Blog

Blog Search

Search this site

Advertisements

Everything Else

Sponsor

Wood Watch Review

Google Custom Searches

Custom Blogger Search
Custom Sametime Search
Custom XPages Search

Subscribe

Subscribe via RSS

Recent Tweets

Hosting by

You are here: Home › Blog

Taking S/MIME out to pasture


Tags :


I sent a Twitter yesterday on how I was overlooking the obvious in setting up some secure mail between two sites.  They wanted to use S/MIME.  Did both run Notes? No.  That would have been easy with sharing of public keys and letting them encrypt until they couldn't breathe.  This was a Notes to another email package.  So the theory was creating X.509 certificates, passing them out like Halloween candy treats and hoping everyone nibbled.

Then it hit me.  Why are we going through so much work here?  So we got a common and known Internet certificate for both servers, made sure that the other side could understand it and forced all communication via TLS from SMTP to SMTP.  Their whole point was encrypting data between the Internet flow, not necessarily once it was received since multiple people may need access to the data.

We set Domino 8 to force the TLS conversation and stop if it could not make one.  We made sure the other server understood to start a TLS conversation when asked and off we went.  Secure Internet mail flow between disparate sites at will.