What cryptographic protocols are used by XCOM 12.0 for z/OS when performing secure/SSL transfers?

XCOM™ Data Transport® for z/OS

It depends on the cryptographic software used for the encryption, and is also influenced by the specification of SSL_METHOD parameter.

The cryptographic software is determined by default parameter SSL_VERSION (which is normally specified in the TYPE=CONFIG defaults member).
The SSL_METHOD parameter is specified in the SSL configuration file in use for the transfer (which in turn is set by default parameter XCOM_CONFIG_SSL)

1. Using IBM System SSL (SSL_VERSION=SYSTEM) the protocols available are:
   • TLSv1, TLSv1.1 and TLSv1.2 are enabled in all cases
   • SSLv3 is optionally enabled by setting SSL_METHOD=ALL. It is disabled otherwise.
     
     
2. Using open-source software OpenSSL (SSL_VERSION=OPEN), the protocols available are:
   • With SSL_METHOD=v3, only SSLv3
   • With SSL_METHOD=TLSv1, only TLSv1
   • With SSL_METHOD=TLSv1.1, only TLSv1.1
   • With SSL_METHOD=ALL, all protocols are available.

NOTE:
With later XCOM 12.0 maintenance, use of OpenSSL was initially deprecated and with LU07625 is now not supported: XCOM™ Data Transport® for z/OS 12.0 > Release Notes > Obsolete Features