1.7 Versioning and Capability Negotiation
Each security package supporting this protocol implements versioning independently and negotiates version and capabilities as part of initialization. For Kerberos and NTLM, the CredSSP server MUST send a RemoteCallKerbNegotateVersion or RemoteCallNtlmNegotiateVersion message, respectively, with the maximum protocol version it supports. As the protocol currently has only one version, this maximum MUST be zero. The CredSSP client responds with a matching message containing the protocol version that will be used for future communications. Again, as the protocol currently has only one version, this value MUST be zero.