通过

1.7 Versioning and Capability Negotiation

  • 项目

This document covers versioning and capability negotiation issues in the following areas:

  • Supported Transports: This protocol uses a single RPC protocol sequence, as specified in section 2.1.

  • Protocol Versions: This protocol has only one interface version. There are also several policy versions, which can be tied to policies and specific policy objects, as defined in section 2.2. Protocol versions can also be translated to both binary and schema versions (also called firewall policy versions), as described in section 2.2.42.

  • Security and Authentication Methods: This protocol supports both Kerberos Protocol Extensions [MS-KILE] and NT LAN Manager (NTLM) Authentication Protocol [MS-NLMP] authentication methods, section 2.1.

  • Localization: This protocol passes text strings without considering localization. However, some strings can be formatted in such a way that the firewall component knows where to look for localized versions of these strings, as defined in section 2.2. These strings can also be resolved with specific flags and method calls, as defined in section 3.1.4.

  • Capability Negotiation: The FW_GLOBAL_CONFIG_POLICY_VERSION_SUPPORTED option defined in section 2.2.42 contains the maximum policy version supported by the server. By invoking the RRPC_FWGetGlobalConfig method (section 3.1.4.4) to retrieve this option, a client can understand what can and cannot be expressed in this protocol and the methods that are supported to do so. The data types in section 2.2 and the existence and behavior of methods in section 3.1.4 are defined in terms of these policy versions when appropriate. No other negotiation capabilities, version-specific or otherwise, are present in this protocol.

  • Byte order: All values defined in this specification are independent of whether the platform uses big-endian or little-endian byte order. For instance, protocol version 0x0200 = 512 decimal, and will be value 512 (0x0200) on both little-endian and big-endian platforms. Marshaling any values defined within this specification is handled by RPC (see [MS-RPCE]).