Hi, when Jim, Steve and I wrote up a good part of the certification specification we added a functional requirement for "reauthentication".
This means that: a) Ask a user for new authentication, if he is trying to do something that he can not do, but might be possible if he provides a different log in. b) Ask a user for new authentication, if he was logged in for N minutes. I'm quite sure that part b) isn't written yet, but I'm not sure what the state of part a) is. Christian -- gocept gmbh & co. kg - forsterstraße 29 - 06112 halle/saale - germany www.gocept.com - [EMAIL PROTECTED] - phone +49 345 122 9889 7 - fax +49 345 122 9889 1 - zope and plone consulting and development
Description: This is a digitally signed message part
_______________________________________________ Zope3-dev mailing list Zope3email@example.com Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com