[Pfif] [cifs-protocol] Clarify AEAD behaviour for GSSAPIwith AES

Hongwei Sun hongweis at microsoft.com
Wed Jan 7 21:34:38 GMT 2009


metze,

   I just want to check to see if you have any more feedback about the latest update of diagram and text.   If you don't have any more questions, I will close the case regarding Gss_WrapEx with  AES128-CTS-HMAC-SHA1-96 in MS-KILE.


Thanks

----------------------------------------------------------
Hongwei  Sun - Sr. Support Escalation Engineer
DSC Protocol  Team, Microsoft
hongweis at microsoft.com
Tel:  469-7757027 x 57027
-----------------------------------------------------------





-----Original Message-----
From: Hongwei Sun
Sent: Tuesday, December 30, 2008 10:26 AM
To: 'Stefan (metze) Metzmacher'
Cc: Andrew Bartlett; pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: [Pfif] [cifs-protocol] Clarify AEAD behaviour for GSSAPIwith AES

Stefan,

   We have updated the example for GSS_WrapEx with AES128-CTS-HMAC-SHA1-96 in MS-KILE as per your suggestion.  I attached the updated section 4.3 of MS-KILE for your review.  Please also see the inline comment.

   We really appreciate your help for improving our Open Protocol Documentation.


>-----Original Message-----
>From: Stefan (metze) Metzmacher [mailto:metze at samba.org]
>Sent: Sunday, October 19, 2008 10:03 AM
>To: Hongwei Sun
>Cc: Andrew Bartlett; pfif at tridgell.net; cifs-protocol at samba.org
>Subject: Re: [Pfif] [cifs-protocol] Clarify AEAD behaviour for
>GSSAPIwith AES

>Hi Hongwei,

>>   We finished adding an example for GSS_WrapEx with
>> AES128-CTS-HMAC-SHA1-96 in [MS-KILE]. The attached PDF document is
>> the newly added section(4.3) of the [MS-KILE] document.
>>
>>   We really appreciate your suggestion.   Please let us know if you have
>> further questions regarding this subject.

>It would be nice if this example would use ec != 0, as that was exactly
>not match RFC 4121 and the reason our (heimdal) krb5 code was not able
>to handle network traffix from windows.

We explicitly documented in the latest update that  "right rotation by (EC+RRC) count" should be performed.

>You should unify the naming of the resulting overhead, in the diagramm
>you use 'checksum' and in the test you use 'signature', maybe 'token'
>would be the better word here, as 'checksum' is a non unique in the diagramm.

We fixed the inconsistency between text and diagram.

>An example with arcfour-hmac-md5 would also be very useful, as there
>the pseudo ASN.1 wrapping arround the token is very tricky.
>As it's only arround the 'token' instead of 'token' + 'message' +
>'padding' as it is for the standard GSS_Wrap function.

>Also it would be nice to have a specific example how the RPC layer
>calls GSS_WrapEx.

>It would also be very helpfull to know how the mapping to the SSPI
>function parameters works.

I already responded to you regarding these questions in a separate mail on 11/24/08.

>metze



Thanks

----------------------------------------------------------
Hongwei  Sun - Sr. Support Escalation Engineer DSC Protocol  Team, Microsoft hongweis at microsoft.com
Tel:  469-7757027 x 57027
-----------------------------------------------------------


More information about the cifs-protocol mailing list