payShield 10K Installation and User Guide
©Thales Group
Page 233
All Rights Reserved
Enable use of Tokens in PIN Verification? [Y/N](NO):
<Return>
Allow Error light to be extinguished when viewing Error Log?
[Y/N](NO):
<Return>
Ensure LMK Identifier in command corresponds with host port?
[Y/N](NO):
<Return>
Ignore LMK ID in Key Block Header? [Y/N](NO):
<Return>
Enable import and export of RSA Private keys? [Y/N](NO):
<Return>
The following settings are all PCI HSM compliant and cannot be
changed.
Prevent single-DES keys masquerading as double or triple-length
key: YES
Single-DES: DISABLED
Card/password authorization (local): C
Restrict PIN block usage for PCI HSM Compliance: YES
Enforce key type separation for PCI HSM compliance: YES
Enforce Authorization Time Limit: YES
Enforce Multiple Key Components: YES
Enforce PCI HSMv3 Key Equivalence for Key Wrapping: YES
Enforce minimum key strength of 1024-bits for RSA signature
verification: YES
Enforce minimum key strength of 2048-bits for RSA: YES
Save SECURITY settings to smartcard? [Y/N]: Y <Return>
Insert card and press ENTER: <Return>
SECURITY settings saved to the smartcard.
Secure>