In the morning we begin by understanding the difference between encryption and authorization and the resulting the requirements of authorization; we expand our scope of requirement discussion; then focus the question on protocol and end-to-end security issues. The afternoon we focus on the present proposals, identify issues, determine direction, and discuss how to move forward.