OK, so would another way to say this be that the Processed-By concept is not
meant to be useful for authorization or authentication, but to be a
(somewhat) human readable log of what happened for troublshooting or other
purposes and that the SUBMITTER identity is meant to be used for
authorization processing?
Yes, exactly!
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net