Everyone, I mentioned on the call today that the Liberty Alliance effort has defined ID-WSF, a web services framework for identity management functions that may be useful to OGSA. It allows for fairly powerful identity management and integrates well with SAML and others. http://www.projectliberty.org/resource_center/specifications/ liberty_alliance_id_wsf_2_0_specifications I think it's also worth taking some time to analyze WS-Trust, a specification that intends to generalize security token exchange. http://www-128.ibm.com/developerworks/library/specification/ws-trust/ I'll just set these out for informational purposes right now without making any particular recommendations. These could both feed into profiling efforts surrounding WS-Security and WS-SecureConversation. As you read this, I'd ask you to please keep a mental distinction between protocol and token format. Thanks for your time, Nate.