Share via


Web service security interop guidance

I have had a couple of questions lately regarding web service security and interoperability. In short there are several high-level areas to look at when planning for interop. The first is obviously what specifications the client and service platforms support (eg - WS-Security, WS-Trust, WS-SecureConversation etc), the second is what versions of specifications both platforms support (eg - WS-Security 1.0 and / or WS-Security 1.1) and finally what extensibility points within specifications (such as algorithms) are supported by both platforms.

For more information take a look at the appendix in our Web service security guide https://msdn.microsoft.com/practices/default.aspx?pull=/library/en-us/dnpag2/html/wss_appx_interopcons_wse30.asp for an introduction to interop and web service security.

The article also includes pointers to a lot of the WS-I BSP work that we have done with the Sample Application Working Group as well...