Hi all- An issue occurs to me: First... Given that each Network has exactly one NSA, then the implication is that no two different NSAs can claim to represent/be the same network. Since our discussion today decided that the Network Name (used in tuples) and the NSA_ID (used in messages) were identical, it follows then that every NSA RA requesting a connection must be identified by an NSA_ID that being a Network name also must be globally unique. Even simple user codes just requesting an adhoc connection become RAs by definition...and therefore are required to get a globally unique NSAID. For simple user requests, this seems onerous...is this really necessary? The Network names definitely need to be globally unique as they are part of a global topology model. And by implication the NSAs representing those networks should be uniquely addressible (though I contend they need/ought not be defined as the same thing). The the CS protocol, however, only talks between PA and RA. There is no inherent global scope in this relationship, and as we concluded in Hong Kong, this relationship only needs to be locally unique. I believe it would significantly simplify user codes if user RAs could dispense with constructing a verifyably global unique NSA_IDs, and simply ask the PA to respond with a locally unique NSAID that will work for the life of this connection conversation. Second, what if an "NSA" deliberately hijacks an established Network name [NSA-ID]? How do we insure this does not occur? How do we authenticate an NSA as being the proper agent to represents a specific [real] network domain? Thoughts? (I know we have authenticated sessions between trusted NSAs, but that doesn't in itself associate a network with an NSA...or more accurately, it doesn't preclude that agent from acting as another Network.) I think we need some specific language on this... Regards Jerry