ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalz_5.4.0.1/rzalzsaverestoresigned.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Save and restore considerations for signed objects" />
<meta name="abstract" content="Learn how signed objects affect how you perform save and restore tasks for your system." />
<meta name="description" content="Learn how signed objects affect how you perform save and restore tasks for your system." />
<meta name="DC.Relation" scheme="URI" content="rzalzmanageobjects.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalzsigningsystemcommands.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="saverestoresigned" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Save and restore considerations for signed objects</title>
</head>
<body id="saverestoresigned"><a name="saverestoresigned"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Save and restore considerations for signed objects</h1>
<div><p>Learn how signed objects affect how you perform save and restore
tasks for your system.</p>
<p>There are several system values that can <a href="../rzakz/rzakzrestoreoperation.htm">affect restore operations</a> for your system. Only one of
these system values, the <strong>verify object signatures during restore (QVFYOBJRST)</strong> <a href="rzalzsigningsystemcommands.htm#signingsystemcommands">system value</a>,
determines how the system handles signed objects when restoring them. The
setting that you choose for this system value lets you determine how the restore
process handles verification of objects without signatures or with signatures
that are not valid. </p>
<p>Some save and restore commands affect signed objects or determine how your
system handles signed and unsigned objects during save and restore operations.
You need to be aware of these commands and their affect on signed objects
so that you can better manage your system and to avoid potential problems
that may occur. </p>
<div class="p">These commands can verify signatures on objects during save and restore
operations:  <ul><li>The Save Licensed Program (<a href="../cl/savlicpgm.htm">SAVLICPGM</a>) command.</li>
<li>The Restore (<a href="../cl/rst.htm">RST</a>)
command.</li>
<li>The Restore Library (<a href="../cl/rstlib.htm">RSTLIB</a>)
command.</li>
<li>The Restore Licensed Program (<a href="../cl/rstlicpgm.htm">RSTLICPGM</a>) command.</li>
<li>The Restore object (<a href="../cl/rstobj.htm">RSTOBJ</a>)
command.</li>
</ul>
</div>
<div class="p">These commands allow you to save and restore certificate stores; certificate
stores are security-sensitive objects that contain the certificates that you
use to sign objects and verify signatures: <ul><li>The Save (<a href="../cl/sav.htm">SAV</a>)
command.</li>
<li>The Save Security Data (<a href="../cl/savsecdta.htm">SAVSECDTA</a>) command.</li>
<li>The Save System (<a href="../cl/savsys.htm">SAVSYS</a>)
command.</li>
<li>The Restore (<a href="../cl/rst.htm">RST</a>)
command.</li>
<li>The Restore User Profiles (<a href="../cl/rstusrprf.htm">RSTUSRPRF</a>) command. </li>
</ul>
 </div>
<div class="p"> Some save commands, depending on the parameter values that you use, may
lose the signature from an object on the save media, thereby negating the
security that the signature provides. For example, <em>any</em> save operation
that refers to a command (*CMD) object with a target release before V5R2M0
causes the commands to be saved without signatures. Removing the signature
might cause problems with the objects affected. At the very least, you will
no longer be able to verify the source of the object as a trusted one and
will not be able to verify the signature to detect changes to the object.
Use these commands only on those signed objects that you have created (as
opposed to signed objects that you obtain from others such as IBM<sup>®</sup> or vendors).
 <div class="note"><span class="notetitle">Note:</span> To verify whether a Save command lost an object's signature, you must
restore the object into a different library than the one from which you saved
it (for example, QTEMP). You can then use the DSPOBJD command to determine
if the object on the save media lost its signature. </div>
</div>
<p>You need to be aware of this potential for the following specific save
commands, as well as for save commands in general: </p>
<ul><li>The Save (<a href="../cl/sav.htm">SAV</a>)
command.</li>
<li>The Save Library (<a href="../cl/savlib.htm">SAVLIB</a>)
command.</li>
<li>The Save Object (<a href="../cl/savobj.htm">SAVOBJ</a>)
command.</li>
</ul>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalzmanageobjects.htm" title="Use this information to learn about system commands and system values that you can use to work with signed objects and how signed objects affect backup and recovery processes.">Manage signed objects</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzalzsigningsystemcommands.htm" title="Learn about system values and commands that you can use to manage signed objects or that have an affect on signed objects when you run them.">System values and commands that affect signed objects</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="concept" />`
			`<meta name="DC.Title" content="Save and restore considerations for signed objects" />`
			`<meta name="abstract" content="Learn how signed objects affect how you perform save and restore tasks for your system." />`
			`<meta name="description" content="Learn how signed objects affect how you perform save and restore tasks for your system." />`
			`<meta name="DC.Relation" scheme="URI" content="rzalzmanageobjects.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzalzsigningsystemcommands.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="saverestoresigned" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>Save and restore considerations for signed objects</title>`
			`</head>`
			`<body id="saverestoresigned"><a name="saverestoresigned"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">Save and restore considerations for signed objects</h1>`
			`<div><p>Learn how signed objects affect how you perform save and restore`
			`tasks for your system.</p>`
			`<p>There are several system values that can <a href="../rzakz/rzakzrestoreoperation.htm">affect restore operations</a> for your system. Only one of`
			`these system values, the <strong>verify object signatures during restore (QVFYOBJRST)</strong> <a href="rzalzsigningsystemcommands.htm#signingsystemcommands">system value</a>,`
			`determines how the system handles signed objects when restoring them. The`
			`setting that you choose for this system value lets you determine how the restore`
			`process handles verification of objects without signatures or with signatures`
			`that are not valid. </p>`
			`<p>Some save and restore commands affect signed objects or determine how your`
			`system handles signed and unsigned objects during save and restore operations.`
			`You need to be aware of these commands and their affect on signed objects`
			`so that you can better manage your system and to avoid potential problems`
			`that may occur. </p>`
			`<div class="p">These commands can verify signatures on objects during save and restore`
			`operations: <ul><li>The Save Licensed Program (<a href="../cl/savlicpgm.htm">SAVLICPGM</a>) command.</li>`
			`<li>The Restore (<a href="../cl/rst.htm">RST</a>)`
			`command.</li>`
			`<li>The Restore Library (<a href="../cl/rstlib.htm">RSTLIB</a>)`
			`command.</li>`
			`<li>The Restore Licensed Program (<a href="../cl/rstlicpgm.htm">RSTLICPGM</a>) command.</li>`
			`<li>The Restore object (<a href="../cl/rstobj.htm">RSTOBJ</a>)`
			`command.</li>`
			`</ul>`
			`</div>`
			`<div class="p">These commands allow you to save and restore certificate stores; certificate`
			`stores are security-sensitive objects that contain the certificates that you`
			`use to sign objects and verify signatures: <ul><li>The Save (<a href="../cl/sav.htm">SAV</a>)`
			`command.</li>`
			`<li>The Save Security Data (<a href="../cl/savsecdta.htm">SAVSECDTA</a>) command.</li>`
			`<li>The Save System (<a href="../cl/savsys.htm">SAVSYS</a>)`
			`command.</li>`
			`<li>The Restore (<a href="../cl/rst.htm">RST</a>)`
			`command.</li>`
			`<li>The Restore User Profiles (<a href="../cl/rstusrprf.htm">RSTUSRPRF</a>) command. </li>`
			`</ul>`
			`</div>`
			`<div class="p"> Some save commands, depending on the parameter values that you use, may`
			`lose the signature from an object on the save media, thereby negating the`
			`security that the signature provides. For example, <em>any</em> save operation`
			`that refers to a command (*CMD) object with a target release before V5R2M0`
			`causes the commands to be saved without signatures. Removing the signature`
			`might cause problems with the objects affected. At the very least, you will`
			`no longer be able to verify the source of the object as a trusted one and`
			`will not be able to verify the signature to detect changes to the object.`
			`Use these commands only on those signed objects that you have created (as`
			`opposed to signed objects that you obtain from others such as IBM<sup>®</sup> or vendors).`
			`<div class="note"><span class="notetitle">Note:</span> To verify whether a Save command lost an object's signature, you must`
			`restore the object into a different library than the one from which you saved`
			`it (for example, QTEMP). You can then use the DSPOBJD command to determine`
			`if the object on the save media lost its signature. </div>`
			`</div>`
			`<p>You need to be aware of this potential for the following specific save`
			`commands, as well as for save commands in general: </p>`
			`<ul><li>The Save (<a href="../cl/sav.htm">SAV</a>)`
			`command.</li>`
			`<li>The Save Library (<a href="../cl/savlib.htm">SAVLIB</a>)`
			`command.</li>`
			`<li>The Save Object (<a href="../cl/savobj.htm">SAVOBJ</a>)`
			`command.</li>`
			`</ul>`
			`</div>`
			`<div>`
			`<div class="familylinks">`
			`<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalzmanageobjects.htm" title="Use this information to learn about system commands and system values that you can use to work with signed objects and how signed objects affect backup and recovery processes.">Manage signed objects</a></div>`
			`</div>`
			`<div class="relconcepts"><strong>Related concepts</strong><br />`
			`<div><a href="rzalzsigningsystemcommands.htm" title="Learn about system values and commands that you can use to manage signed objects or that have an affect on signed objects when you run them.">System values and commands that affect signed objects</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`