Hello, I am pleased to announce the release of ZServerSSL 0.04. ZServerSSL provides a HTTPS server for Zope. In normal operation, ZServerSSL protects user names, passwords and data in transit against eavesdropping. This release of ZServerSSL presents a significant enhancement: X.509 certificate-based authentication for Zope. In this mode, Zope is run in "remote user" mode, and ZServerSSL's HTTPS server is configured to *require* user certificates. When a user connects, ZServerSSL handles certificate verification, maps the user certificate's "subject distinguished name" to a Zope username and sets REMOTE_USER accordingly. Zope's REMOTE_USER machinery takes care of the rest. Given valid user certificates and mappings from certificates to Zope users, Zope no longer requires passwords for access. This improves site security by removing the need to store passwords on the Zope site. This mode of operation can be adapted to other HTTPS servers like Apache+SSL, Roxen+SSL, etc. that perform certificate-based authentication. ZServerSSL is bundled with the latest snapshot of M2Crypto, and is also available as a separate package. It can be downloaded from here: http://www.post1.com/home/ngps/m2 Usual disclaimers apply. Feedback is very much appreciated. Cheers. -- Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps (BTW, what's this about no cross-posting btw zope-dev and zope?)
[Ng Pheng Siong, on Tue, 25 Apr 2000] :: Hello, :: :: I am pleased to announce the release of ZServerSSL 0.04. Fantastic!! Great news. :: (BTW, what's this about no cross-posting btw zope-dev and zope?) :: :: _______________________________________________ :: Zope-Dev maillist - Zope-Dev@zope.org :: http://lists.zope.org/mailman/listinfo/zope-dev :: ** No cross posts or HTML encoding! ** :: (Related lists - :: http://lists.zope.org/mailman/listinfo/zope-announce :: http://lists.zope.org/mailman/listinfo/zope ) Well, for one thing it means a lot of people have to see messages (and any followups) twice. Note right below that comment in the signature is a mention of the zope-announce list. I believe that is the best way to announce new products like this? If everyone simply subscribes to the announce list, then no crossposting would be necessary. I particularly like getting announcements to the announce list, rather than the regular discussion lists, because I can simply leave them in that folder and refer to them later.
On Tue, Apr 25, 2000 at 09:04:36AM -0700, Patrick Phalen wrote:
Well, for one thing it means a lot of people have to see messages (and any followups) twice.
Ahh, I see. I use procmail and do not see cross-postings originating from well-behaved mail clients, so I didn't realise that possibility. Anyways, since cross-posting was discouraged, I spammed both zope and zope-dev with _separate_ postings. My apologies to the lists' readers. ;-)
Note right below that comment in the signature is a mention of the zope-announce list. I believe that is the best way to announce new products like this? If everyone simply subscribes to the announce list, then no crossposting would be necessary.
I was of the impression zope-announce is writeable by DC people only? Cheers. -- Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps
participants (2)
-
Ng Pheng Siong -
Patrick Phalen