To enable clients at any partial-trust level to use any WCF feature and binding, you need to block the bindings' demand for full trust. The only way to do that is to have the proxy itself assert full trust. Asserting full trust can easily be done via the PermissionSetAttribute, using the Assert flag of the SecurityAction enum and specifying the string "FullTrust" for the permission name:

[PermissionSet(SecurityAction.Assert,Name = "FullTrust")]

In addition, you must prevent the client from directly accessing any method of the base class of ClientBase<T> (which still demands full trust), so the proxy needs to hide the commonly used methods Close( ) and Dispose( ). Having the proxy class itself access methods or properties of ClientBase<T> (such as Channel or constructors) is fine, since the proxy asserts full trust. The problem is that in order to assert full trust, the proxy itself must be granted full trust, which is something the partially trusted client is not able to provide in the first place. Consequently, you need to factor out the proxy class to its own assembly, mark it as public, and grant that assembly full trust. In .NET 2.0 and later, you can grant the proxy's assembly full trust using the Configuration control panel applet by identifying the assembly using some content-based evidence, such as its strong name. You can also install the proxy assembly in the client's GAC. Since all assemblies coming from the GAC are granted full trust, the proxy ...