Basically, every example given so far uses an ID value which can be verified against the cert. Can anyone give a realistic example of a case where we would *not* want the ID to match something in the cert? Scott