Welcome to the #dominoforever Product Ideas Lab! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated jointly by the IBM & HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino page.


Improve manageability of digital signatures in email to protect against spearphishing attacks

A former client (who had moved from Notes to Outlook, god bless 'em) suffered a large financial hit when a bookkeeper received a late Friday afternoon urgent directive from the "CEO" (who was conveniently unavailable to confirm) to immediately, before EOB that day, wire transfer umpteen thousand dollars to a foreign bank account. The money was, of course, never seen again, and at least one department head's head rolled out the door as a collateral result. 

Upon hearing this story I concluded that digital signatures could go a long way to preventing spearphishing attacks such as this one. Thus, if the bookkeeper had been required to act only upon receipt of an email digitally signed by the CEO, the bookkeeper would have seen that the received message was not digitally signed and would have rightfully refused to send the money on that basis.

To, to test this idea, I set up a policy in my own organization that forces the addition of digital signatures to all new messages. Then I discovered that, while this works great for messages addressed to internal (Notes) addressees, it causes a dialog to pop up whenever an external (Internet) address appears in the outgoing message address fields. The dialog box basically says that the sender doesn't have an appropriate (X.509) private key and cannot sign the message to the external addressee, and asks the sender to choose between sending the message unsigned or not sending it at all. 

So, MY NEW IDEA: Enhance digital signature management so that admins can, by policy, supply the answer to the question in the outgoing dialog, so that either all mail addressed to external users automatically goes out either unsigned or not at all, without bothering the user, while all mail addressed to internal users automatically includes the sender's digital signature.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Jul 17 2018
  • Investigating
  • Attach files