Hi Glen, On Mon, February 4, 2008 1:09 am, Glen Zorn wrote: [snip] > Doesn't sound particularly readable to me; in any case, I don't think > that it really matters (for the purposes you describe, however unlikely > they may be) what the key name looks like. What matters is how easy it > is to find the key, which depends upon the structure of the database in > which it resides. Bingo! And by putting every key for every hierarchy for every user for every domain for every usage through SHA-256 the structure of the database is flat. I'm not particularly wed to using the EAP session ID as an index. Your suggestion of Username is perfectly fine. But the current idea of using SHA-256 is wrong. Dan. _______________________________________________ Ietf@xxxxxxxx http://www.ietf.org/mailman/listinfo/ietf