[cifs-protocol] [EXTERNAL] Re: [MS-OAPXBC] Exchange PRT for Access Token, HS256 or RS256? - TrackingID#2312150040011919

Kristian Smith Kristian.Smith at microsoft.com
Tue Dec 19 20:22:59 UTC 2023 

Hi David,

Thanks for the heads up! I'll check the code to confirm and get back to you soon.


Regards,

Kristian Smith

Support Escalation Engineer | Azure DevOps, Windows Protocols | Microsoft® Corporation

Office phone: +1 425-421-4442

Email: kristian.smith at microsoft.com<mailto:kristian.smith at microsoft.com>

Working hours: 8:00 am - 5:00 pm PST, Monday – Friday

Team Manager: Gary Ranne garyra at microsoft.com<mailto:garyra at microsoft.com>

ServiceHub:  https://serviceshub.microsoft.com/support/contactsupport_

In case you don't hear from me, please call your regional number here:  https://support.microsoft.com/help/13948/global-customer-service-phone-numbers.

If you need assistance outside my normal working hours, please reach out to devbu at microsoft.com<mailto:devbu at microsoft.com>.  One of my colleagues will gladly continue working on this issue.devbu at microsoft.com<mailto:devbu at microsoft.com>.  One of my colleagues will gladly continue working on this issue.

________________________________
From: David Mulder <dmulder at samba.org>
Sent: Tuesday, December 19, 2023 9:44 AM
To: Kristian Smith <Kristian.Smith at microsoft.com>
Cc: cifs-protocol at lists.samba.org <cifs-protocol at lists.samba.org>
Subject: [EXTERNAL] Re: [MS-OAPXBC] Exchange PRT for Access Token, HS256 or RS256? - TrackingID#2312150040011919

You don't often get email from dmulder at samba.org. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>


On 12/19/23 10:39 AM, Kristian Smith wrote:
[Obaid to Bcc]

Hi David,

I'll be looking into this Oauth question you've posed. Once I've completed my research, I'll reach out to you with my findings.

FYI, I think the correct answer is that these pages need to be updated to say to sign with the device key for RS256, or sign with the session key for HS256. They should not say that you can sign with either. When I send an Exchange PRT request signed with the device key and RS256, the request is ignored.

--
David Mulder
Labs Software Engineer, Samba
SUSE
1221 S Valley Grove Way, Suite 500
Pleasant Grove, UT 84062
(P)+1 385.208.2989
dmulder at suse.com<mailto:dmulder at suse.com>
http://www.suse.com<http://www.suse.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20231219/71d78a4d/attachment.htm>

More information about the cifs-protocol mailing list