Hi group, we managed to corner the Security Area ADs at GGF in Athens, and to get some statements from them in respect to: "What security paradigms are generically available in Grids, and what should be exposed to the end user?" Well, their answer was basically, that there is no agreed upon approach in the scope of GGF, so, the best we can do is to look at Grid implementations, and abstract/generalize their security paradigms. A viable approach in their opinion would be to base security settings on strings, and allow the implementation to interpret them accordingly. That approach is very close to what we have right now for sessions, and what we want to have for streams. Shantenu and I discussed that shortly, and would like to propose as follows: - for the time being, keep security out of the API where not absolutely necessary - where absolutely necessary (case by case), keep exposure of security paradigms simple and generic I think the notion of context that we have in the SAGA API fits that approach well: by default they are invisible. We would be happy to get comments, also from the Cc'ed Security ADs (hope we interpreted your answer correctly). Cheers, Andre & Shantenu. -- "So much time, so little to do..." -- Garfield