[cifs-protocol] 600634 - RE: salt used for various principal types
Richard Guthrie
rguthrie at microsoft.com
Tue Aug 5 16:27:12 GMT 2008
Andrew,
I will be working with you to resolve this issue. I will conduct my research and get back with you shortly.
Richard Guthrie
Open Protocols Support Team
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM 7100 N Hwy 161, Irving, TX - 75039 "Las Colinas - LC2"
Tel: +1 469 775 7794
E-mail: rguthrie at microsoft.com
We're hiring http://members.microsoft.com/careers/search/details.aspx?JobID=A976CE32-B0B9-41E3-AF57-05A82B88383E&start=1&interval=10&SortCol=DatePosted
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Monday, August 04, 2008 9:19 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: salt used for various principal types
I can't find any reference in either MS-ADTS or MS-KILE regarding the salt used for for the different types of principals in the kerberos protocol. (A salt is used as a confounded in string2key operations in
kerberos)
I know there are different salt calculations for users and computers, and presumably again for interdomain trust accounts. See:
http://lists.samba.org/archive/samba-technical/2004-November/037976.html
In particular, as I am working on interdomain trusts, and so in addition to the information at that URL, I need to know if there is a different salt used on the domain$ principal as compared to the krbtgt/my.realm at other.realm principal?
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
More information about the cifs-protocol
mailing list