Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Determining a session's data encryption level z/OS Communications Server: SNA Programmer's LU 6.2 Guide SC27-3669-00 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
The data encryption level is negotiated in the BIND and BIND response for each session. The session's data encryption level is determined by the ENCR parameter on the LUs' APPL definition statements, the ENCR parameter on the logmode table entry, and the MODIFY ENCR operator command. For more information about coding the ENCR parameter, refer to z/OS Communications Server: SNA Resource Definition Reference. For more information about the MODIFY ENCR command, refer to z/OS Communications Server: SNA Operation. For additional information about session level cryptography, refer to z/OS Communications Server: SNA Programming. The partner LU can negotiate the data encryption to a higher level, but it cannot negotiate it to a lower level. On completion of either an APPCCMD CONTROL=ALLOC, or APPCCMD CONTROL=RCVFMH5 macro, the RPL6CRYP field of the RPL6 will indicate the data encryption level of the session allocated to the conversation. Table 1 shows the selection
process that VTAM uses to establish
the session level of cryptography, based on the values coded for the
primary LU, the secondary LU, and the logon mode table entry.
Note: The
cryptographic requirements specified on the VTAM APPL definition statement or VTAM operator MODIFY ENCR command for an LU
and the logon mode table entry are compared. The higher of the cryptographic
levels is used.
|
Copyright IBM Corporation 1990, 2014
|