3.3.4.2 The Netlogon Signature Token
The Netlogon Signature token contains information that MUST be part of each protected message. It contains a signature algorithm identifier, encryption algorithm identifier, confounder, flags, sequence number, and checksum (see section 2.2.1.3.2 for the exact format). When data is protected/signed, a Netlogon Signature token is generated that describes the algorithms used and contains the checksum of the data to be sent. When data is received and is unprotected/verified, the Netlogon Signature token is used.