Thanks Anne for your explanation.
I came across this article today, which explains the need for both (SSL and SOAP digital signature)
http://www-106.ibm.com/developerworks/webservices/library/ws-soapsec/
regards,
Parag.
******************************************************************************************************
Digital signature is used for authentication, message integrity, and non-repudiation.
SSL supports authentication and message confidentiality.
Digital signature is an application-level security measure, which supports end-to-end security. It works regardless of the number of hops between originating sender and ultimate receiver. Digital signature can also be used as an additional form of identification for authentication. (For sensitive resources, you may require multiple forms of identification â something you have [a key]; something you know [a password], and something you are [a biometric feature]. Digital signature proves that you have a key.)
SSL is a network-level security measure, which supports point-to-point security. It works between two network endpoints, but it becomes compromised (or fails completely) if the message needs to be routed through multiple intermediaries. SSL authentication offers strong authentication (based on a key), but the key belongs to the last network port â not necessary the originating client.
Regards,
Anne
*********************** HSS-Unclassified ***********************
