diff --git a/.forgejo/workflows/publish.yaml b/.forgejo/workflows/publish.yaml
index b67d7d0..171faf2 100644
--- a/.forgejo/workflows/publish.yaml
+++ b/.forgejo/workflows/publish.yaml
@@ -15,8 +15,6 @@ jobs:
         with:
           submodules: true
       - uses: actions/setup-node@v4
-        with:
-          node-version: '20'
       - run: npm install -g bnycdn
       - name: Setup Hugo
         uses: https://guardianproject.dev/actions/actions-hugo@v3
diff --git a/assets/images/footer/essentials.png b/assets/images/footer/essentials.png
deleted file mode 100644
index e81a729..0000000
Binary files a/assets/images/footer/essentials.png and /dev/null differ
diff --git a/assets/images/footer/gdpr.png b/assets/images/footer/gdpr.png
deleted file mode 100644
index 21b66f2..0000000
Binary files a/assets/images/footer/gdpr.png and /dev/null differ
diff --git a/assets/images/logos/fdroid.webp b/assets/images/logos/fdroid.webp
deleted file mode 100644
index 9972374..0000000
Binary files a/assets/images/logos/fdroid.webp and /dev/null differ
diff --git a/assets/team/images/alicja.webp b/assets/team/images/alicja.webp
deleted file mode 100644
index 06f5eb1..0000000
Binary files a/assets/team/images/alicja.webp and /dev/null differ
diff --git a/assets/team/images/question.png b/assets/team/images/question.png
deleted file mode 100644
index a938c82..0000000
Binary files a/assets/team/images/question.png and /dev/null differ
diff --git a/content/_index.html b/content/_index.html
index 8a2945f..5ed3142 100644
--- a/content/_index.html
+++ b/content/_index.html
@@ -1,3 +1,7 @@
 +++
 draft = false
 +++
+
+<div class="alert">
+  We are hiring! Check out our opening for a <a href="/posts/2026-hiring-python-developer/">backend Python developer</a>.
+</div>
diff --git a/content/info/communication-strategy.md b/content/info/communication-strategy.md
index 9b741c4..dae6a31 100644
--- a/content/info/communication-strategy.md
+++ b/content/info/communication-strategy.md
@@ -5,7 +5,7 @@ title = "Communication Strategy"
 [params]
     background = "images/backgrounds/new_tower.jpg"
 +++
-# Secure, robust and resilient technology for civil society.
-### We build open source systems and processes to support human rights defenders, journalists, community groups and activists.
+# Communication technology for challenging environments.
+### Software and systems to ensure your messages get through when they are the most critical.
 
 {{< primary-button name="Get in touch" url="/contact" icon="arrow-right" >}}
\ No newline at end of file
diff --git a/content/policies.md b/content/policies.md
deleted file mode 100644
index 53ea88a..0000000
--- a/content/policies.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: Company Policies
-date: 2026-04-22T11:00:00+00:00
-type: page
----
-
-* [Password and Authentication Policy](/policies/password_auth/)
-* [Public WiFi Policy](/policies/public_wifi/)
diff --git a/content/posts/2025-using-tls-ech-from-python.md b/content/posts/2025-using-tls-ech-from-python.md
deleted file mode 100644
index 4ee9236..0000000
--- a/content/posts/2025-using-tls-ech-from-python.md
+++ /dev/null
@@ -1,181 +0,0 @@
----
-title: "Using TLS ECH from Python"
-date: 2025-01-10T13:00:00-00:00
-tags:
-  - DEfO
-  - ECH
-  - OpenSSL
-  - Python
-  - TLS
-params:
-  author: 'Iain Learmonth'
----
-
-At first, the idea of encrypting more of the metadata found inside the initial packet (the "ClientHello") of a TLS
-connection may seem simple and obvious, but there are of course reasons that this wasn't done right from the start.
-In this post I will describe the flow of a connection using Encrypted Client Hello (ECH) to protect the metadata fields,
-and present a working code example using a fork of CPython built with DEfO project's OpenSSL fork to connect to
-ECH-enabled HTTPS servers.
-
-<!--more-->
-
-To understand why this is an issue, let's take a step back and look at how websites are hosted.
-Many websites are hosted on shared servers, which means that a single server machine is responsible for serving
-multiple, possibly hundreds or thousands, of websites.
-This is known as the shared hosting model.
-In this setup, when a user types in a URL or clicks on a link to visit a website and the browser connects to the server,
-the server needs to know which website the users is requesting.
-This is where the Server Name Indication (SNI) comes in - it's a field in the initial packet of a TLS connection that
-tells the server which website the user is trying to access.
-The server can then send the correct certificate so that the browser can authenticate the connection, and then send the
-requested website content.
-
-Because this field was sent unencrypted, this means that anyone who can see the traffic between the user's browser and
-the server can intercept the SNI and know which website the user is trying to visit.
-This can be a privacy concern, as it allows ISPs, network administrators, or other unwanted observers to build a profile
-of the user's browsing history.
-It's not just about the websites they visit, but also about the potential for censorship or targeted attacks.
-With the SNI being unencrypted, it's like sending a postcard with the address visible to anyone who handles it - it may
-not be the end of the world for most browsing activity, but it's certainly not private.
-Encrypted Client Hello aims to change this by encrypting the SNI and other metadata, making it much harder for third
-parties to intercept and exploit this information.
-
-So, why wasn't it easy to protect the SNI and other metadata from the start?
-The main challenge was that, in order to encrypt the SNI, the client (i.e., the user's browser) needs to know the
-public key that the server wants the ClientHello to be encrypted with in advance.
-However, the server's ECH public key is tied to the specific website being requested, and there wasn't a straightforward
-way to discover a public key that could be used to talk to the server without revealing the SNI.
-This created a chicken-and-egg problem, where the client couldn't encrypt the SNI without knowing the server's public
-key, but it couldn't know the server's public key without sending the SNI in plaintext.
-
-This problem is solved with ECH by introducing a new type of DNS record, called an
-[HTTPS record](https://datatracker.ietf.org/doc/html/rfc9460).
-An HTTPS record is a special type of DNS record that contains the ECH public key of the server, along with other metadata,
-in a way that can be retrieved by the client without revealing the SNI (the website name is still leaked via the DNS
-request, but it is possible to protect your requests using DNS-over-TLS or DNS-over-HTTPS).
-The HTTPS record is typically retrieved by the client during the DNS lookup process, before the TLS connection is
-established.
-
-The HTTPS record contains an ECH configuration, which is used to encrypt the SNI and other metadata.
-This is generated by the server and is tied to the specific configuration of the server, rather than to a specific
-website.
-By using HTTPS records to retrieve the server's ECH public key, we are able to break the chicken-and-egg problem and
-provide a way to encrypt the SNI and other metadata.
-
-Before we can lookup the HTTPS record, it's first necessary to work out where that record would live.
-These records have been designed to be quite flexible, so can accommodate services running on non-default port numbers.
-If the default port number is in use then the HTTPS record will be on the same domain name as the website, but for
-non-default port numbers, there will be a prefix to the domain name:
-
-```python
-def svcbname(url: str) -> str:
-    """Derive DNS name of SVCB/HTTPS record corresponding to target URL."""
-    parsed = urllib.parse.urlparse(url)
-    if parsed.scheme == "https":
-        if (parsed.port or 443) == 443:
-            return parsed.hostname
-        else:
-            return f"_{parsed.port}._https.{parsed.hostname}"
-    elif parsed.scheme == "http":
-        if (parsed.port or 80) in (443, 80):
-            return parsed.hostname
-        else:
-            return f"_{parsed.port}._https.{parsed.hostname}"
-    else:
-        # For now, no other scheme is supported
-        return None
-```
-
-To keep it simple, the examples in this post will use plain DNS but the technique is equally applicable to DNS-over-TLS
-and DNS-over-HTTPS. Now that we have the domain name to query, we can fetch the ECH configuration from the DNS using
-the [dnspython](https://www.dnspython.org/) library:
-
-```python
-def get_ech_configs(domain) -> List[bytes]:
-    try:
-        answers = dns.resolver.resolve(domain, "HTTPS")
-    except dns.resolver.NoAnswer:
-        logging.warning(f"No HTTPS record found for {domain}")
-        return []
-    except Exception as e:
-        logging.critical(f"DNS query failed: {e}")
-        sys.exit(1)
-    configs: List[bytes] = []
-    for rdata in answers:
-        if hasattr(rdata, "params"):
-            params = rdata.params
-            echconfig = params.get(5)
-            if echconfig:
-                configs.append(echconfig.ech)
-    if len(configs) == 0:
-        logging.warning(f"No echconfig found in HTTPS record for {domain}")
-    return configs
-```
-
-Once the ECH configurations are known, these can be used to establish the connection and fetch the website:
-
-```python
-def get_http(url, ech_configs) -> bytes:
-    parser = urllib.parse.urlparse(url)
-    hostname, port, path = url.hostname, url.port, url.path
-    logging.debug("Performing GET request for https://{hostname}:{port}/{path}")
-    context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
-    context.load_verify_locations(certifi.where())
-    for config in ech_configs:
-        try:
-            context.set_ech_config(config)
-        except ssl.SSLError as e:
-            logging.error(f"SSL error: {e}")
-            pass
-    with socket.create_connection((hostname, port)) as sock:
-        with context.wrap_socket(sock, server_hostname=hostname, do_handshake_on_connect=False) as ssock:
-            try:
-                ssock.do_handshake()
-                logging.debug("Handshake completed with ECH status: %s", ssock.get_ech_status().name)
-                logging.debug("Inner SNI: %s, Outer SNI: %s", ssock.server_hostname, ssock.outer_server_hostname)
-                request = f'GET {path} HTTP/1.1\r\nHost: {hostname}\r\nConnection: close\r\n\r\n'
-                ssock.sendall(request.encode('utf-8'))
-                response = b''
-                while True:
-                    data = ssock.recv(4096)
-                    if not data:
-                        break
-                    response += data
-                return response
-            except ssl.SSLError as e:
-                logging.error(f"SSL error: {e}")
-                raise e
-```
-
-The important step here is the new
-[`set_ech_config`](https://irl.github.io/cpython/library/ssl.html#ssl.SSLContext.set_ech_config) method on the
-`SSLContext` that allows you to add the ECH configuration containing the public key.
-If there are multiple records, the underlying OpenSSL will determine which of the keys to use.
-There are also a few new methods that allow you to get the status information relating to ECH from the `SSLSocket`
-after the completion of the handshake.
-
-In the simple case, that's all there is to it.
-If you were to watch the connection with Wireshark you would not be able to see the true SNI being sent to the server
-and would only see the decoy SNI present in the unencrypted "ClientHelloOuter".
-This decoy SNI is added to appease [middleboxes](https://en.wikipedia.org/wiki/Middlebox) that may block traffic,
-accidentally or deliberately, if that field is missing entirely.
-There are also further protections against such middleboxes from the application of GREASE:
-
-> If the client attempts to connect to a server and does not have an ECHConfig structure available for the server, it
-> SHOULD send a GREASE "encrypted_client_hello" extension in the first ClientHello [...]
-
-This means that if your client supports ECH but does not have the configuration available to use it, the client should
-still send an ECH extension filled with nonsense anyway.
-This will help to detect deployment issues early as errors will be immediately obvious to users and won't rely on
-servers having deployed ECH before the errors are triggered.
-
-Finally, if the server sees this GREASE ECH extension then it can use this to know that you support ECH but didn't
-have a configuration available.
-In its reply, it can send a "retry config" and then terminate the connection.
-You then have the configuration available to start the connection again with a real ECH extension this time, and can
-cache that for future requests too.
-
-For a full client example including the use of retry configs, you can see our
-[example Python client](https://github.com/defo-project/docker-defo-client/blob/main/pyclient.py) at GitHub.
-You'll need to use this with our [CPython fork](https://github.com/irl/cpython) and
-[OpenSSL fork](https://github.com/defo-project/openssl).
diff --git a/content/posts/2026-butter-box-connectivity/index.md b/content/posts/2026-butter-box-connectivity/index.md
deleted file mode 100644
index f5aed34..0000000
--- a/content/posts/2026-butter-box-connectivity/index.md
+++ /dev/null
@@ -1,195 +0,0 @@
-+++
-title = 'Butter Box Connectivity'
-date = 2026-04-13T20:00:00-00:00
-lastmod = 2026-04-13T20:00:00-00:00
-draft = false
-tags = ['local','offline','wifi-halow','lora']
-[params]
-  author = 'Iain Learmonth'
-+++
-
-We have just wrapped up a project with the [Guardian Project team](https://guardianproject.info/) exploring options for
-connectivity to allow for updates to software and content on the
-[Butter Box](https://likebutter.app/) and for communications between users of multiple Butter Boxes.
-
-<!--more-->
-
-We have explored two technologies:
-
-* [LoRA](#lora)
-* [WiFi HaLow](#wifi-halow)
-
-Each of these has benefits and drawbacks and the choice of technology would be use case dependent.
-
-We have not explored network or application layer protocols that would be run over these links, however the ecosystem
-has many options to choose from for this whether it be IP-native protocols,
-[Iroh](https://www.iroh.computer/)'s networking layer using [custom transports](https://docs.iroh.computer/transports/bluetooth#custom-transport-api),
-[Willow](https://willowprotocol.org/)'s distributed synchronisation protocol,
-or [Toosheh](https://www.netfreedompioneers.org/toosheh-datacasting-technology/)'s
-content distribution and synchronisation protocol.
-
-Until now, it has only been possible to update a Butter Box by physically replacing the USB drive with one with updated
-content. We are hopeful that the learnings from this project will inform integration of an interconnection technology
-into a future release.
-
-## WiFi HaLow
-
-Traditional WiFi operates at 2.4GHz and 5GHz, and aims to provide high speed connections between local devices.
-The higher the speed, the higher the frequency of the carrier required, and pushes in this direction have led to the
-development of the WiGig standard offering multi-gigabit speeds operating at 60GHz.
-There is a tradeoff however: as the frequency increases the distance that the signal propagates and its ability to 
-propagate through materials both decrease.
-
-WiFi HaLow is IEEE 802.11ah, a wireless protocol that takes WiFi and moves it down below 1 GHz. This is 863-870MHz in
-ITU region 1 and some countries in region 3, and 902-928MHz in region 2.
-Being in this lower frequency range means that signal can propagate further and will penetrate thicker and denser
-materials like those found in urban environments.
-
-To be compliant with the local rules governing radio spectrum use, the transmissions must be entirely contained within
-the available frequency range, as for data transmissions there can be some "spillover" affecting nearby frequencies from
-the signal.
-In region 2, including the United States, there is a full 26MHz available allowing for 8MHz wide channels and a
-theoretical maximum throughput of 43Mbps.
-In regions 1 and 3 however there is only 7MHz available allowing for a 2MHz wide channel with maximum theoretical
-throughput of 8.9Mbps.
-
-The trade-off is straightforward: you sacrifice throughput for range.
-HaLow promises roughly 10× the range and 100× the coverage area of conventional WiFi, which matters when you're rapidly
-deploying an ad-hoc network responding to an evolving situation.
-It is not a replacement for the WiFi that carries video calls, but rather a means of tactical communication and 
-dissemination of updates received from outside the network, allowing for the exchange of critical messaging and 
-maintaining situational awareness for responders during communications outages.
-
-In our evaluation of WiFi HaLow, we used the Morse Micro
-[MM8108-EKH19 Evaluation Kit](https://www.morsemicro.com/resources/product_brief/MM8108-EKH19-Product-Brief.pdf) which
-is currently available for purchase
-[from Mouser Electronics](https://www.mouser.co.uk/ProductDetail/Morse-Micro/MM8108-EKH19-01?qs=HMhDvBYWqvOSMbg%2FkiOXMw%3D%3D)
-for £155.18 ex. VAT (at time of writing).
-
-{{< figure
-  src="/images/2026/halow-powerbank.png"
-  alt="A WiFi router with an additional USB dongle with an antenna attached to it velcroed to a USB powerbank."
-  caption="Our portable WiFi HaLow bridge"
->}}
-
-We constructed a network using two evaluation kits, one placed in our second floor office next to a window that faces
-down a street, and the other velcroed to a powerbank allowing it to be easier moved down the street for measurements
-to be taken of signal strength and negotiated link speed between the two stations.
-
-Test traffic would be generated over the link with an mobile device connecting to the mobile station, via conventional
-WiFi, which would use the WiFi HaLow bridge to communicate with a Butter Box back in the office.
-Another mobile device was connected to the office station via conventional WiFi so that the two devices could exchange
-end-to-end encrypted messages using the [Delta Chat](https://delta.chat/) relay hosted on the Butter Box.
-
-In order to determine the theoretical performance before conducting practical experiments, we did model the expected
-received signal strength around the office station:
-
-{{< figure
-  src="/images/2026/halow-coverage.png"
-  alt="A coverage map showing that WiFi HaLow is not as affected by buildings as traditional 2.4 and 5GHz WiFi, with good coverage stretching approximately 400 meters in all directions from the access point site."
-  caption="Coverage map for the test WiFi HaLow access point at the SR2 office"
->}}
-
-The colours in this diagram change as signal strength decreases moving away from the office, from red through yellow,
-green, and blue. From the data sheet, we know the expected link speed achievable for each level of received signal
-strength:
-
-<table>
-<caption>PHY data rate (Mbps) / Minimum receive sensitivity (dBm)</caption>
-<tr>
-<th colspan="2">1 MHz Channel</th>
-<th colspan="2">2 MHz Channel</th>
-</tr>
-<tr>
-<td>0.1 Mbps</td>
-<td>-107 dBm</td>
-<td colspan="2">&mdash;</td>
-</tr>
-<tr><td>0.3 Mbps</td><td>-106 dBm</td><td>0.7 Mbps</td><td>-103 dBm</td></tr>
-<tr><td>0.7 Mbps</td><td>-104 dBm</td><td>1.4 Mbps</td><td>-101 dBm</td></tr>
-<tr><td>1.0 Mbps</td><td>-102 dBm</td><td>2.2 Mbps</td><td>-99 dBm</td></tr>
-<tr><td>1.3 Mbps</td><td>-99 dBm</td><td>2.9 Mbps</td><td>-96 dBm</td></tr>
-<tr><td>2.0 Mbps</td><td>-96 dBm</td><td>4.3 Mbps</td><td>-93 dBm</td></tr>
-<tr><td>2.7 Mbps</td><td>-92 dBm</td><td>5.8 Mbps</td><td>-89 dBm</td></tr>
-<tr><td>3.0 Mbps</td><td>-90 dBm</td><td>6.5 Mbps</td><td>-87 dBm</td></tr>
-<tr><td>3.3 Mbps</td><td>-89 dBm</td><td>7.2 Mbps</td><td>-86 dBm</td></tr>
-<tr><td>4.0 Mbps</td><td>-85 dBm</td><td>8.9 Mbps</td><td>-82 dBm</td></tr>
-<tr><td>4.4 Mbps</td><td>-83 dBm</td><td colspan="2">&mdash;</td></tr>
-</table>
-
-Our test path was to the left of the office on the map above, towards "West End".
-We expected reliable connectivity at a speed >2 Mbps up until we were approaching the threshold where we expected to
-drop below 96 dBm, where the greens start to turn into blues approximately 500 meters from the office.
-What we found, however, was that the negotiated link speed of the bridge was volatile even just 50 meters down the road.
-We would frequently see the link speeds drop to 0.3 Mbps before recovering tens of seconds later.
-This is obviously not the ideal environment being an urban environment with vehicular traffic and plenty of other
-devices competing for spectrum. (Check out the
-[Morse Micro YouTube channel](https://www.youtube.com/@morsemicro) if you want to see some ideal environment tests, like
-this one [achieving 3km range along Ocean Beach, California](https://www.youtube.com/watch?v=2xlUijXucoM)).
-
-At 500 meters it was still possible, albeit frustratingly slow at times, to access the Butter Box interface over the
-bridge. At that distance, it would be practical to have a second Butter Box to provide an interface and Delta Chat
-relay, and then allow the relays to communicate over the bridge but keep other interactions local. Delta Chat is built
-on email which was designed to be delay tolerant from the start and so is well suited for this use case.
-
-WiFi HaLow operates in an ISM (industrial, scientific, and medical) band. This is a special allocation where the device
-is certified but the individual operator does not need a licence themselves, as they would with marine, air, or land
-mobile radio equipment. Part of this certification is that the equipment must cooperate with other spectrum users and
-this is implemented in WiFi HaLow, as with conventional WiFi, with a "listen before send" test. If another device is
-sending data then the device must wait for the channel to be clear until it is able to transmit.
-
-Unfortunately due to weather we did not have many opportunities to field test the equipment, so do not have comparable
-data for less dense environments or environments with lower vehicular traffic. One of the things we note is very common
-on the 868MHz band, at least in the UK, is vehicle tyre pressure sensors that are communicating from the spinning tyre
-back to the car to alert drivers to low pressure.
-
-## LoRa
-
-LoRa (from "long range") is a physical layer radio modulation technique based on chirp spread spectrum.
-It encodes data by sweeping radio signals across frequencies making the signal resistant to interference and capable of
-travelling greater distances at lower power.
-
-LoRa itself is not a complete network stack and only provides the physical radio characteristics.
-It is not possible to build a fully open source LoRa system as its physical layer is a proprietary standard owned by
-Semtech.
-The techniques that make LoRa function are locked behind semiconductor licensing.
-
-Like WiFi HaLow, it uses the 868MHz/915MHz bands, but also has the option of a second band at 433MHz.
-While you're more likely to get a range gain from using a better antenna or feeder than from shifting from the 868MHz to
-433MHz band, the ISM band at 433MHz overlaps with the 70cm amateur radio band in regions 1 and 2, and some region 3
-countries.
-This overlap has led to the production of hardware with transmit power capability than would be allowed when operating
-as an ISM device, and this higher power often produces very impressive range results.
-
-The tradeoff here is more extreme, but it is the same as for WiFi HaLow, you sacrifice throughput for range.
-For our testing we used a pair of RS232 to LoRa bridges purchased from AliExpress.
-These are available for just £25.91 ex. VAT each at time of writing, considerably cheaper than the WiFi HaLow kit.
-They were labelled as "USR-LG206-P" and while we were unable to obtain a datasheet, the listing stated that we would get
-2680 bits per second. Not megabits, not kilobits, just bits.
-
-We confirmed that data could indeed be sent over greater distances than WiFi HaLow in our initial testing however this
-throughput was not suitable to attempt to load the Butter Box portal.
-One possibility for future exploration would be to run UUCP over the emulated serial link.
-The necessary software for this [is maintained in Debian to this day](https://packages.debian.org/sid/uucp) and would
-be ready for configuration in a custom Delta Chat relay configuration.
-
-Projects like [tinySSB](https://github.com/ssbc/tinySSB) recognise the severe limitations of LoRa and have adapted their
-protocols to the lower throughput rate, including enhanced compression, smaller packet sizes, and even ignoring some of
-the restrictions that are placed on ISM band users like [duty cycle](https://en.wikipedia.org/wiki/Duty_cycle)
-restrictions.
-Butter Box could act as a node in these kinds of mesh networks, but ultimately these systems serve different purposes.
-
-## The Verdict
-
-LoRa has superior range and the equipment may be more widely available at a cheaper price, but the throughput is low
-enough that it requires protocols that have been specifically designed with these slow speeds and high latency in mind.
-Even transmitting low resolution images over these kinds of links would tie them up for minutes at a time.
-If you need to get smaller amounts of data over greater distances then it's definitely a great technology but for the
-Butter Box it does not compliment any existing functionality.
-
-WiFi HaLow may allow a Butter Box deployment to spread across a school campus, refugee camp, or evacuation centre with
-less equipment required for a rapid deployment. Updates provided to one Butter Box could make their way through a
-network of Butter Boxes at reasonable speeds. We believe that in a less dense environment, with fewer devices competing
-for that radio spectrum, the performance would be more reliable however we were not able to fully explore this.
-For many deployments though, the current cost of the hardware may be prohibitive. We are hopeful that the price of this
-will come down as Morse Micro moves from the evaluation kits towards production quality implementations.
diff --git a/content/posts/2026-butter-box-portal/index.md b/content/posts/2026-butter-box-portal/index.md
deleted file mode 100644
index 613ada3..0000000
--- a/content/posts/2026-butter-box-portal/index.md
+++ /dev/null
@@ -1,85 +0,0 @@
-+++
-title = 'Butter Box Portal Improvements'
-date = 2026-04-15T16:00:00-00:00
-lastmod = 2026-04-15T16:00:00-00:00
-draft = false
-tags = ['local','offline','butterbox', 'deltachat']
-[params]
-  author = 'Ana Custura'
-+++
-
-As part of our latest development project with the [Guardian Project team](https://guardianproject.info/), we have 
-re-engineered the [Butter Box](https://likebutter.app/) portal interface. This post describes the design choices and improvements within the new 
-portal.
-
-<!--more-->
-
-## Portal tech stack 
-
-Previously, the interface was a static site built with [Jekyll](https://jekyllrb.com/), which offered no customisation 
-options and was ill-suited for the portal's dynamic requirements. It has now been replaced with a [Python Flask](https://flask.palletsprojects.com/en/stable/) 
-application, a lightweight framework that allows developers to include only the necessary libraries, [such as for 
-localisation](https://python-babel.github.io/flask-babel/), minimising the application's footprint.
-
-We are now also using [Bulma CSS](https://bulma.io/) to style it, a free and open source framework that is lightweight 
-and JS free, designed for mobile applications, which was also chosen with reducing the size of the portal app in mind.
-
-## Portal customisation
-
-In contrast, the new portal features the ability to change the logo and modify the display name of a Butter Box, making
-it more customisable. This allows different communities to deploy the box in a way that better aligns with their 
-identity and fosters greater trust with their users.
-
-{{< figure
-  src="/images/2026/portal-branding.png"
-  alt="A screenshot of the Butter Box portal including fields to change the name and logo."
-  caption="The Butter Box portal boasts new customisation capabilities."
->}}
-
-We've also made improvements to allow users to configure Butter Box security with minimal effort. This includes changing the 
-admin password for the interface, modifying the Wi-Fi name, setting a Wi-Fi password, changing the root password, 
-and controlling SSH behavior through the portal.
-
-{{< figure
-  src="/images/2026/portal-security.png"
-  alt="A screenshot of the Butter Box portal including fields to change the root and admin passwords and SSH behaviour."
-  caption="The Butter Box portal also features new security capabilities."
->}}
-
-We now also allow setting a date and time for the box through the portal. This functionality is essential for supporting
-more advanced applications in the future, particularly those involving cryptography, which require accurate time 
-synchronisation. Note that the Raspberry Pi does not have an internal real-time clock module, so manual time 
-configuration is necessary in the absence of the Internet.
-
-Future plans include a customizable welcome message on the portal landing page and the ability for administrators to 
-upload a custom background image. These enhancements will expand branding options for organizations deploying the box.
-
-
-## Integrating DeltaChat
-
-The portal now includes a dedicated page that allows users to download the [DeltaChat](https://delta.chat/en/) APK for 
-Android devices and securely register an account on a locally running relay. During registration, a randomly generated 
-username and password are provided.
-
-{{< figure
-  src="/images/2026/portal-deltachat.png"
-  alt="A screenshot of the Butter Box portal DeltaChat account registration page."
-  caption="DeltaChat messaging through a local relay is now supported by Butter Box."
->}}
-
-This enhancement would in future enable the connection of multiple relays running on separate boxes, to ultimately allow
-sending messages between communities.
-
-## Portal updates and future
-
-An advantage of using [Debian](https://en.wikipedia.org/wiki/Debian) as the OS for Butter Box is the ability to create 
-a content pack with a local [Debian mirror](https://www.debian.org/mirror/ftpmirror), enabling the box to be updated 
-without an Internet connection. 
-
-The future plan for the portal is therefore to package it as a Debian package, enabling updates through the Butter Box 
-OS’s native package management. Updates to any APKs distributed via the portal, such as the Delta Chat APK, would also 
-be delivered through upgrading the portal, and will not require re-flashing a new image onto the box.
-
-Ultimately, as a result of portal improvements the Butter Box is now a more flexible, secure, and upgradable platform,
-and the groundwork has been laid for enabling future capabilities like cross-box messaging and time-sensitive 
-cryptographic applications.
diff --git a/content/posts/2026-cyber-essentials/index.md b/content/posts/2026-cyber-essentials/index.md
deleted file mode 100644
index f63695d..0000000
--- a/content/posts/2026-cyber-essentials/index.md
+++ /dev/null
@@ -1,53 +0,0 @@
-+++
-title = 'SR2 Communications Achieves Cyber Essentials Certification'
-date = 2026-05-03T09:20:00-00:00
-lastmod = 2026-05-03T09:20:00-00:00
-draft = false
-tags = ['security', 'audit']
-[params]
-  author = 'Iain Learmonth'
-+++
-
-We're pleased to announce that SR2 Communications has achieved
-[Cyber Essentials](https://www.ncsc.gov.uk/cyberessentials/overview) certification, the UK government's baseline
-standard for cyber security.
-This milestone represents an important addition to our existing security practices and reinforces our dedication to
-protecting the organisations we serve.
-
-<!--more-->
-
-<figure>
-<img src="/images/2026/cyber-essentials.png" alt="Certificate of Assurance - SR2 Group Limited, incorporating SR2 Communications Limited and SR2 Professional Services Limited, complies with the requirements of the Cyber Essentials scheme">
-<figcaption>Our Cyber Essentials Certificate</figcaption>
-</figure>
-
-Cyber Essentials is a government-backed certification scheme developed by the National Cyber Security Centre (NCSC).
-It establishes five core technical controls designed to prevent the most common cyber security threats.
-According to NCSC, organisations with this certification are protected against approximately 80% of the most common
-cyber attacks that they have observed.
-
-We've always had a strong focus on security (it's the S in SR2!) and have always maintained rigorous security practices
-in our software development and infastructure hosting including external audits of application code and periodic
-penetration testing of our infrastructure. These practices remain in place and will continue to provide project-specific
-assurance. However, Cyber Essentials addresses something equally critical: the foundational security of our
-organisation.
-
-While code audits and pentests examine specific systems and software, Cyber Essentials evaluates how we operate as an
-organisation, covering five primary areas:
-
-* Boundary firewalls and internet gateways
-* Secure configuration
-* User access control
-* Malware protection
-* Patch management
-
-This certification ensures that the foundation upon which our technical work rests is equally secure. The organisations
-we work with include free software projects, charities, non-profits, advocacy groups, and the media.
-They often handle sensitive data related to vulnerable populations, campaign strategies, and confidential stakeholder
-information. They need partners they can trust.
-
-For those partners operating with limited resources, knowing that their technology partners meet recognised security
-standards removes one more concern from their already demanding work.
-
-If your organisation is looking for a technology partner that understands your mission and takes security seriously,
-we'd welcome you to [get in touch](/contact).
\ No newline at end of file
diff --git a/content/posts/2026-hiring-python-developer/index.md b/content/posts/2026-hiring-python-developer/index.md
index ebb5a4e..bf23a20 100644
--- a/content/posts/2026-hiring-python-developer/index.md
+++ b/content/posts/2026-hiring-python-developer/index.md
@@ -1,7 +1,7 @@
 +++
 title = 'Python Backend Developer Opening'
 date = 2026-02-08T13:00:00-00:00
-lastmod = 2026-03-05T10:00:00-00:00
+lastmod = 2026-02-14T10:00:00-00:00
 draft = false
 tags = ['job','python']
 [params]
@@ -12,8 +12,6 @@ SR2 Communications develops technology to support individuals, journalism public
 with their digital security needs. This ranges from secure hosting of an off-the-shelf application to bespoke
 development of novel software to fill a niche requirement.
 
-<!--more-->
-
 We are searching for a Python developer to join our team to work on a backend application.
 The application will use the FastAPI framework and communicate with a PostgreSQL database and third-party APIs.
 The application uses OpenID Connect for authentication.
@@ -39,9 +37,7 @@ Initially the position is for 4 months, however we expect to be able to extend t
 
 ## How to apply
 
-~~Send your CV with cover letter by email to contact@sr2.uk. Please do not use a LLM when constructing your CV or cover
-letter.~~
+Send your CV with cover letter by email to contact@sr2.uk. Please do not use a LLM when constructing your CV or cover
+letter.
 
-~~We will build a shortlist and invite selected candidates to interview.~~
-
-**This position has now closed.**
\ No newline at end of file
+We will build a shortlist and invite selected candidates to interview.
\ No newline at end of file
diff --git a/content/support.md b/content/support.md
index 4c6da7a..e5e3115 100644
--- a/content/support.md
+++ b/content/support.md
@@ -1,6 +1,6 @@
 +++
 title = 'Support'
-date = 2026-05-03T10:30:00-00:00
+date = 2026-02-03T08:00:00-07:00
 description = 'Customer support contact methods and service level objectives.'
 type = "page"
 +++
@@ -9,8 +9,6 @@ You can get support directly from our staff.
 For most customers the most efficient way to see your issue resolved will be to contact us via our support system or by
 email to contact@sr2.uk.
 
-OpenPGP fingerprint: [`1135 3E54 83C7 152B 165C 46A7 9CE7 365E C2E1 4728`](/helpdesk.asc)
-
 Below you can also find additional options for support, and what you can expect when you contact us.
 
 ### 1. Service Level Objective
diff --git a/content/team/alicja-mlek.md b/content/team/alicja-mlek.md
deleted file mode 100644
index 32776fa..0000000
--- a/content/team/alicja-mlek.md
+++ /dev/null
@@ -1,10 +0,0 @@
-+++
-date = '2026-04-02T15:48:38+01:00'
-draft = false
-name = 'Alicja Mlek'
-[params]
-    pronoun = '(she/her)'
-    education = 'AICB'
-    role = 'Office Manager'
-    photo = 'team/images/alicja.webp'
-+++
diff --git a/content/team/chris-milne.md b/content/team/chris-milne.md
deleted file mode 100644
index ca9c81b..0000000
--- a/content/team/chris-milne.md
+++ /dev/null
@@ -1,10 +0,0 @@
-+++
-date = '2026-04-02T15:48:38+01:00'
-draft = false
-name = 'Chris Milne'
-[params]
-    pronoun = '(he/him)'
-    education = ''
-    role = 'Backend Developer'
-    photo = 'team/images/question.png'
-+++
diff --git a/hugo.toml b/hugo.toml
index 022ce39..22eb382 100644
--- a/hugo.toml
+++ b/hugo.toml
@@ -51,7 +51,6 @@ NCAGE: U2G06'''
 [languages.en.params.footer.col2]
   items = [
     {title = 'Information'},
-    {text = 'Service Status', href='https://status.sr2.uk/', status=true},
     {text = 'Customer Support', href = '/support'},
     {text = 'Reporting Abuse', href = '/abuse'},
     {text = 'Visiting Us', href = '/visiting'},
@@ -60,17 +59,13 @@ NCAGE: U2G06'''
     {text = 'Terms and Conditions', href = '/terms'},
     {text = 'Privacy Policy', href = '/privacy'},
     {text = 'Complaints Policy', href = '/complaints'},
-    {text = 'Other Policies', href='/policies'},
   ]
 
 [languages.en.params.footer.col3]
   items = [
     {title = 'Social'},
-    {text = 'Open Collective', icon = 'circle', href='https://opencollective.com/sr2comm'},
     {text = 'Git', icon = 'git-branch', href = 'https://guardianproject.dev/sr2'},
-    {text = 'Bluesky', icon = 'at-sign', href = 'https://bsky.app/profile/sr2.uk'},
     {text = 'LinkedIn', icon = 'linkedin', href = 'https://www.linkedin.com/company/sr2uk/'},
-    {logo = 'images/footer/essentials.png', href = "/cyber-essentials.pdf"},
   ]
 
 [params.styles]
@@ -90,6 +85,3 @@ NCAGE: U2G06'''
   color_gradient_end = '#009A64'
   color_text = "#222"
   bp_mobile = '768px'
-
-[markup.goldmark.renderer]
-unsafe = true
\ No newline at end of file
diff --git a/layouts/_partials/head/scripts.html b/layouts/_partials/head/scripts.html
deleted file mode 100644
index d6c929f..0000000
--- a/layouts/_partials/head/scripts.html
+++ /dev/null
@@ -1,78 +0,0 @@
-<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
-{{ if eq .Name "Contact" }}
-	<script
-		id="zammad_form_script"
-		src="https://help.sr2.uk/assets/form/form.js"></script>
-	<script>
-		$(function () {
-			$("#zammad-feedback-form").ZammadForm({
-				agreementMessage: {{ site.Params.feedback.agreementMessage }},
-				messageSubmit:{{ site.Params.feedback.messageSubmit }},
-				messageThankYou:{{ site.Params.feedback.messageThankYou }},
-				showTitle: false,
-				noCSS: true,
-			});
-		});
-</script>
-{{ end }}
-<script>
-	$(function () {
-		var cStateAPIRoot = 'https://status.sr2.uk/index.json'
-		var cStateDotTargetElement = document.querySelector('.status-indicator');
-
-		// Only change this if you are hacking around! :)
-		var cStateEmbedPrefix = '[cState HTML Embed v2.0] ';
-		var cStateEmbedDebugging = false;
-		var cStateAPIStatus = 'tryingToGetStatus';
-
-		fetch(cStateAPIRoot)
-			.then(
-				function(response) {
-					if (response.status !== 200) {
-						console.log(cStateEmbedPrefix + 'API not OK, it sent HTTP status code ' +
-							response.status);
-						return;
-					}
-
-					// Examine the text in the response
-					response.json().then(function(data) {
-						cStateAPIStatus = data.summaryStatus;
-
-						// When debugging, this code should be run to see API response
-						if (cStateEmbedDebugging) {
-							console.log(cStateEmbedPrefix + 'API response: ', data);
-							console.log(cStateEmbedPrefix + 'API says status page is: ' + cStateAPIStatus);
-						}
-
-						// UI code (run even if not debugging)
-						// You can change how the dot appears here
-						cStateDotTargetElement.style.display = 'inline-block';
-						cStateDotTargetElement.style.height = '10px';
-						cStateDotTargetElement.style.width = '10px';
-						cStateDotTargetElement.style.borderRadius = '50%';
-						cStateDotTargetElement.setAttribute('aria-label', 'Status indicator');
-						cStateDotTargetElement.style.backgroundColor = '#333';
-						// Sets color and accessible label
-						if (cStateAPIStatus === 'ok') {
-							cStateDotTargetElement.style.backgroundColor = '#4caf50';
-							cStateDotTargetElement.setAttribute('aria-label', 'Green icon indicating no issues');
-						} else if (cStateAPIStatus === 'notice') {
-							cStateDotTargetElement.style.backgroundColor = '#607d8b';
-							cStateDotTargetElement.setAttribute('aria-label', 'Gray icon asking users to check status page');
-						} else if (cStateAPIStatus === 'disrupted') {
-							cStateDotTargetElement.style.backgroundColor = '#ff9800';
-							cStateDotTargetElement.setAttribute('aria-label', 'Orange icon indicating disruptions');
-						} else { // down
-							cStateDotTargetElement.style.backgroundColor = '#82071e';
-							cStateDotTargetElement.setAttribute('aria-label', 'Red icon indicating downtime');
-						}
-
-					});
-				}
-			)
-			.catch(function(err) {
-				console.log('Fetch error :-S', err);
-			});
-	});
-	</script>
-
diff --git a/layouts/_partials/home.html b/layouts/_partials/home.html
index 79ad551..0e24b83 100644
--- a/layouts/_partials/home.html
+++ b/layouts/_partials/home.html
@@ -6,6 +6,13 @@
 
 <div class="divider"></div>
 
+{{ $ctx := dict
+	"page" .
+	"title" (T "Our Team")
+	"content" (partial "team.html" .)
+}}
+{{ partial "flex-section.html" $ctx }}
+
 {{ $ctx := dict
   "page" .
   "title" (T "Our Partners")
diff --git a/layouts/_partials/partners.html b/layouts/_partials/partners.html
index 83a3786..105baf3 100644
--- a/layouts/_partials/partners.html
+++ b/layouts/_partials/partners.html
@@ -4,25 +4,12 @@
     <img style="max-height: 100px; max-width: 100%;" src="{{ .RelPermalink }}" alt="Guardian Project">
   {{ end }}
 </div>
-
-<div class="team-member">
+  <div class="team-member">
   {{ with resources.Get "/images/logos/civicert.png" }}
   <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="CiviCERT">
   {{ end }}
 </div>
 
-<div class="team-member">
-  {{ with resources.Get "/images/logos/fdroid.webp" }}
-  <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="F-Droid">
-  {{ end }}
-</div>
-
-<div class="team-member">
-  {{ with resources.Get "/images/logos/tor.png" }}
-  <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="Tor Project">
-  {{ end }}
-</div>
-
 <div class="team-member">
   {{ with resources.Get "/images/logos/cdr.png" }}
   <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="Centre for Digital Resilience">
@@ -30,14 +17,14 @@
 </div>
 
 <div class="team-member">
-  {{ with resources.Get "/images/logos/hetzner.webp" }}
-  <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="Hetzner">
+  {{ with resources.Get "/images/logos/tor.png" }}
+  <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="Tor Project">
   {{ end }}
 </div>
 
 <div class="team-member">
-  {{ with resources.Get "/images/logos/nominet.png" }}
-  <img style="max-height: 80px;" src="{{ .RelPermalink }}" alt="Nominet Accredited Channel Partner">
+  {{ with resources.Get "/images/logos/hetzner.webp" }}
+  <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="Hetzner">
   {{ end }}
 </div>
 
@@ -46,3 +33,9 @@
   <img style="max-height: 100px;" src="{{ .RelPermalink }}" alt="Open Rights Group">
   {{ end }}
 </div>
+
+<div class="team-member">
+  {{ with resources.Get "/images/logos/nominet.png" }}
+    <img style="max-height: 80px;" src="{{ .RelPermalink }}" alt="Nominet Accredited Channel Partner">
+  {{ end }}
+</div>
diff --git a/policies/Justfile b/policies/Justfile
deleted file mode 100644
index d4f76ab..0000000
--- a/policies/Justfile
+++ /dev/null
@@ -1,8 +0,0 @@
-update:
-    #!/usr/bin/env bash
-    for file in *.bs; do
-        specname="${file%.bs}"
-        mkdir -p "../static/policies/${specname}/"
-        bikeshed spec "${file}" "../static/policies/${specname}/index.html"
-    done
-
diff --git a/policies/biblio.json b/policies/biblio.json
deleted file mode 100644
index 8376f1d..0000000
--- a/policies/biblio.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "EFF-DICE": {
-    "href": "https://www.eff.org/dice",
-    "title": "EFF Dice-Generated Passphrases",
-    "publisher": "Electronic Frontier Foundation",
-    "source": "https://www.eff.org/dice"
-  }
-}
diff --git a/policies/copyright.include b/policies/copyright.include
deleted file mode 100644
index 41a9607..0000000
--- a/policies/copyright.include
+++ /dev/null
@@ -1,3 +0,0 @@
-&copy; <a href="https://www.sr2.uk/">SR2 Communications Limited</a>.
-This document is licensed under <a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0</a>.
-<img src="https://mirrors.creativecommons.org/presskit/icons/cc.svg" alt="" style="max-width: 1em;max-height:1em;margin-left: .2em;" no-autosize><img src="https://mirrors.creativecommons.org/presskit/icons/by.svg" alt="" style="max-width: 1em;max-height:1em;margin-left: .2em;" no-autosize>
\ No newline at end of file
diff --git a/policies/header.include b/policies/header.include
deleted file mode 100644
index 6241d72..0000000
--- a/policies/header.include
+++ /dev/null
@@ -1,30 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-  <title>[TITLE]</title>
-  <style data-fill-with="stylesheet">
-  </style>
-  <style>
-
-  </style>
-</head>
-<body class="h-entry">
-<div class="head">
-  <p style="background-color: #000; padding: 10px; font-size: large; font-weight: bold; color: #fff; float: right;">TLP:CLEAR</p>
-  <img src="https://www.sr2.uk/images/logo.png" alt="SR2 Communications Limited" width="400" style="margin-bottom: 10px;">
-  <h1 id="title" class="p-name no-ref">[TITLE]</h1>
-  <h2 id="subtitle" class="no-num no-toc no-ref">Draft for Approval by Company Directors,
-    <span class="dt-updated"><span class="value-title" title="[CDATE]">[DATE]</span></span>
-  </h2>
-  <div data-fill-with="spec-metadata"></div>
-  <div data-fill-with="warning"></div>
-  <p class='copyright' data-fill-with="copyright"></p>
-  <hr title="Separator for header">
-</div>
-
-<div class="p-summary" data-fill-with="abstract"></div>
-<div data-fill-with="at-risk"></div>
-
-<nav data-fill-with="table-of-contents" id="toc"></nav>
-<main>
\ No newline at end of file
diff --git a/policies/password_auth.bs b/policies/password_auth.bs
deleted file mode 100644
index 1d44e32..0000000
--- a/policies/password_auth.bs
+++ /dev/null
@@ -1,147 +0,0 @@
-<h1>Passwords and Authentication Policy</h1>
-<pre class="metadata">
-Status: DREAM
-Local Boilerplate: header yes, copyright yes, defaults yes
-Boilerplate: status no
-TR: https://www.sr2.uk/policies/password-auth/
-Shortname: password-auth
-Complain About: accidental-2119 yes
-No Editor: true
-!Version: 1.0
-Abstract: A policy defining an effective authentication management procedures when conducting company-related business.
-</pre>
-
-# Objective # {#objective}
-
-This policy defines an effective authentication management procedures when conducting company-related business and
-includes the:
-
-* issuing and selection of strong authentication methods and credentials;
-* protection of secret authentication credentials;
-* frequency of change in terms of authentication credentials;
-* reporting of any suspected breach or lost authentication credentials;
-* use of authentication methods with third party systems (including cloud technology).
-
-Authentication is a key method of securing our information – choosing weak authentication methods, or failing to keep
-the authentication credentials secure, places the confidentiality of our data at risk.
-
-# Scope # {#scope}
-
-The scope of the policy covers all individuals either employed or contracted to work with or for the company, either
-in-office or remotely.
-
-# Definitions # {#definitions}
-
-: Authentication method
-:: Any method by which a user may authenticate themselves in order to gain access to a location, data or service, such
-     as text entry (e.g. passwords, passphrases, PINs), biometrics (e.g. fingerprints), etc.
-: Authentication credentials
-:: The specific data or information used by a user to authenticate themselves, including but not limited to passwords,
-     passphrases, PINs, and biometric data.
-: Multi-Factor Authentication (MFA)
-:: An authentication method that requires the user to provide two or more verification factors to gain access, such as
-     something they know (e.g., password), something they have (e.g., a security token or mobile device), and/or
-     something they are (e.g., biometric data).
-: Cloud-based system
-:: A service or platform hosted over the internet that allows users to access data, applications and services remotely.
-: Password manager
-:: A software product used for the secure storage of passwords, which must be approved for use, and includes functions
-     for generating strong passwords compliant with this policy.
-
-# Policy # {#policy}
-
-Authentication method covers any methods by which a user may authenticate themselves in order to gain access to a
-location, data or service, such as text entry (e.g. passwords, passphrases, PINs), biometrics (e.g. fingerprints), etc.
-The company ensures that authentication credentials are kept confidential by:
-
-- storing authentication credentials in a secure manner;
-- changing manufacturer default authentication credentials and disabling guest accounts on all equipment;
-- issuing new users with temporary authentication credentials, which must be changed at first login to a stronger
-    alternative (defined later);
-- authentication credentials issued to new users are done so in a secure manner (e.g. never in clear text via an email);
-- changing all multi-user credentials (e.g. for communal equipment) used by an employee in the event that their
-    employment ends;
-- ensuring that access to user credentials is limited to ICT administrators for the purpose of resetting, revoking or
-    problem resolution – authentication methods may only be reset once the identity of the user has been verified;
-- locking accounts after 5 failed login attempts in order to dissuade brute-forcing attempts;
-- training staff in the use of digital password managers, and the risks of storing passwords in any other form (such as
-    a notebook at their workstation, or Post-It note).
-
-Users must ensure that they do all they can to maintain the confidentiality of their authentication credentials by
-never:
-
-- using company authentication credentials for any other account they hold (including personal accounts such as home
-    utilities, email, online shopping services, etc);
-- having a physical copy of their credentials;
-- using a non-approved method for password generation;
-- entering authentication credentials on non-company equipment (for example, home or public access PCs);
-- revealing authentication credentials to anyone, including line managers, unless relaying information on temporary
-    credentials which are changed immediately upon next login. This includes never
-    sharing authentication credentials with co-workers (e.g. whilst on annual leave);
-- discussing authentication credentials in front of others.
-
-## Password Authentication ## {#passwords}
-
-Many services and policies only allow for password authentication methods, and so they are given a special focus here.
-Strong passwords MUST be used for authentication. The company defines a strong password as one generated by one of two
-processes: random string generation by a password manager or using diceware [[!EFF-DICE]].
-
-Where a password is to be stored in a password manager, it MUST be randomly generated by the password manager with the
-parameters:
-
-- having a minimum number of 14 characters in length;
-- using longer passwords where permitted by the service;
-- including a mixture of numbers, upper and lower case letters, and special characters.
-
-Where special characters are not possible due to technical restrictions, the minimum length is 20 characters.
-
-For the avoidance of doubt, weak passwords must never be used. Weak, text-based authentication credentials generally
-have one or more of the following characteristics:
-
-- credential is the same, or partly the same, as the username;
-- names of family members, friends, or pets are used;
-- personal information about yourself or family members which can be easily found from social networking sites,
-    including date of birth, phone number, street name, etc.;
-- consecutive alphanumeric characters or keys on the keyboard, such as ‘abc123’ or ‘qwerty’;
-- dictionary words including the inclusion of a number or character at the start or end or substituting numbers or
-    punctuation for letters, for example, ‘P@55w0rd’;
-- a known word from any language (which may not be in a dictionary).
-
-For passwords that are intended to be memorised, the MUST be generated using diceware. The above restrictions likely
-will not be met using this method as the intention is to provide a strong password that is easy to remember, and the
-strength comes from the underlying dice rolls. Any other method of generating a passphrase MUST NOT be used even if it
-results in one that bears similarity to a diceware-generated passphrase.
-
-Memorised passphrases generated with diceware SHOULD be used for:
-
-- end-user device login passphrase;
-- password manager decryption passphrase.
-
-## Multi-Factor Authentication ## {#mfa}
-
-Wherever the option is offered by a given service or piece of software, multi-factor authentication is to be used (e.g.
-a fingerprint and a passphrase, or a voice sample, PIN and verification SMS).
-
-Where a hardware token is in use to authenticate to a system without a password, the token itself MUST be secured with
-a memorised PIN of at least 6 digits.
-
-## Credentials for Cloud-Based Systems and Online Portals ## {#cloud}
-
-It is to be remembered that the company makes use of cloud-based technology and online portals, which may not enforce
-strong authentication credentials. It is therefore up to the individual to ensure a good authentication regime is
-maintained, which is as strong as that used within the organisation. In line with the company’s "Internet Use
-Policy", users shall:
-
-- not create an online account for business purposes without authorisation from a director;
-- advise a director when there is no longer a need to have the online account in order to ensure that it is
-    removed.
-
-## Credential Compromise Policy ## {#compromise}
-
-In the event of a credential compromise, users SHALL take immediate action to secure the account by resetting or
-invalidating the credentials and report the incident to a director as soon as practical.
-It is policy that any password compromise event will be shared with CiviCERT members via the MISP platform to allow for
-shared learning from the incident.
-Directors will be responsible for determining if a data breach notification is necessary to our clients or to the
-Information Commissioners Office.
-
diff --git a/policies/public_wifi.bs b/policies/public_wifi.bs
deleted file mode 100644
index 997c05f..0000000
--- a/policies/public_wifi.bs
+++ /dev/null
@@ -1,61 +0,0 @@
-<h1>Public WiFi Policy</h1>
-<pre class="metadata">
-Status: DREAM
-Local Boilerplate: header yes, copyright yes
-Boilerplate: status no
-TR: https://www.sr2.uk/policies/public-wifi/
-Shortname: public-wifi
-Complain About: accidental-2119 yes
-No Editor: true
-!Version: 1.0
-Abstract: A policy governing staff and contractor use of public WiFi networks when accessing company data.
-</pre>
-
-# Objective # {#objective}
-
-The company approves remote working to work-related cloud services and work email accounts, as long as the devices used
-to access these have been sanctioned by the company. Using public WiFi to conduct business, without the necessary
-safeguards, places our data at risk of theft. The purpose of this policy is to provide the framework for those
-safeguards.
-
-# Scope # {#scope}
-
-The scope of the policy covers all individuals either employed or contracted to work with, or for, the company, either
-on a company site or remotely.
-
-# Definitions # {#definitions}
-
-: Public WiFi Network
-:: Any wireless network access provided by a third party, such as hotels, cafes, airports, or public hotspots, that is
-     open to public or unvetted access. For the purpose of this policy, eduroam connections other than those on an SR2
-     managed site are to be considered Public WiFi Networks.
-: Sanctioned Device
-:: A device (e.g., laptop, tablet, smartphone) that has been approved and provisioned by the
-     company for business use, with appropriate security configurations and software installed.
-
-# Policy # {#policy}
-
-Devices that are not sanctioned by the company, including home PCs or public access PCs, MUST NOT be used to access
-company cloud services, data, or email accounts.
-
-Though the company takes every effort to ensure that sanctioned devices are adequately protected, the individual MUST
-ensure that, before connecting to the Wi-Fi network, the device has:
-
-- up-to-date antivirus and antispyware software;
-- a firewall that is activated and configured to company requirements (i.e. the settings have not been changed) since
-    the device was configured;
-- all software (including the Web browser) is current with automatic updating;
-- file sharing (e.g. SMB) is switched off.
-
-For security reasons staff and contractors MUST:
-
-- consider if mobile phone tethering is available and use this as the first choice;
-- consider delaying transmission of information until at a secure location;
-- not follow prompts to update software whilst connected to a public network;
-- not rely on the encryption provided by the Public WiFi Network (e.g. WPA) to protect company data;
-- ensure that an end-to-end encrypted connection is established and the user has been trained in setting up
-    such a connection for each service to be used (for the avoidance of doubt, TLS is considered to be end-to-end
-    providing that the certificate presented by the server is validated);
-- ensure that URLs in Web browsers are showing the correct Web addresses in case a criminal has hijacked the Wireless
-    Access Point and is forwarding traffic to their site;
-- keep all information secure, including restricting the view of the screen from any unauthorised person(s);
diff --git a/static/.well-known/microsoft-identity-association.json b/static/.well-known/microsoft-identity-association.json
deleted file mode 100644
index 4ba663e..0000000
--- a/static/.well-known/microsoft-identity-association.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-  "associatedApplications": [
-    {
-      "applicationId": "1eb4853c-f999-4763-85b5-8d9bd0035bc0"
-    }
-  ]
-}
\ No newline at end of file
diff --git a/static/cyber-essentials.pdf b/static/cyber-essentials.pdf
deleted file mode 100644
index 8b27003..0000000
Binary files a/static/cyber-essentials.pdf and /dev/null differ
diff --git a/static/helpdesk.asc b/static/helpdesk.asc
deleted file mode 100644
index 245890c..0000000
--- a/static/helpdesk.asc
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Comment: 1135 3E54 83C7 152B 165C  46A7 9CE7 365E C2E1 4728
-Comment: SR2 Helpdesk (Shared Mailbox) <contact@sr2.uk>
-
-xjMEaUqxIBYJKwYBBAHaRw8BAQdAFRCg++SH2sipx7dN977soQzmlAzVM+2f9iKE
-fFPMjYXNLlNSMiBIZWxwZGVzayAoU2hhcmVkIE1haWxib3gpIDxjb250YWN0QHNy
-Mi51az7CmQQTFgoAQRYhBBE1PlSDxxUrFlxGp5znNl7C4UcoBQJpSrEgAhsBBQkD
-wmcABQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEJznNl7C4Ucof3EA/R91
-WLgYJKg7EI9tVjc1CwBvcsq5i5rV517XBJpvgeVYAQDbcZ/Hd1aH4kNWai7FGwZJ
-Umam/eHhBbgEUKuMLmtBDM4zBGlKsTMWCSsGAQQB2kcPAQEHQDMsWTxTDvrlK43J
-1IFU3ncSUCPqfs25kRXEoxYsUmJBwsA1BBgWCgAmFiEEETU+VIPHFSsWXEannOc2
-XsLhRygFAmlKsTMCGwIFCQPCZwAAgQkQnOc2XsLhRyh2IAQZFgoAHRYhBJSgeWhx
-n4DES3R4uVQdQ7N7rA5JBQJpSrEzAAoJEFQdQ7N7rA5JDCcA/0hhu5bkHLezhgqH
-fqYSLmtp2TV5GW1rcZ8SA4TfdT5wAP9d0grZFtrTwqQBQz/v5RzSKhHcSRI9uFZL
-qXpj3HUsAI54AP9b078TsRtPHsIluPtxPZ0t1JYVWC8A4/ii/q5c+vREyAD+P7Om
-Bk2VgHtT2yiuCKVbFdle/TOPdU7klutYlzEbzAnOOARpSrFBEgorBgEEAZdVAQUB
-AQdAi5FmgcXOHwroZxoD/X6tuLzYrdV8KXeKu1I8FMbVrHEDAQgHwn4EGBYKACYW
-IQQRNT5Ug8cVKxZcRqec5zZewuFHKAUCaUqxQQIbDAUJA8JnAAAKCRCc5zZewuFH
-KD6JAQD1qISJfiEvrmTCEV97An8jGhcYk22CHzzGgB3vljQHagD/QM6HQsBjDENc
-KCmNOoaN/Yq6IM2Rc/tkGr/ALdhwggs=
-=W9Nf
------END PGP PUBLIC KEY BLOCK-----
diff --git a/static/images/2026/cyber-essentials.png b/static/images/2026/cyber-essentials.png
deleted file mode 100644
index 3875a2e..0000000
Binary files a/static/images/2026/cyber-essentials.png and /dev/null differ
diff --git a/static/images/2026/halow-coverage.png b/static/images/2026/halow-coverage.png
deleted file mode 100644
index ca2b95e..0000000
Binary files a/static/images/2026/halow-coverage.png and /dev/null differ
diff --git a/static/images/2026/halow-powerbank.png b/static/images/2026/halow-powerbank.png
deleted file mode 100644
index 129a30a..0000000
Binary files a/static/images/2026/halow-powerbank.png and /dev/null differ
diff --git a/static/images/2026/portal-branding.png b/static/images/2026/portal-branding.png
deleted file mode 100644
index 53da52a..0000000
Binary files a/static/images/2026/portal-branding.png and /dev/null differ
diff --git a/static/images/2026/portal-deltachat.png b/static/images/2026/portal-deltachat.png
deleted file mode 100644
index 1f532f5..0000000
Binary files a/static/images/2026/portal-deltachat.png and /dev/null differ
diff --git a/static/images/2026/portal-security.png b/static/images/2026/portal-security.png
deleted file mode 100644
index 48a05b0..0000000
Binary files a/static/images/2026/portal-security.png and /dev/null differ
diff --git a/static/policies/password_auth/index.html b/static/policies/password_auth/index.html
deleted file mode 100644
index a6f7841..0000000
--- a/static/policies/password_auth/index.html
+++ /dev/null
@@ -1,2281 +0,0 @@
-<!doctype html><html lang="en">
- <head>
-  <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
-  <title>Passwords and Authentication Policy</title>
-<style data-fill-with="stylesheet">/******************************************************************************
- *                   Style sheet for the W3C specifications                   *
- *
- * Special classes handled by this style sheet include:
- *
- * Indices
- *   - .toc for the Table of Contents (<ol class="toc">)
- *     + <span class="secno"> for the section numbers
- *   - #toc for the Table of Contents (<nav id="toc">)
- *   - ul.index for Indices (<a href="#ref">term</a><span>, in § N.M</span>)
- *   - table.index for Index Tables (e.g. for properties or elements)
- *
- * Structural Markup
- *   - table.data for general data tables
- *     -> use 'scope' attribute, <colgroup>, <thead>, and <tbody> for best results !
- *     -> use <table class='complex data'> for extra-complex tables
- *     -> use <td class='long'> for paragraph-length cell content
- *     -> use <td class='pre'> when manual line breaks/indentation would help readability
- *   - dl.switch for switch statements
- *   - ol.algorithm for algorithms (helps to visualize nesting)
- *   - .figure and .caption (HTML4) and figure and figcaption (HTML5)
- *     -> .sidefigure for right-floated figures
- *   - ins/del
- *     -> ins/del.c### for candidate and proposed changes (amendments)
- *
- * Code
- *   - pre and code
- *
- * Special Sections
- *   - .note       for informative notes             (div, p, span, aside, details)
- *   - .example    for informative examples          (div, p, pre, span)
- *   - .issue      for issues                        (div, p, span)
- *   - .advisement for loud normative statements     (div, p, strong)
- *   - .annoying-warning for spec obsoletion notices (div, aside, details)
- *   - .correction for "candidate corrections"       (div, aside, details, section)
- *   - .addition   for "candidate additions"         (div, aside, details, section)
- *   - .correction.proposed for "proposed corrections" (div, aside, details, section)
- *   - .addition.proposed   for "proposed additions"   (div, aside, details, section)
- *
- * Definition Boxes
- *   - pre.def   for WebIDL definitions
- *   - table.def for tables that define other entities (e.g. CSS properties)
- *   - dl.def    for definition lists that define other entitles (e.g. HTML elements)
- *
- * Numbering
- *   - .secno for section numbers in .toc and headings (<span class='secno'>3.2</span>)
- *   - .marker for source-inserted example/figure/issue numbers (<span class='marker'>Issue 4</span>)
- *   - ::before styled for CSS-generated issue/example/figure numbers:
- *     -> Documents wishing to use this only need to add
- *        figcaption::before,
- *        .caption::before { content: "Figure "  counter(figure) " ";  }
- *        .example::before { content: "Example " counter(example) " "; }
- *        .issue::before   { content: "Issue "   counter(issue) " ";   }
- *
- * Header Stuff (ignore, just don't conflict with these classes)
- *   - .head for the header
- *   - .copyright for the copyright
- *
- * Outdated warning for old specs
- *
- * Miscellaneous
- *   - .overlarge for things that should be as wide as possible, even if
- *     that overflows the body text area. This can be used on an item or
- *     on its container, depending on the effect desired.
- *     Note that this styling basically doesn't help at all when printing,
- *     since A4 paper isn't much wider than the max-width here.
- *     It's better to design things to fit into a narrower measure if possible.
- *
- *   - js-added ToC jump links (see fixup.js)
- *
- ******************************************************************************/
-
-/* color variables included separately for reliability */
-
-/******************************************************************************/
-/*                                    Body                                    */
-/******************************************************************************/
-
-	html {
-	}
-
-	body {
-		counter-reset: example figure issue;
-
-		/* Layout */
-		max-width: 50em;			  /* limit line length to 50em for readability   */
-		margin: 0 auto;				/* center text within page                    */
-		padding: 1.6em 1.5em 2em 50px; /* assume 16px font size for downlevel clients */
-		padding: 1.6em 1.5em 2em calc(26px + 1.5em); /* leave space for status flag    */
-
-		/* Typography */
-		line-height: 1.5;
-		font-family: sans-serif;
-		widows: 2;
-		orphans: 2;
-		word-wrap: break-word;
-		overflow-wrap: break-word;
-		hyphens: auto;
-
-		color: black;
-		color: var(--text);
-		background: white top left fixed no-repeat;
-		background: var(--bg) top left fixed no-repeat;
-		background-size: 25px auto;
-	}
-
-
-/******************************************************************************/
-/*                         Front Matter & Navigation                          */
-/******************************************************************************/
-
-/** Header ********************************************************************/
-
-	div.head { margin-bottom: 1em; }
-	div.head hr { border-style: solid; }
-
-	div.head h1 {
-		font-weight: bold;
-		margin: 0 0 .1em;
-		font-size: 220%;
-	}
-
-	div.head h2 { margin-bottom: 1.5em;}
-
-/** W3C Logo ******************************************************************/
-
-	.head .logo {
-		float: right;
-		margin: 0.4rem 0 0.2rem .4rem;
-	}
-
-	.head img[src*="logos/W3C"] {
-		display: block;
-		border: solid #1a5e9a;
-		border: solid var(--logo-bg);
-		border-width: .65rem .7rem .6rem;
-		border-radius: .4rem;
-		background: #1a5e9a;
-		background: var(--logo-bg);
-		color: white;
-		color: var(--logo-text);
-		font-weight: bold;
-	}
-
-	.head a:hover > img[src*="logos/W3C"],
-	.head a:focus > img[src*="logos/W3C"] {
-		opacity: .8;
-	}
-
-	.head a:active > img[src*="logos/W3C"] {
-		background: #c00;
-		background: var(--logo-active-bg);
-		border-color: #c00;
-		border-color: var(--logo-active-bg);
-	}
-
-	/* see also additional rules in Link Styling section */
-
-/** Copyright *****************************************************************/
-
-	p.copyright,
-	p.copyright small { font-size: small; }
-
-/** Back to Top / ToC Toggle **************************************************/
-
-	@media print {
-		#toc-nav {
-			display: none;
-		}
-	}
-	@media not print {
-		#toc-nav {
-			position: fixed;
-			z-index: 3;
-			bottom: 0; left: 0;
-			margin: 0;
-			min-width: 1.33em;
-			border-top-right-radius: 2rem;
-			box-shadow: 0 0 2px;
-			font-size: 1.5em;
-		}
-		#toc-nav > a {
-			display: block;
-			white-space: nowrap;
-
-			height: 1.33em;
-			padding: .1em 0.3em;
-			margin: 0;
-
-			box-shadow: 0 0 2px;
-			border: none;
-			border-top-right-radius: 1.33em;
-
-			color: #707070;
-			color: var(--tocnav-normal-text);
-			background: white;
-			background: var(--tocnav-normal-bg);
-		}
-		#toc-nav > a:hover,
-		#toc-nav > a:focus {
-			color: black;
-			color: var(--tocnav-hover-text);
-			background: #f8f8f8;
-			background: var(--tocnav-hover-bg);
-		}
-		#toc-nav > a:active {
-			color: #c00;
-			color: var(--tocnav-active-text);
-			background: white;
-			background: var(--tocnav-active-bg);
-		}
-
-		#toc-nav > #toc-jump {
-			padding-bottom: 2em;
-			margin-bottom: -1.9em;
-		}
-
-		/* statusbar gets in the way on keyboard focus; remove once browsers fix */
-		#toc-nav > a[href="#toc"]:not(:hover):focus:last-child {
-			padding-bottom: 1.5rem;
-		}
-
-		#toc-nav:not(:hover) > a:not(:focus) > span + span {
-			/* Ideally this uses :focus-within on #toc-nav */
-			display: none;
-		}
-		#toc-nav > a > span + span {
-			padding-right: 0.2em;
-		}
-	}
-
-/** ToC Sidebar ***************************************************************/
-
-	/* Floating sidebar */
-	@media screen {
-		body.toc-sidebar #toc {
-			position: fixed;
-			top: 0; bottom: 0;
-			left: 0;
-			width: 23.5em;
-			max-width: 80%;
-			max-width: calc(100% - 2em - 26px);
-			overflow: auto;
-			padding: 0 1em;
-			padding-left: 42px;
-			padding-left: calc(1em + 26px);
-			color: black;
-			color: var(--tocsidebar-text);
-			background: inherit;
-			background-color: #f7f8f9;
-			background-color: var(--tocsidebar-bg);
-			z-index: 1;
-			box-shadow: -.1em 0 .25em rgba(0,0,0,.1) inset;
-			box-shadow: -.1em 0 .25em var(--tocsidebar-shadow) inset;
-		}
-		body.toc-sidebar #toc h2 {
-			margin-top: .8rem;
-			font-variant: small-caps;
-			font-variant: all-small-caps;
-			text-transform: lowercase;
-			font-weight: bold;
-			color: gray;
-			color: hsla(203,20%,40%,.7);
-			color: var(--tocsidebar-heading-text);
-		}
-		body.toc-sidebar #toc-jump:not(:focus) {
-			width: 0;
-			height: 0;
-			padding: 0;
-			position: absolute;
-			overflow: hidden;
-		}
-	}
-	/* Hide main scroller when only the ToC is visible anyway */
-	@media screen and (max-width: 28em) {
-		body.toc-sidebar {
-			overflow: hidden;
-		}
-	}
-
-	/* Sidebar with its own space */
-	@media screen and (min-width: 78em) {
-		body:not(.toc-inline) #toc {
-			position: fixed;
-			top: 0; bottom: 0;
-			left: 0;
-			width: 23.5em;
-			overflow: auto;
-			padding: 0 1em;
-			padding-left: 42px;
-			padding-left: calc(1em + 26px);
-			color: black;
-			color: var(--tocsidebar-text);
-			background: inherit;
-			background-color: #f7f8f9;
-			background-color: var(--tocsidebar-bg);
-			z-index: 1;
-			box-shadow: -.1em 0 .25em rgba(0,0,0,.1) inset;
-			box-shadow: -.1em 0 .25em var(--tocsidebar-shadow) inset;
-		}
-		body:not(.toc-inline) #toc h2 {
-			margin-top: .8rem;
-			font-variant: small-caps;
-			font-variant: all-small-caps;
-			text-transform: lowercase;
-			font-weight: bold;
-			color: gray;
-			color: hsla(203,20%,40%,.7);
-			color: var(--tocsidebar-heading-text);
-		}
-
-		body:not(.toc-inline) {
-			padding-left: 29em;
-		}
-		/* See also Overflow section at the bottom */
-
-		body:not(.toc-inline) #toc-jump:not(:focus) {
-			width: 0;
-			height: 0;
-			padding: 0;
-			position: absolute;
-			overflow: hidden;
-		}
-	}
-	@media screen and (min-width: 90em) {
-		body:not(.toc-inline) {
-			margin: 0 4em;
-		}
-	}
-
-/******************************************************************************/
-/*                                Sectioning                                  */
-/******************************************************************************/
-
-/** Headings ******************************************************************/
-
-	h1, h2, h3, h4, h5, h6, dt {
-		page-break-after: avoid;
-		page-break-inside: avoid;
-		font: 100% sans-serif;   /* Reset all font styling to clear out UA styles */
-		font-family: inherit;	/* Inherit the font family. */
-		line-height: 1.2;		/* Keep wrapped headings compact */
-		hyphens: manual;		/* Hyphenated headings look weird */
-	}
-
-	h2, h3, h4, h5, h6 {
-		margin-top: 3rem;
-	}
-
-	h1, h2, h3 {
-		color: #005A9C;
-		color: var(--heading-text);
-	}
-
-	h1 { font-size: 170%; }
-	h2 { font-size: 140%; }
-	h3 { font-size: 120%; }
-	h4 { font-weight: bold; }
-	h5 { font-style: italic; }
-	h6 { font-variant: small-caps; }
-	dt { font-weight: bold; }
-
-/** Subheadings ***************************************************************/
-
-	h1 + h2,
-	#profile-and-date {
-		/* #profile-and-date is a subtitle in an H2 under the H1 */
-		margin-top: 0;
-	}
-	h2 + h3,
-	h3 + h4,
-	h4 + h5,
-	h5 + h6 {
-		margin-top: 1.2em; /* = 1 x line-height */
-	}
-
-/** Section divider ***********************************************************/
-
-	:not(.head) > :not(.head) + hr {
-		font-size: 1.5em;
-		text-align: center;
-		margin: 1em auto;
-		height: auto;
-		color: black;
-		color: var(--hr-text);
-		border: transparent solid 0;
-		background: transparent;
-	}
-	:not(.head) > hr::before {
-		content: "\2727\2003\2003\2727\2003\2003\2727";
-	}
-
-/******************************************************************************/
-/*                            Paragraphs and Lists                            */
-/******************************************************************************/
-
-	p {
-		margin: 1em 0;
-	}
-
-	dd > p:first-child,
-	li > p:first-child {
-		margin-top: 0;
-	}
-
-	ul, ol {
-		margin-left: 0;
-		padding-left: 2em;
-	}
-
-	li {
-		margin: 0.25em 0 0.5em;
-		padding: 0;
-	}
-
-	dl dd {
-		margin: 0 0 .5em 2em;
-	}
-
-	.head dd + dd { /* compact for header */
-		margin-top: -.5em;
-	}
-
-	/* Style for algorithms */
-	ol.algorithm ol:not(.algorithm),
-	.algorithm > ol ol:not(.algorithm) {
-	border-left: 0.5em solid #DEF;
-	border-left: 0.5em solid var(--algo-border);
-	}
-
-	/* Put nice boxes around each algorithm. */
-	[data-algorithm]:not(.heading) {
-	 padding: .5em;
-	 border: thin solid #ddd;
-	 border: thin solid var(--algo-border);
-	 border-radius: .5em;
-	 margin: .5em calc(-0.5em - 1px);
-	}
-	[data-algorithm]:not(.heading) > :first-child {
-	 margin-top: 0;
-	}
-	[data-algorithm]:not(.heading) > :last-child {
-	 margin-bottom: 0;
-	}
-
-	/* Style for switch/case <dl>s */
-	dl.switch > dd > ol.only,
-	dl.switch > dd > .only > ol {
-	margin-left: 0;
-	}
-	dl.switch > dd > ol.algorithm,
-	dl.switch > dd > .algorithm > ol {
-	margin-left: -2em;
-	}
-	dl.switch {
-	padding-left: 2em;
-	}
-	dl.switch > dt {
-	text-indent: -1.5em;
-	margin-top: 1em;
-	}
-	dl.switch > dt + dt {
-	margin-top: 0;
-	}
-	dl.switch > dt::before {
-	content: '\21AA';
-	padding: 0 0.5em 0 0;
-	display: inline-block;
-	width: 1em;
-	text-align: right;
-	line-height: 0.5em;
-	}
-
-/** Terminology Markup ********************************************************/
-
-
-/******************************************************************************/
-/*                                 Inline Markup                              */
-/******************************************************************************/
-
-/** Terminology Markup ********************************************************/
-	dfn   { /* Defining instance */
-		font-weight: bolder;
-	}
-	a > i { /* Instance of term */
-		font-style: normal;
-	}
-	dt dfn code, code.idl {
-		font-size: inherit;
-	}
-	dfn var {
-		font-style: normal;
-	}
-
-/** Change Marking ************************************************************/
-
-	del {
-		color: #aa0000;
-		color: var(--del-text);
-		background: transparent;
-		background: var(--del-bg);
-		text-decoration: line-through;
-	}
-	ins {
-		color: #006100;
-		color: var(--ins-text);
-		background: transparent;
-		background: var(--ins-bg);
-		text-decoration: underline;
-	}
-
-	/* for amendments (candidate/proposed changes) */
-
-	.amendment ins, .correction ins, .addition ins,
-	ins[class^=c] {
-		text-decoration-style: dotted;
-	}
-	.amendment del, .correction del, .addition del,
-	del[class^=c] {
-		text-decoration-style: dotted;
-	}
-	.amendment.proposed ins, .correction.proposed ins, .addition.proposed ins,
-	ins[class^=c].proposed {
-		text-decoration-style: double;
-	}
-	.amendment.proposed del, .correction.proposed del, .addition.proposed del,
-	del[class^=c].proposed {
-		text-decoration-style: double;
-	}
-
-/** Miscellaneous improvements to inline formatting ***************************/
-
-	sup {
-		vertical-align: super;
-		font-size: 80%
-	}
-
-/******************************************************************************/
-/*                                    Code                                    */
-/******************************************************************************/
-
-/** General monospace/pre rules ***********************************************/
-
-	pre, code, samp {
-		font-family: Menlo, Consolas, "DejaVu Sans Mono", Monaco, monospace;
-		font-size: .9em;
-		hyphens: none;
-		text-transform: none;
-		text-align: left;
-		text-align: start;
-		font-variant: normal;
-		orphans: 3;
-		widows: 3;
-		page-break-before: avoid;
-	}
-	pre code,
-	code code {
-		font-size: 100%;
-	}
-
-	pre {
-		margin-top: 1em;
-		margin-bottom: 1em;
-		overflow: auto;
-	}
-
-/** Inline Code fragments *****************************************************/
-
-	/* Do something nice. */
-
-/******************************************************************************/
-/*                                    Links                                   */
-/******************************************************************************/
-
-/** General Hyperlinks ********************************************************/
-
-	/* We hyperlink a lot, so make it less intrusive */
-	a[href] {
-		color: #034575;
-		color: var(--a-normal-text);
-		text-decoration: underline #707070;
-		text-decoration: underline var(--a-normal-underline);
-		text-decoration-skip-ink: none;
-	}
-	a:visited {
-		color: #034575;
-		color: var(--a-visited-text);
-		text-decoration-color: #bbb;
-		text-decoration-color: var(--a-visited-underline);
-	}
-
-	/* Indicate interaction with the link */
-	a[href]:focus,
-	a[href]:hover {
-		text-decoration-thickness: 2px;
-	}
-	a[href]:active {
-		color: #c00;
-		color: var(--a-active-text);
-		text-decoration-color: #c00;
-		text-decoration-color: var(--a-active-underline);
-	}
-
-	/* Backout above styling for W3C logo */
-	.head .logo,
-	.head .logo a {
-		border: none;
-		text-decoration: none;
-		background: transparent;
-	}
-
-/******************************************************************************/
-/*                                    Images                                  */
-/******************************************************************************/
-
-	img {
-		border-style: none;
-	}
-
-	img, svg {
-		/* Intentionally not color-scheme aware. */
-		background: white;
-	}
-
-	/* For autogen numbers, add
-	  .caption::before, figcaption::before { content: "Figure " counter(figure) ". "; }
-	*/
-
-	figure, .figure, .sidefigure {
-		page-break-inside: avoid;
-		text-align: center;
-		margin: 2.5em 0;
-	}
-	.figure img,	.sidefigure img,	figure img,
-	.figure object, .sidefigure object, figure object {
-		max-width: 100%;
-		margin: auto;
-		height: auto;
-	}
-	.figure pre, .sidefigure pre, figure pre {
-		text-align: left;
-		display: table;
-		margin: 1em auto;
-	}
-	.figure table, figure table {
-		margin: auto;
-	}
-	@media screen and (min-width: 20em) {
-		.sidefigure {
-			float: right;
-			width: 50%;
-			margin: 0 0 0.5em 0.5em;
-		}
-	}
-	.caption, figcaption, caption {
-		font-style: italic;
-		font-size: 90%;
-	}
-	.caption::before, figcaption::before, figcaption > .marker {
-		font-weight: bold;
-	}
-	.caption, figcaption {
-		counter-increment: figure;
-	}
-
-	/* DL list is indented 2em, but figure inside it is not */
-	dd > .figure, dd > figure { margin-left: -2em; }
-
-/******************************************************************************/
-/*                             Colored Boxes                                  */
-/******************************************************************************/
-
-	.issue, .note, .example, .assertion, .advisement, blockquote,
-	.amendment, .correction, .addition {
-		margin: 1em auto;
-		padding: .5em;
-		border: .5em;
-		border-left-style: solid;
-		page-break-inside: avoid;
-	}
-	span.issue, span.note {
-		padding: .1em .5em .15em;
-		border-right-style: solid;
-	}
-
-	blockquote > :first-child,
-	.note  > p:first-child,
-	.issue > p:first-child,
-	.amendment > p:first-child,
-	.correction > p:first-child,
-	.addition > p:first-child {
-		margin-top: 0;
-	}
-	blockquote > :last-child,
-	.note  > p:last-child,
-	.issue > p:last-child,
-	.amendment > p:last-child,
-	.correction > p:last-child,
-	.addition > p:last-child {
-		margin-bottom: 0;
-	}
-
-
-	.issue::before, .issue > .marker,
-	.example::before, .example > .marker,
-	.note::before, .note > .marker,
-	details.note > summary > .marker,
-	.amendment::before, .amendment > .marker,
-	details.amendment > summary > .marker,
-	.addition::before, .addition > .marker,
-	addition.amendment > summary > .marker,
-	.correction::before, .correction > .marker,
-	correction.amendment > summary > .marker
-	{
-		text-transform: uppercase;
-		padding-right: 1em;
-	}
-
-	.example::before, .example > .marker {
-		display: block;
-		padding-right: 0em;
-	}
-
-/** Blockquotes ***************************************************************/
-
-	blockquote {
-		border-color: silver;
-		border-color: var(--blockquote-border);
-		background: transparent;
-		background: var(--blockquote-bg);
-		color: currentcolor;
-		color: var(--blockquote-text);
-	}
-
-/** Open issue ****************************************************************/
-
-	.issue {
-		border-color: #e05252;
-		border-color: var(--issue-border);
-		background: #fbe9e9;
-		background: var(--issue-bg);
-		color: black;
-		color: var(--issue-text);
-		counter-increment: issue;
-		overflow: auto;
-	}
-	.issue::before, .issue > .marker {
-		color: #831616;
-		color: var(--issueheading-text);
-	}
-	/* Add .issue::before { content: "Issue " counter(issue) " "; } for autogen numbers,
-	  or use class="marker" to mark up the issue number in source. */
-
-/** Example *******************************************************************/
-
-	.example {
-		border-color: #e0cb52;
-		border-color: var(--example-border);
-		background: #fcfaee;
-		background: var(--example-bg);
-		color: black;
-		color: var(--example-text);
-		counter-increment: example;
-		overflow: auto;
-		clear: both;
-	}
-	.example::before, .example > .marker {
-		color: #574b0f;
-		color: var(--exampleheading-text);
-	}
-	/* Add .example::before { content: "Example " counter(example) " "; } for autogen numbers,
-	  or use class="marker" to mark up the example number in source. */
-
-/** Non-normative Note ********************************************************/
-
-	.note {
-		border-color: #52e052;
-		border-color: var(--note-border);
-		background: #e9fbe9;
-		background: var(--note-bg);
-		color: black;
-		color: var(--note-text);
-		overflow: auto;
-	}
-
-	.note::before, .note > .marker,
-	details.note > summary {
-		color: hsl(120, 70%, 30%);
-		color: var(--noteheading-text);
-	}
-	/* Add .note::before { content: "Note "; } for autogen label,
-	  or use class="marker" to mark up the label in source. */
-
-	details.note[open] > summary {
-		border-bottom: 1px silver solid;
-		border-bottom: 1px var(--notesummary-underline) solid;
-	}
-
-/** Assertion Box *************************************************************/
-	/*  for assertions in algorithms */
-
-	.assertion {
-		border-color: #AAA;
-		border-color: var(--assertion-border);
-		background: #EEE;
-		background: var(--assertion-bg);
-		color: black;
-		color: var(--assertion-text);
-	}
-
-/** Advisement Box ************************************************************/
-	/*  for attention-grabbing normative statements */
-
-	.advisement {
-		border-color: orange;
-		border-color: var(--advisement-border);
-		border-style: none solid;
-		background: #fec;
-		background: var(--advisement-bg);
-		color: black;
-		color: var(--advisement-text);
-	}
-	strong.advisement {
-		display: block;
-		text-align: center;
-	}
-	.advisement::before, .advisement > .marker {
-		color: #b35f00;
-		color: var(--advisementheading-text);
-	}
-
-/** Amendment Box *************************************************************/
-
-	.amendment, .correction, .addition {
-		border-color: #330099;
-		border-color: var(--amendment-border);
-		background: #F5F0FF;
-		background: var(--amendment-bg);
-		color: black;
-		color: var(--amendment-text);
-	}
-	.amendment.proposed, .correction.proposed, .addition.proposed {
-		border-style: solid;
-		border-block-width: 0.25em;
-	}
-	.amendment::before, .amendment > .marker,
-	details.amendment > summary::before, details.amendment > summary > .marker,
-	.correction::before, .correction > .marker,
-	details.correction > summary::before, details.correction > summary > .marker,
-	.addition::before, .addition > .marker,
-	details.addition > summary::before, details.addition > summary > .marker {
-		color: #220066;
-		color: var(--amendmentheading-text);
-	}
-	.amendment.proposed::before, .amendment.proposed > .marker,
-	details.amendment.proposed > summary::before, details.amendment.proposed > summary > .marker,
-	.correction.proposed::before, .correction.proposed > .marker,
-	details.correction.proposed > summary::before, details.correction.proposed > summary > .marker,
-	.addition.proposed::before, .addition.proposed > .marker,
-	details.addition.proposed > summary::before, details.addition.proposed > summary > .marker {
-		font-weight: bold;
-	}
-
-/** Spec Obsoletion Notice ****************************************************/
-	/* obnoxious obsoletion notice for older/abandoned specs. */
-
-	details {
-		display: block;
-	}
-	summary {
-		font-weight: bolder;
-	}
-
-	.annoying-warning:not(details),
-	details.annoying-warning:not([open]) > summary,
-	details.annoying-warning[open] {
-		background: hsla(40,100%,50%,0.95);
-		background: var(--warning-bg);
-		color: black;
-		color: var(--warning-text);
-		padding: .75em 1em;
-		border: red;
-		border: var(--warning-border);
-		border-style: solid none;
-		box-shadow: 0 2px 8px black;
-		text-align: center;
-	}
-	.annoying-warning :last-child {
-		margin-bottom: 0;
-	}
-
-@media not print {
-	details.annoying-warning[open] {
-		position: fixed;
-		left: 0;
-		right: 0;
-		bottom: 2em;
-		z-index: 1000;
-	}
-}
-
-	details.annoying-warning:not([open]) > summary {
-		text-align: center;
-	}
-
-/** Entity Definition Boxes ***************************************************/
-
-	.def {
-		padding: .5em 1em;
-		background: #def;
-		background: var(--def-bg);
-		margin: 1.2em 0;
-		border-left: 0.5em solid #8ccbf2;
-		border-left: 0.5em solid var(--def-border);
-		color: black;
-		color: var(--def-text);
-	}
-
-/******************************************************************************/
-/*                                    Tables                                  */
-/******************************************************************************/
-
-	th, td {
-		text-align: left;
-		text-align: start;
-	}
-
-/** Property/Descriptor Definition Tables *************************************/
-
-	table.def {
-		/* inherits .def box styling, see above */
-		width: 100%;
-		border-spacing: 0;
-	}
-
-	table.def td,
-	table.def th {
-		padding: 0.5em;
-		vertical-align: baseline;
-		border-bottom: 1px solid #bbd7e9;
-		border-bottom: 1px solid var(--defrow-border);
-	}
-
-	table.def > tbody > tr:last-child th,
-	table.def > tbody > tr:last-child td {
-		border-bottom: 0;
-	}
-
-	table.def th {
-		font-style: italic;
-		font-weight: normal;
-		padding-left: 1em;
-		width: 3em;
-	}
-
-	/* For when values are extra-complex and need formatting for readability */
-	table td.pre {
-		white-space: pre-wrap;
-	}
-
-	/* A footnote at the bottom of a def table */
-	table.def td.footnote {
-		padding-top: 0.6em;
-	}
-	table.def td.footnote::before {
-		content: " ";
-		display: block;
-		height: 0.6em;
-		width: 4em;
-		border-top: thin solid;
-	}
-
-/** Data tables (and properly marked-up index tables) *************************/
-	/*
-		<table class="data"> highlights structural relationships in a table
-		when correct markup is used (e.g. thead/tbody, th vs. td, scope attribute)
-
-		Use class="complex data" for particularly complicated tables --
-		(This will draw more lines: busier, but clearer.)
-
-		Use class="long" on table cells with paragraph-like contents
-		(This will adjust text alignment accordingly.)
-		Alternately use class="longlastcol" on tables, to have the last column assume "long".
-	*/
-
-	table {
-		word-wrap: normal;
-		overflow-wrap: normal;
-		hyphens: manual;
-	}
-
-	table.data,
-	table.index {
-		margin: 1em auto;
-		border-collapse: collapse;
-		border: hidden;
-		width: 100%;
-	}
-	table.data caption,
-	table.index caption {
-		max-width: 50em;
-		margin: 0 auto 1em;
-	}
-
-	table.data td,  table.data th,
-	table.index td, table.index th {
-		padding: 0.5em 1em;
-		border-width: 1px;
-		border-color: silver;
-		border-color: var(--datacell-border);
-		border-top-style: solid;
-	}
-
-	table.data thead td:empty {
-		padding: 0;
-		border: 0;
-	}
-
-	table.data  thead,
-	table.index thead,
-	table.data  tbody,
-	table.index tbody {
-		border-bottom: 2px solid;
-	}
-
-	table.data colgroup,
-	table.index colgroup {
-		border-left: 2px solid;
-	}
-
-	table.data  tbody th:first-child,
-	table.index tbody th:first-child  {
-		border-right: 2px solid;
-		border-top: 1px solid silver;
-		border-top: 1px solid var(--datacell-border);
-		padding-right: 1em;
-	}
-
-	table.data th[colspan],
-	table.data td[colspan] {
-		text-align: center;
-	}
-
-	table.complex.data th,
-	table.complex.data td {
-		border: 1px solid silver;
-		border: 1px solid var(--datacell-border);
-		text-align: center;
-	}
-
-	table.data.longlastcol td:last-child,
-	table.data td.long {
-		vertical-align: baseline;
-		text-align: left;
-	}
-
-	table.data img {
-		vertical-align: middle;
-	}
-
-
-/*
-Alternate table alignment rules
-
-	table.data,
-	table.index {
-		text-align: center;
-	}
-
-	table.data  thead th[scope="row"],
-	table.index thead th[scope="row"] {
-		text-align: right;
-	}
-
-	table.data  tbody th:first-child,
-	table.index tbody th:first-child  {
-		text-align: right;
-	}
-
-Possible extra rowspan handling
-
-	table.data  tbody th[rowspan]:not([rowspan='1']),
-	table.index tbody th[rowspan]:not([rowspan='1']),
-	table.data  tbody td[rowspan]:not([rowspan='1']),
-	table.index tbody td[rowspan]:not([rowspan='1']) {
-		border-left: 1px solid silver;
-	}
-
-	table.data  tbody th[rowspan]:first-child,
-	table.index tbody th[rowspan]:first-child,
-	table.data  tbody td[rowspan]:first-child,
-	table.index tbody td[rowspan]:first-child{
-		border-left: 0;
-		border-right: 1px solid silver;
-	}
-*/
-
-/******************************************************************************/
-/*                                  Indices                                   */
-/******************************************************************************/
-
-
-/** Table of Contents *********************************************************/
-
-	.toc a {
-		/* More spacing; use padding to make it part of the click target. */
-		padding: 0.1rem 1px 0;
-		/* Larger, more consistently-sized click target */
-		display: block;
-		/* Switch to using border-bottom for underlines */
-		text-decoration: none;
-		border-bottom: 1px solid;
-		/* Reverse color scheme */
-		color: black;
-		color: var(--toclink-text);
-		border-color: #3980b5;
-		border-color: var(--toclink-underline);
-	}
-	.toc a:visited {
-		color: black;
-		color: var(--toclink-visited-text);
-		border-color: #054572;
-		border-color: var(--toclink-visited-underline);
-	}
-	.toc a:focus,
-	.toc a:hover {
-		background: rgba(75%, 75%, 75%, .25);
-		background: var(--a-hover-bg);
-		border-bottom-width: 3px;
-		margin-bottom: -2px;
-	}
-	.toc a:not(:focus):not(:hover) {
-		/* Allow colors to cascade through from link styling */
-		border-bottom-color: transparent;
-	}
-
-	.toc, .toc ol, .toc ul, .toc li {
-		list-style: none; /* Numbers must be inlined into source */
-		/* because generated content isn't search/selectable and markers can't do multilevel yet */
-		margin:  0;
-		padding: 0;
-	}
-	.toc {
-		line-height: 1.1em;
-	}
-
-	/* ToC not indented until third level, but font style & margins show hierarchy */
-	.toc > li			{ font-weight: bold;   }
-	.toc > li li		 { font-weight: normal; }
-	.toc > li li li	  { font-size:   95%;	}
-	.toc > li li li li	{ font-size:   90%;	}
-	.toc > li li li li li { font-size:   85%;	}
-
-	/* @supports not (display:grid) { */
-		.toc > li			{ margin: 1.5rem 0;	}
-		.toc > li li		 { margin: 0.3rem 0;	}
-		.toc > li li li	  { margin-left: 2rem;   }
-
-		/* Section numbers in a column of their own */
-		.toc .secno {
-			float: left;
-			width: 4rem;
-			white-space: nowrap;
-		}
-		.toc > li li li li .secno { font-size: 85%; }
-		.toc > li li li li li .secno { font-size: 100%; }
-
-		.toc li {
-			clear: both;
-		}
-
-		:not(li) > .toc			 { margin-left:  5rem; }
-		.toc .secno				 { margin-left: -5rem; }
-		.toc > li li li .secno	  { margin-left: -7rem; }
-		.toc > li li li li .secno	{ margin-left: -9rem; }
-		.toc > li li li li li .secno { margin-left: -11rem; }
-
-		/* Tighten up indentation in narrow ToCs */
-		@media (max-width: 30em) {
-			:not(li) > .toc			 { margin-left:  4rem; }
-			.toc .secno				 { margin-left: -4rem; }
-			.toc > li li li			 { margin-left:  1rem; }
-			.toc > li li li .secno	  { margin-left: -5rem; }
-			.toc > li li li li .secno	{ margin-left: -6rem; }
-			.toc > li li li li li .secno { margin-left: -7rem; }
-		}
-		/* Loosen it on wide screens */
-		@media screen and (min-width: 78em) {
-			body:not(.toc-inline) :not(li) > .toc			 { margin-left:  4rem; }
-			body:not(.toc-inline) .toc .secno				 { margin-left: -4rem; }
-			body:not(.toc-inline) .toc > li li li			 { margin-left:  1rem; }
-			body:not(.toc-inline) .toc > li li li .secno	  { margin-left: -5rem; }
-			body:not(.toc-inline) .toc > li li li li .secno	{ margin-left: -6rem; }
-			body:not(.toc-inline) .toc > li li li li li .secno { margin-left: -7rem; }
-	}
-	/* } */
-
-	@supports (display:grid) and (display:contents) {
-		/* Use #toc over .toc to override non-@supports rules. */
-		#toc {
-			display: grid;
-			align-content: start;
-			grid-template-columns: auto 1fr;
-			grid-column-gap: 1rem;
-			column-gap: 1rem;
-			grid-row-gap: .6rem;
-			row-gap: .6rem;
-		}
-		#toc h2 {
-			grid-column: 1 / -1;
-			margin-bottom: 0;
-		}
-		#toc ol,
-		#toc li,
-		#toc a {
-			display: contents;
-			/* Switch <a> to subgrid when supported */
-		}
-		#toc span {
-			margin: 0;
-		}
-		#toc > .toc > li > a > span {
-			/* The spans of the top-level list,
-			  comprising the first items of each top-level section. */
-			margin-top: 1.1rem;
-		}
-		#toc#toc .secno { /* Ugh, need more specificity to override base.css */
-			grid-column: 1;
-			width: auto;
-			margin-left: 0;
-		}
-		#toc .content {
-			grid-column: 2;
-			width: auto;
-			margin-right: 1rem;
-			border-bottom: 3px solid transparent;
-			margin-bottom: -3px;
-		}
-		#toc .content:hover,
-		#toc .content:focus {
-			background: rgba(75%, 75%, 75%, .25);
-			background: var(--a-hover-bg);
-			border-bottom-color: #054572;
-			border-bottom-color: var(--toclink-underline);
-		}
-		#toc li li li .content {
-			margin-left: 1rem;
-		}
-		#toc li li li li .content {
-			margin-left: 2rem;
-		}
-	}
-
-
-/** Index *********************************************************************/
-
-	/* Index Lists: Layout */
-	ul.index	  { margin-left: 0; columns: 15em; text-indent: 1em hanging; }
-	ul.index li	{ margin-left: 0; list-style: none; break-inside: avoid; }
-	ul.index li li { margin-left: 1em; }
-	ul.index dl	{ margin-top: 0; }
-	ul.index dt	{ margin: .2em 0 .2em 20px;}
-	ul.index dd	{ margin: .2em 0 .2em 40px;}
-	/* Index Lists: Typography */
-	ul.index ul,
-	ul.index dl { font-size: smaller; }
-	@media not print {
-		ul.index li a + span {
-			white-space: nowrap;
-			color: transparent; }
-		ul.index li a:hover + span,
-		ul.index li a:focus + span {
-			color: #707070;
-			color: var(--indexinfo-text);
-		}
-	}
-
-/** Index Tables *****************************************************/
-	/* See also the data table styling section, which this effectively subclasses */
-
-	table.index {
-		font-size: small;
-		border-collapse: collapse;
-		border-spacing: 0;
-		text-align: left;
-		margin: 1em 0;
-	}
-
-	table.index td,
-	table.index th {
-		padding: 0.4em;
-	}
-
-	table.index tr:hover td:not([rowspan]),
-	table.index tr:hover th:not([rowspan]) {
-		color: black;
-		color: var(--indextable-hover-text);
-		background: #f7f8f9;
-		background: var(--indextable-hover-bg);
-	}
-
-	/* The link in the first column in the property table (formerly a TD) */
-	table.index th:first-child a {
-		font-weight: bold;
-	}
-
-/** Outdated warning **********************************************************/
-
-.outdated-spec {
-	color: black;
-	color: var(--outdatedspec-text);
-	background-color: rgba(0,0,0,0.5);
-	background-color: var(--outdatedspec-bg);
-}
-
-.outdated-warning {
-	position: fixed;
-	bottom: 50%;
-	left: 0;
-	right: 0;
-	margin: 0 auto;
-	width: 50%;
-	background: maroon;
-	background: var(--outdated-bg);
-	color: white;
-	color: var(--outdated-text);
-	border-radius: 1em;
-	box-shadow: 0 0 1em red;
-	box-shadow: 0 0 1em var(--outdated-shadow);
-	padding: 2em;
-	text-align: center;
-	z-index: 2;
-}
-
-.outdated-warning a {
-	color: currentcolor;
-	background: transparent;
-}
-
-.edited-rec-warning {
-	background: darkorange;
-	background: var(--editedrec-bg);
-	box-shadow: 0 0 1em;
-}
-
-.outdated-warning button {
-	color: var(--outdated-text);
-	border-radius: 1em;
-	box-shadow: 0 0 1em red;
-	box-shadow: 0 0 1em var(--outdated-shadow);
-	padding: 2em;
-	text-align: center;
-	z-index: 2;
-}
-
-.outdated-warning a {
-	color: currentcolor;
-	background: transparent;
-}
-
-.edited-rec-warning {
-	background: darkorange;
-	background: var(--editedrec-bg);
-	box-shadow: 0 0 1em;
-}
-
-.outdated-warning button {
-	position: absolute;
-	top: 0;
-	right:0;
-	margin: 0;
-	border: 0;
-	padding: 0.25em 0.5em;
-	background: transparent;
-	color: white;
-	color: var(--outdated-text);
-	font:1em sans-serif;
-	text-align:center;
-}
-
-.outdated-warning span {
-	display: block;
-}
-
-.outdated-collapsed {
-	bottom: 0;
-	border-radius: 0;
-	width: 100%;
-	padding: 0;
-}
-
-/******************************************************************************/
-/*                                    Print                                   */
-/******************************************************************************/
-
-	@media print {
-		/* Pages have their own margins. */
-		html {
-			margin: 0;
-		}
-		/* Serif for print. */
-		body {
-			font-family: serif;
-		}
-
-		.outdated-warning {
-			position: absolute;
-			border-style: solid;
-			border-color: red;
-		}
-
-		.outdated-warning input {
-			display: none;
-		}
-	}
-	@page {
-		margin: 1.5cm 1.1cm;
-	}
-
-
-
-/******************************************************************************/
-/*                             Overflow Control                               */
-/******************************************************************************/
-
-	.figure .caption, .sidefigure .caption, figcaption {
-		/* in case figure is overlarge, limit caption to 50em */
-		max-width: 50rem;
-		margin-left: auto;
-		margin-right: auto;
-	}
-	.overlarge {
-		/* Magic to create good item positioning:
-		  "content column" is 50ems wide at max; less on smaller screens.
-		  Extra space (after ToC + content) is empty on the right.
-
-		  1. When item < content column, centers item in column.
-		  2. When content < item < available, left-aligns.
-		  3. When item > available, fills available + scroll bar.
-		*/
-		display: grid;
-		grid-template-columns: minmax(0, 50em);
-	}
-	.overlarge > table {
-		/* limit preferred width of table */
-		max-width: 50em;
-		margin-left: auto;
-		margin-right: auto;
-	}
-
-	@media (min-width: 55em) {
-		.overlarge {
-			margin-right: calc(13px + 26.5rem - 50vw);
-			max-width: none;
-		}
-	}
-	@media screen and (min-width: 78em) {
-		body:not(.toc-inline) .overlarge {
-			/* 30.5em body padding 50em content area */
-			margin-right: calc(40em - 50vw) !important;
-		}
-	}
-	@media screen and (min-width: 90em) {
-		body:not(.toc-inline) .overlarge {
-			/* 4em html margin 30.5em body padding 50em content area */
-			margin-right: calc(84.5em - 100vw) !important;
-		}
-	}
-
-	@media not print {
-		.overlarge {
-			overflow-x: auto;
-			/* See Lea Verou's explanation background-attachment:
-			* http://lea.verou.me/2012/04/background-attachment-local/
-			*
-			background: top left  / 4em 100% linear-gradient(to right,  #ffffff, rgba(255, 255, 255, 0)) local,
-						top right / 4em 100% linear-gradient(to left, #ffffff, rgba(255, 255, 255, 0)) local,
-						top left  / 1em 100% linear-gradient(to right,  #c3c3c5, rgba(195, 195, 197, 0)) scroll,
-						top right / 1em 100% linear-gradient(to left, #c3c3c5, rgba(195, 195, 197, 0)) scroll,
-						white;
-			background-repeat: no-repeat;
-			*/
-		}
-	}
-</style>
-<style>
-
-  </style>
-  <meta content="Bikeshed version 5d4d5b9a8, updated Fri Apr 17 13:49:40 2026 -0700" name="generator">
-  <link href="https://www.sr2.uk/policy/password-auth/" rel="canonical">
-  <meta content="1ad26e6266d3cfc379f0a1c23beecbb29d167442" name="revision">
-  <meta content="dark light" name="color-scheme">
-<style>/* Boilerplate: style-autolinks */
-.css.css, .property.property, .descriptor.descriptor {
-    color: var(--a-normal-text);
-    font-size: inherit;
-    font-family: inherit;
-}
-.css::before, .property::before, .descriptor::before {
-    content: "‘";
-}
-.css::after, .property::after, .descriptor::after {
-    content: "’";
-}
-.property, .descriptor {
-    /* Don't wrap property and descriptor names */
-    white-space: nowrap;
-}
-.type { /* CSS value <type> */
-    font-style: italic;
-}
-pre .property::before, pre .property::after {
-    content: "";
-}
-[data-link-type="property"]::before,
-[data-link-type="propdesc"]::before,
-[data-link-type="descriptor"]::before,
-[data-link-type="value"]::before,
-[data-link-type="function"]::before,
-[data-link-type="at-rule"]::before,
-[data-link-type="selector"]::before,
-[data-link-type="maybe"]::before {
-    content: "‘";
-}
-[data-link-type="property"]::after,
-[data-link-type="propdesc"]::after,
-[data-link-type="descriptor"]::after,
-[data-link-type="value"]::after,
-[data-link-type="function"]::after,
-[data-link-type="at-rule"]::after,
-[data-link-type="selector"]::after,
-[data-link-type="maybe"]::after {
-    content: "’";
-}
-
-[data-link-type].production::before,
-[data-link-type].production::after,
-.prod [data-link-type]::before,
-.prod [data-link-type]::after {
-    content: "";
-}
-
-[data-link-type=element],
-[data-link-type=element-attr] {
-    font-family: Menlo, Consolas, "DejaVu Sans Mono", monospace;
-    font-size: .9em;
-}
-[data-link-type=element]::before { content: "<" }
-[data-link-type=element]::after  { content: ">" }
-
-[data-link-type=biblio] {
-    white-space: pre;
-}
-
-@media (prefers-color-scheme: dark) {
-    :root {
-        --selflink-text: black;
-        --selflink-bg: silver;
-        --selflink-hover-text: white;
-    }
-}
-</style>
-<style>/* Boilerplate: style-colors */
-/* Any --*-text not paired with a --*-bg is assumed to have a transparent bg */
-:root {
-    color-scheme: light dark;
-
-    --text: black;
-    --bg: white;
-
-    --unofficial-watermark: url(https://www.w3.org/StyleSheets/TR/2016/logos/UD-watermark);
-
-    --logo-bg: #1a5e9a;
-    --logo-active-bg: #c00;
-    --logo-text: white;
-
-    --tocnav-normal-text: #707070;
-    --tocnav-normal-bg: var(--bg);
-    --tocnav-hover-text: var(--tocnav-normal-text);
-    --tocnav-hover-bg: #f8f8f8;
-    --tocnav-active-text: #c00;
-    --tocnav-active-bg: var(--tocnav-normal-bg);
-
-    --tocsidebar-text: var(--text);
-    --tocsidebar-bg: #f7f8f9;
-    --tocsidebar-shadow: rgba(0,0,0,.1);
-    --tocsidebar-heading-text: hsla(203,20%,40%,.7);
-
-    --toclink-text: var(--text);
-    --toclink-underline: #3980b5;
-    --toclink-visited-text: var(--toclink-text);
-    --toclink-visited-underline: #054572;
-
-    --heading-text: #005a9c;
-
-    --hr-text: var(--text);
-
-    --algo-border: #def;
-
-    --del-text: red;
-    --del-bg: transparent;
-    --ins-text: #080;
-    --ins-bg: transparent;
-
-    --a-normal-text: #034575;
-    --a-normal-underline: #bbb;
-    --a-visited-text: var(--a-normal-text);
-    --a-visited-underline: #707070;
-    --a-hover-bg: rgba(75%, 75%, 75%, .25);
-    --a-active-text: #c00;
-    --a-active-underline: #c00;
-
-    --blockquote-border: silver;
-    --blockquote-bg: transparent;
-    --blockquote-text: currentcolor;
-
-    --issue-border: #e05252;
-    --issue-bg: #fbe9e9;
-    --issue-text: var(--text);
-    --issueheading-text: #831616;
-
-    --example-border: #e0cb52;
-    --example-bg: #fcfaee;
-    --example-text: var(--text);
-    --exampleheading-text: #574b0f;
-
-    --note-border: #52e052;
-    --note-bg: #e9fbe9;
-    --note-text: var(--text);
-    --noteheading-text: hsl(120, 70%, 30%);
-    --notesummary-underline: silver;
-
-    --assertion-border: #aaa;
-    --assertion-bg: #eee;
-    --assertion-text: black;
-
-    --advisement-border: orange;
-    --advisement-bg: #fec;
-    --advisement-text: var(--text);
-    --advisementheading-text: #b35f00;
-
-    --warning-border: red;
-    --warning-bg: hsla(40,100%,50%,0.95);
-    --warning-text: var(--text);
-
-    --amendment-border: #330099;
-    --amendment-bg: #F5F0FF;
-    --amendment-text: var(--text);
-    --amendmentheading-text: #220066;
-
-    --def-border: #8ccbf2;
-    --def-bg: #def;
-    --def-text: var(--text);
-    --defrow-border: #bbd7e9;
-
-    --datacell-border: silver;
-
-    --indexinfo-text: #707070;
-
-    --indextable-hover-text: black;
-    --indextable-hover-bg: #f7f8f9;
-
-    --outdatedspec-bg: rgba(0, 0, 0, .5);
-    --outdatedspec-text: black;
-    --outdated-bg: maroon;
-    --outdated-text: white;
-    --outdated-shadow: red;
-
-    --editedrec-bg: darkorange;
-}
-
-@media (prefers-color-scheme: dark) {
-    :root {
-        --text: #ddd;
-        --bg: black;
-
-        --unofficial-watermark: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='400' height='400'%3E%3Cg fill='%23100808' transform='translate(200 200) rotate(-45) translate(-200 -200)' stroke='%23100808' stroke-width='3'%3E%3Ctext x='50%25' y='220' style='font: bold 70px sans-serif; text-anchor: middle; letter-spacing: 6px;'%3EUNOFFICIAL%3C/text%3E%3Ctext x='50%25' y='305' style='font: bold 70px sans-serif; text-anchor: middle; letter-spacing: 6px;'%3EDRAFT%3C/text%3E%3C/g%3E%3C/svg%3E");
-
-        --logo-bg: #1a5e9a;
-        --logo-active-bg: #c00;
-        --logo-text: white;
-
-        --tocnav-normal-text: #999;
-        --tocnav-normal-bg: var(--bg);
-        --tocnav-hover-text: var(--tocnav-normal-text);
-        --tocnav-hover-bg: #080808;
-        --tocnav-active-text: #f44;
-        --tocnav-active-bg: var(--tocnav-normal-bg);
-
-        --tocsidebar-text: var(--text);
-        --tocsidebar-bg: #080808;
-        --tocsidebar-shadow: rgba(255,255,255,.1);
-        --tocsidebar-heading-text: hsla(203,20%,40%,.7);
-
-        --toclink-text: var(--text);
-        --toclink-underline: #6af;
-        --toclink-visited-text: var(--toclink-text);
-        --toclink-visited-underline: #054572;
-
-        --heading-text: #8af;
-
-        --hr-text: var(--text);
-
-        --algo-border: #456;
-
-        --del-text: #f44;
-        --del-bg: transparent;
-        --ins-text: #4a4;
-        --ins-bg: transparent;
-
-        --a-normal-text: #6af;
-        --a-normal-underline: #555;
-        --a-visited-text: var(--a-normal-text);
-        --a-visited-underline: var(--a-normal-underline);
-        --a-hover-bg: rgba(25%, 25%, 25%, .2);
-        --a-active-text: #f44;
-        --a-active-underline: var(--a-active-text);
-
-        --borderedblock-bg: rgba(255, 255, 255, .05);
-
-        --blockquote-border: silver;
-        --blockquote-bg: var(--borderedblock-bg);
-        --blockquote-text: currentcolor;
-
-        --issue-border: #e05252;
-        --issue-bg: var(--borderedblock-bg);
-        --issue-text: var(--text);
-        --issueheading-text: hsl(0deg, 70%, 70%);
-
-        --example-border: hsl(50deg, 90%, 60%);
-        --example-bg: var(--borderedblock-bg);
-        --example-text: var(--text);
-        --exampleheading-text: hsl(50deg, 70%, 70%);
-
-        --note-border: hsl(120deg, 100%, 35%);
-        --note-bg: var(--borderedblock-bg);
-        --note-text: var(--text);
-        --noteheading-text: hsl(120, 70%, 70%);
-        --notesummary-underline: silver;
-
-        --assertion-border: #444;
-        --assertion-bg: var(--borderedblock-bg);
-        --assertion-text: var(--text);
-
-        --advisement-border: orange;
-        --advisement-bg: #222218;
-        --advisement-text: var(--text);
-        --advisementheading-text: #f84;
-
-        --warning-border: red;
-        --warning-bg: hsla(40,100%,20%,0.95);
-        --warning-text: var(--text);
-
-        --amendment-border: #330099;
-        --amendment-bg: #080010;
-        --amendment-text: var(--text);
-        --amendmentheading-text: #cc00ff;
-
-        --def-border: #8ccbf2;
-        --def-bg: #080818;
-        --def-text: var(--text);
-        --defrow-border: #136;
-
-        --datacell-border: silver;
-
-        --indexinfo-text: #aaa;
-
-        --indextable-hover-text: var(--text);
-        --indextable-hover-bg: #181818;
-
-        --outdatedspec-bg: rgba(255, 255, 255, .5);
-        --outdatedspec-text: black;
-        --outdated-bg: maroon;
-        --outdated-text: white;
-        --outdated-shadow: red;
-
-        --editedrec-bg: darkorange;
-    }
-    /* In case a transparent-bg image doesn't expect to be on a dark bg,
-       which is quite common in practice... */
-    img { background: white; }
-}
-</style>
-<style>/* Boilerplate: style-counters */
-body {
-    counter-reset: example figure issue table;
-}
-.issue {
-    counter-increment: issue;
-}
-.issue:not(.no-marker)::before {
-    content: "Issue " counter(issue);
-}
-
-.example {
-    counter-increment: example;
-}
-.example:not(.no-marker)::before {
-    content: "Example " counter(example);
-}
-.invalid.example:not(.no-marker)::before,
-.illegal.example:not(.no-marker)::before {
-    content: "Invalid Example " counter(example);
-}
-
-figcaption {
-    counter-increment: figure;
-}
-figcaption:not(.no-marker)::before {
-    content: "Figure " counter(figure) " ";
-}
-
-figure.table figcaption {
-    counter-increment: table;
-}
-figure.table figcaption:not(.no-marker)::before {
-    content: "Table " counter(table) " ";
-}
-</style>
-<style>/* Boilerplate: style-issues */
-a[href].issue-return {
-    float: right;
-    float: inline-end;
-    color: var(--issueheading-text);
-    font-weight: bold;
-    text-decoration: none;
-}
-</style>
-<style>/* Boilerplate: style-md-lists */
-/* This is a weird hack for me not yet following the commonmark spec
-   regarding paragraph and lists. */
-[data-md] > :first-child {
-    margin-top: 0;
-}
-[data-md] > :last-child {
-    margin-bottom: 0;
-}
-</style>
-<style>/* Boilerplate: style-selflinks */
-:root {
-    --selflink-text: white;
-    --selflink-bg: gray;
-    --selflink-hover-text: black;
-}
-.heading, .issue, .note, .example, li, dt {
-    position: relative;
-}
-a.self-link {
-    position: absolute;
-    top: 0;
-    left: calc(-1 * (3.5rem - 26px));
-    width: calc(3.5rem - 26px);
-    height: 2em;
-    text-align: center;
-    border: none;
-    transition: opacity .2s;
-    opacity: .5;
-}
-a.self-link:hover {
-    opacity: 1;
-}
-.heading > a.self-link {
-    font-size: 83%;
-}
-.example > a.self-link,
-.note > a.self-link,
-.issue > a.self-link {
-    /* These blocks are overflow:auto, so positioning outside
-       doesn't work. */
-    left: auto;
-    right: 0;
-}
-li > a.self-link {
-    left: calc(-1 * (3.5rem - 26px) - 2em);
-}
-dfn > a.self-link {
-    top: auto;
-    left: auto;
-    opacity: 0;
-    width: 1.5em;
-    height: 1.5em;
-    background: var(--selflink-bg);
-    color: var(--selflink-text);
-    font-style: normal;
-    transition: opacity .2s, background-color .2s, color .2s;
-}
-dfn:hover > a.self-link {
-    opacity: 1;
-}
-dfn > a.self-link:hover {
-    color: var(--selflink-hover-text);
-}
-
-a.self-link::before            { content: "¶"; }
-.heading > a.self-link::before { content: "§"; }
-dfn > a.self-link::before      { content: "#"; }
-</style>
- <body class="h-entry">
-  <div class="head">
-   <p style="background-color: #000; padding: 10px; font-size: large; font-weight: bold; color: #fff; float: right;">TLP:CLEAR</p>
-   
-  <img alt="SR2 Communications Limited" src="https://www.sr2.uk/images/logo.png" style="margin-bottom: 10px;" width="400">
-  
-   <h1>Passwords and Authentication Policy</h1>
-   <h2 class="heading no-num no-ref no-toc settled" id="subtitle"><span class="content">Draft for Approval by Company Directors,
-    <span class="dt-updated"><span class="value-title" title="20260422">22 April 2026</span></span>
-  </span></h2>
-   <div data-fill-with="spec-metadata">
-    <dl>
-     <dt>Latest published version:
-     <dd><a href="https://www.sr2.uk/policy/password-auth/">https://www.sr2.uk/policy/password-auth/</a>
-     <dt>Version:
-     <dd>1.0
-    </dl>
-   </div>
-   <div data-fill-with="warning"></div>
-   <p class="copyright" data-fill-with="copyright">© <a href="https://www.sr2.uk/">SR2 Communications Limited</a>.
-This document is licensed under <a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0</a>.
-<img alt src="https://mirrors.creativecommons.org/presskit/icons/cc.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;"><img alt src="https://mirrors.creativecommons.org/presskit/icons/by.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;"></p>
-   <hr title="Separator for header">
-  </div>
-  <div class="p-summary" data-fill-with="abstract">
-   <h2 class="heading no-num no-ref no-toc settled" id="abstract"><span class="content">Abstract</span></h2>
-   <p>A policy defining an effective authentication management procedures when conducting company-related business.</p>
-  </div>
-  <div data-fill-with="at-risk"></div>
-  <nav data-fill-with="table-of-contents" id="toc">
-   <h2 class="no-num no-ref no-toc" id="contents">Table of Contents</h2>
-   <ol class="toc">
-    <li><a href="#objective"><span class="secno">1</span> <span class="content">Objective</span></a>
-    <li><a href="#scope"><span class="secno">2</span> <span class="content">Scope</span></a>
-    <li><a href="#definitions"><span class="secno">3</span> <span class="content">Definitions</span></a>
-    <li>
-     <a href="#policy"><span class="secno">4</span> <span class="content">Policy</span></a>
-     <ol class="toc">
-      <li><a href="#passwords"><span class="secno">4.1</span> <span class="content">Password Authentication</span></a>
-      <li><a href="#mfa"><span class="secno">4.2</span> <span class="content">Multi-Factor Authentication</span></a>
-      <li><a href="#cloud"><span class="secno">4.3</span> <span class="content">Credentials for Cloud-Based Systems and Online Portals</span></a>
-      <li><a href="#compromise"><span class="secno">4.4</span> <span class="content">Credential Compromise Policy</span></a>
-     </ol>
-    <li><a href="#conformance"><span class="secno"></span> <span class="content">
-    Conformance</span></a>
-    <li>
-     <a href="#references"><span class="secno"></span> <span class="content">References</span></a>
-     <ol class="toc">
-      <li><a href="#normative"><span class="secno"></span> <span class="content">Normative References</span></a>
-     </ol>
-   </ol>
-  </nav>
-  <main>
-   <h2 class="heading settled" data-level="1" id="objective"><span class="secno">1. </span><span class="content">Objective</span><a class="self-link" href="#objective"></a></h2>
-   <p>This policy defines an effective authentication management procedures when conducting company-related business and
-includes the:</p>
-   <ul>
-    <li data-md>
-     <p>issuing and selection of strong authentication methods and credentials;</p>
-    <li data-md>
-     <p>protection of secret authentication credentials;</p>
-    <li data-md>
-     <p>frequency of change in terms of authentication credentials;</p>
-    <li data-md>
-     <p>reporting of any suspected breach or lost authentication credentials;</p>
-    <li data-md>
-     <p>use of authentication methods with third party systems (including cloud technology).</p>
-   </ul>
-   <p>Authentication is a key method of securing our information – choosing weak authentication methods, or failing to keep
-the authentication credentials secure, places the confidentiality of our data at risk.</p>
-   <h2 class="heading settled" data-level="2" id="scope"><span class="secno">2. </span><span class="content">Scope</span><a class="self-link" href="#scope"></a></h2>
-   <p>The scope of the policy covers all individuals either employed or contracted to work with or for the company, either
-in-office or remotely.</p>
-   <h2 class="heading settled" data-level="3" id="definitions"><span class="secno">3. </span><span class="content">Definitions</span><a class="self-link" href="#definitions"></a></h2>
-   <dl>
-    <dt data-md>Authentication method
-    <dd data-md>
-     <p>Any method by which a user may authenticate themselves in order to gain access to a location, data or service, such
- as text entry (e.g. passwords, passphrases, PINs), biometrics (e.g. fingerprints), etc.</p>
-    <dt data-md>Authentication credentials
-    <dd data-md>
-     <p>The specific data or information used by a user to authenticate themselves, including but not limited to passwords,
- passphrases, PINs, and biometric data.</p>
-    <dt data-md>Multi-Factor Authentication (MFA)
-    <dd data-md>
-     <p>An authentication method that requires the user to provide two or more verification factors to gain access, such as
- something they know (e.g., password), something they have (e.g., a security token or mobile device), and/or
- something they are (e.g., biometric data).</p>
-    <dt data-md>Cloud-based system
-    <dd data-md>
-     <p>A service or platform hosted over the internet that allows users to access data, applications and services remotely.</p>
-    <dt data-md>Password manager
-    <dd data-md>
-     <p>A software product used for the secure storage of passwords, which must be approved for use, and includes functions
- for generating strong passwords compliant with this policy.</p>
-   </dl>
-   <h2 class="heading settled" data-level="4" id="policy"><span class="secno">4. </span><span class="content">Policy</span><a class="self-link" href="#policy"></a></h2>
-   <p>Authentication method covers any methods by which a user may authenticate themselves in order to gain access to a
-location, data or service, such as text entry (e.g. passwords, passphrases, PINs), biometrics (e.g. fingerprints), etc.
-The company ensures that authentication credentials are kept confidential by:</p>
-   <ul>
-    <li data-md>
-     <p>storing authentication credentials in a secure manner;</p>
-    <li data-md>
-     <p>changing manufacturer default authentication credentials and disabling guest accounts on all equipment;</p>
-    <li data-md>
-     <p>issuing new users with temporary authentication credentials, which must be changed at first login to a stronger
-alternative (defined later);</p>
-    <li data-md>
-     <p>authentication credentials issued to new users are done so in a secure manner (e.g. never in clear text via an email);</p>
-    <li data-md>
-     <p>changing all multi-user credentials (e.g. for communal equipment) used by an employee in the event that their
-employment ends;</p>
-    <li data-md>
-     <p>ensuring that access to user credentials is limited to ICT administrators for the purpose of resetting, revoking or
-problem resolution – authentication methods may only be reset once the identity of the user has been verified;</p>
-    <li data-md>
-     <p>locking accounts after 5 failed login attempts in order to dissuade brute-forcing attempts;</p>
-    <li data-md>
-     <p>training staff in the use of digital password managers, and the risks of storing passwords in any other form (such as
-a notebook at their workstation, or Post-It note).</p>
-   </ul>
-   <p>Users must ensure that they do all they can to maintain the confidentiality of their authentication credentials by
-never:</p>
-   <ul>
-    <li data-md>
-     <p>using company authentication credentials for any other account they hold (including personal accounts such as home
-utilities, email, online shopping services, etc);</p>
-    <li data-md>
-     <p>having a physical copy of their credentials;</p>
-    <li data-md>
-     <p>using a non-approved method for password generation;</p>
-    <li data-md>
-     <p>entering authentication credentials on non-company equipment (for example, home or public access PCs);</p>
-    <li data-md>
-     <p>revealing authentication credentials to anyone, including line managers, unless relaying information on temporary
-credentials which are changed immediately upon next login. This includes never
-sharing authentication credentials with co-workers (e.g. whilst on annual leave);</p>
-    <li data-md>
-     <p>discussing authentication credentials in front of others.</p>
-   </ul>
-   <h3 class="heading settled" data-level="4.1" id="passwords"><span class="secno">4.1. </span><span class="content">Password Authentication</span><a class="self-link" href="#passwords"></a></h3>
-   <p>Many services and policies only allow for password authentication methods, and so they are given a special focus here.
-Strong passwords MUST be used for authentication. The company defines a strong password as one generated by one of two
-processes: random string generation by a password manager or using diceware <a data-link-type="biblio" href="#biblio-eff-dice" title="EFF Dice-Generated Passphrases">[EFF-DICE]</a>.</p>
-   <p>Where a password is to be stored in a password manager, it MUST be randomly generated by the password manager with the
-parameters:</p>
-   <ul>
-    <li data-md>
-     <p>having a minimum number of 14 characters in length;</p>
-    <li data-md>
-     <p>using longer passwords where permitted by the service;</p>
-    <li data-md>
-     <p>including a mixture of numbers, upper and lower case letters, and special characters.</p>
-   </ul>
-   <p>Where special characters are not possible due to technical restrictions, the minimum length is 20 characters.</p>
-   <p>For the avoidance of doubt, weak passwords must never be used. Weak, text-based authentication credentials generally
-have one or more of the following characteristics:</p>
-   <ul>
-    <li data-md>
-     <p>credential is the same, or partly the same, as the username;</p>
-    <li data-md>
-     <p>names of family members, friends, or pets are used;</p>
-    <li data-md>
-     <p>personal information about yourself or family members which can be easily found from social networking sites,
-including date of birth, phone number, street name, etc.;</p>
-    <li data-md>
-     <p>consecutive alphanumeric characters or keys on the keyboard, such as ‘abc123’ or ‘qwerty’;</p>
-    <li data-md>
-     <p>dictionary words including the inclusion of a number or character at the start or end or substituting numbers or
-punctuation for letters, for example, ‘P@55w0rd’;</p>
-    <li data-md>
-     <p>a known word from any language (which may not be in a dictionary).</p>
-   </ul>
-   <p>For passwords that are intended to be memorised, the MUST be generated using diceware. The above restrictions likely
-will not be met using this method as the intention is to provide a strong password that is easy to remember, and the
-strength comes from the underlying dice rolls. Any other method of generating a passphrase MUST NOT be used even if it
-results in one that bears similarity to a diceware-generated passphrase.</p>
-   <p>Memorised passphrases generated with diceware SHOULD be used for:</p>
-   <ul>
-    <li data-md>
-     <p>end-user device login passphrase;</p>
-    <li data-md>
-     <p>password manager decryption passphrase.</p>
-   </ul>
-   <h3 class="heading settled" data-level="4.2" id="mfa"><span class="secno">4.2. </span><span class="content">Multi-Factor Authentication</span><a class="self-link" href="#mfa"></a></h3>
-   <p>Wherever the option is offered by a given service or piece of software, multi-factor authentication is to be used (e.g.
-a fingerprint and a passphrase, or a voice sample, PIN and verification SMS).</p>
-   <p>Where a hardware token is in use to authenticate to a system without a password, the token itself MUST be secured with
-a memorised PIN of at least 6 digits.</p>
-   <h3 class="heading settled" data-level="4.3" id="cloud"><span class="secno">4.3. </span><span class="content">Credentials for Cloud-Based Systems and Online Portals</span><a class="self-link" href="#cloud"></a></h3>
-   <p>It is to be remembered that the company makes use of cloud-based technology and online portals, which may not enforce
-strong authentication credentials. It is therefore up to the individual to ensure a good authentication regime is
-maintained, which is as strong as that used within the organisation. In line with the company’s "Internet Use
-Policy", users shall:</p>
-   <ul>
-    <li data-md>
-     <p>not create an online account for business purposes without authorisation from a director;</p>
-    <li data-md>
-     <p>advise a director when there is no longer a need to have the online account in order to ensure that it is
-removed.</p>
-   </ul>
-   <h3 class="heading settled" data-level="4.4" id="compromise"><span class="secno">4.4. </span><span class="content">Credential Compromise Policy</span><a class="self-link" href="#compromise"></a></h3>
-   <p>In the event of a credential compromise, users SHALL take immediate action to secure the account by resetting or
-invalidating the credentials and report the incident to a director as soon as practical.
-It is policy that any password compromise event will be shared with CiviCERT members via the MISP platform to allow for
-shared learning from the incident.
-Directors will be responsible for determining if a data breach notification is necessary to our clients or to the
-Information Commissioners Office.</p>
-  </main>
-  <div data-fill-with="conformance">
-   <h2 class="heading no-num no-ref settled" id="conformance"><span class="content">
-    Conformance</span><a class="self-link" href="#conformance"></a></h2>
-   <p>
-            Conformance requirements are expressed with a combination of descriptive assertions and RFC 2119 terminology.
-            The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL”
-            in the normative parts of this document
-            are to be interpreted as described in RFC 2119.
-            However, for readability,
-            these words do not appear in all uppercase letters in this specification.
-
-        </p>
-   <p>
-            All of the text of this specification is normative
-            except sections explicitly marked as non-normative, examples, and notes. <a data-link-type="biblio" href="#biblio-rfc2119" title="Key words for use in RFCs to Indicate Requirement Levels">[RFC2119]</a>
-
-        </p>
-   <p>
-            Examples in this specification are introduced with the words “for example”
-            or are set apart from the normative text with <code>class="example"</code>, like this:
-
-        </p>
-   <div class="example" id="example-example"><a class="self-link" href="#example-example"></a>
-            This is an example of an informative example.
-        </div>
-   <p>
-            Informative notes begin with the word “Note”
-            and are set apart from the normative text with <code>class="note"</code>, like this:
-
-        </p>
-   <p class="note" role="note">
-            Note, this is an informative note.</p>
-  </div>
-<script>
-(function() {
-  "use strict";
-  var collapseSidebarText = '<span aria-hidden="true">←</span> '
-                          + '<span>Collapse Sidebar</span>';
-  var expandSidebarText   = '<span aria-hidden="true">→</span> '
-                          + '<span>Pop Out Sidebar</span>';
-  var tocJumpText         = '<span aria-hidden="true">↑</span> '
-                          + '<span>Jump to Table of Contents</span>';
-
-  var sidebarMedia = window.matchMedia('screen and (min-width: 78em)');
-  var autoToggle   = function(e){ toggleSidebar(e.matches) };
-  if(sidebarMedia.addListener) {
-    sidebarMedia.addListener(autoToggle);
-  }
-
-  function toggleSidebar(on) {
-    if (on == undefined) {
-      on = !document.body.classList.contains('toc-sidebar');
-    }
-
-    /* Don't scroll to compensate for the ToC if we're above it already. */
-    var headY = 0;
-    var head = document.querySelector('.head');
-    if (head) {
-      // terrible approx of "top of ToC"
-      headY += head.offsetTop + head.offsetHeight;
-    }
-    var skipScroll = window.scrollY < headY;
-
-    var toggle = document.getElementById('toc-toggle');
-    var tocNav = document.getElementById('toc');
-    if (on) {
-      var tocHeight = tocNav.offsetHeight;
-      document.body.classList.add('toc-sidebar');
-      document.body.classList.remove('toc-inline');
-      toggle.innerHTML = collapseSidebarText;
-      if (!skipScroll) {
-        window.scrollBy(0, 0 - tocHeight);
-      }
-      tocNav.focus();
-      sidebarMedia.addListener(autoToggle); // auto-collapse when out of room
-    }
-    else {
-      document.body.classList.add('toc-inline');
-      document.body.classList.remove('toc-sidebar');
-      toggle.innerHTML = expandSidebarText;
-      if (!skipScroll) {
-        window.scrollBy(0, tocNav.offsetHeight);
-      }
-      if (toggle.matches(':hover')) {
-        /* Unfocus button when not using keyboard navigation,
-           because I don't know where else to send the focus. */
-        toggle.blur();
-      }
-    }
-  }
-
-  function createSidebarToggle() {
-    /* Create the sidebar toggle in JS; it shouldn't exist when JS is off. */
-    var toggle = document.createElement('a');
-      /* This should probably be a button, but appearance isn't standards-track.*/
-    toggle.id = 'toc-toggle';
-    toggle.class = 'toc-toggle';
-    toggle.href = '#toc';
-    toggle.innerHTML = collapseSidebarText;
-
-    sidebarMedia.addListener(autoToggle);
-    var toggler = function(e) {
-      e.preventDefault();
-      sidebarMedia.removeListener(autoToggle); // persist explicit off states
-      toggleSidebar();
-      return false;
-    }
-    toggle.addEventListener('click', toggler, false);
-
-
-    /* Get <nav id=toc-nav>, or make it if we don't have one. */
-    var tocNav = document.getElementById('toc-nav');
-    if (!tocNav) {
-      tocNav = document.createElement('p');
-      tocNav.id = 'toc-nav';
-      /* Prepend for better keyboard navigation */
-      document.body.insertBefore(tocNav, document.body.firstChild);
-    }
-    /* While we're at it, make sure we have a Jump to Toc link. */
-    var tocJump = document.getElementById('toc-jump');
-    if (!tocJump) {
-      tocJump = document.createElement('a');
-      tocJump.id = 'toc-jump';
-      tocJump.href = '#toc';
-      tocJump.innerHTML = tocJumpText;
-      tocNav.appendChild(tocJump);
-    }
-
-    tocNav.appendChild(toggle);
-  }
-
-  var toc = document.getElementById('toc');
-  if (toc) {
-    createSidebarToggle();
-    toggleSidebar(sidebarMedia.matches);
-
-    /* If the sidebar has been manually opened and is currently overlaying the text
-       (window too small for the MQ to add the margin to body),
-       then auto-close the sidebar once you click on something in there. */
-    toc.addEventListener('click', function(e) {
-      if(e.target.tagName.toLowerCase() == "a" && document.body.classList.contains('toc-sidebar') && !sidebarMedia.matches) {
-        toggleSidebar(false);
-      }
-    }, false);
-  }
-  else {
-    console.warn("Can't find Table of Contents. Please use <nav id='toc'> around the ToC.");
-  }
-
-  /* Wrap tables in case they overflow */
-  var tables = document.querySelectorAll(':not(.overlarge) > table.data, :not(.overlarge) > table.index');
-  var numTables = tables.length;
-  for (var i = 0; i < numTables; i++) {
-    var table = tables[i];
-    var wrapper = document.createElement('div');
-    wrapper.className = 'overlarge';
-    table.parentNode.insertBefore(wrapper, table);
-    wrapper.appendChild(table);
-  }
-
-})();
-</script>
-  <h2 class="heading no-num no-ref settled" id="references"><span class="content">References</span><a class="self-link" href="#references"></a></h2>
-  <h3 class="heading no-num no-ref settled" id="normative"><span class="content">Normative References</span><a class="self-link" href="#normative"></a></h3>
-  <dl>
-   <dt id="biblio-eff-dice">[EFF-DICE]
-   <dd><a href="https://www.eff.org/dice"><cite>EFF Dice-Generated Passphrases</cite></a>. URL: <a href="https://www.eff.org/dice">https://www.eff.org/dice</a>
-   <dt id="biblio-rfc2119">[RFC2119]
-   <dd>S. Bradner. <a href="https://datatracker.ietf.org/doc/html/rfc2119"><cite>Key words for use in RFCs to Indicate Requirement Levels</cite></a>. March 1997. Best Current Practice. URL: <a href="https://datatracker.ietf.org/doc/html/rfc2119">https://datatracker.ietf.org/doc/html/rfc2119</a>
-  </dl>
\ No newline at end of file
diff --git a/static/policies/public_wifi/index.html b/static/policies/public_wifi/index.html
deleted file mode 100644
index bd4480d..0000000
--- a/static/policies/public_wifi/index.html
+++ /dev/null
@@ -1,2172 +0,0 @@
-<!doctype html><html lang="en">
- <head>
-  <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
-  <title>Public WiFi Policy</title>
-<style data-fill-with="stylesheet">/******************************************************************************
- *                   Style sheet for the W3C specifications                   *
- *
- * Special classes handled by this style sheet include:
- *
- * Indices
- *   - .toc for the Table of Contents (<ol class="toc">)
- *     + <span class="secno"> for the section numbers
- *   - #toc for the Table of Contents (<nav id="toc">)
- *   - ul.index for Indices (<a href="#ref">term</a><span>, in § N.M</span>)
- *   - table.index for Index Tables (e.g. for properties or elements)
- *
- * Structural Markup
- *   - table.data for general data tables
- *     -> use 'scope' attribute, <colgroup>, <thead>, and <tbody> for best results !
- *     -> use <table class='complex data'> for extra-complex tables
- *     -> use <td class='long'> for paragraph-length cell content
- *     -> use <td class='pre'> when manual line breaks/indentation would help readability
- *   - dl.switch for switch statements
- *   - ol.algorithm for algorithms (helps to visualize nesting)
- *   - .figure and .caption (HTML4) and figure and figcaption (HTML5)
- *     -> .sidefigure for right-floated figures
- *   - ins/del
- *     -> ins/del.c### for candidate and proposed changes (amendments)
- *
- * Code
- *   - pre and code
- *
- * Special Sections
- *   - .note       for informative notes             (div, p, span, aside, details)
- *   - .example    for informative examples          (div, p, pre, span)
- *   - .issue      for issues                        (div, p, span)
- *   - .advisement for loud normative statements     (div, p, strong)
- *   - .annoying-warning for spec obsoletion notices (div, aside, details)
- *   - .correction for "candidate corrections"       (div, aside, details, section)
- *   - .addition   for "candidate additions"         (div, aside, details, section)
- *   - .correction.proposed for "proposed corrections" (div, aside, details, section)
- *   - .addition.proposed   for "proposed additions"   (div, aside, details, section)
- *
- * Definition Boxes
- *   - pre.def   for WebIDL definitions
- *   - table.def for tables that define other entities (e.g. CSS properties)
- *   - dl.def    for definition lists that define other entitles (e.g. HTML elements)
- *
- * Numbering
- *   - .secno for section numbers in .toc and headings (<span class='secno'>3.2</span>)
- *   - .marker for source-inserted example/figure/issue numbers (<span class='marker'>Issue 4</span>)
- *   - ::before styled for CSS-generated issue/example/figure numbers:
- *     -> Documents wishing to use this only need to add
- *        figcaption::before,
- *        .caption::before { content: "Figure "  counter(figure) " ";  }
- *        .example::before { content: "Example " counter(example) " "; }
- *        .issue::before   { content: "Issue "   counter(issue) " ";   }
- *
- * Header Stuff (ignore, just don't conflict with these classes)
- *   - .head for the header
- *   - .copyright for the copyright
- *
- * Outdated warning for old specs
- *
- * Miscellaneous
- *   - .overlarge for things that should be as wide as possible, even if
- *     that overflows the body text area. This can be used on an item or
- *     on its container, depending on the effect desired.
- *     Note that this styling basically doesn't help at all when printing,
- *     since A4 paper isn't much wider than the max-width here.
- *     It's better to design things to fit into a narrower measure if possible.
- *
- *   - js-added ToC jump links (see fixup.js)
- *
- ******************************************************************************/
-
-/* color variables included separately for reliability */
-
-/******************************************************************************/
-/*                                    Body                                    */
-/******************************************************************************/
-
-	html {
-	}
-
-	body {
-		counter-reset: example figure issue;
-
-		/* Layout */
-		max-width: 50em;			  /* limit line length to 50em for readability   */
-		margin: 0 auto;				/* center text within page                    */
-		padding: 1.6em 1.5em 2em 50px; /* assume 16px font size for downlevel clients */
-		padding: 1.6em 1.5em 2em calc(26px + 1.5em); /* leave space for status flag    */
-
-		/* Typography */
-		line-height: 1.5;
-		font-family: sans-serif;
-		widows: 2;
-		orphans: 2;
-		word-wrap: break-word;
-		overflow-wrap: break-word;
-		hyphens: auto;
-
-		color: black;
-		color: var(--text);
-		background: white top left fixed no-repeat;
-		background: var(--bg) top left fixed no-repeat;
-		background-size: 25px auto;
-	}
-
-
-/******************************************************************************/
-/*                         Front Matter & Navigation                          */
-/******************************************************************************/
-
-/** Header ********************************************************************/
-
-	div.head { margin-bottom: 1em; }
-	div.head hr { border-style: solid; }
-
-	div.head h1 {
-		font-weight: bold;
-		margin: 0 0 .1em;
-		font-size: 220%;
-	}
-
-	div.head h2 { margin-bottom: 1.5em;}
-
-/** W3C Logo ******************************************************************/
-
-	.head .logo {
-		float: right;
-		margin: 0.4rem 0 0.2rem .4rem;
-	}
-
-	.head img[src*="logos/W3C"] {
-		display: block;
-		border: solid #1a5e9a;
-		border: solid var(--logo-bg);
-		border-width: .65rem .7rem .6rem;
-		border-radius: .4rem;
-		background: #1a5e9a;
-		background: var(--logo-bg);
-		color: white;
-		color: var(--logo-text);
-		font-weight: bold;
-	}
-
-	.head a:hover > img[src*="logos/W3C"],
-	.head a:focus > img[src*="logos/W3C"] {
-		opacity: .8;
-	}
-
-	.head a:active > img[src*="logos/W3C"] {
-		background: #c00;
-		background: var(--logo-active-bg);
-		border-color: #c00;
-		border-color: var(--logo-active-bg);
-	}
-
-	/* see also additional rules in Link Styling section */
-
-/** Copyright *****************************************************************/
-
-	p.copyright,
-	p.copyright small { font-size: small; }
-
-/** Back to Top / ToC Toggle **************************************************/
-
-	@media print {
-		#toc-nav {
-			display: none;
-		}
-	}
-	@media not print {
-		#toc-nav {
-			position: fixed;
-			z-index: 3;
-			bottom: 0; left: 0;
-			margin: 0;
-			min-width: 1.33em;
-			border-top-right-radius: 2rem;
-			box-shadow: 0 0 2px;
-			font-size: 1.5em;
-		}
-		#toc-nav > a {
-			display: block;
-			white-space: nowrap;
-
-			height: 1.33em;
-			padding: .1em 0.3em;
-			margin: 0;
-
-			box-shadow: 0 0 2px;
-			border: none;
-			border-top-right-radius: 1.33em;
-
-			color: #707070;
-			color: var(--tocnav-normal-text);
-			background: white;
-			background: var(--tocnav-normal-bg);
-		}
-		#toc-nav > a:hover,
-		#toc-nav > a:focus {
-			color: black;
-			color: var(--tocnav-hover-text);
-			background: #f8f8f8;
-			background: var(--tocnav-hover-bg);
-		}
-		#toc-nav > a:active {
-			color: #c00;
-			color: var(--tocnav-active-text);
-			background: white;
-			background: var(--tocnav-active-bg);
-		}
-
-		#toc-nav > #toc-jump {
-			padding-bottom: 2em;
-			margin-bottom: -1.9em;
-		}
-
-		/* statusbar gets in the way on keyboard focus; remove once browsers fix */
-		#toc-nav > a[href="#toc"]:not(:hover):focus:last-child {
-			padding-bottom: 1.5rem;
-		}
-
-		#toc-nav:not(:hover) > a:not(:focus) > span + span {
-			/* Ideally this uses :focus-within on #toc-nav */
-			display: none;
-		}
-		#toc-nav > a > span + span {
-			padding-right: 0.2em;
-		}
-	}
-
-/** ToC Sidebar ***************************************************************/
-
-	/* Floating sidebar */
-	@media screen {
-		body.toc-sidebar #toc {
-			position: fixed;
-			top: 0; bottom: 0;
-			left: 0;
-			width: 23.5em;
-			max-width: 80%;
-			max-width: calc(100% - 2em - 26px);
-			overflow: auto;
-			padding: 0 1em;
-			padding-left: 42px;
-			padding-left: calc(1em + 26px);
-			color: black;
-			color: var(--tocsidebar-text);
-			background: inherit;
-			background-color: #f7f8f9;
-			background-color: var(--tocsidebar-bg);
-			z-index: 1;
-			box-shadow: -.1em 0 .25em rgba(0,0,0,.1) inset;
-			box-shadow: -.1em 0 .25em var(--tocsidebar-shadow) inset;
-		}
-		body.toc-sidebar #toc h2 {
-			margin-top: .8rem;
-			font-variant: small-caps;
-			font-variant: all-small-caps;
-			text-transform: lowercase;
-			font-weight: bold;
-			color: gray;
-			color: hsla(203,20%,40%,.7);
-			color: var(--tocsidebar-heading-text);
-		}
-		body.toc-sidebar #toc-jump:not(:focus) {
-			width: 0;
-			height: 0;
-			padding: 0;
-			position: absolute;
-			overflow: hidden;
-		}
-	}
-	/* Hide main scroller when only the ToC is visible anyway */
-	@media screen and (max-width: 28em) {
-		body.toc-sidebar {
-			overflow: hidden;
-		}
-	}
-
-	/* Sidebar with its own space */
-	@media screen and (min-width: 78em) {
-		body:not(.toc-inline) #toc {
-			position: fixed;
-			top: 0; bottom: 0;
-			left: 0;
-			width: 23.5em;
-			overflow: auto;
-			padding: 0 1em;
-			padding-left: 42px;
-			padding-left: calc(1em + 26px);
-			color: black;
-			color: var(--tocsidebar-text);
-			background: inherit;
-			background-color: #f7f8f9;
-			background-color: var(--tocsidebar-bg);
-			z-index: 1;
-			box-shadow: -.1em 0 .25em rgba(0,0,0,.1) inset;
-			box-shadow: -.1em 0 .25em var(--tocsidebar-shadow) inset;
-		}
-		body:not(.toc-inline) #toc h2 {
-			margin-top: .8rem;
-			font-variant: small-caps;
-			font-variant: all-small-caps;
-			text-transform: lowercase;
-			font-weight: bold;
-			color: gray;
-			color: hsla(203,20%,40%,.7);
-			color: var(--tocsidebar-heading-text);
-		}
-
-		body:not(.toc-inline) {
-			padding-left: 29em;
-		}
-		/* See also Overflow section at the bottom */
-
-		body:not(.toc-inline) #toc-jump:not(:focus) {
-			width: 0;
-			height: 0;
-			padding: 0;
-			position: absolute;
-			overflow: hidden;
-		}
-	}
-	@media screen and (min-width: 90em) {
-		body:not(.toc-inline) {
-			margin: 0 4em;
-		}
-	}
-
-/******************************************************************************/
-/*                                Sectioning                                  */
-/******************************************************************************/
-
-/** Headings ******************************************************************/
-
-	h1, h2, h3, h4, h5, h6, dt {
-		page-break-after: avoid;
-		page-break-inside: avoid;
-		font: 100% sans-serif;   /* Reset all font styling to clear out UA styles */
-		font-family: inherit;	/* Inherit the font family. */
-		line-height: 1.2;		/* Keep wrapped headings compact */
-		hyphens: manual;		/* Hyphenated headings look weird */
-	}
-
-	h2, h3, h4, h5, h6 {
-		margin-top: 3rem;
-	}
-
-	h1, h2, h3 {
-		color: #005A9C;
-		color: var(--heading-text);
-	}
-
-	h1 { font-size: 170%; }
-	h2 { font-size: 140%; }
-	h3 { font-size: 120%; }
-	h4 { font-weight: bold; }
-	h5 { font-style: italic; }
-	h6 { font-variant: small-caps; }
-	dt { font-weight: bold; }
-
-/** Subheadings ***************************************************************/
-
-	h1 + h2,
-	#profile-and-date {
-		/* #profile-and-date is a subtitle in an H2 under the H1 */
-		margin-top: 0;
-	}
-	h2 + h3,
-	h3 + h4,
-	h4 + h5,
-	h5 + h6 {
-		margin-top: 1.2em; /* = 1 x line-height */
-	}
-
-/** Section divider ***********************************************************/
-
-	:not(.head) > :not(.head) + hr {
-		font-size: 1.5em;
-		text-align: center;
-		margin: 1em auto;
-		height: auto;
-		color: black;
-		color: var(--hr-text);
-		border: transparent solid 0;
-		background: transparent;
-	}
-	:not(.head) > hr::before {
-		content: "\2727\2003\2003\2727\2003\2003\2727";
-	}
-
-/******************************************************************************/
-/*                            Paragraphs and Lists                            */
-/******************************************************************************/
-
-	p {
-		margin: 1em 0;
-	}
-
-	dd > p:first-child,
-	li > p:first-child {
-		margin-top: 0;
-	}
-
-	ul, ol {
-		margin-left: 0;
-		padding-left: 2em;
-	}
-
-	li {
-		margin: 0.25em 0 0.5em;
-		padding: 0;
-	}
-
-	dl dd {
-		margin: 0 0 .5em 2em;
-	}
-
-	.head dd + dd { /* compact for header */
-		margin-top: -.5em;
-	}
-
-	/* Style for algorithms */
-	ol.algorithm ol:not(.algorithm),
-	.algorithm > ol ol:not(.algorithm) {
-	border-left: 0.5em solid #DEF;
-	border-left: 0.5em solid var(--algo-border);
-	}
-
-	/* Put nice boxes around each algorithm. */
-	[data-algorithm]:not(.heading) {
-	 padding: .5em;
-	 border: thin solid #ddd;
-	 border: thin solid var(--algo-border);
-	 border-radius: .5em;
-	 margin: .5em calc(-0.5em - 1px);
-	}
-	[data-algorithm]:not(.heading) > :first-child {
-	 margin-top: 0;
-	}
-	[data-algorithm]:not(.heading) > :last-child {
-	 margin-bottom: 0;
-	}
-
-	/* Style for switch/case <dl>s */
-	dl.switch > dd > ol.only,
-	dl.switch > dd > .only > ol {
-	margin-left: 0;
-	}
-	dl.switch > dd > ol.algorithm,
-	dl.switch > dd > .algorithm > ol {
-	margin-left: -2em;
-	}
-	dl.switch {
-	padding-left: 2em;
-	}
-	dl.switch > dt {
-	text-indent: -1.5em;
-	margin-top: 1em;
-	}
-	dl.switch > dt + dt {
-	margin-top: 0;
-	}
-	dl.switch > dt::before {
-	content: '\21AA';
-	padding: 0 0.5em 0 0;
-	display: inline-block;
-	width: 1em;
-	text-align: right;
-	line-height: 0.5em;
-	}
-
-/** Terminology Markup ********************************************************/
-
-
-/******************************************************************************/
-/*                                 Inline Markup                              */
-/******************************************************************************/
-
-/** Terminology Markup ********************************************************/
-	dfn   { /* Defining instance */
-		font-weight: bolder;
-	}
-	a > i { /* Instance of term */
-		font-style: normal;
-	}
-	dt dfn code, code.idl {
-		font-size: inherit;
-	}
-	dfn var {
-		font-style: normal;
-	}
-
-/** Change Marking ************************************************************/
-
-	del {
-		color: #aa0000;
-		color: var(--del-text);
-		background: transparent;
-		background: var(--del-bg);
-		text-decoration: line-through;
-	}
-	ins {
-		color: #006100;
-		color: var(--ins-text);
-		background: transparent;
-		background: var(--ins-bg);
-		text-decoration: underline;
-	}
-
-	/* for amendments (candidate/proposed changes) */
-
-	.amendment ins, .correction ins, .addition ins,
-	ins[class^=c] {
-		text-decoration-style: dotted;
-	}
-	.amendment del, .correction del, .addition del,
-	del[class^=c] {
-		text-decoration-style: dotted;
-	}
-	.amendment.proposed ins, .correction.proposed ins, .addition.proposed ins,
-	ins[class^=c].proposed {
-		text-decoration-style: double;
-	}
-	.amendment.proposed del, .correction.proposed del, .addition.proposed del,
-	del[class^=c].proposed {
-		text-decoration-style: double;
-	}
-
-/** Miscellaneous improvements to inline formatting ***************************/
-
-	sup {
-		vertical-align: super;
-		font-size: 80%
-	}
-
-/******************************************************************************/
-/*                                    Code                                    */
-/******************************************************************************/
-
-/** General monospace/pre rules ***********************************************/
-
-	pre, code, samp {
-		font-family: Menlo, Consolas, "DejaVu Sans Mono", Monaco, monospace;
-		font-size: .9em;
-		hyphens: none;
-		text-transform: none;
-		text-align: left;
-		text-align: start;
-		font-variant: normal;
-		orphans: 3;
-		widows: 3;
-		page-break-before: avoid;
-	}
-	pre code,
-	code code {
-		font-size: 100%;
-	}
-
-	pre {
-		margin-top: 1em;
-		margin-bottom: 1em;
-		overflow: auto;
-	}
-
-/** Inline Code fragments *****************************************************/
-
-	/* Do something nice. */
-
-/******************************************************************************/
-/*                                    Links                                   */
-/******************************************************************************/
-
-/** General Hyperlinks ********************************************************/
-
-	/* We hyperlink a lot, so make it less intrusive */
-	a[href] {
-		color: #034575;
-		color: var(--a-normal-text);
-		text-decoration: underline #707070;
-		text-decoration: underline var(--a-normal-underline);
-		text-decoration-skip-ink: none;
-	}
-	a:visited {
-		color: #034575;
-		color: var(--a-visited-text);
-		text-decoration-color: #bbb;
-		text-decoration-color: var(--a-visited-underline);
-	}
-
-	/* Indicate interaction with the link */
-	a[href]:focus,
-	a[href]:hover {
-		text-decoration-thickness: 2px;
-	}
-	a[href]:active {
-		color: #c00;
-		color: var(--a-active-text);
-		text-decoration-color: #c00;
-		text-decoration-color: var(--a-active-underline);
-	}
-
-	/* Backout above styling for W3C logo */
-	.head .logo,
-	.head .logo a {
-		border: none;
-		text-decoration: none;
-		background: transparent;
-	}
-
-/******************************************************************************/
-/*                                    Images                                  */
-/******************************************************************************/
-
-	img {
-		border-style: none;
-	}
-
-	img, svg {
-		/* Intentionally not color-scheme aware. */
-		background: white;
-	}
-
-	/* For autogen numbers, add
-	  .caption::before, figcaption::before { content: "Figure " counter(figure) ". "; }
-	*/
-
-	figure, .figure, .sidefigure {
-		page-break-inside: avoid;
-		text-align: center;
-		margin: 2.5em 0;
-	}
-	.figure img,	.sidefigure img,	figure img,
-	.figure object, .sidefigure object, figure object {
-		max-width: 100%;
-		margin: auto;
-		height: auto;
-	}
-	.figure pre, .sidefigure pre, figure pre {
-		text-align: left;
-		display: table;
-		margin: 1em auto;
-	}
-	.figure table, figure table {
-		margin: auto;
-	}
-	@media screen and (min-width: 20em) {
-		.sidefigure {
-			float: right;
-			width: 50%;
-			margin: 0 0 0.5em 0.5em;
-		}
-	}
-	.caption, figcaption, caption {
-		font-style: italic;
-		font-size: 90%;
-	}
-	.caption::before, figcaption::before, figcaption > .marker {
-		font-weight: bold;
-	}
-	.caption, figcaption {
-		counter-increment: figure;
-	}
-
-	/* DL list is indented 2em, but figure inside it is not */
-	dd > .figure, dd > figure { margin-left: -2em; }
-
-/******************************************************************************/
-/*                             Colored Boxes                                  */
-/******************************************************************************/
-
-	.issue, .note, .example, .assertion, .advisement, blockquote,
-	.amendment, .correction, .addition {
-		margin: 1em auto;
-		padding: .5em;
-		border: .5em;
-		border-left-style: solid;
-		page-break-inside: avoid;
-	}
-	span.issue, span.note {
-		padding: .1em .5em .15em;
-		border-right-style: solid;
-	}
-
-	blockquote > :first-child,
-	.note  > p:first-child,
-	.issue > p:first-child,
-	.amendment > p:first-child,
-	.correction > p:first-child,
-	.addition > p:first-child {
-		margin-top: 0;
-	}
-	blockquote > :last-child,
-	.note  > p:last-child,
-	.issue > p:last-child,
-	.amendment > p:last-child,
-	.correction > p:last-child,
-	.addition > p:last-child {
-		margin-bottom: 0;
-	}
-
-
-	.issue::before, .issue > .marker,
-	.example::before, .example > .marker,
-	.note::before, .note > .marker,
-	details.note > summary > .marker,
-	.amendment::before, .amendment > .marker,
-	details.amendment > summary > .marker,
-	.addition::before, .addition > .marker,
-	addition.amendment > summary > .marker,
-	.correction::before, .correction > .marker,
-	correction.amendment > summary > .marker
-	{
-		text-transform: uppercase;
-		padding-right: 1em;
-	}
-
-	.example::before, .example > .marker {
-		display: block;
-		padding-right: 0em;
-	}
-
-/** Blockquotes ***************************************************************/
-
-	blockquote {
-		border-color: silver;
-		border-color: var(--blockquote-border);
-		background: transparent;
-		background: var(--blockquote-bg);
-		color: currentcolor;
-		color: var(--blockquote-text);
-	}
-
-/** Open issue ****************************************************************/
-
-	.issue {
-		border-color: #e05252;
-		border-color: var(--issue-border);
-		background: #fbe9e9;
-		background: var(--issue-bg);
-		color: black;
-		color: var(--issue-text);
-		counter-increment: issue;
-		overflow: auto;
-	}
-	.issue::before, .issue > .marker {
-		color: #831616;
-		color: var(--issueheading-text);
-	}
-	/* Add .issue::before { content: "Issue " counter(issue) " "; } for autogen numbers,
-	  or use class="marker" to mark up the issue number in source. */
-
-/** Example *******************************************************************/
-
-	.example {
-		border-color: #e0cb52;
-		border-color: var(--example-border);
-		background: #fcfaee;
-		background: var(--example-bg);
-		color: black;
-		color: var(--example-text);
-		counter-increment: example;
-		overflow: auto;
-		clear: both;
-	}
-	.example::before, .example > .marker {
-		color: #574b0f;
-		color: var(--exampleheading-text);
-	}
-	/* Add .example::before { content: "Example " counter(example) " "; } for autogen numbers,
-	  or use class="marker" to mark up the example number in source. */
-
-/** Non-normative Note ********************************************************/
-
-	.note {
-		border-color: #52e052;
-		border-color: var(--note-border);
-		background: #e9fbe9;
-		background: var(--note-bg);
-		color: black;
-		color: var(--note-text);
-		overflow: auto;
-	}
-
-	.note::before, .note > .marker,
-	details.note > summary {
-		color: hsl(120, 70%, 30%);
-		color: var(--noteheading-text);
-	}
-	/* Add .note::before { content: "Note "; } for autogen label,
-	  or use class="marker" to mark up the label in source. */
-
-	details.note[open] > summary {
-		border-bottom: 1px silver solid;
-		border-bottom: 1px var(--notesummary-underline) solid;
-	}
-
-/** Assertion Box *************************************************************/
-	/*  for assertions in algorithms */
-
-	.assertion {
-		border-color: #AAA;
-		border-color: var(--assertion-border);
-		background: #EEE;
-		background: var(--assertion-bg);
-		color: black;
-		color: var(--assertion-text);
-	}
-
-/** Advisement Box ************************************************************/
-	/*  for attention-grabbing normative statements */
-
-	.advisement {
-		border-color: orange;
-		border-color: var(--advisement-border);
-		border-style: none solid;
-		background: #fec;
-		background: var(--advisement-bg);
-		color: black;
-		color: var(--advisement-text);
-	}
-	strong.advisement {
-		display: block;
-		text-align: center;
-	}
-	.advisement::before, .advisement > .marker {
-		color: #b35f00;
-		color: var(--advisementheading-text);
-	}
-
-/** Amendment Box *************************************************************/
-
-	.amendment, .correction, .addition {
-		border-color: #330099;
-		border-color: var(--amendment-border);
-		background: #F5F0FF;
-		background: var(--amendment-bg);
-		color: black;
-		color: var(--amendment-text);
-	}
-	.amendment.proposed, .correction.proposed, .addition.proposed {
-		border-style: solid;
-		border-block-width: 0.25em;
-	}
-	.amendment::before, .amendment > .marker,
-	details.amendment > summary::before, details.amendment > summary > .marker,
-	.correction::before, .correction > .marker,
-	details.correction > summary::before, details.correction > summary > .marker,
-	.addition::before, .addition > .marker,
-	details.addition > summary::before, details.addition > summary > .marker {
-		color: #220066;
-		color: var(--amendmentheading-text);
-	}
-	.amendment.proposed::before, .amendment.proposed > .marker,
-	details.amendment.proposed > summary::before, details.amendment.proposed > summary > .marker,
-	.correction.proposed::before, .correction.proposed > .marker,
-	details.correction.proposed > summary::before, details.correction.proposed > summary > .marker,
-	.addition.proposed::before, .addition.proposed > .marker,
-	details.addition.proposed > summary::before, details.addition.proposed > summary > .marker {
-		font-weight: bold;
-	}
-
-/** Spec Obsoletion Notice ****************************************************/
-	/* obnoxious obsoletion notice for older/abandoned specs. */
-
-	details {
-		display: block;
-	}
-	summary {
-		font-weight: bolder;
-	}
-
-	.annoying-warning:not(details),
-	details.annoying-warning:not([open]) > summary,
-	details.annoying-warning[open] {
-		background: hsla(40,100%,50%,0.95);
-		background: var(--warning-bg);
-		color: black;
-		color: var(--warning-text);
-		padding: .75em 1em;
-		border: red;
-		border: var(--warning-border);
-		border-style: solid none;
-		box-shadow: 0 2px 8px black;
-		text-align: center;
-	}
-	.annoying-warning :last-child {
-		margin-bottom: 0;
-	}
-
-@media not print {
-	details.annoying-warning[open] {
-		position: fixed;
-		left: 0;
-		right: 0;
-		bottom: 2em;
-		z-index: 1000;
-	}
-}
-
-	details.annoying-warning:not([open]) > summary {
-		text-align: center;
-	}
-
-/** Entity Definition Boxes ***************************************************/
-
-	.def {
-		padding: .5em 1em;
-		background: #def;
-		background: var(--def-bg);
-		margin: 1.2em 0;
-		border-left: 0.5em solid #8ccbf2;
-		border-left: 0.5em solid var(--def-border);
-		color: black;
-		color: var(--def-text);
-	}
-
-/******************************************************************************/
-/*                                    Tables                                  */
-/******************************************************************************/
-
-	th, td {
-		text-align: left;
-		text-align: start;
-	}
-
-/** Property/Descriptor Definition Tables *************************************/
-
-	table.def {
-		/* inherits .def box styling, see above */
-		width: 100%;
-		border-spacing: 0;
-	}
-
-	table.def td,
-	table.def th {
-		padding: 0.5em;
-		vertical-align: baseline;
-		border-bottom: 1px solid #bbd7e9;
-		border-bottom: 1px solid var(--defrow-border);
-	}
-
-	table.def > tbody > tr:last-child th,
-	table.def > tbody > tr:last-child td {
-		border-bottom: 0;
-	}
-
-	table.def th {
-		font-style: italic;
-		font-weight: normal;
-		padding-left: 1em;
-		width: 3em;
-	}
-
-	/* For when values are extra-complex and need formatting for readability */
-	table td.pre {
-		white-space: pre-wrap;
-	}
-
-	/* A footnote at the bottom of a def table */
-	table.def td.footnote {
-		padding-top: 0.6em;
-	}
-	table.def td.footnote::before {
-		content: " ";
-		display: block;
-		height: 0.6em;
-		width: 4em;
-		border-top: thin solid;
-	}
-
-/** Data tables (and properly marked-up index tables) *************************/
-	/*
-		<table class="data"> highlights structural relationships in a table
-		when correct markup is used (e.g. thead/tbody, th vs. td, scope attribute)
-
-		Use class="complex data" for particularly complicated tables --
-		(This will draw more lines: busier, but clearer.)
-
-		Use class="long" on table cells with paragraph-like contents
-		(This will adjust text alignment accordingly.)
-		Alternately use class="longlastcol" on tables, to have the last column assume "long".
-	*/
-
-	table {
-		word-wrap: normal;
-		overflow-wrap: normal;
-		hyphens: manual;
-	}
-
-	table.data,
-	table.index {
-		margin: 1em auto;
-		border-collapse: collapse;
-		border: hidden;
-		width: 100%;
-	}
-	table.data caption,
-	table.index caption {
-		max-width: 50em;
-		margin: 0 auto 1em;
-	}
-
-	table.data td,  table.data th,
-	table.index td, table.index th {
-		padding: 0.5em 1em;
-		border-width: 1px;
-		border-color: silver;
-		border-color: var(--datacell-border);
-		border-top-style: solid;
-	}
-
-	table.data thead td:empty {
-		padding: 0;
-		border: 0;
-	}
-
-	table.data  thead,
-	table.index thead,
-	table.data  tbody,
-	table.index tbody {
-		border-bottom: 2px solid;
-	}
-
-	table.data colgroup,
-	table.index colgroup {
-		border-left: 2px solid;
-	}
-
-	table.data  tbody th:first-child,
-	table.index tbody th:first-child  {
-		border-right: 2px solid;
-		border-top: 1px solid silver;
-		border-top: 1px solid var(--datacell-border);
-		padding-right: 1em;
-	}
-
-	table.data th[colspan],
-	table.data td[colspan] {
-		text-align: center;
-	}
-
-	table.complex.data th,
-	table.complex.data td {
-		border: 1px solid silver;
-		border: 1px solid var(--datacell-border);
-		text-align: center;
-	}
-
-	table.data.longlastcol td:last-child,
-	table.data td.long {
-		vertical-align: baseline;
-		text-align: left;
-	}
-
-	table.data img {
-		vertical-align: middle;
-	}
-
-
-/*
-Alternate table alignment rules
-
-	table.data,
-	table.index {
-		text-align: center;
-	}
-
-	table.data  thead th[scope="row"],
-	table.index thead th[scope="row"] {
-		text-align: right;
-	}
-
-	table.data  tbody th:first-child,
-	table.index tbody th:first-child  {
-		text-align: right;
-	}
-
-Possible extra rowspan handling
-
-	table.data  tbody th[rowspan]:not([rowspan='1']),
-	table.index tbody th[rowspan]:not([rowspan='1']),
-	table.data  tbody td[rowspan]:not([rowspan='1']),
-	table.index tbody td[rowspan]:not([rowspan='1']) {
-		border-left: 1px solid silver;
-	}
-
-	table.data  tbody th[rowspan]:first-child,
-	table.index tbody th[rowspan]:first-child,
-	table.data  tbody td[rowspan]:first-child,
-	table.index tbody td[rowspan]:first-child{
-		border-left: 0;
-		border-right: 1px solid silver;
-	}
-*/
-
-/******************************************************************************/
-/*                                  Indices                                   */
-/******************************************************************************/
-
-
-/** Table of Contents *********************************************************/
-
-	.toc a {
-		/* More spacing; use padding to make it part of the click target. */
-		padding: 0.1rem 1px 0;
-		/* Larger, more consistently-sized click target */
-		display: block;
-		/* Switch to using border-bottom for underlines */
-		text-decoration: none;
-		border-bottom: 1px solid;
-		/* Reverse color scheme */
-		color: black;
-		color: var(--toclink-text);
-		border-color: #3980b5;
-		border-color: var(--toclink-underline);
-	}
-	.toc a:visited {
-		color: black;
-		color: var(--toclink-visited-text);
-		border-color: #054572;
-		border-color: var(--toclink-visited-underline);
-	}
-	.toc a:focus,
-	.toc a:hover {
-		background: rgba(75%, 75%, 75%, .25);
-		background: var(--a-hover-bg);
-		border-bottom-width: 3px;
-		margin-bottom: -2px;
-	}
-	.toc a:not(:focus):not(:hover) {
-		/* Allow colors to cascade through from link styling */
-		border-bottom-color: transparent;
-	}
-
-	.toc, .toc ol, .toc ul, .toc li {
-		list-style: none; /* Numbers must be inlined into source */
-		/* because generated content isn't search/selectable and markers can't do multilevel yet */
-		margin:  0;
-		padding: 0;
-	}
-	.toc {
-		line-height: 1.1em;
-	}
-
-	/* ToC not indented until third level, but font style & margins show hierarchy */
-	.toc > li			{ font-weight: bold;   }
-	.toc > li li		 { font-weight: normal; }
-	.toc > li li li	  { font-size:   95%;	}
-	.toc > li li li li	{ font-size:   90%;	}
-	.toc > li li li li li { font-size:   85%;	}
-
-	/* @supports not (display:grid) { */
-		.toc > li			{ margin: 1.5rem 0;	}
-		.toc > li li		 { margin: 0.3rem 0;	}
-		.toc > li li li	  { margin-left: 2rem;   }
-
-		/* Section numbers in a column of their own */
-		.toc .secno {
-			float: left;
-			width: 4rem;
-			white-space: nowrap;
-		}
-		.toc > li li li li .secno { font-size: 85%; }
-		.toc > li li li li li .secno { font-size: 100%; }
-
-		.toc li {
-			clear: both;
-		}
-
-		:not(li) > .toc			 { margin-left:  5rem; }
-		.toc .secno				 { margin-left: -5rem; }
-		.toc > li li li .secno	  { margin-left: -7rem; }
-		.toc > li li li li .secno	{ margin-left: -9rem; }
-		.toc > li li li li li .secno { margin-left: -11rem; }
-
-		/* Tighten up indentation in narrow ToCs */
-		@media (max-width: 30em) {
-			:not(li) > .toc			 { margin-left:  4rem; }
-			.toc .secno				 { margin-left: -4rem; }
-			.toc > li li li			 { margin-left:  1rem; }
-			.toc > li li li .secno	  { margin-left: -5rem; }
-			.toc > li li li li .secno	{ margin-left: -6rem; }
-			.toc > li li li li li .secno { margin-left: -7rem; }
-		}
-		/* Loosen it on wide screens */
-		@media screen and (min-width: 78em) {
-			body:not(.toc-inline) :not(li) > .toc			 { margin-left:  4rem; }
-			body:not(.toc-inline) .toc .secno				 { margin-left: -4rem; }
-			body:not(.toc-inline) .toc > li li li			 { margin-left:  1rem; }
-			body:not(.toc-inline) .toc > li li li .secno	  { margin-left: -5rem; }
-			body:not(.toc-inline) .toc > li li li li .secno	{ margin-left: -6rem; }
-			body:not(.toc-inline) .toc > li li li li li .secno { margin-left: -7rem; }
-	}
-	/* } */
-
-	@supports (display:grid) and (display:contents) {
-		/* Use #toc over .toc to override non-@supports rules. */
-		#toc {
-			display: grid;
-			align-content: start;
-			grid-template-columns: auto 1fr;
-			grid-column-gap: 1rem;
-			column-gap: 1rem;
-			grid-row-gap: .6rem;
-			row-gap: .6rem;
-		}
-		#toc h2 {
-			grid-column: 1 / -1;
-			margin-bottom: 0;
-		}
-		#toc ol,
-		#toc li,
-		#toc a {
-			display: contents;
-			/* Switch <a> to subgrid when supported */
-		}
-		#toc span {
-			margin: 0;
-		}
-		#toc > .toc > li > a > span {
-			/* The spans of the top-level list,
-			  comprising the first items of each top-level section. */
-			margin-top: 1.1rem;
-		}
-		#toc#toc .secno { /* Ugh, need more specificity to override base.css */
-			grid-column: 1;
-			width: auto;
-			margin-left: 0;
-		}
-		#toc .content {
-			grid-column: 2;
-			width: auto;
-			margin-right: 1rem;
-			border-bottom: 3px solid transparent;
-			margin-bottom: -3px;
-		}
-		#toc .content:hover,
-		#toc .content:focus {
-			background: rgba(75%, 75%, 75%, .25);
-			background: var(--a-hover-bg);
-			border-bottom-color: #054572;
-			border-bottom-color: var(--toclink-underline);
-		}
-		#toc li li li .content {
-			margin-left: 1rem;
-		}
-		#toc li li li li .content {
-			margin-left: 2rem;
-		}
-	}
-
-
-/** Index *********************************************************************/
-
-	/* Index Lists: Layout */
-	ul.index	  { margin-left: 0; columns: 15em; text-indent: 1em hanging; }
-	ul.index li	{ margin-left: 0; list-style: none; break-inside: avoid; }
-	ul.index li li { margin-left: 1em; }
-	ul.index dl	{ margin-top: 0; }
-	ul.index dt	{ margin: .2em 0 .2em 20px;}
-	ul.index dd	{ margin: .2em 0 .2em 40px;}
-	/* Index Lists: Typography */
-	ul.index ul,
-	ul.index dl { font-size: smaller; }
-	@media not print {
-		ul.index li a + span {
-			white-space: nowrap;
-			color: transparent; }
-		ul.index li a:hover + span,
-		ul.index li a:focus + span {
-			color: #707070;
-			color: var(--indexinfo-text);
-		}
-	}
-
-/** Index Tables *****************************************************/
-	/* See also the data table styling section, which this effectively subclasses */
-
-	table.index {
-		font-size: small;
-		border-collapse: collapse;
-		border-spacing: 0;
-		text-align: left;
-		margin: 1em 0;
-	}
-
-	table.index td,
-	table.index th {
-		padding: 0.4em;
-	}
-
-	table.index tr:hover td:not([rowspan]),
-	table.index tr:hover th:not([rowspan]) {
-		color: black;
-		color: var(--indextable-hover-text);
-		background: #f7f8f9;
-		background: var(--indextable-hover-bg);
-	}
-
-	/* The link in the first column in the property table (formerly a TD) */
-	table.index th:first-child a {
-		font-weight: bold;
-	}
-
-/** Outdated warning **********************************************************/
-
-.outdated-spec {
-	color: black;
-	color: var(--outdatedspec-text);
-	background-color: rgba(0,0,0,0.5);
-	background-color: var(--outdatedspec-bg);
-}
-
-.outdated-warning {
-	position: fixed;
-	bottom: 50%;
-	left: 0;
-	right: 0;
-	margin: 0 auto;
-	width: 50%;
-	background: maroon;
-	background: var(--outdated-bg);
-	color: white;
-	color: var(--outdated-text);
-	border-radius: 1em;
-	box-shadow: 0 0 1em red;
-	box-shadow: 0 0 1em var(--outdated-shadow);
-	padding: 2em;
-	text-align: center;
-	z-index: 2;
-}
-
-.outdated-warning a {
-	color: currentcolor;
-	background: transparent;
-}
-
-.edited-rec-warning {
-	background: darkorange;
-	background: var(--editedrec-bg);
-	box-shadow: 0 0 1em;
-}
-
-.outdated-warning button {
-	color: var(--outdated-text);
-	border-radius: 1em;
-	box-shadow: 0 0 1em red;
-	box-shadow: 0 0 1em var(--outdated-shadow);
-	padding: 2em;
-	text-align: center;
-	z-index: 2;
-}
-
-.outdated-warning a {
-	color: currentcolor;
-	background: transparent;
-}
-
-.edited-rec-warning {
-	background: darkorange;
-	background: var(--editedrec-bg);
-	box-shadow: 0 0 1em;
-}
-
-.outdated-warning button {
-	position: absolute;
-	top: 0;
-	right:0;
-	margin: 0;
-	border: 0;
-	padding: 0.25em 0.5em;
-	background: transparent;
-	color: white;
-	color: var(--outdated-text);
-	font:1em sans-serif;
-	text-align:center;
-}
-
-.outdated-warning span {
-	display: block;
-}
-
-.outdated-collapsed {
-	bottom: 0;
-	border-radius: 0;
-	width: 100%;
-	padding: 0;
-}
-
-/******************************************************************************/
-/*                                    Print                                   */
-/******************************************************************************/
-
-	@media print {
-		/* Pages have their own margins. */
-		html {
-			margin: 0;
-		}
-		/* Serif for print. */
-		body {
-			font-family: serif;
-		}
-
-		.outdated-warning {
-			position: absolute;
-			border-style: solid;
-			border-color: red;
-		}
-
-		.outdated-warning input {
-			display: none;
-		}
-	}
-	@page {
-		margin: 1.5cm 1.1cm;
-	}
-
-
-
-/******************************************************************************/
-/*                             Overflow Control                               */
-/******************************************************************************/
-
-	.figure .caption, .sidefigure .caption, figcaption {
-		/* in case figure is overlarge, limit caption to 50em */
-		max-width: 50rem;
-		margin-left: auto;
-		margin-right: auto;
-	}
-	.overlarge {
-		/* Magic to create good item positioning:
-		  "content column" is 50ems wide at max; less on smaller screens.
-		  Extra space (after ToC + content) is empty on the right.
-
-		  1. When item < content column, centers item in column.
-		  2. When content < item < available, left-aligns.
-		  3. When item > available, fills available + scroll bar.
-		*/
-		display: grid;
-		grid-template-columns: minmax(0, 50em);
-	}
-	.overlarge > table {
-		/* limit preferred width of table */
-		max-width: 50em;
-		margin-left: auto;
-		margin-right: auto;
-	}
-
-	@media (min-width: 55em) {
-		.overlarge {
-			margin-right: calc(13px + 26.5rem - 50vw);
-			max-width: none;
-		}
-	}
-	@media screen and (min-width: 78em) {
-		body:not(.toc-inline) .overlarge {
-			/* 30.5em body padding 50em content area */
-			margin-right: calc(40em - 50vw) !important;
-		}
-	}
-	@media screen and (min-width: 90em) {
-		body:not(.toc-inline) .overlarge {
-			/* 4em html margin 30.5em body padding 50em content area */
-			margin-right: calc(84.5em - 100vw) !important;
-		}
-	}
-
-	@media not print {
-		.overlarge {
-			overflow-x: auto;
-			/* See Lea Verou's explanation background-attachment:
-			* http://lea.verou.me/2012/04/background-attachment-local/
-			*
-			background: top left  / 4em 100% linear-gradient(to right,  #ffffff, rgba(255, 255, 255, 0)) local,
-						top right / 4em 100% linear-gradient(to left, #ffffff, rgba(255, 255, 255, 0)) local,
-						top left  / 1em 100% linear-gradient(to right,  #c3c3c5, rgba(195, 195, 197, 0)) scroll,
-						top right / 1em 100% linear-gradient(to left, #c3c3c5, rgba(195, 195, 197, 0)) scroll,
-						white;
-			background-repeat: no-repeat;
-			*/
-		}
-	}
-</style>
-<style>
-
-  </style>
-  <meta content="Bikeshed version 5d4d5b9a8, updated Fri Apr 17 13:49:40 2026 -0700" name="generator">
-  <link href="https://www.sr2.uk/policy/public-wifi/" rel="canonical">
-  <meta content="1ad26e6266d3cfc379f0a1c23beecbb29d167442" name="revision">
-  <meta content="dark light" name="color-scheme">
-<style>/* Boilerplate: style-autolinks */
-.css.css, .property.property, .descriptor.descriptor {
-    color: var(--a-normal-text);
-    font-size: inherit;
-    font-family: inherit;
-}
-.css::before, .property::before, .descriptor::before {
-    content: "‘";
-}
-.css::after, .property::after, .descriptor::after {
-    content: "’";
-}
-.property, .descriptor {
-    /* Don't wrap property and descriptor names */
-    white-space: nowrap;
-}
-.type { /* CSS value <type> */
-    font-style: italic;
-}
-pre .property::before, pre .property::after {
-    content: "";
-}
-[data-link-type="property"]::before,
-[data-link-type="propdesc"]::before,
-[data-link-type="descriptor"]::before,
-[data-link-type="value"]::before,
-[data-link-type="function"]::before,
-[data-link-type="at-rule"]::before,
-[data-link-type="selector"]::before,
-[data-link-type="maybe"]::before {
-    content: "‘";
-}
-[data-link-type="property"]::after,
-[data-link-type="propdesc"]::after,
-[data-link-type="descriptor"]::after,
-[data-link-type="value"]::after,
-[data-link-type="function"]::after,
-[data-link-type="at-rule"]::after,
-[data-link-type="selector"]::after,
-[data-link-type="maybe"]::after {
-    content: "’";
-}
-
-[data-link-type].production::before,
-[data-link-type].production::after,
-.prod [data-link-type]::before,
-.prod [data-link-type]::after {
-    content: "";
-}
-
-[data-link-type=element],
-[data-link-type=element-attr] {
-    font-family: Menlo, Consolas, "DejaVu Sans Mono", monospace;
-    font-size: .9em;
-}
-[data-link-type=element]::before { content: "<" }
-[data-link-type=element]::after  { content: ">" }
-
-[data-link-type=biblio] {
-    white-space: pre;
-}
-
-@media (prefers-color-scheme: dark) {
-    :root {
-        --selflink-text: black;
-        --selflink-bg: silver;
-        --selflink-hover-text: white;
-    }
-}
-</style>
-<style>/* Boilerplate: style-colors */
-/* Any --*-text not paired with a --*-bg is assumed to have a transparent bg */
-:root {
-    color-scheme: light dark;
-
-    --text: black;
-    --bg: white;
-
-    --unofficial-watermark: url(https://www.w3.org/StyleSheets/TR/2016/logos/UD-watermark);
-
-    --logo-bg: #1a5e9a;
-    --logo-active-bg: #c00;
-    --logo-text: white;
-
-    --tocnav-normal-text: #707070;
-    --tocnav-normal-bg: var(--bg);
-    --tocnav-hover-text: var(--tocnav-normal-text);
-    --tocnav-hover-bg: #f8f8f8;
-    --tocnav-active-text: #c00;
-    --tocnav-active-bg: var(--tocnav-normal-bg);
-
-    --tocsidebar-text: var(--text);
-    --tocsidebar-bg: #f7f8f9;
-    --tocsidebar-shadow: rgba(0,0,0,.1);
-    --tocsidebar-heading-text: hsla(203,20%,40%,.7);
-
-    --toclink-text: var(--text);
-    --toclink-underline: #3980b5;
-    --toclink-visited-text: var(--toclink-text);
-    --toclink-visited-underline: #054572;
-
-    --heading-text: #005a9c;
-
-    --hr-text: var(--text);
-
-    --algo-border: #def;
-
-    --del-text: red;
-    --del-bg: transparent;
-    --ins-text: #080;
-    --ins-bg: transparent;
-
-    --a-normal-text: #034575;
-    --a-normal-underline: #bbb;
-    --a-visited-text: var(--a-normal-text);
-    --a-visited-underline: #707070;
-    --a-hover-bg: rgba(75%, 75%, 75%, .25);
-    --a-active-text: #c00;
-    --a-active-underline: #c00;
-
-    --blockquote-border: silver;
-    --blockquote-bg: transparent;
-    --blockquote-text: currentcolor;
-
-    --issue-border: #e05252;
-    --issue-bg: #fbe9e9;
-    --issue-text: var(--text);
-    --issueheading-text: #831616;
-
-    --example-border: #e0cb52;
-    --example-bg: #fcfaee;
-    --example-text: var(--text);
-    --exampleheading-text: #574b0f;
-
-    --note-border: #52e052;
-    --note-bg: #e9fbe9;
-    --note-text: var(--text);
-    --noteheading-text: hsl(120, 70%, 30%);
-    --notesummary-underline: silver;
-
-    --assertion-border: #aaa;
-    --assertion-bg: #eee;
-    --assertion-text: black;
-
-    --advisement-border: orange;
-    --advisement-bg: #fec;
-    --advisement-text: var(--text);
-    --advisementheading-text: #b35f00;
-
-    --warning-border: red;
-    --warning-bg: hsla(40,100%,50%,0.95);
-    --warning-text: var(--text);
-
-    --amendment-border: #330099;
-    --amendment-bg: #F5F0FF;
-    --amendment-text: var(--text);
-    --amendmentheading-text: #220066;
-
-    --def-border: #8ccbf2;
-    --def-bg: #def;
-    --def-text: var(--text);
-    --defrow-border: #bbd7e9;
-
-    --datacell-border: silver;
-
-    --indexinfo-text: #707070;
-
-    --indextable-hover-text: black;
-    --indextable-hover-bg: #f7f8f9;
-
-    --outdatedspec-bg: rgba(0, 0, 0, .5);
-    --outdatedspec-text: black;
-    --outdated-bg: maroon;
-    --outdated-text: white;
-    --outdated-shadow: red;
-
-    --editedrec-bg: darkorange;
-}
-
-@media (prefers-color-scheme: dark) {
-    :root {
-        --text: #ddd;
-        --bg: black;
-
-        --unofficial-watermark: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='400' height='400'%3E%3Cg fill='%23100808' transform='translate(200 200) rotate(-45) translate(-200 -200)' stroke='%23100808' stroke-width='3'%3E%3Ctext x='50%25' y='220' style='font: bold 70px sans-serif; text-anchor: middle; letter-spacing: 6px;'%3EUNOFFICIAL%3C/text%3E%3Ctext x='50%25' y='305' style='font: bold 70px sans-serif; text-anchor: middle; letter-spacing: 6px;'%3EDRAFT%3C/text%3E%3C/g%3E%3C/svg%3E");
-
-        --logo-bg: #1a5e9a;
-        --logo-active-bg: #c00;
-        --logo-text: white;
-
-        --tocnav-normal-text: #999;
-        --tocnav-normal-bg: var(--bg);
-        --tocnav-hover-text: var(--tocnav-normal-text);
-        --tocnav-hover-bg: #080808;
-        --tocnav-active-text: #f44;
-        --tocnav-active-bg: var(--tocnav-normal-bg);
-
-        --tocsidebar-text: var(--text);
-        --tocsidebar-bg: #080808;
-        --tocsidebar-shadow: rgba(255,255,255,.1);
-        --tocsidebar-heading-text: hsla(203,20%,40%,.7);
-
-        --toclink-text: var(--text);
-        --toclink-underline: #6af;
-        --toclink-visited-text: var(--toclink-text);
-        --toclink-visited-underline: #054572;
-
-        --heading-text: #8af;
-
-        --hr-text: var(--text);
-
-        --algo-border: #456;
-
-        --del-text: #f44;
-        --del-bg: transparent;
-        --ins-text: #4a4;
-        --ins-bg: transparent;
-
-        --a-normal-text: #6af;
-        --a-normal-underline: #555;
-        --a-visited-text: var(--a-normal-text);
-        --a-visited-underline: var(--a-normal-underline);
-        --a-hover-bg: rgba(25%, 25%, 25%, .2);
-        --a-active-text: #f44;
-        --a-active-underline: var(--a-active-text);
-
-        --borderedblock-bg: rgba(255, 255, 255, .05);
-
-        --blockquote-border: silver;
-        --blockquote-bg: var(--borderedblock-bg);
-        --blockquote-text: currentcolor;
-
-        --issue-border: #e05252;
-        --issue-bg: var(--borderedblock-bg);
-        --issue-text: var(--text);
-        --issueheading-text: hsl(0deg, 70%, 70%);
-
-        --example-border: hsl(50deg, 90%, 60%);
-        --example-bg: var(--borderedblock-bg);
-        --example-text: var(--text);
-        --exampleheading-text: hsl(50deg, 70%, 70%);
-
-        --note-border: hsl(120deg, 100%, 35%);
-        --note-bg: var(--borderedblock-bg);
-        --note-text: var(--text);
-        --noteheading-text: hsl(120, 70%, 70%);
-        --notesummary-underline: silver;
-
-        --assertion-border: #444;
-        --assertion-bg: var(--borderedblock-bg);
-        --assertion-text: var(--text);
-
-        --advisement-border: orange;
-        --advisement-bg: #222218;
-        --advisement-text: var(--text);
-        --advisementheading-text: #f84;
-
-        --warning-border: red;
-        --warning-bg: hsla(40,100%,20%,0.95);
-        --warning-text: var(--text);
-
-        --amendment-border: #330099;
-        --amendment-bg: #080010;
-        --amendment-text: var(--text);
-        --amendmentheading-text: #cc00ff;
-
-        --def-border: #8ccbf2;
-        --def-bg: #080818;
-        --def-text: var(--text);
-        --defrow-border: #136;
-
-        --datacell-border: silver;
-
-        --indexinfo-text: #aaa;
-
-        --indextable-hover-text: var(--text);
-        --indextable-hover-bg: #181818;
-
-        --outdatedspec-bg: rgba(255, 255, 255, .5);
-        --outdatedspec-text: black;
-        --outdated-bg: maroon;
-        --outdated-text: white;
-        --outdated-shadow: red;
-
-        --editedrec-bg: darkorange;
-    }
-    /* In case a transparent-bg image doesn't expect to be on a dark bg,
-       which is quite common in practice... */
-    img { background: white; }
-}
-</style>
-<style>/* Boilerplate: style-counters */
-body {
-    counter-reset: example figure issue table;
-}
-.issue {
-    counter-increment: issue;
-}
-.issue:not(.no-marker)::before {
-    content: "Issue " counter(issue);
-}
-
-.example {
-    counter-increment: example;
-}
-.example:not(.no-marker)::before {
-    content: "Example " counter(example);
-}
-.invalid.example:not(.no-marker)::before,
-.illegal.example:not(.no-marker)::before {
-    content: "Invalid Example " counter(example);
-}
-
-figcaption {
-    counter-increment: figure;
-}
-figcaption:not(.no-marker)::before {
-    content: "Figure " counter(figure) " ";
-}
-
-figure.table figcaption {
-    counter-increment: table;
-}
-figure.table figcaption:not(.no-marker)::before {
-    content: "Table " counter(table) " ";
-}
-</style>
-<style>/* Boilerplate: style-issues */
-a[href].issue-return {
-    float: right;
-    float: inline-end;
-    color: var(--issueheading-text);
-    font-weight: bold;
-    text-decoration: none;
-}
-</style>
-<style>/* Boilerplate: style-md-lists */
-/* This is a weird hack for me not yet following the commonmark spec
-   regarding paragraph and lists. */
-[data-md] > :first-child {
-    margin-top: 0;
-}
-[data-md] > :last-child {
-    margin-bottom: 0;
-}
-</style>
-<style>/* Boilerplate: style-selflinks */
-:root {
-    --selflink-text: white;
-    --selflink-bg: gray;
-    --selflink-hover-text: black;
-}
-.heading, .issue, .note, .example, li, dt {
-    position: relative;
-}
-a.self-link {
-    position: absolute;
-    top: 0;
-    left: calc(-1 * (3.5rem - 26px));
-    width: calc(3.5rem - 26px);
-    height: 2em;
-    text-align: center;
-    border: none;
-    transition: opacity .2s;
-    opacity: .5;
-}
-a.self-link:hover {
-    opacity: 1;
-}
-.heading > a.self-link {
-    font-size: 83%;
-}
-.example > a.self-link,
-.note > a.self-link,
-.issue > a.self-link {
-    /* These blocks are overflow:auto, so positioning outside
-       doesn't work. */
-    left: auto;
-    right: 0;
-}
-li > a.self-link {
-    left: calc(-1 * (3.5rem - 26px) - 2em);
-}
-dfn > a.self-link {
-    top: auto;
-    left: auto;
-    opacity: 0;
-    width: 1.5em;
-    height: 1.5em;
-    background: var(--selflink-bg);
-    color: var(--selflink-text);
-    font-style: normal;
-    transition: opacity .2s, background-color .2s, color .2s;
-}
-dfn:hover > a.self-link {
-    opacity: 1;
-}
-dfn > a.self-link:hover {
-    color: var(--selflink-hover-text);
-}
-
-a.self-link::before            { content: "¶"; }
-.heading > a.self-link::before { content: "§"; }
-dfn > a.self-link::before      { content: "#"; }
-</style>
- <body class="h-entry">
-  <div class="head">
-   <p style="background-color: #000; padding: 10px; font-size: large; font-weight: bold; color: #fff; float: right;">TLP:CLEAR</p>
-   
-  <img alt="SR2 Communications Limited" src="https://www.sr2.uk/images/logo.png" style="margin-bottom: 10px;" width="400">
-  
-   <h1>Public WiFi Policy</h1>
-   <h2 class="heading no-num no-ref no-toc settled" id="subtitle"><span class="content">Draft for Approval by Company Directors,
-    <span class="dt-updated"><span class="value-title" title="20260422">22 April 2026</span></span>
-  </span></h2>
-   <div data-fill-with="spec-metadata">
-    <dl>
-     <dt>Latest published version:
-     <dd><a href="https://www.sr2.uk/policy/public-wifi/">https://www.sr2.uk/policy/public-wifi/</a>
-     <dt>Version:
-     <dd>1.0
-    </dl>
-   </div>
-   <div data-fill-with="warning"></div>
-   <p class="copyright" data-fill-with="copyright">© <a href="https://www.sr2.uk/">SR2 Communications Limited</a>.
-This document is licensed under <a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0</a>.
-<img alt src="https://mirrors.creativecommons.org/presskit/icons/cc.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;"><img alt src="https://mirrors.creativecommons.org/presskit/icons/by.svg" style="max-width: 1em;max-height:1em;margin-left: .2em;"></p>
-   <hr title="Separator for header">
-  </div>
-  <div class="p-summary" data-fill-with="abstract">
-   <h2 class="heading no-num no-ref no-toc settled" id="abstract"><span class="content">Abstract</span></h2>
-   <p>A policy governing staff and contractor use of public WiFi networks when accessing company data.</p>
-  </div>
-  <div data-fill-with="at-risk"></div>
-  <nav data-fill-with="table-of-contents" id="toc">
-   <h2 class="no-num no-ref no-toc" id="contents">Table of Contents</h2>
-   <ol class="toc">
-    <li><a href="#objective"><span class="secno">1</span> <span class="content">Objective</span></a>
-    <li><a href="#scope"><span class="secno">2</span> <span class="content">Scope</span></a>
-    <li><a href="#definitions"><span class="secno">3</span> <span class="content">Definitions</span></a>
-    <li><a href="#policy"><span class="secno">4</span> <span class="content">Policy</span></a>
-    <li><a href="#conformance"><span class="secno"></span> <span class="content">
-    Conformance</span></a>
-    <li>
-     <a href="#references"><span class="secno"></span> <span class="content">References</span></a>
-     <ol class="toc">
-      <li><a href="#normative"><span class="secno"></span> <span class="content">Normative References</span></a>
-     </ol>
-   </ol>
-  </nav>
-  <main>
-   <h2 class="heading settled" data-level="1" id="objective"><span class="secno">1. </span><span class="content">Objective</span><a class="self-link" href="#objective"></a></h2>
-   <p>The company approves remote working to work-related cloud services and work email accounts, as long as the devices used
-to access these have been sanctioned by the company. Using public WiFi to conduct business, without the necessary
-safeguards, places our data at risk of theft. The purpose of this policy is to provide the framework for those
-safeguards.</p>
-   <h2 class="heading settled" data-level="2" id="scope"><span class="secno">2. </span><span class="content">Scope</span><a class="self-link" href="#scope"></a></h2>
-   <p>The scope of the policy covers all individuals either employed or contracted to work with, or for, the company, either
-on a company site or remotely.</p>
-   <h2 class="heading settled" data-level="3" id="definitions"><span class="secno">3. </span><span class="content">Definitions</span><a class="self-link" href="#definitions"></a></h2>
-   <dl>
-    <dt data-md>Public WiFi Network
-    <dd data-md>
-     <p>Any wireless network access provided by a third party, such as hotels, cafes, airports, or public hotspots, that is
- open to public or unvetted access. For the purpose of this policy, eduroam connections other than those on an SR2
- managed site are to be considered Public WiFi Networks.</p>
-    <dt data-md>Sanctioned Device
-    <dd data-md>
-     <p>A device (e.g., laptop, tablet, smartphone) that has been approved and provisioned by the
- company for business use, with appropriate security configurations and software installed.</p>
-   </dl>
-   <h2 class="heading settled" data-level="4" id="policy"><span class="secno">4. </span><span class="content">Policy</span><a class="self-link" href="#policy"></a></h2>
-   <p>Devices that are not sanctioned by the company, including home PCs or public access PCs, MUST NOT be used to access
-company cloud services, data, or email accounts.</p>
-   <p>Though the company takes every effort to ensure that sanctioned devices are adequately protected, the individual MUST
-ensure that, before connecting to the Wi-Fi network, the device has:</p>
-   <ul>
-    <li data-md>
-     <p>up-to-date antivirus and antispyware software;</p>
-    <li data-md>
-     <p>a firewall that is activated and configured to company requirements (i.e. the settings have not been changed) since
-the device was configured;</p>
-    <li data-md>
-     <p>all software (including the Web browser) is current with automatic updating;</p>
-    <li data-md>
-     <p>file sharing (e.g. SMB) is switched off.</p>
-   </ul>
-   <p>For security reasons staff and contractors MUST:</p>
-   <ul>
-    <li data-md>
-     <p>consider if mobile phone tethering is available and use this as the first choice;</p>
-    <li data-md>
-     <p>consider delaying transmission of information until at a secure location;</p>
-    <li data-md>
-     <p>not follow prompts to update software whilst connected to a public network;</p>
-    <li data-md>
-     <p>not rely on the encryption provided by the Public WiFi Network (e.g. WPA) to protect company data;</p>
-    <li data-md>
-     <p>ensure that an end-to-end encrypted connection is established and the user has been trained in setting up
-such a connection for each service to be used (for the avoidance of doubt, TLS is considered to be end-to-end
-providing that the certificate presented by the server is validated);</p>
-    <li data-md>
-     <p>ensure that URLs in Web browsers are showing the correct Web addresses in case a criminal has hijacked the Wireless
-Access Point and is forwarding traffic to their site;</p>
-    <li data-md>
-     <p>keep all information secure, including restricting the view of the screen from any unauthorised person(s);</p>
-   </ul>
-  </main>
-  <div data-fill-with="conformance">
-   <h2 class="heading no-num no-ref settled" id="conformance"><span class="content">
-    Conformance</span><a class="self-link" href="#conformance"></a></h2>
-   <p>
-            Conformance requirements are expressed with a combination of descriptive assertions and RFC 2119 terminology.
-            The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL”
-            in the normative parts of this document
-            are to be interpreted as described in RFC 2119.
-            However, for readability,
-            these words do not appear in all uppercase letters in this specification.
-
-        </p>
-   <p>
-            All of the text of this specification is normative
-            except sections explicitly marked as non-normative, examples, and notes. <a data-link-type="biblio" href="#biblio-rfc2119" title="Key words for use in RFCs to Indicate Requirement Levels">[RFC2119]</a>
-
-        </p>
-   <p>
-            Examples in this specification are introduced with the words “for example”
-            or are set apart from the normative text with <code>class="example"</code>, like this:
-
-        </p>
-   <div class="example" id="example-example"><a class="self-link" href="#example-example"></a>
-            This is an example of an informative example.
-        </div>
-   <p>
-            Informative notes begin with the word “Note”
-            and are set apart from the normative text with <code>class="note"</code>, like this:
-
-        </p>
-   <p class="note" role="note">
-            Note, this is an informative note.</p>
-  </div>
-<script>
-(function() {
-  "use strict";
-  var collapseSidebarText = '<span aria-hidden="true">←</span> '
-                          + '<span>Collapse Sidebar</span>';
-  var expandSidebarText   = '<span aria-hidden="true">→</span> '
-                          + '<span>Pop Out Sidebar</span>';
-  var tocJumpText         = '<span aria-hidden="true">↑</span> '
-                          + '<span>Jump to Table of Contents</span>';
-
-  var sidebarMedia = window.matchMedia('screen and (min-width: 78em)');
-  var autoToggle   = function(e){ toggleSidebar(e.matches) };
-  if(sidebarMedia.addListener) {
-    sidebarMedia.addListener(autoToggle);
-  }
-
-  function toggleSidebar(on) {
-    if (on == undefined) {
-      on = !document.body.classList.contains('toc-sidebar');
-    }
-
-    /* Don't scroll to compensate for the ToC if we're above it already. */
-    var headY = 0;
-    var head = document.querySelector('.head');
-    if (head) {
-      // terrible approx of "top of ToC"
-      headY += head.offsetTop + head.offsetHeight;
-    }
-    var skipScroll = window.scrollY < headY;
-
-    var toggle = document.getElementById('toc-toggle');
-    var tocNav = document.getElementById('toc');
-    if (on) {
-      var tocHeight = tocNav.offsetHeight;
-      document.body.classList.add('toc-sidebar');
-      document.body.classList.remove('toc-inline');
-      toggle.innerHTML = collapseSidebarText;
-      if (!skipScroll) {
-        window.scrollBy(0, 0 - tocHeight);
-      }
-      tocNav.focus();
-      sidebarMedia.addListener(autoToggle); // auto-collapse when out of room
-    }
-    else {
-      document.body.classList.add('toc-inline');
-      document.body.classList.remove('toc-sidebar');
-      toggle.innerHTML = expandSidebarText;
-      if (!skipScroll) {
-        window.scrollBy(0, tocNav.offsetHeight);
-      }
-      if (toggle.matches(':hover')) {
-        /* Unfocus button when not using keyboard navigation,
-           because I don't know where else to send the focus. */
-        toggle.blur();
-      }
-    }
-  }
-
-  function createSidebarToggle() {
-    /* Create the sidebar toggle in JS; it shouldn't exist when JS is off. */
-    var toggle = document.createElement('a');
-      /* This should probably be a button, but appearance isn't standards-track.*/
-    toggle.id = 'toc-toggle';
-    toggle.class = 'toc-toggle';
-    toggle.href = '#toc';
-    toggle.innerHTML = collapseSidebarText;
-
-    sidebarMedia.addListener(autoToggle);
-    var toggler = function(e) {
-      e.preventDefault();
-      sidebarMedia.removeListener(autoToggle); // persist explicit off states
-      toggleSidebar();
-      return false;
-    }
-    toggle.addEventListener('click', toggler, false);
-
-
-    /* Get <nav id=toc-nav>, or make it if we don't have one. */
-    var tocNav = document.getElementById('toc-nav');
-    if (!tocNav) {
-      tocNav = document.createElement('p');
-      tocNav.id = 'toc-nav';
-      /* Prepend for better keyboard navigation */
-      document.body.insertBefore(tocNav, document.body.firstChild);
-    }
-    /* While we're at it, make sure we have a Jump to Toc link. */
-    var tocJump = document.getElementById('toc-jump');
-    if (!tocJump) {
-      tocJump = document.createElement('a');
-      tocJump.id = 'toc-jump';
-      tocJump.href = '#toc';
-      tocJump.innerHTML = tocJumpText;
-      tocNav.appendChild(tocJump);
-    }
-
-    tocNav.appendChild(toggle);
-  }
-
-  var toc = document.getElementById('toc');
-  if (toc) {
-    createSidebarToggle();
-    toggleSidebar(sidebarMedia.matches);
-
-    /* If the sidebar has been manually opened and is currently overlaying the text
-       (window too small for the MQ to add the margin to body),
-       then auto-close the sidebar once you click on something in there. */
-    toc.addEventListener('click', function(e) {
-      if(e.target.tagName.toLowerCase() == "a" && document.body.classList.contains('toc-sidebar') && !sidebarMedia.matches) {
-        toggleSidebar(false);
-      }
-    }, false);
-  }
-  else {
-    console.warn("Can't find Table of Contents. Please use <nav id='toc'> around the ToC.");
-  }
-
-  /* Wrap tables in case they overflow */
-  var tables = document.querySelectorAll(':not(.overlarge) > table.data, :not(.overlarge) > table.index');
-  var numTables = tables.length;
-  for (var i = 0; i < numTables; i++) {
-    var table = tables[i];
-    var wrapper = document.createElement('div');
-    wrapper.className = 'overlarge';
-    table.parentNode.insertBefore(wrapper, table);
-    wrapper.appendChild(table);
-  }
-
-})();
-</script>
-  <h2 class="heading no-num no-ref settled" id="references"><span class="content">References</span><a class="self-link" href="#references"></a></h2>
-  <h3 class="heading no-num no-ref settled" id="normative"><span class="content">Normative References</span><a class="self-link" href="#normative"></a></h3>
-  <dl>
-   <dt id="biblio-rfc2119">[RFC2119]
-   <dd>S. Bradner. <a href="https://datatracker.ietf.org/doc/html/rfc2119"><cite>Key words for use in RFCs to Indicate Requirement Levels</cite></a>. March 1997. Best Current Practice. URL: <a href="https://datatracker.ietf.org/doc/html/rfc2119">https://datatracker.ietf.org/doc/html/rfc2119</a>
-  </dl>
\ No newline at end of file
diff --git a/themes/sr2 b/themes/sr2
index 596b4e4..1c98952 160000
--- a/themes/sr2
+++ b/themes/sr2
@@ -1 +1 @@
-Subproject commit 596b4e4810ed300bc8bc84d8b0cf2c8cde8a8582
+Subproject commit 1c9895212ec3829b7c94f8042c9d0ba060d93d81