1.7 Versioning and Capability Negotiation
This document covers versioning issues for the NTLM Authentication: NNTP Extension in the following areas:
Security and Authentication Methods: The NTLM Authentication: NNTP Extension supports the NTLMv1 and NTLMv2 authentication methods, as specified in [MS-NLMP].
Capability Negotiation: NNTP does not support the negotiation of which NTLM Authentication Protocol version to use. Instead, the NTLM Authentication Protocol version is configured on both the client and the server prior to authentication. Mismatches of NTLM Authentication Protocol versions are handled by the NTLM Authentication Protocol implementation, and not by NNTP.
RFC 2980, as specified in [RFC2980], does document the framework within which NNTP clients can discover (and NNTP servers can advertise) the ability to perform any authentication mechanism, including NTLM in particular.
The client discovers whether the server supports NTLM authentication by using the AUTHINFO GENERIC command, which is issued without arguments. The server responds with a list of supported authentication mechanisms. If NTLM is supported, the server will include the word "NTLM" in the list. The messages involved are formally described in other sections of this document.