I'm getting the runaround with application approval by Google.
First they requested credentials to test my app that works with Google
Drive. I told them they would need to find an IBM i and a google account
and they could test all they wanted.
So, then they came back with:
-
Follow the CASA Tier 2 procedures
<
https://appdefensealliance.dev/casa/tier-2/tier2-overview> to self scan
your application
- Fix any high severity CWEs flagged by your scan
- Register <
https://rc.products.pwc.com/login/casa/register> or log-in
<
https://rc.products.pwc.com/login/casa/> to the CASA portal and
initiate your security assessment
- Submit your scan results and fill out the CASA questionnaire on the
portal
- Receive the results and validation report in the CASA portal
- The CASA portal will automatically share the Letter of Validation with
Google
Looking at the test, it appears to be made for APKs, Java, etc.
When I explained it would be impossible (and least when I looked at it
quickly) they came back with:
"Since your application is written in an unsupported outdated language it
will fail CASA, as CASA requires all applications to be up to date with
security practices and utilizes patched/updated packages and programming
languages. This is to ensure the privacy and security of your application
and your users private data. "
I know I know.. "just do it in open source"... nah. I think IBM needs to
hear what Google things of RPGLE and their platform.
The whole point of this is to give access to APIs on the "native" side of
the IBM i. The last thing I want to do is help customers set up open
source.
Bradley V. Stone
www.bvstools.com
Native IBM i e-Mail solutions for Microsoft Office 365, Gmail, or any Cloud
Provider!
midrange.com
