What command are you issuing on the CMS client?
Alan Ackerman
v.uark.edu] On Behalf Of Alan Altmark
> Sent: Wednesday, December 01, 2010 2:11 PM
> To: IBMVM@LISTSERV.UARK.EDU
> Subject: Re: z/VM 6.1, SSLSERV Question
>
> On Wednesday, 12/01/2010 at 11:43 EST, "Schuh, Richard"
>
> wrote:
> > Thanks for the reply, Alan.
No.
Look again.
There is an important topological difference between UFT and NJE-IP.
UFT is just another IP protocol (one that looks more like RSCS than, say,
FTP). Your network topology does not change.
While NJE-over-IP is a network-on-a-network. Full-blown RSCS, but with a
whole raft of "nod
On Thursday, 12/02/2010 at 10:08 EST, Richard Troth
wrote:
> The bottom line for UFT is to do over TCP what RSCS does over
CTC/VTAM/NJE, but
> not in the way NJE/IP does. (Of course, it might be a good hint to the
present
> NJE/IP authors and owners to create a UFT driver for their stuff.
Alan Altmark wrote :-
> I would have thought that everyone's IT host & network security
> departments would be turning the screws on unencrypted and
unauthenticated
> transmission to/from VM of any sensitive data and/or passwords. ("You
> mean you let MAINT's password flow in clear-text over
On Thursday, 12/02/2010 at 09:32 EST, Richard Troth
wrote:
> RXSSL comes to mind. As it happens, a couple of us were discussing
RXSSL
> off-list within the past day. Seems that it may need some attention to
get it
> working with the new VM SSL.
As I'm sure you have discovered, the challeng
Yep. A new RFC is needed. The original author has been saying that for ten
years, has asked for collaborators, and is still open.
The original design intentionally left compression and encryption out of
scope. The advent of SSL suggests that was probably a good choice. ZIP has
been around sinc
sage-
> > From: The IBM z/VM Operating System
> > [mailto:ib...@listserv.uark.edu] On Behalf Of Alan Altmark
> > Sent: Wednesday, December 01, 2010 6:53 AM
> > To: IBMVM@LISTSERV.UARK.EDU
> > Subject: Re: z/VM 6.1, SSLSERV Question
> >
> > On Tuesday, 11/3
On Thursday, 12/02/2010 at 08:15 EST, Mark Wheeler
wrote:
> It would be nice if UFT(D) would support it.
RFC 1440 does not define a mechanism for the UFT client and server to
negotiate and initiate TLS. A new RFC is needed. (Note that the IETF now
requires protocols to be able to negotiate T
> Date: Wed, 1 Dec 2010 17:10:41 -0500
> From: alan_altm...@us.ibm.com
> Subject: Re: z/VM 6.1, SSLSERV Question
> To: IBMVM@LISTSERV.UARK.EDU
> Btw, I don't see very much pressure being placed on z/VM to provide
> client-side TLS support for homegrown RxSocket
On Wednesday, 12/01/2010 at 11:43 EST, "Schuh, Richard"
wrote:
> Thanks for the reply, Alan. So it is not possible using RXSOCKET. Is it
> possible from a CMS client running a home-grown assembler or Pipelines
program,
> or is it a lost cause?
A lost cause, I would say.
Implicit/Static TLS/S
mailto:ib...@listserv.uark.edu] On Behalf Of Alan Altmark
> Sent: Wednesday, December 01, 2010 6:53 AM
> To: IBMVM@LISTSERV.UARK.EDU
> Subject: Re: z/VM 6.1, SSLSERV Question
>
> On Tuesday, 11/30/2010 at 06:39 EST, "Schuh, Richard"
>
> wrote:
>
> > We have
On Tuesday, 11/30/2010 at 06:39 EST, "Schuh, Richard"
wrote:
> We have a person who is trying to get a secure end-to-end transaction
between a
> CMS client and a TPF host. RXSOCKET is being used by the CMS client.
The port
> specified is 51105, which has been designated as a secure port. He
We have a person who is trying to get a secure end-to-end transaction between a
CMS client and a TPF host. RXSOCKET is being used by the CMS client. The port
specified is 51105, which has been designated as a secure port. He has traced
the SSLSERV and sees no traffic going through it; however,
z/VM OperatingSubject
System Re: Z/VM S
1 million today, provided
I'd started with $100 million." -- Jon Stewart
From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On
Behalf Of Hughes, Jim
Sent: Tuesday, May 19, 2009 09:54
To: IBMVM@LISTSERV.UARK.EDU
Subject: [IBMVM] Z/VM SSLSERV Question
This message is
cc
System
Z/VM SSLSERV Question
This message is in our SSLSERV start up console log and its not in the
manual:
MSG FROM TCPIP : Restarting you because you have no passive open on
TCP port
The following line is present in the TCPIP TCPIP file used to startup
the TCPIP service machine and is in the port reservation sect
2009/3/30 Jim Bohnsack :
> On my 2nd level system installed from the IBM ddr and then the SSL PTF, when
> I try what Richard suggested, I get the following:
>
> ls -la
> /etc
> Erwxrwxrwx 1 maintsystem21 Oct 2 15:55 /etc ->
> /../VMBFS:VMSYSU:E
> TC
> $
>
> Is that normal? Why is it
On my 2nd level system installed from the IBM ddr and then the SSL PTF,
when I try what Richard suggested, I get the following:
ls -la
/etc
Erwxrwxrwx 1 maint system 21 Oct 2 15:55 /etc ->
/../VMBFS:VMSYSU:E
TC
On 3/22/09 3:31 PM, "Alan Altmark" wrote:
> Sorry, David, that would just make things worse since we'd keep shipping a
> new CONFIG filepool in each release as we do with VMSYS and VMSYSU, and
> then there would be two *global* CONFIG filepools in the collection. Two
> objects would attempt to
In this new redbook we do indeed recommend to create a special
filepool as storage space for the certificates and the LDAP databases,
this to avoid problems with release migrations. The principle:
customer data in your filepool; software in IBM's VMSYS. This is
definitely not the way things are e
On Sunday, 03/22/2009 at 03:17 EDT, David Boyes
wrote:
> Sounds like a good practice for the next release. Call it CONFIG or
> something like that, and fix the apps like DFSMS to put their config
> files there by default.
Sorry, David, that would just make things worse since we'd keep shipping
> You might find it worth the effort to create your own SFS filepool
> so that
> release-to-release migrations don't create a disruption since you
> have to
> actually migrate VMSYS content. With your own global filepool,
> your 2nd
> level system can down to the 1st level system (via TSAF)
On Friday, 03/20/2009 at 09:29 EDT, Jim Bohnsack
wrote:
> Thank you all for your responses. It sounds as if it is as I suspected,
> a total lack of knowledge about BSF and almost as much of a lack of
> knowledge about SFS. It might be a good idea to include some of these
> SFS/BFS peculiar hint
The Redbook Kris is referring to can be found here:
http://www.redbooks.ibm.com/abstracts/sg245148.html?Open. There is an overview
of BFS is
Chapter 2.
Another Redbook that might be of interest is "OpenEdition for VM/ESA A
Implementation and
Administration Guide"
(http://www.redbooks.ibm.com/a
A useful Redbook or Redpaper, or whatever category it could be put into,
would be very useful. There must be others besides me who would benefit
from everything being in one place and being complete. What Alan said
in his response to my post was not mentioned anywhere that I've seen.
As I've
Seeking for some brief SFS/BFS overview: a certain DJ, well known
here, might remember I asked him in 1998 to devote a small section of
the VM/ESA Network computing with Java And NetRexx (SG24-5148) Redbook
to it.
I wrote something similar for the upcoming Redbook about password
synchronization bet
Thank you all for your responses. It sounds as if it is as I suspected,
a total lack of knowledge about BSF and almost as much of a lack of
knowledge about SFS. It might be a good idea to include some of these
SFS/BFS peculiar hints or ideas in the TCPIP doc, especially for the VM
newbie (as
I cannot say enough good about how Endicott implemented OpenVM ... now
some 15+ years ago. The way the POSIX info is rolled into the CP Dir
is spot on. There are issues, notably performance concerns and a
gross lack of attention (thanks to the distracting popularity of Linux
on VM). But the core
On Friday, 03/20/2009 at 01:13 EDT, Jim Bohnsack
wrote:
> I have a dumb question and a long posting. Sorry. We have SSLSERV
> working on our 2nd lvl z/VM 5.4 system, the one I loaded from the IBM
> DDR. I always bring up a new release on a 2nd level id and then move
> code piece by piece to ou
for me.
Dennis O'Brien
39,516
-Original Message-
From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On
Behalf Of Jim Bohnsack
Sent: Friday, March 20, 2009 10:13
To: IBMVM@LISTSERV.UARK.EDU
Subject: [IBMVM] BFS SS
Jim Bohnsack wrote:
GSKKYMAN gives me the database menu and my replies are as follows:
Enter key database name (press ENTER to return to
menu):
/etc/gskADM/KeyDBT.kdb
Enter database password (press ENTER to return to
menu):
I have a dumb question and a long posting. Sorry. We have SSLSERV
working on our 2nd lvl z/VM 5.4 system, the one I loaded from the IBM
DDR. I always bring up a new release on a 2nd level id and then move
code piece by piece to our production systems. Almost everything is
moved, but I am up
Here's a writeup I put together when I had to do it:
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/e0z1p161/26.1.1?SHELF=&DT=20080627173833&CASE=
Watch for wrap on that URL.
--
Jay Brenneman
On Feb 17, 2009, at 4:21 PM, Alan Altmark wrote:
On Tuesday, 02/17/2009 at 01:41 EST, clifford jackson
wrote:
I am in the process of building a SSLSERV virtual machine, under z/VM
5.3 SLU
801, using SLES 9 SP3. ONE question is there a Red book for this
process?..
No. We tried to make the
On Tuesday, 02/17/2009 at 01:41 EST, clifford jackson
wrote:
> I am in the process of building a SSLSERV virtual machine, under z/VM
5.3 SLU
> 801, using SLES 9 SP3. ONE question is there a Red book for this
process?..
No. We tried to make the instructions in the TCP/IP Planning & Admin book
36 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: SSLSERV question
I am in the process of building a SSLSERV virtual machine, under z/VM 5.3 SLU
801, using SLES 9 SP3. ONE question is there a Red book for this process…..
_
Want to do more with Windows Live? Learn “10 hidden secrets” from Jamie
I am in the process of building a SSLSERV virtual machine, under z/VM 5.3 SLU
801, using SLES 9 SP3. ONE question is there a Red book for this process…..
_
Want to do more with Windows Live? Learn “10 hidden secrets” from Jamie.
http
On Monday, 07/23/2007 at 06:42 EDT, "Huegel, Thomas" <[EMAIL PROTECTED]>
wrote:
> Now I have this SSLSERV / LINUX machine running. I can do SSLADMIN
commands.
> I have port 992 TCP SECURE TESTING.
> "TESTING" is a valid X509 certificate.
> My emulator is set to SSL enabled and accept selfsign
I had trouble with Hummingbird until I received the SSL feature. Which 3270
product are you using?
hans
_
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Huegel, Thomas
Sent: July 23, 2007 6:42 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: SSLSERV question
ly connect with a
secure VM site via the SSLSERV.
DJ
- Original Message Follows -
From: "Huegel, Thomas" <[EMAIL PROTECTED]>
To: IBMVM@LISTSERV.UARK.EDU
Subject: SSLSERV question
Date: Mon, 23 Jul 2007 17:42:28 -0500
> Now I have this SSLSERV / LINUX machine running. I
Now I have this SSLSERV / LINUX machine running. I can do SSLADMIN commands.
I have port 992 TCP SECURE TESTING.
"TESTING" is a valid X509 certificate.
My emulator is set to SSL enabled and accept selfsigned certificates.
But I can't connect..
Anyone have a clue as to what I might be missing?
T
> > > Does using this SSL appliance allow the ZVM FTP Client to make SSL
> > > connections?
> >
> > In z/VM 5.3, yes. Earlier, no. Circle June 29 on your calendar.
If you can't wait for 5.3 to arrive/install/go production, we do have a
inexpensive FTP->FTPS proxy appliance that you might be able
SSLSERV on z/VM 5.1 can provide IMPLICIT protection for FTP, but it is
unpleasant and I have found ONLY one windows client that will work with it.
SSLSERV can also protect HTTPS and POPS.
/Thomas Kern
/U.S. Department of Energy
/301-903-2211
--- Alan Altmark <[EMAIL PROTECTED]> wrote:
> On Tuesd
On Tuesday, 02/13/2007 at 04:33 EST, "Hughes, Jim - OIT"
<[EMAIL PROTECTED]> wrote:
> Will there be any changes in the IBM ZVM SSL offering?
Yes. Support for newer levels of SLES9 and RHEL4, as well as some
administrative improvements. Some more encryption suites. Nothing
earth-shattering.
gt;From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED]
On
=>Behalf Of Alan Altmark
=>Sent: Tuesday, February 13, 2007 4:31 PM
=>To: IBMVM@LISTSERV.UARK.EDU
=>Subject: Re: ZVM and SSLSERV Question
=>
=>On Tuesday, 02/13/2007 at 04:22 EST, "Hughes, Jim - OIT"
=><
On Tuesday, 02/13/2007 at 04:22 EST, "Hughes, Jim - OIT"
<[EMAIL PROTECTED]> wrote:
> Does using this SSL appliance allow the ZVM FTP Client to make SSL
> connections?
In z/VM 5.3, yes. Earlier, no. Circle June 29 on your calendar.
Alan Altmark
z/VM Development
IBM Endicott
Does using this SSL appliance allow the ZVM FTP Client to make SSL
connections?
Jim Hughes
603-271-5586
"There's no sense in being precise when you don't even know what you're
talking about."
John von Neumann
49 matches
Mail list logo
