[cifs-protocol] salt used for various principal types

Andrew Bartlett abartlet at samba.org
Tue Aug 5 02:19:08 GMT 2008

I can't find any reference in either MS-ADTS or MS-KILE regarding the
salt used for for the different types of principals in the kerberos
protocol.  (A salt is used as a confounded in string2key operations in

I know there are different salt calculations for users and computers,
and presumably again for interdomain trust accounts. See:

In particular, as I am working on interdomain trusts, and so in addition
to the information at that URL, I need to know if there is a different
salt used on the domain$ principal as compared to the
krbtgt/my.realm at other.realm principal?


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080805/b83780c0/attachment.bin

More information about the cifs-protocol mailing list