diff --git a/.gitattributes b/.gitattributes index faa6195ab..081bf1643 100644 --- a/.gitattributes +++ b/.gitattributes @@ -40,3 +40,8 @@ *.jpg binary *.gif binary *.pdf binary + +# Annoying product-updates zip files +product-updates/knowledge-center/FTANF_2009.zip binary eol=lf +product-updates/knowledge-center/SSPMOE_2009.zip binary eol=lf +product-updates/knowledge-center/ftanf.zip binary eol=lf diff --git a/docs/Security-Compliance/File-Transfer-TDRS/diagram.drawio b/docs/Security-Compliance/File-Transfer-TDRS/diagram.drawio index 3e678846a..2c22f92dd 100644 --- a/docs/Security-Compliance/File-Transfer-TDRS/diagram.drawio +++ b/docs/Security-Compliance/File-Transfer-TDRS/diagram.drawio @@ -1 +1 @@ -7V1pc6LK1/80qXqeF7FYXV4irhnQRE2MvpliC6IgXkARP/3/NIuytEsMmZl7azIzFehuuk+f5XdOdx+YB5q39l1H2ixEW9XMB4pQ9w9064GiGIZtwC9UEkQlJEPSUYnuGGpcdioYGwctLiTi0q2ham6moWfbpmdssoWKvV5ripcpkxzH9rPNPmwzO+pG0rVCwViRzGLp1FC9RVxaI4hTRU8z9EUyNJnUWFLSOi5wF5Jq+6kiuv1A845te9GVtec1E7EvYUz0XOdM7ZEyR1t7tzzgi2+dasdTve2HatKzD/+lWn2kq1E3O8ncxlPmpmMo6No73rS3aky7FyQc2djG2gu5yjbhL4zJEw8s1PDorkKxuYL8fS1bQBbvUB/Zgvx9LVtA5rsnc+OTeQJTBYW7TPdEbnwiRSD8pZv21jONtcYf9Y+AQt2RVAPEwtum7UDZ2l4D95oLzzLhjoRLf2F42ngjKYirPhgPlH3Yay+2AJJK7mPGo15BgTbo2trryNoqku8yFd2xt5twyD7YALb2J1z+VJAwf0qmhzryHHulJcQ9UDT86SClaX4Yppkjeqc5ngEGwZmGjvr3bDScFN85keo3XZiKsdYF7QPxgCZi8nFjqJK70NR4TkUljvUaDavtU0WxUnc129I8J4AmcS3FxAYWYwxdj+/9k8GySZtFylbrdFwoxSChH/s+mRFcxJaEtyrn7f1nnaM+JvJ4Lx+Gz8ps7D+SbMGqhh0OwRSSQkW3d3A9dHRpbRwkzwC5/bWyf72VOZqOJIkxL5KptZvc95rXcYzSzauWNS+GLpoXU8eYV60M83o5/HjnZ/Xu7Iepu+0BM1jU2Ue2aF4FAwKRrNWQD0gRJEdJZF5P84jEievjg4AfvLjO6Bzq8FnyPM1BUqsDKcyx5yRuYIpCI4h4JMveSXJIOqLI0VzAhdS97Ule6h6iLC19r6lG+jaOhVIlJagBzWbVoMoU1YDGoSxLlKAGBvcofCy4mv9h7D5+/hT/USVAWQajBtXQwyE+h1FhwurqP1sUZzVP4k0VVXX0u+/apuSBWlDEs2OrWyUC5gxmR1gSDyI7yaNJCUwjGjkp/ovq/3ZU320UbMTE1Oskcw+kmyGG34DoHNesNTNo9QuQIgtZbEnYUauFupWGj1oRPiicF6HY74IPpl6AD962LAMBBw8r2YL1aiosDeNb2/EWtm6vJbN9Km1mnc6pjWAjFQgLl5rnBbGmSlvPzqp2Qc+qfL3d7FwSg2tvHUW74C2pGCY9ydE17xJD4qU5muctYgVjr7G16BlHA+w0dtlVM05kcW/PCAlTTeyPDxeIy6xfkzbxcI90g6pAmAMOpVatVmm2Xs2oFJnQn/QZcSbuJacsx9ncH4VQRffT0naaaW80xy0oDxbrzi2RzmBgGmvSzbNakwpJjqiRQJIgyZr5bLtG6Nvolmx7nm1dxSwFaNGcrKpeQ1zJ3UQT/TD2iI5m6Pw0p73TIh9InoPlrYsYWArykCSZ1RGCKcBOrY6JXevfFLpSN4Su2lrl0NYVYrwpua6hXAEJguB54mK4XyJINLAgAU86muRx7hicWjIRAi+b9LocGzB+DVIS0ecCVrqWcyRn4KHYEZ3tiM2vayKeFToCGUpBqlkc/N1McOIOT+oW9VgqiCVjfjKGJghFycbQKQVOClEHj24IEWjvgyQ3+2LUnYwG8dA6KXsejiZoCYUA/RhYpxtAZW8yeR7fGncDWnhZG0oHTkQCTsfIvIXDvjxEWoaqhl7fRKDalJSVHvr/zEoS/VxY92VBs2C9lyEkj4LHXfB4XuctMPGoRIVgEg+emAlZjvU1srhLVuoscfqhcq666P5LU/DiBvdXFonHtd9NGl87o/GShbzrWnY32cWjjLeKL4yUEBsVcIrihEuAaGl7ftyCvZU+6yYyFQmp0EUqPmnW2EgIs0S73bhxi81TmI8J4o62XUL4Qldzmy5kcdVENnCrphIWTdrTNFCr+57s6OJ80ay+srrwSBasKdrY5lTLWLvFnRGO74QykwAG/4bEf0RITGR1qk4Vdeq7QmKsSlFnAfrOmKC0cLpg2anyC14bE3NfsqVbl9uhtyay2yjH+O3XxNS5CLVevTukzoYH1XxHZYXUZ8bBhtS3bErcEZVgRV8MSsQQRneG9IDO3m20hgJU3XoLUCtAIQ+UkIKxiOf+G4zIc3x0i4qJsVjU+j/DN5aCV1mVZ4laQeVxLrAMvMKugFmywOxfsDMIDHSC95it4c0M3VTY5La1T1e2gvTds+YYMHkkzWg3/Ow24znIuwnl8Kc0yf7AtZ2FBFyu4uHNIPa106ViqJM+CTJtSYVfsmRKawUYm1eJq+FFSrY3RhpXDTgUWLPdoXBhxGHraBVE9c+E5p+6tgbFUM4EImXErwxVyVkvJoKla0kjnMsqf9+/CL7Hff+eba+KQWw69jgXZPzOs4F7seF+o0622tNG/cG9t+2e2nrsvHyM+V2DGO/sR7pWtlHjPX09lwREsUeluhJT3OHSL7IkpVZdw+tt5YKuZJYh2EVQSuoFFDBzgFJw059c0OSBwtdkEzTTreiGt0ioLzWDhMKtODAIUGPPa8HXEKBWEFVL25h28Kea/snATzY9y5h0Kc5f2xteahS4myUEwPVpDHTzKQy5CA3XjxzYGzHkeC5JVBNr/Oo2Jslk/RdNfnbJU+pi4iJ/0g4tFalwz/2CzqZ0K4NGYUTv5lIrclss9RrbpnB6dNztzqe5VAgiTFypVOlcQkucs5IrbWBLo9yXXMvGmY5r4dNQj+mEzJVR9VzbcP8/j4urraw5a7Ajt2KE2SLNTZI2Im2M26O4+/G7BCg+JuolyXzEbfsHzLctpqi/i6nPxF2NGzGTvHVz6XMA+dkNmPyOERP79HMbQ/n2LM3mVOxrZ6AXmZrCT8HWjXWEn+eR87b1WK3Rqt5j9sddlhtxJb/5jA0s46yzSWgnj9WijnbCHwz8AV2aJW1gBQmcKQeMGjndwGSUkhRuZ+e7VoZ3H4bjzwrT2wWvIwEZGwgF7RXcly2K8YBJiudVJ4dtFwY3/PF3qqbOsheqwpqkCaa/+qkmdKUl7IXkT04K6n/LUYpiuIpNNipO2NfJf8diKRhvh0N/8EcELFGj74H4282DrVJhXHNl9+TSdv9XLAQfsxcMJKXk+bWTjJjmhAnVo1Zx3YQFqO8+osOcrtEVR3UxcW67Rofpt2dOHkuQMJ2LxkgCszJmqQpFYURcr5SxPsZKuZgYe5uUx/QfLGSXLsq4TbAUQ5+XMcbua5F7LCMWr6KF0emHrF1XBqZeoelvUwZ8utF5p/jJ89m85pR0XFutcc1GEm5fP5b9QuLi6SCWYZP3mH/RwWuDyjqCe09eoaMKC3rUqLF1qkrWsjpXI9hKPUfcp49iv3kLBP/CZa2oR59YRhL37shLjpco6zW3kF7b4eeAOSi75IS/oMjfu+hjcntmDZbA60XSnqheav/lRR+e20UnF0MYy9BUPlsN/JKnO1oxrR8JIfRcV3btz56hX09ELWrURRP4elooUamyjWzgmSTpfBHGqFynuV2lUvABazK4rPsrGZbyMaH3MV71oQQNR5f/j0LLGyLKv8hd///lVeApVirkyaFNWoLbbEyU7JHNzsx60VsCrE8m0f1xeXHYHDiwlBBCo0UbMhzcW3tQ5EnAEOcndo/6GMBhEl/KiOnILPRVGyeHmooUqphIIe/RS4vmq7/DNd7kBrHkYk6FLpn0rYdCDE3m30GslfFm8qU5/Aq4iTYbCIQBj4k6hVnYqBl7Lxx1HDAjiMT/YtJvxiR3LW0mduRGS0vLwews/QlARRfNhjccxdT44gFmIg3DCj/gVBRXXNFSJU8Ci4huQW93+gPV3IMaUPxzq8HIU19XrbdAocydvCQMccz4faNpytZgN++a2/mBMN7eRl1hohv93oCYTdnVbLrfydZro2+xu/4SYpgmv/QXwpjQR9Tbdv7+tFC7jWBoNJvzbsOYj5tPcndPKvQomL2PdorB7Yc8sxeWbbffGUxHQbOj9Zo7Zf2iv0K7eUA+yQa3jeum0N9Bmja2Q4OjhCXn99tPpDTdr/otbtPnOU+YMD/45f6gWsoPuNe1LunKa7E674pA4YJQe1xVCBq++v7kClYjmAeN1SxomHL3zZtPWUIJ6oiWXV+39T7fBI7st8phs5zBzKXeiFBa9k6gBsF82iGk97k5oxqeDPQoAbtTLGUHYy1zzwbz7iw9Nq3SylY9iFuZfloLhzY7nKx2Yqu/gyc9xRpZwvuAldejhcaT0K9o8Aan93sLT+6yh+F6QM3TtEBvasDSYjy+CDwR+Qaaf+a55/GTrfZG/tCo7+AJWlgrh2j+9UBscb5AQ79BP8MzhWqspPcmSH6Vpv8gU6ON0oW6MXuQ6bdgRr1ZaC7zMQvyftmNOqM29Ic0xkdthQm3nfdGqxxfNrLlHWZUx59PCvM51Y1jvlodb/4+8GfTgakEjVR9RHNOa/fxWJt5izAm3Q4LevMhxm01KBN7TSZuwz6P+77S02N+zTfzd5WXab3RX3K6yHN7sSVuh+Hv161oRH2Arixm1t4Upk+LGeWtFatBytYLsgJTDUAvW/As0s9WH+Rx4ivIL5wDyMNXrLcD0EUlc5CmrKNQg4XSfa1m5sMzrDhuBuJEpMXla0znib9Da7SbUexCniIr3O/mVN2TpoOdbLApPVA3IAMb5hrPJx6z+7aZUwsiKg/nBxb83CVNtdtZgYUuwqdD6tDsTuVAjfG83CPtrr6uRl24BivZvIMmOMkz4b/e02q+3AC3GqQKnO8vmTpYY3UO2ieDFT1bpjebqmakgR7CoLpAjZZDaw6SJxdqK2qv9kx//mKf+j31HYBm7MCil1lNapKK5UdWBv2hf/LUJLT3pimQAwJQwx1PycWcejX6fD2cNYy6Hm3U7t58Xvq7cNSuScjdV1TLN47zQ7XIUofmU3sE8xGoE1+AD6v5dH7I8m1kztfiHjRQFw5MPWVZ1VCzpyNKmr7RyTNKt7OeIwkCcoJklnMr+hNpLLTpPqHxTcU6tRksZxT6V2zTQBq3UXtgxcu2kYwhU0//wBgEoLOLUBow3gy1INYMsAzQanN1qV6dmqs5oDigZwC+IOS/OOGM09xPGh3NKU3LhXbvA3s2He1UQLrE4pA1nxBjQ8MzK5lWPJVCNCJrFf3BAd8ntNmC96GF6cKUpqqN9FCcKGS6b4QUaVkMx8e6gwTPzumnsM3c6rgK9XocZ26ZhAB6pFjqRjZIQqa5zNxy9S7oBrI2/ySn+UblSW/2/rSWpgx4AHMt9V4u9WHI9IiQKeIsDzWrsZMnERIOeSz/lggFB5P2NjXPbD16ftnfDvD1R/6HaDoRU/MxtxINmgh2NlwDvYBOakAilCXO0HLsC/CAkabkRrPeVkjXsH1aA1JZP5ny+gU8G0L2fqO/2i+06VvwfmgnttxrQtyhHyUI6OEi7QROunLLXoqHl8OgJRJnRgB/w5ozGsUn5BKQhQLLBjR5zXEcpLQOx6FP/SBrJ3TxoG8Hhg8axlD9rgh+xPcGBsP2AWOh3BMniLPgUwyGFHgi/N1vzUAaPviMdiAsX93BGJ6Nr+P2vhC24TxUJ0R1ujBJt2m2+q0XQlj23cES4Tl3gPgK2r6yqG2Gro6tT8YcibREAH/1EnDBANED19A/C/1DjKUD7ahehOdnqWtU7h+GYzQnzh20uC34qCW6hv4IoBvu/ZC+cI6tkDYX/OEe0SbyqG3bRf5VWK5cFCMMDA7ai3DdjttyqB3MR/SF5YsrHtqoTTgm9Af8eg3jRvCJOkhuKwZ+ADyiYb400EjDM/oAzTeI59tSGGGpAF8U5M8pmOtBaOnQd19HlgD0MjC/APjnJ+XiAejifYiv0PN94OMMeNvWZR7JgtNnAefBMwTIENqvkCwQHR7wgOzzRHY+cA/lwfE54BO6FkK5+WguyXXEN96PaAh/izHvOaQHJPDfRdYJ80AyIxL5wDyAT6uQl8NYrgPUJ6JpKaJyxAsa6A1/99vQ74Q7RP2JqO+QB9FzIU980JPEqqLIEq7OrjJTi8r7c/vwaYLYjwocU3TK2K+q1StUdvcd1qNJ5nz6bIuuMJiXQlnm62tB/G7279i0+rb854uf3k3vdF1s+OtfjNKI1mFs/eM/rnT/WTaW9g9ngXkFPHrJm8O8hfg3W+67suXYetFIvy1bDqsH1JdMtPSXoD6difW7cmiLp2JkVrTV/Ncbbj3cp3MvQR2/elzya9X5LN2E4N+V1duqM4LHLzdEQPe6my3ZX8szzGcFuo4E1o85xP37IYrf8SGKx/yHhTH5v7gvQtZLADSsxpBFlSlC3N0fkyj1nYOboo5LZvEf+s5b7hs5ZJIq9emPUuQ6YvJZtCWhZ+5zcrlXIr4HDMli4u6/4zNvZ7MG/9sffruMT3/yh98obKe/IAOwuCy5euaeO2gnjkfrqStMRg+39ow3w9m6D/HLlVfzXcsb+9vm9PeU/7+VeVTHvCryXaf5B9kGHHjaDA9resG//BBNe4NNufsNWzqneC3D65vDmvuSmNhilHUBtUpfUeYzcGtsMa/71rAo39fpvYTyP6yBVaQ/LLX7K5rz7YJu3Lt1kH8x/GYpf3tyeI6wspPDsSp3Njf82ndAfkkq+M3xX1YDzxvX788Ez728dE+YCLen/0svan76Pwnp9v8A \ No newline at end of file +7P1Zl5tG9wcKf5qsdd6LeDELLplBDBIgQHCTxSTEJBBCQvDpT5W62+5B7Th2+0n+522StqAoiqpde//2UAN/4Hxzlfuo2xttmtV/YEh6/QMX/sAwnGAI8ANTpocUFEWxh5S8L9LHtG8JTjFnj4nIY+q5SLPTi4xD29ZD0b1MTNrDIUuGF2lR37fjy2y7tn751i7KszcJThLVb1P9Ih32j6kLBPl2Q8mKfP/0avTpThM95X5MOO2jtB2fJeHiHzjft+3wcNZc+ayG5HsizMNz0jt3v9aszw7DjzwwGp5ESUM6nHdpjQe70aKoP3HqoZhLVJ8fm8z6DkiQ2wtft+f0se7D9ESRri0Ow42qJAf+B+/kkT9IcIeHV18w8lXC6+vFywT07RUs42XC6+vFywT0dfHoq/ejryv4LOHN1YvikVfvR55VEPyPc+15qItDxn/lPwQk5n2UFqBb+LZue5B2aA+Aetx+aGpwhYLTcV8MmdNFCaTqCIQHpO3aw/AoAUBKHq8fCQ9LBQzUwfPmmkNp+xKNJ+JL3rfn7vZKFcjA3bt/gdO/EtiZf0X1AAsa+rbKnir3B4aD/yTINNyuqOtXlb5k/VAAgWDrIoflDy18XfR41T+wPncCTSkOuZ7tIA1w5LH6996RRqd9lj616VaVJ9EiQMpbtn7kdFiR7Pos6ZHN5axtsqGfQJbHuxjxKHKPqIPTj9fjNxGmn8Ry/0x6afwxMXqEjfxr2d8EC5w8ytZ9Oeu97V80i+02sXON59U6CZzxT5R8I2criYXABfvlS95ewPmqz6NDMUdDAXryU+7+z8tdn+WwJ+8IHEosRI79vQL39R3fETj8gwRu8VLgCPytwC0WdwRu8RECZ83alg9oOdDq/CSahLmnyT/JtwL3RqRAJx3SG2Uga0R98sQF9HOqofc6cLdDwHG/A9/hQljgOhqGrIf9SIOqEHcB8FU3Isjjm5r2EsW3qsMa9dkJIMWz63aIhmfXwBLLnl9nafH88tFeepbyAWyAE+QLNqAWb9kAx8m3bEBQH8AGBfunvtuzi3FXXHZ//WUc0wjgLnGHDaibFoR0vlmOT6Smjmdoi3HfuvdZEpXDX/XU1tEA2AJD1n2bnpMHqH6B4g/o8viSuH969CkFNOPhzU/Jnzj/fx3nL11y16oiaBolfgbk6xuq/wDGsyy34F6g1f8AKX6LCsEXr7CDeYsd2OIOdnw19j4cOwj6DXbwbdMUEDV44Oq+Ed0sBb7j42XbD/s2bw9RLX5L5V5qnG959Bb2/y2xzIZhemTT6Dy0L/n6DZNRPC1y0vf64NSe+yT7jqrEHjFyiPo8G75HEPwhI2znj/QpkPQFuXh4ps8AcBaXl271vS57LG0NYfBZlna3O4HKvXBwn/I8vu5PnMG+AKuHRJAFRVE4SVMvWAp9qv9TmQ+UeSzlFbN8bc3PmyDYW90jZJesbrusP71hnrtA954P9Q4APgea59lfcs0ze+QrZDzhkR7FWb1uT8VNseFC3A5D2/wtYCWgLln/klX/Dm6jU/fQ0F1xhfXgbpov68VL9qAA0fcw+XyCBPwQ2EGxxUseId/CDol9uYM731I/3HbFfsB2zQ4pC+NbkPh1dDoVyd8ABYLw/M2O/F8ABXMXKMCTfRYN7MkBWu2pIcj9/nlO/zuOw1Paz8LK9VV3P0UKFq+UyTsQ8bYg/GVB5GvH5oFmbwoCfRhNz7I9Wn8/XGGMfhH0AycPJX4okD298x8a0QiSJC+N6GcM/JQIC/jzdIMJGA5B0e761ux+ehswiA5PaeuVvYE+FAT1r5b18wzgprLZrJ0fNbwBYgwvZei55YQ8AdRX01y4h3+vYbIp0vSm+WsIrFyUVPnNBnjhSsLjO47fS+B8I73fh5DXSPg1VP7Yrvcl8EmrIl8QgnyJkjj6MdLHvMRe9AtNIt8O7JW6fmsC/ASDZ0t/SqmrEve5Ee45yiVz/U/07/j77/kWAXx7Y9RXrPsQ5WPTpjic3jqFLC/dSo8AA/wgm37aCf+KnYCjX157KOhbU+FJ8b0IbjC/bibc5Vrsd1oJb8DoWfp3wOiOKfE9iXtuSWSIMDvNcfyzysd1XJSt1u+f8v2ox4G+VMLYW1vu99kSrzQz/Tqm9eOmxEtYpF47uP/YlHj3VeRLev2JvnrThyDuXQvx6c3/W+8ZsGk/bR9x5XYRwAtgyD9eCtfnN4Xp+dU66wvQbAhfzyLp91zx92Tnh8TlfhjzjrzcpyvygwLzw8z+a+HXt5r1eai0bqMU/MRRHR0SQNjXLPG32uZZ3/6g4rmr4l7pQwThRAm7p1Xmc599gbX+66nOf+XZATBG8o5e+gDVgxNfPc0nXLujefDFXSf1t8XG3s4b+BobU9q2emvqPLfXnwzz/1L87Gex4eeF+ikc9Vyod+xWbJVU+FOydg5/YRDn0v6JLz5aqO+rA/rVuDlGLl7HON7RPR+lFp5I8oyt5GJQzvEbXnlhld61iZ/1+hsUqF8Byhv/7R/at6+BYsziGnDm6UteDPun2n/oEOvXaUXPh1jvIMDiA4JU97tq8aarhKyr2+m/KvrfBPybTAcvRPpDlH92LYZnbwFXwVMFwPm3d8CLf4Qh34WGvw/Jkf/MkgZeP/Ukjb/q5qOvxoXx13bm35rGv98gJd7GXPlnlgq7Vt/w7DPeeoFGt7HH06uxx1ceN70gReweH32NBr0eB/6CILeR3S8U/mrE93FQ91Uqczf1YXD4VU7mnYIXt6fB/TuFoK/SMPpV3lt87DUuVuc46w9Ajk5fittwKtc9jatGXfHjVtzP4/cHQDFBv4RiArkzZnDHz3waT/xwKH7yc///ypk6AcgbnoIbj3b8E/aiz5D3Nt3ge+ALL15X5xeMOuYHARn90dDGP0PffzqggCGvRkAeB03fCxm8yb9Avp8f/7X85ON8oY8a4Phupz0Df73Ni8MD+L8P+z/mTC4YgfoZzPo6dvCDoPg6kHrXKn6cU7K5Cfmf1FsBk27HHewG9cqaqAPuL6DMB0VVkcUr1xY4u2+wlLnn2P42LP3Zsa77E8aeRztcW4fiDLoFhjp+bjbYHQX+NIXrb3X03Xw324z/+vvsDk2S37l1u/OU5U559Lc7N0vgA0I5r8cB3gjAjwwMJMUpaVHmS38r65v58dgtb8RXYuF/90PlJLLAfybc9+MCQlLYzSz7m+DP96LavyIh912ONwLyjMlfu34xJFp/mzBpC2/dvrsQ9bsHnO6MFeFf+vR0x0wXF/htet0742gf0MP4K2MSRe449iT2BcPugeCXj3DvJy2v8UvA5flf8Z9pTXFGLT4NLv2kSYn8nEl51yL6OceYfmuG3W3n/yo8fvflb0XJkTbrdwMo2P1OuYnG3wS83p2X8PdzHN7h6PcmErzsrvd56zuRB4x6sgI+ftbgT5iM3+Ovf4yCDv4fBsET/hYDRYTECPx9DLyjFxcPBuQHoCNBwbjHtwN9NVvvHlgS9Bcc/21geX+2zd8ajT8/geQn5z69ZsF/NBXqH08boBYsxzx5638/PeAX5gV+m5VEkCj+jyyhXx3fZ7CXhtjPDvC/LujrYuIPHOD/UAC8v6Jx8W9YCPeiPj9kJNxvw51h9e/ZvL/At783ikO8irAz5PejLARCfS//L0dZ7lP7rc58BDKSwCFgRg3UWof4BH+AmhtyYJ38eybPc476rgj8+iRL5AtFMi/9vCcL/BdR6yXUfO2D328g3ZvD/lyT3VGJ8dfpsX8+BlmgZuzz+P/BYDQBBjCgFfzy/P/3/aDLN9PrzdxLOKSDsF1XAy55WMf3ji79EXvtH87A/M9Nqrw7gRJIyg1CH2IkUHDuLYIDSUMECNL/dXdE66s9eGcZ3EeYiOhL6FvcMQmpO1bBRyw5vcv41L+hF39IB96t7p0B5O/J84+OHxNvJ8y+sXM+jORvpyL8Nqx5COwhEAD+fGKnm/0Os5E/i0VSD2QIWN2fgPQvA9LpEHWb9kGHftgMPpJcvI7i/usohb+VGb7okzrj3050eOqKorntlvS2rx5vCGk0REAcHi4B017yPzDuCngA49cCQ8T+mKeNNyVYfYlLpDAcYlQLro4b8xLK9TmckcLzbFnf5IWqmEjgk1XgXy9x4zJqQ17UElgvHF+Oe91BchvzzuF2uU9lZloVHBfKTBE63DKWr2iC21OwtS9JwV5XPHHVS/GkSqZvT5yUKdwlOVi5C/KFE7qMC/b8eM8H5c2Rz5xXBYvpJTuq4hKN/GulCmyn8uygbwiNL69z2iQauM4zGT3FB4MKZQPUcI+kCkvpEzOm2+VJb5gpnJgqmJg6lr0h9EkkmWhYl4uat7nKc4Ai13Myd2UAWh4pNpII7UXHzCn0JSTahnWAMUMM6pNM5CVpkgt4V/nq2SmUg+fvxlM8OaezcY7x5UGfRXK1qS6GoF7Ak0PS2I2+Ncn4YO8zHgXlGgVfsLmq7IdYJufVwcTC53UBpaUTiRuP7zcATQyege1/8dzaWbapYo+rgr6AJ3D9kMwP7acnQ2BHHQflTuoLmiUYU0VbDvR89bz+c4zZXSKDew45x7g3BZjXwLaEDgn627rYki2C8iDHjDCvvmHPoWJXr+jSxc0wB5g0hps37fl2z3mkayMN4dYcA9+sk4l5dv+hzq+49vr4ri4UkGIjSyTgm53xmDcDaYbCEY95yLWjjomSP9Ir7MJtysd4zqglmxs8ezUE47y6/bpno3goA/DKPmiute4v9wE2HJKGQePGglJQpxPgSwE8C/lTUEF/fKMr6L9bG0B/jEnjzaBe2FMbIp/sE8zcJ7JLvWgPT5CGw03GxsCN0n2s5zf6rhr7EmDkPvahFF4vIUYPkW9e4oJ8xgdpB/qgBW19bM/jO2WvC7E98pB+ax+Q4LWM1qksVUBC97enb7WDrfuWDmpTrMsr5G7KrWwZnAMp6baAE/qnZ25/yrIKyw5Qi0FTQHm1JGggjVQIuC8GUrRu6iHw0/qBAweIQbSO2eWqCUHPo/tUeMifKvUYWu23cr+VPQHOuACJLl9yEocmzfggZaA8+Bf7NZJtuVpHTQSgxsnx0X2IuYXK07dWg7ce7C6Vr/W6HC+3t8o1EssuvMszX9sH70JJXdVL0Qbt0bFvdAF0qEI/nF/Sza7Dg3EFHJjrM0E/kyzqxtm+jUW+hz89k8jSIYQ9CJAT9EwZNg//PXAsyCMv4fvrpPmWxywDDP69zcNAjutSBUhxKRZP74ix5RG8AwHofIIoDTC+vnHBI2cAyQBcXVffu5/6dRUCFAfoOQFdcKO/sWGLb23/xtEPbXpel+/k25pt4NuXFCDdk8RBaf6GGB0OnqliPBlSDNYRSqsxmvP9MkGeM9A+uO7v68hPW8iHxiZBn5cNkeJ5X6ycr/fmCDwb4stbnrCRTgnmfn1P2NSIDvgoadIuLlAkxtkXbXt1/wR4A0rb+K2fwi7l0SHYLg+RTwANUB8ixfpeGUWM20iMIe/SMGuYS7x5QMIVf5d+JURBcyOen7Xz5X34fKmezfv3v9L/hqYb41l76nOEA04EcrY6gPoCdEonFKIs8k5dvpYF8ICIfLTLGq+CvHa3zMZEk8Oyjg8W0GwQ2VVGra77zPem7Sw+ybLCAbsj/9qDAD1OkDsBJU+x0JbGbM2mYCDvvAHoG7IOcGifoCVAFgxINkAT9xXFQS8dbu/Bv5UDpR3JjTk/m8UIOIzAVNkAemQczIIgVYCxIH0wNpCyQKcUBKrzyO1XFQLQGyPQGeKkl+7JdMCzj+eP+Uf9locd4D394V6ub57n4QRVsBC9VE9mCfGcnYF9BfK6JMz7ol5Sm28cFoVcogN9ZU3sZML6gHNQPgnKBzZWDuoO7xvg+eDZOUwf55UD28SeTIE9Ax1VwnNQHgLqDa7HW/1ubRRudTsBfXiFdTN4mFc8Qf2ql9UJ2ghmwYL8BjgXH/OyMB9ojzHqpXUyZhHmub0TlAfo5d7sRqATc9BzZ2MaJ0AjHLQXB3XEwTO5Cds7PbZXSAi9TABdEqjPMdDWWRdyULaaQ0kA9SVA+yZAv/Ep3ZhBvfgR2FfweRXQMQC0FfOYh33B5sHEDuAZBPQhyF/BvoD1GAANUJVHXrYHXIP06etzgE7wXL/12wjb8nT+QDd+fKjD7dd4pD0L+QAF9D9B6QTtgH2GPPUPaAegU3Wj5eqxX01YJqxTacB0SAsc1Pf2q4qg3A07P5RnwLJvNHh47kaTEfDJk1Q9WJbg7F0X85lH+fNzgO9PJ767OP/rbLiPiFQt6C/Yy7g7cEafJsA9H8TCvzzNFX4xjkX8ui94P479b0Ssfts6ie/uc/s8zPXdjP/7BZTfW//8fHve25YBrPF2MtXnxNSPm5iKvpyV9XWDwufTUu9uC/QRAZu7nHB/7s+/tlzyvUmP96fg/6YZ+N8TmX9rAv7bEbhXvERhPzlvAH+1PJP85Y0B3pvi/2rGKUJ+t15v8n/wlH2BJvSBLztkwhW5O6PqIQ7ubn7xQTNu5D4CwJWdfnS2zOeOLP/Gjix/vl5Ycgeif9e86Lscid5jydeQ/dP7sXzoaqsfAtfvid1/f2O31wtLiNeDjz+8HcvbNSr0q+r89HytjwJD9O1E4v8bG7T94jzF/6tbtn0fP/7LW7a9nE6EvfJIf+Nsw/e3aHt3iP/VuD7ydST/2dmd2UPsYSi8oj+f/nhc9v23M2w/7t2/rU2fkwr+vzXLib6zCux3zR+Y4xbgwLJbzQd8z1uaUbfd3el9/0IQ6Zs99U8mA39vgtNzv/G7UPQ/mwz8t7N9FyT55bVN8qPmzeuyvi2p+Pgtf+4y0n9/Gvl/p6OZnw0dvN6y4od7+bdPRH9VsY+eiH6X5d6dh/53OxT9z6edf09i/g/NOn+17upDzMQUFxMtOJ/SZl6cvdG91H/Of7+R7z/62svnR1yeEj4/4vL5EZcfsFIX74W6n3/Ehb5jpn5IVO4uIvxtnPhnv/8kZBdQIWeIctC7f9z5BNSd7b4/4eMTPj7h4334eDXA9XXn6/8JfORXq0ANFCHIolUoFUUPf6Hflvj9u37uc7a9v10a9bQ/+8uBJIaRJBz/48XulwTzNQGOIcBoIb7443cNI9xF5Ts7394n//3xhg93tNBX0dLF67jJB7lH9GsFif/Nbmi/mP/p81vvDm6Q1Pfy/7L79b3O/1wZ+hkz/a0x08Wr2AJ15zPQvytmepfxiX9Ddfw8SN8JiH5Pnv/tlaHfa8PnytBPQPovrgxlkP8YRL39rMOv7H5pAt/4+md0+vOfbXr5ybX/ZTW6+Ld59L/hkv3k0OOPukPfk85/b0Dqtf+yoBZfmJ8ceXxdForg2Jcfm1n1UZ4I/UuM81Fzql/MGvrp70Z9j2F+dkz7w/lnsXg53ES/nsL8swOaNM784Kdq/qnLTr368MoT275Xszf5iY8d0bw/7vX+BoQfs2/gazH53CDwbc8zr7eu/1nmBgV9QeCHIxckjVHo4mVsinr9jeL/2naB9zn01xaZ/c/Wr/woS344NFKvZniROPEa0f4B/3yfET8IGhcL7FWVv79Q5E29PnihyN0QMvYuMn5Ojf4PTo1+zz35x5NbUJL6gr0SKfoDXJK7TPav7Pn2/iDQDxmMv7TL2y9/+Rt5tahiwfymxWyvMGfxNxPS3uRnPtZ8u/s15L+Nuvz8Yjbj9v3xSxGBf+W2hdYThrDnYQ9YAwYTAe/cYphr1QNV51n+4RImI47xC3Dzt0uQH5N+HHTujee/FKIfh5P3YeNVRO7ex72+rg5+Ee74gC/S3B8Dfd+2/3AN9h4XvZgf+amZflEzYa8Gm18b9D8Qh3nJpH+iv2MhzndH5H8HVjnArZR78HoMEf9soqJ+Z2j2x/jsVGVDsv/jnXDsM/b7AXZ72vnwddT3aePDoslBdeoihjQ9JRHc/fCpNX+xSQJYcTh9gfshfgxI3RlCW7zFqd+1/PXuNxDID1Bi1BvG+MkJu3ffdjf/iz3HQU/1t6lPj2NsL25yEE+ifnrGf/E/ndj331CT7wHgB3Am/mr+/90pXMgdvny9HuHj1Ofbb/u9hYpXG5z+5HjR7XH2CWnuws47O6V2cAopX3jcyh4RTc5bFhym4+5FNwdngQX+4XmeNcAvd924jAozJDVneOIW0uf2P23WCMJWG4KtKpWtq5YtywScKy19HtlajDpEj3CU1vJZA9ltMi2XRCqirSwI+Gm6oPq1H1RP6zDMHEmaLTcb0CvcLi6BwuKycNKq48FrwaMtFllXTU+AzHPKhbmIh4O03/c4KXV+5x4PPn8J0yugCnXupKjfVmxRnLr46mSg2oaN1KLl2cRhhaURnvHnvSYvvVn0gYCgQ3S00wvcAwqT4GsJyfY3Z9/j8ex8Aoa+FNEK4uaEoyxDQQ25fLWZfGtq3LGp6LoyutpYdmtwTws3fPTmHigAOZglgs2YNoPiUXpLmCDRIrMGi0aQks9MPHfhQCMNIwMJ57Td4GrDMCzHhXdNpcphlKuh7DOB8h1E78vNcNnJ0MCWtn1EEMdNTYVk5pKUl0QLowTpXp8sdHwz1xfp0MznXe2llVpicHPcVGoHGTK2HNOn4kwVSS6uYwv1sRrPw6629waoHod3i8O0Uk2FH+D+WNIyGyqKIBqBSZVmhzoL5DgIix0eoUc/g2LJlB2u4I6uUSF3sSfZo86xRFwhQJ33QzXtFFCOBMRLuvqSrnmG2Z6n/tiPVWoxrkme0dqWbN5qV4oCWyZT4IfzljTDLOaExLfyMcaZ82WH9rD6Eb5yO1tP8RnLzHABmbEYGY26esLuEGXNtr9w6906uvhLK14420O3owk8uhw7DRav8QzqykvogdjkhdudleMUenJrX4iA0C84qV/oxAS15ZaItMmvueSDvC5dCnA/Uao9g3/tlo+oVm5C2MXLIUL1NtPia0q7sOaRte3l1HRk6SgA1uJWtNSfzAlVmeN0ZGWlJA5neeHOfuQQi3y5NU0XzbnkjM+4fDgz4wGyeqchnEfOOwW1BWPCelE0NQhPhKxm634ZRS6VDspuI9TEJbt2xpaRF00BMuSA4dfpCZ/K/QmNDHLBppRfYSd6DD1gOHOTLl/ojUM0LLOXNPV82G9qWOtxhHbFoFrXyXBp1tgUaOyG6hXz3cV1k4vqZn+0jOTiSaOX0rvQmsTTUVO9LZOVi9HZy6yvWV5wLKqlMIl96AlXHWhaTpxT124pukOXhSheFruBzeT4uCtRw/QMdW81obxdDKNN7vSrymIS5znucT4uiSW7mfoEP4sqWYlk0CLslUAYZMNRoiXsolniWJVGjDJuAK9xKutgoZCok3Ck8M6pLWGtRi3aTYiiUvVekji+LWu3DG+5FdUe5m574lpx7jeVJqhrI3LCVFet045U1qVoBB05yB4j3XaCNnLRiDsvRQjnkioK66/yqMXFgqvKrhK2V1+pDPmIdnMp1FGgdKcdd5aFgakoXrqchUhtE3aa3LPHiQ5XdWnhtnveGicdyqOLHjqWGq/nTQDZMldtTOSzOGmXeKvpqpmQsN8sVbZXdN4pasIf+cN6PzoSBOR1yolmccjI8IA2K2U+46st3LuaV9h12gki327z7dxeudxgvLguRtm8vYfLVZde2sR169wgkEtXNiEdKv68NStL9VN8DJEgB4QpGAEV5kzZ8S4EZGvi6cKaeSAD2jjQoc1zFRqIjDGq3MoZC2RBQzldMoClZHyfpj7Dcf5FVlztYk0an9O5KBpWHU0Tak17YeeKvJZtss1xxNazil+VvJGQIxQ7gpkKyZ550Ct7LT5K5r7nFMGRMapHZJQ216Aoa2msW7dGR6t1+FGEqnvDTYprWoZrK7zAo2d6jUYeCqHXjXjY/RltoYPSqfiSOu03R51ouKRRTmpucXhsNrp4sscc+DUeMM0kRsLVw7hWyJIRZM081Kf1MTjR8wYAGrksGsNlLar0jiehYa68yVkspTt7A2VLREq4kjzivqhkw5lbIcp4wdduURIsUhkia+F2EhYkAGNbVVnFDihpPEZ4K8M6BrRFK8vmUqWyorvyiC7z2mhZi8xN81jYdWhvXYJnFS6yE00/V41rH1niUCzW+UmmAdbweRoe5xbNge6SeCM3tLHh11mx0WrHZHPOqveIny8oRmq1NK96xCwPKBGmS3BvZcOuNhPNEQ18b7SdYORqxuH7vh0FTN6QOkfsOQvUUGtW6Nq13CJHVIMTfFlCy0kFfOWzLQCDcASSLibsJY62YWzXtuBK63ZseTlv+OWxCDKJVnHjUlJ7pGo06yTojZf21jhwTiRu2THgA08uNaB82YtmoaFYn/Ok5RpZvyjAwjg2MpARqxxFJc/2fBDmAzfKJJEdrIuaHLlcQnsUzQ/cgif4WmudRJCAgMnjNmnZUVzonMXNG9wbLT47XKXd9nQFUi1iyHLHgUIv4jIhDbGfXY4V8lOymldxLJFnvwI9VJzhv1g+efZlZqc9l1ZJf1ldRIB6cqVf7EoV9bD12b255Fo+qXOCYE+7RYfrAFOkY7PW+sUBGjldf6UTWhvSDc1lK4jzU2PZXGfyO8CSe0Nclb7PFojN55Flbx0xrY8QrvPFRWnJRRC0WE+s5p2jslBzYby/D4Yszi2HS0yLmkdGsQi+Zw9ucKAZCepBfVLMI6PK/GWb8dZG3bDcnG+L057c7FVxqhxKwWKZk0oN6+nY3HslXSLZzmGNKk3OqVjUVprrR/i6ZELpPZDDWj14+hpQdcWX1WW/XlTc2C3wEwTQSmD3tWg3XLoUeUveUWJuobm9HPRBFtJ1zsqQDqXDCUK+BSYjF+LKBslVeJqG1wJ1WjGHJlUucHbFE9D9bTe8tWK7sYVq5jRTFvA3sE0nsov2lMimNFZWkI+ulTpAz3DjWuIOKjQhOBW+CssiqkRZ9BREV8fIN/ypFaAVuLYsIr9SA+EGnKwtyWvbzqLGIg6VidAS6E6bk7a2qU6U40AIKh4xLctkZwpCersMCQyu1hqpsRpvIQTuvCYHFzcKTr92VZafB45DBKXHHEVUr3IZNVVO7znfWJwxY6xLWr6yKuIWYq6jmLwNaq1Q6KNwcdZ7yxWlwIscte4FZVeTxSG0VKnhrVywlpix2ReVFygWNNtyaXQlzuhESPtCH/q9IoqI3tE+yzTiwUoAn+FL5Zh3PN8a0M4TLOuo8V2A6km1YUroKxBHBz+CX6HPgTUoqXnAM+llk8UsJppswGhaDkzICGugvlGXGS1Sq1xTUaUrpfV+f0FbXWtFIhjG9aDZIJPVqmt2dd5EqYOIIuRgLj0Li1OijMsEYbyqGdmVz03LXo0swmX38yEyLIwNJa5ZTJ2pWlbFQZ0p59BmcdrFumwYyBYj6Xi8ybJiTAH+KoCNoa9lud1aNHuFmmTdAcRxB06fRfbq8bKqQz5YUjMwUCpebnPV3Mc0QfItO5VeKapWeSICzMdXk20joqbG662GiETayMYBMCGmqITqqYW8Kto4Sho5cIPcBjo1Am6tBDhiPFyr/YrPzAQoHm6zXlzKujhQOc7RGwUgqtWyVDU4+ulswS7ai3zoZHwQOOsqlCfXkgC2SGctq3QrAQ0XlxZwBNSStNg8IaxUoDd+uWZxR5avtClNyzGy8YEXl+hRbO1tmjOqYQCvQzq4qsYZS5E+QSkBomls0rZlq7BeHYf9eixOQWpruSowV3r0fKs3cNbq+GDZqmclkQ6C7PXSGlpy9kq34MIeYPPmJzW0tSvBF43eO23WnvYWIqeWXNjgHWMtWIKB6YMhyN22IyJjuxcLTQD5SWjg1P4+1C070Q9WCFhUVndiNu7PpLofCpNYlVwoCScWEcfSyIt0zxPmMkCxeLhKKwvhyqS29qBFrM6LK6TtiPUpkHPWJYJMlJfLBs/VWeVYyNNsdxUQKcct9aLWIpmA3gd+oneRJZ2xjoqrm9uo3XAYKBfmDk6c7RKpsBSlfFMEKrvCzx5mzofJ5qqRyj1uVIZUPki3sttCrae4OgLWrdWy6QjHOZT91aszkgMcBYGra08EL2+sY+KwLcMellFSJDa1WSw3GU+qyaLzvcXS0Okk2UeCdmHHfeohRSMQBKIvl/wB8jgSLsldxpLL3KWSce0MF9Uy8HkUjcpQzrtTxFcaMUfEkhdE2VThDv+iZC8aVNDO7RVH1gpH6k4VC8AI2+FLTtAFoyDWrG2NSnwEir1zKsaHyKcZwDsuKPXKHnq7U47SFjHWwtbFtCY8E1PNXKjUm6ldHZ5OpHvkeo5QvMYlqrVArDdam5quSLjW2WntSazMbbU7TF3hn9CrsVnNeByJe57aTXZ0YISKsDA8xmvqynJb19j0vqTMtrWIjB3UrGI7OAQsJRZFQdTJC2tuQntnwmp6FwJP3aWAXqAvNiO1153o/UkHhpx2XuztTI4We/k8btEVto/8aneklwQcforREGtWUGPVsYHMzvJ4vW4WJG1GexvqXIpZrWkn2s2mfzzECb1Vwt2hF3eHGDsNOx6YMPB9qHtabGSsPMVWuYEoMp2YxkPTPUU0S1qKTMrtLy7lrTyekTYNVTFQ2SdhRsg1I+TJaeIZdRdQK4Uip+LB9K5m0klNCcorKm0xemyNkdnVnN9li2EFMsiXMPUKTDk3ozMPUOHFTBQ7u07BvWhG/IjB22vpw/TGL6pED02cJDoBq9fdEbrfFzw7SL46O/EtrrFeoAS366bmB+IYL+9tqAsDC1zufGxSkHU53CJIrON6K1sj+UBVn0JfH/5B+nufMiLoL0+BwOdBPpT6guG/Kc539xu8n3G+zzjfZ5zvM873Gef7jPN9xvk+43yfcb7PON9nnO8zzvcZ5/uM833G+T7jfJ9xvs8432ec7+7GFOSXBf1yKt8C//K0FPF/FuqbtLzGLwGX53/Ff6Y1xRm1eHeX11+N9L0zbzzNdtH5NrXznS0i7gb+XsQG3wkFll2W39ZaSAwMHREsazlVuLRzlmMtkQ1YLmdZAd6xxcze7rsQXG9chNVgpJCF2cQFyz4ECMGf6rRpBwqB1xy8DrspBSoZXoPCgbtzBm7wLWsOw4vs+lYOm1CP5X0en8fn8Xl8Hp/H5/F5fB6fx3/6kIAn2ZBd3KRIjBEnVZRO4Xa/jxt7CoDLb7mmrAFzmAtZ4dFOdsGfNSyhUfztelpq9uO1YM7g36XmvLhevbCb1ePD2z/t5s/j8/g8Po/P4/P4PD6Pz+P/xiGoo1GqlCHklDEDoxb8mpsAXAesUbKTUbbjSmhng2fhL2qCaxOauRLLhhZ3ZmWCjW6/CZuy3AVe69AQFkU2ZrmaVXI2uN232CTn9izPshrLcaxosHbOdrAKt3msnKjrzR5JFZbSJ+acTOQ+lJkidMgyhmMVsjTqs3g2eJpdCwyRyFIZYR6iyss6xOrz2tldzgv6oMp1tXbSreki42bLCaG/7xylm0LPpDa1XWbNUK5867CeCZMvr8TqsB8SGa1TWcwzGT3FB4PKBKQIfPsSNC4Fr2PfQwKHLtbldQrlgHIrW1aV/RDL5Lw6LKuwRIpIsZFEaC86nuLpROLGRF6SJrkYm4pcOfRoFPRkFCh8fkjw+pzKEqH75KxOcF7CWoGldGK4NcukqcdUri9xwd3eFvjLS7q1GPXgoZFvUWEjNaYP8gvuEDTiHPLI1fDtve5LlTGLQygYcygkqLHJp7CUCrXgiNi/npO5q4L5eU05NGnGc4wvDzpmlzrmnUIfreODPd8oDVqszwSdNHazquw6wcwp2nJI5DNn9aG++6Bh0BRQK916XSh0TeAHaNDYlemgRbAxK30jXkNZHALfmg0HBfUzK3N2ryth2Ri+WnyjIugF4VndMHLWG6mKsWWtN+Yldhgi2LIXwyFG/ZFi8IlOSBpvn8qeGGztel3eeHkAPDwYM+c+4+WzWVb4mmeIeMtSFr6sYX5blpBwQ9A6fof65f+o5Y1drp1lmyr2uCroS6J4U8w/8E4oG5fQv9aA/86pYsDWXx9bL9vlqjGn0JeQGH/GQZtw+42PYf2flw04E9cPCaAsM4UTfV0B3tRndtIBF+pb8HyBzplPIsE2H8DzpfpEg+baresf8K834+Vr/vLxvDbrZANkLa+WPLgP2kQFD/S/JOX7tH9Md2wxgK0DPfdMUkGKYLW5yrP/+h9f/Pt1AH/af6AOucp+9slnn3z2yWeffPbJZ5989slnn3z2ye1PGIGLmyncPsCGOuWhJW0xSzwBXihcNIeNnMCyicRZgcSxiQx+VW5MVH4v6je7ee+uRXa0Zc6NZDv3ZC6JlSLZy1ekVuwkUAuiWDp5p01jLxfAS5roo1EkR23qn0q3QGlsC0qydP5qHRUuT7SiPf7aHyx9ZFmbZwWJ3bYC66gsuxc59irCdZy0xSrgNmu5cA7bbR7bt0Pk2dGSQDVU3mr1h9yDDW7kosCOKmiuC2gB569JDGupgD6Wzdnq3nBFWUSlPTctr5KgcVUkqiqiXUfbc5AdWxnYcsrzSpP2SSDbbb0sklZzWgT4gfhKqCgLsSW7SlXH7Tae5Pkeug/9xqxCPzxEcn1McBtNDymRbY/CXvXlPSBt0Wmbeun7NVmEzVErO81vOqrojr02D7qPDYuCPJ904Wps5StdLqdB36Dm1keZMsTOSkHAWec1ed61VNZf6csaYXYxDt0auL7wgU6ANqP4RKeHhn+HTiKkEw+yCRzkG5jdWuK33FdR5Bzxyu2XnGul+8Q2CqMVVUnU7DZWON4xZvfCesFBt/l9UJkrsabtG60aQLlOK13MnHNyVZmi7YaKI9aai9qeV6eB73VlKHtNiO276GAi6TbEM6Wm8nYl7oNIKdRGq7qVW4fRtlk2UXtcVV0UHY5aczz1K2SII/ysN9R4WotXwMKTcdCQYe2iabzFzENEnNcVmcUHanU4vqES07ICa3Asq9qgjex6FCi7BQergYPliyogujaAi8RGwbPgJPmi2Z8Yit9lOYdKJp5dJG6Ht2xqb5ImB31WUPA8xc8a+5hnyQg2XEc0sMJRi88MZRxQ+IDDkpKW1SwHs/dXR6JTuC6oZXf2xmhqPGMkhKWKZlFiZMvNDy9x8IsNimAV10XMRVHhCigr2Uzr3hGJBTLZtHrlKLba1Q7JtSyBxdfe5AjELBYYzhw0HEvLA0Msh/OCPmPayc7MZbfwp6pA0CK1kj7KZ80k2OVyeb2OGoLTGqVrPe/Mbt3BZRZ6XJ51cj6kcLmd0G3WMMi2QVyrE4cz4Sl4V4RjMM8MAhc1uskhT7x91O0SZos1fOIt+gvN0mt4c99sYEfYrN7PsQSXB6lndJD0SSBJns1GQtZmxqN3uHuunKHz+iWXLMXqVDrxDleN/aaFa6zjdjdet5vDeO2WRQ3nW8+BHwWbYagCJTOCeJXktNC56Uw4iE/zu6hPSf4YG01KnwxSzrJstzWX12N6RSjQvwi+iWHbeoecGzhB3xi83bbPkEBP/MWMa9NaH+wchkdymUNkONF22V4uhZKuxYnyYmswlWS0T7OzqMKlgHJXtO/gpHfRQ+Ks1yMiDJVqWsrKvGYW6/UOoTxBITRElmVnqdv5aW8d4Jxyzj6tvDEh5XVUT15GdkwwCvW8guxYXyimVIadIl0VpisiaTGly3h/MrxNqMgWD2SbmPNs8OP4yigJdZA4JXR2IRm2rdfopRo5xuoyoR1cGyqaQuPuFy4ZHtLG98YrhARWOVXKSsiTVKuVfWxfE971c++ycpIgKYX2jG7KdSB0yLGWO9wIPUMK4Rp7+MEOqT8mTI+XijvotOtgyboGiWG7g2tULIRb2YBLl7uVxJw1OBebU6tEOjIIU83+wp7XLDWxzXYq9/tSUQafTOEMeXN5YayIPvfJxRit1c4MNMIlXSkhVgJVtFfCRty1tolCsTgBDD15bLzA2M0erpbCtJUPeLDzEp6w3XYF95fgFuiiidcERcMlUGYnBcNSW3qFHLKsE1xui2ucE+7uCinZZrW+bBHBXnHxRdeubmGsVQmjy0M7zlvHx/eCrUd2qPbWHq3EPO22epyf8ZWzs4iuzPiU1a5HHajJ4zHnvZGX4sSgaWK53qKmXh8vR0/ua9pvCHOxo1mOarxsJ/ryfI7PykIhZ5+2a7aoOTxINCsDOudhV4Osh0sWTDiHm5VRpTOGYtqW07U9BYl5tmtcGndWsCY9uCCYsHrLq9LLaWvkqmr0BKtzZR6ORhUS3ZwpKk4HI4X4G+Yay7JpXVRQvTUC1xhtnOOSOtXzaNSL0xZunXCh0p2Lo8u1f3DRFVyTS2upT5KqCw5WAgcrr4kDvsOc3LcJhpk52S+TY9o7R94oq0TumUu85CKd75IjVyZ0aeBwSwF7FcVHr6mZeCmpjuT7q22J2jk0dmqvErqF65uKjoulGo9kdLoum0u2OUC5b+CyxxPjx7qj6rJ1kZbJyTF2l7hxrF01yz3RJe5+1ZnUFi7wYZBGvi1cnC4JIP8a9+alvJ68vRfuhPrYQ7RPM1pZmwxcsyKFFJa4QXsyvWXnbzQa7ZR13EgT4Zayl9ZrMid7c70/omvYGzy9xWF9NgzcEoIGersoJcONKmJhdJh/uPpG6Cy7A7fa4QAqFBpbHi8JJcVbY+EMepoPqJiSGlxCpxqc34Gn2YTu8XPoXVqz54zTccJD7aAKeNULdIFpw7beSxmQK8HIObgfBdVkcOVc00k+7QazJRyW50VYKiMe3SBk2EFU4mhIdtbY+iUXLbm4kHjSFeRtFZZwleYqOgXtFTyr+QsjvQjMcF6KKM1uDjxOw06h2ZDy0ZMeXdGl6y06clssuebcLblcDImw4NB+e3XDvDTGBm4VcmE711xA0rBrzzkJR2fndvi5GvH5CNrH13bJzMlkl3QdeP4W9PFxXB+2F26edxv42Mgd+kDSi2JE3aYOjX7Cjhuf3AdnSb3WW+1Ajwl62NEqGpVwEWG1xaCSgvuAwLUx7Ervw6sDOlIzHTdtPF3ftD1vdDwy70soV7FB7xXitAGQi2jYOWzqyF9w8VFdTB5czGMF/LCRZC341h9DPOvaacCuLslmoOK7yr96R/qk9pgykXJjhXMjhwTslaiS+0wzQqDSKzw9XUsiGTbo4QIXlbLsurnZGgUF1I2t6onVhnwrGxd1Nt/0xqQD4yvzfV9a7A+hvBVwoyyrrDQsbRdSay50JILU94CU4jAvVVh1wYgQTbNWyQHVpEVnSDQ1qMzYuYFSb40KosTSl6NjCci+z3erSybgFxIuHhn5GT0R7XXDeculv1GXureMk/G85atg6k/9rhGa05jJi+2N2JczVFPcYQZodk1jX9uwrSQngPmPvn+wfSPWRfobvQ/UN3JjdeYvBBPlt9WxpHNMQw0gdso8XTKytiIhGje9Vg2Y01HrdDqtJz04opkveguBTPY1JLX2gtQuS07xGQs62sQ6at5Cfs93N7FkJbTzmSMcF5ME1WOvNSlDIjTOxitBF7P1yh2wAK5KU3Qb3JvwfIKro/RshqCLRb10aGmp1kK10+vikdTrKSy0C8F1SdD5HLo0/ViTmM6V6En2Fvu0VW/kBrSheLs5tvTKLwjA5DdJVJUNhBsJPYnuXl5FaX1WBgg5qu4Q+yaKNK64Djg90EwzCiVdaCe0jKBkTKIJdyyBhu3uphFqxZ8df9yU03SCkGzkN7vWmLeLwsFO6mEfHOety4vlWa49Zz0texuoVPmEXzlOT6KdeNIWjYSyJJMvveWa8jod6fQESc82X9QtKHHmi6LI2edG87frIJhCC5LTAA7dIBvAOmQkYPDatsV+0xP3rpv3irxdN6dMSzcbpGV7LD0o8WZrFOGcOBnUhhsc22fr0fWiXkOyzIGL5tBwqei6ki5cbo3bZKQoZIUekfq0NU0HheU31u3d0tbVp9V1QOuaUyNP3ZdoCtefSweXYrTpIuKrxrpxzpa8ocm6JTW0pvi9dDbbZVHUHecg4neaqGRFUS3HJFhveuB1Sarmv21rJ1jXq88RNb2xKCVeSGp9JtmdXuBCeevZcuES1+QQilPVHhfmELoGWYhFPZ6dfL1a+21fugsNqegzdSaCw/UQ0TkHd50wM9eKrjtrW6FYTeNYceMUqcoDaCfhyFGmLwrK7+YeczfTwjozE59kdZafBLjitV8tiauPrOGXfBYpcrkcpeGGyXBrIrgDUDdF146mi+u4BT7GKdGkiluamaUr4hx47rwIjmTnqJdC35hFvqP8w2o1iCe57c5ES3QDdspGvu6kLqIJ5n73i6aaoVpklU0urJAGrYfF7JJLbzwxKFmFM7qdEHk3c/3meAjw9twXdOE5FyyKp/JwTgtY4YXpTdVQkDhowDfB0BiSkxJbO1H7WjgSUxIEBn+hcs+4SOG2sJvtJig6dY1NGLVj0qr3tq3mhDG0PjwjAUUIG5UvziENzWqgV0xcia/YeAjbWb1GlirJFrSV0P5msa2kZhIgXOZwBTtceH2gtx0si1Vau2OT2xwGidWO9E0rwFX8jbNjoGXCMsCPKultv9WhvBMVqvgmXIKP+Cii++uIVZEzej3QgsUtrE35qG9R4kLsaDuqu1XbUGc9x09OmyJbrFJUJmOyq5+O+nEuDm4gFly+3qgt27ziTg5weA0sHMQF/BW0bvXgj/JPnWSf68zOjMrfXPdZXHsNbqtnIrzWEO+Y7DwwCErqxJmg4+22IxH1Jk+KvQ2htVPu2qRZwqYqxmUNtJ07XcPbjg6ofWOw9SBV2dooZuhoJMNtV4kjLSaxfipWi+NGTtCtNMTxrlZnbAUJ7V9cdG1QTXFyrrjDeZ6zlN06M0oJ4gWoVil10CLaYgd69mPDiPJVUs7NYrcwI//hPqg7ykAP2EC6CMFuzqpy7ZQTjwzqoG9zZdjfFfo9hZS7lKFcZA83ArG46obVI7vXfWiTXJDbguiWwqI8L/eOH4x7a143GyU9CT10fLRDp547vakhg2nhwxs8uDIZ2V/cYn9WxrXp2JaQV60FTTKX7y2Z21gsvdevhBHv1OuY0KlNpY62s1aLIYjmY3/cB1wz5yJ9kMJDIfhC25TTFocaOSVDVssJCj1KlsNbvI0sFec0+8zapxC4XDlnlzQqB/nhZrUsJbacdleB6PZwLwRCRJhhCc0Nku75lXA938zR2l0O3rD0dtKgnkNxd1yZ7bXsfIeqFa0KtOq4GzuNNaOtp8P1+hJVWOLGXI42ziqdLR0B0pOyuvTp3LgsufncL1uKmCmEjblMdtDhciJi3pq1a5CQGNljFwvS14JuqcQkcL+bers/QwNrHePsoi2hScW5UDT4S5LyNyvnlp2jtQMDqvIceawjPwbkxNowONA5SNiyFu3ia9PCkQXGlOZaPDRruTSkuVxx2wbKogYjOvtDvKnc1OBOlVe7xytkIjE1BR7VGFg/fC0p5crBmjNjIIwMI0C+y0jHzVgTyKpzys1gsw7lKuKB1vMd2s/n7RYYjF18puyLcYiTTckeb3GIoan8iGv2lTJr4/qynQH4LP0l2WfUzuv1k67tF8se7+FWdOFiHUYTgxL7y7AWdX6F2gJ5NsIlCXd204ZcOfTbBiVpK/aY1X67wbWtHa7NpAfO95Cm7aHIRnTAylNX0KconzQb6fGjlxldMszkQQz81ExwPQQ1puek7aQZ7yJq3otrfLOtLgUMUldp3yMw1AFFApEvfkN5ABqgUJNKBIGNWlgPM7ny4nyBXQS3nrLIBLibzKZM65IsuUY3K4Z70Mpdf/UPByHUpmARG3A7Cn+QgmCeEIclqcyHKRWg/CDbZ2mQSWXDYLcnaW97xJG1QaYOnpRyFyhReAJSv1N70DD4VDDc4iIrQC+yOUqEER3tUlkAoqXrGsYQuu3N8zP8+qEuEE6cHQ3BbO/uiGIdALVmR/6FXcf3zSbTNFdd6fKXYBrEVWqjlTJkAiQOEJehOMoHX/drdDcZY7zYrJZ2nq4rD9QS83tmGcuD3U3nHBTaNcENJux5Y4+q0gRaF+hQtLsVu57V48b0FpOjaaq5siT92M54cGLX6DFINQ5Dzquuz42Oky07B6rA5dfsRUSrdE0725NssI5YUvLpeLEvNz9O3V5gZ265lNpxZJsBVhcFoEi7G86paX9DCYE43fxNSMvS4grXu1kOAq9Ei5sHCv2THcPc7kOoH/fY+ZZjnd8iA3BbRAJhXdOstI3Trmm27nhqV9jX7eBdjlpkE2Z+Cd0QAc7z0ssulkfakNXFIS3OKm4WIxtA6Q7kiwOFULT3kPXqWR5HbziJ2cFp1JmjvQH6zQC8DvR1A42/4tBVVdEOh4Q9WUZVXJb7K4yLzFe3vrXN2Lnbh50e1iSyPyDhbR9G+0gQAqtIq6MGQYNgghtfJAp9rEG38wayp4pSxYPJAPjEWlux0oCFX9l+w/HHmZUugXDZ5ucTtj+l8Xmx60h31s7CsKB3bcR09QZAA70ZhDWnmAlm8I6GFCF9yeZgBDyRryn+dLnxJCtBs2LYujWi1Pk55KbpoEGVly/7+mpKaEApXbgrAiKLSabJVvvGXeB6MGXydrXSoBWSSZx20vuyVCYUzbqdcPHT1bIaap+2lAPcjXC3GJLLOt74SA7JWxi7pYyFfCnQEX30Vm6K7GyEYlbtJa2sQ6D61uhoPM65JAUtA+pm14hV4uhHhlhwKkNd9/jKYIVuy8a1rwRro5QX+zwd1R5Snwiibbzd5dhuEXPKWklwQaoqVzTLPPH6vdqhQj1r3glaXMYiicowXMXTzceCSccb3ptQpiMTSixUUv6th3DmRjXuWD5wcE1kMKhjSDcOhvri9qyk7vjdHthTo39VINu21E2h91hJWnMK55ip+P5gpclgLtGdp/Z+Rpf61VnZZAg8AD0t562caWELUUkW6ZNRXGT6xAntqFVx1qoUes7UXT4Tzs2iVPW1Ozin/JR2sit1LKcoakJO2Gpzk5O+h10qejXX4UVEDAseE71LPAinPWB9VlI2ZtpALL0h0hT0hEc1q5x1kxwqa/GwJvmD0QKDYSURFFERoDRnkIQuKsl+43rcWl7Cb30CZ+i8sPnLYppRc4+sFyOMswzZfqZiRZqiRS3TMvB5OZzdGFCsLxMc1nu0tHZfLa00mfjY3WtHU+6nk+dNRh7vokFxoN62CwRYuJCgsK+b6AYWOCVCZChUJvcfnASWOd11ElgEBcbUzjmI7nXf5HzZpQs9xf2200vpkmT+eb0JStids9eiJaWW3Y4atxwb0Zxso0ptoye3PkWenmA5hNLZePCddw/RcSPHoGnZMwOoJZLU8IuxUnocjl4zLOJOUa/uUlf0K9WOwW46Thenqhb12SHFPSqxbVcJvu1TpbkknR1ubyjgfCBnUr4qfA/D5jD2Vhs40B5wAxqAije+RI9nN+hwKegWHfQbduH6gR9vI1RcdNpd06WG7yF7e23tZm5WhjfF5AQ9T0dJJjAWVO/zZLL+mt8R0OlDt7rGmyhNdla/VM/SjJLHnYXYjKVWtgysHENad1QzwN1H94WDCUtJ7mOE9E34anFtnxBhvbXCTddKx2mpk7vJVI2jUJ616/p0KQ3G9JBbDVn2cGtHQVE8JseRAWNExJr09NzNVxCq4eY9xgOSHinI1QQHcP4WDnF3mx3oGWeVUIfOl0ptsQ8vV+D977ZB0HUbfTHMwbWMMZOVpTYrqTqKgOFT9iYZ4wYzK4rIxVdJ8lw861YbGo3PmitgXcTKxOz5DAK4mV+HmY8ksBZl3/S1bCBNxVyPm2JxDcfmtleavulrPjWr6oSvVW9Tg9amm9avLEpqEXMfl2RwnTb4ElBMiTSDb8vNXqInu1+LXlR5cnzOuc4xmMhwvTYoxES+LHcShCUVj+qcPQBlsluoPdoyGg0crKq8bo/hNicLqoJsIWZ12ghIc7ODDLcHdz3gpFF61huNXXumg7PbdKW62pW8DrFkpSpw5kjGMnY93tk0Ep+uy1VSVZAz/DPZnc25vERpud7KFIYx5pxd2p0/bB3A2Y9Gz8jfjJ7TSaz7eL1NcNrPrn1Mr7EKXRAFHBBQt4meuc5krArW6016WOILOZGyrs1OvYOgGbPqRwEb74Z1hI1P7fabEvwAPYihqJQ4OH816zY0q4NiD1Dbq0UvBdiejvY9ROPtzWpYIdBzcjD9aLuhb0FJnR7KnM3svNSjscikoTRTS3VWRORZ0C63zQiGolMpvBQ878APCHLLwMMN/chN68A5OrtJipySR57HurjmmVvnHSjyZt8I0bncSpWiZckZT7iDFIE8Ctw6mJMyPtlCrdKkB7+GfSfh9QTfjJGXOjDLsFybWU3AWHKxkpxKazOnZZdMVAELTnhwtlnDHe4EyXhzWx/KzWZB7iRp1oZeQ8xRDJfquEGAXpCyoxhSqHfp5PxEhmraVh7v6YdyffEHuaWSvvH8w3y8ErSd1ewF47flhYzDNeUeCwYT+bFerncTNq2767bzLv0w6/QR2xiWKJPzMF3V+UrB+EQH8ThmULKFg7lzuOq16/Ka9yjLZEN6QGtsmA46sz0tgKvErJG1y2xQHh8IPbLNXhx0o2PtjCQplOrbc+ljpc9jzKldXmt87c348oYb2tnv13rc0kDBBGy9czo6APLpdZ4ptB3QTDhVsEEXaRo5J9+NGVqcf1qsVsDbCtXJQWfgHJGrLG23JS1JPjUNyqGqL4zv2FgYLC5RDnUltdb/39quo+lB5Ij+Gl9d5HAEBIic440gchYgxK83w7dbu+vdddkH66aShGbo6e73Xs80FvbE/hvJ0P5NMvRgY3eBbgSEwlYEzJwufvCi0QDtiBxHO20SLsK8FciA5V+P/Pfvr9XwZ0nRyyP4BUGqK+sWrEQWAgU6mTqoDE6Y47J8YaisfyMEFSV+endC668MmGbKuaRq4uj66mFxIwooODXDjiQcU14SbaBY+yTrT/tO74fNZhdtQfmq8S9CDzgy40yiVtI1GwrEEzMo9/7+hQ51tUZhEW9WObU+aA4yI1mJLXqUTuoEHP34aBCTV9NeF04ebeNSuOkR43EahUnqG9DR1VtGG6Koxafv3gzD3T9UGgbxUcQNZLXhyekN/tJow+xx9im+rAQvrAIMH/SM44Fgjw4QSgpXsNQSJMfjU/T6xMc5S6++o4o9pcUAlWdhqEXVickAgR24B3oQVDvfDY4B62IpNYUjTev225/dBqAYS/kaeEkVrye+zjWV6Mjmr04Lqce7beSdiQNGYr34m0Drg7ICsxZh/ZwWZ+csbvlaq/hkz3LZGJTBrvyfPQTK0IM1t6rL0Sc9tYhFKGoHa3M8ZEotlU4+jhhaG8bkhq4gCb/A0IwLzJB1t0xv5CTVCfK/EJWxYn4qF3OwEJsaMdGgmfN92M5jd6C/Fts5sZUxAaipA6V5TIy0yHvdX8RIzViQEOgxmH6hWiBXaOJqzHnzqskt/eo+iGPxVPEZfb59sKrjC51c7mHQtAUYaHv/FRvukrTUgjd4gkVs2vA82dK/RaqpI/r3ckhH6EbOj6r60yA+VmAf1OctD9s798nV7ZRwrkI5xNcEoKtCKFianwmn9cZ1wd54CSHlWArugA0h91PmZ70Z4UWIA8rYkip3kZZyt6Beh4qlTsNwh4ahKXomluMxCg3WvMfU9f0rj9SDkx3F5ys8WrZq2vhuaPm2zWod8z37hsZQ3+niIrVkzNMzFn5lvT/qUpI+X9qyMoi5i+2i8QaIXVeHD4bSHQIfaUCp7SY/KXhgz4YVGQ2oQ8EsLJSlvwqHFIlNTd0SJpeBbsaZpRTrLDd3GMjB2T4Q+sFjIpzhc9a0llrh3LaP76phqeQaHNs0cwJiMcvpkvNdVd81vFUHPGw1AKCKtD7N3G+WNXhzXOwb2Zvdjy6EYaPIZCFyaJMrKSrGM3uYmr6h7dDI2eN5DQ+nfBL5QKatIoWD9V2/4WTqR202kFLk1tZCYECocbZhM5lXjWr6+chUVWXz5KdW0Zk8Wc7U/mRFc6MYjJ7r1azQ677Papiv6S4uruMWsS/xUuKYX/SzGRUzMoAFAHPz6Uum1S39TGJ9oC3EF93aarVhLUVtJChxmNxeDSBOcAHAqEg8PQE6iiuF2kmYPlAtGwZoSUYmqFtBBbWlicu8slAjxnSNFwx2Zrm73ZfslUFcHUjbV7BghHHSII9R7GFxWMsYKIJ18JFxgQ9+E33EsCtNWY/reojygi9eISbgx9hh204M/qxuT1DikQddvX0uBiHcGq74nzAMndjb8AwhOgnaaFh/FYa/fP5rEe/CPAgo4Xk8nynOqXPCA5gy1gr0fRcHStaj5VQ4u9PZ/lDfO1hR1vUwl97JcR7O+4wJiXgXuM+b/NZFogobiFbeJCPBPR3GBV0Dy7WT+3dsr4mjwFMB+jcKYrjKXccNbbN64IjUTqTJqQtZ6Bzb7juPoJ2rV3k4ou4iE815WAiHdJHFkLgnce4uwuUpEk7c5zEx38xReonG54Z3zePJyCSc8EkzKlxphgMBlYV8hk5+axal6FxjbZoybAtMeZnQYtVbpNa8exhiI50bnXTUZJLj9PGYXEm48I2+d8AXsW9A2Ym1tObLLksMByzlMx9JckQhVTWrWl0h+mttL2V7ecNUd5xilJOCIUQa1MUdZE1G8dGZbiaodKhNqOOqZXB8Zl5yLufljM58i4lMQSkXEFjhyVTcbSsWe8l4Il9B/AlR3lvhB8vFcczM0dnCw31dziXcA5SLgGtI8ELabqG40AhzarnC9w+F5OIhCMxy9KS95+WT78ksnFj1XtygW3Fy5f2oDkIWM+xmpRPEKsNRaTSlxx46z+UbKGw/l+uSb9kQ6JXrgOLG9qH2acoNyhGMYQBrFAJ18dLgsMzcVfnJYFxUD1hxxCV8OixN40HGWxn9s4/DvSHuwzGxfMVg954JKMhENzYDM6lAvBbxapNsk8MSrZGS6ZoXgE5KJjAE15fd14yLyxk7HWuh7qnsr+MyjmFdN3FY9fgN6hnWgXSf98LEUmgK4XVXocOphGfSLk06IZD7Q3bB4hAUEn4BDY615FfIHdrny2QUHD7r0AkjZSV6J3swADxOwew98sT9tncf6aAJMBkiE3BP9k2a1F4Un+eQcabooKt/1+WkC6YUFHNF4Sd8L57lgqU7MNR7U3SrxtQczCR8r/Z6ReHhjXed/5rC1ROOBemR9qg2dZVwgZjB9CCrfFpe1XiDLJjBp/tmMLKaBNUYFWUlceaqTzYfyfWix68Cmo+caNJAC/vQu2C221x04F3rNjI5peldQUsubANdbg2C+d77CrubXQMu3ZjQz2oHRDW3Ql4aqiIXbXBKdO/km/MYXJmzruXQPd3dC0700Np1vGymiVIyHu2t6TJzAsP9Z8cLZVW7OPzFYXpZoxXPng1Y9dLcQH7nL/gMNxM5r2im8oFoPYZ+ZLEO6npGIKrz+NyZOxgvY9jO5Xc08u+W2ESFPw2Mj0TnYAkf6P4YsAQQOhAtJmL2hwvA6zjtnXrFpnHcOBSEG3+5hhNeAXYx4rjcvQWZRRxG3dTIx7QnAx3+xRRM3ayHFcFmAjYRXZYgkwLGxfyBldAX6wOFI200Ai5CMZVfUzumKpITZmXjGlr7hOav1LFn3SnKazyvyD3+wT+ivUJytcfgIBFWyEVfXsriz04yCX+F6nG+TKEEPY8r3jKCSM39p00O/+f35o8nxf9A2b/p3PsX/X3/tpkvikH/hHH6txf5h8a+MIL/+QleCEX9RVNf/LrQ/9zUFyhx47j+7jNxSaZKG/MX+Ma/AA== \ No newline at end of file diff --git a/docs/Security-Compliance/File-Transfer-TDRS/diagram.png b/docs/Security-Compliance/File-Transfer-TDRS/diagram.png index e40b8e67d..476b82d33 100644 Binary files a/docs/Security-Compliance/File-Transfer-TDRS/diagram.png and b/docs/Security-Compliance/File-Transfer-TDRS/diagram.png differ diff --git a/docs/Security-Compliance/Incidence-Response/Cloudgov-S3-IRP-Oct2023.md b/docs/Security-Compliance/Incidence-Response/Cloudgov-S3-IRP-Oct2023.md new file mode 100644 index 000000000..3c9425d90 --- /dev/null +++ b/docs/Security-Compliance/Incidence-Response/Cloudgov-S3-IRP-Oct2023.md @@ -0,0 +1,197 @@ +# Response Strategy for Cloud.gov Security Incident (Oct 2023) + +TDP is hosted in cloud.gov, and our team was recently informed of a security incident that potentially exposed the secret keys that are used to access our AWS S3 buckets, which are used to store raw data files submitted through the system. + +While, there's been no indication from cloud.gov or our audit logs of unusual activity on TDP, we were advised to rotate the S3 bucket access keys. + +This document captures the steps we followed to respond to this incident, from the point of initial notification to resolution. These steps should be repeated in the event of another incident on platform. + +## Summary of the security incident reported by cloud.gov support on 10/17/2023 + +> Dear cloud.gov customer, +> +> We are writing to notify you of an incident involving brokered service credentials on the cloud.gov platform. We do not believe there was any impact to confidentiality, integrity, or availability of your data as a result of this incident, but we are sharing this information with you so your teams can assess the risk and take action as needed. +> +> **What happened?** +On Friday October 16, a cloud.gov engineer found that the cloud.gov S3 broker, which manages the S3 buckets that customers broker using the platform, was printing AWS secret access keys in clear text to its logs. Specifically, whenever a customer created a “binding” between the bucket and one of their applications, the newly created key was written to the broker log and indexed by our log management system. +> +> **How has cloud.gov responded?** +>We have modified the S3 broker to stop printing these credentials and we have removed all log lines containing the keys from our active log indices. However, the log lines will remain in our long-term log archives due to our retention obligations. +> +>**What is the scope of the issue?** +> +>The relevant code and configuration was introduced more than six years ago. Because of the time span, it is likely that all current and past brokered S3 buckets are affected. +> +>**Next steps** +>Because of the factors listed above, although there was no public compromise of your credentials, we recommend rotating your access keys at this time. +> +>You can rotate your keys by un-binding and re-binding your S3 buckets to each bound application. In a terminal, using the cf command line tool: + + + # list all spaces in your organization + cf spaces + + # target a space + cf target -s SPACE-NAME + + # list all s3 services in the space and the applications bound to them. + cf services | grep s3 + + # for each application bound to the service, un-bind it from the service, re-bind it, and restage it. + cf unbind-service YOUR-APPLICATION YOUR-SERVICE + cf bind-service YOUR-APPLICATION YOUR-SERVICE + cf restage YOUR-APPLICATION + + +> Note that re-staging your application may cause downtime. +> You will also need to delete and recreate any service keys for your S3 services: + + + # delete and recreate service keys for each service + cf delete-service-key SERVICE SERVICE_KEY + cf create-service-key SERVICE SERVICE_KEY + + +> **Is my data at risk?** +Cloud.gov does not believe your data is at risk. The logging system is designed to segregate logs from customer tenant access, and we have no indications of unauthorized access. We are continually monitoring our system and will reach out to your team directly if we detect any suspicious activity. +> +>**Why did this happen?** +>Cloud.gov will hold an incident postmortem in the coming weeks to discuss the root cause of this incident and how similar incidents will be prevented in the future. We will share our findings and corrective actions at that time. +> Please feel free to reach out to our support team at support@cloud.gov if you have questions or concerns. + +> **Update from cloud.gov on 10/31/2023** +> First, here are some corrections and updates to the original email: +> * The original email said that the incident occurred on Friday October 16. The correct date is Friday October 13. +> * The original email said, “[Whenever] a customer created a “binding” between the bucket and one of their applications, the newly created key was written to the broker log”. This is correct but incomplete; credentials were also written to the log when service keys were created, not only when bindings were created. The remediation guidance under “Next steps” includes a section addressing service key rotation and remains the same. +> * If you are still working on rotating keys that are created by service bindings, please be aware that if you have enough memory in your organization for additional application instances, you can run cf restage APPNAME --strategy rolling to restage your applications without downtime. +> * Lastly, we have posted a public incident and postmortem to our status page. You can view the write-up here. The cloud.gov team is making several changes to the platform to reduce the likelihood of keys being sent to the logging system, and to reject them from the logging system and alert platform operators if keys are detected in logs. + + +--- + +## Response Strategy + +### 1. User Reporting of Security Incident + +The cloud.gov platform team reported the security incident (copied above) to the TDP system owner and government technical monitor (GTM) via e-email on 10-17-2023. + +### 2. TANF Data Portal (OFA-Raft) Team Procedures and Reporting + +Upon confirming receipt of the reported incident, TDP GTM activated the [secret key incident response communication protocol](https://github.com/HHS/TANF-app/blob/main/docs/Security-Compliance/Incidence-Response/Secret-Key-Mgmt.md/#communication-protocol-if-secret-keys-are-leaked). + +On 10-18-2023, TDP GTM and the development team (responding team) met to assess the incident and plan remediation steps. *This information was also shared with the ACF IRT via e-mail on 10-18-2023.* + +Please note the following assessment and remediation plan: +* the access keys were printed out only to the platform’s logs, which only authorized personnel from cloud.gov can see. There was no reported exposure of these keys outside of cloud.gov personnel +* A [review of historic logs via cloud.gov](https://cloud.gov/docs/deployment/logs/#web-based-logs-with-historic-log-data) for the backend production app (`tdp-backend-prod`) during the time period of the security incident does not show any evidence of unauthorized access to these buckets; +* Additionally, there is no evidence of any content missing from or added to TDP's S3 buckets. +* As recommended by cloud.gov platform team, the TDP GTM will be following the guidance above to rotate the access keys. This change will take less than 4 hours; therefore, we do not anticipate needing to activate the TDP contingency plan (which is to be activated when the system will be down for more than 1 day). + +### 3. Mitigation steps + +The TDP GTM followed the mitigation steps below for the TDP staging and prod environments. + +1. Save a backup of env variables for tdp-backend-staging + `cf env tdp-backend-staging > backupstaging` + +2. Follow steps outlined above to rotate s3 keys in staging (`hhs:main` branch) + + ``` + # list all spaces in your organization + cf spaces + + # output + Getting spaces in org hhs-acf-ofa as alexandra.pennington@acf.hhs.gov... + + name + tanf-dev + tanf-prod + tanf-staging + + # target a space + cf target -s tanf-staging + + #output + API endpoint: https://api.fr.cloud.gov + API version: 3.149.0 + user: alexandra.pennington@acf.hhs.gov + org: hhs-acf-ofa + space: tanf-staging + + + # list all s3 services in the space and the applications bound to them. + cf services | grep s3 + + #output + tdp-datafiles-develop s3 basic-sandbox tdp-backend-develop create succeeded s3-broker + tdp-datafiles-staging s3 basic-sandbox tdp-backend-develop, tdp-backend-staging create succeeded s3-broker + tdp-staticfiles-develop s3 basic-public-sandbox tdp-backend-develop create succeeded s3-broker + tdp-staticfiles-staging s3 basic-public-sandbox tdp-backend-develop, tdp-backend-staging create succeeded s3-broker + tdp-tf-states s3 basic-sandbox create succeeded s3-broker + + # take frontend down for maintenance to update backend + ssh tdp-frontend-staging + # commands: + cd ~/app/public + mv 503_.html 503.html + exit + + + # for each application bound to the service, un-bind it from the service, re-bind it, and restage it. + cf unbind-service tdp-backend-staging tdp-staticfiles-staging + cf bind-service tdp-backend-staging tdp-staticfiles-staging + cf unbind-service tdp-backend-staging tdp-datafiles-staging + cf bind-service tdp-backend-staging tdp-datafiles-staging + cf restage tdp-backend-staging + + # verify access_key_id and secret_access_key have been rotated for each s3 resource + cf env tdp-backend-staging + + # restart frontend + cf restart tdp-frontend-staging + + # check for service keys that need to be rotated + apennington@HHSLBDSWL73 MINGW64 / + $ cf service-keys tdp-staticfiles-staging + Getting keys for service instance tdp-staticfiles-staging as alexandra.pennington@acf.hhs.gov... + No service key for service instance tdp-staticfiles-staging + + apennington@HHSLBDSWL73 MINGW64 / + $ cf service-keys tdp-datafiles-staging + Getting keys for service instance tdp-datafiles-staging as alexandra.pennington@acf.hhs.gov... + + name + s3-versioning-key + + + # rotate service-key + cf delete-service-key tdp-datafiles-staging s3-versioning-key + + Really delete the service key s3-versioning-key?> y + Deleting key s3-versioning-key for service instance tdp-datafiles-staging as alexandra.pennington@acf.hhs.gov... + OK + + cf create-service-key tdp-datafiles-staging s3-versioning-key + Creating service key s3-versioning-key for service instance tdp-datafiles-staging as alexandra.pennington@acf.hhs.gov... + OK + + # verify rotation + cf service-key tdp-datafiles-staging s3-versioning-key + Getting key s3-versioning-key for service instance tdp-datafiles-staging as alexandra.pennington@acf.hhs.gov... + + + + #restage + cf restage tdp-backend-staging + + ``` + +3. test file submission and verify that file is stored in s3 via DAC + +4. Follow rotation steps for `tanf-prod` space (`hhs:master` branch). Documentation saved [here](https://hhsgov.sharepoint.com/sites/TANFDataPortalOFA/_layouts/15/Doc.aspx?sourcedoc={cbce2e75-17b2-4e70-b422-60d034fcd4af}&action=edit&wd=target%28Admin%20Notes.one%7C8e533710-461e-4b99-a33c-94e9b67b197e%2FSystem%20admin%20sync%20log%7C47928620-33e4-4cd0-8a3c-0542b83ef9b0%2F%29&wdorigin=NavigationUrl) :lock: + +5. Inform team that key rotation steps were completed. + +--- + + diff --git a/docs/Security-Compliance/Incidence-Response/README.md b/docs/Security-Compliance/Incidence-Response/README.md index 131b951a4..a62aec2dc 100644 --- a/docs/Security-Compliance/Incidence-Response/README.md +++ b/docs/Security-Compliance/Incidence-Response/README.md @@ -6,4 +6,5 @@ This subdirectory contains documentation that describes our protocols for respon ## Table of Contents * **[Secret Key Management](./Secret-Key-Mgmt.md)** - lays out TDP's standards for minimizing the risk of leaking secret keys (i.e. sensitive information that--if exposed--opens the door for unauthorized access to the system and/or data therein). * **[System Admin Account Restoration](./Sys-Admin-Acct-Mgmt.md)** - lays out steps for restoring permissions for a TDP sys admin if their account has been compromised. -* **[CircleCI Secret Key Rotation Tabletop](./CircleCI-IRP.md)** - lays out steps taken in response to CircleCI's security incident in December 2022. \ No newline at end of file +* **[CircleCI Secret Key Rotation Tabletop](./CircleCI-IRP.md)** - lays out steps taken in response to CircleCI's security incident in December 2022. +* **[Cloud.gov S3 Security Incident Response](./Cloudgov-S3-IRP-Oct2023.md)** - lays out steps taken in response to Cloud.gov's security incident in October 2023. \ No newline at end of file diff --git a/docs/Security-Compliance/boundary-diagram.md b/docs/Security-Compliance/boundary-diagram.md index e58c88ad4..c1a8de954 100644 --- a/docs/Security-Compliance/boundary-diagram.md +++ b/docs/Security-Compliance/boundary-diagram.md @@ -6,7 +6,11 @@ ### Data flow -Users with `OFA Admin` and (STT) `Data Analyst` roles can upload data on upload data files locally into the web application which will store the files in cloud.gov AWS S3 buckets only after the files are successfully scanned for viruses via [ClamAV](../Technical-Documentation/Architecture-Decision-Record/012-antivirus-strategy.md). Developers will deploy new code through GitHub, initiating the continuous integration process through Circle CI. +Users with `OFA Admin` and (STT) `Data Analyst` roles can upload data on upload data files locally into the web application which will store the files in cloud.gov AWS S3 buckets only after the files are successfully scanned for viruses via [ClamAV](../Technical-Documentation/Architecture-Decision-Record/012-antivirus-strategy.md). For lower environments, we use an NGINX server to function as a proxy, routing to the ClamAV-rest server in the production space. The NGINX server also functions as a gatekeeper, allowing documents for scanning to only come from backend servers, and only able to route them directly to the ClamAV-rest server. + +### Code Repository and CI Pipeline + +Developers will deploy new code through GitHub, initiating the continuous integration process through Circle CI. ### Environments/Spaces @@ -14,7 +18,7 @@ Users with `OFA Admin` and (STT) `Data Analyst` roles can upload data on upload ### User access -All web users will log into the system through their web browsers. +All web users will log into the system through their web browsers. An [Nginx server](../../tdrs-frontend/nginx/README.md) sits in front of each frontend application to serve the frontend application as well as act as a reverse proxy which blocks traffic to TDP from outside the US/US territories. For traffic *within* the US/US territories: - all non-acf users will leverage Login.gov and two factor authentication. - all ACF users will leverage ACF AMS and authenticate using PIV/CAC. Developers will also have access to the `dev` and `staging` spaces using SSH. @@ -22,9 +26,9 @@ All users will be required to be approved within the application by an administr ### Access points -Beyond web-based authentication through ACF AMS or Login.gov, and developer SSH access to the dev Space, CircleCI will also have access to the various environments to support deployments. +Beyond web-based authentication through ACF AMS or Login.gov, and developer SSH access to the dev Space, CircleCI will also have access to the various environments to support deployments. TDP system administrators will trigger CircleCI-based deployments via GitHub. -TDP system administrators will trigger CircleCI-based deployments via GitHub. +Additionally, the [SendGrid E-mail API](../Technical-Documentation/Architecture-Decision-Record/021-sendgrid.md) receives requests from the backend applications in each environment to trigger email notifications for key user activities in TDP: requests for access, admin changes to user accounts (approval, denial, deactivation), and data submissions. SendGrid only has access to TDP user email addresses. ### Configuration diff --git a/docs/Security-Compliance/diagram.drawio b/docs/Security-Compliance/diagram.drawio index 8ead466d8..279703124 100644 --- a/docs/Security-Compliance/diagram.drawio +++ b/docs/Security-Compliance/diagram.drawio @@ -1,241 +1 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +7b1Zd6LMFy/8aXqt814ki3m4ZAYFFWe96cUkoCAIKOKnP1VGE0UydGKe7v95kx4CRVHj3r891K7iFy7EeyWz0sBIXC/6hSHu/hcu/sIwjEEw8AumVE8pJEk9JfhZ6D4loS8Jg/DgnRKRU+o2dL38KmORJFERpteJTrJee05xlWZlWVJeZ1sk0XWtqeV7NwkDx4puUyehWwSnVBpBXh6oXugH56rR85PYOuc+JeSB5SblRRIu/cKFLEmKp6t4L3gRHL3zwDy9J7/y9LllmbcuPvJCaYxlSi7cYrtwI3y2KE2KesBP07Gzou2py9xkABKUZCdEydY9tb2oziOSJuG6OI4qyYO/oE4B+UWCJwK8e8TIWkL9nr5OQG/vYBnXCfV7+joBrReP1upH6w28SLi5uyoeqdWPXDQQ/MX5ZFtE4doTnukPAYl+ZrkhmBYhiZIMpK2TNRg9PijiCNyh4LIMwsIbpJYDR7UEvAPSFsm6OHEAip3vTwMPSwUElMLreO9DZnu0ypx49LNkmx6r1AAPND79DS5/O3Ayf1tRAQsqsmTlnRv3C8PBHxkSDb8Io6jW6J2XFSFgCC4KfVh+kcDqrNNd9kT6fA66Eq593VvAMcCRU/Ob6nCtPPDcc5+OTTmzFgFSbsn6ROmwId7+IulE5oqXxF6RVSDLGXaIE8udQAdnTvflCwszZ7YMLriXwU+J1gk2/OeyXxgLXJx4q5nPsvH0N8Nhi6E92NuHbs+ZDcoHlLzhs67MQeCC8/LoJztw3c18ax0erCIEM/nDd//zfJd5PpzJBoZDCVriue9luOc63mA4/E4MR18zHIHfMhxNNzAcfQ+GMw/tqTBjlFk78nOpQ3QChnwgbxnuhqXAJK3d48hA0rAy50wFzOWooU0TuFgg4Kd5Al+hQlhgzyoKL4PzyICmEI0AWJtGBDnVFCc7yz42HbYo83KAFBf3SWEVF/dAEfMu7z03vLw96UsXKXcgA5wgr8iAom/JAMfJWzIgqDuQQcg96IuAo8tFuFv8/m1sXAvgLtFABtRRCsJxPmqO56GmNluoi/Ev03uRRPnwt5YnkVUAssCQXpa4W+cJqq9Q/AldTpXY2fnVcwroxlPN5+QfnP9fx/ld6jRqVQTDoMRnQD46ovoHMJ7jeJq/Qqv/ACm+RYTgdA072FvswOgG7HhW9u6OHQRzgx1CEschRA0BWLo3rOu5wHY83SZZESR+srYi6SWVv5Y4L3n0BM7/MXHpFUV1IlNrWyTXdH1DZJTASLz81hzkyTZzvDdEJXbCyMLKfK94a0Dwp4ywnx+ZU8DpNEk/vZN5ADjD3bVZ3TRlp9J6EAYvsiSLRQ4ad2XgnvOcqnvAWewRaD0kgtAUReEkQ12RFHpu/7nMp5E5lVIjlufefF4FwW5lj+jtvChJvSy/IZ5GoHvNhnoFAC+B5jL7NdVc6CPPkHHGI92yvaiX5OFRsOGinRRFEr8LWA5oi5ddk+p7cGvl6VNHF+EetoM/Sj4vk3bekwBEX8PkbQ4H8C6wg2L0NY2Qt7BDYo8NuPOSenfdFfuA7uqtXQ76t+DgR1aeh847QIEggnDUI/8LoGAbgQK8mXlWweUDINXOHUGa5+dy/BsMh3PaZ2FlX5vus6eArgmTVyDitiD8uiCybtg8jdlNQWAOreoi20n7+3CDMebK6Qcunkq8K5Cd6/xDJRpBHOdaib4g4HMiLOAhP8IEdIegaLq/VbvPtQGFaH1O63X7Q2hDQVB/1qwvM4CH6nDYG3xU8QaIUVzz0KXmhJwB6lk1F5vwrw6Tcei6R8kfQWDlLWflH3WAK1MS/rxh+F0D5w33vg0hdSR8dpWf+vU6B56lKvKIEOQ1SuLofbiPvcZe9JEhkZcfrCaub1WATxC415pULrVX7cw35gFPjUhff0Dfo+/36RYBdHsk1BrpPnn5ODcO1/mtUcgJ8rF0CxDAB8n0R0/4K3oCjj7WLRT0VlU4C74r5wb7dTWhkWqx79QSbsDoIv0NMGpQJd7iuFsF4UK18BDxMIg35cPKL3t2uEzaWfDwzjRdC2HsVpf7Pl2iJpmZuk/r46rENSxSdQP3j1WJV6sir8frAa3VdBfEbdQQzzX/t9YzINOsmp5w5XgzgzdAkT/divvLh2J1edfzshB0G8LXhSe9yRR/jXc+xC7NbswG9mgeV6SRsW4Z5sPE/jX3661kvXSVRonlgl+2FVlrBwxsnSTelTYXc/tBwdMo4mryEEF4ScaapMphm3mPsNW/z23+7XtrQBjOK3LpDqIHJ54tzTOuNUgenG40Ur/NN3YbN/DsG1OTZHWr6lzq62fF/F/yn30WGz7P1Gd31CVTL7iplKiu+CCbi4GwY5HBLnnA6XszdbM4YGrr5hhJ130cr8iee4mF85BckJUSFurWvqGVK620USe+mPUbFIhqgHJjv/2hflsHitKzI0CZ+aMfFsG59XddYn0OK7pcYm1AAPoOTqrmqaJvpkr00iip/lXWf2HwF56eXbH0XYS/tw+Li1rA3ezcAHD9Uge8+SMMeRMa3nfJkR/EkGffPUKdufGrZj5aWxfG63rmu6rx9yukxK3PVbjQVLiedkOzF7R1hUbHtce8tvZYs7gZmpSwJjp69gbV14EfEeS4svtI4bUV39Oibi2VbUx9Whyu5WRfKZg+vg2eNxSC1tIwppb36B+r4+Jqa3vZGvBR/hgel1P59LyuaqXhx7W4z+P3HaCYYK6hmEAa1gwa7MzzeuLdofhs5/7/ypjKAeQVZ+fGSY8/Yy96gbzHcIO3wBfe1JvzBaWO/SAgo80ukK8qdX+6oIAhtRWQ06Lpay6Dm/w08nZ+/Gv5yVO80L0WON6ctAvw1xM/XD+B/+uw/zFjkmZF6jOY9bx28EFQrDtSG7XiU0zJ8MjkD9Qtg8nHnwbsBu3yYisF5i8YmTt5VRG6ZtoCY/cGS9kmw/bbsPSza13NAWOX3o5RX4fsDKYFujo+Fw3WIMDPIVzvyujGfEfdTHj+ffGEIck3Hh2fnLM0lMe8PDlqAndw5dTXAW4Y4CMLA06YOwnKPmbHsl7Uj9O03LCvzME/za5yEqHxz7j7Ps4gJIUd1bJ3nD9vebW/wiHNJscNg1wQed30s+GgZceAyb54a/Y1QtR3Lzg1rBXhj5mbN6jpEo0fw+teWUe7wwzjNWUSRRoMexJ7xLAmEHy8h3nfOMu3sW8fm+UB/g9Pco7fzrGEkBiBvz7HDXxPPwnIe5gSFLTrXn5Q+n1iIJhHHP82YmiOJnhXKH5+gfyTsR11EvyjUI8/XhalaI5nz9bI+8ufX4h7eom6IEgU/yOk/+r6JYtdC5rPLmDWC3reLHnHBcy7OoSad2zRt2TzB0Y18jmjusmqfZXMLo3R5j40LBu+JdO/QLffa6USNQ8iS75tRRII9Vb+L1uRzaN9KzNPQEYSOARMK4ZSa23n8BcQc4WfebeBwHASjoLw19trGK+Gmr0ftnZLUW+ywNeDyJBHimSv9dhz+MoXUesaap7n4K740MgyTTG6l5KsQSTaz+F/DycjEkrGzLf/DwatJWiggf9r1//f20bli+p1E1sGXdYIl6YRoJKnfUqvyNKP6Gt/GGH2zwWNNQaIAU45QuiTDQgZp2mTD0gqLDAg2e9Gj/2zPtiwzeceKiJ6DX10g0pINWgF99hS10j41N+Qix+SgY3NbVgge4ufP7o+RtwGBN7oOXcb8tul1m/DmifHBQIB4OFMTkf9HWYjP4tFcgZ4CGjdP4D0lwEpX1vpMHmSoXeLUCJJuu6l+usohd/yjBBmTuQJtwu556kI4+NpMLdzdXogulZhAXZ4ugVEu/N/Yfwe0AAm9ESWsCel78bjysGinb1EQmNAlFrIR3bc2c2VaDs/IOF43Ff0oR9qageZTcjVbLLf2fGI1WJypy2B9sILyzLQB4jfx8bb+bQVuApbdUOenytsOB/wLVvZow7er2bT/s4JuX1XIPb6Uso1uTPpV7zsqfzOWZv+COSbV2jLDrnt6dkElHewJuy2G3KYvuRKTWqh1mS/0kQu1QSu0IdEW1juD27stMG97ylobq8Naq4YoIUB4qocpVds6U5buR6z1bxiV7OKjWxlXMwnJOJUDGzLTvMTXxN4MCL7rXNIlzPQc0vtI46Y7HSsU80nMmJN59EMYwsbtMepyJ0TOztQ17L2bjVXZpd14y7ubN2DsbXx1lo/SGR3uNoZorYDbxZO3I/1aYe01/3AE1BQrhEKIedralDYCnnorjvY/LItoDS3InHjVL8BxsQQWNj/q/d6g1biqv2yGzI78Aaur53DU/+ZyhC5UsdBuZV2NWYOxq6sKQ9mfnXZ/oON9VNHAc8G5MHGx9UMG8ewL/MBCebb3PXlvgTKgxRTwrz6kNvO1f6qNi6pHReHGSaX8+FNf16eDU7jGsvFfNopZ5NO5FTsxfOnNteodn+qK52LSDhUZBLQzcI45fVAmqHyxCkP2RtopaP6p/Gap/OpK9i4z2pLzjcEbm+IxrZ7/D3aGuFTGYBWglm8j/RJK5hhxdqJWdSOTcgFkVsBuhTBu5A+RQ3Mx8u4gvk79gHMR+nE4wNoF3bugzUhMwfrBI4yoq76IxCkMeArY2jgxnJ0aufL+Hbj/m6GkYE9gVy4380xprAmnZ0dkhd04KZgDhLQ11N/TnUq43SOBchT+rF/gIN7Chq5irwCHBoc3z62DvbuJR20Juwt95C6qdGqr4BrwCXpFFBCdn7n+E9trebLFIwWi7pg5LUlwQBupOaA+mzARb04KmYTN3qiwAJiEKNj/WU3noOZRwNXfMrvqlE5N5OXcl/KrgBl7ABHL68piUeduHziMlAe/GdPIsSb8pGOdhCAGvlgggZzbBRqAnPsNah13U9dZR/1luXuWKsSIbYygk8F9rl/8Cnk1G7UkvqgPzr2Mi5gHFbzyfxwPW79aL429oACff1AMBecRR0pe9LHrMkYP7/jKPJ6DmcQICeYmeU8fvrzRLEgj9KC9UdO/JKns5xh8N9tHhZSXOqqgIuXUniuw8ZaG1AHAtA5hygNMD46UsGJMgBnAKqOVm89dyfRag5QHKBnBWTBcfyNIRe+9P2Fop/6dNmWN/JNO8ls0t+5AOnOHAe5+QUxUhy8s7Jxp3Ax2EbIrUbZOTSXCfJsgfTB9UkQWRM3gXRoDB30smyIFJdz0R08PztY4N053jrmmcdy7mCj53rmcYTogI6c2E3tEEVsnLvqW+15DmgDclv5Mk/z1BXQYjZtra0JASRAtLZU860yQhvvIzaGvDqGXszu7OETEnaFxvFbQhTsDKXtRT+vn8P3l9q20/z8efyPaDo0LvoTbS0cUCLgs+4atBegk1uhEGWRV9ryXBbAA8KaoKkXj1eQ1hrLjDuos25F9toEkg0iu8Zqq33gTcbV9CCdeVnlgd7hP88gQI8cUicYydwWk6VxMA8d0UBeqQHIGzKa4VA/QZcAWTDA2QBNRrURB7O0PtaDv5QDuR3xjYO/7YQloDAC0xQDyJGy6IQEqQGMBemFMYQjC2RKSKC6gBx/a+IMzEYJZIZU6ctR3hmAd0/Xp/ylfszDFfCZ/vTM14eXeXhRE01EX2p5ZwnxnDsA/QrkHZEw71W75MQfDjgUUokO5JVZcVUHtgdcg/JJUD7QsXzQdvjcAO/PLq5hennoDmCfuLwjclsgo5bwGpSHgHaD+/LYvmMfxWPbciAP97BthgDzSjmUr/pylUMdoRNyIL8BrqVTXg7mA/0xSn1p5sZBgnmOdYLywHiNjnojkIk+mLmtUZUVGCMc9BcHbcTBO34H9rc69Vd0CH3pgHFxoDzHQF8PuuiDsjUfcgJoLwH6V4HxK8/pxgG0SyiBfgXf18A4zsDYSr4twLng/FnFFeAdBMwhyL+CcwHbUYAxQDUBue4PuAfp1fN7YJzgtX6ctxL25Xz9NG5C+dSG42/jNPYcpAMUjH8OuRP0A84Zcp4f0A8wTqvjWHZP89qBZcI2LQ2YDscCB+09/tYkUO6QOzyVZ8Cyj2Pw9N5xTEpAJ2euetIswdWrJuaFRfn5GMfmcMnGzcfP0T738FTRzCN27XcHxug5wOdyEQt/PMdCXq1jEV+3BZv92H/DY/VtceBvnuN56eZ6M+N/v0Hs9e2c18ePHrdEc8ZtsMhP4N39Au/Q66iT5wPYLsPuGo89uYfDppESsC8x6d23g70W1NUcYnzHCOPPBg7XNl3/wd7pr67A1WiJwj4ZN4DXtp+RX974/FoIcy2iDiHfbNdN/juHJIsMoRfCMkUqXFXSLaqt7Vnj5v47RdwomQWAy8s/Gi3zc+LE3zhx4qEeON8A0d8V99lIkWgTSdYh+9PnTdx1N8mH9Ki32O7fP7iqHjhP1BcfP3zcxG0MPlNrzqfjte4FhuhtzPH/xgFUX4xT/F89kupt/PiXj6S6DifCahbpN0Ybvn4E1atL/LV1feR5Jf/iqiF6iFsX4TjMtvmv07bWdyNs71f3t/XpJ6jg/60oJ6Zhl8t3xQ8c7ATgQCvtHtZ4IJhtI0rSxvC+v+BEetGn/iQY+K0Ap0v78k0o+s+Cgd+N9qVJ8rGuk3xUvamX9bKl4v5HmjQS0r8fRv7vTDT7WddBfUv+h2f52wPRaw27dyB6I8m9Gof+3gks/3nY+Vsc8z8UdV7bd3UXNdHFJac92+ZufKC343K0ix4O7x9U+kdfs/j5SMU54ecjFT8fqfiAlkq/5uq+/EgF06Cm3sUr14gI7/qJP/t9G9HbgQYNCssHs/ur4RM3DccZ/8DHD3z8wMfr8FFb4Ho+2fc/gQ9/b4aogSIEGSYqpaHo+jf6ssXv79q5l2TbfBwUdT5/+nohiWVlGcd/XZ3uR7DPCXANAXoLcfrXp5cRbsyjd4zvRphuOOqzeT6wbzG00Jq3lK77Te5kHjF1AYm/c9rTF/OfPy/06uIGSb2V/8vm11tz/bMz9Mdn+q0+U7rmW6AaPnP7XT7TRsIn/obo+DwmNzhE3+Lnv70z9K0+/OwM/QGkf3FnKIv8YxB1e2z9V0736wDbeP9g5Q9/dqjfD9X+y2KU/ts0+m+YZJ9cevyo9fMWd/69Bam6/UJT9CP7yZXHelkogmOPH4usupclwnyJcO4VU30VNfRHB2W++XmoNxev3yVJ6lvoh6avl5uYegjzZxc0GZz94Kc4/tRkp2ofljiT7Wstu8lP3HdFs3nd6/UDCO9zbmCdTX4OCLydebZ+NPdniRsU9IjAD+PRJINRKH3tm6Lq32D9144LbKbQv/JBszt+g+y7Py5E1SK8SJyoI9of0M/bhHgnaKRprNbktzeK3LTrzhtFGj3G2KvI+BMa/Y+ERn84kqWBMV8VAChJPWI1lmLuYJI0EtlfOfPt9UWgV4Top6Mi77/ewiK1TRU0+02b2WqYQ78TkHaTn72v+tb4tdd3vS6f38xmHL+vvAst8L+SJFB7whBuWwSAEqAzEdDO0YfZ08ag6QInPN3CZGRgfAFu3t2CfEr6OOg0redfM9GrZP4nn9yo7fxt+HjR8+7gK3fHHb640bzk+bpuf3cJ9hoVXcVH/kimL0omrLbYXFfoP+CHuSbSB/Q7NuK8sQD/PVg1AGalkoHqMUR6iK0wemVp9mN0lq+8wgl+veKOvSC/D5Db+eTDutf3fPBhGPugOVFowzHNHQuefnjuzW/OcQApFvkjPA/x3NAGyvoDCmpYQqNvceq7tr82fgOBvIMQo24I45MBu421Nea/OnMczFR2DH06rbFdPeQhnlhZdUF/9p8G9v0bYvI1ALyD+MRr8f+NIVxIA13W9yPcT3zefrvsFipqB5x+cr3o+Dp3RppG2HnlpNQUhpAK4Zjv9kukrfgJB346g1EgjXxwNTPBf4IgcAb4ze+HI1aDGZyIN8bSFI7P8S/TiRCEWw0JbrXSuGiVcMulA67VhNmWXCRZKaJbOMq0/UMbZO+T7rJFuBKaKKKI59UO1fdZoY3bKYZ1SpLhlsMhmBV+YS+BwOK9edVebdbjBLyaYJa5b+sO4Hle3bE7ab2WgyDDSTmdpKPNeiLs5u4ejAq1TWUrm664MMxTez/wQLONPhJJ5rhPrLuYa+GesA3aSmt8kCaAQdDC2vTdHTwDCpNhtYTcnwy3k7GAe9scKPqyxajIyCcGamsuanPe7w6riVnFozJeMdHKSCOjlfbAs/Z8KFg3z0AByLqzRLAD1j6A4lFmSnRAokl6MWaVIMU/sPYhnRcMErMK4HC+vShG7aIoWiU93rvyasCqe0MNPJGaDBA9Ww6L3UKBCrY8zSyC2Awjak56I5IaOxZtLEH6OHNoHR8eop28jg/bRTR2V9oSg4fjunJSKJCwFZvJwy0VOr7Us010gkW4P0+jfmCA5vF4Sq+rrtZRhQKejyW3vGJFEUQssq4aL9ABjWwKkV7gFrqZeJAt2WWKq/hAb1NzftevlDG1tWViDwFqGxSraqGCcmTAXvJ+IuvtsdFJtlW2ycqVa7KjDrlFo77cF8ykq6qwZwoFfvHjFsOy9MEh8amysXF2u1ugGWy+hXdHaV938QPmdeY0JMawZNvUfiwu1pYXT7Md31v0rN2kZdr0YLpOFwyBW7tN2obFtwUWHSktaIH0yR2/2Kqbaj5Wkv6OmBH6Dif1HeN0QGv5FiIP/b0vT0DeEbMU4XmiVLIF//cTwaISJZ7DKW4VFqonXtveu8wIttwyp5nidgaKvBEBafFdRs7yToVq7KbacIq6JNZbhR4dJtaAoP3WtNMZoT7vbPEDrqy3bLmGpJ62EX5MHhYq2heNCsskqdOG8EQomtfLWpY1otxCXQzFiNh5+9SYsgodhyCDDwi+5+Z4tQxy1DJImnOpyQrLmXI+BoozX+nKjhkOiJhjA7mtbdfBMIKtLkuoVxSaua+MEcMZwxC1R3Ntj01G9H7oS9ow2JiGsxvL5dhlFnOzkvJNWxtPWW9Jl4NA4SZtczzbhKuWWEnZfCzudSBpeengjvoJxaRoK5SkHb0oOE+xN4slanTGhhaY8VyZ0kXZJxf6XuMwmR8PRpvDpkW0uGGVOfhW0siVRM4ShNsTCIsMeUoyxYV1kHlOYxBjaceA1niNG2Bz0dEqcUPh6SAyxZ5mJWhaIapGRYEs80KyjEbL+TG3qvWLQzrN+UQ6ZMNVW9R6hjWYu7pm5gtS7S0lY5aShTJm5eNJ0IYvGXY6dhFisHNVlZt0fSvBpZBfLdOVON1P1JWhbND0sBQja6am+YLfKmLBrihB3m1FS0scrqpG2zEvDfhV6oajJBDMstIhP47QdcpR5X47nEGy9LU+Jgme7SQtPGnrWsch4byZmtLvMn6qao6wEda9oBzIEJB7Li91wrVHztdo3FUPW7w7hWdXCyrXc1NREpKpPz0ke9432LEdhaXSOdbD+9qIafWJ/XRwhEDe7fYJeb0SttPOytQmLl7OkZkPBiZkRVQ8eOpCGEFANiuBCc2DAHigXRbMvC/wK3QmsUap8d1BGSI0A/m0xQKSUvDAdScsz092ijpq78yqLfiML0mGGVlVhZpVIC5GktD2ht5wU2K9g4bvVT+WkQ1kO4KtQrl/EMCsBG17I3eCjFfFgYJRGaKgTKcHijJbRi8ZRWhpJgOhlKDoHvKVOuqYxqivCqKAbpkeao1RCL0jS4DT7zEmWqiphreoPBhudCLmnVjNNd/kcbsT61LeL31g14yBaiazMq6ty55KLllRaXfWUd7bzHLmMASARrbC2BhxJrUcb3IxZvdChzc5Sh8EBsotEdnhl+QGn0iqV2z5LqKWO7w3CpcEh6wMiTPxvjMPSQDGfU3j1P6MksuNhScKbOOMMRm1Fe9WrqLqI6VEW35kJJxJ+p3OJuxH8/50RAicylt9p61vV/Gov+GIdUj3/FxhANYIvjvfHBLUB7JLFgzfaJex0PPCYTsadDifN6MAmfg0xcpJ2/VXGdJZrlFi7rbAs24fTnXHaQ8kAw+MJBUNX/N4PMiSUsSUIanzRMCboIXtuIv2RuYo9BHN4MWJIqPLSgN0NeESAAbzEnC65HA725rO7X7UF0dyLykTQfFjobUJZ57MaLixW1IBsorbZi7q8djNzLLgB5Y05cqZMBsryzYQvtyubaJzKdr6TsLHir5TgYaxiRXAI+aylFTfC4TZ3C/4UiEJb23uNGfD+zKaoai/5mmBEKJ2MnBEGTCYUk6dhCslWudN/jDEx6UpeOu9vJjme8DVEoa0FjwodCe1HNKQssOI50Q/d7qHrm3L5HayAjMUbuH/mF+N+7sDVwW8u3KyXXcnAdRTVvquv9IkfZ5MuKDT4hPBiXyC4PIFneI6wBR5E/faGb2GSk6a7RmHaRfukOG9LsT5Kjb7fNoRFoAkA0PqLicTLkT6gm+Z/elAcqMNhGuf3qkJSc9mCZYR3cNioHFQcmHCJJgVnu2bA97pmNShZFWTEDJuPZqtGVaGclCv1M6G1RRhN/UEc6gNOf7gT8M8IIeBJlWrAaVitsLLyzaWMXYnGC+ZJeItBpyxcp2tK4WR6fr6BlbnVCgTAD6MtPVY74FR7QrL1S7o0Su+TGk8hwC6Erkgkvox77YkwVQWlOSbqN9vFXqhiG7P5xQ4DssBL4r+FKiM/BxXh4ivwUt3vg/RQSL5UKXyRb6/Egho/iZDwexyaZlAMZMfKBPYG9gwlTg6yR2lI5crc+aXI9MdADnDlz2ZX2tQheA1WBXmWdQS5dB8Zu0Hhj8U8kSEWmDPNAl/TxXEaMYr7Ra5T5KD1OaQAeVJUBNI82He7vWpVFLsmThbCUjHNDvcgYKQnrTmBAZ3a5VUuSqPLgR+2yOLEW6EvL5PV56/LXgeEdUMG6iStleWVrzymYCfGPQWM8poySh7TkNGoeTrKKZMZ1E7VJmNuBv0AnMkybOxNdCiTFQXERmu56Ymx4Lpi2YLM4ZBuBrPVBOqbb5cjmTeSCU49qFeZIEqSYieMhOOjaW16QA6w1vqxk8FITGgniea5qYtpDNUd1ZDdgltBWIzwDfgt5j5QBuUNX8msO5u6NkcJnW4Gdtu+0CFtLAYyhut5TES1fXbGqqmS7kXBDs00duJRMyKsle0+yCTmWg9rrsdWu4AkSRIwby7FencUcuWg7DjVVxy3QlftTLNMokRFxzWlmFi3FzmY7pKO5pprngoMxUf6iyDhO4tYxaSRUkOxkKH4ySbAvQVAh1D7ylKMjUZbg8lSS8FiDMqeP0gcfuxoGg6pIMWdQAKykpQEl/rBDZDkELCVcvxUtLMZU7MsAnerfp9RGprdm/aRiTCjRVjDYgQUzVCG2uh0g0T23JiZTaa+X0gUy1g1sqAIsr1fhV0Ba/jAMHDD3v0bhmFa8rHeWaoAkQ1E45aFQM935pwigJJmA88YTYb9FZzpRqZMsAWedv2VrrpgI5LLRMYAtqSNDnfIUxXZIaTZY/DB4qyZzpy1SqtPl4IUgvdSEl/6vqsZhjA6pDXI63NGy2JySGXANY0hm6ScKt51N0UQa8M85nbb/uayO6ZcjwxMwPnzFSYtRJtqzryWlTGmdyDmly/q5twYw/Qef1cm/fbe0IIYz0bJF6SByaiuKYS9kEdZSSaooHphSEq6TQlLGMaSGFbBPlJqOBEk2Cum31HX5tzQKKKtpC8MtiSWlCEHaK75OeymHOIVC4NP3QDgei0ZihmF3u5ayL80onMAPSI0wWpiyQp0ctnis+NiJknKa1WjPvaQeM5SNNcuhcR2cdNbadFEumA2Qd24ninyDprbtSR3playZDHQLkw9yzn+yPCFVuS7A/DmcZ18e0Y6xzWVZ9flZQ/5ku1cJW1fCw7CbWoslcbQLqRtoxTYjBYL7P9OPJIHlAUBK40yQlBGZobZ8AlLLduWU7o9Kkh3Rp6Aqk5dDoZ0y1DZxwnsMT2jisDd4yEsUgQiN5qCWtI48i8RS48jmz5I8ope4Nip5kGfiglY2Wo20VuCas2cbCIliBKSkeDJ/xLcp+OUbG9TfY40lN5Uh+sbBEoYQu8xYu6aIREj+ubpWpvgGBPByt2ApGvbQDrOKS0PbfO+qm6kaeI0ROnI6wdz7dEFbE7yh0fqEU0z3NytOEznlDH8YhY9USiN2wnbmckESNzO0j6lbTqTFeLdZWGkxzdG8PuAbctKRCoRdW31qy4IkwMt/GI2nP8dGQMs4msHvombRkLKFmlpBgQsBRbkkRJJ3dcZzjvLzqwmeMdgbujlojuoC12QKJxmjNBrgNFrr2lg76nWHSgbMsp2sUCa7JabJgWAZefbHSOxV0osSLbQA6D1ma/H9Ik07GCPpS5FNvtMQNrcehMNmvbYabqfLHOpMXaxvJiIQAVBtaHjnJ6qGDL3DaXQ4giVc7GY9QNKCJuMbLVoUbZbkSNu2OBlYcxtWKhsHfmHqFErOg7eSWw2mJGdVWKrMIn1Xt1IAduR4b8ispTjCkTo2QXET9JPbroggzKbu6OQ0zdxuXgUECBZ7OWPVikKj62DsjEYvFkv5zA9HgSrhx93sFJIhWxqJduoPm9w721PNEOA/vo1+jRKMEv0ir+gB/j+tmQ2rGwwNZiglUq0lsWRw8SNxiNu/02Kcw07ez6+prnueGD202fMiKYx7Mj8NLJh1KPGP5Nfr7Gb/D++Pl+/Hw/fr4fP9+Pn+/Hz/fj5/vx8/34+X78fD9+vh8/34+f78fP9+Pn+/Hz/fj5fvx8P36+xoMpyEeauQ7lo/HH81bE73L1gdssgSGaLyHL8BgEI3HhubvS/wU= \ No newline at end of file diff --git a/docs/Security-Compliance/diagram.png b/docs/Security-Compliance/diagram.png index 306ec5845..859d52b76 100644 Binary files a/docs/Security-Compliance/diagram.png and b/docs/Security-Compliance/diagram.png differ diff --git a/docs/Sprint-Review/sprint-87-summary.md b/docs/Sprint-Review/sprint-87-summary.md new file mode 100644 index 000000000..ac7044663 --- /dev/null +++ b/docs/Sprint-Review/sprint-87-summary.md @@ -0,0 +1,76 @@ +# Sprint 87 Summary +11/22/23 - 12/05/23 + +Velocity (Dev): 5 + +## Sprint Goal +* Dev: + * Continue parsing engine development + * Review SSP Sec 04 + * Implement all Tribal Sec (02, 03 and review 01) + * Finalize review on #2683 - ZAP CORS Misconfiguration + * #2599 - Error Report "Friendly Names" + * Coordinate w/ OFA and draft dev contingency plan in event of lapse in government funding +* DevOps: + * 2429 - Singular Clam AV + * 2722 - Singular deployment workflow + * Scoped out of 2419 + * #2729 - Migrations via CircleCI + +--- + +## Tickets +### Completed/Merged +* [#1118 SSP Closed Data (02) Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1118) +* [#1119 SSP Aggregate (03) Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1119) +* [#1120 SSP Stratum (04) Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1120) +* [#2683 ZAP result - CORS config issue](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2683) +* [#2760 Add file size to clamav-nginx](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2760) + +### Ready to Merge + + + + + +### Submitted (QASP Review, OCIO Review) +* [#2748 Fix parser/preparser validation of empty strings](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2748) +* [#2765 Added needed space into logic](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2765) + +### Closed (not merged) +* [Debug migration deployments (resolved by other deployment fix work)](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2740) + +--- + +## Moved to Next Sprint (Blocked, Raft Review, In Progress, Current Sprint Backlog) +### In Progress + +* [#2536 [spike] Cat 4 validation](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2536) +* [#2592 Deploy celery as a separate cloud.gov app](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2592) +* [#2732 S3 bucket rebind](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2732) +* [#2759 Changes for fully local development](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2759) + + + +### Blocked + * [#2729 - Migrations via CircleCI (Revisit ~Feb 2024)](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2729) + * [#2755 Feature/2729 remote migrations](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2755) + +### Raft Review + +* [#1116 Tribal TANF Aggregate (03) File Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1116) +* [#1117 Tribal TANF Sample (04) File Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1117) +* [#2599 Readability enhancements for error reports](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2599) +* [#2722 simplify workflows and de-bloat pipeline code](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2722) +* [Spike - Investigate OWASP nightly scan findings](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2663) +* [Tribal TANF Active Data (01) Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1114) + +### Current Sprint Backlog + + +### Demo +* Jan and Eric to demo SSP functionality + * [#1118 SSP Closed Data (02) Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1118) + * [#1119 SSP Aggregate (03) Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1119) + * [#1120 SSP Stratum (04) Parsing](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1120) + diff --git a/product-updates/img/ftanf/1.png b/product-updates/img/ftanf/1.png new file mode 100644 index 000000000..e04d91f2f Binary files /dev/null and b/product-updates/img/ftanf/1.png differ diff --git a/product-updates/img/ftanf/2.png b/product-updates/img/ftanf/2.png new file mode 100644 index 000000000..03c796f77 Binary files /dev/null and b/product-updates/img/ftanf/2.png differ diff --git a/product-updates/img/ftanf/3.png b/product-updates/img/ftanf/3.png new file mode 100644 index 000000000..d102c3692 Binary files /dev/null and b/product-updates/img/ftanf/3.png differ diff --git a/product-updates/img/ftanf/4.png b/product-updates/img/ftanf/4.png new file mode 100644 index 000000000..180aaa9f7 Binary files /dev/null and b/product-updates/img/ftanf/4.png differ diff --git a/product-updates/knowledge-center/FTANF_2009.zip b/product-updates/knowledge-center/FTANF_2009.zip new file mode 100644 index 000000000..f148fef1d Binary files /dev/null and b/product-updates/knowledge-center/FTANF_2009.zip differ diff --git a/product-updates/knowledge-center/SSPMOE_2009.zip b/product-updates/knowledge-center/SSPMOE_2009.zip new file mode 100644 index 000000000..b67f67043 Binary files /dev/null and b/product-updates/knowledge-center/SSPMOE_2009.zip differ diff --git a/product-updates/knowledge-center/about-email-notifications.html b/product-updates/knowledge-center/about-email-notifications.html index 0a666be24..d21dd46ad 100644 --- a/product-updates/knowledge-center/about-email-notifications.html +++ b/product-updates/knowledge-center/about-email-notifications.html @@ -7,7 +7,7 @@ - + @@ -192,7 +192,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • @@ -256,7 +256,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • diff --git a/product-updates/knowledge-center/complete-resubmissions.html b/product-updates/knowledge-center/complete-resubmissions.html index 127bc6e69..9c5c69d4d 100644 --- a/product-updates/knowledge-center/complete-resubmissions.html +++ b/product-updates/knowledge-center/complete-resubmissions.html @@ -3,11 +3,11 @@ - TDP — Resubmitting Complete Data Files with fTANF.exe + TDP — Resubmitting Complete Data Files with FTANF.exe - + @@ -194,7 +194,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • @@ -258,7 +258,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • @@ -310,7 +310,7 @@

    What to change in the Header Record

    How to get support or help exporting complete data from other systems


    -

    If you could use assistance making these changes to your data workflow—whether you use fTANF or any other data tool—we’d be more than happy to work with you directly.

    +

    If you could use assistance making these changes to your data workflow—whether you use FTANF or any other data tool—we’d be more than happy to work with you directly.

    Please reach out with any questions or concerns to tanfdata@acf.hhs.gov.


    @@ -318,7 +318,7 @@

    How to get support or help exporting complete data from other systems

  • -

    Exporting Complete Data Using fTANF

    +

    Exporting Complete Data Using FTANF

  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • @@ -257,7 +257,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • diff --git a/product-updates/knowledge-center/existing-login.html b/product-updates/knowledge-center/existing-login.html index bb27e0aed..82f0feaf9 100644 --- a/product-updates/knowledge-center/existing-login.html +++ b/product-updates/knowledge-center/existing-login.html @@ -7,7 +7,7 @@ - + @@ -191,7 +191,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • @@ -256,7 +256,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • diff --git a/product-updates/knowledge-center/exporting-complete-data-using-ftanf.html b/product-updates/knowledge-center/exporting-complete-data-using-ftanf.html index ce35d5dd0..2224db542 100644 --- a/product-updates/knowledge-center/exporting-complete-data-using-ftanf.html +++ b/product-updates/knowledge-center/exporting-complete-data-using-ftanf.html @@ -3,11 +3,11 @@ - TDP — Exporting Complete Data Using fTANF + TDP — Exporting Complete Data Using FTANF - + @@ -194,7 +194,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • @@ -258,7 +258,7 @@
  • - Exporting Complete Data Using fTANF + Exporting Complete Data Using FTANF
  • @@ -281,19 +281,19 @@ class="usa-layout-docs__main desktop:grid-col-9 usa-prose usa-layout-docs" id="main-content" > -

    Exporting Complete Data Using fTANF

    +

    Exporting Complete Data Using FTANF


    - This guide aims to provide tips for those currently using fTANF.exe to aid in the process of transitioning from resubmitting partial data files to resubmitting complete ones. + This guide aims to provide tips for those currently using FTANF.exe to aid in the process of transitioning from resubmitting partial data files to resubmitting complete ones.


    -

    What is fTANF.exe?

    +

    What is FTANF.exe?


    -

    fTANF.exe—sometimes known just as ‘fTANF’, ‘pTANF’, or ‘the executables’—is a legacy desktop application tool that helps TANF grantees prepare transmission files for all sections of their quarterly data report. Data can be imported from other systems or entered manually and – once in the tool – could be exported into the transmission-ready flatfile (.txt) format. Though fTANF is no longer supported, it’s still used by some grantees.

    +

    FTANF.exe—sometimes known just as ‘FTANF’, ‘pTANF’, or ‘the executables’—is a legacy desktop application tool that helps TANF grantees prepare transmission files for all sections of their quarterly data report. Data can be imported from other systems or entered manually and – once in the tool – could be exported into the transmission-ready flatfile (.txt) format. Though FTANF is no longer supported, it’s still used by some grantees.


    -

    How to export complete data in fTANF.exe

    +

    How to export complete data in FTANF.exe


    -

    Exporting that complete data via fTANF shouldn’t require any big changes to your resubmission workflow; the key change is to take a couple of additional steps to include both uncorrected and corrected records from the previously-transmitted file in the updated file. The steps to follow (and supporting screenshots) are included below:

    +

    Exporting that complete data via FTANF shouldn’t require any big changes to your resubmission workflow; the key change is to take a couple of additional steps to include both uncorrected and corrected records from the previously-transmitted file in the updated file. The steps to follow (and supporting screenshots) are included below:

    @@ -303,8 +303,8 @@

    Navigate to the “TANF Cases” tab, and

    This will typically involve selecting the appropriate year, month, and case number to retrieve and making edits to fields that are associated with the edit code in your transmission email report.

    - - fTANF.exe opened to TANF Cases > Active with a chosen year, month, and case number. + + FTANF.exe opened to TANF Cases > Active with a chosen year, month, and case number.

    @@ -319,12 +319,12 @@

    Navigate to the “Utilities” tab, and s
  • Click the “Global Warning Edits” button to check all records for fatal errors. At the end of this step, all cases for the specified month should have an Edit Status of “Passed all edits”.
  • These steps should be repeated for each month in the quarterly Section 1 or Section 2 file.


    - - fTANF.exe opened to Utilities > Case Management with Reset Transmission Flag, Global Fatal Edits, and Global Warning Edits, and  annotated as steps 1, 2, and 3. + + FTANF.exe opened to Utilities > Case Management with Reset Transmission Flag, Global Fatal Edits, and Global Warning Edits, and  annotated as steps 1, 2, and 3. - - Cases in fTANF Case Management with the Edit Status of 'Not Edited' or 'Transmitted' will not be included when a new transmission file is created. All Cases that have the Edit Status of 'Passed All Edits' will be included when a new transmission file is created. + + Cases in FTANF Case Management with the Edit Status of 'Not Edited' or 'Transmitted' will not be included when a new transmission file is created. All Cases that have the Edit Status of 'Passed All Edits' will be included when a new transmission file is created.

    @@ -333,8 +333,8 @@

    Navigate to the “Utilities” tab, and s

    Navigate to the “Utilities” tab, and select the Transmission File Creation option to go through the process of generating an updated transmission file for the section, year, and quarter, for which corrections to data were made.


    One of the key attributes in this newly-generated file is the Update indicator which is part of the header record. This Indicator tells the legacy TANF system, TDRS (TANF Data Reporting System) whether a data file includes new (N-New) records, updated records that should be merged with existing data (U-Update), or records that should completely replace all previously-transmitted records for the section, year, and quarter (D-Delete).

    - - fTANF.exe opened to the transmission file creation screen with emphasis on the Update Indicator being set to 'Delete'. + + FTANF.exe opened to the transmission file creation screen with emphasis on the Update Indicator being set to 'Delete'.

    To ensure that your data remains consistent between systems as we’re working to fully replace TDRS with TDP, we ask that you use the Delete value of the Update Indicator in all resubmissions. If you need to confirm that the Delete value has been set correctly, you can look for the “D” value at the end of the Header Record of the file you’re submitting (emphasized below).

    @@ -342,7 +342,7 @@

    Navigate to the “Utilities” tab, and s

    How to get support or help exporting complete data from other systems


    -

    If you could use assistance making these changes to your data workflow—whether you use fTANF or any other data tool—we’d be more than happy to work with you directly.

    +

    If you could use assistance making these changes to your data workflow—whether you use FTANF or any other data tool—we’d be more than happy to work with you directly.

    Please reach out with any questions or concerns to tanfdata@acf.hhs.gov.

    diff --git a/product-updates/knowledge-center/faq.html b/product-updates/knowledge-center/faq.html index 2340e2637..74a9c3ec2 100644 --- a/product-updates/knowledge-center/faq.html +++ b/product-updates/knowledge-center/faq.html @@ -7,7 +7,7 @@ - + diff --git a/product-updates/knowledge-center/ftanf.html b/product-updates/knowledge-center/ftanf.html new file mode 100644 index 000000000..eb121d461 --- /dev/null +++ b/product-updates/knowledge-center/ftanf.html @@ -0,0 +1,332 @@ + + + + + + TDP — Knowledge Center — Accessing FTANF Executables + + + + + + + + + + + + + + + + + + Skip to main content + + + +
    +
    +
    +
    +
    + U.S. flag +
    +
    +

    + An official website of the United States government +

    + +
    + +
    +
    +
    +
    +
    + +
    +

    + Official websites use .gov
    A + .gov website belongs to an official government + organization in the United States. +

    +
    +
    +
    + +
    +

    + Secure .gov websites use HTTPS
    A + lock ( + + + + + ) or https:// means you’ve safely connected to + the .gov website. Share sensitive information only on official, + secure websites. +

    +
    +
    +
    +
    +
    +
    + + + +
    +
    + +
    + + + + +
    +
    +
    + + + + + +
    +

    Accessing FTANF Executables

    +
    + + +

    + FTANF is a legacy desktop application tool that helps TANF partners prepare transmission files for all sections of their quarterly data report. There are three versions of the tool, each of which supports quarterly reporting for one of the following: TANF, SSP-MOE, and Tribal TANF. + + +

    + + Data can be imported to it from other systems, or entered manually. Once in the tool, data can be exported into the flat file (.txt) format required by the TANF Data Portal. +

    +
    +
    +
    +
    +
    +
    +
    +
    +
    +
    + + + + + + + + +

    FTANF Versions

    +
    +

    ACF no longer supports FTANF tools, but we are making them available here for TANF partners who may need access to the tool for use on a newer computer. +

    + +TANF partners can access it below by downloading the version appropriate to the data type(s) you submit. +
    + +Please note: these tools were designed for use on Windows operating systems only. +

    + + +

    For tribal data reports

    + +
    + + Download FTANF.zip for tribal TANF partners + +
    +
    + +

    For state data reports

    + +
    + + Download FTANF_2009.zip for TANF partners in the states and territories + +
    +
    + +

    For SSP-MOE data report

    + +
    + + Download SSPMOE_2009.zip for TANF partners in the states and territories + +
    +
    + + +

    Installation Instructions

    +
    +
      +
    1. Download the appropriate version of FTANF above. The download will be of a compressed (.zip) folder containing an executable (.exe) file
      + + The download buttons above & an example of a downloaded zip file for state data FTANF +
    2. +
    3. Unzip/Extract the zip file and open the resulting folder
      + + The downloaded zip file compared to the extracted/unzipped folder containing the FTANF installer +
    4. +
    5. Run the executable file.
    6. +
    7. The installer will prompt you to choose what location you want to install FTANF to on your computer. The default is a folder within the root of the C: drive, e.g, C:\FTANF_2009
      + + The FTANF installer prompting the user to select where to install FTANF to on their computer + +
    8. + +
    9. Run the executable file within the newly created folder that has the same name as the folder, e.g., If you installed FTANF for SSP-MOE data the folder will be called “SSPMOE_2009” and contain an executable file called “sspmoe_2009”. This executable will open FTANF.
      + + Emphasized ftanf_2009 executable file within the installation folder +
    10. +
    + + + + + +
    + + +

    For further guidance we also have a knowledge center article on how to export complete data using FTANF. If you have questions or need assistance, please reach out to tanfdata@acf.hhs.gov.

    + + + + + +
    + + + + +
    + + + +
    + + +
    diff --git a/product-updates/knowledge-center/ftanf.zip b/product-updates/knowledge-center/ftanf.zip new file mode 100644 index 000000000..d07c49205 Binary files /dev/null and b/product-updates/knowledge-center/ftanf.zip differ diff --git a/product-updates/knowledge-center/give-feedback.html b/product-updates/knowledge-center/give-feedback.html index f08eec259..a04782ed9 100644 --- a/product-updates/knowledge-center/give-feedback.html +++ b/product-updates/knowledge-center/give-feedback.html @@ -7,10 +7,11 @@ - + - + +