| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 |
http://sts.labs.live.com/ does not presently support the June CTP of WinFX, we are working on an update to the site that should be released in the near future.
There are also a couple of known issues with CardSpace (was InfoCard) in the June CTP:
InfoWorld has discovered the Microsoft Live Labs STS. This wasn't by design, we're keeping a low-profile at the moment while we work through early teething problems.
Speaking of which, we posted a Known Issues page today that covers some of the problems that you might experience when working with the site and the STS itself. We also tweaked the site a little to handle Windows Live ID authentication problems in a more graceful fashion.
We've opened the doors on our experimental Security Token Service today, you can find all the details here.
For the moment, the focus of the STS is on using the InfoCard technology in WinFX Beta 2 to enable authentication with the STS and to obtain a security token from it (SAML 1.1).
Of course, an STS isn't much use without sites or services that use it for authentication, so we've also enabled the Microsoft Live Labs Relay Service to use the STS. Better still, we allow you to register your own site or service and federate with the STS yourself.
Over the coming weeks and months, we are planning a series of incremental feature releases for both the STS and the Relay service.
The official blog for the STS is here; the blog for the Relay is here.
WSE 3.0 will be available on MSDN for download this Monday, 7th November to coincide with the Visual Studio 2005 launch. This also includes two completely re-written Hands on Labs, a swath of samples in C# and VB along with updated whitepapers.
Congratulations to the team!
A couple of documents worth reading to get some context on what we're doing in the Identity space:
The Identity MetaSystem
The Laws of Identity
I've been silent the last few months on WSE topics, the reason is actually simple: at the turn of the year I changed roles (was he pushed or did he jump?) to work on Active Directory Federation Server (ADFS) and InfoCard.
ADFS will ship as part of the Windows Server 2003 R2 release and implements the WS-Federation Passive Profile, over time ADFS will evolve to become a full-blown WS-Federation / WS-Trust Security Token Service. InfoCard, a system for managing your identities, will be part of Indigo.
Whilst I'm a little sad to have left WSE behind, I'm sure that Mark will do a good job of herding the cats for the next release.
Bruce Schneier is reporting that SHA-1 has been broken. Interesting.
Matt Powell links to an article by Keith Brown on UsernameToken security. Worth reading.
The Hands On Lab materials for WSE have been updated for the WSE 2.0 SP2 release and now include VB.NET code as well as C#. If you're looking to get started with WSE 2.0, these provide some great grounding material.
Service Pack 2 is final and available on MSDN.
There was one additional fix between the Pre-Release and the final build involving policy processing for clients that do not send the WS-Addressing headers. In this case, request policy was being applied correctly but response policy would not be applied.
Please report any issues you find on the product to wsefeed.