NTLMSSP auth header
Jeremy Allison
jallison at whistle.com
Thu Apr 2 18:26:04 GMT 1998
Luke Kenneth Casson Leighton wrote:
>
> and paul leach also mentioned that he is trying to get the various bods to
> consider releasing NTLMSSP documentation for public review, too.
>
Yeah it's been promised for a while. I'll believe it
when I see it.
> jeremy, do you _happen_ to know what then occurs if you negotiate "encrypt
> data"? note the "authentication verifier" at the end. paul ashton
> reckons that there is an rc4 key kicking about that decrypts the packet...
>
Nope, 'fraid not. I have ordered the DCE/RPC specs though,
and reading through them on the net I know understand
fully what the 4 byte pointer values are (that we add
as zero if there is no value, and 1 if there is - that's
wrong BTW, or did you fix this ?). I also now understand
why MS embedd NT pointer offsets into the DCE packets - it's
quite an elegent solution to cut down on bandwidth.
Bug me if you need an explaination.
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list