[Zope-dev] Zope 2.6 planning - call for contributors!
Toby Dickenson
tdickenson@geminidataloggers.com
Fri, 01 Mar 2002 15:00:10 +0000
On Fri, 01 Mar 2002 09:48:08 -0500, marc lindahl <marc@bowery.com>
wrote:
>I would say, make SSL part of the standard z2.py, so you can turn =
on/off,
>specify address, etc. of https ports just as you do with http ports (and=
of
>course integrated with siteaccess2, etc.)
Ive never really understood the motivation for wanting https support
direct in Zope.... ZServer isnt robust enough to be exposed to the raw
internet without risk. Today (and perhaps for the forseeable future,
because its not clear that Zope want to take on the responsibility of
ensuring it is that robust) if you care about security Zope really
needs to be run behind a front-end-proxy, and the two popular choices
for proxying, Squid and Apache, are already well endowed for https
support.
Are there any common scenarios which need the protection given by
https, but do not need the protection given by a front-end-proxy?
Toby Dickenson
tdickenson@geminidataloggers.com