WCF Response is not signed or encrypted

I am hosting a WCF service, I get the request and can unsigned and uncrypted it without a problem with custombindings, but why does my response is not automatically siged and encrypted??? any one help?

<customBinding>
    <binding name="DutyTravelSOAP12Binding">
      <transactionFlow transactionProtocol="WSAtomicTransaction11"/>
      <textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
          messageVersion="Soap11" writeEncoding="utf-8">
        <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
            maxBytesPerRead="4096" maxNameTableCharCount="16384" />
      </textMessageEncoding>
      <security defaultAlgorithmSuite="Basic128Rsa15" allowSerializedSigningTokenOnReply="true"
          enableUnsecuredResponse="true" authenticationMode="MutualCertificate"
          requireDerivedKeys="false" securityHeaderLayout="Lax" includeTimestamp="False"
          keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncrypt"
          messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
          allowInsecureTransport="false">
        <localClientSettings detectReplays="false" maxClockSkew="00:25:00"
            replayWindow="00:25:00" sessionKeyRolloverInterval="00:25:00"
            timestampValidityDuration="00:25:00" />
        <localServiceSettings detectReplays="false" />
        <secureConversationBootstrap allowSerializedSigningTokenOnReply="true" requireDerivedKeys="true"
            enableUnsecuredResponse="false" securityHeaderLayout="Lax" keyEntropyMode="CombinedEntropy"
            includeTimestamp="False" allowInsecureTransport="false"
            requireSignatureConfirmation="true" authenticationMode="MutualCertificate"
            messageProtectionOrder="SignBeforeEncrypt"  defaultAlgorithmSuite ="Basic128Rsa15"
            messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11Basic开发者_如何学运维SecurityProfile10">
          <localClientSettings detectReplays="true"/>
          <localServiceSettings detectReplays="true"/>
        </secureConversationBootstrap>
      </security>
      <httpTransport manualAddressing="false" maxBufferPoolSize="524288"
        maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
        bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
        keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
        realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
        useDefaultWebProxy="true"/>
    </binding>
  </customBinding>      

This is my custom bindings

The textMessageEncoding element usually goes after the security element ...