I have to admit I said so.
Now I changed my mind.
TRUST NOBODY (*).
DO NOT TRUST YOUR "INTERNAL" NETWORK.
Zero Trust is the best approach nowadays.
Do you have VPN? Great! Have you ever heard about compromised VPN?
In that case SSL/TLS is quite useful.
Of course, the cost. The cost is irrelevant. Your PC is string enough to
support TLS and much more.
Same for the host. Certificates? ONE, not thousands. Changed yearly.
User impact? Hard to notice.
(*) The is one person you can trust: a hacker. Yes, his he is sincere in
his intentions.
--
Radoslaw Skorupka
Lodz, Poland
W dniu 18.11.2022 o 19:31, Farley, Peter pisze:
It had better allow a no-SSL mode or it will be useless in shops with VPN
networks for outside access and no SSL inside the VPN.
SSL from outside is necessary, inside is crazy paranoid. Who's going to create and
manage thousands of "certificates"?
-----Original Message-----
From: IBM Mainframe Discussion List<[email protected]> On Behalf Of
Dave Jones
Sent: Friday, November 18, 2022 1:25 PM
To:[email protected]
Subject: Re: TNZ 3270 Emulator: Any Experiences?
Can the SSL security feature be turned off completely?
Thanks.
DJ
--
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
