On 1/13/2024 9:50 PM, Attila Fogarasi wrote:
It is indeed a technical reason: PDS and PDSE datasets cannot be Extended-Format. Pervasive Encryption requires Extended-Format. The restrictions on Extended-Format have been problematic for the past decade, so presumably not easy to fix. A few other dataset types are also affected (such as Direct). Your problem is more with the use of HLQ to designate Pervasive Encryption, that is maybe much easier to fix (at a guess).
AES256 encryption is supported for basic, large, and extended format data sets as well as PDSE.
I suppose whether such encryption is considered "pervasive" or not depends on how much of your mainframe's data overall is encrypted this way.
Program object libraries (the subject of this thread) are the exception. Seymour's conjecture seems reasonable, but I always assumed it was because most LOADs come from shared libraries you never OPEN (e.g., LNKLST). If such libraries were encrypted, the keylabels would need to be saved, CSF services would need to be invoked, SAF calls would need to be issued against the appropriate keylabel resources in the CSFKEYS class, and every user in the shop would need SAF READ access to those resources. A lot of extra work/overhead for quite literally zero gain...
-- Phoenix Software International Edward E. Jaffe 831 Parkview Drive North El Segundo, CA 90245 https://www.phoenixsoftware.com/ -------------------------------------------------------------------------------- This e-mail message, including any attachments, appended messages and the information contained therein, is for the sole use of the intended recipient(s). If you are not an intended recipient or have otherwise received this email message in error, any use, dissemination, distribution, review, storage or copying of this e-mail message and the information contained therein is strictly prohibited. If you are not an intended recipient, please contact the sender by reply e-mail and destroy all copies of this email message and do not otherwise utilize or retain this email message or any or all of the information contained therein. Although this email message and any attachments or appended messages are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by the sender for any loss or damage arising in any way from its opening or use. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN