IBM is constantly enhancing functions or adding new functions to RACF. Read on:
- z/OS Version 2 Release 1
z/OS V2.1 is available! This release includes these new RACF functions:
- IPv6 and transport layer security (TLS) 1.2 cipher suite support for the RACF Remote Sharing Facility (RRSF).
- New health checks to report on expiring digital certificates stored in RACF, the application identity mapping (AIM) stage of the RACF database, and z/OS UNIX identity assignment.
- Certificate distinguished names in RACF database unload utility (IRRDBU00) output.
- Support for &RACUID in BPX.UNIQUE.USER.
- RACDCERT enhancements:
- Display of certificate names generated by RACDCERT ADD when importing a PKCS#12 or PKCS#7 certificate chain.
- New LISTCHAIN keyword to show all of the certificates within a certificate chain.
- CHECKCERT updated to show all of the certificates within a certificate chain.
- IBM’s System z Security Just Got Stronger!
RACF for z/OS 1.12 has achieved Common Criteria certification at Evaluation Assurance Level 5 (EAL5) under the Common Criteria Evaluation and Certification Scheme. Common Criteria is an internationally approved set of security standards that provides an assessment of products’ ability to meet security standards, providing a yardstick to help customers with their security decisions.
EAL5 is the highest commercial grade assurance level and exceeds what other commercial platforms offer. Now this advantage which existed with PR/SM also extends to RACF.
- z/OS Version 1 Release 13
z/OS V1.13 is available! This release includes these new RACF functions:
- TCP/IP support for the RACF Remote Sharing Facility (RRSF)
- Support hardware-generated Elliptic Curve Cryptography (ECC) secure keys
- RACF support is planned for generating Elliptic Curve Cryptography (ECC) secure keys using the Crypto Express3 Cryptographic Coprocessors (CEX3C) available for zEnterprise servers.
- z/OS Version 1 Release 12
z/OS V1.12 is available! This release includes these new RACF functions:
- Generic profile load performance enhancements
- "Ghost" generics detection and elimination
- Additional SAFTRACF filtering
- z/OS Version 1 Release 11
z/OS V1.11 is available! This release includes these new RACF functions:
- Program object signature verification
- Logon statistics suppression
- Identity propagation
- R_admin extract support for general resources
- LDAP change logging for general resources
- Automatic creation of OMVS segments for users and groups
- RACROUTE REQUEST=FASTAUTH honors the TRUSTED and PRIVILEGED attributes
- Profile name in authorization exits
- IRRADU00 support for WAS and TKLM
- RACDCERT multi-byte character improvements
This page was last updated September 2013.