I noticed that a security section is needed in the doc. I'm not a security expert, however I like how Rackspace cloud modeled their security as it starts with an authentication URI which returns in the response a session unique access URI for all subsequent service calls (assuming the authentication was successful). This creates a session of sorts which will expire after a time or could end upon request I believe. I noticed that the Sun Cloud API takes a different approach which requires basic authentication for every request. Anyway - just wanted to make sure we get something captured in this area. Since the RackSpace APIs are open now (right?) - there model might be good to examine (as well as others of course). http://www.rackspacecloud.com/cloud_hosting_products/servers/api http://kenai.com/projects/suncloudapis/pages/CommonBehaviors Michael Behrens R2AD, LLC (571) 594-3008 (cell) (703) 714-0442 (land)