R – Primer for X.509 certificates on Windows


I am presently studying the topic of encrypting and signing SOAP messages via WSE 3.0 or WCF. Since I have not participated in distributed application development involving the public Internet, I find my knowledge on X.509 ceritificates lacking and how it works in the Windows certificate store mechanism. It is not about asymmetric cryptography; it is about the PKI ecosystem.

Therefore I would like to gather what are some articles or books that give comprehensive explanations on Windows' security mechanisms, how to properly use and manage the Certificate Store, CA trust chains, and how APIs like WSE or WCF may interact and make use of certificates. Recommendations?

Best Solution

Everyone using (or thinking of using) X.509 certificates should be forced to read this: Everything you Never Wanted to Know about PKI but were Forced to Find Out, as well as X.509 Style guide, both by Peter Gutmann.