[Toadling]

I don't mean to pressure you for more info, Brian. I know it's difficult to discuss this openly right now. I'll just think out loud a bit:

I'm not familiar enough with Apache configuration (and don't have the time to research it at the moment), but maybe it would be possible to limit access to the WebDAV service to a particular MAC address? That could be spoofed, but it would at least provide some rudimentary security and allow you to leave the WebDAV service on all the time. Maybe couple that with basic HTTP authentication too so the client would get prompted for a password - also not very secure, but better than nothing.

I wonder if .Mac/MobileMe requires any kind of authentication when a client connects and attempts to sync data? I would imagine that your .Mac password would be required, but Mac OS X currently does a pretty good job of making this seamless, so it's not really clear what's going on behind the scene.

Anyway, I'm quite confident the Omni folks are aware of all the options here and are plotting a sound course. I'm just really excited about all the new possibilities: third-party iPhone apps, OmniFocus "in my pocket", location services, wireless syncing, no need to connect with that annoying USB cable anymore, etc. It almost feels too good to be true. :D

-Dennis