encryption on network

Steve French smfrench at gmail.com
Thu Jul 28 19:23:05 MDT 2011

On Thu, Jul 28, 2011 at 7:26 PM, Christopher R. Hertel <crh at ubiqx.mn.org> wrote:
> Jeremy Allison wrote:
> :
>>> Right, but the question particularly listed WinXP as one of the
>>> participating clients.  Windows clients don't support the Unix extensions,
>>> so they don't support encrypted SMB and that kinda ruins the whole thing,
>>> eh?  [sad face]
>> Yes I realize that. But that's not what you said. You said:
>> "The SMB protocol does not provide any mechanism for encrypting traffic
>> between clients and servers." - but that's not generically true,
>> only between *Microsoft* clients and servers.
> Well... technically the SMB protocol (as it exists today) is defined by the
> Microsoft specifications, and they don't include any support for encryption.
> There is, unfortunately, no "official" specification of the Unix extensions
> for SMB (only an old draft that doesn't include encryption, IIRC).  Also, as
> their name suggests, they're extensions to the protocol which means that
> they're not part of the protocol itself.
>> You made it sound like that was definitive, and you are the
>> acknowledged authority on CIFS/SMB, so I couldn't let that
>> stand. People link to your posts here :-).
> Absolutely right to set the record straight.  I should have added the caveat
> that the Unix extensions include support for encryption.
>>> Please allow me to join the choir on that.  (I'll sit at the back and not
>>> get in anyone's way.)  [winky face]
>> Maybe if we all wish REALLY HARD, Steve and Jeff will hear
>> us.. :-).
> Don't forget to click your heels together and burn the tana leaves when the
> moon is full over Vermont.  ;)

I haven't forgotten ... just queued up behind reviewing ~10 other patches.



More information about the samba-technical mailing list