.-ENCRTYPE--=--DES----. >>-+---------------------+------------------------------------->< '-ENCRTYPE--=--TDES24-'
| statements: | GROUP, APPL |
| dependencies: | none |
Specifies the minimum type of encryption that VTAM® should use on behalf of the
application when performing session level encryption.
- ENCRTYPE=DES
- Specifies that VTAM must use a minimum of DES encryption with an 8–byte key when performing session level encryption. This is the default.
- ENCRTYPE=TDES24
- Specifies that VTAM must use a minimum of Triple_DES encryption with a 24–byte key when performing session level encryption.
Note: The ENCRTYPE value coded on the GROUP will
be sifted down to the appropriate resource (APPL).
The SYSDEFed ENCRTYPE of an APPL resource can be changed
at runtime through the MODIFY SECURITY command
which is described in z/OS Communications Server: SNA Operation. However, the ENCRTYPE value will not be
able to be downgraded. In other words, if the application is currently
operating at ENCRTYPE=TDES24, then the encryption level cannot be
changed to ENCRTYPE=DES using the MODIFY SECURITY command.
Note: If
downgrading the security level is preferred, the current major node
being used must be deactivated and another major node value must be
coded.
In addition, a user may use the LOGMODE TABLE to override the ENCRTYPE value of the SLU based on the logmode entry being used. The ENCRTYPE value will not be able to be downgraded from TDES24 to DES using the logmode table. Only TDES24 can be specified for the encryption level (ENCRTYP). See MODEENT macroinstruction for more information about MODEENT macroinstructions.