Just a quick link-post, but two really worth paying attention to.
First up is Mehran’s post on recommended practices for WCF. Mehran is on my team, and is one of a few guys that seem to know so much about WCF sometimes I think I need to spin up a service host just to understand what they’re saying. I certainly need them to throttle the message throughput. </rubbish-techy-jokes>
Anyway, secondly is a codeplex beta release of the patterns & practices “Improving Web Services Security” (subtitled “Scenarios and Implementation Guidance for WCF”). Perhaps “WCF Security Guide” in the URL is a little more succinct, but you get the drift. This looks like it will be a great reference for security scenarios, so check it out.