A
Andrew Robinson
I have a web site that needs to pass some data over the URL. I don't think
this data is super-sensitive, but certainly some potential client or
customer might think it is. I am successfully encrypting and decrypting my
data using the RijndaelManaged provider in System.Security.Cryptography and
am using a GUID as a key and I think all is fine.
Question:
1. Is there some place that I can store this key other than the registry
that will be easy for the user to change. I am thinking the key needs to be
the same across multiple servers in the event that this is used on a server
farm. I could put it in the config file? I have also read about using the
machine key, but how can I read / retrieve that key?
2. I have a custom server control that needs to access this key. Reading a
config file at design time is not very clean. Again, I think about the
machine config file and the machine key? How about using a resource?
-Andrew
this data is super-sensitive, but certainly some potential client or
customer might think it is. I am successfully encrypting and decrypting my
data using the RijndaelManaged provider in System.Security.Cryptography and
am using a GUID as a key and I think all is fine.
Question:
1. Is there some place that I can store this key other than the registry
that will be easy for the user to change. I am thinking the key needs to be
the same across multiple servers in the event that this is used on a server
farm. I could put it in the config file? I have also read about using the
machine key, but how can I read / retrieve that key?
2. I have a custom server control that needs to access this key. Reading a
config file at design time is not very clean. Again, I think about the
machine config file and the machine key? How about using a resource?
-Andrew