[cifs-protocol] [REG:115021012380586] Timer events in MS-BKRP - when should we roll over keys?

Vilmos Foltenyi vilmosf at microsoft.com
Mon Feb 9 23:11:22 MST 2015

[dochelp to Bcc, SR # to Subject]

Hi Andrew,

Thank you for your question. I created the case SR 115021012380586 to track this issue with the Protocol Documentation support team. An engineer from our team will contact you soon via e-mail to begin working with you.

Vilmos Foltenyi - MSFT

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Monday, February 9, 2015 19:50
To: Interoperability Documentation Help
Cc: cifs-protocol at lists.samba.org
Subject: Timer events in MS-BKRP - when should we roll over keys?

MS-BKRP has no timer events in MS-BKRP 3.1.4, but I wonder:  When does windows roll over these keys, and what policy or other configuration is used to control this?

I'm assuming the ClientWrap certificate needs to be rolled over one a year, as it has a 365 day lifetime.


Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the cifs-protocol mailing list