> Actually ICSF provides both open and secure key encryption services. Yes - mainly, those were added so that applications would have a way to use ICSF for clear-key encryption with the CPACF. Those were not originally a part of CCA, and are not supported in the HSM cards (Crypto Express, 476x). In addition, CCA has always had clear key "ENCODE" and "DECODE" verbs, but those were intentionally limited to encrypting just 8 bytes of data - the original designers wanted to discourage use of clear key encryption.
---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
