[saag] NTLMSSP draft
Sarat G <sarath.ginjupalli89@gmail.com> Sat, 25 July 2015 07:10 UTC
Return-Path: <sarath.ginjupalli89@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id D7AF81A8AB8 for <saag@ietfa.amsl.com>; Sat, 25 Jul 2015 00:10:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id pTGct4Hc0MsC for <saag@ietfa.amsl.com>; Sat, 25 Jul 2015 00:10:54 -0700 (PDT)
Received: from mail-qg0-x235.google.com (mail-qg0-x235.google.com [IPv6:2607:f8b0:400d:c04::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75E3D1A8AB1 for <saag@ietf.org>; Sat, 25 Jul 2015 00:10:54 -0700 (PDT)
Received: by qgy5 with SMTP id 5so22023920qgy.3 for <saag@ietf.org>; Sat, 25 Jul 2015 00:10:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=1lpKZ9L94X8dDLruAxWK1UD4d/sCwMKMjhWmYauvZF4=; b=jpspawBC8PZa+x4q4SDuXotuNZ3cMGHhM8qrcOkHf+L/MprTzSzo9s4aUtHMmtRW84 3/5ocnHX3v4H1m1zK0M08QIIx8H22YX58QziuDB8HAoG/zCcArHRZe195LTvSHx9p364 9L7IONQsPrCZie3SUZ3/Mt3+B0dK5XlxIejdoOJ+QiF+aVUSpJSTQK7neyOCGXW0GfjN HNEIrDMgFnC9YYYR0XCPI1RgkdsAv4Dp2BAxRa+bwLIdFkcGqAJ88y7N9qFRRAiAGSwx WmZ5It0D1DefP57DXftZwSHtlrVeYoqlnFWXm5ThtJ7GOlkHCe9ygq7UZshHQbuZRFr3 hIfw==
MIME-Version: 1.0
X-Received: by with SMTP id 138mr26674969qhq.60.1437808253777; Sat, 25 Jul 2015 00:10:53 -0700 (PDT)
Received: by with HTTP; Sat, 25 Jul 2015 00:10:53 -0700 (PDT)
Date: Sat, 25 Jul 2015 12:40:53 +0530
Message-ID: <CANNyqrza51EttNv63xaX+1qq+H-eTfn=_voW5NeZ8DvF=yn3ZQ@mail.gmail.com>
From: Sarat G <sarath.ginjupalli89@gmail.com>
To: saag@ietf.org
Content-Type: multipart/alternative; boundary="001a1135c11438bbce051badd2f0"
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/Jt6VFm8R9WSWjlzn4CPGkJPEnu8>
Subject: [saag] NTLMSSP draft
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jul 2015 07:13:10 -0000
Hi, Few months back, as a part of my project I have been implemented NTLMv2 in SMB3.0 server. I read in microsoft specs and everywhere that NTLM hashed are strong enough. Being a post graduate in Information Security, it's easy for me to understand that. So, here my question is like suppose if I want suggest some things to NTLM, can make draft of what I'm thinking of can send to this group to verify it? Because I have few things in mind that, why can't they negotiate hash algorithms also in NTLMSSP if they much about the use of week MD4 in NTLMSSP. I have been worked on this for a month, and come up with my suggestions to make NTLM much secure. Can some let me the know point of contact for these kind of things, I really interested in providing a brief implementation document of implementation of NTLMv2 in SMB server along with packet captures, so that it will be easy for the people who implement this. Will IETF accept those kind of drafts? One more question, I'm very much interested in security and working in the same domain, very well aware of SSL and TLS architectures and really looking for some mentor who can suggests me some areas to look into in the security so that I can contribute something in this platform. I'm not this is the right platform to ask this question, kindly ignore this if you feel it's irrelevant here. Thank You. Regards, Sarat G
- [saag] NTLMSSP draft Sarat G
- Re: [saag] NTLMSSP draft Simon Josefsson
- Re: [saag] NTLMSSP draft Sarat G
- Re: [saag] NTLMSSP draft Simon Josefsson
- Re: [saag] NTLMSSP draft Sarat G