On 7/2/20 1:27 AM, kekronbekron wrote:
Ditto, sorry to go "off-topic" again ... I hope IBM is reading this, and hope they look to adding WireGuard support on Z.
I would be mildly, but pleasantly, surprised to see WireGuard added to z/OS.
Adding WireGuard support to z/OS shouldn't be too much of a "deviation" too, considering that the Linux kernel and OpenBSD now come baked-in with WG.
I naively assumed that IPsec on z/OS would be transport mode, not tunnel mode. I say this because I assume that most of the IP traffic to / from a mainframe is terminal on the mainframe and doesn't actually route through the mainframe as a router. With this in mind, I wonder how effective IPsec tunnel mode would be, seeing as how additional IP traffic would need to go inside of it. Conversely transport mode would be used to authenticate and / or encrypt traffic to / from the mainframe.
But, I am just speculating and could be completely wrong. -- Grant. . . . unix || die ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
