Browse by Tags

Tagged Content List
  • Blog Post: Asymmetric tokens and Mixed-Mode Security

    When you are using a X.509 Certificate as the client authentication token in Mixed-Mode Security - apart from signing the Timestamp WCF will sign the 'To' header as well. This is to prevent a client spoofing attack by a rougue service. Consider the situation where the client does not sign the 'To' header...
  • Blog Post: WCF Security Modes

    WCF supports three types of Security. They are, Transport Security Mixed-Mode Security Message Security Let's discuss the various Security Modes below. Transport Security is applied at the transport byte stream below the message layer. The message does not have a Security header and...
Page 1 of 1 (2 items)