发表新帖
发表新帖

Is Transport Level Security Necessary When Using Message Level Security in WCF?

前端 未结
关注
3 1143
说谎
说谎 2020-12-05 16:32

I\'m still in the process of trying to better understand WCF security.

One question that I can\'t seem to get a grip on is… if message level security is used, then

3条回答
  • 春和景丽
    春和景丽 (楼主)
    2020-12-05 17:13

    If you use message-level security in the form of encryption, then you should not need to also use transport-level encryption. However, doing so will certainly make your message more secure. If you only use message-level security to sign outgoing messages, then you will also want to use transport-level security if your message contains sensitive information.

    It is important to use transport-level security when no message-level encryption is used. In fact, WCF requires you to use SSL when using UsernameToken plaintext, for example.

    0 讨论(0)
 看不清?
提交回复
热议问题