Version 1.x of the .NET Framework does not support user authentication, integrity protection, or encryption of the TCP remoting channel. While it is possible to layer this support onto the HTTP channel by hosting your server objects in IIS, that approach is a bit kludgy, as you'll see. Version 2.0 of the .NET Framework went into its first beta cycle as I was wrapping up final edits on this book, and the TCP channel now supports these important security features, which is great news. This new feature is based on the NegotiateStream class that I showed in Item 66.

For those who are relying on version 1.x of the .NET Framework, let's first consider using the HTTP channel and hosting in IIS. To do this, you ...