This is one of the most frequently asked questions on the newsgroups. Since Verisign and Thawte do not speak "message-based security", people are always confused about buying SSL Certificates for doing WSE or WCF. It's not just the vendors. Sometimes the people responsible for your networks are also...
Read More...Entries categorized 'WSE' ↓
Survey: What SSL Certificates are you buying for WS-Security with WCF, WSE or other WS-* methodologies?
Thursday, October 05 2006 - WSE
Great FAQ on managing X509 Certs
Sunday, September 17 2006 - WSE
On Thursday evening I gave a talk on WS Security Fundamentals in Dayton Ohio. One of the resources I point to is the PAG Guide on Securing Web Services . On the way home the next day, while sitting on the runway in PHL for 2 hours before taking off (uggh), I was reading the latest ASPNET Pro and Michele...
Read More...Status of WS-* Specifications/Standards
Friday, September 15 2006 - WSE
I was happy to find this very current slide denoting the status of the various WS-* specs. I got to use it in a WS-Security fundamentals talk that I did in Dayton Ohio last night. http://blogs.msdn.com/jevdemon/archive/2006/08/02/686515.aspx...
Read More...Modifying WSE Policy Files in Production Apps
Wednesday, August 30 2006 - WSE
I learned this the hard way, as usual. We had to change the X509 Certificate that we were using for our application. That meant that the policy config file on the client and the app had to have the certificate identity defined by the findValue parameter of the X509 node. < serviceToken > < x509...
Read More...WSE3.0 WebCast: Powerpoint and Sample code online
Thursday, June 08 2006 - WSE
I have posted my version of the powerpoint (not the pretty MSDN version since I don't have that) and the sample code from today's Intro to WSE 3.0 webcast . You can find them on my TALKS page. Scroll down to Introduction to.... and you'll see the zip and ppt files. Thanks to all who attended! I hear...
Read More...WSE 3.0 WebCast: What does a message for secure conversation look like?
Thursday, June 08 2006 - WSE
Rather than paste miles (271 lines) of angle brackets in here, I am posting the section of my trace files here from today's webcast and have renamed it so you can view it in your browser if you want. Note that in general, these trace files will contain your UNSECURED raw data as well (I have stripped...
Read More...Introduction toWSE3.0 Webcast tomorrow (Thursday) at 11am EST
Wednesday, June 07 2006 - WSE
As part of the Web Services Webcast Series , I'll be doing an Intro to WSE 3.0 tomorrow morning at 11am. It will be a 1 hour session on the key features of WSE 3.0 with as many demos as I can cram in! There's an MP3 raffle for attendees of this series. Check it out! Here is the whole series. Please don...
Read More...Web Services/WCF WebCasts Series in June: I'll be doing the WSE 3.0 Overview one
Tuesday, May 30 2006 - WSE
Kirk Allen Evans has organized some of the top WCF/Web Services gurus (and me,too!) to do a web cast series through June. For those of you securing web services TODAY, my webcast will be Overview of WSE 3.0 . June 8th at 11am EST (that's 8am PST). More info here Also oooh aah a raffle for attendees!...
Read More...The misnomer of SSL Certificates
Friday, May 26 2006 - WSE
This has always been a big point of confusion, both for developers (like me) and admins. SSL Certificates are misnamed. They are not for SSL only. I wish all of the CA's would just call them "Web Server Certificates". How and where you install them determines whether or not they are used for SSL. I remember...
Read More...Me, Myself and WSE 3.0
Saturday, May 20 2006 - WSE
What? I'm still writing about that worn-out old non-technology, WSE 3.0? Darn right I am. [ read more... ] [A DevLife post] Don't Forget: www.acehaid.org
