>Put simply, delegating to a server is a dangerous business. We require >MUTUAL_AUTH to ensure that you're really delegating to the correct, >intended entity. And to further follow up to the original message .... Is there any reason to _NOT_ do mutual authentication? --Ken