The possibility of using our existing full security exit -  that did seem an "easy" solution if we could enhance it to support passphrase.  Back in the 1990's , the exit was based on the CA supplied Full Security Exit sample called CCRACFFX.   We did wonder if we could use a more recent CCRACFFX - and add in our modifications from the 1990's.  But when I look in  CC2DSAMP, the "latest" CCRACFFX still refers to 8 x characater passwords only and not passphrase.    

Also, one of our MVS guys looked to see if he could enhance it for passphrase - but said the exit is using RACINIT to talk with RACF , and this would need enhancing to use the later RACROUTE instead. 

So I was wondering if you agreed that using either NMSAFF - and staying a FULL Security exit region - or converting to a PARTIAL security region and using NMSAF - were the 2 x available options.  

And keeping in mind the only reason  for any change to the region ,  is to get passphrase to work - then NMSAFF and staying FULL security - was the more straight forward ? 

Release : 5.0

Component : CA SOLVE:Access Session Management

The CCRACFFX Full Security Exit supplied by CA back in the 1980’s does not support Passphrase.  

I recommend you DO NOT move forward with this exit.

Your options are using the NMSAFF Security solution based on the FULL Security Exit facility or converting to NMSAF solution for PARTIAL Security to support PASSPHRASE.