Message transmission security

The message transmission security is guaranteed with message signing, signature validation, and message encryption.

The following diagram illustrates the end-to-end message transmission flow with security considered.

Figure 1. Message transmission flow

• Message signing and signature validation are required for all requests and responses.
• Message encryption is optional based on your requirements. If there is sensitive information, such as a password or certificate, enclosed in a message, it is strongly recommended to encrypt the message.
• If encryption is adopted, encrypt the message body before it's signed.