Andrew,
I wanted to follow up on your request to add the sentence 'because the client
has already validated the server signature over the whole PAC, and because the
KDC signature if calculated over the server signature, it is sufficient to send
only the server signature to the NETLOGON server'
On Thu, 2008-09-04 at 06:54 -0700, Richard Guthrie wrote:
Andrew,
I am still researching the issue you are getting with
NT_STATUS_INVALID_PARAMETER however I wanted to send you an update to
the documentation based on your last feedback regarding computation of
the KDC signature. Section