WCF Security Guidance

If you’re looking for pragmatic guidace for securing your WCF services, look no further. The WCF Security project has been posting how-to documents and videos on its community site. Now is the perfect time to give the team feedback. They aren’t done yet and are completely willing, able, and even looking forward to apply your…


The first of many ARCasts on Web Service Security

Just got the email from Ron that he’s just posted an ARCast on Web service security. I’m listening to the ARCast now … this was created from a webcast Ron, Jason, and Fred did in September titled Web Services Security Patterns (Level 300). I was supposed to be on this one, but something came up at…


Message Protection

I look in the window of his office and he’s banging away on the keyboard. It doesn’t look like he’s on disney.com or IMing with his Aussie mates – it looks like real work. A few minutes later an IM window is telling me to link to a blog entry on message protection. Okay, so…


Jason is blogging … woohoo!

It’s about time! Jason is the program manager on the Integration & Web Service program on the patterns & practices team (the same program I’m the product manager of). Jason is a really sharp guy and he knows a lot about Web services. I think this is going to be a really great blog. Also, now you have two…


Prizes for best bugs

Jason is offering prizes for the best bugs found in our October CTP release of the Web Service Security Patterns. Here are the details. Help us find bugs in our October CTP! Compare your security knowledge with the best in the world… As WSE 3.0 gets closer to RTM we are finalizing the testing of…


Web Service Security Patterns: October CTP Released

I’m a couple days late with this entry, but I’d be remiss for not mentioning it at all. This release is a substantial improvement over the past releases. We added even more patterns and updated the implementation patterns to take advantage of WSE 3.0. The WSE 2.0 implementation patterns have been removed from this release….


Web Service Security Patterns: August CTP just dropped

Just a quick note to let you know that we just posted the August CTP release of the security patterns content to the community at http://practices.gotdotnet.com/projects/sopatterns. The biggest change from the last release is the inclusion of the Kerberos implementation pattern (that’s right, how to implement the KerberosToken in WSE 2.0) and the Kerberos primer in…