"Secure" channel demystifying?
Dimitry V. Ketov
Dimitry.Ketov at avalon.ru
Thu Jul 1 18:11:21 GMT 2004
> -----Original Message-----
> From: Henrik Nordstrom [mailto:hno at squid-cache.org]
> > Sorry, still can't catch an idea of what that (just
> authenticated, not
> > signed and not chyphered channel) adds to the challenge-handshake
> > (NTLM) security...
>
> Nothing really for the NTLM handshake as such, but there is a
> few fields exchanged always encrypted unless my memory serves
> me wrong.. This includes the "session key" and possibly other
> sensitive information.
Yes, but why NTLM scheme cannot be used instead for user logon? Why
mutual authentication used between domain member and domain controller,
while simple challenge-response protocol is used between client and
domain member?
Dimitry.
More information about the samba-technical
mailing list