Questo che potete vedere sotto è il change log con le correzioni del server
LCHG9UPBFM | IBMi:TLS1.2 support for system SSL on IBM i Domino |
KLYH9URNFY | TLS 1.2 Client handshake request rejected by Server if server certificate chain signature type not supported by the client |
KLYH9URNJH | TLS 1.2 Notes / Domino as a TLS client rejects handshake with server if no common signature algorithm available |
KLYH9UQJQN | Remove RC4-SHA from the default cipher list for TLS 1.2 |
KLYH9UPMR7 | Crash Problem in kyr caching |
RKUR9PEDEB | Implement HSTS (Http Strict Transport Security).This header informs supported browsers that the site should only be accessed over an SSL-protected connection (HTTPS) |
RGET9TSMKD | Add IP Information to HTTP Thread logs for SSL Handshake connections |
MKIN9QHT5W | Passing a directory to kyrtool will crash the tool |
DKEN9RVQGD | kyrtool import all sometimes reports SECIssUpdateKeyringPrivateKey returned error 0x0720, AVA separator not found or Syntax error in OID when a \ is in a certificate name part |
DKEN9SSUR6 | Add more detailed logging for SSL/TLS connections to help diagnose failed connections. |
KLYH9UFNWH | New notes.ini SSL_DISABLE_TLS_10 to support Disabling TLS1.0 for compliance reasons. Used in conjunction with existing DISABLE_SSLV3=1 allows you to limit communication to TLS 1.2 only for protocols: HTTP, SMTP, LDAP, POP3 & IMAP |
KLYH9QKTGH | Added SHA-256 cipher specs for increased security with TLS 1.2 |
KLYH9QKTED | Added Advanced Encryption Standard (AES) Galois/Counter Mode for increased security with TLS 1.2 |
KLYH9QKTBL | Added Perfect Forward Secrecy (PFS) via Ephemeral Diffie-Hellman (DHE) cipher specs for SSL/TLS |
KLYH9QKT4B | Notes / Domino Support for TLS 1.2 (Transport Layer Security 1.2) with protocols: HTTP, SMTP, LDAP, POP3 & IMAP |
KLYH9UBNGW | Add pinning to SHA-256 for TLS 1.2 |
RMAS9PFRHP | Namelookup retrieval via remote LDAP does not retrieve correct attributes |
HCHC9GG66F | Administrator Client Shows Wrong File Sizes of database with DAOS size>0 After Server Restart |
A questa pagina potete trovare il change log di Notes e tutti i link di download.
Se tramite il vostro server erogate servizi Http, Ldap, Smtp ,Pop3, Imap vi consiglio di prepararvi per installare questo agiornamento il prima possibile e di passare al TLS 1.2 per avere il vostro server ed i vostri dati al sicuro.
Complimenti a IBM per il rilascio di questa nuova funzionalità in Domino che rimane un server in evoluzione con un ottimo supporto !
Nessun commento:
Posta un commento