On Fri, 01 Mar 2002 09:48:08 -0500, marc lindahl <[EMAIL PROTECTED]>

>I would say, make SSL part of the standard z2.py, so you can turn on/off,
>specify address, etc. of https ports just as you do with http ports (and of
>course integrated with siteaccess2, etc.)

Ive never really understood the motivation for wanting https support
direct in Zope.... ZServer isnt robust enough to be exposed to the raw
internet without risk. Today (and perhaps for the forseeable future,
because its not clear that Zope want to take on the responsibility of
ensuring it is that robust) if you care about security Zope really
needs to be run behind a front-end-proxy, and the two popular choices
for proxying, Squid and Apache, are already well endowed for https

Are there any common scenarios which need the protection given by
https, but do not need the protection given by a front-end-proxy?

Toby Dickenson

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to