From 20645b9fc7180aac5a759630b548fa77762a6703 Mon Sep 17 00:00:00 2001
From: Carl Braganza <carl@kasten.io>
Date: Fri, 7 Jul 2023 18:34:02 -0700
Subject: [PATCH 1/3] Added details to the manager, sidecar and SP service
 sections. Fixed session figure errors and rewrote the client gRPC description
 in the risks section.

---
 .../3314-csi-changed-block-tracking/README.md | 122 +++++++++++++++---
 .../session.drawio.svg                        |  14 +-
 2 files changed, 106 insertions(+), 30 deletions(-)

diff --git a/keps/sig-storage/3314-csi-changed-block-tracking/README.md b/keps/sig-storage/3314-csi-changed-block-tracking/README.md
index bc9a86daa5f..3ca188716d0 100644
--- a/keps/sig-storage/3314-csi-changed-block-tracking/README.md
+++ b/keps/sig-storage/3314-csi-changed-block-tracking/README.md
@@ -470,34 +470,32 @@ the issues above:
   [SnapshotSessionData](#snapshotsessiondata) and the
   [SnapshotServiceConfiguration](#snapshotserviceconfiguration) CRs.
 
-The backup application obtains a
+The direct gRPC call made by the backup application client will encrypt
+all data exchanged with server, but
+the gRPC client is required to first establish trust with the server's CA.
+The backup application obtains the targeted
 [SnapshotMetadata](#the-snapshotmetadata-service-api) service
 server's CA certificate and endpoint address from the
 [SnapshotSessionRequest](#snapshotsessionrequest) CR.
-The CA certificate and the end point were sourced from the
-global
+These data were obtained from the global
 [SnapshotServiceConfiguration](#snapshotserviceconfiguration) CR
-created by the CSI driver; it contains
-public information and is not particularly vulnerable.
-
-The direct gRPC call made by the backup application client will encrypt
-all data exchanged with server.
+created by the CSI driver, and as this object only contains
+public information it is not considered particularly vulnerable.
 
-The gRPC client is required to establish trust with the server's CA.
-Mutual authentication, however, is not performed, as to do so would require the
+The direct gRPC call does not perform mutual authentication,
+as this would require the
 server to trust the certificate authorities used by its clients and no
-standardized mechanism exists for this purpose.
-
+standardized Kubernetes mechanism exists for this purpose.
 Instead, the backup application passes the opaque snapshot session token
 returned in the [SnapshotSessionRequest](#snapshotsessionrequest) CR
 as a parameter in each RPC.
-This token is acually the name of a
+This token is actually the name of a
 [SnapshotSessionData](#snapshotsessiondata) CR created by the
 [Snapshot Session Manager](#the-snapshot-session-manager)
 in the Namespace of the CSI driver, and only accessible to
 the manager and the server.
 The server in this case is is the
-[external-snapshot-session-sidecar](#the-external-snapshot-session-sidecar),
+[external-snapshot-session sidecar](#the-external-snapshot-session-sidecar),
 and it will validate the caller's use of the RPC by retrieving the
 CR with the name of the token.
 
@@ -531,7 +529,7 @@ but does not mandate how such policy is to be configured:
   requires GET and LIST permissions on this object to search for a CSI driver that
   can satisfy a request to create a snapshot session.
   - The ServiceAccounts of CSI drivers deploying a
-  [external-snapshot-session-sidecar](#the-external-snapshot-session-sidecar)
+  [external-snapshot-session sidecar](#the-external-snapshot-session-sidecar)
   need all permissions on this object.
   - The ServiceAccount used by a backup application should be granted
   GET and LIST permissions on this object so that it can determine which
@@ -541,7 +539,7 @@ but does not mandate how such policy is to be configured:
   - The ServiceAccount used by the [Snapshot Session Manager](#the-snapshot-session-manager)
   requires all permissions on this object in every namespace.
   - The ServiceAccounts of CSI drivers deploying a
-  [external-snapshot-session-sidecar](#the-external-snapshot-session-sidecar)
+  [external-snapshot-session sidecar](#the-external-snapshot-session-sidecar)
   need GET, LIST and DELETE permissions on this object in their namespace (only).
   It is recommended that CSI drivers not be granted global access to these objects.
   - It is recommended that no other principals, other than the system administrators, be granted access to these CRs.
@@ -552,7 +550,7 @@ but does not mandate how such policy is to be configured:
   requires GET and LIST permissions on these objects.
   - The ServiceAccounts of CSI drivers should already have sufficient permissions
   on these objects. This is needed for the
-  [external-snapshot-session-sidecar](#the-external-snapshot-session-sidecar)
+  [external-snapshot-session sidecar](#the-external-snapshot-session-sidecar)
   which attempts to load these objects.
   - The ServiceAccount used by a backup application should be granted at least GET
   permissions on VolumeSnapshot objects.
@@ -827,14 +825,98 @@ The following Kubernetes components are involved at runtime:
 
 ### The Snapshot Session Manager
 
-@TODO CARL
+The Snapshot Session Manager is a community provided container that
+manages snapshot sessions for all CSI drivers in the system.
+It should be configured as a Deployment workload with a replica count of 1,
+or equivalent.
+The manager pod should run under the authority of a ServiceAccount
+that is different from that of any CSI driver,
+and authorized as described in [Risks and Mitigations](#risks-and-mitigations).
+
+It is composed of the following sub-components:
+- A validating webhook for the
+  [SnapshotSessionRequest CR](#snapshotsessionrequest),
+  registered when the manager is deployed.
+  The validating webhook ensures that the creator of the CR
+  also has permission to access VolumeSnapshot objects in the same
+  namespace.
+
+- A controller for the [SnapshotSessionRequest CR](#snapshotsessionrequest)
+  that manages its lifecycle.
+  The CR is created in a `Pending` state, and the manager will
+  attempt to transition it to the `Ready` state, and if unsuccessful
+  will transition it to the `Failed` state.
+  The manager will also delete expired CR's.
+
+On CR creation, the manager establishes the initial expiration time for
+the CR and sets its state to `Pending`.
+The manager periodically scans for all
+[SnapshotSessionConfiguration CRs](#snapshotserviceconfiguration)
+in the `Pending` state and attempts to
+individually transition each such CR to a terminal state as follows:
+- It determines the CSI driver of the referenced VolumeSnapshots
+from their associated VolumeSnapshotContent objects.
+If a VolumeSnapshot or associated VolumeSnapshotContent cannot be found, or
+if more than one CSI driver is involved then the manager will
+change the state of the CR to `Failed`.
+- The manager searches for the
+[SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+created by the CSI driver. When it finds this object it will create a
+[SnapshotSessionData CR](#snapshotsessiondata) in the namespace
+of the CSI driver, using a long randomized string for its name;
+the string will also be used as the `session_token`.
+- The manager will then copy the CA certificate and
+endpoint address from the [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+to the [SnapshotSessionRequest CR](#snapshotsessionrequest),
+set the `session_token` value and change its state to `Ready`.
+- If the manager fails to find the CSI driver's
+[SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+by the time the expiry time is reached, it will transition
+the
+[SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+to the `Failed` state.
+
+Periodically, the manager will scan all
+[SnapshotSessionConfiguration CRs](#snapshotserviceconfiguration)
+and delete those that have passed their expiry time.
+
 
 ### The External Snapshot Session Sidecar
 
-@TODO CARL
+The `external-snapshot-session` sidecar is a community provided container
+that handles all aspects of Kubernetes snapshot session management for
+the SP.
+The sidecar should be configured to run under the authority of the CSI driver ServiceAccount,
+which must be authorized as described in [Risks and Mitigations](#risks-and-mitigations).
+
+A Service object must be created for the sidecar and the DNS address of the
+service be provided as invocation arguments to the sidecar.
+The SP also must create a [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+that contains the CA certificate and Service endpoint address of the sidecar.
+
+The sidecar must be deployed in the same pod as the
+[SP Snapshot Session Service](#the-sp-snapshot-session-service)
+and must be configured to communicate with it through a UNIX domain socket.
+Additional invocation arguments include the server certificate to be used,
+and the name of the
+[SnapshotSessionConfiguration CR](#snapshotserviceconfiguration).
+
+The sidecar acts as a proxy for the
+[SP Snapshot Session Service](#the-sp-snapshot-session-service),
+handling all aspects of the Kubernetes snapshot session protocol defined
+in this proposal, including
+- Validating a client's authority to a snapshot session.
+- Validating individual RPC arguments.
+- Translating RPC arguments from the Kubernetes domain to the SP domain at runtime.
+
+
 ### The SP Snapshot Session Service
 
-@TODO ?
+The SP must provide a container that implements the [SnapshotMetadata Service](#the-snapshotmetadata-service-api).
+This container must be configured to communicate with the community provided
+[external-snapshot-session sidecar](#the-external-snapshot-session-sidecar)
+over a UNIX domain socket.
+
 
 ### Test Plan
 
diff --git a/keps/sig-storage/3314-csi-changed-block-tracking/session.drawio.svg b/keps/sig-storage/3314-csi-changed-block-tracking/session.drawio.svg
index c4ca14401f6..425744e84c8 100644
--- a/keps/sig-storage/3314-csi-changed-block-tracking/session.drawio.svg
+++ b/keps/sig-storage/3314-csi-changed-block-tracking/session.drawio.svg
@@ -1,9 +1,5 @@
-<svg host="65bd71144e" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="1376px" height="1050px" viewBox="-0.5 -0.5 1376 1050" content="&lt;mxfile&gt;&lt;diagram id=&quot;tO6hoGsHSMwBvH-oNil_&quot; name=&quot;Page-1&quot;&gt;7T1Zc6O4ur8mdXseTCF2HtNOz0zX9JybSjLbI7blhNvYeDBOJ+fXXwkQoA2EkR3Hsd3VsQXIoG9fdWVPVy+/ZNHm6fd0AZMry1y8XNk3V5YFXNdCf/DIazViemY58pjFi3KsNXAf/xeSE6vRXbyA22qsHMrTNMnjDT04T9drOM+psSjL0h/0acs0WVADm+gRUreBB+7nUQK50/6KF/lTORq4rbN/hfHjE/llYFZHZtH8+2OW7tbV711Z9s/Fqzy8ishc1fnbp2iR/mgN2V+u7GmWpnn5afUyhQleXHrZfpYcre87g+tc5QICl+co2UFyy8WN5a9kMYrHgfgCcGV//vEU5/B+E83x0R8I/mjsKV8l1eEkmsHkc70K0zRJM3Rona5hfTTNFjBjjizjJLmvfnObJvj+Pi/TdV7hBrCq7+QytLCm6Xlo3e3P2zxLv0PBhK2Tv3j4jcajbF7NGaBvKXqQOMdo6uOZ+OWrVvQZZjl8aQ1Vy/kLTFcwz17RKeQoINdUyO/b1Rr/aDDJcsNy7KmFRZbvVhhcYe9jPXkDQfShAqIYoCF4RwBVAdxyubTmcwpwrh5I+TSYyEK1wAQA8ARwcoPxcHK948CpYECfbc8TA2sBl9EuyRnYmDL40aBZuDBYODI4NvCyKELzNBEaDT7L5KkMgc/lweeCcDz4QGAL4OcVKxlTUPT+3WFm/pn69Fj9rVe+kGVkYZsTEdzwi792vsW/sshitF7owzpawW2BGtWc6P7LaemfQsNxM8agG5JFG/wRS0s0a4US1XGMYnk0I9IQOEE5UItBBI9i4DbdxnmcrtFQApc5jaSzEqO/zSis/br+FUbFTxZjSKjnUbxufU+SaLONZ8WNmL08Scb5aSxFR8A1ftdHyLMJRE35otDYZokk2uWpHswOLI/CbZvnTK4rwOwwMHVgttPPmVogFdJ+BreI9GtkqUdqbAEMnKrr0LLlDRZg1S5qoB4lSfrjmmh3eATpnbB9Rg9e0DDFykMBUwHEauruhxkFFMcIW6+AB5Fj2egUL3TQP98D1RkZTKIckTKtxwqAWP38bRoXLIPgBwP2dLncwpwDen3TSnhg2W4/HuB13gxZv1plr6BGqb0iWrBpNu+QmdvKlCVYaBBoENKI8PvXgLDNRTrfrYol6BPVHBekaYiWySIutC3lqmkAx/aDIPCBB/zABaWWLGF/PJgaEA9Cc7Tehtl+2YdafiuUCtkuoVmtk1TgIkm5FspoPOmkXNxrdAIAmxeh5I428Z8w2xZSDp84n+XGNk8zZBYa34OtEafo0Z5BlGyeItCSveUP0zczy4S3MivUtEn1fNfFImSfJpP2+E/FNKbqXWt7/O8xNm/xKfVDkEP3aySpn9L8Hm7x8txEedR6/plAHzmTNUHIHS3w0+LTzu3h0N9ohZnYerbdlPeANc7yWZkjnc8uUUvFGvOAFWmdkz3OPrmI6BB3MZu/e67cbOSNsfMi9fHfHZxsS+qY5Ijrr3voI2bHxnC+88G90toZjIBjATr4+ceitsDwm5Rm32S91QZW2d2L8E+Ep6OhvN3A+SmyTgnDkj7v2/IsllDgyybOXh/ifVj1aEo5FE/WTVGEGQ/F+Q+zQCUWTXKMRrr4wgks0yGZpoigpGtxBEawrdTy/1CSk1ffWyhUEUd1YUvYKNNHprgwb2rKCbiiBoX2TR+JwGzbEqgUMFjsmFz0+T1J/nk7Mc2rDiLQrcDrwPeOlegUKgrkrcQY9iIlPVDTvOiHUTwv5KmTPEEPKp4oeaoKTw7EjHc6hy94vC9gI4jFREn82IriYR9xPI+S62p4FS8W+EeEzu4mcl2EaaLtUx3G5qIwRYCT3Pm+7unqqGMAy/NCL7At1w9BQMfRXCPggwfANTwQhmbompblWY4g4A8837B0uLM7Y8YlAG/gJklfyzgCxpRpBqMc6d3m/XVBXCx63KUJPjqL14t4/bgVnsOpeYyX9h5mzzEVO24Rijm9w8+9XmC8ihdwHmUyLtTM3zWhQiSaRp8RiQ9F5pX2tCP8YtF6XBCRHLXoYJcgI8UTJA4FwNCQOWR5CoHfVsBPObYnXBbpGng0zQLf4xfBEQT8tAScPIWY5/uK9wmgRPHYEuid8b4DLrcoCeoEpDAb33v+YEE8JfZ9JutwCdxdLAl1J3GjAV1idpeY3buO2Z2i6/Kjm7/7amvVJZbh+YFv26aNTFbHMkkqJ8mRNnyBReHYhg2wog1Cx/VN4AiUPcuwdOh7pC5ooL4nS4Ju0Ws58Jikswj/4qd12uY5P/XQRicKnWNadDXEZUTXtq16RvQGZjHCBJhhGojXj9W9NInSrqmK3n2moeXS6EzqZajCGiDw34S2DuRVyAU9w7zoPpZU0nR3wqhrUnnRAheGHxhOYCIOFLi+5YVOxYROMjEaiLJShX4SCRkI1k9HqjSdKW3bhud6nu/6TmjX6bhtqBD3EkUqrmfYtmu5QeC6bqCj0qn2Ah3YqaJc9lHL3NqtYiLUA+hpkegEnhOKvH41vxOAsEYIdT81Dw0rNBy0VLZf/S+CjW0Elm+ZHoIpphYdXM0SebxOQBO8pFgrplhfnDXn8nDanDXv3mD++++/h1qz5wHvQlHbfhTsFgxNZKy+KnX9eLRAHEdRd/blId1J78J1dKoZ5McgnHk0hdhAfA/EUblEo8kc3/KH5PLsULRYZEiZGw6/0eGXEwurGEJPuWqQ5cx8wWNNTMO0nBCZieR/xhXsIqPXxbkjwHQ9V+BJA45hW4ETWOR/gUVqB4YFTMcE2GL1LA0GKfD28xGbpjPHjqVhYlmAkSThnaDmKlojRSS7EjfZOKg32fKqgcab7F2doDcZt4KJYLCccyRVAmaKACNyKfc6xwZ3znB8uveSoHOGTZp4UT1hSMeNcaj7MT3EFMRq8h3UUsB2QtpDLHB/IcAZgW+bdghsy3UC/4R9xOBY7Z309FVjOm65+C2i5VpCUWIMf7mN8hxm63JGpEh0eVDrnne6Oq6xws3j3au2ExiCjjl1g6gxdK+SNHiqsO7i26Y5narCWgvvdgw6wOfzQQvbsYRwNC0N/Nt8x4CEYOFCXwTI0PPtiCNaHQAjCc4VuIKQB5ctELY6ulTJoxa1qfDbboawFOYQGRLm9e1X9D/2lWNVTmRXSPS03Sr5Fi9hEpdSlgS7seJVDd82Y3340K90ZXC+y7ZImt1BEp3CitIux780rbudauKcNhMzBJagiZ4t5Jwh8MdD0TIVNKaz6YIoTYtow3BwycvEJkAjZEhUsDYdBoKYu9uhK6lCkOjbXSUtfyLzeVEWscyTGK4lXh8p2PevATlM19kqRUYD7GwacsDhFZdQwEBZlXUvYddrZh85dtuk/KnHPu/gvzu4zcUMnZ1WEDvsrIquY28KZfJFHfDEBJNFvFzu49RUzJs9VsU+40zvvEN2aHD5OTs0kXlB+aAHtf5D/YVDb0oRD8D+y/6ePJkcWwxDs/EkSMSrhE83J+gwB13G1en5HFdFhp/AiHB0KKYKyU4tuLEAmKV5nq7QAbheFA4bNJZuIDpEq+/ocKuLOVqs7PXv+hD68k/7y81LBbPy22v1TWDyVQ3VpVDYprtsDilpl0fZI6zNsErNgAvSX18Cq32dNi8MqGqLnwFdeVfVVQ30uInskJ7I9ZmJyifmJtrDJ+TKVaWTkbjSul6tUZ8xUtwwDIG4yqN8pyxv8NnVgt7BaPGqdlGZZvXH3TdlQawS29qriwZ7b73hX90A7A6qjCiUeaOosELMtoLmQ9GxUREDero9jlcOlfq7vRfgv1UftmM934g2ahcNUbOGyPQFEWmIEkezFh3R73ea/BbUbksWBz79+vBwe/9TJ3LI/SrjMWOOVr7wdo7AjbfYJoiOtI9HI9fxmICFB3gXeL01lG4PTiCyNFQSJQoyPFzC0+3/3j+g4y1Fbc/azYFm0ixJ5997UUtu9Kj6/Wpjq/7yD2VeiY0t+BLntYWGPv/TGm8uwV/IFUpGGDFX2lYY8cn2GmHEg2wavgX4NisEwTTbapaiicVP5PZM1Gv0aY3xB3IuPsKeExNtGDpzEdH+AvMbmOTRp59Oi6imUzWiCkz8PjWi8gKeqEgptSpRmQZwmY3geOe+LgpjIkA+Gw1XpbB6Ey3ZREemsOBwHhMVUSmjutsoi1ZidwN2E3eZffSZnNbH2ZQjHdtH8VpPSp8KYibrxwkBvOikVfQyyeAW6fHt0ISokuBi8Og1eEhgkdA18UVScX5hXo2GlF4Sez6qS/xAAovXAimXu2kEVp/Mwt9aOSPdYqktgohYOrhzHckTxrAJLcewfa6Cf7AGZ9vstEryZa8MzP3MIxnPv4e4A6YaL8IA+obxj2ZI6vZzkfLbys7d4AUplsj9fOXedOhR3WjPo1lNm6O7DyArwnJCPfoMnZU0YZoQaNEtwl70eBvdAsvJKMsivLLpEl/9FK0fEZOzzFIXR2KUJDJcZOgxZajHZjvyTkMQiHw9GkRoaEmxVez+HurW1ovE0/uvxHlZVPSSgN/vNeaaTNuClnfz4ds9Ov54dzvtdnGKcL5feb14Q/ti/EMSgEOaJIinh+6vLSAJDe7PUCFZ+/0mWhxcx3OBwbTTcth+Muo5FK7h98ylL40iFDkFztlzLMWRnmQc31ZEJf0OKd8DBnHe1FlYgRJGcHN5jm8Au3sufWZD+Ba2KnFjEm9lzVOkbsyRqVsENdro4h6H8Tge7WK0BzvxSfTNthgj1SbdLfUzHWDKO5W/pQImq3ruqGJualAuqtQ4VaqrDHaoKuUC2kNHFH6qi6Jgn20tpQDmESNZsvDzH7c31w9frsrsvJ3cP/xOJP1gjq7Gt739+fYBpDwT2K1Z+2ART8JMsok0ugXNi/qoqD56b4ZYDhOGdFgup4pYLmAzdLipNKKWfHcnwkVLIDfMD1D8cohSIFY6WKZsSRyUf8HZU5p+74krKvUxOd362OEF0hrkOOsSAYS9UHs4CQS5paPVri9HQfkehjXDaie14s04LNwVCO/C0f7QmzNbDlzv8qc0wxBCTzSf4+5WiL3gpuz5Ex6ri8QE2fw9GiidSsag5TusGq35hnrJL51XUm9zR+GYoIMKKYwapSyCE007/OXLw/mmHB4mz6ku19pHn2zCfoHpM/4ZDh11JToxGYAuybcdqhjYnt890XETnQApR7zUhp1ObdgtLLbUlMunLh2sHMbTxHmUxHOZ1BSUHXMPeik9UnOhvUnpkWT9L8U+JxO392lW74g2XxCWg5sa+qPUDcY+QPJbXxhUCsxTSXLzANWEcM+AFbDYadXiqnslufF6Q5moxmDY8TPSwtCZthiAekZaQzFaUtJcpknZxNajiTKzHiJFDYDe7XEvOWoXWdeRoxbavKw7WI5aXYUiRVdV5ek2xagUY38AMQfwx1JJw5+wkr7cJfeiQoNPm3SLPYZ4WVZoZeNNAgt63yA1PNr2bQU42BH6AcOe0jble7RudWlhGfAZZDZpVaY77un1Gt1CrljlWne55iV4PSot8o91/FL4b+bfMdorJEhe0PutEyQBsOlwQOiFddodZX8EAhQPx6N4/fuacHxIFcRbWzU1n3rjoD2wj2TShDZn0QC/zswcbMZgA8mzTcd2/MDyzICvCOowljTaOI6ITV9wTYxrJCXj4OYzwgsW2Zw9nfF9mHbAbBCHZ48nYj/vXdHV0IsW+9lyKiN0JMJMAN1zZ8Igix6LmWxp+x6zewQxPh0cgSQWnkbOGCA5uiR2bRLtfnAIL/TZCoaA7Umuk1PwvpibL9++FCmLRdzpzTkG44YYwjEI1ejgGIhr0ZQO9PAPJsY8YUCtiX8cJBP2tHu1qOouTa+WwdkIB8xcDERtaB1Vjbtu1oK0Dr6cUxPPCz22UoFjVMqqkumwMzEbVx05cUFuXurYOJH2p9zfSh2Ce+yBzdDau8tnnBavXoJujXdsYT/cs2Exey4Jtw5xBK7mwGUM0v38GvLWQE0O4nYLV7PC+7vGXiz8yI/4WxGzYKITh92Ioth/BL/0e6vkeYWDt4xk1Cmf6Gp921HoCB44CgD9uo7zuNxIBFnwWVTsgHgBYRcIBckOQhBq2MynpvYLTR4OoAFJ2ewDqI7cFbM31fdkKhqmd+gokpdIFiZJU9sojIsMjoG8O93gOLUOHlPKK6x1cC0eOR1LQ/TOlydHNAIDMxVOj2QSO2mMwGUOS5zySioVypb9/9PRsb9RUOnc1Ql/SaOoyrb5njUYLUhmnWawlH/R8Nu5oZlrR95hQUxF+D3GnfqaPYgEd/TwBAs1H5bGcXl3RaEHdz/UZgsSOjxDll9zUXWezzc8EPQackKD2Kz0ntzWeOKyhFth9sW3/wN/FC6j1Wq3xpvcoYXI0ud4UWQGoeENWt91Loa2QoH5O9t6U+5vG4wPTC8NYDoCTuuIYsgaisqs7t4HnbhQmOznC3mJDS7eNVun+e0whTBijBDJXh0YUe+w9VaJic4Cv/lrexrzPqfJbgUn8UJ8eBZt4QQXJkrPKJ1r3edcOuGKxOPJZEiCkLWQ+U2mRRmSWjrhkp1Zj+IuRWgAs3WUTLhmMFt1LZTj69VuVl2sXIiy5+V8PY6BhXCOqfQVOVlF2Br4Guz/gNcB73NkgKyuujO+z0Rxr4l1wA727Ab2iu43x9MALblMrin0W5p+321q03Z/i9EsTMQfMXooMllVYlhum4sepTChkzRayH/uz0IeNxEdIfuhWFQ5a89E2A1Ea5vtO09n/4fIum5H8NxsTl1OnmfRepuUI4jXrfN4GcNMspfuh0X1iU2bJB7hVG3OFAosEl/HtvHEXc3kW5AFSbP8KX1Mkez70ox+Rrz+ubYhWnAQpeLhwqGr/RrwlUf+qpZBAIfaDhCE7tHQz3FS35mkx3x5b2Mj5+O6/ozeFMins0Rs1jDRl7tT2zxa0YXKfsBZtnskQPRD8ih4poQuot5jSJrpRhd1HhAeggcYbgus3el3DUwN92pAWsvpgLQG314bHekHaUcAUW6Q/AZfWwb/YNfSadS3yOCcoouwJ9W+cTWVpFgW50vkuwd5ooiihpiNJczl74UwuxXm2fgPkREZLBwZzjXA9zQB3wMuC/wjug0tYXZ2H/RxnRu6ptgV4MzAv1wurflcBn4N8PaDt3QTW468HV0vvJlyxzOD/BcPv/sJ3+8SDhoQpK7ZeSMEUWiOIlB1pMJ6kDLl3OA3qxQqqlFDSidcgTR19aQWex4LP19t4wW+mS8TcuZn0miQCYopxsK97mGzJ9w51gy9gjW/L3wIbE8TPgSc6DgkPojKLsbhQ50E/aHxAZgmR9b71gObjt8zlUaM6FccsKAufNnTJJZ6exkcOv04kw6ZTkNJFDIibaPaGBeaGrrDevIs7u7msIVrur+tsFL8aWBksjOYfrr9hP0yRMAjjDUUYSyXCVt5JKO/jTOmgEtZJBt5VCKnQtp4O+9RHraaqDQNLUJXLDoUyY50Z+qrVt5jF06pIdlhY0ZH7lg9HMO4zcbqHYnbKGYJ2BLQUS4UKsRGH7IdRhkeu+bRZI6etCs74iyDgoOhbLsslD1S3N0T/2bLIferVpDXIrY6ixXXLNHjY90KJ2BdiJQQqc/v4scXmwCSGUzJAS2N5eVEuoifKXgobbJVDtzABOadyQ5KUoNOQ2hEiMQjVdzwu+YHXHRDA4Yx+zrXSUqUDBBlMevYQVehXOQGbpL0dVU8IM61+7re5lExy/TuZlvWhtxfl3/v0gRWQ9MESQ6YVSNVGsksLopM8P4W5h18jPEZtY7xA87wI9JbsLx3CUJ1U9Jgx7jE7UiKIACfqWkR87aNLp6HGFko3axeAXvQ1yzFfKUxX9E6P/2eLnA/jy//Dw==&lt;/diagram&gt;&lt;/mxfile&gt;" style="background-color: rgb(255, 255, 255);">
-    <defs>
-        <style type="text/css">
-            @font-face { font-family: "Architects Daughter"; src: url("data:application/x-font-ttf;charset=utf-8;base64,AAEAAAAMAIAAAwBAT1MvMoWwV7IAAGWAAAAAYGNtYXDPBugkAABl4AAAARxnYXNwAAAAEAAAkvgAAAAIZ2x5Zv2v7C0AAADMAABb/GhlYWQC0dksAABfqAAAADZoaGVhCEMEFgAAZVwAAAAkaG10eN2yH1kAAF/gAAAFfGxvY2GKxKMcAABc6AAAAsBtYXhwAa4AzAAAXMgAAAAgbmFtZUarZSoAAGcEAAAlEHBvc3QANIw5AACMFAAABuNwcmVwaAaMhQAAZvwAAAAHAAIAFv/5AHwDhQAKABMAADcyFhUGBwYiJicmEwYQByM0NxI1PyoTCyUGDhUFC1sGD0MIDkMQCSgIAQgKGQNhGv2rLWebAS1pAAIANgHqANcC+wALABcAABM3JzQ3FxUXDgEjIic3JzQ3FxUXDgEjIpIBASQREAMZBSRcAQEkEBEEGAUkAlIcKVMREMciAw1XHSpTERDHIgQNAAACADgAxgKdApgAQwBQAAATNDMyFjM1Ii4BJyY0Nz4BNzYzNTQ2MzIWHQE3NTMXMxQjIiYjFTI2MxUUBw4BBw4BBwYjNSYiDgEeAQYHIyInJicuASQmIgYHBh0BMjc2NTRWKhIlAw4+IQcODgchEjEJGggIGWQyIbBJHUMHPHE8oRooBgIDBw84FikjCQwHDh8IBwIFOBYiARMMEh0OIz0SJgFTHQlZCgUCCBEIAQYDBnQOBQUObQqFhTYLZhAUHwwCAwIgLg8dYwIKGB4bFAIBYhUIApcDAwIFB2oHDzMiAAMACf/8AisDcAAtADUARAAAJRcVFAcGIycWIycmJyYnNjc2NzUjIicmNSY0Njc2NzUzFzMVDwEzFhQOBDcmIyIGBxc2JTc6ATYzJzQmIgYHBhUUAVcSJxUgDgdOHAQCBQMJVhIGGJs2EQIoJEJNMSHItgHjARUoNDEofQokGTkNBof+wSsOGBEEEQ8YLhUvx6ULDwgExhQBAg4YBhIHAgGFLg8XCiY5FyoM6McqGb8JKDYpGxUToRAOBlcnbQEBlQEDFBAlKCoABQAfAAMB2wJbAA0AGwApADYASAAAJCY0NzYzMhcWFxQGIyI3JiMiBxwBFxYXFjc8AQAmNDc2MzIXFhcUBiMiNyYjIgccARceATc2NAMiPQE0Ez4BMzYyFA4DBwYBQRIMFCgaFy8EKigfQhYbHwYMEhIkCP5/EgwUKBoXLwQqKB9CFhsfBgwSIwsQVQ+pZU8EBQcfMTtDIElIHjUUIQwZLjIhZBcdBBMTDwIEIQURAUMeNRQhDBkuMiFkFx4DExMPBAgMIf4IGwkhAQqfZwMVRltobTFvAAMABf/+AqoDFwA2AEMAUAAAJRQjIicuASMGBwYjJyoBJyYnJjQ3EyYnJjU2NzYzMhcWFRQHFhceATM+Ajc2NzIWDgEHBgcWBRQzMj4BNzY3JwYHBhM2NzY1NzQmIgYHBhQCbiwdLhEjFR8lgGEgAQkRLBYHArYsCxAIPC8vJBMNbgNbLD4IOSoUDB4qChgCEBU2Z4f94hEDL0chOU+mGCBVfS4aFAERKyYMFkwcGwoREBREAgQLFAcNBAEiTB8xQmZDMyMWKHXTKEwlJCAqGg8nJxMFHhpCS0MUEgELCxMvphgwfAE4Gl1HSBoSCiUbMZAAAQAbAbYAgAJrAAkAABMyFRQHBg8BNzZoGCIKCTA4DAJrIylDFA4EsAUAAQAPAA4BGgNgABgAADcUIi4CJyY0PgI3NjMyFhcOAhQeAsc9LCIXBw8QHisaOzwLEQVePR0gJSAiFCtDUSdKR19wcy9qBA2FgnV3XVhYAAABABoAAAFKAy8AGwAAEyc0NjMyFxYXFhQOAgcGIyImNT4DNC4CHAIYFFNBThsHDRkjFzI4BA0RNDAiJUBVAvsQFw1dc7kxN0NLTB9FDAQqSUlPgXhiVgAAAQAnAHECDgK7ADcAADc2NzQnJicmNTQ3HgEXFjMyPwE2MxQOARUyPgEzFA4CBwYVFBcWFAYHLgMnDgMjIiY1NlJHBiQPEDUDJS4TJxYKClIIMBUKH1ovGh4uNBc1DBgdFhQQChAUEh8jKBoEDQm+gTQWFwkJHykKDAEaDRwC2BUlazofFwsgIxUNChc0HiNCLw4JCikvKQoPLSoeDAQSAAEACgAiAgIB9QAqAAATNDMyHgQVMxQHBgcGBwYUFhcWFAcGIyInLgEnJiciBw4BNTQ3PgE10iMRCgYGBQXcXhoYQQsCBAUKARQYEwMCBAQKDhslSz1kPCgB4hMNHiYqJgcnBgEBAQMOGyofPysMEBAVNx5LIwsWARobBQQMCgAAAf/q/6sAdABnABIAADc+ATIXFhccAQ4EBwYjIicwBhASCA4GCBEUFAkHGBUGBlYNBAIEDQIHEx8hHhAHGAIAAAEAHgDYASsBJgAOAAA3IjU0PgI3MhcWFRQGB1AyFzlXMBQOFAkS2BoNCggQBQcKDgUQBgABABf//wBsAEMADQAAFyY1NDc2MhcyFhQGBwYuFxkKCwMVDwwJDwECEhYTBwERHA4DBQAAAQAVAAABuwKxAA4AADMiPQE2ATY3FhQOAgcGJxIPAXwTAwUYP1kwbyAKLAI6HQQDFkaEnUusAAACACb//gJnAmcAEgAlAAA3LgE0PgI3NjMyFxYVFAcGIyInFDMyNjU0NTQmIyoBIyIHBgcGdCQqGCU1IktfgEQ/X12aWVfAiotyYwsRBzU0MSMgLBdFUG5eWCJJXlV+lVNQuYeOgwQEc3pIQmdeAAEAHAAIAG4CNgAPAAA3ND4ENyY2MhYXAw4BHAMDBAMCAQIUGRMEEAI0EBNRZnBmUBQWDAQO/f4SDwABABAACgI7AkkALgAAJTIUDgUHBiMiJjc2NzY1NCcmJyIOAiM2NzY3NjIXHgEXFAcGBxYyPgICGiEsNzANLT4kcUMiFwdLUXkFCy4sODEzJQEaNF8iKAonOAWEJCMLL1JcWqcyFwoBAw0RCh4VE0Jom1cRDx8JJCwkIR9AHAsBBDAyjawvKAEXIR4AAAEACv/+AfECLwAqAAABFAcGBxYXFhQOAQcGBwYiLgE1PgE3NjQmIyIHJyQ1NCciDgEjNDc2NzYyAeJgGBF7GAUPMCJHTxshFBZLciEnJh5MgyMBLzk7l1IrFyovmrkB+zxREw8COA0cL0AePhgIAQwOE0YmLz4WPi2MPRoIKBIvCAoMJwAAAgBJ//ECqAI/ABoAJAAABSInNyMnIyImNTY3NjMyFRQHNxQGDwEGBwYVAw4DBzoBNjcBjRUDBEl4SA0aNTKfO0IB3Q0FuQ4DBU4WPzwwBgcwWjYPDMYBCBFERdnoHiIDGhgBDycxUDYB6B45OTofCwYAAQAbAAACxQJ5AD0AABM3Nj8BPgEyHgEGFTI+AjMyFhcOBQcVNjc2MhYXFhcUBgcGIyImNTQ2MxUyPgE0JicmIgYHBisBIhsHBwkMBBEeDgEGRouKikYKEQUEFC9QfrV7IClMUDUiSQlFNGKCHBggFHZoPSQaKGY0GUMjECIBIUU6UmQNBA8WHA0eJB4FDgwQEBEbJhyAAwcNAg0cVz9XGjEMFBQkEiE7WCgKEBAKGQACABb//AJsApkAKAA0AAATPAE+Ajc2MzIWFBUGBwYVFB4BMz4DNzY3MhcWFQYHBiMiJyYnJiU0IgYHBgcWMj4CFhovPyVQUA4SeFFRJyEUECkzPCFKSyIUEw9jUWlBN3AtFQIUQE0lMEISK0paQAEaBS1WU0odPQoVBBZmZXsoVikNKjExFCwCHh0jeUM4FixqMg8iMCAoRwMKKEEAAAEACgAAAmICNgAiAAAhJzQ1NDc+ATciBwYiJy4BNTQ2NxYyPgIzMhYUFQYHBhQXATYDPxsyCTY1wlskCwcHCxNGeImIRBAQrigIBjoGBVyBNWAnAwsCBQoJCQoFAQ4VEhAPA8G2J0YgAAADABb//wJ+AlgAIAAwAEQAAAAWBgceAhUUDgIiJicmNTQ+AjQmJyY0PgI3NjMyARQXFjI2NzY1JiMiBwYHBgEmIyIHBgcUFjMWMj4CNzY3NCYCJyUCMTogC0dsgV5XJlkgJSALBxIgNUQjRD5V/n1EL4RkJlUYf1hXUyYUAY8rQIs/FgQmHgUVMEBBGzwKEAJEJ1g3FyYpHkRlQiANEShQGTEsJx0TCRc4OCsfChL+SEMbEhwcPWdRJyY1HAFXE0UYIh4fAQkSGQ4gGxEcAAIAHgAAAg8CaQAiADAAADMuATU+AjcmIgYHBiIuAScmNTQ3Njc2MhcWFxYUDgIHBgMWMzI3NjQmJyYnIgcG9w0TYFMsBAoiPSNQLi09Gg5lUlEUIxB1IQwEIjkjTMUuRGNlBAQMHDiTNBMCGhI5V1Y3AQkGDQMYGxMPSkg7EAQFJGUlND5pYCVSAX4UKREaIRMrBFUgAAIAHwBlAJwBcQAJABYAADc0NjIWFAYqASYnJjU0NjceARUUBwYiTRsiEhMQDR8gDh4JHxEaBBV+DxwWGRUKzwQLDxQBBBcHFQYCAAAC/+r/WgBgAWcABwARAAA3MhQGBwYHEicmPgEyFhcWIyJEHAcMHEdTHQYCFhkUAQETH3VASSRRHQEbwQQbEhINHgABAFQAOwGvAdMAGgAANz4BNzY3MhcWFA8BHgEXFhcOAQcGIy4CJyZUIFYsbC8NBgME6w84IlE9AQYECQIecEQdROUZRCJVGhYJEgazCBkRKCgBDggVEycbDiIAAAIAQACLAcsBbAARAB8AADciNTQ2MzY3NjcyFRQHIgYHBicHIic3Njc+ATIWFRQHXhgNBE1BfUciATlXKGk3Eh4CFANPpEEMDxGLIwMNDQcPDiQHBxAJGYMBEiQDCREMCQoZCwABADIAMAGqAb0AFAAANyYnNDU0Nz4BNyU3HgMXDgN2LQVHaUAG/vgyMVNNTCkaT1dVMBETBAMfKj0xF2MxIxwRFx8fP0JEAAACAAr//AHyArwACQAoAAAFIjQzNjIWFAYiAyI1NDc2NzY1NCciDgEjIiYnNjMyFxYVFAcGBxcVBgEWJCQHERISEQWdBIYpgmkrgkQiCxsEfnNTN21wPGJzGAJGAhUgFQEVMggKShpSNS8ZFwseDykUJklDUiwsIRcDAAIAG//7BBICqgBGAFUAAAEGIyInJjQ3Njc2MzI2Mh4CFxYzMjUmJyYnIg4CFRYXFhc+ATc2NzYyFhcGBwYHBiInIicmJyY1ND4CMzIXHgEUBwYiJyYjIgcGBwYUFxYyNjc2AlBrTSQUFw4eYTBCBAwZGRAHBw8iUQlaUWBUmnVGIHNBb1SZRZVoBw8bAgKUdqpYXQyKZ1YmE1GHr1+IYTJAHi6SQAQeIiRDEwYEBhYiIE4BVlsVFzkdQyIQAQ0aIA4hOlA5NAc9bZZZXy0ZDQcTFS1tAwsQUT4yGA0EJR4/IS1hrYJLOh9hdBwscBQRICULEQgIBA4kAAACABr/8QJ+AroALgA4AAABMzIWFRYnLgEGFx4BFxYXDgEiJwMFBwYHBicmNTQ+Bjc2Mx4DFx4BJw4CBzI3NjcmAiUcER8HNg8ZEAEKFw4kIBEtAwGN/u8KHSQGEyAqKy8qIg4FBQooKy8hIBsJJOwIOCIMRGMZFy8BbgYTKAEBAgEFHUgkWScVHAEBKUMqcy0KCAwIAnBzfnJbKR8LFxhNWFolDgLYPYBHHigLCckAAAMAHv/5AsQCqAAhACsAOwAAEzYyFhcWFxYVFAcGBxYXFhUUBwYHBiMiJyYnJjQ3IiY1NBM+AjU0JyYiBxMjIg8BMjc2NzY0LgInJkFKhGc0bhoHTTNf6VMuTFOBd2ZOOAIDCAcLEn2hzls8QdeOdRlSCgpagVQnFB0tNxooApgQCg4fNQsPLDMiIw03HSc2Oj4pJhdARJfPcAURGP2qCTtFICoZGh0BPBHJKx0jEiYZEAkCAwAAAQAW//8CwAKZACYAAAEmIyIHBgcGFBcUFxYzNjc2NzIWFQYHBiMiIyInJjU0PgIzMhcWAgpBT0tFVyEMAkM/YoZ7IiYOHWNEfmYHBm9PVDtnjVFFFRoCK0A5SHIpNg9jNTELXBoYCBNWJkRFSW1SlnNEExcAAAIAJgAGAn8CgAAUACIAABM2MzIXFhUWFRQHBgcGIyInETMyFgUmJyYjBwYHETI3Njc2aUp631IgAXVrnWhEHBQOFxwB1AlaQ2USX0VGabZEGAJmGm4qQQkJZGdhOygIAnAP0FkrIAECHP4jM1p3KgABAB4AAAJKAn4AIgAAATIXFQ4BBwYHBhYXFhUyPgEzFQUXMj4BMxQHBicGBAcTFjMBYWQhG141lDYRAgEERK9gM/6BBmPPazwMGBOw/uswBBpGAnsNMQQBAQMMUDoQJzUYCzcwpBMJFBIgDRMWBAJ+CAABACb/+AK7AnoAOQAANyY1NDY3NC4BNDYyHgIXFjM+ATc2MhceARUUJwQVFB4BMzI+AjMyFAcGMwYHDgEHBg8BBiMnIiNeOCYTJBAVKAwEAQMFGkOGQoRrHwEGIf31EgkGOXV1djkBAQMDK3ExZitjEAsLDiUFBaYIEg0iEjyVUkQSCxASCBMBFQsWAxMcCREFEztBXRgUFxQPCRgYDwcMBw4XxAsDAAABABb/wAKuAowAOwAABTUGBwYjIicmNTY3Njc2MzIzNzIHDgMUFjMyNzY3Nj0BIgYHLgEnJjc+AjcWNhcWDwEGFRcUFQYiAfBfJVZBTjg5BR08i0VaAgIbLgRQjGc7UD82YD0eDx7bEQUOAQIuC/JCFgoeDSACUxMCHjgxt0EVLzk7TFBSrlEpASQEQm+UmkQvHiYSFJQuAwMHBw8fBiMKAwIFAQEiIj2plRQRDwABABX/+gJKAtsALAAAEwYUFwcDJjU0PgU1Njc2FwMyNxE2MzIXFB4CFxYXFhcGIyYnJiIHBpsDE08kIyEQAwYFBRYKGQkG9zIGMgsHAwMEAgMCByotNi4DQjAePgEaIn1ZKAEQBRMOJhkfUFpQEBYFDRf+xSABPBEBE01ibTFmMHhKEnK5AgMEAAABABr//wBpAkYADQAANxQjIicmNDY3NjU2MhVpGBIZDAQCBh0mEBERG8yFOHoHEREAAAEACQAEAgYCdgAeAAABJzQ2OwEUHgEUBgcGBwYnJicmJzQ3NjMWFxYzMjc2Aa0DBQxDBgICCRU7LWJjS1gNDxsWAR5GmxoZMQFHvS1FEFxdQmk/kSIZDQ4sM0UXESA5JVQDGgABACsAAAJhAtAANQAANzQ+BTc2NzYzMDMUBgc+AzMyFRQOBBUeAxcWFRQHBisBIi4CJxUGBwYiKwUFAwMDBAQJDwguDhEBQXlpVhUjQGBxYEASU2dvLmgRBwcKMFRfeFUCEBc0DwQQQl1vdG8uZBMXJvQXIU1BKxsVMzc4NS4RCyUvNRs7Jw0FAi5ARRfIBAUHAAEANwAOArQCrgANAAATJxcDBRYUBwYjIiclNlACUAkCDxAPHSUJCv3nGQG1+QP9tg8FGA0aAgVdAAABABwAAgMsAqoAPQAANxcUDgEiJyI1NBI+Azc2MxYXHgEXEzYzMh4DFx4BFAYiLgYnNC4BBgcGBwYnJicDBgMGBwZ7BAEXIQkhLAwJBAgIDytITDYkEcgVCyAiFxENBg4PEiAgBwcKCgoIAgIOHRo4ag4XGxO4GBQDAQWnSQYgGQEdGAFTYkMgIAoTJKh4QAwBXA86U2RtNH1AGxkZJTxLU0w7DxQiCBspV84ZDg8+AYcw/vIhFxkAAQAZ//gCYALMACQAAAEQBycmJy4BJwYRFAcGIiY0PgE3NjQnPgEeARcWFxM+ATMyFQcCYBlJN4IzZSoUBBMtEgUHAwgCFhgeLyuTjhMLFhIjAQFh/tA0Bl+sRIZCWf71ZkYSCRUtajua30gUEhM/PtG3AfIUD0AlAAACABYADgKOAl8ADgAcAAA3JjQ2NzYzMhcWFRQGIyIDFDMyNzY1NCcmIyIHBi4YLylXg4lZZJmi4QrudUlJV0pxWkVEqDaScSlVP0iGpp4BLexGRXBpNzBBQQACACb//gJ9AmYAFgAsAAAXJzU+Azc2MzIWFxYUDgIHBiMHFBMUMzI+Azc2NSYnJiIOAgcGBwZTLQUGECQkQa5LaBk5OVtyOWZeBAMrBh5LVFUiTQ9oHzFDWDwDAQQMAgLpS3RUOREgHQ0cZFE7JgwU4AwBXTIBBQ8YEipBQRIGBRosHQwQMwAAAgAbABYCtQJ6ACAAQwAANzQ+AjM2MzIXFhUUBwYUHgIUBw4BLgEnJicGBwYnJgUyNzY3JyY9ATQ2Mh4CFzY3NjUmJyYnJiIjIgcGBwYVFBYbLFZ+UgwMgkpDRAEdKx4BCyYNFgobFCZPyH5RATI8GTYVtwEcKTEuLRgzAQEFDBhhL1QIPjQpHRl29ECRcEQBTkd0cmEFFRYSFBEFCAkDDwkVAyQaP2pFRQULI6YBAgUSCSArLg5OXBwjJB09Ewo6L1NDOWhZAAACAC7/9AKrAocALwBBAAATNjMyHgEVFAcOAQcGBxQeAhcWFx4BFA4BKwEiLgEnJicVFCsBIicmNTc0JzYXFgUnIgcGFBcWFxYyPgI3NjU0djeQWno9gBOhHD0UCB48NZ6nCBoQFgwUFH9dMHFCIgsVCg4DDRgjCAFXQeIiCgIFEgMPKUVOJHECUjUkKBg3Ngk3ChcNBQcRHx1WYgYVGQoFVkAeSRblFBUgVsmUcCksChMBNA4rECkSAQgVHhAzIBIAAAEAD///AnACYAAzAAA+AjcWMzI3Njc2NCclJicmNTQ3Njc2Nx4BFxYHFAcOAgcUHgEXFhcWFRQHBgcGIyIuAQ8fEQMFdl18WB4KA/5hEhEfYmy1KRQGGQ0fBYKoUyUBLkAzfLQKPkZ8Zz0zXC5qHQsDWzooKg0RBV0EDRYSRTg9HwcBAgMDBxMiFBkiJBkFDBEOIjQWEzUxNyYfJCIAAQAAAAACfgJEABwAAAEnIgcGBwYUFwcTJyImNDYzFhcWMzc2NxYXFhUGAepZIy4CBhUCXh/VCAkSDElKiWA+SUgQBAFCAesCByc+3IMbBwHuDBoWGgMHDAICDgMvCgYTAAABABT//gIWAmMAMgAAJRQjIiYnNwYHBiMiJyY1NDc2NzYzMDM2MzIVFAcGFRQXFhcyMzI3Njc2NzYzMhcWFQMUAg4fDxkDClwqQkUNDpIoDQQDCgwFBCANKCIWLwYGozMeBQMCCxMTFwMKEBIJA4BPFCEBEKtOuzowAQEwITGhPkElGAWdXII8Ox4ROjj+gikAAAEAC//8AnICoAAYAAAlJgInJjU0Nx4BFxYXNj8BNjc2MzIVAQYiAQUbkhg1MyM9HkctEDhSQhMjGBj+5BE1EEgBHS9tEw0UQYE5izUQeK2MKyoq/ZELAAABAA4AAAOzAvYAOAAAJTYTMhceAQ4CBwYHBicuAScuAicmJwYHDgEHJwMmNDY3NjIeBhcWFxI2NzYzMhcWFxYC+zJCPwMBAQgPFg4iJCQUCQ4JDUYrFC4fJFwQGgk++gIHCREiDwkGESEmJhEkCXQ2BwsGK2YcGDumogGuJwwKO2qMTLN7GREJHxQRklYlUw44+yxLFwMCQgUKCgQGDRQYJkpSUSJLCQEeawwRwDMvcgAAAQAbAAECTwJ3ACEAACUOAyImND8BLgQnNDc2HwETFwMeAxUGBwYiJwEqGi0vND0YAb40Ry4ZCwIbFxHA7zrwIldMMwMSBBQU4RVIRDIRGwjhQFo6IQ8EFAgHCegBGi/+4y5BOTonFwgCDwAAAQAc/+4CEgKZAB0AAAUiJyY3Nj8BNjcBJjQ3NjIWFxYXPgMWFw4BBwYBFhASIwcMExsODv71BwgNJScdOYI7NB8ZEgQfOR5PEgoVEBU/Wis0ARAJDgQGDBgwm6xjHQIEDEKnWewAAQAc//0DAgJXAB4AACUGIyA1NDcBJiIGBwYHIiYnNiUyFhUGBwYHFjI+ATcDAvfP/uAKAbAoM0AykzgPBwLfAR4OGhylwh83lJikShATJQgIAeICAQQMAxIhGAoIEU6wzikLCQ4FAAABAB//rAGWA0IAGgAAEz4BNzYzFBYHDgEHBgcGFB4CFSUUHgEUBwUfIU8pZy8FCxJEJFgZAQwUEgD/BQQF/rADCwUSCRcNHAYFDQkUEiBckrCwXSMFFhkUATUAAAEAAP/+Ae4CWAAQAAAFAgMmNTQXNDYzHgMXFAYBuvKsHAodDzpmZ29CIgIBEAEOLQIBDxMIOZSakTYUGAAAAQAA/58BywMzACkAAAEQEw4DBwYjIjU2MxcyNzY0JicmJyYiBgcGIyInJjQ3ND4BPwEWFwYBoygJOk1YJ00cAzIuFG0pGAcHDRYLJj0jYTADCBQJ/EcaHh4FBAKS/sr+XwEFBwYDBjcDATAbh6dVrZoBDAkZBQ4gCwIkCQQCARJCAAEAEgH+ASwCrwAXAAASJjQ2NzY3FhcWFxYUBwYnLgInBgcGBykXFRMqPjMRHCQGBAsZJQ0YHz0WBwYB/gomJBQsHSEOGTgMFQYQDxsMGh4qJAwOAAEAIAAAApgAdQAMAAAzJzU2NzY3MhYVFAcEIQFZwttbDhkR/qsSFCQLDBQIDxUXCQAAAQAvAe4AlwJoAAoAABM0MzIfAQcmJy4BLw8JDUMRQgwEBQJMHA5BKy0UCBAAAAIAEgAGAfUBxgAeADAAACUGBwYiLgEnJjUmND4BNzY3NjIXMhceAhcjLgEnJic0IyYjIgcGBwYVFBc2NzY3NgGkS30dLx8mECUEFDUmT1wbLRI6FA0FBQo7BAQCBQs5BwdJUSYbKERaUiMXIKZ2HAYBCAkVJhItSlYkTBYGA08ys2EoGyoSKro6AUYgKDktOwsCUCMpNwAAAgAeAAcCKwLnABwALgAAEyc0NjIWBxM2NzYzMhcWFA4CBwYHJgYjIicmNRcUMj4BNzY3JiMiBwYHBhUcASEDFiAaAwc/a1lDOyAYJTxOKExKBhwUNikKVik8VStkMw1BO0ppLRMCRIEQEhEP/lBUOTAmHmNJQzoXLB0CAg1fwtwLECcfR2A5LD9dJSYKDAAAAQAWAAACbQG/AC8AACQ2MhUUDgMHBiImJyY1PAE+ATc2NzYyHgEXFhUUBwYHLgEjBgcGFRQXFBcWMjYB2E5HBTFHVChTRlEjUR48KFRcICscHgsaIgkHBRAbdlVgATEldVZ6HBYFFR0aFggREBIqUgYkQ0McPBIHAQMGDSYYFwYFFyAZMjk/BwhAGxQbAAIACf//AfQDIwAhADUAAAAOARQXFAYjIj0BBiMiJicmND4BNzYzMhc0Njc+Ajc2MwEUMzI3Mjc2NzU0IyYiDgEHBgcGAfQLCQ4RFC+OYidRJAUTOypcay4qBQMGBAcHDyX+XjkJCyk8chk5BxcwPB09FwkCw7evxW4XFE4haiY6GDJHTB0+DhJaMoIvIQwZ/XpPAhgtIYUjAQoaEyk3FQACABQABgIJAdMAIQAvAAA3MjcyFhUOAScmJyY0PgIzMhceARUUBwYHBiMnIgcGBxYAJiIGBwYVFjMyNzY1NOdYsQsOKOJibxgCIVBsPTpIIigBAjkZIZBIJhYJGQEDMCBIHEVQKG8nGEZQDwpETBkdYBNAaV42KBMwGQcHPRAHBh8RIlsBRQ4VDSAjBxMKDxIAAAEADgAGAmADPgAmAAABMhQXBRcnNCcHIicmNTcmND4BMh4CFRQHJicmIyIHBhQWFzI3NgJZBQL+qRJRFIINCRCYFCRFTlFKNAUoOUQ8ORMJCBQ+TZQBTjYKKt4EWnQyDxoVNqzXeCkiNEEfGAo4LDRRKpl/QAsXAAIAF/5RAfsBrwAmADkAAAEnIgcjIicmNTc2NTwBNRM0JwYjIiciNT4CNzYzMhcWFA4CBwYDJiIOAQcGFRQXFjI+Ajc2NTQBPA4eIiY8IhLmagUBopYNDUMCMk8yTUhUNhAGFSIXJgkMK0Q+G0IJBxUoRUoeRv5UAQQXDBgLA28EEyABQhELlwE7Lm9nKT9Z7siAaj4OFgMSBCQ5I1YzEAgEBx0uHEA9JQAAAQAX//0B8QKcACYAACUGIjU0JyYnJiIOAQcjNjQmJyY0NzYzMhYXBxQXNjMyFxYXHgEXFgHxCUsFCR1IWzsfB00CBAMFCAoTFxoBBQlaYB8jSxcLBgEGDhEbdixhBw43f3M5YodQXH81EyENpV0uPAUnLBc0IXIAAgAYAAYAiwKBAAgAEwAAExYXBiMiJicRJzQzMhcWFAcGIiZ1DQkGKgsXAx4pGxEDCAggIAHWu/YfCQgBv4gjDAsVCgoPAAL/jv6RAK0CwwAiAC0AABcUIyIuAScmJzQ3NjUeATMyNzY1NCcmNDcmNzYzBhQeARcWAxYVFAcqASc0NzatWAkbNRtBEgUJIUwrHREQDhQCAxkTFwkBCwcRPxASAQ0PDwbIpwEHCRYqAwsUAxksKiQkYZvpfygYDAk+SE2USqEDKAsYGAUNIA4FAAEAHv/7AmQC2wAtAAA3FxQHBiInEzQmNTQ7ATIXFhcWFz4CNzYzMhcGBw4BBx4BFxYXFAcGByMmJyZ+BSYIFg8BEyIIBwIPBQsJEXZIIEsTEAkyby1ZJUN4OIFdBQkcCD1lx7ZXUBEDBQF2UaNRIAE+WMNDCVQzFjETP00fPSESJxAmBRsIDgIRFSkAAQAW//8AgAKqABAAABIuASc+ATMyExYVFCMnNC4BKwQBEAkRECMTCkAIBgMBulUpUAwW/tmrqy4BNKJ4AAABABr//QMWAcsAOwAANwYiJic0PgE0JzQzMh4BFzY3NjIeARU2NzYzMgcTFAcGNSY1NzQnDgIHBhUGIyImNzY1NCYnIgcOARRuKRsKBgUEBisKCwUCGk0pSDcnGltTQl8CFR04AQUWQkc2FS8GIRYcAxMTDpAyFgUQEQYLIWRydDAgSCgJLxsNES0lMSclSP6MBQIEDhQUoXFCBSExKVyYFQ8GajsvVTdzM1k/AAABACL/+gHjAfMAKAAAJTQnNiMiBgcGBxEjJjU0Njc2MzIVFAYVNjMyFxYVBxQXBiMuAScuATUBoQ0IICJsIlEJQw0LAxoQGQWiWWUOBgECCgYDFBAKAtt3OA8iEScl/vAinYyECRE7FysId6M5ZU8sKQYBBAEoUyMAAAIANP//AjABwQASACMAADc0NzY3OgEXFhcWFAcUBwYjIiY3FBcWMjY3NjU0JyYjDgEHBjRmUXIGLCVSHgwBX1iEX2FFIRl2WiNLICM5J08jTL52SDkMDRxHHCcIfUhCWE8+FhASFjBlPCYpBxAXMQACAD7+ggIhAcAAHAAsAAATNjMyFxYVFAYHBgcUHgIXHgEVFAYjIiMDNh4BBSYiBwYHBhUUHQE2NzY1NHuIY34qEz80ea0BAQEBAwMgGgUFEAkeEgEoIUslVCgSzlYyAZEvQh8kMmorYxgLMTxEH00WBxkZAyQNAg41EQcQNxomBAStLlIvMjUAAgAk/p0B9AGQABgAJwAAAQcjAwYHBiMiLgI1ND4COwEyFhcUEhcDNCMiBwYVFBc6ATY3NjUB5RsXDydPSDkuPR0BOGh9Ow4dMBACC2QUZVFWNg8xRhxC/p4BAbUlGRcaHyIKOm5YLioarv6urgKALztBYTACDRElSwABABv/9QIiAeIAKQAAASYjIgcGBwYVHAEWFQ4BIiYnLgMnJic0MzIeAhc2MzIXNjIXFhUUAgYqQj41ZCUQFBUaEg0IAQYJCwULBiMVGA4FAoTEFhgGEgkLAW0eFypCHiIGN10wAQgQFwY4UF8uZC8YIy0sCXYBAQwOFDIAAQAW/+MB3wHKACgAAAEyFRQHBgciLgEnNjc2NCIHJicmND4BNzYzMhcyFhUmIyIHBgcUMzc2AXFuPVuaBxEJAnNKMnZyNCYhJDwoYmkfHRgIO0pcPD4CKUleAQI4KjhTMhwPAiY2JC4cAiMfPzUuEy8GKjAbJSQ6HAgUAAEAEP/xAZMCqAAdAAA/ATQnIyczETY3NjIWFxYVFBc2MzAzMjcHJxMGIyKyAgebApYDCQ4TDggQAyAgNBMQA5IFEg0yYKAmG0UBAgkJDgQMQoUhIAQCSAT+pwgAAQAN//8B6QG5AC4AADc0LgE0NzYzHgEUBwYVFBcWMzI3Njc2NC4BJzYyHgMUFwYjIicGBwYHBiIuARYFBAYNKRwTCSEDEF4xLFQeCQUHAQ0ZGxMGAQQMCygTDR9CWhEqPziFEDlERh1BCBgjGldGFxpDER8qLkU2QScGGkhhaGEjC1ALECQMAhA6AAABACL//gIEAeYAGwAAEyY0PgEWFxM+Azc2MzIWFBUOAgcGIiYnJiQCChMXB6gIIy0xFTAJFRM4Xx8MFSg0IToBgwUNFhABDv7IDEFSWSVVHxADes49Eh8/NWAAAAEALv/rAxABxwA1AAABDgEHBiMiJyYnJjU0NhcWFxYfARYXNj8BNjc2FxYXMj4BNzYzMhYUFQ4DBwYHBicuAScmAZcWHQ4WHA8TLlRSFg4iDgcKGSopFhQfKCAZfTUNCRkTDiErDgsMGh0dDiEWESYRJhUzARRJfCk7DjGopCkSCQQKFQoZPmlXIjZWcQIQwVIQeFMkVBMMAyJXW1kkTgYILxY8IFAAAAEAEv/9Ad8B4AAvAAA3PgE3Jy4CLwE3HgEXFhc2NzY3MhYVBgcOAQcWFxYXFAcGBy4DJwYHBgcGJyYaMWQLVBAeGAcHOi0rDRYqDiQ8JBccGjESHgk9VRMICxENEykuMRsXKUsZEyMJHjF+FVwRIhoJCD43OREcKRQ0WSsgDjg+FikYK2cXDAcOGAYJLzg4EhoxWhIEFgUAAQAW/lgCIAHXACAAABMGIyImNz4BNyYnJjU0PwEWFxYXPgI3Njc2MzIXFhQH7hUdDg0GFlMOI0uaASZPfyATFRgPDSI8CQoZCwQC/ocvGRFd7ikjadgVAQEmSa8sHio9JR9TgAQNBQ0GAAEAE//8AfQBsQAuAAAXIjU0PgE3NjcqAQYHBiI1NDYyPgI3NjcWFRQHDgEHFjM3MhYXFhUUByYiBgcGimRYQh5HLQkkRSZnQCcRCRYpI0WTMEY+jRwnHaQmPgcQBBk2WD5VBCwcWjkbQTcFBAsOERwCAwUDBwwGHSVHPn4eAwcHAwkZCgwDBgUGAAEANP92AbMD8gAzAAAADgEUFxQOAhUGFBcWFxYyMwYUHgMyFwcmJy4BJy4BJyYnPgM3JicmNDY3NjMVJgEHFwwKHyYfAgsaMhUJAQYJIS8vKQoEqCsWCgUGJhU5CQUgJSQKAgQGCxMqaikDoDRdknEVGxcYEwUREicgDTtNWUwjDQNIC30/mC4MHBEuKiUpGxkXJjA8YFkmVDYDAAEANP+6AG8D1AAHAAAXIyIHAzMRFGcaEgQDO0QCBBr76gIAAAEAGP8mAakDjgA1AAAXJzYyNjc2NTQnOgE3Njc2NCc0LgI2NC4EJzUyFxYXFhQHHgMXBgcOAQcOAwcGHAQKKzAZRQYBChU1GwkCIScgAQ0fKiomC24/MBEJAQooKiADAj8YLAYFBg4bGznaSAMNEjGgLjsNHyoPEAUTGBYbNlp0WzIbCAQ2Uj50NWcZFyEfIhcyMRMZBy1bVUocPQAAAQAaAeYBsAKOAB4AABMiByImJz4BNzYyHgIyPgI3Mh4BFAYHBiMiJy4BlCA2BhsDDzwhCBQdJCYrGRUZFwYXARASM0AuGxQcAjdRCA0wSg0DFSYiDhomGA8PFiUTMh4SF///ABf/TwB9Ad8QRwAEAAIB2T9Y0eQAAgAV/7oCbQI6AC0AOQAABSMiBycGIiYnJjUmNTQ3Njc1Mwc2MzIVFAcGByYnJgcRPgE3NjIVFAYHBgcVFCcyNwMGBwYUFxQXFgFaGxMCARwyUSNRAVFRcTsBIxRZIgkHCRYNMh88HURPOydMXWQZEgGQKAsBMSVEAkoEEBIqUgYHSkxNIop9BD8YFwYFLQcEDP7aCRkMGhYZIQ4aEFACggMBIThGEx0HQBsUAAH/6gAAAhgCVwA9AAA3IjU0PgI3PgM3NjMyHgEUIicmJyYiDgEPARcyFxYGDwI+AjIXFhceAQcOASYnJiIOAQcGIyIjNjcdMxgcLhEDBxMiHk87SF8tIyMZKzg8MzIOD1MpDAQMEm8bKDwzLxoqVgYGAwgrHxM3SRwXCytJCgsPBfYZDgoEBQM/XD8mChouPCYjGg4SDy8sfAEXCRQGAcAHCwYEBxsCDQcQBgcFDgUIBRBDtwAAAv////sCWAJEADQARQAAJQYjIicOAQcGIiYnJic3JjQ3JzcWFzY3OgEXPgI3MhYVBg8BBgcWFRQHFAcWFxQHBgcuASUUFxYyNjc2NTQnJiMOAQcGAcNVgC0iCC0KDwoVDR8HVyhAUEg0HkVaBy0jCikVBx0hBxAZCAUtASkvKA0WDxcx/o0hGnVaI0sgIzknTyJNbz0JCCQJCwQFCg9LLLpAT0M4IiUJDQ0wGQcjDwwZJQwHMjsHB00/LDAJDhoHCS99PhURExYwZTsmKQYQFzMAAf/2/+4B9QLGAEgAADc2NzUHIgYnJic3Nj8BASY0Njc2Mx4DFxYXNjc+ARYXDgEHBg8BPgE3Nh4BBg8CNjcyFhQHBg8BBgcGJyYnNjcGIyI1NDZ5XS9vBQ8IEwIUAooB/vUFCAwZDRAZGR4XIWVSMBAZGAUQKBU1GgIXKBIQEQMJCWUDOj4XDAJSSQgDCxoWDAIIAks7GA26DgUrDgEBAw4kAg8tAREHCg0GDwwRFB0ZI3jwKQ0CHQwiTCprSBkDBQMFChMWBg4tBw0YEggCEaIHCBMNBhYPfA8jBA0AAgAcAAgAbgI2AAYADwAANxMzAwYHBgM2NyY2MhYXBxwIQggCGhoDAwQCFBkTBAgQARL/ABIIBwE5dWUWDAQO6gAAAgAKABgB7gK/ADYARQAAATIVFAcGBx4BFRQGBwYHIicmJzY3NjQiByYnJjU0Ny4BNTQ3Njc2MhcyFhUmIyIHBgcUFjM3Nhc0IyIGBwYHFDMyNzY3NgF9cUEjMD8xQDBviAkTBAKCXUh3bDQmIWIhJUJkkQ4tHRgIO0qMOhEBGRBJWUQvJlsjTwkoCwxdRUoB9zcsOh8dBicXHUEbPgskBwIWLSMnEwIjHyNDOg80GjMzTAwBBiowG04XHxEKCBRaHCAVMDYaAR4tLwAAAgBCAlUBKQKYAAoAFAAAEyI1NDcyFhQGBwYzIjU0NzIVFAcGWhgyFQ8MCQxzGDMkKgsCVSIMFRIcDQMFIg0UIh8BAQADACb//gJnAmcAEgAlAFAAADcuATQ+Ajc2MzIXFhUUBwYjIicUMzI2NTQ1NCYjKgEjIgcGBwY3NDU0PgIzMh4BFAYHLgEjBgcGFRQeARcWMj4CMhYUDgMHBiImJyZ0JCoYJTUiS1+ARD9fXZpZV8CKi3JjCxEHNTQxIyBDKERJHgcaHRUIAgoQQTM3AQ8NFEQxLi0eCwMcKTAXMCcuFC8sF0VQbl5YIkleVX6VU1C5h46DBARzekhCZ14PBgYqWUkmARE2GAkUHBMuMjcGJiUKEhcdFwcPFBkWEwcPDg8l//8ACgB/AOABcxBGAEQDfBwsIrAAAgBUADsCmQHqABoANAAANz4BNzY3MhcWFA8BHgEXFhcOAQcGIy4CJyY3PgE3NjcWFxYPAR4BFxYXDgEHBiMuAicmVCBWLGwvDQYDBOsPOCJRPQEGBAkCHnBEHUTYIFUtaTENBwYH6w83IlwzAQYECQMecEMeROUZRCJVGhYJEgazCBkRKCgBDggVEycbDiI7GUUjUR0CFRMOswgZES4hAg4IFBMnGg8iAAABAEkAeAJLAWAAEwAAAQYdARQHBiInJjU3BTcWMj8BNjICSwUJDhYJEQP+RwMQPTx/UncBVTcXISNKAQIFKmgHQQEFCwYAAwAm//4CZwJnABIASwBbAAA3LgE0PgI3NjMyFxYVFAcGIyInFDMyNwYrASImJyYnFRQGIyImNTc0JzYXNjMyFxYVFAcGBxQWFx4CFzY1NDU0JiMqASMiBwYHBiUiBwYUFxYXFjI2Nz4BNCd0JCoYJTUiS1+ARD9fXZpZV8CeRgYHCgk3JF4vFAMRBwIGDRcdSi0lO2BrDQsZWX0KAiZyYwsRBzU0MSMgARVuEwUBAwkCCiMaPTIYLBdFUG5eWCJJXlV+lVNQuYdfASIWPBBuCAEpIHEvNBkjGgoOGR4fIwcDBgwsQwcEQGAEBHN6SEJnXsIYBxQIEwkBCAkUHhEEAAEAHgIWASsCYwANAAATIjU0PgI3MhcWFAYHUDIXOVcwKgsBCRICFhkOCggPBRcECQ8GAAACABkBDgDFAbUADQAbAAASJjQ3NjMyFxYXFAYjIjcmIyIHHAEXHgEyNzY0KxIMFSc0Hw4DKSoeQhcaHwYMEhQRCg8BLB42FCEqEhczIWQYHgMTFA8CCAohAAABABL/+wIFAfUAMgAAFyI1ND4CNy4BJyYnIgcGByImNTc1NDMyHgQVNxQOAgcGFBYXFhc2NzIXFhQGB3ozFx5KLAIEBAkNGyVLHAwNwCMRCgYGBQW7BCJNSQMDBQwBUUYpCwMJEgUaDQoFDAgVNBo7JwsWAR0PKKYTDR4mKiYHFRcWDAoNDhcfGUQfDgoXBAkQBgD//wAJAK8BZQHeEEcAFQAAAKon+iGj//8ACwCqATAB7hBHABYABgCsJkMkxQABABkB8gCPAnAACgAAEzYzMhYOAQcGBydeDhAKCgIICRE0HwJdExMSEAsTKxwAAQAh/5IBygG+ADkAADc0MzIXBgcGFBYXFhcWMjY3NjU0JjQ3NjcWFxYUBwYHBiInJjU0BwYjIicmJwYVFxQHBiInNjQmJyYhKw8WAQQHAQgZQS9YMAcIDwEDGxcNCAEBGgMOEAMCLD88OTMQAQQYBhQMAQICBuLcFCYfPzgnJygbFCUcLhwwaxsIFgYXWjtnG5MHAQkCEyUCIxoXGwsKWD8NBAQFFy4ujAABABL//wFtAeIAHAAAASciAhUHIgYnJjc2NzY3JicmNDc2MhcDJyI1EzQBOQsGBAEGFAkWAgIBAgFdNU5GMY5WDygCBgGoAv6XHyABAwcdGi9gCxIgMW4fFhv+OAMgAWYgAAEADwDIAGYBGQAMAAA3PgEyHgEXFAYiJicmDwUYDhIYAhQaEAgR8BgRAxcQGA8FBQwAAQAr/xcA9QAcACUAADc0MzIWBxQWMzYyFxYVFAcGIyInIjQ+AScWMj4BNzYnJiIHIjUmLwwMEgQCEhYzGygvKTUbHwMBAQILIDQwDBo4DCogIgEIFBsDGyoCChAlKCAdCgoODQIBCRMLGAgCA2wJ//8AGgCSAFsBtRBHABQABQCOMbQhTf//ABcAkwEAAYIQRwBSAAAAlB0uIegAAgAyADACjgHZABQAJwAANyYnNDU0Nz4BNyU3HgMXDgMXJjc+ATc2NyU3HgMXDgN2LQVHaUAG/vgyMVNNTCkaT1dVxFhBIV8ZOwj+9zIxU05LKhpPV1UwERMEAx8qPTEXYzEjHBEXHx8/QkQHIjMaNhEmHWMxIxwRFx8fP0JEAP//AA3/+AIYAqkQZwAUACsAlS1bHhIQJgAS+PgQRgAXehcm3yRF//8AFwAAAh8CsRBnABQABQCNMRYePxAmABICABBHABUAtwAJKFUl4v//AAn/7ALLAp0QZwAWAAIAkC0NJ28QJwASALX/7BBHABcBCwAYKigpHP///+IADQF9AtoQRwAiAYUC1co7vv3//wAV/+wCeQNjEiYAJPv7EAcAQwDOAPv//wAa//ECfgNvEiYAJAAAEAcAdAC1AP///wAa//ECfgNVEiYAJAAAEAcBOgCMAKb//wAa//ECfgN1EiYAJAAAEAcBQABqAOf//wAa//ECfgMvEiYAJAAAEAcAaQCMAJf//wAa//ECfgNDEiYAJAAAEAcBPgCsAPgAAgAeAAADdAKoADwARwAAASciBwYWFxYVMjc2MxUFFzI3NjMWFAcGBw4BBzUmLwEHDgEHBgcGLgE0PgI3Njc2NzYzMhceATMyFxUGBTc0JwYHMjc2NyYC24tFLhMEAQNIPXhA/ssFc0eBVgQHEyFv3GEgAhmwBA0JFhsGJA8UJC0XNhsVGB0XLhcgaDiRKhb+ZAQIfRgsHDUfAwIvAwpYMhAyKggQNiakBgsCDgkZBwwOCAMFAvIaDzUdRyIIDQoaTWdzNn8qLhccKggCEDIDzH84MLdlBgwBDv//ABb/HgLAApkSJgAmAAAQBwB4AN0AB///AB4AAAJKAxwSJgAoAAAQBwBDAIwAtP//AB4AAAJKAycSJgAoAAAQBwB0ALsAt///AB4AAAJKA1USJgAoAAAQBwE6AH0Apv//AB4AAAJKAuQSJgAoAAAQBgBpZEz//wAI//8AcAL5EiYALAAAEAcAQ//ZAJH//wAM//8AggLaEiYALAAAEAYAdPNq////x///AOEDExImACwAABAGATq1ZP///9H//wC4ArcSJgAsAAAQBgBpjx8AAgAKAAcCogKAAB4AMwAANyI1ND4CNxEzMhYXNjMyFxYVFhQOAwcGIyInNRMRNjcyFxYGDwEVMjc2NzY1JicmIjwyFxMNCA0YGwJKeuBTHwEhQ1xmNHpXGxNUISMqCwQMEl9GabZEGAtZQ9DCGQ4KAwECAYUPCRpuKkEILE5QRzwWNQe0AWL+4gYDFwkTBguEM1p3KipaKiAA//8AGf/4AmADihImADEAABAHAUAAYAD8//8AFgAOAo4DBhImADIAABAHAEMA6wCe//8AFgAOAo4DBRImADIAABAHAHQBCQCV//8AFgAOAo4DGRImADIAABAHAToAugBq//8AFgAOAo4DHxImADIAABAHAUAAkgCR//8AFgAOAo4CyRImADIAABAHAGkAogAxAAEATABJAZoBqQApAAA3BgciJic+ATcuAjU3HgEXFhc+ATc2NzIWFQ4CBxYXFhcUBgcuAScm+WAXFRgDK0EIIzEmKiEfChEdChgOHxsRExMwFQYuOg4GGQQOHhEr0XMTEgUrUw8mOCkBLigqDRcbDSUULiEXCyk9HRIhSREJChkCByIUNgD//wAW/98CjgKQEiYAMgAAEAYAElrf//8AFP/+AhYC0xImADgAABAHAEMAtABr//8AFP/+AhYC/hImADgAABAHAHQA3wCO//8AFP/+AhYDLhImADgAABAHAToAkAB///8AFP/+AhYCzxImADgAABAGAGl0N///ABz/7gISAxISJgA8AAAQBwB0AOMAogACACEAAQH4As8AHQAuAAA3FCMnJicDJjQ2MhYHFzY3NjMyFxYUDgEHBgcGIic3FDMyNjc2NyYjIgcGBwYcAWodEQoFCwEXHxoDBT9eQjU+HxQmPylUWBwnDQgdIlolWDIOQy8xYScPGRgEBQsCkAQUEhEP+VMxIzEgY01GHTsUBgJQDycbP18/HTlYIy8OAAABAEn/bwKkAqMAMgAAEyIHEyM2NC4BPQE0Nz4BMh4CFRQGBxYXFhUUBwYHBgcnPgI1NCcmIyIHJzY1NCcmI99SCg9ECwcJIBJXSl9yO3d351UuSlN/Pj8Hc5E9MER2O0oE8VU5QQJnEf0ZRsO9xikzHBUMDwcmOB0sWSkNNh0oNjc+KhUKThA4OholFyEJaTJDLxYPAP//ABIABgH1AmgSJgBEAAAQBwBDAKMAAP//ABIABgH1AnASJgBEAAAQBwB0ALAAAP//ABIABgH1Aq8SJgBEAAAQBgE6YAD//wASAAYB9QKOEiYARAAAEAYBQB0A//8AEgAGAfUCmBImAEQAABAGAGlOAP//ABIABgH1AiISJgBEAAAQBwE+AJr/1///ABL/9gOrAcYQJgBEAAAQBwBIAaL/8P//ABb/FwJtAb8SJgBGAAAQBgB4fwD//wAUAAYCCQJoEiYASAAAEAcAQwCzAAD//wAUAAYCCQJwEiYASAAAEAcAdADAAAD//wAUAAYCCQKvEiYASAAAEAYBOnEA//8AFAAGAgkCmBImAEgAABAGAGlfAAACABwABgCLApwACQAUAAA3DgIiJicRMxYDNDMyHwEHJicuAYsDGhAOFwM/DWYPCQ1DEUILBQUlEA4BCQgBv7sBZRwOQSstFAgQAAIAIQAGAJcCkgAIABMAABMWFwYjIiYnETc2MzIWDgEHBgcndQ0JBioLFwMwDhAKCgIICRE0HwHWu/YfCQgBv6kTExIQCxMrHAAAAv+8AAYA1gKvAAgAIAAAExYXBiMiJicRLgE0Njc2NxYXFhcWFAcGJy4CJwYHBgd1DQkGKgsXA2MXFRMqPjMRHCQGBAsZJQ0YHz0WBwYB1rv2HwkIAb8oCiYkFCwdIQ4ZOAwVBhAPGwwaHiokDA4AAAP/2gAGAMECmAAIABMAHQAAExYXBiMiJicRJyI1NDcyFhQGBwYzIjU0NzIVFAcGdQ0JBioLFwNEGDIVDwwJDHMYMyQqCwHWu/YfCQgBv38iDBUSHA0DBSINFCIfAQEAAAIAMwAGAikCbgAmADIAAAEWFRQHBgcGIi4BJyYnJjQ3PgEyHgEXJicHJzcmJzQ2NxYXFhc3FwEUFxYzNjc2NCcmIgHjOkcgMRAkPFUnVBACDidUMjhvPQgwTylEK00dDT4TJyZJKv5pRThfOhoRBGaoAdJzcXdBHQ4FDCYcOzsJHRMoGgIZDElFLUIiRB0SFQMgDRkmNDH+41QqIQQpGjMRKAD//wAi//oB4wLIEiYAUQAAEAYBQCI6//8ANP//AjACaBImAFIAABAHAEMAvgAA//8ANP//AjACcBImAFIAABAHAHQAywAA//8ANP//AjACrxImAFIAABAGATp8AP//ADT//wIwAo4SJgBSAAAQBgFAOAD//wA0//8CMAKYEiYAUgAAEAYAaWoA//8AOgBvAUcBexAmAB1eChAGAVscAP//ADT/2gIwAgYSJgBSAAAQRgASXNo4IjOV//8ADf//AekCaBImAFgAABAHAEMAogAA//8ADf//AekCcBImAFgAABAHAHQArwAA//8ADf//AekCrxImAFgAABAGATpgAP//AA3//wHpApgSJgBYAAAQBgBpTgD//wAW/lgCIAJwEiYAXAAAEAcAdADEAAAAAgAY/3EB/gJPABsAKwAANwcUFxYVFAYiJwM2MhcWFzYzMhcWFRQGBwYHFgEmIgcGBwYVFBUXNjc2NTRyAQQBHx4HGhcXBw4EhGB+KhM8M3WpAQESIkslVCgSBcxXMB0vHR8IBhoZAQLUCQ8agig8GyEtWyZVERIBVw0HEDcaJgQEeS5FJycr//8AFv5YAiACmBImAFwAABAGAGljAP//ABr/8QJ+Ax0SJgAkAAAQBwBvAIgAuv//ABIABgH1AmMSJgBEAAAQBgBvVQD//wAh//EChQNPEiYAJAcAEAcBPACKARH//wASAAYB9QI+EiYARAAAEAcBPACAAAD//wAa/0oCmAK6EiYAJAAAEAcBPwG+AAP//wAS/1ECGAHGEiYARAAAEAcBPwE+AAr//wAW//8CwAM1EiYAJgAAEAcAdADtAMX//wAWAAACbQJwEiYARgAAEAcAdADvAAD//wAW//8CwAOJEiYAJgAAEAcBOgCrANr//wAWAAACbQKvEiYARgAAEAcBOgCgAAD//wAW//8CwAMaEiYAJgAAEAcBPQEIAPL//wAWAAACbQIoEiYARgAAEAcBPQD2AAD//wAW//8CwANBEiYAJgAAEAcBOwCzAQP//wAWAAACbQJTEiYARgAAEAcBOwCRABX//wAmAAYCfwMpEiYAJwAAEAcBOwCSAOv//wAeAAACSgLjEiYAKAAAEAcAbwBuAID//wAUAAYCCQJjEiYASAAAEAYAb2YA//8AHgAAAkoDBhImACgAABAHATwArgDI//8AFAAGAgkCWhImAEgAABAHATwAjgAc//8AHgAAAkoC9BImACgAABAHAT0AwgDM//8AFAAGAgkCThImAEgAABAHAT0AxwAm//8AHv9wAkoCfhImACgAABAHAT8BYAAp//8AFP9KAgkB0xImAEgAABAHAT8AngAD//8AHgAAAkoDIRImACgAABAHATsAkADj//8AFAAGAgkCcRImAEgAABAGATtvM///ABb/wAKuA3QSJgAqAAAQBwE6AMkAxf//ABf+UQH7Aq8SJgBKAAAQBgE6ZAD//wAW/8ACrgMQEiYAKgAAEAcBPADYANL//wAX/lEB+wI+EiYASgAAEAcBPACEAAD//wAW/8ACrgMFEiYAKgAAEAcBPQDnAN3//wAX/lEB+wIoEiYASgAAEAcBPQC6AAD//wAW/wUCrgKMEiYAKgAAEAcBXgCeAAD//wAX/lEB+wJrEiYASgAAEAcBTACmAAD//wAV//oCSgPNEiYAKwAAEAcBOgBvAR7//wAX//0B8QMdEiYASwAAEAYBOnlu//8AFf/6AkoC2xImACsAABBGAG/sr38fR0H////x//0B8QKcEiYASwAAEAYAb9Od////k///AR8DChImACwAABAHAUD/eQB8AAL/hAAGARACsAAIACcAABMWFwYjIiYnESciByImJz4BNzYyHgIyPgI3Mh4BFAYHBiMiJy4BdQ0JBioLFwM4IDYGGwMPPCEIFB0kJisZFRkXBg0BDxEsPi4cFBwB1rv2HwkIAb+DUQgNMEoNAxUmIg4aJhgVDxYkEi8fEhcAAAL/vAAGAMkCYwAIABYAABMWFwYjIiYnESciNTQ+AjcyFxYUBgd1DQkGKgsXA0gyFzlXMCoLAQkSAda79h8JCAG/QBkOCggPBRcECQ8G////3///AKAC0hImACwAABAHATz/wACU////1f9NAIkCRhImACwAABAGAT+vBv////T/VQCoAoESJgBMAAAQBgE/zg7//wAa//8AeQLEEiYALAAAEAcBPQAAAJwAAQA2AAYAiwHWAAgAABMWFwYjIiYnEXUNCQYqCxcDAda79h8JCAG///8ACQAEAgYDjBImAC0AABAHAToAfADdAAL/hP6RANkCrwAiADoAABcUIyIuAScmJzQ2NR4BMzI3NjU0JicmNDcmNzYzBhQeARcWAiY0Njc2NxYXFhcWFAcGJy4CJwYHBgejWAkbNRtBEg4hTCscEg8NBg4CAxkTFwkBCwcRzRcVEyo+MxEcJAYFChklDRgfPRUIBsinAQcJFioFHwEZLCokJFWhUKV5KBgMCT5ITZRKoQJjCiYkFCwdIQ4ZOAwVBhAPGwwaHiokDA4A//8AK/8FAmEC0BImAC4AABAGAV5yAP//AB7/BQJkAtsSJgBOAAAQBgFedgD//wA3AA4CtANYEiYALwAAEAcAdAEHAOj//wAQ//8AhgM8EiYATwAAEAcAdP/3AMz//wA3/wUCtAKuEiYALwAAEAcBXgCeAAD//wAI/wUAkwKqEiYATwAAEAYBXo0A//8ANwAOArQCrhImAC8AABAHAU0BAAAA//8ANwAOArQCrhImAC8AABAHAHcBKAAA//8AFv//AQcCqhAmAE8AABAHAHcAoQAA//8ACQAOArQCrhImAC8AABAGAUrrHP///8H//wDOAqoSJgBPAAAQBgFKowD//wAZ//gCYANlEiYAMQAAEAcAdADwAPX//wAi//oB4wJwEiYAUQAAEAcAdACrAAD//wAZ/wUCYALMEiYAMQAAEAYBXn0A//8AIv8FAeMB8xImAFEAABAGAV47AP//ABn/+AJgA3ESJgAxAAAQBwE7AKkBM///ACL/+gHjAoASJgBRAAAQBgE7aEL//wAi//oB4wMNEiYAUQAAEAcBXv+wA0v//wAWAA4CjgLZEiYAMgAAEAcAbwCoAHb//wA0//8CMAJjEiYAUgAAEAYAb3EA//8AFgAOAo4C9RImADIAABAHATwAzAC3//8ANP//AjACPhImAFIAABAHATwAnAAA//8AFgAOAo4DFRImADIAABAHAUEAvgCD//8ANP//AjACkhImAFIAABAHAUEAkQAAAAIAFv/yBDQCewAwAEAAAAEyFxUGBwYHBhYXFhUyPgEzFQUXMjc2MxQOAScGBTUGBwYiJicmNTQ+AjMyFzcWMwQGFBYXFjI3Nj8BJicmIgYDV1UkHGS5PxECAQQ9tmAy/oIFdV+vVxoTCn7+iS1NHWdyKlgxVXFBdEkBG1L+FicdHTzmMA4HARtXH1RUAm4NMgQBAg5OPBAnNBcLNjCkCRIUIgoHDh9YORMIJydTlEV6WzZtYwilW2lgIkheHB7EdSMMLAADABj/6gOWAd4AMQBEAEsAADc0NzY3MjMyFhc2NzY6ARcWFxYUBw4CBwYHBhQXFjMyNzY3MhYVBgcGIyImJwYjIiYkPgE3NTQnJiMOAQcGBxQXFjI2ASYjIgcGFRhmUXIGBzJCDjxtISYVIEwlDwIhVVkqXR4NAhlnOTtITQoPJGJMTEdgGDylX2EBaB0DAhwPHidPI0wXIRlzRQG6FzUmHDmpdkg5DC4pYh4JCBEtEx4JGBEHAwcuEysNWxQaIw8LPiUdLyRwWBA2NgxBPxwPBxAWMoU+FREJAUgkCxYj//8ALv/0AqsDLhImADUAABAHAHQA0AC+//8AG//1AiICcBImAFUAABAHAHQAxgAA//8ALv8FAqsChxImADUAABAHAV4AqQAA//8AG/8FAiIB4hImAFUAABAGAV5WAP//AC7/9AKrAykSJgA1AAAQBwE7AI0A6///ABv/9QIiAnkSJgBVAAAQBwE7AIIAO///AA///wJwAtsSJgA2AAAQBwB0APUAa///ABb/4wHfAnASJgBWAAAQBwB0AK0AAP//AA///wJwAz0SJgA2AAAQBwE6AJoAjv//ABb/4wHfAq8SJgBWAAAQBgE6XQD//wAP/xcCcAJgEiYANgAAEAcAeADGAAD//wAW/xoB3wHKEiYAVgAAEAcAeAC2AAP//wAP//8CcALZEiYANgAAEAcBOwCWAJv//wAW/+MB3wJTEiYAVgAAEAYBO2YV//8AAP8eAn4CRBImADcAABAGAV4aGf//ABD/BQGTAqgSJgBXAAAQBgFeCgD//wAAAAACfgLnEiYANwAAEAcBOwCKAKn//wAAAAACfgJEEiYANwAAEAcAbwBp/zb////1//EBkwKoEiYAVwAAEEcAb//I/ehhO03a//8AFP/+AhYDIxImADgAABAHAUAAQgCV//8ADf//AekCjhImAFgAABAGAUAcAP//ABT//gIWArkSJgA4AAAQBgBvd1b//wAN//8B6QJjEiYAWAAAEAYAb1UA//8AFP/+AhYCvhImADgAABAHATwAlwCA//8ADf//AekCPhImAFgAABAHATwAgAAA//8AFP/+AhYC/hImADgAABAHAT4ApgCz//8ADf//AekCSxImAFgAABAHAT4AjgAA//8AFP/+AhYDERImADgAABAHAUEAqQB///8ADf//AekCkhImAFgAABAGAUF1AP//ABT/YAIkAmMSJgA4AAAQBwE/AUoAGf//AA3/YwINAbkSJgBYAAAQBwE/ATMAHP//AA4AAAOzA3ASJgA6AAAQBwE6AT4Awf//AC7/6wMQAq8SJgBaAAAQBwE6APoAAP//ABz/7gISA1USJgA8AAAQBwE6AG4Apv//ABb+WAIgAq8SJgBcAAAQBgE6dQD//wAc/+4CEgK+EiYAPAAAEAYAaVgm//8AHP/9AwIDCxImAD0AABAHAHQBIgCb//8AE//8AfQCcBImAF0AABAHAHQAqQAA//8AHP/9AwIC2xImAD0AABAHAT0A9QCz//8AE//8AfQCKBImAF0AABAHAT0AsAAA//8AHP/9AwIDFBImAD0AABAHATsAuQDW//8AE//8AfQCPhImAF0AABAGATtiAAABAA7+XgJgAz4AKwAAATIUFwUTBz8BNCYnJicHIicmNTcmND4BMh4CFRQHJicmIyIHBhQWFzI3NgJZBQL+qRXcApAOAwcGgg0JEJgUJEVOUUo0BSg5RDw5EwkIFD5NlAFONgoq/Y8VVQNZ9jd4JDIPGhU2rNd4KSI0QR8YCjgsNFEqmX9ACxf//wAd//oDcwLXEiYAhv/6EEcAdAE/AOk2HjKf//8AEv/2A6sCcBAmAEQAABAnAEgBov/wEAcAdAGEAAD//wAWAAACjgMLEiYAMgAAECYAEl0AEAcAdADuAJv//wA0/9ICMAJwEiYAUgAAEGYAEl7SNrIzXBAHAHQAywAA//8AD/8FAnACYBImADYAABAHAV4AqQAA//8AFv8FAd8ByhImAFYAABAGAV49AAABABIB/gEsAq8AFwAAEiY0Njc2NxYXFhcWFAcGJy4CJwYHBgcpFxUTKj4zERwkBgQLGSUNGB89FgcGAf4KJiQULB0hDhk4DBUGEA8bDBoeKiQMDgABAB8BxwEOAj4AFgAAEiY0NjMeARc+Azc2FxYUBwYHBgcmMRIUDwshJRsUCw0TFQgEBR0SFykzAgYYGgYTHhQUEQgHCwoKBQ0JJQwQFRMAAAEAHwHaAOACPgASAAASNDYzHgEyPgE3NjIWFAcOASMiHxQPBCATGCUICg8JBhw2DywCDSsGIBQDGRAFCg0JKxYAAAEAIgHXAHkCKAAMAAATPgEyHgEXFAYiJicmIgUYDhIYAhQaEAcSAf8YEQMXEBgPBQYMAAACAB8BpQDLAksADQAbAAASJjQ3NjMyFxYXFAYjIjcmIyIHHAEXFjMyNzwBMRIMFCgaFy8EKigfQhYbHwYMFREjBwHDHjUUIQwZLjIhZBceAxMTER4FEAAAAQAm/0cA2gAiABUAABcGIyInJjU0NjcXIiMiBwYVFBcWMjfPGRAuGzchJEcCAyAUHhUbNRqtDBgtPB4xCxkNFB8gEhcLAAEAGgHmAaYCjgAeAAATIgciJic+ATc2Mh4CMj4CNzIeARQGBwYjIicuAZQgNgYbAw88IQgUHSQmKxkVGRcGDQEPESw+LhwUHAI3UQgNMEoNAxUmIg4aJhgVDxYkEi8fEhcAAgAsAf4A8gKSAAoAEwAAEzYzMhYXFAcGByc3FAcGByc3NjJhDBEIDAIKECklxgoNLSQ0DCMCeRkOCRIRGzUWUhERFjoWWhn//wAOAAADswNIEiYAOgAAEAcAQwGVAOD//wAu/+sDEAJoEiYAWgAAEAcAQwE9AAD//wAOAAADswNXEiYAOgAAEAcAdAGQAOf//wAu/+sDEAJwEiYAWgAAEAcAdAFKAAD//wAOAAADswNjEiYAOgAAEAcAaQElAMv//wAu/+sDEAKYEiYAWgAAEAcAaQDoAAD//wAc/+4CEgMwEiYAPAAAEAcAQwDFAMj//wAW/lgCIAJoEiYAXAAAEAcAQwC3AAAAAQAeANgBKwEmAA4AADciNTQ+AjcyFxYVFAYHUDIXOVcwFA4UCRLYGg0KCBAFBwoOBRAGAAEAHgDYAYIBJQAQAAA3IjU0PgQ3MhcWFRQGB1AyFyJITUkXFA4UCRLYGg0KBQcHBgMHCg4FEAYAAQAbAbYAgAJrAAkAABMyFRQHBg8BNzZoGCIKCTA4DAJrIylDFA4EsAUAAQAbAbYAgAJrAAkAABMyFRQHBg8BNzZoGCIKCTA4DAJrIylDFA4EsAUAAQAjAAoAiAC/AAkAADcyFRQHBg8BNzZwGCIKCTA4DL8jKUMUDgSwBQAAAgA2AeoA1wL7AAsAFwAAEzcnNDcXFRcOASMiJzcnNDcXFRcOASMikgEBJBEQAxkFJFwBASQQEQQYBSQCUhwpUxEQxyIDDVcdKlMREMciBA0AAAIANgHqANcC+wALABcAABM3JzQ3FxUXDgEjIic3JzQ3FxUXDgEjIpIBASQREAMZBSRcAQEkEBEEGAUkAlIcKVMREMciAw1XHSpTERDHIgQNAAACAFUAHwD+AS0ACwAXAAA/ASc0NxcVFw4BIyInNyc0NxcVFw4BIyK5AQEkERADGQUkZAEBJBEQAxkFJH8cKFIUEcciBAxkHCpRExHHIQUMAAEAF//9AYIDWAAcAAAzFCsBIgcDByInJjU0Nz4BNwMzEzY3MhcWFAYPAeUZJAwCBDsqEwcvFScUClAJCEs5DgMNGHgCAQIHBg4FCxQGAgUCARn+8gEHGAQKEQcKAAABABf//QGEA1gALQAAMxQrASIHAwcuATY3Njc1ByInJjU0Nz4BNwMzEzY3MhcWBg8BFT4BNzYWFRQPAeUZJAwCA0ggFQMVBGA7KhMHLxUnFApQCQhLOQ4GEBh4IUEaEBMSjQIBAZkJBA0TEQQJNQYOBQsUBgIFAgEZ/vIBBxgKFQcKMgQHBQULChcNEwAAAQAhAMIApQFBAAwAABM+ATMyFhcUBiImJyYhCCULISgDHigZCxoBASUbKBolGAgIFQADABb//wGNAEIACgAVAB4AADc0NjcyFhQGBwYiNzQ2NzIWFAYHBiIzIjU0PwEyFRQWJA4VDwwJDzKQJA4VDwwJDzKoGBkaJCIIEQcRHA4DBSMIEQcRHA4DBSMIDAwhIgABAFQAOwGvAdMAGgAANz4BNzY3MhcWFA8BHgEXFhcOAQcGIy4CJyZUIFYsbC8NBgME6w84IlE9AQYECQIecEQdROUZRCJVGhYJEgazCBkRKCgBDggVEycbDiIAAAEAMgAwAaoBvQAUAAA3Jic0NTQ3PgE3JTceAxcOA3YtBUdpQAb++DIxU01MKRpPV1UwERMEAx8qPTEXYzEjHBEXHx8/QkQAAAEAFQAAAcUCtQASAAAzIj0BNBM2NzYzNjIUDgMHBicSx3NOFAUGCSU6Rk8mTyAKJAE1sWQZBBhRanh9OXcAAQAd//4DCQKZAE8AADciNTQ2MzY3NTQ3ByIGJyYnNz4BNzY3NjMyFxYVJiIOAQc+ATc2HgEGDwEGFBcVPgE3NjcyFRQHIgcGBx4BMzY3NjcyFhUOASMiLgEnJicGOxgNBCkSBCUFDwgTAhQCLCElY2aBRRYZRYVuTw8mTSAQEQMJCbACAhYqFzI7IgJQWBgYF3VMiiVCRw4dULRlDztUJEoaHq8jAw0HAw4eHgQBAQMOJAIFBIBSVRMXRCc4Yz0FCQUFChMWBhgOHA0UAwQDBwwiCAgWBgVBPgwJEC0HE0c0ARkYMVEDAAEAAP+8BMoCZQBUAAABJyIHBgcGFBcHEyciJjQ2MxYXFjI3PgEyHgQXEzYzMhcWFx4BFAYiLgQvASYnNC4BBgcGBwYnJicDBiMGBwYHBhUXFA4BIi4BPgUB+F8pMAIGFQJeH9UICRIMPDzBfS4GHkY4LiYiHhDIGBM7HQkMFQ0SICAHBwkLBQkEAgIOHBo1bQ4YHBKvDAUQEgQCBAQCFyEaEgUKCwwMCgHrAgcnPtyDGwcB7gwaFhoDBQ4EGxgxTV5ZSRIBXBa4O2q/OhsaGSU8TFMlRB4OFSEIGyhR1RkOED4BcwM61zAfGBdHCCIZARIrUFxjXE8AAQAeANgBKwEmAA4AADciNTQ+AjcyFxYVFAYHUDIXOVcwFA4UCRLYGg0KCBAFBwoOBRAG//8ADv/pApUDPhAmAEkAABAHAEwCCv/j//8ADgAGAp4DPhAmAEkAABAHAE8CHgAOAAEAe/8FAQb/wgAPAAAXPgEyFxYVFAcOAQcGIyInwgYPEgcWNwoJBxcXBgZPDQQCBhEQVRAPBxkCAAABAAABXwBcAAUAbAAFAAIAAAABAAEAAABAAAAAAwABAAAAAAAAAAAAAAAkAE0AvQEhAYwCBQIaAkICbgK+Av4DHgM4A1IDbgOlA8IECARLBIQE3AUrBWAFxwYSBjgGWQaHBrkG3QcaB5cH7whKCIUIvQj2CUoJoQnmCf8KMQp6CpcK8wswC10LoQwFDGYMtQzmDS8NWw20DeoOHQ5RDn8Ong7fDwkPIg85D4UPzRAUEGQQrRDpET4RehGdEeISKBJHEp4S2xMTE1cTlBPSFBAUPhSEFLIVBhVSFYcVzBYaFiwWexasFrcXDRdoF9EYQBhhGMcY6RlZGWMZuBnbGlsadRqiGuwa9xsCGxkbbhufG7gb8Bv7HAYcRhxZHG0cghyNHJkcpRyxHL0cyRzVHUIdTh1aHWYdch19HYkdlB2fHaod9x4DHg8eGx4nHjMePx6CHo0emR6lHrEevB7IHxAfWx9nH3Mffh+JH5QfoB+sH7cfwx/PH9of5SAKIC8gZyCXIOkg9CEAIQwhFyEiIS0hOCFFIVEhXSFoIXMhfyHDIc4h2iHlIfEh/SIJIhUiISItIjkiRSJRIl0iaSJ1IoEijSKYIqQisCK8Isgi1CLgIuwi9yMDIw4jGiMmIzIjPiNKI1YjYiNtI3ojhSORI9Aj9yQDJA4kGSQlJDkkRSSfJKoktSTBJM0k2STkJPAk/CUIJRMlHiUqJTYlQSVMJVglYyVvJXslhiWSJZ4lqiW2JhgmiCaUJqAmrCa3JsMmzybbJucm8yb+JwonFiciJy0nOCdDJ08nWydpJ3UngCeLJ5YnoieuJ7onxifSJ90n6Sf1KAEoDSgZKCQoLyg7KEcoUyhfKGsodii6KMgo2CjnKPgpBCkPKTkpYSmCKZwpyCnrKhwqQCpMKlgqZCpwKnwqiCqUKqAquirWKusrACsVKz4rZyuPK74sBSweLE4sfCygLL8tMy2vLckt1S3hLf4AAQAAAAEAxeCvFTNfDzz1AAsEAAAAAADKM4upAAAAANUxCX7/hP5RBMoD8gAAAAgAAgAAAAAAAAK0AAAAAAAAArQAAAGaAAAAigAWAPIANgKNADgCOgAJAhMAHwKuAAUApgAbATEADwFoABoCCAAnAhkACgC2/+oBPgAeAJAAFwHSABUChgAmAIMAHAJKABACCQAKArkASQLVABsCggAWAnYACgKYABYCRwAeAKsAHwB//+oB5wBUAfgAQAHjADICBgAKBCwAGwKQABoC2AAeAtUAFgKYACYCXgAeAsUAJgLFABYCbAAVAJsAGgIeAAkCbAArAsUANwNPABwCggAZAq4AFgKNACYC2gAbAtoALgKSAA8CfgAAAj8AFAKCAAsDwwAOAmYAGwIjABwDIwAcAbMAHwICAAACKgAAAToAEgK/ACAAsAAvAgkAEgI/AB4CiAAWAg0ACQIqABQCYAAOAhAAFwH7ABcAmwAYALb/jgJ1AB4AoQAWAx0AGgIAACICQAA0AjoAPgIOACQCNQAbAgIAFgGeABACCAANAhMAIgM8AC4B4gASAjIAFgH7ABMBaQA0AJUANAHqABgBxwAaAIoAFwKIABUCKP/qAkD//wIj//YAgwAcAgIACgF8AEIChgAmAP8ACgLOAFQCZgBJAoYAJgE+AB4A4QAZAhkAEgGAAAkBUAALALAAGQH2ACEBhAASAJAADwERACsAcwAaARYAFwKeADICewANApgAFwNzAAkB8P/jApAAFQKQABoCkAAaApAAGgKQABoCkAAaA4IAHgLVABYCXgAeAl4AHgJeAB4CXgAeAJsACACbAAwAm//HAJv/0QK6AAoCggAZAq4AFgKuABYCrgAWAq4AFgKuABYB4gBMAq4AFgI/ABQCPwAUAj8AFAI/ABQCIwAcAgYAIQLYAEkCCQASAgkAEgIJABICCQASAgkAEgIJABIDsgASAogAFgIqABQCKgAUAioAFAIqABQAmwAcAJsAIQCb/7wAm//aAlIAMwIAACICQAA0AkAANAJAADQCQAA0AkAANAFgADoCQAA0AggADQIIAA0CCAANAggADQIyABYCEwAYAjIAFgKQABoCCQASApAAIQIJABICkAAaAgkAEgLVABYCiAAWAtUAFgKIABYC1QAWAogAFgLVABYCiAAWApgAJgJeAB4CKgAUAl4AHgIqABQCXgAeAioAFAJeAB4CKgAUAl4AHgIqABQCxQAWAhAAFwLFABYCEAAXAsUAFgIQABcCxQAWAhAAFwJsABUB+wAXAmwAFQH7//EAm/+TAJv/hACb/7wAm//fAJv/1QCb//QAmwAaAJsANgIeAAkArP+EAmwAKwJ1AB4CxQA3AKEAEALFADcAoQAIAsUANwLFADcBMQAWAsUACQCh/8ECggAZAgAAIgKCABkCAAAiAoIAGQIAACICAAAiAq4AFgJAADQCrgAWAkAANAKuABYCQAA0BDwAFgOnABgC2gAuAjUAGwLaAC4CNQAbAtoALgI1ABsCkgAPAgIAFgKSAA8CAgAWApIADwICABYCkgAPAgIAFgJ+AAABngAQAn4AAAJ+AAABnv/2Aj8AFAIIAA0CPwAUAggADQI/ABQCCAANAj8AFAIIAA0CPwAUAggADQI/ABQCCAANA8MADgM8AC4CIwAcAjIAFgIjABwDIwAcAfsAEwMjABwB+wATAyMAHAH7ABMCYAAOA4IAHQOyABICrgAWAkAANAKSAA8CAgAWAToAEgE6AB8A/AAfAJAAIgDhAB8A/AAmAccAGgEXACwDwwAOAzwALgPDAA4DPAAuA8MADgM8AC4CIwAcAjIAFgE+AB4BpQAeAKYAGwCmABsApgAjAPIANgDyADYBHwBVAZoAFwGaABcAxQAhAbEAFgHnAFQB4wAyAdIAFQMuAB0E1wAAAT4AHgK9AA4CzgAOAZoAewABAAAD8v5jAAAE1/+E/3wEygABAAAAAAAAAAAAAAAAAAABXwADAhgBkAAFAAACzQKaAAAAjwLNApoAAAHoADMBAAAAAAAAAAAAAAAAAKAAAC9AAABKAAAAAAAAAABweXJzAEAAIPsCA/L+YwAAA/IBnQAAABEAAAAAAbcCowAAACAAAQAAAAIAAAADAAAAFAADAAEAAAAUAAQBCAAAAD4AIAAEAB4AfgCgAKwBDgEpASwBMQE3AT0BSQFkAX4BkgH/AhkCxwLdHoUe8yAUIBogHiAiICYgOiBEIKwhIiIS+wL//wAAACAAoAChAK4BEgErAS4BNAE5AT8BTAFmAZIB/AIYAsYC2B6AHvIgEyAYIBwgICAmIDkgRCCsISIiEvsB////4/9j/8H/wP+9/7z/u/+5/7j/t/+1/7T/of84/yD+dP5k4sLiVuE34TThM+Ey4S/hHeEU4K3gON9JBlsAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAH/hbAEjQAAAAAMAJYAAwABBAkAAAB0AAAAAwABBAkAAQAmAHQAAwABBAkAAgAOAJoAAwABBAkAAwBKAKgAAwABBAkABAA2APIAAwABBAkABQAkASgAAwABBAkABgA0AUwAAwABBAkACAAgAYAAAwABBAkACQAgAYAAAwABBAkADAA0AaAAAwABBAkADSJwAdQAAwABBAkADgA2JEQAQwBvAHAAeQByAGkAZwBoAHQAIAAoAGMAKQAgADIAMAAxADAALAAgAEsAaQBtAGIAZQByAGwAeQAgAEcAZQBzAHcAZQBpAG4AIAAoAGsAaQBtAGIAZQByAGwAeQBnAGUAcwB3AGUAaQBuAC4AYwBvAG0AKQBBAHIAYwBoAGkAdABlAGMAdABzACAARABhAHUAZwBoAHQAZQByAFIAZQBnAHUAbABhAHIAMQAuADAAMAAzADsAVQBLAFcATgA7AEEAcgBjAGgAaQB0AGUAYwB0AHMARABhAHUAZwBoAHQAZQByAC0AUgBlAGcAdQBsAGEAcgBBAHIAYwBoAGkAdABlAGMAdABzACAARABhAHUAZwBoAHQAZQByACAAUgBlAGcAdQBsAGEAcgBWAGUAcgBzAGkAbwBuACAAMQAuADAAMAAzACAAMgAwADEAMABBAHIAYwBoAGkAdABlAGMAdABzAEQAYQB1AGcAaAB0AGUAcgAtAFIAZQBnAHUAbABhAHIASwBpAG0AYgBlAHIAbAB5ACAARwBlAHMAdwBlAGkAbgBoAHQAdABwADoALwAvAGsAaQBtAGIAZQByAGwAeQBnAGUAcwB3AGUAaQBuAC4AYwBvAG0AQwBvAHAAeQByAGkAZwBoAHQAIAAoAGMAKQAgADIAMAAxADAALAAgAEsAaQBtAGIAZQByAGwAeQAgAEcAZQBzAHcAZQBpAG4AIAAoAGsAaQBtAGIAZQByAGwAeQBnAGUAcwB3AGUAaQBuAC4AYwBvAG0AKQANAAoADQAKAFQAaABpAHMAIABGAG8AbgB0ACAAUwBvAGYAdAB3AGEAcgBlACAAaQBzACAAbABpAGMAZQBuAHMAZQBkACAAdQBuAGQAZQByACAAdABoAGUAIABTAEkATAAgAE8AcABlAG4AIABGAG8AbgB0ACAATABpAGMAZQBuAHMAZQAsACAAVgBlAHIAcwBpAG8AbgAgADEALgAxAC4AIAAgAFQAaABpAHMAIABsAGkAYwBlAG4AcwBlACAAaQBzACAAYwBvAHAAaQBlAGQAIABiAGUAbABvAHcALAAgAGEAbgBkACAAaQBzACAAYQBsAHMAbwAgAGEAdgBhAGkAbABhAGIAbABlACAAdwBpAHQAaAAgAGEAIABGAEEAUQAgAGEAdAA6ACAAIABoAHQAdABwADoALwAvAHMAYwByAGkAcAB0AHMALgBzAGkAbAAuAG8AcgBnAC8ATwBGAEwADQAKAA0ACgANAAoALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAA0ACgBTAEkATAAgAE8AUABFAE4AIABGAE8ATgBUACAATABJAEMARQBOAFMARQAgAFYAZQByAHMAaQBvAG4AIAAxAC4AMQAgAC0AIAAyADYAIABGAGUAYgByAHUAYQByAHkAIAAyADAAMAA3AA0ACgAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ALQAtAC0ADQAKAA0ACgBQAFIARQBBAE0AQgBMAEUADQAKAFQAaABlACAAZwBvAGEAbABzACAAbwBmACAAdABoAGUAIABPAHAAZQBuACAARgBvAG4AdAAgAEwAaQBjAGUAbgBzAGUAIAAoAE8ARgBMACkAIABhAHIAZQAgAHQAbwAgAHMAdABpAG0AdQBsAGEAdABlACAAdwBvAHIAbABkAHcAaQBkAGUAIABkAGUAdgBlAGwAbwBwAG0AZQBuAHQAIABvAGYAIABjAG8AbABsAGEAYgBvAHIAYQB0AGkAdgBlACAAZgBvAG4AdAAgAHAAcgBvAGoAZQBjAHQAcwAsACAAdABvACAAcwB1AHAAcABvAHIAdAAgAHQAaABlACAAZgBvAG4AdAAgAGMAcgBlAGEAdABpAG8AbgAgAGUAZgBmAG8AcgB0AHMAIABvAGYAIABhAGMAYQBkAGUAbQBpAGMAIABhAG4AZAAgAGwAaQBuAGcAdQBpAHMAdABpAGMAIABjAG8AbQBtAHUAbgBpAHQAaQBlAHMALAAgAGEAbgBkACAAdABvACAAcAByAG8AdgBpAGQAZQAgAGEAIABmAHIAZQBlACAAYQBuAGQAIABvAHAAZQBuACAAZgByAGEAbQBlAHcAbwByAGsAIABpAG4AIAB3AGgAaQBjAGgAIABmAG8AbgB0AHMAIABtAGEAeQAgAGIAZQAgAHMAaABhAHIAZQBkACAAYQBuAGQAIABpAG0AcAByAG8AdgBlAGQAIABpAG4AIABwAGEAcgB0AG4AZQByAHMAaABpAHAADQAKAHcAaQB0AGgAIABvAHQAaABlAHIAcwAuAA0ACgANAAoAVABoAGUAIABPAEYATAAgAGEAbABsAG8AdwBzACAAdABoAGUAIABsAGkAYwBlAG4AcwBlAGQAIABmAG8AbgB0AHMAIAB0AG8AIABiAGUAIAB1AHMAZQBkACwAIABzAHQAdQBkAGkAZQBkACwAIABtAG8AZABpAGYAaQBlAGQAIABhAG4AZAAgAHIAZQBkAGkAcwB0AHIAaQBiAHUAdABlAGQAIABmAHIAZQBlAGwAeQAgAGEAcwAgAGwAbwBuAGcAIABhAHMAIAB0AGgAZQB5ACAAYQByAGUAIABuAG8AdAAgAHMAbwBsAGQAIABiAHkAIAB0AGgAZQBtAHMAZQBsAHYAZQBzAC4AIABUAGgAZQAgAGYAbwBuAHQAcwAsACAAaQBuAGMAbAB1AGQAaQBuAGcAIABhAG4AeQAgAGQAZQByAGkAdgBhAHQAaQB2AGUAIAB3AG8AcgBrAHMALAAgAGMAYQBuACAAYgBlACAAYgB1AG4AZABsAGUAZAAsACAAZQBtAGIAZQBkAGQAZQBkACwAIAByAGUAZABpAHMAdAByAGkAYgB1AHQAZQBkACAAYQBuAGQALwBvAHIAIABzAG8AbABkACAAdwBpAHQAaAAgAGEAbgB5ACAAcwBvAGYAdAB3AGEAcgBlACAAcAByAG8AdgBpAGQAZQBkACAAdABoAGEAdAAgAGEAbgB5ACAAcgBlAHMAZQByAHYAZQBkACAAbgBhAG0AZQBzACAAYQByAGUAIABuAG8AdAAgAHUAcwBlAGQAIABiAHkAIABkAGUAcgBpAHYAYQB0AGkAdgBlACAAdwBvAHIAawBzAC4AIABUAGgAZQAgAGYAbwBuAHQAcwAgAGEAbgBkACAAZABlAHIAaQB2AGEAdABpAHYAZQBzACwAIABoAG8AdwBlAHYAZQByACwAIABjAGEAbgBuAG8AdAAgAGIAZQAgAHIAZQBsAGUAYQBzAGUAZAAgAHUAbgBkAGUAcgAgAGEAbgB5ACAAbwB0AGgAZQByACAAdAB5AHAAZQAgAG8AZgAgAGwAaQBjAGUAbgBzAGUALgAgAFQAaABlACAAcgBlAHEAdQBpAHIAZQBtAGUAbgB0ACAAZgBvAHIAIABmAG8AbgB0AHMAIAB0AG8AIAByAGUAbQBhAGkAbgAgAHUAbgBkAGUAcgAgAHQAaABpAHMAIABsAGkAYwBlAG4AcwBlACAAZABvAGUAcwAgAG4AbwB0ACAAYQBwAHAAbAB5ACAAdABvACAAYQBuAHkAIABkAG8AYwB1AG0AZQBuAHQAIABjAHIAZQBhAHQAZQBkACAAdQBzAGkAbgBnACAAdABoAGUAIABmAG8AbgB0AHMAIABvAHIAIAB0AGgAZQBpAHIAIABkAGUAcgBpAHYAYQB0AGkAdgBlAHMALgANAAoADQAKAEQARQBGAEkATgBJAFQASQBPAE4AUwANAAoAIgBGAG8AbgB0ACAAUwBvAGYAdAB3AGEAcgBlACIAIAByAGUAZgBlAHIAcwAgAHQAbwAgAHQAaABlACAAcwBlAHQAIABvAGYAIABmAGkAbABlAHMAIAByAGUAbABlAGEAcwBlAGQAIABiAHkAIAB0AGgAZQAgAEMAbwBwAHkAcgBpAGcAaAB0ACAASABvAGwAZABlAHIAKABzACkAIAB1AG4AZABlAHIAIAB0AGgAaQBzACAAbABpAGMAZQBuAHMAZQAgAGEAbgBkACAAYwBsAGUAYQByAGwAeQAgAG0AYQByAGsAZQBkACAAYQBzACAAcwB1AGMAaAAuACAAVABoAGkAcwAgAG0AYQB5ACAAaQBuAGMAbAB1AGQAZQAgAHMAbwB1AHIAYwBlACAAZgBpAGwAZQBzACwAIABiAHUAaQBsAGQAIABzAGMAcgBpAHAAdABzACAAYQBuAGQAIABkAG8AYwB1AG0AZQBuAHQAYQB0AGkAbwBuAC4ADQAKAA0ACgAiAFIAZQBzAGUAcgB2AGUAZAAgAEYAbwBuAHQAIABOAGEAbQBlACIAIAByAGUAZgBlAHIAcwAgAHQAbwAgAGEAbgB5ACAAbgBhAG0AZQBzACAAcwBwAGUAYwBpAGYAaQBlAGQAIABhAHMAIABzAHUAYwBoACAAYQBmAHQAZQByACAAdABoAGUAIABjAG8AcAB5AHIAaQBnAGgAdAAgAHMAdABhAHQAZQBtAGUAbgB0ACgAcwApAC4ADQAKAA0ACgAiAE8AcgBpAGcAaQBuAGEAbAAgAFYAZQByAHMAaQBvAG4AIgAgAHIAZQBmAGUAcgBzACAAdABvACAAdABoAGUAIABjAG8AbABsAGUAYwB0AGkAbwBuACAAbwBmACAARgBvAG4AdAAgAFMAbwBmAHQAdwBhAHIAZQAgAGMAbwBtAHAAbwBuAGUAbgB0AHMAIABhAHMAIABkAGkAcwB0AHIAaQBiAHUAdABlAGQAIABiAHkAIAB0AGgAZQAgAEMAbwBwAHkAcgBpAGcAaAB0ACAASABvAGwAZABlAHIAKABzACkALgANAAoADQAKACIATQBvAGQAaQBmAGkAZQBkACAAVgBlAHIAcwBpAG8AbgAiACAAcgBlAGYAZQByAHMAIAB0AG8AIABhAG4AeQAgAGQAZQByAGkAdgBhAHQAaQB2AGUAIABtAGEAZABlACAAYgB5ACAAYQBkAGQAaQBuAGcAIAB0AG8ALAAgAGQAZQBsAGUAdABpAG4AZwAsACAAbwByACAAcwB1AGIAcwB0AGkAdAB1AHQAaQBuAGcAIAAtAC0AIABpAG4AIABwAGEAcgB0ACAAbwByACAAaQBuACAAdwBoAG8AbABlACAALQAtACAAYQBuAHkAIABvAGYAIAB0AGgAZQAgAGMAbwBtAHAAbwBuAGUAbgB0AHMAIABvAGYAIAB0AGgAZQAgAE8AcgBpAGcAaQBuAGEAbAAgAFYAZQByAHMAaQBvAG4ALAAgAGIAeQAgAGMAaABhAG4AZwBpAG4AZwAgAGYAbwByAG0AYQB0AHMAIABvAHIAIABiAHkAIABwAG8AcgB0AGkAbgBnACAAdABoAGUAIABGAG8AbgB0ACAAUwBvAGYAdAB3AGEAcgBlACAAdABvACAAYQAgAG4AZQB3ACAAZQBuAHYAaQByAG8AbgBtAGUAbgB0AC4ADQAKAA0ACgAiAEEAdQB0AGgAbwByACIAIAByAGUAZgBlAHIAcwAgAHQAbwAgAGEAbgB5ACAAZABlAHMAaQBnAG4AZQByACwAIABlAG4AZwBpAG4AZQBlAHIALAAgAHAAcgBvAGcAcgBhAG0AbQBlAHIALAAgAHQAZQBjAGgAbgBpAGMAYQBsACAAdwByAGkAdABlAHIAIABvAHIAIABvAHQAaABlAHIAIABwAGUAcgBzAG8AbgAgAHcAaABvACAAYwBvAG4AdAByAGkAYgB1AHQAZQBkACAAdABvACAAdABoAGUAIABGAG8AbgB0ACAAUwBvAGYAdAB3AGEAcgBlAC4ADQAKAA0ACgBQAEUAUgBNAEkAUwBTAEkATwBOACAAJgAgAEMATwBOAEQASQBUAEkATwBOAFMADQAKAFAAZQByAG0AaQBzAHMAaQBvAG4AIABpAHMAIABoAGUAcgBlAGIAeQAgAGcAcgBhAG4AdABlAGQALAAgAGYAcgBlAGUAIABvAGYAIABjAGgAYQByAGcAZQAsACAAdABvACAAYQBuAHkAIABwAGUAcgBzAG8AbgAgAG8AYgB0AGEAaQBuAGkAbgBnACAAYQAgAGMAbwBwAHkAIABvAGYAIAB0AGgAZQAgAEYAbwBuAHQAIABTAG8AZgB0AHcAYQByAGUALAAgAHQAbwAgAHUAcwBlACwAIABzAHQAdQBkAHkALAAgAGMAbwBwAHkALAAgAG0AZQByAGcAZQAsACAAZQBtAGIAZQBkACwAIABtAG8AZABpAGYAeQAsACAAcgBlAGQAaQBzAHQAcgBpAGIAdQB0AGUALAAgAGEAbgBkACAAcwBlAGwAbAAgAG0AbwBkAGkAZgBpAGUAZAAgAGEAbgBkACAAdQBuAG0AbwBkAGkAZgBpAGUAZAAgAGMAbwBwAGkAZQBzACAAbwBmACAAdABoAGUAIABGAG8AbgB0ACAAUwBvAGYAdAB3AGEAcgBlACwAIABzAHUAYgBqAGUAYwB0ACAAdABvACAAdABoAGUAIABmAG8AbABsAG8AdwBpAG4AZwAgAGMAbwBuAGQAaQB0AGkAbwBuAHMAOgANAAoADQAKADEAKQAgAE4AZQBpAHQAaABlAHIAIAB0AGgAZQAgAEYAbwBuAHQAIABTAG8AZgB0AHcAYQByAGUAIABuAG8AcgAgAGEAbgB5ACAAbwBmACAAaQB0AHMAIABpAG4AZABpAHYAaQBkAHUAYQBsACAAYwBvAG0AcABvAG4AZQBuAHQAcwAsACAAaQBuACAATwByAGkAZwBpAG4AYQBsACAAbwByACAATQBvAGQAaQBmAGkAZQBkACAAVgBlAHIAcwBpAG8AbgBzACwAIABtAGEAeQAgAGIAZQAgAHMAbwBsAGQAIABiAHkAIABpAHQAcwBlAGwAZgAuAA0ACgANAAoAMgApACAATwByAGkAZwBpAG4AYQBsACAAbwByACAATQBvAGQAaQBmAGkAZQBkACAAVgBlAHIAcwBpAG8AbgBzACAAbwBmACAAdABoAGUAIABGAG8AbgB0ACAAUwBvAGYAdAB3AGEAcgBlACAAbQBhAHkAIABiAGUAIABiAHUAbgBkAGwAZQBkACwAIAByAGUAZABpAHMAdAByAGkAYgB1AHQAZQBkACAAYQBuAGQALwBvAHIAIABzAG8AbABkACAAdwBpAHQAaAAgAGEAbgB5ACAAcwBvAGYAdAB3AGEAcgBlACwAIABwAHIAbwB2AGkAZABlAGQAIAB0AGgAYQB0ACAAZQBhAGMAaAAgAGMAbwBwAHkAIABjAG8AbgB0AGEAaQBuAHMAIAB0AGgAZQAgAGEAYgBvAHYAZQAgAGMAbwBwAHkAcgBpAGcAaAB0ACAAbgBvAHQAaQBjAGUAIABhAG4AZAAgAHQAaABpAHMAIABsAGkAYwBlAG4AcwBlAC4AIABUAGgAZQBzAGUAIABjAGEAbgAgAGIAZQAgAGkAbgBjAGwAdQBkAGUAZAAgAGUAaQB0AGgAZQByACAAYQBzACAAcwB0AGEAbgBkAC0AYQBsAG8AbgBlACAAdABlAHgAdAAgAGYAaQBsAGUAcwAsACAAaAB1AG0AYQBuAC0AcgBlAGEAZABhAGIAbABlACAAaABlAGEAZABlAHIAcwAgAG8AcgAgAGkAbgAgAHQAaABlACAAYQBwAHAAcgBvAHAAcgBpAGEAdABlACAAbQBhAGMAaABpAG4AZQAtAHIAZQBhAGQAYQBiAGwAZQAgAG0AZQB0AGEAZABhAHQAYQAgAGYAaQBlAGwAZABzACAAdwBpAHQAaABpAG4AIAB0AGUAeAB0ACAAbwByACAAYgBpAG4AYQByAHkAIABmAGkAbABlAHMAIABhAHMAIABsAG8AbgBnACAAYQBzACAAdABoAG8AcwBlACAAZgBpAGUAbABkAHMAIABjAGEAbgAgAGIAZQAgAGUAYQBzAGkAbAB5ACAAdgBpAGUAdwBlAGQAIABiAHkAIAB0AGgAZQAgAHUAcwBlAHIALgANAAoADQAKADMAKQAgAE4AbwAgAE0AbwBkAGkAZgBpAGUAZAAgAFYAZQByAHMAaQBvAG4AIABvAGYAIAB0AGgAZQAgAEYAbwBuAHQAIABTAG8AZgB0AHcAYQByAGUAIABtAGEAeQAgAHUAcwBlACAAdABoAGUAIABSAGUAcwBlAHIAdgBlAGQAIABGAG8AbgB0ACAATgBhAG0AZQAoAHMAKQAgAHUAbgBsAGUAcwBzACAAZQB4AHAAbABpAGMAaQB0ACAAdwByAGkAdAB0AGUAbgAgAHAAZQByAG0AaQBzAHMAaQBvAG4AIABpAHMAIABnAHIAYQBuAHQAZQBkACAAYgB5ACAAdABoAGUAIABjAG8AcgByAGUAcwBwAG8AbgBkAGkAbgBnACAAQwBvAHAAeQByAGkAZwBoAHQAIABIAG8AbABkAGUAcgAuACAAVABoAGkAcwAgAHIAZQBzAHQAcgBpAGMAdABpAG8AbgAgAG8AbgBsAHkAIABhAHAAcABsAGkAZQBzACAAdABvACAAdABoAGUAIABwAHIAaQBtAGEAcgB5ACAAZgBvAG4AdAAgAG4AYQBtAGUAIABhAHMADQAKAHAAcgBlAHMAZQBuAHQAZQBkACAAdABvACAAdABoAGUAIAB1AHMAZQByAHMALgANAAoADQAKADQAKQAgAFQAaABlACAAbgBhAG0AZQAoAHMAKQAgAG8AZgAgAHQAaABlACAAQwBvAHAAeQByAGkAZwBoAHQAIABIAG8AbABkAGUAcgAoAHMAKQAgAG8AcgAgAHQAaABlACAAQQB1AHQAaABvAHIAKABzACkAIABvAGYAIAB0AGgAZQAgAEYAbwBuAHQAIABTAG8AZgB0AHcAYQByAGUAIABzAGgAYQBsAGwAIABuAG8AdAAgAGIAZQAgAHUAcwBlAGQAIAB0AG8AIABwAHIAbwBtAG8AdABlACwAIABlAG4AZABvAHIAcwBlACAAbwByACAAYQBkAHYAZQByAHQAaQBzAGUAIABhAG4AeQAgAE0AbwBkAGkAZgBpAGUAZAAgAFYAZQByAHMAaQBvAG4ALAAgAGUAeABjAGUAcAB0ACAAdABvACAAYQBjAGsAbgBvAHcAbABlAGQAZwBlACAAdABoAGUAIABjAG8AbgB0AHIAaQBiAHUAdABpAG8AbgAoAHMAKQAgAG8AZgAgAHQAaABlACAAQwBvAHAAeQByAGkAZwBoAHQAIABIAG8AbABkAGUAcgAoAHMAKQAgAGEAbgBkACAAdABoAGUAIABBAHUAdABoAG8AcgAoAHMAKQAgAG8AcgAgAHcAaQB0AGgAIAB0AGgAZQBpAHIAIABlAHgAcABsAGkAYwBpAHQAIAB3AHIAaQB0AHQAZQBuAA0ACgBwAGUAcgBtAGkAcwBzAGkAbwBuAC4ADQAKAA0ACgA1ACkAIABUAGgAZQAgAEYAbwBuAHQAIABTAG8AZgB0AHcAYQByAGUALAAgAG0AbwBkAGkAZgBpAGUAZAAgAG8AcgAgAHUAbgBtAG8AZABpAGYAaQBlAGQALAAgAGkAbgAgAHAAYQByAHQAIABvAHIAIABpAG4AIAB3AGgAbwBsAGUALAAgAG0AdQBzAHQAIABiAGUAIABkAGkAcwB0AHIAaQBiAHUAdABlAGQAIABlAG4AdABpAHIAZQBsAHkAIAB1AG4AZABlAHIAIAB0AGgAaQBzACAAbABpAGMAZQBuAHMAZQAsACAAYQBuAGQAIABtAHUAcwB0ACAAbgBvAHQAIABiAGUAIABkAGkAcwB0AHIAaQBiAHUAdABlAGQAIAB1AG4AZABlAHIAIABhAG4AeQAgAG8AdABoAGUAcgAgAGwAaQBjAGUAbgBzAGUALgAgAFQAaABlACAAcgBlAHEAdQBpAHIAZQBtAGUAbgB0ACAAZgBvAHIAIABmAG8AbgB0AHMAIAB0AG8AIAByAGUAbQBhAGkAbgAgAHUAbgBkAGUAcgAgAHQAaABpAHMAIABsAGkAYwBlAG4AcwBlACAAZABvAGUAcwAgAG4AbwB0ACAAYQBwAHAAbAB5ACAAdABvACAAYQBuAHkAIABkAG8AYwB1AG0AZQBuAHQAIABjAHIAZQBhAHQAZQBkACAAdQBzAGkAbgBnACAAdABoAGUAIABGAG8AbgB0ACAAUwBvAGYAdAB3AGEAcgBlAC4ADQAKAA0ACgBUAEUAUgBNAEkATgBBAFQASQBPAE4ADQAKAFQAaABpAHMAIABsAGkAYwBlAG4AcwBlACAAYgBlAGMAbwBtAGUAcwAgAG4AdQBsAGwAIABhAG4AZAAgAHYAbwBpAGQAIABpAGYAIABhAG4AeQAgAG8AZgAgAHQAaABlACAAYQBiAG8AdgBlACAAYwBvAG4AZABpAHQAaQBvAG4AcwAgAGEAcgBlACAAbgBvAHQAIABtAGUAdAAuAA0ACgANAAoARABJAFMAQwBMAEEASQBNAEUAUgANAAoAVABIAEUAIABGAE8ATgBUACAAUwBPAEYAVABXAEEAUgBFACAASQBTACAAUABSAE8AVgBJAEQARQBEACAAIgBBAFMAIABJAFMAIgAsACAAVwBJAFQASABPAFUAVAAgAFcAQQBSAFIAQQBOAFQAWQAgAE8ARgAgAEEATgBZACAASwBJAE4ARAAsACAARQBYAFAAUgBFAFMAUwAgAE8AUgAgAEkATQBQAEwASQBFAEQALAAgAEkATgBDAEwAVQBEAEkATgBHACAAQgBVAFQAIABOAE8AVAAgAEwASQBNAEkAVABFAEQAIABUAE8AIABBAE4AWQAgAFcAQQBSAFIAQQBOAFQASQBFAFMAIABPAEYAIABNAEUAUgBDAEgAQQBOAFQAQQBCAEkATABJAFQAWQAsACAARgBJAFQATgBFAFMAUwAgAEYATwBSACAAQQAgAFAAQQBSAFQASQBDAFUATABBAFIAIABQAFUAUgBQAE8AUwBFACAAQQBOAEQAIABOAE8ATgBJAE4ARgBSAEkATgBHAEUATQBFAE4AVAAgAE8ARgAgAEMATwBQAFkAUgBJAEcASABUACwAIABQAEEAVABFAE4AVAAsACAAVABSAEEARABFAE0AQQBSAEsALAAgAE8AUgAgAE8AVABIAEUAUgAgAFIASQBHAEgAVAAuACAASQBOACAATgBPACAARQBWAEUATgBUACAAUwBIAEEATABMACAAVABIAEUADQAKAEMATwBQAFkAUgBJAEcASABUACAASABPAEwARABFAFIAIABCAEUAIABMAEkAQQBCAEwARQAgAEYATwBSACAAQQBOAFkAIABDAEwAQQBJAE0ALAAgAEQAQQBNAEEARwBFAFMAIABPAFIAIABPAFQASABFAFIAIABMAEkAQQBCAEkATABJAFQAWQAsACAASQBOAEMATABVAEQASQBOAEcAIABBAE4AWQAgAEcARQBOAEUAUgBBAEwALAAgAFMAUABFAEMASQBBAEwALAAgAEkATgBEAEkAUgBFAEMAVAAsACAASQBOAEMASQBEAEUATgBUAEEATAAsACAATwBSACAAQwBPAE4AUwBFAFEAVQBFAE4AVABJAEEATAAgAEQAQQBNAEEARwBFAFMALAAgAFcASABFAFQASABFAFIAIABJAE4AIABBAE4AIABBAEMAVABJAE8ATgAgAE8ARgAgAEMATwBOAFQAUgBBAEMAVAAsACAAVABPAFIAVAAgAE8AUgAgAE8AVABIAEUAUgBXAEkAUwBFACwAIABBAFIASQBTAEkATgBHACAARgBSAE8ATQAsACAATwBVAFQAIABPAEYAIABUAEgARQAgAFUAUwBFACAATwBSACAASQBOAEEAQgBJAEwASQBUAFkAIABUAE8AIABVAFMARQAgAFQASABFACAARgBPAE4AVAAgAFMATwBGAFQAVwBBAFIARQAgAE8AUgAgAEYAUgBPAE0AIABPAFQASABFAFIAIABEAEUAQQBMAEkATgBHAFMAIABJAE4AIABUAEgARQAgAEYATwBOAFQAIABTAE8ARgBUAFcAQQBSAEUALgAgAGgAdAB0AHAAOgAvAC8AcwBjAHIAaQBwAHQAcwAuAHMAaQBsAC4AbwByAGcALwBPAEYATAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV8AAAABAAIAAwAEAAUABgAHAAgACQAKAAsADAANAA4ADwAQABEAEgATABQAFQAWABcAGAAZABoAGwAcAB0AHgAfACAAIQAiACMAJAAlACYAJwAoACkAKgArACwALQAuAC8AMAAxADIAMwA0ADUANgA3ADgAOQA6ADsAPAA9AD4APwBAAEEAQgBDAEQARQBGAEcASABJAEoASwBMAE0ATgBPAFAAUQBSAFMAVABVAFYAVwBYAFkAWgBbAFwAXQBeAF8AYABhAKMAhACFAL0AlgDoAIYAjgCLAJ0AqQCkAIoA2gCDAJMA8gDzAI0AlwCIAMMA3gDxAJ4AqgD1APQA9gCiAK0AyQDHAK4AYgBjAJAAZADLAGUAyADKAM8AzADNAM4A6QBmANMA0ADRAK8AZwDwAJEA1gDUANUAaADrAO0AiQBqAGkAawBtAGwAbgCgAG8AcQBwAHIAcwB1AHQAdgB3AOoAeAB6AHkAewB9AHwAuAChAH8AfgCAAIEA7ADuALoBAgEDAQQBBQEGAQcA/QD+AQgBCQEKAQsA/wEAAQwBDQEOAQ8BEAERARIBEwEUARUBFgEXARgA+AD5ARkBGgEbARwBHQEeAR8BIAEhASIBIwEkASUBJgD6ANcBJwEoASkBKgErASwBLQEuAS8BMAExAOIA4wEyATMBNAE1ATYBNwE4ATkBOgE7ATwBPQE+ALAAsQE/AUABQQFCAUMBRAFFAUYBRwFIAPsA/ADkAOUBSQFKAUsBTAFNAU4BTwFQAVEBUgFTAVQBVQFWAVcBWAFZAVoBWwFcAV0AuwFeAV8BYAFhAOYA5wCmAWIBYwFkAWUBZgFnANgA4QDbANwA3QDgANkA3wFoAWkBagFrAWwBbQFuAW8AsgCzALYAtwDEALQAtQDFAIIAwgCHAKsAvgC/ALwBcACMAO8AwADBAXEHQW1hY3JvbgdhbWFjcm9uBkFicmV2ZQZhYnJldmUHQW9nb25lawdhb2dvbmVrC0NjaXJjdW1mbGV4C2NjaXJjdW1mbGV4CkNkb3RhY2NlbnQKY2RvdGFjY2VudAZEY2Fyb24HRW1hY3JvbgdlbWFjcm9uBkVicmV2ZQZlYnJldmUKRWRvdGFjY2VudAplZG90YWNjZW50B0VvZ29uZWsHZW9nb25lawZFY2Fyb24GZWNhcm9uC0djaXJjdW1mbGV4C2djaXJjdW1mbGV4Ckdkb3RhY2NlbnQKZ2RvdGFjY2VudAxHY29tbWFhY2NlbnQMZ2NvbW1hYWNjZW50C0hjaXJjdW1mbGV4C2hjaXJjdW1mbGV4BEhiYXIEaGJhcgZJdGlsZGUGaXRpbGRlB2ltYWNyb24GSWJyZXZlB0lvZ29uZWsHaW9nb25lawtKY2lyY3VtZmxleAtqY2lyY3VtZmxleAxLY29tbWFhY2NlbnQMa2NvbW1hYWNjZW50BkxhY3V0ZQZsYWN1dGUMTGNvbW1hYWNjZW50DGxjb21tYWFjY2VudAZMY2Fyb24ETGRvdARsZG90Bk5hY3V0ZQZuYWN1dGUMTmNvbW1hYWNjZW50DG5jb21tYWFjY2VudAZOY2Fyb24GbmNhcm9uC25hcG9zdHJvcGhlB09tYWNyb24Hb21hY3JvbgZPYnJldmUGb2JyZXZlDU9odW5nYXJ1bWxhdXQNb2h1bmdhcnVtbGF1dAZSYWN1dGUGcmFjdXRlDFJjb21tYWFjY2VudAxyY29tbWFhY2NlbnQGUmNhcm9uBnJjYXJvbgZTYWN1dGUGc2FjdXRlC1NjaXJjdW1mbGV4C3NjaXJjdW1mbGV4DFRjb21tYWFjY2VudAx0Y29tbWFhY2NlbnQGVGNhcm9uBFRiYXIEdGJhcgZVdGlsZGUGdXRpbGRlB1VtYWNyb24HdW1hY3JvbgZVYnJldmUGdWJyZXZlBVVyaW5nBXVyaW5nDVVodW5nYXJ1bWxhdXQNdWh1bmdhcnVtbGF1dAdVb2dvbmVrB3VvZ29uZWsLV2NpcmN1bWZsZXgLd2NpcmN1bWZsZXgLWWNpcmN1bWZsZXgLeWNpcmN1bWZsZXgGWmFjdXRlBnphY3V0ZQpaZG90YWNjZW50Cnpkb3RhY2NlbnQHQUVhY3V0ZQdhZWFjdXRlC09zbGFzaGFjdXRlC29zbGFzaGFjdXRlDFNjb21tYWFjY2VudAxzY29tbWFhY2NlbnQGV2dyYXZlBndncmF2ZQZXYWN1dGUGd2FjdXRlCVdkaWVyZXNpcwl3ZGllcmVzaXMGWWdyYXZlBnlncmF2ZQRFdXJvC2NvbW1hYWNjZW50AAABAAH//wAP") format("truetype"); }
-        </style>
-    </defs>
+<svg host="65bd71144e" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="1376px" height="1050px" viewBox="-0.5 -0.5 1376 1050" content="&lt;mxfile&gt;&lt;diagram id=&quot;tO6hoGsHSMwBvH-oNil_&quot; name=&quot;Page-1&quot;&gt;7T1bd5u4ur8m63QezELceWydzkzXdPbJSjK3R2zLDqfYeACnyf71RwIE6AbClh07td3V2AJk0He/6saerl9+yaLt0+/pAiY3lrl4ubFvbywLuK6F/uCR13rE9MxqZJXFi2qsM/AQ/xeSE+vRXbyAeT1WDRVpmhTxlh6cp5sNnBfUWJRl6Xf6tGWaLKiBbbSC1G3ggYd5lEDutL/iRfFUjQZu5+xfYbx6Ir8MzPrILJp/W2XpblP/3o1l/1y+qsPriMxVn58/RYv0e2fI/nxjT7M0LapP65cpTPDi0sv2s+Roc98Z3BQqFxC4PEfJDpJbLm+seCWLUT4OxBeAG/vT96e4gA/baI6PfkfwR2NPxTqpDyfRDCafmlWYpkmaoUObdAObo2m2gBlzZBknyUP9m3ma4Pv7tEw3RY0bwKq/k8vQwpqm56F1tz/lRZZ+g4IJOyd/9vAbjUfZvJ4zQN9S9CBxgdHUxzPxy1ev6DPMCvjSGaqX8xeYrmGRvaJTyFFArqmR37frNf7eYpLlhtXYUweLLN+tMbjG3lUzeQtB9KEGohigIbgggKoAbrlcWvM5BThXD6R8GkxkoTpgAgB4Aji5weFwcr3TwKlkQJ9szxMDawGX0S4pGNiYMvjRoFm4MFg4Mji28LIoQvM0ERoNPsvkqQyBz+XB54LwcPCBwBbAzytXMqag6P27w8z8E/VpVf9tVr6UZWRh2xMR3PCLv3ae419ZZDFaL/RhE61hXqJGPSe6/2pa+qfQcNyOMeiGZNEWf8TSEs1ao0R9HKNYEc2INAROUA00YhDBoxy4S/O4iNMNGkrgsqCRdFZh9NcZhbVfNr/CqPzJcgwJ9SKKN53vSRJt83hW3og5yJNknJ/GUnQEfMTv5gh5NoGoqV4UGtsskUS7ItWD2YHlUbht85zJdQWYHQamDsx2hjlTB6RC2s9gjki/QZZmpMEWwMCpvg4tW9FiAVbtohbqUZKk3z8S7Q6PIL0Tds8YwAsaplh5KGEqgFhD3cMwo4DiGGHnFfAgciwbneKFDvrne6A+I4NJVCBSpvVYARDrn79L45JlEPxgwJ4ulzksOKA3N62EB5btDuMBXuftmPVrVPYaapTaK6IFm2bzDpm5q0xZgoUGgQYhjQh/eA0I21yk8926XIIhUc1xQZqGaJks4kJ5JVdNAzi2HwSBDzzgBy6otGQJ++PB1IJ4FJqj9TbM7ss+1vJboVTI9gnNep2kAhdJyo1QRuNJJ9XifkQnALB9EUruaBv/CbO8lHL4xPmsMPIizZBZaHwLciNO0aM9gyjZPkWgI3urH6ZvZpYJb2VWqmmT+vk+louQfZhMuuM/ldOYqnet7fG/xdi8xac0D0EOPWyQpH5KiweY4+W5jYqo8/wzgT7yTtYEIXe0wE+LT3tvD4f+RmvMxDazfFvdA9Y4q2dljvQ+u0QtFWvMI1akc062mn1wEdEh7mK2f/dcudmBN8bOi9THf3dwklfUMSkQ198M0EfMjh3C+d4P7lXWzmgEPBSgo5//UNQWGH6TyuybbHJtYJXdvQj/RHh6MJTzLZyfI+uUMCzp874tz2IJBb5s4+z1Md6HVR9MKcfiybopijDjsTj/wyxQhUWTAqORLr5wBst0TKYpIijpWpyAEeS1Wv4fSnLy6nsHhWriqC/sCBtl+sgUF+ZNTTkBV9Sg0L7pIxGY5R2BSgGDxY7JVZ/fk+Sf84lp3vQQgW4FXge+96xEr1BRIG8lxrAXKemBmuZFP47ieSVPneQJBlDxTMlTVXhyIGa80wV8weNDARtBLCZK4lUniod9xPE8Sj7Ww+t4scA/InR2t5HrMkwT5U9NGJuLwpQBTnLn+7qn66OOASzPC73Atlw/BAEdR3ONgA8eANfwQBiaoWtalmc5goA/8HzD0uHO7o0ZVwC8hdskfa3iCBhTphmMCqR3mw8fS+Ji0eM+TfDRWbxZxJtVLjyHU/MYL+0DzJ5jKnbcIRRzeo+fe7PAeBUv4DzKZFyonb9vQoVINI0+ByQ+lJlX2tOO8ItF68OCiOSoRQe7BBkpniBxKACGhswhy1MI/B4/4OfRNAt8j18ERxDw0xJw8hRinhcc72sgPCred8TlFiVBnYEUZuN7zz9YEE+Jfb+TdbgG7q6WhLqTuNWArjG7a8zuomN25+i6vJq/+2lr9VHL8PzAt23TRiarY5kklZPkSBu+wKJwbMMGWNEGoeP6JnAEyp5lWDr0PVIXNFLfkyVBd+i1Glgl6SzCv/hhk3Z5zk8DtNGLQu8xLboe4jKiG9tWPSN6C7MYYQLMMA3Em1V9L22itCvJ9x9vHlsujc6kXoYqrAEC/01o60BehVzQd54X3RLwuIRR16TyogUuDD8wnMBEHChwfcsLnZoJnWViNBBlpQr9JApkIF/S0Z4TOlPatg3P9Tzf9Z3QbtJxu1Ah7iWKVFzPsG3XcoPAdd1AR6VTU+t4ZKeKctlHI3Mbt4qJUA+gp0WiE3hOKPL6NfxOAMIGIdT91Dw0rNBw0FLZfv2/CDa2EVi+ZXoIpphadHA1S+TxOgNN8JpiPZxiXXpppulmGa92WVRqF1eXzaU/nDaXzcWbzX///fdYm/Z9wLtU1/IfBbsFQxMZw68LXn88WiDuo6g/B/OYTqWLcCCdax75KQhnHk0hNhMvgThqx2g0meNb/iG5PDsULRYZzPPx8Ds4CHNmwRVD6C9XDbW8Z4/wHoamYVpOiIxF8j/jEHaR6eviDBJgup4r8KcBx7CtwAks8r/ALrUDwwKmYwJst3qWBrMUePt5ik3TmWP30jixLMBIkvZOUHMdbZAikt2IW20c1adsefVA61P2bs7Qp4wbwkQwWM45kqoAM0WAETmWhz3Fo5HepzswCfpn2KSVF9UZhvTdOAx1r37ilnxH+YltJ6T9xAInGAKcEfi2aYfAtlwn8M/YUwxO1eRJT3c1pu+Wi98iWm4kFCXG8Je7qChgtqlmRIpEnx+16Xynq+8aK9w83slqO4Eh6JvTtIk6hO5VUgfPFdZ9fNs0p1NVWGvh3Y5Bh/l8PnRhO5YQjqalgX+bFwxICBYu9EWADD3fjjii1QEwEsetwRWEPLhsgbDV0atKHrtoTIXfdjOEpbCAyJAwP959Qf9jxzlW5UR2hURP262Tr/ESJnElZUnIGyte9fBdOzaED8NKVwbnuyxH0uwekhgVVpR2Bf6ladPzVBPntJnIIbAErfRsIecMgX84FC1TQWN6N70QlZIjRhe+TGwCNEKGRAXr0mEgiLy7PbqSKgSJvt1X2PInMp8XVSnLPInhRuL1kYJ9/0qQ4/SerRNlNMDOpiEHHF5xCQUMlFVZ9xJ2g2b2iSO4beKfepOpe/jvDuaFmKGz0wpih7210U3sTaFYvqwGnphgsoiXy32cmorZs6eq22ec6b13yA6NLkJnhyYyLygf9KDWf6y/cOxNKeIB2H/ZL8mTybHFMDRbT4JEvEr4dHuCDnPQZVydns9xVWT4CYwIR4diqpDy1IEbC4BZWhTpGh2Am0XpsEFj6RaiQ7T6jg53epmjxcpe/24OoS//dL/cvtQwq7691t8EJl/dVl0KhTzdZXNISbsiylawMcNqNQMuSJd9Caz2ddq8MKBqLH4GdNVd1Ve10OMmskN6ItdnJqqemJtoD5+QK1eVzkbiSqt7tUZ9DpHihmEIxFURFTtleYPPrhf0HkaLV7WLqpyrP+6/KgtildjWXr002HsbDP/qBmB/UOWAcpk3igorxGxraD6WfRsVMWCg5+PhyqFSl7dLAf5bdWM71fMd0EztqiFq1hCZ7iAiDVHiaNaiI/rDTpPfgsZtyeLAh18fH+8efupFDrlf5XDMmKOVL72dB+DGW2wWREfaD0cj1/GYgIUHeBd4s0GUbg9OILI0VBIlSjI8XsLT3f8+PKLjHUVtzwrOkWbSLEnn3wZRS270qPr9GmOr+fIPZV6JjS34EheNhYY+/9MZby/BX8gVSkYYMVe6VhjxyQ4aYcSDbBq+BfhmKwTBNNtqlqKJxU/kDkw0aPRpjfEHci5+gD0nJtowdOYiov0FFrcwKaIPP50XUU2nakQVmPh9bkTlBTxRkYJqVaIyDeAy28Hxzn1dFMZEgHw2Gq5KYc1WWrKJTkxhwfE8JiqiUkZ1d1EWrcXuBuwm7jP76DM5rY+zKQ90bJ/Eaz2pfCqImWxWEwJ40Unr6GWSwRzp8d3QhKiS4Grw6DV4SGCR0DXxRVJxfmFejYaUXhJ7PqlL/EgCi9cCKZe7aQTWkMzC3zo5I/1iqSuCiFg6unMdyRPGsAktx7B9ro5/tAZn2+y0SvJlrwzM/cwjGc9/gLgPphovwgD6ivGPZkjq9nOZ8tvJzt3iBSmXyP1049726FH9aM+jWUObB/cgQFaE5YR69Bk6K2nCtCLQoluEg+jxNroFlpNRlkV4ZdMlvvop2qwQk7PMShdHYpQkMlxl6CllqMdmO/JOQxCIfD0aRGhoSbFV7P4e69bWi8TThy/EeVlW9JKA3+8N5ppMp8mOd/Px6wM6vrq/m/a7OEU4P6y8Xr2hQzH+MQnAIU0SxNNDd9kWkIQG92eokKx9uYkWR9fxXGAwTbUctquMeg6Fa/gDc+lLowhFToH37DmW4shAMo5vK6KSfoeU7wGDOG+aLKxACSO4uTzHN4DdP5c+syF8C1uVuDGJt7LhKVI35oGpWwQ1uujinobxOB7tYrRHO/FJ9M22GCPVJj0u9TMdYMr7lb+lAiareu6pYm5rUK6q1GGqVF8Z7FhVygW0h44o/FQvRcFu21pKAcwTRrJk4ec/7m4/Pn6+qbLzdnL/8IVI+tEcXY1ve/vz7SNIeSaw27D20SKehJlkE2l0C5pX9VFRffTeDLEcJgzpsFxOFbFcwGbocFNpRC35Hk+Ei1ZAbpkfoPjlGKVArHSwTNmSOCj/grOnNP02EFdU6mNyvvWx4wukNchx1iUCCHuhdnISCHJLR8NdX46C8p0MG4bVTWrFW3JYuCsQ3ouj+2EwZ7Ya+LgrntIMQwg90XyOu1sh9oJbsxdPeKwpEhNk8w9ooHQqGYOWF1g1CkZ3Q5/QeSXNZncUjgk6qJDCqIOURXCmaYe/fH58vymHx8lzasq19tEn27BfYPqMf4ZDR12JTkwGoEvybccqBrbn90902kQnQMoRr7Vh51MbdgfLjTXl8qlPB6uG8TRxESXxXCY1BWXH3INeS4/UXGhvUnokWf9rsc/ZxO19mtU7oi0YhOXgpob+KE2DsR8g+W0oDCoF5rkkuXmAakK4Z8AKWOy0anHVvZLceL2hSlRjMOz0GWlh6Ew7DEA9I62lGC0paS7TpGxi69FEmVmPkaIGwOAmudcctaus68lRC21e1h0tR62pQpGiq6rydJdiVIqxP4CYA/hjpaThT1hJX+6SB1GhwYdtmmOPIV6WNVrZeJvAkt63SA2P8qENAUc7Qn/AsKe0TfkerVtdWlgGfAaZTVqV6Y57eoNGt5Ar1rnWfa55CV4flBb5xyZ+Kf03828Y7RUSJK/o/dYJkgDYdDgg9MIm7Y6yPwIBioeHo3jz+5pwfEwVxFtbNQ2feuOgPbBPZNKENmfRAL/JzBxtxmADybNNx3b8wPLMgK8I6jGWNNo4johNX3FNjGskJePo5jPCCxbZnD2d8UOYdsRsEIdnj2diP+9d0dXSixb72XJqI/RAhJkAuufOhEEWPRYz2dj2ErN7BDE+HRyBJBaeR84YIDm6JHZtEu1+dAgv9NkKhoDtSa6TU/C+mNvPXz+XKYtl3OnNOQbjhhjDMQjV6OAYiGvRlA708A8mxjxhQK2JfxwlE/a8e7Wo6i5tr5bR2QhHzFwMRG1oHVWNu2nWgrQOvpxTE88LPbZSgWNUyqqS6bAzMRtXnThxQW5e6tg4kfanPNxJHYK010Ti5+hNHLu4fMZp+Rok6M54z0b24z0bFrPnknDrEEfgag5cxiDdz68hbw3U5iDmOVzPSu/vBnux8COv8LcyZsFEJ467EUW5/wh+6fdWyfMKR28ZyahTPtHVhraj0BE8cBQA+mUTF3G1kQiy4Ll9768g5EEoSHYQglDDZj4NtV9p8ngADUjK5hBAdeSumIOpvmdT0TC9R0eRvESyMEna2kZhXGR0DOTidIPT1Dp4TCmvsNbBtXjkdCwN0TtfnhzRCgzMVDg9kknspDEClzksccorqVSoWvb/T0/H/lZBbXJXS3V0gmC0jFe7RlDJtvaetVgsSGCdZrCSedGoWyh141uaofbkGpYEVIbcY9ydr913SHBHj0+wVO1hZRBXd1cWd3D3Q22wIKG9d8jmG86pzuf5JgeC/kJOaBA7ld6H2zqcoCzh9pdDMe3/wO+lm2i93m3wxnZoIbL0OV6U2UBoeIvWd1OIoa1QVH5h223KfWyj8YHpn4EsfwF3dURxYw2FZFZ/v4NeXCjN9PcLeYndLd4pW6fJ7TDFL2KMEMlbHRjR7Kr1VsmIzgK/+WsHmvE+p8luDSfxQnx4FuVwgosRpWdUDrX+c67db0Xi8WyyIkHIWsX8xtKirEgt3W/JbqwncZEiNIDZJkomXAOYvHGRDmqhHF+vd7DqY+VClH1fDtfTGFUI55jqXpFjVYStga/B5g94HfChQAbI+qY/y/udKO4NsY7YtZ7dtF7R5eZ4GqAll8kNhX5N02+7bWPO7m8xmqWJ+D1GD0Umq8sKq61y0aOUZnOSRgv5z/1ZyuM2iiNkPxSLqmYdmAi7fmhts3vn6ez/EFk3LQie2w2pq8mLLNrkSTWCeN2miJcxzCT75/6wqD6xaZPEI5yqy5lCgUXi69gqnriomRwLsiBpVjylqxTJvs/t6CfE658bG6IDB1H6HS4Wutmv6V515K96GQRwaOwAQbgeDf0cJ82dSfrKV/d2aLT8sE4/B28E5NOZITZrmOjL12lsHq3oQmU84MzaPZIehiF5EjxTQhdRvzEkzXSjizoPCI/BAwy3A9b+lLsWpoZ7MyKV5XxA2oBvr82N9IO0J2goN0h+g68dg3+0a+k8alpkcE7RRdiTat+6mspQLIvzJfIdgzxRFFFDnMYS5u8PQpjd/vLd+A+RERksHBnOtcD3NAHfAy4L/BO6DS1hRvYQ9HFtG7qm3AngnYF/uVxa87kM/Brg7Qdv6Sa2HHkLukF4MyWO7wzynz38HiZ8v084aECQpk7njRBEoSGKQNWRCutRypRzi9+sUqioRo0pl3AF0tTVk07seSz8fLXNFvgGvkzImZ9Jo0EmKKA4FO5N35o94c6xZuiVrPmy8CGwPU34EHCi45j4ICq1OAwfmsTnHxofgGlyZL1vDbDp+ANTacSIYcUBC+rSlz1NYqm3l8Gh848z6ZDpNJREISPSKqqLcaGpoSOsJ8/c7m8IW7qmh1sJK8WfRkYme4Pp59tD2K9CBDzCWGMRxnKZsJVHsvi7OGMKuJRFMpAPSt5USBXv5j3Kw1YTlUahZeiKRYcy2ZHuRn3TyXvswyk1JDtuzOjEXarHYxi3wVizC3EXxSwBWwI6SoRChdjoY7bDKMNj1zyazNGT9mVHvMug4Ggo2y4LZY8UdA/Ev9kSyP0qFOT1h51uYuU1S/T4WLfCCVhXIiVE6vM79/EFJoBkBlNyQEszeTmRLuJnCh5KG2tVA7cwgUVvsoOS1KDTEFoRIvFIlTd80fyAi25owDBmL+cmSYmSAaIsZh275iqUiNzCbZK+rssHxLl2XzZ5EZWzTO9v86oe5OFj9fc+TWA9NE2Q5IBZPVKnkczisrAE72lh3sNVjM9odIzvcIYfkd525dIlCNVBSYMd4xK3IymCAHympkXM2y66eB5iZKF0g3oF7EFfsxTzldZ8Rev89Hu6wD08Pv8/&lt;/diagram&gt;&lt;/mxfile&gt;" style="background-color: rgb(255, 255, 255);">
+    <defs/>
     <g>
         <rect x="1114" y="699" width="259" height="275" rx="20.72" ry="20.72" fill-opacity="0.7" fill="#e6e6e6" stroke="none" pointer-events="all"/>
         <rect x="0" y="691" width="1116" height="258" rx="12.9" ry="12.9" fill="#fff2cc" stroke="none" pointer-events="all"/>
@@ -275,7 +271,7 @@
                                     <span style="font-size: 11px;">
                                         kind:
                                         <b>
-                                            SnapshotSessionService
+                                            SnapshotServiceConfiguration
                                         </b>
                                     </span>
                                     <br style="border-color: var(--border-color); font-size: 11px;"/>
@@ -1143,9 +1139,7 @@
                                     , find the driver's
                                     <br/>
                                     <b>
-                                        SnapshotSession-
-                                        <br/>
-                                        Service
+                                        SnapshotService-Configuration
                                     </b>
                                     CR.
                                     <br/>

From 679d5d3b067b05f76953f6f24525c980d9e576d3 Mon Sep 17 00:00:00 2001
From: Carl Braganza <carl@kasten.io>
Date: Mon, 10 Jul 2023 12:06:35 -0700
Subject: [PATCH 2/3] Called out UNRESOLVED issues. More on the SP service and
 sidecar.

---
 .../3314-csi-changed-block-tracking/README.md | 73 +++++++++++++++++--
 1 file changed, 68 insertions(+), 5 deletions(-)

diff --git a/keps/sig-storage/3314-csi-changed-block-tracking/README.md b/keps/sig-storage/3314-csi-changed-block-tracking/README.md
index 3ca188716d0..bda2b89a7e4 100644
--- a/keps/sig-storage/3314-csi-changed-block-tracking/README.md
+++ b/keps/sig-storage/3314-csi-changed-block-tracking/README.md
@@ -785,9 +785,27 @@ The following conditions are well defined:
 #### Capability Flags
 
 The gRPC service is optional and its availability is indicated by ...
-> @TODO How should the availability of this service be advertised through CSI interfaces?
-> Is this mandatory?
-> It is pretty obviously sensed in K8s by looking for SnapshotSessionConfiguration objects.
+```
+<<[UNRESOLVED How should the availability of this service be advertised through CSI interfaces?]>>
+Is it mandatory to provide such a mechanism via the CSI interfaces?
+It makes no sense to add a capability flag to the `GetPluginCapabilities` RPC of the
+`Identity` service, because a backup application cannot access this service.
+
+It is pretty easy  for a backup application to look for the SnapshotSessionConfiguration object
+of the CSI driver of the volume snapshots.
+A session would eventually expire if a SnapshotServiceConfiguration for the CSI driver were not found.
+Should the manager fail such sessions immediately?
+This would probably be more convenient from the backup application perspective,
+especially if there is a well defined error message returned.
+
+Thinking ahead to the possibility of a companion data service, then a Capability RPC
+in the SnapshotMetadata service makes sense, because it can be used later to advertise
+the existence of this data service.
+It is also possible that if block v/s extent is fixed for a given driver then that
+could be returned here, though I'm not sure about block size - it may could vary
+by volume.
+<<[/UNRESOLVED]>>
+```
 
 
 ### Kubernetes Components
@@ -858,7 +876,8 @@ individually transition each such CR to a terminal state as follows:
 from their associated VolumeSnapshotContent objects.
 If a VolumeSnapshot or associated VolumeSnapshotContent cannot be found, or
 if more than one CSI driver is involved then the manager will
-change the state of the CR to `Failed`.
+change the state of the CR to `Failed`
+and provide an appropriate error message in the `error` field.
 - The manager searches for the
 [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
 created by the CSI driver. When it finds this object it will create a
@@ -876,10 +895,24 @@ the
 [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
 to the `Failed` state.
 
-Periodically, the manager will scan all
+Periodically, the manager will scan for all
 [SnapshotSessionConfiguration CRs](#snapshotserviceconfiguration)
+and all [SnapshotSessionData CRs](#snapshotsessiondata)
 and delete those that have passed their expiry time.
 
+```
+<<[UNRESOLVED Is there a guaranteed minimum time for a session?]>>
+How is a session expiry time to be computed?
+
+- Is it fixed, say by a ConfigMap the manager could reference?
+  (One size-fits-all-CSI-drivers)
+- Does it depend on the number of snapshots specified in the session?
+- Does it depend on the size of the underlying volumes?
+
+The ConfigMap would be the easiest to implement. The other variants
+would require interaction with the SP.
+<<[/UNRESOLVED]>>
+```
 
 ### The External Snapshot Session Sidecar
 
@@ -909,6 +942,26 @@ in this proposal, including
 - Validating individual RPC arguments.
 - Translating RPC arguments from the Kubernetes domain to the SP domain at runtime.
 
+The sidecar will attempt to load the
+[SnapshotSessionData CR](#snapshotsessiondata) in its namespace with the name
+provided by the value of the `session_token` input argument of an RPC call.
+If the object is not found or is found to have expired, or that the
+VolumeSnapshots specified in the RPC call
+are not mentioned in the [SnapshotSessionData CR](#snapshotsessiondata),
+then the RPC call will be failed.
+
+The sidecar will attempt to load the VolumeSnapshots specified in an RPC call,
+along with their associated VolumeSnapshotContent objects, to ensure that they still
+exist and to obtain the SP identifiers for the snapshots.
+Additional checks may be performed depending on the RPC.
+(For example, in the case of a [GetDelta](#getdelta-rpc) RPC, it will check
+that all the snapshots come from the same volume and that the
+snapshot order is correct.)
+If all checks are successful, the RPC call is proxied to the
+[SP Snapshot Session Service](#the-sp-snapshot-session-service)
+over the UNIX domain socket, with its input parameters appropriately
+translated. The metadata result stream is proxied back to the calling client
+without any transformation.
 
 ### The SP Snapshot Session Service
 
@@ -917,6 +970,16 @@ This container must be configured to communicate with the community provided
 [external-snapshot-session sidecar](#the-external-snapshot-session-sidecar)
 over a UNIX domain socket.
 
+The SP service decides whether the metadata is returned in *block-based* format
+(`block_metadata_type` is `FIXED_LENGTH`)
+or *extent-based* format (`block_metadata_type` is `VARIABLE_LENGTH`).
+In any given RPC call, the `block_metadata_type` and `volume_size_bytes` return
+properties should be constant;
+likewise the `size_bytes` of all `BlockMetadata` entries if the `block_metadata_type`
+value returned is `FIXED_LENGTH`.
+
+The SP service should ignore the `session-token` input argument in the RPC calls,
+though it may include the value in log records for correlation with the sidecar logs.
 
 ### Test Plan
 

From 753dbd23484e1c5147c9b05594ddd8e697430f58 Mon Sep 17 00:00:00 2001
From: Carl Braganza <carl@kasten.io>
Date: Tue, 11 Jul 2023 14:25:47 -0700
Subject: [PATCH 3/3] Resolved issues with expiry and advertising.

---
 .../3314-csi-changed-block-tracking/README.md | 129 +++++++-----------
 1 file changed, 53 insertions(+), 76 deletions(-)

diff --git a/keps/sig-storage/3314-csi-changed-block-tracking/README.md b/keps/sig-storage/3314-csi-changed-block-tracking/README.md
index bda2b89a7e4..527728836ba 100644
--- a/keps/sig-storage/3314-csi-changed-block-tracking/README.md
+++ b/keps/sig-storage/3314-csi-changed-block-tracking/README.md
@@ -93,7 +93,6 @@ tags, and then generate with `hack/update-toc.sh`.
     - [Metadata Format](#metadata-format)
     - [GetAllocated RPC](#getallocated-rpc)
     - [GetDelta RPC](#getdelta-rpc)
-    - [Capability Flags](#capability-flags)
   - [Kubernetes Components](#kubernetes-components)
   - [Custom Resources](#custom-resources)
     - [SnapshotSessionRequest](#snapshotsessionrequest)
@@ -782,32 +781,6 @@ The following conditions are well defined:
 | Invalid `starting_offset` | 11 OUT_OF_RANGE | The starting offset exceeds the volume size. | The caller should specify a `starting_offset` less than the volume's size. |
 | Invalid `session_token` | 16 UNAUTHENTICATED | The specified session token is invalid or has expired. | The caller should create a new snapshot session. |
 
-#### Capability Flags
-
-The gRPC service is optional and its availability is indicated by ...
-```
-<<[UNRESOLVED How should the availability of this service be advertised through CSI interfaces?]>>
-Is it mandatory to provide such a mechanism via the CSI interfaces?
-It makes no sense to add a capability flag to the `GetPluginCapabilities` RPC of the
-`Identity` service, because a backup application cannot access this service.
-
-It is pretty easy  for a backup application to look for the SnapshotSessionConfiguration object
-of the CSI driver of the volume snapshots.
-A session would eventually expire if a SnapshotServiceConfiguration for the CSI driver were not found.
-Should the manager fail such sessions immediately?
-This would probably be more convenient from the backup application perspective,
-especially if there is a well defined error message returned.
-
-Thinking ahead to the possibility of a companion data service, then a Capability RPC
-in the SnapshotMetadata service makes sense, because it can be used later to advertise
-the existence of this data service.
-It is also possible that if block v/s extent is fixed for a given driver then that
-could be returned here, though I'm not sure about block size - it may could vary
-by volume.
-<<[/UNRESOLVED]>>
-```
-
-
 ### Kubernetes Components
 The following Kubernetes components are involved at runtime:
 
@@ -844,14 +817,13 @@ The following Kubernetes components are involved at runtime:
 ### The Snapshot Session Manager
 
 The Snapshot Session Manager is a community provided container that
-manages snapshot sessions for all CSI drivers in the system.
-It should be configured as a Deployment workload with a replica count of 1,
-or equivalent.
+manages snapshot sessions for all CSI drivers in the system;
+it should be deployed in a pod with a replica count of 1.
 The manager pod should run under the authority of a ServiceAccount
 that is different from that of any CSI driver,
-and authorized as described in [Risks and Mitigations](#risks-and-mitigations).
+and is authorized as described in [Risks and Mitigations](#risks-and-mitigations).
 
-It is composed of the following sub-components:
+The manager is composed of the following sub-components:
 - A validating webhook for the
   [SnapshotSessionRequest CR](#snapshotsessionrequest),
   registered when the manager is deployed.
@@ -872,47 +844,45 @@ The manager periodically scans for all
 [SnapshotSessionConfiguration CRs](#snapshotserviceconfiguration)
 in the `Pending` state and attempts to
 individually transition each such CR to a terminal state as follows:
-- It determines the CSI driver of the referenced VolumeSnapshots
-from their associated VolumeSnapshotContent objects.
-If a VolumeSnapshot or associated VolumeSnapshotContent cannot be found, or
-if more than one CSI driver is involved then the manager will
-change the state of the CR to `Failed`
-and provide an appropriate error message in the `error` field.
-- The manager searches for the
-[SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
-created by the CSI driver. When it finds this object it will create a
-[SnapshotSessionData CR](#snapshotsessiondata) in the namespace
-of the CSI driver, using a long randomized string for its name;
-the string will also be used as the `session_token`.
-- The manager will then copy the CA certificate and
-endpoint address from the [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
-to the [SnapshotSessionRequest CR](#snapshotsessionrequest),
-set the `session_token` value and change its state to `Ready`.
-- If the manager fails to find the CSI driver's
-[SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
-by the time the expiry time is reached, it will transition
-the
-[SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
-to the `Failed` state.
-
-Periodically, the manager will scan for all
-[SnapshotSessionConfiguration CRs](#snapshotserviceconfiguration)
-and all [SnapshotSessionData CRs](#snapshotsessiondata)
-and delete those that have passed their expiry time.
 
-```
-<<[UNRESOLVED Is there a guaranteed minimum time for a session?]>>
-How is a session expiry time to be computed?
-
-- Is it fixed, say by a ConfigMap the manager could reference?
-  (One size-fits-all-CSI-drivers)
-- Does it depend on the number of snapshots specified in the session?
-- Does it depend on the size of the underlying volumes?
+- It determines the CSI driver of the referenced VolumeSnapshots
+  from their associated VolumeSnapshotContent objects.
+  If a VolumeSnapshot or associated VolumeSnapshotContent cannot be found, or
+  if more than one CSI driver is involved then it will
+  change the state of the CR to `Failed`
+  and provide an appropriate message in the `error` field.
+
+- It uses a label based search for the
+  [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+  created by the CSI driver, with the label query
+  `cbt.storage.k8s.io/driver:`*`CSI Driver`*
+
+- If it finds the CSI driver's
+  [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+  it will create a
+  [SnapshotSessionData CR](#snapshotsessiondata)
+  containing details of the session in the namespace
+  of the CSI driver;
+  the name of this CR will be a long randomized string of valid
+  Kubernetes name characters, and will also be returned as the `session_token`.
+
+  It will then copy the CA certificate and
+  endpoint address from the [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+  to the [SnapshotSessionRequest CR](#snapshotsessionrequest),
+  set the `session_token` value and change its state to `Ready`.
+
+- If it fails to find the CSI driver's
+  [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+  it will change the state of the
+  [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+  to `Failed` and provide an appropriate message in the `error` field.
 
-The ConfigMap would be the easiest to implement. The other variants
-would require interaction with the SP.
-<<[/UNRESOLVED]>>
-```
+The manager periodically scans for all
+[SnapshotSessionConfiguration](#snapshotserviceconfiguration)
+and [SnapshotSessionData](#snapshotsessiondata) CRs
+and deletes those that have passed their expiry time.
+A mechanism will be provided to configure the expiry time,
+for example, via a ConfigMap in the manager pod's namespace.
 
 ### The External Snapshot Session Sidecar
 
@@ -924,15 +894,21 @@ which must be authorized as described in [Risks and Mitigations](#risks-and-miti
 
 A Service object must be created for the sidecar and the DNS address of the
 service be provided as invocation arguments to the sidecar.
-The SP also must create a [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
+
+The SP must create a [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration)
 that contains the CA certificate and Service endpoint address of the sidecar.
+The presence of this CR advertises the existence of a CSI driver's
+implementation of the optional
+[SnapshotSessionMetadata API](#the-snapshotmetadata-service-api) to Kubernetes
+backup applications and to the [SnapshotSessionManager](#the-snapshot-session-manager).
 
 The sidecar must be deployed in the same pod as the
 [SP Snapshot Session Service](#the-sp-snapshot-session-service)
 and must be configured to communicate with it through a UNIX domain socket.
-Additional invocation arguments include the server certificate to be used,
-and the name of the
+Additional invocation arguments to the sidecar container
+include the server certificate to be used, and the name of the
 [SnapshotSessionConfiguration CR](#snapshotserviceconfiguration).
+Only a single replica of this pod must be configured.
 
 The sidecar acts as a proxy for the
 [SP Snapshot Session Service](#the-sp-snapshot-session-service),
@@ -966,9 +942,10 @@ without any transformation.
 ### The SP Snapshot Session Service
 
 The SP must provide a container that implements the [SnapshotMetadata Service](#the-snapshotmetadata-service-api).
-This container must be configured to communicate with the community provided
+This container must be deployed in a pod alongside the community provided
 [external-snapshot-session sidecar](#the-external-snapshot-session-sidecar)
-over a UNIX domain socket.
+and configured to communicate with it over a UNIX domain socket.
+Only a single replica of this pod must be configured.
 
 The SP service decides whether the metadata is returned in *block-based* format
 (`block_metadata_type` is `FIXED_LENGTH`)