I am horribly behind schedule with my blog, I still have to post a wrapup of IIW but didn't find the time so far; however I want to quickly comment on the recent coverage of the Fedlet (see Pat himself here and Paul here).
I attended the nice IIW session during which Pat demonstrated the fedlet. I found it interesting and strangely familiar.At a certain point I could not help myself and asked: "Pat, just for the sake of expressing things in the terminology of a domain I am comfortable with: would it be fair to say that the fedlet is a resource STS?". Pat thought for a moment about it, then nodded vigorously (& translated for the rest of the audience :-)).
If that's the case, I concur that it is a very agile tool for handling claim transformation without "polluting" the entire directory with local settings while still keeping the resource itself clear from identity management code. That's exactly why I love R-STSes! I would assume that things said here and here apply, with the obvious adaptations for the technological differences