Hi Tery,

From your description, you're going to build a .net application which will
interact with a 3rd party service (exposes a http post channel to let you
submit request and get response data), correct?

I have had a brief overview on the document you mentioned, my current
understanding is that you'll get a certificate with the public key from  
that 3rd partry service hoster and you'll need to use it encrypt or verify
the signature of the service side. For such issue, you can use the .NET
framework cryptography component to perform data encryption or
signing(decryptiong or signature verification) and for the publici key, you
can retrive it from windows certificate store through the .NET
X509Cerificate specific  classes(provided in .NET 2.0). Here are some MSDN
reference on this(encypting & certificate management):

#Support Certificates In Your Applications With The .NET Framework 2.0
http://msdn.microsoft.com/msdnmag/issues/07/03/NETSecurity/#S4

#Encrypting Data  
http://msdn2.microsoft.com/en-us/library/as0w18af(VS.80).aspx

#Generating Signatures
http://msdn2.microsoft.com/en-us/library/6yxzeb7e.aspx

In addition, I've ever replied in some former threads in the newsgroup
about using X509 certificate (the associated key in it) to perform crypto
tasks. You can also refer to them for further information:

#Encrypt string using SHA1withDSA and X509 certificate Options
http://groups.google.com/group/microsoft.public.dotnet.framework.aspnet.secu
rity/browse_thread/thread/1b16028ac9e99ab5/dffce8c815782d4a

#FtpWebRequest with X.509 Authentication Options
http://groups.google.com/group/microsoft.public.dotnet.framework/browse_thre
ad/thread/29cf1bbf51eafd43/426e2c94fd7b6f59

If you have any more specific questions or anything unclear on this, please
feel free to let me know.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================
   

This posting is provided "AS IS" with no warranties, and confers no rights.

Hi Tery,

I have been working on exactly this issue for several months (it's a
sideline and I only get a couple hours a week...) but in a php context.  I
have not gotten it to work yet, but I think I am close.  I am nearly certain
that the Handango instructions you referenced contain errors (you want to
decrypt the signature, not encrypt it) and I suspect that I was given the
wrong certificate.

I'd be interested in swapping notes.