At 03:16 AM 10/13/99 +0800, chas wrote:
c) The data/information itself. Since there is no authentication with XMLRPC,
Not true. Authentication is simply not part of the XMLRPC standard; any HTTP-based authentication mechanism can be used, including cookies and Basic authentication. You just have to add the appropriate headers to your POST, and the receiving server has to be able to handle it. Zope certainly can do this. For both encryption and authentication purposes, however, using SSL would probably be a good idea, especially if you can make use of client certificates, which can a pretty strong authentication method compared to passwords and the like. Zope can make use of these too, if you write an appropriate UserFolder class based on certificate DN's.