MS-RPCE 3.3.1.5.2.2 implies that the PFC_SUPPORT_HEADER_SIGN bit in the RPC bind messages negotiates optional support for header signing. however, this is not the case - the client (Vista SP1 in this case) will sign the RPC headers if the target security mechanism supports it.
(ie, original style NTLM has unsigned headers, NTLM2 session security signs them, GSSAPI does not, unless using AES per MS-KILE 3.4.5.4.1) Therefore the documentation for this extension should be rewritten to indicate that this is an informative bit, not a negotiated flag. (And while painful to me, if this were to be a real negotiation, the attacker this feature is expected to disrupt would be able to simply turn it off). Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
