Hi Joachim:
In http://www.egroups.com/group/medusa/47.html I read about using "STunnel" (http://mike.daewoo.com.pl/computer/stunnel/) to add SSL functionality to Medusa.
As ZServer is derived from Medusa, this should work for Zope, too.
Has anyone tried to use this combination? Any experience? I'm asking because I like the idea of having ONLY ZServer running as a web server, not a combination of ZServer and Apache. The only thing I'd need Apache (or Roxen) for, would be the SSL support.
BTW: Is native SSL support planned for ZServer?
Chris Petrilli, our local security story manager is working on a number of different projects. Lest this go unanswered I'll pipe in.... If you want to ask a question, ask him! :^) Historically, incorporating encryption into Zope has been a real obstacle for us for the following reasons: (1) it ain't easy, (2) US export restrictions on the cryptographic software/tools With yesterday's significant announcement by the US Govt: http://www.infobeat.com/stories/cgi/story.cgi?id=2563227804-a95 it looks like (2) will no longer be an issue. However, (1) still is... and (1) is a BIGGIE. To really use SSL for both server AND client identification/authentication there is a LOT to do. I'm not sure that we've got the bandwidth (funded or not) to do this in the foreseeable future. Naturally, if there was a funded effort we could at least look at what it would take. Alternatively, we could provide advice and guidance to any person or group that wanted to take this project on (with a serious intent to finish). --Rob