Improved DAOS object encryption
Beginning with Domino V12, you can create a shared key that multiple servers that are enabled for DAOS can use to encrypt objects.
In addition, when you encrypt objects with the server ID file, you can now choose AES-128 or AES-256 bit encryption.
Note: If you anticipate needing to revert a Domino 12 server to a pre-11.0.1 version, before upgrading the server to Domino 12, add the following notes.ini setting to force Domino to use the legacy encryption for DAOS objects: DAOS_NLO_ENCRYPTION_METHOD=0.
When the Server document field DAOS object encryption is set to Private to this server, this notes.ini setting causes the "DAOS encryption strength" to be "Domino classic". Without this change, Domino 12 or later will default to AES-128 instead.