thank you Richard
maybe my questions were not so clear.
One question was about the encryption, i will have a look at the Tec Guide
Redbook.
The other question was about the 'Kerberoslike' handshake between the TSM
Client and the TSM Server in General.
The text who describes this in my email is from an IBM manual.

regards
Joachim 

-----Ursprüngliche Nachricht-----
Von: Richard Sims [mailto:rbs AT BU DOT EDU]
Gesendet: Donnerstag, 22. Mai 2003 13:36
An: ADSM-L AT VM.MARIST DOT EDU
Betreff: Re: DES56-Bit_and_authentication_prozess


...
>But this is not enough, the customer wants to now for example how the key
will
>be stored (i now in the microsoftenvironment, it will be stored in ther
>egistry) in netware or aix? in witch format will the key be stored?  Or
where
>is the kerberos server (in the tsm server?)?  How will it work without
>ticketgranting server, etc. etc.  Have anybody of you allready done a
>description for a customer like this.  Does anybody now about a whitepaper
or
>other documentation who describe the tsm security in a deeper way?
...

When product features are introduced, a Technical Guide redbook is produced
to
provide in-depth information about the new facilities.  If you haven't been
reading the Technical Guides, you're missing a lot of information which
helps
one to fully understand the product.  The encryption was introduced at the
4.1
level (in Windows first) so that redbook best describes it.

The use of encryption does not imply Kerberos, which is not in play in the
TSM
environment.  The key is stored as explained in the Client manual.  In Unix,
it
is a TSM.PWD file stored in the directory governed by the PASSWORDDIR
option.
See also the ENCRYPTKEY option.

   Richard Sims, BU