Include Transport Layer Security (TLS) support in the Domino server 
Use this IdeaSpace to post ideas about Domino Server.

: 39
: 39
: 0
: Domino Server / Security
: ssl, tls, security
: Paul Calhoun265 09 Mar 2009
: / Email
Currently there is no version of Notes/Domino that supports connecting to a site/web service that only supports Transport Layer Security (TLS) also know as SSL version 3.1.
As more and more sites are implementing TLS (and some are implementing them exclusivly) it keeps domino developers from being able to architect a solution to connect to and retrieve data from those sites.
Adding TLS support will enable the continuation of Domino based solutions in this space.

1) Mark Demicoli10736 (10 Mar 2009)
It seems a natural progression. I'd be interested to learn how a Domino web app would differ (if at all) with HTTP running ontop of TLS, as opposed to what we do currently with SSL (my TLS knowledge is very limited). Also could you give an example of a site/web service that only supports TLS?
2) Paul Calhoun265 (10 Mar 2009)
I can't give the specific web site as I'm under NDA, but in researching this I have found several web sites that are exclusively supporting TLS.

Most are government based web sites.

Given all the work IBM does with government sites, I'm surprised they have not already implemented this.
3) Don Munie506 (12 Mar 2009)
I must admit that my knowledge of TLS is also limited. We are currently using TLS with Domino for SMTP traffic. I am not familiar with TLS over other HTTP. What is the difference between it and SSL? Don't they use the same key structure?
4) Bruce Lill10666 (15 Oct 2009)
I set it up for smtp on domino servers and thought it was the same as ssl for web sites. What is the difference?
5) Michelle Snow26 (20 Jun 2010)
In order for a Web site to be FIPS 140-2 compliant (a government requirement) it must use TLS. Without this functionality, a large portion of the government market will be closed off from being able to use Domino.
6) Sean Burgess6178 (23 Feb 2011)
With more gov't sites requiring HTTPS, Domino is going to be shut out as a development platform for any site using an FDCC machine. I have run into this in the real world and have lost bids for work because of it.
7) Michelle Snow26 (20 Sep 2011)
Just got done with my 3-year update audit for FISMA certification purposes. Once again this is an issue. Is IBM seriously giving up on the federal government market for Domino?
8) Lars Berntrop-Bos199 (22 Sep 2011)
SSL/TLS1.0 have been made insecure, IBM NEEDS TO UPDATE (emphasis intended)

Documenting the NEED:
Link to slashdot documenting the insecurity of SSL up to and including TLS 1.0 { Link }


Welcome to IdeaJam

You can run IdeaJam™ in your company. It's easy to install, setup and customize. Your employees, partners and customers will immediately see results.

Use IdeaJam to:

  • Collect ideas from employees
  • Solicit feedback and suggestions from employees and customers
  • Run innovation contests and competitions
  • Validate concepts
  • Use the power of "crowd-sourcing" to rank ideas and allow the best ideas to rise to the top

IdeaJam™ works with:

  • IBM Connections
  • IBM Lotus Quickr
  • Blogs and Wikis
  • Websphere Portal
  • Microsoft Sharepoint
  • and other applications.

IdeaJam has an extensive set of widgets and API's that allow you to extend and integrate IdeaJam™ with other applications.

Learn more about IdeaJam >>

IdeaJam developed by

Elguji Software Logo