[security-dev 01592]: Re: Request for comment: spec: NTLM as a SASL mech
Natalie Li
Natalie.Li at Sun.COM
Wed Feb 3 16:54:03 UTC 2010
Nicolas Williams wrote:
> On Wed, Feb 03, 2010 at 08:34:13AM -0800, Natalie Li wrote:
>
>> Max (Weijun) Wang wrote:
>>
>>> Hi Nico
>>>
>>> Is there a separate OID for NTLM as a GSS-API mech?
>>>
>> Yes, OID for NTLM is "1.3.6.1.4.1.331.2.2.10"
>> And the encoded OID octet string is:
>>
>> 102 #define GSS_MECH_NTLMSSP_OID "\053\006\001\004\001\202\067\002\002\012"
>>
>
> But it doesn't go on the wire in the initial context token, right?
>
No, if you're interested in implementing raw NTLMSSP (i.e. without the
SPENGO wrapper).
Yes, if the NTLM mech token is embedded in the SPNEGO initial context token.
Natalie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20100203/c1eb3147/attachment.htm>
More information about the security-dev
mailing list