[cifs-protocol] RE: List of interfaces used by Trusted domains (SRX081021600181)

[Bill Wesse]

You are welcome! I certainly agree concerning the encrypted packets. I will look into what can be done with this (custom component builds, of course).

Regards,
Bill Wesse
MCSE, MCTS / Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  +1(980) 776-8200
CELL: +1(704) 661-5438
FAX:  +1(704) 665-9606


-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, October 21, 2008 6:17 PM
To: Bill Wesse
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: List of interfaces used by Trusted domains (SRX081021600181)

On Tue, 2008-10-21 at 09:47 -0700, Bill Wesse wrote:
> Good morning Andrew. Bill Wesse here again. I have just taken
> ownership of this case (SRX081021600181), and have already begun work.
>
> Please note that the attached document ([SCENARIO_DOMAIN_TRUST].pdf)
> contains some of the information you are looking for (for external
> trusts only, at this point).
>
> I am currently setting up a virtual machine to house FreeBSD and MIT
> Kerberos in order to detail the network traffic involved with trust
> manipulation, and will keep you advised of my progress.

Thankyou very much.

One note I would make about the packet dumps, which form the majority of this document is that while the cleartext headers are specified in incredible detail, they provide little information.  At the same time, the actually useful parts are still encrypted.

Perhaps these could be reversed, with the headers excluded (if an implementer can't understand the headers, they should look at the right RPC doc) but the payload in the clear.  This would save space, paper and provide more useful information.

Thanks,

Andrew Bartlett

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.