> Current client driver supports encrypted userid/password (EUSRIDPWD)
> via the use of DH key-agreement protocol - however current Open Group
> DRDA specifications imposes small prime and base generator values
> (256 bits) that prevents other JCE's (apt from ibm jce) to be used
> as java cryptography providers.
If it's not too much trouble, can you cite chapter and verse here? I find
myself a little surprised that DRDA actually *requires* a short key
length; I would have thought that it might default to a short length, but
would allow longer lengths to be used if the user desired.
I hunted around a bit, and here's what I saw:
EDTASECOVR, page 324 of V.3:
The ENCALG parameter indicates the encryption algorithm to use. This
example assumes that the default DES encryption security algorithm
is specified. The ENCKEYLEN parameter indicates the encryption key
length to use. This example assumes that the default 56-bit encryption
is specified.
ENCKEYLEN, page 332 of V.3:
The Encryption Key Length (ENCKEYLEN) specifies the encryption key
length to be used with ENCALG to encrypt and decrypt the security
context information. ENCKEYLEN is used by the encryption security
mechanisms.
Please educate me; I am a rank beginner on this crypto stuff.
thanks,
bryan
