Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 298

Disabling wink to be used as a potential attack vector

Seeing more and more attempts to use Wink as an attack vector (see example below). Looking into possibility to disable wink so that it wont cause any potential security risk. 03/17/2022 10:04:27 AM HTTP JVM: 1399490 [Thread-11] INFO org.apache.win...
about 2 years ago in Domino / Security 2 Already Exists

Domino to have permissions policy header

There are customers who are experiencing permissions-policy vulnerability. This is the former "Feature Policy" with new specs. Can domino have the same to mitigate vulnerabilities related to it?
about 2 years ago in Domino / Security 3 Needs Clarification

Rate limiting protections for Domino

An authentication endpoint without rate limiting protections can be susceptible to innumerable amounts of credential stuffing and eventual guessing of set of credentials used for authentication. API endpoints can also be used to attack further inf...
about 2 years ago in Domino / Security 1 Needs Clarification

User defined keystore for Domino

Currently, the Notes/Domino v9.x (same with newer versions) can only use the default JAVA trust keystore under Domino application server. The JAVA update overwrites this default keystore. Please add the option to set a custom,user defined keystore...
over 2 years ago in Domino / Security 2 Needs Review

Wants to change the SAML URL which hard coded with /names.nsf?SAMLLogin

If SAML URL customization is the bussiness requirement so SAML URLshould be flexible which currently hard coded with /names.nsf?SAMLLogin
over 4 years ago in Domino / Security 2 Needs Clarification

Control over the setting "don't let administrator set Domino web/internet password to match Notes password" via Domino policy.

Administrator should have control over the setting "don't let administrator set Domino web/internet password to match Notes password" via Domino policy.
over 2 years ago in Domino / Security 1 No Plans to Implement

Disabling local processes or external processes using the Domino Server

A way to disable executing local processes and commands on Domino using powershell, cmd, etc
over 2 years ago in Domino / Security 0 Planning to Implement

Id Vault update with NSL enabled client

Customer requested that ID vault should be updated when NSL is enabled. They have policy to change windows password every 30 days and same need to be updated in ID vault .
almost 5 years ago in Domino / Administration / Security 1 No Plans to Implement

Mail Classification and ability to act on it with Traveler

Add Mail Classification into mailing, and add ability in Traveler to disable sending certain classifications to devices. Reason is that devices are not secure for "Top Secret" mail. :-)
about 5 years ago in Domino / Security 1 No Plans to Implement

Find a way to prevent ACL changes even with Full Access Admin invoked.

Find a way to prevent ACL changes even with Full Access Admin invoked.ORFind a way of not allowing changes made to the ACL on a spoke server to replicate out to all the other servers.
about 5 years ago in Domino / Security 4 Needs Clarification