|
- CKTAUTH - decides if authentication will be performed for every
CKDS record read from DASD. With a large CKDS, CKTAUTH(YES) could
cause an impact to performance.
- PKDSCACHE - no longer supported, but tolerated.
- COMPENC - no longer supported, but tolerated.
- DOMAIN - this parameter is optional. It is required if more than
one domain is specified as the usage domain on the PR/SM panels or
if running in native mode.
On a z990 or z890, if a PCI Cryptographic Accelerator, PCIXCC,
CEX2C, or CEX3C is not available, or on a z9 EC, z9 BC, z10 EC, z10
BC, or z196 if a CEX2A, CEX2C, CEX3A, or CEX3C is
not available, the DOMAIN parameter is not required. If a PCICA, PCIXCC,
CEX2A, CEX2C, CEX3A, or CEX3C is available, the DOMAIN parameter
is required if more than one domain is specified as the usage domain
on the PR/SM panels. If only one usage domain is assigned to the LPAR,
the DOMAIN parameter is optional.
- SYSPLEXCKDS - this parameter is optional. It specifies whether
this system, if a member of a multi-system sysplex using a shared
CKDS, should participate in XCF signalling in order to maintain consistency
of the CKDS data across the sysplex.
- SYSPLEXPKDS - this parameter is optional. It specifies whether
this system, if a member of a multi-system sysplex using a shared
PKDS, should participate in XCF signalling in order to maintain consistency
of the PKDS data across the sysplex.
- SYSPLEXTKDS - this parameter is optional. It specifies
whether this system, if a member of a multi-system sysplex using a
shared TKDS, should participate in XCF signalling in order to maintain
consistency of the TKDS data across the sysplex.
- TKDSN - this parameter is the name of an existing TKDS
or an empty VSAM data set to be used as the TKDS.
- TRACEENTRY - the supported boundary values for this parameter
have been changed to a minimum of 10000 and a maximum of 500000.
Values outside of this range are tolerated, but automatically adjusted
to 10000.
- DEFAULTWRAP - this parameter is optional. The parameter
defines the wrapping method of DES key tokens in ICSF. The ORIGINAL
method is ECB for DES keys. The ENHANCED method is ANSI X9.24 compliant.
The key value is bundled with other data and encrypted using the CBC
mode. The default wrapping method is defined independently for internal
and external tokens
|