Hi Benji. I was thinking of the first case that you mentioned, encryption and authentication at the moment. I am looking at geographically separated client instances where client is a laptop or desktop computer so data stays synced. Twisted has the resources to handle encrypted network communication. I have read from old Zope book on securing client server communication and the suggestions (which are not fully discussed) predate the replacement of ZServer and Twisted integration. Maybe what is needed some sort of example demo to show how client server communication can be secured using Twisted that is bundled in Z3. This could also help underscore the powerful combination of Zope and Twisted frameworks in Z3.


Benji York wrote:
David Pratt wrote:
Is there any plan to provide security for ZEO client / server communication using Twisted now that it is in Zope3? Many thanks

I haven't heard of anyone working on anything like that, and it's unclear if you mean simple encryption and authentication of the client and server, or a more granular system.

Jim has expressed interest in doing the latter with per-object security and client authentication/authorization. There is more interest than time at the moment though, so I wouldn't expect to see anything happen for quite a while.
Zope3-users mailing list

Reply via email to