Re: ICSF Question

Tue, 30 Jun 2009 07:28:44 -0700 

Salah,

There is no "archive" function in ICSF. The keys stored in the CKDS (and 
PKDS) as well, are stored based upon the name  you've given the key. If 
you've created your key with let's say the name "FRED", and you replace 
that key, the old key is gone - forever. If you need to save multiple 
values, then you will need to give each key a unique name.


Hayim
_____________________________________
Hayim Sokolsky, CISSP
    Mainframe Security Architect
    DTCC Corporate Information Security
    18301 Bermuda Green Dr, MS 1-CIS
    Tampa FL 33647-1760

    Tel. (813) 470-2177



Salah Balboul <salah...@hotmail.com> 
Sent by: IBM Mainframe Discussion List <IBM-MAIN@bama.ua.edu>
2009.06.29 20:14
Please respond to
IBM Mainframe Discussion List <IBM-MAIN@bama.ua.edu>


To
IBM-MAIN@bama.ua.edu
cc

Subject
ICSF Question






Hello List,

This is a question related to ICSF Key generation/update process:

 what I'm trying to do is Generate a new key using the CSNBKGN call and 
then 
update the Today-instant-issue-key, using the CSNBKRW, call with the newly 

generated key. 

My question is – what does ICSF do with old keys?  Are they archived on 
the 
CKDS somehow?  Some of the error messages seems to give that impression 
(see reason codes x’2710’, x’2711’ for a return code of 0; see reason code 

x’2714’ for a return code of 8). 

Being that we will be updating that key every business day, that will mean 
260 
key updates a year for this one key alone.  That’s a lot of records on the 

CKDS to archive if this occurs.  I’m not sure what the repercussions are 
for 
this, if anything at all. 

Thanks

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html




________________________________________________________
DTCC DISCLAIMER: This email and any files transmitted with it are
confidential and intended solely for the use of the individual or
entity to whom they are addressed. If you have received this email
in error, please notify us immediately and delete the email and any
attachments from your system. The recipient should check this email
and any attachments for the presence of viruses.  The company
accepts no liability for any damage caused by any virus transmitted
by this email.

Reply via email to