On Mon, 24 Jun 2013 10:22:34 -0500, Doug Henry <doug_he...@usbank.com> wrote:
>On Mon, 24 Jun 2013 09:29:57 -0500, John McKown <john.archie.mck...@gmail.com> >wrote: > >>I am not very knowledgeable on this sort of thing. Is AT-TLS something >>different from SSL? I don't really know. In the z/OS 1.12 Comm Server >>manuals, I found: > >Hi John, >AT-TLS (Application Transparent Transport Layer Security) is ssl provided for >TCP/IP connections. My comserver guys tell me that this is the IBM recommended >way of providing ssl. It is then transparent to the application running on >z/OS. > >http://publib.boulder.ibm.com/infocenter/ieduasst/stgv1r0/topic/com.ibm.iea.commserv_v1/commserv/1.7z/security/AT_TLS.pdf Some uses of SSL via AT-TLS can be transparent to the application, but some are not, as I understand it. For example, a server application or a client application can make use of AT-TLS transparently if they merely want an encrypted pipe between them. However, if the server wants to authenticate the client by accepting a client certificate and mapping it to a RACF user ID then that will require specific AT-TLS coding in the server application. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN