Programming with .NET - General

Re: SSL and Silverlight

Aaron Oneal - MSFT — Thu, 29 May 2008 02:13:50 GMT

Yes, that is correct. All requests/responses to/from a web service deployed to an SSL secured location are encrypted automatically at the transport layer.

Re: SSL and Silverlight

mchlsync — Thu, 29 May 2008 01:43:02 GMT

Aaron Oneal - MSFT:
If you're transmitting data to a web service hosted at an HTTPS address, then data sent over the wire to the service is SSL encrypted, even if the Silverlight page hosting the control is not.

So, I don't need to do any encryption for that? All I need to do is that invoke https web service from Silverlight. This is a good thing. thanks.

Re: SSL and Silverlight

Aaron Oneal - MSFT — Thu, 29 May 2008 00:25:37 GMT

If you're transmitting data to a web service hosted at an HTTPS address, then data sent over the wire to the service is SSL encrypted, even if the Silverlight page hosting the control is not.

Re: SSL and Silverlight

mchlsync — Tue, 27 May 2008 02:58:13 GMT

WireShark? This is new to me. Okay. I will try..

Re: SSL and Silverlight

thosebug — Mon, 26 May 2008 17:53:32 GMT

This is a very important question, please if somebody knows could reply, could be possible that I must be shure all my data is encrypted before send to server?

mchlSync may be you can install WireShark on your client computer and setup to listen the data sended by your network card, there you will see exactly what you are sending and what you are receiving. Please if you know something about this, I'll appreciate.

SSL and Silverlight

mchlsync — Mon, 26 May 2008 17:09:37 GMT

Hello,

I have one uncertain thing in my mind. I would like to get the answer from you guys.

Let's say I have ASP.NET project and Silverlight as the following structure.

Structure of Project

https://mydomain.com/mysecurepage.aspx

---[ClientBin]
---------MySilverlight.xap
---mysecurepage.aspx
---myWebService.asmx

I configured SSL for my ASP.NET project. I show the Silverlight content on aspx page. There is one web service called myWebService.asmx in my secured ASP.NET.

There is one textbox and one button in Silverlight . If the user enters something and click the button, the textbox.text will be submitted to web service.

For this case, the text what the user entered is secure? Since SL runs on the user's browsers, I think it won't be secure even SL content is on the secure ASPX page. Do I need to do encrypting in Silverlight before passing it to web service?

Thanks in advance.