Background
So after fumbling around with wsHttpBinding on my WCF services I find out that Silverlight doesnt support it!! After thinking of sending encrypted data over the wire that is decrypted on both the service and client side I figured that this might be a performance issue. Plus Im not really sure if this is the neat way to do things.
Taking for example a login page scenario for the silverlight application, I even thought that I can do the login on the aspx side and then on successful authentication I can redirect to the page that hosts the Silverlight application. The problem here is that once the xap is downloaded to the client, it can be run from a browser and thereby bypass the aspx login page altogether.
Question
What are my options if I want to transfer data securely between the silverlight client and the wcf service? I don't want any data over the wire to be useful to any potential wire sniffer or anything.
As @Shiraz suggested you can go for https transport with basicHttpBinding.
You have a variety of message level securities supported. Well it is true that basicHttpBinding doesn't support all the message level security. But it does some.
http://msdn.microsoft.com/en-us/library/ms730294.aspx summarizes all the possible choices for basicHttpBinding.
From the binding side, you don't have many choices.