ZServerSSL looks interesting, but the setup for NT is atrocious (you have to install Perl, have Visual C++, install an assembler if you want decent speed, etceteras). A version of the library built by the author (or Digital Solutions, or some other trusted source) and ready-to-install would make it a far more practical solution. Make installation an unzip-into-directory and a script to walk through generating the certificate and you'll see adoption far more likely... at least, until Python 1.6 with rumoured SSL sockets built-in arrives :) . Ah well, more work-cost than benefit in my case :) , enjoy, Mike -----Original Message----- From: Tres Seaver [mailto:tseaver@palladion.com] Sent: Wednesday, April 19, 2000 7:00 PM To: zope@zope.org; Frank Tegtmeyer Subject: Re: [Zope] www.oswg.org runs Zope? ... Appropriate security engineering requires trading off the costs of protection versus the value of the thing protected. The cost of imposing such high-security tradeoffs on all Zope users, many of whom can mitigate such threats simply by keeping good backups of the Data.fs file, is too high, especially given the alternatives available (Apache+SSL, Roxen+SSL, Ng Pheng Siong's ZServerSSL, etc.) for the more paranoid. ...