<secureConversationBootstrap>
Specifies the default values used for initiating a secure conversation service.
<system.serviceModel>
<bindings>
<customBinding>
<binding>
<security> of <customBinding>
<secureConversationBootstrap>
<secureConversationBootstrap
allowSerializedSigningTokenOnReply="Boolean"
authenticationMode="AuthenticationMode"
defaultAlgorithmSuite="SecurityAlgorithmSuite"
includeTimestamp="Boolean"
requireDerivedKeys="Boolean"
keyEntropyMode="ClientEntropy/ServerEntropy/CombinedEntropy"
messageProtectionOrder="SignBeforeEncrypt/SignBeforeEncryptAndEncryptSignature/EncryptBeforeSign"
messageSecurityVersion="WSSecurityJan2004/WSSecurityXXX2005"
requireDerivedKeys="Boolean"
requireSecurityContextCancellation="Boolean"
requireSignatureConfirmation="Boolean" >
securityHeaderLayout="Strict/Lax/LaxTimestampFirst/LaxTimestampLast"
includeTimestamp="Boolean" />
Type
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
Attribute | Description |
---|---|
allowSerializedSigningTokenOnReply |
A Boolean value that specifies whether a serialized token can be used on reply. |
authenticationMode |
Specifies the SOAP authentication mode used between the initiator and the responder. The default is sspiNegotiated. This attribute is of type AuthenticationMode. |
defaultAlgorithmSuite |
Security algorithm suite defines of a variety of algorithms such as Canonicalization, Digest, KeyWrap, Signature, Encryption, and KeyDerivation algorithms. Each of the security algorithm suites defines values for these different parameters. Message-based security is achieved using these algorithms. This attribute is used when working with a different platform that opts for a set of algorithms different than the default. You should be aware of the strengths and weaknesses of the relevant algorithms when making modifications to this setting. This attribute is of type SecurityAlgorithmSuite. The default is Aes256. |
includeTimestamp |
A Boolean value that specifies whether time stamps are included in each message. The default is true. |
keyEntropyMode |
Specifies the way that keys for securing messages are computed. Keys can be based on the client key material only, on the service key material only or a combination of both. Valid values are:
The default is CombinedEntropy. This attribute is of type SecurityKeyEntropyMode. |
messageProtectionOrder |
Sets the order in which message level security algorithms are applied to the message. Valid values include the following:
The default is SignBeforeEncrypt. This attribute is of type MessageProtectionOrder. |
messageSecurityVersion |
Sets the version of WS-Security that is used. Valid values include the following:
The default is WSSecurityXXX2005. This attribute is of type MessageSecurityVersion. |
requireDerivedKeys |
A Boolean value that specifies whether keys can be derived from the original proof keys. The default is true. |
requireSecurityContextCancellation |
A Boolean value that specifies whether security context should be cancelled and terminated when it is no longer required. The default is true. |
requireSignatureConfirmation |
A Boolean value that specifies whether WS-Security signature confirmation is enabled. When set to true, message signatures are confirmed by the responder. The default is false. Signature confirmation is used to confirm that the service is responding in full awareness of a request. |
securityHeaderLayout |
Specifies the ordering of the elements in security header. Valid values are:
The default is Strict. This element is of type SecurityHeaderLayout. |
Child Elements
Element | Description |
---|---|
Specifies a current issued token. This element is of type IssuedTokenParametersElement. |
|
Specifies the security settings of a local client for this binding. This element is of type LocalClientSecuritySettingsElement. |
|
Specifies the security settings of a local service for this binding. This element is of type LocalServiceSecuritySettingsElement. |
Parent Elements
Element | Description |
---|---|
Specifies the security options for a custom binding. |
Send comments about this topic to Microsoft.
© Microsoft Corporation. All rights reserved.