[prev in list] [next in list] [prev in thread] [next in thread]
List: racf-l
Subject: Re: Digital Certificates - Root CA
From: Wai Choi <wchoi () US ! IBM ! COM>
Date: 2008-09-25 14:28:53
Message-ID: OFFB17B5C0.89F3377F-ON852574CF.004C12AE-852574CF.004F8B3E () us ! ibm ! com
[Download RAW message or body]
Steve,
Are you talking about RACF or gskkyman in System SSL? A cert with 4096
bits key can be loaded by gskkyman since V1R6 and it can be loaded in RACF
starting V1R10.
Regards,
Wai
Wai Choi - RACF/PKI Development
"Chan, Steven" <steven.chan@EDS.COM>
Sent by: RACF Discussion List <RACF-L@LISTSERV.UGA.EDU>
09/25/2008 03:30 AM
Please respond to
RACF Discussion List <RACF-L@LISTSERV.UGA.EDU>
To
RACF-L@LISTSERV.UGA.EDU
cc
Subject
Digital Certificates - Root CA
Hi there
I am aware I cannot load a root CA with RSA 4096 bits key length as the
max length is currently 2048 bits.
We are running zOSV1R9 and am aware it will be support in V1R10.
However, when we run the SSL started task now, it displays
F GSKSRVR,D CRYPTO
GSK01009I Cryptographic status 464
Algorithm Hardware Software
DES 56 56
3DES 168 168
AES 128 256
RC2 -- 128
RC4 -- 128
RSA Encrypt 2048 4096
RSA Sign 2048 4096
DSS -- 1024
SHA-1 160 160
SHA-256 256 256
and shows support for 4096 for RSA algorithms.
I'm not an expert at this, but could someone explain what the difference
is here.
Thanks...Steve
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic