1) WS Security allows us to use a stronger user id/password system, reducing the opportunities for MITM attacks.

2) Certificates allow us to ensure only registered servers can communicate with our system, reducing the opportunities for DOS attacks.

You must both sign and encrpyt the request for Delivery Manager to handle it. However, the response from Delivery Manager will not be signed, nor encrypted.

1) It reduces processing requirements at our end, and

2) Many, many integrators rely on WS libraries with bugs in (including ourselves), preventing proper decryption and signature verification.

Therefore, if you need to ensure all content is encrypted (such as the responses from our servers), you should make use of HTTPS in the communication.