[102] in Best-of-Security
BoS: CIFS Authentication Protocol Review
daemon@ATHENA.MIT.EDU (Russ)
Thu Apr 3 17:56:14 1997
Date: Wed, 26 Mar 1997 03:43:38 -0500
Reply-To: Windows NT BugTraq Mailing List <NTBUGTRAQ@RC.ON.CA>,
Russ <Russ.Cooper@RC.ON.CA>
From: Russ <Russ.Cooper@RC.ON.CA>
Errors-To: best-of-security-request@suburbia.net
To: best-of-security@suburbia.net
Resent-From: best-of-security@suburbia.net
Sent on behalf of Paul Leach <paulle@microsoft.com> by Russ Cooper
<russ.cooper@rc.on.ca> due to a screw up by me (Russ).
-------
We are releasing preliminary drafts of the proposed fixes to the
CIFS/SMB authentication protocols for widespread public review. If they
pass review, they will be in Service Pack 3 for NT 4.0.
The original protocol from which the new version descends was designed
more than a decade ago; recently, quite a few weaknesses have been found
in those previous versions. This latest revision is an attempt to repair
those weaknesses with as small a change to the protocol as possible, so
that it can be incrementally and rapidly deployed.
All three documents are available in .doc, .txt and postscript.
Information on how to get them is available from:
ftp://ftp.microsoft.com/developr/drg/cifs/sec.htm
All followup discussion should be on the CIFS mailing list at
CIFS@listserv.msn.com.
Your comments are actively solicited.
------------------------------
Paul J. Leach
paulle@microsoft.com
