[Zope-Coders] Session IP adress protection

[Lennart Regebro]

Many moons ago, it was discussed to protect sessions with the IP 
address. That  would have the effect of not allowing a user to switch 
IP-adress mid-session (not a big problem) and thereby making 
session-theft via cookie-theft much harder.

That together with my protected session-data object would make it 
extremely hard to break session-based authorization.

This could easily be implemented for 2.8.

Thoughts?

//Lennart