Specifies the security settings of a local client for this binding.
<security> <localClientSettings cacheCookies="Boolean" cookieRenewalThresholdPercentage="Integer" detectReplays="Boolean" maxClockSkew="TimeSpan" maxCookieCachingTime="TimeSpan" reconnectTransportOnFailure="Boolean" replayCacheSize="Integer" replayWindow="TimeSpan" sessionKeyRenewalInterval="TimeSpan" sessionKeyRolloverInterval="TimeSpan" timestampValidityDuration="TimeSpan" /> </security>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
||A Boolean value that specifies whether cookie caching is enabled. The default is
||An integer that specifies the maximum percentage of cookies that can be renewed. This value should be between 0 and 100 inclusively. The default is 90.|
||A Boolean value that specifies whether replay attacks against the channel are detected and dealt with automatically. The default is
||A TimeSpan that specifies the maximum time difference between the system clocks of the two communicating parties. The default value is "00:05:00".
When this value is set to the default, the receiver accepts messages with send-time time stamps up to 5 minutes later or earlier than the time the message was received. Messages that do not pass the send-time test are rejected. This setting is used in conjunction with the
||A TimeSpan that specifies the maximum lifetime of cookies. The default value is "10675199.02:48:05.4775807".|
||A Boolean value that specifies whether connections using WS-Reliable messaging will attempt to reconnect after transport failures. The default is
||A positive integer that specifies the number of cached nonces used for replay detection. If this limit is exceeded, the oldest nonce is removed and a new nonce is created for the new message. The default value is 500000.|
||A TimeSpan that specifies the duration in which individual message nonces are valid.
After this duration, a message sent with the same nonce as the one sent before will not be accepted. This attribute is used in conjunction with the
||A TimeSpan that specifies the duration after which the initiator will renew the key for the security session. The default is "10:00:00".|
||A TimeSpan that specifies the time interval a previous session key is valid on incoming messages during a key renewal. The default is "00:05:00".
During key renewal, the client and server must always send messages using the most current available key. Both parties will accept incoming messages secured with the previous session key until the rollover time expires.
||A positive TimeSpan that specifies the duration in which a time stamp is valid. The default is "00:15:00".|
|<security>||Specifies the security options for a custom binding.|
|<secureConversationBootstrap>||Specifies the default values used for initiating a secure conversation service.|
The settings are local in the sense that they are not settings derived from the security policy of the service.