Change some documentation about identity tokens.

CHANGELOG.md

@@ -130,14 +130,16 @@ Planned future work is listed at the bottom.
 
   - Session restore after disconnect in server. The server has to stash sessions that were 
     abnormally disconnected so the session state can be restored if a new connection provides the token.
-  - X509 certs as user authentication tokens 
+  - UserNameIdentityToken wit encrypted password support. Plaintext password is already supported
+  - X509IdentityToken support 
   - Integration tests are broken and need to be fixed
   - More control over limits on the server - number of subscriptions, monitored items, sessions
 
 ## Longer term
 
 ASPIRATIONAL - a short list of things that would be nice to implement in the future
 
+  - User-level permission model, i.e. ability to limit access to address space based on identity
   - Replace more OpenSSL with `ring` equivalent functions. Ring doesn't do X509 so code is still
     dependent on OpenSSL until a drop-in replacement appears - need something which can generate, read and write X509
     certs, private keys and their corresponding .der, .pem file formats.

docs/compatibility.md

@@ -105,11 +105,14 @@ The following security policies are supported - None, Basic128Rsa15, Basic256, B
 
 The server and client support the following user identities
 
-1. Anonymous/None, i.e. no authentication
-2. User/password - plaintext password only
+1. Anonymous - i.e. no identity
+2. UserName - plaintext password only, i.e. the encryption algorithm field supplied with the identity token must be a 
+   null string.
 
 User/pass identities are defined by configuration
 
+X509 and UserName with encrypted passwords are intended for a future release.
+
 ## Crypto
 
 OPC UA for Rust uses cryptographic algorithms for signing, verifying, encrypting and decrypting data. In addition