Julie Lerman Blog - Encrypting SOAP with WSE - creating your OWN keys

Tuesday, December 23, 2003

Encrypting SOAP with WSE - creating your OWN keys

I just had a thought about what I was working on yesterday with encrypting data that is passed back to a client in a SOAP response. I was using examples from two sources. In those samples, there was a key created in the webservice for encrypting. That same key was added into the client app in order to unlock the encrypted data. I used the sample “to a T”, including the example key. If I didn't change it, that means that anyone who read the article could create a client that uses the same key and have access to my data. Not really, because the web service also requires authentication... but you get the point, right? It's kind of like the www.tempuri.com problem. Many people don't change that “placeholder” URI and leave the possibility (very slight as it may be) that someone accessing two separate web services with functions of the same name and the same namespace (”www.tempuri.com”) will have a definite conflict.

Anyway, time to go change my keys!

dotNET

Tuesday, December 23, 2003 11:28:53 AM (Eastern Standard Time, UTC-05:00)

| Comments [0] |

All comments require the approval of the site owner before being displayed.

Name
E-mail
Home page

	Remember Me
Comment (HTML not allowed)
Enter the code shown (prevents robots):
Live Comment Preview

On this page....

Search

|

Atom 1.0

|

CDF

Navigation

"DON'T BE IFFY" HOME

Julie or Julia?

My .NET Weblog of pre-12/03 posts

Categories

Speaking At

INETA Speakers Bureau

See my speaking schedule for more events

Archives

October, 2008 (6)

September, 2008 (30)

August, 2008 (45)

July, 2008 (19)

June, 2008 (31)

April, 2008 (47)

March, 2008 (51)

February, 2008 (45)

January, 2008 (62)

December, 2007 (44)

November, 2007 (39)

October, 2007 (47)

September, 2007 (57)

August, 2007 (40)

July, 2007 (41)

June, 2007 (32)

April, 2007 (55)

March, 2007 (57)

February, 2007 (37)

January, 2007 (41)

December, 2006 (36)

November, 2006 (33)

October, 2006 (33)

September, 2006 (45)

August, 2006 (42)

July, 2006 (32)

June, 2006 (50)

April, 2006 (63)

March, 2006 (67)

February, 2006 (65)

January, 2006 (65)

December, 2005 (60)

November, 2005 (83)

October, 2005 (88)

September, 2005 (114)

August, 2005 (110)

July, 2005 (110)

June, 2005 (76)

April, 2005 (80)

March, 2005 (110)

February, 2005 (72)

January, 2005 (110)

December, 2004 (144)

November, 2004 (106)

October, 2004 (115)

September, 2004 (97)

August, 2004 (121)

July, 2004 (94)

June, 2004 (106)

May, 2004 (116)

April, 2004 (135)

March, 2004 (85)

February, 2004 (127)

January, 2004 (152)

December, 2003 (64)

Etc.

User Group Leader

VTSDA Board Member
www.AcehAid.org
Immediate & Effective Local Disaster Relief in Aceh Province, Indonesia
About

Hosted by:

Powered by: newtelligence dasBlog 2.0.7226.0

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

© Copyright 2008, Julie Lerman

E-mail

Sign In