Swap Data More Securely with XML Signatures and Encryption

 TRUSTWORTHY CODE

Exchange Data More Securely with XML Signatures and Encryption

By Mike Downen and Shawn Farkas

Parts of this article are based on a prerelease version of the .NET Framework 2.0. All information pertaining to those sections is subject to change.

---

This article discusses:

XML Signature and XML Encryption standards Digital signing and encryption features in the .NET Framework 1.x and 2.0 X.509 certificate integration This article uses the following technologies: XML, .NET Framework, C#, Security Code download available at: XMLSignatures.exe (241KB)

---

The XML Signature and XML Encryption standards are being used extensively as building-block technologies. MicrosoftOffice InfoPath uses XML signatures to sign partial or whole forms. Web services use XML signatures to sign SOAP messages and XML encryption to encrypt them. The XML manifests for ClickOnce based applications, new in Visual Studio 2005, also use XML signatures. The .NET Framework 1.x includes an object model for the XML Signature standard, and the .NET Framework 2.0 adds additional support, while adding an object model for XML encryption as well. This article explains the XML Signature and XML Encryption standards and shows you how to use them with .NET. For the actual XML Signature specification, see the W3C standard at XML-Signature Syntax and Processing.

Read the full article