Right - the CPACF Protected Keys are *very* secure and we were very happy with our ability to add that feature. Unfortunately, for some applications (such as payment card systems), the standards require a "Secure Cryptographic Device" (SCD) like an HSM that has advanced active tamper detection and response - so you have no choice in those cases.
---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
