Comment #7 on issue 41 by thost...@gmail.com: Do we replace the replyTo field with a topology/NSA configuration lookup? http://code.google.com/p/ogf-nsi-project/issues/detail?id=41 I agree that the requesterNSA cannot be used for any authN / authZ. The MTL / protocol layer can provide a set of attributes, e.g., IP, certificate identity, etc. These can then be used for authorization. We cannot really use anything in the message for authN / authZ. I also have hard time seeing what we actually need the requeserNSA and providerNSA field for. They seem descriptive / informational to me. In general, the protocol seems to be designed around the assumption that theere is a more or less static set of NSI agents, which only communicates with each other. This is assumption is starting to fall apart as we are starting to use the protocol. There will be clients for querying (e.g., the visualization tool), and it is likely that there will be some short-lived clients requesting connections. There will probably be more. An NSI agent will not always be communicating with another NSI agent.