I am confused about whether or not it is advisable to use net.tcp with SSL over the internet (not asking about intranet).
This best practice article says no:
In an Internet scenario, you can only use the HttpBinding option.
This article (and other like it) says:
In terms of security, SSL and IPsec are two existing protocols that are designed to work with TCP/IP to provide endpoint-to-endpoint security, and both can be implemented with relative ease.
Thanks for your help
Edit
I am not concerned about interoperability issues, just if it will work as well as it does on the intranet and if it is secure.
Net.Tcp binding only works in intranet scenarios as the web uses HTTP/HTTPS protocols. You should look in to WSHttpBinding if you want your service to be accessible over the internet. With WSHttpBinding, you can enable Message Security mode and install security certificates that will enable secure communication using SSL over the internet. I'd suggest you to read chapter no. 10 of book Programming WCF Services by Juval Lowy to have solid understanding of WCF security mechanism.