On Tue, 2011-11-15 at 03:56 +0000, Hongwei Sun wrote: > Andrew, > > After reviewing code, we confirmed that this fixed session key are > used by some SAMR/LSAD RPC functions. We are working on updating all > the related documents. When they are available , I will let you know.
Thanks! Now would also be a good time to work out a way to remove them :-). I would be very happy to work with your developers on a secure way we can indicate to a server that these keys should not be used, or that they should only be available over encrypted transports. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
