none
why WCF Transport security mode just provide point-to-point security instead of end to end security? RRS feed

  • Question

  • why WCF Transport security mode just  provide  point-to-point security instead of end to end  security?
    Saturday, August 27, 2011 4:33 PM

Answers

  • b/c if you have 

     

    Service A --> Service B --> Service C

     

    then when service B gets the message from service A it must decrypt and understand it before dispating to service C.

    however if message security is used then the message is kept encrypted until C gets it.


    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog
    • Marked as answer by Jacky_shen Sunday, August 28, 2011 4:03 PM
    Saturday, August 27, 2011 11:34 PM

All replies

  • b/c if you have 

     

    Service A --> Service B --> Service C

     

    then when service B gets the message from service A it must decrypt and understand it before dispating to service C.

    however if message security is used then the message is kept encrypted until C gets it.


    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog
    • Marked as answer by Jacky_shen Sunday, August 28, 2011 4:03 PM
    Saturday, August 27, 2011 11:34 PM
  • Hi Yaron Naveh ,

    thanks to your replay,but i have the following puzzles.

    1,why Transport security mode must decrypt and understand it before dispating to service C ,but message security mode  doesn't need to ?

    2,How does the Service B decrypt the message ? since messages are already encypted by Service A(for example:HTTPS).

    Does  the Service B  aslo have the systematic key generated by service  A?



    Sunday, August 28, 2011 2:06 AM
  • hi

    1. when a message goes from A to B over a security protocol (e.g. http ot https) and uses the protocol encryption capabilities then both parties are able to decrypt. however message security is a different standard and an http server can recieve a secured messgae e/o understanding it and simply pass it to somewhere else.

    2. With transport security Service A does not encrypt to service C but to service B. it is point to point and not end to end.


    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog
    Monday, August 29, 2011 9:49 PM