| Subject: SSL Certs or CardSpace for Client Certificates with WCF |
| Group: microsoft.public.windows.developer.winfx.indigo,microsoft.public.windows.developer.winfx.sdk |
| Date: 10/16/2006 12:42:43 PM |
| From: "Chris Mullins" [Email Address Protection] |
We're currently designing a number of SOA Services that will be built using WCF. We'll be having a number of applications (dozens to low hundreds) connecting to these services and performing actions that must be robustly authenticated. We're looking at two options for doing this: 1 - Generate an SSL Certificate per application, register that cert in our DB of "Acceptable" certs, and use this for tracking what applications are performing what actions on the system. This is standard, seems to be deeply supported by WCF, and should suitable for cross-platform use. 2 - We were also toying with the idea of generating CardSpace Identies for each of the applications that connect, and performing authentication that way. Cardspace Identies seem to have a few plusses, in that they're easier to generate and make use of. The people who start to shake when they hear "SSL Certificate Generation" seem to be able to handle CardSpace stuff. Is there any broad support for using CardSpace in this way? In essence, I'm looking for a set of CardSpace configuration tags in WCF, and the ability to use CardSpace from other platforms. I'm 85%+ that we'll go with the SSL Solution, but I wanted to get other people's opinions. I don't really have a solid enough grasp yet of CardSpace to know if it is the right/wrong tool for the job. Any advice? -- Chris Mullins MCSD.Net, MCPD Enterprise http://www.coversant.net/blogs/cmullins |
| Back |