HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 275

Lock certain ACL entries ( extra option ) because users can remove them by deleting the entries in delegations

We added certain groups in the Calendar delegations in order to perform audits or application access. Users can remove them, because it is a adminp request that deletes this entry. We would like to see the ACL enhanced by adding an extra option in...
over 1 year ago in Domino / Security 0 Under Consideration

Single user recall action causes confusion on message addressed to multiple users

When an user does recall to one user from a message that has been sent to multiple people and one of them responds to all, it also includes the person who was recalled, bringing confusion and the user thinks that it has been an error and has not r...
over 1 year ago in Domino / Security 2 No Plans to Implement

Check and monitor Domino time vs NTP servers

Correct Domino time becomes more and more important. Usually the OS is already using NTP servers. Domino only updates Domino time from system time when jumping to a future date, but only in small steps. Having this in mind the time could be still ...
over 1 year ago in Domino / Security 1 Under Consideration

Web site rules document allows to apply wildcard (*) for HTTP response codes with exceptional codes

This feature is created as requested by customer. There are many HTTP response codes, so it will be much more efficient if the feature of " internet site document allows to apply wildcard (*) for HTTP response codes with exceptional codes" can be ...
over 1 year ago in Domino / Security 0 Needs Review

public key repository

Just had a thought. What if Domino has a feature where anyone (with registration) can deposit their public keys into a repository, that, if anyone wants to communicate securely, just do a quick look and grab the public key here, and bam, it's done...
over 1 year ago in Domino / Security 1 Under Consideration

To Disable Backward/Forward arrow from the iNotes browser window

Hello Team, This is regards with iNotes web Access. Currently we can see the Backward Arrow Active and end users are able to use Backward and forward arrow in the browser. Customer would like to Disable the Backward/Forward arrow from the Browser ...
over 1 year ago in Domino / Security 1 No Plans to Implement

Disabling wink to be used as a potential attack vector

Seeing more and more attempts to use Wink as an attack vector (see example below). Looking into possibility to disable wink so that it wont cause any potential security risk. 03/17/2022 10:04:27 AM HTTP JVM: 1399490 [Thread-11] INFO org.apache.win...
over 1 year ago in Domino / Security 2 Already Exists

Domino to have permissions policy header

There are customers who are experiencing permissions-policy vulnerability. This is the former "Feature Policy" with new specs. Can domino have the same to mitigate vulnerabilities related to it?
over 1 year ago in Domino / Security 3 Needs Clarification

Consider removing configure ID Vault for TOTP

It's domino 12 one new feature that support TOTP, and HCL Traveler server also support TOTP authentication, but it requires to configure ID Vault, we could not skip or ignore this step. https://help.hcltechsw.com/domino/12.0.0/admin/wn_security.ht...
over 1 year ago in Domino / Security 1 No Plans to Implement

Rate limiting protections for Domino

An authentication endpoint without rate limiting protections can be susceptible to innumerable amounts of credential stuffing and eventual guessing of set of credentials used for authentication. API endpoints can also be used to attack further inf...
over 1 year ago in Domino / Security 1 Needs Clarification
Copyright © 2023 HCL Technologies Limited