[Zope3-dev] Certification: Twisted versus Zope / native HTTPS
or Apache
Martijn Faassen
faassen at infrae.com
Wed Dec 14 06:28:54 EST 2005
Christian Theune wrote:
> giving recommendations about security, we advice everyone to put their
> communication on protected lines. E.g. use HTTPS.
>
> As we are targetting Zope 3.3, I think twisted can be the recommended
> configuration option for Zope to run with.
Agreed.
> How do you feel about the use of the HTTPS server of twisted instead of
> requiring the user to channel it through an external HTTPS server, e.g.
> apache?
I wonder how Apache front-ends would work with a HTTPS backend; would
that give rise to new issues in configuring Apache and Zope together?
There's little experience in this domain, I expect.
We'll have to see how things settle, but configuring Apache is familiar
to many people and is knowledge that applies far and wide outside Zope,
so I expect Apache frontends, also for HTTPS, will continue to be very
important in Zope deployments in the forseeable future.
Possibly off on a tangent:
Twisted gets us out of the server business, but I don't want us to get
into a situation where we're saying: "Don't use this well-known Apache
stuff that half the web is using! Use Twisted, something you never heard
of before! Trust us, it's better!". Since we're not in the server
business, we don't want to have to convince people that our server is
better or whatever, or even make it very visible that it exists (ZServer
isn't very visible to the outside as something Zope does, and I like it
just fine that way). We use Twisted as it does the job, not because
we're advocates that want to convince people to use it.
So, I think Apache has its place in front of Twisted, just like Apache
now has its place in front of ZServer.
Regards,
Martijn
More information about the Zope3-dev
mailing list