GoogleIt Mail IT Print IT PermaLinkNew IBM RedPaper Draft: Security Considerations in Notes and Domino 7
12:52:14 PM

During Lotusphere, I'll be wearing a button similar to the graphic on the right. So will many other participants in the RedBook and RedPaper authoring process. The paper I worked on over the past few months has just had its first draft release is Security Considerations in Notes and Domino 7. I wrote the chapter on "Enhancements For Longer Keys in Certificates and IDs", dealing with the support in ND7 for 1024 bit RSA keys and the rollover process that makes it easy to roll out stronger keys to users -- and given that RSA-640 has been cracked, this is something that I think every Notes shop should look at. It's not an emergency, but with the inevitable march of Moore's law there's no question that the cost of cracking current Notes private keys will be within reach of determined attackers within a few years. I also wrote the appendix "Quick Sever Lockdown", which is something of a checklist of things that should be done to secure your servers but all too frequently are not.

I also contributed a bit to some other parts of the paper, particularly the chapter on spam. The principle author of that chapter is Dieter Stalder, my Lotusphere co-speaker. Another friend, Paul Ryan, wrote the chapter on SmartCards. Others on the team were Frederic Dahm, Amy Smith, and John Bergland, and there was plenty of help from IBM developers in Westford.

Please, go ahead and download it from the link above! If you have any comments about my chapter or appendix, do let me know directly -- in addition to using the feedback form on the download page. I'm particularly interested in feedback on the appendix. I wrote it in a very quick pass at the end of the writing cycle. The idea for it didn't even occur to me until that point. If there are other things that you consider to be essential must-do steps for your servers, and I've overlooked them, please speak up!

This page has been accessed 195 times. .
Comments :v

1. cmoutlet12/03/2014 03:16:14 AM

Enter Comments^

Email addresses provided are not made available on this site.

You can use UUB Code in your posts.

[b]bold[/b]  [i]italic[/i]  [u]underline[/u]  [s]strikethrough[/s]

URL's will be automatically converted to Links

:-x :cry: :laugh: :-( :cool: :huh: :-) :angry: :-D ;-) :-p :grin: :rolleyes: :-\ :emb: :lips: :-o
bold italic underline Strikethrough

Remember me    

Monthly Archive
Responses Elsewhere

About The Schwartz


All opinions expressed here are my own, and do not represent positions of my employer.