Hi Hongwei,
The product team confirmed that Windows servers always truncate session
keys to 16 bytes for signing. As per previous e-mail, your SMB signing has
to use entire 32 bytes of AES session key for signing. Do your newly found
bugs affect this statement ?
No, I still believe
Good morning! I indeed should have noted the change was made to [MS-SPNG]
instead of [MS-NLMP] (thanks for catching that).
I have just submitted your comments (shown immediately below) as a change
request against [MS-SPNG].
...the phrase that are not embedded in [RFC4178] SPNEGO messages
Good morning again Andrew. I am near to completion with my investigation, and
expect to provide you with the results for your review on Monday.
Once we are at the point of having the necessary information, I will file
appropriate documentation change requests.
Regards,
Bill Wesse
MCSE /