My system is based on .net. Their system is based on PHP. We want to exchange information for lookups and to add data to the respective databases. This has to be done securely and the two systems will be the only players in this game.
I've been doing some research but things related to security always throws me off. I have to admit that I'm having some trouble fully understanding what everything is in the config file (web.config in the WCF web service site).
Where do I start in ensuring that they transmit the data securely? Assuming I figure out the binding stuff, would they be sending a username and password that I will have to extract from their message? The client would be connecting to a https address.