> I was not suggesting they be ephemeral. I just was suggesting > that the behavior be that in the absence of evidence to the > contrary, the user name foo maps to the disk uid foo.
I agree unreservedly, as it's the simplest and therefore most likely to work. I added the type of complications that are made necessary by the somewhat uncooperative nature of Internet visitors. Ephemeral accounts would have their place, too, I think, whether it would be the default or the exception. Maybe you need to log in a second time to collect the signature on the certificate that was issued first time around (says he, without stopping to think - don't shoot!). ++L
