So it does. I was thinking about what's in the architecture document for guidelines in the 'must implement' department. Do we really have both documents dictating things? Should we? At 03:54 PM 7/21/97 -0700, you wrote: >The DOI has always listed both SHA-1 and MD5 as MUST implement. > >Derrell > >