5.1 Security Considerations for Implementers

Security considerations for both authenticated and unauthenticated RPC used in this protocol are as specified in [MS-RPCE]. The client always performs authenticated RPC.

The RPC connection uses the ncalrpc protocol in the case of a local fax call and ncacn_ip_tcp in the case of connection with a remote fax server. The RPC connection is made by using RPC_C_AUTHN_LEVEL_PKT_PRIVACY. The packet authentication level is as specified in [MS-RPCE] section 3.3.1.5.2.<219>

The server performs access control checks based on the credentials of the client's fax user account.<220>