On 9/15/2017 9:41 AM, Richards, Robert B. wrote:
My cyber security folks are asking me about why I am doing FTPs with the password
"in the clear". At first, I did not know what they talking about.
It appears that within the SERVINFO data "user=" and "pw=" are *in the clear*.
Not always, but often enough.
I sent an email to L2 Shopz over a week ago and have not heard back from them.
Before I open a PMR, I wondered if the list had some sage advice (like an
options statement that I am missing).
Thanks in advance,
Bob
Bob,
Here are my client and server datasets. No user= or pw=. So whatchoo
talkin' 'bout Willis?
<CLIENT
javahome="/usr/lpp/java/J8.0"
downloadmethod="https"
downloadkeyring="javatruststore">
</CLIENT>
<ORDERSERVER
url="https://eccgw02.rochester.ibm.com/services/projects/ecc/ws/";
keyring="FTPSERVE/SHOPZRING2048"
certificate="SMPE Client Certificate2048">
</ORDERSERVER>
Regards,
Tom Conley
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
