Unless I'm missing something, I don't see that the SSL support is providing
true authentication at least as I use the term. It lets you know that the
client or queue manager coming across has a valid certificate. What it
doesn't do is let you know who this client or queue manager is. That means
you also can't use it to provide access control. Access control still
seems dependent on the passed userid. This still requires use of a
security exit on both sides since you can't really trust the passed userid
otherwise.
Since I'm still digging thru the 5.3 documentation, I may be incorrect on
this. This is my take on what I've seen so far though. Any other
comments?
- Bruce Giordano
Prudential Insurance
Instructions for managing your mailing list subscription are provided in
the Listserv General Users Guide available at http://www.lsoft.com
Archive: http://vm.akh-wien.ac.at/MQSeries.archive
