This forum is closed to new posts and
responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:
RE: My Lotus Notes Christmas List ~Umberto Nongeroson 24.Dec.03 06:03 PM a Web browser General 6.5All Platforms
Eric, the "security problem" with ?ReadNote is not that it skirts Notes security, but that it skirts "Domino security".
The difference? In Notes, if you put data into an item, it is available to any user who has at least READ access to the document, through the document properties if not on the form. Field-level encryption is only viable if the expected access to the encrypted item is broad (as by role, rather than per user).
Domino (web) can keep documents definitively "partially hidden" -- anything the developer chooses to keep hidden from the browser is hidden from the browser with no user recourse. ?ReadNote would be the equivalent of the properties dialog.
Needless to say, there are a lot of applications out there that would have to be rewritten to accommodate the lack of partial security. That's why it would have to be a fine-grained option with a default of "Definitely do not allow. No Sir, not in my database!", and should likely be accompanied by a warning if activated (perhaps even in a save confirmation for design notes in a database with blanket activation).
Return to top
. . . . . . RE: My Lotus Notes Christmas List (~Hal Zenrekonyl... 24.Dec.03) 
Print this page
