This is actually a really timely post: http://blog.janrain.com/2009/09/yahoo-and-popup-ui-for-openid-aligning.html
We're working on replacing the certificate on OpenID.net over the next few days.
That’s a great idea. It’s certainly something that OPs and RPs should take into consideration.
There is currently some conversations going on about an OpenID Security Best Practices document; while the spec shouldn’t mandate SSL, it certainly should present the case for supporting it, ideally in a best practices doc.
Hey David, completely agreed and this is something we're working on. Do you have any suggestions for actual text to use on the site?