>Yes, it does the encryption (and more important - the negotiation) without the >z/OS application having to be aware, though the app can be if it wants to. [snip]
Trying to summarize what I understand so far. An SSL capable application does all the handshake and en/decryption stuff by itself. If one end does *not* know how to talk "SSL", AT/TLS can jump in and do the handshake and en/decryption on the "non-SSL". On the "SSL" end, then the traffic will be passed on to the application unchanged, i.e. encrypted. I'll have to read about this in the appropriate doc. -- Peter Hunkeler ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN