when Jim, Steve and I wrote up a good part of the certification
specification we added a functional requirement for "reauthentication".

This means that:

a) Ask a user for new authentication, if he is trying to do something
that he can not do, but might be possible if he provides a different log

b) Ask a user for new authentication, if he was logged in for N minutes.

I'm quite sure that part b) isn't written yet, but I'm not sure what the
state of part a) is.


gocept gmbh & co. kg - forsterstra├če 29 - 06112 halle/saale - germany
www.gocept.com - [EMAIL PROTECTED] - phone +49 345 122 9889 7 -
fax +49 345 122 9889 1 - zope and plone consulting and development

Attachment: signature.asc
Description: This is a digitally signed message part

Zope3-dev mailing list
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com

Reply via email to