On 19/11/2022 8:19 pm, Peter Sylvester wrote:
It seems to me that this code currently poses a security risk.
Certificate validation always say OK. (well it is said like this in
the code.)
Which terminal emulators actually validate the certificate?
I would like to think all of them do, but the number of TLS tutorials
that start by creating your own CA suggests that certificate validation
might not be common.
I don't think Vista does it :-(
I assume that TLS is set up before any TN3270 specific stuff happens so
you can probably test it by connecting to e.g. wrong.host.badssl.com
port 443. A certificate error would show that the certificate is being
validated.
--
Andrew Rowley
Black Hill Software
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
