The simplest description I've found is referenced in the APAR text: http://publibz.boulder.ibm.com/zoslib/pdf/OA55959.pdf
As I understand it, PDUU was designed to give the customer a standard *supported* mechanism for uploading SR doc to IBM. The original implementation used FTP, which is notoriously insecure. We are in a (unique?) bind because we send *and* receive data from IBM using an appliance (Bluecoat) that does not now and presumably never will support TLS (FTPS) keywords. We have used HTTPS for some time to pull fixes and other data from IBM, but PDUU could utilize only FTP. Until now. I don't know whether or how this change impinges on any other doc-sending mechanism. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW [email protected] -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Jousma, David Sent: Friday, June 7, 2019 12:32 PM To: [email protected] Subject: (External):Re: HTTPS for PDUU I think you mean z/OSMF, and even when fully implemented, we won't be allowing direct access to upload dumps from the mainframe without some manual intervention at least. I looked at that briefly awhile back, and sadly we are still way behind getting security setup correctly. It is good news that PDUU works now with https, but day late, dollar short. We bit the bullet and got ATTLS security working between us and IBM when the new requirements for security came out for the GDPR requirements. _____________________________________________________________________________________________________ Dave Jousma AVP | Manager, Systems Engineering Fifth Third Bank | 1830 East Paris Ave, SE | MD RSCB2H | Grand Rapids, MI 49546 616.653.8429 | fax: 616.653.2717 -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Lizette Koehler Sent: Friday, June 7, 2019 2:57 PM To: [email protected] Subject: Re: HTTPS for PDUU **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** So I thought IBM would want us to use z/OSEM? Is that still the plan? Or is this a different function Lizette > -----Original Message----- > From: IBM Mainframe Discussion List <[email protected]> On > Behalf Of Jesse 1 Robinson > Sent: Thursday, June 06, 2019 4:12 PM > To: [email protected] > Subject: HTTPS for PDUU > > Until now, IBM's new/future customer doc upload mechanism PDUU could > make use only of FTP, which is deprecated in general as insecure. > Newly available APAR > OA55959 introduces the option to use HTTPS. We already use HTTPS to > pull fixes from IBM, so it's a tried and true-and secure-protocol > readily available to (I think) most customers. Check it out. > > . > . > J.O.Skip Robinson > Southern California Edison Company > Electric Dragon Team Paddler > SHARE MVS Program Co-Manager > 323-715-0595 Mobile > 626-543-6132 Office <===== NEW > [email protected]<mailto:[email protected]> > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
