|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Digital SignaturingI need help for making an asp.net app where a USER uploads his file to a
Location.While uploading it should be digitaly signed........... At the server the signature has to be verified....... I need some light into this issue... What is MCS and how can i use this on this application Parvez Hi
If this was a web service, you'd have access to WSE, which would do most of the work for you. However, as this is an ASP.Net app, it's a bit more tricky. You'll need something client-side to do the signing for you. A primary requirement here is to determine which types of client will be accessing your application. Often, this is achieved using a Java applet, as this gives greater cross-platform compatibility. However, this greater compatibility is not as easy as simply using Java applets. If it's only aimed at Internet Explorer on Windows, then you're able to create a much richer client by placing code in a control that can be loaded into the browser. However, this component may be restricted from accessing all of the resources necessary because of Code Access Security. If you're using more recent versions of Windows (XP, 2003, 2000) then you could consider the Smart Client technologies, such as a ClickOnce forms application that calls a web service. This would allow digital signatures to be created on the client, files to be accessed etc., and then the Smart Client could send the information vai a web service. ClickOnce would also take care of Code Access Security restrictions. Hope this helps Chris Seary Thanks For the Reply..............
My web server will be 2003 web server.I will give my scenario.There are 2 kinds of users ....Broker and His clients..............Broker logs in and he will upload some document.This document has to be digitaly signed.In the web server will verify the signature and distribute it.The users will be using the windows platform.And i am intending to use asp.net............... And if u can clarify more on the smart client i might consider implementing it... Any way i will have to create Key pairs for all the Brokers. How do I configure CA and generates the Keys and certificates. Thanks in advance Show quoteHide quote "oldbear" wrote: > Hi > > If this was a web service, you'd have access to WSE, which would do most of > the work for you. However, as this is an ASP.Net app, it's a bit more tricky. > You'll need something client-side to do the signing for you. > > A primary requirement here is to determine which types of client will be > accessing your application. > > Often, this is achieved using a Java applet, as this gives greater > cross-platform compatibility. However, this greater compatibility is not as > easy as simply using Java applets. > > If it's only aimed at Internet Explorer on Windows, then you're able to > create a much richer client by placing code in a control that can be loaded > into the browser. However, this component may be restricted from accessing > all of the resources necessary because of Code Access Security. > > If you're using more recent versions of Windows (XP, 2003, 2000) then you > could consider the Smart Client technologies, such as a ClickOnce forms > application that calls a web service. This would allow digital signatures to > be created on the client, files to be accessed etc., and then the Smart > Client could send the information vai a web service. ClickOnce would also > take care of Code Access Security restrictions. > > Hope this helps > > Chris Seary > > Hi
This a very broad subject. Before you start on the technical implementation, you will need to plan your PKI and its policies. An excellent book on the subject is: http://www.amazon.com/gp/product/0735620210/qid=1143383022/sr=1-1/ref=sr_1_1/103-9549403-5876603?s=books&v=glance&n=283155 Here are some links for Smart Clients (ClickOnce): http://msdn.microsoft.com/msdnmag/issues/04/05/ClickOnce/ http://msdn.microsoft.com/smartclient/understanding/windowsforms/2.0/features/clickonce.aspx Please post again if you need specifics. Hope this helps Chris Seary 
Other interesting topics
Login failed for user ''. The user is not associated with a trusted SQL Server connection.
Encrypted Data Storage ? HowTo ? WebService Windows Authentication ASP.NET 2.0 Impersonate users and roles Problems with AzMan interop and CLR 2 Ent. Library w/DB 2 registry access problem ASP.NET writing to EventLog in Server 2003 internet explorer 6 sp2 ¤ China ZhongZhan Aids Mei Mei |
|||||||||||||||||||||||
