TTU 8.0 and above applications paired with pre-TTU 8.0 client interfaces should reject logon attempts in which a mechanism name has been explicitly proffered. Not doing so may give the user a false sense of security because pre-TTU 8.0 client interfaces do not support mechanism selection by the user.
CLIv2 applications may use the DBCHQE QEPIALM query item to determine whether the mechanism name should be accepted or not. If DBCHQE returns CLI355, the application should reject the logon attempt. The application is under no obligation to verify the proffered mechanism name against the list of available mechanisms (obtainable through DBCHQE QEPIALM); the teraSSO library performs that task.