Hi! It is amazing how many people believe that SSL (and other technical solutions) can bring security "by default"! People - that is the weakiest point in security, and installing SSL would not make them much more secure. Even worse - notion of SSL can make people feel "more secure" without deep investigation and learning; that's is worse than no security at all! On Wed, 19 Apr 2000, Frank Tegtmeyer wrote:
1. Zope should integrate SSL. 2. All protected pages should be delivered only through SSL by default. 3. A fallback to use management and protected pages without SSL should be there, but it has to be enabled by hand.
Oleg. (All opinions are mine and not of my employer) ---- Oleg Broytmann Foundation for Effective Policies phd@phd.russ.ru Programmers don't die, they just GOSUB without RETURN.