B.11. Don't Re-Invent the Wheel
I've seen far too many examples showing developers how to encrypt SOAP messages between client and service. To me, this is exactly like reinventing the wheel. All such examples rely on hand-crafted encryption code using the .NET framework's cryptography classes. The main argument for using this approach versus SSL (the wheel) is that SSL causes a performance hit. Intuitively, I think that if you are going to do your own encryption, either it won't be as cryptographically strong as SSL or it will be just as computationally expensive. If you are really concerned about SSL's performance, you can take advantage of hardware SSL accelerators available from several vendors. The point is: Someone has already built encryption/decryption ...
Get Real World XML Web Services: For VB and VB .NET Developers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
