Lizette Koehler wrote: > I have added the public key from our partner into our Top Secret envrionment. > Now I need to see if it actually encrypted with that public key. Here I am > still not understanding this process of public keys so well. > > IEC205I SYSUT2,LK41591T,COPYIT1,FILESEQ=1, COMPLETE VOLUME LIST, > DSN=STORAGE.ENCRYPT$.TEST.VOL4R,VOLS=300027, > LISTED VOL(S) HAVE BEEN DATA ENCRYPTED,KL1CD:L,KL2CD:H, > KL1=rsaceru,KL2=EMKLOWES,TOTALBLOCKS=1 > > I then took the tape and wrote back out the file. Which was successful. I > thought if I used a public key I would not be able to read the tape again. > Yet my test did not support that thought. > > So my questions > 1) When you encrypt a tape with a public key, can you still read it? > 2) How can you verify that the tape is actually setup to use the public key > and not my private key? > 3) We are using EKM software from IBM, are there any displays that will help > me verify that my partner will be able to read the tape? > Anything in ISMF, or CA1? > > Thanks > > Lizette > > If you encrypted the tape with two keylabels, one from your generated keypair and the other one from your partner then yes you should be able to read it. Try encrypting the tape with only their key. Your attempt to read the tape should fail since you don't have the associated private key in your environment.
-- Mark Jacobs Time Customer Service Tampa, FL ---- In theory there is no difference between theory and practice. In practice there is. - Yogi Berra ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
