As we know, if a merchant uses IPN (Instant Payment Notification), two operations take place after each payment: - PayPal sends an IPN to the merchant site's listener script - The merchant site's listener script contacts the PayPal site to verify the received IPN Plenty of merchant sites use HTTPS for both tasks, and they will soon have to change their certificate to SHA-256... but what about merchants who interact with PayPal using plain HTTP? Will plain HTTP still be supported for BOTH tasks (i.e. the merchant's listener script will still be able to be called over plain HTTP AND will be able to connect to PayPal for validation over plain HTTP)? Thank you for your answer.
... View more