FLAM® Issue Tracker

View Revisions: Issue #699 Back to Issue ]
Summary 0000699: SAF-KeyRing support
Revision 2015-06-23 14:10 by Mykhailo Moldavskyy
Description Add Racf-KeyRing support for example PGP (conversion/encryption)
see:
http://www-01.ibm.com/support/knowledgecenter/SSLTBW_2.1.0/com.ibm.zos.v2r1.ichd100/gplfrd.htm [^]
Revision 2015-06-29 08:35 by Falk Reichbott
Description Add Racf-KeyRing support for example PGP (conversion/encryption)
see:
http://www-01.ibm.com/support/knowledgecenter/SSLTBW_2.1.0/com.ibm.zos.v2r1.ichd100/gplfrd.htm [^]

The r_datlib service can be used to read entries from the key ring.

The key ring can contain clear key pairs, PKCS#11 tokens, ICSF label for EP11 tokens or CCA keys.

The SAF key ring support must be implemented on top of the P11 and CCA support, and simplifies siply the access to the key/token label.

The FKME for asymetric key exchange and signing used for FLAM5 archive, OpenPGP files or other encryption cabebilities must be extent to determine the current active key of the declared user based on the assigned SAF key ring.

This solution must be combatible with RACF, ACF2, Top Secret and other security server.


Copyright © 2000 - 2024 MantisBT Team
Powered by Mantis Bugtracker