If you run a Nessus scan (or similar software) against a Domino HTTP Server you might get the following result:

- SSL Weak Cipher Suites Supported

- SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (so called 'BEAST Secure Socket Layer (SSL) 3.0 exploit')

Fixing this "issue" (= disable the affected cipher) is quite easy: {readmorelink}[...]{/readmorelink}

Read more: Hardening Domino: Addressing SSL Vulnerabilities

On Friday, IBM released an updated 8.5.2 version of Notes Traveler server, with serviceability updates and one new feature -- partial wipe. This is:

By popular demand, the Lotus Notes Traveler team has added a data only wipe option for Apple devices in the and later releases. Previously, the only option for wipe of an Apple device was a full hard reset of the device. Many Administrators are not comfortable with hard resting a device that has been purchased by the end user. This feature will allow an Administrator or the end user to remove the Lotus Traveler data without hard resetting the device. As with a full wipe, the device will be denied access to the Lotus Traveler server until explicitly allowed.

The remainder of Notes Traveler is documented in the product wiki here.