i am with you there. this whole 'error thing' seems to have taken on a life of its own. for lack of a better phrase, errors can be very personal things. i don't understand all of the relevant issues since it is hard for me to absorb the discussion without a whiteboard, but it seems to me that we are quickly merging onto the road to non-interoperability; i posit that we are dabbling in operational issues whereas we should be focused on access control description. does anyone else share this concern? b Polar Humenn wrote: > Aside from writing policies which depend on ERRORs happening, a policy > writing methodology that I abhore, I would rather have a separate function > called "on-error" specifying a value of a specific type. > > -Polar