Hi Benji. I was thinking of the first case that you mentioned,
encryption and authentication at the moment. I am looking at
geographically separated client instances where client is a laptop or
desktop computer so data stays synced. Twisted has the resources to
handle encrypted network communication. I have read from old Zope book
on securing client server communication and the suggestions (which are
not fully discussed) predate the replacement of ZServer and Twisted
integration. Maybe what is needed some sort of example demo to show how
client server communication can be secured using Twisted that is bundled
in Z3. This could also help underscore the powerful combination of Zope
and Twisted frameworks in Z3.
Benji York wrote:
David Pratt wrote:
Is there any plan to provide security for ZEO client / server
communication using Twisted now that it is in Zope3? Many thanks
I haven't heard of anyone working on anything like that, and it's
unclear if you mean simple encryption and authentication of the client
and server, or a more granular system.
Jim has expressed interest in doing the latter with per-object security
and client authentication/authorization. There is more interest than
time at the moment though, so I wouldn't expect to see anything happen
for quite a while.
Zope3-users mailing list