>You have always had the ability to use the certificates built into Windows...

Can you be more specific here?? I am talking about a secure socket layer; I know this was new to W2K and wasn't available in previous versions of Windows web servers.

>purchasing a certificate from an outside vendor (Verisign) allows seamless >integration with your clients without them having to do anything.

Not if you are building websites for clients who have their own registered domains, because then they need to purchase a certificate from Verisign and it's quite expensive.