Security terminology

The following terminology is used to describe the enhancements to Internet security in CICS®.
Transport Layer Security (TLS)
A security protocol that is used to provide secure communication over the Internet. The specification is documented in RFC2246.
cipher suite
A combination of an encryption algorithm, encryption key length and MAC algorithm that is negotiated during an SSL handshake.
Message Authentication Code (MAC)
A cryptographically secure hash code that is associated with each message sent over an SSL connection.
MAC algorithm
A cryptographic algorithm that calculates a message authentication code. SSL uses the MD5 and SHA algorithms.
SSL cache
The cache that is used by SSL to store session id information about its encryption negotiation with clients. If a client has previously securely connected to CICS using SSL, only a partial handshake is performed to establish the SSL connection.
certificate revocation list
A list of revoked certificates that is provided by independent bodies called certificate authorities. If a certificate has been withdrawn, it is added to a certificate revocation list. These lists can be cross-referenced during the SSL handshake negotiation when the client and server try to authenticate one another.
SP mode
Start of changeThe TCB mode that owns the initial pthread-owning task. The initial pthread-owning task owns all the pthreads that are used by S8 TCBs.End of change
SSL pool
The pool that contains and manages the S8 TCBs in a CICS region.
SSL handshake
An exchange of information that takes place between a client and server when a connection is established. The handshake involves the negotiation of which encryption algorithms to use, and authentication of one another.