I'm glad you didn't say "they are used to authenticate a user" (although I suspect that this is what you meant). Either way it sounds like a very naive security model and someone is bound to burn himself with this (IMHO). Do you know of any resources/details for this? Dirk On Tuesday, Dec 3, 2002, at 10:31 Asia/Tokyo, Kenneth G. Mages wrote: > They would be used to identify a user for authenticated purchases.Received on Tue Dec 3 04:13:16 2002