We just got it configured and tested with my standard throwaway ShopZ order, Device Support Facilities. It works great, I'm sure management will love it.
Questions: 1) Is there anything on the radar to have SMP/e enforce package signature validation if the package is signed? 2) Ditto to have the ability for SMP/e not receive unsigned packages/products? Using GIM facility classes to manage it would work for me. Mark Jacobs Sent from ProtonMail, Swiss-based encrypted email. GPG Public Key - https://api.protonmail.ch/pks/lookup?op=get&search=markjac...@protonmail.com ------- Original Message ------- On Tuesday, May 16th, 2023 at 4:30 PM, Charles Mills <charl...@mcn.org> wrote: > > If the signature is stored alongside the GIMZIP they could simply alter > > both. > > > Yep, they could, but they would have about a one in a zillion chance of doing > so successfully. You would need the private key of the signer to get it > right. The digital signature is a hash of the software, encrypted with the > signer's private key. The hash algorithms are such that it is nearly > impossible to change the software but keep the same hash, and with a > different hash you need to have that private key to be able to make a > signature that will decrypt with the relevant well-known public key. > > > which you trust more, DigiCert or your RACF > > > The trustworthiness of CAs is one of the weakest parts of PKI and TLS. > Nothing against DigiCert -- they are fine folks, and I am sure have a robust > security program -- but CA's have been hacked with malicious effect. > > https://en.wikipedia.org/wiki/DigiNotar#Issuance_of_fraudulent_certificates > > Charles > > On Tue, 16 May 2023 13:31:39 -0500, Paul Gilmartin paulgboul...@aol.com wrote: > > > On Tue, 16 May 2023 13:04:44 -0500, Charles Mills wrote: > > > > > Correct me if I am wrong, but my impression is that signing the package > > > protects (among other things) against the scenario in which one of your > > > associates, who let us assume is a bad guy, makes a zap-type modification > > > to the package after you download it and before you install it, thereby > > > compromising the integrity of your z/OS. Obviously, security for the > > > download will not protect against that, but package signing will. > > > > OK. Verifying the signature at the point of RECEIVE FROMNTS protects against > > (fe)malefactors' compromising the GIMZIP between download and RECEIVE. > > If the signature is stored alongside the GIMZIP they could simply alter > > both. > > > > And the SMPPTS must be protected until APPLY/ACCEPT, and the Target and > > DLIBs indefinitely. > > > > Some of this depends on which you trust more, DigiCert or your RACF > > configuration. > > SMPNTS is a zFS hierarchy. How vulnerable is that? > > > > -- > > gil > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
