> Near as I can tell from the information I getting (from Symantec and others),
> it's not going to get better anytime soon.
> From what I've heard, some folks are advocating a 90-day certificate renewal.
> While I don't have an issue with that, it
> may make automation more important for
(was: Software Delivery on Tape ...)
Hi Folks,
As someone who is currently dealing with this - replacing unexpired
certificates (to the Digicert Intermediate/CA from the Symantec CA) for our F5s
and back-end servers, I can tell you that this is a pain in my butt. Can't
renew while
Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Paul Gilmartin
Sent: Wednesday, April 4, 2018 5:14 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Security (was: Software Delivery on Tape ...) [ EXTERNAL ]
On Wed, 4 Apr 2018 15:57:02 -0700, Charles Mills wrote:
>> As for Certi
On Wed, 4 Apr 2018 15:57:02 -0700, Charles Mills wrote:
>> As for Certificate Authorities, quis custodiet ipsos custodes?
>
>Google LOL.
>https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html
>
How will that be removed from my Firefox? Routinely, with updates, or
will
tin
Sent: Wednesday, April 4, 2018 3:53 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Security (was: Software Delivery on Tape ...)
On Wed, 4 Apr 2018 17:34:45 -0500, Walt Farrell wrote:
>
>Of course, you want a checksum method that is strong enough that an attacker
>can't create a m
On Wed, 4 Apr 2018 17:34:45 -0500, Walt Farrell wrote:
>
>Of course, you want a checksum method that is strong enough that an attacker
>can't create a modified file that will have the same checksum. SHA-1 is no
>longer strong enough to guarantee that, from what I've read. SHA-2 should be