I'm not sure of the benefit of having multiple AH transforms mandatory to implement. I thought the purpose of having *one* was to insure interoperability and to perhaps provide some kind of baseline. Having two will just muddy the waters, so to speak. On that note, I think selecting HMAC SHA as mandatory and HMAC MD5 as optional is best. Rob G. rob.glenn@nist.gov