I think you underestimate the difficulty in "hacking" the software and that "single spit" of data is much more protected than you let on.
As for an IBMer "admitt[ing] that [you were] correct," I strongly suspect that you read WAY more into such a statement than was actually there. Your PS wasn't terribly worrisome either. Of course someone knows all the key part holders to be able to bring them in. That's standard security practice. The risk isn't that someone knows the people. The risk is of collusion. If you have 3 key parts, you need 3 different people to all agree to act nefariously. Eric Rossman -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Leonard D Woren Sent: Monday, January 15, 2024 9:29 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: [EXTERNAL] Re: Technical Reason? - Why you can't encrypt load libraries (PDSE format)? OK. So we've established that the key is set via software. Software can be hacked. And now there's only a single spit of data to focus all the effort on. Years ago at a SHARE presentation, I caught an IBMer after the session and they admitted that I was correct. /Leonard P.S. Someone has to know all the security officers in order to contact them when necessary to input the keys. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN