[ Thanks to Eddy
Nigg for this link. ]
“Because subscriber accounts are secured by client-side
SSL certificates for authentication in addition to forced SSL/TLS
encryption for any data exchange, StartSSL™ provides the
highest industry standard based on public-key encryption.
Subscribers which validate their identities according to the Class
2 validations can even be trusted to some reasonable extend. I
believe that under these conditions OpenID is going to be useful
for all sides involved.”