The only weak point of which I know is that it uses HTTPS, which isn’t very strong — strong enough though to be used for other online services which take a creditcard number.

For the presentation I’ve made a proof of concept implementation, which supported the negotiation. At the moment I’m making an implementation that complies fully to the specification in Python and PHP.

I’ll indeed have to write plugins for existing software, but first I need to finish the initial implementation first . When I’ve got a client library in several languages, then the plugins won’t be that difficult anymore. I just need people to support it .

The event where we’ve presented it was a presentation for a project called Codeyard, which tries to involve high school students more with open source. The event was pretty cool — you don’t talk everyday with several professors security of systems and representatives of a 2 biljon profit/year company (capgemini).

But it looks promising. Once you’re sure it’s secure the next challenge will be adoption. Do you have an implementation of it yourself yet? If you want it adopted you’d probably have to write some plug-ins or extensions to current web applications (like forum software) yourself to show that it works and people can easily start using it. You can’t really expect people to just grab your spec and start implementing at the start. It has to prove itself first.

And what kind of event was this you presented it at, something from your school or something?