6 Appendix A: Product Behavior

  • Article

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include updates to those products.

The terms "earlier" and "later", when used with a product version, refer to either all preceding versions or all subsequent versions, respectively. The term "through" refers to the inclusive range of versions. Applicable Microsoft products are listed chronologically in this section.

Windows Client

  • Windows 2000 operating system

  • Windows XP operating system

  • Windows Vista operating system

  • Windows 7 operating system

  • Windows 8 operating system

  • Windows 8.1 operating system

  • Windows 10 operating system

  • Windows 11 operating system

Windows Server

  • Windows Server 2003 operating system

  • Windows Server 2008 operating system

  • Windows Server 2008 R2 operating system

  • Windows Server 2012 operating system

  • Windows Server 2012 R2 operating system

  • Windows Server 2016 operating system

  •  Windows Server operating system

  • Windows Server 2019 operating system

  • Windows Server 2022 operating system

  • Windows Server 2025 operating system

Exceptions, if any, are noted in this section. If an update version, service pack or Knowledge Base (KB) number appears with a product name, the behavior changed in that update. The new behavior also applies to subsequent updates unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms "SHOULD" or "SHOULD NOT" implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term "MAY" implies that the product does not follow the prescription.

<1> Section 1.5: Windows contains a FIPS-140-validated random-number generator, as specified in [FIPS140].

<2> Section 2.2: [RFC4556] message syntax is not supported in Windows 2000, Windows XP, and Windows Server 2003.

<3> Section 2.2: Windows 2000, Windows XP, and Windows Server 2003 sent PA-PK-AS-REP_OLD where [RFC4120] would have them send PA-PK-AS-REQ or PA-PK-AS-REP.

<4> Section 2.2: Supported by Windows 2000, Windows XP operating system Service Pack 2 (SP2), and Windows Server 2003 operating system with Service Pack 1 (SP1). In Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, the object identifier (OID) has been updated to match CMS algorithms, as specified in [RFC3370] sections 3.2 and 2.2. Windows 2000, Windows XP, Windows XP operating system Service Pack 1 (SP1), and Windows Server 2003 do not accept the correct OID.

<5> Section 2.2: Not supported by Windows 2000, Windows XP, and Windows Server 2003.

<6> Section 2.2: ECC is not supported by Windows 2000, Windows XP, Windows Server 2003, Windows Vista, or Windows Server 2008.

<7> Section 2.2: ECC is not supported by Windows 2000, Windows XP, Windows Server 2003, Windows Vista, or Windows Server 2008.

<8> Section 2.2.1: In Windows 2000, Windows XP SP2, and Windows Server 2003 with SP1, SignedData is encoded as specified in [RFC2315] section 9, not as specified in [RFC3852] section 5. Therefore, the data is not wrapped in OCTET STRING; it is wrapped in an ANY, as specified in [RFC2315] section 7.

Except in Windows 2000, Windows XP, and Windows Server 2003, SignedData is encoded as specified in [RFC3852].

Only Windows XP prior to Windows XP SP2, and Windows Server 2003 prior to Windows Server 2003 with SP1, do not accept the SignedData, as specified in [RFC3852].

In Windows 2000, Windows XP SP2, and Windows Server 2003 with SP1, the DHRepInfo form is not implemented; the Public Key Encryption style is used, as specified in [RFC4556] section 3.2.3.2.

The Diffie-Hellman key delivery method, as specified in [RFC4556] section 3.2.3.1, is not supported in Windows 2000, Windows XP, and Windows Server 2003.

In Windows 2000, Windows XP SP2, and Windows Server 2003 with SP1, the content-type field of the SignedData in PA-PK-AS-REQ is id-data, as specified in [RFC3852] section 4, instead of id-pkinit-authData.

Except in Windows 2000, Windows XP, and Windows Server 2003, the content-type field of the SignedData is id-pkinit-authData, as specified in [RFC4556] section 3.2.3.2.

Only Windows XP prior to Windows XP SP2, and Windows Server 2003 prior to Windows Server 2003 with SP1, do not accept id-data in the PA-PK-AS-REQ_OLD pre-authentication data.

<9> Section 2.2.2: In Windows 2000, Windows XP SP2, and Windows Server 2003 with SP1, the content-type field of the SignedData type inside the EnvelopedData type in the PA-PK-AS-REP_OLD pre-authentication data is id-data, as defined in [RFC3852] section 4, instead of id-pkinit-rkeyData, as defined in [RFC4556]. In all other Windows releases, the content-type field is id-pkinit-rkeyData, as specified in [RFC4556].

Except in Windows XP prior to Windows XP SP2 and Windows Server 2003 prior to Windows Server 2003 with SP1, Windows accepts id-data in the SignedData contained in the PA-PK-AS-REP_OLD pre-authentication data.

Windows does not process id-pkinit-san in the client's [X509] certificate, if present, as specified in [RFC4556] section 3.2.4.

<10> Section 2.2.3: The PA-PK-AS-REQ message format is not supported in Windows 2000, Windows XP, and Windows Server 2003.

<11> Section 2.2.3: The extension of PKAuthenticator in PA-PK-AS-REQ is only applicable to Windows Server 2022, 23H2 operating system. Windows Server 2022, 23H2 DCs will send back TD-CMS-DIGEST-ALGORITHMS-DATA as described in [RFC8636] section 4. CMS Digest Algorithm Agility.

<12> Section 2.2.4: The RFC version of PA-PK-AS-REP is not supported in Windows 2000, Windows XP, and Windows Server 2003.

<13> Section 3.1.5: In Windows with PKCA, the KDC supports and uses des-ede3-cbc. The RC2 algorithm rc2-cbc is no longer supported for encryption mode based key delivery with Kerberos PKINIT ([RFC4556]). See Windows Key Distribution Center Information Disclosure Vulnerability July 13, 2021[MSFT-CVE-2021-33764]. This update applies to Windows Servers with Domain Controllers, Windows Server 2008, and later.

<14> Section 3.1.5: [RFC8070] is not supported in Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2.

<15> Section 3.1.5.1: Except in Windows 2000, Windows XP, and Windows Server 2003, the PKINIT pre-authentication data identifiers have been updated to match what is specified in [RFC4556], with one addition (KRB5-PADATA-AS-CHECKSUM) as noted below. However, for backward-compatibility, if the client detects that the KDC is running Windows 2000, Windows XP, Windows Server 2003, or Windows Vista, it sends both.

Except in Windows 2000, Windows XP, and Windows Server 2003, the client sends additional padata (KRB5-PADATA-AS-CHECKSUM) besides what is specified in [RFC4556]. This padata contains no data.

 #define KRB5_PADATA_AS_CHECKSUM         132 /* AS checksum */

Clients running Windows XP and Windows 2000 also send this additional padata type.

<16> Section 3.1.5.1: Windows 2000, Windows XP, and Windows Server 2003 clients send a PA-PK-AS-REP_OLD pre-authentication data identifier. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 clients send a PA-PK-AS-REP_OLD pre-authentication data identifier when all of the following are true:

  • The user certificate has a smart card logon EKU.

  • The user certificate has a UPN in Subject Alternative Name.

<17> Section 3.1.5.1: Windows 2000 and Windows XP SP2 Kerberos clients only process PA-PK-AS-REP-WINDOWS-OLD.

<18> Section 3.1.5.1: Computer logon is not supported by Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2.

<19> Section 3.1.5.2: Windows 2000 and Windows Server 2003 KDCs always discard the PA-PK-AS-REQ data identifier and process the PA-PK-AS-REP_OLD data identifier, if present.

<20> Section 3.1.5.2: Windows 2000 and Windows Server 2003 KDCs respond with PA-PK-AS-REP_OLD.

<21> Section 3.1.5.2.1: SAN DNSName field is not supported by Windows 2000, Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2.

<22> Section 3.1.5.2.1.4: Public key lookup is not supported by Windows 2000, Windows Server 2003,  Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 KDCs.

<23> Section 3.1.5.2.1.5: Certificate mapping strength is applicable to Windows Server 2008 R2 and later.

<24> Section 3.1.5.2.1.5: Certificate mapping strength is applicable to Windows Server 2008 R2 and later.

<25> Section 3.1.5.2.1.6: Certificate SID mapping is applicable to Windows Server 2008 R2 and later.

<26> Section 3.1.5.2.1.6: Certificate SID mapping using a Subject Alternate Name is applicable to Windows Server 2019 and later.