From the z/OS V2.4 announcement. Reading between the lines, I don’t think you can install this on lower version of z/OS, but maybe a quick support ticket would be in order. Also it is chargeable feature.
Removal of user key common storage User key common storage is memory that can be updated by any unauthorized program. z/OS V2.4 no longer supports unrestricted user key common storage, thereby improving application isolation and security. PTFs for APARs OA53355 and OA56180 are available at lower releases to assist in migration and identification of programs accessing user key common storage. Removal of support of YES setting for VSM ALLOWUSERKEYCSA DIAGxx parmlib parameter: z/OS V2.3 will be the last release of z/OS to support the YES setting for the VSM ALLOWUSERKEYCSA DIAGxx parmlib parameter. If you run any software that requires the setting of this parameter to YES, the software will need to be changed to no longer require the setting of this parameter to YES or the optional priced RUCSA feature will be required. All IBM provided software should not require this setting. If you have any other non-IBM provided software that requires this setting, contact the owner of the software regarding this usage. Removal of support for obtaining user key CSA/ECSA storage: z/OS V2.4 does not support the usage of the GETMAIN, CPOOL, and STORAGE OBTAIN interfaces to obtain user key (8-15) CSA/ECSA storage. If you have any software that obtains user key CSA/ECSA storage, the software will need to be changed to no longer require this capability or the optional priced RUCSA feature will be required. Removal of support for obtaining user key CSA/ECSA storage: z/OS V2.4 does not support the usage of the GETMAIN, CPOOL, and STORAGE OBTAIN interfaces to obtain user key (8-15) CSA/ECSA storage. If you have any software that obtains user key CSA/ECSA storage, the software will need to be changed to no longer require this capability or the optional priced RUCSA feature will be required. Removal of support for changing Common ESQA (Subpool 247-248) storage to user key: z/OS V2.4 does not support the usage of the CHANGKEY interface to change Common ESQA (Subpool 247-248) storage to user key (8-15). If you have any software that changes Common ESQA (Subpool 247-248) storage to user key, the software will need to be changed to no longer require this capability. Removal of support of YES setting for ALLOWUSERKEYCADS DIAGxx parmlib parameter: z/OS V2.4 does not support the YES setting for the ALLOWUSERKEYCADS DIAGxx parmlib parameter. On prior releases, when ALLOWUSERKEYCADS(YES) is in effect, usage of the DSPSERV CREATE interface to create a SCOPE=COMMON data space in user key (8 -15) is supported. If you run any software that requires the setting of this parameter to YES, the software will need to be changed to no longer require the setting of this parameter to YES. All IBM provided software should not require this setting. If you have any other non-IBM provided software that requires this setting, contact the owner of the software regarding this usage. Removal of support for creating SCOPE=COMMON data spaces in user key: z/OS V2.4 does not support the usage of the DSPSERV CREATE interface to create a SCOPE=COMMON data space in user key (8 -15). If you have any software that creates a SCOPE=COMMON data space in user key, the software will need to be changed to no longer require this capability. Restricted Use Common Service Area (RUCSA) feature A new optional priced feature, RUCSA, is offered to enable clients to define a restricted use CSA (RUCSA) and manage it through SAF security protection. While avoiding user key common storage entirely is recommended, this feature enables clients who cannot update their applications that allocate user key CSA to gain enhanced protection without the need for application changes. Additionally, new health checks and instrumentation are added to track usage of this area. PTFs for APARs OA53355 and OA56180 are available at lower releases to assist in migration and identification of programs accessing user key common. _____________________________________________________________________________________________________ Dave Jousma AVP | Manager, Systems Engineering Fifth Third Bank | 1830 East Paris Ave, SE | MD RSCB2H | Grand Rapids, MI 49546 616.653.8429 | fax: 616.653.2717 -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Richards, Robert B. Sent: Thursday, March 12, 2020 9:21 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: RUCSA **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** Does it come with a free sample of Alka Seltzer? 😊 -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Allan Staller Sent: Thursday, March 12, 2020 9:02 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: RUCSA Can't speak for IBM, but AFAIK, it should be orderable separately. To quote the old commercial: "Try it. You'll like it" <G> -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Dana Mitchell Sent: Thursday, March 12, 2020 7:54 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: RUCSA [CAUTION: This Email is from outside the Organization. Do not click links or open attachments unless you trust the sender.] Is anyone using RUCSA yet? We currently have a very old ISV product that requires running with ALLOWUSERKEYCSA(YES) on z/OS 2.2. As we prepare for new hardware to support upgrade to z/OS 2.4, I'm faced with the possibility of needing to run 2.4 with RUCSA if we cannot get an upgrade for this old ISV product in time. I see RUCSA as orderable on ShopZ, just wondering, can it be ordered and installed seperately or does it need to be ordered at the same time as the z/OS 2.4 order? Thanks Dana On Wed, 6 Nov 2019 19:38:33 +0000, Jousma, David <david.jou...@53.com> wrote: >Folks, > >Remind me, is RUCSA support a chargeable feature? I find nothing in the >manual, the only clue I find is it is a separate line-item in ShopZ, so >thinking it may be chargeable, and enabled via IFAPRDxx? Just looking for a >bit of confirmation > >_______________________________________________________________________ >______________________________ >Dave Jousma >AVP | Manager, Systems Engineering >[cid:image003.png@01D4F915.C9E34050] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ::DISCLAIMER:: ________________________________ The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects. ________________________________ ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
