.-ENCRTYPE--=--DES----. >>-+---------------------+------------------------------------->< '-ENCRTYPE--=--TDES24-'
| statements: | GROUP, LU |
| dependencies: | none |
Specifies the minimum type of encryption that VTAM® should use on behalf of the
application when performing session level encryption.
- ENCRTYPE=DES
- Specifies that VTAM must use a minimum of DES encryption with an 8–byte key when performing session level encryption. This is the default.
- ENCRTYPE=TDES24
- Specifies that VTAM must use a minimum of Triple_DES encryption with a 24–byte key when performing session level encryption.
The SYSDEFed ENCRTYPE of a LU can be changed at runtime
through the MODIFY SECURITY command. See z/OS Communications Server: SNA Operation for specific details. However, the ENCRTYPE
value will not be able to be downgraded. In other words, if the application
is currently operating at ENCRTYPE=TDES24, then the encryption level
cannot be changed to ENCRTYPE=DES using the MODIFY SECURITY command.
Note: If
downgrading the security level is preferred, the current major node
being used must be deactivated and another major node value must be
coded.
In addition, a user may use the LOGMODE TABLE to override the ENCRTYPE value of the SLU based on the logmode entry being used. The ENCRTYPE value will not be able to be downgraded from TDES24 to DES using the logmode table. Only TDES24 can be specified for the encryption level (ENCRTYP). See MODEENT macroinstruction for more information on MODEENT macroinstructions.