Hi there, We just had a problem with the RFC3068-MNT object, from what I can see, if you have an object with at least one auth: MD5 ... Only people that have one of the passwords can see the object in the webupdater and get the full object to manipulate the object. So now, instead of having a chance to get rid of shared passwords/passphrases, everybody needs to have one, because of the way objects are filtered. Only idea I've had so far, would be that there should be a way to request an object in a way where I can authenticate with my PGPKEY, for instance using email and not a webbrowser, so I'd sign a mail requesting an object, with a key that would be listed as authentication in the object I request, and that would return the unfiltered object to me. Of course, the other solution is to just get hold of all the people with an auth: MD5 line and make them take it out, that way you can get the full object without authenticating on the webupdater. I'm not sure if my thought here is useable, good or practical. But it someone can come up with a brilliant way to make shared objects of this kind smoothly, I suspect the people implementing the database will be eager to hear about it, and at the very least the people behind RFC3068-MNT will be gratefull. /Anders Forskningsnettet dk.denet