Forum OpenACS Development: Should we continue to support PayflowPro?

I have a bug assigned to me containing a patch to update the Verisign PayflowPro module. But before I apply the patch, I wanted to get some opinions on whether we should continue to support this module at all.

As you can read in this thread: https://openacs.org/forums/message-view?message_id=93102 , the latest version of the Verisign SDK is statically linked with an older version of OpenSSL and causes our module to periodically crash AOLserver. Since Verisign has indicated that they don't intend to fix the problem, this situation is not likely to change. I'm wondering if we should therefore deprecate this module, rather than leaving it in the distribution and encouraging people to use it.

Thoughts? If folks are generally positive on this I'll make it a TIP.

I'm about to buy some SSL security certificates...

Given this attitude from SSL Certificate Authority Versign, does anyone recommend any other CA's that seem to be more open minded about supporting open source?

OT? You are right, Nagita Karunaratne. Back to topic.

OpenACS has a a working alternative, the AuthorizeNet gateway package[1]. Since alternatives exist for Verisign's other common offering, SSL Certificates[2], I say..

..deprecate the PayflowPro package.

1. https://openacs.org/doc/openacs-4-6-3/authorize-gateway/
2. http://news.netcraft.com/archives/2003/04/09/netcraft_ssl_survey.html