On Fri, 15 Sep 2017 14:02:29 +0000, Allan Staller wrote: >They do not know what they are talking about. >The primary difference between FTP and FTPS is the FTPS encrypts the password. > The problem is that even though it's encrypted over the network, it appears in the clear in the SERVINFO data set.
I don't know that RACF protecting that data set will placate the security folks. >-----Original Message----- >From: Richards, Robert B. >Sent: Friday, September 15, 2017 8:43 AM > >My cyber security folks are asking me about why I am doing FTPs with the >password "in the clear". At first, I did not know what they talking about. > >It appears that within the SERVINFO data "user=" and "pw=" are *in the clear*. >Not always, but often enough. > >I sent an email to L2 Shopz over a week ago and have not heard back from them. > >Before I open a PMR, I wondered if the list had some sage advice (like an >options statement that I am missing). -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
