Re: How do I store secrets?
From: Danny van Kasteel (DannyvanKasteel_at_discussions.microsoft.com)
Date: Fri, 2 Jul 2004 08:15:03 -0700
Hmm, I'm not entirely sure how this would work in my case... Keep in mind that I need to verify that the CODE used to sign the message was my code. That means the certificate would have to reside INSIDE the code to make sure that it could not have been used by an imposter.
I suppose that the only way to ensure that a response is generated by "trusted" code, is to hard-code a private signing key into the dll, and use that to sign evidence which is sent to the server. The server can then use a public key stored in my database to verify that the right code has signed the evidence, since only my dll would know the private signing key?
This would mean that I only need to keep a close eye on my database to ensure (practically 100%) security.
Are these assumptions correct?
Danny van Kasteel
"Eugene Mayevski [SecureBlackbox]" wrote:
> Michel Gallant wrote:
> > If the certificate is issued (i.e. signed) by a KNOWN and TRUSTED CA, which
> > means that you implicitly trust the CA list provided by default by Microsoft (or Sun etc...)
> > to do due-diligence in issuing certs to parties, AND that you trust that the person who
> > was issued the cert him/her-self is using it in an appropriate way, then you trust the
> > authenticity of the signature.
> My idea was that the server issues and signs the certificates. Then the
> server trusts itself (to the extent it is protected from unauthorized
> Eugene Mayevski
> EldoS Corp., CTO
> Networking and security solutions, development and consulting services