Public key security

Every Notes® user ID and Domino® server ID has a unique public key for the Notes certificate. The public key is stored in an ID file and in the Person or Server document for that ID in the Domino Directory. Notes and Domino use the public key to authenticate users and servers, verify digital signatures, and encrypt messages and databases. A Notes user ID can also have a unique public key for an Internet certificate.

Issuing new public keys for a Notes certificate

If you suspect that an ID has been compromised because it was lost, stolen, or copied without permission, you can create a new public key for the ID. Creating a new public key allows you to maintain other parts of the ID -- for example, the encryption keys -- rather than create an entirely new ID, so that users can still use their old keys to decrypt encrypted email.

Notes users can create a new public key for the Notes certificate. The new public key must be certified before it can be used by Notes.

After certifying a new public key, you should set up servers to verify public keys. Public key verification involves matching the public key stored in the Domino Directory with the public key on the ID. Verifying public keys prevents an unauthorized user from using the ID with the original public key to access the server.

Note: This is done in addition to the key verification done by validating the certificate presented by the user during authentication.

Adding an existing Notes public key

When you register a user or server, Domino automatically adds the Notes public keys to the corresponding Person or Server document. However, you may need to manually add a user or server ID's public key in these situations:

  • A user wants to send encrypted mail to a Notes user in another domain. To send Notes encrypted mail, Domino must be able to access the recipient's Notes public key in the Contacts, Domino Directory, or LDAP directory. If the recipient is in another domain and the Domino Directory or LDAP directory for that domain is not accessible by directory assistance, then Domino can't access the recipient's public key for encryption. The sender must obtain the recipient's public key and add it to the Contacts or a Domino Directory that is set up with directory assistance. An administrator might also want to set up directory assistance for the Domino Directory or LDAP directory so users can encrypt messages to all users in the directories.
  • A user or server ID's public key in the Domino Directory becomes corrupted or is accidentally deleted, and the administrator needs to replace it.