[Zope] Python 2.0 SSL for Zope?

Albert Langer Albert.Langer@Directory-Designs.org
Mon, 2 Apr 2001 04:31:47 +1000


What is the guesstimated ETA for a Zope binary release with built in
SSL to avoid the various administrative hassles configuring this?

I gather 2.3.1 is intended to be capable of being used with Python 2
and now has a binary download using Python 2.0 for 64 bit OS, but
an actual switch to Python 2 is intended for 2.4.0 due to the needout
to checkout numerous modules for the major changes involved in
Unicode etc.

Python 2 has a (poorly documented) capability for using SSL sockets
with the normal sockets module.

I imagine if that was properly integrated into the various binary
versions of Zope it would become significantly easier to setup
SSL without having to separately install m2Crypto, fiddle with
Apache etc.

A windows binary for the SSL sockets module is available
from:

http://alldunn.com/python/

Is SSL planned for inclusion in 2.4?

Are there plans for an earlier release of an alternative binary 2.3.x
version
for Python 2.x (that would help with the checkout before switch - release
with caveats about the 1.5.2 version being more "stable")?

If so, could it please include SSL?

When? ;-)

Also, Zope could do with some built in crypto facilities.

I gather amkCrypto works fine based on SWIG of OpenSSL
and is available for both 1.5.2 and 2.0 with a windows
binary also available (but only for 1.5.2).

If integrating the SSL facility with Python 2 for Zope binary releases
involves some sort of linking with OpenSSL it might be desirable to
also do the linking for amkCrypto at same time, so that it is "just
another facility" available in Zope (extension class or whatever -
I wouldn't know).

Finally, ;-)

Public Key Certificate Authority software is available for python:
http://www.pyca.de/

It would be nice to do a "Product" for that with some sort of integration
with management screens so that user as well as server certificates
could be made into just a routine administrative function rather than
studying READMEs, installing other packages, issuing various shell
commands and copying files to configure SSL.

It would also be nice to be able to easily just use SSL for login
and then maintain an unencrypted session for that login.