193 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Driving around Baton Rouge yesterday, I finally understood the scale and scope that Ms. Rometty is shooting for in IBM.
Mon, Apr 25th 2016 5
Looks notable: Google, Microsoft, Yahoo, and others propose new IETF SMTP Strict Transport Security (STS) standard to ensure secure email transfer
Tue, Mar 22nd 2016 7
Perspective - Welcome to the top 1%
Fri, Jan 30th 2015 6
and the spinning is on... IBM denies "layoffs", Cringley admits to being a gadfly
Tue, Jan 27th 2015 8
Trying to work out what was missing from the ConnectED 2015 OGS
Tue, Jan 27th 2015 5
Three points that Lotusphere, er, Connect, er, ConnectED 2015 should refute
Sun, Jan 25th 2015 10
I, Cringley: IBM’s reorg-from-Hell launches next week
Fri, Jan 23rd 2015 6
Top 10
Three points that Lotusphere, er, Connect, er, ConnectED 2015 should refute
Sun, Jan 25th 2015 10
Google accelerates end of SHA-1 support - IBM’s letting its customers down
Thu, Sep 11th 2014 9
Domino customer? Please call IBM support help get SMTP TLS/SSL fixed
Fri, Jan 16th 2015 9
Something was added in the latest Java update from Oracle: Suppress sponsor offers when installing or updating Java
Thu, Aug 21st 2014 8
and the spinning is on... IBM denies "layoffs", Cringley admits to being a gadfly
Tue, Jan 27th 2015 8
Looks notable: Google, Microsoft, Yahoo, and others propose new IETF SMTP Strict Transport Security (STS) standard to ensure secure email transfer
Tue, Mar 22nd 2016 7
Hey, IBM! While you’re adding SHA-2 support across all Domino services, we expect to see HTTP/2 on the road map (soon)
Mon, Oct 6th 2014 6
Perspective - Welcome to the top 1%
Fri, Jan 30th 2015 6
I, Cringley: IBM’s reorg-from-Hell launches next week
Fri, Jan 23rd 2015 6
I, Cassandra? If you’re wondering what’s wrong with IBM (and why the bad news today), Cringley’s been telling you for years
Mon, Oct 20th 2014 5


(Repost): IBM... PLEASE update Domino’s SSL/TLS. It’s stuck in ancient times and vulnerable.
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
Craig Wiseman    

I posted about this here in 2011. Other good folks have been posting about this as well, here, here, here, here, etc.

Simply put, Domino needs proper, modern TLS 1.3 support across all protocols, including SMTP, LDAP, HTTP, POP, IMAP, etc.
What kind of shocks me is that there's any discussion about making this happen. If I had a product in this situation, the only meetings I'd be having is about WHEN the enhancements will be finished.

IBM is all about security, except... when it isn't?

and, please... let's not hear anyone at IBM say, "We've not head that our customers want this."

What can be done?
+ Call in to IBM support and get them to create a PMR and add it to
"
APAR LO48388: ENHANCEMENT REQUEST: SUPPORT SHA-2 ALGORITHM FOR SSL ON DOMINO"
Apparently "APAR LO67453 SPR #YDEN8RNH22 for Enhancement " has disappeared.

+ Comment here at what used to be Notes.net:
http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=0BBA1D75D92075FC85257D3B006FABB8



---------------------
http://www.wiseman.la/web/cpwblog.nsf/dx/repost-ibm...-please-update-dominos-ssltls.-its-stuck-in-ancient-times-and-vulnerable..htm
Aug 25, 2014
5 hits



Recent Blog Posts
5
Driving around Baton Rouge yesterday, I finally understood the scale and scope that Ms. Rometty is shooting for in IBM.
Mon, Apr 25th 2016 10:03a   Craig Wiseman




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition