[cifs-protocol] [REG:115021012380664] Re: MS-BKRP

Andrew Bartlett abartlet at samba.org
Tue Feb 10 17:32:46 MST 2015

On Tue, 2015-02-10 at 17:37 +1300, Andrew Bartlett wrote:
> G'Day,
> Can I please get some clarification as to what "MS-BKRP
> Processing a ClientWrap Wrapped Secret" is actually for?  What is the
> use case, and does any known client trigger this code path?
> It seems very, very strange. 
> Andrew Bartlett

As a followup, the thing about this very odd mode is that the writer
appears to be giving a hint, but not in the MUST, SHOULD, MAY language.
They write:

*If* the server chooses to process a ClientWrap wrapped secret that was
passed by the client to the BACKUPKEY_RESTORE_GUID_WIN2K interface, it
MUST proceed as follows:

What puzzles me is the lack of a Windows behaviour note, and it reads to
me as if this was considered mistake, that the doc writer suggests
others should not follow.  It would be great if it said 'Servers MAY
choose to ..., clients SHOULD not call this interface in this way' (and
then a note that no Windows client calls this interface in this way, if
that is the case).

In short, do I need to implement this or not, as I would rather not. 


Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the cifs-protocol mailing list