> My idea ... is to rely on digital certificate with particular > attributes. I am against building application information into Certificates. They are merely a trust mechanism. Every time you add to the content you make it harder to achieve interoperability. Push the application specific logic back into the application. Chris