Why, in the TSSUTIL report, is the SRC / DRC of *0C*-0A treated as a violation?

Document ID : KB000033222
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

 

Why, in the TSSUTIL report, is the SRC / DRC of *0C*-0A treated as a violation?
 
This is obviously not an error. How do we prevent these entries from coming out in the audit / tracking file? 
 

 

Answer: 

 

The DRC 010 (x'0A') is considered a violation. This is why it shows in the TSSUTIL report. Since it is a violation, it cannot be removed.

 

The SRC / DRC of *0C*-0A means:

 

0C=PASSWORD EXPIRED 

0A = PASSWORD HAS EXPIRED. NEW PASSWORD MISSING 

 

Despite the fact that this can occur frequently and looks to be normal, it has always been treated as a violation by CA Top Secret because it is considered as a potential one.

 

Additional Information:

 

The TSSUTIL report information can be found in the CA Top Secret Report and Tracking Guide; chapter #1.
 
The different DRC codes can be found with their explanation in the CA Top Secret Message Reference Guide; Chapter #6.
 
All CA Top Secret documentation can be found on our wiki.ca.com site.