Hi
I was going through a Notes and Domino security related interview in Iris
Today Webzine at www.notes.net
Although it does not cover iNotes per se, here is a question which talks
of iNotes:
--- Begin Quote ---
Have products like iNotes Web Access presented different security
considerations? How about the browsers themselves? How do you
address these various scenarios?
Katherine Spanbauer:
When we talk about security considerations for these products with
our existing customers, they are familiar with the features they have had
in Notes for years. They rely on them. So when we bring access to Domino
servers from a different client environment, where we only really control
half of the equation, it presents some interesting challenges. We have to
take into consideration what the browser capabilities are and realize that
we dont have control over how the browsers handle certain things. It just
means we need to be little more creative about how we bring some of the
Notes features to a non-Notes environment. It also means we need to find
ways to off-load client functionality to the Domino server in order to
provide similar features.
For example, Notes has the Execution Control List to protect client
workstations from potentially damaging code from executingsomething a Web
browser doesnt offer. So for iNotes Web Access, we designed an Active
Content Filter mechanism to remove potentially malicious code before
delivering it to the client. The feature doesnt yet offer the same level
of granularity that Notes does, but weve taken our experiences with Notes
and applied them to new client models.
--- End Quote ---
If you get anymore info. on iNotes security kindly pass it on to me.
regards
Kani
On Fri, 23 Nov 2001, Thomas Ullrich wrote:
> At the moment we are testing Lotus Domino with the browser based iNotes
> interface in our company.
> Has anybody on this list information about security aspects in this
> area. I noticed that a lot of ActiveX and active
> scripting had to be enabled in the Internet Explorer which is probably
> the first security issue. Is there more?
>
> Thanks
> Thomas
