which specification must consider for implementing WCF security over internet

Question

I want to know some main specification must be considered when i want to implement WCFsecruity over internet.what is main specification that i should consider?

Answer 1

There is no specification to be followed a rule. In general you should consider following good security practices that are used in every HTTP server/client application and exist in the form of security guidelines.

I suppose a good point to start would be this MSDN post giving an intro to security fundamentals for web services. I would also suggest the Improving Web Services Security ebook which provides with very useful guidelines.

Hope I helped!