If you run a security scan (e.g. Nessus) against a Domino HTTP / SMTP Server you might get the following result:

Hostname: "Domino1" (xxx.xxx.xxx.xxx)
Plugin name: "SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability"
Severity: Medium
Risk factor: Medium

Fixing this "issue" is quite easy:

The solution for that is to prevent SSL connections from renegotiating. This must be done via the notes.ini key SSL_DISABLE_RENEGOTIATE=1. After this is set you need to restart the domino server.


Cross Reference:

Transport Layer Security (TLS) Renegotiation Indication Extension