Is there a limit to the number of keyrings that can be added to an ACID? Is it dependent on how many other permits, etc are on the ACID, and if it can handle as many as whatever it takes to put the ACID up to the 512K limit?
There is no limit to the number of keyrings that can be attached to one ACID.
The RECORDSIZE the VSAM security file was allocated with (the VSAMDEF3 jcl is distributed with RECORDSIZE(256 24576), which is the minimum) determines the number of certificates that can be attached to a keyring. The number is around 460 when using a CA Top Secret VSAM companion file (with a record size of 24K). Increasing the record size on the VSAM file from 24k to 48K would increase the number from 460 to about 920. Each 1K increase in record size will allow 21 additional certificates on the keyring.
For the maximum number of certificates that can be owned by one ACID, with a BDAM security file with VSAM companion file (required in TSS r15 and above), the only limitation is the size of the VSAM file.
There is no limit on how many times a certificate can be shared with a keyring. (For example, the CERTAUTH acid where you may need to share CA certificate(s) with a large number of user ACID keyrings.)