MS's implementation of SPNEGO ...
Jim McDonough
jmcd at us.ibm.com
Wed Oct 9 16:17:23 GMT 2002
>> >The mechListMIC is an optional field. In the case that the chosen
>> >mechanism supports integrity, the initiator may optionally include a
>> >mechListMIC which is the result of a GetMIC of the MechTypes in the
>> >initial NegTokenInit and return GSS_S_COMPLETE.
>>
>> I haven't seen Microsoft's implementation include this field,
>> though, except on the NegTokenTarg in which case it includes a
>> copy of the responseToken.
>
>Well, I have seen it on both the negTokenInit and negTokenTarg, and they
>both seem wrong. In neither case are they a MIC.
Amen. It appears that they have just overloaded it. And with useless data
in the case of the negTokenTarg..
----------------------------
Jim McDonough
IBM Linux Technology Center
Samba Team
6 Minuteman Drive
Scarborough, ME 04074
USA
jmcd at us.ibm.com
jmcd at samba.org
Phone: (207) 885-5565
IBM tie-line: 776-9984
More information about the samba-technical
mailing list