AD-Assurance Notes from April 12
David Walker, InCommon/Internet2
Eric Goodman, UCOP
Brian Arkills, UWash
Michael Brogan, UWash
Lee Amenya, UCSD
Mark Rank, UCSF
Ann West, InCommon/Internet2
Next Call
April 12 at Noon ET
+1-734-615-7474 PREFERRED
+1-866-411-0013
0195240#
Agenda: NASA Call summary; strategy for next steps.
Notes
Brian - NTLM v1, verify NTLM v2 - replay, Kerberos - research
* NTLM v2 does address replay attacks - remove
Lee - 4.2.5.1 and 4.2.5.6 decide whether the past the hash fits under the criteria and is it addressed by what's in the table.
Eric - Password set events to the domain controller - is it secure and where does it go. Subject to IdP change password.
Mark - use cases captured and risk analysis for each must be address.