If the SSO issues the alter encryption key command to set the key as the database default, the specified key replaces any existing key as the default.
If the key custodian issues alter encryption key to set a key as the database default, the specified key and the current default key (if it exists) must be owned by the key custodian.
If you do not include the with passwd parameter with alter encryption, Adaptive Server uses the system-encryption password.
You cannot use the system-encryption password to alter the base key of a key that has copies, and you cannot encrypt copies of keys with the system encryption password.
Users implicitly modify only their own key-copies.
If you specify for login_association, Adaptive
Server temporarily encrypts the key copy with the system encryption
password.
You cannot specify for recovery and login_association for the same key copy.
