Specifications
Lotus Redbooks Wiki – IBM Lotus Notes and Domino V8.5 Deployment Guide
29
push the cross-certificates to the Contacts application on
Lotus Notes clients. The cross-certificates are used to
establish client trust of a certifier when accessing servers,
reading encrypted S/MIME mail, or installing signed Lotus
Notes client plugins. When you push cross certificates,
users are not required to create the cross-certificates or
retrieve them from the Domino Directory. You can also
push Internet certifiers to clients and enable users to create
cross-certificates themselves. There are two ways to push
certificates to clients' Contacts: through customization of
the Lotus Notes client installation media or through security
policy settings.
Time stamping plug-in jar signatures You can now time-stamp plug-in jar signatures using the
jarsigner tool provided by the Java™ SDK to ensure the
long term validity of plug-in signatures. The Notes client
uses a time stamp included with a plug-in jar signature to
determine if the plug-in signing certificate was valid at the
time of signing. If a plug-in signing certificate has expired
but was valid at the time of signing, Notes accepts it so that
users are not confronted with security prompts during plug-
in installation or provisioning. You can use security policy
settings control whether to also ignore expiration of the
time stamping certificates themselves. By default, time
stamping certificate expiration is ignored.
New setting for detection of other e-
mail applications
A new setting has been added to the Mail policy settings
document to allow for detection of e-mail applications other
than Notes. The first use of the detection functionality is to
prevent data loss when exchanging calendar invitations
among users of Notes calendars and users of other
calendars such as Microsoft Outlook/Exchange.
New setting for Lotus Protector for
Mail Security 2.5
Specify the Lotus Protector for Mail Security 2.5 server
URL in a NOTES.INI setting in the desktop policy settings
document.
New setting for customized quota
warning text
Specify customized mail quota warning text using a
NOTES.INI file setting in the desktop policy settings
document. Use the notes.ini setting quotawarningtext=
New settings specific to iNotes There are new policy settings for Lotus iNotes as well as
general policy settings that Lotus iNotes now supports. For
more information, see Lotus iNotes table.
Security
Windows® single sign-on for Web
clients
You can set up an IBM® Lotus® Domino® Web server to
honor Windows users' Active Directory logon credentials.
Users who are logged on to the Active Directory domain
can open applications on the server from a browser
without being prompted for a Domino HTTP password.
ID vault integration with programs
that store ID files in databases
You can enable Lotus® Notes® API programs that can
store Lotus Notes IDs in databases to use an ID vault.
Doing this allows the users of such programs, for example,
Lotus iNotes® users or Lotus Notes Traveler users, to take
advantage of the ID management features that an ID vault