Timothy Sipples wrote: >ICSF would be the way to go in terms of maintainability, serviceability, >and related concerns.
>I think ICSF allows querying for supported algorithms/hardware to allow >fallback to algorithms that your customer is capable of running. Thus you >should be able to use ICSF to create a program that can run any hardware, >taking exploiting particular customer hardware options should they have >them. (Or maybe ICSF handles those details for you automatically, at least >for certain algorithms.) That's part of the value of ICSF, to abstract from >the underlying hardware details that can vary. It's certainly easy to look at the Crypto CVT created by ICSF and see what's supported. ICSF will automatically fall back when it can-if you call a Secure Key API and don't have a CEX, it can't fall back, so that will fail. ...phsiii ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
