Can a Top Secret r16.0 system share Top Secret files (BDAM and VSAM security and backup files, audit and tracking files, recovery file, and CPF recovery file) with a Top Secret r15.0 system or be backed out from r16.0 to r15.0 using the same security files?
Release: TOPSEC00200-15-Top Secret-Security
Top Secret 16.0
You may come up with Top Secret r16.0 on one side of a shared security file with Top Secret r15.0 without issues. There is no need to reformat a security file simply to test base Top Secret r16.0. You can also reformat a Top Secret security file under r16.0 and share with an r15.0 system as long as you do not turn on any features within r16.0 that will cause security file structure changes.
The current Top Secret r16.0 features that would alter the security file format and, therefore, disallow sharing are:
An increased ACID size limit is now available. When creating a security file, you can assign a maximum value of 1024 for the optional MAXACIDSIZE parameter.
A new control option (FACSTOR) lets you store facility matrix entries on the security file (instead of the parameter file). When you specify FACSTOR(YES), entries are hardened to the security file after the product is restarted. Any changes to the entries are automatically stored on the security file (and logged to the recovery file). (This will not actually be a problem when sharing with r15.0, but the facility parameters will still need to be maintained on r15.0 separately.)
Top Secret now supports 256-bit AES encryption of passwords and password phrases.
As each new feature is released it will be stated whether or not that feature will be available on in a shared environment with r15.0.
The other Top Secret r15 files can be used in Top Secret r16:
- Audit and tracking files (AUDIT and AUDIT2 DD statements in the Top Secret startup proc)
- Recovery file (RECFILE DD statement in the Top Secret startup proc)
- CPF recovery file (CPFFILE DD statement in the Top Secret startup proc)