9YWfXOrnmE8XyOU5}y4#fSUEDbHtCp^D!ijrBG&k#|-M%tKk0{b2
zNS?~fyy`i9@#z=kcp=`?ajZ%;b%B%df4(LEc|OCoGhB(OX+J}1Nw0&LtjdFXoVxEe
z{pTo}W);s!wYON#xeRj-QMhdMVa|$M=j*+5Sei|Up(iL?@wTcmM6{_U3zZfYmi_dj
zk=H;@*mi?ivaVY>R?FA(WlrAs%<J`ioazS>gtoGM`843UFe7W>O>ws4;_5bnqr<ko
zojgPe*`YzUou507w9i)u2ATa!tveuU_E;__f>G!kU!qY??uUcoyP9?;c<AaFzcl!F
z{z)bhrt!*FMF!}qZrLi0E=+8%N8F=R1d7@}U->h2IOXJBv#aXG7H>zQQUzS(91n+)
z#AP4F5(xi&E<o5YZ4x!mLw%;^@nd)I(A^+$#5Z$=Q|!FOy7R2*9ks%;-U*M=(z_a;
zD$4q&tQk%2cT*E)TtY;55$g^4Dl_u)^Gf18s%XMe#f>hS=vtHlw#PQ_huRkQ>P)8c
z4Ym)qMfZ%Wo&PLr<Y?vU<Za(#Q)-Z;;wV5tLAhgR@FRq-;<(>b;+Eq0B_%>PnO3F(
z2d_OE-Ts<H67%#^i)nT*`st@|t#>v<LHJ-@b+4l?7oETlD(t#L-5O_zY++{3a`ulD
zc*g%~H86(t<bRE&8U?RZ;Zq0>8Wy|0FPQbIRxVAB&9O##?ow;TpBK066q6-Uz?`6E
zV17etDVAzC$|(@?@Pb@7zbX0X_xpI|w2?j@Nhzy_(nBuJOygJWdh4by#2ct;AW<yY
z+bhGr?maurvTKjvSHqk?G7Ds9MsS<nYZ`W#n$jyTbJ93%sLy(wIz^`xzPF1l{q2Dg
zYYRplV}pocu`p~oVz9FW^NW`Kf|gI;s@Km4GtzSW`h_`|zAxQfT^C59h&^7lQ&+tp
zx_I9^TGD5N>)2h^Q0J|jJ7dq@4<f0N%q69x@kxQYlu@r-sLg=w>Xl-(a<yo~zqAS*
zZHm(7if4Rtm7)K0U(|5fT!S_04kn}>1rR$t8<p;m&%1dbVwjC6CcA9okv7aTK6NUk
zQSi~db5O|zshdd1YQ{JJ6iLx0QN$ZKl<Lv#%0!CLv22zJV^m)b?v_{Liuf~eRe@+D
z9N_O?1Knl8w?YL@I!}VMpnj==MTtHQxXsnIHG7>C?ene`2*`%5sMi(T-!7+kBtDkn
zhqG9NT|9UE`3y7tmtFRVZs+#?@R1haD$j0esMo~fA1=Q+LrDm|!#cBBcC6nmnw6-l
zO0jSAL|Z*=-FmwQ^}brWAsT)Lio^BJf_Ci0`^$f4jEXl`McXYl#Wy!U{GEF+zdjuN
zDzNO&d}qD_d6K5={uamKw*qSll$SQTzx_)y{kVCVx~XW>tu65JyQQ;j+PeOmrkgQ?
zGSOxqC$<r0_CKe`+m^Zbw-fFQ0eRGk4A^WP(u-zqw&Ndjiwr_cB<S)DQ0_1@|C*Yx
zpfgqLIs-IOkGT>o#G^xw9l>v;L`w-vzox>GWEeozb^Ar6r`W`QHu?eMUb-}^ejTde
z_%DtI|M}Lj0Vc{_i${?!iFhS&5kN;{fSQn|ab}1mnDy3brMDne=*3M6q>A?z^fb>`
zUtvgoc%A&%h{lF~N3Ts`pR}bZ?sVf#jG26wKo$l?o}NAovILUN!B+agtjGnG6c_(<
zqUsCWerqG}+FEznkOIbcQd1{$l3{azwHM^x6OZl~a|d?bXA!jAseNGG^cde^Xz>ud
z2M1+%c~#RdT3TB}UP~LrtRG@Lx6fy&W$$yNJNlqyq>`KJhh*A4o8-R~Pc}>hspIg`
z6<;SkBg=j{i%HoSuZ|-B_^{P(%c~#GD)$B0An<c@|B05If}9JP2x?YNP7Y>_C|(!y
zG`S452@F~AH@RS>dY;HL#fo^;X5cli!^{dE9J|)|v^zT^eKpGdHpcR{#PT-BIvj9f
zENM`aW2BvUP95p9_rV7<WACK;pQ-HpSAKms6r1#_`9Q3SH~WEDQm~mCy*bf`o!Z(>
zVD?CJf_=y{|B^2$m6!XCjCyOPW9+=>1gwjm?_6Jx7SHa?tu)e>=qvnFRW{98snt@f
zrM>@kh})FAghOxJh$}`rX|)4KfBiz<FXZ*3f^lef0@QEs7mOG4ATtFjcr`h}=>Xfk
zn0;YpPjhp}v+ds9%Dj1QJEIG#$Bk-ZCs@F&B)w8wZHd&EJb8!)V(5dB8U~3`SE?GP
z92ea#{|O70;Rlfxq;$Cl{A}l>c8*mBjAbTbkTP;KeNBli6qg7_AoHG^-5BVt$;hY|
zZp9=^#>tqAL$u)+vUC5)t=C{e?KS1~<C(MG)y2g^jMN9iiV$;vpMq(a#Ds(a<lAD|
z$+L*J8qEV2bpx&R5%qxK1z{x9O8>6n&z$TuSBcaFD<ecS5HEyl47%E7=yp5Hrm{c=
zYIc`Npud$>W|qz1N}HFZel2WF<a{wZZ=;`JlZ<r+3iL&I5|)^LjjxA-!j4fOQT+sM
zL&IvQ8BPK7DTsbg+ZEOzsfTO_Tq?|xS`?9I?B$R5BjDWE$CUXZJ^cq}RLN<*iHT>w
z-Q=Z6obSXjhB-W|mr#mey|(tzySLg$!I^j8tj7ciu4by5%-?Q{hpT;~j26W_GAlph
za<twHx8l(gP3A>cg)8ykjEC)4^uI3EF4df2eKcO#JGt@Uiu6&X&t&oszsX)?e0~Ly
zjY~On7SAvU`@?x*X=yJtwS8Z?M(mSBlK>xA*H}%x5+cF5mVRRAnb;>|V`K1<3cGr{
zy2`G8I#SkqT39%g^sUTk5P3%AzM-HzP|LoQqjlv<cGtKnJ1zN|Ar%Xccz69(J3A`M
z5b$d7n)vwms3J(<&!G<^knL1G`*vo=SylD6Vgp(E#{&^?VTYRVP#G0f)fK<muV24{
zk|N-E6SOMc>VSpR>C;fsK{pJvv=FQ{(bmq)wN+JZ1*ZkQw6Mr<=&dY3+6rpSs$VTa
zD85pMF_<^&J>VPtVEzp2_eEc%cF8#_MBtzRksU>G*C!Ypx3~W=y=3Au5+6{v3Bm2~
z!Gqt*T`WKgiO3v)p<to``58R$B}nk4Z6{oBBHM#`*z1mnOJM+$`OqP9lnQ|!>nm4S
zz~?S<31eyj2@6q7JL&3T{vUo#b8|_4B@~wFemTk@@EAM;q0I+Uw31S|LvN8@lptBj
zH{??w;z=Qu1??X`AlUOz^I-V7;+|(V$q|pcUrx@ikmQoHYG7Js*>HdcAGzByLMPvY
z;qo;mUj)`Hg^sud3+m9xcf3eTOPif_QMN%`izDvGgGj>;80Xr$Mo_S|b#yqCVy*OJ
z+2H}hnmQJzB(L%I?OSLGbn@_M4XQjRzkK;pacMHlY;B04jz}2-@d4bzP3^e0_Nl}c
zW{6+6MF-wlmmr6R1qjKFg;k|vVRikb!`{7nM_t8Zn(D<9*^kFHqx)-dXXfU5za!PR
z;UwMCnk_LmFYp$(8w1hZ7(hp!y6uYJAp&8Jo`*n^3%hxfMy}bi7_*CA9!6cmv*qkc
zp(N!To)#FjxED}Yp-wYe_)@Z+OBlhH-zSG$JfxU&qu!N!p0LAi2l~SEDO#<O>gFx$
zD|YO!#1lc@6{`>ru&|gEnUlwU9D2!O&-#>?sKYmQ376~+AB-?#d;yBxCFKJaNT5{~
zh>D7Kb#@*IlReJN$as<NSYpfWJ$taD$)@pReHT-AV|~Hd==vYs#a5Aw+kQ_^Lmf0h
zGzF{r(xnaz@;8``ioRvMKo*nW39{~D2pqpW$j!^!U*`1C`+T#L%JJKc=81-`ux!HF
zl{RPgZX)1%<;tjT?OZ&@K;YLSaju+G|05{fl<+E8FDO{R=W!Q(j@u`v2w5WyqexP0
ztM#_)LA{e|?6l@VTK23{J`TMJRw%j%7^`p`Rf;uZjCjl#_QSP;X^#R&9F0Z3T6UaU
znhFOhEF&duEZWnsOT7R@Zg-<DVby27^^AzTba}{Y+<B^@qKE@CW6aS~W_roff>rjC
zH|)`Vd75n2G&Sn_S66OLV)`7zKaJ)u9ah%^+Eyke>}_n0vsrq2>M&J^jjZ+Kp;K7R
zUp;Ct>2O!^e%A3hnaAsE-QHYuP>zorF~*jI;svStv8s!eW)2;67Xp2Q93?@x@a@+%
zhWQKr;rHIH#qtE|)L)?6x=;I6+dayb=^G^4)U2z9)%2?oyU)2wZPGY#ZxPwNGsj!K
z_<a6y+TzT>iyE<)YmuVNooftEzVnmOsxQJw@2yL^Q1MZ<Oaj+E^b_V;c7gi`-6(#w
zg}}qA+F_}m@MLef?IFUWi?XA0KaPb#fBC*`>k4!&u8U;U_2`T&{tVg*gPB0s^&cDK
z|NIBMA6!4K(4P3+9$E8K^qsD1vs2*LuIXi(i+h02=y&BmdnVP+AvWsf=9Z*#9&_*=
z#XUT1=ej&J<`dlTyrc11Z>WV_nYf*T^taDzYwvF?ArGK&jZXE*cNKC)Sm{r57~nX)
z6{uz?K6Z62;n`RL2>B;x9gi?i{#6*Tn0M?#LLam-RD|TLb?kG!8sAbgMzYAiZLieF
zZ{Oeo#tit)x4v{(T3A2|=QrX=Q^?k$)(bFFQ*6btMHMNs<Dnp;l9DMZa1Y2KK_uin
zdaM%h03mfXwcK0-V`H`BfL2*Hw#hoE*j(@X`V7UG{`%IWUnCxegZiC`{!t{BO$CM+
zFlw>&`m6uu|269d2S0u!?YVhMwYSn^92r3bFsCa<)1V#-l86g`|4J}LBidVo!Ab;{
zcTtAKNX@;2-dYW5wQeP)P8`05s%XDEg5>09-rW1lAGp#2TYKXTL#+S|4HRzFKeUOB
zg>0D`*!WiZnBE|#A<3fe!?mBBkldhVJzSr-!h)v+1g<p&@^Ev%*QF(!XF60c;NC(S
zBeK1{&t=*o&X8Kjt_0B<rqTBuGVd&fARHC*jJj4JV-`3U_wXDM!vo|=w(`lBy|sA!
zMM{<rq~O4@3nu??0P9PEn@jgTL#$uj_i(uZi7IH+7z#q4B~Smrq?4iB<<L_+@_Gjg
zo*40kp?2m5W=9^jFD(`Zt^;{4|Iw|JKo-NuXm<@nt_Qtu*p=EOW+F+NbR%$xHy6}5
z$xkgKKUxFrug$sy_Z|30*T-iC-cd()_i`hDfD7!%ESrCR(lJdXz!J)1aIk71-vc%*
z`qIeZYQ~WZ!624R=pBq_`AyoH<mKeZ5|gr4N(=oR;N;_y+|%q3MpSpIdcJLJ%tmnw
ztU+<Vi$+h%x4`eAvzVw|ox1$u>L&z`$YwNZGfD3A*a8d>*jBKv)08uja1mn)z=OP|
z>ozyYBjEQw16IR=CjVw~Ake|#G#)fz#z<sqDYoxDPqazqkUo;q8o}_N4zy$ImX_jZ
zOhua2QyO*2JSsubGA8Io5~Xh?uhRQLcYcExznf$>1T)<+XNTwn6ne}!<K8?an}3~O
zzD)F%O~b|7z=J?yNZ%liBcX@K#ysVUxX;5rw+eLUgzJWeFXA*X;VxmNPkurPMjmDt
zI@B@PD112PXsD$=y$`2SEC%WRA;ngWNEFr+R>YMoNM_!7+wW6yb4AcnQz9d6s!yMZ
zu^c?hjq81Px1NVb>EQGr?!0c@zfL@>D5|Lb$NjXlufmf!XcsOz@^i2(g)SuU$PyP9
z7CyALA~*>+02>o3V`9r9fCs)V|6i?L`8(8m*q+L%q0JVfgt29rH1?TnHQA%=8I^2V
zLYA2d32Bm;$datdSfV4cL}WQxCYmvd4hhMUNkq0J%e>E=_b+&_>+OfGt})y9+voFn
zp8J08`<C_sc7mbw`wt(u-3Tlby$lN|U$f9ws5*dg5sG(D5A0r;9Cqu0KpcecJA*I5
z+D@XtK%>#h-zeWYxBC#IvTQmfB?XBln8Im}6ZfQozkkQA*XvR@FB0cN&RO(LWIwSf
z$;c2hvIdcT)j%myBD3gTVxp}%#EV=cf`ak2i&bxRXD757;G*y#0<fSZ!SkC(4D|G#
zO@~4K1Kd!&2$(9d;5N4gAU2~h?@$O4jw=<{;<yeEeZk<yk!Xs5+c#Q*-J@%We^6+O
z>TAm5-l>D%fbIWs4m%c0V)3$fsV1n{h~t_OQelw<-Xv^cx+&6~+HNQnUU3S9JNh4R
z?Cc=cOaCBGk_U<Pu08!lNYiOVx)tG~v|>6xmA^<(URZ{w8;<xut?Zzf^madLY@1)o
zfPAe5<^Ao%Eo=eU_7r|;YoZb5rSIUsMt}QR2pFTnfRV@Pus|1K=A;|uy;shz;f>#7
zi{#r?-7PLu-Xg)4k0Z}#n{UiU`Z<p!E5rm`fK5^7N<CFL!&zJEk!g;I!p0BE(<!92
zt&((jk(2-eRV7+p_x-y=?#Tz}MJQEs#_xP1|MWaK-+e}a#4i+=eh=I95ApFzv&j99
zMHh=$S)tBRn|=S?jo}uJi7T0o@^*yubE(YL(0f~?sH%CU6VKt+HfW=SqOtpir*7x!
z)?t?stY%2rR5-SHsqg|1TN3f*dNVA6rqTG1@hYZzQMH!N6`?qG!1>&P%F=7AVvAV>
zWaA4(>qB2kKX=u?oBOzVT}k!VZ1+xt)jO5%8;gX#Z6SY)I)}Ul=!ing@*}~;q8JCs
zUbp$dX$pN+g(Gu(9;_3rDKcv$h)iCB!-?i6OHdGrKZpxFMt+;U2-Yy@{2`d<xV=5a
zN>&gc$ongem6gHZ0A3ud@Q3*VfFun~&8|oe%=Y7G)wQ+pk|4$cEjbd60u?0$Gl2UU
z9L{Y4FaU$ZAkV?8Cr-2i^7{N?lWXe$zzFKd`2?R#IPn;sRhMh8!`ZcybZ`qo(mry)
zcS}w$OnH3<xdWRpIHqMNFzEvsXInY+r(*5^79l9|{T0|zX%8Q&(;-p^@Gnd(m`sbN
z90*;wdpev3PHl<A^0T#j&>9*Vvd&Tz=dh{5<>~%2pcYWe0K-&nHycEAlam^jkV}?e
zoF7o1V*n~0jEK<d6UBfS%F6UX_YZ0VKp{tS9;K)AH&^<v0eXeG!$VoK7}s69cSD_3
zj#Jao@g4jHoeiEnMGlKtgD@%(Dy+3iZU(|!XL54#ujZ!+#B(YApHJ(up=f`Lo^O~>
zfHXB2jRQ)6bLZ)IIAzaL-a*}g3^TxPwSEKA-@_XZnsYRkAqAib+;mB%FNbGCbU~S|
zO0j|f5sV0o#Lj}+AgfXv0I{F1@Ac^p#`?8|!Y+kE5TZeUpPrRvYkvjw*5Tpe=;~{8
z&h(FvcLTLyatDf-255|*077!59@v;n6{mqE7wk)@QE=hh)*Lks4Y`Fp2`&MgFj5r`
zJ+C$iZQKm1Qb(>Q3Z4dHOql5TY3XQb$@l1c`Lj!ZG!Gx*s+gvi^}#v=O+E~jqz@V@
z?$h*Q9o2d_G7^A_iG`N#=O{UE+p$g7ezfqe?d6TXoLaFEQVM-Lpmv}m0P50KJ_*yo
z=DgW=HUN~$FEGmdNDy^)m+Sx1XO5gnE`aH5*5!I12rz(?6S5;=DS~dg5);4svoM~U
z)2FK&&Q(3kfsr6;=a*XtxAE_4?ErwV+}}H;frh-S^ZmT&0l&T}a$0JtE(8(*1@qP`
zVscInOJA_Pp<$^5^0(GeXw$*X!N;=|%r*MCr;`idZmcgnY;FLZY<pVv;<_`ptC{gK
zP-ZNw7fsgY=59^x^a#6t{V)U0;{)R2AYD0d@E|~NISQarZaf9_IHA4H6^=9DTmYM4
z=&u1UuDKHu9&)=uAXOVEDhOR@&)N~*yCsIjvL((IU+uLw=H}K{UU&^tNfP&rPnw(a
z6F|55!2Irtp2TU4hzy12*74dwuud9E!;*FLySnKdnps3llZ#1e9ewUUm`#FtQ>LeM
zl7f;FTnsn%24bStBbsC7VqCw~tNhw8CI%L5Im);CM~tuG`XlSVU~dQ;LCLA{2b997
z#IYq34?&hr6*2LR(5~%@g%Ez{RuLWs;Xd^A!5_e3RXCP{2Ka$_5KGJ*$UJkQZHUjO
zR=j5yIn$AUS8a>Ydczd2I@~tWN?u&Nws{&Mj*dvkut1H68_ZsPWpv@lgclF*;;XgQ
z>tDNal|To3lye5M060#`1*-;1aWsXvkep`8YmoJIXWa4!JMoUqQBE(o;Mcn#FCurS
zTk-+OYGbCeimJi)p;L#eI^Ip%g~%se<G{Jgy7-xrx^uJe`63dLEyEJ<%0B;16Go|D
z@^7lf80wkM&$S%Q73MdICDCzJu6j6V63Vf!V^vu{dh3>U&TbfN2~5DTsYGPn$B%dW
zy<C<7GKbWX4>Sh*4duQ0IMwr0^!2LVmOy%jWr^C-_wwd5;!cB2$^0QOyo|aQC6K^m
z>8~#4=J`<vwYm>QtNe6rnDcpzL>nT}f=R+kc+4P^D1MSJPmnH3x@ik^@$)fc&|pp7
zMJo@TgM3x~o?=Wbd=;mXj%a&WiizQ8Q>_N_-=c)bf6!mX3Lr)4OKSqZO6QP#jZfg9
z8?#=a(ZDGR5hdWIbv#=&i#TE7st$J{V0?)p$r2lXa>&Lxd+_VxrZkEjJ4jWhbQf^u
zP2^W)Hf84)&ix(?Sbg+~=(uz9JsW2U5ml{Xf*extywRt4$Wwj%A_`|R#PZJcA4CS3
z%T-uqVi-tRA6L%5LFw4<OIg9r#SYY599*57k9cP|x_|zYh9v>H&*0II40?^fWiJxc
z4_4;wPx~V?_b~8maUr)1`IcClxcApXwA3t9TrA`|^-rXtWGGTBF*XuymJF@jn=ha)
zEDTfe8mMU<y)Vb>%EU8#@DCa7ID-}4;dQrRw!RXpPJy_)Dq@QxO0;}hRK!p9rJvTT
z|A;(QdWMB3nViZW3|ov~I!rTyt*&Od2xJrZ&1kRCl#ex*$O_C(cZ^xG!U3N_z}rPW
zYIG4WyV%+;f-f-ko{=p7^vk<nC)!NZ=@z}IvZ}wShFLuspM~5p4v|7SN^#MuBIloC
z7;f&YI>(j6f_Gt=LLYwM0Hkj&Kz^>cZiv;=!fIlgEN_srwR2NMYYfP^;BXDZHNc^J
z0o+w-KA&n1EAye-rpR>nio$#MKs3P>m;&fiEOgu8oe!cF+{D>c=)Q=}O!EP43IHgs
zmJEb9pr!*sd~q?-9h25Alm(0#_)?&d0}%m(e=vT4stis!ApH)ERZiD$f&($)>eXLB
zfZE#IhsSXVuGneCzUM;ymT6ys1;c7t*jfuy`Q4dENjdEa1AbTGfJy{q>blcWL{#&+
zYG?<J@0X@{XF@<1fJVp(wgKCNvvUN5ygp>SfT28Cwn0DYp_ak;3T>yb5onD-g`HXS
z48p8YyC6yvNUo5^&v1-G89b>{R{&P-{r3b3z)u0A<aGAzlcFLd8Z_%rLO{{trfRO}
z4!sLdrSEI}K{9V|S!e^5cJG~5fKpJRU%Lc)dl!Rx82%I%Ui9z)o78_jc>?sh=ldUG
zh|mVTfX)MM1$=2}0PO9#DlAjk1*Up;HGGfS+P!=B0IUVF5kya{P>jTdz7GHlK*w{f
zecu^y8d;|n1r1a}cLYKSxVu~erQWraSOtF3To4_?*MSh*t}kC6V;K6m<%NYt_V(sJ
z;3WhJKCsXwC1AdwrB0G>z+5D?2QsO^kn*9wzZt+uMDxfLSpvM%0Es}STJr;b3S269
zUI2L=K3fBpNU*5DgEr<sOZyL=aSpxc<1+<GdebXwgP%U3+#!D8LbJX|JTy0O+5g)w
zL3IZ0blJ0K{%&q9o_?TD28c}QITjQI;fUV3q^8TmN6Y(PK~k;(=u<^!GGH8g)9HB_
zBDDuzYAQ?faXNiE@#Sk_?Pu@3$sjA9578C88_0s-Logsdo&E!f$l&s=f|yfia}Hd7
z2|-h<V1U)$H6C-|vVyYmPM)psKL{oyM=+nmlQ$wb7dXoo7?lmMLXJs6U8;e+fUKgD
z=|8{~!p8xAg*gV~Z!Ik?K?9lGIpJSB>|kwO;o2Glo}fe+VLUv4l?a!<TYCsh4}khc
z;qTd@P!NlAueGj@ICRT5Q(nSE*r?O93J7v;5E#r4%Fe%1C<OhZ7igcgvi23;vh1~Z
z(hJ3h51I`lK-HiWAM-IDy6l^IwNvilxhwzL$I*sD**W^T0bp!~-a;bLMC1CPf9*4;
z7f<u^-N8~B;~M+G5PWNw>%MZM&<1L5Ks*8P!l#}9$pt<zF6Jw;DFKX)rDGU9SB7hT
zKyEJ-c^GMf240Y;@=*C91E0f!fE;@}JJV!x>u&9i$_B8hK+^|NIIuM;^7F?l87i<(
zOEX}$QtL*YgFs<uhC#v?L*NEEK&w7#oBQVj^w%)=?snSPj`%5h3B9u=)?+I@Wb>eO
zAsLbYVDbV14<WX;LhNvF?~W-lL{i~J;^AXKrM0>dk@)6>A_)FFxbqW88G>CD{^vS~
z7}r+jIEkF!dy|&otOSJ*q<j{4vxSIj@YSFJgndNzyb{3zrTF~Glh0HU2!W?&+}{zf
z4w}7i$ghB%yt|dFas^`P+k6NFL5~0*R?hiT9^-m0xKj>HN05JygLq=CEIrUeVHhyd
z%{e6rS!kf(0|`B6;RwfV@G5L^S;0{7p$grlAQ3=9Ls!T>TR(n8(La6-cBKM+1vIO!
z#OXpCSYjMakO1iGJ3~(iIgQ-p&;DiDgXE(d-JJFA%p!QZ8*76j35L?;4GV7}Qviz+
z#w$~-Abi+3pZ4iFhB4M+o}Aj;QHde3VE2NZH~0E%9WdSyU0z#X|A&4cK$y20ydLrG
zwD%B4abqIM1UP*8Lx;GmNgys9lyBfN1C4zRASM`<L0%U4Yf4Mu5CgA7{kbw1Y`S@2
z#8SQ_WL;w*7wFb&P|pL!m(}nPEspr-&d^p4CtDJ^?@E+yNot4g`dTyRRYyu};V+@P
zZD7g=w*@a6h<xyWt#n8HQn!|t7v_UBzTXgy6X5GhdNoYB4?H&XlOQ`y`svCg4ulAX
zUK8Y_K*e2v4_X6(=nL-s<^saez;E@l%V7XMfcMIOUrbYg6BX7tRkb2B5&|`zK7|H2
zo79Rm3^sVkK+kVz5j=>%Eti)10kIiJlT9&e#kNW9Aebf>z?sFJ9Kj56jMoL;!?}C~
z$dm^k&ll7o(Wy3&eRSy(klx^H9vaFno7U9S<hpWoB@$7qQk01uXH@C$y_Z(mxuRxy
ztD;voeF+eD(ZR)nplOEJL22Oz6~b8|jj%OWETpA1GQOHW=>;GFwZOUjT1bc^)hqUm
z=)5*OT3^N`{{PUmn^g7nFJ~6P;$_20qab|A$LHqg1%$r2h~KVb5Lr`+0i!?9)|+sY
zK@2Zw<{-djSv_~vLM;R0!V-I@3R2_Tj=+AHo1JZ%sbrJ^Zh^VCg}izO6YOum(3e3y
zfzk8p*8rWtPT2^D)_=cppbVA?-|g)?b|@<;f!9}KzY%g6sNKKMl<UKe15F_0`T~>$
zB9}Yo1L^ReKVeULSKpo33l3_4xJN)r4Q~e#F<=k{-8evU7^c9$LlT8DebNgLJ_K|N
z;lCclvf^SOtMtQ`zQJUttp5AcGZ$`XitmXZ<q-&h8!T%E{t-73D=cbecJ{KLA5gy;
z+1a|__6C3sz!p+r<x@g|`r`(&be@jj#$o{rn`h+>R*d3eI5yxEhA0M@196$`A`}~W
zn*daFRaF&jr-Y>B%Gw6C0=OpYc*kB1>mBz<5_@2v1Q*Jsd53}Kgiz(!3L)#yE|7>S
z%(r_l)bCNKY`$f6lb|;TL%b6=@4kU@A4X^(5Qp0r(>e;3<v4W*;NQGFw6!`L=EVoJ
zFYmfd7!3>ov%kUm9>nkXs}U!UH{4D?FC*U*yZ(}<;D$w@Q_HuvqJUo*GpWev2#&=c
z0)3O+8cd&QFUUu`P$Zl<^gRtVuBcUBr2#(&i@c<Z#0Fz-*m(DiS<=Yb=ase_vrvHg
z1_zamZRN}$Lz1d$%~8(ksz0Yfxo<ifAFKjz$rOd@hFb`cnbIkGy)##l5KB_2>DRdT
z-^9+oS0kxRVDA>%L5MGvz+|5~<ZhvB<DDu0_I?nnz3Y`LYAkcYpuG|k^bZo<t06$B
z#GFl&`(%ims)xn;(wlZmq`B*YD!Hft`fM0wn`gTTA3vvUZ|^@SBI-cpi=95Q;O9mL
zQmkwrc-mZUZu{rX4);>18nCdq1T9FbxmmvwcQByXMoJDqez2OQtwn|jl9={D5*|ZD
ziTsRrktD2smPGUTfO0fM=%vi||Kq6T@R$Dl-$qKl>jGPS{kI}i9^d9g41M@9AzVAD
z5_Xr-48aqZZS0PVKmV{F@ntJ93h|HS@W1bx)@w|%o7_V9LL#yBKj)ru`VAg!j90ad
zHhsLa4WWPpnt!Ivd$}**_eMk;b1~rAv7iZsg%9WEGrp<sz5g_EW+5CAwfDho(=7vH
zG#qx!O66C$OWWPjz-c$h9f-#+n0FW{(~Tp$UQ&SrU~kLa{<hs9q4XM`V8C!p_u92S
z&ynu=hWKF&3m<vs@W_phDx6p3=l$ay5!!1c3Tn)2^Eem+F{OL4h>zJ>R2?~j>Vi`B
z;R(FSt}o)N2W?LN?5;_|8jHJ96pX1dbOA!FjE7p84W@C$ECn?lrIhn(?gcJjXK47I
z@3w{7joqx7Sk+(6wmPegPVwir*e{eM7sq$vo(3x4i(u=tArknH2OqPElPh$z*(zA%
z<%YPv_7CX6=05GPm%kk(Y*(l=_;)Yf_QBNVT|=)2oRt)_X2Wx-*tROIH^@2#W8_8u
z%W6$(-#*!ihWN`D@|OyZT`|=@tX#5$C&dg)GH?fNr1LqK6lNd)4jB9!OQ3vtvYj?g
z!si5KxWonZd7dJuX`Mip@TgNP;8N6HZyy)WJDONo(XzI9Grb*u!j#@&)|uUoC5WT7
z<#_V5yUL4|BSLX~{Nx{Ev2qp%fFG`Jc&q)W?+u$A7gTq078Ar_yHI5)0>Rb<Y>%J3
z5XLpTBApPJ5JcfO@xF0;E>QOTkF>qa0+Y!lD!f~eL#TM;d?{|DYE0zFtD!?BcI1V0
z7agzD2D!(Cb<E{7Wl1sBwlNvcvF%7Si(h{1_)Yg{0h4SJMO8j_P#jI=70g0Ye@+P;
zNZ>X8IlK+Q_wSB<2r}J(D5|TG5q?Rw%%)-JN!Y=jjRVtHvh>1c?5rM?2PnCV!#`8a
z=e@ER0_^K1V=-M0JlT@vd-Z~6?98>BgF?n4%Sy#hdvoyOoWUBtte}LDB+LWhl9fg+
zL2b-lxufH+oRq_gZ1sYE%pH9yffs1<y13i;cipIW-N~|@FE2(XG7B8e{Ps(Txa#)l
z$=jps3$vw%lc&D;P40N(wHbOor!!sp{hdS$dGZ0YhdP~q;c4*glTG<~J#wRE8B6s2
z2JCgO8@;V1*@l5hC%z-=^#8S@4bF6Gw`^0qamLrE-)`ZB_b=rf%_E72Y7X!DMCDWm
zyme!G4n0wlAJ;yj?5}XOQ&23nXk;~Dyns28?xyVZ<kY1mV^M2fhU&E!GXItj5M!`5
z%EB_9XjYDW@YNx*10y+QvdFSj%EU^G?WgBg|FC#ytWN9}E;iqBOzUkIipBSrd+8m^
zv+n$`OD!br_)O(rR-5W+<SbZ4<6BS+9)ow9d4mmkrj0Z@=eu1nuEf7=>2mSH%Bd%t
z&wN{|Gfa{$`;`3dIwtF-9$k^;7M)~xKmO6F6&I>d%<@d<&oh1h4)-};!k)rPSbAF?
z@6NoRg|2R53iUHj^p-HbNAEGm5jcH%bx(Ungidja=ThTsa&MLGsY~i=8q}+h{gS3Q
zk1O!H<0f=>rk<}nRQ~WS0Y2P=dg(hOijmDLALi(u`C=PWH@{ganP7vhYzp3K?)yAd
zJs&u?MD;Y|>1KX)V#IyAr9!p3rm<)`Qj$S!sw{{NYUAfCPB#3x&_l~z%E>gJ{HZfp
zj;*wO^sPJHM>zs#DW2Ye3Zf{OCw_18d{|{ZDiSQra3sXKXcm|{KmA=eRQ-C_WQjdV
zpx5G4f{mCERc@v<Fyy<PXP}HLKDu&(7RK}tx${{vDth_&Ux+MHSGDqRoTqvUDcVZI
z*TUCR_Sq{B!KLEeMtek$9}@aRi<+MB(<(bl&3|mGCAPmSbHZ;}aD2!ko3u1$_x<FN
zy$)+RXY5yTCU4vZ+K*o&b!?1%^Sd=Nb<NaXB@~;P#yg;`&k$RC|Gs2<?w`6E^PNFi
zd42b<yQ%a)WOhw?=AW_jxYt_Yr{onXd>0JN?$k|eN`yZq;<VQfxk3q+fQ~xy9|0PV
z!3Q0G^<V9pnsR&YN|U9s%P=-a%I7(kWv_1ZytA|{EIc)U&S`4NmZ_D#xNFf-O_cS0
zE_@hIQ!C=j*o@?TLHKp#%H8`nRkfr&{W#eZd9&?&UfF|4*EW1|W7}IbnM>|sXEXgR
z&N{R>ob;%ReS5hDfBM(O2T>Ew1(#CfwKJYL%PGa&<U#QD!Cpra?wpo0=snl;jLzva
z+LGaBj%|0Oee?|X(7L6F$Nw!yzOL}7k*5E<WPkICmK0LhipLo2Sq1#?5$kAPI%MVs
zJsVlAP@2oM>DIh*lfls4W3E<YshZi5IbZE88hDR2b;ylq-g!(~C%I29TG5zioE}x>
zB`;??^VqH^gj4dNGMUzWM0vjW?fVc1TDprNulxl0Lmq{nsz8q)GH1ET%=@|jBi7H<
zy!goNP8&`dB|z0VIaF@aL+ssCBG~fHuFv8?-`IWjF<IO56F7-ZQ?>TrONypEUY4&q
z&?BGt&sjSyU7me~H!)gfB`e=BT0WJ)e{|7)=L;JL-+gU(h+!Qf7QPh4^An7R(uP0$
z`&cTWm@ss2kIC)q_)MltU91o5Q)TX?w0zQi!DMQxzc14o^SWOfq2LId&Vp{1%hXg4
zBjDFQ(Z$f(ZsGCQsgJtE&`(;#B4zT7djFJO7K=I9$1F3|k`gFC5$CboI$9m?QcFmD
zQ&~Z+Sh0J1&)Tlaf~9Co9DZbRAhTVgwS}sq(C43k-}^GPY-%FU+gLu`MYwCf%>0Z;
zAIf4%&Heb3<PKtM=Q&xguYL}rsf?kwNmF&Bb}BjQiCvdsTvvsszRnL&eb{8>w5s4D
zy%a5*qQe5&T^T|?GMRnjc;AW(mXoC;iHA&V>IClycM`=IHK;_dU0L%+`pe7SMF9>c
zke#U9%-%ch10k$Tv+1v}_#fc~7_5S2TcS*w>ZyxeHyw+Za?Ju=4FcUo7Fo=bJg(HL
z4CV**y|$dGX5>|=?^1TJnPWqfPHi2QV(BiOma=;_J^gQd(y*<uGn}FNw;fjQ#JMNm
zaq=m8W7&R0HGcYu1<j??=tt>2-ZVWMl}k=OlL~1w;=S^gyLPs0wJQGk{a^O0pHZ5_
zjbohk8c(xr?g331)wo)G3(^dw-X=$FPejS21SQ<3sNxr$^sDZ5z9bj<R^#6wg{Xe4
z!wLL^2_}zeoOOhJahHI}xpf8kbt`IH!f&Q4KSeg$KjM!JiXdn#>>f|zb*IA<sG5%1
zLKLwv9@i8S^}Yp`-7#^F?iP0shxN$uaS-1z{*CDqJiWx@K;?gfRBuzH&zzo<`NM8S
zq~ABig?}sC{g&1nDR6my^};T?u<I&t$ZdGK<GJ`=q3dmhuCejNW5}SZo+4Hem+q%y
zDBZdiE<B)uxIJ?#^DlD!6>6b+W47ruo2{obaeDZ|=8KQUk5>K;KVqgDv4&5f5!d_D
zM#50irc4fUiX1m}`fzr{4p++kapo2m-MQrq|IcJo9`<R{=KIZ(7o^<wEEnGKs*M}i
z)!sa5DmEvQN5P<6ony9G+a0j(b$tthPjG0<R>ZNJPLB~%J$zquT_|5p5~2O`LE9Xw
z9C=$LMwrvBJ=mZZ^StEZ^R4~-h`^heV~EF1-{-v~uIxBz7s;RY*Nt3kpKWJ_SML32
z#*trnAUJB@%G^o-n!CCvv2tRy*6!tV(awv?&uPvx+qNKt<8EjCMUf+xIp2FKS^yjf
tLKL131NHwOwbF5JkN*GvRv$P!4ykHOo!Z+8vkU~n%;=P18Nns`e*kx)YQX>i

literal 0
HcmV?d00001


From 83cb47f369e426ebd3341e6961f24f0109ef05fb Mon Sep 17 00:00:00 2001
From: lizayugabyte <77016159+lizayugabyte@users.noreply.github.com>
Date: Fri, 19 Feb 2021 14:27:28 -0500
Subject: [PATCH 2/2] Deleted refs to TLS 1.3

---
 .../install-software/kubernetes.md             | 18 +++++++++---------
 .../security/enable-encryption-in-transit.md   |  6 +++---
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md
index c511ce2c3073..26eb5e8228e0 100644
--- a/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md
+++ b/docs/content/latest/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes.md
@@ -46,7 +46,7 @@ Before you install Yugabyte Platform on a Kubernetes cluster, perform the follow
 
 ### Create a yugabyte-helm service account
 
-1. Run the following `kubectl` command to apply the YAML file:
+Run the following `kubectl` command to apply the YAML file:
 
 ```sh
 kubectl apply -f https://raw.githubusercontent.com/YugaByte/charts/master/stable/yugabyte/yugabyte-rbac.yaml
@@ -74,13 +74,13 @@ You can create a `kubeconfig` file for a yugabyte-helm service account as follow
     ```sh
     python generate_kubeconfig.py -s yugabyte-helm
     ```
-
-The following output should appear:
-
-```
-Generated the kubeconfig file: /tmp/yugabyte-helm.conf
-```
-
+    
+    The following output should appear:
+    
+    ```
+    Generated the kubeconfig file: /tmp/yugabyte-helm.conf
+    ```
+    
 3. Upload the generated `kubeconfig` file as the `kubeconfig` in the Yugabyte Platform provider configuration.
 
 ## Install Yugabyte Platform on a Kubernetes Cluster
@@ -139,7 +139,7 @@ You install Yugabyte Platform on a Kubernetes cluster as follows:
 5. Optionally, set the TLS version for Nginx frontend by using `ssl_protocols` operational directive in the Helm installation, as follows:
 
     ```sh
-    helm install yw-test yugabytedb/yugaware --version 2.3.3 -n yb-platform --wait --set tls.sslProtocols="TLSv1.2 TLSv1.3"
+    helm install yw-test yugabytedb/yugaware --version 2.3.3 -n yb-platform --wait --set tls.sslProtocols="TLSv1.2"
     ```
 
 A message output will notify you whether or not the deployment is successful.
diff --git a/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md b/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md
index db5d86a69179..871390e78d14 100644
--- a/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md
+++ b/docs/content/latest/yugabyte-platform/security/enable-encryption-in-transit.md
@@ -258,11 +258,11 @@ X509v3 Basic Constraints:
 
 ## Enforcing TLS Versions
 
-As TLS 1.0 and 1.1 are no longer accepted by PCI compliance, and considering significant vulnerabilities around these versions of the protocol, it is recommended that you migrate to TLS 1.2 (default) or later.
+As TLS 1.0 and 1.1 are no longer accepted by PCI compliance, and considering significant vulnerabilities around these versions of the protocol, it is recommended that you migrate to TLS 1.2 (default).
 
-You can set the TLS version for node-to-node and client-node communication. To enforce minimum TLS versions of 1.2 and 1.3, add the following flag for T-Server: 
+You can set the TLS version for node-to-node and client-node communication. To enforce the minimum TLS version of 1.2, add the following flag for T-Server: 
 
 ```
-ssl_protocols = tlsv12 tlsv13
+ssl_protocols = tlsv12
 ```