|Data type||Range||Default value|
|REG_DWORD||0 | 1||1|
Determines whether the system requires that all secure traffic channel communications be either signed or sealed.
The security specifications for secure channel traffic are determined jointly by the value of this entry and the values of RequireStrongKey, signsecurechanneland sealsecurechannel.
|0||This system does not require that channel traffic be signed or sealed. Instead, the security of channel traffic is negotiated with the domain controller. System preferences in the negotiation for traffic security are determined by the values of signsecurechanneland sealsecurechannel.|
|1||True. Outgoing traffic on a secure channel must be either signed or sealed. If the domain controller on the other side of the channel does not support signing or sealing, the system refuses to establish a channel. If the value of sealsecurechannel is 1, traffic must be encrypted; otherwise, it must be signed.|
This entry should be set to 1 only when all of the trusted domains support signed and sealed communications.
Windows 2000 adds this entry to the registry when you install the system for the first time, or when you change the default value. If you upgrade from of Windows 2000, the entry does not appear in the registry, but it is still in effect on your system.