Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 288

Automatically add "secure" flag to all cookies, when https is used

When a Domino server serves http requests through encrypted https, it should automatically add the " secure " flag to all cookies. There should be a global flag to enable/disable this feature. (default: enabled) In reality, most Domino servers wit...
9 months ago in Domino / Security 0 Needs Review

Sign dll used for Password synchronisation

HCL is a partner of Microsoft, it would be great if you can sign Password Capture and sinchronization dll with developer certificate, that Microsoft might already issued you. This will allow to use Password synchronization feature in LSA protected...
over 1 year ago in Domino / Security 1 Under Consideration

SAML - provide support for Single Logout

The SAML Service Provider implemented in Domino 10 is much better than in the previous versions and integrates without a problem with all standard-complying IdPs. However, one important feature is missing and that is Single (a.k.a. Global) Logout...
almost 6 years ago in Domino / Security 5 Planning to Implement

Ability to send trusted certificate list even if destination endpoint sends empty DN

Domino currently is designed to decline sending any certificate and requires the destination endpoint to send a list of trusted DN CAs. As per EXO "Exchange sends its certificate along with the certificate request to Domino. In our certificate req...
5 months ago in Domino / Security 1 Assessment

SAML configuration for Internet site with multiple hostnames

When you configure a SAML for an internet site shared by multiple sites, the SAML authentication leads to a redirect to the first server in the configuration as the response url is always pointing to that server. We tried to set it up with AAD. Th...
about 1 year ago in Domino / Security 1 Under Consideration

Domino Inbound SMTP STARTTLS -- Log TLS Version and used Cipher

Most other applications add the TLS Version and used cipher to the received header.Example: from xyz.acme.local (10.100.1.234) by abc.acme.local (10.100.109.233) with Acme SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P...
almost 6 years ago in Domino / Security 3 Assessment

API-Key Authentication for Domino Web Applications

Provide ability to create a API-Key records in names.nsf for third party applications to connect to Domino resources for various reasons (Mostly REST-API, Web agents, DAS, etc.) Right now customers provide a separate username password and the othe...
about 2 years ago in Domino / Security 5 Under Consideration

Option to relocate ../data/cacert.pem outside Domino data

We added several certificates into cacert.pem when using NotesHTTPrequest call in LotusScript. After a update or upgrade, this file is renewed. Please introduce a notes.ini parameter to relocate this file to ( example ) /local/cacerts/cacert.pem
about 1 month ago in Domino / Security 2 Needs Clarification

Allow to distinguish between HTTP requests without database access privileges

When summarizing database web access, we count requests in domlog.nsf or access log (text), but we cannot distinguish between requests from users without access privileges and those with privileges. Please be able to distinguish requests from user...
about 1 month ago in Domino / Security 0 Needs Review

Evolve management of Java Security Policy on Domino Server

Domino mandates java security controls to avoid code from performing privileged operation. Control of policies is defined by java.policy files. This is a burden for customer, partners and admins. The proposal is to implement a new Java policy prov...
almost 3 years ago in Domino / Security 0 Under Consideration