Re: SMF PUZZLE
Could it be as simple as having been created on one lpar (not the one you are processing hte records of) but deleted on the LPAR you are looking at the records of? Brian -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: S0C4 XL C Compiler
I'm guessing that not setting commands is causing your problem.
Jon
On Saturday, August 24, 2019, 06:27:05 PM PDT, Joseph Reichman
wrote:
Simple little program cannt believe it
#include
#include
#include
#include
#include
#include
#pragma map(__ceetest,"CEETEST")
#pragma linkage(CEETEST,OS_NOSTACK)
main( int argc, char* argv[])
{
typedef int (DLL_FN)(char *)
dllhandle* dllHandle;
DLL_FN* fn;
_VSTRING commands;
_FEEDBACK fc;
CEETEST(&commands,&fc);
dllHandle = dllload("SYSADATA");
fn = (DLL_FN*) (dllqueryfn(dllHandle, "opendata"));
fn("SYSADATA");
return;
}
CEE3204S The system detected a protection exception (System Completion
Code=0C4).
From entry point dtFuncDeclarator::BeginNestedFunc(sFuncSymbol*)
at statement 729 at compile unit offset
+0510 at entry offset +0510 at address 21DEB1B8.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: S0C4 XL C Compiler
Opened a pmr with IBM
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Charles Mills
Sent: Saturday, August 24, 2019 9:36 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: S0C4 XL C Compiler
Try increasing the region.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Joseph Reichman
Sent: Saturday, August 24, 2019 6:27 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: S0C4 XL C Compiler
Simple little program cannt believe it
#include
#include
#include
#include
#include
#include
#pragma map(__ceetest,"CEETEST")
#pragma linkage(CEETEST,OS_NOSTACK)
main( int argc, char* argv[])
{
typedef int (DLL_FN)(char *)
dllhandle* dllHandle;
DLL_FN* fn;
_VSTRING commands;
_FEEDBACK fc;
CEETEST(&commands,&fc);
dllHandle = dllload("SYSADATA");
fn = (DLL_FN*) (dllqueryfn(dllHandle, "opendata"));
fn("SYSADATA");
return;
}
CEE3204S The system detected a protection exception (System Completion
Code=0C4).
From entry point dtFuncDeclarator::BeginNestedFunc(sFuncSymbol*)
at statement 729 at compile unit offset
+0510 at entry offset +0510 at address 21DEB1B8.
--
For IBM-MAIN subscribe / signoff / archive access instructions, send email
to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
For IBM-MAIN subscribe / signoff / archive access instructions, send email
to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: S0C4 XL C Compiler
REGION=0M I Think that's the max
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Charles Mills
Sent: Saturday, August 24, 2019 9:36 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: S0C4 XL C Compiler
Try increasing the region.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Joseph Reichman
Sent: Saturday, August 24, 2019 6:27 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: S0C4 XL C Compiler
Simple little program cannt believe it
#include
#include
#include
#include
#include
#include
#pragma map(__ceetest,"CEETEST")
#pragma linkage(CEETEST,OS_NOSTACK)
main( int argc, char* argv[])
{
typedef int (DLL_FN)(char *)
dllhandle* dllHandle;
DLL_FN* fn;
_VSTRING commands;
_FEEDBACK fc;
CEETEST(&commands,&fc);
dllHandle = dllload("SYSADATA");
fn = (DLL_FN*) (dllqueryfn(dllHandle, "opendata"));
fn("SYSADATA");
return;
}
CEE3204S The system detected a protection exception (System Completion
Code=0C4).
From entry point dtFuncDeclarator::BeginNestedFunc(sFuncSymbol*)
at statement 729 at compile unit offset
+0510 at entry offset +0510 at address 21DEB1B8.
--
For IBM-MAIN subscribe / signoff / archive access instructions, send email
to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
For IBM-MAIN subscribe / signoff / archive access instructions, send email
to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: S0C4 XL C Compiler
Try increasing the region.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of Joseph Reichman
Sent: Saturday, August 24, 2019 6:27 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: S0C4 XL C Compiler
Simple little program cannt believe it
#include
#include
#include
#include
#include
#include
#pragma map(__ceetest,"CEETEST")
#pragma linkage(CEETEST,OS_NOSTACK)
main( int argc, char* argv[])
{
typedef int (DLL_FN)(char *)
dllhandle* dllHandle;
DLL_FN* fn;
_VSTRING commands;
_FEEDBACK fc;
CEETEST(&commands,&fc);
dllHandle = dllload("SYSADATA");
fn = (DLL_FN*) (dllqueryfn(dllHandle, "opendata"));
fn("SYSADATA");
return;
}
CEE3204S The system detected a protection exception (System Completion
Code=0C4).
From entry point dtFuncDeclarator::BeginNestedFunc(sFuncSymbol*)
at statement 729 at compile unit offset
+0510 at entry offset +0510 at address 21DEB1B8.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
S0C4 XL C Compiler
Simple little program cannt believe it
#include
#include
#include
#include
#include
#include
#pragma map(__ceetest,"CEETEST")
#pragma linkage(CEETEST,OS_NOSTACK)
main( int argc, char* argv[])
{
typedef int (DLL_FN)(char *)
dllhandle* dllHandle;
DLL_FN* fn;
_VSTRING commands;
_FEEDBACK fc;
CEETEST(&commands,&fc);
dllHandle = dllload("SYSADATA");
fn = (DLL_FN*) (dllqueryfn(dllHandle, "opendata"));
fn("SYSADATA");
return;
}
CEE3204S The system detected a protection exception (System Completion
Code=0C4).
From entry point dtFuncDeclarator::BeginNestedFunc(sFuncSymbol*)
at statement 729 at compile unit offset
+0510 at entry offset +0510 at address 21DEB1B8.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SMF PUZZLE
118 or 119 But FTP also cuts, for example, an SMF 15, subject to the parameters of SMFPRMxx. Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Roger Lowe Sent: Saturday, August 24, 2019 3:22 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: SMF PUZZLE On Sat, 24 Aug 2019 17:29:30 +, willie bunter wrote: >Good Day, >I am trying to find the user/job which created a dsn. I run my trustworthy >SMF job which looks for recids 05 14 15 17 18 61 62 63 64 65 66 67 68 136 139 >163. The job showed the job which read the dsn & deleted it but it doesn't >show who or which job created it.According to the LISTCAT the creation date of >the dsn was Thursday Aug. 22. I read the SMF tape for the previous week and >subsequent days including Aug 22 & 23. >I was thinking if the dsn was created by a FTP or an UNIX upload process which >may not be trapped by SMF >Any thoughts? Any suggestions > If you think it might have been an FTP process, you will need to check out the SMF 118 records. Roger -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
Vendors should restrict read access to their FTP upload sites in case there is sensitive data included. Dumps are a good example where customers cannot sanitize the file. There are some customers that will not send a dump because they cannot sanitize it. In those situations, you are forced to send diagnostic execs and work remotely. Jon.On Saturday, August 24, 2019, 03:17:30 PM PDT, Arthur wrote: I once had to FTP a dump to a vendor. I saw that the directory was set up to allow read without a password. I refused to send the dump until they fixed the security. It was a long time ago, and I can't remember the outcome, though I know they argued with me. I will admit that it's unusual to require a password for read but not for write/create. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SMF PUZZLE
On Sat, 24 Aug 2019 17:29:30 +, willie bunter wrote: >Good Day, >I am trying to find the user/job which created a dsn. I run my trustworthy >SMF job which looks for recids 05 14 15 17 18 61 62 63 64 65 66 67 68 136 139 >163. The job showed the job which read the dsn & deleted it but it doesn't >show who or which job created it.According to the LISTCAT the creation date of >the dsn was Thursday Aug. 22. I read the SMF tape for the previous week and >subsequent days including Aug 22 & 23. >I was thinking if the dsn was created by a FTP or an UNIX upload process which >may not be trapped by SMF >Any thoughts? Any suggestions > If you think it might have been an FTP process, you will need to check out the SMF 118 records. Roger -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
On 22 Aug 2019 05:57:37 -0700, in bit.listserv.ibm-main (Message-ID:<0049105969039769.wa.jiveycio.sc@listserv.ua.edu>) ji...@cio.sc.gov (Joel M Ivey) wrote: First, they provided a password-protected p12 file, describing it as containing the "root, intermediate, and private certs". I requested their public certificate chain only, they sent me a DER file -- with both the server cert and its private key. I have asked them to elaborate on their need to distribute their private key to me, their response has essentially been, that's the way we do it. As people have already said, this is incredibly negligent and/or ignorant. I'd hesitate to have any dealings with that company. I once had to FTP a dump to a vendor. I saw that the directory was set up to allow read without a password. I refused to send the dump until they fixed the security. It was a long time ago, and I can't remember the outcome, though I know they argued with me. I will admit that it's unusual to require a password for read but not for write/create. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SMF PUZZLE
[Default] On 24 Aug 2019 13:41:23 -0700, in bit.listserv.ibm-main martin_pac...@uk.ibm.com (Martin Packer) wrote: >Allocation doesn't cause SMF 14/15 to be written. CLOSE (and therefore >OPEN) does. If a data set is allocated by IeFBr14 on an SMS disk, as I understand it, it will have an EOF record as its first record. Thus it can be read (as a zero record file) by a subsequent program or job and deleted thus from an SMF point of view a file can be read and deleted without ever having been created. Clark Morris > >I guess, from the original post, data is written so presumably some form >of OPEN took place. > >Cheers, Martin > >Martin Packer > >zChampion, Systems Investigator & Performance Troubleshooter, IBM > >+44-7802-245-584 > >email: martin_pac...@uk.ibm.com > >Twitter / Facebook IDs: MartinPacker > >Blog: >https://www.ibm.com/developerworks/mydeveloperworks/blogs/MartinPacker > >Podcast Series (With Marna Walle): https://developer.ibm.com/tv/mpt/or > >https://itunes.apple.com/gb/podcast/mainframe-performance-topics/id1127943573?mt=2 > > >Youtube channel: https://www.youtube.com/channel/UCu_65HaYgksbF6Q8SQ4oOvA > > > >From: Charles Mills >To: IBM-MAIN@LISTSERV.UA.EDU >Date: 24/08/2019 21:23 >Subject:Re: SMF PUZZLE >Sent by:IBM Mainframe Discussion List > > > >SMF only captures what you tell it to (with SMFPRMxx). Some shops, for >example, exclude STC's from certain SMF types "to avoid a performance >impact on CICS" or some similar reason. The whole "how to read SMFPRMxx" >thing is beyond the scope of an e-mail. D SMF,O will give you a >not-quite-trivial-to-parse summary. > >SMF 15 shows "opened for output and then closed" (for those subsystems for >which it is configured, per the above). Harking back to the IEFBR14 >discussion here a week or so ago, I wonder if a basic "create a DSN with >IEFBR14 DISP=(NEW,CTALG)" shows up in SMF 15 (because it does not close >the dataset). Others may well know. > >Charles > > >-Original Message- >From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On >Behalf Of willie bunter >Sent: Saturday, August 24, 2019 10:30 AM >To: IBM-MAIN@LISTSERV.UA.EDU >Subject: SMF PUZZLE > >Good Day, >I am trying to find the user/job which created a dsn. I run my >trustworthy SMF job which looks for recids 05 14 15 17 18 61 62 63 64 65 >66 67 68 136 139 163. The job showed the job which read the dsn & deleted >it but it doesn't show who or which job created it.According to the >LISTCAT the creation date of the dsn was Thursday Aug. 22. I read the SMF >tape for the previous week and subsequent days including Aug 22 & 23. >I was thinking if the dsn was created by a FTP or an UNIX upload process >which may not be trapped by SMF >Any thoughts? Any suggestions > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > >Unless stated otherwise above: >IBM United Kingdom Limited - Registered in England and Wales with number >741598. >Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU > > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
No need for a private key registry because verifying the public key is sufficient. There are public key registries but I doubt they validate duplication. Remember this is PGP (Pretty Good Privacy - not perfect), so there are multiple factors that were considered. In this case, duplicate key pairs are a very minor exposure because it's unlikely those few matching private key holders will abuse your key. Jon. On Saturday, August 24, 2019, 10:30:19 AM PDT, Paul Gilmartin <000433f07816-dmarc-requ...@listserv.ua.edu> wrote: On Sat, 24 Aug 2019 11:16:57 -0500, Mike Schwab wrote: >>Well, keys are supposed to be two large prime numbers. Without a >>registry of which numbers have been used, it would be possible for two >>people to use the same prime number. >Such a registry would defeat the purpose, although a registry of public >keys is plausible. Cryptosystems depend on the extreme unlikeliness of a >collision. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SMF PUZZLE
Allocation doesn't cause SMF 14/15 to be written. CLOSE (and therefore OPEN) does. I guess, from the original post, data is written so presumably some form of OPEN took place. Cheers, Martin Martin Packer zChampion, Systems Investigator & Performance Troubleshooter, IBM +44-7802-245-584 email: martin_pac...@uk.ibm.com Twitter / Facebook IDs: MartinPacker Blog: https://www.ibm.com/developerworks/mydeveloperworks/blogs/MartinPacker Podcast Series (With Marna Walle): https://developer.ibm.com/tv/mpt/or https://itunes.apple.com/gb/podcast/mainframe-performance-topics/id1127943573?mt=2 Youtube channel: https://www.youtube.com/channel/UCu_65HaYgksbF6Q8SQ4oOvA From: Charles Mills To: IBM-MAIN@LISTSERV.UA.EDU Date: 24/08/2019 21:23 Subject:Re: SMF PUZZLE Sent by:IBM Mainframe Discussion List SMF only captures what you tell it to (with SMFPRMxx). Some shops, for example, exclude STC's from certain SMF types "to avoid a performance impact on CICS" or some similar reason. The whole "how to read SMFPRMxx" thing is beyond the scope of an e-mail. D SMF,O will give you a not-quite-trivial-to-parse summary. SMF 15 shows "opened for output and then closed" (for those subsystems for which it is configured, per the above). Harking back to the IEFBR14 discussion here a week or so ago, I wonder if a basic "create a DSN with IEFBR14 DISP=(NEW,CTALG)" shows up in SMF 15 (because it does not close the dataset). Others may well know. Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of willie bunter Sent: Saturday, August 24, 2019 10:30 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: SMF PUZZLE Good Day, I am trying to find the user/job which created a dsn. I run my trustworthy SMF job which looks for recids 05 14 15 17 18 61 62 63 64 65 66 67 68 136 139 163. The job showed the job which read the dsn & deleted it but it doesn't show who or which job created it.According to the LISTCAT the creation date of the dsn was Thursday Aug. 22. I read the SMF tape for the previous week and subsequent days including Aug 22 & 23. I was thinking if the dsn was created by a FTP or an UNIX upload process which may not be trapped by SMF Any thoughts? Any suggestions -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN Unless stated otherwise above: IBM United Kingdom Limited - Registered in England and Wales with number 741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
I vaguely recall that there was a third prime number involved in the algorithm that was static for RSA. Do they still have this third prime? Could it be that they use this to eliminate this possibility? Jon. On Saturday, August 24, 2019, 09:17:22 AM PDT, Mike Schwab wrote: > Well, keys are supposed to be two large prime numbers. Without a > registry of which numbers have been used, it would be possible for two > people to use the same prime number. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SMF PUZZLE
SMF only captures what you tell it to (with SMFPRMxx). Some shops, for example, exclude STC's from certain SMF types "to avoid a performance impact on CICS" or some similar reason. The whole "how to read SMFPRMxx" thing is beyond the scope of an e-mail. D SMF,O will give you a not-quite-trivial-to-parse summary. SMF 15 shows "opened for output and then closed" (for those subsystems for which it is configured, per the above). Harking back to the IEFBR14 discussion here a week or so ago, I wonder if a basic "create a DSN with IEFBR14 DISP=(NEW,CTALG)" shows up in SMF 15 (because it does not close the dataset). Others may well know. Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of willie bunter Sent: Saturday, August 24, 2019 10:30 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: SMF PUZZLE Good Day, I am trying to find the user/job which created a dsn. I run my trustworthy SMF job which looks for recids 05 14 15 17 18 61 62 63 64 65 66 67 68 136 139 163. The job showed the job which read the dsn & deleted it but it doesn't show who or which job created it.According to the LISTCAT the creation date of the dsn was Thursday Aug. 22. I read the SMF tape for the previous week and subsequent days including Aug 22 & 23. I was thinking if the dsn was created by a FTP or an UNIX upload process which may not be trapped by SMF Any thoughts? Any suggestions -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
We've gone from "not cryptologically proven" to "you've never seen proof". Please don't state fiction as fact. For RSA, the proof has been around for several year's. Back then, it was large prime numbers which appears to be true today but very large. There's a huge difference between "supposed to be" and what you said. "Supposed to be" is where I researched this year's ago but did not know if it was still current. Apparently you don't have any basis for your claims except for a WSAG. Jon. On Saturday, August 24, 2019, 08:47:21 AM PDT, Charles Mills wrote: >> Do you have any basis to guess it's not provable or that they are not >> uniquely paired? > Just that I have never seen a proof and I have learned > in crypto to doubt every unproven assumption. >> They are supposed to be uniquely paired. > "Supposed to be." Is that real different from what I said? Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Jon Perryman Sent: Saturday, August 24, 2019 7:40 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: vendor distributes their private key On Friday, August 23, 2019, 04:34:14 PM PDT, Charles Mills wrote: >> I believe a public key can be associated with more than one PGP private key > I don't know PGP at all but for basic asymmetrical or public/private key > encryption, > the public and private keys are basically one to one with each other. You > generate > a pair, both halves at once. Although I guess it is not provable that no two > public > keys have the same private key, that situation is hopefully unlikely. Do you have any basis to guess it's not provable or that they are not uniquely paired? They are supposed to be uniquely paired. Jon. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
You encrypt with their public key; they decrypt with their private key? That would be pretty "standard." That is "how public key works." Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of CM Poncelet Sent: Saturday, August 24, 2019 11:01 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: vendor distributes their private key PGP allows sending encrypted emails/data to multiple recipients, where each recipient has a different private key, and this works AOK (but no idea how). I have 'PGP Desktop Whole Disk Encryption (WDE)'. CP -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
On Aug 24, 2019, at 11:16 AM, Mike Schwab wrote: > > Well, keys are supposed to be two large prime numbers. Without a > registry of which numbers have been used, it would be possible for two > people to use the same prime number. RSA keys are *generated* from two large prime numbers, but the keys themselves aren’t prime numbers. And other public key algorithms don’t necessarily involve prime numbers. -- Pew, Curtis G curtis@austin.utexas.edu -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
PGP allows sending encrypted emails/data to multiple recipients, where each recipient has a different private key, and this works AOK (but no idea how). I have 'PGP Desktop Whole Disk Encryption (WDE)'. CP On 24/08/2019 00:34, Charles Mills wrote: >> I believe a public key can be associated with more than one PGP private key > I don't know PGP at all but for basic asymmetrical or public/private key > encryption, the public and private keys are basically one to one with each > other. You generate a pair, both halves at once. Although I guess it is not > provable that no two public keys have the same private key, that situation is > hopefully unlikely. > > Charles > > -Original Message- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of CM Poncelet > Sent: Friday, August 23, 2019 8:01 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: vendor distributes their private key > > The vendor can revoke his private/public key, generate a new > private/public key pair and - hopefully this time - publish only the > public key. > > BTW I believe a public key can be associated with more than one PGP > private key, although doing so would still not explain the vendor's > publishing a private key that could decrypt his public key encrypted > data - regardless of how many other private keys could do so too. > > Just my ha'penny. > > Chris Poncelet (retired sysprog) > > > On 22/08/2019 20:41, Paul Gilmartin wrote: >> On Thu, 22 Aug 2019 14:13:58 -0500, Joel M Ivey wrote: >> >>> Thanks all for the response. I'm glad I wasn't missing something. I >>> will discuss further with the vendor, hoping they will recognize the risks. >>> >> How can the vendor recover from this without causing great >> disruption, even an indefinite time in the future, to existing >> customers who are rely on the improperly distributed private key? >> >> -- gil >> >> -- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >> . >> > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > . > -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
On Sat, 24 Aug 2019 11:16:57 -0500, Mike Schwab wrote: >Well, keys are supposed to be two large prime numbers. Without a >registry of which numbers have been used, it would be possible for two >people to use the same prime number. > Such a registry would defeat the purpose, although a registry of public keys is plausible. Cryptosystems depend on the extreme unlikeliness of a collision. -- gil -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
SMF PUZZLE
Good Day, I am trying to find the user/job which created a dsn. I run my trustworthy SMF job which looks for recids 05 14 15 17 18 61 62 63 64 65 66 67 68 136 139 163. The job showed the job which read the dsn & deleted it but it doesn't show who or which job created it.According to the LISTCAT the creation date of the dsn was Thursday Aug. 22. I read the SMF tape for the previous week and subsequent days including Aug 22 & 23. I was thinking if the dsn was created by a FTP or an UNIX upload process which may not be trapped by SMF Any thoughts? Any suggestions -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Attitude of companies toward mainframers working from home?
Every other month, so 6x7=42. 5-10 days for onsite, F2F meetings, etc outside of that schedule, so let's say 7 days, is 49, so 11 calendar days. I'm not sure how eleven calendar days becomes three weeks, and it still begs the question of who pays the California tax if some unforeseen circumstance blows the 60 days. RON HAWKINS Director, Ipsicsopt Pty Ltd (ACN: 627 705 971) m+61 400029610| t: +1 4085625415 | f: +1 4087912585 -Original Message- From: IBM Mainframe Discussion List On Behalf Of Mike Schwab Sent: Friday, 23 August 2019 02:04 To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: [IBM-MAIN] Attitude of companies toward mainframers working from home? In California. You said you could do 59 days in California. On Thu, Aug 22, 2019 at 10:58 AM Ron Hawkins wrote: > > Where? > > > RON HAWKINS > Director, Ipsicsopt Pty Ltd (ACN: 627 705 971) > m+61 400029610| t: +1 4085625415 | f: +1 4087912585 > > -Original Message- > From: IBM Mainframe Discussion List On > Behalf Of Mike Schwab > Sent: Friday, 23 August 2019 01:23 > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: [IBM-MAIN] Attitude of companies toward mainframers working from > home? > > Well, every other month would leave 3 weeks for training. > > On Thu, Aug 22, 2019 at 7:09 AM Ron Hawkins wrote: > > > > Raphael, > > > > Calendar days. Vacations, public holidays, sick days, etc are all calendar > > days. > > > > Arrive on Wednesday, and leave the next Wednesday is seven days, which is > > only nine months at a week per month. > > > > Most training, customer briefing, etc also happens in California, so there > > are 5-10 days a year at least as well. > > > > If for some unforeseen we blow the 60 days, who is going to pay the > > employee's tax in California? If they were at 50 days and visited the > > amusement parks in LA for 1.5 weeks they've blown it. > > > > And that's the main reason it was mothballed and made ad hoc. > > > > Ron > > > > > > RON HAWKINS > > Director, Ipsicsopt Pty Ltd (ACN: 627 705 971) > > m+61 400029610| t: +1 4085625415 | f: +1 4087912585 > > > > -Original Message- > > From: IBM Mainframe Discussion List On > > Behalf Of Raphaël Jacquot > > Sent: Thursday, 22 August 2019 17:26 > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: [IBM-MAIN] Attitude of companies toward mainframers working > > from home? > > > > Le 22/08/2019 à 08:54, Ron Hawkins a écrit : > > > > > I liked to have our team to train and work face to face > > > occasionally and had regular fly-ins of the team for a week. > > > California killed this off as they want to declare you a tax > > > resident if you spend more than > > > 60 calendar days in the state. Tell that to someone from Nevada. > > > > considering there are 52 weeks in a calendar year, and there are > > vacations / holidays / out of the country periods, you should be > > fine with once a week > > > > Raphael > > > > > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO > > IBM-MAIN > > > > > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO > > IBM-MAIN > > > > -- > Mike A Schwab, Springfield IL USA > Where do Forest Rangers go to get away from it all? > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
Well, keys are supposed to be two large prime numbers. Without a registry of which numbers have been used, it would be possible for two people to use the same prime number. On Sat, Aug 24, 2019 at 9:40 AM Jon Perryman wrote: > > > > On Friday, August 23, 2019, 04:34:14 PM PDT, Charles Mills > wrote: > >> I believe a public key can be associated with more than one PGP private > key > > > I don't know PGP at all but for basic asymmetrical or public/private key > > encryption, > > the public and private keys are basically one to one with each other. You > > generate > > a pair, both halves at once. Although I guess it is not provable that no > > two public > > keys have the same private key, that situation is hopefully unlikely. > > Do you have any basis to guess it's not provable or that they are not > uniquely paired? They are supposed to be uniquely paired. > > Jon. > > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
> Do you have any basis to guess it's not provable or that they are not > uniquely paired? Just that I have never seen a proof and I have learned in crypto to doubt every unproven assumption. > They are supposed to be uniquely paired. "Supposed to be." Is that real different from what I said? Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Jon Perryman Sent: Saturday, August 24, 2019 7:40 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: vendor distributes their private key On Friday, August 23, 2019, 04:34:14 PM PDT, Charles Mills wrote: >> I believe a public key can be associated with more than one PGP private key > I don't know PGP at all but for basic asymmetrical or public/private key > encryption, > the public and private keys are basically one to one with each other. You > generate > a pair, both halves at once. Although I guess it is not provable that no two > public > keys have the same private key, that situation is hopefully unlikely. Do you have any basis to guess it's not provable or that they are not uniquely paired? They are supposed to be uniquely paired. Jon. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: vendor distributes their private key
On Friday, August 23, 2019, 04:34:14 PM PDT, Charles Mills wrote: >> I believe a public key can be associated with more than one PGP private key > I don't know PGP at all but for basic asymmetrical or public/private key > encryption, > the public and private keys are basically one to one with each other. You > generate > a pair, both halves at once. Although I guess it is not provable that no two > public > keys have the same private key, that situation is hopefully unlikely. Do you have any basis to guess it's not provable or that they are not uniquely paired? They are supposed to be uniquely paired. Jon. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
