Tuesday, October 21, 2014

Domino SSL Fixes Coming: "Dis is good!"

As Nicolas Cages tells Cher in Moonstruck when he's eating the steak she cooked for him...

"'Dis is good."

IBM released two technotes today regarding SSL and Domino.

I do wish this would have happened sooner but I can tell you from a lot of life experience that "late" is truly better than "never."

Domino peeps will be able to support TLS 1.0 and disable SSLv3 support (to protect themselves from POODLE without a proxy server) AND support for SHA2 SSL/TLS certificates is also coming.

If you want to get to TLS1.2, you'll still need to proxy your Domino server but this is still a very good, very welcome announcement!

Planned SHA-2 deliveries for IBM Domino 9.x

How is IBM Domino impacted by the POODLE attack?