While sat in Daniel Nashed and David Kern's excellent Domino Security session at Connect, there was a comment and slide that made me tweet this:




Now, I'm back in the office it's time to address this. So based on that session it seems as if LDAP, SMTP, DIIOP, POP3 and IMAP (and Remote debug monitor?) protocols do not adhere to the cipher list in the server document (there was no mention of internet sites documents, but I would presume they are affected by this issue too). That means even if you indicate that the server should only use, say AES ciphers like this:

Image:Domino and SSL ciphers. The server document may not be doing what we expect it to do

then any protocol that is not HTTP or HTTPS seems not to restrict this to AES. It would seem to allow RC4 and any other cipher allowed by the server (one would hope that with the TLS fix that also disabled low quality ciphers that none, 40 and 56 bit would get disabled by this but I can neither confirm nor deny this).

There is however a server notes.ini you can use that apparently does work on these errant protocols, but note, this also overrides anything in the server document FOR ALL PROTOCOLS so test first:

Use the NOTES.INI setting SSLCipherSpec to specify SSL restrictions for all protocols. Ciphers are specified by a 2-digit code. You can add as many ciphers as you need.

For example, to enable 3DES and RC4128SHA ciphers, enter the following line in the NOTES.INI file:

SSLCipherSpec=050A    

where 05 = 3DES and 0A = RC4128SHA.



So that's handy right? What about the two digit hex values? Well this is where you hit a bit of a brick wall. All I can find is this list:

(SSL users only) Determines which SSL-compliant cipher to use to encrypt files on the server. Specification numbers correspond to the following ciphers:

01 - SSL_RSA_WITH_NULL_MD5
02
- SSL_RSA_WITH_NULL_SHA
03
- SSL_RSA_EXPORT_WITH_RC4_40_MD5
04
- SSL_RSA_WITH_RC4_128_MD5
05
- SSL_RSA_WITH_RC4_128_SHA
06
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
09
- SSL_RSA_WITH_DES_CBC_SHA
0A
- SSL_RSA_WITH_3DES_EDE_CBC_SHA
0B
- SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
0C
- SSL_DH_anon_WITH_RC4_128_MD5
0D
- SSL_DH_anon_WITH_DES_CBC_SHA

To enter multiple ciphers, enter each cipher specification value, including leading zeros. Do not include spaces between values. For example:

SSLCipherSpec = 01020A

from http://www-10.lotus.com/ldd/dominowiki.nsf/dx/SSLCipherSpec. What you will no doubt notice is the absence of any AES ciphers in that list. My guess is a quick PMR (sic!) will get you all the values, but I can't seem to find them anywhere so I cracked open DDE and took a look:

Image:Domino and SSL ciphers. The server document may not be doing what we expect it to do

So it looks to me as if AES 128 is "2F" and AES 256 is "35". I would still suggest you PMR this as you use any information on this blog at your own risk (see what I did there?).

So if you want to limit all protocols on a server to just RC4 128 SHA-1and MD5 and AES 128 and 256, which will give you a pretty good spread of clients then add this:

SSLCipherSpec=04052F35


Again this will override anything in the server or internet sites documents. After sitting through Daniel and David's session there should be a lot more to come in the next few weeks, like TLS 1.2, new ciphers, SSLv2 handshake's (to prevent some issues people are having with STARTTLS between Domino and other servers) and other things I can no longer recall.

Darren Duke   |   February 3 2015 08:03:36 AM   |    domino  ssl  security    |  
  |   Next Document   |   Previous Document

Discussion for this entry is now closed.

Comments (2)

Gravatar Image
1 - Stuart       02/03/2015 9:38:50 AM
Gravatar Image
2 - Ray Bilyk    http://www.thepridelands.com    02/03/2015 2:15:29 PM

They need to get that SSLv2 handshake issue done. IBM and another vendor were having a contest to see which one of them would tick me off more as they bounce me back and forth between the two...