You had made reference to some items that should have been done. I.E. - did you record master keys in safe place - what options you have active (what *should* be active) - what cards are working (how many), what cards are installed - how the services/keys should be protected by RACF.
I have done the above, but this was because it seemed the right thing to do. I was just wondering if there was a redbook that outlined a best practice approach of things to consider when you have cards like these. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of R.S. Sent: Thursday, October 06, 2005 10:22 AM To: [email protected] Subject: Re: ICSF Verification Ward, Mike S wrote: > Is there a best practices redbook for the cards? I don't remain any. However cyrpto cards are usually described in chapters of "New shining xxxx CPC Technical Introduction" redbooks. BTW: What do you mean by "best practices" IMHO best practice is to get what is needed, enable features via SE, implement ICSF and use it. Oh, do not even think about touching the hardware! You destroy it by opening the card. That's for security reasons of key remaining in card storage. Best practices for ICSF, especially in multiple host environment and/or DR planning - this should be carefully considered. HTH -- Radoslaw Skorupka Lodz, Poland ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
