Page 1 of 1

Validate a signature

PostPosted: Sat Nov 05, 2011 12:00 am
by Martin Gross
Does anyone know if there is a system program or service available to validate a signature?
If so, where does it store the needed key?

Background:
Over an unsecured network data is transfered to our mainframe.
To protoect the data from being spoofed (manipulated) on the way to our mainframe it is signed (using e.g. MD5, AES).
So we'd only except the data, when the provided signature is valid.

Re: Validate a signature

PostPosted: Sat Nov 05, 2011 1:25 am
by Robert Sample
IF this is possible, and I'm not saying for sure it is, you need to work with your site security group as the security software (RACF, ACF/2, or TOP SECRET) would be handling the signature / certification. The only time I've dealt with AES on the mainframe, it was for encryption / decryption and used a software product from an ISV. I do know RACF handles certificates but don't know the details.

Re: Validate a signature

PostPosted: Wed Jan 18, 2012 2:43 pm
by jaggz
Two ways in RACF : Self -signed Certificate and Signed up by the third party validators.(CSR). More information on this : "RACF digital signature".