I'm trying to figure out how to do something with data signing and C# .net.
I've got a CA using Microsoft Server 2003 CA, and the web console works so that users can generate their own certificates and store the keys locally. Now, if Alice (for example
) wants to send some data to Bob, she takes the data, and using .NET's RSACryptoServiceProvider she signs the data.
My problem is that when Bob gets the data and the signature, how does he (a) get Alice's certificate from the CA, and (b) know that it's Alice's certificate that he needs?
I've thought about the (b) problem and concluded that Alice needs to send her name, or something unique about her, that would allow Bob to get the right cert.
But my main problem is programatically getting that cert from the CA. I can't expect every user to have every other user's cert installed. The only thing every user has is the CA cert. So, does Alice send her cert (signed by the CA) along with the message? Then Bob gets it, verifies Alice's cert with the CA cert, and then uses Alice's cert to verify the message? If so, how do I verify a signed certificate using RSACryptoServiceProvider?
I've got a CA using Microsoft Server 2003 CA, and the web console works so that users can generate their own certificates and store the keys locally. Now, if Alice (for example
) wants to send some data to Bob, she takes the data, and using .NET's RSACryptoServiceProvider she signs the data.My problem is that when Bob gets the data and the signature, how does he (a) get Alice's certificate from the CA, and (b) know that it's Alice's certificate that he needs?
I've thought about the (b) problem and concluded that Alice needs to send her name, or something unique about her, that would allow Bob to get the right cert.
But my main problem is programatically getting that cert from the CA. I can't expect every user to have every other user's cert installed. The only thing every user has is the CA cert. So, does Alice send her cert (signed by the CA) along with the message? Then Bob gets it, verifies Alice's cert with the CA cert, and then uses Alice's cert to verify the message? If so, how do I verify a signed certificate using RSACryptoServiceProvider?