diff --git a/libretroshare/src/dbase/cachestrapper.cc b/libretroshare/src/dbase/cachestrapper.cc
index e792d7c48..4a4075aa1 100644
--- a/libretroshare/src/dbase/cachestrapper.cc
+++ b/libretroshare/src/dbase/cachestrapper.cc
@@ -92,7 +92,7 @@ bool    CacheSource::loadLocalCache(const CacheData &data)
 }
 	
         /* control Caches available */
-bool    CacheSource::refreshCache(const CacheData &data,const std::set<std::string>& destination_peers)
+bool CacheSource::refreshCache(const CacheData &data,const std::set<std::string>& destination_peers)
 {
 	bool ret = false;
 	{
@@ -118,9 +118,18 @@ bool    CacheSource::refreshCache(const CacheData &data,const std::set<std::stri
 			ret = true;
 		}
 	}
+	// Strip down destination peers to eliminate peers that are not allowed to receive cache items.
 
 	if (mStrapper) /* allow testing without full feedback */
-		mStrapper->refreshCache(data,destination_peers);
+	{
+		std::set<std::string> allowed_dest_peers ;
+
+		for(std::set<std::string>::const_iterator it(destination_peers.begin());it!=destination_peers.end();++it)
+			if(isPeerAcceptedAsCacheReceiver(*it))
+				allowed_dest_peers.insert(*it) ;
+
+		mStrapper->refreshCache(data,allowed_dest_peers);
+	}
 
 	return ret;
 }
@@ -150,12 +159,58 @@ bool    CacheSource::refreshCache(const CacheData &data)
 			ret = true;
 		}
 	}
+	// Strip down destination peers to eliminate peers that are not allowed to receive cache items.
+
+	std::list<std::string> ids;
+	rsPeers->getOnlineList(ids);
 
 	if (mStrapper) /* allow testing without full feedback */
-		mStrapper->refreshCache(data);
+	{
+		std::set<std::string> allowed_dest_peers ;
+
+		for(std::list<std::string>::const_iterator it(ids.begin());it!=ids.end();++it)
+			if(isPeerAcceptedAsCacheReceiver(*it))
+				allowed_dest_peers.insert(*it) ;
+
+		mStrapper->refreshCache(data,allowed_dest_peers);
+	}
 
 	return ret;
-}	
+
+}
+
+// bool    CacheSource::refreshCache(const CacheData &data)
+// {
+// 	bool ret = false;
+// 	{
+// 		RsStackMutex mtx(cMutex); /* LOCK MUTEX */
+// 
+// 		if (data.cid.type == getCacheType())
+// 		{
+// 			int subid = 0;
+// 			if (isMultiCache())
+// 			{
+// 				subid = data.cid.subid;
+// 			}
+// 
+// 			/* Backup the old Caches */
+// 			CacheSet::const_iterator it;
+// 			if (caches.end() != (it = caches.find(subid)))
+// 			{
+// 				mOldCaches[it->second.hash] = it->second;
+// 			}
+// 
+// 			/* store new cache */
+// 			caches[subid] = data;
+// 			ret = true;
+// 		}
+// 	}
+// 
+// 	if (mStrapper) /* allow testing without full feedback */
+// 		mStrapper->refreshCache(data);
+// 
+// 	return ret;
+// }	
 bool    CacheSource::clearCache(CacheId id)
 {
 	lockData(); /* LOCK MUTEX */
@@ -177,8 +232,11 @@ bool    CacheSource::clearCache(CacheId id)
 	return ret;
 }
 		
-bool    CacheSource::cachesAvailable(RsPeerId /* pid */, std::map<CacheId, CacheData> &ids)
+bool    CacheSource::cachesAvailable(RsPeerId pid, std::map<CacheId, CacheData> &ids)
 {
+	if(!isPeerAcceptedAsCacheReceiver(pid))
+		return false ;
+
 	lockData(); /* LOCK MUTEX */
 
 	/* can overwrite for more control! */
@@ -414,7 +472,8 @@ void	CacheStore::availableCache(const CacheData &data)
 	}
 
 	/* request it */
-	cacheTransfer -> RequestCache(rData, this);
+	if(isPeerAcceptedAsCacheProvider(rData.pid)) 					// Check for service permission
+		cacheTransfer -> RequestCache(rData, this);
 
 	/* will get callback when it is complete */
 	return;
@@ -579,7 +638,7 @@ void    CacheStrapper::statusChange(const std::list<pqipeer> &plist)
 	std::list<pqipeer>::const_iterator it;
 	for(it = plist.begin(); it != plist.end(); it++)
 	{
-		if (it->actions & RS_PEER_CONNECTED)
+		if(it->actions & RS_PEER_CONNECTED)
 		{
 			/* grab all the cache ids and add */
 
@@ -607,43 +666,46 @@ void	CacheStrapper::refreshCache(const CacheData &data,const std::set<std::strin
 #ifdef CS_DEBUG 
 	std::cerr << "CacheStrapper::refreshCache() : " << data << std::endl;
 #endif
+	std::string ownid = mLinkMgr->getOwnId() ;
 	std::list<std::string> ids;
 	mLinkMgr->getOnlineList(ids);
-	ids.push_back(mLinkMgr->getOwnId()) ;
+	ids.push_back(ownid) ;
 
 	RsStackMutex stack(csMtx); /******* LOCK STACK MUTEX *********/
 	for(std::list<std::string>::const_iterator it = ids.begin(); it != ids.end(); ++it)
-		if(destination_peers.find(*it) != destination_peers.end())
-		{
+			if(destination_peers.find(*it) != destination_peers.end())
+			{
 #ifdef CS_DEBUG 
-			std::cerr << "CacheStrapper::refreshCache() Send To: " << *it << std::endl;
+				std::cerr << "CacheStrapper::refreshCache() Send To: " << *it << std::endl;
 #endif
-			mCacheUpdates.push_back(std::make_pair(*it, data));
-		}
+				mCacheUpdates.push_back(std::make_pair(*it, data));
+			}
 
 	IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/
 }
 
-void	CacheStrapper::refreshCache(const CacheData &data)
-{
-	/* we've received an update 
-	 * send to all online peers + self
-	 */
-#ifdef CS_DEBUG 
-	std::cerr << "CacheStrapper::refreshCache() : " << data << std::endl;
-#endif
-
-	std::list<std::string> ids;
-	mLinkMgr->getOnlineList(ids);
-	ids.push_back(mLinkMgr->getOwnId()) ;
-
-	{
-		RsStackMutex stack(csMtx); /******* LOCK STACK MUTEX *********/
-		for(std::list<std::string>::const_iterator it = ids.begin(); it != ids.end(); ++it)
-			mCacheUpdates.push_back(std::make_pair(*it, data));
-	}
-	IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/
-}
+// void	CacheStrapper::refreshCache(const CacheData &data)
+// {
+// 	/* we've received an update 
+// 	 * send to all online peers + self
+// 	 */
+// #ifdef CS_DEBUG 
+// 	std::cerr << "CacheStrapper::refreshCache() : " << data << std::endl;
+// #endif
+// 
+// 	std::string ownid = mLinkMgr->getOwnId() ;
+// 	std::list<std::string> ids;
+// 	mLinkMgr->getOnlineList(ids);
+// 	ids.push_back(ownid) ;
+// 
+// 	{
+// 		RsStackMutex stack(csMtx); /******* LOCK STACK MUTEX *********/
+// 		for(std::list<std::string>::const_iterator it = ids.begin(); it != ids.end(); ++it)
+// 			if(*it == ownid || isPeerPartipating(*it))
+// 				mCacheUpdates.push_back(std::make_pair(*it, data));
+// 	}
+// 	IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/
+// }
 
 void	CacheStrapper::refreshCacheStore(const CacheData & /* data */ )
 {
diff --git a/libretroshare/src/dbase/cachestrapper.h b/libretroshare/src/dbase/cachestrapper.h
index 36d3c36e0..99bd6554b 100644
--- a/libretroshare/src/dbase/cachestrapper.h
+++ b/libretroshare/src/dbase/cachestrapper.h
@@ -186,6 +186,9 @@ class CacheSource
 		bool  refreshCache(const CacheData &data);
 		bool 	clearCache(CacheId id);
 
+		/* controls if peer is an accepted receiver for cache items. Default is yes. To be overloaded. */
+		virtual bool isPeerAcceptedAsCacheReceiver(const std::string& peer_id)  { return true ; }
+
 			/* get private data */
 		std::string getCacheDir()    { return cacheDir;   }
 		bool        isMultiCache()   { return multiCache; }
@@ -272,6 +275,9 @@ class CacheStore
 
 			/* virtual functions overloaded by cache implementor */
 
+		/* controls if peer is an accepted provider for cache items. Default is yes. To be overloaded. */
+		virtual bool isPeerAcceptedAsCacheProvider(const std::string& peer_id)  { return true ; }
+
 		/*!
 		 * @param data cache data is stored here
 		 * @return false is failed (cache does not exist), otherwise true
diff --git a/libretroshare/src/distrib/p3distrib.cc b/libretroshare/src/distrib/p3distrib.cc
index faed9e913..031e893e9 100644
--- a/libretroshare/src/distrib/p3distrib.cc
+++ b/libretroshare/src/distrib/p3distrib.cc
@@ -261,6 +261,16 @@ CacheDataPending::CacheDataPending(const CacheData &data, bool local, bool histo
 	return;
 }
 
+bool p3GroupDistrib::isPeerAcceptedAsCacheProvider(const std::string& ssl_id)
+{
+	return rsPeers->servicePermissionFlags_sslid(ssl_id) & RS_SERVICE_PERM_DISTRIB ;
+}
+
+bool p3GroupDistrib::isPeerAcceptedAsCacheReceiver(const std::string& ssl_id)
+{
+	return rsPeers->servicePermissionFlags_sslid(ssl_id) & RS_SERVICE_PERM_DISTRIB ;
+}
+
 void p3GroupDistrib::HistoricalCachesDone()
 {
 	RsStackMutex stack(distribMtx);
diff --git a/libretroshare/src/distrib/p3distrib.h b/libretroshare/src/distrib/p3distrib.h
index 9db10f408..9a8cde917 100644
--- a/libretroshare/src/distrib/p3distrib.h
+++ b/libretroshare/src/distrib/p3distrib.h
@@ -287,6 +287,11 @@ class p3GroupDistrib: public CacheSource, public CacheStore, public p3Config, pu
 
 	private:
 
+		// derived from CacheSource
+		virtual bool isPeerAcceptedAsCacheReceiver(const std::string& ssl_id) ;
+		// derived from CacheStore
+		virtual bool isPeerAcceptedAsCacheProvider(const std::string& ssl_id) ;
+
 		/* these lists are filled by the overloaded fns... then cleared by the thread */
 		bool mHistoricalCaches; // initially true.... falsified by HistoricalCachesDone() 
 		std::list<CacheDataPending> mPendingCaches;
diff --git a/libretroshare/src/pqi/p3cfgmgr.cc b/libretroshare/src/pqi/p3cfgmgr.cc
index fac75c5e7..f50f16534 100644
--- a/libretroshare/src/pqi/p3cfgmgr.cc
+++ b/libretroshare/src/pqi/p3cfgmgr.cc
@@ -939,6 +939,9 @@ bool p3Config::saveConfig()
 
 	written = written && stream->encryptedSendItems(toSave);
 
+	if(!written)
+		std::cerr << "(EE) Error while writing config file " << Filename() << ": file dropped!!" << std::endl;
+
 	/* store the hash */
 	setHash(cfg_bio->gethash());
 
diff --git a/libretroshare/src/pqi/p3cfgmgr.h b/libretroshare/src/pqi/p3cfgmgr.h
index 8efe5394c..ba2221ed6 100644
--- a/libretroshare/src/pqi/p3cfgmgr.h
+++ b/libretroshare/src/pqi/p3cfgmgr.h
@@ -150,7 +150,7 @@ const std::string& Hash();
 /**
  * Checks if configuration has changed
  */
-void	IndicateConfigChanged();
+virtual void	IndicateConfigChanged();
 void	setHash(const std::string& h);
 
 	RsMutex cfgMtx;
diff --git a/libretroshare/src/pqi/p3peermgr.cc b/libretroshare/src/pqi/p3peermgr.cc
index 2e745f4d2..a63c320c1 100644
--- a/libretroshare/src/pqi/p3peermgr.cc
+++ b/libretroshare/src/pqi/p3peermgr.cc
@@ -441,7 +441,7 @@ bool    p3PeerMgrIMPL::haveOnceConnected()
 /*******************************************************************/
 /*******************************************************************/
 
-bool p3PeerMgrIMPL::addFriend(const std::string& input_id, const std::string& input_gpg_id, uint32_t netMode, uint32_t visState, time_t lastContact)
+bool p3PeerMgrIMPL::addFriend(const std::string& input_id, const std::string& input_gpg_id, uint32_t netMode, uint32_t visState, time_t lastContact,ServicePermissionFlags service_flags)
 {
 	bool notifyLinkMgr = false;
 	std::string id = input_id ;
@@ -463,7 +463,8 @@ bool p3PeerMgrIMPL::addFriend(const std::string& input_id, const std::string& in
 		RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/
 
 
-		if (id == AuthSSL::getAuthSSL()->OwnId()) {
+		if (id == AuthSSL::getAuthSSL()->OwnId()) 
+		{
 #ifdef PEER_DEBUG
 			std::cerr << "p3PeerMgrIMPL::addFriend() cannot add own id as a friend." << std::endl;
 #endif
@@ -560,6 +561,8 @@ bool p3PeerMgrIMPL::addFriend(const std::string& input_id, const std::string& in
 		mLinkMgr->addFriend(id, !(visState & RS_VIS_STATE_NODHT));
 	}
 
+	setServicePermissionFlags(gpg_id,service_flags) ;
+
 #ifdef PEER_DEBUG
 	printPeerLists(std::cerr);
 	mLinkMgr->printPeerLists(std::cerr);
@@ -579,7 +582,8 @@ bool p3PeerMgrIMPL::removeFriend(const std::string &id)
 
         rslog(RSL_WARNING, p3peermgrzone, "p3PeerMgr::removeFriend() id: " + id);
 
-	std::list<std::string> toRemove; // This is a list of SSLIds.
+	std::list<std::string> sslid_toRemove; // This is a list of SSLIds.
+	std::list<std::string> pgpid_toRemove; // This is a list of SSLIds.
 
 	{
 		RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/
@@ -596,7 +600,8 @@ bool p3PeerMgrIMPL::removeFriend(const std::string &id)
 #endif
 				peerState peer = it->second;
 
-				toRemove.push_back(it->second.id);
+				sslid_toRemove.push_back(it->second.id);
+				pgpid_toRemove.push_back(it->second.gpg_id);
 
 				mOthersList[id] = peer;
 				mStatusChanged = true;
@@ -606,13 +611,15 @@ bool p3PeerMgrIMPL::removeFriend(const std::string &id)
 		}
 
 		std::list<std::string>::iterator rit;
-		for(rit = toRemove.begin(); rit != toRemove.end(); rit++) 
-		{
+		for(rit = sslid_toRemove.begin(); rit != sslid_toRemove.end(); rit++) 
 			if (mFriendList.end() != (it = mFriendList.find(*rit))) 
-			{
 				mFriendList.erase(it);
-			}
-		}
+
+		std::map<std::string,ServicePermissionFlags>::iterator it2 ;
+
+		for(rit = pgpid_toRemove.begin(); rit != pgpid_toRemove.end(); rit++) 
+			if (mFriendsPermissionFlags.end() != (it2 = mFriendsPermissionFlags.find(*rit))) 
+				mFriendsPermissionFlags.erase(it2);
 
 #ifdef PEER_DEBUG
 		std::cerr << "p3PeerMgrIMPL::removeFriend() new mFriendList.size() : " << mFriendList.size() << std::endl;
@@ -620,7 +627,7 @@ bool p3PeerMgrIMPL::removeFriend(const std::string &id)
 	}
 
 	std::list<std::string>::iterator rit;
-	for(rit = toRemove.begin(); rit != toRemove.end(); rit++) 
+	for(rit = sslid_toRemove.begin(); rit != sslid_toRemove.end(); rit++) 
 	{
 		mLinkMgr->removeFriend(*rit);
 	}
@@ -638,7 +645,7 @@ bool p3PeerMgrIMPL::removeFriend(const std::string &id)
 	mLinkMgr->printPeerLists(std::cerr);
 #endif
 
-        return !toRemove.empty();
+        return !sslid_toRemove.empty();
 }
 
 
@@ -1312,6 +1319,17 @@ bool p3PeerMgrIMPL::saveList(bool &cleanup, std::list<RsItem *>& saveData)
 #endif
 	}
 
+	RsPeerServicePermissionItem *sitem = new RsPeerServicePermissionItem ;
+
+	for(std::map<std::string,ServicePermissionFlags>::const_iterator it(mFriendsPermissionFlags.begin());it!=mFriendsPermissionFlags.end();++it)
+	{
+		sitem->pgp_ids.push_back(it->first) ;
+		sitem->service_flags.push_back(it->second) ;
+	}
+
+	saveData.push_back(sitem) ;
+	saveCleanupList.push_back(sitem);
+
 	// Now save config for network digging strategies
 	
 	RsConfigKeyValueSet *vitem = new RsConfigKeyValueSet ;
@@ -1414,7 +1432,7 @@ bool  p3PeerMgrIMPL::loadList(std::list<RsItem *>& load)
 				std::cerr << std::endl;
 #endif
 				/* ************* */
-				addFriend(pitem->pid, pitem->gpg_id, pitem->netMode, pitem->visState, pitem->lastContact);
+				addFriend(pitem->pid, pitem->gpg_id, pitem->netMode, pitem->visState, pitem->lastContact, RS_SERVICE_PERM_ALL);
 				setLocation(pitem->pid, pitem->location);
 			}
 			
@@ -1483,6 +1501,23 @@ bool  p3PeerMgrIMPL::loadList(std::list<RsItem *>& load)
 
 			continue;
 		}
+		RsPeerServicePermissionItem *sitem = dynamic_cast<RsPeerServicePermissionItem*>(*it) ;
+
+		if(sitem)
+		{
+			RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/
+
+			std::cerr << "Loaded service permission item: " << std::endl;
+
+			for(uint32_t i=0;i<sitem->pgp_ids.size();++i)
+				if(AuthGPG::getAuthGPG()->isGPGAccepted(sitem->pgp_ids[i]))
+				{
+					mFriendsPermissionFlags[sitem->pgp_ids[i]] = sitem->service_flags[i] ;
+					std::cerr << "   " << sitem->pgp_ids[i] << " - " << sitem->service_flags[i] << std::endl;
+				}
+				else
+					std::cerr << "   " << sitem->pgp_ids[i] << " - Not a friend!" << std::endl;
+		}
 
 		delete (*it);
 	}
@@ -1766,6 +1801,52 @@ bool p3PeerMgrIMPL::assignPeersToGroup(const std::string &groupId, const std::li
 }
 
 
+/**********************************************************************
+ **********************************************************************
+ ******************** Service permission stuff ************************
+ **********************************************************************
+ **********************************************************************/
+
+ServicePermissionFlags p3PeerMgrIMPL::servicePermissionFlags_sslid(const std::string& ssl_id)
+{
+		RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/
+
+		std::map<std::string, peerState>::const_iterator it = mFriendList.find(ssl_id);
+
+	if(it == mFriendList.end())
+		return RS_SERVICE_PERM_ALL ;
+	else
+		return servicePermissionFlags(it->second.gpg_id) ;
+}
+
+
+ServicePermissionFlags p3PeerMgrIMPL::servicePermissionFlags(const std::string& pgp_id)
+{
+		// 
+		std::map<std::string,ServicePermissionFlags>::const_iterator it = mFriendsPermissionFlags.find( pgp_id ) ;
+
+		if(it == mFriendsPermissionFlags.end())
+			return RS_SERVICE_PERM_ALL ;
+		else
+			return it->second ;
+}
+void p3PeerMgrIMPL::setServicePermissionFlags(const std::string& pgp_id, const ServicePermissionFlags& flags)
+{
+		RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/
+
+		// Check that we have a PGP id. This should not be necessary, but because
+		// we use std::string, anything can get passed down here.
+		//
+		if(pgp_id.length() != 16)
+		{
+			std::cerr << "Bad parameter passed to setServicePermissionFlags(): " << pgp_id << std::endl;
+			return ;
+		}
+
+		mFriendsPermissionFlags[pgp_id] = flags ;
+		IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/
+}
+
 /**********************************************************************
  **********************************************************************
  ******************** Stuff moved from p3peers ************************
diff --git a/libretroshare/src/pqi/p3peermgr.h b/libretroshare/src/pqi/p3peermgr.h
index e66613eb4..14c822cea 100644
--- a/libretroshare/src/pqi/p3peermgr.h
+++ b/libretroshare/src/pqi/p3peermgr.h
@@ -26,6 +26,7 @@
 #ifndef MRK_PQI_PEER_MANAGER_HEADER
 #define MRK_PQI_PEER_MANAGER_HEADER
 
+#include <retroshare/rspeers.h>
 #include "pqi/pqimonitor.h"
 #include "pqi/pqiipset.h"
 #include "pqi/pqiassist.h"
@@ -122,7 +123,7 @@ class p3PeerMgr
 virtual ~p3PeerMgr() { return; }
 
 virtual bool 	addFriend(const std::string &ssl_id, const std::string &gpg_id, uint32_t netMode = RS_NET_MODE_UDP,
-	   uint32_t visState = RS_VIS_STATE_STD , time_t lastContact = 0) = 0;
+	   uint32_t visState = RS_VIS_STATE_STD , time_t lastContact = 0,ServicePermissionFlags = RS_SERVICE_PERM_ALL) = 0;
 virtual bool	removeFriend(const std::string &ssl_id) = 0;
 
 virtual bool	isFriend(const std::string &ssl_id) = 0;
@@ -141,6 +142,9 @@ virtual bool    getGroupInfo(const std::string &groupId, RsGroupInfo &groupInfo)
 virtual bool    getGroupInfoList(std::list<RsGroupInfo> &groupInfoList) = 0;
 virtual bool    assignPeersToGroup(const std::string &groupId, const std::list<std::string> &peerIds, bool assign) = 0;
 
+	virtual ServicePermissionFlags servicePermissionFlags(const std::string& gpg_id) =0;
+	virtual ServicePermissionFlags servicePermissionFlags_sslid(const std::string& ssl_id) =0;
+	virtual void setServicePermissionFlags(const std::string& gpg_id,const ServicePermissionFlags& flags) =0;
 
 	/**************** Set Net Info ****************/
 	/*
@@ -210,7 +214,7 @@ class p3PeerMgrIMPL: public p3PeerMgr, public p3Config
 /************************************************************************************************/
 
 virtual bool 	addFriend(const std::string &ssl_id, const std::string &gpg_id, uint32_t netMode = RS_NET_MODE_UDP,
-	   uint32_t visState = RS_VIS_STATE_STD , time_t lastContact = 0);
+	   uint32_t visState = RS_VIS_STATE_STD , time_t lastContact = 0,ServicePermissionFlags = RS_SERVICE_PERM_ALL);
 virtual bool	removeFriend(const std::string &ssl_id);
 
 virtual bool	isFriend(const std::string &ssl_id);
@@ -229,6 +233,9 @@ virtual bool    getGroupInfo(const std::string &groupId, RsGroupInfo &groupInfo)
 virtual bool    getGroupInfoList(std::list<RsGroupInfo> &groupInfoList);
 virtual bool    assignPeersToGroup(const std::string &groupId, const std::list<std::string> &peerIds, bool assign);
 
+	virtual ServicePermissionFlags servicePermissionFlags(const std::string& gpg_id) ;
+	virtual ServicePermissionFlags servicePermissionFlags_sslid(const std::string& ssl_id) ;
+	virtual void setServicePermissionFlags(const std::string& gpg_id,const ServicePermissionFlags& flags) ;
 
 	/**************** Set Net Info ****************/
 	/*
@@ -330,13 +337,15 @@ private:
 
 	peerState mOwnState;
 
-	std::map<std::string, peerState> mFriendList;
+	std::map<std::string, peerState> mFriendList;	// <SSLid , peerState>
 	std::map<std::string, peerState> mOthersList;
 
 	std::list<RsPeerGroupItem *> groupList;
 	uint32_t lastGroupId;
 
 	std::list<RsItem *> saveCleanupList; /* TEMPORARY LIST WHEN SAVING */
+
+	std::map<std::string, ServicePermissionFlags> mFriendsPermissionFlags ; // permission flags for each gpg key
 };
 
 #endif // MRK_PQI_PEER_MANAGER_HEADER
diff --git a/libretroshare/src/pqi/pqistore.cc b/libretroshare/src/pqi/pqistore.cc
index c3a0e663b..effc4d503 100644
--- a/libretroshare/src/pqi/pqistore.cc
+++ b/libretroshare/src/pqi/pqistore.cc
@@ -384,7 +384,10 @@ bool pqiSSLstore::encryptedSendItems(const std::list<RsItem*>& rsItemList)
 	{
 		sizeItem = rsSerialiser->size(*it);
 		if(!rsSerialiser->serialise(*it, (data+offset),&sizeItem))
+		{
+			std::cerr << "(EE) pqiSSLstore::encryptedSendItems(): One item did not serialize. sizeItem=" << sizeItem << ". Dropping the entire file. " << std::endl;
 			return false;
+		}
 		offset += sizeItem;
 
 		if (!(bio_flags & BIN_FLAGS_NO_DELETE))
diff --git a/libretroshare/src/retroshare/rsflags.h b/libretroshare/src/retroshare/rsflags.h
index d221cf891..5f3668182 100644
--- a/libretroshare/src/retroshare/rsflags.h
+++ b/libretroshare/src/retroshare/rsflags.h
@@ -52,13 +52,24 @@ template<int n> class t_RsFlags32
 		uint32_t _bits ;
 };
 
-#define FLAGS_TAG_FILE_SEARCH 	0xf29ba5
-#define FLAGS_TAG_PERMISSION  	0x8133ea
 #define FLAGS_TAG_TRANSFER_REQS 	0x4228af
 #define FLAGS_TAG_FILE_STORAGE 	0x184738
+#define FLAGS_TAG_FILE_SEARCH 	0xf29ba5
+#define FLAGS_TAG_SERVICE_PERM 	0x380912
 
-typedef t_RsFlags32<FLAGS_TAG_PERMISSION> 	FilePermissionFlags ;
+// Flags for requesting transfers, ask for turtle, cache, speed, etc.
+//
 typedef t_RsFlags32<FLAGS_TAG_TRANSFER_REQS> TransferRequestFlags ;
-typedef t_RsFlags32<FLAGS_TAG_FILE_STORAGE > FileStorageFlags ;			// this makes it a uint32_t class incompatible with other flag class
-typedef t_RsFlags32<FLAGS_TAG_FILE_SEARCH  > FileSearchFlags ;			// this makes it a uint32_t class incompatible with other flag class
+
+// Flags for file storage. Mainly permissions like BROWSABLE/NETWORK_WIDE for groups and peers.
+//
+typedef t_RsFlags32<FLAGS_TAG_FILE_STORAGE > FileStorageFlags ;			
+
+// Flags for searching in files that could be local, downloads, remote, etc.
+//
+typedef t_RsFlags32<FLAGS_TAG_FILE_SEARCH  > FileSearchFlags ;			
+
+// Service permissions. Will allow each user to use or not use each service.
+//
+typedef t_RsFlags32<FLAGS_TAG_SERVICE_PERM > ServicePermissionFlags ;			
 
diff --git a/libretroshare/src/retroshare/rspeers.h b/libretroshare/src/retroshare/rspeers.h
index 8e1e4202f..89dc989c4 100644
--- a/libretroshare/src/retroshare/rspeers.h
+++ b/libretroshare/src/retroshare/rspeers.h
@@ -66,6 +66,14 @@ const uint32_t RS_PEER_STATE_ONLINE	= 0x0002;
 const uint32_t RS_PEER_STATE_CONNECTED  = 0x0004;
 const uint32_t RS_PEER_STATE_UNREACHABLE= 0x0008;
 
+// Service permission flags. 
+//
+const ServicePermissionFlags RS_SERVICE_PERM_TURTLE     ( 0x00000001 ) ;	
+const ServicePermissionFlags RS_SERVICE_PERM_DISCOVERY  ( 0x00000002 ) ;
+const ServicePermissionFlags RS_SERVICE_PERM_DISTRIB    ( 0x00000004 ) ;
+const ServicePermissionFlags RS_SERVICE_PERM_ALL        = RS_SERVICE_PERM_TURTLE | RS_SERVICE_PERM_DISCOVERY | RS_SERVICE_PERM_DISTRIB ;
+// ...
+
 /* Connect state */
 const uint32_t RS_PEER_CONNECTSTATE_TRYING_TUNNEL     = 1;
 const uint32_t RS_PEER_CONNECTSTATE_TRYING_TCP        = 2;
@@ -171,6 +179,9 @@ class RsPeerDetails
 
 	bool accept_connection;
 
+	/* Peer permission flags. What services the peer can use (Only valid if friend).*/
+	ServicePermissionFlags service_perm_flags ;
+
 	/* Network details (only valid if friend) */
 	uint32_t		state;
 
@@ -247,7 +258,7 @@ class RsPeers
 		virtual bool    getAssociatedSSLIds(const std::string &gpg_id, std::list<std::string> &ids) = 0;
 
 		/* Add/Remove Friends */
-		virtual	bool addFriend(const std::string &ssl_id, const std::string &gpg_id)    = 0;
+		virtual	bool addFriend(const std::string &ssl_id, const std::string &gpg_id,ServicePermissionFlags flags = RS_SERVICE_PERM_ALL)    = 0;
 		virtual	bool removeFriend(const std::string &ssl_or_gpg_id)  			= 0;
 		virtual bool removeFriendLocation(const std::string &sslId) 			= 0;
 
@@ -309,6 +320,11 @@ class RsPeers
 		//
 		virtual FileSearchFlags computePeerPermissionFlags(const std::string& peer_id,FileStorageFlags file_sharing_flags,const std::list<std::string>& file_parent_groups) = 0;
 
+		/* Service permission flags */
+
+		virtual ServicePermissionFlags servicePermissionFlags(const std::string& gpg_id) = 0;
+		virtual ServicePermissionFlags servicePermissionFlags_sslid(const std::string& ssl_id) = 0;
+		virtual void setServicePermissionFlags(const std::string& gpg_id,const ServicePermissionFlags& flags) = 0;
 };
 
 #endif
diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc
index 1dbd2bfe4..a4d0607a1 100644
--- a/libretroshare/src/rsserver/p3peers.cc
+++ b/libretroshare/src/rsserver/p3peers.cc
@@ -244,40 +244,43 @@ bool    p3Peers::isFriend(const std::string &ssl_id)
 
 bool	p3Peers::getPeerDetails(const std::string &id, RsPeerDetails &d)
 {
-        #ifdef P3PEERS_DEBUG
-        std::cerr << "p3Peers::getPeerDetails() called for id : " << id << std::endl;
-        #endif
+#ifdef P3PEERS_DEBUG
+	std::cerr << "p3Peers::getPeerDetails() called for id : " << id << std::endl;
+#endif
 
 	// NOW Only for SSL Details.
 
-        std::string sOwnId = AuthSSL::getAuthSSL()->OwnId();
-        peerState ps;
+	std::string sOwnId = AuthSSL::getAuthSSL()->OwnId();
+	peerState ps;
 
 	if (id == sOwnId)
 	{
-                mPeerMgr->getOwnNetStatus(ps);
-                ps.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId();
+		mPeerMgr->getOwnNetStatus(ps);
+		ps.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId();
 	}
 	else
 	{
-        	if (!mPeerMgr->getFriendNetStatus(id, ps))
+		if (!mPeerMgr->getFriendNetStatus(id, ps))
 		{
 #ifdef P3PEERS_DEBUG
 			std::cerr << "p3Peers::getPeerDetails() ERROR not an SSL Id: " << id << std::endl;
 #endif
-        		d.isOnlyGPGdetail = true;
-        		return getGPGDetails(id, d);
+			d.isOnlyGPGdetail = true;
+			d.service_perm_flags = mPeerMgr->servicePermissionFlags(id) ;
+			return getGPGDetails(id, d);
 		}
 	}
 
-        /* get from gpg (first), to fill in the sign and trust details */
-        /* don't retrun now, we've got fill in the ssl and connection info */
-        getGPGDetails(ps.gpg_id, d);
-        d.isOnlyGPGdetail = false;
+	/* get from gpg (first), to fill in the sign and trust details */
+	/* don't retrun now, we've got fill in the ssl and connection info */
+	getGPGDetails(ps.gpg_id, d);
+	d.isOnlyGPGdetail = false;
 
-        //get the ssl details
-        d.id 		= id;
-        d.location 	= ps.location;
+	//get the ssl details
+	d.id 		= id;
+	d.location 	= ps.location;
+
+	d.service_perm_flags = mPeerMgr->servicePermissionFlags(ps.gpg_id) ;
 
 	/* generate */
 	d.authcode  	= "AUTHCODE";
@@ -288,11 +291,10 @@ bool	p3Peers::getPeerDetails(const std::string &id, RsPeerDetails &d)
 	d.localPort	= ntohs(ps.localaddr.sin_port);
 	d.extAddr	= rs_inet_ntoa(ps.serveraddr.sin_addr);
 	d.extPort	= ntohs(ps.serveraddr.sin_port);
-        d.dyndns        = ps.dyndns;
+	d.dyndns        = ps.dyndns;
 	d.lastConnect	= ps.lastcontact;
 	d.connectPeriod = 0;
 
-
 	std::list<pqiIpAddress>::iterator it;
 	for(it = ps.ipAddrs.mLocal.mAddrs.begin(); 
 			it != ps.ipAddrs.mLocal.mAddrs.end(); it++)
@@ -327,21 +329,21 @@ bool	p3Peers::getPeerDetails(const std::string &id, RsPeerDetails &d)
 			d.netMode	= RS_NETMODE_UNREACHABLE;
 			break;
 	}
-	
+
 	d.visState	= 0;
 	if (!(ps.visState & RS_VIS_STATE_NODISC))
 	{
 		d.visState |= RS_VS_DISC_ON;
 	}
-	
+
 	if (!(ps.visState & RS_VIS_STATE_NODHT))
 	{
 		d.visState |= RS_VS_DHT_ON;
 	}
-	
-	
-	
-	
+
+
+
+
 	/* Translate */
 	peerConnectState pcs;
 	if (!mLinkMgr->getFriendNetStatus(id, pcs)) 
@@ -349,12 +351,12 @@ bool	p3Peers::getPeerDetails(const std::string &id, RsPeerDetails &d)
 		std::cerr << "p3Peers::getPeerDetails() ERROR No Link Information : " << id << std::endl;
 		return true;
 	}
-	
+
 #ifdef P3PEERS_DEBUG
 	std::cerr << "p3Peers::getPeerDetails() got a SSL id and is returning SSL and GPG details for id : " << id << std::endl;
 #endif
-	
-	
+
+
 	d.state		= 0;
 	if (pcs.state & RS_PEER_S_FRIEND)
 		d.state |= RS_PEER_STATE_FRIEND;
@@ -552,7 +554,7 @@ std::string p3Peers::getGPGId(const std::string &sslid_or_gpgid)
 	 */
 
 	/* Add/Remove Friends */
-bool 	p3Peers::addFriend(const std::string &ssl_id, const std::string &gpg_id)
+bool 	p3Peers::addFriend(const std::string &ssl_id, const std::string &gpg_id,ServicePermissionFlags perm_flags)
 {
 
 #ifdef P3PEERS_DEBUG
@@ -598,7 +600,7 @@ bool 	p3Peers::addFriend(const std::string &ssl_id, const std::string &gpg_id)
 	 * This will cause the SSL certificate to be retained for 30 days... and give the person a chance to connect!
 	 *  */
 	time_t now = time(NULL);
-	return mPeerMgr->addFriend(ssl_id, gpg_id, RS_NET_MODE_UDP, RS_VIS_STATE_STD, now);
+	return mPeerMgr->addFriend(ssl_id, gpg_id, RS_NET_MODE_UDP, RS_VIS_STATE_STD, now, perm_flags);
 }
 
 
@@ -928,6 +930,7 @@ bool 	p3Peers::loadDetailsFromStringCert(const std::string &certstr, RsPeerDetai
 		pd.extPort = cert.ext_port_us();
 		pd.dyndns = cert.dns_string() ;
 		pd.isOnlyGPGdetail = pd.id.empty();
+		pd.service_perm_flags = RS_SERVICE_PERM_ALL ;
 	} 
 	catch (...) 
 	{
@@ -1214,3 +1217,18 @@ RsGroupInfo::RsGroupInfo()
 {
 	flag = 0;
 }
+
+ServicePermissionFlags p3Peers::servicePermissionFlags_sslid(const std::string& ssl_id) 
+{
+	return mPeerMgr->servicePermissionFlags_sslid(ssl_id) ;
+}
+ServicePermissionFlags p3Peers::servicePermissionFlags(const std::string& gpg_id) 
+{
+	return mPeerMgr->servicePermissionFlags(gpg_id) ;
+}
+void p3Peers::setServicePermissionFlags(const std::string& gpg_id,const ServicePermissionFlags& flags) 
+{
+	mPeerMgr->setServicePermissionFlags(gpg_id,flags) ;
+}
+
+
diff --git a/libretroshare/src/rsserver/p3peers.h b/libretroshare/src/rsserver/p3peers.h
index 1fcb6babe..a0efe247e 100644
--- a/libretroshare/src/rsserver/p3peers.h
+++ b/libretroshare/src/rsserver/p3peers.h
@@ -72,7 +72,7 @@ virtual bool	getGPGDetails(const std::string &id, RsPeerDetails &d);
 virtual bool	getAssociatedSSLIds(const std::string &gpg_id, std::list<std::string> &ids);
 
 	/* Add/Remove Friends */
-virtual	bool addFriend(const std::string &ssl_id, const std::string &gpg_id);
+virtual	bool addFriend(const std::string &ssl_id, const std::string &gpg_id,ServicePermissionFlags flags = RS_SERVICE_PERM_ALL);
 virtual	bool removeFriend(const std::string &ssl_or_gpgid);
 virtual bool removeFriendLocation(const std::string &sslId);
 
@@ -122,6 +122,13 @@ virtual bool assignPeerToGroup(const std::string &groupId, const std::string &pe
 virtual bool assignPeersToGroup(const std::string &groupId, const std::list<std::string> &peerIds, bool assign);
 
 virtual FileSearchFlags computePeerPermissionFlags(const std::string& peer_id,FileStorageFlags share_flags,const std::list<std::string>& parent_groups) ;
+
+// service permission stuff
+
+	virtual ServicePermissionFlags servicePermissionFlags(const std::string& gpg_id) ;
+	virtual ServicePermissionFlags servicePermissionFlags_sslid(const std::string& ssl_id) ;
+	virtual void setServicePermissionFlags(const std::string& gpg_id,const ServicePermissionFlags& flags) ;
+
 	private:
 
 	p3LinkMgr *mLinkMgr;
diff --git a/libretroshare/src/serialiser/rsconfigitems.cc b/libretroshare/src/serialiser/rsconfigitems.cc
index 067ba2ee6..5776824bd 100644
--- a/libretroshare/src/serialiser/rsconfigitems.cc
+++ b/libretroshare/src/serialiser/rsconfigitems.cc
@@ -687,6 +687,7 @@ uint32_t    RsPeerConfigSerialiser::size(RsItem *i)
 	RsPeerStunItem *psi;
 	RsPeerNetItem *pni;
 	RsPeerGroupItem *pgi;
+	RsPeerServicePermissionItem *pri;
 
 	if (NULL != (oldpni = dynamic_cast<RsPeerOldNetItem *>(i)))
 	{
@@ -704,6 +705,10 @@ uint32_t    RsPeerConfigSerialiser::size(RsItem *i)
 	{
 		return sizeGroup(pgi);
 	}
+	else if (NULL != (pri = dynamic_cast<RsPeerServicePermissionItem *>(i)))
+	{
+		return sizePermissions(pri);
+	}
 
 	return 0;
 }
@@ -715,6 +720,7 @@ bool    RsPeerConfigSerialiser::serialise(RsItem *i, void *data, uint32_t *pktsi
 	RsPeerNetItem *pni;
 	RsPeerStunItem *psi;
 	RsPeerGroupItem *pgi;
+	RsPeerServicePermissionItem *pri;
 
 	if (NULL != (oldpni = dynamic_cast<RsPeerOldNetItem *>(i)))
 	{
@@ -732,6 +738,10 @@ bool    RsPeerConfigSerialiser::serialise(RsItem *i, void *data, uint32_t *pktsi
 	{
 		return serialiseGroup(pgi, data, pktsize);
 	}
+	else if (NULL != (pri = dynamic_cast<RsPeerServicePermissionItem *>(i)))
+	{
+		return serialisePermissions(pri, data, pktsize);
+	}
 
 	return false;
 }
@@ -764,6 +774,8 @@ RsItem *RsPeerConfigSerialiser::deserialise(void *data, uint32_t *pktsize)
 			return deserialiseStun(data, pktsize);
 		case RS_PKT_SUBTYPE_PEER_GROUP:
 			return deserialiseGroup(data, pktsize);
+		case RS_PKT_SUBTYPE_PEER_PERMISSIONS:
+			return deserialisePermissions(data, pktsize);
 		default:
 			return NULL;
 	}
@@ -1541,6 +1553,138 @@ RsPeerGroupItem *RsPeerConfigSerialiser::deserialiseGroup(void *data, uint32_t *
 	return item;
 }
 
+/**************************************************************/
+
+std::ostream& RsPeerServicePermissionItem::print(std::ostream &out, uint16_t indent)
+{
+	printRsItemBase(out, "RsPeerServicePermissionItem", indent);
+	uint16_t int_Indent = indent + 2;
+
+	for(uint32_t i=0;i<pgp_ids.size();++i)
+	{
+		printIndent(out, int_Indent);
+		out << "pgp id: " << pgp_ids[i] << ": " << service_flags[i].toUInt32() << std::endl; 
+	}
+	printRsItemEnd(out, "RsPeerServicePermissionItem", indent);
+	return out;
+}
+
+uint32_t RsPeerConfigSerialiser::sizePermissions(RsPeerServicePermissionItem *i)
+{	
+	uint32_t s = 8; /* header */
+	s += 4 ; // number of pgp ids in he item.
+
+	for(uint32_t j=0;j<i->pgp_ids.size();++j)
+	{
+		s += GetTlvStringSize(i->pgp_ids[j]) ;
+		s += 4; /* flag */
+	}
+
+	return s;
+}
+
+bool RsPeerConfigSerialiser::serialisePermissions(RsPeerServicePermissionItem *item, void *data, uint32_t *size)
+{
+	uint32_t tlvsize = RsPeerConfigSerialiser::sizePermissions(item);
+	uint32_t offset = 0;
+
+	if(*size < tlvsize)
+		return false; /* not enough space */
+
+	*size = tlvsize;
+
+	bool ok = true;
+
+	// serialise header
+
+	ok &= setRsItemHeader(data, tlvsize, item->PacketId(), tlvsize);
+
+#ifdef RSSERIAL_DEBUG
+	std::cerr << "RsPeerConfigSerialiser::serialiseGroup() Header: " << ok << std::endl;
+	std::cerr << "RsPeerConfigSerialiser::serialiseGroup() Header: " << tlvsize << std::endl;
+#endif
+
+	/* skip the header */
+	offset += 8;
+
+	/* add mandatory parts first */
+	ok &= setRawUInt32(data, tlvsize, &offset, item->pgp_ids.size());
+
+	for(uint32_t i=0;i<item->pgp_ids.size();++i)
+	{
+		ok &= SetTlvString(data, tlvsize, &offset, TLV_TYPE_STR_KEY, item->pgp_ids[i]);
+		ok &= setRawUInt32(data, tlvsize, &offset, item->service_flags[i].toUInt32());
+	}
+
+	if(offset != tlvsize)
+	{
+		ok = false;
+		std::cerr << "(EE) Item size ERROR in RsPeerServicePermissionItem!" << std::endl;
+#ifdef RSSERIAL_ERROR_DEBUG
+		std::cerr << "RsPeerConfigSerialiser::serialisePermissions() Size Error! " << std::endl;
+#endif
+	}
+
+	return ok;
+}
+
+RsPeerServicePermissionItem *RsPeerConfigSerialiser::deserialisePermissions(void *data, uint32_t *size)
+{
+	/* get the type and size */
+	uint32_t rstype = getRsItemId(data);
+	uint32_t rssize = getRsItemSize(data);
+
+	uint32_t offset = 0;
+
+	if ((RS_PKT_VERSION1 != getRsItemVersion(rstype)) ||
+		(RS_PKT_CLASS_CONFIG != getRsItemClass(rstype)) ||
+		(RS_PKT_TYPE_PEER_CONFIG  != getRsItemType(rstype)) ||
+		(RS_PKT_SUBTYPE_PEER_PERMISSIONS != getRsItemSubType(rstype)))
+	{
+		return NULL; /* wrong type */
+	}
+
+	if (*size < rssize)    /* check size */
+		return NULL; /* not enough data */
+
+	/* set the packet length */
+	*size = rssize;
+
+	bool ok = true;
+
+	RsPeerServicePermissionItem *item = new RsPeerServicePermissionItem ;
+	item->clear();
+
+	/* skip the header */
+	offset += 8;
+
+	/* get mandatory parts first */
+	uint32_t s;
+	ok &= getRawUInt32(data, rssize, &offset, &s);
+	item->pgp_ids.resize(s) ;
+	item->service_flags.resize(s) ;
+
+	for(uint32_t i=0;i<s;++i)
+	{
+		uint32_t flags ;
+		ok &= GetTlvString(data, rssize, &offset, TLV_TYPE_STR_KEY, item->pgp_ids[i]);
+		ok &= getRawUInt32(data, rssize, &offset, &flags);
+		
+		item->service_flags[i] = ServicePermissionFlags(flags) ;
+	}
+
+	if (offset != rssize)
+	{
+		/* error */
+		std::cerr << "(EE) Item size ERROR in RsPeerServicePermissionItem!" << std::endl;
+		delete item;
+		return NULL;
+	}
+
+	return item;
+}
+
+
 
 /****************************************************************************/
 
diff --git a/libretroshare/src/serialiser/rsconfigitems.h b/libretroshare/src/serialiser/rsconfigitems.h
index 9d4642110..772e031da 100644
--- a/libretroshare/src/serialiser/rsconfigitems.h
+++ b/libretroshare/src/serialiser/rsconfigitems.h
@@ -48,10 +48,11 @@ const uint8_t RS_PKT_TYPE_HISTORY_CONFIG = 0x06;
 const uint8_t RS_PKT_SUBTYPE_KEY_VALUE = 0x01;
 
 	/* PEER CONFIG SUBTYPES */
-const uint8_t RS_PKT_SUBTYPE_PEER_OLD_NET = 0x01;
-const uint8_t RS_PKT_SUBTYPE_PEER_STUN    = 0x02;
-const uint8_t RS_PKT_SUBTYPE_PEER_NET     = 0x03;     /* replacement for OLD_NET */
-const uint8_t RS_PKT_SUBTYPE_PEER_GROUP   = 0x04;
+const uint8_t RS_PKT_SUBTYPE_PEER_OLD_NET     = 0x01;
+const uint8_t RS_PKT_SUBTYPE_PEER_STUN        = 0x02;
+const uint8_t RS_PKT_SUBTYPE_PEER_NET         = 0x03;     /* replacement for OLD_NET */
+const uint8_t RS_PKT_SUBTYPE_PEER_GROUP       = 0x04;
+const uint8_t RS_PKT_SUBTYPE_PEER_PERMISSIONS = 0x05;
 
 	/* FILE CONFIG SUBTYPES */
 const uint8_t RS_PKT_SUBTYPE_FILE_TRANSFER = 0x01;
@@ -119,6 +120,23 @@ std::ostream &print(std::ostream &out, uint16_t indent = 0);
 	RsTlvIpAddrSet extAddrList;
 };
 
+class RsPeerServicePermissionItem : public RsItem
+{
+	public:
+		RsPeerServicePermissionItem() : RsItem(RS_PKT_VERSION1, RS_PKT_CLASS_CONFIG, RS_PKT_TYPE_PEER_CONFIG, RS_PKT_SUBTYPE_PEER_PERMISSIONS) {}
+		virtual ~RsPeerServicePermissionItem() {}
+
+		virtual void clear()
+		{
+			pgp_ids.clear() ;
+			service_flags.clear() ;
+		}
+		std::ostream &print(std::ostream &out, uint16_t indent = 0);
+
+		/* Mandatory */
+		std::vector<std::string> pgp_ids ;
+		std::vector<ServicePermissionFlags> service_flags ;
+};
 class RsPeerGroupItem : public RsItem
 {
 public:
@@ -191,6 +209,9 @@ virtual	uint32_t    sizeGroup(RsPeerGroupItem *);
 virtual	bool        serialiseGroup  (RsPeerGroupItem *item, void *data, uint32_t *size);
 virtual	RsPeerGroupItem *    deserialiseGroup(void *data, uint32_t *size);
 
+virtual	uint32_t    sizePermissions(RsPeerServicePermissionItem *);
+virtual	bool        serialisePermissions  (RsPeerServicePermissionItem *item, void *data, uint32_t *size);
+virtual	RsPeerServicePermissionItem *    deserialisePermissions(void *data, uint32_t *size);
 };
 
 /**************************************************************************/
diff --git a/libretroshare/src/services/p3disc.cc b/libretroshare/src/services/p3disc.cc
index 5fea4f9a0..f33b6da4f 100644
--- a/libretroshare/src/services/p3disc.cc
+++ b/libretroshare/src/services/p3disc.cc
@@ -163,7 +163,8 @@ int p3disc::handleIncoming()
 		// if discovery reply then respond if haven't already.
 		if (NULL != (dri = dynamic_cast<RsDiscReply *> (item)))	
 		{
-			recvDiscReply(dri);
+			if(rsPeers->servicePermissionFlags_sslid(item->PeerId()) & RS_SERVICE_PERM_DISCOVERY)
+				recvDiscReply(dri);
 		}
 		else if (NULL != (dvi = dynamic_cast<RsDiscVersion *> (item))) 
 		{
@@ -173,7 +174,9 @@ int p3disc::handleIncoming()
 		}
 		else if (NULL != (inf = dynamic_cast<RsDiscAskInfo *> (item))) /* Ping */ 
 		{
-			recvAskInfo(inf);
+			if(rsPeers->servicePermissionFlags_sslid(item->PeerId()) & RS_SERVICE_PERM_DISCOVERY)
+				recvAskInfo(inf);
+
 			nhandled++;
 			delete item;
 		}
@@ -221,7 +224,10 @@ void p3disc::statusChange(const std::list<pqipeer> &plist)
 			std::cerr << "p3disc::statusChange() Starting Disc with: " << pit->id << std::endl;
 #endif
 			sendOwnVersion(pit->id);
-			sendAllInfoToJustConnectedPeer(pit->id);
+
+			if(rsPeers->servicePermissionFlags_sslid(pit->id) & RS_SERVICE_PERM_DISCOVERY)
+				sendAllInfoToJustConnectedPeer(pit->id);
+
 			sendJustConnectedPeerInfoToAllPeer(pit->id);
 		} 
 		else if (!(pit->state & RS_PEER_S_FRIEND) && (pit->actions & RS_PEER_MOVED)) 
@@ -372,25 +378,26 @@ void p3disc::sendJustConnectedPeerInfoToAllPeer(const std::string &connectedPeer
 
 		std::list<std::string>::iterator it;
 		for (it = onlineIds.begin(); it != onlineIds.end(); it++) 
-		{
-			std::list<std::string> &idList = mSendIdList[*it];
+			if(rsPeers->servicePermissionFlags_sslid(*it) & RS_SERVICE_PERM_DISCOVERY)
+			{
+				std::list<std::string> &idList = mSendIdList[*it];
 
-			if (std::find(idList.begin(), idList.end(), gpg_connectedPeerId) == idList.end()) 
-			{
+				if (std::find(idList.begin(), idList.end(), gpg_connectedPeerId) == idList.end()) 
+				{
 #ifdef P3DISC_DEBUG
-				std::cerr << "p3disc::sendJustConnectedPeerInfoToAllPeer() adding to queue for: ";
-				std::cerr << *it << std::endl;
+					std::cerr << "p3disc::sendJustConnectedPeerInfoToAllPeer() adding to queue for: ";
+					std::cerr << *it << std::endl;
 #endif
-				idList.push_back(gpg_connectedPeerId);
-			}
-			else
-			{
+					idList.push_back(gpg_connectedPeerId);
+				}
+				else
+				{
 #ifdef P3DISC_DEBUG
-				std::cerr << "p3disc::sendJustConnectedPeerInfoToAllPeer() already in queue for: ";
-				std::cerr << *it << std::endl;
+					std::cerr << "p3disc::sendJustConnectedPeerInfoToAllPeer() already in queue for: ";
+					std::cerr << *it << std::endl;
 #endif
+				}
 			}
-		}
 	}
 }
 
diff --git a/libretroshare/src/turtle/p3turtle.cc b/libretroshare/src/turtle/p3turtle.cc
index 349485d1c..8dbafda05 100644
--- a/libretroshare/src/turtle/p3turtle.cc
+++ b/libretroshare/src/turtle/p3turtle.cc
@@ -749,7 +749,7 @@ int p3turtle::handleIncoming()
 	{
 		nhandled++;
 
-		if(!(_turtle_routing_enabled && _turtle_routing_session_enabled))
+		if( (!(_turtle_routing_enabled && _turtle_routing_session_enabled)) || !(RS_SERVICE_PERM_TURTLE & rsPeers->servicePermissionFlags_sslid(item->PeerId())))
 			delete item ;
 		else
 		{
@@ -903,6 +903,9 @@ void p3turtle::handleSearchRequest(RsTurtleSearchRequestItem *item)
 
 		for(std::list<std::string>::const_iterator it(onlineIds.begin());it!=onlineIds.end();++it)
 		{
+			if(!(RS_SERVICE_PERM_TURTLE & rsPeers->servicePermissionFlags_sslid(*it)))
+				continue ;
+
 			uint32_t linkType = mLinkMgr->getLinkType(*it);
 
 			if ((linkType & RS_NET_CONN_SPEED_TRICKLE) || (linkType & RS_NET_CONN_SPEED_LOW)) 	// don't forward searches to slow link types (e.g relay peers)!
@@ -1956,6 +1959,15 @@ void p3turtle::handleTunnelRequest(RsTurtleOpenTunnelItem *item)
 		std::list<std::string> onlineIds ;
 		mLinkMgr->getOnlineList(onlineIds);
 
+		for(std::list<std::string>::iterator it(onlineIds.begin());it!=onlineIds.end();)
+			if(!(RS_SERVICE_PERM_TURTLE & rsPeers->servicePermissionFlags_sslid(*it)))
+			{
+				std::list<std::string>::iterator tmp = it++ ;
+				onlineIds.erase(tmp) ;
+			}
+			else
+				++it ;
+
 		int nb_online_ids = onlineIds.size() ;
 
 		if(forward_probability * nb_online_ids < 1.0f && nb_online_ids > 0)
diff --git a/retroshare-gui/src/gui/RemoteDirModel.cpp b/retroshare-gui/src/gui/RemoteDirModel.cpp
index a3c05fbbb..25ea59bd2 100644
--- a/retroshare-gui/src/gui/RemoteDirModel.cpp
+++ b/retroshare-gui/src/gui/RemoteDirModel.cpp
@@ -218,6 +218,9 @@ QString RetroshareDirModel::getGroupsString(const std::list<std::string>& group_
 			if(++it != group_ids.end())
 				groups_str += ", " ;
 		}
+		else
+			++it ;
+
 	return groups_str ;
 }
 
diff --git a/retroshare-gui/src/gui/connect/ConfCertDialog.cpp b/retroshare-gui/src/gui/connect/ConfCertDialog.cpp
index 8b74f4e20..9a678a9d3 100644
--- a/retroshare-gui/src/gui/connect/ConfCertDialog.cpp
+++ b/retroshare-gui/src/gui/connect/ConfCertDialog.cpp
@@ -79,6 +79,9 @@ ConfCertDialog::ConfCertDialog(const std::string& id, QWidget *parent, Qt::WFlag
     connect(ui.trusthelpButton, SIGNAL(clicked()), this, SLOT(showHelpDialog()));
     connect(ui._shouldAddSignatures_CB, SIGNAL(toggled(bool)), this, SLOT(loadInvitePage()));
     connect(ui._useOldFormat_CB, SIGNAL(toggled(bool)), this, SLOT(loadInvitePage()));
+    // connect(ui._anonymous_routing_CB, SIGNAL(toggled(bool)), this, SLOT(setServiceFlags()));
+    // connect(ui._discovery_CB, SIGNAL(toggled(bool)), this, SLOT(setServiceFlags()));
+    // connect(ui._forums_channels_CB, SIGNAL(toggled(bool)), this, SLOT(setServiceFlags()));
 
     ui.avatar->setFrameType(AvatarWidget::NORMAL_FRAME);
 
@@ -120,6 +123,21 @@ void ConfCertDialog::showIt(const std::string& peer_id, enumPage page)
     /* window will destroy itself! */
 }
 
+void ConfCertDialog::setServiceFlags()
+{
+    RsPeerDetails detail;
+    if (!rsPeers->getPeerDetails(mId, detail))
+		 return ;
+
+	 ServicePermissionFlags flags(0) ;
+
+	 if(ui._anonymous_routing_CB->isChecked()) flags = flags | RS_SERVICE_PERM_TURTLE ;
+	 if(        ui._discovery_CB->isChecked()) flags = flags | RS_SERVICE_PERM_DISCOVERY ;
+	 if(  ui._forums_channels_CB->isChecked()) flags = flags | RS_SERVICE_PERM_DISTRIB ;
+
+	 rsPeers->setServicePermissionFlags(detail.gpg_id,flags) ;
+}
+
 void ConfCertDialog::loadAll()
 {
     QMap<std::string, ConfCertDialog*>::iterator it;
@@ -151,6 +169,10 @@ void ConfCertDialog::load()
 		 ui.make_friend_button->setToolTip("") ;
 	 }
 
+	 ui._anonymous_routing_CB->setChecked(detail.service_perm_flags & RS_SERVICE_PERM_TURTLE    ) ;
+	 ui._discovery_CB->setChecked(        detail.service_perm_flags & RS_SERVICE_PERM_DISCOVERY ) ;
+	 ui._forums_channels_CB->setChecked(  detail.service_perm_flags & RS_SERVICE_PERM_DISTRIB   ) ;
+
     ui.name->setText(QString::fromUtf8(detail.name.c_str()));
     ui.peerid->setText(QString::fromStdString(detail.id));
 
@@ -417,6 +439,8 @@ void ConfCertDialog::applyDialog()
             emit configChanged();
     }
 
+	 setServiceFlags() ;
+
     loadAll();
     close();
 }
@@ -429,6 +453,7 @@ void ConfCertDialog::makeFriend()
     } 
 	
     rsPeers->addFriend(mId, gpg_id);
+	 setServiceFlags() ;
     loadAll();
 
     emit configChanged();
diff --git a/retroshare-gui/src/gui/connect/ConfCertDialog.h b/retroshare-gui/src/gui/connect/ConfCertDialog.h
index 1e0a7e6b4..5f4d2de21 100644
--- a/retroshare-gui/src/gui/connect/ConfCertDialog.h
+++ b/retroshare-gui/src/gui/connect/ConfCertDialog.h
@@ -56,6 +56,7 @@ private slots:
     void denyFriend();
     void signGPGKey();
     void loadInvitePage();
+    void setServiceFlags();
 
     void showHelpDialog();
     /** Called when a child window requests the given help <b>topic</b>. */
diff --git a/retroshare-gui/src/gui/connect/ConfCertDialog.ui b/retroshare-gui/src/gui/connect/ConfCertDialog.ui
index d96bd715e..38a330cd7 100644
--- a/retroshare-gui/src/gui/connect/ConfCertDialog.ui
+++ b/retroshare-gui/src/gui/connect/ConfCertDialog.ui
@@ -7,7 +7,7 @@
     <x>0</x>
     <y>0</y>
     <width>635</width>
-    <height>629</height>
+    <height>665</height>
    </rect>
   </property>
   <property name="windowTitle">
@@ -60,7 +60,7 @@
       <item row="0" column="0">
        <widget class="QTabWidget" name="stabWidget">
         <property name="currentIndex">
-         <number>0</number>
+         <number>3</number>
         </property>
         <widget class="QWidget" name="tab">
          <attribute name="icon">
@@ -738,6 +738,91 @@ p, li { white-space: pre-wrap; }
           </item>
          </layout>
         </widget>
+        <widget class="QWidget" name="tab_4">
+         <attribute name="title">
+          <string>Services</string>
+         </attribute>
+         <layout class="QVBoxLayout" name="verticalLayout_2">
+          <item>
+           <widget class="QTextBrowser" name="textBrowser">
+            <property name="html">
+             <string>&lt;!DOCTYPE HTML PUBLIC &quot;-//W3C//DTD HTML 4.0//EN&quot; &quot;http://www.w3.org/TR/REC-html40/strict.dtd&quot;&gt;
+&lt;html&gt;&lt;head&gt;&lt;meta name=&quot;qrichtext&quot; content=&quot;1&quot; /&gt;&lt;style type=&quot;text/css&quot;&gt;
+p, li { white-space: pre-wrap; }
+&lt;/style&gt;&lt;/head&gt;&lt;body style=&quot; font-family:'Ubuntu'; font-size:11pt; font-weight:400; font-style:normal;&quot;&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-weight:600;&quot;&gt;User service permissions&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot;-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;br /&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;This tab allows you to finely tune which services each of your contacts is allowed to use with you.&lt;/p&gt;
+&lt;p style=&quot;-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;br /&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Some services (Discovery, anonymous routing) can be switched off globally, which always overrides the settings per-user.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <widget class="QCheckBox" name="_anonymous_routing_CB">
+            <property name="toolTip">
+             <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Disabling anonymous routing will suppress all sending/retrieval of tunnel and anonymous search requests from/to this user. This user will not be able to transfer anonymously through you.&lt;/p&gt;&lt;p&gt;For a global switch, go to the server configuration panel.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+            </property>
+            <property name="text">
+             <string>Anonymous routing</string>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <widget class="QCheckBox" name="_discovery_CB">
+            <property name="toolTip">
+             <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Disabling discovery removes the sending of public keys of your own friends to this user. Discovery information from this friend will be dropped as well.&lt;/p&gt;&lt;p&gt;For a global switch, go to the server configuration panel.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+            </property>
+            <property name="text">
+             <string>Discovery</string>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <widget class="QCheckBox" name="_forums_channels_CB">
+            <property name="toolTip">
+             <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Disabling this means that forums and channels posts will not be passed from you to this friend, and items coming from this friend will be dropped.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+            </property>
+            <property name="text">
+             <string>Forums/Channels</string>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <widget class="QCheckBox" name="checkBox_3">
+            <property name="enabled">
+             <bool>false</bool>
+            </property>
+            <property name="text">
+             <string>Chat</string>
+            </property>
+            <property name="checked">
+             <bool>true</bool>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <widget class="QPushButton" name="pushButton">
+            <property name="text">
+             <string>PushButton</string>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <spacer name="verticalSpacer_4">
+            <property name="orientation">
+             <enum>Qt::Vertical</enum>
+            </property>
+            <property name="sizeHint" stdset="0">
+             <size>
+              <width>20</width>
+              <height>196</height>
+             </size>
+            </property>
+           </spacer>
+          </item>
+         </layout>
+        </widget>
        </widget>
       </item>
      </layout>
diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
index 2fcc5d587..a1d01f7cf 100755
--- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
+++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
@@ -222,6 +222,10 @@ void ConnectFriendWizard::initializePage(int id)
 		{
 			std::cerr << "Conclusion page id : " << peerDetails.id << "; gpg_id : " << peerDetails.gpg_id << std::endl;
 
+			ui->_anonymous_routing_CB_2->setChecked(peerDetails.service_perm_flags & RS_SERVICE_PERM_TURTLE) ;
+			ui->_discovery_CB_2        ->setChecked(peerDetails.service_perm_flags & RS_SERVICE_PERM_DISCOVERY) ;
+			ui->_forums_channels_CB_2  ->setChecked(peerDetails.service_perm_flags & RS_SERVICE_PERM_DISTRIB) ;
+
 			//set the radio button to sign the GPG key
 			if (peerDetails.accept_connection && !peerDetails.ownsign) {
 				//gpg key connection is already accepted, don't propose to accept it again
@@ -489,6 +493,17 @@ int ConnectFriendWizard::nextId() const
 	return -1;
 }
 
+ServicePermissionFlags ConnectFriendWizard::serviceFlags() const
+{
+	ServicePermissionFlags flags(0) ;
+
+	if(ui->_anonymous_routing_CB_2->isChecked()) flags |= RS_SERVICE_PERM_TURTLE ;
+	if(        ui->_discovery_CB_2->isChecked()) flags |= RS_SERVICE_PERM_DISCOVERY ;
+	if(  ui->_forums_channels_CB_2->isChecked()) flags |= RS_SERVICE_PERM_DISTRIB ;
+
+	return flags ;
+}
+
 void ConnectFriendWizard::accept()
 {
 	bool sign = false;
@@ -526,7 +541,7 @@ void ConnectFriendWizard::accept()
 			rsPeers->signGPGCertificate(peerDetails.gpg_id); //bye default sign set accept_connection to true;
 		} else if (accept_connection) {
 			std::cerr << "ConclusionPage::validatePage() accepting GPG key for connection." << std::endl;
-			rsPeers->addFriend("", peerDetails.gpg_id);
+			rsPeers->addFriend("", peerDetails.gpg_id,serviceFlags()) ;
 		}
 
 		if (!groupId.isEmpty()) {
@@ -535,7 +550,8 @@ void ConnectFriendWizard::accept()
 	}
 
 	if (peerDetails.id != "") {
-		rsPeers->addFriend(peerDetails.id, peerDetails.gpg_id);
+		rsPeers->addFriend(peerDetails.id, peerDetails.gpg_id,serviceFlags()) ;
+
 		//let's check if there is ip adresses in the wizard.
 		if (!peerDetails.extAddr.empty() && peerDetails.extPort) {
 			std::cerr << "ConnectFriendWizard::accept() : setting ip ext address." << std::endl;
diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.h b/retroshare-gui/src/gui/connect/ConnectFriendWizard.h
index 53de99b40..4080a1550 100755
--- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.h
+++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.h
@@ -54,6 +54,8 @@ private slots:
 	void friendCertChanged();
 	void cleanFriendCert();
 
+	ServicePermissionFlags serviceFlags() const ;
+
 	/* CertificatePage */
 	void loadFriendCert();
 	void generateCertificateCalled();
diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui b/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui
index 90164e4c8..6b9cf5947 100644
--- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui
+++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui
@@ -6,8 +6,8 @@
    <rect>
     <x>0</x>
     <y>0</y>
-    <width>572</width>
-    <height>517</height>
+    <width>603</width>
+    <height>561</height>
    </rect>
   </property>
   <property name="windowTitle">
@@ -535,138 +535,193 @@
     </property>
     <item row="0" column="0">
      <widget class="QFrame" name="frame">
-      <layout class="QGridLayout" name="gridLayout">
-       <item row="0" column="0" colspan="2">
-        <widget class="QLabel" name="fr_label">
-         <property name="font">
-          <font>
-           <pointsize>12</pointsize>
-          </font>
-         </property>
-         <property name="text">
-          <string notr="true">You have a friend request from</string>
-         </property>
-        </widget>
-       </item>
-       <item row="1" column="0">
-        <widget class="AvatarWidget" name="fr_avatar">
-         <property name="minimumSize">
-          <size>
-           <width>96</width>
-           <height>96</height>
-          </size>
-         </property>
-         <property name="maximumSize">
-          <size>
-           <width>96</width>
-           <height>96</height>
-          </size>
-         </property>
-        </widget>
-       </item>
-       <item row="1" column="1">
-        <widget class="QGroupBox" name="fr_peerDetailsFrame">
-         <property name="title">
-          <string>Peer details</string>
-         </property>
-         <layout class="QFormLayout" name="formLayout_3">
-          <property name="fieldGrowthPolicy">
-           <enum>QFormLayout::AllNonFixedFieldsGrow</enum>
+      <widget class="QLabel" name="fr_label">
+       <property name="geometry">
+        <rect>
+         <x>9</x>
+         <y>9</y>
+         <width>220</width>
+         <height>19</height>
+        </rect>
+       </property>
+       <property name="font">
+        <font>
+         <pointsize>12</pointsize>
+        </font>
+       </property>
+       <property name="text">
+        <string notr="true">You have a friend request from</string>
+       </property>
+      </widget>
+      <widget class="AvatarWidget" name="fr_avatar">
+       <property name="geometry">
+        <rect>
+         <x>9</x>
+         <y>38</y>
+         <width>96</width>
+         <height>96</height>
+        </rect>
+       </property>
+       <property name="minimumSize">
+        <size>
+         <width>96</width>
+         <height>96</height>
+        </size>
+       </property>
+       <property name="maximumSize">
+        <size>
+         <width>96</width>
+         <height>96</height>
+        </size>
+       </property>
+      </widget>
+      <widget class="QGroupBox" name="fr_peerDetailsFrame">
+       <property name="geometry">
+        <rect>
+         <x>111</x>
+         <y>34</y>
+         <width>156</width>
+         <height>105</height>
+        </rect>
+       </property>
+       <property name="title">
+        <string>Peer details</string>
+       </property>
+       <layout class="QFormLayout" name="formLayout_3">
+        <property name="fieldGrowthPolicy">
+         <enum>QFormLayout::AllNonFixedFieldsGrow</enum>
+        </property>
+        <item row="0" column="0">
+         <widget class="QLabel" name="fr_nameLabel">
+          <property name="text">
+           <string>Name:</string>
           </property>
-          <item row="0" column="0">
-           <widget class="QLabel" name="fr_nameLabel">
-            <property name="text">
-             <string>Name:</string>
-            </property>
-           </widget>
-          </item>
-          <item row="0" column="1">
-           <widget class="QLabel" name="fr_nameEdit">
-            <property name="text">
-             <string notr="true">Name</string>
-            </property>
-           </widget>
-          </item>
-          <item row="2" column="0">
-           <widget class="QLabel" name="fr_emailLabel">
-            <property name="text">
-             <string>Email:</string>
-            </property>
-           </widget>
-          </item>
-          <item row="3" column="0">
-           <widget class="QLabel" name="fr_locationLabel">
-            <property name="text">
-             <string>Location:</string>
-            </property>
-           </widget>
-          </item>
-          <item row="3" column="1">
-           <widget class="QLabel" name="fr_locationEdit">
-            <property name="text">
-             <string notr="true">Location</string>
-            </property>
-           </widget>
-          </item>
-          <item row="2" column="1">
-           <widget class="QLabel" name="fr_emailEdit">
-            <property name="text">
-             <string notr="true">Email</string>
-            </property>
-           </widget>
-          </item>
-         </layout>
-        </widget>
-       </item>
-       <item row="2" column="0" colspan="2">
-        <widget class="QGroupBox" name="fr_optionsFrame">
-         <property name="title">
-          <string>Options</string>
-         </property>
-         <layout class="QFormLayout" name="formLayout_4">
-          <item row="0" column="0">
-           <widget class="QLabel" name="fr_groupLabel">
-            <property name="text">
-             <string>Add friend to group:</string>
-            </property>
-           </widget>
-          </item>
-          <item row="0" column="1">
-           <widget class="QComboBox" name="fr_groupComboBox"/>
-          </item>
-          <item row="1" column="0">
-           <widget class="QCheckBox" name="fr_signGPGCheckBox">
-            <property name="text">
-             <string>Authenticate friend (Sign GPG Key)</string>
-            </property>
-           </widget>
-          </item>
-          <item row="2" column="0">
-           <widget class="QCheckBox" name="fr_acceptNoSignGPGCheckBox">
-            <property name="text">
-             <string>Add as friend to connect with</string>
-            </property>
-           </widget>
-          </item>
-         </layout>
-        </widget>
-       </item>
-       <item row="3" column="0" colspan="2">
-        <spacer name="fr_verticalSpacer">
-         <property name="orientation">
-          <enum>Qt::Vertical</enum>
-         </property>
-         <property name="sizeHint" stdset="0">
-          <size>
-           <width>488</width>
-           <height>118</height>
-          </size>
-         </property>
-        </spacer>
-       </item>
-      </layout>
+         </widget>
+        </item>
+        <item row="0" column="1">
+         <widget class="QLabel" name="fr_nameEdit">
+          <property name="text">
+           <string notr="true">Name</string>
+          </property>
+         </widget>
+        </item>
+        <item row="2" column="0">
+         <widget class="QLabel" name="fr_emailLabel">
+          <property name="text">
+           <string>Email:</string>
+          </property>
+         </widget>
+        </item>
+        <item row="3" column="0">
+         <widget class="QLabel" name="fr_locationLabel">
+          <property name="text">
+           <string>Location:</string>
+          </property>
+         </widget>
+        </item>
+        <item row="3" column="1">
+         <widget class="QLabel" name="fr_locationEdit">
+          <property name="text">
+           <string notr="true">Location</string>
+          </property>
+         </widget>
+        </item>
+        <item row="2" column="1">
+         <widget class="QLabel" name="fr_emailEdit">
+          <property name="text">
+           <string notr="true">Email</string>
+          </property>
+         </widget>
+        </item>
+       </layout>
+      </widget>
+      <widget class="QGroupBox" name="fr_optionsFrame">
+       <property name="geometry">
+        <rect>
+         <x>9</x>
+         <y>145</y>
+         <width>385</width>
+         <height>239</height>
+        </rect>
+       </property>
+       <property name="title">
+        <string>Options</string>
+       </property>
+       <layout class="QFormLayout" name="formLayout_4">
+        <property name="fieldGrowthPolicy">
+         <enum>QFormLayout::AllNonFixedFieldsGrow</enum>
+        </property>
+        <item row="0" column="0">
+         <widget class="QLabel" name="fr_groupLabel">
+          <property name="text">
+           <string>Add friend to group:</string>
+          </property>
+         </widget>
+        </item>
+        <item row="0" column="1">
+         <widget class="QComboBox" name="fr_groupComboBox"/>
+        </item>
+        <item row="1" column="0">
+         <widget class="QCheckBox" name="fr_signGPGCheckBox">
+          <property name="text">
+           <string>Authenticate friend (Sign GPG Key)</string>
+          </property>
+         </widget>
+        </item>
+        <item row="2" column="0">
+         <widget class="QCheckBox" name="fr_acceptNoSignGPGCheckBox">
+          <property name="text">
+           <string>Add as friend to connect with</string>
+          </property>
+         </widget>
+        </item>
+        <item row="3" column="0">
+         <widget class="QGroupBox" name="groupBox">
+          <property name="title">
+           <string>Service permissions</string>
+          </property>
+          <layout class="QVBoxLayout" name="verticalLayout_12">
+           <item>
+            <widget class="QCheckBox" name="_anonymous_routing_CB">
+             <property name="text">
+              <string>Anonymous routing</string>
+             </property>
+            </widget>
+           </item>
+           <item>
+            <widget class="QCheckBox" name="_discovery_CB">
+             <property name="text">
+              <string>Discovery</string>
+             </property>
+            </widget>
+           </item>
+           <item>
+            <widget class="QCheckBox" name="_forums_channels_CB">
+             <property name="text">
+              <string>Forums/channels</string>
+             </property>
+            </widget>
+           </item>
+          </layout>
+         </widget>
+        </item>
+       </layout>
+      </widget>
      </widget>
     </item>
+    <item row="1" column="0">
+     <spacer name="fr_verticalSpacer">
+      <property name="orientation">
+       <enum>Qt::Vertical</enum>
+      </property>
+      <property name="sizeHint" stdset="0">
+       <size>
+        <width>488</width>
+        <height>118</height>
+       </size>
+      </property>
+     </spacer>
+    </item>
    </layout>
   </widget>
   <widget class="ConnectFriendPage" name="ErrorMessagePage">
@@ -825,6 +880,49 @@
       </layout>
      </widget>
     </item>
+    <item>
+     <widget class="QGroupBox" name="groupBox_2">
+      <property name="title">
+       <string>Service permissions</string>
+      </property>
+      <layout class="QHBoxLayout" name="horizontalLayout_7">
+       <item>
+        <widget class="QCheckBox" name="_anonymous_routing_CB_2">
+         <property name="text">
+          <string>Anonymous routing</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QCheckBox" name="_forums_channels_CB_2">
+         <property name="text">
+          <string>Forums/channels</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QCheckBox" name="_discovery_CB_2">
+         <property name="text">
+          <string>Discovery</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <spacer name="horizontalSpacer">
+         <property name="orientation">
+          <enum>Qt::Horizontal</enum>
+         </property>
+         <property name="sizeHint" stdset="0">
+          <size>
+           <width>40</width>
+           <height>20</height>
+          </size>
+         </property>
+        </spacer>
+       </item>
+      </layout>
+     </widget>
+    </item>
    </layout>
   </widget>
  </widget>