• Subject: Re: Newbie question
  • From: "Jason M. Felice" <jasonf@xxxxxxxxxxxxxxxx>
  • Date: Thu, 30 Sep 1999 17:48:36 -0400

On Thu, Sep 30, 1999 at 03:48:53PM -0400, Eric Strovink wrote:
> Scott Klement wrote:
> 
> > All telnet clients are insecure.
> 
> On the contrary, someone wrote me privately that there is a new AS/400 telnet
> server that uses SSL.  Plus, the same person indicated that there is already
> encrypted password authentication built into the (newest - 1) version of the
> AS/400 telnet server.  You can read some RFC's that propose that 
>authentication
> (links on the tn5250 developer site).  Obviously things have progressed beyond
> the proposal stage.
> 
> > I think I see a flaw in that logic...
> 
> Sorry that you misunderstood.  Clearly the encrypted link I was talking about 
>is
> the one between the Linux proxy and the the java client.  As you say, what 
>would
> be the point of encrypting a connection between a local proxy machine and the
> AS/400?
> 
> Based on the new telnet server information above, it may be possible to 
>encrypt
> all the way through the proxy to the new telnet server.  But, for those AS/400
> sites that have not upgraded, an encrypting proxy server would still be 
>useful.
> 

All this stuff about SSL.  Yes, indeed the newer TELNET servers for the
AS/400's support SSL.  That is something that I think we really need here;
unfortunately, I'm an American working in America, so I'm bound by export
restrictions.

Anybody from another country with looser crypto export laws want to write and
maintain a patch?  Hmm, we can make protocols loadable modules, then people
would just need to install the 'SSL loadable module'?  In any case, I've looked
at SSLeay a while back and noticed that it was fairly simple -- not to mention
you can just hack most of the work out of one of the example programs.

Unfortunately, I can't help.  I'm probably hinting more than I'm allowed as is.

-Jay 'Eraserhead' Felice
+---
| This is the LINUX5250 Mailing List!
| To submit a new message, send your mail to LINUX5250@midrange.com.
| To subscribe to this list send email to LINUX5250-SUB@midrange.com.
| To unsubscribe from this list send email to LINUX5250-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.