God, is nobody doing smartclient stuff? Google is all about telling me how to encrypt connection strings in my web.config, but that’s set it and forget it, on one machine.
What I want to know is what is the best practice for storing identity information and connectionstrings and whatnot on the local machine for a smart client app distributed across the enterprise. And if it’s app.config, how to work the encryption (I understand the DPAPI part conceptually, but how do I do it for release and distribution?). And if it’s not encrypted app.config, what is it?
Your thoughts?