Right now, I have all my web services under one project, secured behind SSL. I have not decided if I want to move the to a better location, like http://webservices.interscapeusa.com, or something like that. Basically to move them out of the SSL security. Now, I'd like some opinions in terms of the effect... is the latency of SSL combined with the serialization of data into XML substantial? Is it worth it to have your data stream encrypted, or would it be better to use WSE to make sure the data is encrypted and not the whole stream? Is there something I'm not considering here? Please leave me comments, thoughts, and suggestions. Thanks.
We use Web Services combined with SSL for SourceGear Vault, our version control system. I routinely use this setup from home over a 256K connection which is only quasi-reliable. We have another employee who uses Vault over a plain old 56k modem. In both cases the performance is quite adequate for our application. YMMV.
Don't use WSE if you need to be cross platform (at least not yet). Stick with SSL for a while.
Thanks for the feedback guys.
We too use SSL. However, to relieve the web servers in our farm from having to do the SSL processing, which has lead to scalability problems, we offload SSL to a pair of embedded SSL accelerators.
It depends on application requirements, if its
a B2Bi implementation, just SSL cannot help u
with Non-repudiation prespective.Else SSL is fine.