Hi Joel, >Yes, authentication is necessary to modify the entries. (Whether one should be authenticated before reading varies from case to case.) >But authentication does not require a separate identity. Exactly what it requires depends upon how the system is constructed. IMHO, provider based AUTH is needed in lot of cases if we really want to build a solid system which enables mobility. I responded to Jari, who is a pioneer and who helped spec out one of the best AUTH methods & systems successfully deployed ever with his https://tools.ietf.org/html/rfc4187 (but he did it for another most successful SDO, with all constructs like Pseudonyms and fast-re-auth-ids) didn't see the need for the same here. May be as you indicated there is something missing in the charter that didn't reflect the need. -- Uma C.