security

[Scott Kveton]

 >> OpenID's a *library* - if you can't install an SSL cert, you've got
>> utterly zero chance of figuring out how to install OpenID.  (Vanity
>> URL owners don't *install* OpenID)
>> 
>> Security is a MUST.  "Multiple Levels" is shorthand for "won't ever
>> happen": how many people here use POP3s or IMAPs or even SMTP+TLS ?
>>   
> +1 Amen! 

Eddy, Chris, James, Alaric: I appreciate that you have concerns with
possible security issues with OpenID.  I'd _really_ appreciate some possible
solutions.  Its easy to cast stones ...

Let's keep the focus here on helping make OpenID the solution that solves
the single sign-on problem.  That's what this list is for.

- Scott