After a brief chat in the Lotus Notes Skype chat with Jim Casle, Declan Lynch, Steve Pridemore and Frederick Norling it has become apparent that Domino maybe susceptible to the newly discovered POODLE TLS issue (POODLE 2.0 if you will). You can read about the new issues here and here.

Go scan your servers at SSL Labs.

Anyway, provided you are using 9.0.1 FP IF1 (the TLS fix that IBM provided a while back) the apparent Domino fix is to disable AES and 3DES ciphers and run with only RC4:

Image:POODLE TLS - The POODLE Strikes Back - change your settings now....

With those changes you go from an "F" to a "B" on SSL Labs. Here is the server with AES and/or 3DES enabled:

Image:POODLE TLS - The POODLE Strikes Back - change your settings now....

Here is a Domino server with just RC4 enabled:

Image:POODLE TLS - The POODLE Strikes Back - change your settings now....

Oh, and F5's are also at risk.....

If you're on anything less than 9 then you don't get TLS so you're not affected by this.....oh, the irony.
Still it would be very beneficial to IBM's public perception to get TLS 1.2 and better ciphers into Domino ASAP. Fixing this stuff once a decade is not cutting it. As you can see above RC4 is not to hot these days.

As Adam Langley puts it:

This seems like a good moment to reiterate that everything less than TLS 1.2 with an AEAD cipher suite is cryptographically broken

So, IBM, the ball is in your court again.......

I will be updating my free proxy soon, but that is not affected by this issue, it still gets a "B".
Darren Duke   |   December 9 2014 08:45:25 AM   |    domino  poodle  ssl  security    |  
  |   Next Document   |   Previous Document

Discussion for this entry is now closed.

Comments (10)

Gravatar Image
1 - Jeff Hagen    12/09/2014 10:56:13 AM

>>If you're on anything less than 9 then you don't get TLS so you're not affected by this...

Not true. 8.5.3 FP6 with IF4 (shows as "HF1024" in "show server") enables the same TLS 1.0 stack including the new POODLE 2.0 bug.

Gravatar Image
2 - Darren Duke       12/09/2014 12:52:32 PM

@1, you are right.....I got my SHA2's mixed up with my TLS's......I'll rectify the blog post shortly.

Gravatar Image
3 - Jeroen       12/09/2014 3:03:00 PM

We installed HAproxy, and now on A+. If you need config hits, let me know on Google+

Gravatar Image
4 - Stuart       12/09/2014 6:05:13 PM

We needed to disable SSL3 so went to IHS on our 9.0.1 FP2 IF1 Traveler server. That is now showing as an F (his server is vulnerable to the POODLE attack against TLS servers. Patching required. Grade set to F.) even though SSL is completely disabled in Domino as IHS is doing HTTPS/TLS. Thoughts? Back to Domino doing SSL in the shot term but still be vulnerable as SSL3 is still enabled in Domino.

Gravatar Image
5 - Darren Duke       12/10/2014 6:48:36 AM

@4, Stuart there is a way in Domino to disable SSLv3 (unsupported right now, but signs are it might make the light of day at some point), but unfortunately I am under NDA and can't disclose it. I would suggest putting in a PMR and seeing what IBM say.

Gravatar Image
6 - Don       12/10/2014 3:00:29 PM

Thanks for this tip! Triple DES is now disabled on our servers without IHS. Still hoping that IBM is serious about disabling SSLv3 and prove TLS1.2 some day soon...

Gravatar Image
7 - Stuart       12/10/2014 4:28:32 PM

Thanks for lead Darren - I will open a PMR however it looks like we will move to using Netscaler to provide certificate management / HTTPS and front our Traveller servers and bypass IBM security altogether.

Gravatar Image
8 - Jeff Hagen    12/11/2014 3:44:52 AM

Has anybody with Windows Domino & IHS tried this workaround setting to enforce "strict CBC padding" yet?

{ }

Workarounds and Mitigations

For all versions and releases of Apache based IBM HTTP server, IBM recommends enabling strict CBC padding enforcement. Add the following directive to the httpd.conf file to disable SSLv3 and SSLv2 for each context that contains "SSLEnable":

# Enable strict CBC padding

SSLAttributeSet 471 1

Gravatar Image
9 - Pat Lavan       12/11/2014 4:58:17 AM

On Domino 9/IHS, I previously disabled all ciphers other than RC4 which brought the SSL Labs score up to B, noting the weak cipher. I've now re-enabled all ciphers, disabling the RC4 ciphers, and added SSLAttrubuteSet 471 1. Server is now back to A-. Need to do some further testing etc but looking OK so far.

Gravatar Image
10 - Steve Pridemore       12/12/2014 4:14:03 PM

With some tweaks to my nginx proxy I was able to get up to an A and still maintain an acceptable range of support for older browsers.