Sorry to do this, but the spam was getting to be too much (at least 7-10 per day), so I went ahead and password protected the ability to post comments. It seems pretty unobtrusive to me, but if you have major complaints with it, please let me know, and I'll keep digging for a better solution. I really value the feedback I get here, and I don't want to lose it, but I also have to balance that out with making my life easier by not having to delete a deluge of spam.

For those of you that are interested, I ended up using Miguel Jimenez's approach to solve this. I had some initial problems viewing my blog in a browser after implementing this, but it sounds like my ISP fixed that by adding specific permissions to that DLL. One other note: add the httpHandler section BEFORE the .Text entry where they try to take over verb="*" and path="*", otherwise you will never let the HIP generator get processed.

All in all, I would say that the entire upgrade was rather easy. Now let's see if my spam problem goes away.