|
|
|
A user-defined text data field that can be used by an application as a customized transfer identifier. When specified in the configuration file of a locally initiated transfer, this identifying information is sent to the remote system and can be used to identify the transfer to certain applications. When received, the identifying information is displayed in the xcomqm detail display if the -D option is used, and is labeled Transfer user data.
Range: 0 to 10 characters
Default: None
Note: You can use symbolic variables with this parameter. For more information, see Symbolic Parameters in Configuration Files.
TRNENCRL_CIPHER specifies the requested list of ciphers which are used to encrypt the password fields for locally initiated transfers.
The cipher list consists of one or more ciphers from the table that colons separate. The characters (!) or (-) can precede each cipher in the cipher list.
If (!), is used then the ciphers are permanently deleted from the list. The ciphers that are deleted can never reappear in the list even if they are explicitly stated.
If (-), is used then the ciphers are deleted from the list, but some or all of the ciphers are added again using later options.
Default: COMPAT
|
Value |
Comments |
|
ALL |
ALL ciphers AES:3DES:RC4:RC2:DES:XCOM Note: ALL does NOT include the COMPAT value. |
|
DES |
All DES ciphers DES-CBC:DES-ECB:DES-CFB:DES-OFB |
|
DES-CBC |
DES cipher with cipher-block chaining |
|
DES-ECB |
DES cipher with electronic codebook |
|
DES-CFB |
DES cipher with cipher feedback |
|
DEC-OFB |
DES cipher with output feedback |
|
3DES |
All 3DES ciphers 3DES-CBC:3DES-ECB:3DES-CFB:3DES-OFB |
|
3DES-CBC |
3DES cipher with cipher-block chaining |
|
3DES-ECB |
3DES cipher with electronic codebook |
|
3DES-CFB |
3DES cipher with cipher feedback |
|
3DES-OFB |
3DES cipher with output feedback |
|
AES |
All AES ciphers AES256-CBC:AES256-ECB:AES256-CFB:AES256-OFB:AES192-CBC:AES192-ECB:AES192-CFB:AES192-OFB:AES128-CBC:AES128-ECB:AES128-CFB:AES128-OFB |
|
AES128 |
All AES 128-bit ciphers AES128-CBC:AES128-ECB:AES128-CFB:AES128-OFB |
|
AES128-CBC |
AES 128-bit cipher with cipher-block chaining |
|
AES128-ECB |
AES 128-bit cipher with electronic codebook |
|
AES128-CFB |
AES 128-bit cipher with cipher feedback |
|
AES128-OFB |
AES 128-bit cipher with output feedback |
|
AES192 |
All AES 192-bit ciphers AES192-CBC:AES192-ECB:AES192-CFB:AES192-OFB |
|
AES192-CBC |
AES 192-bit cipher with cipher-block chaining |
|
AES192-ECB |
AES 192-bit cipher with electronic codebook |
|
AES192-CFB |
AES 192-bit cipher with cipher feedback |
|
AES192-OFB |
AES 192-bit cipher with output feedback |
|
AES256 |
All AES 256-bit ciphers AES256-CBC:AES256-ECB:AES256-CFB:AES256-OFB |
|
AES256-CBC |
AES 256-bit cipher with cipher-block chaining |
|
AES256-ECB |
AES 256-bit cipher with electronic codebook |
|
AES256-CFB |
AES 256-bit cipher with cipher feedback |
|
AES256-OFB |
AES 256-bit cipher with output feedback |
|
RC2 |
All RC2 ciphers |
|
RC2-CBC |
RC2 cipher with cipher-block chaining |
|
RC2-ECB |
RC2 cipher with electronic codebook |
|
RC2-CFB |
RC2 cipher with cipher feedback |
|
RC2-OFB |
RC2 cipher with output feedback |
|
RC4 |
RC4 cipher |
|
XCOM |
CA XCOM Data Transport proprietary cipher. |
|
COMPAT |
Permit the CA XCOM Data Transport proprietary cipher without cipher negotiation that is required for backward password compatibility with CA XCOM Data Transport versions before 11.6. Note: This cipher is also required for transfers sent to CA XCOM Data Transport for z/OS r11.6 and earlier versions. |
Examples:
To request all ciphers except for any of the DES ciphers, use the following command:
TRNENCRL_CIPHER=ALL:!DES
To request only a 3DES or AES cipher, use the following command:
TRNENCRL_CIPHER=3DES:AES
To disable the cipher negotiation or remain backward compatible with the earlier releases of CA XCOM Data Transport, use the following command:
TRNENCRL_CIPHER=COMPAT
This parameter specifies the permitted list of ciphers that are used to encrypt the password fields for remotely initiated transfers. The permitted list of ciphers is matched against the requested list of ciphers provided by the local system by the TRNENCRL_CIPHER parameter. The common cipher with the highest ranking is selected to encrypt the password fields.
The cipher list consists of one or more ciphers that colons separate, with the highest ranked cipher listed first and the lowest ranked cipher listed last. The characters (!), (-) or (+) precedes each cipher in the cipher list.
If (!) is used, then the ciphers are permanently deleted from the list. The ciphers that are deleted can never reappear in the list even if they are explicitly stated.
If (-) is used, then the ciphers are deleted from the list. Some or all of the ciphers are added again using later options.
If (+) is used, then the ciphers are moved to the end of the list. This option does not add any new ciphers. The option just looks for existing ones to move to the end of the list.
Default: XCOM:ALL:COMPAT
|
Value |
Comments |
|
ALL |
ALL ciphers AES:3DES:RC4:RC2:DES:XCOM Note: ALL does NOT include the COMPAT value. |
|
DES |
All DES ciphers DES-CBC:DES-ECB:DES-CFB:DES-OFB |
|
DES-CBC |
DES cipher with cipher-block chaining |
|
DES-ECB |
DES cipher with electronic codebook |
|
DES-CFB |
DES cipher with cipher feedback |
|
DEC-OFB |
DES cipher with output feedback |
|
3DES |
All 3DES ciphers 3DES-CBC:3DES-ECB:3DES-CFB:3DES-OFB |
|
3DES-CBC |
3DES cipher with cipher-block chaining |
|
3DES-ECB |
3DES cipher with electronic codebook |
|
3DES-CFB |
3DES cipher with cipher feedback |
|
3DES-OFB |
3DES cipher with output feedback |
|
AES |
All AES ciphers AES256-CBC:AES256-ECB:AES256-CFB:AES256-OFB:AES192-CBC:AES192-ECB:AES192-CFB:AES192-OFB:AES128-CBC:AES128-ECB:AES128-CFB:AES128-OFB |
|
AES128 |
All AES 128-bit ciphers AES128-CBC:AES128-ECB:AES128-CFB:AES128-OFB |
|
AES128-CBC |
AES 128-bit cipher with cipher-block chaining |
|
AES128-ECB |
AES 128-bit cipher with electronic codebook |
|
AES128-CFB |
AES 128-bit cipher with cipher feedback |
|
AES128-OFB |
AES 128-bit cipher with output feedback |
|
AES192 |
All AES 192-bit ciphers AES192-CBC:AES192-ECB:AES192-CFB:AES192-OFB |
|
AES192-CBC |
AES 192-bit cipher with cipher-block chaining |
|
AES192-ECB |
AES 192-bit cipher with electronic codebook |
|
AES192-CFB |
AES 192-bit cipher with cipher feedback |
|
AES192-OFB |
AES 192-bit cipher with output feedback |
|
AES256 |
All AES 256-bit ciphers AES256-CBC:AES256-ECB:AES256-CFB:AES256-OFB |
|
AES256-CBC |
AES 256-bit cipher with cipher-block chaining |
|
AES256-ECB |
AES 256-bit cipher with electronic codebook |
|
AES256-CFB |
AES 256-bit cipher with cipher feedback |
|
AES256-OFB |
AES 256-bit cipher with output feedback |
|
RC2 |
All RC2 ciphers |
|
RC2-CBC |
RC2 cipher with cipher-block chaining |
|
RC2-ECB |
RC2 cipher with electronic codebook |
|
RC2-CFB |
RC2 cipher with cipher feedback |
|
RC2-OFB |
RC2 cipher with output feedback |
|
RC4 |
RC4 cipher |
|
XCOM |
CA XCOM Data Transport proprietary cipher. |
|
COMPAT |
Permit the CA XCOM Data Transport proprietary cipher without cipher negotiation. This is required for backward password compatibility with CA XCOM Data Transport versions before 11.6. Note: This cipher is also required for transfers sent to CA XCOM Data Transport for z/OS r11.6 and earlier versions. |
Examples:
To permit all ciphers except for any of the DES ciphers and remain compatible with CA XCOM Data Transport versions before r11.6, use the following example:
TRNENCRR_CIPHER=ALL:!DES:COMPAT
To permit only a 3DES or AES cipher, use the following example:
TRNENCRR_CIPHER=3DES:AES
Note: To permit all ciphers for transfers from 11.6 but remain backward compatible with earlier versions of CA XCOM Data Transport, use the following example:
TRNENCRR_CIPHER=ALL:!XCOM:COMPAT
Specify the size (in bits) of the prime number that is used during DH (Diffie-Hellman) exchange for remotely initiated transfers or meta-transfers. The exchanged value generates the key that is used to encrypt the password fields transmitted in the CA XCOM Data Transport header.
Default: 1024
|
Value |
Comments |
|
256 |
DH exchange using a 256-bit prime number |
|
512 |
DH exchange using a 512-bit prime number |
|
1024 |
DH exchange using a 1024-bit prime number |
|
2048 |
DH exchange using a 2048-bit prime number |
|
4096 |
DH exchange using a 4096-bit prime number |
Notes:
| Copyright © [set copyright date variable] CA. All rights reserved. |
|