svn commit: samba r21903 - in branches/SAMBA_3_0/source/libsmb:
.
Luke Howard
lukeh at padl.com
Mon Mar 26 23:37:40 GMT 2007
>I'm with Andrew here. Something smells funny about this from a
>security perspective. I need to think about this more post-
>coffee. :-)
OK, I spoke to Jeremy... it sounds like his approach might be
the simplest way to allow for rekeying and protecting the
negotiation of encryption.
I think I still would have a preference for a single negotiation
of GSS context (until you need to rekey, at which point I would
adopt the current approach). You could use CIFS signing to
protect the negotiation of encryption.
--luke
--
www.padl.com | www.lukehoward.com
More information about the samba-technical
mailing list