While ZOPE with Apache-SSL is certainly possible , I personally would prefer a more tightly coupled structure than the lightweight server to server protocols provide(such as the certificate if available of the client ) . Tight integration of the SSL-Crypto extention with the zserver would allow security/permission capatibilities to be set on objects based upon a closed verification chain via client certificates (2 two majors support genning them with a simple code fragment. If encryption and X609v3 are available then zope becomes a FAR more interesting possibility for ecommerce. And besides its on the TODO list for the Zserver... Pyhon SSL modules ARE available in source... the question is where and how...(and preferably offshore i.e. NON US developement). cheers A pyhon/Zope novice but a Apache/mod-ssl/php fanatic who wandered here from midgard