|
|
|
Browse by Tags
-
For those who didn't attend PDC, the Zermatt identity framework has been re-code-named Geneva Framework so that it fits in with the Geneva family of products : Geneva Framework : a .NET class library called Microsoft.IdentityModel (basically it's...
-
Chris Sells used to poke fun at me when we worked together in my former life . He used to call my security class, "Essential Access Denied". His point was a good one: when they aren't applied carefully, security countermeasures often just...
-
I've always looked at security questions used to automate user password recovery with quite a bit of skepticism . What's the point of requiring strong passwords if you allow anyone to reset the password on an account by answering a (potentially...
-
I'm about to embark on a mission to get Zermatt integrated into pluralsight.com as our single-sign-on solution, and a big part of that is getting our Community Server installation wired into that. I'm curious if anyone else has seen any work being...
-
We recently updated our website and some links have broken as a result. Here's the place you should go to get the latest version of Password Minder: http://mercury.pluralsight.com/tools.aspx Sorry for any inconvenience!
-
Updated on Nov 26, 2008: Zermatt has been renamed to Geneva, and links have changed. See this post for details. For a couple of years now, I've been giving talks about "claims-based identity", and "claims-aware applications". The...
-
Finally there's a home on the Internet for information cards . I've been waiting for this for a long time - a place to point consumers, executives, and developers to learn more about information cards. And it's not just a Microsoft thing....
-
To those who came to my talks at TechEd 2008 Developers , thank you! Be sure to fill out an evaluation before you leave; scores matter a lot to the conference organizers, so let them know what you thought. Here is the code from my ADFS talk. Here is the...
-
This is a minor update. Here's what was changed (from the readme file): Incorporated a patch from Richard Howells to give you the option to turn on/off the "Always On Top" behavior of the main form. I still recommend not keeping PWM in memory...
-
This is new; J.D. and crew are hosting it on CodePlex to get feedback. From J.D.'s blog : Our patterns & practices WCF Security Guidance Project is in progress on CodePlex. This is our first release of prescriptive guidance modules for WCF Security...
-
Thanks to all of YOU who attended my claims-based identity postconference here at DevWeek. Grab the demos from here . Updated (20 Mar 2008) with new link.
-
In my quest to get unit testing and code coverage, I was disappointed to find that NCover requires administrative privileges to run. I posted on their forum about this , and was informed that the authors "haven't had a good enough reason" to fix the problem...
-
Before posting my discussion of code signing cert costs , I took a quick look at my trusted root store and didn't find anything by Comodo. I guess I should have looked more closely. There it is! Apparently John's found an excellent deal . It turns out...
-
UPDATE: It turns out that John *did* find a bargain. Please be sure to read this followup post . In my recent post about Windows Live OneCare Firewall and Security, I mentioned that code signing certificates aren't cheap. If you look at the major vendors...
-
Over the last few years the software industry has been figuring out better ways of solving security problems. One of the remaining conundrums has been figuring out where to put authorization logic. When you start thinking about this, you often end up...
|
|
|
|
|
|