URL Design for SSL-Secured SaaS Application

Question

I am developing an application using the ASP.NET MVC platform, which will be exposed as a service over the web (the SaaS model). I am trying to determine the best way to partit

Answer 1

I would use secure.domain.com instead of certificate for www.domain or domain.com I've seen many sites that use certificates for one of the options (either with or without the www prefix) and when the user uses the other (s)he gets prompted for certificate acceptance.

You could use user.domain.com for a non-secure site and when the user needs an SSL enabled section just use your main secure.domain.com/user/ .......

That's just an idea.

Slavi