: 4582 | 108668 | 12353

Include Transport Layer Security (TLS) support in the Domino server 
Use this IdeaSpace to post ideas about Domino Server.

: 39
: 39
: 0
: Domino Server / Security
: ssl, tls, security
: Paul Calhoun250 09 Mar 2009
: / Email
Currently there is no version of Notes/Domino that supports connecting to a site/web service that only supports Transport Layer Security (TLS) also know as SSL version 3.1.
As more and more sites are implementing TLS (and some are implementing them exclusivly) it keeps domino developers from being able to architect a solution to connect to and retrieve data from those sites.
Adding TLS support will enable the continuation of Domino based solutions in this space.

1) Mark Demicoli11797 (10 Mar 2009)
It seems a natural progression. I'd be interested to learn how a Domino web app would differ (if at all) with HTTP running ontop of TLS, as opposed to what we do currently with SSL (my TLS knowledge is very limited). Also could you give an example of a site/web service that only supports TLS?
2) Paul Calhoun250 (10 Mar 2009)
I can't give the specific web site as I'm under NDA, but in researching this I have found several web sites that are exclusively supporting TLS.

Most are government based web sites.

Given all the work IBM does with government sites, I'm surprised they have not already implemented this.
3) Don Munie257 (12 Mar 2009)
I must admit that my knowledge of TLS is also limited. We are currently using TLS with Domino for SMTP traffic. I am not familiar with TLS over other HTTP. What is the difference between it and SSL? Don't they use the same key structure?
4) Bruce Lill6687 (15 Oct 2009)
I set it up for smtp on domino servers and thought it was the same as ssl for web sites. What is the difference?
5) Michelle Snow22 (20 Jun 2010)
In order for a Web site to be FIPS 140-2 compliant (a government requirement) it must use TLS. Without this functionality, a large portion of the government market will be closed off from being able to use Domino.
6) Sean Burgess5201 (23 Feb 2011)
With more gov't sites requiring HTTPS, Domino is going to be shut out as a development platform for any site using an FDCC machine. I have run into this in the real world and have lost bids for work because of it.
7) Michelle Snow22 (20 Sep 2011)
Just got done with my 3-year update audit for FISMA certification purposes. Once again this is an issue. Is IBM seriously giving up on the federal government market for Domino?
8) Lars Berntrop-Bos113 (22 Sep 2011)
SSL/TLS1.0 have been made insecure, IBM NEEDS TO UPDATE (emphasis intended)

Documenting the NEED:
Link to slashdot documenting the insecurity of SSL up to and including TLS 1.0 { Link }


Welcome to IdeaJam™

You can run IdeaJam™ in your company. It's easy to install, setup and customize. Your employees, partners and customers will immediately see results.

Use IdeaJam to:

  • Collect ideas from employees
  • Solicit feedback and suggestions from employees and customers
  • Run innovation contests and competitions
  • Validate concepts
  • Use the power of "crowd-sourcing" to rank ideas and allow the best ideas to rise to the top

IdeaJam™ works with:

  • IBM Connections
  • IBM Lotus Quickr
  • Blogs and Wikis
  • Websphere Portal
  • Microsoft Sharepoint
  • and other applications.

IdeaJam has an extensive set of widgets and API's that allow you to extend and integrate IdeaJam™ with other applications.

Learn more about IdeaJam >>

Better control over horizontal outlines
Implement "Live Scrolling" in Mail Views
Develop and open source a high quality framework for new DBs
InViewEdit - option to show <Ctrl-click here to add new document> at top of view
AJAX Suggest to work off Full Text search
Email Chaser View
Integrate Quickr Connectors into the Lotus Notes install, just as is done for Sametime
Fix the bug of @BrowserInfo
Push out Notes.ini parameters with a Desktop policy
Have Ctrl-T open a new browser tab in the Notes Client
Connect to more than one Sametime server in Notes client
Clear All Breakpoints
Include Request_Content in DocumentContext for Web Service Providers
Ability to detach and remove file attachments from multiple emails at once
Control integrated Sametime status settings
Extend options to set preferences for Rich Text
Add @DialogBox, @PickList and @Prompt for x-pages
HTML validation and accessibility for XPages
Add 'Move to My Contacts' button to the form
Stationary usable in reply and forward of emails
Copy text to the clipboard from the Properties dialog - especially the Replica ID
Publish API to work with calendar items, tasks and contacts

IdeaJam developed by

Elguji Software Logo