Was this page helpful?
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All Phase 2 - 2.16 Perfect Forward Secrecy

Keys: Software\Policies\Microsoft\WindowsFirewall\Phase2CryptoSets\<wszSetId>.

Value: "2_16PFS"

Type: REG_SZ.

Size: Equal to size of the Data field.

Data: This value is a Unicode string encoded using the following grammar rule:

 PFS_VAL = "Disable" / "EnableDHFromPhase1" / "ReKeyDH1" / "ReKeyDH2" / "ReKeyDH2048" 
 PFS_VAL =/ "ReKeyECDH256" / "ReKeyECDH384" / "ReKeyDH24"

Disable: This token represents the FW_PHASE2_CRYPTO_PFS_DISABLE enumeration value as defined in [MS-FASP] section 2.2.72. The remaining token values in this list can be found in the same protocol specification section.

EnableDHFromPhase1: This token represents the FW_PHASE2_CRYPTO_PFS_PHASE1 enumeration value.

ReKeyDH1: This token represents the FW_PHASE2_CRYPTO_PFS_DH1 enumeration value.

ReKeyDH2: This token represents the FW_PHASE2_CRYPTO_PFS_DH2 enumeration value.

ReKeyDH2048: This token represents the FW_PHASE2_CRYPTO_PFS_DH2048 enumeration value.

ReKeyECDH256: This token represents the FW_PHASE2_CRYPTO_PFS_ECDH256 enumeration value.

ReKeyECDH384: This token represents the FW_PHASE2_CRYPTO_PFS_ECDH384 enumeration value.

ReKeyDH24: This token represents the FW_PHASE2_CRYPTO_PFS_DH24 enumeration value.

This value represents the Pfs field of the FW_CRYPTO_SET structure as defined in [MS-FASP] section 2.2.73.

© 2015 Microsoft