Forum OpenACS Improvement Proposals (TIPs): Re: TIP #33 (Proposed): deprecate the PayflowPro package
Another reason to deprecate this is that libpfpro.so is statically linked against an *old* version of OpenSSL (0.9.5-something). Since Verisign is loathe to provide an updated version, you may be opening your site to an attack of some sort if bugs in that version of OpenSSL can be exploited somehow via libpfpro.so.
Granted, the attack surface is pretty small, but you never know.
is the devil).