WCF transport point-to-point security

2
votes

Accrding to the following quote, WCF transport security provides point-to-point security:

Transport security is used to provide point-to-point security between the two endpoints (service and client). If there are intermediary systems between the client and the server, each intermediate point must forward the message over a new SSL connection.

  1. What is meant by SSL providing point-to-point security?

  2. Is SSL communication still possible between client and server, if intermediary system ( located between the client and the server ) forwards the message over a non-SSL connection?

  3. Assuming it is possible ... I don't see why intermediary system forwarding messages over a non-SSL connection would provide less security, since messages are already encypted by original sender ( which is either client or server ) and thus can't be decrypted by an intermediary systems?

1
wcfwcf-security
Follow these answers: stackoverflow.com/questions/5673283/wcf-transport-vs-message/… , stackoverflow.com/questions/4679235/… , stackoverflow.com/questions/7201536/… I believe they will answer your questions.Ladislav Mrnka
possible duplicate of WCF Transport security weaknessKirk Broadhurst

1 Answers

0
votes

I've already answered a practically identical question:

WCF Transport security weakness

If you have any additional questions, ask away.