[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Certificates and the Registry
From: Susan Chapin <schapin () MITRE ! ORG>
Date: 1996-10-25 17:43:05
[Download RAW message or body]
I just did a Registry (WinNT Workstation 4.0) search on "cert" and I found entries in \
several locations:
1. HKEY_LOCAL_MACHINE/software/classes/<several entries>
2. HKEY_LOCAL_MACHINE/software/microsoft/
cryptography/CertificateStore
3. HKEY_LOCAL_MACHINE/microsoft/
SystemCertificates
4. HKEY_LOCAL_MACHINE/<both control sets>/control/
SecurityProviders/SCHANNEL/CertificateAuthorities
5. HKEY_CURRENT_USER/Software/microsoft/
SystemCertificates/MY/certificates
#1 is file and COM/OLE extensions, and #5 is the MY store I created when I opened a \
"system certificate store" in the code I am playing with, so those are not puzzling \
me (well, not much. What kinds of applications are envisaged to create system \
certificate stores?). But both #2 and #3 contain certificates, and #4 contains \
information that I expect would be interesting to anyone validating certificates.
Who is responsible for each of #2, #3, and #4, what exactly is each of these used \
for, and how do they differ from/relate to each other? What applications, if any, \
are expected to read/modify these? What security protections should be associated \
with each?
Thank you,
Susan Chapin (schapin@mitre.org)
(All statements above are my very own and are not approved by or necessarily even \
known to my employer).
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic