My case was before AT-TLS, when I believe it was up to each application
to handle the encryption themselves, so we saw a big spike and delay in
the SSHD task each time someone logged on. That timing contributed to
my theory about the prime number generation or similar initial
encryption processing. There was no spike in TCPIP which I believe had
no part in the encryption processing prior to AT-TLS. After AT-TLS? I
don't have experience.
On 1/23/2024 10:49 PM, Peter wrote:
Ok so TCPIP as a started task when it does encryption and decryption so it
directly overloads the General CP ?
On Wed, Jan 24, 2024, 9:59 AM Tom Brennan <t...@tombrennansoftware.com>
wrote:
Even though you don't have a crypto processor, do you have CPACF on the
box? Most machines I've seen do, because it's a no-charge feature. I
don't know for sure, but I thought I heard that you can start ICSF
without a crypto card and it will use CPACF for some of the heavier
encryption processing (maybe like generating prime numbers) and save
individual tasks some CP time.
That's just my old theory though, from back in 2015 when I saw a
situation similar to what you describe. But it was a client machine
where I didn't have the ability to try things out. I'd sure like to
hear more from someone more experienced in this area.
On 1/23/2024 9:10 PM, Peter wrote:
After implementing ATTLS there is some delay in our CICS transaction but
I
was suspecting if sn absence of crypto processor can overload the general
processor to cause this delay ?
On Wed, Jan 24, 2024, 9:01 AM Phil Smith III <li...@akphs.com> wrote:
Peter wrote:
I have a general question here. When you don't have crypto processor,
So
when a ATTLS traffic is enabled does the encryption and decryption
handled
by Started task TCPIP or the general processor?
The TCPIP started task is just code and runs on the general processor,
so
your question doesn't make much sense. AT-TLS is managed
by the Policy Agent started task, and it appears that the actual
encryption takes place in the TCPIP started task, but that's a
conclusion-I've never wondered.
Why do you ask? What problem are you trying to solve? We'd like to know
more!
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
