Is Traveler/Activesync data encrypted by default?
Michael Kinder asked me this question, and I am trying to get a definative answer. If you happen to know, can you please comment?
Basically, you setup Lotus traveler and all is well, and your boss has his iPhone and mail etc. Again, all is well. But, is the data traveling between the traveler server and iPhone (i.e. Activesync protocol/traffic) encrypted by default?
Andy Dennis Said,
March 30, 2010 @ 2:30 pm
Hi Paul, by default I don’t think this is the case. With an iPhone you should be using SSL to encrypt your traffic with traveler. I’d recommend that if he requires an encrypted connection he uses SSL and self signed CA’s do work with this and the iphone.
pmooneynet Said,
March 30, 2010 @ 3:48 pm
Andy – I’m pretty sure thats for the initial connection and setup (i.e. connecting to the site to get it up and running from the iPhone). I’m on about the traffic after setup (i.e. the exchange of mail/PIM).
Andy Brunner Said,
March 31, 2010 @ 7:41 am
It is determined at the time of the iPhone setup (Profile). If the user accesses the /servlet/traveler homepage thru SSL, then the profile is setup this way and all future connections are thru SSL. This setting cannot be changed after the profile is installed.
Mike Kinder Said,
March 31, 2010 @ 11:51 pm
Andy, that may be just the “qualification” I need – is that documented somewhere?
Also, Paul, thanks for blogging about this and all your help.
Mike Kinder
Dave Harris Said,
April 1, 2010 @ 5:25 am
That must be iPhone specific then, since it can be changed any time on a Nokia E-series
Andy Brunner Said,
April 1, 2010 @ 6:50 am
Mike,
The documentation http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp tells you how to do it. You can also create iPhone configuration profiles (a kind of device policies) which allows you to e.g. force PIN lock, disable app downloads, etc. This iPhone Configuration Tool is downloadable from http://support.apple.com.