Clarity, Technology, and Solving Problems | PracticeThis.com
WP7 App with Key Windows Azure resources – Slides, Videos, How-To’s, and T-shooting – for quick consumption on the go.
The information in this post is based on Windows Identity Foundation Config.xml file that ships with WIF SDK.
<certificateValidation> controls the settings that token handlers will use to validate certificates, unless those handlers have their own validators set.
<certificateValidator> allows for a custom type to be specified for certificate validation. This type will only be used if the certificateValidationMode is set to "Custom"
<certificateValidator type="CustomType" />
<maximumClockSkew> Controls the maximum allowed clock skew when performing time-sensitive operations such as validating the expiration time of a sign-in session. Defaults to 5 minutes.
<maximumClockSkew value="00:05:00" />
<serviceCertificate> controls the certificate used for token decryption. In the case of an Information Card relying party, this should be the SSL certificate of the web site. Any certificate that is identified must have a private key and the private key must have appropriate access control permissions so that it may be read by the application pool identity.