Like Dominick Baier and Christian Weyer of Thinktecture , I also wondered why I couldn't use a UsernameToken with Transport Security in WCF v.1. I wanted to put together a simple demo for a client and that feature just wasn't there. Dominick mentions in this post it will finally be available in WCF 3...

Once again, for the 4th year in a row, I enjoyed the one conference I make sure to book well in advance. I haven't traveled to conferences as much this year, instead focused on client-related work. This was one conference, however, I was really looking forward to attending and presenting. I am originally...

I will be speakinzg at the Heartland Developers Conference 2007 , which takes place October 17-19 in Omaha, NE. This will be my 4th year speaking at the conference (I was there at the beginning) and it has continued to get bigger and better each year. Both Joe and Phil have done an excellent job in putting...

I will be speaking at the New England Code Camp 8: Rise of the Silverlight Surfer at the Microsoft offices in Waltham, MA on September 29-30. I will be speaking on the following security topics: Penetration Testing of Web Applications Secure Code Reviews: What are the ingredients? There is already a...

I will be speaking on the topic: "Web Services Security: Where are we now?" this coming Wednesday, September 12, 2007, at the Boston .NET Users Group meeting at Microsoft, Waltham, MA. There has been some interesting talk lately, including this years BlackHat USA 2007 in July on the current state of...

I was in a user group meeting recently with Patrick Hynds speaking about Identity and presenting demos on Windows CardSpace . Someone in the audience mentioned it would be great to see Microsoft start using this for some of their websites (I agree!). Well, here it is: LiveID + CardSpace . Also, take...

I have been mostly silent for the past year as I have been busy working with a client in Western Massachusetts on a very interesting ASP.NET 2.0 project (using C# 2.0). I had the pleasure of working with one of the best teams I have seen in my career -- all were bright, willing to learn, and up to the...

I have posted my slides on my site for last week's talk on Introduction to Windows CardSpaces at the Southern CT .NET Users Group meeting on June 12. It was a good meeting, but there were a lot of questions about how well will this technology be adopted. Unfortunately, at the moment, it is still a sparse...

I will be speaking at the Southern Connecticut .NET User Group on June 12 from 6:00 pm to 8:00 pm. You can get directions, etc. from their web site here . Here is the abstract: Introduction to Windows CardSpace location: At Pitney Bowes Inc Tuesday, June 12, 2007 6:00 PM - 8:00 PM Windows CardSpace enables...

Over the weekend at the New England Code Camp 7 conference, I mentioned briefly about some of the potential security problems with AJAX. Dana Epp has a post about the new class of attack vectors using Javascript Hijacking against AJAX, and ultimately, ATLAS, applications. He points to a research paper...