I don't but perhaps there is a Redbook or similar. AT-TLS is one of the coolest d@mn pieces of software ever written, IMHO. It sits at 50,000 feet and can "TLS-ify" any TCP program. Let's say someone at your shop wrote some utility for your shop years ago that does some chore -- sends the widget status out to the factory machines or something. Now the auditors come along and say "you need to protect those sessions with TLS." Someone would have to dig into that ancient code and figure out how to make a bunch of complex TLS calls -- and get them perfect, or you introduce a security exposure waiting to happen.
But you don't have to do that. AT-TLS can impose TLS on this program without your having to touch a line of code! Or look at it from IBM's point of view. How many TCP-utilizing programs do they have on z/OS? Every one would have to be looked at every time there was a significant update to TLS. But not any more. They have only one TLS-utilizing program to maintain, and that is AT-TLS. Now my friend @Phil is going to chime in here and say "all is not a bed of roses in AT-TLS-land" and he would be right, but what I have written above is valid for about 90-95% of the cases. Charles On Wed, 25 Sep 2024 15:00:17 -0500, Don Johnson <[email protected]> wrote: >Thanks, Charles, that does make a lot of sense. I have tried to search for >AT-TLS, and find a lot of details, but I am not quite ready for that yet. > >Do you know of a primer that starts at 20,000 feet and brings me into the >process easily? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
