diff --git a/doc/User_Administration.md b/doc/User_Administration.md
new file mode 100644
index 0000000000000000000000000000000000000000..a51894cd87126b07f56addccba3f635e04872d71
--- /dev/null
+++ b/doc/User_Administration.md
@@ -0,0 +1,34 @@
+Author: Timm Fitschen
+
+Email: timm.fitschen@ds.mpg.de
+
+Date: 2013-02-23
+
+# No Proposal
+http://caosdb/register
+
+# Proposal
+
+## Add User
+
+* POST Request is to be send to `http://host:port/User`.
+* This requires authetication as user _admin_ (default password: _adminpw_).
+* Http body:
+
+
+        <Post>
+          <User name="${username}" password="${md5ed_password} />
+        </Post>
+
+## Delete User
+
+* DELETE Request
+* admin authentication required.
+* Http body:
+
+
+        <Delete>
+          <User name="${username}/>
+        </Delete>
+
+The user to be deleted may also be identified by his id (`id="${id}"`) instead of his name.