Brian, The problem of knowing who we're corresponding with is as old as the written word. I feel that PKI provides the best solution available. I'm not familiar with LOTW, but I know the PKI process well, and I'm confident that it provides a simpler and more robust solution. There are, of course, many different ways to implement a secure process: for the moment, I'll ask that we leave aside the implementation details and talk about the idea. We could use a secure web site to give access to coordinators, or restrict ssh access to key holders, or accept only signed emails: the process is essentially the same for all. It boils down to authentication: we can issue private keys to every coordinator who seeks to use an automated process to issue IP addresses. * PGP/GPG users have access to "Keysigning parties" where other keyholders will verify their meatspace identities by inspecting their drivers license, passport, etc. * SSH and SSL users could, in theory, employ the keysigning process to verify their identity, even though it's not customary. They could also provide letters from attorneys or ministers or other public figures, attesting to their identities, in the same manner that Thawte used to verify X.509 certificates. Long story short, LOTW isn't the only way to verify an identity. There are other methods, already implemented and available, which can be used instead. Bill, KW4OC