CardSpace encryption key
Hi. I have played around a little with Netfx with CardSpace/InfoCard and it works well. Today i read most of the reference documentation. I didn't see an exact answer to my question, so maybe someone can point me at a part of one of the docs and even a sample :)
I would like to ask for a "key" from the InfoCard that:
(a) can be used to encrypt/decript/sign my data for my given InfoCard
(b) can be used to encrypt data for a target user InfoCard
There are keys used in the authentication exchanges, but my question is really whether i can simply ask for the key of an infocard and use that to encrypt data? That is, if i am not using X509 explicitly (that say i got from Verisign), but using a username/password or even self-signed, can i still get some key suitable for encryption?
So here is a sample scenario that may be more useful. I have InfoCardA and a colleague has InfoCardB. I want to send him a message using my own app that sends custom emails. I do the authentication etc against the service that sends the email and have my chosen InfoCardA. Then i ask for a key from InfoCard A that can be used to sign my message (i haven't purchased a verisign certificate - this is my own private certificate that was autogenerated by InfoCard?) and then encrypt the message with the public key of InfoCardB (I'd have previously cached the cert of InfoCardB locally - perhaps this person *does* have a Verisign cert). The message is encrypted and sent. The person with InfoCardB authenticates against the service with that card and then decrypts the message using the private key from InfoCardB.
In other words, if i have an InfoCard, can i always get at an asymmetric cert for encryption associated only with that card, independent of whether i buy one from VeriSign (or issue my own using Cert Services).
