On Thu, Dec 20, 2007 at 11:32:20AM -0500, Wyllys Ingersoll wrote: > Agreed, that was one of the points I was trying to make originally. > Max has also made the point that if we only want to map a single cert > per UID (is that a requirement?), No, it's not.