[cifs-protocol] [MS-KILE] Certificate strings - but nothing is said as to how these strings are to be derived from the client’s certificate - TrackingID#2308180010001826
Hung-Chun Yu
HungChun.Yu at microsoft.com
Fri Aug 18 04:44:26 UTC 2023
[bcc dochelp]
Hi Joseph
Thank you for contacting Protocol Support. We created SR Case - TrackingID#2308180010001826. Do leave this tag in the subject line for future references.
One of our engineers will be contacting you shortly.
Hung-Chun Yu
hunyu at microsoft.com
-----Original Message-----
From: Joseph Sutton <jsutton at samba.org>
Sent: Thursday, August 17, 2023 7:26 PM
To: cifs-protocol at lists.samba.org; Interoperability Documentation Help <dochelp at microsoft.com>
Subject: [EXTERNAL] [MS-KILE] Certificate strings
[Some people who received this message don't often get email from jsutton at samba.org. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
Hi dochelp,
[MS-KILE] 3.3.5.6.4.6, “PAC_CLIENT_CLAIMS_INFO Structure”, mentions that the KDC should call GetClaimsForPrincipal() to get the claims blob with which to populate the PAC_CLIENT_CLAIMS_INFO structure. One of the parameters to GetClaimsForPrincipal(), namely “pCertificateStringsArray”, comprises “[a] set of Unicode strings”, but nothing is said as to how these strings are to be derived from the client’s certificate.
Can you outline the procedure by which these strings are formed, and perhaps provide an example of such a string?
Regards,
Joseph
More information about the cifs-protocol
mailing list