Hi, all My group is considering putting together a proposal for a web-delivered high-stakes testing environment, which needs to be secure, safe from copying, etc... We have mainly done on-line surveys in the past, where the most sensitive data is an occasional ssn, for which we use SSL and we put the database behind a firewall, and this is secure enough. This would be a much bigger project. We may or may not get the contract, but I thought I would send a few ideas out to the Zope brain trust and see what you-all think. Zope-edu seems to be missing in action, so I hope this is a good place to introduce this. I am thinking toward a Zope backend and a Mozilla/XUL client. Single source for code and data, so no clients to distribute, and available to almost every machine/OS out there. (Install Mozilla/Netscape7; mozilla -chrome https://our.url/testname; take the test.) With XUL, the source of the page/application is not readily available, so this has a marginally better item security than html. Test content (question banks, assessments) would be maintained in ParsedXML in (standard?) IMS-QTI format http://www.imsproject.org/question/. Though IMS-QTI is dreadfully complicated, the IMS folks seem to have this solved for the general case, and why reinvent the wheel? Yes, of course, proctors on the client side will be essential. "On the web, nobody knows you're a dog." :) Special buzzword compliance may be important for future-proofing: Accessibility and internationalization in particular. These are just initial thoughts. I would think there should already be a project out there with similar ideas, but none really stood out. PHPTest seems to use the IMS-QTI model, but it's php, and I would rather get away from DTML-ish solutions; besides, zope has really good security policies built-in. SCORM refers to the IMS -QTI model, but if I am correct, any implementations are proprietary at the moment. Any ideas? Any projects out there? I would much rather contribute to an existing open-source project than create my own (probably necessarily proprietary) one. -- Jim Washington