Skip to Main Content
IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Delivered
Workspace z/OS
Created by Guest
Created on Aug 17, 2015

Provide SOCIPHER support for outbound SSL calls

Currently, CICS 5.1 allows for the recording of which specific cipher was negotiated on an inbound SSL handshake in the CMF performance record. Such support should be extended to outbound SSL handshakes.

Idea priority Medium
  • Guest
    Reply
    |
    Oct 2, 2017

    This is addressed via z/OS Encryption Readiness Technology (zERT) provided in z/OS V2R3.

  • Guest
    Reply
    |
    Apr 19, 2017

    Due to processing by IBM, this request was reassigned to have the following updated attributes:
    Brand - Servers and Systems Software
    Product family - z Systems Software
    Product - z/OS Communications Server
    Component - TCP/IP
    Operating system - IBM z/OS
    Source - None

    For recording keeping, the previous attributes were:
    Brand - Servers and Systems Software
    Product family - Transaction Processing
    Product - CICS Transaction Server
    Component - Runtime
    Operating system - IBM z/OS
    Source - None

  • Guest
    Reply
    |
    Oct 5, 2015

    Due to processing by IBM, this request was reassigned to have the following updated attributes:
    Brand - Servers and Systems Software
    Product family - Transaction Processing
    Product - CICS Transaction Server

    For recording keeping, the previous attributes were:
    Brand - WebSphere
    Product family - Transaction Processing
    Product - CICS Transaction Server

  • Guest
    Reply
    |
    Sep 9, 2015

    Arshia,
    thank you.
    Based on your answer the proposed design would be to issue a message when a cipher is first used.

  • Guest
    Reply
    |
    Sep 3, 2015

    Yes, the requirement is to see which ciphers are being used overall. Using a method such as statistics allows us to see if a cipher is even being used at all. From there, we could then take the necessary steps to identify which calls are using the ciphers we are concerned about (either via trace or other processes). In particular, this would help hand-in-hand with RFE 75551 so we can "see" if a cipher is in use before limiting its use region-wide.

  • Guest
    Reply
    |
    Sep 2, 2015

    With inbound connections we monitor the cipher used. This is straight forward as there is only one inbound connection. There could be multiple outbound connections therefore monitoring which cipher is actually used would require resource records for each outbound connection.
    This could significantly increase the size of the record, so is not something we are currently looking at implementing.

    Is the requirement to see which ciphers are being used overall or do you need to see this on every task.
    If it is the former case, then another option would be for us to log when a cipher is first used by issueing a message.
    Alternatively we could record how many times each cipher is used in stats.
    Would either of these options be viable alternatives?

    Note also that the information can be obtained from the trace if you could use the SO=1 trace option to gather the data. CIPHER_SELECTED appears on the SOSI call.