[security-dev 01592]: Re: Request for comment: spec: NTLM as a SASL mech

Natalie Li Natalie.Li at Sun.COM
Wed Feb 3 16:54:03 UTC 2010


Nicolas Williams wrote:
> On Wed, Feb 03, 2010 at 08:34:13AM -0800, Natalie Li wrote:
>   
>> Max (Weijun) Wang wrote:
>>     
>>> Hi Nico
>>>
>>> Is there a separate OID for NTLM as a GSS-API mech?
>>>       
>> Yes, OID for NTLM is "1.3.6.1.4.1.331.2.2.10"
>> And the encoded OID octet string is:
>>
>> 102 #define GSS_MECH_NTLMSSP_OID "\053\006\001\004\001\202\067\002\002\012"
>>     
>
> But it doesn't go on the wire in the initial context token, right?
>   

No, if you're interested in implementing raw NTLMSSP (i.e. without the 
SPENGO wrapper).
Yes, if the NTLM mech token is embedded in the SPNEGO initial context token.

Natalie

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20100203/c1eb3147/attachment.htm>


More information about the security-dev mailing list