first of all, i think this idea is very interesting. but the devil is in the details, and i'm not sure you realize what it is that you really want ;)
Considering that most Zope users are interested in most of these sites, except when the language is not english, and that some want to really participate, I think this registration process quickly becomes very boring, and remembering all the different passwords is difficult, unless you always use the same which is insecure.
i'm not sure about that assertion. i think a typical usage pattern is more like "everyone has their own small set of sites they visit regularly". i would think the number of users who really visit all these sites regularly is very small. secondly, the registration is a one-time thing. you don't have to register every time.
Couldn't it be possible that all these servers share the same authentication mechanism, i.e. only usernames and passwords, and do all their local stuff on their own (roles, possible actions, homepages, etc...), in one word (ok, two) : Centralized Authentication
i think what you *really* want (and the only thing that make bring any kind of difference to users at all) is single sign-on. i log into zope.org and when i jump to zopezen it will recognize and use the credentials i just entered when i visited zope.org. having all users in the same repository will not make much of a difference to users. you still have to "log in" every time you visit a different site. that would not bring any discernible advantage, other than the fact that you would have the same username and password on all those sites. same username and password is kind of bad in itself because if some script kiddie finds out about one login he knows them all. problem with centralized user repository: who would be administering such a server? who would be available if one site's webmaster or user has problems and needs assistance?
This would have the great benefit of checking not if someone is part of myownlittlezopecommunity.org but the WHOLE Zope community, this would also better solder this sparse community IMHO.
well, ok, now you have all users in a single directory. i don't see how that would bring the community together more. it makes zero difference to the user, apart from having the same username/password all over.
Of course I understand there are strong security drawbacks to this approach, but anyway this might be very good to make a real network of web sites strongly related to Zope, and could only strenghten the Zope community presence on the web.
what security drawbacks? the biggest security drawback is still the fact that basic auth and cookie auth send their data unencrypted from browser to server and back. that affects every site. the communication between server and LDAP can be guarded by SSL. all in all i think what you really want is single sign-on. where usernames and passwords are stored and how is really secondary in that case. what's more important (and harder to do) is how can you make authentication credentials available to all participating servers so that the user does not need to type them in over and over again? basic HTTP auth is too limited for that. cookie auth is also problematic because cookies cannot be shared across domains. jens