Salah,
There is no "archive" function in ICSF. The keys stored in the CKDS (and
PKDS) as well, are stored based upon the name you've given the key. If
you've created your key with let's say the name "FRED", and you replace
that key, the old key is gone - forever. If you need to save multiple
values, then you will need to give each key a unique name.
Hayim
_____________________________________
Hayim Sokolsky, CISSP
Mainframe Security Architect
DTCC Corporate Information Security
18301 Bermuda Green Dr, MS 1-CIS
Tampa FL 33647-1760
Tel. (813) 470-2177
Salah Balboul <[email protected]>
Sent by: IBM Mainframe Discussion List <[email protected]>
2009.06.29 20:14
Please respond to
IBM Mainframe Discussion List <[email protected]>
To
[email protected]
cc
Subject
ICSF Question
Hello List,
This is a question related to ICSF Key generation/update process:
what I'm trying to do is Generate a new key using the CSNBKGN call and
then
update the Today-instant-issue-key, using the CSNBKRW, call with the newly
generated key.
My question is – what does ICSF do with old keys? Are they archived on
the
CKDS somehow? Some of the error messages seems to give that impression
(see reason codes x’2710’, x’2711’ for a return code of 0; see reason code
x’2714’ for a return code of 8).
Being that we will be updating that key every business day, that will mean
260
key updates a year for this one key alone. That’s a lot of records on the
CKDS to archive if this occurs. I’m not sure what the repercussions are
for
this, if anything at all.
Thanks
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
________________________________________________________
DTCC DISCLAIMER: This email and any files transmitted with it are
confidential and intended solely for the use of the individual or
entity to whom they are addressed. If you have received this email
in error, please notify us immediately and delete the email and any
attachments from your system. The recipient should check this email
and any attachments for the presence of viruses. The company
accepts no liability for any damage caused by any virus transmitted
by this email.
