This chapter is intended for those who want to write their own or modify the symmetric key provider. If you don't use symmetric encryption or don't want to modify the standard provider that uses configuration file for storing the symmetric key, you needn't read this.

 

It is not secure to have symmetric key stored in the client's .config file. Thus we recommend you either to

• create your own DecryptionKeyProvider for both server and client from scratch
  

- or -

• derive your DecryptionKeyProvider from ARWSDecryptionKeyProvider and ovveride the GetSymmetricKey() method that is responsible for reading the shared symmetric key from the store (which is application .config file by default).
  
  It is necessary to update the <decryptionKeyProvider> section in client-side application app.config file and specify the fully qualified name of your custom DecryptionKeyProvider class and name of the assembly the class is stored in.
  
  You can find more information on DecryptionKeyProvider in the Microsoft WSE 1.0 documentation.