As far as I can tell, there are no industry standards. It will take time for the process to shake out and for good tools to appear on the shelves.
Indeed, we crafted a solution we thought satisfied all of the requirements only to have the requirements change. >From where I sit, it looks like an infrastructure similar to that needed to manage password resets will be needed. That is some number of fulltime employees (perhaps a help desk) would take requests, issue certs and somehow step the user through the import process. Or perhaps a central group could push out certs similar to fixes. These certs have a life span and will expire in a couple of years. Some way will be needed to track this and deal with replacing expired certs. HTH -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Melissa Perry Sent: Thursday, September 25, 2008 9:38 AM To: IBM-MAIN@BAMA.UA.EDU Subject: Digital Certificate Implementation TN3270 I am looking for the best way to handle digital certificates and TN3270 emulation. I am in the process of implementing SSL on Telnet. I have generated a certauth and a certsign certificate through acf2. Both of these certificates were imported onto a workstation and are functioning as they should be. My concern is, certificates having to be imported to each workstation that connects to the mainframe. What is the industry standard for implementing certificates for this? NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information. Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html