Geek Answers Handbook

Is transport security a bad practice for a WCF service over the Internet?

I have a WCF service available over the Internet. It has a wsHttpBinding binding binding and message security mode with username credentials for client authentication. The msdn says that we should use message protection for Internet scenarios, as it provides end-to-end protection instead of point-to-point protection, as traffic has security.

What if I use transport security for the wcf service over the Internet? Is this a bad practice? Can malicious users see my data?

+6
c # wcf transport-security
source share
3 answers

No, that would be good practice - the problem is that you cannot guarantee a complete chain of secure connections for an arbitrary number of intermediate flights when you are dealing with an Internet connection.

All that you can guarantee with transport security is a link from your client to the first jump, and a link from the last transition to your server - everything that is between you is out of your control. Thus, the safety of transport over the Internet will not work - unless you have a strictly controlled environment where you know that the client connects directly to your servers.

Due to these technical limitations, transport security only works on corporate / local networks. Once you have no control over routing and intermediate hops, you need to use message protection for end-to-end protection.

+8
source share

Yes, it is 100% safe when clients (which most clients do) verify the server certificate.

The multiple hop scenario mentioned here is a complete fake. This is true only when the same message passes through different applications. Like, for example, several brokerage applications. If these brokers do not report securely, the message can be read by intermediate network sniffers.

In other words, the connection between the client and the server via the Internet is 100% secure, even if there are a million routers between them, but it is protected only when the client checks the server certificate, since the client can connect to a person, the average host that can impersonate the server is false certificate. If the client does not verify the certificate, the message may be compromised.

+5
source share

IMO may not be 100%

If BlueCoat can do this, then who else can?

http://directorblue.blogspot.com/2006/07/think-your-ssl-traffic-is-secure-if.html

+1
source share

More articles:


All Articles