Would everyone be ok moving the phishing etc. discussions to the security at openid.net list? This allows other dialogs not to get washed out with the important, but distinct security topic. This also allows us to accurately archive the discussions. You can see previous discussion here: http://openid.net/pipermail/security/ -- Dick