On Tue, 2004-06-01 at 17:19, Love wrote: > Andrew Bartlett <abartlet@samba.org> writes: > > > This first draft of the Microsoft type 23 crypto stuff is missing from > > Heimdal's documentation tree: > > > > http://www.watersprings.org/pub/id/draft-brezak-win2k-krb-rc4-hmac-00.txt > > > > Given how these tend to disappear from the web, can it be added to the > > doco? (That collection is also very useful, when looking at schannel - > > an otherwise unrelated crypto system - which it appears is where the > > type 23 stuff was copied from, inside MS). > > Sure, btw in what document is schannel documented ? Officially, none. But those wise at this trade advise (correctly) that if you squint in the right direction and look at what data you have, and these specs, that the dots line up very nicely. Even the mutual agreement on a session key (not something that krb5 does) is 'documented' - they use the signature routines, just in a slightly different way. (for those not spending their entire days crawling up MS's network protocols, schannel is a 'secure' communication system between domain controllers and domain members, based on a shared secret, not entirely unlike kerberos...) Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net
This is a digitally signed message part