If the value provided is not appropriate for the application, before calling DBCHCL for the Connect, Run Startup, or Initiate Request function, the application program may set:
- Change Options to 'Y'.
-
Set Data Encryption to:
- Y, if messages to and from the Teradata Database are to be encoded, starting with this message.
- N, if messages to and from the Teradata Database are not to be encoded, starting with this message.
Users have no control over encryption of the connect (logon) messages. If the GSS or the SSO flags are turned on at the database/Gateway, connect messages will automatically be encrypted. Encryption of all other messages is controlled through the Data Encryption field. For more information on database/Gateway flags, refer to the Gateway Control Utility documentation.
If Data Encryption is Y, messages to the database computer are encrypted before they are placed on the network and decrypted when they reach the database computer, and messages from the database computer are encrypted before they are placed on the network and decrypted when they reach the network-attached system.
Encryption and decryption take time. It is the application programmer’s responsibility to determine whether any particular request requires encryption. Some applications and sites may not require anything to be encrypted, some may require everything to be encrypted, and some may require selective encryption, for instance, encryption when text contains a password.