We recently received a CSR request. I was asked how we're supposed to respond. Looking through what we had sent out in the past was... less than satisfactory to me. It seemed too simplistic. Unfortunately, when I Googled for additional input, I got a range of: "Ask your provider, they'll know" I am the provider and I don't know, which is why I'm searching Some companies only send CSRs to customers Some companies only send CSRs to carriers Some companies don't send CSRs at all Are there any best practices out there regarding what should be sent to whom and what authorization is checked before sending? ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com