> > > Hm, it might make sense to extend that. > > BTW, do you know if NT5 (sorry 2000) beta2 still used the RC4_HMAC > encryption? > > /assar It was still in there as of beta2, haven't seen beta3 yet. I think RFC-1510 says something to the effect of negative numbers are fair game for proprietary extensions. Cybersafe, for example, uses a negative preauth value for localization support.