Gilbert, I haven't really started coding on an authorize.net interface yet. Got side tracked on by the bulk upload tools. Now that these are 'fixed' I can easily reload test data.
I finished a proof of concept based on openssl 2.0. The proof contacts authorize.net and exchanges the information needed. Didn't use the md5 hash though. The one burning question I have left with respect to authorize.net is whether it is possible to settle a different amount that the amount authorized. The transaction history of authorize.net lists two amounts suggesting that it is possible.
After next weekend I'll focus more on the ecommerce state machine. We need this for any type of financial interface.