Dan Harkins wrote: > Yea, mapping by Username might be better. Oone reason is that you > could develop a rational searching strategy to identify keys if you > indexed with something like "Username". That is a great suggestion and > a useful alternative to what is in the draft now. I would support such > a change. It is also existing practice. The term "hotlining" refers to the process of pro-actively kicking a user offline after they have previously been authenticated. ERX has to be able to support this practice. It has to be able to delete *all* keys associated with a particular user/cui/session, so that those keys can no longer be used to obtain network access. Alan DeKok. _______________________________________________ Ietf@xxxxxxxx http://www.ietf.org/mailman/listinfo/ietf