The following list of changes provides an overview of what is new in interNet Services V3.4B and relevant to this manual.

The changes that affect the interNet Services User Guide are listed in the corresponding section of that manual.

OpenSSH

• The SSH protocol version 1 is no longer supported.

• Elliptic Curve Cryptography (ECDSA, Ed25519) is now supported.

SSL/TLS protocol versions and cipher suites for FTP, TELNET, Mail sender, and Mail reader

• Discontinuation of SSLv2

• Extension to include TLSv1.1 and TLSv1.2.

• New cipher suites for the SSL/TLS cipher suites

FTP

• New FTP option -TVFS for enabling/disabling TVFS.

• New commands in subevent in FTPCMD as a result of the new FTP server commands MLSD and MLST.

Telnet

• New value optional in the START-TLS option Z tls-required.

Mail senders in BS2000

• New options maxQueueLifeTime, smtpReadMaxWaitTime, smtpRetryTimeBase, and smtpRetryTimeMaxExp to control the maximum life expectancy of an e-mail and the waiting times for repeated dispatch attempts.

• The retryLimit option is no longer supported. It is replaced by the maxQueueLifeTime option.

stunnel

• stunnel is a newly offered service, which can transpose unsecured TCP connections onto TLS secured ones and vice versa.

Discontinued functions

• Discontinuation of crypto hardware
  Crypto hardware is no longer supported. As a result, the tlsUseCryptoHardware and -Z UseCryptoHardware options, as well as the USE-CRYPTO-HARDWARE configuration parameter in the SET-FTP-TELNET-PARAMETERS command are no longer available.

• The POSIX prngd daemon is no longer provided and is therefore not described. You can generate random numbers instead using the BS2000 PRNGD.

Modified manual structure

• The structure of the cipher mnemonics for creating preference list specifications is now described centrally in chapter "Specification of a cipher suite preference list".