The NEGO_MESSAGE structure message is used to begin and exchange negotiation of security mechanisms. This message is sent from the initiator to the acceptor with the message type set to MESSAGE_TYPE_INITIATOR_NEGO to begin the negotiation. The initiator uses this message to specify the set of supported security mechanisms. The acceptor then responds with a NEGO_MESSAGE message, with the message type set to MESSAGE_TYPE_ACCEPTOR_NEGO and with its own list of supported security mechanisms. This message contains signatures for protecting the NEGOEX negotiation and might also contain the optimistic mechanism token. 

The NEGO_MESSAGE structure has the following definition.

   UCHAR Random[32];
   ULONG64 ProtocolVersion;

Header: A MESSAGE_HEADER structure, as specified in section Its MessageType field can carry from the MESSAGE_TYPE enumeration (section either the value MESSAGE_TYPE_INITIATOR_NEGO for the initiator or the value MESSAGE_TYPE_ACCEPTOR_NEGO for the acceptor. 

Random: A UCHAR integer array. The Random field is filled using a secure random number generator, as specified in section 2.2.4

ProtocolVersion: A ULONG64 type that indicates the numbered version of this protocol. This field contains 0. 

AuthSchemes: An AUTH_SCHEME_VECTOR structure, as specified in section, that contains an ordered list of available, supported security mechanism IDs in decreasing order of preference. 

Extensions: All negative extension types are critical (the highest bit is set to 1). If the receiver does not understand a critical extension, the authentication attempt MUST be rejected.