In article <ce200bc5-8a44-75c4-62f4-d31d7bfb2...@tombrennansoftware.com> you wrote: > I've tried to skim some of the AT-TLS doc, and even attended an IBM > webinar last week, but I'm still missing what I imagine are important > background points. Maybe someone here can explain things, but don't > worry too much about it.
> Client and server programs like SSH/SSHD call programs such as OpenSSL > to handle the encryption handshake and processing. So when you set > those up, there is no AT-TLS needed for encryption. Same with the > TN3270 server and client, as long as you set that up with keys and > parameters on the host side, and settings on the client side. > I'm thinking because of the name "Application Transparent" that AT-TLS > was made for programs that DON'T have their own logic to call OpenSSL > (or whatever) to do their own encryption. Let's use clear-text FTP as > an example. So somehow, AT-TLS hooks into the processing and provides > an encrypted "tunnel", kind of like VPN does, but only for that one > application. Does that sound correct? > If so, then the encryption is "transparent" to the FTP server code and > FTP does not need to be changed, which I think is the whole idea here. > Yet we now have an encrypted session. Does that sound correct? > Then if so, what happens on the FTP client side? I certainly can't use > the Windows FTP command, for example, because it's not setup for any > kind of encryption. That's kind of my big question here. I can't see that anyone answered your last question. Yes, the default Windows FTP doesn't support encryption. There are third-party FTPS client programs you can purchase that do so. Or your could run lftp on the Windows Ubuntu shell. -- Don Poitras - SAS Development - SAS Institute Inc. - SAS Campus Drive sas...@sas.com (919) 531-5637 Cary, NC 27513 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN