SPNEGO and multiple authentication types ...

Jim McDonough jmcd at us.ibm.com
Tue Aug 27 04:39:14 GMT 2002

Luke Howard wrote:
  >46 06   10:           OBJECT IDENTIFIER '1 2 840 113554 1 2 2 3'
>The first is Microsoft's bodged Kerberos OID, which appears to be used
>in the SPNEGO negotiation only. The next is the real Kerberos OID. Not
>sure about the one afther that. The final one is NTLMSSP.

Steve French posted this on samba-technical a couple of weeks ago:

>Kerberos when going to Win2K.  The missing oid is 10 bytes - 2a 86 48 86
>12 01 02 02 03 which appears to be an interesting subdialect of ("user to
>user") Kerberos ticket exchange which is even documented. Take a look at:
 >which mentions draft-swift-win2k-krb-user2user-02.txt

Jim McDonough
IBM Linux Technology Center
Samba Team
6 Minuteman Drive
Scarborough, ME 04074

jmcd at us.ibm.com
jmcd at samba.org

Phone: (207) 885-5565
IBM tie-line: 776-9984

More information about the samba-technical mailing list