SPNEGO and multiple authentication types ...
Jim McDonough
jmcd at us.ibm.com
Tue Aug 27 04:39:14 GMT 2002
Luke Howard wrote:
>46 06 10: OBJECT IDENTIFIER '1 2 840 113554 1 2 2 3'
>
>The first is Microsoft's bodged Kerberos OID, which appears to be used
>in the SPNEGO negotiation only. The next is the real Kerberos OID. Not
>sure about the one afther that. The final one is NTLMSSP.
Steve French posted this on samba-technical a couple of weeks ago:
>Kerberos when going to Win2K. The missing oid is 10 bytes - 2a 86 48 86
f7
>12 01 02 02 03 which appears to be an interesting subdialect of ("user to
>user") Kerberos ticket exchange which is even documented. Take a look at:
>http://www.wedgetail.com/jcsi/2.2/kerberos/apidocs/com/dstc/security/kerberos/gssapi/package-summary.html
>which mentions draft-swift-win2k-krb-user2user-02.txt
----------------------------
Jim McDonough
IBM Linux Technology Center
Samba Team
6 Minuteman Drive
Scarborough, ME 04074
USA
jmcd at us.ibm.com
jmcd at samba.org
Phone: (207) 885-5565
IBM tie-line: 776-9984
More information about the samba-technical
mailing list