[kinda not related directly to zope, but indirectly, it is the sort of thing that people using zope are likely to hit. hit 'delete' if you're easily offended by off-topicness] Ok, so I have a number of sites in the domain ekno.lonelyplanet.com. I want to share cookies amongst them, so that the user only has to log in once, and the cookies (with a 30 minute lifetime) will pass that on to the others. Problem: one of the sites is http, the other https. Setting a cookie from the http site with a domain of '.ekno.lonelyplanet.com' _should_ result in it also being delivered to the https site, but doesn't. As far as I can tell, both Navigator and IE are refusing to send the cookie set from the http site to the https site. Presumably this is some poor idea of security. Has anyone else seen this, and, more importantly, has anyone else found a workaround? Thanks, Anthony.