Thanks Adwait, I'll look into that more. -----Original Message----- From: Discussion of advanced .NET topics. [mailto:[EMAIL PROTECTED] On Behalf Of Adwait Ullal Sent: Thursday, March 20, 2008 3:40 PM To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM Subject: Re: [ADVANCED-DOTNET] Key storage.
Rob, Perhaps you can use a tool like aspnet_setreg or an equivalent to store the key in the registry during install? - Adwait -- Adwait Ullal w: http://www.adwait.com p: (408) 898-2581 On 3/20/08, Robert Lee <[EMAIL PROTECTED]> wrote: > > Maybe someone can help shed some light on this subject for me. > > > > I am encrypting several values (using AES) before storing them to an xml > file, and I have yet to find an example, or explanation of how to get my > key > into protected storage the first time. > > The examples I've seen so far create a random key (unique to the machine), > and then store that key (encrypting the key via DPAPI). In this case I > need > to be able to transfer the file to another machine for support, or in case > of a crash, so a random key is out, and any key created in code is visible > to anyone with reflector, so that's out. I also can't have the user enter > a > key, as we have a large installed base, and that would compromise the key. > > > > I have read an article suggesting to use a web service, but that seems to > be > a bit extreme just to get a key onto a machine. > > > > Thanks for any insight or suggestions, > > Rob Lee > > > > > =================================== > This list is hosted by DevelopMentor(R) http://www.develop.com > > View archives and manage your subscription(s) at > http://discuss.develop.com > =================================== This list is hosted by DevelopMentorR http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
