Encryption and Message Integrity

This topic is specific to a legacy technology that is retained for backward compatibility with existing applications and is not recommended for new development. Distributed applications should now be developed using the  Windows Communication Foundation (WCF).

It is important to protect sensitive information as it is being passed from a remoting client to a remoting server and back. .NET remoting provides support for both encrypting messages and determining message integrity.

HTTP Channel

The HTTP Channel only supports encryption and message integrity when the remote object is hosted in Internet Information Services (IIS) using SSL. For more information about configuring IIS to use SSL, see IIS Security.

TCP Channel

The TCP Channel supports encryption and message integrity when the secure property is set to true. The secure property can be set by configuration or programmatically. It is important the both the client and the server set the secure property to true.

IPC Channel

The IPC Channel does not support encryption or message integrity.

Note

If your network is already encrypted (for example, by using IP Security (IPsec)), encryption of the communication channel is redundant and therefore degrades performance without adding security.

See Also

Concepts

Authentication with the TCP Channel
Authentication with the HTTP Channel
Authentication with the IPC Channel