1.4 Relationship to Other Protocols

The Encrypting File System Remote Protocol is built on the Microsoft Remote Procedure Call (RPC) interface (as specified in [C706] and [MS-RPCE]).  EFSRPC uses the Server Message Block (SMB) Protocol [MS-SMB] [MS-SMB2] as its RPC transport. Specifically, it uses named pipes over SMB (that is, RPC protocol sequence ncacn_np) as its transport mechanism. Either version 1 or version 2 of SMB can be used. The client has to connect to the server over SMB and negotiate a version of SMB before it can access the named pipe that is the RPC endpoint on the server.

Windows also supports the storage of encrypted files via WebDAV [MS-WDV]. However, this feature does not use EFSRPC. This feature does not alter the WebDAV Protocol. Windows clients store encrypted files on WebDAV servers in the EFSRPC Raw Data Format, but the Windows WebDAV client performs all encryption and decryption operations locally. It also performs the local operations necessary to transform the file to and from the EFSRPC Raw Data Format during upload and download respectively. For more information, see [MSFT-XPUEFS].

This specification provides an interface (see section for applications to request a user certificate. This interface uses methods outlined in [MS-WCCE] to enroll for a certificate and key.

Protocol relationships

Figure 4: Protocol relationships