This project is read-only.

Use Transport Security When Possible

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

Transport security secures the client-server communication channel using SSL over Http and Transport Layer Security (TLS) over TCP. Transport Security is transport dependent and does not require that the communicating parties understand XML-level security concepts. This can improve the interoperability.

Consider that, if you are using transport security you cannot use Service Credential Negotiation or authentication types such as Username or Issue Token (CardSpace).

Use the following criteria to decide whether or not to use transport security:
  • Point-to-point. Transport security supports point-to-point communication and does not support intermediary scenarios or protocol transition.
  • Streaming. Transport security can support streaming data scenarios.
  • Binding limitations. Transport security does not work with the wsDualHttpBinding.
  • Authentication limitations. Transport security does not work with negotiation, username, Issue Token (CardSpace) or Kerberos direct authentication

Additional Resources

Last edited Jun 13, 2008 at 12:27 AM by prashantbansode, version 1


No comments yet.