profile image
Cormac McCarthy
HCL Ambassador, blogger, and senior consultant for Domino People
Posts by Cormac McCarthy
article-img
Digital Solutions | March 16, 2021
HCL Domino v12: The 4 New Security Features You’ve Been Waiting for
While no platform is immune to the possibility of hacking, the question I would pose is: Has your Domino infrastructure ever been hacked?  Didn’t think so. It’s probably boring to say that the most straight forward answer is HCL Domino is rock solid on security.   When set up correctly and optimised, HCL Domino is the most secure platform of its type.  It’s true though.  Reliable and secure is a good thing. A very good thing.  The HCL Domino v12 beta is out now.  If you haven't already tried it, it's free for all existing licensed Domino customers.  It's waiting there in flexnet for you to download and try it out!  It's the first time a beta of this type is in existence and it has multiple interactions (we're currently on beta 2; beta 3 is scheduled for the end of March. Register here to join us for the beta 3 webinar. What I really love about it is the almost instantaneous feedback from the beta forum, from those in charge of development.  Domino v12 is scheduled for full release in Q2 of this year.  (June 2021 timeframe is given at the moment). Read an overview of what’s coming here. Here's is a list of all the NEW NATIVE security features coming in Domino v12 and there's a whole host of them: Automating certificate management  Time-based one-time password (TOTP) authentication  Enforce internet password lockout based on IP address  TLS 1.0 is disabled by default  Support for PEM-formatted TLS host keys and certificates  Two new curves supported for TLS 1.2 ciphers that use ECDHE for forward secrecy New template signing ID uses 2048-bit keys NRPC port encryption supports forward secrecy using X25519 Import internet certificates that contain unsupported critical extensions Suppress key rollover alerts during ID vault synchronization New Query Vault command options Support for SameSite cookie  Also note native support for DKIM is planned in the 12.0.x timeline. (Again natively, you can achieve DKIM with third party mail gateways). We could argue about which are the best and more important ones here, but I'm going to concentrate on the 4 new security features in Domino v12 that...
Close