IBM Z Hardware and Operating Systems Ideas Portal
This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
This is addressed via z/OS Encryption Readiness Technology (zERT) provided in z/OS V2R3.
Due to processing by IBM, this request was reassigned to have the following updated attributes:
Brand - Servers and Systems Software
Product family - z Systems Software
Product - z/OS Communications Server
Component - TCP/IP
Operating system - IBM z/OS
Source - None
For recording keeping, the previous attributes were:
Brand - Servers and Systems Software
Product family - Transaction Processing
Product - CICS Transaction Server
Component - Runtime
Operating system - IBM z/OS
Source - None
Due to processing by IBM, this request was reassigned to have the following updated attributes:
Brand - Servers and Systems Software
Product family - Transaction Processing
Product - CICS Transaction Server
For recording keeping, the previous attributes were:
Brand - WebSphere
Product family - Transaction Processing
Product - CICS Transaction Server
Arshia,
thank you.
Based on your answer the proposed design would be to issue a message when a cipher is first used.
Yes, the requirement is to see which ciphers are being used overall. Using a method such as statistics allows us to see if a cipher is even being used at all. From there, we could then take the necessary steps to identify which calls are using the ciphers we are concerned about (either via trace or other processes). In particular, this would help hand-in-hand with RFE 75551 so we can "see" if a cipher is in use before limiting its use region-wide.
With inbound connections we monitor the cipher used. This is straight forward as there is only one inbound connection. There could be multiple outbound connections therefore monitoring which cipher is actually used would require resource records for each outbound connection.
This could significantly increase the size of the record, so is not something we are currently looking at implementing.
Is the requirement to see which ciphers are being used overall or do you need to see this on every task.
If it is the former case, then another option would be for us to log when a cipher is first used by issueing a message.
Alternatively we could record how many times each cipher is used in stats.
Would either of these options be viable alternatives?
Note also that the information can be obtained from the trace if you could use the SO=1 trace option to gather the data. CIPHER_SELECTED appears on the SOSI call.