Data type Range Default value
REG_DWORD 0 | 1 1


Determines whether the system requires that all secure traffic channel communications be either signed or sealed.

The security specifications for secure channel traffic are determined jointly by the value of this entry and the values of RequireStrongKey, signsecurechanneland sealsecurechannel.

Value Meaning
0 This system does not require that channel traffic be signed or sealed. Instead, the security of channel traffic is negotiated with the domain controller. System preferences in the negotiation for traffic security are determined by the values of signsecurechanneland sealsecurechannel.
1 True. Outgoing traffic on a secure channel must be either signed or sealed. If the domain controller on the other side of the channel does not support signing or sealing, the system refuses to establish a channel. If the value of sealsecurechannel is 1, traffic must be encrypted; otherwise, it must be signed.

Note Image Note

This entry should be set to 1 only when all of the trusted domains support signed and sealed communications.

Windows 2000 adds this entry to the registry when you install the system for the first time, or when you change the default value. If you upgrade from of Windows 2000, the entry does not appear in the registry, but it is still in effect on your system.

Related Entries

Page Image

Page Image