Digital Signature for SOAP message in WCF

Question

I have a WCF service in 4.0.

I need to add digital signature to the SOAP response.I am not quite sure how it actually should be done. I believe the Response should look like what is shown in the link below.

https://spaces.internet2.edu/display/ISWG/Signed+SOAP+Messages

Is there any place where i can get details about this? Please advice.

Answer 1

A message contract can indicate whether the headers and/or body of the message should be digitally signed and encrypted.

This is done by setting the System.ServiceModel.MessageContractMemberAttribute.ProtectionLevel property on the MessageHeaderAttribute and MessageBodyMemberAttribute attributes. The property is an enumeration of the System.Net.Security.ProtectionLevel type and can be set to None (no encryption or signature), Sign (digital signature only), or EncryptAndSign (both encryption and a digital signature). The default is EncryptAndSign.

For these security features to work, you must properly configure the binding and behaviors. If you use these security features without the proper configuration (for example, attempting to sign a message without supplying your credentials), an exception is thrown at validation time.

For message headers, the protection level is determined individually for each header.

For message body parts, the protection level can be thought of as the "minimum protection level." The body has only one protection level, regardless of the number of body parts. The protection level of the body is determined by the highest ProtectionLevel property setting of all the body parts. However, you should set the protection level of each body part to the actual minimum protection level required. Please see this article for more detailed examples.