Why is Message Security and Transport Security needed?

Asked Oct 28 '16 at 14:07

Active Oct 28 '16 at 14:07

Viewed 45 times

Please see the XML below:

  <client>
      <endpoint address="https://hq-wk-is.lincspolice.local/WCFSSL/Service1.svc"
        binding="basicHttpBinding" bindingConfiguration="BasicHttpsBinding_IService1"
        contract="ServiceReferenceInsecure.IService1" name="BasicHttpsBinding_IService1" />
    </client>

Here is a basicHttpBinding over HTTP. The channel is encrypted.

What is the point of Message Security and Transport Security, which are apparently not available for basicHTTPBinding? The binding above is encrypted over HTTPS (using SSL). Therefore why is MessageSecurity and TransportSecurity needed?

asked Oct 28 '16 at 14:07

w0051977

15,099
32
152
329

Possible duplicate https://stackoverflow.com/questions/5673283/wcf-transport-vs-message – William Xifaras Oct 28 '16 at 16:00
Is Transport Security simply HTTPS? Therefore if you have a http service reference and specify Transport Security in the web.config, then it will use HTTPS? Is that correct? – w0051977 Nov 15 '16 at 11:27

Why is Message Security and Transport Security needed?

0 Answers0