>IIRC there isn't at the moment. One thought that comes to mind immediately: > >If there were it should not be enabled by default or others will try to forge >the results. It should only be enabled if a "trust boundary" ><http://tools.ietf.org/html/rfc5451#section-1.2> has been established. The >documentation should mention that.
You'd need to configure it to tell which authids to accept, perhaps defaulting to the host name of the machine SA is running on since that's a likely default for the authid.
