encryption on network
Steve French
smfrench at gmail.com
Thu Jul 28 19:23:05 MDT 2011
On Thu, Jul 28, 2011 at 7:26 PM, Christopher R. Hertel <crh at ubiqx.mn.org> wrote:
> Jeremy Allison wrote:
> :
>>> Right, but the question particularly listed WinXP as one of the
>>> participating clients. Windows clients don't support the Unix extensions,
>>> so they don't support encrypted SMB and that kinda ruins the whole thing,
>>> eh? [sad face]
>>
>> Yes I realize that. But that's not what you said. You said:
>> "The SMB protocol does not provide any mechanism for encrypting traffic
>> between clients and servers." - but that's not generically true,
>> only between *Microsoft* clients and servers.
>
> Well... technically the SMB protocol (as it exists today) is defined by the
> Microsoft specifications, and they don't include any support for encryption.
>
> There is, unfortunately, no "official" specification of the Unix extensions
> for SMB (only an old draft that doesn't include encryption, IIRC). Also, as
> their name suggests, they're extensions to the protocol which means that
> they're not part of the protocol itself.
>
>> You made it sound like that was definitive, and you are the
>> acknowledged authority on CIFS/SMB, so I couldn't let that
>> stand. People link to your posts here :-).
>
> Absolutely right to set the record straight. I should have added the caveat
> that the Unix extensions include support for encryption.
>
>>> Please allow me to join the choir on that. (I'll sit at the back and not
>>> get in anyone's way.) [winky face]
>>
>> Maybe if we all wish REALLY HARD, Steve and Jeff will hear
>> us.. :-).
>
> Don't forget to click your heels together and burn the tana leaves when the
> moon is full over Vermont. ;)
I haven't forgotten ... just queued up behind reviewing ~10 other patches.
--
Thanks,
Steve
More information about the samba-technical
mailing list