Hello,

I have one uncertain thing in my mind. I would like to get the answer from you guys.

Let's say I have ASP.NET project and Silverlight as the following structure.

Structure of Project 

https://mydomain.com/mysecurepage.aspx

---[ClientBin]
---------MySilverlight.xap
---mysecurepage.aspx
---myWebService.asmx

I configured SSL for my ASP.NET project. I show the Silverlight content on aspx page. There is one web service called myWebService.asmx in my secured ASP.NET. 

There is one textbox and one button in Silverlight . If the user enters something and click the button, the textbox.text will be submitted to web service.

For this case, the text what the user entered is secure?  Since SL runs on the user's browsers, I think it won't be secure even SL content is on the secure ASPX page.   Do I need to do encrypting in Silverlight before passing it to web service?  

Thanks in advance. 

(If this has answered your question, please click on "Mark as Answer" on this post. Thank you!)

Best Regards,
Michael Sync

Blog : http://michaelsync.net
Feed : http://michaelsync.net/feed

This is a very important question, please if somebody knows could reply, could be possible that I must be shure all my data is encrypted before send to server?

mchlSync may be you can install WireShark on your client computer and setup to listen the data sended by your network card, there you will see exactly what you are sending and what you are receiving. Please if you know something about this, I'll appreciate.

(If this has answered your question, please click on "Mark as Answer" on this post. Thank you!)

Best Regards,
Michael Sync

Blog : http://michaelsync.net
Feed : http://michaelsync.net/feed

If you're transmitting data to a web service hosted at an HTTPS address, then data sent over the wire to the service is SSL encrypted, even if the Silverlight page hosting the control is not.

Aaron Oneal - MSFT:

If you're transmitting data to a web service hosted at an HTTPS address, then data sent over the wire to the service is SSL encrypted, even if the Silverlight page hosting the control is not.

So, I don't need to do any encryption for that? All I need to do is that invoke https web service from Silverlight. This is a good thing.  thanks.

(If this has answered your question, please click on "Mark as Answer" on this post. Thank you!)

Best Regards,
Michael Sync

Blog : http://michaelsync.net
Feed : http://michaelsync.net/feed

Yes, that is correct. All requests/responses to/from a web service deployed to an SSL secured location are encrypted automatically at the transport layer.