Hi Jill,
Very glad to hear it! Thanks for your patience and help in resolving this. The final solution was found here:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;322371
Which made me understand that by default a temporary key is stored in the folders associated with a user profile, but since in the context of an asp.net thread the user has no profile it needed to have "RSACryptoServiceProvider.UseMachineKeyStore = true;" which tells it to store the temporary file in the machine key store instead.
Not sure why it doesn't happen locally unless somehow the local account is using a user profile or perhaps its handled differently in IIS 7 by default.
Best,
Joe