惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
Attack and Defense Labs
Attack and Defense Labs
V2EX - 技术
V2EX - 技术
O
OpenAI News
S
Secure Thoughts
H
Heimdal Security Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Schneier on Security
Schneier on Security
H
Hacker News: Front Page
S
Security Affairs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Vercel News
Vercel News
Microsoft Security Blog
Microsoft Security Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
P
Proofpoint News Feed
The Register - Security
The Register - Security
GbyAI
GbyAI
Cloudbric
Cloudbric
MongoDB | Blog
MongoDB | Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
K
Kaspersky official blog
Forbes - Security
Forbes - Security
Y
Y Combinator Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
Scott Helme
Scott Helme
Hacker News - Newest:
Hacker News - Newest: "LLM"
The Cloudflare Blog
Recorded Future
Recorded Future
人人都是产品经理
人人都是产品经理
Cyberwarzone
Cyberwarzone
C
CERT Recently Published Vulnerability Notes
Webroot Blog
Webroot Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
L
LangChain Blog
T
Tor Project blog
Microsoft Azure Blog
Microsoft Azure Blog
博客园_首页
Hacker News: Ask HN
Hacker News: Ask HN
Blog — PlanetScale
Blog — PlanetScale
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
B
Blog RSS Feed
N
News and Events Feed by Topic
阮一峰的网络日志
阮一峰的网络日志
I
Intezer
V
V2EX
T
Tailwind CSS Blog
SecWiki News
SecWiki News
NISL@THU
NISL@THU
C
Check Point Blog

博客园 - 灰灰狼

架构与设计概要 IoC概要 需求分析概要 接上文,支持并发数量的完美版本 消息队列并发处理基类-简化版 2013年5.28~7.27 Microsoft FTE 微软面试总结 String Format for DateTime 多语言建议 multi-language 问题观 New life I would like About that task 基于证书的WCF安全开发详解 asp.net缓存(20100804完善版) - 灰灰狼 - 博客园 呼唤程序员精神——关于我今天发起的讨论的总结 asp.net mvc下实现窗口不关闭,就让Session不过期 正确的产品开发策略
about wcf
灰灰狼 · 2010-08-25 · via 博客园 - 灰灰狼

1.       Why we use WCF

In fact , we can use Web Service or WCF. We select WCF because the WCF contains many advantages that WS doesn’t contain, such as

(1)    Extension ability

(2)    Better asp.net integration

(3)    Can be independent from IIS

(4)    Stateful & transaction supported

(5)   

2.       Why we talk about Certificate

We talk about certificate not specially for WCF, It’s a secure solution, can be used in all communication cases, such as Website, Web Service and WCF. We use it for it is the best secure solution and is supported by WCF very well. It’s not very complex in use, but only need little time to understand and explain.

What is SSL? It’s a certificate use case. Firstly, there is a CA, CA has a Root Certificate,  and the website has a sub-certificate from CA. Why you trust the website? Because you believe the CA. Why you believe the CA, because you have the CA Root Certificate in Trusted Root Certification Authorities on your PC. This authentication process is implemented in Transfer Layer(https). Commonly, SSL is used to authenticate Server.

WCF based Certificate is like SSL, but WCF can implement authentication in application layer and do more detail control. The theory is like the SSL, but we need to do two-way authentication, not only the client authenticates the server, but also the server authenticate the client. So we need deploy certificate both in server & client. That’s all, and is not very complex.

Certificate can be from a CA(we can deploy a CA Server ourselves). In developing period, we can use makecert.exe command to create root certificate & sub certificate.

My example is a pure technical solution, but it simulates our real solution partly, Adam and me has confirmed this.

3.       I’ll translate my email later, please give me some time.