The reality is that a Standard SSL Certificate and an EV SSL Certificate offer the same technical level of protection in encryption standards. The EV (or extended validation) Certificates require a different level of authentication. Not for the user, but for the website itself.
That lead me to figure out how the end user even knows if the certificate is a Standard SSL or EV SSL Certificate. I had no clue so I cannot imagine how an end user knows. Continue Reading here" Differences between Standard SSL and EV SSL" »
IBM has released fixes and patches, or remediation steps, to solve the issue.
The fix is included in Interim Fix 1 for Notes 8.5.3 Fix Pack 4* and Interim Fix 1 for Notes 9.0* for Windows with the Mac version coming soon. For Linux, clients are encouraged to monitor fix availability in 8.5.3 Fix Pack 5 and 9.0.1
You can obtain these fixes from Fix Central
Read more on SocialBizUG...
The National Vulnerability Database has issued a release dated Dec 27 2011 for Domino 8 servers prior to applying FP4 for Domino 8.5.2
Unspecified vulnerability in the authentication functionality in the server in IBM Lotus Domino 8.x before 8.5.2 FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Notes RPC packet.
IBM has answered this with technote #1575247 specifying you should upgrade to Domino 8.5.3 or apply FP4 for 8.5.2. Previous versions are affected.
Weekly data, normalized to January 1, 2006=1.00
In 2006, spam size increased at a dramatic rate caused by an increase in image spam. By February of 2007, spam size peaked at over 400% of what it had been in January of 2006. After the February 2007 peak, a decline in image spam caused a decline in the spam size growth. However, the summer has reversed that trend with an increase of spam with pdf and xls attachments. During the three days between August 6-8, 2007, we experienced another upsurge in total spam size, up 67% (in the peak of the three day period) from August 1. This was primarily due to a massive pump and dump scam that used a pdf file attachment.
Viruses also had an increase with the largest outbreak in over 2 years just happening in August 2007.
I couldn't remember, and didn't bother checking, what hierarchical name he used in his id so I simply entered Sean Burgess as unspecified into the ACL. He could not get in the database. I changed it to type person and added his O certifier and he got in fine. Wondering what gives here as this might have other implications for us in multi-tenant cross-certified environments.
Problem In very specific scenarios, there is a possibility that a Sametime® server could be exploited by a Cross Site Scripting vulnerability. Solution In a specific instance, it was found that a precisely crafted Sametime meeting could potentially contain text that would expose a Cross Site Script vulnerability.
This can be addressed in Sametime 7.5.1 by applying an available hotfix. All future releases will contain this fix within the shipping version. Additionally, the same issue was not seen using the EMS server.
I have more to say on this topic but I am thinking of a series or podcast. Any takers on comments/interview of your thoughts in a podcast?
Dinner the first night was Wildfire, a pretty good local chain. Apparently they are expanding to other cities like Atlanta shortly. Besides the snowshowers that hit tonight, dinner was split among people trying to go to different places. We ended up at Momotaro, a Japanese restaurant for some sushi.
What's New in Email Authentication?
Over the past 18 months, authenticated mail has evolved significantly from concept to implementation, with two complementary approaches: the Sender ID Framework (SIDF) and DomainKeys Identified Mail (DKIM). SIDF is an Internet Protocol (IP)-based solution that was developed from the merger of the Sender Policy Framework (SPF) and Microsoft Caller ID for Email. DKIM is the merger of Yahoo! DomainKeys and Cisco's Identified Internet Mail (IIM) specifications.
There is more rant to read on this below ... a search on Google for SIDF turned up some fun.
Continue Reading here" Messaging News: The Urgent Need to Implement Authenticated Email" »
Notes had just about the simplest possible replication mechanism imaginable. After all, we built it at Iris in 1985 for use on a 6Mhz 286-based IBM PC/AT with incredibly slow-seeking 20MB drives. We were struggling with LIM EMS trying to make effective use of more than 1MB of memory. Everything about the design was about implementation simplicity and efficiency.
Besides understanding what Tom was saying about not being able to actively comment back since he is saying he has discussions (which I personally take to mean with MS people as I grabbed maybe 6 or 7 links and saw no responses from Ray), I did find the idea intriguing.
One trackback posting made a quite simple and decent comparison of the previous Pull technologies of RSS with the proposed Pull Pull of SSE. But the initial spec has nothing noted about security or master sources yet. But, my thought here is that it will grow into that with Ray having input and his above statement about Notes. With the moves into XML throughout Microsoft products, enabling SSE ability is the first move into having replication in their technologies over another standard. Instead of the proprietary Domino replication abilities. The security and authorization has a long way to go yet, have no fear.
If we take this like school, Ray is trying to develop a new learning program on new standards and Lotus has had an established college for 20 years that has grown around some very basic roots of security, portability and simplified scalability.
The point of this posting is not how Lotus does the replication, but the far reaching capabilities it has after years of growth and enhancements. Then Ray floats an idea to base some Microsoft work on emerging specs and the slower flocks will follow far too soon. Take that last part and let it marinade some.