Folks, We discussed about the "Administrative information" to be with Creation of the "AA instance". After discussed with Sachiko, we believe AA instance should have two class of meta information; one that is supplied by client and described in AAD and the one that is augmented by ACS on creation and thereafter. The latter will include creation time and owner information. Owner information will come from the security token or user identity information contained in each ARI request, probably in a SOAP header part. That information may be created by system security entity on prior user authentication and may be an opaque data structure that can be fully interpreted by only the security entity. We will additionally discuss this in today's call. -Keisuke