[Zope] Re: Question about Zope and security

[Tino Wildenhain]

Chris Withers schrieb:
...
> what way? http basic auth is a standard. cookie auth isn't, and it's 
> always insecure no matter how you implement it

they are both equally insecure - while you can make the cookie
(as session auth) a little more secure - but after all its worth
nothing as long as you dont transfer the credentials initially
encrypted :-)

++Tino