If you are using SSL, the transport will be secure. There would be no need for a custom binding.
From the page on Introducing WCF ClearUsernameBinding that you mentioned:
How does this work in IIS hosted environment with SSL certificate. Also in order to provide interoperability how will the clients using non woindows environment will be able to provide the user credentioals?
February 18, 2009 9:06 PM
Yaron Naveh said...
When SSL is used there is no need for clearUsernameBinding - you can use the out of the box WCF configurations.
As for interoperability, clearUsernameBinding adheres to the WSS username profile.