Leadership By Numbers

The Notes/Domino Security development team has posted a request in the Business Partner forum for gathering feedback from customers and partners on  future security features. It's easier for me to post on my blog than it is to send out an email blast, so please consider taking a few minutes to help out.

Survey:  Notes/Domino Security Features
Response requested by 15-April-2005

Please send all responses as email to security@notesdev.ibm.com

1. Do you use the Domino Certificate Authority, which was introduced in 6.0?  If so, do you use it to issue Notes certificates, Internet certificates or both?  If not, why?  How can we make the feature more usable for your organization?
2. Do you use S/MIME for securing Internet email?  If so, do you use the Domino CA or a third party CA (such as Verisign, Entrust, etc) for your internet certificates?  If you don't use S/MIME now, do you have plans to use it in the future?  What would make it easier to roll out in your organization?  What percentage of your users use, or will use, S/MIME?
3. Do you use Domino Web Access or Notes Roaming User?  What percentage of your users use these clients vs. the full Notes client?  How can we improve and/or expand these features?  
4. Do you use the ID and Password Recovery feature?  If not, why not?  What process, procedure or product do you use instead to manage lost IDs and/or passwords?  How can we make the feature more usable for your organization?  
5. Do you use smartcards for protecting Notes ID files?  If so, what other applications will also use smartcards for credential storage?  If not, is smartcard usage planned in the future?  What percentage of your users will have smartcards?
6. What value does the Notes ID provide your organization (e.g. signing, encryption, dual-factor authentication)?  Are you interested in an ID-less Notes client?  What problems would eliminating the ID file solve in your environment?  What percentage of your user base would be candidates for an ID-less client?  Note:  without the ID file, users will not have certificates for signing email or for receiving (decrypting) Notes mail, but it would reduce or eliminate the burden of certificate management.  They may still be able to encrypt mail for other users and verify signatures.  What tradeoffs are acceptable in your environment?
7. How do you use Domino security policies (ECL and/or password policies) in your organization?  If you don't use policies, why not?  What enhancements would make this feature more usable in your environment?  Are additional security policies needed?
8. Are you trying to build / configure SSO for your applications?  If so, please list the top 5 applications or platforms.  If you know, please list the authentication protocols used by those applications/platforms.
9. What other security feature(s) would you most like to see added or changed?  Do you need more APIs for managing security functionality and if so, which are most important to expose in the toolkit?  Do you require support for other algorithms or protocols (e.g. Kerberos, AES)?  Please feel free to explain in detail.
10. (Optional long term strategy question)  Envision your dream architecture for directory and PKI in your environment.  What features do you need and for which protocols do you need interoperability?  What other products should share or interoperate with this architecture?
11. For the features you would like us to improve, please provide relative rankings and importance for each.
12. Would you be willing to talk to a member of the Domino security team to expand upon your responses, if requested?

Contact information:
Company Name:
Contact Name:
(Optional) Job Title:
Email address:
(Optional) Phone number:
(Optional) Primary Lotus/IBM contact (SAM, LSM, SE, etc):