AD-Assurance Notes from April 12
David Walker, InCommon/Internet2
Eric Goodman, UCOP
Brian Arkills, UWash
Michael Brogan, UWash
Lee Amenya, UCSD
Mark Rank, UCSF
Ann West, InCommon/Internet2
April 12 at Noon ET
Agenda: NASA Call summary; strategy for next steps.
Brian - NTLM v1, verify NTLM v2 - replay, Kerberos - research
* NTLM v2 does address replay attacks - remove
Lee - 18.104.22.168 and 22.214.171.124 decide whether the past the hash fits under the criteria and is it addressed by what's in the table.
Eric - Password set events to the domain controller - is it secure and where does it go. Subject to IdP change password.
Mark - use cases captured and risk analysis for each must be address.