Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

2.2.1 NegTokenInit2

The SPNEGO Protocol Extensions extend the NegTokenInit with a negotiation hints field. The NegTokenInit2 message is structured as follows.<4>

NegHints ::= SEQUENCE {
        hintName[0] GeneralString OPTIONAL,
        hintAddress[1] OCTET STRING OPTIONAL
}
NegTokenInit2 ::= SEQUENCE {
        mechTypes[0] MechTypeList OPTIONAL,
        reqFlags [1] ContextFlags OPTIONAL,
        mechToken [2] OCTET STRING OPTIONAL,
        negHints [3] NegHints OPTIONAL,
        mechListMIC [4] OCTET STRING OPTIONAL,
        ...
}

mechTypes: The list of authentication mechanisms that are available, by OID, as specified in [RFC4178] section 4.1.

reqFlags: As specified in [RFC4178] section 4.2.1 This field SHOULD be omitted by the sender.

mechToken: The optimistic mechanism token ([RFC4178] section 4.2.1).

negHints: The server supplies the negotiation hints using a negHints (negotiation hints) structure that is assembled as follows.

  • hintName: Contains the string "not_defined_in_RFC4178@please_ignore".<5>

  • hintAddress: Never present. MUST be omitted by the sender. Note that the encoding rules, as specified in [X690], require that this structure not be present at all, not just be zero.

mechListMIC: The MIC token ([RFC4178] section 4.2.1).

Note  In the ASN.1 description in the preceding, the NegTokenInit2 message occupies the same context-specific ([X690] section 8.1.2.2) message ID (0) as does NegTokenInit in SPNEGO.

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.