The SSLSERV package from Sine Nomine works rather well with your a) choic e. I would stay away from your b) choice because you tend to get into having
userids on the z/Linux and all the attendant administrative/auditing/security overhead. You do not need a z/VM userid to connect to the z/VM stack, get a logo, and dial VTAM. /Tom Kern /301-903-2211 On Fri, 10 Aug 2007 14:52:44 -0500, Tom Duerbusch <[EMAIL PROTECTED]> wrote: >In the last month, there has been several threads on SSL servers. I lightly read them, but didn't think it was something of interest, here, i n the near term. > >Well, things change. Time to get ahead of the curve. > >We might be headed towards TN3270 sessions with SSL. > >I searched on SSL on the z/VM 5.2 manuals. Except for the TCP/IP Installation and Customization, not much in the overview to go on. > >On the 390 side, our logical network path is: > >client > | > OSA > | > z/VM > | > v/Switch > | > TCPIP (guest machine) > TN3270 > Dial VTAM (VM/VTAM) Get USSTAB menu > | > VCTCA > | > VSE > | > VCTCA > | > VSE/VTAM > | > CICS > >1. Are there two varients to the SSL/Linux world > a. z/VM way as documented > b. Perhaps a zLinux way where we connect directly into Linux first and then a clear text session is sent to the 390 side? > >I didn't catch if there was multiple methods that were being discussed i n the past threads. > >2. Adam has a Debian server packaged. Does that play with "a" or "b" above, or something different? > >3. We might test with the SSL capability with the TCP/IP stack from CSI stack if all else fails. > >Thanks > >Tom Duerbusch >THD Consulting