AT-TLS has been around for a while. What is causing problems for tools like CL/Supersession, CA-TPX And such is PAGENT.
Once PAGENT is turned on all bets are off -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Tom Brennan Sent: Tuesday, June 30, 2020 11:58 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: AT-TLS ? Very Basic Questions I've tried to skim some of the AT-TLS doc, and even attended an IBM webinar last week, but I'm still missing what I imagine are important background points. Maybe someone here can explain things, but don't worry too much about it. Client and server programs like SSH/SSHD call programs such as OpenSSL to handle the encryption handshake and processing. So when you set those up, there is no AT-TLS needed for encryption. Same with the TN3270 server and client, as long as you set that up with keys and parameters on the host side, and settings on the client side. I'm thinking because of the name "Application Transparent" that AT-TLS was made for programs that DON'T have their own logic to call OpenSSL (or whatever) to do their own encryption. Let's use clear-text FTP as an example. So somehow, AT-TLS hooks into the processing and provides an encrypted "tunnel", kind of like VPN does, but only for that one application. Does that sound correct? If so, then the encryption is "transparent" to the FTP server code and FTP does not need to be changed, which I think is the whole idea here. Yet we now have an encrypted session. Does that sound correct? Then if so, what happens on the FTP client side? I certainly can't use the Windows FTP command, for example, because it's not setup for any kind of encryption. That's kind of my big question here. On 6/30/2020 1:44 AM, Lionel B Dyck wrote: > Sweet - thank you > > > Lionel B. Dyck <sdg>< > Website: https://www.lbdsoftware.com > > "Worry more about your character than your reputation. Character is what you > are, reputation merely what others think you are." - John Wooden > > -----Original Message----- > From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of > kekronbekron > Sent: Tuesday, June 30, 2020 2:34 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: AT-TLS ? > > Hi LBD!, > > Check these out- > > > http://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/PRS5416 > http://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/PRS5415 > http://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/PRS5414 > > - KB > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > On Monday, June 29, 2020 3:56 AM, Lionel B Dyck <lbd...@gmail.com> wrote: > >> Anyone have any pointers for configuring AT-TLS on z/OS? >> >> Lionel B. Dyck <sdg>< >> Website: https://www.lbdsoftware.com https://www.lbdsoftware.com >> >> "Worry more about your character than your reputation. Character is >> what you are, reputation merely what others think you are." - John >> Wooden >> >> >> ---------------------------------------------------------------------- >> ---------------------------------------------------------------------- >> ----- >> >> For IBM-MAIN subscribe / signoff / archive access instructions, send >> email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
