Just added another scenario to the Cloud Identity Scenarios and Solutions for Developers including solution approach, code sample, walkthrough . Courtesy of Todd Foust who created it all from scratch. The scenario is distributed application with ASP.NET web app calling to the back end WCF (SOAP) web service. Users are authenticated using Windows Live ID. End user’s security context needs to flow down to the WCF service.
Custom STS using WIF and ACS are used to solve this scenario, read the whole story here - ASP.NET Relying Party to WCF (SOAP) Relying Party Delegation With Windows Live ID