Welcome to MSDN Blogs Sign in | Join | Help

March 2004 - Posts

Wednesday, March 31, 2004 4:15 PM

Signing Specific XML With References

I've previously blogged about creating XML digital signatures using the .NET framework, but today I'd like to write about a more advanced technique using these signatures. My previous post signed an entire XML document, however, this is not always necessary
Posted by shawnfa | 6 Comments
Filed under: , ,
Tuesday, March 30, 2004 7:17 PM

What's New in XML For Whidbey

The new XML Developer Center on MSDN has a nice article about the new XML features in Whidbey . The top 10 list is: Performance XPathEditableNavigator, an Updatable Cursor The XPathDocument as a Better DOM Easier XPath Queries with Namespaces Security
Posted by shawnfa | 1 Comments
Filed under:
Monday, March 29, 2004 5:16 PM

Touring the US

A friend of mine pointed out world66.com to me. They let you create a map of the states that you've visited in. Here's mine: Bet you can't tell which side of the country I grew up in? I decided not to count states that I'd only been in for airplane connections
Posted by shawnfa | 0 Comments
Filed under:
Monday, March 29, 2004 3:46 PM

Why Won't using Throw a NullReferenceException

Today someone was curious why C#'s using statement won't throw a NullReferenceException. They had a using statement that opened a registry key, but even if that key didn't exist and the return value was null, they didn't have to worry about a NullReferenceException
Posted by shawnfa | 2 Comments
Filed under:
Friday, March 26, 2004 5:23 PM

PKCS#12 in .NET

Michel Gallant has posted a very nice article on MSDN about using PKCS#12 key with .NET. PKCS#12 are keys, generally exported from certificates, that tend to be stored in .pfx or .p12 files. Michel has provided some nice code for opening these files from
Posted by shawnfa | 0 Comments
Filed under: ,
Friday, March 26, 2004 2:45 PM

Whidbey Tech Preview

So by now probably everyone's heard that we've released a technical preview of Whidbey to atendees of VS Live, alpha previewers, and MSDN subscribers. I'm pretty excited about this, since I'm now free to blog about the changes in the areas I own that
Posted by shawnfa | 0 Comments
Wednesday, March 24, 2004 6:33 PM

Creating ACLs for Custom Objects

Kenny Kerr has an article up on MSDN showing how to use the Windows ACL security system on custom objects in your application. Although the article is a bit on the short side, and does deviate off topic in a few areas, it provides a nice overview of the
Posted by shawnfa | 1 Comments
Filed under: ,
Monday, March 22, 2004 1:42 PM

Opening a command prompt for your project

Sometimes while working with a VS.Net project, you need to run a command line tool, either on the sources or output of the project. VS provides an easy way to add a menu item that will open a command prompt in the target directory of your application,
Posted by shawnfa | 4 Comments
Filed under:
Friday, March 19, 2004 4:59 PM

WinXP SP2

Well, the Windows team has finished Release Candidate 1 of Windows XP Service Pack 2, and made it available for public download . This download is not eligible for technical support, although Microsoft is going to setup some newsgroups (microsoft.private.xpsp2.*)
Posted by shawnfa | 4 Comments
Filed under:
Friday, March 19, 2004 4:49 PM

So What's This WinFS Thing All About Anyway?

MSDN has the first installment of Thomas Rizzo's new column, where he talks about what WinFS really is. The article provides a very general overview of WinFS, so hopefully in future columns Thomas will drill into more details. From what I've seen of the
Posted by shawnfa | 0 Comments
Filed under:
Thursday, March 18, 2004 1:34 PM

New Security Tool Available for Download

There's a new security tool that keeps track of the ports used by applications on your machine available for download over at microsoft.com. The tool, Port Reporter, is documented in KB 837243 , keeps track of which ports are being used on your machine,
Posted by shawnfa | 3 Comments
Filed under: ,
Wednesday, March 17, 2004 5:18 PM

Delay Signing

Most people know about the delay signing feature of the CLR. (For those who don't check out MSDN's Delay Signing an Assembly for more details). Basically, delay signing allows a developer to add the public key token to an assembly, without having access
Posted by shawnfa | 25 Comments
Friday, March 12, 2004 7:13 PM

Security in the Visual Studio Tools for Office Suite

This month's MSDN magazine contained an article about security and the Visual Studio Tools for Office. Although Brian Randell and Ken Getz do a nice job of explaining the way CAS and Office interact, specifically pointing out that code groups with membership
Posted by shawnfa | 0 Comments
Filed under: ,
Thursday, March 11, 2004 6:39 PM

Debugging the Debugger

Min Kwan Park's blog was making the rounds of the various Microsoft blogs yesterday, but I thought I'd also post a link for anyone who missed it (and also so I can find it again easily in the future). He's posted a helpful checklist of things to try if
Posted by shawnfa | 0 Comments
Filed under: ,
Wednesday, March 10, 2004 2:09 PM

Same Site Socket Permission

Fairly frequently, people will want to know how to get same site socket permissions, in the same way that they can get same site web permission today. Unfortunately, the answer is that with the security objects shipped with the framework, there is no
Posted by shawnfa | 0 Comments
Filed under: , ,
Tuesday, March 09, 2004 4:33 PM

More Details on Portable Crypto Operations

Yesterday I posted about detecting which CSP provided algorithms were available on your copy of Windows, and upgrading IE to get a newer CSP that supported more algorithms. Sebastien Pouliot provied some nice followup information on using pure managed
Posted by shawnfa | 2 Comments
Filed under: , ,
Monday, March 08, 2004 3:42 PM

Which Cryptographic Operations are Available?

One of the more common problems to creep up when people start using the various cryptographic algorithms in the System.Security.Cryptography namespace is that their app, which works fine on their WinXP dev box suddenly starts throwing CryptographicExceptions
Posted by shawnfa | 7 Comments
Friday, March 05, 2004 6:30 PM

How Exceptions Work in Rotor (and the CLR)

Joel Pobar has a nice post with Jan Kotas' explanation of how exceptions work in Rotor (and by extension, the CLR).
Posted by shawnfa | 0 Comments
Filed under:
Friday, March 05, 2004 11:38 AM

Further Strengthening Hash Algorithms

There's been an interesting internal email thread going on this week about the use of a hash to uniquely identify some data. The two main sources of weakness in a hash algorithm are: Collisions - the chance that two unique inputs will produce the same
Posted by shawnfa | 3 Comments
Filed under: ,
Wednesday, March 03, 2004 10:35 AM

Kerberos Overview and Weaknesses

O'Reilly's Windows DevCenter has an excerpt from their Security Warrior book, giving an overview of how Kerberos works in Win2k and Windows Server 2003. They also show that Kerberos by itself does not prevent offline dictionary attacks against weak passwords,
Posted by shawnfa | 0 Comments
Filed under: ,
Tuesday, March 02, 2004 6:00 PM

Debugging Unmanaged Code Calling Back Into Managed

One of the guys I work with spent a good part of his day tracking down a tricky problem with some code he had written. The mistake he made is relatively common, so I thought I'd share it here. The application he had written was managed. He made a delegate
Posted by shawnfa | 1 Comments
Filed under:
 
Page view tracker