z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic
|
Next topic
|
Contents
|
Index
|
Contact z/OS
|
Library
|
PDF
Authorization
z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16
Table 314. Authorization requirements for the set attribute value callable service
Action
Object
Authority required
Set
Public object, except a CA certificate
USER (UPDATE) or SO (READ)
Set
Private object, except a CA certificate
USER (UPDATE) or SO (CONTROL)
Set
Public CA certificate object
USER (CONTROL) or SO (READ)
Set
Private CA certificate object
USER (CONTROL) or SO (CONTROL)
Note:
Session and token objects require the same authority.
See
z/OS Cryptographic Services ICSF Writing PKCS #11 Applications
for more information on the SO and User PKCS #11 roles and how ICSF determines that a certificate is a CA certificate.
Copyright IBM Corporation 1990, 2014