5.1 Security Considerations for Implementers

The NTLM Authentication Protocol (see [MS-NLMP]) does not provide any facilities for mutual authentication; therefore, server identities cannot be verified. Other security considerations are as specified in [RFC4559] section 6.