BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 04-04-2007, 07:23 AM   #1 (permalink)
New Member
 
Join Date: Apr 2007
Model: 7100T
Carrier: None
Posts: 1
Post Thanks: 0
Thanked 0 Times in 0 Posts
Lightbulb Read Notes native encrypted messages received on the BlackBerry device

Please Login to Remove!

Dear All,

I would like to find answers in connection the procedure reading encrypted Lotus Notes messages on BB handheld.

The manual says:
Import the Notes ID to the mail database for Notes native encryption support
.
.
6. Blackberry Desktop Manager will automatically locate the ID file and attach it to the mail database.


*Due to security concerns I would like to know when the notes.id is being stored in the user's mail file?
*Can it be deleted/accessed by any other procedure except for native Blackberry?
*If the regularly password change is being forced for Lotus Notes users, following password change the Blackberry device does not ask for new password. Why?

Any advice, material which detail these would be greatly appreciated.

Regards,

Laszlo
Offline  
Old 04-04-2007, 09:10 AM   #2 (permalink)
Knows Where the Search Button Is
 
Join Date: Dec 2005
Location: PARIS in France
Model: 8820
Carrier: Orange
Posts: 15
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

You can find some answer below :

Decrypting and reading messages on the BlackBerry device using Lotus Notes API 7.0
The BlackBerry® Enterprise Server Version 4.1 or later for IBM® Lotus® Domino® with Lotus Notes® API 7.0 automatically turns on support for reading IBM Lotus Notes encrypted messages and S/MIME encrypted messages on the BlackBerry device. Lotus Notes API 7.0 requires the BlackBerry device user’s Notes .id file and password to decrypt the received secure messages. The BlackBerry device user must manually click Import Notes ID and attach a copy of the Notes .id file that they used to login.


If a BlackBerry device user has support for this feature turned on, the BlackBerry device forwards or replies to an encrypted message that the BlackBerry device has received, decrypted, and decompressed, the BlackBerry Enterprise Server for IBM Lotus Domino decrypts the message before the BlackBerry device sends the message to the recipient as plain text. The BlackBerry Enterprise Server administrator can set the Disable Notes Native Encryption Forward And Reply IT policy rule to prevent BlackBerry device users from forwarding and replying to IBM Lotus Notes encrypted messages on their BlackBerry devices.
IBM Lotus Notes and S/MIME message decryption process
If a BlackBerry device user sets support for reading IBM Lotus Notes and S/MIME encrypted messages on the BlackBerry device, when the BlackBerry device user receives an IBM Lotus Notes or S/MIME encrypted message, the BlackBerry Enterprise Server for IBM Lotus Domino decrypts the message using the following process:
1. A BlackBerry device user receives an IBM Lotus Notes and S/MIME encrypted message.
2. The BlackBerry Enterprise Server for IBM Lotus Domino messaging agent decrypts the BlackBerry device user’s cached Notes .id password and uses the decrypted password to decrypt the message.
If the BlackBerry Enterprise Server for IBM Lotus Domino messaging agent does not have the Notes .id password, the BlackBerry device user must select More, More All, or Open Attachment to pull the decrypted message to the BlackBerry device.
3. The BlackBerry Enterprise Server deletes the decrypted Notes .id password from memory. The encrypted Notes .id password remains cached.
4. The BlackBerry Enterprise Server pushes the decrypted message to the BlackBerry device, where the user can read the message.


Notes .id password protection
After a BlackBerry device user imports the Notes .id file and password (stored in the Notes .id file), the password is
• encrypted in BlackBerry device memory using AES with the BlackBerry device user’s master encryption key
• encrypted in the BlackBerry Enterprise Server for IBM Lotus Domino messaging agent memory using AES with the BlackBerry device user’s master encryption key
• decrypted before being used to call the required Lotus Notes API security functions
The BlackBerry Enterprise Server for IBM Lotus Domino messaging agent deletes the Notes .id files and plain text passwords it stores when
• a message decryption failure occurs on the BlackBerry Enterprise Server
• the BlackBerry Enterprise Server restarts
• the password times out (the default expiration timeout is 24 hours)
The encrypted Notes .id password remains stored in the BlackBerry Enterprise Server for IBM Lotus Domino messaging agent memory cache.
The BlackBerry device deletes the Notes .id files and plain text passwords from BlackBerry device memory when
• a message decryption failure occurs on the BlackBerry device
• the BlackBerry device resets
• the password times out (the default expiration timeout period is 24 hours)
If a BlackBerry device user types more than ten consecutive incorrect passwords on the BlackBerry device within one hour, the BlackBerry Enterprise Server for IBM Lotus Domino messaging agent makes secure messaging unavailable to that BlackBerry device user for one hour.


The temporary disabling period increases by ten minute increments to a limit of 24 hours. It increments each time a BlackBerry device user exceeds the maximum number of failed password attempts, and defaults back to one hour when the user types the correct password.
When secure messaging is temporarily unavailable, a BlackBerry device user can manually re-enable secure messaging by importing the Notes .id file, or changing their Notes .id password using the BlackBerry Desktop Software or the Domino Web Access client.
Protecting stored data
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.