Tom,
You mention the possibility of encrypting messages. Is there an
easy way to force certain web service parameters or function
calls to be "encrypted"?
I'm not aware of any easy, single silver-bullet method or property you could
use to just "set encryption on". Instead, there are nowadays many web
services security related specifications, such as WS-Security which uses a
W3C specification "XML Encryption" underneath, among others. From the
programmer's perspective this means that there are many options to solve the
issues, too.
A full introduction to web services security would require much more than
I'm able to give you here, however I can give you some pointers. For
instance, MSDN has an article named "Web Services Security Specifications
Index Page", which probably would be interesting to you:
http://msdn.microsoft.com/webservice...rspecindex.asp
Secondly, the article "Understanding WS-Security" might be useful:
http://msdn.microsoft.com/webservice...l/understw.asp
Also, .NET 2.0 has better support for web services and and security, however
I must say I haven't yet studied their potential in full when it comes to
this area of the class library. Nonetheless, support for XML encryption and
signing already exists in the library (I'm talking about version 1.1 as well
as the 2.0 betas), see for example the System.Security.Cryptography.Xml
namespace.
Hope this will give you good a starting point! Have a nice weekend, too.
--
Regards,
Mr. Jani Järvinen
C# MVP
Helsinki, Finland
ja***@removethis.dystopia.fi http://www.saunalahti.fi/janij/