By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
457,905 Members | 1,643 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 457,905 IT Pros & Developers. It's quick & easy.

Does it make any sense to apply WSE 3.0 (Security) on top of SSL?

P: n/a
I am working on a project, the SSL is a requirement, so given the SSL
is the mandate, does it make any sense to apply any WSE 3.0 (Security)
on top of SSL?
Thanks in advance.
John

Feb 13 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Possibly. SSL is transport level security, it basically ensures that
nobody can listen in to a conversation between you and someone else.

You could however use WSE 3.0 to ensure that you only have
conversations with people who provide you with a name and password...
and more.

Depends what you need to do.

Josh
http://www.thejoyofcode.com/

Feb 14 '06 #2

P: n/a
Did that help John?

Josh

Feb 14 '06 #3

P: n/a
Thanks. When you say
"WSE 3.0 to ensure that you only have conversations with people who
provide you with a name and password... "

I thought you could do the same thing in SSL with Basic Authentication.
What I am trying to find out is given SSL is very secure, I already
using SSL and the only thing I am concerted about is security and do
not care about other fancy stuff. Does it justify the cost (both the
development & performance on top of SSL) to use WSE 3.0?
Thanks again for your help
John

Josh Twist wrote:
Did that help John?

Josh


Feb 15 '06 #4

P: n/a
Good point, you could do it that way too.

If your combination of SSL and Basic Authentication meet all your
requirements (conversations can't be listened too and users must
authenticate) then I'd probably say WSE isn't going to add anything to
this scenario.

As you're obviously aware, It does provide alternatives to how you're
doing what you're doing but I can't think of any killer advantages as
SSL and Basic Auth are also public HTTP standards.

Good Luck!

Josh

Feb 15 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.