On Mon, 24 Jun 2013 10:22:34 -0500, Doug Henry <doug_he...@usbank.com> wrote:

>On Mon, 24 Jun 2013 09:29:57 -0500, John McKown <john.archie.mck...@gmail.com> 
>wrote:
>
>>I am not very knowledgeable on this sort of thing. Is AT-TLS something
>>different from SSL? I don't really know. In the z/OS 1.12 Comm Server
>>manuals, I found:
>
>Hi John,
>AT-TLS (Application Transparent Transport Layer Security) is ssl provided for 
>TCP/IP connections. My comserver guys tell me that this is the IBM recommended 
>way of providing ssl. It is then transparent to the application running on 
>z/OS.
>
>http://publib.boulder.ibm.com/infocenter/ieduasst/stgv1r0/topic/com.ibm.iea.commserv_v1/commserv/1.7z/security/AT_TLS.pdf

Some uses of SSL via AT-TLS can be transparent to the application, but some are 
not, as I understand it.

For example, a server application or a client application can make use of 
AT-TLS transparently if they merely want an encrypted pipe between them. 
However, if the server wants to authenticate the client by accepting a client 
certificate and mapping it to a RACF user ID then that will require specific 
AT-TLS coding in the server application.

-- 
Walt

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Reply via email to