Execuse me!I want to change the security type of my server ID from ‘North American’ to ‘International’.How can i do?
Subject: How to change the security type of notes id?
Is there a specific reason you need to do this? It should make no difference any longer, unless you have older servers or clients (which is quite possible.)
From the “Encryption” entry in the R6 Administration help file
Encryption strength
All Notes IDs contain two public/private key pairs. Prior to 5.0.4, key lengths were restricted for the purposes of encrypting data, but not for authentication or signing. Anything over 512-bit RSA key and 56-bit symmetric key was considered strong encryption and was not allowed for export by the U.S. Government. Customers were required to order and choose among kits of different cryptographic strengths.
With the relaxation of US government regulations on the export of cryptography, the Domino server and the Domino Administrator, Domino Designer, and Lotus Notes client products have consolidated all previous encryption strengths – North American, International, and France – into one strong encryption level resulting in a single “Global” release of the products. The Global release adopts the encryption characteristics previously known as North American. Strong encryption in Global products can be used worldwide, except in countries whose import laws prohibit it, or except in those countries to which the export of goods and services is prohibited by the U.S. government. Customers are no longer required to order Notes software according to cryptographic strength.
When you upgrade to a Global release of Domino and Notes, stronger cryptography will be used without a requirement to reissue existing IDs. These changes are seamless to users as well as administrators. When two different versions of software are communicating, the encryption negotiation will result in a step-down to the weaker level. Therefore, the full benefits of stronger encryption will only be realized when all software has been upgraded to the Global (release 5.0.4 and later) level. However, any mixed versions of the software will interoperate.
The “Register New User” dialog box still offers a choice between North American and International Ids. It was left this way because administrators often use the North American or International distinction for administration purposes, or there may be older versions of the software still in use in some companies. In addition, countries have their own import rules. Preserving this distinction will allow Lotus to respond to specific country changes, if required.
Note These regulations pertain only to export from the United States. For other countries with import regulations, customers need to check the requirements of the specific country. While Lotus takes all steps to acquiesce with governmental encryption regulations worldwide, Lotus recommends that customers familiarize themselves with local encryption regulations to remain in compliance.
Interoperability issues
Support for ID types. Both North American and International ID types continue to be supported for the Global release. This is for backward compatibility with pre-5.0.4 clients. Lotus Notes users can keep their existing International IDs if the Global version of the software is installed. The Global version will automatically allow the use of stronger encryption. Browser users can keep their existing key ring, but users must follow the manufacturer’s recommendations for upgrading the browser to stronger encryption.
Interoperability with post-5.0.4 releases. If your organization’s clients and servers are all running release 5.0.4 or later, it makes no difference whether you create North American or International IDs. Both types of ID will work the same way.
Interoperability with pre-5.0.4 releases. Lotus Notes users, as well as Domino servers which have been upgraded to release 5.0.4 and later, can authenticate and continue day-to-day operations securely with clients and servers running on earlier releases of software. However, if your organization has clients or servers running releases earlier than Notes and Domino 5.0.4, you should continue to create the same types of IDs you created with the earlier versions. International versions of releases prior to 5.0.4 do not allow users to switch to North American IDs, so when registering new international users, you shouldn’t create only North American IDs. Similarly, North American versions of earlier releases use weaker cryptography when running with International IDs, so you shouldn’t create only International IDs.
The best strategy for deciding between North American and International IDs is to continue using the decision process that was in place for earlier releases of Notes and Domino. Eventually, as you upgrade the Notes clients and Domino servers, the decision will not matter.
Stephen Lister
Subject: RE: How to change the security type of notes id?
Thank you very much,Stephen!another question:
I have two servers.One is 6.0 release,another is 5.0.2c releases. Can i setup a replication between them without upgrade the second one to 5.0.4?