I've been thinking about the authorizations section, and the more I look at potential bindings, the more I'm inclined to scratch this section until we get specific feedback that this is needed.  The main reason is that authorization is built into a number of the binding protocols like SRU, NCIP, OpenSearch, etc.   The main thing I think that I'm concerned about is adding an unneeded layer of complexity.   What do folks think?