zERT TLS Session Attributes

Use the zERT TLS Session Data attributes to monitor all zERT TLS security sessions.

Origin Node Unique identifier for the TCP/IP stack being displayed.

System ID The SMF system ID. The format is a text string no longer than 4 characters.

TCPIP STC Name The jobname of the TCP/IP address space.

Sysplex Name The name of the sysplex that the monitored system is part of. The format is a text string no longer than 8 characters.

Collection Time The date and time of data collection.

User ID The z/OS user ID that opened and bound the socket associated with the security session.

Application Name The jobname associated with the application address space that opened and bound the socket associated with the security session.

IP Protocol The IP Protocol for the security session. The format is an unsigned integer that can have the following values:
6 - TCP
17 - UDP

Port Range Start The starting value for the server port range. The format is an unsigned integer.

Port Range End The ending value for the server port range. The format is an unsigned integer.

Client IP Address The client IP address. The format is a text string no longer than 45 characters. The IPV6 Session attribute indicates whether this is an IPV6 IP address or not.

Server IP Address The server IP address. The format is a text string no longer than 45 characters. The IPV6 Session attribute indicates whether this is an IPV6 IP address or not.

Session ID Session identifier that uniquely identifies a security session based on the server and client endpoints plus the significant security attributes for the session. The format is a text string no longer than 42 characters.

Source Source of the information of the security session. The format is an unsigned integer that can have the following values:
Unknown=0
Stream_Observed=1
Crypto_Protocol=2
Cryptographic Operation The type of cryptographic operation being used for the security session. The format is an unsigned integer that can have the following values:
Unknown=0
Pre_Shared_Key=16
Raw_Public_Key=64
Encrypt_Then_Mac=128
Protocol Version The protocol version being used for the security session. The format is an unsigned integer that can have the following values:
Unknown=0
SSLv2=512
SSLv3=768
TLSv1.0=769
TLSv1.1=770
TLSv1.2=771
TLSv1.3=772
Symmetric Encryption The symmetric encryption algorithm used by the cipher suite. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
DES==2
DES_40=3
3DES=4
RC2_40=5
RC2_128=9
RC4_256=10
RC4=11
AES_CBC_128=12
AES_CBC_192=13
AES_CBC_256=14
AES_CTR_128=15
AES_CTR_192=16
AES_CTR_256=17
AES_GCM 128=18
AES_GCM_256=19
AES_CCM_128=20
AES_CCM_256=21
AES_CCM8_128=22
AES_CCM8_256=23
AES_256=24
Blowfish=25
Blowfish_CBC=26
CAST_128_CBC=27
ARCFOUR_128=28
ARCFOUR_256=29
ARCFOUR=30
Rijndael_CBC=31
ACSS=32
ARIA_128_CBC=33
ARIA_256_CBC=34
ARIA_128_GCM=35
ARIA_256_GCM=36
Camellia_128_CBC=37
Camellia_256_CBC=38
Camellia_128_GCM=39
Camellia_256_GCM=40
ChaCha20_Poly1305=41
IDEA_CBC=42
SEED_CBC=43
Fortezza=44
GOST28147=45
TwoFish_CBC_256=46
TwoFish_CBC=47
TwoFish_CBC_192=48
TwoFish_CBC_128=49
Serpent_CBC_256=50
Serpent_CBC_192=51
Serpent_CBC_128=52
Message Authentication The message authentication algorithm used by the cipher suite. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
MD2=2
HMAC-MD5=3
HMAC-SHA1=4
HMAC-SHA2-224=5
HMAC-SHA2-256=6
HMAC-SHA2-384=7
HMAC-SHA2-512=8
AES-GMAC-128=9
AES-GMAC-256=10
AES-128-XCBC-96=11
HMAC-SHA2-256-128=12
HMAC-SHA2-384-192=13
HMAC-SHA2-512-256=14
HMAC-MD5-96=15
HMAC-SHA1-96=16
UMAC-64=17
UMAC-128=18
RIPEMD-160=19
Key Exchange The key exchange algorithm used by the cipher suite. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
RSA=2
RSA_EXPORT=3
RSA_PSK=4
DH_RSA=5
DH_RSA_EXPORT=6
DH_DSS=7
DH_ANON=8
DH_ANON_EXPORT=9
DH_DSS_EXPORT=10
DHE_RSA=11
DHE_RSA_EXPORT=12
DHE_DSS=13
DHE_DSS_EXPORT=14
DHE_PSK=15
ECDH_ECDSA=16
ECDH_RSA=17
ECDH_ANON=18
ECDHE_ECDSA=19
ECDHE_RSA=20
ECDHE_PSK=21
KRB5=22
KRB5_EXPORT=23
PSK=24
SRP_SHA_RSA=25
SRP_SHA_DSS=26
SRP_SHA=27
ECDHE=28
DHE=29
Server Certificate Signature The server certificate signature method. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
RSA_with_MD2=2
RSA_with_MD5=3
RSA_with_SHA1=4
DSA_with_SHA1=5
RSA_with_SHA-224=6
RSA_with_SHA-256=7
RSA_with_SHA-384=8
RSA_with_SHA-512=9
ECDSA_with_SHA1=10
ECDSA_with_SHA-224=11
ECDSA_with_SHA-256=12
ECDSA_with_SHA-384=13
ECDSA_with_SHA-512=14
DSA_with_SHA-224=15
DSA_with_SHA-256=16
RSA_PSS_RSAE_with_SHA-256=17
RSA_PSS_RSAE_with_SHA-384=18
RSA_PSS_RSAE_with_SHA-512=19
ED_25519=20
ED_448=21
RSA_PSS_PSS_with_SHA-256=22
RSA_PSS_PSS_with_SHA-384=23
RSA_PSS_PSS_with_SHA-512=24
Server Certificate Encryption The server certificate encryption method. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
RSA=2
DSA=3
ECDSA=4
Server Certificate Digest The server certificate digest algorithm. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
MD2=2
MD5=3
SHA1=4
SHA-224=5
SHA-256=6
SHA-384=7
SHA-512=8
Server Certificate Key The server certificate key type. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
RSA=2
DSA=3
DH=4
ECC=5

Server Certificate Key Length The server certificate key length. The format is an unsigned integer.

Client Certificate Signature The client certificate signature method. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
RSA_with_MD2=2
RSA_with_MD5=3
RSA_with_SHA1=4
DSA_with_SHA1=5
RSA_with_SHA-224=6
RSA_with_SHA-256=7
RSA_with_SHA-384=8
RSA_with_SHA-512=9
ECDSA_with_SHA1=10
ECDSA_with_SHA-224=11
ECDSA_with_SHA-256=12
ECDSA_with_SHA-384=13
ECDSA_with_SHA-512=14
DSA_with_SHA-224=15
DSA_with_SHA-256=16
RSA_PSS_RSAE_with_SHA-256=17
RSA_PSS_RSAE_with_SHA-384=18
RSA_PSS_RSAE_with_SHA-512=19
ED_25519=20
ED_448=21
RSA_PSS_PSS_with_SHA-256=22
RSA_PSS_PSS_with_SHA-384=23
RSA_PSS_PSS_with_SHA-512=24
Client Certificate Encryption The client certificate encryption method. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
RSA=2
DSA=3
ECDSA=4
Client Certificate Digest The client certificate digest algorithm. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
MD2=2
MD5=3
SHA1=4
SHA-224=5
SHA-256=6
SHA-384=7
SHA-512=8
Client Certificate Key The client certificate key type. The format is an unsigned integer that can have the following values:
Unknown=0
None=1
RSA=2
DSA=3
DH=4
ECC=5

Client Certificate Key Length The client certificate key length. The format is an unsigned integer.

Negotiated Cipher The negotiated cipher suite identifier. The format is a 6 character string. If the TLS version is SSLv3 or higher, this is a four character value in the first 4 bytes of this field. Refer to the TLS Cipher Suite registry at http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml - if the TLS version is SSLv2, then all 6 bytes are used and can have one of the following values:
128bit_RC4=010080
40bit_RC4=020080
128bit_RC2=030080
40bit_RC2=040080
128bit_IDEA=050080
DES1=060040
3DES=0700C0