SSL and Silverlight

05-26-2008 1:09 PM |

Hello,

I have one uncertain thing in my mind. I would like to get the answer from you guys.

Let's say I have ASP.NET project and Silverlight as the following structure.

Structure of Project 

https://mydomain.com/mysecurepage.aspx

---[ClientBin]
---------MySilverlight.xap
---mysecurepage.aspx
---myWebService.asmx

I configured SSL for my ASP.NET project. I show the Silverlight content on aspx page. There is one web service called myWebService.asmx in my secured ASP.NET. 

There is one textbox and one button in Silverlight . If the user enters something and click the button, the textbox.text will be submitted to web service.

For this case, the text what the user entered is secure?  Since SL runs on the user's browsers, I think it won't be secure even SL content is on the secure ASPX page.   Do I need to do encrypting in Silverlight before passing it to web service?  

Thanks in advance. 

Re: SSL and Silverlight

05-26-2008 1:53 PM |

This is a very important question, please if somebody knows could reply, could be possible that I must be shure all my data is encrypted before send to server?

mchlSync may be you can install WireShark on your client computer and setup to listen the data sended by your network card, there you will see exactly what you are sending and what you are receiving. Please if you know something about this, I'll appreciate.

Re: SSL and Silverlight

05-26-2008 10:58 PM |

WireShark? This is new to me. Okay.  I will try..

Re: SSL and Silverlight

05-28-2008 9:43 PM |

Aaron Oneal - MSFT:

If you're transmitting data to a web service hosted at an HTTPS address, then data sent over the wire to the service is SSL encrypted, even if the Silverlight page hosting the control is not.

So, I don't need to do any encryption for that? All I need to do is that invoke https web service from Silverlight. This is a good thing.  thanks.