If the certificate they present is signed by a recognized CA, you should be
able to get root and any required intermediates from the signing CA's site.
> -Original Message-
> From: IBM Mainframe Discussion List On
> Behalf Of Brian Westerman
> Sent: Sunday, August 30, 2020 11:55 PM
> To:
Do you get a root if it’s a self signed certificate?
On Mon, Aug 31, 2020 at 3:12 AM Gibney, Dave wrote:
> If the certificate they present is signed by a recognized CA, you should
> be able to get root and any required intermediates from the signing CA's
> site.
>
>
>
> > -Original Message-
W dniu 31.08.2020 o 07:10, Brian Westerman pisze:
Even if you maintain SDSF via SAF (which you have to do by z/OS 2.5 because
that's all that will be supported) you will still have to update the RACF
OPERCMDS class (TSO RACF option 2 (general resource profiles)).
The profile name you need to u
Is the data set (and dfsms) set up for CA_RECLAIM?
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Lizette Koehler
Sent: Sunday, August 30, 2020 5:12 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Simple VSAM question on sizing INDEX component
[CAUTION: This Email is from
According to the LISTC it has CA-RECLAIM(YES)
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Allan Staller
Sent: Monday, August 31, 2020 5:17 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Simple VSAM question on sizing INDEX component
Is the data set (and dfsms) se
Lizette,
I think that is the default now, but if CA-RECLAIM isn’t turned on in IGDSMSxx
then nothing is occurring.
_
Dave Jousma
AVP | Director, Technology Engineering
Fifth Third Bank | 1830
Or it may already be installed, or they may be willing to supply it to you.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Gibney, Dave
Sent: Monday, August 31, 2020 12:12 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: setting
A self-signed certificate *is* a root certificate -- the two terms are
essentially synonymous (although they are used with different implications). If
the SMTP server is presenting a self-signed certificate then it effectively is
its own CA certificate, and you will have to install it in RACF.
Hello Group,
In MQ , do we have mechanism to configure for sending notification using
email about queue manager certificate expiry .
Plz suggest
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to li
On Mon, 31 Aug 2020 06:31:12 -0700, Charles Mills wrote:
>A self-signed certificate *is* a root certificate -- the two terms are
>essentially synonymous (although they are used with different implications).
>If the SMTP server is presenting a self-signed certificate then it effectively
>is its
"Self-signed certificate" means a certificate that is at the bottom of the
chain: there is no higher (mixing my tops and bottoms here) authority that
vouches for it.
Every CA root certificate is self-signed. (Who else would sign it? The Pope?
Bill Gates? Stephen Hawking?)
For a normal endpoint
On 8/31/20 9:34 AM, Charles Mills wrote:
Are CA's perfect? I don't*know* of a CA hack but I do know of (I
should probably say "alleged") CA sloppiness:
DigiNotar was compromised:
"...it had become clear that a security breach had resulted in the
fraudulent issuing of certificates..."
Link
Interesting. Certainly does show that "who do you trust?" is a significant
decision. Marking a certificate in RACF as trusted is not just housekeeping; it
is a significant security decision. You are not just saying "I need RACF to be
able to use this as a CA certificate"; you are saying "this or
Forgive me for droning on about this. I just did that certificate class for
NewEra and this stuff is on my brain.
> the CA vouches that your public key belongs to the
> entity that once called itself "Charles Mills"
As I said, not exactly. One of the reasons certificates can be so confusing is
Has anyone heard from Kirk Wolf recently? I don’t see much action on his
community forum over at dovetail.com either.
I ask because we have been running Dovetail’s port of TOMCAT on Z that has the
SAF interfaces added to it to house our internal team documentation. We are
admittedly behind,
On 8/31/20 10:29 AM, Charles Mills wrote:
Also! Let me nitpick myself before someone else does it for me: When
I wrote "the CA vouches that the*subject name* in the certificate
belongs to Charles Mills" -- that should be "the subject names"
(plural) belong to Charles Mills.
Ya. The mandator
On 8/31/20 11:02 AM, Charles Mills wrote:
- The more critical task IMHO is proving to the user that she
is actually talking to the URL she intended to talk to: that her
session is really, truly with Bank of America and not with some
man-in-the-middle pretending to be Bank of America.
Conceptu
Write your own using SDSF/Rexx. Really simple, I wrote some of them to get real
time data.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Twitter account deleted. https://twitter.com/kirkwolf
Still on linkedin, but no guarantee, no obits.
On Mon, Aug 31, 2020 at 12:12 PM Dave Jousma
<01a0403c5dc1-dmarc-requ...@listserv.ua.edu> wrote:
>
> Has anyone heard from Kirk Wolf recently? I don’t see much action on his
> community for
I'm fine (and utterly amused that my status might be inferred from my
cancelled Twitter account :-)
We wanted to look into your Tomcat request from Thursday before responding.
We do offer a z/OS distribution of Tomcat free without support, so
sometimes other things take precedence.
To confirm: Tom
If one does not use Twitter does one truly exist?
From: IBM Mainframe Discussion List on behalf of
Kirk Wolf
Sent: Monday, August 31, 2020 3:23 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Dovetail/Kirk Wolf?
I'm fine (and utterly amused that my status might b
I tweet, therefore I am.
On Mon, Aug 31, 2020 at 5:40 PM Frank Swarbrick
wrote:
> If one does not use Twitter does one truly exist?
>
>
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@l
Hmm, guess I don't exist. LOL Never had a twitter account and don't want one.
Rex
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Frank Swarbrick
Sent: Monday, August 31, 2020 4:39 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: [External] Re: Dovetail/Kirk Wolf?
If o
The most prolific tweeter I know of is not someone I would care to associate
with. The neighborhood has gone downhill.
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List on behalf of
Steve Smith
Sent: Monday,
Guess ibm-main could be considered tweeting on a more focused level?
In a message dated 8/31/2020 6:10:09 PM Central Standard Time,
rpomm...@sfgmembers.com writes:
Never had a twitter account and don't want one.
--
For IBM-MAI
You tweet, therefore you annoy me. ;-)
I think this was a take off on a retort by Descartes' wife.
Regards,
Steve Thompson
On 8/31/20 5:50 PM, Steve Smith wrote:
I tweet, therefore I am.
On Mon, Aug 31, 2020 at 5:40 PM Frank Swarbrick
wrote:
If one does not use Twitter does one truly exis
Welcome back, lone Wolf to the wolf pack :)
On Tue, Sep 1, 2020 at 11:36 AM Wayne Bickerdike wrote:
> I tweeted once and had one follower, Oh, the shame.
>
> On Tue, Sep 1, 2020 at 10:35 AM Steve Thompson wrote:
>
>> You tweet, therefore you annoy me. ;-)
>>
>> I think this was a take off on a
I tweeted once and had one follower, Oh, the shame.
On Tue, Sep 1, 2020 at 10:35 AM Steve Thompson wrote:
> You tweet, therefore you annoy me. ;-)
>
> I think this was a take off on a retort by Descartes' wife.
>
> Regards,
> Steve Thompson
>
> On 8/31/20 5:50 PM, Steve Smith wrote:
> > I tweet
On 2020-08-31, at 15:50:32, Steve Smith wrote:
>
> I tweet, therefore I am.
On 2013-03-04, at 08:37:57, John Gilmore wrote:
>
> [von Neumann] told me the story ...:
>
> Descartes enters a diner and sits down. A waitress approaches and
> says, "Would you like an appetizer?" He replies, "I thin
Yes. The "other" alternative is to not protect OPERCMDS (i.e. let everything
be authorized), but that's really not a good option.
It's not a difficult process, and for the simplistic stuff you are doing to
modify a simple started task, it's just the MVS.MODIFY.STC.** one you have to
worry abou
Thanks, easier said than done, but does answer that part.
On Mon, 31 Aug 2020 07:12:07 +, Gibney, Dave wrote:
>If the certificate they present is signed by a recognized CA, you should be
>able to get root and any required intermediates from the signing CA's site.
>
>> -Original Message-
So does this all mean that (currently) no one on the list uses TLS-SSL to
forward their mail from CSSMTP to the target mail server?
Brian
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@
Lizette,
Without meaning to 'teach grannies to suck eggs', the index component of
a VSAM KSDS contains an 'INDEX SET' and a 'SEQUENCE SET'.
The 'INDEX SET' contains one or more CIs whose records/entries point at
'SEQUENCE SET' CIs.
The records in the 'INDEX SET' are pointers to CAs, i.e. to '
33 matches
Mail list logo
