> -----Original Message----- > From: IBM Mainframe Discussion List On Behalf Of Edward Jaffe
> > Paul Gilmartin wrote: > > On Sat, 24 Jan 2009 13:51:33 -0800, Edward Jaffe wrote: > > > >>[ snip ] > >> > >> RACF didn't fold the password until recently. > >> > > All the more reason, then, that applications should _never_ have > > folded passwords. It merely prevented users' employing a > > capability present in the underlying system. > > No. Failure to fold password on older RACF systems resulted in logon > failure. Folding by the application was mandatory. Sounds like a "chicken <-> egg" situation. If RACF didn't fold passwords initially, that suggests that uppercase-only passwords were not "mandatory" at least as far as RACF was concerned. The question then becomes one of why applications "mandated" uppercase-only passwords in the first place. But since they (apparently) did, it's easier to understand why RACF started folding passwords (presumably) when they explicitly implemented the option for mixed-case passwords (at z/OS 1.7?). -jc- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
