3.3.5 Message Processing Events and Sequencing Rules

Digest validation is a stateless protocol with request-response semantics. The general model is as follows:

  1. After the Digest server sends the DIGEST_VALIDATION_REQ (section 2.2.3.1) message, it MUST receive either a DIGEST_VALIDATION_RESP (section 2.2.3.2) message from the DC or an error status in the Netlogon generic pass-through function ([MS-NRPC] section 3.2.4.1).

  2. Upon receiving the DIGEST_VALIDATION_REQ message, the DC MUST verify the keyed hash contained in the Payload buffer's Response field, and then send the DIGEST_VALIDATION_RESP message to the Digest server.