Good morning again Andrew. As I noted in my other email, I will provide unencrypted network packet contents as soon as I can (I will keep you advised on this).
Meanwhile, I have spent considerable time handchecking the source code in various versions of Windows Server (2000 - 2008), in order to profile trust management. In the general case, the same functions are used, but I have not yet collected the version dependant detail differences. I would again like to thank you for your patience; I expect to have a progress update for you next week. Regards, Bill Wesse MCSE, MCTS / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -----Original Message----- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 6:17 PM To: Bill Wesse Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: List of interfaces used by Trusted domains (SRX081021600181) On Tue, 2008-10-21 at 09:47 -0700, Bill Wesse wrote: > Good morning Andrew. Bill Wesse here again. I have just taken > ownership of this case (SRX081021600181), and have already begun work. > > Please note that the attached document ([SCENARIO_DOMAIN_TRUST].pdf) > contains some of the information you are looking for (for external > trusts only, at this point). > > I am currently setting up a virtual machine to house FreeBSD and MIT > Kerberos in order to detail the network traffic involved with trust > manipulation, and will keep you advised of my progress. Thankyou very much. One note I would make about the packet dumps, which form the majority of this document is that while the cleartext headers are specified in incredible detail, they provide little information. At the same time, the actually useful parts are still encrypted. Perhaps these could be reversed, with the headers excluded (if an implementer can't understand the headers, they should look at the right RPC doc) but the payload in the clear. This would save space, paper and provide more useful information. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. _______________________________________________ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol