[snip] > Why is there such reluctance? I think there are a several reasons why:
* Not everybody knows how to install/manage an SSL certificate * Not every web hosting company allows multiple IP's for sites * It wouldn't have been easy to get the adoption we're seeing with a MUST * Majority of transactions are low-value today Could we have gotten where we are today with the growth that we've seen _with_ a MUST? I don't think so. The providers who are really serious about security and identity will have SSL. - Scott _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs