Lotus Notes Encryption

From: ullmic6@web.de
Date: 01/08/03

Previous message: GrishNa Chong: "NFS access failed for server xxx: error 7 (RPC : Authentication error"
Next in thread: Philip Storry: "Re: Lotus Notes Encryption"
Reply: Philip Storry: "Re: Lotus Notes Encryption"
Reply: Alberto Cozer: "Re: Lotus Notes Encryption"
Maybe reply: SMiller@unimin.com: "Re: Lotus Notes Encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 08 Jan 2003 20:38:57 +0100
From: "ullmic6@web.de" <ullmic6@web.de>
To: security-basics@securityfocus.com

Hello everybody,

in my company we are using Lotus Notes/Domino R5 as mail tool. Even if
the encryption is proprietary and just 64 bits I like this feature very
much because it keeps the casual inside attacker from sniffing my mails.
But now something interesting happened. Encrypted mails that I sent just
disappeared. The explanation I got was: I have a subset of the domino
directory (which is on the server and which includes the public key of
the recipients) on my pc (called dircat). This local dir does not
include the public keys due to size and performance for mobile users. In
this scenario my Lotus Notes client does NOT download the public key
from the server directory and encrypt the message. Instead it just sets
a flag that this mail must be encrypted, sends it unenecrypted to the
server and tells the server to do the encryption. My encrypted mails
disappeared because these recipients public keys were missing on the
server. My problem here is that I want end-to-end encryption. I do not
want to delegate the encryption to a server (even if I hope that port
encryption is enabled like defined in our policies). Does anybody on
this list know if the encryption process really works like described
above. The infos on Lotus encryption on the web and in IBMs redbooks is
to unspecific to explain what's really going on here.

-- 
<- ullmic ->

Next message: Rahul: "router rules"
Previous message: GrishNa Chong: "NFS access failed for server xxx: error 7 (RPC : Authentication error"
Next in thread: Philip Storry: "Re: Lotus Notes Encryption"
Reply: Philip Storry: "Re: Lotus Notes Encryption"
Reply: Alberto Cozer: "Re: Lotus Notes Encryption"
Maybe reply: SMiller@unimin.com: "Re: Lotus Notes Encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Force enabling TLS
... sending emails without encryption. ... your sendmail server, but they know nothing about about the other hops ... talking to your sendmail. ... Then all the mails send by the users from testext.com to testint is ...
(comp.mail.sendmail)
Re: Creating an encrypted zipfile on Unix for Windows users
... them up, and mails them out. ... candidate doesn't do encryption. ... compatible encrypted archive which is easily opened by a Windows user ... The password prompt is repeated to save ...
(perl.beginners)
Re: [OT] Validity Of Email Disclaimers
... > mails sent from a personal email account, ... > disclaimer to remind me of this, but would a signature like the ... At the very least, use GPG/PGP assymetrical encryption. ... I do not even read the subjects of posts by "Sam" and his numerous ...
(comp.mail.misc)
RE: spying
... What you might want to use is encryption to deter such snooping. ... Are there IMs which allow encypted chat. ... PGP to encrypt and sign your mails. ... Regards, ...
(Security-Basics)
Re: Force enabling TLS
... "Encryption Required" ... immediately preceding MTA to your server is using TLS/SSL* - see above. ... testint.com without encryption and testint.com is receiving the mails ... The logs in the mail logs are as follows ...
(comp.mail.sendmail)