[cifs-protocol] Verify Microsoft Catalog Files
Andreas Schneider
asn at samba.org
Tue Oct 18 18:46:24 UTC 2016
On Tuesday, 18 October 2016 18:00:47 CEST Bryan Burgin wrote:
> [Dochelp to bcc]
>
> Hi Andreas,
Hi Bryan,
> I assume that this inquiry is an extension to our discussions with the
> product group re [MS-RPRN] and/or [MS-PAR] and the July patch (that began
> issuing a dialog box to users while installing printer drivers) and the
> "fix" to that problem that was released for Windows 10 last week October
> 11.
yes, this is related to our discussion about MS-PAR.
>
> You request is for how you obtain a copy of this certificate. I would like
> to (a) verify that this request is in conjunction with our previous
> discussions and (2) to back up a bit and understand where you are in
> resolving this issue and how you go to the point where you're asking this
> question. For instance: is this in your pursuit to implement [MS-PAR] or
> is this in relation to [MS-NPRN]?
(1) This is in conjunction with our previous discussion about [MS-PAR].
(2) This is about MS-PAR. Package aware v3/v4 printer drivers ship an .inf
file and a .cat file. The .cat file is a Microsoft Catalog file. It is a DER
encoded PKCS#7 certificate with embedded data. The embedded data is a
Certificate Trust List (CTL).
To be able to verify the Catalog file (the PKCS7 signature) which is shipped
with a driver I need a copy of the certificate. I guess it is stored in the
Windows registry.
I guess the Catalog file is validated before the driver gets copied to the
driver store. But that's probably an additional question. I think we should
collect questions about MS-PAR and send them to dochelp.
:)
Thanks so far.
Best regards,
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the cifs-protocol
mailing list