On Sun, 25 Jan 2009 09:54:07 -0800, Edward Jaffe wrote: >> >>>>> RACF didn't fold the password until recently. >>> >> Are you saying, then, that RACF entered the password in its >> data base as-is, but demanded that it be supplied in upper case >> to logon? That sounds like terrible design. > >RACF does not save passwords. Rather, it saves signatures derived >mathematically from the userid and password. However, the end result was >the same as if the password "entered" in its data base was in uppercase. > I stand corrected. I should have said, "entered a signature derived from the password", rather than "entered the password". I know better; I was just hasty.
But now, I'm thoroughly mystified. If "RACF didn't fold the password" (I'll trust your knowledge of the chronology), how can a signature that RACF derived from a mixed-case password fail when that same mixed-case password is passed to RACROUTE VERIFY, but succeed if the caller folds the password. >Bottom line. If a RACROUTE VERIFY caller did not fold the password, the >logon would fail. > Can any reader explain this to me? -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
