.NET Framework Bookmark and Share   
 index > Windows Communication Foundation > How messages are encrypted when security mode is "Message"?
 

How messages are encrypted when security mode is "Message"?

Hello All,

I'd like to knowhow messages are goingto beencrypted in following configuration-

Binding: netTCP
Security Mode: Message
ClientCredentialtype: UserName


Particularly-Are messages going be encrypted in both direction? If yes then how is it going towork? Issome session key going toexchanged in this case as well?

Regards,
Gurmit

Gurmit Teotia
You can either use SSL to provide the transfer security or you canprovide an X509 certificate which will be used to encrypt the data in both the directions.
http://www.rcs-solutions.com/blog/2008/11/06/CustomAuthenticationAndEncryptionWithWCF.aspxdoes asimilar implementation. When using Message Security, during the initial authentication a secure conversation gets established between the client and the service.
You should consider using transport security rather than Message security if you are using netTcpBinding becuase message security is less performant than transport security.
Piyush - MSFT
You can either use SSL to provide the transfer security or you canprovide an X509 certificate which will be used to encrypt the data in both the directions.
http://www.rcs-solutions.com/blog/2008/11/06/CustomAuthenticationAndEncryptionWithWCF.aspxdoes asimilar implementation. When using Message Security, during the initial authentication a secure conversation gets established between the client and the service.
You should consider using transport security rather than Message security if you are using netTcpBinding becuase message security is less performant than transport security.
Piyush - MSFT

You can use google to search for other answers

Custom Search

More Threads

• Failed to deploy WCF to IIS
• How to set "ServicePointManager.MaxServicePoints" Property?
• MSMQ +WCF ( Error :The protocol 'net.msmq' is not supported)
• Reading SOAP Headers from a Flex Client in WCF?
• serviceBehavoir 'maxConcurrentCalls', 'maxConcurrentSessions' and 'maxConcurrentInstances'
• The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server
• CommunicationObjectAbortedException in a Session-based Duplex Service
• How to increase Size of data Transfer in WCF?
• Out Parameters at Method
• Remoting to WCF
Home          Copyright 2009-2010 by netframeworkdev.com All rights reserved