WCF netTCPBinding - is transport encryption enough?

Question

WCF netTCPBinding - is transport encryption enough?

I have a WCF service that processes some sensitive data. I would like to make sure that I keep this data from showing, and therefore I look at netTCPBinding ... primarily because I can control the network in which it works, and performance is a high priority.

I understand that there are two areas that can be encrypted: the transport layer and the message layer. I intend to use certificates for encryption at the transport level, which, as I understand it, uses TLS over TCP.

Callers are also mine, so I control the level of transport. Since I do not expect changes in the transport layer, do I need to worry about message level encryption? This seems unnecessary if I do not want the flexibility to change transport.

+5

.net networking encryption tcp wcf

Mike l Sep 19 '08 at 2:34

source share

3 answers

, -, (, ), , . , - ( -).

, , , () , .

+4

tomasr 19 . '08 2:46

I think you're there. If you do not plan to transfer this to another transport mechanism, I cannot understand why you need both message encryption and transport. If performance is a key factor to skip message encryption, you will save some time, since you do not need to add protection when sending / receiving each message.

+2

Jonas follesø Sep 19 '08 at 2:46

source share

hurst · Accepted Answer · 2008-09-19T02:44:43+0000

Message-level encryption is necessary if you do not control the broker. Mediation services should be able to change the headers of the soap and can look into your confidential data for malicious purposes. But if you control everything from the initial sender to the final recipient, then you do not need encryption at this level.

, netTCP , , .

WCF netTCPBinding - is transport encryption enough?

More articles: