dotnet/Documentation/compatibility/wcf-binding-with-the-transp...

## WCF binding with the TransportWithMessageCredential security mode

### Scope
Transparent

### Version Introduced
4.6.1

### Source Analyzer Status
Not planned

### Change Description
Beginning in the .NET Framework 4.6.1, WCF binding that uses the TransportWithMessageCredential security mode can be set up to receive messages with unsigned "to" headers for asymmetric security keys.

By default, unsigned "to" headers will continue to be rejected in .NET Framework 4.6.1. They will only be accepted if an application opts into this new mode of operation using the Switch.System.ServiceModel.AllowUnsignedToHeader configuration switch.

- [X] Quirked
- [ ] Build-time break

### Recommended Action
Because this is an opt-in feature, it should not affect the behavior of existing apps.<br/>

To control whether the new behavior is used or not, use the following configuration setting:

```xml
<runtime>
    <AppContextSwitchOverrides value="Switch.System.ServiceModel.AllowUnsignedToHeader=true" />
</runtime>
```

### Affected APIs
* `F:System.ServiceModel.BasicHttpSecurityMode.TransportWithMessageCredential`
* `F:System.ServiceModel.BasicHttpsSecurityMode.TransportWithMessageCredential`
* `F:System.ServiceModel.SecurityMode.TransportWithMessageCredential`
* `F:System.ServiceModel.WSFederationHttpSecurityMode.TransportWithMessageCredential`

### Category
Windows Communication Foundation (WCF)

<!-- breaking change id: 142 -->
Update READMEs and compatibility docs (#379) * Update breaking change doc formatting * Update release and breaking change READMEs * Update Readme with BC Links 1 * Add BC changes for releases * Update TOC for BC README * Update 4.6.1 release * Move breaking-change to compatibility * Update compatiblity links * Update compatiblity links * Update breaking change wording * Add testing with RyuJIT doc * Update breaking change wording 2017-04-18 07:52:04 +08:00			`## WCF binding with the TransportWithMessageCredential security mode`
Add breaking change docs (#371) * Add breaking change docs * Update README 2017-04-06 04:52:19 +08:00
			`### Scope`
			`Transparent`

			`### Version Introduced`
			`4.6.1`

			`### Source Analyzer Status`
			`Not planned`

			`### Change Description`
Checked quirked box, fixed bad fencing (#530) * Checked quirked box, fixed bad fencing * Update wcf-binding-with-the-transportwithmessagecredential-security-mode.md 2017-10-21 06:31:03 +08:00			`Beginning in the .NET Framework 4.6.1, WCF binding that uses the TransportWithMessageCredential security mode can be set up to receive messages with unsigned "to" headers for asymmetric security keys.`
Add breaking change docs (#371) * Add breaking change docs * Update README 2017-04-06 04:52:19 +08:00
Misc issues (#644) * Miscellaneous formatting and link changes * Proper usage of .NET Framework * Removed 'please' 2018-03-01 08:06:28 +08:00			`By default, unsigned "to" headers will continue to be rejected in .NET Framework 4.6.1. They will only be accepted if an application opts into this new mode of operation using the Switch.System.ServiceModel.AllowUnsignedToHeader configuration switch.`
Add breaking change docs (#371) * Add breaking change docs * Update README 2017-04-06 04:52:19 +08:00
Checked quirked box, fixed bad fencing (#530) * Checked quirked box, fixed bad fencing * Update wcf-binding-with-the-transportwithmessagecredential-security-mode.md 2017-10-21 06:31:03 +08:00			`- [X] Quirked`
Add breaking change docs (#371) * Add breaking change docs * Update README 2017-04-06 04:52:19 +08:00			`- [ ] Build-time break`

			`### Recommended Action`
Added line breaks, fixed other formatting issues (#684) 2018-03-29 06:05:20 +08:00			`Because this is an opt-in feature, it should not affect the behavior of existing apps.<br/>`

			`To control whether the new behavior is used or not, use the following configuration setting:`
Checked quirked box, fixed bad fencing (#530) * Checked quirked box, fixed bad fencing * Update wcf-binding-with-the-transportwithmessagecredential-security-mode.md 2017-10-21 06:31:03 +08:00
			```xml
Add breaking change docs (#371) * Add breaking change docs * Update README 2017-04-06 04:52:19 +08:00			`<runtime>`
Remove [More Information] links that lead to page with same information 2017-04-21 23:32:52 +08:00			`<AppContextSwitchOverrides value="Switch.System.ServiceModel.AllowUnsignedToHeader=true" />`
Add breaking change docs (#371) * Add breaking change docs * Update README 2017-04-06 04:52:19 +08:00			`</runtime>`
			```

			`### Affected APIs`
			* `F:System.ServiceModel.BasicHttpSecurityMode.TransportWithMessageCredential`
			* `F:System.ServiceModel.BasicHttpsSecurityMode.TransportWithMessageCredential`
			* `F:System.ServiceModel.SecurityMode.TransportWithMessageCredential`
			* `F:System.ServiceModel.WSFederationHttpSecurityMode.TransportWithMessageCredential`

			`### Category`
			`Windows Communication Foundation (WCF)`

Update READMEs and compatibility docs (#379) * Update breaking change doc formatting * Update release and breaking change READMEs * Update Readme with BC Links 1 * Add BC changes for releases * Update TOC for BC README * Update 4.6.1 release * Move breaking-change to compatibility * Update compatiblity links * Update compatiblity links * Update breaking change wording * Add testing with RyuJIT doc * Update breaking change wording 2017-04-18 07:52:04 +08:00			`<!-- breaking change id: 142 -->`