Hi Richard,
This reminds me of a story.
Approximately 26 years ago, myself and a colleague were invited to a
multi-vendor meeting at a customer site to help solve a problem.
My colleague had the misfortune of pronouncing "SAP" as "sap" (rather
than Ess-Ay-Pee). The SAP guys there went stark raving mad and were
almost screaming at my colleague for this perceived infraction.
I suggested to my colleague that it was probably time for a B-E-E-R.
Regards,
David
On 2021-05-07 16:19, PINION, RICHARD W. wrote:
M-I-C-K-E-Y M-O-U-S-E. Who remembers that song?
-----Original Message-----
From: IBM Mainframe Discussion List <[email protected]> On Behalf Of
Radoslaw Skorupka
Sent: Friday, May 7, 2021 4:16 PM
To: [email protected]
Subject: Re: 3270 emulator / telnet with encryption
[External Email. Exercise caution when clicking links or opening attachments.]
Poland:
kicks for CICS
C-P-A-C-F for CPACF (*) , (**)
* Polish pronunciacion of letters. To start a war: we have consistent rules.
Not like Cincinnati and car. ;-) Actually it's very similar to Latin.
** While CICS is rather not used very much on the streets, the CPACF is almost
unknown even in among mainframers.
I used to teach Introduction to ICSF and mainframe crypto HW. BTW: In the past
I had to explain mainframe CE IBMers what is CCF and how to enable it.
Fortunately I forbade to drop anything from mainframe add-ons and we found
enablement diskette. It was valid for given serial number, so it wouldn't be
nice to loose it. Old story. Few years later some CE performed checkout test on
z800 and ...cleared all the master keys in CCF. Fortunately I had some
procedures and backup copies...
--
Radoslaw Skorupka
(looking for new job)
Lodz, Poland
W dniu 07.05.2021 o 21:24, Eric D Rossman pisze:
I'm probably the odd one out, but I say "SEE-pack-eff" and "kicks" for
CPACF and CICS and I'm on the east coast of the US.
And, yes, we (ICSF) do exploit the new z15 CPACF functions available
with
MSAE9 (Compute Digital Signature Authentication (KDSA)) for EC key
pair generation, digital signature generate/verify, and key agreement
for curves P-256, P-384, P-521, Ed25519, and Ed448. Since System SSL
calls us for those curves, they get the performance benefit as well.
Eric Rossman, CISSP®
ICSF Cryptographic Security Development z/OS Enabling Technologies
[email protected]
IBM Mainframe Discussion List <[email protected]> wrote on
05/07/2021 12:57:01 PM:
From: Lennie Dymoke-Bradshaw
<[email protected]>
Tom,
CPACF is considered part of weaponry by the US government and so it
has to be capable of being disabled for those countries where
exportation of encryption is restricted by US Govt arms rules. This
is why it has to be explicitly selected.
CPACF is actually a pre-requisite for enabling a Crypto Express
device. CPACF is used extensively in TLS. TLS uses clear key
encryption for data transport and this is where the majority of
encryption work is performed in TLS. However, I see the latest CPACF
on Z15s have some new asymmetric functions, so maybe CPACF can be
used in the TLS handshake as well now.
Lennie Dymoke-Bradshaw
-----Original Message-----
From: IBM Mainframe Discussion List <[email protected]> On
Behalf Of Tom Brennan
Sent: 07 May 2021 16:55
To: [email protected]
Subject: Re: 3270 emulator / telnet with encryption
On 5/7/2021 6:19 AM, Phil Smith III wrote:
It's a reasonably safe bet that any machine today has CPACF; that
was not always true, of course.
When IBM or a business partner configures a new machine, there's a
checkmark for CPACF (zero charge), but it defaults to unchecked. So
when ordering a new machine I'd suggest the customer ask to make sure
that free feature code is supplied.
If the machine comes with a crypto card, CPACF is automatically
selected and required. No need to ask in that case.
Side subject - so how do you pronounce CPACF? I always say each
letter, but some IBM crypto folks say C-Pack-F
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email to
[email protected] with the message: INFO IBM-MAIN
Confidentiality notice:
This e-mail message, including any attachments, may contain legally privileged
and/or confidential information. If you are not the intended recipient(s), or
the employee or agent responsible for delivery of this message to the intended
recipient(s), you are hereby notified that any dissemination, distribution, or
copying of this e-mail message is strictly prohibited. If you have received
this message in error, please immediately notify the sender and delete this
e-mail message from your computer.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
