Metze,
The following changes will appear in a future release of MS-SMB2. Note that the
clause on "Session.EncryptData is TRUE" will exclude encryption of the initial
session setup. This clarifies that SESSION_SETUP for re-authentication or
session binding will be encrypted.
This statement:
I
Metze,
Generally speaking, decryption occurs as an outer layer. It is expected that
Windows server does not complain if the client encrypts SESSION_SETUP (for
reauth/or channel bind) and TREE_CONNECTS. What the protocol prescribes for
client side encryption is specified in 3.2.4.1.8 Encrypting