[Mono-list] disaster recovery when using data protection keypairs
Sebastien Pouliot
sebastien.pouliot at gmail.com
Tue Dec 22 16:46:00 EST 2009
On Tue, 2009-12-22 at 13:36 -0800, dnapierski wrote:
> Thanks for the prompt reply, Sebastien. I'd like to make sure I understand
> what is already implemented before I explore writing my own extensions.
>
> How does the mono implementation determine if a key file exists for a given
> user?
It's been implemented years ago so I can't give a definite answer
without reading the source code. I *guess* it looks up a file, and if it
does not exists, create a key pair and store it there.
> Let's say I create a user account named 'apacheWkr' on one machine,
> and mono generates a key file for that user. Then I create a user account
> named 'apacheWkr' on a different machine. If I then copy the original
> 'apacheWorker's key file to the correct place (in keypairs) on the second
> machine, will the mono data protection implementation find and use that key
> for the 'apacheWkr' user account?
It should (95% certainty ;-). Again source code (and testing) will
confirm.
Sebastien
>
>
> Sebastien Pouliot-2 wrote:
> >
> > You have the key(s), the (encrypted) data and the source code. If you
> > backed them up correctly then you'll be able to decrypt the data.
> >
> >> Thanks in advance for any help, including links to documentation.
> >
> > There is no documentation beside the framework (monodoc or MSDN[1]) and,
> > of course, the best one: source code :-)
> >
> > Sebastien
> >
> > [1]
> > http://msdn.microsoft.com/en-ca/library/system.security.cryptography.protecteddata.aspx
> >
> >
> > _______________________________________________
> > Mono-list maillist - Mono-list at lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-list
> >
> >
>
More information about the Mono-list
mailing list