Re: CA key pair deposition

From: D. Cross [MS] (vaq130@hotmail.com)
Date: 08/29/02

Next message: D. Cross [MS]: "Re: Is EAP-TLS in Windows2000 ?"
Previous message: Fuzzy Logic: "Re: msconfig in windows 2000?"
In reply to: paul: "Re: CA key pair deposition"
Next in thread: paul: "Re: CA key pair deposition"
Reply: paul: "Re: CA key pair deposition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "D. Cross [MS]" <vaq130@hotmail.com>
Date: Thu, 29 Aug 2002 10:22:04 -0700

example: C:\Documents and Settings\dcross\Application
Data\Microsoft\SystemCertificates\My

--
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.
"paul" <paul@rettersen.de> wrote in message
news:bcb801c24f78$9d4cc880$9ae62ecf@tkmsftngxa02...
Hi,
thanks a lot for your postings and the link about DPAPI.
But which regKeys, are the private and public key ? okay,
they are protected by DPAPI - but is there any
encrypted "thing" in the registry ? and where :)
thanks
-paul
>-----Original Message-----
>The CA runs as the SYSTEM account which implies that the
keys are stored in
>the machine store of the local system.  You can use a HSM
of course with a
>third party CSP to store the keys elsewhere of couse.
>
>keys are protected by DPAPI and are generated using
CryptGenRandom
>
>http://msdn.microsoft.com/library/default.asp?
url=/library/en-us/dnsecure/ht
>ml/windataprotection-dpapi.asp
>
>--
>
>David B. Cross [MS]
>
>--
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>"paul" <paul@rettersen.de> wrote in message
>news:94ee01c24e84$9c1d7120$35ef2ecf@TKMSFTNGXA11...
>hi,
>
>i´m trying to make a PKI with .NET RC1. I need it for a
>VPN-Solution (L2TP/IPSec).
>After the installation of an enterprise CA I´m trying to
>find out where the key pair (private and public key of
>the CA), which the "wizzard" generated, could be.
>
>Is there any whitepaper, which descibes how the wizzard
>generates keys (random, etc.) and where the keys are ?
>
>thanks a lot
>best regards
>-paul
>
>
>.
>

Next message: D. Cross [MS]: "Re: Is EAP-TLS in Windows2000 ?"
Previous message: Fuzzy Logic: "Re: msconfig in windows 2000?"
In reply to: paul: "Re: CA key pair deposition"
Next in thread: paul: "Re: CA key pair deposition"
Reply: paul: "Re: CA key pair deposition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: WMP11 File association
... What are the values and keys under: ... See http://zachd.com/pss/pss.html for some helpful WMP info. ... This posting is provided "AS IS" with no warranties, and confers no rights. ...
(microsoft.public.windowsmedia.player)
Re: Damsel in distress!
... I love the title to this posting. ... with any DDL and are not writting in SQL ... Please post DDL, so that people do not have to guess what the keys, ...
(microsoft.public.sqlserver.programming)
Re: Lost data using EFS
... the keys are stored using DPAPI as encrypted data in your user profile. ... This posting is provided "AS IS" with no warranties, and confers no rights. ...
(microsoft.public.windowsxp.security_admin)
Re: Partition HD in XP and Win 98
... why are you posting a response when... ... maybe you're just being a dick to someone who has a ...
(microsoft.public.windowsxp.basics)
Re: Ctrl P and Ctrl F Not working, also XP COAs For sale
... Essex Laptops - Andy Usher wrote: ... I have googled for this before posting. ... Its so frustrating. ... if you used to short cut key's but 2 keys at ...
(uk.adverts.computer)