Josef,
Yes that includes the VSAMFILE.
A little history. In the older release of Top Secret pre 8.0, there was just the BDAM Security File and no VSAM companion file.
In 8.0, they introduced the VSAM companion file. All the security records that were once in the BDAM file is now spit between the BDAM security file and the VSAM companion file. The SDT type security records like calendars/time restriction, digital certificate, record level protection...etc...were now being kept in the VSAM companion file.
Why did we move them? Because of digital certificate.....clients wanted support for more than 1 million digital certificates. To support it and have faster access to them, the VSAM companion file was the solution.
The BDAM security file and VSAM companion file are a 'married' pair. You cannot mix and match BDAM security files and VSAM security files. There are markers in the files that help Top Secret determine if the are the matching pair. If not, Top Secret will not initialize. The markers are created when they are both initialized during installation time.
So even though they are physically two separate file.....you should always treat them as one.....they cannot exist or be used without the other.
If you update the DD for your security file in your TSS proc, that means you are updating the DDs for the BDAM security file and VSAM companion file. Same goes for the backup BDAM security file and backup VSAM companion file.
Please let me know if you have any further questions.
Regards,
Joseph Porto - Broadcom Level 1 Support
Original Message:
Sent: 05-05-2020 02:37 AM
From: Josef Thaler
Subject: convert from DES to AES
Joseph, Vince,
remark and question: keep the VSAMFILE in mind. Does VSAMFILE also has to be "fallen back" or is it handled independently? Or is "security file" for you anyway a synonym for SECFILE+VSAMFILE?
Regards
Josef
Original Message:
Sent: 05-04-2020 12:12 PM
From: JOSEPH PORTO
Subject: convert from DES to AES
Vince,
Before you start the conversion from DES to AES, you should backup the TSS primary security file just in case something accidental happens to it.
The process would be:
1. Update the TSS proc to point your DDs back to the old security file using DES.
2. Bring down TSS started task that points to the version of the security file using AES.
3. Start the TSS proc whose DDs point to the old security file using DES.
Please let me know if you have any questions.
Regards,
Joseph Porto - Broadcom Level 1 Support
Original Message:
Sent: 05-04-2020 11:17 AM
From: Elliott
Subject: convert from DES to AES
Converting client database from DES to AES. what is backout process incase have to revert back to DES?