Peter, The defintion cited is not appropriate since, as you note, it unenecssarily and inappropriately brings encrytpion into the picture. Our definition should cite only the use of a signature algorithm to bind a public key to a set of attributes, specifically the attributes defined in the spec (including extensions). Steve