From: "Shane Hathaway" <[EMAIL PROTECTED]> > Making cookie authentication secure is surprisingly difficult, and you've > barely taken one step. I don't want CookieCrumbler to go in this > direction at all. A much more fruitful endeavor would be to simply add > digest authentication support to Zope's user folders. See the middle of > this page for a fairly clear explanation: > > http://frontier.userland.com/stories/storyReader$2159
The problem with that is that as far as I know, it still doesn't offer a nice, clean, cross-browser way of logging out. Which means most people will still use cookie-authentication... _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
