[cifs-protocol] Re: (More): Status: SRX080803600053: [MS-NLMP] raw NTLMSSP tokens in GSS-API/SPNEGO

Adam Simpkins simpkins at cisco.com
Wed Dec 17 05:56:15 GMT 2008

On Tue, Dec 16, 2008 at 04:06:46AM -0800, Bill Wesse wrote:
> Good afternoon Mr. Simpkins. Thank you for your patience.
> We have modified [MS-NLMP] for a future posting, as shown below, to address your comments (which I have also included, for the sake of completeness).
> Please let me know if this meets your needs.
> ==============================================================================
> [MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol Specification
> 3.1.4 Higher-Layer Triggered Events
> The application client initiates NTLM authentication through the Security
> Support Provider Interface (SSPI), the Microsoft implementation of GSS-API
> [RFC2743]. NTLM does not support RFC 2743 token framing (Section 3.1
> [RFC2743]).

Yes, I think that sufficiently addresses the issue.  I think it would
have been nice to also mention the implications of this lack of
support (how it affects the tokens generated by
GSS_Init_sec_context() and the tokens accepted by
GSS_Accept_sec_context()), but I'll take what I can get.

Thanks for all your help pushing this change through, Bill!

Adam Simpkins
simpkins at cisco.com

More information about the cifs-protocol mailing list