Web services and binary attachments have proved a difficult pair to make work well together when it's time to implement security. But new functionality in Web Services Enhancement 3.0 (WSE3) should simplify working with binary attachments and Web services tremendously, giving you the ability to implement binary attachments with Web services out of the box.
The computing industry has debated the format of binary attachments in Web services for years; SOAP with Attachments (SwA), Direct Internet Message Encapsulation (DIME), and Message Transmission Optimization Mechanism (MTOM) all vied for supremacy. The first two, SwA and DIME, were fundamentally flawed because they lacked the means to apply WS-Security (the standard specification for applying security to Web services) to the message. MTOM, a younger specification, has overcome this flaw, and the W3C group recently moved MTOM into "Recommended" status.
