Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

244 VOTE
Status Assessment
Workspace Domino
Categories Security
Created by Guest
Created on Jul 23, 2018

TLS 1.3 Support for the Domino INET Stack

TLS 1.3 should be added in Domino 11.

There are already recommendations to disable TLS 1.0 and I have seen customers who already disabled TLS 1.0 on their SMTP servers. On the other side there are still unpatched environments which do not support TLS 1.2 today.

In a year from now there are much more servers only supporting current ciphers and TLS 1.2.

Now that TLS 1.3 is finalized and published it makes sense to look into it.

Here is a good write-up about the benefits and some details. It also contains a list of software which already supports TLS 1.3.

https://www.wolfssl.com/docs/tls13/


Daniel Nashed [ https://blog.nashcom.de ]

  • Attach files
  • Guest
    Reply
    |
    Jan 18, 2024

    This should also be implemented without voting and should be available as a basic function

  • Guest
    Reply
    |
    Oct 10, 2023

    Hello: Currently the security issue is not an option and should not depend on whether we vote for it or not.

    Please HCL tell us in which version TLS 1.3 will be supported?

  • Guest
    Reply
    |
    Apr 21, 2023

    Still no TLS 1.3 ... why?

  • Guest
    Reply
    |
    Nov 2, 2022

    Would be nice to see TLS 1.3 in version 12, now that Domino v11 has come and gone.

  • Guest
    Reply
    |
    Oct 26, 2021

    TLS1.3 and/or HTTP/2 (or even QUIC) makes any HTTP server respond faster (end-to-end).

    This is a cheap low-hanging fruit...


    [ Toni Feric, Belsoft Collaboration ]

  • Guest
    Reply
    |
    Jan 22, 2021

    Fully agree: modern standards should be implemented asap!


    HCL, please stop IBM's low performance.

  • Guest
    Reply
    |
    Sep 18, 2020

    Be ahead this time. We all remember POODLE

  • Guest
    Reply
    |
    Oct 10, 2019

    I wish I could vote for this 11 times. This kind of thing is critical to Domino's image as a secure product.

  • Guest
    Reply
    |
    Dec 12, 2018

    Version 11 is definitely to late. Version 10 or 9 would be good

  • Guest
    Reply
    |
    Dec 11, 2018

     Clients wants to introduce TLS v1.3 protocol and will be using it as the only supported protocol.
    Their dedicated NotesClient on the Archiving Bridge host uses currently the version 901FP8SHF244.
    Their End-user-clients can use any NotesClient version e.g. 901FP10.
    They want 901FPxx-NotesClient to support TLS v1.3(basically client and Domino)

  • Guest
    Reply
    |
    Aug 30, 2018

    This is necessary so that IBM/HCL don’t find themselves in another embarrassing POODLE situation like with SSLv3 (where for years TLS was rejected as being needed as SSLv3 was deemed sufficient by IBM). Domino should be leading the way in security.

  • Guest
    Reply
    |
    Jul 23, 2018

    I agree. Slowness to adopt TLS 1.3 is not good for the image of the product. It would help if it could be seen as on top of such changes.