Transport protocols, credential types and hosts are mostly orthogonal in WCF.
You can have the same "level of security" in http, tcp, whatever.
You can do username/password auth over net.Tcp - this would use SSL to secure the transport - just like HTTP would. And to increase the confusion - you can also host TCP based services in IIS 7+.
Security requirements mostly don't influence the transport protocol selection in WCF.
Dominick Baier, thinktecture - http://www.leastprivilege.com
You can have the same "level of security" in http, tcp, whatever.
You can do username/password auth over net.Tcp - this would use SSL to secure the transport - just like HTTP would. And to increase the confusion - you can also host TCP based services in IIS 7+.
Security requirements mostly don't influence the transport protocol selection in WCF.
Dominick Baier, thinktecture - http://www.leastprivilege.com