Table 1 lists z/OS
UNIX /etc files. 
| Utility | Rel. | IBM-provided sample file | Target location | What changed and when | Reason for change |
|---|---|---|---|---|---|
| DCAS | V2R1 | No sample provided | /etc/dcas.conf | In z/OS V2R1 Communications Server, a new DCAS keyword, TLSMECHANISM, is provided to configure the DCAS (Digital Certificate Access Server) server to use Application Transparent Transport Layer Security (AT-TLS) to manage TLS security. | AT-TLS enablement for DCAS |
| In z/OS V2R1 Communications Server, a new
TLSV1ONLY keyword is provided to configure SSLV3 protocol for connections
that are secured using SSL implemented by DCAS. |
Release update |
||||
| FTP Server and Client |
V2R1 |
SEZAINST (FTCDATA) for the client and (FTPSDATA) for the server |
FTP.DATA |
In z/OS V2R1 Communications Server, a new
SSLV3 keyword is provided to configure SSLV3 protocol for connections
that are secured using TLS implemented by FTP. |
Release update |
| Policy Agent |
V2R1 |
/usr/lpp/tcpip/samples/pagent.conf |
/etc/pagent.conf |
In z/OS V2R1 Communications Server, a new
ServerSSLv3 keyword is provided to configure SSLV3 protocol for the
policy client that connects to the server. |
Release update |
| z/OS V2R1 Communications Server Policy Agent, centralized Policy Agent now supports TLSv1.1 and TLSv1.2 2-byte ciphers. For detailed information, see the ServerSSLV3CipherSuites parameter of the ServerConnection statement in z/OS V2R1.0 Communications Server: IP Configuration Reference. In z/OS V2R1 Communications Server, the import services between Policy Agent and IBM Configuration Assistant for z/OS Communications Server can have user defined AT-TLS policies to create a secure SSL connection. | TLS security enhancements for Policy Agent | ||||
| Sendmail |
V2R1 |
/usr/lpp/tcpip/samples/sendmail/cf/zOS.cf |
/etc/mail/zOS.cf |
In z/OS V2R1 Communications Server, a new
SSLV3 keyword is provided to configure SSLV3 protocol for connections
that are secured using System SSL. |
Release update |
| z/OS UNIX sendmail CipherLevel statement now supports TLSv1.2 2-byte ciphers. See CipherLevel statement in the Creating the z/OS specific file topic topic in z/OS V2R1.0 Communications Server: IP Configuration Guide. | TLS Security enhancements for sendmail | ||||
| SNMP Agent | V2R1 | /usr/lpp/tcpip/samples/snmpd.conf | /etc/snmpd.conf | New privacy protocol value AESCFB128 can be specified on a USM_USER statement to request AES 128-bit encryption. | Network Security enhancements for SNMP |
| z/OS UNIX snmp command | V2R1 | /usr/lpp/tcpip/samples/snmpv2.conf | /etc/osnmp.conf | New privacy protocol value AESCFB128 can be specified on a statement for an SNMPv3 user to request AES 128-bit encryption. | Network Security enhancements for SNMP |